NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 2009-03

296 messages sorted by: [ date ] [ thread ] [ subject ]

Starting: Mon Mar 02 2009 - 10:30:10 CST
Ending: Tue Mar 31 2009 - 15:55:37 CDT

aanisimovptsecurity.com
- [Positive Technologies SA:2009-20] A.CMS Multiple Vulnerabilities (Fri Mar 13 2009 - 13:00:05 CDT)
- [Positive Technologies SA:2009-14] BLOG CMS Cross-Site Scripting vulnerability (Fri Mar 13 2009 - 12:59:09 CDT)
- [Positive Technologies SA:2009-15] Living CMS Cross-Site Scripting vulnerability (Fri Mar 13 2009 - 12:57:42 CDT)
- [Positive Technologies SA:2009-13] TinX CMS 3.x SQL Injection Vulnerability (Fri Mar 06 2009 - 10:53:21 CST)
- [Positive Technologies SA:2009-12] UMI.CMS Cross-Site Scripting vulnerability (Fri Mar 06 2009 - 08:45:48 CST)
Adam Baldwin
- Zabbix Multiple Frontend CSRF (Password reset & command execution) (Mon Mar 30 2009 - 18:13:14 CDT)
- ExpressionEngine Persistent Cross-Site Scripting (Sun Mar 22 2009 - 18:28:52 CDT)
- NGENUITY-2009-005 OpenCart Order By Blind SQL Injection (Sun Mar 15 2009 - 23:44:43 CDT)
adminbugreport.ir
- PHPRunner SQL Injection (Tue Mar 17 2009 - 05:35:37 CDT)
Alex Legler
- Re: Adobe Flash Player plug-in null pointer dereference and browser crash (Thu Mar 12 2009 - 08:17:23 CDT)
Alexandr Polyakov
- [DSECRG-09-016] SAP SAPDB Multiple XSS (Tue Mar 31 2009 - 12:09:29 CDT)
alexchf.fypgmail.com
- Re: Vulnerability CVE-2008-3671 - MyReview's vulnerability in the access control system (Mon Mar 09 2009 - 02:50:03 CDT)
Andrea Barisani
- [oCERT-2009-003] LittleCMS integer errors (Fri Mar 20 2009 - 13:02:40 CDT)
Anonelhacker.net
- flv2mpeg4: Malformed parameters Denial of Service (Mon Mar 09 2009 - 13:16:24 CDT)
ascii
- Zabbix 1.6.2 Frontend Multiple Vulnerabilities (Tue Mar 03 2009 - 09:30:26 CST)
Asterisk Security Team
- AST-2009-002: Remote Crash Vulnerability in SIP channel driver (Tue Mar 10 2009 - 12:38:37 CDT)
Bernhard Mueller
- SEC Consult SA-20090305-0 :: NextApp Echo XML Injection Vulnerability (Tue Mar 10 2009 - 04:58:46 CDT)
- SEC Consult SA-20090305-2 :: IBM Director CIM Server Local Privilege Escalation Vulnerability (Tue Mar 10 2009 - 05:09:14 CDT)
- SEC Consult SA-20090305-1 :: IBM Director CIM Server Remote Denial of Service Vulnerability (Tue Mar 10 2009 - 05:07:41 CDT)
Bkis
- [Bkis-05-2009] PowerCHM Stack-based Buffer Overflow (Thu Mar 26 2009 - 00:27:29 CDT)
- [Bkis-03-2009] Multiple Vulnerabilities found in Rapidleech rev.36 (Sat Mar 14 2009 - 07:50:00 CDT)
- [Bkis-04-2009] GOM Encoder Heap-based Buffer Overflow (Sun Mar 15 2009 - 23:12:02 CDT)
Bugs NotHugs
- Cisco ASA5520 Web VPN Host Header XSS (Tue Mar 31 2009 - 05:17:54 CDT)
- Check Point Firewall-1 PKI Web Service HTTP Header Remote Overflow (Mon Mar 30 2009 - 03:16:17 CDT)
- Novell Netstorage Multiple Vulnerabilities (Thu Mar 26 2009 - 19:50:24 CDT)
- Aurora Nutritive Analysis Module Multiple XSS (Thu Mar 26 2009 - 19:43:03 CDT)
Carsten Eilers
- Multiple Vulnerabilities in iAntiVirus (Tue Mar 10 2009 - 10:13:10 CDT)
Chris Evans
- LittleCMS vulnerabilities (OpenJDK, Firefox, GIMP, etc. impacted) (Thu Mar 19 2009 - 21:24:43 CDT)
Chris Weber
- [tool release] Watcher v1.0.0 - passive Web-app security testing and compliance auditing (Sun Mar 29 2009 - 00:17:32 CDT)
Christian Eibl
- Moodle: Sensitive File Disclosure (Fri Mar 27 2009 - 09:30:20 CDT)
Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco IOS Software Mobile IP and Mobile IPv6 Vulnerabilities (Wed Mar 25 2009 - 11:00:00 CDT)
- Cisco Security Advisory: Cisco IOS cTCP Denial of Service Vulnerability (Wed Mar 25 2009 - 11:00:00 CDT)
- Cisco Security Advisory: Cisco IOS Software WebVPN and SSLVPN Vulnerabilities (Wed Mar 25 2009 - 11:00:00 CDT)
- Cisco Security Advisory: Cisco IOS Software Multiple Features Crafted TCP Sequence Vulnerability (Wed Mar 25 2009 - 11:00:00 CDT)
- Cisco Security Advisory: Cisco IOS Software Secure Copy Privilege Escalation Vulnerability (Wed Mar 25 2009 - 11:00:00 CDT)
- Cisco Security Advisory: Cisco Unified Communications Manager IP Phone Personal Address Book Synchronizer Privilege Escalation Vulnerability (Wed Mar 11 2009 - 10:40:00 CDT)
- Cisco Security Advisory: Cisco 7600 Series Router Session Border Controller Denial of Service Vulnerability (Wed Mar 04 2009 - 10:30:00 CST)
contactonuryilmaz.info
- Blogsa <= 1.0 Beta 3 XSS Vulnerability (Mon Mar 02 2009 - 16:28:20 CST)
contactvnbrain.net
- Afian Document Manager Local File Inclusion (Fri Feb 27 2009 - 21:46:57 CST)
CORE Security Technologies Advisories
- CORE-2009-0108: Multiple vulnerabilities in Sun Calendar Express Web Server (Tue Mar 31 2009 - 15:01:43 CDT)
- CORE-2009-0122: HP OpenView Buffer Overflows (Mon Mar 23 2009 - 12:45:49 CDT)
- Foxit Reader Multiple Vulnerabilities (CORE-2009-0218) (Mon Mar 09 2009 - 14:40:33 CDT)
Corrado Leita
- CFP RAID 2009 (Wed Mar 25 2009 - 15:58:24 CDT)
cxibsecurityreason.com
- libc:fts_*():multiple vendors, Denial-of-service (Thu Mar 05 2009 - 10:48:20 CST)
dann frazier
- [SECURITY] [DSA 1749-1] New Linux 2.6.26 packages fix several vulnerabilities (Fri Mar 20 2009 - 15:55:47 CDT)
dannyorionrobots.co.uk
- Re: TikiWiki 2.2 XSS Vulnerability in URI (Thu Mar 12 2009 - 18:19:16 CDT)
ddivulnalertddifrontline.com
- DDIVRT-2009-21 vBook Login Application Cross-site Scripting Vulnerability (Mon Mar 09 2009 - 09:45:01 CDT)
- DDIVRT-2009-22 SMART Board Whiteboard Directory Traversal Vulnerability (Mon Mar 09 2009 - 09:44:23 CDT)
DeepSec Conference
- DeepSec 2009 - Call for Papers is open (Mon Mar 30 2009 - 13:34:24 CDT)
dhlayereddefense.com
- Layered Defense Research Advisory: Format String Vulnerablity in Symantec PcAnywhere v10-12.5 (Tue Mar 17 2009 - 23:38:52 CDT)
DSecRG
- [DSECRG-09-030] PrecisionID Datamatrix ActiveX control - Arbitrary File overwriting (Tue Mar 31 2009 - 12:22:47 CDT)
- [DSECRG-09-013] IBM WebSphere Application Server 7.0 Multiple XSS Vulnerabilities (Tue Mar 31 2009 - 12:00:09 CDT)
Elazar Broad
- Belkin BullDog Plus UPS-Service Buffer Overflow Vulnerability (Sat Mar 07 2009 - 21:06:46 CST)
Elliot Kendall
- Command Execution in Hannon Hill Cascade Server (Thu Mar 19 2009 - 14:07:56 CDT)
Eric C. Lukens
- Re: Secunia Research: Adobe Reader JBIG2 Symbol Dictionary Buffer Overflow (Wed Mar 25 2009 - 14:20:40 CDT)
Eygene Ryabinkin
- Re: Zabbix 1.6.2 Frontend Multiple Vulnerabilities (Mon Mar 09 2009 - 06:59:00 CDT)
Florian Weimer
- Re: Secunia Research: Adobe Reader JBIG2 Symbol Dictionary Buffer Overflow (Wed Mar 25 2009 - 11:42:11 CDT)
- [SECURITY] [DSA 1752-1] New webcit packages fix potential remote code execution (Mon Mar 23 2009 - 13:14:05 CDT)
- [SECURITY] [DSA 1750-1] New libpng packages fix several vulnerabilities (Sun Mar 22 2009 - 12:16:04 CDT)
- [SECURITY] [DSA 1739-1] New mldonkey packages fix information disclosure (Fri Mar 13 2009 - 15:58:15 CDT)
- [SECURITY] [DSA 1735-1] New znc packages fix privilege escalation (Tue Mar 10 2009 - 15:23:49 CDT)
- [SECURITY] [DSA 1719-2] New GNUTLS packages fix regression (Sat Feb 28 2009 - 05:44:38 CST)
FreeBSD Security Advisories
- FreeBSD Security Advisory FreeBSD-SA-09:06.ktimer (Sun Mar 22 2009 - 19:09:12 CDT)
H D Moore
- WarVOX 1.0.0 Released (Fri Mar 06 2009 - 00:51:31 CST)
h1karitoorcon.org
- TOORCAMP 2009 CALL FOR PARTICIPATION (Wed Mar 11 2009 - 13:54:34 CDT)
Henri Lindberg
- HP Laserjet multiple models web management CSRF vulnerability & insecure default configuration (Mon Mar 16 2009 - 16:06:21 CDT)
Henri Lindberg - Smilehouse Oy
- Rittal CMC-TC Processing Unit II multiple vulnerabilities (Mon Mar 23 2009 - 06:37:50 CDT)
iDefense Labs
- iDefense Security Advisory 03.26.09: Sun Java Runtime Environment (JRE) Pack200 Decompression Integer Overflow Vulnerability (Thu Mar 26 2009 - 16:16:54 CDT)
