Full Disclosure: by author

• RSS Feed
• About List
• All Lists

Previous period

Next period

591 messages starting Jul 23 08 and ending Jul 21 08
Date index | Thread index | Author index

Aaron Brown

Vulnerability Report: EMC Centera Universal Access Aaron Brown (Jul 23)

Aaron Turner

Re: Recall: simple phishing fix Aaron Turner (Jul 30)

Adam Chesnutt

Re: Kaminsky's Law Adam Chesnutt (Jul 26)

Adolf Hitler

Warning Adolf Hitler (Jul 09)

advisories

SECOBJADV-2008-02: Cygwin Installation and Update Process can be Subverted Vulnerability advisories (Jul 25)
Advisories advisories (Jul 30)

Alberto Trivero

[White Paper] Abusing HTML 5 Structured Client-side Storage Alberto Trivero (Jul 20)

Albert R. Campa

Re: signature for DNS vulnerability? Albert R. Campa (Jul 25)

Alexander Klink

Traversing Dan's directory - DNS statistics right from the source Alexander Klink (Jul 16)

Alexander Sotirov

Pwnie Awards 2008 Alexander Sotirov (Jul 08)
Kaminsky DNS bug leaked Alexander Sotirov (Jul 15)
Re: Pwnie Awards: Nominations, delayed? Alexander Sotirov (Jul 14)

Alex Howells

Re: help: I need to crack my box Alex Howells (Jul 21)

alien

London DEFCON July meet - DC4420 - Thursday 10th July (today!) alien (Jul 10)

A . L . M . Buxey

Re: Linux's unofficial security-through-coverup policy A . L . M . Buxey (Jul 17)
Re: New round of SSH scan IP's A . L . M . Buxey (Jul 09)

Anders Klixbull

Re: AFK from fool-disclosure Anders Klixbull (Jul 27)
Re: AFK from fool-disclosure Anders Klixbull (Jul 23)
Re: Multiple Vendor DNS Cache Poisoning issue Anders Klixbull (Jul 10)

Andrea Purificato

Oracle Portal XSS fixed by CPU July 2008 Andrea Purificato (Jul 16)

Andy Davis

Cisco IOS shellcode explanation - additional Andy Davis (Jul 30)
Cisco IOS shellcode explanation Andy Davis (Jul 30)
Remote Cisco IOS FTP server exploit Andy Davis (Jul 29)

Archibald Tuttle

Re: The cat is indeed out of the bag Archibald Tuttle (Jul 22)

Arturo 'Buanzo' Busleiman

Re: n3td3v podcast Arturo 'Buanzo' Busleiman (Jul 03)
SPAM from Tobesecurity.com Arturo 'Buanzo' Busleiman (Jul 24)
Re: n3td3v podcast Arturo 'Buanzo' Busleiman (Jul 03)
Re: Tool: PorkBind Nameserver Security Scanner Arturo 'Buanzo' Busleiman (Jul 30)
Re: Linux's unofficial security-through-coverup policy Arturo 'Buanzo' Busleiman (Jul 17)

Asterisk Security Team

AST-2008-010: Asterisk IAX 'POKE' resource exhaustion Asterisk Security Team (Jul 22)
AST-2008-011: Traffic amplification in IAX2 firmware provisioning system Asterisk Security Team (Jul 22)

badr muhyeddin

Re: Full-Disclosure Digest, Vol 41, Issue 3 badr muhyeddin (Jul 02)

Berend-Jan Wever

Alphanumeric shellcode improvements Berend-Jan Wever (Jul 01)

Biz Marqee

Re: simple phishing fix Biz Marqee (Jul 27)
Re: simple phishing fix Biz Marqee (Jul 28)

blah

Pen Test forums? blah (Jul 24)
Re: simple phishing fix blah (Jul 30)

Blue Boar

Re: [Dailydave] Linux's unofficial security-through-coverup policy Blue Boar (Jul 17)

Brad Spengler

Re: Linux's unofficial security-through-coverup policy Brad Spengler (Jul 17)
Linux's unofficial security-through-coverup policy Brad Spengler (Jul 16)
Re: Linux's unofficial security-through-coverup policy Brad Spengler (Jul 16)
Re: Linux's unofficial security-through-coverup policy Brad Spengler (Jul 16)

Brett Moore

Insomnia : ISVA-080709.1 - Microsoft SQL Server - Corrupt Backup File Heap Overflow Brett Moore (Jul 09)

carl hardwick

Flaw in eMule 0.49: it exposes the OS user account name when it sends the shared files list carl hardwick (Jul 14)

Cesar

Re: iDefense Security Advisory 07.08.08: Microsoft SQL Server Restore Integer Underflow Vulnerability Cesar (Jul 08)

Chandrashekhar B

Multiple Vendor DNS Cache Poisoning issue Chandrashekhar B (Jul 10)
Nessus plugins for recent MS Bulletins Chandrashekhar B (Jul 10)
Multiple Vendor DNS Cache Poisoning issue Chandrashekhar B (Jul 10)

Charles Majola

Re: 0day offer Charles Majola (Jul 29)
Re: ladies Charles Majola (Jul 30)
Re: Panda ActiveScan 2.0 remote code execution Charles Majola (Jul 04)

Cisco Systems Product Security Incident Response Team

Cisco Security Advisory: Multiple Cisco Products Vulnerable to DNS Cache Poisoning Attacks Cisco Systems Product Security Incident Response Team (Jul 08)

cocoruder

RealNetworks RealPlayer ActiveX Illegal Resource Reference Vulnerability cocoruder (Jul 29)

coderman

Re: Dan Kaminsky Disclosure Methodology + Super Critical vulnerability disclosure in Windows coderman (Jul 25)
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) coderman (Jul 13)
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) coderman (Jul 13)
Re: DNS spoofing issue. Thoughts on coderman (Jul 28)
Re: ...? (: coderman (Jul 24)

Context IS - Disclosure

Context IS Advisory - MS08-39 OWA XSS Context IS - Disclosure (Jul 10)

crazy frog crazy frog

Re: signature for DNS vulnerability? crazy frog crazy frog (Jul 26)
signature for DNS vulnerability? crazy frog crazy frog (Jul 25)

Dale Harris

Re: ladies Dale Harris (Jul 24)

Dancho Danchev

Gmail, Yahoo and Hotmail’s CAPTCHA broken by spammers Dancho Danchev (Jul 03)

Daniel Guido

Re: Is the security industry like a lemon market? Daniel Guido (Jul 23)
Is the security industry like a lemon market? Daniel Guido (Jul 23)

Darren Bounds

iPhone ActivSync/iTunes flaw Darren Bounds (Jul 14)

Dave Aitel

Re: [Dailydave] Linux's unofficial security-through-coverup policy Dave Aitel (Jul 17)

David Bryan

Minneapolis DC612 Meeting July 10th, 2008@6pm David Bryan (Jul 08)

David Litchfield

Lateral SQL Injection Revisited - No Special Privs Required David Litchfield (Jul 18)
Re: Pwnie Awards 2008 David Litchfield (Jul 21)
Oracle Application Server PLSQL injection flaw David Litchfield (Jul 15)

DDI_Vulnerability_Alert

DDIVRT-2008-12-ServerView SnmpGetMibValues.exe Buffer Overflow DDI_Vulnerability_Alert (Jul 03)

