bugtraq  

Messages by Date

• 2012/02/10 [ MDVSA-2012:016 ] glpi security
• 2012/02/10 CubeCart 3.0.20 (3.0.x) and lower | Open URL Redirection Vulnerability YGN Ethical Hacker Group
• 2012/02/10 Kloxo LxCenter Server CP v6.1.10 - Multiple Web Vulnerabilities resea...@vulnerability-lab.com
• 2012/02/10 Dolibarr CMS v3.2.0 Alpha - SQL Injection Vulnerabilities resea...@vulnerability-lab.com
• 2012/02/10 OnxShop CMS v1.5.0 - Multiple Web Vulnerabilities resea...@vulnerability-lab.com
• 2012/02/10 Dolibarr CMS v3.2.0 Alpha - File Include Vulnerabilities resea...@vulnerability-lab.com
• 2012/02/09 [Suspected Spam] eFront Community++ v3.6.10 - Multiple Web Vulnerabilities resea...@vulnerability-lab.com
• 2012/02/09 [SECURITY] CVE-2011-4367 Apache MyFaces information disclosure vulnerability Leonardo Uribe
• 2012/02/09 [ MDVSA-2012:015 ] wireshark security
• 2012/02/09 [SECURITY] [DSA 2407-1] cvs security update Florian Weimer
• 2012/02/08 ZDI-12-031 : Novell iPrint Server attributes-natural-language Remote Code Execution Vulnerability ZDI Disclosures
• 2012/02/08 ZDI-12-030 : IBM Rational Rhapsody BBFlashBack.Recorder.1 TestCompatibilityRecordMode Remote Code Execution Vulnerability ZDI Disclosures
• 2012/02/08 ZDI-12-029 : IBM Rational Rhapsody BBFlashBack.Recorder.1 InsertMarker Remote Code Execution Vulnerability ZDI Disclosures
• 2012/02/08 ZDI-12-028 : IBM Rational Rhapsody BBFlashBack.FBRecorder.1 Control Multiple Remote Code Execution Vulnerabilities ZDI Disclosures
• 2012/02/08 ZDI-12-027 : IBM SPSS VsVIEW6.ocx ActiveX Control SaveDoc Method Remote Code Execution Vulnerability ZDI Disclosures
• 2012/02/08 ZDI-12-026 : IBM SPSS ExportHTML.dll ActiveX Control Render Method Remote Code Execution Vulnerability ZDI Disclosures
• 2012/02/08 ZDI-12-025 : EMC Networker indexd.exe Opcode 0x01 Parsing Remote Code Execution ZDI Disclosures
• 2012/02/08 ZDI-12-024 : Total Defense Suite UNC Management Web Service uncsp_ViewReportsHomepage SQL Injection Vulnerability ZDI Disclosures
• 2012/02/08 ZDI-12-023 : Total Defense Suite UNC Management Web Service Database Credentials Disclosure Vulnerability ZDI Disclosures
• 2012/02/08 ZDI-12-022 : Total Defense Suite UNC Management Console ExportReport SQL Injection Vulnerability ZDI Disclosures
• 2012/02/08 ZDI-12-021 : Adobe Reader BMP Resource Signedness Remote Code Execution Vulnerability ZDI Disclosures
• 2012/02/08 [security bulletin] HPSBMU02742 SSRT100740 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Unauthorized Disclosure of Information security-alert
• 2012/02/08 Multiple vulnerabilities in ZENphoto advisory
• 2012/02/08 [security bulletin] HPSBUX02741 SSRT100728 rev.1 - HP-UX Apache Running Tomcat Servlet Engine, Remote Denial of Service (DoS), Access Restriction Bypass security-alert
• 2012/02/08 Unauthenticated remote code execution on D-Link ShareCenter products roberto . paleari
