[Full-disclosure] usb shorting to ground

I discovered rather inadvertently that laptops do not enjoy having their USB VCC shorted to GND one bit. It is a sure DoS, in fact if the machine has a stupid power supply, it could result in permanent damage. It is kind of scary for kiosk machines like the those ubiquitous Kodak photo centers. I

[Full-disclosure] XSS with UTF-7 in Google

XSS with UTF-7 in Google XSS with UTF-7 was found in www.google.com (already fixed). Although charset was specified in HTTP response header, but charset-name was incorrect so XSS occurred. PoC: http://www.google.com/search?hl=enoe=cp932q=%2BADw-script%2BAD4-alert(

Re: [Full-disclosure] New TV show Tiger Team: social engineering, wired/wireless hacking, physical break-in

It's great now people will start to watch courttv! On Dec 27, 2007 4:52 PM, Jay [EMAIL PROTECTED] wrote: I think these guys wore every black tshirt insert clever phrase available. Maybe if they read this list they will do a cameo 'FD' T-shirt. Show was kinda cool, kinda corny. Cool gig if

[Full-disclosure] Buffer-overflow in Extended Module Player 2.5.1

### Luigi Auriemma Application: Extended Module Player (XMP) http://xmp.sourceforge.net Versions: = 2.5.1 Platforms:Linux, BSD, Solaris, HP-UX, MacOS X, QNX, BeOS, Windows,

[Full-disclosure] rIP BETA - reverse IP tool

Hello- I would like to introduce rIP, a new reverse IP tool located at http://crushmachine.com. The application takes a hostname or IP address as input and tries to return all the vhosts running on that IP. See the FAQ at http://crushmachine.com/about.php. I hope you find it useful. -d-

[Full-disclosure] Multiple vulnerabilities in libnemesi 0.6.4-rc1

### Luigi Auriemma Application: libnemesi http://live.polito.it/documentation/libnemesi Versions: = 0.6.4-rc1 Platforms:*nix Bugs: A] buffer-overflow in

Re: [Full-disclosure] AOL YGP Picture Editor YGPPicEdit.dll Multiple Buffer Overflows

After some more analysis by Carsten Eiram @ Secunia, this is NOT exploitable. I would like to apologize for the hasty post. SecurityFocus, please update bid 27026 to reflect the fact that at most, this can just crash the browser. Elazar -Original Message- From: [EMAIL PROTECTED] Sent:

[Full-disclosure] Multiple vulnerabilities in Feng 0.1.15

### Luigi Auriemma Application: Feng http://live.polito.it/documentation/feng Versions: = 0.1.15 Platforms:*nix Bugs: A] first buffer-overflow in

Re: [Full-disclosure] AOL YGP Picture Editor YGPPicEdit.dll Multiple Buffer Overflows

I believe I have contributed greatly to the security community with my post here. Not only have I denied another 0x41414141 hacker but I have also made Valdis have to backtrack on his ( as usual) stupid post. I believe Valdis and Billy O Reilly have alot in common. ( I was wrong. I am not pleased

Re: [Full-disclosure] Ho Ho H0-Day - ZyXEL P-330W multiple XSS and XSRF vulnerabilities

Also, because the router uses GoAhead 2.1.1 for its embedded web server, it is susceptible to all those vulnerabilities including CVE-2002-1951 (buffer overflow), CVE-2002-1603 (ASP source disclosure), and more. -Santa On Tue, 25 Dec 2007 13:31:20 -0600 Santa Clause [EMAIL PROTECTED] wrote:

[Full-disclosure] OpenBiblio 0.5.2-pre4 and prior multiple vulnerabilities

- Security Advisory - - OpenBiblio 0.5.2-pre4 and prior multiple vulnerabilities - Product: OpenBiblio Version: Version 0.5.2 Prerelease 4 and prior is affected Url: http://obiblio.sourceforge.net/ Affected by: Full path disclosure, local

[Full-disclosure] FAQMasterFlexPlus multiple vulnerabilities

- Security Advisory - - FAQMasterFlexPlus multiple vulnerabilities - --- Product:FAQMasterFlexPlus Version:Latest version is affected, other not tested Vendor: http://www.netbizcity.com Affected by: