Home page logo
/

591 messages starting Jul 01 08 and ending Aug 01 08
Date index | Thread index | Author index

Tuesday, 01 July

Full-Disclosure? introducing lul-disclosure. staff
CFP 25C3 - The 25th Chaos Communication Congress 2008 fukami
[SCANIT-2008-002] Wordtrans-web Remote Command Execution Vulnerability Scanit Labs
[SCANIT-2008-003] Wordtrans-web Remote Command Execution Vulnerability Scanit Labs
[SCANIT-2008-001] QNX phgrafx Privilege Escalation Vulnerability Scanit Labs
[ GLSA 200807-01 ] Python: Multiple integer overflows Tobias Heinlein
[ GLSA 200807-02 ] Motion: Execution of arbitrary code Tobias Heinlein
Alphanumeric shellcode improvements Berend-Jan Wever
Re: [SCANIT-2008-001] QNX phgrafx Privilege Escalation Vulnerability mrdkaaa
Re: Collection of Vulnerabilities in Fully Patched Vim 7.1 Jan Minář
[SECURITY] [DSA 1560-1] New sympa packages fix denial of service Steve Kemp

Wednesday, 02 July

[tool] ratproxy - passive web application security assessment tool Michal Zalewski
Re: [SCANIT-2008-001] QNX phgrafx Privilege Escalation Vulnerability Filipe Balestra
Re: Full-Disclosure? introducing lul-disclosure. Tonnerre Lombard
Deepsec Talks 2007 are online - registration for 2008 is open DeepSec 2008
Re: Full-Disclosure? introducing lul-disclosure. root
Re: Full-Disclosure Digest, Vol 41, Issue 3 badr muhyeddin
[USN-619-1] Firefox vulnerabilities Jamie Strandboge
Re: Full-Disclosure? introducing lul-disclosure. mrdkaaa
Secunia Research: VLC Media Player WAV Processing Integer Overflow Secunia Research
n3td3v podcast n3td3v
Release of Pass-The-Hash Toolkit v1.4 Hernan Ochoa
Novell GroupWise Messenger Client (GWIM) Remote Stack Overflow [ISR] - Infobyte Security Research
Facebook script injection vulnerabilities Jouko Pynnonen

Thursday, 03 July

Re: Novell GroupWise Messenger Client (GWIM) Remote Stack Overflow mrdkaaa
Critical Aol Insta Chats Bug! staff
Gmail, Yahoo and Hotmail’s CAPTCHA broken by spammers Dancho Danchev
rPSA-2008-0212-1 tshark wireshark rPath Update Announcements
rPSA-2008-0211-1 mercurial mercurial-hgk rPath Update Announcements
DDIVRT-2008-12-ServerView SnmpGetMibValues.exe Buffer Overflow DDI_Vulnerability_Alert
WinMagic HDE encryption nobody
Re: n3td3v podcast Ureleet
Re: [Full-disclosure] Gmail, Yahoo and Hotmail’s CAPTCHA broken by spammers Ureleet
Re: n3td3v podcast n3td3v
Re: n3td3v podcast William Lefkovics
Re: n3td3v podcast n3td3v
Re: n3td3v podcast Arturo 'Buanzo' Busleiman
Re: n3td3v podcast n3td3v
Re: n3td3v podcast Arturo 'Buanzo' Busleiman
[ MDVSA-2008:127 ] - Updated PHP packages fix multiple vulnerabilities security

Friday, 04 July

[ MDVSA-2008:128 ] - Updated PHP packages fix multiple vulnerabilities security
[ MDVSA-2008:125 ] - Updated PHP packages fix multiple vulnerabilities security
[ MDVSA-2008:126 ] - Updated PHP packages fix multiple vulnerabilities security
[ MDVSA-2008:129 ] - Updated PHP packages fix multiple vulnerabilities security
Re: n3td3v podcast Ureleet
[ MDVSA-2008:130 ] - Updated PHP packages fix multiple vulnerabilities security
Re: Facebook script injection vulnerabilities Jouko Pynnonen
Panda ActiveScan 2.0 remote code execution Karol Więsek
Re: Panda ActiveScan 2.0 remote code execution Panda Security Response
Re: Panda ActiveScan 2.0 remote code execution Charles Majola
Re: Panda ActiveScan 2.0 remote code execution Randal T. Rioux
zonedit.com e dns zone transfer NetExpress
Re: Panda ActiveScan 2.0 remote code execution Robert Holgstad
[ MDVSA-2008:131 ] - Updated phpMyAdmin packages fix multiple vulnerabilities security
Re: Panda ActiveScan 2.0 remote code execution Panda Security Response
Re: Panda ActiveScan 2.0 remote code execution Elazar Broad
[ MDVSA-2008:132 ] - Updated gnome-screensaver packages fix authentication vulnerability security
[ MDVSA-2008:133 ] - Updated sympa packages fix DoS vulnerability security

Saturday, 05 July

[ MDVSA-2008:134 ] - Updated squid packages fix DoS vulnerability security
[ MDVSA-2008:135 ] - Updated gnome-screensaver packages fix authentication vulnerability security
[SECURITY] [DSA 1602-1] New pcre3 packages fix arbitrary code execution Florian Weimer
[SECURITY] [DSA 1601-1] New wordpress packages fix several vulnerabilities Thijs Kinkhorst

Sunday, 06 July

Re: Mrfetch Paul Carnes YouTube Neil McGovern
Re: Mrfetch Paul Carnes YouTube londone

