On Tue, Dec 9, 2008 at 9:50 PM, Some Guy Posting To Full Disclosure
[EMAIL PROTECTED] wrote:
a stupid fat kid attempting to be funny with his freinds
This is a serious mailing list not one where there are kids fooling
around, they would be too scared to post here because of the military,
==
Secunia Research 09/12/2008
- Microsoft Hierarchical FlexGrid Control Integer Overflows -
==
Table of Contents
Affected
__
Insomnia Security Vulnerability Advisory: ISVA-081209.1
___
Name: IE Webdav Request Parsing Heap Corruption Vulnerability
Released: 09 December 2008
Vendor
Hi all. ISOI is once again happening, and back to the States.
Almost final agenda: http://isotf.org/isoi6.html
As usual, while attendance is limited to the folks who are busy saving the
Internet/fighting crime, it is free of charge.
Once again we offer the public at-large the opportunity to
On Tue, Dec 09, 2008 at 04:11:48PM +0200, James Matthews wrote:
German banks are some of the oldest in the world. This is pretty scary
however it is also the reality of germanys new laws... I hope they find it
soon and protect the people that need to be protected
Update to SEC Consult Security Advisory 20081210-0
(Microsoft SQL Server sp_replwritetovarbin limited memory overwrite
vulnerability)
===
Summary:
By calling the extended stored procedure sp_replwritetovarbin
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-1684[EMAIL PROTECTED]
http://www.debian.org/security/ Devin Carraway
December 10, 2008
Found in August, I tried to alert facebook as quickly as was possible
- however I received no further correspondence to my communications.
At time of writing, it was possible to exploit both Firefox 3 and IE 7
- by simply using an IFRAME or even an object tag. (Dependant on the
browser target)
i like ur email. will note it.
On Tue, Dec 9, 2008 at 4:50 PM, Some Guy Posting To Full Disclosure
[EMAIL PROTECTED] wrote:
ok this is what this whole thing looks like to me:
To n3td3v:
You often post ideas and express your opinion to this list. The some
(often the more liberal) of us
this is not a serious mailing list. this is an announcement nd a
bitching list. there r serious mailing lists, and im on sum. this
aint 1.
On Wed, Dec 10, 2008 at 3:51 AM, n3td3v [EMAIL PROTECTED] wrote:
On Tue, Dec 9, 2008 at 9:50 PM, Some Guy Posting To Full Disclosure
[EMAIL PROTECTED]
no, n3tdev, u r wrong. again.
if we email u in private, u forward the email 2 the list? u do the
same thing, 2 every1! do we need to pull up the archives 2 prove it?
dont be hypocritical.
im not trying 2 get u down 2 my level. i really am trying 2 get u 2
leave. pretty simple.
On Tue, Dec
now, what is the point in sending this out to the list, if no1 ever
enforces any part of it?
On Wed, Dec 10, 2008 at 5:13 AM, John Cartwright [EMAIL PROTECTED] wrote:
[Full-Disclosure] Mailing List Charter
John Cartwright [EMAIL PROTECTED]
- Introduction Purpose -
This document serves as
[Full-Disclosure] Mailing List Charter
John Cartwright [EMAIL PROTECTED]
- Introduction Purpose -
This document serves as a charter for the [Full-Disclosure] mailing
list hosted at lists.grok.org.uk.
The list was created on 9th July 2002 by Len Rose, and is primarily
concerned with
Care to share a few with the rest of us :).
Sent from my Verizon Wireless BlackBerry
-Original Message-
From: Ureleet [EMAIL PROTECTED]
Date: Wed, 10 Dec 2008 08:42:22
To: n3td3v[EMAIL PROTECTED]
Cc: full-disclosure@lists.grok.org.uk
Subject: Re: [Full-disclosure] We're letting the bad
On Wed, Dec 10, 2008 at 1:44 PM, Ureleet [EMAIL PROTECTED] wrote:
now, what is the point in sending this out to the list, if no1 ever
enforces any part of it?
On Wed, Dec 10, 2008 at 5:13 AM, John Cartwright [EMAIL PROTECTED] wrote:
[Full-Disclosure] Mailing List Charter
Because it's up to
Hello list,
I'm glad to let you know that a new version of sapyto, the SAP Penetration
Testing Framework, is available.
You can download it by accessing the following link:
http://www.cybsec.com/EN/research/sapyto.php
News in this version:
-
This version is mainly a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Core Security Technologies - CoreLabs Advisory
http://www.coresecurity.com/corelabs/
Microsoft Word Malformed FIB Arbitrary Free Vulnerability
1. *Advisory Information*
Title: Microsoft Word Malformed FIB Arbitrary Free
---
[ iViZ Security Advisory 08-01310/12/2008 ]
---
iViZ Techno Solutions Pvt. Ltd.
---
[ iViZ Security Advisory 08-01610/12/2008 ]
---
iViZ Techno Solutions Pvt. Ltd.
---
[ iViZ Security Advisory 08-01510/12/2008 ]
---
iViZ Techno Solutions Pvt. Ltd.
---
[ iViZ Security Advisory 08-01210/12/2008 ]
---
iViZ Techno Solutions Pvt. Ltd.
---
[ iViZ Security Advisory 08-01410/12/2008 ]
---
iViZ Techno Solutions Pvt. Ltd.
---
[ iViZ Security Advisory 08-01110/12/2008 ]
---
iViZ Techno Solutions Pvt. Ltd.
Like tiny Link holding the almighty Triforce braced overhead glinting in the
sunlight, so too shall we raise up PCI to the heavens as our shining,
guiding light of all things good; it will save us from all evils, so shall
it be...
You should revisit this opinion after you're out of school and in
Hrm,
Are you talking about linux AV by F-Secure or linux AV by F-Prot.
These are different companies. Also, a short glance on both company
websites tells pretty much that neither have 4.X strain as the latest.
Usually when posting vulns on software it's recommended to use the latest
and greatest
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200812-09
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200812-10
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
Michael Krymson wrote:
Like tiny Link holding the almighty Triforce braced overhead glinting in the
sunlight, so too shall we raise up PCI to the heavens as our shining,
guiding light of all things good; it will save us from all evils, so shall
it be...
You should revisit this opinion after
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Financial IT has much competence, the problem is the red tape and
politics that many face when trying to get the job done, but then
again, you have that everywhere, I am just venting/lamenting over
it...
On Wed, 10 Dec 2008 12:23:38 -0500 Luke Scharf
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
You should revisit this opinion after you're out of school and in
the workforce for 5 years. :)
6 years and counting, a little cynicism never hurt anyone. On a
side note, I am well aware of the impact that PCI has had on the
industry(currently
Also money transfers are traceable I am guessing that they also have EC
card data.
On Wed, Dec 10, 2008 at 2:06 PM, Jost Krieger
[EMAIL PROTECTED][EMAIL PROTECTED]
wrote:
On Tue, Dec 09, 2008 at 04:11:48PM +0200, James Matthews wrote:
German banks are some of the oldest in the world.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
iDefense Security Advisory 12.09.08
http://labs.idefense.com/intelligence/vulnerabilities/
Dec 09, 2008
I. BACKGROUND
Excel is the spreadsheet application included with Microsoft Corp.'s
Office productivity software suite. More information is
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2008:240
http://www.mandriva.com/security/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Title: CA ARCserve Backup LDBserver Vulnerability
CA Advisory Date: 2008-12-10
Reported By:
Dyon Balding of Secunia Research
Impact: A remote attacker can cause a denial of service or execute
arbitrary code.
Summary: CA ARCserve Backup
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200812-11
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - -
Hi all,
I am happy to announce the availability of our Browser Security Handbook
- a comprehensive, 60-page document meant to provide web application
developers and information security researchers with a one-stop reference
to several hundred key security properties and sometimes
Asterisk Project Security Advisory - AST-2008-012
++
| Product| Asterisk|
On Tue, Dec 9, 2008 at 2:41 PM, Facebook IsBuggy
[EMAIL PROTECTED] wrote:
Found in August, I tried to alert facebook as quickly as was possible
- however I received no further correspondence to my communications.
At time of writing, it was possible to exploit both Firefox 3 and IE 7
- by
Full Disclosure peeps, some new content to consume.
NEW FREE WEBCAST - Oracle Database Forensics
Black Hat's webcast series continues with another powerful presentation from
a popular Black Hat speaker. This month's presenter is David Litchfield of
NGS software, speaking on Oracle database
Hi everyone!
Is it just me, or is it normal for everyone else *not* to usually see
the entire exploit notification, e.g.,
subject line in client:
[Full-disclosure] [ GL** #-0* ] Critical Squirrel Meat Timer v.
371117a Threat to Earth and All Inhabitants
40 matches
Mail list logo