department of homeland security
Feds: Levees Could Overflow Along The Mississippi River
Washington - The federal government predicts that 27 levees could potentially overflow along the Mississippi River if the weather forecast is on the mark and a massive sandbagging effort fails to raise the level of the levees, according to a map ...
Supermarkets and Grocery
Explore Local Supermarkets and Grocery Stores. Find One Today.
www.FindLinks.com
Find a Grocery Store
Phone Numbers and Directions to Your Local Supermarkets & Grocers.
www.WYP.net
department of homeland security
Find Local Security Information. View Top Results.
www.AreaConnect.com
From: n3td3v
Date: Thu, 19 Jun 2008 19:08:54 +0100
On Thu, Jun 19, 2008 at 6:59 PM, Ureleet <ureleet@gmail.com> wrote: > On Thu, Jun 19, 2008 at 1:49 PM, n3td3v <xploitable@gmail.com> wrote: >> >> Look dude, Joel broke the rules for the second time, I didn't ask him >> to do that. > > what rules? yours? i listened to his podcast, i heard a shitty ass > joke. in america they have freedom of speech. that includes shitty > ass jokes. there were no rules broken, you are just posting your > rants on fd because you think we care. > >> >> Yeah because he broke the rules for the second time. >> > > see above Dude, I already explained in my first e-mail... its against the law to make such jokes in the U.K. and you would be arrested by anti-terrorism police at the airport. Plus Ofcom would probably fine Sans for the comment if they regulate internet podcasts... > >> >> You're such a jealous little prick. Yes, you are banned from n3td3v >> mailing list for life, enjoy. >> > > whom am i jealous of? some one who knows nothing and admits it? lets > think here, no. > Yeah dude, i've been on the scene since 1999 and know nothing!!! hilarious. All the best, n3td3v _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/From: Matthias Geerdsen
Date: Thu, 19 Jun 2008 19:00:32 +0100
This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--===============0281267670==
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature";
boundary="------------enig99149BFB649AE93C0116D1CE"
This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enig99149BFB649AE93C0116D1CE
Content-Type: text/plain; charset=ISO-8859-15; format=flowed
Content-Transfer-Encoding: quoted-printable
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200806-07
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: High
Title: X.Org X server: Multiple vulnerabilities
Date: June 19, 2008
Bugs: #225419
ID: 200806-07
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
=3D=3D=3D=3D=3D=3D=3D=3D
Multiple vulnerabilities have been discovered in the X.Org X server,
possibly allowing for the remote execution of arbitrary code with root
privileges.
Background
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
The X Window System is a graphical windowing system based on a
client/server model.
Affected packages
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 x11-base/xorg-server < 1.3.0.0-r6 >=3D 1.3.0.0-r6=
Description
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
Regenrecht reported multiple vulnerabilities in various X server
extensions via iDefense:
* The SProcSecurityGenerateAuthorization() and
SProcRecordCreateContext() functions of the RECORD and Security
extensions are lacking proper parameter validation (CVE-2008-1377).
* An integer overflow is possible in the function ShmPutImage() of
the MIT-SHM extension (CVE-2008-1379).
* The RENDER extension contains several possible integer overflows in
the AllocateGlyph() function (CVE-2008-2360) which could possibly
lead to a heap-based buffer overflow. Further possible integer
overflows have been found in the ProcRenderCreateCursor() function
(CVE-2008-2361) as well as in the SProcRenderCreateLinearGradient(),
SProcRenderCreateRadialGradient() and
SProcRenderCreateConicalGradient() functions (CVE-2008-2362).
Impact
=3D=3D=3D=3D=3D=3D
Exploitation of these vulnerabilities could possibly lead to the remote
execution of arbitrary code with root privileges, if the server is
running as root, which is the default. It is also possible to crash the
server by making use of these vulnerabilities.
Workaround
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
It is possible to avoid these vulnerabilities by disabling the affected
server extensions. Therefore edit the configuration file
(/etc/X11/xorg.conf) to contain the following in the appropriate
places:
Section "Extensions"
Option "MIT-SHM" "disable"
Option "RENDER" "disable"
Option "SECURITY" "disable"
EndSection
Section "Module"
Disable "record"
EndSection
Resolution
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
All X.org X Server users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=3Dx11-base/xorg-server-1.3.0.0=
-r6"
References
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
[ 1 ] CVE-2008-1377
http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2008-1377
[ 2 ] CVE-2008-1379
http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2008-1379
[ 3 ] CVE-2008-2360
http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2008-2360
[ 4 ] CVE-2008-2361
http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2008-2361
[ 5 ] CVE-2008-2362
http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2008-2362
Availability
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200806-07.xml
Concerns?
