NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 2011-12

Most recent messages
188 messages sorted by: [ author ] [ date ] [ subject ]

Starting: Thu Dec 01 2011 - 11:15:30 CST
Ending: Fri Dec 30 2011 - 12:17:35 CST

Re: Wordpress enable-latex plugin Remote File Include Vulnerabilities Henri Salo (Wed Nov 30 2011 - 15:40:40 CST)
- Re: Wordpress enable-latex plugin Remote File Include Vulnerabilities Henri Salo (Sat Dec 03 2011 - 06:21:52 CST)
[SECURITY] [DSA 2355-1] clearsilver security update Moritz Muehlenhoff (Wed Nov 30 2011 - 15:28:52 CST)
Re: Wordpress flash-album-gallery plugin Cross-Site Scripting Vulnerabilities Henri Salo (Wed Nov 30 2011 - 18:05:05 CST)
- Re: Wordpress flash-album-gallery plugin Cross-Site Scripting Vulnerabilities Henri Salo (Thu Dec 29 2011 - 03:50:40 CST)
[security bulletin] HPSBPI02728 SSRT100692 rev.1 - Certain HP Printers and HP Digital Senders, Remote Firmware Update Enabled by Default security-alerthp.com (Wed Nov 30 2011 - 18:17:38 CST)
Re: Wordpress plugin BackWPup Remote and Local Code Execution Vulnerability - SOS-11-003 Henri Salo (Wed Nov 30 2011 - 18:32:13 CST)
Re: [MajorSecurity SA-081]Contao CMS 2.9.2 - Persistent Cross Site Scripting Issue Henri Salo (Wed Nov 30 2011 - 18:42:59 CST)
Re: Contao 2.10.1 Cross-site scripting vulnerability Henri Salo (Wed Nov 30 2011 - 18:44:29 CST)
Ariadne 2.7.6 Multiple XSS vulnerabilities sschurtzt-online.de (Thu Dec 01 2011 - 01:42:17 CST)
Re: Serendipity freetag plugin 'serendipity[tagview]' Cross-Site Scripting vulnerability Henri Salo (Thu Dec 01 2011 - 11:48:27 CST)
Re: Serendipity 'serendipity[filter][bp.ALT]' Cross-Site Scripting vulnerability Henri Salo (Thu Dec 01 2011 - 11:49:41 CST)
[SECURITY] [DSA 2356-1] openjdk-6 security update Florian Weimer (Thu Dec 01 2011 - 14:33:15 CST)
[security bulletin] HPSBHF02723 SSRT100536 rev.1 - HP Protect Tools Device Access Manager for Windows, Remote Execution of Arbitrary Code, Denial of Service security-alerthp.com (Thu Dec 01 2011 - 15:08:46 CST)
FreeBSD ftpd/ProFTPD on FreeBSD Remote Root Exploit HI-TECH . (Thu Dec 01 2011 - 16:16:07 CST)
SANS AppSec 2012 CFP reminder SANS AppSec CFP (Thu Dec 01 2011 - 18:45:52 CST)
[PT-2011-43] Database information disclosure in Kayako Fusion noreplyptsecurity.ru (Fri Dec 02 2011 - 04:35:42 CST)
Heap Memory Corruption in HP Device Access Manager for Protect Tools Information Store advisoryhtbridge.ch (Fri Dec 02 2011 - 11:51:43 CST)
InfoSec Southwest 2012 CFP I\)ruid (Thu Dec 01 2011 - 14:49:56 CST)
XSSer v1.6 -beta- aka "Grey Swarm!" released. psy (Wed Nov 30 2011 - 17:46:25 CST)
Vulnerabilities in Serv-U 11.1.0.3 Luigi Auriemma (Sun Dec 04 2011 - 15:15:30 CST)
[security bulletin] HPSBUX02729 SSRT100687 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS) security-alerthp.com (Fri Dec 02 2011 - 16:19:33 CST)
