NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 2010-04

275 messages sorted by: [ date ] [ thread ] [ subject ]

Starting: Thu Apr 01 2010 - 10:10:25 CDT
Ending: Fri Apr 30 2010 - 14:28:06 CDT

ACROS Lists
- ACROS Security: Remote Binary Planting in VMware Tools for Windows (ASPR #2010-04-12-1) (Mon Apr 12 2010 - 11:54:58 CDT)
- ACROS Security: Local Binary Planting in VMware Tools for Windows (ASPR #2010-04-12-2) (Mon Apr 12 2010 - 11:54:58 CDT)
adminbugreport.ir
- AneCMS Multiple Vulnerabilities (Mon Apr 12 2010 - 03:21:51 CDT)
advisoriesintern0t.net
- vBulletin - Insecure Custom BBCode Tags (Thu Apr 29 2010 - 10:20:50 CDT)
advisoryhtbridge.ch
- XSS in Microsoft SharePoint Server 2007 (Wed Apr 28 2010 - 11:12:17 CDT)
- XSS vulnerability in Zikula Application Framework (Tue Apr 27 2010 - 07:03:28 CDT)
- XSS vulnerability in Zikula Application Framework (Tue Apr 27 2010 - 07:03:19 CDT)
- IP address spoofing in e107 (Tue Apr 20 2010 - 05:59:25 CDT)
- CSRF in e107 (Tue Apr 20 2010 - 05:58:20 CDT)
Agazzini Maurizio
- Re: sudoedit local privilege escalation through PATH manipulation (Thu Apr 22 2010 - 03:04:09 CDT)
- sudoedit local privilege escalation through PATH manipulation (Mon Apr 19 2010 - 06:04:44 CDT)
Albert Levi
- CfP: GameSec 2010 - Deadline is 3 weeks away! (Thu Apr 22 2010 - 02:50:50 CDT)
Alexandr Polyakov
- [DSECRG-09-049] IBM BladeCenter Management Module - DoS vulnerability (Thu Apr 15 2010 - 02:43:52 CDT)
- [DSecRG-09-053] VMware Remoute Console - format string (Thu Apr 15 2010 - 02:40:33 CDT)
Andrzej Targosz
- CONFidence 2010, 25-26th May - Call For Participation (Wed Apr 28 2010 - 17:45:49 CDT)
Angus Mann
- Adobe viewer plugin can be made to crash IE or FF (Tue Apr 27 2010 - 20:05:23 CDT)
Ansgar Wiechers
- Re: sudoedit local privilege escalation through PATH manipulation (Tue Apr 20 2010 - 01:42:32 CDT)
arun.gnyangmail.com
- Apache ActiveMQ XSS Vulnerability (Thu Apr 29 2010 - 10:19:46 CDT)
Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco Small Business Video Surveillance Cameras and Cisco 4-Port Gigabit Security Routers Authentication Bypass Vulnerability (Wed Apr 21 2010 - 10:29:09 CDT)
- Cisco Security Advisory: Cisco Secure Desktop ActiveX Control Code Execution Vulnerability (Wed Apr 14 2010 - 11:00:00 CDT)
Clear Skies Security
- Imperva SecureSphere Web Application Firewall and Database Firewall Bypass Vulnerability (Tue Apr 13 2010 - 15:18:47 CDT)
CORE Security Technologies Advisories
- CORE-2010-0406 - User Invoices Persistent XSS Vulnerability in CactuShop (Tue Apr 20 2010 - 15:51:46 CDT)
- CORE-2010-0323: XSS Vulnerability in NextGEN Gallery Wordpress Plugin (Tue Apr 06 2010 - 15:33:17 CDT)
Dan Rosenberg
- Fun with FORTIFY_SOURCE (Tue Apr 27 2010 - 13:34:35 CDT)
Dawid Golunski
- Zabbix <= 1.8.1 SQL Injection (Thu Apr 01 2010 - 04:42:01 CDT)
DeepSec Conference
- DeepSec 2010 - Call for Papers and Experts (Wed Apr 07 2010 - 17:57:22 CDT)
dlrow1991ymail.com
- Micropoint Proactive Denfense Mp110013.sys <= 1.3.10123.0 Local Privilege Escalation Exploit (Tue Apr 13 2010 - 23:12:19 CDT)
Dominik George
- Re: Widnows XP TCP/IP Stack Security Issue (ARP for non RFC 1918addresses) (Tue Apr 27 2010 - 00:06:39 CDT)
Dragos Ruiu
- EUSecWest Amsterdam 2010 Call For Papers (short deadline May 5 - conf June 16/17) (Fri Apr 30 2010 - 01:47:10 CDT)
edgard.chammasbeyond-security.org
- Vbulletin - Two-Step External Link XSS (Tue Apr 20 2010 - 02:32:00 CDT)
eidelweisscyberservices.com
- Madirish Webmail 2.01 (basedir) RFI/LFI Vulnerability (Sat Apr 24 2010 - 12:31:37 CDT)
- SmodCMS 'config.php' Arbitrary File Upload Vulnerability (Sat Apr 24 2010 - 15:36:26 CDT)
