Full Disclosure: by date
RSS Feed
About List
All Lists
Previous period
557 messages
starting Aug 01 08 and
ending Aug 31 08
Date index |
Thread index |
Author index
Friday, 01 August
CA ARCserve Backup for Laptops and Desktops Server LGServer Service Vulnerability Williams, James K
SUSE Security Announcement: net-snmp (SUSE-SA:2008:039) Thomas Biege
[USN-632-1] Python vulnerabilities Kees Cook
[USN-633-1] libxslt vulnerabilities Kees Cook
[SECURITY] [DSA 1625-1] New cupsys packages fix arbitrary code execution Thijs Kinkhorst
[SECURITY] [DSA 1626-1] New httrack packages fix arbitrary code execution Thijs Kinkhorst
Tool Release: ProcL - Detect Hidden Process Pallav Khandhar
[USN-634-1] OpenLDAP vulnerability Kees Cook
DNS Multiple Race Exploiting Tool AR
n.runs-SA-2008.005 - Apple Inc. - CoreServices Framework’s CarbonCore Framework - Arbitrary Code Execution (remote) security () nruns com
iDefense Security Advisory 07.31.08: Apple Mac OS X CoreGraphics PDF Type1 Font Integer Overflow Vulnerability iDefense Labs
Fwd: Black Hat talk on Apple encryption cancelled n3td3v
[ MDVSA-2008:160 ] libxslt security
iDefense Security Advisory 08.01.08: Ingres Database for Linux verifydb Insecure File Permissions Modification Vulnerability iDefense Labs
iDefense Security Advisory 08.01.08: Ingres Database for Linux libbecompat Stack Based Buffer Overflow Vulnerability iDefense Labs
iDefense Security Advisory 08.01.08: Ingres Database for Linux ingvalidpw Untrusted Library Path Vulnerability iDefense Labs
Saturday, 02 August
Server termination in America's Army 2.8.3.1 Luigi Auriemma
ArpON detects and blocks Arp Poisoning/Spoofing attacks Andrea Di Pasquale
Re: simple phishing fix lsi
Sunday, 03 August
Re: how to request a cve id? William A. Rowe, Jr.
Re: Media backlash begins against HD Moore and I)ruid n3td3v
Re: Media backlash begins against HD Moore and I)ruid Valdis . Kletnieks
Monday, 04 August
[SECURITY] [DSA 1627-1] New opensc packages fix smart card vulnerability Thijs Kinkhorst
Alphanumeric Shellcode Encoding and Detection Avraham Moshe Schneider
ASCII Art shellcode Berend-Jan Wever
[USN-626-2] Devhelp, Epiphany, Midbrowser and Yelp update Jamie Strandboge
free static analysis tool for c/c++ modversion
Team SHATTER Security Advisory: SQL Injection in Oracle Application Server (WWEXP_API_ENGINE) Team SHATTER
Team SHATTER Security Advisory: Cross-site scripting in Oracle Enterprise Manager (REFRESHHOME Parameter) Team SHATTER
Team SHATTER Security Advisory: Cross-site scripting in Oracle Enterprise Manager (REFRESHCHOICE Parameter) Team SHATTER
Team SHATTER Security Advisory: SQL Injection in Oracle Database (DBMS_DEFER_SYS.DELETE_TRAN) Team SHATTER
Re: free static analysis tool for c/c++ Dean Pierce
New info tool available at freewebtown.com/sombra6/info.php now Kristo pher
Re: free static analysis tool for c/c++ Fionnbharr
phish war game lsi
Re: free static analysis tool for c/c++ modversion
more rehashes of xss & 'evil gif' Robert Holgstad
Re: more rehashes of xss & 'evil gif' raining lulz
Tuesday, 05 August
CORE-2008-0716 - Sun xVM VirtualBox Privilege Escalation Vulnerability CORE Security Technologies Advisories
Re: Team SHATTER Security Advisory: SQL Injection in Oracle Database (DBMS_DEFER_SYS.DELETE_TRAN) Memisyazici, Aras
Re: free static analysis tool for c/c++ KJK::Hyperion
Re: phish war game Biz Marqee
Re: free static analysis tool for c/c++ modversion
Re: free static analysis tool for c/c++ KJK::Hyperion
Re: free static analysis tool for c/c++ modversion
Re: Media backlash begins against HD Moore and I)ruid n3td3v
Re: phish war game blah
Fwd: Comment on: Microsoft to give partners heads-up on security vulnerabilities n3td3v
Re: Alphanumeric Shellcode Encoding and Detection Avraham Moshe Schneider
Re: Media backlash begins against HD Moore and I)ruid Valdis . Kletnieks
Re: Media backlash begins against HD Moore and I)ruid n3td3v
Re: Media backlash begins against HD Moore and I)ruid Valdis . Kletnieks
Re: Media backlash begins against HD Moore and I)ruid n3td3v
Re: Alphanumeric Shellcode Encoding and Detection Avraham Schneider
Re: Media backlash begins against HD Moore and I)ruid Valdis . Kletnieks
Interesting things at sec-consult.com, DNS-whitepaper available tomorrow Bernhard Mueller
