NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 2008-12

273 messages sorted by: [ date ] [ thread ] [ subject ]

Starting: Mon Dec 01 2008 - 09:51:01 CST
Ending: Wed Dec 31 2008 - 10:13:54 CST

08253maurickcollege.nl
- Max's Guestbook (XSS) Remote Vulnerability (Wed Dec 10 2008 - 14:29:05 CST)
0in.emailgmail.com
- Neostrada Livebox Remote Network Down PoC Exploit (Mon Dec 08 2008 - 13:12:51 CST)
0xjbrown41gmail.com
- Re: Re: Multiple XSRF in DD-WRT (Remote Root Command Execution) (Mon Dec 15 2008 - 12:47:15 CST)
- Re: [USN-684-1] ClamAV vulnerability (Wed Dec 03 2008 - 20:31:41 CST)
- Re: /bin/login gives root to group utmp (Mon Dec 01 2008 - 11:35:20 CST)
adminbugreport.ir
- chicomas <=2.0.4 Multiple Vulnerabilities (Sat Dec 20 2008 - 01:25:49 CST)
- CFAGCMS Remote File Inclusion (Sun Dec 14 2008 - 01:04:13 CST)
adminelites0ft.com
- MagpieRSS XSS 0day (Sun Dec 28 2008 - 16:50:56 CST)
Alexander Sotirov
- MD5 Considered Harmful Today: Creating a rogue CA certificate (Tue Dec 30 2008 - 10:50:57 CST)
Already-sended-information-to-security-focusmailinator.com
- Re: Google Chrome Browser (ChromeHTML://) remote parameter injection POC (Thu Dec 25 2008 - 04:03:19 CST)
amirsalmani.ir
- php python extension safe_mode bypass (Wed Dec 17 2008 - 19:52:47 CST)
Andrzej Targosz
- CONFidence 2009, CFP (Thu Dec 18 2008 - 13:43:26 CST)
anonymousanonym.an
- hm? new vulnerabilities? wav windows media (Sat Dec 27 2008 - 22:34:51 CST)
Antone Roundy
- Re: MagpieRSS XSS 0day (Mon Dec 29 2008 - 16:24:46 CST)
ascii
- Moodle 1.9.3 Remote Code Execution (Fri Dec 12 2008 - 11:52:25 CST)
Asterisk Security Team
- AST-2008-012: Remote crash vulnerability in IAX2 (Wed Dec 10 2008 - 17:36:45 CST)
Bernhard Mueller
- SEC Consult SA-20081219-0 :: Fujitsu-Siemens WebTransactions remote command injection vulnerability (Fri Dec 19 2008 - 06:14:58 CST)
- Microsoft SQL Server 2005 sp_replwritetovarbin memory overwrite (update to SEC Consult SA-20081209) (Wed Dec 10 2008 - 06:45:02 CST)
- SEC Consult SA-20081109-0 :: Microsoft SQL Server 2000 sp_replwritetovarbin limited memory overwrite vulnerability (Tue Dec 09 2008 - 06:16:34 CST)
Brett Moore
- Insomnia : ISVA-081209.1 - IE Webdav Request Parsing Heap Corruption Vulnerability (Tue Dec 09 2008 - 17:32:12 CST)
bruhnsrecurity-labs.com
- DoS attacks on MIME-capable software via complex MIME emails (Mon Dec 08 2008 - 16:52:17 CST)
Carmelo Brancato
- MSN messenger sends IP addresses Public and Private (Mon Dec 29 2008 - 07:55:14 CST)
Chris Evans
- Firefox cross-domain text theft (CESA-2008-011) (Thu Dec 18 2008 - 03:00:22 CST)
ClubHack
- ClubHack2008 presentations are now online (Fri Dec 26 2008 - 00:46:47 CST)
contact.fingersgmail.com
- PGP Desktop 9.0.6 Denial Of Service - ZeroDay (Tue Dec 23 2008 - 07:11:28 CST)
CORE Security Technologies Advisories
- CORE-2008-1210: Qemu and KVM VNC server remote DoS (Mon Dec 22 2008 - 11:30:28 CST)
- CORE-2008-0228: Microsoft Word Malformed FIB Arbitrary Free Vulnerability (Wed Dec 10 2008 - 09:25:32 CST)
- CORE-2008-1127 - Vinagre show_error() format string vulnerability (Tue Dec 09 2008 - 13:49:36 CST)
cxibsecurityreason.com
- SecurityReason: PHP 5.2.6 SAPI php_getuid() overload (Sat Dec 06 2008 - 13:40:48 CST)
dan.crowleygmail.com
- Re: Re: Multiple XSRF in DD-WRT (Remote Root Command Execution) (Thu Dec 11 2008 - 13:42:58 CST)
- Re: Multiple XSRF in DD-WRT (Remote Root Command Execution) (Wed Dec 10 2008 - 20:14:10 CST)
dann frazier
- [SECURITY] [DSA 1687-1] New Linux 2.6.18 packages fix several vulnerabilities (Mon Dec 15 2008 - 15:33:39 CST)
