NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 2009-04

298 messages sorted by: [ date ] [ thread ] [ subject ]

Starting: Wed Apr 01 2009 - 09:58:36 CDT
Ending: Thu Apr 30 2009 - 10:06:47 CDT

Aditya K Sood
- In Response to Bid 34130 Invalid (Sat Apr 11 2009 - 04:29:26 CDT)
- [SecNiche Whitepaper] Evading Web XSS Filters with Microsoft Word - WAPT Perspective (Wed Apr 01 2009 - 08:59:55 CDT)
- Microsoft Internet Explorer 8 - Anti Spoofing is a Myth (Wed Apr 01 2009 - 08:59:28 CDT)
adminbugreport.ir
- SASPCMS Multiple Vulnerabilities (Wed Apr 08 2009 - 07:13:24 CDT)
akred-database-security.com
- SQL Injection in package DBMS_AQADM_SYS (Thu Apr 16 2009 - 00:40:55 CDT)
- Unprivileged DB users can see APEX password hashes (Thu Apr 16 2009 - 00:43:43 CDT)
- SQL Injection in package DBMS_AQIN (Thu Apr 16 2009 - 00:40:06 CDT)
Albert Sellarès
- Remote iodinetd DoS vulnerability on Debian Lenny (Sun Apr 26 2009 - 12:00:41 CDT)
- skpd: A tool to dump processes to executable ELF files (Wed Apr 15 2009 - 15:35:55 CDT)
Alexander Sotirov
- WOOT'09 call for papers (Thu Apr 23 2009 - 18:14:50 CDT)
alphanix00gmail.com
- Exjune Guestbook v2 Remote Database Disclosure Exploit (Wed Apr 08 2009 - 16:47:30 CDT)
- OTSTurntables 1.00.027 (.ofl file) Local universal SOF Exploit (Wed Apr 08 2009 - 12:34:39 CDT)
Andrew Kuriger
- Re: Windows Update (re-)installs outdated Flash ActiveX on Windows XP (Wed Apr 22 2009 - 17:59:06 CDT)
Andrew L. Davis
- Re: security tools list (Tue Apr 28 2009 - 13:34:06 CDT)
Anonymousgmail.com
- Re: [NOBYTES.COM: #12] osCommerce 2.2rc2a - Information Disclosure (Tue Apr 14 2009 - 06:35:44 CDT)
antonia.goodwinprocheckup.com
- XSS with mod_perl perl_status utility (Wed Apr 15 2009 - 11:11:39 CDT)
arvind doraiswamy
- Re: Formshield Captcha - Older Version vulnerable to replay attacks (Tue Apr 28 2009 - 02:13:23 CDT)
- Formshield Captcha - Older Version vulnerable to replay attacks (Fri Apr 24 2009 - 05:26:33 CDT)
Asterisk Security Team
- AST-2009-003: SIP responses expose valid usernames (Thu Apr 02 2009 - 13:59:45 CDT)
Bernardo Damele A. G.
- [Tool] sqlmap 0.7rc1 released (Wed Apr 22 2009 - 09:29:26 CDT)
Bernhard Mueller
- SEC Consult SA-20090415-1 :: Nortel Application Gateway 2000 Password Disclosure Vulnerability (Wed Apr 15 2009 - 09:03:49 CDT)
- SEC Consult SA-20090415-0 :: Multiple Vulnerabilities in Novell Teaming (Wed Apr 15 2009 - 09:02:23 CDT)
Bkis
- [Bkis-07-2009] 010 Editor Multiple Buffer Overflow Vulnerabilities (Wed Apr 22 2009 - 00:25:07 CDT)
- [Bkis-06-2009] GOM Player Subtitle Buffer Overflow Vulnerability (Wed Apr 08 2009 - 03:00:05 CDT)
c1c4tr1zvoodoo-labs.org
- net2ftp <= 0.97 Cross-Site Scripting/Request Forgery (Wed Apr 08 2009 - 16:13:10 CDT)
- Amaya 11.1 XHTML Parser Buffer Overflow (Sat Apr 04 2009 - 00:11:59 CDT)
Carlos Augusto
- BugCON '09, Mexico: Call For Papers (Mon Apr 13 2009 - 17:10:01 CDT)
Cesar
- Opening Intranets to attack by using Internet Explorer [paper] (Tue Apr 07 2009 - 13:36:50 CDT)
Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA Adaptive Security Appliance and Cisco PIX Security Appliances (Wed Apr 08 2009 - 11:01:39 CDT)
CORE Security Technologies Advisories
- CORE-2009-0114 - HTTP Response Splitting vulnerability in Sun Delegated Administrator (Tue Apr 21 2009 - 13:46:09 CDT)
Corrado Leita
- Reminder: RAID 2009 CFP (Thu Apr 09 2009 - 14:13:46 CDT)
cxibsecurityreason.com
- PHP 5.2.9 curl safe_mode & open_basedir bypass (Fri Apr 10 2009 - 08:14:32 CDT)
ddivulnalertddifrontline.com
- DDIVRT-2009-24 Precidia Ether232 Memory Corruption (Mon Apr 27 2009 - 12:58:49 CDT)
ddvulnalertddifronline.com
- DDIVRT-2009-23 Apache ActiveMQ Numerous Cross Site Scripting Issues (Thu Apr 16 2009 - 10:00:10 CDT)
Dennis Yurichev
- CVE-2009-0991 PoC (Mon Apr 20 2009 - 16:53:02 CDT)
- IBM DB2 (Thu Apr 02 2009 - 14:52:23 CDT)
