NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 2010-06

268 messages sorted by: [ date ] [ thread ] [ subject ]

Starting: Tue Jun 01 2010 - 09:44:33 CDT
Ending: Wed Jun 30 2010 - 15:27:20 CDT

Adam Baldwin
- McAfee UTM Firewall Help Reflected Cross-Site Scripting (Wed Jun 09 2010 - 15:26:34 CDT)
advisoryhtbridge.ch
- XSS vulnerability in Grafik CMS (Tue Jun 29 2010 - 03:06:04 CDT)
- XSS vulnerability in PortalApp (Tue Jun 29 2010 - 03:05:49 CDT)
- XSS vulnerability in PortalApp (Tue Jun 29 2010 - 03:05:42 CDT)
- XSS vulnerability in Grafik CMS (Tue Jun 29 2010 - 03:05:35 CDT)
- SQL injection vulnerability in Grafik CMS (Tue Jun 29 2010 - 03:05:18 CDT)
- XSS vulnerability in PortalApp (Tue Jun 29 2010 - 03:04:58 CDT)
- SQL injection vulnerability in TomatoCMS (Tue Jun 29 2010 - 03:04:49 CDT)
- XSS vulnerability in ForumCMS (Thu Jun 24 2010 - 09:57:29 CDT)
- SQL injection vulnerability in WebDB (Thu Jun 24 2010 - 09:58:10 CDT)
- SQL injection vulnerability in WebDB (Thu Jun 24 2010 - 09:57:53 CDT)
- XSS vulnerability in the search module of synType CMS (Mon Jun 21 2010 - 02:51:47 CDT)
- Stored XSS vulnerability in synType CMS comment text field (Mon Jun 21 2010 - 02:51:40 CDT)
- XSS vulnerability in Scribe CMS (Mon Jun 21 2010 - 02:51:15 CDT)
- XSS vulnerability in Scribe CMS (Mon Jun 21 2010 - 02:50:18 CDT)
- XSS vulnerability in Scribe CMS (Mon Jun 21 2010 - 02:49:46 CDT)
- SQL injection vulnerability in MODx CMS (Fri Jun 11 2010 - 15:02:37 CDT)
- Stored XSS vulnerability in AneCMS blog module (Fri Jun 11 2010 - 15:03:41 CDT)
- SQL injection vulnerability in AneCMS (Fri Jun 11 2010 - 15:03:49 CDT)
- SQL injection vulnerability in MODx CMS and Application Framework (Fri Jun 11 2010 - 15:03:20 CDT)
- SQL injection vulnerability in MODx CMS and Application Framework (Fri Jun 11 2010 - 15:02:59 CDT)
- SQL injection vulnerability in boastMachine (Sat Jun 05 2010 - 09:43:22 CDT)
- XSS vulnerability in boastMachine (Sat Jun 05 2010 - 09:44:04 CDT)
- XSRF (CSRF) in CuteSITE CMS (Sat Jun 05 2010 - 09:43:49 CDT)
- XSS vulnerability in CuteSITE CMS (Sat Jun 05 2010 - 09:44:15 CDT)
- SQL injection vulnerability in CuteSITE CMS (Sat Jun 05 2010 - 09:43:33 CDT)
- XSS vulnerability in Ecomat CMS (Tue Jun 01 2010 - 10:37:16 CDT)
- SQL injection vulnerability in Ecomat CMS (Tue Jun 01 2010 - 10:37:36 CDT)
Alex Legler
- [ GLSA 201006-21 ] UnrealIRCd: Multiple vulnerabilities (Mon Jun 14 2010 - 14:20:25 CDT)
- [ GLSA 201006-18 ] Oracle JRE/JDK: Multiple vulnerabilities (Fri Jun 04 2010 - 00:12:18 CDT)
- [ GLSA 201006-19 ] Bugzilla: Multiple vulnerabilities (Fri Jun 04 2010 - 00:15:02 CDT)
- [ GLSA 201006-20 ] Asterisk: Multiple vulnerabilities (Fri Jun 04 2010 - 00:15:14 CDT)
- [ GLSA 201006-17 ] lighttpd: Denial of Service (Thu Jun 03 2010 - 08:01:13 CDT)
- [ GLSA 201006-16 ] GD: User-assisted execution of arbitrary code (Thu Jun 03 2010 - 08:01:08 CDT)
- [ GLSA 201006-15 ] XEmacs: User-assisted execution of arbitrary code (Thu Jun 03 2010 - 08:01:04 CDT)
- [ GLSA 201006-14 ] Newt: User-assisted execution of arbitrary code (Wed Jun 02 2010 - 16:18:32 CDT)
- [ GLSA 201006-13 ] Smarty: Multiple vulnerabilities (Wed Jun 02 2010 - 16:18:15 CDT)
- [ GLSA 201006-04 ] xine-lib: User-assisted execution of arbitrary code (Tue Jun 01 2010 - 10:39:36 CDT)
- [ GLSA 201006-03 ] ImageMagick: User-assisted execution of arbitrary code (Tue Jun 01 2010 - 10:39:32 CDT)
- [ GLSA 201006-02 ] CamlImages: User-assisted execution of arbitrary code (Tue Jun 01 2010 - 10:39:28 CDT)
- [ GLSA 201006-01 ] FreeType 1: User-assisted execution of arbitrary code (Tue Jun 01 2010 - 10:39:19 CDT)
