Home page logo
/

591 messages starting Jul 23 08 and ending Jul 21 08
Date index | Thread index | Author index

Aaron Brown

Vulnerability Report: EMC Centera Universal Access Aaron Brown (Jul 23)

Aaron Turner

Re: Recall: simple phishing fix Aaron Turner (Jul 30)

Adam Chesnutt

Re: Kaminsky's Law Adam Chesnutt (Jul 26)

Adolf Hitler

Warning Adolf Hitler (Jul 09)

advisories

SECOBJADV-2008-02: Cygwin Installation and Update Process can be Subverted Vulnerability advisories (Jul 25)
Advisories advisories (Jul 30)

Alberto Trivero

[White Paper] Abusing HTML 5 Structured Client-side Storage Alberto Trivero (Jul 21)

Albert R. Campa

Re: signature for DNS vulnerability? Albert R. Campa (Jul 25)
Traversing Dan's directory - DNS statistics right from the source Alexander Klink (Jul 16)

Alexander Sotirov

Pwnie Awards 2008 Alexander Sotirov (Jul 08)
Re: Pwnie Awards: Nominations, delayed? Alexander Sotirov (Jul 15)
Kaminsky DNS bug leaked Alexander Sotirov (Jul 15)

Alex Howells

Re: help: I need to crack my box Alex Howells (Jul 22)

alien

London DEFCON July meet - DC4420 - Thursday 10th July (today!) alien (Jul 10)

A . L . M . Buxey

Re: New round of SSH scan IP's A . L . M . Buxey (Jul 09)
Re: Linux's unofficial security-through-coverup policy A . L . M . Buxey (Jul 17)

Anders Klixbull

Re: Multiple Vendor DNS Cache Poisoning issue Anders Klixbull (Jul 10)
Re: AFK from fool-disclosure Anders Klixbull (Jul 23)
Re: AFK from fool-disclosure Anders Klixbull (Jul 28)

Andrea Purificato

Oracle Portal XSS fixed by CPU July 2008 Andrea Purificato (Jul 16)

Andy Davis

Remote Cisco IOS FTP server exploit Andy Davis (Jul 29)
Cisco IOS shellcode explanation Andy Davis (Jul 30)
Cisco IOS shellcode explanation - additional Andy Davis (Jul 30)

Archibald Tuttle

Re: The cat is indeed out of the bag Archibald Tuttle (Jul 22)

Arturo 'Buanzo' Busleiman

Re: n3td3v podcast Arturo 'Buanzo' Busleiman (Jul 03)
Re: n3td3v podcast Arturo 'Buanzo' Busleiman (Jul 03)
Re: Linux's unofficial security-through-coverup policy Arturo 'Buanzo' Busleiman (Jul 17)
SPAM from Tobesecurity.com Arturo 'Buanzo' Busleiman (Jul 24)
Re: Tool: PorkBind Nameserver Security Scanner Arturo 'Buanzo' Busleiman (Jul 30)

Asterisk Security Team

AST-2008-010: Asterisk IAX 'POKE' resource exhaustion Asterisk Security Team (Jul 22)
AST-2008-011: Traffic amplification in IAX2 firmware provisioning system Asterisk Security Team (Jul 22)

badr muhyeddin

Re: Full-Disclosure Digest, Vol 41, Issue 3 badr muhyeddin (Jul 02)

Berend-Jan Wever

Alphanumeric shellcode improvements Berend-Jan Wever (Jul 01)

Biz Marqee

Re: simple phishing fix Biz Marqee (Jul 28)
Re: simple phishing fix Biz Marqee (Jul 28)

blah

Pen Test forums? blah (Jul 24)
Re: simple phishing fix blah (Jul 30)

Blue Boar

Re: [Dailydave] Linux's unofficial security-through-coverup policy Blue Boar (Jul 17)

Brad Spengler

Linux's unofficial security-through-coverup policy Brad Spengler (Jul 16)
Re: Linux's unofficial security-through-coverup policy Brad Spengler (Jul 16)
Re: Linux's unofficial security-through-coverup policy Brad Spengler (Jul 16)
Re: Linux's unofficial security-through-coverup policy Brad Spengler (Jul 17)

Brett Moore

Insomnia : ISVA-080709.1 - Microsoft SQL Server - Corrupt Backup File Heap Overflow Brett Moore (Jul 09)

carl hardwick

Flaw in eMule 0.49: it exposes the OS user account name when it sends the shared files list carl hardwick (Jul 14)

Cesar

Re: iDefense Security Advisory 07.08.08: Microsoft SQL Server Restore Integer Underflow Vulnerability Cesar (Jul 08)

Chandrashekhar B

Nessus plugins for recent MS Bulletins Chandrashekhar B (Jul 10)
Multiple Vendor DNS Cache Poisoning issue Chandrashekhar B (Jul 10)
Multiple Vendor DNS Cache Poisoning issue Chandrashekhar B (Jul 10)

Charles Majola

Re: Panda ActiveScan 2.0 remote code execution Charles Majola (Jul 04)
Re: 0day offer Charles Majola (Jul 29)
Re: ladies Charles Majola (Jul 30)

Cisco Systems Product Security Incident Response Team

Cisco Security Advisory: Multiple Cisco Products Vulnerable to DNS Cache Poisoning Attacks Cisco Systems Product Security Incident Response Team (Jul 08)

cocoruder

RealNetworks RealPlayer ActiveX Illegal Resource Reference Vulnerability cocoruder (Jul 30)

coderman

Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) coderman (Jul 13)
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) coderman (Jul 14)
Re: ...? (: coderman (Jul 25)
Re: Dan Kaminsky Disclosure Methodology + Super Critical vulnerability disclosure in Windows coderman (Jul 25)
Re: DNS spoofing issue. Thoughts on coderman (Jul 28)

Context IS - Disclosure

Context IS Advisory - MS08-39 OWA XSS Context IS - Disclosure (Jul 10)

crazy frog crazy frog

signature for DNS vulnerability? crazy frog crazy frog (Jul 25)
Re: signature for DNS vulnerability? crazy frog crazy frog (Jul 26)

Dale Harris

Re: ladies Dale Harris (Jul 24)

Dancho Danchev

Gmail, Yahoo and Hotmail’s CAPTCHA broken by spammers Dancho Danchev (Jul 03)

Daniel Guido

Is the security industry like a lemon market? Daniel Guido (Jul 23)
Re: Is the security industry like a lemon market? Daniel Guido (Jul 23)

Darren Bounds

iPhone ActivSync/iTunes flaw Darren Bounds (Jul 14)

Dave Aitel

Re: [Dailydave] Linux's unofficial security-through-coverup policy Dave Aitel (Jul 17)

David Bryan

Minneapolis DC612 Meeting July 10th, 2008 () 6pm David Bryan (Jul 08)

David Litchfield

Oracle Application Server PLSQL injection flaw David Litchfield (Jul 15)
Lateral SQL Injection Revisited - No Special Privs Required David Litchfield (Jul 18)
Re: Pwnie Awards 2008 David Litchfield (Jul 21)

DDI_Vulnerability_Alert

DDIVRT-2008-12-ServerView SnmpGetMibValues.exe Buffer Overflow DDI_Vulnerability_Alert (Jul 03)

DeepSec 2008

Deepsec Talks 2007 are online - registration for 2008 is open DeepSec 2008 (Jul 02)

