559 messages starting Aug 01 08 and ending Sep 01 08 Date index | Thread index | Author index
CA ARCserve Backup for Laptops and Desktops Server LGServer Service Vulnerability Williams, James K SUSE Security Announcement: net-snmp (SUSE-SA:2008:039) Thomas Biege [USN-632-1] Python vulnerabilities Kees Cook [USN-633-1] libxslt vulnerabilities Kees Cook [SECURITY] [DSA 1625-1] New cupsys packages fix arbitrary code execution Thijs Kinkhorst [SECURITY] [DSA 1626-1] New httrack packages fix arbitrary code execution Thijs Kinkhorst Tool Release: ProcL - Detect Hidden Process Pallav Khandhar [USN-634-1] OpenLDAP vulnerability Kees Cook DNS Multiple Race Exploiting Tool AR n.runs-SA-2008.005 - Apple Inc. - CoreServices Framework’s CarbonCore Framework - Arbi trary Code Execution (remote) security () nruns com iDefense Security Advisory 07.31.08: Apple Mac OS X CoreGraphics PDF Type1 Font Integer Overflow Vulnerability iDefense Labs Fwd: Black Hat talk on Apple encryption cancelled n3td3v [ MDVSA-2008:160 ] libxslt security
iDefense Security Advisory 08.01.08: Ingres Database for Linux verifydb Insecure File Permissions Modification Vulnerability iDefense Labs iDefense Security Advisory 08.01.08: Ingres Database for Linux libbecompat Stack Based Buffer Overflow Vulnerability iDefense Labs iDefense Security Advisory 08.01.08: Ingres Database for Linux ingvalidpw Untrusted Library Path Vulnerability iDefense Labs Server termination in America's Army 2.8.3.1 Luigi Auriemma ArpON detects and blocks Arp Poisoning/Spoofing attacks Andrea Di Pasquale
Re: simple phishing fix lsi Re: how to request a cve id? William A. Rowe, Jr. Re: Media backlash begins against HD Moore and I)ruid n3td3v
Re: Media backlash begins against HD Moore and I)ruid Valdis . Kletnieks [SECURITY] [DSA 1627-1] New opensc packages fix smart card vulnerability Thijs Kinkhorst Alphanumeric Shellcode Encoding and Detection Avraham Moshe Schneider ASCII Art shellcode Berend-Jan Wever [USN-626-2] Devhelp, Epiphany, Midbrowser and Yelp update Jamie Strandboge free static analysis tool for c/c++ modversion Team SHATTER Security Advisory: SQL Injection in Oracle Application Server (WWEXP_API_ENGINE) Team SHATTER Team SHATTER Security Advisory: Cross-site scripting in Oracle Enterprise Manager (REFRESHHOME Parameter) Team SHATTER Team SHATTER Security Advisory: Cross-site scripting in Oracle Enterprise Manager (REFRESHCHOICE Parameter) Team SHATTER Team SHATTER Security Advisory: SQL Injection in Oracle Database (DBMS_DEFER_SYS.DELETE_TRAN) Team SHATTER Re: free static analysis tool for c/c++ Dean Pierce New info tool available at freewebtown.com/sombra6/info.php now Kristo pher
Re: free static analysis tool for c/c++ Fionnbharr phish war game lsi Re: free static analysis tool for c/c++ modversion more rehashes of xss & 'evil gif' Robert Holgstad Re: more rehashes of xss & 'evil gif' raining lulz CORE-2008-0716 - Sun xVM VirtualBox Privilege Escalation Vulnerability CORE Security Technologies Advisories Re: Team SHATTER Security Advisory: SQL Injection in Oracle Database (DBMS_DEFER_SYS.DELETE_TRAN) Memisyazici, Aras Re: free static analysis tool for c/c++ KJK::Hyperion Re: phish war game Biz Marqee Re: free static analysis tool for c/c++ modversion Re: free static analysis tool for c/c++ KJK::Hyperion Re: free static analysis tool for c/c++ modversion Re: Media backlash begins against HD Moore and I)ruid n3td3v Re: phish war game blah Fwd: Comment on: Microsoft to give partners heads-up on security vulnerabilities n3td3v Re: Alphanumeric Shellcode Encoding and Detection Avraham Moshe Schneider Re: Media backlash begins against HD Moore and I)ruid Valdis . Kletnieks Re: Media backlash begins against HD Moore and I)ruid n3td3v Re: Media backlash begins against HD Moore and I)ruid Valdis . Kletnieks Re: Media backlash begins against HD Moore and I)ruid n3td3v Re: Alphanumeric Shellcode Encoding and Detection Avraham Schneider Re: Media backlash begins against HD Moore and I)ruid Valdis . Kletnieks Interesting things at sec-consult.com, DNS-whitepaper available tomorrow Bernhard Mueller (no subject) Bernhard Mueller Re: Media backlash begins against HD Moore and I)ruid scott Re: more rehashes of xss & 'evil gif' n3td3v
