Mail Index
- [Full-disclosure] Phact
- Re: [Full-disclosure] Open phones for privacy/anonymity applications, Guardian
- [Full-disclosure] DoS vulnerability in Adobe Flash Player (BSOD)
- [Full-disclosure] CSRF, XSS and Redirector vulnerabilities in IBM Lotus Notes Traveler
- [Full-disclosure] [SECURITY] [DSA 2831-1] puppet security update
- Re: [Full-disclosure] Open phones for privacy/anonymity applications, Guardian
- Re: [Full-disclosure] Open phones for privacy/anonymity applications, Guardian
- [Full-disclosure] [SECURITY] [DSA 2832-1] memcached security update
- From: Salvatore Bonaccorso
- Re: [Full-disclosure] Open phones for privacy/anonymity applications, Guardian
- [Full-disclosure] [SECURITY] [DSA 2833-1] openssl security update
- Re: [Full-disclosure] [SECURITY] [DSA 2833-1] openssl security update
- [Full-disclosure] Tool Update: Bing-ip2hosts version 0.4
- [Full-disclosure] Targeted CSRF vulnerability on LinkedIn to delete posts [FIXED]
- Re: [Full-disclosure] Open phones for privacy/anonymity applications, Guardian
- From: Lodewijk andré de la porte
- [Full-disclosure] [SECURITY] [DSA 2834-1] typo3-src security update
- From: Salvatore Bonaccorso
- [Full-disclosure] [CVE-2013-6480] Libcloud doesn't send scrub_data query parameter when destroying a DigitalOcean node
- [Full-disclosure] DAVOSET v.1.1.5
- Re: [Full-disclosure] Securelist.com (Kaspersky) released a misleading information about Kelihos Botnet actual status
- [Full-disclosure] SCADA StrangeLove 30C3 releases: all in one
- Re: [Full-disclosure] SCADA StrangeLove 30C3 releases: all in one
- [Full-disclosure] "the Fairphone is fatally flawed for security"
- Re: [Full-disclosure] "the Fairphone is fatally flawed for security"
- [Full-disclosure] [SECURITY] [DSA 2835-1] asterisk security update
- [Full-disclosure] [SECURITY] [DSA 2836-1] devscripts security update
- Re: [Full-disclosure] DoS vulnerability in Adobe Flash Player (BSOD)
- Re: [Full-disclosure] Open phones for privacy/anonymity applications, Guardian
- Re: [Full-disclosure] Open phones for privacy/anonymity applications, Guardian
- [Full-disclosure] [HITB-Announce] HITB Magazine Issue 10 Out Now
- [Full-disclosure] AusCERT2014 Call for Presentations and Tutorials
- Re: [Full-disclosure] Open phones for privacy/anonymity applications, Guardian
- [Full-disclosure] [SECURITY] [DSA 2837-1] openssl security update
- [Full-disclosure] [SECURITY] [DSA 2838-1] libxfont security update
- Re: [Full-disclosure] FPU-state NULL-deref exploitation (was vm86 syscall kernel-panic and some more goodies waiting to be analyzed)
- [Full-disclosure] Wordpress Plugin WP-Members Version 2.8.9 - Stored and reflected Cross-site Scripting vulnerabilities
- [Full-disclosure] [SECURITY] [DSA 2839-1] spice security update
- From: Salvatore Bonaccorso
- Re: [Full-disclosure] Where are you guys standing re: the (full) disclosure
- [Full-disclosure] [CVE-2014-1203] Eyou Mail System Remote Code Execution
- [Full-disclosure] [Wooyun] NVIDIA a SAP NETWEAVER remote command execution
- [Full-disclosure] [Wooyun] OVH a subsite Zabbix Sql injection
- [Full-disclosure] [Security-news] SA-CONTRIB-2014-001 - Entity API - Access Bypass
- [Full-disclosure] [Security-news] PSA-2014-001 - Media - Access Bypass
- Re: [Full-disclosure] [Wooyun] OVH a subsite Zabbix Sql injection
- [Full-disclosure] Security is fun(ny) again
- Re: [Full-disclosure] Security is fun(ny) again
- [Full-disclosure] nullcon Blackshield Awards 2014
- [Full-disclosure] [CVE -2014-1201] Lorex security DVD ActiveX control buffer overflow
- Re: [Full-disclosure] [CVE -2014-1201] Lorex security DVD ActiveX control buffer overflow
- [Full-disclosure] ObamaCare California Admin Interface Exposed to Entire Internet + more!
