NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 2009-03

Most recent messages
296 messages sorted by: [ author ] [ date ] [ subject ]

Starting: Mon Mar 02 2009 - 10:30:10 CST
Ending: Tue Mar 31 2009 - 15:55:37 CDT

Re: djbdns misformats some long response packets; patch and example attack Matthew Dempsky (Sat Feb 28 2009 - 12:41:46 CST)
- Re: djbdns misformats some long response packets; patch and example attack Matthew Dempsky (Thu Mar 05 2009 - 00:05:24 CST)
Afian Document Manager Local File Inclusion contactvnbrain.net (Fri Feb 27 2009 - 21:46:57 CST)
Re: Nokia N95-8 browser denial of service MustLive (Sat Feb 28 2009 - 17:23:08 CST)
Weekly Web Hacking Incidents update for Feb 25th Ofer Shezaf (Sun Mar 01 2009 - 01:54:34 CST)
[SECURITY] [DSA 1719-2] New GNUTLS packages fix regression Florian Weimer (Sat Feb 28 2009 - 05:44:38 CST)
YEKTA WEB Academic Web Tools CMS Multiple XSS mr.faghanigmail.com (Sun Mar 01 2009 - 05:58:13 CST)
BlogMan 0.45 Multiple Vulnerabilities Salvatore \ (Sun Mar 01 2009 - 09:47:38 CST)
[CFP] FRHACK 2nd Call For Papers Jerome Athias (Mon Mar 02 2009 - 00:20:49 CST)
[security bulletin] HPSBUX02401 SSRT090005 rev.3 - HP-UX Running Apache Web Server Suite, Remote Denial of Service (DoS), Cross-site Scripting (XSS), Execution of Arbitrary Code, Cross-Site Request Forgery (CSRF) security-alerthp.com (Mon Mar 02 2009 - 07:34:19 CST)
EZ-Blog Beta 1 Multiple SQL Injection Salvatore \ (Sun Mar 01 2009 - 16:15:23 CST)
Announcing Cap'r Mak'r kowsikgmail.com (Sun Mar 01 2009 - 21:52:03 CST)
[SECURITY] [DSA 1729-1] New gst-plugins-bad0.10 packages fix multiple vulnerabilities Steffen Joeris (Mon Mar 02 2009 - 14:38:00 CST)
rPSA-2009-0035-1 php php-cgi php-imap php-mcrypt php-mysql php-mysqli php-pgsql php-soap php-xsl php5 php5-cgi php5-imap php5-mcrypt php5-mysql php5-mysqli php5-pear php5-pgsql php5-soap php5-xsl rPath Update Announcements (Mon Mar 02 2009 - 14:45:26 CST)
[ISecAuditors Security Advisories] eXtplorer Remote Code Execution ISecAuditors Security Advisories (Mon Mar 02 2009 - 14:54:03 CST)
[SECURITY] [DSA 1730-1] New proftpd-dfsg packages fix SQL injection vulnerabilites Steffen Joeris (Mon Mar 02 2009 - 14:56:21 CST)
[ MDVSA-2009:062 ] shadow-utils securitymandriva.com (Mon Mar 02 2009 - 16:00:01 CST)
Re: Re: Local vulnerability in suexec + FastCGI + PHP configurations security.432amxl.com (Mon Mar 02 2009 - 15:38:21 CST)
RitsBlog 0.4.2 (Authentication Bypass) SQL Injection Vulnerability / XSS Persistent Vulnerability Salvatore \ (Mon Mar 02 2009 - 15:52:02 CST)
Blogsa <= 1.0 Beta 3 XSS Vulnerability contactonuryilmaz.info (Mon Mar 02 2009 - 16:28:20 CST)
[SECURITY] [DSA 1731-1] New ndiswrapper packages fix arbitrary code execution vulnerability Steffen Joeris (Mon Mar 02 2009 - 15:09:55 CST)
Zabbix 1.6.2 Frontend Multiple Vulnerabilities ascii (Tue Mar 03 2009 - 09:30:26 CST)
- Re: Zabbix 1.6.2 Frontend Multiple Vulnerabilities Eygene Ryabinkin (Mon Mar 09 2009 - 06:59:00 CDT)
[SECURITY] [DSA 1732-1] New squid3 packages fix denial of service Steffen Joeris (Tue Mar 03 2009 - 02:23:22 CST)
WARNING - CORRECT: BlindBlog 1.3.1 Multiple Vulnerabilities (SQL Inj - Auth Bypass - LFI) Salvatore \ (Tue Mar 03 2009 - 09:24:55 CST)
[ MDVSA-2009:063 ] eog securitymandriva.com (Mon Mar 02 2009 - 17:39:00 CST)
Secunia Research: Winamp CAF Processing Integer Overflow Vulnerability Secunia Research (Tue Mar 03 2009 - 06:08:46 CST)
[SECURITY] [DSA 1733-1] New vim packages fix multiple vulnerabilities Steffen Joeris (Tue Mar 03 2009 - 02:35:06 CST)
Secunia Research: libsndfile CAF Processing Integer Overflow Vulnerability Secunia Research (Tue Mar 03 2009 - 06:06:47 CST)
BlindBlog 1.3.1 Multiple Vulnerabilities (SQL Inj - Auth Bypass - LFI) Salvatore \ (Tue Mar 03 2009 - 08:32:27 CST)
[USN-727-1] network-manager-applet vulnerabilities Marc Deslauriers (Tue Mar 03 2009 - 13:45:21 CST)
[USN-726-1] curl vulnerability Marc Deslauriers (Tue Mar 03 2009 - 13:44:12 CST)
NovaBoard <= 1.0.1 / XSS Vulnerability Jose Luis (Tue Mar 03 2009 - 15:26:33 CST)
[ MDVSA-2009:064 ] imap securitymandriva.com (Tue Mar 03 2009 - 09:49:00 CST)
[USN-727-2] NetworkManager vulnerability Marc Deslauriers (Tue Mar 03 2009 - 13:46:12 CST)
