NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 2009-12

318 messages sorted by: [ date ] [ thread ] [ subject ]

Starting: Tue Dec 01 2009 - 09:31:48 CST
Ending: Thu Dec 31 2009 - 11:19:45 CST

adminekin0x.com
- phpPollScript - 1.3 Remote File Include (Sun Dec 20 2009 - 05:43:25 CST)
- WX Guest Book 1.1.208 (SQL/XSS) Multiple Remote Vulnerabilities (Sun Dec 13 2009 - 06:45:17 CST)
- Loggix Project <= 9.4.5 Multiple Remote File Inclusion Vulnerabilities (Sun Dec 13 2009 - 06:44:46 CST)
advisoriesintern0t.net
- [InterN0T] LiveZilla - XSS Vulnerability (Sun Dec 27 2009 - 10:19:50 CST)
- [InterN0T] Google Analytics plugin for Wordpress - XSS Vulnerability (Fri Dec 04 2009 - 05:47:24 CST)
Akita Software Security
- FreeWebshop.org: multiple vulnerabilities (Tue Dec 29 2009 - 04:34:07 CST)
Alessandro Tanasi
- [tools] hostmap-0.2.1 released (Sat Dec 26 2009 - 13:57:28 CST)
Alex Legler
- [ GLSA 200912-02 ] Ruby on Rails: Multiple vulnerabilities (Sun Dec 20 2009 - 05:33:32 CST)
- [ GLSA 200912-01 ] OpenSSL: Multiple vulnerabilities (Tue Dec 01 2009 - 15:32:14 CST)
Alexander Klink
- SQL-Ledger â€“ several vulnerabilities (Mon Dec 21 2009 - 08:17:21 CST)
Andrea Barisani
- [Suspected Spam][oCERT-2009-019] Ganeti path sanitization errors (Thu Dec 17 2009 - 10:26:31 CST)
- [oCERT-2009-017] PHP multiple issues (Mon Nov 30 2009 - 15:52:04 CST)
Andrea Fabrizi
- PhpShop Multiple Vulnerabilities (Sun Dec 06 2009 - 14:46:57 CST)
Andrea Purificato
- Re: [rejected] Oracle exploit for CTXSYS.DRVXTABC.CREATE_TABLES and others (Wed Dec 02 2009 - 04:21:30 CST)
Andrew Farmer
- Re: [Full-disclosure] Remote Command Execution in dotDefender Site Management (Tue Dec 01 2009 - 11:00:57 CST)
anonymousanonymous.com
- Re: Re: Re: Re: Back door trojan in acajoom-3.2.6 for joomla (Sat Dec 05 2009 - 09:08:50 CST)
Asterisk Security Team
- AST-2009-010: RTP Remote Crash Vulnerability (Mon Nov 30 2009 - 15:58:49 CST)
Barkýn KILIÇ
- Re: ** FreeBSD local r00t zeroday (Wed Dec 02 2009 - 10:44:29 CST)
Barry Raveendran Greene
- RE: TLS Renegotiation Vulnerability: Proof of Concept Code (Python) (Mon Dec 21 2009 - 14:16:16 CST)
Blair
- Trango Broadband Wireless Rogue SU Authentication Bug (Tue Dec 15 2009 - 05:00:19 CST)
Bogdan Calin
- Zen Cart local file disclosure vulnerability (Wed Dec 09 2009 - 08:25:39 CST)
bugreportitguard.info
- Microsoft IIS 0Day Vulnerability in Parsing Files (semi-colon bug) (Wed Dec 23 2009 - 15:34:07 CST)
c0dyr00tDefaced.net
- Theeta CMS (Cross Site Scripting,SQL Injection) Multiple Vulnerabilities (Tue Dec 01 2009 - 10:14:06 CST)
Campus Party EU Spain
- Campus Party Eu 2010 Security Challenge - Call For Participants (Wed Dec 16 2009 - 18:34:52 CST)
Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Multiple Cisco WebEx WRF Player Vulnerabilities (Wed Dec 16 2009 - 10:55:47 CST)
ClubHack
- ClubHack2009 presentations are now online (Sat Dec 26 2009 - 02:20:21 CST)
CORE Security Technologies Advisories
- CORE-2009-1013: Multiple XSS and Injection Vulnerabilities in TestLink Test Management and Execution System (Wed Dec 09 2009 - 17:16:34 CST)
- CORE-2009-0911: DAZ Studio Arbitrary Command Execution (Thu Dec 03 2009 - 14:07:53 CST)
Crash - DcLabs
- Tests about semicolon zero-day (BID 37460) (Mon Dec 28 2009 - 16:27:51 CST)
crashbrzgmail.com
- Re: RE: Tests about semicolon zero-day (BID 37460) (Wed Dec 30 2009 - 06:59:55 CST)
cxibsecurityreason.com
- Camino 1.6.10 Remote Array Overrun (Arbitrary code execution) (Thu Dec 10 2009 - 17:33:31 CST)
- Flock 2.5.2 Remote Array Overrun (Arbitrary code execution) (Thu Dec 10 2009 - 17:32:49 CST)
- PHP 5.3.1 open_basedir bypass (Thu Dec 03 2009 - 18:10:42 CST)
Dawid Golunski
- Invision Power Board <= 3.0.4 Local PHP File Inclusion and SQL Injection (Thu Dec 03 2009 - 21:16:48 CST)
Dominick LaTrappe
- VideoCache 1.9.2 vccleaner root vulnerability (Wed Dec 16 2009 - 06:37:51 CST)
