On Fri, 12 Jan 2007 14:34:21 +0100, Ben Bucksch said:
> These are the ground rules. There may be reasons to immediately publish
> without pre-notification, e.g. when the bug is too obvious. Under no
> circumstance should a fix take longer than one month.
Oh, do we wish it were so...
Yes, there'
On Mon, Jan 01, 2007 at 05:43:05PM -0800, Blue Boar wrote:
> Does this actually work on people on a security mailing list?
Speaking as someone whose current employer has chosen to subscribe
its NOC staff group email (a member of which, thankfully, I am not)
on an Exchange server to various securit
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDKSA-2007:013
http://www.mandriva.com/security/
___
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 1248-1[EMAIL PROTECTED]
http://www.debian.org/security/ Moritz Muehlenhoff
January 12nd, 2007
On 12 Jan 07, at 08:05, Slythers Bro wrote:
> hi,
> sorry but i know nothing about the real physical "quantic theory"
> i'am not a physician
> i just know there are 3 states : 0 ,1 and unknow
<...>
This approach won't work for anything beyond the most trivial
cryptographic computations: attempti
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200701-08
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200701-07
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200701-06
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200701-05
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
On Fri, 12 Jan 2007 [EMAIL PROTECTED] wrote:
> The Web Application Security Consortium is also doing such a project at
> http://www.webappsec.org/projects/honeypots/ . May be worthwhile to share
> data perhaps?
My thoughts exactly!
Although.. it is high time we started getting out of the mindset
The Web Application Security Consortium is also doing such a project at
http://www.webappsec.org/projects/honeypots/ . May be worthwhile to share data
perhaps?
- zeno
http://www.cgisecurity.com/ Web Application Security news, and more
http://www.cgisecurity.com/index.rss [Security RSS Feed]
>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDKSA-2007:012
http://www.mandriva.com/security/
___
Dear List,
> 1. Open attachment.
>Does this actually work on people on a security mailing list?
> BB
It surely work if moderators do not strip of the attachments and make
them availalble in the archives :
http://lists.grok.org.uk/pipermail/full-disclosure/2007-January/051522.html
More interest
hi,
sorry but i know nothing about the real physical "quantic theory"
i'am not a physician
i just know there are 3 states : 0 ,1 and unknow
"How? In what way?" >> look in the .rar
"> i used this lib for coding fuckmd5.cpp
You did? I can't see any sign of tri-state logic in the final source
co
[ Warning: this email message includes links to live web server malware
propagated this Wednesday via file inclusions exploits. These links are
not safe! ]
Hello.
The newly formed Web Honeynet Project from SecuriTeam and the ISOTF will
in the next few months announce research on real-world web se
Hi Mark,
On Tue, Jan 09, 2007 at 12:40:47PM -0700, Mark Senior wrote:
> Perhaps you can't comment, which I respect, but I wonder - is there a
> general Cisco policy on vulnerability announcements being short on technical
> detail like this? This advisory seemed pretty much standard for advisories
I hope you realize that you open a highly controversial subject, i.e
flamewar. My current approach is:
Basic idea is that vendors should have the ability to fix them without
the public exploiting it at the same time, but even during the secret
time, various parties will see the bug, so this tim
Vulnerability Disclosure: Where Do You Stand?
If you see a glaring security hole in a sensitive application, what will
you do? Will you notify the developer? The users? Other hackers? Sometimes
it's best not to be the good Samaritan. Read about "The Chilling Effect"
and also find out why Bruce S
===
Ubuntu Security Notice USN-406-1 January 12, 2007
openoffice.org/-amd64, openoffice.org2/-amd64 vulnerability
CVE-2006-5870
===
A security issue affects the following Ubun
Hello,
I wrote a new article about Anti-DNS Pinning + Socket in FLASH.
http://www.jumperz.net/index.php?i=2&a=3&b=3
Demo is here:
http://www.jumperz.net/index.php?i=2&a=1&b=8
--
Kanatoko<[EMAIL PROTECTED]>
Open Source WebAppFirewall
http://guardian.jumperz.net/
20 matches
Mail list logo