[ MDVSA-2008:019 ] - Updated cairo packages fix vulnerability

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2008:019 http://www.mandriva.com/security/

Some hashes for the record

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I ask for apologies if it bothers somebody. MD5 and SHA1 hashes per each PoC file. F-Prot Antivirus - d54de0bab426d71ea48d819ca0ac1de4 d8565761239d9a57309c94d32ae1950f77559e4c cfe971aec2c7a786177a701a3c88e161

Re: common dns misconfiguration can lead to same site scripting

On Mon, Jan 21, 2008 at 09:25:08AM +0100, Florian Weimer wrote: | Note that all domains that contain hosts should have a localhost A | record in them. That RFC was obsoleted by RFC 1912 in 1996, so there's no RFC conformance issue if you omit the domain names. But it explains why there are

Troopers 08 Security Conference, Call for Papers

Troopers 08 - get skilled or get owned is a new two-day conference that brings together some of the brightest minds of the international infosec community. The event will be held on 23rd and 24th april 2008 in Munich/Germany. Keynotes will be given by Dan Bernstein and Christofer Hoff. There

RE: Country by Country ISA Computer Sets

sarcasm tagfor=oblivoious Yeh, but what if I want you to justify your decisions in the context of my perceptions? You don't find it reasonable that because you wish to share your efforts for free that they should serve my needs as well? /sarcasm For the record, I tried Tim's blocklists and

[SECURITY] [DSA 1473-1] New scponly packages fix arbitrary code execution

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-1473[EMAIL PROTECTED] http://www.debian.org/security/ Florian Weimer January 21, 2008

PacerCMS Multiple Vulnerabilities (XSS/SQL)

PacerCMS Multiple Vulnerabilities (XSS/SQL). Product: PacerCMS Version: 0.6 Vendor: http://pacercms.sourceforge.net/ Date:01/22/08 - Introduction PacerCMS is a content management solution for student and non-daily community

Belong Site Builder 0.1b Bypass Admincp

# Name : Belong Site Builder 0.1b Bypass Admincp # Download From : http://www.belongsoftware.co.uk/ Or Direct Link : http://www.belongsoftware.co.uk/site_builder_v0_1beta.zip # Found By : RoMaNcYxHaCkEr We Are H-T TeaM (Houssamix - ToXiC) # Home Page : Not Yet :(

DeluxeBB 1.1 XSS Vulnerabilitie

#Founded: 21, January 2008 #Autor: NBBN #Type: XSS #DeluxeBB Version: 1.1 #Register

Re: PR07-38: XSS on sIFR

Unfortunately there's a bit of confusion, as Mike Davidson of mikeindustries.com is no longer the maintainer of sIFR, and he has not updated the sIFR page in a while. This issue was found and resolved on July 4th 2007, in version 2.0.3. It also appears that Internet Explorer is not vulnerable

XSRF under Dean’s Permalinks Migration 1.0

1. Abstract There is and a XSRF under Dean's Permalinks Migration Plugin version 1.0 which allow any attacker to conduct the user to do and a unsolicited action this combined within a XSS bug (also found) in the plugin allows and attacker to gain valid credentials for the WordPress based CMS. 2.

Apache mod_negotiation Xss and Http Response Splitting

Apache mod_negotiation Xss and Http Response Splitting Date: January 22th, 2008 Tested Versions: Apache =1.3.39 = 2.0.61 = 2.2.6 Minded Security ReferenceID: MSA01150108 Credits: Discovery by Stefano Di Paola of Minded