SOLDIERX.COM Nobody Can Stop Information Insemination

Posted by Georgi Guninski on Feb 04

Just a quote:
<quote>
In Germany they first came for the Communists,
and I didn't speak up because I wasn't a Communist.
Then they came for the Jews,
and I didn't speak up because I wasn't a Jew.
Then they came for the trade unionists,
and I didn't speak up because I wasn't a trade unionist.
Then they came for the Catholics,
and I didn't speak up because I was a Protestant.
Then they came for me -
and by...

Posted by Luk Claes on Feb 04

-------------------------------------------------------------------------
Debian Security Advisory DSA-2384-2 security () debian org
http://www.debian.org/security/
February 04, 2012 http://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : cacti
Vulnerability : several
Problem type : remote...

Posted by doc mombasa on Feb 04

aah doom has aspergers.. that explains a lot :)

Den 3. feb. 2012 22.10 skrev doomxd () gmail com <doomxd () gmail com>:

Posted by doc mombasa on Feb 04

we fear your irc chan :(

Den 3. feb. 2012 22.06 skrev doomxd () gmail com <doomxd () gmail com>:

Posted by doomxd () gmail com on Feb 03

Your the idiot here.. Boone,will give u guys crap ya cuntzzz and I hope yur havin great time tryin to figure out how
badly this list got owned,off yad do,forcing ppl to sho 0days,yet some ppl,nomatter how big yu may think,are anon,and
that's simple,yu fd a good bug,well it gets patched,yur ass gets kicks from any groups ya in,and remembr ,yur bases are
mine,and intercepting yu will be fun,been funny stall the latest bigs,sudo,etc,all...

Posted by doomxd () gmail com on Feb 03

Arserspeage.haha.
Fku lamer.

----- Reply message -----
From: "Zach C." <fxchip () gmail com>
To: <james () zero-internet org uk>
Cc: "funsec" <funsec () linuxbox org>, "RandallM" <randallm () fidmail com>, <full-disclosure () lists grok org uk>,
<full-disclosure-bounces () lists grok org uk>
Subject: [Full-disclosure] can you answer this?
Date: Fri, Feb 3, 2012 8:04 pm
The...

Posted by Full Disclosure mailing list on Feb 03

I've seen this sort of thing before, from misconfigured VPNs.

Do you have someone using "Tunngle" on your network?

It's a VPN product (as far as I understand it, primarily for gaming),
and it appears to (mis)use the 7.xxx.xxx.xxx IP address space. See this
for a report of similar packet sightings:

http://www.tunngle.net/community/topic/18311-bsod/

My guess is that one of your users has set up this VPN in order to...

Posted by Fabian Wenk on Feb 03

Hello

Was there some notebook (or other device), which came out of this
IP range (could also be from somewhere else where internally this
IP range is misused), into your local network?

This is a DHCP request from the client (from port 68) to the dhcp
server or broadcast address (to port 67). Sometimes a dhcp
client, which has just been (re-)connected to the network, tries
to check if the last assigned IP address is still valid. As the...

Posted by security on Feb 03

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2012:013
http://www.mandriva.com/security/
_______________________________________________________________________

Package : mozilla
Date : February 3, 2012
Affected: 2010.1, 2011., Enterprise Server 5.0
_______________________________________________________________________

Problem Description:...

Posted by Luis Santana on Feb 03

Earlier today I tried to contact the people over at
http://vulnerability-lab.com about an XSS vulnerability I found on their
site (ironic) but it appears they want nothing to do with me. Praise
Full-Disclosure.

[image: Vulnerability-lab.com XSS - HackTalk
Security]<http://i.imgur.com/CripA.jpg>

http://i.imgur.com/CripA.jpg

The Irony Of A Site For Disclosing Site Being Itself Vuln To Something So
Trivial

Basically I tried to report this...

Posted by Adriel Desautels on Feb 03

MD5 (20120203-SONEXIS-NETRAGARD.txt) = adde14f01f442022e40decba069e1f3e

Posted by Dcdave on Feb 03

There is a turtle-like tendency within the vendors of security solutions to protect themselves against the potential
loss of trust in their offerings and subsequent loss of revenue by pretending it didn't happen, keeping it quiet,
dissembling, and ignoring rather than discussing a clear plan of mitigation by strengthening their product.

It is into this world that the true security consultant steps, invoice in hand...

:)

Dave Druitt
CSO...

Posted by Zach C. on Feb 03

The original message reads thus:

> we are just a manufacturing company. One ip is from a NAS device for

I expect it's supposed to read like this:

"I was working on cleaning up my 'any to any' rulesets on my firewall and I
ran across internal IPs using the NetBIOS protocol, which is unexpected
behavior. One of my internal hosts also appears to be attempting to connect
to 7.8.0.106 or 7.8.0.107 on port 4330. A WHOIS...

Posted by james on Feb 03

So what's the question?

------Original Message------
From: RandallM
Sender: full-disclosure-bounces () lists grok org uk
To: funsec
To: full-disclosure () lists grok org uk
Subject: [Full-disclosure] can you answer this?
Sent: 3 Feb 2012 08:20

since no one could answer the last one how bout this. In my FW log
Trust (our 10.0.0.0. network) to untrust picked this up:

2012-02-02 10:08:10 7.254.254.254:68 7.254.254.255:67 0.0.0.0:0
0.0.0.0:0...

Posted by RandallM on Feb 03

since no one could answer the last one how bout this. In my FW log
Trust (our 10.0.0.0. network) to untrust picked this up:

2012-02-02 10:08:10 7.254.254.254:68 7.254.254.255:67 0.0.0.0:0
0.0.0.0:0 DHCP 0 sec. 0 0 Traffic Denied

My "any" to "any" denied queue.

Posted by Kyle Creyts on Feb 03

"Management was informed of the incident in September 2011" pg 33, sect 2

Further, there is no mention of risk potential for the SSL business
whatsoever, despite numerous mentions of risk factors for the Registry
Services business, not related to this attack.

While nothing is "safe" to assume, I would say that suggesting that
this description of the incident describes an attack on tangential,
unmentioned businesses operated...

Posted by Kyle Creyts on Feb 03

This is at least a year and a half old. Please, don't republish "news"
that should have never been reprinted. I'm not sure who would have
allowed this tripe to be syndicated...

Posted by David3 Gonnella on Feb 03

Hi Nancy,
I think "noindex,nofollow" in robots of any page is the main problem.
I have updated and, as you suggest, I am going to check with the google
Webmaster Tools
Hope to find out the problem and being indexed as usual.

Thanks for helping!
Davide

Posted by Michel on Feb 03

hello,

Multiple vendor antivirus .kz archive format evasion/bypass vulnerability.

DESCRIPTION

.kz is a proprietary archive format from an Asian editor KuaiZip: http://www.kuaizip.com/en/index.html
This format, similar to lzma, is recent and very rare format type (not supported yet by most common archivers).
By creating a .kz file archive a remote attacker could send a malicious payload within this compressed archive to
bypass/evade antivirus...

Posted by David3 Gonnella on Feb 03

Thanks for the tip Adam, I give a try and see if i can speed up the
reindexing of those pages..