Sigma Portal Denial of Service Vulnerability

# # Securitylab.ir # # Application Info: # Name: Sigma Portal # Vendor: http://www.sigma.ir # #

[security bulletin] HPSBST02619 SSRT100281 rev.2 - HP StorageWorks Storage Mirroring, Remote Execution of Arbitrary Code

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02660122 Version: 2 HPSBST02619 SSRT100281 rev.2 - HP StorageWorks Storage Mirroring, Remote Execution of Arbitrary Code NOTICE: The information in this Security Bulletin should be acted upon

Secunia Research: Microsoft Word LFO Parsing Double-Free Vulnerability

== Secunia Research 23/12/2010 - Microsoft Word LFO Parsing Double-Free Vulnerability - == Table of Contents Affected

Asan Portal (IdehPardaz) Multiple Vulnerabilities

# # Securitylab.ir # # Application Info: # Name: Asan Portal # Vendor: http://iptech.ir/default.aspx?id=130

[waraxe-2010-SA#078] - Multiple Vulnerabilities in CruxCMS 3.0.0

[waraxe-2010-SA#078] - Multiple Vulnerabilities in CruxCMS 3.0.0 === Author: Janek Vind waraxe Date: 27. December 2010 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-78.html Affected Software:

[ MDVSA-2010:251-2 ] firefox

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2010:251-2 http://www.mandriva.com/security/

Django admin list filter data extraction / leakage

ADVISORY INFORMATION: Advisory ID: NGENUITY-2010-009 Date discovered: 8.28.2010 Date published: 12.22.2010 SOFTWARE AFFECTED: “Django is a high-level Python Web framework that encourages rapid development and clean, pragmatic design.” [1] The admin interface of the Django web framework can be

[ MDVSA-2010:259 ] pidgin

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2010:259 http://www.mandriva.com/security/

Re: [IMF 2011] 2nd Call - Deadline Extended - Addenunm

Addenum: Merry Christmas to everyone! Ollie -- Oliver Goebelmailto:goe...@cert.uni-stuttgart.de Stabsstelle DV-Sicherheit (RUS-CERT) Tel:+49 711 685 1 CERT Universitaet Stuttgart Tel:+49 711 685 8-3678 / Fax:-3688 Breitscheidstr. 2, 70174 Stuttgart

Pligg XSS and SQL Injection

Credit: Michael Brooks Bug Fix in 1.1.2: http://www.pligg.com/blog/1174/pligg-cms-1-1-2-release/ Special thanks to Eric Heikkinen for patching these quickly. Blind SQL Injection http://host/pligg_1.1.2/search.php?adv=1status= 'and+sleep(9)or+sleep(9)or+1%3D' search=onadvancesearch= Search

[IMF 2011] 2nd Call - Deadline Extended

Dear all, the deadline for the submission of papers to IMF 2011 has been extended. Accepted papers will be published in IEEE Computer Society's Conference Proceedings Series and be available in the IEEE online Digital Library. Please excuse possible cross-postings.

Security Advisory - FlexVision Listener Vulnerability

=[ Tempest Security Intelligence - Advisory #02 / 2010 ]= Information Disclosure Vulnerability in FlexVision Agent Listener - Authors: Victor Ribeiro Hora victor *SPAM* tempest.com.br

Re: XSS vulnerability in ImpressCMS

fixed with version 1.2.4

Social Engine 4.x (Music Plugin) Arbitrary File Upload Vulnerability

### # Exploit Title: Social Engine 4.x (Music Plugin) Arbitrary File Upload # Google Dork: inurl:user/auth/forgot # Date: 22/12/2010 # Author: MyDoom ( Moroccan Hacker ) # Contact: mydoom2...@gmail.com # Software Link: