| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri Jul 7 16:33:54 2006 From: jhou.shalnevarkno at gmail.com (Jhou Shalnevarkno) Subject: Re: Full-Disclosure Digest, Vol 17, Issue 12 I've been wondering when n3td3v would die.. he's such a sore loser. On 07/07/06, full-disclosure-request@...ts.grok.org.uk <full-disclosure-request@...ts.grok.org.uk> wrote: > Send Full-Disclosure mailing list submissions to > full-disclosure@...ts.grok.org.uk > > To subscribe or unsubscribe via the World Wide Web, visit > https://lists.grok.org.uk/mailman/listinfo/full-disclosure > or, via email, send a message with subject or body 'help' to > full-disclosure-request@...ts.grok.org.uk > > You can reach the person managing the list at > full-disclosure-owner@...ts.grok.org.uk > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of Full-Disclosure digest..." > > > Note to digest recipients - when replying to digest posts, please trim your > post appropriately. Thank you. > > > Today's Topics: > > 1. Re: The truth about Rob Levin aka Liloofirc.freenode.net > (Dave "No, not that one" Korn) > 2. Major updates to Excel 0-day Vulnerability FAQ at SecuriTeam > Blogs (Juha-Matti Laurio) > 3. Re: Two-Factor Authentication on the Web (mikeiscool) > 4. [SECURITY] [DSA 1105-1] New xine-lib packages fix denial of > service (Martin Schulze) > 5. Re: Re: Google and Yahoo search engine zero-day code > (Patrick Fitzgerald) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Fri, 7 Jul 2006 02:36:36 +0100 > From: "Dave \"No, not that one\" Korn" <davek_throwaway@...mail.com> > Subject: [Full-disclosure] Re: The truth about Rob Levin aka > Liloofirc.freenode.net > To: full-disclosure@...ts.grok.org.uk > Message-ID: <e8kdr5$g29$1@....gmane.org> > > Eliah Kagan wrote: > > On 7/6/06, Edward Pearson wrote: > >> Yes, shame on you. > >> If Rob took you to court, you'd be in big fucking trouble. > > > > Wow, feel the hate. > > > > evilrabbi pointed it out, but maybe you didn't catch it...court > > records are public... > > > > Benjamin Krueger spoke of, "SSN, birthdate, and other personal data," > > but see, nobody posted any of that...Andrew A posted some information > > from PUBLIC COURT RECORDS... > > > > -Eliah > > You appear to have come in part way through this thread and missed the > first post that started it, which had Rob Levin's SSN, birthdate and > personal data. > > What makes you look even dafter is that the post by Andrew A, which you > clearly *have* seen, re-quoted the entire thing beneath the top-post, > including Rob Levin's SSN, birthdate and personal data. > > If you can't see things such as an SSN, birthdate, and personal data, when > they're right there in front of you, please don't try and help anyone else > by discussing the absence of SSN, birthdate, and personal data, from posts > that you clearly didn't pay the slightest attention to when you read them. > > cheers, > DaveK > -- > Can't think of a witty .sigline today.... > > > > > > ------------------------------ > > Message: 2 > Date: Fri, 7 Jul 2006 05:22:29 +0300 (EEST) > From: Juha-Matti Laurio <juha-matti.laurio@...ti.fi> > Subject: [Full-disclosure] Major updates to Excel 0-day Vulnerability > FAQ at SecuriTeam Blogs > To: full-disclosure@...ts.grok.org.uk > Message-ID: > <10635453.503051152238949865.JavaMail.juha-matti.laurio@...ti.fi> > Content-Type: text/plain; Charset=iso-8859-1; Format=Flowed > > Several updates to First Microsoft Excel 0-day Vulnerability FAQ document at > http://blogs.securiteam.com/?p=451 > has been done. > > * Several exploits for this vuln and other Excel issues has been released > recently > > * PoC sample file Nanika.xls was posted to Bugtraq on Monday already > (NOTE: Several vendors see this as a separate vulnerability) > > * New Trojan variant names added to the document > > * Some other updates and fixes > > Word 'First' to