NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 2009-06

272 messages sorted by: [ date ] [ thread ] [ subject ]

Starting: Mon Jun 01 2009 - 09:06:15 CDT
Ending: Tue Jun 30 2009 - 16:01:11 CDT

acsac.publicitygmail.com
- ACSAC 2009 submissions due June 8 and June 10 (extended) (Mon Jun 01 2009 - 10:42:37 CDT)
Adam Baldwin
- osTicket v1.6 RC4 Admin Login Blind SQLi (Sat Jun 27 2009 - 00:12:15 CDT)
Adrian P.
- CVE-2009-1151: phpMyAdmin Remote Code Execution Proof of Concept (Tue Jun 09 2009 - 14:47:33 CDT)
- Re: XMLHttpRequest file upload vulnerability Chrome 2 & Safari 3 (Tue Jun 09 2009 - 14:21:32 CDT)
Alex Legler
- [ GLSA 200906-04 ] Apache Tomcat JK Connector: Information disclosure (Mon Jun 29 2009 - 17:44:41 CDT)
- [ GLSA 200906-03 ] phpMyAdmin: Multiple vulnerabilities (Mon Jun 29 2009 - 17:39:40 CDT)
- [ GLSA 200906-02 ] Ruby: Denial of Service (Sun Jun 28 2009 - 16:35:18 CDT)
Alexandr Polyakov
- [DSECRG-09-015] SAP GUI 6.4 Buffer Overflow vulnerability (Mon Jun 08 2009 - 08:59:45 CDT)
Amit Klein
- New paper by Amit Klein (Trusteer) - Temporary user tracking in major browsers and Cross-domain information leakage and attacks (Mon Jun 08 2009 - 14:53:16 CDT)
ascii
- SugarCRM 5.2.0e Remote Code Execution (Sat Jun 13 2009 - 06:47:13 CDT)
ceza_fuat_kolikhotmail.com
- Mega File Manager Remote File Vuln (Sun Jun 28 2009 - 18:23:16 CDT)
- FretsWeb 1.2 Multiple Local File Inclusion Vulnerabilities (Sun Jun 21 2009 - 14:04:47 CDT)
- fuzzylime cms <= 3.03a Local Inclusion / Arbitrary File Corruption PoC (Sun Jun 21 2009 - 14:05:17 CDT)
- phportal 1.0 Insecure Cookie Handling Vulnerability (Sun Jun 21 2009 - 14:03:05 CDT)
- FretsWeb 1.2 (name) Remote Blind SQL Injection Exploit (Sun Jun 21 2009 - 14:03:44 CDT)
- CMS Buzz (XSS/PC/HI) Multiple Remote Vulnerabilities (Sun Jun 21 2009 - 14:02:21 CDT)
- PhpPortal v1 Insecure Cookie Handling Vulnerability (Fri Jun 19 2009 - 02:55:34 CDT)
Chris Evans
- Apple Safari cross-domain XML theft vulnerability (Tue Jun 09 2009 - 16:14:05 CDT)
- Apple Safari local file theft vulnerability (Mon Jun 08 2009 - 19:48:50 CDT)
Christian Kujau
- Re: [Full-disclosure] Cross Site Scripting in PHP Nuke 8.0 Version (Fri Jun 05 2009 - 01:03:43 CDT)
Christopher Schultz
- Re: [SECURITY] CVE-2009-0580 Apache Tomcat User enumeration vulnerability with FORM authentication (Thu Jun 04 2009 - 11:48:19 CDT)
Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Vulnerabilities in Cisco Video Surveillance Products (Wed Jun 24 2009 - 12:38:14 CDT)
- Cisco Security Advisory: Cisco Physical Access Gateway Denial of Service Vulnerability (Wed Jun 24 2009 - 11:00:00 CDT)
Collin Mulliner
- Re: iPhone Safari phone-auto-dial vulnerability (original date: Nov. 2008) (Thu Jun 18 2009 - 12:29:05 CDT)
- Nokia 6212 classic URI spoofing and DoS advisory (original date: Dec. 2008) (Thu Jun 18 2009 - 03:02:16 CDT)
- iPhone Safari phone-auto-dial vulnerability (original date: Nov. 2008) (Thu Jun 18 2009 - 02:59:13 CDT)
come2waraxeyahoo.com
- [waraxe-2009-SA#074] - Multiple Vulnerabilities in TorrentTrader Classic 1.09 (Mon Jun 15 2009 - 07:30:46 CDT)
CORE Security Technologies Advisories
- CORE-2008-0826 - Internet Explorer Security Zone restrictions bypass (Tue Jun 09 2009 - 16:26:28 CDT)
- CORE-2009-0521 - DX Studio Player Firefox plug-in command injection (Tue Jun 09 2009 - 16:19:05 CDT)
- CORE-2009-0420 - Apple CUPS IPP_TAG_UNSUPPORTED Handling null pointer Vulnerability (Tue Jun 02 2009 - 15:42:47 CDT)
Cru3l.b0y
- XAMPP for Windows (Xss/PHPinfo) Multiple Vulnerability (Tue Jun 30 2009 - 10:21:52 CDT)