(no subject) Bernhard Mueller
Re: Media backlash begins against HD Moore and I)ruid scott
Re: more rehashes of xss & 'evil gif' n3td3v
[ GLSA 200808-01 ] xine-lib: User-assisted execution of arbitrary code Robert Buchholz
Re: Kaminsky's Law Pavel Kankovsky
Re: Media backlash begins against HD Moore and I)ruid Ureleet
Re: Fwd: Comment on: Microsoft to give partners heads-up on security vulnerabilities Ureleet
Re: Fwd: Are Bug Disclosures Helping or Hurting? Ureleet
Re: Re : CAU-EX-2008-0002: Kaminsky DNS Cache Poisoning Flaw Exploit Ureleet
Re: Nominate Dan Kaminsky for Most Overhyped Bug Pwnie Award Ureleet
Re: Kaminsky's Law Ureleet
Re: (no subject) Ureleet
[ GLSA 200808-02 ] Net-SNMP: Multiple vulnerabilities Robert Buchholz
[ GLSA 200808-03 ] Mozilla products: Multiple vulnerabilities Robert Buchholz
[ GLSA 200808-04 ] Wireshark: Denial of Service Robert Buchholz
Re: (no subject) Bernhard Mueller
Re: Alphanumeric Shellcode Encoding and Detection Avraham Schneider
McAfee + FUD ? r0tten c0re
Wednesday, 06 August
Check this out Manu Chao
Re: Alphanumeric Shellcode Encoding and Detection Avraham Schneider
rPSA-2008-0245-1 cups rPath Update Announcements
rPSA-2008-0246-1 gaim rPath Update Announcements
Re: Kaminsky's Law TJ
Re: Media backlash begins against HD Moore and I)ruid jf
Re: Media backlash begins against HD Moore and I)ruid n3td3v
Google Notebook and Google Bookmarks Cross Site Scripting Vulnerabilities Alfredo Melloni
CA Products That Embed Ingres Multiple Vulnerabilities Williams, James K
Webex atucfobj Module ActiveX Control Buffer Overflow Vulnerability Elazar Broad
Re: Media backlash begins against HD Moore and I)ruid TJ
[USN-635-1] xine-lib vulnerabilities Jamie Strandboge
offering 0day Jeffrey Starck
[ GLSA 200808-05 ] ISC DHCP: Denial of Service Tobias Heinlein
[ GLSA 200808-06 ] libxslt: Execution of arbitrary code Tobias Heinlein
Re: [funsec] facebook messages worm John C. A. Bambenek, GCIH, CISSP
Endless loop and resources consumption in Halo 1.0.7.0615 Luigi Auriemma
Re: Media backlash begins against HD Moore and I)ruid Paul Schmehl
Re: Media backlash ... insane? TJ
Re: Media backlash begins against HD Moore and I)ruid Anders B Jansson
[PLSA 2008-18] Pidgin: Spoofing Vulnerability Pınar Yanardağ
[PLSA 2008-19] Git: Multiple Buffer Overflows Pınar Yanardağ
Petko D. Petkov files unleashed, guilty by Internet council internetsuperheros
Petko D. Petkov files unleashed, guilty by Internet council internetsuperheros
GNUCITIZEN Stumbleupon account revised Great Council of Internet Superheros
More information on Petko D. Petkov Great Council of Internet Superheros
Kaminsky Quittinq? Coffee Shop Inevitable? InfoSec DramaReport
Re: [funsec] facebook messages worm Juha-Matti Laurio
Re: Kaminsky Quittinq? Coffee Shop Inevitable? Paul Schmehl
Thursday, 07 August
Whitepaper: DNS zone redelegation Bernhard Mueller
Apache HTTP Server mod_proxy_ftp Wildcard Characters Cross-Site Scripting Marc Bevand
infected file ( can someone please report and take it down ? ) Dr. Mark A. Baiter [Chief Scatological Consultant]
Re: [funsec] facebook messages worm Gadi Evron
No subject az-guy
Re: [funsec] facebook messages worm Gadi Evron
facebook messages worm Gadi Evron
Re: [funsec] facebook messages worm Gadi Evron
question Dennis Yurichev
When will they ever get it !?!?!?! wilder_jeff Wilder
Re: question Valdis . Kletnieks
question Dennis Yurichev
[ MDVSA-2008:161 ] rxvt security
[ MDVSA-2008:162 ] qemu security
Re: question James Matthews
Re: No subject James Matthews
Re: question James Matthews
[ MDVSA-2008:163 ] python security
[ MDVSA-2008:164 ] python security
Friday, 08 August
Re: [funsec] facebook messages worm Juha-Matti Laurio
OpenID/Debian PRNG/DNS Cache poisoning advisory Ben Laurie
Re: [Suspected Junk Mail] Re: Petko D. Petkov files unleashed, guilty by Internet council Great Council of Internet Superheros
Petko D. Petkov, Honeynet and Tom Ferris featured on an Internet Justice magazine Great Council of Internet Superheros
Vim 7.2c.002 Fixes Arbitrary Command Execution when Handling Tar Archives Jan Minář
Re: [OpenID] OpenID/Debian PRNG/DNS Cache poisoning advisory Gerald Beuchelt
Re: [OpenID] OpenID/Debian PRNG/DNS Cache poisoning advisory Eddy Nigg (StartCom Ltd.)