- [SECURITY] [DSA 1681-1] New Linux 2.6.24 packages fix several vulnerabilities (Thu Dec 04 2008 - 11:59:11 CST)
- [SECURITY] [DSA 1676-1] New flamethrower packages fix denial of service (Mon Dec 01 2008 - 16:49:35 CST)
darkz.gsagmail.com
- Re: Joomla: Session hijacking vulnerability, CVE-2008-4122 (Thu Dec 18 2008 - 05:40:40 CST)
David E. Thiel
- Re: Multiple XSRF in DD-WRT (Remote Root Command Execution) (Thu Dec 11 2008 - 11:57:03 CST)
- Re: Multiple XSRF in DD-WRT (Remote Root Command Execution) (Wed Dec 10 2008 - 17:51:01 CST)
DDI.VulnerabilityAlertddifrontline.com
- DDIVRT-2008-18 Orb Denial of Service (Thu Dec 04 2008 - 08:51:15 CST)
Devin Carraway
- [SECURITY] [DSA 1684-1] New lcms packages fix multiple vulnerabilities (Wed Dec 10 2008 - 01:51:43 CST)
Digital Security Research Group [DSecRG]
- [DSECRG-08-041] Stored XSS Vulnerability in Xoops 2.3.x (Mon Dec 08 2008 - 06:21:47 CST)
- [DSECRG-08-040] Multiple Local File Include Vulnerabilities in Xoops 2.3.x (Mon Dec 08 2008 - 06:18:39 CST)
Dominik 'Rathann' Mierzejewski
- Re: CONFidence 2009, CFP (Fri Dec 19 2008 - 03:32:34 CST)
Ehsan_Hp200Hotmail.com
- EasySiteNetwork (joke.php?id) Remote SQL injection Vulnerability (Thu Dec 18 2008 - 00:22:35 CST)
Eygene Ryabinkin
- Re: SecurityReason: PHP 5.2.6 SAPI php_getuid() overload (Mon Dec 08 2008 - 07:47:36 CST)
- Re: SecurityReason: PHP 5.2.6 SAPI php_getuid() overload (Mon Dec 08 2008 - 04:49:03 CST)
- Re: SecurityReason : PHP 5.2.6 dba_replace() destroying file (Sat Dec 06 2008 - 11:48:05 CST)
- Re: SecurityReason : PHP 5.2.6 dba_replace() destroying file (Sat Dec 06 2008 - 06:47:14 CST)
Florian Weimer
- [SECURITY] [DSA 1688-2] New courier-authlib packages fix regression (Mon Dec 22 2008 - 17:18:44 CST)
- [SECURITY] [DSA 1690-1] New avahi packages fix denial of service (Mon Dec 22 2008 - 00:49:55 CST)
- [SECURITY] [DSA 1678-2] New perl packages fix regression (Sun Dec 21 2008 - 04:04:41 CST)
- [SECURITY] [DSA 1683-1] New streamripper packages fix potential code execution (Mon Dec 08 2008 - 12:58:30 CST)
- [SECURITY] [DSA 1680-1] New clamav packages fix potential code execution (Thu Dec 04 2008 - 02:26:17 CST)
- [SECURITY] [DSA 1679-1] New awstats packages fix cross-site scripting (Wed Dec 03 2008 - 05:05:53 CST)
FreeBSD Security Advisories
- FreeBSD Security Advisory FreeBSD-SA-08:12.ftpd (Mon Dec 22 2008 - 19:39:28 CST)
- FreeBSD Security Advisory FreeBSD-SA-08:13.protosw (Mon Dec 22 2008 - 19:39:22 CST)
friskf-prot.com
- Re: [IVIZ-08-016] F-Secure f-prot Antivirus for Linux corrupted ELF header Security Bypass (Tue Dec 16 2008 - 11:34:48 CST)
Gadi Evron
- reliable IOS exploitation (Mon Dec 29 2008 - 16:08:06 CST)
- ISOI 6, Dallas, TX - January 29, 30 (Tue Dec 09 2008 - 18:33:32 CST)
gat3waygat3way.eu
- PHP safe_mode can be bypassed via proc_open() and custom environment. (Tue Dec 09 2008 - 01:52:55 CST)
hackeririyahoo.com
- Re: Moodle 1.9.3 Remote Code Execution (Tue Dec 16 2008 - 01:21:58 CST)
hadihadi_zedehal_2006yahoo.com
- Joomla Component mdigg 2.2.8 Blind SQL Injection Exploit (Fri Dec 26 2008 - 13:40:33 CST)
Hanno Böck
- Joomla: Session hijacking vulnerability, CVE-2008-4122 (Tue Dec 16 2008 - 15:56:23 CST)
- Re: Multiple XSRF in DD-WRT (Remote Root Command Execution) (Wed Dec 10 2008 - 17:42:59 CST)
het_ebadiyahoo.com
- Re: Re: Wrong report: BID 32287, Pi3Web ISAPI DoS vulnerability (Sun Nov 30 2008 - 02:39:26 CST)
Hugo Dias
- CVE-2008-5079: multiple listen()s on same socket corrupts the vcc table (Thu Dec 04 2008 - 20:06:02 CST)
iDefense Labs
