leaking?

["Felipe Angoitia" <fangoitia () pandasoftware es>]

Hi abhilash verma and the rest...
Why do you include this in your mails? tracking full-disclosure readers which use html rendering muas?
 
<A target="_blank" HREF="  <http://clients.rediff.com/signature/track_sig.asp> 
http://clients.rediff.com/signature/track_sig.asp";><IMG SRC=" 
http://ads.rediff.com/RealMedia/ads/adstream_nx.cgi/www.rediffmail.com/inbox.htm@Bottom"; BORDER=0 VSPACE=0 HSPACE=0></a>
 
please explain us...

-----Mensaje original-----
De: full-disclosure-admin () lists netsys com [mailto:full-disclosure-admin () lists netsys com]En nombre de abhilash 
verma
Enviado el: miércoles, 12 de mayo de 2004 6:34
Para: full-disclosure () lists netsys com
Asunto: [Full-Disclosure] Re: Advisory 04/2004: Net(Free)BSD Systrace local root vulnerability




Brad,

Can you provide the details and the menu based exploit :) of the two vulnerabilities discovered by you last year.. It 
would be really helpful in doing the security assessments...

Thnx,
Abhilash

On Tue, 11 May 2004 full-disclosure-request () lists netsys com wrote :
> Send Full-Disclosure mailing list submissions to
>      full-disclosure () lists netsys com
>
> To subscribe or unsubscribe via the World Wide Web, visit
>      http://lists.netsys.com/mailman/listinfo/full-disclosure
> or, via email, send a message with subject or body 'help' to
>      full-disclosure-request () lists netsys com
>
> You can reach the person managing the list at
>      full-disclosure-admin () lists netsys com
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of Full-Disclosure digest..."
>
>
> Today's Topics:
>
>    1. Re: Advisory 04/2004: Net(Free)BSD Systrace local root vulnerability (spender () grsecurity net)
>    2. RE: Learn from history? (Steffen Kluge)
>    3. Re: Registry Watcher (Troy Solo)
>    4. Vulnerabilites on a network (Daniele Carlucci)
>    5. Re: Learn from history? (Calum)
>    6. Re: Vulnerabilites on a network (Oliver Kellermann)
>    7. RE: Learn from history? (Jos Osborne)
>    8. Calcuating Loss (Michael Schaefer)
>    9. RE: Calcuating Loss (Jos Osborne)
>  10. Re: msxml3.dll Parsing Error Crashes Internet Explorer Remotely Upon Refresh (3APA3A)
>  11. Re: Calcuating Loss (Harlan Carvey)
>  12. [SECURITY] [DSA 502-1] New exim-tls packages fix buffer overflows (debian-security-announce () lists debian org)
>  13. Re: iDEFENSE: Security Whitepaper on Trusted Computing Platforms (Nico Golde)
>  14. Re: Victory day - Sasser surrenders (Rob Clark)
>  15. Re: Calcuating Loss (Clint Bodungen)
>  16. RE: Calcuating Loss (Jos Osborne)
>  17. Re: Victory day - Sasser surrenders (p00p () instable net)
>  18. info on JRE < 1.4.2_04 vulnerability (Mark W. Webb)
>  19. RE: Victory day - Sasser surrenders (Alerta Redsegura)
>  20. JRE < 1.4.2_04 vulnerability (Dolphsec)
>  21. Re: Calcuating Loss (Harlan Carvey)
>  22. Re: Victory day - Sasser surrenders (Maxime Ducharme)
>  23. PING: Outlook 2003 Spam (http-equiv () excite com)
>  24. JRE < 1.4.2_02 vulnerability (Dolphsec)
>
> --__--__--
>
> Message: 1
> Date: Tue, 11 May 2004 00:26:38 -0400
> To: full-disclosure () lists netsys com
> From: spender () grsecurity net
> Subject: [Full-disclosure] Re: Advisory 04/2004: Net(Free)BSD Systrace local root vulnerability
>
> Just to clarify, this advisory does not involve either of the two
> vulnerabilities that I discovered over a year ago now that still remain
> unpatched.  The one bug is a local root on Linux, NetBSD, FreeBSD,
