lol kid ure funny
- Original Message -
From: Gregh [EMAIL PROTECTED]
To: VeNoMouS [EMAIL PROTECTED]; Disclosure Full
[EMAIL PROTECTED]
Sent: Wednesday, October 13, 2004 5:03 PM
Subject: Re: [Full-Disclosure] WIN XPSP2 - is this a possible way to hack?
As you have stated voluminously in
No I am with you. They are taking the precious bandwidth, storage space
and our time for their non-sense squabble.
Pls try to shut up. Mercy us.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of winter
Sent: Wednesday, October 13, 2004 12:54 PM
To: [EMAIL
if the dhcpd is by isc and the dhcpd is running on *nix just cat
/var/state/dhcp/dhcpd.leases.
- Original Message -
From: Hugo van der Kooij [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, October 13, 2004 6:52 PM
Subject: Re: [SPAM] [Full-Disclosure] Stealing DHCP Leases
On
Dear VeNoMouS(I love how you do that uppercase-lowercase thing!),
I am inclined to agree with Mr. Gregh. You certainly have a silly
way of trying to exert your superiority and knowledge over others. And
then when you get shown-up, you begin acting like a child. You revert
to calling people son
Ill Will wrote:
oops...
http://www.illmob.org/0day/ghostradmin.zip
Trojandropper.Win32.RDM.a
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- Original Message -
Windows VDM #UD Local Privilege Escalation
Release Date:
October 12, 2004
Date Reported:
March 18, 2004
Severity:
Medium (Local Privilege Escalation to Kernel)
Systems Affected:
Windows NT 4.0
Windows 2000
Windows XP (SP1 and earlier)
Windows Server
Hello,
Would someone please enlighten Mr. Hexview and tell him that
his words HexView does not notify vendors unless there is a
prior agreement to do so sound very much like an extortion
attempt (racketeering?)
He(x) should be aware of how easy it is to find yourself in
a brig at Gitmo held in
On Tue, 12 Oct 2004 02:17:12 -0700 Harry de Grote [EMAIL PROTECTED]
wrote:
you really didn't invent the light, you know...
doubles invented wheel in asient times! all users nd producers of wheels
must pay many royalty moneys to doubles!
doubles
Concerned about your privacy? Follow this link
Looks like October's set of patches from MS nearly cleared out eEye's
queue:
http://www.eeye.com/html/research/upcoming/index.html
Anyway:
On Wed, Oct 13, 2004 at 07:06:00AM -0300, Pablo wrote:
Ok, thanks for your help, but it come up 120 additional days later
full-disclosure man.
eEye
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 564-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
October 13th, 2004
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 565-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
October 13th, 2004
Derek Soeder wrote:
Windows VDM #UD Local Privilege Escalation
Release Date:
October 12, 2004
Date Reported:
March 18, 2004
Severity:
Medium (Local Privilege Escalation to Kernel)
[NOTE: This vulnerability was silently fixed by Microsoft in June,
approximately 90 days after it was reported, with
Firstly I must apologise for adding more noise to this thread; but I
feel that this rant applies to more than just one person. I know there
are many who simply can't deal with posts like the one from gregh, a
message in a human language form rather than a logical systems
breakdown. Some people
KF_lists wrote:
ISS would like to have you believe otherwise... when I contacted them
about the Local SYSTEM escalation in BlackICE we went in circles over
the fact that I feel that taking local SYSTEM on a win32 box IS a
problem and they don't. They tryed to say some crap like in all our
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200410-11
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
ISS would like to have you believe otherwise... when I contacted them
about the Local SYSTEM escalation in BlackICE we went in circles over
the fact that I feel that taking local SYSTEM on a win32 box IS a
problem and they don't. They tryed to say some crap like in all our
years in the
That's not Radmin, that's a 'dropper' to silenty install
radmin..intended almost always for use as a trojan. So of course NAV
will pick it up as a virus.
On Wed, 13 Oct 2004 11:38:36 +0200 (CEST), Feher Tamas
[EMAIL PROTECTED] wrote:
Ill Will wrote:
oops...
