|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
318 messages sorted by: [ author ] [ date ] [ thread ]
Starting: Tue Dec 01 2009 - 09:31:48 CST
Ending: Thu Dec 31 2009 - 11:19:45 CST
- ** FreeBSD local r00t zeroday
- 40 vulnerabilities in SMF 1.1.10/SMF 2.0RC2 by elhacker.net (Simple Audit)
- [ GLSA 200912-01 ] OpenSSL: Multiple vulnerabilities
- [ GLSA 200912-02 ] Ruby on Rails: Multiple vulnerabilities
- [ MDVSA-2008:233-1 ] libcdaudio
- [ MDVSA-2009:030-1 ] amarok
- [ MDVSA-2009:038-1 ] blender
- [ MDVSA-2009:046-1 ] dia
- [ MDVSA-2009:059-1 ] xchat
- [ MDVSA-2009:091-1 ] mod_perl
- [ MDVSA-2009:093-1 ] mpg123
- [ MDVSA-2009:098-1 ] krb5
- [ MDVSA-2009:099-1 ] openafs
- [ MDVSA-2009:103-1 ] udev
- [ MDVSA-2009:106-1 ] libwmf
- [ MDVSA-2009:107-1 ] acpid
- [ MDVSA-2009:108-1 ] zsh
- [ MDVSA-2009:112-1 ] ipsec-tools
- [ MDVSA-2009:113-1 ] cyrus-sasl
- [ MDVSA-2009:121-1 ] lcms
- [ MDVSA-2009:126-1 ] eggdrop
- [ MDVSA-2009:128-1 ] libmodplug
- [ MDVSA-2009:130-1 ] gstreamer0.10-plugins-good
- [ MDVSA-2009:132-1 ] libsndfile
- [ MDVSA-2009:133-1 ] irssi
- [ MDVSA-2009:142-1 ] jasper
- [ MDVSA-2009:146-1 ] imap
- [ MDVSA-2009:157-1 ] perl-Compress-Raw-Zlib
- [ MDVSA-2009:158-3 ] pango
- [ MDVSA-2009:169-1 ] libtiff
- [ MDVSA-2009:189-1 ] apache-mod_auth_mysql
- [ MDVSA-2009:191-1 ] OpenEXR
- [ MDVSA-2009:197-3 ] nss
- [ MDVSA-2009:199-1 ] subversion
- [ MDVSA-2009:200-1 ] libxml
- [ MDVSA-2009:201-1 ] fetchmail
- [ MDVSA-2009:203-1 ] curl
- [ MDVSA-2009:206-1 ] wget
- [ MDVSA-2009:208-1 ] libgadu
- [ MDVSA-2009:211-1 ] expat
- [ MDVSA-2009:212-1 ] python
- [ MDVSA-2009:213-1 ] wxgtk
- [ MDVSA-2009:215-1 ] audacity
- [ MDVSA-2009:217-3 ] mozilla-thunderbird
- [ MDVSA-2009:218-1 ] w3c-libwww
- [ MDVSA-2009:219-1 ] kompozer
- [ MDVSA-2009:223-1 ] xerces-c
- [ MDVSA-2009:224-1 ] postfix
- [ MDVSA-2009:229-1 ] cyrus-imapd
- [ MDVSA-2009:231-1 ] htmldoc
- [ MDVSA-2009:232-1 ] libsamplerate
- [ MDVSA-2009:234-2 ] silc-toolkit
- [ MDVSA-2009:243-2 ] freetype2
- [ MDVSA-2009:244-1 ] xfig
- [ MDVSA-2009:249-1 ] newt
- [ MDVSA-2009:251-1 ] postgresql8.2
- [ MDVSA-2009:252-1 ] perl-IO-Socket-SSL
- [ MDVSA-2009:254-1 ] graphviz
- [ MDVSA-2009:256-1 ] dbus
- [ MDVSA-2009:259-1 ] snort
- [ MDVSA-2009:260-1 ] imagemagick
- [ MDVSA-2009:272-1 ] libmikmod
- [ MDVSA-2009:276-1 ] python-django
- [ MDVSA-2009:282-1 ] cups
- [ MDVSA-2009:284-1 ] gd
- [ MDVSA-2009:287-1 ] xpdf
- [ MDVSA-2009:290-1 ] firefox
- [ MDVSA-2009:292-1 ] wireshark
- [ MDVSA-2009:296-1 ] gimp
- [ MDVSA-2009:297-1 ] ffmpeg
- [ MDVSA-2009:307-1 ] libtool
- [ MDVSA-2009:308 ] gnutls
- [ MDVSA-2009:309 ] ntp
- [ MDVSA-2009:310 ] openssl
- [ MDVSA-2009:311 ] ghostscript
- [ MDVSA-2009:312 ] dhcp
- [ MDVSA-2009:313-1 ] bind
- [ MDVSA-2009:314 ] apr
