[Full-disclosure] [ MDVSA-2013:289 ] owncloud

2013-12-18 Thread security
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:289 http://www.mandriva.com/en/support/security/

[Full-disclosure] [ MDVSA-2013:291 ] kernel

2013-12-18 Thread security
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:291 http://www.mandriva.com/en/support/security/

[Full-disclosure] [ MDVSA-2013:291 ] kernel

2013-12-18 Thread security
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:291 http://www.mandriva.com/en/support/security/

[Full-disclosure] [ MDVSA-2013:290 ] mediawiki

2013-12-18 Thread security
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:290 http://www.mandriva.com/en/support/security/

[Full-disclosure] phrack.org being spammed

2013-12-18 Thread Yvan Janssens
Seems that there is a lot of SPAM going on here: * http://phrack.org/issues.html?issue=29id=7#comments Is phrack(.org) still maintained? It has been a while since the last one... ~ -- |_|0|_| Yvan Janssens|_|_|0| |0|0|0| ___ Full-Disclosure - We

[Full-disclosure] InfoSec Southwest 2014 CFP now open!

2013-12-18 Thread ISSW CFP
Hi computer enthusiasts! I'm delighted to announce this year's call for papers for ISSW 2014 is open now through 11:59:59 CST, February 1, 2014. ISSW 2014 will be held in downtown Austin, Texas, USA, from Friday, April 4 through Sunday, April 6th. Yes, this is well after SXSW, so all the

[Full-disclosure] [CVE-2013-5573] Jenkins v1.523 Default markup formatter permits offsite-bound forms

2013-12-18 Thread Christian Catalano
### 01. ### Advisory Information ### Title: Default markup formatter permits offsite-bound forms Date published : 2013-12-16 Date of last update: 2013-12-16 Vendors contacted : Jenkins CI v 1.523 Discovered by: Christian Catalano Severity: Low

Re: [Full-disclosure] [CVE-2013-6986] Insecure Data Storage in Subway Ordering for California (ZippyYum) 3.4 iOS mobile application

2013-12-18 Thread Daniel Wood
I would like to point out that the statements made in the emails from mikken.tut...@intersecworldwide.com are untrue at best, defamatory at worst. I am not going to lambast Jeff, Mikken, or Intersec Worldwide - but I will defend myself. Normally I would not respond to something like this in a

[Full-disclosure] [ MDVSA-2013:292 ] links

2013-12-18 Thread security
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:292 http://www.mandriva.com/en/support/security/

[Full-disclosure] [ MDVSA-2013:293 ] gimp

2013-12-18 Thread security
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:293 http://www.mandriva.com/en/support/security/

[Full-disclosure] [ MDVSA-2013:294 ] gimp

2013-12-18 Thread security
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:294 http://www.mandriva.com/en/support/security/

[Full-disclosure] [SECURITY] [DSA 2822-1] xorg-server security update

2013-12-18 Thread Moritz Muehlenhoff
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - - Debian Security Advisory DSA-2822-1 secur...@debian.org http://www.debian.org/security/Moritz Muehlenhoff December 18, 2013

[Full-disclosure] [SECURITY] [DSA 2823-1] pixman security update

2013-12-18 Thread Moritz Muehlenhoff
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - - Debian Security Advisory DSA-2823-1 secur...@debian.org http://www.debian.org/security/Moritz Muehlenhoff December 18, 2013

[Full-disclosure] [Security-news] SA-CONTRIB-2013-098 - Ubercart - Session Fixation Vulnerability

2013-12-18 Thread security-news
View online: https://drupal.org/node/2158651 * Advisory ID: DRUPAL-SA-CONTRIB-2013-098 * Project: Ubercart [1] (third-party module) * Version: 6.x, 7.x * Date: 2013-12-18 * Security risk: Less critical [2] * Exploitable from: Remote * Vulnerability: Session Fixation