lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <88001FC5C453764CA6597FB298742494026DD0B5@SVEX03.dutchtone.nl>
From: allan.vanleeuwen at orangemail.nl (Leeuwen, Allan van)
Subject: Administrivia: Fool Disclosure

Hmmm you're sounding just like the people that were saying 'JPG is safe
because its not executable' a while back.
They seem to have all shut their mouths now....

There could very well be some form of overflow in Notepad.exe 
(although I admit there are probably so few lines of code in Notepad
that this is unlikely ... But never say never ;)

-----Original Message-----
From: full-disclosure-admin@...ts.netsys.com
[mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of Exibar
Sent: Monday, November 15, 2004 10:45 PM
To: Gerry Eisenhaur; Andrew Farmer
Cc: Michael Rutledge; full-disclosure@...ts.netsys.com
Subject: Re: [Full-Disclosure] Administrivia: Fool Disclosure

can you convert it to plaintext for us please?  I think that would work
nicely.... no plain text vulns that I can think of...


----- Original Message -----
From: "Gerry Eisenhaur" <GEisenhaur@...co.com>
To: "Andrew Farmer" <andfarm@...novis.com>
Cc: "Michael Rutledge" <michael4447@...il.com>;
<full-disclosure@...ts.netsys.com>
Sent: Monday, November 15, 2004 1:37 PM
Subject: Re: [Full-Disclosure] Administrivia: Fool Disclosure


> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Why should we feel any better...
> What about the libpng exploit... :)
>
> /gerry
>
>
> Andrew Farmer wrote:
>
> | On 14 Nov 2004, at 09:19, Michael Rutledge wrote:
> |
> |> On Fri, 12 Nov 2004 17:50:14 -0500 (EST), Len Rose <len@...sys.com>
> |> wrote:
> |>
> |>> I've been wanting to share this with people for a long time,
> |>> as things wind down for me, I've (finally) decided to release
this.
> |>>
> |>> http://www.netsys.com/images/fool-disclosure-logo.jpg
> |>
> |>
> |> Anyone check this image for GDI+ exploit?  lol
> |
> |
> | Heh! Good point.
> |
> | It's clean. Here's a PNG version, if you're still feeling paranoid.
> |
> | http://tinypic.com/lzj1j
> |
>
> - --
> +------------------------------------------------------+
> | Gerry Eisenhaur                 |           |        |
> | Cisco Security Agent           |||         |||       |
> | Boxborough, Massachusetts    .|||||.     .|||||.     |
> | PGP Key: 0xC13E8AFC       .:|||||||||:.:|||||||||:.  |
> | 978-936-0465               C i s c o S y s t e m s   |
> +------------------------------------------------------+
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.5 (MingW32)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iD8DBQFBmPeFRY7FIcE+ivwRAnXHAJsE3YC0nmR+L/vGq03p1pX0afXgaACg5dCz
> jnFMTW2ILvSFY9SGl2HyKc0=
> =UEtt
> -----END PGP SIGNATURE-----
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>
>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html



===========================================================

De informatie opgenomen in dit bericht kan vertrouwelijk zijn en is alleen bestemd voor de geadresseerde. Indien u dit bericht onterecht ontvangt, wordt u verzocht de inhoud niet te gebruiken en de afzender direct te informeren door het bericht te retourneren. Hoewel Orange maatregelen heeft genomen om virussen in deze email of attachments te voorkomen, dient u ook zelf na te gaan of virussen aanwezig zijn aangezien Orange niet aansprakelijk is voor computervirussen die veroorzaakt zijn door deze email.

The information contained in this message may be confidential and is intended to be only for the addressee. Should you receive this message unintentionally, please do not use the contents herein and notify the sender immediately by return e-mail. Although Orange has taken steps to ensure that this email and attachments are free from any virus, you do need to verify the possibility of their existence as Orange can take no responsibility for any computer virus which might be transferred by way of this email.

===========================================================


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