On Fri, 9 Jun 2006, E Mintz wrote:
How about some real-world, application specific exploits?
There's an example of a XSS that can be used to compromise Cisco Web VPN
session in the text.
So, please show me an example of an actual compromise and I'll listen.
Otherwise, put up, or shut up!
===
Ubuntu Security Notice USN-288-2 June 09, 2006
postgresql-8.1 vulnerabilities
CVE-2006-2313, CVE-2006-2314
===
A security issue affects the following Ubuntu releases:
Dear bugtraq@securityfocus.com,
It was reported anonymously with request to post to lists.
Windows Software Restriction Policy Protection Bypass
Author: Anonymous
Class: Restrictions bypass
Vector: Local
Vendor: Microsoft
Sofware: Windows XP SP2,
-
Advisory id: FSA:007
Author:Federico Fazzi
Date: 09/06/2006, 6:10
Sinthesis: Docebo CMS 3.0.3, Remote command execution
Type: high
Product: http://www.docebolms.org/
Patch: unavailable
How about some real-world, application specific exploits?
SSL VPN is hardly a 'novelty' or 'recent' technology. I implemented my
first SSL VPN in '99 at a large financial, and it is still in
production, and secure
So, please show me an example of an actual compromise and I'll listen.
Otherwise,
==
Secunia Research 09/06/2006
- SelectaPix Cross-Site Scripting and SQL Injection Vulnerabilities -
==
Table of Contents
Affected
==
Secunia Research 07/06/2006
- AutoMate unacev2.dll Buffer Overflow Vulnerability -
==
Table of Contents
Affected
Very good information, we use F5 firepass products and I could see the same
issue inherinet in your statements. The benefits to the business, from a cost
perspective, are many, no need for tokens unless you are doing 2-factor auth,
which I encourage as it will check your personal PIN against
Hi
snip
Message: 14
Date: Thu, 8 Jun 2006 18:07:27 -0700
From: Bill Stout [EMAIL PROTECTED]
Subject: RE: [Full-disclosure] Want to test this desktop barrier?
(Unauthorized offer) 0day protection
snip
It is conceptually different than AV or AS products, which is which is why I fall
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
The RSBAC team is happy to announce that RSBAC 1.2.7 has just been
released for both kernels 2.4.32 and 2.6.16.
This is the latest stable version. There is no special upgrade path if
you were using 1.2.6 or 1.2.5
Simply compile, install the new admin
Hi all
Here is a request to please do not merge Debian Mailing List's Mails with Full Disclosure-- \ßµªSKãR†|wãri
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by
u d0 realize th4t u r g4y
deb1an iz a well kn0wn whitehat diztr0, we do not require deb1anz
presence in teh non dizclosure society and theze forums is where u 4ll
rally your gay whitehat dizcussionz.
s0 mr afghan m4n stfu kthx or face the concequencez
On 6/9/06, ßµªSKãR †|wãri [EMAIL PROTECTED]
===
Ubuntu Security Notice USN-293-1 June 09, 2006
gdm vulnerability
CVE-2006-2452
===
A security issue affects the following Ubuntu releases:
Ubuntu 5.10
Ubuntu 6.06 LTS
===
Ubuntu Security Notice USN-288-3 June 09, 2006
dovecot, exim4, postfix vulnerabilities
CVE-2006-2314, CVE-2006-2753
===
A security issue affects the following Ubuntu
===
Ubuntu Security Notice USN-294-1 June 09, 2006
courier vulnerability
CVE-2006-2659
===
A security issue affects the following Ubuntu releases:
Ubuntu 5.04
Ubuntu 5.10
===
Ubuntu Security Notice USN-295-1 June 09, 2006
xine-lib vulnerability
CVE-2006-2802
===
A security issue affects the following Ubuntu releases:
Ubuntu 5.04
Ubuntu
This MS answer speaks volumes to their approach to security (I had
similar made to me in the past)
09.06.06 - Vendor response
Software Restriction Policy and Group Policy are not meant to be
complete security features...For full security, we recommend using ACLs
to protect the
chroot for windows :P
good stuff.
On Thu, 2006-06-08 at 10:14 -0700, Bill Stout wrote:
34422VS279429422K44W
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted
I am wondering if NetDev is the same guy who claimed he was going to
summon a UFO to Vegas last year. Or at the least that Crossover guy.
I see a computer, Keys, disks, code.
I see a hole, a leak, a hack, a 0-day.
___
Full-Disclosure - We believe in
Hello MZ,
I think SSL VPNs are a pretty lame idea in the first place, but for the
specific problem you bring up, would the following design work around
this?
Set up a wildcard record, *.webvpn.example.org, pointing to the device.