[USN-726-2] curl regression Marc Deslauriers (Wed Mar 04 2009 - 09:09:19 CST)
Cisco Security Advisory: Cisco 7600 Series Router Session Border Controller Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Wed Mar 04 2009 - 10:30:00 CST)
CelerBB 0.0.2 Multiple Vulnerabilities Salvatore \ (Thu Mar 05 2009 - 08:37:49 CST)
Re: iDefense COMRaider 'DeleteFile()' Method Arbitrary File Deletion Vulnerability iDefense Labs (Wed Mar 04 2009 - 15:42:50 CST)
SupportSoft DNA Editor Module (dnaedit.dll v6.9.2205) remote code execution exploit (IE6/7) nospamgmail.it (Thu Mar 05 2009 - 05:04:41 CST)
libc:fts_*():multiple vendors, Denial-of-service cxibsecurityreason.com (Thu Mar 05 2009 - 10:48:20 CST)
ZDI-09-013: Mozilla Firefox XUL Linked Clones Double Free Vulnerability ZDI Disclosures (Thu Mar 05 2009 - 12:01:53 CST)
iDefense COMRaider, ActiveX controls, and browser configuration Steven M. Christey (Thu Mar 05 2009 - 12:41:00 CST)
- Re: iDefense COMRaider, ActiveX controls, and browser configuration Vladimir '3APA3A' Dubrovin (Fri Mar 06 2009 - 07:19:19 CST)
[ MDVSA-2009:065 ] php4 securitymandriva.com (Thu Mar 05 2009 - 14:56:00 CST)
[ MDVSA-2009:066 ] php securitymandriva.com (Thu Mar 05 2009 - 15:18:00 CST)
[USN-729-1] Python Crypto vulnerability Kees Cook (Thu Mar 05 2009 - 17:38:36 CST)
[USN-728-1] Firefox and Xulrunner vulnerabilities Jamie Strandboge (Thu Mar 05 2009 - 18:35:49 CST)
[USN-728-2] Firefox vulnerabilities Jamie Strandboge (Thu Mar 05 2009 - 18:36:13 CST)
Re: [Full-disclosure] Zabbix 1.6.2 Frontend Multiple Vulnerabilities Roberto Muñoz Fernandez (Thu Mar 05 2009 - 17:42:48 CST)
[USN-728-3] Firefox vulnerabilities Jamie Strandboge (Thu Mar 05 2009 - 18:37:17 CST)
[ MDVSA-2009:067 ] libsndfile securitymandriva.com (Thu Mar 05 2009 - 17:36:00 CST)
[USN-730-1] libpng vulnerabilities Jamie Strandboge (Thu Mar 05 2009 - 20:25:22 CST)
[Positive Technologies SA:2009-12] UMI.CMS Cross-Site Scripting vulnerability aanisimovptsecurity.com (Fri Mar 06 2009 - 08:45:48 CST)
Wili-CMS 0.4.0 Multiple Vulnerabilities (Remote/Local File Inclusion - Authentication Bypass) Salvatore \ (Fri Mar 06 2009 - 06:05:06 CST)
[SECURITY] CVE-2009-0781 XSS in Apache Tomcat examples web application Mark Thomas (Fri Mar 06 2009 - 09:56:34 CST)
DEFCON CTF Submissions are in, DC-16 video online! The Dark Tangent (Thu Mar 05 2009 - 21:13:46 CST)
WarVOX 1.0.0 Released H D Moore (Fri Mar 06 2009 - 00:51:31 CST)
[Positive Technologies SA:2009-13] TinX CMS 3.x SQL Injection Vulnerability aanisimovptsecurity.com (Fri Mar 06 2009 - 10:53:21 CST)
[ MDVSA-2009:068 ] poppler securitymandriva.com (Fri Mar 06 2009 - 15:26:00 CST)
[ GLSA 200903-01 ] Vinagre: User-assisted execution of arbitrary code Pierre-Yves Rofes (Fri Mar 06 2009 - 15:59:44 CST)
nForum 1.5 Multiple SQL Injection Salvatore \ (Fri Mar 06 2009 - 14:42:37 CST)
[ GLSA 200903-02 ] ZNC: Privilege escalation Tobias Heinlein (Fri Mar 06 2009 - 16:35:27 CST)
[ GLSA 200903-03 ] Audacity: User-assisted execution of arbitrary code Tobias Heinlein (Fri Mar 06 2009 - 16:37:05 CST)
[ GLSA 200903-04 ] DevIL: User-assisted execution of arbitrary code Tobias Heinlein (Fri Mar 06 2009 - 16:38:29 CST)
[ MDVSA-2009:069 ] curl securitymandriva.com (Fri Mar 06 2009 - 18:48:00 CST)
[ MDVSA-2009:068-1 ] poppler securitymandriva.com (Fri Mar 06 2009 - 21:07:00 CST)
[ GLSA 200903-05 ] PDFjam: Multiple vulnerabilities Robert Buchholz (Sat Mar 07 2009 - 10:22:51 CST)
[ GLSA 200903-06 ] nfs-utils: Access restriction bypass Robert Buchholz (Sat Mar 07 2009 - 10:24:44 CST)
[ GLSA 200903-07 ] Samba: Data disclosure Robert Buchholz (Sat Mar 07 2009 - 10:26:15 CST)
[ GLSA 200903-08 ] gEDA: Insecure temporary file creation Robert Buchholz (Sat Mar 07 2009 - 10:27:52 CST)
[ GLSA 200903-09 ] OpenTTD: Execution of arbitrary code Robert Buchholz (Sat Mar 07 2009 - 10:29:53 CST)
phpCommunity 2 2.1.8 Multiple Vulnerabilities (SQL Injection / Directory Traversal / XSS) Salvatore \ (Sat Mar 07 2009 - 11:25:19 CST)
[ GLSA 200903-10 ] Irrlicht: User-assisted execution of arbitrary code Pierre-Yves Rofes (Sat Mar 07 2009 - 15:31:03 CST)
Re: Vulnerability CVE-2008-3671 - MyReview's vulnerability in the access control system alexchf.fypgmail.com (Mon Mar 09 2009 - 02:50:03 CDT)
Secunia Research: Foxit Reader JBIG2 Symbol Dictionary Processing Vulnerability Secunia Research (Mon Mar 09 2009 - 07:27:51 CDT)
[ GLSA 200903-11 ] PyCrypto: Execution of arbitrary code Robert Buchholz (Mon Mar 09 2009 - 08:05:47 CDT)
[ GLSA 200903-12 ] OptiPNG: User-assisted execution of arbitrary code Robert Buchholz (Mon Mar 09 2009 - 08:06:55 CDT)
[ GLSA 200903-13 ] MPFR: Denial of Service Robert Buchholz (Mon Mar 09 2009 - 08:07:38 CDT)
[ GLSA 200903-14 ] BIND: Incorrect signature verification Robert Buchholz (Mon Mar 09 2009 - 08:10:06 CDT)
[ GLSA 200903-15 ] git: Multiple vulnerabilties Robert Buchholz (Mon Mar 09 2009 - 08:56:27 CDT)
[ GLSA 200903-16 ] Epiphany: Untrusted search path Robert Buchholz (Mon Mar 09 2009 - 08:57:37 CDT)
[ GLSA 200903-17 ] Real VNC: User-assisted execution of arbitrary code Robert Buchholz (Mon Mar 09 2009 - 08:58:19 CDT)
[ GLSA 200903-18 ] Openswan: Insecure temporary file creation Robert Buchholz (Mon Mar 09 2009 - 09:00:47 CDT)
- Re: [ GLSA 200903-18 ] Openswan: Insecure temporary file creation Paul Wouters (Mon Mar 09 2009 - 15:12:41 CDT)
- Re: [ GLSA 200903-18 ] Openswan: Insecure temporary file creation Robert Buchholz (Tue Mar 10 2009 - 05:47:14 CDT)
[ GLSA 200903-19 ] Xerces-C++: Denial of Service Robert Buchholz (Mon Mar 09 2009 - 09:01:23 CDT)
[ GLSA 200903-20 ] WebSVN: Multiple vulnerabilities Robert Buchholz (Mon Mar 09 2009 - 09:02:04 CDT)
DDIVRT-2009-22 SMART Board Whiteboard Directory Traversal Vulnerability ddivulnalertddifrontline.com (Mon Mar 09 2009 - 09:44:23 CDT)
DDIVRT-2009-21 vBook Login Application Cross-site Scripting Vulnerability ddivulnalertddifrontline.com (Mon Mar 09 2009 - 09:45:01 CDT)
Belkin BullDog Plus UPS-Service Buffer Overflow Vulnerability Elazar Broad (Sat Mar 07 2009 - 21:06:46 CST)
Re: Vulnerability CVE-2008-3671 - MyReview's vulnerability in the access control system Julien Thomas (Mon Mar 09 2009 - 13:51:07 CDT)
[ GLSA 200903-21 ] cURL: Arbitrary file access Tobias Heinlein (Mon Mar 09 2009 - 13:58:39 CDT)
Foxit Reader Multiple Vulnerabilities (CORE-2009-0218) Core Security Technologies Advisories (Mon Mar 09 2009 - 14:40:33 CDT)
SEC Consult SA-20090305-1 :: IBM Director CIM Server Remote Denial of Service Vulnerability Bernhard Mueller (Tue Mar 10 2009 - 05:07:41 CDT)
FINAL: Call for Papers on Cyber Warfare k g (Tue Mar 10 2009 - 06:26:55 CDT)
SEC Consult SA-20090305-2 :: IBM Director CIM Server Local Privilege Escalation Vulnerability Bernhard Mueller (Tue Mar 10 2009 - 05:09:14 CDT)
SEC Consult SA-20090305-0 :: NextApp Echo XML Injection Vulnerability Bernhard Mueller (Tue Mar 10 2009 - 04:58:46 CDT)
Aryanic HighCMS and HighPortal multiple Vulnerabilities mr.faghanigmail.com (Tue Mar 10 2009 - 08:19:10 CDT)
[ GLSA 200903-22 ] Ganglia: Execution of arbitrary code Robert Buchholz (Tue Mar 10 2009 - 09:27:40 CDT)
Multiple Vulnerabilities in iAntiVirus Carsten Eilers (Tue Mar 10 2009 - 10:13:10 CDT)
[ MDVSA-2009:070 ] openoffice.org securitymandriva.com (Tue Mar 10 2009 - 10:17:00 CDT)
Paper: Socket Capable Browser Plugins Result In Transparent Proxy Abuse robertwebappsec.org (Tue Mar 10 2009 - 12:05:31 CDT)
Addonics NAS Adapter Post-Auth DoS mcyr2csc.com (Tue Mar 10 2009 - 11:20:40 CDT)
[USN-731-1] Apache vulnerabilities Marc Deslauriers (Tue Mar 10 2009 - 11:54:06 CDT)
[USN-732-1] dash vulnerability Marc Deslauriers (Tue Mar 10 2009 - 11:54:50 CDT)
AST-2009-002: Remote Crash Vulnerability in SIP channel driver Asterisk Security Team (Tue Mar 10 2009 - 12:38:37 CDT)
[ECHO_ADV_104$2009] WeBid <= 0.7.3 RC9 Multiple Remote File Inclution Vulnerabilities vulne-rdc.org (Tue Mar 10 2009 - 13:10:49 CDT)
[ MDVSA-2009:071 ] kernel securitymandriva.com (Tue Mar 10 2009 - 14:03:01 CDT)
[ISecAuditors Security Advisories] WordPress MU HTTP Header XSS Vulnerability ISecAuditors Security Advisories (Tue Mar 10 2009 - 15:26:46 CDT)
[SECURITY] [DSA 1735-1] New znc packages fix privilege escalation Florian Weimer (Tue Mar 10 2009 - 15:23:49 CDT)
Sun Java System Communications Express [HTML Injection] sosobloodhotmail.com (Tue Mar 10 2009 - 16:16:51 CDT)
- Re: Sun Java System Communications Express [HTML Injection] sosobloodhotmail.com (Wed Mar 11 2009 - 15:07:02 CDT)
[ GLSA 200903-24 ] Shadow: Privilege escalation Pierre-Yves Rofes (Tue Mar 10 2009 - 17:34:59 CDT)
[ GLSA 200903-23 ] Adobe Flash Player: Multiple vulnerabilities Pierre-Yves Rofes (Tue Mar 10 2009 - 17:27:02 CDT)
[SECURITY] [DSA 1736-1] New mahara packages fix cross-site scripting Steffen Joeris (Tue Mar 10 2009 - 15:33:38 CDT)
[security bulletin] HPSBUX02411 SSRT080111 rev.1 - HP-UX Running Java, Remote Execution of Arbitrary Code and Other Vulnerabilities security-alerthp.com (Wed Mar 11 2009 - 10:20:52 CDT)
[security bulletin] HPSBMA02412 SSRT080040 rev.1 - WMI Mapper for HP Systems Insight Manager Running on Windows, Remote Unauthorized Access to Data, Local Unauthorized Access security-alerthp.com (Wed Mar 11 2009 - 10:20:07 CDT)
Re: Adobe Flash Player plug-in null pointer dereference and browser crash Matthew Dempsky (Wed Mar 11 2009 - 12:30:49 CDT)
[SECURITY] [DSA 1738-1] New curl packages fix arbitrary file access Nico Golde (Wed Mar 11 2009 - 11:46:54 CDT)
Cisco Security Advisory: Cisco Unified Communications Manager IP Phone Personal Address Book Synchronizer Privilege Escalation Vulnerability Cisco Systems Product Security Incident Response Team (Wed Mar 11 2009 - 10:40:00 CDT)
TOORCAMP 2009 CALL FOR PARTICIPATION h1karitoorcon.org (Wed Mar 11 2009 - 13:54:34 CDT)
TikiWiki 2.2 XSS Vulnerability in URI iliz-zyandex.rui (Thu Mar 12 2009 - 03:54:41 CDT)
- Re: TikiWiki 2.2 XSS Vulnerability in URI dannyorionrobots.co.uk (Thu Mar 12 2009 - 18:19:16 CDT)
POP Peeper 3.4.0.0 Date Remote Buffer Overflow Vulnerability Krakow Labs (Wed Mar 11 2009 - 23:14:01 CDT)
[ MDVSA-2009:073 ] sarg securitymandriva.com (Wed Mar 11 2009 - 16:45:01 CDT)
[USN-726-1] curl vulnerability Marc Deslauriers (Tue Mar 03 2009 - 13:44:12 CST)
[USN-724-1] Squid vulnerability Jamie Strandboge (Thu Feb 26 2009 - 06:28:55 CST)
[USN-728-2] Firefox vulnerabilities Jamie Strandboge (Thu Mar 05 2009 - 18:36:13 CST)
Trellis Desk v1.0 XSS Vulnerability larryjlogica.com (Wed Mar 11 2009 - 18:25:41 CDT)
[USN-729-1] Python Crypto vulnerability Kees Cook (Thu Mar 05 2009 - 17:38:36 CST)
[ GLSA 200903-25 ] Courier Authentication Library: SQL Injection vulnerability Pierre-Yves Rofes (Wed Mar 11 2009 - 14:33:55 CDT)
[SECURITY] [DSA 1737-1] New wesnoth packages fix several vulnerabilities Steffen Joeris (Wed Mar 11 2009 - 10:16:56 CDT)
[USN-726-2] curl regression Marc Deslauriers (Wed Mar 04 2009 - 09:09:19 CST)
[USN-728-3] Firefox vulnerabilities Jamie Strandboge (Thu Mar 05 2009 - 18:37:17 CST)
[USN-727-2] NetworkManager vulnerability Marc Deslauriers (Tue Mar 03 2009 - 13:46:12 CST)
[ GLSA 200903-26 ] TMSNC: Execution of arbitrary code Robert Buchholz (Thu Mar 12 2009 - 08:58:21 CDT)
Re: Adobe Flash Player plug-in null pointer dereference and browser crash Alex Legler (Thu Mar 12 2009 - 08:17:23 CDT)
[ MDVSA-2009:074 ] libneon0.27 securitymandriva.com (Wed Mar 11 2009 - 17:31:01 CDT)
flv2mpeg4: Malformed parameters Denial of Service Anonelhacker.net (Mon Mar 09 2009 - 13:16:24 CDT)
[USN-727-1] network-manager-applet vulnerabilities Marc Deslauriers (Tue Mar 03 2009 - 13:45:21 CST)
[ MDVSA-2009:072 ] perl-MDK-Common securitymandriva.com (Wed Mar 11 2009 - 14:29:00 CDT)
[security bulletin] HPSBMA02413 SSRT080040 rev.1 - HP WMI Mapper for Windows Server 2003 and Windows Server 2008 for Itanium-based Servers, Remote Unauthorized Access to Data, Local Unauthorized Access security-alerthp.com (Thu Mar 12 2009 - 13:28:31 CDT)
[Suspected Spam][PT-2009-11] SlySoft Multiple Products ElbyCDIO.sys Denial of Service Valery Marchuk (Thu Mar 12 2009 - 12:11:16 CDT)
[oCERT-2008-015] glib and glib-predecessor heap overflows Will Drewry (Thu Mar 12 2009 - 11:07:54 CDT)
rPSA-2009-0042-1 curl rPath Update Announcements (Thu Mar 12 2009 - 18:04:21 CDT)
rPSA-2009-0041-1 dhclient dhcp libdhcp4client rPath Update Announcements (Thu Mar 12 2009 - 18:02:09 CDT)
[ GLSA 200903-27 ] ProFTPD: Multiple vulnerabilities Pierre-Yves Rofes (Thu Mar 12 2009 - 17:29:21 CDT)
rPSA-2009-0040-1 tshark wireshark rPath Update Announcements (Thu Mar 12 2009 - 18:00:28 CDT)
Apple iTunes DAAP Messages Handling Denial of Service Vulnerability  secresearchfortinet.com (Thu Mar 12 2009 - 20:59:57 CDT)
rPSA-2009-0046-1 libpng rPath Update Announcements (Thu Mar 12 2009 - 18:07:00 CDT)
rPSA-2009-0045-1 glib rPath Update Announcements (Thu Mar 12 2009 - 18:08:49 CDT)
GeoVision LiveAudio ActiveX Control GetAudioPlayingTime() remote freed-memory access exploit nospamgmail.it (Fri Mar 13 2009 - 10:36:33 CDT)
[Positive Technologies SA:2009-15] Living CMS Cross-Site Scripting vulnerability aanisimovptsecurity.com (Fri Mar 13 2009 - 12:57:42 CDT)
[Positive Technologies SA:2009-14] BLOG CMS Cross-Site Scripting vulnerability aanisimovptsecurity.com (Fri Mar 13 2009 - 12:59:09 CDT)
[Positive Technologies SA:2009-20] A.CMS Multiple Vulnerabilities aanisimovptsecurity.com (Fri Mar 13 2009 - 13:00:05 CDT)
[ MDVSA-2009:075 ] firefox securitymandriva.com (Fri Mar 13 2009 - 15:50:01 CDT)
[SECURITY] [DSA 1739-1] New mldonkey packages fix information disclosure Florian Weimer (Fri Mar 13 2009 - 15:58:15 CDT)
Infopop UBB.Threads Admin Credentials via SQL Injection swhitesecurestate.com (Fri Mar 13 2009 - 13:43:42 CDT)
[SECURITY] [DSA 1740-1] New yaws packages fix denial of service Steffen Joeris (Fri Mar 13 2009 - 23:07:11 CDT)
[SECURITY] [DSA 1741-1] New psi packages fix denial of service Moritz Muehlenhoff (Sat Mar 14 2009 - 06:47:18 CDT)
[ MDVSA-2009:076 ] avahi securitymandriva.com (Fri Mar 13 2009 - 21:02:00 CDT)
[ GLSA 200903-28 ] libpng: Multiple vulnerabilities Pierre-Yves Rofes (Sun Mar 15 2009 - 13:42:50 CDT)
rosoft media player local BOF exploit multi tagets maroc-anti-connexionhotmail.com (Sat Mar 14 2009 - 11:09:06 CDT)
[SECURITY] [DSA 1742-1] New libsnd packages fix arbitrary code execution Nico Golde (Sun Mar 15 2009 - 19:46:00 CDT)
[Bkis-04-2009] GOM Encoder Heap-based Buffer Overflow Bkis (Sun Mar 15 2009 - 23:12:02 CDT)
NGENUITY-2009-005 OpenCart Order By Blind SQL Injection Adam Baldwin (Sun Mar 15 2009 - 23:44:43 CDT)
reporting CVE rahimeh.khodadadigmail.com (Mon Mar 16 2009 - 08:12:25 CDT)
[Bkis-03-2009] Multiple Vulnerabilities found in Rapidleech rev.36 Bkis (Sat Mar 14 2009 - 07:50:00 CDT)
[USN-734-1] FFmpeg vulnerabilities Marc Deslauriers (Mon Mar 16 2009 - 18:32:01 CDT)
[USN-738-1] GLib vulnerability Jamie Strandboge (Mon Mar 16 2009 - 17:35:33 CDT)
[USN-733-1] evolution-data-server vulnerability Marc Deslauriers (Mon Mar 16 2009 - 15:39:29 CDT)
CPANEL File Manager XSS Vulnerability rizki.wicaksonogmail.com (Mon Mar 16 2009 - 23:53:27 CDT)
HP Laserjet multiple models web management CSRF vulnerability & insecure default configuration Henri Lindberg (Mon Mar 16 2009 - 16:06:21 CDT)
[ GLSA 200903-29 ] BlueZ: Arbitrary code execution Pierre-Yves Rofes (Mon Mar 16 2009 - 16:36:12 CDT)
[USN-736-1] GStreamer Good Plugins vulnerabilities Marc Deslauriers (Mon Mar 16 2009 - 15:40:32 CDT)
PHPRunner SQL Injection adminbugreport.ir (Tue Mar 17 2009 - 05:35:37 CDT)
[SECURITY] [DSA 1743-1] New libtk-img packages fix arbitrary code execution Steffen Joeris (Tue Mar 17 2009 - 03:52:05 CDT)
[USN-735-1] GStreamer Base Plugins vulnerability Marc Deslauriers (Mon Mar 16 2009 - 15:41:20 CDT)
[ GLSA 200903-30 ] Opera: Multiple vulnerabilities Tobias Heinlein (Mon Mar 16 2009 - 18:54:09 CDT)
[USN-737-1] libsoup vulnerability Marc Deslauriers (Mon Mar 16 2009 - 15:43:15 CDT)
[ECHO_ADV_107$2009] FubarForum <= 1.6 Critical File Disclosure Vulnerability vulne-rdc.org (Tue Mar 17 2009 - 11:09:58 CDT)
[USN-739-1] Amarok vulnerabilities Marc Deslauriers (Tue Mar 17 2009 - 12:29:25 CDT)
DEFCON London DC4420 March meeting - Thursday 19th March Major Malfunction (Tue Mar 17 2009 - 12:17:46 CDT)
[ECHO_ADV_106$2009] FireAnt <= 1.3 Critical File Disclosure Vulnerability vulne-rdc.org (Tue Mar 17 2009 - 11:08:20 CDT)
[ECHO_ADV_105$2009] chaozzDB <= 1.2 Critical File Disclosure Vulnerability vulne-rdc.org (Tue Mar 17 2009 - 11:06:32 CDT)
[ GLSA 200903-31 ] libcdaudio: User-assisted execution of arbitrary code Pierre-Yves Rofes (Tue Mar 17 2009 - 16:10:05 CDT)
iDefense Security Advisory 03.17.09: Autonomy KeyView Word Perfect File Parsing Buffer Overflow Vulnerability iDefense Labs (Tue Mar 17 2009 - 16:55:16 CDT)
- Re: iDefense Security Advisory 03.17.09: Autonomy KeyView Word Perfect File Parsing Buffer Overflow Vulnerability iDefense Labs (Tue Mar 17 2009 - 17:22:19 CDT)
Sitecore .NET 5.3.x - web service information disclosure security.assurancenab.com.au (Tue Mar 17 2009 - 17:38:05 CDT)
Layered Defense Research Advisory: Format String Vulnerablity in Symantec PcAnywhere v10-12.5 dhlayereddefense.com (Tue Mar 17 2009 - 23:38:52 CDT)
[USN-740-1] NSS vulnerability Jamie Strandboge (Tue Mar 17 2009 - 17:11:30 CDT)
[SECURITY] [DSA 1744-1] New weechat packages fix denial of service Nico Golde (Wed Mar 18 2009 - 06:55:04 CDT)
CDex v1.70b2 (.ogg) local buffer overflow exploit poc nospamgmail.it (Tue Mar 17 2009 - 17:15:50 CDT)
[ISecAuditors Security Advisories] ModSecurity < 2.5.9 remote Denial of Service (DoS) ISecAuditors Security Advisories (Thu Mar 19 2009 - 07:53:55 CDT)
[ GLSA 200903-32 ] phpMyAdmin: Multiple vulnerabilities Pierre-Yves Rofes (Wed Mar 18 2009 - 17:30:32 CDT)
[USN-742-1] JasPer vulnerabilities Marc Deslauriers (Thu Mar 19 2009 - 13:02:46 CDT)
Command Execution in Hannon Hill Cascade Server Elliot Kendall (Thu Mar 19 2009 - 14:07:56 CDT)
rPSA-2009-0050-1 ghostscript rPath Update Announcements (Thu Mar 19 2009 - 14:52:09 CDT)
Slides from uCon Security Conference 2009 available online uCon Security Conference (Thu Mar 19 2009 - 15:51:35 CDT)
[ MDVSA-2009:060-1 ] nfs-utils securitymandriva.com (Thu Mar 19 2009 - 16:35:00 CDT)
[USN-741-1] Thunderbird vulnerabilities Jamie Strandboge (Thu Mar 19 2009 - 17:30:32 CDT)
[SECURITY] [DSA 1745-1] New lcms packages fix arbitrary code execution Steffen Joeris (Fri Mar 20 2009 - 04:16:54 CDT)
LittleCMS vulnerabilities (OpenJDK, Firefox, GIMP, etc. impacted) Chris Evans (Thu Mar 19 2009 - 21:24:43 CDT)
[ GLSA 200903-33 ] FFmpeg: Multiple vulnerabilities Pierre-Yves Rofes (Thu Mar 19 2009 - 17:59:58 CDT)
[security bulletin] HPSBMA02338 SSRT080024, SSRT080041 rev.3 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code, Denial of Service (DoS) security-alerthp.com (Fri Mar 20 2009 - 08:20:19 CDT)
[SECURITY] [DSA 1746-1] New ghostscript packages fix arbitrary code execution Steffen Joeris (Fri Mar 20 2009 - 04:32:00 CDT)
[SECURITY] [DSA 1748-1] New libsoup packages fix arbitrary code execution Steffen Joeris (Fri Mar 20 2009 - 09:15:01 CDT)
[SECURITY] [DSA 1747-1] New glib2.0 packages fix arbitrary code execution Steffen Joeris (Fri Mar 20 2009 - 09:11:16 CDT)
Bs.Player <= 2.34 Build 980 (.bsl) local buffer overflow 0day exploit (seh) nospamgmail.it (Thu Mar 19 2009 - 21:01:44 CDT)
[oCERT-2009-003] LittleCMS integer errors Andrea Barisani (Fri Mar 20 2009 - 13:02:40 CDT)
[ GLSA 200903-34 ] Amarok: User-assisted execution of arbitrary code Tobias Heinlein (Fri Mar 20 2009 - 15:22:13 CDT)
[SECURITY] [DSA 1749-1] New Linux 2.6.26 packages fix several vulnerabilities dann frazier (Fri Mar 20 2009 - 15:55:47 CDT)
[SECURITY] [DSA 1751-1] New xulrunner packages fix several vulnerabilities Moritz Muehlenhoff (Sun Mar 22 2009 - 16:30:20 CDT)
ExpressionEngine Persistent Cross-Site Scripting Adam Baldwin (Sun Mar 22 2009 - 18:28:52 CDT)
Rittal CMC-TC Processing Unit II multiple vulnerabilities Henri Lindberg - Smilehouse Oy (Mon Mar 23 2009 - 06:37:50 CDT)
[SECURITY] [DSA 1750-1] New libpng packages fix several vulnerabilities Florian Weimer (Sun Mar 22 2009 - 12:16:04 CDT)
[ MDVSA-2009:077 ] pam securitymandriva.com (Sat Mar 21 2009 - 14:25:01 CDT)
FreeBSD Security Advisory FreeBSD-SA-09:06.ktimer FreeBSD Security Advisories (Sun Mar 22 2009 - 19:09:12 CDT)
CORE-2009-0122: HP OpenView Buffer Overflows CORE Security Technologies Advisories (Mon Mar 23 2009 - 12:45:49 CDT)
[SECURITY] [DSA 1752-1] New webcit packages fix potential remote code execution Florian Weimer (Mon Mar 23 2009 - 13:14:05 CDT)
[ MDVSA-2009:078 ] evolution-data-server securitymandriva.com (Mon Mar 23 2009 - 12:37:00 CDT)
[ MDVSA-2009:079 ] postgresql securitymandriva.com (Mon Mar 23 2009 - 12:54:00 CDT)
[USN-743-1] Ghostscript vulnerabilities Marc Deslauriers (Mon Mar 23 2009 - 13:37:41 CDT)
[USN-744-1] LittleCMS vulnerabilities Marc Deslauriers (Mon Mar 23 2009 - 13:38:27 CDT)
[ GLSA 200903-35 ] Muttprint: Insecure temporary file usage Pierre-Yves Rofes (Mon Mar 23 2009 - 16:56:40 CDT)
[ GLSA 200903-36 ] MLDonkey: Information disclosure Pierre-Yves Rofes (Mon Mar 23 2009 - 17:11:38 CDT)
