[Full-disclosure] FLEA-2007-0028-1: libexif

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Foresight Linux Essential Advisory: 2007-0028-1 Published: 2007-06-22 Rating: Moderate Updated Versions: libexif=/[EMAIL PROTECTED]:devel//[EMAIL PROTECTED]:1-devel//1/0.6.16-0.1-1 group-dist=/[EMAIL PROTECTED]:1-devel//1/1.3.1-0.1-3 Referen

[Full-disclosure] FLEA-2007-0028-1: libexif

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Foresight Linux Essential Advisory: 2007-0028-1 Published: 2007-06-22 Rating: Moderate Updated Versions: libexif=/[EMAIL PROTECTED]:devel//[EMAIL PROTECTED]:1-devel//1/0.6.16-0.1-1 group-dist=/[EMAIL PROTECTED]:1-devel//1/1.3.1-0.1-3 Referen

[Full-disclosure] [SECURITY] [DSA 1317-1] New tinymux packages fix buffer overflow

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA 1317-1 [EMAIL PROTECTED] http://www.debian.org/security/ Steve Kemp June 23, 2007 - -

[Full-disclosure] Month of Hashes of Random Hashes: Day 12

[ITEM #1] md5: 0d26087e7ea2e97b48bd86ce0410cf37 sha1: 0c9c5bd561ca8382573b0fa709c842ab9ce6e2bd sha256: 4cbdc77356a64e463986e84bd453db5b0117fc6319fe78bd8764e42d5668e7c8 [ITEM #2] md5: 405243108ee30048e4bc16aee30b94b1 sha1: c720e9871c2bdda45f4029bc97eb5f8b9424ee83 sha256: 07f0b4e82ddfd282a4a352efdce

[Full-disclosure] HackersFirst

As you may or may not already know, we have once again been attacked. Please disregard this and the previous eMail for they are both irrelevant to this mailing list. I am sorry for any inconvenience this may have cause you. ___ Full-Disclosure - We beli

[Full-disclosure] [ MDKSA-2007:135 ] - Updated webmin packages fix XSS vulnerability

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDKSA-2007:135 http://www.mandriva.com/security/ ___

[Full-disclosure] [SECURITY] [DSA 1318-1] New ekg packages fix denial of service

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- Debian Security Advisory DSA 1318-1[EMAIL PROTECTED] http://www.debian.org/security/ Moritz Muehlenhoff June 22nd, 2007

Re: [Full-disclosure] [ MDKSA-2007:129 ] - Updated jasper packages fix vulnerability

On Friday 22 June 2007 22:10:52 Debasis Mohanty wrote: > Last month while I was fuzzing an application using Jasper, I got this - > > The error message is "Error 500: Request processing failed; nested > exception is net.sf.jasperreports.engine.JRRuntimeException: > net.sf.jasperreports.engine.JRExc

[Full-disclosure] [GOODFELLAS - VULN] BarCodeAx.dll v. 4.9 ActiveX Control Remote Stack Buffer Overflow

:. GOODFELLAS Security Research TEAM .: :. http://goodfellas.shellcode.com.ar .: BarCodeAx.dll v. 4.9 ActiveX Control Remote Stack Buffer Overflow = Internal ID: VULWAR200706223 Introduction BarCodeAx.dll is a library

[Full-disclosure] The Battle

HockeyinJune the leader of the prestigious hacking group HackersFirst has agreed to provide Full Disclosure with an exclusive interview. Full Disclosure Representative: HockeyinJune, could you describe your role in the group and give a brief description of the group itself HockeyinJune: Sure thin

Re: [Full-disclosure] [ MDKSA-2007:129 ] - Updated jasper packages fix vulnerability

Last month while I was fuzzing an application using Jasper, I got this - The error message is "Error 500: Request processing failed; nested exception is net.sf.jasperreports.engine.JRRuntimeException: net.sf.jasperreports.engine.JRException: Error executing SQL statement for : FaultEventExceed_Fau