DeepSec 2008

Deepsec Talks 2007 are online - registration for 2008 is open DeepSec 2008 (Jul 01)

DeepSec Conference Vienna

DeepSec 2008 - Last call for submissions DeepSec Conference Vienna (Jul 14)

Deniz Cevik

IBM MRO MAXIMO INFORMATION DISCLOSURE AND XSS VULNERABILITIES Deniz Cevik (Jul 11)
Re: DNS and Checkpoint Deniz Cevik (Jul 10)

Devin Carraway

[SECURITY] [DSA 1617-1] New refpolicy packages fix incompatible policy Devin Carraway (Jul 25)
[SECURITY] [DSA 1608-1] New mysql-dfsg-5.0 packages fix authorization bypass Devin Carraway (Jul 13)
[SECURITY] [DSA 1616-2] New clamav packages fix denial of service Devin Carraway (Jul 26)
[SECURITY] [DSA 1619-1] New python-dns packages fix DNS response spoofing Devin Carraway (Jul 27)
[SECURITY] [DSA 1616-1] new clamav packages fix denial of service Devin Carraway (Jul 24)
[SECURITY] [DSA 1613-1] new libgd2 packages fix multiple vulnerabilities Devin Carraway (Jul 22)

don bailey

Will the real Don Bailey please stand up? don bailey (Jul 31)
Re: Re DNS spoofing issue discussion don bailey (Jul 31)
Re: Re DNS spoofing issue discussion don bailey (Jul 31)
Re: Re DNS spoofing issue discussion don bailey (Jul 31)

Dragos Ruiu

Re: simple phishing fix Dragos Ruiu (Jul 30)
Re: [inbox] Re: simple phishing fix Dragos Ruiu (Jul 30)
Re: simple phishing fix Dragos Ruiu (Jul 30)

|e0

Re: Critical flaw rocks the internet |e0 (Jul 09)

ekoparty

ekoparty security trainings (2008) announcement ekoparty (Jul 16)

Elazar Broad

Re: [Full-disclosure] [Dailydave] Linux's unofficial security-through-coverup policy Elazar Broad (Jul 17)
Re: Proxy Autoconfiguration and Internet Explorer Zones Elazar Broad (Jul 10)
Re: [Full-disclosure] Trend Micro OfficeScan ObjRemoveCtrl ActiveX Control Buffer Overflow Vulnerability Elazar Broad (Jul 29)
Trend Micro OfficeScan ObjRemoveCtrl ActiveX Control Buffer Overflow Vulnerability Elazar Broad (Jul 28)
Re: Oracle DB security contact email address? Elazar Broad (Jul 16)
Re: [Full-disclosure] [Dailydave] Linux's unofficial security-through-coverup policy Elazar Broad (Jul 17)
Re: signature for DNS vulnerability? Elazar Broad (Jul 25)
Proxy Autoconfiguration and Internet Explorer Zones Elazar Broad (Jul 10)
Re: Panda ActiveScan 2.0 remote code execution Elazar Broad (Jul 04)
Re: DNS and NAT (was: DNS and CheckPoint) Elazar Broad (Jul 11)
Real Networks RealPlayer ActiveX Heap Use After Free Vulnerability Elazar Broad (Jul 25)

Enigma

Re: bloginfosec.com: We're looking for a few good columnists! Enigma (Jul 09)

Erik Kamerling

Re: signature for DNS vulnerability? Erik Kamerling (Jul 25)

eugaaa () gmail com

Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) eugaaa () gmail com (Jul 13)
Re: Dan Kaminsky Disclosure Methodology + Super Critical vulnerability disclosure in Windows eugaaa () gmail com (Jul 25)
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) eugaaa () gmail com (Jul 13)
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) eugaaa () gmail com (Jul 13)
DNS Cache Dan Kamikaze (Actual Exploit Discussion) eugaaa () gmail com (Jul 13)
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) eugaaa () gmail com (Jul 13)
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) eugaaa () gmail com (Jul 13)

Exibar

Re: Kaminsky's Law Exibar (Jul 25)
Re: [inbox] Re: simple phishing fix Exibar (Jul 30)
Re: [inbox] Re: simple phishing fix Exibar (Jul 31)
Re: [inbox] Re: DNS spoofing issue. Thoughts on Exibar (Jul 26)
Re: ladies Exibar (Jul 24)
Re: simple phishing fix Exibar (Jul 30)
Re: simple phishing fix Exibar (Jul 30)

Felipe Andres Manzano

#2008-007 libpoppler uninitialized pointer - POC Felipe Andres Manzano (Jul 08)

Fernando Gont

IETF Internet-Draft on TCP Port randomization Fernando Gont (Jul 16)

Filipe Balestra

Re: [SCANIT-2008-001] QNX phgrafx Privilege Escalation Vulnerability Filipe Balestra (Jul 01)

Florian Weimer

[SECURITY] [DSA 1544-2] New pdns-recursor packages fix predictable randomness Florian Weimer (Jul 16)
Re: Zone Alarm Firewall users without Internet after MS patch (MS08-037) Florian Weimer (Jul 09)
[SECURITY] [DSA 1604-1] BIND 8 deprecation notice Florian Weimer (Jul 08)
Re: Zone Alarm Firewall users without Internet after MS patch (MS08-037) Florian Weimer (Jul 09)
[SECURITY] [DSA 1602-1] New pcre3 packages fix arbitrary code execution Florian Weimer (Jul 05)
[SECURITY] [DSA 1603-1] New bind9 packages fix cache poisoning Florian Weimer (Jul 08)
[SECURITY] [DSA 1605-1] DNS vulnerability impact on the libc stub resolver Florian Weimer (Jul 08)

foofus

Coffee Wars 9 : Call for Beans foofus (Jul 08)

Fredrick Diggle

Re: Critical flaw rocks the internet Fredrick Diggle (Jul 09)
Re: Dan Kaminsky Disclosure Methodology + Super Critical vulnerability disclosure in Windows Fredrick Diggle (Jul 25)
Re: bloginfosec.com: We're looking for a few good columnists! Fredrick Diggle (Jul 09)
Re: Dan Kaminsky Disclosure Methodology + Super Critical vulnerability disclosure in Windows Fredrick Diggle (Jul 25)
Re: how to request a cve id? Fredrick Diggle (Jul 25)
Dan Kaminsky Disclosure Methodology + Super Critical vulnerability disclosure in Windows Fredrick Diggle (Jul 25)
sballmer () microsoft com, root () apache org Fredrick Diggle (Jul 10)
[FDSA] BIND's vulnerability to packet forgery Fredrick Diggle (Jul 09)

FRLinux

Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) FRLinux (Jul 15)

fukami

CFP 25C3 - The 25th Chaos Communication Congress 2008 fukami (Jul 01)

Gadi Evron

Re: [funsec] Stop The 70% Lie Gadi Evron (Jul 18)

Ganbold

Re: CAU-EX-2008-0002: Kaminsky DNS Cache Poisoning Flaw Exploit Ganbold (Jul 24)

Garrett Groff

Re: Linux's unofficial security-through-coveruppolicy Garrett Groff (Jul 16)

Georgi Guninski

Re: how to request a cve id? Georgi Guninski (Jul 27)

Giancarlo Razzolini

Re: Nominate Dan Kaminsky for Most Overhyped Bug Pwnie Award Giancarlo Razzolini (Jul 11)