[ GLSA 200808-01 ] xine-lib: User-assisted execution of arbitrary code Robert Buchholz Re: Kaminsky's Law Pavel Kankovsky Re: Media backlash begins against HD Moore and I)ruid Ureleet Re: Fwd: Comment on: Microsoft to give partners heads-up on security vulnerabilities Ureleet Re: Fwd: Are Bug Disclosures Helping or Hurting? Ureleet Re: Re : CAU-EX-2008-0002: Kaminsky DNS Cache Poisoning Flaw Exploit Ureleet Re: Nominate Dan Kaminsky for Most Overhyped Bug Pwnie Award Ureleet Re: Kaminsky's Law Ureleet Re: (no subject) Ureleet [ GLSA 200808-02 ] Net-SNMP: Multiple vulnerabilities Robert Buchholz [ GLSA 200808-03 ] Mozilla products: Multiple vulnerabilities Robert Buchholz [ GLSA 200808-04 ] Wireshark: Denial of Service Robert Buchholz Re: (no subject) Bernhard Mueller Re: Alphanumeric Shellcode Encoding and Detection Avraham Schneider McAfee + FUD ? r0tten c0re Check this out Manu Chao Re: Alphanumeric Shellcode Encoding and Detection Avraham Schneider rPSA-2008-0245-1 cups rPath Update Announcements rPSA-2008-0246-1 gaim rPath Update Announcements Re: Kaminsky's Law TJ Re: Media backlash begins against HD Moore and I)ruid jf Re: Media backlash begins against HD Moore and I)ruid n3td3v Google Notebook and Google Bookmarks Cross Site Scripting Vulnerabilities Alfredo Melloni CA Products That Embed Ingres Multiple Vulnerabilities Williams, James K Webex atucfobj Module ActiveX Control Buffer Overflow Vulnerability Elazar Broad Re: Media backlash begins against HD Moore and I)ruid TJ [USN-635-1] xine-lib vulnerabilities Jamie Strandboge offering 0day Jeffrey Starck [ GLSA 200808-05 ] ISC DHCP: Denial of Service Tobias Heinlein [ GLSA 200808-06 ] libxslt: Execution of arbitrary code Tobias Heinlein Re: [funsec] facebook messages worm John C. A. Bambenek, GCIH, CISSP Endless loop and resources consumption in Halo 1.0.7.0615 Luigi Auriemma Re: Media backlash begins against HD Moore and I)ruid Paul Schmehl Re: Media backlash ... insane? TJ Re: Media backlash begins against HD Moore and I)ruid Anders B Jansson
[PLSA 2008-18] Pidgin: Spoofing Vulnerability Pınar Yanardağ [PLSA 2008-19] Git: Multiple Buffer Overflows Pınar Yanardağ Petko D. Petkov files unleashed, guilty by Internet council internetsuperheros Petko D. Petkov files unleashed, guilty by Internet council internetsuperheros GNUCITIZEN Stumbleupon account revised Great Council of Internet Superheros More information on Petko D. Petkov Great Council of Internet Superheros Kaminsky Quittinq? Coffee Shop Inevitable? InfoSec DramaReport Re: [funsec] facebook messages worm Juha-Matti Laurio Re: Kaminsky Quittinq? Coffee Shop Inevitable? Paul Schmehl Whitepaper: DNS zone redelegation Bernhard Mueller Apache HTTP Server mod_proxy_ftp Wildcard Characters Cross-Site Scripting Marc Bevand infected file ( can someone please report and take it down ? ) Dr. Mark A. Baiter [Chief Scatological Consultant] Re: [funsec] facebook messages worm Gadi Evron No subject az-guy Re: [funsec] facebook messages worm Gadi Evron facebook messages worm Gadi Evron Re: [funsec] facebook messages worm Gadi Evron question Dennis Yurichev When will they ever get it !?!?!?! wilder_jeff Wilder Re: question Valdis . Kletnieks question Dennis Yurichev [ MDVSA-2008:161 ] rxvt security [ MDVSA-2008:162 ] qemu security
Re: question James Matthews Re: No subject James Matthews Re: question James Matthews [ MDVSA-2008:163 ] python security [ MDVSA-2008:164 ] python security Re: [funsec] facebook messages worm Juha-Matti Laurio OpenID/Debian PRNG/DNS Cache poisoning advisory Ben Laurie Re: [Suspected Junk Mail] Re: Petko D. Petkov files unleashed, guilty by Internet council Great Council of Internet Superheros Petko D. Petkov, Honeynet and Tom Ferris featured on an Internet Justice magazine Great Council of Internet Superheros Vim 7.2c.002 Fixes Arbitrary Command Execution when Handling Tar Archives Jan Minář Re: [OpenID] OpenID/Debian PRNG/DNS Cache poisoning advisory Gerald Beuchelt Re: [OpenID] OpenID/Debian PRNG/DNS Cache poisoning advisory Eddy Nigg (StartCom Ltd.) Vim: Unfixed Vulnerabilities in Tar Plugin Version 20 Jan Minář Squadron of Justice to the rescue Great Council of Internet Superheros Re: [OpenID] OpenID/Debian PRNG/DNS Cache poisoning advisory Peter Williams Squadron of Justice to the rescue Great Council of Internet Superheros Internet Justice #1 August 2008 (Part 1/7) Great Council of Internet Superheros Internet Justice #1 August 2008 (Part 1/7) Great Council of Internet Superheros Re: [OpenID] OpenID/Debian PRNG/DNS Cache poisoning advisory Ben Laurie Internet Justice #1 August 2008 (Part 7/7) Great Council of Internet Superheros Internet Justice #1 August 2008 (Part 2/7) Great Council of Internet Superheros Internet Justice #1 August 2008 (Part 1/7) Great Council of Internet Superheros Internet Justice #1 