- phpegasus 'config.php' Arbitrary File Upload Vulnerability (Sun Apr 25 2010 - 08:12:52 CDT)
- In-portal 5.0.3 Remote Arbitrary File Upload Exploit (Thu Apr 22 2010 - 23:21:25 CDT)
- Nucleus CMS v.3.51 (DIR_LIBS) Multiple Vulnerability (Wed Apr 14 2010 - 13:35:50 CDT)
- 60cycleCMS (DOCUMENT_ROOT) Multiple Local File Inclusion Vulnerability (Tue Apr 13 2010 - 19:37:47 CDT)
- WinSoftMagic Photo Editor .PNG File Buffer Overflow (Thu Apr 08 2010 - 19:41:35 CDT)
- Re: DynPG CMS v4.1.0 Multiple Remote File Inclusion Vulnerability (Sun Apr 04 2010 - 13:03:25 CDT)
- Apple Safari <= Tag (heap spray) Remote Buffer Overflow Exploit (osX) (Sun Apr 04 2010 - 12:55:38 CDT)
- DynPG CMS v4.1.0 Multiple Remote File Inclusion Vulnerability (Thu Apr 01 2010 - 07:38:44 CDT)
Fabien PERIGAUD
- Cert-Lexsi - Microsoft Windows Media Services MMS Buffer Overflow Vulnerability (Wed Apr 14 2010 - 02:28:28 CDT)
fizix610hotmail.com
- Unauthenticated Filesystem Access in iomega Home Media Network Hard Drive (Tue Apr 13 2010 - 14:02:59 CDT)
gheibigmail.com
- SQL Injection in MS Access with backslash escaped input (Fri Apr 30 2010 - 05:16:39 CDT)
Giuseppe Iuculano
- [SECURITY] [DSA 2021-2] New spamass-milter packages fix regression (Mon Apr 26 2010 - 15:02:53 CDT)
- [SECURITY] [DSA 2031-1] New krb5 packages fix denial of service (Sun Apr 11 2010 - 03:43:03 CDT)
- [SECURITY] [DSA 2032-1] New libpng packages fix several vulnerabilities (Sun Apr 11 2010 - 11:56:05 CDT)
- [SECURITY] [DSA 2026-1] New netpbm-free packages fix denial of service (Fri Apr 02 2010 - 10:35:39 CDT)
Hafez Kamal
- [HITB-Announce] HITBSecConf2009 - Malaysia Videos Released! (Thu Apr 22 2010 - 23:18:03 CDT)
- [HITB-Announce] HITBSecConf2010 - Dubai - Presentation Materials (Thu Apr 22 2010 - 23:31:21 CDT)
- [HITB-Announce] FINAL CALL - CFP for HITBSecConf2010 Amsterdam (Thu Apr 08 2010 - 11:11:43 CDT)
hashdays CFP
- hashdays 2010 - Call for Papers (#days CFP) (Sat Apr 24 2010 - 08:51:32 CDT)
iDefense Labs
- iDefense Security Advisory 04.15.10: Multiple Vendor AgentX++ Integer Overflow Vulnerability (Fri Apr 16 2010 - 17:46:20 CDT)
- iDefense Security Advisory 04.15.10: Multiple Vendor AgentX++ Stack Buffer Overflow Vulnerability (Fri Apr 16 2010 - 17:27:19 CDT)
- iDefense Security Advisory 04.09.10: VMware VMnc Codec Heap Overflow Vulnerability (Fri Apr 09 2010 - 17:38:54 CDT)
info
- Hack.lu 2010 CfP (Tue Apr 06 2010 - 02:20:06 CDT)
infosecuritylab.ir
- Ziggurat CMS Multiple Vulnerabilities (Thu Apr 15 2010 - 03:12:56 CDT)
- Vana CMS Remote File Download (Tue Apr 13 2010 - 01:28:58 CDT)
Ivan Jager
- Re: STP mitm attack idea (Thu Apr 29 2010 - 12:21:32 CDT)
J. Oquendo
- Juniper SRX Critical Denial of Service Vulnerability (Thu Apr 01 2010 - 11:08:34 CDT)
Jacopo Cappellato
- [CVE-2010-0432] Apache OFBiz Multiple XSS Vulnerabilities (Wed Apr 14 2010 - 14:27:23 CDT)
James Martin
- Re: Vulnerability in CB Captcha for Joomla and Mambo (Fri Apr 16 2010 - 13:06:13 CDT)
Jamie Strandboge
- [USN-934-1] Netpbm vulnerability (Thu Apr 29 2010 - 20:52:38 CDT)
- [USN-933-1] PostgreSQL vulnerability (Wed Apr 28 2010 - 20:56:23 CDT)
- [USN-929-2] irssi regression (Tue Apr 20 2010 - 12:37:17 CDT)
- [USN-932-1] KDM vulnerability (Mon Apr 19 2010 - 18:17:21 CDT)
- [USN-890-6] CMake vulnerabilities (Thu Apr 15 2010 - 14:40:13 CDT)
- [USN-929-1] irssi vulnerabilities (Thu Apr 15 2010 - 19:39:56 CDT)
- [USN-928-1] Sudo vulnerability (Thu Apr 15 2010 - 11:33:58 CDT)
- [USN-920-1] Firefox 3.0 and Xulrunner vulnerabilities (Fri Apr 09 2010 - 19:24:43 CDT)
- [USN-927-2] NSS regression (Sun Apr 11 2010 - 10:35:15 CDT)
- [USN-927-1] NSS vulnerability (Fri Apr 09 2010 - 17:44:30 CDT)
- [USN-921-1] Firefox 3.5 and Xulrunner vulnerabilities (Fri Apr 09 2010 - 17:45:24 CDT)