Glenn.Everhart

Re: simple phishing fix Glenn.Everhart (Jul 29)
Re: DNS spoofing issue. Thoughts on Glenn.Everhart (Jul 27)
Re: DNS flaw fixing causes surge in DNS traffic Glenn.Everhart (Jul 12)
Recall: simple phishing fix Glenn.Everhart (Jul 30)

H D Moore

Re: Re : CAU-EX-2008-0002: Kaminsky DNS Cache Poisoning Flaw Exploit H D Moore (Jul 25)

Hernan Ochoa

Release of Pass-The-Hash Toolkit v1.4 Hernan Ochoa (Jul 02)

iDefense Labs

iDefense Security Advisory 07.15.08: Oracle Internet Directory Pre-Authentication LDAP DoS Vulnerability iDefense Labs (Jul 15)
iDefense Security Advisory 07.08.08: Microsoft SQL Server Restore Integer Underflow Vulnerability iDefense Labs (Jul 08)
iDefense Security Advisory 07.30.08: SAP MaxDB dbmsrv Untrusted Execution Path Vulnerability iDefense Labs (Jul 31)
iDefense Security Advisory 07.15.08: Oracle Database DBMS_AQELM Package Buffer Overflow Vulnerability iDefense Labs (Jul 15)
iDefense Security Advisory 07.28.08: Hewlett-Packard OVIS Probe Builder Arbitrary Process Termination Vulnerability iDefense Labs (Jul 28)
iDefense Security Advisory 07.15.08: Oracle Database Local Untrusted Library Path Vulnerability iDefense Labs (Jul 15)
iDefense Security Advisory 07.09.08: Novell eDirectory LDAP Search Request Heap Corruption Vulnerability iDefense Labs (Jul 10)

imipak

DNS and Checkpoint imipak (Jul 09)
Re: DNS spoofing issue. Thoughts on imipak (Jul 26)
Re: Nominate Dan Kaminsky for Most Overhyped BugPwnie Award imipak (Jul 23)

infolookup

Re: Minneapolis DC612 Meeting July 10th, 2008@6pm infolookup (Jul 08)
2600 Last Hope Conference NYC infolookup (Jul 20)

I)ruid

Re: Signs of compromised DNS? I)ruid (Jul 24)
CAU-EX-2008-0003: Kaminsky DNS Cache Poisoning Flaw Exploit for Domains I)ruid (Jul 23)
CAU-EX-2008-0002: Kaminsky DNS Cache Poisoning Flaw Exploit I)ruid (Jul 23)
...? (: I)ruid (Jul 24)

[ISR] - Infobyte Security Research

Tool release: [evilgrade] - Using DNS cache poisoning to exploit poor update implementations [ISR] - Infobyte Security Research (Jul 28)
Novell GroupWise Messenger Client (GWIM) Remote Stack Overflow [ISR] - Infobyte Security Research (Jul 02)

Ivan .

Critical flaw rocks the internet Ivan . (Jul 08)
Re: Pen Test forums? Ivan . (Jul 24)
Re: Critical flaw rocks the internet Ivan . (Jul 08)

James Lay

Re: New round of SSH scan IP's James Lay (Jul 09)
Signs of compromised DNS? James Lay (Jul 24)
New round of SSH scan IP's James Lay (Jul 08)
Re: Signs of compromised DNS? James Lay (Jul 25)
Re: Zone Alarm Firewall users without Internet after MS patch (MS08-037) James Lay (Jul 09)
Re: The cat is indeed out of the bag James Lay (Jul 22)

Jamie Strandboge

[USN-629-1] Thunderbird vulnerabilities Jamie Strandboge (Jul 24)
[USN-627-1] Dnsmasq vulnerability Jamie Strandboge (Jul 22)
[USN-628-1] PHP vulnerabilities Jamie Strandboge (Jul 23)
[USN-626-1] Firefox and xulrunner vulnerabilities Jamie Strandboge (Jul 28)
[USN-623-1] Firefox vulnerabilities Jamie Strandboge (Jul 17)
[USN-619-1] Firefox vulnerabilities Jamie Strandboge (Jul 02)

Jan Minář

Vim: Improper Implementation of shellescape()/Arbitrary Code Execution Jan Minář (Jul 16)
Arbitrary code execution in Netrw version 127, Vim 7.2b Jan Minář (Jul 16)
Re: Collection of Vulnerabilities in Fully Patched Vim 7.1 Jan Minář (Jul 01)
Vim: Flawed Fix of Arbitrary Code Execution Vulnerability in filetype.vim Jan Minář (Jul 23)
Re: Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution Jan Minář (Jul 26)
Re: Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution Jan Minář (Jul 24)
Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution Jan Minář (Jul 17)

Jared DeMott

Re: bloginfosec.com: We're looking for a few good columnists! Jared DeMott (Jul 09)
Re: Kaminsky DNS bug leaked Jared DeMott (Jul 15)

Jean-Michel Besnard

Trixbox 2.6.1 and below, remote root shell through local file inclusion Jean-Michel Besnard (Jul 09)

Jeffrey Starck

Re: 0day offer Jeffrey Starck (Jul 29)
0day offer Jeffrey Starck (Jul 10)

Jerome Benoit

Re: Dan Kaminsky wants podcast with n3td3v Jerome Benoit (Jul 22)

Jessica Hope

XSS in admin logs - vBulletin 3.7.2 and lower, vBulletin 3.6.10 PL2 and lower Jessica Hope (Jul 08)

jf

Re: Dan Kaminsky wants podcast with n3td3v jf (Jul 22)

jkouns

Open Security Foundation To Maintain Attrition.org's Data Loss Database - Open Source jkouns (Jul 15)

jmpascual

Re: Oracle Database Local Untrusted Library Path Vulnerability jmpascual (Jul 21)

Joe Barr

Re: Coffee Wars 9 : Call for Beans Joe Barr (Jul 08)

Joel Jose

Re: [Dailydave] Linux's unofficial security-through-coverup policy Joel Jose (Jul 18)
Re: [Dailydave] Linux's unofficial security-through-coverup policy Joel Jose (Jul 18)

John Cartwright

List Charter John Cartwright (Jul 09)

John D. Reason

Re: DNS spoofing issue. Thoughts on John D. Reason (Jul 27)
Re: how to request a cve id? John D. Reason (Jul 29)

Jost Krieger

Re: Tool: PorkBind Nameserver Security Scanner Jost Krieger (Jul 31)

Jouko Pynnonen

Facebook script injection vulnerabilities Jouko Pynnonen (Jul 02)
Re: Facebook script injection vulnerabilities Jouko Pynnonen (Jul 04)

Joxean Koret

Oracle Database Local Untrusted Library Path Vulnerability Joxean Koret (Jul 19)

jr

AUTOREPLY [SECURITY] [DSA 1607-1] New iceweasel... jr (Jul 11)

Karol Więsek

Panda ActiveScan 2.0 remote code execution Karol Więsek (Jul 04)

kat

Re: The cat is indeed out of the bag kat (Jul 22)

Kees Cook

[USN-622-1] Bind vulnerability Kees Cook (Jul 08)
[USN-631-1] poppler vulnerability Kees Cook (Jul 28)
[USN-630-1] ffmpeg vulnerability Kees Cook (Jul 28)
[USN-625-1] Linux kernel vulnerabilities Kees Cook (Jul 16)
[USN-624-1] PCRE vulnerability Kees Cook (Jul 14)