Devin Carraway
- [SECURITY] [DSA 1783-1] New mysql-dfsg-5.0 packages fix multiple vulnerabilities (Wed Apr 29 2009 - 03:24:32 CDT)
dhlayereddefense.com
- Layered Defense Research Advisory: Format String Vulnerability: FortiClient Version 3 (Wed Apr 01 2009 - 21:25:25 CDT)
Digital Security Research Group [DSecRG]
- SAP Cfolders Multiple Stored XSS Vulnerabilies (Tue Apr 21 2009 - 18:46:05 CDT)
- SAP Cfolders Multiple Linked XSS Vulnerabilities (Tue Apr 21 2009 - 18:47:01 CDT)
dontcontactorspammearia-security.com
- [Aria-Security.com] vBulletin multiple XSS (Sat Apr 04 2009 - 01:50:23 CDT)
Dragos Ruiu
- EUSecWest 2009 CFP (May 27/28, Deadline April 7 2009) (Wed Apr 01 2009 - 16:28:45 CDT)
DSecRG
- [DSECRG-09-020] Apache Geronimo - XSRF vulnerabilities (Thu Apr 16 2009 - 12:18:47 CDT)
- [DSECRG-09-019] Apache Geronimo - XSS vulnerabilities.txt (Thu Apr 16 2009 - 12:17:28 CDT)
- [DSECRG-09-018] Apache Geronimo - Directory Traversal vulnerabilities (Thu Apr 16 2009 - 12:13:13 CDT)
- [DSECRG-09-037] abk-soft AbleSpace CMS 1.0 - Multiple security vulnerabilities (Tue Apr 14 2009 - 10:49:42 CDT)
- [DSECRG-09-036] Chance-i Techno Vision Security System - Directory Traversal File Download (Fri Apr 10 2009 - 07:36:39 CDT)
- [DSECRG-09-035] Chance-i DiViS DVR ActiveX - Heap Overflow (Fri Apr 10 2009 - 07:33:57 CDT)
dvlabs
- TPTI-09-01: VMWare VMnc Codec Invalid RFB Message Type Heap Overflow (Mon Apr 06 2009 - 15:43:55 CDT)
- TPTI-09-02: VMWare VMnc Codec Open-DML Standard Index dwSize Heap Overflow (Mon Apr 06 2009 - 15:44:02 CDT)
Elazar Broad
- Autodesk IDrop ActiveX Control Heap Corruption Vulnerability (Thu Apr 02 2009 - 14:00:06 CDT)
ew1zzbs.com
- Miniweb server Multiple Vulnerabilities (Thu Apr 16 2009 - 10:11:06 CDT)
ew1zzdontspammepls.com
- Miniweb Buffer Overflow (Thu Apr 16 2009 - 10:44:45 CDT)
ew1zzhotmail.com
- MonGoose 2.4 Directory Traversal Vulnerability (Mon Apr 13 2009 - 18:18:16 CDT)
ewizzbalcansecurity.com
- Zervit Webserver Buffer Overflow (Tue Apr 14 2009 - 16:22:26 CDT)
Florian Weimer
- [SECURITY] [DSA 1780-1] New libdbd-pg-perl packages fix potential code execution (Tue Apr 28 2009 - 13:34:37 CDT)
- [SECURITY] [DSA 1772-1] New udev packages fix privilege escalation (Thu Apr 16 2009 - 05:30:59 CDT)
- [SECURITY] [DSA 1771-1] New clamav packages fix several vulnerabilities (Wed Apr 15 2009 - 14:48:10 CDT)
- [SECURITY] [DSA 1769-1] New openjdk-6 packages fix arbitrary code execution (Sat Apr 11 2009 - 09:38:24 CDT)
- [SECURITY] [DSA 1768-1] New openafs packages potential code execution (Fri Apr 10 2009 - 09:51:13 CDT)
- [SECURITY] [DSA 1754-1] New roundup packages fix privilege escalation (Thu Apr 09 2009 - 15:53:23 CDT)
FreeBSD Security Advisories
- FreeBSD Security Advisory FreeBSD-SA-09:08.openssl (Wed Apr 22 2009 - 09:19:08 CDT)
- FreeBSD Security Advisory FreeBSD-SA-09:07.libc (Wed Apr 22 2009 - 09:19:12 CDT)
gabrielfalandodeseguranca.com
- Linksys WRT54GC - Admin Password Change (POC) (Sat Apr 18 2009 - 23:48:09 CDT)
Gadi Evron
- one shot remote root for linux? (Tue Apr 28 2009 - 09:07:29 CDT)
Gerardo García Peña
- Summer Camp Garrotxa 2009 event (Wed Apr 08 2009 - 00:36:22 CDT)
Henri Lindberg - Smilehouse Oy
- IBM BladeCenter Advanced Management Module Multiple vulnerabilities (Thu Apr 09 2009 - 05:38:52 CDT)
iDefense Labs
- iDefense Security Advisory 04.29.09: Symantec System Center Alert Management System Console Arbitrary Program Execution Design Error Vulnerability (Wed Apr 29 2009 - 11:34:45 CDT)
- iDefense Security Advisory 04.28.09: TIBCO SmartSockets Stack Buffer Overflow Vulnerability (Tue Apr 28 2009 - 14:53:25 CDT)
- iDefense Security Advisory 04.15.09: Microsoft WordPad Word97 Converter Stack Buffer Overflow Vulnerability (Wed Apr 15 2009 - 14:25:53 CDT)