DeepSec Conference Vienna

DeepSec 2008 - Last call for submissions DeepSec Conference Vienna (Jul 14)

Deniz Cevik

Re: DNS and Checkpoint Deniz Cevik (Jul 10)
IBM MRO MAXIMO INFORMATION DISCLOSURE AND XSS VULNERABILITIES Deniz Cevik (Jul 11)

Devin Carraway

[SECURITY] [DSA 1608-1] New mysql-dfsg-5.0 packages fix authorization bypass Devin Carraway (Jul 13)
[SECURITY] [DSA 1613-1] new libgd2 packages fix multiple vulnerabilities Devin Carraway (Jul 22)
[SECURITY] [DSA 1616-1] new clamav packages fix denial of service Devin Carraway (Jul 24)
[SECURITY] [DSA 1617-1] New refpolicy packages fix incompatible policy Devin Carraway (Jul 25)
[SECURITY] [DSA 1616-2] New clamav packages fix denial of service Devin Carraway (Jul 26)
[SECURITY] [DSA 1619-1] New python-dns packages fix DNS response spoofing Devin Carraway (Jul 27)

don bailey

Will the real Don Bailey please stand up? don bailey (Jul 31)
Re: Re DNS spoofing issue discussion don bailey (Aug 01)
Re: Re DNS spoofing issue discussion don bailey (Aug 01)
Re: Re DNS spoofing issue discussion don bailey (Aug 01)

Dragos Ruiu

Re: simple phishing fix Dragos Ruiu (Jul 30)
Re: simple phishing fix Dragos Ruiu (Jul 30)
Re: [inbox] Re: simple phishing fix Dragos Ruiu (Jul 31)

|e0

Re: Critical flaw rocks the internet |e0 (Jul 09)

ekoparty

ekoparty security trainings (2008) announcement ekoparty (Jul 17)

Elazar Broad

Re: Panda ActiveScan 2.0 remote code execution Elazar Broad (Jul 04)
Proxy Autoconfiguration and Internet Explorer Zones Elazar Broad (Jul 10)
Re: Proxy Autoconfiguration and Internet Explorer Zones Elazar Broad (Jul 11)
Re: DNS and NAT (was: DNS and CheckPoint) Elazar Broad (Jul 11)
Re: Oracle DB security contact email address? Elazar Broad (Jul 17)
Re: [Full-disclosure] [Dailydave] Linux's unofficial security-through-coverup policy Elazar Broad (Jul 17)
Re: [Full-disclosure] [Dailydave] Linux's unofficial security-through-coverup policy Elazar Broad (Jul 17)
Re: signature for DNS vulnerability? Elazar Broad (Jul 25)
Real Networks RealPlayer ActiveX Heap Use After Free Vulnerability Elazar Broad (Jul 25)
Trend Micro OfficeScan ObjRemoveCtrl ActiveX Control Buffer Overflow Vulnerability Elazar Broad (Jul 28)
Re: [Full-disclosure] Trend Micro OfficeScan ObjRemoveCtrl ActiveX Control Buffer Overflow Vulnerability Elazar Broad (Jul 29)

Enigma

Re: bloginfosec.com: We're looking for a few good columnists! Enigma (Jul 10)

Erik Kamerling

Re: signature for DNS vulnerability? Erik Kamerling (Jul 25)

eugaaa () gmail com

DNS Cache Dan Kamikaze (Actual Exploit Discussion) eugaaa () gmail com (Jul 13)
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) eugaaa () gmail com (Jul 13)
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) eugaaa () gmail com (Jul 14)
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) eugaaa () gmail com (Jul 14)
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) eugaaa () gmail com (Jul 14)
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) eugaaa () gmail com (Jul 14)
Re: Dan Kaminsky Disclosure Methodology + Super Critical vulnerability disclosure in Windows eugaaa () gmail com (Jul 26)

Exibar

Re: ladies Exibar (Jul 24)
Re: Kaminsky's Law Exibar (Jul 25)
Re: [inbox] Re: DNS spoofing issue. Thoughts on Exibar (Jul 27)
Re: simple phishing fix Exibar (Jul 30)
Re: simple phishing fix Exibar (Jul 30)
Re: [inbox] Re: simple phishing fix Exibar (Jul 31)
Re: [inbox] Re: simple phishing fix Exibar (Jul 31)

Felipe Andres Manzano

#2008-007 libpoppler uninitialized pointer - POC Felipe Andres Manzano (Jul 08)

Fernando Gont

IETF Internet-Draft on TCP Port randomization Fernando Gont (Jul 16)

Filipe Balestra

Re: [SCANIT-2008-001] QNX phgrafx Privilege Escalation Vulnerability Filipe Balestra (Jul 02)

Florian Weimer

[SECURITY] [DSA 1602-1] New pcre3 packages fix arbitrary code execution Florian Weimer (Jul 05)
[SECURITY] [DSA 1603-1] New bind9 packages fix cache poisoning Florian Weimer (Jul 08)
[SECURITY] [DSA 1604-1] BIND 8 deprecation notice Florian Weimer (Jul 08)
[SECURITY] [DSA 1605-1] DNS vulnerability impact on the libc stub resolver Florian Weimer (Jul 08)
Re: Zone Alarm Firewall users without Internet after MS patch (MS08-037) Florian Weimer (Jul 09)
Re: Zone Alarm Firewall users without Internet after MS patch (MS08-037) Florian Weimer (Jul 09)
[SECURITY] [DSA 1544-2] New pdns-recursor packages fix predictable randomness Florian Weimer (Jul 16)

foofus

Coffee Wars 9 : Call for Beans foofus (Jul 08)

Fredrick Diggle

Re: Critical flaw rocks the internet Fredrick Diggle (Jul 09)
[FDSA] BIND's vulnerability to packet forgery Fredrick Diggle (Jul 09)
Re: bloginfosec.com: We're looking for a few good columnists! Fredrick Diggle (Jul 10)
sballmer () microsoft com, root () apache org Fredrick Diggle (Jul 11)
Dan Kaminsky Disclosure Methodology + Super Critical vulnerability disclosure in Windows Fredrick Diggle (Jul 25)
Re: Dan Kaminsky Disclosure Methodology + Super Critical vulnerability disclosure in Windows Fredrick Diggle (Jul 25)
Re: Dan Kaminsky Disclosure Methodology + Super Critical vulnerability disclosure in Windows Fredrick Diggle (Jul 25)
Re: how to request a cve id? Fredrick Diggle (Jul 25)

FRLinux

Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) FRLinux (Jul 15)

fukami

CFP 25C3 - The 25th Chaos Communication Congress 2008 fukami (Jul 01)

Gadi Evron

Re: [funsec] Stop The 70% Lie Gadi Evron (Jul 18)

Ganbold

Re: CAU-EX-2008-0002: Kaminsky DNS Cache Poisoning Flaw Exploit Ganbold (Jul 25)

Garrett Groff

Re: Linux's unofficial security-through-coveruppolicy Garrett Groff (Jul 17)

Georgi Guninski

Re: how to request a cve id? Georgi Guninski (Jul 27)

Giancarlo Razzolini

Re: Nominate Dan Kaminsky for Most Overhyped Bug Pwnie Award Giancarlo Razzolini (Jul 12)