- iDefense Security Advisory 12.10.08: Microsoft Excel Malformed Object Memoy Corruption Vulnerability (Wed Dec 10 2008 - 13:55:11 CST)
- iDefense Security Advisory 12.09.08: Microsoft Windows Graphics Device Interface Integer Overflow Vulnerability (Tue Dec 09 2008 - 14:50:39 CST)
- iDefense Security Advisory 12.09.08: Microsoft Internet Explorer 5.01 EMBED tag Long File Name Extension Stack Buffer Overflow Vulnerability (iDefense Exclusive) (Tue Dec 09 2008 - 14:16:41 CST)
- iDefense Security Advisory 12.04.08: Sun Java JRE TrueType Font Parsing Integer Overflow Vulnerability (Thu Dec 04 2008 - 16:35:06 CST)
- iDefense Security Advisory 12.04.08: Sun Java JRE Pack200 Decompression Integer Overflow Vulnerability (Thu Dec 04 2008 - 16:00:47 CST)
- iDefense Security Advisory 12.04.08: Sun Java Web Start GIF Decoding Memory Corruption Vulnerability (Thu Dec 04 2008 - 15:39:20 CST)
- iDefense Security Advisory 12.04.08: Sun Java JRE TrueType Font Parsing Heap Overflow Vulnerability (Thu Dec 04 2008 - 13:41:13 CST)
Ilia Alshanetsky
- Re: SecurityReason : PHP 5.2.6 dba_replace() destroying file (Sat Dec 06 2008 - 09:00:14 CST)
Integrigy Security
- RE: [Full-disclosure] ZDI-08-088: Oracle E-Business Suite Self-Service Web Applications SQL Injection Vulnerability (Tue Dec 16 2008 - 17:01:00 CST)
ISecAuditors Security Advisories
- [ISecAuditors Security Advisories] PSI remote integer overflow DoS (Tue Dec 23 2008 - 05:19:14 CST)
- [ISecAuditors Security Advisories] Multiple vulnerabilities in WiFi router COMTREND CT-536/HG-536+ (Mon Dec 22 2008 - 12:16:29 CST)
- [ISecAuditors Security Advisories] Wordpress is vulnerable to an unauthorized upgrade and XSS (Mon Dec 22 2008 - 11:36:14 CST)
iViZ Security Advisories
- [IVIZ-08-016] F-Secure f-prot Antivirus for Linux corrupted ELF header Security Bypass (Wed Dec 10 2008 - 06:09:51 CST)
- [IVIZ-08-015] Sophos Antivirus for Linux vulnerability (Wed Dec 10 2008 - 06:02:49 CST)
- [IVIZ-08-014] AVG antivirus for Linux vulnerability (Wed Dec 10 2008 - 06:01:09 CST)
- [IVIZ-08-013] Avast antivirus for Linux multiple vulnerabilities (Wed Dec 10 2008 - 05:57:26 CST)
- [IVIZ-08-012] Bitdefender antivirus for Linux multiple vulnerabilities (Wed Dec 10 2008 - 05:51:28 CST)
- [IVIZ-08-011] ClamAV lzh unpacking segmentation fault (Wed Dec 10 2008 - 05:48:40 CST)
Jacobo Avariento Gimeno
- POC for CVE-2008-5619 (roundcubemail PHP arbitrary code injection) (Mon Dec 22 2008 - 06:13:32 CST)
Jamie Riden
- Re: Moodle 1.9.3 Remote Code Execution (Mon Dec 15 2008 - 11:22:32 CST)
Jamie Strandboge
- [USN-677-2] OpenOffice.org Internationalization update (Tue Dec 23 2008 - 11:57:36 CST)
- [USN-696-1] Avahi vulnerabilities (Thu Dec 18 2008 - 16:36:54 CST)
- [USN-694-1] libvirt vulnerability (Wed Dec 17 2008 - 18:26:05 CST)
- [USN-690-3] Firefox vulnerabilities (Wed Dec 17 2008 - 18:19:24 CST)
- [USN-690-2] Firefox vulnerabilities (Wed Dec 17 2008 - 18:13:13 CST)
- [USN-690-1] Firefox and xulrunner vulnerabilities (Wed Dec 17 2008 - 17:54:48 CST)
- [USN-678-2] GnuTLS regression (Tue Dec 09 2008 - 19:00:46 CST)
Jerome Athias
- FRHACK Registration open (Christmas offer) (Wed Dec 24 2008 - 03:15:04 CST)
jmoss
- Black Hat: New Webinar, Japan audio now on-line. (Wed Dec 10 2008 - 18:57:41 CST)
John Haywood
- Re: php-nuke 8.0 module sections artid blind sql inj vuln. (Tue Dec 30 2008 - 12:01:35 CST)
Kees Cook
- [USN-700-1] Perl vulnerabilities (Tue Dec 23 2008 - 19:33:54 CST)
- [USN-695-1] shadow vulnerability (Wed Dec 17 2008 - 19:22:19 CST)
- [USN-693-1] LittleCMS vulnerability (Wed Dec 17 2008 - 18:12:50 CST)
- [USN-692-1] Gadu vulnerability (Wed Dec 17 2008 - 18:12:13 CST)