- iDefense Security Advisory 04.15.09: IBM AIX muxatmd Buffer Overflow Vulnerability (Wed Apr 15 2009 - 15:11:25 CDT)
- iDefense Security Advisory 04.14.09: Microsoft Word 2000 WordPerfect 6.x Converter Stack Corruption Vulnerability (Tue Apr 14 2009 - 13:59:32 CDT)
IrIsT.Irgmail.com
- MataChat Cross-Site Scripting Vulnerabilities (Sat Apr 25 2009 - 00:58:40 CDT)
Jamie Strandboge
- [USN-765-1] Firefox and Xulrunner vulnerabilities (Tue Apr 28 2009 - 14:34:37 CDT)
- [USN-764-1] Firefox and Xulrunner vulnerabilities (Wed Apr 22 2009 - 21:12:23 CDT)
- [USN-762-1] APT vulnerabilities (Mon Apr 20 2009 - 16:39:54 CDT)
- [USN-760-1] CUPS vulnerability (Thu Apr 16 2009 - 16:28:21 CDT)
- [USN-756-1] ClamAV vulnerability (Mon Apr 13 2009 - 13:58:50 CDT)
- [USN-754-1] ClamAV vulnerabilities (Tue Apr 07 2009 - 14:32:12 CDT)
Jeremy Brown
- Re: Addonics NAS Adapter (bts.cgi) Remote DoS Exploit (post-auth) (Mon Apr 20 2009 - 16:12:53 CDT)
jplopezygmail.com
- Trend Micro OfficeScan Client - DOS (Tue Apr 21 2009 - 09:55:04 CDT)
Julien TINNES
- Massive exploitation of instant messaging applications proved feasible (Tue Mar 31 2009 - 22:00:30 CDT)
k g
- Cyber Warfare Conference: Agenda (Thu Apr 02 2009 - 14:30:36 CDT)
Kees Cook
- [USN-758-1] udev vulnerabilities (Wed Apr 15 2009 - 12:07:41 CDT)
- [USN-755-1] Kerberos vulnerabilities (Tue Apr 07 2009 - 18:34:59 CDT)
- [USN-752-1] Linux kernel vulnerabilities (Tue Apr 07 2009 - 12:37:12 CDT)
laurent.desaulniersgmail.com
- OSCommerce Session Fixation Vulnerability (Wed Apr 01 2009 - 18:35:34 CDT)
LayerOne Call For Papers
- LayerOne 2009 - Registration Open, Initial Speakers Announced (Tue Apr 07 2009 - 12:25:12 CDT)
Marc Deslauriers
- [USN-766-1] acpid vulnerability (Mon Apr 27 2009 - 16:25:44 CDT)
- [USN-761-2] PHP vulnerabilities (Mon Apr 27 2009 - 16:24:55 CDT)
- [USN-767-1] FreeType vulnerability (Mon Apr 27 2009 - 16:26:25 CDT)
- [USN-763-1] xine-lib vulnerabilities (Mon Apr 20 2009 - 16:38:47 CDT)
- [USN-761-1] PHP vulnerabilities (Mon Apr 20 2009 - 16:38:13 CDT)
- [USN-759-1] poppler vulnerabilities (Thu Apr 16 2009 - 16:24:01 CDT)
- [USN-757-1] Ghostscript vulnerabilities (Wed Apr 15 2009 - 09:39:15 CDT)
- [USN-753-1] PostgreSQL vulnerability (Tue Apr 07 2009 - 10:43:17 CDT)
Marco Mella
- POC - Sun Java System Acccess Manager & Identity Manager Users Enumeration (Tue Apr 07 2009 - 07:51:00 CDT)
marianiscchotmail.com
- Re: PHP-Revista Multiple vulnerabilities (Mon Apr 13 2009 - 15:49:01 CDT)
Mario Alejandro Vilas Jerez
- Python winappdbg module v1.0 is out! (Tue Apr 21 2009 - 11:24:55 CDT)
Mark Thomas
- CVE-2009-1190: Spring Framework Remote Denial of Service Vulnerability (Fri Apr 24 2009 - 03:51:35 CDT)
- [SECURITY] CVE-2008-5519: Apache Tomcat mod_jk information disclosure vulnerability (Tue Apr 07 2009 - 15:42:40 CDT)
Mark-David McLaughlin (marmclau)
- RE: Cisco ASA5520 Web VPN Host Header XSS (Fri Apr 24 2009 - 09:45:10 CDT)
Matteo Beccati
- [OPENX-SA-2009-002] OpenX 2.4.11, 2.6.5, 2.8.0 fix multiple vulnerabilities (Wed Apr 01 2009 - 17:33:16 CDT)
Matthew Dempsky
- Adgregate ShopAd widget validation is vulnerable to replay attack (Tue Apr 07 2009 - 19:42:27 CDT)
- Re: Adgregate ShopAd widget validation is vulnerable to replay attack (Wed Apr 08 2009 - 02:21:53 CDT)
- Re: Adgregate ShopAd widget validation is vulnerable to replay attack (Tue Apr 07 2009 - 20:56:50 CDT)
mcyr2csc.com
- Addonics NAS Adapter (bts.cgi) Remote DoS Exploit (post-auth) (Mon Apr 20 2009 - 15:12:59 CDT)
- HP Deskjet 6800 XSS in Web Interface (Sat Apr 11 2009 - 10:26:13 CDT)
mefuentes61hotmail.com
- Re: Critical SQL Injection PHPNuke <= 7.8 - Your_Account module (Sun Apr 12 2009 - 12:50:55 CDT)
Memisyazici, Aras
- RE: SQL INJECTION (SHELL UPLOAD)--EZ-blog Beta2--> (Mon Apr 27 2009 - 18:56:59 CDT)
Michael Wiegand
- OpenVAS now beyond 10000 Network Vulnerability Tests (Thu Apr 09 2009 - 09:23:04 CDT)
