Full Disclosure | Full-Disclosure

Full Disclosure | Full-Disclosure Mailing List Archive by Gossamer Threads http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/ en-us (c) Gossamer Threads Inc. All rights reserved. 06 Jul 2008 13:40:11 -0800 120 Gossamer Threads | Full Disclosure | Full-Disclosure 75 23 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/ http://www.gossamer-threads.com/images/lists/rss_logo.jpg Re: Mrfetch Paul Carnes YouTube -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sat Jul 05 2008 - 18:19:30 CDT, Sock Puppet wrote: > REGISTRATION INFORMATION ****** > > Original Re 06 Jul 2008 07:28:44 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62405 Re: Mrfetch Paul Carnes YouTube On Sat, Jul 05, 2008 at 07:19:30PM -0400, Sock Puppet wrote: > Mrfetch (Paul Carnes) is a homosexual What the hell does this have to do with his tech 06 Jul 2008 04:46:49 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62404 Mrfetch Paul Carnes YouTube Mrfetch (Paul Carnes) is a homosexual that believes the internet is his personal army. In a video online, MrFetch attempts to rally the "you-tubers" t 05 Jul 2008 16:19:30 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62403 [SECURITY] [DSA 1602-1] New pcre3 packages fix arbitrary code execution -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA 05 Jul 2008 05:37:12 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62401 [ MDVSA-2008:135 ] - Updated gnome-screensaver packages fix authentication vulnerability -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Adv 04 Jul 2008 20:17:00 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62400 [ MDVSA-2008:134 ] - Updated squid packages fix DoS vulnerability -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Adv 04 Jul 2008 17:27:00 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62399 [ MDVSA-2008:133 ] - Updated sympa packages fix DoS vulnerability -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Adv 04 Jul 2008 15:46:00 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62398 [ MDVSA-2008:132 ] - Updated gnome-screensaver packages fix authentication vulnerability -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Adv 04 Jul 2008 15:26:00 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62397 Re: Panda ActiveScan 2.0 remote code execution "We are an impatient lot in this community." - well said... On Fri, 04 Jul 2008 08:59:40 -0400 "Randal T. Rioux" <randy@procyonlabs.com> wrote: >On 04 Jul 2008 14:39:35 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62396 Re: Panda ActiveScan 2.0 remote code execution The fixed version is now in production. Regards, ---------------------------------------------- Pedro Bustamante Senior Research Advisor Panda Secur 04 Jul 2008 14:08:13 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62395 [ MDVSA-2008:131 ] - Updated phpMyAdmin packages fix multiple vulnerabilities -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Adv 04 Jul 2008 13:58:00 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62394 Re: Panda ActiveScan 2.0 remote code execution no one cares about your slow response time or that it takes you a week to fix a bug that apps have had for 10 years. maybe if your product did not suc 04 Jul 2008 07:25:29 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62393 Re: Panda ActiveScan 2.0 remote code execution On Fri, July 4, 2008 7:02 am, Panda Security Response wrote: > Please allow at least one week for us to respond before public > disclousure. We only r 04 Jul 2008 05:59:40 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62391 zonedit.com e dns zone transfer For it domain, nic.it do not act as default secondary dns, so anyone have a .it domain have to buy a secondary dns service if hasn't one. zoneedit.c 04 Jul 2008 05:51:55 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62392 Re: Panda ActiveScan 2.0 remote code execution Embarassing init? Panda Security Response wrote: > Please allow at least one week for us to respond before public disclousure. We only received this 04 Jul 2008 04:41:54 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62390 Panda ActiveScan 2.0 remote code execution http://karol.wiesek.pl/files/panda.tgz K. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists. 04 Jul 2008 04:20:03 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62388 Re: Panda ActiveScan 2.0 remote code execution Please allow at least one week for us to respond before public disclousure. We only received this information a few days ago. Regards, ------------- 04 Jul 2008 04:02:13 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62389 Re: Facebook script injection vulnerabilities The two remaining vulnerabilities seem to have been fixed today. Updated information: 7) Escaping JS sandbox with literal String reference Impact: e 04 Jul 2008 02:46:05 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62387 [SECURITY] [DSA 1601-1] New wordpress packages fix several vulnerabilities -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA 04 Jul 2008 00:16:56 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62402 [ MDVSA-2008:130 ] - Updated PHP packages fix multiple vulnerabilities -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Adv 03 Jul 2008 20:20:00 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62386 Re: n3td3v podcast you figured me out! On Thu, Jul 3, 2008 at 5:09 PM, Arturo 'Buanzo' Busleiman <buanzo@buanzo.com.ar> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Ha 03 Jul 2008 20:18:48 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62385 [ MDVSA-2008:129 ] - Updated PHP packages fix multiple vulnerabilities -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Adv 03 Jul 2008 20:16:00 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62384 [ MDVSA-2008:128 ] - Updated PHP packages fix multiple vulnerabilities -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Adv 03 Jul 2008 17:05:00 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62381 [ MDVSA-2008:127 ] - Updated PHP packages fix multiple vulnerabilities -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Adv 03 Jul 2008 16:59:00 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62380 [ MDVSA-2008:126 ] - Updated PHP packages fix multiple vulnerabilities -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Adv 03 Jul 2008 16:55:00 -0800 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/62383