NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 2011-07

233 messages sorted by: [ date ] [ thread ] [ subject ]

Starting: Mon Jun 27 2011 - 06:44:15 CDT
Ending: Fri Jul 29 2011 - 14:53:15 CDT

abhijeetclubhack.com
- [Annoucement] ClubHack Magazine - Call for Articles (Wed Jul 13 2011 - 06:30:05 CDT)
- [Announcement] ClubHack Magazine Issue 18-July2011 Released (Tue Jul 12 2011 - 10:42:19 CDT)
adam.basoowasp.org
- AppSec USA 2011 Open Source Showcase Call for Demos (Fri Jul 29 2011 - 12:03:07 CDT)
- OWASP AppSec USA 2011 Pre-conference Challenge #3 - July (Mon Jul 25 2011 - 12:52:35 CDT)
adicil.ibm.com
- Microsoft Internet Explorer 'toStaticHTML' HTML Sanitizing Information Disclosure (Thu Jul 21 2011 - 02:14:34 CDT)
Aditya K Sood
- CVE-2010-2404 | Persistent Cross Site Scripting Vulnerability in Oracle I-Recruitment - E-Business Suite (Tue Jul 12 2011 - 21:54:43 CDT)
adminbugreport.ir
- Ferdows CMS Pro <=1.1.0 and Ferdows CMS <=9.0.5 Multiple Vulnerabilities (Mon Jul 11 2011 - 07:31:56 CDT)
advisorydfn-cert.de
- [DSB-2011-01] Security Advisory FreeRADIUS 2.1.11 (Mon Jul 25 2011 - 10:36:27 CDT)
advisoryhtbridge.ch
- Redirection vulnerability in MBoard (Wed Jul 27 2011 - 06:20:45 CDT)
- Multiple XSS in GBook PHP guestbook (Wed Jul 27 2011 - 06:18:08 CDT)
- XSS in Tiki Wiki CMS Groupware (Wed Jul 20 2011 - 07:40:25 CDT)
- Paltalk Messenger ActiveX Control Multiple Insecure Methods (Wed Jul 13 2011 - 07:35:18 CDT)
- aTube Catcher ActiveX Control Insecure Method (Wed Jul 06 2011 - 06:23:40 CDT)
- IDrive Online Backup ActiveX control Insecure Method (Wed Jul 06 2011 - 06:23:27 CDT)
- XSS in FlatPress (Tue Jun 28 2011 - 11:14:04 CDT)
- Multiple vulnerabilities in Open-Realty (Tue Jun 28 2011 - 11:13:54 CDT)
alberto.morenotgmail.com
- HTC / Android OBEX FTP Service Directory Traversal Vulnerability (Wed Jul 20 2011 - 01:20:19 CDT)
Andrea Barisani
- [oCERT-2011-001] Chyrp input sanitization errors (Wed Jul 13 2011 - 15:17:30 CDT)
Apple Product Security
- APPLE-SA-2011-07-25-2 iOS 4.2.10 Software Update for iPhone (Mon Jul 25 2011 - 13:32:48 CDT)
- APPLE-SA-2011-07-25-1 iOS 4.3.5 Software Update (Mon Jul 25 2011 - 13:32:50 CDT)
- APPLE-SA-2011-07-20-2 iWork 9.1 Update (Mon Jul 25 2011 - 13:25:07 CDT)
- APPLE-SA-2011-07-20-1 Safari 5.1 and Safari 5.0.6 (Wed Jul 20 2011 - 10:33:40 CDT)
- APPLE-SA-2011-07-15-1 iOS 4.3.4 Software Update (Fri Jul 15 2011 - 12:21:30 CDT)
- APPLE-SA-2011-07-15-2 iOS 4.2.9 Software Update for iPhone (Fri Jul 15 2011 - 12:21:37 CDT)
- APPLE-SA-2011-06-28-2 Java for Mac OS X 10.5 Update 10 (Tue Jun 28 2011 - 15:11:48 CDT)
Asterisk Security Team
- AST-2011-011: Possible enumeration of SIP users due to differing authentication responses (Tue Jun 28 2011 - 15:31:15 CDT)
Barry Greene
- Security Advisory: CVE-2011-2464 - ISC BIND 9 Remote packet Denial of Service against Authoritative and Recursive Servers (Tue Jul 05 2011 - 08:53:02 CDT)
- Security Advisory: CVE-2011-2465 ISC BIND 9 Remote Crash with Certain RPZ Configurations (Tue Jul 05 2011 - 08:54:44 CDT)
beford
- PHP-Barcode 0.3pl1 Remote Code Execution (Mon Jul 25 2011 - 18:03:24 CDT)
Call for papers
- Call for Papers: ICITST-2011 (Mon Jul 18 2011 - 11:20:34 CDT)
Cantor, Scott E.
