Full Disclosure mailing list archives
I know gadi personally
From: "Juan Fernandez" <juanbabi () gmail com>
Date: Sun, 23 Sep 2007 00:14:42 -0300
I know who is gadi, we took a cissp course in tel aviv israel, he is a fat and ugly guy that thinks that he knows about security and he is the one that invented it ! everyone hated gadi in the course he is the kind of guy that dont have friends.cause he thinks that he is sooo smart !!! but the truth is that he didnt made a single pen test in his entire life !! yes gadi its me Juan, the guy that passed the cissp exam when you even didnt has the bolls to come to the exam ! On 9/22/07, full-disclosure-request () lists grok org uk < full-disclosure-request () lists grok org uk> wrote:
Send Full-Disclosure mailing list submissions to full-disclosure () lists grok org uk To subscribe or unsubscribe via the World Wide Web, visit https://lists.grok.org.uk/mailman/listinfo/full-disclosure or, via email, send a message with subject or body 'help' to full-disclosure-request () lists grok org uk You can reach the person managing the list at full-disclosure-owner () lists grok org uk When replying, please edit your Subject line so it is more specific than "Re: Contents of Full-Disclosure digest..." Note to digest recipients - when replying to digest posts, please trim your post appropriately. Thank you. Today's Topics: 1. Gadi Evron strikes again (worried security) 2. EEYE: Multiple Vulnerabilities in CA ARCserve for Laptops & Desktops (eEye Advisories) 3. Re: Gadi Evron strikes again (Richard Golodner) 4. Re: Gadi Evron strikes again (gjgowey () tmo blackberry net) 5. Re: [Dailydave] Hacking software is lame -- try medical research... (Dave Korn) 6. Re: [Dailydave] Hacking software is lame -- try medical research... (Jimby Sharp) 7. Re: [Dailydave] Hacking software is lame -- try medical research... (Kristian Erik Hermansen) 8. Re: [Dailydave] Hacking software is lame -- try medical research... (Jimby Sharp) 9. Re: [Dailydave] Hacking software is lame -- try medical research... (Jimby Sharp) 10. Re: [Dailydave] Hacking software is lame -- try medical research... (Leif Ericksen) 11. Re: [Dailydave] Hacking software is lame -- try medical research... (Fabrizio) 12. Re: Security contact in at&t (Randal T. Rioux) 13. Greek Web Election System Sucks - Remote File Inclusion? (George Papandreou) 14. Re: 0day: PDF pwns Windows (silky) 15. Re: Greek Web Election System Sucks - Remote File Inclusion? (Slythers Bro) 16. Re: Keep Gadi Evron off Bugtraq (worried security) ---------------------------------------------------------------------- Message: 1 Date: Sat, 22 Sep 2007 14:10:49 +0100 From: "worried security" <worriedsecurity () googlemail com> Subject: [Full-disclosure] Gadi Evron strikes again To: full-disclosure () lists grok org uk Message-ID: <67ea64530709220610n1070c845ub4c9b5c546025bce () mail gmail com> Content-Type: text/plain; charset="iso-8859-1" Who seen Gadi Evron on the mailing lists trolling about what a 0day is and what a 0day isn't, in the middle of a serious disclosure about a PDF flaw? Hilarious. Well, just incase you missed it, here it is again... http://seclists.org/bugtraq/2007/Sep/0229.html And this guy wants to be a high profile guy at the forefront of information security discussion? lolzers. Script kiddos unite behind the big man Evron. He leads, where the rest of us follow. And he comes on the lists complaining people are mimicing his e-mail addresses and calling him a dick. *I wonder why?* Its funny, he strongly keeps an eye on Funsec mailing list and keeps everyone in check,Yet, he has a total disregard for "quality control" else where, especially on Bugtraq!!!!!!!! My question is "Who is Gadi Evron?". This guy you would think would add something special to a discussion, but he doesn't, and you know what I know his excuse is? He is keeping his knowledge secret so bad guys can't learn from his knowledge. lolzers Gadi Evron. The truth is, Gadi just wants to make sure his name and e-mail address is in every major flaw disclosure, no matter how lame the comment is, just as long as his name and e-mail is in high profile disclosures, then Gadi Evron can sleep at night. Thanks Gadi!!! My hero. Bugtraq is moderated for a reason, so Bugtraq moderators, start moderating it!!! Symantec arsewipes. Securityfocus, no really, why are you allowing Gadi Evron troll on such a high profile respected moderated list? Gadi's comment mentioned above was a true breach of the rules, so start moderating his comments more in future. Leave the trolling for F-D Gadi, Bugtraq readers don't want to see your shit in future, and Bugtraq moderators, actually read what Gadi Evron is posting in future, instead of just reading the name and sender and approving the message without actually reading the body. *Oh its Gadi, its automatically approved* Lets look at Bugtraq's description: "BugTraq is a full disclosure moderated mailing list for the *detailed* discussion and announcement of computer security vulnerabilities: what they are, how to exploit them, and how to fix them. " http://www.securityfocus.com/archive/1/description#0.1.1 lolzers, Bugtraq moderators don't read thier own shit or inforce it! Someone snip a bit of that description that gives Gadi right of way to troll on Bugtraq in the middle of serious flaw disclosures!!!!! Gadi, seriously f**king learn about the stuff you read , so you can actually input into the threads and help with the topic infront of you, instead of random off-topic messages about what defines a 0-day and what doesn't. Why didn't you start your own thread on Bugtraq about "what is a 0-day?", because they wouldn't let you!!!! Instead you sneak your shit into high profile threads, to get a name for yourself. Your conversation, as always Gadi, is best suited for Full-Disclosure or security-basics, so get the f*** off Bugtraq you idiot. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20070922/6aeaba2a/attachment-0001.html ------------------------------ Message: 2 Date: Fri, 21 Sep 2007 12:57:07 -0700 From: "eEye Advisories" <eEyeAdvisories () eeye com> Subject: [Full-disclosure] EEYE: Multiple Vulnerabilities in CA ARCserve for Laptops & Desktops To: <Full-Disclosure () lists grok org uk> Message-ID: < D52FCFAE57472647956CBAEDC08DA5530183641F () av-mail01 corp int-eeye com> Content-Type: text/plain; charset="us-ascii" Multiple Vulnerabilities in CA ARCserve for Laptops & Desktops Release Date: September 20, 2007 Date Reported: June 5, 2007 Severity: High (Remote Code Execution) Vendor: Computer Associates (CA) Systems Affected: CA ARCserve Backup for Laptops and Desktops r11.5 CA ARCserve Backup for Laptops and Desktops r11.1 SP2 CA ARCserve Backup for Laptops and Desktops r11.1 SP1 CA ARCserve Backup for Laptops and Desktops r11.1 CA ARCserve Backup for Laptops and Desktops r11.0 CA ARCserve Backup for Laptops and Desktops r4.0 CA Desktop Management Suite 11.2 CA Desktop Management Suite 11.1 CA Desktop Management Suite 11.0 CA Protection Suites r2 Overview: eEye Digital Security has discovered multiple vulnerabilities within CA ARCserve for Laptops & Desktops (L&D), an enterprise-level backup software suite designed for workstations. The vulnerabilities can be utilized by an attacker to execute arbitrary code on a remote system anonymously over TCP/1900. Technical Details: ARCserve L&D uses TCP/1900 as its "RPC" interface to manage ARCserve L&D servers. An example of sample benign traffic follows: 0000000027rxrLogin~~administrator --------------------------------------------- Field 1: 10-digit base10 command length field ("0000000027") Field 2: RPC command ("rxrLogin") Field 3: Constant Argument Delimiter ("~~") Field 4: Argument ("administrator") Vulnerability #1: Authentication Username Overflow A stack-based buffer overflow exists within the authentication portion of rxRPC.dll which is accessible via TCP/1900. A sample legitimate authentication packet resembles the following: 0000000013rxrLogin~~administrator The single argument ("administrator") is copied into a buffer size of 0x1AC on the stack using wsprintfW, however no string length checks are performed. By sending an overly long username as part of the first authentication request, an exploitable condition is reached. Vulnerability 2: Authentication Password Overflow Another stack-based buffer overflow exists within the authentication portion of rxRPC.dll which is accessible via TCP/1900. A sample legitimate authentication request with a password resembles the following: 1: 0000000030rxrLogin~~administrator~~0000200 2: MyPasswordIs1234 The second argument of the first rxrLogin request defines the length of the password that will be sent in the following request. Although this does verify that the length of the password string in the second request is the correct length, there is no bounds checking on the potential length of a password. If a long password length is specified, along with a long password delivered in the second request, the long password will overflow a stack-based buffer used for the destination of the password string, causing an exploitable condition. Vulnerability #3: Authentication Password Integer Overflow Another stack-based overflow exists within the authentication portion of rxRPC.dll which is accessible via TCP/1900. A sample legitimate authentication request with a useless password resembles the following: 1: 0000000030rxrLogin~~administrator~~18 2: 000000000000000000 The encrypted password is virtually useless as a password. However, surprisingly, it does offer access to an exploitable condition: .text: 00231F24 mov cl, [esi+8] .text: 00231F27 and ecx, 0x0F .text: 00231F2A add esp, 8 .text: 00231F2D dec ecx ; XXXX Integer Overflow If ECX = 0 .text: 00231F2E mov [esp+0x7C+var_6C], eax .text: 00231F32 mov dwPasswordCopyLength, ecx .text: 00231F38 mov eax, ecx .text: 00231F3A lea esi, [esp+0x7C+var_6C] .text: 00231F3E mov edi, ebx .text: 00231F40 shr ecx, 2 .text: 00231F43 rep movs ; XXXX EXCEPTION: HITS PAGE BOUNDARY XXXX The data in the source buffer contains a lot of uncontrollable data. However, a copy of the username also exists within the source buffer, so this can be utilized to overwrite the exception handler if a long username is specified in the original packet. Vulnerability #4: Arbitrary File Upload An arbitrary file upload vulnerability exists within unauthenticated communication with rxRPC.dll, accessible via TCP/1900. A sample file upload request resembles the following: 1: 0000000056rxrReceiveFileFromServer~~8~~test1234.txt~~4~~3675727989 2: 0000000031~~<file_contents> The first parameter of the request specifies the sub-command of rxrReceiveFileFromServer. The number "8" specifies that a file will be uploaded to the ARCserve L&D installation directory. The second argument specifies the file destination name. The third argument specifies the length of the destination file. The fifth argument specifies the CRC32 hash of the incoming file. rxRPC.dll however does not protect against directory traversals via sub-function "8". So, by using "..