alien DC4420
- London DEFCON June meet - DC4420 - Wed 30th June 2010 (Mon Jun 28 2010 - 11:10:33 CDT)
Andrea Di Pasquale
- ArpON (Arp handler inspectiON) 2.0 released! (Tue Jun 08 2010 - 07:31:47 CDT)
Andrew Morum
- RE: [ GLSA 201006-13 ] Smarty: Multiple vulnerabilities (Thu Jun 03 2010 - 09:57:05 CDT)
Aurelien Jarno
- [SECURITY] [DSA 2058-1] New glibc packages fix several vulnerabilities (Thu Jun 10 2010 - 03:13:46 CDT)
billaccensussecurity.com
- TitanFTP Server COMB directory traversal (Thu Jun 17 2010 - 14:56:21 CDT)
- TitanFTP Server Arbitrary File Disclosure (Tue Jun 15 2010 - 17:06:37 CDT)
Bkis
- [Bkis-02-2010] Multiple Vulnerabilities in CMS Made Simple - Bkis (Mon Jun 21 2010 - 05:36:40 CDT)
Borja Marcos
- Re: [Full-disclosure] PuTTY private key passphrase stealing attack (Tue Jun 01 2010 - 05:37:16 CDT)
Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco Application Extension Platform Privilege Escalation Vulnerability (Wed Jun 09 2010 - 11:00:00 CDT)
- Cisco Security Advisory: Vulnerabilities in Cisco Unified Contact Center Express (Wed Jun 09 2010 - 11:00:00 CDT)
CORE Security Technologies Advisories
- CORE-2010-0316 - Novell iManager Multiple Vulnerabilities (Wed Jun 23 2010 - 16:30:45 CDT)
- CORE-2010-0514: XnView MBM Processing Heap Overflow (Mon Jun 14 2010 - 15:23:14 CDT)
- [CORE-2010-0415] SQL Injection in CubeCart PHP Free & Commercial Shopping Cart Application (Tue Jun 08 2010 - 13:40:30 CDT)
Crash
- Weborf DCA-00012 Vulnerability Report (Wed Jun 23 2010 - 07:08:12 CDT)
- Dlink Di-604 router authenticated user ping tool Xss and DoS (Tue Jun 08 2010 - 17:05:11 CDT)
Cristofaro Mune
- IS-2010-005 - D-Link DAP-1160 Authentication Bypass (Tue Jun 29 2010 - 05:34:56 CDT)
- IS-2010-004 - D-Link DAP-1160 Unauthenticated Remote Configuration (Mon Jun 28 2010 - 08:49:56 CDT)
- IS-2010-003 - Linksys WAP54Gv3 debug.cgi Cross-Site Scripting (Wed Jun 23 2010 - 02:26:11 CDT)
- IS-2010-002 - Linksys WAP54Gv3 Remote Debug Root Shell (Tue Jun 08 2010 - 13:57:00 CDT)
ctu-no-replysecureworks.com
- [SWRX-2010-001] Cisco ASA HTTP Response Splitting Vulnerability (Thu Jun 24 2010 - 17:09:02 CDT)
Dan Rosenberg
- Multiple vulnerabilities in Exim (Thu Jun 03 2010 - 13:20:54 CDT)
david.kurzmajorsecurity.net
- [MajorSecurity SA-075]CMS RedAks 2.0 - SQL injection vulnerability (Sat Jun 19 2010 - 02:46:05 CDT)
- [MajorSecurity SA-074]CMS RedAks 2.0 - Multiple Cross-site Scripting issues (Thu Jun 17 2010 - 02:20:11 CDT)
- [MajorSecurity SA-073]Subdreamer CMS - SQL injection vulnerability (Mon Jun 14 2010 - 12:10:05 CDT)
- [MajorSecurity SA-071]phpFaber CMS - Multiple stored Cross-site Scripting issues (Thu Jun 10 2010 - 14:53:46 CDT)
- [MajorSecurity SA-068]Anantasoft Gazelle CMS - change admin password via Cross-site Request Forgery (Wed Jun 09 2010 - 03:15:59 CDT)
- [MajorSecurity SA-069]Invision Power Board - stored Cross site Scripting (Wed Jun 09 2010 - 03:16:51 CDT)
- [MajorSecurity SA-070]Plume CMS - change Admin Password via Cross-site Request Forgery (Wed Jun 09 2010 - 03:25:12 CDT)
Fernando Gont
- New IETF Internet-Drafts on TCP timestamps (Sat Jun 26 2010 - 04:01:32 CDT)
Florian Weimer
- [SECURITY] [DSA 2054-1] New bind9 packages fix cache poisoning (Fri Jun 04 2010 - 14:22:30 CDT)
g1xsystemwindowslive.com
- Nakid CMS (fckeditor) Remote Arbitrary File Upload Exploit (Wed Jun 16 2010 - 11:29:47 CDT)
Giuseppe Iuculano
- [SECURITY] [DSA 2063-1] New pmount packages fix denial of service (Thu Jun 17 2010 - 14:02:14 CDT)
