NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 2011-03

321 messages sorted by: [ date ] [ thread ] [ subject ]

Starting: Tue Mar 01 2011 - 09:08:53 CST
Ending: Thu Mar 31 2011 - 12:23:31 CDT

abhijeetclubhack.com
- [Announcement] ClubHACK Magazine Issue 14-March 2011 released (Thu Mar 17 2011 - 01:17:41 CDT)
- ClubHACK Magazine: Call for Articles (Mon Mar 14 2011 - 02:03:28 CDT)
Adam Baso
- OWASP AppSec USA 2011 Call for Papers (Fri Mar 18 2011 - 07:57:07 CDT)
adminlotuscms.org
- Re: HTB22884: XSS vulnerability in LotusCMS (Sun Mar 20 2011 - 14:01:21 CDT)
Advisories Toucan-System
- TSSA-2011-01 xpdf : multiple vulnerabilities allow remote code execution (Sun Mar 27 2011 - 08:34:02 CDT)
advisoryhtbridge.ch
- HTB22931: XSS vulnerability in InTerra Blog Machine (Thu Mar 31 2011 - 07:32:12 CDT)
- HTB22908: XSRF (CSRF) in Collabtive (Thu Mar 31 2011 - 07:22:03 CDT)
- HTB22909: Path disclosure in Tine 2.0 (Thu Mar 31 2011 - 07:21:56 CDT)
- HTB22910: XSRF (CSRF) in Feng Office (Thu Mar 31 2011 - 07:21:47 CDT)
- HTB22906: XSS vulnerabilities in Collabtive (Thu Mar 31 2011 - 07:21:41 CDT)
- HTB22907: Directory Traversal in Collabtive (Thu Mar 31 2011 - 07:21:34 CDT)
- HTB22903: XSS in Spitfire CMS (Tue Mar 29 2011 - 04:54:50 CDT)
- HTB22904: Path disclosure in bbPress (Tue Mar 29 2011 - 04:54:57 CDT)
- HTB22905: Path disclosure in Wordpress (Tue Mar 29 2011 - 04:55:04 CDT)
- HTB22901: SQL injection in SyndeoCMS (Thu Mar 24 2011 - 05:53:26 CDT)
- HTB22896: SQL injection vulnerability in Ripe website manager (Thu Mar 24 2011 - 05:53:05 CDT)
- HTB22899: Path disclosure in SyndeoCMS (Thu Mar 24 2011 - 05:53:16 CDT)
- HTB22897: SQL injection vulnerability in Ripe website manager (Thu Mar 24 2011 - 05:52:59 CDT)
- HTB22902: XSS in SyndeoCMS (Thu Mar 24 2011 - 05:53:30 CDT)
- HTB22895: XSS vulnerability in Ripe website manager (Thu Mar 24 2011 - 05:53:10 CDT)
- HTB22898: XSRF (CSRF) in Ripe website manager (Thu Mar 24 2011 - 05:52:52 CDT)
- HTB22900: Multiple XSS vulnerabilities in SyndeoCMS (Thu Mar 24 2011 - 05:53:21 CDT)
- HTB22889: XSS in Rating-Widget wordpress plugin (Thu Mar 17 2011 - 07:43:01 CDT)
- HTB22890: XSS in Rating-Widget wordpress plugin (Thu Mar 17 2011 - 07:42:54 CDT)
- HTB22891: XSS in Rating-Widget wordpress plugin (Thu Mar 17 2011 - 07:42:45 CDT)
- HTB22892: Path disclosure in Smen Social Button wordpress plugin (Thu Mar 17 2011 - 07:42:39 CDT)
- HTB22893: XSS in Sodahead Polls wordpress plugin (Thu Mar 17 2011 - 07:42:30 CDT)
- HTB22894: XSS in Sodahead Polls wordpress plugin (Thu Mar 17 2011 - 07:42:21 CDT)
- HTB22887: XSS vulnerability in LotusCMS (Tue Mar 15 2011 - 08:41:45 CDT)
- HTB22886: XSRF (CSRF) in LotusCMS (Tue Mar 15 2011 - 08:41:36 CDT)
- HTB22885: XSS vulnerability in LotusCMS (Tue Mar 15 2011 - 08:41:30 CDT)
- HTB22884: XSS vulnerability in LotusCMS (Tue Mar 15 2011 - 08:41:24 CDT)
- HTB22877: Path disclosure in xt:Commerce (Tue Mar 15 2011 - 08:40:51 CDT)
- HTB22883: XSS vulnerability in LotusCMS (Tue Mar 15 2011 - 08:41:17 CDT)
- HTB22882: Path disclosure in OXID eShop (Tue Mar 15 2011 - 08:40:57 CDT)
- HTB22888: File Content Disclosure in LotusCMS (Tue Mar 15 2011 - 08:41:09 CDT)
- HTB22881: SQL injection vulnerability in CosmoShop (Thu Mar 10 2011 - 03:26:31 CST)
- HTB22879: Multiple XSS vulnerabilities in CosmoShop (Thu Mar 10 2011 - 03:26:48 CST)
- HTB22874: Path disclosure in Lazyest Gallery wordpress plugin (Thu Mar 10 2011 - 03:27:08 CST)
- HTB22878: XSS vulnerability in CosmoShop (Thu Mar 10 2011 - 03:26:55 CST)
- HTB22875: XSS in Lazyest Gallery wordpress plugin (Thu Mar 10 2011 - 03:27:01 CST)
- HTB22880: XSS vulnerability in CosmoShop (Thu Mar 10 2011 - 03:26:38 CST)
- HTB22867: XSS in PhotoSmash wordpress plugin (Tue Mar 08 2011 - 03:55:05 CST)
- HTB22868: XSS in 1 Flash Gallery wordpress plugin (Tue Mar 08 2011 - 03:54:58 CST)
- HTB22869: SQL Injection in 1 Flash Gallery wordpress plugin (Tue Mar 08 2011 - 03:53:13 CST)
