Here we go:
http://jawe.aon.at/search/aon.sp?query=alert(1);
The issue has been reported to AON before.
Regards,
Florian Stinglmayr
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and spons
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
FF 2.0.0.2 - binary version on a gentoo box. crashes.
Tõnu Samuel wrote:
> Can be dupe but in fast browsing over topics I did not discovered this
> exploit:
>
> http://people.zoy.org/~sam/firefox-crash-save-session-before-clicking.gif
>
>
> I d
===
Ubuntu Security Notice USN-432-2 March 13, 2007
gnupg2, gpgme1.0 vulnerability
CVE-2007-1263
===
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
Dear Gmail
We use the following email to collect the victim credentials[1].
Please ban our asses!
[EMAIL PROTECTED]
-
thanks for reading
h he
[1] http://ntv-ec.ddo.jp/seihukoho222/tairyoku/0811/.security_online/bani.zip
___
Full-Disc
dear Yahoo
we use the following email to collect credentials stolen via phishing
pages[1]. Please ban our asses!
[EMAIL PROTECTED]
thanks for reading
he he
[1] http://www.hit-banniere.com/p/BankofAmericaOnlineID.zip
___
Exactly...
Date: Mon, 12 Mar 2007 11:28:38 -0500
From: "Jason Areff" <[EMAIL PROTECTED]>
Subject: Re: [Full-disclosure] firefox 2.0.0.2 crash
To: "Kristian Hermansen (khermans)" <[EMAIL PROTECTED]>
Cc: full-disclosure@lists.grok.org.uk
Message-ID:
<[EMAIL PROTECTED]>
Content-Type: tex
Dear Bank of America,
hh> [1] http://www.hit-banniere.com/p/BankofAmericaOnlineID.zip
Look what they do with your SiteKey "protection".
--
http://secdev.zoller.lu
Thierry Zoller
Fingerprint : 5D84 BFDC CD36 A951 2C45 2E57 28B3 75DD 0AC6 F1C7
___
Ful
Description:
in file unrarlib.c don't exist the check control of size len filename
passed in function urarlib_get() using strcpy()
Source error:
--
char ArcName[255];/* RAR archive
..
int urarlib_get(void *output,
unsigned long *size,
char
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDKSA-2007:062
http://www.mandriva.com/security/
___
//
CREDIT:
discovered by meto5757 and disfigure
PRODUCT:
vBulletin
http://www.vbulletin.com/
VULNERABILITY:
SQL Injection
NOTES:
- not a serious vulnerability, can only be used by administrator of site
- SQL injection can be used to obtain password hash
-
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDKSA-2007:061
http://www.mandriva.com/security/
___
Why is this "genius" sending virus infected attachments to the list?
The Trojan Horse Infostealer.Bancos.Z is attached to his "research data"...
it steals passwords and logs keystrokes entered into certain financial Web
sites.
On 3/12/07, Thierry Zoller <[EMAIL PROTECTED]> wrote:
Dear list,
You really need to learnt to read.
>
--
http://secdev.zoller.lu
Thierry Zoller
Fingerprint : 5D84 BFDC CD36 A951 2C45 2E57 28B3 75DD 0AC6 F1C7
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclos
[EMAIL PROTECTED], phr34kz, g33k5, InfoSec pros, and "not" you feds/cops (heh),
CarolinaCon-2007 is April 20th-22nd. Check out the carolinacon.org
site for more details. Here's a sample of what's on tap currently,
as far as pure talks go (in no particular order whatsoever). Also
these abstracts
Greetings,
Some of you may be interested in a new report titled "Windows Vista Network
Attack Surface Analysis" by myself, Ollie Whitehouse, Tim Newsham, and Matt
Conover.
http://www.symantec.com/avcenter/reference/Vista_Network_Attack_Surface_RTM.
pdf ( http://tinyurl.com/2qrglc )
You migh
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200703-11
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
ascii wrote:
> Paul Laudanski wrote:
>
>> I tried both your scripts at a few locations, and all I get back is this
>>
> [cut]
>
> hi Paul, long time from ccc : )
>
Hey sure how are you? Been well? I've been really busy with CC.
> it happens because http headers must be on a single line
ascii wrote:
> Paul Laudanski wrote:
>
>> I tried both your scripts at a few locations, and all I get back is this
>>
> [cut]
>
> hi Paul, long time from ccc : )
>
Hey sure how are you? Been well? I've been really busy with CC.
> it happens because http headers must be on a single lin
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 1266-1[EMAIL PROTECTED]
http://www.debian.org/security/ Moritz Muehlenhoff
March 13th, 2007
hi full-disclosure,
McAfee ePolicy Orchestrator Multiple Remote Buffer Overflow Vulnerabilities
by cocoruder of FSRT(Fortinet Security Research Team)
hfli_at_fortinet.com
Summary:
Multiple remote buffer overflow vulnerabilities exist in the ActiveX
Control named "SiteManager.Dll" of McAfe
20 matches
Mail list logo