- [ MDVSA-2009:315 ] libneon
- [ MDVSA-2009:316 ] expat
- [ MDVSA-2009:317 ] netpbm
- [ MDVSA-2009:318 ] xmlsec1
- [ MDVSA-2009:319 ] xine-lib
- [ MDVSA-2009:320 ] samba
- [ MDVSA-2009:321 ] pidgin
- [ MDVSA-2009:322 ] mono
- [ MDVSA-2009:323 ] apache
- [ MDVSA-2009:324 ] php
- [ MDVSA-2009:325 ] ruby
- [ MDVSA-2009:326 ] mysql
- [ MDVSA-2009:327 ] clamav
- [ MDVSA-2009:328 ] ntp
- [ MDVSA-2009:329 ] kernel
- [ MDVSA-2009:330 ] kdelibs
- [ MDVSA-2009:331 ] kdegraphics
- [ MDVSA-2009:332 ] gimp
- [ MDVSA-2009:333 ] postgresql
- [ MDVSA-2009:334 ] poppler
- [ MDVSA-2009:335 ] ffmpeg
- [ MDVSA-2009:336 ] koffice
- [ MDVSA-2009:337 ] proftpd
- [ MDVSA-2009:338 ] firefox
- [ MDVSA-2009:339 ] firefox
- [ MDVSA-2009:340 ] jpgraph
- [ MDVSA-2009:341 ] dstat
- [ MDVSA-2009:342 ] acpid
- [ MDVSA-2009:343 ] acpid
- [ MDVSA-2009:344 ] perl-DBD-Pg
- [ MDVSA-2009:345 ] acl
- [ MDVSA-2009:346 ] kde
- [BMSA-2009-08] Multiple Vulnerabilities in PyForum
- [Full-disclosure] ** FreeBSD local r00t zeroday
- [Full-disclosure] File Access Vulnerability in Easy File Sharing Web Server
- [Full-disclosure] Remote Command Execution in dotDefender Site Management
- [InterN0T] Google Analytics plugin for Wordpress - XSS Vulnerability
- [InterN0T] LiveZilla - XSS Vulnerability
- [ISecAuditors Security Advisories] Cisco ASA <= 8.x VPN SSL module Clientless URL-list control bypass
- [ISecAuditors Security Advisories] Horde 3.3.5 "PHP_SELF" Cross-Site Scripting vulnerability
- [ISecAuditors Security Advisories] PHP-Calendar <= v1.1 'configfile' Remote and Local File Inclusion vulnerability
- [ISecAuditors Security Advisories] QuiXplorer <=2.4.1beta Remote Code Execution vulnerability
- [ISecAuditors Security Advisories] Simple PHP Blog <= 0.5.1 Local File Include vulnerability
- [ISecAuditors Security Advisories] WP-Forum <= 2.3 SQL Injection vulnerabilities
- [oCERT-2009-017] PHP multiple issues
- [rejected] Oracle exploit for CTXSYS.DRVXTABC.CREATE_TABLES and others
- [scip-Advisory 4063] PasswordManager Pro 6.1 Script Injection Vulnerability
- [security bulletin] HPSBMA02252 SSRT061258, SSRT061259 rev.1 - HP OpenView Storage Data Protector, Remote Arbitrary Code Execution
- [security bulletin] HPSBMA02400 SSRT080144 rev.3 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code
- [security bulletin] HPSBMA02416 SSRT090008 rev.4 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code
- [security bulletin] HPSBMA02424 SSRT080125 rev.2 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code
- [security bulletin] HPSBMA02425 SSRT080091 rev.2 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code
- [security bulletin] HPSBMA02477 SSRT090177 rev.3 - HP OpenView Network Node Manager (OV NNM), Remote Denial of Service (DoS)
