Full Disclosure: by date

• RSS Feed
• About List
• All Lists

Previous period

Next period

641 messages starting Dec 01 07 and ending Dec 31 07
Date index | Thread index | Author index

Saturday, 01 December

Re: ZDI-07-069: CA BrightStor ARCserve Backup Message Engine Insecure Method Exposure Vulnerability Williams, James K
Re: PlayStation 3 predicts next US president (fwd) Slythers Bro
DC4420 - London DEFCON chapter Christmas Party - 11th December Major Malfunction
Phioust gets all emotional to gobbles and friends ... Gobbles is back
MD5 algorithm considered toxic (and harmful) Kristian Erik Hermansen
Firefox 2.0.0.11 File Focus Stealing vulnerability carl hardwick
Re: MD5 algorithm considered toxic (and harmful) Steven Adair
Re: Firefox 2.0.0.11 File Focus Stealing vulnerability Juha-Matti Laurio
rPSA-2007-0255-1 nss_ldap rPath Update Announcements
Re: Firefox 2.0.0.11 File Focus Stealing vulnerability Randal, Phil
Re: High Value Target Selection gmaggro
Re: High Value Target Selection gmaggro
Re: Firefox 2.0.0.11 File Focus Stealing vulnerability Nate McFeters
Re: MD5 algorithm considered toxic (and harmful) James Matthews
Re: MD5 algorithm considered toxic (and harmful) Enno Rey
Re: MD5 algorithm considered toxic (and harmful) Tim
Re: Firefox 2.0.0.11 File Focus Stealing vulnerability Static Rez
Firefox explicit charset inheritance Paul Szabo
Re: MD5 algorithm considered toxic (and harmful) Paul Schmehl
Phioust is now getting really emotional ... Gobbles is back
Phioust is now getting really emotional ... Gobbles is back
Re: Full-Disclosure Digest, Vol 34, Issue 1 Randy Mueller
Re: MD5 algorithm considered toxic (and harmful) coderman
Re: High Value Target Selection coderman
Re: Firefox 2.0.0.11 File Focus Stealing vulnerability Juha-Matti Laurio
Re: MD5 algorithm considered toxic (and harmful) Valdis . Kletnieks
Re: MD5 algorithm considered toxic (and harmful) Kristian Erik Hermansen
Re: High Value Target Selection gmaggro
Hell Camp: A Terrifying Story of Lies and Middle-Men Goebbels Amadeus
Re: High Value Target Selection Valdis . Kletnieks
Re: Signature or checksum? (was: MD5 considered harmful) coderman
Re: authentic hackers still do it for the love ... (was: Hell Camp: It never pays enough) coderman

Sunday, 02 December

Re: authentic hackers still do it for the love ... (was: Hell Camp: It never pays enough) pdp (architect)
Re: authentic hackers still do it for the love ... (was: Hell Camp: It never pays enough) coderman
Re: authentic hackers still do it for the love ... (was: Hell Camp: It never pays enough) coderman
Re: Firefox 2.0.0.11 File Focus Stealing vulnerability Juha-Matti Laurio
need help in managing administrators happy nino
Bypassing group policy Eric Rachner
[SECURITY] [DSA 1417-1] New asterisk packages fix SQL injection Moritz Muehlenhoff
Re: Signature or checksum? Kristian Erik Hermansen
Re: Phioust gets all emotional to gobbles and friends... 3lucid8
[SECURITY] [DSA 1418-1] New cacti packages fix SQL injection Thijs Kinkhorst
Web Beam, the new concept web application penetration testing tool Billy . Hoffman
Re: need help in managing administrators T Biehn
Re: authentic hackers still do it for the love ... (was: Hell Camp: It never pays enough) jf
Re: need help in managing administrators Valdis . Kletnieks
Re: authentic hackers still do it for the love ... (was: Hell Camp: It never pays enough) Valdis . Kletnieks
Re: authentic hackers still do it for the love ... (was: Hell Camp: It never pays enough) coderman
Re: need help in managing administrators James Matthews
Re: authentic hackers still do it for the love ... (was: Hell Camp: It never pays enough) James Matthews
Re: need help in managing administrators Valdis . Kletnieks
Re: need help in managing administrators T Biehn
Re: need help in managing administrators T Biehn
Re: need help in managing administrators Valdis . Kletnieks
Re: need help in managing administrators Paul Schmehl
SCADA refresher gmaggro
Re: need help in managing administrators Dude VanWinkle
Re: need help in managing administrators T Biehn
Re: need help in managing administrators Joel R. Helgeson

Monday, 03 December

Re: High Value Target Selection Vincent Archer
unsubscribe full-disclosure Makousky, Steve C
Phioust is dead, long live Matasano !!! Gobbles is back
Re: need help in managing administrators Dude VanWinkle
Re: Web Beam, the new concept web application penetration testing tool Dude VanWinkle
Re: SCADA refresher Elazar Broad
Re: SCADA refresher Dude VanWinkle
Re: High Value Target Selection reepex
Anyone have a reason for 2x the email flow today? Dude VanWinkle
[USN-550-1] Cairo vulnerability Kees Cook
Re: authentic hackers still do it for the love ... (was: Hell Camp: It never pays enough) Adrian P
[ MDKSA-2007:234 ] - Updated vixie-cron packages fix DoS vulnerability security
[ MDKSA-2007:235 ] - Updated apache packages fix vulnerabilities security
Re: SCADA refresher I. D.
Re: Anyone have a reason for 2x the email flow today? Joey Mengele
Re: Anyone have a reason for 2x the email flow today? Dude VanWinkle
Re: Anyone have a reason for 2x the email flow today? gjgowey
[USN-551-1] OpenLDAP vulnerabilities Jamie Strandboge
[USN-549-2] PHP regression Kees Cook

