[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] Full-Disclosure Digest, Vol 42, Issue 42
- To: <full-disclosure@xxxxxxxxxxxxxxxxx>
- Subject: Re: [Full-disclosure] Full-Disclosure Digest, Vol 42, Issue 42
- From: badr muhyeddin <gigiyousef@xxxxxxxxxxx>
- Date: Sun, 17 Aug 2008 07:30:03 +0300
unsubscribe > From: full-disclosure-request@xxxxxxxxxxxxxxxxx> Subject:
Full-Disclosure Digest, Vol 42, Issue 42> To:
full-disclosure@xxxxxxxxxxxxxxxxx> Date: Sat, 16 Aug 2008 12:00:01 +0100> >
Send Full-Disclosure mailing list submissions to>
full-disclosure@xxxxxxxxxxxxxxxxx> > To subscribe or unsubscribe via the World
Wide Web, visit> https://lists.grok.org.uk/mailman/listinfo/full-disclosure>
or, via email, send a message with subject or body 'help' to>
full-disclosure-request@xxxxxxxxxxxxxxxxx> > You can reach the person managing
the list at> full-disclosure-owner@xxxxxxxxxxxxxxxxx> > When replying, please
edit your Subject line so it is more specific> than "Re: Contents of
Full-Disclosure digest..."> > > Note to digest recipients - when replying to
digest posts, please trim your post appropriately. Thank you.> > > Today's
Topics:> > 1. Re: weev, baby (hERB)> 2. Re: weev, baby (coderman)> 3. Health
website vulnerable to hacking, no response from admins> after multiple at
tempts (Kristian Erik Hermansen)> 4. Re: weev, baby (n3td3v)> 5. [
MDVSA-2008:171 ] postfix (security@xxxxxxxxxxxx)> 6. [ MDVSA-2008:172 ] amarok
(security@xxxxxxxxxxxx)> 7. [PLSA 2008-25] Postfix: Local privilege escalation>
(P?nar Yanarda?)> 8. Step-by-step instructions for debugging Cisco IOS using
gdb> (Smiler S)> 9. Tool: PorkBind v1.3 Nameserver Security Scanner (New
Version)> (Derek Callaway)> 10. Re: [funsec] Internet attacks against Georgian
web sites> (Radoslav Dejanovi?)> 11. Beware the firefox ZERO DAYZZZZ (T Biehn)>
12. Linus summarizes state of the "security industry" with> precision and
accuracy. (coderman)> 13. Re: Linus summarizes state of the "security industry"
with> precision and accuracy. (silky)> > >
----------------------------------------------------------------------> >
Message: 1> Date: Fri, 15 Aug 2008 12:15:55 +0100> From: hERB
<herbster@xxxxxxxxx>> Subject: Re: [Full-disclosure] weev, baby> To:
full-disclosure@xxxxxxxxxxxxxxxxx> Message-ID:> <216
0f86c0808150415n59d79459o4f841b2f0579af4f@xxxxxxxxxxxxxx>> Content-Type:
text/plain; charset="iso-8859-1"> > Think you credit too much intelligence,
more likely its:> > http://www.urbandictionary.com/define.php?term=TEABAG> >
/hERB> > On Fri, Aug 15, 2008 at 8:42 AM, Gadi Evron <ge@xxxxxxxxxxxx> wrote:>
> > Tea Baggins tebaggins at gmail.com> >> > Teatime from Pratchett and Bilbo
Baggins from Tolkien?> >> > Nice touch.> >> > No idea what the rest of the
trolling means.> >> > Gadi.> >> >
_______________________________________________> > Full-Disclosure - We believe
in it.> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html> >
Hosted and sponsored by Secunia - http://secunia.com/> >> > > > -- > #include
<stddisclaimer.h>> -------------- next part --------------> An HTML attachment
was scrubbed...> URL:
http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20080815/98ac25b5/attachment-0001.html
> > ------------------------------> > Message: 2> Date: Fri,
15 Aug 2008 09:56:19 -0700> From: coderman <coderman@xxxxxxxxx>> Subject: Re:
[Full-disclosure] weev, baby> To: hERB <herbster@xxxxxxxxx>> Cc:
full-disclosure@xxxxxxxxxxxxxxxxx> Message-ID:>
<4ef5fec60808150956i67602f8h9e0872bb2310ef70@xxxxxxxxxxxxxx>> Content-Type:
text/plain; charset=ISO-8859-1> > On Fri, Aug 15, 2008 at 4:15 AM, hERB
