I don't think you understand what a NULL pointer dereference is. It is
referencing NULL. NULL as in 0x00. Not 0x00+some_reg, that would now be
something greater than 0 and hence IT IS NOT DEREFERENCING NULL.. AKA NOT A
NULL DEREFERENCE.
His point remains valid, how is a free(NULL) exploitable for
Potko,
Do you know any real hacker ?
On Fri, Feb 27, 2009 at 2:34 AM, Petko D. Petkov
pdp.gnuciti...@googlemail.com wrote:
Hi Bob,
Thank you for your concerns. The truth is that I've been incredibly
busy lately both in my personal and professional life and therefore I
am not so active at
Wonderful.
On Fri, Feb 27, 2009 at 1:49 AM, Ivan . ivan...@gmail.com wrote:
http://olylug.org/read.php?73,13757
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia
Ha, What happends when people see that they have to use wine to launch
windows exe's?
On Fri, Feb 27, 2009 at 10:49 AM, yersinia yersinia.spi...@gmail.comwrote:
Wonderful.
On Fri, Feb 27, 2009 at 1:49 AM, Ivan . ivan...@gmail.com wrote:
http://olylug.org/read.php?73,13757
Welcome to FD sometimes there is some fear mongering
On Fri, Feb 27, 2009 at 1:04 AM, julio sanchez pete.sanc...@gmail.comwrote:
No virus in there, it's a normal cap file...
2009/2/26 srl security.research.l...@gmail.com
Don't open the pcap file in wireshark ! Is exploiting a hole in
congratulations on getting out of your 10 year coma. Hopefully 2009 serves
you well
On Fri, Feb 27, 2009 at 1:26 AM, Joshua Russel joshua.rus...@gmail.comwrote:
Hi Friends,
Can someone give me some pointers on an effective and new user-mode
keyboard logging and system-call interception
matasano moved on to XSS now?
On Thu, Feb 26, 2009 at 10:54 PM, Stephen Komal steve...@gmail.com wrote:
Dan Guido, Mike Zusman, Erik Cabetas, Dean De Beer, Dino Dai Zovi,
Stephen A. Ridley
___
Full-Disclosure - We believe in it.
Charter:
I've been using Gmail and thought you might like to try it out. Here's
an invitation to create an account.
---
bob jones has invited you to open a free Gmail account.
To accept this invitation and register for your account,
thanks for you reply, at least you take the time to write your fans, unlike
other authors on the list.
On Thu, Feb 26, 2009 at 6:34 PM, Petko D. Petkov
pdp.gnuciti...@googlemail.com wrote:
Hi Bob,
Thank you for your concerns. The truth is that I've been incredibly
busy lately both in my
Hi,
Michal with all due respect I'd like to beg to differ (and maybe be
too nitpicky here).
MZ Vulnerabilities are a subset of software engineering bugs.
I do not think this is the case (lack of the term software). How's
this for being nitpicky ? ;)
In my book, maybe only in mine, a software
On Fri, 27 Feb 2009, Thierry Zoller wrote:
If we want to arrive at a state where risk can be managed, it needs
to be measured. And if we aren't that far in 2009 I pity us all.
One of the most difficult tasks in risk management has always
been the measurement factorability. Many books have
[Thierry Zoller]
In my book, maybe only in mine, a software bug is security relevant
(sorry for the lack of clarity - it's late over here) as soon as
Integrity / Availabilty / Confidentiality are under arbritary direct
or indirect control of a another entity (i.e attacker). Period,
This is
The people you saw who discovered the vulnerability (including myself)
are students at a University. Yes we're ninjas in training, so XSS
for now. :) We were very fortunate to have Guido run the course and
the rest as guest lecturers, who spoke on a variety of topics.
On Fri, Feb 27, 2009 at
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Version Tested: 5.x-1.3 on Drupal 5.15
The Drupal Protected Node module
(http://drupal.org/project/protected_node) is designed to restrict
access to nodes using passwords. When nodes are created they can be
protected by selecting 'protected node'
On Fri, 27 Feb 2009 08:03:46 CST, J. Oquendo said:
By the way, I'm now selling a Risk Management and Scoring
tool for $19.99 that will allow you to enter a program and
define what you think the risk is. The program will allow
you to pick your target: CIO, CEO, CSO. It will then go
out and
I vulnerability could technically be ANYTHING of value to the attacker
that is out of the programs normal, expected, or believed behavior.
Many people have many different views and that is why some
vulnerabilities are published, some are not. A bug that is usually
considered just a bug could have
On modern linux desktops, a simple double click is usually that an exe
needs if WINE is installed and integrated right.
On Fri, Feb 27, 2009 at 4:06 AM, James Matthews nytrok...@gmail.com wrote:
Ha, What happends when people see that they have to use wine to launch
windows exe's?
On Fri, Feb
By the way, I'm now selling a Risk Management and Scoring
tool for $19.99 that will allow you to enter a program and
define what you think the risk is. The program will allow
you to pick your target: CIO, CEO, CSO. It will then go
out and create a custom chart to maximize your budgetary
Hello,
PoC code for testing the MSL-2008-002 vulnerability
HTC Touch vCard over IP Denial of Service
is now available at:
http://poc.mseclab.com/pocs/MSL-2008-002-PoC.py
The code provide means for demonstrating the HTC Touch vCard over IP
DoS by sending vCards to port UDP/9204 of the target IP
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-1728-1 secur...@debian.org
http://www.debian.org/security/ Florian Weimer
February 27, 2009
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hello, folks,
We have published a revision of our IETF Internet-Draft entitled On the
implementation of TCP urgent data. The document is available at:
http://tools.ietf.org/id/draft-gont-tcpm-urgent-data-01.txt (you can
also get the document in
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2009:059
http://www.mandriva.com/security/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2009:060
http://www.mandriva.com/security/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hello Fernando!
We have confirmed this behavior on several revisions of MacOSX.
Thanks!
- -bm
On Fri, 27 Feb 2009 13:51:30 -0500 Fernando Gont
fernando.g...@gmail.com wrote:
Hello, folks,
We have published a revision of our IETF Internet-Draft
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2009:061
http://www.mandriva.com/security/
Original Message
Subject:FW: Notice to all employees
Date: Fri, 27 Feb 2009 15:42:20 -0300
Subject: Notice to all employees
Date: Tue, 24 Feb 2009 13:06:14 -0500
Dear employees,
Due to the current financial situation caused by the slowdown of the
economy,
Steve:
I consulted your site at http://www.bytebusters.com/ for more
information about these new policies and how they might impact your
employees and prospective customers, but only found an announcement
regarding a trojan horse in OpenSSH. Please expound further on these
initiatives, and see if
On Friday 27 February 2009 16:42:27 Stephen Menard wrote:
Original Message
Subject: FW: Notice to all employees
Date: Fri, 27 Feb 2009 15:42:20 -0300
Due to the current financial situation caused by the slowdown of the
economy, Management has decided to
28 matches
Mail list logo