NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 2009-01

298 messages sorted by: [ date ] [ thread ] [ subject ]

Starting: Wed Dec 31 2008 - 16:38:50 CST
Ending: Fri Jan 30 2009 - 14:45:19 CST

abd.cd
- Re: php 4.x php5.2.x all "show_source()" ,"highlight_file()" bypass‏ (Mon Jan 05 2009 - 10:14:23 CST)
ACROS Security
- ACROS Security: HTML Injection in BEA (Oracle) WebLogic Server Console (ASPR #2009-01-27-1) (Tue Jan 27 2009 - 05:48:58 CST)
Adam Laurie
- ANNOUNCE - RFIDIOt 0.1w released - January 2009 (Fri Jan 30 2009 - 07:32:40 CST)
- ANNOUNCE: apache_1.3.41+ssl_1.60 released (Thu Jan 15 2009 - 06:56:14 CST)
- ANNOUNCE: RFIDIOt ver 01.v released - Jan 2009 (Mon Jan 05 2009 - 08:53:49 CST)
Aditya K Sood
- Advisory: Google Chrome 1.0.154.43 ClickJacking Vulnerability. (Wed Jan 28 2009 - 13:54:52 CST)
- Advisory: Oracle EBusiness Suite Sensitive Information Disclosure Vulnerability (Sun Jan 18 2009 - 07:42:59 CST)
- Google Chrome FTP PASV IP Malicious Port Scanning Vulnerability. (Sun Jan 04 2009 - 10:30:24 CST)
adminbugreport.ir
- NewsCMSlite Insecure Cookie Handling (Tue Jan 27 2009 - 01:00:53 CST)
- phpList <= 2.10.8 Local File inclusion (Wed Jan 14 2009 - 02:50:17 CST)
adminelites0ft.com
- OpenX 2.6.3 - Local File Inclusion (Mon Jan 26 2009 - 18:20:48 CST)
ajannhwthotmail.com
- Comersus Shopping Cart <= v6 Remote User Pass Exploit (Mon Jan 12 2009 - 06:47:41 CST)
alberto.morenotgmail.com
- Microsoft Bluetooth Stack OBEX Directory Traversal (Mon Jan 19 2009 - 17:23:12 CST)
Alexandr Polyakov
- Oracle CPU Jan 2009 Advisories. (Wed Jan 14 2009 - 04:45:07 CST)
alphanix00gmail.com
- dBpowerAMP Audio Player v2 ( .pls file) LoCaL BufferOverFlow Exploit (Thu Jan 29 2009 - 10:29:25 CST)
- JetAudio Basic 7.0.3 BufferOverFlow PoC (Tue Jan 27 2009 - 00:21:33 CST)
- EleCard MPEG PLAYER (.m3u file) Local Stack Overflow Exploit (Sun Jan 25 2009 - 08:14:21 CST)
- Browse3d (.sfs file) Local Stack Overflow Exploit (Sun Jan 25 2009 - 08:15:18 CST)
- Nokia Multimedia Player (.AVI File) Null Dereference Pointer Exploit (Sun Jan 25 2009 - 08:15:55 CST)
- MediaMonkey 3.0.6 (.m3u file) Local Buffer Overflow PoC (Sun Jan 25 2009 - 08:14:49 CST)
- Sagem router f<img src="/imgs/at.gif" border=0 align=middle>st 2404 remote reset poc (Fri Jan 16 2009 - 15:02:56 CST)
- Excel Viewer OCX 3.1/3.2 Denial of Service PoC (Fri Jan 16 2009 - 15:01:17 CST)
- VUPLAYER BufferOver flow POC (Tue Jan 06 2009 - 14:08:59 CST)
Amon Ott
- Announce: RSBAC 1.4.0 released (Fri Jan 16 2009 - 02:56:20 CST)
Andrzej Targosz
- CONFidence 2009, Final CfP (Tue Jan 27 2009 - 16:45:55 CST)
arash.setayeshigmail.com
- LDF Sql injection vulnerability (Fri Jan 23 2009 - 21:19:31 CST)
- Lootan(kedor) Sql Injection vulnerability (Fri Jan 23 2009 - 21:12:08 CST)
- Oblog XSS valnerability (Fri Jan 23 2009 - 13:02:26 CST)
arashps0gmail.com
- BBSxp Xss vulnerability (Fri Jan 23 2009 - 09:08:23 CST)
Asterisk Security Team
- AST-2009-001: Information leak in IAX2 authentication (Thu Jan 08 2009 - 13:28:57 CST)
b4DchiLdmsn.Com
- PollPro 3.0 XSRF VuLn. (Sat Jan 03 2009 - 16:02:59 CST)
Brian Dowling
- WowWee Rovio - Insufficient Access Controls - Covert Audio/Video Snooping Possible (Wed Jan 14 2009 - 02:41:59 CST)
Chris Evans
- Problems with syscall filtering technologies on Linux (Fri Jan 23 2009 - 15:42:03 CST)
Christopher Kruegel
- CfP: 16th ACM Conference on Computer and Communications Security (CCS) 2009 (Tue Jan 20 2009 - 20:07:04 CST)
Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco Unified Communications Manager CAPF Denial of Service Vulnerability` (Wed Jan 21 2009 - 10:15:00 CST)
- Cisco Security Advisory: Cisco Security Manager Vulnerability (Wed Jan 21 2009 - 10:00:00 CST)
- Cisco Security Advisory: IronPort Encryption Appliance / PostX and PXE Encryption Vulnerabilities (Wed Jan 14 2009 - 11:15:00 CST)
