-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
John Cartwright is perpetrating global conflict by censoring
n3td3v's 0days and commenting.
Opinion by Andrew Wallace. Published by a believer in free speech
who knows Andrew Wallace is an super spy expert. Luyk a jelly
samwich amirite?
Is banning
Come on mate seriously its getting boring, if any serious security threats are
out there then drop the info and man up, stop with the bullshit of making
netdev a poor internet meme, because that's all it is..
-Original Message-
From: full-disclosure-boun...@lists.grok.org.uk
Boring?
Amusing more likely.
On Mon, Mar 1, 2010 at 9:53 AM, McGhee, Eddie eddie.mcg...@ncr.com wrote:
Come on mate seriously its getting boring, if any serious security threats
are out there then drop the info and man up, stop with the bullshit of
making netdev a poor internet meme, because
Perhaps this news could be of interest to someone on this lists.
http://www.free-press-release.com/news-united-states-department-of-defense-embraces-hacker-certification-to-protect-us-interests-1267435223.html
Regards
___
Full-Disclosure - We believe
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
back off kid
n3td3v is trying to save lives here
yahoo messenger has 0days. now if gadi evron and the mossad were to
get onto that, it wouldn't be a good thing, now would it?
On Mon, 01 Mar 2010 08:53:53 + McGhee, Eddie
eddie.mcg...@ncr.com
Yahoo massager has 0days? No way!
On Mon, Mar 1, 2010 at 8:53 AM, intel unit n3t...@hush.ai wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
back off kid
n3td3v is trying to save lives here
yahoo messenger has 0days. now if gadi evron and the mossad were to
get onto that, it
Hey all,
I released a version of my Internet Exploiter 2 exploit from 2005 that
bypasses DEP. If you are familiar with my Internet Exploiter series of
exploits and/or are interested in how to use heap-spraying to bypass DEP,
you may like this:
Hi there,
I just noticed that authenticated users for the admin area of a wordpress
blog may inject code into database queries, when the plugin Analytics360
is activated.
### BASIC INFORMATION ###
Plugin Name: Analytics360
Plugin URI:
http://crowdfavorite.com/ loads fine here.
On Mon, Mar 1, 2010 at 4:03 PM, Jan G.B. ro0ot.w...@googlemail.com wrote:
Hi there,
I just noticed that authenticated users for the admin area of a wordpress
blog may inject code into database queries, when the plugin Analytics360
is activated.
Simon: What you need is a constant source of income. I suggest you
study TAO Spam (more than just inboxing, mind you.)
You will need an anonymous corporation for fund intake. You will want
a business bank account. You will want to transfer the funds that come
into your account into electronic
OK, well - before I get 1 replies: the question was a rhetoric one.
2010/3/1 Benji m...@b3nji.com
http://crowdfavorite.com/ loads fine here.
On Mon, Mar 1, 2010 at 4:03 PM, Jan G.B. ro0ot.w...@googlemail.comwrote:
Hi there,
I just noticed that authenticated users for the admin area
On Mon, 01 Mar 2010 08:06:23 GMT, intel unit said:
Let's just say we haven't been able to release any information to
the public for over a year now.
We don't have anywhere we can post information.
You can post to Bugtraq, your own blog, pass it to people you know on F-D that
might pass
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2010:051
http://www.mandriva.com/security/
On Mon, 01 Mar 2010 04:49:57 GMT, Simon Garfinkle said:
Have any advice for living out of a bag? Any stories? Any lessons?
Hit up one of the survivalist websites or magazines, look for info on
living off the land. Learn bowhunting - a rifle tends to draw attention
outside the local hunting
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I am stopping using this web log its just being used by people not
interested in national security to paste my work to Full-disclosure
mailing list to misrepresent me and my group.
They tried to say I was a hacker with 0-day, I am furious.
We are
*I have 26 0days and can hack anything if
the price is right. And I sell them to the bad guys, for the lulz.
I think being disloyal and a hypocrite is hilarious.
I am a consummate civil servant, if I do say so myself.
*
You are a funny troll. I like your posts :)
--
Ai, santa!
On Mon, Mar 1, 2010 at 3:48 PM, intel unit n3t...@hush.ai wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I am stopping using this web log its just being used by people not
interested in national security to paste my work to Full-disclosure
mailing list to misrepresent me
Hahahahahahahaha!
Urlan
2010/3/1 M.B.Jr. marcio.barb...@gmail.com
Ai, santa!
On Mon, Mar 1, 2010 at 3:48 PM, intel unit n3t...@hush.ai wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I am stopping using this web log its just being used by people not
interested in
I really couldn't give a flying rat's posterior what you think. You are
an utter twerp who only adds noise to this list.
Go away.
intel unit wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I am stopping using this web log
blah blah blah shut up twerp
On 3/1/10 8:30 AM, valdis.kletni...@vt.edu valdis.kletni...@vt.edu
wrote:
... Giardia out in the woods is a horrid
way to die a slow death.
Giardia, isn't that the new shopping mall restaurant chain?
___
Full-Disclosure - We believe in it.
Charter:
On Mon, 01 Mar 2010 18:48:22 GMT, intel unit said:
We are security experts nothing to do with hackers and 0-day.
I don't have just 1 0day. I have 26 0days and can hack anything if
the price is right.
Cognitive dissonance FTW. ;)
pgpYOFX7gs9ut.pgp
Description: PGP signature
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I'm not interested in this kind of behaviour from young people.
You had the opportunity to read an experts view of national
security and intelligence and you blew it.
You decided to use and abuse my web log postings for your own self
satisfaction.
On Mon, 01 Mar 2010 18:48:22 GMT, intel unit said:
We are security experts nothing to do with hackers and 0-day.