\" within the filename, an arbitrary file can be written to an arbitrary directory using SYSTEM-level privileges. To foster immediate exploitability, ARCserve L&D's "security.dll" can be overwritten using this "functionality", and can then be immediately loaded into memory by calling another rxrLogin request, which would now inject the potentially-malicious "security.dll" into the ARCserve L&D process. Vulnerability #5: 8 Similar Buffer Overflows Buffer overflow vulnerabilities exist within 8 other functions accessible remotely via TCP/1900. For brevity's sake, exploitable samples follow: rxsUseLicenseIni~~<overflow> rxsLicGetSiteId~~<overflow> rxsGetLogFileNames~~<overflow>~~40000 rxsGetBackupLog~~aa~~<overflow>~~40000 rxsBackupComplete~~aa~~aa~~aa~~<overflow>~~aa rxsSetDataGrowthScheduleAndFilter~~aa~~aa~~aa~~aa~~<overflow> rxsSetDefaultConfigName~~<overflow> rxrSetMessageLogSettings~~65~~45~~79~~65~~<overflow>~~52~65~73~65~61~72~ 63~68~21 The only form of mitigation for these vulnerabilities is to disable TCP/1900 at the host-level, or to uninstall ARCserve L&D server installations. Protection: Blink - Unified Client Security has proactively protected from these vulnerabilities since their discovery. Retina - Network Security Scanner has been updated to identify these vulnerabilities. Vendor Status: Computer Associates released patches for these vulnerabilities. These patches are available here: http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcserveb ld-securitynotice.asp. Credit: Matt Oh, Andre Derek Protas, Yuji Ukai Related Links: Preview - Advanced Security Intelligence - http://www.eeye.com/preview Retina - Network Security Scanner - Free Trial: http://www.eeye.com/html/products/retina/download/index.html Blink - Unified Client Security Personal - Free For Home Use: http://www.eeye.com/html/products/blink/personal/download/index.html Blink - Unified Client Security Professional - Free Trial: http://www.eeye.com/html/products/blink/download/index.html Greetings: Matt: Bugtruck subscribers Andre: GLin, Maif, SuperSoederBros, TheClaw, TheBear, DragonKick, Hugo's Drawers, Moti, Rolf, and the many eEye Ninjas Past ^ Present Keeping It Real Yuji: fourteenfourty.jp Copyright (c) 1998-2007 eEye Digital Security Permission is hereby granted for the redistribution of this alert electronically. It is not to be edited in any way without express consent of eEye. If you wish to reprint the whole or any part of this alert in any other medium excluding electronic medium, please email alert () eEye com for permission. Disclaimer The information within this paper may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are no warranties, implied or express, with regard to this information. In no event shall the author be liable for any direct or indirect damages whatsoever arising out of or in connection with the use or spread of this information. Any use of this information is at the user's own risk. ------------------------------ Message: 3 Date: Sat, 22 Sep 2007 11:33:10 -0400 From: "Richard Golodner" <rgolodner () infratection com> Subject: Re: [Full-disclosure] Gadi Evron strikes again To: "'worried security'" <worriedsecurity () googlemail com>, <full-disclosure () lists grok org uk> Message-ID: <000f01c7fd2d$e23ad2d0$600a0a0a@Antares> Content-Type: text/plain; charset="us-ascii" WoriedSecurity said"blah, blah, nothing". Do you know Gadi? Have you ever corresponded with him? He adds some valuable knowledge to a legitimate issue that most Service Providers down to the home user should be aware of. I read the "serious 0-day" thread and I think you are just pissed off. If you had some balls you would use your real name like most legitimate networkers do instead of hiding behind a pseudonym. Check Gadi's work and see for yourself instead of letting your hurt feelings get in the way. Talk about script kiddies. Jesus man, are you sure you real name is not n3td3v? I do not see anyone soliciting your opinion about anything. What have you contributed to the body of knowledge? All I read is juvenile BS. Mail from WorriedSecurity now gets dumped before it even sees my mail client. Thanks for making it clear that you're an ass. Richard Golodner _____ From: full-disclosure-bounces () lists grok org uk [mailto:full-disclosure-bounces () lists grok org uk] On Behalf Of worried security Sent: Saturday, September 22, 2007 9:11 AM To: full-disclosure () lists grok org uk Subject: [Full-disclosure] Gadi Evron strikes again Who seen Gadi Evron on the mailing lists trolling about what a 0day is and what a 0day isn't, in the middle of a serious disclosure about a PDF flaw? Hilarious. Well, just incase you missed it, here it is again... http://seclists.org/bugtraq/2007/Sep/0229.html And this guy wants to be a high profile guy at the forefront of information security discussion? lolzers. Script kiddos unite behind the big man Evron. He leads, where the rest of us follow. And he comes on the lists complaining people are mimicing his e-mail addresses and calling him a dick. *I wonder why?