-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian Security Advisory DSA-2581-1 secur...@debian.org
http://www.debian.org/security/ Yves-Alexis Perez
December 04, 2012
Hard to believe, but 2012 is almost over
Once again we've managed to secure the venue for a December meet, so we
can start the festivities well before your livers are too crippled by
office parties... Not only that, but we've even got a speaker lined up!
Chris from Facebook London's Site
FAST Cracking of MySQL account passwords locally or over the network (post-auth)
(to the maintainers: you don't need to patch this, looks alot like a
minor bug, prolly documented :D)
I found a method to crack mysql user passwords locally or over the
network pretty efficiently.
During Tests it
Privilege Escalation through Binary Planting in Panda Internet Security
Software: Panda Internet Security 2012 2013
Vendor:
Centrify Deployment Manager v2.1.0.283
While at a training session for centrify, I noticed poor handling of files in
/tmp. I was able to overwrite /etc/shadow with the contents of adcheckDMoutput.
I am sure there are more vulnerabilities to be exploit, maybe a local root -
but being this is a
This is actually the login UID of the user Deployment manager is being run as.
Centrify Deployment Manager v2.1.0.283