fast and somewhat reliable cache timing Michal Zalewski (Fri Dec 02 2011 - 18:21:53 CST)
Hackito Ergo Sum 2012 Call For Papers ! (12/13/14 April 2012) Matthieu Suiche (Sat Dec 03 2011 - 07:12:31 CST)
[DCA-2011-0014] - Elxis CMS Cross Site Script Crash (Mon Dec 05 2011 - 12:13:09 CST)
[SECURITY] [DSA 2358-1] openjdk-6 security update Florian Weimer (Mon Dec 05 2011 - 13:26:27 CST)
Meditate Web Content Editor 'username_input' SQL-Injection vulnerability sschurtzt-online.de (Mon Dec 05 2011 - 13:37:50 CST)
Wordpress pretty-link.1.5.2 plugin Cross-Site Scripting Vulnerabilities irist.irgmail.com (Sun Dec 04 2011 - 09:26:35 CST)
- Re: Wordpress pretty-link.1.5.2 plugin Cross-Site Scripting Vulnerabilities Henri Salo (Thu Dec 08 2011 - 04:00:34 CST)
- Re: Wordpress pretty-link.1.5.2 plugin Cross-Site Scripting Vulnerabilities Henri Salo (Thu Dec 08 2011 - 04:39:37 CST)
[security bulletin] HPSBMU02726 SSRT100685 rev.2 - HP Operations Agent and Performance Agent for AIX, HP-UX, Linux, and Solaris, Local Unauthorized Access security-alerthp.com (Tue Dec 06 2011 - 10:07:15 CST)
MITKRB5-SA-2011-007 KDC null pointer dereference in TGS handling [CVE-2011-1530] Tom Yu (Tue Dec 06 2011 - 13:07:48 CST)
[SECURITY] [DSA 2359-1] mojarra security update Florian Weimer (Tue Dec 06 2011 - 13:59:12 CST)
[SECURITY] [DSA 2360-1] Two month advance notification for upcoming end-of-life for Debian oldstable Moritz Muehlenhoff (Tue Dec 06 2011 - 14:09:53 CST)
[security bulletin] HPSBHF02723 SSRT100536 rev.2 - HP ProtectTools Device Access Manager for Windows, Remote Execution of Arbitrary Code, Denial of Service (DoS) security-alerthp.com (Wed Dec 07 2011 - 09:52:59 CST)
[ MDVSA-2011:181 ] proftpd securitymandriva.com (Wed Dec 07 2011 - 11:47:00 CST)
DDIVRT-2011-38 KnowledgeTree login.php Blind SQL Injection ddivulnalertddifrontline.com (Wed Dec 07 2011 - 10:56:20 CST)
[SECURITY] [DSA 2361-1] chasen security update Florian Weimer (Wed Dec 07 2011 - 14:51:29 CST)
ZDI-11-340 : Apple Quicktime Font Table Signed Length Remote Code Execution Vulnerability ZDI Disclosures (Wed Dec 07 2011 - 15:46:27 CST)
ZDI-11-341 : Cisco WebEx Player WRF Type 0 Parsing Remote Code Execution Vulnerability ZDI Disclosures (Wed Dec 07 2011 - 15:47:43 CST)
ZDI-11-342 : Novell ZENworks Asset Management Remote Code Execution Vulnerability ZDI Disclosures (Wed Dec 07 2011 - 15:49:44 CST)
ZDI-11-343 : RealNetworks RealPlayer mp4arender esds channel count Remote Code Execution Vulnerability ZDI Disclosures (Wed Dec 07 2011 - 15:54:50 CST)
ZDI-11-344 : RealNetworks RealPlayer RV20 Decoding Remote Code Execution Vulnerability ZDI Disclosures (Wed Dec 07 2011 - 15:57:37 CST)
