[Full-disclosure] CVE-2013-6271 Remove Android Device Lock by rouge app

Please find a better readable version of the advisory here: https://cureblog.de/2013/11/755/ Cheers, Curesec Research Team == CVE-2013-6271: Security Advisory – Curesec Research Team 1. Introduction Advisory ID:Cure-2013-1011 Advisory

[Full-disclosure] D-Link! What's wrong with you?

Hi All, The D-Link's devices always surprise us. I've found a telnet console with hardcoded credentials into the firmware. More details at: http://www.h725.co.vu/2013/11/d-link-whats-wrong-with-you.html Kind Regards, Matteo Ignaccolo www.h725.co.vu ___

[Full-disclosure] [SECURITY] [DSA 2805-1] sup-mail security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - - Debian Security Advisory DSA-2805-1 secur...@debian.org http://www.debian.org/security/ Luciano Bello November 27, 2013

[Full-disclosure] Pastebin Captcha Bypass

Hello all, After reading an article in Go Null Yourself about abusing PhpBB's Tell-a-Friend feature a while back, I've kept an eye out for ways to spam people or bypass a website's flood protection. (Apologies to forum moderators everywhere!) On October 5, I discovered a captcha bypass technique

[Full-disclosure] CVE-2013-6224: XSS in Livezilla prior version 5.1.1.0

Security Advisory - Curesec Research Team = 1. Introduction Advisory ID: Cure-2013-1006 Advisory URL: https://www.curesec.com/ Affected Product: Prior 5.1.1.0 Fixed Version: 5.1.1.0 Vendor Contact: supp...@livezilla.net Vulnerability Type:

[Full-disclosure] iCloud and privacy...last word

Apple Discussions has a large portion of people dead set on making sure everyone knows that iCloud data is different then your "other" data. I disagree...follow you're data: http://www.apple.com/privacy "Here are _some examples _of the types of personal information Apple _may_ collect and how we

[Full-disclosure] CVE-2013-6223: Local Password Disclosure in Livezilla prior version 5.1.1.0

Security Advisory - Curesec Research Team = 1. Introduction Advisory ID: Cure-2013-1008 Advisory URL: https://www.curesec.com/ Affected Product: Prior LiveZilla version 5.1.1.0 Affected Systems: Windows Vendor Contact: supp...@livezilla.net

[Full-disclosure] NewsAktuell PressePortal DE - Remote SQL Injection Web Vulnerability

Document Title: === NewsAktuell PressePortal DE - Remote SQL Injection Web Vulnerability References (Source): http://vulnerability-lab.com/get_content.php?id=1150 Lab News Article: http://www.vulnerability-lab.com/news/get_news.php?id=115 Release Date:

[Full-disclosure] RFP: FOIA with privacy waivers[0] for oversight

Request for participants FOIA with privacy waivers[0] to investigate: - FBI and other TLA use of offensive attacks as part of "active" forensics in investigations. Circumstances around use; e.g. lack of search and seizure warrants, only classified expedient requests or pen register orders. - Inf

Re: [Full-disclosure] iCloud and privacy...last word

And don't forget Apple's own lawyers tell us it can't be trusted: A layman’s analysis of License Agreements and Terms and Conditions reveals how little security is afforded to your documents in cloud storage and backup to the cloud. For those who don’t read them, one popular platform has 142 separ