[Full-disclosure] [TOOL] Version 0.2 of bing-ip2hosts released

I've just released version 0.2 of bing-ip2hosts. Introduction Bing.com is a search engine owned by Microsoft formerly known as MSN Search and Live Search. It has a unique feature to search for websites hosted on a specific IP address. This feature is can be used with the IP:

[Full-disclosure] Vulnerability Centreon IT Network Monitoring v2.1.5

#!/usr/bin/perl # //[PoC]-// # # Title : Centreon IT Network Monitoring v2.1.5 - Injection SQL # Version : 2.1.5 # Author : Jonathan Salwan (j.sal...@sysdream.com) # # # [Vuln sql injection] # http://localhost/centreon/main.php?p=201host_id=-1%20[SQL Injection]o=pmin=1 # #

Re: [Full-disclosure] Security system

On Tuesday, March 30, 2010, T Biehn tbi...@gmail.com wrote: Nah, I'm saying a GSM jammer would block your prepaid cell signal. So if your adversary were to cut the power, cut the net AND jam GSM you'd be out of luck in getting notification. Very tru, tho u can combine this with a remote box

[Full-disclosure] 3rd CfP: ACCESS 2010 || September 20-25, 2010 - Valencia, Spain

INVITATION: = Please consider to contribute to and/or forward to the appropriate groups the following opportunity to submit and publish original scientific results. = == ACCESS 2010 | Call for Papers === CALL FOR PAPERS, TUTORIALS,

[Full-disclosure] 3rd CfP: INTERNET 2010 || September 20-25, 2010 - Valencia, Spain

INVITATION: = Please consider to contribute to and/or forward to the appropriate groups the following opportunity to submit and publish original scientific results. = == INTERNET 2010 | Call for Papers === CALL FOR PAPERS, TUTORIALS,

Re: [Full-disclosure] Security system

Can't hurt. I don't trust machines in DCs much less VPSs. An adversary with the resources and motivation to kill power, net, and jam GSM when they're pwning your house would probably be able to know about and take out your watchdog box in the same move. -Travis On Fri, Apr 2, 2010 at 9:46 AM,

[Full-disclosure] ZDI-10-033: Microsoft Internet Explorer TIME2 Behavior Remote Code Execution Vulnerability

ZDI-10-033: Microsoft Internet Explorer TIME2 Behavior Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-033 April 2, 2010 -- CVE ID: CVE-2010-0492 -- Affected Vendors: Microsoft -- Affected Products: Microsoft Internet Explorer -- TippingPoint(TM) IPS

[Full-disclosure] ZDI-10-034: Microsoft Internet Explorer Tabular Data Control ActiveX Remote Code Execution Vulnerability

ZDI-10-034: Microsoft Internet Explorer Tabular Data Control ActiveX Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-034 April 2, 2010 -- CVE ID: CVE-2010-0805 -- Affected Vendors: Microsoft -- Affected Products: Microsoft Internet Explorer --

[Full-disclosure] ZDI-10-035: Apple QuickTime genl Atom Remote Code Execution Vulnerability

ZDI-10-035: Apple QuickTime genl Atom Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-035 April 2, 2010 -- CVE ID: CVE-2010-0526 -- Affected Vendors: Apple -- Affected Products: Apple Quicktime -- TippingPoint(TM) IPS Customer Protection: TippingPoint IPS

[Full-disclosure] ZDI-10-036: Apple QuickTime H.263 PictureHeader Remote Code Execution Vulnerability

ZDI-10-036: Apple QuickTime H.263 PictureHeader Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-036 April 2, 2010 -- CVE ID: CVE-2010-0062 -- Affected Vendors: Apple -- Affected Products: Apple Quicktime -- TippingPoint(TM) IPS Customer Protection:

[Full-disclosure] ZDI-10-037: Apple QuickTime MJPEG Sample Dimensions Remote Code Execution Vulnerability

ZDI-10-037: Apple QuickTime MJPEG Sample Dimensions Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-037 April 2, 2010 -- CVE ID: CVE-2010-0517 -- Affected Vendors: Apple -- Affected Products: Apple Quicktime -- TippingPoint(TM) IPS Customer Protection:

