A cross-site scripting vulnerability has been discovered on multiple
websites which use ads provided by Pointroll.
The following list is a subset of the websites which contain the
vulnerability:
http://www.cnn.com/pointroll/PointRollAds.htm
http://www.myspace.com/pointroll/PointRollAds.htm
[EMAIL PROTECTED] schrieb:
What?
One word replies are unnecessary on the full-disclosure. Please visit
http://lists.grok.org.uk/pipermail/full-disclosure/2007-October/066799.html for
more information. :p
___
Full-Disclosure - We believe in it.
Estaré ausente de la oficina desde el 19/10/2007 y no volveré hasta el
26/10/2007.
Responderé a su mensaje cuando regrese.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by
in order for this severe vulnerability to get the attention it deserves it
should of first been given to pdp architect so that he could whore it up to
the media and do many interviews and pdfs on it.
http://www.theinquirer.net/gb/inquirer/news/2007/10/10/bt-home-hub-wide-open
In a previous post (http://seclists.org/fulldisclosure/2007/Oct/0174.html) ,
we have seen how XSS injection can be performed over SIP to inject malicious
JavaScript into the browser of an user that check the call history of his
phone. In this post, we will detail how XSS injection can be
please keep this subject on security issues.
On 10/19/07, Kurt Dillard [EMAIL PROTECTED] wrote:
Apparently you're not bright enough to read or write English either, much
less Spanish.
*From:* [EMAIL PROTECTED] [mailto:
[EMAIL PROTECTED] *On Behalf Of *lulzlulzluzluz
*Sent:* Friday,
JP -- Not sure why you're hating on the PhD's ...maybe someone never finished
their dissertation?
I saw Boneh's presentation on this at an Identity Theft Technology Council
meeting this summer... This attack is real -- read the paper.
http://crypto.stanford.edu/dns/dns-rebinding.pdf
@
Hi All,
Does Juniper's JunOS operating system provide support for gdb/serial line
debugging ?
Regards,
Gyan Chawdhary
www.trapio.net
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and
LOL XSS
PDP ALERT !!! THEY ARE STEALING YOUR RESEARCH!
On 10/19/07, Radu State [EMAIL PROTECTED] wrote:
In a previous post (http://seclists.org/fulldisclosure/2007/Oct/0174.html)
, we have seen how XSS injection can be performed over SIP to inject
malicious JavaScript into the
Apparently youre not bright enough to read or write English either, much
less Spanish.
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
lulzlulzluzluz
Sent: Friday, October 19, 2007 4:50 PM
To: Marc Vilanova Vilasero
Cc: full-disclosure@lists.grok.org.uk
Subject: Re:
On Fri, 2007-10-19 at 16:50 -0400, lulzlulzluzluz wrote:
i dont speak nigger.
Does your mommy know you're using her computer?
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and
ekoparty 2007
Information Security Conference.
Nov 30th (Friday)/Dec 1st (Saturday), 2007
Buenos Aires, Argentina - Bauen Hotel, Callao 360
We are happy to announce the results from CFP and the pre-selection
of the speakers.
By the way, we are really grateful with all those who sent their works
i dont speak nigger.
On 10/19/07, Marc Vilanova Vilasero [EMAIL PROTECTED] wrote:
Estaré ausente de la oficina desde el 19/10/2007 y no volveré hasta el
26/10/2007.
Responderé a su mensaje cuando regrese.
___
Full-Disclosure - We believe in
There really should be a rule on this list prohibiting multiple aliases
from one IP.
lulzlulzluzluz wrote:
please keep this subject on security issues.
On 10/19/07, Kurt Dillard [EMAIL PROTECTED] wrote:
Apparently you're not bright enough to read or write English either, much
less
On Fri, 19 Oct 2007 12:18:06 EDT, [EMAIL PROTECTED] said:
Please use age appropriate language on this list.
Pot. Kettle. Black.
pgpeqxCkOcKDl.pgp
Description: PGP signature
___
Full-Disclosure - We believe in it.
Charter:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 1391-1[EMAIL PROTECTED]
http://www.debian.org/security/ Moritz Muehlenhoff
October 19th, 2007
On Tue, 16 Oct 2007, [EMAIL PROTECTED] wrote:
Zero day PDF exploit for Adobe Acrobat
Workaround:
Currently unavailable.
Does Adobe's published workaround not work?
http://www.adobe.com/support/security/advisories/apsa07-04.html
___
Google Language Tools:
---
I will be absent from the office since October 19, 2007 and will not until
October 26, 2007.
Respond to your message when I return.
So, lets see what Google does with this:
Go fuck yourself
---
Vaya usted cogiera
Hmm,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Someone hack this guy.
- -JPauthority
On Fri, 19 Oct 2007 10:01:27 -0400 Marc Vilanova Vilasero
[EMAIL PROTECTED] wrote:
Estaré ausente de la oficina desde el 19/10/2007 y no volveré
hasta el
26/10/2007.
Responderé a su mensaje cuando regrese.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
http://www.securityfocus.com/columnists/455
Luckily he is only a PhD student. If anyone awards him a PhD it
will severely discredit the academic institution!
- -JPiwishsomeonemadethatmistakeonme
-BEGIN PGP SIGNATURE-
Note: This signature
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Dear 3APAPA,
English is the preferred language of this list. I hope the FSB
shoots you.
- -JPhopes the FSB kills 3APAPA
On Fri, 19 Oct 2007 06:04:31 -0400 jpk [EMAIL PROTECTED]
wrote:
[EMAIL PROTECTED] schrieb:
What?
One word replies are
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
LOL!
- -JPuncreative today
On Thu, 18 Oct 2007 13:06:25 -0400 Lolek of TK53
[EMAIL PROTECTED] wrote:
Yoyo,
On 10/17/07, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
Dear SkyOut, dear Packetstorm team (tedd :)) and dear List.
The author brocke a NDA
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Anyone have Geoff's gmail address?
- -JPgetting malicious
On Fri, 19 Oct 2007 04:39:44 -0400 Kristian Erik Hermansen
[EMAIL PROTECTED] wrote:
I have tested and confirmed this bug on a BlackBerry 8700c in a
repeatable fashion. Three outcomes are
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Wow. Most *constructive* comment you have ever made in your
history of security mailing list participation. And you still suck.
- -JPhates vladis
On Thu, 18 Oct 2007 16:35:22 -0400 [EMAIL PROTECTED] wrote:
On Thu, 18 Oct 2007 10:11:24 CDT, . /
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Dear 3APAPA,
This list is for security related matters only.
- -JPhas a computer
On Fri, 19 Oct 2007 07:43:02 -0400 S/U/N [EMAIL PROTECTED] wrote:
/!\ NOT properly a security topic /!\
Received a very strange spam ( 1st with MP3 attached )
The
rPath Security Advisory: 2007-0220-1
Published: 2007-10-18
Products: rPath Linux 1
Rating: Major
Exposure Level Classification:
Indirect User Deterministic Unauthorized Access
Updated Versions:
[EMAIL PROTECTED]:1/6.2.3.3-3.7-1
rPath Issue Tracking System:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-1390-1[EMAIL PROTECTED]
http://www.debian.org/security/ Noah Meyerhans
October 18, 2007
I have tested and confirmed this bug on a BlackBerry 8700c in a
repeatable fashion. Three outcomes are common (so may be race
condition)...
1) Entire BlackBerry OS freeze. (On soft-reboot, you will see the
uncaught Java exception for Gmail app)
2) Gmail freezes for some time, and then OS can
I agree; if it doesn't make any sense to you, feel free to ignore it.
To pretend to understand everything everytime is a common pomposity.
[EMAIL PROTECTED] wrote:
One word replies are unnecessary on the full-disclosure.
On Thu, 18 Oct 2007 12:15:52 -0400 Nikolay Kichukov
[EMAIL PROTECTED]
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Why are you dragging KF into this?
