Full Disclosure: by author
RSS Feed
About List
All Lists
Previous period
167 messages
starting Jul 10 14 and
ending Jul 01 14
Date index |
Thread index |
Author index
Aaron Peterson
Re: Is the era of ezine txt files over? Aaron Peterson (Jul 10)
Akra Macha
Resubmission of exploits Akra Macha (Jul 07)
Alejandro Alvarez
IBM GCM16/32 v1.20.0.22575 vulnerabilities Alejandro Alvarez (Jul 21)
Alfie John
Re: Is the era of ezine txt files over? Alfie John (Jul 20)
Re: Is the era of ezine txt files over? Alfie John (Jul 15)
Andy Bach
Re: Is the era of ezine txt files over? Andy Bach (Jul 17)
Árpád Magosányi
Re: new pen-test tool! Árpád Magosányi (Jul 07)
Berend-Jan Wever
Re: Is the era of ezine txt files over? Berend-Jan Wever (Jul 11)
Black Arch
BlackArch Linux: New ISOs and more. Black Arch (Jul 01)
BlackHawk
Pligg 2.x SQLi / PWD disclosure / RCE BlackHawk (Jul 24)
Brandon Perry
Re: Should it be better ... Brandon Perry (Jul 10)
Re: FireFox: Lab Mouse Security: Remote Code Execution via Browser (LZO) Brandon Perry (Jul 10)
Root command injection in ext-pack name for Virtualbox because of GKSu Brandon Perry (Jul 08)
Raritan PowerIQ v4.10 and v4.2.1 Unauthenticated SQL injection and possible RCE Brandon Perry (Jul 17)
InvGate Service Desk post-auth SQL injection as non-privileged user Brandon Perry (Jul 09)
Re: Beginner's error: import function of Windows Mail executes rogue program C:\Program.exe with credentials of other account Brandon Perry (Jul 24)
Dell Scrutinizer 11.01 multiple vulnerabilities Brandon Perry (Jul 10)
Carlos P
Re: AV scan on read vs write debate.... Carlos P (Jul 01)
Chris Schmidt
Re: Is the era of ezine txt files over? Chris Schmidt (Jul 11)
coderman
Strong Security Processes Require Strong Privacy Protections coderman (Jul 18)
DEF CON nostalgia [was: going double cryptome at DEF CON 22] coderman (Jul 31)
Cody Tarrant
Re: Feed2JS/MagpieRSS 0day vulnerability (not really, it is actually CVE-2005-3330 / CVE-2008-4796) Cody Tarrant (Jul 07)
Colin Keigher
Re: Bitstamp - Possible breach Colin Keigher (Jul 24)
Curesec Research Team
Conduct phonecalls on Android without the necessary permission, advisory+testapplication+exploits for testing (CVE-2013-6272 and CVE-2014-N/A) Curesec Research Team (Jul 05)
Dale Visser
Re: Jamming WiFi tracking beacons Dale Visser (Jul 17)
Daniel Miller
Re: Is the era of ezine txt files over? Daniel Miller (Jul 11)
Dave Horsfall
Meta: List moderation Dave Horsfall (Jul 10)
david
Oracle Data Redaction is Broken david (Jul 17)
David Kennedy
Re: QNAP TS-469U shadow file world readable David Kennedy (Jul 11)
David Longenecker
TxDOT fixes security issues with txtag.org David Longenecker (Jul 09)
devel
Re: Peeling the onion: Almost everyone involved in developing Tor was (or is) funded by the US government | PandoDaily devel (Jul 17)
Duarte Silva
Re: Bitstamp - Possible breach Duarte Silva (Jul 21)
Egidio Romano
[KIS-2014-08] OpenCart <= 1.5.6.4 (cart.php) PHP Object Injection Vulnerability Egidio Romano (Jul 14)
Eric Rand
Re: Jamming WiFi tracking beacons Eric Rand (Jul 17)
Re: Jamming WiFi tracking beacons Eric Rand (Jul 18)
Re: Jamming WiFi tracking beacons Eric Rand (Jul 18)
Erik Auerswald