<herbster@xxxxxxxxx> wrote:> > Think you credit too much intelligence, more
likely its:> >> > http://www.urbandictionary.com/define.php?term=TEABAG> > sir,
the etymology of the fine Tea Baggins, son of Frodo Baggins,> begat from Bilbo,
son of Bungo Baggins, sired by Mungo Baggins, who's> father, the great Balbo
Baggins, is patriarch of the tree of Baggins,> including all Tea Baggins, is
not a matter to be taken lightly!> > please excuse yourself for such dishonor
implied by this obscene> "TEABAG" reference.> > (also, contrary to popular
misconception, the great Gandalf has never> enjoyed "lemon parties"; this rumor
merely one of the many fre
nzied> insults devised by Saruman's groupies...)> > > >
------------------------------> > Message: 3> Date: Fri, 15 Aug 2008 13:02:30
-0700> From: "Kristian Erik Hermansen" <kristian.hermansen@xxxxxxxxx>> Subject:
[Full-disclosure] Health website vulnerable to hacking, no> response from
admins after multiple attempts> To: full-disclosure@xxxxxxxxxxxxxxxxx>
Message-ID:> <fe37588d0808151302g25d8aa8eq928d29ff6e42e0ea@xxxxxxxxxxxxxx>>
Content-Type: text/plain; charset=ISO-8859-1> > I tried repeatedly to contact
them. For the benefit of the health> patients using this website, can someone
please investigate?> Thanks...> >
https://secure.westclifflabs.com/secure/billing/default.asp> -- > Kristian Erik
Hermansen> > > > ------------------------------> > Message: 4> Date: Fri, 15
Aug 2008 21:29:22 +0100> From: n3td3v <xploitable@xxxxxxxxx>> Subject: Re:
[Full-disclosure] weev, baby> To: full-disclosure@xxxxxxxxxxxxxxxxx>
Message-ID:> <4b6ee9310808151329n3d75ee72g1e666c8d232caab5@mail
.gmail.com>> Content-Type: text/plain; charset=ISO-8859-1> > On Fri, Aug 15,
2008 at 8:42 AM, Gadi Evron <ge@xxxxxxxxxxxx> wrote:> > Tea Baggins tebaggins
at gmail.com> >> > Teatime from Pratchett and Bilbo Baggins from Tolkien?> >> >
Nice touch.> >> > No idea what the rest of the trolling means.> >> > Gadi.> >>
> You're the oldest troll on this list, you should know what all the> secret
troll messages mean.> > All the best,> > n3td3v> > > >
------------------------------> > Message: 5> Date: Fri, 15 Aug 2008 14:44:00
-0600> From: security@xxxxxxxxxxxx> Subject: [Full-disclosure] [ MDVSA-2008:171
] postfix> To: full-disclosure@xxxxxxxxxxxxxxxxx> Message-ID:
<E1KU69Q-0005TT-Rg@xxxxxxxxxxxxxxxxxx>> > > -----BEGIN PGP SIGNED MESSAGE----->
Hash: SHA1> >
_______________________________________________________________________> >
Mandriva Linux Security Advisory MDVSA-2008:171>
http://www.mandriva.com/security/>
______________________________________________________________________
_> > Package : postfix> Date : August 15, 2008> Affected: 2007.1, 2008.0,
2008.1, Corporate 3.0, Corporate 4.0>
_______________________________________________________________________> >
Problem Description:> > Sebastian Krahmer of the SUSE Security Team discovered
a flaw in> the way Postfix dereferenced symbolic links. If a local user had>
write access to a mail spool directory without a root mailbox file,> it could
be possible for them to append arbitrary data to files that> root had write
permissions to (CVE-2008-2936).> > The updated packages have been patched to
correct this issue.>
_______________________________________________________________________> >
References:> > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2936>
_______________________________________________________________________> >
Updated Packages:> > Mandriva Linux 2007.1:> 26e470b9c59a7f942865ff4c9a029f33