ZDI-11-345 : TrendMicro Control Manager CmdProcessor.exe AddTask Remote Code Execution Vulnerability ZDI Disclosures (Wed Dec 07 2011 - 15:58:46 CST)
seamless bait-and-switch Michal Zalewski (Thu Dec 08 2011 - 03:30:09 CST)
- Re: seamless bait-and-switch Michal Zalewski (Thu Dec 08 2011 - 13:31:55 CST)
- Re: seamless bait-and-switch Michal Zalewski (Thu Dec 08 2011 - 16:09:23 CST)
- Re: seamless bait-and-switch Jann Horn (Fri Dec 09 2011 - 12:18:00 CST)
- Re: seamless bait-and-switch Charles Morris (Fri Dec 09 2011 - 09:37:51 CST)
0A29-11-2 : Privilege escalation vulnerability in HP Application Lifestyle Management (ALM) Platform v11 0a29 40 (Thu Dec 08 2011 - 05:14:59 CST)
[DCA-2011-0015] QuesCom Qportal User - OctoWebSvr/COM - Source Code Disclosure Crash (Thu Dec 08 2011 - 10:50:26 CST)
[ MDVSA-2011:182 ] dhcp securitymandriva.com (Thu Dec 08 2011 - 12:25:00 CST)
Call for Papers - 2012 Rocky Mountain Information Security Conference presidentdenver.issa.org (Thu Dec 08 2011 - 14:26:08 CST)
DC4420 - London DEFCON - 13 December 2011 Major Malfunction (Thu Dec 08 2011 - 16:36:25 CST)
AST-2011-013: Possible remote enumeration of SIP endpoints with differing NAT settings Asterisk Security Team (Thu Dec 08 2011 - 16:47:40 CST)
AST-2011-014: Remote crash possibility with SIP and the â€œautomonâ€ feature enabled Asterisk Security Team (Thu Dec 08 2011 - 16:48:50 CST)
CA20111208-01: Security Notice for CA SiteMinder Williams, James K (Fri Dec 09 2011 - 07:15:46 CST)
[SignalSEC Labs]: HTC Touch2 T3333 Video Player Memory Corruption signaladvisorygmail.com (Thu Dec 08 2011 - 17:16:16 CST)
*CLOSING IN 5 DAYS * Re: AppSec DC 2012 - Call for Trainers AppSec DC (Fri Dec 09 2011 - 10:56:31 CST)
the week of silly PoCs continues: data://www.mybank.com/ Michal Zalewski (Fri Dec 09 2011 - 13:04:22 CST)
- Re: the week of silly PoCs continues: data://www.mybank.com/ nothanksloopback.securityfocus.com (Sat Dec 10 2011 - 22:13:54 CST)
[SECURITY] [DSA 2362-1] acpid security update Moritz Muehlenhoff (Sat Dec 10 2011 - 04:15:27 CST)
Call for Papers -YSTS 6 - Security Conference, Brazil Luiz Eduardo (Sat Dec 10 2011 - 10:34:25 CST)
zFTPServer Suite 6.0.0.52 'rmdir' Directory Traversal securityinfoserve.de (Sat Dec 10 2011 - 15:32:05 CST)
[ MDVSA-2011:183 ] pidgin securitymandriva.com (Sat Dec 10 2011 - 18:11:00 CST)
Introduction to R-sequence public key cryptography attack Michal Bucko (Sun Dec 11 2011 - 07:34:15 CST)
OSI Security: Squiz Matrix - User Account Enumeration Troy Rose (Sun Dec 11 2011 - 20:05:09 CST)
WordPress flash-album-gallery Plugin 'flagshow.php' Cross Site Scripting Vulnerability Amiririst.ir (Mon Dec 12 2011 - 07:45:04 CST)
- Re: WordPress flash-album-gallery Plugin 'flagshow.php' Cross Site Scripting Vulnerability Henri Salo (Sun Dec 18 2011 - 07:53:26 CST)
Secunia Research: Winamp AVI Parsing Two Integer Overflow Vulnerabilities Secunia Research (Mon Dec 12 2011 - 07:50:26 CST)
[ MDVSA-2011:184 ] krb5 securitymandriva.com (Mon Dec 12 2011 - 08:59:02 CST)
Re: [Full-disclosure] silly PoCs continue: X-Frame-Options give you less than expected Michal Zalewski (Sat Dec 10 2011 - 20:05:12 CST)
[ MDVSA-2011:185 ] libcap securitymandriva.com (Mon Dec 12 2011 - 10:34:01 CST)
[ MDVSA-2011:186 ] nfs-utils securitymandriva.com (Mon Dec 12 2011 - 15:16:00 CST)
ESA-2011-036: RSA, The Security Division of EMC, announces the release of a Security Fix for RSA(r) Adaptive Authentication (On-Premise) Security_Alertemc.com (Mon Dec 12 2011 - 16:09:17 CST)
Wordpress the-welcomizer plugin Cross-Site Scripting Vulnerabilities Amiririst.ir (Tue Dec 13 2011 - 04:14:14 CST)
Secunia Research: Sterling Trader Data Processing Buffer Overflow Vulnerability Secunia Research (Tue Dec 13 2011 - 05:56:28 CST)
ZDI-11-346 : Microsoft Office 2007 Office Art Shape Record Hierarchy Parsing Remote Code Execution Vulnerability ZDI Disclosures (Tue Dec 13 2011 - 15:39:30 CST)
ZDI-11-347 : Microsoft Office Word Hidden Border Remote Code Execution Vulnerability ZDI Disclosures (Tue Dec 13 2011 - 15:40:48 CST)
ZDI-11-348 : HP OpenView NNM nnmRptConfig.exe nameParams Remote Code Execution Vulnerability ZDI Disclosures (Tue Dec 13 2011 - 15:41:43 CST)
Re: WikkaWiki <= 1.3.2 Multiple Security Vulnerabilities brianwikkawiki.org (Tue Dec 13 2011 - 20:53:40 CST)
- Re: Re: WikkaWiki <= 1.3.2 Multiple Security Vulnerabilities n0b0d13sgmail.com (Wed Dec 14 2011 - 10:16:32 CST)
Citrix Receiver, XenDesktop "Pass-the-hash" Attack vtek63gmail.com (Tue Dec 13 2011 - 21:04:50 CST)
Multiple vulnerabilities in Browser CRM advisoryhtbridge.ch (Wed Dec 14 2011 - 07:46:30 CST)
Re: Wordpress skysa-official plugin Cross-Site Scripting Vulnerabilities supportskysa.com (Tue Dec 13 2011 - 20:38:52 CST)
Re:Re: Introduction to R-sequence public key cryptography attack Michal Bucko (Mon Dec 12 2011 - 12:45:26 CST)
[MATTA-2011-003] Restorepoint Remote root command execution vulnerability - CVE-2011-4201 CVE-2011-4202 Tavaris Desamito (Mon Dec 12 2011 - 13:49:20 CST)
0A29-11-3 : Cross-Site Scripting vulnerabilities in Nagios XI < 2011R1.9 0a29 40 (Wed Dec 14 2011 - 12:21:07 CST)
0A29-11-4 : Privilege escalation vulnerabilities in Nagios XI installer < 2011R1.9 0a29 40 (Wed Dec 14 2011 - 12:22:12 CST)
PHP-SCMS 1.6.8 "lang" parameter XSS vulnerability sschurtzt-online.de (Wed Dec 14 2011 - 12:48:48 CST)
ESA-2011-039: RSA(r), The Security Division of EMC, announces security fixes and improvements for RSASecurID(r) Software Token 4.1 for Microsoft(r)Windows(r) Security_Alertemc.com (Wed Dec 14 2011 - 13:05:38 CST)
