| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 26 Apr 2012 11:38:47 +0000
From: "Gabriel S. Craciun" <gcraciun@...nsfond.ro>
To: "full-disclosure@...ts.grok.org.uk" <full-disclosure@...ts.grok.org.uk>
Subject: Re: Full-Disclosure Digest, Vol 86, Issue 34
Poti sa inchizi. Task-ul. Este Ok.
-----Original Message-----
From: full-disclosure-bounces@...ts.grok.org.uk [mailto:full-disclosure-bounces@...ts.grok.org.uk] On Behalf Of full-disclosure-request@...ts.grok.org.uk
Sent: Thursday, April 26, 2012 10:20 AM
To: full-disclosure@...ts.grok.org.uk
Subject: Full-Disclosure Digest, Vol 86, Issue 34
Send Full-Disclosure mailing list submissions to
full-disclosure@...ts.grok.org.uk
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.grok.org.uk/mailman/listinfo/full-disclosure
or, via email, send a message with subject or body 'help' to
full-disclosure-request@...ts.grok.org.uk
You can reach the person managing the list at
full-disclosure-owner@...ts.grok.org.uk
When replying, please edit your Subject line so it is more specific
than "Re: Contents of Full-Disclosure digest..."
Note to digest recipients - when replying to digest posts, please trim your post appropriately. Thank you.
Today's Topics:
1. MoroccoTel Box Default Open Telnet Password (Jerome Athias)
2. Re: Vulnerability in Gentoo hardened (Georgi Guninski)
3. [SECURITY] [DSA 2460-1] asterisk security update
(Moritz Muehlenhoff)
4. Re: Hacking WolframAlpha (Lincoln Anderson)
5. XSS, CSRF and AFU vulnerabilities in Organizer for WordPress
(MustLive)
6. (no subject) (Ramon Driessen)
7. Re: (no subject) (coderman)
8. [Security-news] SA-CONTRIB-2012-062 - Creative Commons -
Cross Site Scripting (XSS) (security-news@...pal.org)
9. [Security-news] SA-CONTRIB-2012-063 - RealName - Cross Site
Scripting (XSS) (security-news@...pal.org)
10. [Security-news] SA-CONTRIB-2012-064 - Ubercart - Multiple
vulnerabilities (security-news@...pal.org)
11. Re: [Security-news] SA-CONTRIB-2012-063 - RealName - Cross
Site Scripting (XSS) (security-news@...pal.org)
12. [Security-news] SA-CONTRIB-2012-065 - Sitedoc - Information
disclosure (security-news@...pal.org)
13. FW: (no subject) (imipak)
14. [Security-news] SA-CONTRIB-2012-066 - Spaces and Spaces OG -
Access Bypass (security-news@...pal.org)
15. [Security-news] SA-CONTRIB-2012-067 - Linkit - Access bypass
(security-news@...pal.org)
16. Re: FW: (no subject) (Michael Wood)
17. [SECURITY] [DSA 2459-1] quagga security update (Florian Weimer)
18. Oracle TNS Poison vulnerability is actually a 0day with no
patch available (Joxean Koret)
----------------------------------------------------------------------
Message: 1
Date: Wed, 25 Apr 2012 13:15:53 +0000
From: Jerome Athias <jerome@...peas.com>
Subject: [Full-disclosure] MoroccoTel Box Default Open Telnet Password
To: full-disclosure@...ts.grok.org.uk
Message-ID: <4F97F909.7090701@...peas.com>
Content-Type: text/plain; charset="iso-8859-1"
Hi,
a "vulnerability" was identified on MoroccoTel Boxes:
a telnet server is running, open to the web, with a default password of
admin (or 123456)
This critical vulnerability can affect the entire network of a Country.
Solution: change the default password account or modify the default firmware
NB: a new firmware was released, introducing a cipher on the "PPOE
password" (one common, publicly available PPOE account is largely used)
Discovered by NETpeas research team, NETpeas CERT is trying to contact
the ISP
More details:
Password:
telnettry
41.141.*.* -> Response telnet02: ****
Copyright (c) 2001 - 2006 Huawei
MT882a>
***********************************************************
41.141.*.* -> TELNET PASSWORD FOUND: admin
MT882a> show all
RAS version: V100R001B022 MoroccoTel 2010/02/26
System ID: $5.0.152.1(RUE0.C2)3.11.2.151 20110602_V001 [Jun 02 2011
13:54:48]
romRasSize: 1217226
system up time: 2:45:45 (f2cc9 ticks)
bootbase version: VTC_SPI1.5| 2011/05/26
Hostname = MT882a
Message = <empty>
ip route mode = Yes
bridge mode = Yes
DHCP setting:
DHCP Mode = Server
Client IP Pool Starting Address = 192.168.1.2
Size of Client IP Pool = 64
Primary DNS Server = 8.8.8.8
Secondary DNS Server = 8.8.4.4
DHCP server leasetime = 86400
TCP/IP Setup:
IP Address = 192.168.1.1
IP Subnet Mask = 255.255.255.0
Rip Direction = None
Version = Rip-1
Multicast = IGMP-v2
RemoteNode = 0
Rem Node Name = ISP-0(ISP)
Encapsulation = PPPoE
Multiplexing = LLC-based
Channel active = Yes
VPI/VCI value = 8/35
IP Routing mode= Yes
Bridge mode = No
PPP Username = <snip>
PPP Password
41.141.*.* -> = *******
PPP Username_ext2 =
PPP Password_ext2 =
Service name =
Remote IP Addr = 0.0.0.0
Remote IP Subnet Mask = 0.0.0.0
IP address assignment type = Dynamic
SUA = Yes
Multicast = None
Default Route node = Yes
RemoteNode = 1
Rem Node Name = ISP-1
Encapsulation = RFC 1483
Multiplexing = LLC-based
Channel
41.141.1.9 -> Port 80 open
41.141.*.* -> active = Yes
VPI/VCI value = 0/35
