Full Disclosure mailing list archives
[Full-Disclosure] Re: Full-disclosure digest, Vol 1 #1747 - 32 msgs
From: philipp.freiberger () brodos de
Date: 05 Jul 2004 15:33:05 UT
und mir fällt dazu auch nur google ein... sorry... aber sobald es an "bunte" sachen geht hab ich kein plan mehr... mfg Philipp ps: ich hab mich am So. den ganzen tag mit meinem X geprügelt damit es das macht was es soll - da kommt man sich vor als hätte man noch nie Linux gesehen... :) -------- Original Message -------- Subject: Full-disclosure digest, Vol 1 #1747 - 32 msgs (05-Jul-2004 16:48) From: full-disclosure-request () lists netsys com To: philipp.freiberger () brodos de
Send Full-Disclosure mailing list submissions to full-disclosure () lists netsys com To subscribe or unsubscribe via the World Wide Web, visit http://lists.netsys.com/mailman/listinfo/full-disclosure or, via email, send a message with subject or body 'help' to full-disclosure-request () lists netsys com You can reach the person managing the list at full-disclosure-admin () lists netsys com When replying, please edit your Subject line so it is more specific than "Re: Contents of Full-Disclosure digest..." Today's Topics: 1. Re: Public Review of OIS Security Vulnerability Reporting and Response Guidelines (dave) 2. Re:Bugtraq Security Systems (bitlance winter) 3. RE: The "Drew Copley is a prick" Poll update [Time to Grow Up] (Mortis) 4. Gmail Information Disclosure Vulnerability (amforward () mailsurf com) 5. Re: Public Review of OIS Security Vulnerability Reporting and ResponseGuidelines (Fred Mobach) 6. [ GLSA 200407-03 ] Apache 2: Remote denial of service attack (Thierry Carrez) 7. [ GLSA 200407-04 ] Pure-FTPd: Potential DoS when maximum connections is reached (Thierry Carrez) 8. Re: Web sites compromised by IIS attack (Jason Coombs) 9. Re: Gmail Information Disclosure Vulnerability (System Outage) 10. Re: Re:Bugtraq Security Systems (System Outage) 11. Re:Bugtraq Security Systems (Boggles) 12. RE: IE Web Browser: "Sitting Duck" (joe) 13. Re: Gmail Information Disclosure Vulnerability (D.J. Capelis) 14. RE: [Dailydave] Re: [Full-Disclosure] Public Review of OIS Security Vulnerability Reporting and Response Guidelines (Steve W. Manzuik) 15. Re: Gmail Information Disclosure Vulnerability (amforward@mailsurf. com) 16. Re: Gmail Information Disclosure Vulnerability (Rudolf Polzer) 17. XSS in 12Planet Chat Server 2.9 (Donato Ferrante) 18. Re: HP urges users to erase Netscape to avoid security problems (Szilveszter Adam) 19. Huge amounts of Citipank phishing spam seen this weekend. (Feher Tamas) 20. CYBSEC - Security Advisory: Denial of Service in IBM WebSphere Edge Server (Leandro Meiners) 21. Unreal ircd 3.2 clocking subsystem vulnerability (bartavelle) 22. Re: [FD] VERY HIGH VULNERABILITY DISCLOSURE !!! MASS ROOT POSSIBLE !!! PLEASE BE ATTENTIVE !!! (Thomas Binder) 23. Re: Public Review of OIS Security Vulnerability Reporting and Response Guidelines (Georgi Guninski) 24. Re: Huge amounts of Citipank phishing spam seen this weekend. (Duncan Hill) 25. Re: Gmail Information Disclosure Vulnerability (System Outage) 26. RE: Gmail Information Disclosure Vulnerability (Mark Laurence) --__--__-- Message: 1 Date: Sun, 04 Jul 2004 13:18:35 -0400 From: dave <dave () immunitysec com> To: OIS <announcements () oisafety org> CC: bugtraq () securityfocus com, NTBUGTRAQ () LISTSERV NTBUGTRAQ COM, full-disclosure () lists netsys com Subject: Re: [Full-disclosure] Public Review of OIS Security Vulnerability Reporting and Response Guidelines Nobody trusts the OIS or its motives. I imagine this is similar to the feedback you've gotten from everyone else as well, but Immunity has no plans to subscribe to your guidelines, and is going to oppose any efforts you make to legislate those guidelines as law. In section 1.1 the draft proposes that the purpose of the OIS's model is to protect systems from vulnerabilities. This is fairly obviously untrue - the purpose of the OIS is to lobby towards a business model for Microsoft and the other OIS members that involves the removal of non-compliant security researchers. This call for feedback is a thinly disguised attempt to get public legitimacy and allow the OIS to claim it has community backing, which it clearly does not. It's rare, but there are still security companies and individuals who do not owe their entire business to money from Microsoft. It's July 4th. and some of us are Americans who understand the concept of