- [USN-689-1] Vinagre vulnerability (Tue Dec 09 2008 - 18:37:07 CST)
- [USN-686-1] AWStats vulnerability (Wed Dec 03 2008 - 18:16:57 CST)
- [USN-685-1] Net-SNMP vulnerabilities (Wed Dec 03 2008 - 16:41:30 CST)
- [USN-684-1] ClamAV vulnerability (Tue Dec 02 2008 - 16:20:25 CST)
l1unhotmail.com
- Cpanel fantastico Privilege Escalation "ModSec and PHP restriction Bypass" (Mon Dec 01 2008 - 19:07:03 CST)
Laurent.gaffiegmail.com
- MS Windows Media Player * (.WAV) Remote Integrer Overflow (Wed Dec 24 2008 - 17:32:58 CST)
lentcooper.edu
- Re: Moodle 1.9.3 Remote Code Execution (Sun Dec 14 2008 - 23:00:03 CST)
Li Gen
- Re: RadAsm <=2.2.1.5 Local Command Execution (Mon Dec 08 2008 - 10:07:57 CST)
lovebughotmail.it
- joomla com_lowcosthotels sql injection (Thu Dec 25 2008 - 05:44:32 CST)
Maksymilian Arciemowicz
- Re: SecurityReason: PHP 5.2.6 SAPI php_getuid() overload (Mon Dec 08 2008 - 07:14:36 CST)
Marc Deslauriers
- [USN-698-3] Nagios vulnerabilities (Tue Dec 23 2008 - 08:16:59 CST)
- [USN-698-1] Nagios vulnerability (Mon Dec 22 2008 - 08:35:54 CST)
- [USN-697-1] Imlib2 vulnerability (Mon Dec 22 2008 - 08:35:17 CST)
- [USN-698-2] Nagios3 vulnerabilities (Mon Dec 22 2008 - 08:36:42 CST)
- [USN-698-1] Nagios vulnerability (Mon Dec 22 2008 - 08:35:54 CST)
- [USN-699-1] Blender vulnerabilities (Mon Dec 22 2008 - 08:34:43 CST)
- [USN-691-1] Ruby vulnerability (Tue Dec 16 2008 - 09:18:46 CST)
- [USN-687-1] nfs-utils vulnerability (Thu Dec 04 2008 - 16:29:05 CST)
- [USN-683-1] Imlib2 vulnerability (Tue Dec 02 2008 - 10:24:02 CST)
- [USN-682-1] libvorbis vulnerabilities (Mon Dec 01 2008 - 11:11:59 CST)
- [USN-681-1] ImageMagick vulnerability (Mon Dec 01 2008 - 11:11:08 CST)
marian.ventuneacul.ie
- CVE-2008-0971 - Barracuda Networks products Multiple Cross-Site Scripting Vulnerabilities (Tue Dec 16 2008 - 15:29:33 CST)
- CVE-2008-1094 - Barracuda Span Firewall SQL Injection Vulnerability (Tue Dec 16 2008 - 15:11:24 CST)
Mark Thomas
- [SECURITY] CVE-2008-2938 - Apache Tomcat information disclosure vulnerability - Update 2 (Thu Dec 18 2008 - 10:46:17 CST)
Martin Schulze
- [SECURITY] [DSA 1689-1] New proftpd-dfsg packages fix Cross-Site Request Forgery (Sun Dec 21 2008 - 08:24:42 CST)
- [SECURITY] [DSA 1677-1] New CUPS packages fix arbitrary code execution (Tue Dec 02 2008 - 15:09:10 CST)
martinmoodle.com
- Re: Re: Moodle 1.9.3 Remote Code Execution (Mon Dec 15 2008 - 22:47:01 CST)
Michael Scheidell
- Castlecops security site closed for good (Thu Dec 25 2008 - 06:35:59 CST)
Michael Wiegand
- Network Security Scanner OpenVAS 2.0.0 Released (Wed Dec 17 2008 - 08:40:29 CST)
Michal Zalewski
- Browser Security Handbook (Wed Dec 10 2008 - 17:05:06 CST)
mikael.albrechtf-secure.com
- Re: [IVIZ-08-016] F-Secure f-prot Antivirus for Linux corrupted ELF header Security Bypass (Mon Dec 22 2008 - 03:14:25 CST)
Mobile Security Lab
- HTC Touch vCard over IP Denial of Service (Fri Dec 19 2008 - 09:23:38 CST)
Moritz Muehlenhoff
- [SECURITY] [DSA 1686-1] New no-ip packages fix arbitrary code execution (Sun Dec 14 2008 - 14:23:27 CST)
- [SECURITY] [DSA 1674-1] New jailer packages fix denial of service (Sun Nov 30 2008 - 02:33:23 CST)
- [SECURITY] [DSA 1673-1] New wireshark packages fix several vulnerabilities (Sat Nov 29 2008 - 17:07:40 CST)
Moritz Naumann
- PHP APC vulnerable to local attacks (Fri Dec 19 2008 - 13:21:11 CST)
MustLive
- Re: XSS in Internet Explorer 6 and 7 (Thu Dec 04 2008 - 11:50:06 CST)
Nam Nguyen
- [BMSA 2008-09] Two buffer overflow vulnerabilities in Rumpus v6.0 (Mon Dec 01 2008 - 10:56:19 CST)