- HTB22870: SQL Injection in GRAND Flash Album Gallery wordpress plugin (Tue Mar 08 2011 - 03:53:04 CST)
- HTB22871: File Content Disclosure in GRAND Flash Album Gallery wordpress plugin (Tue Mar 08 2011 - 03:52:57 CST)
- HTB22873: XSS in Inline Gallery wordpress plugin (Tue Mar 08 2011 - 03:52:41 CST)
- HTB22872: Path disclosure in Cool Video Gallery wordpress plugin (Tue Mar 08 2011 - 03:52:47 CST)
- HTB22837: Path disclosure in PrestaShop (Thu Mar 03 2011 - 05:52:14 CST)
- HTB22865: XSS vulnerability in xtcModified (Thu Mar 03 2011 - 05:52:08 CST)
- HTB22853: XSS vulnerability in Pragyan CMS (Thu Mar 03 2011 - 05:52:02 CST)
- HTB22856: XSS vulnerability in Pragyan CMS (Thu Mar 03 2011 - 05:51:56 CST)
- HTB22855: XSRF (CSRF) in Pragyan CMS (Thu Mar 03 2011 - 05:50:31 CST)
- HTB22866: XSS vulnerability in xtcModified (Thu Mar 03 2011 - 05:50:27 CST)
- HTB22857: Path disclosure in Tribiq CMS (Thu Mar 03 2011 - 05:50:21 CST)
- HTB22863: XSS vulnerability in xtcModified (Thu Mar 03 2011 - 05:50:16 CST)
- HTB22848: XSS in Mingle Forum wordpress plugin (Tue Mar 01 2011 - 02:20:42 CST)
- HTB22849: Path disclosure in Mingle Forum wordpress plugin (Tue Mar 01 2011 - 02:20:35 CST)
- HTB22858: SQL Injection in WP Forum wordpress plugin (Tue Mar 01 2011 - 02:20:28 CST)
- HTB22859: SQL Injection in WP Forum wordpress plugin (Tue Mar 01 2011 - 02:20:21 CST)
- HTB22860: SQL Injection in WP Forum wordpress plugin (Tue Mar 01 2011 - 02:20:16 CST)
- HTB22861: XSS in Question and Answer Forum wordpress plugin (Tue Mar 01 2011 - 02:20:09 CST)
- HTB22862: Path disclosure in NextGEN Gallery wordpress plugin (Tue Mar 01 2011 - 02:20:02 CST)
Alexandr Polyakov
- [DSECRG-11-014] SAP GUI (sapgui) - DLL hijacking (Wed Mar 16 2011 - 05:21:20 CDT)
- [DSECRG-11-012] SAP NetWeaver Integration Directory - multiple XSS (Wed Mar 16 2011 - 05:18:14 CDT)
- [DSECRG-11-011] SAP Crystal Reports 2008 - Multiple XSS (Wed Mar 16 2011 - 05:17:39 CDT)
- [DSECRG-11-013] SAP NetWeaver Runtime - multiple XSS (Wed Mar 16 2011 - 05:19:58 CDT)
- [DSECRG-11-010] SAP NetWeaver logon.html - XSS (Mon Mar 14 2011 - 12:54:30 CDT)
- [DSECRG-11-009] SAP NetWaver XI SOAP Adapter - XSS (Mon Mar 14 2011 - 06:40:40 CDT)
Antonio S.M
- Prestashop Cartium 1.3.3 Multiple Cross Site Scripting (XSS) (Wed Mar 02 2011 - 10:26:51 CST)
- Re: Re: prestashop vuln: sql injection submitted to bugtraq () securityfocus com (Tue Mar 01 2011 - 02:12:36 CST)
antonio_s_martinoyahoo.es
- Re: prestashop vuln: sql injection submitted to bugtraq<img src="/imgs/at.gif" border=0 align=middle>securityfocus.com (Tue Mar 01 2011 - 01:27:06 CST)
Asterisk Security Team
- AST-2011-004: (Wed Mar 16 2011 - 17:51:04 CDT)
- AST-2011-003: (Wed Mar 16 2011 - 17:50:32 CDT)
bugtraqcgisecurity.net
- Re: Vulnerabilities in some SCADA server softwares (Wed Mar 23 2011 - 17:51:24 CDT)
Casper.DikOracle.COM
- Re: Solaris 10 Port Stealing Vulnerability (Thu Mar 31 2011 - 10:18:38 CDT)
cdx.securitygmail.com
- BoutikOne Multiples SQL Injection Vulnerability (Sun Mar 13 2011 - 13:11:42 CDT)
Chris O'Regan
- RE: Solaris 10 Port Stealing Vulnerability (Wed Mar 30 2011 - 16:12:16 CDT)
- Solaris 10 Port Stealing Vulnerability (Mon Mar 28 2011 - 14:06:49 CDT)
Christian Sciberras
- Re: HTB22905: Path disclosure in Wordpress (Tue Mar 29 2011 - 10:42:27 CDT)
Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco Network Access Control Guest Server System Software Authentication Bypass Vulnerability (Wed Mar 30 2011 - 10:45:00 CDT)
- Cisco Security Advisory: Cisco Network Access Control Guest Server System Software Authentication Bypass Vulnerability (Wed Mar 30 2011 - 10:45:00 CDT)
- Cisco Security Advisory: Cisco Secure Access Control System Unauthorized Password Change Vulnerability (Wed Mar 30 2011 - 11:00:01 CDT)
- Deferral Announcement for the March 2011 Cisco IOS Software Security Advisories (Thu Mar 17 2011 - 10:58:12 CDT)
CJC
- Re: Vulnerabilities in some SCADA server softwares (Thu Mar 24 2011 - 12:50:42 CDT)
CORE Security Technologies Advisories
- CORE-2011-0208: VLC Vulnerabilities handling .AMV and .NSV files (Wed Mar 23 2011 - 15:34:45 CDT)
Crash
- [DCA-2011-0004] - Trend WebReputation API Bypass (Mon Mar 14 2011 - 13:06:32 CDT)
- [DCA-2011-0001] TP-LINK TL-WR740N Multiple Vulnerabilities - Stored XSS - Web Console and Upnp server DoS (Fri Mar 04 2011 - 07:12:35 CST)
cseye_utyahoo.com
- "WESPA PHP Newsletter v3.0" Remote Admin Password Change With install path (Mon Mar 28 2011 - 16:43:43 CDT)
- "WESPA PHP Newsletter v3.0" Remote Admin Password Change With install path (Tue Mar 29 2011 - 09:05:54 CDT)
- "Simple PHP Newsletter" Remote Admin Password Change With install path (Tue Mar 29 2011 - 09:03:20 CDT)
- "Simple PHP Newsletter" Remote Admin Password Change With install path (Mon Mar 28 2011 - 16:41:06 CDT)
cxibsecurityreason.com
- libzip 0.9.3 _zip_name_locate NULL Pointer Dereference (incl PHP 5.3.5) (Fri Mar 18 2011 - 09:14:04 CDT)
- vsftpd 2.3.2 remote denial-of-service (Tue Mar 01 2011 - 06:49:52 CST)
david.dalydionach.com
- DataDynamics Report Library CoreHandler XSS (Wed Mar 30 2011 - 05:10:13 CDT)
ddivulnalertddifrontline.com
- DDIVRT-2010-30 Alcatel-Lucent OmniVista 4760 NMS 'lang' Directory Traversal Vulnerability [ CVE-2011-0345 ] (Tue Mar 01 2011 - 08:33:05 CST)
difficult-511hotmail.com
- SnapProof (cart.php) Cross Site Scripting (Mon Feb 28 2011 - 22:20:29 CST)
eidelweisswindowslive.com
- CMS Balitbang 3.3 Arbitary File Upload Vulnerability (Mon Mar 21 2011 - 21:15:28 CDT)
- Tugux CMS (nid) BLIND sql injection vulnerability (Sun Mar 20 2011 - 03:27:19 CDT)
Flavio do Carmo Junior aka waKKu
- [DCA-2011-0003]: LMS Web Ensino - Multiple XSS, Session Fixation, CSRF and SQL Injection (Fri Mar 04 2011 - 07:19:05 CST)
- [DCA-2011-0002]: TOTVS ERP Microsiga Protheus - Users Enumeration (Fri Mar 04 2011 - 07:14:57 CST)
Florian Weimer
- [SECURITY] [DSA 2208-2] bind9 security update (Thu Mar 31 2011 - 01:49:14 CDT)
- [SECURITY] [DSA 2208-1] bind9 security update (Wed Mar 30 2011 - 14:24:29 CDT)
- [SECURITY] [DSA 2205-1] gdm3 security update (Mon Mar 28 2011 - 14:48:02 CDT)
- [SECURITY] [DSA 2197-1] quagga security update (Mon Mar 21 2011 - 14:16:03 CDT)
- [SECURITY] [DSA 2184-1] isc-dhcp security update (Sat Mar 05 2011 - 05:21:57 CST)
- [SECURITY] [DSA 2182-1] logwatch security update (Fri Mar 04 2011 - 15:02:06 CST)
- [SECURITY] [DSA 2181-1] subversion security update (Fri Mar 04 2011 - 01:46:17 CST)
- [SECURITY] [DSA 2179-1] dtc security update (Wed Mar 02 2011 - 14:57:25 CST)
- [SECURITY] [DSA 2178-1] pango1.0 security update (Wed Mar 02 2011 - 14:10:55 CST)
- [SECURITY] [DSA 2177-1] pywebdav security update (Wed Mar 02 2011 - 13:42:28 CST)
Giuseppe Iuculano
- [SECURITY] [DSA 2192-1] chromium-browser security update (Tue Mar 15 2011 - 11:31:47 CDT)
- [SECURITY] [DSA 2190-1] wordpress security update (Fri Mar 11 2011 - 09:20:25 CST)
- [SECURITY] [DSA 2188-1] webkit security update (Thu Mar 10 2011 - 06:16:11 CST)
Hafez Kamal
- [HITB-Announce] HITB Magazine Call for Articles (Tue Mar 08 2011 - 04:09:57 CST)
Hector.x90ymail.com
- XSS vulnerability in Web Poll Pro (Sat Mar 19 2011 - 10:08:53 CDT)
hfortierrecon.cx
- RECON 2011 CFP (Mon Mar 07 2011 - 08:20:21 CST)
irancrashgmail.com
- RecordPress Multiple Vulnerabilities (Wed Mar 09 2011 - 07:34:46 CST)
Ivan Buetler
- Swiss Cyber Storm 3 2011 Announcement (Fri Mar 11 2011 - 05:48:50 CST)
J. Oquendo
- Re: Vulnerabilities in some SCADA server softwares (Wed Mar 23 2011 - 15:10:43 CDT)
- Re: Vulnerabilities in some SCADA server softwares (Wed Mar 23 2011 - 13:36:38 CDT)
- Re: Vulnerabilities in some SCADA server softwares (Wed Mar 23 2011 - 11:46:41 CDT)
- Re: Vulnerabilities in some SCADA server softwares (Mon Mar 21 2011 - 12:11:32 CDT)
Jamie Riden
- Re: Vulnerabilities in some SCADA server softwares (Wed Mar 23 2011 - 15:43:35 CDT)
Jamie Strandboge
- [USN-1100-1] OpenLDAP vulnerabilities (Thu Mar 31 2011 - 09:12:03 CDT)