• 2012/02/07 eFronts Community++ v3.6.10 - Cross Site Vulnerability resea...@vulnerability-lab.com
• 2012/02/07 [security bulletin] HPSBMU02736 SSRT100699 rev.2 - HP Business Availability Center (BAC) and Business Service Management (BSM), Remote Unauthorized Access to Sensitive Information security-alert
• 2012/02/07 SQL Injection Vulnerability in Batavi 1.1.2 Netsparker Advisories
• 2012/02/07 CVE-2012-0803: Apache CXF does not validate UsernameToken policies correctly Colm O hEigeartaigh
• 2012/02/07 DEF CON 20 Capture the Flag Announcement The Dark Tangent
• 2012/02/07 SimpleGroupware 0.742 Cross-Site-Scripting vulnerability security
• 2012/02/07 [SECURITY] [DSA 2403-2] php5 security update Thijs Kinkhorst
• 2012/02/07 [ MDVSA-2012:014 ] glpi security
• 2012/02/06 Mathopd - Directory Traversal Vulnerability Mateusz Goik
• 2012/02/06 [SECURITY] [DSA 2405-1] apache2 security update Stefan Fritsch
• 2012/02/06 [SECURITY] [DSA 2404-1] xen-qemu-dm-4.0 security update Florian Weimer
• 2012/02/06 [SECURITY] [DSA 2384-2] cacti regression Luk Claes
• 2012/02/03 ESA-2012-010: EMC Documentum xPlore information disclosure vulnerability Security_Alert
• 2012/02/03 RFC 6528 on Defending against Sequence Number Attacks Fernando Gont
• 2012/02/03 [SECURITY] [DSA 2403-1] php5 security update Thijs Kinkhorst
• 2012/02/03 [SECURITY] [DSA 2402-1] iceape security update Moritz Muehlenhoff
• 2012/02/03 [SECURITY] [DSA 2400-1] iceweasel security update Moritz Muehlenhoff
• 2012/02/03 [SECURITY] [DSA 2401-1] tomcat6 security update Moritz Muehlenhoff
• 2012/02/03 [security bulletin] HPSBGN02740 SSRT100741 rev.1 - HP Operations Manager, Operations Agent, Performance Agent, Service Health Reporter, Service Health Optimizer, Performance Manager, Remote Execution of Arbitrary Code security-alert
• 2012/02/02 GLSA (Gentoo Linux Security Advisory) publication changes Alex Legler
• 2012/02/02 [security bulletin] HPSBMU02739 SSRT100280 rev.1 - HP Data Protector Media Operations, Remote Execution of Arbitrary Code security-alert
• 2012/02/02 [CAL-2012-0004] opera array integer overflow Code Audit Labs
• 2012/02/02 Fwd: RA-Guard: Advice on the implementation (feedback requested) Fernando Gont
• 2012/02/02 Call For Paper asemailing
• 2012/02/02 APPLE-SA-2012-02-01-1 OS X Lion v10.7.3 and Security Update 2012-001 Apple Product Security
• 2012/02/02 [ MDVSA-2012:012 ] apache security
• 2012/02/01 XSS phpLDAPadmin: 1.2.0.5 (Debian package) and 1.2.2 (sourceforge) andsarmiento
• 2012/02/01 ESA-2012-009: EMC Documentum Content Server privilege elevation vulnerability Security_Alert
• 2012/02/01 Multiple vulnerabilities in OpenEMR advisory
• 2012/02/01 Security advisory for Bugzilla 4.2rc2, 4.0.4, 3.6.8 and 3.4.14 LpSolit
• 2012/02/01 802.1X password exploit on many HTC Android devices Bret Jordan
• 2012/02/01 [Announce] Apache HTTP Server 2.2.22 Released William A. Rowe Jr.