Vim: Unfixed Vulnerabilities in Tar Plugin Version 20 Jan Minář
Squadron of Justice to the rescue Great Council of Internet Superheros
Re: [OpenID] OpenID/Debian PRNG/DNS Cache poisoning advisory Peter Williams
Squadron of Justice to the rescue Great Council of Internet Superheros
Internet Justice #1 August 2008 (Part 1/7) Great Council of Internet Superheros
Internet Justice #1 August 2008 (Part 1/7) Great Council of Internet Superheros
Re: [OpenID] OpenID/Debian PRNG/DNS Cache poisoning advisory Ben Laurie
Internet Justice #1 August 2008 (Part 7/7) Great Council of Internet Superheros
Internet Justice #1 August 2008 (Part 2/7) Great Council of Internet Superheros
Internet Justice #1 August 2008 (Part 1/7) Great Council of Internet Superheros
Internet Justice #1 August 2008 (Part 3/7) Great Council of Internet Superheros
Internet Justice #1 August 2008 (Part 4/7) Great Council of Internet Superheros
Internet Justice #1 August 2008 (Part 5/7) Great Council of Internet Superheros
Internet Justice #1 August 2008 (Part 6/7) Great Council of Internet Superheros
Internet Justice #1 August 2008 (Part 2/10) Great Council of Internet Superheros
Internet Justice #1 August 2008 (Part 1/10) Great Council of Internet Superheros
Internet Justice #1 August 2008 (Part 3/10) Great Council of Internet Superheros
Internet Justice #1 August 2008 (Part 5/10) Great Council of Internet Superheros
Internet Justice #1 August 2008 (Part 4/10) Great Council of Internet Superheros
Internet Justice #1 August 2008 (Part 6/10) Great Council of Internet Superheros
Internet Justice #1 August 2008 (Part 7/10) Great Council of Internet Superheros
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Eric Rescorla
Internet Justice #1 August 2008 (Part 8/10) Great Council of Internet Superheros
Internet Justice #1 August 2008 (Part 10/10) Great Council of Internet Superheros
Internet Justice #1 August 2008 (Part 9/10) Great Council of Internet Superheros
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Ben Laurie
[ GLSA 200808-07 ] ClamAV: Multiple Denials of Service Raphael Marichez
[ GLSA 200808-08 ] stunnel: Security bypass Raphael Marichez
[ GLSA 200808-09 ] OpenLDAP: Denial of Service vulnerability Raphael Marichez
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Dave Korn
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Eric Rescorla
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Dave Korn
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Dan Guido
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Perry E. Metzger
Re: [OpenID] OpenID/Debian PRNG/DNS Cache poisoning advisory Gerald Beuchelt
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Jin Sei
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Leichter, Jerry
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Eric Rescorla
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Peter Gutmann
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Dan Kaminsky
Great Council of Internet Superheros n3td3v
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Ben Laurie
Re: [OpenID] OpenID/Debian PRNG/DNS Cache poisoning advisory Ben Laurie
Re: Great Council of Internet Superheros n3td3v
c99 shell anyone? Kristo pher
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Florian Weimer
Re: [OpenID] OpenID/Debian PRNG/DNS Cache poisoning advisory Dick Hardt
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Tim Dierks
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Nicolas Williams
Re: [OpenID] OpenID/Debian PRNG/DNS Cache poisoning advisory Eddy Nigg (StartCom Ltd.)
Re: [OpenID] OpenID/Debian PRNG/DNS Cache poisoning advisory Eddy Nigg (StartCom Ltd.)
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Paul Hoffman
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Nicolas Williams
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Tim Dierks
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Leichter, Jerry
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Nicolas Williams
key blacklisting & file size (was: OpenID/Debian PRNG/DNS Cache poisoning advisory) Solar Designer
Re: [OpenID] OpenID/Debian PRNG/DNS Cache poisoning advisory Eddy Nigg (StartCom Ltd.)
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Stefan Kanthak
Re: [OpenID] OpenID/Debian PRNG/DNS Cache poisoning advisory Peter Williams
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Leichter, Jerry
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Eric Rescorla
Saturday, 09 August
Brazilian Bank (Caixa Economica Federal) Stupid Vuln #02 (Opera's Style) H2G-Labs Information Security
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory "Hal Finney"
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Forrest J. Cavalier III
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Ben Laurie
List Charter John Cartwright
Emergency DNS Patch Still Vulnerable, Proves Russian Physicist n3td3v
[ GLSA 200808-10 ] Adobe Reader: User-assisted execution of arbitrary code Robert Buchholz
Re: Emergency DNS Patch Still Vulnerable, Proves Russian Physicist Valdis . Kletnieks
Sunday, 10 August
Latest judgement by Internet Justice Court: Still insecure, after all these years. Squadron of Justice
what happened to fd??.. even eff cant save it??. Joel Jose
I'm going to Internet Jail, framed by Squadron of Justice alan shimel
Internet justice delivered, criminals panic and run in despair alan shimel
Re: Internet justice delivered, criminals panic and run in despair Night Ninja
Re: [Full-disclosure] Internet justice delivered, criminals panic and run in despair Squadron of Justice
Re: Internet justice delivered, criminals panic and run in despair alan shimel
Re: Internet justice delivered [UPDATE ON M. ROTHMAN AND ALAN] Squadron of Justice
Re: Emergency DNS Patch Still Vulnerable, Proves Russian Physicist Paul Schmehl
[SECURITY] [DSA 1627-1] New PowerDNS packages reduce DNS spoofing risk Florian Weimer
Monday, 11 August
Internet attacks against Georgian web sites Gadi Evron
Re: [funsec] Internet attacks against Georgian web sites Paul Ferguson
Re: [funsec] Internet attacks against Georgian web sites Paul Ferguson
Inguma version 0.0.9 released Joxean Koret
Re: Internet justice delivered, criminals panic and run in despair Valdis . Kletnieks
anyone developing a secure telephony application for GSM CSD? Fabio Pietrosanti (naif)
Surf Jack - HTTPS will not save you Sandro Gauci
Re: Internet attacks against Georgian web sites n3td3v
George Ledin virus material training Request. Jun...
