I found and reported this back in 2005/2006. Microsoft told me that it
had been reported previously and that it would be fixed in the next
release, which I'm guessing they meant 2007. I do not know if they
have fixed it in Exchange 2007.
On Sat, Nov 15, 2008 at 5:33 AM, Piergiorgio Venuti
[EMAIL
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200811-05
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
Herewith a new release of RFIDIOt, which is very much a work in
progress, but has some goodies that make it worth releasing now...
From CHANGES:
v0.u - November 2008
add testlahf.sh script for testing LAHF units
fix -R reader type override in RFIDIOtconfig.py
add RFIDIOtconfig.py checking for
Hi all,
also I've found this vulnerability 1 year ago during a pt and work fine
with url obfuscation. I've read that with owa 2007 this vulnerability is
patched but I don't have tried yet.
Best regards,
Piergiorgio
Giuseppe Gottardi ha scritto:
Davide, let me comfort you...
I found this
Having not found one (except msf) that reliably works against my own setup
thought of writing my own MS08-067 exploit piece. Plugged the shellcode for
win2k and win2k3[sp2]. No plans for updating the xp shellcode.
Grab the python here:
http://www.hackingspirits.com/vuln-rnd/vuln-rnd.html
-d
[waraxe-2008-SA#068] - Sql Injection in vBulletin 3.7.3.pl1
===
Author: Janek Vind waraxe
Date: 17. November 2008
Location: Estonia, Tartu
Web: http://www.waraxe.us/advisory-68.html
Description of vulnerable software:
rPath Security Advisory: 2008-0321-1
Published: 2008-11-17
Products:
rPath Linux 1
rPath Linux 2
Rating: Minor
Exposure Level Classification:
Indirect User Deterministic Unauthorized Access
Updated Versions:
[EMAIL PROTECTED]:1/1.6.1-8.4-1
[EMAIL PROTECTED]:2/1.6.4-4-0.1
I verified that OWA 2007 is not vulnerable to the redirection attacks
described below.
Angelo Castigliola III
EISRM - Application Security Architecture
Unum
Telephone: 207-575-3820
Mobile: 207-590-3630
[EMAIL PROTECTED]
-Original Message-
From: Piergiorgio Venuti [mailto:[EMAIL
Hello all -
I don't have time for a fancy advisory format, but I did want to disclose an
issue.
Sometime in early October (late September?), around the time Opera 9.6 was
released, I noticed that you could get it to crash after supplying the file://
handler with ~16,500 characters. I played
Exodus v0.10 uri handler arbitrary parameter injection
by Nine:Situations:Group::strawdog
tested against IE8b/xpsp3
may not work against non-English systems because of an installation bug
[waraxe-2008-SA#069] - Multiple Sql Injection in vBulletin 3.7.4
===
Author: Janek Vind waraxe
Date: 17. November 2008
Location: Estonia, Tartu
Web: http://www.waraxe.us/advisory-69.html
Description of vulnerable
===
Ubuntu Security Notice USN-671-1 November 17, 2008
mysql-dfsg-5.0 vulnerabilities
CVE-2008-2079, CVE-2008-3963, CVE-2008-4097, CVE-2008-4098
===
A security issue affects
12 matches
Mail list logo