http://uncyclopedia.org/wiki/Pot_v._Kettle
Kradorex Xeron wrote:
> Simon and Joey,
>
> Your comments are not contributing anything of value to the list and is
> causing SNR of the list to go down.
>
> I strongly suggest for you to both take your personal banter off-list. I
> suspect that th
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Title: [CAID 35525, 35526]: CA Products Arclib Library Denial of
Service Vulnerabilities
CA Vuln ID (CAID): 35525, 35526
CA Advisory Date: 2007-07-24
Reported By:
CVE-2006-5645 - Titon of BastardLabs and Damian Put
working with the iDefense VC
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Title: [CAID 35524]: eTrust Intrusion Detection caller.dll
Vulnerability
CA Vuln ID (CAID): 35524
CA Advisory Date: 2007-07-24
Reported By: Sebastian Apelt working with the iDefense VCP
Impact: A remote attacker can execute arbitrary code.
Summar
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Title: [CAID 35527]: CA Message Queuing (CAM / CAFT) Buffer
Overflow Vulnerability
CA Vuln ID (CAID): 35527
CA Advisory Date: 2007-07-24
Reported By: Paul Mehta of ISS X-Force
Impact: A remote attacker can execute arbitrary code.
Summary: Multiple
How does DNS work again, Gadi?
On 7/14/07, Gadi Evron <[EMAIL PROTECTED]> wrote:
On Sat, 14 Jul 2007, Dragos Ruiu wrote:
> On Tuesday 10 July 2007 08:53, Gadi Evron wrote:
>> To paraphrase Guninski, this is still not a 0day. It is a vulnerability
>> being disclosed.
>
> You're being pedantic Ga
Any plans for a *NIX version?
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200707-08
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200707-07
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
Computer Associates eTrust Intrusion Detection CallCode ActiveX Control
Code Execution Vulnerability
iDefense Security Advisory 07.24.07
http://labs.idefense.com/intelligence/vulnerabilities/
Jul 24, 2007
I. BACKGROUND
Computer Associates eTrust Intrusion Detection is a network intrusion
managem
Computer Associates AntiVirus CHM File Handling DoS Vulnerability
iDefense Security Advisory 07.24.07
http://labs.idefense.com/intelligence/vulnerabilities/
Jul 24, 2007
I. BACKGROUND
eTrust is an antivirus application developed by Computer Associates.
More information can be found on the vendor
My other hand is called Valdis :]
On 7/24/07 12:06 PM, "[EMAIL PROTECTED]" <[EMAIL PROTECTED]>
wrote:
> On Mon, 23 Jul 2007 18:47:33 EDT, "Kevin Finisterre (lists)" said:
>
>> Yeah... Adriel loves the cock.
>
> What's he call his *other* hand? :)
>
> (Well dammit, I got this big bag of Purina
KIND OF FUNNY? THIS SHIT IS FUCKING GOLD.
J
On Tue, 24 Jul 2007 17:24:03 -0400 Derek Buelna <[EMAIL PROTECTED]>
wrote:
>I am grown up you bastard. :) Was kinda funny though.
>
>-Original Message-
>From: Joey Mengele [mailto:[EMAIL PROTECTED]
>Sent: Tuesday, July 24, 2007 2:22 PM
>To: fu
Grow up, Dick. Let's keep it on topic please. LOLOLOLOLOLOLOL.
J
On Tue, 24 Jul 2007 17:14:00 -0400 Derek Buelna <[EMAIL PROTECTED]>
wrote:
>There is quite a bit of noise. Focus on security. Whenever someone
>says
>anything, someone else has to say something and it goes on. And
>I'm not
>talki
There is quite a bit of noise. Focus on security. Whenever someone says
anything, someone else has to say something and it goes on. And I'm not
talking about security stuff.
I'm sure someone will follow up this email and call me a dick or something.
Damn list is nearly a DOS. Whatever I'll weed t
TPTI-07-13: Borland Interbase ibserver.exe Create-Request Buffer
Overflow Vulnerability
http://dvlabs.tippingpoint.com/advisory/TPTI-07-13
http://dvlabs.tippingpoint.com/blog/1024/Step-by-Step-of-Discovery
July 24, 2007
-- CVE ID:
CVE-2007-3566
-- Affected Vendor:
Borland
-- Affecte
*reaches for the raincoat for the pending continued pissing match*
Anyone have waterproof popcorn?