Re: [funsec] Internet attacks against Georgian web sites John C. A. Bambenek, GCIH, CISSP
Re: [funsec] Internet attacks against Georgian web sites n3td3v
Re: [funsec] Internet attacks against Georgian web sites Valdis . Kletnieks
[ GLSA 200808-11 ] UUDeview: Insecure temporary file creation Pierre-Yves Rofes
Re: [funsec] Internet attacks against Georgian web sites Robert Marquardt
[ MDVSA-2008:165 ] perl security
Re: [funsec] Internet attacks against Georgian web sites n3td3v
rPSA-2008-0249-1 openldap openldap-clients openldap-servers rPath Update Announcements
rPSA-2008-0247-1 gvim vim vim-minimal rPath Update Announcements
Re: Team SHATTER Security Advisory: SQL Injection in Oracle Database (DBMS_DEFER_SYS.DELETE_TRAN) Team SHATTER
Re: what happened to fd??.. even eff cant save it??. coderman
Re: Surf Jack - HTTPS will not save you coderman
[PLSA 2008-21] Ruby: Multiple Vulnerabilities Pınar Yanardağ
[PLSA 2008-22] Php: Multiple Overflows Pınar Yanardağ
Ukraine? Drop Drop
Tuesday, 12 August
Re: [Full-disclosure] Internet justice delivered, criminals panic and run in despair Squadron of Justice
ekoparty 2008 - [First Round of Selection] - [Argentina] ekoparty
Re: [Suspected Junk Mail] Re: Petko D. Petkov hacked? Squadron of Justice
Layered Defense Research Advisory: Alcatel-Lucent OmniSwitch products, Stack Buffer Overflow Deral Heiland
Re: Surf Jack - HTTPS will not save you Noam Rathaus
StumbleUpon XSS (fixed) Berend-Jan Wever
Secret Plan To Kill Internet By 2012 Leaked? energy
ISP's confirm '2012: The Year The Internet Ends' energy
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Ben Laurie
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Ben Laurie
children of the daycare of justice little league Tea Baggins
iDefense Security Advisory 08.04.08: Solaris snoop SMB Decoding Multiple Stack Buffer Overflow Vulnerabilities iDefense Labs
Fwd: Comments on: Alleged NASA hacker gets temporary reprieve n3td3v
iDefense Security Advisory 08.04.08: Solaris snoop SMB Decoding Multiple Format String Vulnerabilities iDefense Labs
Thanks Maynor. staff
VMSA-2008-0012 Updated VirtualCenter addresses User Account Disclosure Vulnerability VMware Security Team
Re: Thanks Maynor. Sandy Vagina
VMSA-2008-0013 Updated ESX packages for OpenSSL, net-snmp, perl VMware Security Team
Re: Thanks Maynor. Robert Holgstad
Re: StumbleUpon XSS (fixed) Robert Holgstad
Re: George Ledin virus material training Request. Robert Holgstad
CA Host-Based Intrusion Prevention System SDK kmxfw.sys Multiple Vulnerabilities Williams, James K
selling jeremie travis
selling 0-day jeremie travis
Re: Petko D. Petkov hacked? Squadron of Justice
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Clausen, Martin (DK - Copenhagen)
rPSA-2008-0253-1 git gitweb rPath Update Announcements
[TKADV2008-006] CA HIPS KmxFw.sys Kernel Memory Corruption Tobias Klein
Re: Internet attacks against Georgian web sites Gadi Evron
Step-by-step instructions for debugging Cisco IOS using gdb Andy Davis
ZDI-08-048: Microsoft Excel COUNTRY Record Memory Corruption Vulnerability zdi-disclosures
ZDI-08-049: Microsoft Windows Graphics Rendering Engine PICT Heap Corruption zdi-disclosures
ZDI-08-050: Microsoft Internet Explorer XHTML Rendering Memory Corruption Vulnerability zdi-disclosures
ZDI-08-051: Microsoft Internet Explorer Table Layout Memory Corruption Vulnerability zdi-disclosures
Vim: Netrw: FTP User Name and Password Disclosure Jan Minář
iDefense Security Advisory 08.12.08: Microsoft Office BMP Input Filter Heap Overflow Vulnerability iDefense Labs
[ MDVSA-2008:167 ] kernel security
[ MDVSA-2008:166 ] clamav security
iDefense Security Advisory 08.12.08: Microsoft Office WPG Image File Heap Buffer Overflow Vulnerability iDefense Labs
iDefense Security Advisory 08.12.08: Microsoft PowerPoint Viewer 2003 Out of Bounds Array Index Vulnerability iDefense Labs
iDefense Security Advisory 08.12.08: Microsoft PowerPoint Viewer 2003 Cstring Integer Overflow Vulnerability iDefense Labs
iDefense Security Advisory 08.12.08: Microsoft Excel Chart AxesSet Invalid Array Index Vulnerability iDefense Labs
iDefense Security Advisory 08.12.08: Microsoft Excel FORMAT Record Invalid Array Index Vulnerability iDefense Labs
iDefense Security Advisory 08.12.08: Microsoft Windows Color Management Module Heap Buffer Overflow Vulnerability iDefense Labs
Wednesday, 13 August
Storesonline, Ecommerce hosting solution - how to avoid mistakes that put your business at risk Mister Nice Guy
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Seth Breidbart
Re: [funsec] Internet attacks against Georgian web sites Gadi Evron