- Cisco Security Response: Cisco IOS Cross-Site Scripting Vulnerabilities (Wed Jan 14 2009 - 10:00:00 CST)
- Cisco Security Advisory: Cisco ONS Platform Crafted Packet Vulnerability (Wed Jan 14 2009 - 10:00:00 CST)
- Cisco Security Advisory: Cisco Global Site Selector Appliances DNS Vulnerability (Wed Jan 07 2009 - 10:00:00 CST)
come2waraxeyahoo.com
- Re: Re: Google Chrome Browser (ChromeHTML://) remote parameter injection POC (Fri Jan 30 2009 - 11:58:54 CST)
- [waraxe-2009-SA#070] - Multiple Vulnerabilities in MKPortal <= 1.2.1 (Thu Jan 15 2009 - 12:43:55 CST)
Core Security Technologies Advisories
- CORE-2008-1211: Amaya web editor XML and HTML parser vulnerabilities (Wed Jan 28 2009 - 12:24:41 CST)
- CORE-2008-1128: Openfire multiple vulnerabilities (Thu Jan 08 2009 - 11:34:11 CST)
crimson.loydgmail.com
- OTSTurntables 1.00.027 (.ofl) Local Stack Overflow Exploit (Wed Jan 14 2009 - 11:14:39 CST)
- Destiny Media Player 1.61 (.lst File) Local Stack Overflow Exploit (Sun Jan 04 2009 - 06:57:33 CST)
dan.crowleygmail.com
- Re: Oblog XSS valnerability (Sat Jan 24 2009 - 13:57:22 CST)
Dave English
- Re: DoS attacks on MIME-capable software via complex MIME emails (Tue Jan 27 2009 - 09:22:25 CST)
David Litchfield
- Trigger Abuse of MDSYS.SDO_TOPO_DROP_FTBL in Oracle 10g R1 and R2 (Tue Jan 13 2009 - 17:52:02 CST)
Devin Carraway
- [SECURITY] [DSA 1715-1] New moin packages fix insufficient input sanitising (Thu Jan 29 2009 - 01:14:15 CST)
Digital Security Research Group
- Digital Security opens a site of its research center DSec Research Group (Wed Jan 21 2009 - 11:53:11 CST)
- [DSECRG-09-004] AXIS 70U Network Document Server - Privilege Escalation and XSS (Wed Jan 21 2009 - 09:38:47 CST)
DoZHackersCenter.com
- Oracle Application Server 10g Cross Site Scripting Vulnerability (Thu Jan 29 2009 - 07:57:02 CST)
- Oracle Forms Cross site Scripting in (iFcgi60.exe / f60servlet) (Thu Jan 29 2009 - 08:12:07 CST)
Eduardo Vela
- Oracle Containers For Java Directory Traversal (OC4J) Oracle Application Server 10g (10.1.3.1.0) Oracle HTTP Server (Mon Jan 19 2009 - 22:56:32 CST)
Ehsan_Hp200Hotmail.com
- SolucionWeb (main.php?id_area) Remote SQL injection Vulnerability (Sun Jan 04 2009 - 14:17:21 CST)
erikpsafe.nl
- [IBM Datapower XS40] Denial of Service (Thu Jan 08 2009 - 04:14:51 CST)
Eugene Teo
- Re: Linux Kernel 2.6.18/2.6.24/2.6.20/2.6.22/2.6.21 denial of service exploit (Sat Jan 03 2009 - 19:12:21 CST)
ew1zzhotmail.com
- PHP Buffer Overflow(popen) (Mon Jan 12 2009 - 07:36:37 CST)
fakeperson7
- PDFBuilderX 2.2 Arbitrary File Overwrite (Tue Jan 13 2009 - 05:41:43 CST)
faze0raim.com
- Re: php 4.x php5.2.x all "show_source()" ,"highlight_file()" bypass‏ (Mon Jan 05 2009 - 12:32:22 CST)
Fernando Gont
- [Suspected Spam]"Security Assessment of the Internet Protocol" & the IETF (Mon Jan 05 2009 - 19:43:03 CST)
Florian Weimer
- [SECURITY] [DSA 1708-1] New Git packages fix remote code execution (Mon Jan 19 2009 - 14:53:42 CST)
- [SECURITY] [DSA 1703-1] New bind9 packages fix cryptographic weakness (Mon Jan 12 2009 - 15:27:18 CST)
- [SECURITY] [DSA 1702-1] New ntp packages fix cryptographic weakness (Mon Jan 12 2009 - 14:34:15 CST)
- [SECURITY] [DSA 1701-1] New OpenSSL packages fix cryptographic weakness (Mon Jan 12 2009 - 14:03:29 CST)
- [SECURITY] [DSA 1699-1] New zaptel packages fix privilege escalation (Sun Jan 11 2009 - 06:01:27 CST)
- [SECURITY] [DSA 1694-2] New xterm packages fix regression (Tue Jan 06 2009 - 05:40:11 CST)
- [SECURITY] [DSA 1695-1] New Ruby packages fix denial of service (Fri Jan 02 2009 - 15:47:08 CST)
- [SECURITY] [DSA 1694-1] New xterm packages fix remote code execution (Fri Jan 02 2009 - 13:07:44 CST)
FreeBSD Security Advisories
- FreeBSD Security Advisory FreeBSD-SA-09:04.bind (Tue Jan 13 2009 - 16:33:56 CST)
