Re: [Full-disclosure] 0day for sell

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Police in your area buy 0-days? Seriously what are they going to do."Sir,We have a report of you possessing a potentially dangerous exploit for some software that may impact the people that use said software.We would like to ask you a couple of questi

[Full-disclosure] Apache Tomcat remote xss

Apache Tomcat remote xss Author: handrix Contact: handrix_at_morx_dot_org Vulnerability: Cross Site Scripting Severity: Medium/High MorX security research team www.morx.org Description: Tomcat provide many example of jsp file, servlet and others. functions.jsp script is vulnerable to cross-site sc

[Full-disclosure] Apache Tomcat remote xss

Apache Tomcat remote xss Author: handrix Contact: handrix_at_morx_dot_org Vulnerability: Cross Site Scripting Severity: Medium/High MorX security research team www.morx.org Description: Apache Tomcat remote xss Tomcat provide many example of jsp files, servlet and others. functions.jsp's script

Re: [Full-disclosure] 0day for sell

i need your name and your address, i will sell it to the police. :P ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] 0day for sell

Hello man, yes for sure i have 0day to sell about Office 2003 and 2007, Apache httpd, some Windows also, and IE exploits. What do you need ? Please let me know. Regards, Juergen Marester ___ Full-Disclosure - We believe in it. Charter: http://lists.gr

[Full-disclosure] Format string and clients disconnection in Alien Arena 2007 6.10

### Luigi Auriemma Application: Alien Arena 2007 http://red.planetarena.org Versions: <= 6.10 and current SVN Platforms:Windows and Linux Bugs: A] in-game format string

[Full-disclosure] Graphs of Storm Worm's Fast Flux Networks

Here are some handy graphs of Storm Worm's use of fast-flux networks generated during the last several hours acting as great examples of how diverse malware C&C has become : http://ddanchev.blogspot.com/2007/09/storm-worms-fast-flux-networks.html Regards, Dancho _

[Full-disclosure] Cisco Security Advisory: Cisco Video Surveillance IP Gateway and Services Platform Authentication Vulnerabilities

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Security Advisory: Cisco Video Surveillance IP Gateway and Services Platform Authentication Vulnerabilities Advisory ID: cisco-sa-20070905-video http://www.cisco.com/warp/public/707/cisco-sa-20070905-video.shtml Revision 1.0 For Public

[Full-disclosure] rPSA-2007-0176-1 gd php php-mysql php-pgsql php5 php5-cgi php5-mysql php5-pear php5-pgsql php5-soap php5-xsl

rPath Security Advisory: 2007-0176-1 Published: 2007-09-05 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Indirect User Deterministic Unauthorized Access Updated Versions: gd=/[EMAIL PROTECTED]:devel//1/2.0.33-4.5-1 php=/[EMAIL PROTECTED]:devel//1/4.3.11-15.13-1

[Full-disclosure] Cisco Security Advisory: Denial of Service Vulnerabilities in Content Switching Module

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Security Advisory: Denial of Service Vulnerabilities in Content Switching Module Document ID: 97826 Advisory ID: cisco-sa-20070905-csm http://www.cisco.com/warp/public/707/cisco-sa-20070905-csm.shtml Revision 1.0 For Public Release 2007

Re: [Full-disclosure] tools: patch for thc hydra v5.4

On Tue, Sep 04, 2007 at 11:11:02PM +0200, David Maciejak wrote: > as you probably noticed the THC team have discontinued thc hydra due > to anti hacking German law 202. Note also that medusa, a hydra replacement designed for more efficient parallel scanning, is available: http://www.foofus.net/~j