Mail Thread Index

Date Index

[FD] EMC CTA v10.0 unauthenticated XXE with root perms, Brandon Perry
[FD] Introducing APSAM - Beyond Military Grade Security, J. Oquendo
- Re: [FD] Introducing APSAM - Beyond Military Grade Security, Jack Morgan
[FD] Multiple vulnerabilities in Js-Multi-Hotel for WordPress, MustLive
[FD] immhooktmpl.py - Immunity template plugin for function hooking, Levon Kayan
[FD] [TOOL] w3af 1.6 release, Andres Riancho
[FD] Chunked requests to bypass ModSecurity and mod_headers, Martin Holst Swende
[FD] GOST 28147-89 gets 512 bit and 1 kbit keys, gremlin
[FD] [SE-2013-01] Security vulnerabilities in Oracle Java Cloud Service (details), Security Explorations
- Re: [FD] [SE-2013-01] Security vulnerabilities in Oracle Java Cloud Service (details), Security Explorations
[FD] CBS Sports/CBS Interactive Security Contacts?, sec . research
- Re: [FD] CBS Sports/CBS Interactive Security Contacts?, Jeffrey Walton
  - [FD] Announcing sysdig: a new open source system exploration tool, Loris Degioanni
- <Possible follow-ups>
- Re: [FD] CBS Sports/CBS Interactive Security Contacts?, sec . research
[FD] Access anyone's Facebook "profile picture" in full resolution regardless of the ACL restriction, Bipin Gautam
- Re: [FD] Access anyone's Facebook "profile picture" in full resolution regardless of the ACL restriction, Mario Vilas
- Re: [FD] Access anyone's Facebook "profile picture" in full resolution regardless of the ACL restriction, Źmicier Januszkiewicz
  - Re: [FD] Access anyone's Facebook "profile picture" in full resolution regardless of the ACL restriction, Joerg Mertin
- Re: [FD] Access anyone's Facebook "profile picture" in full resolution regardless of the ACL restriction, illwill
  - Re: [FD] Access anyone's Facebook "profile picture" in full resolution regardless of the ACL restriction, William Reyor
Re: [FD] Access anyone's Facebook "profile picture" in full resolution regardless of the ACL restriction, Philip Whitehouse
- Re: [FD] Access anyone's Facebook "profile picture" in full resolution regardless of the ACL restriction, Bipin Gautam
- <Possible follow-ups>
- Re: [FD] Access anyone's Facebook "profile picture" in full resolution regardless of the ACL restriction, Philip Whitehouse
  - Re: [FD] Access anyone's Facebook "profile picture" in full resolution regardless of the ACL restriction, Willie Gillespie
    - Re: [FD] Access anyone's Facebook "profile picture" in full resolution regardless of the ACL restriction, Andreas Lindh
  - Re: [FD] Access anyone's Facebook "profile picture" in full resolution regardless of the ACL restriction, Eric Rand
    - Re: [FD] Access anyone's Facebook "profile picture" in full resolution regardless of the ACL restriction, Ron
      - Re: [FD] Access anyone's Facebook "profile picture" in full resolution regardless of the ACL restriction, coderaptor
  - Re: [FD] Access anyone's Facebook "profile picture" in full resolution regardless of the ACL restriction, Sven 'Darkman' Michels
[FD] Sorry I can't do this anymore. List closed!, Fyodor
[FD] [Quantum Leap Advisory] #QLA140402 - A10 Networks remote Buffer Overflow, Francesco Perna
[FD] iShare Your Moving Library 1.0 iOS - Multiple Vulnerabilities, Vulnerability Lab
[FD] SEC Consult SA-20140402-0 :: Multiple vulnerabilities in Rhythm File Manager, SEC Consult Vulnerability Lab
[FD] [MATTA-2013-004] CVE-2014-1409; MobileIron authentication bypass vulnerability, Florent Daigniere
[FD] Unusual XSS in Kyocera FS5250 printer control panel., Jeff Sergeant
[FD] Security flaw in Full Disclosure mailing list, Nick Lindridge
- Re: [FD] Security flaw in Full Disclosure mailing list, Ron
- Re: [FD] Security flaw in Full Disclosure mailing list, Fyodor
- Re: [FD] Security flaw in Full Disclosure mailing list, Reindl Harald
- Re: [FD] Security flaw in Full Disclosure mailing list, Eric G
- Re: [FD] Security flaw in Full Disclosure mailing list, Jimmy Crossley
  - Re: [FD] Security flaw in Full Disclosure mailing list, Fyodor
    - Re: [FD] Security flaw in Full Disclosure mailing list, Jim Popovitch
      - Re: [FD] Security flaw in Full Disclosure mailing list, Ron
        
