[Full-disclosure] MOCA 2008: a dream come true

2008-06-10 Thread Alessio L.R. Pennasilico
Many hoped, few believed, the rumors conflicting, the souls aflame, cats and dogs sleeping together, but in the end we made it! Four years after the celebration of the 10th birthday of Metro Olografix, at fans' request, the summer camp will come back to let us spend a few hot August days

Re: [Full-disclosure] avira update.exe

2008-06-10 Thread Archibald Tuttle
Thanks for reply, sergio. I had this problem 2 weeks ago for 3 days. I thought that they fixed the updater because it was working fine then. yesterday the problem appears again. so may be, it's reproducable. I will send it to to avira. a.t. orginal message: Hi

[Full-disclosure] Secunia Research: Apple QuickTime PICT Image Parsing Buffer Overflow

2008-06-10 Thread Secunia Research
== Secunia Research 10/06/2008 - Apple QuickTime PICT Image Parsing Buffer Overflow - == Table of Contents Affected

Re: [Full-disclosure] Mambo Cookie Authentication Bypass Exploit

2008-06-10 Thread crunkd
So to perform this 'bypass' you need the password in the first place? You absolute fucking morons, the security scene is not for you. I hope someone stabs you over a food stamp. Faggots. Halabaluza Team Halabaluza Team halabaluza.team

Re: [Full-disclosure] Mambo Cookie Authentication Bypass Exploit

2008-06-10 Thread Garrett M. Groff
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 And situations involving social interaction are not for you. Please avoid them at all costs until social skills improve. Oh, and please read the list charter that was recently distributed. On it, you will see that offensive language and personal

[Full-disclosure] Who's Behind the GPcode Ransomware?

2008-06-10 Thread Dancho Danchev
Hello, The following is an OSINT analysis aiming to assist in tracking down the malware authors behind GPcode who seem be to be building custom decryptors, next to issuing a universal one which can be used to decrypt anything ever encrypted by them. Who's behind the GPcode ransomware? It's

[Full-disclosure] Technical Details of Security Issues Regarding Safari for Windows

2008-06-10 Thread LIUDIEYU dot COM
The first issue is the one described in Microsoft Security Advisory 953818. It's worked out by Aviv Raff: http://www.microsoft.com/technet/security/advisory/953818.mspx http://aviv.raffon.net/2008/05/31/SafariPwnsInternetExplorer.aspx It's covered by news but Aviv Raff has not published technical

Re: [Full-disclosure] Who's Behind the GPcode Ransomware?

2008-06-10 Thread kat
Hoi, but in fact their businessmodel will fail, if one would resell the decryptor. alternatively (if got to much money) buy it and allow free download. greets, kat orginal message: Hello, The following is an OSINT analysis aiming to assist in tracking down the malware authors behind GPcode

[Full-disclosure] iDefense Security Advisory 06.10.08: Multiple Vendor OpenOffice rtl_allocateMemory() Integer Overflow Vulnerability

2008-06-10 Thread iDefense Labs
iDefense Security Advisory 06.10.08 http://labs.idefense.com/intelligence/vulnerabilities/ Jun 10, 2008 I. BACKGROUND OpenOffice is an open-source desktop office suite for many of today's popular operating systems. For more information, see the vendor's site found at the following URL.

[Full-disclosure] iDefense Security Advisory 06.10.08: Multiple Vendor FreeType2 PFB Memory Corruption Vulnerability

2008-06-10 Thread iDefense Labs
iDefense Security Advisory 06.10.08 http://labs.idefense.com/intelligence/vulnerabilities/ Jun 10, 2008 I. BACKGROUND FreeType2 is an open source library for parsing fonts that is used by many applications. This includes projects such as X.Org, Second Life, and the Sun Java JRE. For more

[Full-disclosure] iDefense Security Advisory 06.10.08: Multiple Vendor FreeType2 PFB Integer Overflow Vulnerability

2008-06-10 Thread iDefense Labs
iDefense Security Advisory 06.10.08 http://labs.idefense.com/intelligence/vulnerabilities/ Jun 10, 2008 I. BACKGROUND FreeType2 is an open source library for parsing fonts that is used by many applications. This includes projects such as X.Org, Second Life, and the Sun Java JRE. For more

[Full-disclosure] iDefense Security Advisory 06.10.08: Multiple Vendor FreeType2 Multiple Heap Overflow Vulnerabilities

2008-06-10 Thread iDefense Labs
iDefense Security Advisory 06.10.08 http://labs.idefense.com/intelligence/vulnerabilities/ Jun 10, 2008 I. BACKGROUND FreeType2 is an open source library for parsing fonts that is used by many applications. This includes projects such as X.Org, Second Life, and the Sun Java JRE. For more

[Full-disclosure] ZDI-08-038: QuickTime SMIL qtnext Redirect File Execution

2008-06-10 Thread zdi-disclosures
ZDI-08-038: QuickTime SMIL qtnext Redirect File Execution http://www.zerodayinitiative.com/advisories/ZDI-08-038 June 10, 2008 -- CVE ID: CVE-2008-1585 -- Affected Vendors: Apple -- Affected Products: Apple Quicktime -- TippingPoint(TM) IPS Customer Protection: TippingPoint IPS customers have

[Full-disclosure] ZDI-08-037: Apple QuickTime Indeo Video Buffer Overflow Vulnerability

2008-06-10 Thread zdi-disclosures
ZDI-08-037: Apple QuickTime Indeo Video Buffer Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-08-037 June 10, 2008 -- CVE ID: CVE-2008-1584 -- Affected Vendors: Apple -- Affected Products: Apple Quicktime -- TippingPoint(TM) IPS Customer Protection: TippingPoint IPS

[Full-disclosure] ZDI-08-039: Microsoft Internet Explorer DOM Ojbect substringData() Heap Overflow Vulnerability

2008-06-10 Thread zdi-disclosures
ZDI-08-039: Microsoft Internet Explorer DOM Ojbect substringData() Heap Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-08-039 June 10, 2008 -- CVE ID: CVE-2008-1442 -- Affected Vendors: Microsoft -- Affected Products: Microsoft Internet Explorer -- TippingPoint(TM) IPS

[Full-disclosure] [ MDVSA-2008:111 ] - Updated Evolution packages fix vulnerabilities

2008-06-10 Thread security
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2008:111 http://www.mandriva.com/security/