Monday, 07 July

[ GLSA 200807-03 ] PCRE: Buffer overflow Robert Buchholz

Tuesday, 08 July

Pwnie Awards 2008 Alexander Sotirov
XSS in admin logs - vBulletin 3.7.2 and lower, vBulletin 3.6.10 PL2 and lower Jessica Hope
[SECURITY] [DSA 1603-1] New bind9 packages fix cache poisoning Florian Weimer
[SECURITY] [DSA 1604-1] BIND 8 deprecation notice Florian Weimer
[SECURITY] [DSA 1605-1] DNS vulnerability impact on the libc stub resolver Florian Weimer
Fwd: Comments on: Google powers up users' Gmail security arsenal n3td3v
[ GLSA 200807-04 ] Poppler: User-assisted execution of arbitrary code Matthias Geerdsen
Cisco Security Advisory: Multiple Cisco Products Vulnerable to DNS Cache Poisoning Attacks Cisco Systems Product Security Incident Response Team
Minneapolis DC612 Meeting July 10th, 2008 () 6pm David Bryan
Fusil the fuzzer version 0.9 released Victor Stinner
Re: Minneapolis DC612 Meeting July 10th, 2008 () 6pm infolookup
iDefense Security Advisory 07.08.08: Microsoft SQL Server Restore Integer Underflow Vulnerability iDefense Labs
[ MDVSA-2008:136 ] - Updated Firefox packages fix vulnerabilities security
[USN-622-1] Bind vulnerability Kees Cook
Coffee Wars 9 : Call for Beans foofus
Re: iDefense Security Advisory 07.08.08: Microsoft SQL Server Restore Integer Underflow Vulnerability Cesar
#2008-007 libpoppler uninitialized pointer - POC Felipe Andres Manzano

Wednesday, 09 July

Re: Coffee Wars 9 : Call for Beans Joe Barr
[ MDVSA-2008:137 ] - Updated OpenOffice.org fix vulnerability, and a few other bugs security
New round of SSH scan IP's James Lay
Critical flaw rocks the internet Ivan .
[ MDVSA-2008:138 ] - Updated OpenOffice.org packages fix vulnerability security
Re: Critical flaw rocks the internet Ivan .
Re: Critical flaw rocks the internet |e0
[MSA080709-001] OpenSSH Vulnerability mrdkaaa
Re: New round of SSH scan IP's A . L . M . Buxey
Re: New round of SSH scan IP's Peter van den Heuvel
Assurent VR - Adobe RoboHelp Server SQL Injection Vulnerability VR-Subscription-noreply
rPSA-2008-0216-1 firefox rPath Update Announcements
rPSA-2008-0217-1 vsftpd rPath Update Announcements
rPSA-2008-0218-1 ruby rPath Update Announcements
Re: Critical flaw rocks the internet Nate McFeters
Re: Critical flaw rocks the internet mutiny
Microsoft warns of attacks against Word 2002 SP 3 Nate McFeters
Re: New round of SSH scan IP's mutiny
Insomnia : ISVA-080709.1 - Microsoft SQL Server - Corrupt Backup File Heap Overflow Brett Moore
Trixbox 2.6.1 and below, remote root shell through local file inclusion Jean-Michel Besnard
Re: New round of SSH scan IP's James Lay
DNS and Checkpoint imipak
Zone Alarm Firewall users without Internet after MS patch (MS08-037) Pablo Molina
Re: Critical flaw rocks the internet Fredrick Diggle
[SECURITY] [DSA 1606-1] poppler packages fix execution of arbitrary code Steve Kemp
Re: Zone Alarm Firewall users without Internet after MS patch (MS08-037) James Lay
Re: New round of SSH scan IP's Knud Erik Højgaard
Re: Zone Alarm Firewall users without Internet after MS patch (MS08-037) Florian Weimer
Re: Zone Alarm Firewall users without Internet after MS patch (MS08-037) Valdis . Kletnieks
Re: Zone Alarm Firewall users without Internet after MS patch (MS08-037) Florian Weimer
Re: New round of SSH scan IP's Michael Holstein
[ GLSA 200807-05 ] OpenOffice.org: User-assisted execution of arbitrary code Pierre-Yves Rofes
[ MDVSA-2008:139 ] - Updated BIND packages fix critical DNS vulnerability security
[FDSA] BIND's vulnerability to packet forgery Fredrick Diggle
[ GLSA 200807-07 ] NX: User-assisted execution of arbitrary code Robert Buchholz
[ GLSA 200807-06 ] Apache: Denial of Service Robert Buchholz
Re: DNS and Checkpoint Rodrigo Rubira Branco (BSDaemon)
Re: Zone Alarm Firewall users without Internet after MS patch (MS08-037) Rodrigo Rubira Branco (BSDaemon)
Warning Adolf Hitler
rPSA-2008-0223-1 poppler rPath Update Announcements

