Home page logo
  • Nmap Security Scanner
  • Security Lists
  • Security Tools
  • Site News
  • Advertising
  • About/Contact
  • Sponsors:



/

382 messages starting Apr 15 12 and ending Apr 24 12
Date index | Thread index | Author index

_

Re: Most Linux distributions don't use tmpfs nor encrypt swap by default _ (Apr 15)

アドリアンヘンドリック

Re(2): An April Fools' Day Android Payload アドリアンヘンドリック (Apr 02)
Re(3): An April Fools' Day Android Payload アドリアンヘンドリック (Apr 02)

Aaron T. Myers

[CVE-2012-1574] Apache Hadoop user impersonation vulnerability Aaron T. Myers (Apr 06)

Abhijeet Patil

[Announcement] CHMag's Issue 27, April 2012 Released Abhijeet Patil (Apr 18)

ACROS Security Lists

ACROS Blog: Adobe Reader X (10.1.2) msiexec.exe Planting ACROS Security Lists (Apr 11)

adam

Re: Windows XP denial of service 0day found in CTF exercise adam (Apr 17)

Adam Behnke

Hacking AutoUpdate by Injecting Fake Updates Adam Behnke (Apr 03)
SQL Injection through HTTP Headers Adam Behnke (Apr 04)
Backtrack 5 R2 priv escalation 0day found in CTF exercise Adam Behnke (Apr 11)
Erronous post concerning Backtrack 5 R2 0day Adam Behnke (Apr 12)
Windows XP denial of service 0day found in CTF exercise Adam Behnke (Apr 17)
Hacking WolframAlpha Adam Behnke (Apr 24)

Adam Zabrocki

Apache 2.2.xx 0day exploit Adam Zabrocki (Apr 02)

Akita Software Security

.NET Framework EncoderParameter integer overflow vulnerability Akita Software Security (Apr 23)

Alex Buie

Re: phpMyBible 0.5.1 Mutiple XSS Alex Buie (Apr 23)
Re: Fwd: Vulnerability research and exploit writing Alex Buie (Apr 25)

Almaz

March 2012 mini Threat Intelligence report Almaz (Apr 01)

Andrew Farmer

Re: Re(2): An April Fools' Day Android Payload Andrew Farmer (Apr 02)

Asterisk Security Team

AST-2012-004: Asterisk Manager User Unauthorized Shell Access Asterisk Security Team (Apr 23)
AST-2012-005: Heap Buffer Overflow in Skinny Channel Driver Asterisk Security Team (Apr 23)
AST-2012-006: Remote Crash Vulnerability in SIP Channel Driver Asterisk Security Team (Apr 23)

Benjamin Kreuter

Re: incorrect integer conversions in OpenSSL can result in memory corruption. Benjamin Kreuter (Apr 19)

Benji

Re: Compromised VPN provider out there? Benji (Apr 10)
Re: Erronous post concerning Backtrack 5 R2 0day Benji (Apr 12)
Re: Vulnerability in Gentoo hardened Benji (Apr 25)
Re: Vulnerability in Gentoo hardened Benji (Apr 25)
Re: Vulnerability in Gentoo hardened Benji (Apr 25)
Re: Vulnerability in Gentoo hardened Benji (Apr 25)

BMF

Re: phpMyBible 0.5.1 Mutiple XSS BMF (Apr 23)
Re: phpMyBible 0.5.1 Mutiple XSS BMF (Apr 23)

Bob McConnell

Re: We're now paying up to $20, 000 for web vulns in our services Bob McConnell (Apr 27)

Carlo Di Dato

LibreOffice 3.5.2.2 - memory corruption with a specific .rtf file Carlo Di Dato (Apr 18)
SumatraPDF v2.0.1 chm and mobi files memory corruption Carlo Di Dato (Apr 23)
Mobipocket Reader version 6.2 Build 608 Buffer Overflow Carlo Di Dato (Apr 23)
BeyondCHM 1.1 Buffer Overflow Carlo Di Dato (Apr 24)

Carl \"Thomas\" Guething

Re: mac trojan Carl \"Thomas\" Guething (Apr 06)

cfp

Ruxcon 2012 Call For Papers cfp (Apr 19)

Champ Clark III

Sagan 0.2.1 [Security Event/Log Analyzer] Released. Champ Clark III (Apr 05)

Charles Morris

Re: Hacking AutoUpdate by Injecting Fake Updates Charles Morris (Apr 04)
Re: We're now paying up to $20, 000 for web vulns in our services Charles Morris (Apr 24)

Charlie Derr

Re: [funsec] mac trojan Charlie Derr (Apr 06)
Re: We're now paying up to $20, 000 for web vulns in our services Charlie Derr (Apr 27)

Christian Sciberras

Re: DoS vulnerability in WordPress Christian Sciberras (Apr 20)

Cisco Systems Product Security Incident Response Team

Cisco Security Advisory: Buffer Overflow Vulnerabilities in the Cisco WebEx Player Cisco Systems Product Security Incident Response Team (Apr 04)

coderman

Re: (no subject) coderman (Apr 25)

