Full Disclosure (date)
January 31, 2008
- Re: [Full-disclosure] back to high value targets, coderman, 19:29
- Re: [Full-disclosure] back to high value targets, coderman, 19:08
- [Full-disclosure] [USN-573-1] PulseAudio vulnerability, Jamie Strandboge, 18:57
- Re: [Full-disclosure] back to high value targets, gmaggro, 18:36
- Re: [Full-disclosure] back to high value targets, Valdis . Kletnieks, 18:15
- Re: [Full-disclosure] back to high value targets, Dude VanWinkle, 18:05
- Re: [Full-disclosure] back to high value targets, gmaggro, 17:23
- Re: [Full-disclosure] back to high value targets, Valdis . Kletnieks, 17:12
- [Full-disclosure] back to high value targets, gmaggro, 17:02
- Re: [Full-disclosure] Save XP, Bill Stout, 15:28
- [Full-disclosure] Attackers can SkypeFind you, avivra, 14:02
- Re: [Full-disclosure] Save XP, Peter Besenbruch, 13:08
- [Full-disclosure] undersea cable cut and internet problem!, crazy frog crazy frog, 12:36
- [Full-disclosure] Livelink UTF-7 XSS Vulnerability, David Kierznowski, 12:04
- Re: [Full-disclosure] Save XP, Tyler Reguly, 11:42
- [Full-disclosure] Multiple Remote File Inclusion Vulnerabilities in Mindmeld version 1.2.0.10, David Wharton, 09:47
- Re: [Full-disclosure] dude vanwinkle turns against fergdawg, trendmicro, poo, 08:55
- [Full-disclosure] [ MDVSA-2008:029 ] - Updated ruby packages fix possible man-in-the-middle attack, security, 07:33
- [Full-disclosure] MySpace Uploader ActiveX Control Buffer Overflow, Elazar Broad, 07:22
- [Full-disclosure] [ GLSA 200801-22 ] PeerCast: Buffer overflow, Pierre-Yves Rofes, 07:22
- [Full-disclosure] [ GLSA 200801-21 ] Xdg-Utils: Arbitrary command execution, Pierre-Yves Rofes, 07:22
- Re: [Full-disclosure] Save XP, Dude VanWinkle, 07:11
- Re: [Full-disclosure] Save XP, scott, 07:11
- [Full-disclosure] dude vanwinkle turns against fergdawg, trendmicro, worried security, 07:11
- Re: [Full-disclosure] Save XP, mgk.mailing, 07:01
- Re: [Full-disclosure] [ GLSA 200801-17 ] Netkit FTP Server: Denial of Service, Jamie Haggett, 07:01
- Re: [Full-disclosure] Save XP, Linval Thompson, 07:01
- [Full-disclosure] [ MDVSA-2008:028 ] - Updated MySQL packages fix multiple vulnerabilities, security, 06:50
- Re: [Full-disclosure] Save XP, Bill Stout, 06:50
January 29, 2008
- [Full-disclosure] [ GLSA 200801-16 ] MaraDNS: CNAME Denial of Service, Raphael Marichez, 20:00
- [Full-disclosure] [ GLSA 200801-17 ] Netkit FTP Server: Denial of Service, Raphael Marichez, 19:40
- Re: [Full-disclosure] Save XP, James Matthews, 17:56
- Insecure Use of RC4 in LSrunasE and Supercrypt (CVE-2007-6340), Daniel Roethlisberger, 17:45
- Re: [Full-disclosure] Save XP, blah, 17:35
- Re: [Full-disclosure] Save XP, Peter Besenbruch, 17:03
- [Full-disclosure] [SECURITY] [DSA 1479-1] New Linux 2.6.18 packages fix several vulnerabilities, dann frazier, 14:47
- [Full-disclosure] Advisory: Tripwire Enterprise/Server XSS Vulnerability, Liquidmatrix Security Digest, 10:47
- Re: [Full-disclosure] Save XP, Tremaine Lea, 09:25
- Re: [Full-disclosure] Save XP, Steward Smith, 07:32
- Re: [Full-disclosure] Save XP, Vincent Archer, 06:10
- [Full-disclosure] [ GLSA 200801-15 ] PostgreSQL: Multiple vulnerabilities, Raphael Marichez, 06:10
January 28, 2008
- Re: [Full-disclosure] Save XP, T Biehn, 23:48
- Re: [Full-disclosure] Save XP, dxp, 23:27
- Re: [Full-disclosure] Save XP, Larry Seltzer, 22:56
- Re: [Full-disclosure] Save XP, Valdis . Kletnieks, 20:32
- Re: [Full-disclosure] Save XP, T Biehn, 20:22
- Re: [Full-disclosure] Save XP, Paul Schmehl, 19:41
- Re: [Full-disclosure] Save XP, Larry Seltzer, 19:30
- Re: [Full-disclosure] Save XP, Ed Carp, 19:19
- Re: [Full-disclosure] Save XP, Peter Dawson, 19:08
- [Full-disclosure] Save XP, scott, 18:58
- Re: [Full-disclosure] 0day LINUX 0day LATEST, Valdis . Kletnieks, 18:47
- [Full-disclosure] [SECURITY] [DSA 1478-1] New mysql-dfsg-5.0 packages fix several vulnerabilities, Moritz Muehlenhoff, 16:52
- [Full-disclosure] Uninformed Journal Release Announcement: Volume 9, Uninformed Journal, 15:26
- Re: [Full-disclosure] A friendly request on behalf of Bart Cilfone, reepex, 15:04
- [Full-disclosure] Nipper update released, Ian Ventura-Whiting, 14:53
- Re: [Full-disclosure] A friendly request on behalf of Bart Cilfone, James D. Stallard, 14:21
- Re: [Full-disclosure] Metasploit Framework v3.1 Released, Dude VanWinkle, 14:20
- Re: [Full-disclosure] Metasploit Framework v3.1 Released, Marco Ermini, 14:20
- [Full-disclosure] CORE-2007-1219: Firebird Remote Memory Corruption, Core Security Technologies Advisories, 14:10
- Re: [Full-disclosure] Project Chanology, worried security, 13:59
- Re: [Full-disclosure] Metasploit Framework v3.1 Released, worried security, 13:47
- Re: [Full-disclosure] 0day LINUX 0day LATEST, Andrew Dawson, 12:42
- Re: [Full-disclosure] asking about certificate, wilder_jeff Wilder, 12:31
- Re: [Full-disclosure] A friendly request on behalf of Bart Cilfone, Stack Smasher, 10:26
- Re: [Full-disclosure] 0day LINUX 0day LATEST, atlas, 10:26
- [Full-disclosure] A friendly request on behalf of Bart Cilfone, Donald Republic, 09:55
- Re: [Full-disclosure] 0day LINUX 0day LATEST, Andrew Farmer, 07:31
- [Full-disclosure] 0day LINUX 0day LATEST, wejwklekl246, 07:00
- Re: [Full-disclosure] Metasploit Framework v3.1 Released, Joey Mengele, 02:53
- Re: [Full-disclosure] [MailServer Notification]Content Filtering Notification, Joey Mengele, 02:53
- Re: [Full-disclosure] Metasploit Framework v3.1 Released, Joey Mengele, 02:42
- [Full-disclosure] Metasploit Framework v3.1 Released, H D Moore, 02:11
January 27, 2008
- Re: [Full-disclosure] asking about certificate, Lyal Collins, 21:44
- Re: [Full-disclosure] Selling codes exploiting 0-days vulnerabilities, coderman, 21:13
- [Full-disclosure] Patch for the http module from THC-Hydra: error handling the HTTP response codes, Juan Galiana, 20:42
- Re: [Full-disclosure] Welcome to the "Full-Disclosure" mailing list, tlords, 17:46
- [Full-disclosure] asking about certificate, shadow floating, 17:25
- [Full-disclosure] asking about certificate, shadow floating, 17:15
- [Full-disclosure] [SECURITY] [DSA 1477-1] New yarssr packages fix arbitrary shell command execution, Moritz Muehlenhoff, 14:51
- [Full-disclosure] [SECURITY] [DSA 1476-1] New pulseaudio packages fix privilege escalation, Moritz Muehlenhoff, 14:41
- [Full-disclosure] [ GLSA 200801-14 ] Blam: User-assisted execution of arbitrary code, Robert Buchholz, 13:39
- [Full-disclosure] [ GLSA 200801-13 ] ngIRCd: Denial of Service, Robert Buchholz, 13:18
- [Full-disclosure] [ GLSA 200801-12 ] xine-lib: User-assisted execution of arbitrary code, Robert Buchholz, 13:08
- [Full-disclosure] [ GLSA 200801-11 ] CherryPy: Directory traversal vulnerability, Robert Buchholz, 12:57