Kenneth F. Belva

bloginfosec.com: We're looking for a few good columnists! Kenneth F. Belva (Jul 09)

Kevin Finisterre (lists)

Pin Pop... (ATM Pins?) Kevin Finisterre (lists) (Jul 22)

Kingcope Kingcope

AFK from full-disclosure Kingcope Kingcope (Jul 19)
Re: Pwnie Awards 2008 Kingcope Kingcope (Jul 21)
AFK from fool-disclosure Kingcope Kingcope (Jul 18)

Kiwicon Crue

Kiwicon CFP 2k8 - Update Kiwicon Crue (Jul 11)

KJK::Hyperion

Re: Warning KJK::Hyperion (Jul 10)

Knud Erik Højgaard

F-PROT antivirus 6.2.1.4252 infinite loop denial of service via malformed archive Knud Erik Højgaard (Jul 31)
Re: New round of SSH scan IP's Knud Erik Højgaard (Jul 09)
Re: Fwd: Are Bug Disclosures Helping or Hurting? Knud Erik Højgaard (Jul 31)

Kristian Erik Hermansen

Oracle DB security contact email address? Kristian Erik Hermansen (Jul 16)

Kristo pher

Kaminsky corroborates the DNS vuln. discovered and published by Flake Kristo pher (Jul 24)

Kurt Dillard

Re: bloginfosec.com: We're looking for a few good columnists! Kurt Dillard (Jul 09)

Kyle C. Quest

protecting yourself from DLP Kyle C. Quest (Jul 25)

list-fulldisclosure

Re: DNS spoofing issue. Thoughts on potential exploits list-fulldisclosure (Jul 24)

Lolek of TK53

Re: Multiple Vendor DNS Cache Poisoning issue Lolek of TK53 (Jul 10)

londone

Re: Mrfetch Paul Carnes YouTube londone (Jul 06)
Re: Multiple Vendor DNS Cache Poisoning issue londone (Jul 10)

lsi

simple phishing fix lsi (Jul 27)
Re: simple phishing fix lsi (Jul 28)
Re: simple phishing fix lsi (Jul 28)
Re: simple phishing fix lsi (Jul 30)
Re: simple phishing fix lsi (Jul 28)

Lucio Crusca

Re: help: I need to crack my box Lucio Crusca (Jul 22)
Re: help: I need to crack my box Lucio Crusca (Jul 22)
Re: help: I need to crack my box Lucio Crusca (Jul 23)
help: I need to crack my box Lucio Crusca (Jul 21)

Luigi Auriemma

Memory corruption and NULL pointer in Unreal Tournament III 1.2 Luigi Auriemma (Jul 29)
NULL pointer in Unreal Tournament 2004 v3369 Luigi Auriemma (Jul 29)
NULL pointer in ZDaemon 1.08.07 Luigi Auriemma (Jul 21)

MadHat Unspecific

Re: Comments on: DNS exploit code is in the wild MadHat Unspecific (Jul 24)

Marco Slaviero

Re: DNS and NAT (was: DNS and CheckPoint) Marco Slaviero (Jul 16)

Mark Andrews

Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Mark Andrews (Jul 15)
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Mark Andrews (Jul 15)
Re: DNS spoofing issue. Thoughts on potential exploits Mark Andrews (Jul 26)
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Mark Andrews (Jul 15)
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Mark Andrews (Jul 15)
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Mark Andrews (Jul 15)
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Mark Andrews (Jul 14)

Mary and Glenn Everhart

Re DNS spoofing issue discussion Mary and Glenn Everhart (Jul 31)

Matthias Geerdsen

[ GLSA 200807-04 ] Poppler: User-assisted execution of arbitrary code Matthias Geerdsen (Jul 08)
[ GLSA 200807-08 ] BIND: Cache poisoning Matthias Geerdsen (Jul 11)

Maxime Ducharme

Re: Dan Kaminsky wants podcast with n3td3v Maxime Ducharme (Jul 22)

mcwidget

Re: Nominate Dan Kaminsky for Most Overhyped Bug Pwnie Award mcwidget (Jul 23)

Michael Holstein

Re: New round of SSH scan IP's Michael Holstein (Jul 09)

Michal Zalewski

[tool] ratproxy - passive web application security assessment tool Michal Zalewski (Jul 01)

Micheal Cottingham

Re: signature for DNS vulnerability? Micheal Cottingham (Jul 25)

Mike Owen

Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Mike Owen (Jul 15)

mokum von Amsterdam

Re: The cat is indeed out of the bag mokum von Amsterdam (Jul 23)

monsieur . aglie

The cat is indeed out of the bag monsieur . aglie (Jul 22)

Moritz Muehlenhoff

[SECURITY] [DSA 1607-1] New iceweasel packages fix several vulnerabilities Moritz Muehlenhoff (Jul 11)
[SECURITY] [DSA 1618-1] New ruby1.9 packages fix several vulnerabilities Moritz Muehlenhoff (Jul 26)
[SECURITY] [DSA 1624-1] New libxslt packages fix arbitrary code execution Moritz Muehlenhoff (Jul 31)
[SECURITY] [DSA 1620-1] New python2.5 packages fix several vulnerabilities Moritz Muehlenhoff (Jul 27)
[SECURITY] [DSA 1615-1] New xulrunner packages fix several vulnerabilities Moritz Muehlenhoff (Jul 23)
[SECURITY] [DSA 1621-1] New icedove packages fix several vulnerabilities Moritz Muehlenhoff (Jul 27)
[SECURITY] [DSA 1614-1] New iceweasel packages fix several vulnerabilities Moritz Muehlenhoff (Jul 23)
[SECURITY] [DSA 1612-1] New ruby1.8 packages fix several vulnerabilities Moritz Muehlenhoff (Jul 21)
[SECURITY] [DSA 1623-1] New dnsmasq packages fix cache poisoning Moritz Muehlenhoff (Jul 31)

mrdkaaa

Re: Novell GroupWise Messenger Client (GWIM) Remote Stack Overflow mrdkaaa (Jul 02)
Re: [SCANIT-2008-001] QNX phgrafx Privilege Escalation Vulnerability mrdkaaa (Jul 01)
Re: Full-Disclosure? introducing lul-disclosure. mrdkaaa (Jul 02)
[MSA080709-001] OpenSSH Vulnerability mrdkaaa (Jul 09)

