Re: [Full-disclosure] [ GLSA 200803-17 ] PDFlib: Multiple buffer overflows

2008-03-13 Thread Philip Thiessen
Is this vuln considered a virus On 3/10/08, Pierre-Yves Rofes <[EMAIL PROTECTED]> wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - > Gentoo Linux Security Advisory GLSA 200803-17 > - - -

Re: [Full-disclosure] Offensive Security Backtrack Training

2008-03-13 Thread Been There
-Original Message- On Thu, Mar 13, 2008 at 2:59 PM, Kern <[EMAIL PROTECTED]> wrote: I think "security underground" implies unemployed. does that imply i'm wrong or less advantaged to make an opinion about offensive-security? - I don't think the correct definition here

[Full-disclosure] Cisco Security Advisory: CiscoWorks Internetwork Performance Monitor Remote Command Execution Vulnerability

2008-03-13 Thread Cisco Systems Product Security Incident Response Team
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Security Advisory: CiscoWorks Internetwork Performance Monitor Remote Command Execution Vulnerability Advisory ID: cisco-sa-20080313-ipm Revision 1.0 For Public Release 2008 March 13 Summary === CiscoWorks

[Full-disclosure] [ GLSA 200803-22 ] LIVE555 Media Server: Denial of Service

2008-03-13 Thread Pierre-Yves Rofes
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200803-22 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Re: [Full-disclosure] Offensive Security Backtrack Training

2008-03-13 Thread Paul Schmehl
--On Thursday, March 13, 2008 19:55:01 + worried security <[EMAIL PROTECTED]> wrote: > > i think it means i've got lots of spare time on my hands to fuck about > with systems and i'm likely to have more zero-day and intelligence > than e-commerce or the government. > And you're just as likely

[Full-disclosure] ZDI-08-012: IBM Informix Dynamic Server Authentication Password Stack Overflow Vulnerability

2008-03-13 Thread zdi-disclosures
ZDI-08-012: IBM Informix Dynamic Server Authentication Password Stack Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-08-012 March 13, 2008 -- CVE ID: CVE-2008-0727 -- Affected Vendors: IBM -- Affected Products: IBM Informix -- TippingPoint(TM) IPS Customer Protection: T

[Full-disclosure] ZDI-08-011: IBM Informix Dynamic Server DBPATH Buffer Overflow Vulnerability

2008-03-13 Thread zdi-disclosures
ZDI-08-011: IBM Informix Dynamic Server DBPATH Buffer Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-08-011 March 13, 2008 -- CVE ID: CVE-2008-0727 -- Affected Vendors: IBM -- Affected Products: IBM Informix -- TippingPoint(TM) IPS Customer Protection: TippingPoint IPS

Re: [Full-disclosure] Offensive Security Backtrack Training

2008-03-13 Thread infolookup
Worried, Do you have a blog a some articles out there with your work documented so others can learn from you for free. If so by all means do share, I think knowledge of any type is worth looking into. Sent from my Verizon Wireless BlackBerry -Original Message- From: "worried security"

[Full-disclosure] [DailyDave] L Word

2008-03-13 Thread Dave Aitel
[Forwarded from DailyDave] There's a new show on Showtime about lesbians called "The L Word". Known as the Drug War has in previous decades. Once Justine and I want to go too deep into it, but suffice it to say that it doesn't falter at any point. And it takes a writer with real talent to work sep

Re: [Full-disclosure] Offensive Security Backtrack Training

2008-03-13 Thread worried security
On Thu, Mar 13, 2008 at 2:59 PM, Kern <[EMAIL PROTECTED]> wrote: > I think "security underground" implies unemployed. does that imply i'm wrong or less advantaged to make an opinion about offensive-security? unemployed and in the security underground somehow makes me at a less advantage than whit

[Full-disclosure] [ MDVSA-2008:066 ] - Updated gcc packages fix directory traversal vulnerability in fastjar

2008-03-13 Thread security
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2008:066 http://www.mandriva.com/security/ ___

Re: [Full-disclosure] Offensive Security Backtrack Training

2008-03-13 Thread Kern
I think "security underground" implies unemployed. On 3/13/08, atlas <[EMAIL PROTECTED]> wrote: > > > Date: Thu, 13 Mar 2008 02:44:15 + > > From: "worried security" <[EMAIL PROTECTED]> > > > > > > http://www.offensive-security.com/ilt.php > > > > > > > Fuck mutts / backtrack / offensive-securi

Re: [Full-disclosure] Offensive Security Backtrack Training

2008-03-13 Thread atlas
> Date: Thu, 13 Mar 2008 02:44:15 + > From: "worried security" <[EMAIL PROTECTED]> > > > > http://www.offensive-security.com/ilt.php > > > > Fuck mutts / backtrack / offensive-security and the remote-exploit IRC > channel, they turned their back on the underground to make money. > > What a dick

Re: [Full-disclosure] Offensive Security Backtrack Training

2008-03-13 Thread worried security
On Tue, Mar 11, 2008 at 8:55 PM, <[EMAIL PROTECTED]> wrote: > I had to post this, this is actually my first post. You guys need > to check this out, Muts the main creator of the backtrack live > distro is starting to hold in person classes at a few locations > around the US. > > http://www.offensi