- SIPS v0.2.2 Remote File Inclusion Vulnerability (Tue Jun 30 2009 - 10:20:48 CDT)
- AjaxPortal v3.0 Remote File Inclusion Vulnerability (Mon Jun 29 2009 - 09:04:35 CDT)
dann frazier
- [SECURITY] [DSA 1809-1] New Linux 2.6.26 packages fix several vulnerabilities (Mon Jun 01 2009 - 23:57:13 CDT)
DeepSec Conference
- Reminder: DeepSec 2009 Call for Papers is open (Fri Jun 05 2009 - 09:20:34 CDT)
Dimitris Glynos
- Rasterbar libtorrent arbitrary file overwrite vulnerability (Mon Jun 08 2009 - 12:43:29 CDT)
Dirk Haun
- Re: [InterN0T] Geeklog 1.5 - Pre-Installation Vulnerabilities (Thu Jun 04 2009 - 14:29:02 CDT)
dvlabs
- TPTI-09-03: Apple iTunes Multiple Protocol Handler Buffer Overflow Vulnerabilities (Tue Jun 02 2009 - 15:27:05 CDT)
- TPTI-09-04: Apple Terminal xterm Resize Escape Sequence Memory Corruption Vulnerability (Tue Jun 02 2009 - 15:27:07 CDT)
Fernando Gont
- Security Assessment of TCP at the IETF (Thu Jun 25 2009 - 23:28:49 CDT)
filip.palianpjwstk.edu.pl
- Multiple Flaws in Huawei D100 (Tue Jun 30 2009 - 06:16:38 CDT)
FreeBSD Security Advisories
- FreeBSD Security Advisory FreeBSD-SA-09:09.pipe (Wed Jun 10 2009 - 05:41:54 CDT)
- FreeBSD Security Advisory FreeBSD-SA-09:10.ipv6 (Wed Jun 10 2009 - 05:41:49 CDT)
- FreeBSD Security Advisory FreeBSD-SA-09:11.ntpd (Wed Jun 10 2009 - 05:41:45 CDT)
Gabriel Menezes Nunes
- Trillian SSL Certificate Vulnerability (Fri Jun 26 2009 - 08:36:22 CDT)
- Gizmo SSL Certificate Vulnerability (Fri Jun 26 2009 - 08:35:05 CDT)
- aMSN SSL Certificate Vulnerability (Fri Jun 26 2009 - 08:33:25 CDT)
Gadi Evron
- CFP: ISOI 7 - Sept 17, 18 - San Diego (Mon Jun 22 2009 - 19:16:31 CDT)
Hanno BÃ¶ck
- Re: [Full-disclosure] Netgear DG632 Router Remote DoS Vulnerability (Tue Jun 16 2009 - 05:42:06 CDT)
iDefense Labs
- iDefense Security Advisory 06.26.09: HP Network Node Manager rping Stack Buffer Overflow Vulnerability (Fri Jun 26 2009 - 15:10:21 CDT)
- iDefense Security Advisory 06.25.09: Motorola Timbuktu Pro PlughNTCommand Stack Based Buffer Overflow Vulnerability (Thu Jun 25 2009 - 14:32:22 CDT)
- iDefense Security Advisory 06.25.09: Unisys Business Information Server Stack Buffer Overflow (Thu Jun 25 2009 - 12:54:09 CDT)
- iDefense Security Advisory 06.11.09: Adobe Reader and Acrobat FlateDecode Integer Overflow Vulnerability (Thu Jun 11 2009 - 15:32:45 CDT)
- iDefense Security Advisory 06.11.09: Microsoft Windows 2000 Print Spooler Remote Stack Buffer Overflow Vulnerability (Thu Jun 11 2009 - 15:18:33 CDT)
- iDefense Security Advisory 06.11.09: Microsoft Excel SST Record Integer Overflow Vulnerability (Thu Jun 11 2009 - 14:47:03 CDT)
- iDefense Security Advisory 06.11.09: Multiple Vendor WebKit Error Handling Use After Free Vulnerability (Thu Jun 11 2009 - 13:45:46 CDT)
- iDefense Security Advisory 06.11.09: Microsoft Active Directory Hexdecimal DN AttributeValue Invalid Free Vulnerability (Thu Jun 11 2009 - 14:24:25 CDT)
infosecuritylab.ir
- dedecms v5.3 Arbitrary File Upload Vulnerability (Tue Jun 30 2009 - 15:14:33 CDT)
- Empire Cms 5.1 sql injection (Tue Jun 30 2009 - 15:13:06 CDT)
IrIsT.IrGmail.Com
- phpMyTourney adminfunctions.php Remote File Include Vulnerabilities (Tue Jun 16 2009 - 09:09:51 CDT)
ISecAuditors Security Advisories
- [ISecAuditors Security Advisories] Joomla! 1.5.10 JA_Purity Multiple Persistent XSS (Fri Jun 05 2009 - 08:14:14 CDT)
Jamie Strandboge
- [USN-782-1] Thunderbird vulnerabilities (Thu Jun 25 2009 - 19:17:35 CDT)
- [USN-779-1] Firefox and Xulrunner vulnerabilities (Fri Jun 12 2009 - 19:22:03 CDT)
- [USN-787-1] Apache vulnerabilities (Thu Jun 11 2009 - 19:51:45 CDT)
- [USN-786-1] apr-util vulnerabilities (Wed Jun 10 2009 - 15:12:45 CDT)
- [USN-784-1] ImageMagick vulnerability (Mon Jun 08 2009 - 18:32:19 CDT)
- [USN-778-1] cron vulnerability (Mon Jun 01 2009 - 13:21:09 CDT)
Jan van Niekerk
- Back door trojan in acajoom-3.2.6 for joomla (Mon Jun 22 2009 - 13:38:57 CDT)
Jared DeMott
- Re: [Full-disclosure] WinAppDbg version 1.2 is out! (Tue Jun 16 2009 - 13:26:40 CDT)
Jeremy Brown
- Re: (Post Form --> Parent Register (name)) Credentials Changer (SQLi) EXPLOIT -- Online Grades & Attendance v-3.2.6--> (Mon Jun 01 2009 - 11:55:21 CDT)
Jerome Athias
- FRHACK 2009 Final Call For Papers extended (Sun May 31 2009 - 10:31:47 CDT)
Joe
- Re: SIPS v0.2.2 Remote File Inclusion Vulnerability (Tue Jun 30 2009 - 14:38:06 CDT)
JP
- Report vulnerabilities (Thu Jun 25 2009 - 15:29:04 CDT)
Juha-Matti Laurio
- CERT-FI statement on the Outpost24 TCP issues updated (Wed Jun 17 2009 - 05:41:47 CDT)
Kees Cook
- [USN-791-3] Smarty vulnerability (Wed Jun 24 2009 - 15:02:12 CDT)
- [USN-791-2] Moodle vulnerability (Wed Jun 24 2009 - 15:02:45 CDT)
- [USN-791-1] Moodle vulnerabilities (Wed Jun 24 2009 - 15:00:21 CDT)
- [USN-790-1] Cyrus SASL vulnerability (Wed Jun 24 2009 - 13:28:43 CDT)
- [USN-775-2] Quagga regression (Tue Jun 09 2009 - 19:36:32 CDT)
- [USN-783-1] eCryptfs vulnerability (Mon Jun 08 2009 - 16:06:46 CDT)
Kingcope
- The father of all bombs - another webdav fiasco (Mon Jun 01 2009 - 15:46:20 CDT)
krymsongmail.com
- Re: Trillian SSL Certificate Vulnerability (Fri Jun 26 2009 - 13:28:15 CDT)
lavakumar kuppan
- ModSecurity (Core Rules) HTTP Parameter Pollution Filter Bypass Vulnerability (Thu Jun 11 2009 - 14:11:22 CDT)
listsfoo.io
- CFP 26C3 / 26th Chaos Communication Congress (Sun May 31 2009 - 06:10:20 CDT)
loginitgmail.com
- Zemana Antilogger 1.9.2 DoS attack (Mon Jun 01 2009 - 13:18:52 CDT)
lord.iitkgmail.com
- Re: CVE-2009-1151: phpMyAdmin Remote Code Execution Proof of Concept (Wed Jun 17 2009 - 05:46:00 CDT)
lord.ittkgmail.com
- Re: Exploiting IE8 UTF-7 XSS Vulnerability using Local Redirection (Fri Jun 05 2009 - 03:32:42 CDT)
Maggi Federico
- EC2ND 2009 CFP - 5th European Conference on Computer Network Defence (Thu Jun 04 2009 - 17:32:05 CDT)
Marc Deslauriers
- [USN-792-1] OpenSSL vulnerabilities (Thu Jun 25 2009 - 13:25:55 CDT)
- [USN-789-1] GStreamer Good Plugins vulnerability (Mon Jun 22 2009 - 08:22:14 CDT)
- [USN-788-1] Tomcat vulnerabilities (Mon Jun 15 2009 - 10:22:27 CDT)
- [USN-785-1] ipsec-tools vulnerabilities (Tue Jun 09 2009 - 13:27:23 CDT)
- [USN-780-1] CUPS vulnerability (Wed Jun 03 2009 - 09:19:41 CDT)
- [USN-781-2] Gaim vulnerabilities (Wed Jun 03 2009 - 09:20:54 CDT)
- [USN-781-1] Pidgin vulnerabilities (Wed Jun 03 2009 - 09:20:19 CDT)
marian.ventuneacul.ie
- New paper - Testing the Enterprise Security: Anti-Spam and Anti-Virus Solutions (Tue Jun 09 2009 - 08:00:01 CDT)
Mario Alejandro Vilas Jerez
- Re: [Full-disclosure] WinAppDbg version 1.2 is out! (Tue Jun 16 2009 - 13:45:27 CDT)
- WinAppDbg version 1.2 is out! (Tue Jun 16 2009 - 13:35:16 CDT)
Mark Thomas
- [SECURITY] UPDATED CVE-2008-5515 RequestDispatcher directory traversal vulnerability (Wed Jun 10 2009 - 06:28:12 CDT)
- [SECURITY] CVE-2008-5515 RequestDispatcher directory traversal vulnerability (Mon Jun 08 2009 - 16:52:21 CDT)
- [SECURITY] CVE-2009-0580 UPDATED Apache Tomcat User enumeration vulnerability with FORM authentication (Fri Jun 05 2009 - 06:12:45 CDT)
- [SECURITY] CVE-2009-0783 Apache Tomcat Information disclosure (Thu Jun 04 2009 - 07:52:49 CDT)
- [SECURITY] CVE-2009-0580 Apache Tomcat User enumeration vulnerability with FORM authentication (Wed Jun 03 2009 - 10:42:01 CDT)