> OpenBSD, and Mac OS X, and any other OS systrace is ported to in the
> future.  The other bug is a complete bypass of systrace's "security" on
> Linux.
>
> Maybe keep looking Stefan ;)
> If you can find them, I'll release my fulling working MENU-BASED
> exploit.  Actually, I was quite upset at first that someone had killed
> my bug but then I read the advisory closer and realized it was a
> different local root, imagine that ;)  It amazes me that Niels has known
> a local root vulnerability has existed in his code for over a year and
> yet he hasn't even bothered to audit his own code, but instead continues
> to promote it.
>
> http://monkey.org/openbsd/archive/misc/0304/msg01400.html
> "I am looking forward to his local root exploit for systrace."
> Sorry Niels, no such luck today :(
> It was close!
>
> -Brad
>
>
> --__--__--
>
> Message: 2
> From: Steffen Kluge <kluge () fujitsu com au>
> To: full-disclosure () lists netsys com
> Date: Tue, 11 May 2004 17:23:25 +1000
> Subject: RE: [Full-disclosure] Learn from history?
>
>
> ----=_NextPart_ST_17_23_28_Tuesday_May_11_2004_24174
> Content-Type: text/plain
> Content-Transfer-Encoding: quoted-printable
>
> On Tue, 2004-05-11 at 00:50, Michal Zalewski wrote:
> > > R =3D E x p
> > >
> > > R =3D Risk
> > > E =3D event
> > > p =3D probability of the event happening
> > =20
> > If we must toy with bogus marketspeak "equations", shouldn't E - at the
> > very least - numerically correspond to the consequences (loss?) caused by
> > an event, rather than being an event itself?
>
> Of course. Prevalent risk management standards put "impact" in the place
> of "event" (which isn't quantifiable anyway). And they don't use an
> arithmetic product to combine impact and likelihood, but rather a
> matrix, which is not linear but more close to reality.
>
> > Otherwise, my risk R of getting a bar of chocolate from a stranger is
> > 0.001 * getting_chocolate_bar_from_stranger.
>
> Having avoided carbs for quite a while I can't really comment...
>
> Cheers
> Steffen.
>
>
> ----=_NextPart_ST_17_23_28_Tuesday_May_11_2004_24174
> Content-Type: application/pgp-signature; name=signature.asc
> Content-Description: This is a digitally signed message part
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.2 (GNU/Linux)
>
> iD8DBQBAoH9tUmpSA4kzHnARAqKXAJ48SuIz+e3Yy/BOQnpAVBed8WHxugCZAT2n
> RtME3Nyfdy0FEi/2uBxtlnA=
> =h/s6
> -----END PGP SIGNATURE-----
>
> ----=_NextPart_ST_17_23_28_Tuesday_May_11_2004_24174--
>
>
> --__--__--
>
> Message: 3
> Date: Mon, 10 May 2004 23:09:57 -0500
> From: Troy Solo <solo () dok org>
> Organization: DoK Heavy Industries
> To: undisclosed-recipients:;
> Subject: Re: [Full-disclosure] Registry Watcher
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Pardon if list readers feel this application is 'unworthy' but AdAware
> Pro (the pay-for version) has a TSR called AdWatch, that will alert to
> ANY changes in the registry, no matter how trivial.  Any time a registry
> entry is changed or created or deleted, AdWatch will alert you and give
> you the option to Accept or Deny.
>
> The only drawback is that, as far as I know, it is PC-specific.  There
> is no distributed management of registry changes with AdWatch.
>
> You can check out AdAware (and AdWatch) at http://www.lavasoft.de
>
> Sorry if I have mis-read this thread, there has been so much
> signal:noise ratio in here that it's hard to keep up.  Hope I didn't
> waste anyone's time (of course, if you've read this far, I must have
> kept your attention for SOME reason.)
>
> - --
> /**************************/
> /*      Troy Solo        */
> /*    <solo () dok org>    */
> /*  Ignotum per Ignotius  */
> /**************************/
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.4 (MingW32)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iD8DBQFAoFIVmaXTPtvAkS0RAgbCAJ4s4rCSMdaZ+Bms9CgQMbyhGXeQlgCffYLN
> LbAUWB5YLehteB9S2aobVSQ=
> =Gyr/
> -----END PGP SIGNATURE-----
>
>
> --__--__--
>
> Message: 4
> Date: Tue, 11 May 2004 10:25:25 +0200
> From: Daniele Carlucci <danielegiuseppe.carlucci () studenti polito it>
> To: full-disclosure () lists netsys com
> Subject: [Full-disclosure] Vulnerabilites on a network
>
> Hi,
> My name is Daniele.
> I'm a student of Informatic Engineering at Politecnico of Torino in Italy.
> I make a study about the network's security, can you tell me a link
> where I can find an index of the possible lack of a network, for
> example, DDOS, worm, congestion, ecc ecc.
>
> Thanks for your time and for your interest.
>
> Daniele Carlucci
>
>
> --__--__--
>
> Message: 5
> From: Calum <full-disclosure () umtstrial co uk>
> Reply-To: Calum <full-disclosure () umtstrial co uk>
> To: full-disclosure () lists netsys com
> Subject: Re: [Full-disclosure] Learn from history?
> Date: Tue, 11 May 2004 10:21:33 +0100
>
> On Monday 10 May 2004 22:46, Gwendolynn ferch Elydyr wrote:
>
> > ... or you may gain glass splinters or razor blades.  Do -you- trust
> > everything that random strangers give you?
>
> Maybe we should all stay indoors in case we get hit on the head by a meteor,
> or get knocked over by a car.
>
> It's all about judgement, and evaluating risks.
>
> --
>
> Random russian saying: An indispensable thing never has much value.
>
> jabber: jcalum () umtstrial co uk
> pgp: http://gk.umtstrial.co.uk/~calum/keys.php
> Linux 2.6.5-gentoo 10:19:12 up 11 days, 16 min, 1 user, load average: 0.26,
> 0.31, 0.19
>
>
> --__--__--
>
> Message: 6
> From: "Oliver Kellermann" <mail () oliver-kellermann de>
> To: <full-disclosure () lists netsys com>
> Subject: Re: [Full-disclosure] Vulnerabilites on a network
> Date: Tue, 11 May 2004 11:52:36 +0200
>
> Hi!
>
> Try www.google.com. This should usually be the best start for every
> informatics engineering student.
>
> Cheers,
> Oliver
>
> > Hi,
> > My name is Daniele.
> > I'm a student of Informatic Engineering at Politecnico of Torino in Italy.
> > I make a study about the network's security, can you tell me a link
> > where I can find an index of the possible lack of a network, for
> > example, DDOS, worm, congestion, ecc ecc.
> >
> > Thanks for your time and for your interest.
> >
> > Daniele Carlucci
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.netsys.com/full-disclosure-charter.html
>
>
> --__--__--
>
> Message: 7
> Subject: RE: [Full-disclosure] Learn from history?
> Date: Tue, 11 May 2004 11:11:33 +0100
> From: "Jos Osborne" <Jos () meltemi co uk>
> To: "Full-Disclosure" <full-disclosure () lists netsys com>
>
> Michal Zalewski wrote:
>
> > If we must toy with bogus marketspeak "equations", shouldn't E - at the
> > very least - numerically correspond to the consequences (loss?) caused by
> > an event, rather than being an event itself?
> >
> > Otherwise, my risk R of getting a bar of chocolate from a stranger is
> > 0.001 * getting_chocolate_bar_from_stranger.
>
> Or ten times that if you're prepared to give them your administrator password...
>
>
> --__--__--
>
> Message: 8