The two talks I did here are publicly available in OpenOffice format
(www.openoffice.org if you don't have a reader already).
http://www.immunitysec.com/downloads/canvas_reference_implementation.sxi
http://www.immunitysec.com/downloads/advancedordnance2.sxi
Thanks,
Dave Aitel
Immunity, Inc.
Greetings, full-disclosure!
From time to time I find myself needing to estimate the time it takes
to run Nessus against various network ranges. For some reason, it
always seems to take longer than I expect, and I'm wondering if:
1: I am doing something wrong (this is always a possibility)
A few things I've noticed with this advisory: eEye states that the
vulnerability is an overflow in dunzip32.dll and that MS04-034 fixes
it. However, from what I've seen MS04-034 only patches zipfldr.dll.
Further, MS04-034 claims that Windows ME is not vulnerable, while eEye
says it is. Also,
wow, interesting stuff. Never seen anything like that before :-)
On Wed, 13 Oct 2004 13:40:35 +1300, VeNoMouS [EMAIL PROTECTED] wrote:
there u go guys
- Original Message -
From: Gregory Gilliss [EMAIL PROTECTED]
To: Steele [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Sent: Wednesday,
Hi List,
I've been trying to reproduce this vulnerability
(MS04-030) on my unpatched IIS. I am sending a request
with a element which has multiple/many attributes.
With my limited knowlegde of WebDAV, I think the
attributes per-element can be sent in two ways
1.in one line, in the element tag
###
Luigi Auriemma
Application: ShixxNote 6.net
http://www.shixxnote.com
Versions: 6.net, doesn't exist a specific version or build number
but the latest change in
On Wed, 13 Oct 2004, Mr. Rufus Faloofus wrote:
This strikes me as unreasonably slow, for bulk automated testing, so
first, I'd like to ask if these performance metrics are in line with
others' experiences. I'd also solicit any hints people might have
to offer on how they optimize performance, any
I tried attributes in a single tag too, like...
x:elem x:attr=value x:attr=value x:attr=value
x:attr=value x:attr=value...so on /
--- nirvana [EMAIL PROTECTED] wrote:
Hi List,
I've been trying to reproduce this vulnerability
(MS04-030) on my unpatched IIS. I am sending a
request
Date: October 12, 2004
Vendor: FuseTalk
Issue:Multiple Cross Site Scripting Vulnerabilities
URL: http://www.fusetalk.com
Advisory: http://www.lovebug.org/fusetalk_advisory.txt
Notes:
The vendor was contacted last month and responded that:
all of these issues below were fixed in
---
Fedora Legacy Update Advisory
Synopsis: Updated samba resolves security vulnerabilities
Advisory ID: FLSA:2102
Issue date:2004-10-13
Product: Red Hat Linux
Keywords:
On Wed, 13 Oct 2004, Mr. Rufus Faloofus wrote:
Greetings, full-disclosure!
From time to time I find myself needing to estimate the time it takes
to run Nessus against various network ranges. For some reason, it
always seems to take longer than I expect, and I'm wondering if:
1: I am
Daniel,
Could you please point out where you read this data? I would like to
see this one...
--
Daniel H. Renner [EMAIL PROTECTED]
Los Angeles Computerhelp
On Tue, 2004-10-12 at 20:54, [EMAIL PROTECTED]
wrote:
Message: 18
Date: Tue, 12 Oct 2004 12:41:56 -0700
From: Daniel Sichel [EMAIL
I have heard the same thing and I have the same concern. The latest and
greatest (?) MS Exchange 2003 uses it for Outlook Web Access and Outlook
2003 may connect to Exchange through it also without needing a VPN.
http://support.microsoft.com/?id=833401
Daniel H. Renner wrote:
Daniel,
Could you
All,
A lot of fuzz has come around the canonicalization issue found with IIS and
ASP.NET forms authentication. One of the main worries has been if IISShield
is an effective measure to prevent this kind of exploit.
