n.runs AG
http://www.nruns.com/ security(at)nruns.com
n.runs-SA-2009.007 15-Oct-2009
___
Vendor:Adobe Systems Incorporated, http://www.adobe.com
Name: Xpdf - Integer overflow which causes heap
overflow and NULL pointer derefernce
Author:Adam Zabrocki / HISPASEC (p...@itsec.pl or
a...@hispasec.com)
Date: July 06, 2009
Issue:
Xpdf allows local and remote attackers to
Multiple Vulnerabilities in Adobe Acrobat / Reader
2009.October.13
Summary:
Fortinet discovers multiple vulnerabilities in Adobe Reader / Acrobat which may
allow a remote attacker to compromise a system.
Impact:
Remote Code Execution / Denial of Service (DoS).
Risk:
Critical.
Affected
is milw0rm dead again ?
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-1912-1 secur...@debian.org
http://www.debian.org/security/ Steffen Joeris
October 16, 2009
is milw0rm dead again ?
Seems to be up for me.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
UP.. DOWN..UP.. But no updates
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
up, but last update was on 21-9-2009
does anyone know why ?
On Fri, Oct 16, 2009 at 11:27 AM, Killian Faughnan
li...@killianfaughnan.com wrote:
is milw0rm dead again ?
Seems to be up for me.
___
Full-Disclosure - We believe in it.
Charter:
From: full-disclosure-boun...@lists.grok.org.uk
[mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of Steven James
Sent: 15 October 2009 02:31
To: full-disclosure@lists.grok.org.uk
Subject: [Full-disclosure] I miss Netdev.
So I wrote him a song:
Str0ke had a str0ke I heard.
-Original Message-
From: full-disclosure-boun...@lists.grok.org.uk
[mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of Armando Oliveira
Sent: 16 October 2009 11:37
To: Killian Faughnan
Cc: full-disclosure@lists.grok.org.uk
Subject: Re:
I heard he ch0ked on a lemon
-Original Message-
From: full-disclosure-boun...@lists.grok.org.uk
[mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of McGhee,
Eddie
Sent: 16. oktober 2009 12:45
To: Armando Oliveira; Killian Faughnan
Cc: full-disclosure@lists.grok.org.uk
Subject:
Up when checked as well, but no updates since 21st Sep as mentioned.
It appears that there is no status info at
http://twitter.com/str0ke
Juha-Matti
Armando Oliveira [armando.j@gmail.com] kirjoitti:
up, but last update was on 21-9-2009
does anyone know why ?
On Fri, Oct 16, 2009 at
2009/10/15 Justin Klein Keane jus...@madirish.net
Drupal 6.14 with Site map 6.x-1.1 was tested and shown to be vulnerable.
[...]
The Site map module contains a cross site scripting vulnerability
because it does not properly sanitize output of titles before display.
[...]
To carry out a Site
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Dave Reid of Drupal security correctly pointed out to me that this
vulnerability is for Sitemap module, not XML Sitemap as specified in
the subject line. There are just so many that I lose track sometimes...
Props to Dave for spotting my error and
Just saw this on Twitter, an MSF exploit published:
http://www.rec-sec.com/2009/10/16/httpdx-buffer-overflow-exploit/
On Fri, Oct 9, 2009 at 7:58 PM, pankaj...@gmail.com wrote:
The addr value used is required to reach the ret instruction. The value
used 0x63b8624f lies in idata segment of
Awww... My self esteem. :,(
Message: 14
Date: Thu, 15 Oct 2009 07:00:40 -0400
From: McGhee, Eddie eddie.mcg...@ncr.com
Subject: Re: [Full-disclosure] I miss Netdev.
To: full-disclosure@lists.grok.org.uk
full-disclosure@lists.grok.org.uk
Message-ID:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- ---
VMware Security Advisory
Advisory ID: VMSA-2009-0014
Synopsis: VMware ESX patches for DHCP, Service Console kernel,
and JRE
I heard you guys are all leeches... no ROI.
-KF
On Oct 16, 2009, at 6:58 AM, Anders Klixbull wrote:
I heard he ch0ked on a lemon
-Original Message-
From: full-disclosure-boun...@lists.grok.org.uk
[mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of
McGhee,
Eddie
On Fri, 16 Oct 2009 13:16:02 EDT, KF (lists) said:
I heard you guys are all leeches... no ROI.
They're not *all* leeches. Some are lampreys. :)
pgpMeShwR4ykK.pgp
Description: PGP signature
___
Full-Disclosure - We believe in it.
Charter:
Wait, so some of us suck blood, but others just hitch ourselves along for a
ride?
--Rohit Patnaik
On Fri, Oct 16, 2009 at 12:53 PM, valdis.kletni...@vt.edu wrote:
On Fri, 16 Oct 2009 13:16:02 EDT, KF (lists) said:
I heard you guys are all leeches... no ROI.
They're not *all* leeches. Some
We extend our apologies if you are inconvenienced by multiple copies of this
messages.
We would like to announce the PacSec 2009 Paper Selections, and
the opening of the 2010 CanSecWest Call For Papers. Given
the proximity of the Winter Olympics in Vancouver one month
before the conference, we
21 matches
Mail list logo