Home page logo

192 messages starting Apr 01 13 and ending Apr 30 13
Date index | Thread index | Author index

Monday, 01 April

MailOrderWorks v5.907 - Multiple Web Vulnerabilities Vulnerability Lab
[security bulletin] HPSBUX02859 SSRT101144 rev.1 - HP-UX Running XNTP, Remote Denial of Service (DoS) and Execute Arbitrary Code security-alert
[Suspected Spam] [slackware-security] libssh (SSA:2013-087-01) Slackware Security Team
[waraxe-2013-SA#100] - Update Spoofing Vulnerability in mRemote 1.50 come2waraxe
[waraxe-2013-SA#101] - Update Spoofing Vulnerability in Royal TS 2.1.5 come2waraxe
Authentication bypass on Netgear WNR1000 roberto
[SECURITY] [DSA 2656-1] bind9 security update Salvatore Bonaccorso
US-CERT Alert TA13-088A: DNS Amplification Attacks US-CERT Alerts
[security bulletin] HPSBUX02860 SSRT101146 rev.1 - HP-UX Apache Running Tomcat Servlet Engine, Remote Denial of Service (DoS), Access Restriction Bypass, Unauthorized Modification and Other Vulnerabilities security-alert

Tuesday, 02 April

Remote command execution in Ruby Gem ldoce 0.0.2 larry0
NGS00248 Patch Notification: Virtual Access Monitor Multiple SQL Injection Vulnerabilities NCC Group Research

Wednesday, 03 April

FreeBSD Security Advisory FreeBSD-SA-13:03.openssl FreeBSD Security Advisories
FreeBSD Security Advisory FreeBSD-SA-13:04.bind FreeBSD Security Advisories
SEC Consult SA-20130403-0 :: Multiple vulnerabilities in Sophos Web Protection Appliance SEC Consult Vulnerability Lab
Google AD Sync Tool - Exposure of Sensitive Information Vulnerability - Security Advisory - SOS-13-001 Lists
[slackware-security] mozilla-thunderbird (SSA:2013-093-02) Slackware Security Team
[slackware-security] mozilla-firefox (SSA:2013-093-01) Slackware Security Team
SQL Injection Vulnerability in Symphony advisory
PHP Code Injection in FUDforum advisory
TC-SA-2013-01: Reflected Cross-Site-Scripting (XSS) vulnerability in e107 CMS v1.0.2 Simon Bieber
Novell GroupWise Multiple Remote Code Execution Vulnerabilities advisory

Thursday, 04 April

[ MDVSA-2013:015-1 ] apache security
Groovy Media Player buffer overflow Vulnerability akshay . vaghela
SEC Consult 20130404-0 :: Multiple Vulnerabilities in Censornet Professional v4 (2.1.7) SEC Consult Vulnerability Lab
[ MDVSA-2013:016 ] apache-mod_security security
[ MDVSA-2013:017 ] arpwatch security
[SECURITY] [DSA 2658-1] postgresql-9.1 security update Giuseppe Iuculano
GreHack 2013 - Call For Papers - November 15, Grenoble, France F. Duchene
[SECURITY] [DSA 2657-1] postgresql-8.4 security update Giuseppe Iuculano
[ MDVSA-2013:018 ] automake security
[ MDVSA-2013:015-1 ] apache security
[SECURITY] [DSA 2654-1] libxslt security update Salvatore Bonaccorso
Hackersh 0.1 Release Announcement Itzik Kotler

Friday, 05 April

[ MDVSA-2013:019 ] bash security
[ MDVSA-2013:027-1 ] clamav security

Monday, 08 April

[slackware-security] subversion (SSA:2013-095-01) Slackware Security Team
[ MDVSA-2013:029 ] apache-mod_security security
[ MDVSA-2013:030 ] arpwatch security
[ MDVSA-2013:031 ] automake security
[ MDVSA-2013:032 ] bash security
[ MDVSA-2013:023-1 ] coreutils security
[ MDVSA-2013:033 ] cronie security
Aastra IP Telephone hardcoded telnet admin password Timo Juhani Lindfors
[ MDVSA-2013:034 ] cups security
[ MDVSA-2013:035 ] libexif security
[ MDVSA-2013:036 ] exif security
[ MDVSA-2013:037 ] fetchmail security
[ MDVSA-2013:038 ] freeradius security
[ MDVSA-2013:039 ] freetype2 security
[ MDVSA-2013:001-1 ] gnupg security
[ MDVSA-2013:040 ] gnutls security
[ MDVSA-2013:041 ] html2ps security
[security bulletin] HPSBMU02785 SSRT100526 rev.2 - HP LoadRunner Running on Windows, Remote Execution of Arbitrary Code, Denial of Service (DoS) security-alert
[ MDVSA-2013:042 ] krb5 security
[ MDVSA-2013:043 ] libgssglue security
[ MDVSA-2013:044 ] libjpeg security
[ MDVSA-2013:045 ] libssh security
[ MDVSA-2013:046 ] libtiff security
[ MDVSA-2013:047 ] libxslt security
[ MDVSA-2013:048 ] ncpfs security
[ MDVSA-2013:049 ] net-snmp security
[ MDVSA-2013:050 ] nss security
[ MDVSA-2013:051 ] openssh security
[ MDVSA-2013:052 ] openssl security
[ MDVSA-2013:053 ] proftpd security
[ MDVSA-2013:054 ] sudo security
[ MDVSA-2013:055 ] wireshark security
Vanilla Forums 2.0.18 / SQL-Injection / Insert arbitrary user & dump usertable mschratt
Multiple Vulnerabilities in D-Link devices devnull
[slackware-security] seamonkey (SSA:2013-097-01) Slackware Security Team
[ MDVSA-2013:056 ] libxml2 security
[ MDVSA-2013:057 ] xinetd security
[ MDVSA-2013:058 ] bind security
[ MDVSA-2013:059 ] dhcp security
[ MDVSA-2013:060 ] accountsservice security
[ MDVSA-2013:061 ] awstats security
[ MDVSA-2013:062 ] backuppc security
[ MDVSA-2013:063 ] bip security
[ MDVSA-2013:064 ] bogofilter security
[ MDVSA-2013:065 ] boost security

Tuesday, 09 April

[ MDVSA-2013:066 ] bugzilla security
[ MDVSA-2013:067 ] couchdb security
[ MDVSA-2013:068 ] courier-authlib security
[ MDVSA-2013:069 ] cups-pk-helper security
[ MDVSA-2013:070 ] dbus security
[ MDVSA-2013:071 ] dbus-glib security
[CVE-2012-5389] Null Pointer Derefence in Dart Webserver <= 1.9.2 Ken
[CVE-REQUEST] Multiple CSRF vulnerabilities on Foscam IP cameras web UI shekyan
[ISecAuditors Security Advisories] Multiple Full Path Disclosure Vulnerabilities in TinyWebGallery <= v1.8.9 ISecAuditors Security Advisories
[ MDVSA-2013:072 ] dnsmasq security
[ MDVSA-2013:073 ] dokuwiki security
[ MDVSA-2013:074 ] drupal security
[ MDVSA-2013:075 ] elinks security
[ MDVSA-2013:076 ] emacs security
[ MDVSA-2013:081 ] gegl security
[ MDVSA-2013:082 ] gimp security
[ MDVSA-2013:083 ] glib2.0 security
[ MDVSA-2013:084 ] gnome-keyring security
[ MDVSA-2013:085 ] groff security
[ MDVSA-2013:086 ] groff security
[ MDVSA-2013:087 ] firefox security
[ MDVSA-2013:088 ] hplip security
[ MDVSA-2013:089 ] icclib security
[ MDVSA-2013:090 ] argyllcms security
[ MDVSA-2013:091 ] icecast security
[ MDVSA-2013:092 ] imagemagick security
Hackito Ergo Sum 2013 Speaker Announcement! Alexandre De Oliveira
CVE-2013-0798 : World read and write access to app_tmp directory on Android suzuki
[waraxe-2013-SA#102] - Reflected XSS in phpMyAdmin 3.5.7 come2waraxe
[ MDVSA-2013:078 ] fail2ban security
[ MDVSA-2013:077 ] ettercap security