- [SECURITY] [DSA 2062-1] New sudo packages fix environment sanitization bypass vulnerability (Thu Jun 17 2010 - 04:19:00 CDT)
- [SECURITY] [DSA 2057-1] New mysql-dfsg-5.0 packages fix several vulnerabilities (Mon Jun 07 2010 - 08:23:07 CDT)
halfdog
- Re: [Full-disclosure] PuTTY private key passphrase stealing attack (Tue Jun 01 2010 - 01:26:11 CDT)
Hugo Fortier
- Recon 2010 - Speaker list, new additional capacity for sold-out training, party details (Mon Jun 07 2010 - 13:06:23 CDT)
iDefense Labs
- iDefense Security Advisory 06.21.10: Multiple Vendor LibTIFF 3.9.2 Stack Buffer Overflow Vulnerability (Mon Jun 28 2010 - 17:43:41 CDT)
- iDefense Security Advisory 06.16.10: Samba 3.3.12 Memory Corruption Vulnerability (Wed Jun 16 2010 - 17:36:48 CDT)
- iDefense Security Advisory 06.10.10: Adobe Flash Player Use-After-Free Vulnerability (Thu Jun 10 2010 - 18:06:49 CDT)
- iDefense Security Advisory 06.10.10: Adobe Flash Player Out Of Bounds Memory Indexing Vulnerability (Thu Jun 10 2010 - 18:04:00 CDT)
- iDefense Security Advisory 06.07.10: Multiple Vendor WebKit HTML Caption Use After Free Vulnerability (Thu Jun 10 2010 - 15:50:22 CDT)
infosecuritylab.ir
- Cherokee Web Server 0.5.3 Multiple Vulnerabilities (Sat Jun 12 2010 - 09:56:42 CDT)
- Re: RE: Nginx 0.8.35 Space Character Remote Source Disclosure (Tue Jun 01 2010 - 10:42:51 CDT)
Jaison Salu John
- Re: Nakid CMS (fckeditor) Remote Arbitrary File Upload Exploit (Thu Jun 17 2010 - 04:32:41 CDT)
Jamie Strandboge
- [USN-930-3] Firefox regression (Wed Jun 30 2010 - 14:40:20 CDT)
- [USN-930-2] apturl, Epiphany, gecko-sharp, gnome-python-extras, liferea, rhythmbox, totem, ubufox, yelp update (Tue Jun 29 2010 - 16:34:41 CDT)
- [USN-930-1] Firefox and Xulrunner vulnerabilities (Tue Jun 29 2010 - 15:44:58 CDT)
- [USN-927-5] nspr update (Tue Jun 29 2010 - 14:39:17 CDT)
- [USN-927-4] nss vulnerability (Tue Jun 29 2010 - 14:21:00 CDT)
- [USN-948-1] GnuTLS vulnerability (Thu Jun 03 2010 - 18:08:54 CDT)
Jan Schejbal
- PuTTY private key passphrase stealing attack (Mon May 31 2010 - 19:47:07 CDT)
jasonngssoftware.com
- Denial-of-Service Vulnerability in IDA Pro (Mon Jun 28 2010 - 05:54:35 CDT)
- Remote Arbitrary Code Execution Vulnerability in UFO: Alien Invasion (Fri Jun 18 2010 - 15:37:12 CDT)
Jhfjjf Hfdsjj
- Re: Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly (Thu Jun 10 2010 - 13:28:03 CDT)
John Smith
- Re: DoS vulnerabilities in Firefox, Internet Explorer, Chrome and Opera (Mon May 31 2010 - 16:02:15 CDT)
Kees Cook
- [USN-954-1] tiff vulnerabilities (Mon Jun 21 2010 - 14:39:25 CDT)
- [USN-951-1] Samba vulnerability (Wed Jun 16 2010 - 12:40:05 CDT)
- [Suspected Spam][USN-947-2] Linux kernel regression (Fri Jun 04 2010 - 01:35:36 CDT)
- [Suspected Spam][USN-946-1] Net-SNMP vulnerability (Wed Jun 02 2010 - 15:30:57 CDT)
Konrad Rieck
- Extended deadline, Call for Papers EC2ND 2010 (Tue Jun 29 2010 - 06:05:37 CDT)
Kotas, Kevin J
- CA20100608-01: Security Notice for CA PSFormX and WebScan ActiveX Controls (Wed Jun 09 2010 - 11:53:56 CDT)
- CA20100603-01: Security Notice for CA ARCserve Backup (Thu Jun 03 2010 - 18:47:50 CDT)
Kyle Quest
- RE: RSA Key Manager SQL injection Vulnerability ( CVE-2010-1904 ) (Tue Jun 08 2010 - 15:06:02 CDT)
- RSA Key Manager SQL injection Vulnerability ( CVE-2010-1904 ) (Thu Jun 03 2010 - 13:26:37 CDT)
labsredteamsecure.com
- CSRF in PHPWCMS 1.4.5 (Mon Jun 21 2010 - 12:32:06 CDT)
Laurent OUDOT at TEHTRI-Security
- TEHTRI-Security released 13 0days against web tools used by evil attackers (Thu Jun 17 2010 - 12:23:10 CDT)
- TEHTRI-Security: Many 0days soon released at SyScan Singapore 2010 (Wed Jun 02 2010 - 05:12:46 CDT)
