Home page logo
/

172 messages starting Jul 16 12 and ending Jul 19 12
Date index | Thread index | Author index

0a29 40

0A29-12-2 :Metasploit 'pcap_log' plugin privilege escalation vulnerability 0a29 40 (Jul 16)

Aaron T. Myers

[CVE-2012-3376] Apache Hadoop HDFS information disclosure vulnerability Aaron T. Myers (Jul 09)

abhijeet

ClubHack2012 CFP Open Now abhijeet (Jul 05)
[Announcement] ClubHack Magazine's July 2012 Issue Released abhijeet (Jul 19)

Adam Behnke

Malicious Code Execution in PCI Expansion ROM Adam Behnke (Jul 03)

Adam Caudill

Spark IM Client Local Password Decryption Adam Caudill (Jul 30)

Admin

TP Link Gateway v3.12.4 - Multiple Web Vulnerabilities Admin (Jul 12)

Administrator

AVAVoIP v1.5.12 - Multiple Web Vulnerabilities Administrator (Jul 17)

advisory

Blind SQL Injection in Webmatic advisory (Jul 04)
Multiple Cross-Site Scripting (XSS) in Kajona advisory (Jul 11)
Cross-Site Scripting (XSS) in Redaxo advisory (Jul 25)

Amir

Wordpress (editormonkey) Arbitrary File Upload Vulnerability Amir (Jul 04)
Wordpress (chenpress Plugin) Arbitrary File Upload Vulnerability Amir (Jul 23)

Apple Product Security

APPLE-SA-2012-07-25-1 Safari 6.0 Apple Product Security (Jul 25)
APPLE-SA-2012-07-25-2 Xcode 4.4 Apple Product Security (Jul 26)

Asterisk Security Team

AST-2012-010: Possible resource leak on uncompleted re-invite transactions Asterisk Security Team (Jul 09)
AST-2012-011: Remote crash vulnerability in voice mail application Asterisk Security Team (Jul 09)

Ben Laurie

Cyberoam advisory Ben Laurie (Jul 04)

Bertrand Delacretaz

[SECURITY] CVE-2012-2138 Apache Sling denial of service vulnerability Bertrand Delacretaz (Jul 09)

bugreport

IIS Short File/Folder Name Disclosure by using tilde ~ character bugreport (Jul 04)
.Net Framework Tilde Character DoS bugreport (Jul 04)
.Net Framework Tilde Character DoS - Sorry, exploit-db link corrected bugreport (Jul 04)

BugsNotHugs

IBM Edge Components Caching Proxy XSS Followup BugsNotHugs (Jul 02)
Sun iPlanet Error Page Link Injection BugsNotHugs (Jul 02)
IBM developerWorks ncp (Nigel's Capacity Planning) 2.1 Remote Information Disclosure BugsNotHugs (Jul 02)
Bookmark4U lostpasswd.php env[include_prefix] Parameter RFI BugsNotHugs (Jul 02)

Call for papers

Call for Papers: The 7th International Conference for Internet Technology and Secured Transactions (ICITST-2012) Call for papers (Jul 09)

Chris Travers

Security Advisory in LedgerSMBv 1.3.20 and below: Denial of Service vulnerability Chris Travers (Jul 30)

Cisco Systems Product Security Incident Response Team

Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Recording Server Cisco Systems Product Security Incident Response Team (Jul 11)
Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Immersive Endpoint Devices Cisco Systems Product Security Incident Response Team (Jul 11)
Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Multipoint Switch Cisco Systems Product Security Incident Response Team (Jul 11)
Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Manager Cisco Systems Product Security Incident Response Team (Jul 11)

CORE Security Technologies Advisories

CORE-2011-1123 - Windows Kernel ReadLayoutFile Heap Overflow CORE Security Technologies Advisories (Jul 17)

Dan Fandrich

libexif project security advisory July 12, 2012 Dan Fandrich (Jul 16)

Fabien DUCHENE

GreHack 2012 - extended deadline CFP 15th August 2012 (Grenoble, France) Fabien DUCHENE (Jul 09)
GreHack 2012 - Call For Musicians/Artists/DJs application open till October 5th 2012 (Grenoble, France) Fabien DUCHENE (Jul 19)

Fernando Gont

Slideware of IPv6 hacking training (HIP 2012 edition), and future trainings (Portugal & Belgium) Fernando Gont (Jul 03)
IPv6 security tools released Fernando Gont (Jul 05)

Florian Weimer

[SECURITY] [DSA 2505-1] zendframework security update Florian Weimer (Jul 02)

Henri Salo

Re: plow 0.0.5 <= Buffer Overflow Vulnerability Henri Salo (Jul 09)
Re: Wordpress (chenpress Plugin) Arbitrary File Upload Vulnerability Henri Salo (Jul 24)

Inshell Security

[IA30] Photodex ProShow Producer v5.0.3256 Local Buffer Overflow Vulnerability Inshell Security (Jul 03)

Ivan Buetler

Free Web App Security Challenges - Hackademics Project Ivan Buetler (Jul 23)

Kathrin Schäberle

security advisory: AirDroid 1.0.4 beta Kathrin Schäberle (Jul 13)

king cope

Unpatched IIS Vulnerabilities / Microsoft July Security Bulletin king cope (Jul 17)

komarov

Checkpoint Abra - Vulnerabilities komarov (Jul 09)

Krzysztof Kotowicz

CodeIgniter <= 2.1.1 xss_clean() Cross Site Scripting filter bypass Krzysztof Kotowicz (Jul 23)

larry0

Re: Basilic RCE bug larry0 (Jul 06)
file clobbering vulnerability in Solaris update manager & local root with SUNWbindr install. larry0 (Jul 23)

LpSolit

Security advisory for Bugzilla 4.3.2, 4.2.2, 4.0.7 and 3.6.10 LpSolit (Jul 27)

Luciano Bello

[SECURITY] [DSA 2509-1] pidgin security update Luciano Bello (Jul 09)
[SECURITY] [DSA 2510-1] extplorer security update Luciano Bello (Jul 13)

Major Malfunction

DC4420 - London DEFCON - July meet - Tuesday July 17th 2012 Major Malfunction (Jul 17)

mbsarwin

Re: CitrusDB 2.4.1 - LFI/SQLi Vulnerability mbsarwin (Jul 11)

Moritz Muehlenhoff

[SECURITY] [DSA 2507-1] openjdk-6 security update Moritz Muehlenhoff (Jul 04)
[SECURITY] [DSA 2511-1] puppet security update Moritz Muehlenhoff (Jul 12)
[SECURITY] [DSA 2512-1] mono security update Moritz Muehlenhoff (Jul 12)

moshez

Google Chrome 19 metro_driver.dll mishandling moshez (Jul 16)

m . razavi777

Basilic RCE bug m . razavi777 (Jul 02)

n0b0d13s

[CVE-2012-0911] Tiki Wiki CMS Groupware <= 8.3 "unserialize()" PHP Code Execution n0b0d13s (Jul 04)

Nico Golde

[SECURITY] [DSA 2514-1] iceweasel security update Nico Golde (Jul 18)
[SECURITY] [DSA 2515-1] nsd3 security update Nico Golde (Jul 19)
[SECURITY] [DSA 2516-1] isc-dhcp security update Nico Golde (Jul 26)
[SECURITY] [DSA 2517-1] bind9 security update Nico Golde (Jul 30)

Nicolas Grégoire

From XSLT code execution to Meterpreter shells Nicolas Grégoire (Jul 04)

noreply

[PT-2012-23] SQL Injection in Dr.Web Anti-virus noreply (Jul 17)

Oliver Karow

Dr. Web Control Center Admin UI Remote Script Code Injection Oliver Karow (Jul 30)

pawel . wylecial

CakePHP 2.x-2.2.0-RC2 XXE Injection pawel . wylecial (Jul 16)

pereira

plow 0.0.5 <= Buffer Overflow Vulnerability pereira (Jul 04)
Forum Oxalis 0.1.2 <= SQL Injection Vulnerability pereira (Jul 04)
BookNux 0.2 <= Multiple Vulnerabilities pereira (Jul 09)
BookNux 0.2 <= Multiple Vulnerabilities pereira (Jul 09)
Re: Re: plow 0.0.5 <= Buffer Overflow Vulnerability pereira (Jul 10)
DomsHttpd 1.0 <= Remote Denial Of Service pereira (Jul 17)

pocadm

POC2012 Call for Paper pocadm (Jul 23)

Ralf Braga

Just4meeting 3.0 - Lisbon/Portugal - 6 to 8 - July Ralf Braga (Jul 04)

Research

Event Script PHP v1.1 CMS - Multiple Web Vulnerabilites Research (Jul 04)
GuestBook Scripts PHP v1.5 - Multiple Web Vulnerabilites Research (Jul 04)
Classified Ads Script PHP v1.1 - SQL Injection Vulnerabilities Research (Jul 04)
Freeside SelfService CGI|API 2.3.3 - Multiple Vulnerabilities Research (Jul 04)
CLscript CMS v3.0 - Multiple Web Vulnerabilities Research (Jul 05)
Phonalisa v5.0 VoiP - Multiple Web Vulnerabilities Research (Jul 12)
Funeral Script PHP - Multiple Web Vulnerabilites Research (Jul 12)
PHP Jobsite v1.36 - Cross Site Scripting Vulnerabilities Research (Jul 12)
Reserve Logic v1.2 Booking CMS - Multiple Vulnerabilities Research (Jul 12)
Event Calendar PHP 1.2 - Multiple Web Vulnerabilites Research (Jul 16)
VamCart v0.9 CMS - Multiple Web Vulnerabilities Research (Jul 16)
SMF Board v2.0.2 - Multiple Web Vulnerabilities Research (Jul 16)
PBBoard v2.1.4 CMS - Multiple Web Vulnerabilities Research (Jul 16)
Blackboard Mobile Learn v3.0 - Persistent Web Vulnerability Research (Jul 16)
KeyPass Password Safe v1.22 - Software Filter Vulnerability Research (Jul 17)

Research () NGSSecure

NGS00196 Patch Notification: Nagios XI Network Monitor OS Command Injection Research () NGSSecure (Jul 02)
NGS00194 Patch Notification: Nagios XI Network Monitor Blind SQL Injection Research () NGSSecure (Jul 02)
NGS00195 Patch Notification: Nagios XI Network Monitor Stored and Reflected XSS Research () NGSSecure (Jul 02)
NGS00162 Patch Notification: Symantec Message Filter Session Hijacking via session fixation Research () NGSSecure (Jul 02)

Roee Hay

Android DNS poisoning: Randomness gone bad (CVE-2012-2808) Roee Hay (Jul 24)

Secunia Research

Secunia Research: Cisco Linksys PlayerPT ActiveX Control "SetSource()" Buffer Overflow Secunia Research (Jul 17)

security

[ MDVSA-2012:096-1 ] python security (Jul 02)
[ MDVSA-2012:101 ] libtiff security (Jul 04)
[ MDVSA-2012:102 ] krb5 security (Jul 06)
[ MDVSA-2012:103 ] automake security (Jul 12)
[ MDVSA-2012:104 ] openjpeg security (Jul 12)
[ MDVSA-2012:105 ] pidgin security (Jul 12)
[ MDVSA-2012:106 ] libexif security (Jul 13)
[ MDVSA-2012:107 ] exif security (Jul 13)
[ MDVSA-2012:108 ] php security (Jul 23)
[ MDVSA-2012:109 ] libxslt security (Jul 24)
[ MDVSA-2012:110 ] mozilla security (Jul 24)
[ MDVSA-2012:111 ] libgdata security (Jul 25)
[ MDVSA-2012:112 ] perl-DBD-Pg security (Jul 26)
[ MDVSA-2012:113 ] arpwatch security (Jul 26)
[ MDVSA-2012:114 ] apache-mod_auth_openid security (Jul 26)
[ MDVSA-2012:115 ] dhcp security (Jul 26)
[ MDVSA-2012:116 ] dhcp security (Jul 26)
[ MDVSA-2012:117 ] python-pycrypto security (Jul 27)
[ MDVSA-2012:118 ] apache-mod_security security (Jul 27)
[ MDVSA-2012:119 ] bind security (Jul 30)
[ MDVSA-2012:110-1 ] mozilla security (Jul 30)

Security_Alert

ESA-2012-026: RSA Access Manager Session Replay Vulnerability Security_Alert (Jul 04)
ESA-2012-027: EMC Celerra/VNX/VNXe Improper Access Control Vulnerability Security_Alert (Jul 11)
ESA-2012-023: RSA Authentication Manager Multiple Vulnerabilities Security_Alert (Jul 12)

security-alert

[security bulletin] HPSBMU02781 SSRT100617 rev.1 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows running PostgreSQL, Remote Execution of Arbitrary Code, Denial of Service (DoS) security-alert (Jul 02)
[security bulletin] HPSBMU02783 SSRT100806 rev.1 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Cross Site Scripting (XSS) security-alert (Jul 02)
[security bulletin] HPSBUX02795 SSRT100878 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS) security-alert (Jul 03)
[security bulletin] HPSBGN02750 SSRT100795 rev.1 - HP ProtectTools Enterprise Device Access Manager Running on Windows, Remote Execution of Arbitrary Code, Denial of Service (DoS) security-alert (Jul 05)
[security bulletin] HPSBMU02796 SSRT100594 rev.1 - HP Operations Agent for AIX, HP-UX, Linux, Solaris and Windows, Remote Execution of Arbitrary Code security-alert (Jul 10)
[security bulletin] HPSBMU02796 SSRT100594 rev.2 - HP Operations Agent for AIX, HP-UX, Linux, Solaris and Windows, Remote Execution of Arbitrary Code security-alert (Jul 13)
[security bulletin] HPSBGN02787 SSRT100876 rev.1 - HP AssetManager, Remote Cross Site Scripting (XSS) and Unauthorized Data Modification security-alert (Jul 16)
[security bulletin] HPSBMU02799 SSRT100867 rev.1 - HP Network Node Manager i (NNMi) v9.0x Running JDK for HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Information Disclosure, Modification, Denial of Service (DoS) security-alert (Jul 17)
[security bulletin] HPSBMU02797 SSRT100867 rev.1 - HP Network Node Manager i (NNMi) v9.1x Running JDK for HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Information Disclosure, Modification, Denial of Service (DoS) security-alert (Jul 17)
[security bulletin] HPSBUX02789 SSRT100824 rev.3 - HP-UX CIFS Server (Samba), Remote Execution of Arbitrary Code, Elevation of Privileges security-alert (Jul 25)
[security bulletin] HPSBUX02795 SSRT100878 rev.2 - HP-UX Running BIND, Remote Denial of Service (DoS) security-alert (Jul 26)

securityfocus

NESSUS ANDROID APP - stores login info in plain text securityfocus (Jul 23)

Slackware Security Team

[slackware-security] pidgin (SSA:2012-195-02) Slackware Security Team (Jul 16)
[slackware-security] php (SSA:2012-195-01) Slackware Security Team (Jul 16)
[slackware-security] mozilla-firefox (SSA:2012-200-02) Slackware Security Team (Jul 18)
[slackware-security] mozilla-thunderbird (SSA:2012-200-03) Slackware Security Team (Jul 18)
[slackware-security] seamonkey (SSA:2012-200-04) Slackware Security Team (Jul 18)
[slackware-security] libexif (SSA:2012-200-01) Slackware Security Team (Jul 19)
[slackware-security] libpng (SSA:2012-206-01) Slackware Security Team (Jul 25)
[slackware-security] bind (SSA:2012-209-01) Slackware Security Team (Jul 30)

Socket_0x03

tekno.Portal 0.1b - SQLi Vulnerability in "anket.php" Socket_0x03 (Jul 26)

sschurtz

MGB OpenSource Guestbook 0.6.9.1 Multiple security vulnerabilities sschurtz (Jul 16)
WordPress Plugin 'Count Per Day' 3.1.1 Multiple Cross-site scripting vulnerabilities sschurtz (Jul 16)

Stefan Kanthak

Vulnerable Microsoft VC++ 2005 runtime libraries in "Microsoft Live Meeting 2007 Client" installed in private location Stefan Kanthak (Jul 04)

Thor \(Hammer of God\)

