Networksecurity.fi Security Advisory (21-12-2005)
Title: dtSearch DUNZIP32.dll Buffer Overflow Vulnerability
Criticality: High (3/3)
Affected software: dtSearch versions prior than 7.20 Build 7136
Author: Juha-Matti Laurio
Date: 21th December, 2005
Advisory ID: Networksecurity.fi Security Advisor
omfg!! hehe i love FD!! Hi Gaurav, Hi Debashish, Hi MorningWood
On 12/22/05, Morning Wood <[EMAIL PROTECTED]> wrote:
> Gaurav,
> go back to using Cain to spy on your co-workers for your corrupt boss.
> and btw, you dont hack servers then go to the company to ask for a tender
> to provide security
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Reed Arvin wrote:
> Sir,
>
> On Windows 2000 operating systems the default permissions for the root
> of the OS drive is Everyone/Full Control. However, with Microsoft
> operating systems newer than Windows 2000 administrative privileges
> are ne
remove me please
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Hi Reed, I'm unable to verify that. I'm sure someone else will. Regardless, as indicated by the previous Full-Disclosure posting by Pretty Vacant, the behavior you're speaking about has been known for years. Sorry you wasted your time. It's clear you were unaware of the previous resear
Sir,
On Windows 2000 operating systems the default permissions for the root
of the OS drive is Everyone/Full Control. However, with Microsoft
operating systems newer than Windows 2000 administrative privileges
are necessary. Thank you for your comment.
Regards,
Reed
On 12/22/05, Steven Rakick <[
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200512-12
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
Vendor: Webwasher (http://www.webwasher.com/)
Product: Webwasher CSM Appliance
Affected versions: CSM Suite 5.x
Author: .v0rt3x (d0tv0rt3x[at]gmail[d0t]com)
Date: 2005-Dec-22
Background
"...Webwasher appliances provide high-performance "Proactive
Filtering" of bidirectional SMTP, HTTP, HTT
See: http://lists.grok.org.uk/pipermail/full-disclosure/2005-May/033909.html It's not a vulnerability as it requires administrative privs in the first place.
Yahoo! DSL Something to write home about. Just $16.99/mo. or less___
Full-D
How often does McAfee try to run this file?
-Jeff Wilder
CISSP,CCE,C/EH
-BEGIN GEEK CODE BLOCK-
Version: 3.1
GIT/CM/CS/O d- s:+ a C+++ UH++ P L++ E- w-- N+++ o-- K- w O- M--
V-- PS+ PE- Y++ PGP++ t+ 5- X-- R* tv b++ DI++ D++
G e* h--- r- y+++*
--END GEEK
Reed Arvin wrote:
>The issue occurs when the naPrdMgr.exe process attempts to run the
>C:\Program Files\Network Associates\VirusScan\EntVUtil.EXE file. Because of
>a lack of quotes the naPrdMgr.exe process first tries to run
C:\Program.exe.
>If that is not found it tries to run C:\Program Files\Net
Does anyone know how to get in contact with the Toshiba Bluetooth Stack
development team or any other related staff? This web form and others
are pretty much useless.
http://aps.toshiba-tro.de/bluetooth/pages/contact.php
-KF
___
Full-Disclosure - We
I emaild the Administrators 2 months ago - the only response I got was something like:"We will look into it, but we may or may not change anything on the page - who knows; we wont tell you!".I called them and the guy on the phone laughed at me.
Here are the links / examples:
Original:
https://www.
Gaurav,
go back to using Cain to spy on your co-workers for your corrupt boss.
and btw, you dont hack servers then go to the company to ask for a tender
to provide security services ( its called blackmail, but I guess that prety
common
in Hyderabad ). Have a nice life backstabber!
cheers,
MW
IANAL.. but from what I know:
> 1. Legality of port/vulnerability scanning.
None, perfectly legal in most cases
> 2. Legality of writing/possessing exploit code.
Not illegal to write or own exploit code.
> 3. Legality of writing/possessing worm/virus code.