nospammail.it
- Re: Re: Google Chrome Browser (ChromeHTML://) remote parameter injection POC (Thu Dec 25 2008 - 18:21:51 CST)
- Google Chrome Browser (ChromeHTML://) remote parameter injection POC (Tue Dec 23 2008 - 13:54:29 CST)
officehackattack.at
- [HACKATTACK Advisory 20081203]Pro Clan Manager 0.4.2 - Session Fixation (Wed Dec 03 2008 - 06:40:59 CST)
olgarusskoyepole.ru
- Re: rPSA-2008-0341-1 dovecot (Tue Dec 23 2008 - 00:42:38 CST)
organisersyscan.org
- Dates for SyScan'09 (Tue Dec 02 2008 - 06:16:44 CST)
packetpacketstormsecurity.org
- Re: Joomla Component GameQ (Thu Dec 04 2008 - 16:08:05 CST)
Paul Szabo
- /bin/login gives root to group utmp (Sun Nov 30 2008 - 13:51:11 CST)
Peter Watkins
- Re: [Full-disclosure] MS OWA 2003 Redirection Vulnerability - [MSRC 7368br] (Mon Dec 08 2008 - 15:50:14 CST)
philip.robertsonoovoo.com
- Re: ooVoo 1.7.1.35 (URL Protocol) remote unicode buffer overflow poc (Tue Dec 16 2008 - 11:38:38 CST)
phplist
- phpList vulnerability (Mon Dec 15 2008 - 06:28:31 CST)
Pierre-Yves Rofes
- [ GLSA 200812-21 ] ClamAV: Multiple vulnerabilities (Tue Dec 23 2008 - 16:15:19 CST)
- [ GLSA 200812-22 ] Ampache: Insecure temporary file usage (Tue Dec 23 2008 - 16:23:43 CST)
- [ GLSA 200812-23 ] Imlib2: User-assisted execution of arbitrary code (Tue Dec 23 2008 - 16:40:26 CST)
- [ GLSA 200812-20 ] phpCollab: Multiple vulnerabilities (Sun Dec 21 2008 - 13:25:46 CST)
- [ GLSA 200812-19 ] PowerDNS: Multiple vulnerabilities (Fri Dec 19 2008 - 15:43:05 CST)
- [ GLSA 200812-15 ] POV-Ray: User-assisted execution of arbitrary code (Sun Dec 14 2008 - 11:15:31 CST)
- [ GLSA 200812-13 ] OpenOffice.org: Multiple vulnerabilities (Fri Dec 12 2008 - 17:01:11 CST)
- [ GLSA 200812-11 ] CUPS: Multiple vulnerabilities (Wed Dec 10 2008 - 16:16:48 CST)
- [ GLSA 200812-08 ] Mgetty: Insecure temporary file usage (Sat Dec 06 2008 - 11:53:43 CST)
pUm
- Re: Multiple XSRF in DD-WRT (Remote Root Command Execution) (Thu Dec 11 2008 - 02:57:05 CST)
pyronospam.it
- Megacubo 5.0.7 (mega://) remote eval() injection exploit (Tue Dec 30 2008 - 08:45:32 CST)
r3d.w0rmyahoo.com
- Mavi Emlak Sql Injection (Thu Dec 25 2008 - 14:23:29 CST)
- Madrese-Portal Sql Injection (Thu Dec 25 2008 - 14:22:03 CST)
- PHP-Fusion Mod TI - Blog System Sql Injection (Thu Dec 25 2008 - 09:12:04 CST)
- ASP-CMS v.1.0 Sql Injection/Database Disclosure (Thu Dec 11 2008 - 14:12:51 CST)
- facto Database Disclosure (Thu Dec 11 2008 - 02:15:25 CST)
- Meta Cart Free Database Disclosure (Thu Dec 11 2008 - 02:06:50 CST)
- aspProductCatalog Sql Injection (Thu Dec 11 2008 - 00:21:42 CST)
- Joomla Component mydyngallery (Thu Dec 04 2008 - 14:33:03 CST)
- Joomla Component GameQ (Thu Dec 04 2008 - 09:20:16 CST)
Rafel Ivgi
- Aspect9: Internet Explorer 8.0 Beta 2 Anti-XSS Filter Vulnerabilities (Thu Dec 11 2008 - 10:27:43 CST)
rene.satogmx.de
- Re: [HACKATTACK Advisory 20081127]Social Impress CMS 1.1 - Session Fixation (Wed Dec 03 2008 - 11:47:38 CST)
Robbie (Rupinder) Gill
- DoS Vulnerability in Aruba Mobility Controller Caused by Malformed EAP Frame (Aruba Advisory ID: AID-12808) (Mon Dec 08 2008 - 13:20:58 CST)
Robert Buchholz
- [ GLSA 200812-18 ] JasPer: User-assisted execution of arbitrary code (Tue Dec 16 2008 - 16:06:16 CST)
- [ GLSA 200812-10 ] Archive::Tar: Directory traversal vulnerability (Wed Dec 10 2008 - 10:53:21 CST)
- [ GLSA 200812-09 ] OpenSC: Insufficient protection of smart card PIN (Wed Dec 10 2008 - 10:51:45 CST)
- [ GLSA 200812-07 ] Mantis: Multiple vulnerabilities (Tue Dec 02 2008 - 11:55:03 CST)