Michal Zalewski
- Re: Microsoft Internet Explorer 8 - Anti Spoofing is a Myth (Wed Apr 01 2009 - 10:44:58 CDT)
Mobile Security Lab
- MSL-2009-001 - Samsung Missing Provisioning Authentication (Fri Apr 24 2009 - 10:45:52 CDT)
Moritz Muehlenhoff
- [SECURITY] [DSA 1764-1] New tunapie packages fix several vulnerabilities (Tue Apr 07 2009 - 16:44:14 CDT)
- [SECURITY] [DSA 1763-1] New openssl packages fix denial of service (Mon Apr 06 2009 - 11:25:35 CDT)
mozillaids-guide.de
- ERNW Security Advisory 01-2009: XSS in Blackberries Mobile Data Service Connection Service (Fri Apr 17 2009 - 07:21:57 CDT)
Nam Nguyen
- [BMSA 2009-04] Remote DoS in Internet Explorer (Sat Apr 11 2009 - 02:15:15 CDT)
Nico Golde
- [SECURITY] [DSA 1778-1] New mahara packages fix cross-site scripting (Wed Apr 22 2009 - 11:50:47 CDT)
- [SECURITY] [DSA 1767-1] New multipath-tools packages fix denial of service (Thu Apr 09 2009 - 09:18:13 CDT)
- [SECURITY] [DSA 1766-1] New krb5 packages fix several vulnerabilities (Wed Apr 08 2009 - 20:33:24 CDT)
- [SECURITY] [DSA 1761-1] New moodle packages fix file disclosure (Fri Apr 03 2009 - 08:35:39 CDT)
noreply-secresearchfortinet.com
- Microsoft Office Excel Remote Memory Corruption Vulnerability (Tue Apr 14 2009 - 20:30:54 CDT)
- FGA-2009-003:EMC RepliStor Buffer Overflow Vulnerability (Wed Apr 08 2009 - 21:01:53 CDT)
nospamgmail.it
- Symantec Fax Viewer Control v10 (DCCFAXVW.DLL) remote buffer overflow exploit (Wed Apr 29 2009 - 04:53:56 CDT)
- Geeklog <= 1.5.2 savepreferences()/*blocks[] remote sql injection exploit (Thu Apr 16 2009 - 04:24:10 CDT)
- ftpdmin v. 0.96 RNFR remote buffer overflow exploit (Sat Apr 11 2009 - 12:24:49 CDT)
- Geeklog <=1.5.2 SEC_authenticate()/PHP_AUTH_USER sql injection exploit (Thu Apr 09 2009 - 05:22:57 CDT)
- Geeklog <=1.5.2 'SESS_updateSessionTime()' vulnerability (Thu Apr 09 2009 - 05:35:10 CDT)
- glFusion <= 1.1.2 COM_applyFilter()/cookies remote blind sql injection exploit (Fri Apr 03 2009 - 04:40:41 CDT)
Oliver Goebel
- [IMF 2009] 2nd Call for Papers - Submission Open (Thu Apr 16 2009 - 19:51:56 CDT)
Patrick Webster
- ContentKeeper - Remote command execution and privilege escalation (Thu Apr 02 2009 - 08:44:36 CDT)
- Q2 Solutions ConnX - SQL Injection Vulnerability (Thu Apr 02 2009 - 08:14:56 CDT)
- Asbru Web Content Management Vulnerabilities (Thu Apr 02 2009 - 07:18:46 CDT)
Pete Herzog
- OSSTMM 3 Sample Released (Mon Apr 06 2009 - 15:08:30 CDT)
Philippe Mailinglist
- Hacker Space Fest 2009 CFP: Call For Paper (Mon Apr 13 2009 - 06:15:38 CDT)
Pierre-Yves Rofes
- [ GLSA 200904-20 ] CUPS: Multiple vulnerabilities (Thu Apr 23 2009 - 16:55:36 CDT)
- [ GLSA 200904-19 ] LittleCMS: Multiple vulnerabilities (Sun Apr 19 2009 - 10:43:29 CDT)
- [ GLSA 200904-18 ] udev: Multiple vulnerabilities (Sat Apr 18 2009 - 14:10:15 CDT)
- [ GLSA 200904-16 ] libsndfile: User-assisted execution of arbitrary code (Fri Apr 17 2009 - 14:03:02 CDT)
- [ GLSA 200904-14 ] F-PROT Antivirus: Denial of Service (Tue Apr 14 2009 - 15:47:07 CDT)
- [ GLSA 200904-13 ] Ventrilo: Denial of Service (Tue Apr 14 2009 - 15:32:39 CDT)
- [ GLSA 200904-06 ] Eye of GNOME: Untrusted search path (Mon Apr 06 2009 - 16:56:18 CDT)
- [ GLSA 200904-05 ] ntp: Certificate validation error (Sun Apr 05 2009 - 08:56:49 CDT)
- [ GLSA 200904-01 ] Openfire: Multiple vulnerabilities (Thu Apr 02 2009 - 15:51:15 CDT)
Positron Security
- Positron Security Advisory #2009-001: Memcached and MemcacheDB ASLR Bypass Weakness (Tue Apr 28 2009 - 14:59:29 CDT)
prabhupathisayampark.com
- Re: Layered Defense Research Advisory: Format String Vulnerability: FortiClient Version 3 (Fri Apr 10 2009 - 03:20:58 CDT)
publistsenablesecurity.com
- OpenX 2.6.4 multiple vulnerabilities (Wed Apr 01 2009 - 15:35:56 CDT)
rembrandt