Not illegal to write
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Gaurav Kumar
Sent: Thursday, December 22, 2005 11:10 PM
To: full-disclosure@lists.grok.org.uk
Subject: Re: [Full-disclosure] new attack technique?
usingJavaScript+XML+OWSPost Data
>> All I have to say is tha
On Thu, 22 Dec 2005, wilder_jeff Wilder wrote:
> All,
>
> I have a Windows 2000 terminal server that is consistantly sending out
> broadcasts to 255.255.255.255:111... below is a capture from a snort box I
> have running. In the last 18 hours I have had about 2000 packets from this
> box to this
All that I can say is, stop creating several new Ids
and give a pat on your own shoulder Yet to see new Ids created in Yahoo, msn
and others besides those gmail only ids.
- D
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Test
DriveSent: Thursday, December 22, 2005 1
( Original article: http://reedarvin.thearvins.com/20051222-01.html )Summary:Privilege escalation in McAfee VirusScan Enterprise 8.0i (patch 11) and CMA
3.5 (patch 5) (http://www.mcafee.com/)Details:By default the naPrdMgr.exe process runs under the context of the Local System account. Every so
On 12/22/05, Debasis Mohanty <[EMAIL PROTECTED]> wrote:
You surely must be a clone of Gaurav !! Ain't you ??
>
name pipe [mailto:[EMAIL PROTECTED]] brazenly wrote:
>> Before flaming others just
look at urself. wtf u do moron debasis , sell nessus reports for 5K,
without even removing false
Basically Gaurav, we should tell a moron that he is a moron.By the look and feel of his website anyone can tell how mature he is, leave the content alone.Otherwise known as tr0y claims many things which we know are have no true existance.
His resume is full of shit, lolz "Key-loggers with back-door
You surely must be a clone of Gaurav !! Ain't you ??
>
name pipe [mailto:[EMAIL PROTECTED] brazenly wrote:
>> Before flaming others just
look at urself. wtf u do moron debasis , sell nessus reports for 5K,
without even removing false +ives ??
lol !!
Is that what you do ??
>> This i
All I have to say is that we should cut the crap. I just thought of a
possible attack scenario which I proved using a PoC and posted to this
mailing list for discussion and constructive feedback which can help
in developing more secure applications.
All I got from debasis is "PISS OFF, LAME, KID,
Linux Kernel Socket Buffer Memory Exhaustion DoS Vulnerability
iDefense Security Advisory 12.22.05
http://www.idefense.com/intelligence/vulnerabilities/display.php?id=362
December 22, 2005
I. BACKGROUND
Linux is a clone of the operating system Unix, written from scratch by
Linus Torvalds with a
Smells like "Windows Services for Unix" (a.k.a. "SFUX") to me.
A very oddball product that never made any real market penetration.
Check to see if it's installed in Add/Remove Programs. Then hose it.
On 12/22/05, wilder_jeff Wilder <[EMAIL PROTECTED]> wrote:
>
> All,
>
> I have a Windows 2000 t
Dear wilder_jeff Wilder,
UDP/111 (Sun RPC) is not used in Windows environment. Either you use
some services for Unix, i.e. MS services for Unix, 3rd party NFS/NIS/etc
support or this is result of privileged user/trojan/backdoor activity.
--Thursday, December 22, 2005, 8:16:48 PM, you wrote to
Before flaming others just look at urself. wtf u do moron debasis
, sell nessus reports for 5K, without even removing false +ives ??
This is ur elite resume ->
http://seclists.org/lists/security-jobs/2003/Oct/0156.html hahaha
Ethical Hacker omfg. You trying to be next fadia or wat ? Do you
All,
I have a Windows 2000 terminal server that is consistantly sending out
broadcasts to 255.255.255.255:111... below is a capture from a snort box I
have running. In the last 18 hours I have had about 2000 packets from this
box to this address about every 30 seconds. Snort reports the sign
Keep it up moron !!
> oh yes, i am a kid compared to u (i am 22 and 27, so i am 5 years
> kidder than u)
Shit !! Another several years ppl has to tolerate your stupidity till you
actuall _grow up_.