IP Routing mode= No
Bridge mode = Yes
Remote IP Addr = 0.0.0.0
Remote IP Subnet Mask = 0.0.0.0
41.141.*.* -> IP address assignment type = Dynamic
41.141.*.* -> SUA = No
Multicast = None
Default Route node = No
RemoteNode = 2
Rem Node Name = ISP-2
Encapsulation = RFC 1483
Multiplexing = LLC-based
Channel active = Yes
VPI/VCI value = 0/32
IP Routing mode= No
Bridge mode = Yes
Remote IP Addr = 0.0.0.0
Remote IP Subnet Mask = 0.0.0.0
IP address assignment type = Dynamic
SUA = No
Multicast = None
Default Route node = No
RemoteNode = 3
Rem Node Name = ISP-3
Encapsulation = RFC 1483
Multiplexing = LLC-based
Channel active = Yes
VPI/VCI value = 8/32
IP Routing mode= No
Bridge mode = Yes
Remote IP Addr = 0.0.0.0
Remote IP Subnet Mask = 0.0.0.0
IP address assignment type = Dynamic
SUA = No
Multicast = None
Default Route node = No
RemoteNode = 4
Rem Node Name = ISP-4
Encapsulation = RFC 1483
Multiplexing = LLC-based
Channel active = Yes
VPI/VCI value = 8/81
IP Routing mode= No
Bridge mode = Yes
Remote IP
41.141.*.* -> Addr = 0.0.0.0
Remote IP Subnet Mask = 0.0.0.0
IP address assignment type = Dynamic
SUA = No
Multicast = None
Default Route node = No
RemoteNode = 5
Rem Node Name = ISP-5
Encapsulation = RFC 1483
Multiplexing = LLC-based
Channel active = Yes
VPI/VCI value = 0/100
IP Routing mode= No
Bridge mode = Yes
Remote IP A
41.141.*.* -> ddr = 0.0.0.0
Remote IP Subnet Mask = 0.0.0.0
IP address assignment type = Dynamic
SUA = No
sMulticast = None
41.141.*.* -> yDefault Route node = No
s
RemoteNode = 6
aRem Node Name = ISP-6t
sEncapsulation = hRFC 1483
Multiplexing = LLC-based
Channel active = Yes
VPI/VCI value = 1/39
IP Routing mode= No
Bridge mode = Yes
Remote IP Addr = 0.0.0.0
Remote IP Subnet Mask = 0.0.0.0
IP address assignment type = Dynamic
SUA = No
Multicast = None
Default Route node = No
RemoteNode = 7
Rem Node Name = ISP-7
Encapsulation = RFC 1483
Multiplexing = LLC-based
Channel active = Yes
VPI/VCI value = 0/16
IP Routing mode= No
Bridge mode = Yes
Remote IP Addr = 0.0.0.0
Remote IP Subnet Mask = 0.0.0.0
IP address assignment type = Dynamic
SUA = No
Multicast = None
Default Route node = No
MT882a>
RAS version : V100R001B022 MoroccoTel
romRasSize : 1217226
bootbase version : VTC_SPI1.5| 2011/05/26
Product Model : SmartAX
MAC Address : <snip-inclear>
Default Count
41.141.*.* -> ry Code : FF
Boot Module Debug Flag : 00
RomFile Version : 9F
RomFile Checksum : dceb
RAS F/W Checksum : 87b7
SNMP MIB level & OID : 050000000100000002000000030000000400000005
Main Feature Bits : 86
Other Feature Bits :
93 17 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 13 00 00 00
MT882a>
41.141.*.* -> e
41.141.*.* -> ther config
--------------- NDIS CONFIGURATION BLOCK ----------------
type=1 flags=0001
Board/Chassis:1 Lines/Board:1 Channels/Lines:2 Total Channel:2
task-id=8041f1f4 event-q=80458c2c(19) data-q=80458c70(1a) func-id=2
board-cfg=8042c8a4 line-cfg=8042c8bc chann-cfg=8042c8d0
board-pp (8042c8f0)
804273fc
line-pp (8042c8f4)
8042956c
chann-pp (8042c8f8)
804bf8a4 804bfe34
--------------- BOARD DISPLAY ---------------------------
ID slot# n-line n-chann status line-cfg chann-cfg
00 0 1 2 0001 8042c8bc 8042c8d0
--------------- LINE DISPLAY ---------------------------
ID line# board-id n-chann chann-cfg
00 1 00 2 8042c8d0
--------------- CHANNEL DISPLAY -------------------------
ID chan# line-id board-id address name
00 1 00 00 804bf8a4 enet0
01 2 00 00 804bfe34 enet1
MT882a>
--
Jerome Athias - NETpeas
VP, Director of Software Engineer
Palo Alto - Paris - Casablanca
Mobile: +212665346454
www.netpeas.com
---------------------------------------------
Stay updated on Security: www.vulnerabilitydatabase.com
"The computer security is an art form. It's the ultimate martial art."
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4899 bytes
Desc: Signature cryptographique S/MIME
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20120425/2fb2cc07/attachment-0001.bin
------------------------------
Message: 2
Date: Wed, 25 Apr 2012 16:48:49 +0300
From: Georgi Guninski <guninski@...inski.com>
Subject: Re: [Full-disclosure] Vulnerability in Gentoo hardened
To: Laurelai <laurelai@...echan.org>
Cc: full-disclosure@...ts.grok.org.uk
Message-ID: <20120425134849.GC6357@...okote.iziade.m$>
Content-Type: text/plain; charset=us-ascii
On Wed, Apr 25, 2012 at 04:26:57AM -0500, Laurelai wrote:
> On 4/25/12 3:56 AM, Georgi Guninski wrote:
> > On Tue, Apr 24, 2012 at 12:15:26PM -0400, Valdis.Kletnieks@...edu wrote:
> >> On Tue, 24 Apr 2012 17:36:55 +0200, Milan Berger said:
> >>> if you read his "advisories" and "0-days" you know: It's not a joke...
> >> I always thought it was misunderstood performance art...
> >
> >
> > this one appears to be true:
> > http://seclists.org/fulldisclosure/2011/Jul/312
> > Full disclosure is arrest of Sabu
> > (check the date)
> >
> Nope, im still here :p
>
ok, sorry.
i mean the Sabu part of the email.