Thursday, 10 July

List Charter John Cartwright
bloginfosec.com: We're looking for a few good columnists! Kenneth F. Belva
Re: DNS and Checkpoint Ray P
[ MDVSA-2008:140 ] - Updated ruby packages fix vulnerabilities security
[ MDVSA-2008:141 ] - Updated ruby packages fix vulnerabilities security
Re: bloginfosec.com: We're looking for a few good columnists! Kurt Dillard
[ MDVSA-2008:142 ] - Updated ruby packages fix vulnerabilities security
Re: bloginfosec.com: We're looking for a few good columnists! Jared DeMott
Re: bloginfosec.com: We're looking for a few good columnists! Fredrick Diggle
Re: bloginfosec.com: We're looking for a few good columnists! Enigma
Re: DNS and Checkpoint Deniz Cevik
London DEFCON July meet - DC4420 - Thursday 10th July (today!) alien
Context IS Advisory - MS08-39 OWA XSS Context IS - Disclosure
Re: DNS and Checkpoint Sandro Gauci
Nessus plugins for recent MS Bulletins Chandrashekhar B
Multiple Vendor DNS Cache Poisoning issue Chandrashekhar B
Re: Multiple Vendor DNS Cache Poisoning issue londone
Re: Multiple Vendor DNS Cache Poisoning issue Anders Klixbull
Re: Multiple Vendor DNS Cache Poisoning issue Peter van den Heuvel
Re: Warning Valdis . Kletnieks
Re: Multiple Vendor DNS Cache Poisoning issue Lolek of TK53
Re: Warning KJK::Hyperion
ZDI-08-041: Novell eDirectory dhost Integer Overflow Code Execution Vulnerability zdi-disclosures
iDefense Security Advisory 07.09.08: Novell eDirectory LDAP Search Request Heap Corruption Vulnerability iDefense Labs
Proxy Autoconfiguration and Internet Explorer Zones Elazar Broad
Multiple Vendor DNS Cache Poisoning issue Chandrashekhar B
Re: Multiple Vendor DNS Cache Poisoning issue Randal, Phil

Friday, 11 July

sballmer () microsoft com, root () apache org Fredrick Diggle
DNS and NAT (was: DNS and CheckPoint) Thomas Cross
Re: Proxy Autoconfiguration and Internet Explorer Zones Paul Szabo
[ MDVSA-2008:143 ] - Updated pidgin packages fix MSN protocol handler vulnerability security
Re: DNS and NAT (was: DNS and CheckPoint) Riad S. Wahby
Re: Proxy Autoconfiguration and Internet Explorer Zones Elazar Broad
0day offer Jeffrey Starck
IBM MRO MAXIMO INFORMATION DISCLOSURE AND XSS VULNERABILITIES Deniz Cevik
Kiwicon CFP 2k8 - Update Kiwicon Crue
SUSE Security Announcement: bind (SUSE-SA:2008:033) Thomas Biege
Re: 0day offer Neil McGovern
Re: DNS and NAT (was: DNS and CheckPoint) Thomas Cross
Re: DNS and NAT (was: DNS and CheckPoint) Valdis . Kletnieks
[SECURITY] [DSA 1607-1] New iceweasel packages fix several vulnerabilities Moritz Muehlenhoff
AUTOREPLY [SECURITY] [DSA 1607-1] New iceweasel... jr
Re: Multiple Vendor DNS Cache Poisoning issue Robert Holgstad
Re: DNS and NAT (was: DNS and CheckPoint) Riad S. Wahby
Re: Multiple Vendor DNS Cache Poisoning issue n3td3v
How should Full-Disclosure be funded? n3td3v
Re: DNS and NAT (was: DNS and CheckPoint) Elazar Broad
[ GLSA 200807-08 ] BIND: Cache poisoning Matthias Geerdsen
[NETRAGARD SECURITY ADVISORY][Apple Core Image Fun House <= 2.0 OS X -- Arbitrary Code Execution][NETRAGARD-20080711] Netragard Security Advisories
Nominate Dan Kaminsky for Most Overhyped Bug Pwnie Award n3td3v
Re: Nominate Dan Kaminsky for Most Overhyped Bug Pwnie Award Sandy Vagina
Re: How should Full-Disclosure be funded? Sandy Vagina
Re: Nominate Dan Kaminsky for Most Overhyped Bug Pwnie Award Valdis . Kletnieks
Re: Nominate Dan Kaminsky for Most Overhyped Bug Pwnie Award n3td3v
Re: How should Full-Disclosure be funded? Shawn Merdinger
Re: How should Full-Disclosure be funded? Paul Schmehl
DNS flaw fixing causes surge in DNS traffic Supranamaya Ranjan
Re: Nominate Dan Kaminsky for Most Overhyped Bug Pwnie Award Sandy Vagina
Re: DNS flaw fixing causes surge in DNS traffic n3td3v

Saturday, 12 July

[ MDVSA-2008:138-1 ] - Updated OpenOffice.org packages fix vulnerability security
Re: Nominate Dan Kaminsky for Most Overhyped Bug Pwnie Award n3td3v
Re: Nominate Dan Kaminsky for Most Overhyped Bug Pwnie Award Giancarlo Razzolini
Re: Nominate Dan Kaminsky for Most Overhyped Bug Pwnie Award Wesley McGrew
[ MDVSA-2008:144 ] - Updated openldap packages fix slapd DoS vulnerability security
Re: Nominate Dan Kaminsky for Most Overhyped BugPwnie Award the_man
Re: Nominate Dan Kaminsky for Most Overhyped Bug Pwnie Award sub
Re: Nominate Dan Kaminsky for Most Overhyped BugPwnie Award The Man
[MU-200807-01] Remote DoS in reSIProcate noreply
Re: DNS flaw fixing causes surge in DNS traffic Glenn.Everhart

Sunday, 13 July

[SECURITY] [DSA 1608-1] New mysql-dfsg-5.0 packages fix authorization bypass Devin Carraway
DNS Cache Dan Kamikaze (Actual Exploit Discussion) eugaaa () gmail com
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Paul Schmehl
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) eugaaa () gmail com
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) coderman