Friday, 12 April

Remote command injection in Ruby Gem kelredd-pruview 0.3.8 larry0
[ MDVSA-2013:142 ] postgresql security

Tuesday, 16 April

[ MDVSA-2013:143 ] poppler security
DDIVRT-2013-52 Dell EqualLogic PS6110X Directory Traversal ddivulnalert
[security bulletin] HPSBUX02866 SSRT101139 rev.1 - HP-UX Running Apache, Remote Denial of Service (DoS), Execution of Arbitrary Code and other vulnerabilities security-alert

Wednesday, 17 April

[SE-2012-01] Details of issues fixed by Java SE 7 Update 21 Security Explorations
[ESNC-2013-001] Privilege Escalation in SAP Healthcare Industry Solution ESNC Security
Sitecom WLM-3500 backdoor accounts roberto . paleari
[ESNC-2013-002] Privilege Escalation in SAP Production Planning and Control ESNC Security
[ESNC-2013-003] Remote OS Command Execution in SAP BASIS Communication Services ESNC Security
[ MDVSA-2013:144 ] phpmyadmin security
APPLE-SA-2013-04-16-1 Safari 6.0.4 Apple Product Security
APPLE-SA-2013-04-16-2 Java for OS X 2013-003 and Mac OS X v10.6 Update 15 Apple Product Security
Open-Xchange Security Advisory 2013-04-17 Martin Braun
Multiple Vulnerabilities in KrisonAV CMS advisory
SI6 Networks' IPv6 Toolkit v1.3.4 released! Fernando Gont
Re: [SE-2012-01] Details of issues fixed by Java SE 7 Update 21 Security Explorations

Thursday, 18 April

Cisco Security Advisory: Cisco Network Admission Control Manager SQL Injection Vulnerability Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco TelePresence Infrastructure Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team
SEC Consult SA-20130417-1 :: Java ActiveX Control Memory Corruption SEC Consult Vulnerability Lab
[SECURITY] [DSA 2661-1] xorg-server security update Yves-Alexis Perez
DC4420 - London DEFCON - April meet - Tuesday 23rd April 2013 Major Malfunction
SEC Consult SA-20130417-2 :: HTTP header injection/Cache poisoning in Oracle WebCenter Sites Satellite Server SEC Consult Vulnerability Lab
VUPEN Security Research - Oracle Java JavaFX Video Frame Decoding Remote Heap Overflow (Pwn2Own 2013) VUPEN Security Research
[SECURITY] [DSA 2662-1] xen security update Salvatore Bonaccorso
CVE-2013-2504 : Matrix42 Service Desk XSS 43z sec
SEC Consult 20130417-0 :: Multiple vulnerabilities in Sosci Survey SEC Consult Vulnerability Lab

Friday, 19 April

VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555) VUPEN Security Research
TWSL2013-004: Group Name Enumeration Vulnerability in Cisco IKE Implementation Trustwave Advisories
Re: SEC Consult SA-20130417-1 :: Java ActiveX Control Memory Corruption SEC Consult Vulnerability Lab
[ MDVSA-2013:145 ] java-1.6.0-openjdk security
[ MDVSA-2013:146 ] icedtea-web security

Monday, 22 April

[ MDVSA-2013:147 ] libarchive security
[SECURITY] [DSA 2660-1] curl security update Salvatore Bonaccorso
[SE-2012-01] Yet another Reflection API flaw affecting Oracle's Java SE Security Explorations
44Café 23rd April details Steve
[SQLi] vBilling for FreeSWITCH Michał Błaszczak

Tuesday, 23 April

Multiple Vulnerabilities in D'Link DIR-615 - Hardware revision D3 / DIR-300 - Hardware revision A devnull
[ MDVSA-2013:148 ] roundcubemail security
[ MDVSA-2013:149 ] roundcubemail security
[ MDVSA-2013:150 ] mysql security
[SECURITY] [DSA 2663-1] tinc security update Yves-Alexis Perez

