[Full-disclosure] Software that you *really* wish had been more secure...

tl;dr: Everything shipped with the same PIN of ''. Hilarity and lulz ensue. http://www.androidpolice.com/2013/08/03/android-bluetooth-exploit-for-japanese-toilet-brings-new-meaning-to-the-word-vulnerability/ pgpedoCDpUIxu.pgp Description: PGP signature ___

[Full-disclosure] XSS and FPD vulnerabilities in WPtouch and WPtouch Pro for WordPress

Hello list! I want to inform you about vulnerabilities in WPtouch and WPtouch Pro plugins for WordPress. These are Cross-Site Scripting and Full path disclosure vulnerabilities. These XSS holes are in ZeroClipboard.swf, which is used in the plugin. In February I wrote about Cross-Site Script

[Full-disclosure] [SECURITY] [DSA 2732-1] chromium-browser security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-2732-1 secur...@debian.org http://www.debian.org/security/ Michael Gilbert July 31, 2013

[Full-disclosure] Rgpg 0.2.2 Ruby Gem Remote Command Injection

Title: Rgpg 0.2.2 Ruby Gem Remote Command InjectionDate: 7/31/2013Advisory Author: Larry W. Cashdollar, @_larry0CVE: CVE-2013-4203Download: https://rubygems.org/gems/rgpgDescription:"A simple Ruby wrapper around gpg command for file encryption.rgpg is a simple API for interacting with the gpg tool.