NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 2012-04

233 messages sorted by: [ date ] [ thread ] [ subject ]

Starting: Wed Apr 04 2012 - 08:38:11 CDT
Ending: Mon Apr 30 2012 - 12:43:40 CDT

Aaron T. Myers
- [CVE-2012-1574] Apache Hadoop user impersonation vulnerability (Thu Apr 05 2012 - 21:35:35 CDT)
ACROS Security Lists
- ACROS Blog: Adobe Reader X (10.1.2) msiexec.exe Planting (Mon Apr 16 2012 - 03:24:57 CDT)
Adam Behnke
- Erronous post concerning Backtrack 5 R2 0day (Thu Apr 12 2012 - 15:51:59 CDT)
- Backtrack 5 R2 priv escalation 0day found in CTF exercise (Wed Apr 11 2012 - 09:49:48 CDT)
advisoryhtbridge.com
- Multiple vulnerabilities in Piwigo (Wed Apr 25 2012 - 05:38:08 CDT)
- Multiple vulnerabilities in Newscoop (Wed Apr 18 2012 - 06:53:40 CDT)
- Multiple XSS vulnerabilities in XOOPS (Wed Apr 18 2012 - 06:52:22 CDT)
- Multiple XSS vulnerabilities in All-in-One Event Calendar Plugin for WordPress (Wed Apr 11 2012 - 04:58:05 CDT)
- Multiple vulnerabilities in osCmax (Wed Apr 04 2012 - 06:37:44 CDT)
Akita Software Security
- .NET Framework EncoderParameter integer overflow vulnerability (Mon Apr 23 2012 - 10:11:52 CDT)
Amiririst.ir
- Wordpress WPsc-MijnPress plugin Cross-Site Scripting Vulnerabilities (Mon Apr 30 2012 - 01:08:13 CDT)
- Wordpress taggator plugin Sql Injection Vulnerabilities (Thu Apr 05 2012 - 08:10:12 CDT)
- vBulletin 4.1.10 Sql Injection Vulnerabilitiy (Wed Apr 04 2012 - 10:50:34 CDT)
Amos Jeffries
- Re: Squid URL Filtering Bypass (Fri Apr 20 2012 - 17:52:18 CDT)
Ange Albertini
- [CVE-2012-2273] Comodo Internet Security <5.10 BSOD (Win7 x64) (Thu Apr 19 2012 - 10:22:36 CDT)
Apple Product Security
- APPLE-SA-2012-04-13-1 Flashback malware removal tool (Fri Apr 13 2012 - 22:21:04 CDT)
- APPLE-SA-2012-04-12-1 Java for OS X 2012-003 and Java for Mac OS X 10.6 Update 8 (Thu Apr 12 2012 - 15:39:31 CDT)
- APPLE-SA-2012-04-03-1 Java for OS X 2012-001 and Java for Mac OS X 10.6 Update 7 (Tue Apr 03 2012 - 15:30:03 CDT)
ariosrandygmail.com
- PHP Volunteer Management (get_messages.php) SQL Injection Vulnerabilities (Sat Apr 28 2012 - 00:48:05 CDT)
Asterisk Security Team
- AST-2012-006: Remote Crash Vulnerability in SIP Channel Driver (Mon Apr 23 2012 - 13:25:34 CDT)
- AST-2012-005: Heap Buffer Overflow in Skinny Channel Driver (Mon Apr 23 2012 - 13:25:29 CDT)
- AST-2012-004: Asterisk Manager User Unauthorized Shell Access (Mon Apr 23 2012 - 13:25:22 CDT)
b.salehaol.com
- Arbor Networks Peakflow SP web interface XSS (Tue Apr 03 2012 - 14:27:33 CDT)
bedefoofus.net
- XSS in Kaseya version 6.2.0.0 web interface (Fri Apr 20 2012 - 10:57:09 CDT)
blaszczakmgmail.com
- CitrusDB 2.4.1 - LFI/SQLi Vulnerability (Sat Apr 07 2012 - 11:00:12 CDT)
cfpruxcon.org.au
- Ruxcon 2012 Call For Papers (Thu Apr 19 2012 - 00:04:06 CDT)
Charles Morris
- Re: [Full-disclosure] We're now paying up to $20, 000 for web vulns in our services (Tue Apr 24 2012 - 10:28:29 CDT)
Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Buffer Overflow Vulnerabilities in the Cisco WebEx Player (Wed Apr 04 2012 - 11:08:11 CDT)
come2waraxeyahoo.com