- From: Whitehat Whistleblower
- Re: [Full-disclosure] Where are you guys standing re: the (full) disclosure
- From: Pedro Luis Karrasquillo
- [Full-disclosure] [SECURITY] [DSA 2840-1] srtp security update
- From: Salvatore Bonaccorso
- [Full-disclosure] Cisco Security Advisory: Undocumented Test Interface in Cisco Small Business Devices
- From: Cisco Systems Product Security Incident Response Team
- [Full-disclosure] Dates for the opening of registration for Rooted CON 2014
- [Full-disclosure] Updated [CVE-2013-6398] CloudStack Virtual Router stop/start modifies firewall rules allowing additional access
- [Full-disclosure] Updated [CVE-2014-0031] CloudStack ListNetworkACL API discloses ACLs for other users
- [Full-disclosure] [SECURITY] [DSA 2841-1] movabletype-opensource security update
- [Full-disclosure] Yahoo Bug Bounty Program Vulnerability #2 Open Redirect
- [Full-disclosure] Sex links fail
- [Full-disclosure] BlackArch Linux
- Re: [Full-disclosure] Yahoo Bug Bounty Program Vulnerability #2 Open Redirect
- Re: [Full-disclosure] ObamaCare California Admin Interface Exposed to Entire Internet + more!
- From: Pedro Luis Karrasquillo
- Re: [Full-disclosure] Yahoo Bug Bounty Program Vulnerability #2 Open Redirect
- [Full-disclosure] [ MDVSA-2014:001 ] kernel
- [Full-disclosure] List Charter
- [Full-disclosure] [SECURITY] [DSA 2842-1] libspring-java security update
- [Full-disclosure] Microsoft Twitter accounts, blog hijacked by SEA
- [Full-disclosure] [SECURITY] [DSA 2843-1] graphviz security update
- From: Salvatore Bonaccorso
- Re: [Full-disclosure] Microsoft Twitter accounts, blog hijacked by SEA
- [Full-disclosure] Rooted CON 2014 attendee registration is open!
- [Full-disclosure] [CVE-2014-0647] Insecure Data Storage of User Data Elements in Starbucks v2.6.1 iOS mobile application
- [Full-disclosure] Ubuntu, duckduckgo, and additional info
- Re: [Full-disclosure] Ubuntu, duckduckgo, and additional info
- Re: [Full-disclosure] Ubuntu, duckduckgo, and additional info
- [Full-disclosure] CVE-2013-6429 Fix for XML External Entity (XXE) injection (CVE-2013-4152) in Spring Framework was incomplete
- From: Pivotal Security Team
- Re: [Full-disclosure] Ubuntu, duckduckgo, and additional info
- Re: [Full-disclosure] Ubuntu, duckduckgo, and additional info
- [Full-disclosure] Collabtive Sql Injection
- [Full-disclosure] [SECURITY] [DSA 2844-1] djvulibre security update
- [Full-disclosure] CVE-2013-6430 Possible XSS when using Spring MVC
- From: Pivotal Security Team
- [Full-disclosure] Cisco Security Advisory: Multiple Vulnerabilities in Cisco Secure Access Control System
- From: Cisco Systems Product Security Incident Response Team
- Re: [Full-disclosure] Ubuntu, duckduckgo, and additional info
- [Full-disclosure] [Security-news] SA-CORE-2014-001 - Drupal core - Multiple vulnerabilities
- [Full-disclosure] [Security-news] SA-CONTRIB-2014-002 - Anonymous Posting - Cross Site Scripting (XSS)
- Re: [Full-disclosure] Ubuntu, duckduckgo, and additional info
- Re: [Full-disclosure] Ubuntu, duckduckgo, and additional info
- [Full-disclosure] EE BrightBox router hacked - bares all if you ask nicely
- Re: [Full-disclosure] EE BrightBox router hacked - bares all if you ask nicely
- Re: [Full-disclosure] EE BrightBox router hacked - bares all if you ask nicely
- From: Źmicier Januszkiewicz
- Re: [Full-disclosure] EE BrightBox router hacked - bares all if you ask nicely
- Re: [Full-disclosure] EE BrightBox router hacked - bares all if you ask nicely
- From: Źmicier Januszkiewicz
- Re: [Full-disclosure] EE BrightBox router hacked - bares all if you ask nicely
- Re: [Full-disclosure] EE BrightBox router hacked - bares all if you ask nicely
- From: Źmicier Januszkiewicz