- Security Advisory: CVE-2011-2516 (Wed Jul 06 2011 - 19:58:06 CDT)
Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco TelePresence Recording Server Default Credentials for Root Account Vulnerability (Fri Jul 29 2011 - 09:15:44 CDT)
- Cisco Security Advisory: Cisco SA 500 Series Security Appliances Web Management Interface Vulnerabilities (Wed Jul 20 2011 - 11:00:00 CDT)
- Cisco Security Advisory: Cisco ASR 9000 Series Routers Line Card IP Version 4 Denial of Service Vulnerability (Wed Jul 20 2011 - 11:00:00 CDT)
- Cisco Security Advisory: Cisco Content Services Gateway Denial of Service Vulnerability (Wed Jul 06 2011 - 10:59:00 CDT)
coderman
- Re: [Full-disclosure] Ubuntu: reseed(8), random.org, and HTTP request (Wed Jul 06 2011 - 02:23:49 CDT)
CORE Security Technologies Advisories
- CORE-2011-0606: HP Data Protector EXEC_CMD Buffer Overflow Vulnerability (Wed Jun 29 2011 - 16:48:11 CDT)
- CORE-2011-0514: Multiple vulnerabilities in HP Data Protector (Wed Jun 29 2011 - 16:35:39 CDT)
CoreTex Team
- Hiding Backdoors in plain sight, again (Fri Jul 22 2011 - 10:16:28 CDT)
cxibsecurityreason.com
- NetBSD 5.1 libc/net multiple functions stack buffer overflow (Fri Jul 01 2011 - 07:13:37 CDT)
Dan Kaminsky
- Re: [Full-disclosure] Binary Planting Goes "Any File Type" (Fri Jul 08 2011 - 18:26:17 CDT)
- Re: [Full-disclosure] Binary Planting Goes "Any File Type" (Fri Jul 08 2011 - 14:10:31 CDT)
Darren Tucker
- Re: [Full-disclosure] OpenSSH 3.5p1 Remote Root Exploit for FreeBSD (Fri Jul 01 2011 - 01:38:18 CDT)
David Mirza
- Vega beta release: a new open-source web-application security assessment platform (Fri Jul 01 2011 - 16:07:03 CDT)
DeepSec Conference
- Reminder - DeepSec 2011 Call For Papers (Sun Jul 17 2011 - 14:48:25 CDT)
Delaitre, Aurelien
- Static Analysis Tool Exposition (SATE) - Call for Participation (Mon Jul 11 2011 - 14:22:37 CDT)
dennis.brunnengmail.com
- Re: Resolved - NNT Change Tracker - Hard-Coded Encryption Key Originally posted as http://seclists.org/fulldisclosure/2011/May/460 (Wed Jun 29 2011 - 16:22:27 CDT)
Digit Security Research
- Securstar - DriveCrypt - Local Kernel Denial of Service/Memory Disclosure/Privilege Escalation (Wed Jul 20 2011 - 14:27:08 CDT)
Dragos Ruiu
- PacSec CFP note, deadline Aug 3; conf Nov 9/10 Tokyo (Thu Jul 28 2011 - 20:58:40 CDT)
ehsan_hp200hotmail.com
- cgcraft llc (info.php?id) (news_item.php?id) Remote SQL injection Vulnerability (Fri Jul 29 2011 - 11:26:39 CDT)
- Vegetav (news_item.php?id) Remote SQL injection Vulnerability (Fri Jul 29 2011 - 10:36:26 CDT)
- Gopal Systems (products.php?cat_id) Remote SQL injection Vulnerability (Thu Jul 28 2011 - 08:34:36 CDT)
- CobraScripts (selloffers.php?cid) Remote SQL injection Vulnerability (Thu Jul 28 2011 - 00:34:01 CDT)
- indiacon (selloffers.php?cid) Remote SQL injection Vulnerability (Thu Jul 28 2011 - 00:32:17 CDT)
- A1 Solutions (cat_sell.php?cid) Remote SQL injection Vulnerability (Thu Jul 28 2011 - 00:31:42 CDT)
- Infocus Web Solutions (news_desc.php?id) Remote SQL injection Vulnerability (Thu Jul 28 2011 - 00:30:29 CDT)
- Web Fusion Nepal (find.php?id) Remote SQL injection Vulnerability (Thu Jul 28 2011 - 00:28:46 CDT)
- Avon Groups (search_result.php?cid) Remote SQL injection Vulnerability (Thu Jul 28 2011 - 00:27:54 CDT)
- Web Fusion Nepal (tour.php?category) XSS Vulnerability (Thu Jul 28 2011 - 00:27:16 CDT)
- Zones Web Solution (status.asp?print) (search_result.php?loc_id) Remote SQL injection Vulnerabilities (Thu Jul 28 2011 - 00:26:19 CDT)
- Zones Web Solution (StoneDetails.php?stone) XSS Vulnerability (Thu Jul 28 2011 - 00:24:08 CDT)