- [USN-927-3] Thunderbird regression (Sun Apr 11 2010 - 17:42:48 CDT)
- [USN-624-2] Erlang vulnerability (Thu Apr 08 2010 - 20:43:15 CDT)
- [USN-926-1] ClamAV vulnerabilities (Thu Apr 08 2010 - 16:43:03 CDT)
- [USN-925-1] MoinMoin vulnerabilities (Thu Apr 08 2010 - 12:26:42 CDT)
Jan Schejbal
- Miranda TLS MitM with XMPP/Jabber protocol (Mon Apr 05 2010 - 20:04:42 CDT)
Jann Horn
- Re: STP mitm attack idea (Wed Apr 28 2010 - 11:20:55 CDT)
Jason T. Masker
- Re: STP mitm attack idea (Wed Apr 28 2010 - 16:26:09 CDT)
Jean-Christophe Baptiste
- Re: STP mitm attack idea (Thu Apr 29 2010 - 13:22:03 CDT)
Joel Maslak
- Re: STP mitm attack idea (Thu Apr 29 2010 - 12:53:47 CDT)
Joxean Koret
- Hackproofing Oracle Financials 11i & R12 (Thu Apr 15 2010 - 14:18:50 CDT)
k g
- Conference on Cyber Conflict: speakers selected! (Mon Apr 26 2010 - 09:12:38 CDT)
Kees Cook
- [USN-924-1] Kerberos vulnerabilities (Wed Apr 07 2010 - 00:51:51 CDT)
- [USN-923-1] OpenJDK vulnerabilities (Wed Apr 07 2010 - 00:51:23 CDT)
- [USN-922-1] libnss-db vulnerability (Wed Mar 31 2010 - 14:41:01 CDT)
Kotas, Kevin J
- CA20100406-01: Security Notice for CA XOsoft (Tue Apr 06 2010 - 13:19:35 CDT)
Laurent OUDOT at TEHTRI-Security
- HITBSecConf DUBAI 2010: Learn more about web attacks and stealth hacking (Mon Apr 12 2010 - 08:57:01 CDT)
lilf
- WinMount MOU File Handling Overflow Vulnerability (Sat Apr 17 2010 - 00:30:11 CDT)
lis cker
- A XSS in User_ChkLogin.asp of PowerEasy 2006 (Sat Apr 24 2010 - 02:10:05 CDT)
Luciano Bello
- [SECURITY] [DSA 2028-1] New xpdf packages fix several vulnerabilities (Mon Apr 05 2010 - 10:23:30 CDT)
Major Malfunction
- London DEFCON April meet - DC4420 - Wed 28th April 2010 (Wed Apr 21 2010 - 13:07:22 CDT)
Marc Deslauriers
- [USN-931-2] FFmpeg regression (Mon Apr 26 2010 - 08:54:01 CDT)
- [USN-931-1] FFmpeg vulnerabilities (Mon Apr 19 2010 - 13:34:01 CDT)
Mark Janssen
- Call for participation -- Eth0:2010 Summer (Wed Apr 21 2010 - 08:40:01 CDT)
Mark Thomas
- [SECURITY] CVE-2010-1157: Apache Tomcat information disclosure vulnerability (Wed Apr 21 2010 - 17:20:41 CDT)
Matteo Valenza
- Re: Vulnerability in CB Captcha for Joomla and Mambo (Fri Apr 16 2010 - 12:08:26 CDT)
Matthias -apoc- Hecker
- TCPDF Library Remote Code Execution Vulnerability (Thu Apr 08 2010 - 00:10:34 CDT)
md.r00t.defacergmail.com
- BPstyle - Graphic studio SQL Injection Vulnerabilities (Fri Apr 30 2010 - 03:14:49 CDT)
- IWD Group SQL Injection Vulnerabilities (Thu Apr 22 2010 - 13:53:15 CDT)
Mehdi Mahdjoub - Sysdream IT Security Services
- Vulnerability Centreon IT & Network Monitoring v2.1.5 (Fri Apr 02 2010 - 04:41:01 CDT)
Mehdi Mahdjoub [SYSDREAM]
- CompleteFTP v3.3.0 - Remote Memory Consumption DoS (Mon Apr 19 2010 - 06:46:02 CDT)
michael.muellerintegralis.com
- XSS and Content Injection in HTC Windows Mobile SMS Preview PopUp (Thu Apr 22 2010 - 10:29:57 CDT)
Moritz Muehlenhoff
- [SECURITY] [DSA 2027-1] New xulrunner packages fix several vulnerabilities (Sat Apr 03 2010 - 12:50:19 CDT)
Morris, John R. (SSRT)
- [security bulletin] HPSBUX02508 SSRT100007 rev.2 - HP-UX Running sendmail with STARTTLS Enabled, Remote Unauthorized Access (Mon Apr 26 2010 - 08:33:12 CDT)
mu-b
- NovaStor NovaNet <= 13.0 issues (Mon Apr 26 2010 - 07:07:23 CDT)
MustLive
- Vulnerabilities in CCMS (Thu Apr 29 2010 - 13:23:55 CDT)
- Re: Vulnerability in CB Captcha for Joomla and Mambo (Wed Apr 28 2010 - 13:33:13 CDT)
- Re: New vulnerabilities in CMS SiteLogic (Mon Apr 26 2010 - 09:16:23 CDT)
- Vulnerability in Referer for DataLife Engine (Fri Apr 23 2010 - 13:30:56 CDT)
- Vulnerabilities in NovaBoard (Wed Apr 21 2010 - 15:45:33 CDT)
