Either way they are doing it to advance their own agenda.
bottom line that is what their lack of action is all about. Their own
agenda.
--
Leif Ericksen
On Mon, 2007-10-29 at 12:03 -0400, [EMAIL PROTECTED] wrote:
> On Sun, 28 Oct 2007 12:35:04 CDT, Leif Ericksen said:
>
> > Yes the president c
On Mon, 29 Oct 2007, Brandon S. Allbery KF8NH wrote:
> On Oct 29, 2007, at 17:49 , Juergen Schmidt wrote:
>
> >- if you set it to "Block all incoming connections" it still allows access
> >to certain system services. We could access the ntp daemon that is running
> >per default over the internet.
On Oct 29, 2007, at 17:49 , Juergen Schmidt wrote:
> - if you set it to "Block all incoming connections" it still allows
> access
> to certain system services. We could access the ntp daemon that is
> running
> per default over the internet. In a LAN based scenario, we were
> able to
> quer
Hello,
we did some functional testing on the firewall of Mac OS X Leopard.
Short summary:
- the firewall is not activated by default but there are services running
even if you don't activate any sharing (as shown by netstat or lsof)
- if you set it to "Block all incoming connections" it still
dot dot dot
first an sql injection post that requires magic quotes off, then a
post about xss, and now a post about path disclosure?
Why waste cve entries and people's time with crap like this? Couldnt
you at least find post-auth ftp dos bugs like morning wood?
On 10/29/07, SecurityResearch <[EM
On 10/27/07, reepex <[EMAIL PROTECTED]> wrote:
>
> please stop trying to ruin a noname company - all you are doing is
> giving n3td3v more things to talk about so that people click his link
> and his terrorist cell can be funded by adsense.
I'm a lawful researcher and n3td3v is a non-profit orga
As a tribute to the best security researcher since hd moore i have
personally put his interview with BBC Radio 4 online.
And hd moore, I hope this guy gets an award at next years Pwnie awards at
Blackhat conference.
And pdp, I hope you continue your work and post to full-disclosure and
bugtraq ag
Mr. Gonzales,
Actually no, I don't... I saw the message that he was leaving that
reepex posted and looked at the site which said he wasn't so I figured
I'd share it with those that don't bother looking at the URL's posted
with messages like that.
Also, before you go spouting off the pointless
netVigilance Security Advisory #54
SAXON version 5.4 XSS Attack Vulnerability
Description:
SAXON is a simple accessible online news publishing system for personal and
small corporate site owners. Publish news, using configurable templates, on any
.php page on your site. Publish news on a 'per aut
netVigilance Security Advisory #55
SAXON version 5.4 SQL Injection Vulnerability
Description:
SAXON is a simple accessible online news publishing system for personal and
small corporate site owners. Publish news, using configurable templates, on any
.php page on your site. Publish news on a 'per
On Sun, 28 Oct 2007 12:35:04 CDT, Leif Ericksen said:
> Yes the president can send the troops to war.
> Congress is needed to declare war (the president can not do it)
> See the following:
> http://en.wikipedia.org/wiki/Declaration_of_war_by_the_United_States
>
> After World War II, Congress volu
netVigilance Security Advisory #53
SAXON version 5.4 Multiple Path Disclosure Vulnerabilities
Description:
SAXON is a simple accessible online news publishing system for personal and
small corporate site owners. Publish news, using configurable templates, on any
.php page on your site. Publish n
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Dear sir,
thankyou for ur input, you are obviously gifted with superb
intelect, do u wait and constantly make refresh of pdp's about
page? anxiously waiting for the latest in high tech cross site
scripting goodness?
we here at lul-disclosure.inc are
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Team SHATTER Security Alert
Oracle Database Buffer overflow vulnerability in procedure
DBMS_AQADM_SYS.DBLINK_INFO
October 29, 2007
Risk Level:
Medium
Affected versions:
Oracle Database Server versions 9iR1, 9iR2 (9.2.0.7 and previous
patchsets) and
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Team SHATTER Security Alert
Oracle Database Buffer overflow vulnerability in function
MDSYS.SDO_CS.TRANSFORM
October 29, 2007
Risk Level:
High
Affected versions:
Oracle Database Server versions 8iR3, 9iR1, 9iR2 (9.2.0.6 and previous
patchsets) and
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SektionEins GmbH
www.sektioneins.de
-= Security Advisory =-
Advisory: TikiWiki Remote PHP Code Evaluation Vulnerability
Release Date: 2007/10/29
Last Modified: 2007/10/
==
Secunia Research 29/10/2007
- IBM Tivoli Storage Manager Client CAD Service Script Insertion -
==
Table of Contents
Affected Softwa
Thanks for all the great resources. That took me quite a few days to digest
and play with.
I am not deploying this in a switched environment. It's for a demo and the
victim's machine is a virtual machine in VMware hosted on the attacker's
machine (mine). The victim's connection is through VMware's
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SektionEins GmbH
www.sektioneins.de
-= Security Advisory =-
Advisory: TikiWiki Remote PHP Code Evaluation Vulnerability
Release Date: 2007/10/29
Last Modified: 2007/10/
19 matches
Mail list logo