August 2008 (Part 3/7) Great Council of Internet Superheros Internet Justice #1 August 2008 (Part 4/7) Great Council of Internet Superheros Internet Justice #1 August 2008 (Part 5/7) Great Council of Internet Superheros Internet Justice #1 August 2008 (Part 6/7) Great Council of Internet Superheros Internet Justice #1 August 2008 (Part 2/10) Great Council of Internet Superheros Internet Justice #1 August 2008 (Part 1/10) Great Council of Internet Superheros Internet Justice #1 August 2008 (Part 3/10) Great Council of Internet Superheros Internet Justice #1 August 2008 (Part 5/10) Great Council of Internet Superheros Internet Justice #1 August 2008 (Part 4/10) Great Council of Internet Superheros Internet Justice #1 August 2008 (Part 6/10) Great Council of Internet Superheros Internet Justice #1 August 2008 (Part 7/10) Great Council of Internet Superheros Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Eric Rescorla Internet Justice #1 August 2008 (Part 8/10) Great Council of Internet Superheros Internet Justice #1 August 2008 (Part 10/10) Great Council of Internet Superheros Internet Justice #1 August 2008 (Part 9/10) Great Council of Internet Superheros Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Ben Laurie [ GLSA 200808-07 ] ClamAV: Multiple Denials of Service Raphael Marichez [ GLSA 200808-08 ] stunnel: Security bypass Raphael Marichez [ GLSA 200808-09 ] OpenLDAP: Denial of Service vulnerability Raphael Marichez Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Dave Korn Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Eric Rescorla Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Dave Korn Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Dan Guido Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Perry E. Metzger Re: [OpenID] OpenID/Debian PRNG/DNS Cache poisoning advisory Gerald Beuchelt Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Jin Sei Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Leichter, Jerry Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Eric Rescorla Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Peter Gutmann Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Dan Kaminsky Great Council of Internet Superheros n3td3v Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Ben Laurie Re: [OpenID] OpenID/Debian PRNG/DNS Cache poisoning advisory Ben Laurie Re: Great Council of Internet Superheros n3td3v c99 shell anyone? Kristo pher Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Florian Weimer Re: [OpenID] OpenID/Debian PRNG/DNS Cache poisoning advisory Dick Hardt Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Tim Dierks Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Nicolas Williams Re: [OpenID] OpenID/Debian PRNG/DNS Cache poisoning advisory Eddy Nigg (StartCom Ltd.) Re: [OpenID] OpenID/Debian PRNG/DNS Cache poisoning advisory Eddy Nigg (StartCom Ltd.) Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Paul Hoffman Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Nicolas Williams Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Tim Dierks Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Leichter, Jerry Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Nicolas Williams key blacklisting & file size (was: OpenID/Debian PRNG/DNS Cache poisoning advisory) Solar Designer Re: [OpenID] OpenID/Debian PRNG/DNS Cache poisoning advisory Eddy Nigg (StartCom Ltd.) Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Stefan Kanthak Re: [OpenID] OpenID/Debian PRNG/DNS Cache poisoning advisory Peter Williams Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Leichter, Jerry
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Eric Rescorla For great justice. new mirrors of PdP mailbox Squadron of Justice Re: For great justice. new mirrors of PdP mailbox Squadron of Justice Brazilian Bank (Caixa Economica Federal) Stupid Vuln #02 (Opera's Style) H2G-Labs Information Security Re: OpenID/Debian PRNG/DNS Cache poisoning advisory "Hal Finney" Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Forrest J. Cavalier III Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Ben Laurie List Charter John Cartwright Emergency DNS Patch Still Vulnerable, Proves Russian Physicist n3td3v [ GLSA 200808-10 ] Adobe Reader: User-assisted execution of arbitrary code Robert Buchholz