Wednesday, 24 April

[security bulletin] HPSBHF02865 SSRT101158 rev.1 - HP ElitePad 900, Secure Boot Configuration Inconsistency security-alert
Cisco/Linksys HTTP Service Remote DoS (Denial of Service) Carl Benedict
[ESNC-2013-004] Remote ABAP Code Injection in OpenText/IXOS ECM for SAP NetWeaver ESNC Security

Thursday, 25 April

Cisco Security Advisory: Cisco Device Manager Command Execution Vulnerability Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified Computing System Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Multiple Vulnerabilities in Cisco NX-OS-Based Product Cisco Systems Product Security Incident Response Team
[waraxe-2013-SA#103] - Multiple Vulnerabilities in phpMyAdmin come2waraxe
Nginx ngx_http_close_connection function integer overflow safe3q

Friday, 26 April

Borland Caliber 11.0 Quiksoft EasyMail SMTP Object Buffer Overflows nospam
Borland Silk Central 12.1 TeeChart Pro Activex control AddSeries Remote Code Execution nospam
Multiple Vulnerabilities in D'Link DIR-635 devnull
[security bulletin] HPSBMU02830 SSRT100889 rev.2 - HP Data Protector, Local Increase of Privilege security-alert

Monday, 29 April

Re: Nginx ngx_http_close_connection function integer overflow Maxim Konovalov
[security bulletin] HPSBPI02868 SSRT101017 rev.1 - HP Managed Printing Administration (MPA), Remote Cross Site Scripting (XSS) security-alert
[security bulletin] HPSBPI02869 SSRT100936 rev.1 - HP LaserJet MFP Printers, HP Color LaserJet MFP Printers, Certain HP LaserJet Printers, Remote Unauthorized Access to Files security-alert
Hacking IPv6 networks training (slideware, upcoming trainings, etc.) Fernando Gont
EDSC 2013 CFP Open Michael Eddington
[ MDVSA-2013:151 ] curl security
[ MDVSA-2013:152 ] subversion security
[ MDVSA-2013:153 ] subversion security
[KIS-2013-04] Joomla! <= 3.0.3 (remember.php) PHP Object Injection Vulnerability Egidio Romano
Cisco/Linksys E1200 N300 Reflected XSS Carl Benedict
[ MDVSA-2013:154 ] util-linux security
[ MDVSA-2013:155 ] fuse security
Re: Nginx ngx_http_close_connection function integer overflow Maxim Konovalov

Tuesday, 30 April

[security bulletin] HPSBMU02873 SSRT101182 rev.1 - HP Service Manager, Apache Tomcat Security Update security-alert
[security bulletin] HPSBMU02874 SSRT101184 rev.1 - HP Service Manager, Java Runtime Environment (JRE) Security Update security-alert
[ MDVSA-2013:156 ] apache-mod_security security
FreeBSD Security Advisory FreeBSD-SA-13:05.nfsserver FreeBSD Security Advisories
FreeBSD Security Advisory FreeBSD-SA-13:05.nfsserver [REVISED] FreeBSD Security Advisories
CORE-2013-0303 - D-Link IP Cameras Multiple Vulnerabilities CORE Security Technologies Advisories
Personal File Share HTTP Server Remote Overflow Vulnerability demonalex
WowzaMediaServer StorageDir escape (regression) Michal J.
WowzaMediaServer SecureToken bypass (and worse) Michal J.
Syslog Watcher Pro 'Date' Parameter Cross Site Scripting Vulnerability demonalex
[security bulletin] HPSBMU02872 SSRT101185 rev.1 - HP Service Manager, Remote Disclosure of Information, Cross Site Scripting(XSS) security-alert
[ MDVSA-2013:157 ] krb5 security
[ MDVSA-2013:158 ] krb5 security
[SECURITY] [DSA 2665-1] strongswan security update Yves-Alexis Perez
Previous period Next period
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]