- Re: Vulnerability in CB Captcha for Joomla and Mambo (Fri Apr 16 2010 - 15:33:04 CDT)
- [Suspected Spam]New vulnerabilities in CMS SiteLogic (Sun Apr 18 2010 - 10:05:14 CDT)
- Vulnerability in CB Captcha for Joomla and Mambo (Thu Apr 15 2010 - 06:22:35 CDT)
- Insufficient Anti-automation and Denial of Service vulnerabilities in multiple systems (Mon Apr 12 2010 - 15:38:20 CDT)
- Vulnerabilities in CMS SiteLogic (Sat Apr 10 2010 - 11:41:25 CDT)
- Re: Vulnerabilities in Dunia Soccer (Fri Apr 09 2010 - 12:30:02 CDT)
- Vulnerabilities in phpCOIN (Fri Apr 09 2010 - 08:09:56 CDT)
- Vulnerabilities in CMS SiteLogic (Thu Apr 08 2010 - 11:53:59 CDT)
- Vulnerabilities in Dunia Soccer (Wed Apr 07 2010 - 13:15:44 CDT)
- Vulnerabilities in TAK cms (Mon Apr 05 2010 - 15:34:07 CDT)
- Vulnerabilities in HoloCMS (Fri Apr 02 2010 - 12:59:43 CDT)
nantjoomlapolis.com
- Re: Vulnerability in CB Captcha for Joomla and Mambo (Sun Apr 18 2010 - 13:54:37 CDT)
- Re: Vulnerability in CB Captcha for Joomla and Mambo (Fri Apr 16 2010 - 09:04:50 CDT)
news
- Re: STP mitm attack idea (Thu Apr 29 2010 - 01:19:58 CDT)
Nico Golde
- [SECURITY] [DSA 2030-1] New mahara packages fix sql injection (Tue Apr 06 2010 - 13:43:48 CDT)
- [SECURITY] [DSA 2029-1] New imlib2 packages fix arbitrary code execution (Mon Apr 05 2010 - 14:03:08 CDT)
nicolas.grandjeanconix.fr
- CSRF Vulnerability in OSSIM 2.2.1 (Thu Apr 01 2010 - 07:14:20 CDT)
nonegmail.com
- Re: Re: Vulnerability in CB Captcha for Joomla and Mambo (Mon Apr 19 2010 - 18:38:20 CDT)
Paul Schmehl
- Re: Widnows XP TCP/IP Stack Security Issue (ARP for non RFC 1918 addresses) (Mon Apr 26 2010 - 15:16:13 CDT)
Przemyslaw Borkowski
- STP mitm attack idea (Tue Apr 27 2010 - 12:55:07 CDT)
r.stcomcast.net
- Re: Widnows XP TCP/IP Stack Security Issue (ARP for non RFC 1918addresses) (Mon Apr 26 2010 - 13:24:42 CDT)
researchsecpod.com
- Apache ActiveMQ is prone to source code disclosure vulnerability. (Thu Apr 22 2010 - 09:43:10 CDT)
Reversemode
- JAVA web start arbitrary command-line injection - "-XXaltjvm" arbitrary dll loading (0day) (Fri Apr 09 2010 - 08:30:18 CDT)
Roberto Suggi Liverani
- Security-Assessment.com WhitePaper/Addendum: Cross Context Scripting with Firefox & Exploiting Cross Context Scripting vulnerabilities in Firefox (Wed Apr 21 2010 - 18:27:33 CDT)
Salvatore Fresta aka Drosophila
- New vulnerabilities in CMS SiteLogic (Mon Apr 26 2010 - 09:41:34 CDT)
- Re: [Suspected Spam]New vulnerabilities in CMS SiteLogic (Mon Apr 19 2010 - 14:12:05 CDT)
Secunia Research
- Secunia Research: Internet Download Manager FTP Buffer Overflow Vulnerability (Fri Apr 30 2010 - 05:07:19 CDT)
- Secunia Research: imlib2 "IMAGE_DIMENSIONS_OK()" Logic Error (Wed Apr 21 2010 - 02:42:43 CDT)
- Secunia Research: e107 Content Management Plugin Script Insertion Vulnerability (Mon Apr 19 2010 - 03:06:26 CDT)
- Secunia Research: e107 Avatar/Photograph Image File Upload Vulnerability (Mon Apr 19 2010 - 03:06:44 CDT)
- Secunia Research: Visualization Library DAT File Parsing Vulnerabilities (Wed Apr 14 2010 - 05:19:36 CDT)
- Secunia Research: VMWare VMnc Codec HexTile Encoding Buffer Overflow (Fri Apr 09 2010 - 08:16:19 CDT)
- Secunia Research: VMWare VMnc Codec HexTile Encoding Two Integer Truncation Vulnerabilities (Fri Apr 09 2010 - 08:16:31 CDT)
- Secunia Research: Pulse CMS Cross-Site Request Forgery (Fri Apr 09 2010 - 03:07:41 CDT)
- Secunia Research: Pulse CMS Arbitrary File Upload Vulnerability (Fri Apr 09 2010 - 03:07:27 CDT)
security-alerthp.com
- [security bulletin] HPSBMA02525 SSRT100083 rev.1 - HP System Insight Manager Running on HP-UX, Linux, and Windows , Remote Cross Site Scripting (XSS), Cross Site Request Forgery (CSRF), Privilege Elevation (Tue Apr 27 2010 - 14:49:08 CDT)
- [security bulletin] HPSBMA02488 SSRT100013 rev.2 - HP ProLiant Support Pack 8.30 for Windows, Remote Code Execution, Information Disclosure (Mon Apr 26 2010 - 15:08:01 CDT)
- [security bulletin] HPSBUX02519 SSRT100004 rev.1 - HP-UX Running BIND, Remote Compromise of NXDOMAIN Responses (Wed Apr 21 2010 - 21:36:45 CDT)
- [security bulletin] HPSBMA02492 SSRT100079 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Cross Site Scripting (XSS), Denial of Service (DoS), Execution of Arbitrary Code, Unauthorized Access (Thu Apr 22 2010 - 08:27:27 CDT)
- [security bulletin] HPSBMA02494 SSRT090168 rev.1 - HP Virtual Machine Manager (VMM) for Windows, Remote Unauthorized Access, Privilege Elevation (Thu Apr 22 2010 - 09:23:52 CDT)
- [security bulletin] HPSBUX02508 SSRT100007 rev.2 - HP-UX Running sendmail with STARTTLS Enabled, Remote Unauthorized Access (Tue Apr 20 2010 - 18:21:54 CDT)
- [security bulletin] HPSBMA02491 SSRT100060 rev.1 - HP Operations Manager for Windows, Remote Execution of Arbitrary Code (Tue Apr 20 2010 - 08:15:33 CDT)
- [security bulletin] HPSBUX02518 SSRT100051 rev.1 - HP-UX, Local Denial of Service (DoS) (Mon Apr 19 2010 - 16:11:15 CDT)
- [security bulletin] HPSBUX02517 SSRT100058 rev.2 - HP-UX Running OpenSSL, Remote Unauthorized Information Disclosure, Unauthorized Data Modification, Denial of Service (DoS) (Mon Apr 19 2010 - 17:54:49 CDT)
- [security bulletin] HPSBUX02517 SSRT100058 rev.1 - HP-UX Running OpenSSL, Remote Unauthorized Information Disclosure, Unauthorized Data Modification, Denial of Service (DoS) (Tue Apr 13 2010 - 17:32:46 CDT)
- [security bulletin] HPSBPI02398 SSRT080166 rev.5 - Certain HP LaserJet Printers, HP Color LaserJet Printers, and HP Digital Senders, Remote Unauthorized Access to Files (Tue Apr 13 2010 - 08:09:53 CDT)
- [security bulletin] HPSBMA02490 SSRT090222 rev.2 - HP SOA Registry Foundation, Remote Unauthorized Access to Data, Cross Site Scripting (XSS), Privilege Escalation (Fri Apr 02 2010 - 12:11:05 CDT)
securitymandriva.com
- [ MDVSA-2010:088 ] kernel (Fri Apr 30 2010 - 13:44:01 CDT)
- [ MDVSA-2010:086 ] kdegraphics (Thu Apr 29 2010 - 11:46:00 CDT)
- [ MDVSA-2010:087 ] poppler (Thu Apr 29 2010 - 14:07:00 CDT)
- [ MDVSA-2009:332-1 ] gimp (Wed Apr 28 2010 - 15:00:01 CDT)
- [ MDVSA-2010:085 ] pidgin (Wed Apr 28 2010 - 13:51:00 CDT)
- [ MDVSA-2010:078-1 ] sudo (Wed Apr 28 2010 - 12:56:01 CDT)
- [ MDVSA-2010:084 ] java-1.6.0-openjdk (Wed Apr 28 2010 - 07:31:01 CDT)
- [ MDVSA-2010:071 ] mozilla-thunderbird (Fri Apr 23 2010 - 11:31:00 CDT)
- [ MDVSA-2010:070-1 ] firefox (Tue Apr 20 2010 - 13:53:00 CDT)
- [ MDVSA-2010:083 ] emacs (Tue Apr 20 2010 - 08:24:00 CDT)
- [ MDVSA-2010:076-1 ] openssl (Mon Apr 19 2010 - 16:18:00 CDT)
- [ MDVSA-2010:082 ] clamav (Sun Apr 18 2010 - 12:45:00 CDT)
- [ MDVSA-2010:079 ] irssi (Sat Apr 17 2010 - 12:56:00 CDT)
- [ MDVSA-2010:077 ] nss_db (Sat Apr 17 2010 - 09:39:00 CDT)
- [ MDVSA-2010:078 ] sudo (Sat Apr 17 2010 - 10:08:00 CDT)
- [ MDVSA-2010:081 ] apache-mod_auth_shadow (Sun Apr 18 2010 - 11:21:01 CDT)
- [ MDVSA-2010:076 ] openssl (Sat Apr 17 2010 - 11:49:00 CDT)
- [ MDVSA-2010:080 ] brltty (Sat Apr 17 2010 - 14:40:00 CDT)
- [ MDVSA-2010:075 ] openoffice.org (Thu Apr 15 2010 - 16:31:00 CDT)
- [ MDVSA-2010:074 ] kdebase (Thu Apr 15 2010 - 13:41:01 CDT)
- [ MDVSA-2010:073-1 ] cups (Wed Apr 14 2010 - 11:59:01 CDT)
- [ MDVSA-2010:073 ] cups (Wed Apr 14 2010 - 11:25:02 CDT)
- [ MDVSA-2010:071 ] krb5 (Tue Apr 13 2010 - 17:03:01 CDT)
- [ MDVSA-2010:072 ] cups (Wed Apr 14 2010 - 09:37:00 CDT)
- [ MDVSA-2010:070 ] firefox (Tue Apr 13 2010 - 11:50:00 CDT)
