Home page logo
/

314 messages starting Oct 19 09 and ending Oct 29 09
Date index | Thread index | Author index

adam

Xpdf - Integer overflow which causes heap overflow and NULL pointer derefernce. adam (Oct 19)
Adobe Acrobat Reader up to 9.1.1 ONLY Linux integer overflow to heap overflow. adam (Oct 27)

admin

[Sec-Area Advisory]PBBoard <=2.0.2 - XSS in Topic admin (Oct 06)
[Advisory]PBBoard <=2.0.2 Full Path Disclosure admin (Oct 06)

Adrian P.

Corsaire White Paper: Attacking Magstripe Gift Cards Adrian P. (Oct 22)

advisories

vBulletin - Multiple Versions - Cross Site Script Redirection advisories (Oct 08)

Alex Legler

[ GLSA 200910-01 ] Wget: Certificate validation error Alex Legler (Oct 21)
[ GLSA 200910-03 ] Adobe Reader: Multiple vulnerabilities Alex Legler (Oct 26)

Andrea Barisani

[oCERT-2009-014] Android denial-of-service issues Andrea Barisani (Oct 05)
[oCERT-2009-015] KDE multiple issues Andrea Barisani (Oct 28)

Andrea Fabrizi

Docebo Multiple SQL-Injection Vulnerabilities Andrea Fabrizi (Oct 09)
Snitz Forums 2000 Multiple Cross-Site Scripting Vulnerabilities Andrea Fabrizi (Oct 15)
3Com OfficeConnect Firewall/Router multiple remote Vulnerabilities Andrea Fabrizi (Oct 19)
Everfocus EDR1600 remote authentication bypass Andrea Fabrizi (Oct 22)

announcements

WASC Announcement: Announcing the Web Application Security Scanner Evaluation Criteria v1 announcements (Oct 08)
WASC Announcement: 2008 Web Application Security Statistics Published announcements (Oct 16)

Ansgar Wiechers

Re: /proc filesystem allows bypassing directory permissions on Linux Ansgar Wiechers (Oct 26)

Anton Ivanov

Re: /proc filesystem allows bypassing directory permissions on Linux Anton Ivanov (Oct 26)
Re: /proc filesystem allows bypassing directory permissions on Linux Anton Ivanov (Oct 26)
Re: /proc filesystem allows bypassing directory permissions on Linux Anton Ivanov (Oct 26)
Re: /proc filesystem allows bypassing directory permissions on Linux Anton Ivanov (Oct 26)

Arturo 'Buanzo' Busleiman

Re: /proc filesystem allows bypassing directory permissions on Linux Arturo 'Buanzo' Busleiman (Oct 26)

ascii

Jetty 6.x and 7.x Multiple Vulnerabilities ascii (Oct 26)

Asterisk Security Team

AST-2009-007: ACL not respected on SIP INVITE Asterisk Security Team (Oct 26)

Axel Neumann

[CVE-2009-1479] Boxalino - Directory Traversal Vulnerability Axel Neumann (Oct 20)

Bogdan Calin

CubeCart 4 Session Management Bypass Bogdan Calin (Oct 30)

Bonsai - Information Security

[BONSAI] SQL Injection in Achievo Bonsai - Information Security (Oct 13)
[BONSAI] XSS in Achievo - Customized XSS payload included Bonsai - Information Security (Oct 14)

Casper . Dik

Re: /proc filesystem allows bypassing directory permissions on Linux Casper . Dik (Oct 26)

CaT

Re: /proc filesystem allows bypassing directory permissions on Linux CaT (Oct 27)
Re: /proc filesystem allows bypassing directory permissions on Linux CaT (Oct 29)
Re: /proc filesystem allows bypassing directory permissions on Linux CaT (Oct 29)

chris . levny

Re: WinRAR v3.80 - ZIP Filename Spoofing chris . levny (Oct 06)

Cisco Systems Product Security Incident Response Team

Cisco Security Advisory: Cisco Unified Presence Denial of Service Vulnerabilities Cisco Systems Product Security Incident Response Team (Oct 14)

cocoruder

In-depth research on the recent PDF zero-day exploit (CVE-2009-3459) cocoruder (Oct 19)

code

Re: Cross-Site Scripting vulnerability in eCaptcha code (Oct 06)

come2waraxe

[waraxe-2009-SA#075] - Remote File Disclosure in Vivvo CMS 4.1.5.1 come2waraxe (Oct 21)

CORE Security Technologies Advisories

CORE-2009-0812-Hyperic HQ Multiple XSS CORE Security Technologies Advisories (Oct 05)
CORE-2009-0922: Jetty Persistent XSS in Sample Cookies Application CORE Security Technologies Advisories (Oct 06)

Daniel Martin

SharePoint 2007 ASP.NET Source Code Disclosure Daniel Martin (Oct 26)

dann frazier

[SECURITY] [DSA 1915-1] New Linux 2.6.26 packages fix several vulnerabilities dann frazier (Oct 23)

Dan Yefimov

Re: /proc filesystem allows bypassing directory permissions on Linux Dan Yefimov (Oct 23)
Re: /proc filesystem allows bypassing directory permissions on Linux Dan Yefimov (Oct 23)
Re: /proc filesystem allows bypassing directory permissions on Linux Dan Yefimov (Oct 26)
Re: /proc filesystem allows bypassing directory permissions on Linux Dan Yefimov (Oct 26)
Re: /proc filesystem allows bypassing directory permissions on Linux Dan Yefimov (Oct 26)
Re: /proc filesystem allows bypassing directory permissions on Linux Dan Yefimov (Oct 26)
Re: /proc filesystem allows bypassing directory permissions on Linux Dan Yefimov (Oct 26)
Re: /proc filesystem allows bypassing directory permissions on Linux Dan Yefimov (Oct 26)
Re: /proc filesystem allows bypassing directory permissions on Linux Dan Yefimov (Oct 26)
Re: /proc filesystem allows bypassing directory permissions on Linux Dan Yefimov (Oct 26)
Re: /proc filesystem allows bypassing directory permissions on Linux Dan Yefimov (Oct 26)
Re: /proc filesystem allows bypassing directory permissions on Linux Dan Yefimov (Oct 26)
Re: /proc filesystem allows bypassing directory permissions on Linux Dan Yefimov (Oct 26)
Re: /proc filesystem allows bypassing directory permissions on Linux Dan Yefimov (Oct 26)
Re: /proc filesystem allows bypassing directory permissions on Linux Dan Yefimov (Oct 26)
Re: /proc filesystem allows bypassing directory permissions on Linux Dan Yefimov (Oct 27)
Re: /proc filesystem allows bypassing directory permissions on Linux Dan Yefimov (Oct 27)
Re: /proc filesystem allows bypassing directory permissions on Linux Dan Yefimov (Oct 28)
Re: /proc filesystem allows bypassing directory permissions on Linux Dan Yefimov (Oct 29)

Daryl Tester

Re: /proc filesystem allows bypassing directory permissions on Linux Daryl Tester (Oct 26)

Davide Canali

TwonkyMedia Server Multiple Cross-Site Scripting Vulnerabilities Davide Canali (Oct 22)

Dazz . band

BMW 'inventory.php"<= SQL Injection Vulnerability Dazz . band (Oct 08)

Dennis Yurichev

CVE-2009-1979 (Oracle RDBMS) Dennis Yurichev (Oct 30)

Derek Martin

Re: /proc filesystem allows bypassing directory permissions on Linux Derek Martin (Oct 26)
Re: /proc filesystem allows bypassing directory permissions on Linux Derek Martin (Oct 28)

dougtko

Dopewars 1.5.12 Server Denial of Service dougtko (Oct 06)

Dragos Ruiu

CanSecWest 2010 CALL FOR PAPERS (deadline Nov 30, conf. Mar22-26) and PacSec (Nov 4/5) Selections Dragos Ruiu (Oct 17)

dr_ide

Re: Remote buffer overflow in httpdx dr_ide (Oct 09)

DSecRG

[DSECRG-09-017] SAP GUI vsflexGrid ActiveX - Buffer Overflow vulnerability DSecRG (Oct 07)
[DSECRG-09-048] HP LaserJet printers - Multiple Stored XSS vulnerabilities DSecRG (Oct 07)
[DSECRG-09-010] Oracle 10g CTXSYS.DRVXTABC - plsql injection DSecRG (Oct 26)

Florian Weimer

[SECURITY] [DSA 1898-1] New openswan packages fix denial of service Florian Weimer (Oct 02)
[SECURITY] [DSA 1900-1] New PostgreSQL packages fix various problems Florian Weimer (Oct 02)
[SECURITY] [DSA 1899-1] New strongswan packages fix denial of service Florian Weimer (Oct 02)
[SECURITY] [DSA 1895-2] New opensaml2 and shibboleth-sp2 packages fix regression Florian Weimer (Oct 13)

foo

McKesson Horizon Clinical Infrastructure (HCI) version 7.6/7.8/10.0/10.1 hardcoded passwords foo (Oct 19)

