Mailing List Archive by Gossamer Threads http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/ en-us (c) Gossamer Threads Inc. All rights reserved. 08 Feb 2012 10:13:44 -0800 120 75 23 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/ http://www.gossamer-threads.com/images/lists/rss_logo.jpg Title: ------- Netbeans Jira Plugin does not check https certificates Disclosure Timeline: ----------------------------- [2012-01-02] Vulnerability r 08 Feb 2012 07:21:16 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84940 I tried to report this to the vendor in 2009. SHODAN "OwnServer1.0": Results 1 - 10 of about 11832 for OwnServer1.0 country:US. -Jason Ellison ---- 08 Feb 2012 01:21:54 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84935 Dear All, ClubHack Magazine's Issue-25, Feb 2012 is released. The theme for this issue is Network Exploitation and Security. This issue covers follo 07 Feb 2012 21:25:00 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84934 Android Multiple Vulnerabilities Author: www.80vul.com [Email:5up3rh3i#gmail.com] Release Date: 2012/2/8 References: http://www.80vul.com/android/a 07 Feb 2012 20:36:04 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84933 Title: ====== Cyberoam Central Console v2.00.2 - File Include Vulnerability Date: ===== 2012-02-08 References: =========== http://www.vulnerabilit 07 Feb 2012 15:24:15 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84937 What is the point of posting notifications of XSS vulnerabilities in specific web sites instead of alerts of xss vulns in specific software packages? 07 Feb 2012 15:18:24 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84936 Title: ====== HITB2011KUL - Is The Pen Still Mightier Than The Sword Date: ===== 2012-01-18 References: =========== Download: http://www.vu 07 Feb 2012 08:57:01 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84930 Title: ====== HITB2011KUL - Chip & PIN - Protocol Analysis EMV POS Date: ===== 2012-01-26 References: =========== Download: http://www.vulne 07 Feb 2012 08:56:39 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84929 Title: ====== HITB2011KUL - Mobile Malware Analysis Date: ===== 2012-02-06 References: =========== Download: http://www.vulnerability-lab.co 07 Feb 2012 08:56:15 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84928 Title: ====== HITB2011KUL - Post Memory Corruption Analysis Date: ===== 2012-01-26 References: =========== Download: http://www.vulnerabilit 07 Feb 2012 08:55:52 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84927 Title: ====== Google Service Reward #1 - ClickJacking Vulnerability Date: ===== 2012-02-07 References: =========== Download: http://www.vuln 07 Feb 2012 08:38:20 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84926 Title: ====== Cyberoam Central Console v2.x - File Include Vulnerability Date: ===== 2012-02-05 References: =========== Download: http://www 07 Feb 2012 08:37:53 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84925 Title: ====== Dinama SMS Service - Persistent Web Vulnerability Date: ===== 2012-02-05 References: =========== http://www.vulnerability-lab.com/ge 07 Feb 2012 08:36:54 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84924 Title: ====== Facebook Game Store - SQL Injection Vulnerability Date: ===== 2012-02-04 References: =========== http://www.vulnerability-lab.com/ge 07 Feb 2012 08:36:07 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84923 Title: ====== eFronts Community++ v3.6.10 - Cross Site Vulnerability Date: ===== 2012-02-07 References: =========== http://www.vulnerability-lab.c 07 Feb 2012 08:34:02 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84922 Title: ====== VolksBank Online Banking - Multiple Web Vulnerabilities Date: ===== 2012-02-07 References: =========== http://www.vulnerability-lab. 07 Feb 2012 08:32:50 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84921 Information -------------------- Name :  SQL Injection Vulnerability in Batavi Software :  Batavi 1.1.2 and possibly below. Vendor Homepage :  http 07 Feb 2012 05:36:49 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84914 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2012-0803: Apache CXF does not validate UsernameToken policies correctly Severity: Important Ven 07 Feb 2012 02:39:45 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84913 Title: ====== Electronic Arts - Cross Site Scripting Vulnerability Date: ===== 2012-02-06 References: =========== http://www.vulnerability-lab.co 06 Feb 2012 16:37:38 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84916 Title: ====== Sun Microsystems (Print) - Cross Site Scripting Vulnerability Date: ===== 2012-02-01 References: =========== http://www.vulnerabilit 06 Feb 2012 16:35:18 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84915 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DS 06 Feb 2012 11:21:50 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84912 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advi 06 Feb 2012 11:03:01 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84906 Dear TROOPERS, We call for action