- Re: ESA-2011-039: RSA(r), The Security Division of EMC, announces security fixes and improvements for RSASecurID(r) Software Token 4.1 for Microsoft(r)Windows(r) security_alertemc.com (Tue Dec 20 2011 - 13:07:14 CST)
HTML 5 Security Report Ivan Buetler (Wed Dec 14 2011 - 02:39:16 CST)
NGS00138 Patch Notification: Websense Triton 7.6 - Authentication bypass in report management UI ResearchNGSSecure (Thu Dec 15 2011 - 03:03:56 CST)
[ MDVSA-2011:187 ] php-pear securitymandriva.com (Thu Dec 15 2011 - 11:01:00 CST)
NGS00137 Patch Notification: Websense Triton 7.6 - Reflected XSS in report management UI ResearchNGSSecure (Thu Dec 15 2011 - 03:05:29 CST)
NGS00140 Patch Notification: Websense Triton 7.6 - Unauthenticated remote command execution as SYSTEM ResearchNGSSecure (Thu Dec 15 2011 - 03:06:36 CST)
NGS00141 Patch Notification: Websense Triton 7.6 - Stored XSS in report management UI ResearchNGSSecure (Thu Dec 15 2011 - 03:07:44 CST)
[RT-SA-2011-005] Owl Intranet Engine: Authentication Bypass RedTeam Pentesting GmbH (Thu Dec 15 2011 - 04:22:25 CST)
[RT-SA-2011-006] Owl Intranet Engine: Information Disclosure and Unsalted Password Hashes RedTeam Pentesting GmbH (Thu Dec 15 2011 - 04:24:09 CST)
New IETF I-D on "Stable Privacy Addresses" Fernando Gont (Thu Dec 15 2011 - 07:00:09 CST)
New IETF I-Ds on Fragmentation-related security issues Fernando Gont (Thu Dec 15 2011 - 08:45:17 CST)
Seotoaster SQL-Injection Admin Login Bypass securityinfoserve.de (Thu Dec 15 2011 - 12:19:36 CST)
[ MDVSA-2011:188 ] libxml2 securitymandriva.com (Thu Dec 15 2011 - 13:26:01 CST)
<BASE> tag used for hijacking external resources (XSS) Bouke van Laethem (Thu Dec 15 2011 - 16:53:26 CST)
- Re: <BASE> tag used for hijacking external resources (XSS) Jann Horn (Fri Dec 16 2011 - 10:20:46 CST)
- Re: <BASE> tag used for hijacking external resources (XSS) Mario Vilas (Fri Dec 16 2011 - 15:12:10 CST)
- Re: <BASE> tag used for hijacking external resources (XSS) Bouke van Laethem (Fri Dec 16 2011 - 15:44:05 CST)
- Re: <BASE> tag used for hijacking external resources (XSS) Mario Vilas (Fri Dec 16 2011 - 16:27:47 CST)
- Re: <BASE> tag used for hijacking external resources (XSS) Bouke van Laethem (Fri Dec 16 2011 - 18:10:47 CST)
- Re: <BASE> tag used for hijacking external resources (XSS) Mario Vilas (Sat Dec 17 2011 - 04:02:54 CST)
[security bulletin] HPSBUX02719 SSRT100658 rev.3 - HP-UX Running BIND, Remote Denial of Service (DoS) security-alerthp.com (Thu Dec 15 2011 - 18:18:40 CST)
[security bulletin] HPSBUX02729 SSRT100687 rev.2 - HP-UX Running BIND, Remote Denial of Service (DoS) security-alerthp.com (Thu Dec 15 2011 - 18:19:44 CST)
[ MDVSA-2011:189 ] jasper securitymandriva.com (Fri Dec 16 2011 - 07:44:00 CST)
silly PoCs continue: X-Frame-Options give you less than expected Michal Zalewski (Fri Dec 16 2011 - 13:21:49 CST)