- [security bulletin] HPSBMA02481 SSRT090113 rev.1 - HP OpenView Data Protector Application Recovery Manager, Remote Denial
- [security bulletin] HPSBMA02483 SSRT090257 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code
- [security bulletin] HPSBMA02483 SSRT090257 rev.2 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code
- [security bulletin] HPSBPI02472 SSRT090196 rev.2 - Certain HP Color LaserJet Printers, Remote Unauthorized Access to Data, Denial of Service
- [security bulletin] HPSBUX02409 SSRT080171 rev.3 - HP-UX Running VERITAS File System (VRTSvxfs) or VERITAS Oracle Disk
- [security bulletin] HPSBUX02480 SSRT090253 rev.1 - HP-UX Running VRTSweb, Remote Execution of Arbitrary Code, Increase of Privilege
- [security bulletin] HPSBUX02482 SSRT090249 rev.2 - HP-UX Running OpenSSL, Remote Unauthorized Data Injection, Denial of Service (DoS)
- [security bulletin] HPSBUX02495 SSRT090151 rev.1 - HP-UX Running sendmail, Remote Denial of Service (DoS)
- [security bulletin] HPSBUX02498 SSRT090264 rev.1 - HP-UX Running Apache, Remote Unauthorized Data Injection, Denial of
- [SECURITY] [DSA 1943-1] New openldap2.3/openldap packages fix SSL certificate verification weakness
- [SECURITY] [DSA 1944-1] New request-tracker packages fix session hijack vulnerability
- [SECURITY] [DSA 1945-1] New gforge packages fix denial of service
- [SECURITY] [DSA 1946-1] New belpic packages fix cryptographic weakness
- [SECURITY] [DSA 1947-1] New Shibboleth packages fix cross-site scripting
- [SECURITY] [DSA 1948-1] New ntp packages fix denial of service
- [SECURITY] [DSA 1949-1] New php-net-ping packages fix arbitrary code execution
- [SECURITY] [DSA 1951-1] New firefox-sage packages fix insufficient input sanitizing
- [SECURITY] [DSA 1952-1] New asterisk packages fix several vulnerabilities
- [SECURITY] [DSA 1952-2] End-of-life announcement for asterisk in oldstable
- [SECURITY] [DSA 1954-1] New cacti packages fix insufficient input sanitising
- [SECURITY] [DSA 1955-1] New network-manager/network-manager-applet packages fix information disclosure
- [SECURITY] [DSA 1956-1] New xulrunner packages fix several vulnerabilities
- [SECURITY] [DSA 1957-1] New aria2 packages fix arbitrary code execution
- [SECURITY] [DSA 1958-1] New libtool packages fix privilege escalation
- [SECURITY] [DSA 1960-1] New acpid packages fix weak file permissions
- [SECURITY] [DSA 1961-1] New bind9 packages fix cache poisoning
- [SECURITY] [DSA 1963-1] New unbound packages fix DNSSEC validation
- [SECURITY] [DSA-1950-1] New webkit packages fix several vulnerabilities
- [SECURITY] [DSA-1953-1] New expat packages fix denial of service
- [SECURITY] [DSA-1953-2] New expat packages fix regression
- [SECURITY] [DSA-1959-1] New ganeti packages fix arbitrary command execution