Glenn.Everhart

Re: DNS flaw fixing causes surge in DNS traffic Glenn.Everhart (Jul 12)
Re: DNS spoofing issue. Thoughts on Glenn.Everhart (Jul 27)
Re: simple phishing fix Glenn.Everhart (Jul 29)
Recall: simple phishing fix Glenn.Everhart (Jul 30)

H D Moore

Re: Re : CAU-EX-2008-0002: Kaminsky DNS Cache Poisoning Flaw Exploit H D Moore (Jul 25)

Hernan Ochoa

Release of Pass-The-Hash Toolkit v1.4 Hernan Ochoa (Jul 02)

iDefense Labs

iDefense Security Advisory 07.08.08: Microsoft SQL Server Restore Integer Underflow Vulnerability iDefense Labs (Jul 08)
iDefense Security Advisory 07.09.08: Novell eDirectory LDAP Search Request Heap Corruption Vulnerability iDefense Labs (Jul 10)
iDefense Security Advisory 07.15.08: Oracle Database DBMS_AQELM Package Buffer Overflow Vulnerability iDefense Labs (Jul 15)
iDefense Security Advisory 07.15.08: Oracle Database Local Untrusted Library Path Vulnerability iDefense Labs (Jul 15)
iDefense Security Advisory 07.15.08: Oracle Internet Directory Pre-Authentication LDAP DoS Vulnerability iDefense Labs (Jul 15)
iDefense Security Advisory 07.28.08: Hewlett-Packard OVIS Probe Builder Arbitrary Process Termination Vulnerability iDefense Labs (Jul 28)
iDefense Security Advisory 07.30.08: SAP MaxDB dbmsrv Untrusted Execution Path Vulnerability iDefense Labs (Jul 31)

imipak

DNS and Checkpoint imipak (Jul 09)
Re: Nominate Dan Kaminsky for Most Overhyped BugPwnie Award imipak (Jul 23)
Re: DNS spoofing issue. Thoughts on imipak (Jul 26)

infolookup

Re: Minneapolis DC612 Meeting July 10th, 2008 () 6pm infolookup (Jul 08)
2600 Last Hope Conference NYC infolookup (Jul 21)

I)ruid

CAU-EX-2008-0002: Kaminsky DNS Cache Poisoning Flaw Exploit I)ruid (Jul 23)
CAU-EX-2008-0003: Kaminsky DNS Cache Poisoning Flaw Exploit for Domains I)ruid (Jul 24)
Re: Signs of compromised DNS? I)ruid (Jul 25)
...? (: I)ruid (Jul 25)

[ISR] - Infobyte Security Research

Novell GroupWise Messenger Client (GWIM) Remote Stack Overflow [ISR] - Infobyte Security Research (Jul 02)
Tool release: [evilgrade] - Using DNS cache poisoning to exploit poor update implementations [ISR] - Infobyte Security Research (Jul 28)

Ivan .

Critical flaw rocks the internet Ivan . (Jul 09)
Re: Critical flaw rocks the internet Ivan . (Jul 09)
Re: Pen Test forums? Ivan . (Jul 24)

James Lay

New round of SSH scan IP's James Lay (Jul 09)
Re: New round of SSH scan IP's James Lay (Jul 09)
Re: Zone Alarm Firewall users without Internet after MS patch (MS08-037) James Lay (Jul 09)
Re: The cat is indeed out of the bag James Lay (Jul 22)
Signs of compromised DNS? James Lay (Jul 24)
Re: Signs of compromised DNS? James Lay (Jul 25)

Jamie Strandboge

[USN-619-1] Firefox vulnerabilities Jamie Strandboge (Jul 02)
[USN-623-1] Firefox vulnerabilities Jamie Strandboge (Jul 17)
[USN-627-1] Dnsmasq vulnerability Jamie Strandboge (Jul 22)
[USN-628-1] PHP vulnerabilities Jamie Strandboge (Jul 23)
[USN-629-1] Thunderbird vulnerabilities Jamie Strandboge (Jul 25)
[USN-626-1] Firefox and xulrunner vulnerabilities Jamie Strandboge (Jul 29)

Jan Minář

Re: Collection of Vulnerabilities in Fully Patched Vim 7.1 Jan Minář (Jul 01)
Vim: Improper Implementation of shellescape()/Arbitrary Code Execution Jan Minář (Jul 16)
Arbitrary code execution in Netrw version 127, Vim 7.2b Jan Minář (Jul 16)
Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution Jan Minář (Jul 17)
Vim: Flawed Fix of Arbitrary Code Execution Vulnerability in filetype.vim Jan Minář (Jul 23)
Re: Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution Jan Minář (Jul 25)
Re: Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution Jan Minář (Jul 26)

Jared DeMott

Re: bloginfosec.com: We're looking for a few good columnists! Jared DeMott (Jul 10)
Re: Kaminsky DNS bug leaked Jared DeMott (Jul 15)

Jean-Michel Besnard

Trixbox 2.6.1 and below, remote root shell through local file inclusion Jean-Michel Besnard (Jul 09)

Jeffrey Starck

0day offer Jeffrey Starck (Jul 11)
Re: 0day offer Jeffrey Starck (Jul 30)

Jerome Benoit

Re: Dan Kaminsky wants podcast with n3td3v Jerome Benoit (Jul 22)

Jessica Hope

XSS in admin logs - vBulletin 3.7.2 and lower, vBulletin 3.6.10 PL2 and lower Jessica Hope (Jul 08)

jf

Re: Dan Kaminsky wants podcast with n3td3v jf (Jul 22)

jkouns

Open Security Foundation To Maintain Attrition.org's Data Loss Database - Open Source jkouns (Jul 15)

jmpascual

Re: Oracle Database Local Untrusted Library Path Vulnerability jmpascual (Jul 21)

Joe Barr

Re: Coffee Wars 9 : Call for Beans Joe Barr (Jul 09)

Joel Jose

Re: [Dailydave] Linux's unofficial security-through-coverup policy Joel Jose (Jul 18)
Re: [Dailydave] Linux's unofficial security-through-coverup policy Joel Jose (Jul 18)

John Cartwright

List Charter John Cartwright (Jul 10)

John D. Reason

Re: DNS spoofing issue. Thoughts on John D. Reason (Jul 27)
Re: how to request a cve id? John D. Reason (Jul 29)

Jost Krieger

Re: Tool: PorkBind Nameserver Security Scanner Jost Krieger (Jul 31)

Jouko Pynnonen

Facebook script injection vulnerabilities Jouko Pynnonen (Jul 02)
Re: Facebook script injection vulnerabilities Jouko Pynnonen (Jul 04)

Joxean Koret

Oracle Database Local Untrusted Library Path Vulnerability Joxean Koret (Jul 19)

jr

AUTOREPLY [SECURITY] [DSA 1607-1] New iceweasel... jr (Jul 11)

Karol Więsek

Panda ActiveScan 2.0 remote code execution Karol Więsek (Jul 04)

kat

Re: The cat is indeed out of the bag kat (Jul 22)

Kees Cook

[USN-622-1] Bind vulnerability Kees Cook (Jul 08)
[USN-624-1] PCRE vulnerability Kees Cook (Jul 15)
[USN-625-1] Linux kernel vulnerabilities Kees Cook (Jul 16)
[USN-630-1] ffmpeg vulnerability Kees Cook (Jul 28)
[USN-631-1] poppler vulnerability Kees Cook (Jul 28)

