Bugtraq: by thread

Bugtraq: by thread

157 messages starting Dec 03 12 and ending Dec 31 12
Date index | Thread index | Author index

[SECURITY] [DSA 2577-1] libssh security update Yves-Alexis Perez (Dec 03)
ESA-2012-052 RSA NetWitness Informer Cross-Site Request Forgery and Click-jacking Vulnerabilities Security Alert (Dec 03)
Low severity flaw in RIM BlackBerry PlayBook OS browser Tim Brown (Dec 03)
FortiGate FortiDB 2kB 1kC & 400B - Cross Site Vulnerability Vulnerability Lab (Dec 03)
FortiWeb 4kC,3kC,1kC & VA - Cross Site Vulnerabilities Vulnerability Lab (Dec 03)
IBM System Director Remote System Level Exploit (CVE-2009-0880 extended zeroday) king cope (Dec 03)
MySQL (Linux) Stack based buffer overrun PoC Zeroday king cope (Dec 03)
- Re: [Full-disclosure] MySQL (Linux) Stack based buffer overrun PoC Zeroday Jeffrey Walton (Dec 03)
- Re: [Full-disclosure] MySQL (Linux) Stack based buffer overrun PoC Zeroday Kurt Seifried (Dec 03)
  - Re: [oss-security] Re: [Full-disclosure] MySQL (Linux) Stack based buffer overrun PoC Zeroday Sergei Golubchik (Dec 03)
  - Re: [oss-security] Re: [Full-disclosure] MySQL (Linux) Stack based buffer overrun PoC Zeroday Huzaifa Sidhpurwala (Dec 03)
    - Re: [oss-security] Re: [Full-disclosure] MySQL (Linux) Stack based buffer overrun PoC Zeroday Sergei Golubchik (Dec 03)
    - Message not available
    - Re: [oss-security] Re: [Full-disclosure] MySQL (Linux) Stack based buffer overrun PoC Zeroday Yves-Alexis Perez (Dec 03)
    - Re: [oss-security] Re: [Full-disclosure] MySQL (Linux) Stack based buffer overrun PoC Zeroday king cope (Dec 03)
    - Message not available
    - Re: [oss-security] Re: [Full-disclosure] MySQL (Linux) Stack based buffer overrun PoC Zeroday Sergei Golubchik (Dec 03)
MySQL (Linux) Heap Based Overrun PoC Zeroday king cope (Dec 03)
- Re: [Full-disclosure] MySQL (Linux) Heap Based Overrun PoC Zeroday Jeffrey Walton (Dec 03)
- Re: [Full-disclosure] MySQL (Linux) Heap Based Overrun PoC Zeroday Kurt Seifried (Dec 03)
- Re: [Full-disclosure] MySQL (Linux) Heap Based Overrun PoC Zeroday Kurt Seifried (Dec 03)
MySQL (Linux) Database Privilege Elevation Zeroday Exploit king cope (Dec 03)
- Re: [Full-disclosure] MySQL (Linux) Database Privilege Elevation Zeroday Exploit Kurt Seifried (Dec 03)
MySQL Denial of Service Zeroday PoC king cope (Dec 03)
- Re: [Full-disclosure] MySQL Denial of Service Zeroday PoC Kurt Seifried (Dec 03)
MySQL Remote Preauth User Enumeration Zeroday king cope (Dec 03)
- Re: [Full-disclosure] MySQL Remote Preauth User Enumeration Zeroday Kurt Seifried (Dec 03)
Re: [Full-disclosure] MySQL 5.1/5.5 WiNDOWS REMOTE R00T (mysqljackpot) Kurt Seifried (Dec 03)
[SECURITY] [DSA 2580-1] libxml security update Moritz Muehlenhoff (Dec 03)
[ MDVSA-2012:176 ] libxml2 security (Dec 03)
tinymcpuk xss vulnerability admin (Dec 03)
SEC Consult SA-20121203-0 :: F5 FirePass SSL VPN Unauthenticated local file inclusion SEC Consult Vulnerability Lab (Dec 03)
Re: phpGiftReq SQL Injection generalpf (Dec 03)
[SECURITY] [DSA 2581-1] mysql-5.1 security update Yves-Alexis Perez (Dec 04)
DC4420 - London DEFCON - Christmas 2012 meet! Tuesday 11th December 2012 Major Malfunction (Dec 04)
MySQL Local/Remote FAST Account Password Cracking king cope (Dec 04)
Privilege Escalation through Binary Planting in Panda Internet Security by_argos (Dec 04)
Centrify Deployment Manager v2.1.0.283 larry0 (Dec 04)
- <Possible follow-ups>
- Centrify Deployment Manager v2.1.0.283 larry0 (Dec 04)
- Re: Centrify Deployment Manager v2.1.0.283 to-choi . lau (Dec 14)
FreeFTPD Remote Authentication Bypass Zeroday Exploit (Stuxnet technique) king cope (Dec 04)
FreeSSHD Remote Authentication Bypass Zeroday Exploit king cope (Dec 04)
Re: MySQL Windows Remote System Level Exploit (Stuxnet technique) 0day king cope (Dec 04)
[security bulletin] HPSBPI02807 SSRT100928 rev.1 - HP LaserJet Pro 400 Multi Function Printers, Remote Unauthorized Access security-alert (Dec 05)
[security bulletin] HPSBPI02828 SSRT100778 rev.1 - HP LaserJet and Color LaserJet, Cross-Site Scripting (XSS) security-alert (Dec 05)
CVE-2012-4534 Apache Tomcat denial of service Mark Thomas (Dec 05)
CVE-2012-3546 Apache Tomcat Bypass of security constraints Mark Thomas (Dec 05)
CVE-2012-4431 Apache Tomcat Bypass of CSRF prevention filter Mark Thomas (Dec 05)
[security bulletin] HPSBMU02816 SSRT100949 rev.1 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Access security-alert (Dec 05)
[security bulletin] HPSB3C02831 SSRT100661 rev.1 - HP Intelligent Management Center User Access Manager (UAM), Remote Execution of Arbitrary Code security-alert (Dec 05)
Re: Stack overflow in Microsoft HTML Help 6.1 (CHM files) chiles . simpson . ctr (Dec 05)
Buffalo LinkStation LS-WTGL Default Admin Account & Guest Access Information Darius Freamon (Dec 05)
[ MDVSA-2012:177 ] bind security (Dec 06)
CA20121205-01: Security Notice for CA XCOM Data Transport on Unix and Linux Kotas, Kevin J (Dec 06)
[slackware-security] ruby (SSA:2012-341-04) Slackware Security Team (Dec 07)
[slackware-security] libxml2 (SSA:2012-341-03) Slackware Security Team (Dec 07)
[SECURITY] [DSA 2582-1] xen security update Yves-Alexis Perez (Dec 07)
TVMOBiLi Media Server Multiple Remote DoS Vulnerabilities advisory (Dec 07)
- <Possible follow-ups>
- TVMOBiLi Media Server Multiple Remote DoS Vulnerabilities advisory (Dec 07)
Multiple SQL Injection vulnerabilities in ClipBucket advisory (Dec 07)
- <Possible follow-ups>
- Multiple SQL Injection vulnerabilities in ClipBucket advisory (Dec 07)
Multiple vulnerabilities in Achievo advisory (Dec 07)
- <Possible follow-ups>
- Multiple vulnerabilities in Achievo advisory (Dec 07)
Fwd: SQL injection Emmanuel FARCY (Dec 07)
CanSecWest13 CFP Open Until December 14 2012, Conf March 7-9 2013, Vancouver Dragos Ruiu (Dec 07)
Update on CVE assigned for Video Lead Form Plugin Cross-Site nauty . me04 (Dec 07)
Update on CVE assigned for Wordpress Plugin Simple Gmail Login nauty . me04 (Dec 07)
[slackware-security] libssh (SSA:2012-341-02) Slackware Security Team (Dec 10)
[slackware-security] bind (SSA:2012-341-01) Slackware Security Team (Dec 10)
[SECURITY] [DSA 2583-1] iceweasel security update Yves-Alexis Perez (Dec 10)
[SECURITY] [DSA 2584-1] iceape security update Yves-Alexis Perez (Dec 10)
[ MDVSA-2012:178 ] mysql security (Dec 10)
Android Kernel 2.6 Local DoS Thomas Richards (Dec 10)
Centrify Deployment Manager v2.1.0.283 local root larry0 (Dec 10)
FreeVimager 4.1.0 <= WriteAV Arbitrary Code Execution pereira (Dec 10)
DIMIN Viewer 5.4.0 <= WriteAV Arbitrary Code Execution pereira (Dec 10)
SimpleInvoices 2011.1 Cross-Site-Scripting (XSS) Vulnerabilities CVE-2012-4932 tommccredie (Dec 10)
Multiple Command Execution Vulnerabilities in Smartphone Pentest Framework advisory (Dec 10)
Call for Papers: DIMVA 2013 Collin Mulliner (Dec 10)
Snare for Linux Cross-Site Scripting via Log Injection sometimesbugs (Dec 10)
Snare for Linux Cross-Site Request Forgery sometimesbugs (Dec 10)
Snare for Linux Password Disclosure sometimesbugs (Dec 10)
[security bulletin] HPSBOV02834 SSRT101055 rev.1 - HP OpenVMS LOGIN or ACMELOGIN, Remote or Local Denial of Service (DoS) security-alert (Dec 11)
Path Traversal Vulnerability on Secure Transport versions 5.1 SP2 and earlier Perez, Sebastian \(LATCO - Buenos Aires\) (Dec 11)
Information disclosure (mouse tracking) vulnerability in Microsoft Internet Explorer versions 6-10 Nick Johnson (Dec 11)
[SECURITY] [DSA 2585-1] bogofilter security update Florian Weimer (Dec 11)
[SECURITY] [DSA 2586-1] perl security update Florian Weimer (Dec 11)
Multiple critical vulnerabilities in Maxthon and Avant browsers Roberto Suggi Liverani (Dec 11)
[SECURITY] [DSA 2587-1] libcgi-pm-perl security update Florian Weimer (Dec 11)
[ MDVSA-2012:179 ] cups security (Dec 13)
Addressbook v8.1.24.1 Group Name XSS Kenneth F. Belva (Dec 13)
OpenDocMan 1.2.6.2 - 3 Vulnerabilities Kenneth F. Belva (Dec 13)
File Upload Concern in Front Account 2.3.13 and OpenDocMan 1.2.6.2 Kenneth F. Belva (Dec 13)
FCKEditor File Upload Vulnerability bugreport (Dec 13)
'portable-phpMyAdmin (WordPress Plugin)' Authentication Bypass (CVE-2012-5469) Mark Stanislav (Dec 13)
Network Reconnaissance in IPv6 Networks Fernando Gont (Dec 13)
Network Reconnaissance in IPv6 Networks (errata) Fernando Gont (Dec 13)
RVAsec 2013 CFP Now Open Sullo (Dec 13)
[security bulletin] HPSBUX02832 SSRT101042 rev.1 - HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities security-alert (Dec 13)
[btrfs] is vulnerable to a hash-DoS attack Pascal Junod \(Mailing Lists\) (Dec 14)
Password Disclosure in D-Link IP Cameras (CVE-2012-4046) doylej . ia (Dec 14)
Issues in Netgear WGR614 wireless router gsuberland (Dec 14)
- Re: Issues in Netgear WGR614 wireless router Liam (Dec 17)
DDIVRT-2012-48 VMware View Connection Server Directory Traversal (CVE-2012-5978) ddivulnalert (Dec 14)
Wordpress Pingback Port Scanner FireFart (Dec 14)
[SECURITY] [DSA 2588-1] icedove security update Florian Weimer (Dec 17)
[SECURITY] [DSA 2589-1] tiff security update Florian Weimer (Dec 17)
[ MDVSA-2012:180 ] perl-CGI security (Dec 17)
Foswiki Security Alert CVE-2012-6329, CVE-2012-6330 Remote code execution and other vulnerabilities in MAKETEXT macro George Clark (Dec 17)
RE: PHP Addressbook v8.2.5 Group Name XSS Kenneth F. Belva (Dec 17)
IPv6 Neighbor Discovery security (new documents) Fernando Gont (Dec 17)
Microsoft Internet Explorer 9.x <= Remote Stack Overflow Vulnerability pereira (Dec 19)
- Re: Microsoft Internet Explorer 9.x <= Remote Stack Overflow Vulnerability Fabio Baroni (Dec 20)
- <Possible follow-ups>
- Re: Re: Microsoft Internet Explorer 9.x <= Remote Stack Overflow Vulnerability pereira (Dec 20)
- Re: Re: Microsoft Internet Explorer 9.x <= Remote Stack Overflow Vulnerability pereira (Dec 24)
- Re: Re: Re: Microsoft Internet Explorer 9.x <= Remote Stack Overflow Vulnerability koppensb (Dec 24)
SonicWall SonicOS 5.8.1.8 WAF - POST Inject Vulnerability Vulnerability Lab (Dec 19)
Enterpriser16 LoadBalancer v7.1 - Multiple Web Vulnerabilities Vulnerability Lab (Dec 19)
Local root exploit for Centrify Deployment Manager < v2.1.0.283 local root larry0 (Dec 19)
Multiple SQL Injection Vulnerabilities in Elite Bulletin Board advisory (Dec 19)
Firefly MediaServer Multiple Remote DoS Vulnerabilities advisory (Dec 19)
Multiple vulnerabilities in Banana Dance advisory (Dec 19)
[ MDVSA-2012:181 ] python-django security (Dec 19)
Multiple XSS vulnerabilities in Cerberus FTP Server <= 5.0.5.1 [CVE-2012-6339] Ken (Dec 19)
EMC Avamar: World writable cache files fulldisclosure (Dec 19)
DoS vulnerability in Siemens S7-1200 PLCs Arne Vidström (Dec 24)
[security bulletin] HPSBUX02835 SSRT100763 rev.1 - HP-UX Running BIND, Remote Domain Name Revalidation security-alert (Dec 24)
ESA-2012-060: EMC Data Protection Advisor Information Disclosure Vulnerability. Security Alert (Dec 24)
CA20121220-01: Security Notice for CA IdentityMinder Williams, James K (Dec 24)
VMSA-2012-0018 VMware security updates for vCSA and ESXi VMware Security Response Center (Dec 24)
CubeCart 3.0.20 (3.0.x) and lower | Multiple Cross Site Scripting Vulnerabilities YGN Ethical Hacker Group (Dec 24)
CubeCart 3.0.20 (3.0.x) and lower | Arbitrary File Upload YGN Ethical Hacker Group (Dec 24)
CubeCart 3.0.20 (3.0.x) and lower | Multiple SQL Injection Vulnerabilities YGN Ethical Hacker Group (Dec 24)
[ MDVSA-2012:182 ] apache-mod_security security (Dec 24)
[ MDVSA-2012:183 ] apache-mod_security security (Dec 24)
CubeCart 4.4.6 and lower | Open URL Redirection Vulnerability YGN Ethical Hacker Group (Dec 24)
[TOOL RELEASE] SQL Fingerprint powered by ENG++ Technology [Version 1.33.23-170308] Nelson Brito (Dec 24)
CubeCart 5.0.7 and lower | Open URL Redirection Vulnerability YGN Ethical Hacker Group (Dec 24)
CubeCart 4.4.6 and lower | Cross Site Request Forgery (CSRF) Vulnerability YGN Ethical Hacker Group (Dec 24)
CubeCart 4.4.6 and lower | Multiple Cross Site Scripting Vulnerabilities YGN Ethical Hacker Group (Dec 24)
CubeCart 4.4.6 and lower | Multiple SQL Injection Vulnerabilities YGN Ethical Hacker Group (Dec 24)
CubeCart 4.4.6 and lower | Local File Inclusion Vulnerability YGN Ethical Hacker Group (Dec 24)
CubeCart 4.x/5.x | Setup Re-installation Privilege Escalation Vulnerability YGN Ethical Hacker Group (Dec 24)
Open-Realty CMS 3.x | Cross Site Request Forgery (CSRF) Vulnerability YGN Ethical Hacker Group (Dec 27)
Open-Realty CMS 3.x | Persistent Cross Site Scripting (XSS) Vulnerability YGN Ethical Hacker Group (Dec 27)
[SECURITY] [DSA 2590-1] wireshark security update Moritz Muehlenhoff (Dec 27)
[ MDVSA-2012:184 ] libtiff security (Dec 27)
Polycom® HDX® Video End Points Web Management Cross Si te Scripting (XSS) vulnerability Rustein, Fara Denise \(LATCO - Buenos Aires\) (Dec 27)
Log Analyzer 3.6.0 - Cross Site Scripting Vulnerability Vulnerability Lab (Dec 28)
SonicWall Email Security 7.4.1.x - Persistent Web Vulnerability Vulnerability Lab (Dec 28)
[SECURITY] [DSA 2591-1] mahara security update Moritz Muehlenhoff (Dec 28)
[SECURITY] [DSA 2592-1] elinks security update Moritz Muehlenhoff (Dec 28)
CubeCart 5.0.7 and lower versions | Insecure Backup File Handling YGN Ethical Hacker Group (Dec 28)
- Re: CubeCart 5.0.7 and lower versions | Insecure Backup File Handling Sean Jenkins (Dec 31)
GnuPG 1.4.12 and lower - memory access errors and keyring database corruption KB Sriram (Dec 31)
[SECURITY] [DSA 2593-1] moin security update Moritz Muehlenhoff (Dec 31)
[SECURITY] [DSA 2594-1] virtualbox-ose security update Moritz Muehlenhoff (Dec 31)
[SECURITY] [DSA 2595-1] ghostscript security update Moritz Muehlenhoff (Dec 31)
[SECURITY] [DSA 2596-1] mediawiki-extensions security update Jonathan Wiltshire (Dec 31)

Previous period

Next period