Re: [Full-Disclosure] Merry Christmas worm (Zafi.D) is spreading now. Beware!

On Tue, 14 Dec 2004 10:49:48 +0100, Feher Tamas said: An apparently brands new D version of the ZAFI worm, with Merry Christmas! subject and animated fucking smiley icons on the inside is spreading Postcard.HTML.blahblah.. dot ZIP/CMD files. *yawn* Somebody hit rewind on the remote control,

[Full-Disclosure] php unserialize

== SEC-CONSULT Security Advisory PHP - 4.3.9 unserialize function == Product:PHP 4.3.9 (Win32/Unix) Remarks:no other Versions tested but very likely vulnerable

[Full-Disclosure] [MaxPatrol] SQL-injection in Ikonboard 3.1.x

[MaxPatrol] SQL-injection in Ikonboard 3.1.x Release Date: December 16, 2004 Date Reported:December 2, 2004 Severity: High Application: Ikonboard 3.1.x Affects versions: 3.1.0, 3.1.1, 3.1.2 and 3.1.3. Platform: PHP I. DESCRIPTION Input passed to

Re: [Full-Disclosure] HOW TO BREAK XP SP2 POPUP BLOCKER: kick itin the nut !

Whilst I have not seen any (although I haven't looked, sorry) I doubt there are. What you can do though, as with any application, is distribute locked registry keys and configuration files for it. Documentation to do with using firefox with multiple profiles in mutliuser environments is also

Re: [Full-Disclosure] RE: Cipher Tool

Have you considered using secured network protocols on dedicated encryption hardware? or is that beyond the price point? Any cipher algorithm would be theoretically implementable (providing the length of data is suitable). If you are looking for _real_ performance though then ciphering may not be

[Full-Disclosure] PHP Input Validation Vulnerabilities

- |PHP Input Validation Vulnerabilities | - Date: 12-16-2004 Author: Daniel Fabian Product: PHP Vendor: PHP

[Full-Disclosure] [ZH2004-18SA]Firefox/Opera-bypass of security restrcition by Content-Type spoofi

[ZH2004-18SA] Content-Type spoofing in Mozilla Firefox and Opera could allow users to bypass security restrictions 12/12/2004 Author: Giovanni Delvecchio e-mail: [EMAIL PROTECTED] Browsers tested: - Firefox 1.0 - Mozilla 1.7.x - Opera 7.54 (*) - Konqueror 3.3.1 - Epiphany -Internet Explorer 6

[Full-Disclosure] Advisory 01/2004: Multiple Vulnerabilities in PHP 4/5

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hardened-PHP Project www.hardened-php.net -= Security Advisory =- Advisory: Multiple vulnerabilities within PHP 4/5 Release Date: 2004/12/15 Last Modified: 2004/12/15

[Full-Disclosure] Advisory 01/2004: Multiple vulnerabilities in PHP 4/5

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hardened-PHP Project www.hardened-php.net -= Security Advisory =- Advisory: Multiple vulnerabilities within PHP 4/5 Release Date: 2004/12/15 Last Modified: 2004/12/15

[Full-Disclosure] MDKSA-2004:150 - Updated kdelibs and kdebase packages fix vulnerability

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandrakelinux Security Update Advisory ___ Package name: kdelibs Advisory ID:

[Full-Disclosure] [ GLSA 200412-10 ] Vim, gVim: Vulnerable options in modelines

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200412-10 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - -