502 messages starting Dec 01 09 and ending Jan 01 10 Date index | Thread index | Author index
Re: ** FreeBSD local r00t zeroday Oliver Pinter Re: ** FreeBSD local r00t zeroday r00f r00f Re: ** FreeBSD local r00t zeroday Colin Percival Re: ** FreeBSD local r00t zeroday David Berard Re: Software developer looks at CRU code RandallM Re: ** FreeBSD local r00t zeroday Benji Re: ** FreeBSD local r00t zeroday Robert Portvliet Re: ** FreeBSD local r00t zeroday Dawid Golunski Re: ** FreeBSD local r00t zeroday FBI BOT Re: ** FreeBSD local r00t zeroday Oliver Pinter Re: ** FreeBSD local r00t zeroday r00f r00f Re: ** FreeBSD local r00t zeroday Oliver Pinter Re: ** FreeBSD local r00t zeroday r00f r00f Transmission #19-WT [re: Andrew Wallace / n3td3v] genesis project Re: ** FreeBSD local r00t zeroday bk Re: ** FreeBSD local r00t zeroday Benji ** FreeBSD local r00t zeroday Michał Manterys Re: Transmission #19-WT [re: Andrew Wallace / n3td3v] Michael Holstein Re: Transmission #19-WT [re: Andrew Wallace / n3td3v] Cody Robertson [ GLSA 200912-01 ] OpenSSL: Multiple vulnerabilities Alex Legler
Feds ‘Pinged’ Sprint GPS D ata 8 Million Times Over a Year Ivan . Re: [Full-disclosure] Feds ‘Pinged’ Sprint GPS D ata 8 Million Times Over a Year Ed Carp Re: Feds 'Pinged' Sprint GPS Data 8 Million Times Over a Year Matthias Appel Re: Feds 'Pinged' Sprint GPS Data 8 Million Times Over a Year Thor (Hammer of God) 40 vulnerabilities in SMF 1.1.10/SMF 2.0RC2 by elhacker.net (Simple Audit) SMF 2.0 Code Review elhacker.net Re: Software developer looks at CRU code Tomas L. Byrnes Re: Issue 5 in smf2-review: XSS in 'website' field in User Profile smf2-review Re: Issue 8 in smf2-review: CSRF theme change smf2-review Re: Issue 6 in smf2-review: PHP Remote Code Execution smf2-review Re: Issue 9 in smf2-review: Subforum Category Collapse CSRF smf2-review Re: Issue 10 in smf2-review: CSRF en el gestor de servidores de paquetes smf2-review Re: Issue 11 in smf2-review: XSS in package server manager smf2-review Re: Issue 12 in smf2-review: CSRF package deletion and installed package disclosure smf2-review Re: Issue 13 in smf2-review: Attached files configuration CSRF smf2-review Re: Issue 14 in smf2-review: XSS in "Enable basic HTML in posts" smf2-review Re: Issue 15 in smf2-review: Remote File Disclosure (solo en logs, y similares) smf2-review Re: Issue 16 in smf2-review: CSRF en Moderation Preferences smf2-review Re: Issue 17 in smf2-review: XSS en el censurador de palabras smf2-review Re: Issue 18 in smf2-review: CSRF in Polls smf2-review Re: Issue 19 in smf2-review: installer XSS smf2-review Re: ** FreeBSD local r00t zeroday Nicolas RUFF Re: [rejected] Oracle exploit for CTXSYS.DRVXTABC.CREATE_TABLES and others Andrea Purificato Secunia Research: Lateral Arts Photobox uploader ActiveX Control Buffer Overflow Secunia Research Re: ** FreeBSD local r00t zeroday McGhee, Eddie Re: Transmission #19-WT [re: Andrew Wallace / n3td3v] McGhee, Eddie Secunia Research: Roxio Creator Image Rendering Integer Overflow Vulnerability Secunia Research Re: ** FreeBSD local r00t zeroday Chris Re: ** FreeBSD local r00t zeroday Benji Re: Transmission #19-WT [re: Andrew Wallace / n3td3v] T Biehn Re: Transmission #19-WT [re: Andrew Wallace / n3td3v] McGhee, Eddie [ MDVSA-2009:121-1 ] lcms security In the thick of it: how the Digital Economy bill is trying to kill open Wi-Fi networks Ivan . Yahoo: Our spying policy wou ld ’shock’ customers Ivan .