leinakesigmail.com
- Sysax Multi Server "open", "unlink", "mkdir", "scp_get" Commands DoS Vulnerabilities (Mon Jun 21 2010 - 05:31:41 CDT)
- TurboFTP Server Directory Traversal Vulnerability (Thu Jun 17 2010 - 02:30:41 CDT)
- Core FTP Server(SFTP module) 'open' and 'stat' Commands Remote Denial of Service Vulnerability (Sun Jun 06 2010 - 05:27:14 CDT)
- Core FTP mini-sftp-server Several DoS and Directory Traversal Vulnerabilities (Mon Jun 07 2010 - 03:35:47 CDT)
Mailing lists at Core Security Technologies
- Re: Nginx 0.8.35 Space Character Remote Source Disclosure (Tue Jun 01 2010 - 15:44:21 CDT)
Marc Deslauriers
- [USN-952-1] CUPS vulnerabilities (Mon Jun 21 2010 - 13:48:03 CDT)
- [USN-953-1] fastjar vulnerability (Mon Jun 21 2010 - 13:48:49 CDT)
- [USN-955-2] libpam-opie vulnerability (Mon Jun 21 2010 - 13:50:03 CDT)
- [USN-955-1] OPIE vulnerability (Mon Jun 21 2010 - 13:49:30 CDT)
- [USN-950-1] MySQL vulnerabilities (Wed Jun 09 2010 - 09:41:22 CDT)
Marc Ruef
- [scip_Advisory 4142] Skype Client for Mac Chat Unicode Denial of Service (Tue Jun 22 2010 - 02:51:14 CDT)
Marcus Meissner
- Re: [oss-security] [oCERT-2010-001] multiple http client unexpected download filename vulnerability (Wed Jun 09 2010 - 11:16:39 CDT)
Martin Schulze
- [SECURITY] [DSA 2054-2] New bind9 packages fix cache poisoning (Tue Jun 15 2010 - 15:05:57 CDT)
Michael Wojcik
- RE: Ghostscript 8.64 executes random code at startup (Mon May 31 2010 - 15:25:43 CDT)
Michal Zalewski
- ref_fuzz and other fun bugs (Mon Jun 28 2010 - 12:15:25 CDT)
- tool: ref_fuzz (CVE-2010-1259 / MS10-035 and more) (Tue Jun 08 2010 - 12:55:53 CDT)
Moritz Muehlenhoff
- [SECURITY] [DSA 2065-1] New kvirc packages fix several vulnerabilities (Sun Jun 27 2010 - 15:57:31 CDT)
- [SECURITY] [DSA 2064-1] New xulrunner packages fix several vulnerabilities (Sun Jun 27 2010 - 15:39:12 CDT)
Morris, John R. (SSRT)
- [security bulletin] HPSBUX02541 SSRT100145 rev.1 - HP-UX Running Tomcat Servlet Engine, Remote Increase in Privilege, Arbitrary File (Tue Jun 22 2010 - 12:49:14 CDT)
MustLive
- [Suspected Spam]Vulnerabilities in Cimy Counter for WordPress (Thu Jun 24 2010 - 12:48:25 CDT)
- Vulnerabilities in eSitesBuilder (Sat Jun 19 2010 - 13:28:26 CDT)
- Vulnerabilities in Firebook (Thu Jun 17 2010 - 13:57:58 CDT)
- DoS vulnerabilities in Firefox, Internet Explorer, Chrome and Opera (Sun Jun 13 2010 - 11:55:04 CDT)
- Vulnerabilities in Belavir for WordPress (Thu Jun 10 2010 - 11:26:21 CDT)
- DoS attacks on email clients via protocol handlers (Sat Jun 05 2010 - 17:32:29 CDT)
- Vulnerabilities in Gigya Socialize for WordPress (Fri Jun 04 2010 - 12:12:21 CDT)
- Re[3]: DoS vulnerabilities in Firefox, Internet Explorer, Chrome, Opera and other browsers (Thu Jun 03 2010 - 15:12:52 CDT)
- DoS vulnerabilities in Firefox, Internet Explorer, Chrome and Opera (Wed Jun 02 2010 - 15:04:12 CDT)
- DoS vulnerability in Internet Explorer (Tue Jun 01 2010 - 07:40:53 CDT)
Nico Golde
- [SECURITY] [DSA 2061-1] New samba packages fix arbitrary code execution (Wed Jun 16 2010 - 15:40:50 CDT)
- [SECURITY] [DSA 2060-1] New cacti packages fix SQL injection (Sun Jun 13 2010 - 10:27:18 CDT)
- [SECURITY] [DSA 2055-1] New OpenOffice.org packages fix arbitrary code execution (Sat Jun 05 2010 - 12:40:15 CDT)
Nicolas Grégoire
- SFCB vulnerabilities (Tue Jun 01 2010 - 15:12:16 CDT)
nitrØus
- Trend Micro Data Loss Prevention 5.2 Data Leakage (Tue Jun 01 2010 - 20:11:29 CDT)
NSO Research
- NSOADV-2010-009: AnNoText Third-Party ActiveX Control file overwrite vulnerability (Sat Jun 19 2010 - 10:51:05 CDT)