- -JPsupports nonswearing freespeech
On Fri, 19 Oct 2007 12:25:56 -0400 [EMAIL PROTECTED] wrote:
On Fri, 19 Oct 2007 12:18:06 EDT, [EMAIL PROTECTED]
said:
Please use age appropriate language on this list.
Pot.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Please use age appropriate language on this list.
Thanks.
On Fri, 19 Oct 2007 08:47:33 -0400 German [EMAIL PROTECTED]
wrote:
Go fuck yourself
In Spanish is:
Andate a la mierda (not literal)
Cogete/follate vos solo (literal, not used)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Title: [CAID 35754]: CA Host-Based Intrusion Prevention System
(CA HIPS) Server Vulnerability
CA Vuln ID (CAID): 35754
CA Advisory Date: 2007-10-18
Reported By: David Maciejak
Impact: A remote attacker can take unauthorized administrative
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Of course the bugs are serious, security is never a joking matter!
- -JPclassic comedian
On Thu, 18 Oct 2007 16:01:35 -0400 Tim Brown [EMAIL PROTECTED]
dimension.org.uk wrote:
All,
As a result of a short security audit of SiteBar, a number of
LOL!
what is this conspiracy you have of one person using multiple aliases? Have
you been in contact with the great dr. neal to help find this person? Can
you reveal what email addresses are being used by the same person or would
that be a thread to national security?
You do know that *if*
i hurd pdp likes animal porn, is this true? pdp can you give us a detailed
write up of where you find your animal porn? along with xss 0dayz in every
link?
On 10/19/07, phioust [EMAIL PROTECTED] wrote:
in order for this severe vulnerability to get the attention it deserves it
should of first
On 10/20/07, lulzlulzluzluz [EMAIL PROTECTED] wrote:
security is serious business. plz do not joke like that phioust:
xss0day - x-ssh0day, see serious.
Only drraid has ssh 0day
On 10/19/07, Radu State [EMAIL PROTECTED] wrote:
my $hex = '';
for (my $i = 0; $i
Go fuck yourself
In Spanish is:
Andate a la mierda (not literal)
Cogete/follate vos solo (literal, not used)
---
Vaya usted cogiera
Hmm, doesn't seem correct.
Shirkdog
' or 1=1--
http://www.shirkdog.us
[...]
Estaré ausente de la oficina desde el 19/10/2007 y no
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I concur.
- -JPwrote I concur.
On Fri, 19 Oct 2007 04:35:31 -0400 fabio [EMAIL PROTECTED]
wrote:
I agree; if it doesn't make any sense to you, feel free to ignore
it.
To pretend to understand everything everytime is a common
pomposity.
[EMAIL
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Dear pdp chell,
What you do in the bathroom is your own business and does not
belong on this mailing list.
- -JPtypes but cannot think
On Thu, 18 Oct 2007 18:25:24 -0400 jgffgjfgd rewrewrew
[EMAIL PROTECTED] wrote:
A cross-site scripting
/!\ NOT properly a security topic /!\
Received a very strange spam ( 1st with MP3 attached )
The files seems harmless, until you listen to it: It takes you back to
the beat Generation experiments on consciousness.
The file: http://www.mediafire.com/?5ljtvtvq9xt
unmask.py
On 10/20/07, phioust [EMAIL PROTECTED] wrote:
LOL!
what is this conspiracy you have of one person using multiple aliases?
Have you been in contact with the great dr. neal to help find this person?
Can you reveal what email addresses are being used by the same person or
would that
Game. Set. Match?
Sent from my BlackBerry wireless handheld.
-Original Message-
From: [EMAIL PROTECTED]
Date: Fri, 19 Oct 2007 12:25:56
To:[EMAIL PROTECTED]
Cc:full-disclosure@lists.grok.org.uk
Subject: Re: [Full-disclosure]
Marc Vilanova Vilasero está ause
nte de la
Look at this autogenerated mail from simply cursing! Using these advanced
techniques gadi evron and his crew of 'hackers' who cannot code, can produce
many talks at defcon on 'email amplification attacks' where they DoS mail
servers by flooding!
Using these 0day methods Gadi evron may be able to
43 matches
Mail list logo