- Re: [Full-disclosure] EE BrightBox router hacked - bares all if you ask nicely
- [Full-disclosure] [HITB-Announce] #HITB2014AMS Call for Papers - FINAL CALL
- [Full-disclosure] : EE BrightBox router hacked - bares all if you ask nicely
- [Full-disclosure] [ MDVSA-2014:002 ] bind
- [Full-disclosure] [ MDVSA-2014:003 ] nrpe
- [Full-disclosure] [ MDVSA-2014:004 ] nagios
- [Full-disclosure] [ MDVSA-2014:005 ] ejabberd
- [Full-disclosure] [ MDVSA-2014:006 ] libxslt
- Re: [Full-disclosure] EE BrightBox router hacked - bares all if you ask nicely
- Re: [Full-disclosure] EE BrightBox router hacked - bares all if you ask nicely
- Re: [Full-disclosure] EE BrightBox router hacked - bares all if you ask nicely
- Re: [Full-disclosure] EE BrightBox router hacked - bares all if you ask nicely
- Re: [Full-disclosure] EE BrightBox router hacked - bares all if you ask nicely
- Re: [Full-disclosure] EE BrightBox router hacked - bares all if you ask nicely
- Re: [Full-disclosure] EE BrightBox router hacked - bares all if you ask nicely
- Re: [Full-disclosure] EE BrightBox router hacked - bares all if you ask nicely
- [Full-disclosure] [CVE-2013-6838] Enghouse Interactive IVR Pro (VIP2000) remote root authentication bypass Vulnerability
- Re: [Full-disclosure] EE BrightBox router hacked - bares all if you ask nicely
- [Full-disclosure] NEW : VMSA-2014-0001 - VMware Workstation, Player, Fusion, ESXi, ESX and vCloud Director address several security issues
- From: "VMware Security Response Center"
- [Full-disclosure] Romanian hacker unknown string
- Re: [Full-disclosure] Romanian hacker unknown string
- Re: [Full-disclosure] Romanian hacker unknown string
- Re: [Full-disclosure] Romanian hacker unknown string
- Re: [Full-disclosure] Romanian hacker unknown string
- Re: [Full-disclosure] Romanian hacker unknown string
- Re: [Full-disclosure] Romanian hacker unknown string
- Re: [Full-disclosure] Romanian hacker unknown string
- Re: [Full-disclosure] Romanian hacker unknown string
- [Full-disclosure] [ MDVSA-2014:007 ] openssl
- [Full-disclosure] [ MDVSA-2014:008 ] openjpeg
- [Full-disclosure] [ MDVSA-2014:009 ] librsvg
- [Full-disclosure] [ MDVSA-2014:010 ] memcached
- [Full-disclosure] [SECURITY] [DSA 2845-1] mysql-5.1 security update
- [Full-disclosure] [SECURITY] [DSA 2831-2] puppet regression update
- From: Salvatore Bonaccorso
- [Full-disclosure] SI6 Networks' IPv6 Toolkit v1.5.2 released!
- [Full-disclosure] [SECURITY] [DSA 2846-1] libvirt security update
- Re: [Full-disclosure] [CVE-2014-0647] Insecure Data Storage of User Data Elements in Starbucks v2.6.1 iOS mobile application
- [Full-disclosure] Ubuntu, duckduckgo, and additional info
- [Full-disclosure] Multiple vulnerabilities at president.gov.ua
- [Full-disclosure] Hackito Ergo Sum 2014 CFP
- From: Alexandre De Oliveira
- [Full-disclosure] [ MDVSA-2014:011 ] java-1.7.0-openjdk
- [Full-disclosure] [ MDVSA-2014:012 ] nss
- [Full-disclosure] [SECURITY] [DSA 2847-1] drupal7 security update
- From: Salvatore Bonaccorso
- ***UNCHECKED*** [Full-disclosure] 0day - MuPDF Stack-based Buffer Overflow in xps_parse_color()
- [Full-disclosure] TWSL2014-001: Multiple Vulnerabilities in Franklin Fueling's TS-550 evo
- From: Trustwave Advisories
- [Full-disclosure] TWSL2014-002: Buffer Overflow Vulnerability in DaumGame ActiveX
- From: Trustwave Advisories
- [Full-disclosure] [ MDVSA-2014:013 ] libxfont
- [Full-disclosure] [ MDVSA-2014:014 ] php
- [Full-disclosure] DDoS against Gamerfirst
- [Full-disclosure] 22 January 2014, SEA : M$ = 3 : 0
- [Full-disclosure] [CVE-2013-6040] MW6 Technologies ActiveX buffer overflows and remote code execution
- [Full-disclosure] Chrome (and Safari) antiXSS filter bypass
- [Full-disclosure] Capstone 2.0 is released!