- [USN-1094-1] Libvirt vulnerability (Tue Mar 29 2011 - 11:44:56 CDT)
- [USN-1092-1] Linux Kernel vulnerabilities (Fri Mar 25 2011 - 10:44:07 CDT)
- [USN-1093-1] Linux Kernel vulnerabilities (Marvell Dove) (Fri Mar 25 2011 - 15:01:57 CDT)
- [USN-1050-1] Thunderbird vulnerabilities (Wed Mar 02 2011 - 21:58:20 CST)
Jim Harrison
- RE: Vulnerabilities in some SCADA server softwares (Wed Mar 23 2011 - 12:03:22 CDT)
- RE: Vulnerabilities in some SCADA server softwares (Wed Mar 23 2011 - 09:43:38 CDT)
john.doetapz.be
- weechat does not properly use gnutls and allow an attacker to bypass certificate verification (Mon Feb 28 2011 - 15:05:28 CST)
Kees Cook
- [USN-1089-1] Linux kernel vulnerabilities (Fri Mar 18 2011 - 16:55:05 CDT)
- [USN-1090-1] Linux kernel vulnerabilities (Fri Mar 18 2011 - 17:34:56 CDT)
- [USN-1085-2] tiff regression (Mon Mar 14 2011 - 22:30:10 CDT)
- [USN-1086-1] Linux kernel (EC2) vulnerabilities (Tue Mar 08 2011 - 17:53:29 CST)
- [USN-1080-2] Linux kernel vulnerabilities (Wed Mar 02 2011 - 17:14:06 CST)
- [USN-1083-1] Linux kernel vulnerabilities (Wed Mar 02 2011 - 19:11:09 CST)
- [USN-1080-1] Linux kernel vulnerabilities (Tue Mar 01 2011 - 16:58:31 CST)
- [USN-1081-1] Linux kernel vulnerabilities (Tue Mar 01 2011 - 19:26:51 CST)
- [USN-1074-2] Linux kernel vulnerabilities (Mon Feb 28 2011 - 14:02:41 CST)
Kent Borg
- Re: Vulnerabilities in some SCADA server softwares (Thu Mar 24 2011 - 12:02:18 CDT)
- Re: Vulnerabilities in some SCADA server softwares (Wed Mar 23 2011 - 10:27:46 CDT)
kyprianosathcon.org
- AthCon 2011 Announcement (Wed Mar 09 2011 - 08:41:47 CST)
labs-no-reply
- iDefense Security Advisory 03.21.11: Apple OfficeImport Framework Excel Memory Corruption Vulnerability (Mon Mar 21 2011 - 17:18:46 CDT)
- iDefense Security Advisory 03.02.11: Apple CoreGraphics Library Heap Memory Corruption Vulnerability (Wed Mar 02 2011 - 17:24:16 CST)
- iDefense Security Advisory 03.01.11: Alcatel-Lucent OmniPCX Enterprise CS CGI Cookie Buffer Overflow Vulnerability (Wed Mar 02 2011 - 15:22:34 CST)
Laurent OUDOT at TEHTRI-Security
- [TEHTRI-Security] Quick BlackBerry Security Check (Thu Mar 17 2011 - 14:53:16 CDT)
- [TEHTRI-Security] Security and iPhone iOS 4.3 Personal Hotspot feature (Mon Mar 07 2011 - 10:16:02 CST)
lazyestbrimosoft.nl
- Re: HTB22874: Path disclosure in Lazyest Gallery wordpress plugin (Fri Mar 11 2011 - 05:40:54 CST)
- Re: HTB22875: XSS in Lazyest Gallery wordpress plugin (Thu Mar 10 2011 - 10:51:34 CST)
Lists
- Wordpress plugin BackWPup Remote and Local Code Execution Vulnerability - SOS-11-003 (Sun Mar 27 2011 - 23:15:46 CDT)
Luigi Auriemma
- Re: Vulnerabilities in some SCADA server softwares (Wed Mar 23 2011 - 11:54:16 CDT)
- Re: Vulnerabilities in some SCADA server softwares (Mon Mar 21 2011 - 15:02:31 CDT)
- Heap overflow in RealPlayer 14.0.1.633 (Mon Mar 21 2011 - 11:13:39 CDT)
- Vulnerabilities in some SCADA server softwares (Mon Mar 21 2011 - 11:16:26 CDT)
Major Malfunction
- DC4420 - London DEFCON - March meet - Tuesday 22nd March 2011 (Fri Mar 11 2011 - 11:33:17 CST)
Marc Deslauriers
- [USN-1095-1] Quagga vulnerabilities (Tue Mar 29 2011 - 12:48:30 CDT)
- [USN-1097-1] Tomcat vulnerabilities (Tue Mar 29 2011 - 12:50:27 CDT)
- [USN-1096-1] Subversion vulnerability (Tue Mar 29 2011 - 12:49:11 CDT)
- [USN-1098-1] vsftpd vulnerability (Tue Mar 29 2011 - 13:13:37 CDT)
- [USN-1084-1] avahi vulnerability (Mon Mar 07 2011 - 09:57:27 CST)
- [USN-1085-1] tiff vulnerabilities (Mon Mar 07 2011 - 09:58:04 CST)
- [USN-1082-1] Pango vulnerabilities (Wed Mar 02 2011 - 09:50:26 CST)
Mark Stanislav
- 'Andy's PHP Knowledgebase' SQL Injection Vulnerability (CVE-2011-1546) (Wed Mar 30 2011 - 14:30:33 CDT)
- 'Quick Polls' Local File Inclusion & Deletion Vulnerabilities (CVE-2011-1099) (Sun Mar 06 2011 - 10:51:39 CST)
Mark Thomas
- [SECURITY] CVE-2011-1088 Apache Tomcat security constraint bypass (Tue Mar 15 2011 - 03:45:26 CDT)
Martin Schulze
- [SECURITY] [DSA 2206-1] New mahara packages fix several vulnerabilities (Tue Mar 29 2011 - 17:02:25 CDT)