------------------------------
Message: 3
Date: Wed, 25 Apr 2012 18:06:40 +0200
From: Moritz Muehlenhoff <jmm@...ian.org>
Subject: [Full-disclosure] [SECURITY] [DSA 2460-1] asterisk security
update
To: debian-security-announce@...ts.debian.org
Message-ID: <20120425160640.GA6420@...co.westfalen.local>
Content-Type: text/plain; charset=us-ascii
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- -------------------------------------------------------------------------
Debian Security Advisory DSA-2460-1 security@...ian.org
http://www.debian.org/security/ Moritz Muehlenhoff
April 25, 2012 http://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : asterisk
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE ID : CVE-2012-1183 CVE-2012-2414 CVE-2012-2415
Several vulnerabilities were discovered in the Asterisk PBX and telephony
toolkit:
CVE-2012-1183
Russell Bryant discovered a buffer overflow in the Milliwatt
application.
CVE-2012-2414
David Woolley discovered a privilege escalation in the Asterisk
manager interface.
CVE-2012-2415
Russell Bryant discovered a buffer overflow in the Skinny driver.
For the stable distribution (squeeze), this problem has been fixed in
version 1:1.6.2.9-2+squeeze5.
For the unstable distribution (sid), this problem will be fixed soon.
We recommend that you upgrade your asterisk packages.
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/
Mailing list: debian-security-announce@...ts.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iEYEARECAAYFAk+YIOUACgkQXm3vHE4uylpTYQCeIlkGimI8WtcdKK6oYD09ckfm
dDUAnjksH+0jJLCG7ioSnb81645CJe5c
=0126
-----END PGP SIGNATURE-----
------------------------------
Message: 4
Date: Wed, 25 Apr 2012 11:19:52 -0500
From: Lincoln Anderson <ayblinkin@...il.com>
Subject: Re: [Full-disclosure] Hacking WolframAlpha
To: full-disclosure@...ts.grok.org.uk
Message-ID:
<CAAAE9WU0xNvg4OvgGyPP0dz2WTEz-29aR7g8JpYJypXwhjcpjQ@...l.gmail.com>
Content-Type: text/plain; charset="iso-8859-1"
This is rather low-hanging fruit. But I suppose someone has to disclose
the low hanging fruit.
Aside from abusing WolframAlpha's API, I'm not sure I see that this is that
huge an accomplishment. I do find it somewhat silly that unobfuscated
appid's are passed to the API over an unsecured connection, but meh. My
access to the API getting cut would be an annoyance, and I would certainly
be non-plussed about that if I were one of the poor souls who paid for a
bigger better faster stronger query plan, but still, meh. Maybe I'm
missing out on the gravity of this by not using the WolframAlpha API.
Of course, I'm assuming the real point here *is* that the appid is passed
unobfuscated and unsecured, and *not* that I can go trawling for appid's on
Google. The former is somewhat interesting to the niche of WolframAlpha
API users. The latter is rather old news under the heading "I can find a
disturbing amount of private information using a properly formatted Google
query". Patching that vulnerability will only be accomplished
through reeducation and strategic employment modifications.
On Tue, Apr 24, 2012 at 2:50 PM, Adam Behnke <adam@...osecinstitute.com>wrote:
> Sharing source code with peers is one thing; sharing secrets over a public
> medium is another. The all-seeing eye of Google has no mercy, and once the
> secret has been seen, indexed, and copied to clone sites, it is no longer a
> secret. Now combine the search power of Google with the computational power
> of WolframAlpha and the results are limitless! It's raining data from these
> saturated clouds, and you just need to hold out your hands for a taste:
> http://resources.infosecinstitute.com/hacking-wolframalpha/
>
>
>
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20120425/de94f167/attachment-0001.html
------------------------------
Message: 5
Date: Wed, 25 Apr 2012 20:51:24 +0300
From: "MustLive" <mustlive@...security.com.ua>
Subject: [Full-disclosure] XSS, CSRF and AFU vulnerabilities in
Organizer for WordPress
To: <submissions@...ketstormsecurity.org>,
<full-disclosure@...ts.grok.org.uk>
Message-ID: <009201cd230c$2d1eb7e0$0100a8c0@ml>
Content-Type: text/plain; format=flowed; charset="windows-1251";
reply-type=original
Hello list!
I want to warn you about multiple security vulnerabilities in plugin
Organizer for WordPress. This is the second in series of advisories
concerning vulnerabilities in this plugin.
These are Cross-Site Scripting (reflected and persistent), Cross-Site
Request Forgery and Arbitrary File Upload (Code Execution) vulnerabilities.
-------------------------
Affected products:
-------------------------
Vulnerable are Organizer 1.2.1 and previous versions.
As answered me the developer of the plugin, he doesn't support it anymore
and will not be fixing any vulnerabilities in it.
----------
Details:
----------
XSS (WASC-08):
http://site/wp-admin/admin.php?page=organizer/page/users.php&edit_id=%3Cscript%3Ealert(document.cookie)%3C/script%3E
XSS (Persistent) (WASC-08):
Exploit:
http://websecurity.com.ua/uploads/2012/Organizer%20XSS-2.html
Code will execute at the page users.php of the plugin.
CSRF (WASC-09):
Via attack on function Add/Edit User Setting (which combined into the same
POST request) it's possible to add and edit settings.
POST request at page
http://site/wp-admin/admin.php?page=organizer/page/users.php. Similarly to
above exploit for XSS.
Via attack on function Delete User Setting it's possible to delete settings.
http://site/wp-admin/admin.php?page=organizer/page/users.php&delete_id=admin
Arbitrary File Upload (Code Execution) (WASC-31):
It's possible to upload arbitrary files with code execution (php files).
Because in field "File extensions allowed" it's possible to set extensions
of scripts, such as "php".
This will allow to upload to the server and execute arbitrary scripts.
Besides attacking admin via above-mentioned CSRF vulnerability for changing
of the settings (or getting access to admin account for this), the
Insufficient Authorization vulnerability (described in the third advisory)
also can be used for this (in the presence of account even with lowest
rights as Subscriber).