Re: [funsec] Internet attacks against Georgian web sites Paul Ferguson
Re: [funsec] Internet attacks against Georgian web sites Gadi Evron
Re: Internet attacks against Georgian web sites Viktor Larionov
IntelliTamper v2.07/2.08 Beta 4 A HREF sploit kralor
Re: Vim: Netrw: FTP User Name and Password Disclosure Tony Mechelynck
(no subject) ff0000
OpenVAS Stable Release Michael Wiegand
Re: Internet attacks against Georgian web sites n3td3v
NULL pointer in Ventrilo 3.0.2 Luigi Auriemma
rPSA-2008-0243-1 idle python rPath Update Announcements
Re: Internet attacks against Georgian web sites n3td3v
[ MDVSA-2008:169 ] hplip security
Microsoft Windows Messenger Remote Illegal Access Vulnerability cocoruder
[ MDVSA-2008:168 ] stunnel security
[ MDVSA-2008:170 ] cups security
Thursday, 14 August
Funniest thing at DefCon this year... Exibar
[funsec] Estonia similarities begin to manifest (fwd) Gadi Evron
CORE-2008-0103: Internet Explorer Zone Elevation Restrictions Bypass and Security Zone Restrictions Bypass CORE Security Technologies Advisories
Coordinated Russia vs Georgia cyber attack in progress Dancho Danchev
ISOI 5 (Tallinn) agenda is now online Gadi Evron
SECOBJADV-2008-03: PartyGaming PartyPoker Malicious Update Vulnerability advisories
SUSE Security Announcement: postfix (SUSE-SA:2008:040) Thomas Biege
Re: Internet attacks against Georgian web sites Pavel Labushev
Re: DNS forward only: why does it help? Florian Weimer
Re: Internet attacks against Georgian web sites n3td3v
Re: Funniest thing at DefCon this year... North, Quinn
Re: Internet attacks against Georgian web sites Ureleet
Re: Funniest thing at DefCon this year... Ureleet
Re: (no subject) Ureleet
Re: Great Council of Internet Superheros Ureleet
Re: Internet justice delivered [UPDATE ON M. ROTHMAN AND ALAN] Ureleet
Cisco IOS Shellcodes Gyan Chawdhary
Re: (no subject) Valdis . Kletnieks
SUSE Security Announcement: openwsman (SUSE-SA:2008:041) Thomas Biege
Re: Funniest thing at DefCon this year... ff0000
ZDI-08-052: OpenLDAP BER Decoding Remote DoS Vulnerability zdi-disclosures
Security Assessment of the Internet Protocol Fernando Gont
ZDI-08-053: Symantec Veritas Storage Foundation Scheduler Service NULL Session Authentication Bypass Vulnerability zdi-disclosures
[ GLSA 200808-12 ] Postfix: Local privilege escalation vulnerability Raphael Marichez
[PLSA 2008-24] Amarok: Privilege escalation Pınar Yanardağ
Cisco Security Advisory: Vulnerability in Cisco WebEx Meeting Manager ActiveX Control Cisco Systems Product Security Incident Response Team
UPDATE!! Funniest thing at DefCon this year... Exibar
weev, baby Tea Baggins
Friday, 15 August
rPSA-2008-0255-1 freetype rPath Update Announcements
Call for Papers CFS Frank Manley
Re: Security Assessment of the Internet Protocol Mark Brunner
weev, baby Gadi Evron
Re: weev, baby hERB
Re: weev, baby coderman
Health website vulnerable to hacking, no response from admins after multiple attempts Kristian Erik Hermansen
Re: weev, baby n3td3v
[ MDVSA-2008:171 ] postfix security
[ MDVSA-2008:172 ] amarok security
[PLSA 2008-25] Postfix: Local privilege escalation Pınar Yanardağ
Step-by-step instructions for debugging Cisco IOS using gdb Smiler S
Tool: PorkBind v1.3 Nameserver Security Scanner (New Version) Derek Callaway
Re: [funsec] Internet attacks against Georgian web sites Radoslav Dejanović
Beware the firefox ZERO DAYZZZZ T Biehn
Linus summarizes state of the "security industry" with precision and accuracy. coderman
Re: Linus summarizes state of the "security industry" with precision and accuracy. silky
Saturday, 16 August
Re: Beware the firefox ZERO DAYZZZZ Thierry Zoller
Nokia 6131 NFC URI/URL Spoofing and DoS Advisory Collin R. Mulliner
Re: Step-by-step instructions for debugging Cisco IOS using gdb Andrew Farmer
Re: Step-by-step instructions for debugging Cisco IOS using gdb Andy Davis
Re: Full-Disclosure Digest, Vol 42, Issue 42 badr muhyeddin
Sunday, 17 August
Re: selling 0-day jeremie travis
Re: Full-Disclosure Digest, Vol 42, Issue 42 William McAfee
Re: 0day offer Jeffrey Starck
Re: Beware the firefox ZERO DAYZZZZ Memisyazici, Aras
Re: [funsec] Internet attacks against Georgian web sites Static Rez
Re: [funsec] Internet attacks against Georgian web sites William McAfee
Klueless Klowns Team PHP shell Kristo pher
Re: [funsec] Internet attacks against Georgian web sites William McAfee
Re: Klueless Klowns Team PHP shell William McAfee
Re: [funsec] Internet attacks against Georgian web s ites Paul Ferguson
Re: [funsec] Internet attacks against Georgian web s ites n3td3v