- [ MDVSA-2010:069 ] nss (Tue Apr 06 2010 - 19:39:00 CDT)
sinner
- [#OUF-273299]: AVTECH Software (AVC781Viewer.dll) ActiveX Multiple Remote Vulnerabilities (Mon Apr 19 2010 - 23:30:38 CDT)
Stefan Esser
- Advisory 02/2010: MyBB Password Reset Weak Random Numbers Vulnerability (Tue Apr 13 2010 - 03:20:18 CDT)
- Advisory 01/2010: MyBB Password Reset Email BCC: Injection Vulnerability (Tue Apr 13 2010 - 02:41:14 CDT)
Stefan Fritsch
- [SECURITY] [DSA-2035-1] New apache2 packages fix several issues (Sat Apr 17 2010 - 15:58:14 CDT)
Stefan Laudat
- RE: STP mitm attack idea (Thu Apr 29 2010 - 02:22:40 CDT)
Susan Bradley
- Re: Vulnerability in CB Captcha for Joomla and Mambo (Fri Apr 16 2010 - 13:24:22 CDT)
- Re: Vulnerability in CB Captcha for Joomla and Mambo (Thu Apr 15 2010 - 14:11:29 CDT)
- Re: Vulnerabilities in phpCOIN (Fri Apr 09 2010 - 16:28:27 CDT)
- Re: Vulnerabilities in Dunia Soccer (Fri Apr 09 2010 - 14:16:00 CDT)
- Re: Vulnerabilities in Dunia Soccer (Thu Apr 08 2010 - 14:05:21 CDT)
Sébastien Delafond
- [SECURITY] [DSA 2033-1] New ejabberd packages fix denial of service (Thu Apr 15 2010 - 11:53:11 CDT)
terry white
- Re: Vulnerabilities in NovaBoard (Thu Apr 22 2010 - 16:11:53 CDT)
th_decoder126.com
- Windows 2000/XP/2003 win32k.sys SfnINSTRING local kernel Denial of Service Vulnerability (Thu Apr 22 2010 - 06:55:56 CDT)
- Windows 2000/XP/2003 win32k.sys SfnLOGONNOTIFY local kernel Denial of Service Vulnerability (Thu Apr 22 2010 - 05:28:38 CDT)
Thijs Kinkhorst
- [SECURITY] [DSA 2039-1] New cacti packages fix missing input sanitising (Fri Apr 23 2010 - 15:00:02 CDT)
- [SECURITY] [DSA 2038-1] New pidgin packages fix denial of service (Sun Apr 18 2010 - 10:47:22 CDT)
- [SECURITY] [DSA 2034-1] New phpmyadmin packages fix several vulnerabilities (Sat Apr 17 2010 - 07:35:52 CDT)
- [SECURITY] [DSA 2037-1] New kdm packages fix privilege escalation (Sat Apr 17 2010 - 16:54:51 CDT)
- [SECURITY] [DSA 2036-1] New jasper packages fix denial of service (Sat Apr 17 2010 - 16:23:29 CDT)
Timothy D. Morgan
- CVE-2009-4509: TANDBERG VCS Authentication Bypass (Fri Apr 09 2010 - 22:50:21 CDT)
Tom Yu
- MITKRB5-SA-2010-004 [CVE-2010-1320] double free in KDC (Tue Apr 20 2010 - 13:34:25 CDT)
- MITKRB5-SA-2010-003 [CVE-2010-0629] denial of service in kadmind in older krb5 releases (Tue Apr 06 2010 - 13:23:35 CDT)
Tomi Tuominen
- t2'10: Call for Papers 2010 (Helsinki / Finland) (Sun Apr 25 2010 - 08:50:02 CDT)
VMware Security team
- VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues (Fri Apr 09 2010 - 04:28:34 CDT)
- VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues (Fri Apr 09 2010 - 04:28:34 CDT)
- VMSA-2010-0006 ESX Service Console updates for samba and acpid (Thu Apr 01 2010 - 14:34:57 CDT)
VSR Advisories
- CVE-2009-4510: TANDBERG VCS Static SSH Host Keys (Fri Apr 09 2010 - 22:54:11 CDT)
- CVE-2009-4511: TANDBERG VCS Arbitrary File Retrieval (Fri Apr 09 2010 - 22:56:20 CDT)
VUPEN Security Research
- VUPEN Security Research - VMware Products Movie Decoder Heap Overflow Vulnerability (Mon Apr 12 2010 - 10:52:13 CDT)
- VUPEN Security Research - Apple Quicktime PICT Handling Heap Overflow Vulnerability (Wed Mar 31 2010 - 19:15:25 CDT)
- VUPEN Security Research - Sun Java JDK/JRE AWT Library Invalid Index Vulnerability (Wed Mar 31 2010 - 18:50:23 CDT)
- VUPEN Security Research - Sun Java JDK/JRE AWT Library Invalid Pointer Vulnerability (Wed Mar 31 2010 - 18:49:20 CDT)
- VUPEN Security Research - Apple Quicktime FLC Encoded Movie Heap Overflow Vulnerability (Wed Mar 31 2010 - 19:19:01 CDT)
- VUPEN Security Research - Sun Java JDK/JRE Unpack200 Buffer Overflow Vulnerability (Wed Mar 31 2010 - 18:56:15 CDT)