Micah Gersten
- [USN-1091-1] Firefox and Xulrunner vulnerabilities (Thu Mar 24 2011 - 23:45:39 CDT)
- [USN-1087-1] libvpx vulnerability (Fri Mar 11 2011 - 13:21:18 CST)
Michal Zalewski
- Re: Vulnerabilities in some SCADA server softwares (Thu Mar 24 2011 - 13:12:07 CDT)
- Re: Vulnerabilities in some SCADA server softwares (Wed Mar 23 2011 - 11:52:56 CDT)
- Re: Vulnerabilities in some SCADA server softwares (Tue Mar 22 2011 - 16:24:23 CDT)
Michele Orru
- [AntiSnatchOr] OpenCMS <= 7.5.3 multiple vulnerabilities (Mon Mar 28 2011 - 07:04:57 CDT)
Michele Spagnuolo
- XSS in CubeCart <= 2.0.7 (Sun Mar 06 2011 - 14:41:22 CST)
Mike Hoskins
- Re: Vulnerabilities in some SCADA server softwares (Wed Mar 23 2011 - 13:53:03 CDT)
mikesitewat.ch
- Re: Re: HTB22905: Path disclosure in Wordpress (Wed Mar 30 2011 - 14:32:14 CDT)
- Re: Prestashop Cartium 1.3.3 Multiple Cross Site Scripting (XSS) (Thu Mar 03 2011 - 00:58:47 CST)
Moritz Muehlenhoff
- [SECURITY] [DSA 2207-1] tomcat5.5 security update (Tue Mar 29 2011 - 17:35:34 CDT)
- [SECURITY] [DSA 2203-1] nss security update (Sat Mar 26 2011 - 06:11:53 CDT)
- [SECURITY] [DSA 2201-1] wireshark security update (Wed Mar 23 2011 - 16:51:30 CDT)
- [SECURITY] [DSA 2200-1] iceweasel security update (Wed Mar 23 2011 - 15:56:43 CDT)
- [SECURITY] [DSA 2199-1] iceape security update (Wed Mar 23 2011 - 15:45:16 CDT)
- [SECURITY] [DSA 2186-2] vimperator regression fix (Fri Mar 18 2011 - 12:56:08 CDT)
- [SECURITY] [DSA 2191-1] proftpd security update (Mon Mar 14 2011 - 13:47:59 CDT)
- [SECURITY] [DSA 2187-1] icedove security update (Wed Mar 09 2011 - 15:12:07 CST)
- [SECURITY] [DSA 2186-1] iceweasel security update (Wed Mar 09 2011 - 12:07:07 CST)
- [SECURITY] [DSA 2180-1] iceape security update (Thu Mar 03 2011 - 16:12:20 CST)
- [SECURITY] [DSA 2176-1] cups security update (Tue Mar 01 2011 - 17:31:10 CST)
- [SECURITY] [DSA 2175-1] samba security update (Mon Feb 28 2011 - 17:15:23 CST)
Moritz Mühlenhoff
- [SECURITY] [DSA 2185-1] proftpd-dfsg security update (Mon Mar 07 2011 - 18:14:46 CST)
Netsparker Advisories
- XSS Vulnerability in Tracks 1.7.2 (Tue Mar 29 2011 - 03:40:19 CDT)
Nico Golde
- [SECURITY] [DSA 2198-1] tex-common security update (Tue Mar 22 2011 - 16:35:04 CDT)
npsecuritypentest.com
- Unidesk ReportingService Forceful Browsing Vulnerability (Fri Mar 25 2011 - 11:12:50 CDT)
NSO Research
- NSOADV-2011-001: Symantec LiveUpdate Administrator CSRF vulnerability (Tue Mar 22 2011 - 10:40:25 CDT)
- NSOADV-2011-003: Majordomo2 'help' Command Directory Traversal (Patch Bypass) (Tue Mar 08 2011 - 13:39:03 CST)
Patrick Kelley
- Re: HTB22905: Path disclosure in Wordpress (Wed Mar 30 2011 - 10:22:57 CDT)
- Re: HTB22905: Path disclosure in Wordpress (Wed Mar 30 2011 - 10:42:07 CDT)
- Re: "Simple PHP Newsletter" Remote Admin Password Change With install path (Tue Mar 29 2011 - 09:56:41 CDT)
paul.szabosydney.edu.au
- XSS in Oracle default fcgi-bin/echo (Tue Mar 22 2011 - 19:59:11 CDT)
Pavel Kankovsky
- Re: Vulnerabilities in some SCADA server softwares (Wed Mar 23 2011 - 15:28:15 CDT)
Per Thorsheim
- Call for Papers: Passwords^11 (Thu Mar 10 2011 - 09:08:09 CST)
R Michael Williams
- Re: Vulnerabilities in some SCADA server softwares (Wed Mar 23 2011 - 09:46:44 CDT)
Raphael Geissert
- [SECURITY] [DSA 2196-1] maradns security update (Sat Mar 19 2011 - 18:50:18 CDT)
- [SECURITY] [DSA 2195-1] php5 security update (Sat Mar 19 2011 - 18:49:52 CDT)
- [SECURITY] [DSA 2183-1] nbd security update (Fri Mar 04 2011 - 23:49:17 CST)
RedTeam Pentesting GmbH
- [RT-SA-2011-001] nostromo nhttpd directory traversal leading to arbitrary command execution (Tue Mar 15 2011 - 11:24:20 CDT)
- [RT-SA-2011-002] SugarCRM list privilege restriction bypass (Tue Mar 15 2011 - 11:28:03 CDT)
ResearchNGSSecure
- NGS00051 Patch Notification: Cisco VPN Client Privilege Escalation (Fri Mar 25 2011 - 06:12:55 CDT)
