[Full-disclosure] NetBSD all versions FireWire IOCTL kernel integer overflow information disclousure

2006-11-15 Thread Rodrigo Rubira Branco (BSDaemon)
-- http://www.kernelhacking.com/rodrigo Kernel Hacking: If i really know, i can hack GPG KeyID: 5E90CA19 Message sent using UebiMiau 2.7.2 NetBSD all versions FireWire IOCTL kernel integer overflow information disclousure 11/15/2006 Notice

[Full-disclosure] DragonFlyBSD all versions FireWire IOCTL kernel integer overflow information disclousure

2006-11-15 Thread Rodrigo Rubira Branco (BSDaemon)
-- http://www.kernelhacking.com/rodrigo Kernel Hacking: If i really know, i can hack GPG KeyID: 5E90CA19 Message sent using UebiMiau 2.7.2 DragonFlyBSD all versions FireWire IOCTL kernel integer overflow information disclousure 11/15/2006

[Full-disclosure] FreeBSD all versions FireWire IOCTL kernel integer overflow information disclousure

2006-11-15 Thread Rodrigo Rubira Branco (BSDaemon)
-- http://www.kernelhacking.com/rodrigo Kernel Hacking: If i really know, i can hack GPG KeyID: 5E90CA19 Message sent using UebiMiau 2.7.2 FreeBSD all versions FireWire IOCTL kernel integer overflow information disclousure 11/15/2006 Notice

[Full-disclosure] TrustedBSD* all versions FireWire IOCTL kernel integer overflow information disclousure

2006-11-15 Thread Rodrigo Rubira Branco (BSDaemon)
-- http://www.kernelhacking.com/rodrigo Kernel Hacking: If i really know, i can hack GPG KeyID: 5E90CA19 Message sent using UebiMiau 2.7.2 TrustedBSD* all versions FireWire IOCTL kernel integer overflow information disclousure 11/15/2006

[Full-disclosure] Outpost Multiple insufficient argument validation of hooked SSDT function Vulnerability

2006-11-15 Thread Matousec - Transparent security Research
Hello, We would like to inform you about a vulnerability in Outpost Firewall PRO 4.0. Description: Outpost Firewall PRO hooks many functions in SSDT and in at least twelve cases it fails to validate arguments that come from user mode. User calls to NtAssignProcessToJobObject, NtCreateKey,

[Full-disclosure] [SECURITY] [DSA 1212-1] New openssh packages fix denial of service

2006-11-15 Thread Noah Meyerhans
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-1212-1[EMAIL PROTECTED] http://www.debian.org/security/ Noah Meyerhans November 15, 2006 -

Re: [Full-disclosure] DoS kiddiots can face 10 years in jail

2006-11-15 Thread Ronald MacDonald
The new law also makes it an offence to supply or make available any software or tools that could be used to commit hacking or denial of service attacks, and those found guilty under this section of the act face up to two years in jail. Not only that, but the reform also targets anyone who

Re: [Full-disclosure] DoS kiddiots can face 10 years in jail

2006-11-15 Thread J.A. Terranson
On Wed, 15 Nov 2006, Ronald MacDonald wrote: I'm worried the Government is tightening the Computer Misuse Act without fully understanding any consequences... Um, isn't that their *job*? Who said they needed to understand anything? -- Yours, J.A. Terranson [EMAIL PROTECTED] 0xBD4A95BF

[Full-disclosure] Kerio WebSTAR local privilege escalation

2006-11-15 Thread K F (lists)
DMA[2006-1115a] - 'Kerio WebSTAR local privilege escalation' Author: Kevin Finisterre Vendor(s): http://www.kerio.com/webstar_home.html Product: 'Kerio WebSTAR = 5.4.2 (?)' References: http://www.digitalmunition.com/DMA[2006-1115a].txt Description: Kerio WebSTAR is an easy-to-use web server

[Full-disclosure] ZDI-06-042: Verity Ultraseek Request Proxying Vulnerability

2006-11-15 Thread zdi-disclosures
ZDI-06-042: Verity Ultraseek Request Proxying Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-06-042.html November 15, 2006 -- CVE ID: CVE-2006-5819 -- Affected Vendor: Verity -- Affected Products: Ultraseek -- TippingPoint(TM) IPS Customer Protection: TippingPoint IPS customers