VUPEN Security Research - Microsoft Windows Time Behaviour Remote Use-after-free Vulnerability (MS11-090) VUPEN Security Research (Fri Dec 16 2011 - 11:10:49 CST)
VUPEN Security Research - Microsoft Windows Media Player DVR-MS Buffer Overflow Vulnerability (MS11-092) VUPEN Security Research (Fri Dec 16 2011 - 10:57:42 CST)
VUPEN Security Research - Adobe Flash Player "SAlign" Memory Corruption Vulnerability (CVE-2011-2459) VUPEN Security Research (Fri Dec 16 2011 - 10:34:06 CST)
VUPEN Security Research - Microsoft Windows "datime.dll" Remote Code Execution Vulnerability (MS11-090) VUPEN Security Research (Fri Dec 16 2011 - 11:07:30 CST)
[SECURITY] [DSA 2363-1] tor security update Moritz Muehlenhoff (Fri Dec 16 2011 - 12:15:09 CST)
Re: RFI in JAF CMS Henri Salo (Sun Dec 18 2011 - 06:33:55 CST)
[SECURITY] [DSA 2364-1] xorg security update Moritz Muehlenhoff (Sun Dec 18 2011 - 13:46:51 CST)
[Suspected Spam] Content Papst CMS v2011.2 - Multiple Web Vulnerabilities researchvulnerability-lab.com (Sun Dec 18 2011 - 12:51:02 CST)
appRain CMF v0.1.5 - Multiple Web Vulnerabilities researchvulnerability-lab.com (Sun Dec 18 2011 - 12:56:26 CST)
SASHA v0.2.0 Mutiple XSS tom (Sun Dec 18 2011 - 13:08:19 CST)
- Re: SASHA v0.2.0 Mutiple XSS Henri Salo (Mon Dec 19 2011 - 16:51:04 CST)
PHP Booking Calendar 10e XSS tom (Sun Dec 18 2011 - 14:15:36 CST)
[SECURITY] [DSA 2365-1] dtc security update Moritz Muehlenhoff (Sun Dec 18 2011 - 14:31:53 CST)
IFIP NTMS'2012 - Deadline Extended to 12 January 2012 publicityntms-conf.org (Sun Dec 18 2011 - 16:09:40 CST)
[ MDVSA-2011:190 ] libarchive securitymandriva.com (Sun Dec 18 2011 - 13:38:00 CST)
[ MDVSA-2011:191 ] libarchive securitymandriva.com (Mon Dec 19 2011 - 02:01:55 CST)
SEC Consult SA-20111219-0 :: Client-side remote arbitrary file upload in SecCommerce SecSigner Java Applet SEC Consult Vulnerability Lab (Mon Dec 19 2011 - 06:42:24 CST)
SEC Consult SA-20111219-1 :: Multiple vulnerabilities in WhatsApp SEC Consult Vulnerability Lab (Mon Dec 19 2011 - 06:46:16 CST)
Novell Sentinel Log Manager <=1.2.0.1 Path Traversal Andrea Fabrizi (Sun Dec 18 2011 - 09:25:14 CST)
Syhunt: Time-Based Blind NoSQL Injection Felipe M. Aragon (Mon Dec 19 2011 - 11:51:12 CST)
[SECURITY] [DSA 2366-1] mediawiki security update Jonathan Wiltshire (Mon Dec 19 2011 - 11:31:48 CST)
Slides of our "Hacking IPv6 Networks" training at DEEPSEC 2011 Fernando Gont (Mon Dec 19 2011 - 13:12:22 CST)
[SECURITY] [DSA 2367-1] asterisk security update Moritz Muehlenhoff (Mon Dec 19 2011 - 12:07:53 CST)
ZDI-11-350 : Enterasys NetSight nssyslogd PRI Remote Code Execution Vulnerability ZDI Disclosures (Mon Dec 19 2011 - 15:01:43 CST)