Re: Klueless Klowns Team PHP shell Andrew Farmer
Re: [funsec] Internet attacks against Georgian web s ites William McAfee
Monday, 18 August
Re: [Full-disclosure] [funsec] Internet attacks against Georgian web s ites ff0000
Re: [funsec] Internet attacks against Georgian web s ites Peter Dawson
Re: [funsec] Internet attacks against Georgian web s ites Valdis . Kletnieks
Re: [funsec] Internet attacks against Georgian web s ites coderman
Re: [funsec] Internet attacks against Georgian web s ites William McAfee
Re: [funsec] Internet attacks against Georgian web s ites Dave
Re: [funsec] Internet attacks against Georgian web s ites William McAfee
Re: Linus summarizes state of the "security industry" with precision and accuracy. Simon Valiquette
Re: Linus summarizes state of the "security industry" with precision and accuracy. John C. A. Bambenek, GCIH, CISSP
Re: Linus summarizes state of the "security industry" with precision and accuracy. Simon Valiquette
Re: Linus summarizes state of the "security industry" with precision and accuracy. don bailey
Re: Linus summarizes state of the "security industry" with precision and accuracy. don bailey
Re: Linus summarizes state of the "security industry" with precision and accuracy. Erik Harrison
Re: Linus summarizes state of the "security industry" with precision and accuracy. William McAfee
Tuesday, 19 August
Re: Step-by-step instructions for debugging Cisco IOS using gdb Smiler D
The Hacksaw Conspiracies Phillip Tanner
[SECURITY] [DSA 1629-1] New postfix packages fix privilege escalation Thijs Kinkhorst
[SECURITY] [DSA 1629-2] New postfix packages fix installability problem on i386 Thijs Kinkhorst
Introducing the Android Security Team richc
Re: The Hacksaw Conspiracies T Biehn
Re: The Hacksaw Conspiracies William McAfee
Deep Blind SQL Injection Whitepaper Ferruh Mavituna
Re: 0day offer jeroen
Re: Deep Blind SQL Injection Whitepaper David Litchfield
Denial of Service Survey Tyler Reguly
Re: Deep Blind SQL Injection Whitepaper Ferruh Mavituna
IMF 2008 - Call for Participation Oliver Goebel
[ MDVSA-2008:173 ] kdegraphics security
[USN-636-1] Postfix vulnerability Kees Cook
[ MDVSA-2008:174 ] kernel security
Wednesday, 20 August
BSQL Hacker 0.9.0.7 - Advanced SQL Injection Framework / Tool Ferruh Mavituna
Re: Deep Blind SQL Injection Whitepaper Sir Mordred
OWASP DirBuster 0.11.1 Released James Fisher
Re: OWASP DirBuster 0.11.1 Released Robert Holgstad
Re: OWASP DirBuster 0.11.1 Released William McAfee
[ MDVSA-2008:175 ] yelp security
Re: OWASP DirBuster 0.11.1 Released Michael Krymson
[ MDVSA-2008:176 ] mtr security
CORE-2008-0624: Anzio Web Print Object Buffer Overflow CORE Security Technologies Advisories
CORE-2008-0813 - vBulletin Cross Site Scripting Vulnerability CORE Security Technologies Advisories
Re: CORE-2008-0624: Anzio Web Print Object Buffer Overflow James Matthews
Re: OWASP DirBuster 0.11.1 Released Tom Brennan
Re: Deep Blind SQL Injection Whitepaper Marco Slaviero
[ MDVSA-2008:177 ] xine-lib security
[ MDVSA-2008:178 ] xine-lib security
Re: OWASP DirBuster 0.11.1 Released James Matthews
Thursday, 21 August
Hacking OSPF with MD5 authentication enabled Francois Ropert
Re: Hacking OSPF with MD5 authentication enabled GomoR
Version-independent IOS shellcode Andy Davis
Re: Hacking OSPF with MD5 authentication enabled Francois Ropert
Re: Hacking OSPF with MD5 authentication enabled Francois Ropert
Fujitsu Web-Based Admin View Directory Traversal Vulnerability Deniz Cevik
UPDATE: [ GLSA 200804-22 ] PowerDNS Recursor: DNS Cache Poisoning Robert Buchholz
DXShopCart V4.30mc search.php XSS bug squash
[ MDVSA-2008:179 ] metisse security
[ MDVSA-2008:180 ] libxml2 security
Friday, 22 August
0day services offer Stephen Flaw
rPSA-2008-0259-1 postfix rPath Update Announcements
[SECURITY] [DSA 1630-1] New Linux 2.6.18 packages fix several vulnerabilities dann frazier
DXShopCart v4.30mc product search.php xss bug squash
Announcement/OT: Ethical Hacking book release (Spanish) Security Lists
Secunia Research: Trend Micro Products Web Management Authentication Bypass Secunia Research
Contest: Best Advances for OpenVAS Network Vulnerability Tests Michael Wiegand
Re: 0day services offer Valdis . Kletnieks
Re: 0day services offer John Lamb
Re: 0day services offer Darkie Duck
Vim: Arbitrary Code Execution in Commands: K, Control-], g] Jan Minář
Re: 0day services offer n3td3v
Fedora confirms: Our servers were breached Juha-Matti Laurio
ACG-PTP 1.0.6 index.php persistent XSS bug squash
Re: Vim: Arbitrary Code Execution in Commands: K, Control-], g] staff
Arbitrary Command Execution in Windows and Unix Shells. Bob Beck
