78 entries in 0.839s
a111: Logged on 2018-05-14 13:30 asciilifeform: ^ pretty lulzy prehistory -- usg is burning the
vuln in the most traditional way, complete with 'responsible disclosure'ism and a boeck-style 'researcher' ; nao spinning in every propaganda organ in unison as 'pgp broken!'
BingoBoingo: <asciilifeform> ^ pretty lulzy prehistory -- usg is burning the
vuln in the most traditional way, complete with 'responsible disclosure'ism and a boeck-style 'researcher' ; nao spinning in every propaganda organ in unison as 'pgp broken!' << Apparently @hanno has a take on this too that sums to the rest of the party line "who could be using this with hygeine?"
douchebag: Well they already patched my Subdomain Takeover
vuln douchebag: url -> url w/ js added in
vuln parameter
andreicon: or other
vuln scanning utilities i've used
a111: Logged on 2017-06-28 00:18 Framedragger: btw maersk (some related ports) is down due to new "ransomware" (orange website says it's the same nsa "eternalblue" windows
vuln)
Framedragger: btw maersk (some related ports) is down due to new "ransomware" (orange website says it's the same nsa "eternalblue" windows
vuln)
☟︎ Framedragger: how do you amplify udp? i guess application-layer-specific stuff like bittorrent's uTP (which has some amplification
vuln shit iirc), etc.; also, dns
mircea_popescu: well meanwhile google only shows trilema for any hannob/pgpmoduli search i do ; and i dunno how to derive an actual location from that url. when was the
vuln moduli .txt published ?
punkman: did the power rangers ever find a remote code execution
vuln?
jurov: and saying that
vuln in truecrypt management utility makes whole thing "fatally flawed to an unusable extent" is...
mats: asciilifeform: grsec, afaik, has had _exactly one_ publicly disclosed
vuln, to my knowledge
ascii_field: i'm half-certain that last one actually removes a
vuln mats: Fun fact: Media companies (or contractors thereof) are doing
vuln research on media players in order to plant bug-triggering media files on warez sites.
ascii_field: mircea_popescu: there are quite likely more women in the deep-water oceanic oil prospecting industry than in
vuln digging
mircea_popescu: someone refresh me on what exactly that
vuln was anyway ?
kakobrekla: was there a new ssh
vuln found past 24hrs?
mircea_popescu: bounce you mayhap have a point. iirc this
vuln was writing past the end tag and adding a 2nd spurious end tag.
PinkPosixPXE: Good, almost done, I had to jump in a work meeting to discuss the Bash Shellshock
vuln, and repatching some systems.. But I gave BingoBoingo an update, and will be sending it off shortly. It's my first shot at this, so I hope it's not too egregious.
pentestr: bounce: nah, that'll just give you the
vuln to fix.. i'll just hack it, he gave me perms after all.
xmj: kuzetsa: did you secure your systems against the
vuln in nss too?
mike_c: yes, that checks if bash is
vuln.
b00lcrap: i do windows malware /
vuln dev mostly
mircea_popescu: kakobrekla don't fix the down
vuln thing it's splendid
tg2: I don't think there has been a root
vuln on nginx in a while
mircea_popescu: so it'd seem bitcointalk has a xss
vuln in the trust rating system, because mpoe-pr just managed to spam trust three times by simply refreshing the page.
nubbins`: i reported a gaping CSRF
vuln on havelock last year
TradeFortress: took me 5 seconds to find
vuln in havelockinvestments.com :P
bgupta: ThickAsThieves: Litecoin has same
vuln.
deadweasel: could i go up to ASS and offer up a
vuln?
iz: so far they have released 2 different "patches" that "fix" the same
vuln, but not really
mircea_popescu: how often something is used also matters, simple reported
vuln count by itself is meaningless.
rg: and your site is
vuln to exploit