[security bulletin] HPSBUX02697 SSRT100591 rev.1 - HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities security-alerthp.com (Mon Dec 19 2011 - 15:30:42 CST)
Multiple vulnerabilities in PHPShop CMS Free advisoryhtbridge.ch (Tue Dec 20 2011 - 06:41:07 CST)
Tiki Wiki CMS Groupware Stored Cross-Site-Scripting securityinfoserve.de (Tue Dec 20 2011 - 08:21:24 CST)
TWSL2011-018: Authentication Bypass Vulnerability in IBM TS3100/TS3200 Web User Interface Trustwave Advisories (Tue Dec 20 2011 - 16:17:56 CST)
post-XSS landscape Michal Zalewski (Tue Dec 20 2011 - 17:43:03 CST)
[SECURITY] [DSA 2381-] lighttpd security update Nico Golde (Tue Dec 20 2011 - 18:02:46 CST)
[SECURITY] [DSA 2368-1] lighttpd security update Nico Golde (Tue Dec 20 2011 - 18:24:51 CST)
RE: RFI in JAF CMS Frédéric BOURLA (Wed Dec 21 2011 - 03:20:49 CST)
Multiple vulnerabilities in OBM advisoryhtbridge.ch (Wed Dec 21 2011 - 07:31:46 CST)
Multiple vulnerabilities in epesi BIM advisoryhtbridge.ch (Wed Dec 21 2011 - 07:31:58 CST)
[SECURITY] [DSA 2369-1] libsoup2.4 security update Nico Golde (Wed Dec 21 2011 - 16:55:44 CST)
[SECURITY] [DSA 2370-1] unbound security update Florian Weimer (Thu Dec 22 2011 - 12:54:39 CST)
Exploit for Asterisk Security Advisory AST-2011-013 Ben Williams (Thu Dec 22 2011 - 03:01:41 CST)
[MATTA-2011-001] pfSense x509 Insecure Certificate Creation Florent Daigniere (Thu Dec 22 2011 - 04:51:09 CST)
ZDI-11-351 : WellinTech KingView HistoryServer.exe Opcode 3 Parsing Remote Code Execution Vulnerability ZDI Disclosures (Thu Dec 22 2011 - 10:30:36 CST)
ZDI-11-352 : HP Managed Printing Administration jobAcct Multiple Vulnerabilities ZDI Disclosures (Thu Dec 22 2011 - 10:32:05 CST)
ZDI-11-353 : HP Managed Printing Administration MPAUploader.dll Remote Code Execution Vulnerability ZDI Disclosures (Thu Dec 22 2011 - 10:33:21 CST)
ZDI-11-354 : HP Managed Printing Administration jobDelivery Multiple Vulnerabilities ZDI Disclosures (Thu Dec 22 2011 - 10:36:05 CST)
TWSL2011-019: Cross-Site Scripting Vulnerability in phpMyAdmin Trustwave Advisories (Thu Dec 22 2011 - 15:28:50 CST)
Tiki Wiki CMS Groupware <= 8.2 (snarf_ajax.php) Remote PHP Code Injection n0b0d13sgmail.com (Fri Dec 23 2011 - 07:37:21 CST)
Xmas 2011 Security Puzzle Ivan Buetler (Fri Dec 23 2011 - 09:31:45 CST)
FreeBSD Security Advisory FreeBSD-SA-11:06.bind FreeBSD Security Advisories (Fri Dec 23 2011 - 09:36:33 CST)
FreeBSD Security Advisory FreeBSD-SA-11:07.chroot FreeBSD Security Advisories (Fri Dec 23 2011 - 09:36:38 CST)
FreeBSD Security Advisory FreeBSD-SA-11:08.telnetd FreeBSD Security Advisories (Fri Dec 23 2011 - 09:36:42 CST)
FreeBSD Security Advisory FreeBSD-SA-11:09.pam_ssh FreeBSD Security Advisories (Fri Dec 23 2011 - 09:36:49 CST)
FreeBSD Security Advisory FreeBSD-SA-11:10.pam FreeBSD Security Advisories (Fri Dec 23 2011 - 09:36:57 CST)