* Its funny, he strongly keeps an eye on Funsec mailing list and keeps everyone in check,Yet, he has a total disregard for "quality control" else where, especially on Bugtraq!!!!!!!! My question is "Who is Gadi Evron?". This guy you would think would add something special to a discussion, but he doesn't, and you know what I know his excuse is? He is keeping his knowledge secret so bad guys can't learn from his knowledge. lolzers Gadi Evron. The truth is, Gadi just wants to make sure his name and e-mail address is in every major flaw disclosure, no matter how lame the comment is, just as long as his name and e-mail is in high profile disclosures, then Gadi Evron can sleep at night. Thanks Gadi!!! My hero. Bugtraq is moderated for a reason, so Bugtraq moderators, start moderating it!!! Symantec arsewipes. Securityfocus, no really, why are you allowing Gadi Evron troll on such a high profile respected moderated list? Gadi's comment mentioned above was a true breach of the rules, so start moderating his comments more in future. Leave the trolling for F-D Gadi, Bugtraq readers don't want to see your shit in future, and Bugtraq moderators, actually read what Gadi Evron is posting in future, instead of just reading the name and sender and approving the message without actually reading the body. *Oh its Gadi, its automatically approved* Lets look at Bugtraq's description: "BugTraq is a full disclosure moderated mailing list for the *detailed* discussion and announcement of computer security vulnerabilities: what they are, how to exploit them, and how to fix them. " http://www.securityfocus.com/archive/1/description#0.1.1 lolzers, Bugtraq moderators don't read thier own shit or inforce it! Someone snip a bit of that description that gives Gadi right of way to troll on Bugtraq in the middle of serious flaw disclosures!!!!! Gadi, seriously f**king learn about the stuff you read , so you can actually input into the threads and help with the topic infront of you, instead of random off-topic messages about what defines a 0-day and what doesn't. Why didn't you start your own thread on Bugtraq about "what is a 0-day?", because they wouldn't let you!!!! Instead you sneak your shit into high profile threads, to get a name for yourself. Your conversation, as always Gadi, is best suited for Full-Disclosure or security-basics, so get the f*** off Bugtraq you idiot. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20070922/83ec040a/attachment-0001.html ------------------------------ Message: 4 Date: Sat, 22 Sep 2007 17:43:05 +0000 From: gjgowey () tmo blackberry net Subject: Re: [Full-disclosure] Gadi Evron strikes again To: "Richard Golodner" <rgolodner () infratection com>, full-disclosure-bounces () lists grok org uk, "'worried security'" <worriedsecurity () googlemail com>, full-disclosure () lists grok org uk Message-ID: < 783961451-1190483013-cardhu_decombobulator_blackberry.rim.net-392786992- () bxe006 bisx prod on.blackberryContent-Type: text/plain; charset="Windows-1252" I think the real problem is that worried security suffers from undescended testicles. Geoff Sent from my BlackBerry wireless handheld. -----Original Message----- From: "Richard Golodner" <rgolodner () infratection com> Date: Sat, 22 Sep 2007 11:33:10 To:"'worried security'" <worriedsecurity () googlemail com>,< full-disclosure () lists grok org uk> Subject: Re: [Full-disclosure] Gadi Evron strikes again WoriedSecurity said?blah, blah, nothing?. Do you know Gadi? Have you ever corresponded with him? He adds some valuable knowledge to a legitimate issue that most Service Providers down to the home user should be aware of. I read the ?serious 0-day? thread and I think you are just pissed off. If you had some balls you would use your real name like most legitimate networkers do instead of hiding behind a pseudonym. Check Gadi?s work and see for yourself instead of letting your hurt feelings get in the way. Talk about script kiddies. Jesus man, are you sure you real name is not n3td3v? I do not see anyone soliciting your opinion about anything. What have you contributed to the body of knowledge? All I read is juvenile BS. Mail from WorriedSecurity now gets dumped before it even sees my mail client. ??????????? Thanks for making it clear that you?re an ass. Richard Golodner ? ---------------- From: full-disclosure-bounces () lists grok org uk [mailto: full-disclosure-bounces () lists grok org uk] On Behalf Of worried security Sent: Saturday, September 22, 2007 9:11 AM To: full-disclosure () lists grok org uk Subject: [Full-disclosure] Gadi Evron strikes again ? Who seen Gadi Evron on the mailing lists trolling about what a 0day is and what a 0day isn't, in the middle of a serious disclosure about a PDF flaw? ? Hilarious. ? Well, just incase you missed it, here it is again... ? http://seclists.org/bugtraq/2007/Sep/0229.html < http://seclists.org/bugtraq/2007/Sep/0229.html> ? And this guy wants to be a high profile guy at the forefront of information security discussion? ? lolzers. ? Script kiddos unite behind the big man Evron. ? He leads, where the rest of us follow. ? And he comes on the lists complaining people are mimicing his e-mail addresses and calling him a dick. *I wonder why?