------------
Timeline:
------------
2012.04.15 - informed the developer about previous vulnerabilities.
2012.04.16 - announced at my site (http://websecurity.com.ua/5786/).
2012.04.17 - the developer answered, that he didn't support the plugin
anymore.
2012.04.17 - additionally informed the developer about new vulnerabilities.
2012.04.24 - disclosed at my site.
Best wishes & regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
------------------------------
Message: 6
Date: Wed, 25 Apr 2012 20:53:05 +0200
From: Ramon Driessen <ramon.driessen@...il.com>
Subject: [Full-disclosure] (no subject)
To: full-disclosure@...ts.grok.org.uk
Message-ID:
<CAPq4OLerHm2PtTBKya8JMceYs-bTS59Fb0cUZ0E25RNSANxmPA@...l.gmail.com>
Content-Type: text/plain; charset="iso-8859-1"
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20120425/9afdf35c/attachment-0001.html
------------------------------
Message: 7
Date: Wed, 25 Apr 2012 12:22:20 -0700
From: coderman <coderman@...il.com>
Subject: Re: [Full-disclosure] (no subject)
To: Ramon Driessen <ramon.driessen@...il.com>
Cc: full-disclosure@...ts.grok.org.uk
Message-ID:
<CAJVRA1QWTZeU35AzFst8ptxiDN4CCAS4fmCfFCgS4mz-jQwAfw@...l.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1
------------------------------
Message: 8
Date: Wed, 25 Apr 2012 19:44:43 +0000 (UTC)
From: security-news@...pal.org
Subject: [Full-disclosure] [Security-news] SA-CONTRIB-2012-062 -
Creative Commons - Cross Site Scripting (XSS)
To: security-news@...pal.org
Message-ID: <20120425194443.09C5C108051@...2.drupal.org>
Content-Type: text/plain; charset="us-ascii"
View online: http://drupal.org/node/1547520
* Advisory ID: DRUPAL-SA-CONTRIB-2012-062
* Project: Creative Commons [1] (third-party module)
* Version: 6.x
* Date: 2012-April-25
* Security risk: Moderately critical [2]
* Exploitable from: Remote
* Vulnerability: Cross Site Scripting
-------- DESCRIPTION
---------------------------------------------------------
The Creative Commons module allows users to select and assign a Creative
Commons license to a node and any attached content, or to the entire site.
The module did not sufficiently filter the text describing licenses. This
vulnerability is mitigated by the fact that an attacker must have a role with
the permission "administer creative commons".
-------- VERSIONS AFFECTED
---------------------------------------------------
* Creative Commons 6.x-1.x versions prior to 6.x-1.1. [3]
Drupal core is not affected. If you do not use the contributed Creative
Commons [4] module, there is nothing you need to do.
-------- SOLUTION
------------------------------------------------------------
Install the latest version:
* If you use the Creative Commons module for Drupal 6.x, upgrade to Creative
Commons 6.x-1.1 [5]
Also see the Creative Commons [6] project page.
-------- REPORTED BY
---------------------------------------------------------
* Justin Klein-Keane [7]
-------- FIXED BY
------------------------------------------------------------
* Kevin Reynen [8] the module maintainer
-------- COORDINATED BY
------------------------------------------------------
* Greg Knaddison [9] of the Drupal Security Team
* Michael Hess [10] of the Drupal Security Team
-------- CONTACT AND MORE INFORMATION
----------------------------------------
The Drupal security team can be reached at security at drupal.org or via the
contact form at http://drupal.org/contact [11].
Learn more about the Drupal Security team and their policies [12], writing
secure code for Drupal [13], and securing your site [14].
[1] http://drupal.org/project/creativecommons
[2] http://drupal.org/security-team/risk-levels
[3] http://drupal.org/node/1547478
[4] http://drupal.org/project/creativecommons
[5] http://drupal.org/node/1547478
[6] http://drupal.org/project/creativecommons
[7] http://drupal.org/user/302225
[8] http://drupal.org/user/48877
[9] http://drupal.org/user/36762
[10] http://drupal.org/user/102818
[11] http://drupal.org/contact
[12] http://drupal.org/security-team
[13] http://drupal.org/writing-secure-code
[14] http://drupal.org/security/secure-configuration
_______________________________________________
Security-news mailing list
Security-news@...pal.org
http://lists.drupal.org/mailman/listinfo/security-news
------------------------------
Message: 9
Date: Wed, 25 Apr 2012 19:49:57 +0000 (UTC)
From: security-news@...pal.org
Subject: [Full-disclosure] [Security-news] SA-CONTRIB-2012-063 -
RealName - Cross Site Scripting (XSS)
To: security-news@...pal.org
Message-ID: <20120425194957.281CE108051@...2.drupal.org>
Content-Type: text/plain; charset="us-ascii"
View online: http://drupal.org/node/1547660
* Advisory ID: DRUPAL-SA-CONTRIB-2012-063
* Project: RealName [1] (third-party module)
* Version: 6.x
* Date: 2012-April-25
* Security risk: Moderately critical [2]
* Exploitable from: Remote
* Vulnerability: Cross Site Scripting
-------- DESCRIPTION
---------------------------------------------------------
This module allows you to set a pattern for constructing "Real names" for
users out of profile fields. The module does not sufficiently escape users'
real names under certain circumstances which could lead to a Cross-Site
Scripting (XSS) [3] attack.
-------- VERSIONS AFFECTED
---------------------------------------------------
* RealName 6.x-1.x versions prior to 6.x-1.5 [4].
* RealName 7.x-1.x versions are not vulnerable.
Drupal core is not affected. If you do not use the contributed RealName [5]
module, there is nothing you need to do.
-------- SOLUTION
------------------------------------------------------------
Install the latest version:
* If you use the RealName module for Drupal 6.x, upgrade to RealName 6.x-1.5
[6].
Also see the RealName [7] project page.