Kenneth F. Belva

bloginfosec.com: We're looking for a few good columnists! Kenneth F. Belva (Jul 10)

Kevin Finisterre (lists)

Pin Pop... (ATM Pins?) Kevin Finisterre (lists) (Jul 23)

Kingcope Kingcope

AFK from fool-disclosure Kingcope Kingcope (Jul 19)
AFK from full-disclosure Kingcope Kingcope (Jul 19)
Re: Pwnie Awards 2008 Kingcope Kingcope (Jul 21)

Kiwicon Crue

Kiwicon CFP 2k8 - Update Kiwicon Crue (Jul 11)

KJK::Hyperion

Re: Warning KJK::Hyperion (Jul 10)

Knud Erik Højgaard

Re: New round of SSH scan IP's Knud Erik Højgaard (Jul 09)
Re: Fwd: Are Bug Disclosures Helping or Hurting? Knud Erik Højgaard (Jul 31)
F-PROT antivirus 6.2.1.4252 infinite loop denial of service via malformed archive Knud Erik Højgaard (Jul 31)

Kristian Erik Hermansen

Oracle DB security contact email address? Kristian Erik Hermansen (Jul 16)

Kristo pher

Kaminsky corroborates the DNS vuln. discovered and published by Flake Kristo pher (Jul 24)

Kurt Dillard

Re: bloginfosec.com: We're looking for a few good columnists! Kurt Dillard (Jul 10)

Kyle C. Quest

protecting yourself from DLP Kyle C. Quest (Jul 25)

list-fulldisclosure

Re: DNS spoofing issue. Thoughts on potential exploits list-fulldisclosure (Jul 24)

Lolek of TK53

Re: Multiple Vendor DNS Cache Poisoning issue Lolek of TK53 (Jul 10)

londone

Re: Mrfetch Paul Carnes YouTube londone (Jul 06)
Re: Multiple Vendor DNS Cache Poisoning issue londone (Jul 10)

lsi

simple phishing fix lsi (Jul 27)
Re: simple phishing fix lsi (Jul 28)
Re: simple phishing fix lsi (Jul 28)
Re: simple phishing fix lsi (Jul 29)
Re: simple phishing fix lsi (Jul 30)

Lucio Crusca

help: I need to crack my box Lucio Crusca (Jul 21)
Re: help: I need to crack my box Lucio Crusca (Jul 22)
Re: help: I need to crack my box Lucio Crusca (Jul 22)
Re: help: I need to crack my box Lucio Crusca (Jul 23)

Luigi Auriemma

NULL pointer in ZDaemon 1.08.07 Luigi Auriemma (Jul 21)
Memory corruption and NULL pointer in Unreal Tournament III 1.2 Luigi Auriemma (Jul 29)
NULL pointer in Unreal Tournament 2004 v3369 Luigi Auriemma (Jul 29)

MadHat Unspecific

Re: Comments on: DNS exploit code is in the wild MadHat Unspecific (Jul 24)

Marco Slaviero

Re: DNS and NAT (was: DNS and CheckPoint) Marco Slaviero (Jul 16)

Mark Andrews

Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Mark Andrews (Jul 14)
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Mark Andrews (Jul 15)
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Mark Andrews (Jul 15)
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Mark Andrews (Jul 16)
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Mark Andrews (Jul 16)
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Mark Andrews (Jul 16)
Re: DNS spoofing issue. Thoughts on potential exploits Mark Andrews (Jul 27)

Mary and Glenn Everhart

Re DNS spoofing issue discussion Mary and Glenn Everhart (Aug 01)

Matthias Geerdsen

[ GLSA 200807-04 ] Poppler: User-assisted execution of arbitrary code Matthias Geerdsen (Jul 08)
[ GLSA 200807-08 ] BIND: Cache poisoning Matthias Geerdsen (Jul 11)

Maxime Ducharme

Re: Dan Kaminsky wants podcast with n3td3v Maxime Ducharme (Jul 22)

mcwidget

Re: Nominate Dan Kaminsky for Most Overhyped Bug Pwnie Award mcwidget (Jul 23)

Michael Holstein

Re: New round of SSH scan IP's Michael Holstein (Jul 09)

Michal Zalewski

[tool] ratproxy - passive web application security assessment tool Michal Zalewski (Jul 02)

Micheal Cottingham

Re: signature for DNS vulnerability? Micheal Cottingham (Jul 25)

Mike Owen

Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Mike Owen (Jul 15)

mokum von Amsterdam

Re: The cat is indeed out of the bag mokum von Amsterdam (Jul 23)

monsieur . aglie

The cat is indeed out of the bag monsieur . aglie (Jul 22)

Moritz Muehlenhoff

[SECURITY] [DSA 1607-1] New iceweasel packages fix several vulnerabilities Moritz Muehlenhoff (Jul 11)
[SECURITY] [DSA 1612-1] New ruby1.8 packages fix several vulnerabilities Moritz Muehlenhoff (Jul 21)
[SECURITY] [DSA 1614-1] New iceweasel packages fix several vulnerabilities Moritz Muehlenhoff (Jul 23)
[SECURITY] [DSA 1615-1] New xulrunner packages fix several vulnerabilities Moritz Muehlenhoff (Jul 23)
[SECURITY] [DSA 1618-1] New ruby1.9 packages fix several vulnerabilities Moritz Muehlenhoff (Jul 26)
[SECURITY] [DSA 1620-1] New python2.5 packages fix several vulnerabilities Moritz Muehlenhoff (Jul 27)
[SECURITY] [DSA 1621-1] New icedove packages fix several vulnerabilities Moritz Muehlenhoff (Jul 27)
[SECURITY] [DSA 1623-1] New dnsmasq packages fix cache poisoning Moritz Muehlenhoff (Jul 31)
[SECURITY] [DSA 1624-1] New libxslt packages fix arbitrary code execution Moritz Muehlenhoff (Jul 31)

mrdkaaa

Re: [SCANIT-2008-001] QNX phgrafx Privilege Escalation Vulnerability mrdkaaa (Jul 01)
Re: Full-Disclosure? introducing lul-disclosure. mrdkaaa (Jul 02)
Re: Novell GroupWise Messenger Client (GWIM) Remote Stack Overflow mrdkaaa (Jul 03)
[MSA080709-001] OpenSSH Vulnerability mrdkaaa (Jul 09)