> Tell me one thing, a Windows XP + Offfice XP + Internet explorer
> combination so rare ?
I
I have read most of these replies to this topic. I swore I would never make
a statement on the web about any government. No matter who or what part of
the world they live in. So, to keep from making one. I'll just wish every
one a happy holiday. And I think he did this for he feels like he is Go
typo- i am 22 and YOU ARE 27, so i am 5 years kidder than u.
On 12/22/05, Gaurav Kumar <[EMAIL PROTECTED]> wrote:
> oh yes, i am a kid compared to u (i am 22 and 27, so i am 5 years kidder than
> u)
>
> The _real_ thing is that I proved the point.
> U told win xp will give access denied error. I
oh yes, i am a kid compared to u (i am 22 and 27, so i am 5 years kidder than u)
The _real_ thing is that I proved the point.
U told win xp will give access denied error. I proved u wrong with the
proof attached.
U told above technique wont work...i proved u wrong.
Tell me one thing, a Windows XP
Anybody know a good attorney in the U.S. who specializes in computer
security laws? For example they should be able to answer questions
concerning:
1. Legality of port/vulnerability scanning.
2. Legality of writing/possessing exploit code.
3. Legality of writing/possessing worm/virus code.
4.
Kid,
Although I normally don't reply to such frivilous and lame statements but
your reply has seriously piss me off.. So dropping few lines, perhaps will
help you grow up !!
-Original Message-
>> From: Gaurav Kumar brazenly wrote:
>> Looks like u need to read again what i wrote. I didnt
On Wed, Dec 21, 2005 at 11:46:00PM -0500, [EMAIL PROTECTED] wrote:
> On Wed, 21 Dec 2005 13:51:14 +0100, Joachim Schipper said:
> > Though I wonder what the point is - it's not likely to be all that hard
> > to run the code on another system. The main point seems to be to prevent
> > administrators
(The following advisory is also available in PDF format for download at:
http://www.cybsec.com/vuln/CYBSEC_Security_Advisory_httprint_Multiple_Vulnerabilities.pdf)
CYBSEC S.A.
www.cybsec.com
Advisory Name: httprint Multiple Vulnerabilities
==
Vulnerability Class: Denial of Service, Arbi
Hi
Given the recent activity I felt it best to make a statement regarding
my decision to temporarily moderate certain individuals.
After weeks of attempting to solve the issue through diplomacy, I have
come to the unfortunate conclusion that this selective moderation is
necessary for a short per
Anybody know a good attorney in the U.S. who specializes in computer
security laws? For example they should be able to answer questions
concerning:
1. Legality of port/vulnerability scanning.
2. Legality of writing/possessing exploit code.
3. Legality of writing/possessing worm/virus code.
4.
In case any one is interested.
b
-- Forwarded Message: -- From: "Richard Piedrahita" <[EMAIL PROTECTED]> To: Subject: Security and Contingency Planning Date: Thu, 22 Dec 2005 03:10:11 + Hi Everyone: I have a hypothetical situation and two questions: Hypothetical S
http://seclists.org/lists/fulldisclosure/2005/Jan/0015.html
>"n3td3v owns you all, even you self proclaimed and so-called experts
>and professionals."
teh b1tch0z dunt zwn m3
>"n3td3v, the greatest! Yahoo sec admins are no use. "
1tz fu¦\¦y teh 3ng3sh w3rkoz in teh p0st
http://seclists.org/lis
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 925-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
December 22nd, 2005
> It would seem to me that two-factor authentication
> (implemented correctly) would be perfect for this matter.
>
> I saw that someone wrote earlier that the one time token from the two-factor
> could just be logged and entered in again real quickly. I don't know this
> to be the case. For exam
>
> Not Exactly !! I wud rather suggest you to do a little more research and
> draw any conclusion. Keep those _Security Zones_ in mind before you post
> anything...
>
>
I did the research on Windows XP SP2
The script with ActiceX and XML was uploaded to
http://www.geocities.com/gaurav_e2/exp.html
43 matches
Mail list logo