- iDefense Security Advisory 03.26.09: Sun Java Web Start (JWS ) PNG Decoding Integer Overflow Vulnerability (Thu Mar 26 2009 - 15:47:41 CDT)
- iDefense Security Advisory 03.26.09: Sun Java Runtine Environment (JRE) GIF Decoding Heap Corruption Vulnerability (Thu Mar 26 2009 - 15:22:17 CDT)
- iDefense Security Advisory 03.26.09: Sun Java Web Start (JWS ) GIF Decoding Heap Corruption Vulnerability (Thu Mar 26 2009 - 14:47:02 CDT)
- iDefense Security Advisory 03.26.09: Sun Java Runtine Environment (JRE) Type1 Font Parsing Integer Signedness Vulnerability (Thu Mar 26 2009 - 12:49:43 CDT)
- iDefense Security Advisory 03.24.09: Adobe Reader and Acrobat JBIG2 Encoded Stream Heap Overflow Vulnerability (Tue Mar 24 2009 - 14:47:56 CDT)
- Re: iDefense Security Advisory 03.17.09: Autonomy KeyView Word Perfect File Parsing Buffer Overflow Vulnerability (Tue Mar 17 2009 - 17:22:19 CDT)
- iDefense Security Advisory 03.17.09: Autonomy KeyView Word Perfect File Parsing Buffer Overflow Vulnerability (Tue Mar 17 2009 - 16:55:16 CDT)
- Re: iDefense COMRaider 'DeleteFile()' Method Arbitrary File Deletion Vulnerability (Wed Mar 04 2009 - 15:42:50 CST)
iliz-zyandex.rui
- TikiWiki 2.2 XSS Vulnerability in URI (Thu Mar 12 2009 - 03:54:41 CDT)
ISecAuditors Security Advisories
- [ISecAuditors Security Advisories] ModSecurity < 2.5.9 remote Denial of Service (DoS) (Thu Mar 19 2009 - 07:53:55 CDT)
- [ISecAuditors Security Advisories] WordPress MU HTTP Header XSS Vulnerability (Tue Mar 10 2009 - 15:26:46 CDT)
- [ISecAuditors Security Advisories] eXtplorer Remote Code Execution (Mon Mar 02 2009 - 14:54:03 CST)
Jamie Strandboge
- [USN-750-1] OpenSSL vulnerability (Mon Mar 30 2009 - 18:23:19 CDT)
- [USN-745-1] Firefox and Xulrunner vulnerabilities (Sat Mar 28 2009 - 00:27:07 CDT)
- [USN-741-1] Thunderbird vulnerabilities (Thu Mar 19 2009 - 17:30:32 CDT)
- [USN-740-1] NSS vulnerability (Tue Mar 17 2009 - 17:11:30 CDT)
- [USN-738-1] GLib vulnerability (Mon Mar 16 2009 - 17:35:33 CDT)
- [USN-728-3] Firefox vulnerabilities (Thu Mar 05 2009 - 18:37:17 CST)
- [USN-728-2] Firefox vulnerabilities (Thu Mar 05 2009 - 18:36:13 CST)
- [USN-724-1] Squid vulnerability (Thu Feb 26 2009 - 06:28:55 CST)
- [USN-730-1] libpng vulnerabilities (Thu Mar 05 2009 - 20:25:22 CST)
- [USN-728-3] Firefox vulnerabilities (Thu Mar 05 2009 - 18:37:17 CST)
- [USN-728-2] Firefox vulnerabilities (Thu Mar 05 2009 - 18:36:13 CST)
- [USN-728-1] Firefox and Xulrunner vulnerabilities (Thu Mar 05 2009 - 18:35:49 CST)
Jerome Athias
- [CFP] FRHACK 2nd Call For Papers (Mon Mar 02 2009 - 00:20:49 CST)
Jose Luis
- NovaBoard <= 1.0.1 / XSS Vulnerability (Tue Mar 03 2009 - 15:26:33 CST)
joseph.giron13gmail.com
- aspWebCalendar Free Edition bug (Mon Mar 30 2009 - 22:46:19 CDT)
Julien Thomas
- Re: Vulnerability CVE-2008-3671 - MyReview's vulnerability in the access control system (Mon Mar 09 2009 - 13:51:07 CDT)
k g
- FINAL: Call for Papers on Cyber Warfare (Tue Mar 10 2009 - 06:26:55 CDT)
Kees Cook
- [USN-748-1] OpenJDK vulnerabilities (Thu Mar 26 2009 - 17:01:35 CDT)
- [USN-729-1] Python Crypto vulnerability (Thu Mar 05 2009 - 17:38:36 CST)
- [USN-729-1] Python Crypto vulnerability (Thu Mar 05 2009 - 17:38:36 CST)
kowsikgmail.com
- Announcing Cap'r Mak'r (Sun Mar 01 2009 - 21:52:03 CST)
Krakow Labs
- POP Peeper 3.4.0.0 Date Remote Buffer Overflow Vulnerability (Wed Mar 11 2009 - 23:14:01 CDT)
larryjlogica.com
- Trellis Desk v1.0 XSS Vulnerability (Wed Mar 11 2009 - 18:25:41 CDT)
Major Malfunction
- DEFCON London DC4420 March meeting - Thursday 19th March (Tue Mar 17 2009 - 12:17:46 CDT)
Marc Deslauriers
- [USN-749-1] libsndfile vulnerability (Mon Mar 30 2009 - 13:28:13 CDT)
- [USN-747-1] ICU vulnerability (Thu Mar 26 2009 - 14:28:21 CDT)
- [USN-746-1] xine-lib vulnerability (Thu Mar 26 2009 - 14:27:37 CDT)
