[Full-disclosure] [SECURITY] [DSA 2092-1] New lxr-cvs packages fix cross-site scripting

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-2092-1 secur...@debian.org http://www.debian.org/security/ Sébastien Delafond Aug 17th, 2010

[Full-disclosure] [SECURITY] [DSA 1919-2] New smarty packages fix regression

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-1919-2 secur...@debian.org http://www.debian.org/security/ Thijs Kinkhorst August 17, 2010

[Full-disclosure] Medium security hole in Rekonq web browser

I've identified that that Rekonq versions up to and including 0.5 were vulnerable to universal XSS affecting the error page. CVE-2010-2536 was assigned for this vulnerability. Cheers, Tim -- Tim Brown mailto:t...@nth-dimension.org.uk http://www.nth-dimension.org.uk/ NDSA20100810.txt.asc

[Full-disclosure] Better Security Through Sacrificing Maidens

Hi, The typical enterprise security today is one that is properly prepared to sacrifice something to an attacker now so they will be 100% prepared against it later. There's something wrong with that method and it's part of the reason why ISECOM is taking some very new directions in security

[Full-disclosure] Websense/ISA Via: Bypass Redux

discovered by mrhinkydink PRODUCT: Websense Enterprise EXPOSURE: Trivial Web Policy Bypass (III) LINK: http://mrhinkydink.blogspot.com/2010/08/websenseisa-via-bypass-redux.html SYNOPSIS On May 29, 2010 I demonstrated that by adding a Via: header to an HTTP request it is possible for

[Full-disclosure] freebsd 8.* 7.* generic private local root exploit Hacktro

Watch the Hacktro at http://www.youtube.com/watch?v=uavlQV2FTjU Cheers, Kingcope ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/