Bugtraq: by thread

Bugtraq: by thread

192 messages starting Feb 01 12 and ending Feb 29 12
Date index | Thread index | Author index

[Announce] Apache HTTP Server 2.2.22 Released William A. Rowe Jr. (Feb 01)
802.1X password exploit on many HTC Android devices Bret Jordan (Feb 01)
Security advisory for Bugzilla 4.2rc2, 4.0.4, 3.6.8 and 3.4.14 LpSolit (Feb 01)
Multiple vulnerabilities in OpenEMR advisory (Feb 01)
ESA-2012-009: EMC Documentum Content Server privilege elevation vulnerability Security_Alert (Feb 01)
XSS phpLDAPadmin: 1.2.0.5 (Debian package) and 1.2.2 (sourceforge) andsarmiento (Feb 01)
[ MDVSA-2012:012 ] apache security (Feb 02)
APPLE-SA-2012-02-01-1 OS X Lion v10.7.3 and Security Update 2012-001 Apple Product Security (Feb 02)
Call For Paper asemailing (Feb 02)
Fwd: RA-Guard: Advice on the implementation (feedback requested) Fernando Gont (Feb 02)
[CAL-2012-0004] opera array integer overflow Code Audit Labs (Feb 02)
[security bulletin] HPSBMU02739 SSRT100280 rev.1 - HP Data Protector Media Operations, Remote Execution of Arbitrary Code security-alert (Feb 02)
GLSA (Gentoo Linux Security Advisory) publication changes Alex Legler (Feb 02)
[security bulletin] HPSBGN02740 SSRT100741 rev.1 - HP Operations Manager, Operations Agent, Performance Agent, Service Health Reporter, Service Health Optimizer, Performance Manager, Remote Execution of Arbitrary Code security-alert (Feb 03)
[SECURITY] [DSA 2401-1] tomcat6 security update Moritz Muehlenhoff (Feb 03)
[SECURITY] [DSA 2400-1] iceweasel security update Moritz Muehlenhoff (Feb 03)
[SECURITY] [DSA 2402-1] iceape security update Moritz Muehlenhoff (Feb 03)
[SECURITY] [DSA 2403-1] php5 security update Thijs Kinkhorst (Feb 03)
RFC 6528 on Defending against Sequence Number Attacks Fernando Gont (Feb 03)
ESA-2012-010: EMC Documentum xPlore information disclosure vulnerability Security_Alert (Feb 03)
[ MDVSA-2012:013 ] mozilla security (Feb 03)
[SECURITY] [DSA 2384-2] cacti regression Luk Claes (Feb 06)
[SECURITY] [DSA 2404-1] xen-qemu-dm-4.0 security update Florian Weimer (Feb 06)
[SECURITY] [DSA 2405-1] apache2 security update Stefan Fritsch (Feb 06)
Mathopd - Directory Traversal Vulnerability Mateusz Goik (Feb 06)
[ MDVSA-2012:014 ] glpi security (Feb 07)
[SECURITY] [DSA 2403-2] php5 security update Thijs Kinkhorst (Feb 07)
SimpleGroupware 0.742 Cross-Site-Scripting vulnerability security (Feb 07)
DEF CON 20 Capture the Flag Announcement The Dark Tangent (Feb 07)
CVE-2012-0803: Apache CXF does not validate UsernameToken policies correctly Colm O hEigeartaigh (Feb 07)
SQL Injection Vulnerability in Batavi 1.1.2 Netsparker Advisories (Feb 07)
[security bulletin] HPSBMU02736 SSRT100699 rev.2 - HP Business Availability Center (BAC) and Business Service Management (BSM), Remote Unauthorized Access to Sensitive Information security-alert (Feb 07)
eFronts Community++ v3.6.10 - Cross Site Vulnerability research () vulnerability-lab com (Feb 07)
Unauthenticated remote code execution on D-Link ShareCenter products roberto . paleari (Feb 08)
[security bulletin] HPSBUX02741 SSRT100728 rev.1 - HP-UX Apache Running Tomcat Servlet Engine, Remote Denial of Service (DoS), Access Restriction Bypass security-alert (Feb 08)
Cyberoam Central Console v2.00.2 - File Include Vulnerability research () vulnerability-lab com (Feb 08)
Multiple vulnerabilities in ZENphoto advisory (Feb 08)
[security bulletin] HPSBMU02742 SSRT100740 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Unauthorized Disclosure of Information security-alert (Feb 08)
ZDI-12-021 : Adobe Reader BMP Resource Signedness Remote Code Execution Vulnerability ZDI Disclosures (Feb 08)
ZDI-12-022 : Total Defense Suite UNC Management Console ExportReport SQL Injection Vulnerability ZDI Disclosures (Feb 08)
ZDI-12-023 : Total Defense Suite UNC Management Web Service Database Credentials Disclosure Vulnerability ZDI Disclosures (Feb 08)
ZDI-12-024 : Total Defense Suite UNC Management Web Service uncsp_ViewReportsHomepage SQL Injection Vulnerability ZDI Disclosures (Feb 08)
ZDI-12-025 : EMC Networker indexd.exe Opcode 0x01 Parsing Remote Code Execution ZDI Disclosures (Feb 08)
ZDI-12-026 : IBM SPSS ExportHTML.dll ActiveX Control Render Method Remote Code Execution Vulnerability ZDI Disclosures (Feb 08)
ZDI-12-027 : IBM SPSS VsVIEW6.ocx ActiveX Control SaveDoc Method Remote Code Execution Vulnerability ZDI Disclosures (Feb 08)
ZDI-12-028 : IBM Rational Rhapsody BBFlashBack.FBRecorder.1 Control Multiple Remote Code Execution Vulnerabilities ZDI Disclosures (Feb 08)
ZDI-12-029 : IBM Rational Rhapsody BBFlashBack.Recorder.1 InsertMarker Remote Code Execution Vulnerability ZDI Disclosures (Feb 08)
ZDI-12-030 : IBM Rational Rhapsody BBFlashBack.Recorder.1 TestCompatibilityRecordMode Remote Code Execution Vulnerability ZDI Disclosures (Feb 08)
ZDI-12-031 : Novell iPrint Server attributes-natural-language Remote Code Execution Vulnerability ZDI Disclosures (Feb 08)
[SECURITY] [DSA 2407-1] cvs security update Florian Weimer (Feb 09)
[ MDVSA-2012:015 ] wireshark security (Feb 09)
[SECURITY] CVE-2011-4367 Apache MyFaces information disclosure vulnerability Leonardo Uribe (Feb 09)
[Suspected Spam] eFront Community++ v3.6.10 - Multiple Web Vulnerabilities research () vulnerability-lab com (Feb 09)
Dolibarr CMS v3.2.0 Alpha - File Include Vulnerabilities research () vulnerability-lab com (Feb 10)
- <Possible follow-ups>
- Re: Dolibarr CMS v3.2.0 Alpha - File Include Vulnerabilities regis (Feb 27)
OnxShop CMS v1.5.0 - Multiple Web Vulnerabilities research () vulnerability-lab com (Feb 10)
Dolibarr CMS v3.2.0 Alpha - SQL Injection Vulnerabilities research () vulnerability-lab com (Feb 10)
Kloxo LxCenter Server CP v6.1.10 - Multiple Web Vulnerabilities research () vulnerability-lab com (Feb 10)
CubeCart 3.0.20 (3.0.x) and lower | Open URL Redirection Vulnerability YGN Ethical Hacker Group (Feb 10)
[ MDVSA-2012:016 ] glpi security (Feb 10)
[slackware-security] vsftpd (SSA:2012-041-05) Slackware Security Team (Feb 13)
[slackware-security] glibc (SSA:2012-041-03) Slackware Security Team (Feb 13)
[slackware-security] proftpd (SSA:2012-041-04) Slackware Security Team (Feb 13)
[slackware-security] httpd (SSA:2012-041-01) Slackware Security Team (Feb 13)
[slackware-security] php (SSA:2012-041-02) Slackware Security Team (Feb 13)
OWASP AppSec USA 2011 Video & Slides Posted adam (Feb 13)
Yahoo! Messenger v11.5 - Buffer Overflow Vulnerability research () vulnerability-lab com (Feb 13)
[Suspected Spam] eFront Community++ v3.6.10 - SQL Injection Vulnerability research () vulnerability-lab com (Feb 13)
sqlinjection bug in nova cms rezahmail (Feb 13)
- Re: sqlinjection bug in nova cms Henri Salo (Feb 16)
[ MDVSA-2012:017 ] firefox security (Feb 13)
[ MDVSA-2012:018 ] mozilla-thunderbird security (Feb 13)
[Announcement] ClubHack Mag - Call for Articles abhijeet (Feb 13)
[SECURITY] [DSA 2408-1] php5 security update Moritz Muehlenhoff (Feb 13)
[ MDVSA-2012:019 ] apr security (Feb 14)
[CAL-2011-0055]Adobe Shockwave Player Parsing block_cout memory corruption vulnerability Code Audit Labs (Feb 15)
[CAL-2011-0071]Adobe Shockwave Player Parsing cupt atom heap overflow Code Audit Labs (Feb 15)
FreePBX Remote Exploit dougw (Feb 15)
[ MDVSA-2012:020 ] phpldapadmin security (Feb 15)
Multiple vulnerabilities in 11in1 advisory (Feb 15)
Multiple vulnerabilities in LEPTON advisory (Feb 15)
[SECURITY] [DSA 2409-1] devscripts security update Raphael Geissert (Feb 15)
TELUS Security Labs VR - Oracle Java Web Start Command Argument Injection Remote Code Execution noreply (Feb 15)
Cisco Security Advisory: Cisco NX-OS Malformed IP Packet Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Feb 16)
[SECURITY] [DSA 2410-1] libpng security update Moritz Muehlenhoff (Feb 16)
2012 Honeynet Project Security Workshop Guillaume Arcas (Feb 16)
[PRE-SA-2012-01] Denial-of-service vulnerability in java.util.zip Timo Warns (Feb 16)
Hackito Ergo sum // HES2012 Final CFP // Call for Hackers Jonathan Brossard (Feb 16)
Pandora FMS v4.0.1 - Local File Include Vulnerability + VD Session research () vulnerability-lab com (Feb 17)
[Spam] Skype v5.6.59.x - Memory Corruption Vulnerability research () vulnerability-lab com (Feb 17)
0-DAY XSS of cforms II is now fixed after a year and four months (was Re: cforms WordPress Plugin Cross Site Scripting Vulnerability - CVE-2010-3977) Kousuke Ebihara (Feb 17)
- <Possible follow-ups>
- Re: Fwd: 0-DAY XSS of cforms II is now fixed after a year and four months (was Re: cforms WordPress Plugin Cross Site Scripting Vulnerability - CVE-2010-3977) Rodrigo Rubira Branco \(BSDaemon\) (Feb 17)
[security bulletin] HPSBPI02728 SSRT100692 rev.4 - Certain HP Printers and HP Digital Senders, Remote Firmware Update Enabled by Default security-alert (Feb 17)
IETF I-D: Security and Interoperability Implications of Oversized IPv6 Header Chains Fernando Gont (Feb 17)
PHP 5.2.x Remote Code Execution Vulnerability Worawit Wang (Feb 17)
Puppet Dashboard insecure by default Schweiss, Chip (Feb 17)
[ MDVSA-2012:021 ] java-1.6.0-openjdk security (Feb 17)
Downloads Folder: A Binary Planting Minefield ACROS Security Lists (Feb 20)
WebsiteBaker 2.8.2 SP2 HTTP-Referer XSS vulnerability sschurtz (Feb 20)
CubeCart 3.0.20 (3.0.x) and lower | Open URL Redirection Vulnerability [Updated] YGN Ethical Hacker Group (Feb 20)
[SECURITY] [DSA 2411-1] mumble security update Florian Weimer (Feb 20)
[SECURITY] [DSA 2412-1] libvorbis security update Moritz Muehlenhoff (Feb 20)
SEC Consult SA-20120220-1 :: Multiple Vulnerabilities in ELBA5 SEC Consult Vulnerability Lab (Feb 20)
SEC Consult SA-20120220-0 :: Multiple critical vulnerabilities in VOXTRONIC voxlog professional SEC Consult Vulnerability Lab (Feb 20)
SQL Injection Vulnerabilities in TestLink jnatal (Feb 20)
DC4420 - London DEFCON - February meet - Tuesday February 21st 2012 Major Malfunction (Feb 20)
OxWall 1.1.1 <= Multiple Cross Site Scripting Vulnerabilities YGN Ethical Hacker Group (Feb 20)
- Re: [oss-security] OxWall 1.1.1 <= Multiple Cross Site Scripting Vulnerabilities Kurt Seifried (Feb 21)
Dolphin 7.0.7 <= Multiple Cross Site Scripting Vulnerabilities YGN Ethical Hacker Group (Feb 20)
- Re: [oss-security] Dolphin 7.0.7 <= Multiple Cross Site Scripting Vulnerabilities Kurt Seifried (Feb 21)
[SECURITY] [DSA 2413-1] libarchive security update Luk Claes (Feb 21)
Vulnerabilitites in Debian F*EX <= 20100208 and F*EX 20111129-2. muuratsalo experimental hack lab (Feb 21)
- Re: Vulnerabilitites in Debian F*EX <= 20100208 and F*EX 20111129-2. muuratsalo experimental hack lab (Feb 21)
F*EX <= 20100208 Cross Site Scripting Vulnerabilities muuratsalo experimental hack lab (Feb 21)
F*EX 20111129-2 Cross Site Scripting Vulnerability muuratsalo experimental hack lab (Feb 21)
IPv6 NIDS evasion and IPv6 fragmentation/reassembly improvements Fernando Gont (Feb 21)
Mercurycom MR804 Router - Multiple HTTP Header Fields Denial Of Service Vulnerability demonalex (Feb 21)
[SECURITY] [DSA 2414-1] fex security update Nico Golde (Feb 22)
[SECURITY] [DSA 2415-1] libmodplug security update Nico Golde (Feb 22)
Multiple security vulnerabilities in Tremulous 1.1.0, GPP1, and unofficial MG and TJW engines Simon McVittie (Feb 22)
[ MDVSA-2012:022 ] libpng security (Feb 22)
Multiple XSS in Chyrp advisory (Feb 22)
[ MDVSA-2012:023 ] libxml2 security (Feb 22)
Mobile Mp3 Search Engine HTTP Response Splitting CorryL (Feb 24)
ZDI-12-032 : Oracle Java Runtime Environment readMabCurveData Integer Overflow Remote Code Execution Vulnerability ZDI Disclosures (Feb 24)
ZDI-12-033 : ABB WebWare RobNetScanHost.exe Remote Code Execution Vulnerability ZDI Disclosures (Feb 24)
ZDI-12-034 : Microsoft Windows Media Player ASX Meta-File Parsing Remote Code Execution Vulnerability ZDI Disclosures (Feb 24)
ZDI-12-035 : Microsoft Internet Explorer CDispNode t:MEDIA Remote Code Execution Vulnerability ZDI Disclosures (Feb 24)
ZDI-12-036 : Microsoft Internet Explorer VML CDispScroller Remote Code Execution Vulnerability ZDI Disclosures (Feb 24)
ZDI-12-037 : Oracle Java Web Start JNLP Double Quote Remote Code Execution Vulnerability ZDI Disclosures (Feb 24)
ZDI-12-038 : Oracle Java JavaFX Arbitrary Argument Remote Code Execution Vulnerability ZDI Disclosures (Feb 24)
ZDI-12-039 : Oracle Java Web Start java-vm-args Command Argument Injection Remote Code Execution ZDI Disclosures (Feb 24)
TPTI-12-01 : Oracle Java True Type Font IDEF Opcode Parsing Remote Code Execution Vulnerability ZDI Disclosures (Feb 24)
[SECURITY] [DSA 2417-1] libxml2 security update Nico Golde (Feb 24)
NGS00120 Patch Notification: BlackBerry PlayBook Samba Remote Code Execution Research () NGSSecure (Feb 24)
YVS Image Gallery Sql injection CorryL (Feb 24)
- Case YVS Image Gallery Henri Salo (Feb 27)
  - Message not available
    - Re: [oss-security] Case YVS Image Gallery Henri Salo (Feb 28)
Security advisory for Bugzilla 4.2 and 4.0.5 LpSolit (Feb 24)
Cisco Security Advisory: Cisco Small Business SRP 500 Series Multiple Vulnerabilities Cisco Systems Product Security Incident Response Team (Feb 24)
CJWSoft ASPGuest GuestBook 'edit.asp' - SQL Injection Vulnerability demonalex (Feb 24)
[SECURITY] [DSA 2416-1] notmuch security update Thijs Kinkhorst (Feb 24)
[ MDVSA-2012:022 ] mozilla security (Feb 24)
[security bulletin] HPSBUX02737 SSRT100747 rev.2 - HP-UX Running OpenSSL, Remote Denial of Service (DoS) security-alert (Feb 24)
[security bulletin] HPSBMU02739 SSRT100280 rev.2 - HP Data Protector Storage Media Operations (SMO), Remote Execution of Arbitrary Code security-alert (Feb 24)
[Onapsis Security Advisory 2012-01] Oracle JD Edwards JDENET Arbitrary File Write Onapsis Research Labs (Feb 24)
[Onapsis Security Advisory 2012-02] Oracle JD Edwards Security Kernel Remote Password Disclosure Onapsis Research Labs (Feb 24)
[Onapsis Security Advisory 2012-03] Oracle JD Edwards SawKernel Arbitrary File Read Onapsis Research Labs (Feb 24)
[Onapsis Security Advisory 2012-04] Oracle JD Edwards SawKernel GET_INI Information Disclosure Onapsis Research Labs (Feb 24)
[Onapsis Security Advisory 2012-05] Oracle JD Edwards JDENET Multiple Information Disclosure Onapsis Research Labs (Feb 24)
[Onapsis Security Advisory 2012-06] Oracle JD Edwards JDENET Large Packets Denial of Service Onapsis Research Labs (Feb 24)
[Onapsis Security Advisory 2012-07] Oracle JD Edwards SawKernel SET_INI Configuration Modification Onapsis Research Labs (Feb 24)
[Onapsis Security Advisory 2012-08] Oracle JD Edwards Security Kernel Information Disclosure Onapsis Research Labs (Feb 24)
PHP Gift Registry 1.5.5 SQL Injection Thomas Richards (Feb 24)
Dropbear SSH server use-after-free vulnerability Danny Fullerton (Feb 24)
TWSL2012-003: Cross-Site Scripting Vulnerability in Movable Type Publishing Platform Trustwave Advisories (Feb 27)
Kongreg8 1.7.3 Mutiple XSS Thomas Richards (Feb 27)
Syhunt: Google V8 - Server-Side JS Injection in vulnerable web apps Felipe M. Aragon (Feb 27)
NGS00237 Patch Notification: Samba Andx request Remote Code Execution Research () NGSSecure (Feb 27)
[SECURITY] [DSA 2414-2] fex regression Nico Golde (Feb 27)
pidgin OTR information leakage Dimitris Glynos (Feb 27)
- Re: pidgin OTR information leakage Jann Horn (Feb 27)
  - Re: [Full-disclosure] pidgin OTR information leakage Michele Orru (Feb 27)
    - Re: [Full-disclosure] pidgin OTR information leakage Rich Pieri (Feb 27)
    - Re: [Full-disclosure] pidgin OTR information leakage Jeffrey Walton (Feb 28)
    - Message not available
    - Re: [Full-disclosure] pidgin OTR information leakage Dimitris Glynos (Feb 28)
    - Re: [Full-disclosure] pidgin OTR information leakage Dimitris Glynos (Feb 28)
DeepSec "Sector v6" - Call for Papers DeepSec Conference (Feb 27)
FrameJammer DOM based XSS mkey (Feb 27)
[ MDVSA-2012:023 ] libvpx security (Feb 27)
Socusoft Photo 2 Video v8.05 - Buffer Overflow Vulnerability research () vulnerability-lab com (Feb 27)
OSQA CMS v3b - Multiple Persistent Vulnerabilities research () vulnerability-lab com (Feb 27)
Wolf CMS v0.7.5 - Multiple Web Vulnerabilities research () vulnerability-lab com (Feb 27)
[SECURITY] [DSA 2418-1] postgresql-8.4 security update Moritz Muehlenhoff (Feb 27)
Recon 2012 - Call For Papers - June 14-16, 2012 - Montreal, Quebec cfp2012 (Feb 27)
[SECURITY] [DSA 2419-1] puppet security update Florian Weimer (Feb 27)
[ MDVSA-2012:022-1 ] mozilla security (Feb 28)
[ MDVSA-2012:023-1 ] libvpx security (Feb 28)
Reliable Windows 7 Exploitation: A Case Study Ivan Fratric (Feb 28)
ImgPals Photo Host Version 1.0 Admin Account Disactivation CorryL (Feb 28)
[ MDVSA-2012:025 ] samba security (Feb 28)
[SECURITY] [DSA 2420-1] openjdk-6 security update Florian Weimer (Feb 28)
Multiple XSS in Dotclear advisory (Feb 29)
[ MDVSA-2012:026 ] postgresql security (Feb 29)
[ MDVSA-2012:027 ] postgresql8.3 security (Feb 29)
Cisco Security Advisory: Cisco Cius Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Feb 29)
Cisco Security Advisory: Cisco Unified Communications Manager Skinny Client Control Protocol Vulnerabilities Cisco Systems Product Security Incident Response Team (Feb 29)
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Wireless LAN Controllers Cisco Systems Product Security Incident Response Team (Feb 29)
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unity Connection Cisco Systems Product Security Incident Response Team (Feb 29)
Cisco Security Advisory: Cisco TelePresence Video Communication Server Session Initiation Protocol Denial of Service Vulnerabilities Cisco Systems Product Security Incident Response Team (Feb 29)
[SECURITY] [DSA 2421-1] moodle security update Moritz Muehlenhoff (Feb 29)
[SECURITY] [DSA 2422-1] file security update Florian Weimer (Feb 29)

Previous period

Next period