M. Shirk

Re: Kaminsky DNS bug leaked M. Shirk (Jul 15)
Re: Linux's unofficial security-through-coverup policy M. Shirk (Jul 16)
Re: Kaminsky DNS bug leaked M. Shirk (Jul 15)

mutiny

Re: Critical flaw rocks the internet mutiny (Jul 09)
Re: New round of SSH scan IP's mutiny (Jul 09)

n3td3v

Pwnie Awards: Nominations, delayed? n3td3v (Jul 14)
Fwd: 'World's most dangerous hacker' to be extradited to US n3td3v (Jul 30)
Re: Dan Kaminsky wants podcast with n3td3v n3td3v (Jul 22)
Fwd: Comments on: Google powers up users' Gmail security arsenal n3td3v (Jul 08)
Re: DNS flaw fixing causes surge in DNS traffic n3td3v (Jul 11)
Re: Dan Kaminsky wants podcast with n3td3v n3td3v (Jul 22)
Fwd: Are Bug Disclosures Helping or Hurting? n3td3v (Jul 30)
Nominate Dan Kaminsky for Most Overhyped Bug Pwnie Award n3td3v (Jul 11)
Re: Dan Kaminsky Disclosure Methodology + Super Critical vulnerability disclosure in Windows n3td3v (Jul 25)
Re: AFK from fool-disclosure n3td3v (Jul 18)
Re: Pwnie Awards: Nominations, delayed? n3td3v (Jul 14)
n3td3v podcast n3td3v (Jul 02)
Re: Nominate Dan Kaminsky for Most Overhyped Bug Pwnie Award n3td3v (Jul 11)
Re: n3td3v podcast n3td3v (Jul 03)
Re: Dan Kaminsky Disclosure Methodology + Super Critical vulnerability disclosure in Windows n3td3v (Jul 26)
Re: Fwd: Are Bug Disclosures Helping or Hurting? n3td3v (Jul 30)
Fwd: Stop The 70% Lie n3td3v (Jul 18)
Torvalds attacks IT industry 'security circus' n3td3v (Jul 19)
Re: Nominate Dan Kaminsky for Most Overhyped Bug Pwnie Award n3td3v (Jul 23)
Re: Nominate Dan Kaminsky for Most Overhyped Bug Pwnie Award n3td3v (Jul 11)
Re: DNS spoofing issue. Thoughts on n3td3v (Jul 26)
Re: n3td3v n3td3v (Jul 17)
Media backlash begins against HD Moore and I)ruid n3td3v (Jul 26)
Kaminsky's Law n3td3v (Jul 25)
Re: Multiple Vendor DNS Cache Poisoning issue n3td3v (Jul 11)
Comments on: DNS exploit code is in the wild n3td3v (Jul 24)
Re: Comments on: DNS exploit code is in the wild n3td3v (Jul 24)
Dan Kaminsky wants podcast with n3td3v n3td3v (Jul 22)
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) n3td3v (Jul 15)
Re: Torvalds attacks IT industry 'security circus' n3td3v (Jul 19)
Re: n3td3v podcast n3td3v (Jul 03)
Re: n3td3v podcast n3td3v (Jul 03)
How should Full-Disclosure be funded? n3td3v (Jul 11)
Re: Kaminsky's Law n3td3v (Jul 28)
Re: how to request a cve id? n3td3v (Jul 28)

Nahuel C. Riva

[tool] SDT Cleaner 1.0 Nahuel C. Riva (Jul 23)

Nate McFeters

Re: Nominate Dan Kaminsky for Most Overhyped Bug Pwnie Award Nate McFeters (Jul 16)
Re: Kaminsky DNS bug leaked Nate McFeters (Jul 15)
Microsoft warns of attacks against Word 2002 SP 3 Nate McFeters (Jul 09)
Re: Critical flaw rocks the internet Nate McFeters (Jul 09)
Re: Pwnie Awards: Nominations, delayed? Nate McFeters (Jul 16)

natron

Kaminsky's DNS Issue Leaked? natron (Jul 21)

Neil McGovern

Re: Mrfetch Paul Carnes YouTube Neil McGovern (Jul 06)
Re: 0day offer Neil McGovern (Jul 11)

NetExpress

zonedit.com e dns zone transfer NetExpress (Jul 04)

Netragard Security Advisories

[NETRAGARD SECURITY ADVISORY][Apple Core Image Fun House <= 2.0 OS X -- Arbitrary Code Execution][NETRAGARD-20080711] Netragard Security Advisories (Jul 11)

Nick FitzGerald

Re: simple phishing fix Nick FitzGerald (Jul 30)
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Nick FitzGerald (Jul 15)
Re: simple phishing fix Nick FitzGerald (Jul 29)

nigel

Re: help: I need to crack my box (Lucio Crusca) nigel (Jul 22)

Nikolai Weibull

Re: Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution Nikolai Weibull (Jul 18)

nobody

WinMagic HDE encryption nobody (Jul 03)

noreply

[MU-200807-01] Remote DoS in reSIProcate noreply (Jul 12)

OTB

OwnTheBox @ DC16: Pwning for dollars OTB (Jul 15)

Pablo Molina

Zone Alarm Firewall users without Internet after MS patch (MS08-037) Pablo Molina (Jul 09)

Panda Security Response

Re: Panda ActiveScan 2.0 remote code execution Panda Security Response (Jul 04)
Re: Panda ActiveScan 2.0 remote code execution Panda Security Response (Jul 04)

Paul Schmehl

Re: help: I need to crack my box Paul Schmehl (Jul 21)
Re: [Dailydave] Linux's unofficial security-through-coverup policy Paul Schmehl (Jul 17)
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Paul Schmehl (Jul 13)
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Paul Schmehl (Jul 15)
Re: DNS spoofing issue. Thoughts on Paul Schmehl (Jul 26)
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Paul Schmehl (Jul 15)
Re: How should Full-Disclosure be funded? Paul Schmehl (Jul 11)
Re: DNS spoofing issue. Thoughts on Paul Schmehl (Jul 25)
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Paul Schmehl (Jul 15)
Re: Re DNS spoofing issue discussion Paul Schmehl (Jul 31)
Re: help: I need to crack my box Paul Schmehl (Jul 22)
Re: Re DNS spoofing issue discussion Paul Schmehl (Jul 31)
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Paul Schmehl (Jul 15)
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Paul Schmehl (Jul 13)
Re: DNS spoofing issue. Thoughts on Paul Schmehl (Jul 26)
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Paul Schmehl (Jul 14)

Paul Szabo

Re: Proxy Autoconfiguration and Internet Explorer Zones Paul Szabo (Jul 10)
DNS forward only: why does it help? Paul Szabo (Jul 23)
Re: DNS spoofing issue. Thoughts on Paul Szabo (Jul 26)

PEra

Re: List Charter PEra (Jul 20)

Peter Besenbruch

Re: simple phishing fix Peter Besenbruch (Jul 29)
Re: simple phishing fix Peter Besenbruch (Jul 30)
Re: simple phishing fix Peter Besenbruch (Jul 29)
Re: Kaminsky DNS bug leaked Peter Besenbruch (Jul 15)

Peter Dawson

Re: The cat is indeed out of the bag Peter Dawson (Jul 23)

Peter van den Heuvel

Re: Multiple Vendor DNS Cache Poisoning issue Peter van den Heuvel (Jul 10)
Re: New round of SSH scan IP's Peter van den Heuvel (Jul 09)

Pierre-Yves Rofes

[ GLSA 200807-12 ] BitchX: Multiple vulnerabilities Pierre-Yves Rofes (Jul 21)
[ GLSA 200807-10 ] Bacula: Information disclosure Pierre-Yves Rofes (Jul 21)
[ GLSA 200807-14 ] Linux Audit: Buffer overflow Pierre-Yves Rofes (Jul 31)
[ GLSA 200807-05 ] OpenOffice.org: User-assisted execution of arbitrary code Pierre-Yves Rofes (Jul 09)
[ GLSA 200807-15 ] Pan: User-assisted execution of arbitrary code Pierre-Yves Rofes (Jul 31)
[ GLSA 200807-13 ] VLC: Multiple vulnerabilities Pierre-Yves Rofes (Jul 31)
[ GLSA 200807-11 ] PeerCast: Buffer overflow Pierre-Yves Rofes (Jul 21)

