Cisco Security Advisory: Cisco Security Manager Vulnerability

Advisory ID: cisco-sa-20090121-csm

http://www.cisco.com/warp/public/707/cisco-sa-20090121-csm.shtml

Revision 1.0

For Public Release 2009 January 21 1600 UTC (GMT)

...

Hi,

I'm pleased to announce the release of eCL0WN v1.01.

Introduction
============
eCL0WN is a J2ME ePassport utility for Nokia NFC phones that allows you to
read and clone your ePassport's chip content. The following functionality is
implemented in the current release:

- Read passport...

Hi,

I'm pleased to announce the release of ePassport emulator v1.02.

Introduction
============
epassport_emulator is an ePassport / eID emulator for JavaCard. It
implements functionality as described in ICAO Doc 9303. Additionally it
implements functionality to write files and key data to...

------------------------------------------------------------------------
Debian Security Advisory DSA-1693-2 security_at_debian.org
http://www.debian.org/security/ Thijs Kinkhorst
January 21, 2009 ...

------------------------------------------------------------------------
Debian Security Advisory DSA-1709-1 security_at_debian.org
http://www.debian.org/security/ Thijs Kinkhorst
January 21, 2009 ...

Ask Tom Ferris' mom!

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200901-13
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
...

Probably one of this are the vulnerabilty descriptions of the bugs:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5460
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4017

If it's the same issue, Oracle didn't contacted me to notify me about it..
if it is that bug, then it...

rPath Security Advisory: 2009-0014-1
Published: 2009-01-20
Products:
    rPath Linux 2

Rating: Minor
Exposure Level Classification:
    Local Root Deterministic Privilege Escalation
Updated Versions:
...

rPath Security Advisory: 2009-0011-1
Published: 2009-01-20
Products:
    rPath Appliance Platform Linux Service 1
    rPath Appliance Platform Linux Service 2
    rPath Linux 1
    rPath Linux 2

Rating: Minor
...

rPath Security Advisory: 2009-0010-1
Published: 2009-01-20
Products:
    rPath Appliance Platform Linux Service 1
    rPath Appliance Platform Linux Service 2
    rPath Linux 1
    rPath Linux 2

Rating: Severe
...

rPath Security Advisory: 2009-0009-1
Published: 2009-01-20
Products:
    rPath Linux 1
    rPath Linux 2

Rating: Severe
Exposure Level Classification:
    Indirect Deterministic Vulnerability
Updated Versions:
...

rPath Security Advisory: 2009-0008-1
Published: 2009-01-20
Products:
    rPath Appliance Platform Linux Service 1
    rPath Appliance Platform Linux Service 2
    rPath Linux 1
    rPath Linux 2

Rating: Severe
...

I can hear n3td3v screaming and crying from here.

On Tue, Jan 20, 2009 at 9:00 AM, Razi Shaban <razishaban_at_gmail.com> wrote:

> On Tue, Jan 20, 2009 at 9:09 AM, Razi Shaban <razishaban_at_gmail.com>
> wrote:
> > On Mon, Jan 19, 2009 at 1:40 PM, Dave...

======================================================================

                     Secunia Research 20/01/2009

        - OpenSG Radiance...

======================================================================

                     Secunia Research 20/01/2009

...

======================================================================

                     Secunia Research 20/01/2009

...

======================================================================

                     Secunia Research 20/01/2009

     - Trend Micro Network Security...

    On Tue, Jan 20, 2009 at 9:09 AM, Razi Shaban <razishaban_at_gmail.com>
    wrote:
> On Mon, Jan 19, 2009 at 1:40 PM, Dave Kleiman
    <dave_at_davekleiman.com> wrote:
>> If you have Seagate...

* Sebastian Krahmer:

> What do you mean by that? I looked at the glibc resolver,
> it might be that if getaddrinfo() does not get proper
> ai_family arguments of AF_INET, it will accept AAAA records.
> So, the application which thinks is using IPv4 DNS resolving
> will...

The Apache Jackrabbit community is pleased to announce the release of
Apache Jackrabbit version 1.5.2. The release is available for download
at:

    http://jackrabbit.apache.org/downloads.html

See the full release notes below for details about this release.

Release Notes...

2009/1/19 andrew. wallace <andrew.wallace_at_rocketmail.com>:
> On Mon, Jan 19, 2009 at 7:23 PM, Prototype This <terminale_at_gmail.com> wrote:
>> Shut the fuck up. It you who trashed this mailing list ,
>
> No it was one abusive person who didn't like me...

Hi,

The papers pointed to by the others are basically straight
forward and not really new issues if you know how
ARP poisoning works. The thing that makes me wonder
and adds some new points is

'As soon as the "victim" has an IPv6 address issued by your radvd it will
 prefer...