Tuesday, 04 December

Firefox UTF-7 Universal XSS Paul Szabo
Re: SCADA refresher Joey Mengele
SEC Consult SA-20071204-0 :: SonicWALL Global VPN Client Format String Vulnerability Bernhard Mueller
Re: Anyone have a reason for 2x the email flow today? Maloney, Michael
The first release of SWFIntruder is out ! Stefano Di Paola
TIBCO Rendezvous Exploitation Video IRM Research
SecNiche Garbage Dumps on mailinglists Lamer Buster
Re: SCADA refresher gmaggro
Professional IT Security Service Providers - Exposed secreview
Re: Professional IT Security Service Providers - Exposed trains
[USN-546-2] Firefox regression Kees Cook
Internet Explorer Vuln Report, Debunked [Jeff R. Jones is becoming FUD-master] Kristian Erik Hermansen
Re: Professional IT Security Service Providers - Exposed secreview
[USN-552-1] Perl vulnerability Kees Cook
[USN-553-1] Mono vulnerability Kees Cook
The recent number of unpatched QuickTime flaws is: two Juha-Matti Laurio
[ MDKSA-2007:236 ] - Updated openssh packages fix X11 cookie vulnerability security
[ MDKSA-2007:237 ] - Updated openssl packages fix DTLS vulnerability security
0day XSS for MPAA.org Kristian Erik Hermansen
rPSA-2007-0257-1 rsync rPath Update Announcements
XSS Early Warning Mailing List Now Open security

Wednesday, 05 December

Re: Certificate spoofing issue with Mozilla, Konqueror, Safari 2 Alexander Klink
Re: need help in managing administrators happy nino
Cisco Phone 7940 remote DOS Radu State
[SECURITY] [DSA 1419-1] New OpenOffice.org packages fix arbitrary Java code execution Martin Schulze
Nokia N95 cellphone remote DoS using the SIP Stack Radu State
Information about recent malware exploited vulnerabilities - a blog post uday kumar
Cisco Security Advisory: Cisco Security Agent for Windows System Driver Remote Buffer Overflow Vulnerability Cisco Systems Product Security Incident Response Team
Re: Nokia N95 cellphone remote DoS using the SIP Stack reepex
Re: 0day XSS for MPAA.org Ham Beast
Re: GOBBLES or n3td3v coderman
Re: Nokia N95 cellphone remote DoS using the SIP Stack reepex
Re: Anyone have a reason for 2x the email flow today? Dude VanWinkle
Re: Nokia N95 cellphone remote DoS using the SIP Stack state
Re: Nokia N95 cellphone remote DoS using the SIP Stack reepex
Re: Nokia N95 cellphone remote DoS using the SIP Stack nnp
[ GLSA 200712-01 ] Hugin: Insecure temporary file creation Pierre-Yves Rofes
[ GLSA 200712-02 ] Cacti: SQL injection Pierre-Yves Rofes
Re: need help in managing administrators Valdis . Kletnieks
Report: Foreign Countries Develop U.S. Defense Systems Software worried security
Re: Professional IT Security Service Providers - Exposed Valdis . Kletnieks
CiscoWorks Server XSS Vulnerability Liquidmatrix Security Digest
UPDATE: [ GLSA 200711-29 ] Samba: Execution of arbitrary code Pierre-Yves Rofes
Re: Professional IT Security Service Providers - Exposed SecReview
Defense board sounds louder alarm about foreign software development worried security
Re: 0day XSS for MPAA.org Kristian Erik Hermansen
Re: need help in managing administrators T Biehn
Re: Anyone have a reason for 2x the email flow today? Dude VanWinkle
Re: need help in managing administrators Dude VanWinkle
Re: Anyone have a reason for 2x the email flow today? Bob Bruen
Inside the "Ron Paul" Spam Botnet lsi
Re: Anyone have a reason for 2x the email flow today? Dude VanWinkle
Re: need help in managing administrators Valdis . Kletnieks
Re: need help in managing administrators Dude VanWinkle
[UPDATE]CA BrightStor ARCServe BackUp Message Engine Remote Stack Overflow Vulnerability cocoruder
Re: Professional IT Security Service Providers - Exposed Dude VanWinkle
Re: need help in managing administrators Valdis . Kletnieks
Re: need help in managing administrators Dude VanWinkle
SUSE Security Announcement: samba (SUSE-SA:2007:065) Thomas Biege
[SECURITY] [DSA 1420-1] New zabbix packages fix privilege escalation Thijs Kinkhorst
Re: Anyone have a reason for 2x the email flow today? Kosala Atapattu
Re: Anyone have a reason for 2x the email flow today? Jerry L. Ivey
Re: Anyone have a reason for 2x the email flow today? James C. Slora Jr.
Re: need help in managing administrators Nick FitzGerald
Re: need help in managing administrators Valdis . Kletnieks
Avast! AntiVirus TAR Processing Remote Heap Corruption Sowhat
Re: need help in managing administrators T Biehn
pcap flow extraction Ivan .
Re: [UPDATE]CA BrightStor ARCServe BackUp Message Engine Remote Stack Overflow Vulnerability Code Audit Labs

Thursday, 06 December

Re: pcap flow extraction John Kinsella
Re: pcap flow extraction SilentRunner
Re: Nokia N95 cellphone remote DoS using the SIP Stack Humberto Abdelnur
Re: pcap flow extraction, Net::Frame is your friend GomoR
[SECURITY] [DSA 1421-1] New wesnoth packages fix arbitrary file disclosure Martin Schulze
[SECUNIA] Vendors still use the "legal" weapon Thomas Kristensen
Re: [SECUNIA] Vendors still use the "legal" weapon Simon Smith
[ MDKSA-2007:238 ] - Updated liblcms package fixes buffer overflow security
[USN-554-1] teTeX and TeX Live vulnerabilities Jamie Strandboge
Re: High Value Target Selection gmaggro
ZDI-07-070: Skype skype4com URI Handler Remote Heap Corruption Vulnerability zdi-disclosures
Re: Anyone have a reason for 2x the email flow today? Sven Meeus
[Security Advisorie] OpenNewsletter v2.5 Multipe XSS Attacks Sarasa
HackerSafe Labs - Security Advisory - Xigla Absolute Banner Manager v4.0 Joseph Pierini
TCP Port randomization paper Fernando Gont
ZDI-07-071: HP OpenView Network Node Manager Multiple CGI Buffer Overflows zdi-disclosures
R7-0031: JFreeChart Image Map Cross-Site Scripting Vulnerabilities advisory
[CAID 35724, 35725, 35726]: CA BrightStor ARCserve Backup Multiple Vulnerabilities Williams, James K
[ MDKSA-2007:239 ] - Updated heimdal packages fix potential vulnerability security
rPSA-2007-0260-1 firefox rPath Update Announcements
GOBBLE ALERT FOR PEOPLES !! Gobbles is back
Google / GMail bug, all accounts vulnerable Kristian Erik Hermansen
Re: TCP Port randomization paper Vladimir Vitkov
Re: [Full-disclosure] b0b27a223b66678f24aec254366526d7910d0f38679f6478804c7480d2271ce9 [was: TCP Port randomization paper] coderman

