[Full-disclosure] Operation Bring Peace To Machines - Mission 1 (nmap2cpe)

Your sound card works perfectly. Enjoying yourself? It doesn't get any better than this! Ready to serve. Yes? My lord? What is it? http://seclists.org/nmap-dev/2010/q3/278 Good luck! /JA Ref: http://www.wowwiki.com/Quotes_of_Warcraft_II ___

Re: [Full-disclosure] Fwd: 0-DAY XSS of cforms II is now fixed after a year and four months (was Re: cforms WordPress Plugin Cross Site Scripting Vulnerability - CVE-2010-3977)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Dear Kousuke, First of all, let me clarify that the disclosure process has been entirely coordinated by me, and thus, Wagner, Conviso and Check Point have no responsibilities over any mistake I eventually made. Anyway, just to clarify your points:

[Full-disclosure] IETF I-D: Security and Interoperability Implications of Oversized IPv6 Header Chains

Folks, FYI, we've published a new IETF I-D entitled Security and Interoperability Implications of Oversized IPv6 Header Chains. The I-D is available at: http://tools.ietf.org/id/draft-gont-6man-oversized-header-chain-00.txt Any feedback will be very welcome. Thanks, -- Fernando Gont SI6

[Full-disclosure] Context IS Advisory - SAP AG Netweaver 7.02 Remote Code Execution

===ADVISORY=== Systems Affected: SAP AG Netweaver 7.02 Severity: High Category: Remote Code Execution Author: Nico Leidecker, Context Information Security Ltd Reported to vendor: 29th

[Full-disclosure] Pandora FMS v4.0.1 - Local File Include Vulnerability

Title: == Pandora FMS v4.0.1 - Local File Include Vulnerability Date: = 2012-02-17 References: === http://www.vulnerability-lab.com/get_content.php?id=435 VL-ID: = 435 Introduction: = Pandora FMS is a monitoring Open Source software. It watches your systems

[Full-disclosure] Facebook NYClubs - Multiple Web Vulnerabilities

Title: == Facebook NYClubs - Multiple Web Vulnerabilities Date: = 2012-02-17 References: === http://www.vulnerability-lab.com/get_content.php?id=440 VL-ID: = 440 Introduction: = The application is currently included and viewable by all facebook users. The

[Full-disclosure] 0-DAY XSS of cforms II is now fixed after a year and four months (was Re: cforms WordPress Plugin Cross Site Scripting Vulnerability - CVE-2010-3977)

I've reported the following XSS vulnerability in cforms II. This vulnerability has been fixed on February 14, 2012 by its developer. WordPress cformsII Plugin rs Cross-Site Scripting Vulnerability - Secunia.com http://secunia.com/advisories/47984/ You might see this is a normal XSS

[Full-disclosure] 0-DAY XSS of cforms II is now fixed after a year and four months (was Re: cforms WordPress Plugin Cross Site Scripting Vulnerability - CVE-2010-3977)

I've reported the following XSS vulnerability in cforms II. This vulnerability has been fixed on February 14, 2012 by its developer. WordPress cformsII Plugin rs Cross-Site Scripting Vulnerability - Secunia.com http://secunia.com/advisories/47984/ You might see this is a normal XSS

Re: [Full-disclosure] Fwd: 0-DAY XSS of cforms II is now fixed after a year and four months (was Re: cforms WordPress Plugin Cross Site Scripting Vulnerability - CVE-2010-3977)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Dear Rodrigo, Thanks for your response. And I had misunderstood about some points. At first, I apologize about that. I sent to the developer a complete advisory, including the exploit code. Is that advisory the same of