In August, ISS reported a vulnerability in the Entrust LibKmp ISAKMP library.
http://xforce.iss.net/xforce/alerts/id/181
SANS reports the 30th of August that Cisco and Oracle may also be vulnerable to this
flaw.
http://www.sans.org/newsletters/risk/vol3_34.php
Now, I don't know about you but I h
Hi Jelmer,
I've read your analysis of the trojan of 180 solutions and noticed the statement that
this issue uses two zero day exploits.
I'm trying to monitor and register IE vulnerabilities and have a strong feeling I've
seen the Location header execution before.
Just to be sure, are you aware
Hello
I was browsing the SecurityFocus vulnerability database and found the following:
http://www.securityfocus.com/bid/9903
"Because the make utility is reported to run with setGID root privileges, a local
attacker may potentially exploit this condition to gain access to the root group"
Is this
Hello,
I was browsing through the findings of SecurityFocus and found the following:
BID 9660 - "Microsoft IIS Unspecified Remote Denial Of Service Vulnerability"
It seems that using an OpenSSL ASN.1 brute force tool IIS 5.0 can be brought to a
halt.
So ...
does MS use OpenSSL code?
Has anyo
This is still old stuff. More info can be found in a reply by Greymagic on a posting
called "IE 6 XML Bypass" by mindwarper. Nice copy of the code though, with all those
changes in the filenames and french text and all.
grz
Bone Machine
---
"Break my body, hold my bones" - The Pixies
---
Oops, forgot to mention that the "IE 6 XML Bypass"-posting was on the Bugtraq mailing
list.
grz
Bone Machine
---
"Break my body, hold my bones" - The Pixies
---
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-