[Full-disclosure] [CVE-2012-1574] Apache Hadoop user impersonation vulnerability

2012-04-06 Thread Aaron T. Myers
Hello, Users of Apache Hadoop should be aware of a security vulnerability recently discovered, as described by the following CVE. In particular, please note the Users affected, Versions affected, and Mitigation sections. Best, Aaron -- Aaron T. Myers Software Engineer, Cloudera CVE-2012-1574:

Re: [Full-disclosure] [funsec] mac trojan

2012-04-06 Thread Charlie Derr
On 04/05/2012 10:30 AM, RandallM wrote: can someone tell me what effects there are to being infected with flashback? signs? google search just brings up the same same news stories. also, if one is.. it seems there are some files that cannot be recovered so new install necessary? No

[Full-disclosure] Shakacon CFP - Extended Deadline: April 13, 2012

2012-04-06 Thread Shakacon
Thanks to everyone for all the submissions received and the committee is evaluating them for selection. If you are on the fence about submitting remember - All selected speakers will receive compensation to cover Airfare and 2 hotel nights in Honolulu, Hawaii. Not to mention you get to hang out

Re: [Full-disclosure] mac trojan

2012-04-06 Thread Carl Thomas Guething
http://www.f-secure.com/v-descs/trojan-downloader_osx_flashback_i.shtml Regards, T On Thu, Apr 5, 2012 at 10:30 AM, RandallM randa...@fidmail.com wrote: can someone tell me what effects there are to being infected with flashback? signs? google search just brings up the same same news

[Full-disclosure] Drop box

2012-04-06 Thread Fatherlaptop
Ever do a google query for public and or shared files? From: Randy It's an iPhone Thang! Was learning cursive necessary? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by

[Full-disclosure] PenTest Market is for FREE Now

2012-04-06 Thread Krzysztof Marczyk
We have great news for you. You can have PenTest Market for free now. Just create a free account and enjoy 50 pages of PenTest Market for FREE every month! Register now from this link: http://pentestmag.com/wp-login.php?action=register For those who didn’t have the opportunity to become familiar

Re: [Full-disclosure] PenTest Market is for FREE Now

2012-04-06 Thread John Jacobs
{SNIP} If you wonder: What emplyers expect from pentesters/ IT security specialists? Would it be premature of me to think one of the things emplyers [sic] would expect would be proper spelling and proofreading, especially when making a product announcement peddling my wares? Cheers, John

Re: [Full-disclosure] PenTest Market is for FREE Now

2012-04-06 Thread Dave
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 05/04/2012 15:28, Krzysztof Marczyk wrote: We have great news for you. You can have PenTest Market for free now. Just create a free account and enjoy 50 pages of PenTest Market for FREE every month! Register now from this link:

[Full-disclosure] Dolibarr ERP CRM OS Command Injection

2012-04-06 Thread Nahuel Grisolia
Dolibarr ERP CRM OS Command Injection === 1. Advisory Information Date published: 2012-4-6 Vendors contacted: Dolibarr Release mode: Coordinated release 2. Vulnerability Information Class: Injection Remotely Exploitable: Yes Locally Exploitable: Yes 3. Software