Re: QNAP TS-469U shadow file world readable Erik Auerswald (Jul 11)
freddielarge
Iron Mountain doesn't take physical security seriously freddielarge (Jul 01)
funky . koval
Apache HTTPd - description of the CVE-2014-0117. funky . koval (Jul 22)
Apache HTTPd - description of the CVE-2014-0226. funky . koval (Jul 21)
Fyodor
Re: Meta: List moderation Fyodor (Jul 10)
Re: Should it be better ... Fyodor (Jul 10)
Glen Roberts
Re: Ignore the amount customers confirm is no security vulnerability according to PayPal Glen Roberts (Jul 17)
Gregory Pickett
IDGuard v0.60 Gregory Pickett (Jul 01)
GroundZero Summit CFP
Ground Zero Summit 13 - 16 November 2014, New Delhi | Call For Paper Open GroundZero Summit CFP (Jul 26)
Gynvael Coldwind
Re: Beginner's error: import function of Windows Mail executes rogue program C:\Program.exe with credentials of other account Gynvael Coldwind (Jul 26)
Re: Beginner's error: import function of Windows Mail executes rogue program C:\Program.exe with credentials of other account Gynvael Coldwind (Jul 26)
heige
Bypassing Content-Disposition: attachment for XSS on Chrome/Safari(IOS 6.x) heige (Jul 29)
Hinky Dink
Re: Iron Mountain doesn't take physical security seriously Hinky Dink (Jul 05)
info
SECV-07-1403 - Android SQLi Api - SQL Injection on delete() method info (Jul 26)
Call for Paper - NOPcon 2014 - Istanbul, Turkey info (Jul 17)
SECV-07-1403 - Android SQLi Api - SQL Injection on delete() method ( link correction) info (Jul 26)
Ivan .Heca
Re: Peeling the onion: Almost everyone involved in developing Tor was (or is) funded by the US government | PandoDaily Ivan .Heca (Jul 17)
Re: Peeling the onion: Almost everyone involved in developing Tor was (or is) funded by the US government | PandoDaily Ivan .Heca (Jul 24)
Peeling the onion: Almost everyone involved in developing Tor was (or is) funded by the US government | PandoDaily Ivan .Heca (Jul 17)
Former NSA Chief: Why I'm Worth $1 Million a Month to Wall Street Ivan .Heca (Jul 29)
Jack Morgan
Re: Peeling the onion: Almost everyone involved in developing Tor was (or is) funded by the US government | PandoDaily Jack Morgan (Jul 18)
Jan Kechel
Re: Ignore the amount customers confirm is no security vulnerability according to PayPal Jan Kechel (Jul 17)
Ignore the amount customers confirm is no security vulnerability according to PayPal Jan Kechel (Jul 17)
Jeffrey Walton
Bitstamp - Possible breach Jeffrey Walton (Jul 20)
Improperly Issued Digital Certificates Could Allow Spoofing Jeffrey Walton (Jul 10)
Re: Bitstamp - Possible breach Jeffrey Walton (Jul 22)
Jim Credland
Re: new pen-test tool! Jim Credland (Jul 08)
Joe Brown
Re: AV scan on read vs write debate.... Joe Brown (Jul 01)
Joerg Mertin
Re: QNAP TS-469U shadow file world readable Joerg Mertin (Jul 11)
Jörg Kost
Raritan IPMI vulnerability Jörg Kost (Jul 05)
Keira Cran
Jamming WiFi tracking beacons Keira Cran (Jul 16)
Re: new pen-test tool! Keira Cran (Jul 07)
Kirk Durbin
Re: Is the era of ezine txt files over? Kirk Durbin (Jul 19)
KoreLogic Disclosures
KL-001-2014-002 : Microsoft XP SP3 BthPan.sys Arbitrary Write Privilege Escalation KoreLogic Disclosures (Jul 18)
KL-001-2014-003 : Microsoft XP SP3 MQAC.sys Arbitrary Write Privilege Escalation KoreLogic Disclosures (Jul 18)
KL-001-2014-001 : Oracle VirtualBox Guest Additions Arbitrary Write Privilege Escalation KoreLogic Disclosures (Jul 15)
Lee
FireFox: Lab Mouse Security: Remote Code Execution via Browser (LZO) Lee (Jul 09)
Liz Gossell
Re: Peeling the onion: Almost everyone involved in developing Tor was (or is) funded by the US government | PandoDaily Liz Gossell (Jul 18)
Luca Carettoni
Re: CVE-2014-2225: Ubiquiti Networks - Multiple products - Cross-site Request Forgery (CSRF) Luca Carettoni (Jul 24)
Lukasz Biegaj
Re: Wordpress TimThumb 2.8.13 WebShot Remote Code Execution (0-day) Lukasz Biegaj (Jul 01)
Łukasz Pilorz
Re: Bypassing Content-Disposition: attachment for XSS on Chrome/Safari(IOS 6.x) Łukasz Pilorz (Jul 31)
Matt Simmons
Re: Is the era of ezine txt files over? Matt Simmons (Jul 10)
Mauro Risonho de Paula Assumpção
Http DoS Requests Flooding Crash Device Vulnerabilities Elipse E3 Scada PLC. Mauro Risonho de Paula Assumpção (Jul 15)
Melchior Limacher
QNAP TS-469U shadow file world readable Melchior Limacher (Jul 11)
Michael Scheidell
United Airways(r) united.com Insecure Transmission of User Credentials Michael Scheidell (Jul 13)
Michail Strokin
Feed2JS/MagpieRSS 0day vulnerability (not really, it is actually CVE-2005-3330 / CVE-2008-4796) Michail Strokin (Jul 05)
Mick Ayzenberg
CVE-2014-4502 : Invalid Handling of Length Parameter in Stratum mining.notify Message Leads to Heap Overflow Mick Ayzenberg (Jul 22)
CVE-2014-4503 : Invalid Parameters in mining.notify Stratum Message Leads to Denial of Service Mick Ayzenberg (Jul 22)
CVE-2014-4501 : Stack Overflow in Parsing client.reconnect Message of the Stratum Mining Protocol Mick Ayzenberg (Jul 22)
MustLive
XSS, FPD and RCE vulnerabilities in DZS Video Gallery for WordPress MustLive (Jul 13)
XXE Injection in HP Release Control MustLive (Jul 31)
Narendra Choyal
MTS MBlaze 3G Plus Wi-Fi Dongle : Multiple Vulnerabilities Narendra Choyal (Jul 22)
Nate Kettlewell
CVE-2014-3418 - OS Command Injection Infoblox Network Automation Nate Kettlewell (Jul 09)
Nguyen Anh Quynh
Announcement: CEnigma tool! Nguyen Anh Quynh (Jul 31)
Nick Boyce
Re: FireFox: Lab Mouse Security: Remote Code Execution via Browser (LZO) Nick Boyce (Jul 10)
Nick Lindridge
Re: Back To The Future: Unix Wildcards Gone Wild Nick Lindridge (Jul 01)
Noah Axon
Re: Is the era of ezine txt files over? Noah Axon (Jul 11)
Olaf Rühenbeck
Re: Peeling the onion: Almost everyone involved in developing Tor was (or is) funded by the US government | PandoDaily Olaf Rühenbeck (Jul 18)
Onapsis Research Labs
[Onapsis Security Advisory 2014-021] SAP HANA XS Missing encryption in form-based authentication Onapsis Research Labs (Jul 29)
[Onapsis Security Advisory 2014-022] SAP HANA IU5 SDK Authentication Bypass Onapsis Research Labs (Jul 29)
[Onapsis Security Advisory 2014-023] HTTP verb tampering issue in SAP_JTECHS Onapsis Research Labs (Jul 29)
[Onapsis Security Advisory 2014-026] Missing authorization check in function modules of BW-SYS-DB-DB4 Onapsis Research Labs (Jul 29)
[Onapsis Security Advisory 2014-024] Hard-coded Username in SAP FI Manager Self-Service Onapsis Research Labs (Jul 29)
