[Full-disclosure] Subverting BIND's SRTT Algorithm: Derandomizing NS Selection

Hi, BIND is exposed to a new vulnerability which can be exploited remotely in order to derandomize the name server selection algorithm. Exploitation of this vulnerability can be used in conjunction with other off-path DNS cache poisoning exploits in order to make them more efficient. ISC has

Re: [Full-disclosure] CALEA Re: XKeyscore

Now that you have kindly explained your point, i must say This has been a wonderful discussion. It has certainly shed some additional light into how CALEA can be used domestically for other functions not part of its intended purpose. Now that I have basked in the limelight of my 5 minutes of

[Full-disclosure] Quick Blind TCP Connection Spoofing with SYN Cookies

Advisory location: http://www.jakoblell.com/blog/2013/08/13/quick-blind-tcp-connection-spoofing-with-syn-cookies/ Quick Blind TCP Connection Spoofing with SYN Cookies Abstract: TCP uses 32 bit Seq/Ack numbers in order to make sure that both sides of a connection can actually receive packets

[Full-disclosure] Drupal core XSS vulnerability

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 NB: Before anyone gets their panties in a twist read the whole disclosure, this isn't the end of the world, sky-is-falling vulnerability you might be looking for, but I do believe it is serious. TLDR: check your .info files! Vulnerability Report

[Full-disclosure] SQL Injection vulnerability in Soltech.CMS

Hello list! There is SQL Injection vulnerability in Soltech.CMS. This is commercial CMS. - Affected products: - Vulnerable are Soltech.CMS v 0.4 and previous versions. - Affected vendors: -

[Full-disclosure] [Security-news] SA-CONTRIB-2013-067 - BOTCHA - Information Disclosure (potential Privilege Escalation)

View online: https://drupal.org/node/2065057 * Advisory ID: DRUPAL-SA-CONTRIB-2013-067 * Project: BOTCHA Spam Prevention [1] (third-party module) * Version: 7.x * Date: 2013-August-14 * Security risk: Moderately critical [2] * Exploitable from: Remote * Vulnerability: Information

[Full-disclosure] [Security-news] SA-CONTRIB-2013-068 - Entity API - Access Bypass

View online: https://drupal.org/node/2065207 * Advisory ID: DRUPAL-SA-CONTRIB-2013-068 * Project: Entity API [1] (third-party module) * Version: 7.x * Date: 2013-August-14 * Security risk: Moderately critical [2] * Exploitable from: Remote * Vulnerability: Access bypass

[Full-disclosure] [Security-news] SA-CONTRIB-2013-069 - Password Policy - XSS

View online: https://drupal.org/node/2065387 * Advisory ID: DRUPAL-SA-CONTRIB-2013-069 * Project: Password policy [1] (third-party module) * Version: 6.x, 7.x * Date: 2013-August-14 * Security risk: Moderately critical [2] * Exploitable from: Remote * Vulnerability: Cross Site

Re: [Full-disclosure] Quick Blind TCP Connection Spoofing with SYN Cookies

Good write up that Jakob and an interesting read. Thanks ,) ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Drupal core XSS vulnerability

Thanks to Justin for identifying and describing this issue. With a little more detail inline. On Wed, Aug 14, 2013 at 7:33 AM, Justin C. Klein Keane jus...@madirish.net wrote: snip Mitigating factors: - --- In order to inject arbitrary script malicious attackers must have the

[Full-disclosure] Simple Machines Forum (SMF) = 2.0.5 - multiple vulnerabilities

According to http://simplemachines.org/community/?topic=509417#msg3592194 Simple Machines Forum = 2.0.5 (but 1.1.*) is vulnerable to one or more (currently undocumented) security issues. The changes between v2.0.4 and 2.0.5 can be reviewed at