Re: Emergency DNS Patch Still Vulnerable, Proves Russian Physicist Valdis . Kletnieks Latest judgement by Internet Justice Court: Still insecure, after all these years. Squadron of Justice what happened to fd??.. even eff cant save it??. Joel Jose I'm going to Internet Jail, framed by Squadron of Justice alan shimel Internet justice delivered, criminals panic and run in despair alan shimel Re: Internet justice delivered, criminals panic and run in despair Night Ninja Re: [Full-disclosure] Internet justice delivered, crimi nals panic and run in despair Squadron of Justice Re: Internet justice delivered, criminals panic and run in despair alan shimel Re: Internet justice delivered [UPDATE ON M. ROTHMAN AND ALAN] Squadron of Justice Re: Emergency DNS Patch Still Vulnerable, Proves Russian Physicist Paul Schmehl [SECURITY] [DSA 1627-1] New PowerDNS packages reduce DNS spoofing risk Florian Weimer
Internet attacks against Georgian web sites Gadi Evron Re: [funsec] Internet attacks against Georgian web sites Paul Ferguson Re: [funsec] Internet attacks against Georgian web sites Paul Ferguson Inguma version 0.0.9 released Joxean Koret Re: Internet justice delivered, criminals panic and run in despair Valdis . Kletnieks anyone developing a secure telephony application for GSM CSD? Fabio Pietrosanti (naif) Surf Jack - HTTPS will not save you Sandro Gauci Re: Internet attacks against Georgian web sites n3td3v George Ledin virus material training Request. Jun... Re: [funsec] Internet attacks against Georgian web sites John C. A. Bambenek, GCIH, CISSP Re: [funsec] Internet attacks against Georgian web sites n3td3v Re: [funsec] Internet attacks against Georgian web sites Valdis . Kletnieks [ GLSA 200808-11 ] UUDeview: Insecure temporary file creation Pierre-Yves Rofes Re: [funsec] Internet attacks against Georgian web sites Robert Marquardt [ MDVSA-2008:165 ] perl security Re: [funsec] Internet attacks against Georgian web sites n3td3v rPSA-2008-0249-1 openldap openldap-clients openldap-servers rPath Update Announcements rPSA-2008-0247-1 gvim vim vim-minimal rPath Update Announcements Re: Team SHATTER Security Advisory: SQL Injection in Oracle Database (DBMS_DEFER_SYS.DELETE_TRAN) Team SHATTER Re: what happened to fd??.. even eff cant save it??. coderman Re: Surf Jack - HTTPS will not save you coderman
[PLSA 2008-21] Ruby: Multiple Vulnerabilities Pınar Yanardağ [PLSA 2008-22] Php: Multiple Overflows Pınar Yanardağ Ukraine? Drop Drop Re: [Full-disclosure] Internet justice delivered, crimi nals panic and run in despair Squadron of Justice ekoparty 2008 - [First Round of Selection] - [Argentina] ekoparty Re: [Suspected Junk Mail] Re: Petko D. Petkov hacked? Squadron of Justice Layered Defense Research Advisory: Alcatel-Lucent OmniSwitch products, Stack Buffer Overflow Deral Heiland Re: Surf Jack - HTTPS will not save you Noam Rathaus StumbleUpon XSS (fixed) Berend-Jan Wever Secret Plan To Kill Internet By 2012 Leaked? energy ISP's confirm '2012: The Year The Internet Ends' energy Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Ben Laurie Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Ben Laurie children of the daycare of justice little league Tea Baggins iDefense Security Advisory 08.04.08: Solaris snoop SMB Decoding Multiple Stack Buffer Overflow Vulnerabilities iDefense Labs Fwd: Comments on: Alleged NASA hacker gets temporary reprieve n3td3v iDefense Security Advisory 08.04.08: Solaris snoop SMB Decoding Multiple Format String Vulnerabilities iDefense Labs Thanks Maynor. staff VMSA-2008-0012 Updated VirtualCenter addresses User Account Disclosure Vulnerability VMware Security Team Re: Thanks Maynor. Sandy Vagina VMSA-2008-0013 Updated ESX packages for OpenSSL, net-snmp, perl VMware Security Team Re: Thanks Maynor. Robert Holgstad Re: StumbleUpon XSS (fixed) Robert Holgstad Re: George Ledin virus material training Request. Robert Holgstad CA Host-Based Intrusion Prevention System SDK kmxfw.sys Multiple Vulnerabilities Williams, James K selling jeremie travis selling 0-day jeremie travis Re: Petko D. Petkov hacked? Squadron of Justice Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Clausen, Martin (DK - Copenhagen) rPSA-2008-0253-1 git gitweb rPath Update Announcements [TKADV2008-006] CA HIPS KmxFw.sys Kernel Memory Corruption Tobias Klein Re: Internet attacks against Georgian web sites Gadi Evron Step-by-step instructions for debugging Cisco IOS using gdb Andy Davis ZDI-08-048: Microsoft Excel COUNTRY Record Memory Corruption Vulnerability zdi-disclosures ZDI-08-049: Microsoft Windows Graphics Rendering Engine PICT Heap Corruption zdi-disclosures ZDI-08-050: Microsoft Internet Explorer XHTML Rendering Memory Corruption Vulnerability zdi-disclosures ZDI-08-051: Microsoft Internet Explorer Table Layout Memory Corruption Vulnerability zdi-disclosures Vim: Netrw: FTP User Name and Password Disclosure Jan Minář iDefense Security Advisory 08.12.08: Microsoft Office BMP Input Filter Heap Overflow Vulnerability iDefense Labs
