Home page logo
/

523 messages starting Oct 22 10 and ending Oct 29 10
Date index | Thread index | Author index

김무성

10G virtual network traffic 김무성 (Oct 22)

ACROS Security Lists

How Visual Studio Makes Your Applications Vulnerable to Binary Planting ACROS Security Lists (Oct 18)
Re: Windows Vista/7 lpksetup dll hijack ACROS Security Lists (Oct 25)
Breaking The SetDllDirectory Protection Against Binary Planting ACROS Security Lists (Oct 27)

Adnan Vatandas

Re: Filezilla's silent caching of user's credentials Adnan Vatandas (Oct 14)
Re: Filezilla's silent caching of user's credentials Adnan Vatandas (Oct 14)

advisories () zataz com

Re: Barracuda Networks Spam & Virus Firewall <= 4.1.1.021 Remote Configuration Retrieval advisories () zataz com (Oct 10)

Akhthar Parvez K

Re: 0-day "vulnerability" Akhthar Parvez K (Oct 28)

Alejandro Alvarez

Netgear CG3000/CG3100 bugs Alejandro Alvarez (Oct 14)

Alejandro Canovas

Call for Associate Editors and reviewers: Advances in Network and Communications Alejandro Canovas (Oct 31)

Alejandro Cnovas Solbes

Call for Associate Editors and reviewers: Advances in Network and Communications Alejandro Cnovas Solbes (Oct 27)

Alexander Chayka

Re: OT: Hacking Pink Floyd Alexander Chayka (Oct 15)

Alex Hall

Re: [Braillenote] Warning: BrailleNote Apex Offers Read/Write FTP And Telnet Access To All Comers Alex Hall (Oct 02)

Ali Polatel

[ANN] pinktrace-0.0.1 Ali Polatel (Oct 04)
[ANN] pinktrace-0.0.5 Ali Polatel (Oct 30)

Ana Kismet

Re: Fwd: ipv6 flaw (is bullshit) Ana Kismet (Oct 19)
Re: wikileaks still under attack, pressure revved up Ana Kismet (Oct 21)
Re: wikileaks still under attack, pressure revved up Ana Kismet (Oct 22)

Andrew Auernheimer

Fwd: ipv6 flaw (is bullshit) Andrew Auernheimer (Oct 18)
Re: Fwd: ipv6 flaw (is bullshit) Andrew Auernheimer (Oct 18)
Re: Fwd: ipv6 flaw (is bullshit) Andrew Auernheimer (Oct 18)
Re: Fwd: ipv6 flaw (is bullshit) Andrew Auernheimer (Oct 18)

Andrew Farmer

Re: Filezilla's silent caching of user's credentials Andrew Farmer (Oct 16)

Andriy Tereshchenko

Privat24 (Facebook version) bypass of static password for accounts of PrivatBank (Ukraine, Russia and CIS) Andriy Tereshchenko (Oct 11)
Re: Privat24 (Facebook version) bypass of static password for accounts of PrivatBank (Ukraine, Russia and CIS) Andriy Tereshchenko (Oct 11)
Re: Privat24 (Facebook version) bypass of static password for accounts of PrivatBank (Ukraine, Russia and CIS) Andriy Tereshchenko (Oct 11)

Atul Agarwal

Re: Facebook CSRF and XSS vulnerabilities | Destructive worms on a social network Atul Agarwal (Oct 04)

auto199984

Re: Filezilla's silent caching of user's credentials auto199984 (Oct 08)

B1towel

All the md5 hashes in every single update message sent to this list B1towel (Oct 16)

batch stack

Re: Fwd: ipv6 flaw (is bullshit) batch stack (Oct 19)

ben

Re: All the md5 hashes in every single update message sent to this list ben (Oct 16)

Benji

Re: full disclosure my dear (Microsoft IIS 6.0 Denial of Service) Benji (Oct 01)
Re: Ebay and HTML/JS/PDF/FLash includes Benji (Oct 07)
Re: WikiLeaks Benji (Oct 07)
Re: OT: Hacking Pink Floyd Benji (Oct 14)
Re: Fwd: ipv6 flaw (is bullshit) Benji (Oct 18)
Re: Fwd: ipv6 flaw (is bullshit) Benji (Oct 19)
Re: African ISP SekuritY Benji (Oct 25)
Re: Fwd: ipv6 flaw (is bullshit) Benji (Oct 26)
Re: African ISP SekuritY Benji (Oct 27)
Re: 0-day "vulnerability" Benji (Oct 29)
Re: Evilgrade 2.0 - the update explotation framework is back Benji (Oct 29)

Berend-Jan Wever

Microsoft Windows Media Player memory corruption Berend-Jan Wever (Oct 13)
Internet Exploiter 12 - Oracle Java COM object docbase property buffer overflow. Berend-Jan Wever (Oct 13)
Oracle Java OBJECT children property memory corruption Berend-Jan Wever (Oct 13)

Bill Hicks

Re: African ISP SekuritY Bill Hicks (Oct 27)

Billy Rios

Re: Security-Assessment.com Advisory: Oracle JRE - java.net.URLConnection class - Same-of-Origin (SOP) Policy Bypass Billy Rios (Oct 21)

bk

Re: looking for enterprise AV solution bk (Oct 26)

Blue Bird

JNEXT vulnerability Blue Bird (Oct 06)

BMF

Re: wikileaks still under attack, pressure revved up BMF (Oct 21)

Bonsai Information Security Advisories

Bonsai Information Security - Oracle Virtual Server Agent Command Injection Bonsai Information Security Advisories (Oct 13)

<b>pepelotas</b>

rfi by iframe xss in high school <b>pepelotas</b> (Oct 01)

Brandon McGinty

Re: Filezilla's silent caching of user's credentials Brandon McGinty (Oct 11)

Brian Keefer

Re: looking for enterprise AV solution Brian Keefer (Oct 27)

Bruce Potter

Shmoocon 2011 Call for Papers Bruce Potter (Oct 14)

bugme not

Ebay and HTML/JS/PDF/FLash includes bugme not (Oct 07)

Cal Leeming

Re: wikileaks still under attack, pressure revved up Cal Leeming (Oct 23)

Cal Leeming [Simplicity Media Ltd]