* ? Its funny, he strongly keeps an eye on Funsec mailing list and keeps everyone in check,Yet, he has a total disregard for?"quality control"?else where, especially on Bugtraq!!!!!!!! ? My question is "Who is Gadi Evron?". ? This guy you would think would add something special to a discussion, but he doesn't, and you know what I know his excuse is? He is keeping his knowledge secret so bad guys can't learn from his knowledge. ? lolzers Gadi Evron. ? The truth is, Gadi just wants to make sure his name and e-mail address is in every major flaw disclosure, no matter how lame the comment is, just as long as his name and e-mail is in high profile disclosures, then Gadi Evron can sleep at night. ? Thanks Gadi!!! My hero. ? Bugtraq is moderated for a reason, so Bugtraq moderators, start moderating it!!! Symantec arsewipes. ? Securityfocus, no really, why are you allowing Gadi Evron troll on such a high profile respected moderated list? Gadi's comment mentioned above was a true breach of the rules, so start moderating his comments more in future. ? Leave the trolling for F-D Gadi, Bugtraq readers don't want to see your shit in future, and Bugtraq moderators, actually read what Gadi Evron is posting in future, instead of just reading the name and sender and approving the message without actually reading the body. ? *Oh its Gadi, its automatically approved* ? Lets look at Bugtraq's description: ? "BugTraq is a full disclosure moderated mailing list for the *detailed* discussion and announcement of computer security vulnerabilities: what they are, how to exploit them, and how to fix them. " http://www.securityfocus.com/archive/1/description#0.1.1 ? lolzers, Bugtraq moderators?don't read thier own shit or inforce it! ? Someone snip a bit of that description that gives Gadi right of way to troll on Bugtraq in the middle of serious flaw disclosures!!!!! ? Gadi, seriously f**king learn about the stuff you read , so you can actually input into the threads and help with the topic infront of you, instead of random off-topic messages about what defines a 0-day and what doesn't. ? Why didn't you start your own thread on Bugtraq about "what is a 0-day?", because they wouldn't let you!!!! Instead you sneak your shit into high profile threads, to get a name for yourself. ? Your conversation, as always Gadi, is best suited for Full-Disclosure or security-basics, so get the f*** off Bugtraq you idiot. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ------------------------------ Message: 5 Date: Sat, 22 Sep 2007 16:20:36 +0100 From: "Dave Korn" <dave.korn () artimi com> Subject: Re: [Full-disclosure] [Dailydave] Hacking software is lame -- try medical research... To: "'Kristian Erik Hermansen'" <kristian.hermansen () gmail com>, <full-disclosure () lists grok org uk>, < dailydave () lists immunitysec com> Message-ID: <02af01c7fd2c$20348650$2e08a8c0 () CAM ARTIMI COM> Content-Type: text/plain; charset="Windows-1252" On 21 September 2007 18:37, Kristian Erik Hermansen wrote:Some interesting discussion came up on some security lists this week and it got me to thinking. Yes, hacking software is lame. Cool, so you found some vulnerabilities in some widely distributed application, service, or OS and it is patched just as quickly. Why don't we spend our time and valuable energy researching cures for rare or popular diseases instead?I already have a computer, and the skills needed to use it. I don't have a lab full of testtubes nor the skills needed to use them nor the years of training required before I would consider myself competent to perform experiments on human beings. I haven't met your brother or friend, so their tragedy doesn't motivate me to make the enormous effort to suddenly change my life around in a completely different direction. I don't want to sound callous and inhumane. But I am, so that's how it comes across.[*] cheers, DaveK [*] - deliberate misquote, fact-checkers. -- Can't think of a witty .sigline today.... ------------------------------ Message: 6 Date: Sun, 23 Sep 2007 00:08:24 +0530 From: "Jimby Sharp" <jimbysharp () gmail com> Subject: Re: [Full-disclosure] [Dailydave] Hacking software is lame -- try medical research... To: "Dave Korn" <dave.korn () artimi com> Cc: Kristian Erik Hermansen <kristian.hermansen () gmail com>, full-disclosure () lists grok org uk, dailydave () lists immunitysec com Message-ID: <3eab9ed60709221138t3ab4851dy2233b428cc84f770 () mail gmail com> Content-Type: text/plain; charset=ISO-8859-1 I had a wonderful breakfast, two eggs and sandwitch. :-) I am flying to New York today. Can anyone tell me any good mall or store where I can buy a good sleeping bag? A last question, is the book Atlas Shrugged by Ayn Rand worth reading? - Jimby P.S. Well, everyone is jumping into FD to discuss their favorite topic, so i thought I might try as well. On 9/22/07, Dave Korn <dave.korn () artimi com> wrote:On 21 September 2007 18:37, Kristian Erik Hermansen wrote:Some interesting discussion came up on some security lists this week and it got me to thinking. Yes, hacking software is lame. Cool, so you found some vulnerabilities in some widely distributed application, service, or OS and it is patched just as quickly. Why don't we spend our time and valuable energy researching cures for rare or popular diseases instead?I already have a computer, and the skills needed to use it. I don'thave alab full of testtubes nor the skills needed to use them nor the years of training required before I would consider myself competent to perform experiments on human beings. I haven't met your brother or friend, sotheirtragedy doesn't motivate me to make the enormous effort to suddenlychange mylife around in a completely different direction. I don't want to sound callous and inhumane. But I am, so that's howitcomes across.