• 2012/01/31 [SECURITY] [DSA 2399-2] php5 regression fix Thijs Kinkhorst
• 2012/01/31 [SECURITY] [DSA 2399-1] php5 security update Thijs Kinkhorst
• 2012/01/31 VMSA-2012-0001 VMware ESXi and ESX updates to third party library and ESX Service Console VMware Security Team
• 2012/01/31 [security bulletin] HPSBUX02724 SSRT100650 rev.3 - HP-UX Running System Administration Manager (SAM), Local Increase in Privilege security-alert
• 2012/01/31 [security bulletin] HPSBUX02697 SSRT100591 rev.2 - HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities security-alert
• 2012/01/31 [security bulletin] HPSBUX02737 SSRT100747 rev.1 - HP-UX Running OpenSSL, Remote Denial of Service (DoS) security-alert
• 2012/01/31 [security bulletin] HPSBMU02738 SSRT100748 rev.1 - HP Network Automation Running on Linux, Solaris, and Windows, Remote Unauthorized Access security-alert
• 2012/01/31 [SECURITY] [DSA 2398-1] curl security update Moritz Muehlenhoff
• 2012/01/31 ZDI-12-019 : IBM SPSS mraboutb.dll ActiveX Control SetLicenseInfoEx Method Remote Code Execution Vulnerability ZDI Disclosures
• 2012/01/30 Advisory: sudo 1.8 Format String Vulnerability joernchen of Phenoelit
• 2012/01/30 [ GLSA 201201-19 ] Adobe Reader: Multiple vulnerabilities Alex Legler
• 2012/01/30 [ GLSA 201201-18 ] bip: Multiple vulnerabilities Alex Legler
• 2012/01/30 Multiple vulnerabilities in OSClass Filippo Cavallarin
• 2012/01/30 Multiple vulnerabilities in postfixadmin Filippo Cavallarin
• 2012/01/30 Mibew messenger multiple XSS Filippo Cavallarin
• 2012/01/30 [ MDVSA-2012:011 ] openssl security
• 2012/01/30 [SECURITY] [DSA 2397-1] icu security update Moritz Muehlenhoff
• 2012/01/30 FAA US Academy (AFS) - Auth Bypass Vulnerability resea...@vulnerability-lab.com
• 2012/01/30 eBank IT Online Banking - Multiple Web Vulnerabilities resea...@vulnerability-lab.com
• 2012/01/30 [ GLSA 201201-17 ] Chromium: Multiple vulnerabilities Tim Sammut
• 2012/01/30 [ GLSA 201201-16 ] X.Org X Server/X Keyboard Configuration Database: Screen lock bypass Alex Legler
• 2012/01/30 [SECURITY] [DSA 2396-1] qemu-kvm security update Moritz Muehlenhoff
• 2012/01/30 [SECURITY] [DSA 2395-1] wireshark security update Moritz Muehlenhoff
• 2012/01/27 AdaCore Security Advisory SA-2012-L119-003 Hash collisions in AWS Thomas Quinot
• 2012/01/27 [HITB-Announce] Reminder: HITB2012AMS Call For Papers Closing Soon Hafez Kamal
• 2012/01/27 [ GLSA 201201-15 ] ktsuss: Privilege escalation Sean Amoss
• 2012/01/27 [SECURITY] [DSA 2394-1] libxml2 security update Luciano Bello
• 2012/01/26 ESA-2012-007: RSA, The Security Division of EMC, announces security fixes for RSA enVision Security_Alert
• 2012/01/26 ESA-2012-005: EMC NetWorker buffer overflow vulnerability Security_Alert
• 2012/01/26 Cisco Security Advisory: Cisco IronPort Appliances Telnet Remote Code Execution Vulnerability Cisco Systems Product Security Incident Response Team
• 2012/01/25 ZDI-12-018 : Symantec PCAnywhere awhost32 Remote Code Execution Vulnerability ZDI Disclosures
• 2012/01/25 [SECURITY] [DSA-2393-1] bip security update dann frazier
• 2012/01/25 NX Web Companion Spoofing Arbitrary Code Execution Vulnerability otr
• 2012/01/25 D-Link DIR-601 TFTP Directory Traversal Vulnerability robkraus
• 2012/01/25 Multiple vulnerabilities in OSclass advisory