2007.1/i586/libpostfix1-2.3.8-1.1mdv2007.1.i586.rpm>
886bae30f28144d5cd12330eadc29beb 2007
.1/i586/postfix-2.3.8-1.1mdv2007.1.i586.rpm> 4490c64a7b39685f04dff74ce114edd1
2007.1/i586/postfix-ldap-2.3.8-1.1mdv2007.1.i586.rpm>
03bc15e8554bb5519bccc27147dc49c5
2007.1/i586/postfix-mysql-2.3.8-1.1mdv2007.1.i586.rpm>
4ce6d3583264a3d9a89e99554d8f5334
2007.1/i586/postfix-pcre-2.3.8-1.1mdv2007.1.i586.rpm>
1fa256a3a7306dc4711d2c1f394e4779
2007.1/i586/postfix-pgsql-2.3.8-1.1mdv2007.1.i586.rpm >
585a32ed0e7d643bec4be76ca56e96a3
2007.1/SRPMS/postfix-2.3.8-1.1mdv2007.1.src.rpm> > Mandriva Linux
2007.1/X86_64:> c5b9aba41a5f7d4762e07611ab796ba9
2007.1/x86_64/lib64postfix1-2.3.8-1.1mdv2007.1.x86_64.rpm>
34aaf8a7f5489382ae2fe752239c1ad3
2007.1/x86_64/postfix-2.3.8-1.1mdv2007.1.x86_64.rpm>
c1bbbc34d1a6951dfea07b479e7546a6
2007.1/x86_64/postfix-ldap-2.3.8-1.1mdv2007.1.x86_64.rpm>
72c368adfd81383032aee96564edd1dc
2007.1/x86_64/postfix-mysql-2.3.8-1.1mdv2007.1.x86_64.rpm>
b6e9329425e1e4f6f1b591ca01c07527
2007.1/x86_64/postfix-pcre-2.3.8-1.1mdv2007.1.x86_64.rpm>
858ac67feca2fae49be70f752a
9f5688 2007.1/x86_64/postfix-pgsql-2.3.8-1.1mdv2007.1.x86_64.rpm >
585a32ed0e7d643bec4be76ca56e96a3
2007.1/SRPMS/postfix-2.3.8-1.1mdv2007.1.src.rpm> > Mandriva Linux 2008.0:>
28f80755d3e08a050a3294f15bcdf0b0
2008.0/i586/libpostfix1-2.4.5-2.1mdv2008.0.i586.rpm>
8e5a684b87309c502f34d76104e7291f
2008.0/i586/postfix-2.4.5-2.1mdv2008.0.i586.rpm>
fd4bd15f398bb8f9a90e59216b4a01dc
2008.0/i586/postfix-ldap-2.4.5-2.1mdv2008.0.i586.rpm>
63e5be0f5c1dc8b28f173726c1648831
2008.0/i586/postfix-mysql-2.4.5-2.1mdv2008.0.i586.rpm>
75e6b126fd04ce8cbef1d024a8d4af94
2008.0/i586/postfix-pcre-2.4.5-2.1mdv2008.0.i586.rpm>
3eb0a04a986f20d4771b774b0707d5ff
2008.0/i586/postfix-pgsql-2.4.5-2.1mdv2008.0.i586.rpm >
d18e696ddd9948b311e84c1df3b4edfa
2008.0/SRPMS/postfix-2.4.5-2.1mdv2008.0.src.rpm> > Mandriva Linux
2008.0/X86_64:> 25c8159e3a2b78ab281dcf6c7b5886d1
2008.0/x86_64/lib64postfix1-2.4.5-2.1mdv2008.0.x86_64.rpm>
56bc517d9bb1cf9221ce8d35999ac7de
2008.0/x86_64/postfix-2.4.5-2.1mdv2008.0.x86_64.rpm> 08
af0c3454a642e57252180f6f8b8b1c
2008.0/x86_64/postfix-ldap-2.4.5-2.1mdv2008.0.x86_64.rpm>
c8777d4816b661a2853df44228c97e26
2008.0/x86_64/postfix-mysql-2.4.5-2.1mdv2008.0.x86_64.rpm>
08579717946ec5c32df7674286f9f45a
2008.0/x86_64/postfix-pcre-2.4.5-2.1mdv2008.0.x86_64.rpm>
fda669add03041fa744d5738c7457c3a
2008.0/x86_64/postfix-pgsql-2.4.5-2.1mdv2008.0.x86_64.rpm >
d18e696ddd9948b311e84c1df3b4edfa
2008.0/SRPMS/postfix-2.4.5-2.1mdv2008.0.src.rpm> > Mandriva Linux 2008.1:>
5a3804f2c3effc218f5c2e2e3df27564
2008.1/i586/libpostfix1-2.5.1-2.1mdv2008.1.i586.rpm>
506d51b49e9c8c0e439fc8bc4c63ba29
2008.1/i586/postfix-2.5.1-2.1mdv2008.1.i586.rpm>
34ef86dd70c956f2a99bdfac81183e09
2008.1/i586/postfix-ldap-2.5.1-2.1mdv2008.1.i586.rpm>
1d07b91d48c60906f28b8a2eba99ca1c
2008.1/i586/postfix-mysql-2.5.1-2.1mdv2008.1.i586.rpm>
70ba3c286521579fc49a54bba84472dd
2008.1/i586/postfix-pcre-2.5.1-2.1mdv2008.1.i586.rpm>
dca57a1b0579a8418ad10aac03322b2e
2008.1/i586/postfix-pgsql-2.5.1-2.1mdv2008.1.i586.rpm
> 0f3cb76c3893354103745ee331942f0d
2008.1/SRPMS/postfix-2.5.1-2.1mdv2008.1.src.rpm> > Mandriva Linux
2008.1/X86_64:> 16d38a5b0b47edb0fc3395c63511bd6c
2008.1/x86_64/lib64postfix1-2.5.1-2.1mdv2008.1.x86_64.rpm>
546f25ac9ea5aa167b9282bd8d4f537a
2008.1/x86_64/postfix-2.5.1-2.1mdv2008.1.x86_64.rpm>
f1a917d26a5366044e570f6571c2fb10
2008.1/x86_64/postfix-ldap-2.5.1-2.1mdv2008.1.x86_64.rpm>
4b2f2a4d53ef97dbd2c609afc9e61c77
2008.1/x86_64/postfix-mysql-2.5.1-2.1mdv2008.1.x86_64.rpm>
266433d35cd238e9132b6225bc5d1258