FreeBSD Security Advisories

FreeBSD Security Advisory FreeBSD-SA-09:14.devfs FreeBSD Security Advisories (Oct 02)
FreeBSD Security Advisory FreeBSD-SA-09:13.pipe FreeBSD Security Advisories (Oct 02)

Giuseppe Iuculano

[SECURITY] [DSA 1901-1] New mediawiki1.7 packages fix several vulnerabilities Giuseppe Iuculano (Oct 05)
[SECURITY] [DSA 1903-1] New graphicsmagick packages fix several vulnerabilities Giuseppe Iuculano (Oct 07)
[SECURITY] [DSA 1904-1] New wget packages fix SSL certificate verification weakness Giuseppe Iuculano (Oct 09)
[SECURITY] [DSA 1907-1] New kvm packages fix several vulnerabilities Giuseppe Iuculano (Oct 13)
[SECURITY] [DSA 1913-1] New bugzilla packages fix SQL injection Giuseppe Iuculano (Oct 19)
[SECURITY] [DSA 1916-1] New kdelibs packages fix SSL certificate verification weakness Giuseppe Iuculano (Oct 26)
[SECURITY] [DSA 1917-1] New mimetex packages fix several vulnerabilities Giuseppe Iuculano (Oct 26)
[SECURITY] [DSA 1921-1] New expat packages fix denial of service Giuseppe Iuculano (Oct 28)

Glynn Clements

Re: /proc filesystem allows bypassing directory permissions on Linux Glynn Clements (Oct 27)
Re: /proc filesystem allows bypassing directory permissions on Linux Glynn Clements (Oct 29)

hadikiamarsi

Remote File Inclusion In AIOCP hadikiamarsi (Oct 07)

Hubbard, Dan

RE: [Full-disclosure] NSOADV-2009-003: Websense Email Security Cross Site Scripting Hubbard, Dan (Oct 23)

iDefense Labs

iDefense Security Advisory 10.07.09: IBM AIX rpc.cmsd Stack Buffer Overflow Vulnerability iDefense Labs (Oct 07)
iDefense Security Advisory 10.13.09: Adobe Acrobat and Reader U3D File Invalid Array Index Vulnerability iDefense Labs (Oct 13)
iDefense Security Advisory 10.13.09: Adobe Acrobat and Reader Firefox Plugin Use After Free Vulnerability iDefense Labs (Oct 13)
iDefense Security Advisory 10.13.09: Microsoft Windows GDI+ TIFF File Parsing Buffer Overflow Vulnerability iDefense Labs (Oct 13)
iDefense Security Advisory 10.13.09: Microsoft Office Drawing Format Shape Properties Memory Corruption Vulnerability iDefense Labs (Oct 13)
iDefense Security Advisory 10.28.09: Mozilla Firefox GIF Color Map Parsing Buffer Overflow Vulnerability iDefense Labs (Oct 29)

Inferno

Hijacking Opera's Native Page using malicious RSS payloads Inferno (Oct 29)

info

DEDECMS v5.1 Sql Injection Vulnerability info (Oct 13)
phpcms 2008 Remote File Disclosure Vulnerability info (Oct 19)
PHP168 v6.0 rc info (Oct 28)
PSAtr v1.2 Sql Injection info (Oct 30)

Inj3ct0r.com

Vulnerability in Zoiper softphone version 2.22 - Denial Of Service Inj3ct0r.com (Oct 19)

Isara Beaumont

Re: /proc filesystem allows bypassing directory permissions on Linux Isara Beaumont (Oct 26)

Ivan Fratric

Windows GDI+ TIFF memory corruption Ivan Fratric (Oct 14)
Windows Media Audio Voice remote code execution Ivan Fratric (Oct 14)

Ivan Jager

Re: /proc filesystem allows bypassing directory permissions on Linux Ivan Jager (Oct 28)