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Joey
Mengele
Sent: Tuesday, July 24, 2007 2:15 PM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Cc: full-disclosu
LOLOLOLOLOLOLOLOL.
Grow up.
J
On Tue, 24 Jul 2007 16:23:08 -0400 "Fetch, Brandon"
<[EMAIL PROTECTED]> wrote:
>*reaches for the raincoat for the pending continued pissing match*
>
>Anyone have waterproof popcorn?
>
>-Original Message-
>From: [EMAIL PROTECTED]
>[mailto:[EMAIL PROTECTED] O
ZDI-07-043: Ipswitch IMail IMAP Daemon SUBSCRIBE Stack Overflow
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-07-043.html
July 24, 2007
-- CVE ID:
CVE-2007-2795
-- Affected Vendor:
Ipswitch
-- Affected Products:
Ipswitch IMail
Ipswitch Collaboration Suite
-- TippingP
ZDI-07-042: Ipswitch IMail Server GetIMailHostEntry Memory Corruption
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-07-042.html
July 24, 2007
-- CVE ID:
CVE-2007-2795
-- Affected Vendor:
Ipswitch
-- Affected Products:
Ipswitch IMail
Ipswitch Collaboration Suite
-- Ti
ZDI-07-041: Panda Software AdminSecure Agent Heap Overflow Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-07-041.html
July 24, 2007
-- CVE ID:
CVE-2007-3026
-- Affected Vendor:
Panda Software
-- Affected Products:
Panda AdminSecure 2006
-- TippingPoint(TM) IPS Customer Protection
On 7/24/07, Cisco Systems Product Security Incident Response Team
<[EMAIL PROTECTED]> exposed their shame as such:
> ...
> Cisco Wireless LAN Controllers (WLC) contain multiple vulnerabilities
> in the handling of Address Resolution Protocol (ARP) packets that could
> result in a denial of service
This is an English speaking list. Please translate.
Grow up.
J
On Tue, 24 Jul 2007 14:07:15 -0400 3APA3A <[EMAIL PROTECTED]>
wrote:
>Dear [EMAIL PROTECTED],
>
>--Tuesday, July 24, 2007, 5:02:16 PM, you wrote to full-
>[EMAIL PROTECTED]:
>
>jkc> It seems to me the average SNR here could be gre
Dear [EMAIL PROTECTED],
--Tuesday, July 24, 2007, 5:02:16 PM, you wrote to
full-disclosure@lists.grok.org.uk:
jkc> It seems to me the average SNR here could be greatly improved with any
jkc> one of several commonly available "community-based" filtering
jkc> mechanisms. Digg and Slashdot are b
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Cisco Security Advisory: Wireless ARP Storm Vulnerabilities
Advisory ID: cisco-sa-20070724-arp
http://www.cisco.com/warp/public/707/cisco-sa-20070724-arp.shtml
Revision 1.0
For Public Release 2007 July 24 1600 UTC (GMT
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Foresight Linux Essential Advisory: 2007-0033-1
Published: 2007-07-24
Rating: Major
Updated Versions:
firefox=/[EMAIL PROTECTED]:1-devel//1/2.0.0.5-1-1
thunderbird=/[EMAIL PROTECTED]:devel//[EMAIL
PROTECTED]:1-devel//1/2.0.0.5-0.1-1
grou
Hi list,
Fast HTTP Auth Scanner, is a new web security scanner that allows
brute-force attacks (basic auth, webforms,..) against web-based devices
that require HTTP authentication (mostly routers)
You can download both source and binary files at
http://www.514.es/2007/07/fast_http_auth_scanner.h
Update:
Intra site is not fixed.
USD is blocked to the Internet. ESO_Tech and DW_Tech accounts are not
available outside. Helpdesk Bulletins are not visible anymore.
On 7/23/07, pwnd. security. pwnd <[EMAIL PROTECTED]> wrote:
> Bypasses LDAP.