independance. Dave Aitel Immunity, Inc. OIS wrote:-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Organization for Internet Safety (OIS) extends an invitation to the readers of the BugTraq, NTBugtraq, and Full-Disclosure mailing lists to participate in the ongoing public review of the OIS Security Vulnerability Reporting and Response Guidelines. The OIS reviews the Guidelines annually to ensure that they remain useful and relevant to the security community and, most importantly, to the millions of computer users who are the ultimate beneficiaries of effective computer security practices. Over the past year, OIS has received feedback from many adopters of the Guidelines as well as from several public-private partnerships, and have incorporated much of this feedback into an interim version that is available at http://www.oisafety.org/review/draft-1.5.pdf. We recommend reviewing the interim version, but reviewers are welcome to provide feedback on the original version at http://www.oisafety.org/reference/process.pdf if they would like. For more information on the public review, please visit http://www.oisafety.org/review-1.5.html. The closing date for the review has been extended until 16 July 2004. We look forward to your feedback. Regards, The Organization for Internet Safety www.oisafety.org -----BEGIN PGP SIGNATURE----- Version: PGP 8.0.3 iQA/AwUBQOWQgbF9hclyvjnOEQIhmACfYlaHX2NnJbHUCaCYfMHO4tkGDh0AoMzz KWNTvxgQVKXiC1OU9CR/rXYF =4mT/ -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html--__--__-- Message: 2 From: "bitlance winter" <bitlance_3 () hotmail com> To: full-disclosure () lists netsys com Date: Sun, 04 Jul 2004 17:36:50 +0000 Subject: [Full-disclosure] Re:Bugtraq Security Systems Who are YOU,Bugtraq Security Systems? Are YOU foo,bar.foobar? ;) YOU say LOVE,OK. [blockquote] "With burning brain and heart of hate, I sought my wronger, early, late, And all the wretched night and day My dream and thought was slay, and slay. My better self rose uppermost, The beast within my bosom lost Itself in love; peace from afar Shone o'er me radiant like a star. I Slew my wronger with a deed, A deed of love; I made him bleed With kindness, and I filled for years His soul with tenderness and tears." Let those who aim at the right life, who believe that they love Truth, cease to passionately oppose themselves to others, and let them strive to calmly and wisely understand them, and in thus acting toward others they will be conquering themselves; and while sympathizing with others, their own souls will be fed with the heavenly dews of kindness, and their hearts be strengthened and refreshed in the Pleasant Pastures of Peace. [/blockauote] Best Regards. -- bitlance winter. _________________________________________________________________ Is your PC infected? Get a FREE online computer virus scan from McAfeer Security. http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963 --__--__-- Message: 3 Date: Sun, 04 Jul 2004 14:17:07 -0400 To: full-disclosure () lists netsys com From: Mortis <m0rtis () adelphia net> Subject: RE: [Full-disclosure] The "Drew Copley is a prick" Poll update [Time to Grow Up] I told you that would be more fun than fishing with dynamite. Plenty of fresh worms for a hungry turkey. Sort your mail box and go to town. -- Libel-libel, Dan eel http://full-disclosure.50megs.com/ --__--__-- Message: 4 Date: Sun, 4 Jul 2004 19:10:44 +0000 From: amforward () mailsurf com To: full-disclosure () lists netsys com Subject: [Full-disclosure] Gmail Information Disclosure Vulnerability This message is in MIME format. ---MOQ1088968244aa66ff8657f08d3292ceb7b3ae771de7 Brief -------------- While I was playing with Gmail, I found a bug that may disclose information about the users currently attempting to register a new Gmail account. This seems to be a vulnerability with low severity (at least until now). CheckAvailability Script -------------- In the registration page, the "Check Availability" button queries a certain script, namely /accounts/CheckAvailability. The script takes the desired username, and checks if it is available. If it is not available, it suggests other usernames by contactenating, for example, your last name to it. The Problem -------------- There seems to be a thread-safety problem with CheckAvailability script. When the script is under heavy stress, it may return answers to queries that are not yours, revealing others' desired usernames, and first and last names.