-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
__
SUSE Security Announcement
Package:subversion
Announcement ID:SUSE-SA:2009:044
Date:
#
#
# COMPASS SECURITY ADVISORY
# http://www.csnc.ch/en/downloads/advisories.html
#
#
#
# Product: Snom VoIP/SIP Phones (Snom300, Snom320, Snom360,
#Snom370,
Hi Everyone,
We received a lot of emails from different people asking us what
happened to our blog at http://secreview.blogspot.com. What
happened is we decided to shut down operations because we don't
have time to keep doing reviews. We also don't have time to redo
reviews which is needed
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA-1861-1secur...@debian.org
http://www.debian.org/security/ Nico Golde
August 13th, 2009
ShineShadow Security Report 14082009-08
TITLE
ICQ 6.5 HTML-injection vulnerability
BACKGROUND
With more than 700 million instant messages sent and received every day, ICQ
has been known to the online community as a messaging service. Today, a little
more than a decade after the first ICQ
Tavis Ormandy pisze:
Linux NULL pointer dereference due to incorrect proto_ops initializations
-
Quick and dirty exploit for this one:
http://www.frasunek.com/proto_ops.tgz
--
* Fido: 2:480/124 ** WWW:
Please bring it back. It was a nice blog, or send me an archive of the ut.
Thankx
./Chuks
On 8/13/09, secrev...@hushmail.me secrev...@hushmail.me wrote:
Hi Everyone,
We received a lot of emails from different people asking us what
happened to our blog at http://secreview.blogspot.com.
Title : ByPass a BlueCoat Proxy 8100 Serie (authentification request AND
eventually the 3rd party url filtering solution)
Date : 14/08/2009
Author : Antoine Santo
**
Test one : Try to browse http://www.fcnantes.com/
Result : I
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Is it working on all versions ?
Le 14 août 09 à 15:10, anto...@santo.fr a écrit :
Title : ByPass a BlueCoat Proxy 8100 Serie (authentification
request AND eventually the 3rd party url filtering solution)
Date : 14/08/2009
Author : Antoine
**
Test two : i just add a spoofed http header REFERER to a whitelisted
(localdatabase) site
Result : W00t !!
**
hi!
Should this fix work against the nullpointer linux kernel vulnerability?
Should it break any services on a usual LAMP machine?
thx,
ps: sorry i lost the header for original message
maxigas
So, here's the contents of disabled-protocols .
maxigas maxi...@anargeek.net wrote:
hi!
Should this fix work against the nullpointer linux kernel vulnerability?
It looks incomplete, I don't see PF_ISDN or PF_IUCV, for example.
But this general approach looks fine, and is actually what Red Hat have
reccommended to their customers.
From: Sebastien gioria s...@gioria.org
Is it working on all versions ?
Tested version :
- Software version: SGOS 5.2.4.14 Proxy Edition
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2009:202
http://www.mandriva.com/security/
**
Test two : i just add a spoofed http header REFERER to a whitelisted
(localdatabase) site
Result : W00t !!
**
For those who have been living under a rock for the past two days, an
exploit exists for Julien Tinnes/Tavis Ormandy's sendpage vulnerability
in all Linux kernels since 2001.
My exploit works on 2.4, 2.6, x86, x64, 4k stacks, 8k stacks,
with/without cred framework, bypasses mmap_min_addr in
Excellent catch! This bug report has been sited from many places now.
Thanks to Tavis Ormandy and Julien Tinnes.
--
Soo-Hyun
(s.c...@hackers.org.uk)
On Thu, Aug 13, 2009 at 19:57, Tavis Ormandytav...@sdf.lonestar.org wrote:
Linux NULL pointer dereference due to incorrect proto_ops
On Fri, 14 Aug 2009 14:53:06 EDT, Brad Spengler said:
Congrats Linus on screwing over all the vendors and every Linux user
by forcing disclosure of the bug before vendors could ship out updated
kernels. Your patch applies well to their binary packages.
Poor Linus can't catch a break. Just
Hello auto793...@hushmail.com,
As I've previously mentioned, I did not write the first (very boring,
uninteresting, technically incorrect) email.
It is certainly the case that BART uses stored value cards. BART admits
this if you ask them. However, basically everything else in that email
is
Hi,
**
Test two : i just add a spoofed http header REFERER to a whitelisted
(localdatabase) site
Result : W00t !!
i think it basically means 'to a site thats been configured as allowed in the
configuration of the BC' - allowed = whitelisted, int he configuration =
localdatabase
alan
Alan,
The Bluecoat 8100-C I'm going through has 27 policies in the Web
Access Layer. The first policy is configured to
Was wondering what FD's opinions were on fusion centers.
www.aclu.org/fusion
They are essentially COINTELPRO survellience techniques employed by
the FBI-State-Local police to gather intelligence on people.
And yeah, you guys fall into the scope. I was wondering what your
opinions were on this
22 matches
Mail list logo