Mailing List Archive by Gossamer Threads http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/ en-us (c) Gossamer Threads Inc. All rights reserved. 24 Nov 2009 11:05:59 -0800 120 75 23 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/ http://www.gossamer-threads.com/images/lists/rss_logo.jpg Versions of harbour.pl (up to and including build 1941) are vulnerable to a remote Denial of Service attack. Spamming "zeroes" (null packets) to port 24 Nov 2009 06:58:58 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70896 =========================================================== Ubuntu Security Notice USN-861-1 November 24, 2009 libvorbis vulnerabilities CVE- 24 Nov 2009 06:31:12 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70892 Hi, Thank you for the information. MITM is used rather vaguely in this paper. Are the proposed techniques working in an MITM situation - w 24 Nov 2009 04:57:22 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70890 Abstract ======== ChipTAN comfort is a new system which is supposed to securely authorise online banking transactions by means of a trusted device. It 24 Nov 2009 03:50:18 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70889 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi, OpenX adserver version 2.8.1 and lower is vulnerable to remote code execution. To be exploited, 24 Nov 2009 03:02:18 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70888 Systems Affected: Quick.Cart 3.4 (other versions untested), Quick.CMS 2.4 (other versions untested) Severity: Medium Vendor: http://opensolution.org/ 23 Nov 2009 15:23:51 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70894 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ 23 Nov 2009 11:43:38 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70887 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ 23 Nov 2009 11:42:50 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70886 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ 23 Nov 2009 11:41:45 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70885 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA 22 Nov 2009 23:40:19 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70884 Hell no random.randrang -> randrange(_) rtfm. and yeah u'r welcome. 2009/11/23 Andrew Farmer <andfarm@gmail.com> On 22 Nov 2009, at 19:48, lauren 22 Nov 2009 22:09:43 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70882 [Bkis-13-2009] e107 Multiple Vulnerabilities 1. General Information e107 is a free content management system (CMS) written in PHP language and is av 22 Nov 2009 21:19:44 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70880 Should be kweel for UTesting http://g-laurent.blogspot.com/2009/11/releasing-icmpv4ip-fuzzer-prototype.html Enjoy. 22 Nov 2009 19:48:08 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70879 hackers providing a public service...... http://blogs.telegraph.co.uk/news/jamesdelingpole/100017451/climategate-how-the-msm-reported-the-greatest-sc 22 Nov 2009 14:44:52 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70878 Millions of PDF invisibly embedded with your internal disk paths ---------------------------------------------------------------- I found an interest 22 Nov 2009 12:14:30 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70876 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Call for Papers for HITB Security Conference 2010 Dubai is now open! Talks that are more technical 22 Nov 2009 06:13:26 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70875 Hello Full-Disclosure! I want to tell you about different vulnerabilities in plugins for WordPress. About some of them there were posts to Bugtraq li 21 Nov 2009 13:25:19 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70874 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advi 21 Nov 2009 08:08:01 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70872 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA 20 Nov 2009 21:30:22 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70873 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advi 20 Nov 2009 16:29:00 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70870 ZDI-09-085: Hewlett-Packard Operations Manager Server Backdoor Account Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09 20 Nov 2009 15:15:26 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70869 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ----------------------------------------------------------------------- VMware Sec 20 Nov 2009 12:56:48 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70867 This whole thing is ridiculous. Kurt Greenbaum is an idiot. What kind of question is that in the first place? Only and idiot would post “what†20 Nov 2009 11:10:41 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70866 Description ------------ PHP version 5.3.1 was just released. This release contains a patch for a denial of service condition we've reported on 27 Oct 20 Nov 2009 04:03:36 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70864 Earlier this year, a very well educated FD member posted the psychological profile of Mr. Wallace. (Found here: http://seclists.org/fulldisclosure/200 19 Nov 2009 19:40:53 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70863 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [ KDE KDELibs 4.3.3 Remote Array Overrun (Arbitrary code execution) ] Author: Maksymilian Arciemowicz 19 Nov 2009 16:26:57 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70860 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [ Opera 10.01 Remote Array Overrun (Arbitrary code execution) ] Author: Maksymilian Arciemowicz and sp 19 Nov 2009 16:25:15 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70859 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [ K-Meleon 1.5.3 Remote Array Overrun (Arbitrary code execution) ] Author: Maksymilian Arciemowicz and 19 Nov 2009 16:23:54 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70858 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [ SeaMonkey 1.1.8 Remote Array Overrun (Arbitrary code execution) ] Author: Maksymilian Arciemowicz an 19 Nov 2009 16:17:31 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70857 I smell a lawsuit coming on for our friend Greenbaum. "ReadWriteWeb has an article up today discussing an incident in which a school employee lost hi 19 Nov 2009 12:38:07 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70852 vendor: interactivetools.com, inc., http://www.interactivetools.com/products/automanager/ product: Auto Manager version: 2.52 script: admin.cgi fields 19 Nov 2009 00:03:14 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70845 product: AssetsSoSimple version tested: 0.33 vendor URL: http://assetssosimple.sourceforge.net/ script: supplier_admin.php field: Supplier ooo BugsN 19 Nov 2009 00:01:12 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70844 Hello There, This is Grace Wu from Foxit Corporation. We had noticed the Foxit Reader vulnerability posted at http://seclists.org/fulldisclosure/2009 18 Nov 2009 23:36:12 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70847 =========================================================== Ubuntu Security Notice USN-860-1 November 19, 2009 apache2 vulnerabilities CVE-20 18 Nov 2009 22:40:58 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70843 List, It has come to my attention that my client is being impersonated. Securityfocus slandered n3td3v in 2006 causing him to drop out of universit 18 Nov 2009 16:20:54 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70842 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ 18 Nov 2009 10:23:03 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70841 ====================================================================== Secunia Research 18/11/2009 - RhinoSoft Serv-U 18 Nov 2009 07:49:15 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70840 Dear List, This paper explains the vulnerability for a broader audience and summarizes the information that is currently available. The document is p 18 Nov 2009 06:42:26 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70839 what it says on the tin... i regret to inform you that there will be no meeting this month due to repeated let-downs with the current venue... inst 18 Nov 2009 06:24:21 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70838 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ 18 Nov 2009 00:56:36 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70837 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200911-02 - - - 17 Nov 2009 14:59:48 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70836 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ 17 Nov 2009 14:13:58 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70835 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA 17 Nov 2009 12:52:01 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70833 I realised that though security isn't mentioned at all -there's plenty here that gets shouted about on Full Disc on off-topic threads. (Paul, Valdis, 17 Nov 2009 11:51:27 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70832 n3td3v prepares to leave the internet after having completed work on n3td3v-0pen0wn.sh n3td3v has had it with the games done by you jackasses in th 17 Nov 2009 11:48:26 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70829 ====================================================================== Secunia Research 17/11/2009 - Gimp PSD Image Parsi 17 Nov 2009 06:05:03 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70828 We are excited to announce the immediate availability of version 3.3 of the Metasploit Framework. This release includes 446 exploits, 216 auxiliary mo 17 Nov 2009 05:57:36 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70827 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory D 17 Nov 2009 05:46:36 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70831 Second International Alternative Workshop on Aggressive Computing and Security iAWACS 2010: the Revelation Editi 17 Nov 2009 01:40:51 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70824 http://computerworld.co.nz/news.nsf/scrt/E9592E1A9719742ACC25766F0066B38D 16 Nov 2009 22:00:55 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70822 