- [USN-744-1] LittleCMS vulnerabilities (Mon Mar 23 2009 - 13:38:27 CDT)
- [USN-743-1] Ghostscript vulnerabilities (Mon Mar 23 2009 - 13:37:41 CDT)
- [USN-742-1] JasPer vulnerabilities (Thu Mar 19 2009 - 13:02:46 CDT)
- [USN-739-1] Amarok vulnerabilities (Tue Mar 17 2009 - 12:29:25 CDT)
- [USN-737-1] libsoup vulnerability (Mon Mar 16 2009 - 15:43:15 CDT)
- [USN-735-1] GStreamer Base Plugins vulnerability (Mon Mar 16 2009 - 15:41:20 CDT)
- [USN-736-1] GStreamer Good Plugins vulnerabilities (Mon Mar 16 2009 - 15:40:32 CDT)
- [USN-733-1] evolution-data-server vulnerability (Mon Mar 16 2009 - 15:39:29 CDT)
- [USN-734-1] FFmpeg vulnerabilities (Mon Mar 16 2009 - 18:32:01 CDT)
- [USN-727-1] network-manager-applet vulnerabilities (Tue Mar 03 2009 - 13:45:21 CST)
- [USN-727-2] NetworkManager vulnerability (Tue Mar 03 2009 - 13:46:12 CST)
- [USN-726-2] curl regression (Wed Mar 04 2009 - 09:09:19 CST)
- [USN-726-1] curl vulnerability (Tue Mar 03 2009 - 13:44:12 CST)
- [USN-732-1] dash vulnerability (Tue Mar 10 2009 - 11:54:50 CDT)
- [USN-731-1] Apache vulnerabilities (Tue Mar 10 2009 - 11:54:06 CDT)
- [USN-726-2] curl regression (Wed Mar 04 2009 - 09:09:19 CST)
- [USN-727-2] NetworkManager vulnerability (Tue Mar 03 2009 - 13:46:12 CST)
- [USN-726-1] curl vulnerability (Tue Mar 03 2009 - 13:44:12 CST)
- [USN-727-1] network-manager-applet vulnerabilities (Tue Mar 03 2009 - 13:45:21 CST)
Mark Thomas
- [SECURITY] CVE-2009-0781 XSS in Apache Tomcat examples web application (Fri Mar 06 2009 - 09:56:34 CST)
maroc-anti-connexionhotmail.com
- rosoft media player local BOF exploit multi tagets (Sat Mar 14 2009 - 11:09:06 CDT)
Martin Huter
- ICAP adaptation: missing data flow control to client side (Thu Mar 26 2009 - 10:13:32 CDT)
Matthew Dempsky
- Re: Adobe Flash Player plug-in null pointer dereference and browser crash (Wed Mar 11 2009 - 12:30:49 CDT)
- Re: djbdns misformats some long response packets; patch and example attack (Thu Mar 05 2009 - 00:05:24 CST)
- Re: djbdns misformats some long response packets; patch and example attack (Sat Feb 28 2009 - 12:41:46 CST)
mcyr2csc.com
- Addonics NAS Adapter Post-Auth DoS (Tue Mar 10 2009 - 11:20:40 CDT)
Moritz Muehlenhoff
- [SECURITY] [DSA 1758-1] New nss-ldapd packages fix information disclosure (Mon Mar 30 2009 - 16:47:00 CDT)
- [SECURITY] [DSA 1755-1] New systemtap packages fix local privilege escalation (Wed Mar 25 2009 - 16:16:51 CDT)
- [SECURITY] [DSA 1753-1] End-of-life announcement for Iceweasel in oldstable (Tue Mar 24 2009 - 16:20:14 CDT)
- [SECURITY] [DSA 1751-1] New xulrunner packages fix several vulnerabilities (Sun Mar 22 2009 - 16:30:20 CDT)
- [SECURITY] [DSA 1741-1] New psi packages fix denial of service (Sat Mar 14 2009 - 06:47:18 CDT)
mr.faghanigmail.com
- Aryanic HighCMS and HighPortal multiple Vulnerabilities (Tue Mar 10 2009 - 08:19:10 CDT)
- YEKTA WEB Academic Web Tools CMS Multiple XSS (Sun Mar 01 2009 - 05:58:13 CST)
MustLive
- Re: Nokia N95-8 browser denial of service (Sat Feb 28 2009 - 17:23:08 CST)
Nico Golde
- [SECURITY] [DSA 1744-1] New weechat packages fix denial of service (Wed Mar 18 2009 - 06:55:04 CDT)
- [SECURITY] [DSA 1742-1] New libsnd packages fix arbitrary code execution (Sun Mar 15 2009 - 19:46:00 CDT)
- [SECURITY] [DSA 1738-1] New curl packages fix arbitrary file access (Wed Mar 11 2009 - 11:46:54 CDT)
Noah Meyerhans
- [SECURITY] [DSA 1756-1] New xulrunner packages fix multiple vulnerabilities (Sun Mar 29 2009 - 13:03:00 CDT)
nospamgmail.it
- glFusion <= 1.1.2 COM_applyFilter()/order sql injection exploit (Sat Mar 28 2009 - 23:37:13 CDT)
- PHPizabi v0.848b C1 HFP1 proc.inc.php remote privilege escalation (php.ini independent) (Tue Mar 24 2009 - 02:04:28 CDT)
- Bs.Player <= 2.34 Build 980 (.bsl) local buffer overflow 0day exploit (seh) (Thu Mar 19 2009 - 21:01:44 CDT)