[Full-disclosure] ZDI-10-038: Apple QuickTime QDMC/QDM2 Remote Code Execution Vulnerability

ZDI-10-038: Apple QuickTime QDMC/QDM2 Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-038 April 2, 2010 -- CVE ID: CVE-2010-0060 -- Affected Vendors: Apple -- Affected Products: Apple Quicktime -- TippingPoint(TM) IPS Customer Protection: TippingPoint IPS

[Full-disclosure] ZDI-10-039: Apple OS X Internet Enabled Disk Image Remote Code Execution Vulnerability

ZDI-10-039: Apple OS X Internet Enabled Disk Image Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-039 April 2, 2010 -- CVE ID: CVE-2010-0497 -- Affected Vendors: Apple -- Affected Products: Apple OS X -- TippingPoint(TM) IPS Customer Protection:

[Full-disclosure] ZDI-10-040: Apple QuickTime RLE Bit Depth Remote Code Execution Vulnerability

ZDI-10-040: Apple QuickTime RLE Bit Depth Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-040 April 2, 2010 -- CVE ID: CVE-2010-0516 -- Affected Vendors: Apple -- Affected Products: Apple Quicktime -- TippingPoint(TM) IPS Customer Protection: TippingPoint

[Full-disclosure] ZDI-10-041: Apple QuickTime QDM2/QDCA Atom Remote Code Execution Vulnerability

ZDI-10-041: Apple QuickTime QDM2/QDCA Atom Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-041 April 2, 2010 -- CVE ID: CVE-2010-0059 -- Affected Vendors: Apple -- Affected Products: Apple Quicktime -- TippingPoint(TM) IPS Customer Protection:

[Full-disclosure] ZDI-10-042: Apple QuickTime MediaVideo Compressor Name Remote Code Execution Vulnerability

ZDI-10-042: Apple QuickTime MediaVideo Compressor Name Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-042 April 2, 2010 -- CVE ID: CVE-2010-0528 -- Affected Vendors: Apple -- Affected Products: Apple Quicktime -- TippingPoint(TM) IPS Customer

[Full-disclosure] ZDI-10-043: Apple QuickTime FlashPix NumberOfTiles Remote Code Execution Vulnerability

ZDI-10-043: Apple QuickTime FlashPix NumberOfTiles Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-043 April 2, 2010 -- CVE ID: CVE-2010-0519 -- Affected Vendors: Apple -- Affected Products: Apple Quicktime -- TippingPoint(TM) IPS Customer Protection:

[Full-disclosure] ZDI-10-044: Apple QuickTime FLI LinePacket Remote Code Execution Vulnerability

ZDI-10-044: Apple QuickTime FLI LinePacket Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-044 April 2, 2010 -- CVE ID: CVE-2010-0520 -- Affected Vendors: Apple -- Affected Products: Apple Quicktime -- TippingPoint(TM) IPS Customer Protection:

[Full-disclosure] ZDI-10-045: Apple QuickTime MPEG-1 genl Atom Remote Code Execution Vulnerability

ZDI-10-045: Apple QuickTime MPEG-1 genl Atom Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-045 April 2, 2010 -- CVE ID: CVE-2010-0526 -- Affected Vendors: Apple -- Affected Products: Apple OS X -- TippingPoint(TM) IPS Customer Protection: TippingPoint

[Full-disclosure] ZDI-10-046: Mozilla Firefox Web Worker Array Remote Code Execution Vulnerability

ZDI-10-046: Mozilla Firefox Web Worker Array Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-046 April 2, 2010 -- CVE ID: CVE-2010-0160 -- Affected Vendors: Mozilla Firefox -- Affected Products: Mozilla Firefox 3.6.x -- TippingPoint(TM) IPS Customer

[Full-disclosure] ZDI-10-047: Mozilla Firefox libpr0n imgContainer Bits-Per-Pixel Change Remote Code Execution Vulnerability