- [SECURITY] CVE-2009-0033 Apache Tomcat DoS when using Java AJP connector (Wed Jun 03 2009 - 10:42:06 CDT)
Max Moser
- Official release of "Keykeriki" open source wireless keyboard sniffer (Tue Jun 16 2009 - 08:27:10 CDT)
mcyr2csc.com
- Link Logger syslogd resource overwhelm DoS (Sat Jun 13 2009 - 09:54:12 CDT)
Michal Zalewski
- catching up on several recently fixed bugs of note (Tue Jun 09 2009 - 17:01:44 CDT)
- Re: XMLHttpRequest file upload vulnerability Chrome 2 & Safari 3 (Tue Jun 09 2009 - 16:08:41 CDT)
michal.sajdaksecuritum.pl
- ASMAX AR 804 gu Web Management Console Arbitrary Shell Command Injection Vulnerability (Fri May 29 2009 - 14:15:46 CDT)
- Linksys WAG54G2 Web Management Console Local Arbitrary Shell Command Injection Vulnerability (Fri May 29 2009 - 13:54:20 CDT)
Mike Ely
- Re: iPhone Safari phone-auto-dial vulnerability (original date: Nov. 2008) (Thu Jun 18 2009 - 16:07:19 CDT)
- Re: iPhone Safari phone-auto-dial vulnerability (original date: Nov. 2008) (Thu Jun 18 2009 - 11:14:57 CDT)
Moritz Muehlenhoff
- [SECURITY] [DSA 1815-1] New libtorrent-rasterbar packages fix denial of service (Sun Jun 14 2009 - 17:15:57 CDT)
Muhammad Farooq-i-Azam
- CHASE - 2009 Lahoe Pakistan | Call for Papers (Wed Jun 24 2009 - 02:04:34 CDT)
neeraj.thakarnevisnetworks.com
- [Security] XM Easy Personal FTP Server Multiple DoS vulnerabilities (Fri Jun 05 2009 - 04:16:50 CDT)
Nick Boyce
- Re: VUPEN Security - Microsoft Office Word Document Parsing Buffer Overflow Vulnerability (Mon Jun 15 2009 - 19:29:55 CDT)
Nico Golde
- [SECURITY] [DSA 1822-1] New mahara packages fix cross-site scripting (Tue Jun 23 2009 - 04:08:41 CDT)
- [SECURITY] [DSA 1817-1] New ctorrent packages fix arbitrary code execution (Wed Jun 17 2009 - 17:07:51 CDT)
- [SECURITY] [DSA 1814-1] New libsndfile packages fix arbitrary code execution (Sat Jun 13 2009 - 10:03:09 CDT)
- [SECURITY] [DSA 1810-1] New cups/cupsys packages fix denial of service (Tue Jun 02 2009 - 15:58:55 CDT)
- [SECURITY] [DSA 1807-1] New cyrus-sasl2/cyrus-sasl2-heimdal packages fix arbitrary code execution (Mon Jun 01 2009 - 07:42:10 CDT)
Nico Leidecker
- OCS Inventory NG 1.02 - Directory Traversal (Tue Jun 02 2009 - 18:07:04 CDT)
- OCS Inventory NG 1.02 - Multiple SQL Injections (Sat May 30 2009 - 07:56:06 CDT)
noreply-secresearchfortinet.com
- FortiGuard Advisory: Adobe Reader/Acrobat TrueType Font Processing Memory Corruption Vulnerability (Thu Jun 11 2009 - 13:21:33 CDT)
- FortiGuard Advisory: Apple Safari Remote Memory Corruption Vulnerability (Tue Jun 09 2009 - 20:46:48 CDT)
- FortiGuard Advisory: Microsoft Internet Explorer DHTML Handling Remote Memory Corruption Vulnerability (Tue Jun 09 2009 - 20:42:16 CDT)
noreplytelus.com
- TELUS Security Labs VR - Microsoft Office Excel Malformed Records Stack Buffer Overflow (Tue Jun 09 2009 - 12:09:54 CDT)
nospamgmail.com
- ICQ 6.5 URL Search Hook/ICQToolBar.dll .URL file processing Windows Explorer remote buffer overflow poc (Sat May 30 2009 - 03:56:16 CDT)
onur.turkeshanhotmail.com
- CakeCMS XSRF Vulnerability (Thu Jun 11 2009 - 17:29:50 CDT)
pantera_bleedhotmail.com
- XMLHttpRequest file upload vulnerability Chrome 2 & Safari 3 (Tue Jun 09 2009 - 11:33:09 CDT)
Pavel Machek
- evil little dictionary (Fri Jun 26 2009 - 13:24:44 CDT)
Pete Herzog
- The Möbius Defense, the end of Defense in Depth (Thu Jun 18 2009 - 09:14:24 CDT)
peterpeter.com
- Re: Re: [InterN0T] Geeklog 1.5 - Pre-Installation Vulnerabilities (Thu Jun 04 2009 - 16:53:59 CDT)
pmsitecore.net
- Re: [InterN0T] SiteCore.NET 6.0.0 - XSS Vulnerability-fixed (Fri Jun 05 2009 - 11:26:35 CDT)