the FAQ document title was added in June to clarify the > situation after several Excel vuln disclosures. > > At time of writing new 'Nanika' issue uses Repair Mode too (and user > interaction is needed). > There is no exact information is this a totally new type vulnerability, > however. > > - Juha-Matti > > > > ------------------------------ > > Message: 3 > Date: Fri, 7 Jul 2006 12:25:53 +1000 > From: mikeiscool <michaelslists@...il.com> > Subject: [Full-disclosure] Re: Two-Factor Authentication on the Web > To: "PPowenski@....com" <PPowenski@....com> > Cc: webappsec@...urityfocus.com, "full-disclosure@...ts.grok.org.uk" > <full-disclosure@...ts.grok.org.uk> > Message-ID: > <5e01c29a0607061925p291ad51fg800af756bc0675ac@...l.gmail.com> > Content-Type: text/plain; charset=ISO-8859-1; format=flowed > > On 7/6/06, PPowenski@....com <PPowenski@....com> wrote: > > http://www.theregister.co.uk/2005/04/04/fingerprint_merc_chop/ > > > > Carjackers swipe biometric Merc, plus owner's finger > > honestly, this guy should sue mercedes. this absoutely had to forsee > this possibility and they did not care. something like that needs to > happen so that we can finall put an end to the stupidity that is > biometrics. > > -- mic > > > > ------------------------------ > > Message: 4 > Date: Fri, 7 Jul 2006 08:43:43 +0200 (CEST) > From: joey@...odrom.org (Martin Schulze) > Subject: [Full-disclosure] [SECURITY] [DSA 1105-1] New xine-lib > packages fix denial of service > To: debian-security-announce@...ts.debian.org (Debian Security > Announcements) > Message-ID: <20060707064343.44332FDDD@...landia.home.infodrom.org> > Content-Type: text/plain; charset=iso-8859-1 > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > - -------------------------------------------------------------------------- > Debian Security Advisory DSA 1105-1 security@...ian.org > http://www.debian.org/security/ Martin Schulze > July 7th, 2006 http://www.debian.org/security/faq > - -------------------------------------------------------------------------- > > Package : xine-lib > Vulnerability : buffer overflow > Problem type : remote > Debian-specific: no > CVE ID : CVE-2006-2802 > BugTraq ID : 18187 > Debian Bug : 369876 > > Federico L. Bossi Bonin discovered a buffer overflow in the HTTP > Plugin in xine-lib, the xine video/media player library, taht could > allow a remote attacker to cause a denial of service. > > For the old stable distribution (woody) this problem has been fixed in > version 0.9.8-2woody5. > > For the stable distribution (sarge) this problem has been fixed in > version 1.0.1-1sarge3. > > For the unstable distribution (sid) this problem has been fixed in > version 1.1.1-2. > > We recommend that you upgrade your libxine packages. > > > Upgrade Instructions > - -------------------- > > wget url > will fetch the file for you > dpkg -i file.deb > will install the referenced file. > > If you are using the apt-get package manager, use the line for > sources.list as given at the end of this advisory: > > apt-get update > will update the internal database > apt-get upgrade > will install corrected packages > > You may use an automated update by adding the resources from the > footer to the proper configuration. > > > Debian GNU/Linux 3.0 alias woody > - -------------------------------- > > Source archives: > > > http://security.debian.org/pool/updates/main/x/xine-lib/xine-lib_0.9.8-2woody5.dsc > Size/MD5 checksum: 761 113ef134a39e2f37bc6395dc2e43b538 > > http://security.debian.org/pool/updates/main/x/xine-lib/xine-lib_0.9.8-2woody5.diff.gz > Size/MD5 checksum: 2339 194c32b8c93f5e85c873454412f63552 > > http://security.debian.org/pool/updates/main/x/xine-lib/xine-lib_0.9.8.orig.tar.gz > Size/MD5 checksum: 1766178 d8fc9b30e15b50af8ab7552bbda7aeda > > Alpha architecture: > > > http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_0.9.8-2woody5_alpha.deb > Size/MD5 checksum: 261022 3314df47933eadc0af5b5cf4a36afdfe > > http://security.debian.org/pool/updates/main/x/xine-lib/libxine0_0.9.8-2woody5_alpha.deb > Size/MD5 checksum: 816024 897664eee06d09f43375f5320be1f17b > > ARM architecture: > > > http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_0.9.8-2woody5_arm.deb > Size/MD5 checksum: 302960 9dee75c3d13aabb5e83978e0d75ec4ce > > http://security.debian.org/pool/updates/main/x/xine-lib/libxine0_0.9.8-2woody5_arm.deb > Size/MD5 checksum: 671494 dafc6c14181802dd56c887583bbf5140 > > Intel IA-32 architecture: > > > http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_0.9.8-2woody5_i386.deb > Size/MD5 checksum: 260788 3a98e4d713d1c341fe69a717c8de0072 > > http://security.debian.org/pool/updates/main/x/xine-lib/libxine0_0.9.8-2woody5_i386.deb > Size/MD5 checksum: 807996 1dd6e453aa93c420a145dd5397ee99bd > > Intel IA-64 architecture: > > > http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_0.9.8-2woody5_ia64.deb > Size/MD5 checksum: 260864 46ae5bb7b3256421dd7291e7c8898369 > > http://security.debian.org/pool/updates/main/x/xine-lib/libxine0_0.9.8-2woody5_ia64.deb > Size/MD5 checksum: 953654 887b267a44c50e00f8bf9e2190852ca8 > > HP Precision architecture: > > > http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_0.9.8-2woody5_hppa.deb > Size/MD5 checksum: 260968 aa1ee745d7c5c6b9a8271c64f0a587a0 > > http://security.debian.org/pool/updates/main/x/xine-lib/libxine0_0.9.8-2woody5_hppa.deb > Size/MD5 checksum: 846792 60ed39365a0c67db2d4fba67d2ba1583 > > Motorola 680x0 architecture: > > > http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_0.9.8-2woody5_m68k.deb > Size/MD5 checksum: 292718 2a87b508bcc610a01abf8c9c3773d40d > > http://security.debian.org/pool/updates/main/x/xine-lib/libxine0_0.9.8-2woody5_m68k.deb > Size/MD5 checksum: 617706 67075fef400071473fa948e5dd89b8fc > > Big endian MIPS architecture: > > > http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_0.9.8-2woody5_mips.deb > Size/MD5 checksum: 299478 5b0c49b3745472f71725dd052b60d712 > > http://security.debian.org/pool/updates/main/x/xine-lib/libxine0_0.9.8-2woody5_mips.deb > Size/MD5 checksum: 653086 0044bef2d6ebeb01385d1a20a716046a > > Little endian MIPS architecture: > > > http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_0.9.8-2woody5_mipsel.deb > Size/MD5 checksum: 299568 79851707d297d94d74b613d5abaa6b3a > > http://security.debian.org/pool/updates/main/x/xine-lib/libxine0_0.9.8-2woody5_mipsel.deb > Size/MD5 checksum: 655030 0868f2d006c6b5282c8880a8460fed77 > > PowerPC architecture: > > > http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_0.9.8-2woody5_powerpc.deb > Size/MD5 checksum: 261278 fc16e5e2889afdd2c73491714575d53f > > http://security.debian.org/pool/updates/main/x/xine-lib/libxine0_0.9.8-2woody5_powerpc.deb > Size/MD5 checksum: 742454 6c2be22417b910c45c0bb113a4f7707b > > IBM S/390 architecture: > > > http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_0.9.8-2woody5_s390.deb > Size/MD5 checksum: 302404 9d54d7d12b431358f99fe688e2999cb5 > > http://security.debian.org/pool/updates/main/x/xine-lib/libxine0_0.9.8-2woody5_s390.deb > Size/MD5 checksum: 662920 5da8cbae8d02f579e8150dde1b07c4f8 > > Sun Sparc architecture: > > > http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_0.9.8-2woody5_sparc.deb > Size/MD5 checksum: 261104 30717fe03e13e5dfbd5adbf4dafd93eb > > http://security.debian.org/pool/updates/main/x/xine-lib/libxine0_0.9.8-2woody5_sparc.deb > Size/MD5 checksum: 803816 fe08139ea1b35f3e7d5b7bcb8de20dd3 > > > Debian GNU/Linux 3.1 alias sarge > - -------------------------------- > > Source archives: > > > http://security.debian.org/pool/updates/main/x/xine-lib/xine-lib_1.0.1-1sarge3.dsc > Size/MD5 checksum: 1062 998afa8ddece7f06aac69cb8787b8bea > > http://security.debian.org/pool/updates/main/x/xine-lib/xine-lib_1.0.1-1sarge3.diff.gz > Size/MD5 checksum: 3230 6b65bdac09c698d6dcfc9c01f417714b > > http://security.debian.org/pool/updates/main/x/xine-lib/xine-lib_1.0.1.orig.tar.gz > Size/MD5 checksum: 7774954 9be804b337c6c3a2e202c5a7237cb0f8 > > Alpha architecture: > > > http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_1.0.1-1sarge3_alpha.deb > Size/MD5 checksum: 107646 53ba83cd587bed30cdbd5dd96a241e43 > > http://security.debian.org/pool/updates/main/x/xine-lib/libxine1_1.0.1-1sarge3_alpha.deb > Size/MD5 checksum: 4829370 83e8d3ed71f20b06d4edcd1a97247903 > > AMD64 architecture: > > > http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_1.0.1-1sarge3_amd64.deb > Size/MD5 checksum: 107640 9be42e567a232db85ade634a8875cea1 > > http://security.debian.org/pool/updates/main/x/xine-lib/libxine1_1.0.1-1sarge3_amd64.deb > Size/MD5 checksum: 3933392 03aaaf4b88fd5cc99ab7048e386a81eb > > ARM architecture: > > > http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_1.0.1-1sarge3_arm.deb > Size/MD5 checksum: 107698 857f520bcc947238b6a1732239508e29 > > http://security.debian.org/pool/updates/main/x/xine-lib/libxine1_1.0.1-1sarge3_arm.deb > Size/MD5 checksum: 3878442 e505d7fd20cff3d6965e0e55640e5da0 > > Intel IA-32 architecture: > > > http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_1.0.1-1sarge3_i386.deb > Size/MD5 checksum: 107702 56fb77a0b6f0d01b3eb7cff160b7fc2e > > http://security.debian.org/pool/updates/main/x/xine-lib/libxine1_1.0.1-1sarge3_i386.deb > Size/MD5 checksum: 4204886 3fb1c5b93a8bd2857f8da12f95a0c144 > > Intel IA-64 architecture: > > > http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_1.0.1-1sarge3_ia64.deb > Size/MD5 checksum: 107648 e5540cc5bbe66e9565fc412d7d37a23d > > http://security.debian.org/pool/updates/main/x/xine-lib/libxine1_1.0.1-1sarge3_ia64.deb > Size/MD5 checksum: 5620728 800474cd0356d391f8ac843104de8057 > > HP Precision architecture: > > > http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_1.0.1-1sarge3_hppa.deb > Size/MD5 checksum: 107676 8f22e952357456fe6f92217a6305a54b > > http://security.debian.org/pool/updates/main/x/xine-lib/libxine1_1.0.1-1sarge3_hppa.deb > Size/MD5 checksum: 3600400 aff888a7efd1cc00072cc3bdd1c88a70 > > Motorola 680x0 architecture: > > > http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_1.0.1-1sarge3_m68k.deb > Size/MD5 checksum: 107720 97d1027b157b256611e234ce20c76337 > > http://security.debian.org/pool/updates/main/x/xine-lib/libxine1_1.0.1-1sarge3_m68k.deb > Size/MD5 checksum: 3175260 ee6cef5deb75f0396b13013602f30b90 > > Big endian MIPS architecture: > > > http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_1.0.1-1sarge3_mips.deb > Size/MD5 checksum: 107654 639d0ee2c65047864b5c726dfba30fcf > > http://security.debian.org/pool/updates/main/x/xine-lib/libxine1_1.0.1-1sarge3_mips.deb > Size/MD5 checksum: 4066606 b7beb0cb4615f6ca98b4fbff3be16c06 > > Little endian MIPS architecture: > > > http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_1.0.1-1sarge3_mipsel.deb > Size/MD5 checksum: 107678 ba9bb94702fcf451db6dde218e23bc21 > > http://security.debian.org/pool/updates/main/x/xine-lib/libxine1_1.0.1-1sarge3_mipsel.deb > Size/MD5 checksum: 4125476 fc4b6816829beff3ba2fbd175e7e1384 > > PowerPC architecture: > > > http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_1.0.1-1sarge3_powerpc.deb > Size/MD5 checksum: 107686 0ce2a02a85fd72b5bb24213fc025f864 > > http://security.debian.org/pool/updates/main/x/xine-lib/libxine1_1.0.1-1sarge3_powerpc.deb > Size/MD5 checksum: 4305544 68c2be929520c8a45439d36ef8d0a2ca > > IBM S/390 architecture: > > > http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_1.0.1-1sarge3_s390.deb > Size/MD5 checksum: 107652 63c9659dc1e004412faf09d9feafee08 > > http://security.debian.org/pool/updates/main/x/xine-lib/libxine1_1.0.1-1sarge3_s390.deb > Size/MD5 checksum: 3880838 b747276fe66ef57341430e10adc32fee > > Sun Sparc architecture: > > > http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_1.0.1-1sarge3_sparc.deb > Size/MD5 checksum: 107666 045189d3cd49c72f4e4bf26ea391fec1 > > http://security.debian.org/pool/updates/main/x/xine-lib/libxine1_1.0.1-1sarge3_sparc.deb > Size/MD5 checksum: 4360438 15333a715e57287c63f2f2f36b40ec80 > > > These files will probably be moved into the stable distribution on > its next update. > > - > --------------------------------------------------------------------------------- > For apt-get: deb http://security.debian.org/ stable/updates main > For dpkg-ftp: ftp://security.debian.org/debian-security > dists/stable/updates/main > Mailing list: debian-security-announce@...ts.debian.org > Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg> > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.3 (GNU/Linux) > > iD8DBQFErgKeW5ql+IAeqTIRAlpvAJ4yapJ+ISmJTUjpPiihYLpFjCXT3gCgsYoT > CWOU1x/y/dGOIGdgvJh3dvI= > =NtJp > -----END PGP SIGNATURE----- > > > > ------------------------------ > > Message: 5 > Date: Fri, 7 Jul 2006 10:53:01 +0100 > From: "Patrick Fitzgerald" <misterfitzy@...il.com> > Subject: Re: [Full-disclosure] Re: Google and Yahoo search engine > zero-day code > To: "Dave No, not that one Korn" <davek_throwaway@...mail.com> > Cc: full-disclosure@...ts.grok.org.uk > Message-ID: > <62da2d570607070253y2e1225a6h9f6aa524bb4ae3a3@...l.gmail.com> > Content-Type: text/plain; charset=ISO-8859-1; format=flowed > > I never reply to this mailing list but I feel that this blatant and > unashamed plagiarism should be exposed! This 'breaking' news by the > n3td3v research branch was written about by Michal Zalewski in his > excellent book, 'silence on the wire'. Maybe Zalewski is part of the > 'fearsome' :) netdev group but I doubt it! > > On 7/5/06, Dave No, not that one Korn <davek_throwaway@...mail.com> wrote: > > Denis Jedig wrote: > > > n3td3v wrote: > > > > > >> Today's disclosure involves Google and Yahoo search engines: > > >> > > >> All you need to do is put in the code to a web page, when Google and > > >> Yahoo visit it, then the code exploits the software they use and > > >> makes them start caching 'other' pages. Including 'no index' pages, > > >> where sites have setup a robot text file on their server to protect > > >> corporate and consumer interests. > > > > > > I think you missed the concept here. Whatever is on the webservers and > > > is available to the public is... well... available to the public. > > > > > > It does not help security matters to introduce a robots.txt - the > > > purpose of this directives file is not to secure something but to > > > reduce traffic and keep irrelevant content out of search engines. > > > > > > If you need security, you introduce some kind of authentication > > > *before* access is allowed to sensitive data. You will find that a > > > sign reading "Do not enter and do not steal any gold" will not help > > > much at the Fort Knox entrance if it is the only security measure. > > > > > > Also, Google and Yahoo *do* respect the robots.txt file and do check it > > for every server they fetch files from, and the whole thing is garbage. > His > > so-called 'example' is a fraud because it shows yahoo caching a page from > > the site mtf.news.yahoo.com, which DOES NOT HAVE A ROBOTS.TXT FILE. > > > > cheers, > > DaveK > > -- > > Can't think of a witty .sigline today.... > > > > > > > > > > > > _______________________________________________ > > Full-Disclosure - We believe in it. > > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > > Hosted and sponsored by Secunia - http://secunia.com/ > > > > > > ------------------------------ > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > > End of Full-Disclosure Digest, Vol 17, Issue 12 > *********************************************** >
Powered by blists - more mailing lists