- Re: [Full-disclosure] Selling codes exploiting 0-days vulnerabilities, gmaggro, 02:21
January 26, 2008
- Re: [Full-disclosure] Selling codes exploiting 0-days vulnerabilities, Shyaam, 23:47
- [Full-disclosure] Move Networks Upgrade Manager QMPUpgrade.dll Buffer Overflow, Elazar Broad, 23:26
- [Full-disclosure] phpIP 4.3.2 - Numerous SQL Injection Vulnerablities, Charles Hooper, 21:43
- Re: [Full-disclosure] Selling codes exploiting 0-days vulnerabilities, T Biehn, 21:43
- [Full-disclosure] Selling codes exploiting 0-days vulnerabilities, Gerrit-Jan Nieuwegein, 20:31
- Re: [Full-disclosure] Project Chanology, Dude VanWinkle, 18:49
- Re: [Full-disclosure] Project Chanology, gmaggro, 12:28
- Re: [Full-disclosure] Project Chanology, gmaggro, 12:17
- Re: [Full-disclosure] Project Chanology, worried security, 11:56
- Re: [Full-disclosure] Project Chanology, gmaggro, 11:05
- [Full-disclosure] Statcounter.com exposed credentials, Gianni Amato, 09:02
- Re: [Full-disclosure] Project Chanology, worried security, 07:40
- Re: [Full-disclosure] Project Chanology, over9k, 07:19
- Re: [Full-disclosure] Project Chanology, worried security, 05:36
- Re: [Full-disclosure] Prominent lack of scientology ubershit on FD?, worried security, 04:03
- [Full-disclosure] Prominent lack of scientology ubershit on FD?, cos, 02:30
January 25, 2008
- [Full-disclosure] Tool availability - browser DOM Checker, Michal Zalewski, 20:53
- [Full-disclosure] [ MDVSA-2008:027 ] - Updated pulseaudio packages fix local root vulnerability, security, 20:42
- [Full-disclosure] [ MDVSA-2008:026 ] - Updated icu packages fix vulnerabilities, security, 16:54
- Re: [Full-disclosure] Project Chanology, Dude VanWinkle, 16:44
- Re: [Full-disclosure] Peers static overflow in BitTorrent 6.0 and uTorrent 1.7.5, Luigi Auriemma, 16:22
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] PlanNetGroup ( F ), Valdis . Kletnieks, 13:22
- Re: [Full-disclosure] Bart Richard Cilfone A.k.a. Bart Cilfone ofUbersite, Boredatwork, Uber.fm..., SilentRunner, 12:50
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] PlanNetGroup ( F ), Dude VanWinkle, 12:07
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] PlanNetGroup ( F ), Nate McFeters, 11:36
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] PlanNetGroup ( F ), Dude VanWinkle, 11:25
- Re: [Full-disclosure] Bart Richard Cilfone A.k.a. Bart Cilfone of Ubersite, Boredatwork, Uber.fm..., Nate McFeters, 02:10
- [Full-disclosure] Bart Richard Cilfone A.k.a. Bart Cilfone of Ubersite, Boredatwork, Uber.fm..., Bart Cilfone, 00:38
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] PlanNetGroup ( F ), Valdis . Kletnieks, 00:27
January 24, 2008
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] PlanNetGroup ( F ), Rob Michel, 21:12
- Re: [Full-disclosure] Project Chanology, Phillip Partipilo, 19:38
- [Full-disclosure] wfuzz v1.4 - The web bruteforcer, Christian Martorella, 19:27
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] PlanNetGroup ( F ), Valdis . Kletnieks, 18:03
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] PlanNetGroup ( F ), Valdis . Kletnieks, 17:52
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] PlanNetGroup ( F ), Dude VanWinkle, 17:41
- rPSA-2008-0030-1 CherryPy, rPath Update Announcements, 17:20
- rPSA-2008-0029-1 bind bind-utils, rPath Update Announcements, 17:09
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] PlanNetGroup ( F ), Dude VanWinkle, 16:58
- [Full-disclosure] iDefense Security Advisory 01.23.08: IBM AIX pioout BSS Buffer Overflow Vulnerability, iDefense Labs, 16:26
- [Full-disclosure] iDefense Security Advisory 01.22.08: IBM Tivoli PMfOSD HTTP Request Method Buffer Overflow Vulnerability, iDefense Labs, 15:33
- [Full-disclosure] Project Chanology, gmaggro, 15:33
- [ GLSA 200801-10 ] TikiWiki: Multiple vulnerabilities, Raphaël Marichez, 12:10
- Re: [Full-disclosure] scada/plc gear, gmaggro, 11:18
- [Full-disclosure] [ MDVSA-2008:024 ] - Updated libxfont packages fix font handling vulnerability, security, 10:16
- [Full-disclosure] [ MDVSA-2008:023 ] - Updated x11-server packages fix multiple vulnerabilities, security, 10:16
- [Full-disclosure] [ MDVSA-2008:022 ] - Updated xorg-x11 packages fix multiple vulnerabilities, security, 10:16
- [Full-disclosure] [ MDVSA-2008:021 ] - Updated XFree86 packages fix multiple vulnerabilities, security, 10:05
- [Full-disclosure] iPhone remote DoS :(, c0ntex, 08:12
- [Full-disclosure] [ MDVSA-2008:025 ] - Updated x11-server-xgl packages fix multiple vulnerabilities, security, 03:14
January 23, 2008
- [Full-disclosure] Directory Traversal Vulnerability in Aconon Mail, Arno Töll, 23:05
- [Full-disclosure] [ GLSA 200801-10 ] TikiWiki: Multiple vulnerabilities, Raphael Marichez, 20:19
- [Full-disclosure] [SECURITY] [DSA 1474-1] New exiv2 packages fix arbitrary code execution, Moritz Muehlenhoff, 18:14
- [Full-disclosure] [SECURITY] [DSA 1444-2] New php5 packages fix regression, Moritz Muehlenhoff, 18:03
- [Full-disclosure] THIS IS NOT A SCAM: REAL TRUECRYPT FOR MACOS IS HERE!, Fabio Pietrosanti (naif), 16:39
- [Full-disclosure] Cisco Security Advisory: Default Passwords in the Application Velocity System, Cisco Systems Product Security Incident Response Team, 14:03
- [Full-disclosure] Cisco Security Advisory: Cisco PIX and ASA Time-to-Live Vulnerability, Cisco Systems Product Security Incident Response Team, 13:21
- Re: [Full-disclosure] old junk, Tonu Samuel, 01:27
- [Full-disclosure] PHP 5.2.5 cURL safe_mode bypass, Maksymilian Arciemowicz, 01:27
January 22, 2008
- [Full-disclosure] UPDATED VMSA-2008-0001.1 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages, VMware Security team, 22:02
- [Full-disclosure] [ MDVSA-2008:020 ] - Updated xine-lib packages fix remote code execution vulnerabilities, security, 20:40
- [Full-disclosure] Apache mod_negotiation Xss and Http Response Splitting, Minded Security Research Labs, 18:56
- Re: [Full-disclosure] Skype videomood XSS, avivra, 15:47
- [Full-disclosure] CarolinaCon-2008, March 28th-30th, Vic Vandal, 15:36
- [Full-disclosure] Firefox 2.0.0.11 Chrome Privilege Escalation PoC, carl hardwick, 14:52
- Re: [Full-disclosure] old junk, reepex, 14:41
- [Full-disclosure] Some hashes for the record, Sergio 'shadown' Alvarez, 11:31
- [Full-disclosure] Troopers 08 Security Conference, Call for Papers, Enno Rey, 06:21
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] PlanNetGroup ( F ), Eduardo Tongson, 05:50
- [Full-disclosure] HP Virtual Rooms WebHPVCInstall Control Multiple Buffer Overflows, Elazar Broad, 04:07
- [Full-disclosure] [ MDVSA-2008:019 ] - Updated cairo packages fix vulnerability, security, 02:44
- Re: [Full-disclosure] congenital idiots(dont u know who nick fitzgerald is?(now I KNOW why I never post in my real name)) Re: [Professional IT Security Providers - Exposed] PlanNetGroup ( F ), Nate McFeters, 01:53