- Canoy Softwares (search_result.php?loc_id) Remote SQL injection Vulnerability (Thu Jul 28 2011 - 00:20:58 CDT)
- WOC Consulting (search_result.php?cid) Remote SQL injection Vulnerability (Thu Jul 28 2011 - 00:20:17 CDT)
- Coherendz (products.php?cat_id) Remote SQL injection Vulnerability (Thu Jul 28 2011 - 00:17:47 CDT)
- FootBall Cms (view_table_lig.php?group) XSS Vulnerability (Wed Jul 27 2011 - 11:38:07 CDT)
- Dow Group (dynamic.php?id) (sub.php?solutioncat_id) (news_desc.php?id) (product.php?id) Remote SQL injection Vulnerability (Wed Jul 27 2011 - 10:47:17 CDT)
- Chrome Web Solutions (details.php?cat_id) (listing_more.php?id) Remote SQL injection Vulnerability (Wed Jul 27 2011 - 06:13:45 CDT)
- Solutiontech (product.php?cat_id) Remote SQL injection Vulnerability (Wed Jul 27 2011 - 05:59:30 CDT)
- iCube Lab (product_details.php?cat_id) Remote SQL injection Vulnerability (Wed Jul 27 2011 - 05:08:11 CDT)
- G2webCMS (products.php?cat_id) (member-profile.php?profile) Remote SQL injection Vulnerability (Wed Jul 27 2011 - 04:51:02 CDT)
- Agent Image (news_details.php?news_ID) Remote SQL injection Vulnerability (Wed Jul 27 2011 - 00:57:35 CDT)
- Lava (news_item.php?id) (album.php?id) (basket.php?baction) Remote SQL injection Vulnerability (Tue Jul 26 2011 - 06:45:11 CDT)
- Precision (products.php?cat_id) Remote SQL injection Vulnerability (Tue Jul 26 2011 - 05:50:49 CDT)
- DotComEgypt (products.php?cat_id) Remote SQL injection Vulnerability (Tue Jul 26 2011 - 05:31:51 CDT)
- Indonesia Web Design (link-directory.php?cid) (link-directory.php?pid) Remote SQL injection Vulnerability (Tue Jul 26 2011 - 05:04:16 CDT)
- Funnel Web (pages.php?page) Remote SQL injection Vulnerability (Tue Jul 26 2011 - 04:13:02 CDT)
- Funnel Web (selected_product.php?t) Remote SQL injection Vulnerability (Tue Jul 26 2011 - 04:07:34 CDT)
- Funnel Web (directory.php?cid) Remote SQL injection Vulnerability (Tue Jul 26 2011 - 03:57:40 CDT)
- Funnel Web (items.php?&cat_id) Remote SQL injection Vulnerability (Tue Jul 26 2011 - 03:50:39 CDT)
- Zones Web Solution (index.php?manufacturers_id) Remote SQL injection Vulnerability (Tue Jul 26 2011 - 03:25:08 CDT)
- CobraScripts (search_result.php?cid) Remote SQL injection Vulnerability (Sun Jul 24 2011 - 11:42:08 CDT)
fb1h2s Hack 2 Secure
- Vbulletin 4.0.x => 4.1.3 (messagegroupid) SQL injection Vulnerability (Wed Jul 20 2011 - 19:01:18 CDT)
Fernando Gont
- Hacking IPv6 Networks (slides) (Tue Jul 26 2011 - 12:05:12 CDT)
- Fwd: RFC 6274 on Security Assessment of the Internet Protocol Version 4 (Tue Jul 05 2011 - 15:38:47 CDT)
Florian Weimer
- [SECURITY] [DSA 2272-1] bind9 security update (Tue Jul 05 2011 - 13:46:15 CDT)
geraldwireshark.org
- Re: Wireshark 1.4.0 Malformed IKE Packet Denial of Service (Wed Jul 13 2011 - 12:39:22 CDT)
Giuseppe Iuculano
- [SECURITY] [DSA 2271-1] curl security update (Sat Jul 02 2011 - 02:49:58 CDT)
Hafez Kamal
- [HITB-Announce] REMINDER: HITB2011 - Malaysia Call for Papers Closes on the 15th (Mon Jul 11 2011 - 09:40:38 CDT)
Henri Salo
- Re: [Full-disclosure] [BMSA-2009-07] Backdoor in PyForum (Thu Jul 28 2011 - 06:39:06 CDT)
- Re: [Full-disclosure] [Bkis] sNews 1.7.1 XSS vulnerability (Sun Jul 24 2011 - 05:08:35 CDT)
- Re: SEC Consult SA-20110701-0 :: Multiple SQL injection vulnerabilities in WordPress (Wed Jul 06 2011 - 08:59:03 CDT)
- Re: Multiple Cross-Site Scripting vulnerabilities in WebCalendar (Wed Jul 06 2011 - 05:59:47 CDT)
- Re: in_midi multiple vulnerabilities in Winamp 5.61 (Wed Jul 06 2011 - 07:14:09 CDT)
HI-TECH .