- OpenBSD 4.3 up to OpenBSD-current: PF null pointer dereference - remote DoS (kernel panic) (Mon Apr 13 2009 - 12:39:15 CDT)
reportbackreadthepost.com
- Sungard Banner System XSS (Sun Apr 19 2009 - 22:48:57 CDT)
researchvoodoo-labs.org
- Phorum < 5.2.10 Cross-Site Scripting/Request Forgery (Wed Apr 15 2009 - 19:42:54 CDT)
Robbie Gill
- Aruba Advisory ID: AID-42309 Management User Authentication Bypass Vulnerability When Using Public Key Based SSH Authentication (Fri Apr 24 2009 - 12:19:23 CDT)
Robert Buchholz
- [ GLSA 200904-17 ] Adobe Reader: User-assisted execution of arbitrary code (Sat Apr 18 2009 - 06:11:39 CDT)
- [ GLSA 200904-15 ] mpg123: User-assisted execution of arbitrary code (Thu Apr 16 2009 - 17:02:51 CDT)
- [ GLSA 200904-10 ] Avahi: Denial of Service (Wed Apr 08 2009 - 17:48:04 CDT)
- [ GLSA 200904-09 ] MIT Kerberos 5: Multiple vulnerabilities (Wed Apr 08 2009 - 17:46:10 CDT)
- [ GLSA 200904-11 ] Tor: Multiple vulnerabilities (Wed Apr 08 2009 - 17:48:56 CDT)
- [ GLSA 200904-08 ] OpenSSL: Denial of Service (Tue Apr 07 2009 - 05:19:17 CDT)
- [ GLSA 200904-07 ] Xpdf: Untrusted search path (Tue Apr 07 2009 - 05:18:22 CDT)
- [ GLSA 200904-03 ] Gnumeric: Untrusted search path (Fri Apr 03 2009 - 08:48:30 CDT)
- [ GLSA 200904-02 ] GLib: Execution of arbitrary code (Fri Apr 03 2009 - 08:47:56 CDT)
rPath Update Announcements
- rPSA-2009-0059-1 poppler (Fri Apr 17 2009 - 00:02:58 CDT)
- rPSA-2009-0060-1 ghostscript (Fri Apr 17 2009 - 00:05:09 CDT)
- rPSA-2009-0064-1 icu (Fri Apr 17 2009 - 00:11:47 CDT)
- rPSA-2009-0063-1 udev (Fri Apr 17 2009 - 00:10:07 CDT)
- rPSA-2009-0061-1 cups (Fri Apr 17 2009 - 00:06:43 CDT)
- rPSA-2009-0062-1 tshark wireshark (Fri Apr 17 2009 - 00:09:06 CDT)
- rPSA-2009-0058-1 krb5 krb5-server krb5-services krb5-test krb5-workstation (Tue Apr 07 2009 - 16:07:18 CDT)
- rPSA-2009-0057-1 m2crypto openssl openssl-scripts (Fri Apr 03 2009 - 00:38:42 CDT)
S. Praburaajan
- HITBSecConf2009 - Malaysia: Call for Papers (Tue Apr 14 2009 - 23:03:14 CDT)
salesabk-soft.net
- Re: [DSECRG-09-037] abk-soft AbleSpace CMS 1.0 - Multiple security vulnerabilities (Thu Apr 23 2009 - 09:58:10 CDT)
Salvatore \
- Pragyan CMS 2.6.4 Multiple SQL Injection Vulnerabilities (Fri Apr 24 2009 - 10:14:55 CDT)
- Creasito e-commerce content manager Authentication Bypass (Mon Apr 20 2009 - 10:08:20 CDT)
- Multi-lingual E-Commerce System 0.2 Multiple Remote Vulnerabilities (Sun Apr 19 2009 - 10:31:40 CDT)
- Malleo 1.2.3 Local File Inclusion Vulnerability (Fri Apr 17 2009 - 13:18:37 CDT)
- Tiny Blogr 1.0.0 rc4 Authentication Bypass (Fri Apr 17 2009 - 07:30:46 CDT)
- Dynamic Flash Forum 1.0 Beta Multiple Remote Vulnerabilities (Thu Apr 09 2009 - 16:09:52 CDT)
- Loggix Project 9.4.5 Blind SQL Injection (Fri Apr 10 2009 - 09:37:29 CDT)
- PHP-agenda <= 2.2.5 Remote File Overwriting (Fri Apr 10 2009 - 08:20:54 CDT)
- AdaptBB 1.0 Beta Multiple Remote Vulnerabilities (Thu Apr 09 2009 - 08:38:06 CDT)
- Joomla Component com_bookjoomlas SQL Injection Vulnerability (Mon Apr 06 2009 - 04:13:44 CDT)
- Family Connections 1.8.2 Blind SQL Injection (Correct Version) (Fri Apr 03 2009 - 08:35:01 CDT)
- Family Connections <= 1.8.2 - Remote Shell Upload Exploit (Fri Apr 03 2009 - 11:13:15 CDT)
- Family Connections 1.8.2 Arbitrary File Upload (Fri Apr 03 2009 - 11:07:51 CDT)
SEC Consult Research
- Proxy bypass vulnerability & plain text passwords in LevelOne AMG-2000 (Wed Apr 29 2009 - 04:18:11 CDT)
Secunia Research
- Secunia Research: HP OpenView Network Node Manager "ovalarmsrv" Integer Overflow (Tue Apr 28 2009 - 04:05:37 CDT)
- Secunia Research: Xpdf JBIG2 Symbol Dictionary Buffer Overflow Vulnerability (Fri Apr 17 2009 - 02:40:40 CDT)
- Secunia Research: CUPS pdftops JBIG2 Symbol Dictionary Buffer Overflow (Fri Apr 17 2009 - 03:26:02 CDT)
- Secunia Research: Danske Bank e-Sec Control Module Error Logging Buffer Overflow (Thu Apr 16 2009 - 03:00:35 CDT)