Friday, 07 December

[SECURITY] [DSA 1422-1] New e2fsprogs packages fix arbitrary code execution Steve Kemp
Re: Google / GMail bug, all accounts vulnerable Aaron Katz
Re: Google / GMail bug, all accounts vulnerable Mukul Dharwadkar
netkit-ftpd/ftp uninitialized vulnerability xiaojunli.air
Heimdal ftpd uninitialized vulnerability xiaojunli.air
MIT Kerberos 5: Multiple vulnerabilities xiaojunli.air
Re: Google / GMail bug, all accounts vulnerable worried security
Re: Google / GMail bug, all accounts vulnerable Ed Carp
[SECURITY] [DSA 1423-1] New sitebar packages fix several vulnerabilities Steve Kemp
Sign the Downing Street E-Petition Submitted by Neil Stinchcombe of Infosecurity Europe worried security
Re: Google / GMail bug, all accounts vulnerable M . B . Jr .
Fwd: Google / GMail bug, all accounts vulnerable Aaron Katz
Re: Google / GMail bug, all accounts vulnerable Aaron Katz
Re: MIT Kerberos 5: Multiple vulnerabilities Jonathan Smith
[ MDKSA-2007:240 ] - Updated libnfsidmap packages fix username lookup flaw security
Limited upload directory traversal in HTTP File Server 2.2a / 2.3 beta (build #146) Luigi Auriemma
Two vulnerabilities in Simple HTTPD 1.38 Luigi Auriemma
Multiple vulnerabilities in Firefly Media Server (mt-daapd) 2.4.1 / SVN 1699 Luigi Auriemma
Upload directory traversal in Easy File Sharing 4.5 Luigi Auriemma
Re: TCP Port randomization paper Fernando Gont
Re: Google / GMail bug, all accounts vulnerable Kristian Erik Hermansen
[USN-555-1] e2fsprogs vulnerability Kees Cook
Re: Google / GMail bug, all accounts vulnerable alessandro salvatori
Re: Google / GMail bug, all accounts vulnerable Joseph Hick
Re: Google / GMail bug, all accounts vulnerable Kristian Erik Hermansen
Re: Cisco Phone 7940 remote DOS Clay Seaman-Kossmey

Saturday, 08 December

[SECURITY] [DSA 1424-1] New iceweasel packages fix several vulnerabilities Moritz Muehlenhoff
[SECURITY] [DSA 1425-1] New xulrunner packages fix several vulnerabilities Moritz Muehlenhoff
[SECURITY] [DSA 1426-1] New qt-x11-free packages fix several vulnerabilities Moritz Muehlenhoff
Compromise of Tor, anonymizing networks/utilities gmaggro
Re: Compromise of Tor, anonymizing networks/utilities Peter Besenbruch
Re: Compromise of Tor, anonymizing networks/utilities Fetch, Brandon
Re: Compromise of Tor, anonymizing networks/utilities coderman
Re: Compromise of Tor, anonymizing networks/utilities coderman
Re: Compromise of Tor, anonymizing networks/utilities gmaggro
Re: Compromise of Tor, anonymizing networks/utilities coderman
Re: Compromise of Tor, anonymizing networks/utilities gmaggro
Re: Compromise of Tor, anonymizing networks/utilities jf
Re: Compromise of Tor, anonymizing networks/utilities coderman
Re: Google / GMail bug, all accounts vulnerable It's just stopped working for me. Ashly A K
Re: Compromise of Tor, anonymizing networks/utilities jf
Re: Compromise of Tor, anonymizing networks/utilities coderman
Vista's been hacked Aaron Gray
Re: Vista's been hacked evilrabbi
Re: Vista's been hacked dripping
Re: Vista's been hacked dripping
Re: Vista's been hacked Aaron Gray
Re: pcap flow extraction Richard Bejtlich
Re: Vista's been hacked dripping
Re: Vista's been hacked dripping
Re: pcap flow extraction reepex
Re: TCP Port randomization paper reepex
Re: Vista's been hacked Aaron Gray
Re: (no subject) reepex
Re: (no subject) dripping
Re: Vista's been hacked Aaron Gray
Re: Vista's been hacked Aaron Gray
Re: (no subject) reepex

Sunday, 09 December

Re: Compromise of Tor, anonymizing networks/utilities Peter Besenbruch
Re: (no subject) Simon Smith
Re: (no subject) dripping
Re: (no subject) Simon Smith
Re: (no subject) dripping
Re: (no subject) reepex
Re: (no subject) dripping
Re: (no subject) Simon Smith
Re: (no subject) Simon Smith
Re: (no subject) dripping
[ GLSA 200712-04 ] Cairo: User-assisted execution of arbitrary code Pierre-Yves Rofes
Re: Flash that simulates virus scan reepex
Re: Flash that simulates virus scan reepex
Re: Flash that simulates virus scan reepex
Re: Flash that simulates virus scan reepex
Re: on xss and its technical merit reepex
[ GLSA 200712-03 ] GNU Emacs: Multiple vulnerabilities Pierre-Yves Rofes
Re: (no subject) Simon Smith
Re: (no subject) reepex
Re: Flash that simulates virus scan Simon Smith
Re: Flash that simulates virus scan reepex
Re: (no subject) dripping
Re: Flash that simulates virus scan Dude VanWinkle
[ GLSA 200712-05 ] PEAR::MDB2: Information disclosure Pierre-Yves Rofes
[ GLSA 200712-06 ] Firebird: Multiple buffer overflows Pierre-Yves Rofes
[ GLSA 200712-07 ] Lookup: Insecure temporary file creation Pierre-Yves Rofes
Re: Flash that simulates virus scan jf
Re: Flash that simulates virus scan Simon Smith
[ GLSA 200712-08 ] AMD64 x86 emulation Qt library: Multiple vulnerabilities Pierre-Yves Rofes
[ GLSA 200712-09 ] Ruby-GNOME2: Format string error Pierre-Yves Rofes
Re: pcap flow extraction Ivan .
Re: pcap flow extraction Bill Weiss

