Thanks for the hint about how to solve the issue!
Two questions.
Is the combination of both the iptables setting and python script a standalone
solution along with the exploit code or is it required to send the exploit
buffers in nfq.py? I assume the first.
Does this configuration require
Just found this online.. might be of interest
Abstract: Flush+Reload is a cache side-channel attack that
monitors access to data in shared pages. In this paper we demonstrate
how to use the attack to extract private encryption keys from GnuPG.
The high resolution and low noise of the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
CVE-2013-2189
OpenOffice DOC Memory Corruption Vulnerability
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected:
Apache OpenOffice 3.4.0 to 3.4.1 on all platforms.
Predecessor versions of OpenOffice.org may be
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
CVE-2013-4156
OpenOffice DOCM Memory Corruption Vulnerability
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected:
Apache OpenOffice 3.4.0 and 3.4.1, on all platforms.
Predecessor versions of OpenOffice.org may be
SEC Consult Vulnerability Lab Security Advisory 20130726-0
===
title: Multiple vulnerabilities - Surveillance via Symantec Web
Gateway
product: Symantec Web Gateway
vulnerable
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2013:200
http://www.mandriva.com/en/support/security/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2013:201
http://www.mandriva.com/en/support/security/
Here is the article.
http://blog.trustlook.com/news/trustlook-found-hundreds-of-malicious-applications-in-the-google-play-store/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored
You know what's funny? Their privacy policy
http://www.trustlook.com/privacy/
Specifically, the part that says:
If you wish, you may contact us instead via non-cellular telephone at the
numbers provided at various locations on our sites or, *in the case of
our health plan members*, at the
On Fri, 26 Jul 2013 07:31:09 +0100, Hurgel Bumpf said:
Just found this online.. might be of interest
Direct PDF: http://eprint.iacr.org/2013/448.pdf
From the fine PDF:
The Flush+Reload attack is a variant of the Prime+Probe attack that relies on
sharing pages between the spy and the victim
On Fri, Jul 26, 2013 at 3:37 PM, valdis.kletni...@vt.edu wrote:
On Fri, 26 Jul 2013 07:31:09 +0100, Hurgel Bumpf said:
Just found this online.. might be of interest
Direct PDF: http://eprint.iacr.org/2013/448.pdf
From the fine PDF:
The Flush+Reload attack is a variant of the Prime+Probe
On Fri, Jul 26, 2013 at 11:13 AM, bugfree bugf...@gmail.com wrote:
Here is the article.
http://blog.trustlook.com/news/trustlook-found-hundreds-of-malicious-applications-in-the-google-play-store/
Peter Gutmann has a lot of fun with over-permissioned battery apps in
his book Engineering
Hello,
The fact is that you need to send the TCP packages in different order than
the kernel does on normal connections, and you have two ways to do that:
1. Do not use kernel functions to manage connections, so you need to
implement a little TCP/IP stack on user-space using raw sockets.
2. Use
Hello list!
Earlier I wrote about multiple vulnerabilities in Googlemaps plugin for
Joomla (http://securityvulns.ru/docs29645.html). After my informing, the
developer fixed these vulnerabilities in versions 2.19 and 3.1 of the
plugin - by removing proxy functionality. And in version 3.2 of the
On Fri, Jul 26, 2013 at 03:47:41PM -0400, Jeffrey Walton wrote:
Dr. Bernstein puts a lot of effort into defending against timing
attacks and other side channels in his NaCl library. I'm not aware of
any other libraries which go to the same depths. On the downside, NaCl
is not easy to work with
15 matches
Mail list logo