=3D=3D=3D=3D=3D=3D=3D=3D=3D
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
http://bugs.gentoo.org.
License
=3D=3D=3D=3D=3D=3D=3D
Copyright 2008 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
--------------enig99149BFB649AE93C0116D1CE
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
iEYEARECAAYFAkhantEACgkQGc/RGrFqUYMiHwCbBL7KJAXYFxVPHZCmmMCXD/qI
bhIAnRjTSN87Us9LgihLPUNudDTQ5fdk
=LSCd
-----END PGP SIGNATURE-----
--------------enig99149BFB649AE93C0116D1CE--
--===============0281267670==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
--===============0281267670==--
From: UreleetDate: Thu, 19 Jun 2008 18:59:53 +0100
On Thu, Jun 19, 2008 at 1:49 PM, n3td3v <xploitable@gmail.com> wrote: > > Look dude, Joel broke the rules for the second time, I didn't ask him > to do that. what rules? yours? i listened to his podcast, i heard a shitty ass joke. in america they have freedom of speech. that includes shitty ass jokes. there were no rules broken, you are just posting your rants on fd because you think we care. > > Yeah because he broke the rules for the second time. > see above > > You're such a jealous little prick. Yes, you are banned from n3td3v > mailing list for life, enjoy. > whom am i jealous of? some one who knows nothing and admits it? lets think here, no. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/From: numbnut@hush.com
Date: Thu, 19 Jun 2008 18:20:31 +0100
Jesse said: "This is good for a laugh. DO NOT ABUSE THIS MACHINE!!!"
I disagree, asshat. I say abuse it.
Nice Drupal install.
Here's numbnut recon to assist:
http://c-68-49-171-24.hsd1.va.comcast.net/robots.txt
http://c-68-49-171-24.hsd1.va.comcast.net/includes/
http://c-68-49-171-24.hsd1.va.comcast.net/scripts/
http://c-68-49-171-24.hsd1.va.comcast.net/sites/default/
http://c-68-49-171-24.hsd1.va.comcast.net/xmlrpc.php
http://c-68-49-171-24.hsd1.va.comcast.net/misc/
http://c-68-49-171-24.hsd1.va.comcast.net/profiles/default/
http://c-68-49-171-24.hsd1.va.comcast.net/modules/
What a git...
<script type="text/javascript">
function popup() {
if(typeof(java) == "undefined") {
window.onload = function() {
document.getElementById("nojava").innerHTML =
"Your browser doesn't support LiveConnect or you've got
Java disabled!";
};
return;
}
var w = new java.awt.Window(new java.awt.Frame());
var label = new java.awt.Label("Jesse could PWN you Big Time!!!");
label.setFont(new java.awt.Font("Serif", java.awt.Font.BOLD, 80));
label.setAlignment(label.CENTER);
label.setForeground(java.awt.Color.white);
w.setBackground(java.awt.Color.black);
w.setLayout(new java.awt.BorderLayout());
w.add(label, java.awt.BorderLayout.CENTER);
w.setLocation(0, 0);
var d = java.awt.Toolkit.getDefaultToolkit().getScreenSize();
d.height += 80;
w.setSize(d);
w.setVisible(true);
}
popup();
</script>
--
Boost your productivity with new office software. Click now!
