On Feb 28, 2011, at 10:37 AM, bk wrote:
>> I think we should be happy with the inclusion of such options in 3.2
>
>No, I'm not going to be happy about an after-thought fix. At least
>httplib.py should never have been put in the tree without an option to tell
>ssl.py to verify the server cert.
===
Ubuntu Security Notice USN-1078-1March 01, 2011
logwatch vulnerability
CVE-2011-1018
===
A security issue affects the following Ubuntu releases:
Ubuntu 8.04 LTS
Ubuntu 9
ZDI-11-094: (0 day) Hewlett-Packard StorageWorks File Migration Agent Remote
Archive Tampering Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-094
February 28, 2011
-- CVSS:
7.5, (AV:N/AC:L/Au:N/C:P/I:P/A:P)
-- Affected Vendors:
Hewlett-Packard
-- Affected Products:
Hewlett-P
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-2175-1 secur...@debian.org
http://www.debian.org/security/Moritz Muehlenhoff
February 28, 2011
ahahaahah...what kind of haze did you smoke this time Mr. asmo?
Take it easy with drugs :)
antisnatchor
Christian Sciberras
February 28, 2011 10:04 PM
On Sat, 26 Feb 2011 00:31:47 +0100, asmo said:
> I believe that the IIIWorld War conflict might start in 10 months or
> more from now. The question is: who's unified and who's willing to
> participate.
> Leadership is not yet defnied. It may be as well someone well known in
> IT industry or som
> I believe that the IIIWorld War conflict might start in 10 months or
> more from now.
It's hard to disagree.
/mz
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia -
I'm already living on a rock completely insulated from the rest of mankind.
What about you?
On Mon, Feb 28, 2011 at 9:39 PM, Thor (Hammer of God)
wrote:
> >I believe that the IIIWorld War conflict might start in 10 months or more
> from
> >now. The question is: who's unified and who's willing t
>I believe that the IIIWorld War conflict might start in 10 months or more from
>now. The question is: who's unified and who's willing to participate.
>Leadership is not yet defnied. It may be as well someone well known in IT
>industry or someone completely unknown.
>
>Where we could meet if such s
On Feb 28, 2011, at 9:34 AM, Michael Krymson wrote:
>
> What about self-signed certs in my closed network?
The ssl.py module (library/whatever) has support for selectively disabling
certificate verification. This parameter should be exposed up the stack in
modules that rely on it. The second
buy information or exploit for ZDI-11-075/CVE-2011-0606
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
CONFIDENCE 9TH EDITION CALL FOR PAPERS.
/* Apologies if you receive multiple copies of this announcement */
###
If you still consider to become the CONFidence speaker there is only 6
days left to send CfP submission.
Calling all practitioners in the field of
Hello,
To Whom it may concern.
I believe that the IIIWorld War conflict might start in 10 months or
more from now. The question is: who's unified and who's willing to
participate.
Leadership is not yet defnied. It may be as well someone well known in
IT industry or someone completely unknown.
--
1. Summary:
Once the victim clicks on a specially crafted Facebook URL they can be
redirected to a malicious website.
--
2. Description:
Facebook applications use of
About WeeChat:
"WeeChat is a fast, light and extensible chat client. It runs on many
platforms (including Linux, BSD and Mac OS).
Development is very active, and bug fixes are very fast!"
The vuln:
Weechat does not use the GnuTLS API properly to check certificates,
potentially exposing users to ma
===
Ubuntu Security Notice USN-1074-2 February 28, 2011
linux-fsl-imx51 vulnerabilities
CVE-2009-4895, CVE-2010-2066, CVE-2010-2226, CVE-2010-2248,
CVE-2010-2478, CVE-2010-2495, CVE-2010-2521, CVE-2010-2524,
CVE-2010-2538, CVE-2010-279
Hello list!
I want to warn you about Brute Force and Full path disclosure
vulnerabilities in phpMyAdmin.
CVE id: CVE-2011-0986.
WASC ids: WASC-11, WASC-13.
CWE ids: CWE-661, CWE-200.
-
Affected products:
-
Vulnerable are phpMyAdmin 3.3.9 and pre
===
Ubuntu Security Notice USN-1077-1 February 28, 2011
fuse vulnerabilities
CVE-2009-3297, CVE-2011-0541, CVE-2011-0542, CVE-2011-0543
===
A security issue affects the following
===
Ubuntu Security Notice USN-1076-1 February 28, 2011
clamav vulnerability
CVE-2011-1003
===
A security issue affects the following Ubuntu releases:
Ubuntu 9.10
Ubuntu 10.04 L
===
Ubuntu Security Notice USN-1075-1 February 28, 2011
samba vulnerability
CVE-2011-0719
===
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
Ubuntu 8.04
Sigh, sending with correct account...
On Feb 28, 2011, at 9:34 AM, Michael Krymson wrote:
>
> What about self-signed certs in my closed network?
The ssl.py module (library/whatever) has support for selectively disabling
certificate verification. This parameter should be exposed up the stack in
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2011:038
http://www.mandriva.com/security/
_
=
- Release date: Feb 28th, 2010
- Discovered by: Danilo Massa
- Severity: High
=
I. VULNERABILITY
-
BackWPup Wordpress plugin <= 1.4.0 File content disclosure
II. BACKGROUND
--
+1 with a cherry on top!
A cipher is a device for converting a plaintext distribution problem
into a key distribution problem.
An ephemeral key-agreement protocol (e.g., Diffie-Hellman) is a device
for converting a key distribution problem into an authentication problem.
Therefore, authent
You're preaching to the choir...I agree there should be support, but don't
go all talking about changing defaults without at least some thought
involved.
What about self-signed certs in my closed network?
What about guests on a network behind a web proxy that MITMs 80/443?
What if you're brokering
FreeBSD crontab information leakage
For its implementation of the standard UNIX cron daemon, FreeBSD uses a version
based off vixie-cron. This package is installed by default, and includes a
setuid-root crontab binary to al
26 matches
Mail list logo
