On Mon, 28 Aug 2006 12:45:09 +1200 Nick FitzGerald wrote:
> Denis Jedig wrote:
>
>> Are there any documented cases on "serious" (i.e. not for scientific
>> research or fun, but profit) desinformation or propaganda campaigns using
>> XSS for their purposes? Some weird US pre-election stuff maybe?
No cON Name 2006 - ACCEPTED CONFERENCES
http://www.noconname.org/congreso2006.php
***
We proudly announce the accepted conferences for the No cON Name 2006.
You can register now in https://demon.noconname.org/inscripcion.php.
Check the web page a couple of days before the congress for the timeta
On Mon, 28 Aug 2006 10:13:56 +0200, Denis Jedig said:
> Maybe I should rephrase: I was mainly interested in cases similar to the
> demonstrated one where "news" were spread to the general public to
> influence the behavior of "the masses" rather than mere individuals.
> Phishing is a really regret
I want to straiten out, that this posting does NOT come from me!
A look at the header clarifies that:
Return-Path: <[EMAIL PROTECTED]>
Received: from mx4.noc.eunet-ag.at (mx4.noc.eunet-ag.at
[193.154.160.127])
by imap02 (Cyrus v2.2.12-Red Hat 2.2.12-2tis) with LMTPA;
Fri, 17 Ma
Message: 16Date: Sat, 26 Aug 2006 22:23:29 +0100From: "Jeb Bush" <
[EMAIL PROTECTED]>Subject: [Full-disclosure] Alias update alertTo: full-disclosure@lists.grok.org.ukMessage-ID:
<[EMAIL PROTECTED]>Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Update your spy alert scriptsn3t
From: "Jeb Bush" <[EMAIL PROTECTED]
>Subject: [Full-disclosure] Fwd: multi billion dollar corporation hasntfixed its privacy flaw yet-- Forwarded message --From: Jeb Bush <
[EMAIL PROTECTED]>Date: Aug 26, 2006 11:20 PMSubject: multi billion dollar corporation hasnt fixed
[vuln.sg] Vulnerability Research Advisory
Cybozu Products Arbitrary File Retrieval Vulnerability
by Tan Chew Keong
Release Date: 2006-08-28
Summary
---
A vulnerability has been found in Cybozu Products. When exploited, the
vulnerability allows an authenticated user to retrieve arbitrary file
[vuln.sg] Vulnerability Research Advisory
Cybozu Garoon 2 SQL Injection Vulnerabilities
by Tan Chew Keong
Release Date: 2006-08-28
Summary
---
Some SQL injection vulnerabilities have been found in Cybozu Garoon 2.
When exploited by a logon user, the vulnerabilities allow manipulation
of SQL
On Friday 17 March 2006 03:07 Christoph Gruber wrote:
I want to straiten out, that this posting does NOT come from me!
A look at the header clarifies that:
Return-Path: <[EMAIL PROTECTED]>
Received: from mx4.noc.eunet-ag.at (mx4.noc.eunet-ag.at
[193.154.160.127])
by imap02 (Cyrus v2.2.
Information Security Community,
Please consider our paper - "Creating Business Through Virtual Trust:
How to Gain and Sustain a Competitive Advantage Using Information
Security" - for your review.
Here is the abstract from our paper:
"Cash. Profit. Margins. Productivity. This is the language
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200608-25
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
On 8/28/06, Jeb Osama <[EMAIL PROTECTED]> wrote:
> From: "Jeb Bush" <[EMAIL PROTECTED] >
> Subject: [Full-disclosure] Fwd: multi billion dollar corporation hasnt
> fixed its privacy flaw yet
>
> -- Forwarded message --
> From: Jeb Bush < [EMAIL PROTECTED]>
> Date: Aug
--On Monday, August 28, 2006 09:54:42 -0400 [EMAIL PROTECTED] wrote:
Who needs that XSS shit when there's Fox News?
Like the other news agencies are any better.
Paul Schmehl ([EMAIL PROTECTED])
Adjunct Information Security Officer
The University of Texas at Dallas
http://www.utdallas.edu/
Oh, something almost comprehensible from a surprising source.
However, I think you need some ABC in corporate security.
Jeb Bush wrote:
The flaw allows you to read the victim's status message.
This means telephone numbers etc whatever the victim adds to
their status message is disclose
On Mon, 28 Aug 2006, Paul Schmehl wrote:
> --On Monday, August 28, 2006 09:54:42 -0400 [EMAIL PROTECTED] wrote:
> >
> > Who needs that XSS shit when there's Fox News?
>
> Like the other news agencies are any better.
Yes, actually. The other news agencies are *provably* better. The more
peop
--On Monday, August 28, 2006 13:03:02 -0700 Benjamin Franz
<[EMAIL PROTECTED]> wrote:
Like the other news agencies are any better.
Yes, actually. The other news agencies are *provably* better. The more
people watch FoxNews, the *less* accurate their understanding of world
events is - makin
On 8/28/06, Anders B Jansson <[EMAIL PROTECTED]> wrote:
Oh, something almost comprehensible from a surprising source.
However, I think you need some ABC in corporate security.
Jeb Bush wrote:
> The flaw allows you to read the victim's status message.
>
> This means telephone numbers etc
--On Monday, August 28, 2006 09:54:42 -0400 [EMAIL PROTECTED] wrote:
Who needs that XSS shit when there's Fox News?
Paul Schmehl wrote:
Like the other news agencies are any better.
Actually, some of them are. Some may be as air headed, but Fox has as
its mission to promote a Republica
On Mon, 28 Aug 2006 09:54:42 -0400 [EMAIL PROTECTED] wrote:
> Who needs that XSS shit when there's Fox News?
There's not always a Fox equivalent outside of the US. The antiquated
Europeans might be in bad need of such a case as the level of trust in mass
media is far too high.
Denis
___
There's not always a Fox equivalent outside of the US. The antiquated
Europeans might be in bad need of such a case as the level of trust in mass
media is far too high.
I'm not too sure. We generally trust our news sources but we still
remain skeptical of them. That said, many people (even outsi
* Karol Wiesek <[EMAIL PROTECTED]> [2006-08-05 00:49:34 +0200]:
> I've found only mandriva has suitable setuid binary
>
> details -> http://karol.wiesek.pl/files/lesstif-advisory.pdf
You don't indicate which version of mtink is installed or, rather, which
version of printer-utils is installed.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDKSA-2006:153
http://www.mandriva.com/security/
___
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDKSA-2006:154
http://www.mandriva.com/security/
___
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 1160-1[EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
August 29th, 2006
24 matches
Mail list logo