[Onapsis Security Advisory 2014-025] Multiple Cross Site Scripting Vulnerabilities in SAP HANA XS Administration Tool Onapsis Research Labs (Jul 29)
Pablo
Re: Should it be better ... Pablo (Jul 18)
Should it be better ... Pablo (Jul 10)
Paredes
Mining website blacklists Paredes (Jul 17)
Pete Herzog
new pen-test tool! Pete Herzog (Jul 05)
The Only Security Talk With Eurovision Videos? Pete Herzog (Jul 31)
Philip Cheong
Re: Bitstamp - Possible breach Philip Cheong (Jul 21)
Phil Pennock
Re: Back To The Future: Unix Wildcards Gone Wild Phil Pennock (Jul 01)
Portcullis Advisories
CVE-2014-3074 - Runtime Linker Allows Privilege Escalation Via Arbitrary File Writes in IBM AIX Portcullis Advisories (Jul 08)
Programa STIC
Vulnerabilities in Facebook and Facebook Messenger for Android [STIC-2014-0529] Programa STIC (Jul 29)
Project Un1c0rn
Project Saltstrap and Instance-Tor Project Un1c0rn (Jul 01)
Rafay Baloch
HTML5 Modern Day Attack And Defence Vectors Rafay Baloch (Jul 01)
Puffin Web Browser Address Bar Spoofing Vulnerability puts Millions of users at risk Rafay Baloch (Jul 14)
rai
A more robust POC for the ntp amplification dos rai (Jul 16)
Finding page including parameters with google dorks rai (Jul 05)
Is the era of ezine txt files over? rai (Jul 10)
Reindl Harald
Re: AV scan on read vs write debate.... Reindl Harald (Jul 01)
Rikairchy
Re: Peeling the onion: Almost everyone involved in developing Tor was (or is) funded by the US government | PandoDaily Rikairchy (Jul 18)
Re: Jamming WiFi tracking beacons Rikairchy (Jul 18)
Re: Jamming WiFi tracking beacons Rikairchy (Jul 18)
Sanguinarious
Re: Iron Mountain doesn't take physical security seriously Sanguinarious (Jul 05)
SCADA StrangeLove
New fixes in Siemens SIMATIC WinCC SCADA and DESCrypt on FPGA SCADA StrangeLove (Jul 29)
Scott Arciszewski
Re: Is the era of ezine txt files over? Scott Arciszewski (Jul 19)
Re: Is the era of ezine txt files over? Scott Arciszewski (Jul 10)
SEC Consult Vulnerability Lab
SEC Consult SA-20140710-1 :: Multiple high risk vulnerabilities in Shopizer webshop SEC Consult Vulnerability Lab (Jul 10)
SEC Consult SA-20140716-3 :: Multiple critical vulnerabilities in Bitdefender GravityZone SEC Consult Vulnerability Lab (Jul 16)
SEC Consult SA-20140701-0 :: Stored cross-site scripting vulnerabilities in EMC Documentum eRoom SEC Consult Vulnerability Lab (Jul 01)
SEC Consult SA-20140716-1 :: Remote Code Execution via CSRF in OpenVPN Access Server "Desktop Client" SEC Consult Vulnerability Lab (Jul 16)
SEC Consult SA-20140710-2 :: Multiple critical vulnerabilites in Schrack MICROCONTROL emergency light system SEC Consult Vulnerability Lab (Jul 10)
SEC Consult SA-20140716-0 :: Multiple SSRF vulnerabilities in Alfresco Community Edition SEC Consult Vulnerability Lab (Jul 16)
SEC Consult SA-20140710-0 :: Multiple critical vulnerabilities in Shopizer webshop SEC Consult Vulnerability Lab (Jul 10)
SEC Consult SA-20140716-2 :: Multiple vulnerabilities in Citrix NetScaler Application Delivery Controller and Citrix NetScaler Gateway SEC Consult Vulnerability Lab (Jul 16)
SEC Consult SA-20140710-3 :: Design Issue / Password Disclosure in WAGO-I/O-SYSTEM with CODESYS V2.3 WebVisu SEC Consult Vulnerability Lab (Jul 10)
Securify B.V.