        Re: [FD] Security flaw in Full Disclosure mailing list, Jim Popovitch
        
        Re: [FD] Security flaw in Full Disclosure mailing list, Jeffrey Walton
        
        Re: [FD] Security flaw in Full Disclosure mailing list, George Chatzisofroniou
      - Re: [FD] Security flaw in Full Disclosure mailing list, Michal Zalewski
        
        Re: [FD] Security flaw in Full Disclosure mailing list, Brandon Perry
        
        Message not available
        
        Re: [FD] Security flaw in Full Disclosure mailing list, Brandon Perry
Re: [FD] [Full-disclosure] Bank of the West security contact?, raccoon
- Re: [FD] [Full-disclosure] Bank of the West security contact?, Stefan Weimar
  - Re: [FD] [Full-disclosure] Bank of the West security contact?, Sholes, Joshua
    - Re: [FD] [Full-disclosure] Bank of the West security contact?, Eric Rand
      - Re: [FD] [Full-disclosure] Bank of the West security contact?, Jeffrey Walton
    - Re: [FD] [Full-disclosure] Bank of the West security contact?, raccoon
    - Re: [FD] [Full-disclosure] Bank of the West security contact?, Stefan Weimar
[FD] 0A29-14-1 : NCCGroup EasyDA privilege escalation & credential disclosure vulnerability [0day], 0a29 40
[FD] Capstone 2.1.2 released!, Nguyen Anh Quynh
[FD] Drupal Custom Search module XSS, Justin Klein Keane
Re: [FD] Fulldisclosure Digest, Vol 2, Issue 3, Greg Bromage
[FD] Private Photo+Video v1.1 Pro iOS - Persistent Vulnerability, Vulnerability Lab
[FD] XSS Reflected vulnerabilities in OS of FortiADC v3.2 (CVE-2014-0331), William Costa
[FD] Security Industry Scams and Lies, Pete Herzog
[FD] Uncontrolled Resource Consumption with Highly-Compressed XMPP Stanzas, Giancarlo Pellegrino
[FD] Phrack Security Advisory 2014-001 - Paper leak on release timeout, Phrack Staff
[FD] Remote Command Execution within the ASUS RT-AC68U Managing Web Interface, Palula Brasil
- Re: [FD] Remote Command Execution within the ASUS RT-AC68U Managing Web Interface, Craig Young
  - Re: [FD] Remote Command Execution within the ASUS RT-AC68U Managing Web Interface, coderman
[FD] Reflected Cross-Site Scripting within the ASUS RT-AC68U Managing Web Interface, Palula Brasil
- Re: [FD] Reflected Cross-Site Scripting within the ASUS RT-AC68U Managing Web Interface, coderman
  - Re: [FD] Reflected Cross-Site Scripting within the ASUS RT-AC68U Managing Web Interface, Palula Brasil
[FD] Legality of Open Source Tools, Bryan Bickford
- Re: [FD] Legality of Open Source Tools, Brandon Perry
- Re: [FD] Legality of Open Source Tools, Andres Riancho
  - Message not available
    - Re: [FD] Legality of Open Source Tools, Andres Riancho
      - Re: [FD] Legality of Open Source Tools, Ryan Dewhurst
        