CorryL

WordPress BruteForce Script CorryL (Apr 29)

Cristina Pascual

Last Mile, April 20 || CfP: SECURWARE 2012 || August 19-24, 2012 - Rome, Italy Cristina Pascual (Apr 12)

Dan Rosenberg

An April Fools' Day Android Payload Dan Rosenberg (Apr 01)
Re: An April Fools' Day Android Payload Dan Rosenberg (Apr 02)

Dave

Re: www.LEORAT.com is scam Dave (Apr 02)
Re: www.LEORAT.com is scam Dave (Apr 02)
Re: www.LEORAT.com is scam Dave (Apr 04)
Re: PenTest Market is for FREE Now Dave (Apr 06)
Re: new law proposal on EU against hacking tools and practices Dave (Apr 09)

David3 Gonnella

Re: Joomla! Plugin - Beatz 1.x <= Multiple Cross Site Scripting Vulnerabilities David3 Gonnella (Apr 16)
Re: Vulnerability in Backtrack David3 Gonnella (Apr 24)

ddivulnalert

DDIVRT-2012-40 PacketVideo TwonkyServer and TwonkyMedia Directory Traversal ddivulnalert (Apr 27)
DDIVRT-2012-41 ACTi Web Configurator cgi-bin Directory Traversal ddivulnalert (Apr 27)

Dennis

Re: mac trojan Dennis (Apr 05)

Disposable

Re: Vulnerability in Backtrack Disposable (Apr 25)

Dobbins, Roland

Re: Attacking Critical Internet Infrastructure Dobbins, Roland (Apr 22)

Douglas Huff

Re: incorrect integer conversions in OpenSSL can result in memory corruption. Douglas Huff (Apr 20)

Elazar Broad

Re: Windows XP denial of service 0day found in CTF exercise Elazar Broad (Apr 17)
Re: Fwd: Vulnerability research and exploit writing Elazar Broad (Apr 24)

fabrice

Re: FSA2012-1 and FSA2012-2: Chocolate easter egss vulnerable to egg white injection and usable as trojan horses. fabrice (Apr 07)

Fatherlaptop

Drop box Fatherlaptop (Apr 06)

Feighen Oosterbroek

Re: Most Linux distributions don't use tmpfs nor encrypt swap by default Feighen Oosterbroek (Apr 13)

Ferenc Kovacs

Fwd: Vulnerability research and exploit writing Ferenc Kovacs (Apr 24)

Fermín J . Serna

CVE-2012-0769, the case of the perfect info leak Fermín J . Serna (Apr 09)

Fernando Gont

Slides for "Recent Advances in IPv6 Security" at Hackito Ergo Sum 2012 Fernando Gont (Apr 14)
IPv6 host scanning in IPv6 Fernando Gont (Apr 20)
New IETF I-D: Security Implications of IPv6 on IPv4 networks Fernando Gont (Apr 24)

Filip Palian

Sourcefire Defense Center - multiple vulnerabilities. Filip Palian (Apr 04)

fireball9

Attacking Critical Internet Infrastructure fireball9 (Apr 22)

Florent Daigniere

[MATTA-2012-001] CVE-2012-1301; 0day; Open Proxy vulnerability in Umbraco 4.7 Florent Daigniere (Apr 05)

Florian Weimer

[SECURITY] [DSA 2459-1] quagga security update Florian Weimer (Apr 26)

Gabriel S. Craciun

Re: Full-Disclosure Digest, Vol 86, Issue 34 Gabriel S. Craciun (Apr 26)

Gage Bystrom

Re: Working to get more people to check if their infected with DNS Changer Gage Bystrom (Apr 04)
Re: keeping data safe offline Gage Bystrom (Apr 10)
Re: nullsec-bypass-aslr.pdf - ASLR / ASLR bypass techniques Gage Bystrom (Apr 15)
Re: Vulnerability in Backtrack Gage Bystrom (Apr 24)
Re: Vulnerability in Backtrack Gage Bystrom (Apr 24)

Georgi Guninski

So, so you think you can tell April 1 joke from a 0day? Georgi Guninski (Apr 01)
Re: We're now paying up to $20, 000 for web vulns in our services Georgi Guninski (Apr 25)
Re: Vulnerability in Gentoo hardened Georgi Guninski (Apr 25)
Re: Vulnerability in Gentoo hardened Georgi Guninski (Apr 25)

Grandma Eubanks

Re: Most Linux distributions don't use tmpfs nor encrypt swap by default Grandma Eubanks (Apr 12)

Hafez Kamal

[HITB-Announce] HITB Magazine Issue 008 (now with print edition!) Hafez Kamal (Apr 23)

Henri Salo

Re: PenTest is one year old now Henri Salo (Apr 20)

HI-TECH .

