Mailing List Archive by Gossamer Threads http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/ en-us (c) Gossamer Threads Inc. All rights reserved. 24 Jul 2008 12:45:23 -0800 120 75 23 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/ http://www.gossamer-threads.com/images/lists/rss_logo.jpg -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi people, just to let other forum/blog/wiki admins out there that some people from tobesecurity.com 24 Jul 2008 09:55:07 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62763 Anyone have any idea what signs would be if a DNS server is compromised? Been seeing: 08:39:28 homebox named[27]: client *.*.143.11#10053: query (cac 24 Jul 2008 07:41:55 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62759 by n3td3v July 24, 2008 6:59 AM I guess HD Moore doesn't like Dan Kaminsky very much since he told people like HD Moore not to release such code unt 24 Jul 2008 07:21:01 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62757 Ladies of the internet. We salute you. How does it feel having a low self-esteem. How does it feel to not have a life worth living. Notice these are 24 Jul 2008 03:51:00 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62755 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA 24 Jul 2008 00:36:24 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62754 ____ ____ __ __ / \ / \ | | | | ----====####/ /\__\##/ /\ \##| |##| |####====---- 23 Jul 2008 20:48:38 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62753 ____ ____ __ __ / \ / \ | | | | ----====####/ /\__\##/ /\ \##| |##| |####====---- 23 Jul 2008 16:34:26 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62752 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Adv 23 Jul 2008 16:29:00 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62751 Hello! You can find it here: http://oss.coresecurity.com/projects/sdtcleaner.html Package: http://oss.coresecurity.com/repo/SDTCleaner-v1.0.zip Wh 23 Jul 2008 15:49:33 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62749 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Adv 23 Jul 2008 14:56:00 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62748 As a workaround, it is recommended to set DNS servers to forward only. Can someone explain why that helps? Cannot responses from the forwarder be spoo 23 Jul 2008 14:28:15 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62747 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA 23 Jul 2008 13:33:58 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62744 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA 23 Jul 2008 13:07:11 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62743 =========================================================== Ubuntu Security Notice USN-628-1 July 23, 2008 php5 vulnerabilities CVE-2007 23 Jul 2008 12:39:07 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62742 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA 23 Jul 2008 11:59:43 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62746 This pair of essays were written in 4 hours the night before they were due for last year's Cyber Security Awareness Week at Polytechnic University. Th 23 Jul 2008 11:40:03 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62740 1. SUMMARY Product : Vim -- Vi IMproved Version : Tested with Vim 7.2b.10, filetype.vim 2008-07-17 Impact : Arbitrary code execution Wherefrom: L 23 Jul 2008 11:29:01 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62739 adMERITia Vulnerability Report Vulnerability Information Vendor: EMC˛ Product: Centera Universal Access Version: CUA4.0_4735.p4 Vulnerability Type: 23 Jul 2008 10:09:27 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62745 > I have a buddy that is soliciting for help researching PIN numbers > used in > ATM's and things of that nature. He is in need of data-sets for > 22 Jul 2008 20:10:41 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62729 Asterisk Project Security Advisory - AST-2008-011 +------------------------------------------------------------------------+ | Product 22 Jul 2008 16:16:07 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62727 Asterisk Project Security Advisory - AST-2008-010 +------------------------------------------------------------------------+ | Product 22 Jul 2008 16:15:50 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62726 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Adv 22 Jul 2008 16:07:01 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62725 =========================================================== Ubuntu Security Notice USN-627-1 July 22, 2008 dnsmasq vulnerability CVE-200 22 Jul 2008 09:37:02 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62710 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 PR08-16: CSRF (Cross-site Request Forgery) on Moodle edit profile page Vulnerability found: 25/06/2008 22 Jul 2008 08:59:48 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62713 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 PR08-15: Several Webroot Disclosures on Moodle