        Re: [FD] Legality of Open Source Tools, Volker Tanger
        
        Re: [FD] Legality of Open Source Tools, Toni Korpela
        
        Re: [FD] Legality of Open Source Tools, Toni Korpela
        
        Re: [FD] Legality of Open Source Tools, Henri Salo
        
        Re: [FD] Legality of Open Source Tools, Jeffrey Walton
        
        Re: [FD] Legality of Open Source Tools, Toni Korpela
        
        Re: [FD] Legality of Open Source Tools, Toni Korpela
        
        Re: [FD] Legality of Open Source Tools, Daniel Wood
      - Re: [FD] Legality of Open Source Tools, Not EcksKaySeeDee
      - Re: [FD] Legality of Open Source Tools, Brunner, Mark
        
        Message not available
        
        Re: [FD] Legality of Open Source Tools, John Young
        
        Re: [FD] Legality of Open Source Tools, coderman
  - Re: [FD] Legality of Open Source Tools, Sullo
- Re: [FD] Legality of Open Source Tools, coderman
[FD] Call for Papers: Privacy-Preserving IR (PIR) Workshop At SIGIR 2014, lei cen
[FD] Credit Cards for 1.2 Million Drivers Vulnerable at TxTag.org, David Longenecker
Re: [FD] AUTO: Bryant Smith is out of the office (returning 04/08/2014), coderman
Re: [FD] [Full-disclosure] SCADA StrangeLove 30C3 releases: all in one, coderman
[FD] MacOSX 10.9.2/XNU HFS Multiple Vulnerabilities, [CXSEC]
[FD] Advisory: Security Industry Scams and Lies, Nico Le Moin
[FD] NoSuchCon 2014 CFP is now open, NoSuchCon
[FD] heartbleed OpenSSL bug CVE-2014-0160, Kirils Solovjovs
- Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, Andrew Case
- Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, David H
  - Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, Joerg Mertin
    - Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, Jann Horn
      - Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, Francesc Guitart
        
        Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, Javier Reoyo
        
        Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, Carlos P
      - Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, David H
      - Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, Matthew Musingo
        
        Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, Craig Holmes
        
        Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, Michal Zalewski
        
        Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, Menso Heus
        
        Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, Txalin
        
        Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, Pål Nilsen
        
        Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, Reindl Harald
        
        Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, Pål Nilsen
      - Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, Ricardo Iramar dos Santos
- Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, Fraser Scott
  - Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, Nik Mitev
    - Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, Chris Schmidt
      - Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, Jann Horn
      - Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, Tim Schütt
        
        Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, Rob van der Putten
        
        Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, Walt Williams
        
        Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, Brandon Vincent (Student)
        
        Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, Carlos P
      - Message not available
        
        Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, Chris Schmidt
    - Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, Nik Mitev
  - Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, Ronny Lauenstein
    - Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, Ken Connelly
- Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, Justin Bull
- Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, Fabien Bourdaire
  - Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, Reindl Harald
    - Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, Juergen Christoffel
      - Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, Reindl Harald
        
        Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, Reindl Harald
        
        Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, Seth Arnold
  - Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, Daniel Franke
- Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, Jeremy Voorhis
  - Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, Brandon Perry
  - Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, Aidan Thornton
- Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, Peter Malone
  - Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, Coderaptor
- Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, Peter Malone
  - Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, Jann Horn
- Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, Ingo Schmitt
  - Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, Brandon Perry
  - Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, David Tomaschik
    - Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, Ivan .Heca
      - Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, Michal Zalewski
        
        Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, Paul Vixie
        
        Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, Paul Vixie
        
        Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, Ivan .Heca
        
        Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, Brandon Perry
        
        Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, Marco Davids (priv)
        
        Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, Juergen Christoffel
        
        Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, Paul Vixie
        
        Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, Michal Zalewski
        
        Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, Ferenc Kovacs
        
        Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, Manuel Tiago Pereira
        
        Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, Schmidt, Michael
        
        Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, Afonso Araújo Neto
        
        Message not available
        
        Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, Ricardo Iramar dos Santos
        
        Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, HaCKsPy
        
        [FD] Andrew "Weev" Auernheimer's Conviction Thrown Out, g@xxxxxxx
        
        Re: [FD] Andrew "Weev" Auernheimer's Conviction Thrown Out, Jeffrey Paul
        
        Re: [FD] Andrew "Weev" Auernheimer's Conviction Thrown Out, Groundworks Technologies Advisories
- Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, Joerg Mertin
  - Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, Michal Zalewski
- <Possible follow-ups>
- Re: [FD] heartbleed OpenSSL bug CVE-2014-0160, *
[FD] Bluetooth Text Chat v1.0 iOS - Code Execution Vulnerability, Vulnerability Lab
[FD] iis cgi 0day, yuange
- Message not available
  - Re: [FD] iis cgi 0day, yuange
- <Possible follow-ups>
- Re: [FD] iis cgi 0day, YiFei Yang
  - Message not available
    - Re: [FD] iis cgi 0day, YiFei Yang
  - Re: [FD] iis cgi 0day, Davide Davini
    - Re: [FD] iis cgi 0day, Reindl Harald
      - Re: [FD] iis cgi 0day, Homer Parker
        
