Full details at http://extendedsubset.com/?p=30
Here's an example strace:
mkdir(/tmp/FLEXnet, 0777) = -1 EEXIST (File exists)
chmod(/tmp/FLEXnet, 0777) = ...
I don't have the time to track down the full extent of it, but neither
do I think it should be neglected.
Possibly affects other stuff
ZDI-10-077: Adobe Download Manager Atlcom.get_atlcom ActiveX Control Remote
Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-077
April 21, 2010
-- CVE ID:
CVE-2010-1278
-- Affected Vendors:
Adobe
-- Affected Products:
Adobe Download Manager
-- TippingPoint(TM)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Core Security Technologies - CoreLabs Advisory
http://corelabs.coresecurity.com/
User Invoices Persistent XSS Vulnerability in CactuShop
1. *Advisory Information*
Title: User Invoices Persistent XSS Vulnerability in
Aargh! It's INFOSEC next week
If you are:
a. Attending INFOSEC
b. In London anyway
c. Able to fly through volcanic ash
d. From another DEFCON group
e. Bored
f. Interested
g. Interesting
h. Any of the above
Then come and join us for April's 'Social' DC4420,
|--|
| __ __ |
| _ / /___ _ / / _ ___ |
| / ___/ __ \/ ___/ _ \/ / __ `/ __ \ / __/ _ \/ __ `/ __ `__ \ |
| / /__/ /_/ / / /
Hello Full disclosure!
Once again, unwinding theme HiJacking found a fun way to get the very
least information about the target resource when the user is located at the
attacker.
Already crocked img tag opens new opportunities using the method
fileSize, described here:
Funny stuff...
Nirvana in a cloud context would be for customers to trust Microsoft
just as they trust their bank or utility company.
Building that mentality will take time. It's going to be incumbent
upon us to establish that confidence with our customers,” he said
during a visit to Sydney.
The funny thing about the cloud is that eventually there is going to be a
monopoly of one company that dominates in it. Just as Microsoft has done with
software, I can see Microsoft CloudSoft coming soon.
Date: Thu, 22 Apr 2010 09:03:26 +1000
From: ivan...@gmail.com
To:
The question is who would trust any of these orgs to maintain the
integrity of their data?
On Thu, Apr 22, 2010 at 9:43 AM, Jason Nada j.cri...@live.com wrote:
The funny thing about the cloud is that eventually there is going to be a
monopoly of one company that dominates in it. Just as
Monopolies in cloud (e.g. remote storage and computing services) may
develop, but I don't think its quite foreordained that such monopolies
will develop. I think that there is a strong chance that we'll end up
with an oligopoly (just like with gas stations, or airlines) where a few
dominant
As the amount of regulation over personal data storage and transmission
grows, individual businesses are going to have a harder and harder time
keeping up with all the security certifications and requirements that
are necessary to hold that data. At that point, there will be strong
pressure
11 matches
Mail list logo