Piotr Bania

Kon-Boot v.1.0 - booting-time ultimate linux hacking utility ; ) Piotr Bania (Jul 15)

ProCheckUp Research

PR08-15: Several Webroot Disclosures on Moodle ProCheckUp Research (Jul 22)
PR08-16: CSRF (Cross-site Request Forgery) on Moodle edit profile page ProCheckUp Research (Jul 22)
PR08-13: Persistent Cross-site Scripting (XSS) on Moodle via blog entry title ProCheckUp Research (Jul 22)

Professor Micheal Chatner

ladies Professor Micheal Chatner (Jul 24)
n3td3v Professor Micheal Chatner (Jul 16)
everything Professor Micheal Chatner (Jul 15)
Re: everything Professor Micheal Chatner (Jul 15)

pUm

Re: help: I need to crack my box pUm (Jul 22)

Raj Mathur

Re: simple phishing fix Raj Mathur (Jul 30)

RandallMan

DNS spoofing issue. Thoughts on RandallMan (Jul 25)
Re: ladies RandallMan (Jul 25)

Randal, Phil

Re: Multiple Vendor DNS Cache Poisoning issue Randal, Phil (Jul 10)

Randal T. Rioux

Re: Panda ActiveScan 2.0 remote code execution Randal T. Rioux (Jul 04)
Re: simple phishing fix Randal T. Rioux (Jul 29)

Ray P

Re: DNS and Checkpoint Ray P (Jul 09)
Re: Comments on: DNS exploit code is in the wild Ray P (Jul 24)

razi garbie

Re: help: I need to crack my box razi garbie (Jul 22)

Riad S. Wahby

Re: DNS and NAT (was: DNS and CheckPoint) Riad S. Wahby (Jul 10)
Re: DNS and NAT (was: DNS and CheckPoint) Riad S. Wahby (Jul 11)

Rob

Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Rob (Jul 15)

Robert Buchholz

[ GLSA 200807-07 ] NX: User-assisted execution of arbitrary code Robert Buchholz (Jul 09)
[ GLSA 200807-03 ] PCRE: Buffer overflow Robert Buchholz (Jul 07)
Re: Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution Robert Buchholz (Jul 24)
[ GLSA 200807-16 ] Python: Multiple vulnerabilities Robert Buchholz (Jul 31)
[ GLSA 200807-06 ] Apache: Denial of Service Robert Buchholz (Jul 09)
Re: Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution Robert Buchholz (Jul 25)

Robert Holgstad

Re: simple phishing fix Robert Holgstad (Jul 30)
Re: Advisories Robert Holgstad (Jul 30)
Re: SPAM from Tobesecurity.com Robert Holgstad (Jul 24)
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Robert Holgstad (Jul 15)
Re: Kaminsky's Law Robert Holgstad (Jul 25)
Re: Multiple Vendor DNS Cache Poisoning issue Robert Holgstad (Jul 11)
Re: Panda ActiveScan 2.0 remote code execution Robert Holgstad (Jul 04)
Re: Dan Kaminsky Disclosure Methodology + Super Critical vulnerability disclosure in Windows Robert Holgstad (Jul 27)
Re: Kaminsky DNS bug leaked Robert Holgstad (Jul 15)

Robert McKay

Re: The cat is indeed out of the bag Robert McKay (Jul 23)

Robert Peaslee

Re: Linux's unofficial security-through-coverup policy Robert Peaslee (Jul 16)

Rob Thompson

Re: everything Rob Thompson (Jul 15)

Rodrigo Rubira Branco (BSDaemon)

Re: DNS and Checkpoint Rodrigo Rubira Branco (BSDaemon) (Jul 09)
Re: Zone Alarm Firewall users without Internet after MS patch (MS08-037) Rodrigo Rubira Branco (BSDaemon) (Jul 09)

root

Re: Full-Disclosure? introducing lul-disclosure. root (Jul 02)

rPath Update Announcements

rPSA-2008-0217-1 vsftpd rPath Update Announcements (Jul 09)
rPSA-2008-0216-1 firefox rPath Update Announcements (Jul 09)
rPSA-2008-0218-1 ruby rPath Update Announcements (Jul 09)
rPSA-2008-0223-1 poppler rPath Update Announcements (Jul 09)
rPSA-2008-0236-1 httpd mod_ssl rPath Update Announcements (Jul 29)
rPSA-2008-0230-1 bind bind-utils rPath Update Announcements (Jul 18)
rPSA-2008-0241-1 openssl openssl-scripts rPath Update Announcements (Jul 31)
rPSA-2008-0237-1 tshark wireshark rPath Update Announcements (Jul 29)
rPSA-2008-0212-1 tshark wireshark rPath Update Announcements (Jul 03)
rPSA-2008-0211-1 mercurial mercurial-hgk rPath Update Announcements (Jul 03)
rPSA-2008-0231-1 bind bind-utils rPath Update Announcements (Jul 19)
rPSA-2008-0238-1 firefox rPath Update Announcements (Jul 29)
rPSA-2008-0035-1 httpd mod_ssl rPath Update Announcements (Jul 16)
rPSA-2008-0235-1 fetchmail fetchmailconf rPath Update Announcements (Jul 29)

Ryan McBride

Re: DNS and NAT (was: DNS and CheckPoint) Ryan McBride (Jul 16)

Sandro Gauci

Re: DNS and Checkpoint Sandro Gauci (Jul 10)

Sandy Vagina

Re: Nominate Dan Kaminsky for Most Overhyped Bug Pwnie Award Sandy Vagina (Jul 11)
Re: Nominate Dan Kaminsky for Most Overhyped Bug Pwnie Award Sandy Vagina (Jul 11)
Re: Pwnie Awards: Nominations, delayed? Sandy Vagina (Jul 14)
Re: How should Full-Disclosure be funded? Sandy Vagina (Jul 11)

Scanit Labs

[SCANIT-2008-003] Wordtrans-web Remote Command Execution Vulnerability Scanit Labs (Jul 01)
[SCANIT-2008-001] QNX phgrafx Privilege Escalation Vulnerability Scanit Labs (Jul 01)
[SCANIT-2008-002] Wordtrans-web Remote Command Execution Vulnerability Scanit Labs (Jul 01)

schroedinger

Re: The cat is indeed out of the bag schroedinger (Jul 22)
Re: The cat is indeed out of the bag schroedinger (Jul 22)