M. Shirk

Re: Kaminsky DNS bug leaked M. Shirk (Jul 15)
Re: Kaminsky DNS bug leaked M. Shirk (Jul 15)
Re: Linux's unofficial security-through-coverup policy M. Shirk (Jul 16)

mutiny

Re: Critical flaw rocks the internet mutiny (Jul 09)
Re: New round of SSH scan IP's mutiny (Jul 09)

n3td3v

n3td3v podcast n3td3v (Jul 02)
Re: n3td3v podcast n3td3v (Jul 03)
Re: n3td3v podcast n3td3v (Jul 03)
Re: n3td3v podcast n3td3v (Jul 03)
Fwd: Comments on: Google powers up users' Gmail security arsenal n3td3v (Jul 08)
Re: Multiple Vendor DNS Cache Poisoning issue n3td3v (Jul 11)
How should Full-Disclosure be funded? n3td3v (Jul 11)
Nominate Dan Kaminsky for Most Overhyped Bug Pwnie Award n3td3v (Jul 11)
Re: Nominate Dan Kaminsky for Most Overhyped Bug Pwnie Award n3td3v (Jul 11)
Re: DNS flaw fixing causes surge in DNS traffic n3td3v (Jul 11)
Re: Nominate Dan Kaminsky for Most Overhyped Bug Pwnie Award n3td3v (Jul 12)
Pwnie Awards: Nominations, delayed? n3td3v (Jul 14)
Re: Pwnie Awards: Nominations, delayed? n3td3v (Jul 14)
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) n3td3v (Jul 15)
Re: n3td3v n3td3v (Jul 17)
Re: AFK from fool-disclosure n3td3v (Jul 19)
Fwd: Stop The 70% Lie n3td3v (Jul 19)
Torvalds attacks IT industry 'security circus' n3td3v (Jul 19)
Re: Torvalds attacks IT industry 'security circus' n3td3v (Jul 19)
Dan Kaminsky wants podcast with n3td3v n3td3v (Jul 22)
Re: Dan Kaminsky wants podcast with n3td3v n3td3v (Jul 22)
Re: Dan Kaminsky wants podcast with n3td3v n3td3v (Jul 23)
Re: Nominate Dan Kaminsky for Most Overhyped Bug Pwnie Award n3td3v (Jul 23)
Comments on: DNS exploit code is in the wild n3td3v (Jul 24)
Re: Comments on: DNS exploit code is in the wild n3td3v (Jul 24)
Kaminsky's Law n3td3v (Jul 25)
Re: Dan Kaminsky Disclosure Methodology + Super Critical vulnerability disclosure in Windows n3td3v (Jul 25)
Re: Dan Kaminsky Disclosure Methodology + Super Critical vulnerability disclosure in Windows n3td3v (Jul 26)
Media backlash begins against HD Moore and I)ruid n3td3v (Jul 26)
Re: DNS spoofing issue. Thoughts on n3td3v (Jul 26)
Re: Kaminsky's Law n3td3v (Jul 28)
Re: how to request a cve id? n3td3v (Jul 28)
Fwd: 'World's most dangerous hacker' to be extradited to US n3td3v (Jul 30)
Fwd: Are Bug Disclosures Helping or Hurting? n3td3v (Jul 30)
Re: Fwd: Are Bug Disclosures Helping or Hurting? n3td3v (Jul 30)

Nahuel C. Riva

[tool] SDT Cleaner 1.0 Nahuel C. Riva (Jul 23)

Nate McFeters

Re: Critical flaw rocks the internet Nate McFeters (Jul 09)
Microsoft warns of attacks against Word 2002 SP 3 Nate McFeters (Jul 09)
Re: Kaminsky DNS bug leaked Nate McFeters (Jul 15)
Re: Pwnie Awards: Nominations, delayed? Nate McFeters (Jul 16)
Re: Nominate Dan Kaminsky for Most Overhyped Bug Pwnie Award Nate McFeters (Jul 16)

natron

Kaminsky's DNS Issue Leaked? natron (Jul 21)

Neil McGovern

Re: Mrfetch Paul Carnes YouTube Neil McGovern (Jul 06)
Re: 0day offer Neil McGovern (Jul 11)

NetExpress

zonedit.com e dns zone transfer NetExpress (Jul 04)

Netragard Security Advisories

[NETRAGARD SECURITY ADVISORY][Apple Core Image Fun House <= 2.0 OS X -- Arbitrary Code Execution][NETRAGARD-20080711] Netragard Security Advisories (Jul 11)

Nick FitzGerald

Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Nick FitzGerald (Jul 16)
Re: simple phishing fix Nick FitzGerald (Jul 29)
Re: simple phishing fix Nick FitzGerald (Jul 30)

nigel

Re: help: I need to crack my box (Lucio Crusca) nigel (Jul 22)

Nikolai Weibull

Re: Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution Nikolai Weibull (Jul 18)

nobody

WinMagic HDE encryption nobody (Jul 03)

noreply

[MU-200807-01] Remote DoS in reSIProcate noreply (Jul 12)

OTB

OwnTheBox @ DC16: Pwning for dollars OTB (Jul 16)

Pablo Molina

Zone Alarm Firewall users without Internet after MS patch (MS08-037) Pablo Molina (Jul 09)

Panda Security Response

Re: Panda ActiveScan 2.0 remote code execution Panda Security Response (Jul 04)
Re: Panda ActiveScan 2.0 remote code execution Panda Security Response (Jul 04)

Paul Schmehl

Re: How should Full-Disclosure be funded? Paul Schmehl (Jul 11)
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Paul Schmehl (Jul 13)
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Paul Schmehl (Jul 14)
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Paul Schmehl (Jul 14)
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Paul Schmehl (Jul 15)
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Paul Schmehl (Jul 16)
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Paul Schmehl (Jul 16)
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Paul Schmehl (Jul 16)
Re: [Dailydave] Linux's unofficial security-through-coverup policy Paul Schmehl (Jul 17)
Re: help: I need to crack my box Paul Schmehl (Jul 21)
Re: help: I need to crack my box Paul Schmehl (Jul 22)
Re: DNS spoofing issue. Thoughts on Paul Schmehl (Jul 26)
Re: DNS spoofing issue. Thoughts on Paul Schmehl (Jul 26)
Re: DNS spoofing issue. Thoughts on Paul Schmehl (Jul 26)
Re: Re DNS spoofing issue discussion Paul Schmehl (Aug 01)
Re: Re DNS spoofing issue discussion Paul Schmehl (Aug 01)

Paul Szabo

Re: Proxy Autoconfiguration and Internet Explorer Zones Paul Szabo (Jul 11)
DNS forward only: why does it help? Paul Szabo (Jul 23)
Re: DNS spoofing issue. Thoughts on Paul Szabo (Jul 26)

PEra

Re: List Charter PEra (Jul 20)

Peter Besenbruch

Re: Kaminsky DNS bug leaked Peter Besenbruch (Jul 15)
Re: simple phishing fix Peter Besenbruch (Jul 29)
Re: simple phishing fix Peter Besenbruch (Jul 29)
Re: simple phishing fix Peter Besenbruch (Jul 30)

Peter Dawson

Re: The cat is indeed out of the bag Peter Dawson (Jul 23)

Peter van den Heuvel

Re: New round of SSH scan IP's Peter van den Heuvel (Jul 09)
Re: Multiple Vendor DNS Cache Poisoning issue Peter van den Heuvel (Jul 10)

Pierre-Yves Rofes

[ GLSA 200807-05 ] OpenOffice.org: User-assisted execution of arbitrary code Pierre-Yves Rofes (Jul 09)
[ GLSA 200807-10 ] Bacula: Information disclosure Pierre-Yves Rofes (Jul 21)
[ GLSA 200807-11 ] PeerCast: Buffer overflow Pierre-Yves Rofes (Jul 21)
[ GLSA 200807-12 ] BitchX: Multiple vulnerabilities Pierre-Yves Rofes (Jul 21)
[ GLSA 200807-13 ] VLC: Multiple vulnerabilities Pierre-Yves Rofes (Jul 31)
[ GLSA 200807-14 ] Linux Audit: Buffer overflow Pierre-Yves Rofes (Jul 31)
[ GLSA 200807-15 ] Pan: User-assisted execution of arbitrary code Pierre-Yves Rofes (Jul 31)

Piotr Bania

Kon-Boot v.1.0 - booting-time ultimate linux hacking utility ; ) Piotr Bania (Jul 15)

ProCheckUp Research

PR08-16: CSRF (Cross-site Request Forgery) on Moodle edit profile page ProCheckUp Research (Jul 22)
PR08-13: Persistent Cross-site Scripting (XSS) on Moodle via blog entry title ProCheckUp Research (Jul 22)
PR08-15: Several Webroot Disclosures on Moodle ProCheckUp Research (Jul 22)

Professor Micheal Chatner

everything Professor Micheal Chatner (Jul 15)
Re: everything Professor Micheal Chatner (Jul 16)
n3td3v Professor Micheal Chatner (Jul 17)
ladies Professor Micheal Chatner (Jul 24)

pUm

Re: help: I need to crack my box pUm (Jul 22)

Raj Mathur

Re: simple phishing fix Raj Mathur (Jul 31)

RandallMan

Re: ladies RandallMan (Jul 25)
DNS spoofing issue. Thoughts on RandallMan (Jul 26)

Randal, Phil

Re: Multiple Vendor DNS Cache Poisoning issue Randal, Phil (Jul 10)

Randal T. Rioux

Re: Panda ActiveScan 2.0 remote code execution Randal T. Rioux (Jul 04)
Re: simple phishing fix Randal T. Rioux (Jul 29)

Ray P

Re: DNS and Checkpoint Ray P (Jul 10)
Re: Comments on: DNS exploit code is in the wild Ray P (Jul 24)

razi garbie

Re: help: I need to crack my box razi garbie (Jul 22)

Riad S. Wahby

Re: DNS and NAT (was: DNS and CheckPoint) Riad S. Wahby (Jul 11)
Re: DNS and NAT (was: DNS and CheckPoint) Riad S. Wahby (Jul 11)

Rob

Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Rob (Jul 15)

Robert Buchholz

[ GLSA 200807-03 ] PCRE: Buffer overflow Robert Buchholz (Jul 07)
[ GLSA 200807-07 ] NX: User-assisted execution of arbitrary code Robert Buchholz (Jul 09)
[ GLSA 200807-06 ] Apache: Denial of Service Robert Buchholz (Jul 09)
Re: Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution Robert Buchholz (Jul 25)
Re: Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution Robert Buchholz (Jul 25)
[ GLSA 200807-16 ] Python: Multiple vulnerabilities Robert Buchholz (Jul 31)

Robert Holgstad

Re: Panda ActiveScan 2.0 remote code execution Robert Holgstad (Jul 04)
Re: Multiple Vendor DNS Cache Poisoning issue Robert Holgstad (Jul 11)
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Robert Holgstad (Jul 15)
Re: Kaminsky DNS bug leaked Robert Holgstad (Jul 15)
Re: SPAM from Tobesecurity.com Robert Holgstad (Jul 24)
Re: Kaminsky's Law Robert Holgstad (Jul 25)
Re: Dan Kaminsky Disclosure Methodology + Super Critical vulnerability disclosure in Windows Robert Holgstad (Jul 27)
Re: simple phishing fix Robert Holgstad (Jul 30)
Re: Advisories Robert Holgstad (Jul 30)

Robert McKay

Re: The cat is indeed out of the bag Robert McKay (Jul 23)

Robert Peaslee

Re: Linux's unofficial security-through-coverup policy Robert Peaslee (Jul 16)

Rob Thompson

Re: everything Rob Thompson (Jul 16)

Rodrigo Rubira Branco (BSDaemon)

Re: DNS and Checkpoint Rodrigo Rubira Branco (BSDaemon) (Jul 09)
Re: Zone Alarm Firewall users without Internet after MS patch (MS08-037) Rodrigo Rubira Branco (BSDaemon) (Jul 09)

root

Re: Full-Disclosure? introducing lul-disclosure. root (Jul 02)

rPath Update Announcements

rPSA-2008-0212-1 tshark wireshark rPath Update Announcements (Jul 03)
rPSA-2008-0211-1 mercurial mercurial-hgk rPath Update Announcements (Jul 03)
rPSA-2008-0216-1 firefox rPath Update Announcements (Jul 09)
rPSA-2008-0217-1 vsftpd rPath Update Announcements (Jul 09)
rPSA-2008-0218-1 ruby rPath Update Announcements (Jul 09)
rPSA-2008-0223-1 poppler rPath Update Announcements (Jul 09)
rPSA-2008-0035-1 httpd mod_ssl rPath Update Announcements (Jul 16)
rPSA-2008-0230-1 bind bind-utils rPath Update Announcements (Jul 18)
rPSA-2008-0231-1 bind bind-utils rPath Update Announcements (Jul 19)
rPSA-2008-0236-1 httpd mod_ssl rPath Update Announcements (Jul 29)
rPSA-2008-0235-1 fetchmail fetchmailconf rPath Update Announcements (Jul 29)
rPSA-2008-0237-1 tshark wireshark rPath Update Announcements (Jul 29)
rPSA-2008-0238-1 firefox rPath Update Announcements (Jul 29)
rPSA-2008-0241-1 openssl openssl-scripts rPath Update Announcements (Jul 31)

Ryan McBride

Re: DNS and NAT (was: DNS and CheckPoint) Ryan McBride (Jul 16)

Sandro Gauci

Re: DNS and Checkpoint Sandro Gauci (Jul 10)

Sandy Vagina

Re: Nominate Dan Kaminsky for Most Overhyped Bug Pwnie Award Sandy Vagina (Jul 11)
Re: How should Full-Disclosure be funded? Sandy Vagina (Jul 11)
Re: Nominate Dan Kaminsky for Most Overhyped Bug Pwnie Award Sandy Vagina (Jul 11)
Re: Pwnie Awards: Nominations, delayed? Sandy Vagina (Jul 15)

Scanit Labs

[SCANIT-2008-002] Wordtrans-web Remote Command Execution Vulnerability Scanit Labs (Jul 01)
[SCANIT-2008-003] Wordtrans-web Remote Command Execution Vulnerability Scanit Labs (Jul 01)
[SCANIT-2008-001] QNX phgrafx Privilege Escalation Vulnerability Scanit Labs (Jul 01)

schroedinger

Re: The cat is indeed out of the bag schroedinger (Jul 22)
Re: The cat is indeed out of the bag schroedinger (Jul 22)