- CDex v1.70b2 (.ogg) local buffer overflow exploit poc (Tue Mar 17 2009 - 17:15:50 CDT)
- GeoVision LiveAudio ActiveX Control GetAudioPlayingTime() remote freed-memory access exploit (Fri Mar 13 2009 - 10:36:33 CDT)
- SupportSoft DNA Editor Module (dnaedit.dll v6.9.2205) remote code execution exploit (IE6/7) (Thu Mar 05 2009 - 05:04:41 CST)
Ofer Shezaf
- Weekly Web Hacking Incidents update for Feb 25th (Sun Mar 01 2009 - 01:54:34 CST)
Paul Wouters
- CVE-2009-0790: ISAKMP DPD Remote Vulnerability with Openswan & Strongswan IPsec (Mon Mar 30 2009 - 11:17:24 CDT)
- Re: [ GLSA 200903-18 ] Openswan: Insecure temporary file creation (Mon Mar 09 2009 - 15:12:41 CDT)
Pierre-Yves Rofes
- [ GLSA 200903-41 ] gedit: Untrusted search path (Mon Mar 30 2009 - 16:48:53 CDT)
- [ GLSA 200903-40 ] Analog: Denial of Service (Sun Mar 29 2009 - 16:40:57 CDT)
- [ GLSA 200903-39 ] pam_krb5: Privilege escalation (Wed Mar 25 2009 - 17:45:17 CDT)
- [ GLSA 200903-38 ] Squid: Multiple Denial of Service vulnerabilities (Tue Mar 24 2009 - 16:42:45 CDT)
- [ GLSA 200903-37 ] Ghostscript: User-assisted execution of arbitrary code (Mon Mar 23 2009 - 17:34:00 CDT)
- [ GLSA 200903-36 ] MLDonkey: Information disclosure (Mon Mar 23 2009 - 17:11:38 CDT)
- [ GLSA 200903-35 ] Muttprint: Insecure temporary file usage (Mon Mar 23 2009 - 16:56:40 CDT)
- [ GLSA 200903-33 ] FFmpeg: Multiple vulnerabilities (Thu Mar 19 2009 - 17:59:58 CDT)
- [ GLSA 200903-32 ] phpMyAdmin: Multiple vulnerabilities (Wed Mar 18 2009 - 17:30:32 CDT)
- [ GLSA 200903-31 ] libcdaudio: User-assisted execution of arbitrary code (Tue Mar 17 2009 - 16:10:05 CDT)
- [ GLSA 200903-29 ] BlueZ: Arbitrary code execution (Mon Mar 16 2009 - 16:36:12 CDT)
- [ GLSA 200903-28 ] libpng: Multiple vulnerabilities (Sun Mar 15 2009 - 13:42:50 CDT)
- [ GLSA 200903-27 ] ProFTPD: Multiple vulnerabilities (Thu Mar 12 2009 - 17:29:21 CDT)
- [ GLSA 200903-25 ] Courier Authentication Library: SQL Injection vulnerability (Wed Mar 11 2009 - 14:33:55 CDT)
- [ GLSA 200903-23 ] Adobe Flash Player: Multiple vulnerabilities (Tue Mar 10 2009 - 17:27:02 CDT)
- [ GLSA 200903-24 ] Shadow: Privilege escalation (Tue Mar 10 2009 - 17:34:59 CDT)
- [ GLSA 200903-10 ] Irrlicht: User-assisted execution of arbitrary code (Sat Mar 07 2009 - 15:31:03 CST)
- [ GLSA 200903-01 ] Vinagre: User-assisted execution of arbitrary code (Fri Mar 06 2009 - 15:59:44 CST)
Positron Security
- Positron Security Advisory #2009-000: Multiple Vulnerabilities in MapServer v5.2.1 and v4.10.3 (Mon Mar 30 2009 - 12:43:54 CDT)
r_haudenschilthotmail.com
- Re: Family Connections 1.8.1 Multiple Remote Vulnerabilities (Mon Mar 30 2009 - 21:18:08 CDT)
rahimeh.khodadadigmail.com
- reporting CVE (Mon Mar 16 2009 - 08:12:25 CDT)
rizki.wicaksonogmail.com
- CPANEL File Manager XSS Vulnerability (Mon Mar 16 2009 - 23:53:27 CDT)
Robert Buchholz
- [ GLSA 200903-26 ] TMSNC: Execution of arbitrary code (Thu Mar 12 2009 - 08:58:21 CDT)
- [ GLSA 200903-22 ] Ganglia: Execution of arbitrary code (Tue Mar 10 2009 - 09:27:40 CDT)
- Re: [ GLSA 200903-18 ] Openswan: Insecure temporary file creation (Tue Mar 10 2009 - 05:47:14 CDT)
- [ GLSA 200903-20 ] WebSVN: Multiple vulnerabilities (Mon Mar 09 2009 - 09:02:04 CDT)
- [ GLSA 200903-19 ] Xerces-C++: Denial of Service (Mon Mar 09 2009 - 09:01:23 CDT)
- [ GLSA 200903-18 ] Openswan: Insecure temporary file creation (Mon Mar 09 2009 - 09:00:47 CDT)
- [ GLSA 200903-17 ] Real VNC: User-assisted execution of arbitrary code (Mon Mar 09 2009 - 08:58:19 CDT)
- [ GLSA 200903-16 ] Epiphany: Untrusted search path (Mon Mar 09 2009 - 08:57:37 CDT)
- [ GLSA 200903-15 ] git: Multiple vulnerabilties (Mon Mar 09 2009 - 08:56:27 CDT)
- [ GLSA 200903-14 ] BIND: Incorrect signature verification (Mon Mar 09 2009 - 08:10:06 CDT)
- [ GLSA 200903-13 ] MPFR: Denial of Service (Mon Mar 09 2009 - 08:07:38 CDT)
