-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 1172-1[EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
September 9th, 2006
On 9/8/06, Tim <[EMAIL PROTECTED]> wrote:
[..]
Hello,
Sorry to change the subject slightly here on this thread, but I was
wondering about this before the topic came up.
Given the problems with using the tar format for file distribution,
What problems ?
there any other simple, non-compressed
>I was checking out Windows PE checksums.
>And found they do not seem to get checked when executing a .exe file.
Windows surely take care of PE checksum, specially when executing files
that are protected by System File Checker (windows file protection).
>Neither does 'dumpbin' check the checks
Hi,
I was checking out Windows PE
checksums.
And found they do not seem to get checked when
executing a .exe file.
Neither does 'dumpbin' check the
checksum.
Does anyone know of a program (Ideally free and
ideally open source) that checks PE checksums ?
Aaron
Log flooding vulnerability in ``sftplogging" patch
Severity: low
Anthony Martinez (Pi), [EMAIL PROTECTED]
August 20, 2006
Synopsis
sftplogging patches rely on sysklogd to catch repeated messages. This could be
exploited by a malicious user with an account, and cause the syslogd to be
inundated
On 9/8/06, Hadmut Danisch <[EMAIL PROTECTED]> wrote:
Hi,
I recently tested an RSA SecurID SID800 Token
http://www.rsasecurity.com/products/securid/datasheets/SID800_DS_0205.pdf
The token is bundled with some windows software designed to make
user's life easier. Interestingly, this software pro
Most people who compile software do so as a normal user, not as root.
You can not expect every piece of software to explicitly state do not be
root.
It is not the developers who dictate who can compile software, it is
good form for them to make it so a normal user can compile software and
i
You might want to look at:
http://www.networksecurityarchive.org/html/Web-App-Sec/2005-02/msg00089.html
for a discussion of this issue and the soft token issue.
--
---Matthew
*** REPLY SEPARATOR ***
On 9/7/2006 at 8:49 PM [EMAIL PROTECTED] wrote:
>Hi,
>
>I recently tes
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDKSA-2006:163
http://www.mandriva.com/security/
___
On Fri, Sep 08, 2006 at 01:38:00PM -0500, Gerald (Jerry) Carter wrote:
> Your logic is false here. If the kernel maintainers
> and developers say don't compile as root and you
> do it anyways, That's your choice.
Your assumption is false here. The kernel maintainers DO NOT say this:
Read the R
rPath Security Advisory: 2006-0165-1
Published: 2006-09-08
Products: rPath Linux 1
Rating: Major
Exposure Level Classification:
Remote Deterministic Weakness
Updated Versions:
mailman=/[EMAIL PROTECTED]:devel//1/2.1.6-14.2-1
References:
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name
rPath Security Advisory: 2006-0166-1
Published: 2006-09-08
Products: rPath Linux 1
Rating: Major
Exposure Level Classification:
Remote Deterministic Denial of Service
Updated Versions:
bind=/[EMAIL PROTECTED]:devel//1/9.3.2_P1-0.1-1
bind-utils=/[EMAIL PROTECTED]:devel//1/9.3.2_P1-0.1-1
Cross Context Scripting in Firefox Sage Extension.
http://www.gnucitizen.org/blog/cross-context-scripting-with-sage
This proves that Firefox Extensions can be as dangerous as random
flash or quicktime media files. Moreover, the POC provides a real
example of how RSS feed Hacking really works.
--
On 9/8/06, Hadmut Danisch <[EMAIL PROTECTED]> wrote:
Ironically, if Microsoft distributed such files everyone would shout
"hidden backdoor!"
That's a fact, but don't forget that the upstream kernel is not being
shipped as part of an update to a commercial product. Besides,
permissions are not h
> Don't. Untar. Archives. As. Root.
>
> It's that simple.
>
> Or are you also going to complain about the fact that there are tar
> versions out there that don't strip a leading / from the archive?
> Much fun can be had when you carelessly extract as root, then.
Hello,
Sorry to change the subj
On Fri, Sep 08, 2006 at 08:17:05PM +0200, Hadmut Danisch wrote:
> It may sound funny to consider tar as the wrong tool, but it is.
Don't. Untar. Archives. As. Root.
It's that simple.
Or are you also going to complain about the fact that there are tar
versions out there that don't strip a leadin
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hadmut Danisch wrote:
> Really? Both means to do what is standing in
> the Makefile. Both is executing the Makefile.
That's like saying ping should run as root
since it reads /etc/hosts.
> If you cannot trust the kernel source to compile
> it as
-- Forwarded message --
Date: Fri, 08 Sep 2006 09:00:51 -0700
From: Anthony Baker <[EMAIL PROTECTED]>
To: No List <[EMAIL PROTECTED]>
Subject: [Privacy] Sexbaiting Social Experiment on Craigslist Affects Hundreds
Hey MB,
Was just trolling through some of my RSS feeds and
On 9/7/06, Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]
<[EMAIL PROTECTED]> wrote:
Better workaround is to upgrade.
[chokes on his coffee]
What ... you mean "upgrade to a later version of Word" ?
I don't think I'll ever be doing that, unless you can show me some
really horrible thing in Wo
Hi Jerry,
On Fri, Sep 08, 2006 at 12:06:41PM -0500, Gerald (Jerry) Carter wrote:
> >
> > So how would you do
> >
> > make install
> > make modules_install
>
> Building and install are separate operations.
Really? Both means to do what is standing in the Makefile.
