-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA-1872-1secur...@debian.org
http://www.debian.org/security/ dann frazier
August 24, 2009
rPath Security Advisory: 2009-0122-1
Published: 2009-08-24
Products:
rPath Appliance Platform Linux Service 1
rPath Appliance Platform Linux Service 2
rPath Linux 1
rPath Linux 2
Rating: Major
Exposure Level Classification:
Deterministic Weakness
Updated Versions:
rPath Security Advisory: 2009-0123-1
Published: 2009-08-24
Products:
rPath Appliance Platform Linux Service 1
rPath Appliance Platform Linux Service 2
rPath Linux 1
rPath Linux 2
Rating: Major
Exposure Level Classification:
Remote Deterministic Denial of Service
Updated
rPath Security Advisory: 2009-0124-1
Published: 2009-08-24
Products:
rPath Appliance Platform Linux Service 1
rPath Appliance Platform Linux Service 2
rPath Linux 1
rPath Linux 2
Rating: Major
Exposure Level Classification:
Indirect Deterministic Weakness
Updated Versions:
Some kid died. I want someone caring liberal to hug me, but no!
You may remember me from such films as the EFF DMCA apology. I'm
afraid he may take the next step and become a risk to himself or
others.
He spends his spare time proselytizing extremist and radical
viewpoints on my blog in
He's a friendless loser with no skills nor intelligence. There's probably
twenty million of them on the internet; the only difference between this one
and the others is that Michael hasn't discovered /b/ yet.
2009/8/25 Michael Crook michael.cr...@hushmail.com
Some kid died. I want someone
On Tue, 25 Aug 2009 10:07:07 -, Michael Crook said:
~ John Doe / n3td3v (http://www.twitter.com/n3td3v)
P.S. This is an anonymous,
Hint: Look up big words like anonymous in the dictionary, make sure
you're using them correctly. It adds that extra luster of competence to
your postings.
I'm sure the man already has his big eye on Michael, especially since
his last name is Crook, these are facts they wouldn't miss.
On Tue, Aug 25, 2009 at 10:49 AM, valdis.kletni...@vt.edu wrote:
On Tue, 25 Aug 2009 10:07:07 -, Michael Crook said:
~ John Doe / n3td3v
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-1833-2 secur...@debian.org
http://www.debian.org/security/ Florian Weimer
August 25, 2009
iDefense Security Advisory 08.25.09
http://labs.idefense.com/intelligence/vulnerabilities/
Aug 25, 2009
I. BACKGROUND
Autonomy KeyView SDK is a commercial SDK that provides many file format
parsing libraries. It supports a large number of different document
formats, one of which is the Microsoft
Hey all,
The Oracle REPCAT_RPC.VALIDATE_REMOTE_RC function executes blocks of
anonymous PL/SQL that can be influenced by an attacker to execute arbitrary
PL/SQL. As this package is only accessible directly by SYS this flaw would
not normally present a risk. However, the
Many security standards require the tracking of users' password history to
prevent password re-use. In Oracle 11g (11.1.0.6), if a security
administrator has enabled 11g passwords exclusively then tracking password
history is broken. This can affect compliance. This was addressed by Oracle
in
DBMS_ASSERT can be used to prevent PL/SQL injection. In certain cases it can
be bypassed. This is documented in a paper I wrote in July 2008 but am only
publishing now:
http://www.databasesecurity.com/oracle/Bypassing-DBMS_ASSERT.pdf
Cheers,
David Litchfield
NGSSoftware Ltd
Greetings:
The following presentations are now available online.
Dr. Karsten Nohl, H4RDW4RE Chief Scientist, Hacking at Random 2009:
(Three sessions)
1) Cracking A5 GSM Encryption
2) Breaking Hitag2
3) Deep Silicon Analysis
All links available at http://www.h4rdw4re.com/news/news.htm
Chris
Any good flex website application scanners? Most of the free automated web
application scanners like paros, nikto, etc do not look at flex/ flash web
pages. We are looking at a website and need some basic automated scanning
tool to cover the flex/ flash part
Thanks
Check out SWFScan. It does what a scanner is supposed to do, which is
find low-hanging vulnerabilities. The tool does a pretty good job at
decompiling for the most part, but you still really need to do manual
analysis on the code!! You should never rely on ANY scanner to do 100%
of your
The Beck/Tews WiFi WPA attack presented at PacSec has been improved
(down to 1 min, MITM) by 2 .jp researchers (Ohigashi, Morii) http://bit.ly/clCpm
Remember: avoid WPA/TKIP and force AES only encryption in WPA2 -
don't let your access point automatically fall back automatically to
the
- Исходное сообщение -
От: Dragos Ruiu d...@kyx.net
Отправлено: 26 августа 2009 г. 6:13
Кому: Full-Disclosure mailing list full-disclosure@lists.grok.org.uk
Тема: [Full-disclosure] WPA attack improved to 1min, MITM
The Beck/Tews WiFi WPA attack presented at PacSec has been improved
18 matches
Mail list logo