- [ GLSA 200812-02 ] enscript: User-assisted execution of arbitrary code (Tue Dec 02 2008 - 11:28:07 CST)
- [ GLSA 200812-04 ] lighttpd: Multiple vulnerabilities (Tue Dec 02 2008 - 11:33:06 CST)
- [ GLSA 200812-03 ] IPsec-Tools: racoon Denial of Service (Tue Dec 02 2008 - 11:30:56 CST)
- [ GLSA 200812-06 ] libxml2: Multiple vulnerabilities (Tue Dec 02 2008 - 11:42:03 CST)
- [ GLSA 200812-05 ] libsamplerate: User-assisted execution of arbitrary code (Tue Dec 02 2008 - 11:40:19 CST)
- [ GLSA 200812-01 ] OptiPNG: User-assisted execution of arbitrary code (Tue Dec 02 2008 - 11:25:54 CST)
rPath Update Announcements
- rPSA-2008-0341-1 dovecot (Mon Dec 22 2008 - 13:20:06 CST)
- rPSA-2008-0338-1 cups (Fri Dec 19 2008 - 15:07:47 CST)
- rPSA-2008-0336-1 tshark wireshark (Thu Dec 11 2008 - 16:52:40 CST)
- rPSA-2008-0332-1 kernel (Tue Dec 09 2008 - 10:21:52 CST)
s.gottschalldd-wrt.com
- Re: Multiple XSRF in DD-WRT (Remote Root Command Execution) (Wed Dec 10 2008 - 06:22:56 CST)
Sebastian Gottschall (DD-WRT)
- Re: Multiple XSRF in DD-WRT (Remote Root Command Execution) (Thu Dec 11 2008 - 07:14:58 CST)
- Re: Multiple XSRF in DD-WRT (Remote Root Command Execution) (Thu Dec 11 2008 - 07:07:43 CST)
Secunia Research
- Secunia Research: Trend Micro HouseCall ActiveX Control Arbitrary Code Execution (Mon Dec 22 2008 - 10:07:31 CST)
- Secunia Research: Trend Micro HouseCall "notifyOnLoadNative()" Vulnerability (Sun Dec 21 2008 - 02:47:09 CST)
- Secunia Research: CA ARCserve Backup RPC "handle_t" Argument Vulnerability (Thu Dec 11 2008 - 05:10:59 CST)
- Secunia Research: Microsoft Hierarchical FlexGrid Control Integer Overflows (Tue Dec 09 2008 - 14:17:03 CST)
- Secunia Research: Microsoft Excel NAME Record Array Indexing Vulnerability (Tue Dec 09 2008 - 13:06:04 CST)
- Secunia Research: Microsoft Word RTF Polyline/Polygon Integer Overflow (Tue Dec 09 2008 - 12:38:46 CST)
security curmudgeon
- Re: chicomas <=2.0.4 Multiple Vulnerabilities (Sat Dec 20 2008 - 14:55:01 CST)
security-alerthp.com
- [security bulletin] HPSBST02397 SSRT080187 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-078 (Mon Dec 22 2008 - 18:03:42 CST)
- [security bulletin] HPSBST02394 SSRT080183 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-070 to MS08-077 (Fri Dec 19 2008 - 07:50:03 CST)
- [security bulletin] HPSBUX02393 SSRT080057 rev.1 - HP-UX Running DCE, Remote Denial of Service (DoS) (Wed Dec 10 2008 - 10:36:07 CST)
- [security bulletin] HPSBMA02390 SSRT071481 rev.1 - HP OpenView Performance Agent, HP Performance Agent, Remote Denial of Service (DoS) (Mon Dec 08 2008 - 13:22:27 CST)
- [security bulletin] HPSBMA02391 SSRT071481 rev.1 - HP OpenView Reporter and HP Reporter Running on Windows, Remote Denial of Service (DoS) (Mon Dec 08 2008 - 13:23:19 CST)
- [security bulletin] HPSBUX02389 SSRT080141 rev.1 - HP-UX, Local Denial of Service (DoS) (Wed Dec 03 2008 - 08:41:40 CST)
securityarmorize.com
- Multiple XSS Vulnerabilities in World Recipe 2.11 (Mon Dec 15 2008 - 02:34:46 CST)
securitymandriva.com
- [ MDVSA-2008:246 ] kernel (Mon Dec 29 2008 - 10:45:01 CST)
- [ MDVA-2008:241 ] mailscanner (Mon Dec 22 2008 - 14:07:00 CST)
- [ MDVSA-2008:245 ] firefox (Wed Dec 17 2008 - 22:55:00 CST)
- [ MDVSA-2008:244 ] mozilla-firefox (Wed Dec 17 2008 - 17:18:00 CST)
- [ MDVSA-2008:243 ] enscript (Mon Dec 15 2008 - 17:31:00 CST)
- [ MDVSA-2008:242 ] wireshark (Mon Dec 15 2008 - 15:35:00 CST)
- [ MDVSA-2008:240 ] vinagre (Wed Dec 10 2008 - 15:01:00 CST)
- [ MDVSA-2008:236-1 ] vim (Mon Dec 08 2008 - 20:38:00 CST)
- [ MDVSA-2008:239 ] clamav (Fri Dec 05 2008 - 20:42:00 CST)