>
> http://intra1.admin.state.ak.us/authContact/search
Attached and in-line is an exploit for a newly announced item on
the WabiSabiLabi auction block. I hope this completely devalues the
item so that the original finder dies of starvation.
DON'T SELL BUGS THROUGH WABISABILABLA
USE EXPLOITS TO HACK COMPUTERS INSTEAD
Exploit is for a stack overflow
On Mon, 23 Jul 2007 18:47:33 EDT, "Kevin Finisterre (lists)" said:
> Yeah... Adriel loves the cock.
What's he call his *other* hand? :)
(Well dammit, I got this big bag of Purina Troll Chow, and I need to get
rid of it *somehow* :)
pgpe3MZCdRgKn.pgp
Description: PGP signature
_
One person's noise is another person's signal.
Except maybe for n3td3v. :))
t.r.
-
Email solutions, MS Exchange alternatives and extrication,
security services, systems integration.
Contact:[EMAIL PROTECTED]
_
Suggestion respectfully rejected. Please grow up n3td3v.
J
On Mon, 23 Jul 2007 19:55:21 -0400 php0t <[EMAIL PROTECTED]> wrote:
>No offense towards either of you, this is just a suggestion...
>how'bout
>taking this off-list?
>Thanks for even reading.
>
>php0t
>
>
>- Original Message -
>
No Kradorex Xerox, you grow up.
J
On Mon, 23 Jul 2007 20:08:02 -0400 Kradorex Xeron
<[EMAIL PROTECTED]> wrote:
>Simon and Joey,
>
>Your comments are not contributing anything of value to the list
>and is
>causing SNR of the list to go down.
>
>I strongly suggest for you to both take your perso
Hi Dinis,
we are working on a offline support with Google Gears - once you visit
the application, it will be cached and the database will be
synchronized on your PC. Then you can use it whenever you don't have
Internet connectivity. We are also planning to release a standalone
version for Adobe AI
This is very good stuff
And it really shows the power of XSS.
Anybody with some cycles to add offline support for this (maybe retrieving
the RSS from the local disk)?
Dinis Cruz
Chief OWASP Evangelist
http://www.owasp.org
On 7/21/07, pdp (architect) <[EMAIL PROTECTED]> wrote:
Hi there,
GC h
Hi,
I just wanted some links where i can found exploits/POC for latest
vulnerabilities.
So if you know some good links please tell me.
Waiting for reply.
Regards,
Anupam
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-d
It seems to me the average SNR here could be greatly improved with any
one of several commonly available "community-based" filtering
mechanisms. Digg and Slashdot are both examples of what I'm suggesting.
Now, before you break out the pitchforks and torches, I'm not suggesting
any changes to
n.runs AG
http://www.nruns.com/ security(at)nruns.com
n.runs-SA-2007.021 23-Jul-2007
Vendor:Norman, http://www.norm
The Security Community wrote:
> Feel free to edit at will for your own definition...
Unfortunately you completely missed the point, i am not discussing about
full disclosure vs responsable disclosure vs non disclosure vs
give-me-a-joint disclosure.
-naif
__
On 7/24/07, Fabio Pietrosanti (naif) <[EMAIL PROTECTED]> wrote:
> I have no time to write a detailed post on the issues related with the
> guys that are recently releasing bugs of web services.
>
> I would like someone analyze the implications, differences in terms of
> community advantages, people
I have no time to write a detailed post on the issues related with the
guys that are recently releasing bugs of web services.
I would like someone analyze the implications, differences in terms of
community advantages, people risks, technology enhancements related with
the disclosure of vulnerabil
On Tue, 24 Jul 2007, Deeþàn Chakravarthÿ wrote:
Hi,
Yes.
Do not forget to mention that Security 2.0 is only half of the truth.
Folks tends to buy protections against any kind of Cross Brain Smashing
(CBS) or Anti-Anti-Anti Think Pinning (AAATP) and used to let their
X and telnet servers open.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 1340-1[EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
July 24th, 2007
Might I propose a new tag line for this list?
Full disclosure: more entertainment than wrestlemania.
Full disclosure: I never want to grow up I want to be a full disclosure kid.
/me now waits to hear from toys r us over that last one ;)
Cheers!
Geoff
Sent from my BlackBerry wireless handheld.
43 matches
Mail list logo