full-disclosure-request@lists.grok.org.uk wrote: > Send Full-Disclosure mailing list submissions to > 3. George Bush's immature, self-styled appro 16 Nov 2009 16:19:58 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70821 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advi 16 Nov 2009 14:34:00 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70820 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA 16 Nov 2009 11:30:33 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70826 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advi 16 Nov 2009 06:33:01 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70819 Once more, it will be Troopers time. This year, again, _everybody_ involved in the event (speakers and attendees) enjoyed themselves and could sign 16 Nov 2009 03:43:27 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70818 Greetings, This is an intelligence nightmare. Op-Ed by Andrew Wallace (antisec/bbc) The US constitution is a well thought-out document that is me 15 Nov 2009 11:19:28 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70816 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advi 15 Nov 2009 10:26:01 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70815 Hi, up to some days ago Twitter was affected by a vulnerability that allowed the propagation of a worm what we like to call "twitter swine flu". The v 13 Nov 2009 16:41:16 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70814 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advi 13 Nov 2009 16:31:00 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70811 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advi 13 Nov 2009 16:27:00 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70810 -----BEGIN KREMLIN TEXT 3.0 MESSAGE----- /""!!1H!@M11?G6Z=WEQ&X0=%#O**`OIK7P5P`IS4ACPJA@4%ID*"]QL6=Z6%%>]!%+2 J" ]7940N1&KD*)V$K!$- .2>B.%9EU0+]2S$$SN 13 Nov 2009 16:17:55 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70834 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advi 13 Nov 2009 16:05:00 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70808 =========================================================== Ubuntu Security Notice USN-859-1 November 13, 2009 openjdk-6 vulnerabilities CVE- 13 Nov 2009 10:38:07 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70806 OS Commerce authentication bypass Description: Accessing administration pages should give a login screen to unauthenticated users, however instead, 13 Nov 2009 08:57:08 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70804 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advi 13 Nov 2009 08:16:00 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70803 > > > ------------------------------ > > Message: 5 > Date: Thu, 12 Nov 2009 14:09:12 +0000 > From: Leandro Malaquias <lm.net.security@gmail.com> > Su 13 Nov 2009 06:56:05 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70802 Hello, my name is Tomoki Sanaki. I remade based http://www.milw0rm.com/exploits/9559. --------------------------------------------------------------- 13 Nov 2009 06:15:30 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70801 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [ PHP 5.2.11/5.3.0 Multiple Vulnerabilities ] Author: Maksymilian Arciemowicz http://SecurityReason.co 13 Nov 2009 04:50:42 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70800 Greetings Full Disclosure, For the past few weeks I've been facing a professional dilemma. Should I out someone who at one time fellated me? Should 12 Nov 2009 18:53:36 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70791 rPath Security Advisory: 2009-0142-2 Published: 2009-11-12 Updated: 2009-11-12 updated to reference CVE-2009-1891 Products: rPath Appliance Pl 12 Nov 2009 17:02:00 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70796 rPath Security Advisory: 2009-0145-1 Published: 2009-11-12 Products: rPath Appliance Platform Linux Service 1 rPath Appliance Platform Linux S 12 Nov 2009 14:55:48 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70795 rPath Security Advisory: 2009-0144-1 Published: 2009-11-12 Products: rPath Appliance Platform Linux Service 1 rPath Appliance Platform Linux S 12 Nov 2009 14:54:02 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70794 rPath Security Advisory: 2009-0143-1 Published: 2009-11-12 Products: rPath Appliance Platform Linux Service 2 rPath Linux 2 Rating: Informati 12 Nov 2009 14:51:45 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70793 rPath Security Advisory: 2009-0142-1 Published: 2009-11-12 Products: rPath Appliance Platform Linux Service 2 rPath Linux 2 Rating: Major Exp 12 Nov 2009 14:49:51 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70792 Note: This is a toolkit by Microsoft meant to be used on a thumb drive. There are many open source tools already available, this is just an all-in- 12 Nov 2009 10:07:40 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70789 =========================================================== Ubuntu Security Notice USN-858-1 November 12, 2009 openldap2.2 vulnerability CVE- 12 Nov 2009 06:29:21 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70781 