- Re: [Full-disclosure] Working Remote Root Exploit for OpenSSH 3.4p1 (FreeBSD) (Fri Jul 01 2011 - 10:52:07 CDT)
- Working Remote Root Exploit for OpenSSH 3.4p1 (FreeBSD) (Fri Jul 01 2011 - 10:45:22 CDT)
Jamie Strandboge
- Re: [Full-disclosure] Ubuntu: reseed(8), random.org, and HTTP request (Wed Jul 06 2011 - 08:06:21 CDT)
Jeffrey Walton
- Ubuntu: reseed(8), random.org, and HTTP request (Tue Jul 05 2011 - 23:04:23 CDT)
Kotas, Kevin J
- CA20110720-01: Security Notice for CA Gateway Security and Total Defense (Wed Jul 20 2011 - 12:54:07 CDT)
labs-no-reply
- iDefense Security Advisory 07.20.11: Multiple Vendor WebKit SVG animVal Memory Corruption Vulnerability (Wed Jul 20 2011 - 16:50:00 CDT)
- iDefense Security Advisory 07.20.11: Apple Safari innerText Use-After-Free Vulnerability (Wed Jul 20 2011 - 15:57:53 CDT)
- iDefense Security Advisory 07.20.11: Multiple Vendor WebKit frameset style Heap Corruption Vulnerability (Wed Jul 20 2011 - 15:49:20 CDT)
- iDefense Security Advisory 07.20.11: Safari WebKit TIFF Use-After-Free Vulnerability (Wed Jul 20 2011 - 15:33:24 CDT)
- iDefense Security Advisory 07.20.11: Multiple Vendor WebKit MathML Use-After-Free Vulnerability (Wed Jul 20 2011 - 14:53:00 CDT)
- iDefense Security Advisory 07.14.11: Citrix Access Gateway ActiveX Stack Buffer Overflow Vulnerability (Thu Jul 14 2011 - 17:28:24 CDT)
Lists
- Oracle Sun GlassFish Enterprise Server Stored XSS Vulnerability - Security Advisory - SOS-11-009 (Wed Jul 20 2011 - 00:05:44 CDT)
Luciano Bello
- [SECURITY] [DSA 2287-1] libpng security update (Thu Jul 28 2011 - 11:23:46 CDT)
- [SECURITY] [DSA 2254-2] oprofile security update (Fri Jul 15 2011 - 20:26:18 CDT)
- [SECURITY] [DSA 2276-2] asterisk regression update (Mon Jul 11 2011 - 13:59:48 CDT)
- [SECURITY] [DSA 2276-1] asterisk security update (Sun Jul 10 2011 - 10:17:03 CDT)
Luigi Auriemma
- bcksrvr format string in Sybase Adaptive Server 15.5 (Thu Jun 30 2011 - 11:56:42 CDT)
- Arbitrary files deletion in HP OpenView Communication Broker (Thu Jun 30 2011 - 11:57:12 CDT)
- Integer overflow in foobar2000 1.1.7 (Mon Jul 04 2011 - 12:06:56 CDT)
- in_midi multiple vulnerabilities in Winamp 5.61 (Wed Jun 29 2011 - 14:02:45 CDT)
- Upload directory traversal in Novell ZenWorks Handheld Management 7.0.2 (Mon Jun 27 2011 - 06:46:00 CDT)
- bcksrvr format string in Sybase Adaptive Server 15.5 (Mon Jun 27 2011 - 06:44:15 CDT)
- Arbitrary files deletion in HP OpenView Performance Agent (Mon Jun 27 2011 - 06:46:10 CDT)
Major Malfunction
- Re: [Full-disclosure] DC4420 - London DEFCON - July meet - Tuesday 19th July 2011 (Wed Jul 13 2011 - 13:01:48 CDT)
- DC4420 - London DEFCON - July meet - Tuesday 19th July 2011 (Wed Jul 13 2011 - 12:47:36 CDT)
Mango
- phpMyAdmin 3.x Conditional Session Manipulation (Sun Jul 24 2011 - 12:13:41 CDT)
- phpMyAdmin 3.x preg_replace RCE POC (Fri Jul 08 2011 - 15:27:21 CDT)
- phpMyAdmin 3.x Multiple Remote Code Executions (Thu Jul 07 2011 - 13:54:31 CDT)
Mark Thomas
- [SECURITY] CVE-2011-2526 Apache Tomcat Information disclosure and availability vulnerabilities (Wed Jul 13 2011 - 10:33:22 CDT)
Michal Zalewski
- Re: [Full-disclosure] Ubuntu: reseed(8), random.org, and HTTP request (Wed Jul 06 2011 - 14:42:43 CDT)