Vulnerability found: 20/06/2008 Vendor informed: 25/06 22 Jul 2008 08:48:39 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62715 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 PR08-13: Persistent Cross-site Scripting (XSS) on Moodle via blog entry title Vulnerability found: 20/ 22 Jul 2008 08:46:23 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62714 > razi garbie wrote: > >> Are you sure that a 0day is even needed? perhaps its a rather old >> kernel thats locally exploitable? >> shell# uname -r > 22 Jul 2008 04:09:28 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62697 ---------- Forwarded message ---------- From: Dan Kaminsky <dan@doxpara.com> Date: Sun, Jul 20, 2008 at 7:16 AM Subject: you know... To: xploitable@gm 22 Jul 2008 01:09:55 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62695 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA 22 Jul 2008 00:01:19 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62712 from chargen 19/udp by ecopeland 0. The cat is out of the bag. Yes, Halvar Flake figured out the flaw Dan Kaminsky will announce at Black Hat. 1. 21 Jul 2008 19:36:20 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62716 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Adv 21 Jul 2008 18:49:00 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62691 ####################################################################### Luigi Auriemma Application: ZDaemon 21 Jul 2008 16:02:21 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62687 It appears matasano posted an explanation of Dan Kaminsky's DNS issue to their blog today, but looks like it may have been yanked back down. My googl 21 Jul 2008 15:56:30 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62688 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisor 21 Jul 2008 15:08:33 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62686 Believe it or not, I have a linux box (mine, yes it's mine) I need to own... the problem is that it phisically resides a few 100km from here and someo 21 Jul 2008 13:47:26 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62689 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisor 21 Jul 2008 12:52:38 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62685 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisor 21 Jul 2008 11:08:18 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62684 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA 21 Jul 2008 10:29:08 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62682 FGA-2008-16: EMC Dantz Retrospect 7 backup Client 7.5.116 NULL-Pointer reference Denial of Service Vulnerability http://www.fortiguardcenter.com/advis 21 Jul 2008 06:49:25 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62678 FGA-2008-16: EMC Dantz Retrospect 7 backup Server Authentication Module Weak Password Hash Arithmetic Vulnerability http://www.fortiguardcenter.com/ad 21 Jul 2008 06:47:20 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62679 FGA-2008-16: EMC Dantz Retrospect 7 backup Client PlainText Password Hash Disclosure Vulnerability http://www.fortiguardcenter.com/advisory/FGA-2008-1 21 Jul 2008 06:45:55 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62681 FGA-2008-16: EMC Dantz Retrospect 7 backup Client 7.5.116 Remote Memory corruption Vulnerability http://www.fortiguardcenter.com/advisory/FGA-2008-16. 21 Jul 2008 06:44:11 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62680 Hi all, I checked out the Last Hope Conf this weekend and it was friggin sweet, anyone else checked it out and if so what talks you like? Sent from m 20 Jul 2008 18:06:03 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62675 The aim of this white paper is to analyze security implications of the new HTML 5 client-side storage technology, showing how different attacks ca 20 Jul 2008 17:32:26 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62674 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Adv 19 Jul 2008 16:06:00 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62672 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Adv 19 Jul 2008 12:42:00 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62670 The maker of Linux was right, "In an e-mail to the Linux kernel developer mailing list, Torvalds said a section of the security industry was dedicate 19 Jul 2008 11:27:16 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62669 Oracle Database Local Untrusted Library Path Vulnerability ---------------------------------------------------------- The Oracle July 2008 Critical P 19 Jul 2008 08:08:40 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62667 rPath Security Advisory: 2008-0231-1 Published: 2008-07-19 Products: rPath Linux 2 Rating: Major Exposure Level Classification: Remote System 19 Jul 2008 07:31:24 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62668 ---------- Forwarded message ---------- From: n3td3v <xploitable@gmail.com> Date: Sat, Jul 19, 2008 at 12:13 AM Subject: Re: Stop The 70% Lie To: The 18 Jul 2008 18:56:47 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62665 