Hi, the linked gist below details a post-auth SQL injection within
AlienVault 4.5.0 OSSIM.
Any authed user will do, admin not required.
https://gist.github.com/brandonprry/9874177
--
http://volatile-minds.blogspot.com -- blog
http://www.volatileminds.net -- website
IonCube's loader-wizard.php script.contains multiple vulnerabilities:
http://www.firefart.net/multiple-vulnerabilities-in-ioncube-loader-wizard/
___
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archiv
Hello participants of Mailing List.
After making public release of DAVOSET
(http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/2013-June/008850.html),
I've made next update of the software. At 29th of March DAVOSET v.1.1.9
was released - DDoS attacks via other sites execution to
Title: Message
Had thanked
Fyodor privately but guess a public HURRAH!!! is the
least OT topic we will see for a while
Will pull the just mothballed pop
Le 28/03/2014 01:04, Justin Klein Keane a écrit :
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I heartily agree - thanks Fyodor. The denizens of this list owe you
many a beer.
Yeah! more beer, more noise, more FD! MAKE SOME F NOISE !
Then about silence and quietness, please leave those
Thank you Justin. I appreciate the kind words and will certainly continue in
this venture.
Thanks for the sound advice and comments Greg! Forecasting future attacks and
techniques is an excellent idea. The target audience for this was difficult and
I am still not sure what exactly it is. I hope