- [SECURITY] [DSA-1962-1] New kvm packages fix several vulnerabilities
- [SECURITY] [DSA-1964-1] New PostgreSQL packages fix several vulnerabilities
- [Suspected Spam][oCERT-2009-019] Ganeti path sanitization errors
- [tools] hostmap-0.2.1 released
- [USN-863-1] QEMU vulnerability
- [USN-865-1] Bind vulnerability
- [USN-866-1] gnome-screensaver vulnerability
- [USN-867-1] Ntp vulnerability
- [USN-868-1] GRUB 2 vulnerability
- [USN-869-1] Linux kernel vulnerabilities
- [USN-870-1] PyGreSQL vulnerability
- [USN-871-1] KDE vulnerability
- [USN-871-2] KDE 4 vulnerabilities
- [USN-872-1] KDE 4 Runtime vulnerabilities
- [USN-873-1] Firefox 3.0 and Xulrunner 1.9 vulnerabilities
- [USN-874-1] Firefox 3.5 and Xulrunner 1.9.1 vulnerabilities
- [USN-875-1] Red Hat Cluster Suite vulnerabilities
- Adobe Illustrator CS4 (V14.0.0) Encapsulated Postscript (.eps) Overlong DSC Comment Buffer Overflow Exploit
- Advisory 02/2009: PHPIDS Unserialize() Vulnerability
- Advisory 03/2009: Piwik Cookie unserialize() Vulnerability
- APC Switched Rack PDU XSS Vulnerability
- Applicure Technologies response
- AST-2009-010: RTP Remote Crash Vulnerability
- B2C Booking Centre Systems - SQL Injection Vulnerability
- Back door trojan in acajoom-3.2.6 for joomla
- CA20091208-01: Security Notice for CA Service Desk
- Call for Papers - you Sh0t the Sheriff 4 - Security Conference, Brazil
- Camino 1.6.10 Remote Array Overrun (Arbitrary code execution)
- Campus Party Eu 2010 Security Challenge - Call For Participants
- Cisco Security Advisory: Multiple Cisco WebEx WRF Player Vulnerabilities
- ClarkConnect XSS vulnerability
- ClubHack2009 presentations are now online
- Code to mitigate IIS semicolon zero-day
- CORE-2009-0911: DAZ Studio Arbitrary Command Execution
- CORE-2009-1013: Multiple XSS and Injection Vulnerabilities in TestLink Test Management and Execution System
- Cross-Site Scripting vulnerabilities in Invision Power Board
- CVE-2009-3586: CoreHTTP web server off-by-one buffer overflow vulnerability
- Daloradius XSS Vulnerability
- DBHCMS Web Content Management System v1.1.4 RFI Vulnerability
- DC4420 - London DEFCON - Christmas drinks - Wednesday 16th December
- Digital Scribe 1.4.1 Multiple SQL Injection Vulnerabilities
- E-Store SQL Injection Vulnerability
- EEGshop v1.2
- Exposing HMS HICP Protocol + Intellicom NetBiterConfig.exe Remote Buffer Overflow (Not patched)
- Family Connections <= 2.1.3 Multiple Remote Vulnerabilities
- File Access Vulnerability in Easy File Sharing Web Server
- Flock 2.5.2 Remote Array Overrun (Arbitrary code execution)
- Fortinet Advisory: Fortinet Discovers Microsoft Office Project Vulnerability
- Fortinet Advisory: Fortinet Discovers Vulnerability in Indeo Codec