- [waraxe-2012-SA#086] - Local File Inclusion in Invision Power Board 3.3.0 (Thu Apr 12 2012 - 09:32:45 CDT)
- [waraxe-2012-SA#085] - Reflected XSS in Uploadify Integration Wordpress plugin (Fri Apr 06 2012 - 09:02:50 CDT)
- [waraxe-2012-SA#084] - Multiple Vulnerabilities in OpenCart 1.5.2.1 (Fri Apr 06 2012 - 09:02:03 CDT)
- [waraxe-2012-SA#083] - Multiple Vulnerabilities in Uploadify 2.1.4 (Thu Apr 05 2012 - 12:00:36 CDT)
- [waraxe-2012-SA#082] - File Existence Disclosure in Uploadify 3.0.0 (Thu Apr 05 2012 - 11:59:40 CDT)
Crash
- [DCA-2011-0016] - Tufin SecureTrack Cross Site Script (Wed Apr 04 2012 - 06:55:11 CDT)
CrAzY_CrAcKeRphx1-ss-2-lb.cnet.com
- Total Quality Machines (productdetail.php) SQL Injection Vulnerabilities (Sat Apr 14 2012 - 08:22:57 CDT)
- online newspaper university"newsdesc.php" SQL Injection Vulnerabilities (Wed Apr 11 2012 - 16:29:14 CDT)
- PHPNuke Module's Name Download SQL Injection Vulnerabilities (Thu Apr 05 2012 - 14:58:58 CDT)
ddivulnalertddifrontline.com
- DDIVRT-2012-41 ACTi Web Configurator cgi-bin Directory Traversal (Thu Apr 26 2012 - 12:44:52 CDT)
- DDIVRT-2012-40 PacketVideo TwonkyServer and TwonkyMedia Directory Traversal (Thu Apr 26 2012 - 12:39:56 CDT)
Esteban Martinez Fayo
- OCIPasswordChange API leaks information of password hash (CVE-2012-0511) (Thu Apr 19 2012 - 15:50:53 CDT)
Fermín J. Serna
- CVE-2012-0769, the case of the perfect info leak (Mon Apr 09 2012 - 09:39:17 CDT)
Fernando Gont
- New IETF I-D: Security Implications of IPv6 on IPv4 networks (Tue Apr 24 2012 - 05:22:26 CDT)
- IPv6 host scanning in IPv6 (Fri Apr 20 2012 - 02:01:06 CDT)
- Slides for "Recent Advances in IPv6 Security" at Hackito Ergo Sum 2012 (Sat Apr 14 2012 - 07:36:24 CDT)
- IPv6 stable privacy addresses (Sat Mar 31 2012 - 16:34:39 CDT)
Filip Palian
- Sourcefire Defense Center - multiple vulnerabilities. (Wed Apr 04 2012 - 12:55:07 CDT)
Florent Daigniere
- [MATTA-2012-001] CVE-2012-1301; 0day; Open Proxy vulnerability in Umbraco 4.7 (Thu Apr 05 2012 - 05:11:34 CDT)
Florian Weimer
- [SECURITY] [DSA 2459-1] quagga security update (Thu Apr 26 2012 - 00:56:28 CDT)
- [SECURITY] [DSA 2398-2] curl regression (Sat Mar 31 2012 - 14:38:57 CDT)
- [SECURITY] [DSA 2442-2] openarena regression (Sat Mar 31 2012 - 06:43:12 CDT)
- [SECURITY] [DSA 2445-1] typo3-src security update (Sat Mar 31 2012 - 06:12:27 CDT)
gab.mnunesgmail.com
- Sony Bravia Remote Denial of Service - CVE-2012-2210 (Thu Apr 05 2012 - 07:03:46 CDT)
Gabriel Menezes Nunes
- Re: Squid URL Filtering Bypass (Sat Apr 21 2012 - 09:09:14 CDT)
- Re: Squid URL Filtering Bypass (Wed Apr 18 2012 - 13:57:48 CDT)
- McAfee Web Gateway URL Filtering Bypass (Mon Apr 16 2012 - 17:12:14 CDT)
- Squid URL Filtering Bypass (Mon Apr 16 2012 - 17:11:33 CDT)
h1karitoorcon.org
- ToorCamp 2012: The American Hacker Camp (Wed Apr 25 2012 - 15:16:13 CDT)
Hafez Kamal
- [HITB-Announce] HITB Magazine Issue 008 (now with print edition!) (Mon Apr 23 2012 - 09:19:03 CDT)
Henri Salo
- Re: Wordpress 1-jquery-photo-gallery-slideshow-flash plugin Cross-Site Scripting Vulnerabilities (Tue Apr 17 2012 - 02:25:35 CDT)
- Re: Wordpress featurific-for-wordpress plugin Cross-Site Scripting Vulnerabilities (Tue Apr 17 2012 - 02:21:05 CDT)