[Full-disclosure] FLEA-2007-0028-1: libexif

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Foresight Linux Essential Advisory: 2007-0028-1 Published: 2007-06-22 Rating: Moderate Updated Versions: libexif=/[EMAIL PROTECTED]:devel//[EMAIL PROTECTED]:1-devel//1/0.6.16-0.1-1 group-dist=/[EMAIL PROTECTED]:1-devel//1/1.3.1-0.1-3 Referen

Re: [Full-disclosure] Month of Random Hashes: IMPORTANT ANNOUNCEMENT

On 6/22/07, Month of Random Hashes <[EMAIL PROTECTED]> wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 The MoRH project has nothing to do with Dr. Neal Krawetz, PhD. / n3td3v / gobbles in any way. Please disregard his posts. They are trolls. FAQ coming soon. In what way are you not

[Full-disclosure] Orkut Server Side Session Management Error

Orkut Server Side Session Management Error The most recent version of this document is available at:- http://susam.in/security/advisory-2007-06-22.txt Release date:- 22 June, 2007 Type:- Session management error Authors:- Susam Pal, Vipul Agarwal Researchers:- Susam Pal, Vipul Agarwal, Gaurav

[Full-disclosure] [USN-476-1] redhat-cluster-suite vulnerability

=== Ubuntu Security Notice USN-476-1 June 22, 2007 redhat-cluster-suite vulnerability https://launchpad.net/bugs/121780 === A security issue affects the following Ubuntu re

Re: [Full-disclosure] Month of Random Hashes: DAY TWELVE

maybeso, but that does not come from the company. Blackmail requires some sort of "or else". Unilateral release of info might match a description of "reckless endangerment", but not blackmail. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Friday, June 22, 2007

Re: [Full-disclosure] The Battle

matt damon On 6/20/07, hockey june <[EMAIL PROTECTED]> wrote: > Hey, > I'm sending this e-mail out to people whom i feel have the capability of > being one of the best in the area of hacking. If you guys want to fight for > your internet rights, then join us in the battle! > > #HackersFirst > irc.

[Full-disclosure] Does what happens in the Facebook stay in the Facebook?

http://www.gnucitizen.org/blog/does-what-happens-in-the-facebook-stay-in-the-facebook Does what happens in the Facebook stay in the Facebook? is a quite clever video that shows some of the privacy issues that concern social networks today. I've talked about this topic in the Social Networks Mayhem

[Full-disclosure] XSS hvv.de

it's just like that: http://hvv.de/suche/index.php?searchkey=%3Cscript%3Ealert('hvv sucks')%3C/script%3E ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secu

[Full-disclosure] Static Code Analysis - Nuts and Bolts

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi list, due to personal interest I'd like to ask on your opinion regarding best practices for static code analysis. I guess most of us are accustomed to this method. After all - if you want to find a vulnerability that basically means that either l

Re: [Full-disclosure] Month of Random Hashes: DAY TWELVE

On Fri, 22 Jun 2007 11:15:57 EDT, [EMAIL PROTECTED] said: > No money or valuables demanded ==>no blackmail. Remember that in this industry, getting named as the first person to discover an exploit is a "valuable". pgpXgeDH9OcFa.pgp Description: PGP signature

Re: [Full-disclosure] Month of Random Hashes: DAY TWELVE

No money or valuables demanded ==>no blackmail. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of HACK THE GOV Sent: Wednesday, June 20, 2007 10:20 PM To: full-disclosure@lists.grok.org.uk Subject: [Full-disclosure] Month of Random Hashes: DAY TWELVE

[Full-disclosure] [CAID 35450, 35451, 35452, 35453]: CA Products That Embed Ingres Multiple Vulnerabilities

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Title: [CAID 35450, 35451, 35452, 35453]: CA Products That Embed Ingres Multiple Vulnerabilities CA Vuln ID (CAID): 35450, 35451, 35452, 35453 CA Advisory Date: 2007-06-21 Reported By: NGSSoftware, and iDefense Impact: Attackers can potentially ex