[Full-disclosure] [SECURITY] [DSA 1715-1] New moin packages fix insufficient input sanitising

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-1715secur...@debian.org http://www.debian.org/security/ Steffen Joeris January 29, 2009

[Full-disclosure] Drupal Imagefield Module Multiple Vulnerabilities

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Drupal Imagefield Module Multiple Vulnerabilities Security Risk: High Exploitable: Remotely Vulnerabilities: Arbitrary File Upload, Cross Site Scripting Discovered by: Justin C. Klein Keane, Andrew Rosborough Tested: Imagefield 5.x-2.2 on Drupal

Re: [Full-disclosure] Drupal Imagefield Module Multiple Vulnerabilities

On Thu, 29 Jan 2009 09:15:46 EST, Justin C. Klein Keane said: Two flaws exist in this module. The first flaw allows for an attacker to upload arbitrary files to the filesystem. The vulnerability allows attackers to upload arbitrary files in place of the 'Default image' specified in the

Re: [Full-disclosure] Drupal Imagefield Module Multiple Vulnerabilities

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hello, in one scenario you allow a Drupal 5.x user to administer content types - to set up new structures for node content. This permission doesn't allow the user to create content, to upload material, or to interact with the filesystem in any

[Full-disclosure] CarolinaCon-V - March 13th-14th 2009

InfoSec professionals, h4x0rs, script kidz, posers, and government spies: CarolinaCon is back for its 5th year! For about the price of your average movie admission with popcorn and a drink ($20), YOU are invited to join us for yet another intimate and informative weekend of technology education.

[Full-disclosure] rPSA-2009-0021-1 sudo

rPath Security Advisory: 2009-0021-1 Published: 2009-01-29 Products: rPath Linux 2 Rating: Major Exposure Level Classification: Local Root Deterministic Privilege Escalation Updated Versions: sudo=conary.rpath@rpl:2/1.6.9p12-3.1-1 rPath Issue Tracking System:

[Full-disclosure] rPSA-2009-0021-1 sudo

rPath Security Advisory: 2009-0021-1 Published: 2009-01-29 Products: rPath Linux 2 Rating: Major Exposure Level Classification: Local Root Deterministic Privilege Escalation Updated Versions: sudo=conary.rpath@rpl:2/1.6.9p12-3.1-1 rPath Issue Tracking System:

[Full-disclosure] Hackery Channel 01-09-01-LOLZ: Cat Spoofing against Flow Control

Security Risk: High Exploitable: Local Vulnerability: Arbitrary Flow Control Control, Cat Spoofing Discovered by: The Hackery Channel Tested: No The Flow Control project is an access control project for a cat. It consists of a cat door, an electromagnetic latch, a access control device, and

[Full-disclosure] [USN-715-1] Linux kernel vulnerabilities

=== Ubuntu Security Notice USN-715-1 January 29, 2009 linux vulnerabilities CVE-2008-5079, CVE-2008-5182, CVE-2008-5300, CVE-2008-5395, CVE-2008-5700, CVE-2008-5702 === A

[Full-disclosure] [USN-716-1] MoinMoin vulnerabilities

=== Ubuntu Security Notice USN-716-1 January 30, 2009 moin vulnerabilities CVE-2008-0780, CVE-2008-0781, CVE-2008-0782, CVE-2008-1098, CVE-2008-1099, CVE-2009-0260, CVE-2009-0312

Re: [Full-disclosure] Hackery Channel 01-09-01-LOLZ: Cat Spoofing against Flow Control

Another cat not carrying prey would also work well. Lots of stray cats like to come in when it is cold so this could very likely happen. The cat the device was bought for could also attract other cats that would follow it into the house. Some cats are quite social and have friends. This