• 2012/01/25 NGS00117 Patch Notification: Symantec PCAnywhere Local Privilege Escalation Research@NGSSecure
• 2012/01/25 NGS00118 Patch Notification: Symantec PCAnywhere Remote Code Execution as SYSTEM Research@NGSSecure
• 2012/01/25 [security bulletin] HPSBUX02729 SSRT100687 rev.3 - HP-UX Running BIND, Remote Denial of Service (DoS) security-alert
• 2012/01/25 [security bulletin] HPSBUX02719 SSRT100658 rev.4 - HP-UX Running BIND, Remote Denial of Service (DoS) security-alert
• 2012/01/25 [security bulletin] HPSBUX02734 SSRT100729 rev.1 - HP-UX Running OpenSSL, Remote Denial of Service (DoS), Unauthorized Access security-alert
• 2012/01/25 [security bulletin] HPSBUX02730 SSRT100710 rev.1 - HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities security-alert
• 2012/01/25 TWSL2012-002: Multiple Vulnerabilities in WordPress Trustwave Advisories
• 2012/01/24 Only 7 Days Left: SANS AppSec 2012 CFP SANS AppSec CFP
• 2012/01/24 NGS00193 Patch Notification: Trend Micro DataArmor and DriveArmor - Restricted Environment breakout, Privilege Escalation and Full Disk Decryption Research@NGSSecure
• 2012/01/24 [ GLSA 201201-14 ] MIT Kerberos 5 Applications: Multiple vulnerabilities Sean Amoss
• 2012/01/23 [ GLSA 201201-13 ] MIT Kerberos 5: Multiple vulnerabilities Sean Amoss
• 2012/01/23 Wordpress Kish Guest Posting Plugin 1.0 (uploadify.php) Unrestricted File Upload Vulnerability n0b0d13s
• 2012/01/23 [ GLSA 201201-12 ] Tor: Multiple vulnerabilities Sean Amoss
• 2012/01/23 SQL injection in Bigware shop software rwenzel
• 2012/01/23 [SECURITY] [DSA 2392-1] openssl security update Florian Weimer
• 2012/01/23 [SECURITY] [DSA 2301-2] rails regression Florian Weimer
• 2012/01/23 DDIVRT-2011-39 SolarWinds Storage Manager Server SQL Injection Authentication Bypass ddivulnalert
• 2012/01/23 [Suspected Spam] Bart`s CMS - SQL Injection Vulnerability resea...@vulnerability-lab.com
• 2012/01/23 Re: pwgen: non-uniform distribution of passwords Solar Designer
• 2012/01/23 AllWebMenus < 1.1.9 WordPress Menu Plugin Arbitrary file upload pavel
• 2012/01/23 [SECURITY] [DSA 2391-1] phpmyadmin security update Thijs Kinkhorst
• 2012/01/23 ZDI-12-017 : Oracle Outside In OOXML Relationship Tag Parsing Remote Code Execution Vulnerability ZDI Disclosures
• 2012/01/20 [ GLSA 201201-04 ] Logsurfer: Arbitrary code execution Sean Amoss
• 2012/01/20 [ MDVSA-2012:010 ] cacti security
• 2012/01/20 DC4420 - London DEFCON - 24 January 2012 Major Malfunction
• 2012/01/20 InfoSec Southwest 2012 Open Registration I)ruid
• 2012/01/20 [Suspected Spam] Barracuda Spam/Virus WAF 600 - Multiple Web Vulnerabilities resea...@vulnerability-lab.com
• 2012/01/20 Webcalendar 1.2.4 'location' XSS tom
• 2012/01/20 appRain CMF <= 0.1.5 (uploadify.php) Unrestricted File Upload Vulnerability n0b0d13s
• 2012/01/20 Re: pwgen: non-uniform distribution of passwords Solar Designer
• 2012/01/19 Advisory 01/2012: Suhosin PHP Extension Transparent Cookie Encryption Stack Buffer Overflow Stefan Esser
• 2012/01/19 Microsoft Anti-XSS Library Bypass (MS12-007) adic
• 2012/01/19 [security bulletin] HPSBMU02736 SSRT100699 rev.1 - HP Business Availability Center (BAC) and Business Service Management (BSM), Remote Unauthorized Access to Sensitive Information security-alert
• 2012/01/18 Xpra memory disclosure Antoine Martin
