-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 942-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
January 16th, 2006
Yes, yes, I'm sure Suha Arafat uses MSN.
Thanks, I needed a laugh.
Nick
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ag. System
Administrator
Sent: Monday, January 16, 2006 1:51 AM
To: Full-Disclosure
Subject: [Full-disclosure] [Fwd: Trusted
ThinkSECURE Pte Ltd (www.securitystartshere.net) has released
details of a client-side wireless vulnerability which affects
wireless users who are still using WEP.
More details including mitigation actions are available at our
website at:
Greetings, A couple of days ago
updating my blog for the beauty of non secure dsl modems in the .gr domain,
i notice that beauty is extented beyond that domain. Dsl implementations
running on Virata-EmWeb interfaces seems to disclose login information and
more (
Hi,
I've been told that Solaris' NS_LDAP_BINDPASSWD could be decrypted. For
instance:
$ ldapclient -l
NS_LDAP_FILE_VERSION= 1.0
NS_LDAP_BINDDN=
cn=proxyagent,ou=profile,dc=blr03-01,dc=india,dc=sun,dc=com
NS_LDAP_BINDPASSWD= {NS1}3d1a48x
...
The pass is
===
Ubuntu Security Notice USN-242-1 January 16, 2006
mailman vulnerabilities
CVE-2005-3573, CVE-2005-4153
===
A security issue affects the following Ubuntu releases:
Ubuntu
===
Ubuntu Security Notice USN-243-1 January 16, 2006
tuxpaint vulnerability
CVE-2005-3340
===
A security issue affects the following Ubuntu releases:
Ubuntu 5.10 (Breezy
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200601-10
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
You may want to check out Determina's memory firewall
http://www.determina.com/solutions/memory_firewall.html. This software does
not use signatures, so you won't have to constantly worry about having the
latest signatures, etc. You can request an evaluation from their main page.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 943-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
January 16th, 2006
New version of GroundZero Secure Delete which also supports securely wiping of
Free Space on a Device, has been released!
A free trial can be downloaded here:
http://www.groundzero-security.com/software/g0-SecureDelete-Trial.zip
regards,
GroundZero Security Research and Software Development
Since a session has to be initialized (session_start or
session_register) before it can be used, another approach could be to
initialize a session only after a successful login. All other values
are stored and accessed in and from _request variables. That way,
nothing would be stored across
Dear List,
Small blurp I came around; when Wehntrust creates the autostart key
it forgets to correctly quote the string in the key and thus may
trigger an autostart of c:\program.bat|exe|com up-on reboot... [2]
Quoting [1] :
Any chance you contacted Wehnus about it? The hot fix is just to open
regedit, browse to this key, and place the command line quotes. Minor
problem, but I am sure Matt would have appreciated an email first.
-HD
On Monday 16 January 2006 14:47, Thierry Zoller wrote:
Dear List,
Small blurp I
Dear H Moore,
No sorry, just saw this an hour ago, wrote two lines and send it off
I considered it being to minor to report to the vendor first (Excellent
tool by the way). Now I feel a bit sorry though :(
--
http://secdev.zoller.lu
Thierry Zoller
Fingerprint : 5D84 BFDC CD36 A951 2C45 2E57
On 1/16/06, Roman Medina-Heigl Hernandez [EMAIL PROTECTED] wrote:
Hi,I've been told that Solaris' NS_LDAP_BINDPASSWD could be decrypted. Forinstance:$ ldapclient -lNS_LDAP_FILE_VERSION= 1.0NS_LDAP_BINDDN=cn=proxyagent,ou=profile,dc=blr03-01,dc=india,dc=sun,dc=com
NS_LDAP_BINDPASSWD=
I disclosed the following issues at ShmooCon 2006
http://www.shmoocon.org/ during my VoIP Wireless Phone Security
Analysis presentation.
Thanks,
--scm
===
DATE:
16 January, 2006
VENDOR:
ACT – Advantage Century Telecommunication
I disclosed the following issue at ShmooCon 2006
http://www.shmoocon.org/ during my VoIP Wireless Phone Security
Analysis presentation.
Thanks,
--scm
===
DATE:
16 January, 2006
VENDOR:
Senao
VENDOR NOTIFIED:
7 December, 2005
I disclosed the following issue at ShmooCon 2006
http://www.shmoocon.org/ during my VoIP Wireless Phone Security
Analysis presentation.
Thanks,
--scm
===
DATE:
16 January, 2006
VENDOR:
Clipcomm
VENDOR NOTIFIED:
14 December, 2005
I disclosed the following issue at ShmooCon 2006
http://www.shmoocon.org/ during my VoIP Wireless Phone Security
Analysis presentation.
Thanks,
--scm
===
DATE:
16 January, 2006
VENDOR:
MPM - http://www.mpn.com.tw
VENDOR NOTIFIED:
7
I disclosed the following issue at ShmooCon 2006
http://www.shmoocon.org/ during my VoIP Wireless Phone Security
Analysis presentation.
Thanks,
--scm
===
DATE:
16 January, 2006
VENDOR NOTIFIED:
7 December, 2005
VENDOR:
Zyxel
I disclosed the following issue at ShmooCon 2006
http://www.shmoocon.org/ during my VoIP Wireless Phone Security
Analysis presentation.
Thanks,
--scm
===
VENDOR:
Clipcomm
VENDOR NOTIFIED:
7 December, 2005
PRODUCT:
Clipcomm CP-100E
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDKSA-2006:014
http://www.mandriva.com/security/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDKSA-2006:015
http://www.mandriva.com/security/
Name: SunJavaUpdateSched
Value: C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
Meaning that Windows will attempt to execute
C:\Program.exe first, and then the rest of the path if that doesnt exist.
Might be a bug in the old version I havent
updated yet. Not a very critical bug,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDKSA-2006:016
http://www.mandriva.com/security/
Bojan wrote:
The libsldap library obviously can decrypt this, so it should be easy to
write a tool which will do this (once you know how encryption/decryption
works). But, from the text above, it's pretty clear that this is not a
one way function.
Since NS1 mechanism is pretty old, I cannot
sorry, earlier email seems to have not gotten through
--- Forwarded message follows ---
To: full-disclosure@lists.grok.org.uk
Subject:WEP-Client-Communication-Dumbdown (WCCD) Vulnerability
Date sent: Mon, 16 Jan 2006 17:23:09 +0800
On Mon, 16 Jan 2006, GroundZero Security wrote:
New version of GroundZero Secure Delete which also supports securely wiping
of Free Space on a Device, has been released!
A free trial can be downloaded here:
http://www.groundzero-security.com/software/g0-SecureDelete-Trial.zip
An exe? No
On Mon, 16 Jan 2006 22:56:22 CST, J.A. Terranson said:
On Mon, 16 Jan 2006, GroundZero Security wrote:
New version of GroundZero Secure Delete which also supports securely wiping
An exe? No source??? Just setup.exe Are you crazy?
Setup.exe and no source. Not crazy - Ground Zero
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory [ERRATA UPDATE]GLSA 200601-09:02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
Hi,
GroundZero Security wrote:
New version of GroundZero Secure Delete which also supports securely
wiping of Free Space on a Device, has been released! A free trial can
be downloaded here:
from the list charter: Gratuitous advertisement, product placement, or
self-promotion is forbidden.
32 matches
Mail list logo