[Full-disclosure] rPSA-2007-0266-1 tetex tetex-afm tetex-dvips tetex-fonts tetex-latex tetex-xdvi

rPath Security Advisory: 2007-0266-1 Published: 2007-12-17 Products: rPath Linux 1 Rating: Minor Exposure Level Classification: Indirect User Deterministic Unauthorized Access Updated Versions: [EMAIL PROTECTED]:1/2.0.2-28.9-1 [EMAIL PROTECTED]:1/2.0.2-28.9-1 [EMAIL

[Full-disclosure] rPSA-2007-0268-1 kdebase

rPath Security Advisory: 2007-0268-1 Published: 2007-12-17 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Local Deterministic Denial of Service Updated Versions: [EMAIL PROTECTED]:1/3.4.2-3.15-1 rPath Issue Tracking System:

Re: [Full-disclosure] [Professional IT Security Providers - Exposed] Audit Serve, Inc. ( F- )

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Are you an idiot? It is certainly more than possible that Audit Serve are a low quality one-size-fits-all merchant. It is also equally possible that they have developed a high quality automated tool that covers all the basics and provides them a lead

Re: [Full-disclosure] [Professional IT Security Providers - Exposed] Audit Serve, Inc. ( F- )

It is not highly possible that they have developed a high quality automated tool that covers all the basis because their price points are not high enough to afford them a good development team. In conjunction, they clearly advertise the use of QualysGuard all over their website which is not

[Full-disclosure] iDefense Security Advisory 12.17.07: Apple Mac OS X mount_smbfs Stack Based Buffer Overflow Vulnerability

iDefense Security Advisory 12.17.07 http://labs.idefense.com/intelligence/vulnerabilities/ Dec 17, 2007 I. BACKGROUND The mount_smbfs utility is used to mount a remote SMB share locally. It is installed set-uid root, so as to allow unprivileged users to mount shares, and is present in a default

[Full-disclosure] iDefense Security Advisory 12.18.07: ClamAV libclamav MEW PE File Integer Overflow Vulnerability

iDefense Security Advisory 12.18.07 http://labs.idefense.com/intelligence/vulnerabilities/ Dec 18, 2007 I. BACKGROUND Clam AntiVirus is a multi-platform anti-virus toolkit released under the GNU Public License. ClamAV is often integrated into e-mail gateways and used to scan e-mail messages for

Re: [Full-disclosure] [Professional IT Security Providers - Exposed] Audit Serve, Inc. ( F- )

Well for starters, writing a company/service review by reading their website is akin to doing a movie review by looking at the trailer, think about it. Second: people go to qualys resellers for the addon services/extra value that you can get/they may provide, as opposed to the stock services

[Full-disclosure] Request From People

Greetings, Are there any IT Security Consultancy companies that anyone would like to see reviewed? If so, please send us an email with the company name and URL and we'll add it to our list for review. And yes, we will be dead honest. Regards, The Secreview Team

[Full-disclosure] Rosoft Media Player = 4.1.7 .M3U Stack Overflow

/* rosoft-player-expl.c: 2007-12-18: * * Copyright (c) 2007 devcode * * * ^^ D E V C O D E ^^ * * Rosoft Media Player = 4.1.7 .M3U Stack Overflow * [0-DAY] * * * Description: *A stack overflow occurs when parsing an .m3u file *which does not contain any delimiters.

Re: [Full-disclosure] New TV show Tiger Team: social engineering, wired/wireless hacking, physical break-in

The guys from the show did a one-hour radio interview and QA call- in this morning, you can listen to it here (commercial-free): http://a1135.g.akamai.net/f/1135/18227/1h/cchannel.download.akamai.c om/18227/podcast/DENVER-CO/KHOW- AM/1218PETE7A.mp3?CPROG=PCASTMARKET=DENVER-

Re: [Full-disclosure] iDefense Security Advisory 12.17.07: Apple Mac OS X mount_smbfs Stack Based Buffer Overflow Vulnerability

lulz ... nice find maybe Gadi Evron can publish his first exploit now On Dec 18, 2007 12:25 PM, iDefense Labs [EMAIL PROTECTED] wrote: iDefense Security Advisory 12.17.07 http://labs.idefense.com/intelligence/vulnerabilities/ Dec 17, 2007 I. BACKGROUND The mount_smbfs utility is used to

[Full-disclosure] [USN-556-1] Samba vulnerability

=== Ubuntu Security Notice USN-556-1 December 18, 2007 samba vulnerability CVE-2007-6015 === A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu

[Full-disclosure] AST-2007-027 - Database matching order permits host-based authentication to be ignored

Asterisk Project Security Advisory - AST-2007-027 ++ | Product | Asterisk |

[Full-disclosure] Google Toolbar Dialog Spoofing Vulnerability

Google Toolbar allows spoofing the information presented in the dialog which is being displayed when adding a new Google Toolbar button. This can allow an attacker to convince the users that his button comes from a trusted domain. This button can then be used to download malicious files or conduct

[Full-disclosure] [ GLSA 200712-13 ] E2fsprogs: Multiple buffer overflows

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200712-13 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - -

[Full-disclosure] [ GLSA 200712-14 ] CUPS: Multiple vulnerabilities

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200712-14 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - -

[Full-disclosure] [USN-557-1] GD library vulnerability

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 === Ubuntu Security Notice USN-557-1 December 18, 2007 libgd2 vulnerability CVE-2007-3996 === A security issue affects the