On Tue, Mar 04, 2008 at 12:02:25AM +, Adrian P wrote:
* Exploring the UNKNOWN: Scanning the Internet via SNMP! *
http://www.gnucitizen.org/blog/exploring-the-unknown-scanning-the-internet-via-snmp/
Hacking is not only about coming up with interesting solutions to
problems, but also
Well, such statement is simply derived from my personal experience of
doing application-layer UDP scanning. Never ran a proper benchmark to
compare speed results to be honest.
On Tue, Mar 4, 2008 at 8:53 AM, Sebastian Krahmer [EMAIL PROTECTED] wrote:
On Tue, Mar 04, 2008 at 12:02:25AM +,
cDc's goolag tool is pretty cool but here is an online alternative for
those of you who are interested: http://www.gnucitizen.org/ghdb/
pdp
--
http://www.gnucitizen.org
http://www.gnucitizen.com
GNUCITIZEN
___
Full-Disclosure - We believe in it.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Core Security Technologies - CoreLabs Advisory
http://www.coresecurity.com/corelabs
Multiple vulnerabilities in Google's Android SDK
*Advisory Information*
Title: Multiple vulnerabilities in Google's Android SDK
Advisory ID:
[19:15] lsi2lsi: hiya! ... so i was nearly vished today ...
[19:16] lsi2lsi: mobile rings - hello, we're calling from Lloyds TSB,
if you are not [name], you must press 2
[19:16] lsi2lsi: if you ARE [name], please press 1
[19:17] lsi2lsi: ..etc.. i went to bank - they'd never heard of such
a
[Forwarded from DailyDave]
Tom Clancy just writes about how cool the Catholic religion is. His
latest novel is all about someone trying to talk about format strings
and buffer overflows, you can call them fish. I've read Dawson's
Creek novels that were better written. Now, telling the public the
###
Luigi Auriemma
Application: Versant Object Database
http://www.versant.com/en_US/products/objectdatabase
Versions: = 7.0.1.3
Platforms:Windows, Solaris, HP-UX, AIX, Linux
http://www.smh.com.au/news/security/hack-into-a-windows-pc--no-password-needed/2008/03/04/1204402423638.html
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia -
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200803-09
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200803-08
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
2008/3/4, Ivan . [EMAIL PROTECTED]:
http://www.smh.com.au/news/security/hack-into-a-windows-pc--no-password-needed/2008/03/04/1204402423638.html
Here is a (totally unofficial) mirror of Metlstorm's files in case you
can't reach his overloaded website :-\
I guess the release of this tool makes physical access pen-tests a little
bit easier huh? Will have to try this out some time.
Steven
http://www.smh.com.au/news/security/hack-into-a-windows-pc--no-password-needed/2008/03/04/1204402423638.html
___
An in-depth overview of a currently active malware IFRAME campaign,
that's targeting ZDNet Asia and TorrentReactor's search engine
optimization practices of generating, and locally caching the search
queries pages, thereby positioning the now cached popular keywords
with the IFRAME between the
The key to the vulnerability: To use the tool, hackers must connect a
Linux-based computer to a Firewire port on the target machine. The
machine is then tricked into allowing the attacking computer to have
read and write access to its memory.
I assume this makes it a local login, not a domain
On Mon, Mar 3, 2008 at 2:31 PM, worried security
[EMAIL PROTECTED] wrote:
[02:40] worried do you think cyber terrorism is real or its just the
government softening ppl up for a couple of false flags for a reason
to bomb iran?
[02:49] worried the u.s are still deciding where to build the cyber
Actually, it's full system compromise -- if the machine is joined to a
domain, then any domain account credentials known to that machine are
compromised as well.
And yes, the same capability exists not only on Macs but on any computer
that implements the Firewire specification. (details at
Actually, it's full system compromise -- if the machine is joined to a
domain, then any domain account credentials known to that machine are
compromised as well.
And yes, the same capability exists not only on Macs but on any computer
that implements the Firewire specification. (details at
On Tue, 04 Mar 2008 19:00:33 EST, Larry Seltzer said:
So does the same capability exist on Macs?
What, don't you remember? :)
Google for the phrase Owned by an iPod...
pgppkWLA8zBDg.pgp
Description: PGP signature
___
Full-Disclosure - We believe
From: [EMAIL PROTECTED]
Site: http://www.vashnukad.com
Application: Linux Kiss Server v1.2
Type: Format strings
Priority: Medium
Patch available: No
The Linux Kiss Server contains a format strings vulnerability that, if run
in foreground mode, can be leveraged for access. The vulnerability is
Mar 03 23:00:49 worried then non-us hackers will stop posting
to mailing lsits
you will stop posting php include exploit ?
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
worried security wrote:
On Mon, Mar 3, 2008 at 2:31 PM, worried security
[EMAIL PROTECTED] wrote:
[02:40] worried do you think cyber terrorism is real or its just the
government softening ppl up for a couple of false flags for a reason
to bomb
21 matches
Mail list logo