        Re: [FD] iis cgi 0day, YiFei Yang
[FD] When two-factor authentication is not enough, Alfie John
- Re: [FD] When two-factor authentication is not enough, Jeff Sergeant
[FD] AppFish Offline Coder v2.2 iOS - Persistent Software Vulnerability, Vulnerability Lab
[FD] BlueMe Bluetooth v5.0 iOS - Code Execution Vulnerability, Vulnerability Lab
[FD] iVault Private P&V 1.1 iOS - Path Traversal Vulnerability, Vulnerability Lab
[FD] New tool: sn00p - Automation framework for security tests., Levon Kayan
[FD] Malware + Analyse = Malwarelyse, mschratt
[FD] heartbleed.c, Hacker Fantastic
- Re: [FD] heartbleed.c, Hacker Fantastic
  - Message not available
    - Re: [FD] heartbleed.c, Hacker Fantastic
[FD] Heartbleed exploited since 2013, des-apare . cido_77
[FD] NEW VMSA-2014-0003 VMware vSphere Client updates address security vulnerabilities, "VMware Security Response Center"
[FD] FW: dve bypass dep+aslr+emet+cfi, yuange
- Re: [FD] FW: dve bypass dep+aslr+emet+cfi, YiFei Yang
[FD] SEC Consult SA-20140411-0 :: Multiple vulnerabilities in Plex Media Server, SEC Consult Vulnerability Lab
[FD] Woltlab Burning Board 3.9.1 - Persistent Web Vulnerability & Editor Reverse Encoding Issue, Vulnerability Lab
[FD] CVE-2014-2384 - Invalid Pointer Dereference in VMware Workstation and Player, Portcullis Advisories
- [FD] CVE-2013-6216 - SetUID/SetGID Programs Allow Privilege Escalation Via Insecure RPATH in multiple HP products on Linux, Portcullis Advisories
  - [FD] CVE-2014-2591 - SetUID/SetGID Programs Allow Privilege Escalation Via Insecure RPATH in BMC Patrol for AIX, Portcullis Advisories
    - [FD] CVE-2014-2597 - Denial of Service in PCNetSoftware RAC Server, Portcullis Advisories
[FD] The state of infection in Uanet 2013, MustLive
[FD] AIMSICD: Developers for Android-App WANTED!, SecUpwN
[FD] CSRF and stored XSS in Quick Page/Post Redirect Plugin (WordPress plugin), dxw Security
[FD] CSRF/XSS vulnerability in Twitget 3.3.1 (WordPress plugin), dxw Security
[FD] MRI Rubies may contain statically linked, vulnerable OpenSSL, glitch
[FD] Multiple CSRF and XSS vulnerabilities in D-Link DAP 1150, MustLive
- <Possible follow-ups>
- [FD] Multiple CSRF and XSS vulnerabilities in D-Link DAP 1150, MustLive
[FD] DoS condition mt-daapd/Firefly Media Server 0.2.4.2, Eric Michaud
- <Possible follow-ups>
- Re: [FD] DoS condition mt-daapd/Firefly Media Server 0.2.4.2, Brandon Vincent (Student)
[FD] Synergy's Crypto Sucks, Taylor Hornby
[FD] Adobe Reader for Android exposes insecure Javascript interfaces, Securify B.V.
[FD] Socialtext as a DoS tool?, Brandon Perry
[FD] New multiple CSRF and XSS vulnerabilities in D-Link DAP 1150, MustLive
[FD] Two Possible Vulnerabilities in courier-imapd?, Peter Malone
- Re: [FD] Two Possible Vulnerabilities in courier-imapd?, Peter Malone
- <Possible follow-ups>
- Re: [FD] Two Possible Vulnerabilities in courier-imapd?, Dan Anderson
[FD] PDF Album v1.7 iOS - File Include Web Vulnerability, Vulnerability Lab
[FD] New PHP-Attack Vector ?, Thomas Lußnig
- <Possible follow-ups>
- Re: [FD] New PHP-Attack Vector ?, Michael Baker
  - Re: [FD] New PHP-Attack Vector ?, Martti Kühne
[FD] Unitrends enterprise backup remote unauthenticated root, Brandon Perry
[FD] Xerox DocuShare authenticated SQL injection, Brandon Perry
[FD] WebTitan 4.01 multiple vulnerabilities, Brandon Perry
[FD] HackMiami 2014 Hackers Conference in Miami Beach, FL - May 9-11, 2014, Alex HackMiami
[FD] Should openssl accept weak DSA/DH keys with g = +/- 1 ?, Georgi Guninski
- Re: [FD] Should openssl accept weak DSA/DH keys with g = +/- 1 ?, Hanno Böck
  - Re: [FD] Should openssl accept weak DSA/DH keys with g = +/- 1 ?, Georgi Guninski
    - Re: [FD] Should openssl accept weak DSA/DH keys with g = +/- 1 ?, Hanno Böck
    - Re: [FD] Should openssl accept weak DSA/DH keys with g = +/- 1 ?, Pavel Kankovsky
      - Re: [FD] Should openssl accept weak DSA/DH keys with g = +/- 1 ?, Jeffrey Walton
[FD] Auditing systems for vulnerable 3rd-party OpenSSL, Gabriel Brezi
- Re: [FD] Auditing systems for vulnerable 3rd-party OpenSSL, Dotzero