Secunia Research

Secunia Research: Blue Coat K9 Web Protection "Referer" Header Buffer Overflow Secunia Research (Jul 31)
Secunia Research: RealPlayer SWF Frame Handling Buffer Overflow Secunia Research (Jul 25)
Secunia Research: VLC Media Player WAV Processing Integer Overflow Secunia Research (Jul 02)
Secunia Research: Blue Coat K9 Web Protection Response Handling Buffer Overflows Secunia Research (Jul 31)

security

[ MDVSA-2008:156 ] - Updated libpng packages fix vulnerability security (Jul 28)
n.runs-SA-2008.002 - F-Prot Out-of-Bound Memory Access DoS (remote) security (Jul 16)
[ MDVSA-2008:150 ] - Updated mysql packages fix vulnerabilities security (Jul 19)
[ MDVSA-2008:138-1 ] - Updated OpenOffice.org packages fix vulnerability security (Jul 11)
[ MDVSA-2008:159 ] licq security (Jul 30)
[ MDVSA-2008:138 ] - Updated OpenOffice.org packages fix vulnerability security (Jul 08)
n.runs-SA-2008.004 - AVG Anti-Virus Divide by Zero - DoS (remote) security (Jul 29)
[ MDVSA-2008:137 ] - Updated OpenOffice.org fix vulnerability, and a few other bugs security (Jul 08)
[ MDVSA-2008:158 ] silc-toolkit security (Jul 30)
[ MDVSA-2008:149 ] - Updated mysql packages fix vulnerabilities security (Jul 19)
[ MDVSA-2008:142 ] - Updated ruby packages fix vulnerabilities security (Jul 09)
[ MDVSA-2008:140 ] - Updated ruby packages fix vulnerabilities security (Jul 09)
[ MDVSA-2008:148 ] - Updated Firefox packages fix vulnerabilities security (Jul 17)
[ MDVSA-2008:144 ] - Updated openldap packages fix slapd DoS vulnerability security (Jul 11)
[ MDVSA-2008:133 ] - Updated sympa packages fix DoS vulnerability security (Jul 04)
[ MDVSA-2008:143 ] - Updated pidgin packages fix MSN protocol handler vulnerability security (Jul 10)
[ MDVSA-2008:151 ] - Updated libxslt packages fix buffer overflow vulnerability security (Jul 21)
[ MDVSA-2008:155 ] - Updated Thunderbird packages fix multiple vulnerabilities security (Jul 25)
[ MDVSA-2008:146 ] - Updated poppler packages fix arbitrary code execution vulnerability security (Jul 15)
[ MDVSA-2008:130 ] - Updated PHP packages fix multiple vulnerabilities security (Jul 03)
[ MDVSA-2008:129 ] - Updated PHP packages fix multiple vulnerabilities security (Jul 03)
[ MDVSA-2008:152 ] - Updated wireshark packages fix denial of service vulnerability security (Jul 22)
[ MDVSA-2008:147 ] - Updated pcre packages fix vulnerability security (Jul 16)
[ MDVSA-2008:145 ] - Updated bluez/bluez-utils packages fix SDP packet parsing vulnerability security (Jul 14)
[ MDVSA-2008:126 ] - Updated PHP packages fix multiple vulnerabilities security (Jul 03)
[ MDVSA-2008:135 ] - Updated gnome-screensaver packages fix authentication vulnerability security (Jul 04)
[ MDVSA-2008:141 ] - Updated ruby packages fix vulnerabilities security (Jul 09)
[ MDVSA-2008:157 ] - ffmpeg security (Jul 29)
[ MDVSA-2008:155-1 ] - Updated Thunderbird packages fix multiple vulnerabilities security (Jul 27)
n.runs-SA-2008.003 - Quicktime - Arbitrary Code Execution (remote) security (Jul 16)
[ MDVSA-2008:154 ] - Updated xemacs packages fix vulnerability security (Jul 23)
[ MDVSA-2008:128 ] - Updated PHP packages fix multiple vulnerabilities security (Jul 03)
[ MDVSA-2008:134 ] - Updated squid packages fix DoS vulnerability security (Jul 04)
[ MDVSA-2008:139 ] - Updated BIND packages fix critical DNS vulnerability security (Jul 09)
[ MDVSA-2008:125 ] - Updated PHP packages fix multiple vulnerabilities security (Jul 03)
[ MDVSA-2008:131 ] - Updated phpMyAdmin packages fix multiple vulnerabilities security (Jul 04)
[ MDVSA-2008:136 ] - Updated Firefox packages fix vulnerabilities security (Jul 08)
[ MDVSA-2008:153 ] - Updated emacs packages fix vulnerability security (Jul 23)
[ MDVSA-2008:153 ] - Updated emacs packages fix vulnerability security (Jul 23)
[ MDVSA-2008:127 ] - Updated PHP packages fix multiple vulnerabilities security (Jul 03)
[ MDVSA-2008:132 ] - Updated gnome-screensaver packages fix authentication vulnerability security (Jul 04)

Shawn Merdinger

Re: How should Full-Disclosure be funded? Shawn Merdinger (Jul 11)

Slythers Bro

Re: AFK from fool-disclosure Slythers Bro (Jul 23)

solemn

Re: Nominate Dan Kaminsky for Most Overhyped Bug Pwnie Award solemn (Jul 22)
Re: AFK from fool-disclosure solemn (Jul 22)

Sowhat

Flashblock Bypass Sowhat (Jul 25)

Stack Smasher

Re: everything Stack Smasher (Jul 15)
Re: everything Stack Smasher (Jul 15)

staff

Full-Disclosure? introducing lul-disclosure. staff (Jul 01)
Re: [Dailydave] Linux's unofficial security-through-coverup policy staff (Jul 17)
Critical Aol Insta Chats Bug! staff (Jul 03)

Steve Grubb

Re: [Full-disclosure] [Dailydave] Linux's unofficial security-through-coverup policy Steve Grubb (Jul 17)

Steve Kemp

[SECURITY] [DSA 1560-1] New sympa packages fix denial of service Steve Kemp (Jul 01)
[SECURITY] [DSA 1609-1] New lighttpd packages fix multiple DOS issues Steve Kemp (Jul 15)
[SECURITY] [DSA 1610-1] New gaim packages fix execution of arbitrary code Steve Kemp (Jul 15)
[SECURITY] [DSA 1606-1] poppler packages fix execution of arbitrary code Steve Kemp (Jul 09)

Steven M. Christey

Re: how to request a cve id? Steven M. Christey (Jul 28)
Re: how to request a cve id? Steven M. Christey (Jul 27)
Re: Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution Steven M. Christey (Jul 25)
Re: how to request a cve id? Steven M. Christey (Jul 28)

Stian Øvrevåge

Re: simple phishing fix Stian Øvrevåge (Jul 29)

sub

Re: Nominate Dan Kaminsky for Most Overhyped Bug Pwnie Award sub (Jul 12)

super

Tool: PorkBind Nameserver Security Scanner super (Jul 30)

Supranamaya Ranjan

DNS flaw fixing causes surge in DNS traffic Supranamaya Ranjan (Jul 11)

T Biehn

Re: Dan Kaminsky Disclosure Methodology + Super Critical vulnerability disclosure in Windows T Biehn (Jul 27)

The Man

Re: Nominate Dan Kaminsky for Most Overhyped BugPwnie Award The Man (Jul 12)

the_man

Re: Nominate Dan Kaminsky for Most Overhyped BugPwnie Award the_man (Jul 12)

The Security Community

Stop The 70% Lie The Security Community (Jul 17)

the.soylent

Re: help: I need to crack my box the.soylent (Jul 22)

Thijs Kinkhorst

[SECURITY] [DSA 1611-1] New afuse packages fix privilege escalation Thijs Kinkhorst (Jul 16)
[SECURITY] [DSA 1622-1] New newsx packages fix arbitrary code execution Thijs Kinkhorst (Jul 31)
[SECURITY] [DSA 1569-3] New cacti packages fix regression Thijs Kinkhorst (Jul 15)
[SECURITY] [DSA 1601-1] New wordpress packages fix several vulnerabilities Thijs Kinkhorst (Jul 05)
[SECURITY] [DSA 1540-3] New lighttpd packages fix regression Thijs Kinkhorst (Jul 23)