[ MDVSA-2008:167 ] kernel security [ MDVSA-2008:166 ] clamav security iDefense Security Advisory 08.12.08: Microsoft Office WPG Image File Heap Buffer Overflow Vulnerability iDefense Labs iDefense Security Advisory 08.12.08: Microsoft PowerPoint Viewer 2003 Out of Bounds Array Index Vulnerability iDefense Labs iDefense Security Advisory 08.12.08: Microsoft PowerPoint Viewer 2003 Cstring Integer Overflow Vulnerability iDefense Labs iDefense Security Advisory 08.12.08: Microsoft Excel Chart AxesSet Invalid Array Index Vulnerability iDefense Labs iDefense Security Advisory 08.12.08: Microsoft Excel FORMAT Record Invalid Array Index Vulnerability iDefense Labs iDefense Security Advisory 08.12.08: Microsoft Windows Color Management Module Heap Buffer Overflow Vulnerability iDefense Labs Storesonline, Ecommerce hosting solution - how to avoid mistakes that put your business at risk Mister Nice Guy Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Seth Breidbart Re: [funsec] Internet attacks against Georgian web sites Gadi Evron Re: [funsec] Internet attacks against Georgian web sites Paul Ferguson Re: [funsec] Internet attacks against Georgian web sites Gadi Evron Re: Internet attacks against Georgian web sites Viktor Larionov IntelliTamper v2.07/2.08 Beta 4 A HREF sploit kralor Re: Vim: Netrw: FTP User Name and Password Disclosure Tony Mechelynck (no subject) ff0000 OpenVAS Stable Release Michael Wiegand Re: Internet attacks against Georgian web sites n3td3v NULL pointer in Ventrilo 3.0.2 Luigi Auriemma rPSA-2008-0243-1 idle python rPath Update Announcements Re: Internet attacks against Georgian web sites n3td3v
[ MDVSA-2008:169 ] hplip security Microsoft Windows Messenger Remote Illegal Access Vulnerability cocoruder [ MDVSA-2008:168 ] stunnel security [ MDVSA-2008:170 ] cups security Funniest thing at DefCon this year... Exibar [funsec] Estonia similarities begin to manifest (fwd) Gadi Evron CORE-2008-0103: Internet Explorer Zone Elevation Restrictions Bypass and Security Zone Restrictions Bypass CORE Security Technologies Advisories Coordinated Russia vs Georgia cyber attack in progress Dancho Danchev ISOI 5 (Tallinn) agenda is now online Gadi Evron SECOBJADV-2008-03: PartyGaming PartyPoker Malicious Update Vulnerability advisories SUSE Security Announcement: postfix (SUSE-SA:2008:040) Thomas Biege Re: Internet attacks against Georgian web sites Pavel Labushev Re: DNS forward only: why does it help? Florian Weimer Re: Internet attacks against Georgian web sites n3td3v Re: Funniest thing at DefCon this year... North, Quinn Re: Internet attacks against Georgian web sites Ureleet Re: Funniest thing at DefCon this year... Ureleet Re: (no subject) Ureleet Re: Great Council of Internet Superheros Ureleet Re: Internet justice delivered [UPDATE ON M. ROTHMAN AND ALAN] Ureleet Cisco IOS Shellcodes Gyan Chawdhary Re: (no subject) Valdis . Kletnieks SUSE Security Announcement: openwsman (SUSE-SA:2008:041) Thomas Biege Re: Funniest thing at DefCon this year... ff0000 ZDI-08-052: OpenLDAP BER Decoding Remote DoS Vulnerability zdi-disclosures Security Assessment of the Internet Protocol Fernando Gont ZDI-08-053: Symantec Veritas Storage Foundation Scheduler Service NULL Session Authentication Bypass Vulnerability zdi-disclosures [ GLSA 200808-12 ] Postfix: Local privilege escalation vulnerability Raphael Marichez
[PLSA 2008-24] Amarok: Privilege escalation Pınar Yanardağ Cisco Security Advisory: Vulnerability in Cisco WebEx Meeting Manager ActiveX Control Cisco Systems Product Security Incident Response Team UPDATE!! Funniest thing at DefCon this year... Exibar weev, baby Tea Baggins rPSA-2008-0255-1 freetype rPath Update Announcements Call for Papers CFS Frank Manley Re: Security Assessment of the Internet Protocol Mark Brunner weev, baby Gadi Evron Re: weev, baby hERB Re: weev, baby coderman Health website vulnerable to hacking, no response from admins after multiple attempts Kristian Erik Hermansen Re: weev, baby n3td3v [ MDVSA-2008:171 ] postfix security [ MDVSA-2008:172 ] amarok security
[PLSA 2008-25] Postfix: Local privilege escalation Pınar Yanardağ Step-by-step instructions for debugging Cisco IOS using gdb Smiler S Tool: PorkBind v1.3 Nameserver Security Scanner (New Version) Derek Callaway Re: [funsec] Internet attacks against Georgian web sites Radoslav Dejanović Beware the firefox ZERO DAYZZZZ T Biehn Linus summarizes state of the "security industry" with precision and accuracy. coderman Re: Linus summarizes state of the "security industry" with precision and accuracy. silky Re: Beware the firefox ZERO DAYZZZZ Thierry Zoller Nokia 6131 NFC URI/URL Spoofing and DoS Advisory Collin R. Mulliner Re: Step-by-step instructions for debugging Cisco IOS using gdb Andrew Farmer
Re: Step-by-step instructions for debugging Cisco IOS using gdb Andy Davis Re: Full-Disclosure Digest, Vol 42, Issue 42 badr muhyeddin Re: selling 0-day jeremie travis Re: Full-Disclosure Digest, Vol 42, Issue 42 William McAfee Re: 0day offer Jeffrey Starck Re: Beware the firefox ZERO DAYZZZZ Memisyazici, Aras Re: [funsec] Internet attacks against Georgian web sites Static Rez Re: [funsec] Internet attacks against Georgian web sites William McAfee Klueless Klowns Team PHP shell Kristo pher Re: [funsec] Internet attacks against Georgian web sites William McAfee Re: Klueless Klowns Team PHP shell William McAfee Re: [funsec] Internet attacks against Georgian web s ites Paul Ferguson
Re: [funsec] Internet attacks against Georgian web s ites n3td3v Re: Klueless Klowns Team PHP shell Andrew Farmer Re: [funsec] Internet attacks against Georgian web s ites William McAfee Re: [Full-disclosure] [funsec] Internet attacks against Georgian web s ites ff0000 Re: [funsec] Internet attacks against Georgian web s ites Peter Dawson Re: [funsec] Internet attacks against Georgian web s ites Valdis . Kletnieks Re: [funsec] Internet attacks against Georgian web s ites coderman Re: [funsec] Internet attacks against Georgian web s ites William McAfee Re: [funsec] Internet attacks against Georgian web s ites Dave Re: [funsec] Internet attacks against Georgian web s ites William McAfee Re: Linus summarizes state of the "security industry" with precision and accuracy. Simon Valiquette Re: Linus summarizes state of the "security industry" with precision and accuracy. John C. A. Bambenek, GCIH, CISSP
Re: Linus summarizes state of the "security industry" with precision and accuracy. Simon Valiquette Re: Linus summarizes state of the "security industry" with precision and accuracy. don bailey Re: Linus summarizes state of the "security industry" with precision and accuracy. don bailey Re: Linus summarizes state of the "security industry" with precision and accuracy. Erik Harrison Re: Linus summarizes state of the "security industry" with precision and accuracy. William McAfee Re: Step-by-step instructions for debugging Cisco IOS using gdb Smiler D The Hacksaw Conspiracies Phillip Tanner [SECURITY] [DSA 1629-1] New postfix packages fix privilege escalation Thijs Kinkhorst [SECURITY] [DSA 1629-2] New postfix packages fix installability problem on i386 Thijs Kinkhorst Introducing the Android Security Team richc Re: The Hacksaw Conspiracies T Biehn Re: The Hacksaw Conspiracies William McAfee Deep Blind SQL Injection Whitepaper Ferruh Mavituna Re: 0day offer jeroen Re: Deep Blind SQL Injection Whitepaper David Litchfield Denial of Service Survey Tyler Reguly Re: Deep Blind SQL Injection Whitepaper Ferruh Mavituna IMF 2008 - Call for Participation Oliver Goebel [ MDVSA-2008:173 ] kdegraphics security [USN-636-1] Postfix vulnerability Kees Cook
[ MDVSA-2008:174 ] kernel security BSQL Hacker 0.9.0.7 - Advanced SQL Injection Framework / Tool Ferruh Mavituna Re: Deep Blind SQL Injection Whitepaper Sir Mordred OWASP DirBuster 0.11.1 Released James Fisher Re: OWASP DirBuster 0.11.1 Released Robert Holgstad Re: OWASP DirBuster 0.11.1 Released William McAfee [ MDVSA-2008:175 ] yelp security Re: OWASP DirBuster 0.11.1 Released Michael Krymson [ MDVSA-2008:176 ] mtr security CORE-2008-0624: Anzio Web Print Object Buffer Overflow CORE Security Technologies Advisories CORE-2008-0813 - vBulletin Cross Site Scripting Vulnerability CORE Security Technologies Advisories Re: CORE-2008-0624: Anzio Web Print Object Buffer Overflow James Matthews Re: OWASP DirBuster 0.11.1 Released Tom Brennan Re: Deep Blind SQL Injection Whitepaper Marco Slaviero
[ MDVSA-2008:177 ] xine-lib security [ MDVSA-2008:178 ] xine-lib security Re: OWASP DirBuster 0.11.1 Released James Matthews Hacking OSPF with MD5 authentication enabled Francois Ropert Re: Hacking OSPF with MD5 authentication enabled GomoR Version-independent IOS shellcode Andy Davis Re: Hacking OSPF with MD5 authentication enabled Francois Ropert Re: Hacking OSPF with MD5 authentication enabled Francois Ropert Fujitsu Web-Based Admin View Directory Traversal Vulnerability Deniz Cevik UPDATE: [ GLSA 200804-22 ] PowerDNS Recursor: DNS Cache Poisoning Robert Buchholz DXShopCart V4.30mc search.php XSS bug squash [ MDVSA-2008:179 ] metisse security