I don't have just 1 0day. I have 26 0days and can hack anything if
the price is right.
01.03.10 21:37, valdis.kletni...@vt.edu:
Cognitive dissonance FTW.;)
Or
intel unit wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
You decided to use and abuse my web log postings for your own self
satisfaction.
... dude, it'll be a cold day in hell before I use anything from *you*
for self satisfaction O.O
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
why dont you use your big words to explain how is it fair that im
banned here
i am trying to save lives. i pose as a minor in yahoo chatrooms and
let old fat blokes message me.
i expose them.
im a mi5 honeytrap and the government is going to come
why dont you use your big words to explain how is it fair that im
banned here
Banned? How then would it be that you're still here?
im a mi5 honeytrap and the government is going to come to me and
ask for my help. i record videos of these guys jerking off and
forward them to mark seiden.
Oh come
I spend my career working against hackers, proposing new laws and
lobbying the government to make life difficult for hackers.
The only career you've done so far is as a drug addict, and you're doing
that pretty well.
___
Full-Disclosure - We
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I expanded on Jon Butler's exploit and was able to inject a Meterpreter
payload into the remote process despite the buffer's small size (268
bytes). This was done by overwriting the ret value with part of the
Meterpreter payload.
- - Explanation of
... who the fuck cares?
Go away.
andrew.wallace wrote:
If you haven't noticed yet guys its not me.
Why keep some youngster like that going by letting the list think its me?
Andrew
___
Full-Disclosure - We believe in it.
Charter:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2010:052
http://www.mandriva.com/security/
ZDI-10-022: IBM Informix librpc.dll Multiple Remote Code Execution
Vulnerabilities
http://www.zerodayinitiative.com/advisories/ZDI-10-022
March 1, 2010
-- CVE ID:
CVE-2009-2753
-- Affected Vendors:
IBM
-- Affected Products:
IBM Informix
-- TippingPoint(TM) IPS Customer Protection:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
MY NAME IS ANDREW WALLACE AND I AM BEING BUGGED OUT OF MY MIND BY
THE INTELLIGENCE ESTABLISHMENT.
SOMEONE HELP.
Yahoo probably hired assassins to take me out. This is probably
going to end up on valleywag or something.
Sorry guys. I won't be coming
ZDI-10-023: Multiple Vendor librpc.dll Signedness Error Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-023
March 1, 2010
-- CVE ID:
CVE-2009-2754
-- Affected Vendors:
IBM
EMC
-- Affected Products:
IBM Informix
EMC NetWorker
-- TippingPoint(TM) IPS
On Mon, 01 Mar 2010 22:39:56 GMT, intel unit said:
SOMEONE HELP.
Take your meds and call us in the morning. Seriously.
Yahoo probably hired assassins to take me out. This is probably
going to end up on valleywag or something.
(a) Apply Occam's Razor - which is simpler and more likely, that
Just for the record.
---snip---
#!/bin/sh
# Tod Miller Sudo 1.6.x before 1.6.9p21 and 1.7.x before 1.7.2p4
# local root exploit
# March 2010
# automated by kingcope
# Full Credits to Slouching
echo Tod Miller Sudo local root exploit
echo by Slouching
echo automated by kingcope
if [ $# != 1 ]
then
On Sat, 27 Feb 2010 12:42:30 -0800
mark seiden m...@yahoo-inc.com wrote:
it's true that yahoo is hiring security people, though, typically not as
consultants
but as employees -- programmers and engineers who are clueful about
security.
Really?
Cause they could sure use some
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Yahoo has a ton of cash and a lot of experience put into make a
great experience.
But they do have those embarrassing security flaws you just
mentioned.
Also, they're not even using cellphone calling or having real
people man cracked email accounts.
Malisimo
Kingcope wrote:
Just for the record.
---snip---
#!/bin/sh
# Tod Miller Sudo 1.6.x before 1.6.9p21 and 1.7.x before 1.7.2p4
# local root exploit
# March 2010
# automated by kingcope
# Full Credits to Slouching
echo Tod Miller Sudo local root exploit
echo by Slouching
echo
It seems my English is not as good as I thought and I accidentally led Ryan
Naraine http://blogs.zdnet.com/security/?p=5573, Larry
Seltzerhttp://skypher.com/index.php/2010/03/01/internet-exploiter-2-dep/#comments
and
probably others to come to conclusions such as that I released a weaponized
0-day
Thanks SkyLined. I was confused a bit but I held off writing anything
till I understood it better.
Getting back on to the point I think you were trying to make, you imply
that 32-bit address space is insufficient for the randomization in ASLR.
Actually now don't they only use 256
Give yourself a break, schizoid.
-Original Message-
From: intel unit [mailto:n3t...@hush.ai]
Sent: 01 March 2010 14:53
To: full-disclosure@lists.grok.org.uk; McGhee, Eddie
Subject: RE: [Full-disclosure] full disclosure is an intelligence blackhole
-BEGIN PGP SIGNED MESSAGE-
Valdis,
Man, why do you even bother responding to this troll? I mean, I find your
response amusing (as always), but doesn't it eat up a fair amount of your
time to keep responding to this guy?
On Mon, Mar 1, 2010 at 5:07 PM, valdis.kletni...@vt.edu wrote:
On Mon, 01 Mar 2010 22:39:56 GMT,
iDefense Security Advisory 03.02.10
http://labs.idefense.com/intelligence/vulnerabilities/
Mar 02, 2010
I. BACKGROUND
IBM Lotus Domino includes an ActiveX control called Domino Web Access,
which provides Web-based access for Lotus Notes users. The control
features functionality that is used for
43 matches
Mail list logo