-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2011:020
http://www.mandriva.com/security/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2011:020
http://www.mandriva.com/security/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2011:020
http://www.mandriva.com/security/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2011:020
http://www.mandriva.com/security/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2011:020
http://www.mandriva.com/security/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2011:020
http://www.mandriva.com/security/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2011:020
http://www.mandriva.com/security/
+ Vulnerability in HTC Peep: Twitter Credentials Disclosure
http://blog.taddong.com/2011/02/vulnerability-in-htc-peep-twitter.html
Title: Twitter credentials disclosure in HTC Peep mobile app (default HTC
Twitter client)
Vulnerability ID: TAD-2011-001
Credits: This vulnerability was
I found this interesting, so I thought I would share it.
Over the last few years I had amassed quite a number of various gaming system
games that I never used anymore (if at all) so I decided to trade them in at
Best Buy (they do this for store credit). Though $3 for a $50 game wasn't
exactly
I think the fact that they have that info in their systems is pretty awful.
I wouldn't trust them with my personal information. How do you know some
disgruntled employee won't take it all and sell it? Or that their database
servers are insecure? BB have shown that they have incompetent employees
I will start etching my ssn into all my game discs so that they can be
returned to me if ever stolen. That's awesome. Thanks best buy!
On Fri, Feb 4, 2011 at 9:16 AM, Thor (Hammer of God)
t...@hammerofgod.comwrote:
I found this interesting, so I thought I would share it.
Over the last
has anyone use attack surface analyzer?how you use it and make it run on 32
bits system?i wos going get it but only find 64 bits version where i search
look like tis guy use it to found bug in ms own software?cool.
On Fri, Feb 4, 2011 at 11:24 AM, Wesley Kerfoot wja...@gmail.com wrote:
I think the fact that they have that info in their systems is pretty awful.
I wouldn't trust them with my personal information. How do you know some
disgruntled employee won't take it all and sell it? Or that their database
I used to work there and I don't think I can officially say anything yet for
another month or two.
But I'll just say they have problems. I even sent some problems 'up the
chain' and didn't receive any response.
On Fri, Feb 4, 2011 at 10:24 AM, Wesley Kerfoot wja...@gmail.com wrote:
I think the
Hello full disclosure!!
i is like to warn you about is consumer profiling. As is thor state:
they have to send all this information to the Seattle police in case
any of the titles I turned in were reported stolen by someone So I is
must warn you now!!
law enforcement is agencies is concerned
On Fri, 04 Feb 2011 11:39:19 EST, ÐÑигоÑий ÐÑаÑиÑлава said:
ii) 100s is of games are all terrorist games (is proof in titles:
Yes, Barbie's Horse Adventure certainly is terrorism. Why do
the game manufacturers hate our way of life?
pgpuyXHwi2Fte.pgp
Description: PGP
Hey, don't you people have private information laws that deal with this sort of
stuff?
In europe, someone can't store your private information if you haven't
explicitly allowed its storage and usage
scenarios, let alone send it to third party.
Also, they have responsibility to keep your data
2011/2/4 valdis.kletni...@vt.edu:
Yes, Barbie's Horse Adventure certainly is terrorism. Why do
the game manufacturers hate our way of life?
with all due is respect in order; is words like horse adventure
followed by hate our way of life is left with full disclosure list
wondering about
On Fri, 4 Feb 2011, Thor (Hammer of God) wrote:
I found this interesting, so I thought I would share it []
It is interesting. Did you get a sense of whether the policy is
specific to Seattle / King County / Washington?
--
Paul Heinlein heinl...@madboa.com http://www.madboa.com/
No, that didn't come up at the time, but I wondered the same thing. I've not
heard of any rash of XBOX game thievery around, so my feeling is that it's
practiced elsewhere, though I have no evidence of that. The thing is, stealing
a $50 game in order to get $5 or so at Best Buy isn't exactly
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
hi guys,
what is the best way to encrypt the bash_history file?
I try using crypt/decrypt with GPG when login/logout. It works, but not
safe enough.
Example:
On .bashrc: gpg -e -r ...UID... .bash_history
and on .bash_logout: gpg -d -e ...UID...
On Fri, 04 Feb 2011 16:06:06 -0300, Zerial. said:
what is the best way to encrypt the bash_history file?
I try using crypt/decrypt with GPG when login/logout. It works, but not
safe enough.
Explain what the threat model is, and why GPG isn't safe enough? It's kind of
hard to recommend best
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 02/04/11 16:13, valdis.kletni...@vt.edu wrote:
On Fri, 04 Feb 2011 16:06:06 -0300, Zerial. said:
what is the best way to encrypt the bash_history file?
