[Full-disclosure] AST-2009-004: Remote Crash Vulnerability in RTP stack

Asterisk Project Security Advisory - AST-2009-004 ++ | Product| Asterisk| |--+-|

Re: [Full-disclosure] Just Asking

>-Original Message- >From: full-disclosure-boun...@lists.grok.org.uk [mailto:full-disclosure- >boun...@lists.grok.org.uk] On Behalf Of ghost >Sent: Sunday, August 02, 2009 5:29 PM >To: Paul Schmehl >Cc: full-disclosure@lists.grok.org.uk >Subject: Re: [Full-disclosure] Just Asking > >and ye

Re: [Full-disclosure] Just Asking

Reading comprehension problems? From what he or she posted we have no idea if the email he or she posted actually exists or not, whether it was a misunderstanding and Dan had actually gotten permission but it didn't trickle down to the individual purported to have sent that message to Dan, etc

Re: [Full-disclosure] Just Asking

and yet still, none of what you posted has anything to do with Dan commencing in questionable activities. On Sun, Aug 2, 2009 at 1:30 PM, Paul Schmehl wrote: > Nothing is more impressive than some anonymous twit attacking someone who > does their research under their own name with stolen informa

[Full-disclosure] [ MDVSA-2009:191 ] OpenEXR

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2009:191 http://www.mandriva.com/security/

[Full-disclosure] [ MDVSA-2009:190 ] OpenEXR

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2009:190 http://www.mandriva.com/security/

Re: [Full-disclosure] Just Asking

Nothing is more impressive than some anonymous twit attacking someone who does their research under their own name with stolen information they should not have to begin with and then selectively publishing only that which bolsters their supposed case. --On August 2, 2009 12:03:18 AM +0100 Ew0k

[Full-disclosure] [SECURITY] [DSA 1849-1] New xml-security-c packages fix signature forgery

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-1849-1 secur...@debian.org http://www.debian.org/security/ Florian Weimer August 02, 2009

[Full-disclosure] [SECURITY] [DSA 1848-1] New znc packages fix remote code execution

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-1848-1 secur...@debian.org http://www.debian.org/security/ Florian Weimer August 02, 2009

[Full-disclosure] Advisory: Adobe Flash Player and AIR AVM2 intf_count Integer Overflow Remote Code Execution (CVE-2009-1869)

Background == ActionScript code is compiled into ActionScript Byte Code segments, loaded by AVM2 (ActionScript Virtual Machine 2). These segments are described by the abcFile structure: abcFile { u16 minor_version u16 major_version cpool_info

[Full-disclosure] Just Asking

A friend of mine observed something that I believe should be put on the table. While reading the e-mails sent back and forth by Dan Kaminsky, illegally published on zf05 one of the e-mails caught his eye: """ Dan, This is another of our clients and you do not have the permission of the client

[Full-disclosure] Dumbest bug of this month - Wordpress 2.8

1. Visit .com and register as a subscriber 2. Visit wp-admin//options-writing.php and post gay p0rn using the noted e-mail address. / Search for interesting unprotected Plugin pages to gain shell greetings to ZFO and have fun at defcon (bug was leaked to wp-security team so .. be quick :D ) __