Jamie Strandboge

[USN-840-1] OpenOffice.org vulnerabilities Jamie Strandboge (Oct 02)
[USN-846-1] ICU vulnerability Jamie Strandboge (Oct 08)
[USN-847-1] Devscripts vulnerability Jamie Strandboge (Oct 09)
[USN-847-2] devscripts vulnerability Jamie Strandboge (Oct 09)
[USN-849-1] libsndfile vulnerabilities Jamie Strandboge (Oct 16)
[USN-851-1] Elinks vulnerabilities Jamie Strandboge (Oct 21)

Jan van Niekerk

com_jumi / jumi 2.0.5 for joomla 1.5 backdoored Jan van Niekerk (Oct 30)

jason

Anonymous Remote Arbitrary Code Execution in Alien Arena 7.30 jason (Oct 21)
HP Quality Centre Weak password Obfuscation jason (Oct 23)

Jerome Athias

FRHACK01 Slides are online Jerome Athias (Oct 06)
Re: FRHACK01 Slides are online Jerome Athias (Oct 07)

Jim Paris

Re: /proc filesystem allows bypassing directory permissions on Linux Jim Paris (Oct 30)
Re: /proc filesystem allows bypassing directory permissions on Linux Jim Paris (Oct 30)

Joel Maslak

Re: /proc filesystem allows bypassing directory permissions on Linux Joel Maslak (Oct 26)

karakorsankara

Novell eDirectory 8.8 SP5 for Windows - Buffer Overflow Vulnerability karakorsankara (Oct 26)

Kees Cook

[USN-841-1] GLib vulnerability Kees Cook (Oct 06)

k g

Call for Papers: Conference on Cyber Conflict, Estonia k g (Oct 22)

Kinzel, David

Re: /proc filesystem allows bypassing directory permissions on Linux Kinzel, David (Oct 27)

Klaus Lichtenwalder

Re: /proc filesystem allows bypassing directory permissions on Linux Klaus Lichtenwalder (Oct 26)

Lists

SafeNet SoftRemote Local Buffer Overflow - Security Advisory - SOS-09-008 Lists (Oct 30)

Lostmon lords

Fwd: Wowd search client multiple variable xss Lostmon lords (Oct 29)

majinboo

squidGuard 1.3 & 1.4 : buffer overflow majinboo (Oct 26)

Major Malfunction

DEFCON London - DC4420 October 2009 Meet - This Thursday 15th Major Malfunction (Oct 14)

Marc Deslauriers

[USN-839-1] Samba vulnerabilities Marc Deslauriers (Oct 01)
[USN-842-1] Wget vulnerability Marc Deslauriers (Oct 06)
[USN-843-1] BackupPC vulnerability Marc Deslauriers (Oct 06)
[USN-844-1] mimeTeX vulnerabilities Marc Deslauriers (Oct 08)
[USN-845-1] Pan vulnerability Marc Deslauriers (Oct 08)
[USN-848-1] Zope vulnerabilities Marc Deslauriers (Oct 14)
[USN-850-1] poppler vulnerabilities Marc Deslauriers (Oct 21)
[USN-850-2] poppler regression Marc Deslauriers (Oct 23)

Marco Verschuur

Re: /proc filesystem allows bypassing directory permissions on Linux Marco Verschuur (Oct 27)
Re: /proc filesystem allows bypassing directory permissions on Linux Marco Verschuur (Oct 28)
Re: /proc filesystem allows bypassing directory permissions on Linux Marco Verschuur (Oct 30)
Re: /proc filesystem allows bypassing directory permissions on Linux Marco Verschuur (Oct 30)
Re: /proc filesystem allows bypassing directory permissions on Linux Marco Verschuur (Oct 30)

mark

DreamPoll 3.1 Vulnerabilities mark (Oct 08)

Martin Rex

Re: /proc filesystem allows bypassing directory permissions on Martin Rex (Oct 29)

Matthew Dempsky

Re: /proc filesystem allows bypassing directory permissions on Linux Matthew Dempsky (Oct 27)
Re: /proc filesystem allows bypassing directory permissions on Linux Matthew Dempsky (Oct 28)

megumi1990

Mariposa Botnet C&C decryption plugin for wireshark megumi1990 (Oct 28)

Michele Orru

[AntiSnatchOr] Pentaho Bi-server multiple vulnerabilities Michele Orru (Oct 14)
[AntiSnatchOr] Eclipse BIRT <= 2.2.1 Reflected XSS Michele Orru (Oct 14)

Moritz Muehlenhoff

[SECURITY] [DSA 1902-1] New elinks packages fix arbitrary code execution Moritz Muehlenhoff (Oct 05)
[SECURITY] [DSA 1922-1] New xulrunner packages fix several vulnerabilities Moritz Muehlenhoff (Oct 29)

mu-b

Re: VMSA-2009-0013 VMware Fusion resolves two security issues mu-b (Oct 02)

Nico Golde

[SECURITY] [DSA 1905-1] New python-django packages fix denial of service Nico Golde (Oct 13)
[SECURITY] [DSA 1908-1] New samba packages fix several vulnerabilities Nico Golde (Oct 14)
[SECURITY] [DSA 1914-1] New mapserver packages fix serveral vulnerabilities Nico Golde (Oct 23)
[SECURITY] [DSA 1923-1] New libhtml-parser-perl packages fix denial of service Nico Golde (Oct 30)

Nicolas A. Economou

turbodiff v1.01 beta released Nicolas A. Economou (Oct 21)

nomail

Re: Re: /proc filesystem allows bypassing directory permissions on Linux nomail (Oct 26)

nospam

google apps googleapps.url.mailto:// uri handler cross-browser remote command execution exploit (IE) nospam (Oct 02)
AOL 9.1 SuperBuddy ActiveX Control SetSuperBuddy() remote code execution exploit nospam (Oct 02)
EMC RepliStor Server (rep_serv.exe) 6.3.1.3 remote denial of service nospam (Oct 20)
South River Technologies WebDrive Service Bad Security Descriptor Local Elevation Of Privileges nospam (Oct 20)
RunCms v.2M1 /modules/forum/post.php - 'forum' remote semi-blind SQL Injection Exploit nospam (Oct 26)

NSFOCUS Security Team

NSFOCUS SA2009-01 : UiTV UiPlayer UiCheck Component Stack Buffer Overflow Vulnerability NSFOCUS Security Team (Oct 16)
NSFOCUS SA2009-02 : IBM DB2 JDBC Applet Server Remote DoS Vulnerability NSFOCUS Security Team (Oct 16)
NSFOCUS SA2009-03 : Windows Kernel Malformed PE File Remote DoS Vulnerability NSFOCUS Security Team (Oct 16)

NSO Research

NSOADV-2009-002: Websense Email Security Web Administrator DoS NSO Research (Oct 20)
NSOADV-2009-003: Websense Email Security Cross Site Scripting NSO Research (Oct 20)

PalmPreHacker

Palm Pre WebOS <=1.1 Remote File Access Vulnerability PalmPreHacker (Oct 05)
Palm Pre WebOS version <= 1.1 Floating Point Exception PalmPreHacker (Oct 13)

pankaj208

Remote buffer overflow in httpdx pankaj208 (Oct 08)
Re: Re: Remote buffer overflow in httpdx pankaj208 (Oct 13)

Pavel Kankovsky

Re: /proc filesystem allows bypassing directory permissions on Linux Pavel Kankovsky (Oct 26)
Re: /proc filesystem allows bypassing directory permissions on Linux Pavel Kankovsky (Oct 26)

Pavel Machek

/proc filesystem allows bypassing directory permissions on Linux Pavel Machek (Oct 23)
Re: /proc filesystem allows bypassing directory permissions on Linux Pavel Machek (Oct 23)
Re: /proc filesystem allows bypassing directory permissions on Linux Pavel Machek (Oct 26)
Re: /proc filesystem allows bypassing directory permissions on Linux Pavel Machek (Oct 26)
Re: /proc filesystem allows bypassing directory permissions on Linux Pavel Machek (Oct 26)
Re: /proc filesystem allows bypassing directory permissions on Linux Pavel Machek (Oct 26)
Re: /proc filesystem allows bypassing directory permissions on Linux Pavel Machek (Oct 26)
Re: /proc filesystem allows bypassing directory permissions on Linux Pavel Machek (Oct 26)
Re: /proc filesystem allows bypassing directory permissions on Linux Pavel Machek (Oct 26)
Re: /proc filesystem allows bypassing directory permissions on Linux Pavel Machek (Oct 26)
Re: /proc filesystem allows bypassing directory permissions on Linux Pavel Machek (Oct 27)
Re: /proc filesystem allows bypassing directory permissions on Linux Pavel Machek (Oct 27)
Re: /proc filesystem allows bypassing directory permissions on Linux Pavel Machek (Oct 29)
Re: /proc filesystem allows bypassing directory permissions on Linux Pavel Machek (Oct 29)
Re: /proc filesystem allows bypassing directory permissions on Linux Pavel Machek (Oct 29)
Re: /proc filesystem allows bypassing directory permissions on Linux Pavel Machek (Oct 29)
Re: /proc filesystem allows bypassing directory permissions on Linux Pavel Machek (Oct 29)
Re: /proc filesystem allows bypassing directory permissions on Pavel Machek (Oct 30)
Re: /proc filesystem allows bypassing directory permissions on Linux Pavel Machek (Oct 30)
Re: /proc filesystem allows bypassing directory permissions on Linux Pavel Machek (Oct 30)

Paweł Łaskarzewski

QuickCart Multiple vlunerabilities Paweł Łaskarzewski (Oct 08)

Pedro Joaquin

2wire Remote Denial of Service Pedro Joaquin (Oct 29)

Protek Research Lab

{PRL} Novell Edirectory 8.8 SP5 XSS Protek Research Lab (Oct 01)
{PRL} Cerberus FTP server 3.0.6 Pre-Auth DoS Protek Research Lab (Oct 01)
{PRL} XLPD 3.0 Remote DoS Protek Research Lab (Oct 07)
{PRL} Eureka Mail client BoF Protek Research Lab (Oct 22)
{PRL} Pegasus Mail client BoF Protek Research Lab (Oct 22)
{PRL} Rising Firewall 2009 Privilege Escalation Protek Research Lab (Oct 27)
{PRL} Rising Antivirus 2009 Privilege Escalation Protek Research Lab (Oct 27)
{PRL} My Remote File Server Privilege Escalation Protek Research Lab (Oct 30)

Przemyslaw Frasunek

FreeBSD 6.4 pipeclose()/knlist_cleardel() race condition exploit Przemyslaw Frasunek (Oct 08)
FreeBSD 7.2 VFS/devfs race condition exploit Przemyslaw Frasunek (Oct 08)

psz

Re: /proc filesystem allows bypassing directory permissions on Linux psz (Oct 26)
Re: /proc filesystem allows bypassing directory permissions on Linux psz (Oct 26)
Re: /proc filesystem allows bypassing directory permissions on Linux psz (Oct 26)
Re: /proc filesystem allows bypassing directory permissions on Linux psz (Oct 27)
Re: /proc filesystem allows bypassing directory permissions on Linux psz (Oct 27)
Re: /proc filesystem allows bypassing directory permissions on Linux psz (Oct 27)
Re: /proc filesystem allows bypassing directory permissions on Linux psz (Oct 28)
Re: /proc filesystem allows bypassing directory permissions on Linux psz (Oct 29)
Re: /proc filesystem allows bypassing directory permissions on Linux psz (Oct 30)

rafa . de . sousa

AlleyCode SEH overflow POC&#8207;&#8207; rafa . de . sousa (Oct 06)
BulletProof FTP Client Buffer Overflow (SEH) rafa . de . sousa (Oct 07)
DWebPro allow an invader to execute any program at server side rafa . de . sousa (Oct 16)

renard-volant

Windows Media Player Plugin: Local File Detection Vulnerability renard-volant (Oct 30)

Robbie Gill

Aruba Networks Advisory ID: AID-102609 - Malformed 802.11 Association Request frame causes Denial of Service condition on an Access Point Robbie Gill (Oct 27)

Roman Medina-Heigl Hernandez

Rooted CON 2010 - CFP Roman Medina-Heigl Hernandez (Oct 01)

Secunia Research

Secunia Research: Microsoft Office BMP Image Colour Handling Integer Overflow Secunia Research (Oct 14)
Secunia Research: Mozilla Firefox Floating Point Memory Allocation Vulnerability Secunia Research (Oct 28)

security

[ MDVSA-2009:178 ] perl-IO-Socket-SSL security (Oct 01)
[ MDVSA-2009:253 ] backuppc security (Oct 01)
[ MDVSA-2009:254 ] graphviz security (Oct 01)
[ MDVSA-2009:255 ] perl-DBD-Pg security (Oct 02)
[ MDVSA-2009:257 ] qemu security (Oct 07)
[ MDVSA-2009:256 ] dbus security (Oct 07)
[ MDVSA-2009:258 ] openssl security (Oct 07)
[ MDVSA-2009:259 ] snort security (Oct 08)
[ MDVSA-2009:217-1 ] mozilla-thunderbird security (Oct 08)
[ MDVSA-2009:217-2 ] mozilla-thunderbird security (Oct 08)
[ MDVSA-2009:261 ] graphicsmagick security (Oct 09)
[ MDVSA-2009:260 ] imagemagick security (Oct 09)
[ MDVSA-2009:262 ] netpbm security (Oct 09)
[ MDVSA-2009:263 ] sympa security (Oct 13)
[ MDVSA-2009:265 ] egroupware security (Oct 13)
[ MDVSA-2009:264 ] gd security (Oct 13)
[ MDVSA-2009:266 ] awstats security (Oct 13)
[ MDVSA-2009:267 ] xmlsec1 security (Oct 13)
[ MDVSA-2009:275 ] python-django security (Oct 13)
[ MDVSA-2009:268 ] mono security (Oct 13)
[ MDVSA-2009:269 ] mono security (Oct 13)
[ MDVSA-2009:271 ] libnasl security (Oct 13)
[ MDVSA-2009:270 ] wireshark security (Oct 13)
[ MDVSA-2009:272 ] libmikmod security (Oct 13)
[ MDVSA-2009:273 ] strongswan security (Oct 13)
[ MDVSA-2009:274 ] phpmyadmin security (Oct 13)
[ MDVSA-2009:276 ] python-django security (Oct 13)
[ MDVSA-2009:277 ] samba security (Oct 14)
[ MDVSA-2009:278 ] compiz-fusion-plugins-main security (Oct 14)
[ MDVSA-2009:279 ] ocaml-mysql security (Oct 16)
n.runs-SA-2009.007 - Adobe Acrobat - Invalid pointer write could lead to arbitrary code execution security (Oct 16)
[ MDVSA-2009:283 ] cups security (Oct 20)
[ MDVSA-2009:281 ] cups security (Oct 20)
[ MDVSA-2009:282 ] cups security (Oct 20)
[ MDVSA-2009:280 ] cups security (Oct 20)
[ MDVSA-2009:284 ] gd security (Oct 20)
[ MDVSA-2009:285 ] php security (Oct 21)
[ MDVSA-2009:286 ] ocaml-camlimages security (Oct 21)
[ MDVSA-2009:287 ] xpdf security (Oct 22)
[ MDVSA-2009:288 ] proftpd security (Oct 26)
[ MDVSA-2009:289 ] kernel security (Oct 28)
[ MDVSA-2009:290 ] firefox security (Oct 29)
[ MDVSA-2009:291 ] jetty5 security (Oct 30)

security-alert

[security bulletin] HPSBUX02421 SSRT090047 rev.2 - HP-UX Running Kerberos, Remote Denial of Service (DoS), Execution of Arbitrary Code security-alert (Oct 05)
[security bulletin] HPSBPI02463 SSRT090061 rev.1 - HP LaserJet Printers, HP Color LaserJet Printers, Remote Cross Site Scripting (XSS) security-alert (Oct 07)
[security bulletin] HPSBUX02465 SSRT090192 rev.1 - HP-UX Running Apache-based Web Server, Remote Denial of Service (DoS) Cross-Site Scripting (XSS) Unauthorized Access security-alert (Oct 23)
[security bulletin] HPSBUX02466 SSRT090192 rev.1 - HP-UX Running Tomcat Servlet Engine, Remote Denial of Service (DoS), Unauthorized Access security-alert (Oct 23)

SpringSource Security Team

CVE-2009-2897: Hyperic HQ - Reflected XSS in stack trace SpringSource Security Team (Oct 05)
CVE-2009-2898: Hyperic HQ - Stored XSS in alerts list SpringSource Security Team (Oct 05)

ss_contacts

Quick Heal Local Privilege Escalation Vulnerability ss_contacts (Oct 13)
Avast! Multiple Vulnerabilities ss_contacts (Oct 22)
Rising Multiple Products Local Privilege Escalation Vulnerability ss_contacts (Oct 27)

Stefan Fritsch

[SECURITY] [DSA-1920-1] New nginx packages fix denial of service Stefan Fritsch (Oct 26)

Steffen Joeris

[SECURITY] [DSA 1906-1] End-of-life announcement for clamav in stable and oldstable Steffen Joeris (Oct 13)
[SECURITY] [DSA 1911-1] New pygresql packages provide secure escaping Steffen Joeris (Oct 15)
[SECURITY] [DSA 1910-1] New mysql-ocaml packages provide secure escaping Steffen Joeris (Oct 15)
[SECURITY] [DSA 1909-1] New postgresql-ocaml packages provide secure escaping Steffen Joeris (Oct 15)
[SECURITY] [DSA 1912-1] New camlimages fix arbitrary code execution Steffen Joeris (Oct 16)
[SECURITY] [DSA 1912-2] New advi packages fix arbitrary code execution Steffen Joeris (Oct 26)