rPath Security Advisory: 2008-0230-1 Published: 2008-07-18 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Remote System 18 Jul 2008 12:56:02 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62662 I am reachable 0nly @ two addresses from now on: http://www.milw0rm.com http://www.com-winner.com Thanks n3td3v 18 Jul 2008 10:58:04 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62666 I am reachable 0nly @ two addresses: http://www.milw0rm.com http://www.com-winner.com Thanks n3td3v Signed, KingCope 18 Jul 2008 10:13:43 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62663 At the end of April 2008 I published a paper about a new class of flaw in Oracle entitled "Lateral SQL Injection". The paper can be found here: http 18 Jul 2008 07:03:16 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62658 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Adv 17 Jul 2008 17:51:00 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62655 On Thu, 17 Jul 2008, The Security Community wrote: > http://70percenters.googlepages.com/ > > "The FBI estimates that about 70 percent of all computer 17 Jul 2008 17:18:11 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62656 http://70percenters.googlepages.com/ "The FBI estimates that about 70 percent of all computer security breaches are perpetrated by insiders." For ye 17 Jul 2008 16:29:02 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62654 1. Summary Product : Vim -- Vi IMproved Versions : 5.0--current, possibly older; 4.6 and 3.0 not vulnerable Impact : Arbitrary code execution Wher 17 Jul 2008 15:54:18 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62653 ZDI-08-044: Mozilla Firefox CSSValue Array Memory Corruption Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-08-044 July 17, 2008 -- CV 17 Jul 2008 12:17:58 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62648 ZDI-08-043: Sun Java Web Start vm args Stack Buffer Overflow http://www.zerodayinitiative.com/advisories/ZDI-08-043 July 17, 2008 -- Affected Vendors 17 Jul 2008 12:17:41 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62650 ZDI-08-042: Sun Java Web Start Sandbox Bypass Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-08-042 July 17, 2008 -- Affected Vendors: 17 Jul 2008 12:17:22 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62649 Hi, I am troubled by these kinds of solutions which only help administrators with standard distributions. Any kind of deviation from the norm, and it 17 Jul 2008 08:59:07 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62645 =========================================================== Ubuntu Security Notice USN-623-1 July 17, 2008 firefox vulnerabilities CVE-2 17 Jul 2008 08:10:04 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62644 ekoparty 4th edition - www.ekoparty.com.ar Information Security/Insecurity Conference. October 2 and 3, 2008 Ciudad Autonoma de Buenos Aires - Argenti 16 Jul 2008 21:16:56 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62635 I'm sick of your punk-ass shit. Why don't you go fag up some other list. Go back to slashdot you pussy nerd. Quit faggin up my email inbox you queer. 16 Jul 2008 19:02:42 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62634 Anyone have it? _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure 16 Jul 2008 16:22:01 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62632 Class: Input Validation Error Risk: Low Remote: Yes Oracle has just released CPU July 2008 critical patch that fixes a flaw which allows code inject 16 Jul 2008 15:26:59 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62629 rPath Security Advisory: 2008-0035-1 Published: 2008-07-16 Products: rPath Appliance Platform Linux Service 1 rPath Linux 1 Rating: Minor Exp 16 Jul 2008 13:43:10 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62628 Hi, if you want to see some graphs on how many DNS servers are fixed at the moment (or rather, how many are not) based on statistics I got right from 16 Jul 2008 12:54:35 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62624 Folks, We are currently working on a revision of our port randomization IETF Internet-Draft. The current version is available at: http://www.ietf. 16 Jul 2008 12:23:28 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62622 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA 16 Jul 2008 12:18:32 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62627 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA 16 Jul 2008 12:09:37 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62619 n.runs AG http://www.nruns.com/ security(at)nruns.com n.runs-SA-2008.003 16-Jul 16 Jul 2008 09:14:16 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62618 Hi all, I doubt many of you are following the "discussions" (if they can be called that) that have been going on on LWN for the past couple weeks r 16 Jul 2008 06:44:37 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62617 n.runs AG http://www.nruns.com/ security(at)nruns.com n.runs-SA-2008.002 16-Jul-2 16 Jul 2008 05:11:36 