• 2012/01/18 Drupal CKEditor 3.0 - 3.6.2 - Persistent EventHandler XSS InterN0T Advisories
• 2012/01/18 Cisco Security Advisory: Cisco IP Video Phone E20 Default Root Account Cisco Systems Product Security Incident Response Team
• 2012/01/18 Cisco Security Advisory: Cisco Digital Media Manager Privilege Escalation Vulnerability Cisco Systems Product Security Incident Response Team
• 2012/01/18 [ MDVSA-2012:009 ] perl security
• 2012/01/18 [ MDVSA-2012:008 ] perl security
• 2012/01/18 XSS in OneOrZero AIMS advisory
• 2012/01/18 Reflection Scan: an Off-Path Attack on TCP Jan Wrobel
• 2012/01/18 Re: pwgen: non-uniform distribution of passwords Solar Designer
• 2012/01/17 ESA-2012-003: EMC SourceOne Web Search Sensitive Information Disclosure Vulnerability. Security_Alert
• 2012/01/17 pwgen: non-uniform distribution of passwords Solar Designer
• 2012/01/17 [SECURITY] CVE-2012-0022 Apache Tomcat Denial of Service Mark Thomas
• 2012/01/17 [SECURITY] CVE-2011-3375 Apache Tomcat Information disclosure Mark Thomas
• 2012/01/17 Re: p0f3 release candidate Michal Zalewski
• 2012/01/16 [ MDVSA-2012:007 ] openssl security
• 2012/01/16 [ MDVSA-2012:006 ] openssl security
• 2012/01/16 [ MDVSA-2012:005 ] libxml2 security
• 2012/01/16 Re: Multiple XSS in KnowledgeTree Community Edition advisory
• 2012/01/16 [Announcement] ClubHack Mag - Call for Articles abhijeet
• 2012/01/16 (CFP) LACSEC 2012: 7th Network Security Event for Latin America and the Caribbean Fernando Gont
• 2012/01/16 Beehive Forum 101 Multiple XSS vulnerabilities sschurtz
• 2012/01/16 phpVideoPro Multiple XSS vulnerabilities sschurtz
• 2012/01/16 Family Connections 2.7.2 Multiple XSS tom
• 2012/01/16 Re: Multiple XSS in KnowledgeTree Community Edition Henri Salo
• 2012/01/16 First-hop security in IPv6 Fernando Gont
• 2012/01/16 [Announcement] ClubHack Mag Issue 24-Jan 2012 Released abhijeet
• 2012/01/16 [SECURITY] [DSA 2389-1] linux-2.6 security update dann frazier
• 2012/01/16 [SECURITY] [DSA 2390-1] openssl security update Florian Weimer
• 2012/01/16 [SECURITY] [DSA 2388-1] t1lib security update Yves-Alexis Perez
• 2012/01/16 ATutor 2.0.3 Multiple XSS vulnerabilities sschurtz
• 2012/01/16 BoltWire 3.4.16 Multiple XSS vulnerabilities sschurtz
• 2012/01/16 PHP 5.3.8 Multiple vulnerabilities cxib
• 2012/01/16 [security bulletin] HPSBST02735 SSRT100516 rev.1 - HP StorageWorks Modular Smart Array P2000 G3, Remote Execution of Arbitrary Code security-alert
• 2012/01/13 ME020567: MailEnable webmail cross-site scripting vulnerability CVE-2012-0389 Henri Salo
• 2012/01/12 ZDI-12-016 : (0Day) HP Diagnostics Server magentservice.exe Remote Code Execution Vulnerability ZDI Disclosures
• 2012/01/12 ZDI-12-015 : (0Day) HP StorageWorks P2000 G3 Directory Traversal and Default Account Vulnerabilities ZDI Disclosures
• 2012/01/12 ZDI-12-014 : HP Easy Printer Care XMLSimpleAccessor Class ActiveX Control Remote Code Execution Vulnerability ZDI Disclosures
• 2012/01/12 ZDI-12-013 : HP Easy Printer Care XMLCacheMgr Class ActiveX Control Remote Code Execution Vulnerability ZDI Disclosures
• 2012/01/12 ZDI-12-012 : (0Day) McAfee SaaS myCIOScn.dll ShowReport Method Remote Command Execution ZDI Disclosures
• 2012/01/12 [ MDVSA-2012:004 ] t1lib security
• 2012/01/12 SafeSEH+SEHOP all-at-once bypass explotation method principles geinblues