- Re: Wordpress advanced-text-widget Plugin Vulnerabilities (Tue Apr 17 2012 - 02:03:26 CDT)
infosysaid.com
- Re: Ilient SysAid v8.5.05 - Multiple Web Vulnerabilities Are Fixed! (Wed Apr 11 2012 - 08:15:46 CDT)
InterN0T Advisories
- Re: Backtrack 5 R2 priv escalation 0day found in CTF exercise (Thu Apr 12 2012 - 15:40:56 CDT)
irancrashgmail.com
- DokuWiki Ver.2012/01/25 CSRF Add User Exploit (Tue Apr 17 2012 - 02:49:11 CDT)
Ivan Buetler
- OWASP 2012 Online Competition with Hacking-Lab (Sun Apr 29 2012 - 14:15:04 CDT)
ivan_terkinyahoo.com
- SQL injection in Wordpress plugin Buddypress (Sat Mar 31 2012 - 12:27:57 CDT)
Jacopo Cappellato
- [CVE-2012-1622] Apache OFBiz information disclosure vulnerability (Sun Apr 15 2012 - 08:34:02 CDT)
- [CVE-2012-1621] Apache OFBiz information disclosure vulnerability (Sun Apr 15 2012 - 08:33:25 CDT)
Jamie Riden
- Re: Erronous post concerning Backtrack 5 R2 0day (Fri Apr 13 2012 - 11:05:31 CDT)
jc
- RuggedCom - Backdoor Accounts in my SCADA network? You don't say... (Mon Apr 23 2012 - 15:25:30 CDT)
Jelmer Kuperus
- Specially crafted webdav request allows reading of local files on liferay 6.0.x (Thu Apr 19 2012 - 16:22:00 CDT)
- Liferay 6.1 can be compromised in its default configuration (Thu Apr 19 2012 - 15:59:12 CDT)
- Specially crafted Json service request allows full control over a Liferay portal instance (Thu Apr 19 2012 - 15:57:36 CDT)
Jesús Olmos
- linux privileged and arbitrary chdir() (fixed at 5.4 cifs release) (Wed Apr 25 2012 - 04:55:20 CDT)
Jim Harrison
- RE: We're now paying up to $20,000 for web vulns in our services (Tue Apr 24 2012 - 09:07:17 CDT)
- RE: McAfee Web Gateway URL Filtering Bypass (Tue Apr 24 2012 - 09:16:28 CDT)
- RE: Squid URL Filtering Bypass (Thu Apr 19 2012 - 15:04:49 CDT)
Jonathan Brossard
- Hackito 2012 Crypto Challenge (Sat Mar 31 2012 - 21:59:46 CDT)
Jonathan Wiltshire
- [SECURITY] [DSA 2448-1] inspircd security update (Mon Apr 09 2012 - 21:34:43 CDT)
Jose Nazario
- Re: Arbor Networks Peakflow SP web interface XSS (Wed Apr 04 2012 - 16:56:14 CDT)
- Re: Arbor Networks Peakflow SP web interface XSS (Wed Apr 04 2012 - 15:49:08 CDT)
Joxean Koret
- Oracle TNS Poison vulnerability is actually a 0day with no patch available (Thu Apr 26 2012 - 02:13:25 CDT)
- The history of a -probably- 13 years old Oracle bug: TNS Poison (Wed Apr 18 2012 - 16:03:00 CDT)
laurenz.albewien.gv.at
- Re: The history of a -probably- 13 years old Oracle bug: TNS Poison (Thu Apr 26 2012 - 07:35:57 CDT)
Lostmongmail.com
- Re: phpMyBible 0.5.1 Mutiple XSS (Mon Apr 23 2012 - 14:07:53 CDT)
LpSolitgmail.com
- Security advisory for Bugzilla 4.2.1, 4.0.6 and 3.6.9 (Wed Apr 18 2012 - 17:36:23 CDT)
Luigi Auriemma
- Vulnerabilities in Samsung TV (remote controller protocol) (Thu Apr 19 2012 - 12:43:10 CDT)
Major Malfunction
- DC4420 - London DEFCON - April meet - Tuesday April 24th 2012 (Fri Apr 20 2012 - 06:34:55 CDT)
Mario Vilas
- Re: Squid URL Filtering Bypass (Thu Apr 19 2012 - 12:02:52 CDT)
Mark Stanislav
- 'Hotel Booking Portal' SQL Injection (CVE-2012-1672) (Wed Apr 04 2012 - 09:16:23 CDT)