- NSOADV-2010-008: AnNoText Third-Party ActiveX Control Buffer Overflow (Sat Jun 19 2010 - 10:50:59 CDT)
Onapsis Research Labs
- [Onapsis Security Advisory 2010-005] SAP J2EE Telnet Administration Security Check Bypass (Wed Jun 16 2010 - 15:38:31 CDT)
- Onapsis Research Labs: Onapsis Bizploit - The opensource ERP Penetration Testing framework (Tue Jun 01 2010 - 09:31:25 CDT)
Patrick Webster
- Paessler - PRTG Traffic Grapher XSS (Tue Jun 08 2010 - 07:56:31 CDT)
Paul Craig
- Microsoft Help Files (.CHM): 'Locked File' Feature Bypass (Tue Jun 22 2010 - 21:05:56 CDT)
praveen_reckersify.com
- Winamp v5.571 malicious AVI file handling DoS Vulnerability (Mon May 31 2010 - 07:32:39 CDT)
reply-to-listmailinator.com
- RE: Nginx 0.8.35 Space Character Remote Source Disclosure (Mon May 31 2010 - 19:02:05 CDT)
research
- PR09-17: Juniper Secure Access seriers (Juniper IVE) authenticated XSS & REDIRECTION (Thu Jun 10 2010 - 03:33:41 CDT)
Reversemode
- [0day] Microsoft mshtml.dll CTimeoutEventList::InsertIntoTimeoutList memory leak (Tue Jun 29 2010 - 17:04:47 CDT)
Riyaz Walikar
- [20100501] - Core - Joomla! Multiple XSS Vulnerabilities in Back End Administrative Module Core Components (Tue Jun 01 2010 - 16:19:40 CDT)
Rob Fuller
- Re: [Full-disclosure] PuTTY private key passphrase stealing attack (Tue Jun 01 2010 - 00:07:39 CDT)
robaccensussecurity.com
- Re: Sysax Multi Server "open", "unlink", "mkdir", "scp_get" Commands DoS Vulnerabilities (Sat Jun 26 2010 - 18:45:59 CDT)
s2-security
- CVE-2010-1622: Spring Framework execution of arbitrary code (Fri Jun 18 2010 - 05:05:28 CDT)
salchomangmail.com
- SAP's web module OLK SQL Injection vulnerability (Tue Jun 29 2010 - 13:44:28 CDT)
Sandro Gauci
- Applicure dotDefender 4.0 administrative interface cross site scripting (Tue Jun 01 2010 - 13:16:46 CDT)
Sebastien Delafond
- [SECURITY] [DSA 2056-1] New zonecheck packages fix cross-site scripting (Sun Jun 06 2010 - 09:36:20 CDT)
Secunia Research
- Secunia Research: Joomla BookLibrary Component Four SQL Injection Vulnerabilities (Wed Jun 30 2010 - 06:06:07 CDT)
- Secunia Research: Adobe Reader GIF Image Parsing Array-Indexing Vulnerability (Wed Jun 30 2010 - 02:55:01 CDT)
- Secunia Research: Adobe Reader JPEG Uninitialised Memory Vulnerability (Wed Jun 30 2010 - 02:54:39 CDT)
- Secunia Research: TaskFreak "tznMessage" Cross-Site Scripting Vulnerability (Tue Jun 29 2010 - 10:09:34 CDT)
- Secunia Research: TaskFreak "password" SQL Injection Vulnerability (Tue Jun 29 2010 - 10:09:25 CDT)
- Secunia Research: Creative Software AutoUpdate Engine 2 ActiveX Control Buffer Overflow (Fri Jun 11 2010 - 05:32:59 CDT)
security curmudgeon
- Re: SQL injection vulnerability in boastMachine (Sun Jun 13 2010 - 01:41:09 CDT)
security-alerthp.com
- [security bulletin] HPSBUX02544 SSRT100107 rev.1 - HP-UX Running Kerberos, Remote Denial of Service (DoS), Execution of Arbitrary Code (Thu Jun 24 2010 - 21:02:46 CDT)
- [security bulletin] HPSBMA02439 SSRT080082 rev.2 - HP OpenView SNMP Emanate Master Agent Running on HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Access (Wed Jun 23 2010 - 08:24:19 CDT)
- [security bulletin] HPSBUX02543 SSRT100152 rev.1 - HP-UX Running Apache with PHP, Remote Denial of Service (DoS), Unauthorized Access, (Thu Jun 17 2010 - 12:44:54 CDT)
- [security bulletin] HPSBOV02540 SSRT090249 rev.1 - HP SSL for OpenVMS, Remote Unauthorized Data Injection, Denial of Service(Dos) (Wed Jun 16 2010 - 17:02:17 CDT)
- [security bulletin] HPSBPI02532 SSRT100111 rev.2 - HP MFP Digital Sending Software Running on Windows, Local Unauthorized Access (Sat Jun 12 2010 - 11:13:51 CDT)