Last public release HI-TECH . (Apr 04)

imipak

FW: (no subject) imipak (Apr 25)

InterN0T Advisories

Re: Brute Force vulnerability in WordPress InterN0T Advisories (Apr 04)
Re: Backtrack 5 R2 priv escalation 0day found in CTF exercise InterN0T Advisories (Apr 12)
DoS vulnerability in MustLive InterN0T Advisories (Apr 16)
Re: DoS vulnerabilities in Firefox, Internet Explorer and Opera InterN0T Advisories (Apr 30)

Jacopo Cappellato

[CVE-2012-1622] Apache OFBiz information disclosure vulnerability Jacopo Cappellato (Apr 16)
[CVE-2012-1621] Apache OFBiz information disclosure vulnerability Jacopo Cappellato (Apr 16)

James Condron

Re: Fwd: Vulnerability research and exploit writing James Condron (Apr 25)
Re: Vulnerability in Backtrack James Condron (Apr 25)

Jason Hellenthal

Re: Thor's Private Key Jason Hellenthal (Apr 09)
Re: HTC IQRD Android Permission Leakage (CVE-2012-2217) Jason Hellenthal (Apr 22)
Re: phpMyBible 0.5.1 Mutiple XSS Jason Hellenthal (Apr 23)

Javier Reoyo

Re: DoS vulnerability in WordPress Javier Reoyo (Apr 17)

jc

RuggedCom - Backdoor Accounts in my SCADA network? You don't say... jc (Apr 24)

Jeff Kell

Re: STEP Security Jeff Kell (Apr 02)

Jeffrey Walton

Re: mac trojan Jeffrey Walton (Apr 05)
Re: incorrect integer conversions in OpenSSL can result in memory corruption. Jeffrey Walton (Apr 21)
Re: incorrect integer conversions in OpenSSL can result in memory corruption. Jeffrey Walton (Apr 22)
Re: HTC IQRD Android Permission Leakage (CVE-2012-2217) Jeffrey Walton (Apr 22)
Re: phpMyBible 0.5.1 Mutiple XSS Jeffrey Walton (Apr 23)

Jerome Athias

Re: [New tool] - Exploit Pack - Web Security Jerome Athias (Apr 24)
Opcodes Database Revival Jerome Athias (Apr 24)
MoroccoTel Box Default Open Telnet Password Jerome Athias (Apr 25)
CWEs translation Jerome Athias (Apr 30)
XSS in UMP-Sarkozy mailer system Jerome Athias (Apr 30)

Jim Harrison

Re: We're now paying up to $20, 000 for web vulns in our services Jim Harrison (Apr 24)
Re: We're now paying up to $20, 000 for web vulns in our services Jim Harrison (Apr 25)
Re: We're now paying up to $20, 000 for web vulns in our services Jim Harrison (Apr 26)

John Cartwright

List Charter John Cartwright (Apr 10)

John Jacobs

Re: PenTest Market is for FREE Now John Jacobs (Apr 06)

Jonathan Wiltshire

[SECURITY] [DSA 2448-1] inspircd security update Jonathan Wiltshire (Apr 10)

Jon Dowland

Re: Most Linux distributions don't use tmpfs nor encrypt swap by default Jon Dowland (Apr 19)

J. Oquendo

STEP Security J. Oquendo (Apr 01)

Jose Miguel Esparza

[Tool] New release of peepdf (PDF analysis) Jose Miguel Esparza (Apr 02)

Joxean Koret

The history of a -probably- 13 years old Oracle bug: TNS Poison Joxean Koret (Apr 18)
Oracle TNS Poison vulnerability is actually a 0day with no patch available Joxean Koret (Apr 26)

Justin C. Klein Keane

Re: Windows XP denial of service 0day found in CTF exercise Justin C. Klein Keane (Apr 17)

klondike

FSA2012-1 and FSA2012-2: Chocolate easter egss vulnerable to egg white injection and usable as trojan horses. klondike (Apr 07)
XSS parameter injection in the search field of http://chicasdetorbe.com klondike (Apr 21)
Vulnerability in Gentoo hardened klondike (Apr 24)

Krzysztof Marczyk

PenTest Market is for FREE Now Krzysztof Marczyk (Apr 06)
10 Ways to Enhance Your Career in Information Security Krzysztof Marczyk (Apr 18)
PenTest is one year old now Krzysztof Marczyk (Apr 20)

Kurt Seifried

Re: DoS vulnerability in WordPress Kurt Seifried (Apr 17)

Laurelai

Re: phpMyBible 0.5.1 Mutiple XSS Laurelai (Apr 23)
Re: phpMyBible 0.5.1 Mutiple XSS Laurelai (Apr 23)
Re: Vulnerability in Gentoo hardened Laurelai (Apr 25)
Re: Vulnerability in Gentoo hardened Laurelai (Apr 25)
Re: Vulnerability in Gentoo hardened Laurelai (Apr 25)
Re: Vulnerability in Gentoo hardened Laurelai (Apr 25)
Re: Vulnerability in Gentoo hardened Laurelai (Apr 25)
Re: Vulnerability in Gentoo hardened Laurelai (Apr 25)

Levent Kayan

nullsec-bypass-aslr.pdf - ASLR / ASLR bypass techniques Levent Kayan (Apr 15)

Lincoln Anderson

Re: Hacking WolframAlpha Lincoln Anderson (Apr 25)

luks

Weak password reset token & code exec in ownCloud 3.0.0 luks (Apr 20)

Major Malfunction

DC4420 - London DEFCON - April meet - Tuesday April 24th 2012 Major Malfunction (Apr 20)

Manu

PHP Denial of Service - Memory leak in getimagesize(). Manu (Apr 29)

Marcio B. Jr.

Re: We're now paying up to $20, 000 for web vulns in our services Marcio B. Jr. (Apr 27)

Mario Vilas

Re: [New tool] - Exploit Pack - Web Security Mario Vilas (Apr 24)
Re: [New tool] - Exploit Pack - Web Security Mario Vilas (Apr 26)

Mark J Cox

OpenSSL Security Advisory Mark J Cox (Apr 24)

Mark Krenz

Most Linux distributions don't use tmpfs nor encrypt swap by default Mark Krenz (Apr 12)
Re: Most Linux distributions don't use tmpfs nor encrypt swap by default Mark Krenz (Apr 13)
Re: Most Linux distributions don't use tmpfs nor encrypt swap by default Mark Krenz (Apr 17)

Mark Stanislav

'phpPaleo' Local File Inclusion (CVE-2012-1671) Mark Stanislav (Apr 04)
'e-ticketing' SQL Injection (CVE-2012-1673) Mark Stanislav (Apr 04)
'Hotel Booking Portal' SQL Injection (CVE-2012-1672) Mark Stanislav (Apr 04)

Martin Allert

Re: phpMyBible 0.5.1 Mutiple XSS Martin Allert (Apr 26)

Memory Vandal

Re: STEP Security Memory Vandal (Apr 01)
Re: Windows XP denial of service 0day found in CTF exercise Memory Vandal (Apr 17)
Re: Windows XP denial of service 0day found in CTF exercise Memory Vandal (Apr 17)

Mezgani Ali via LinkedIn

Invitation to connect on LinkedIn Mezgani Ali via LinkedIn (Apr 14)

mgogoulos

[Tool] Introducing plown: security scanner for Plone CMS mgogoulos (Apr 24)

Michael Wood

Re: FW: (no subject) Michael Wood (Apr 25)

Michal Zalewski

FYI: We're now paying up to $20, 000 for web vulns in our services Michal Zalewski (Apr 23)
Re: We're now paying up to $20, 000 for web vulns in our services Michal Zalewski (Apr 24)
Re: We're now paying up to $20, 000 for web vulns in our services Michal Zalewski (Apr 24)
Re: Fwd: Vulnerability research and exploit writing Michal Zalewski (Apr 24)

Michele Orru

Re: [New tool] - Exploit Pack - Web Security Michele Orru (Apr 24)
Re: [New tool] - Exploit Pack - Web Security Michele Orru (Apr 26)

Mihamina Rakotomandimby

Re: Windows XP denial of service 0day found in CTF exercise Mihamina Rakotomandimby (Apr 17)

Milan Berger

Re: Vulnerability in Gentoo hardened Milan Berger (Apr 24)

Moritz Muehlenhoff

[SECURITY] [DSA 2446-1] libpng security update Moritz Muehlenhoff (Apr 04)
[SECURITY] [DSA 2447-1] tiff security update Moritz Muehlenhoff (Apr 04)
[SECURITY] [DSA 2456-1] dropbear security update Moritz Muehlenhoff (Apr 24)
[SECURITY] [DSA 2457-1] iceweasel security update Moritz Muehlenhoff (Apr 24)
[SECURITY] [DSA 2548-1] iceape security update Moritz Muehlenhoff (Apr 24)
[SECURITY] [DSA 2460-1] asterisk security update Moritz Muehlenhoff (Apr 25)
[SECURITY] [DSA 2461-1] spip security update Moritz Muehlenhoff (Apr 26)
[SECURITY] [DSA 2462-1] imagemagick security update Moritz Muehlenhoff (Apr 29)

murtuja bharmal

nullcon Delhi 2012 Call for Paper/Call for Event murtuja bharmal (Apr 28)

MustLive

Re: Brute Force vulnerability in WordPress MustLive (Apr 04)
DoS vulnerability in WordPress MustLive (Apr 15)
Re: DoS vulnerability in WordPress MustLive (Apr 20)
XSS and FPD vulnerabilities in Organizer for WordPress MustLive (Apr 22)
XSS, CSRF and AFU vulnerabilities in Organizer for WordPress MustLive (Apr 25)
IA, CSRF and FPD vulnerabilities in Organizer for WordPress MustLive (Apr 26)
DoS vulnerabilities in Firefox, Internet Explorer and Opera MustLive (Apr 30)

Nahuel Grisolia

Dolibarr ERP & CRM OS Command Injection Nahuel Grisolia (Apr 06)

Netsparker Advisories

XSS and Blind SQL Injection Vulnerabilities in ExponentCMS Netsparker Advisories (Apr 23)