Monday, 14 July

Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) eugaaa () gmail com
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) coderman
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) eugaaa () gmail com
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Paul Schmehl
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) eugaaa () gmail com
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) eugaaa () gmail com
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Valdis . Kletnieks
DeepSec 2008 - Last call for submissions DeepSec Conference Vienna
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Paul Schmehl
iPhone ActivSync/iTunes flaw Darren Bounds
Flaw in eMule 0.49: it exposes the OS user account name when it sends the shared files list carl hardwick
Re: DNS and NAT (was: DNS and CheckPoint) Thomas Cross
Pwnie Awards: Nominations, delayed? n3td3v
Re: Pwnie Awards: Nominations, delayed? Valdis . Kletnieks
Re: Pwnie Awards: Nominations, delayed? n3td3v
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Mark Andrews

Tuesday, 15 July

Re: Pwnie Awards: Nominations, delayed? Sandy Vagina
[USN-624-1] PCRE vulnerability Kees Cook
Re: Pwnie Awards: Nominations, delayed? Alexander Sotirov
[ MDVSA-2008:145 ] - Updated bluez/bluez-utils packages fix SDP packet parsing vulnerability security
Re: List Charter Ureleet
Re: Pwnie Awards: Nominations, delayed? Ureleet
Re: Fwd: Comments on: Google powers up users' Gmail security arsenal Ureleet
Re: Nominate Dan Kaminsky for Most Overhyped BugPwnie Award Ureleet
Re: Multiple Vendor DNS Cache Poisoning issue Ureleet
Re: How should Full-Disclosure be funded? Ureleet
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Ureleet
Kon-Boot v.1.0 - booting-time ultimate linux hacking utility ; ) Piotr Bania
Open Security Foundation To Maintain Attrition.org's Data Loss Database - Open Source jkouns
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Rob
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Paul Schmehl
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Mark Andrews
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) FRLinux
[SECURITY] [DSA 1610-1] New gaim packages fix execution of arbitrary code Steve Kemp
[SECURITY] [DSA 1609-1] New lighttpd packages fix multiple DOS issues Steve Kemp
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Ureleet
Kaminsky DNS bug leaked Alexander Sotirov
Re: Kaminsky DNS bug leaked Valdis . Kletnieks
Re: Kaminsky DNS bug leaked Jared DeMott
Re: Kaminsky DNS bug leaked Peter Besenbruch
Re: Kaminsky DNS bug leaked M. Shirk
Re: Kaminsky DNS bug leaked M. Shirk
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) n3td3v
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Mike Owen
Oracle Application Server PLSQL injection flaw David Litchfield
[ GLSA 200807-09 ] Mercurial: Directory traversal Tobias Heinlein
iDefense Security Advisory 07.15.08: Oracle Database DBMS_AQELM Package Buffer Overflow Vulnerability iDefense Labs
iDefense Security Advisory 07.15.08: Oracle Database Local Untrusted Library Path Vulnerability iDefense Labs
iDefense Security Advisory 07.15.08: Oracle Internet Directory Pre-Authentication LDAP DoS Vulnerability iDefense Labs
Re: Kaminsky DNS bug leaked Nate McFeters
[SECURITY] [DSA 1569-3] New cacti packages fix regression Thijs Kinkhorst
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Mark Andrews
everything Professor Micheal Chatner
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Robert Holgstad
Re: Kaminsky DNS bug leaked Robert Holgstad

Wednesday, 16 July

Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Paul Schmehl
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Mark Andrews
[ MDVSA-2008:146 ] - Updated poppler packages fix arbitrary code execution vulnerability security
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Mark Andrews
Re: everything Stack Smasher
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Paul Schmehl
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Nick FitzGerald
Re: everything Professor Micheal Chatner
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Mark Andrews
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Valdis . Kletnieks
Re: everything Rob Thompson
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Paul Schmehl
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Ureleet
Re: everything Ureleet
Re: everything Stack Smasher
OwnTheBox @ DC16: Pwning for dollars OTB
[ MDVSA-2008:147 ] - Updated pcre packages fix vulnerability security
[USN-625-1] Linux kernel vulnerabilities Kees Cook
Re: Pwnie Awards: Nominations, delayed? Nate McFeters
Re: Nominate Dan Kaminsky for Most Overhyped Bug Pwnie Award Nate McFeters
Re: DNS and NAT (was: DNS and CheckPoint) Ryan McBride
Vim: Improper Implementation of shellescape()/Arbitrary Code Execution Jan Minář
Arbitrary code execution in Netrw version 127, Vim 7.2b Jan Minář
n.runs-SA-2008.002 - F-Prot Out-of-Bound Memory Access DoS (remote) security
Linux's unofficial security-through-coverup policy Brad Spengler
n.runs-SA-2008.003 - Quicktime - Arbitrary Code Execution (remote) security
[SECURITY] [DSA 1544-2] New pdns-recursor packages fix predictable randomness Florian Weimer
Re: Linux's unofficial security-through-coverup policy M. Shirk
Re: Linux's unofficial security-through-coverup policy Robert Peaslee
IETF Internet-Draft on TCP Port randomization Fernando Gont
Re: Linux's unofficial security-through-coverup policy Valdis . Kletnieks
Traversing Dan's directory - DNS statistics right from the source Alexander Klink
Re: Linux's unofficial security-through-coverup policy Valdis . Kletnieks
Re: DNS and NAT (was: DNS and CheckPoint) Marco Slaviero
[SECURITY] [DSA 1611-1] New afuse packages fix privilege escalation Thijs Kinkhorst
rPSA-2008-0035-1 httpd mod_ssl rPath Update Announcements
Oracle Portal XSS fixed by CPU July 2008 Andrea Purificato
Re: Linux's unofficial security-through-coverup policy Brad Spengler
Re: Linux's unofficial security-through-coverup policy Brad Spengler
Oracle DB security contact email address? Kristian Erik Hermansen