- 'phpPaleo' Local File Inclusion (CVE-2012-1671) (Wed Apr 04 2012 - 09:12:01 CDT)
- 'e-ticketing' SQL Injection (CVE-2012-1673) (Wed Apr 04 2012 - 09:15:16 CDT)
Michal Zalewski
- Re: [Full-disclosure] We're now paying up to $20, 000 for web vulns in our services (Tue Apr 24 2012 - 10:44:10 CDT)
- Re: We're now paying up to $20,000 for web vulns in our services (Tue Apr 24 2012 - 10:13:01 CDT)
- FYI: We're now paying up to $20,000 for web vulns in our services (Mon Apr 23 2012 - 14:05:43 CDT)
Moritz Muehlenhoff
- [SECURITY] [DSA 2462-1] imagemagick security update (Sun Apr 29 2012 - 07:01:38 CDT)
- [SECURITY] [DSA 2461-1] spip security update (Thu Apr 26 2012 - 15:41:19 CDT)
- [SECURITY] [DSA 2460-1] asterisk security update (Wed Apr 25 2012 - 11:06:40 CDT)
- [SECURITY] [DSA 2548-1] iceape security update (Tue Apr 24 2012 - 15:56:27 CDT)
- [SECURITY] [DSA 2457-1] iceweasel security update (Tue Apr 24 2012 - 15:35:21 CDT)
- [SECURITY] [DSA 2456-1] dropbear security update (Tue Apr 24 2012 - 15:18:59 CDT)
- [SECURITY] [DSA 2447-1] tiff security update (Wed Apr 04 2012 - 15:00:29 CDT)
- [SECURITY] [DSA 2446-1] libpng security update (Wed Apr 04 2012 - 14:13:41 CDT)
n0b0d13sgmail.com
- WebCalendar <= 1.2.4 Two Security Vulnerabilities (Mon Apr 23 2012 - 14:02:26 CDT)
Netsparker Advisories
- XSS and Blind SQL Injection Vulnerabilities in ExponentCMS (Mon Apr 23 2012 - 05:14:45 CDT)
Nico Golde
- [SECURITY] [DSA 2455-1] typo3-src security update (Fri Apr 20 2012 - 13:05:19 CDT)
- [SECURITY] [DSA 2453-2] gajim regression (Wed Apr 18 2012 - 19:35:37 CDT)
- [SECURITY] [DSA 2453-1] gajim security update (Mon Apr 16 2012 - 00:23:39 CDT)
- [SECURITY] [DSA 2451-1] puppet security update (Thu Apr 12 2012 - 23:52:10 CDT)
- [SECURITY] [DSA 2449-1] sqlalchemy security update (Thu Apr 12 2012 - 00:17:23 CDT)
nospamgmail.it
- McAfee Virtual Technician 6.3.0.1911 MVT.MVTControl.6300 ActiveX Control GetObject() Security Bypass Remote Code Execution Vulnerability (Mon Apr 30 2012 - 08:17:50 CDT)
- Quest Toad for Oracle Explain Plan Display ActiveX Control (QExplain2.dll 6.6.1.1115) Remote File Creation / Overwrite (Thu Apr 05 2012 - 07:19:54 CDT)
- Quest vWorkspace 7.5 Connection Broker Client ActiveX Control (pnllmcli.dll 7.5.304.547) SaveMiniLaunchFile() Method Remote File Creation / Overwrite (Thu Apr 05 2012 - 07:18:46 CDT)
paul.szabosydney.edu.au
- Re: Mathematica8.0.4 on Linux /tmp/MathLink vulnerability (Mon Apr 16 2012 - 15:51:20 CDT)
- Mathematica8.0.4 on Linux /tmp/MathLink vulnerability (Sat Apr 14 2012 - 17:28:34 CDT)
Per Thorsheim
- Passwords^12 : Call for Presentations (Sun Apr 15 2012 - 08:09:08 CDT)
psiinon
- OWASP ZAP 1.4.0 released (Sun Apr 08 2012 - 09:24:35 CDT)
Raphael Geissert
- [SECURITY] [DSA 2454-2] openssl incomplete fix (Tue Apr 24 2012 - 21:03:10 CDT)
- [SECURITY] [DSA 2454-1] openssl security update (Thu Apr 19 2012 - 16:21:20 CDT)
Research
- Pritlog v0.821 CMS - Multiple Web Vulnerabilities (Mon Apr 30 2012 - 02:36:49 CDT)
- C4B XPhone UC Web 4.1.890S R1 - Cross Site Vulnerability (Sat Apr 28 2012 - 22:51:10 CDT)
- Opial CMS v2.0 - Multiple Web Vulnerabilities (Sat Apr 28 2012 - 22:49:20 CDT)
