Tool Home:
http://code.google.com/p/inspathx/
CHANGELOG
=
Stat: path definitions - 342 , path vuln definitions - 140
== Added --xp as alias --x-p
== Refined param array that supports any number of dimensions with -p
option (i.e -p 1, -p 2, -p 3) - Thanks to Brendan Coles
it works surprisingly well considering
2011/3/21 Cal Leeming c...@foxwhisper.co.uk
Yeah, just noticed that. Soon as I get some spare time, I'll prob have a
shot at making one. It'd be interesting to know what the success rate /
latency / concurrency / hours of availability are when using
Hello FD!
This is just a reminder that the Call for Papers for Hack In Paris 2011 is
closing on 30th of March. We've received some very nice submissions so far.
Hack In Paris will take place in Disneyland Paris Conference Center and
will be split into two parts:
* June 14-15: Trainings
*
PHP-Nuke 8.x = Blind SQL Injection Vulnerability
1. OVERVIEW
The administration backend of PHP-Nuke 8.x is vulnerable to Blind SQL Injection.
2. BACKGROUND
PHP-Nuke is a Web Portal System or content management system. The goal
of PHP-Nuke is to have an automated web site to distribute news
PHP-Nuke 8.x = Cross Site Request Forgery (CSRF) / Anti-CSRF Bypass
Vulnerability
1. OVERVIEW
The PHP-Nuke version 8.x and lower versions are vulnerable to Cross
Site Request Forgery (CSRF) because its Anti-CSRF mechanism (Referer
Check) is found to be broken.
2. BACKGROUND
PHP-Nuke is a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2011:052
http://www.mandriva.com/security/
PHP-Nuke 8.x = Cross Site Scripting Vulnerability
1. OVERVIEW
The PHP-Nuke version 8.x and lower are vulnerable to Cross Site Scrtipting.
2. BACKGROUND
PHP-Nuke is a Web Portal System or content management system. The goal
of PHP-Nuke is to have an automated web site to distribute news and
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2011:053
http://www.mandriva.com/security/
ZDI-11-111: (0Day) Hewlett-Packard Virtual SAN Appliance hydra.exe Login
Request Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-111
March 23, 2011
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Hewlett-Packard
-- Affected Products:
ZDI-11-112: (0 day) Hewlett-Packard Data Protector Media Operations
DBServer.exe Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-112
March 23, 2011
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Hewlett-Packard
-- Affected Products:
On 14 March 2011 17:24, bk cho...@gmail.com wrote:
On Mar 14, 2011, at 10:04 AM, imipak wrote:
On 14/03/11 16:51, bk wrote:
The point you missed is that almost all the examples we've seen so far
have
been closer to espionage than to actual warfare.
[...]
Despite that, I agree.
Hello list!
I want to warn you about Cross-Site Scripting, Abuse of Functionality and
Insufficient Anti-automation vulnerabilities in MC Content Manager. It's
Ukrainian commercial CMS.
-
Affected products:
-
Vulnerable are potentially all
On Wed, Mar 23, 2011 at 12:22 PM, imipak imi...@gmail.com wrote:
...
*cough*
http://blogs.comodo.com/it-security/data-security/the-recent-ca-compromise/
re: The IP address of the initial attack was recorded and has been
determined to be assigned to an ISP in Iran. A web survey revealed one
of
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Core Security Technologies - Corelabs Advisory
http://corelabs.coresecurity.com/
VLC Vulnerabilities handling .AMV and .NSV files
1. *Advisory Information*
Title: VLC Vulnerabilities handling .AMV and .NSV files
Advisory ID:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-2199-1 secur...@debian.org
http://www.debian.org/security/Moritz Muehlenhoff
March 23, 2011
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-2200-1 secur...@debian.org
http://www.debian.org/security/Moritz Muehlenhoff
March 23, 2011
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-2201-1 secur...@debian.org
http://www.debian.org/security/Moritz Muehlenhoff
March 23, 2011
Hmm...well, this is one vulnerability, not two, and it was fixed in
VLC's tree on February 12. Still a nice find.
-Dan
On Wed, Mar 23, 2011 at 4:34 PM, CORE Security Technologies Advisories
advisor...@coresecurity.com wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Core Security
By the way,
if you have kernel sources installed mainly, interesting stuff appears
when you grep warfare as root:
# grep --recursive --ignore-case -s warfare /
including some SPACE NAVAL WARFARE SYSTEMS' drivers' information and all.
Oh, and espionage is a part of the thing, not a distinct
On Mar 23, 2011, at 12:22 PM, imipak wrote:
On 14 March 2011 17:24, bk cho...@gmail.com wrote:
On Mar 14, 2011, at 10:04 AM, imipak wrote:
On 14/03/11 16:51, bk wrote:
The point you missed is that almost all the examples we've seen so far
have
been closer to espionage than to
20 matches
Mail list logo