[ GLSA 200903-37 ] Ghostscript: User-assisted execution of arbitrary code Pierre-Yves Rofes (Mon Mar 23 2009 - 17:34:00 CDT)
PHPizabi v0.848b C1 HFP1 proc.inc.php remote privilege escalation (php.ini independent) nospamgmail.it (Tue Mar 24 2009 - 02:04:28 CDT)
[security bulletin] HPSBMA02416 SSRT090008 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code security-alerthp.com (Tue Mar 24 2009 - 07:36:54 CDT)
ZDI-09-014: Adobe Acrobat getIcon() Stack Overflow Vulnerability ZDI Disclosures (Tue Mar 24 2009 - 11:51:37 CDT)
[security bulletin] HPSBUX02409 SSRT080171 rev.1 - HP-UX Running VERITAS File System (VRTSvxfs) or VERITAS Oracle Disk Manager (VRTSodm), Local Escalation of Privilege security-alerthp.com (Tue Mar 24 2009 - 13:16:11 CDT)
iDefense Security Advisory 03.24.09: Adobe Reader and Acrobat JBIG2 Encoded Stream Heap Overflow Vulnerability iDefense Labs (Tue Mar 24 2009 - 14:47:56 CDT)
[SECURITY] [DSA 1753-1] End-of-life announcement for Iceweasel in oldstable Moritz Muehlenhoff (Tue Mar 24 2009 - 16:20:14 CDT)
[ GLSA 200903-38 ] Squid: Multiple Denial of Service vulnerabilities Pierre-Yves Rofes (Tue Mar 24 2009 - 16:42:45 CDT)
Secunia Research: Adobe Reader JBIG2 Symbol Dictionary Buffer Overflow Secunia Research (Wed Mar 25 2009 - 04:22:05 CDT)
- Re: Secunia Research: Adobe Reader JBIG2 Symbol Dictionary Buffer Overflow Florian Weimer (Wed Mar 25 2009 - 11:42:11 CDT)
- Re: Secunia Research: Adobe Reader JBIG2 Symbol Dictionary Buffer Overflow Eric C. Lukens (Wed Mar 25 2009 - 14:20:40 CDT)
- Re[2]: Secunia Research: Adobe Reader JBIG2 Symbol Dictionary Buffer Overflow Vladimir '3APA3A' Dubrovin (Wed Mar 25 2009 - 14:55:32 CDT)
[SECURITY] [DSA 1745-2] New lcms packages fix regression Steffen Joeris (Wed Mar 25 2009 - 06:32:18 CDT)
Cisco Security Advisory: Cisco IOS Software Secure Copy Privilege Escalation Vulnerability Cisco Systems Product Security Incident Response Team (Wed Mar 25 2009 - 11:00:00 CDT)
Cisco Security Advisory: Cisco IOS Software Multiple Features Crafted TCP Sequence Vulnerability Cisco Systems Product Security Incident Response Team (Wed Mar 25 2009 - 11:00:00 CDT)
Cisco Security Advisory: Cisco IOS Software WebVPN and SSLVPN Vulnerabilities Cisco Systems Product Security Incident Response Team (Wed Mar 25 2009 - 11:00:00 CDT)
Cisco Security Advisory: Cisco IOS cTCP Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Wed Mar 25 2009 - 11:00:00 CDT)
Cisco Security Advisory: Cisco IOS Software Mobile IP and Mobile IPv6 Vulnerabilities Cisco Systems Product Security Incident Response Team (Wed Mar 25 2009 - 11:00:00 CDT)
[SECURITY] [DSA 1755-1] New systemtap packages fix local privilege escalation Moritz Muehlenhoff (Wed Mar 25 2009 - 16:16:51 CDT)
CFP RAID 2009 Corrado Leita (Wed Mar 25 2009 - 15:58:24 CDT)
[ GLSA 200903-39 ] pam_krb5: Privilege escalation Pierre-Yves Rofes (Wed Mar 25 2009 - 17:45:17 CDT)
[Bkis-05-2009] PowerCHM Stack-based Buffer Overflow Bkis (Thu Mar 26 2009 - 00:27:29 CDT)
ICAP adaptation: missing data flow control to client side Martin Huter (Thu Mar 26 2009 - 10:13:32 CDT)
iDefense Security Advisory 03.26.09: Sun Java Runtine Environment (JRE) Type1 Font Parsing Integer Signedness Vulnerability iDefense Labs (Thu Mar 26 2009 - 12:49:43 CDT)
[USN-746-1] xine-lib vulnerability Marc Deslauriers (Thu Mar 26 2009 - 14:27:37 CDT)
[USN-747-1] ICU vulnerability Marc Deslauriers (Thu Mar 26 2009 - 14:28:21 CDT)
iDefense Security Advisory 03.26.09: Sun Java Web Start (JWS ) GIF Decoding Heap Corruption Vulnerability iDefense Labs (Thu Mar 26 2009 - 14:47:02 CDT)
[ MDVSA-2009:080 ] glib2.0 securitymandriva.com (Thu Mar 26 2009 - 16:50:00 CDT)
[USN-748-1] OpenJDK vulnerabilities Kees Cook (Thu Mar 26 2009 - 17:01:35 CDT)
Aurora Nutritive Analysis Module Multiple XSS Bugs NotHugs (Thu Mar 26 2009 - 19:43:03 CDT)
Moodle: Sensitive File Disclosure Christian Eibl (Fri Mar 27 2009 - 09:30:20 CDT)
iDefense Security Advisory 03.26.09: Sun Java Runtine Environment (JRE) GIF Decoding Heap Corruption Vulnerability iDefense Labs (Thu Mar 26 2009 - 15:22:17 CDT)
iDefense Security Advisory 03.26.09: Sun Java Web Start (JWS ) PNG Decoding Integer Overflow Vulnerability iDefense Labs (Thu Mar 26 2009 - 15:47:41 CDT)