- [security bulletin] HPSBMA02537 SSRT010027 rev.2 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code (Mon Jun 14 2010 - 13:45:02 CDT)
- [security bulletin] HPSBMA02537 SSRT010027 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code (Tue Jun 08 2010 - 13:55:23 CDT)
- [security bulletin] HPSBUX02451 SSRT090137 rev.3 - HP-UX Running BIND, Remote Denial of Service (DoS) (Fri Jun 04 2010 - 16:21:36 CDT)
- [security bulletin] HPSBMA02538 SSRT100136 rev.1 - HP ServiceCenter Running on AIX, HP-UX, Linux, Solaris, and Windows, Remote Cross Site Scripting (XSS) (Thu Jun 03 2010 - 08:32:58 CDT)
- [security bulletin] HPSBST02536 SSRT100057 rev.1 - HP StorageWorks Storage Mirroring, Remote Unauthorized Access (Thu Jun 03 2010 - 08:25:20 CDT)
- [security bulletin] HPSBUX02531 SSRT100108 rev.1 - HP-UX Running Apache-based Web Server, Remote Denial of Service (DoS), Unauthorized Access (Wed Jun 02 2010 - 17:33:47 CDT)
- [security bulletin] HPSBUX02524 SSRT100089 rev.1 - HP-UX Running Java, Remote Execution of Arbitrary Code, Disclosure of Information, and Other Vulnerabilities (Wed Jun 02 2010 - 17:02:58 CDT)
securitymandriva.com
- [ MDVSA-2010:126 ] mozilla-thunderbird (Thu Jun 24 2010 - 10:06:00 CDT)
- [ MDVSA-2010:125 ] firefox (Thu Jun 24 2010 - 03:40:00 CDT)
- [ MDVSA-2010:124 ] pulseaudio (Wed Jun 23 2010 - 19:41:00 CDT)
- [ MDVSA-2010:123 ] libneon0.27 (Wed Jun 23 2010 - 12:31:01 CDT)
- [ MDVSA-2010:122 ] fastjar (Tue Jun 22 2010 - 15:52:00 CDT)
- [ MDVSA-2010:121 ] pango (Tue Jun 22 2010 - 10:56:01 CDT)
- [ MDVSA-2010:120 ] squirrelmail (Mon Jun 21 2010 - 10:43:00 CDT)
- [ MDVSA-2010:119 ] samba (Thu Jun 17 2010 - 10:37:00 CDT)
- [ MDVSA-2010:118 ] sudo (Thu Jun 17 2010 - 08:23:00 CDT)
- [ MDVSA-2010:117 ] cacti (Wed Jun 16 2010 - 13:09:00 CDT)
- [ MDVSA-2010:116 ] perl (Fri Jun 11 2010 - 17:09:00 CDT)
- [ MDVSA-2010:115 ] perl (Fri Jun 11 2010 - 16:12:00 CDT)
- [ MDVSA-2010:114 ] dhcp (Fri Jun 11 2010 - 07:51:00 CDT)
- [ MDVSA-2010:113 ] wireshark (Thu Jun 10 2010 - 09:41:00 CDT)
- [ MDVSA-2010:111 ] glibc (Tue Jun 08 2010 - 11:33:00 CDT)
security_alertemc.com
- Re: RSA Key Manager SQL injection Vulnerability ( CVE-2010-1904 ) (Sat Jun 05 2010 - 09:38:55 CDT)
sk
- Wing FTP Server PORT Command DoS Vulnerability (Mon Jun 21 2010 - 01:46:58 CDT)
Solar Designer
- Re: [oss-security] [oCERT-2010-001] multiple http client unexpected download filename vulnerability (Fri Jun 11 2010 - 03:53:25 CDT)
Stefan Behte
- [ GLSA 201006-12 ] Fetchmail: Multiple vulnerabilities (Wed Jun 02 2010 - 11:48:40 CDT)
- [ GLSA 201006-11 ] BIND: Multiple vulnerabilities (Wed Jun 02 2010 - 11:47:45 CDT)
- [ GLSA 201006-10 ] multipath-tools: World-writeable socket (Wed Jun 02 2010 - 11:45:35 CDT)
Stefan Kanthak
- Nuance OmniPage 16 Professional installs multiple vulnerable Microsoft runtime libraries (Sat Jun 26 2010 - 09:29:29 CDT)
Susan Bradley
- Re: Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly (Thu Jun 10 2010 - 11:02:37 CDT)
- Re: Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly (Thu Jun 10 2010 - 11:26:47 CDT)
- Re: Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly (Thu Jun 10 2010 - 10:36:09 CDT)
swbaesshinbiro.com
- Re: Dlink Di-604 router authenticated user ping tool Xss and DoS (Tue Jun 15 2010 - 20:48:53 CDT)
Tavis Ormandy
- Re: Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly (Thu Jun 10 2010 - 11:16:09 CDT)
- Re: Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly (Thu Jun 10 2010 - 11:00:07 CDT)
- Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly (Wed Jun 09 2010 - 18:46:21 CDT)