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62616 1. Summary Product : Vim -- Vi IMproved, Netrw Version : Tested with Vim 7.2b, Netrw 127 Impact : Arbitrary code execution Wherefrom: Local, poss 16 Jul 2008 04:53:29 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62615 1. Summary Product : Vim -- Vi IMproved Version : >= 7.2a.013; tested with 7.2b Impact : Arbitrary code execution Wherefrom: Local, possibly remo 16 Jul 2008 04:53:00 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62614 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Adv 15 Jul 2008 23:57:00 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62609 OwnTheBox, now in year 0x01, continues its hallowed tradition of creating temporary autonomous zones comprised of random people asking to be haxored 15 Jul 2008 22:25:31 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62608 =========================================================== Ubuntu Security Notice USN-625-1 July 15, 2008 linux, linux-source-2.6.15/20/ 15 Jul 2008 19:04:18 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62610 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Adv 15 Jul 2008 16:58:00 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62595 is pointless. lets all overdose and die. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.g 15 Jul 2008 15:57:03 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62590 iDefense Security Advisory 07.15.08 http://labs.idefense.com/intelligence/vulnerabilities/ Jul 15, 2008 I. BACKGROUND Oracle Database Server is a fa 15 Jul 2008 15:12:19 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62585 iDefense Security Advisory 07.15.08 http://labs.idefense.com/intelligence/vulnerabilities/ Jul 15, 2008 I. BACKGROUND Oracle Database Server is a fa 15 Jul 2008 15:11:30 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62584 iDefense Security Advisory 07.15.08 http://labs.idefense.com/intelligence/vulnerabilities/ Jul 15, 2008 I. BACKGROUND Internet Directory is Oracle's 15 Jul 2008 15:10:42 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62586 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200807-09 - - - 15 Jul 2008 15:08:53 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62583 NGSSoftware Insight Security Research Advisory Name: PLSQL Injection in Oracle Application Server Systems Affected: Oracle Application Server 9.0.4.3 15 Jul 2008 13:24:06 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62582 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA 15 Jul 2008 12:05:33 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62588 Dino Dai Zovi finally spilled the beans: http://twitter.com/dinodaizovi/statuses/858981957 _______________________________________________ Full-Discl 15 Jul 2008 11:17:30 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62574 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA 15 Jul 2008 10:46:45 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62571 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA 15 Jul 2008 10:39:09 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62572 Ureleet wrote: > there can be no actual exploit discussion unless you have dan on the > thread. dan? > > On Sun, Jul 13, 2008 at 3:50 PM, eugaaa@gmai 15 Jul 2008 07:28:13 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62567 Hello, Kon-Boot is an prototype piece of software which allows to change contents of a linux kernel on the fly (while booting). In the current com 15 Jul 2008 03:27:29 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62565 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Adv 14 Jul 2008 21:48:00 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62557 RICHMOND, VA, July 14, 2008 - The Open Security Foundation (OSF) is pleased to announce that the DataLossDB (also known as the Data Loss Database - 14 Jul 2008 20:55:52 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62566 =========================================================== Ubuntu Security Notice USN-624-1 July 15, 2008 pcre3 vulnerability CVE-2008- 14 Jul 2008 19:06:08 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62555 I've been waiting all day to hear who the nominees are for the Pwnie Awards 2008. It says on http://pwnie-awards.org/2008/ the website "Jul 14: nomin 14 Jul 2008 14:55:14 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62550 eMule 0.49 and previous versions could expose the OS user account name when it sends the shared files list. When an user asks for the shared files lis 14 Jul 2008 12:05:50 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62548 FYI: Looks like the "Enforce password on device" Group Policy setting is lost if you do an iPhone software restore and then re-sync your mail settings 14 Jul 2008 10:07:01 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62547 == DeepSec IDSC 2008 - CfP ends tomorrow - Last chance to submit == The DeepSec In-Depth Security Conference reminds all interested speakers to submi 14 Jul 2008 03:13:23 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62545