- [ GLSA 200903-12 ] OptiPNG: User-assisted execution of arbitrary code (Mon Mar 09 2009 - 08:06:55 CDT)
- [ GLSA 200903-11 ] PyCrypto: Execution of arbitrary code (Mon Mar 09 2009 - 08:05:47 CDT)
- [ GLSA 200903-09 ] OpenTTD: Execution of arbitrary code (Sat Mar 07 2009 - 10:29:53 CST)
- [ GLSA 200903-08 ] gEDA: Insecure temporary file creation (Sat Mar 07 2009 - 10:27:52 CST)
- [ GLSA 200903-07 ] Samba: Data disclosure (Sat Mar 07 2009 - 10:26:15 CST)
- [ GLSA 200903-06 ] nfs-utils: Access restriction bypass (Sat Mar 07 2009 - 10:24:44 CST)
- [ GLSA 200903-05 ] PDFjam: Multiple vulnerabilities (Sat Mar 07 2009 - 10:22:51 CST)
robertwebappsec.org
- Paper: Socket Capable Browser Plugins Result In Transparent Proxy Abuse (Tue Mar 10 2009 - 12:05:31 CDT)
Roberto Muñoz Fernandez
- Re: [Full-disclosure] Zabbix 1.6.2 Frontend Multiple Vulnerabilities (Thu Mar 05 2009 - 17:42:48 CST)
rPath Update Announcements
- rPSA-2009-0050-1 ghostscript (Thu Mar 19 2009 - 14:52:09 CDT)
- rPSA-2009-0045-1 glib (Thu Mar 12 2009 - 18:08:49 CDT)
- rPSA-2009-0046-1 libpng (Thu Mar 12 2009 - 18:07:00 CDT)
- rPSA-2009-0040-1 tshark wireshark (Thu Mar 12 2009 - 18:00:28 CDT)
- rPSA-2009-0041-1 dhclient dhcp libdhcp4client (Thu Mar 12 2009 - 18:02:09 CDT)
- rPSA-2009-0042-1 curl (Thu Mar 12 2009 - 18:04:21 CDT)
- rPSA-2009-0035-1 php php-cgi php-imap php-mcrypt php-mysql php-mysqli php-pgsql php-soap php-xsl php5 php5-cgi php5-imap php5-mcrypt php5-mysql php5-mysqli php5-pear php5-pgsql php5-soap php5-xsl (Mon Mar 02 2009 - 14:45:26 CST)
Salvatore \
- webEdition 6.0.0.4 Local File Inclusion (Tue Mar 31 2009 - 08:22:49 CDT)
- Community CMS 0.5 Multiple SQL Injection Vulnerabilities (Mon Mar 30 2009 - 14:55:45 CDT)
- Family Connections 1.8.1 Multiple Remote Vulnerabilities (Mon Mar 30 2009 - 12:45:51 CDT)
- phpCommunity 2 2.1.8 Multiple Vulnerabilities (SQL Injection / Directory Traversal / XSS) (Sat Mar 07 2009 - 11:25:19 CST)
- nForum 1.5 Multiple SQL Injection (Fri Mar 06 2009 - 14:42:37 CST)
- Wili-CMS 0.4.0 Multiple Vulnerabilities (Remote/Local File Inclusion - Authentication Bypass) (Fri Mar 06 2009 - 06:05:06 CST)
- CelerBB 0.0.2 Multiple Vulnerabilities (Thu Mar 05 2009 - 08:37:49 CST)
- BlindBlog 1.3.1 Multiple Vulnerabilities (SQL Inj - Auth Bypass - LFI) (Tue Mar 03 2009 - 08:32:27 CST)
- WARNING - CORRECT: BlindBlog 1.3.1 Multiple Vulnerabilities (SQL Inj - Auth Bypass - LFI) (Tue Mar 03 2009 - 09:24:55 CST)
- RitsBlog 0.4.2 (Authentication Bypass) SQL Injection Vulnerability / XSS Persistent Vulnerability (Mon Mar 02 2009 - 15:52:02 CST)
- EZ-Blog Beta 1 Multiple SQL Injection (Sun Mar 01 2009 - 16:15:23 CST)
- BlogMan 0.45 Multiple Vulnerabilities (Sun Mar 01 2009 - 09:47:38 CST)
secresearchfortinet.com
- Apple iTunes DAAP Messages Handling Denial of Service Vulnerability (Thu Mar 12 2009 - 20:59:57 CDT)
Secunia Research
- Secunia Research: Adobe Reader JBIG2 Symbol Dictionary Buffer Overflow (Wed Mar 25 2009 - 04:22:05 CDT)
- Secunia Research: Foxit Reader JBIG2 Symbol Dictionary Processing Vulnerability (Mon Mar 09 2009 - 07:27:51 CDT)
- Secunia Research: libsndfile CAF Processing Integer Overflow Vulnerability (Tue Mar 03 2009 - 06:06:47 CST)
- Secunia Research: Winamp CAF Processing Integer Overflow Vulnerability (Tue Mar 03 2009 - 06:08:46 CST)
security-alerthp.com
- [security bulletin] HPSBMA02416 SSRT090008 rev.2 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code (Tue Mar 31 2009 - 12:02:12 CDT)
- [security bulletin] HPSBUX02409 SSRT080171 rev.1 - HP-UX Running VERITAS File System (VRTSvxfs) or VERITAS Oracle Disk Manager (VRTSodm), Local Escalation of Privilege (Tue Mar 24 2009 - 13:16:11 CDT)
- [security bulletin] HPSBMA02416 SSRT090008 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code (Tue Mar 24 2009 - 07:36:54 CDT)
