There is a vulnerability in Apple Safari, that allows an attacker to
steal a cookie belonging to the arbitrary domain or/and fill the browser
window with an arbitrary content, whereas the url bar and the browser's
window title is derived from the selected domain.
The flaw exists in the
On Wed, 13 Jun 2007, Robert Swiecki wrote:
The flaw exists in the javascript's window.setTimeout() implementation.
Forgive me the rant, but... all other recently reported problems aside,
seeing this, I can only ask - which rock did Safari developers hide under
for the past 8 years or so?
I
curl 7.15.1 compiled from source on RHEL 4 is not affected. Can
anyone else confirm?
J
On Wed, 13 Jun 2007 06:34:42 -0400 Robert Swiecki
[EMAIL PROTECTED] wrote:
There is a vulnerability in Apple Safari, that allows an attacker
to
steal a cookie belonging to the arbitrary domain or/and fill
Dear all,
Gadi Evron is a brilliant genius, much smarter than Thomas Lim.
J
On Tue, 12 Jun 2007 16:21:56 -0400 [EMAIL PROTECTED] wrote:
On 2007-06-13 02:58+0800, Thomas Lim wrote:
dear all
Dear all, this is not a 0day, it is a public release of a
responsibly
disclosed vulnerability.
Thank
dear all,
thanks for this nice thread.
---
http://www.secgeeks.com
get a blog on SecGeeks :)
register here:-
http://secgeeks.com/user/register
rss feeds :-
http://secradar.com/node/feed
http://www.newskicks.com
Submit and kick for new stories from all around
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
gobbles you sad little backwards retard you really need to get back
on your meds and stop the drinking. your short term memory is
pretty shot. let me help you out here.
Both security groups responded to the Robert Lemos report on the
Neal Krawetz
gobbles/n3td3v,
Please stop trolling this professional forum and filling our inboxes
with this crap. Grow up.
- neal
On Wed, Jun 13, 2007 at 09:24:17AM -0600, jt5944-27a wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
gobbles you sad little backwards retard you really need to get
Multiple Vendor libexif Integer Overflow Heap Corruption Vulnerability
iDefense Security Advisory 06.13.07
http://labs.idefense.com/intelligence/vulnerabilities/
Jun 13, 2007
I. BACKGROUND
Exchangeable image file format (Exif) is an industry standard image
tagging technology used by many
omfgosh. would ppls stop comparing gobbles to n3td3v. they're 2 different
people. one of them was a group that was full of entertainment, the other just
writes too much damn text w/o any fuckin' content whatsoever.
perhaps if you hung out on fd back then, you'd know this already.
kthx.
On
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
[EMAIL PROTECTED] wrote:
On 2007-06-13 02:58+0800, Thomas Lim wrote:
dear all
Dear all, this is not a 0day, it is a public release of a responsibly
disclosed vulnerability.
Yes, indeed it *seems* so:
On 6/13/07, Joanna Rutkowska [EMAIL PROTECTED] wrote:
One (I guess some responsible disclosure purist) could ask why they
waited 6 months before reporting this vulnerability to the vendor? What
were they doing with this exploit for the whole 6 months?
maybe they were waiting for VistaX64 to
On Tue, 12 Jun 2007 [EMAIL PROTECTED] wrote:
Dear all, this is not a 0day
The author never claimed so; in fact, the subject line clearly states it's
a O-day, not a 0-day.
This presumably denotes Saint Onuphrius, commemorated on the day this
advisory got published.
You can now admit to a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 1305-1[EMAIL PROTECTED]
http://www.debian.org/security/ Moritz Muehlenhoff
June 13th, 2007
What is funny however, is that Microsoft, the great supporter of
responsible disclosure actually is the main sponsor (patron) of the
SyScan conference: http://syscan.org/ which is organized by Thomas.
Maybe it's a sign that Microsoft realized that free responsible
disclosure idea is a bit
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Foresight Linux Essential Advisory: 2007-0025-1
Published: 2007-06-13
Rating: Moderate
Updated Versions:
openoffice.org=/[EMAIL PROTECTED]:devel//1//[EMAIL
PROTECTED]:1-devel//1/2.2.1-0.0.1-1
group-dist=/[EMAIL
Subvert Underground Press has connections to Pigslop, an admitted internet
drug-dealer. Pigslop is currently seeking to contract bounty hunter hackers
via his Myspace blog, for malicious activities:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDKSA-2007:121
http://www.mandriva.com/security/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDKSA-2007:122
http://www.mandriva.com/security/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDKSA-2007:123
http://www.mandriva.com/security/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDKSA-2007:124
http://www.mandriva.com/security/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Anyone know where I can get a copy of tcpdfilter?The site on Freshmeat
is gone and Googling doesn't come up with anything
Or is there a replacement for it?
Any help will be much appreciated,
Regards,
Scott
-BEGIN PGP SIGNATURE-
Version:
I am not sure what exactly people do with random hashes. Do you people
try to decrypt using rainbow table or anything similar to that ?
Guys I am in the dark, please help me.
Thanks
Deepan
Month of Random Hashes wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
[ITEM #1]
md5:
22 matches
Mail list logo