Thursday, 17 July

Re: Oracle DB security contact email address? Elazar Broad
n3td3v Professor Micheal Chatner
ekoparty security trainings (2008) announcement ekoparty
Re: Linux's unofficial security-through-coveruppolicy Garrett Groff
Re: Linux's unofficial security-through-coverup policy A . L . M . Buxey
Re: n3td3v n3td3v
Re: [Dailydave] Linux's unofficial security-through-coverup policy Dave Aitel
Re: [Full-disclosure] [Dailydave] Linux's unofficial security-through-coverup policy Elazar Broad
Re: Linux's unofficial security-through-coverup policy Brad Spengler
Re: [Dailydave] Linux's unofficial security-through-coverup policy Paul Schmehl
Re: [Full-disclosure] [Dailydave] Linux's unofficial security-through-coverup policy Elazar Broad
[USN-623-1] Firefox vulnerabilities Jamie Strandboge
DNS spoofing issue. Thoughts on potential exploits Troy Xyz
Re: [Full-disclosure] [Dailydave] Linux's unoff icial security-through-coverup policy Steve Grubb
Re: [Dailydave] Linux's unofficial security-through-coverup policy Blue Boar
ZDI-08-044: Mozilla Firefox CSSValue Array Memory Corruption Vulnerability zdi-disclosures
ZDI-08-042: Sun Java Web Start Sandbox Bypass Vulnerability zdi-disclosures
ZDI-08-043: Sun Java Web Start vm args Stack Buffer Overflow zdi-disclosures
Re: Linux's unofficial security-through-coverup policy Arturo 'Buanzo' Busleiman
Re: [Dailydave] Linux's unofficial security-through-coverup policy staff
Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution Jan Minář
Stop The 70% Lie The Security Community

Friday, 18 July

[ MDVSA-2008:148 ] - Updated Firefox packages fix vulnerabilities security
Re: [funsec] Stop The 70% Lie Gadi Evron
Re: Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution Nikolai Weibull
Lateral SQL Injection Revisited - No Special Privs Required David Litchfield
Re: [Dailydave] Linux's unofficial security-through-coverup policy Joel Jose
Re: [Dailydave] Linux's unofficial security-through-coverup policy Valdis . Kletnieks
Re: [Dailydave] Linux's unofficial security-through-coverup policy Joel Jose
rPSA-2008-0230-1 bind bind-utils rPath Update Announcements

Saturday, 19 July

AFK from fool-disclosure Kingcope Kingcope
Re: AFK from fool-disclosure n3td3v
Fwd: Stop The 70% Lie n3td3v
AFK from full-disclosure Kingcope Kingcope
Oracle Database Local Untrusted Library Path Vulnerability Joxean Koret
rPSA-2008-0231-1 bind bind-utils rPath Update Announcements
Torvalds attacks IT industry 'security circus' n3td3v
[ MDVSA-2008:149 ] - Updated mysql packages fix vulnerabilities security
Re: Torvalds attacks IT industry 'security circus' n3td3v
[ MDVSA-2008:150 ] - Updated mysql packages fix vulnerabilities security

Sunday, 20 July

Re: List Charter PEra

Monday, 21 July

[White Paper] Abusing HTML 5 Structured Client-side Storage Alberto Trivero
2600 Last Hope Conference NYC infolookup
Re: Pwnie Awards 2008 David Litchfield
Re: Oracle Database Local Untrusted Library Path Vulnerability jmpascual
FGA-2008-16: EMC Dantz Retrospect 7 backup Client 7.5.116 NULL-Pointer reference Denial of Service Vulnerability zhliu
FGA-2008-16: EMC Dantz Retrospect 7 backup Server Authentication Module Weak Password Hash Arithmetic Vulnerability zhliu
FGA-2008-16: EMC Dantz Retrospect 7 backup Client 7.5.116 Remote Memory corruption Vulnerability zhliu
EMC Dantz Retrospect 7 backup Client PlainText Password Hash Disclosure Vulnerability zhliu
[SECURITY] [DSA 1612-1] New ruby1.8 packages fix several vulnerabilities Moritz Muehlenhoff
Re: Pwnie Awards 2008 Kingcope Kingcope
[ GLSA 200807-10 ] Bacula: Information disclosure Pierre-Yves Rofes
[ GLSA 200807-11 ] PeerCast: Buffer overflow Pierre-Yves Rofes
[ GLSA 200807-12 ] BitchX: Multiple vulnerabilities Pierre-Yves Rofes
NULL pointer in ZDaemon 1.08.07 Luigi Auriemma
Kaminsky's DNS Issue Leaked? natron
help: I need to crack my box Lucio Crusca
Re: help: I need to crack my box Paul Schmehl