> Date: Tue, 11 May 2004 08:57:48 -0400
> From: Michael Schaefer <mbs () mistrealm com>
> Reply-To: mbs () mistrealm com
> To: Full-Disclosure <full-disclosure () lists netsys com>
> Subject: [Full-disclosure] Calcuating Loss
>
> Loss?
>
> One of my biggest complaints is the way the industry "loses billions"
> whenever a virus or worm breaks out.
>
> I mean, securing and maintain your server is not a loss. Installing and
> updating your anti virus or IDS package is not a loss. All of these
> things should have been done anyway.
>
> If a server goes off line, I guess you could measure the revenue it may
> have produced as a loss, but technically, that is lack of income, not
> true loss.
>
> If you see someone complaining about all the money they lost doing what
> they should have been doing all along, I just see spin. And politics.
>
> M
>
>
>
>
> > Michal Zalewski wrote:
> >
> >
> >
> > > If we must toy with bogus marketspeak "equations", shouldn't E - at the
> > > very least - numerically correspond to the consequences (loss?) caused by
> > > an event, rather than being an event itself?
>
>
> --__--__--
>
> Message: 9
> Subject: RE: [Full-disclosure] Calcuating Loss
> Date: Tue, 11 May 2004 14:24:31 +0100
> From: "Jos Osborne" <Jos () meltemi co uk>
> To: "Full-Disclosure" <full-disclosure () lists netsys com>
>
> > If you see someone complaining about all the money they lost doing what
> > they should have been doing all along, I just see spin. And politics.
> >
> > M
>
> Especially when it's an AV vendor saying "Look, the IT business lost $2.8 gazillion due to their being hit by this 
> worm. If only they'd protected their systems with a reliable anti-virus product we'd all be that much richer. Oh, by 
> the way, wanna buy a reliable anti-virus package...?"
>
> 90%  Self-serving hype
> 9%  Overblown fear
> 0.9% "Statistical maths"
> 0.1% Reality
>
>
> --__--__--
>
> Message: 10
> Date: Tue, 11 May 2004 17:29:44 +0400
> From: 3APA3A <3APA3A () SECURITY NNOV RU>
> Reply-To: 3APA3A <3APA3A () SECURITY NNOV RU>
> Organization: http://www.security.nnov.ru
> To: "Rafel Ivgi, The-Insider" <theinsider () 012 net il>
> Cc: "bugtraq" <bugtraq () securityfocus com>, full-disclosure () lists netsys com
> Subject: Re: [Full-disclosure] msxml3.dll Parsing Error Crashes Internet Explorer Remotely Upon Refresh
>
> Dear Rafel Ivgi, The-Insider,
>
> No crash on 6.0.2800.
>
> --Monday, May 10, 2004, 10:27:40 PM, you wrote to bugtraq () securityfocus com:
>
> RITI> msxml3.dll crashes after refreshing a page which contains & inside a
> RITI> link/value
> RITI> For Example : <Ref href = "&"/>
> RITI> This is due to a parsing error in msxml3.dll.
>
> RITI> Version Details:
> RITI> ---------------------
> RITI> I.E Version: 6.0.2600.0
> RITI> ModVer: 8.10.8308.0
> RITI> Module name: msxml3.dll
> RITI> Offset: 000b8c10
>
> RITI> Stack Dump:
> RITI> -----------------
> RITI> EAX=01CEE800
> RITI> EDI=01D02580
> RITI> EBX=00000000
> RITI> EBP=02C3F3E4
> RITI> ECX=00000000
> RITI> ESP=02C3FC74
> RITI> EDX=02D91364
> RITI> EIP=02E18C10
> RITI> ESI=00000000
> RITI> DS:00000004    GS:0000    ES:0023    SS:0023    CS:001B
>
> RITI> Live Example:
> RITI> http://theinsider.deep-ice.com/xmlcrash.xml
> RITI> AND REFRESH...
>
> RITI> _______________________________________________
> RITI> Full-Disclosure - We believe in it.
> RITI> Charter: http://lists.netsys.com/full-disclosure-charter.html
>
>
> --
> ~/ZARAZA
> Îñîáóþ ïðîáëåìó ñîñòàâë




 <http://clients.rediff.com/signature/track_sig.asp>