- FreeBSD Security Advisory FreeBSD-SA-09:15.ssl
- FreeBSD Security Advisory FreeBSD-SA-09:15.ssl [REVISED]
- FreeBSD Security Advisory FreeBSD-SA-09:16.rtld
- FreeBSD Security Advisory FreeBSD-SA-09:17.freebsd-update
- FreeWebshop.org: multiple vulnerabilities
- Hacktics Advisory Dec09: Oracle eBusiness Suite - Multiple Vulnerabilities Allow Remote Takeover
- iDefense Security Advisory 12.08.09: Microsoft Internet Explorer HTML Layout Engine Uninitialized Memory Vulnerability
- iDefense Security Advisory 12.08.09: Microsoft Windows Indeo32 Codec Parsing Heap Corruption Vulnerability
- iDefense Security Advisory 12.08.09: Microsoft WordPad Word97 Converter Integer Overflow Vulnerability
- Invision Power Board <= 3.0.4 Local PHP File Inclusion and SQL Injection
- IPB v2.x up to 3.0.4 XSS vulnerability
- Kaspersky Lab Multiple Products Local Privilege Escalation Vulnerability
- Loggix Project <= 9.4.5 Multiple Remote File Inclusion Vulnerabilities
- Microsoft IIS 0Day Vulnerability in Parsing Files (semi-colon bug)
- Millions of PDF invisibly embedded with your internal disk paths
- Miniweb 2.0 Full Path Disclosure
- MITKRB5-SA-2009-003 [CVE-2009-3295] KDC denial of service in cross-realm referral processing
- Monkey HTTPd improper input validation vulnerability
- Mozilla Firefox JavaScript Prompt Spoofing Weakness
- Notepad++ buffer overflow issue
- PHP 5.3.1 open_basedir bypass
- phpCollegeExchange 0.1.5c Multiple SQL Injection Vulnerabilities
- phpPollScript - 1.3 Remote File Include
- PhpShop Multiple Vulnerabilities
- Powered By Dvbbs Version 7.1.0 Sp1 By Pass
- pragmaMx CMS Blind SQL/XPath Injection vulnerability
- Remote Buffer Overflow Exploit (TFTP Daemon Version 1.9) by Socket_0x03
- rPSA-2009-0161-1 hwdata kernel
- Rumba XML XSS vulnerability
- Same-origin policy bypass vulnerabilities in several VPN products reported
- SEC Consult SA-20091217-0 :: Authentication bypass and file manipulation in Sitecore Staging Module
- Secunia Research: AproxEngine Multiple Vulnerabilities
- Secunia Research: DevIL DICOM "GetUID()" Buffer Overflow Vulnerability
- Secunia Research: Lateral Arts Photobox uploader ActiveX Control Buffer Overflow
- Secunia Research: Novell iPrint Client "target-frame" Parameter Buffer Overflow
- Secunia Research: Novell iPrint Client Date/Time Parsing Buffer Overflow
- Secunia Research: Roxio Creator Image Rendering Integer Overflow Vulnerability
- Secunia Research: Winamp Impulse Tracker Instrument Parsing Buffer Overflows
- Secunia Research: Winamp Impulse Tracker Sample Parsing Buffer Overflow
- Secunia Research: Winamp Oktalyzer Parsing Integer Overflow Vulnerability
- Secunia Research: Winamp Ultratracker File Parsing Buffer Overflow
- Security Contact for Netcool at IBM?
