Could this be exploitable from within the guest vm? Eg could I execute
commands on the hypervisor host as root by generating a malicious packet to
attack the e1000 driver from within the guest?
On Tue, Jan 15, 2013 at 3:26 PM, Florian Weimer wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash:
On 15-Jan-2013 16:45:30 -0500, valdis.kletni...@vt.edu wrote:
> > Also, what stops a person to file it under a company name if
> > that's easier? I admit I'm not into this area, so I might be
> > missing something fundamental...
> If you publish an exploit as "BitWizard97", and somebody scarf
On 15-Jan-2013 06:28:53 -0500, Jeffrey Walton wrote:
> > > > After all, a vulnerability and an exploit are intellectual
> > > > products. Not sure copyright could be claimed, but why not?
> > > More interesting is the question of how to enforce a copyright
> > > claim while remaining anonymous
On Wed, Jan 16, 2013 at 5:19 AM, wrote:
> On 15-Jan-2013 06:28:53 -0500, Jeffrey Walton wrote:
>
> ...
> > > Is it really necessary to stay anonymous? Writing hmmm... articles
> > > about vulnerabilities for some (very specific) media and getting a
> > > hmmm... fee for that is mostly legal.
>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Cisco Security Advisory: Cisco ASA 1000V Cloud Firewall H.323 Inspection
Denial of Service Vulnerability
Advisory ID: cisco-sa-20130116-asa1000v
Revision 1.0
For Public Release 2013 January 16 16:00 UTC (GMT
hey!
i know it's a bit late, but Happy New Year!
i've posted the dates for 2013 meetings on dc4420.org but you'll notice
there is very little else! that's because we still need talks!
for those that are yet to join us for our monthly gathering, the format
is we meet in a private room in a pub,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-2609-1 secur...@debian.org
http://www.debian.org/security/Florian Weimer
January 16, 2013
How to detect system intrusions? What are the techniques? Can one character
difference in the output be an indicator of compromise? Download and read a
white paper below if you want answers to these questions and more.
http://www.demyo.com/downloads/white-papers/
--
Almantas Kakareka, CISSP, GSN
View online: http://drupal.org/node/1890318
* Advisory ID: DRUPAL-SA-CONTRIB-2013-004
* Project: Live CSS [1] (third-party module)
* Version: 6.x, 7.x
* Date: 2012-January-16
* Security risk: Highly critical [2]
* Exploitable from: Remote
* Vulnerability: Arbitrary PHP code execution
View online: http://drupal.org/node/1890222
* Advisory ID: DRUPAL-SA-CONTRIB-2013-003
* Project: RESTful Web Services [1] (third-party module)
* Version: 7.x
* Date: 2013-January-16
* Security risk: Moderately critical [2]
* Exploitable from: Remote
* Vulnerability: Cross Site Reques
View online: http://drupal.org/node/1890538
* Advisory ID: DRUPAL-SA-CONTRIB-2013-005
* Project: Mark Complete [1] (third-party module)
* Version: 7.x
* Date: 2013-January-16
* Security risk: Moderately critical [2]
* Exploitable from: Remote
* Vulnerability: Cross Site Request Forge
View online: http://drupal.org/SA-CORE-2013-001
* Advisory ID: DRUPAL-SA-CORE-2013-001
* Project: Drupal core [1]
* Version: 6.x, 7.x
* Date: 2013-January-16
* Security risk: Highly critical [2]
* Exploitable from: Remote
* Vulnerability: Cross Site Scripting, Access bypass
12 matches
Mail list logo