Secunia Research

Secunia Research: VLC Media Player WAV Processing Integer Overflow Secunia Research (Jul 02)
Secunia Research: RealPlayer SWF Frame Handling Buffer Overflow Secunia Research (Jul 25)
Secunia Research: Blue Coat K9 Web Protection "Referer" Header Buffer Overflow Secunia Research (Jul 31)
Secunia Research: Blue Coat K9 Web Protection Response Handling Buffer Overflows Secunia Research (Jul 31)

security

[ MDVSA-2008:127 ] - Updated PHP packages fix multiple vulnerabilities security (Jul 03)
[ MDVSA-2008:128 ] - Updated PHP packages fix multiple vulnerabilities security (Jul 04)
[ MDVSA-2008:125 ] - Updated PHP packages fix multiple vulnerabilities security (Jul 04)
[ MDVSA-2008:126 ] - Updated PHP packages fix multiple vulnerabilities security (Jul 04)
[ MDVSA-2008:129 ] - Updated PHP packages fix multiple vulnerabilities security (Jul 04)
[ MDVSA-2008:130 ] - Updated PHP packages fix multiple vulnerabilities security (Jul 04)
[ MDVSA-2008:131 ] - Updated phpMyAdmin packages fix multiple vulnerabilities security (Jul 04)
[ MDVSA-2008:132 ] - Updated gnome-screensaver packages fix authentication vulnerability security (Jul 04)
[ MDVSA-2008:133 ] - Updated sympa packages fix DoS vulnerability security (Jul 04)
[ MDVSA-2008:134 ] - Updated squid packages fix DoS vulnerability security (Jul 05)
[ MDVSA-2008:135 ] - Updated gnome-screensaver packages fix authentication vulnerability security (Jul 05)
[ MDVSA-2008:136 ] - Updated Firefox packages fix vulnerabilities security (Jul 08)
[ MDVSA-2008:137 ] - Updated OpenOffice.org fix vulnerability, and a few other bugs security (Jul 09)
[ MDVSA-2008:138 ] - Updated OpenOffice.org packages fix vulnerability security (Jul 09)
[ MDVSA-2008:139 ] - Updated BIND packages fix critical DNS vulnerability security (Jul 09)
[ MDVSA-2008:140 ] - Updated ruby packages fix vulnerabilities security (Jul 10)
[ MDVSA-2008:141 ] - Updated ruby packages fix vulnerabilities security (Jul 10)
[ MDVSA-2008:142 ] - Updated ruby packages fix vulnerabilities security (Jul 10)
[ MDVSA-2008:143 ] - Updated pidgin packages fix MSN protocol handler vulnerability security (Jul 11)
[ MDVSA-2008:138-1 ] - Updated OpenOffice.org packages fix vulnerability security (Jul 12)
[ MDVSA-2008:144 ] - Updated openldap packages fix slapd DoS vulnerability security (Jul 12)
[ MDVSA-2008:145 ] - Updated bluez/bluez-utils packages fix SDP packet parsing vulnerability security (Jul 15)
[ MDVSA-2008:146 ] - Updated poppler packages fix arbitrary code execution vulnerability security (Jul 16)
[ MDVSA-2008:147 ] - Updated pcre packages fix vulnerability security (Jul 16)
n.runs-SA-2008.002 - F-Prot Out-of-Bound Memory Access DoS (remote) security (Jul 16)
n.runs-SA-2008.003 - Quicktime - Arbitrary Code Execution (remote) security (Jul 16)
[ MDVSA-2008:148 ] - Updated Firefox packages fix vulnerabilities security (Jul 18)
[ MDVSA-2008:149 ] - Updated mysql packages fix vulnerabilities security (Jul 19)
[ MDVSA-2008:150 ] - Updated mysql packages fix vulnerabilities security (Jul 19)
[ MDVSA-2008:151 ] - Updated libxslt packages fix buffer overflow vulnerability security (Jul 22)
[ MDVSA-2008:152 ] - Updated wireshark packages fix denial of service vulnerability security (Jul 22)
[ MDVSA-2008:153 ] - Updated emacs packages fix vulnerability security (Jul 23)
[ MDVSA-2008:153 ] - Updated emacs packages fix vulnerability security (Jul 23)
[ MDVSA-2008:154 ] - Updated xemacs packages fix vulnerability security (Jul 23)
[ MDVSA-2008:155 ] - Updated Thunderbird packages fix multiple vulnerabilities security (Jul 25)
[ MDVSA-2008:155-1 ] - Updated Thunderbird packages fix multiple vulnerabilities security (Jul 27)
[ MDVSA-2008:156 ] - Updated libpng packages fix vulnerability security (Jul 28)
n.runs-SA-2008.004 - AVG Anti-Virus Divide by Zero - DoS (remote) security (Jul 29)
[ MDVSA-2008:157 ] - ffmpeg security (Jul 29)
[ MDVSA-2008:158 ] silc-toolkit security (Jul 30)
[ MDVSA-2008:159 ] licq security (Jul 30)

Shawn Merdinger

Re: How should Full-Disclosure be funded? Shawn Merdinger (Jul 11)

Slythers Bro

Re: AFK from fool-disclosure Slythers Bro (Jul 23)

solemn

Re: Nominate Dan Kaminsky for Most Overhyped Bug Pwnie Award solemn (Jul 22)
Re: AFK from fool-disclosure solemn (Jul 22)

Sowhat

Flashblock Bypass Sowhat (Jul 25)

Stack Smasher

Re: everything Stack Smasher (Jul 16)
Re: everything Stack Smasher (Jul 16)

staff

Full-Disclosure? introducing lul-disclosure. staff (Jul 01)
Critical Aol Insta Chats Bug! staff (Jul 03)
Re: [Dailydave] Linux's unofficial security-through-coverup policy staff (Jul 17)

Steve Grubb

Re: [Full-disclosure] [Dailydave] Linux's unoff icial security-through-coverup policy Steve Grubb (Jul 17)

Steve Kemp

[SECURITY] [DSA 1560-1] New sympa packages fix denial of service Steve Kemp (Jul 01)
[SECURITY] [DSA 1606-1] poppler packages fix execution of arbitrary code Steve Kemp (Jul 09)
[SECURITY] [DSA 1610-1] New gaim packages fix execution of arbitrary code Steve Kemp (Jul 15)
[SECURITY] [DSA 1609-1] New lighttpd packages fix multiple DOS issues Steve Kemp (Jul 15)

Steven M. Christey

Re: Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution Steven M. Christey (Jul 25)
Re: how to request a cve id? Steven M. Christey (Jul 27)
Re: how to request a cve id? Steven M. Christey (Jul 28)
Re: how to request a cve id? Steven M. Christey (Jul 28)

Stian Øvrevåge

Re: simple phishing fix Stian Øvrevåge (Jul 29)

sub

Re: Nominate Dan Kaminsky for Most Overhyped Bug Pwnie Award sub (Jul 12)

super

Tool: PorkBind Nameserver Security Scanner super (Jul 30)

Supranamaya Ranjan

DNS flaw fixing causes surge in DNS traffic Supranamaya Ranjan (Jul 11)

T Biehn

Re: Dan Kaminsky Disclosure Methodology + Super Critical vulnerability disclosure in Windows T Biehn (Jul 28)

The Man

Re: Nominate Dan Kaminsky for Most Overhyped BugPwnie Award The Man (Jul 12)

the_man

Re: Nominate Dan Kaminsky for Most Overhyped BugPwnie Award the_man (Jul 12)

The Security Community

Stop The 70% Lie The Security Community (Jul 17)

the.soylent

Re: help: I need to crack my box the.soylent (Jul 22)

Thijs Kinkhorst

[SECURITY] [DSA 1601-1] New wordpress packages fix several vulnerabilities Thijs Kinkhorst (Jul 05)
[SECURITY] [DSA 1569-3] New cacti packages fix regression Thijs Kinkhorst (Jul 15)
[SECURITY] [DSA 1611-1] New afuse packages fix privilege escalation Thijs Kinkhorst (Jul 16)
[SECURITY] [DSA 1540-3] New lighttpd packages fix regression Thijs Kinkhorst (Jul 23)
[SECURITY] [DSA 1622-1] New newsx packages fix arbitrary code execution Thijs Kinkhorst (Jul 31)

