[Full-disclosure] [ MDVSA-2010:031 ] wireshark

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2010:031 http://www.mandriva.com/security/

[Full-disclosure] network security product market trend and forecast, outlook

Hello list. I’m looking for information about network security product(firewall,IDS/IPS,VPN,etc.) market trend and forecast, outlook But many of these that I found is all charged information. Not free. Are there free and reliable information? Where? Thank KIM. __

Re: [Full-disclosure] AST-2010-001: T.38 Remote Crash Vulnerability

You deserve a pwnie award for the worst advisory template. 2010/2/3 Asterisk Security Team > Asterisk Project Security Advisory - AST-2010-001 > > > ++ > | Product| Asterisk > | > > |--

[Full-disclosure] AST-2010-001: T.38 Remote Crash Vulnerability

Asterisk Project Security Advisory - AST-2010-001 ++ | Product| Asterisk| |--+-|

Re: [Full-disclosure] Cross Site Scripting (XSS) Vulnerability in ibibo

Xssed.com. That is all. Sent from my iPhone On 2 Feb 2010, at 20:10, rockey killer wrote: > network. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secu

[Full-disclosure] Nikto version 2.1.1 released!

I'm happy to announce the immediate availability of Nikto 2.1.1! Nikto is an open source web server scanner which performs comprehensive tests against web servers for multiple items, including over 6100 potentially dangerous files/CGIs, checks for outdated versions of over 950 servers, and version

[Full-disclosure] Cross Site Scripting (XSS) Vulnerability in ibibo

Cross Site Scripting (XSS) Vulnerability in ibibo In search fields of cityads.ibibo.com ibibo.com is India’s first entertainment and talent based social network. It gives the youth of India a unique platform to showcase their talent, express themselves, create their own social network, audience an

[Full-disclosure] Get WinScanX Pro for FREE or $10 dollars for the month of February

In an effort to spread the word about WinScanX Pro, one of the best Windows auditing tools around, substantial discounts are being offered for the month of February. = Buy WinScanX Pro for just $10.00 (normally priced at $250.00) WinScanX Pro can potentially scan thou

[Full-disclosure] [SECURITY] [DSA 1987-1] New lighttpd packages fix denial of service

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- Debian Security Advisory DSA-1987-1secur...@debian.org http://www.debian.org/security/ Nico Golde February 2nd, 2010

[Full-disclosure] CoreFTP Stack Buffer Overflow

http://www.corelan.be:8800/index.php/forum/security-advisories/corelan-10-007-coreftp-password-field-stack-buffer-overflow/ enjoy, mr_me _ Search for properties that match your lifestyle! S

Re: [Full-disclosure] [Webappsec] Paper: Weaning the Web off of Session Cookies

Hi all; Just backing up Tim here a bit. In LedgerSMB 1.3, we decided to go to HTTP auth because of some changes in the security architecture of the software. After looking at alternatives, we concluded that http auth was likely to be the way to go long-run. There are some constraints which prec

Re: [Full-disclosure] Can I manipulate packet’s spe cific field using Squid?

김무성 wrote: > Exactly, datapayload. > > I wanna change packet about HTTP(port 80 or port 8080) URL using squid. > Or RTSP packet's URL can do, yes. take a look here for an example of an (amusing) use for this: http://www.ex-parrot.com/pete/upside-down-ternet.html

[Full-disclosure] Remote Vulnerability in AIX RPC.cmsd released by iDefense

Hey guys, Just now I saw that iDefense did not include in their advisory the triggering code for this (http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=825). I believe it's very important to test your systems and verify the released patch. So here we go: http://www.kernelhack