- C4B XPhone UC Web 4.1.890S R1 - Cross Site Vulnerability (Thu Apr 26 2012 - 16:50:41 CDT)
- Car Portal CMS v3.0 - Multiple Web Vulnerabilities (Thu Apr 26 2012 - 16:33:09 CDT)
- DirectAdmin v1.403 - Multiple Cross Site Vulnerabilities (Thu Apr 26 2012 - 16:30:50 CDT)
- DIY CMS v1.0 Poll - Multiple Web Vulnerabilities (Thu Apr 26 2012 - 16:29:16 CDT)
- [Spam] Chengdu Bureau of Commerce - SQL Injection Vulnerability (Sun Apr 22 2012 - 19:17:03 CDT)
- PSFTP v.1.8 Build 921 - Null Pointer (DoS) Vulnerability (Sun Apr 22 2012 - 19:15:20 CDT)
- [Suspected Spam] Havalite CMS v1.0.4 - Multiple Web Vulnerabilities (Sun Apr 22 2012 - 19:13:54 CDT)
- [Suspected Spam] IPhone TreasonSMS - HTML Inject & File Include Vulnerability (Sun Apr 22 2012 - 19:12:11 CDT)
- [Suspected Spam] Cyberoam UTM v10.01.2 build 059 - File Include Vulnerabilities (Sat Apr 14 2012 - 22:22:19 CDT)
- Siche Search v.0.5 Zerboard - Multiple Web Vulnerabilities (Sat Apr 14 2012 - 22:16:24 CDT)
- [Suspected Spam] K-Meleon Browser v1.5.4 - Denial of Service Vulnerability (Fri Apr 13 2012 - 23:27:05 CDT)
- ACC PHP eMail v1.1 - Multiple Web Vulnerabilites (Fri Apr 13 2012 - 11:54:22 CDT)
- Crystal Office Suite v1.43 - Buffer Overflow Vulnerability (Thu Apr 12 2012 - 00:17:45 CDT)
- [Suspected Spam] DHTMLX Suite v.3.0 - Multiple Web Vulnerabilities (Wed Apr 11 2012 - 23:50:04 CDT)
- Netjuke 1.0 RC1 - SQL Injection Vulnerabilities (Wed Apr 11 2012 - 23:52:14 CDT)
- GroupWare epesiBIM CRM 1.2.1 - Multiple Web Vulnerabilities (Tue Apr 10 2012 - 12:02:53 CDT)
- Matterdaddy Market v1.1 - SQL Injection Vulnerabilities (Tue Apr 10 2012 - 12:00:28 CDT)
- [Suspected Spam] Astaro Security Gateway v7.504 - Multiple Web Vulnerabilities (Sat Apr 07 2012 - 22:10:37 CDT)
- [Suspected Spam] Astaro Command Center v2.x - Multiple Web Vulnerabilities (Sat Apr 07 2012 - 22:09:24 CDT)
- CsForum v0.8 - Cross Site Scripting Vulnerability (Sat Apr 07 2012 - 22:07:33 CDT)
- osCmax Shop CMS v2.5.1 - Multiple Web Vulnerabilities (Sat Apr 07 2012 - 22:04:37 CDT)
- idev Game Site CMS v1.0 - Multiple Web Vulnerabilites (Sat Apr 07 2012 - 19:51:05 CDT)
- [Suspected Spam] AnvSoft Any Video Converter 4.3.6 - Multiple Buffer Overflow Vulnerabilities (Sat Apr 07 2012 - 19:49:35 CDT)
- DirectAdmin v1.403 - Cross Site Scripting Vulnerability (Sun Apr 01 2012 - 23:21:02 CDT)
- ME Firewall Analyzer v7.2 - Cross Site Vulnerabilities (Sat Mar 31 2012 - 22:43:35 CDT)
- Flatnux CMS 2011 08.09.2 - Multiple Web Vulnerabilities (Sat Mar 31 2012 - 22:41:48 CDT)
- [Suspected Spam] Astaro Command Center v2.x - Multiple Web Vulnerabilities (Tue Apr 03 2012 - 13:06:03 CDT)
- Landshop v0.9.2 - Multiple Web Vulnerabilities (Fri Mar 30 2012 - 18:52:58 CDT)
ResearchNGSSecure
- NGS00118 Technical Advisory: Symantec pcAnywhere Remote Code Execution as SYSTEM (Mon Apr 30 2012 - 05:33:51 CDT)
- NGS00117 Technical Advisory: Symantec pcAnywhere insecure file permissions local privilege escalation (Mon Apr 30 2012 - 05:24:13 CDT)
- NGS00141 Technical Advisory: Websense Triton 7.6 stored XSS in report management UI (Mon Apr 30 2012 - 05:12:19 CDT)
- NGS00140 Technical Advisory: Websense Triton 7.6 - unauthenticated remote command execution as SYSTEM (Mon Apr 30 2012 - 05:06:11 CDT)
- NGS00138 Technical Advisory: Websense Triton 7.6 - authentication bypass in report management UI (Mon Apr 30 2012 - 04:55:28 CDT)
- NGS00137 Technical Advisory: Websense Triton 7.6 - reflected XSS in report management UI (Mon Apr 30 2012 - 04:43:07 CDT)
- NGS00107 Patch Notification: Oracle Grid Engine sgepasswd Buffer Overflow (Mon Apr 30 2012 - 04:29:32 CDT)
Richard Barrett
- Re: Squid URL Filtering Bypass (Wed Apr 18 2012 - 12:46:09 CDT)
Secunia Research
- Secunia Research: Helix Server SNMP Master Agent Service Two Denial of Service Vulnerabilities (Mon Apr 09 2012 - 02:32:50 CDT)
- Secunia Research: RealNetworks Helix Server Credentials Disclosure Security Issue (Mon Apr 09 2012 - 02:30:02 CDT)
Security Explorations
- [SE-2012-01] Security weakness in Apple Quicktime Java extensions (Thu Apr 12 2012 - 11:24:04 CDT)
- [SE-2012-01] Security vulnerabilities in Java SE (Mon Apr 02 2012 - 11:36:55 CDT)
security-alerthp.com
- [security bulletin] HPSBPV02754 SSRT100803 rev.2 - HP ProCurve 5400 zl Switch, Compact flash card contains trojan malware (Thu Apr 26 2012 - 15:41:49 CDT)
- [security bulletin] HPSBPI02728 SSRT100692 rev.6 - Certain HP Printers and HP Digital Senders, Remote Firmware Update Enabled by Default (Thu Apr 26 2012 - 12:07:16 CDT)
- [security bulletin] HPSBUX02768 SSRT100664 rev.1 - CIFS Server (Samba), Remote Cross Site Request Forgery (CSRF), Denial of Service (DoS) (Mon Apr 23 2012 - 17:57:14 CDT)
- [security bulletin] HPSBMU02764 SSRT100827 rev.2 - HP System Management Homepage (SMH) Running on Linux and Windows, Remote Cross Site Request Forgery (CSRF), Denial of Service (DoS), Execution of Arbitrary Code, Other Vulnerabilities (Fri Apr 20 2012 - 04:09:20 CDT)
- [security bulletin] HPSBUX02761 SSRT100823 rev.1 - HP-UX Running Apache, Remote Denial of Service (DoS), Local Increase of Privilege (Thu Apr 19 2012 - 19:56:57 CDT)
- [security bulletin] HPSBMU02766 SSRT100624 rev.1 - HP Onboard Administrator (OA), Remote Denial of Service (DoS) (Wed Apr 18 2012 - 07:59:03 CDT)
- [security bulletin] HPSBOV02765 SSRT100828 rev.1 - HP OpenVMS, local Denial of Service (DoS) (Tue Apr 17 2012 - 09:42:02 CDT)
- [security bulletin] HPSBOV02762 SSRT100825 rev.1 - HP Secure Web Server (SWS) for OpenVMS running CSWS_JAVA, Remote Denial of Service (DoS), Unauthorized Access, Privilege Escalation, Unauthorized Disclosure of Information, Unauthorized Modification (Tue Apr 17 2012 - 09:41:58 CDT)
- [security bulletin] HPSBOV02763 SSRT100826 rev.1 - HP Secure Web Server (SWS) for OpenVMS running PHP, Remote Denial of Service (DoS), Unauthorized Access, Privilege escalation, Unauthorized Disclosure of Information, Unauthorized Modification (Tue Apr 17 2012 - 09:41:52 CDT)
- [security bulletin] HPSBMU02764 SSRT100827 rev.1 - HP System Management Homepage (SMH) Running on Linux and Windows, Remote Cross Site Request Forgery (CSRF), Denial of Service (DoS), Execution of Arbitrary Code, Other Vulnerabilities (Tue Apr 17 2012 - 08:19:48 CDT)