- Re: [Full-disclosure] Ubuntu: reseed(8), random.org, and HTTP request (Wed Jul 06 2011 - 14:41:55 CDT)
michal.sajdaksecuritum.pl
- SA500 vulnerabilities - details (Wed Jul 27 2011 - 03:43:18 CDT)
Mitja Kolsek
- Re: [Full-disclosure] Binary Planting Goes "Any File Type" (Fri Jul 08 2011 - 18:11:33 CDT)
Moritz Muehlenhoff
- [SECURITY] [DSA 2288-1] libsndfile security update (Thu Jul 28 2011 - 17:00:12 CDT)
- [SECURITY] [DSA 2284-1] opensaml2 security update (Mon Jul 25 2011 - 09:16:47 CDT)
- [SECURITY] [DSA 2283-1] krb5-appl security update (Mon Jul 25 2011 - 06:53:06 CDT)
- [SECURITY] [DSA 2282-1] qemu-kvm security update (Mon Jul 25 2011 - 05:14:19 CDT)
- [SECURITY] [DSA 2274-1] wireshark security update (Thu Jul 07 2011 - 14:00:37 CDT)
- [SECURITY] [DSA 2273-1] icedove security update (Wed Jul 06 2011 - 13:34:07 CDT)
- [SECURITY] [DSA 2270-1] qemu-kvm security update (Fri Jul 01 2011 - 15:51:24 CDT)
- [SECURITY] [DSA 2269-1] iceape security update (Fri Jul 01 2011 - 15:16:48 CDT)
- [SECURITY] [DSA 2262-2] php5 update (Fri Jul 01 2011 - 15:00:32 CDT)
- [SECURITY] [DSA 2268-1] iceweasel security update (Fri Jul 01 2011 - 14:32:42 CDT)
- [SECURITY] [DSA 2267-1] perl security update (Fri Jul 01 2011 - 12:52:58 CDT)
- [SECURITY] [DSA 2266-1] php5 security update (Wed Jun 29 2011 - 13:42:45 CDT)
Moritz Naumann
- Alice (Telefonica Germany) Modem 1111 DoS + XSS (Mon Jul 11 2011 - 16:13:11 CDT)
Nelson Brito
- Permutation Oriented Programming (Thu Jul 21 2011 - 13:45:54 CDT)
Nico Golde
- [SECURITY] [DSA 2285-1] mapserver security update (Mon Jul 25 2011 - 17:33:07 CDT)
- [SECURITY] [DSA 2277-1] xml-security-c security update (Sun Jul 10 2011 - 11:22:41 CDT)
- [SECURITY] [DSA 2275-1] openoffice.org security update (Thu Jul 07 2011 - 15:37:14 CDT)
Nicolas Grégoire
- [Tool] DoS for OpenSLP (and others) (Tue Jul 26 2011 - 10:50:32 CDT)
noreplyptsecurity.ru
- [PT-2011-05] Cross-Site Scripting in Koha Library Software (Tue Jul 26 2011 - 07:23:21 CDT)
- [PT-2011-25] SQL injection vulnerabilities in Support Incident Tracker (Tue Jul 26 2011 - 07:22:38 CDT)
- [PT-2011-08] Multiple vulnerabilities in Dlink DPH 150SE/E/F1 (Tue Jul 26 2011 - 07:21:49 CDT)
nospamgmail.it
- CA ARCserve D2D r15 GWT RPC Request Auth Bypass / Credentials Disclosure and Commands Execution (Mon Jul 25 2011 - 23:01:58 CDT)
- Dell IT Assistant detectIESettingsForITA.ocx ActiveX Control readRegVal() Remote Registry Dump Vulnerability (Wed Jul 13 2011 - 08:27:13 CDT)
Patrick Webster
- OSI Security: Elitecore Cyberoam UTM - Authenticated Cross-Site Scripting Vulnerability (Wed Jul 20 2011 - 01:26:40 CDT)
pi3itsec.pl
- Torque Server Buffer Overflow Vulnerability (Wed Jul 13 2011 - 10:06:18 CDT)
pierre.ernstca.ibm.com
- Spring Source OXM Remote OS Command Injection when XStream and IBM JRE are used (Thu Jun 30 2011 - 10:13:30 CDT)
pocadmgmail.com
- POC2011 Call for Paper (Mon Jul 11 2011 - 07:11:15 CDT)
randyeidelweiss.info
- Tugux CMS 1.2 Multiple vulnerability (BLIND sql & xss) (Tue Jul 12 2011 - 07:31:38 CDT)
ResearchNGSSecure
- NGS00042 Patch Notification: Solaris USB configuration descriptor kernel stack overflow (Mon Jul 25 2011 - 02:13:26 CDT)