Both is executing th
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hadmut Danisch wrote:
> On Fri, Sep 08, 2006 at 10:55:32AM -0500, Gerald (Jerry) Carter wrote:
>> It is my understanding that the permissions are
>> intentionally set that way.
>
>
> yup, it's not accidentally, it set intentionally.
> But intention
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hadmut Danisch wrote:
> Hi,
>
> there's a severe vulnerability in the Linux kernel
> source code archives:
It is my understanding that the permissions are
intentionally set that way.
This hash been discussed several times over the
past year.
http:
On Thu, Sep 07, 2006 at 05:04:39PM -0400, Troy Cregger wrote:
>
> kernel-2.6.17-gentoo-r7 seems OK.
>
> $ find /usr/src/linux-2.6.17-gentoo-r7/ -perm -666 ! -type l | wc -l
> 0
> $
The debian kernel is OK as well.
It's just the upstream kernel which has this flaw.
But this shows that gent
Haven't seen this mentioned before, but it's part of AT&T's explanation of
how a PI was able to falsely obtain the phone records of Thomas J. Perkins,
the board member who resigned over the illegal investigation:
http://www.thesmokinggun.com/archive/0905061hp3.html
[transcribed by me from th
On Fri, Sep 08, 2006 at 10:55:32AM -0500, Gerald (Jerry) Carter wrote:
>
> It is my understanding that the permissions are
> intentionally set that way.
yup, it's not accidently, it set intentionally.
But intention does not imply security.
> This hash been discussed several times over the
Yeah, I know... I was just venting my spleen. I just really hate to
see that kind of thing. How can people learn if they can't ask
questions?
Now if the comment had been along the lines of "Why are you asking
this on Full Disclosure? This is for announcing security alerts.
Perhaps another list
Hi Hadmut!
On 7 Sep 2006, at 20:23, Hadmut Danisch wrote:
Hi,
there's a severe vulnerability in the Linux kernel source code
archives:
The Linux kernel is distributed as tar archives in the form of
linux-2.6.17.11.tar.bz2 from kernel.org. It is usually unpacked,
configured and compiled un
Hi mismail, list,mismail wrote>the pin is one time unique! has anyone ever come across a setup like this?Check out PINSafe by Swivel Secure (2 factor - unique PIN sent by email or sms) I found it during some app testing
It looked very good apart from the way it was implemented:Badly, it allowed
Steven,
You'll have better luck asking the Pen Testing mailing list than this
list. I have seen Full Disclosure go steadily downhill over the last
few months. In fact after this email, I'm unsubscribing from this
useless list.
These days it appears you get nothing but script-kiddies and people
Hello:
We’ve been advised about the vulnerability. I’m
contacting you only to confirm that we are working on it internally and we will
contact you next week in order to give you more information about this issues.
Best Regards,
Yolanda Ruiz
Expansion Division Director
___
Hadmut Danisch wrote:
> On Fri, Sep 08, 2006 at 12:52:22AM +0530, Raj Mathur wrote:
>> I wouldn't know if something has changed drastically between 2.6.16
>> and 2.6.17.11, but:
>>
>> [EMAIL PROTECTED]:~$ find /usr/src/linux-2.6.16/ -perm -666 ! -type l
>> [EMAIL PROTECTED]:~$
>>
>> Not a single wo
On Thu, Sep 07, 2006 at 08:23:04PM +0200, Hadmut Danisch wrote:
> Hi,
>
> there's a severe vulnerability in the Linux kernel source code archives:
>
>
a similar problem was published sometime ago:
http://attrition.org/security/advisory/gobbles/GOBBLES-16.txt
--
j
EOM
_
Hi Steve,
Yes I was aware that the LastLogon property is not replicated among ADs and
therefore, in my script, I query for the LastLogon property value of every
user at every AD within our domain and eventually I keep record of the last
date registered among all the controllers.
It seems that
-BEGIN PGP SIGNED MESSAGE-
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf
> Of Hadmut Danisch
> Sent: 07 September 2006 19:23
> To: full-disclosure@lists.grok.org.uk; bugtraq@securityfocus.com
> Subject: [Full-disclosure] Linux kernel source
Hello Angel,
You are aware that the lastLogon property isn't
replicated right? If you have a multi-domain
controller environment, you have to poll each DC for
the lastLogon value to get an accurate value. That was
probably the reason for the inconsistency. I have
already validated that AD Inspecto
The short answer is, no it does not get updated.
In-fact, up until windows 2003 it was only updated on the domain
controller which serviced the authentication request and even on 2003 it
doesn't replicate quickly enough to allow you to query just one DC to
obtain an definitive answer without check
Hi
We have recently developed a script to gather detailed user information from
our AD in order to identify user accounts not used for a long time and proceed
with deletion of such users.
During our test, at least we have observed that the LastLogon property is
changed not only with the inte
On Fri, Sep 08, 2006 at 11:44:02AM +0100, Lee Ball wrote:
>
> Sorry to add my 2 pence worth but I noticed that Raj ran his command as
> a normal user and you Hadmut have ran yours as root. Isn't it going to
> be ok as the directories above these world writeable files aren't
> writeable/readable by
Hi Roland,
On Fri, Sep 08, 2006 at 11:16:35AM +0200, Roland Kuhn wrote:
> Hi Hadmut!
>
> This is a FAQ, and a pretty lame one; see e.g. the first google hit
> for 'linux kernel tarball permissions':
>
> http://www.gatago.com/linux/kernel/6136874.html
1. If this is a known issue and it is *s
39 matches
Mail list logo