Tuesday, 22 July

[ MDVSA-2008:151 ] - Updated libxslt packages fix buffer overflow vulnerability security
Re: help: I need to crack my box Alex Howells
Re: help: I need to crack my box Lucio Crusca
Re: help: I need to crack my box razi garbie
Dan Kaminsky wants podcast with n3td3v n3td3v
Re: help: I need to crack my box Lucio Crusca
Re: help: I need to crack my box (Lucio Crusca) nigel
Re: help: I need to crack my box pUm
Re: Dan Kaminsky wants podcast with n3td3v Ureleet
Re: help: I need to crack my box Paul Schmehl
Re: AFK from fool-disclosure Ureleet
Re: n3td3v Ureleet
Re: Kaminsky's DNS Issue Leaked? Ureleet
Re: help: I need to crack my box (Lucio Crusca) Ureleet
Re: help: I need to crack my box Valdis . Kletnieks
Re: Nominate Dan Kaminsky for Most Overhyped Bug Pwnie Award Ureleet
Re: Dan Kaminsky wants podcast with n3td3v n3td3v
Re: Nominate Dan Kaminsky for Most Overhyped Bug Pwnie Award solemn
Re: AFK from fool-disclosure solemn
[USN-627-1] Dnsmasq vulnerability Jamie Strandboge
Re: help: I need to crack my box the.soylent
[SECURITY] [DSA 1613-1] new libgd2 packages fix multiple vulnerabilities Devin Carraway
PR08-16: CSRF (Cross-site Request Forgery) on Moodle edit profile page ProCheckUp Research
PR08-13: Persistent Cross-site Scripting (XSS) on Moodle via blog entry title ProCheckUp Research
PR08-15: Several Webroot Disclosures on Moodle ProCheckUp Research
The cat is indeed out of the bag monsieur . aglie
Re: The cat is indeed out of the bag James Lay
Re: Dan Kaminsky wants podcast with n3td3v Jerome Benoit
Re: Dan Kaminsky wants podcast with n3td3v Maxime Ducharme
Re: Dan Kaminsky wants podcast with n3td3v jf
Re: The cat is indeed out of the bag schroedinger
Re: The cat is indeed out of the bag schroedinger
Re: The cat is indeed out of the bag Archibald Tuttle
Re: The cat is indeed out of the bag kat
[ MDVSA-2008:152 ] - Updated wireshark packages fix denial of service vulnerability security
AST-2008-010: Asterisk IAX 'POKE' resource exhaustion Asterisk Security Team
AST-2008-011: Traffic amplification in IAX2 firmware provisioning system Asterisk Security Team

Wednesday, 23 July

Re: Dan Kaminsky wants podcast with n3td3v n3td3v
Pin Pop... (ATM Pins?) Kevin Finisterre (lists)
Re: help: I need to crack my box Lucio Crusca
Re: AFK from fool-disclosure Anders Klixbull
Re: Nominate Dan Kaminsky for Most Overhyped Bug Pwnie Award n3td3v
Re: AFK from fool-disclosure Slythers Bro
Re: Nominate Dan Kaminsky for Most Overhyped Bug Pwnie Award mcwidget
Re: The cat is indeed out of the bag Robert McKay
Re: The cat is indeed out of the bag mokum von Amsterdam
Re: The cat is indeed out of the bag Peter Dawson
Re: Nominate Dan Kaminsky for Most Overhyped BugPwnie Award imipak
Vim: Flawed Fix of Arbitrary Code Execution Vulnerability in filetype.vim Jan Minář
Is the security industry like a lemon market? Daniel Guido
Re: Is the security industry like a lemon market? Daniel Guido
[USN-628-1] PHP vulnerabilities Jamie Strandboge
[SECURITY] [DSA 1614-1] New iceweasel packages fix several vulnerabilities Moritz Muehlenhoff
[SECURITY] [DSA 1615-1] New xulrunner packages fix several vulnerabilities Moritz Muehlenhoff
Vulnerability Report: EMC Centera Universal Access Aaron Brown
[SECURITY] [DSA 1540-3] New lighttpd packages fix regression Thijs Kinkhorst
DNS forward only: why does it help? Paul Szabo
[ MDVSA-2008:153 ] - Updated emacs packages fix vulnerability security
[tool] SDT Cleaner 1.0 Nahuel C. Riva
[ MDVSA-2008:153 ] - Updated emacs packages fix vulnerability security
[ MDVSA-2008:154 ] - Updated xemacs packages fix vulnerability security
CAU-EX-2008-0002: Kaminsky DNS Cache Poisoning Flaw Exploit I)ruid

Thursday, 24 July

CAU-EX-2008-0003: Kaminsky DNS Cache Poisoning Flaw Exploit for Domains I)ruid
[SECURITY] [DSA 1616-1] new clamav packages fix denial of service Devin Carraway
ladies Professor Micheal Chatner
Re: ladies Exibar
Comments on: DNS exploit code is in the wild n3td3v
Re: Comments on: DNS exploit code is in the wild Ray P
Signs of compromised DNS? James Lay
Re: Comments on: DNS exploit code is in the wild n3td3v
Re: Comments on: DNS exploit code is in the wild MadHat Unspecific
Re: Comments on: DNS exploit code is in the wild Valdis . Kletnieks
SPAM from Tobesecurity.com Arturo 'Buanzo' Busleiman
Re: ladies Dale Harris
Re: SPAM from Tobesecurity.com Robert Holgstad
Re: DNS spoofing issue. Thoughts on potential exploits Troy Xyz
Kaminsky corroborates the DNS vuln. discovered and published by Flake Kristo pher
Re: DNS spoofing issue. Thoughts on potential exploits list-fulldisclosure
Pen Test forums? blah
Re: Pen Test forums? Ivan .