- Secunia Research: Oracle BEA WebLogic Server Plug-ins Certificate Buffer Overflow (Wed Apr 15 2009 - 04:57:34 CDT)
- Secunia Research: DivX Web Player Stream Format Chunk Buffer Overflow (Wed Apr 15 2009 - 02:37:15 CDT)
- Secunia Research: Oracle BEA WebLogic Server Plug-ins Integer Overflow (Wed Apr 15 2009 - 04:54:11 CDT)
- Secunia Research: SAP GUI KWEdit ActiveX Control "SaveDocumentAs()" Insecure Method (Wed Apr 15 2009 - 02:54:51 CDT)
- Secunia Research: Ghostscript jbig2dec JBIG2 Processing Buffer Overflow (Thu Apr 09 2009 - 09:07:33 CDT)
- Secunia Research: IrfanView Formats Plug-in XPM Parsing Integer Overflow (Tue Apr 07 2009 - 06:52:20 CDT)
- Secunia Research: UltraISO Image Parsing Buffer Overflow Vulnerabilities (Wed Apr 01 2009 - 03:38:08 CDT)
- Secunia Research: UltraISO Image Name Parsing Format String Vulnerabilities (Wed Apr 01 2009 - 03:38:19 CDT)
securesymantec.com
- Re: Symantec Fax Viewer Control v10 (DCCFAXVW.DLL) remote buffer overflow exploit (Wed Apr 29 2009 - 17:14:39 CDT)
security-alerthp.com
- [security bulletin] HPSBMA02400 SSRT080144 rev.2 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code (Wed Apr 29 2009 - 13:57:38 CDT)
- [security bulletin] HPSBUX02366 SSRT080120 rev.1 - HPUX Running useradd(1M), Local Unauthorized Access (Tue Apr 28 2009 - 07:58:04 CDT)
- [security bulletin] HPSBMA02424 SSRT080125 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code (Mon Apr 27 2009 - 13:23:40 CDT)
- [security bulletin] HPSBMA02422 SSRT080146 rev.1 - HP StorageWorks Storage Mirroring, Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access (Mon Apr 20 2009 - 13:25:31 CDT)
- [security bulletin] HPSBMA02414 SSRT080185 rev.1 - HP Storage Essentials Running Secure NaviCLI, Remote Unauthorized Access, Gain Extended Privileges (Mon Apr 20 2009 - 13:24:29 CDT)
- [security bulletin] HPSBMA02420 SSRT071458 rev.1 - HP ProCurve Manager and HP ProCurve Manager Plus, Remote Unauthorized Access to Data (Thu Apr 09 2009 - 09:59:41 CDT)
- [security bulletin] HPSBMA02396 SSRT080175 rev.1 - HP OpenView Performance Agent and HP Performance Agent Running on Windows, Remote Execution of Arbitrary Code (Thu Apr 09 2009 - 07:55:14 CDT)
- [security bulletin] HPSBUX02415 SSRT090023 rev.1 - HP-UX Running PAM Kerberos, Local Privilege Escalation, Unauthorized Access (Tue Apr 07 2009 - 08:04:26 CDT)
- [security bulletin] HPSBMA02416 SSRT090008 rev.3 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code (Mon Apr 06 2009 - 15:31:15 CDT)
- [security bulletin] HPSBUX02418 SSRT090002 rev.1 - HP-UX Running OpenSSL, Remote Unauthorized Access (Wed Apr 01 2009 - 08:15:34 CDT)
securityf-prot.com
- Re: [IVIZ-08-016] F-Secure f-prot Antivirus for Linux corrupted ELF header Security Bypass (Tue Apr 28 2009 - 07:30:33 CDT)
securityintern0t.net
- Re: [Aria-Security.com] vBulletin multiple XSS (Wed Apr 08 2009 - 09:07:19 CDT)
securitymandriva.com
- [ MDVA-2009:057 ] usermode (Tue Apr 28 2009 - 19:47:00 CDT)
- [ MDVSA-2009:101 ] xpdf (Tue Apr 28 2009 - 18:05:00 CDT)
- [ MDVSA-2009:099 ] openafs (Mon Apr 27 2009 - 18:14:01 CDT)
- [ MDVSA-2009:098 ] krb5 (Mon Apr 27 2009 - 11:15:01 CDT)
- [ MDVSA-2009:096-1 ] printer-drivers (Mon Apr 27 2009 - 12:53:00 CDT)
- [ MDVSA-2009:097 ] clamav (Fri Apr 24 2009 - 17:43:00 CDT)
- [ MDVSA-2009:097 ] clamav (Fri Apr 24 2009 - 16:55:00 CDT)
- [ MDVSA-2009:096 ] printer-drivers (Fri Apr 24 2009 - 14:36:00 CDT)
- [ MDVSA-2009:095 ] ghostscript (Fri Apr 24 2009 - 13:49:01 CDT)
- [ MDVSA-2009:094 ] mysql (Wed Apr 22 2009 - 11:39:00 CDT)
- [ MDVSA-2009:093 ] mpg123 (Wed Apr 22 2009 - 03:06:00 CDT)
- [ MDVSA-2009:092 ] ntp (Mon Apr 13 2009 - 14:17:01 CDT)
- [ MDVSA-2009:091 ] mod_perl (Sun Apr 12 2009 - 07:23:00 CDT)
- [ MDVSA-2009:090 ] php (Fri Apr 10 2009 - 11:12:01 CDT)