Server Version Info: Oracle-Application-Server-10g/10.1.3.1.0 Oracle-HTTP-Server
PoC: http://OC4J/web-app/foobar/%c0%ae%c0%ae/WEB-INF/web.xml
Related: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2938
Explaination: The "%c0%ae%c0%ae" is interpreted as: ".."...

HAAHAHAHAHAHAHAHAHA

On Mon, Jan 19, 2009 at 2:37 PM, andrew. wallace
<andrew.wallace_at_rocketmail.com> wrote:
> If you've got nothing cyber security related to say don't post.
>

------------------------------------------------------------------------
Debian Security Advisory DSA-1708-1 security_at_debian.org
http://www.debian.org/security/ Florian Weimer
January 19, 2009 ...

On Mon, Jan 19, 2009 at 7:23 PM, Prototype This <terminale_at_gmail.com> wrote:
> Shut the fuck up. It you who trashed this mailing list ,

No it was one abusive person who didn't like me who trashed it!

Let's get back to business.

I second. This is a security mailing list and should stick to topic.

On Mon, Jan 19, 2009 at 7:31 PM, andrew. wallace <
andrew.wallace_at_rocketmail.com> wrote:

> I'm calling for the closure of political threads on full-disclosure so
> we can get back to business.
>
>...

Yes, as you say Mainbox.

Today Ehud Olmert said that he loved gaza's children,.
after 22 days of war and deaths of more than 1,200 Palestinians.

On Mon, Jan 12, 2009 at 11:39 PM, Mainbox Notif <rokadeana_at_gmail.com> wrote:

> Goodmorning everybody!
> I dont know the time at...

 _______________________________________________________________________

 Mandriva Linux Security Advisory MDVSA-2009:018
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package :...

 _______________________________________________________________________

 Mandriva Linux Security Advisory MDVSA-2009:017
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package :...

I feel the same for you ;)

>>Extremely sad and worrying that people like you exist
Andrew

I feel the same for you ;)

> Extremely sad and worrying that people like you exist
>
> Andrew
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and...

 _______________________________________________________________________

 Mandriva Linux Security Advisory MDVSA-2009:016
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : xen...

On Thu, Jan 15, 2009 at 8:21 PM, Avraham Schneider
<avri.schneider_at_gmail.com> wrote:
> Israel is fighting terrorists - those terrorists decide to attack websites
> (since they wrongly believe it will help their cause)[1] - Israel cares
> less.
>
> It is...

> It is *Cyber Protest* because those *kids in their bedroom* are *defacing websites as a cyber protest* against Israel
> - and the 'Cyber' is just an additional front for this *cyber protest* - not an
> important one, hence ignored by Israel, but it still is.

Dear "you-know-who",

On Wed, Jan 14, 2009 at 5:14 PM, andrew. wallace
<andrew.wallace_at_rocketmail.com> wrote:
>
> If "cyber war" is just web site defacement then I don't think we ever
> need to take "cyber war" too seriously.

Starting --...

2009/1/16 <Valdis.Kletnieks_at_vt.edu>

> On Fri, 16 Jan 2009 15:03:24 +0200,
> He probably has a 50 pound bag of Purina Troll Chow that he's trying to get
> rid of.
>
>
LOL,
50 pound bag?
Wrong: it was 80 pound!

Do you want some?
:)

Israel has one of the most powerful and advanced armies.
But they cannot find their enemy.
When there is maybe one hamas-soldier, the israeli can't shoot him when hey
is in a building, the israeli bomb the whole building.

In modern world we use intelligence and we have snipers.
In modern...

On Fri, 16 Jan 2009 15:03:24 +0200, Avraham Schneider said:

> If I'm a troll, why do you feed me then?

He probably has a 50 pound bag of Purina Troll Chow that he's trying to get
rid of.

On Fri, Jan 16, 2009 at 2:14 PM, Mainbox Notif <rokadeana_at_gmail.com> wrote:

>
> And a new 'trol' is born: Schneider.

If I'm a troll, why do you feed me then?

>
> This is completely off topic.

> This thread is not about the war Israel vs Palestina!
> This is...

On Fri, Jan 16, 2009 at 1:58 PM, Handrix <handrix_at_gmail.com> wrote:

>
>
> On Thu, Jan 15, 2009 at 8:21 PM, Avraham Schneider <
> avri.schneider_at_gmail.com> wrote:
>
>> Israel is fighting terrorists - those terrorists decide to attack websites
...

And a new 'trol' is born: Schneider.
This is completely off topic.
This thread is not about the war Israel vs Palestina!
This is about Cyber-War in general.

Mr. Schneider,
Please do not always response with your opinion.

2009/1/15 Avraham Schneider <avri.schneider_at_gmail.com>

...