Monday, 10 December

The Cookie Tools v0.3 -- first public release michele dallachiesa
Advisory: Websense XSS Vulnerability Liquidmatrix Security Digest
WordPress Charset SQL injection vulnerability Abel Cheung
Captive Portal bypassing gmaggro
Re: Captive Portal bypassing T Biehn
Re: Captive Portal bypassing Steven Adair
WordPress Charset SQL injection vulnerability (resend) Abel Cheung
Secunia Research: Samba "send_mailslot()" Buffer Overflow Vulnerability Secunia Research
rPSA-2007-0261-1 samba samba-swat rPath Update Announcements
CVE-2007-6205 Hanno Böck
Multiple vulnerabilities in BarracudaDrive 3.7.2 Luigi Auriemma
Filesystem access in DOSBox 0.72 Luigi Auriemma
Multiple vulnerabilities in BadBlue 2.72b Luigi Auriemma
[ GLSA 200712-10 ] Samba: Execution of arbitrary code Pierre-Yves Rofes
[USN-550-2] Cairo regression Kees Cook
[SECURITY] [DSA 1427-1] New samba packages fix arbitrary code execution Moritz Muehlenhoff
Re: Captive Portal bypassing gmaggro
ZDI-07-072: Novell Netmail AntiVirus Agent Multiple Overflow Vulnerabilities zdi-disclosures
[ MDKSA-2007:241 ] - Updated tomcat5 packages fix multiple vulnerabilities security
Re: Captive Portal bypassing Peter Besenbruch
Re: Captive Portal bypassing gmaggro
[ MDKSA-2007:242 ] - Updated e2fsprogs packages fix vulnerability security
[ MDKSA-2007:243 ] - Updated MySQL packages fix multiple vulnerabilities security
Re: The Cookie Tools v0.3 -- first public release Andrew Farmer
Re: Captive Portal bypassing coderman
Re: The Cookie Tools v0.3 -- first public release Jason
Re: The Cookie Tools v0.3 -- first public release coderman

Tuesday, 11 December

Re: Microsoft FTP Client Multiple Bufferoverflow Vulnerability Morning Wood
0day to sell Juergen Marester
TrendMicro AntiVirus UUE Processing Vulnerability Sowhat
[SECURITY] [DSA 1481-1] New Linux 2.6.18 packages fix several vulnerabilities dann frazier
httprecon project Marc Ruef
Re: Captive Portal bypassing gmaggro
PGMfuzz - a tool for testing Pragmatic General Multicast protocol implementations IRM Research
List Charter John Cartwright
Re: Google / GMail bug, all accounts vulnerable Porco Graxa
Black Hat Briefings Call for Papers jmoss
TOP 10 Vulnerability Trends for 2008 Sowhat
Re: Microsoft FTP Client Multiple Bufferoverflow Vulnerability reepex
Re: TOP 10 Vulnerability Trends for 2008 reepex
Re: TOP 10 Vulnerability Trends for 2008 Sowhat
[SECURITY] [DSA 1429-1] New htdig packages fix cross site scripting Steve Kemp
[SECURITY] [DSA 1430-1] New libnss-ldap packages fix denial of service Steve Kemp
ZDI-07-073: Microsoft Internet Explorer setExpression Vulnerability zdi-disclosures
ZDI-07-074: Microsoft Internet Explorer Node Manipulation Memory Corruption zdi-disclosures
ZDI-07-076: Microsoft Windows Message Queuing Service Stack Overflow Vulnerability zdi-disclosures
ZDI-07-075: Microsoft Internet Explorer Element Tags Vulnerability zdi-disclosures
[SECURITY] [DSA 1431-1] New ruby-gnome2 packages fix execution of arbitrary code Steve Kemp
Re: TCP Port randomization paper Fernando Gont
Re: Google / GMail bug, all accounts vulnerable Aaron Katz
[SECURITY] [DSA 1430-1] New libnss-ldap packages fix denial of service Lebbeous Weekley
rPSA-2007-0262-1 e2fsprogs rPath Update Announcements
Re: Google / GMail bug, all accounts vulnerable Kristian Erik Hermansen
[ MDKSA-2007:244 ] - Updated samba packages fix vulnerability security
Re: Google / GMail bug, all accounts vulnerable coderman
Re: Captive Portal bypassing coderman
Re: Captive Portal bypassing coderman
Re: Google / GMail bug, all accounts vulnerable Kristian Erik Hermansen
Re: Google / GMail bug, all accounts vulnerable coderman
Re: Google / GMail bug, all accounts vulnerable Nick FitzGerald
Venustech reports of MIT krb5 vulns [CVE-2007-5894 CVE-2007-5901 CVE-2007-5902 CVE-2007-5971 CVE-2007-5972] Tom Yu