Friday, 25 July

Re: Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution Robert Buchholz
Re: Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution Jan Minář
[USN-629-1] Thunderbird vulnerabilities Jamie Strandboge
how to request a cve id? xpzhang
Re: Signs of compromised DNS? I)ruid
Re: CAU-EX-2008-0002: Kaminsky DNS Cache Poisoning Flaw Exploit Ganbold
...? (: I)ruid
Re: ...? (: coderman
Re: Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution Robert Buchholz
Kaminsky's Law n3td3v
[SECURITY] [DSA 1617-1] New refpolicy packages fix incompatible policy Devin Carraway
Re: ladies RandallMan
Re: Kaminsky's Law Exibar
Re: Signs of compromised DNS? James Lay
Flashblock Bypass Sowhat
Re: Kaminsky's Law Robert Holgstad
protecting yourself from DLP Kyle C. Quest
Secunia Research: RealPlayer SWF Frame Handling Buffer Overflow Secunia Research
signature for DNS vulnerability? crazy frog crazy frog
Re: signature for DNS vulnerability? Micheal Cottingham
Re: signature for DNS vulnerability? Albert R. Campa
Re: signature for DNS vulnerability? Erik Kamerling
Re: signature for DNS vulnerability? Elazar Broad
Dan Kaminsky Disclosure Methodology + Super Critical vulnerability disclosure in Windows Fredrick Diggle
Re : CAU-EX-2008-0002: Kaminsky DNS Cache Poisoning Flaw Exploit tixxDZ
SECOBJADV-2008-02: Cygwin Installation and Update Process can be Subverted Vulnerability advisories
Re: Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution Steven M. Christey
Re: Dan Kaminsky Disclosure Methodology + Super Critical vulnerability disclosure in Windows coderman
Re: Re : CAU-EX-2008-0002: Kaminsky DNS Cache Poisoning Flaw Exploit H D Moore
Re: Dan Kaminsky Disclosure Methodology + Super Critical vulnerability disclosure in Windows Fredrick Diggle
Re: Dan Kaminsky Disclosure Methodology + Super Critical vulnerability disclosure in Windows Fredrick Diggle
Re: how to request a cve id? Fredrick Diggle
Real Networks RealPlayer ActiveX Heap Use After Free Vulnerability Elazar Broad
Re: Dan Kaminsky Disclosure Methodology + Super Critical vulnerability disclosure in Windows n3td3v
Re: [bugtraq] Re: CAU-EX-2008-0002: Kaminsky DNS Cache Poisoning Tuc at T-B-O-H.NET
ZDI-08-045: Apple Safari StyleSheet ownerNode Heap Corruption Vulnerability zdi-disclosures
ZDI-08-047: RealNetworks RealPlayer rmoc3260 ActiveX Control Memory Corruption Vulnerability zdi-disclosures
[Full-disclosure] http://www.zerodayinitiative.com/advisories/ZDI-08-046 zdi-disclosures
[ MDVSA-2008:155 ] - Updated Thunderbird packages fix multiple vulnerabilities security

Saturday, 26 July

DNS spoofing issue. Thoughts on RandallMan
Re: DNS spoofing issue. Thoughts on Paul Schmehl
Re: DNS spoofing issue. Thoughts on Valdis . Kletnieks
Re: Dan Kaminsky Disclosure Methodology + Super Critical vulnerability disclosure in Windows eugaaa () gmail com
Re: signature for DNS vulnerability? crazy frog crazy frog
Re: Dan Kaminsky Disclosure Methodology + Super Critical vulnerability disclosure in Windows n3td3v
Re: Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution Jan Minář
[SECURITY] [DSA 1616-2] New clamav packages fix denial of service Devin Carraway
Re: Kaminsky's Law Adam Chesnutt
[SECURITY] [DSA 1618-1] New ruby1.9 packages fix several vulnerabilities Moritz Muehlenhoff
Re: DNS spoofing issue. Thoughts on Paul Schmehl
Media backlash begins against HD Moore and I)ruid n3td3v
Re: DNS spoofing issue. Thoughts on imipak
Re: DNS spoofing issue. Thoughts on Paul Schmehl
Re: DNS spoofing issue. Thoughts on n3td3v
Re: DNS spoofing issue. Thoughts on Paul Szabo

Sunday, 27 July

Re: DNS spoofing issue. Thoughts on Valdis . Kletnieks
Re: [inbox] Re: DNS spoofing issue. Thoughts on Exibar
Re: DNS spoofing issue. Thoughts on potential exploits Mark Andrews
simple phishing fix lsi
[SECURITY] [DSA 1620-1] New python2.5 packages fix several vulnerabilities Moritz Muehlenhoff
Re: simple phishing fix trejrco
[SECURITY] [DSA 1619-1] New python-dns packages fix DNS response spoofing Devin Carraway
Re: how to request a cve id? Steven M. Christey
Re: how to request a cve id? Georgi Guninski
Re: Dan Kaminsky Disclosure Methodology + Super Critical vulnerability disclosure in Windows Robert Holgstad
Re: DNS spoofing issue. Thoughts on Glenn.Everhart
[ MDVSA-2008:155-1 ] - Updated Thunderbird packages fix multiple vulnerabilities security
Re: DNS spoofing issue. Thoughts on John D. Reason
[SECURITY] [DSA 1621-1] New icedove packages fix several vulnerabilities Moritz Muehlenhoff

Monday, 28 July

Re: simple phishing fix Biz Marqee
Re: Dan Kaminsky Disclosure Methodology + Super Critical vulnerability disclosure in Windows T Biehn
Re: AFK from fool-disclosure Anders Klixbull
Re: DNS spoofing issue. Thoughts on coderman
Re: simple phishing fix lsi
Re: simple phishing fix Biz Marqee
Re: simple phishing fix lsi
Tool release: [evilgrade] - Using DNS cache poisoning to exploit poor update implementations [ISR] - Infobyte Security Research
Re: how to request a cve id? Steven M. Christey
Re: how to request a cve id? Steven M. Christey
Re: Kaminsky's Law n3td3v
Trend Micro OfficeScan ObjRemoveCtrl ActiveX Control Buffer Overflow Vulnerability Elazar Broad
Re: how to request a cve id? n3td3v
[USN-630-1] ffmpeg vulnerability Kees Cook
[USN-631-1] poppler vulnerability Kees Cook
[ MDVSA-2008:156 ] - Updated libpng packages fix vulnerability security
iDefense Security Advisory 07.28.08: Hewlett-Packard OVIS Probe Builder Arbitrary Process Termination Vulnerability iDefense Labs