- NGS00060 Technical Advisory: Blue Coat BCAAA Remote Code Execution Vulnerability (Tue Jul 05 2011 - 03:32:33 CDT)
- NGS00057 Technical Advisory: Apple Mac OS X ImageIO Integer Overflow (Tue Jun 28 2011 - 09:18:35 CDT)
- NGS00052 Technical Advisory: Apple Mac OS X Image RAW Multiple Buffer Overflows (Tue Jun 28 2011 - 09:04:41 CDT)
- NGS00051 Technical Advisory: Cisco VPN Client Privilege Escalation (Tue Jun 28 2011 - 08:55:58 CDT)
- NGS00062 Patch Notification: Apple Mac OS X ImageIO TIFF Heap Overflow (Tue Jun 28 2011 - 08:54:54 CDT)
RGill
- Aruba Advisory AID-070611 Cross Site Scripting vulnerability in ArubaOS and AirWave Administration Web Interfaces (Wed Jul 06 2011 - 12:53:58 CDT)
robkraussoutionary.com
- Foxit Reader Insecure Library Loading (Thu Jul 21 2011 - 12:11:43 CDT)
Rodrigo Rubira Branco $BSDaemon$
- H2HC Brazil (Hackers 2 Hackers Conference) 8th Edition - Call for Papers (Tue Jul 19 2011 - 19:10:47 CDT)
SEC Consult Vulnerability Lab
- SEC Consult SA-20110701-0 :: Multiple SQL injection vulnerabilities in WordPress (Fri Jul 01 2011 - 04:23:40 CDT)
security-alerthp.com
- [security bulletin] HPSBMU02691 SSRT100483 rev.2 - HP Performance Agent and HP Operations Agent, Remote Arbitrary File Deletion (Thu Jul 28 2011 - 12:25:02 CDT)
- [security bulletin] HPSBUX02689 SSRT100494 rev.2 - HP-UX Running OpenSSL, Remote Denial of Service (DoS) (Thu Jul 28 2011 - 12:26:40 CDT)
- [security bulletin] HPSBMU02669 SSRT100346 rev.3 - HP Data Protector Media Management Daemon (mmd), Remote Denial of Service (DoS) (Thu Jul 28 2011 - 12:26:01 CDT)
- [security bulletin] HPSBMU02693 SSRT100583 rev.1 - HP Network Automation Running on Linux, Solaris, and Windows, Remote SQL Injection, Cross Site Scripting (XSS) (Thu Jul 28 2011 - 11:42:51 CDT)
- [security bulletin] HPSBMU02692 SSRT100581 rev.2 - HP SiteScope, Remote Cross Site Scripting (XSS) and Session Fixation Attack (Thu Jul 28 2011 - 08:11:58 CDT)
- [security bulletin] HPSBUX02689 SSRT100494 rev.1 - HP-UX Running OpenSSL, Remote Denial of Service (DoS) (Fri Jul 08 2011 - 12:46:37 CDT)
- [security bulletin] HPSBMU02690 SSRT100569 rev.1 - HP Business Availability Center (BAC) Running on Solaris and Windows, Remote Denial of Service (DoS) (Fri Jul 08 2011 - 08:34:45 CDT)
- [security bulletin] HPSBMA02674 SSRT100487 rev.2 - HP Service Manager and HP Service Center, Unauthorized Remote Access, Unsecured Local Access, Remote Disclosure of Privileged Information, HTTP Session Credential Re-use, Cross Site Scripting (XSS) and Remote Script Inject (Wed Jul 06 2011 - 18:05:23 CDT)
- [security bulletin] HPSBUX02688 SSRT100513 rev.1 - HP-UX Dynamic Loader, Local Privilege Escalation, Denial of Service (DoS) (Tue Jul 05 2011 - 18:13:42 CDT)
- [security bulletin] HPSB3C02687 SSRT100377 rev.1 - HP Intelligent Management Center User Access Manager (UAM) and Endpoint Admission Defense (EAD), Remote Execution of Arbitrary Code (Fri Jul 01 2011 - 10:17:55 CDT)
- [security bulletin] HPSBMU02686 SSRT100541 rev.3 - HP OpenView Storage Data Protector, Remote Execution of Arbitrary Code (Wed Jun 29 2011 - 18:53:29 CDT)
securitymandriva.com
- [ MDVSA-2011:121 ] samba (Wed Jul 27 2011 - 09:24:00 CDT)