for the fifth time in the history of our up-and-coming IT security conferences series. Experts from all around th 06 Feb 2012 03:35:59 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84901 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DS 06 Feb 2012 01:06:39 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84902 This video shows how to exploit a vulnerability in Microsoft Word and Excel by using Exploit Pack 2.1.7. Get you own copy of Exploit Pack from: http 05 Feb 2012 19:25:14 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84897 Title: ====== NexorONE Online Banking - Multiple Cross Site Vulnerabilities Date: ===== 2012-02-04 References: =========== http://www.vulnerabilit 05 Feb 2012 10:09:49 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84899 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DS 05 Feb 2012 04:46:59 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84885 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DS 04 Feb 2012 09:18:52 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84881 New exploit for Broadwin/Advantexh HMI/SCADA was published by Zomb1E & amistox07. Exploit is used undocumented features of SCADA. See: http://fuzzyd00 04 Feb 2012 02:42:22 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84892 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advi 03 Feb 2012 08:54:00 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84875 Earlier today I tried to contact the people over at http://vulnerability-lab.com about an XSS vulnerability I found on their site (ironic) but it appe 03 Feb 2012 07:21:18 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84873 MD5 (20120203-SONEXIS-NETRAGARD.txt) = adde14f01f442022e40decba069e1f3e 03 Feb 2012 06:22:34 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84872 since no one could answer the last one how bout this. In my FW log Trust (our 10.0.0.0. network) to untrust picked this up: 2012-02-02 10:08:10 7.254 03 Feb 2012 00:20:40 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84868 Folks, FYI. (the RFC is available at: <http://www.rfc-editor.org/rfc/rfc6528.txt>) A new Request for Comments is now available in online RFC librari 02 Feb 2012 20:59:26 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84856 BSides Detroit 12 Call For Presenters (CFP) BSides Detroit (http://bit.ly/BSidesDetroit) brings the BSides community to a new level, to a place it ha 02 Feb 2012 14:52:53 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84861 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DS 02 Feb 2012 13:29:48 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84860 hello, Multiple vendor antivirus .kz archive format evasion/bypass vulnerability. DESCRIPTION .kz is a proprietary archive format from an Asian e 02 Feb 2012 13:27:13 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84864 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DS 02 Feb 2012 11:53:30 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84852 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DS 02 Feb 2012 11:52:15 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84851 http://www.reuters.com/article/2012/02/02/us-hacking-verisign-idUSTRE8110Z820120202 http://www.msnbc.msn.com/id/46238729/ns/technology_and_science-sec 02 Feb 2012 11:49:15 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84850 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DS 02 Feb 2012 11:29:50 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84849 Title: ====== NASA Subdomains FCKEditor - Multiple Vulnerabilities Date: ===== 2012-01-29 References: =========== http://vulnerability-lab.com/get 02 Feb 2012 09:45:42 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84859 Title: ====== Achievo v1.4.3 - Multiple Web Vulnerabilities Date: ===== 2012-01-30 References: =========== http://www.vulnerability-lab.com/get_co 02 Feb 2012 09:44:21 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84858 Title: ====== OSCommerce v3.0.2 - Persistent Cross Site Vulnerability Date: ===== 2012-02-02 VL-ID: ===== 407 Introduction: ============= osCom 02 Feb 2012 09:42:53 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84857 Hello list! I want to warn you about new security vulnerabilities in D-Link DAP 1150 (Wi-Fi Access Point and Router). These are Abuse of Functionali 02 Feb 2012 09:04:16 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84842 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advi 02 Feb 2012 07:48:01 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84841 Like other Linux distribution vendors, Gentoo is currently CC'ing advisories to the full-disclosure and bugtraq mailing lists. Starting today, we wil 02 Feb 2012 02:57:53 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84835 Hello Davide, its working for me: regards Heiko Von: David3 Gonnella <netevil@hackers.it> An: full-disclosure@lists.grok.org.uk Datum 02 Feb 2012 02:27:10 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84836 Folks: An interesting subject that I have never seen discussed here but one I want to put on the table.... Appar 01 Feb 2012 23:28:16 