- [ MDVSA-2008:238 ] libsamplerate (Thu Dec 04 2008 - 19:34:00 CST)
- [ MDVSA-2008:237 ] apache2 (Thu Dec 04 2008 - 16:15:00 CST)
- [ MDVSA-2008:236 ] vim (Wed Dec 03 2008 - 22:16:00 CST)
securitynruns.com
- n.runs-SA-2008.010 - Opera HTML parsing Code Execution (Wed Dec 17 2008 - 09:06:27 CST)
Simon Ryeo
- Fwd: TmaxSoft JEUS Alternate Data Streams Vulnerability (Sat Dec 13 2008 - 22:12:06 CST)
- TmaxSoft JEUS Alternate Data Streams Vulnerability (Fri Dec 12 2008 - 11:51:37 CST)
Stefan Esser
- Advisory 06/2008: PHP ZipArchive::extractTo() Directory Traversal Vulnerability (Thu Dec 04 2008 - 01:39:36 CST)
Steffen Joeris
- [SECURITY] [DSA 1692-1] New php-xajax packages fix cross-site scripting (Sat Dec 27 2008 - 03:49:06 CST)
- [SECURITY] [DSA 1688-1] New courier-authlib packages fix SQL injection (Sat Dec 20 2008 - 09:21:38 CST)
- [SECURITY] [DSA 1685-1] New uw-imap packages fix multiple vulnerabilities (Fri Dec 12 2008 - 00:36:28 CST)
- [SECURITY] [DSA 1678-1] New perl packages fix privilege escalation (Wed Dec 03 2008 - 00:15:24 CST)
Steve Shockley
- Re: VMSA-2008-0019 VMware Hosted products and patches for ESX and ESXi resolve a critical security issue and update bzip2 (Wed Dec 03 2008 - 12:42:11 CST)
SVRT-Bkis
- [SVRT-07-08] Vulnerability in Face Recognition Authentication Mechanism of Lenovo-Asus-Toshiba Laptops (Sun Dec 07 2008 - 22:39:48 CST)
- [SVRT-06-08] MULTI SECURITY VULNERABILITIES IN MVNFORUM (Wed Dec 03 2008 - 07:02:19 CST)
th3.r00k.ieatporkgmail.pork.com
- Multiple XSRF in DD-WRT (Remote Root Command Execution) (Mon Dec 08 2008 - 15:35:28 CST)
- XSS in PHPepperShop v 1.4 (Sun Dec 07 2008 - 21:48:39 CST)
- Two XSS Flaws in PrestaShop 1.1.0.3 (Sun Dec 07 2008 - 21:32:37 CST)
the.dumencigmail.com
- php-nuke 8.0 module sections artid blind sql inj vuln. (Tue Dec 30 2008 - 08:31:59 CST)
Thijs Kinkhorst
- [SECURITY] [DSA 1693-1] New phppgadmin packages fix several vulnerabilities (Sat Dec 27 2008 - 05:54:26 CST)
- [SECURITY] [DSA 1691-1] New moodle packages fix several vulnerabilities (Mon Dec 22 2008 - 02:27:17 CST)
- [SECURITY] [DSA 1682-1] New squirrelmail packages fix cross site scripting (Sun Dec 07 2008 - 10:22:55 CST)
- [SECURITY] [DSA 1675-1] New phpmyadmin packages fix cross site scripting (Sun Nov 30 2008 - 06:53:28 CST)
Tobias Heinlein
- [ GLSA 200812-24 ] VLC: Multiple vulnerabilities (Tue Dec 23 2008 - 18:35:03 CST)
- [ GLSA 200812-17 ] Ruby: Multiple vulnerabilities (Tue Dec 16 2008 - 14:37:02 CST)
- [ GLSA 200812-16 ] Dovecot: Multiple vulnerabilities (Mon Dec 15 2008 - 07:45:23 CST)
- [ GLSA 200812-14 ] aview: Insecure temporary file usage (Sat Dec 13 2008 - 18:38:30 CST)
- [ GLSA 200812-12 ] Honeyd: Insecure temporary file creation (Fri Dec 12 2008 - 14:50:27 CST)
Tobias Klein
- [TKADV2008-015] Sun Solaris SIOCGTUNPARAM IOCTL Kernel NULL pointer dereference (Thu Dec 18 2008 - 05:22:26 CST)
- [TKADV2008-014] MPlayer TwinVQ Processing Stack Buffer Overflow Vulnerability (Sun Dec 14 2008 - 10:32:40 CST)
- [TKADV2008-013] VLC media player RealMedia Processing Integer Overflow Vulnerability (Sun Nov 30 2008 - 08:54:47 CST)
Ubuntu Privacy Remix Team
- [UPRSN] Ubuntu Privacy Remix 8.04r2 introduces "noexec"-mounting by default (Mon Dec 22 2008 - 03:55:49 CST)
- [UPRSN] Ubuntu Privacy Remix 8.04r1 fixes security issues (Thu Dec 04 2008 - 08:46:55 CST)
uCon Security Conference
- CFP uCon Security Conference 2009 - Recife, Brazil (Tue Dec 30 2008 - 21:21:01 CST)
v8ihotmail.com
- apache 1.x <=> 2.x suphp (suPHP_ConfigPath) bypass safe mode exploit‎ (Tue Dec 30 2008 - 12:31:05 CST)
Vladimir '3APA3A' Dubrovin
