Clicking on a link inside outlook express 6 (after
SP2) when outlook is set to read incoming messages as
an HTML (the default) clicking on URLs does not
open an I.E window. However when any I.E window/process is already open in the
background, it does open a new window with the link.
Whats
Its not about market share. Its about
functionality.Internet Explorer has about a 1000 functions for website
designers to make an amazing website withdynamic content and wonderfull
graphic filters and a million extends to the simple HTML language. All this
functions creates a wide range
That is incorrect, there is a fix -- SP2.Users
should use the latest updated system, meaning if there is an SP2, they
should install it.Rafel Ivgi, The-InsiderSecurity
ConsultantMalicious Code Research Center (MCRC)Finjan Software
LTDE-mail: [EMAIL
On Thu, 11 Nov 2004 19:18:55 -0500
Danny [EMAIL PROTECTED] wrote:
Yes, IE security needs work. Yes, Firefox is a great web browser.
However, if Firefox or any other browser had the same market share as
IE, would it really be that much more secure? There sure would be a
lot more people trying
Well, question here...
Why is it that Microsoft's code has less quality even though all code that's
written is instantly audited? (Each line of code is checked before it's
'passed' in to the code tree.)
I just don't understand... Why is it that a software product that a company
has been working
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 592-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
November 12th, 2004
Nick FitzGerald wrote:
You told us everything useful/important about this except that it is
beg-ware. According to your web page:
Why do I need to donate?
That it is. Sorry.
But I do not believe that $2,50 is a ridiciously high amount, is it?
- Thomas Rogg
Other browsers may have problems, and often do (In the case of Firefox say) but
the time to respond is key here. MS have a real problem going that extra mile
when it comes to patching against variants of a vulnerability (ADODB.stream,
shell: etc).
Mosl software has vulnerabilities at some
I have solved the problem ,but I have new problem now.
When I run the binary like this ./fragroute 192.168.1.78 , the error message
was shown:
fragroute: couldn't delete loopback route
fragroute: couldn't initialize tunnel interface: Invalid argument
I try to find the problem ,but i failed.Help
no that's not normal. normally you get
two worms a day ;-)
cheers
roman
Stephen Hunt
[EMAIL PROTECTED]
Sent by: [EMAIL PROTECTED]
11.11.2004 21:35
To
[EMAIL PROTECTED]
cc
Subject
[Full-Disclosure] [EMAIL PROTECTED]
Wow, 2nd day on this list and already a windows worm
nice...
i did not knew that kotik suck that
hard. but milw0rm seems to be pretty organized.
thx for the tip
class 101 [EMAIL PROTECTED]
Sent by: [EMAIL PROTECTED]
11.11.2004 23:04
To
[EMAIL PROTECTED]
cc
Subject
[Full-Disclosure] Re: [Advisory
+ Exploit] SlimFTPd = 3.15
On Thu, Nov 11, 2004 at 01:49:04PM -0900, Leif Sawyer wrote:
Sure, your representatives are telling you that they'll vote the
way the popular vote goes, but they don't have to.
Only the electoral vote counts.
Didn't one of the Gore representatives in 2000 voted blank to protest
something or
Hello, Thomas Rogg!
But I do not believe that $2,50 is a ridiciously high amount, is it?
But I do not believe that pay $0, get Firefox and do not worry about
next (and unpatched previous) IE issues is worse decision :)
Seems that your patch is merely replacing original MSHTML.DLL with one
You are wuite right about this.
But what should those users do whose Computers cannot update?
I don't know if it's a common problem with sp2, but one of my co-workers
has a windows box that starts downloading sp2 but stays at 0% .
Even applying sp2 from a cd does not work.
Florian Streck
On Fri,
Oh yeah, I've got 14,000 Windows 2000 machines to update to windows XP SP2,
hang on wheres that CD?
So thanks for your infinate wisdom there Rafel.
Colin.
Rafel Ivgi,
On Thu, Nov 11, 2004 at 02:14:22PM -0500, WB wrote:
If Kerry had thought he'd won, he'd be in court.
Wrong. If Kerry had thought he could win quickly in court, he'd be in it.
What he didn't want is a repeat of the 2000 Florida fiasco, which left
Gore looking like a real sore loser without any
On Wed, 10 Nov 2004, Paul Starzetz wrote:
Synopsis: Linux kernel binfmt_elf loader vulnerabilities
Product: Linux kernel
Version: 2.4 up to to and including 2.4.27, 2.6 up to to and
including 2.6.8
And also 2.6.9.