Re: WikiLeaks Cal Leeming [Simplicity Media Ltd] (Oct 07)
Re: WikiLeaks Cal Leeming [Simplicity Media Ltd] (Oct 07)
Re: WikiLeaks Cal Leeming [Simplicity Media Ltd] (Oct 07)
Re: WikiLeaks Cal Leeming [Simplicity Media Ltd] (Oct 07)
Re: WikiLeaks Cal Leeming [Simplicity Media Ltd] (Oct 07)
Re: WikiLeaks Cal Leeming [Simplicity Media Ltd] (Oct 08)
Re: WikiLeaks Cal Leeming [Simplicity Media Ltd] (Oct 08)
Re: wikileaks still under attack, pressure revved up Cal Leeming [Simplicity Media Ltd] (Oct 21)
Re: wikileaks still under attack, pressure revved up Cal Leeming [Simplicity Media Ltd] (Oct 21)
Fwd: wikileaks still under attack, pressure revved up Cal Leeming [Simplicity Media Ltd] (Oct 23)
Re: Fwd: wikileaks still under attack, pressure revved up Cal Leeming [Simplicity Media Ltd] (Oct 23)
Fwd: Re: wikileaks still under attack, pressure revved up Cal Leeming [Simplicity Media Ltd] (Oct 23)
Re: Fwd: ipv6 flaw (is bullshit) Cal Leeming [Simplicity Media Ltd] (Oct 26)
ITT - Winamp 5.58 from Denial of Service to Code Execution Cal Leeming [Simplicity Media Ltd] (Oct 27)
ITT - Adobe Shockwave player rcsL chunk memory corruption (21st aug 2010) Cal Leeming [Simplicity Media Ltd] (Oct 28)
Fwd: ITT - Adobe Shockwave player rcsL chunk memory corruption (21st aug 2010) Cal Leeming [Simplicity Media Ltd] (Oct 28)
Re: 0-day "vulnerability" Cal Leeming [Simplicity Media Ltd] (Oct 28)
Re: 0-day "vulnerability" Cal Leeming [Simplicity Media Ltd] (Oct 29)
Re: 0-day "vulnerability" Cal Leeming [Simplicity Media Ltd] (Oct 29)

Camden Buzard

Re: wikileaks still under attack, pressure revved up Camden Buzard (Oct 21)

Charles Morris

Re: Filezilla's silent caching of user's credentials Charles Morris (Oct 08)
Re: Filezilla's silent caching of user's credentials Charles Morris (Oct 08)

Charles Timko

Re: wikileaks still under attack, pressure revved up Charles Timko (Oct 21)
Re: wikileaks still under attack, pressure revved up Charles Timko (Oct 26)

chr1x

[TOOL] DotDotPwn v2.1 - The Directory Traversal Fuzzer chr1x (Oct 30)

Chris Evans

Re: ZDI-10-191: Adobe Reader ICC Parsing Remote Code Execution Vulnerability Chris Evans (Oct 07)
Re: Filezilla's silent caching of user's credentials Chris Evans (Oct 13)
Re: Filezilla's silent caching of user's credentials Chris Evans (Oct 14)
Re: Filezilla's silent caching of user's credentials Chris Evans (Oct 14)
Re: Security-Assessment.com Advisory: Oracle JRE - java.net.URLConnection class - Same-of-Origin (SOP) Policy Bypass Chris Evans (Oct 20)
Re: Security-Assessment.com Advisory: Oracle JRE - java.net.URLConnection class - Same-of-Origin (SOP) Policy Bypass Chris Evans (Oct 20)
Internet Explorer 8 PoC: window.onerror leak leads to surge in interest in goat farming? Chris Evans (Oct 22)

Christian Sciberras

Re: WikiLeaks Christian Sciberras (Oct 08)
Re: Filezilla's silent caching of user's credentials Christian Sciberras (Oct 13)
Re: Filezilla's silent caching of user's credentials Christian Sciberras (Oct 14)
Re: Filezilla's silent caching of user's credentials Christian Sciberras (Oct 14)
Re: Filezilla's silent caching of user's credentials Christian Sciberras (Oct 14)
Re: Filezilla's silent caching of user's credentials Christian Sciberras (Oct 14)
Re: Fwd: ipv6 flaw (is bullshit) Christian Sciberras (Oct 18)
Re: Fwd: ipv6 flaw (is bullshit) Christian Sciberras (Oct 26)
Re: Filezilla's silent caching of user's credentials Christian Sciberras (Oct 26)
Re: 0-day "vulnerability" Christian Sciberras (Oct 28)
Re: Host Gator exposed: blackhat spammers, sock puppet trolls, harassing critics, google bombing Christian Sciberras (Oct 29)
Re: Evilgrade 2.0 - the update explotation framework is back Christian Sciberras (Oct 31)
Re: Evilgrade 2.0 - the update explotation framework is back Christian Sciberras (Oct 31)

Christie Dudley

Re: Fwd: wikileaks still under attack, pressure revved up Christie Dudley (Oct 23)

Christopher Grant

Re: African ISP SekuritY Christopher Grant (Oct 27)

Cisco Systems Product Security Incident Response Team

Cisco Security Advisory: CiscoWorks Common Services Arbitrary Code Execution Vulnerability Cisco Systems Product Security Incident Response Team (Oct 27)

Claudio Criscione

Re: Webserver-Security and Virtualization Claudio Criscione (Oct 06)

coderman

Re: 10G virtual network traffic coderman (Oct 22)
Re: Filezilla's silent caching of user's credentials coderman (Oct 22)
Re: wikileaks still under attack, pressure revved up coderman (Oct 22)
Re: Fwd: ipv6 flaw (is bullshit) coderman (Oct 22)

Colin Copley

Re: wikileaks still under attack, pressure revved up Colin Copley (Oct 22)
Re: wikileaks still under attack, pressure revved up Colin Copley (Oct 22)

CORE Security Technologies Advisories

(CORE-2010-0701) Adobe Acrobat Reader Acrord32.dll Use After Free Vulnerability CORE Security Technologies Advisories (Oct 06)
[CORE-2010-0624] MS OpenType CFF Parsing Vulnerability Core Security Technologies Advisories (Oct 12)
CORE-2010-0517 - Microsoft Office HtmlDlgHelper class memory corruption CORE Security Technologies Advisories (Oct 14)
[CORE-2010-0819] LibSMI smiGetNode Buffer Overflow When Long OID Is Given In Numerical Form CORE Security Technologies Advisories (Oct 20)

corpus.defero

Barracuda Networks Spam & Virus Firewall <= 4.1.1.021 Remote Configuration Retrieval corpus.defero (Oct 08)

crazy-shawty aka everything you're muther wanted you to be but you aint quite turned out like me?

Re: [Braillenote] Warning: BrailleNote Apex Offers Read/Write FTP And Telnet Access To All Comers crazy-shawty aka everything you're muther wanted you to be but you aint quite turned out like me? (Oct 02)

Curt Purdy

0-day "vulnerability" Curt Purdy (Oct 28)
Re: 0-day "vulnerability" Curt Purdy (Oct 28)
Re: 0-day "vulnerability" Curt Purdy (Oct 28)
Re: 0-day "vulnerability" Curt Purdy (Oct 28)

CYBSEC Labs

CYBSEC Advisory 2010 1002 Multiple XSSs in Front Accounting CYBSEC Labs (Oct 29)
CYBSEC Advisory 2010 1001 Multiple Persistent XSSs in Front Accounting CYBSEC Labs (Oct 29)
CYBSEC Advisory 2010 1003 Multiple SQL Injections in Front Accounting CYBSEC Labs (Oct 29)

Dan Kaminsky

Re: ZDI-10-191: Adobe Reader ICC Parsing Remote Code Execution Vulnerability Dan Kaminsky (Oct 07)
Re: Security-Assessment.com Advisory: Oracle JRE - java.net.URLConnection class - Same-of-Origin (SOP) Policy Bypass Dan Kaminsky (Oct 20)
Re: Evilgrade 2.0 - the update explotation framework is back Dan Kaminsky (Oct 30)

Dan Rosenberg

Re: VSR Advisories: Linux RDS Protocol Local Privilege Escalation Dan Rosenberg (Oct 20)

dave b

Fwd: xss in silverstripe dave b (Oct 04)
xss in trixbox ce (asterisk phonebook) via the contact page and import contacts (csv file). dave b (Oct 14)
Re: Filezilla's silent caching of user's credentials dave b (Oct 17)
xss in blackboard 8 dave b (Oct 17)
Re: xss in blackboard 8 dave b (Oct 17)
Fwd: xss in elastix dave b (Oct 31)

ddivulnalert () ddifrontline com

DDIVRT-2009-28 Sun Solaris 10 rpc.cmsd Buffer Overflow and Denial of Service (CVE-2010-3509) ddivulnalert () ddifrontline com (Oct 13)

Delf Tonder

LFI / RCE vlunerability in Joomla Community Builder Enhenced (CBE) Component Delf Tonder (Oct 09)

dramacide

Re: African ISP SekuritY dramacide (Oct 25)

Duboucher Thomas

Re: African ISP SekuritY Duboucher Thomas (Oct 25)

Dunno Dunno

Paypal Vulnerabilities 7/2010 Dunno Dunno (Oct 22)

Early Warning

Breaking .NET encryption with or without Padding Oracle Early Warning (Oct 04)
Java Multiple Issues Early Warning (Oct 21)
Re: Security-Assessment.com Advisory: Oracle JRE - java.net.URLConnection class - Same-of-Origin (SOP) Policy Bypass Early Warning (Oct 21)

Elazar Broad

Re: looking for enterprise AV solution Elazar Broad (Oct 27)

Eric Romang

Re: Barracuda Networks Spam & Virus Firewall <= 4.1.1.021 Remote Configuration Retrieval Eric Romang (Oct 11)

exploit dev

Massive Black Hat Seo Campaign in progress ? exploit dev (Oct 06)
Trojan/Zbot.B / LICAT / Murofet - Domains exploit dev (Oct 14)
cve-2010-3765 crash poc exploit dev (Oct 28)

Felipe M. Aragon

Syhunt Advisory: Visual Synapse HTTP Server Directory Traversal Vulnerability Felipe M. Aragon (Oct 07)

Fernando Gont

IPv6 security myths Fernando Gont (Oct 24)
Re: IPv6 security myths Fernando Gont (Oct 26)

Filip Palian

NitroSecurity ESM Remote Code Execution Filip Palian (Oct 26)

Florian Weimer

[SECURITY] [DSA-2115-2] New moodle packages fix several vulnerabilities Florian Weimer (Oct 11)
[SECURITY] [DSA 2120-1] New postgresql-8.3 packages fix privilege escalation Florian Weimer (Oct 12)
[SECURITY] [DSA 2121-1] New TYPO3 packages fix several vulnerabilities Florian Weimer (Oct 19)
[SECURITY] [DSA 2122-1] New glibc packages fix local privilege escalation Florian Weimer (Oct 22)

Hanno Böck

Re: The GNU C library dynamic linker expands $ORIGIN in setuid library search path Hanno Böck (Oct 19)

Harry Behrens

WikiLeaks "underoing" (sic) scheduled maintenance Harry Behrens (Oct 03)
Re: WikiLeaks Harry Behrens (Oct 07)
Re: WikiLeaks Harry Behrens (Oct 07)
Re: WikiLeaks Harry Behrens (Oct 07)
wikileaks still under attack, pressure revved up Harry Behrens (Oct 21)
Re: wikileaks still under attack, pressure revved up Harry Behrens (Oct 21)

Henri Lindberg

nSense-2010-001: Adobe Reader for Macintosh Henri Lindberg (Oct 06)
Fwd: "Back with another one of those block rockin' beats" Henri Lindberg (Oct 28)
nSense-2010-002: Teamspeak 2 Windows client Henri Lindberg (Oct 28)

Hernan Ochoa

Windows Credentials Editor v1.0 Hernan Ochoa (Oct 13)

HI-TECH .

Re: full disclosure my dear (Microsoft IIS 6.0 Denial of Service) HI-TECH . (Oct 01)

huj huj huj

Re: the real stuxnet authors plz stand up huj huj huj (Oct 04)
Re: WikiLeaks "underoing" (sic) scheduled maintenance huj huj huj (Oct 04)

Hurgel Bumpf

Re: Filezilla's silent caching of user's credentials Hurgel Bumpf (Oct 08)

IEhrepus

IE8 Css Cross-Domain Information Disclosure Vulnerability IEhrepus (Oct 14)
Gmail JSON Hijacking Attack Technique IEhrepus (Oct 14)

[ISR] - Infobyte Security Research

Evilgrade 2.0 - the update explotation framework is back [ISR] - Infobyte Security Research (Oct 29)

Jacky Jack

Re: full disclosure my dear (Microsoft IIS 6.0 Denial of Service) Jacky Jack (Oct 01)
Re: Paypal Vulnerabilities 7/2010 Jacky Jack (Oct 23)
Re: Evilgrade 2.0 - the update explotation framework is back Jacky Jack (Oct 29)
Re: Evilgrade 2.0 - the update explotation framework is back Jacky Jack (Oct 31)
Fwd: [DEMO] Sample videos about IDS/IPS evasions... Jacky Jack (Oct 31)

James Lay

Need some direction James Lay (Oct 04)

James Rankin

Re: looking for enterprise AV solution James Rankin (Oct 27)

Jamie Riden

Re: looking for enterprise AV solution Jamie Riden (Oct 27)

Jamie Strandboge

[USN-1004-1] Django vulnerability Jamie Strandboge (Oct 13)
[USN-1007-1] NSS vulnerabilities Jamie Strandboge (Oct 20)
[USN-997-1] Firefox and Xulrunner vulnerabilities Jamie Strandboge (Oct 20)
[USN-998-1] Thunderbird vulnerabilities Jamie Strandboge (Oct 20)
[USN-1008-1] libvirt vulnerabilities Jamie Strandboge (Oct 22)
[USN-1008-2] Virtinst update Jamie Strandboge (Oct 22)
[USN-1008-3] libvirt update Jamie Strandboge (Oct 23)
[USN-1011-1] Firefox vulnerability Jamie Strandboge (Oct 28)
[USN-1011-2] Thunderbird vulnerability Jamie Strandboge (Oct 28)
[USN-1011-3] Xulrunner vulnerability Jamie Strandboge (Oct 29)

Jan G.B.