Don HO
- Notepad++ buffer overflow issue (Tue Dec 08 2009 - 14:22:09 CST)
ds.adv.pubgmail.com
- Code to mitigate IIS semicolon zero-day (Mon Dec 28 2009 - 12:29:19 CST)
dvlabs
- TPTI-09-15: HP OpenView Data Protector Cell Manager Heap Overflow Vulnerability (Thu Dec 17 2009 - 16:41:10 CST)
- TPTI-09-14: HP OpenView NNM ovwebsnmpsrv.exe OVwSelection Stack Overflow Vulnerability (Wed Dec 09 2009 - 12:25:58 CST)
- TPTI-09-13: HP OpenView NNM snmpviewer.exe CGI Host Header Stack Overflow Vulnerability (Wed Dec 09 2009 - 12:24:50 CST)
- TPTI-09-12: HP OpenView NNM ovalarm.exe CGI Accept-Language Stack Overflow Vulnerability (Wed Dec 09 2009 - 12:23:19 CST)
- TPTI-09-11: HP OpenView NNM OvWebHelp.exe CGI Topic Heap Overflow Vulnerability (Wed Dec 09 2009 - 12:22:32 CST)
- TPTI-09-10: HP OpenView NNM webappmon.exe CGI Host Header Buffer Overflow Vulnerability (Wed Dec 09 2009 - 12:21:41 CST)
- TPTI-09-09: HP OpenView NNM ovsessionmgr.exe userid/passwd Heap Overflow Vulnerability (Wed Dec 09 2009 - 12:20:42 CST)
- TPTI-09-08: HP OpenView NNM ovlogin.exe CGI userid/passwd Heap Overflow Vulnerability (Wed Dec 09 2009 - 12:18:05 CST)
Ed Carp
- Re: [Full-disclosure] ** FreeBSD local r00t zeroday (Mon Nov 30 2009 - 16:49:26 CST)
edgard.chammasbeyond-security.org
- ClarkConnect XSS vulnerability (Mon Dec 21 2009 - 17:49:01 CST)
faghaninsec.ir
- Sheedravi CMS SQL Injection Vulnerability (Mon Dec 28 2009 - 01:32:58 CST)
Florian Weimer
- [SECURITY] [DSA-1964-1] New PostgreSQL packages fix several vulnerabilities (Thu Dec 31 2009 - 10:38:37 CST)
- [SECURITY] [DSA 1963-1] New unbound packages fix DNSSEC validation (Wed Dec 23 2009 - 14:35:17 CST)
- [SECURITY] [DSA 1961-1] New bind9 packages fix cache poisoning (Wed Dec 23 2009 - 01:07:33 CST)
Frank Stuart
- UPDATE: DISA Unix SRR root compromise / CVE-2009-4211 / VU#433821 (Wed Dec 09 2009 - 00:24:09 CST)
- U.S. Defense Information Systems Agency (DISA) Unix Security Readiness Review (SRR) root compromise / VU#433821 (Wed Dec 02 2009 - 23:40:52 CST)
FreeBSD Security Advisories
- FreeBSD Security Advisory FreeBSD-SA-09:15.ssl [REVISED] (Thu Dec 03 2009 - 14:43:16 CST)
- FreeBSD Security Advisory FreeBSD-SA-09:17.freebsd-update (Thu Dec 03 2009 - 03:30:48 CST)
- FreeBSD Security Advisory FreeBSD-SA-09:16.rtld (Thu Dec 03 2009 - 03:30:43 CST)
- FreeBSD Security Advisory FreeBSD-SA-09:15.ssl (Thu Dec 03 2009 - 03:30:38 CST)
FreeBSD Security Officer
- Upcoming FreeBSD Security Advisory (Mon Nov 30 2009 - 19:20:32 CST)
Giuseppe Iuculano
- [SECURITY] [DSA-1962-1] New kvm packages fix several vulnerabilities (Wed Dec 23 2009 - 05:54:01 CST)
- [SECURITY] [DSA-1950-1] New webkit packages fix several vulnerabilities (Sat Dec 12 2009 - 04:10:15 CST)
- [SECURITY] [DSA 1943-1] New openldap2.3/openldap packages fix SSL certificate verification weakness (Wed Dec 02 2009 - 15:45:40 CST)
hadikiamarsihotmail.com
- pragmaMx CMS Blind SQL/XPath Injection vulnerability (Sun Dec 20 2009 - 17:15:51 CST)
- Rumba XML XSS vulnerability (Thu Dec 17 2009 - 06:02:16 CST)
- Daloradius XSS Vulnerability (Tue Dec 15 2009 - 07:08:15 CST)
Ian Bradshaw
- RE: Millions of PDF invisibly embedded with your internal disk paths (Fri Dec 04 2009 - 09:27:29 CST)
iDefense Labs
- iDefense Security Advisory 12.08.09: Microsoft Windows Indeo32 Codec Parsing Heap Corruption Vulnerability (Wed Dec 09 2009 - 15:36:09 CST)
- iDefense Security Advisory 12.08.09: Microsoft WordPad Word97 Converter Integer Overflow Vulnerability (Wed Dec 09 2009 - 15:32:51 CST)
- iDefense Security Advisory 12.08.09: Microsoft Internet Explorer HTML Layout Engine Uninitialized Memory Vulnerability (Wed Dec 09 2009 - 15:26:46 CST)
infosecuritylab.ir
- DBHCMS Web Content Management System v1.1.4 RFI Vulnerability (Mon Dec 28 2009 - 00:40:56 CST)
irancrashgmail.com
- SMF (Simple Machine Forum) 1.1.11 XSS - Discovered by : Khashayar Fereidani (Fri Dec 18 2009 - 11:52:52 CST)
ISecAuditors Security Advisories
- [ISecAuditors Security Advisories] PHP-Calendar <= v1.1 'configfile' Remote and Local File Inclusion vulnerability (Fri Dec 18 2009 - 06:18:04 CST)
- [ISecAuditors Security Advisories] Simple PHP Blog <= 0.5.1 Local File Include vulnerability (Fri Dec 18 2009 - 06:14:03 CST)
- [ISecAuditors Security Advisories] QuiXplorer <=2.4.1beta Remote Code Execution vulnerability (Thu Dec 17 2009 - 10:34:05 CST)
- [ISecAuditors Security Advisories] Horde 3.3.5 "PHP_SELF" Cross-Site Scripting vulnerability (Thu Dec 17 2009 - 09:39:01 CST)
- [ISecAuditors Security Advisories] Cisco ASA <= 8.x VPN SSL module Clientless URL-list control bypass (Thu Dec 17 2009 - 06:48:41 CST)
- [ISecAuditors Security Advisories] WP-Forum <= 2.3 SQL Injection vulnerabilities (Wed Dec 16 2009 - 03:58:07 CST)
Ivan Buetler
- RE: TLS Renegotiation Vulnerability: Proof of Concept Code (Python) (Wed Dec 23 2009 - 01:20:36 CST)
Jamie Strandboge
- [USN-874-1] Firefox 3.5 and Xulrunner 1.9.1 vulnerabilities (Fri Dec 18 2009 - 16:33:42 CST)
- [USN-873-1] Firefox 3.0 and Xulrunner 1.9 vulnerabilities (Fri Dec 18 2009 - 16:04:18 CST)
- [USN-875-1] Red Hat Cluster Suite vulnerabilities (Fri Dec 18 2009 - 10:29:11 CST)
- [USN-872-1] KDE 4 Runtime vulnerabilities (Fri Dec 11 2009 - 06:59:50 CST)
- [USN-871-2] KDE 4 vulnerabilities (Thu Dec 10 2009 - 20:54:50 CST)
- [USN-871-1] KDE vulnerability (Thu Dec 10 2009 - 20:29:40 CST)
- [USN-870-1] PyGreSQL vulnerability (Thu Dec 10 2009 - 18:33:50 CST)
- [USN-868-1] GRUB 2 vulnerability (Tue Dec 08 2009 - 18:47:32 CST)
- [USN-867-1] Ntp vulnerability (Tue Dec 08 2009 - 16:29:02 CST)
- [USN-863-1] QEMU vulnerability (Thu Dec 03 2009 - 14:01:04 CST)
jpecougmail.com
- APC Switched Rack PDU XSS Vulnerability (Mon Dec 14 2009 - 15:19:04 CST)
Juha-Matti Laurio
- Same-origin policy bypass vulnerabilities in several VPN products reported (Wed Dec 02 2009 - 05:51:14 CST)
Kees Cook
- [USN-869-1] Linux kernel vulnerabilities (Wed Dec 09 2009 - 19:09:03 CST)
Kingcope
- ** FreeBSD local r00t zeroday (Mon Nov 30 2009 - 16:12:20 CST)
Kotas, Kevin J
- CA20091208-01: Security Notice for CA Service Desk (Tue Dec 08 2009 - 13:40:19 CST)
Luiz Eduardo
- Call for Papers - you Sh0t the Sheriff 4 - Security Conference, Brazil (Wed Dec 02 2009 - 14:57:29 CST)
Lukas Weichselbaum
- SEC Consult SA-20091217-0 :: Authentication bypass and file manipulation in Sitecore Staging Module (Thu Dec 17 2009 - 06:17:56 CST)
macaco-listohotmail.com
- Re: Powered By Dvbbs Version 7.1.0 Sp1 By Pass (Thu Dec 17 2009 - 16:41:29 CST)
Major Malfunction
- DC4420 - London DEFCON - Christmas drinks - Wednesday 16th December (Mon Dec 14 2009 - 09:19:00 CST)
Marc Deslauriers
- [USN-866-1] gnome-screensaver vulnerability (Mon Dec 07 2009 - 15:23:17 CST)
- [USN-865-1] Bind vulnerability (Mon Dec 07 2009 - 08:39:49 CST)
Mario Alejandro Vilas Jerez
- WinAppDbg 1.3 is out! (Mon Nov 30 2009 - 21:47:55 CST)
Martin Barbella
- XSS Vulnerability in JpGraph 3.0.6 (Tue Dec 22 2009 - 14:34:42 CST)
Maxim A. Kulakov
- Kaspersky Lab Multiple Products Local Privilege Escalation Vulnerability (Wed Dec 16 2009 - 06:58:17 CST)
Michael Gripenstedt
- Security Contact for Netcool at IBM? (Tue Dec 08 2009 - 08:13:04 CST)
Moritz Muehlenhoff
- [SECURITY] [DSA 1956-1] New xulrunner packages fix several vulnerabilities (Wed Dec 16 2009 - 15:15:39 CST)
- [SECURITY] [DSA 1947-1] New Shibboleth packages fix cross-site scripting (Mon Dec 07 2009 - 16:59:02 CST)
MustLive
- Vulnerability in Joomulus for Joomla (Fri Dec 25 2009 - 12:14:13 CST)
- Cross-Site Scripting vulnerabilities in Invision Power Board (Sun Dec 13 2009 - 13:55:33 CST)
- Re: IPB v2.x up to 3.0.4 XSS vulnerability (Sun Dec 13 2009 - 08:55:01 CST)
Nam Nguyen