rajendra.palnatyfreescale.com
- Re: Advisory: Apple QuickTime Image Description Atom Sign Extension Memory Corruption (Thu Jun 18 2009 - 04:14:50 CDT)
RISE Security
- [RISE-2009001] ToolTalk rpc.ttdbserverd _tt_internal_realpath Buffer Overflow Vulnerability (Fri Jun 19 2009 - 21:37:29 CDT)
Roee Hay
- Advisory: Apple QuickTime Image Description Atom Sign Extension Memory Corruption (Tue Jun 02 2009 - 16:41:28 CDT)
roland.gruber.externunicreditgroup.eu
- Serena Dimensions CM has insufficient default privileges (Fri Jun 12 2009 - 05:56:33 CDT)
Salvatore \
- LightOpenCMS 0.1 pre-alpha Remote SQL Injection (Fri Jun 05 2009 - 08:38:17 CDT)
Secunia Research
- Secunia Research: Mozilla Firefox Java Applet Loading Vulnerability (Fri Jun 12 2009 - 02:33:55 CDT)
- Secunia Research: Adobe Reader JBIG2 Text Region Segment Buffer Overflow (Wed Jun 10 2009 - 02:56:03 CDT)
- Secunia Research: Microsoft PowerPoint Freelance Layout Parsing Vulnerability (Wed Jun 10 2009 - 02:40:58 CDT)
- Secunia Research: Microsoft Excel String Parsing Integer Overflow Vulnerability (Tue Jun 09 2009 - 14:42:09 CDT)
- Secunia Research: Microsoft Excel Record Parsing Array Indexing Vulnerability (Tue Jun 09 2009 - 14:38:44 CDT)
- Secunia Research: QuickTime Sorenson Video 3 Content Parsing Vulnerability (Tue Jun 02 2009 - 03:15:37 CDT)
- Secunia Research: Apple QuickTime MS ADPCM Encoding Buffer Overflow (Tue Jun 02 2009 - 03:11:29 CDT)
security-alerthp.com
- [security bulletin] HPSBUX02435 SSRT090059 rev.1 - HP-UX Running OpenSSL, Remote Denial of Service (DoS), Bypass Security Restrictions (Wed Jun 10 2009 - 07:50:25 CDT)
- [security bulletin] HPSBMA02430 SSRT080094 rev.1 - HP OpenView Network Node Manager (OV NNM) Running SNMP and MIB, Remote Execution of Arbitrary Code, Denial of Service (DoS) (Tue Jun 09 2009 - 12:32:41 CDT)
- [security bulletin] HPSBMA02433 SSRT090084 rev.1 - HP Discovery & Dependency Mapping Inventory (DDMI) Running on Windows, Remote Unauthorized Access (Fri Jun 05 2009 - 14:06:43 CDT)
- [security bulletin] HPSBUX02429 SSRT090058 rev.2 - HP-UX Running Java, Remote Execution of Arbitrary Code and Other Vulnerabilities (Tue Jun 02 2009 - 04:52:11 CDT)
securityintern0t.net
- [InterN0T] Webmedia Explorer - XSS Vulnerability (Fri Jun 12 2009 - 14:14:50 CDT)
- [InterN0T] transLucid 1.75 - Multiple Vulnerabilities (Fri Jun 12 2009 - 14:14:22 CDT)
- [InterN0T] TBDev 01-01-2008 - Multiple Vulnerabilities (Fri Jun 12 2009 - 14:13:55 CDT)
- [InterN0T] SkyBlueCanvas 1.1 r237 - Multiple Vulnerabilities (Fri Jun 12 2009 - 14:13:57 CDT)
- [InterN0T] Pivot 1.40.4-7 - Multiple Vulnerabilities (Fri Jun 12 2009 - 14:13:15 CDT)
- [InterN0T] Flatnux 2009-03-27 - XSS Vulnerabilities + More (Wed Jun 03 2009 - 16:51:42 CDT)
- [InterN0T] Geeklog 1.5 - Pre-Installation Vulnerabilities (Wed Jun 03 2009 - 16:51:37 CDT)
- [InterN0T] SiteCore.NET 6.0.0 - XSS Vulnerability (Wed Jun 03 2009 - 16:51:30 CDT)
- [InterN0T] LightNEasy 2.2.2 - HTML Injection Vulnerability (Wed Jun 03 2009 - 16:51:24 CDT)
- [InterN0T] moziloCMS 1.11.1 - XSS Vulnerability (Wed Jun 03 2009 - 16:51:18 CDT)
securitymandriva.com
- [ MDVSA-2009:147 ] pidgin (Tue Jun 30 2009 - 15:20:00 CDT)
- [ MDVSA-2009:146 ] imap (Mon Jun 29 2009 - 11:25:00 CDT)
- [ MDVSA-2009:144 ] ghostscript (Sat Jun 27 2009 - 14:04:01 CDT)
- [ MDVSA-2009:145 ] php (Sun Jun 28 2009 - 12:50:01 CDT)
- [ MDVSA-2009:142 ] jasper (Fri Jun 26 2009 - 17:04:00 CDT)
- [ MDVSA-2009:143 ] netpbm (Fri Jun 26 2009 - 17:43:00 CDT)
- [ MDVSA-2009:141 ] mozilla-thunderbird (Fri Jun 26 2009 - 13:36:00 CDT)