Re: Multiple vulnerabilities in WordPress 2 and 3 Jan G.B. (Oct 04)

Jann Horn

Re: Windows Vista/7 lpksetup dll hijack Jann Horn (Oct 27)

jason () n00bz net

Antivirus detection after malware execution jason () n00bz net (Oct 19)

Jason Nada

Re: looking for enterprise AV solution Jason Nada (Oct 26)

Jeffrey Walton

Re: WikiLeaks Jeffrey Walton (Oct 04)
Re: Filezilla's silent caching of user's credentials Jeffrey Walton (Oct 08)
Re: Filezilla's silent caching of user's credentials Jeffrey Walton (Oct 08)
Re: WikiLeaks Jeffrey Walton (Oct 08)
Re: Filezilla's silent caching of user's credentials Jeffrey Walton (Oct 14)
Re: Filezilla's silent caching of user's credentials Jeffrey Walton (Oct 16)
Re: wikileaks still under attack, pressure revved up Jeffrey Walton (Oct 21)
OT: Apple Store Removes Applications with Private API Calls Jeffrey Walton (Oct 26)

Johannes Greil

SEC Consult SA-20101021-0 :: Multiple critical vulnerabilities in Sawmill log analysis software Johannes Greil (Oct 21)

John Bond

Re: Fwd: wikileaks still under attack, pressure revved up John Bond (Oct 23)

John Cartwright

List Charter John Cartwright (Oct 12)

John JEAN

Facebook CSRF and XSS vulnerabilities | Destructive worms on a social network John JEAN (Oct 04)

Jonathan Kamens

Re: WikiLeaks Jonathan Kamens (Oct 08)
Re: Filezilla's silent caching of user's credentials Jonathan Kamens (Oct 15)

Jonathan Medina

Re: wikileaks still under attack, pressure revved up Jonathan Medina (Oct 21)

J. Oquendo

Re: WikiLeaks J. Oquendo (Oct 08)
Re: WikiLeaks J. Oquendo (Oct 08)

Joseph Lee

Re: [Braillenote] Warning: BrailleNote Apex Offers Read/Write FTP AndTelnet Access To All Comers Joseph Lee (Oct 02)

Josey Yelsef

Re: 0-day "vulnerability" Josey Yelsef (Oct 29)
Re: 0-day "vulnerability" Josey Yelsef (Oct 29)
Re: 0-day "vulnerability" Josey Yelsef (Oct 29)
Host Gator exposed: blackhat spammers, sock puppet trolls, harassing critics, google bombing Josey Yelsef (Oct 29)
Re: #hostgator exposed: blackhat spammers, sock puppet trolls, harassing critics, google bombing Josey Yelsef (Oct 29)
Fw: hostgator Josey Yelsef (Oct 31)

Josh Browning

Re: looking for enterprise AV solution Josh Browning (Oct 27)

Jubei Trippataka

Re: Identifying handler and agency of police informant? Jubei Trippataka (Oct 26)
Re: African ISP SekuritY Jubei Trippataka (Oct 28)
Re: 0-day "vulnerability" Jubei Trippataka (Oct 29)

Juha-Matti Laurio

Re: WikiLeaks Juha-Matti Laurio (Oct 04)
Re: WikiLeaks Juha-Matti Laurio (Oct 06)

Kees Cook

[USN-999-1] Kerberos vulnerability Kees Cook (Oct 05)
[USN-1000-1] Linux kernel vulnerabilities Kees Cook (Oct 20)
[USN-1009-1] GNU C Library vulnerabilities Kees Cook (Oct 23)
[USN-959-2] PAM vulnerability Kees Cook (Oct 25)

Kenneth Voort

Re: African ISP SekuritY Kenneth Voort (Oct 25)

king of pain

Re: Fwd: ipv6 flaw (is bullshit) king of pain (Oct 18)
Re: Fwd: ipv6 flaw (is bullshit) king of pain (Oct 19)
Re: Fwd: ipv6 flaw (is bullshit) king of pain (Oct 19)
Identifying handler and agency of police informant? king of pain (Oct 26)

Larry Seltzer

Re: OT: Hacking Pink Floyd Larry Seltzer (Oct 15)

[lesh] Ivan Nikolic

Re: African ISP SekuritY [lesh] Ivan Nikolic (Oct 27)
Re: Evilgrade 2.0 - the update explotation framework is back [lesh] Ivan Nikolic (Oct 31)

Louis Granboulan

Re: The GNU C library dynamic linker expands $ORIGIN in setuid library search path Louis Granboulan (Oct 20)

Louis McCarty

African ISP SekuritY Louis McCarty (Oct 25)

Maksymilian Arciemowicz

Multiple Vendors libc/glob(3) resource exhaustion (+0day remote ftpd-anon) Maksymilian Arciemowicz (Oct 09)

Manu Quintans

Re: rfi by iframe xss in high school Manu Quintans (Oct 01)

Marc Deslauriers

[USN-1001-1] LVM2 vulnerability Marc Deslauriers (Oct 06)
[USN-1002-1] PostgreSQL vulnerability Marc Deslauriers (Oct 07)
[USN-1003-1] OpenSSL vulnerabilities Marc Deslauriers (Oct 07)
[USN-1002-2] PostgreSQL vulnerability Marc Deslauriers (Oct 07)
[USN-1005-1] poppler vulnerabilities Marc Deslauriers (Oct 19)
[USN-1006-1] WebKit vulnerabilities Marc Deslauriers (Oct 19)

Marcel Grabher (sallas)

Webserver-Security and Virtualization Marcel Grabher (sallas) (Oct 06)

Marcio B. Jr.

Re: ZDI-10-191: Adobe Reader ICC Parsing Remote Code Execution Vulnerability Marcio B. Jr. (Oct 07)

Marek Lukaszuk

Re: MGCP - Crafting of Packets Marek Lukaszuk (Oct 08)

Mario Vilas

Re: Rooted CON 2011: Welcome Hex Rays as new sponsor Mario Vilas (Oct 21)
Re: Evilgrade 2.0 - the update explotation framework is back Mario Vilas (Oct 31)

Mark Stanislav

'WSN Links' SQL Injection Vulnerability (CVE-2010-4006) Mark Stanislav (Oct 31)

Marsh Ray

Re: The GNU C library dynamic linker expands $ORIGIN in setuid library search path Marsh Ray (Oct 18)
Re: 0-day "vulnerability" Marsh Ray (Oct 29)

Matthew Bergin

Re: Security-Assessment.com Advisory: Oracle JRE - java.net.URLConnection class - Same-of-Origin (SOP) Policy Bypass Matthew Bergin (Oct 21)

mezgani ali

Re: NiX - Linux Brute Force beta testers wanted mezgani ali (Oct 24)

Michael Krymson

Re: Fwd: ipv6 flaw (is bullshit) Michael Krymson (Oct 18)

Michael Wood

Re: Filezilla's silent caching of user's credentials Michael Wood (Oct 08)

Michal

Re: looking for enterprise AV solution Michal (Oct 27)

Michal Zalewski

Re: Security-Assessment.com Advisory: Oracle JRE - java.net.URLConnection class - Same-of-Origin (SOP) Policy Bypass Michal Zalewski (Oct 20)
Re: Security-Assessment.com Advisory: Oracle JRE - java.net.URLConnection class - Same-of-Origin (SOP) Policy Bypass Michal Zalewski (Oct 20)
Re: 0-day "vulnerability" Michal Zalewski (Oct 28)

Mikhail A. Utin

Re: Full-Disclosure Digest, Vol 68, Issue 5 Mikhail A. Utin (Oct 04)
looking for enterprise AV solution Mikhail A. Utin (Oct 26)

Moritz Muehlenhoff

[SECURITY] [DSA 2116-1] New poppler packages fix several vulnerabilities Moritz Muehlenhoff (Oct 12)

Moritz Naumann

XSS in Squirrelmail plugin 'Virtual Keyboard' <= 0.9.1 Moritz Naumann (Oct 05)
Re: [SquirrelMail-Security] XSS in Squirrelmail plugin 'Virtual Keyboard' <= 0.9.1 Moritz Naumann (Oct 16)

musashi karak0rsan

[SecurityArchitect-009]: Microsoft Windows Mobile Double Free Vulnerability musashi karak0rsan (Oct 21)

musnt live

Vulnerability Is Exist In IPv6 musnt live (Oct 18)

MustLive

Multiple vulnerabilities in WordPress 2 and 3 MustLive (Oct 01)
Vulnerabilities in CMS WebManager-Pro MustLive (Oct 05)
Vulnerabilities in AltConstructor MustLive (Oct 10)
Re: Privat24 (Facebook version) bypass of static password for accounts of PrivatBank (Ukraine, Russia and CIS) MustLive (Oct 19)
Vulnerabilities in W-Agora MustLive (Oct 22)
New vulnerabilities in W-Agora MustLive (Oct 27)
XSS and SQL Injection vulnerabilities in CMS WebManager-Pro MustLive (Oct 30)

Mutiny

Re: Filezilla's silent caching of user's credentials Mutiny (Oct 13)

n3ptun3

Cryptome and Kryogeniks - Obstruction of Justice / Evidence destruction n3ptun3 (Oct 12)

Nahuel Grisolia

Re: XSS in Oracle default fcgi-bin/echo Nahuel Grisolia (Oct 08)
Re: Bonsai Information Security - Oracle Virtual Server Agent Command Injection Nahuel Grisolia (Oct 14)

Nathan Whitmore

Facebook Places private information leak Nathan Whitmore (Oct 02)

Nelson Brito

[TOOL RELEASE] Exploit Next Generation SQL Fingerprint v. Nelson Brito (Oct 09)
[WARNING] A fake version of T50!!! Nelson Brito (Oct 09)
[DEMO] Sample videos about IDS/IPS evasions... Nelson Brito (Oct 31)

Nico Golde

[SECURITY] [DSA 2118-1] New subversion packages fix authentication bypass Nico Golde (Oct 09)

nix

NiX - Linux Brute Force beta testers wanted nix (Oct 23)

Noreply

JAHx104 - Multiple vulnerabilities in Feindura CMS Noreply (Oct 28)

Oliver Goebel

[IMF 2011] Call for Papers Oliver Goebel (Oct 05)

olivia

Re: [Braillenote] Warning: BrailleNote Apex Offers Read/Write FTP AndTelnet Access To All Comers olivia (Oct 02)

opticfiber

Re: looking for enterprise AV solution opticfiber (Oct 26)

OTB

Re: WikiLeaks OTB (Oct 09)

p1n00n3 () p1n00n3 com

Re: Fwd: ipv6 flaw (is bullshit) p1n00n3 () p1n00n3 com (Oct 27)

Paul Lesniewski

Re: [SquirrelMail-Security] XSS in Squirrelmail plugin 'Virtual Keyboard' <= 0.9.1 Paul Lesniewski (Oct 16)
Re: [SquirrelMail-Security] XSS in Squirrelmail plugin 'Virtual Keyboard' <= 0.9.1 Paul Lesniewski (Oct 16)

Paul Schmehl

Re: WikiLeaks Paul Schmehl (Oct 07)

paul . szabo

XSS in Oracle default fcgi-bin/echo paul . szabo (Oct 08)
Re: XSS in Oracle default fcgi-bin/echo paul . szabo (Oct 10)
Re: XSS in Oracle default fcgi-bin/echo paul . szabo (Oct 13)
Re: XSS in Oracle default fcgi-bin/echo paul . szabo (Oct 13)
Re: XSS in Oracle default fcgi-bin/echo paul . szabo (Oct 13)
Re: XSS in Oracle default fcgi-bin/echo paul . szabo (Oct 19)

Pavel Kankovsky

Re: Gödel and kernel backdoors Pavel Kankovsky (Oct 14)
Re: The GNU C library dynamic linker expands $ORIGIN in setuid library search path Pavel Kankovsky (Oct 18)
Re: The GNU C library dynamic linker expands $ORIGIN in setuid library search path Pavel Kankovsky (Oct 19)

Pete Smith

Re: Filezilla's silent caching of user's credentials Pete Smith (Oct 14)

phillip () bailey st

Re: looking for enterprise AV solution phillip () bailey st (Oct 27)

Pierre-Yves Rofes

[ GLSA 201010-01 ] Libpng: Multiple vulnerabilities Pierre-Yves Rofes (Oct 05)

Przemyslaw Frasunek

Re: FreeBSD 7.0 - 7.2 pseudofs null pointer dereference Przemyslaw Frasunek (Oct 04)

psy

Re: XSS in Oracle default fcgi-bin/echo psy (Oct 09)

PsychoBilly

Re: Multiple vulnerabilities in WordPress 2 and 3 PsychoBilly (Oct 04)
Re: WikiLeaks "underoing" (sic) scheduled maintenance PsychoBilly (Oct 04)
Re: WikiLeaks PsychoBilly (Oct 07)
Re: Fwd: ipv6 flaw (is bullshit) PsychoBilly (Oct 18)
Re: SuRe: Fwd: ipv6 flaw (is bullshit PsychoBilly (Oct 19)
Re: wikileaks still under attack, pressure revved up PsychoBilly (Oct 22)
Re: wikileaks still under attack, pressure revved up PsychoBilly (Oct 26)
Re: Host Gator exposed: blackhat spammers, sock puppet trolls, harassing critics, google bombing PsychoBilly (Oct 29)

R0me0 ***

Re: looking for enterprise AV solution R0me0 *** (Oct 26)

Raj Mathur (राज माथुर)

Re: [SquirrelMail-Security] XSS in Squirrelmail plugin 'Virtual Keyboard' <= 0.9.1 Raj Mathur (राज माथुर) (Oct 16)

rdsears

Re: Filezilla's silent caching of user's credentials rdsears (Oct 11)

Richard Miles

Re: LPC 0day Richard Miles (Oct 08)

Riyaz Walikar

Re: XSS in Oracle default fcgi-bin/echo Riyaz Walikar (Oct 17)

Robert Kim App and Facebook Marketing

SuRe: Fwd: ipv6 flaw (is bullshit Robert Kim App and Facebook Marketing (Oct 19)

Roberto Suggi Liverani

Security-Assessment.com Advisory: Oracle JRE - java.net.URLConnection class - Same-of-Origin (SOP) Policy Bypass Roberto Suggi Liverani (Oct 20)
Re: Security-Assessment.com Advisory: Oracle JRE - java.net.URLConnection class - Same-of-Origin (SOP) Policy Bypass Roberto Suggi Liverani (Oct 20)
Re: Security-Assessment.com Advisory: Oracle JRE - java.net.URLConnection class - Same-of-Origin (SOP) Policy Bypass Roberto Suggi Liverani (Oct 20)

Rodrigo Branco

Internet Explorer Uninitialized Memory Corruption Vulnerability - CVE-2010-3331 Rodrigo Branco (Oct 12)
Adobe Shockwave Player Memory Corruption Vulnerability - CVE-2010-4086 Rodrigo Branco (Oct 30)
cforms WordPress Plugin Cross Site Scripting Vulnerability - CVE-2010-3977 Rodrigo Branco (Oct 30)
Adobe Shockwave Player Memory Corruption Vulnerability - CVE-2010-4088 Rodrigo Branco (Oct 30)
Adobe Shockwave Player Memory Corruption Vulnerability - CVE-2010-4087 Rodrigo Branco (Oct 30)
Adobe Shockwave Player Memory Corruption Vulnerability - CVE-2010-4089 Rodrigo Branco (Oct 30)