[ MDVSA-2008:180 ] libxml2 security 0day services offer Stephen Flaw rPSA-2008-0259-1 postfix rPath Update Announcements [SECURITY] [DSA 1630-1] New Linux 2.6.18 packages fix several vulnerabilities dann frazier DXShopCart v4.30mc product search.php xss bug squash Announcement/OT: Ethical Hacking book release (Spanish) Security Lists Secunia Research: Trend Micro Products Web Management Authentication Bypass Secunia Research Contest: Best Advances for OpenVAS Network Vulnerability Tests Michael Wiegand Re: 0day services offer Valdis . Kletnieks Re: 0day services offer John Lamb Re: 0day services offer Darkie Duck Vim: Arbitrary Code Execution in Commands: K, Control-], g] Jan Minář Re: 0day services offer n3td3v Fedora confirms: Our servers were breached Juha-Matti Laurio ACG-PTP 1.0.6 index.php persistent XSS bug squash Re: Vim: Arbitrary Code Execution in Commands: K, Control-], g] staff Arbitrary Command Execution in Windows and Unix Shells. Bob Beck Re: Fedora confirms: Our servers were breached coderman Re: Fedora confirms: Our servers were breached James Matthews Re: Fedora confirms: Our servers were breached Jerome Benoit [SECURITY] [DSA 1631-1] New libxml2 packages fix denial of service Steve Kemp Re: Fedora confirms: Our servers were breached Dragos Ruiu Photo Cart 3.9 index.php "search" XSS bug squash Fwd: Hacker calls buddies overseas on U.S. government dime n3td3v Re: Fwd: Hacker calls buddies overseas on U.S. government dime James Matthews Re: Fwd: Hacker calls buddies overseas on U.S. government dime n3td3v
Re: Fedora confirms: Our servers were breached William McAfee libc/net inet_net_pton() integer overflow Maksymilian Arciemowicz Multiple XSS Vulnerabilities in Self Generate CMS Kærast
Re: Fwd: Hacker calls buddies overseas on U.S. government dime Ureleet Re: Fwd: Comments on: Alleged NASA hacker gets temporary reprieve Ureleet Re: Fwd: Hacker calls buddies overseas on U.S. government dime Razi Shaban Call For Papers - Hackers 2 Hackers Conference 5th Edition - Brazil Rodrigo Rubira Branco (BSDaemon) Re: Multiple XSS Vulnerabilities in Self Generate CMS (K?rast) devildeath1988
[PLSA 2008-28] Libxml2: Denial of Service Pınar Yanardağ [PLSA 2008-29] Vlc: Multiple Vulnerabilities Pınar Yanardağ [PLSA 2008-30] Vim: Arbitrary code execution Pınar Yanardağ [IVIZ-08-004] Intel BIOS Plain Text Password Disclosure iViZ Security Advisories [IVIZ-08-005] IBM Lenovo BIOS Plain Text Password Disclosure iViZ Security Advisories [IVIZ-08-006] DiskCryptor Security Model bypass exploiting wrong BIOS API usage iViZ Security Advisories [IVIZ-08-002] Hewlett-Packard BIOS Plain Text Password Disclosure iViZ Security Advisories [IVIZ-08-009] Grub Legacy Security Model bypass exploiting wrong BIOS API usage iViZ Security Advisories [IVIZ-08-003] TrueCrypt Security Model bypass exploiting wrong BIOS API usage iViZ Security Advisories [IVIZ-08-007] DriveCrypt Security Model bypass exploiting wrong BIOS API usage iViZ Security Advisories Secunia Research: Novell iPrint Client ActiveX Control Multiple Buffer Overflows Secunia Research Secunia Research: Novell iPrint Client ActiveX Control "GetFileList()" Information Disclosure Secunia Research [IVIZ-08-008] LILO Security Model bypass exploiting wrong BIOS API usage iViZ Security Advisories SQL Injection Vulnerability in BtiTracker and xbtit Valery Marchuk [IVIZ-08-001] Microsoft Bitlocker Plain Text Password Disclosure iViZ Security Advisories Re: [IVIZ-08-001] Microsoft Bitlocker Plain Text Password Disclosure KJK::Hyperion
Secunia Research: Calendarix Basic Two SQL Injection Vulnerabilities Secunia Research Re: Arbitrary Code Execution in Commands: K, Control-], g] Michael Wojcik [USN-637-1] Linux kernel vulnerabilities Kees Cook ISO Standards Basha, Arif news from Network Security Research John Wane Re: ISO Standards Line Noise Re: ISO Standards] Carlos Sahuquillo [SECURITY] [DSA 1631-1] New libxml2 packages fix denial of service Steve Kemp PacSec 2008 CFP (Deadline Sept. 1, Conference Nov. 12/13) and BA-Con 2008 Speakers (Sept. 30/ Oct. 1)PacSec 2 008 CFP (Deadline Sept. 1, Conference Nov. 12/13) and BA-Con 2008 Speakers (Sept. 30/ Oct. 1) Dragos Ruiu [ MDVSA-2008:180-1 ] libxml2 security Re: [IVIZ-08-001] Microsoft Bitlocker Plain Text Password Disclosure Juha-Matti Laurio