Re: Transmission #19-WT [re: Andrew Wallace / n3td3v] Thor (Hammer of God) Microsoft: ‘Piracy no long er poses a threat to us’ Ivan . Re: Microsoft: ‘Piracy no long er poses a threat to us’ S/U/N Re: [Full-disclosure] Microsoft: ‘Piracy no longe r poses a threat to us’ dramacrat Re: Microsoft: Piracy no longer poses a threat to us¹ James Lay Re: [Full-disclosure] Microsoft: ‘Piracy no long er poses a threat to us’ netinfinity Open-Source Effort to Hack GSM Mike Eber Re: [Full-disclosure] Microsoft: ‘Piracy no longe r poses a threat to us’ Kevin Wilcox [ MDVSA-2009:217-3 ] mozilla-thunderbird security Call for Papers - you Sh0t the Sheriff 4 - Security Conference, Brazil Luiz Eduardo [SECURITY] [DSA 1943-1] New openldap2.3/openldap packages fix SSL certificate verification weakness Giuseppe Iuculano [SECURITY] [DSA 1944-1] New request-tracker packages fix session hijack vulnerability Steffen Joeris Re: Microsoft: ‘Piracy no long er poses a threat to us’ Maky Pevnser [SECURITY] [DSA 1945-1] New gforge packages fix denial of service Steffen Joeris [ MDVSA-2009:197-3 ] nss security [ MDVSA-2009:103-1 ] udev security [ MDVSA-2009:106-1 ] libwmf security [ MDVSA-2009:107-1 ] acpid security [ MDVSA-2009:108-1 ] zsh security [ MDVSA-2009:112-1 ] ipsec-tools security [ MDVSA-2009:113-1 ] cyrus-sasl security [ MDVSA-2009:308 ] gnutls security [ MDVSA-2009:309 ] ntp security [USN-863-1] QEMU vulnerability Jamie Strandboge [ MDVSA-2009:310 ] openssl security CORE-2009-0911: DAZ Studio Arbitrary Command Execution CORE Security Technologies Advisories [ MDVSA-2009:290-1 ] firefox security [ MDVSA-2009:292-1 ] wireshark security [ MDVSA-2009:128-1 ] libmodplug security [ MDVSA-2009:130-1 ] gstreamer0.10-plugins-good security [ MDVSA-2009:132-1 ] libsndfile security [ MDVSA-2009:142-1 ] jasper security
[ MDVSA-2009:311 ] ghostscript security [ MDVSA-2009:169-1 ] libtiff security [ MDVSA-2009:312 ] dhcp security [ MDVSA-2009:157-1 ] perl-Compress-Raw-Zlib security [ MDVSA-2009:158-3 ] pango security [ MDVSA-2009:313-1 ] bind security [ MDVSA-2009:314 ] apr security [ MDVSA-2009:287-1 ] xpdf security [ MDVSA-2009:200-1 ] libxml security [ MDVSA-2009:201-1 ] fetchmail security [ MDVSA-2009:203-1 ] curl security PHP 5.3.1 open_basedir bypass Maksymilian Arciemowicz [ MDVSA-2009:206-1 ] wget security [ MDVSA-2009:213-1 ] wxgtk security [ MDVSA-2009:208-1 ] libgadu security [ MDVSA-2009:211-1 ] expat security Secunia Research: DevIL DICOM "GetUID()" Buffer Overflow Vulnerability Secunia Research [ MDVSA-2009:212-1 ] python security [ MDVSA-2009:218-1 ] w3c-libwww security [ MDVSA-2009:315 ] libneon security Invision Power Board <= 3.0.4 Local PHP File Inclusion and SQL Injection Dawid Golunski [ MDVSA-2009:223-1 ] xerces-c security [ MDVSA-2009:224-1 ] postfix security Re: "funsec" as a terror cell Sam Haldorf Re: The Cyber War Conspiracy Sam Haldorf
[SECURITY] [DSA 1946-1] New belpic packages fix cryptographic weakness Steffen Joeris [USN-864-1] Linux kernel vulnerabilities Kees Cook Re: ** FreeBSD local r00t zeroday Chris Re: The Cyber War Conspiracy Valdis . Kletnieks Re: The Cyber War Conspiracy Paul Schmehl Re: The Cyber War Conspiracy Gichuki John Chuksjonia Re: The Cyber War Conspiracy Sam Haldorf Re: ** FreeBSD local r00t zeroday RandallM [ MDVSA-2009:316 ] expat security [ MDVSA-2009:232-1 ] libsamplerate security [ MDVSA-2009:229-1 ] cyrus-imapd security [ MDVSA-2009:234-2 ] silc-toolkit security [ MDVSA-2009:243-2 ] freetype2 security [ MDVSA-2009:249-1 ] newt security [ MDVSA-2009:256-1 ] dbus security [ MDVSA-2009:254-1 ] graphviz security [ MDVSA-2009:260-1 ] imagemagick security [ MDVSA-2009:317 ] netpbm security [ MDVSA-2009:318 ] xmlsec1 security [ MDVSA-2009:272-1 ] libmikmod security [ MDVSA-2009:252-1 ] perl-IO-Socket-SSL security [ MDVSA-2009:284-1 ] gd security PhpShop Multiple Vulnerabilities Andrea Fabrizi [ MDVSA-2009:297-1 ] ffmpeg security [ MDVSA-2009:319 ] xine-lib security Flieg wenn du fliegen kannst, lieb wenn du lieben kannst ; fly when you can fly, love when you can love Kingcope