- Sheedravi CMS SQL Injection Vulnerability
- SMF (Simple Machine Forum) 1.1.11 XSS - Discovered by : Khashayar Fereidani
- SQL-Ledger – several vulnerabilities
- Tests about semicolon zero-day (BID 37460)
- Theeta CMS (Cross Site Scripting,SQL Injection) Multiple Vulnerabilities
- TLS / SSLv3 vulnerability explained (New ways to leverage the vulnerability)
- TLS Renegotiation Vulnerability: Proof of Concept Code (Python)
- TPTI-09-08: HP OpenView NNM ovlogin.exe CGI userid/passwd Heap Overflow Vulnerability
- TPTI-09-09: HP OpenView NNM ovsessionmgr.exe userid/passwd Heap Overflow Vulnerability
- TPTI-09-10: HP OpenView NNM webappmon.exe CGI Host Header Buffer Overflow Vulnerability
- TPTI-09-11: HP OpenView NNM OvWebHelp.exe CGI Topic Heap Overflow Vulnerability
- TPTI-09-12: HP OpenView NNM ovalarm.exe CGI Accept-Language Stack Overflow Vulnerability
- TPTI-09-13: HP OpenView NNM snmpviewer.exe CGI Host Header Stack Overflow Vulnerability
- TPTI-09-14: HP OpenView NNM ovwebsnmpsrv.exe OVwSelection Stack Overflow Vulnerability
- TPTI-09-15: HP OpenView Data Protector Cell Manager Heap Overflow Vulnerability
- Trango Broadband Wireless Rogue SU Authentication Bug
- U.S. Defense Information Systems Agency (DISA) Unix Security Readiness Review (SRR) root compromise / VU#433821
- Upcoming FreeBSD Security Advisory
- UPDATE: DISA Unix SRR root compromise / CVE-2009-4211 / VU#433821
- VideoCache 1.9.2 vccleaner root vulnerability
- VMSA-2009-0017 VMware vCenter, ESX patch and vCenter Lab Manager releases address cross-site scripting issues
- Vulnerability in Joomulus for Joomla
- VUPEN Security Research - Winamp PNG and JPEG Data Integer Overflow Vulnerabilities
- WinAppDbg 1.3 is out!
- WSCreator 1.1 Blind SQL Injection
- WX Guest Book 1.1.208 (SQL/XSS) Multiple Remote Vulnerabilities
- XSS Vulnerability in JpGraph 3.0.6
- Zabbix Agent : Bypass of EnableRemoteCommands=0
- Zabbix Server : Multiple remote vulnerabilities
- ZDI-09-086: Microsoft Internet Explorer XHTML DOM Manipulation Memory Corruption Vulnerability
- ZDI-09-087: Microsoft Internet Explorer CSS Race Condition Code Execution Vulnerability
- ZDI-09-088: Microsoft Internet Explorer IFrame Attributes Circular Reference Dangling Pointer Vulnerability
- ZDI-09-089: Microsoft Windows Intel Indeo Codec Parsing Heap Overflow Vulnerability
- ZDI-09-090: Microsoft Windows Intel Indeo Codec Parsing Stack Overflow Vulnerability
- ZDI-09-091: Hewlett-Packard Application Recovery Manager MSG_PROTOCOL Stack Overflow Vulnerability
- ZDI-09-092: Adobe Flash Player JPEG Parsing Heap Overflow Vulnerability
- ZDI-09-093: Adobe Flash Player ActionScript Exception Handler Integer Overflow Vulnerability
- ZDI-09-094: Hewlett-Packard OpenView NNM Multiple Command Injection Vulnerabilities
- ZDI-09-095: Hewlett-Packard OpenView NNM Snmp.exe Oid Variable Buffer Overflow Vulnerability
- ZDI-09-096: Hewlett-Packard OpenView NNM nnmRptConfig.exe Template Variable vsprintf Overflow Vulnerability
- ZDI-09-097: Hewlett-Packard OpenView NNM nnmRptConfig.exe Template Variable strcat Overflow Vulnerability
- ZDI-09-098: Symantec Multiple Products VRTSweb.exe Remote Code Execution Vulnerability
- ZDI-09-099: Hewlett-Packard OpenView Data Protector Backup Client Service Buffer Overflow Vulnerability
- Zen Cart local file disclosure vulnerability
- {PRL} QuickHeal antivirus 2010 Local Privilege Escalation
gmail.com
Last message date: Thu Dec 31 2009 - 11:19:45 CST
Archived on: Thu Dec 31 2009 - 11:19:46 CST
318 messages sorted by: [ author ] [ date ] [ thread ]