-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
--
VMware Security Advisory
Advisory ID: VMSA-2012-0001
Synopsis:VMware ESXi and ESX updates to third party library
and ESX Service Console
Issue
Beautiful would have become
Like a winter blossom
Died too soon
On 01/30/2012 10:56 AM, joernchen of Phenoelit wrote:
> Hi,
>
> FYI, see attached.
>
> cheers,
>
> joernchen
>
>
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-2398-1 secur...@debian.org
http://www.debian.org/security/Moritz Muehlenhoff
January 30, 2012
On Mon, 30 Jan 2012, Henri Salo wrote:
> On Mon, Jan 30, 2012 at 02:56:26PM +0100, joernchen of Phenoelit wrote:
> > Hi,
> >
> > FYI, see attached.
> >
> > cheers,
> >
> > joernchen
> > --
> > joernchen ~ Phenoelit
> > ~ C776 3F67 7B95 03BF 5344
> > http://www.phenoelit.de ~ A46A 7199 8B7B 7
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
ZDI-12-020 : IBM SPSS VsVIEW6.ocx ActiveX Control Multiple Methods
Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-12-020
January 30, 2012
- -- CVE ID:
CVE-2012-0189
- -- CVSS:
7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P
- --
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
ZDI-12-019 : IBM SPSS mraboutb.dll ActiveX Control SetLicenseInfoEx
Method Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-12-019
January 30, 2012
- -- CVE ID:
CVE-2012-0188
- -- CVSS:
7.5, AV:N/AC:L/Au:N/C:P/I:P/A
On Mon, Jan 30, 2012 at 02:56:26PM +0100, joernchen of Phenoelit wrote:
> Hi,
>
> FYI, see attached.
>
> cheers,
>
> joernchen
> --
> joernchen ~ Phenoelit
> ~ C776 3F67 7B95 03BF 5344
> http://www.phenoelit.de ~ A46A 7199 8B7B 756A F5AC
This seems to be CVE-2012-0809 and reported to Gentoo
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Played with this for a year or so.. It's OSS easy to use and understand, uses
recognised components, easy to hack and bend to your whim.
http://www.honeynet.org
https://projects.honeynet.org/honeywall/
http://www.honeynet.pk/honeywall/roo/index.htm
On Mon, Jan 30, 2012 at 02:56:26PM +0100, joernchen of Phenoelit wrote:
> Hi,
>
> FYI, see attached.
>
> cheers,
>
> joernchen
Reported to Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=657985
- Henri Salo
___
Full-Disclosure - We believe
Hi there,
You may first need identify the purpose of using it.
- If you want to collect malwares exploiting Windows vulnerabilities,
you've Nepenthes which is a low-interaction honeypot. It can be easily
installed in Debian from the official repo.
- If you're looking something to dete
Hi,
FYI, see attached.
cheers,
joernchen
--
joernchen ~ Phenoelit
~ C776 3F67 7B95 03BF 5344
http://www.phenoelit.de ~ A46A 7199 8B7B 756A F5AC
Phenoelit Advisory
[ Authors ]
joernchen
Phenoelit Group (http://www.phenoelit.de)
[ Affected Products ]
sudo 1.8.
Here is a short step by step guide on how to make a honeypot.
1.Acquire a pot, refer to some other guide on how to do this.
2.Acquire some honey, refer to some other guide on how to do this.
3.Put honey in pot, refer to some other guide on how to do this.
4.Congratulations you now have a honeypot!
In terms of SSH honeypots Kojoney (http://kojoney.sourceforge.net/) is
very good but is sort of abandoned, so be prepared to do your own
customization. I hear very good things about Kippo
(https://code.google.com/p/kippo/) as well. For HTTP I ran Glastopf
(http://glastopf.org/) for a while but ne
On Mon, 30 Jan 2012 01:22:23 PST, "Zach C." said:
> (Fair use being the main exception there, but fair use usually implies
> something distinctive being done to the work, too, as opposed to minor
> editing/shitty encoding. Feel free to correct!)
Two of the major areas of fair use *are* "minor edi
http://www.sans.org/security-resources/idfaq/honeypot3.php
good paper on how to build your own and some links to commercial products.
Sorry for the pooh add em. Still recovering from open heart surgery and the
meds get to me...
bma
- Original Message -
From: Jerry dePriest
To: full
winnie the pooh would know... (had to)
bma
- Original Message -
From: lallant...@tvazteca.com.mx
To: J. von Balzac
Cc: Full Disclosure ; Security Basics ; listbou...@securityfocus.com
Sent: Friday, January 27, 2012 12:56 PM
Subject: [Full-disclosure] honeypots
i am looking for a go
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201201-19
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201201-18
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
Saw this subject on the work email. Follow this list to learn random stuff
ans stay informed, so thanks for all your posts and such.