Thijs Kinkhorst
- [SECURITY] [DSA 2059-1] New pcsc-lite packages fix privilege escalation (Thu Jun 10 2010 - 13:59:47 CDT)
Thor (Hammer of God)
- RE: [Full-disclosure] Microsoft Help Files (.CHM): 'Locked File' Feature Bypass (Wed Jun 23 2010 - 10:23:27 CDT)
Tiago Ferreira Barbosa
- Apache Axis Session Fixation Vulnerability (Wed Jun 23 2010 - 09:28:52 CDT)
Tobias Heinlein
- [ GLSA 201006-09 ] sudo: Privilege escalation (Tue Jun 01 2010 - 10:44:17 CDT)
- [ GLSA 201006-08 ] nano: Multiple vulnerabilities (Tue Jun 01 2010 - 10:43:39 CDT)
- [ GLSA 201006-07 ] SILC: Multiple vulnerabilities (Tue Jun 01 2010 - 10:43:12 CDT)
- [ GLSA 201006-06 ] Transmission: Multiple vulnerabilities (Tue Jun 01 2010 - 10:41:48 CDT)
- [ GLSA 201006-05 ] Wireshark: Multiple vulnerabilities (Tue Jun 01 2010 - 10:41:05 CDT)
VMware Security team
- VMSA-2010-0010 ESX 3.5 third party update for Service Console kernel (Fri Jun 25 2010 - 00:40:03 CDT)
VUPEN Security Research
- VUPEN Security Research - Adobe Acrobat and Reader "newclass" Memory Corruption Vulnerability (CVE-2010-1285) (Wed Jun 30 2010 - 09:15:05 CDT)
- VUPEN Security Research - Adobe Acrobat and Reader "pushstring" Memory Corruption Vulnerability (CVE-2010-2201) (Wed Jun 30 2010 - 09:22:14 CDT)
- VUPEN Security Research - Adobe Acrobat and Reader "newfunction" Memory Corruption Vulnerability (CVE-2010-2168) (Wed Jun 30 2010 - 09:18:01 CDT)
- VUPEN Security Research - Adobe Acrobat and Reader #1023 Tag Buffer Overflow Vulnerability (CVE-2010-2212) (Wed Jun 30 2010 - 09:11:47 CDT)
- VUPEN Security Research - Adobe Flash Player "newclass" Invalid Pointer Vulnerability (CVE-2010-2173) (Wed Jun 16 2010 - 03:44:08 CDT)
- VUPEN Security Research - Adobe Flash Player "newfunction" Invalid Pointer Vulnerability (CVE-2010-2174) (Wed Jun 16 2010 - 03:46:09 CDT)
- VUPEN Security Research - Adobe Flash Player GIF/JPEG Data Parsing Heap Overflow Vulnerabilities (CVE-2010-2167) (Wed Jun 16 2010 - 04:03:42 CDT)
- VUPEN Security Research - Microsoft Office Excel ExternName Buffer Overflow Vulnerability (CVE-2010-1249) (Tue Jun 08 2010 - 18:31:15 CDT)
- VUPEN Security Research - Microsoft Windows Kernel "GetDCEx()" Memory Corruption Vulnerability (CVE-2010-0484) (Tue Jun 08 2010 - 18:32:06 CDT)
- VUPEN Security Research - Microsoft Office Excel HFPicture Buffer Overflow Vulnerability (CVE-2010-1248) (Tue Jun 08 2010 - 18:30:52 CDT)
- VUPEN Security Research - Microsoft Office Excel WOPT Heap Corruption Vulnerability (CVE-2010-0824) (Tue Jun 08 2010 - 18:29:14 CDT)
- VUPEN Security Research - Microsoft Office Excel RTD Stack Overflow Vulnerability (CVE-2010-1246) (Tue Jun 08 2010 - 18:30:02 CDT)
- VUPEN Security Research - Microsoft Office Excel SxView Memory Corruption Vulnerability (CVE-2010-1245) (Tue Jun 08 2010 - 18:29:37 CDT)
- VUPEN Security Research - Microsoft Office Excel EDG Heap Overflow Vulnerability (CVE-2010-1250) (Tue Jun 08 2010 - 18:31:47 CDT)
- VUPEN Security Research - Microsoft Office Excel RTD Heap Corruption Vulnerability (CVE-2010-1247) (Tue Jun 08 2010 - 18:30:28 CDT)
- VUPEN Security Research - Microsoft Office Excel OBJ Stack Overflow Vulnerability (CVE-2010-0822) (Tue Jun 08 2010 - 18:28:48 CDT)
- VUPEN Security Research - Apple Safari WebKit HTML Button Use-after-free Vulnerability (CVE-2010-1392) (Tue Jun 08 2010 - 07:25:06 CDT)
VUPEN Web Security
- eFront Multiple Parameter Cross Site Scripting Vulnerabilities (Thu Jun 03 2010 - 11:43:53 CDT)
werew01f
- Wing FTP Server - Cross Site Scripting Vulnerability (Wed Jun 02 2010 - 04:35:33 CDT)
William A. Rowe Jr.