Merry Christmas from the FreeBSD Security Team FreeBSD Security Officer (Fri Dec 23 2011 - 09:39:20 CST)
[ MDVSA-2011:192 ] mozilla securitymandriva.com (Fri Dec 23 2011 - 18:45:01 CST)
Lighttpd Proof of Concept code for CVE-2011-4362 pi3itsec.pl (Sat Dec 24 2011 - 17:44:39 CST)
[SECURITY] [DSA 2372-1] heimdal security update Florian Weimer (Sun Dec 25 2011 - 11:14:18 CST)
[SECURITY] [DSA 2373-1] inetutils security update Florian Weimer (Sun Dec 25 2011 - 11:15:34 CST)
[SECURITY] [DSA 2374-1] openswan security update Moritz Muehlenhoff (Mon Dec 26 2011 - 06:33:24 CST)
[SECURITY] [DSA 2375-1] krb5. krb5-appl security update Florian Weimer (Mon Dec 26 2011 - 07:18:10 CST)
MITKRB5-SA-2011-008 buffer overflow in telnetd [CVE-2011-4862] Tom Yu (Mon Dec 26 2011 - 15:14:16 CST)
[ MDVSA-2011:193 ] squid securitymandriva.com (Tue Dec 27 2011 - 07:17:01 CST)
[ MDVSA-2011:194 ] icu securitymandriva.com (Tue Dec 27 2011 - 08:15:01 CST)
[security bulletin] HPSBPI02732 SSRT100435 rev.1 - HP Managed Printing Administration, Remote Execution of Arbitrary Code and Other Vulnerabilities security-alerthp.com (Tue Dec 27 2011 - 15:03:44 CST)
[security bulletin] HPSBPI02728 SSRT100692 rev.2 - Certain HP Printers and HP Digital Senders, Remote Firmware Update Enabled by Default security-alerthp.com (Tue Dec 27 2011 - 15:05:30 CST)
[security bulletin] HPSBMU02731 SSRT100518 rev.1 - HP Database Archiving Software, Remote Execution of Arbitrary Code security-alerthp.com (Tue Dec 27 2011 - 15:09:01 CST)
[ MDVSA-2011:195 ] krb5-appl securitymandriva.com (Wed Dec 28 2011 - 09:02:00 CST)
[ MDVSA-2011:196 ] ipmitool securitymandriva.com (Wed Dec 28 2011 - 09:47:01 CST)
n.runs-SA-2011.004 - web programming languages and platforms - DoS through hash table securitynruns.com (Wed Dec 28 2011 - 07:49:55 CST)
[oCERT-2011-003] multiple implementations denial-of-service via hash algorithm collision Andrea Barisani (Wed Dec 28 2011 - 12:07:30 CST)
Winn Guestbook v2.4.8c Stored XSS tom (Thu Dec 29 2011 - 06:32:45 CST)
Security advisory for Bugzilla 4.2rc1, 4.0.3, 3.6.7 and 3.4.13 LpSolitgmail.com (Thu Dec 29 2011 - 10:36:58 CST)
[SECURITY] [DSA 2376-1] ipmitool security update Thijs Kinkhorst (Fri Dec 30 2011 - 01:26:23 CST)
[SECURITY] [DSA 2263-2] movabletype-opensource security update Thijs Kinkhorst (Fri Dec 30 2011 - 01:52:23 CST)
[ MDVSA-2011:197 ] php securitymandriva.com (Fri Dec 30 2011 - 09:38:01 CST)
SEC Consult SA-20111230-0 :: Critical authentication bypass in Microsoft ASP.NET Forms - CVE-2011-3416 SEC Consult Vulnerability Lab (Fri Dec 30 2011 - 10:07:24 CST)

Last message date: Fri Dec 30 2011 - 12:17:35 CST
Archived on: Fri Dec 30 2011 - 12:17:35 CST

188 messages sorted by: [ author ] [ date ] [ subject ]