iDefense Security Advisory 03.26.09: Sun Java Runtime Environment (JRE) Pack200 Decompression Integer Overflow Vulnerability iDefense Labs (Thu Mar 26 2009 - 16:16:54 CDT)
Novell Netstorage Multiple Vulnerabilities Bugs NotHugs (Thu Mar 26 2009 - 19:50:24 CDT)
[USN-745-1] Firefox and Xulrunner vulnerabilities Jamie Strandboge (Sat Mar 28 2009 - 00:27:07 CDT)
[SECURITY] [DSA 1756-1] New xulrunner packages fix multiple vulnerabilities Noah Meyerhans (Sun Mar 29 2009 - 13:03:00 CDT)
[tool release] Watcher v1.0.0 - passive Web-app security testing and compliance auditing Chris Weber (Sun Mar 29 2009 - 00:17:32 CDT)
[ GLSA 200903-40 ] Analog: Denial of Service Pierre-Yves Rofes (Sun Mar 29 2009 - 16:40:57 CDT)
glFusion <= 1.1.2 COM_applyFilter()/order sql injection exploit nospamgmail.it (Sat Mar 28 2009 - 23:37:13 CDT)
[ MDVSA-2009:081 ] libsoup securitymandriva.com (Fri Mar 27 2009 - 17:13:01 CDT)
Check Point Firewall-1 PKI Web Service HTTP Header Remote Overflow Bugs NotHugs (Mon Mar 30 2009 - 03:16:17 CDT)
[SECURITY] [DSA 1757-1] New auth2db packages fix SQL injection Steffen Joeris (Mon Mar 30 2009 - 05:09:41 CDT)
CVE-2009-0790: ISAKMP DPD Remote Vulnerability with Openswan & Strongswan IPsec Paul Wouters (Mon Mar 30 2009 - 11:17:24 CDT)
[ MDVSA-2009:082 ] krb5 securitymandriva.com (Mon Mar 30 2009 - 10:11:01 CDT)
Positron Security Advisory #2009-000: Multiple Vulnerabilities in MapServer v5.2.1 and v4.10.3 Positron Security (Mon Mar 30 2009 - 12:43:54 CDT)
Family Connections 1.8.1 Multiple Remote Vulnerabilities Salvatore \ (Mon Mar 30 2009 - 12:45:51 CDT)
- Re: Family Connections 1.8.1 Multiple Remote Vulnerabilities r_haudenschilthotmail.com (Mon Mar 30 2009 - 21:18:08 CDT)
DeepSec 2009 - Call for Papers is open DeepSec Conference (Mon Mar 30 2009 - 13:34:24 CDT)
[USN-749-1] libsndfile vulnerability Marc Deslauriers (Mon Mar 30 2009 - 13:28:13 CDT)
Community CMS 0.5 Multiple SQL Injection Vulnerabilities Salvatore \ (Mon Mar 30 2009 - 14:55:45 CDT)
[ GLSA 200903-41 ] gedit: Untrusted search path Pierre-Yves Rofes (Mon Mar 30 2009 - 16:48:53 CDT)
[SECURITY] [DSA 1758-1] New nss-ldapd packages fix information disclosure Moritz Muehlenhoff (Mon Mar 30 2009 - 16:47:00 CDT)
ZDI-09-015: Mozilla Firefox XUL _moveToEdgeShift() Memory Corruption Vulnerability ZDI Disclosures (Mon Mar 30 2009 - 17:41:16 CDT)
Zabbix Multiple Frontend CSRF (Password reset & command execution) Adam Baldwin (Mon Mar 30 2009 - 18:13:14 CDT)
[ECHO_ADV_108$2009] JobHut <= 1.2 (pk) Remote Sql Injection Vulnerability vulne-rdc.org (Mon Mar 30 2009 - 18:14:14 CDT)
[USN-750-1] OpenSSL vulnerability Jamie Strandboge (Mon Mar 30 2009 - 18:23:19 CDT)
[SECURITY] [DSA 1759-1] New strongswan packages fix denial of service Steffen Joeris (Mon Mar 30 2009 - 18:49:22 CDT)
[SECURITY] [DSA 1760-1] New openswan packages fix denial of service Steffen Joeris (Mon Mar 30 2009 - 18:49:43 CDT)
aspWebCalendar Free Edition bug joseph.giron13gmail.com (Mon Mar 30 2009 - 22:46:19 CDT)
Re: [ECHO_ADV_103$2009] taifajobs <= 1.0 (jobid) Remote SQL Injection Vulnerability tihataifaweb.net (Tue Mar 31 2009 - 03:07:13 CDT)
Cisco ASA5520 Web VPN Host Header XSS Bugs NotHugs (Tue Mar 31 2009 - 05:17:54 CDT)
[Positive Technologies SA 2009-09] Trend Micro Internet Security Pro 2009 tmactmon.sys Priviliege Escalation Vulnerabilities Valery Marchuk (Tue Mar 31 2009 - 06:49:10 CDT)
webEdition 6.0.0.4 Local File Inclusion Salvatore \ (Tue Mar 31 2009 - 08:22:49 CDT)
[DSECRG-09-013] IBM WebSphere Application Server 7.0 Multiple XSS Vulnerabilities DSecRG (Tue Mar 31 2009 - 12:00:09 CDT)
[security bulletin] HPSBMA02416 SSRT090008 rev.2 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code security-alerthp.com (Tue Mar 31 2009 - 12:02:12 CDT)
[DSECRG-09-016] SAP SAPDB Multiple XSS Alexandr Polyakov (Tue Mar 31 2009 - 12:09:29 CDT)
[DSECRG-09-030] PrecisionID Datamatrix ActiveX control - Arbitrary File overwriting DSecRG (Tue Mar 31 2009 - 12:22:47 CDT)
CORE-2009-0108: Multiple vulnerabilities in Sun Calendar Express Web Server CORE Security Technologies Advisories (Tue Mar 31 2009 - 15:01:43 CDT)

Last message date: Tue Mar 31 2009 - 15:55:37 CDT
Archived on: Tue Mar 31 2009 - 15:55:41 CDT

296 messages sorted by: [ author ] [ date ] [ subject ]