Wednesday, 12 December

Re: Microsoft FTP Client Multiple Bufferoverflow Vulnerability Morning Wood
Re: Vulnerability Difficulty, Finesse of Implementation, Moral Character coderman
Re: Google / GMail bug, all accounts vulnerable jipe foo
Re: Google / GMail bug, all accounts vulnerable ad () heapoverflow com
Re: on xss and its technical merit coderman
Re: on xss and its technical merit Byron Sonne
Re: Google / GMail bug, all accounts vulnerable coderman
Re: Google / GMail bug, all accounts vulnerable coderman
Re: on xss and its technical merit Jay
[SECURITY] [DSA 1428-2] New Linux 2.6.18 packages fix several vulnerabilities dann frazier
SUSE Security Announcement: samba (SUSE-SA:2007:068) Thomas Biege
Phishing Metamorphosis in 2007 - Trends and Developments Dancho Danchev
Re: Google / GMail bug, all accounts vulnerable Kristian Erik Hermansen
Re: on xss and its technical merit Byron Sonne
Re: Google / GMail bug, all accounts vulnerable Steven Adair
Re: Google / GMail bug, all accounts vulnerable coderman
Re: Google / GMail bug, all accounts vulnerable coderman
Re: on xss and its technical merit Fredrick Diggle
Re: on xss and its technical merit Joao Inacio
Re: Google / GMail bug, all accounts vulnerable Christopher Abad
Re: on xss and its technical merit Jay
Re: on xss and its technical merit Fredrick Diggle
Re: on xss and its technical merit Fredrick Diggle
iDefense Security Advisory 12.11.07: Microsoft Internet Explorer JavaScript setExpression Heap Corruption Vulnerability iDefense Labs
Re: on xss and its technical merit J. Oquendo
iDefense Security Advisory 12.11.07: Microsoft DirectX 7 and 8 DirectShow Stack Buffer Overflow Vulnerability iDefense Labs
Re: Google / GMail bug, all accounts vulnerable Peter Besenbruch
Re: Google / GMail bug, all accounts vulnerable Andrew A
Re: Google / GMail bug, all accounts vulnerable Andrew A
Re: on xss and its technical merit Byron Sonne
Re: Google / GMail bug, all accounts vulnerable Andrew A
Re: on xss and its technical merit Valdis . Kletnieks
Re: Google / GMail bug, all accounts vulnerable Steven Adair
Re: Google / GMail bug, all accounts vulnerable Peter Besenbruch
Fwd: Websense 6.3.1 Filtering Bypass The Security Community
rPSA-2007-0264-1 mod_dav_svn subversion rPath Update Announcements
Re: Microsoft FTP Client Multiple Bufferoverflow Vulnerability Dude VanWinkle
Re: Microsoft FTP Client Multiple Bufferoverflow Vulnerability Fredrick Diggle
Re: Microsoft FTP Client Multiple Bufferoverflow Vulnerability Dude VanWinkle
[USN-550-3] Cairo regression Kees Cook
Re: Microsoft FTP Client Multiple Bufferoverflow Vulnerability Dude VanWinkle
Re: Microsoft FTP Client Multiple Bufferoverflow Vulnerability reepex
Re: Google / GMail bug, all accounts vulnerable coderman
Re: Google / GMail bug, all accounts vulnerable coderman
Re: Full-Disclosure Digest, Vol 34, Issue 31 Kristian Erik Hermansen

Thursday, 13 December

Re: Full-Disclosure Digest, Vol 34, Issue 31 Kristian Erik Hermansen
Re: Microsoft FTP Client Multiple Bufferoverflow Vulnerability Fredrick Diggle
Re: on xss and its technical merit Jay
Re: on xss and its technical merit Byron Sonne
Re: on xss and its technical merit Fredrick Diggle
Re: Fwd: Websense 6.3.1 Filtering Bypass Hubbard, Dan
Re: on xss and its technical merit Fredrick Diggle
Re: on xss and its technical merit Morning Wood
Re: Full-Disclosure Digest, Vol 34, Issue 31 Andrew A
Re: Microsoft FTP Client Multiple Bufferoverflow Vulnerability Morning Wood
Checkpoint security email Michael Neal Vasquez
Re: Microsoft FTP Client Multiple Bufferoverflow Vulnerability reepex
Re: Fwd: Websense 6.3.1 Filtering Bypass reepex
Re: on xss and its technical merit Fredrick Diggle
Small Design Bug in Postfix - REMOTE kcope
[ GLSA 200712-11 ] Portage: Information disclosure Pierre-Yves Rofes
[Professional IT Security Providers - Exposed] Cyberklix ( F+ ) secreview
Re: Small Design Bug in Postfix - REMOTE Fredrick Diggle
Re: Fwd: Websense 6.3.1 Filtering Bypass Dude VanWinkle
[ GLSA 200712-12 ] IRC Services: Denial of Service Pierre-Yves Rofes
Re: Small Design Bug in Postfix - REMOTE kcope
[ MDKSA-2007:245 ] - Updated wpa_supplicant package fixes remote denial of service security
Re: gimp sc, and evilness Christopher Abad
Re: Fwd: Websense 6.3.1 Filtering Bypass Hubbard, Dan
Re: Microsoft FTP Client Multiple Bufferoverflow Vulnerability Morning Wood
Re: on xss and its technical merit Fredrick Diggle
Re: Small Design Bug in Postfix - REMOTE Just1n T1mberlake
Sendmail/Postfix FORWARD Remote Exploit kcope
Re: Small Design Bug in Postfix - REMOTE Jim Popovitch
Re: Sendmail/Postfix FORWARD Remote Exploit Fredrick Diggle
Re: Sendmail/Postfix FORWARD Remote Exploit Fredrick Diggle
[ MDKSA-2007:246 ] - Updated Firefox packages fix multiple vulnerabilities security

Friday, 14 December

Re: Sendmail/Postfix FORWARD Remote Exploit Joey Mengele
[FDSA] Multiple Vulnerabilities in Fred Diggle Software Foundation Execve Exploit Fredrick Diggle
Re: [FDSA] Multiple Vulnerabilities in Fred Diggle Software Foundation Execve Exploit Tim
XSS in YouTube.com Michal Majchrowicz
[ISR] - Novell Groupwise client remote stack overflow silently patched. ISR-noreply
more gobbles .. Gobbles is back
Re: Small Design Bug in Postfix - REMOTE Adam N
Re: Small Design Bug in Postfix - REMOTE Epic
Re: Small Design Bug in Postfix - REMOTE Valdis . Kletnieks
[Professional IT Security Providers - Exposed] Denim Group ( A - ) secreview
Re: [Professional IT Security Providers - Exposed] Denim Group ( A - ) Peter Dawson
Re: [Professional IT Security Providers - Exposed] Denim Group ( A - ) SecReview
BackTrack 3 Beta Released Mati Aharoni
[FDSA] The Internet - Version 4 - Multiple Remotely Exploitable Critical Security Vulnerabilities Fredrick Diggle
BackTrack 3 Beta Released Mati Aharoni