- [Full-disclosure] SEC Consult SA-20140122-0 :: Critical vulnerabilities in T-Mobile HOME NET Router LTE (Huawei B593u-12)
- From: SEC Consult Vulnerability Lab
- [Full-disclosure] [ MDVSA-2014:015 ] cups
- [Full-disclosure] [ MDVSA-2014:016 ] spice
- [Full-disclosure] [ MDVSA-2014:017 ] net-snmp
- [Full-disclosure] [ MDVSA-2014:018 ] net-snmp
- [Full-disclosure] [ MDVSA-2014:019 ] elinks
- [Full-disclosure] Cisco Security Advisory: Cisco TelePresence ISDN Gateway D-Channel Denial of Service Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- [Full-disclosure] Cisco Security Advisory: Cisco TelePresence Video Communication Server SIP Denial of Service Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- [Full-disclosure] Cisco Security Advisory: Cisco TelePresence System Software Command Execution Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- [Full-disclosure] [ MDVSA-2014:020 ] x11-server
- [Full-disclosure] [Security-news] SA-CONTRIB-2014-003 - Doubleclick for Publishers DFP - Cross Site Scripting (XSS)
- [Full-disclosure] [Security-news] SA-CONTRIB-2014-004 - Secure Cookie Data - Faulty Hashing
- [Full-disclosure] [Security-news] SA-CONTRIB-2014-005 - Leaflet - Access bypass
- [Full-disclosure] [Security-news] SA-CONTRIB-2014-006 - Language Switcher Dropdown - Open Redirect
- [Full-disclosure] [SECURITY] [DSA 2848-1] mysql-5.5 security update
- From: Salvatore Bonaccorso
- [Full-disclosure] How a teenager helpfully reported a government security flaw – and could be charged in return
- [Full-disclosure] [CTF] nullcon HackIM 2014 will start at 24-01-2014, when the clock will strike at 11:59 (+5:30 GMT)
- [Full-disclosure] Fwd: Trustlook discovered Microsoft’s first high risk Android Vulnerability
- [Full-disclosure] Contact PSIRT Fortinet
- [Full-disclosure] Remote Command Injection Vulnerability in SkyBlueCanvas CMS
- [Full-disclosure] [SECURITY] [DSA 2826-2] denyhosts regression update
- [Full-disclosure] CALL FOR PAPERS - NUIT DU HACK - 28/29 JUNE 2014
- [Full-disclosure] [CVE-2013-6030]Emerson Network Power Avocent MergePoint Unity 2016 KVM switches contain a directory traversal vulnerability
- [Full-disclosure] Healthcare.gov noise
- Re: [Full-disclosure] Chrome (and Safari) antiXSS filter bypass
- [Full-disclosure] [CVE-2013-6235] - Multiple Reflected XSS vulnerabilities in JAMon v2.7
- [Full-disclosure] ADV: IBM QRadar SIEM
- [Full-disclosure] DAVOSET v.1.1.6
- [Full-disclosure] [ MDVSA-2014:021 ] perl-Proc-Daemon
- [Full-disclosure] [ MDVSA-2014:022 ] augeas
- [Full-disclosure] [ MDVSA-2014:023 ] hplip
- [Full-disclosure] [ MDVSA-2014:024 ] graphviz
- [Full-disclosure] Dictatorial laws in Ukraine
- [Full-disclosure] ssl.bing.com - Cross-site Scripting vulnerability
- Re: [Full-disclosure] RFP: FOIA with privacy waivers[0] for oversight
- [Full-disclosure] Making waves on Twitter!
- [Full-disclosure] Satellite Security - A story NASA would love to see.
- Re: [Full-disclosure] Making waves on Twitter!
- Re: [Full-disclosure] Making waves on Twitter!
- Re: [Full-disclosure] Making waves on Twitter!
- Re: [Full-disclosure] Making waves on Twitter!
- [Full-disclosure] DC4420 - London DEFCON - January meet - Tuesday 28th January 2014
- [Full-disclosure] Mozilla Bug Bounty #5 - WireTap Remote Web Vulnerability
- [Full-disclosure] RVAsec 2014 CFP
- [Full-disclosure] Sentinel beta version released
- From: Nicolas A. Economou
- [Full-disclosure] [CVE-2014-1673] Check Point Session Authentication Agent vulnerability
- [Full-disclosure] Oracle Reports Exploit - Remote Shell/Dump Passwords
- [Full-disclosure] pfSense 2.1 Privilege Escalation from less privileged users (LFI/RCE)
- [Full-disclosure] SimplyShare v1.4 iOS - Multiple Web Vulnerabilities
- [Full-disclosure] [Security-news] SA-CONTRIB-2014-007 - Services - Multiple access bypass vulnerabilities
- [Full-disclosure] [Security-news] SA-CONTRIB-2014-008 - Tribune - Cross Site Scripting (XSS)
- [Full-disclosure] [SECURITY] [DSA 2849-1] curl security update
- [Full-disclosure] [SE-2013-01] Security vulnerabilities in Oracle Java Cloud Service
- From: Security Explorations
Mail converted by MHonArc