CVE ID hasn't been assigned yet.
-
Best regards,
YGN Ethical Hacker Group
Yangon, Myanmar
http://yehg.net
Our Lab | http://yehg.net/lab
Our Directory | http://yehg.net/hwd
On Tue, Aug 10, 2010 at 2:23 AM, Henri Salo wrote:
> On Mon, 9 Aug 2010 23:12:29 +0800
> Y
On Sun, 8 Aug 2010, MustLive wrote:
> Also in all versions of Mozilla and Mozilla Firefox it's possible to use
> another variant of Strictly social XSS - with using of -moz-binding (for
> Firefox < 3.0 or for Firefox => 3.0 with xml-file on the same site) or with
> using of onMouseOver:
>
> http:
ZDI-10-146: Apple Webkit Anchor Tag Mouse Click Event Dispatch Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-146
August 9, 2010
-- CVE ID:
CVE-2010-0048
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Apple
-- Affected Products:
Apple Saf
Cryptome has been following it very closely
http://cryptome.org/0002/vigilant-fraud.htm
http://cryptome.org/isp-spy/vigilant/vigilant-spies.htm
http://cryptome.org/0002/vigilant-snitch.htm
___
Full-Disclosure - We believe in it.
Charter: http://lists.gr
ZDI-10-145: Novell ZENWorks Remote Management Agent Weak Authentication Remote
Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-145
August 9, 2010
-- CVSS:
9, (AV:N/AC:L/Au:S/C:C/I:C/A:C)
-- Affected Vendors:
Novell
-- Affected Products:
Novell Zenworks
-- Vulner
Greetings for you to and many of this is here list Full Disclosure.
I'd would have to like to introduce you to new and as improved
competition contest I call MoBEB (as this is pronounced Moe Behb)
MoBEB is Month of Bad Engrish Bugs whereas for to why is you the
silly reader is to for ans
On Mon, 9 Aug 2010 23:12:29 +0800
YGN Ethical Hacker Group wrote:
> ==
> 2Wire Broadband Router Session Hijacking Vulnerability
> ==
>
>
> 1. O
--On Monday, August 09, 2010 09:38:46 -0800 gillis jones
wrote:
>
> Hi List,
>
> Normally don't post much, or at all- mainly just a lurker. But has anyone
> heard of this 'Project Vigilant' asshattery that has emerged post-defcon?
> Seems like Chet Uber claims to have a Avengers type squad of
Either they could teach operational security to the CIA or someone was
trying to pull the wool over people's eyes! My bet would be option 2,
but you never know.
Gary B
On 08/09/2010 01:38 PM, gillis jones wrote:
> Hi List,
>
> Normally don't post much, or at all- mainly just a lurker. But has
==
2Wire Broadband Router Session Hijacking Vulnerability
==
1. OVERVIEW
The 2Wire Broadband Router is vulnerable to Session Hijacking flaw
whic
Hi List,
Normally don't post much, or at all- mainly just a lurker. But has anyone
heard of this 'Project Vigilant' asshattery that has emerged post-defcon?
Seems like Chet Uber claims to have a Avengers type squad of uber nerds, but
I can't find any record of his '10 years' of crime-fighting awes
==
2Wire Broadband Router Session Hijacking Vulnerability
==
1. OVERVIEW
The 2Wire Broadband Router is vulnerable to Session Hijacking flaw
which attackers can compromise the router administrator session.
2. PRODUC
ZDI-10-144: Apple Webkit Rendering Counter Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-144
August 9, 2010
-- CVE ID:
CVE-2010-1784
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Apple
-- Affected Products:
Apple WebKit
-- Vulnerability
ZDI-10-143: Novell Sentinel Log Manager Multiple Servlet Remote Code Execution
Vulnerabilities
http://www.zerodayinitiative.com/advisories/ZDI-10-143
August 9, 2010
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Novell
-- Affected Products:
Novell Security Manager
-- Vulnerabil
Advisory Information
Advisory ID: NGENUITY-2010-006
Date published: Aug. 7, 2010
Class: Cross-Site Request Forgery (CSRF)
Software Description
Nagios XI is the commercial / enterprise version of the open source
Nagios project.
Vulnerability Description
Nagios XI 2009R1.2B
Hi MustLive,
I can not reproduce this on Firefox 3.6.8. When a test-application
with one line of code gives the redirect, then nothing happens.
No page with a "here" link and no alert and whatnot.
maybe it's just your proxy or so..
/site.php?redir=javascript:alert(document.cookie)
=> Result: A
Hi FD,
I'd need help confirming a specific vulnerability, if you happen to
have ISS Proventia Desktop installed, please get in touch with me. You
don't need to expose anything - I will provide more information.
Regards,
Thierry
___
Full-Disclosu
17 matches
Mail list logo