Saturday, 15 December

Sendmail/Postfix Storybook kcope
Re: Sendmail/Postfix Storybook ad () heapoverflow com
Re: Sendmail/Postfix Storybook fabio
Re: Sendmail/Postfix Storybook reepex
Re: Small Design Bug in Postfix - REMOTE reepex
Re: [Professional IT Security Providers - Exposed] Cyberklix ( F+ ) reepex
Re: [Professional IT Security Providers - Exposed] Cyberklix ( F+ ) SecReview
Thomas Ptacek and Wikipedia Gobbles is back
Re: Thomas Ptacek and Wikipedia coderman
Re: Thomas Ptacek and Wikipedia coderman

Sunday, 16 December

[SECURITY] [DSA 1432-1] New link-grammar packages fix execution of code Steve Kemp
BackTrack3 beta gmaggro
Round up of messages by n3td3v for winter season 2007 worried security
[SECURITY] [DSA 1433-1] New centericq packages fix execution of code Steve Kemp
Re: XSS in YouTube.com pons.alt
Re: [Professional IT Security Providers - Exposed] Denim Group ( A - ) Paul Melson
[SECURITY] [DSA 1434-1] New mydns packages fix denial of service Thijs Kinkhorst

Monday, 17 December

Release uhooker v1.3 Hernan Ochoa
Re: XSS in YouTube.com Michal Majchrowicz
OSVDB 2.0 RELEASED jkouns
Heap overflow in PeerCast 0.1217 Luigi Auriemma
[Professional IT Security Providers - Exposed] Audit Serve, Inc. ( F- ) secreview
ZDI-07-077: Trend Micro ServerProtect StRpcSrv.dll Insecure Method Exposure Vulnerability zdi-disclosures
ZDI-07-078: St. Bernard Open File Manager Heap Overflow Vulnerability zdi-disclosures
ZDI-07-079: Hewlett-Packard HP-UX swagentd Buffer Overflow Vulnerability zdi-disclosures
Appian Enterprise Business Suite 5.6 SP1 is vulnerable to a guiness . stout
New TV show "Tiger Team": social engineering, wired/wireless hacking, physical break-in blackredyellow

Tuesday, 18 December

rPSA-2007-0266-1 tetex tetex-afm tetex-dvips tetex-fonts tetex-latex tetex-xdvi rPath Update Announcements
rPSA-2007-0268-1 kdebase rPath Update Announcements
Re: [Professional IT Security Providers - Exposed] Audit Serve, Inc. ( F- ) SilentRunner
Re: [Professional IT Security Providers - Exposed] Audit Serve, Inc. ( F- ) SecReview
iDefense Security Advisory 12.17.07: Apple Mac OS X mount_smbfs Stack Based Buffer Overflow Vulnerability iDefense Labs
iDefense Security Advisory 12.18.07: ClamAV libclamav MEW PE File Integer Overflow Vulnerability iDefense Labs
Re: [Professional IT Security Providers - Exposed] Audit Serve, Inc. ( F- ) Mike Vasquez
Request From People SecReview
Rosoft Media Player <= 4.1.7 .M3U Stack Overflow dev code
Re: New TV show "Tiger Team": social engineering, wired/wireless hacking, physical break-in blackredyellow
Re: iDefense Security Advisory 12.17.07: Apple Mac OS X mount_smbfs Stack Based Buffer Overflow Vulnerability reepex
[USN-556-1] Samba vulnerability Kees Cook
AST-2007-027 - Database matching order permits host-based authentication to be ignored Security Officer
Google Toolbar Dialog Spoofing Vulnerability avivra
[ GLSA 200712-13 ] E2fsprogs: Multiple buffer overflows Robert Buchholz
[ GLSA 200712-14 ] CUPS: Multiple vulnerabilities Robert Buchholz
[USN-557-1] GD library vulnerability Jamie Strandboge

Wednesday, 19 December

rPSA-2007-0269-1 kernel rPath Update Announcements
[USN-558-1] Linux kernel vulnerabilities Kees Cook
Cisco Security Advisory: Application Inspection Vulnerability in Cisco Firewall Services Module Cisco Systems Product Security Incident Response Team
[SECURITY] [DSA 1435-1] New clamav packages fix several vulnerabilities Moritz Muehlenhoff
Array overflow in id3lib (devel CVS) Luigi Auriemma
Cisco awarded stupidist title in infosec worried security
IT Security Consulting Market Size SecReview
TPTI-07-21: Adobe Flash Player JPG Processing Heap Overflow Vulnerability tsrt
For Christmas.. gmaggro
CVE-2007-6244: Adobe Flash Player ActiveX Control Universal Cross-Site Scripting Vulnerability Collin Jackson
Yahoo Toolbar YShortcut.dll IsTaggedBM() Buffer Overflow Elazar Broad
HP eSupportDiagnostics hpediags.dll Information Disclosure Elazar Broad
Windows XP SP3 - DCERPC Changes H D Moore
[Professional IT Security Providers - Exposed] Cybertrust ( C + ) secreview
Windows XP SP2 - SP3 Compatible Return Addresses H D Moore