- Re[2]: Multiple XSRF in DD-WRT (Remote Root Command Execution) (Thu Dec 11 2008 - 03:55:26 CST)
- Re: DoS attacks on MIME-capable software via complex MIME emails (Tue Dec 09 2008 - 10:53:27 CST)
VMware Security team
- VMSA-2008-0019 VMware Hosted products and patches for ESX and ESXi resolve a critical security issue and update bzip2 (Tue Dec 02 2008 - 23:24:01 CST)
VSR Advisories
- CVE-2008-2086: Java Web Start File Inclusion via System Properties Override (Wed Dec 03 2008 - 22:13:54 CST)
VulnerabilityAlertddifrontline.com
- RE: DDIVRT-DDIVRT-2008-15 iPhone Configuration Web Utility 1.0 for Windows Directory Traversal (Fri Dec 05 2008 - 10:17:59 CST)
VulnerabilityResearchddifrontline.com
- DDIVRT-2008-16 Citrix Broadcast Server 6.0 login.asp SQL Injection --- Update for BID 32832 (Tue Dec 23 2008 - 09:01:32 CST)
Williams, James K
- CA ARCserve Backup LDBserver Vulnerability (Wed Dec 10 2008 - 15:04:37 CST)
writ3r-dont-want-bugtraq-spam-gmail.com
- CoolPlayer 2.19 (Skin File) Local Buffer Overflow Exploit (Mon Dec 22 2008 - 01:39:55 CST)
- FreeSSHd Multiple Remote Stack Overflow Vulnerabilities (Mon Dec 22 2008 - 01:42:59 CST)
xhakerman2006yahoo.com
- Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass -Update- (Tue Dec 09 2008 - 10:34:48 CST)
- RadAsm <=2.2.1.5 Local Command Execution (Sun Dec 07 2008 - 23:54:45 CST)
- Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass (Mon Dec 08 2008 - 00:26:16 CST)
XiaShinggmail.com
- ViArt Shopping Cart v3.5 Multiple Remote Vulnerabilities (Sun Dec 28 2008 - 23:58:07 CST)
xl4nothinggmail.com
- Personal Sticky Threads v1.0.3c vbulletin Add-on problem (Tue Dec 23 2008 - 12:52:12 CST)
yangdnnipc.org.cn
- Nokia N70/N73 Bluetooth Stack OBEX Implementation Denial of Service (Thu Dec 11 2008 - 21:12:13 CST)
zdi-disclosures3com.com
- ZDI-08-088: Oracle E-Business Suite Business Intelligence SQL Injection Vulnerability (Tue Dec 16 2008 - 13:14:14 CST)
- ZDI-08-087: Microsoft Internet Explorer Webdav Request Parsing Heap Corruption Vulnerability (Tue Dec 09 2008 - 15:10:54 CST)
- ZDI-08-086: Microsoft Office Word Document Table Property Stack Overflow Vulnerability (Tue Dec 09 2008 - 15:10:15 CST)
- ZDI-08-085: Microsoft Office RTF Drawing Object Heap Overflow Vulnerability (Tue Dec 09 2008 - 15:09:35 CST)
- ZDI-08-084: Microsoft Office RTF Consecutive Drawing Object Parsing Heap Corruption Vulnerability (Tue Dec 09 2008 - 15:08:20 CST)
- ZDI-08-083: Microsoft Animation ActiveX Control Malformed AVI Parsing Code Execution Vulnerability (Tue Dec 09 2008 - 15:07:25 CST)
- ZDI-08-082: BMC PatrolAgent Version Logging Format String Vulnerability (Mon Dec 08 2008 - 13:38:32 CST)
- ZDI-08-081: Sun Java Web Start and Applet Multiple Sandbox Bypass Vulnerabilities (Thu Dec 04 2008 - 18:19:04 CST)
- ZDI-08-080: Sun Java AWT Library Sandbox Violation Vulnerability (Thu Dec 04 2008 - 18:18:45 CST)
- ZDI-08-079: Trillian AIM Plugin Malformed XML Tag Heap Overflow Vulnerability (Thu Dec 04 2008 - 18:18:26 CST)
- ZDI-08-078: Trillian IMG SRC ID Memory Corruption Vulnerability (Thu Dec 04 2008 - 18:18:08 CST)
- ZDI-08-077: Trillian AIM IMG Tag Parsing Stack Overflow Vulnerability (Thu Dec 04 2008 - 18:17:48 CST)
zimpelt-online.de
- Re: Re: Re: Wrong report: BID 32287, Pi3Web ISAPI DoS vulnerability (Wed Dec 03 2008 - 01:48:44 CST)
- Re: Re: Wrong report: BID 32287, Pi3Web ISAPI DoS vulnerability (Mon Dec 01 2008 - 02:43:27 CST)

Last message date: Wed Dec 31 2008 - 10:13:54 CST
Archived on: Wed Dec 31 2008 - 10:13:54 CST

273 messages sorted by: [ date ] [ thread ] [ subject ]