SOLDIERX.COM Nobody Can Stop Information Insemination

JBoss Cache 'NonManagedConnectionFactory.java' Local Information Disclosure Vulnerability

Pligg CMS 'status' Parameter SQL Injection Vulnerability

PHP CVE-2012-0057 Security Bypass Vulnerability

[ MDVSA-2012:013 ] mozilla

ESA-2012-010: EMC Documentum xPlore information disclosure vulnerability

RFC 6528 on Defending against Sequence Number Attacks

[SECURITY] [DSA 2403-1] php5 security update

News, Infocus, Columns, Vulnerabilities, Bugtraq ...

Posted by Georgi Guninski on Feb 04

Just a quote:
<quote>
In Germany they first came for the Communists,
and I didn't speak up because I wasn't a Communist.
Then they came for the Jews,
and I didn't speak up because I wasn't a Jew.
Then they came for the trade unionists,
and I didn't speak up because I wasn't a trade unionist.
Then they came for the Catholics,
and I didn't speak up because I was a Protestant.
Then they came for me -
and by...

Posted by Luk Claes on Feb 04

-------------------------------------------------------------------------
Debian Security Advisory DSA-2384-2 security () debian org
http://www.debian.org/security/
February 04, 2012 http://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : cacti
Vulnerability : several
Problem type : remote...

Posted by doc mombasa on Feb 04

aah doom has aspergers.. that explains a lot :)

Den 3. feb. 2012 22.10 skrev doomxd () gmail com <doomxd () gmail com>:

Posted by doc mombasa on Feb 04

we fear your irc chan :(

Den 3. feb. 2012 22.06 skrev doomxd () gmail com <doomxd () gmail com>:

Posted by security on Feb 03

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2012:013
http://www.mandriva.com/security/
_______________________________________________________________________

Package : mozilla
Date : February 3, 2012
Affected: 2010.1, 2011., Enterprise Server 5.0
_______________________________________________________________________

Problem Description:...

[SECURITY] [DSA 2402-1] iceape security update

Posted by doomxd () gmail com on Feb 03

Your the idiot here.. Boone,will give u guys crap ya cuntzzz and I hope yur havin great time tryin to figure out how
badly this list got owned,off yad do,forcing ppl to sho 0days,yet some ppl,nomatter how big yu may think,are anon,and
that's simple,yu fd a good bug,well it gets patched,yur ass gets kicks from any groups ya in,and remembr ,yur bases are
mine,and intercepting yu will be fun,been funny stall the latest bigs,sudo,etc,all...

Posted by doomxd () gmail com on Feb 03

Arserspeage.haha.
Fku lamer.

----- Reply message -----
From: "Zach C." <fxchip () gmail com>
To: <james () zero-internet org uk>
Cc: "funsec" <funsec () linuxbox org>, "RandallM" <randallm () fidmail com>, <full-disclosure () lists grok org uk>,
<full-disclosure-bounces () lists grok org uk>
Subject: [Full-disclosure] can you answer this?
Date: Fri, Feb 3, 2012 8:04 pm
The...

Posted by Full Disclosure mailing list on Feb 03

I've seen this sort of thing before, from misconfigured VPNs.

Do you have someone using "Tunngle" on your network?

It's a VPN product (as far as I understand it, primarily for gaming),
and it appears to (mis)use the 7.xxx.xxx.xxx IP address space. See this
for a report of similar packet sightings:

http://www.tunngle.net/community/topic/18311-bsod/

My guess is that one of your users has set up this VPN in order to...

Posted by Fabian Wenk on Feb 03

Hello

Was there some notebook (or other device), which came out of this
IP range (could also be from somewhere else where internally this
IP range is misused), into your local network?

This is a DHCP request from the client (from port 68) to the dhcp
server or broadcast address (to port 67). Sometimes a dhcp
client, which has just been (re-)connected to the network, tries
to check if the last assigned IP address is still valid. As the...

Posted by security on Feb 03

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2012:013
http://www.mandriva.com/security/
_______________________________________________________________________

Package : mozilla
Date : February 3, 2012
Affected: 2010.1, 2011., Enterprise Server 5.0
_______________________________________________________________________

Problem Description:...

Posted by Security_Alert on Feb 03

ESA-2012-010: EMC Documentum xPlore information disclosure vulnerability.

EMC Identifier: ESA-2012-010
EMC Identifier: SRCH-7949

CVE Identifier: CVE-2012-0396

Severity Rating: CVSS v2 Base Score: 4.0 (AV:N/AC:L/Au:S/C:P/I:N/A:N)

Affected products:
EMC SW: EMC Documentum xPlore 1.0 (all patch versions)
EMC SW: EMC Documentum xPlore 1.1 (all patch versions prior to 1.1 P07)
EMC SW: EMC Documentum xPlore 1.2 (all patch versions)...