2008.1/x86_64/postfix-pcre-2.5.1-2.1mdv2008.1.x86_64.rpm>
78f8df45bf1c009701112a60294ccdeb
2008.1/x86_64/postfix-pgsql-2.5.1-2.1mdv2008.1.x86_64.rpm >
0f3cb76c3893354103745ee331942f0d
2008.1/SRPMS/postfix-2.5.1-2.1mdv2008.1.src.rpm> > Corporate 3.0:>
7d6dc0a422fa43c691a6819a9954d29c
corporate/3.0/i586/libpostfix1-2.1.1-0.4.C30mdk.i586.rpm>
6c90a40a69bcd261d1fff8124d087d48
corporate/3.0/i586/postfix-2.1.1-0.4.C30mdk.i586.rpm>
9e3468e37e512a5207a982ba606d8fb8 corporate/3.0/i
586/postfix-ldap-2.1.1-0.4.C30mdk.i586.rpm> 8018f6af47a5659396a3d903c27b33d4
corporate/3.0/i586/postfix-mysql-2.1.1-0.4.C30mdk.i586.rpm>
ac40a515260bd75fe00c5e1610b11e7b
corporate/3.0/i586/postfix-pcre-2.1.1-0.4.C30mdk.i586.rpm>
f8675212bf047f8373846efe438d6e34
corporate/3.0/i586/postfix-pgsql-2.1.1-0.4.C30mdk.i586.rpm >
0b9d6b89f64cf5c5ba64d4234ba958d3
corporate/3.0/SRPMS/postfix-2.1.1-0.4.C30mdk.src.rpm> > Corporate 3.0/X86_64:>
f695f71cf4e3cff94b76ffaa79e79276
corporate/3.0/x86_64/lib64postfix1-2.1.1-0.4.C30mdk.x86_64.rpm>
479831782b7e851ee64b8686e5435742
corporate/3.0/x86_64/postfix-2.1.1-0.4.C30mdk.x86_64.rpm>
a52bf688f3f842c8062ca1e43748a442
corporate/3.0/x86_64/postfix-ldap-2.1.1-0.4.C30mdk.x86_64.rpm>
e286020374420577f7372bf98b3145f0
corporate/3.0/x86_64/postfix-mysql-2.1.1-0.4.C30mdk.x86_64.rpm>
7c4d75cb5df1951918a3baf56aff0dcd
corporate/3.0/x86_64/postfix-pcre-2.1.1-0.4.C30mdk.x86_64.rpm>
e1b6ff7a49ab9dbd1cc8559ec9a747fe corporate/3.0/x86_64/postfix-pgsql-2.1.1-0.4
.C30mdk.x86_64.rpm > 0b9d6b89f64cf5c5ba64d4234ba958d3
corporate/3.0/SRPMS/postfix-2.1.1-0.4.C30mdk.src.rpm> > Corporate 4.0:>
c7e11fa492370b389f507fc3ae2b1d4a
corporate/4.0/i586/libpostfix1-2.3.5-0.2.20060mlcs4.i586.rpm>
f78b08147813d142dbebccfa3f2d1fc1
corporate/4.0/i586/postfix-2.3.5-0.2.20060mlcs4.i586.rpm>
982fb6adba17ab2acfd477323a55db4c
corporate/4.0/i586/postfix-ldap-2.3.5-0.2.20060mlcs4.i586.rpm>
163b41ad32263b2a319720144153f5af
corporate/4.0/i586/postfix-mysql-2.3.5-0.2.20060mlcs4.i586.rpm>
7be21bfdc0f6e70d6da173d5005516f8
corporate/4.0/i586/postfix-pcre-2.3.5-0.2.20060mlcs4.i586.rpm>
26c0b02352463bd5c33b67c146330701
corporate/4.0/i586/postfix-pgsql-2.3.5-0.2.20060mlcs4.i586.rpm >
f9251f61013674ae03a5122d8c5cfd25
corporate/4.0/SRPMS/postfix-2.3.5-0.2.20060mlcs4.src.rpm> > Corporate
4.0/X86_64:> 91d8789d61bc41409d96b0442ffb8d13
corporate/4.0/x86_64/lib64postfix1-2.3.5-0.2.20060mlcs4.x86_64.rpm>
db6e1d07cd48fd215db13b6c0812629f corporate/4.0/x86_64/postfix-2.3.5-0.2.2
0060mlcs4.x86_64.rpm> 6d57adb992f1903344a12c213116e2d9
corporate/4.0/x86_64/postfix-ldap-2.3.5-0.2.20060mlcs4.x86_64.rpm>
c3217315a710dddef6addc566542dbef
corporate/4.0/x86_64/postfix-mysql-2.3.5-0.2.20060mlcs4.x86_64.rpm>
21db2224670acce491ff87269f21ec5e
corporate/4.0/x86_64/postfix-pcre-2.3.5-0.2.20060mlcs4.x86_64.rpm>
89d5796c4d94bb6ab1ef26de400d032f
corporate/4.0/x86_64/postfix-pgsql-2.3.5-0.2.20060mlcs4.x86_64.rpm >
f9251f61013674ae03a5122d8c5cfd25
corporate/4.0/SRPMS/postfix-2.3.5-0.2.20060mlcs4.src.rpm>
_______________________________________________________________________> > To
upgrade automatically use MandrivaUpdate or urpmi. The verification> of md5
checksums and GPG signatures is performed automatically for you.> > All
packages are signed by Mandriva for security. You can obtain the> GPG public
key of the Mandriva Security Team by executing:> > gpg --recv-keys --keyserver
pgp.mit.edu 0x22458A98> > You can view other update advisories for Mandriva
Linux at:> > ht
tp://www.mandriva.com/security/advisories> > If you want to report
vulnerabilities, please contact> > security_(at)_mandriva.com>
