On Fri, 10 Feb 2012 03:51:53 GMT, Nick Boyce said:
OT: They should just make FF quality high and the design impeccable -
Quality high is always a nice concept. But there's always 5 quality issues
and
resources to fix only 3. Obviously, you want to fix the 3 that matter most to
your users -
Of
valdis.kletni...@vt.edu
Sent: vrijdag 10 februari 2012 15:48
To: Nick Boyce
Cc: full-disclosure
Subject: Re: [Full-disclosure] Bug 718066 - [meta] Add feature to submit
anonymous product metrics to Mozilla
On Fri, 10 Feb 2012 03:51:53 GMT, Nick Boyce said:
OT: They should just make FF quality high
On Wed, Feb 8, 2012 at 9:12 PM, . . kerdezd...@gmail.com wrote:
https://bugzilla.mozilla.org/show_bug.cgi?id=718066
what the hell is this?!
I'll bite ... (I know your question was rhetorical)
It's a very bad idea IMO.
From TFA:
(https://wiki.mozilla.org/MetricsDataPing)
Mozilla has a
hi I find an bug ne Facebook here is the POC
http://www.mediafire.com/?2mfvk2emjfk1mpq
Saludos Jbyte
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
I would be nice if you provide additional information about this
instead of just a link.
--
Martín Aberastegue
http://www.martinaberastegue.com/
On Sun, Dec 12, 2010 at 7:08 PM, Jbyte Security jb...@hotmail.es wrote:
hi I find an bug ne Facebook here is the POC
Has a large 11mb .avi file in it, a text file with what looks like
phished Facebook credentials and looks like a copy of a Facebook
phishing site.
I haven't looked at the HTML nor the avi.
On 12/13/2010 08:23 AM, Martin Aberastegue wrote:
I would be nice if you provide additional information
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Vde (virtual distributed ethernet) is an ethernet compliant virtual network that
can be spawned over a set of physical computers over the internet ... (see
http://vde.sourceforge.net).
The vde_plug (at least on ubuntu hardy) contains a bug, that is
It's possible to execute a local aplication when using RealPlayer Plus 11
Browser. The problem resides in the file rp*.exe which is loaded everytime
a page is viewed.
Redirecting this filename with IFEO or overwriting the file makes it possible
to execute already installed malware.
Hello full-disclosure!
years ago I found a bug in Process Explorer tool, written by Mark
Russinovich. well, not a bug, just misfeature :) Process Explorer
tries to determine the start address of a thread, but does this
wrong and under certain conditions gives us an incorrect result.
I sent a
-=[ADVISORY---]=-
Italian Bank
Author: CorryL[EMAIL PROTECTED]
-=[---]=-
-=[+] Bug type:
this would require access to the administrator panel to work, how is
this a vuln?
zeus olimpusklan wrote:
###
#Advisory #2 Title: file Modification in osCommerce
#
#
# Author: 0o_zeus_o0
# Contact: [EMAIL PROTECTED]
Advisory #2 Title: file Modification in osCommerce# # # Author: 0o_zeus_o0# Contact: [EMAIL PROTECTED]
# Website: olimpusklan.org# Date: 27/12/2005# Risk: High # Vendor Url: http://www.oscommerce.com/# Affected Software:
Great Bug indeed!
But don't you think this issue is kind of similar to issue 3 in this
(old) advisory:
http://archives.neohapsis.com/archives/bugtraq/2003-01/0203.html
Regards,
Peter zenster
___
Full-Disclosure - We believe in it.
Charter:
z3n wrote:
Great Bug indeed!
But don't you think this issue is kind of similar to issue 3 in this
(old) advisory:
http://archives.neohapsis.com/archives/bugtraq/2003-01/0203.html
Well, actually, I think this is some kind of feature and is associated with
the behavior that is i.e.
Christopher Kunz writes:
Well, actually, I think this is some kind of feature and is associated with
the behavior that is i.e. demonstrated on default installations of Apache (which
have several index.html index.html.de .en .jp etc.), only that this time not
mod_negotiation, but mod_mime is
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
z3n wrote:
Great Bug indeed!
But don't you think this issue is kind of similar to issue 3 in this
(old) advisory:
http://archives.neohapsis.com/archives/bugtraq/2003-01/0203.html
Indeed it appears that 2.0.44 did not completely plug the
I suppose this is a great bug. It work also on apache 2. If a user can
upload a file and it's extension isn't associated to a mime-type, the
server processes it as a php file..
Stanza
On 12/5/05, Chris Umphress [EMAIL PROTECTED] wrote:
On 12/4/05, Ron [EMAIL PROTECTED] wrote:
I'm not sure
Hello,
Ron wrote:
In Apache 1.3.33 (untested on any other version), if you have a file
called file.php.bak, and you navigate to it in the browser, it will run
on the server as a .php file. This works with any extension that isn't
known to the server (.rar, .bak, .test, .java, .cpp, .c,
I think this is due to Apache's mod_mime_magic:http://httpd.apache.org/docs/1.3/mod/mod_mime_magic.html Lots of phishers are using files named *.php.rar recently.
On 12/5/05, Simon Richter [EMAIL PROTECTED] wrote:
Hello,Ron wrote: In Apache 1.3.33 (untested on any other version), if you have a
-disclosure@lists.grok.org.uk
Subject: Re: [Full-disclosure] Bug with .php extension?
I suppose this is a great bug. It work also on apache 2. If a user can
upload a file and it's extension isn't associated to a mime-type, the
server processes it as a php file..
Stanza
On 12/5/05, Chris Umphress [EMAIL
http://localhost:8080/error%2e%70%68%70.log also works
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
recognixed extentions (txt, gif, html) or *not* interpreted as php on
my machine, just as text.
Apache/2.0.54 (Win32) PHP/5.0.4
On 05/12/05, John Bond [EMAIL PROTECTED] wrote:
http://localhost:8080/error%2e%70%68%70.log also works
___
Full-Disclosure
I'm not sure whether this is something that's well known, but I've never
seen anything about it, and I nearly got burned by it, so I figured I'd
post it here.
In Apache 1.3.33 (untested on any other version), if you have a file
called file.php.bak, and you navigate to it in the browser, it
On 12/4/05, Ron [EMAIL PROTECTED] wrote:
I'm not sure whether this is something that's well known, but I've never
seen anything about it, and I nearly got burned by it, so I figured I'd
post it here.
In Apache 1.3.33 (untested on any other version), if you have a file
called file.php.bak,
~~~
Application: Internet Explorer
Vendors: http://www.microsoft.com
Versions: 6.0.2900.2180.xpsp_sp2_rtm.040803-2158
Patched With: SP2;
Platforms: Windows
Bug: Remote File
25 matches
Mail list logo