Are you trying to Pwn$ G33ks here?
On Fri, Oct 1, 2010 at 8:41 AM, HI-TECH .
isowarez.isowarez.isowa...@googlemail.com wrote:
vulnerability description is attached to this email.
/Kingcope
___
Full-Disclosure - We believe in it.
Charter:
geeks - the only ones that could ever possibly care about a DOS.
On Fri, Oct 1, 2010 at 10:23 AM, Jacky Jack jacksonsmth...@gmail.com wrote:
Are you trying to Pwn$ G33ks here?
On Fri, Oct 1, 2010 at 8:41 AM, HI-TECH .
isowarez.isowarez.isowa...@googlemail.com wrote:
vulnerability
http://hacking-avanzado.blogspot.com/2010/09/rfi-en-la-universidad-autonoma-de.html
Eduardo Abril
Security Consultant
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia
http://www.sutran.es/blog_hiperhidrosis/?p=128preview=true
Que te parece?
On Fri, Oct 1, 2010 at 12:11 PM, bpepelotas/b pepelotas...@gmail.comwrote:
http://hacking-avanzado.blogspot.com/2010/09/rfi-en-la-universidad-autonoma-de.html
Eduardo Abril
Security Consultant
Hello Full-Disclosure!
I want to warn you about Cross-Site Scripting, Full path disclosure,
Information Leakage, Directory Traversal, Arbitrary File Deletion and Denial
of Service vulnerabilities in WordPress.
For all these attacks it's needed to have access to admin account, or to
have account
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2010:191
http://www.mandriva.com/security/
ZDI-10-189: Novell eDirectory Server Malformed Index Denial of Service
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-189
October 1, 2010
-- CVSS:
7.8, (AV:N/AC:L/Au:N/C:N/I:N/A:C)
-- Affected Vendors:
Novell
-- Affected Products:
Novell eDirectory
-- TippingPoint(TM) IPS
Hello list,
looks like this bug is covered by MS10-065 ('IIS Repeated Parameter
Request Denial of Service Vulnerability') as tests by VUPEN have
shown.
from vupen on twitter:
We analyzed the MS IIS 0day disclosed by @kingcope and we confirmed
that it is NOT a 0D. This is the DoS fixed in MS10-065
ZDI-10-190: Novell iManager getMultiPartParameters Arbitrary File Upload Remote
Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-190
October 1, 2010
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Novell
-- Affected Products:
Novell iManager
--
BrailleNote Apex offers telnet and FTP access on the standard ports, with
read/write privilege on the entire file system, to all comers. No
authentication is required. BrailleNote is unsafe on any network whose devices
you are not in full charge of, and which (by NAT or firewall) does not
⠠⠊⠋ ⠃⠁⠙ ⠛⠥⠽⠎ ⠁⠗⠑ ⠕⠝ ⠽⠕⠥⠗ ⠝⠑⠞⠺⠕⠗⠅, ⠽⠕⠥ ⠼⠚⠼⠉⠼⠊;⠗⠑ ⠎⠉⠗⠑⠺⠑⠙ ⠁⠝⠽⠺⠁⠽
t
-Original Message-
From: full-disclosure-boun...@lists.grok.org.uk [mailto:full-disclosure-
boun...@lists.grok.org.uk] On Behalf Of Sabahattin Gucukoglu
Sent: Friday, October 01, 2010 2:32 PM
To:
On 1 Oct 2010, at 22:57, Thor (Hammer of God) wrote:
⠠⠊⠋ ⠃⠁⠙ ⠛⠥⠽⠎ ⠁⠗⠑ ⠕⠝ ⠽⠕⠥⠗ ⠝⠑⠞⠺⠕⠗⠅, ⠽⠕⠥ ⠼⠚⠼⠉⠼⠊;⠗⠑ ⠎⠉⠗⠑⠺⠑⠙ ⠁⠝⠽⠺⠁⠽
(If a bad guy is on your network, you're screwed anyway)
With those services closed, it doesn't take a five-second run of nmap and wget
to ransack the owner's device, though. And
Point taken :) I just wanted to see if it would post properly :-p
-Original Message-
From: full-disclosure-boun...@lists.grok.org.uk [mailto:full-disclosure-
boun...@lists.grok.org.uk] On Behalf Of Sabahattin Gucukoglu
Sent: Friday, October 01, 2010 3:17 PM
To:
Hi,
Uh oh... This is a very huge security risk. It's not KeySoft's
fault (I'd say) - it's the network services on Windows CE's
problem. If someone does write a web app or a program which
launches automatically on the Apex, and if this program came
through standard ports on the network, then
While I am shocked at this sort of security risk on a bn, I wonder how
you use it to access your files without, as you say, using ActiveSync?
I am on a public network at school and am therefore rather worried
about this (then again, I doubt anyone on campus knows what telnet is,
let alone how to
SUMMARY
A vulnerability was discovered in Facebook Places that could be exploited to
divulge a user's location even if the user has restricted their location
information to “only friends” or “only me”, as long as the “make me visible
in people here now” option is enabled
HISTORY
Vulnerability
16 matches
Mail list logo