- [security bulletin] HPSBPV02754 SSRT100803 rev.1 - HP ProCurve 5400 zl Switch, Compact flash card virus (Tue Apr 10 2012 - 15:17:01 CDT)
- [security bulletin] HPSBUX02760 SSRT100805 rev.1 - HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities (Thu Apr 05 2012 - 12:33:21 CDT)
- [security bulletin] HPSBUX02758 SSRT100774 rev.1 - HP-UX running DCE, Remote Denial of Service (DoS) (Thu Apr 05 2012 - 12:32:53 CDT)
- [security bulletin] HPSBUX02757 SSRT100779 rev.2 - HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities (Thu Apr 05 2012 - 12:32:33 CDT)
- [security bulletin] HPSBMU02749 SSRT100793 rev.1 - HP Business Availability Center (BAC) Running on Windows, Remote Cross Site Scripting (XSS) (Wed Apr 04 2012 - 07:39:43 CDT)
- [security bulletin] HPSBMU02753 SSRT100782 rev.1 - HP Business Availability Center (BAC) Running Apache, Remote Execution of Arbitrary Commands, Denial of Service (DoS) (Tue Apr 03 2012 - 08:20:52 CDT)
- [security bulletin] HPSBMU02759 SSRT100817 rev.1 - HP Onboard Administrator (OA), Remote Unauthorized Access, Unauthorized Information Disclosure, Denial of Service (DoS), URL Redirection (Mon Apr 02 2012 - 12:17:27 CDT)
securitymandriva.com
- [ MDVSA-2012:065 ] php (Fri Apr 27 2012 - 05:18:01 CDT)
- [ MDVSA-2012:066 ] mozilla (Fri Apr 27 2012 - 06:40:00 CDT)
- [ MDVSA-2012:064 ] openssl0.9.8 (Tue Apr 24 2012 - 09:03:01 CDT)
- [ MDVSA-2012:063 ] libreoffice (Sat Apr 21 2012 - 10:03:00 CDT)
- [ MDVSA-2012:062 ] openoffice.org (Sat Apr 21 2012 - 09:50:00 CDT)
- [ MDVSA-2012:061 ] raptor (Sat Apr 21 2012 - 09:42:00 CDT)
- [ MDVSA-2012:060 ] openssl (Thu Apr 19 2012 - 12:55:01 CDT)
- [ MDVSA-2012:032-1 ] mozilla (Tue Apr 17 2012 - 13:07:01 CDT)
- [ MDVSA-2012:059 ] python-sqlalchemy (Mon Apr 16 2012 - 07:59:01 CDT)
- [ MDVSA-2012:058 ] curl (Fri Apr 13 2012 - 08:01:01 CDT)
- [ MDVSA-2012:057 ] freetype2 (Thu Apr 12 2012 - 09:05:01 CDT)
- [ MDVSA-2012:056 ] rpm (Thu Apr 12 2012 - 03:25:00 CDT)
- [ MDVSA-2012:055 ] samba (Wed Apr 11 2012 - 07:23:00 CDT)
- [ MDVSA-2012:054 ] libtiff (Thu Apr 05 2012 - 03:16:00 CDT)
- [ MDVSA-2012:053 ] ocsinventory (Wed Apr 04 2012 - 11:14:00 CDT)
- [ MDVSA-2012:052 ] libvorbis (Tue Apr 03 2012 - 09:30:00 CDT)
- [ MDVSA-2012:051 ] libvorbis (Tue Apr 03 2012 - 09:06:01 CDT)
- [ MDVSA-2012:050 ] phpmyadmin (Tue Apr 03 2012 - 04:42:00 CDT)
- [ MDVSA-2012:049 ] nagios (Mon Apr 02 2012 - 10:36:00 CDT)
- [ MDVSA-2012:048 ] mutt (Mon Apr 02 2012 - 09:45:00 CDT)
- [ MDVSA-2012:047 ] freeradius (Mon Apr 02 2012 - 04:28:00 CDT)
- [ MDVSA-2012:046 ] libpng (Mon Apr 02 2012 - 03:19:00 CDT)
Security_Alertemc.com
- ESA-2012-018: EMC Data Protection Advisor Multiple Vulnerabilities (Wed Apr 18 2012 - 15:34:39 CDT)
Shatter
- OCIPasswordChange API leaks information of password hash (CVE-2012-0511) (Thu Apr 19 2012 - 16:13:06 CDT)
- Oracle Enterprise Manager vulnerable to Session fixation (CVE-2012-0528) (Thu Apr 19 2012 - 16:10:29 CDT)
- HTTP Response Splitting in Oracle Enterprise Manager (pageName parameter) (CVE-2012-0527) (Thu Apr 19 2012 - 16:09:02 CDT)