Re: Software developer looks at CRU code Stephen Mullins Re: Software developer looks at CRU code dpcybuck Re: Software developer looks at CRU code Valdis . Kletnieks [ MDVSA-2009:307-1 ] libtool security Re: Software developer looks at CRU code Paul Schmehl [ MDVSA-2009:320 ] samba security [ MDVSA-2009:321 ] pidgin security [ MDVSA-2009:215-1 ] audacity security [ MDVSA-2009:219-1 ] kompozer security Re: Software developer looks at CRU code Valdis . Kletnieks Re: Software developer looks at CRU code Paul Schmehl Re: Software developer looks at CRU code Thor (Hammer of God)
Re: Software developer looks at CRU code Paul Schmehl Re: Software developer looks at CRU code Ivan . Re: Software developer looks at CRU code Thor (Hammer of God) short intro jai Re: short intro McGhee, Eddie [ MDVSA-2009:231-1 ] htmldoc security [ MDVSA-2009:322 ] mono security [USN-865-1] Bind vulnerability Marc Deslauriers [ MDVSA-2008:233-1 ] libcdaudio security [ MDVSA-2009:323 ] apache security [ MDVSA-2009:324 ] php security Re: short intro Ferdinand Klinzer Re: The Cyber War Conspiracy Kevin Wilcox [ MDVSA-2009:199-1 ] subversion security Re: Flieg wenn du fliegen kannst, lieb wenn du lieben kannst ; fly when you can fly, love when you can love PEra [ MDVSA-2009:325 ] ruby security [ MDVSA-2009:326 ] mysql security [USN-866-1] gnome-screensaver vulnerability Marc Deslauriers Climate-Gate:A SysAdmin’s Perspective Ivan . [SECURITY] [DSA 1947-1] New Shibboleth packages fix cross-site scripting Moritz Muehlenhoff TANDBERG MXP(FIPS140) DOS 0 0 spy guides Ivan . Re: [Full-disclosure] Climate-Gate:A SysAdmin’s Perspective Rohit Patnaik
[ MDVSA-2009:282-1 ] cups security Re: Flieg wenn du fliegen kannst, lieb wenn du lieben kannst ; fly when you can fly, love when you can love Michael Lenz Re: Flieg wenn du fliegen kannst, lieb wenn du lieben kannst ; fly when you can fly, love when you can love Kingcope Secunia Research: Novell iPrint Client "target-frame" Parameter Buffer Overflow Secunia Research Secunia Research: Novell iPrint Client Date/Time Parsing Buffer Overflow Secunia Research [ MDVSA-2009:251-1 ] postgresql8.2 security [ MDVSA-2009:327 ] clamav security [ MDVSA-2009:191-1 ] OpenEXR security [ MDVSA-2009:133-1 ] irssi security [ MDVSA-2009:126-1 ] eggdrop security [ MDVSA-2009:099-1 ] openafs security [ MDVSA-2009:098-1 ] krb5 security [ MDVSA-2009:093-1 ] mpg123 security ZDI-09-086: Microsoft Internet Explorer XHTML DOM Manipulation Memory Corruption Vulnerability ZDI Disclosures ZDI-09-087: Microsoft Internet Explorer CSS Race Condition Code Execution Vulnerability ZDI Disclosures ZDI-09-088: Microsoft Internet Explorer IFrame Attributes Circular Reference Dangling Pointer Vulnerability ZDI Disclosures ZDI-09-089: Microsoft Windows Intel Indeo Codec Parsing Heap Overflow Vulnerability ZDI Disclosures ZDI-09-090: Microsoft Windows Intel Indeo Codec Parsing Stack Overflow Vulnerability ZDI Disclosures CA20091208-01: Security Notice for CA Service Desk Kotas, Kevin J [ MDVSA-2009:091-1 ] mod_perl security [ MDVSA-2009:059-1 ] xchat security [ MDVSA-2009:046-1 ] dia security [ MDVSA-2009:038-1 ] blender security [ MDVSA-2009:030-1 ] amarok security [ MDVSA-2009:276-1 ] python-django security Fortinet Advisory: Fortinet Discovers Microsoft Office Project Vulnerability liubing [USN-867-1] Ntp vulnerability Jamie Strandboge ZDI-09-091: Hewlett-Packard Application Recovery Manager MSG_PROTOCOL Stack Overflow Vulnerability ZDI Disclosures