Rodrigo Rubira Branco (BSDaemon)

H2HC 2009 Videos Available! Rodrigo Rubira Branco (BSDaemon) (Oct 15)
H2HC Cancun - Registrations are open Rodrigo Rubira Branco (BSDaemon) (Oct 19)
H2HC 2010 - Final Speakers List Available Rodrigo Rubira Branco (BSDaemon) (Oct 29)

Roger

Re: wikileaks still under attack, pressure revved up Roger (Oct 21)

Roman Medina-Heigl Hernandez

Re: Web challenges from RootedCON'2010 CTF - Contest -> Solutions and Write-ups Roman Medina-Heigl Hernandez (Oct 26)

Román Ramírez

Rooted CON 2011: Welcome Hex Rays as new sponsor Román Ramírez (Oct 21)

rPath Update Announcements

rPSA-2010-0058-1 bzip2 bzip2-extras rPath Update Announcements (Oct 17)
rPSA-2010-0059-1 kernel rPath Update Announcements (Oct 17)
rPSA-2010-0060-1 httpd mod_ssl rPath Update Announcements (Oct 17)
rPSA-2010-0063-1 perl rPath Update Announcements (Oct 17)
rPSA-2010-0064-1 libtiff rPath Update Announcements (Oct 17)
rPSA-2010-0065-1 krb5 krb5-server krb5-services krb5-workstation rPath Update Announcements (Oct 17)
rPSA-2010-0066-1 samba samba-client samba-server samba-swat rPath Update Announcements (Oct 17)
rPSA-2010-0070-1 cpio tar rPath Update Announcements (Oct 27)
rPSA-2010-0071-1 automake rPath Update Announcements (Oct 27)
rPSA-2010-0072-1 curl rPath Update Announcements (Oct 27)
rPSA-2010-0073-1 lftp rPath Update Announcements (Oct 27)
rPSA-2010-0074-1 ImageMagick rPath Update Announcements (Oct 27)
rPSA-2010-0075-1 sudo rPath Update Announcements (Oct 27)

Ryan Sears

Filezilla's silent caching of user's credentials Ryan Sears (Oct 08)
Re: Filezilla's silent caching of user's credentials Ryan Sears (Oct 13)
Re: Filezilla's silent caching of user's credentials Ryan Sears (Oct 14)
Re: Filezilla's silent caching of user's credentials Ryan Sears (Oct 14)
Re: Filezilla's silent caching of user's credentials Ryan Sears (Oct 14)

s2-security

CVE-2010-3700: Spring Security bypass of security constraints s2-security (Oct 28)

Sabahattin Gucukoglu

Warning: BrailleNote Apex Offers Read/Write FTP And Telnet Access To All Comers Sabahattin Gucukoglu (Oct 01)
Re: Warning: BrailleNote Apex Offers Read/Write FTP And Telnet Access To All Comers Sabahattin Gucukoglu (Oct 01)
Re: Fwd: [CASE:12632] Warning: BrailleNote Apex Offers Read/Write FTP And Telnet Access To All Comers Sabahattin Gucukoglu (Oct 05)
OS X Mail.app Insecure TLS Usage With SMTPS? Sabahattin Gucukoglu (Oct 31)

Sebastien WILLEMIJNS

.net framework 4 installation on XP temporarly stop firewall Sebastien WILLEMIJNS (Oct 13)
Re: .net framework 4 installation on XPtemporarly stop firewall Sebastien WILLEMIJNS (Oct 13)

Secunia Research

Secunia Research: Microsoft Excel Lotus 1-2-3 File Parsing Vulnerability Secunia Research (Oct 13)
Secunia Research: Microsoft Excel Record Parsing Integer Overflow Vulnerability Secunia Research (Oct 13)
Secunia Research: Microsoft Excel Extra Out of Boundary Record Vulnerability Secunia Research (Oct 13)
Secunia Research: Microsoft Excel Ghost Record Type Parsing Vulnerability Secunia Research (Oct 13)
Secunia Research: RealPlayer QCP Sample Chunk Parsing Buffer Overflow Secunia Research (Oct 19)
Secunia Research: Winamp VP6 Content Parsing Buffer Overflow Vulnerability Secunia Research (Oct 27)
Secunia Research: Adobe Shockwave Player "pamm" Chunk Parsing Vulnerability Secunia Research (Oct 29)
Secunia Research: Adobe Shockwave Player "DEMX" Chunk Parsing Vulnerability Secunia Research (Oct 29)
Secunia Research: SonicWALL SSL-VPN End-Point ActiveX Control Buffer Overflow Secunia Research (Oct 29)

security

[ MDVSA-2010:191 ] mailman security (Oct 01)
[ MDVSA-2010:192 ] apr-util security (Oct 02)
[ MDVSA-2010:193 ] qt-creator security (Oct 03)
[ MDVSA-2010:194 ] git security (Oct 03)
[ MDVSA-2010:195 ] libesmtp security (Oct 04)
[ MDVSA-2010:196 ] dovecot security (Oct 04)
[ MDVSA-2010:197 ] postgresql security (Oct 06)
[ MDVSA-2010:198 ] kernel security (Oct 07)
[ MDVSA-2010:199 ] subversion security (Oct 12)
[ MDVSA-2010:199 ] subversion security (Oct 12)
[ MDVSA-2010:200 ] wireshark security (Oct 13)
[ MDVSA-2010:201 ] freetype2 security (Oct 13)
[ MDVSA-2010:202 ] krb5 security (Oct 13)
[ MDVSA-2010:203 ] automake security (Oct 13)
[ MDVSA-2010:204 ] avahi security (Oct 14)
[ MDVSA-2010:205 ] freeciv security (Oct 15)
[ MDVSA-2010:207 ] glibc security (Oct 20)
[ MDVSA-2010:208 ] pidgin security (Oct 21)
[ MDVSA-2010:209 ] libsmi security (Oct 22)
[ MDVSA-2010:210 ] firefox security (Oct 22)
[ MDVSA-2010:211 ] mozilla-thunderbird security (Oct 22)
[ MDVSA-2010:212 ] glibc security (Oct 24)
[ MDVSA-2010:213 ] xulrunner security (Oct 28)
[ MDVSA-2010:214 ] kernel security (Oct 29)
[ MDVSA-2010:215 ] python security (Oct 30)
[ MDVSA-2010:216 ] python security (Oct 30)
[ MDVSA-2010:217 ] dovecot security (Oct 30)
[ MDVSA-2010:218 ] php security (Oct 31)

Shain Singh

Re: wikileaks still under attack, pressure revved up Shain Singh (Oct 22)

Shatter

Team SHATTER Security Advisory: SQL Injection in Oracle Database CREATE_CHANGE_SET procedure Shatter (Oct 14)

Shawn Merdinger

Fwd: [CASE:12632] Warning: BrailleNote Apex Offers Read/Write FTP And Telnet Access To All Comers Shawn Merdinger (Oct 05)
NIST Electronic Health Record Approved Test Procedures Version 1.0 Shawn Merdinger (Oct 22)
Lexis search for "scada + hackers" 1996-2010 -- 544 citations Shawn Merdinger (Oct 24)