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84830 CAL-2012-0004 opera array integer overflow 1 Affected Products ================= 11.60 and prior 2 Vulnerability Details ===================== Co 01 Feb 2012 18:36:41 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84829 Folks, We have talked about this one quite a few times (including <http://blog.si6networks.com/2011/09/router-advertisement-guard-ra-guard.html>). -- 01 Feb 2012 18:17:46 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84828 Folks, We have talked about this one quite a few times (including <http://blog.si6networks.com/2011/09/router-advertisement-guard-ra-guard.html>). -- 01 Feb 2012 18:17:29 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84827 Hello guys, Since few days my domain is out for first tests ..but today it is totally disappeared from Google search results. Do you know how this 01 Feb 2012 16:25:36 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84831 Can anyone help in solving what this shellcode does? \x31\xC0\x50\x68\x70\x79\x71\x78\x68\x72\x77\x27\x71\x68\x77\x79\x74\x74\x68\x25\x72\x25\x24\x68 01 Feb 2012 12:57:02 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84823 So most people on here have probably heard of Bitcoin from somewhere, and most of you have probably got tired of it - but bear with me because this is 01 Feb 2012 07:05:04 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84822 MD5 (soNoExis.rb.orig) = 6f0e38ef112f10cc1b1fe5437ef3970d 31 Jan 2012 18:58:52 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84821 i was working with cleaning up "any to any" on fw. ran across inside ips doing netbios (NS) , and one using port 4330 to 7.8.0.106, or .107. a who is 31 Jan 2012 12:47:11 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84820 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DS 31 Jan 2012 07:26:47 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84814 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DS 30 Jan 2012 23:22:58 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84813 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ---------------------------------------------------------------------- VMware Secur 30 Jan 2012 22:57:40 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84811 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DS 30 Jan 2012 11:49:07 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84809 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-020 : IBM SPSS VsVIEW6.ocx ActiveX Control Multiple Methods Remote Code Execution Vulnerability 30 Jan 2012 10:34:04 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84807 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-019 : IBM SPSS mraboutb.dll ActiveX Control SetLicenseInfoEx Method Remote Code Execution Vulner 30 Jan 2012 10:33:18 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84806 Hi, FYI, see attached. cheers, joernchen -- joernchen ~ Phenoelit <joernchen@phenoelit.de> ~ C776 3F67 7B95 03BF 5344 http://www.phenoelit.de ~ A 30 Jan 2012 05:56:26 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84801 http://www.sans.org/security-resources/idfaq/honeypot3.php good paper on how to build your own and some links to commercial products. Sorry for the 30 Jan 2012 05:35:55 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84797 winnie the pooh would know... (had to) bma ----- Original Message ----- From: lallantada@tvazteca.com.mx To: J. von Balzac Cc: Full Disclosure ; 30 Jan 2012 04:55:50 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84796 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201201-19 - - - 30 Jan 2012 04:45:40 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84795 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201201-18 - - - 30 Jan 2012 04:44:59 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84794 The thing that makes me laugh about all of this, and one of the key things I learned from reading Gibbon's Decline & Fall is this: The number and fre 29 Jan 2012 15:18:59 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84773 Exploit Pack - New video! Release - Ultimate 2.1 Check it out! http://www.youtube.com/watch?v=4TrsFry13TU Exploit Pack Team http://exploitpack.com 29 Jan 2012 14:40:29 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84774 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advi 29 Jan 2012 11:25:01 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84771 from the wikipedia link... "An illegal prime is a kind of illegal number" kind of? Just like pot is "kind of" illegal by the feds standards? just l 29 Jan 2012 04:41:39 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84767 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DS 29 Jan 2012 04:38:33 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84768 Metallica used to encourage fans to record "bootlegs" and share with those who didnt/wouldnt/couldnt attend the shows. Now look at them:-( Metallica 29 Jan 2012 03:35:47 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84765 Could sound not so useful...fancy... what you want... but if you link a gmail