===
Ubuntu Security Notice USN-523-1 October 03, 2007
imagemagick vulnerabilities
CVE-2007-4985, CVE-2007-4986, CVE-2007-4987, CVE-2007-4988
===
A security issue affects the f
The famour Feedsmith Feedburner plugin is vulnerable to a CSRF attack that
can allow an attacker to
completely hijack blog feeds.
Google responded quickly, and a fix is available.
The advisory includes a proof of concept exploit:
http://blogsecurity.net/wordpress/feedburner-feed-hijacking/
--
D
rPath Security Advisory: 2007-0206-1
Published: 2007-10-03
Products: rPath Linux 1
Rating: Severe
Exposure Level Classification:
Remote Deterministic Unauthorized Access
Updated Versions:
openssl=/[EMAIL PROTECTED]:devel//1/0.9.7f-10.10-1
openssl-scripts=/[EMAIL PROTECTED]:devel//1/0.9.
rPath Security Advisory: 2007-0205-1
Published: 2007-10-03
Products: rPath Linux 1
Rating: Minor
Exposure Level Classification:
Local System User Deterministic Privilege Escalation
Updated Versions:
xorg-x11=/[EMAIL PROTECTED]:devel//1/6.8.2-30.11-1
xorg-x11-fonts=/[EMAIL PROTECTED]:dev
rPath Security Advisory: 2007-0204-1
Published: 2007-10-03
Products: rPath Linux 1
Rating: Major
Exposure Level Classification:
Indirect User Deterministic Denial of Service
Updated Versions:
qt-x11-free=/[EMAIL PROTECTED]:devel//1/3.3.4-5.10-1
rPath Issue Tracking System:
https://issu
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Foresight Linux Essential Advisory: 2007-0058-1
Published: 2007-10-03
Rating: Severe
Updated Versions:
openssl=/[EMAIL PROTECTED]:devel//1/0.9.7f-10.10-1
openssl-scripts=/[EMAIL PROTECTED]:devel//1/0.9.7f-10.10-1
group-dist=/[EMAIL PROTEC
On 10/2/07, ascii <[EMAIL PROTECTED]> wrote:
> X. LEGAL NOTICES
>
> Copyright (c) 2007 Francesco `ascii` Ongaro
>
> Note: this exploit is DUAL LICENSED,
> 1. if you'll use it for personal and non-profit purposes you can
>apply GPL v2 and above.
>
> 2. In the case you plain to:
>a. use our c
On 10/3/07, nitro <[EMAIL PROTECTED]> wrote:
>
> Very nice description of hacker lifecycle =)
>
> but imho, you forget a description of hackers who are no more public, fed
> up by the system, still producing 0day, you know, the real one, the one wich
> take years before being disclosed, these kind
netd3v,
thats a nice description of hacker life cycle.i like the different
categories you made.keep up the good work :)
On 10/3/07, worried security <[EMAIL PROTECTED]> wrote:
>
> new-bie - hangs around web based chat: yahoo chat, msn chat. watches what
> hackers are doing, hangs about with them
On 10/3/07, Peter Dawson <[EMAIL PROTECTED]> wrote:
> what about an SOB ??
>
> /pd
>
>
> On 10/3/07, worried security <[EMAIL PROTECTED]> wrote:
/schneep
so i guess that n3td3v just called himself a jobbie
for those not familiar with the vernacular
http://www.urbandictionary.com/define.php?term
Sun Microsystems Solaris FIFO FS Information Disclosure Vulnerability
iDefense Security Advisory 10.02.07
http://labs.idefense.com/intelligence/vulnerabilities/
Oct 02, 2007
I. BACKGROUND
Solaris is a UNIX operating system developed by Sun Microsystems. More
information can be found at the follo
what about an SOB ??
/pd
On 10/3/07, worried security <[EMAIL PROTECTED]> wrote:
>
> new-bie - hangs around web based chat: yahoo chat, msn chat. watches what
> hackers are doing, hangs about with them to befriend them and gain
> intelligence on how they hack, and ask for the tools from the peo
new-bie - hangs around web based chat: yahoo chat, msn chat. watches what
hackers are doing, hangs about with them to befriend them and gain
intelligence on how they hack, and ask for the tools from the people who
make them to hack a few yahoo or msn accounts for themselves. while this
isn't true
If you read my version of the life cycle of a hacker you would know you were
talking bollocks. n3td3v has nothing to do with gobbles or any other group
you mentioned. n3td3v is apart from them. n3td3v is different from all those
others. so don't bring those names into my own agenda of defining the
Hello FD readers,
I don't usually answer non technical posts, but I feel like explaining why I
believe the ideas expressed by Mr Frogs and similar underground orthodoxes
are clueless.
"Mr Frog" : To summarize your thesis : ppl disclose vulnerabilities for fame
& profit. "That's not how real hacke
new-bie - hangs around web based chat: yahoo chat, msn chat. watches what
hackers are doing, hangs about with them to befriend them and gain
intelligence on how they hack, and ask for the tools from the people who
make them to hack a few yahoo or msn accounts for themselves. while this
isn't true h
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA 1379-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Florian Weimer
October 1st, 2007
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Foresight Linux Essential Advisory: 2007-0057-1
Published: 2007-10-02
Rating: Minor
Updated Versions:
pidgin=/[EMAIL PROTECTED]:1-devel//1/2.2.1-1-0.1
group-dist=/[EMAIL PROTECTED]:1-devel//1/1.4.0-0.5-8
References:
http://cve.mitre.org/
18 matches
Mail list logo