Thursday, 20 December

Re: [Professional IT Security Providers - Exposed] Cybertrust ( C + ) guiness . stout
Re: [Professional IT Security Providers -Exposed] Cybertrust ( C + ) c0redump
Re: [Professional IT Security Providers -Exposed] Cybertrust ( C + ) Epic
Re: [Professional IT Security Providers -Exposed] Cybertrust ( C + ) Peter Dawson
Re: [Professional IT Security Providers -Exposed] Cybertrust ( C + ) Kurt Dillard
Re: [Professional IT Security Providers -Exposed] Cybertrust ( C + ) Mike Vasquez
Re: [Professional IT Security Providers-Exposed] Cybertrust ( C + ) c0redump
Re: [Professional IT Security Providers -Exposed] Cybertrust ( C + ) guiness . stout
Re: [Professional IT Security Providers - Exposed] Cybertrust ( C + ) trains
Re: [Professional IT Security Providers - Exposed] Cybertrust ( C + ) elazar
Re: [Professional IT Security Providers - Exposed] Cybertrust ( C + ) SecReview
Re: [Professional IT Security Providers -Exposed] Cybertrust ( C + ) SecReview
Re: [Professional IT Security Providers - Exposed] Cybertrust ( C + ) SecReview
Re: [Professional IT Security Providers -Exposed] Cybertrust ( C + ) SecReview
Re: For Christmas.. reepex
Re: [Professional IT Security Providers - Exposed] Cybertrust ( C + ) SecReview
Re: [Professional IT Security Providers - Exposed] Cybertrust ( C + ) don bailey
Re: [Professional IT Security Providers - Exposed] Cybertrust ( C + ) SecReview
Re: [Professional IT Security Providers - Exposed] Cybertrust ( C + ) Epic
Re: [Professional IT Security Providers - Exposed] Cybertrust ( C + ) elazar
Re: For Christmas.. Guasconi Vincent
Re: For Christmas.. Andrew A
Re: For Christmas.. Valdis . Kletnieks
Re: [Professional IT Security Providers - Exposed] Cybertrust ( C + ) reepex
IBM Domino Web Access Upload Control dwa7w.dll Memory Corruption Elazar Broad
[Professional IT Security Reviewers - Exposed] SecReview ( F - ) Sec Review Sucks
[SECURITY] [DSA 1436-1] New Linux 2.6.18 packages fix several vulnerabilities dann frazier
Re: [Professional IT Security Reviewers - Exposed] SecReview ( F - ) Mike Vasquez
Re: Design flaw in AS3 socket handling allows port probing fukami
Re: [Professional IT Security Providers - Exposed] Cybertrust ( C + ) don bailey
Re: [Professional IT Security Providers - Exposed] Cybertrust ( C + ) Fredrick Diggle
Re: [Professional IT Security Providers - Exposed] Cybertrust ( C + ) Dude VanWinkle
Re: [Professional IT Security Reviewers - Exposed] SecReview ( F - ) Kurt Dillard
Re: [Professional IT Security Reviewers - Exposed] SecReview ( F - ) SecReview
Re: [Professional IT Security Providers - Exposed] Cybertrust ( C + ) coderman
Re: [Professional IT Security Reviewers - Exposed] SecReview ( F - ) coderman
Re: [Professional IT Security Providers - Exposed] Cybertrust ( C + ) Fredrick Diggle
Re: For Christmas.. gmaggro
Security of online casinos Matteo G.
Re: Security of online casinos coderman
Re: here onion ring
here onion ring
Re: [Professional IT Security Providers - Exposed] Cybertrust ( C + ) elazar
Re: here Andrew Farmer
Watching You kcope
Watching You Well - - kcope
Re: For Christmas.. Matthew Hall
Re: [Professional IT Security Reviewers - Exposed] SecReview ( F - ) Sec Review Sucks
Re: [Professional IT Security Reviewers - Exposed] SecReview ( F - ) Sec Review Sucks
[USN-559-1] MySQL vulnerabilities Jamie Strandboge

Friday, 21 December

Fwd: Chat with Dude VanWinkle worried security
Re: [Professional IT Security Reviewers - Exposed] SecReview ( F - ) Paul Melson
Re: [Professional IT Security Providers - Exposed] Audit Serve, Inc. ( F- ) SilentRunner
Re: Fwd: Chat with Dude VanWinkle worried security
Re: Fwd: Chat with Dude VanWinkle php0t
Re: [Professional IT Security Reviewers - Exposed] SecReview ( A + ) SecReview
Re: For Christmas.. elazar
Re: [Professional IT Security Reviewers - Exposed] SecReview ( A + ) Nate McFeters
[Professional IT Security Reviewers - Exposed] SecReview ( A + ) damncon
Re: [Professional IT Security Reviewers - Exposed] SecReview ( A + ) Kurt Dillard
Re: Security of online casinos Kevin Pawloski
Re: Fwd: Chat with Dude VanWinkle worried security
Buffer-overflow in WinUAE 1.4.4 Luigi Auriemma
[CAID 35970]: CA Products That Embed Ingres Authentication Vulnerability Williams, James K
AOL Instant Messenger AIM 6.0 or 6.5 Beta or higher local zone XSS Michael Evanchik
Hikaru Ben
Re: Hikaru Ben
Re: Hikaru coderman
Re: Fwd: Chat with Dude VanWinkle Valdis . Kletnieks

Saturday, 22 December

trolls and procmail Re: [Professional IT Security Reviewers - Exposed] SecReview ( A + ) gwen hastings
hey irmplc reepex
Uber Lamer Ass of the Year. Vote! Secniche Bogus
Re: Fwd: Chat with Dude VanWinkle worried security

Sunday, 23 December

Re: Fwd: Chat with Dude VanWinkle coderman
Re: hey irmplc crazy frog crazy frog
(no subject) Eyüp Aydin
Re: Hikaru twiz
beyond security sucks at coding reepex
Re: Uber Lamer Ass of the Year. Vote! damncon

Monday, 24 December

Installshield Update Service isusweb.dll Buffer Overflow Elazar Broad
Unicode buffer-overflow in Zoom Player 6.00b2 Luigi Auriemma
Double directory traversal in ImgSvr 0.6.21 Luigi Auriemma
Buffer-overflow and format string in VideoLAN VLC 0.8.6d Luigi Auriemma
XSS @ DHL Static Rez
Webwasher SSL scanner coderman
Re: Webwasher SSL scanner coderman

Tuesday, 25 December

Ho Ho H0-Day - ZyXEL P-330W multiple XSS and XSRF vulnerabilities Santa Clause
Persits Software XUpload.ocx Buffer Overflow Elazar Broad
AOL YGP Picture Editor YGPPicEdit.dll Multiple Buffer Overflows Elazar Broad
Re: AOL YGP Picture Editor YGPPicEdit.dll Multiple Buffer Overflows reepex
Re: AOL YGP Picture Editor YGPPicEdit.dll Multiple Buffer Overflows Valdis . Kletnieks

Wednesday, 26 December

[SECURITY] [DSA 1437-1] New cupsys packages fix several vulnerabilities Moritz Muehlenhoff
Re: AOL YGP Picture Editor YGPPicEdit.dll Multiple Buffer Overflows Elazar Broad
Re: AOL YGP Picture Editor YGPPicEdit.dll Multiple Buffer Overflows Elazar Broad
Professional IT Security Service Providers Exposed -- Revised Grades SecReview
Re: New TV show "Tiger Team": social engineering, wired/wireless hacking, physical break-in blackredyellow