-------- REPORTED BY
---------------------------------------------------------
* Gabor Szanto [8]
* Dave Reid [9], module maintainer and Drupal Security Team member
-------- FIXED BY
------------------------------------------------------------
* Gabor Szanto [10]
* Dave Reid [11], module maintainer and Drupal Security Team member
-------- COORDINATED BY
------------------------------------------------------
* Dave Reid [12] of the Drupal Security Team
* Michael Hess [13] of the Drupal Security Team
-------- CONTACT AND MORE INFORMATION
----------------------------------------
The Drupal security team can be reached at security at drupal.org or via the
contact form at http://drupal.org/contact [14].
Learn more about the Drupal Security team and their policies [15], writing
secure code for Drupal [16], and securing your site [17].
[1] http://drupal.org/project/realname
[2] http://drupal.org/security-team/risk-levels
[3] http://en.wikipedia.org/wiki/Cross-site_scripting
[4] http://drupal.org/node/1547352
[5] http://drupal.org/project/realname
[6] http://drupal.org/node/1547352
[7] http://drupal.org/project/realname
[8] http://drupal.org/user/610310
[9] http://drupal.org/user/53892
[10] http://drupal.org/user/610310
[11] http://drupal.org/user/53892
[12] http://drupal.org/user/53892
[13] http://drupal.org/user/102818
[14] http://drupal.org/contact
[15] http://drupal.org/security-team
[16] http://drupal.org/writing-secure-code
[17] http://drupal.org/security/secure-configuration
_______________________________________________
Security-news mailing list
Security-news@...pal.org
http://lists.drupal.org/mailman/listinfo/security-news
------------------------------
Message: 10
Date: Wed, 25 Apr 2012 19:51:15 +0000 (UTC)
From: security-news@...pal.org
Subject: [Full-disclosure] [Security-news] SA-CONTRIB-2012-064 -
Ubercart - Multiple vulnerabilities
To: security-news@...pal.org
Message-ID: <20120425195115.4D3D51D00C5@...1.drupal.org>
Content-Type: text/plain; charset="us-ascii"
View online: http://drupal.org/node/1547674
* Advisory ID: DRUPAL-SA-CONTRIB-2012-064
* Project: Ubercart [1] (third-party module)
* Version: 6.x, 7.x
* Date: 2012-April-25
* Security risk: Moderately critical [2]
* Exploitable from: Varies (Local & Remote)
* Vulnerability: Cross Site Scripting, Arbitrary PHP code execution,
Multiple vulnerabilities
-------- DESCRIPTION
---------------------------------------------------------
The Ubercart module for Drupal provides a shopping cart and e-commerce
features for Drupal. Parts of Ubercart were vulnerable to a Failure to
encrypt data, Cross Site Scripting, and an Arbitrary PHP Execution
vulnerability.
.... Failure to encrypt data: Exploitable from local
Passwords supplied by new customers during checkout were stored as plain text
until payment was completed for an order, for a maximum of 15 minutes. This
vulnerability is not exploitable remotely, but information may have
inadvertently been leaked via database access (e.g. backups, developer
laptops that are compromised).
.... Cross Site Scripting: Exploitable from remote
The product classes feature did not properly sanitize output and was
vulnerable to a cross site scripting attack. This vulnerability is mitigated
by the fact that an attacker must have the "administer product classes"
permission.
.... Arbitrary PHP Execution: Exploitable from remote
In Ubercart 6.x-2.x, arbitrary PHP code can be executed by users with the
"administer conditional actions" permission. This vulnerability is mitigated
by the fact that this permission should only granted to trusted users.
-------- VERSIONS AFFECTED
---------------------------------------------------
* Ubercart 6.x-2.x versions prior to 6.x-2.8. [3]
* Ubercart 7.x-3.x versions prior to 7.x-3.1. [4]
Drupal core is not affected. If you do not use the contributed Ubercart [5]
module, there is nothing you need to do.
-------- SOLUTION
------------------------------------------------------------
Install the latest version:
* If you use the Ubercart module for Drupal 6.x, upgrade to Ubercart
6.x-2.8. [6]
* If you use the Ubercart module for Drupal 7.x, upgrade to Ubercart
7.x-3.1. [7]
Additionally, in Drupal 6.x, ensure that only trusted users have roles that
have been granted the "administer conditional actions" permission.
Also see the Ubercart [8] project page.
-------- REPORTED BY
---------------------------------------------------------
* Shaun Dychko [9] reported the Failure to encrypt data issue
* Lee Rowlands [10] reported the Cross Site Scripting issue
* Dave Long [11] reported the Arbitrary PHP Execution issue
-------- FIXED BY
------------------------------------------------------------
* Dave Long [12] the module maintainer
* Lyle Mantooth [13] the module maintainer
-------- COORDINATED BY
------------------------------------------------------
* Greg Knaddison [14] of the Drupal Security Team
-------- CONTACT AND MORE INFORMATION
----------------------------------------
The Drupal security team can be reached at security at drupal.org or via the
contact form at http://drupal.org/contact [15].
Learn more about the Drupal Security team and their policies [16], writing
secure code for Drupal [17], and securing your site [18].
[1] http://drupal.org/project/ubercart
[2] http://drupal.org/security-team/risk-levels
[3] http://drupal.org/node/1547506
[4] http://drupal.org/node/1547508
[5] http://drupal.org/project/ubercart
[6] http://drupal.org/node/1547506
[7] http://drupal.org/node/1547508
[8] http://drupal.org/project/ubercart
[9] http://drupal.org/user/475828
[10] http://drupal.org/user/395439
[11] http://drupal.org/user/246492
[12] http://drupal.org/user/246492
[13] http://drupal.org/user/86683
[14] http://drupal.org/user/36762
[15] http://drupal.org/contact
[16] http://drupal.org/security-team
[17] http://drupal.org/writing-secure-code
[18] http://drupal.org/security/secure-configuration
_______________________________________________
Security-news mailing list
Security-news@...pal.org
http://lists.drupal.org/mailman/listinfo/security-news
------------------------------
Message: 11
Date: Wed, 25 Apr 2012 12:55:56 -0700
From: security-news@...pal.org
Subject: Re: [Full-disclosure] [Security-news] SA-CONTRIB-2012-063 -
RealName - Cross Site Scripting (XSS)
To: Security-news@...pal.org
Message-ID: <0BE574B9-9E83-40F5-A3F6-B36DEB6D86FA@...thlink.net>
Content-Type: text/plain; charset="us-ascii"
Hi - WIll you please remove me from this list? Thank you!