The device then maps all internal domain names or IP addresses to
On 6/9/06, Tim [EMAIL PROTECTED] wrote:
Set up a wildcard record, *.webvpn.example.org, pointing to the device.
The device then maps all internal domain names or IP addresses to a
unique hostname, such as: internalhost.webvpn.example.org, or
192-168-0-1.webvpn.example.org, etc.
Wouldn't this
On 8 Jun 2006 at 22:48, Michal Zalewski wrote:
Web VPN or SSL VPN is a term used to denote methods for accessing
company's internal applications with a bare WWW browser, with the use of
browser-based SSO authentication and SSL tunneling. As opposed to IPSec,
no additional software or
Set up a wildcard record, *.webvpn.example.org, pointing to the device.
The device then maps all internal domain names or IP addresses to a
unique hostname, such as: internalhost.webvpn.example.org, or
192-168-0-1.webvpn.example.org, etc.
This has the side effect of making procurement of the
That depends on whether the solution tries to solve single-sign-on
problems as well. If the vendor is trying to handle SSO in such an
environment, then they are probably using domain cookies. The
problems are exactly the same as the ones Michal listed, plus some
additional ones specific to
Set up a wildcard record, *.webvpn.example.org, pointing to the device.
The device then maps all internal domain names or IP addresses to a
unique hostname, such as: internalhost.webvpn.example.org, or
192-168-0-1.webvpn.example.org, etc.
This has the side effect of making procurement of
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200606-07
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
SSL certificates are free. You just have to have enough knowledge to
distribute your own CA certificate. For a VPN appliance, this should
not be a problem at all, since only your trusted users should be
accessing it. Even if you aren't competent enough to figure out how to
distribute your own
again, redirecting a tor user to a 403 requires you to sit and think up of
a workaround. perhaps you aren't able to come up with one or you don't
want to take the time/effort. this means i've effectively deterred you from
using tor to get to the website. now if you care about the website more
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Fri, Jun 09, 2006 at 11:47:59AM -0400, Michael Holstein wrote:
again, redirecting a tor user to a 403 requires you to sit and think up of
a workaround. perhaps you aren't able to come up with one or you don't
want to take the time/effort. this
But remember your rights stop when the rights of others start. So,
if a give admin wants people who use Tor to be blocked from his
particular site, it is his right. I might not agree with it, but
I'll defend his right to do so. After all, it is his site. If he
was to do that (and makes a clear
Your interpretation of the Internet is a bit distorted.
On 6/9/06, Michael Holstein [EMAIL PROTECTED] wrote:
If you want to make your website private, don't put it on the Internet.
--
ME2
___
Full-Disclosure - We believe in it.
Charter:
Your interpretation of the Internet is a bit distorted.
We're not talking about authenticated websites here (perhaps I should
have made that more clear), nor are we talking about using TOR, etc. for
malicious purposes.
For the purpose of this (largely theoretical) argument, I meant
Understood. :-)
On 6/9/06, Michael Holstein [EMAIL PROTECTED] wrote:
Your interpretation of the Internet is a bit distorted.
We're not talking about authenticated websites here (perhaps I should
have made that more clear), nor are we talking about using TOR, etc. for
malicious purposes.
For
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Fri, Jun 09, 2006 at 12:33:39PM -0400, Michael Holstein wrote:
Your interpretation of the Internet is a bit distorted.
We're not talking about authenticated websites here (perhaps I should
have made that more clear), nor are we talking about
Most websites rely on cookies, sessions and javascript. If a user can't
live with that, I'm very sorry but there's nothing I can do.
Same about corporate networks where people way high on the food chain
demand full access, no firewall control or even transparent filtering.
On Fri, 9 Jun 2006
While I agree (mostly), getting the ISPs to do what you suggest will
never happen. If I, Joe Clueless User, have a bot running on my PC
spamming half the world, and my ISP notices this and shuts me off, what
will I do?
Most people would call the ISP tech support and say my web doesn't
No he didn't. Someone please tell me he didn't... I guess we'll be
seeing Rocco's out of office message for a while...
On Fri, 2006-04-14 at 16:46 +0200, Rocco Maiullari wrote:
Guten Tag !
Leider kann ich Ihre e-mail nicht sofort beantworten, da ich mich bis
einschl. 21.04.2006 nicht im
On 6/9/06, Cardoso [EMAIL PROTECTED] wrote:
Most websites rely on cookies, sessions and javascript. If a user can't
live with that, I'm very sorry but there's nothing I can do.
Actually, no, most websites don't. I use a deny by default cookie
policy, and NoScript, and nearly every single
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Fri, Jun 09, 2006 at 02:37:45PM -0300, Cardoso wrote:
I wonder how much of a daily mail traffic is made of autoresponders and
whitelist-challenge messages.
