==
Secunia Research 27/09/2011
- Novell GroupWise Internet Agent TZNAME Parsing Vulnerability -
==
Table of Contents
Affected
==
Secunia Research 27/09/2011
- Novell GroupWise Internet Agent HTTP Interface Buffer Overflow -
==
Table of Contents
Affected
Well yeah, if the system that's designed to protect you isn't functioning, then
you aren't protected and all sorts of bad things can happen.
When services starts up, the root service executable looks through a registry
key to find all the services that should be run. It then executes the value
the trick is to find one that is writable while logged in as a less priveleged
user and then overwrite the executable. Anti virus executables are typically a
good place to start :)
tasklist /fi USERNAME eq NT AUTHORITY\SYSTEM”
Image Name PID Session Name Session#Mem
So their patching method merely introduced another exploitation method?
Reminds me of some of Oracles patches...
On Tue, Sep 27, 2011 at 3:18 AM, Pablo Ximenes pa...@ximen.es wrote:
Some of you might consider this blog post of value: http://ximen.es/?p=534
Thanks,
Pablo Ximenes
Hope this sends correctly, new email client and all... But seeing as it is
an international investigation many people have been bending over backwards
to assist LEO on this. HMA and perfect privacy were the VPN's of choice for
them it would appear, oh, and he was part of the #pure-elite channel on
Ok, now nobody can spoof a URL, but how come a user will tell good
URLs and bad ones apart? Oh boy!
Wherever did you get the idea that users can do this?
___
Full-Disclosure - We believe in it.
Charter:
On Tue, Sep 27, 2011 at 3:26 PM, Dan Kaminsky d...@doxpara.com wrote:
Ok, now nobody can spoof a URL, but how come a user will tell good
URLs and bad ones apart? Oh boy!
Wherever did you get the idea that users can do this?
Jokes apart, I do find it annoying that URLs aren't expanded
On 28 September 2011 01:00, Mario Vilas mvi...@gmail.com wrote:
On Tue, Sep 27, 2011 at 3:26 PM, Dan Kaminsky d...@doxpara.com wrote:
Ok, now nobody can spoof a URL, but how come a user will tell good
URLs and bad ones apart? Oh boy!
Wherever did you get the idea that users can do this?
If you hover over the t.co links the alt= tag holds the real url.
On Tue, Sep 27, 2011 at 4:11 PM, dave bl db.pub.m...@gmail.com wrote:
On 28 September 2011 01:00, Mario Vilas mvi...@gmail.com wrote:
On Tue, Sep 27, 2011 at 3:26 PM, Dan Kaminsky d...@doxpara.com wrote:
Ok, now nobody can
Aparently twitter is back to normal, t.co isn't showing in place of
every URL anymore.
This was indeed temporary while they were fixing things as mentioned.
Att,
Pablo Ximenes
http://ximen.es/
http://twitter.com/pabloximenes
2011/9/27 Benji m...@b3nji.com:
If you hover over the t.co links
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-2311-1 secur...@debian.org
http://www.debian.org/security/Florian Weimer
September 27, 2011
#pure-elite , rofl... yes indeed :P
hehe... nice story tho...funny about the elite channel thing... why do ppl
tag themselves as elite? usually when they are not...
ohwell, thats efnut :s (irc sucks)
xd
On 27 September 2011 19:03, Darren Martyn d.martyn.fulldisclos...@gmail.com
wrote:
Hope
yeah, and usually the same goes for calling others kids ;)
On Tue, Sep 27, 2011 at 10:30 PM, GloW - XD doo...@gmail.com wrote:
#pure-elite , rofl... yes indeed :P
hehe... nice story tho...funny about the elite channel thing... why do ppl
tag themselves as elite? usually when they are not...
Lolz members was really insane ,i m not why to use that crapy hma.
On Sep 27, 2011 8:36 PM, Ferenc Kovacs tyr...@gmail.com wrote:
yeah, and usually the same goes for calling others kids ;)
On Tue, Sep 27, 2011 at 10:30 PM, GloW - XD doo...@gmail.com wrote:
#pure-elite , rofl... yes indeed :P
On 9/27/2011 10:10 PM, sandeep k wrote:
Lolz members was really insane ,i m not why to use that crapy hma.
On Sep 27, 2011 8:36 PM, Ferenc Kovacs tyr...@gmail.com
mailto:tyr...@gmail.com wrote:
yeah, and usually the same goes for calling others kids ;)
On Tue, Sep 27, 2011 at 10:30 PM,
Hello Laurelai ,
Oh i agree it is still a terrible precedent to be set.. I dont even know
where, legally, i stand anymore...
It is rather disturbing, nomatter WHO it was laurela.
I am all for the hatred against the VPN provs, and this is not just
happening here, and i made a BIG statement
Im suprised, someone on the internet who *doesn't * hate me :p
On Sep 27, 2011 11:29 PM, GloW - XD doo...@gmail.com wrote:
Hello Laurelai ,
Oh i agree it is still a terrible precedent to be set.. I dont even know
where, legally, i stand anymore...
It is rather disturbing, nomatter WHO it was
never did... was only for one buttcheek kid that i was alittle pissed and
thinking things wich, prolly were wrong at the time...
I am adult enough to apologise for what happened back then, and hopefully it
is just, cool.
:)
cheers, your loved by many, you just have many trollers to :sp
take care ,
Title:
==
European Security Services GPS 1.x - Multiple Vulnerabilities
Date:
=
2011-09-28
VL-ID:
=
63
Reference:
==
http://www.vulnerability-lab.com/get_content.php?id=63
Introduction:
=
Für eine geringe Ortungsgebühr erhalten Sie einen Zugang zu unserem
Its all good dude. What really concerns me is that vpn providers might give
over logs to oppressive regemes. TOR is starting to look better and better.
On Sep 27, 2011 11:40 PM, GloW - XD doo...@gmail.com wrote:
never did... was only for one buttcheek kid that i was alittle pissed and
thinking
Title:
==
Barracuda Backup v2.0 - Multiple Web Vulnerabilities
Date:
=
2011-09-28
References:
===
Barracuda Backup Application v2.0
VL-ID:
=
31
Introduction:
=
Barracuda Networks - Worldwide leader in email and Web security.
Barracuda Backup Service is a
22 matches
Mail list logo