Tuesday, 29 July

[USN-626-1] Firefox and xulrunner vulnerabilities Jamie Strandboge
Re: simple phishing fix lsi
VMSA-2008-00011 Updated ESX service console packages for Samba and vmnix VMware Security team
Re: simple phishing fix Stian Øvrevåge
Re: simple phishing fix Nick FitzGerald
Re: how to request a cve id? John D. Reason
rPSA-2008-0236-1 httpd mod_ssl rPath Update Announcements
rPSA-2008-0235-1 fetchmail fetchmailconf rPath Update Announcements
rPSA-2008-0237-1 tshark wireshark rPath Update Announcements
rPSA-2008-0238-1 firefox rPath Update Announcements
n.runs-SA-2008.004 - AVG Anti-Virus Divide by Zero - DoS (remote) security
Re: [Full-disclosure] Trend Micro OfficeScan ObjRemoveCtrl ActiveX Control Buffer Overflow Vulnerability Elazar Broad
Re: 0day offer Charles Majola
Re: simple phishing fix Peter Besenbruch
Re: simple phishing fix Glenn.Everhart
Re: simple phishing fix Randal T. Rioux
Remote Cisco IOS FTP server exploit Andy Davis
[ MDVSA-2008:157 ] - ffmpeg security
Re: simple phishing fix Peter Besenbruch
Memory corruption and NULL pointer in Unreal Tournament III 1.2 Luigi Auriemma
Application Security Tom Brennan
NULL pointer in Unreal Tournament 2004 v3369 Luigi Auriemma

Wednesday, 30 July

RealNetworks RealPlayer ActiveX Illegal Resource Reference Vulnerability cocoruder
Re: 0day offer Jeffrey Starck
Re: simple phishing fix lsi
Re: ladies Charles Majola
Re: simple phishing fix Nick FitzGerald
Cisco IOS shellcode explanation Andy Davis
Advisories advisories
Fwd: 'World's most dangerous hacker' to be extradited to US n3td3v
Fwd: Are Bug Disclosures Helping or Hurting? n3td3v
Tool: PorkBind Nameserver Security Scanner super
Recall: simple phishing fix Glenn.Everhart
Re: simple phishing fix Robert Holgstad
Re: DNS spoofing issue. Thoughts on Valdis . Kletnieks
Re: simple phishing fix blah
Re: Recall: simple phishing fix Aaron Turner
Cisco IOS shellcode explanation - additional Andy Davis
Re: simple phishing fix Peter Besenbruch
Re: simple phishing fix Exibar
Re: Advisories Robert Holgstad
Re: simple phishing fix Dragos Ruiu
[ MDVSA-2008:158 ] silc-toolkit security
Re: simple phishing fix Exibar
Re: Tool: PorkBind Nameserver Security Scanner Arturo 'Buanzo' Busleiman
Citrix MetaFrame Privilege Escalation Wendel Guglielmetti Henrique
Re: Fwd: Are Bug Disclosures Helping or Hurting? n3td3v
Re: simple phishing fix Dragos Ruiu
[ MDVSA-2008:159 ] licq security

Thursday, 31 July

Re: [inbox] Re: simple phishing fix Exibar
Re: simple phishing fix Raj Mathur
Re: [inbox] Re: simple phishing fix Dragos Ruiu
Re: Fwd: Are Bug Disclosures Helping or Hurting? Knud Erik Højgaard
F-PROT antivirus 6.2.1.4252 infinite loop denial of service via malformed archive Knud Erik Højgaard
rPSA-2008-0241-1 openssl openssl-scripts rPath Update Announcements
[SECURITY] [DSA 1622-1] New newsx packages fix arbitrary code execution Thijs Kinkhorst
Re: Tool: PorkBind Nameserver Security Scanner Jost Krieger
Re: [inbox] Re: simple phishing fix Exibar
Secunia Research: Blue Coat K9 Web Protection "Referer" Header Buffer Overflow Secunia Research
Secunia Research: Blue Coat K9 Web Protection Response Handling Buffer Overflows Secunia Research
[SECURITY] [DSA 1623-1] New dnsmasq packages fix cache poisoning Moritz Muehlenhoff
Assurent VR - CA ARCserve Backup for Laptops and Desktops LGServer Handshake Buffer Overflow VR-Subscription-noreply
iDefense Security Advisory 07.30.08: SAP MaxDB dbmsrv Untrusted Execution Path Vulnerability iDefense Labs
[ GLSA 200807-13 ] VLC: Multiple vulnerabilities Pierre-Yves Rofes
[ GLSA 200807-14 ] Linux Audit: Buffer overflow Pierre-Yves Rofes
[ GLSA 200807-15 ] Pan: User-assisted execution of arbitrary code Pierre-Yves Rofes
Re: [inbox] Re: simple phishing fix Valdis . Kletnieks
[SECURITY] [DSA 1624-1] New libxslt packages fix arbitrary code execution Moritz Muehlenhoff
Will the real Don Bailey please stand up? don bailey
[ GLSA 200807-16 ] Python: Multiple vulnerabilities Robert Buchholz

Friday, 01 August

Re DNS spoofing issue discussion Mary and Glenn Everhart
Re: Re DNS spoofing issue discussion don bailey
Re: Re DNS spoofing issue discussion Paul Schmehl
Re: Re DNS spoofing issue discussion don bailey
Re: Re DNS spoofing issue discussion Paul Schmehl
Re: Re DNS spoofing issue discussion don bailey
Previous period Next period
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]