I would not know, since my procmailrc send all those whitelist-challenge
messages
Michael Holstein [EMAIL PROTECTED] wrote:
First, I'm a long time supporter of Tor and a staunch advocate of
anonymity and privacy.
I also believe your interpretation of the Internet is a bit...
distorted. :)
We're not talking about authenticated websites here (perhaps I should
have made that
Sure, it's trivial to create self-signed certs (or run a CA), but
distributing your cert (or the CA cert) to all but a handful of clients
is a logistical nightmare.
For company managed laptops, it is trivial to distribute via normal
software distribution processes. For non-managed systems
On 6/9/06, Rodrigo Barbosa [EMAIL PROTECTED] wrote:
Just because a park is a public place doesn't give me the write
to, lets say, drive a car over the grass.
Even if public places there are rules that should be followed.
Yea, but if you steal a car or take off your license plate and drive
On 6/9/06, Tim [EMAIL PROTECTED] wrote:
For non-managed systems (which you
shouldn't allow into your network via a VPN anyway), installing a CA
cert is as simple as clicking on a link ONCE, and installing the cert.
This cert can be distributed over a VeriSign secured SSL connection.
Are you
Are you referring to telling end-users to click Accept this
certificate permanently box on the certificate warning pop-up? Or is
there a software package out there that can do this without the
warning pop-up?
In Windoze, if you have a .cer file, and did the use fields correctly
when you
- EXPL-A-2006-003 exploitlabs.com Retro Advisory 001 -
- ASPListpics -
RETRO-RELEASE DATE:
===
Nov 11, 2004
Duplicate Release: June 06, 2006
by: r0t
http://pridels.blogspot.com/2006/06/asp-listpics-43-xss-vuln.html
rPath Security Advisory: 2006-0099-1
Published: 2006-06-09
Products: rPath Linux 1
Rating: Minor
Exposure Level Classification:
Weakness
Updated Versions:
openldap=/[EMAIL PROTECTED]:devel//1/2.2.26-8.3-1
openldap-clients=/[EMAIL PROTECTED]:devel//1/2.2.26-8.3-1
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200606-08
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
Who is this n3td3v? Only posts i find from him is just words like we
the rulez group we are the best you all are stupid internet is
ours or similar.
If this has been posted before please do forgive me, i found this while
looking around for amusing background info
to pass my slowly moving
LOL
You know, I came here for the information.
But I stay solely for the entertainment.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Rob Connon
(Info)
Sent: Friday, June 09, 2006 3:49 PM
To: Sergej
Cc: full-disclosure@lists.grok.org.uk
Subject: Re:
This is definitely has more luxury features, but couldn't you do pretty
much the same with MSDN's DROPMYRIGHTS program?
It runs {whatever} program as a guest user, effectively dropping the
capabilities of that program to do nefarious things.
--
Sincerely,
Dan,
Sure both methods will prevent many viri from taking over your
computer, but notice there is a major difference. You obviously have
not used a limited account before because usually software developed
for Windows will require some configuration or settings change in
order to correctly
It's very light on the machine, does not slows down the browser. It also
gives acess to clipboard and other features outside the sandbox.
The site claims it works with Internet explorer, and it's their default
browser, but I opened Firefox, browsed around a little, changed a lot of
On 6/9/06, ßµªSKãR †|wãri wrote:
Hi all
Here is a request to please do not merge Debian Mailing List's Mails with
Full Disclosure
Why? If they pertain to security vulnerabilities, they surely belong
on Full Disclosure.
Any information pertaining to vulnerabilities is acceptable, for
This has been publically known and disclosed for many years, since XP
Pro was first released.
-Original Message-
From: 3APA3A [mailto:[EMAIL PROTECTED]
Sent: Friday, June 09, 2006 4:05 AM
To: bugtraq@securityfocus.com; full-disclosure@lists.grok.org.uk
Subject: Windows Software
Hi Dan,
There's a couple of ways it differs.
1. Programs running in DROPMYRIGHTS and RunAs can still access files and
directories to which 'everyone' has access. It's not common for someone
to check rights of every single directory in a computer to check who has
access to what. A virtualized
Good point about symantec
On 6/3/06, n3td3v [EMAIL PROTECTED] wrote:
We're the biggest security group around, theres nothing you can say to
change that. We are professionals who work at the major dot-coms and
earn all the money, you people are just stupid. You call us lame but
look at you. None
I do not get your point about n3td3v . i also do not get Good point
about symantec
Are you stating that Symantec is not trustworthy ?
Javor Ninov aka DrFrancky
http://securitydot.net
Alexander Hristov wrote:
Good point about symantec
On 6/3/06, n3td3v [EMAIL PROTECTED] wrote:
We're the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 1095-1[EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
June 10th, 2006
58 matches
Mail list logo
