[ MDVSA-2009:089 ] opensc

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2009:089 http://www.mandriva.com/security/

Bid 34130 Invalid

Its a non issue. http://code.google.com/p/chromium/issues/detail?id=8863

PHP-agenda = 2.2.5 Remote File Overwriting

*** Salvatore drosophila Fresta *** [+] Application: PHP-agenda [+] Version: = 2.2.5 [+] Website: http://php-agenda.sourceforge.net [+] Bugs: [A] Remote File Overwriting [+] Exploitation: Remote [+] Date: 10 Apr 2009 [+] Discovered by: Salvatore drosophila Fresta [+] Author:

PHP 5.2.9 curl safe_mode open_basedir bypass

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [ PHP 5.2.9 curl safe_mode open_basedir bypass ] Author: Maksymilian Arciemowicz http://SecurityReason.com Date: - - Dis.: 31.12.2008 - - Pub.: 10.04.2009 Original URL: http://securityreason.com/achievement_securityalert/61 - ---

[SECURITY] [DSA 1754-1] New roundup packages fix privilege escalation

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-1754-1 secur...@debian.org http://www.debian.org/security/ Florian Weimer April 09, 2009

Loggix Project 9.4.5 Blind SQL Injection

*** Salvatore drosophila Fresta *** [+] Application: Loggix Project [+] Version: 9.4.5 [+] Website: http://loggix.gotdns.org [+] Bugs: [A] Blind SQL Injection [+] Exploitation: Remote [+] Date: 10 Apr 2009 [+] Discovered by: Salvatore drosophila Fresta [+] Author: Salvatore

Summer Camp Garrotxa 2009 event

== SUMMER CAMP GARROTXA 2009 == -- overview -- Another year again, here comes Summer Camp Garrotxa,

[SECURITY] [DSA 1768-1] New openafs packages potential code execution

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-1768-1 secur...@debian.org http://www.debian.org/security/ Florian Weimer April 10, 2009

[DSECRG-09-036] Chance-i Techno Vision Security System - Directory Traversal File Download

Digital Security Research Group [DSecRG] Advisory #DSECRG-09-036 original advisory: http://dsecrg.com/pages/vul/DSECRG-09-036.html Application:Chance-i DiViS DVR System web-server Versions Affected: 2.0 Vendor URL: http://www.chance-i.com/ Bug:

[ MDVSA-2009:090 ] php

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2009:090 http://www.mandriva.com/security/

Re: Layered Defense Research Advisory: Format String Vulnerability: FortiClient Version 3

FGT have not released MR7-Patch 6. The have released till Patch4 only.Some wrong information

[ GLSA 200904-12 ] Wicd: Information disclosure

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200904-12 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - -

Dynamic Flash Forum 1.0 Beta Multiple Remote Vulnerabilities

*** Salvatore drosophila Fresta *** [+] Application: Dynamic Flash Forum [+] Version: 1.0 Beta [+] Website: http://df2.sourceforge.net/ [+] Bugs: [A] Information Disclosure [B] Authentication Bypass [C] Multiple SQL Injection [+] Exploitation: Remote [+] Date: 09

VMSA-2009-0006 VMware Hosted products and patches for ESX and ESXi resolve a critical security vulnerability

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - VMware Security Advisory Advisory ID: VMSA-2009-0006 Synopsis: VMware Hosted products and patches for ESX and ESXi resolve

Opening Intranets to attack by using Internet Explorer [paper]

Hi Just released a new paper I guess it will be very interesting for list members. http://nomoreroot.blogspot.com/2009/04/opening-intranets-to-attacks-by-using.html I will be glad to hear your feedback. Enjoy. Cesar.