Full Disclosure | Full-Disclosure

Full Disclosure | Full-Disclosure Mailing List Archive by Gossamer Threads http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/ en-us (c) Gossamer Threads Inc. All rights reserved. 08 Nov 2009 02:48:47 -0800 120 Gossamer Threads | Full Disclosure | Full-Disclosure 75 23 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/ http://www.gossamer-threads.com/images/lists/rss_logo.jpg [SECURITY] [DSA 1931-1] New NSPR packages fix several vulnerabilities -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA 08 Nov 2009 02:07:37 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70744 Re: How Prosecutors Wiretap Wall Street > But to gather intelligence about what terrorists are up to, even if a US citizen is involved, should not require a warrant. This is all well and g 07 Nov 2009 14:06:42 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70742 Re: How to receive SPAM mail If you want to be spammed, join full-disclosure. 2009/11/7 Michael Holstein <michael.holstein@csuohio.edu> > > > I have a SPAM filter and virus fire 07 Nov 2009 14:05:40 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70743 Re: How Prosecutors Wiretap Wall Street --On November 7, 2009 11:24:55 AM -0600 Valdis.Kletnieks@vt.edu wrote: > On Fri, 06 Nov 2009 23:42:45 CST, Paul Schmehl said: >> communications as we 07 Nov 2009 11:51:29 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70739 Linux 2.6.x fs/pipe.c local root exploit (CVE-2009-3547) For those who were not yet aware, there is at least 3 public exploits since 11/05/2009 for CVE-2009-3547 targeting *all* linux kernels from 2.6.0 to 2 07 Nov 2009 11:37:13 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70740 Re: How Prosecutors Wiretap Wall Street --On November 7, 2009 11:20:31 AM -0600 Rohit Patnaik <quanticle@gmail.com> wrote: > The direction of the association doesn't matter. It doesn't mat 07 Nov 2009 11:31:57 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70738 Re: How Prosecutors Wiretap Wall Street On Fri, 06 Nov 2009 23:42:45 CST, Paul Schmehl said: > communications as well. Under existing law (if you believe that FISA > applies) they would ha 07 Nov 2009 09:24:55 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70737 Re: How Prosecutors Wiretap Wall Street The direction of the association doesn't matter. It doesn't matter if the "terrorist" is contacting me, or if I'm contacting the terrorist. In either 07 Nov 2009 09:20:31 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70736 Re: How Prosecutors Wiretap Wall Street --On November 6, 2009 10:10:56 PM -0600 Rohit Patnaik <quanticle@gmail.com> wrote: > If it is so clear that a US citizen is involved in terrorism an 06 Nov 2009 21:42:45 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70735 Re: How Prosecutors Wiretap Wall Street If it is so clear that a US citizen is involved in terrorism and is communicating with terrorists beyond our borders, then why is it so hard for the N 06 Nov 2009 20:10:56 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70734 Re: How Prosecutors Wiretap Wall Street --On November 6, 2009 6:07:17 PM -0600 Rohit Patnaik <quanticle@gmail.com> wrote: > > You say that claims about the NSA conducting warrantless wireta 06 Nov 2009 18:56:41 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70733 [SECURITY] [DSA 1930-1] New drupal6 packages fix several vulnerabilities -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA 06 Nov 2009 16:46:57 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70741 Re: How Prosecutors Wiretap Wall Street On Fri, Nov 6, 2009 at 1:25 PM, Paul Schmehl <pschmehl_lists@tx.rr.com>wrote: > --On Friday, November 06, 2009 10:46:39 -0600 Valdis.Kletnieks@vt.edu 06 Nov 2009 16:07:17 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70731 Re: How to receive SPAM mail > I have a SPAM filter and virus firewall testing. > So, I want to get the real SPAM is sent to a specific email address. > What better way is there a 06 Nov 2009 13:46:53 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70730 Re: How Prosecutors Wiretap Wall Street --On Friday, November 06, 2009 10:46:39 -0600 Valdis.Kletnieks@vt.edu wrote: > On Thu, 05 Nov 2009 21:47:41 CST, Paul Schmehl said: >> > Getting back 06 Nov 2009 11:25:43 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70729 How to receive SPAM mail Hi Full-disclosure I have a SPAM filter and virus firewall testing. So, I want to get the real SPAM is sent to a specific email address. What better 06 Nov 2009 11:11:11 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70728 Re: MySQL trick for SQL injection --On Friday, November 06, 2009 10:55:26 -0600 Tim <tim-security@sentinelchicken.org> wrote: > >> > INTO OUTFILE is a dangerous routine (as you've cl 06 Nov 2009 11:03:34 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70727 Re: How Prosecutors Wiretap Wall Street -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Yo Paul! On Thu, 05 Nov 2009 21:47:41 CST, Paul Schmehl said: > > Getting back on topic, it is well-kn 06 Nov 2009 09:01:43 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70726 Re: MySQL trick for SQL injection > > INTO OUTFILE is a dangerous routine (as you've clearly demonstrated), but that > > privilege must be specifically granted to a user before it's p 06 Nov 2009 08:55:26 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70725 Re: How Prosecutors Wiretap Wall Street On Thu, 05 Nov 2009 21:47:41 CST, Paul Schmehl said: > > Getting back on topic, it is well-known, and proven, that the NSA has > > surveillence facili 06 Nov 2009 08:46:39 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70724 Re: Argentinean Arnet isp webmail Confirmed, thanks and POP3 too: c:\>telnet pop3.arnet.com.ar 110 +OK user P0*****4241@arnet.com.ar +OK please, send your password pass P0*****4241 06 Nov 2009 08:38:32 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70723 Re: MySQL trick for SQL injection On Fri, 06 Nov 2009 10:04:54 CST, Paul Schmehl said: > What privileges did the user who performed the select have? > > INTO OUTFILE is a dangerous ro 06 Nov 2009 08:37:28 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70722 Re: MySQL trick for SQL injection --On Friday, November 06, 2009 06:55:22 -0600 Vladimir Vorontsov <vladimir.vorontsov@onsec.ru> wrote: > > Good day! > > I recently encountered a pro 06 Nov 2009 08:04:54 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70721 [ GLSA 200911-01 ] Horde: Multiple vulnerabilities - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200911-01 - - - 06 Nov 2009 05:36:49 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70720 MySQL trick for SQL injection Good day! I recently encountered a problem with the implementation of SQL injection. I wanted to write a file with the code interpreter to execute 06 Nov 2009 04:55:22 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70719