- HTTP Response Splitting in Oracle Enterprise Manager (prevPage parameter) (CVE-2012-0526) (Thu Apr 19 2012 - 16:05:28 CDT)
- SQL Injection in Oracle Enterprise Manager (searchPage web page) (CVE-2012-0525) (Thu Apr 19 2012 - 16:03:51 CDT)
- SQL Injection in Oracle Enterprise Manager (compareWizFirstConfig web page) (CVE-2012-0512) (Thu Apr 19 2012 - 15:58:36 CDT)
- Some failed authentication attempts using OCIPasswordChange API are not recorded (CVE-2012-0511) (Thu Apr 19 2012 - 15:55:32 CDT)
- Incomplete protection of Oracle Database locked accounts (CVE-2012-0510) (Thu Apr 19 2012 - 15:40:37 CDT)
- TeamSHATTER Security Advisory: Privilege escalation via internal sql injection in RESTORE DATABASE command (Wed Apr 11 2012 - 14:30:04 CDT)
Stefan Fritsch
- [SECURITY] [DSA 2452-1] apache2 security update (Sun Apr 15 2012 - 16:46:54 CDT)
sumanjgmail.com
- Android information leak (Wed Apr 11 2012 - 00:26:30 CDT)
Thijs Kinkhorst
- [SECURITY] [DSA 2450-1] samba security update (Thu Apr 12 2012 - 15:29:01 CDT)
Thomas Richards
- PHP Volunteer Management 'id' 1.0.2 Multiple Vulnerabilities (Thu Apr 26 2012 - 09:45:19 CDT)
- PHP Ticket System Beta 1 'p' SQL Injection (Tue Apr 24 2012 - 11:00:22 CDT)
- ChurchCMS 0.0.1 'admin.php' Multiple SQLi (Mon Apr 23 2012 - 12:11:33 CDT)
- phpMyBible 0.5.1 Mutiple XSS (Sun Apr 22 2012 - 10:08:13 CDT)
- Fwd: PHP Gift Registry 1.5.5 SQL Injection (Mon Apr 16 2012 - 11:54:43 CDT)
Tobias Glemser
- TC-SA-2012-01: Multiple web-vulnerabilities in ownCloud 3.0.0 (Wed Apr 18 2012 - 02:15:54 CDT)
Trustwave Advisories
- TWSL2012-008: Multiple Vulnerabilities in Scrutinizer NetFlow & sFlow Analyzer (Wed Apr 11 2012 - 19:20:57 CDT)
v.hirvegmail.com
- ClubHack Magazine's April 2012 Issue is released. (Tue Apr 17 2012 - 04:00:51 CDT)
Vikram Dhillon
- Re: McAfee Web Gateway URL Filtering Bypass (Sat Apr 21 2012 - 07:40:09 CDT)
- Re: Mathematica8.0.4 on Linux /tmp/MathLink vulnerability (Mon Apr 16 2012 - 13:54:00 CDT)
VMware Security Team
- VMSA-2012-0008 VMware ESX updates to ESX Service Console (Fri Apr 27 2012 - 00:32:47 CDT)
- VMSA-2012-0007 VMware hosted products and ESXi/ESX patches address privilege escalation (Thu Apr 12 2012 - 19:05:33 CDT)
- VMSA-2012-0006 VMware ESXi and ESX address several security issues (Fri Mar 30 2012 - 19:51:16 CDT)
VSR Advisories
- HTC IQRD Android Permission Leakage (CVE-2012-2217) (Sat Apr 21 2012 - 20:16:48 CDT)
VUPEN Security Research
- VUPEN Security Research - Adobe Flash Player NetStream Remote Code Execution Vulnerability (APSB12-07 / CVE-2012-0773) (Thu Apr 19 2012 - 03:33:17 CDT)
- VUPEN Security Research - Microsoft Internet Explorer VML Remote Code Execution (MS12-023 / CVE-2012-0172) (Tue Apr 17 2012 - 11:05:34 CDT)
YGN Ethical Hacker Group
- Acuity CMS 2.6.x <= Cross Site Scripting (Tue Apr 17 2012 - 11:32:39 CDT)
- Joomla! Plugin - Beatz 1.x <= Multiple Cross Site Scripting Vulnerabilities (Sun Apr 15 2012 - 11:39:16 CDT)
- FastPath Webchat | Multiple Cross Site Scripting Vulnerabilities (Sun Apr 15 2012 - 11:34:10 CDT)

Last message date: Mon Apr 30 2012 - 12:43:40 CDT
Archived on: Mon Apr 30 2012 - 12:43:40 CDT

233 messages sorted by: [ date ] [ thread ] [ subject ]