- VUPEN Security Research - Apple Quicktime PICT Processing Integer Overflow Vulnerability (Wed Mar 31 2010 - 19:14:56 CDT)
- VUPEN Security Research - Apple iTunes ColorSync Profile Integer Overflow Vulnerability (Wed Mar 31 2010 - 19:03:35 CDT)
VUPEN Web Research
- VUPEN Web Security Research - WebAsyst Shop-Script Multiple Input Validation Vulnerabilities (Wed Apr 14 2010 - 12:08:53 CDT)
- VUPEN Security Research - Adobe Acrobat and Reader GIF Data Buffer Overflow Vulnerability (Wed Apr 14 2010 - 12:13:35 CDT)
- VUPEN Security Research - Adobe Acrobat and Reader JPEG Data Buffer Overflow Vulnerability (Wed Apr 14 2010 - 12:14:16 CDT)
- VUPEN Security Research - Adobe Acrobat and Reader BMP Data Buffer Overflow Vulnerability (Wed Apr 14 2010 - 12:13:07 CDT)
- VUPEN Security Research - Adobe Acrobat and Reader PNG Data Buffer Overflow Vulnerability (Wed Apr 14 2010 - 12:15:49 CDT)
wborskeygmail.com
- Widnows XP TCP/IP Stack Security Issue (ARP for non RFC 1918 addresses) (Sat Apr 24 2010 - 20:15:56 CDT)
Williams, Dan
- RE: STP mitm attack idea (Fri Apr 30 2010 - 08:02:32 CDT)
wletgmx.net
- Re: STP mitm attack idea (Thu Apr 29 2010 - 01:31:43 CDT)
wsn1983gmail.com
- RJ-iTop Network Vulnerability Scanner System Multiple SQL Injection Vulnerabilities (Wed Apr 14 2010 - 08:12:08 CDT)
ZDI Disclosures
- ZDI-10-079: Realnetworks Helix Server NTLM Authentication Invalid Base64 Remote Code Execution Vulnerability (Wed Apr 28 2010 - 12:12:28 CDT)
- ZDI-10-078: Novell ZENworks Configuration Management UploadServlet Remote Code Execution Vulnerability (Fri Apr 23 2010 - 11:48:29 CDT)
- ZDI-10-077: Adobe Download Manager Atlcom.get_atlcom ActiveX Control Remote Code Execution Vulnerability (Wed Apr 21 2010 - 11:59:12 CDT)
- ZDI-10-076: Apple Preview libFontParser SpecialEncoding Remote Code Execution Vulnerability (Wed Apr 14 2010 - 22:00:42 CDT)
- ZDI-10-072: Cisco Secure Desktop CSDWebInstaller ActiveX Control Remote Code Execution Vulnerability (Wed Apr 14 2010 - 13:32:52 CDT)
- ZDI-10-070: Microsoft Windows Media Player Codec Retrieval Dangling Pointer Remote Code Execution Vulnerability (Tue Apr 13 2010 - 13:43:51 CDT)
- ZDI-10-074: Sun Microsystems Directory Server Enterprise ASN.1 Parsing Remote Code Execution Vulnerability (Tue Apr 13 2010 - 16:45:20 CDT)
- ZDI-10-069: Microsoft Office Publisher File Conversion TextBox Processing Buffer Overflow Vulnerability (Tue Apr 13 2010 - 13:41:46 CDT)
- ZDI-10-075: Sun Microsystems Directory Server Enterprise DSML UTF-8 Denial of Service Vulnerability (Tue Apr 13 2010 - 16:47:45 CDT)
- ZDI-10-073: Sun Microsystems Directory Server DSML-over-HTTP Username Search Denial of Service Vulnerability (Tue Apr 13 2010 - 16:42:38 CDT)
- ZDI-10-071: Adobe Reader TrueType Font Handling Remote Code Execution Vulnerability (Tue Apr 13 2010 - 13:58:49 CDT)
- ZDI-10-068: Apple QuickTime H.263 Array Index Parsing Remote Code Execution Vulnerability (Fri Apr 09 2010 - 13:01:45 CDT)
- ZDI-10-067: Apple QuickTime Pict BkPixPat Remote Code Execution Vulnerability (Tue Apr 06 2010 - 14:34:27 CDT)
- ZDI-10-066: CA XOsoft Control Service entry_point.aspx Remote Code Execution Vulnerability (Tue Apr 06 2010 - 13:25:25 CDT)
- ZDI-10-065: CA XOsoft xosoapapi.asmx Multiple Remote Code Execution Vulnerabilities (Tue Apr 06 2010 - 13:23:04 CDT)
- ZDI-10-063: Mozilla Firefox Cross Document DOM Node Moving Code Execution Vulnerability (Mon Apr 05 2010 - 16:07:43 CDT)
- ZDI-10-062: Novell Netware NWFTPD RMD/RNFR/DELE Argument Parsing Remote Code Execution Vulnerabilities (Mon Apr 05 2010 - 14:27:01 CDT)
- ZDI-10-059: Sun Java Runtime Environment JPEGImageEncoderImpl Remote Code Execution Vulnerability (Mon Apr 05 2010 - 12:28:30 CDT)
