Announcing ChronIC - a wearable Sub-GHz RF hacking tool

with a great big nod to atlas 0f d00m, this RFCat inspired project utilises the RF capable wristwatch that comes with the TI Chronos dev kits... blog entry is here: http://adamsblog.aperturelabs.com/2013/03/you-can-ring-my-bell-adventures-in-sub.html code can be found on the Aperture Labs

Re: Squid 3.2.7 DoS (loop, 100% cpu) strHdrAcptLangGetItem() at errorpage.cc

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 03/07/2013 05:37 PM, Amos Jeffries wrote: On 6/03/2013 9:53 a.m., tytusromekiato...@hushmail.com wrote: # DoS (loop, 100% cpu) strHdrAcptLangGetItem() at errorpage.cc #

TagScanner v5.1 - Stack Buffer Overflow Vulnerability

Title: == TagScanner v5.1 - Stack Buffer Overflow Vulnerability Date: = 2013-01-22 References: === http://www.vulnerability-lab.com/get_content.php?id=831 VL-ID: = 831 Common Vulnerability Scoring System: 6.4 Introduction:

[SECURITY] [DSA 2643-1] puppet security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-2643-1 secur...@debian.org http://www.debian.org/security/ Yves-Alexis Perez March 12, 2013

Open-Xchange Security Advisory 2013-03-13

Multiple security issues for Open-Xchange Server have been discovered and fixed. The vendor has chosen responsible full disclosure to publish security issue details. Users of the software have already been provided with patched versions. Proof regarding authenticity can be obtained from the

SEC Consult SA-20130313-0 :: QlikView Desktop Client Integer Overflow

SEC Consult Vulnerability Lab Security Advisory 20130313-0 === title: QlikView Desktop Client Integer Overflow product: QlikView Desktop Client vulnerable version: 11.00 SR2 fixed version: 11.20

[ MDVSA-2013:022 ] openssh

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:022 http://www.mandriva.com/en/support/security/

[CVE-2013-1814] Apache Rave exposes User over API

CVE-2013-1814: Apache Rave exposes User over API Severity: Important Vendor: The Apache Software Foundation Versions Affected: Rave 0.11 to 0.20 Description: Rave returns the full user object, including the salted and hashed password, via the User RPC API. This endpoint is only available to

[ MDVSA-2013:023 ] coreutils

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:023 http://www.mandriva.com/en/support/security/

Cisco Video Surveillance Operations Manager Multiple vulnerabilities

# Exploit Title:Cisco Video Surveillance Operations Manager Multiple vulnerabilities # Google Dork: intitle:Video Surveillance Operations Manager Login # Date: 22 Feb 2013 reported to the vendor # Exploit Author: Bassem | bassem.co # Vendor Homepage: www.cisco.com # Version: Version 6.3.2 #

Re: [CVE-REQUEST] Foscam = 11.37.2.48 path traversal vulnerability

CVE Assigned: CVE-2013-2560. 2013/3/2 Frédéric BASSE basse.frede...@gmail.com: [CVE-REQUEST] Foscam = 11.37.2.48 path traversal vulnerability ___ Summary: Foscam firmware = 11.37.2.48 is prone to a path traversal

[ MDVSA-2013:024 ] firefox

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:024 http://www.mandriva.com/en/support/security/