- NGS00052 Patch Notification: Apple Mac OS X Image RAW Multiple Buffer Overflows (Tue Mar 22 2011 - 03:49:27 CDT)
- NGS00016 Technical Advisory: Immunity Debugger Buffer Overflow (Tue Mar 22 2011 - 10:15:46 CDT)
- NGS00014 Technical Advisory: Cisco IPSec VPN Implementation Group Name Enumeration (Tue Mar 22 2011 - 04:14:41 CDT)
- NGS00057 Patch Notification: Apple Mac OS X ImageIO Integer Overflow (Tue Mar 22 2011 - 03:35:23 CDT)
Reversemode
- SCADA Trojans: Attacking the Grid + Advantech vulnerabilities (Tue Mar 22 2011 - 16:30:32 CDT)
Rodrigo Escobar
- [DCA-2011-0007] Air Contacts Lite (iPhone / iPod App Denial Of Service) (Wed Mar 09 2011 - 12:49:59 CST)
- [DCA-2011-0009] Weborf 0.12.4 Denial-of-Service (Fri Mar 04 2011 - 15:46:46 CST)
- [DCA-2011-0006] Hiawatha 7.4 - Denial-of-Service (Fri Mar 04 2011 - 15:40:01 CST)
rootd99y.com
- SimplisCMS 1.0.3.0 Remote File Disclosure Vulnerability (Sat Mar 26 2011 - 22:54:40 CDT)
- SimplisCMS 1.0.3.0 SQL injection / Cross Site Scripting (Sat Mar 26 2011 - 22:46:35 CDT)
- CubeCart 2.0.6 SQL injection / Cross Site Scripting (Wed Mar 02 2011 - 11:19:08 CST)
- PhotoPost PHP 4.8c (showgallery.php) Cross Site Scripting (Wed Mar 02 2011 - 12:23:15 CST)
- VidiScript (index.php) Cross Site Scripting (Wed Mar 02 2011 - 09:58:24 CST)
security-alerthp.com
- [security bulletin] HPSBMA02649 SSRT100430 rev.1 - HP Diagnostics, Remote Cross Site Scripting (XSS) (Mon Mar 28 2011 - 08:28:40 CDT)
- [security bulletin] HPSBMA02647 SSRT100383 rev.1 - HP Discovery & Dependency Mapping Inventory (DDMI) Running on Windows, Insecure SNMP Configuration (Tue Mar 22 2011 - 13:43:34 CDT)
- [security bulletin] HPSBMA02644 SSRT100284 rev.1 - HP Client Automation Enterprise (HPCA) Running on Windows, Remote Execution of Arbitrary Code (Mon Mar 14 2011 - 13:18:59 CDT)
- [security bulletin] HPSBMA02629 SSRT100381 rev.3 - HP Power Manager (HPPM) Running on Linux and Windows, Cross Site Request Forgery (CSRF), Cross Site Scripting (XSS) (Thu Mar 10 2011 - 13:34:03 CST)
- [security bulletin] HPSBUX02641 SSRT100412 rev.1 - HP OpenView Network Node Manager (OV NNM) for HP-UX, Linux, Solaris, and Windows running Java, Remote Denial of Service (DoS) (Tue Mar 08 2011 - 08:27:55 CST)
- [security bulletin] HPSBPI02640 SSRT100410 rev.1 - HP MFP Digital Sending Software Running on Windows, Authentication Bypass (Thu Mar 03 2011 - 08:11:52 CST)
- [security bulletin] HPSBUX02638 SSRT100339 rev.1 - HP-UX Running OpenSSL, Remote Execution of Arbitrary Code, Denial of Service (DoS), Authentication Bypass (Wed Mar 02 2011 - 20:27:25 CST)
- [security bulletin] HPSBUX02633 SSRT100387 rev.1 - HP-UX running Java, Remote Denial of Service (DoS) (Mon Feb 28 2011 - 19:50:27 CST)
securitymandriva.com
- [ MDVSA-2011:056 ] openldap (Wed Mar 30 2011 - 08:49:00 CDT)
- [ MDVSA-2011:055 ] openldap (Wed Mar 30 2011 - 08:11:00 CDT)
- [ MDVSA-2011:054 ] java-1.6.0-openjdk (Sun Mar 27 2011 - 16:49:00 CDT)
- [ MDVSA-2011:052 ] php (Wed Mar 23 2011 - 10:12:00 CDT)
- [ MDVSA-2011:053 ] php (Wed Mar 23 2011 - 11:04:00 CDT)
- [ MDVSA-2011:050 ] pidgin (Mon Mar 21 2011 - 08:20:00 CDT)
- [ MDVSA-2011:049 ] vsftpd (Mon Mar 21 2011 - 05:39:01 CDT)
- [ MDVSA-2011:051 ] kernel (Mon Mar 21 2011 - 10:05:00 CDT)
- [ MDVSA-2011:048 ] krb5 (Fri Mar 18 2011 - 08:18:00 CDT)
- [ MDVSA-2011:047 ] proftpd (Fri Mar 18 2011 - 06:29:01 CDT)
- [ MDVSA-2011:046 ] pure-ftpd (Thu Mar 17 2011 - 12:49:01 CDT)
- [ MDVSA-2011:045 ] postfix (Wed Mar 16 2011 - 10:41:00 CDT)
- [ MDVSA-2011:044 ] wireshark (Tue Mar 08 2011 - 11:32:01 CST)
- [ MDVSA-2011:043 ] libtiff (Tue Mar 08 2011 - 06:45:01 CST)
- [ MDVSA-2011:042 ] mozilla-thunderbird (Mon Mar 07 2011 - 13:43:00 CST)
- [ MDVSA-2011:041 ] firefox (Fri Mar 04 2011 - 17:17:00 CST)
- [ MDVSA-2011:040 ] pango (Thu Mar 03 2011 - 06:41:01 CST)
- [ MDVSA-2011:039 ] webkit (Wed Mar 02 2011 - 06:01:00 CST)
Security_Alertemc.com
- ESA-2011-012: Security update for EMC NetWorker Module for Microsoft Applications (Wed Mar 30 2011 - 09:57:54 CDT)