  - Re: [FD] Auditing systems for vulnerable 3rd-party OpenSSL, Mike Iglesias
  - Re: [FD] Auditing systems for vulnerable 3rd-party OpenSSL, James Lay
[FD] lxml (python lib) vulnerability, Максим Кочкин
[FD] Audit: don't only focus on heartbleed issue, Shawn
- Re: [FD] Audit: don't only focus on heartbleed issue, Ron Bowes
  - Re: [FD] Audit: don't only focus on heartbleed issue, Paul McMillan
  - Re: [FD] Audit: don't only focus on heartbleed issue, antisnatchor
  - Re: [FD] Audit: don't only focus on heartbleed issue, Reindl Harald
    - Re: [FD] Audit: don't only focus on heartbleed issue, Tim
      - Re: [FD] Audit: don't only focus on heartbleed issue, Reindl Harald
    - Re: [FD] Audit: don't only focus on heartbleed issue, Stephane Bortzmeyer
- Re: [FD] Audit: don't only focus on heartbleed issue, Hanno Böck
[FD] [CORE-2014-0003] - SAP Router Password Timing Attack, CORE Advisories Team
[FD] Reflected XSS Attacks vulnerabilities F-Secure Messaging Security Gateway V7.5.0.892 (CVE-2014-2844), William Costa
[FD] Suspect arrested who used Heartbleed to infiltrate the Canada Revenue Agency (Our IRS), Justin Bull
- Re: [FD] Suspect arrested who used Heartbleed to infiltrate the Canada Revenue Agency (Our IRS), Andrew Klaus
  - Re: [FD] Suspect arrested who used Heartbleed to infiltrate the Canada Revenue Agency (Our IRS), Joe Pierini
[FD] ASUS RT-XXXX SOHO routers expose admin password, fixed in 3.0.0.4.374.5517, David Longenecker
[FD] Buggy insecure "security" software executes rogue binary during installation and uninstallation, Stefan Kanthak
[FD] Ruby OpenSSL private key spoofing ~ CVE-2014-2734 with PoC, Gregory Disney
[FD] ldd for OS X WAS:Auditing systems for vulnerable 3rd-party OpenSSL (Gabriel Brezi), Douglas Held
- Re: [FD] ldd for OS X WAS:Auditing systems for vulnerable 3rd-party OpenSSL (Gabriel Brezi), Tim Heckman
[FD] NRPE - Nagios Remote Plugin Executor <= 2.15 Remote Command Execution, golunski
- Re: [FD] NRPE - Nagios Remote Plugin Executor <= 2.15 Remote Command Execution, Jakob Rößler
[FD] Remote Command Injection in Ruby Gem sfpagent 0.4.14, Larry W. Cashdollar
[FD] CS and XSS vulnerabilities in CU3ER, MustLive
[FD] CSRF, AoF and XSS vulnerabilities in D-Link DAP 1150, MustLive
[FD] no good signals in infosec, coderman
[FD] phpManufaktur / kitForm Unauthenticated SQL Injection Vulnerability, Chapp
Re: [FD] [ANN] Struts 2.3.16.1 GA release available - security fix, Takeshi Terada
[FD] Vulnerabilities in plugins with CU3ER for WordPress, Joomla, SilverStripe and Plone, MustLive
[FD] CS, XSS and FPD vulnerabilities in multiple plugins with CU3ER for WordPress, MustLive
[FD] BlackArch Linux / New ISOs released, Levon Kayan
[FD] RAT C2 Domains, Kevin Breen
[FD] Parallels Plesk Panel 12.x & 11.x /etc/psa/private/secret_key leakage, Tim Rots
[FD] (CVE-2014-1648) Symantec Messaging Gateway Management Console Cross Site Scripting Vulnerability, William Costa
[FD] SEC Consult SA-20140423-0 :: Path Traversal/Remote Code Execution in WD Arkeia Network Backup Appliances, SEC Consult Vulnerability Lab
[FD] CVE-2014-2383 - Arbitrary file read in dompdf, Portcullis Advisories
[FD] CVE-2014-1217 - Unauthenticated access to sensitive information and functionality in Livetecs Timelive, Portcullis Advisories
[FD] CVE-2014-2042 - Unrestricted file upload in Livetecs Timelive, Portcullis Advisories
[FD] AirPhoto WebDisk v4.1.0 iOS - Code Execution Vulnerability, Vulnerability Lab
[FD] Request for help exploiting seunshare, Andrew Lutomirski
[FD] [ANN] Struts 2 up to 2.3.16.1: Zero-Day Exploit Mitigation (security | critical), Rene Gielen
- Re: [FD] [ANN] Struts 2 up to 2.3.16.1: Zero-Day Exploit Mitigation (security | critical), Tim
  - Re: [FD] [ANN] Struts 2 up to 2.3.16.1: Zero-Day Exploit Mitigation (security | critical), Rene Gielen
    - Re: [FD] [ANN] Struts 2 up to 2.3.16.1: Zero-Day Exploit Mitigation (security | critical), Tim
      - Re: [FD] [ANN] Struts 2 up to 2.3.16.1: Zero-Day Exploit Mitigation (security | critical), Rene Gielen
        