- [ MDVSA-2009:089 ] opensc (Thu Apr 09 2009 - 21:13:00 CDT)
- [ MDVSA-2009:088 ] wireshark (Thu Apr 09 2009 - 13:36:00 CDT)
- [ MDVSA-2009:087 ] openssl (Fri Apr 03 2009 - 17:39:01 CDT)
- [ MDVSA-2009:086 ] gstreamer-plugins (Fri Apr 03 2009 - 19:27:00 CDT)
- [ MDVSA-2009:085 ] gstreamer0.10-plugins-base (Thu Apr 02 2009 - 10:30:01 CDT)
- [ MDVSA-2009:083 ] mozilla-thunderbird (Wed Apr 01 2009 - 07:40:01 CDT)
- [ MDVSA-2009:084 ] firefox (Wed Apr 01 2009 - 08:39:00 CDT)
securityprocheckup.com
- Juniper Advisory (Fri Apr 24 2009 - 11:33:28 CDT)
Stefan Kanthak
- Windows Update (re-)installs outdated Flash ActiveX on Windows XP (Mon Apr 20 2009 - 11:17:24 CDT)
Steffen Joeris
- [SECURITY] [DSA 1782-1] New mplayer packages fix arbitrary code execution (Wed Apr 29 2009 - 02:01:08 CDT)
- [SECURITY] [DSA 1781-1] New ffmpeg-debian packages fix arbitrary code execution (Wed Apr 29 2009 - 02:00:35 CDT)
- [SECURITY] [DSA 1775-1] New php-json-ext packages fix denial of service (Mon Apr 20 2009 - 04:28:51 CDT)
- [SECURITY] [DSA 1774-1] New ejabberd packages fix cross-site scripting (Fri Apr 17 2009 - 02:12:42 CDT)
- [SECURITY] [DSA 1773-1] New cups packages fix arbitrary code execution (Thu Apr 16 2009 - 21:53:46 CDT)
- [SECURITY] [DSA 1770-1] New imp4 packages fix cross-site scripting (Mon Apr 13 2009 - 10:10:07 CDT)
- [SECURITY] [DSA 1765-1] New horde3 packages fix several vulnerabilities (Wed Apr 08 2009 - 08:22:34 CDT)
- [SECURITY] [DSA 1762-1] New icu packages fix cross site scripting (Thu Apr 02 2009 - 08:41:03 CDT)
Steve Shockley
- Re: ZDI-09-018: Symantec Client Security Alert Originator Service Stack Overflow Vulnerability (Wed Apr 29 2009 - 15:54:00 CDT)
Tavis Ormandy
- Re: [Bkis-07-2009] 010 Editor Multiple Buffer Overflow Vulnerabilities (Wed Apr 22 2009 - 04:31:25 CDT)
tech107gmail.com
- Re: OSCommerce Session Fixation Vulnerability (Tue Apr 14 2009 - 06:23:55 CDT)
Thierry Zoller
- [TZO-17-2009]Trendmicro multiple bypass/evasions (Wed Apr 29 2009 - 09:06:16 CDT)
- [TZO-16-2009] Nod32 CAB bypass/evasion (Wed Apr 29 2009 - 09:02:24 CDT)
- Addendum: [TZO-17-2009]Trendmicro multiple bypass/evasions (Wed Apr 29 2009 - 09:20:12 CDT)
- Errata: [TZO-13-2009] Avira Antivir generic CAB evasion / bypass (Tue Apr 28 2009 - 09:28:22 CDT)
- [TZO-14-2009] Comodo Antivirus RAR evasion (Mon Apr 27 2009 - 09:41:57 CDT)
- [TZO-15-2009] Aladdin eSafe generic bypass - Forced release (Mon Apr 27 2009 - 09:49:22 CDT)
- [TZO-13-2009] Avira Antivir generic CAB evasion / bypass (Mon Apr 27 2009 - 09:39:32 CDT)
- [TZO-12-2009] SUN / Oracle JVM Remote code execution (Wed Apr 22 2009 - 08:34:03 CDT)
- Re: Trend Micro OfficeScan Client - DOS (Tue Apr 21 2009 - 11:13:11 CDT)
- Addendum :[TZO-09-2009] Avast bypass / evasion (Limited details) (Mon Apr 20 2009 - 11:40:43 CDT)
- [TZO-09-2009] NOD32 (Eset) bypass / evasion (Limited details) (Fri Apr 17 2009 - 09:33:50 CDT)
- [TZO-11-2009] Fortinet bypass / evasion (Limited details) (Fri Apr 17 2009 - 09:42:34 CDT)
- [TZO-09-2009] Avast bypass / evasion (Limited details) (Fri Apr 17 2009 - 09:23:25 CDT)
- [TZO-08-2009] Bitdefender generic bypass/evasion (Fri Apr 17 2009 - 09:08:49 CDT)
- [TZO-07-2009] F-PROT ZIP Method evasion (Thu Apr 02 2009 - 10:25:37 CDT)
- [TZO-06-2009] IBM Proventia - Generic bypass (Limited disclosure - see details) (Thu Apr 02 2009 - 10:10:48 CDT)
- [TZO-05-2009] Clamav 0.94 and below - Evasion /bypass (Thu Apr 02 2009 - 09:27:54 CDT)
Thijs Kinkhorst
- [SECURITY] [DSA 1779-1] New apt packages fix several vulnerabilities (Sun Apr 26 2009 - 10:36:06 CDT)
- [SECURITY] [DSA 1776-1] New slurm-llnl packages fix privilege escalation (Tue Apr 21 2009 - 05:02:31 CDT)
- [SECURITY] [DSA 1777-1] New git-core packages fix privilege escalation (Tue Apr 21 2009 - 05:22:59 CDT)
Tobias Heinlein
