Next Page >>
dot org
Submissions should thoroughly outline your desired presentation
subject. Accompanying your submission should be the slides
you intend to use or a detailed paper explaining your subject.
If you have any enquiries about submissions, or would like to make a
submission, please send an e-mail to presentations @ ruxcon dot org
dot au
The deadline for submissions is the 15th of November.
If approved we will additionally require:
Submissions should thoroughly outline your desired presentation or
workshop subject. Accompanying your submission should be the slides
you intend to use or a detailed paper explaining your subject.
If you have any enquiries about submissions, or would like to make a
submission, please send an e-mail to presentations @ ruxcon dot org
dot au
The deadline for submissions is the 31st of October.
If approved we will additionally require:
15:50 Concluding Remarks
Organizing Committee
General Chair: Herbert Bos, VU University Amsterdam, the Netherlands (info (at) dimva (dot) org)
Program Chair: Thorsten Holz, Ruhr-University Bochum, Germany (pc-chair(at) dimva (dot) org)
Sponsoring Chair: Damiano Bolzoni, University of Twente, the Netherlands (sponsor-chair (at) dimva (dot) org)
Publicity Chairs: Damiano Bolzoni, University of Twente, the Netherlands
Konrad Rieck, Technische Universitat Berlin, Germany (publicity-chair (at) dimva (dot) org)
Local Chair: Asia Slowinska, VU University Amsterdam, the Netherlands (dimva2011-local-chair (at) dimva (dot) org)
professional and have something to talk about, then you have
an opportunity to do so at CHASE 2007. Please download and
fill out submission form and send your presentation as early
as possible to:
cfp AT chase DOT org DOT pk
Last date for filing submissions is Friday November 02, 2007.
All those individuals who would like to present are urged to
at least send their abstracts as early as possible to the
professional and have something to talk about, then you have
an opportunity to do so at CHASE 2009. Please download and
fill out submission form and send your presentation as early
as possible to:
cfp AT chase DOT org DOT pk
Last date for filing submissions is Friday September 04, 2009.
Limited travel funds are available for international speakers.
Vendor http://www.zabbix.com/
Advisory http://www.ush.it/team/ush/hack-zabbix_162/adv.txt
Authors Antonio "s4tan" Parata (s4tan AT ush DOT it)
Francesco "ascii" Ongaro (ascii AT ush DOT it)
Giovanni "evilaliv3" Pellerano (evilaliv3 AT
digitalbullets DOT org)
Date 20090303
I. BACKGROUND
From the Zabbix web site: "ZABBIX offers advanced monitoring, alerting
> Vendor http://www.zabbix.com/
> Advisory http://www.ush.it/team/ush/hack-zabbix_162/adv.txt
> Authors Antonio "s4tan" Parata (s4tan AT ush DOT it)
> Francesco "ascii" Ongaro (ascii AT ush DOT it)
> Giovanni "evilaliv3" Pellerano (evilaliv3 AT
> digitalbullets DOT org)
> Date 20090303
>
> I. BACKGROUND
>
> >From the Zabbix web site: "ZABBIX offers advanced monitoring, alerting
Vendor http://collabtive.o-dyn.de/
Advisory http://www.ush.it/team/ush/hack-collabtive048/adv.txt
Authors Antonio "s4tan" Parata (s4tan AT ush DOT it)
Francesco "ascii" Ongaro (ascii AT ush DOT it)
Giovanni "evilaliv3" Pellerano (evilaliv3 AT
digitalbullets DOT org)
Date 20080925
I. BACKGROUND
From the Collabtive web site: "Collabtive is collaborative software to
Systems Affected PHP and PHP+Suhosin
Vendor http://www.php.net/
Advisory http://www.ush.it/team/ush/hack-phpfs/phpfs_mad.txt
Authors Francesco "ascii" Ongaro (ascii AT ush DOT it)
Giovanni "evilaliv3" Pellerano (giovanni.pellerano AT
evilaliv3 DOT org)
Date 20090207
I) Introduction
II) The bugs in 50 words
III) PHP filesystem functions path normalization attack
- Training sessions will be different, depending on each trainer.
A message can be addressed to : jd (at) noconname.org Or to the
coordinators:
+ Jose Nicolas Castellano : jncastellano (at) noconname (dot) org
+ Alejandro Clares : aclares (at) noconname (dot) org
<> Please send submission to cfp (at) noconname (dot) org <>
The conference is held over two days in a relaxed atmosphere, allowing attendees to enjoy themselves whilst networking within the community and expanding their knowledge of security.
Live presentations and activities will cover a full range of defensive and offensive security topics, varying from previously unpublished research to required reading for the security community.
For more information, please visit http://www.ruxcon.org.au
* Presentation Information
Presentations are set to run for 50 minutes, and will be of a formal nature, with slides and a speech.
Contact informations
====================
The security contact for OpenX can be reached at:
<security AT openx DOT org>
--
Matteo Beccati
The conference is held over two days in a relaxed atmosphere, allowing attendees to enjoy themselves whilst networking within the community and expanding their knowledge of security.
