Teh Lulz are gone, stop feeding the fucking trolls
On Wed, Sep 9, 2009 at 9:42 PM, random...@hushmail.com wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hey, buddy, you know spam filters sometimes can be stupid.
Don't implement a stupid filter in your head.
Just because I mention a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-1883-1 secur...@debian.org
http://www.debian.org/security/ Giuseppe Iuculano
September 10, 2009
Nearly a year before release, of the new version (of the same thing).
*sigh*
- Original Message -
From: James Matthews
To: full-disclosure@lists.grok.org.uk
Sent: Thursday, September 10, 2009 12:56 AM
Subject: Re: [Full-disclosure] Windows Vista/7 : SMB2.0 NEGOTIATE
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2009:226
http://www.mandriva.com/security/
I. VULNERABILITY
- -
Windows Vista/7 : SMB2.0 NEGOTIATE PROTOCOL REQUEST Remote B.S.O.D.
This does not appear to apply to the version of Windows 7 released to
manufacture. It does, however,
apply to all beta versions and Windows 2008.
===
Ubuntu Security Notice USN-821-1 September 10, 2009
firefox-3.0, xulrunner-1.9 vulnerabilities
CVE-2009-3070, CVE-2009-3071, CVE-2009-3072, CVE-2009-3074,
CVE-2009-3075, CVE-2009-3076, CVE-2009-3077, CVE-2009-3078,
CVE-2009-3079
This particularly came in handy when we had those cable connections
wide spread. Basically this is there since the time rediff started.
Sent from my iPhone
On Sep 10, 2009, at 4:14 PM, kalyan kalyanakumar1...@gmail.com wrote:
Dear all
is it a good mail?what do you feel guys?.It doesn't
*
*We have a code 4 on that 10-103m
regards
the real MrX
T Biehn wrote:
MrX,
Dude.
Just fake your own suicide. This old school trick will solicit the
feds to your locale if you're actually being watched.
Other advice?
I want voice recordings, jpegs, vlog posts, else it didn't happen
Fix announce:
http://www.mozilla.org/security/announce/2009/mfsa2009-48.html
Bug history: https://bugzilla.mozilla.org/show_bug.cgi?id=326628
So, Firefox up through 3.0.13 had an obscure little function under
window.pkcs11:
long addmodule(in DOMString moduleName,
ZDI-09-063: Apple QuickTime H.264 Nal Unit Length Heap Overflow
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-09-063
September 10, 2009
-- CVE ID:
CVE-2009-2799
-- Affected Vendors:
Apple
-- Affected Products:
Apple Quicktime
-- TippingPoint(TM) IPS Customer Protection:
ZDI-09-064: Apple QuickTime FlashPix Sector Size Overflow Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-09-064
September 10, 2009
-- CVE ID:
CVE-2009-2798
-- Affected Vendors:
Apple
-- Affected Products:
Apple Quicktime
-- TippingPoint(TM) IPS Customer Protection:
TippingPoint
ZDI-09-065: Mozilla Firefox TreeColumns Dangling Pointer Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-09-065
September 10, 2009
-- CVE ID:
CVE-2009-3077
-- Affected Vendors:
Mozilla Firefox
-- Affected Products:
Mozilla Firefox 3
-- TippingPoint(TM) IPS Customer Protection:
And? Every web application sends passwords as plain text unless they are using
SSL. Pretty much any encryption that they may do client side that isn't SSL
is meaningless. I hardly see how being able to sniff passwords from a site
that isn't using SSL is big news.
Beyond that, most web applications that do use SSL, still forget to set
their cookies to secure (see
http://fscked.org/blog/incomplete-list-alleged-vulnerable-sites ). Not to
mention the hordes of sites that have SSL logins off HTTP pages. Even the
oft-repeated well, the attacker won't get the
Dan Kaminsky appears on full-disclosure mailing list and disses
other people while his domain is still offline because of zf0.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored
15 matches
Mail list logo