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] PlanNetGroup ( F ), Nate McFeters, 01:53
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] PlanNetGroup ( F ), Pat, 01:53
- Re: [Full-disclosure] congenital idiots(dont u know who nick fitzgerald is?(now I KNOW why I never post in my real name)) Re: [Professional IT Security Providers - Exposed] PlanNetGroup ( F ), reepex, 01:42
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] PlanNetGroup ( F ), reepex, 01:32
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] PlanNetGroup ( F ), Pat, 01:21
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] PlanNetGroup ( F ), Nick FitzGerald, 01:21
- Re: [Full-disclosure] [Professional IT Security Providers -Exposed] PlanNetGroup ( F ), nate . mcfeters, 01:00
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] PlanNetGroup ( F ), Paul Melson, 00:50
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] PlanNetGroup ( F ), Nick FitzGerald, 00:39
- Re: [Full-disclosure] [Professional IT Security Providers -Exposed] PlanNetGroup ( F ), Derek Buelna, 00:28
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] PlanNetGroup ( F ), reepex, 00:28
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] PlanNetGroup ( F ), Pat, 00:28
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] PlanNetGroup ( F ), Harry Hoffman, 00:28
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] PlanNetGroup ( F ), Harry Hoffman, 00:18
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] PlanNetGroup ( F ), reepex, 00:18
- Re: [Full-disclosure] [Professional IT Security Providers -Exposed] PlanNetGroup ( F ), nate . mcfeters, 00:07
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] PlanNetGroup ( F ), reepex, 00:07
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] PlanNetGroup ( F ), Valdis . Kletnieks, 00:07
January 21, 2008
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] PlanNetGroup ( F ), Nick FitzGerald, 23:57
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] PlanNetGroup ( F ), Nick FitzGerald, 23:57
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] PlanNetGroup ( F ), reepex, 23:57
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] PlanNetGroup ( F ), Maxim, 23:46
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] PlanNetGroup ( F ), Nate McFeters, 23:46
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] PlanNetGroup ( F ), Harry Hoffman, 23:36
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] PlanNetGroup ( F ), Valdis . Kletnieks, 23:25
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] PlanNetGroup ( F ), Valdis . Kletnieks, 23:04
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] PlanNetGroup ( F ), damncon, 23:04
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] PlanNetGroup ( F ), Nick FitzGerald, 22:53
- [Full-disclosure] [ MDVSA-2008:018 ] - Updated gFTP packages fix vulnerabilities, security, 21:52
- [Full-disclosure] [SECURITY] [DSA 1473-1] New scponly packages fix arbitrary code execution, Florian Weimer, 18:46
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] PlanNetGroup ( F ), Valdis . Kletnieks, 18:36
- [Full-disclosure] [SECURITY] [DSA 1466-3] New xfree86 packages fix regression, Moritz Muehlenhoff, 17:00
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] PlanNetGroup ( F ), J. Oquendo, 15:03
- [Full-disclosure] [SECURITY] [DSA 1472-1] New xine-lib packages fix arbitrary code execution, Moritz Muehlenhoff, 14:53
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] PlanNetGroup ( F ), Nate McFeters, 14:53
- [Full-disclosure] [SECURITY] [DSA 1471-1] New libvorbis packages fix several vulnerabilities, Moritz Muehlenhoff, 14:31
- Re: [Full-disclosure] [Professional IT Security Providers -Exposed] PlanNetGroup ( F ), Jerry dePriest, 14:31
- Re: [Full-disclosure] [Professional IT Security Providers -Exposed] PlanNetGroup ( F ), Nate McFeters, 13:58
- Re: [Full-disclosure] [Professional IT Security Providers -Exposed] PlanNetGroup ( F ), Jerry dePriest, 13:36
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] PlanNetGroup ( F ), SecReview, 13:14
- [Full-disclosure] Pass-The-Hash Toolkit v1.2 released., Hernan Ochoa, 13:03
- [Full-disclosure] WifiZoo v1.3 released (minor release), Hernan Ochoa, 09:24
- [Full-disclosure] RIAA site hacked. Again, Tonu Samuel, 08:53
- [Full-disclosure] old junk, Micheal Turner, 08:53
- [Full-disclosure] Call Jacking: Phreaking the BT Home Hub, Adrian P, 07:00
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] PlanNetGroup ( F ), Nate McFeters, 03:34
- [Full-disclosure] AXIGEN 5.0.x AXIMilter Format String Exploit, hempel, 00:49
January 20, 2008
- [Full-disclosure] [Professional IT Security Providers - Exposed] PlanNetGroup ( F ), secreview, 21:54
- [Full-disclosure] Fwd: Incident: High traffic social media sites being exploited, worried security, 20:12
- [Full-disclosure] [SECURITY] [DSA 1470-1] New horde3 packages fix denial of service, Moritz Muehlenhoff, 19:00
- [Full-disclosure] [ GLSA 200801-09 ] X.Org X server and Xfont library: Multiple vulnerabilities, Robert Buchholz, 18:08
- [Full-disclosure] sqlninja 0.2.2 released, A. R., 16:25
- [Full-disclosure] [SECURITY] [DSA 1469-1] New flac packages fix arbitrary code execution, Moritz Muehlenhoff, 12:08
- [Full-disclosure] [SECURITY] [DSA 1468-1] New tomcat5.5 packages fix several vulnerabilities, Moritz Muehlenhoff, 11:48
- [Full-disclosure] [ MDVSA-2008:017 ] - Updated MySQL packages fix multiple vulnerabilities, security, 00:00
January 19, 2008
- [Full-disclosure] [ GLSA 200801-08 ] libcdio: User-assisted execution of arbitrary code, Robert Buchholz, 21:16
- [Full-disclosure] [ GLSA 200801-07 ] Adobe Flash Player: Multiple vulnerabilities, Robert Buchholz, 21:05
- [Full-disclosure] [SECURITY] [DSA 1466-2] New xorg-server packages fix regression, Moritz Muehlenhoff, 09:44
- [Full-disclosure] [SECURITY] [DSA 1467-1] New mantis packages fix several vulnerabilities, Thijs Kinkhorst, 09:33
- [Full-disclosure] [USN-571-2] X.org regression, Kees Cook, 04:36
- [Full-disclosure] silentbaker trojan sample, J B, 00:30
January 18, 2008
- [Full-disclosure] [USN-572-1] apt-listchanges vulnerability, Kees Cook, 19:33
- Re: [Full-disclosure] what is this?, worried security, 15:28
- Re: [Full-disclosure] what is this?, Fredrick Diggle, 14:13
- Re: [Full-disclosure] [FDSA] Sort - Critical Format String Vulnerability, reepex, 14:12
- Re: [Full-disclosure] Gadi Bashing, enough already...., auto71278, 13:29
- Re: [Full-disclosure] Minute of Silence, Fredrick Diggle, 12:57
- Re: [Full-disclosure] Minute of Silence, T Biehn, 12:45
- Re: [Full-disclosure] Minute of Silence, Joey Mengele, 12:34
- Re: [Full-disclosure] Minute of Silence, Byron Sonne, 12:34
- Re: [Full-disclosure] Minute of Silence, Paul Schmehl, 11:50
- [Full-disclosure] Minute of Silence, dxp, 11:50
- Re: [Full-disclosure] [FDSA] Sort - Critical Format StringVulnerability, Larry Seltzer, 11:19
- Re: [Full-disclosure] [FDSA] Sort - Critical Format String Vulnerability, Joey Mengele, 10:37
- Re: [Full-disclosure] [FDSA] Sort - Critical Format String Vulnerability, Fredrick Diggle, 10:37
- [Full-disclosure] [FIXED] Remote Denial of Service for SSH service at Dell DRAC4 (maybe Mocana SSH), Robert Scheck, 07:51
- Re: [Full-disclosure] [FDSA] Sort - Critical Format String Vulnerability, Tonnerre Lombard, 04:46
- [Full-disclosure] [USN-571-1] X.org vulnerabilities, Kees Cook, 03:21
January 17, 2008
- Re: [Full-disclosure] Liba Cohn, Cruise Insurance -- What if You Get Sick on the Ship? Tips from Industry Expert Travel Insurance Services, James Rankin, 20:36
- [Full-disclosure] ZDI-08-002: Citrix Presentation Server IMA Service Heap Overflow Vulnerability, zdi-disclosures, 20:15
- Re: [Full-disclosure] what is this?, Paul Schmehl, 20:04
- Re: [Full-disclosure] what is this?, Valdis . Kletnieks, 19:54
- [Full-disclosure] IMF 2008 - Call for Papers, Oliver Goebel, 19:00
- Re: [Full-disclosure] what is this?, Valdis . Kletnieks, 18:50
- Re: [Full-disclosure] [FDSA] Notepad Highly CriticalCross-SiteScripting (XSS) Vulnerability, Randal T. Rioux, 18:38
- Re: [Full-disclosure] [FDSA] Notepad Highly Critical Cross-Site Scripting (XSS) Vulnerability, worried security, 17:45
- Re: [Full-disclosure] what is this?, Fredrick Diggle, 17:45
- [Full-disclosure] iDefense Security Advisory 01.17.08: Multiple Vendor X Server XFree86-Misc Extension Invalid Array Index Vulnerability, iDefense Labs, 17:14
- Re: [Full-disclosure] what is this?, Valdis . Kletnieks, 17:14
- [Full-disclosure] iDefense Security Advisory 01.17.08: Multiple Vendor X Server EVI and MIT-SHM Extensions Integer Overflow Vulnerabilities, iDefense Labs, 17:14
- [Full-disclosure] iDefense Security Advisory 01.17.08: Multiple Vendor X Server TOG-CUP Extension Information Disclosure Vulnerability, iDefense Labs, 17:14
- [Full-disclosure] iDefense Security Advisory 01.17.08: Multiple Vendor X Server XInput Extension Multiple Memory Corruption Vulnerabilities, iDefense Labs, 17:04
- Re: [Full-disclosure] Gadi Bashing, enough already...., Valdis . Kletnieks, 17:04
- Re: [Full-disclosure] [FDSA] Notepad Highly Critical Cross-Site Scripting (XSS) Vulnerability, M.B.Jr., 17:04
- Re: [Full-disclosure] Gadi Bashing, enough already...., Valdis . Kletnieks, 16:53
- Re: [Full-disclosure] Skype videomood XSS, avivra, 16:53
- Re: [Full-disclosure] [FDSA] Notepad Highly Critical Cross-Site Scripting (XSS) Vulnerability, BlackHawk, 16:53
- Re: [Full-disclosure] Gadi Bashing, enough already...., Rob Thompson, 16:31
- Re: [Full-disclosure] [FDSA] Notepad Highly Critical Cross-Site Scripting (XSS) Vulnerability, Fredrick Diggle, 15:39
- [Full-disclosure] [SECURITY] [DSA 1466-1] New xorg-server packages fix several vulnerabilities, Moritz Muehlenhoff, 15:39
- [Full-disclosure] SUSE Security Announcement: Xorg and XFree (SUSE-SA:2008:003), Thomas Biege, 15:29
- Re: [Full-disclosure] [FDSA] Notepad Highly Critical Cross-Site Scripting (XSS) Vulnerability, Sascha Roeske, 15:29
- Re: [Full-disclosure] [FDSA] Notepad Highly Critical Cross-Site Scripting (XSS) Vulnerability, str0ke, 15:29
- Re: [Full-disclosure] Hardware-based full disk encryption, Bill Stout, 15:18
- Re: [Full-disclosure] [FDSA] Notepad Highly Critical Cross-Site Scripting (XSS) Vulnerability, M.B.Jr., 14:46
- Re: [Full-disclosure] [FDSA] Notepad Highly Critical Cross-Site Scripting (XSS) Vulnerability, T Biehn, 14:46
- [Full-disclosure] [FDSA] Sort - Critical Format String Vulnerability, Fredrick Diggle, 14:34
- Re: [Full-disclosure] [FDSA] Notepad Highly Critical Cross-Site Scripting (XSS) Vulnerability, Nate McFeters, 14:23
- [Full-disclosure] [FDSA] Notepad Highly Critical Cross-Site Scripting (XSS) Vulnerability, Fredrick Diggle, 14:12
- Re: [Full-disclosure] Gadi Bashing, enough already...., Fredrick Diggle, 13:40
- rPSA-2008-0021-1 kernel, rPath Update Announcements, 13:07
- Re: [Full-disclosure] Gadi Bashing, enough already...., reepex, 12:57
- Re: [Full-disclosure] what is this?, reepex, 12:57
- [Full-disclosure] [SECURITY] [DSA 1465-2] New apt-listchanges packages fix arbitrary code execution, Steve Kemp, 12:46
- rPSA-2008-0018-1 mysql mysql-bench mysql-server, rPath Update Announcements, 12:25
- Re: [Full-disclosure] Gadi Bashing, enough already...., Fredrick Diggle, 12:14
- Re: [Full-disclosure] Liba Cohn, Cruise Insurance -- What if You Get Sick on the Ship? Tips from Industry Expert Travel Insurance Services, guiness.stout, 11:21
- [Full-disclosure] [SECURITY] [DSA 1465-1] New apt-listchanges packages fix arbitrary code execution, Steve Kemp, 11:10
- Re: [Full-disclosure] Gadi Bashing, enough already...., Epic, 11:10
- Re: [Full-disclosure] Liba Cohn, Cruise Insurance -- What if You Get Sick on the Ship? Tips from Industry Expert Travel Insurance Services, guiness.stout, 10:28
- [Full-disclosure] Yahoo! CAPTCHA hacked, John Wane, 09:47
- [Full-disclosure] Skype videomood XSS, Miroslav LuÄinskij, 07:54
- Re: [Full-disclosure] Hardware-based full disk encryption, coderman, 04:49
- Re: [Full-disclosure] what is this?, SilentRunner, 04:38
- [Full-disclosure] Liba Cohn, Cruise Insurance -- What if You Get Sick on the Ship? Tips from Industry Expert Travel Insurance Services, william romsay, 04:17
- [Full-disclosure] Gadi Bashing, enough already...., Richard Golodner, 03:56
- Re: [Full-disclosure] what is this?, scott, 01:21
January 16, 2008
- Re: [Full-disclosure] what is this?, Tremaine Lea, 23:49
- Re: [Full-disclosure] what is this?, damncon, 23:18
- Re: [Full-disclosure] what is this?, reepex, 23:07
- Re: [Full-disclosure] what is this?, worried security, 23:07
- Re: [Full-disclosure] what is this?, Paul Schmehl, 22:57
- Re: [Full-disclosure] what is this?, reepex, 22:46
- [Full-disclosure] [ MDVSA-2008:016 ] - Updated apache 2.2.x packages fix multiple vulnerabilities, security, 20:01
- [Full-disclosure] [USN-570-1] boost vulnerabilities, Jamie Strandboge, 19:19
- [Full-disclosure] [ MDVSA-2008:015 ] - Updated apache 2.0.x packages fix multiple vulnerabilities, security, 18:57
- [Full-disclosure] [ MDVSA-2008:014 ] - Updated apache 1.3.x packages fix multiple vulnerabilities, security, 18:45
- [Full-disclosure] TPTI-08-02: Cisco Call Manager CTLProvider Heap Overflow Vulnerability, DVLabs, 17:09
- Re: [Full-disclosure] NorfolkDesign.com proven track of excellence, Robert Allinson, 17:09
- [Full-disclosure] Peers static overflow in BitTorrent 6.0 and uTorrent 1.7.5, Luigi Auriemma, 15:24
- Re: [Full-disclosure] Hardware-based full disk encryption, Elazar Broad, 13:46
- [Full-disclosure] Cisco Security Advisory: Cisco Unified Communications Manager CTL Provider Heap Overflow, Cisco Systems Product Security Incident Response Team, 13:13
- Re: [Full-disclosure] Hardware-based full disk encryption, Fredrick Diggle, 12:19
- Re: [Full-disclosure] Hardware-based full disk encryption, coderman, 12:08
- [Full-disclosure] Hardware-based full disk encryption, Frank Sanders, 11:47
- Re: [Full-disclosure] what is this?, auto71278, 11:16
- Re: [Full-disclosure] NorfolkDesign.com proven track of excellence, Nate McFeters, 01:48
- Re: [Full-disclosure] NorfolkDesign.com proven track of excellence, worried security, 01:37
- Re: [Full-disclosure] IN RESPONSE TO "Norfolkdesign.com theft and deceit", scott, 00:35
- Re: [Full-disclosure] NorfolkDesign.com proven track of excellence, scott, 00:04
January 15, 2008
- Re: [Full-disclosure] NorfolkDesign.com proven track of excellence, Nate McFeters, 23:54
- Re: [Full-disclosure] NorfolkDesign.com proven track of excellence, Valdis . Kletnieks, 23:33
- Re: [Full-disclosure] NorfolkDesign.com proven track of excellence, Nate McFeters, 22:31
- Re: [Full-disclosure] what is this?, Thomas Pollet, 22:10
- [Full-disclosure] TPTI-08-01: Apple Quicktime Image File IDSC Atom Memory Corruption Vulnerability, DVLabs, 22:10
- [Full-disclosure] rPSA-2008-0017-1 libxml2, rPath Update Announcements, 22:10
- [Full-disclosure] rPSA-2008-0016-1 postgresql postgresql-server, rPath Update Announcements, 22:10
- [Full-disclosure] rPSA-2008-0015-1 cairo, rPath Update Announcements, 22:00
- Re: [Full-disclosure] NorfolkDesign.com proven track of excellence, Nick FitzGerald, 22:00
- Re: [Full-disclosure] NorfolkDesign.com proven track of excellence, worried security, 21:38
- Re: [Full-disclosure] NorfolkDesign.com proven track of excellence, Ronnie - Norfolk Design, 21:28
- Re: [Full-disclosure] NorfolkDesign.com proven track of excellence, Valdis . Kletnieks, 21:28
- Re: [Full-disclosure] NorfolkDesign.com proven track of excellence, Ronnie - Norfolk Design, 20:47
- Re: [Full-disclosure] NorfolkDesign.com proven track of excellence, Nick FitzGerald, 20:47
- Re: [Full-disclosure] NorfolkDesign.com proven track of excellence, Ronnie - Norfolk Design, 20:36
- Re: [Full-disclosure] NorfolkDesign.com proven track of excellence, Fredrick Diggle, 20:36
- Re: [Full-disclosure] NorfolkDesign.com proven track of excellence, Thomas Pollet, 20:25
- [Full-disclosure] [SECURITY] [DSA 1464-1] New syslog-ng packages fix denial of service, Moritz Muehlenhoff, 20:25
- [Full-disclosure] NorfolkDesign.com proven track of excellence, Ronnie - Norfolk Design, 20:15
- Re: [Full-disclosure] IN RESPONSE TO "Norfolkdesign.com theft and deceit", Alan J. Wylie, 20:04
- Re: [Full-disclosure] NorfolkDesign.com proven track of excellence, Alan J. Wylie, 20:04
- [Full-disclosure] iDefense Security Advisory 01.15.08: Apple QuickTime Macintosh Resource Processing Heap Corruption Vulnerability, iDefense Labs, 19:43
- Re: [Full-disclosure] [FDSA] Multiple Vulnerabilities in Your Computer (all versions), 3APA3A, 19:43
- Re: [Full-disclosure] NorfolkDesign.com proven track of excellence, Dixon, Wayne, 19:33
- [Full-disclosure] NorfolkDesign.com proven track of excellence, Ronnie - Norfolk Design, 19:22
- Re: [Full-disclosure] IN RESPONSE TO "Norfolkdesign.com theft and deceit", Nate McFeters, 18:50
- [Full-disclosure] IN RESPONSE TO "Norfolkdesign.com theft and deceit", Ronnie - Norfolk Design, 18:28
- Re: [Full-disclosure] scada/plc gear, gmaggro, 18:07
- [Full-disclosure] Another free MacWorld Platinum Pass? Did they not learn anything?, Kurt Grutzmacher, 16:01
- [Full-disclosure] iDefense Security Advisory 01.15.08: TIBCO SmartSockets RTServer Multiple Untrusted Loop Bounds Vulnerabilities, iDefense Labs, 15:50
- [Full-disclosure] iDefense Security Advisory 01.15.08: TIBCO SmartSockets RTserver Multiple Untrusted Pointer Offset Vulnerabilities, iDefense Labs, 15:39
- [Full-disclosure] iDefense Security Advisory 01.15.08: TIBCO SmartSockets RTServer Multiple Untrusted Pointer Vulnerabilities, iDefense Labs, 15:39
- Re: [Full-disclosure] eCerti com - Get Certified the e way..., Fredrick Diggle, 15:39
- Re: [Full-disclosure] Hacking The Interwebs, reepex, 15:38
- [Full-disclosure] iDefense Security Advisory 01.15.08: TIBCO SmartSockets RTserver Heap Overflow Vulnerability, iDefense Labs, 15:28
- [Full-disclosure] [FDSA] Multiple Vulnerabilities in Your Computer (all versions), Fredrick Diggle, 15:28
- Re: [Full-disclosure] what is this?, worried security, 15:17
- [Full-disclosure] eCerti com - Get Certified the e way..., Neeraj Agarwal, 15:06
- Re: [Full-disclosure] what is this?, Gadi Evron, 14:45
- Re: [Full-disclosure] [SPAM] - Re: Load balancer ? - Email found in subject, jmacaranas, 14:45
- Re: [Full-disclosure] scada/plc gear, gmaggro, 14:45
- Re: [Full-disclosure] Hacking The Interwebs, Ed Carp, 14:01
- Re: [Full-disclosure] what is this?, worried security, 14:01
- Re: [Full-disclosure] what is this?, crazy frog crazy frog, 13:51
- Re: [Full-disclosure] Hacking The Interwebs, Fredrick Diggle, 13:18
- [Full-disclosure] Digital Armaments January-February Hacking Challenge: Special 20.000$ Prize - Windows Vulnerabilities and Exploit, vulnwatch, 13:07
- Re: [Full-disclosure] Macrovision FlexNet Connect DownloadManager Insecure Methods, Elazar Broad, 12:56
- Re: [Full-disclosure] what is this?, Valdis . Kletnieks, 12:45
- Re: [Full-disclosure] MS07-069 DHTML Objects Memory Corruption - has anybody seen it in the wild?, Valdis . Kletnieks, 12:34
- [Full-disclosure] MS07-069 DHTML Objects Memory Corruption - has anybody seen it in the wild?, Alla Bezroutchko, 12:12
- Re: [Full-disclosure] what is this?, Paul Schmehl, 11:40
- Re: [Full-disclosure] Load balancer ?, GomoR, 08:56
- Re: [Full-disclosure] Load balancer ?, seb, 07:24
- Re: [Full-disclosure] Load balancer ?, Eduardo Tongson, 07:24
- [Full-disclosure] Load balancer ?, Eduardo Tongson, 07:13
- [Full-disclosure] SecurityReason - Apache (mod_status) Refresh Header - Open Redirector (XSS), sp3x, 06:11
- Re: [Full-disclosure] what is this?, auto71278, 06:11
- Re: [Full-disclosure] what is this?, crazy frog crazy frog, 04:59
- Re: [Full-disclosure] what is this?, Nick FitzGerald, 03:16
- Re: [Full-disclosure] what is this?, crazy frog crazy frog, 02:45
January 14, 2008
- [Full-disclosure] [USN-569-1] libxml2 vulnerability, Kees Cook, 21:15
- Re: what is this?, Gadi Evron, 19:41
- [Full-disclosure] [ MDVSA-2008:013 ] - Updated python packages fix vulnerability in imageop module, security, 19:41
- [Full-disclosure] [ MDVSA-2008:012 ] - Updated python packages fix vulnerabilities, security, 19:30
- Re: [Full-disclosure] Macrovision FlexNet Connect DownloadManager Insecure Methods, Elazar Broad, 18:37
- Re: [Full-disclosure] what is this?, 3APA3A, 18:04
- [Full-disclosure] [USN-568-1] PostgreSQL vulnerabilities, Jamie Strandboge, 18:04
- Re: [Full-disclosure] Your message to Full-Disclosure awaits moderator approval, comp.sec.guru, 17:11
- Re: [Full-disclosure] Your message to Full-Disclosure awaits moderator approval, Valdis . Kletnieks, 16:39
- Re: [Full-disclosure] Your message to Full-Disclosure awaits moderator approval, comp.sec.guru, 16:28
- [Full-disclosure] Macrovision FlexNet Connect DownloadManager Insecure Methods, Elazar Broad, 16:28
- RE: what is this?, Mario Contestabile, 16:28
- [Full-disclosure] ZDI-08-001: IBM Tivoli Storage Manager Express Backup Server Heap Overflow Vulnerability, zdi-disclosures, 15:35
- [Full-disclosure] [SECURITY] [DSA 1463-1] New postgresql-7.4 packages fix several vulnerabilities, Moritz Muehlenhoff, 15:24
- Re: [Full-disclosure] what is this?, Jose Nazario, 13:59
- Re: [Full-disclosure] Javascript, Thomas Pollet, 12:32
- Re: [Full-disclosure] what is this?, Robert McArdle, 12:32
- Re: [Full-disclosure] what is this?, crazy frog crazy frog, 12:31
- Re: [Full-disclosure] Javascript, Michael Holstein, 12:21
- Re: [Full-disclosure] what is this?, Robert McArdle, 12:10
- Re: [Full-disclosure] what is this?, Robert McArdle, 12:10
- Re: [Full-disclosure] Buffer-overflow in Quicktime Player 7.3.1.70, Luigi Auriemma, 11:59
- Re: [Full-disclosure] what is this?, 3APA3A, 11:48
- [Full-disclosure] SQID v0.3 - SQL Injection Digger., Metaeye SG, 11:27
- Re: [Full-disclosure] what is this?, crazy frog crazy frog, 10:26
- Re: [Full-disclosure] what is this?, Nick FitzGerald, 08:22
- Re: [Full-disclosure] what is this?, 3APA3A, 06:30
January 13, 2008
- [Full-disclosure] [SECURITY] [DSA 1459-1] New gforge packages fix SQL injection, Thijs Kinkhorst, 14:05
- Re: [Full-disclosure] what is this?, crazy frog crazy frog, 14:05
- [Full-disclosure] [SECURITY] [DSA 1461-1] New libxml2 packages fix denial of service, Moritz Muehlenhoff, 13:44
- [Full-disclosure] [SECURITY] [DSA 1462-1] New hplip packages fix privilege escalation, Moritz Muehlenhoff, 13:44
- [Full-disclosure] Nipper 0.11.2 Released, Ian Ventura-Whiting, 13:13
- [Full-disclosure] what is this?, crazy frog crazy frog, 12:32
- Re: [Full-disclosure] Javascript, damncon, 12:31
- [Full-disclosure] [SECURITY] [DSA 1460-1] New postgresql-8.1 packages fix several vulnerabilities, Moritz Muehlenhoff, 12:11
- [Full-disclosure] Hacking The Interwebs, pdp (architect), 10:59
- [Full-disclosure] Javascript, scott, 03:39
January 11, 2008
- Re: [Full-disclosure] SunOS 5.10 ICMP Remote Kernel Crash Exploit Code, Joey Mengele, 22:15
- [Full-disclosure] [ MDVSA-2008:011 ] - Updated rsync packages fix restrictions bypass vulnerabilities, security, 21:44
- [Full-disclosure] [ MDVSA-2008:010 ] - Updated libxml2 packages fix DoS vulnerability, security, 21:33
- [Full-disclosure] Cross site scripting (XSS) in Moodle 1.8.3, Hanno BÃck, 20:20
- [Full-disclosure] [ MDVSA-2008:009 ] - Updated autofs packages fix insecure hosts configuration, security, 19:27
- [Full-disclosure] [ MDVSA-2008:008 ] - Updated kernel packages fix multiple vulnerabilities and bugs, security, 18:21
- Re: [Full-disclosure] Buffer-overflow in Quicktime Player 7.3.1.70, Luigi Auriemma, 17:49
- [Full-disclosure] DoS in Sonic DLA 5.2.0, xerces8, 16:12
- Re: [Full-disclosure] FWD: PhotoPost vBGallery ImportantSecurity Bulletin, trains, 15:30
- [Full-disclosure] StreamAudio ChainCast ProxyManager ccpm_0237.dll Buffer Overflow, Elazar Broad, 14:48
- Re: [Full-disclosure] scada/plc gear, gmaggro, 13:46
- Re: [Full-disclosure] FWD: PhotoPost vBGallery ImportantSecurity Bulletin, php0t, 13:15
- Re: [Full-disclosure] FWD: PhotoPost vBGallery Important Security Bulletin, trains, 12:21
- Re: [Full-disclosure] FWD: PhotoPost vBGallery Important Security Bulletin, trains, 11:38
- [Full-disclosure] FWD: PhotoPost vBGallery Important Security Bulletin, ad@heapoverflow.com, 09:02
- [Full-disclosure] ID-Commerce Security Advisory - SLR-2007-001, rlavertu, 06:07
- Re: [Full-disclosure] PWDumpX v1.4 (and GUI:s), Markus Jansson, 06:07
- [Full-disclosure] SecurityReason - Apache2 CSRF, XSS, Memory Corruption and Denial of Service Vulnerability, sp3x, 05:56
- [Full-disclosure] SecurityReason - Apache (mod_proxy_ftp) Undefined Charset UTF-7 XSS Vulnerability, sp3x, 05:56
- Re: [Full-disclosure] SunOS 5.10 ICMP Remote Kernel Crash Exploit Code, eliteb0y, 03:01
- Re: [Full-disclosure] SunOS 5.10 ICMP Remote Kernel Crash Exploit Code, reepex, 02:30
- [Full-disclosure] re-resting of zzuf results, Hanno BÃck, 01:35
- Re: [Full-disclosure] SunOS 5.10 ICMP Remote Kernel Crash Exploit Code, Joey Mengele, 01:14
January 10, 2008
- Re: [Full-disclosure] scada/plc gear, b9u4ea, 21:59
- Re: [Full-disclosure] SunOS 5.10 ICMP Remote Kernel Crash Exploit Code, b9u4ea, 21:48
- Re: [Full-disclosure] SunOS 5.10 ICMP Remote Kernel Crash Exploit Code, reepex, 20:46
- Re: [Full-disclosure] SunOS 5.10 ICMP Remote Kernel Crash Exploit Code, reepex, 20:34
- Re: Buffer-overflow in Quicktime Player 7.3.1.70, Marcello Barnaba (void), 18:38
- [Full-disclosure] [USN-567-1] Dovecot vulnerability, Kees Cook, 18:37
- Re: [Full-disclosure] SunOS 5.10 ICMP Remote Kernel Crash Exploit Code, eliteb0y, 18:26
- Re: [Full-disclosure] SunOS 5.10 ICMP Remote Kernel Crash Exploit Code, eliteb0y, 18:25
- Re: [Full-disclosure] PWDumpX v1.4 (and GUI:s), Peter Besenbruch, 17:32
- Re: [Full-disclosure] SunOS 5.10 ICMP Remote Kernel Crash Exploit Code, reepex, 17:01
- [Full-disclosure] [ MDVSA-2008:006 ] - Updated exiv2 packages fix vulnerability, security, 16:39
- [Full-disclosure] They got into the town, the enemies, kcope, 15:27
- [Full-disclosure] Buffer-overflow in Quicktime Player 7.3.1.70, Luigi Auriemma, 15:16
- Re: [Full-disclosure] PWDumpX v1.4 (and GUI:s), Valdis . Kletnieks, 14:34
- [Full-disclosure] SunOS 5.10 ICMP Remote Kernel Crash Exploit Code, kcope, 13:52
- Re: [Full-disclosure] PWDumpX v1.4 (and GUI:s), Valdis . Kletnieks, 13:31
- PR07-06, PR07-07, PR07-08, PR07-09, PR07-10, PR07-12: Several XSS, Cross-domain Redirection and Frame Injection on Sun Java System Identity Manager, ProCheckUp Research, 11:55
- [Full-disclosure] ID-Commerce Security Advisory - SLR-2007-001, consultant gmail, 11:14
- [Full-disclosure] (( PoC)) ID-Commerce Security Advisory - SLR-2007-001 (( PoC)), consultant gmail, 09:51
- [Full-disclosure] BT Home Flub: Pwnin the BT Home Hub (5) - exploiting IGDs remotely via UPnP, Adrian P, 08:50
- [Full-disclosure] uCon 2008 call for participation - Recife, Brazil, uCon staff, 08:29
- Re: [Full-disclosure] PWDumpX v1.4 (and GUI:s), Tonnerre Lombard, 07:58
- [Full-disclosure] ID-Commerce Security Advisory - SLR-2007-001, consultant gmail, 07:47
- Re: [Full-disclosure] PWDumpX v1.4 (and GUI:s), Stanislaw Klekot, 07:15
- Re: [Full-disclosure] PWDumpX v1.4 (and GUI:s), Mattias Fliesberg, 05:43
- Re: [Full-disclosure] PWDumpX v1.4 (and GUI:s), Matthias Arnason, 04:51
- Re: [Full-disclosure] PWDumpX v1.4 (and GUI:s), Markus Jansson, 04:20
- [Full-disclosure] List Charter, John Cartwright, 04:20
- [Full-disclosure] Tool Release: PortBunny 1.0, Felix 'FX' Lindner, 04:20
January 09, 2008
- [Full-disclosure] [USN-566-1] OpenSSH vulnerability, Kees Cook, 23:01
- Re: [Full-disclosure] scada/plc gear, Worthless Email, 21:28
- [Full-disclosure] [ GLSA 200801-06 ] Xfce: Multiple vulnerabilities, Robert Buchholz, 19:55
- [Full-disclosure] [ MDVSA-2008:005 ] - Updated libexif packages fix multiple vulnerabilities, security, 19:33
- [USN-565-1] Squid vulnerability, Kees Cook, 19:22
- [Full-disclosure] [ GLSA 200801-05 ] Squid: Denial of Service, Pierre-Yves Rofes, 18:39
- [Full-disclosure] [ GLSA 200801-04 ] OpenAFS: Denial of Service, Pierre-Yves Rofes, 18:28
- [Full-disclosure] [ GLSA 200801-03 ] Claws Mail: Insecure temporary file creation, Pierre-Yves Rofes, 18:17
- [Full-disclosure] iDefense Security Advisory 01.09.08: Novell NetWare Client nicm.sys Local Privilege Escalation Vulnerability, iDefense Labs, 18:06
- [Full-disclosure] [ GLSA 200801-02 ] R: Multiple vulnerabilities, Pierre-Yves Rofes, 16:52
- [Full-disclosure] ASLR Question, Ben, 15:37
- [Full-disclosure] Pre-auth remote commands execution in SAP MaxDB 7.6.03.07, Luigi Auriemma, 14:22
- [Full-disclosure] [ MDVSA-2008:004 ] - Updated postgresql packages fix denial of service and privilege escalation issues, security, 13:09
- Re: [Full-disclosure] Gateway WebLaunch ActiveX Control Insecure Method, Elazar Broad, 12:47
- [Full-disclosure] [INFIGO 2008-01-06]: McAfee E-Business Server Remote Preauth Code Execution / DoS, infocus, 12:05
- [Full-disclosure] [USN-564-1] Net-SNMP vulnerability, Jamie Strandboge, 11:23
- Re: [Full-disclosure] scada/plc gear, gmaggro, 10:19
- Re: [Full-disclosure] PWDumpX v1.4, bugtraq, 05:52
- [Full-disclosure] PWDumpX v1.4, Joey Mengele, 05:31
- Re: [Full-disclosure] PWDumpX v1.4, Tonnerre Lombard, 04:49
- [Full-disclosure] [ MDVSA-2008:004 ] - Updated postgresql packages fix denial of service and privilege escalation issues, security, 04:27
- [Full-disclosure] [ MDVSA-2008:003 ] - Updated clamav packages fix multiple vulnerabilities, security, 03:46
- [Full-disclosure] [USN-561-1] pwlib vulnerability, Kees Cook, 02:44
- [Full-disclosure] [USN-563-1] CUPS vulnerabilities, Kees Cook, 02:44
- [Full-disclosure] [USN-562-1] opal vulnerability, Kees Cook, 02:44
- Re: [Full-disclosure] scada/plc gear, b9u4ea, 01:53
- Re: [Full-disclosure] PWDumpX v1.4, Valdis . Kletnieks, 00:31
January 08, 2008
- Re: [Full-disclosure] PWDumpX v1.4, Mario D, 23:49
- [Full-disclosure] Gateway WebLaunch ActiveX Control Insecure Method, elazar, 21:46
- [Full-disclosure] [ GLSA 200801-01 ] unp: Arbitrary command execution, Robert Buchholz, 21:15
- ERRATA: [ GLSA 200709-07 ] Eggdrop: Buffer overflow, Robert Buchholz, 18:38
- [Full-disclosure] [SECURITY] [DSA 1455-1] New libarchive1 packages fix several problems, Steve Kemp, 17:03
- Re: [Full-disclosure] PWDumpX v1.4, North, Quinn, 14:28
- Re: [Full-disclosure] PWDumpX v1.4, offset, 12:51
- Re: [Full-disclosure] PWDumpX v1.4, reepex, 05:59
- Re: [Full-disclosure] PWDumpX v1.4, Tonnerre Lombard, 05:48
- Re: [Full-disclosure] PWDumpX v1.4, Markus Jansson, 05:17
- [Full-disclosure] [ MDVSA-2008:001-1 ] - Updated wireshark packages fix multiple vulnerabilities, security, 02:32
January 07, 2008
- [Full-disclosure] [USN-560-1] Tomboy vulnerability, Jamie Strandboge, 22:55
- [Full-disclosure] [USN-560-1] Tomboy vulnerability, Jamie Strandboge, 22:44
- [Full-disclosure] VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages, VMware Security team, 22:34
- [Full-disclosure] VMSA-2008-0002 Low severity security update for VirtualCenter and ESX Server 3.0.2, and ESX 3.0.1, VMware Security team, 22:23
- Re: [Full-disclosure] scada/plc gear, gmaggro, 21:21
- [Full-disclosure] iDefense Security Advisory 01.07.08: Motorola netOctopus Agent MSR Write Privilege Escalation Vulnerability, iDefense Labs, 17:41
- [Full-disclosure] PWDumpX v1.0 and PWDumpX v1.1 updated - bug fixes, Reed Arvin, 16:58
- [Full-disclosure] PWDumpX v1.4 - Dumps domain password cache, LSA secrets, password hashes, and password history hashes., Reed Arvin, 16:58
- Re: [Full-disclosure] scada/plc gear, full disclosure, 16:58
- [Full-disclosure] [SECURITY] [DSA 1454-1] New freetype packages fix arbitrary code execution, Moritz Muehlenhoff, 16:16
- [Full-disclosure] [SECURITY] [DSA 1453-1] New tomcat5 packages fix several vulnerabilities, Moritz Muehlenhoff, 15:23
- Re: [Full-disclosure] scada/plc gear, b9u4ea, 14:18
January 05, 2008
- Re: [Full-disclosure] Was secreview crap - now OpenVMS!!, Ishan Oshadi Jayawardene, 21:15
- [Full-disclosure] scada/plc gear, gmaggro, 15:36
- rPSA-2008-0008-1 cups, rPath Update Announcements, 13:43
- rPSA-2008-0007-1 tetex tetex-afm tetex-dvips tetex-fonts tetex-latex tetex-xdvi, rPath Update Announcements, 13:43
- rPSA-2008-0006-1 libexif, rPath Update Announcements, 13:01
- [Full-disclosure] [SECURITY] [DSA 1448-1] New eggdrop packages fix arbitrary code execution, Steve Kemp, 11:48
- [Full-disclosure] [SECURITY] [DSA 1448-1] New eggdrop packages fix execution of arbitrary code, Steve Kemp, 11:48
- [Full-disclosure] [SECURITY] [DSA 1450-1] New util-linux packages fix programming error, Steve Kemp, 11:37
- [Full-disclosure] [SECURITY] [DSA 1449-1] New loop-aes-utils packages fix programming error, Steve Kemp, 11:37
- Re: [Full-disclosure] Uber Lamer Ass of the Year. Vote!, Valdis . Kletnieks, 02:04
- Re: [Full-disclosure] Uber Lamer Ass of the Year. Vote!, worried security, 00:32
January 04, 2008
- Re: [Full-disclosure] Was secreview crap - now OpenVMS!!, Dude VanWinkle, 22:38
- Re: [Full-disclosure] Was secreview crap - now OpenVMS!!, sys, 21:47
- [Full-disclosure] [ MDVSA-2008:002 ] - Updated squid package fixes remote denial of service, security, 21:16
- [Full-disclosure] iDefense Security Advisory 12.24.07: Novell ZENworks Endpoint Security Management Local Privilege Escalation Vulnerability, iDefense Labs, 18:09
- [Full-disclosure] [Professional IT Security Providers - Exposed] Syrex ( B ), secreview, 17:58
- [Full-disclosure] SinFP fingerprinting tool online demo, GomoR, 14:51
- [Full-disclosure] Pre-auth buffer-overflow in mySQL through yaSSL, Luigi Auriemma, 14:30
- [Full-disclosure] Multiple vulnerabilities in yaSSL 1.7.5, Luigi Auriemma, 14:30