Re: Bypassing Content-Disposition: attachment for XSS on Chrome/Safari(IOS 6.x) Securify B.V. (Jul 30)
Re: Bypassing Content-Disposition: attachment for XSS on Chrome/Safari(IOS 6.x) Securify B.V. (Jul 30)
Seth Art
CVE-2014-2227: Ubiquiti Networks - AirVision v2.1.3 - Overly Permissive default crossdomain.xml Seth Art (Jul 24)
CVE-2014-2225: Ubiquiti Networks - Multiple products - Cross-site Request Forgery (CSRF) Seth Art (Jul 24)
CVE-2014-2226: Ubiquiti Networks - UniFi Controller - Admin/root password hash sent via syslog Seth Art (Jul 24)
Stefan Kanthak
Beginner's error: import function of Windows Mail executes rogue program C:\Program.exe with credentials of other account Stefan Kanthak (Jul 24)
Re: Beginner's error: import function of Windows Mail executes rogue program C:\Program.exe with credentials of other account Stefan Kanthak (Jul 24)
Re: Beginner's error: import function of Windows Mail executes rogue program C:\Program.exe with credentials of other account Stefan Kanthak (Jul 26)
Re: Beginner's error: import function of Windows Mail executes rogue program C:\Program.exe with credentials of other account Stefan Kanthak (Jul 26)
iTunes 11.2.2 for Windows: completely outdated and vulnerable 3rd party libraries Stefan Kanthak (Jul 07)
Stephen Crane
Re: Peeling the onion: Almost everyone involved in developing Tor was (or is) funded by the US government | PandoDaily Stephen Crane (Jul 17)
surivaton
Re: Jamming WiFi tracking beacons surivaton (Jul 17)
surivaton surivaton
Re: Mining website blacklists surivaton surivaton (Jul 18)
Re: Is the era of ezine txt files over? surivaton surivaton (Jul 16)
Todd Weiler
Re: Iron Mountain doesn't take physical security seriously Todd Weiler (Jul 07)
Trey Ford
Legal Threats and Investigation Trey Ford (Jul 31)
Victor Aguilar
Re: AV scan on read vs write debate.... Victor Aguilar (Jul 05)
Vulnerability Lab
Barracuda Networks Spam&Virus Firewall v5.1.3 - Client Side Cross Site Vulnerability Vulnerability Lab (Jul 28)
Yahoo! Bug Bounty #30 YM - Application Side Mail Encoding (File Attachment) Vulnerability Vulnerability Lab (Jul 10)
Photo Org WonderApplications v8.3 iOS - File Include Vulnerability Vulnerability Lab (Jul 07)
PayPal Inc Bug Bounty #74 - Persistent Core Backend Vulnerability Vulnerability Lab (Jul 07)
Yahoo! Bug Bounty #25 Flickr API - Persistent Service Vulnerability Vulnerability Lab (Jul 07)
Barracuda Networks Firewall 6.1.2 #36 - Filter Bypass & Exception Handling Vulnerability + PoC Video BNSEC-2398 Vulnerability Lab (Jul 24)
(BNSEC-1263) Barracuda Networks Web Application Firewall v6.1.5 & LoadBalancer v4.2.2 #37 - Filter Bypass & Multiple Vulnerabilities Vulnerability Lab (Jul 29)
Barracuda Networks Message Archiver 650 - Persistent Input Validation Vulnerability (BNSEC 703) Vulnerability Lab (Jul 18)
Yahoo! Bug Bounty #29 YM - Filter Bypass & Persistent Web Vulnerability Vulnerability Lab (Jul 10)
Barracuda Networks Firewall v6.1.5 - Filter Bypass & Persistent Vulnerabilities Vulnerability Lab (Jul 25)
TigerCom iFolder+ v1.2 iOS - Multiple Vulnerabilities Vulnerability Lab (Jul 31)
WiFi HD v7.3.0 iOS - Multiple Web Vulnerabilities Vulnerability Lab (Jul 29)
Barracuda Networks #35 Web Firewall 610 v6.0.1 - Filter Bypass & Persistent Vulnerability Vulnerability Lab (Jul 22)
Barracuda Networks Spam&Virus Firewall v6.0.2 (600 & Vx) - Client Side Cross Site Vulnerability Vulnerability Lab (Jul 22)
Paypal Inc Bug Bounty #109 Multi Shipping Application API - Filter Bypass & Persistent Vulnerability Vulnerability Lab (Jul 07)
Microsoft MSN HBE - Blind SQL Injection Vulnerability Vulnerability Lab (Jul 18)
William Costa
Reflected XSS vulnerabilities in DELL SonicWALL GMS 7.2 Build: 7221.1701 (CVE-2014-5024) William Costa (Jul 22)
Yoann Gini
Re: AV scan on read vs write debate.... Yoann Gini (Jul 01)