Fortinet Advisory: Fortinet Discovers Vulnerability in Indeo Codec liubing [USN-868-1] GRUB 2 vulnerability Jamie Strandboge Fortinet Advisory: Fortinet Discovers Adobe Flash Player Multiple Vulnerabilities (APSB09-19) liubing [ MDVSA-2009:328 ] ntp security Advisory 02/2009: PHPIDS Unserialize() Vulnerability Stefan Esser Advisory 03/2009: Piwik Cookie unserialize() Vulnerability Stefan Esser [SECURITY] [DSA 1948-1] New ntp packages fix denial of service Nico Golde Fortinet Advisory: Fortinet Discovers Vulnerability in Indeo Codec noreply-secresearch Fortinet Advisory: Fortinet Discovers Vulnerability in Indeo Codec noreply-secresearch List Charter John Cartwright Zen Cart local file disclosure vulnerability Bogdan Calin ZDI-09-092: Adobe Flash Player JPEG Parsing Heap Overflow Vulnerability ZDI Disclosures ZDI-09-093: Adobe Flash Player ActionScript Exception Handler Integer Overflow Vulnerability ZDI Disclosures ZDI-09-094: Hewlett-Packard OpenView NNM Multiple Command Injection Vulnerabilities ZDI Disclosures ZDI-09-097: Hewlett-Packard OpenView NNM nnmRptConfig.exe Template Variable strcat Overflow Vulnerability ZDI Disclosures ZDI-09-095: Hewlett-Packard OpenView NNM Snmp.exe Oid Variable Buffer Overflow Vulnerability ZDI Disclosures ZDI-09-096: Hewlett-Packard OpenView NNM nnmRptConfig.exe Template Variable vsprintf Overflow Vulnerability ZDI Disclosures ZDI-09-098: Symantec Multiple Products VRTSweb.exe Remote Code Execution Vulnerability ZDI Disclosures iDefense Security Advisory 12.08.09: Microsoft Internet Explorer HTML Layout Engine Uninitialized Memory Vulnerability iDefense Labs iDefense Security Advisory 12.08.09: Microsoft WordPad Word97 Converter Integer Overflow Vulnerability iDefense Labs iDefense Security Advisory 12.08.09: Microsoft Windows Indeo32 Codec Parsing Heap Corruption Vulnerability iDefense Labs [iBLISS Advisory Board] Cross-Site Scripting (XSS) Vulnerability on Twitter bruno CORE-2009-1013: Multiple XSS and Injection Vulnerabilities in TestLink Test Management and Execution System CORE Security Technologies Advisories
Revenge of the Computer Nerds Ivan . [USN-869-1] Linux kernel vulnerabilities Kees Cook [ MDVSA-2009:329 ] kernel security Re: Revenge of the Computer Nerds Dan Kaminsky Re: Revenge of the Computer Nerds Thor (Hammer of God) Re: Revenge of the Computer Nerds Ivan . TPTI-09-08: HP OpenView NNM ovlogin.exe CGI userid/passwd Heap Overflow Vulnerability dvlabs TPTI-09-09: HP OpenView NNM ovsessionmgr.exe userid/passwd Heap Overflow Vulnerability dvlabs TPTI-09-10: HP OpenView NNM webappmon.exe CGI Host Header Buffer Overflow Vulnerability dvlabs TPTI-09-14: HP OpenView NNM ovwebsnmpsrv.exe OVwSelection Stack Overflow Vulnerability dvlabs TPTI-09-11: HP OpenView NNM OvWebHelp.exe CGI Topic Heap Overflow Vulnerability dvlabs TPTI-09-12: HP OpenView NNM ovalarm.exe CGI Accept-Language Stack Overflow Vulnerability dvlabs TPTI-09-13: HP OpenView NNM snmpviewer.exe CGI Host Header Stack Overflow Vulnerability dvlabs google dork you may enjoy robert mccurdy Re: google dork you may enjoy netinfinity Re: The Cyber War Conspiracy cyber armageddon Honey pot belongs to .....China???? taneja . security SAP sapstartsrv Denial of Service cybseclabs Re: google dork you may enjoy Sébastien Duquette [ MDVSA-2009:330 ] kdelibs security [ MDVSA-2009:331 ] kdegraphics security Re: Google Dorks FBI BOT Re: Google Dorks dd
[USN-870-1] PyGreSQL vulnerability Jamie Strandboge [USN-871-1] KDE vulnerability Jamie Strandboge [USN-871-2] KDE 4 vulnerabilities Jamie Strandboge [USN-872-1] KDE 4 Runtime vulnerabilities Jamie Strandboge Re: TLS / SSLv3 vulnerability explained (New ways to leverage the vulnerability) Thierry Zoller SecurityReason: Flock 2.5.2 Remote Array Overrun (Arbitrary code execution) Maksymilian Arciemowicz SecurityReason: Camino 1.6.10 Remote Array Overrun (Arbitrary code execution) Maksymilian Arciemowicz SecurityReason: Thunderbird 2.0.0.23 (lib) Remote Array Overrun (Arbitrary code execution) Maksymilian Arciemowicz SecurityReason: Sunbird 0.9 Array Overrun (code execution) 0day Maksymilian Arciemowicz kaspersky Portugal Vulnerable to blind SQLi vmware vmware [ MDVSA-2009:332 ] gimp security IE 0day for sale Freddie Vicious Re: IE 0day for sale Valdis . Kletnieks Re: IE 0day for sale Freddie Vicious Re: IE 0day for sale yaroslav Re: IE 0day for sale Benji Safer-networking.org: (Spybot) Vulnerable to Blind SQLi by VMw4r3 VMw4r3 Re: IE 0day for sale Michael Lenz Re: IE 0day for sale Thor (Hammer of God) [ MDVSA-2009:296-1 ] gimp security Re: IE 0day for sale Nelson Brito [ MDVSA-2009:259-1 ] snort security Brilliant attack "bypasses" bitlocker Thor (Hammer of God) Re: Brilliant attack "bypasses" bitlocker Thor (Hammer of God) Re: Brilliant attack "bypasses" bitlocker Thor (Hammer of God) Re: Brilliant attack "bypasses" bitlocker Michal Zalewski Re: IE 0day for sale mrx Re: IE 0day for sale Shyaam Re: Brilliant attack "bypasses" bitlocker yaroslav
Re: IE 0day for sale Jeff Williams stupid question again RandallM Re: stupid question again frank^2 Re: stupid question again Guy Re: stupid question again Valdis . Kletnieks Re: IE 0day for sale Valdis . Kletnieks Re: IE 0day for sale Shyaam Re: stupid question again RandallM Re: stupid question again RandallM Re: IE 0day for sale Jeff Williams Re: IE 0day for sale Jeff Williams Re: IE 0day for sale jack . a . mannino Re: stupid question again Tim Re: stupid question again Randall M Re: stupid question again Tracy Reed Gadi Evron: SecuriTeam: The Mossad: IE 0day for sale cyber armageddon Re: Gadi Evron: SecuriTeam: The Mossad: IE 0day for sale Freddie Vicious Re: Gadi Evron: SecuriTeam: The Mossad: IE 0day for sale cyber armageddon Gadi Evron's professional profile exposed cyber armageddon Re: Gadi Evron's professional profile exposed Paul Schmehl Re: Gadi Evron's professional profile exposed cyber armageddon Re: Gadi Evron's professional profile exposed Valdis . Kletnieks Re: Gadi Evron's professional profile exposed Paul Schmehl Re: Brilliant attack "bypasses" bitlocker bugtraq [SECURITY] [DSA 1949-1] New php-net-ping packages fix arbitrary code execution Raphael Geissert [SECURITY] [DSA-1950-1] New webkit packages fix several vulnerabilities Giuseppe Iuculano [gif2png] long filename Buffer Overrun Razuel Akaharnath Re: IE 0day for sale Gregor Schneider
Re: Gadi Evron's professional profile exposed Sam Haldorf Re: Gadi Evron's professional profile exposed Valdis . Kletnieks Re: stupid question again Pradip Sharma Unu hits Kaspersky Pradip Sharma Re: [gif2png] long filename Buffer Overrun Patroklos Argyroudis Re: [gif2png] long filename Buffer Overrun Razuel Akaharnath Re: [gif2png] long filename Buffer Overrun Nico Golde Re: [gif2png] long filename Buffer Overrun Razuel Akaharnath
Re: [gif2png] long filename Buffer Overrun Raphael Geissert Zabbix Agent : Bypass of EnableRemoteCommands=0 Nicob Zabbix Server : Multiple remote vulnerabilities Nicob Cross-Site Scripting vulnerabilities in Invision Power Board MustLive Hacktics Advisory Dec09: Oracle eBusiness Suite - Multiple Vulnerabilities Allow Remote Takeover Ofer Maor Re: Hacktics Advisory Dec09: Oracle eBusiness Suite - Multiple Vulnerabilities Allow Remote Takeover Freddie Vicious Re: Hacktics Advisory Dec09: Oracle eBusinessSuite - Multiple Vulnerabilities Allow Remote Takeover Ofer Maor Re: Hacktics Advisory Dec09: Oracle eBusinessSuite - Multiple Vulnerabilities Allow Remote Takeover Valdis . Kletnieks Re: Hacktics Advisory Dec09: Oracle eBusinessSuite - Multiple Vulnerabilities Allow Remote Takeover Michael Coyne Re: Hacktics Advisory Dec09: Oracle eBusinessSuite - Multiple Vulnerabilities Allow Remote Takeover Michael Coyne Re: Hacktics Advisory Dec09: Oracle eBusinessSuite - Multiple Vulnerabilities Allow Remote Takeover Ofer Maor DC4420 - London DEFCON - Christmas drinks - Wednesday 16th December Major Malfunction Re: Hacktics Advisory Dec09: Oracle eBusinessSuite - Multiple Vulnerabilities Allow Remote Takeover Michael Coyne Re: Hacktics Advisory Dec09: Oracle eBusiness Suite - Multiple Vulnerabilities Allow Remote Takeover Pradip Sharma Google Chrome 3.0.195.33 leaks DNS data queries outsitde of proxy if dns pre-fetching is enabled nixlists Decaf anyone? Ivan . Re: [gif2png] long filename Buffer Overrun Jubei Trippataka
318x.com and other "bad" domains. exploit dev [BMSA-2009-08] Multiple Vulnerabilities in PyForum Nam Nguyen Re: Google Chrome 3.0.195.33 leaks DNS data queries outsitde of proxy if dns pre-fetching is enabled coderman Re: [gif2png] long filename Buffer Overrun Razuel Akaharnath Re: Google Chrome 3.0.195.33 leaks DNS data queries outsitde of proxy if dns pre-fetching is enabled Milan Berger [scip-Advisory 4063] PasswordManager Pro 6.1 Script Injection Vulnerability Stefan Friedli Trango Broadband Wireless Rogue SU Authentication Bug Blair Re: Google Chrome 3.0.195.33 leaks DNS data queries outsitde of proxy if dns pre-fetching is enabled Valdis . Kletnieks Re: Google Chrome 3.0.195.33 leaks DNS data queries outsitde of proxy if dns pre-fetching is enabled Milan Berger Re: Google Chrome 3.0.195.33 leaks DNS data queries outsitde of proxy if dns pre-fetching is enabled dramacrat [SECURITY] [DSA 1951-1] New firefox-sage packages fix insufficient input sanitizing Steffen Joeris [SECURITY] [DSA 1952-2] End-of-life announcement for asterisk in oldstable Steffen Joeris [SECURITY] [DSA 1952-1] New asterisk packages fix several vulnerabilities Steffen Joeris Global warming - it's all about the money Paul Schmehl Re: Global warming - it's all about the money Jared DeMott CarolinaCon-VI/2010 - Call for Papers/Speakers Vic Vandal [ MDVSA-2009:333 ] postgresql security VMSA-2009-0017 VMware vCenter, ESX patch and vCenter Lab Manager releases address cross-site scripting issues VMware Security Team Re: Google Chrome 3.0.195.33 leaks DNS data queries outsitde of proxy if dns pre-fetching is enabled nixlists Re: Google Chrome 3.0.195.33 leaks DNS data queries outsitde of proxy if dns pre-fetching is enabled Dan Kaminsky Re: Google Chrome 3.0.195.33 leaks DNS data queries outsitde of proxy if dns pre-fetching is enabled nixlists
File Access Vulnerability in Easy File Sharing Web Server Thor (Hammer of God) Re: File Access Vulnerability in Easy File Sharing Web Server Rohit Patnaik Re: File Access Vulnerability in Easy File Sharing Web Server Thor (Hammer of God) Re: Google Chrome 3.0.195.33 leaks DNS data queries outsitde of proxy if dns pre-fetching is enabled dramacrat Re: Google Chrome 3.0.195.33 leaks DNS data queries outsitde of proxy if dns pre-fetching is enabled Christian Sciberras Re: Google Chrome 3.0.195.33 leaks DNS data queries outsitde of proxy if dns pre-fetching is enabled Nick FitzGerald Re: Google Chrome 3.0.195.33 leaks DNS data queries outsitde of proxy if dns pre-fetching is enabled Christian Sciberras Re: Google Chrome 3.0.195.33 leaks DNS data queries outsitde of proxy if dns pre-fetching is enabled Nick FitzGerald Re: Google Chrome 3.0.195.33 leaks DNS data queries outsitde of proxy if dns pre-fetching is enabled Christian Sciberras Re: Google Chrome 3.0.195.33 leaks DNS data queries outsitde of proxy if dns pre-fetching is enabled Jan G.B. Re: Google Chrome 3.0.195.33 leaks DNS data queries outsitde of proxy if dns pre-fetching is enabled Christian Sciberras Cisco Security Advisory: Multiple Cisco WebEx WRF Player Vulnerabilities Cisco Systems Product Security Incident Response Team Drupal Sections Module XSS Vulnerability Justin Klein Keane Drupal Sections Module XSS Vulnerability Justin C. Klein Keane Google Picasa 3.5 Local DoS Buffer Overflow admin () hacktalk net [SECURITY] [DSA-1953-1] New expat packages fix denial of service Stefan Fritsch [ISecAuditors Security Advisories] WP-Forum <= 2.3 SQL Injection vulnerabilities ISecAuditors Security Advisories [SECURITY] [DSA 1954-1] New cacti packages fix insufficient input sanitising Steffen Joeris VideoCache 1.9.2 vccleaner root vulnerability Dominick LaTrappe [SECURITY] [DSA 1955-1] New network-manager/network-manager-applet packages fix information disclosure Steffen Joeris rPSA-2009-0161-1 hwdata kernel rPath Update Announcements [SECURITY] [DSA 1956-1] New xulrunner packages fix several vulnerabilities Moritz Muehlenhoff Drupal 5.x and 6.x Core XSS Vulnerability Justin Klein Keane cve-2009-4324 exploit dev Drupal 6.x Core XSS Vulnerability Justin Klein Keane