- [Full-disclosure] Martin Pelmore, Finish out the Year with a Rejuvenating Getaway to Fort Lauderdale; Harbor Beach Marriott Resort & Spa Offers Holiday Resort Credit, Super Star, 06:59
- [Full-disclosure] United Built Homes, Pro Step Marketing Partners with Top-Selling Atlantic Beach, NC Real Estate Team, Super Star, 06:59
- [Full-disclosure] http://www.plannetgroup.com/home.html, auto113496, 03:01
January 03, 2008
- Re: [Full-disclosure] Critical Vulnerability in [Full-Disclosure], reepex, 21:28
- rPSA-2008-0004-1 tshark wireshark, rPath Update Announcements, 20:16
- [Full-disclosure] [SECURITY] [DSA 1447-1] New tomcat5.5 packages fix several vulnerabilities, Moritz Muehlenhoff, 18:21
- [Full-disclosure] [SECURITY] [DSA 1446-1] New wireshark packages fix denial of service, Moritz Muehlenhoff, 17:59
- [Full-disclosure] [SECURITY] [DSA 1445-1] New maradns packages fix denial of service, Moritz Muehlenhoff, 17:48
- [Full-disclosure] securityvulns.com russian vulnerabilities digest, 3APA3A, 17:16
- [Full-disclosure] [SECURITY] [DSA 1444-1] New php5 packages fix several vulnerabilities, Moritz Muehlenhoff, 16:55
- rPSA-2008-0001-1 dovecot, rPath Update Announcements, 16:44
- [Full-disclosure] multiple CAPTCHA automation test bypass digest, 3APA3A, 16:23
- [Full-disclosure] [SECURITY] [DSA 1443-1] New tcpreen packages fix denial of service, Moritz Muehlenhoff, 15:20
- Re: [Full-disclosure] Uber Lamer Ass of the Year. Vote!, damncon, 12:29
- Re: [Full-disclosure] Yet another Dialog Spoofing Vulnerability - Firefox Basic Authentication, avivra, 10:03
- [Full-disclosure] King Kong plays the banjo, brutealmighty, 08:41
- Re: [Full-disclosure] Yet another Dialog Spoofing Vulnerability - Firefox Basic Authentication, Michal Zalewski, 07:59
- [Full-disclosure] Yet another Dialog Spoofing Vulnerability - Firefox Basic Authentication, avivra, 03:12
- Re: [Full-disclosure] Critical Vulnerability in [Full-Disclosure], scott, 00:26
January 02, 2008
- Re: [Full-disclosure] Was secreview crap - now OpenVMS!!, list spam, 21:01
- Re: [Full-disclosure] Critical Vulnerability in [Full-Disclosure], reepex, 20:09
- [Full-disclosure] [ MDVSA-2008:1 ] - Updated wireshark packages fix multiple vulnerabilities, security, 19:58
- Re: [Full-disclosure] Was secreview crap - now OpenVMS!!, Line Noise, 19:06
- Re: [Full-disclosure] Secreview re-review of quietmove ( F ---), Lyal Collins, 19:06
- [Full-disclosure] Critical Vulnerability in [Full-Disclosure], 31415926, 19:06
- [Full-disclosure] January 4th Chicago 2600 Meeting Information, Steven McGrath, 19:06
- Re: [Full-disclosure] Was secreview crap - now OpenVMS!!, Valdis . Kletnieks, 18:24
- [Full-disclosure] AST-2008-001: Crash from transfer using BYE with Also header, Asterisk Security Team, 18:24
- Re: [Full-disclosure] Uber Lamer Ass of the Year. Vote!, worried security, 17:42
- Re: [Full-disclosure] Secreview re-review of quietmove ( F ---), Nate McFeters, 17:10
- Re: [Full-disclosure] Secreview re-review of quietmove ( F ---), Tremaine Lea, 16:39
- [Full-disclosure] Multiple vulnerabilities in Georgia SoftWorks SSH2 Server 7.01.0003, Luigi Auriemma, 16:27
- [Full-disclosure] Buffer-overflow and format string in White_Dune 0.29beta791, Luigi Auriemma, 16:27
- Re: [Full-disclosure] Was secreview crap - now OpenVMS!!, reepex, 16:17
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] QuietMove ( D - ), reepex, 16:06
- Re: [Full-disclosure] Was secreview crap - now OpenVMS!!, Valdis . Kletnieks, 16:06
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] QuietMove ( D - ), reepex, 16:06
- XSS Vulnerabilities in Common Shockwave Flash Files, rich cannings, 15:56
- Re: [Full-disclosure] Fwd: Secreview re-review of quietmove ( F ---), William Lefkovics, 15:55
- [Full-disclosure] Was secreview crap - now OpenVMS!!, Randal T. Rioux, 15:44
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] QuietMove ( D - ), Valdis . Kletnieks, 15:13
- Re: [Full-disclosure] Secreview re-review of quietmove ( F ---), SecReview, 14:41
- Re: [Full-disclosure] Fwd: Secreview re-review of quietmove ( F ---), Mukul Dharwadkar, 12:16
- Re: [Full-disclosure] Fwd: Secreview re-review of quietmove ( F ---), Adam Muntner, 12:04
- [Full-disclosure] Fwd: Secreview re-review of quietmove ( F ---), Peter Dawson, 11:43
- Re: [Full-disclosure] Secreview re-review of quietmove ( F ---), Adam Muntner, 11:22
- [Full-disclosure] Secreview re-review of quietmove ( F ---), Adam Muntner, 11:12
- Re: [Full-disclosure] here, Nikolay Kichukov, 10:30
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] QuietMove ( F + ), Andre Gironda, 05:53
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] QuietMove ( D - ), Andre Gironda, 05:53
- [Full-disclosure] [Professional IT Security Providers - Exposed] QuietMove ( F + ), secreview, 03:49
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] QuietMove ( D - ), coderman, 02:47
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] QuietMove ( D - ), reepex, 01:25
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] QuietMove ( D - ), reepex, 01:25
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] QuietMove ( D - ), SecReview, 00:03
January 01, 2008
- [Full-disclosure] Corporations and Institutes to target for attack & exploitation, gmaggro, 22:50
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] QuietMove ( D - ), Martin Zimmermann, 21:48
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] QuietMove ( D - ), reepex, 18:44
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] QuietMove ( D - ), Andre Gironda, 18:13
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] QuietMove ( D - ), reepex, 17:22
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] QuietMove ( D - ), reepex, 16:20
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] QuietMove ( D - ), Adam Muntner, 16:09
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] QuietMove ( D - ), Marcin Wielgoszewski, 15:38
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] QuietMove ( D - ), Jeffrey Denton, 15:38
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] QuietMove ( D - ), reepex, 15:18
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] QuietMove ( D - ), veda, 15:18
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] QuietMove ( D - ), reepex, 15:07
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] QuietMove ( D - ), SilentRunner, 14:46
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] QuietMove ( D - ), Marcin Wielgoszewski, 13:55
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] QuietMove ( D - ), Adam Muntner, 13:44
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] QuietMove ( secreview review: D- ), Adam Muntner, 11:51
- Re: [Full-disclosure] [Professional IT Security Providers - Exposed] QuietMove ( D - ), Adam Muntner, 11:40