On Apr 25, 2012, at 12:49 PM, security-news@...pal.org wrote:
> Security-news@...pal.org
_______________________________________________
Security-news mailing list
Security-news@...pal.org
http://lists.drupal.org/mailman/listinfo/security-news
------------------------------
Message: 12
Date: Wed, 25 Apr 2012 19:54:11 +0000 (UTC)
From: security-news@...pal.org
Subject: [Full-disclosure] [Security-news] SA-CONTRIB-2012-065 -
Sitedoc - Information disclosure
To: security-news@...pal.org
Message-ID: <20120425195411.4EA6B1D00C5@...1.drupal.org>
Content-Type: text/plain; charset="utf-8"
View online: http://drupal.org/node/1547686
* Advisory ID: DRUPAL-SA-CONTRIB-2012-065
* Project: Site Documentation [1] (third-party module)
* Version: 6.x
* Date: 2012-April-25
* Security risk: Moderately critical [2]
* Exploitable from: Remote
* Vulnerability: Information Disclosure
-------- DESCRIPTION
---------------------------------------------------------
This module enables you to display a plethora of information about your
site's structure. Optionally, the information may be saved into a file for
later comparison.
The module doesn't sufficiently verify that the saved file is protected by
the Private File System.
This vulnerability is mitigated by the fact that the administrator must have
configured the module to save the HTML report file to disk.
-------- VERSIONS AFFECTED
---------------------------------------------------
* Sitedoc 6.x-1.x versions prior to 6.x-1.4.
Drupal core is not affected. If you do not use the contributed Site
Documentation [3] module, there is nothing you need to do.
-------- SOLUTION
------------------------------------------------------------
Install the latest version:
* If you use the Sitedoc module for Drupal 6.x, upgrade to Sitedoc 6.x-1.4
[4], and
* Enable the private file system if you want to save the output file.
Also see the Site Documentation [5] project page.
-------- REPORTED BY
---------------------------------------------------------
* Jakub Such? [6] of the Drupal Security Team
-------- FIXED BY
------------------------------------------------------------
* Nancy Wichmann [7], the module maintainer
-------- COORDINATED BY
------------------------------------------------------
* Forest Monsen [8] of the Drupal Security Team
-------- CONTACT AND MORE INFORMATION
----------------------------------------
The Drupal security team can be reached at security at drupal.org or via the
contact form at http://drupal.org/contact [9].
Learn more about the Drupal Security team and their policies [10], writing
secure code for Drupal [11], and securing your site [12].
[1] http://drupal.org/project/sitedoc
[2] http://drupal.org/security-team/risk-levels
[3] http://drupal.org/project/sitedoc
[4] http://drupal.org/node/1546224
[5] http://drupal.org/project/sitedoc
[6] http://drupal.org/user/31977
[7] http://drupal.org/user/101412
[8] http://drupal.org/user/181798
[9] http://drupal.org/contact
[10] http://drupal.org/security-team
[11] http://drupal.org/writing-secure-code
[12] http://drupal.org/security/secure-configuration
_______________________________________________
Security-news mailing list
Security-news@...pal.org
http://lists.drupal.org/mailman/listinfo/security-news
------------------------------
Message: 13
Date: Wed, 25 Apr 2012 20:59:37 +0100
From: imipak <imipak@...il.com>
Subject: [Full-disclosure] FW: (no subject)
To: coderman <coderman@...il.com>
Cc: Full Disclosure <full-disclosure@...ts.grok.org.uk>
Message-ID:
<CAOpQXKPdtBRpBwU-xpUnn+gjXwa5PpKG8swaCbNZmZKJw8=s4w@...l.gmail.com>
Content-Type: text/plain; charset="utf-8"
>
Well, you believe that if you want to, but ask yourself... who benefits?
-i
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20120425/eab84f6b/attachment-0001.html
------------------------------
Message: 14
Date: Wed, 25 Apr 2012 20:20:15 +0000 (UTC)
From: security-news@...pal.org
Subject: [Full-disclosure] [Security-news] SA-CONTRIB-2012-066 -
Spaces and Spaces OG - Access Bypass
To: security-news@...pal.org
Message-ID: <20120425202015.84FC9110049@...7.drupal.org>
Content-Type: text/plain; charset="us-ascii"
View online: http://drupal.org/node/1547736
* Advisory ID: DRUPAL-SA-CONTRIB-2012-066
* Project: Spaces [1] (third-party module)
* Version: 6.x
* Date: 2012-April-25
* Security risk: Moderately critical [2]
* Exploitable from: Remote
* Vulnerability: Access bypass
-------- DESCRIPTION
---------------------------------------------------------
Spaces is an API module intended to make configuration options generally
avaliable only at the sitewide level to be configurable and overridden by
individual "spaces" on a Drupal site.
The spaces and spaces_og modules (part of the spaces package) in some cases
do not apply the expected spaces access permission to pages that are
non-objects (e.g. /node)
This vulnerability is mitigated by the fact that node_access and user profile
permissions will prevent node or user data from being exposed, but other
information (e.g. block data,etc) is still displayed. This issue only affects
sites using spaces to limit access to content for some users.
-------- VERSIONS AFFECTED
---------------------------------------------------
* Spaces 6.x-3.x versions prior to 6.x-3.4.
Drupal core is not affected. If you do not use the contributed Spaces [3]
module, there is nothing you need to do.
-------- SOLUTION
------------------------------------------------------------
Install the latest version:
* If you use the Spaces module for Drupal 6.x, upgrade to Spaces 6.x-3.4 [4]
Also see the Spaces [5] project page.