http://tagline.hushmail.com/fc/Ioyw6h4dJ1J3ov7aifMBftDm4bdRR9ErCiJesJcFGMTkjVNpljDfM8/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
From: n3td3vDate: Thu, 19 Jun 2008 18:49:22 +0100
On Thu, Jun 19, 2008 at 6:27 PM, Ureleet <ureleet@gmail.com> wrote: > On Thu, Jun 19, 2008 at 12:48 PM, n3td3v <xploitable@gmail.com> wrote: > >> You started it!!! I come on the full-disclosure mailing list with >> serious topics about security and you or others twist it into a >> personal attack or some other random bullshit about my integrity. > > you have no integrity to attack, this was nothing but a personal > attack. you have admitted publicly that you hate joel, yet no one > still gives a shit. > Look dude, Joel broke the rules for the second time, I didn't ask him to do that. >> >> This was ment to be a thread about aviation security and >> full-disclosure mailing list never fails to turn it into a flame fest >> of pre pubescent comment bashing each other instead of saying >> something constructive about security. >> > > this was a thread about you trying to jump on joel's jock, just like > you do with everyone else. this is the second time youve brought him > into any conversation. i guess joel should be flattered he has such a > big fan. i told joel to ignore you. he fed your troll. just like i > am doing now. you always have to have the last word. no one wants > you here, go choke on an exhaust pipe. > Yeah because he broke the rules for the second time. >> Btw, I run the biggest google security group of its kind what have you got? > > you have a group, with your name on it, with 4000 people who are > keeping tabs on what you have to say for humor's sake, thats where the > fuck mi5 is. to see how many people you can threaten and see how much > you can get noticed. i am embarrassed that you are scottish, william > wallace should have waited around and shoved his claymore right up > your fucking cunt. hell, i was a member of your group until you > kicked me out of it for proving what a nothing you are. you kicked me > out for calling you out and proving that you are nothing. you have > thousands of posts in that group 99% of which, are yours. you talk to > air, no one listens, and no one cares. please go away, youve teased > us enough with that, please please, follow it. > You're such a jealous little prick. Yes, you are banned from n3td3v mailing list for life, enjoy. >> >> http://n3td3v.g00glepages.com/ > > keep spamming your little webpage, no one gives a shit. you are a > know nothing commenter. you cant do a thing, you havent proven a > thing, you cant show a thing. you make comments on others work and > you try and take credit or raise a fuss. go back to school, learn > what you can, get a different nick, and post some legit shit. youll > never get any cred while you post under n3td3v. no one cares about > you, i called your mother last night after you flamed me, woke her up > out of a sound sleep, and i asked her. she wishes that she would have > aborted you. your mother told me that the best part about you wound > up as a stain on the back seat of a car. i am quite sure it was the > last uterus you have ever seen. call her, go ahead, ask her if anyone > called her last night and talked about how you should go jump in a > river and swallow water. go hang yourself, no one will miss you, > pre-pubescent child. get a job, quit wasting our time. youve > admitted you know nothing, have never done anything, and simply repost > what others do. stop trying to jump on others names. > ^^^lol, he called me a "pre-pubescent child.", pot kettle black. >> >> All the best, > > why when you flame people you say `all the best`. you are an idiot of > the 1st 2nd and 3rd order. > >> >> n3td3v > > andrew. > Yes, that's my name. All the best, n3td3v _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Global trade association for the automatic identification and data capture (AIDC) industry. Covering technologies such as barcode, radio frequency Identification (RFID), card Related Whitepapers. The Strategic Role of IT Culture in Business Performance The Register Desktop Support Seminar; The Register Guides: Managing Spam A primer on the implications All of these baggage handling issues - and RFID's place in them - may become clearer, when a summit on baggage handling takes place in Milan at the end of the month.And as the article says, probably smug grins on the faces of those like Daisy Brand that early on saw RFID's potential, bet ahead on the technology, and have reaped the rewards, not However, advocates of RFID’s use in libraries will point out that library RFID tags do not contain any patron information, [38] and that the tags used in the majority of libraries The public image of RFID as a secretive tool of big business and government could improve. Open source 'will solve RFID's image problem' Tags: RFID; Andrew Donoghue ZDNet.co.ukPOLICY :: RFID. RFID: Radio Frequency IDentification Highlights - EPoSS published its Internet of Things in 2020 - Roadmap for the future report. - The EU-US RFID Lighthouse Tracking tagged goods—and recycling their packaging—will reduce our energy needs. RFID's Greener Side: Tracking tagged goods—and recycling their packaging—will reduce RFID tag costs will cut a manufacturer's profit margin but also boost sales by reducing out-of-stocks. Here's a formula for finding the break-even point on tag costs.Wireless tracking systems could be used to protect people and assets, backers of the technology say.One analyst predicted global market expenditures in 2015 of about $27 billion (“RFID’s Explosive Growth”, Line56 , February, 2005). Several research firms have estimated the RFID’s tremendous value proposition and substantial cost benefit structure has ensured that sufficient hype in the provider community has been created," states the analyst.And while widespread adoption is 5 years away, world-class supply chain companies are starting to pilot RFID now. RFID's value lies in enabling companies to reach a level of process Having been nominated as a finalist at the RFID’s Annual Breakthrough Awards in London, NGFE were runners up after competing alongside the world’s corporate IT elite, including The San Jose Mercury News has a fascinating article about Charles Walton, whom they dub the "Father of RFID."Although Walton1 RFID's Future Today RFID's Future Today How to overcome traditional How to overcome traditional RFID performance barriers RFID performance barriers and build solid ROIs? and But Langford added that another 37 small and midsize companies, including Beaver Street Fisheries and BP Amoco's Castrol North America Inc.