- [advisory] httpd Timeout detection flaw (mod_proxy_http) CVE-2010-2068 (Fri Jun 11 2010 - 14:50:51 CDT)
x0.rootgmail.com
- Awcm Cms Local File Inclusion Vulnerability (Wed Jun 09 2010 - 19:19:57 CDT)
xconhuayongxingan.com
- XCon 2010 XFocus Information Security Conference Call for Paper (Fri Jun 18 2010 - 02:48:03 CDT)
- The XCon2010 is coming (Tue Jun 08 2010 - 03:02:11 CDT)
Zach
- Re: Nginx 0.8.35 Space Character Remote Source Disclosure (Mon May 31 2010 - 21:26:22 CDT)
ZDI Disclosures
- ZDI-10-116: Adobe Reader CLOD Progressive Mesh Continuation Resolution Remote Code Execution Vulnerability (Wed Jun 30 2010 - 12:59:14 CDT)
- ZDI-10-115: Adobe Flash Player AVM newFrameState Integer Overfow Remote Code Execution Vulnerability (Fri Jun 25 2010 - 11:24:22 CDT)
- ZDI-10-114: Adobe Flash Player AVM2 getouterscope Opcode Remote Code Execution Vulnerability (Fri Jun 25 2010 - 11:17:31 CDT)
- ZDI-10-113: Mozilla Firefox XSLT Sort Remote Code Execution Vulnerability (Wed Jun 23 2010 - 13:06:33 CDT)
- ZDI-10-111: Adobe Flash Player LocalConnection Memory Corruption Remote Code Execution Vulnerability (Mon Jun 21 2010 - 12:16:19 CDT)
- ZDI-10-112: Novell Access Manager Arbitrary File Upload Remote Code Execution Vulnerability (Mon Jun 21 2010 - 12:39:41 CDT)
- ZDI-10-109: Adobe Flash Player Multiple Atom MP4 Parsing Remote Code Execution Vulnerability (Wed Jun 16 2010 - 14:09:59 CDT)
- ZDI-10-110: Adobe Flash Player Multiple Tag JPEG Parsing Remote Code Execution Vulnerability (Wed Jun 16 2010 - 14:13:10 CDT)
- ZDI-10-108: HP OpenView NNM ovwebsnmpsrv.exe Command Line Argument Remote Code Execution Vulnerability (Wed Jun 16 2010 - 13:30:27 CDT)
- ZDI-10-107: Multiple Sourcefire Products Static Web SSL Keys Vulnerability (Thu Jun 10 2010 - 17:53:54 CDT)
- TPTI-10-03: Sophos Anti-Virus SAVOnAccessFilter Local Privilege Escalation Vulnerability (Wed Jun 09 2010 - 16:58:57 CDT)
- ZDI-10-105: Hewlett-Packard OpenView NNM ovwebsnmpsrv.exe Bad Option Remote Code Execution Vulnerability (Tue Jun 08 2010 - 13:02:00 CDT)
- ZDI-10-102: Microsoft Internet Explorer Stylesheet Array Removal Remote Code Execution Vulnerability (Tue Jun 08 2010 - 12:33:45 CDT)
- ZDI-10-106: Hewlett-Packard OpenView NNM ovutil.dll getProxiedStorageAddress Remote Code Execution Vulnerability (Tue Jun 08 2010 - 13:04:03 CDT)
- ZDI-10-104: Microsoft Office Excel SxView Record Parsing Remote Code Execution Vulnerability (Tue Jun 08 2010 - 12:50:48 CDT)
- ZDI-10-103: Microsoft Office Excel DBQueryExt Record Unspecified ADO Object Remote Code Execution Vulnerability (Tue Jun 08 2010 - 12:45:39 CDT)
- ZDI-10-092: Apple Webkit Option Element ContentEditable Remote Code Execution Vulnerability (Tue Jun 08 2010 - 11:08:02 CDT)
- ZDI-10-100: Apple Webkit ConditionEventListener Remote Code Execution Vulnerability (Tue Jun 08 2010 - 11:54:10 CDT)
- ZDI-10-093: Apple Webkit CSS Charset Text Transformation Remote Code Execution Vulnerability (Tue Jun 08 2010 - 11:14:28 CDT)
- ZDI-10-094: Apple Webkit SelectionController via Marquee Event Remote Code Execution Vulnerability (Tue Jun 08 2010 - 11:22:52 CDT)
- ZDI-10-101: Apple Webkit SVG RadialGradiant Run-in Remote Code Execution Vulnerability (Tue Jun 08 2010 - 11:57:57 CDT)
- ZDI-10-099: Apple Webkit ProcessInstruction Target Error Message Insertion Remote Code Execution Vulnerability (Tue Jun 08 2010 - 11:47:29 CDT)
- ZDI-10-096: Apple Webkit Recursive Use Element Remote Code Execution Vulnerability (Tue Jun 08 2010 - 11:34:09 CDT)
- ZDI-10-098: Apple Webkit First-Letter Pseudo-Element Style Remote Code Execution Vulnerability (Tue Jun 08 2010 - 11:45:03 CDT)
- ZDI-10-095: Apple Webkit DOCUMENT_POSITION_DISCONNECTED Attribute Remote Code Execution Vulnerability (Tue Jun 08 2010 - 11:29:48 CDT)
- ZDI-10-091: Apple Webkit Attribute Child Removal Remote Code Execution Vulnerability (Tue Jun 08 2010 - 10:56:44 CDT)
- ZDI-10-097: Apple Webkit ContentEditable moveParagraphs Uninitialized Element Remote Code Execution Vulnerability (Tue Jun 08 2010 - 11:39:39 CDT)
- ZDI-10-090: Novell ZENworks Configuration Management Preboot Service Remote Code Execution Vulnerability (Tue Jun 01 2010 - 12:00:13 CDT)

Last message date: Wed Jun 30 2010 - 15:27:20 CDT
Archived on: Wed Jun 30 2010 - 15:27:20 CDT

268 messages sorted by: [ date ] [ thread ] [ subject ]