- [ MDVSA-2011:120 ] freetype2 (Wed Jul 27 2011 - 02:45:19 CDT)
- [ MDVSA-2011:119 ] libsndfile (Mon Jul 25 2011 - 09:38:00 CDT)
- [ MDVSA-2011:118 ] wireshark (Sun Jul 24 2011 - 06:51:01 CDT)
- [ MDVSA-2011:117 ] krb5-appl (Fri Jul 22 2011 - 09:44:00 CDT)
- [ MDVSA-2011:116 ] curl (Fri Jul 22 2011 - 08:37:00 CDT)
- [ MDVSA-2011:115 ] bind (Wed Jul 20 2011 - 09:40:00 CDT)
- [ MDVSA-2011:114 ] blender (Mon Jul 18 2011 - 12:57:00 CDT)
- [ MDVSA-2011:112 ] blender (Mon Jul 18 2011 - 12:36:00 CDT)
securitynruns.com
- n.runs-SA-2011.002 - Citrix XenApp / XenDesktop XML Service Heap Corruption (Thu Jul 28 2011 - 14:21:08 CDT)
- n.runs-SA-2011.001 - Citrix XenApp / XenDesktop Stack-Based Buffer Overflow (Thu Jul 28 2011 - 14:21:08 CDT)
Security_Alertemc.com
- ESA-2011-021: EMC Data Protection Advisor sensitive information disclosure vulnerability (Tue Jul 26 2011 - 16:52:22 CDT)
- ESA-2011-024: EMC Captiva eInput multiple vulnerabilities (Tue Jul 26 2011 - 16:51:16 CDT)
- ESA-2011-022: EMC Documentum eRoom Indexing Server HummingBird Client Connector Buffer Overflow Vulnerability (Fri Jul 15 2011 - 12:18:22 CDT)
Shatter
- TeamSHATTER Security Advisory: Oracle Enterprise Manager vulnerable to XSS (metricDetail$type page) (Wed Jul 27 2011 - 18:01:18 CDT)
- TeamSHATTER Security Advisory: Oracle Enterprise Manager vulnerable to XSS (sitemap page) (Wed Jul 27 2011 - 18:01:07 CDT)
- TeamSHATTER Security Advisory: Oracle Enterprise Manager vulnerable to XSS (notifRuleInfo$mode page) (Wed Jul 27 2011 - 17:54:57 CDT)
Slackware Security Team
- [slackware-security] seamonkey (SSA:2011-195-01) (Thu Jul 14 2011 - 20:47:42 CDT)
- [slackware-security] mozilla-firefox (SSA:2011-195-02) (Thu Jul 14 2011 - 20:48:06 CDT)
- [slackware-security] bind (SSA:2011-189-01) (Fri Jul 08 2011 - 14:18:53 CDT)
- [slackware-security] mozilla-thunderbird (SSA:2011-189-02) (Fri Jul 08 2011 - 14:19:12 CDT)
- [slackware-security] pidgin (SSA:2011-178-01) (Mon Jun 27 2011 - 23:19:23 CDT)
spamgoesherestevenroddis.com
- phpBB AJAX Chat/Shoutbox MOD CSRF Vulnerability (Mon Jul 25 2011 - 07:21:24 CDT)
sschurtzt-online.de
- Re: Re: Multiple Cross-Site Scripting vulnerabilities in WebCalendar (Thu Jul 07 2011 - 01:29:30 CDT)
- Multiple Cross-Site Scripting vulnerabilities in WebCalendar (Mon Jul 04 2011 - 01:46:09 CDT)
Steffen Joeris
- [SECURITY] [DSA 2281-1] opie security update (Wed Jul 20 2011 - 21:51:41 CDT)
- [SECURITY] [DSA 2280-1] libvirt security update (Mon Jul 18 2011 - 20:27:20 CDT)
- [SECURITY] [DSA 2279-1] libapache2-mod-authnz-external security update (Mon Jul 18 2011 - 19:49:15 CDT)
- [SECURITY] [DSA 2278-1] horde3 security update (Fri Jul 15 2011 - 22:37:31 CDT)
Thijs Kinkhorst
- [SECURITY] [DSA 2286-1] phpmyadmin security update (Tue Jul 26 2011 - 14:11:55 CDT)
Thilo Schulz
- Two security issues fixed in ioQuake3 engine (Thu Jul 28 2011 - 07:55:04 CDT)
Tim Brown
- Breaking the links: Exploiting the linker (Wed Jun 29 2011 - 15:53:49 CDT)
Tom Neaves
- Sitecore CMS 6.4 Open URL Redirect Vulnerability (Thu Jul 28 2011 - 17:02:38 CDT)
Tom Yu
- MITKRB5-SA-2011-005 FTP daemon fails to set effective group ID [CVE-2011-1526] (Tue Jul 05 2011 - 13:06:39 CDT)
Trustwave Advisories