Thursday, 27 December

usb shorting to ground Todd Troxell
XSS with UTF-7 in Google HASEGAWA Yosuke
Re: New TV show "Tiger Team": social engineering, wired/wireless hacking, physical break-in Jay
Re: New TV show "Tiger Team": social engineering, wired/wireless hacking, physical break-in James Matthews
rIP BETA - reverse IP tool disfigure
Re: AOL YGP Picture Editor YGPPicEdit.dll Multiple Buffer Overflows Elazar Broad
Buffer-overflow in Extended Module Player 2.5.1 Luigi Auriemma
Multiple vulnerabilities in Feng 0.1.15 Luigi Auriemma
Multiple vulnerabilities in libnemesi 0.6.4-rc1 Luigi Auriemma
Re: AOL YGP Picture Editor YGPPicEdit.dll Multiple Buffer Overflows Valdis . Kletnieks
Re: AOL YGP Picture Editor YGPPicEdit.dll Multiple Buffer Overflows reepex
Re: Ho Ho H0-Day - ZyXEL P-330W multiple XSS and XSRF vulnerabilities Santa Clause
OpenBiblio 0.5.2-pre4 and prior multiple vulnerabilities Juan Galiana
FAQMasterFlexPlus multiple vulnerabilities Juan Galiana

Friday, 28 December

Hellsing Ben
Troy Riser Clifton Bennett
Re: Troy Riser Mo.Ron Hubbard
HP Photosmart vulnerabilities uncleron
Re: HP Photosmart vulnerabilities Joshua Levitsky
[SECURITY] [DSA 1440-1] New inotify-tools packages fix arbitrary code execution Moritz Muehlenhoff
Re: HP Photosmart vulnerabilities Mo.Ron Hubbard
Re: HP Photosmart vulnerabilities uncleron
Re: HP Photosmart vulnerabilities Joshua Levitsky
Re: HP Photosmart vulnerabilities 3APA3A
Buffer-overflow in CoolPlayer 217 Luigi Auriemma
THE BIG ONE Andrew A
Re: THE BIG ONE Micheal Espinola Jr
Persits Software XUpload Control Buffer Overflow Exploit elazar
Re: THE BIG ONE Mo.Ron Hubbard
Persits Software XUpload Control AddFolder() Buffer Overflow Exploit Elazar Broad
[SECURITY] [DSA 1405-3] New zope-cmfplone packages fix regression Thijs Kinkhorst
[SECURITY] [DSA 1439-1] New typo3-src packages fix SQL injection Thijs Kinkhorst
[SECURITY] [DSA 1438-1] New tar packages fix several vulnerabilities Florian Weimer
[SECURITY] [DSA 1441-1] New peercast packages fix arbitrary code execution Thijs Kinkhorst
NoseRub Login SQL Injection Vulnerability Narf Dude
iFriends free video chat exploit Ifriends Exploit
Re: iFriends free video chat exploit Valdis . Kletnieks
Re: iFriends free video chat exploit damncon
Re: iFriends free video chat exploit worried security
Re: iFriends free video chat exploit damncon
[SECURITY] [DSA 1442-2] New libsndfile packages fix arbitrary code execution Moritz Muehlenhoff
Re: iFriends free video chat exploit reepex
Fwd: beyond security sucks at coding reepex

Saturday, 29 December

Re: New TV show "Tiger Team": social engineering, wired/wireless hacking, physical break-in crazy frog crazy frog
[ GLSA 200712-15 ] libexif: Multiple vulnerabilities Pierre-Yves Rofes
[ GLSA 200712-16 ] Exiv2: Integer overflow Pierre-Yves Rofes
[ GLSA 200712-17 ] exiftags: Multiple vulnerabilities Pierre-Yves Rofes
[ GLSA 200712-18 ] Multi-Threaded DAAP Daemon: Multiple vulnerabilities Robert Buchholz
[ GLSA 200712-19 ] Syslog-ng: Denial of Service Robert Buchholz
[ GLSA 200712-20 ] ClamAV: Multiple vulnerabilities Robert Buchholz
[ GLSA 200712-21 ] Mozilla Firefox, SeaMonkey: Multiple vulnerabilities Robert Buchholz
Re: iFriends free video chat exploit damncon

Sunday, 30 December

TK53 Advisory #2: Multiple vulnerabilities in ClamAV Lolek of TK53
[ GLSA 200712-22 ] Opera: Multiple vulnerabilities Pierre-Yves Rofes
DIMVA 2008 - Call For Papers Tadek Pietraszek
TK53 Advisory #2: Multiple vulnerabilities in ClamAV Lolek of TK53
TK53 Advisory #2: Multiple vulnerabilities in ClamAV Lolek of TK53
[ GLSA 200712-23 ] Wireshark: Multiple vulnerabilities Robert Buchholz
[ GLSA 200712-24 ] AMD64 x86 emulation GTK+ library: User-assisted execution of arbitrary code Robert Buchholz
[ GLSA 200712-25 ] OpenOffice.org: User-assisted arbitrary code execution Pierre-Yves Rofes
IBM Domino Web Access inotes6.dll SEH Overwrite Exploit elazar
Re: usb shorting to ground Dave "No, not that one" Korn
Installshield isusweb.dll Buffer Overflow Exploit elazar
IBM Domino Web Access Upload Module dwa7w.dll SEH Overwrite Exploit elazar

Monday, 31 December

Blog Entry of Interest Ben
IBM Domino Web Access Upload Module inotes6w.dll SEH Overwrite Exploit elazar
Re: IBM Domino Web Access Upload Module inotes6w.dll SEH Overwrite Exploit reepex
Re: Blog Entry of Interest James Matthews
[Professional IT Security Providers - Exposed] QuietMove ( D - ) secreview
Re: [Professional IT Security Providers - Exposed] QuietMove ( D - ) Bob Bruen
Re: [Professional IT Security Providers - Exposed]QuietMove ( D - ) Randal T. Rioux
Hal Turner exposé no. 2 (courtesy of GAPP & goudatr0n) Roll Offle

Previous period

Next period