- [ MDVSA-2009:140 ] gaim (Thu Jun 25 2009 - 10:33:00 CDT)
- [ MDVSA-2009:139 ] libtorrent-rasterbar (Wed Jun 24 2009 - 09:53:02 CDT)
- [ MDVSA-2009:138 ] tomcat5 (Mon Jun 22 2009 - 19:02:00 CDT)
- [ MDVSA-2009:136 ] tomcat5 (Mon Jun 22 2009 - 18:45:00 CDT)
- [ MDVSA-2009:137 ] java-1.6.0-openjdk (Fri Jun 19 2009 - 12:47:01 CDT)
- [ MDVSA-2009:135 ] kernel (Wed Jun 17 2009 - 14:00:01 CDT)
- [ MDVSA-2009:134 ] firefox (Wed Jun 17 2009 - 10:54:01 CDT)
- [ MDVSA-2009:133 ] irssi (Tue Jun 16 2009 - 09:05:02 CDT)
- [ MDVSA-2009:131 ] apr-util (Sat Jun 06 2009 - 17:27:00 CDT)
- [ MDVSA-2009:131-1 ] apr-util (Sat Jun 06 2009 - 18:19:01 CDT)
- [ MDVSA-2009:132 ] libsndfile (Sun Jun 07 2009 - 11:24:01 CDT)
- [ MDVSA-2009:130 ] gstreamer0.10-plugins-good (Fri Jun 05 2009 - 15:45:00 CDT)
- [ MDVSA-2009:129 ] file (Fri Jun 05 2009 - 06:08:00 CDT)
- [ MDVSA-2009:128 ] libmodplug (Thu Jun 04 2009 - 12:22:01 CDT)
- [ MDVSA-2009:127 ] gaim (Wed Jun 03 2009 - 11:21:00 CDT)
- [ MDVSA-2009:126 ] eggdrop (Mon Jun 01 2009 - 18:15:00 CDT)
- [ MDVSA-2009:124 ] apache (Sun May 31 2009 - 10:19:00 CDT)
- [ MDVSA-2009:125 ] wireshark (Sun May 31 2009 - 14:59:00 CDT)
securitynruns.com
- n.runs-SA-2009.005 - Apple Safari - Information disclosure (Tue Jun 23 2009 - 04:23:49 CDT)
- n.runs-SA-2009.006 - Apple Safari - Null pointer dereference (Tue Jun 23 2009 - 04:23:49 CDT)
Shakacon
- Shakacon III - Presentations Posted to site (Sat Jun 27 2009 - 19:07:12 CDT)
Sjoerd Resink
- F5 FirePass Cross-Site Scripting vulnerability (Thu Jun 11 2009 - 07:34:52 CDT)
SmOk3
- [DSF-02-2009] - Zoki Catalog SQL Injection (Mon Jun 15 2009 - 13:56:49 CDT)
Stefan Fritsch
- [SECURITY] [DSA 1816-1] New apache2 packages fix privilege escalation (Tue Jun 16 2009 - 14:56:30 CDT)
- [SECURITY] [DSA 1812-1] New apr-util packages fix several vulnerabilities (Thu Jun 04 2009 - 14:22:36 CDT)
- [SECURITY] [DSA 1810-1] New libapache-mod-jk packages fix information disclosure (Tue Jun 02 2009 - 14:40:04 CDT)
Steffen Joeris
- [SECURITY] [DSA 1821-1] New amule packages fix insufficient input sanitising (Mon Jun 22 2009 - 18:45:52 CDT)
- [SECURITY] [DSA 1819-1] New vlc packages fix several vulnerabilities (Thu Jun 18 2009 - 08:13:47 CDT)
- [SECURITY] [DSA 1820-1] New xulrunner packages fix several vulnerabilities (Thu Jun 18 2009 - 09:13:03 CDT)
- [SECURITY] [DSA 1818-1] New gforge packages fix insufficient input sanitising (Wed Jun 17 2009 - 20:33:22 CDT)
- [SECURITY] [DSA 1813-1] New evolution-data-server packages fix several vulnerabilities (Mon Jun 08 2009 - 02:54:10 CDT)
- [SECURITY] [DSA 1808-1] New drupal6 packages fix insufficient input sanitising (Mon Jun 01 2009 - 09:40:59 CDT)
Thierry Zoller
- ERRATA: [TZO-32-2009] Norman generic bypass (RAR) (Thu Jun 18 2009 - 05:38:34 CDT)
- [TZO-43-2009] - Clamav generic evasion (CAB) (Thu Jun 18 2009 - 09:01:34 CDT)
- [TZO-34-2009] Frisk FPROT generic evasion (RAR,ARJ,LHA) (Thu Jun 18 2009 - 07:50:27 CDT)
- [TZO-40-2009] Clamav generic bypass (RAR,CAB,ZIP) (Tue Jun 16 2009 - 06:13:19 CDT)
- [TZO-33-2009] Fprot generic bypass (TAR) (Tue Jun 16 2009 - 06:04:42 CDT)
- [TZO-30-2009] Kaspersky and the silent patch that wasn't (PDF evasion, forced full disclosure) (Sat Jun 13 2009 - 06:42:28 CDT)
- [TZO-37-2009] Apple Safari <v4 Remote code execution (Sun Jun 14 2009 - 17:19:12 CDT)
- [TZO-36-2009] Apple Safari & Quicktime Denial of Service (Sun Jun 14 2009 - 15:44:11 CDT)
- [TZO-33-2009] Frisk F-prot evasion (TAR) (Sun Jun 14 2009 - 14:09:40 CDT)
- [TZO-32-2009] Norman generic bypass (RAR) (Sun Jun 14 2009 - 13:50:55 CDT)
- [TZO-31-2009] Ikarus multiple generic evasions (CAB,ZIP,RAR) (Sat Jun 13 2009 - 12:37:24 CDT)
Thijs Kinkhorst
- [SECURITY] [DSA 1824-1] New phpmyadmin packages fix several vulnerabilities (Thu Jun 25 2009 - 15:55:52 CDT)
- [SECURITY] [DSA 1823-1] New samba packages fix several vulnerabilities (Thu Jun 25 2009 - 14:08:42 CDT)
timmedingmail.com
- Re: Authentication Bypas in BASE version 1.2.4 and prior (Tue Jun 23 2009 - 21:54:31 CDT)
- Re: Authentication Bypass in BASE version 1.2.4 and prior (Tue Jun 23 2009 - 22:20:10 CDT)
- Authentication Bypas in BASE version 1.2.4 and prior (Tue Jun 23 2009 - 15:31:26 CDT)
Tobias Heinlein
- [ GLSA 200906-05 ] Wireshark: Multiple vulnerabilities (Tue Jun 30 2009 - 08:14:34 CDT)
- [ GLSA 200906-01 ] libpng: Information disclosure (Sat Jun 27 2009 - 18:57:05 CDT)
Tom Neaves
- Re: Netgear DG632 Router Remote DoS Vulnerability (Mon Jun 15 2009 - 17:11:27 CDT)
- Netgear DG632 Router Remote DoS Vulnerability (Mon Jun 15 2009 - 13:37:53 CDT)
- Netgear DG632 Router Authentication Bypass Vulnerability (Mon Jun 15 2009 - 13:40:47 CDT)
Trustwave Advisories
- Trustwave's SpiderLabs Security Advisory TWSL2009-002 (Wed Jun 24 2009 - 09:57:02 CDT)
vinodsharma.mimitgmail.com
- XM Easy Personal FTP Server HELP and TYPE command Remote Denial of Service exploit (Tue Jun 09 2009 - 21:01:11 CDT)
Vladimir '3APA3A' Dubrovin
- Re: SIPS v0.2.2 Remote File Inclusion Vulnerability (Tue Jun 30 2009 - 13:29:48 CDT)
- Re[2]: [Full-disclosure] Netgear DG632 Router Remote DoS Vulnerability (Tue Jun 16 2009 - 06:11:48 CDT)
VUPEN Security Research
- VUPEN Security - Adobe Acrobat and Reader JBIG2 Filter Heap Overflow Vulnerability (Thu Jun 11 2009 - 16:26:23 CDT)
- VUPEN Security - Microsoft Office Word Document Parsing Buffer Overflow Vulnerability (Thu Jun 11 2009 - 16:14:48 CDT)
- ACDSee Products TIFF and Font Parsing Buffer Overflow Vulnerabilities (Tue Jun 02 2009 - 08:49:01 CDT)
Will Drewry
- Re: TPTI-09-03: Apple iTunes Multiple Protocol Handler Buffer Overflow Vulnerabilities (Tue Jun 02 2009 - 17:20:46 CDT)
Williams, James K
- CA20090615-02: CA Service Desk Tomcat Cross Site Scripting Vulnerability (Tue Jun 16 2009 - 07:05:26 CDT)
- CA20090615-01: CA ARCserve Backup Message Engine Denial of Service Vulnerabilities (Updated) (Tue Jun 16 2009 - 06:30:54 CDT)
- CA20090615-01: CA ARCserve Backup Message Engine Denial of Service Vulnerabilities (Tue Jun 16 2009 - 06:21:04 CDT)
xushaopei
- FIREFOX URL space character SPOOF (Sat May 30 2009 - 20:14:43 CDT)
y3dipsecho.or.id
- [ECHO_ADV_110$2009] Firefox (GNU/Linux version) <= 3.0.10 Denial Of Services (Tue Jun 09 2009 - 22:18:43 CDT)
y3nh4ck3rgmail.com
- MULTIPLE SQL INJECTION VULNERABILITIES --PHP-AddressBook v-4.0.x--> (Fri Jun 26 2009 - 13:58:26 CDT)
- SQL INJECTION VULNERABILITY --AlumniServer v-1.0.1--> (Thu Jun 25 2009 - 12:42:21 CDT)
- (POST var 'resetpwemail') BLIND SQL INJECTION EXPLOIT --AlumniServer v-1.0.1--> (Thu Jun 25 2009 - 12:43:13 CDT)
- (GET var 'name') BLIND SQL INJECTION EXPLOIT --FretsWeb 1.2--> (Fri Jun 19 2009 - 10:23:52 CDT)
- MULTIPLE LOCAL FILE INCLUSION VULNERABILITIES --FretsWeb 1.2--> (Fri Jun 19 2009 - 10:22:23 CDT)
- MULTIPLE SQL INJECTION VULNERABILITIES --Splog <= v-1.2 Beta--> (Thu Jun 11 2009 - 03:54:57 CDT)
- (Post Form login var 'username') BLIND SQLi exploit--Open Biller 0.1--> (Wed Jun 10 2009 - 15:36:04 CDT)
- (Post Form var 'username') BLIND SQLi exploit --S-CMS <= v-2.0 Beta3--> (Tue Jun 09 2009 - 12:33:30 CDT)
- MULTIPLE SQL INJECTION VULNERABILITIES --S-CMS <= v-2.0 Beta3--> (Tue Jun 09 2009 - 12:32:28 CDT)
- MULTIPLE LOCAL FILE INCLUSION VULNERABILITIES --S-CMS <= v-2.0 Beta3--> (Tue Jun 09 2009 - 12:31:50 CDT)