- FreeBSD Security Advisory FreeBSD-SA-09:01.lukemftpd (Wed Jan 07 2009 - 15:36:19 CST)
- FreeBSD Security Advisory FreeBSD-SA-09:02.openssl (Wed Jan 07 2009 - 15:37:17 CST)
Heart
- 53KF Web IM 2009 Cross-Site Scripting Vulnerabilities (Sun Jan 18 2009 - 21:26:25 CST)
i9photmail.fr
- Linux Kernel 2.6.18/2.6.24/2.6.20/2.6.22/2.6.21 denial of service exploit (Thu Jan 01 2009 - 10:15:17 CST)
iDefense Labs
- iDefense Security Advisory 01.13.09: Oracle Secure Backup Administration Server login.php Command Injection Vulnerability (Tue Jan 13 2009 - 17:36:10 CST)
- iDefense Security Advisory 01.13.09: Oracle Secure Backup Administration Server login.php Command Injection Vulnerability (Tue Jan 13 2009 - 17:05:39 CST)
- iDefense Security Advisory 01.13.09: Oracle Database 10g R2 Summary Advisor Arbitrary File Rewrite Vulnerability (Tue Jan 13 2009 - 16:36:18 CST)
- iDefense Security Advisory 01.13.09: RIM BlackBerry Enterprise Server Attachment Service PDF Distiller Uninitialized Memory Vulnerability (Tue Jan 13 2009 - 15:34:46 CST)
- iDefense Security Advisory 01.13.09: RIM BlackBerry Enterprise Server Attachment Service PDF Distiller 'bitmaps' Heap Overflow Vulnerability (Tue Jan 13 2009 - 15:00:35 CST)
- iDefense Security Advisory 01.13.09: RIM BlackBerry Enterprise Server Attachment Service PDF Distiller 'symWidths' Heap Overflow Vulnerability (Tue Jan 13 2009 - 13:53:17 CST)
Integrigy Alerts
- RE: Oracle Database Buffer Overflow in SYS.KUPF$FILE_INT.GET_FULL_FILENAME (Oracle CPU April 2008 DB11) (Mon Jan 12 2009 - 10:29:04 CST)
irancrashgmail.com
- PHP-Fusion Mod vArcade 1.8 Sql Injection Vulnerability (Thu Jan 08 2009 - 08:19:08 CST)
Jamie Strandboge
- [USN-716-1] MoinMoin vulnerabilities (Thu Jan 29 2009 - 22:29:57 CST)
- [USN-709-1] tar vulnerability (Thu Jan 15 2009 - 15:55:53 CST)
- [USN-706-1] Bind vulnerability (Thu Jan 08 2009 - 18:21:18 CST)
- [USN-705-1] NTP vulnerability (Thu Jan 08 2009 - 12:39:57 CST)
- [USN-704-1] OpenSSL vulnerability (Wed Jan 07 2009 - 16:24:22 CST)
- [USN-701-2] Thunderbird vulnerabilities (Tue Jan 06 2009 - 17:33:14 CST)
- [USN-701-1] Thunderbird vulnerabilities (Tue Jan 06 2009 - 17:25:58 CST)
Jerome Athias
- Re: [Suspected Spam]"Security Assessment of the Internet Protocol" & the IETF (Wed Jan 07 2009 - 16:21:08 CST)
- MSFXDC Metasploit eXploits Development Contest (Sun Jan 04 2009 - 09:53:29 CST)
jorisinfogroep.be
- Re: Linux Kernel 2.6.18/2.6.24/2.6.20/2.6.22/2.6.21 denial of service exploit (Sat Jan 03 2009 - 09:37:50 CST)
joseph.giron13gmail.com
- Visuplay CMS SQL injection vulnerability (Mon Jan 12 2009 - 05:03:05 CST)
Joxean Koret
- Oracle TimesTen Remote Format String (Wed Jan 14 2009 - 14:53:05 CST)
- Oracle Secure Backup 10g Remote Code Execution (Wed Jan 14 2009 - 14:51:47 CST)
- Re: Team SHATTER Security Advisory: Oracle Database Buffer Overflow in SYS.KUPF$FILE_INT.GET_FULL_FILENAME (DB11) (Sat Jan 10 2009 - 12:26:32 CST)
jplopezygmail.com
- Re: Internet explorer 7.0 stack overflow (Thu Jan 29 2009 - 09:31:05 CST)
- Internet explorer 7.0 stack overflow (Tue Jan 27 2009 - 18:31:09 CST)
Juha-Matti Laurio
- Re: [Full-disclosure] ZDI-09-007: Apple QuickTime Cinepak Codec MDAT Heap Corruption Vulnerability (Sat Jan 24 2009 - 05:42:50 CST)
Jukka Zitting
- [ANNOUNCE] Apache Jackrabbit 1.5.2 released (Tue Jan 20 2009 - 07:20:51 CST)
Kees Cook
- [USN-715-1] Linux kernel vulnerabilities (Thu Jan 29 2009 - 20:21:49 CST)
- [USN-713-1] openjdk-6 vulnerabilities (Tue Jan 27 2009 - 16:37:30 CST)
- [USN-700-2] Perl regression (Thu Jan 15 2009 - 16:49:03 CST)
- [USN-703-1] xterm vulnerability (Mon Jan 05 2009 - 19:23:08 CST)
kgconferencegmail.com
- Call for Papers: Cyber Warfare (Wed Jan 14 2009 - 02:08:57 CST)
l1unhotmail.com
- php 4.x php5.2.x all "show_source()" ,"highlight_file()" bypass‏ (Sun Jan 04 2009 - 13:39:08 CST)
