Re: [Full-disclosure] denial-of-service vulnerability in theMicrosoft Malicious Software Removal Tool

Since I'm always for a coding challenge, here goes nothing: http://www.php.net/manual/en/function.disk-total-space.php#95305 It's in PHP though. The gist of it would be disk_total_space and/or disk_free_space. Don't reinvent the wheel is what I say :) Cheers. On Mon, May 24, 2010 at 3:40 AM,

[Full-disclosure] fcc.gov XSS

FCC.gov XSS --- CODE --- http://fjallfoss.fcc.gov/cgi-bin/ws.exe/prod/cdbs/pubacc/prod/leg_det.pl?Application_id=1186791File_number=%3Cscript%20language=%22javascript%22%20type=%22text/javascript%22%3Ealert('h4x0r3d');%3C/script%3E --- CODE --- --oxagast

Re: [Full-disclosure] fcc.gov XSS

There seem to be a few more problems with that script than just that XSS... For example, going to the Application Search page root (the page that takes you to that one, presumably) and selecting literally everything in the Services listbox will net you an error reporting Incorrect syntax near ','

[Full-disclosure] rPSA-2010-0039-1 openssl openssl-scripts

rPath Security Advisory: 2010-0039-1 Published: 2010-05-23 Products: rPath Appliance Platform Linux Service 1 rPath Appliance Platform Linux Service 2 rPath Linux 1 rPath Linux 2 Rating: Minor Exposure Level Classification: Remote User Deterministic Weakness Updated Versions:

[Full-disclosure] Secunia Research: Ziproxy Two Integer Overflow Vulnerabilities

== Secunia Research 24/05/2010 - Ziproxy Two Integer Overflow Vulnerabilities - == Table of Contents Affected

[Full-disclosure] Anybody know about hack0wn website please let me know

Hi List, I am searching for the good website for tracking vulnerabilities and exploits. milw0rm.com is one of the famous website, because it is stopped, which website is providing the best services as milw0rm. i found hack0wn.comwebsite. is this website trust worthy? can we track this website for

Re: [Full-disclosure] Anybody know about 'hack0wn' website please let me know

The Exploit Database http://www.exploit-db.com/ maintained by Offensive Security is being updated in daily basis. Juha-Matti rajendra prasad [rajendra.paln...@gmail.com] wrote: Hi List, I am searching for the good website for tracking vulnerabilities and exploits. milw0rm.com is one of

[Full-disclosure] WhatWeb version 0.4.3 released

I've just released a new version of WhatWeb with new features and plugins. You can read more and download it from http://www.morningstarsecurity.com/research/whatweb DESCRIPTION Identify content management systems

[Full-disclosure] Scientific Atlanta DPC2100 WebSTAR Cable Modem vulnerabilities

=== Scientific Atlanta DPC2100 Cable Modem Cross-Site Request Forgery and Insufficient Authentication May 24, 2010 CVE-2010-2025, CVE-2010-2026 === ==Description== Scientific

[Full-disclosure] SQL injection vulnerability in Zabbix = 1.8.1

Product: Zabbix Vendor: Zabbix SIA References: http://www.securityfocus.com/bid/39752 http://secunia.com/advisories/39119 Software Link: http://www.zabbix.com/ Vulnerable Version: = 1.8.1 Vulnerability Type: SQL Injection Status: Fixed in version 1.8.2 Risk level: Medium Author: David skys

Re: [Full-disclosure] Anybody know about hack0wn website please let me know

I guess just from poking around the site for several seconds and finding obvious SQL injections and numerous copy+pasted code, I would say don't use them lol. /view.php?xroot=80.0+1cat=papers and if they refer to themselves as Elite h4x0rs, you should probably just move on to the next site...