Thomas Biege

SUSE Security Announcement: bind (SUSE-SA:2008:033) Thomas Biege (Jul 11)

Thomas Cross

Re: DNS and NAT (was: DNS and CheckPoint) Thomas Cross (Jul 11)
Re: DNS and NAT (was: DNS and CheckPoint) Thomas Cross (Jul 14)
DNS and NAT (was: DNS and CheckPoint) Thomas Cross (Jul 10)

tixxDZ

Re : CAU-EX-2008-0002: Kaminsky DNS Cache Poisoning Flaw Exploit tixxDZ (Jul 25)

Tobias Heinlein

[ GLSA 200807-09 ] Mercurial: Directory traversal Tobias Heinlein (Jul 15)
[ GLSA 200807-02 ] Motion: Execution of arbitrary code Tobias Heinlein (Jul 01)
[ GLSA 200807-01 ] Python: Multiple integer overflows Tobias Heinlein (Jul 01)

Tom Brennan

Application Security Tom Brennan (Jul 29)

Tonnerre Lombard

Re: Full-Disclosure? introducing lul-disclosure. Tonnerre Lombard (Jul 01)

trejrco

Re: simple phishing fix trejrco (Jul 27)

Troy Xyz

DNS spoofing issue. Thoughts on potential exploits Troy Xyz (Jul 17)
Re: DNS spoofing issue. Thoughts on potential exploits Troy Xyz (Jul 24)

Tuc at T-B-O-H.NET

Re: [bugtraq] Re: CAU-EX-2008-0002: Kaminsky DNS Cache Poisoning Tuc at T-B-O-H.NET (Jul 25)

Ureleet

Re: everything Ureleet (Jul 15)
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Ureleet (Jul 15)
Re: Fwd: Comments on: Google powers up users' Gmail security arsenal Ureleet (Jul 14)
Re: Dan Kaminsky wants podcast with n3td3v Ureleet (Jul 22)
Re: List Charter Ureleet (Jul 14)
Re: Nominate Dan Kaminsky for Most Overhyped Bug Pwnie Award Ureleet (Jul 22)
Re: [Full-disclosure] Gmail, Yahoo and Hotmail’s CAPTCHA broken by spammers Ureleet (Jul 03)
Re: Kaminsky's DNS Issue Leaked? Ureleet (Jul 22)
Re: n3td3v podcast Ureleet (Jul 03)
Re: Pwnie Awards: Nominations, delayed? Ureleet (Jul 14)
Re: Multiple Vendor DNS Cache Poisoning issue Ureleet (Jul 14)
Re: n3td3v podcast Ureleet (Jul 03)
Re: AFK from fool-disclosure Ureleet (Jul 22)
Re: Nominate Dan Kaminsky for Most Overhyped BugPwnie Award Ureleet (Jul 14)
Re: help: I need to crack my box (Lucio Crusca) Ureleet (Jul 22)
Re: How should Full-Disclosure be funded? Ureleet (Jul 14)
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Ureleet (Jul 14)
Re: n3td3v Ureleet (Jul 22)
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Ureleet (Jul 15)

Valdis . Kletnieks

Re: DNS spoofing issue. Thoughts on Valdis . Kletnieks (Jul 25)
Re: Nominate Dan Kaminsky for Most Overhyped Bug Pwnie Award Valdis . Kletnieks (Jul 11)
Re: DNS spoofing issue. Thoughts on Valdis . Kletnieks (Jul 30)
Re: Zone Alarm Firewall users without Internet after MS patch (MS08-037) Valdis . Kletnieks (Jul 09)
Re: Kaminsky DNS bug leaked Valdis . Kletnieks (Jul 15)
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Valdis . Kletnieks (Jul 13)
Re: DNS spoofing issue. Thoughts on Valdis . Kletnieks (Jul 26)
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Valdis . Kletnieks (Jul 15)
Re: Linux's unofficial security-through-coverup policy Valdis . Kletnieks (Jul 16)
Re: Linux's unofficial security-through-coverup policy Valdis . Kletnieks (Jul 16)
Re: [Dailydave] Linux's unofficial security-through-coverup policy Valdis . Kletnieks (Jul 18)
Re: Comments on: DNS exploit code is in the wild Valdis . Kletnieks (Jul 24)
Re: Pwnie Awards: Nominations, delayed? Valdis . Kletnieks (Jul 14)
Re: DNS and NAT (was: DNS and CheckPoint) Valdis . Kletnieks (Jul 11)
Re: help: I need to crack my box Valdis . Kletnieks (Jul 22)
Re: [inbox] Re: simple phishing fix Valdis . Kletnieks (Jul 31)
Re: Warning Valdis . Kletnieks (Jul 10)

Victor Stinner

Fusil the fuzzer version 0.9 released Victor Stinner (Jul 08)

VMware Security team

VMSA-2008-00011 Updated ESX service console packages for Samba and vmnix VMware Security team (Jul 28)

VR-Subscription-noreply

Assurent VR - CA ARCserve Backup for Laptops and Desktops LGServer Handshake Buffer Overflow VR-Subscription-noreply (Jul 31)
Assurent VR - Adobe RoboHelp Server SQL Injection Vulnerability VR-Subscription-noreply (Jul 09)

Wendel Guglielmetti Henrique

Citrix MetaFrame Privilege Escalation Wendel Guglielmetti Henrique (Jul 30)

Wesley McGrew

Re: Nominate Dan Kaminsky for Most Overhyped Bug Pwnie Award Wesley McGrew (Jul 11)

William Lefkovics

Re: n3td3v podcast William Lefkovics (Jul 03)

xpzhang

how to request a cve id? xpzhang (Jul 24)

zdi-disclosures

ZDI-08-042: Sun Java Web Start Sandbox Bypass Vulnerability zdi-disclosures (Jul 17)
ZDI-08-044: Mozilla Firefox CSSValue Array Memory Corruption Vulnerability zdi-disclosures (Jul 17)
ZDI-08-043: Sun Java Web Start vm args Stack Buffer Overflow zdi-disclosures (Jul 17)
ZDI-08-047: RealNetworks RealPlayer rmoc3260 ActiveX Control Memory Corruption Vulnerability zdi-disclosures (Jul 25)
ZDI-08-045: Apple Safari StyleSheet ownerNode Heap Corruption Vulnerability zdi-disclosures (Jul 25)
[Full-disclosure] http://www.zerodayinitiative.com/advisories/ZDI-08-046 zdi-disclosures (Jul 25)
ZDI-08-041: Novell eDirectory dhost Integer Overflow Code Execution Vulnerability zdi-disclosures (Jul 10)

zhliu

FGA-2008-16: EMC Dantz Retrospect 7 backup Server Authentication Module Weak Password Hash Arithmetic Vulnerability zhliu (Jul 21)
FGA-2008-16: EMC Dantz Retrospect 7 backup Client 7.5.116 Remote Memory corruption Vulnerability zhliu (Jul 21)
EMC Dantz Retrospect 7 backup Client PlainText Password Hash Disclosure Vulnerability zhliu (Jul 21)
FGA-2008-16: EMC Dantz Retrospect 7 backup Client 7.5.116 NULL-Pointer reference Denial of Service Vulnerability zhliu (Jul 21)

Previous period

Next period