_______________________________________________________________________> > Type
Bits/KeyID Date User ID> pub 1024D/22458A98 2000-07-10 Mandriva Security Team>
<security*mandriva.com>> -----BEGIN PGP SIGNATURE-----> Version: GnuPG v1.4.9
(GNU/Linux)> >
iD8DBQFIpbu8mqjQ0CJFipgRApsdAJ0XV7YMQObXpiNScy6r/ct8BPjTIACg0mow>
TLWvKH+6JSz18dJfpEjIxFw=> =rHfX> -----END PGP SIGNATURE-----> > > >
------------------------------> > Message: 6> Date: Fri, 15 Aug 2008 15:54:00
-0600> From: security@xxxxxxxxxxxx> Subject: [Full-disclosure] [ MDVSA-2008:172
] amarok> To: full-disclosure@xxxxxxxxxxxxxxxxx> Message-ID:
<E1KU7FA-0005Z8-El@xxxxxxxxxxxxxxxxxx>> > > -----BEGIN PGP SIGNED MESSAGE----->
Hash: SHA1> >
_______________________________________________________________________> >
Mandriva Linux Security Advisory MDVSA-2008:172>
http://www.mandriva.com/security/> _
______________________________________________________________________> >
Package : amarok> Date : August 15, 2008> Affected: 2008.0, 2008.1>
_______________________________________________________________________> >
Problem Description:> > A flaw in Amarok prior to 1.4.10 would allow local
users to overwrite> arbitrary files via a symlink attack on a temporary file
that Amarok> created with a predictable name (CVE-2008-3699).> > The updated
packages have been patched to correct this issue.>
_______________________________________________________________________> >
References:> > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3699>
_______________________________________________________________________> >
Updated Packages:> > Mandriva Linux 2008.0:> add9881887c5e33288947a836ea829f7
2008.0/i586/amarok-1.4.7-9.1mdv2008.0.i586.rpm>
6cb1913a6bc874ea77a25d76521e39a8
2008.0/i586/amarok-engine-xine-1.4.7-9.1mdv2008.0.i586.rpm>
66b1e073cc975872fb15e1d674462d6e 2008.0/i586/am
arok-scripts-1.4.7-9.1mdv2008.0.i586.rpm> 9decca6e5825541b00c7942340308065
2008.0/i586/libamarok0-1.4.7-9.1mdv2008.0.i586.rpm>
f52da39d55c1ad5a475e14a7f4a42d11
2008.0/i586/libamarok0-scripts-1.4.7-9.1mdv2008.0.i586.rpm>
130e958096e23249244e7e2ff02aa1f6
2008.0/i586/libamarok-devel-1.4.7-9.1mdv2008.0.i586.rpm>
8d5dd406aa2cb0a56e922f8ff7d9ea34
2008.0/i586/libamarok-scripts-devel-1.4.7-9.1mdv2008.0.i586.rpm >
36da208a1bb60169c8b721bfc9d38f15
2008.0/SRPMS/amarok-1.4.7-9.1mdv2008.0.src.rpm> > Mandriva Linux
2008.0/X86_64:> c01e9b41a520a3a65398866daca707cf
2008.0/x86_64/amarok-1.4.7-9.1mdv2008.0.x86_64.rpm>
b300777e4a9db10814ba3a920ce690d0
2008.0/x86_64/amarok-engine-xine-1.4.7-9.1mdv2008.0.x86_64.rpm>
c24609bda65290240c8689b2863de9cb
2008.0/x86_64/amarok-scripts-1.4.7-9.1mdv2008.0.x86_64.rpm>
eb04320a5d103aef042f29ed9731ac8b
2008.0/x86_64/lib64amarok0-1.4.7-9.1mdv2008.0.x86_64.rpm>
c71f5eda86c58ad9bd78bebc06b63f01
2008.0/x86_64/lib64amarok0-scripts-1.4.7-9.1mdv2008.0.x86_64.rpm> d
f9206ff03dad2f1b2e3ce40e1cc190d
2008.0/x86_64/lib64amarok-devel-1.4.7-9.1mdv2008.0.x86_64.rpm>
a9a45984a13f545e828c957e98ca2051
2008.0/x86_64/lib64amarok-scripts-devel-1.4.7-9.1mdv2008.0.x86_64.rpm >
36da208a1bb60169c8b721bfc9d38f15
2008.0/SRPMS/amarok-1.4.7-9.1mdv2008.0.src.rpm> > Mandriva Linux 2008.1:>
35bb66001f0a6efb796d476b1ba35098
2008.1/i586/amarok-1.4.8-12.1mdv2008.1.i586.rpm>
39f5f1cba6d2a2dd347e2004eb37b6b6
2008.1/i586/amarok-engine-void-1.4.8-12.1mdv2008.1.i586.rpm>
b54d096ed180078cc0adbf13ee9c1234
2008.1/i586/amarok-engine-xine-1.4.8-12.1mdv2008.1.i586.rpm>
c47c5274f6419497e83b9d9e129f0cee
2008.1/i586/amarok-engine-yauap-1.4.8-12.1mdv2008.1.i586.rpm>
f710c717a6bb71e445671688edca63c7