        Re: [FD] [ANN] Struts 2 up to 2.3.16.1: Zero-Day Exploit Mitigation (security | critical), Rene Gielen
      - Re: [FD] [ANN] Struts 2 up to 2.3.16.1: Zero-Day Exploit Mitigation (security | critical), Alexander Georgiev
        
        Re: [FD] [ANN] Struts 2 up to 2.3.16.1: Zero-Day Exploit Mitigation (security | critical), Rene Gielen
  - Re: [FD] [ANN] Struts 2 up to 2.3.16.1: Zero-Day Exploit Mitigation (security | critical), Tim
    - Re: [FD] [ANN] Struts 2 up to 2.3.16.1: Zero-Day Exploit Mitigation (security | critical), Rene Gielen
[FD] Advisory: jruby-sandbox Breakout, joernchen
[FD] Multiple Vulnerabilities in iMember360 (Wordpress plugin), Everett Griffiths
[FD] Depot WiFi v1.0.0 iOS - Multiple Web Vulnerabilities, Vulnerability Lab
[FD] UI redress attack on live.com (affected all pages), Sandeep Kamble
[FD] Legitimacy of new Heartbleed exploit?, Dillon Korman
- Re: [FD] Legitimacy of new Heartbleed exploit?, Jann Horn
  - Re: [FD] Legitimacy of new Heartbleed exploit?, Michal Zalewski
- Re: [FD] Legitimacy of new Heartbleed exploit?, H. Dong
  - Re: [FD] Legitimacy of new Heartbleed exploit?, david switzer
    - Re: [FD] Legitimacy of new Heartbleed exploit?, Ivan Kwiatkowski
- Re: [FD] Legitimacy of new Heartbleed exploit?, Bennett Todd
- Re: [FD] Legitimacy of new Heartbleed exploit?, Peter Malone
[FD] CS, XSS and FPD vulnerabilities in multiple themes with CU3ER for WordPress, MustLive
[FD] Divx plugin suite heap-based buffer overflow, Andres Gomez Ramirez
[FD] Symantec Endpoint Protection – Remote Buffer Overflow PoC (CVE-2013-1612), Jérôme Nokin
[FD] DAVOSET v.1.2, MustLive
- Re: [FD] DAVOSET v.1.2, laurent gaffie
  - Re: [FD] DAVOSET v.1.2, Brandon Perry
[FD] Exploit: McAfee ePolicy 0wner (ePowner) – Release, Jérôme Nokin
- Re: [FD] Exploit: McAfee ePolicy 0wner (ePowner) – Release, Jérôme Nokin
[FD] Telegram authentication bypass, jdiaz
- Re: [FD] Telegram authentication bypass, Dominik Schürmann
  - Re: [FD] Telegram authentication bypass, jdiaz
    - Re: [FD] Telegram authentication bypass, Mario Vilas
    - Re: [FD] Telegram authentication bypass, Tony Arcieri
- Re: [FD] Telegram authentication bypass, Hanno Böck
[FD] [Onapsis Security Advisory 2014-005] Information disclosure in SAP Software Lifeclycle Manager, Onapsis Research Labs
[FD] What the hell am I reading? (was: Telegram authentication bypass), Munchausen
[FD] [Onapsis Security Advisory 2014-006] Missing authorization check in SAP Background Processing RFC, Onapsis Research Labs
[FD] [Onapsis Security Advisory 2014-007] Missing authorization check in SAP Profile Maintenance, Onapsis Research Labs
[FD] [Onapsis Security Advisory 2014-008] SAP NW Portal WD Information Disclosure, Onapsis Research Labs
[FD] [Onapsis Security Advisory 2014-009] SAP BASIS Missing Authorization Check, Onapsis Research Labs
[FD] [Onapsis Security Advisory 2014-010] SAP BusinessObjects InfoView Reflected Cross Site Scripting, Onapsis Research Labs
[FD] Arbitrary code execution by admins in File Gallery 1.7.7 (WordPress plugin), dxw Security
- Re: [FD] Arbitrary code execution by admins in File Gallery 1.7.7 (WordPress plugin), Illwill
  - Re: [FD] Arbitrary code execution by admins in File Gallery 1.7.7 (WordPress plugin), Dave Warren
    - Re: [FD] Arbitrary code execution by admins in File Gallery 1.7.7 (WordPress plugin), Harry Metcalfe
      - Message not available
        
        Re: [FD] Arbitrary code execution by admins in File Gallery 1.7.7 (WordPress plugin), Harry Metcalfe
[FD] AOL confirms compromise, Daniel Hadfield
- Re: [FD] AOL confirms compromise, Jeffrey Walton
  - Re: [FD] AOL confirms compromise, Brandon Perry
[FD] DoS - Intuit QuickBase, Scott Arciszewski
[FD] SEC Consult SA-20140430-0 :: SQL injection and persistent XSS in the Typo3 3rd party extension si_bibtex, SEC Consult Vulnerability Lab

Mail converted by MHonArc