[ MDVSA-2009:334 ] poppler security Campus Party Eu 2010 Security Challenge - Call For Participants Campus Party EU Spain The Great Aussie Firewall is dead: Long live the firewall Ivan . (no subject) 김무성 Re: (no subject) Dan Kaminsky Re: (no subject) Jeff Blaum Secunia Research: Winamp Oktalyzer Parsing Integer Overflow Vulnerability Secunia Research Secunia Research: Winamp Ultratracker File Parsing Buffer Overflow Secunia Research Secunia Research: Winamp Impulse Tracker Sample Parsing Buffer Overflow Secunia Research Secunia Research: Winamp Impulse Tracker Instrument Parsing Buffer Overflows Secunia Research [tools] hostmap-0.2 released Alessandro Tanasi SEC Consult SA-20091217-0 :: Authentication bypass and file manipulation in Sitecore Staging Module Lukas Weichselbaum [ISecAuditors Security Advisories] Cisco ASA <= 8.x VPN SSL module Clientless URL-list control bypass ISecAuditors Security Advisories Last week to submit: ICIMP 2010 || May 9-15, 2010 - Barcelona, Spain Jaime Lloret Mauri Last week || WebTel 2010 [ICIMP, AICT, ICIW] May 9 - 15, 2010 - Barcelona, Spain Jaime Lloret Mauri [ISecAuditors Security Advisories] Horde 3.3.5 "PHP_SELF" Cross-Site Scripting vulnerability ISecAuditors Security Advisories [ISecAuditors Security Advisories] QuiXplorer <=2.4.1beta Remote Code Execution vulnerability ISecAuditors Security Advisories [ MDVSA-2009:335 ] ffmpeg security ZDI-09-099: Hewlett-Packard OpenView Data Protector Backup Client Service Buffer Overflow Vulnerability ZDI Disclosures
[ MDVSA-2009:336 ] koffice security [tool] FindDomains v0.1.1 Mesut Timur [USN-875-1] Red Hat Cluster Suite vulnerabilities Jamie Strandboge [USN-873-1] Firefox 3.0 and Xulrunner 1.9 vulnerabilities Jamie Strandboge [USN-874-1] Firefox 3.5 and Xulrunner 1.9.1 vulnerabilities Jamie Strandboge
TPTI-09-15: HP OpenView Data Protector Cell Manager Heap Overflow Vulnerability dvlabs [ISecAuditors Security Advisories] Simple PHP Blog <= 0.5.1 Local File Include vulnerability ISecAuditors Security Advisories [ISecAuditors Security Advisories] PHP-Calendar <= v1.1 'configfile' Remote and Local File Inclusion vulnerability ISecAuditors Security Advisories XSS vulnerabilities via errors at requests to DB MustLive [SECURITY] [DSA-1959-1] New ganeti packages fix arbitrary command execution Raphael Geissert Re: XSS vulnerabilities via errors at requests to DB Michal Zalewski Re: XSS vulnerabilities via errors at requests to DB Michele Orru Re: Global warming - it's all about the money Stephen Mullins
[ GLSA 200912-02 ] Ruby on Rails: Multiple vulnerabilities Alex Legler [SECURITY] [DSA 1960-1] New acpid packages fix weak file permissions Raphael Geissert Reading Mission Control Data out of Predator Drone video feeds Kingcope
Re: Global warming - it's all about the money T Biehn Infected google.com, yahoo.com and blogspot.com MustLive Re: Infected google.com, yahoo.com and blogspot.com Jeff Williams Data Type Conversion Attack Manu TLS Renegotiation Vulnerability: Proof of Concept Code (Python) RedTeam Pentesting GmbH Re: Data Type Conversion Attack Christian Sciberras Re: Reading Mission Control Data out of Predator Drone video feeds Kingcope SQL-Ledger – several vulnerab ilities Alexander Klink
gsm baseband dump Mohammad Hosein Bypassing SEHOP s . leberre Extremely important posting on my blog on the latest in XSS!!!11 hackyouridols Re: Reading Mission Control Data out of Predator Drone video feeds McGhee, Eddie Bypassing SEHOP s . leberre Re: XSS vulnerabilities via errors at requests to DB MustLive XSS vulnerabilities in 8 millions flash files MustLive [ MDVSA-2009:337 ] proftpd security Re: Extremely important posting on my blog on the latest in XSS!!!11 Benji [ MDVSA-2009:338 ] firefox security [ MDVSA-2009:339 ] firefox security Bug in RealPlayer Plus 11 fabio ejp XSS Vulnerability in JpGraph 3.0.6 Martin Barbella