- ZDI-10-055: Sun Java Runtime Environment Mutable InetAddress Socket Policy Violation Vulnerability (Mon Apr 05 2010 - 10:29:25 CDT)
- ZDI-10-057: Sun Java Runtime Environment JPEGImageDecoderImpl Remote Code Execution Vulnerability (Mon Apr 05 2010 - 10:57:20 CDT)
- ZDI-10-052: Sun Java Runtime Environment XNewPtr Remote Code Execution Vulnerability (Mon Apr 05 2010 - 10:12:47 CDT)
- ZDI-10-050: Mozilla Firefox nsTreeSelection EventListener Remote Code Execution Vulnerability (Fri Apr 02 2010 - 13:08:44 CDT)
- ZDI-10-058: Apple Mac OS X ImageIO Framework JPEG2000 Remote Code Execution Vulnerability (Mon Apr 05 2010 - 11:22:48 CDT)
- ZDI-10-051: Sun Java Runtime RMIConnectionImpl Privileged Context Remote Code Execution Vulnerability (Mon Apr 05 2010 - 10:09:40 CDT)
- ZDI-10-049: Mozilla Firefox PluginArray nsMimeType Dangling Pointer Remote Code Execution Vulnerability (Fri Apr 02 2010 - 13:06:10 CDT)
- ZDI-10-048: Mozilla Firefox nsTreeContentView Dangling Pointer Remote Code Execution Vulnerability (Fri Apr 02 2010 - 13:01:32 CDT)
- ZDI-10-060: Sun Java Runtime Environment MixerSequencer Invalid Array Index Remote Code Execution Vulnerability (Mon Apr 05 2010 - 12:31:15 CDT)
- ZDI-10-061: Sun Java Runtime CMM readMabCurveData Remote Code Execution Vulnerability (Mon Apr 05 2010 - 12:34:25 CDT)
- ZDI-10-047: Mozilla Firefox libpr0n imgContainer Bits-Per-Pixel Change Remote Code Execution Vulnerability (Fri Apr 02 2010 - 12:56:41 CDT)
- ZDI-10-046: Mozilla Firefox Web Worker Array Remote Code Execution Vulnerability (Fri Apr 02 2010 - 12:21:48 CDT)
- ZDI-10-054: Sun Java Runtime Environment JPEGImageReader stepX Remote Code Execution Vulnerability (Mon Apr 05 2010 - 10:25:33 CDT)
- ZDI-10-045: Apple QuickTime MPEG-1 genl Atom Remote Code Execution Vulnerability (Fri Apr 02 2010 - 12:16:03 CDT)
- ZDI-10-053: Sun Java Runtime Environment MIDI File metaEvent Remote Code Execution Vulnerability (Mon Apr 05 2010 - 10:15:39 CDT)
- ZDI-10-056: Sun Java Runtime Environment Trusted Methods Chaining Remote Code Execution Vulnerability (Mon Apr 05 2010 - 10:44:28 CDT)
- ZDI-10-044: Apple QuickTime FLI LinePacket Remote Code Execution Vulnerability (Fri Apr 02 2010 - 12:01:46 CDT)
- ZDI-10-043: Apple QuickTime FlashPix NumberOfTiles Remote Code Execution Vulnerability (Fri Apr 02 2010 - 11:47:06 CDT)
- ZDI-10-042: Apple QuickTime MediaVideo Compressor Name Remote Code Execution Vulnerability (Fri Apr 02 2010 - 11:42:50 CDT)
- ZDI-10-041: Apple QuickTime QDM2/QDCA Atom Remote Code Execution Vulnerability (Fri Apr 02 2010 - 11:37:34 CDT)
- ZDI-10-040: Apple QuickTime RLE Bit Depth Remote Code Execution Vulnerability (Fri Apr 02 2010 - 11:33:53 CDT)
- ZDI-10-039: Apple OS X Internet Enabled Disk Image Remote Code Execution Vulnerability (Fri Apr 02 2010 - 11:30:57 CDT)
- ZDI-10-038: Apple QuickTime QDMC/QDM2 Remote Code Execution Vulnerability (Fri Apr 02 2010 - 11:27:49 CDT)
- ZDI-10-037: Apple QuickTime MJPEG Sample Dimensions Remote Code Execution Vulnerability (Fri Apr 02 2010 - 11:21:32 CDT)
- ZDI-10-036: Apple QuickTime H.263 PictureHeader Remote Code Execution Vulnerability (Fri Apr 02 2010 - 11:14:05 CDT)
- ZDI-10-035: Apple QuickTime genl Atom Remote Code Execution Vulnerability (Fri Apr 02 2010 - 11:07:06 CDT)
- ZDI-10-034: Microsoft Internet Explorer Tabular Data Control ActiveX Remote Code Execution Vulnerability (Fri Apr 02 2010 - 10:56:18 CDT)
- ZDI-10-033: Microsoft Internet Explorer TIME2 Behavior Remote Code Execution Vulnerability (Fri Apr 02 2010 - 10:53:22 CDT)

Last message date: Fri Apr 30 2010 - 14:28:06 CDT
Archived on: Fri Apr 30 2010 - 14:28:06 CDT

275 messages sorted by: [ date ] [ thread ] [ subject ]