|--|
| __ __ |
| _ / /___ _ / / _ ___ |
| / ___/ __ \/ ___/ _ \/ / __ `/ __ \ / __/ _ \/ __ `/ __ `__ \ |
| / /__/ /_/ / / / _
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2010:016
http://www.mandriva.com/security/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2010:018
http://www.mandriva.com/security/
There is a fairly in depth discussion of the issue here:
http://arstechnica.com/web/news/2010/01/facebook-att-play-fast-and-loose-with-user-authentication.ars
Not a routing issue, more of a proxy issue, and not uncommon in mobile carrier
networks. Getting security right in a mobile application i
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01971741
Version: 1
HPSBMA02485 SSRT090252 rev.1 - HP Power Manager, Remote Execution of Arbitrary
Code
NOTICE: The information in this Security Bulletin should be acted upon as soon
as possi
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2010:017
http://www.mandriva.com/security/
Hey,
AP Report says it was a 'routing problem'? any idea what they are
talking about, do THEY know what they are talking about?
Did AT&T mix up the destination ip addresses? did facebook NOT CHECK IP
ADDRESS AND COOKIES and disable the session when the ip changed?
As far as I can tell no techn
Just my two cents, but...
Many mobile providers are implementing caching on their proxies to make
up for the overpopulated state of their networks, and depending on how
the session ID is generated and stored (being a mobile device this is a
bit more complicated than just setting cookies), it would
##www.BugReport.ir
#
#AmnPardaz Security Research Team
#
# Title:Blaze Apps Multiple Vulnerabilities
# Vendor: http://blazeapps.codeplex.com
# Vulnerable Version: 1.4.0.051909 (and prior version
##www.BugReport.ir
#
#AmnPardaz Security Research Team
#
# Title:ezContents CMS Multiple Vulnerabilities
# Vendor: http://ezcontents.org/
# Vulnerable Version: 2.0.3 (and prior versions)
# Explo
# Date: 2010.01.17
# Author: superli
# Software Link: http://i2d.www.duba.net/i2d/kws3/KWSSetup.exe
# Version: 3.0
# Tested on: xpsp3 ie6
# greeting to KingSoft,can you really help users avoiding being hacked ? this
vuln almost effect in all of the duba security software.
# Code :
# Date: 2010.01.17
# Author: superli
# Software Link: http://an.baidu.com/
# Version: 2.0
# Tested on: xpsp3 ie6
# Greeting to all the guys of Baidu Security Center,please dont use Kingsoft
sh*t to keep your user safe,you can use 360safe instead.I guess I will join
your team and play games t
# Date: 2010.01.17
# Author: superli
# Software Link: http://down.sandai.net/Thunder5.9.14.1246.exe
# Version: <= 5.9.14.1246
# Tested on: xpsp3 ie6
# Greeting to Xunlei Security Center guys,your guys still not yet release patch
or new version to fix the vunl which also can #attack Xunlei KanKan
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2010:015
http://www.mandriva.com/security/
= CodeScan Advisory, codescan.com
=
= Multiple vulnerablities in Xoops 2.4.3
=
= Vendor Website:
= http://www.xoops.org
=
= Affected Version:
=Xoops 2.4.3 And Earlier
=
= Researched By
=CodeScan Labs
=
= Public disc
I logged out of the mobile interface on my AT&T cell phone. "Just in case"
What is also frightening / interesting is that facebook seems to link
the two sessions so that when I logged out of the phone based session to
m.facebook.com, I was also logged out of my web based session as well.
Even
Steven J. Koch wrote in part:
>The following is opinion, not necessarily fact.
The same is true here.
>While penalties for "hacking" (why can't anyone use the appropriate
>term, cracking?), have become more severe in China, unfortunately
>those outside the jurisdiction of China's laws have noth
Product:
OpenOffice
Tested Vulnerable Versions:
3.1.1 and 3.1.0
Vulnerability:
Null Pointer
Description:
Hellcode Research discovered a null pointer vulnerability in Openoffice for
Windows.
Opening a malformed ".slk" file with Openoffice, causes a crash on "soffice.bin"
PoC:
http://tcc.h
Version 1.9 has been released,
http://www.owasp.org/index.php/Category:OWASP_JBroFuzz
New Features:
Implemented HTTP Proxy support
Header panel is now accessible via Tools -> Headers (Ctrl+H)
Added UTF-16 to the available fuzzer encodings
Added a User-Agent fuzzer (check example 6 in the install
19 matches
Mail list logo