(see attached screen shot) Reproduction -------------- To reproduce it, you should: AND a. Have a valid Gmail invitation b. Frequently Invoke CheckAvailability by ~ OR ~ 1. Creating a tool that automates the script invocation. ~ 2. Having the patience and keep clicking the button frequently (this works too!). I have not yet carefully studied the script, but I think it might not be a problem with this script only, but others as well. Your thoughts are appreciated. Regards, Ahmed Motaz ------------------------------------------------------ Mailsurf.com your communication portal for SMS, Email, Fax, E-Cards and more. www.mailsurf.com ---MOQ1088968244aa66ff8657f08d3292ceb7b3ae771de7 Gmail service is in Beta. You have no credibility posting this advisory. = The correct channel to post such "bugs" is the Gmail contact link for "bu= g reports".=20 =20 If you weren't a script kiddie or scene whore, you would have known to ho= ld information until such a time that Gmail became a public service. =20 Then and only then would anyone take this advisory seriously! =20 You obviously have no understanding of the "Beta" state of a development.= The fact that a team of developers are in the state of "Beta" means that= the developers are fully aware the service may not be entirely secure an= d they wish feedback via Google's own beta "bug report" channels. =20 All in all, this is a "beta bug report" and nothing else. If you had wai= ted until the Gmail dev team declared gmail a public release, you would h= ave gained more respect in the security community scene. =20 Cheerio =20 =20 =09 --------------------------------- Do you Yahoo!? Yahoo! Mail - 50x more storage than other providers! --0-509345037-1088977213=3D:9720 A name like "Bugtraq Security Systems" Sounds like a typical name a scrip= t kiddie group or scene whore group would use to try and gain an easy nam= e within the scene. They (Bugtraq Security Systems) obviously thought... Hey.. "if we whore = a high profile name and make our website look professional, people will b= uy it and think we're elite".=20 Lol, if you had any cred in the security community scene, you just lost i= t by mentioning the key words "Defcon" and "Drew Copley is a prick" refer= ences. All you are making yourself out to be is a jealous scene whore who wishes= they had the 0-day exclusives that Eyee Security obtain and you wish you= were as good as they are.=20 You have no right to come on a high profile security mailing list with su= ch childish remarks towards a highly respected Security Group as Eyee. Go= find some "elite" zero day and come back when you manage to gain as much= respect as Eyee Security has within the security community scene. Cheerio __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around=20 http://mail.yahoo.com=20 --0-281874980-1088978667=3D:60119 The following advisory is also available in pdf for download at http://www.cybsec.com/vuln/IBM-WebSphere-Edge-Server-DOS.pdf CYBSEC S.A. www.cybsec.com Advisory Name: Denial of Service in WebSphere Edge Server. Vulnerability Class: Denial of Service Release Date: June 2nd 2004 Affected Applications: =20 * WebSphere Edge Components Caching Proxy 5.02 using JunctionRewrite with UseCookiedirective.=20 Not Affected Applications:=20 * WebSphere Edge Components Caching Proxy 5.02 NOT using JunctionRewrite with UseCookie directive. =20 * WebSphere Edge Components Caching Proxy 5.00 Affected Platforms:=20 * SUSE SLES 8=20 * SUSE SLES 8 Service Pack 1=20 * SUSE SLES 8 Service Pack 3=20 * SUSE SLES 8 Service Pack 3=20 * Apparently all platforms running WebSphere Edge Server Local / Remote: Remote Severity: High Author: Leandro Meiners. Vendor Status:=20 * Fix included in WebSphere Application Server 5.0.3 (to be released)=20 * Patch available from IBM for clients with Support Level 2 or 3 Reference to Vulnerability Disclosure Policy:=20 http://www.cybsec.com/vulnerability_policy.pdf Overview: WebSphere Edge Component Caching Proxy, part of WebSphere Application Sever, is a reverse proxy designed to reduce bandwidth use and improve a Web site's speed and reliability by providing a point-of-presence node for one or more back-end content servers. It is built to work with content provided by one or more backend WebSphere Application Servers. Vulnerability Description: The vulnerability discovered allows a remote attacker to generate a denial of service condition against the WebSphere Edge Component Caching Proxy.