> i recommend you don't use coordinators - they are f*ck*d parasites.
But it take much less effort for researcher - just to send report to any
coordinator (freeware like CERT or commercial like iDefense), and forget.
It works in case with software vulnerability but don't works if vulnerability
i
Hi List.
I need your opinion.
Recently I found multiply vulnerabilities in several sites. some sites behold
to security-related firms but not software vendors. I'm trying to contact that
companies under rfpolicy several times but don't receive any response on
receive something like "what injecti
Hi list.
Previos message in this therad ftom [EMAIL PROTECTED] with "Piramid URLS" was
spoofed.
I think this is DPIK lammers stupid jokes.
smime.p7s
Description: S/MIME cryptographic signature
___
Full-Disclosure - We believe in it.
Charter: http:/
hi list again
foregive me for my wrong URL, here's the coorect one:
http://%77%77%77%2E%6D%79%66%72%65%65%73%68%61%72%65%73%2E%63%6F%6D/%63%6C%6
9%63%6B%2E%70%68%70?%61%64%63%6F%64%65=%31%31%31%39%33%37%36%37%39%38&%75%73
%65%72=%30%35%31%32%30%36%34%30%31%34%34%37
http://%77%77%77%2E%6D%79%66%72%
Hi list.
I found what mitm vulnerability in Microsoft's
IPSec (http://lists.seifried.org/pipermail/security/2004-May/003394.html) still
exists.
IPSec client don't verify subject field in
certificate and accept certificates with OID 1.3.6.1.5.5.7.3.2 (TLS
Web client authentication).
Certific
Fun with ISS Fusion Module
This module can correlate data from different ISS products and based it can
give additional info about detected attacks (was it successfully or not, etc).
For example, if IDS (network sensor)detects exploit in traffic, but scans
(internet scanner) reports that vulnerab