- ('dest') Blind (SQLi) EXPLOIT --Kjtechforce mailman Beta-1 --> (Fri Jun 05 2009 - 14:03:24 CDT)
- SQL INJECTION VULNERABILITY--Kjtechforce mailman Beta-1--> (Fri Jun 05 2009 - 14:02:35 CDT)
- SQL INJECTION VULNERABILITY--LightOpen CMS Devel 0.1--> (Thu Jun 04 2009 - 13:08:21 CDT)
- MULTIPLE LOCAL FILE INCLUSION VULNERABILITIES -- Online Grades & Attendance <= v-3.2.6 --> (Tue Jun 02 2009 - 09:05:03 CDT)
- (Post Form --> 'cc') Blind (SQLi) EXPLOIT --Online Grades & Attendance <= v-3.2.6--> (Tue Jun 02 2009 - 09:03:09 CDT)
- Re: Re: (Post Form --> Parent Register (name)) Credentials Changer (SQLi) EXPLOIT -- Online Grades & Attendance v-3.2.6--> (Mon Jun 01 2009 - 14:54:01 CDT)
- Re: MULTIPLE REMOTE VULNERABILITIES --Small Pirates v-2.1--> (Mon Jun 01 2009 - 10:21:55 CDT)
- MULTIPLE SQL INJECTION VULNERABILITIES -- Online Grades & Attendance v-3.2.6 --> (Sun May 31 2009 - 19:52:37 CDT)
- (Post Form --> Parent Register (name)) Credentials Changer (SQLi) EXPLOIT -- Online Grades & Attendance v-3.2.6--> (Sun May 31 2009 - 19:53:44 CDT)
ZDI Disclosures
- ZDI-09-043: Apple Java CColorUIResource Pointer Derference Code Execution Vulnerability (Tue Jun 16 2009 - 11:55:29 CDT)
- ZDI-09-042: Adobe Reader U3D RHAdobeMeta Stack Overflow Vulnerability (Wed Jun 10 2009 - 11:04:27 CDT)
- ZDI-09-036: Microsoft Internet Explorer setCapture Memory Corruption Vulnerability (Wed Jun 10 2009 - 10:28:14 CDT)
- ZDI-09-039: Microsoft Internet Explorer onreadystatechange Memory Corruption Vulnerability (Wed Jun 10 2009 - 10:28:24 CDT)
- ZDI-09-040: Microsoft Office Excel QSIR Record Pointer Corruption Vulnerability (Wed Jun 10 2009 - 10:28:27 CDT)
- ZDI-09-035: Microsoft Word Document Stack Based Buffer Overflow Vulnerability (Wed Jun 10 2009 - 10:28:10 CDT)
- ZDI-09-041: Microsoft Internet Explorer 8 Rows Property Dangling Pointer Code Execution Vulnerability (Wed Jun 10 2009 - 10:28:31 CDT)
- ZDI-09-038: Microsoft Internet Explorer Event Handler Memory Corruption Vulnerability (Wed Jun 10 2009 - 10:28:20 CDT)
- ZDI-09-037: Microsoft Internet Explorer Concurrent Ajax Request Memory Corruption Vulnerability (Wed Jun 10 2009 - 10:28:16 CDT)
- ZDI-09-032: Apple WebKit attr() Invalid Attribute Memory Corruption Vulnerability (Mon Jun 08 2009 - 17:54:09 CDT)
- ZDI-09-033: Apple WebKit dir Attribute Freeing Dangling Object Pointer Vulnerability (Mon Jun 08 2009 - 17:55:55 CDT)
- ZDI-09-034: Apple Safari SVG Set.targetElement() Memory Corruption Vulnerability (Mon Jun 08 2009 - 17:56:24 CDT)
- ZDI-09-031: libpurple MSN Protocol SLP Message Heap Overflow Vulnerability (Mon Jun 08 2009 - 17:53:37 CDT)
- ZDI-09-030: Apple Quicktime PICT Opcode 0x71 Heap Overflow Vulnerability (Tue Jun 02 2009 - 12:27:27 CDT)
- ZDI-09-029: Apple QuickTime Jpeg2000 Marker Size Heap Overflow Vulnerability (Tue Jun 02 2009 - 12:26:41 CDT)
- ZDI-09-028: Apple QuickTime CRGN Atom Parsing Heap Buffer Overflow Vulnerability (Tue Jun 02 2009 - 12:26:01 CDT)
- ZDI-09-027: Apple Quicktime PICT Opcode 0x8201 Heap Overflow Vulnerability (Tue Jun 02 2009 - 12:25:11 CDT)
- ZDI-09-026: Apple QuickTime Packed-bit Decoding Heap Overflow Vulnerability (Tue Jun 02 2009 - 12:23:49 CDT)
- ZDI-09-025: Apple Quicktime Picture Viewer FLC Delta-Encoded Frame Decompression Vulnerability (Tue Jun 02 2009 - 12:21:37 CDT)
- ZDI-09-024: Safenet SoftRemote IKE Service Remote Stack Overflow Vulnerability (Mon Jun 01 2009 - 11:42:42 CDT)

Last message date: Tue Jun 30 2009 - 16:01:11 CDT
Archived on: Tue Jun 30 2009 - 16:01:11 CDT

272 messages sorted by: [ date ] [ thread ] [ subject ]