I try using crypt/decrypt with GPG when login/logout. It works, but not
safe enough.
Not had a chance to test yet but what is the difference to this and Baseline
Security Analyzer? I see its listed as a seperate download but looks to do
roughly the same thing from a quick read through..
Eddie McGhee
Remote Support Services
NCR Corporation
phone: +44 (0) 1698 838068
On Fri, Feb 04, 2011 at 04:18:53PM -0300, Zerial. wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 02/04/11 16:13, valdis.kletni...@vt.edu wrote:
On Fri, 04 Feb 2011 16:06:06 -0300, Zerial. said:
what is the best way to encrypt the bash_history file?
I try using crypt/decrypt
On Fri, 04 Feb 2011 16:18:53 -0300, Zerial. said:
The way is not safe enough. root can login as me (su - user) and
bash_history will be decrypted. I try to find any better way to crypt
and make unreadable the bash_history file from any other users,
including root.
Agreed. GPG makes the
Thor,
Who knows what drug addicts would do to get some dough. We should know this
from our friend, Mr A. A (*The* iPad Hacker ;).
Jokes aside, I don't understand what the fuss is since they already had this
info when you signed up your license.
I don't see matching a couple of games with your
To give this a little more perspective, one of our neighbors here in Seattle is
a painter, and his trailer full of painting supplies was stolen. He estimated
that the value of the trailer and supplies was $20-$30K. The police told him
that they didn't have the bandwidth to pursue thefts of
Fwiw, some public forums on BestBuy discuss this...
http://forums.bestbuy.com/t5/Best-Buy-Geek-Squad-Policies/For-a-Return-they-scan-your-ID-Don-t-think-so/m-p/218912
http://forums.bestbuy.com/t5/Best-Buy-Geek-Squad-Policies/Driver-s-License-required-for-return/td-p/234098
Hello Laurent!
You are very intelligent man, as I see from this and previous your letter
(in 2010).
You need to take into account the next:
1. I know better where to send.
2. If you write shitty stuff, then it doesn't mean that other do the same.
3. No need to think and state instead of other
If you announce you're going to block someone, doesn't that just entice
them to just register throw away email accounts to send you messages
because your first reaction is to block it? How about signing you up for
gay porn? Political mailing lists?
On 02/04/2011 04:49 PM, MustLive wrote:
5.
Trustwave's SpiderLabs Security Advisory TWSL2011-001:
Vulnerabilities in Comcast DOCSIS 3.0 Business Gateways
(SMCD3G-CCR)
https://www.trustwave.com/spiderlabs/advisories/TWSL2011-002.txt
Published: 2011-02-04
Version: 1.0
Vendor: Comcast (http://comcast.com) and SMC (http://www.smc.com)
CVE-2010-3718 Apache Tomcat Local bypass of security manger file permissions
Severity: Low
Vendor: The Apache Software Foundation
Versions Affected:
- Tomcat 7.0.0 to 7.0.3
- Tomcat 6.0.0 to 6.0.?
- Tomcat 5.5.0 to 5.5.?
- Earlier, unsupported versions may also be affected
Description:
When
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
CVE-2010-3718 Apache Tomcat Local bypass of security manger file permissions
Severity: Low
Vendor: The Apache Software Foundation
Versions Affected:
- - Tomcat 7.0.0 to 7.0.3
- - Tomcat 6.0.0 to 6.0.?
- - Tomcat 5.5.0 to 5.5.?
- - Earlier,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
The original report is [1].
Tomcat is affected when accessing a form based security constrained
page or any page that calls javax.servlet.ServletRequest.getLocale() or
javax.servlet.ServletRequest.getLocales().
Work-arounds have been implemented in
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
CVE-2011-0534 Apache Tomcat DoS vulnerability
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected:
- - Tomcat 7.0.0 to 7.0.6
- - Tomcat 6.0.0 to 6.0.30
Description:
Tomcat did not enforce the maxHttpHeaderSize limit while
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
CVE-2011-0013 Apache Tomcat Manager XSS vulnerability
Severity: Low
Vendor: The Apache Software Foundation
Versions Affected:
- - Tomcat 7.0.0 to 7.0.5
- - Tomcat 6.0.0 to 6.0.29
- - Tomcat 5.5.0 to 5.5.31
- - Earlier, unsupported versions may also
Hey Sparky,
One of the many many thing you didn't understand during the past 5 years is
that you should probably try to identify and fix your stuff on *your*
website, before spamming this ML with your crap.
cf:
http://www.zone-h.org/mirror/id/11367858
e-tard.
38 matches
Mail list logo