Full-Disclosure mailing list submissions
Tanks
Tedleo
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Hi
T Biehn wrote:
The point really wasnt this trick (which was about eliminating LEAD-TIME) it
was more so to prompt a discussion around various trivial tricks to write a
more 'reliable botnet'.
Shortly: use coupious numbers of normal-looking domain names instead of
a single obviously random
Yes, its possible, I mapped out something on a high level that would
use rss/xml and would evade most detection methods on the network...
Problem comes in is that stuff gets detected at infection-time and
gets reverse engineered. Stealthy botnets is easy, stealthy infection
is trickier.
On
Libero Cross-Site Scripting Vulnerability - Security Advisory - SOS-09-001
Release Date. 23-Feb-2009
Vendor Notification Date. 20-Oct-2008
Product. Libero
Platform. Windows (verified), possibly others
Affected versions. Libero v5.3 SP5 (verified), possibly others
Severity Rating. Medium
II would use something like UDP or IGMP and modify the packets slightly. I
know that most routers will just pass them on and not worry about a few
weird things.
On Mon, Feb 23, 2009 at 2:56 PM, John C. A. Bambenek, GCIH, CISSP
bambenek.info...@gmail.com wrote:
Yes, its possible, I mapped out
On Sat, Feb 21, 2009 at 9:30 PM, valdis.kletni...@vt.edu wrote:
On Fri, 20 Feb 2009 09:24:29 EST, Smoking Gun said:
Ironically, your own quotecompanyquote offered penetration testing
services at the insane pricing scheme of we'll pentest0r joo for free
and if we find something you can pay us
1- We could do this ad infinitum, but this list's lack of usual moderation
does not mean your opinion is
either respected, welcomed, or desired by anyone, Mr. Mugabe. But hey, at
least Valdis was on topic, right? Circular arguments get us everywhere!
2- Further, I for one welcome Valdis'
On Mon, Feb 23, 2009 at 8:57 AM, Smoking Gun pentesterk...@gmail.comwrote:
On Sat, Feb 21, 2009 at 9:30 PM, valdis.kletni...@vt.edu wrote:
On Fri, 20 Feb 2009 09:24:29 EST, Smoking Gun said:
Ironically, your own quotecompanyquote offered penetration testing
services at the insane
On Mon, Feb 23, 2009 at 10:26 AM, Michael Krymson krym...@gmail.com wrote:
On Mon, Feb 23, 2009 at 8:57 AM, Smoking Gun pentesterk...@gmail.com
wrote:
Blah blah gross personal speculation blah...
At any rate, if CEO Cloe decides to hire a pen-tester for $1,000 and gets
back a scan with
Look at me all smiles like a proud papa.
-Jesus
On Mon, Feb 23, 2009 at 8:31 AM, James Matthews nytrok...@gmail.com wrote:
II would use something like UDP or IGMP and modify the packets slightly. I
know that most routers will just pass them on and not worry about a few
weird things.
On
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
snip
...stealthy infection is trickier.
/snip
but not impossible, checkout Symantec/F-Secure joint analysis of
mebroot: https://forums.symantec.com/t5/blogs/blogprintpage/blog-
id/malicious_code/article-
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2009:050-1
http://www.mandriva.com/security/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2009:051
http://www.mandriva.com/security/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Mr. Krymson,
1. Valdis' replies fall under other commonly used Latin phrases,
such as ad nauseam that the slightly educated use in conversation
to attempt emulation of both higher levels of education and
intelligence than they actually possess. Nice
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200902-06
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200902-05
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2009:049-1
http://www.mandriva.com/security/
Magento Multiple Cross-Site Scripting Vulnerabilities - Security Advisory -
SOS-09-002
Release Date. 24-Feb-2009
Vendor Notification Date. 21-Jan-2009
Product. Magento
Platform. Linux / PHP (verified), possibly others
Affected versions. Magento 1.2.0 (verified), possibly others
Severity Rating.
(-8
{Annnouncing CodeGate 2009 | hacking defense contests}
CodeGate invites the best hackers out there to strut their stuff in
Seoul, South Korea this spring.
[Hacking Festival]
A $35,000 prize will be awarded to the best hackers from around the world.
To win the prize, teams must first place
My apologies, it appears that http://beist.org/codegate2009.txt has prize
money clarifications.
The Festival offers a ~$26500 USD prize and the Defense Contest pays ~$7300
USD
On Mon, Feb 23, 2009 at 10:51 PM, leet kune l33t.kune...@gmail.com wrote:
(-8
{Annnouncing CodeGate 2009 | hacking
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
VMware Security Advisory
Advisory ID: VMSA-2009-0002
Synopsis: VirtualCenter Update 4 updates Tomcat to 5.5.27
Issue date:2009-02-23
21 matches
Mail list logo