account with a blog... on an android mobile phone... and you visit for 28 Jan 2012 15:54:15 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84760 is posting attacking us gov site, or exposing personal info of another on twitter a freedom on speech/full disclosure? Twitter is the main voice of a 28 Jan 2012 10:39:20 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84747 Title: ====== FAA US Academy (AFS) - Auth Bypass Vulnerability Date: ===== 2012-01-28 References: =========== http://vulnerability-lab.com/get_con 28 Jan 2012 04:43:41 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84786 Title: ====== ME Monitoring Manager v9.x; v10.x - Multiple Vulnerabilities Date: ===== 2012-01-27 References: =========== http://www.vulnerability 28 Jan 2012 04:42:04 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84785 Title: ====== eBank IT Online Banking - Multiple Web Vulnerabilities Date: ===== 2012-01-26 References: =========== http://www.vulnerability-lab.c 28 Jan 2012 04:40:07 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84784 This is an automatic SQL Injection tool called as FatCat, Use of FatCat for testing your web application and exploit your application more deeper. Fat 28 Jan 2012 00:25:04 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84745 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201201-17 - - - 27 Jan 2012 19:56:26 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84744 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201201-16 - - - 27 Jan 2012 13:59:40 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84740 i am looking for a good honeypot thanks 27 Jan 2012 10:56:16 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84787 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DS 27 Jan 2012 10:37:10 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84739 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DS 27 Jan 2012 10:10:35 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84737 Hi, FYI, see attached. cheers, joernchen -- joernchen ~ Phenoelit <joernchen@phenoelit.de> ~ C776 3F67 7B95 03BF 5344 http://www.phenoelit.de ~ A 27 Jan 2012 09:50:21 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84735 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201201-15 - - - 27 Jan 2012 07:05:24 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84733 Title: ====== Fortigate UTM WAF Appliance - Multiple Web Vulnerabilities Date: ===== 2012-01-27 References: =========== http://vulnerability-lab.c 27 Jan 2012 05:52:16 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84734 when you enter piracy into google the 1st link is the piratebay... dictionary.com- 1. practice of a pirate; robbery or illegal violence at sea. 2. t 27 Jan 2012 01:03:51 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84723 im going to the 'benz dealer in the morning to express my 1st amendment right... The Somalians are learning the hard way that it just isnt so... bma 27 Jan 2012 00:24:54 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84720 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DS 26 Jan 2012 14:46:37 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84730 This is a gentle reminder that the Call for Papers for the third annual HITBSecConf in Europe closes on the 18th of February! Send in your submissions 26 Jan 2012 14:17:20 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84719 Hello list! I want to warn you about multiple new vulnerabilities in plugin Register Plus for WordPress. These are Cross-Site Scripting, Code Execut 26 Jan 2012 11:07:06 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84717 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco IronPort Appliances Telnet Remote Code Execution Vulnerability Adviso 26 Jan 2012 09:49:04 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84713 I'm seeing a lot of hosts in my named logs (I mean log files, it's not like I am naming my poop) ...ok... silly joke hehe So anyway, named bind is r 26 Jan 2012 03:35:11 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84704 i will destroy FD this year, mark these words. On 26 January 2012 10:19, Richard Golodner <rgolodner@infratection.com> wrote: > On Thu, 2012-01-26 25 Jan 2012 15:27:29 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84694 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-018 : Symantec PCAnywhere awhost32 Remote Code Execution Vulnerability http://www.zerodayinitiat 25 Jan 2012 09:33:28 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84665 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DS 25 Jan 2012 07:56:21 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84670 # Vuln Title: NX Web Companion Spoofing Arbitrary Code Execution # Vulnerability # Date: 25.01.2012 # Author: otr # Software Link: http://www.nomachin 25 Jan 2012 07:43:37 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84676 Title: ====== Acolyte CMS v1.5 and v6.3 - SQL Injection Vulnerabilities Date: ===== 2012-01-25 References: =========== http://www.vulnerability-la 25 Jan 2012 07:37:25 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/84669