- [BMSA-2009-08] Multiple Vulnerabilities in PyForum (Mon Dec 14 2009 - 21:26:16 CST)
Nelson Brito
- RE: Tests about semicolon zero-day (BID 37460) (Tue Dec 29 2009 - 15:03:59 CST)
- RE: Tests about semicolon zero-day (BID 37460) (Tue Dec 29 2009 - 11:14:46 CST)
Nick FitzGerald
- Re: Millions of PDF invisibly embedded with your internal disk paths (Fri Dec 04 2009 - 15:50:37 CST)
- Re: Millions of PDF invisibly embedded with your internal disk paths (Fri Dec 04 2009 - 14:55:35 CST)
Nico Golde
- [SECURITY] [DSA 1948-1] New ntp packages fix denial of service (Tue Dec 08 2009 - 13:07:15 CST)
Nicob
- Zabbix Agent : Bypass of EnableRemoteCommands=0 (Sun Dec 13 2009 - 09:28:30 CST)
- Zabbix Server : Multiple remote vulnerabilities (Sun Dec 13 2009 - 09:28:35 CST)
noreply-secresearchfortinet.securityfocus.com
- Fortinet Advisory: Fortinet Discovers Microsoft Office Project Vulnerability (Tue Dec 08 2009 - 16:04:01 CST)
- Fortinet Advisory: Fortinet Discovers Vulnerability in Indeo Codec (Tue Dec 08 2009 - 16:24:37 CST)
nospamgmail.it
- Adobe Illustrator CS4 (V14.0.0) Encapsulated Postscript (.eps) Overlong DSC Comment Buffer Overflow Exploit (Wed Dec 02 2009 - 22:05:49 CST)
Ofer Maor
- Hacktics Advisory Dec09: Oracle eBusiness Suite - Multiple Vulnerabilities Allow Remote Takeover (Mon Dec 14 2009 - 07:57:32 CST)
Packet Storm
- Re: phpPollScript - 1.3 Remote File Include (Mon Dec 21 2009 - 17:57:26 CST)
- Re: WX Guest Book 1.1.208 (SQL/XSS) Multiple Remote Vulnerabilities (Mon Dec 14 2009 - 19:35:00 CST)
- Re: E-Store SQL Injection Vulnerability (Fri Dec 11 2009 - 22:06:41 CST)
Patroklos Argyroudis
- Monkey HTTPd improper input validation vulnerability (Mon Dec 14 2009 - 04:18:55 CST)
- CVE-2009-3586: CoreHTTP web server off-by-one buffer overflow vulnerability (Mon Dec 07 2009 - 03:16:50 CST)
Pavel Machek
- Re: Millions of PDF invisibly embedded with your internal disk paths (Sun Dec 06 2009 - 13:56:46 CST)
- Re: Millions of PDF invisibly embedded with your internal disk paths (Thu Dec 03 2009 - 03:01:53 CST)
Protek Research Lab
- {PRL} QuickHeal antivirus 2010 Local Privilege Escalation (Wed Dec 16 2009 - 10:55:33 CST)
Raphael Geissert
- [SECURITY] [DSA 1958-1] New libtool packages fix privilege escalation (Tue Dec 29 2009 - 11:27:07 CST)
- [SECURITY] [DSA 1960-1] New acpid packages fix weak file permissions (Sat Dec 19 2009 - 13:52:34 CST)
- [SECURITY] [DSA-1959-1] New ganeti packages fix arbitrary command execution (Sat Dec 19 2009 - 07:49:31 CST)
- [SECURITY] [DSA 1949-1] New php-net-ping packages fix arbitrary code execution (Sat Dec 12 2009 - 02:52:41 CST)
RedTeam Pentesting GmbH
- TLS Renegotiation Vulnerability: Proof of Concept Code (Python) (Mon Dec 21 2009 - 07:03:47 CST)
Reversemode
- Exposing HMS HICP Protocol + Intellicom NetBiterConfig.exe Remote Buffer Overflow (Not patched) (Mon Dec 14 2009 - 14:34:43 CST)
Robert BARABAS
- Re: ** FreeBSD local r00t zeroday (Tue Dec 01 2009 - 14:01:13 CST)
rPath Update Announcements
- rPSA-2009-0161-1 hwdata kernel (Wed Dec 16 2009 - 13:20:28 CST)
Ryan Steinmetz
- Re: [Full-disclosure] ** FreeBSD local r00t zeroday (Mon Nov 30 2009 - 19:40:59 CST)
Salvatore Fresta aka Drosophila
- Family Connections <= 2.1.3 Multiple Remote Vulnerabilities (Wed Dec 16 2009 - 00:52:33 CST)
- WSCreator 1.1 Blind SQL Injection (Mon Dec 14 2009 - 20:48:51 CST)
- B2C Booking Centre Systems - SQL Injection Vulnerability (Fri Dec 11 2009 - 15:04:27 CST)
- Miniweb 2.0 Full Path Disclosure (Fri Dec 11 2009 - 21:01:11 CST)
- phpCollegeExchange 0.1.5c Multiple SQL Injection Vulnerabilities (Fri Dec 11 2009 - 09:21:57 CST)
- Digital Scribe 1.4.1 Multiple SQL Injection Vulnerabilities (Fri Dec 11 2009 - 00:25:57 CST)
- E-Store SQL Injection Vulnerability (Thu Dec 10 2009 - 22:50:54 CST)
secu_lab_iryahoo.com
- EEGshop v1.2 (Sun Dec 13 2009 - 15:46:25 CST)
Secunia Research