• 2012/01/12 Revised IETF I-D: IPv6 Neighbor Discovery, SEND, and IPv6 Fragmentation Fernando Gont
• 2012/01/12 AthCon 2012 CFP is now OPEN! Christian Papathanasiou
• 2012/01/12 Office arbitrary ClickOnce application execution vulnerability Akita Software Security
• 2012/01/12 GreenBrowser iframe content Double Free Vulnerability vuln
• 2012/01/12 [security bulletin] HPSBPI02698 SSRT100404 rev.2 - HP Easy Printer Care Software Running on Windows, Remote Execution of Arbitrary Code security-alert
• 2012/01/12 [SECURITY] [DSA 2386-1] openttd security update Luk Claes
• 2012/01/11 [SECURITY] [DSA 2387-1] simplesamlphp security update Thijs Kinkhorst
• 2012/01/11 Secunia Research: NTR ActiveX Control "StopModule()" Input Validation Vulnerability Secunia Research
• 2012/01/11 Secunia Research: NTR ActiveX Control Four Buffer Overflow Vulnerabilities Secunia Research
• 2012/01/11 [PT-2011-04] Cross-Site Scripting in Kayako Support Suite noreply
• 2012/01/11 [PT-2011-03] Information disclosure in Kayako Support Suite noreply
• 2012/01/11 [PT-2011-03] Information disclosure in Kayako Support Suite noreply
• 2012/01/11 Multiple XSS in KnowledgeTree Community Edition advisory
• 2012/01/11 [PT-2011-02] PHP code Injection in Kayako Support Suite noreply
• 2012/01/11 [PT-2011-01] Cross-Site Scripting in Kayako Support Suite noreply
• 2012/01/11 VUPEN Security Research - Adobe Acrobat and Reader Image Processing Integer Overflow (APSB12-01) VUPEN Security Research
• 2012/01/11 Multiple Cross-Site-Scripting vulnerabilities in x3cms security
• 2012/01/10 [SECURITY] [DSA 2385-1] pdns security update Florian Weimer
• 2012/01/10 ZDI-12-011 : Novell Netware XNFS caller_name xdrDecodeString Remote Code Execution Vulnerability ZDI Disclosures
• 2012/01/10 ZDI-12-010 : Citrix Provisioning Services Stream Service 0x40020006 Remote Code Execution Vulnerability ZDI Disclosures
• 2012/01/10 ZDI-12-009 : Citrix Provisioning Services Stream Service 0x40020000 Remote Code Execution Vulnerability ZDI Disclosures
• 2012/01/10 ZDI-12-008 : Citrix Provisioning Services streamprocess.exe vDisk Name Parsing Remote Code Execution Vulnerability ZDI Disclosures
• 2012/01/10 [ MDVSA-2012:003 ] apache security
• 2012/01/10 Re: Simple Mail Server - SMTP Authentication Bypass Vulnerability Peter Conrad
• 2012/01/10 p0f3 release candidate Michal Zalewski
• 2012/01/09 AppSec DC 2012 CFP EXTENDED! AppSec DC
• 2012/01/09 Simple Mail Server - SMTP Authentication Bypass Vulnerability demonalex
• 2012/01/09 DDIVRT-2011-37 HP JetDirect Device Page Directory Traversal (CVE-2011-4785) ddivulnalert
• 2012/01/09 Re: [SE-2011-01] Security vulnerabilities in a digital satellite TV platform Security Explorations
• 2012/01/09 [SECURITY] [DSA 2384-1] cacti security update luk
• 2012/01/09 [security bulletin] HPSBPI02733 SSRT100646 rev.1 - Certain HP LaserJet Printers, Remote Unauthorized Access to Files security-alert
• 2012/01/09 [security bulletin] HPSBPI02728 SSRT100692 rev.3 - Certain HP Printers and HP Digital Senders, Remote Firmware Update Enabled by Default security-alert
• 2012/01/09 [SECURITY] [DSA 2383-1] super security update Moritz Muehlenhoff
• 2012/01/09 [ GLSA 201201-03 ] Chromium, V8: Multiple vulnerabilities Tim Sammut

• Earlier messages