2008.1/i586/amarok-scripts-1.4.8-12.1mdv2008.1.i586.rpm>
d07c5193757104a086c798bd4acfa1ff
2008.1/i586/libamarok0-1.4.8-12.1mdv2008.1.i586.rpm>
0886969d0cf8a00a24ec3767f7e26d52
2008.1/i586/libamarok0-scripts-1.4.8-12.1mdv2008.1.i586.rpm>
b448749b86d31cce3fe37803a6d76955 2008.1/i586/li
bamarok-devel-1.4.8-12.1mdv2008.1.i586.rpm> 00b6a0c87044ad127837dd6b0eaaaf05
2008.1/i586/libamarok-scripts-devel-1.4.8-12.1mdv2008.1.i586.rpm >
d98786eee09881cdaa238f00e29e7c48
2008.1/SRPMS/amarok-1.4.8-12.1mdv2008.1.src.rpm> > Mandriva Linux
2008.1/X86_64:> 4c90ca190be22b80aa57df40a054fb22
2008.1/x86_64/amarok-1.4.8-12.1mdv2008.1.x86_64.rpm>
1a3c01858fcfbd321f65b8140252fa3e
2008.1/x86_64/amarok-engine-void-1.4.8-12.1mdv2008.1.x86_64.rpm>
d62f9425e5917415066c16f170b9f079
2008.1/x86_64/amarok-engine-xine-1.4.8-12.1mdv2008.1.x86_64.rpm>
d4ff899bf669f9f676df2e6b809f2fc8
2008.1/x86_64/amarok-engine-yauap-1.4.8-12.1mdv2008.1.x86_64.rpm>
35a26a4ee0d82eaa8e52436dcf1bfaa9
2008.1/x86_64/amarok-scripts-1.4.8-12.1mdv2008.1.x86_64.rpm>
9738454dec262ef9d19c93e7e78328c8
2008.1/x86_64/lib64amarok0-1.4.8-12.1mdv2008.1.x86_64.rpm>
93414b3bd1d5b12a6cdb8fc48091785b
2008.1/x86_64/lib64amarok0-scripts-1.4.8-12.1mdv2008.1.x86_64.rpm>
a11bccff3c601e5d2f3a8501c72e709f 2008.1/x86_64/lib64amarok-deve
l-1.4.8-12.1mdv2008.1.x86_64.rpm> ec100b8483103dc815b52b3f546df167
2008.1/x86_64/lib64amarok-scripts-devel-1.4.8-12.1mdv2008.1.x86_64.rpm >
d98786eee09881cdaa238f00e29e7c48
2008.1/SRPMS/amarok-1.4.8-12.1mdv2008.1.src.rpm>
_______________________________________________________________________> > To
upgrade automatically use MandrivaUpdate or urpmi. The verification> of md5
checksums and GPG signatures is performed automatically for you.> > All
packages are signed by Mandriva for security. You can obtain the> GPG public
key of the Mandriva Security Team by executing:> > gpg --recv-keys --keyserver
pgp.mit.edu 0x22458A98> > You can view other update advisories for Mandriva
Linux at:> > http://www.mandriva.com/security/advisories> > If you want to
report vulnerabilities, please contact> > security_(at)_mandriva.com>
_______________________________________________________________________> > Type
Bits/KeyID Date User ID> pub 1024D/22458A98 2000-07-10 Mandriva Security Team>
<secu
rity*mandriva.com>> -----BEGIN PGP SIGNATURE-----> Version: GnuPG v1.4.9
(GNU/Linux)> >
iD8DBQFIpc66mqjQ0CJFipgRAs8UAJ9zaZ2Q2gNIZIH2QjEkb24qy/p75wCfdjI9>
6ws9cZQ3VJO2BMZpRcO+NGY=> =uJ0s> -----END PGP SIGNATURE-----> > > >
------------------------------> > Message: 7> Date: Sat, 16 Aug 2008 03:12:16
+0300> From: P?nar Yanarda? <pinar@xxxxxxxxxxxxx>> Subject: [Full-disclosure]
[PLSA 2008-25] Postfix: Local privilege> escalation> To:
pardus-security@xxxxxxxxxxxxx> Cc: full-disclosure@xxxxxxxxxxxxxxxxx>
Message-ID: <48A61B60.3040004@xxxxxxxxxxxxx>> Content-Type: text/plain;
charset=UTF-8; format=flowed> >
------------------------------------------------------------------------>
Pardus Linux Security Advisory 2008-25 security@xxxxxxxxxxxxx>
------------------------------------------------------------------------> Date:
2008-08-16> Severity: 2> Type: Local>
------------------------------------------------------------------------> >
Summary> =======> > Sebastian Krahmer has reporte
d some security issues in Postfix, which> can be exploited by malicious, local
users to disclose potentially> sensitive information and perform certain
actions with escalated> privileges.> > > Description> ===========> > 1) A
security issue is caused due to Postfix incorrectly handling> symlink files.