Nick FitzGerald

Re: STEP Security Nick FitzGerald (Apr 01)

Nico Golde

[SECURITY] [DSA 2449-1] sqlalchemy security update Nico Golde (Apr 12)
[SECURITY] [DSA 2451-1] puppet security update Nico Golde (Apr 13)
[SECURITY] [DSA 2453-1] gajim security update Nico Golde (Apr 16)
[SECURITY] [DSA 2453-2] gajim regression Nico Golde (Apr 19)
[SECURITY] [DSA 2455-1] typo3-src security update Nico Golde (Apr 20)

Nicolas Waisman

Hack Cup 2012 Nicolas Waisman (Apr 18)

Nikhil Mittal

Teensy USB HID (and Kautilya) for Penetration Testers Nikhil Mittal (Apr 05)
Teensy USB HID (and Kautilya) for Penetration Testers - Part 2 - Basics of Arduino and Hello World Nikhil Mittal (Apr 09)

nix

Re: Compromised VPN provider out there? nix (Apr 10)

noreply () exploitpack com

[New tool] - Exploit Pack - Web Security noreply () exploitpack com (Apr 24)

Patrick Klos

hi Patrick Klos (Apr 13)

paul . szabo

Mathematica8.0.4 on Linux /tmp/MathLink vulnerability paul . szabo (Apr 14)
Re: Mathematica8.0.4 on Linux /tmp/MathLink vulnerability paul . szabo (Apr 16)

Pedro Martelletto

Re: Most Linux distributions don't use tmpfs nor encrypt swap by default Pedro Martelletto (Apr 16)

Pete Herzog

Mind Control Security Awareness Pete Herzog (Apr 04)

psy

CIntruder v0.1 psy (Apr 09)
new law proposal on EU against hacking tools and practices psy (Apr 09)
CIntruder v0.2 released psy (Apr 26)

QUAKER DOOMER

winAUTOPWN v3.0 Released QUAKER DOOMER (Apr 17)

R00T_ATI

Re: WordPress BruteForce Script R00T_ATI (Apr 29)

Ramon de C Valle

Re: We're now paying up to $20, 000 for web vulns in our services Ramon de C Valle (Apr 24)

Ramon Driessen

(no subject) Ramon Driessen (Apr 25)

rancor

Re: FSA2012-1 and FSA2012-2: Chocolate easter egss vulnerable to egg white injection and usable as trojan horses. rancor (Apr 07)

RandallM

mac trojan RandallM (Apr 05)

Rand Flieger

Patrick Belcher Rand Flieger (Apr 12)

Raphael Geissert

[SECURITY] [DSA 2454-1] openssl security update Raphael Geissert (Apr 20)
[SECURITY] [DSA 2454-2] openssl incomplete fix Raphael Geissert (Apr 25)

Research

Flatnux CMS 2011 08.09.2 - Multiple Web Vulnerabilities Research (Apr 01)
ME Firewall Analyzer v7.2 - Cross Site Vulnerabilities Research (Apr 01)
Swedish Army Web Database - SQL Injection Vulnerability Research (Apr 01)
HITB2011KUL - Skype Vulnerabilities 0Day Exploitation PART 1 Research (Apr 01)
BulletProof FTP Client 2010 - Buffer Overflow Vulnerability Research (Apr 02)
DirectAdmin v1.403 - Cross Site Scripting Vulnerability Research (Apr 02)
SmartJobBoard v3.4 b5140 - Multiple Web Vulnerabilites Research (Apr 04)
Astaro Command Center v2.x - Multiple Web Vulnerabilities Research (Apr 04)
AnvSoft Any Video Converter 4.3.6 - Multiple Buffer Overflow Vulnerabilities Research (Apr 08)
idev Game Site CMS v1.0 - Multiple Web Vulnerabilites Research (Apr 08)
osCmax Shop CMS v2.5.1 - Multiple Web Vulnerabilities Research (Apr 08)
CsForum v0.8 - Cross Site Scripting Vulnerability Research (Apr 08)
Astaro Command Center v2.x - Multiple Web Vulnerabilities Research (Apr 08)
Astaro Security Gateway v7.504 - Multiple Web Vulnerabilities Research (Apr 08)
US UF Services EDU Health - File Include Vulnerability Research (Apr 08)
Microsoft MSDN - Persistent Web Service Vulnerability Research (Apr 09)
Matterdaddy Market v1.1 - SQL Injection Vulnerabilities Research (Apr 10)
National Center EDU Research - SQL Injection Vulnerability Research (Apr 10)
GroupWare epesiBIM CRM 1.2.1 - Multiple Web Vulnerabilities Research (Apr 10)
National Center EDU Research - SQL Injection Vulnerability Research (Apr 11)
DHTMLX Suite v.3.0 - Multiple Web Vulnerabilities Research (Apr 12)
Netjuke 1.0 RC1 - SQL Injection Vulnerabilities Research (Apr 12)
Oracle Service Applications - SQL Injection Vulnerabilities Research (Apr 12)
CRUNCH TV SHOW - Live Stream & Security Videos Research (Apr 12)
Crystal Office Suite v1.43 - Buffer Overflow Vulnerability Research (Apr 12)
ACC PHP eMail v1.1 - Multiple Web Vulnerabilites Research (Apr 15)
EmbryoCore CMS v1.03 - Multiple Web Vulnerabilities Research (Apr 15)
Microsoft Service - Persistent Web Vulnerabilities Research (Apr 15)
K-Meleon Browser v1.5.4 - Denial of Service Vulnerability Research (Apr 15)
EmbryoCore CMS v1.03 - Multiple Web Vulnerabilities Research (Apr 15)
Microsoft AFKAR Website Service - Cross Site Vulnerabilities Research (Apr 15)
Siche Search v.0.5 Zerboard - Multiple Web Vulnerabilities Research (Apr 15)
Cyberoam UTM v10.01.2 build 059 - File Include Vulnerabilities Research (Apr 15)
IPhone TreasonSMS - HTML Inject & File Include Vulnerability Research (Apr 23)
Havalite CMS v1.0.4 - Multiple Web Vulnerabilities Research (Apr 23)
PSFTP v.1.8 Build 921 - Null Pointer (DoS) Vulnerability Research (Apr 23)
Chengdu Bureau of Commerce - SQL Injection Vulnerability Research (Apr 23)
Cross Site Scripting - Exploitation & Penetration Strings Research (Apr 24)
Microsoft MSN Hotmail - Password Reset & Setup Vulnerability Research (Apr 26)
DirectAdmin v1.403 - Multiple Cross Site Vulnerabilities Research (Apr 27)
DIY CMS v1.0 Poll - Multiple Web Vulnerabilities Research (Apr 27)
Car Portal CMS v3.0 - Multiple Web Vulnerabilities Research (Apr 27)
C4B XPhone UC Web 4.1.890S R1 - Cross Site Vulnerability Research (Apr 27)
Opial CMS v2.0 - Multiple Web Vulnerabilities Research (Apr 29)
C4B XPhone UC Web 4.1.890S R1 - Cross Site Vulnerability Research (Apr 29)
China Pujia Government - Blind SQL Injection Vulnerability Research (Apr 29)
China Pujiang Government - Blind SQL Injection Vulnerability Research (Apr 29)
Croogo v1.3.4 CMS - Multiple Web Vulnerabilities Research (Apr 29)
Pritlog v0.821 CMS - Multiple Web Vulnerabilities Research (Apr 30)

Robert Kim App and Facebook Marketing

Re: [Announcement] CHMag's Issue 27, April 2012 Released Robert Kim App and Facebook Marketing (Apr 19)

Romain Bourdy

Re: Windows XP denial of service 0day found in CTF exercise Romain Bourdy (Apr 17)

Roman Medina-Heigl Hernandez

Re: Amongst data breaches and misc 'leakage', not necessarily digital, DEFCON CTF continues at DEFCON XX Roman Medina-Heigl Hernandez (Apr 13)

runlvl

[Spanish] - Exploit Pack - Web Security Framework runlvl (Apr 13)
[New Tool] - Exploit Pack - Web Security runlvl (Apr 23)
[New tool] - Exploit Pack - Web Security runlvl (Apr 23)
[Exploit Pack] - Web Security -Webinar Live demo! runlvl (Apr 27)

Ryan Dewhurst

Re: Erronous post concerning Backtrack 5 R2 0day Ryan Dewhurst (Apr 13)

Sanguinarious Rose

Re: www.LEORAT.com is scam Sanguinarious Rose (Apr 02)
Re: Brute Force vulnerability in WordPress Sanguinarious Rose (Apr 04)

sd

Re: incorrect integer conversions in OpenSSL can result in memory corruption. sd (Apr 24)

Sebastian Rakowski

Re: www.LEORAT.com is scam Sebastian Rakowski (Apr 04)
Re: www.LEORAT.com is scam Sebastian Rakowski (Apr 04)

SEC Consult Vulnerability Lab

SEC Consult whitepaper :: The Source Is A Lie SEC Consult Vulnerability Lab (Apr 17)

Secunia Research

Secunia Research: RealNetworks Helix Server Credentials Disclosure Security Issue Secunia Research (Apr 09)
Secunia Research: Helix Server SNMP Master Agent Service Two Denial of Service Vulnerabilities Secunia Research (Apr 09)