Sherwyn

Re: JNEXT vulnerability Sherwyn (Oct 06)

Shirish Padalkar

Re: Filezilla's silent caching of user's credentials Shirish Padalkar (Oct 09)

Shreyas Zare

Re: Privat24 (Facebook version) bypass of static password for accounts of PrivatBank (Ukraine, Russia and CIS) Shreyas Zare (Oct 11)
Re: Privat24 (Facebook version) bypass of static password for accounts of PrivatBank (Ukraine, Russia and CIS) Shreyas Zare (Oct 12)

silky

Re: Filezilla's silent caching of user's credentials silky (Oct 13)
Re: Filezilla's silent caching of user's credentials silky (Oct 14)
Re: Filezilla's silent caching of user's credentials silky (Oct 14)
Re: Filezilla's silent caching of user's credentials silky (Oct 14)
Re: Filezilla's silent caching of user's credentials silky (Oct 14)

Srinivas Naik

MGCP - Crafting of Packets Srinivas Naik (Oct 08)

Stefan Fritsch

[SECURITY] [DSA-2116-1] New freetype packages integer overflow Stefan Fritsch (Oct 05)
[SECURITY] [DSA-2117-1] New apr-util packages fix denial of service Stefan Fritsch (Oct 05)

Stefano Di Paola

Re: Security-Assessment.com Advisory: Oracle JRE - java.net.URLConnection class - Same-of-Origin (SOP) Policy Bypass Stefano Di Paola (Oct 21)
Re: Security-Assessment.com Advisory: Oracle JRE - java.net.URLConnection class - Same-of-Origin (SOP) Policy Bypass Stefano Di Paola (Oct 21)

Steve Beattie

[USN-1010-1] OpenJDK vulnerabilities Steve Beattie (Oct 28)

sumit kumar soni

Re: XSS in Oracle default fcgi-bin/echo sumit kumar soni (Oct 14)

Tavis Ormandy

The GNU C library dynamic linker expands $ORIGIN in setuid library search path Tavis Ormandy (Oct 18)
Re: The GNU C library dynamic linker expands $ORIGIN in setuid library search path Tavis Ormandy (Oct 19)
Re: The GNU C library dynamic linker expands $ORIGIN in setuid library search path Tavis Ormandy (Oct 20)
The GNU C library dynamic linker will dlopen arbitrary DSOs during setuid loads. Tavis Ormandy (Oct 22)

TBorland1

Re: Windows Vista/7 lpksetup dll hijack TBorland1 (Oct 25)
Re: Windows Vista/7 lpksetup dll hijack TBorland1 (Oct 25)

TELUS Security Labs - Vulnerability Research

TELUS Security Labs VR - Adobe Shockwave Director pamm Chunk Memory Corruption TELUS Security Labs - Vulnerability Research (Oct 28)

Thomas Dickey

[SecurityArchitect-008]: Xterm Local Buffer Overflow Vulnerability (fwd) Thomas Dickey (Oct 14)

Thor (Hammer of God)

Re: Warning: BrailleNote Apex Offers Read/Write FTP And Telnet Access To All Comers Thor (Hammer of God) (Oct 01)
Re: Warning: BrailleNote Apex Offers Read/Write FTP And Telnet Access To All Comers Thor (Hammer of God) (Oct 01)
Re: WikiLeaks Thor (Hammer of God) (Oct 07)
Re: .net framework 4 installation on XP temporarly stop firewall Thor (Hammer of God) (Oct 13)
Re: XSS in Oracle default fcgi-bin/echo Thor (Hammer of God) (Oct 13)
Re: XSS in Oracle default fcgi-bin/echo Thor (Hammer of God) (Oct 13)
Re: XSS in Oracle default fcgi-bin/echo Thor (Hammer of God) (Oct 13)
OT: Hacking Pink Floyd Thor (Hammer of God) (Oct 14)
Re: OT: Hacking Pink Floyd Thor (Hammer of God) (Oct 14)
Re: All the md5 hashes in every single update message sent to this list Thor (Hammer of God) (Oct 16)
Re: wikileaks still under attack, pressure revved up Thor (Hammer of God) (Oct 21)
Re: Windows Vista/7 lpksetup dll hijack Thor (Hammer of God) (Oct 25)
Re: Windows Vista/7 lpksetup dll hijack Thor (Hammer of God) (Oct 25)
Re: Windows Vista/7 lpksetup dll hijack Thor (Hammer of God) (Oct 26)
Re: Windows Vista/7 lpksetup dll hijack Thor (Hammer of God) (Oct 26)
Re: 0-day "vulnerability" Thor (Hammer of God) (Oct 28)
Re: 0-day "vulnerability" Thor (Hammer of God) (Oct 28)
Re: Joomla 1.5.21 | Potential SQL Injection Flaws Thor (Hammer of God) (Oct 31)
Re: Joomla 1.5.21 | Potential SQL Injection Flaws Thor (Hammer of God) (Oct 31)

Tim

Re: Evilgrade 2.0 - the update explotation framework is back Tim (Oct 31)

Troy Canasta

Re: wikileaks still under attack, pressure revved up Troy Canasta (Oct 22)
Re: wikileaks still under attack, pressure revved up Troy Canasta (Oct 24)

Tyler Borland

Windows Vista/7 lpksetup dll hijack Tyler Borland (Oct 25)
Re: Windows Vista/7 lpksetup dll hijack Tyler Borland (Oct 26)
Re: Windows Vista/7 lpksetup dll hijack Tyler Borland (Oct 26)
Re: 0-day "vulnerability" Tyler Borland (Oct 29)

Valdis . Kletnieks

Re: Filezilla's silent caching of user's credentials Valdis . Kletnieks (Oct 14)
Re: Filezilla's silent caching of user's credentials Valdis . Kletnieks (Oct 14)
Re: Filezilla's silent caching of user's credentials Valdis . Kletnieks (Oct 14)
Re: wikileaks still under attack, pressure revved up Valdis . Kletnieks (Oct 22)
Re: Evilgrade 2.0 - the update explotation framework is back Valdis . Kletnieks (Oct 30)
Re: Evilgrade 2.0 - the update explotation framework is back Valdis . Kletnieks (Oct 31)
Re: Evilgrade 2.0 - the update explotation framework is back Valdis . Kletnieks (Oct 31)
Re: Evilgrade 2.0 - the update explotation framework is back Valdis . Kletnieks (Oct 31)

Vipul Agarwal

Re: Filezilla's silent caching of user's credentials Vipul Agarwal (Oct 09)

VSR Advisories

VSR Advisories: Linux RDS Protocol Local Privilege Escalation VSR Advisories (Oct 19)

w0lfd33m

Re: 0-day "vulnerability" w0lfd33m (Oct 28)
Re: 0-day "vulnerability" w0lfd33m (Oct 28)
Re: 0-day "vulnerability" w0lfd33m (Oct 28)
Re: 0-day "vulnerability" w0lfd33m (Oct 29)

wmsecurity

Re: 0-day "vulnerability" wmsecurity (Oct 28)

x90c

another technique of SEHOP bypass ( No 'xor pop pop ret' ) x90c (Oct 02)

xpo xpo

USBsploit 0.3b xpo xpo (Oct 14)
USBsploit 0.4b - added: Auto[run|play] USB infection & PDF xpo xpo (Oct 27)

YGN Ethical Hacker Group

[Tool Update Announcement] inspathx - Path Disclosure Finder YGN Ethical Hacker Group (Oct 08)
Joomla! 1.5.20 <= Cross Site Scripting (XSS) Vulnerability YGN Ethical Hacker Group (Oct 09)
[Tool Update Announcement] inspathx YGN Ethical Hacker Group (Oct 12)
Joomla 1.5.21 | Potential SQL Injection Flaws YGN Ethical Hacker Group (Oct 31)
Re: Joomla 1.5.21 | Potential SQL Injection Flaws YGN Ethical Hacker Group (Oct 31)

yuange

LPC 0day yuange (Oct 08)
0day analysis of the challenges 2 yuange (Oct 11)

Zach C.