This can be exploited to e.g. append mail messages to> arbitrary files by
creating a hardlink to a symlink owned by the root> user.> > Successful
exploitation requires write permission to the mail spool> directory, that there
is no "root" mailbox, and users can create a> hardlink to a symlink.> > 2) A
security issue is caused due to Postfix not correctly checking the> ownership
of the destination when delivering email. This can be> exploited to e.g.
disclose emails by creating an insecure mailbox file> for other users.> >
Affected packages:> > Pardus 2008:> postfix, all before 2.5.4-20-4> Pardus
2007:> postfix, all before 2.3.4-12-11> > > Resolution> ==========> > There are
upd
ate(s) for postfix. You can update them via Package Manager> or with a single
command from console:> > Pardus 2008:> pisi up postfix> > Pardus 2007:> pisi up
postfix> > > References> ==========> > *
http://de.postfix.org/ftpmirror/official/postfix-2.5.4.HISTORY> *
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2936> *
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2937> *
http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00002.html> *
http://secunia.com/advisories/31485> >
------------------------------------------------------------------------> > --
> Pardus Security Team> http://security.pardus.org.tr> > > > >
------------------------------> > Message: 8> Date: Fri, 15 Aug 2008 19:20:18
+0100> From: "Smiler S" <smiler808@xxxxxxxxxxxxxx>> Subject: [Full-disclosure]
Step-by-step instructions for debugging> Cisco IOS using gdb> To:
full-disclosure@xxxxxxxxxxxxxxxxx> Message-ID:>
<46d5a9ed0808151120j54d980d2lcb085c0de5d93d07@xxxxxxxxxxxxxx>> Conte
nt-Type: text/plain; charset="iso-8859-1"> > From: Andy Davis>
<iosftpexploit_at_googlemail.com<iosftpexploit_at_googlemail.com?Subject=Re:%20Step-by-step%20instructions%20for%20debugging%20Cisco%20IOS%20using%20gdb>>>
> Date: Tue, 12 Aug 2008 22:01:37 +0100> > >Congratulations you are now
debugging IOS ;-)> >One unusual feature, which I have yet to explain is that
when the> >registers are displayed they are all offset by 1 e.g:> > If a vector
variable is stored in a register, gcc writes debug information> telling gdb
which register the variable is stored in. This mapping is> changed between gcc2
& gcc3. Since there isn't anything in the debug output> to distinguish code
compiled by gcc3 from code compiled by gcc2, there is no> way for gdb to know
the right map. gdb supports the gcc3 map.> > If vector code is compiled by gcc2
as in the case of IOS, then the register> assignment will be off by 1.> > PS -
Stop ripping Gyan and Varuns IOS research work you jackass cause you> ai
n't getting no fame with that bullshit :P :P :P> -------------- next part
--------------> An HTML attachment was scrubbed...> URL:
http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20080815/9f01f697/attachment-0001.html
> > ------------------------------> > Message: 9> Date: Fri, 15 Aug 2008
14:31:41 -0400 (EDT)> From: Derek Callaway <super@xxxxxxxx>> Subject:
[Full-disclosure] Tool: PorkBind v1.3 Nameserver Security> Scanner (New
Version)> To: bugtraq@xxxxxxxxxxxxxxxxx> Cc: full-disclosure@xxxxxxxxxxxxxxxxx>
Message-ID: <20080815142431.C36041@xxxxxxxx>> Content-Type: TEXT/PLAIN;
charset=US-ASCII; format=flowed> > This program retrieves version information
for the nameservers of a domain> and produces a report that describes possible
vulnerabilities of each.> Vulnerability information is configurable through a
configuration> file; the default is porkbind.conf. Each nameserver is tested
for > recursive queries and zone transfers. The code is parallelized with > l
ibpthread.> > http://www.innu.org/~super/tools/porkbind-1.3.tar.gz> >
ChangeLog for this version:> > porkbind-1.3> ------------> Wrote in-a-bind
shell script that scans random domain names from DMOZ> Implemented recursive
query testing> Changed porkbind.conf to use CVE numbers in addition to CERT
alerts> Modified text displayed on stdout to make it more parsable> Licensed
with GNU Lesser General Public License> Fixed timeout/concurrency/memory
corruption bugs> Fixed improper comparison of alpha/beta version numbering bug>
Added typecasts to silence compiler warnings> > > - Derek> > > >
------------------------------> > Message: 10> Date: Fri, 15 Aug 2008 22:18:32
+0200> From: Radoslav Dejanovi? <radoslav.dejanovic@xxxxxxxx>> Subject: Re:
[Full-disclosure] [funsec] Internet attacks against> Georgian web sites> To:
Paul Ferguson <fergdawg@xxxxxxxxxxx>> Cc: funsec@xxxxxxxxxxxx,
full-disclosure@xxxxxxxxxxxxxxxxx,> bugtraq@xxxxxxxxxxxxxxxxx, ge@xxxxxxxxxxxx>
Message-ID: <48A5E498
.308@xxxxxxxx>> Content-Type: text/plain; charset=ISO-8859-2> > Paul Ferguson
wrote:> > > Also, I wish to say:> > > > "It is clear that there are
anti-Georgian forces at work on the> > Internet."> > > > "Who they are, and
what their motivations are 9at this point),> > remains to be seen."> > Just for
the record...> > There were in the past several such "cyber wars" between
Croatia and> Serbia, with the scenario not quite unlike this one. The scenario
is as> follows:> > 1. there's some political tension between countries;> > 2.
