<!--

This attack may be utilized wherever IE parses HTML,
including web sites, e-mail, newsgroups, and within
applications utilizing web-browsing functionality.

-->

W0W !

[harmless .exe]

http://www.malware.com/drew.html

ouch !

--
http://www.malware.com

[ more ]  [ reply ]

In-Reply-To: <20030819205018.12485.qmail (at) www.securityfocus (dot) com [email concealed]>

Updated with correct URLs to further documentation in the message:

Summary

Recently, Macromedia became aware of a security issue with some of the

server behaviors present in Dreamweaver MX, all versions of UltraDev, and

two ext

[ more ]  [ reply ]

Dear Security Focus Community:

This is an announcement for the public release of the publication "A
Treatise on Informational Warfare". It is available for download in PDF
format at http://63.230.73.253/treatiseiw.pdf and the table of contents is
included at the end of this announcement so that y

[ more ]  [ reply ]

In-Reply-To: <20030814000221.10408.qmail (at) www.securityfocus (dot) com [email concealed]>

Sorry but simply calling a phone number and then 3-waying another number

does not spoof caller id as the first number you called, at least not in

my experience, I do know however that if you call one phone number, flash

over and

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ---------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: GDM allows local user to read any file.
Advisory ID: RHSA-2003:258-01
Issue date: 2003-08-21
Updated on

[ more ]  [ reply ]

The first time I sent this email it included example HTML code. That HTML
code would have no affect on eMail clients as this is not a HTML email nor
was the data properly formatted, etc..., etc... However, due to VERY POORLY
written mail gateways, this eMail was being blocked at most gateways as
bei

[ more ]  [ reply ]

Buffer Overflow in UDP broadcasts for Microsoft SQL Server client
utilities

Risk level: High

Summary:
A Unicode buffer overflow exists in MDAC which is used by the SQL Server
SQL-DMO library that could allow a remote user to execute malicious code
on the target computer. The vulnerability does not

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----

After seeing the security advisory from intersystems I found this post
from Larry Cashdollar on full-disclosure. I didn't see it here and found
it usefull.

Larry Cashdollar wrote:

Here are more details of my research...

Vuln1

Local attackers can exploit

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

SySS Security Advisory

Date: 2003-07-25 (Published 2003-08-19)

Author: Carl-Daniel Hailfinger <hailfinger-lists (at) SySS (dot) de [email concealed]>
SySS GmbH
72070 Tübingen / Germany
Phone: +49-7071-407856-0
http://www.syss.de

Permanent URL: htt

[ more ]  [ reply ]

Internet Explorer Object Data Remote Execution Vulnerability

Release Date:
August 20, 2003

Reported Date:
May 15, 2003

Severity:
High (Remote Code Execution)

Systems Affected:
Microsoft Internet Explorer 5.01
Microsoft Internet Explorer 5.5
Microsoft Internet Explorer 6.0
Microsoft Internet Expl

[ more ]  [ reply ]

/***********************************************
*
* m00 security advistory #001
*
* Buffer overflows in Srcpd v2.0
*
* www.m00security.org
*
* overg[at]mail.ru h0snp[at]mail.ru
*
************************************************/

---------------------------

[ more ]  [ reply ]

Popular Net anonymity service back-doored
Fed-up Feds get court order
http://theregister.co.uk/content/55/32450.html

The popular Java Anonymous Proxy (JAP), used to anonymise one's comings and
goings across the Internet, has been back-doored by court order. The service
is currently logging access

[ more ]  [ reply ]

----------------------------------------------------------------------
SNS Advisory No.68
Internet Explorer Object Type Buffer Overflow in Double-Byte Character Set Environment

Problem first discovered on: Fri, 06 June 2003
Published on: Thu, 21 Aug 2003
------------------------------------------

[ more ]  [ reply ]

----------------------------------------------------------------------
SNS Advisory No.67
The Return of the Content-Disposition Vulnerability in IE

Problem first discovered on: Wed, 18 Sep 2002
Published on: Thu, 21 Aug 2003
----------------------------------------------------------------------

Ov

[ more ]  [ reply ]

Hi,

Lately, I've been trying to find a way to detect whether a host is
vulnerable to the MS RPC issue fixed by MS03-026. This detection should
be possible remotely, without registry access and without disrupting
services.

I have discovered that, when multiple "RemoteActivation Requests" are
send t

[ more ]  [ reply ]

http://www.secnetops.biz/research

[ more ]  [ reply ]

In-Reply-To: <20030818155038.C14607 (at) ring.CS.Berkeley (dot) EDU [email concealed]>

Has anyone made the msblast.d code/binary publicly available? If so,

where can it be obtained? I have been looking everywhere. I want to

analyze the code and view why it becomes so network intensive.

Thanks,

JD

[ more ]  [ reply ]