Full Disclosure (fulldisclosure) Mailing List

Re: Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution

Fri, 25 Jul 2008 03:16:00 +0100

Posted by Jan Min on Jul 25

2008/7/25 Robert Buchholz <rbu_at_gentoo.org>:
> On Friday 18 July 2008, Jan Minář wrote:
> ...
>> 3. Vulnerability
>>
>> During the build process, a temporary file with a predictable name is
>> created in the ``/tmp'' directory. This code is run...

Re: Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution

Fri, 25 Jul 2008 03:17:08 +0200

Posted by Robert Buchholz on Jul 25

On Friday 18 July 2008, Jan Mináø wrote:
...
> 3. Vulnerability
>
> During the build process, a temporary file with a predictable name is
> created in the ``/tmp'' directory. This code is run when Vim is
> being build with Python support:
>
> src/configure.in:
>
...

Re: Pen Test forums?

Fri, 25 Jul 2008 09:05:54 +1000

Posted by Ivan . on Jul 25

pen-test_at_securityfocus.com

subscribe at securityfocus.com

cheers
Ivan

On Fri, Jul 25, 2008 at 8:51 AM, blah <blah_at_blakogre.com> wrote:
> Looking for some active pen-test forums to bounce scenarios around,
> with a good amount of traffic and solid members. does it...

Pen Test forums?

Thu, 24 Jul 2008 15:51:47 -0700

Posted by blah on Jul 24

Looking for some active pen-test forums to bounce scenarios around,
with a good amount of traffic and solid members. does it exist?
googling didn't turn up much.

thanks

Re: DNS spoofing issue. Thoughts on potential exploits

Thu, 24 Jul 2008 22:06:30 +0000

Posted by list-fulldisclosure_at_pwns.ms on Jul 24

> What is always required is a machine where the user has the ability to write
> packets to the network with any IP. This usually means super user access.
> It is difficult in most cases to send udp packets with forged IP since
> routers will not accept them. That is why it is...

Kaminsky corroborates the DNS vuln. discovered and published by Flake

Fri, 25 Jul 2008 00:43:17 +0400

Posted by Kristo pher on Jul 25

In a webcast today, security researcher Dan Kaminsky corroborated the discovery made and published by Halvar Flake [1] . Kudos to Halvar for envisaging such a critical vulnerability and for his subsequent publication which made the Interwebs a much safer place. Other researchers should get their...

Re: DNS spoofing issue. Thoughts on potential exploits

Thu, 24 Jul 2008 23:41:45 +0300

Posted by Troy Xyz on Jul 24

I am now posting some analysis I wrote on the subject right after my last
post.
Since the exploits are now available too, this should primarily be helpful
to the good guys.
I wrote this without full details of the exploit, but it shoud all be
pertinent nonetheless.
It might help in some...

Re: SPAM from Tobesecurity.com

Thu, 24 Jul 2008 12:08:38 -0500

Posted by Robert Holgstad on Jul 24

and by telling us about this insignificant event aren't you spamming for
them?

On Thu, Jul 24, 2008 at 11:55 AM, Arturo 'Buanzo' Busleiman <
buanzo_at_buanzo.com.ar> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
>
> Hi people, just to let other...

Re: ladies

Thu, 24 Jul 2008 12:58:07 -0400

Posted by Dale Harris on Jul 24

A self fulfilled prophecy it sound like to me.

On Thu, Jul 24, 2008 at 6:51 AM, Professor Micheal Chatner
<mchatner_at_gmail.com> wrote:
> Stop wasting your time and use your skills to bring chaos and
> devastation to an already useless community of the mentally defected
>...

SPAM from Tobesecurity.com

Thu, 24 Jul 2008 13:55:07 -0300

Posted by Arturo Buanzo Busleiman on Jul 24

Hi people, just to let other forum/blog/wiki admins out there that some people from tobesecurity.com
is spamming.

http://foros.buanzo.com.ar/viewtopic.php?p=2118#p2118
http://foros.buanzo.com.ar/viewtopic.php?f=20&t=520

I own a forum with .com.ar domain, and I got spam from an individual...

Re: Comments on: DNS exploit code is in the wild

Thu, 24 Jul 2008 12:56:24 -0400

Posted by Valdis.Kletnieks_at_vt.edu on Jul 24

On Thu, 24 Jul 2008 16:17:08 BST, n3td3v said:

> This whole HD Moore savior of info sec thing has gone on long enough,
> its time to see him for what he is and get him slammed up in jail
> along with his counterpart |)ruid.

I'll point out that you happen to live in the country that...

Re: Comments on: DNS exploit code is in the wild

Thu, 24 Jul 2008 10:44:05 -0500

Posted by MadHat Unspecific on Jul 24

n3td3v wrote:
> On Thu, Jul 24, 2008 at 3:43 PM, MadHat Unspecific
> <madhat_at_unspecific.com> wrote:
>> Technically |)ruid of CAU released the code. HD was just listed as
>> co-author and it was released on the CAU website as a CAU exploit. As far
>> as...

Re: Comments on: DNS exploit code is in the wild

Thu, 24 Jul 2008 16:17:08 +0100

Posted by n3td3v on Jul 24

On Thu, Jul 24, 2008 at 3:43 PM, MadHat Unspecific
<madhat_at_unspecific.com> wrote:
>
> Technically |)ruid of CAU released the code. HD was just listed as
> co-author and it was released on the CAU website as a CAU exploit. As far
> as you know HD didn't tell |)ruid...

Signs of compromised DNS?

Thu, 24 Jul 2008 08:41:55 -0600

Posted by James Lay on Jul 24

Anyone have any idea what signs would be if a DNS server is compromised?
Been seeing:

08:39:28 homebox named[27]: client *.*.143.11#10053: query (cache)
'gmail.com/ANY/IN' denied
08:40:30 homebox named[27]: client *.*143.11#10053: query (cache)
'hotmail.com/ANY/IN' denied

Coming in to my...

Re: Comments on: DNS exploit code is in the wild

Thu, 24 Jul 2008 14:27:15 +0000

Posted by Ray P on Jul 24

Holding back would be security through obscurity now that the details are available. I've gotten three emails today from security lists with different exploit code in them.

Ray

> Date: Thu, 24 Jul 2008 15:21:01 +0100
> From: xploitable_at_gmail.com
> To:...