So, is it effective? Yes!
Since ISAPI Filters will be the main topic, here goes.
Daniel H. Renner [EMAIL PROTECTED] 10/13/2004 8:37:12
AM:
Daniel,
Could you please point out where you read this data? I would like
to
see this one...
Ye god, it's true. And it's recommended by Microsoft as well. One
example:
I remember reading this too. So after a little investigation I've found
the following resources:
http://www.msexchange.org/tutorials/outlookrpchttp.html
http://www.microsoft.com/office/ork/2003/three/ch8/OutC07.htm
On Wed, Oct 13, 2004 at 08:03:06PM +0200, Hugo van der Kooij wrote:
Nessus has some mailinglist. Don't you think you would get better results
if you used one of those?
Forgot about it, actually. I considered pen-test, but I forgot about
the Nessus list. Thanks for the reminder.
Reading the
Daniel H. Renner wrote:
Daniel,
Could you please point out where you read this data? I would like to
see this one...
I seem to remember that this was one of the caveats with regard to
MSBlast and RPC/DCOM vulnerabilities last year.
In certain configurations, it was theoretically possible
arpd ... http://www.citi.umich.edu/u/provos/honeyd/ ?!?
On Tue, 12 Oct 2004 12:08:07 -0700, Ian Holm [EMAIL PROTECTED] wrote:
I was noticing that the number of DHCP address in the DHCP cache was running
low so I decided to check which computers were assigned to each address. To
my horror I
Are you talking about the BITS change? Where it does BITS over HTTP?
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
Daniel H. Renner
Sent: Wednesday, October 13, 2004 10:37 AM
To: [EMAIL PROTECTED]
Subject: Re: [Full-Disclosure] Possibly a
October 11, Associated Press - U.S. funds chat-room surveillance study.
The
U.S. government is funding a yearlong study on chat room surveillance
under
an anti-terrorism program. A Rensselaer Polytechnic Institute computer
science professor hopes to develop mathematical models that can uncover
Look for documentation on SOAP.
Thanks,
Ron DuFresne
On Wed, 13 Oct 2004, Daniel H. Renner wrote:
Daniel,
Could you please point out where you read this data? I would like to
see this one...
--
~~
Cutting the space budget really restores my faith in
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
This is called, in my experience, XML-RPC (google search with lots
of results). Reference: http://www.xmlrpc.com/spec
Yes, it is a Remote Procedure Calling implementation. No, it is not
the same things that the good old udp based RPC used for things
It looks like they have.. (url may wrap)
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/rpc/rpc/remote_procedure_calls_using_rpc_over_http.asp
--
Regards,
Sean Milheim
iDREUS Corporation
---BeginMessage---
I have heard the same thing and I have the same concern. The latest
Hi Daniel Daniel
I agree this can lead to security holes.
There are ways to make it more secure (if you can call
it secure), here are some links about this subject :
(sorry for wrapped urls)
You need protocol level inspection (i.e. beyond SPI) if you're going
to monitor that kind of traffic.
Also, the support for RPC over HTTP (should really be HTTPS) is not as
open ended as you might fear.
Look at the following:
http://www.google.com/search?q=RPC%20over%20HTTPS%20implement
- ASB
ddaa sseeccuurriittyy ccoonnssuullttaannttee ddoouubblleess
aauuddiieedd mmaannyy mmoorree aarrcchhiivveess ssiinnssee
llaasstt ttiimmee!!
uunnzz 44..44 hhaavvee ddiirreeccttoorryy ttrraavveerrssaall
bbuugg
ttoo!! bbwwaahhaahhaahhaahh!!
ggiivvee mmee mmaannyy
Yeah, it certainly is a security risk in several ways.
Decoding and inspecting HTTPS traffic at the perimeter
before it reaches the server becomes an absolute
necessity if RPC over HTTPS is implemented. Same with
RPC over HTTP.
--
S.G.Masood
--- ASB [EMAIL PROTECTED] wrote:
You need
45 matches
Mail list logo