ZDI-10-047: Mozilla Firefox libpr0n imgContainer Bits-Per-Pixel Change Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-047 April 2, 2010 -- CVE ID: CVE-2010-0164 -- Affected Vendors: Mozilla Firefox -- Affected Products: Mozilla Firefox 3.6.x --

[Full-disclosure] ZDI-10-048: Mozilla Firefox nsTreeContentView Dangling Pointer Remote Code Execution Vulnerability

ZDI-10-048: Mozilla Firefox nsTreeContentView Dangling Pointer Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-048 April 2, 2010 -- CVE ID: CVE-2010-0176 -- Affected Vendors: Mozilla Firefox -- Affected Products: Mozilla Firefox 3.5.x -- Vulnerability

[Full-disclosure] ZDI-10-049: Mozilla Firefox PluginArray nsMimeType Dangling Pointer Remote Code Execution Vulnerability

ZDI-10-049: Mozilla Firefox PluginArray nsMimeType Dangling Pointer Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-049 April 2, 2010 -- CVE ID: CVE-2010-0177 -- Affected Vendors: Mozilla Firefox -- Affected Products: Mozilla Firefox 3.5.x --

[Full-disclosure] ZDI-10-050: Mozilla Firefox nsTreeSelection EventListener Remote Code Execution Vulnerability

ZDI-10-050: Mozilla Firefox nsTreeSelection EventListener Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-050 April 2, 2010 -- CVE ID: CVE-2010-0175 -- Affected Vendors: Mozilla Firefox -- Affected Products: Mozilla Firefox 3.5.x -- Vulnerability

Re: [Full-disclosure] Security system

An adversary with the resources and motivation to kill power, net, and jam GSM when they're pwning your house would probably be able to know about and take out your watchdog box in the same move. Reminds me of the adage Locks keep honest people honest. Dream up all the fancy security and

[Full-disclosure] Non ZDI Post - EOM

___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Security system

Good, they have minds of their own. On Fri, Apr 2, 2010 at 3:03 PM, T Biehn tbi...@gmail.com wrote: Can't hurt. I don't trust machines in DCs much less VPSs. An adversary with the resources and motivation to kill power, net, and jam GSM when they're pwning your house would probably be able

[Full-disclosure] [CORELAN]-10-018 - TugZip 3.5

|--| | __ __ | | _ / /___ _ / / _ ___ | | / ___/ __ \/ ___/ _ \/ / __ `/ __ \ / __/ _ \/ __ `/ __ `__ \ | | / /__/ /_/ / / /

[Full-disclosure] Apple patent lawyers fail to close ddtek, Defcon CTF goes on

FOR IMMEDIATE RELEASE 1 APRIL 2010 DEFCON CTF QUALIFIER ANNOUNCED Defense Diutinus Technologies Corp (ddtek) is pleased to announce the round of qualification for DEFON 18 CTF. Stock up on Red Bull, put the pizza delivery on speed dial, polish up your fancy shellcodes, and replenish the duct

[Full-disclosure] FileCache: tmp file permission vulnerability.

FileCache: tmp file permission vulnerability. Larry W. Cashdollar Vapid Labs http://vapid.dhs.org 2/16/2010 Perl Cache-Cache-1.06 is a memory and file caching module for perl. It stores its default file cache in /tmp with world read/write permissions. A local attacker can use this cache to

Re: [Full-disclosure] Security system

Fucking love it On Tue, Mar 30, 2010 at 3:30 PM, T Biehn tbi...@gmail.com wrote: Buy a prepaid cell, rig your comp phone up to a battery backup. Breakout board on your Serial port, or from a USB-DB9 RS232 adapter. Have the text messaged banged out on the prepaid, rig wires from the

[Full-disclosure] [SECURITY] [DSA 2026-1] New netpbm-free packages fix denial of service

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-2026-1 secur...@debian.org http://www.debian.org/security/Giuseppe Iuculano April 02, 2010

[Full-disclosure] Vulnerabilities in HoloCMS

Hello Full-Disclosure! I want to warn you about security vulnerabilities in HoloCMS. - Advisory: Vulnerabilities in HoloCMS - URL: http://websecurity.com.ua/4068/ - Timeline: 17.03.2010 - found vulnerabilities.