- Secunia Research: AproxEngine Multiple Vulnerabilities (Tue Dec 29 2009 - 07:58:17 CST)
- Secunia Research: Winamp Oktalyzer Parsing Integer Overflow Vulnerability (Thu Dec 17 2009 - 02:49:20 CST)
- Secunia Research: Winamp Impulse Tracker Sample Parsing Buffer Overflow (Thu Dec 17 2009 - 02:49:34 CST)
- Secunia Research: Winamp Ultratracker File Parsing Buffer Overflow (Thu Dec 17 2009 - 02:49:27 CST)
- Secunia Research: Winamp Impulse Tracker Instrument Parsing Buffer Overflows (Thu Dec 17 2009 - 02:49:40 CST)
- Secunia Research: Novell iPrint Client Date/Time Parsing Buffer Overflow (Tue Dec 08 2009 - 03:29:09 CST)
- Secunia Research: Novell iPrint Client "target-frame" Parameter Buffer Overflow (Tue Dec 08 2009 - 03:25:32 CST)
- Secunia Research: DevIL DICOM "GetUID()" Buffer Overflow Vulnerability (Fri Dec 04 2009 - 07:21:21 CST)
- Secunia Research: Lateral Arts Photobox uploader ActiveX Control Buffer Overflow (Wed Dec 02 2009 - 05:53:35 CST)
- Secunia Research: Roxio Creator Image Rendering Integer Overflow Vulnerability (Wed Dec 02 2009 - 06:27:18 CST)
security-alerthp.com
- [security bulletin] HPSBUX02498 SSRT090264 rev.1 - HP-UX Running Apache, Remote Unauthorized Data Injection, Denial of (Tue Dec 22 2009 - 10:42:14 CST)
- [security bulletin] HPSBMA02252 SSRT061258, SSRT061259 rev.1 - HP OpenView Storage Data Protector, Remote Arbitrary Code Execution (Wed Dec 16 2009 - 18:23:02 CST)
- [security bulletin] HPSBMA02416 SSRT090008 rev.4 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code (Wed Dec 16 2009 - 07:55:57 CST)
- [security bulletin] HPSBUX02482 SSRT090249 rev.2 - HP-UX Running OpenSSL, Remote Unauthorized Data Injection, Denial of Service (DoS) (Mon Dec 14 2009 - 16:29:12 CST)
- [security bulletin] HPSBUX02409 SSRT080171 rev.3 - HP-UX Running VERITAS File System (VRTSvxfs) or VERITAS Oracle Disk (Mon Dec 14 2009 - 14:20:52 CST)
- [security bulletin] HPSBMA02483 SSRT090257 rev.2 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code (Fri Dec 11 2009 - 09:25:12 CST)
- [security bulletin] HPSBPI02472 SSRT090196 rev.2 - Certain HP Color LaserJet Printers, Remote Unauthorized Access to Data, Denial of Service (Fri Dec 11 2009 - 09:24:15 CST)
- [security bulletin] HPSBMA02425 SSRT080091 rev.2 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code (Fri Dec 11 2009 - 09:23:29 CST)
- [security bulletin] HPSBMA02424 SSRT080125 rev.2 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code (Fri Dec 11 2009 - 09:22:42 CST)
- [security bulletin] HPSBMA02400 SSRT080144 rev.3 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code (Fri Dec 11 2009 - 09:21:22 CST)
- [security bulletin] HPSBMA02477 SSRT090177 rev.3 - HP OpenView Network Node Manager (OV NNM), Remote Denial of Service (DoS) (Thu Dec 10 2009 - 08:08:28 CST)
- [security bulletin] HPSBMA02483 SSRT090257 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code (Thu Dec 10 2009 - 08:07:54 CST)
- [security bulletin] HPSBUX02480 SSRT090253 rev.1 - HP-UX Running VRTSweb, Remote Execution of Arbitrary Code, Increase of Privilege (Wed Dec 09 2009 - 17:21:27 CST)
- [security bulletin] HPSBUX02495 SSRT090151 rev.1 - HP-UX Running sendmail, Remote Denial of Service (DoS) (Tue Dec 08 2009 - 19:10:03 CST)
- [security bulletin] HPSBMA02481 SSRT090113 rev.1 - HP OpenView Data Protector Application Recovery Manager, Remote Denial (Mon Dec 07 2009 - 22:25:33 CST)
securitymandriva.com
- [ MDVSA-2009:346 ] kde (Tue Dec 29 2009 - 15:11:00 CST)
- [ MDVSA-2009:345 ] acl (Mon Dec 28 2009 - 18:33:01 CST)
- [ MDVSA-2009:146-1 ] imap (Mon Dec 28 2009 - 15:04:01 CST)
- [ MDVSA-2009:189-1 ] apache-mod_auth_mysql (Mon Dec 28 2009 - 14:38:01 CST)
- [ MDVSA-2009:344 ] perl-DBD-Pg (Mon Dec 28 2009 - 11:53:00 CST)
- [ MDVSA-2009:244-1 ] xfig (Mon Dec 28 2009 - 10:45:01 CST)
- [ MDVSA-2009:343 ] acpid (Sat Dec 26 2009 - 16:53:00 CST)
- [ MDVSA-2009:342 ] acpid (Sat Dec 26 2009 - 15:56:00 CST)
- [ MDVSA-2009:341 ] dstat (Sat Dec 26 2009 - 10:18:00 CST)
- [ MDVSA-2009:340 ] jpgraph (Sat Dec 26 2009 - 09:30:01 CST)
- [ MDVSA-2009:339 ] firefox (Tue Dec 22 2009 - 13:01:00 CST)
- [ MDVSA-2009:338 ] firefox (Tue Dec 22 2009 - 12:26:01 CST)
- [ MDVSA-2009:337 ] proftpd (Tue Dec 22 2009 - 08:55:01 CST)
- [ MDVSA-2009:336 ] koffice (Thu Dec 17 2009 - 18:28:01 CST)
- [ MDVSA-2009:335 ] ffmpeg (Thu Dec 17 2009 - 13:06:01 CST)
- [ MDVSA-2009:334 ] poppler (Wed Dec 16 2009 - 18:51:01 CST)
- [ MDVSA-2009:333 ] postgresql (Tue Dec 15 2009 - 12:27:01 CST)
- [ MDVSA-2009:259-1 ] snort (Fri Dec 11 2009 - 13:21:00 CST)
- [ MDVSA-2009:296-1 ] gimp (Fri Dec 11 2009 - 11:27:00 CST)
- [ MDVSA-2009:332 ] gimp (Fri Dec 11 2009 - 07:51:01 CST)
- [ MDVSA-2009:331 ] kdegraphics (Thu Dec 10 2009 - 12:06:00 CST)
- [ MDVSA-2009:330 ] kdelibs (Thu Dec 10 2009 - 11:55:01 CST)
- [ MDVSA-2009:329 ] kernel (Wed Dec 09 2009 - 19:22:00 CST)
- [ MDVSA-2009:030-1 ] amarok (Tue Dec 08 2009 - 15:39:01 CST)
- [ MDVSA-2009:328 ] ntp (Tue Dec 08 2009 - 20:26:00 CST)
- [ MDVSA-2009:059-1 ] xchat (Tue Dec 08 2009 - 14:09:00 CST)
- [ MDVSA-2009:276-1 ] python-django (Tue Dec 08 2009 - 16:07:01 CST)
- [ MDVSA-2009:046-1 ] dia (Tue Dec 08 2009 - 14:39:02 CST)
- [ MDVSA-2009:038-1 ] blender (Tue Dec 08 2009 - 15:25:02 CST)
- [ MDVSA-2009:093-1 ] mpg123 (Tue Dec 08 2009 - 13:39:00 CST)
- [ MDVSA-2009:091-1 ] mod_perl (Tue Dec 08 2009 - 13:56:00 CST)
- [ MDVSA-2009:099-1 ] openafs (Tue Dec 08 2009 - 12:44:01 CST)
- [ MDVSA-2009:098-1 ] krb5 (Tue Dec 08 2009 - 13:03:00 CST)
- [ MDVSA-2009:126-1 ] eggdrop (Tue Dec 08 2009 - 12:14:00 CST)
- [ MDVSA-2009:133-1 ] irssi (Tue Dec 08 2009 - 12:03:01 CST)
- [ MDVSA-2009:327 ] clamav (Tue Dec 08 2009 - 10:45:01 CST)
- [ MDVSA-2009:191-1 ] OpenEXR (Tue Dec 08 2009 - 11:25:01 CST)
- [ MDVSA-2009:251-1 ] postgresql8.2 (Tue Dec 08 2009 - 08:59:00 CST)
- [ MDVSA-2009:282-1 ] cups (Mon Dec 07 2009 - 19:06:00 CST)
- [ MDVSA-2009:326 ] mysql (Mon Dec 07 2009 - 15:21:00 CST)
- [ MDVSA-2009:325 ] ruby (Mon Dec 07 2009 - 15:05:00 CST)
- [ MDVSA-2009:199-1 ] subversion (Mon Dec 07 2009 - 14:03:00 CST)
- [ MDVSA-2009:243-2 ] freetype2 (Sat Dec 05 2009 - 10:11:01 CST)
- [ MDVSA-2009:324 ] php (Mon Dec 07 2009 - 11:41:01 CST)
- [ MDVSA-2009:252-1 ] perl-IO-Socket-SSL (Sat Dec 05 2009 - 12:14:01 CST)
- [ MDVSA-2008:233-1 ] libcdaudio (Mon Dec 07 2009 - 09:04:01 CST)
- [ MDVSA-2009:229-1 ] cyrus-imapd (Sat Dec 05 2009 - 09:51:00 CST)
- [ MDVSA-2009:256-1 ] dbus (Sat Dec 05 2009 - 10:43:00 CST)
- [ MDVSA-2009:254-1 ] graphviz (Sat Dec 05 2009 - 10:54:00 CST)
- [ MDVSA-2009:323 ] apache (Mon Dec 07 2009 - 10:51:01 CST)
- [ MDVSA-2009:234-2 ] silc-toolkit (Sat Dec 05 2009 - 10:02:00 CST)
- [ MDVSA-2009:322 ] mono (Mon Dec 07 2009 - 08:13:01 CST)
- [ MDVSA-2009:317 ] netpbm (Sat Dec 05 2009 - 11:29:00 CST)
- [ MDVSA-2009:219-1 ] kompozer (Sun Dec 06 2009 - 15:19:00 CST)
- [ MDVSA-2009:260-1 ] imagemagick (Sat Dec 05 2009 - 11:03:01 CST)
- [ MDVSA-2009:215-1 ] audacity (Sun Dec 06 2009 - 13:49:00 CST)
- [ MDVSA-2009:321 ] pidgin (Sun Dec 06 2009 - 13:33:01 CST)
- [ MDVSA-2009:320 ] samba (Sun Dec 06 2009 - 13:19:01 CST)
- [ MDVSA-2009:284-1 ] gd (Sat Dec 05 2009 - 12:26:00 CST)
- [ MDVSA-2009:272-1 ] libmikmod (Sat Dec 05 2009 - 11:55:00 CST)
- [ MDVSA-2009:307-1 ] libtool (Sun Dec 06 2009 - 12:40:00 CST)
- [ MDVSA-2009:316 ] expat (Sat Dec 05 2009 - 09:23:01 CST)
- [ MDVSA-2009:319 ] xine-lib (Sat Dec 05 2009 - 14:39:00 CST)
- [ MDVSA-2009:318 ] xmlsec1 (Sat Dec 05 2009 - 11:38:01 CST)
- [ MDVSA-2009:249-1 ] newt (Sat Dec 05 2009 - 10:29:01 CST)
- [ MDVSA-2009:297-1 ] ffmpeg (Sat Dec 05 2009 - 14:00:00 CST)
- [ MDVSA-2009:232-1 ] libsamplerate (Sat Dec 05 2009 - 09:40:01 CST)
- [ MDVSA-2009:231-1 ] htmldoc (Mon Dec 07 2009 - 07:43:00 CST)
