libtiff = 3.9.5 integer overflow bug

++ | XADV-2013001 libtiff = 3.9.5 integer overflow bug | ++ vulnerable versions: - libtiff 3.9.5 = - libtiff 3.6.0 not vulnerable versions: - libtiff 4.0.3 - libtiff 4.0.2 - libtiff 4.0.1 -

Wordpress post-gallery Plugin Xss vulnerabilities

The Wordpress post-gallery Plugin suffers from a Cross-Site Scripting vulnerability. # # Iranian Exploit DataBase Forum # http://iedb.ir/acc # http://iedb.ir # # Exploit Title : Wordpress

Defense in depth -- the Microsoft way (part 8): execute everywhere!

Hi, since it's start about 20 years ago Windows NT supports (fine grained) ACLs, including the permission execute file. In their very finite wisdom Microsoft but decided back then to have this permission set on EVERY file a user creates (and assumes it is set on local and remote file systems

Re: [Full-disclosure] Defense in depth -- the Microsoft way (part 8): execute everywhere!

Hi Stefan, ... administrative rights for every user account Hmmm... XP/x64 appears to have a bug such that the second user also needs to be admin (perhaps XP/x86, too). XP does not recognize the first account as admin, so the second account cannot be limited (at least on my test box). Vista and

Re: [Full-disclosure] Defense in depth -- the Microsoft way (part 8): execute everywhere!

Jeffrey Walton wrote: Hi Stefan, ... administrative rights for every user account This WAS the default for user accounts back then, and still IS the default for user accounts created during setup. Hmmm... XP/x64 appears to have a bug such that the second user also needs to be admin

[SECURITY] [DSA 2741-1] chromium-browser security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-2741-1 secur...@debian.org http://www.debian.org/security/ Michael Gilbert August 25, 2013

DC4420 - London DEFCON - August Meet - Tuesday 27th August 2013

Bank holiday's over and it's time to get back to work, which totally sucks! However, what doesn't suck is that we've got a meet so we can all drink beer and cry about it together... :) In the absence of any other speakers coming forward, this month I'll be talking about our latest project...

Re: [Full-disclosure] Defense in depth -- the Microsoft way (part 8): execute everywhere!

On Sat, Aug 24, 2013 at 5:32 PM, Stefan Kanthak stefan.kant...@nexgo.de wrote: Hi, since it's start about 20 years ago Windows NT supports (fine grained) ACLs, including the permission execute file. In their very finite wisdom Microsoft but decided back then to have this permission set on

Re: [Full-disclosure] Defense in depth -- the Microsoft way (part 8): execute everywhere!

On 2013-08-24 16:33, Jeffrey Walton wrote: Hi Stefan, ... administrative rights for every user account Hmmm... XP/x64 appears to have a bug such that the second user also needs to be admin (perhaps XP/x86, too). XP does not recognize the first account as admin, so the second account cannot be

Re: [Full-disclosure] Defense in depth -- the Microsoft way (part 8): execute everywhere!

I would prefer a more literarily neutral approach than that thought-filled, swear-prone discussion. The problem disclosed is interesting and the solution provided smooth. The pejoration in words really makes me think to which extents could the affirmations be true or just blow outs. sloppy

[SECURITY] [DSA 2742-1] php5 security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - - Debian Security Advisory DSA-2742-1 secur...@debian.org http://www.debian.org/security/ August 26, 2013