> Massive 0day hide all your printers.
> http://pastebin.com/AwpsBWVQ
I now see that the code on pastebin is identical to
http://www.securityfocus.com/bid/52973/exploit
so is "known fixed" since Samba 3.6.4 .
Cheers, Paul
Paul Szabo p...@maths.usyd.edu.au http://www.maths.usyd.edu.au/u/psz/
View online: http://drupal.org/node/1796036
* Advisory ID: DRUPAL-SA-CONTRIB-2012-148
* Project: Organic groups [1] (third-party module)
* Version: 7.x
* Date: 2012-September-26
* Security risk: Moderately critical [2]
* Exploitable from: Remote
* Vulnerability: Access bypass
--
Hello list,
SinFP3 is a complete framework for network discovery. Its main purpose is to
perform active fingerprinting, but it can also do passive fingerprinting. Both
modes are available over IPv4 and IPv6. This new version introduces a
plugin-based architecture, allowing anyone to dev
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Cisco Catalyst 4500E Series Switch with Cisco Catalyst Supervisor Engine 7L-E
Denial of Service Vulnerability
Advisory ID: cisco-sa-20120926-ecc
Revision 1.0
For Public Release 2012 September 26 16:00 UTC (GMT
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Cisco IOS Software DHCP Denial of Service Vulnerability
Advisory ID: cisco-sa-20120926-dhcp
Revision 1.0
For Public Release 2012 September 26 16:00 UTC (GMT)
+-
Summary
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Cisco IOS Software DHCP Version 6 Server Denial of Service Vulnerability
Advisory ID: cisco-sa-20120926-dhcpv6
Revision 1.0
For Public Release 2012 September 26 16:00 UTC (GMT
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Cisco IOS Software Tunneled Traffic Queue Wedge Vulnerability
Advisory ID: cisco-sa-20120926-c10k-tunnels
Revision 1.0
For Public Release 2012 September 26 16:00 UTC (GMT
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Cisco IOS Software Network Address Translation Vulnerabilities
Advisory ID: cisco-sa-20120926-nat
Revision 1.0
For Public Release 2012 September 26 16:00 UTC (GMT)
+-
Summary
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Cisco IOS Software Malformed Border Gateway Protocol Attribute Vulnerability
Advisory ID: cisco-sa-20120926-bgp
Revision 1.0
For Public Release 2012 September 26 16:00 UTC (GMT
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Cisco IOS Software Intrusion Prevention System Denial of Service Vulnerability
Advisory ID: cisco-sa-20120926-ios-ips
Revision 1.0
For Public Release 2012 September 26 16:00 UTC (GMT
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability
Advisory ID: cisco-sa-20120926-sip
Revision 1.0
For Public Release 2012 September 26 16:00 UTC (GMT
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Cisco Unified Communications Manager Session Initiation Protocol Denial of
Service Vulnerability
Advisory ID: cisco-sa-20120926-cucm
Revision 1.0
For Public Release 2012 September 26 16:00 UTC (GMT
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-2550-2 secur...@debian.org
http://www.debian.org/security/Moritz Muehlenhoff
September 26, 2012
This might be old news, but for those who missed this year's DefCon talk
on MS-CHAP-2 and related commotion, it probably isn't.
This relates to PPTP, and possibly other auth protocols.
https://www.cloudcracker.com/blog/2012/07/29/cracking-ms-chap-v2/
switch over, stay secure.
--
Kirils
@Kirils
tl;dr: A security audit found security holes and a year later: not all of
the holes were fixed.
On Sep 26, 2012 3:15 AM, "Bit WAshor" wrote:
> SENSITIVE financial data could be at risk after it was revealed that a
> council’s IT network could be open to outside attacks following an audit of
> its
SENSITIVE
financial data could be at risk after it was revealed that a council’s
IT network could be open to outside attacks following an audit of its
systems.
The detailed look into IT systems at South Derbyshire District Council has
highlighted several issues which could see the authority lef
On 2012-09-26 01:30, Chris Evans wrote:
> I don't see any details?
> This list is "full disclosure", not "touch self in public".
Our Disclosure Policy [1] is somethings in-between Full Disclosure
and Responsible Disclosure. It has certain advantages such as the
ability to carry an early warning t
This effects version 0.1 of abc-test the hole is fixed in version 0.2
-
Affected products:
-
Product : wordpress plugin abc-test
Affected file: abctest_config.php
Details:
The file abctest_config.php does not sanitize the input from $_GET ['id']
effectively. This all
18 matches
Mail list logo