- ESA-2011-010: EMC Data Protection Advisor Collector arbitrary code execution with elevated privileges vulnerability (Fri Mar 25 2011 - 09:29:46 CDT)
- ESA-2011-006: EMC Avamar privilege escalation vulnerability (Tue Mar 15 2011 - 09:40:43 CDT)
- ESA-2011-009: RSA, The Security Division of EMC, announces a fix for potential security vulnerability in RSA Access Manager Server (Tue Mar 15 2011 - 09:43:50 CDT)
- ESA-2011-007: EMC Avamar sensitive information disclosure vulnerability (Tue Mar 15 2011 - 09:41:41 CDT)
Serguei A. Mokhov on behalf of PST-11
- Privacy, Security, Trust (PST 2011) - Call for Papers (EXTENDED Deadline: April 3, 2011) (Sun Mar 20 2011 - 14:06:40 CDT)
- Privacy, Security, Trust (PST 2011) - 2nd Call for Papers (Deadline: March 20) (Fri Mar 11 2011 - 18:43:39 CST)
Simple Nomad
- Re: Vulnerabilities in some SCADA server softwares (Wed Mar 23 2011 - 15:51:23 CDT)
- Re: Vulnerabilities in some SCADA server softwares (Wed Mar 23 2011 - 14:33:48 CDT)
sschurtzt-online.de
- Re: Cross-Site Scripting vulnerability in Nagios (Thu Mar 10 2011 - 10:10:05 CST)
- Cross-Site Scripting vulnerability in Nagios (Thu Mar 10 2011 - 05:12:08 CST)
- Cross-Site Scripting vulnerabilities in Icinga (Tue Mar 08 2011 - 09:15:56 CST)
Stefan Fritsch
- [SECURITY] [DSA 2202-1] apache2 security update (Wed Mar 23 2011 - 17:27:31 CDT)
Steffen Joeris
- [SECURITY] [DSA 2204-1] imp4 security update (Sun Mar 27 2011 - 05:39:50 CDT)
Steve Beattie
- [USN-1099-1] GDM vulnerability (Wed Mar 30 2011 - 18:37:12 CDT)
- [USN-1079-3] OpenJDK 6 vulnerabilities (Thu Mar 17 2011 - 14:39:18 CDT)
- [USN-1088-1] Kerberos vulnerability (Tue Mar 15 2011 - 14:47:00 CDT)
- [USN-1079-2] OpenJDK 6 vulnerabilities (Mon Mar 14 2011 - 22:48:05 CDT)
- [USN-1079-1] OpenJDK 6 vulnerabilities (Tue Mar 01 2011 - 02:02:21 CST)
- [USN-1078-1] Logwatch vulnerability (Mon Feb 28 2011 - 19:51:59 CST)
supportajaxtm.com
- Douran Portal File Download/Source Code Disclosure Vulnerability (Sun Mar 20 2011 - 06:21:38 CDT)
Theo de Raadt
- Re: Vulnerabilities in some SCADA server softwares (Wed Mar 23 2011 - 14:03:51 CDT)
- Re: Vulnerabilities in some SCADA server softwares (Wed Mar 23 2011 - 13:13:18 CDT)
Thierry Zoller
- Checkpoint VPN - Priviledge Escalation (Sat Mar 12 2011 - 05:32:43 CST)
Thijs Kinkhorst
- [SECURITY] [DSA 2194-1] libvirt security update (Fri Mar 18 2011 - 02:47:49 CDT)
- [SECURITY] [DSA 2193-1] libcgroup security update (Wed Mar 16 2011 - 16:09:06 CDT)
- [SECURITY] [DSA 2163-2] dajaxice regression fix (Tue Mar 01 2011 - 14:17:00 CST)
Tim Brown
- Medium severity flaw in QNX Neutrino RTOS (Fri Mar 11 2011 - 06:12:33 CST)
Timo Warns
- [PRE-SA-2011-02] Information disclosure vulnerability in the OSF partition handling code of the Linux kernel (Thu Mar 17 2011 - 03:43:52 CDT)
Tom Yu
- MITKRB5-SA-2011-003 [CVE-2011-0284] KDC double-free when PKINIT enabled (Tue Mar 15 2011 - 13:07:13 CDT)
Travis Lee
- Mutare Software EVM - CSRF and XSS Vulnerabilities (Fri Mar 04 2011 - 10:23:17 CST)
Vladimir '3APA3A' Dubrovin
- Re: Buffer overflow in libtiff in Imagemagick (Wed Mar 23 2011 - 11:07:20 CDT)
VMware Security Team
- VMSA-2011-0006 VMware vmrun utility local privilege escalation (Wed Mar 30 2011 - 00:49:28 CDT)
- VMSA-2011-0005 VMware vCenter Orchestrator remote code execution vulnerability (Mon Mar 14 2011 - 16:18:32 CDT)
- VMSA-2011-0004 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm. (Tue Mar 08 2011 - 00:07:25 CST)
VSR Advisories
- Apple HFS+ Information Disclosure Vulnerability (Tue Mar 22 2011 - 11:13:13 CDT)
vulnsdionach.com
- Kodak InSite Login Page Cross-Site Scripting (Mon Mar 07 2011 - 03:01:55 CST)
- InSite Troubleshooting Cross-Site Scripting (Mon Mar 07 2011 - 03:01:02 CST)
VUPEN Security Research
- VUPEN Security Research - Apple Safari WebKit Block Dimensions Handling Integer Overflow (Fri Mar 11 2011 - 11:58:58 CST)
- VUPEN Security Research - Apple Safari WebKit Scroll Event Handling Remote Use-after-free (Fri Mar 11 2011 - 11:57:56 CST)
