Home page logo
  • Nmap Security Scanner
  • Security Lists
  • Security Tools
  • Site News
  • Advertising
  • About/Contact
  • Sponsors:



/
fulldisclosure logo
Full Disclosure Mailing List

A lightly moderated high-traffic forum for disclosure of security information. Fresh vulnerabilities sometimes hit this list many hours before they pass through the Bugtraq moderation queue. The relaxed atmosphere of this quirky list provides some comic relief and certain industry gossip. Unfortunately, most of the posts are worthless drivel, so finding the gems takes patience.

List Archives

JanFebMarAprMayJunJulAugSepOctNovDec
2012537
2011590687439561572565367393370995466511
2010637502564453408631417445414523342696
2009979380465318282292550455421339387502
2008615496600821681403591559639531739635
2007593629573744564661662530709935584641
200699274018658677891058770771578678545495
2005939676950666678437766107889067710651531
200413581534149911531451103113701314109111741424731
200350540529650042189212511942176318061123782
2002314835685381456313

Latest Posts

..twitter rights RandallM (Jan 28)
is posting attacking us gov site, or exposing personal info of another
on twitter a freedom on speech/full disclosure? Twitter is the main
voice of anon and they blatantly voice such. Even showing the vids and
work.

What is twitters take?

FatCat Auto SQLl Injector sandeep k (Jan 28)
This is an automatic SQL Injection tool called as FatCat, Use of FatCat for
testing your web application and exploit your application more deeper.
FatCat Features that help you to extract the Database information, Table
information, and Column information from web application.
Only If it is vulnerable to Mysql SQL Injection Vulnerability.

The user friendly GUI of FatCat and automatically detect the sql
vulnerability and start exploiting...

FatCat Auto SQLl Injector sandeep k (Jan 28)
This is an automatic SQL Injection tool called as FatCat, Use of FatCat for
testing your web application and exploit your application more deeper.
FatCat Features that help you to extract the Database information, Table
information, and Column information from web application.
Only If it is vulnerable to Mysql SQL Injection Vulnerability.

The user friendly GUI of FatCat and automatically detect the sql
vulnerability and start exploiting...

[ GLSA 201201-17 ] Chromium: Multiple vulnerabilities Tim Sammut (Jan 27)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201201-17
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: Chromium: Multiple vulnerabilities
Date: January 28,...

Re: when did piracy/theft become expression of freedom Zach C. (Jan 27)
the

is a

yourself

you're

*not*

"first sale

If you buy an album used, the seller generally loses possession of it, you
gain possession of it at a reduced cost, and the original purchase still
gave the original seller and producer value. Value has still been
exchanged, assuming no literal theft was involved to make the whole thing
criminal anyway. If you make a copy, you're pretty much creating (or, if
you prefer,...

Re: when did piracy/theft become expression of freedom Thor (Hammer of God) (Jan 27)
These arguments do more harm than good. You can't base property law on what people may not have done (of course there
are "not paid your taxes" etc - let's not get tied down with that). I'm actually surprised you made that comment. I
have a product that I own the rights to. If you don't feel like paying full price, then don't buy it. You go down the
street and buy a similar product for less money. That...

Re: when did piracy/theft become expression of freedom Valdis . Kletnieks (Jan 27)
On Fri, 27 Jan 2012 18:06:28 GMT, Michael Schmidt said:

You might want to go read "Courtney Love Does The Math", and then ask yourself
the following:

1) You can make a case that if you copy an album intead of buying it, you're
depriving somebody of profits. But what if it's an album that you would *not*
have bought at full price anyhow? Or one that you bought used (see "first sale
principle")?

2) Who gets those...

[ GLSA 201201-16 ] X.Org X Server/X Keyboard Configuration Database: Screen lock bypass Alex Legler (Jan 27)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201201-16
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: X.Org X Server/X Keyboard Configuration Database: Screen...

[SECURITY] [DSA 2396-1] qemu-kvm security update Moritz Muehlenhoff (Jan 27)
-------------------------------------------------------------------------
Debian Security Advisory DSA-2396-1 security () debian org
http://www.debian.org/security/ Moritz Muehlenhoff
January 27, 2012 http://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : qemu-kvm
Vulnerability : buffer underflow
Problem type :...

Re: when did piracy/theft become expression of freedom Laurelai (Jan 27)
Yeah and the US is becoming a police state, so using US law as examples
of morality is pretty shaky ground.

[SECURITY] [DSA 2395-1] wireshark security update Moritz Muehlenhoff (Jan 27)
-------------------------------------------------------------------------
Debian Security Advisory DSA-2395-1 security () debian org
http://www.debian.org/security/ Moritz Muehlenhoff
January 27, 2012 http://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : wireshark
Vulnerability : buffer underflow
Problem type...

Re: when did piracy/theft become expression of freedom Michael Schmidt (Jan 27)
You want to be very careful with that line of thought. You are taking the creator the rightful owners profits, which
they are entitled to if it is a product they created to be sold. You are confusing what you want - with what the law
states. Theft is typically very widely defined in the law, not just what the dictionary states.

When you make a copy, you are performing a step that the manufacturer takes with physical products. Just because...

Advisory: Remote Command Execution in Gitorious joernchen of Phenoelit (Jan 27)
Hi,

FYI, see attached.

cheers,

joernchen

Fortigate UTM WAF Appliance - Multiple Web Vulnerabilities research () vulnerability-lab com (Jan 27)
Title:
======
Fortigate UTM WAF Appliance - Multiple Web Vulnerabilities

Date:
=====
2012-01-27

References:
===========
http://vulnerability-lab.com/get_content.php?id=144

VL-ID:
=====
144

Introduction:
=============
The FortiGate series of multi-threat security systems detect and eliminate the most damaging, content-based threats
from email
and Web traffic such as viruses, worms, intrusions, inappropriate Web content and more in real time...

[ GLSA 201201-15 ] ktsuss: Privilege escalation Sean Amoss (Jan 27)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201201-15
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: High
Title: ktsuss: Privilege escalation
Date: January 27, 2012...

More Lists

Dozens of other network security lists are archived at SecLists.Org.


[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]