-------- REPORTED BY
---------------------------------------------------------
* hefox [6]
-------- FIXED BY
------------------------------------------------------------
* Patrick Settle [7] the module maintainer
* Fox [8]
-------- COORDINATED BY
------------------------------------------------------
* Greg Knaddison [9] of the Drupal Security Team
* Michael Hess [10] of the Drupal Security Team
* Matt Kleve [11] of the Drupal Security Team
-------- CONTACT AND MORE INFORMATION
----------------------------------------
The Drupal security team can be reached at security at drupal.org or via the
contact form at http://drupal.org/contact [12].
Learn more about the Drupal Security team and their policies [13], writing
secure code for Drupal [14], and securing your site [15].
[1] http://drupal.org/project/spaces
[2] http://drupal.org/security-team/risk-levels
[3] http://drupal.org/project/spaces
[4] http://drupal.org/node/1547730
[5] http://drupal.org/project/spaces
[6] http://drupal.org/user/426416
[7] http://drupal.org/user/26618
[8] http://drupal.org/user/426416
[9] http://drupal.org/user/36762
[10] http://drupal.org/user/102818
[11] http://drupal.org/user/150473
[12] http://drupal.org/contact
[13] http://drupal.org/security-team
[14] http://drupal.org/writing-secure-code
[15] http://drupal.org/security/secure-configuration
_______________________________________________
Security-news mailing list
Security-news@...pal.org
http://lists.drupal.org/mailman/listinfo/security-news
------------------------------
Message: 15
Date: Wed, 25 Apr 2012 20:21:29 +0000 (UTC)
From: security-news@...pal.org
Subject: [Full-disclosure] [Security-news] SA-CONTRIB-2012-067 -
Linkit - Access bypass
To: security-news@...pal.org
Message-ID: <20120425202129.2755EF0058@...5.drupal.org>
Content-Type: text/plain; charset="us-ascii"
View online: http://drupal.org/node/1547738
* Advisory ID: DRUPAL-SA-CONTRIB-2012-067
* Project: Linkit [1] (third-party module)
* Version: 7.x
* Date: 2012-April-25
* Security risk: Moderately critical [2]
* Exploitable from: Remote
* Vulnerability: Access bypass
-------- DESCRIPTION
---------------------------------------------------------
Linkitprovides an easy interface for internal and external linking. Linkit
links to nodes, users, managed files, terms and have basic support for all
entities by default, using an autocomplete field.
When searching for entities, no access restrictions were added and users may
see information about content that they do not normally have access to see.
This issue only affects sites using an entity access module to limit access
to content for some users.
-------- VERSIONS AFFECTED
---------------------------------------------------
* Linkit 7.x-2.x versions prior to 7.x-2.2.
Drupal core is not affected. If you do not use the contributed Linkit [3]
module, there is nothing you need to do.
-------- SOLUTION
------------------------------------------------------------
Install the latest version:
* If you use the Linkit module for Drupal 7.x, upgrade to Linkit 7.x-2.3 [4]
Also see the Linkit [5] project page.
-------- REPORTED BY
---------------------------------------------------------
* PAULAP [6]
-------- FIXED BY
------------------------------------------------------------
* Emil Stjerneman [7] the module maintainer
-------- COORDINATED BY
------------------------------------------------------
* Greg Knaddison [8] of the Drupal Security Team
-------- CONTACT AND MORE INFORMATION
----------------------------------------
The Drupal security team can be reached at security at drupal.org or via the
contact form at http://drupal.org/contact [9].
Learn more about the Drupal Security team and their policies [10], writing
secure code for Drupal [11], and securing your site [12].
[1] http://drupal.org/project/linkit
[2] http://drupal.org/security-team/risk-levels
[3] http://drupal.org/project/linkit
[4] http://drupal.org/node/1547716
[5] http://drupal.org/project/linkit
[6] http://drupal.org/user/29978
[7] http://drupal.org/user/464598
[8] http://drupal.org/user/36762
[9] http://drupal.org/contact
[10] http://drupal.org/security-team
[11] http://drupal.org/writing-secure-code
[12] http://drupal.org/security/secure-configuration
_______________________________________________
Security-news mailing list
Security-news@...pal.org
http://lists.drupal.org/mailman/listinfo/security-news
------------------------------
Message: 16
Date: Wed, 25 Apr 2012 16:49:20 -0400
From: Michael Wood <itnetsec@...il.com>
Subject: Re: [Full-disclosure] FW: (no subject)
To: imipak <imipak@...il.com>
Cc: Full Disclosure <full-disclosure@...ts.grok.org.uk>
Message-ID:
<CAKKN48zY3CUdYqusge=On3G5GV3XCspfkR4ywkMaNne+U9o50w@...l.gmail.com>
Content-Type: text/plain; charset="iso-8859-1"
Lmao
On Apr 25, 2012 4:06 PM, "imipak" <imipak@...il.com> wrote:
> >
>
> Well, you believe that if you want to, but ask yourself... who benefits?
>
>
> -i
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20120425/117e92a1/attachment-0001.html
------------------------------
Message: 17
Date: Thu, 26 Apr 2012 07:56:28 +0200
From: Florian Weimer <fw@...eb.enyo.de>
Subject: [Full-disclosure] [SECURITY] [DSA 2459-1] quagga security
update
To: debian-security-announce@...ts.debian.org
Message-ID: <87obqfkpdf.fsf@....deneb.enyo.de>
Content-Type: text/plain; charset=us-ascii
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- -------------------------------------------------------------------------
Debian Security Advisory DSA-2459-1 security@...ian.org
http://www.debian.org/security/ Florian Weimer
April 26, 2012 http://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : quagga
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE ID : CVE-2012-0249 CVE-2012-0250 CVE-2012-0255
Several vulnerabilities have been discovered in Quagga, a routing
daemon.
CVE-2012-0249
A buffer overflow in the ospf_ls_upd_list_lsa function in the
OSPFv2 implementation allows remote attackers to cause a
denial of service (assertion failure and daemon exit) via a
Link State Update (aka LS Update) packet that is smaller than
the length specified in its header.
CVE-2012-0250
A buffer overflow in the OSPFv2 implementation allows remote
attackers to cause a denial of service (daemon crash) via a
Link State Update (aka LS Update) packet containing a
network-LSA link-state advertisement for which the
data-structure length is smaller than the value in the Length
header field.