- TWSL2011-007: iOS SSL Implementation Does Not Validate Certificate Chain (Mon Jul 25 2011 - 14:55:44 CDT)
vulnnipc.org.cn
- Wireshark 1.6.1 Malformed IKE Packet Denial of Service (Thu Jul 28 2011 - 03:42:13 CDT)
- Wireshark 1.4.0 Malformed IKE Packet Denial of Service (Mon Jul 11 2011 - 04:40:10 CDT)
Williams, James K
- Re: CA ARCserve D2D r15 GWT RPC Request Auth Bypass / Credentials (Tue Jul 26 2011 - 13:12:01 CDT)
YGN Ethical Hacker Group
- Joomla! 1.7.0-RC and lower | Multiple Cross Site Scripting (XSS) Vulnerabilities (Thu Jul 21 2011 - 22:16:57 CDT)
- Joomla! 1.6.3 and lower | Multiple Cross Site Scripting (XSS) Vulnerabilities (Tue Jun 28 2011 - 01:25:07 CDT)
ZDI Disclosures
- ZDI-11-246: Sybase Adaptive Server Backup and Monitor Server NULL Write Remote Code Execution Vulnerability (Fri Jul 29 2011 - 13:34:02 CDT)
- ZDI-11-245: Sybase Adaptive Server Backup and Monitor Server Translation Array Remote Code Execution Vulnerability (Fri Jul 29 2011 - 13:32:12 CDT)
- ZDI-11-244: (0day) FlexNet License Server Manager lmadmin Remote Code Execution Vulnerability (Thu Jul 28 2011 - 15:25:25 CDT)
- ZDI-11-243: WebKit ContentEditable Inline Style Remote Code Execution Vulnerability (Wed Jul 27 2011 - 10:43:48 CDT)
- ZDI-11-242: Apple Safari Rendering Object Body Detachment Remote Code Execution Vulnerability (Wed Jul 27 2011 - 10:39:07 CDT)
- ZDI-11-241: Webkit setAttributes attributeChanged Remote Code Execution Vulnerability (Wed Jul 27 2011 - 10:38:08 CDT)
- ZDI-11-240: Apple Safari Webkit SVG Marker Remote Code Execution Vulnerability (Wed Jul 27 2011 - 10:34:45 CDT)
- ZDI-11-239: Apple Safari Webkit FrameOwner Element Remote Code Execution Vulnerability (Wed Jul 27 2011 - 10:23:25 CDT)
- ZDI-11-238: Oracle Secure Backup validate_login Command Injection Remote Code Execution Vulnerability (Thu Jul 21 2011 - 10:50:04 CDT)
- ZDI-11-237: CA Total Defense Suite Gateway Security Malformed HTTP Packet Remote Code Execution Vulnerability (Wed Jul 20 2011 - 12:05:30 CDT)
- ZDI-11-236: EMC Documentum eRoom Indexing Server OpenText HummingBird Connector Remote Code Execution Vulnerability (Mon Jul 18 2011 - 12:13:20 CDT)
- ZDI-11-235: TrendMicro Control Manager CASProcessor.exe BLOB Remote Code Execution Vulnerability (Tue Jul 12 2011 - 12:29:09 CDT)
- ZDI-11-234: Trend Micro Control Manager CasLogDirectInsertHandler.cs Remote Code Execution Vulnerability (Mon Jul 11 2011 - 11:52:10 CDT)
- ZDI-11-233: Symantec Web Gateway forget.php SQL Injection Vulnerability (Thu Jul 07 2011 - 14:59:04 CDT)
- ZDI-11-230: Apple Quicktime Apple Lossless Audio Codec Parsing Remote Code Execution Vulnerability (Wed Jun 29 2011 - 16:17:44 CDT)
- ZDI-11-232: HP iNode Management Center iNodeMngChecker.exe Remote Code Execution Vulnerability (Fri Jul 01 2011 - 12:32:27 CDT)
- ZDI-11-229: Apple QuickTime RIFF fmt Chunk Parsing Remote Code Execution Vulnerability (Wed Jun 29 2011 - 16:16:20 CDT)
- ZDI-11-231: Apple QuickTime Pict File Matrix Parsing Remote Code Execution Vulnerability (Wed Jun 29 2011 - 16:19:05 CDT)

Last message date: Fri Jul 29 2011 - 14:53:15 CDT
Archived on: Fri Jul 29 2011 - 14:53:15 CDT

233 messages sorted by: [ date ] [ thread ] [ subject ]