- VUPEN Security Research - Apple Safari WebKit Iframe Event Handling Remote Use-after-free (Fri Mar 11 2011 - 11:55:45 CST)
Wietse Venema
- Plaintext injection in STARTTLS (multiple implementations) (Mon Mar 07 2011 - 14:46:07 CST)
Willy Tarreau
- Re: Vulnerabilities in some SCADA server softwares (Thu Mar 24 2011 - 06:13:32 CDT)
YGN Ethical Hacker Group
- Parallels Plesk 7.0 - 8.2 | Open URL Redirection Vulnerability (Fri Mar 25 2011 - 05:25:04 CDT)
- PHP-Nuke 8.x <= "chng_uid" Blind SQL Injection Vulnerability (Wed Mar 23 2011 - 09:52:04 CDT)
- PHP-Nuke 8.x <= Cross Site Scripting Vulnerability (Wed Mar 23 2011 - 10:05:28 CDT)
- PHP-Nuke 8.x <= Cross Site Request Forgery (CSRF) / Anti-CSRF Bypass Vulnerability (Wed Mar 23 2011 - 10:09:41 CDT)
- Joomla! 1.6.0 | Information Disclosure/Full Path Disclosure Vulnerability (Wed Mar 23 2011 - 00:00:06 CDT)
- XOOPS 2.5.0 <= Cross Site Scripting Vulnerability (Fri Mar 18 2011 - 07:58:00 CDT)
- Joomla! 1.6.0 | SQL Injection Vulnerability (Sun Mar 13 2011 - 12:42:39 CDT)
- bbPress 1.0.2 <= Cross Site Scripting Vulnerability (Sun Mar 13 2011 - 06:17:43 CDT)
- Joomla! 1.6.0 | Cross Site Scripting (XSS) Vulnerability (Sun Mar 13 2011 - 12:39:34 CDT)
ZDI Disclosures
- ZDI-11-113: Zend Server Java Bridge Design Flaw Remote Code Execution Vulnerability (Mon Mar 28 2011 - 11:20:37 CDT)
- ZDI-11-111: (0Day) Hewlett-Packard Virtual SAN Appliance hydra.exe Login Request Remote Code Execution Vulnerability (Wed Mar 23 2011 - 12:17:57 CDT)
- ZDI-11-112: (0 day) Hewlett-Packard Data Protector Media Operations DBServer.exe Remote Code Execution Vulnerability (Wed Mar 23 2011 - 12:23:13 CDT)
- ZDI-11-110: (0day) IBM Lotus Domino Server Controller Authentication Bypass Remote Code Execution Vulnerability (Tue Mar 22 2011 - 17:45:30 CDT)
- ZDI-11-109: (Pwn2Own) Apple Safari OfficeArtBlip Parsing Remote Code Execution Vulnerability (Tue Mar 22 2011 - 10:42:54 CDT)
- ZDI-11-108: Mac OS X Compact Font Format Decoder Remote Code Execution Vulnerability (Tue Mar 22 2011 - 10:40:36 CDT)
- ZDI-11-107: Libtiff ThunderCode Decoder THUNDER_2BITDELTAS Remote Code Execution Vulnerability (Mon Mar 21 2011 - 16:37:13 CDT)
- ZDI-11-106: Novell Netware NWFTPD.NLM DELE Remote Code Execution Vulnerability (Fri Mar 18 2011 - 17:06:07 CDT)
- ZDI-11-105: Hewlett-Packard Client Automation radexecd.exe Remote Code Execution Vulnerability (Fri Mar 18 2011 - 17:03:24 CDT)
- ZDI-11-101: Apple iPhone Webkit Library Javascript Array sort Method Remote Code Execution Vulnerability (Wed Mar 02 2011 - 16:59:31 CST)
- ZDI-11-100: Apple Webkit Root HTMLBRElement Style Remote Code Execution Vulnerability (Wed Mar 02 2011 - 16:57:51 CST)
- ZDI-11-099: Apple Webkit Font Glyph Layout Remote Code Execution Vulnerability (Wed Mar 02 2011 - 16:56:02 CST)
- ZDI-11-098: Apple Safari Webkit Runin Box Promotion Remote Code Execution Vulnerability (Wed Mar 02 2011 - 16:54:39 CST)
- ZDI-11-097: Apple Webkit setOuterText Memory Corruption Remote Code Execution Vulnerability (Wed Mar 02 2011 - 16:51:28 CST)
- ZDI-11-096: Apple Safari WebKit Range Object Remote Code Execution Vulnerability (Wed Mar 02 2011 - 16:33:07 CST)
- ZDI-11-095: Apple Webkit Error Message Mutation Remote Code Execution Vulnerability (Wed Mar 02 2011 - 16:31:37 CST)
- ZDI-11-102: PostgreSQL Plus Advanced Server DBA Management Server Remote Authentication Bypass Vulnerability (Wed Mar 02 2011 - 17:01:58 CST)
- ZDI-11-103: Mozilla Firefox JSON.stringify Dangling Pointer Remote Code Execution Vulnerability (Wed Mar 02 2011 - 17:07:04 CST)
- ZDI-11-094: (0 day) Hewlett-Packard StorageWorks File Migration Agent Remote Archive Tampering Vulnerability (Mon Feb 28 2011 - 17:42:40 CST)
zgmzgmmail.ustc.edu.cn
- Buffer overflow in libtiff in Imagemagick (Mon Mar 21 2011 - 02:11:17 CDT)

Last message date: Thu Mar 31 2011 - 12:23:31 CDT
Archived on: Thu Mar 31 2011 - 12:23:31 CDT

321 messages sorted by: [ date ] [ thread ] [ subject ]