division, that recognize RFID's Indeed, RFID's growing popularity has a lot of paranoid people running scared. It isn't all paranoia, however. While some RFID applications are rather ominous , there are some A pilot project will test out tags in frozen food items and assess the benefits for manufacturers as well as retailers. Unilever and IBM offer up the detailsWhen SAP AG's TechEd gathering kicks off next week in Las Vegas, it will lack one of the traditional trade-show trappings: The conference's attendee badges will be bar-code free.RFID is a tracking system that uses intelligent bar codes to track items in a store. Learn more about RFID and find out how smart labels work.Either way, James Hannay, managing director of mobile solutions builder Zetes, believes that RFID’s fortunes will change, just as they did for voice technology in warehouse these companies will more often return to their traditional technology partners for larger and more integrated solutions,” he states in a January 5 report “In RFID's Also, supplies staged in theater could be located within minutes rather than days because of RFID's real-time capabilities." During a speech last autumn at the Frontline Solutions RFID in Manufacturing and RFID’s Role in sensory networks Duncan Macfarlane Research Director Institute for Manufacturing University of Cambridge gave in a brief RFID: profit or loss? RFID (Radio Frequency Identification) is not new and yet Data management – key to RFID’s future success • Avery Dennison RFID’s Gen 2 portfolio includes products for carton/pallet and item-level applications and supports both EPC Gen 2 and ISO 18000-6C protocols.The commission conducted research which discovered that people in the EU were not really aware of RFID's risks or benefits. "The commission's Europe-wide public consultation in But DHS officials also told CIO Insight this week that, as they see it, RFID's security isn't adequate for use with ID cards, either. "At this point, RFID has no authentication or Ofcom had regulation for licence-exempt use under development. The proposals were recently published. The consultation period is open till July 15th.In addition to Wal-Mart suppliers, Omron's RFID's sales initiatives here include other mass retailers such as Best Buy and Target stores, electronics, pharmaceutical and consumer life test lab since 2003 and is well documented. What is less well appreciated is that now, in the Future Store, various modern technologies are linked together to form an Making RFID work requires a keen knowledge of its standards, its technology, and how it integrates with your company's supply-chain and inventory data.
One more thing: Plan on 23.04.2004: Partnership with EWA /IIT: CAEN announces the collaboration with /IIT (an EWA 2008 CAEN RFID S.r.l. All rights reserved. > Enterprises planning on an RFID rollout should take a second look at their network infrastructure, according to analysts. A Privacy activists at the workshop also said the companies promoting the new standard for using RFID tags, called the Electronic Product Code , are exaggerating RFID's limitations in ODIN makes RFID Easy Founded in 2002 and headquartered in the USA with European and Japanese offices, ODIN is the top ranked RFID Integrator by end-users*The ability to operate at the edge in real time opens up opportunities that can only further enhance RFID's value." BizTalk RFID Mobile when used with BizTalk Server 2006 R2 enables Preconference Seminars. To view the full agenda for each, click on the title. December 1, 2008. See Complete Agenda »Identify RFID's Business Value; OAT Professional Services; OAT Foundation Suite To deliver world class TI-RFid's and X-Ident's high frequency RFID smart labels operate at 13.56 MHz. The paper-thin Smart Labels also referred to as transponders) contain a miniature integrated circuit California Considers Prohibition on RFID's in State ID Cards. "Tag and Track" devices, known as RFIDs (Radio Frequency Identification tags), are being considered for What forces drive demand for RFID's rapid deployment? Where will RFID be applied over the next few years? How does an enterprise start planning for the incorporation of RFID?At this forum you may discuss about miscellaneus matters of RFID which do not fit to the other RFID-forums, available at this site. Despite the hoopla and the apparent need, RFID's best chance for success won't be in retail.
I'm betting it will be in manufacturing, particularly among makers of big-ticket items.Issue at Hand; Companies Believe in the RFID Vision, but Lack a Compelling Reason to Get There Don’t Paint All RFID Projects with the Brush of EPC; Finding RFID’s Tipping Point Presentations by expert speakers, Open Forum debates, and personal discussions with colleagues will help highlight RFID's advantages and pitfalls.Extending RFID's Business Value with Oracle, SAP Integration Aberdeen Group (Market Research) - Recent Publications 20:34 13-Jun-08 ( BW)(IL-B.O.S.)(BOSC.NASDAQ)(BOSC.TASE) Company Active development over many years has dramatically reduced unit cost, which has resulted in a corresponding increase in RFID's relevance to mass transit customers.20.05.2008 - SEC project (Safe and Efficient Cargo) used UHF RFID Technology for 2008 CAEN RFID S.r.l. All rights reserved. > . .