Stephen Harris

Re: /proc filesystem allows bypassing directory permissions on Linux Stephen Harris (Oct 26)

support

Re: Easy Music Player 1.0.0.2 (wav) Universal Local Buffer Exploit support (Oct 16)

Tamber Penketh

Re: /proc filesystem allows bypassing directory permissions on Linux Tamber Penketh (Oct 26)

Tavis Ormandy

Invalid #PF Exception Code in VMware can result in Guest Privilege Escalation Tavis Ormandy (Oct 28)

Thierry Zoller

[G-SEC 46-2009] Computer Associates multiple products arbritary code execution Thierry Zoller (Oct 13)
[G-SEC 47-2009] Symantec generic PDF detection bypass Thierry Zoller (Oct 28)
[G-SEC 49-2009] McAfee generic PDF detection bypass Thierry Zoller (Oct 28)
[G-SEC 48-2009] F-SECURE - Generic PDF detection bypass Thierry Zoller (Oct 28)

Thijs Kinkhorst

[SECURITY] [DSA 1918-1] New phpmyadmin packages fix several vulnerabilities Thijs Kinkhorst (Oct 26)
[SECURITY] [DSA 1919-1] New smarty packages fix several vulnerabilities Thijs Kinkhorst (Oct 26)

THOTCON Announce

THOTCON 0x1 - Call For Papers is Open -> October 1, 2009 THOTCON Announce (Oct 01)

Tobias Heinlein

[ GLSA 200910-02 ] Pidgin: Multiple vulnerabilities Tobias Heinlein (Oct 23)

Tony Finch

Re: /proc filesystem allows bypassing directory permissions on Linux Tony Finch (Oct 26)
Re: /proc filesystem allows bypassing directory permissions on Linux Tony Finch (Oct 27)

trompele

Overland Guardian OS CLI command line bug - let you get uid 0 shell trompele (Oct 20)

usman

Cherokee Web Server 0.5.4 Denial Of Service usman (Oct 26)

Vincent Zweije

Re: /proc filesystem allows bypassing directory permissions on Linux Vincent Zweije (Oct 27)
Re: /proc filesystem allows bypassing directory permissions on Linux Vincent Zweije (Oct 29)

VMware Security team

VMSA-2009-0013 VMware Fusion resolves two security issues VMware Security team (Oct 02)
VMSA-2009-0014 VMware ESX patches for DHCP, Service Console kernel, and JRE resolve multiple security issues VMware Security Team (Oct 16)
VMSA-2009-0015 VMware hosted products and ESX patches resolve two security issues VMware Security Team (Oct 28)

VUPEN Security Research

VUPEN Security - Adobe Acrobat and Reader U3D Filter Code Execution Vulnerabilities VUPEN Security Research (Oct 16)

Will Drewry

[oCERT-2009-016] Poppler, xpdf integer overflow during heap allocation Will Drewry (Oct 22)

Williams, James K

CA20091008-01: Security Notice for CA Anti-Virus Engine Williams, James K (Oct 09)

ZDI Disclosures

ZDI-09-067: Novell NetWare NFS Portmapper and RPC Module Stack Overflow Vulnerability ZDI Disclosures (Oct 01)
ZDI-09-069: Microsoft Windows Media Player Audio Voice Sample Rate Memory Corruption Vulnerability ZDI Disclosures (Oct 13)
ZDI-09-071: Microsoft Internet Explorer writing-mode Memory Corruption Vulnerability ZDI Disclosures (Oct 13)
ZDI-09-073: Adobe Reader Compact Font Format Malformed Index Memory Corruption Vulnerability ZDI Disclosures (Oct 13)
ZDI-09-070: Microsoft Internet Explorer Event Object Type Double-Free Vulnerability ZDI Disclosures (Oct 13)
ZDI-09-072: Microsoft Windows GDI+ TIFF Parsing Code Execution Vulnerability ZDI Disclosures (Oct 13)
ZDI-09-074: Multiple Vendor Hummingbird STR Service Stack Overflow Vulnerability ZDI Disclosures (Oct 29)
Previous period Next period
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]