- [security bulletin] HPSBMA02338 SSRT080024, SSRT080041 rev.3 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code, Denial of Service (DoS) (Fri Mar 20 2009 - 08:20:19 CDT)
- [security bulletin] HPSBMA02413 SSRT080040 rev.1 - HP WMI Mapper for Windows Server 2003 and Windows Server 2008 for Itanium-based Servers, Remote Unauthorized Access to Data, Local Unauthorized Access (Thu Mar 12 2009 - 13:28:31 CDT)
- [security bulletin] HPSBMA02412 SSRT080040 rev.1 - WMI Mapper for HP Systems Insight Manager Running on Windows, Remote Unauthorized Access to Data, Local Unauthorized Access (Wed Mar 11 2009 - 10:20:07 CDT)
- [security bulletin] HPSBUX02411 SSRT080111 rev.1 - HP-UX Running Java, Remote Execution of Arbitrary Code and Other Vulnerabilities (Wed Mar 11 2009 - 10:20:52 CDT)
- [security bulletin] HPSBUX02401 SSRT090005 rev.3 - HP-UX Running Apache Web Server Suite, Remote Denial of Service (DoS), Cross-site Scripting (XSS), Execution of Arbitrary Code, Cross-Site Request Forgery (CSRF) (Mon Mar 02 2009 - 07:34:19 CST)
security.432amxl.com
- Re: Re: Local vulnerability in suexec + FastCGI + PHP configurations (Mon Mar 02 2009 - 15:38:21 CST)
security.assurancenab.com.au
- Sitecore .NET 5.3.x - web service information disclosure (Tue Mar 17 2009 - 17:38:05 CDT)
securitymandriva.com
- [ MDVSA-2009:082 ] krb5 (Mon Mar 30 2009 - 10:11:01 CDT)
- [ MDVSA-2009:081 ] libsoup (Fri Mar 27 2009 - 17:13:01 CDT)
- [ MDVSA-2009:080 ] glib2.0 (Thu Mar 26 2009 - 16:50:00 CDT)
- [ MDVSA-2009:079 ] postgresql (Mon Mar 23 2009 - 12:54:00 CDT)
- [ MDVSA-2009:078 ] evolution-data-server (Mon Mar 23 2009 - 12:37:00 CDT)
- [ MDVSA-2009:077 ] pam (Sat Mar 21 2009 - 14:25:01 CDT)
- [ MDVSA-2009:060-1 ] nfs-utils (Thu Mar 19 2009 - 16:35:00 CDT)
- [ MDVSA-2009:076 ] avahi (Fri Mar 13 2009 - 21:02:00 CDT)
- [ MDVSA-2009:075 ] firefox (Fri Mar 13 2009 - 15:50:01 CDT)
- [ MDVSA-2009:072 ] perl-MDK-Common (Wed Mar 11 2009 - 14:29:00 CDT)
- [ MDVSA-2009:074 ] libneon0.27 (Wed Mar 11 2009 - 17:31:01 CDT)
- [ MDVSA-2009:073 ] sarg (Wed Mar 11 2009 - 16:45:01 CDT)
- [ MDVSA-2009:071 ] kernel (Tue Mar 10 2009 - 14:03:01 CDT)
- [ MDVSA-2009:070 ] openoffice.org (Tue Mar 10 2009 - 10:17:00 CDT)
- [ MDVSA-2009:068-1 ] poppler (Fri Mar 06 2009 - 21:07:00 CST)
- [ MDVSA-2009:069 ] curl (Fri Mar 06 2009 - 18:48:00 CST)
- [ MDVSA-2009:068 ] poppler (Fri Mar 06 2009 - 15:26:00 CST)
- [ MDVSA-2009:067 ] libsndfile (Thu Mar 05 2009 - 17:36:00 CST)
- [ MDVSA-2009:066 ] php (Thu Mar 05 2009 - 15:18:00 CST)
- [ MDVSA-2009:065 ] php4 (Thu Mar 05 2009 - 14:56:00 CST)
- [ MDVSA-2009:064 ] imap (Tue Mar 03 2009 - 09:49:00 CST)
- [ MDVSA-2009:063 ] eog (Mon Mar 02 2009 - 17:39:00 CST)
- [ MDVSA-2009:062 ] shadow-utils (Mon Mar 02 2009 - 16:00:01 CST)
sosobloodhotmail.com
- Re: Sun Java System Communications Express [HTML Injection] (Wed Mar 11 2009 - 15:07:02 CDT)
- Sun Java System Communications Express [HTML Injection] (Tue Mar 10 2009 - 16:16:51 CDT)
Steffen Joeris
- [SECURITY] [DSA 1760-1] New openswan packages fix denial of service (Mon Mar 30 2009 - 18:49:43 CDT)
- [SECURITY] [DSA 1759-1] New strongswan packages fix denial of service (Mon Mar 30 2009 - 18:49:22 CDT)
- [SECURITY] [DSA 1757-1] New auth2db packages fix SQL injection (Mon Mar 30 2009 - 05:09:41 CDT)
- [SECURITY] [DSA 1745-2] New lcms packages fix regression (Wed Mar 25 2009 - 06:32:18 CDT)
- [SECURITY] [DSA 1747-1] New glib2.0 packages fix arbitrary code execution (Fri Mar 20 2009 - 09:11:16 CDT)
- [SECURITY] [DSA 1748-1] New libsoup packages fix arbitrary code execution (Fri Mar 20 2009 - 09:15:01 CDT)
- [SECURITY] [DSA 1746-1] New ghostscript packages fix arbitrary code execution (Fri Mar 20 2009 - 04:32:00 CDT)
- [SECURITY] [DSA 1745-1] New lcms packages fix arbitrary code execution (Fri Mar 20 2009 - 04:16:54 CDT)