Laurent Butti
- Cisco Unified IP Phone 7960G and 7940G (SIP) RTP Header Vulnerability (Wed Jan 14 2009 - 06:29:32 CST)
LayerOne Call For Papers
- LayerOne 2009 Call for Papers (Thu Jan 08 2009 - 12:46:39 CST)
m.rajeshpawargmail.com
- Re: XSS vulnerabilty in ASP.Net [with details] (Thu Jan 29 2009 - 15:49:18 CST)
mad-vaittesida.ing.tu-bs.de
- Leak of SNMP write password via SNMP read community in NETGEAR WG102 - Prosafe 802.11g Access Point (Fri Jan 09 2009 - 02:56:26 CST)
Major Malfunction
- ANNOUNCE: DEFCON London - DC4420 - January meet - Thursday 15th Jan 2009 (Tue Jan 13 2009 - 12:21:49 CST)
Marc Deslauriers
- [USN-712-1] Vim vulnerabilities (Tue Jan 27 2009 - 06:53:00 CST)
- [USN-711-1] KTorrent vulnerabilities (Mon Jan 26 2009 - 14:40:58 CST)
- [USN-710-1] xine-lib vulnerabilities (Mon Jan 26 2009 - 14:40:28 CST)
- [USN-708-1] HPLIP vulnerability (Tue Jan 13 2009 - 14:50:26 CST)
- [USN-707-1] CUPS vulnerabilities (Mon Jan 12 2009 - 09:42:36 CST)
- [USN-702-1] Samba vulnerability (Mon Jan 05 2009 - 14:16:46 CST)
Mark Thomas
- Re: [Full-disclosure] Oracle Containers For Java Directory Traversal (OC4J) Oracle Application Server 10g (10.1.3.1.0) Oracle HTTP Server (Wed Jan 21 2009 - 15:08:29 CST)
maroc-anti-connexionhotmail.com
- Total video player 1.3.7 local buffer overflow universal exploit (Tue Jan 27 2009 - 09:02:39 CST)
- Browser3D 3.5 (.sfs File) Local Stack Overflow Exploit (c) (Fri Jan 23 2009 - 18:57:03 CST)
- VUPlayer 2.49 .ASX local universal BOF exploit (Thu Jan 22 2009 - 07:41:54 CST)
Martin Suess
- SAP NetWeaver XSS Vulnerability (Tue Jan 27 2009 - 02:57:08 CST)
Matteo Beccati
- [OPENX-SA-2009-001] OpenX 2.4.10 and 2.6.4 fix multiple vulnerabilities (Fri Jan 30 2009 - 03:27:20 CST)
Matteo Ignaccolo
- Plunet BusinessManager failure in access controls and multiple stored cross site scripting (Wed Jan 07 2009 - 11:58:40 CST)
- Plunet BusinessManager failure in access controls and multiple stored cross site scripting (Wed Jan 07 2009 - 09:30:18 CST)
Memisyazici, Aras
- A tool to identify the MD5 certs on FF (Thu Jan 01 2009 - 17:19:01 CST)
Michal Zalewski
- Re: Advisory: Google Chrome 1.0.154.43 ClickJacking Vulnerability. (Wed Jan 28 2009 - 17:40:40 CST)
Mobile Security Lab
- SonyEricsson WAP Push Denial of Service (Mon Jan 26 2009 - 04:16:37 CST)
Moritz Muehlenhoff
- [SECURITY] [DSA 1714-1] New rt2570 packages fix arbitrary code execution (Wed Jan 28 2009 - 15:55:19 CST)
- [SECURITY] [DSA 1713-1] New rt2500 packages fix arbitrary code execution (Wed Jan 28 2009 - 15:51:07 CST)
- [SECURITY] [DSA 1712-1] New rt2400 packages fix arbitrary code execution (Wed Jan 28 2009 - 15:45:32 CST)
- [SECURITY] [DSA 1706-1] New amarok packages fix arbitrary code execution (Thu Jan 15 2009 - 15:42:14 CST)
- [SECURITY] [DSA 1700-1] New lasso packages fix validation bypass (Sun Jan 11 2009 - 15:48:23 CST)
ms5otehotmail.fr
- Re: apache 1.x <=> 2.x suphp (suPHP_ConfigPath) bypass safe mode exploit‎ (Wed Dec 31 2008 - 16:38:50 CST)
Nam Nguyen
- [BMSA-2009-01] Authentication bypass in Interspire Shopping Cart v4.0.1 and below (Mon Jan 12 2009 - 08:57:42 CST)
Nico Golde
- [SECURITY] [DSA 1704-2] Updated netatalk packages fix denial of service (Thu Jan 29 2009 - 15:53:18 CST)
- [SECURITY] [DSA 1711-1] New TYPO3 packages fix remote code execution (Mon Jan 26 2009 - 14:54:10 CST)
- [SECURITY] [DSA 1705-1] New netatalk packages fix arbitrary code execution (Thu Jan 15 2009 - 15:00:47 CST)
noreply-secresearchfortinet.com
- Oracle Secure Backup NDMP_CONECT_CLIENT_AUTH Command Buffer Overflow Vulnerability (Thu Jan 15 2009 - 03:26:45 CST)
- Oracle Secure Backup's observiced.exe Denial Of Service vulnerability (Thu Jan 15 2009 - 03:25:58 CST)
- Oracle Secure Backup Multiple Denial Of Service vulnerabilities (Thu Jan 15 2009 - 03:24:48 CST)
