-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA-2325-1secur...@debian.org
http://www.debian.org/security/ Aurelien Jarno
October 23, 2011
Greetings,
I would like to ask if there is someone on this list that would like
to share some insight on assessing, defeating (if any is known) wlan
security appliances like the Motorola AirDefense.
http://www.airdefense.net/index.php
Insight on assessment, comparison with other WLAN
Sorry for the top posting.
In fedorable distro Almost pam namespace can do this. It was born from a
selinux project, for mls need, but it can be used also for a selinux targeted
policy. Its configuration is not the default, However. Best regard
Messaggio originale
Da: Byron Sonne
Has this been fixed yet?
--
Leon Kaiser - Head of GNAA Public Relations -
litera...@gnaa.eu || litera...@goatse.fr
http://gnaa.eu || http://security.goatse.fr
7BEECD8D FCBED526 F7960173 459111CE F01F9923
The mask
May I ask what the grep(1) pattern was?
--
Leon Kaiser - Head of GNAA Public Relations -
litera...@gnaa.eu || litera...@goatse.fr
http://gnaa.eu || http://security.goatse.fr
7BEECD8D FCBED526 F7960173 459111CE
vulnerability_report.pdf
md5: 833a20296367aa2aec2c34a9a033a40e
sha1: 2d6c75a272ed7ee246d1acc190c7d88244113bc0
sha256: 99ba4971ec3258c14181cb0520a4b69955af01ddd72dc42a2c0efdad17331e26
poc.zip
md5: 457d50055889bc0e3e7a3f7bc53f8d00
sha1: 20f8366de4eebe9a47af081797c5a351f79f33a2
sha256:
On Fri, Oct 21, 2011 at 07:59:59PM -0400, b...@fbi.dhs.org wrote:
bzexe utility:
/bin/bzexe:tmp=gz$$
/bin/bzexe:rm -f zfoo[12]$$
I reported this one several months ago (in some conditions it could lead
to a root exploit) and provided an easy solution, but no updates:
FYI, G+ app on Android just steals any images you make using camera. I
just made photo using camera and minute later it appeared on
https://lh4.googleusercontent.com/-5ep3-OdJSCY/TqTL05oMWzI/As4/luE-w5IE3ZE/s800/DSC_0107.JPG
without my permission. Google claims that this image is visible
Hi,
I've released an update to Agnitio which I hope will help people
carryout security focused code reviews and find vulnerabilities in the
source code they are reviewing.
The major changes in v2.1 are listed below:
1) Windows x64 support
2) Automatically decompile Android .apk application to
Hi,
http://thehackerschoice.wordpress.com/2011/10/24/thc-ssl-dos/
http://www.thc.org/thc-ssl-dos/
Today the German hacker group The Hacker's Choice officially
released a new DDoS tool. The tool exploits a weakness in SSL to kick a
server off the Internet.
Technical details can be found at
French researchers from ESIEAhttp://www.esiea.fr/c/en/Web.Esiea.Public.cuke?,
a French engineering school, have found and exploited some serious
vulnerabilities in the TOR network. They performed an inventory of the
network, finding 6,000 machines, many of whose IPs are accessible publicly
and
So they put up a fake network, 'hacked' most of the nodes, and with complete
control of their dummy network they were able to figure out traffic
movement?
This is news why?
-Travis
On Mon, Oct 24, 2011 at 10:31 AM, Mohit Kumar thehackern...@gmail.comwrote:
French researchers from
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Core Security - Corelabs Advisory
http://corelabs.coresecurity.com/
e107 CMS Script Command Injection
1. *Advisory Information*
Title: e107 CMS Script Command Injection
Advisory ID: CORE-2011-0810
Advisory URL:
On Mon, 24 Oct 2011 11:53:02 EDT, Travis Biehn said:
So they put up a fake network, 'hacked' most of the nodes, and with complete
control of their dummy network they were able to figure out traffic
movement?
This is news why?
It's not news - it's *long* been known that Tor would be
*Any* assumptions that presuppose security based on social affiliation need to
be reconsidered.
t
-Original Message-
From: full-disclosure-boun...@lists.grok.org.uk [mailto:full-disclosure-
boun...@lists.grok.org.uk] On Behalf Of valdis.kletni...@vt.edu
Sent: Monday, October 24, 2011
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-2326-1 secur...@debian.org
http://www.debian.org/security/Moritz Muehlenhoff
October 24, 2011
On 10/24/2011 09:14 AM, r...@segfault.net wrote:
Our tests reveal that the average server can be taken down from a
single IBM laptop through a standard DSL connection.
Taking on larger server farms who make use of SSL Load balancer
required 20 average size laptops and about 120kbit/sec of
I think it was grep -H '\$\$'
May I ask what the grep(1) pattern was?
--
Leon Kaiser - Head of GNAA Public Relations -
litera...@gnaa.eu || litera...@goatse.fr
http://gnaa.eu || http://security.goatse.fr
http://security.freebsd.org/advisories/FreeBSD-SA-11:05.unix.asc
(2011.09.28. ... )
On 10/23/11, Aurelien Jarno aure...@debian.org wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201110-21
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2011:161
http://www.mandriva.com/security/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-2328-1 secur...@debian.org
http://www.debian.org/security/Moritz Muehlenhoff
October 24, 2011
On Mon, Oct 24, 2011 at 1:00 PM, Thor (Hammer of God)
t...@hammerofgod.com wrote:
*Any* assumptions that presuppose security based on social affiliation need
to be reconsidered.
Linus Torvalds would disagree with you. Git is secure because Linus
has friends :) See
On 24/10/2011 03:45, Tõnu Samuel wrote:
FYI, G+ app on Android just steals any images you make using camera. I
just made photo using camera and minute later it appeared on
https://lh4.googleusercontent.com/-5ep3-OdJSCY/TqTL05oMWzI/As4/luE-w5IE3ZE/s800/DSC_0107.JPG
without my
Have you had a look at Vivek Ramachandran's videos on Security Tube ?
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Turn instant upload off in the G+ app settings.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Hi
someone report a persistent xss about twitter on wooyun
http://www.wooyun.org/bugs/wooyun-2010-03075
just put on some magic code like this
localStorage.setItem(:USER:,'{54lvwei:{value:{store:{recentFollowers:{value:hellolvweiscriptalert(/aa/)/script}');
:)
I got the impression that they have fully compromised the actual TOR
network, not a dummy network, am I wrong?
Charlie
Quoting Travis Biehn tbi...@gmail.com:
So they put up a fake network, 'hacked' most of the nodes, and with complete
control of their dummy network they were able to figure
Withdrawn :P
Quoting char...@funkymunkey.com:
I got the impression that they have fully compromised the actual TOR
network, not a dummy network, am I wrong?
Charlie
Quoting Travis Biehn tbi...@gmail.com:
So they put up a fake network, 'hacked' most of the nodes, and with complete
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA-2327-1secur...@debian.org
http://www.debian.org/security/ Nico Golde
Oct 24th, 2011
Note that it's an option (That seems to be on by default?) that you
can disable in the G+ app settings.
(This however would be handing for when taking photos out and public
and idiot cops/security guards ask you to delete photos you've just
taken!)
On Mon, Oct 24, 2011 at 3:45 PM, Tõnu Samuel
31 matches
Mail list logo