Did not work on: Apache/2.2.8 (Ubuntu) DAV/2 PHP/5.2.4-2ubuntu5.7 with Suhosin-Patch Server -------- Original Message -------- Subject: [Full-disclos 12 Nov 2009 06:15:56 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70779 Website: http://gizmodo.com/5402796/microsoft-patents-the-sudo-command Patent: http://patft1.uspto.gov/netacgi/nph-Parser?Sect1=PTO1&Sect2=HITOFF&d=P 12 Nov 2009 06:09:12 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70780 ====================================================================== Secunia Research 12/11/2009 - Gimp BMP Image Pars 12 Nov 2009 05:18:51 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70785 Before the vulnerability.. HP buys 3Com in mega $2.7 billion deal http://www.scmagazineus.com/HP-buys-3Com-in-mega-27-billion-deal/article/157601/ H 11 Nov 2009 15:40:46 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70775 =========================================================== Ubuntu Security Notice USN-853-2 November 11, 2009 firefox-3.5, xulrunner-1.9.1 r 11 Nov 2009 09:00:13 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70773 ============================================= - Release date: November 11th, 2009 - Discovered by: Dawid Golunski - Severity: Moderately High ======== 11 Nov 2009 08:47:49 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70776 [Full-Disclosure] Mailing List Charter John Cartwright <johnc@grok.org.uk> - Introduction & Purpose - This document serves as a charter for the [F 11 Nov 2009 06:14:34 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70772 ============================================= - Release date: November 11th, 2009 - Discovered by: Laurent Gaffié - Severity: Medium/High ============ 11 Nov 2009 02:58:44 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70769 The Home Office says it will push ahead with plans to ask communications firms to monitor all internet use. http://news.bbc.co.uk/2/hi/uk_news/politi 10 Nov 2009 21:46:27 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70768 Berlin Wall: Why we aren't the Stasi intelligence friendly country the FBI thinks, and why they are doomed to falter. The folly of making FBI into a 10 Nov 2009 20:20:19 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70767 In a Court filing late Friday night, the Obama Administration attempted to dress up in new clothes its embrace of one of the worst Bush Administration 10 Nov 2009 20:00:49 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70766 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 iDefense Security Advisory 11.10.09 http://labs.idefense.com/intelligence/vulnerabilities/ Nov 10, 2009 10 Nov 2009 13:01:16 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70765 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 iDefense Security Advisory 11.10.09 http://labs.idefense.com/intelligence/vulnerabilities/ Nov 10, 2009 10 Nov 2009 12:19:48 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70764 ZDI-09-083: Microsoft Excel Shared Feature Header Pointer Offset Memory Corruption Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-08 10 Nov 2009 12:16:30 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70763 ZDI-09-082: Microsoft Office Excel PivotTable Cache Record Parsing Memory Corruption Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09- 10 Nov 2009 12:16:02 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70762 TPTI-09-07: Microsoft Windows License Logging Service Heap Corruption Vulnerability http://dvlabs.tippingpoint.com/advisory/TPTI-09-07 November 10, 20 10 Nov 2009 11:59:34 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70770 =========================================================== Ubuntu Security Notice USN-857-1 November 10, 2009 qt4-x11 vulnerabilities CVE-20 10 Nov 2009 07:53:20 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70761 =========================================================== Ubuntu Security Notice USN-856-1 November 10, 2009 cups, cupsys vulnerability CVE 10 Nov 2009 07:52:45 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70760 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA 09 Nov 2009 18:41:26 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70757 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Transport Layer Security Renegotiation Vulnerability Advisory ID: cisco-sa-20 09 Nov 2009 09:30:03 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70753 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advi 08 Nov 2009 13:20:00 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70747 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA 08 Nov 2009 11:47:33 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70746 Hello participants of Full-Disclosure! After the article Dark side of bookmarks (http://websecurity.com.ua/3643/), I'll draw you attention to another 08 Nov 2009 09:54:53 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70752 Hello participants of Full-Disclosure! I want to warn you about Denial of Service vulnerability in Internet Explorer. Yesterday I already informed Mi 08 Nov 2009 05:54:08 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70751