Ofer Shezaf
- Web Hacking Incidents update for Jan 28th (Wed Jan 28 2009 - 04:26:39 CST)
- Web Hacking Incidents update for Jan 19th (Mon Jan 19 2009 - 06:41:54 CST)
- New WHID web hacking incidents (Tue Jan 06 2009 - 07:55:05 CST)
officehackattack.at
- [HACKATTACK Advisory 25012009]ConPresso CMS 4.07 - Session Fixation, XFS, XSS (Sun Jan 25 2009 - 02:51:00 CST)
Oliver Goebel
- [IMF 2009] Call for Papers (Wed Jan 21 2009 - 15:21:24 CST)
organisersyscan.org
- SyScan'09 Call For Paper - Shanghai, Hong Kong, Singapore, Taipei (Mon Jan 12 2009 - 04:04:38 CST)
Patrice CLEMENTE
- CFP: COLSEC 2009 (Wed Jan 07 2009 - 10:11:26 CST)
Paul Oxman (poxman)
- RE: DoS code for Cisco VLAN Trunking Protocol Vulnerability (Tue Jan 13 2009 - 21:50:38 CST)
Paul Szabo
- /bin/login DoS remains after DSA-1709 (Fri Jan 23 2009 - 23:06:29 CST)
Perforin
- PerlSoft Guestbook v1.7b Bruteforcer + RCE! (Thu Jan 29 2009 - 11:18:12 CST)
Pete Herzog
- Top 5-ish Threats to Watch for in 2009 (Sat Jan 03 2009 - 13:17:17 CST)
Pierre-Yves Rofes
- [ GLSA 200901-15 ] Net-SNMP: Denial of Service (Wed Jan 21 2009 - 16:31:59 CST)
- [ GLSA 200901-14 ] Scilab: Insecure temporary file usage (Wed Jan 21 2009 - 16:20:53 CST)
- [ GLSA 200901-13 ] Pidgin: Multiple vulnerabilities (Tue Jan 20 2009 - 16:01:50 CST)
- [ GLSA 200901-12 ] noip-updater: Execution of arbitrary code (Sun Jan 18 2009 - 16:18:54 CST)
- [ GLSA 200901-11 ] Avahi: Denial of Service (Wed Jan 14 2009 - 17:05:35 CST)
- [ GLSA 200901-10 ] GnuTLS: Certificate validation error (Wed Jan 14 2009 - 16:49:12 CST)
- [ GLSA 200901-08 ] Online-Bookmarks: Multiple vulnerabilities (Mon Jan 12 2009 - 16:31:51 CST)
- [ GLSA 200901-06 ] Tremulous: User-assisted execution of arbitrary code (Sun Jan 11 2009 - 12:41:56 CST)
- [ GLSA 200901-05 ] Streamripper: Multiple vulnerabilities (Sun Jan 11 2009 - 08:10:28 CST)
pouya.s3rvergmail.com
- Active Bids (Fri Jan 16 2009 - 03:34:41 CST)
- DMXReady Blog Manager (SQL/XSS) (Fri Jan 16 2009 - 03:33:38 CST)
Praburaajan
- Videos from HITBSecConf2008 - Malaysia released! (Tue Jan 20 2009 - 16:13:16 CST)
ProCheckUp Research
- PR08-23: XSS on Novell GroupWise WebAccess (Fri Jan 30 2009 - 05:24:42 CST)
- PR08-21: Cross-site Request Forgery (CSRF) on Novell GroupWise WebAccess allows email theft and other attacks (Fri Jan 30 2009 - 05:14:12 CST)
- PR08-22: Persistent XSS on Novell GroupWise WebAccess (Fri Jan 30 2009 - 05:20:41 CST)
- PR08-19: XSS on Cisco IOS HTTP Server (Wed Jan 14 2009 - 05:37:06 CST)
r3d.w0rmyahoo.com
- Bugs Online v2.14 Sql Injection (Fri Jan 30 2009 - 04:15:47 CST)
- PHP-Nuke 8.0 Downloads Blind Sql Injection (Fri Jan 23 2009 - 04:45:34 CST)
- Asp-project Cookie Handling (Thu Jan 22 2009 - 07:25:08 CST)
- PHP-Fusion Mod E-Cart Sql Injection (Wed Jan 07 2009 - 05:53:43 CST)
- PHP-Fusion Mod Members Bewerb Sql Injection (Wed Jan 07 2009 - 05:49:55 CST)
riklaunimgmail.com
- Re: FUD Forum < 2.7.1 PHP code injection vurnelability (Mon Jan 26 2009 - 22:42:45 CST)
Robert Buchholz
- [ GLSA 200901-09 ] Adobe Reader: User-assisted execution of arbitrary code (Tue Jan 13 2009 - 06:18:41 CST)
- [ GLSA 200901-04 ] D-Bus: Denial of Service (Sat Jan 10 2009 - 18:42:12 CST)
- [ GLSA 200901-03 ] pdnsd: Denial of Service and cache poisoning (Sat Jan 10 2009 - 18:41:31 CST)
- [ GLSA 200901-02 ] JHead: Multiple vulnerabilities (Sat Jan 10 2009 - 18:40:01 CST)
- [ GLSA 200901-01 ] NDISwrapper: Arbitrary remote code execution (Sat Jan 10 2009 - 18:38:26 CST)
rPath Update Announcements
- rPSA-2009-0021-1 sudo (Thu Jan 29 2009 - 13:29:29 CST)
- rPSA-2009-0014-1 hplip (Tue Jan 20 2009 - 14:37:53 CST)
- rPSA-2009-0008-1 openssl (Tue Jan 20 2009 - 14:31:22 CST)
- rPSA-2009-0010-1 ntp ntp-utils (Tue Jan 20 2009 - 14:33:11 CST)
- rPSA-2009-0011-1 perl (Tue Jan 20 2009 - 14:34:07 CST)