- [SECURITY] [DSA 1743-1] New libtk-img packages fix arbitrary code execution (Tue Mar 17 2009 - 03:52:05 CDT)
- [SECURITY] [DSA 1740-1] New yaws packages fix denial of service (Fri Mar 13 2009 - 23:07:11 CDT)
- [SECURITY] [DSA 1737-1] New wesnoth packages fix several vulnerabilities (Wed Mar 11 2009 - 10:16:56 CDT)
- [SECURITY] [DSA 1736-1] New mahara packages fix cross-site scripting (Tue Mar 10 2009 - 15:33:38 CDT)
- [SECURITY] [DSA 1733-1] New vim packages fix multiple vulnerabilities (Tue Mar 03 2009 - 02:35:06 CST)
- [SECURITY] [DSA 1732-1] New squid3 packages fix denial of service (Tue Mar 03 2009 - 02:23:22 CST)
- [SECURITY] [DSA 1731-1] New ndiswrapper packages fix arbitrary code execution vulnerability (Mon Mar 02 2009 - 15:09:55 CST)
- [SECURITY] [DSA 1730-1] New proftpd-dfsg packages fix SQL injection vulnerabilites (Mon Mar 02 2009 - 14:56:21 CST)
- [SECURITY] [DSA 1729-1] New gst-plugins-bad0.10 packages fix multiple vulnerabilities (Mon Mar 02 2009 - 14:38:00 CST)
Steven M. Christey
- iDefense COMRaider, ActiveX controls, and browser configuration (Thu Mar 05 2009 - 12:41:00 CST)
swhitesecurestate.com
- Infopop UBB.Threads Admin Credentials via SQL Injection (Fri Mar 13 2009 - 13:43:42 CDT)
The Dark Tangent
- DEFCON CTF Submissions are in, DC-16 video online! (Thu Mar 05 2009 - 21:13:46 CST)
tihataifaweb.net
- Re: [ECHO_ADV_103$2009] taifajobs <= 1.0 (jobid) Remote SQL Injection Vulnerability (Tue Mar 31 2009 - 03:07:13 CDT)
Tobias Heinlein
- [ GLSA 200903-34 ] Amarok: User-assisted execution of arbitrary code (Fri Mar 20 2009 - 15:22:13 CDT)
- [ GLSA 200903-30 ] Opera: Multiple vulnerabilities (Mon Mar 16 2009 - 18:54:09 CDT)
- [ GLSA 200903-21 ] cURL: Arbitrary file access (Mon Mar 09 2009 - 13:58:39 CDT)
- [ GLSA 200903-04 ] DevIL: User-assisted execution of arbitrary code (Fri Mar 06 2009 - 16:38:29 CST)
- [ GLSA 200903-03 ] Audacity: User-assisted execution of arbitrary code (Fri Mar 06 2009 - 16:37:05 CST)
- [ GLSA 200903-02 ] ZNC: Privilege escalation (Fri Mar 06 2009 - 16:35:27 CST)
uCon Security Conference
- Slides from uCon Security Conference 2009 available online (Thu Mar 19 2009 - 15:51:35 CDT)
Valery Marchuk
- [Positive Technologies SA 2009-09] Trend Micro Internet Security Pro 2009 tmactmon.sys Priviliege Escalation Vulnerabilities (Tue Mar 31 2009 - 06:49:10 CDT)
- [Suspected Spam][PT-2009-11] SlySoft Multiple Products ElbyCDIO.sys Denial of Service (Thu Mar 12 2009 - 12:11:16 CDT)
Vladimir '3APA3A' Dubrovin
- Re[2]: Secunia Research: Adobe Reader JBIG2 Symbol Dictionary Buffer Overflow (Wed Mar 25 2009 - 14:55:32 CDT)
- Re: iDefense COMRaider, ActiveX controls, and browser configuration (Fri Mar 06 2009 - 07:19:19 CST)
vulne-rdc.org
- [ECHO_ADV_108$2009] JobHut <= 1.2 (pk) Remote Sql Injection Vulnerability (Mon Mar 30 2009 - 18:14:14 CDT)
- [ECHO_ADV_105$2009] chaozzDB <= 1.2 Critical File Disclosure Vulnerability (Tue Mar 17 2009 - 11:06:32 CDT)
- [ECHO_ADV_106$2009] FireAnt <= 1.3 Critical File Disclosure Vulnerability (Tue Mar 17 2009 - 11:08:20 CDT)
- [ECHO_ADV_107$2009] FubarForum <= 1.6 Critical File Disclosure Vulnerability (Tue Mar 17 2009 - 11:09:58 CDT)
- [ECHO_ADV_104$2009] WeBid <= 0.7.3 RC9 Multiple Remote File Inclution Vulnerabilities (Tue Mar 10 2009 - 13:10:49 CDT)
Will Drewry
- [oCERT-2008-015] glib and glib-predecessor heap overflows (Thu Mar 12 2009 - 11:07:54 CDT)
ZDI Disclosures
- ZDI-09-015: Mozilla Firefox XUL _moveToEdgeShift() Memory Corruption Vulnerability (Mon Mar 30 2009 - 17:41:16 CDT)
- ZDI-09-014: Adobe Acrobat getIcon() Stack Overflow Vulnerability (Tue Mar 24 2009 - 11:51:37 CDT)
- ZDI-09-013: Mozilla Firefox XUL Linked Clones Double Free Vulnerability (Thu Mar 05 2009 - 12:01:53 CST)

Last message date: Tue Mar 31 2009 - 15:55:37 CDT
Archived on: Tue Mar 31 2009 - 15:55:41 CDT

296 messages sorted by: [ date ] [ thread ] [ subject ]