c0c0n 2013 CFP - Extended Deadline: 9 June, 2013
Thanks to everyone for all the paper submissions. The CFP Review Committee
will be evaluating the same for selection. Based on the requests received,
we are extending the CFP deadline to June 9, 2013 in the hope of receiving
few more paper
###
c0c0n 2013 - Call For Papers and Call For Workshops
###
August 22-24, 2013 - Cochin, India
Buenos días from the God’s Own Country!
We are extremely delighted to announce the Call for Papers and
c0c0n 2012 CFP - Extended Deadline: May 15, 2012
Thanks to everyone for all the paper submissions. The CFP Review Committee
will be evaluating the same for selection. Based on the requests received,
we are extending the CFP deadline to May 15, 2012 in the hope of receiving
few more paper
so this is will be considered as vulnerability or not ?
because Successful exploits may allow attackers to hijack web sessions or
bypass authentication through a replay attack and gain access to a victim's
email account.
Asheesh
On Wed, Oct 26, 2011 at 5:55 AM, Darren McDonald
==
Microsoft Outlook Web Access Session
sidejacking/Session Replay Vulnerability
===
,-._,-.Sagan [http://sagan.quadrantsec.com]
\/)(\/By Champ Clark III Quadrant InfoSec Team: [quadrantsec.com]
(_o_) Copyright (C) 2009-2011 Quadrant Information Security, et al.
/ \/)
(|| ||)
oo-oo
Quadrant Information Security [http
is Disclosed – PoC attached
10. About Bonsai
Bonsai is a company involved in providing professional computer
information security services. Currently a sound growth company, since
its foundation in early 2009 in Buenos Aires, Argentina, we are fully
committed to quality service and focused on our
information to ORACLE
• 2010-09-29 / Oracle confirms the vulnerability
• 2010-10-12 / Oracle published Critical Patch Update Fix
• 2010-10-13 / Public Disclosure
10. About Bonsai
Bonsai is a company involved in providing professional computer
information security services. Currently a sound growth
http://www.cvedetails.com/cve/CVE-2010-1044/20101044-vulnerable-softwares-references-exploits.html#references
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1044
ManageEngine OpUtils 'Login.do' SQL Injection Vulnerability
Attackers can use a browser to exploit this issue.
The
was given.
* 2010-08-02 / Twitter sent us an email stating that the vulnerability
was patched.
* 2010-08-03 / Public Disclosure.
10. About Bonsai
Bonsai is a company involved in providing professional computer
information security services. Currently a sound growth company, since
its foundation in early
yes pratul it was working on 13th june :)
--- On *Wed, 16/6/10, Vipul Agarwal vi...@nuttygeeks.com* wrote:
From: Vipul Agarwal vi...@nuttygeeks.com
Subject: Re: [Full-disclosure] yahoomail dom based xss vulnerability
To: pratul agrawal pratu...@yahoo.com
Cc:
Beware !!! before opening this site--miano.us/misc/ff_sucks.html
Clink on below link or copy paste in browser firefox, opera
miano.us/misc/ff_sucks.html
important thing that this is not coded by me :)
___
Full-Disclosure - We believe in it.
:
The advisory BONSAI-2010-0105 is published.
10. References
[0] http://www.cacti.net/
[1] http://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project
11. About Bonsai
Bonsai is a company involved in providing professional computer
information security services. Currently a sound growth company
://www.cacti.net/
[1] http://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project
11. About Bonsai
Bonsai is a company involved in providing professional computer
information security services. Currently a sound growth company, since
its foundation in early 2009 in Buenos Aires, Argentina, we
How to Detect Malware from Proxy Log(ISA,squid)
any keyword, for searching ,
Thanking You
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
(running from a LiveCD, no less). The result was the
same as the one described above - Firefox chugged for a few seconds and then
displayed a very wide web page.
-- Rohit Patnaik
On Thu, Mar 4, 2010 at 4:15 AM, information security
informationhacke...@gmail.com wrote:
i had check this code
small -penis machine change into big-penis machine :)
On Wed, Mar 3, 2010 at 12:37 AM, valdis.kletni...@vt.edu wrote:
On Tue, 02 Mar 2010 20:02:37 PST, information security said:
open in Mozilla Firefox and wait for 15 sec .. :) and say Good Bye
Sorry, your exploit doesn't do squat on a 64
exploit-db post this kind of shit.
2010/3/3 information security informationhacke...@gmail.com
==
Opera (plenitude String )Denial of Service Exploit
A * 200 on them
compromised hosts ?
You tell me.