Live presentations and activities will cover a full range of defensive and offensive security topics, varying from previously unpublished research to required reading for the security community.
For more information, please visit http://www.ruxcon.org.au
* Presentation Information
Presentations are set to run for 50 minutes, and will be of a formal nature, with slides and a speech.
|----------------------+-------------------------------------------------|
| Exploits Known | No |
|----------------------+-------------------------------------------------|
| Reported On | February 25, 2008 |
|----------------------+-------------------------------------------------|
| Reported By | Dino A. Dai Zovi < ddz AT theta44 DOT org > |
|----------------------+-------------------------------------------------|
| Posted On | March 18, 2008 |
|----------------------+-------------------------------------------------|
| Last Updated On | March 18, 2008 |
|----------------------+-------------------------------------------------|
Copyright (C) 2007 Hispasec Sistemas.
--
Gynvael Coldwind
mailto: gynvael AT vexillium DOT org
mailto: michael AT hispasec DOT com
web site: http://www.ush.it/
mail: ascii AT ush DOT it
Giovanni "evilaliv3" Pellerano
web site: http://www.evilaliv3.org
mail: giovanni.pellerano AT evilaliv3 DOT org
Antonio "s4tan" Parata
web site: http://www.ictsc.it/
mail: s4tan AT ictsc DOT it, s4tan AT ush DOT it
Contact informations
====================
The security contact for OpenX can be reached at:
<security AT openx DOT org>
Best regards
--
http://www.sysdream.com
http://ghostsinthestack.org
s.leberre at sysdream dot com
heurs at ghostsinthestack dot org
//----- Greetings
Virtualabs
Copyright (C) 2007 Hispasec Sistemas.
--
Gynvael Coldwind
mailto: gynvael AT vexillium DOT org
mailto: michael AT hispasec DOT com
http://www.sysdream.com
http://ghostsinthestack.org
s.leberre at sysdream dot com
heurs at ghostsinthestack dot org
//----- Greetings
Trance
When this option is configured and an affected Mac OSX client roams from one Cisco AP to the other, the kernel panics. This is easily reproducible by just walking to another room in the congress center.
Thanks for helping identifying the issue:
Willem Hengeveld <itsme at xs4all dot nl>
Hartmut Schroeder <hacko at hacko dot org>
Best regards,
Attilla de Groot
Contact informations
====================
The security contact for Openads can be reached at:
<security AT openads DOT org>
Best regards
--
Matteo Beccati
BugCON for this edition accepts participation in the form of conference and workshop; the conference language can be spanish (prefereably) or english. Remeber that BugCON
is totally uncensored, so the public can start a discussion about your conference, and it's totally acceptable.
BugCON reserves the right to accept or reject any paper.
All proposals should be sent to secretary [at] bugcon [dot] org with a little description about the conference and a little curriculum about the author, dead line at July 4th (no extensions). The final schedule will be published on Aug 26th.
We're looking for spoonsors, if you're interested please write to charity [at] bugcon [dot] org
Copyright (C) 2007 Hispasec Sistemas.
--
Gynvael Coldwind
mailto: michael AT hispasec DOT com
mailto: gynvael AT vexillium DOT org
Vendor contact timeline:
------------------------
2011-12-14: Contacting vendor through security at struts dot apache dot
org
2011-12-14: Vendor reply, sending advisory draft
2011-12-14: Vendor released Apache Struts 2.3.1 in parallel
2011-12-16: Vulnerabilities confirmed in Struts 2.3.1, Vendor contacted
2011-12-16: Vendor reply, discussing workaround
2011-12-20: Discussing release of fixed version
The conference is held over two days in a relaxed atmosphere, allowing attendees to enjoy themselves whilst networking within the community and expanding their knowledge of security.
Live presentations and activities will cover a full range of defensive and offensive security topics, varying from previously unpublished research to required reading for the security community.
For more information, please visit http://www.ruxcon.org.au
* Presentation Information
Presentations are set to run for 50 minutes, and will be of a formal nature, with slides and a speech.
Contact informations
====================
The security contact for OpenX can be reached at:
<security AT openx DOT org>
http://www.balabit.com/network-security/syslog-ng/
9. CREDIT
This vulnerability was discovered by Steven Chamberlain steven :at: pyro
dot eu dot org
10. DISCLOSURE TIME-LINE
2010-12-31: The problem reported to the debian bug tracking system
2010-12-31: notified vendor by the debian maintainer
Vendor http://moodle.org/
Advisory http://www.ush.it/team/ush/hack-moodle193/moodle193.txt
Authors Antonio "s4tan" Parata (s4tan AT ush DOT it)
Francesco "ascii" Ongaro (ascii AT ush DOT it)
Giovanni "evilaliv3" Pellerano (evilaliv3 AT
digitalbullets DOT org)
Date 20081212
I. BACKGROUND
From the Moodle web site: "Moodle is a course management system (CMS) -
More Information
For more information visit our web site http://2010.ec2nd.org or
contact the conference chairs at info (at) ec2nd (dot) org.
You may also follow us on twitter at http://twitter.com/ec2nd
Next Page>>
|