Also do the music thing, and I can tell you that if you ask ten musicians who
write and record their own music, you'll get ten different answers. From
personal
On Sat, Jan 28, 2012 at 5:41 PM, Benjamin Kreuter wrote:
> The best compromise I can think of is to treat noncommercial copyright
> infringement like a parking violation: you get a ticket for some small
> but annoying amount of money.
This is the best solution I've seen anywhere, by far. Kudos.
DDoS their boats.
2012/1/28 Laurelai
> On 1/28/2012 3:13 PM, Julius Kivimäki wrote:
>
> Of course I wouldn't, downloading a car would be like stealing a car.
> Piracy is horrible and all the boats used by the pirate scum should be
> taken away.
>
> 2012/1/28 Laurelai
>
>> On this topic i saw t
Of course I wouldn't, downloading a car would be like stealing a car.
Piracy is horrible and all the boats used by the pirate scum should be
taken away.
2012/1/28 Laurelai
> On this topic i saw this
> https://thepiratebay.org/torrent/6960965/1970_Chevelle_Hot-Rod_3d_model
> , real question is wo
Twitter said recently they would start deleting posts in countries that
require it but the tweets would still be visible to the rest of the world
http://www.cnn.com/2012/01/27/tech/twitter-deleting-posts/index.html
On Jan 28, 2012 1:40 PM, "RandallM" wrote:
> is posting attacking us gov site, or
How does this compete with already existing tools?
2012/1/28 sandeep k
>
> This is an automatic SQL Injection tool called as FatCat, Use of FatCat
> for testing your web application and exploit your application more deeper.
> FatCat Features that help you to extract the Database information, Tab
i am looking for a good honeypot
thanks___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Title:
==
FAA US Academy (AFS) - Auth Bypass Vulnerability
Date:
=
2012-01-28
References:
===
http://vulnerability-lab.com/get_content.php?id=171
VL-ID:
=
171
Introduction:
=
This is a FAA computer system. FAA computer systems are provided for the
processing
Title:
==
ME Monitoring Manager v9.x; v10.x - Multiple Vulnerabilities
Date:
=
2012-01-27
References:
===
http://www.vulnerability-lab.com/get_content.php?id=115
VL-ID:
=
115
Introduction:
=
Mit dem ManageEngine Applications Manager können IT-Administratoren
Title:
==
eBank IT Online Banking - Multiple Web Vulnerabilities
Date:
=
2012-01-26
References:
===
http://www.vulnerability-lab.com/get_content.php?id=313
VL-ID:
=
313
Introduction:
=
As a leading provider of innovative online banking software solutions,
eB
I fear the day when he finally succeeds in making enough people
believe he's a real security researcher. I wish attrition.org did a
piece on him in the "charlatans" section.
2012/1/30 Peter Osterberg :
> This is Juan Sacco's new spam puppet. He just posted the same thing using
> his real name else
Just to be clear, what's been done in the name of intellectual property
protection is fucking ridiculous. I just do not see how getting something
someone put a non-zero value of work and materials into without even so
much as asking or being given permission from the person who made it is
somehow n
This is Juan Sacco's new spam puppet. He just posted the same thing using his
real name elsewhere.
nore...@exploitpack.com skrev:
Exploit Pack - New video! Release - Ultimate 2.1
Check it out! http://www.youtube.com/watch?v=4TrsFry13TU
Exploit Pack Team
http://exploitpack.com
Uhm, that was a ridiculous situation anyway (@illegal primes).
So lets leave it at 'not necessarily'.
On Mon, Jan 30, 2012 at 9:08 AM, Mike Hale wrote:
> Not necessarily.
>
> Look at the effects of people posting DeCSS and the HDDVD keys a while
> back.
>
> The industry ended up giving in p
Not necessarily.
Look at the effects of people posting DeCSS and the HDDVD keys a while back.
The industry ended up giving in precisely because people said, en
masse, "fuck off".
On Mon, Jan 30, 2012 at 12:05 AM, Christian Sciberras wrote:
> No, it follows the fact that vengeance (the "fuck you
No, it follows the fact that vengeance (the "fuck you" Byron mentioned)
isn't fruitful to remedy the situation.
On Mon, Jan 30, 2012 at 8:54 AM, Mike Hale wrote:
> What you said doesn't follow.
>
> Making a digital copy isn't burning down a business. The analogy
> linking 'piracy' with the
34 matches
Mail list logo