-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-2343-1 secur...@debian.org
http://www.debian.org/security/ Raphael Geissert
November 09, 2011
Apologies again for the HTML — too many inline links for text. I'd probably
leave these guys alone were it not for stuff like
thishttp://www.enomaly.com/High-Assurance-E.484.0.html
:
*With Enomaly’s patented security functionality, a service provider can
deliver a unique, high security Cloud
FOREGROUND SECURITY, SECURITY ADVISORY 2011-003
- Original release date: Nomvember 9, 2011
- Discovered by: Jose Carlos de Arriba (Sr Security Analyst at Foreground
Security)
- Contact: (jcarriba (at) foregroundsecurity (dot) com, dade
Apologies for the HTML — too many inline links.
Sam
SploitCloud: exploiting cloud brokers for fun and
profithttp://samj.net/2011/10/sploitcloud.html
My friends at Enomaly http://www.enomaly.com/ have been
beatinghttp://twitter.com/#%21/ruv/status/129928434079109121
up
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Vulnerability Report
Reported to Vendor: March 16, 2011 15:25 EST
Description of Vulnerability:
- -
Drupal (http://drupal.org) is a robust content management system (CMS)
written in PHP and MySQL. The Drupal String
Information
Name : XSS vulnerability in Joomla 1.6.3.
Software : All 1.6.x installs prior to and including 1.6.3 are affected.
Vendor Hompeage : http://www.joomla.org
Vulnerability Type : Cross-Site Scripting
Severity : High
Researcher : Mesut Timur mesut [at]
Guys,
Today we're releasing version 1.1 of w3af which includes the
following changes:
* Considerably increased performance by implementing gzip encoding
* Enhanced embedded bug report system using Trac's XMLRPC
* Fixed hundreds of bugs
* Fixed critical bug in
On Wed, Nov 9, 2011 at 11:25 AM, Sam Johnston s...@samj.net wrote:
Apologies for the HTML — too many inline links
the cool thing about plain text email: it can often prune those
annoying markup links!
it is cooler than a google barrel roll... try it
On Thu, Nov 10, 2011 at 08:46:44AM +1100, xD 0x41 wrote:
You could just google for IRC packs of win2k src ;)
I know i have a copy of it somewhere... acvtually tho, would not be
helpful tho, as it does not affect win2k.. so i guess there would be
some code there but not the code you want.
On Wed, Nov 9, 2011 at 2:25 PM, Sam Johnston s...@samj.net wrote:
Apologies for the HTML — too many inline links.
Sam
SploitCloud: exploiting cloud brokers for fun and
profithttp://samj.net/2011/10/sploitcloud.html
[SNIP]
*Update:* If you look at the code you'll see the hourly rate is
So, I've looked about on the web to see what software of any consequence you
have written, but I can't find any. Can you point me to anything that
illustrates that you know how to develop wide scale software applications and
execute an SDL plan, or do you just like to sit back and bitch about
Lame.
Sorry but, it just is.
Your a lamer dude.
Ill makesure to blog this for you.
On 10 November 2011 06:25, Sam Johnston s...@samj.net wrote:
Apologies for the HTML — too many inline links.
Sam
SploitCloud: exploiting cloud brokers for fun and
Not sure. but the actual real one, is in english :)
About the PPS, i think thats a very bad summary of the exploit, 49days
to send a packet, my butt.
There is many people assuming wrong things, when it can be done with
seconds, syscanner would scan a -b class in minutes, remember it only
has to
thx to:
http://www.securityaegis.com/
ms11-083_sniffer.py
Simple packet sniffer that writes a pcap file for
any UDP traffic heading for closed ports.
Written in an attempt to capture data from a
MS11-083 exploit in the wild.
Author: Samuel Hunter
If you have any suggestions or comments
http://www.irc-junkie.org/2009-03-22/psyb0t-a-stealthy-router-based-botnet-discovered/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
On Fri, 11 Nov 2011 06:59:31 +1100, xD 0x41 said:
nights.. i guessing that the exploit, could possibly be triggered with
ONE properly setup packet..
Evidence for this, given that the announcement specifically says
a *stream* of crafted UDP packets?
pgpvRjdEweWRb.pgp
Description: PGP
Fake :)
From: Sergito [mailto:sergito.li...@gmail.com]
Sent: Thursday, November 10, 2011 11:50 AM
To: Thor (Hammer of God)
Cc: Georgi Guninski; xD 0x41; full-disclosure@lists.grok.org.uk
Subject: Re: [Full-disclosure] Microsoft Windows vulnerability in TCP/IP Could
Allow Remote Code Execution
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Core Security - Corelabs Advisory
http://corelabs.coresecurity.com/
Apple OS X Sandbox Predefined Profiles Bypass
1. *Advisory Information*
Title: Apple OS X Sandbox Predefined Profiles Bypass
Advisory ID: CORE-2011-0919
Advisory URL:
As I usually have good news.. Here is some more:
http://forums.steampowered.com/forums/
Steam joins the failboat.
Regards,
Henri Salo
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and
ha...well ill be...
@Henri
A friend of mine, used to be able to shell steam, using sql but, he
failed to be able to keep the shell uploaded, they were running some
kind of 'cleaner' every 2minutes or so checking for any inclusions,
wich then would delete, or simply had a good sigs list , but this
20 matches
Mail list logo