2010/3/3 information security informationhacke...@gmail.com
Thanks Valdis .Jeff for all your comment
yes my small-penis machine running out of RAM and swap space ...: ..
:)and i believe that Mozilla get crash ...:(
can
http://www.exploit-db.com/exploits/11617
===
Mozilla Firefox 3.6 plenitude String
Crash(0day) Exploit
===
==
Opera (plenitude String )Denial of Service Exploit
===
by
http://www.exploit-db.com/exploits/11432
# Title: Mozilla Firefox 3.6 (Multitudinous looping )Denial of Service
Exploit
# EDB-ID: 11432
# CVE-ID: ()
# OSVDB-ID: ()
# Author: Asheesh kumar Mani Tripathi
# Published: 2010-02-13
# Verified: yes
# Download Exploit Code
link:http://www.exploit-db.com/exploits/11438
# Title: Internet Explorer 8 (Multitudinous looping )Denial of Service
Exploit
# EDB-ID: 11438
# CVE-ID: ()
# OSVDB-ID: ()
# Author: Asheesh kumar Mani Tripathi
# Published: 2010-02-13
# Verified: yes
# Download Exploit Code
Bonsai Information Security - Advisory
http://www.bonsai-sec.com/research/
Multiple XSS in Achievo
1. *Advisory Information*
Title: Multiple XSS in Achievo
Advisory ID: BONSAI-2009-0101
Advisory URL:
http://www.bonsai-sec.com/research/vulnerabilities
Bonsai Information Security - Advisory
http://www.bonsai-sec.com/research/
SQL Injection in Achievo
1. *Advisory Information*
Title: SQL Injection in Achievo
Advisory ID: BONSAI-2009-0102
Advisory URL:
http://www.bonsai-sec.com/research/vulnerabilities
a funy hack counter Nash Leon (Glaudson O Campos).
:P
Regards...
- --
H2G-Labs Information Security
Igor Marcel - Information Security Consultant
H2GLabs.InfoSec at Gmail.com
-BEGIN PGP SIGNATURE-
Version: GnuPG (PRIVATE)
Comment: H2G-Labs Information Security
iQIVAwUBSQ44
,
reply our mails.
Sorry to bad english.
Regards...
- --
H2G-Labs Information Security
Igor Marcel - Information Security Consultant
H2GLabs.InfoSec at Gmail.com
-BEGIN PGP SIGNATURE-
Version: GnuPG (PRIVATE)
Comment: H2G-Labs Information Security
iQIVAwUBSJ3N3cJBTfehHgWwAQrBSA//ZIjAFG8Q
has patched!
Regards...
- --
H2G-Labs Information Security
Igor Marcel - Information Security Consultant
H2GLabs.InfoSec at Gmail.com
-BEGIN PGP SIGNATURE-
Version: GnuPG (PRIVATE)
Comment: H2G-Labs Information Security
iQIVAwUBSFustsJBTfehHgWwAQpEhA/9HPOOC/fiUY4jmDcBWeSfMK6OEyRLkQtM
].onsubmit='';document.forms[0].navegacao.value='16';document.forms[0].submit();void(0);
And you will be logged in, without need register/identify you machine.
I hope the CAIXA team solve this problem hurry.
Sorry to my bad english, I am brazilian.
Regards...
- --
H2G-Labs Information Security
(brazilian have a good notority about that !) and moreover you want buy
some remote code execution on IE for 500$ :)
Are you surprised ?
Have a nice day , Juergen-
--
Igor Marcel - Vugo Verbal Killer (VUGO)
H2G-Labs Information Security - Information Security Consultant
Linux is modism, BSD
Student.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
--
Igor Marcel - Vugo Verbal Killer (VUGO)
H2G-Labs Information Security - Information
. How I say, take care guys!
Regards and sorry to my bad english, I am brazilian...
2007/9/13, H2G-Labs Information Security [EMAIL PROTECTED]:
Take care, maybe this is a fake.
Regards...
2007/9/13, Guasconi Vincent [EMAIL PROTECTED]:
On 9/12/07, Juergen Marester [EMAIL PROTECTED] wrote
. How I say, take care guys!
Regards and sorry to my bad english, I am brazilian...
--
Igor Marcel - Vugo Verbal Killer (VUGO)
H2G-Labs Information Security - Information Security Consultant
Linux is modism, BSD is a life style!
___
Full-Disclosure - We
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi all,
This virus at the time of my posting this is only detedted by
Kasperski and I cannot find any detail on the virus. Came in the
email as given below.
URL for the virus http://www.alias-search.com/images/msits.exe
Also found was the
34 matches
Mail list logo