- [ MDVSA-2009:201-1 ] fetchmail (Thu Dec 03 2009 - 21:11:00 CST)
- [ MDVSA-2009:128-1 ] libmodplug (Thu Dec 03 2009 - 16:11:01 CST)
- [ MDVSA-2009:224-1 ] postfix (Fri Dec 04 2009 - 13:53:00 CST)
- [ MDVSA-2009:314 ] apr (Thu Dec 03 2009 - 20:16:00 CST)
- [ MDVSA-2009:200-1 ] libxml (Thu Dec 03 2009 - 21:00:00 CST)
- [ MDVSA-2009:213-1 ] wxgtk (Fri Dec 04 2009 - 07:54:01 CST)
- [ MDVSA-2009:130-1 ] gstreamer0.10-plugins-good (Thu Dec 03 2009 - 16:33:00 CST)
- [ MDVSA-2009:218-1 ] w3c-libwww (Fri Dec 04 2009 - 11:07:00 CST)
- [ MDVSA-2009:206-1 ] wget (Fri Dec 04 2009 - 07:35:00 CST)
- [ MDVSA-2009:312 ] dhcp (Thu Dec 03 2009 - 18:52:00 CST)
- [ MDVSA-2009:211-1 ] expat (Fri Dec 04 2009 - 08:31:00 CST)
- [ MDVSA-2009:223-1 ] xerces-c (Fri Dec 04 2009 - 12:00:00 CST)
- [ MDVSA-2009:315 ] libneon (Fri Dec 04 2009 - 11:37:00 CST)
- [ MDVSA-2009:212-1 ] python (Fri Dec 04 2009 - 10:24:01 CST)
- [ MDVSA-2009:157-1 ] perl-Compress-Raw-Zlib (Thu Dec 03 2009 - 19:07:00 CST)
- [ MDVSA-2009:142-1 ] jasper (Thu Dec 03 2009 - 17:17:01 CST)
- [ MDVSA-2009:311 ] ghostscript (Thu Dec 03 2009 - 18:18:00 CST)
- [ MDVSA-2009:287-1 ] xpdf (Thu Dec 03 2009 - 20:37:00 CST)
- [ MDVSA-2009:158-3 ] pango (Thu Dec 03 2009 - 19:18:00 CST)
- [ MDVSA-2009:208-1 ] libgadu (Fri Dec 04 2009 - 08:13:00 CST)
- [ MDVSA-2009:203-1 ] curl (Thu Dec 03 2009 - 21:22:00 CST)
- [ MDVSA-2009:169-1 ] libtiff (Thu Dec 03 2009 - 18:40:00 CST)
- [ MDVSA-2009:290-1 ] firefox (Thu Dec 03 2009 - 15:23:01 CST)
- [ MDVSA-2009:313-1 ] bind (Thu Dec 03 2009 - 19:44:00 CST)
- [ MDVSA-2009:132-1 ] libsndfile (Thu Dec 03 2009 - 16:46:01 CST)
- [ MDVSA-2009:292-1 ] wireshark (Thu Dec 03 2009 - 16:00:00 CST)
- [ MDVSA-2009:308 ] gnutls (Thu Dec 03 2009 - 13:29:01 CST)
- [ MDVSA-2009:310 ] openssl (Thu Dec 03 2009 - 14:11:00 CST)
- [ MDVSA-2009:113-1 ] cyrus-sasl (Thu Dec 03 2009 - 12:25:01 CST)
- [ MDVSA-2009:309 ] ntp (Thu Dec 03 2009 - 13:48:01 CST)
- [ MDVSA-2009:108-1 ] zsh (Thu Dec 03 2009 - 12:00:01 CST)
- [ MDVSA-2009:106-1 ] libwmf (Thu Dec 03 2009 - 11:39:01 CST)
- [ MDVSA-2009:103-1 ] udev (Thu Dec 03 2009 - 11:05:00 CST)
- [ MDVSA-2009:112-1 ] ipsec-tools (Thu Dec 03 2009 - 12:14:00 CST)
- [ MDVSA-2009:107-1 ] acpid (Thu Dec 03 2009 - 11:46:00 CST)
- [ MDVSA-2009:217-3 ] mozilla-thunderbird (Thu Dec 03 2009 - 09:07:01 CST)
- [ MDVSA-2009:197-3 ] nss (Thu Dec 03 2009 - 09:29:00 CST)
- [ MDVSA-2009:121-1 ] lcms (Wed Dec 02 2009 - 16:41:00 CST)
smf2.reviewgmail.com
- 40 vulnerabilities in SMF 1.1.10/SMF 2.0RC2 by elhacker.net (Simple Audit) (Tue Dec 01 2009 - 21:37:26 CST)
Socket_0x03teraexe.com
- Remote Buffer Overflow Exploit (TFTP Daemon Version 1.9) by Socket_0x03 (Thu Dec 24 2009 - 03:01:20 CST)
- Remote Buffer Overflow Exploit (TFTP Daemon Version 1.9) by Socket_0x03 (Mon Dec 21 2009 - 20:18:37 CST)
Stefan Esser
- Advisory 02/2009: PHPIDS Unserialize() Vulnerability (Wed Dec 09 2009 - 04:11:12 CST)
- Advisory 03/2009: Piwik Cookie unserialize() Vulnerability (Wed Dec 09 2009 - 04:12:12 CST)
Stefan Friedli
- [scip-Advisory 4063] PasswordManager Pro 6.1 Script Injection Vulnerability (Tue Dec 15 2009 - 03:26:02 CST)
Stefan Fritsch
- [SECURITY] [DSA-1953-2] New expat packages fix regression (Thu Dec 31 2009 - 08:15:48 CST)
- [SECURITY] [DSA-1953-1] New expat packages fix denial of service (Tue Dec 15 2009 - 14:23:03 CST)
Steffen Joeris
- [SECURITY] [DSA 1957-1] New aria2 packages fix arbitrary code execution (Mon Dec 28 2009 - 03:58:08 CST)
- [SECURITY] [DSA 1955-1] New network-manager/network-manager-applet packages fix information disclosure (Wed Dec 16 2009 - 11:27:35 CST)
- [SECURITY] [DSA 1954-1] New cacti packages fix insufficient input sanitising (Wed Dec 16 2009 - 05:47:37 CST)
- [SECURITY] [DSA 1952-1] New asterisk packages fix several vulnerabilities (Tue Dec 15 2009 - 07:06:23 CST)