- [Full-disclosure] [ GLSA 200904-12 ] Wicd: Information disclosure (Fri Apr 10 2009 - 08:57:05 CDT)
- [ GLSA 200904-12 ] Wicd: Information disclosure (Fri Apr 10 2009 - 08:57:05 CDT)
- [ GLSA 200904-04 ] WeeChat: Denial of Service (Sat Apr 04 2009 - 12:22:54 CDT)
Tobias Klein
- [TKADV2009-005] xine-lib Quicktime STTS Atom Integer Overflow (Sat Apr 04 2009 - 05:43:01 CDT)
Tom Yu
- MITKRB5-SA-2009-002: ASN.1 decoder frees uninitialized pointer [CVE-2009-0846] (Tue Apr 07 2009 - 13:11:57 CDT)
- MITKRB5-SA-2009-001: multiple vulnerabilities in SPNEGO, ASN.1 decoder [CVE-2009-0844 CVE-2009-0845 CVE-2009-0847] (Tue Apr 07 2009 - 13:11:37 CDT)
Tomi Tuominen
- T2'09: Call for Papers 2009 (Helsinki / Finland) (Mon Apr 27 2009 - 06:48:15 CDT)
Valery Marchuk
- [Suspected Spam][Positive Technologies SA 2009-01] PGP Desktop Pgpdisk.sys And Pgpwded.sys Multiple Vulnerabilities (Mon Apr 13 2009 - 10:38:47 CDT)
Vladimir '3APA3A' Dubrovin
- Re: Windows Update (re-)installs outdated Flash ActiveX on Windows XP (Wed Apr 22 2009 - 14:00:00 CDT)
VMware Security Team
- VMSA-2009-0006 VMware Hosted products and patches for ESX and ESXi resolve a critical security vulnerability (Fri Apr 10 2009 - 11:22:40 CDT)
- VMSA-2009-0005 VMware Hosted products, VI Client and patches for ESX and ESXi resolve multiple security issues (Sat Apr 04 2009 - 00:22:07 CDT)
- VMSA-2009-0004 ESX Service Console updates for openssl, bind, and vim (Tue Mar 31 2009 - 21:57:48 CDT)
vpandeygmail.com
- Re: In Response to Bid 34130 Invalid (Sat Apr 11 2009 - 17:25:23 CDT)
- Bid 34130 Invalid (Fri Apr 10 2009 - 11:36:08 CDT)
XiaShinggmail.com
- Cross-site Scripting vulnerability in Stronghold/2.3 Apache/1.2.6 C2NetUS/2007 (Sat Apr 18 2009 - 05:24:32 CDT)
- Remote access vulnerability using File Thingie v2.5.4 (Thu Apr 02 2009 - 04:09:03 CDT)
y3nh4ck3rgmail.com
- MULTIPLE REMOTE VULNERABILITIES--Leap CMS 0.1.4--> (Thu Apr 30 2009 - 09:53:58 CDT)
- SQL INJECTION (SQLi) VULNERABILITY--ProjectCMS v1.0 Beta Final--> (Wed Apr 29 2009 - 09:38:33 CDT)
- MULTIPLE REMOTE SQL INJECTION VULNERABILITIES---MIM:InfiniX v1.2.003---> (Tue Apr 28 2009 - 09:14:49 CDT)
- SQL INJECTION (SHELL UPLOAD)--EZ-blog Beta2--> (Sun Apr 26 2009 - 20:03:27 CDT)
- REMOTE SQL INJECTION (SQLi) VULNERABILITY--Photo-Rigma.BiZ v30--> (Fri Apr 24 2009 - 10:30:25 CDT)
- FOWLCMS 1.1--Multiple Remote Vulnerabilities--> (Wed Apr 22 2009 - 18:20:47 CDT)
- MixedCMS 1.0--Multiple Remote Vulnerabilities--> (Tue Apr 21 2009 - 11:29:50 CDT)
- Multiple Remote Vulnerabilities--SQLi-(INSECURE-COOKIE-HANDLING)-LFI--> (Mon Apr 20 2009 - 09:53:51 CDT)
- WysGui CMS 1.2 BETA(Insecure Cookie Handling)--Blind-sql-injection-exploit--> (Mon Apr 20 2009 - 00:03:51 CDT)
- CLAN TIGER CMS 1.1.1 (AUTH BYPASS) SQL-INJECTION (Fri Apr 17 2009 - 14:23:09 CDT)
- CLAN TIGER CMS--AUTH BYPASS LOGIN FORM (SQL INJECTION)--> (Fri Apr 17 2009 - 13:36:54 CDT)
- CLAN TIGER CMS--MULTIPLE COOKIES HANDLING VULNERABILITIES--> (Fri Apr 17 2009 - 13:35:44 CDT)
- CLAN TIGER CMS--(module custompage.php) BLIND SQL INJECTION--> (Fri Apr 17 2009 - 13:38:45 CDT)
- webSPELL 4.2.0c--XSS (BYPASS BBCODE) COOKIES STEALING VULNERABILITY-- (Thu Apr 16 2009 - 09:43:25 CDT)
Ying
- Security tools list: First Version (Thu Apr 30 2009 - 01:47:46 CDT)
- security tools list (Tue Apr 28 2009 - 05:13:13 CDT)
ZDI Disclosures
- ZDI-09-018: Symantec Client Security Alert Originator Service Stack Overflow Vulnerability (Tue Apr 28 2009 - 15:39:12 CDT)
- ZDI-09-017: Oracle Applications Server 10g Format String Vulnerability (Tue Apr 14 2009 - 15:25:36 CDT)
- ZDI-09-016: Novell Client/NetIdentity Agent Remote Arbitrary Pointer Dereference Code Execution Vulnerability (Mon Apr 06 2009 - 15:51:00 CDT)

Last message date: Thu Apr 30 2009 - 10:06:47 CDT
Archived on: Thu Apr 30 2009 - 10:06:47 CDT

298 messages sorted by: [ date ] [ thread ] [ subject ]