3) bad return value vulnerability while mapping the program
In answer to r00t3d, Im not complaining , I just wants my words to be
listened , that's done with or without you agreement , honestly, and
sincerly what should I care of you ..., nothing , and I proove you it there,
bye and to the next one r00t3d ;
KOTIK sux ballz
If you do have 14000 machines why don't you buy Finjan's Vital Security For
Web?
It will filter all malicious I.E exploits for all its surfers(its a proxy,
quite fast...)
Or just use SUS(system update server (microsoft)) just like any other
administrator... to install sp2 or to just
replace
And what do you plan on doing about the
unpatched exploited recently released? There are holes for SP2...ones that
haven't even been released yet...
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Rafel
Ivgi, The-InsiderSent: Friday, November 12, 2004 12:44
Look at the difference between exit polling and actual results.
The election results and exit polls differ, therefore you assume the
election results are wrong? This is really dumb. There are endless
reasons to believe that exit polls are inaccurate. For one thing,
they're self-sampling: they
The first patch for ADODB.stream was just a killbit..and the killbit
only stopped the current attack vector...in a manner of seconds, there
was a second exploit that passed the so called first patch. Stupid, they
think everything is as stupid as their main market.
The problem with IE is its
Obviously this is usual, because the list is unmoderated... Either get a
good AV or keep from clicking the executable attachments. ;)
- Original Message -
From: Stephen Hunt [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Thursday, November 11, 2004 5:35 PM
Subject: [Full-Disclosure]
On Thu, 11 Nov 2004 20:27:52 -0500, Scott Leff [EMAIL PROTECTED] wrote:
On Thu, 11 Nov 2004 19:18:55 -0500, Danny [EMAIL PROTECTED] wrote:
Yes, IE security needs work. Yes, Firefox is a great web browser.
However, if Firefox or any other browser had the same market share as
IE, would it
More infinate wisdom there Rafel.
Price per license for Finjan's Vital Security for Web = 9.50GBP per user
+ 20% support per annum, roughly equates to 160,000GBP (plus any hardware,
software and network requirements) to cover us with your no doubt
class-leading product. I'm sure that the
Hi Marc,
In RFC 2616, describing version 1.1 of the Hypertext Transfer Protocol, it
is described that the specification expects HTTP/1.1 servers to respond
appropriately with a message in the same major version used by the
client.However, this is not in compliance with another RFC, 2145,
Hello Raoul,
But I do not believe that $2,50 is a ridiciously high amount, is it?
But I do not believe that pay $0, get Firefox and do not worry about
next (and unpatched previous) IE issues is worse decision :)
Yeah, sure. But there are always other programs that use the Internet
Explorer
On Fri, 12 Nov 2004 01:50:45 -0500, David B Harris
[EMAIL PROTECTED] wrote:
On Thu, 11 Nov 2004 19:18:55 -0500
Danny [EMAIL PROTECTED] wrote:
Yes, IE security needs work. Yes, Firefox is a great web browser.
However, if Firefox or any other browser had the same market share as
IE, would
He can buy a product..or do a super fast rollout of SP2..but why should
he? Microsoft should write better products...period. Everytime a Firefox
exploit comes out..there is already a fix...is that magic? No..it is
good coding...
-Original Message-
From: [EMAIL PROTECTED]
On Thu, 11 Nov 2004 21:22:26 -0600, Frank Knobbe [EMAIL PROTECTED] wrote:
On Thu, 2004-11-11 at 18:18, Danny wrote:
However, if Firefox or any other browser had the same market share as
IE, would it really be that much more secure?
Wrong question.
It's part of the equation. May not be the
I disagree Colin,
A good administrator knows there is more then one way to skin a cat. Rafel,
I belive was just briefly stating some solutions to the problem. I can tell
you windows protection can be defeated with a few registry changes. Combine
that with an active directory login script and I
Expect POC exploits, active internet worms, e-mail trojans, bad words
and off topic messages...expect everything, trust nothing...Welcome to
FD, enjoy your stay =)
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
Jeff Donahue
Sent: Friday, November
Use SUS to install XP SP2 to 14,000 Windows 2000 machines?
Somehow I think that will be problematic.
Don't forget you have to be on a certain service pack to use SUS for
Windows 2000, then change GPO to push the AU changes to each machine to
even use SUS..and if you are a admin access, it
not to mention the hundreds or thousands of pairs of eyes both
helpful and harmful that look at the mozilla project's codebase.