Re: Fedora confirms: Our servers were breached coderman
Re: Fedora confirms: Our servers were breached James Matthews
Re: Fedora confirms: Our servers were breached Jerome Benoit
[SECURITY] [DSA 1631-1] New libxml2 packages fix denial of service Steve Kemp
Re: Fedora confirms: Our servers were breached Dragos Ruiu
Photo Cart 3.9 index.php "search" XSS bug squash
Fwd: Hacker calls buddies overseas on U.S. government dime n3td3v
Re: Fwd: Hacker calls buddies overseas on U.S. government dime James Matthews
Re: Fwd: Hacker calls buddies overseas on U.S. government dime n3td3v
Re: Fedora confirms: Our servers were breached William McAfee
Saturday, 23 August
libc/net inet_net_pton() integer overflow Maksymilian Arciemowicz
Multiple XSS Vulnerabilities in Self Generate CMS Kærast
Sunday, 24 August
Re: Fwd: Hacker calls buddies overseas on U.S. government dime Ureleet
Re: Fwd: Comments on: Alleged NASA hacker gets temporary reprieve Ureleet
Re: Fwd: Hacker calls buddies overseas on U.S. government dime Razi Shaban
Call For Papers - Hackers 2 Hackers Conference 5th Edition - Brazil Rodrigo Rubira Branco (BSDaemon)
Re: Multiple XSS Vulnerabilities in Self Generate CMS (K?rast) devildeath1988
[PLSA 2008-28] Libxml2: Denial of Service Pınar Yanardağ
[PLSA 2008-29] Vlc: Multiple Vulnerabilities Pınar Yanardağ
[PLSA 2008-30] Vim: Arbitrary code execution Pınar Yanardağ
Monday, 25 August
[IVIZ-08-004] Intel BIOS Plain Text Password Disclosure iViZ Security Advisories
[IVIZ-08-005] IBM Lenovo BIOS Plain Text Password Disclosure iViZ Security Advisories
[IVIZ-08-006] DiskCryptor Security Model bypass exploiting wrong BIOS API usage iViZ Security Advisories
[IVIZ-08-002] Hewlett-Packard BIOS Plain Text Password Disclosure iViZ Security Advisories
[IVIZ-08-009] Grub Legacy Security Model bypass exploiting wrong BIOS API usage iViZ Security Advisories
[IVIZ-08-003] TrueCrypt Security Model bypass exploiting wrong BIOS API usage iViZ Security Advisories
[IVIZ-08-007] DriveCrypt Security Model bypass exploiting wrong BIOS API usage iViZ Security Advisories
Secunia Research: Novell iPrint Client ActiveX Control Multiple Buffer Overflows Secunia Research
Secunia Research: Novell iPrint Client ActiveX Control "GetFileList()" Information Disclosure Secunia Research
[IVIZ-08-008] LILO Security Model bypass exploiting wrong BIOS API usage iViZ Security Advisories
SQL Injection Vulnerability in BtiTracker and xbtit Valery Marchuk
[IVIZ-08-001] Microsoft Bitlocker Plain Text Password Disclosure iViZ Security Advisories
Re: [IVIZ-08-001] Microsoft Bitlocker Plain Text Password Disclosure KJK::Hyperion
Tuesday, 26 August
Secunia Research: Calendarix Basic Two SQL Injection Vulnerabilities Secunia Research
Re: Arbitrary Code Execution in Commands: K, Control-], g] Michael Wojcik
[USN-637-1] Linux kernel vulnerabilities Kees Cook
ISO Standards Basha, Arif
news from Network Security Research John Wane
Re: ISO Standards Line Noise
Re: ISO Standards] Carlos Sahuquillo
[SECURITY] [DSA 1631-1] New libxml2 packages fix denial of service Steve Kemp
PacSec 2008 CFP (Deadline Sept. 1, Conference Nov. 12/13) and BA-Con 2008 Speakers (Sept. 30/ Oct. 1)PacSec 2008 CFP (Deadline Sept. 1, Conference Nov. 12/13) and BA-Con 2008 Speakers (Sept. 30/ Oct. 1) Dragos Ruiu
[ MDVSA-2008:180-1 ] libxml2 security
Re: [IVIZ-08-001] Microsoft Bitlocker Plain Text Password Disclosure Juha-Matti Laurio
test post Jason Josno
Re: DIE IN A FIRE post M. Shirk
[PLSA 2008-31] Tiff: Denial of Service Pınar Yanardağ
Re: [IVIZ-08-001] Microsoft Bitlocker Plain Text Password Disclosure James Matthews
Re: test post James Matthews
Re: ISO Standards Tonnerre Lombard
Wednesday, 27 August
Re: Funniest thing at DefCon this year... baldr
Re: DIE IN A FIRE post Simon Smith
Re: DIE IN A FIRE post Franck
Re: DIE IN A FIRE post Shirk Dog
White Wolf Labs #080826-1: Kyocera Mita Scanner File Utility (Multiple) Seth Fogie
[SECURITY] [DSA 1632-1] New tiff packages fix arbitrary code execution Thijs Kinkhorst
Re: DIE IN A FIRE post John C. A. Bambenek, GCIH, CISSP
Re: DIE IN A FIRE post Randal T. Rioux
Re: DIE IN A FIRE post Simon Smith
Re: TCP Port randomization paper Fernando Gont
Re: DIE IN A FIRE post James Matthews
[USN-638-1] Yelp vulnerability Kees Cook
[PLSA 2008-28] [Update] Libxml2: Denial of Service Pınar Yanardağ
Thursday, 28 August
Re: DIE IN A FIRE post mrdkaaa
reviving the botnets@ mailing list: a new statregy in fighting cyber crime Gadi Evron
Re: reviving the botnets@ mailing list: a new statregy in fighting cyber crime n3td3v
Re: ISO Standards M . B . Jr .