- rPSA-2009-0009-1 bind bind-utils (Tue Jan 20 2009 - 14:32:23 CST)
- rPSA-2009-0007-1 pam_krb5 (Tue Jan 13 2009 - 12:46:43 CST)
- rPSA-2009-0005-1 git gitweb (Tue Jan 13 2009 - 12:44:47 CST)
- rPSA-2009-0006-1 samba samba-client samba-server samba-swat (Tue Jan 13 2009 - 13:13:30 CST)
Russell L. Smoak
- Re: Remote Cisco IOS FTP exploit (Tue Jan 20 2009 - 08:08:06 CST)
Salvatore \
- Max.Blog <= 1.0.6 (offline_auth.php) Offline Authentication Bypass (Tue Jan 27 2009 - 15:13:59 CST)
- Max.Blog <= 1.0.6 (submit_post.php) SQL Injection Vulnerability (Tue Jan 27 2009 - 14:47:56 CST)
- Max.Blog <= 1.0.6 (show_post.php) SQL Injection Vulnerability (Tue Jan 27 2009 - 09:27:06 CST)
Sam Johnston
- CVE-2008-4990 Enomaly ECP/Enomalism: Insecure temporary file creation vulnerabilities (Fri Jan 30 2009 - 07:57:09 CST)
scott.switzeropenx.org
- Re: Secunia Research: OpenX Multiple Vulnerabilities (Wed Jan 28 2009 - 17:34:50 CST)
Secunia Research
- Secunia Research: OpenX Multiple Vulnerabilities (Tue Jan 27 2009 - 09:13:19 CST)
- Secunia Research: AXIS Camera Control "image_pan_tilt" Property Buffer Overflow (Fri Jan 23 2009 - 02:59:20 CST)
- Secunia Research: OpenSG Radiance RGBE Buffer Overflow Vulnerability (Tue Jan 20 2009 - 09:42:20 CST)
- Secunia Research: Trend Micro Network Security Component Vulnerabilities (Tue Jan 20 2009 - 08:06:41 CST)
- Secunia Research: EasyHDR Pro Radiance RGBE Buffer Overflow (Tue Jan 20 2009 - 09:37:45 CST)
- Secunia Research: DevIL "iGetHdrHeader()" Buffer Overflow Vulnerabilities (Tue Jan 13 2009 - 03:22:32 CST)
- Secunia Research: TSC2 Help Desk CTab ActiveX Control Buffer Overflow (Wed Jan 07 2009 - 06:52:47 CST)
- Secunia Research: HP OpenView Network Node Manager Multiple Vulnerabilities (Wed Jan 07 2009 - 05:43:23 CST)
security curmudgeon
- Re: ZDI-09-007: Apple QuickTime Cinepak Codec MDAT Heap Corruption Vulnerability (Sat Jan 24 2009 - 04:36:13 CST)
- Re: munky-bliki lfi (Sun Jan 25 2009 - 04:27:09 CST)
- Re: Remote Cisco IOS FTP exploit (Tue Jan 20 2009 - 04:33:26 CST)
- Re: iDefense Security Advisory 01.13.09: Oracle Secure Backup Administration Server login.php Command Injection Vulnerability (Thu Jan 15 2009 - 00:46:51 CST)
- Re: Assurent VR - Oracle BEA WebLogic Server Apache Connector Buffer Overflow (Wed Jan 14 2009 - 19:01:06 CST)
- Re: Team SHATTER Security Advisory: Oracle Database Buffer Overflow in SYS.KUPF$FILE_INT.GET_FULL_FILENAME (DB11) (Sat Jan 10 2009 - 05:11:41 CST)
security-alerthp.com
- [security bulletin] HPSBMP02404 SSRT090014 rev.1 - MPE/iX Running BIND/iX, Remote DNS Cache Poisoning (Thu Jan 29 2009 - 08:14:36 CST)
- [security bulletin] HPSBMA02403 SSRT090007 rev.1 - HP Select Access Running on HP-UX, Linux, Solaris, and Windows, Remote Cross Site Scripting (XSS) (Thu Jan 29 2009 - 08:03:10 CST)
- [security bulletin] HPSBMA02400 SSRT080144 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code (Tue Jan 20 2009 - 09:06:28 CST)
- [security bulletin] HPSBMA02392 SSRT071481 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Denial of Service (DoS) (Mon Jan 12 2009 - 12:17:50 CST)
securitymandriva.com
- [ MDVSA-2009:030 ] amarok (Tue Jan 27 2009 - 10:11:00 CST)
- [ MDVSA-2009:027 ] cups (Sat Jan 24 2009 - 12:45:00 CST)
- [ MDVSA-2009:026 ] phpMyAdmin (Fri Jan 23 2009 - 12:47:00 CST)
- [ MDVSA-2009:025 ] pidgin (Thu Jan 22 2009 - 19:02:00 CST)
- [ MDVSA-2009:021 ] php (Wed Jan 21 2009 - 17:03:00 CST)
- [ MDVSA-2009:023 ] php (Wed Jan 21 2009 - 18:03:00 CST)
- [ MDVSA-2009:022 ] php (Wed Jan 21 2009 - 17:34:00 CST)
- [ MDVSA-2009:020 ] xine-lib (Wed Jan 21 2009 - 16:37:00 CST)
- [ MDVSA-2009:024 ] php4 (Wed Jan 21 2009 - 19:21:00 CST)
- [ MDVSA-2009:019 ] imlib2 (Mon Jan 19 2009 - 13:26:00 CST)
- [ MDVSA-2009:018 ] tomcat5 (Sat Jan 17 2009 - 00:50:01 CST)
- [ MDVSA-2009:017 ] kdebase (Fri Jan 16 2009 - 15:04:00 CST)