Todd Towles wrote:
He can buy a product..or do a super fast rollout of SP2..but why should
he? Microsoft should write better products...period. Everytime a Firefox
On Fri, 12 Nov 2004 09:17:32 -0800, Tony Pace [EMAIL PROTECTED] wrote:
I am new to the list and have some questions about Black Holes
Tony
Sit down and shut up, you'll learn more that way. Black holes? you
mean outter space or security flaws?
A slightly confused n3td3v
Welcome to
Interesting, i haven't noticed any. I guess gmail is picking them up?
On Fri, 12 Nov 2004 12:44:44 -0300, Jeff Donahue [EMAIL PROTECTED] wrote:
Obviously this is usual, because the list is unmoderated... Either get a
good AV or keep from clicking the executable attachments. ;)
-
On Fri, 12 Nov 2004 17:25:23 GMT, Andrew Smith said:
Interesting, i haven't noticed any. I guess gmail is picking them up?
Well, of *course* Google is picking them up - there's valuable data in them. :)
Data mining at its best - Google can look at the forged From: and To:
headers used by
On Fri, 12 Nov 2004 11:53:59 CST, Paul Schmehl said:
--On Thursday, November 11, 2004 02:22:18 PM -0500 [EMAIL PROTECTED]
wrote:
At least some of the machines used had active wireless on them
Do you know this for a fact? Can you identify the states/locations where
this was
Don't listen to these business wankers in suits, they'll say anything
at high profile conferences to get extra claps.
They have no idea what the reality is on the street.
Thanks. n3td3v
http://www.geocities.com/n3td3v
___
Full-Disclosure - We believe
On Fri, November 12, 2004 9:44 am, n3td3v said:
I'm just wondering why the multi billion, mutli nation corporation of
Microsoft hasn't released a patch yet.
Isn't it obvious? They make no money by patching IE for Win2K. But they do
make money if you go out and buy WinXP and apply SP2. So they
I'm just wondering why the multi billion, mutli nation corporation of
Microsoft hasn't released a patch yet. The idea that they are waiting
for next months patch release when we have countless worms/virii in
the wild is totally irresponsible of whoever is in charge with patch
release policy. Sure
On Thu, 11 Nov 2004, Todd Towles wrote:
http://news.com.com/Microsoft+says+Firefox+not+a+threat+to+IE/2100-1032_
3-5448719.html?part=dhttag=ntoptag=nl.e433
Vamos, who admitted he has never used Firefox, said there is a lot of
hype surrounding the open-source movement and that if Microsoft's
On Fri, 12 Nov 2004 22:15:31 +0100, nicolas vigier
[EMAIL PROTECTED] wrote:
On Thu, 11 Nov 2004, Danny wrote:
Yes, IE security needs work. Yes, Firefox is a great web browser.
However, if Firefox or any other browser had the same market share as
IE, would it really be that much more
--On Thursday, November 11, 2004 02:22:18 PM -0500 [EMAIL PROTECTED]
wrote:
At least some of the machines used had active wireless on them
Do you know this for a fact? Can you identify the states/locations where
this was implemented?
And how, pray tell, do you get paranoid enough to watch
Anybody having problems getting to www.microsoft.com this
afternoon?
Our users are reporting that they cannot get to Hotmail, Yahoo Mail,
GMail or any other public mail portal. Anyone else having this problem?
This e-mail is the property of Oxygen Media, LLC. It is intended only for the
person or entity to which it is addressed and may contain information that
What sucks is that my email gateway strips out .exe, .com, etc. so I can't
even intentionally infect myself if I wanted to. It would make my day more
interesting when the Security office starts sending people worms :)
-Original Message-
From: Jeff Donahue [mailto:[EMAIL PROTECTED]
If you do not wish to participate, ignore it. Otherwise, get a clue.
Perhaps not all of the discussion is security-related, but this last post
you ranted about has everything to do with security. Physical and
Technical security. While the claims which started the discussion are not
Security dosent mean functionality.
You have to make a choice.
Like when you vote for an election.
Now as with any os windows/IE will be
secure if you cut down functionality.
If you think everyone's windows desktop should be
secured as lets say with irony, *bsd or linux or *nix even.
(LOL
I've been wanting to share this with people for a long time,
as things wind down for me, I've (finally) decided to release this.
http://www.netsys.com/images/fool-disclosure-logo.jpg
___
Full-Disclosure - We believe in it.
Charter:
On Fri, 12 Nov 2004 17:48:58 GMT, n3td3v said:
Don't listen to these business wankers in suits, they'll say anything
at high profile conferences to get extra claps.
No, actually, you *DO* need to *listen* to them. That way, when your
PHB comes in with another brain-dead
-Original Message-
From: Noam Rathaus [mailto:[EMAIL PROTECTED]
Sent: November 11, 2004 17:03
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: Contact in HP related to OpenView / Coda
Hi,
Does anyone know a point of contact in HP related to their
OpenView / Coda
On Fri, 12 Nov 2004 10:46:51 GMT, [EMAIL PROTECTED] said:
Oh yeah, I've got 14,000 Windows 2000 machines to update to windows XP SP2,
hang on wheres that CD?
14,000 corporate windows boxes are easy enough to do - you can just use
whatever fascist scheme you prefer to jam the update down their
VULNERABLE SOFTWARE VERSIONS
TWiki http://twiki.org/
- TWiki 20030201 (e.g. Debian Sarge)
- probably later versions
- Subversion repository at
http://ntwiki.ethermage.net:8181/svn/twiki/trunk
at least until revision 3224 (including)
ATTACK VECTORS
HTTP GET requests towards the Wiki
Hi,
NO-ONE outside AMERICA gives a bloody SHIT about the American election
crap! Keep it OFF LIST!
FUCK THE HELL OFF!
I don't think it's as simple as that. Yes the list should be for
security related topics. And it has been boring me shit less the last
few days/weeks. But the technology of
never mind. just found out that Time-Warner
has a problem in our area.
Northwest Piedmont North
Carolina
-Original Message-From: Heavner, Charlie
Sent: Friday, November 12, 2004 2:15 PMTo:
'[EMAIL PROTECTED]'Subject: probs with MS
site
Anybody having problems getting to
I don't know about you Rafel, but I know people in your company think XP
SP2 is full of holes also. =)
Ten new security holes in Windows XP Service Pack 2 have been
discovered, so get ready to insert new patches into your patch
management schedule. Microsoft recently announced their Security
###
Luigi Auriemma
Application: Secure Network Messenger
http://www.networkmessengers.com/msg/
Versions: = 1.4.2
Platforms:Windows
Bug: crash
Exploitation: remote
First off, this is 100% PR bullshit. The guy has never run Firefox,
Opera, or anything other than IE. So he might as well say According to
this piece of paper the PR people gave me, IE is as secure as any other
Browser.
The reality of the situation is that IE is not secure for the average
home
On Fri, 12 Nov 2004, Eric McCarty wrote:
First off, this is 100% PR bullshit. The guy has never run Firefox,
Opera, or anything other than IE. So he might as well say According to
this piece of paper the PR people gave me, IE is as secure as any other
Browser.
Or he read and was
Do a search for reported vulnerabilities for IE and one for
Netscape/Mozilla.
I think by count alone IE will win.
My biggest issue is that with a locked down system, IE can still install
malware, when the user can't even install system patches.
If MS could fix that, there would be fewer
--On Thursday, November 11, 2004 02:21:23 PM -0200 [EMAIL PROTECTED] wrote:
Depending on your state/county/whatever, your vote did count a LOT LESS
than other votes. It all depends on how many electoral college votes your
state has.
Is this what passes for logic? Every vote counts the same. You
On Thu, 11 Nov 2004, Danny wrote:
Yes, IE security needs work. Yes, Firefox is a great web browser.
However, if Firefox or any other browser had the same market share as
IE, would it really be that much more secure? There sure would be a
lot more people trying to find holes in Firefox if
--On Thursday, November 11, 2004 02:21:23 PM -0200 [EMAIL PROTECTED] wrote:
Depending on your state/county/whatever, your vote did count a LOT LESS
than other votes. It all depends on how many electoral college votes your
state has.
Is this what passes for logic? Every vote counts the
DanB UK wrote:
Hi,
NO-ONE outside AMERICA gives a bloody SHIT about the American election
crap! Keep it OFF LIST!
FUCK THE HELL OFF!
[snip]
But on the most I concur, this list is NOT about the American
election. I'm sure there are lists elsewhere for that.
Actually, I use thunderbird and have a
[EMAIL PROTECTED] wrote:
Sorry list, I just couldn't resist..
I couldn't either :-(
*Electoral votes vs. Population [1]
StatePopulation Votes Votes / M pop.
-
Alaska 648,818 34.624
Wyoming 501,242 35.985
Texas
66 matches
Mail list logo