Re: ISO Standards James Matthews
Re: Deep Blind SQL Injection Whitepaper nummish
Re: Deep Blind SQL Injection Whitepaper Haroon Meer
Re: [funsec] Internet attacks against Georgian web s ites n3td3v
Re: [funsec] Internet attacks against Georgian web s ites n3td3v
ZDI-08-054: Multiple Vendor libpurple MSN Protocol SLP Message Heap Overflow Vulnerability zdi-disclosures
[ MDVSA-2008:181 ] ipsec-tools security
Friday, 29 August
[scip_Advisory 3807] Dreambox DM500 webserver long URL request denial of service Marc Ruef
[tool announce] KisGearth - optimized release... Richard Sammet
kings' tools Kristo pher
VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues. VMware Security team
Saturday, 30 August
Inside India’s CAPTCHA Solving Economy Dancho Danchev
hackmeeting: call for participation bomboclat
Honeypot? James Lay
x0x0x ? its a joke! a vendetta history.. bussinessinbox box
Re: [inbox] Honeypot? Exibar
Re: [inbox] Honeypot? James Lay
Re: [Full-disclosure] Inside India’s CAPTCHA Solving Economy coderman
Re: Inside India’s CAPTCHA Solving Economy Paul Schmehl
Re: [Full-disclosure] Inside India’s CAPTCHA Solving Economy Razi Shaban
Re: [Full-disclosure] Inside India’s CAPTCHA Solving Economy n3td3v
Re: [Full-disclosure] Inside India’s CAPTCHA Solving Economy n3td3v
[PLSA 2008-32] Mono: Cross Site Scripting Pınar Yanardağ
[PLSA 2008-33] [UPDATED] Opensc: Security Bypass Pınar Yanardağ
Gustav, domain name reportage n3td3v
Re: Gustav, domain name reportage n3td3v
Re: Inside India’s CAPTCHA Solving Economy Paul Schmehl
Re: Gustav, domain name reportage n3td3v
Re: [Full-disclosure] Inside India’s CAPTCHA Solving Economy Valdis . Kletnieks
Re: Gustav, domain name reportage n3td3v
Re: Gustav, domain name reportage Valdis . Kletnieks
Re: Gustav, domain name reportage n3td3v
Re: Gustav, domain name reportage Valdis . Kletnieks
Re: [Full-disclosure] Inside India’s CAPTCHA Solving Economy Raj Mathur
Sunday, 31 August
Re: Gustav, domain name reportage n3td3v
Re: Gustav, domain name reportage Valdis . Kletnieks
Re: Gustav, domain name reportage n3td3v
PoCfix (PoC for Postfix local root vuln - CVE-2008-2936) Roman Medina-Heigl Hernandez
Port Randomization: New revision of our IETF Internet-Draft Fernando Gont
[SECURITY] [DSA-1597-2] New mt-daapd package fix regression Devin Carraway
[SECURITY] [DSA 1627-2] New opensc package fix incomplete check Thijs Kinkhorst
rPSA-2008-0264-1 ruby rPath Update Announcements
x0x0x? its a joke! bussinessinbox box
Re: [Full-disclosure] Inside India’s CAPTCHA Solving Economy Raj Mathur
Re: [Full-disclosure] Inside India’s CAPTCHA Solving Economy Razi Shaban
Re: Gustav, domain name reportage Wesley McGrew
Re: Inside India's CAPTCHA Solving Economy Thedjatclubrock
Re: x0x0x? its a joke! Robert Holgstad
Re: x0x0x? its a joke! Thedjatclubrock
Monthly Hands-On Meetups Professor Micheal Chatner
Re: Monthly Hands-On Meetups Eliah Kagan
Re: Monthly Hands-On Meetups Arturo 'Buanzo' Busleiman
[PLSA 2008-34] GNU ed: Heap Overflow Pınar Yanardağ
[PLSA 2008-35] Ruby: Denial of Service Pınar Yanardağ
Re: [inbox] Monthly Hands-On Meetups Exibar
Re: [inbox] Monthly Hands-On Meetups Valdis . Kletnieks
Re: Monthly Hands-On Meetups Stephen Menard
Port Randomization: New revision of our IETF Internet-Draft Fernando Gont
Re: [inbox] Monthly Hands-On Meetups Exibar
New IETF I-D-: Security Assessment of the Internet Protocol version 4 Fernando Gont