test post Jason Josno Re: DIE IN A FIRE post M. Shirk [PLSA 2008-31] Tiff: Denial of Service Pınar Yanardağ Re: [IVIZ-08-001] Microsoft Bitlocker Plain Text Password Disclosure James Matthews Re: test post James Matthews Re: ISO Standards Tonnerre Lombard Re: Funniest thing at DefCon this year... baldr Re: DIE IN A FIRE post Simon Smith Re: DIE IN A FIRE post Franck Re: DIE IN A FIRE post Shirk Dog White Wolf Labs #080826-1: Kyocera Mita Scanner File Utility (Multiple) Seth Fogie [SECURITY] [DSA 1632-1] New tiff packages fix arbitrary code execution Thijs Kinkhorst Re: DIE IN A FIRE post John C. A. Bambenek, GCIH, CISSP Re: DIE IN A FIRE post Randal T. Rioux Re: DIE IN A FIRE post Simon Smith Re: TCP Port randomization paper Fernando Gont Re: DIE IN A FIRE post James Matthews [USN-638-1] Yelp vulnerability Kees Cook
[PLSA 2008-28] [Update] Libxml2: Denial of Service Pınar Yanardağ Re: DIE IN A FIRE post mrdkaaa reviving the botnets@ mailing list: a new statregy in fighting cyber crime Gadi Evron Re: reviving the botnets@ mailing list: a new statregy in fighting cyber crime n3td3v Re: ISO Standards M . B . Jr . Re: ISO Standards James Matthews Re: Deep Blind SQL Injection Whitepaper nummish Re: Deep Blind SQL Injection Whitepaper Haroon Meer Re: [funsec] Internet attacks against Georgian web s ites n3td3v Re: [funsec] Internet attacks against Georgian web s ites n3td3v ZDI-08-054: Multiple Vendor libpurple MSN Protocol SLP Message Heap Overflow Vulnerability zdi-disclosures
[ MDVSA-2008:181 ] ipsec-tools security [scip_Advisory 3807] Dreambox DM500 webserver long URL request denial of service Marc Ruef [tool announce] KisGearth - optimized release... Richard Sammet kings' tools Kristo pher
VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues. VMware Security team Inside India’s CAPTCHA Solvi ng Economy Dancho Danchev hackmeeting: call for participation bomboclat Honeypot? James Lay x0x0x ? its a joke! a vendetta history.. bussinessinbox box Re: [inbox] Honeypot? Exibar Re: [inbox] Honeypot? James Lay Re: [Full-disclosure] Inside India’s CAPTCHA Solvi ng Economy coderman Re: Inside India’s CAPTCHA Solvin g Economy Paul Schmehl Re: [Full-disclosure] Inside India’s CAPTCHA Solvi ng Economy Razi Shaban Re: [Full-disclosure] Inside India’s CAPTCHA Solvi ng Economy n3td3v Re: [Full-disclosure] Inside India’s CAPTCHA Solvi ng Economy n3td3v
[PLSA 2008-32] Mono: Cross Site Scripting Pınar Yanardağ [PLSA 2008-33] [UPDATED] Opensc: Security Bypass Pınar Yanardağ Gustav, domain name reportage n3td3v Re: Gustav, domain name reportage n3td3v Re: Inside India’s CAPTCHA Solvin g Economy Paul Schmehl Re: Gustav, domain name reportage n3td3v Re: [Full-disclosure] Inside India’s CAPTCHA Solvi ng Economy Valdis . Kletnieks Re: Gustav, domain name reportage n3td3v Re: Gustav, domain name reportage Valdis . Kletnieks Re: Gustav, domain name reportage n3td3v Re: Gustav, domain name reportage Valdis . Kletnieks Re: [Full-disclosure] Inside India’s CAPTCHA Solvin g Economy Raj Mathur Re: Gustav, domain name reportage n3td3v Re: Gustav, domain name reportage Valdis . Kletnieks Re: Gustav, domain name reportage n3td3v PoCfix (PoC for Postfix local root vuln - CVE-2008-2936) Roman Medina-Heigl Hernandez Port Randomization: New revision of our IETF Internet-Draft Fernando Gont [SECURITY] [DSA-1597-2] New mt-daapd package fix regression Devin Carraway [SECURITY] [DSA 1627-2] New opensc package fix incomplete check Thijs Kinkhorst rPSA-2008-0264-1 ruby rPath Update Announcements x0x0x? its a joke! bussinessinbox box Re: [Full-disclosure] Inside India’s CAPTCHA Solvin g Economy Raj Mathur Re: [Full-disclosure] Inside India’s CAPTCHA Solvi ng Economy Razi Shaban Re: Gustav, domain name reportage Wesley McGrew Re: Inside India's CAPTCHA Solving Economy Thedjatclubrock Re: x0x0x? its a joke! Robert Holgstad Re: x0x0x? its a joke! Thedjatclubrock Monthly Hands-On Meetups Professor Micheal Chatner Re: Monthly Hands-On Meetups Eliah Kagan Re: Monthly Hands-On Meetups Arturo 'Buanzo' Busleiman
[PLSA 2008-34] GNU ed: Heap Overflow Pınar Yanardağ [PLSA 2008-35] Ruby: Denial of Service Pınar Yanardağ Re: [inbox] Monthly Hands-On Meetups Exibar Re: [inbox] Monthly Hands-On Meetups Valdis . Kletnieks Re: Monthly Hands-On Meetups Stephen Menard Port Randomization: New revision of our IETF Internet-Draft Fernando Gont Re: [inbox] Monthly Hands-On Meetups Exibar New IETF I-D-: Security Assessment of the Internet Protocol version 4 Fernando Gont
RSS Feed
About List
All Lists
Previous period