Re: [Full-disclosure] Unpatched IIS Vulnerabilities / Microsoft July Security Bulletin Thor \(Hammer of God\) (Jul 17)

Tom Yu

MITKRB5-SA-2012-001: KDC heap corruption and crash [CVE-2012-1014 CVE-2012-1015] Tom Yu (Jul 31)

Trustwave Advisories

TWSL2012-014: Multiple Vulnerabilities in Scrutinizer NetFlow & sFlow Analyzer Trustwave Advisories (Jul 30)

vulns

DataWatch Monarch BI v5.1 admin section reflected cross-site scripting vulns (Jul 30)
DataWatch Monarch Business Intelligence (BI) v5.1 admin section stored cross-site scripting vulns (Jul 30)
DataWatch Monarch Business Intelligence (BI) v5.1 client section stored cross-site scripting vulns (Jul 30)
DataWatch Monarch Business Intelligence (BI) v5.1 Blind SQL injection vulns (Jul 30)
DataWatch Monarch Business Intelligence (BI) v5.1 Admin Section Blind XPath Injection vulns (Jul 30)
TEMENOS T24 R07.03 Reflected Cross-Site Scripting vulns (Jul 30)
TEMENOS T24 R07.03 Authentication Bypass vulns (Jul 30)

YGN Ethical Hacker Group

ocPortal 7.1.5 <= | Open URL Redirection Vulnerability YGN Ethical Hacker Group (Jul 30)

Yves-Alexis Perez

[SECURITY] [DSA 2506-1] libapache-mod-security security update Yves-Alexis Perez (Jul 03)
[SECURITY] [DSA 2508-1] kfreebsd-8 security update Yves-Alexis Perez (Jul 23)

ZDI Disclosures

ZDI-12-114 : HP OpenView Performance Agent coda.exe Opcode 0x34 Remote Code Execution Vulnerability ZDI Disclosures (Jul 12)
ZDI-12-115 : HP OpenView Performance Agent coda.exe Opcode 0x8C Remote Code Execution Vulnerability ZDI Disclosures (Jul 12)
ZDI-12-116 : EMC AutoStart ftAgent Opcode 50 Subcode 04 Parsing Remote Code Execution Vulnerability ZDI Disclosures (Jul 12)
ZDI-12-117 : EMC AutoStart ftAgent Opcode 50 Parsing Remote Code Execution Vulnerability ZDI Disclosures (Jul 12)
ZDI-12-118: EMC AutoStart ftAgent Opcode 0x03 Parsing Remote Code Execution Vulnerability ZDI Disclosures (Jul 12)
ZDI-12-119: EMC AutoStart ftAgent Opcode 0x41 Subcode 0x00 Parsing Remote Code Execution Vulnerability ZDI Disclosures (Jul 12)
ZDI-12-120: EMC AutoStart ftAgent Opcode 85 Subcode 22 Parsing Remote Code Execution Vulnerability ZDI Disclosures (Jul 12)
ZDI-12-121: EMC AutoStart ftAgent Opcode 85 Subcode 01 Parsing Remote Code Execution Vulnerability ZDI Disclosures (Jul 12)
ZDI-12-122: EMC AutoStart ftAgent Opcode 65 Parsing Remote Code Execution Vulnerability ZDI Disclosures (Jul 12)
ZDI-12-123: EMC AutoStart ftAgent Opcode 50 Subcode 60 Parsing Remote Code Execution Vulnerability ZDI Disclosures (Jul 12)
ZDI-12-124: EMC AutoStart ftAgent Opcode 50 Subcode 42 Parsing Remote Code Execution Vulnerability ZDI Disclosures (Jul 12)
ZDI-12-125: Apple Quicktime QTPlugin SetLanguage Remote Code Execution Vulnerability ZDI Disclosures (Jul 12)
ZDI-12-126 : (0 day) HP StorageWorks File Migration Agent RsaCIFS.dll Remote Code Execution Vulnerability ZDI Disclosures (Jul 19)
ZDI-12-127 : (0Day) HP StorageWorks File Migration Agent RsaFTP.dll Remote Code Execution Vulnerability ZDI Disclosures (Jul 19)
Previous period Next period
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]