security

[ MDVSA-2012:046 ] libpng security (Apr 02)
[ MDVSA-2012:047 ] freeradius security (Apr 02)
[ MDVSA-2012:048 ] mutt security (Apr 02)
[ MDVSA-2012:049 ] nagios security (Apr 02)
[ MDVSA-2012:050 ] phpmyadmin security (Apr 03)
[ MDVSA-2012:051 ] libvorbis security (Apr 03)
[ MDVSA-2012:052 ] libvorbis security (Apr 03)
[ MDVSA-2012:053 ] ocsinventory security (Apr 04)
[ MDVSA-2012:054 ] libtiff security (Apr 05)
[ MDVSA-2012:055 ] samba security (Apr 11)
[ MDVSA-2012:056 ] rpm security (Apr 12)
[ MDVSA-2012:057 ] freetype2 security (Apr 12)
[ MDVSA-2012:058 ] curl security (Apr 13)
[ MDVSA-2012:059 ] python-sqlalchemy security (Apr 16)
[ MDVSA-2012:032-1 ] mozilla security (Apr 17)
[ MDVSA-2012:060 ] openssl security (Apr 19)
[ MDVSA-2012:061 ] raptor security (Apr 21)
[ MDVSA-2012:062 ] openoffice.org security (Apr 21)
[ MDVSA-2012:063 ] libreoffice security (Apr 21)
[ MDVSA-2012:064 ] openssl0.9.8 security (Apr 24)
[ MDVSA-2012:065 ] php security (Apr 27)
[ MDVSA-2012:066 ] mozilla security (Apr 27)

Security Explorations

[SE-2012-01] Security vulnerabilities in Java SE Security Explorations (Apr 04)
[SE-2012-01] Security weakness in Apple Quicktime Java extensions Security Explorations (Apr 12)

security-news

[Security-news] SA-CONTRIB-2012-056 - Janrain Engage - Sensitive Data Protection Vulnerability security-news (Apr 04)
[Security-news] SA-CONTRIB-2012-057 - Printer, email and PDF versions - Cross Site Scripting (XSS) security-news (Apr 04)
[Security-news] SA-CONTRIB-2012-058 - Fivestar - Input Validation security-news (Apr 11)
[Security-news] SA-CONTRIB-2012-059 - Autosave - Cross Site Scripting security-news (Apr 11)
[Security-news] SA-CONTRIB-2012-060 - Commerce Reorder - Cross Site Request Forgery security-news (Apr 18)
[Security-news] SA-CONTRIB-2012-061 - Gigya - Social optimization - Cross Site Scripting (XSS) security-news (Apr 18)
[Security-news] SA-CONTRIB-2012-062 - Creative Commons - Cross Site Scripting (XSS) security-news (Apr 25)
[Security-news] SA-CONTRIB-2012-063 - RealName - Cross Site Scripting (XSS) security-news (Apr 25)
[Security-news] SA-CONTRIB-2012-064 - Ubercart - Multiple vulnerabilities security-news (Apr 25)
Re: [Security-news] SA-CONTRIB-2012-063 - RealName - Cross Site Scripting (XSS) security-news (Apr 25)
[Security-news] SA-CONTRIB-2012-065 - Sitedoc - Information disclosure security-news (Apr 25)
[Security-news] SA-CONTRIB-2012-066 - Spaces and Spaces OG - Access Bypass security-news (Apr 25)
[Security-news] SA-CONTRIB-2012-067 - Linkit - Access bypass security-news (Apr 25)

Sergio Arcos

Re: Vulnerability in Backtrack Sergio Arcos (Apr 24)

Shakacon

Shakacon CFP - Extended Deadline: April 13, 2012 Shakacon (Apr 06)

Shatter

TeamSHATTER Security Advisory: Privilege escalation via internal sql injection in RESTORE DATABASE command Shatter (Apr 11)
Incomplete protection of Oracle Database locked accounts (CVE-2012-0510) Shatter (Apr 19)
Some failed authentication attempts using OCIPasswordChange API are not recorded (CVE-2012-0511) Shatter (Apr 19)
SQL Injection in Oracle Enterprise Manager (compareWizFirstConfig web page) (CVE-2012-0512) Shatter (Apr 19)
SQL Injection in Oracle Enterprise Manager (searchPage web page) (CVE-2012-0525) Shatter (Apr 19)
HTTP Response Splitting in Oracle Enterprise Manager (prevPage parameter) (CVE-2012-0526) Shatter (Apr 19)
HTTP Response Splitting in Oracle Enterprise Manager (pageName parameter) (CVE-2012-0527) Shatter (Apr 19)
Oracle Enterprise Manager vulnerable to Session fixation (CVE-2012-0528) Shatter (Apr 19)
OCIPasswordChange API leaks information of password hash (CVE-2012-0511) Shatter (Apr 19)

smith joseph

www.LEORAT.com is scam smith joseph (Apr 02)

Stefan Fritsch

[SECURITY] [DSA 2452-1] apache2 security update Stefan Fritsch (Apr 16)

Steve

44Con London 2012 CFP - September 5th - 7th Steve (Apr 10)

Tavis Ormandy

incorrect integer conversions in OpenSSL can result in memory corruption. Tavis Ormandy (Apr 19)

Terrence

Re: Windows XP denial of service 0day found in CTF exercise Terrence (Apr 17)
Re: phpMyBible 0.5.1 Mutiple XSS Terrence (Apr 23)

Thijs Kinkhorst

[SECURITY] [DSA 2450-1] samba security update Thijs Kinkhorst (Apr 12)

Thomas Richards

Re: PHP Gift Registry 1.5.5 SQL Injection Thomas Richards (Apr 16)
phpMyBible 0.5.1 Mutiple XSS Thomas Richards (Apr 22)

Thor (Hammer of God)

Re: www.LEORAT.com is scam Thor (Hammer of God) (Apr 02)
Thor's Private Key Thor (Hammer of God) (Apr 08)
Re: Thor's Private Key Thor (Hammer of God) (Apr 09)
Re: phpMyBible 0.5.1 Mutiple XSS Thor (Hammer of God) (Apr 22)
Re: phpMyBible 0.5.1 Mutiple XSS Thor (Hammer of God) (Apr 23)
Re: Vulnerability in Gentoo hardened Thor (Hammer of God) (Apr 24)

Travis Biehn

Re: CIntruder v0.1 Travis Biehn (Apr 09)
Re: new law proposal on EU against hacking tools and practices Travis Biehn (Apr 09)

Trustwave Advisories

TWSL2012-008: Multiple Vulnerabilities in Scrutinizer NetFlow & sFlow Analyzer Trustwave Advisories (Apr 12)

Urlan

Re: Backtrack 5 R2 priv escalation 0day found in CTF exercise Urlan (Apr 12)
Re: Vulnerability in Backtrack Urlan (Apr 24)

Valdis . Kletnieks

Re: www.LEORAT.com is scam Valdis . Kletnieks (Apr 02)
Re: Working to get more people to check if their infected with DNS Changer Valdis . Kletnieks (Apr 04)
Re: new law proposal on EU against hacking tools and practices Valdis . Kletnieks (Apr 09)
Re: new law proposal on EU against hacking tools and practices Valdis . Kletnieks (Apr 09)
Re: new law proposal on EU against hacking tools and practices Valdis . Kletnieks (Apr 09)
Re: Windows XP denial of service 0day found in CTF exercise Valdis . Kletnieks (Apr 17)
Re: phpMyBible 0.5.1 Mutiple XSS Valdis . Kletnieks (Apr 23)
Re: Vulnerability in Gentoo hardened Valdis . Kletnieks (Apr 24)
Re: DoS vulnerabilities in Firefox, Internet Explorer and Opera Valdis . Kletnieks (Apr 30)

Vikram Dhillon

Re: Mathematica8.0.4 on Linux /tmp/MathLink vulnerability Vikram Dhillon (Apr 17)

VMware Security Team

VMSA-2012-0007 VMware hosted products and ESXi/ESX patches address privilege escalation VMware Security Team (Apr 13)
VMSA-2012-0008 VMware ESX updates to ESX Service Console VMware Security Team (Apr 27)

VSR Advisories

HTC IQRD Android Permission Leakage (CVE-2012-2217) VSR Advisories (Apr 22)

Vulcan DDtek

Amongst data breaches and misc 'leakage', not necessarily digital, DEFCON CTF continues at DEFCON XX Vulcan DDtek (Apr 02)

Walied Assar

Microsoft Incremental Linker Integer Overflow Walied Assar (Apr 24)

YGN Ethical Hacker Group

FastPath Webchat | Multiple Cross Site Scripting Vulnerabilities YGN Ethical Hacker Group (Apr 16)
Joomla! Plugin - Beatz 1.x <= Multiple Cross Site Scripting Vulnerabilities YGN Ethical Hacker Group (Apr 16)
Acuity CMS 2.6.x <= Cross Site Scripting YGN Ethical Hacker Group (Apr 17)

yuange

FW: iis bug yuange (Apr 01)
Re: iis bug yuange (Apr 02)

Zach C.

Re: incorrect integer conversions in OpenSSL can result in memory corruption. Zach C. (Apr 21)

ZDI Disclosures

ZDI-12-055 : Webkit.org Webkit copyNonAttributeProperties Remote Code Execution Vulnerability ZDI Disclosures (Apr 09)
ZDI-12-056 : Mozilla Firefox nsSVGValue Out-of-Bounds Access Remote Code Execution Vulnerability ZDI Disclosures (Apr 09)
ZDI-12-057 : (Pwn2Own) Adobe Flash Player NetStream addBytes Remote Code Execution Vulnerability ZDI Disclosures (Apr 09)
ZDI-12-058 : Apple Quicktime PNG Depth Decoding Remote Code Execution Vulnerability ZDI Disclosures (Apr 09)
ZDI-12-059 : Mozilla Firefox Ogg Vorbis Decoding Memory Corruption Remote Code Execution Vulnerability ZDI Disclosures (Apr 09)
ZDI-12-060 : Oracle Java Runtime readMabCurveData nTblSize Remote Code Execution Vulnerability ZDI Disclosures (Apr 09)

Zerial.

[ZEM560] Vulnerability on Fingerprint & Proximity Access Controller Zerial. (Apr 03)

ZeroDay.JP

An April Fools' Day Android Payload ZeroDay.JP (Apr 02)

Григорий Братислава

Vulnerability in Backtrack Григорий Братислава (Apr 24)
Previous period Next period
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]