- [SECURITY] [DSA 1952-2] End-of-life announcement for asterisk in oldstable (Tue Dec 15 2009 - 07:06:34 CST)
- [SECURITY] [DSA 1951-1] New firefox-sage packages fix insufficient input sanitizing (Tue Dec 15 2009 - 05:55:16 CST)
- [SECURITY] [DSA 1946-1] New belpic packages fix cryptographic weakness (Fri Dec 04 2009 - 15:02:22 CST)
- [SECURITY] [DSA 1945-1] New gforge packages fix denial of service (Thu Dec 03 2009 - 06:46:30 CST)
- [SECURITY] [DSA 1944-1] New request-tracker packages fix session hijack vulnerability (Thu Dec 03 2009 - 05:04:51 CST)
tcphttp
- Mozilla Firefox JavaScript Prompt Spoofing Weakness (Sat Dec 05 2009 - 06:05:40 CST)
Thierry Zoller
- Re: TLS / SSLv3 vulnerability explained (New ways to leverage the vulnerability) (Fri Dec 11 2009 - 07:27:10 CST)
Thor (Hammer of God)
- File Access Vulnerability in Easy File Sharing Web Server (Tue Dec 15 2009 - 18:16:51 CST)
- FW: [Full-disclosure] File Access Vulnerability in Easy File Sharing Web Server (Tue Dec 15 2009 - 20:35:38 CST)
- RE: Millions of PDF invisibly embedded with your internal disk paths (Wed Dec 09 2009 - 15:51:16 CST)
- RE: Millions of PDF invisibly embedded with your internal disk paths (Thu Dec 03 2009 - 16:26:45 CST)
Tom Yu
- MITKRB5-SA-2009-003 [CVE-2009-3295] KDC denial of service in cross-realm referral processing (Mon Dec 28 2009 - 13:05:25 CST)
tomerapplicure.com
- Applicure Technologies response (Tue Dec 08 2009 - 11:30:27 CST)
Troy Bollinger
- Re: Security Contact for Netcool at IBM? (Tue Dec 08 2009 - 10:26:12 CST)
VMware Security Team
- VMSA-2009-0017 VMware vCenter, ESX patch and vCenter Lab Manager releases address cross-site scripting issues (Tue Dec 15 2009 - 12:33:49 CST)
VUPEN Security Research
- VUPEN Security Research - Winamp PNG and JPEG Data Integer Overflow Vulnerabilities (Thu Dec 17 2009 - 09:53:44 CST)
Xacker
- IPB v2.x up to 3.0.4 XSS vulnerability (Wed Dec 09 2009 - 01:50:13 CST)
ZDI Disclosures
- ZDI-09-099: Hewlett-Packard OpenView Data Protector Backup Client Service Buffer Overflow Vulnerability (Thu Dec 17 2009 - 16:25:04 CST)
- ZDI-09-098: Symantec Multiple Products VRTSweb.exe Remote Code Execution Vulnerability (Wed Dec 09 2009 - 13:24:30 CST)
- ZDI-09-095: Hewlett-Packard OpenView NNM Snmp.exe Oid Variable Buffer Overflow Vulnerability (Wed Dec 09 2009 - 11:39:17 CST)
- ZDI-09-088: Microsoft Internet Explorer IFrame Attributes Circular Reference Dangling Pointer Vulnerability (Tue Dec 08 2009 - 13:42:42 CST)
- ZDI-09-097: Hewlett-Packard OpenView NNM nnmRptConfig.exe Template Variable strcat Overflow Vulnerability (Wed Dec 09 2009 - 11:39:12 CST)
- ZDI-09-096: Hewlett-Packard OpenView NNM nnmRptConfig.exe Template Variable vsprintf Overflow Vulnerability (Wed Dec 09 2009 - 11:39:22 CST)
- ZDI-09-094: Hewlett-Packard OpenView NNM Multiple Command Injection Vulnerabilities (Wed Dec 09 2009 - 11:39:07 CST)
- ZDI-09-090: Microsoft Windows Intel Indeo Codec Parsing Stack Overflow Vulnerability (Tue Dec 08 2009 - 13:42:52 CST)
- ZDI-09-092: Adobe Flash Player JPEG Parsing Heap Overflow Vulnerability (Wed Dec 09 2009 - 10:41:50 CST)
- ZDI-09-093: Adobe Flash Player ActionScript Exception Handler Integer Overflow Vulnerability (Wed Dec 09 2009 - 10:41:55 CST)
- ZDI-09-091: Hewlett-Packard Application Recovery Manager MSG_PROTOCOL Stack Overflow Vulnerability (Tue Dec 08 2009 - 17:07:20 CST)
- ZDI-09-087: Microsoft Internet Explorer CSS Race Condition Code Execution Vulnerability (Tue Dec 08 2009 - 13:42:37 CST)
- ZDI-09-089: Microsoft Windows Intel Indeo Codec Parsing Heap Overflow Vulnerability (Tue Dec 08 2009 - 13:42:47 CST)
- ZDI-09-086: Microsoft Internet Explorer XHTML DOM Manipulation Memory Corruption Vulnerability (Tue Dec 08 2009 - 13:42:32 CST)

Last message date: Thu Dec 31 2009 - 11:19:45 CST
Archived on: Thu Dec 31 2009 - 11:19:46 CST

318 messages sorted by: [ date ] [ thread ] [ subject ]