Re: All the md5 hashes in every single update message sent to this list Zach C. (Oct 16)

ZDI Disclosures

ZDI-10-189: Novell eDirectory Server Malformed Index Denial of Service Vulnerability ZDI Disclosures (Oct 01)
ZDI-10-190: Novell iManager getMultiPartParameters Arbitrary File Upload Remote Code Execution Vulnerability ZDI Disclosures (Oct 01)
ZDI-10-191: Adobe Reader ICC Parsing Remote Code Execution Vulnerability ZDI Disclosures (Oct 06)
ZDI-10-192: Adobe Acrobat Reader ICC mluc Remote Code Execution Vulnerability ZDI Disclosures (Oct 06)
ZDI-10-193: Adobe Acrobat Reader Multimedia Playing Remote Code Execution Vulnerability ZDI Disclosures (Oct 06)
ZDI-10-194: IBM Tivoli Provisioning Manager for OS Deployment TCP to ODBC Remote Code Execution Vulnerability ZDI Disclosures (Oct 08)
ZDI-10-195: SAP BusinessObjects Crystal Reports Server CMS.exe Remote Code Execution Vulnerability ZDI Disclosures (Oct 12)
ZDI-10-196: SAP Crystal Reports JobServer GIOP Request Remote Code Execution Vulnerability ZDI Disclosures (Oct 12)
ZDI-10-197: Microsoft Internet Explorer Stylesheet PrivateFind Remote Code Execution Vulnerability ZDI Disclosures (Oct 12)
ZDI-10-198: Microsoft Internet Explorer EOT File hdmx Parsing Remote Code Execution Vulnerability ZDI Disclosures (Oct 12)
ZDI-10-199: Windows Media Player Network Sharing ServiceRemote Code Execution Vulnerability ZDI Disclosures (Oct 12)
ZDI-10-200: Tivoli Storage Manager FastBack 0xfafbfcfd Packet Remote Code Execution Vulnerability ZDI Disclosures (Oct 12)
ZDI-10-201: Oracle Database Java Stored Procedure Race Condition Remote Code Execution Vulnerability ZDI Disclosures (Oct 12)
ZDI-10-202: Sun Java Web Start BasicServiceImpl Remote Code Execution Vulnerability ZDI Disclosures (Oct 12)
ZDI-10-203: Oracle Sun Java ICC Profile Unicode Description Remote Code Execution Vulnerability ZDI Disclosures (Oct 12)
ZDI-10-204: Oracle Sun JRE ICC Profile Device Information Tag Remote Code Execution Vulnerability ZDI Disclosures (Oct 12)
ZDI-10-205: Oracle Sun JRE JPEGImageWriter.writeImage Remote Code Execution Vulnerability ZDI Disclosures (Oct 12)
ZDI-10-206: Oracle Java IE Browser Plugin docbase Parameter Remote Code Execution Vulnerability ZDI Disclosures (Oct 12)
ZDI-10-207: Oracle Java ActiveX Plugin Uninitialized Window Handle Remote Code Execution Vulnerability ZDI Disclosures (Oct 12)
ZDI-10-208: Oracle Java Runtime HeadspaceSoundbank.nGetName BANK Record Size Remote Code Execution Vulnerability ZDI Disclosures (Oct 12)
ZDI-10-209: RealNetworks RealPlayer Malformed IVR Pointer Index Remote Code Execution Vulnerability ZDI Disclosures (Oct 15)
ZDI-10-210: RealNetworks RealPlayer ActiveX Control CDDA URI Uninitialized Pointer Remote Code Execution Vulnerability ZDI Disclosures (Oct 15)
ZDI-10-211: RealNetworks Realplayer RecordClip Parameter Injection Remote Code Execution Vulnerability ZDI Disclosures (Oct 15)
ZDI-10-212: RealNetworks RealPlayer RJMDSections Remote Code Execution Vulnerability ZDI Disclosures (Oct 15)
ZDI-10-213: RealNetworks RealPlayer Multiple Protocol Handlers Remote Code Execution Vulnerability ZDI Disclosures (Oct 15)
ZDI-10-214: IBM Rational Quality Manager and Test Lab Manager Backdoor Account Remote Code Execution Vulnerability ZDI Disclosures (Oct 18)
ZDI-10-216: IBM Informix Dynamic Server oninit.exe EXPLAIN Remote Code Execution Vulnerability ZDI Disclosures (Oct 18)
ZDI-10-217: IBM Informix Dynamic Server DBINFO Remote Code Execution Vulnerability ZDI Disclosures (Oct 18)
ZDI-10-215: IBM Informix Dynamic Server librpc.dll Integer Overflow Remote Code Execution Vulnerability ZDI Disclosures (Oct 18)
ZDI-10-218: IBM DB2 install_jar Arbitrary File Upload Remote Code Execution Vulnerability ZDI Disclosures (Oct 19)
ZDI-10-219: Mozilla Firefox LookupGetterOrSetter Remote Code Execution Vulnerability ZDI Disclosures (Oct 19)
ZDI-10-223: Symantec IM Manager Administrative Interface LoggedInUsers.lgx Definition File SQL Injection Vulnerabilities ZDI Disclosures (Oct 27)
ZDI-10-224: Symantec IM Manager Administrative Interface SummaryReportGroup.lgx Definition File SQL Injection Vulnerabilities ZDI Disclosures (Oct 27)
ZDI-10-222: Symantec IM Manager Administrative Interface rdpageimlogic.aspx SQL Injection Vulnerabilities ZDI Disclosures (Oct 27)
ZDI-10-225: Symantec IM Manager Administrative Interface DetailReportGroup.lgx Definition File SQL Injection Vulnerabilities ZDI Disclosures (Oct 27)
ZDI-10-226: Symantec IM Manager rdServer.dll sGetDefinition SQL Injection Vulnerability ZDI Disclosures (Oct 27)
ZDI-10-220: Symantec IM Manager Administrative Interface IMAdminScheduleReport.asp SQL Injection Vulnerability ZDI Disclosures (Oct 27)
ZDI-10-221: Symantec IM Manager Administrative Interface IMAdminReportTrendFormRun.asp SQL Injection Vulnerability ZDI Disclosures (Oct 27)
ZDI-10-228: Adobe Shockwave Player Director File SetVertexArray Remote Code Execution Vulnerability ZDI Disclosures (Oct 29)
ZDI-10-227: Adobe Shockwave Player Lnam Chunk String Processing Remote Code Execution Vulnerability ZDI Disclosures (Oct 29)
Previous period Next period
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]