[*] cheers, DaveK [*] - deliberate misquote, fact-checkers. -- Can't think of a witty .sigline today.... _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/------------------------------ Message: 7 Date: Sat, 22 Sep 2007 11:44:45 -0700 From: "Kristian Erik Hermansen" <kristian.hermansen () gmail com> Subject: Re: [Full-disclosure] [Dailydave] Hacking software is lame -- try medical research... To: "Jimby Sharp" <jimbysharp () gmail com> Cc: Dave Korn <dave.korn () artimi com>, full-disclosure () lists grok org uk, dailydave () lists immunitysec com Message-ID: <fe37588d0709221144t7260a63drb22aede144bcf7ef () mail gmail com> Content-Type: text/plain; charset=ISO-8859-1 On 9/22/07, Jimby Sharp <jimbysharp () gmail com> wrote:I had a wonderful breakfast, two eggs and sandwitch. :-) I am flying to New York today. Can anyone tell me any good mall or store where I can buy a good sleeping bag? A last question, is the book Atlas Shrugged by Ayn Rand worth reading? - Jimby P.S. Well, everyone is jumping into FD to discuss their favorite topic, so i thought I might try as well.full-disclosure of your life is permitted according to the FD mailing list guidelines. Now please list your SSN, credit card numbers, last three previous addresses, and the hotel where you will be staying in New York so I can come visit you :-) -- Kristian Erik Hermansen ------------------------------ Message: 8 Date: Sun, 23 Sep 2007 00:27:25 +0530 From: "Jimby Sharp" <jimbysharp () gmail com> Subject: Re: [Full-disclosure] [Dailydave] Hacking software is lame -- try medical research... To: "Kristian Erik Hermansen" <kristian.hermansen () gmail com> Cc: Dave Korn <dave.korn () artimi com>, full-disclosure () lists grok org uk, dailydave () lists immunitysec com Message-ID: <3eab9ed60709221157l4e519c02l77c222db6cc8b0d5 () mail gmail com> Content-Type: text/plain; charset=ISO-8859-1 You didn't answer my question. I don't want to meet you. Let me go and water the plants. I'll come back in 2 hours and see what you guys are doing. - Jimby On 9/23/07, Kristian Erik Hermansen <kristian.hermansen () gmail com> wrote:On 9/22/07, Jimby Sharp <jimbysharp () gmail com> wrote:I had a wonderful breakfast, two eggs and sandwitch. :-) I am flying to New York today. Can anyone tell me any good mall or store where I can buy a good sleeping bag? A last question, is the book Atlas Shrugged by Ayn Rand worth reading? - Jimby P.S. Well, everyone is jumping into FD to discuss their favorite topic, so i thought I might try as well.full-disclosure of your life is permitted according to the FD mailing list guidelines. Now please list your SSN, credit card numbers, last three previous addresses, and the hotel where you will be staying in New York so I can come visit you :-) -- Kristian Erik Hermansen------------------------------ Message: 9 Date: Sun, 23 Sep 2007 01:40:09 +0530 From: "Jimby Sharp" <jimbysharp () gmail com> Subject: Re: [Full-disclosure] [Dailydave] Hacking software is lame -- try medical research... To: "Kristian Erik Hermansen" <kristian.hermansen () gmail com> Cc: Dave Korn <dave.korn () artimi com>, full-disclosure () lists grok org uk, dailydave () lists immunitysec com Message-ID: <3eab9ed60709221310h7078f394m11dc17da7a4233fa () mail gmail com> Content-Type: text/plain; charset=ISO-8859-1From: Kristian Erik Hermansen <kristian.hermansen () gmail com> Subject: Re: [Full-disclosure] [Dailydave] Hacking software is lame --try medical research...You are an idiot.:-OWhat have you done for the security community lately... yeah now take a seat.Everyone is discussing their favorite topic. So let me discuss mine too.My post had some security content andAh ok! I'll rephrase my statements. I had a wonderful breakfast, two eggs and sandwich. :-) XSS is not just about input validation but about output validation too. I am flying to New York today. Can anyone tell me any good mall or store where I can buy a good sleeping bag? Watering the plants was fun and so was the GMail point and click demo. But wasn't that lame in such a big security con? I mean WTF is so great about sniffing and hijacking? Now my post has some security content too.yours was entirely useless..."Useless" is very subjective + relative + bla bla. Like my post was meaningful to me but useless to you. Your post was meaningful to you but useless to me. - Jimby ------------------------------ Message: 10 Date: Sat, 22 Sep 2007 15:21:23 -0500 From: Leif Ericksen <lericksen () sbcglobal net> Subject: Re: [Full-disclosure] [Dailydave] Hacking software is lame -- try medical research... To: Jimby Sharp <jimbysharp () gmail com> Cc: Kristian Erik Hermansen <kristian.hermansen () gmail com>, full-disclosure () lists grok org uk, dailydave () lists immunitysec com , Dave Korn <dave.korn () artimi com> Message-ID: <1190492483.2683.31.camel@shadrack> Content-Type: text/plain I think I need to get some lunch and eat a bunch of CORNdogs. ;) - L On Sun, 2007-09-23 at 01:40 +0530, Jimby Sharp wrote:From: Kristian Erik Hermansen <kristian.hermansen () gmail com> Subject: Re: [Full-disclosure] [Dailydave] Hacking software is lame --try medical research...You are an idiot.:-OWhat have you done for the security community lately... yeah now take a seat.Everyone is discussing their favorite topic. So let me discuss mine too.My post had some security content andAh ok! I'll rephrase my statements. I had a wonderful breakfast, two eggs and sandwich. :-) XSS is not just about input validation but about output validation too. I am flying to New York today. Can anyone tell me any good mall or store where I can buy a good sleeping bag? Watering the plants was fun and so was the GMail point and click demo. But wasn't that lame in such a big security con? I mean WTF is so great about sniffing and hijacking? Now my post has some security content too.yours was entirely useless..."Useless" is very subjective + relative + bla bla. Like my post was meaningful to me but useless to you. Your post was meaningful to you but useless to me. - Jimby _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/------------------------------ Message: 11 Date: Sat, 22 Sep 2007 16:34:56 -0400 From: Fabrizio <staticrez () gmail com> Subject: Re: [Full-disclosure] [Dailydave] Hacking software is lame -- try medical research... To: full-disclosure () lists grok org uk Message-ID: <5d80962a0709221334o3dd67f7an250ae6bf7fd0bb2 () mail gmail com> Content-Type: text/plain; charset="iso-8859-1" If you guys could kiss and make-up now, that would be great. Fabrizio On 9/22/07, Leif Ericksen <lericksen () sbcglobal net> wrote:I think I need to get some lunch and eat a bunch of CORNdogs. ;) - L On Sun, 2007-09-23 at 01:40 +0530, Jimby Sharp wrote:From: Kristian Erik Hermansen <kristian.hermansen () gmail com> Subject: Re: [Full-disclosure] [Dailydave] Hacking software is lame--try medical research...You are an idiot.:-OWhat have you done for the security community lately... yeah now take a seat.Everyone is discussing their favorite topic. So let me discuss minetoo.My post had some security content andAh ok! I'll rephrase my statements. I had a wonderful breakfast, two eggs and sandwich. :-) XSS is not just about input validation but about output validation too. I am flying to New York today. Can anyone tell me any good mall or store where I can buy a good sleeping bag? Watering the plants was fun and so was the GMail point and click demo. But wasn't that lame in such a big security con? I mean WTF is so great about sniffing and hijacking? Now my post has some security content too.yours was entirely useless..."Useless" is very subjective + relative + bla bla. Like my post was meaningful to me but useless to you. Your post was meaningful to you but useless to me. - Jimby _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/-------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20070922/9482ca89/attachment-0001.html ------------------------------ Message: 12 Date: Sat, 22 Sep 2007 17:28:02 -0400 From: "Randal T. Rioux" <randy () procyonlabs com> Subject: Re: [Full-disclosure] Security contact in at&t To: full-disclosure () lists grok org uk Message-ID: <46F588E2.7020806 () procyonlabs com> Content-Type: text/plain; charset=ISO-8859-1 minor float wrote:hi has anybody security contact in at&t?http://www.nsa.gov/contacts/index.cfm ------------------------------ Message: 13 Date: Sat, 22 Sep 2007 04:45:41 -0700 (PDT) From: George Papandreou <kostaskaramanlis () yahoo com> Subject: [Full-disclosure] Greek Web Election System Sucks - Remote File Inclusion? To: full-disclosure () lists grok org uk Message-ID: <992985.60479.qm () web44906 mail sp1 yahoo com> Content-Type: text/plain; charset="iso-8859-1" There is no wonder why in hell Kostas Karamanlis is still our prime minister! http://www.ekloges.ypes.gr/pages/index.html?http://www.secunia.com http://www.ekloges.ypes.gr/pages/index.html?../lib/../lib/jslib.js http://www.ekloges.ypes.gr/pages/index.html?../lib/default.css *Well done guys at Singular...Nice coding.. http://www.singularlogic.eu/ **Greetz to Secfreaks (www.secfreaks.gr) where first mentioned that bug. --------------------------------- Tonight's top picks. What will you watch tonight? Preview the hottest shows on Yahoo! TV. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20070922/7506bfeb/attachment-0001.html ------------------------------ Message: 14 Date: Sun, 23 Sep 2007 09:45:06 +1000 From: silky <michaelslists () gmail com> Subject: Re: [Full-disclosure] 0day: PDF pwns Windows To: Geo. <geoincidents () nls net> Cc: full-disclosure () lists grok org uk Message-ID: <5e01c29a0709221645g23e9966dya9a660538402b129 () mail gmail com> Content-Type: text/plain; charset=ISO-8859-1 On 9/22/07, Geo. <geoincidents () nls net> wrote:pa> http://www.gnucitizen.org/blog/0day-pdf-pwns-windows Is this the way responsible disclosure works these days ? "Adobe?s representatives can contact me from the usual place." Wow, now that's coordinated release. Knowing the bugs that you found previously it should take 10 minutes to rediscover this one. Which makes this even worse.I just saw his video showing the exploit fireing up calculator, it looks like the same stuff (feature/exploit call it what you want) that's been around for years. See www.nthelp.com/test.pdf (warning, it won't damage anything but it may scare you)ps, if anyone cares, this exploit does not work on foxit pdf reader v1.3. foxit rocks. so lets not call it a 'pdf' vuln, but a 'adobe acrobat' vuln.Geo. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/-- mike http://lets.coozi.com.au/ ------------------------------ Message: 15 Date: Sun, 23 Sep 2007 02:07:46 +0200 From: "Slythers Bro" <slythers () gmail com> Subject: Re: [Full-disclosure] Greek Web Election System Sucks - Remote File Inclusion? To: "George Papandreou" <kostaskaramanlis () yahoo com> Cc: full-disclosure () lists grok org uk Message-ID: <8f6a58a30709221707q70734973y6e1f886138cb5522 () mail gmail com> Content-Type: text/plain; charset="iso-8859-1" there isn't an RFI ... where is the vuln ? -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20070923/e39cd6d7/attachment-0001.html ------------------------------ Message: 16 Date: Sun, 23 Sep 2007 00:36:45 +0100 From: "worried security" <worriedsecurity () googlemail com> Subject: Re: [Full-disclosure] Keep Gadi Evron off Bugtraq To: full-disclosure () lists grok org uk Message-ID: <67ea64530709221636j3fdaf10au6f671c55ffda707a () mail gmail com> Content-Type: text/plain; charset="windows-1252" On 9/22/07, Joel R. Helgeson <joel () helgeson com> wrote:Everyone knows who Gadi is, so by definition, Gadi **is** high profile? I happen to agree with Gadi, that a 0day is the day an EXPLOIT is RELEASED, where such exploit also serves as the ONLY vendor notificationofa bug being discovered. Every adult on this list understands thedefinition,but the kids can't seem to grasp the not-so-subtle nuance between a0dayand the discovery of a bug in someone else's code. This supposedly serious disclosure you refer to is a non-event, therewasa "press release" about a supposedly serious flaw in PDF, there were no details, so therefore it doesn't even count as disclosure of a vulnerability. -joelCalling someone a kid who just released a major disclosure isn't helpful in the bigger picture of extracting relevant information from the person, or hearing from others with insightful information on-topic with the exploitation of PDF. Calling someones major disclosure "a non event" isn't helpful in the bigger picture of extracting relevant information from the person, or hearing from others with insightful information on-topic with the exploitation of PDF. Calling someones subject title inappropriate because its called "0day" isn't helpful in the bigger picture of extracting relevant information from the person, or hearing from others with insightful information on-topic with the exploitation of PDF. Bugtraq moderators, please keep irrelevant conversation out of important disclosures in future, where knowing relevant, on topic information is mission critical to why people use your mailing list. Its not a kiddy flame, I have no grudges with Gadi Evron, there is just a time and place for pissy conversation about buzzwords, and putting it in that particular thread just to teach the poster a lesson about buzzwords isn't cool. For all you know, because the thread ended up over run with buzzword conversation, you could have made the original poster not want to post relevant information, or hearing from others with insightful information on-topic with the exploitation of PDF. What the hell are these Bugtraq moderators doing with their day, have they simply lost sight and focus themselves? Its funny from a company calling themselves "Security + Focus" to allow someone to totally train wreck what would of, could of been an interesting, insightful, relevant conversation about the topic "We have a PDF flaw which can own Windows". Instead, it turned into "Why Gadi Evron thinks this disclosure is named wrongly", dude no one cares, its Bugtraq man, don't lose focus. Keep your industry leading buzzword police conversation for elsewhere. Keep Gadi Evron off Bugtraq, Unless he comes up with something which helps solve the mission critical, a 0-day PDF flaw, which we were all wanting more information about for whitehat purposes. What I want from Bugtraq: Stay mission critical, if someone posts about PDF flaw, then only accept reply posts about PDF. Don't allow someone to go off mission critical just because they are well known. Actually read your list description when moderating Bugtraq, mission critical is important to the rest of us who aren't trying to be buzzword pioneers, which if you know Gadi from other lists. is his own mission critical, but its not everyone elses interest, so keep him off Bugtraq. I think I have made myself clear, and yes I could have went into the PDF thread and ranted and raved about Bugtraq moderators, but my name isn't Gadi Evron, so I started my own thread to tell him he and his Bugtraq moderator supporters are idiots and runing Bugtraq for everyone else. Whats the point in moderating Bugtraq after that thread, sigh... it didn't look like a moderated conversation at all, it looked like a Bugtraq moderator was sleeping at the wheel. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20070923/0bbd4f72/attachment.html ------------------------------ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ End of Full-Disclosure Digest, Vol 31, Issue 42 ***********************************************
-- Juan B. Security consultant Und3f Tel. 1550967618 Cissp Ccna Ccsa Mcse Scsa
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- I know gadi personally Juan Fernandez (Sep 23)