WinScanX - A free Windows enumeration tool and a must have for any security professional Reed Arvin [SECURITY] [DSA 1961-1] New bind9 packages fix cache poisoning Florian Weimer XSS in WebMathematica Floyd Fuh WinScanX - A free Windows enumeration tool and a must have for any security professional Reed Arvin [SECURITY] [DSA-1962-1] New kvm packages fix several vulnerabilities Giuseppe Iuculano (no subject) mixed ya Yahoo Mail Classic XSRF (still unpatched) gaurav baruah [SECURITY] [DSA 1963-1] New unbound packages fix DNSSEC validation Florian Weimer
DECAF patched and re-enabled thediskprotector Re: DECAF patched and re-enabled Christian Sciberras
Vulnerability in Joomulus for Joomla MustLive [ MDVSA-2009:340 ] jpgraph security [ MDVSA-2009:341 ] dstat security [ MDVSA-2009:343 ] acpid security [tools] hostmap-0.2.1 released Alessandro Tanasi
[ MDVSA-2009:342 ] acpid security Path disclosure in PHP 5.3.1 WHK Re: Path disclosure in PHP 5.3.1 Jeff Williams Re: DECAF patched and re-enabled James Matthews Re: DECAF patched and re-enabled 133-54D James Matthews
WinScanX - The safest way to retrieve Windows password hashes, LSA secrets, etc. Reed Arvin [SECURITY] [DSA 1957-1] New aria2 packages fix arbitrary code execution Steffen Joeris [ MDVSA-2009:244-1 ] xfig security [ MDVSA-2009:344 ] perl-DBD-Pg security [ MDVSA-2009:189-1 ] apache-mod_auth_mysql security [ MDVSA-2009:146-1 ] imap security Re: Path disclosure in PHP 5.3.1 Gynvael Coldwind
[ MDVSA-2009:345 ] acl security Wapiti 2.2.0 is available - Web application vulnerability scanner Nicolas Surribas security hole on local ISP Cilia Pretel Gallo FreeWebshop.org: multiple vulnerabilities Akita Software Security Secunia Research: AproxEngine Multiple Vulnerabilities Secunia Research Re: security hole on local ISP T Biehn Re: security hole on local ISP Lee Re: security hole on local ISP T Biehn Re: security hole on local ISP McGhee, Eddie [Tool Announcement] WAFP - a Web Application Finger Printer... Richard Sammet Re: security hole on local ISP Valdis . Kletnieks Re: security hole on local ISP Lee File Disclosure in DAMN VULNERABLE WEB APP version 1.0.6 WHK Re: File Disclosure in DAMN VULNERABLE WEB APPversion 1.0.6 infolookup Another Bug in RealPlayer Plus 11 Hacxx 20 Re: File Disclosure in DAMN VULNERABLE WEB APPversion 1.0.6 WHK Re: File Disclosure in DAMN VULNERABLE WEB APPversion 1.0.6 ghost [ MDVSA-2009:346 ] kde security
[NETRAGARD SECURITY ADVISORY] [< Java for Mac OS X 10.6 Update 1 ][NETRAGARD-20091219] Netragard Advisories Re: File Disclosure in DAMN VULNERABLE WEB APPversion 1.0.6 Valdis' Mustache Re: security hole on local ISP Cilia Pretel Gallo The Game Will McAfee Re: The Game Christian Sciberras Facebook Query Language (FQL) security issue Zerial. Re: The Game Rohit Patnaik [SECURITY] [DSA 1958-1] New libtool packages fix privilege escalation Raphael Geissert MouseOverJacking attacks MustLive Re: The Game McGhee, Eddie Re: WinScanX - The safest way to retrieve Windows password hashes, LSA secrets, etc. jellybambam
Re: The Game Andrew Haninger Re: MouseOverJacking attacks Andrew Farmer Re: The Game James Matthews [SECURITY] [DSA-1964-1] New PostgreSQL packages fix several vulnerabilities Florian Weimer Antisec for lulz - exposed (anti-sec.com) Glafkos Charalambous Re: Antisec for lulz - exposed (anti-sec.com) Christian Sciberras Re: The Game mrx Selling Adobe exploit John Smith Security-Database Best IT Security Tools for 2009 Maximiliano Soler Pedro Miguel Bernardino Eleuté rio is out of the office. peleuterio Re: Pedro Miguel Bernardino Eleuté rio is out of the office. Thor (Hammer of God)
MatriXay 3.0-Web Application Vulnerabilities Scanner DBAPPSecurity09 [SECURITY] [DSA-1953-2] New expat packages fix regression Stefan Fritsch Re: Antisec for lulz - exposed (anti-sec.com) ruhrohownage Re: Antisec for lulz - exposed (anti-sec.com) Sam Haldorf Re: Antisec for lulz - exposed (anti-sec.com) bro Re: Antisec for lulz - exposed (anti-sec.com) Sam Haldorf
RSS Feed
About List
All Lists
Previous period