- [ MDVSA-2009:016 ] xen (Fri Jan 16 2009 - 12:16:00 CST)
- [ MDVSA-2009:015 ] ffmpeg (Thu Jan 15 2009 - 22:53:00 CST)
- [ MDVSA-2009:014 ] mplayer (Thu Jan 15 2009 - 22:18:00 CST)
- [ MDVSA-2009:013 ] mplayer (Thu Jan 15 2009 - 21:47:00 CST)
- [ MDVSA-2009:012 ] mozilla-thunderbird (Thu Jan 15 2009 - 16:07:00 CST)
- [ MDVSA-2009:011 ] virtualbox (Wed Jan 14 2009 - 20:29:00 CST)
- [ MDVSA-2009:010 ] qemu (Wed Jan 14 2009 - 01:13:01 CST)
- [ MDVSA-2009:009 ] kvm (Tue Jan 13 2009 - 23:57:01 CST)
- [ MDVSA-2009:008 ] qemu (Tue Jan 13 2009 - 23:47:01 CST)
- [ MDVSA-2009:007 ] ntp (Tue Jan 13 2009 - 19:49:01 CST)
- [ MDVSA-2009:006 ] openoffice.org (Tue Jan 13 2009 - 10:53:01 CST)
- [ MDVSA-2009:005 ] xterm (Sun Jan 11 2009 - 21:27:00 CST)
- [ MDVSA-2009:002 ] bind (Sat Jan 10 2009 - 02:42:00 CST)
- [ MDVSA-2009:004 ] pam_mount (Fri Jan 09 2009 - 22:54:00 CST)
- [ MDVSA-2009:003 ] python (Fri Jan 09 2009 - 19:20:01 CST)
securitysoqor.net
- WB News v2.0.X Remote File include .. (Sat Jan 24 2009 - 21:13:47 CST)
- Cybershade CMS Remote File include vulnerability (Mon Jan 19 2009 - 21:42:01 CST)
Shakacon
- ShakaCon 2009 Call for Papers and Trainers (Fri Jan 09 2009 - 02:54:48 CST)
Shaochun Wang
- Re: Linux Kernel 2.6.18/2.6.24/2.6.20/2.6.22/2.6.21 denial of service exploit (Fri Jan 09 2009 - 02:52:08 CST)
showrun.leegmail.com
- DoS code for Cisco VLAN Trunking Protocol Vulnerability (Tue Jan 13 2009 - 23:07:03 CST)
Simon Richter
- Re: Leak of SNMP write password via SNMP read community in NETGEAR WG102 - Prosafe 802.11g Access Point (Fri Jan 09 2009 - 14:56:10 CST)
- Re: Leak of SNMP write password via SNMP read community in NETGEAR WG102 - Prosafe 802.11g Access Point (Fri Jan 09 2009 - 10:52:08 CST)
Slack Traq
- Re: php 4.x php5.2.x all "show_source()" ,"highlight_file()" bypass‏ (Tue Jan 06 2009 - 06:36:13 CST)
SmoKe
- Hack Aethra SV 1042 Adsl/Voip Router (Mon Jan 12 2009 - 05:30:15 CST)
sohrab_behroozianyahoo.com
- FBI XSS Vulnerability (Sat Jan 17 2009 - 02:06:40 CST)
springsecgmail.com
- Ralinktech wireless cards drivers vulnerability (Sun Jan 18 2009 - 05:12:03 CST)
Stefano Zanero
- Re: Plunet BusinessManager failure in access controls and multiple stored cross site scripting (Fri Jan 09 2009 - 04:09:34 CST)
- Call for papers and trainers - SeacureIT 2009 (Sun Jan 04 2009 - 16:12:05 CST)
Steffen Joeris
- [SECURITY] [DSA 1710-1] New ganglia-monitor-core packages fix remote code execution (Sun Jan 25 2009 - 14:26:55 CST)
- [SECURITY] [DSA 1707-1] New iceweasel packages fix several vulnerabilities (Thu Jan 15 2009 - 16:03:27 CST)
- [SECURITY] [DSA 1704-1] New xulrunner packages fix several vulnerabilities (Wed Jan 14 2009 - 14:28:56 CST)
- [SECURITY] [DSA 1697-1] New iceape packages fix several vulnerabilities (Wed Jan 07 2009 - 15:41:42 CST)
- [SECURITY] [DSA 1696-1] New icedove packages fix several vulnerabilities (Wed Jan 07 2009 - 15:32:09 CST)
Steve Shockley
- Re: Leak of SNMP write password via SNMP read community in NETGEAR WG102 - Prosafe 802.11g Access Point (Fri Jan 09 2009 - 14:25:44 CST)
storms0uthhotmail.com
- VUplayer (.wax file) local buffer overflow crash exploit (Fri Jan 23 2009 - 16:47:36 CST)
swhitesecurestate.com
- MoinMoin Wiki Engine XSS Vulnerability (Tue Jan 20 2009 - 10:25:32 CST)
terrordactylspamgmail.com
- Re: [IBM Datapower XS40] Denial of Service (Thu Jan 08 2009 - 12:22:00 CST)
thadeumgmail.com
- Benchmarking attacks and major security weakness on all recent Windows versions up to Windows 200 (Sat Jan 24 2009 - 05:32:11 CST)
Thierry Zoller
- [TZO-2009-2] Avira Antivir - Priviledge escalation (Thu Jan 15 2009 - 11:43:00 CST)
- Errata: [TZO-2009-1] Avira Antivir - RAR - Division by Zero & Null Pointer Dereference (Thu Jan 15 2009 - 09:13:07 CST)