someone on one side decides that it would be highly patriotic to> attack
servers on the other side;> > 3. someone on the other side retaliates by
attacking other country's> servers;> > 4. more individuals join in, adding to
the magnitude of the event;> clueless media joins in with headlines like "brave
local patriots are> hacking the (evil) other side into oblivion; we have won
the real war,> we're going to win this one too";> > 5. governments do not q
uite understand what is going on, but they do not> intervene because they can
get some political points out of that mess> (cracked government web pages are
collateral damage and in fact good for> propaganda);> > 6. after some time, the
"cyberwar" ceases.> > > IMHO, what is going on in Georgia is a scenario like
the one above. I> don't think there's any real cyberwar between governments
going on, but> in fact local groups of people who believe that they're showing
their> patriotism. Therefore:> > - who they are: groups of individuals, not a
state operated force> > - what are their motivations: showing patriotism and
having a> "legitimate" target to practice "cyberwar", as nobody is going to>
prosecute a patriotic attack on enemy country's infrastructure.> > - how to end
it: it will end by itself.> > > > ------------------------------> > Message:
11> Date: Fri, 15 Aug 2008 21:54:02 -0400> From: "T Biehn" <tbiehn@xxxxxxxxx>>
Subject: [Full-disclosure] Beware the firefox ZERO DA
YZZZZ> To: "Full Disclosure" <Full-Disclosure@xxxxxxxxxxxxxxxxx>> Message-ID:>
<2d6724810808151854g5f0acab2x7273f8498cd0c752@xxxxxxxxxxxxxx>> Content-Type:
text/plain; charset=ISO-8859-1> > Watch out for those a.exe droppers boys and
girls. Ran into in the wild.> >
http://anubis.iseclab.org/result.php?taskid=cd5d6669682e89049195a55b6f982a84&refresh=1>
> > > ------------------------------> > Message: 12> Date: Fri, 15 Aug 2008
19:42:34 -0700> From: coderman <coderman@xxxxxxxxx>> Subject: [Full-disclosure]
Linus summarizes state of the "security> industry" with precision and
accuracy.> To: "Full Disclosure" <full-disclosure@xxxxxxxxxxxxxxxxx>>
Message-ID:> <4ef5fec60808151942h1f6866a8nd633c6a5a11eecc4@xxxxxxxxxxxxxx>>
Content-Type: text/plain; charset=ISO-8859-1> > ... hypothesis that "security
researchers" are all masturbating monkey> whores is now proven definitively.
[0]> > """> Too often, so-called "security" is split into two camps: one that>
believes in nondisclosure of
problems by hiding knowledge until a bug> is fixed, and one that "revels in
exposing vendor security holes> because they see that as just another proof
that the vendors are> corrupt and crap, which admittedly mostly are," Torvalds
states.> > Torvalds went on to say he views both camps as "crazy."> > "Both
camps are whoring themselves out for their own reasons, and both> camps point
fingers at each other as a way to cement their own reason> for existence,"
Torvalds asserts.> """> > 0. Torvalds Interview with Network World ,
08/14/2008>
http://www.networkworld.com/news/2008/081408-torvalds-security-circus.html> > >
[ ED: Dr. Diggle the Zoologist grunt / proctologist has lots of company, lol ]>
> > > ------------------------------> > Message: 13> Date: Sat, 16 Aug 2008
13:34:36 +1000> From: silky <michaelslists@xxxxxxxxx>> Subject: Re:
[Full-disclosure] Linus summarizes state of the "security> industry" with
precision and accuracy.> To: coderman <coderman@xxxxxxxxx>> Cc: Full D
isclosure <full-disclosure@xxxxxxxxxxxxxxxxx>> Message-ID:>
<5e01c29a0808152034u3aab5ae2q5703e118babc3ac1@xxxxxxxxxxxxxx>> Content-Type:
text/plain; charset=ISO-8859-1> > On Sat, Aug 16, 2008 at 12:42 PM, coderman
<coderman@xxxxxxxxx> wrote:> > ... hypothesis that "security researchers" are
all masturbating monkey> > whores is now proven definitively. [0]> > I feel I
can speak for the entire monkeynet project> (http://www.themonkeynet.com/) when
saying we are offended by this> comparision.> > > > """> > Too often, so-called
"security" is split into two camps: one that> > believes in nondisclosure of
problems by hiding knowledge until a bug> > is fixed, and one that "revels in
exposing vendor security holes> > because they see that as just another proof
that the vendors are> > corrupt and crap, which admittedly mostly are,"
Torvalds states.> >> > Torvalds went on to say he views both camps as "crazy.">
>> > "Both camps are whoring themselves out for their own reasons, and bot
h> > camps point fingers at each other as a way to cement their own reason> >
for existence," Torvalds asserts.> > """> >> > 0. Torvalds Interview with
Network World , 08/14/2008> >
http://www.networkworld.com/news/2008/081408-torvalds-security-circus.html> >>
> [ ED: Dr. Diggle the Zoologist grunt / proctologist has lots of company, lol
]> > -- > noon silky> http://www.themonkeynet.com/armada/>
http://www.themonkeynet.com/> > > > ------------------------------> >
_______________________________________________> Full-Disclosure - We believe
in it.> Charter: http://lists.grok.org.uk/full-disclosure-charter.html> Hosted
and sponsored by Secunia - http://secunia.com/> > End of Full-Disclosure
Digest, Vol 42, Issue 42> ***********************************************
_________________________________________________________________
Discover the new Windows Vista
http://search.msn.com/results.aspx?q=windows+vista&mkt=en-US&form=QBRE
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/