Thomas Biege

SUSE Security Announcement: bind (SUSE-SA:2008:033) Thomas Biege (Jul 11)

Thomas Cross

DNS and NAT (was: DNS and CheckPoint) Thomas Cross (Jul 11)
Re: DNS and NAT (was: DNS and CheckPoint) Thomas Cross (Jul 11)
Re: DNS and NAT (was: DNS and CheckPoint) Thomas Cross (Jul 14)

tixxDZ

Re : CAU-EX-2008-0002: Kaminsky DNS Cache Poisoning Flaw Exploit tixxDZ (Jul 25)

Tobias Heinlein

[ GLSA 200807-01 ] Python: Multiple integer overflows Tobias Heinlein (Jul 01)
[ GLSA 200807-02 ] Motion: Execution of arbitrary code Tobias Heinlein (Jul 01)
[ GLSA 200807-09 ] Mercurial: Directory traversal Tobias Heinlein (Jul 15)

Tom Brennan

Application Security Tom Brennan (Jul 29)

Tonnerre Lombard

Re: Full-Disclosure? introducing lul-disclosure. Tonnerre Lombard (Jul 02)

trejrco

Re: simple phishing fix trejrco (Jul 27)

Troy Xyz

DNS spoofing issue. Thoughts on potential exploits Troy Xyz (Jul 17)
Re: DNS spoofing issue. Thoughts on potential exploits Troy Xyz (Jul 24)

Tuc at T-B-O-H.NET

Re: [bugtraq] Re: CAU-EX-2008-0002: Kaminsky DNS Cache Poisoning Tuc at T-B-O-H.NET (Jul 25)

Ureleet

Re: n3td3v podcast Ureleet (Jul 03)
Re: [Full-disclosure] Gmail, Yahoo and Hotmail’s CAPTCHA broken by spammers Ureleet (Jul 03)
Re: n3td3v podcast Ureleet (Jul 04)
Re: List Charter Ureleet (Jul 15)
Re: Pwnie Awards: Nominations, delayed? Ureleet (Jul 15)
Re: Fwd: Comments on: Google powers up users' Gmail security arsenal Ureleet (Jul 15)
Re: Nominate Dan Kaminsky for Most Overhyped BugPwnie Award Ureleet (Jul 15)
Re: Multiple Vendor DNS Cache Poisoning issue Ureleet (Jul 15)
Re: How should Full-Disclosure be funded? Ureleet (Jul 15)
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Ureleet (Jul 15)
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Ureleet (Jul 15)
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Ureleet (Jul 16)
Re: everything Ureleet (Jul 16)
Re: Dan Kaminsky wants podcast with n3td3v Ureleet (Jul 22)
Re: AFK from fool-disclosure Ureleet (Jul 22)
Re: n3td3v Ureleet (Jul 22)
Re: Kaminsky's DNS Issue Leaked? Ureleet (Jul 22)
Re: help: I need to crack my box (Lucio Crusca) Ureleet (Jul 22)
Re: Nominate Dan Kaminsky for Most Overhyped Bug Pwnie Award Ureleet (Jul 22)

Valdis . Kletnieks

Re: Zone Alarm Firewall users without Internet after MS patch (MS08-037) Valdis . Kletnieks (Jul 09)
Re: Warning Valdis . Kletnieks (Jul 10)
Re: DNS and NAT (was: DNS and CheckPoint) Valdis . Kletnieks (Jul 11)
Re: Nominate Dan Kaminsky for Most Overhyped Bug Pwnie Award Valdis . Kletnieks (Jul 11)
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Valdis . Kletnieks (Jul 14)
Re: Pwnie Awards: Nominations, delayed? Valdis . Kletnieks (Jul 14)
Re: Kaminsky DNS bug leaked Valdis . Kletnieks (Jul 15)
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Valdis . Kletnieks (Jul 16)
Re: Linux's unofficial security-through-coverup policy Valdis . Kletnieks (Jul 16)
Re: Linux's unofficial security-through-coverup policy Valdis . Kletnieks (Jul 16)
Re: [Dailydave] Linux's unofficial security-through-coverup policy Valdis . Kletnieks (Jul 18)
Re: help: I need to crack my box Valdis . Kletnieks (Jul 22)
Re: Comments on: DNS exploit code is in the wild Valdis . Kletnieks (Jul 24)
Re: DNS spoofing issue. Thoughts on Valdis . Kletnieks (Jul 26)
Re: DNS spoofing issue. Thoughts on Valdis . Kletnieks (Jul 27)
Re: DNS spoofing issue. Thoughts on Valdis . Kletnieks (Jul 30)
Re: [inbox] Re: simple phishing fix Valdis . Kletnieks (Jul 31)

Victor Stinner

Fusil the fuzzer version 0.9 released Victor Stinner (Jul 08)

VMware Security team

VMSA-2008-00011 Updated ESX service console packages for Samba and vmnix VMware Security team (Jul 29)

VR-Subscription-noreply

Assurent VR - Adobe RoboHelp Server SQL Injection Vulnerability VR-Subscription-noreply (Jul 09)
Assurent VR - CA ARCserve Backup for Laptops and Desktops LGServer Handshake Buffer Overflow VR-Subscription-noreply (Jul 31)

Wendel Guglielmetti Henrique

Citrix MetaFrame Privilege Escalation Wendel Guglielmetti Henrique (Jul 30)

Wesley McGrew

Re: Nominate Dan Kaminsky for Most Overhyped Bug Pwnie Award Wesley McGrew (Jul 12)

William Lefkovics

Re: n3td3v podcast William Lefkovics (Jul 03)

xpzhang

how to request a cve id? xpzhang (Jul 25)

zdi-disclosures

ZDI-08-041: Novell eDirectory dhost Integer Overflow Code Execution Vulnerability zdi-disclosures (Jul 10)
ZDI-08-044: Mozilla Firefox CSSValue Array Memory Corruption Vulnerability zdi-disclosures (Jul 17)
ZDI-08-042: Sun Java Web Start Sandbox Bypass Vulnerability zdi-disclosures (Jul 17)
ZDI-08-043: Sun Java Web Start vm args Stack Buffer Overflow zdi-disclosures (Jul 17)
ZDI-08-045: Apple Safari StyleSheet ownerNode Heap Corruption Vulnerability zdi-disclosures (Jul 25)
ZDI-08-047: RealNetworks RealPlayer rmoc3260 ActiveX Control Memory Corruption Vulnerability zdi-disclosures (Jul 25)
[Full-disclosure] http://www.zerodayinitiative.com/advisories/ZDI-08-046 zdi-disclosures (Jul 25)

zhliu

FGA-2008-16: EMC Dantz Retrospect 7 backup Client 7.5.116 NULL-Pointer reference Denial of Service Vulnerability zhliu (Jul 21)
FGA-2008-16: EMC Dantz Retrospect 7 backup Server Authentication Module Weak Password Hash Arithmetic Vulnerability zhliu (Jul 21)
FGA-2008-16: EMC Dantz Retrospect 7 backup Client 7.5.116 Remote Memory corruption Vulnerability zhliu (Jul 21)
EMC Dantz Retrospect 7 backup Client PlainText Password Hash Disclosure Vulnerability zhliu (Jul 21)
Previous period Next period
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]