- [TZO-2009-1] Avira Antivir - RAR - Division by Zero & Null Pointer Dereference (Wed Jan 14 2009 - 11:15:49 CST)
Thijs Kinkhorst
- [SECURITY] [DSA 1693-2] New phppgadmin packages fix regression (Wed Jan 21 2009 - 04:21:28 CST)
- [SECURITY] [DSA 1709-1] New shadow packages fix privilege escalation (Wed Jan 21 2009 - 04:03:41 CST)
- [SECURITY] [DSA 1698-1] New gforge packages fix SQL injection (Fri Jan 09 2009 - 02:02:46 CST)
Tobias Heinlein
- [ GLSA 200901-07 ] MPlayer: Multiple vulnerabilities (Mon Jan 12 2009 - 13:46:24 CST)
Tobias Klein
- [TKADV2009-004] FFmpeg Type Conversion Vulnerability (Wed Jan 28 2009 - 15:07:30 CST)
- [TKADV2009-003] GStreamer Heap Overflow and Array Index out of Bounds Vulnerabilities (Thu Jan 22 2009 - 15:19:30 CST)
- [TKADV2009-002] Amarok Integer Overflow and Unchecked Allocation Vulnerabilities (Sun Jan 11 2009 - 11:47:57 CST)
- [TKADV2009-001] Sun Solaris aio_suspend() Kernel Integer Overflow Vulnerability (Sun Jan 11 2009 - 10:49:13 CST)
usman
- Motorola Wimax Modem CPEi300 Multiple Vulnerabilities (Thu Jan 29 2009 - 12:40:43 CST)
vds_syahoo.com
- Joomla component beamospetition 1.0.12 Sql Injection (Wed Jan 21 2009 - 11:16:21 CST)
Vladimir '3APA3A' Dubrovin
- Re[2]: Internet explorer 7.0 stack overflow (Thu Jan 29 2009 - 15:58:03 CST)
vuln_researchprinceofnigeria.org
- Syslserve 1.058 Denial of Service Vulnerability (Thu Jan 15 2009 - 17:54:33 CST)
- Windows NTP Time Server Syslog Monitor 1.0.000 Denial of Service Vulnerability (Wed Jan 14 2009 - 18:20:49 CST)
- TFTPUtil GUI TFTP Server Denial of Service Vulnerability (Wed Jan 14 2009 - 18:16:07 CST)
- TFTPUtil GUI TFTP Directory Traversal (Wed Jan 14 2009 - 18:04:35 CST)
- Walusoft TFTPServer2000 Version 3.6.1 Directory Traversal (Mon Jan 05 2009 - 11:22:08 CST)
vulnswintercore.com
- [Wintercore Research ] Fujitsu SystemcastWizard Lite PXEService Remote Buffer Overflow. (Mon Jan 19 2009 - 07:01:02 CST)
Will Drewry
- [oCERT-2008-016] Multiple OpenSSL signature verification API misuses (Wed Jan 07 2009 - 08:56:49 CST)
William A. Rowe, Jr.
- Java Runtime UTF-8 Decoder Smuggling Vector (Fri Jan 09 2009 - 10:23:04 CST)
Williams, James K
- CA20090126-01: CA Anti-Virus Engine Detection Evasion Multiple Vulnerabilities (Tue Jan 27 2009 - 09:08:01 CST)
- CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities (Updated - v1.1) (Mon Jan 26 2009 - 18:26:13 CST)
- CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities (Sat Jan 24 2009 - 12:36:56 CST)
- CA20090107-01: CA Service Metric Analysis and CA Service Level Management smmsnmpd Arbitrary Command Execution Vulnerability (Wed Jan 07 2009 - 15:51:18 CST)
zdi-disclosures3com.com
- ZDI-09-009: EMC AutoStart Backbone Engine Trusted Pointer Code Execution Vulnerability (Fri Jan 23 2009 - 14:08:32 CST)
- ZDI-09-007: Apple QuickTime Cinepak Codec MDAT Heap Corruption Vulnerability (Wed Jan 21 2009 - 16:28:34 CST)
- ZDI-09-005: Apple QuickTime VR Track Header Atom Heap Corruption Vulnerability (Wed Jan 21 2009 - 16:26:12 CST)
- ZDI-09-008: Apple QuickTime STSD JPEG Atom Heap Corruption Vulnerability (Wed Jan 21 2009 - 16:29:28 CST)
- ZDI-09-006: Apple QuickTime AVI Header nBlockAlign Heap Corruption Vulnerability (Wed Jan 21 2009 - 16:27:48 CST)
- ZDI-09-004: Oracle TimesTen evtdump Remote Format String Vulnerability (Wed Jan 14 2009 - 14:30:01 CST)
- ZDI-09-003: Oracle Secure Backup exec_qr() Command Injection Vulnerability (Wed Jan 14 2009 - 14:29:40 CST)
- ZDI-09-002: Microsoft SMB NT Trans2 Request Parsing Remote Code Execution Vulnerability (Tue Jan 13 2009 - 14:04:00 CST)
- ZDI-09-001: Microsoft SMB NT Trans Request Parsing Remote Code Execution Vulnerability (Tue Jan 13 2009 - 14:03:55 CST)

Last message date: Fri Jan 30 2009 - 14:45:19 CST
Archived on: Fri Jan 30 2009 - 14:45:20 CST

298 messages sorted by: [ date ] [ thread ] [ subject ]