=20 If the reverse proxy is configured with the JunctionRewrite directive being active, a remote attacker can trivially cause a denial of service by executing the GET HTTP method without parameters. Exploit: $ echo =B4GET=A1 | nc <victim_host_ip> <proxy_port> Solutions: If JunctionRewrite is unnecessary, disabling it will suffice to prevent the Denial of Service. Also if the option UseCookie in the JunctionRewrite directive is unnecessary disabling it will suffice to prevent the Denial of Service. Vendor Response: IBM opened a case regarding the vulnerability and provided a patch within 2 weeks of the initial contact. Contact Information: For more information regarding the vulnerability feel free to contact the author at lmeiners () cybsec com. For more information regarding CYBSEC: www.cybsec.com ---------------------------- Leandro Meiners CYBSEC S.A. Security Systems E-mail: lmeiners () cybsec com Tel/Fax: [54-11] 4382-1600 Web: http://www.cybsec.com --=-KxxekzTaBeyTiwzQ+aFI If it's not about respect then what is it about?=20 =20 You have no respect for the Gmail Team, that's for sure. =20 I guess this list isn't about respect... =20 It's about kiddies posting advisories and exploits for fun and little car= e for the vendor(s). =20 =20 Cheerio =20 amforward () mailsurf com wrote: System Outage wrote: |The correct channel to post such "bugs" is the Gmail contact link for "b= ug=20 |reports".=20 I have already contacted Gmail about 10 days ago, but I have not received= any=20 replies till this moment. |If you had waited until the Gmail dev team declared gmail a public relea= se,=20 |you would have gained more respect in the security community scene. I don't think this is about respect afterall. Regards, Ahmed Motaz ------------------------------------------------------ Mailsurf.com your communication portal for SMS, Email, Fax, E-Cards and more. www.mailsurf.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html =09 --------------------------------- Do you Yahoo!? Yahoo! Mail - Helps protect you from nasty viruses. --0-223874168-1089035202=3D:27338 "You have no respect for the Gmail Team, that's for sure." Why would he? Respect is earned not given for free. =20 "It's about kiddies posting advisories and exploits for fun and little ca= re for the vendor(s)." No the reason they are generally supposed to be posted AFAIK is so that t= he secuirty concious user is aware and can take steps to prevent them from being exploited. Granted reasonable steps should be taken to contact the vendor, if they dont respond then what can one do? =20 Thanks Mark =20 _____ =20 From: full-disclosure-admin () lists netsys com [mailto:full-disclosure-admin () lists netsys com] On Behalf Of System Outag= e Sent: 05 July 2004 14:47 To: full-disclosure () lists netsys com Subject: Re: [Full-disclosure] Gmail Information Disclosure Vulnerability If it's not about respect then what is it about?=20 =20 =20 =20 I guess this list isn't about respect... =20 It's about kiddies posting advisories and exploits for fun and little car= e for the vendor(s). =20 =20 Cheerio =20 amforward () mailsurf com wrote: System Outage wrote: |The correct channel to post such "bugs" is the Gmail contact link for "b= ug=20 |reports".=20 I have already contacted Gmail about 10 days ago, but I have not received any=20 replies till this moment. |If you had waited until the Gmail dev team declared gmail a public relea= se, |you would have gained more respect in the security community scene. I don't think this is about respect afterall. Regards, Ahmed Motaz ------------------------------------------------------ Mailsurf.com your communication portal for SMS, Email, Fax, E-Cards and more. www.mailsurf.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html _____ =20 Do you Yahoo!? HYPERLINK "http://us.rd.yahoo.com/mail_us/taglines/virus/*http://promotions.yahoo.c= om/ new_mail/static/protection.html"Yahoo! Mail - Helps protect you from nast= y viruses. --- Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.656 / Virus Database: 421 - Release Date: 09/04/2004 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.656 / Virus Database: 421 - Release Date: 09/04/2004 =20 ------=3D_NextPart_000_021E_01C462A2.A05CB230
To: full-disclosure-request () lists netsys com full-disclosure () lists netsys com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- [Full-Disclosure] Re: Full-disclosure digest, Vol 1 #1747 - 32 msgs philipp . freiberger (Jul 05)