CVE-2012-0255
The BGP implementation does not properly use message buffers
for OPEN messages, which allows remote attackers impersonating
a configured BGP peer to cause a denial of service (assertion
failure and daemon exit) via a message associated with a
malformed AS4 capability.
This security update upgrades the quagga package to the most recent
upstream release. This release includes other corrections, such as
hardening against unknown BGP path attributes.
For the stable distribution (squeeze), these problems have been fixed
in version 0.99.20.1-0+squeeze1.
For the testing distribution (wheezy) and the unstable distribution
(sid), these problems have been fixed in version 0.99.20.1-1.
We recommend that you upgrade your quagga packages.
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/
Mailing list: debian-security-announce@...ts.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iQEcBAEBAgAGBQJPmOgYAAoJEL97/wQC1SS+aH8H/jh5fp5jGA1G0/fnF6QOCAmi
dkPAk51Lf0V/yTf/W1qoN5rOJ9B1G1PP1QCOUUHPunuCSQvynXuPb0QMmOLvtAjb
+wlQX5EbdLrjcfc4Rer95dnZITU1uaCiTKw9aGRlOBMcu5jedG21Jks7vwWnBgCE
lL2RuBBk1Rut5YtXuuPZTgXae3BOjjUh7yNPy/cZ/AWf1T442KLaZRQhLwimBrco
S2PNHjeV+bPQUa5eKwE6OdWkNdZt85JcFzz13ojEMMxh/kPiJF7+guec8dIjHr+n
OyKytdhO/wm6lyBlR4BYryGW4U1AuuiTTGs0ldAIzUBzhlLTPLQWt+Te96TMbAw=
=7lac
-----END PGP SIGNATURE-----
------------------------------
Message: 18
Date: Thu, 26 Apr 2012 09:13:25 +0200
From: Joxean Koret <joxeankoret@...oo.es>
Subject: [Full-disclosure] Oracle TNS Poison vulnerability is actually
a 0day with no patch available
To: bugtraq@...urityfocus.com, full-disclosure@...ts.grok.org.uk
Message-ID: <1335424405.13178.274.camel@...kup-server>
Content-Type: text/plain; charset="utf-8"
Hi all,
Short history:
The remote pre-authenticated vulnerability with CVSS2 10 I published
some days ago [1], the vulnerability I called Oracle TNS Poison
(reported to vendor in 2008), is a 0day affecting all database versions
from 8i to 11g R2. There is no patch at all for this vulnerability and
Oracle refuses to write a patch for *ANY* existing versions, even for
Oracle 11g R2. So, yes, ALL versions are vulnerable and will remain
vulnerable.
As I published many workarounds for this vulnerability I believe it's
better to make this information public so Oracle database's customers
can protect themselves.
Long history:
Some days ago, after the release of Oracle Critical Patch Update April
2012, a friend of mine told me that Oracle gave me credit in the
"Security-In-Depth" program for a vulnerability they fixed. After this,
I asked both Oracle and iSightPartners (the company I sold the
vulnerability in 2008) for information about the vulnerability they
fixed in this CPU. Oracle told us that the vulnerability with tracking
id #13793589 (the TNS poison vulnerability) was the one fixed.
As the vulnerability was fixed, there was no reason not to publish
information about it any more and I decided to publish an advisory, a
document explaining the vulnerability and a proof of concept. So far, so
good.
However, I was suspicious about an statement Oracle people wrote me in
an e-mail as, in their words, the vulnerability "was fixed in future
releases of the product". Eeeeh... "was" and "in the future"? As it
makes no sense, I sent Oracle an e-mail asking for details about the
fix:
On 4/19/2012 12:53 PM, Joxean Koret wrote:
(...)
> How can customers with current versions installed fix this
> vulnerability? Do they have to wait until the next version? Just out
> of curiosity.
And Oracle answered me with excuses ("excusatio non petita, accusatio
manifesta"):
> We had to make the hard choice of fixing it in the release and not in
> the CPU because:
>
> * The fix is very complex and it is extremely risky to backport.
> * This fix is in a sensitive part of our code where
> regressions are a concern.
> * Customers have requested that Oracle not include such
> security fixes into Critical Patch Updates that increases the
> chance of regressions.
As they refused to answer it clearly, I asked them once again in a more
simple way about the "fix" for the vulnerability:
On 4/23/2012 9:20 AM, Joxean Koret wrote:
(..)
> Just a final question: Does it mean that all current versions are
> vulnerable and the vulnerability will only be fixed in next products
> like, say, 11g R3 or 12g?
And Oracle, believing I'm stupid or something like this, answered me the
following:
> To protect the interest of our customers, we do not provide these
> level of details (like versions affected) for the issues that are
> addressed as in-depth. The future releases will have the fix.
So, as previously stated, this is a 0day vulnerability with no patch,
Oracle refuses to patch the vulnerability in *any* existing version and
Oracle refuses to give details about which versions will have the fix.
But they say the vulnerability is fixed. Cool.
Oracle security people: For the next time, don't say that a
vulnerability is fixed in a Critical Patch Update if the patch is not
published. Your customers are not interested if the vulnerability is
fixed in your development version, they only care about the
vulnerability being fixed in the versions they are using in production
systems.
PS: I must admit that being Oracle, that confusion doesn't surprises me
at all.
[1] http://seclists.org/fulldisclosure/2012/Apr/204
Regards,
Joxean Koret
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20120426/32040dda/attachment.bin
------------------------------
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
End of Full-Disclosure Digest, Vol 86, Issue 34
***********************************************
-------------------------------- NOTICE OF CONFIDENTIALITY This E-mail message and its attachments (if any) are intended solely for the use of the addressees hereof. In addition, this message and the attachments (if any) may contain information that is confidential, privileged and exempt from disclosure under applicable law. If you are not the intended recipient of this message, you are prohibited from reading, disclosing, reproducing, distributing, disseminating or otherwise using this transmission. Delivery of this message to any person other than the intended recipient is not intended to waive any right or privilege. If you have received this message in error, please promptly notify the sender by reply E-mail and immediately delete this message from your system.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists