Home page logo
/

390 messages starting Mar 09 12 and ending Mar 29 12
Date index | Thread index | Author index

_

Re: Stakeout: how the FBI tracked and busted a Chicago Anon _ (Mar 09)
Re: is my ISP lying or stupid? _ (Mar 21)

Aaron Toponce

Re: Apple IOS security issue pre-advisory record Aaron Toponce (Mar 26)

Abhijeet Patil

[Announcement] ClubHack Magazine Issue 26, March 2012 Released Abhijeet Patil (Mar 13)
[Announcement] ClubHack Mag - Call for Articles Abhijeet Patil (Mar 16)

adam

Re: Apple IOS security issue pre-advisory record adam (Mar 23)
Re: Apple IOS security issue pre-advisory record adam (Mar 23)

Adam Behnke

Cookie based SQL Injection Adam Behnke (Mar 06)
DarkComet - syrian revolution trojan analysis and author interview Adam Behnke (Mar 21)
Mexican Drug Cartels and Cyberspace Adam Behnke (Mar 26)

Adrián

Re: ms12-020 PoC Adrián (Mar 18)

Alberto Fabiano

Re: The Mystery of the Duqu Framework Alberto Fabiano (Mar 11)
Re: The Mystery of the Duqu Framework Alberto Fabiano (Mar 11)

Alex Buie

Re: Oracle Exadata Infiniband Switch default logins and world readable shadow file Alex Buie (Mar 16)
Re: is my ISP lying or stupid? Alex Buie (Mar 23)

Amplia Security Research

Windows Credentials Editor (WCE) v1.3beta 32bit release Amplia Security Research (Mar 10)

Andrew King

audio may be NSFW...just something I've been playing with Andrew King (Mar 12)
Re: The Mystery of the Duqu Framework Andrew King (Mar 20)

Asterisk Security Team

AST-2012-002: Remote Crash Vulnerability in Milliwatt Application Asterisk Security Team (Mar 15)
AST-2012-003: Stack Buffer Overflow in HTTP Manager Asterisk Security Team (Mar 15)

Ayoub Aboukir

Minify and related plugins DOM-Based XSS Vulnerability Ayoub Aboukir (Mar 22)

b

Re: PcwRunAs Password Obfuscation Design Flaw b (Mar 28)
Re: PcwRunAs Password Obfuscation Design Flaw b (Mar 29)

Benji

Re: Cookie based SQL Injection Benji (Mar 06)

BGA

Re: ms12-020 new poc BGA (Mar 18)

Borys Madry

Re: [Full-disclosure] Please do not take down the Sality botnet Borys Madry (Mar 29)

Cédric Jeanneret

Informations about old Sun-java-System-Web-Server/7.0 Cédric Jeanneret (Mar 15)

cfp

GrrCON 2012: Grand Rapids, MI - Sept 27-28 cfp (Mar 13)

Charlie Derr

Re: Apple IOS security issue pre-advisory record Charlie Derr (Mar 26)

Chris L

Re: ms12-020 PoC Chris L (Mar 18)

Christian Sciberras

Re: Anon war?- arrests Christian Sciberras (Mar 01)
Re: The Mystery of the Duqu Framework Christian Sciberras (Mar 10)
Re: Drupal 7.x Search Module - Full Path Disclosure Christian Sciberras (Mar 14)
Re: WordPress plugin 'WordPress Integrator 1.32' XSS vulnerability Christian Sciberras (Mar 27)
Re: Brute Force vulnerability in WordPress Christian Sciberras (Mar 28)
Re: PcwRunAs Password Obfuscation Design Flaw Christian Sciberras (Mar 29)

Christophe Alladoum

[iputils] Integer overflow in iputils ping/ping6 tools Christophe Alladoum (Mar 13)

Christopher Truncer

Re: Brute Force vulnerability in WordPress Christopher Truncer (Mar 25)

Cisco Systems Product Security Incident Response Team

Cisco Security Advisory: Cisco ASA 5500 Series Adaptive Security Appliance Clientless VPN ActiveX Control Remote Code Execution Vulnerability Cisco Systems Product Security Incident Response Team (Mar 14)
Cisco Security Advisory: Cisco Firewall Services Module Crafted Protocol Independent Multicast Message Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Mar 14)
Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module Cisco Systems Product Security Incident Response Team (Mar 14)
Cisco Security Advisory: Cisco IOS Software Command Authorization Bypass Cisco Systems Product Security Incident Response Team (Mar 28)
Cisco Security Advisory: Cisco IOS Software RSVP Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Mar 28)
Cisco Security Advisory: Cisco IOS Software Smart Install Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Mar 28)
Cisco Security Advisory: Cisco IOS Software Reverse SSH Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Mar 28)
Cisco Security Advisory: Cisco IOS Software Zone-Based Firewall Vulnerabilities Cisco Systems Product Security Incident Response Team (Mar 28)
Cisco Security Advisory: Cisco IOS Internet Key Exchange Vulnerability Cisco Systems Product Security Incident Response Team (Mar 28)
Cisco Security Advisory: Multiple Vulnerabilities in Cisco IOS Software Traffic Optimization Features Cisco Systems Product Security Incident Response Team (Mar 28)
Cisco Security Advisory: Cisco IOS Software Network Address Translation Vulnerability Cisco Systems Product Security Incident Response Team (Mar 28)
Cisco Security Advisory: Cisco IOS Software Multicast Source Discovery Protocol Vulnerability Cisco Systems Product Security Incident Response Team (Mar 28)

coderman

Re: gnome-terminal, xfce4-terminal, terminator and others write scrollback buffer to disk coderman (Mar 07)
Re: The Mystery of the Duqu Framework coderman (Mar 11)
Re: The Mystery of the Duqu Framework coderman (Mar 11)
Re: The Mystery of the Duqu Framework coderman (Mar 11)
Re: The Mystery of the Duqu Framework coderman (Mar 11)
Re: Welcome Back IRL coderman (Mar 11)
Re: Circumventing NAT via UDP hole punching. coderman (Mar 11)
Re: power of this list.. coderman (Mar 11)
Re: The Mystery of the Duqu Framework coderman (Mar 11)
coverity coderman (Mar 11)
Re: Apple IOS security issue pre-advisory record coderman (Mar 26)

crazy frog crazy frog

Re: Earth to Facebook crazy frog crazy frog (Mar 18)

d3v1l

vBulletin vBShout Module <= 6.0.5 (vbshout.php?message=) - Reflected Cross-Site Scripting ( XSS ) & HTML Injection d3v1l (Mar 26)

d3v1l !

[Announcement] Call For Papers: OWASP InfoSec India Conference 2012 d3v1l ! (Mar 09)

Damien Cauquil

Re: Oracle based personal data dumping attack on the nuit du hack CTF Damien Cauquil (Mar 26)

dann frazier

[SECURITY] [DSA 2443-1] linux-2.6 security update dann frazier (Mar 27)

Darius Jahandarie

Re: [iputils] Integer overflow in iputils ping/ping6 tools Darius Jahandarie (Mar 14)

Dave

Re: Stakeout: how the FBI tracked and busted a Chicago Anon Dave (Mar 09)
Re: is my ISP lying or stupid? Dave (Mar 18)
Re: Apple IOS security issue pre-advisory record Dave (Mar 23)
Re: Apple IOS security issue pre-advisory record Dave (Mar 24)
Re: Apple IOS security issue pre-advisory record Dave (Mar 24)
Re: Apple IOS security issue pre-advisory record Dave (Mar 24)
Re: Apple IOS security issue pre-advisory record Dave (Mar 24)
Re: Mexican Drug Cartels and Cyberspace Dave (Mar 26)

David Flores

Re: Drupal 7.x Search Module - Full Path Disclosure David Flores (Mar 14)

David Guimaraes

phxEventManager 2.0 beta 5 search.php search_terms SQL Injection Vulnerability David Guimaraes (Mar 01)

dr_250

Why a Computer Programming *History* Class is Needed Re: The Mystery of the Duqu Framework dr_250 (Mar 12)

Elly_Tran_Ha

Re: Sabu, the FBI informant? Elly_Tran_Ha (Mar 07)
Re: Stakeout: how the FBI tracked and busted a Chicago Anon Elly_Tran_Ha (Mar 08)
Re: Stakeout: how the FBI tracked and busted a Chicago Anon Elly_Tran_Ha (Mar 08)

Erik Falor

Re: Full disclosure is arrest of Sabu Erik Falor (Mar 07)

evilrabbi

Re: The Mystery of the Duqu Framework evilrabbi (Mar 14)

Exibar

Re: ms12-020 PoC Exibar (Mar 16)
Re: ms12-020 PoC Exibar (Mar 16)

Fatherlaptop

Joining LulzSec Fatherlaptop (Mar 07)
QR code and the jester Fatherlaptop (Mar 13)
Re: Full-Disclosure SALTY Fatherlaptop (Mar 27)

fd

The Mystery of the Duqu Framework fd (Mar 10)

Ferenc Kovacs

Re: Full disclosure is arrest of Sabu Ferenc Kovacs (Mar 06)
Re: [iputils] Integer overflow in iputils ping/ping6 tools Ferenc Kovacs (Mar 14)
Re: Drupal 7.x Search Module - Full Path Disclosure Ferenc Kovacs (Mar 14)
Re: Earth to Facebook Ferenc Kovacs (Mar 18)

Fernando Gont

Security Implications of Predictable IPv6 Fragment Identification values (rev'ed IETF I-D) Fernando Gont (Mar 04)
IPv6 stable privacy addresses Fernando Gont (Mar 31)

Florian Horsch

Only two weeks left to Troopers12 Florian Horsch (Mar 04)

Florian Weimer

[SECURITY] [DSA 2423-1] movabletype-opensource security update Florian Weimer (Mar 02)
[SECURITY] [DSA 2424-1] libxml-atom-perl security update Florian Weimer (Mar 04)
[SECURITY] [DSA 2425-1] plib security update Florian Weimer (Mar 04)
[SECURITY] [DSA 2426-1] gimp security update Florian Weimer (Mar 06)
[SECURITY] [DSA 2427-1] imagemagick security update Florian Weimer (Mar 06)
[SECURITY] [DSA 2429-1] mysql-5.1 security update Florian Weimer (Mar 07)
[SECURITY] [DSA 2440-1] libtasn1-3 security update Florian Weimer (Mar 24)
[SECURITY] [DSA 2441-1] gnutls26 security update Florian Weimer (Mar 25)
[SECURITY] [DSA 2442-1] openarena security update Florian Weimer (Mar 26)
[SECURITY] [DSA 2444-1] tryton-server security update Florian Weimer (Mar 29)
[SECURITY] [DSA 2445-1] typo3-src security update Florian Weimer (Mar 31)
[SECURITY] [DSA 2442-2] openarena regression Florian Weimer (Mar 31)
[SECURITY] [DSA 2398-2] curl regression Florian Weimer (Mar 31)

foo net

FreePBX <= 2.8.0 Recordings Interface Allows Remote Code Execution foo net (Mar 27)

Frankie Cutlass

Re: [iputils] Integer overflow in iputils ping/ping6 tools Frankie Cutlass (Mar 14)

fulldisclosure

Re: Apple IOS security issue pre-advisory record fulldisclosure (Mar 26)

Gabriele Giacone

[SECURITY] [DSA 2435-1] gnash security update Gabriele Giacone (Mar 20)

Gage Bystrom

Re: [iputils] Integer overflow in iputils ping/ping6 tools Gage Bystrom (Mar 14)

Gary Baribault

Re: Apple IOS security issue pre-advisory record Gary Baribault (Mar 23)

Giles Coochey

Re: is my ISP lying or stupid? Giles Coochey (Mar 21)

gold flake

Re: is my ISP lying or stupid? gold flake (Mar 17)

Greg Knaddison

Re: [Security-news] SA-CONTRIB-2012-040 - CKEditor and FCKeditor - multiple XSS, arbitrary code execution Greg Knaddison (Mar 15)
Re: [Security-news] SA-CONTRIB-2012-040 - CKEditor and FCKeditor - multiple XSS, arbitrary code execution Greg Knaddison (Mar 16)
Re: [Security-news] SA-CONTRIB-2012-051 - Activity - Multiple Vulnerablities Greg Knaddison (Mar 29)

Hafez Kamal

[HITB-Announce] HITB2012AMS SIGINT - Call for Submissions Hafez Kamal (Mar 08)

Henri Lindberg

nSense-2012-001: Citrix License Server Henri Lindberg (Mar 15)

HI-TECH .

Apache Tomcat Remote Exploit (PUT request) and Account Scanner HI-TECH . (Mar 18)

IA64 LOL

Re: Apple IOS security issue pre-advisory record IA64 LOL (Mar 26)

Ian Hayes

Re: ms12-020 PoC Ian Hayes (Mar 16)

InterN0T Advisories

Re: [Security-news] SA-CONTRIB-2012-0 40 - CKEditor and FCKeditor - multiple XSS, arbitrary code execution InterN0T Advisories (Mar 14)
Re: [Security-news] SA-CONTRIB-2012-0 40 - CKEditor and FCKeditor - multiple XSS, arbitrary code execution InterN0T Advisories (Mar 14)
Re: [Security-news] SA-CONTRIB-2012-040 - CKEditor and FCKeditor - multiple XSS, arbitrary code execution InterN0T Advisories (Mar 16)
Re: Brute Force vulnerability in WordPress InterN0T Advisories (Mar 25)

Irene Abezgauz

Seeker Advisory: Insecure Redirect in .NET Form Authentication - Redirect From Login Mechanism (ReturnURL Parameter) Irene Abezgauz (Mar 21)

Ivan .Heca

Re: Full disclosure is arrest of Sabu Ivan .Heca (Mar 06)
Re: Sabu, the FBI informant? Ivan .Heca (Mar 07)
Stakeout: how the FBI tracked and busted a Chicago Anon Ivan .Heca (Mar 08)
Congress Capitulates To TSA; Refuses To Let Bruce Schneier Testify Ivan .Heca (Mar 26)

James Condron

Re: [iputils] Integer overflow in iputils ping/ping6 tools James Condron (Mar 13)
Re: is my ISP lying or stupid? James Condron (Mar 16)
Re: is my ISP lying or stupid? James Condron (Mar 18)
Re: ms12-020 PoC James Condron (Mar 18)

James Parson

Re: Iciniti Store SQL Injection - Security Advisory - SOS-12-003 James Parson (Mar 07)

Jan Schejbal

Android wipe unreliable Jan Schejbal (Mar 18)

Jason Hellenthal

Re: Please do not take down the Sality botnet Jason Hellenthal (Mar 28)

Jeffrey Walton

Re: coverity Jeffrey Walton (Mar 12)
Re: [iputils] Integer overflow in iputils ping/ping6 tools Jeffrey Walton (Mar 13)
Re: Earth to Facebook Jeffrey Walton (Mar 18)
Re: Android wipe unreliable Jeffrey Walton (Mar 19)
Shopping For Zero-Days: A Price List For Hackers' Secret Software Exploits Jeffrey Walton (Mar 25)
Re: PcwRunAs Password Obfuscation Design Flaw Jeffrey Walton (Mar 28)
Re: Android wipe unreliable Jeffrey Walton (Mar 31)

Jerry dePriest

is my ISP lying or stupid? Jerry dePriest (Mar 16)

João Paulo Caldas Campello

Path Traversal and O.S. Command Injection vulnerabilities in Polycom products João Paulo Caldas Campello (Mar 05)

John Cartwright

List Charter John Cartwright (Mar 09)

john doe

Apple IOS security issue pre-advisory record john doe (Mar 23)
Re: Apple IOS security issue pre-advisory record john doe (Mar 23)
Re: Apple IOS security issue pre-advisory record john doe (Mar 24)

John Favorite

Re: [SECURITY] [DSA 2430-1] python-pam security update John Favorite (Mar 10)

Jonathan Brossard

Hackito 2012 Crypto Challenge Jonathan Brossard (Apr 01)

J. Oquendo

Earth to Facebook J. Oquendo (Mar 15)

Julius Kivimäki

Re: Anon war?- arrests Julius Kivimäki (Mar 01)
Re: Anon war?- arrests Julius Kivimäki (Mar 01)
Re: Anon war?- arrests Julius Kivimäki (Mar 01)
Re: Full disclosure is arrest of Sabu Julius Kivimäki (Mar 09)
Re: is my ISP lying or stupid? Julius Kivimäki (Mar 16)
Re: ms12-020 PoC Julius Kivimäki (Mar 18)

Justin C. Klein Keane

Re: [Security-news] SA-CONTRIB-2012-051 - Activity - Multiple Vulnerablities Justin C. Klein Keane (Mar 28)

klondike

Pokemon.com has no respect for user's personal data klondike (Mar 07)
Permanent XSS on the nuit du hack webmail service klondike (Mar 24)
Re: Oracle based personal data dumping attack on the nuit du hack CTF klondike (Mar 24)
Re: Oracle based personal data dumping attack on the nuit du hack CTF klondike (Mar 27)

Kotas, Kevin J

CA20120320-01: Security Notice for CA ARCserve Backup Kotas, Kevin J (Mar 20)

Krzysztof Marczyk

pentesting market Krzysztof Marczyk (Mar 13)
PenTest Market - All about pentesting business Krzysztof Marczyk (Mar 18)
Penetration testing business Krzysztof Marczyk (Mar 20)

Kyle Creyts

Re: Stakeout: how the FBI tracked and busted a Chicago Anon Kyle Creyts (Mar 09)

kyle kemmerer

ms12-020 PoC kyle kemmerer (Mar 16)
Re: ms12-020 PoC kyle kemmerer (Mar 16)

larry Cashdollar

EGRC (formerly EITC) 2012 Save The Date (June 12th-14th, 2012) larry Cashdollar (Mar 09)
Oracle Exadata Infiniband Switch default logins and world readable shadow file larry Cashdollar (Mar 14)
Re: Oracle Exadata Infiniband Switch default logins and world readable shadow file larry Cashdollar (Mar 17)

Laurelai

Re: Full disclosure is arrest of Sabu Laurelai (Mar 06)
Re: Sabu, the FBI informant? Laurelai (Mar 07)
Re: Stakeout: how the FBI tracked and busted a Chicago Anon Laurelai (Mar 08)
Re: The Mystery of the Duqu Framework Laurelai (Mar 10)
Re: The Mystery of the Duqu Framework Laurelai (Mar 10)
Re: The Mystery of the Duqu Framework Laurelai (Mar 10)
Re: The Mystery of the Duqu Framework Laurelai (Mar 10)
Re: The Mystery of the Duqu Framework Laurelai (Mar 10)

lawabidingcitizen

Please do not take down the Sality botnet lawabidingcitizen (Mar 27)

Lee

Re: is my ISP lying or stupid? Lee (Mar 18)

Leif Hedstrom

[ANNOUNCE] Apache Traffic Server releases for security incident CVE-2012-0256 Leif Hedstrom (Mar 23)

Lists

Symfony2 Local File Disclosure - Security Advisory - SOS-12-002 Lists (Mar 05)
Iciniti Store SQL Injection - Security Advisory - SOS-12-003 Lists (Mar 07)
Aurora WebOPAC SQL Injection - Security Advisory - SOS-12-004 Lists (Mar 12)

Luciano Bello

[SECURITY] [DSA 2434-1] nginx security update Luciano Bello (Mar 20)

Maciej Kozuszek

The Best of PenTest Maciej Kozuszek (Mar 26)

majinboo

Re: Oracle based personal data dumping attack on the nuit du hack CTF majinboo (Mar 26)

Major Malfunction

DC4420 - London DEFCON - March Meet - Tuesday 20th March 2012 Major Malfunction (Mar 19)

Maksymilian Arciemowicz

PHP 5.4/5.3 deprecated eregi() memory_limit bypass Maksymilian Arciemowicz (Mar 30)

Marco Ermini

Re: The Mystery of the Duqu Framework Marco Ermini (Mar 14)

Marcus Meissner

Re: [iputils] Integer overflow in iputils ping/ping6 tools Marcus Meissner (Mar 13)

Mario Vilas

Re: ms12-020 new poc Mario Vilas (Mar 18)
Re: The Mystery of the Duqu Framework Mario Vilas (Mar 20)

Mark Krenz

gnome-terminal, xfce4-terminal, terminator and others write scrollback buffer to disk Mark Krenz (Mar 07)
Re: gnome-terminal, xfce4-terminal, terminator and others write scrollback buffer to disk Mark Krenz (Mar 07)

Mark Stanislav

'PHP Grade Book' Unauthenticated SQL Database Export (CVE-2012-1670) Mark Stanislav (Mar 23)
'phpMoneyBooks' Local File Inclusion (CVE-2012-1669) Mark Stanislav (Mar 23)

Markus Vervier

LSE-2012-03-01: PyPAM -- Python bindings for PAM - Double Free Corruption Markus Vervier (Mar 09)

Martin Grigorov

[CVE-2012-0047] Apache Wicket XSS vulnerability via pageMapName request parameter Martin Grigorov (Mar 22)
[CVE-2012-1089] Apache Wicket serving of hidden files vulnerability Martin Grigorov (Mar 22)

Martin Tschirsich

FreePBX remote command execution, xss Martin Tschirsich (Mar 20)

metasansana

Re: Mexican Drug Cartels and Cyberspace metasansana (Mar 26)

Michal Zalewski

Re: Fw: Earth to Facebook Michal Zalewski (Mar 18)
Re: Fw: Earth to Facebook Michal Zalewski (Mar 19)
Re: Apple IOS security issue pre-advisory record Michal Zalewski (Mar 23)

Mikhail A. Utin

LulzSec $ Sabu - lessons learned Mikhail A. Utin (Mar 09)

Moritz Muehlenhoff

[SECURITY] [DSA 2428-1] freetype security update Moritz Muehlenhoff (Mar 08)
[SECURITY] [DSA 2430-1] python-pam security update Moritz Muehlenhoff (Mar 10)
[SECURITY] [DSA 2431-1] libdbd-pg-perl security update Moritz Muehlenhoff (Mar 11)
[SECURITY] [DSA 2432-1] libyaml-libyaml-perl security update Moritz Muehlenhoff (Mar 12)
[SECURITY] [DSA 2433-1] iceweasel security update Moritz Muehlenhoff (Mar 15)
[SECURITY] [DSA 2437-1] icedove security update Moritz Muehlenhoff (Mar 21)
[SECURITY] [DSA 2438-1] raptor security update Moritz Muehlenhoff (Mar 22)
[SECURITY] [DSA 2439-1] libpng security update Moritz Muehlenhoff (Mar 22)

MustLive

Multiple vulnerabilities in EJBCA MustLive (Mar 11)
Brute Force vulnerability in WordPress MustLive (Mar 25)
XSS and BF vulnerabilities in WordPress MustLive (Mar 28)
Re: Brute Force vulnerability in WordPress MustLive (Mar 28)
New XSS vulnerabilities in Register Plus Redux for WordPress MustLive (Mar 29)

Nahuel Grisolia

Re: ms12-020 PoC Nahuel Grisolia (Mar 18)

Nahuel Grisolía

Re: ms12-020 PoC Nahuel Grisolía (Mar 18)
Re: ms12-020 PoC Nahuel Grisolía (Mar 18)

Netsparker Advisories

Local File Inclusion Vulnerability in TomatoCart Netsparker Advisories (Mar 28)
Cross-site scripting vulnerability in Invision Power Board version 3.2.3 Netsparker Advisories (Mar 29)

Nick FitzGerald

Re: is my ISP lying or stupid? Nick FitzGerald (Mar 17)

not here

Re: QR code and the jester not here (Mar 13)

otr

PcwRunAs Password Obfuscation Design Flaw otr (Mar 26)

OWASP AppSec EU

OWASP AppSec Research EU CFP/CFT OWASP AppSec EU (Mar 29)

pathric due

LiteSpeed <= 4.1.11 Admin panel XSS pathric due (Mar 19)

paul . szabo

Re: [iputils] Integer overflow in iputils ping/ping6 tools paul . szabo (Mar 14)

Peter Maxwell

Re: is my ISP lying or stupid? Peter Maxwell (Mar 17)
Re: is my ISP lying or stupid? Peter Maxwell (Mar 18)

rackow

Re: Apple IOS security issue pre-advisory record rackow (Mar 24)

Ramo

Sabu, the FBI informant? Ramo (Mar 07)

rancor

Re: is my ISP lying or stupid? rancor (Mar 16)

RandallM

power of this list.. RandallM (Mar 09)

Research

Microsoft Bing - Editor Flash Component Vulnerability Research (Mar 16)
JPM Article Script 6 - SQL Injection Vulnerability Research (Mar 16)
B2Evolution CMS 4.1.3 - Multiple Web Vulnerabilities Research (Mar 29)
Barracuda Cloud CC v3.04.015 - Multiple Web Vulnerabilities Research (Mar 29)
Skype 5.8x 5.5x - Corruption & Persistent Vulnerability Research (Mar 29)
Apple Website Service - SQL Injection Vulnerabilities Research (Mar 29)
Bitsmith PS Knowbase 3.2.3 - Buffer Overflow Vulnerability Research (Mar 30)
Landshop v0.9.2 - Multiple Web Vulnerabilities Research (Mar 31)

research () vulnerability-lab com

FlashFXP v4.1.8.1701 - Buffer Overflow Vulnerability research () vulnerability-lab com (Mar 01)
LDAP Account Manager Pro v3.6 (lamp) - Multiple Vulnerabilities research () vulnerability-lab com (Mar 01)
Endian UTM Firewall v2.4.x & v2.5.0 - Multiple Web Vulnerabilities research () vulnerability-lab com (Mar 01)
HITB2011KUL - Satellite Telephony Security - Jim Geovedi research () vulnerability-lab com (Mar 07)
Barracuda WAF 660 v7.6.0.028 - Cross Site Vulnerability research () vulnerability-lab com (Mar 08)
Barracuda CudaTel v2.0.029.1 - Multiple Web Vulnerabilities research () vulnerability-lab com (Mar 08)
Ilient SysAid v8.5.05 - Multiple Web Vulnerabilities research () vulnerability-lab com (Mar 08)
Enterasys SecureStack Switch v6.x - Multiple Vulnerabilities research () vulnerability-lab com (Mar 08)
Pitrinec MacroToolworks 7.5 - Buffer Overflow Vulnerability research () vulnerability-lab com (Mar 08)

Robert Kim App and Facebook Marketing

Re: Android wipe unreliable Robert Kim App and Facebook Marketing (Mar 19)

Rob Weir

CVE-2012-0037: OpenOffice.org data leakage vulnerability Rob Weir (Mar 22)

Roger

Re: Drupal 7.x Search Module - Full Path Disclosure Roger (Mar 14)

root

Re: ms12-020 PoC root (Mar 16)

runlvl

[Spanish-Offtopic] - Desarrollo de Exploits runlvl (Mar 28)

Sanguinarious Rose

Re: Full disclosure is arrest of Sabu Sanguinarious Rose (Mar 06)
Re: The Mystery of the Duqu Framework Sanguinarious Rose (Mar 10)
Re: The Mystery of the Duqu Framework Sanguinarious Rose (Mar 10)
Re: The Mystery of the Duqu Framework Sanguinarious Rose (Mar 10)
Re: The Mystery of the Duqu Framework Sanguinarious Rose (Mar 10)
Re: QR code and the jester Sanguinarious Rose (Mar 13)
Re: The Mystery of the Duqu Framework Sanguinarious Rose (Mar 19)

Sebastian Rakowski

Re: Stakeout: how the FBI tracked and busted a Chicago Anon Sebastian Rakowski (Mar 09)

SecBugs

Multiple PTK DFlabs failures to restrict access to sensitive data SecBugs (Mar 29)

SEC Consult Vulnerability Lab

SEC Consult SA-20120315-0 :: Multiple permanent XSS vulnerabilities in EMC Documentum eRoom SEC Consult Vulnerability Lab (Mar 15)
SEC Consult SA-20120328-0 :: F5 FirePass SSL VPN unauthenticated remote root through SQL injection - CVE-2012-1777 SEC Consult Vulnerability Lab (Mar 28)
SEC Consult SA-20120328-1 :: Microsoft ASP.NET Forms Authentication Bypass - follow-up advisory - CVE-2011-3416 SEC Consult Vulnerability Lab (Mar 28)

security

[ MDVSA-2012:028 ] libxslt security (Mar 01)
[ MDVSA-2012:029 ] pidgin security (Mar 16)
[ MDVSA-2012:030 ] systemd security (Mar 16)
[ MDVSA-2012:031 ] firefox security (Mar 17)
[ MDVSA-2012:032 ] mozilla security (Mar 20)
Mu Dynamics, Inc. Security Advisories MU-201202-01 and MU-201202-02 for GnuTLS and Libtasn1 Security (Mar 21)
[ MDVSA-2012:033 ] libpng security (Mar 21)
[ MDVSA-2012:034 ] libzip security (Mar 23)
[ MDVSA-2012:035 ] file security (Mar 23)
[ MDVSA-2012:036 ] libsoup security (Mar 23)
[ MDVSA-2012:037 ] cyrus-imapd security (Mar 23)
[ MDVSA-2012:038 ] openssl security (Mar 26)
[ MDVSA-2012:039 ] libtasn1 security (Mar 27)
[ MDVSA-2012:040 ] gnutls security (Mar 27)
[ MDVSA-2012:041 ] expat security (Mar 27)
[ MDVSA-2012:042 ] wireshark security (Mar 28)
[ MDVSA-2012:043 ] nginx security (Mar 29)
[ MDVSA-2012:044 ] cvs security (Mar 29)
[ MDVSA-2012:045 ] gnutls security (Mar 30)

security-news

[Security-news] SA-CONTRIB-2012-030 - Data - Cross Site Scripting (XSS) security-news (Mar 07)
[Security-news] SA-CONTRIB-2012-031 - Multiple Modules Unsupported - UC PayDutchGroup - Information leakage and Multisite Search sql injection security-news (Mar 07)
[Security-news] SA-CONTRIB-2012-032 - Block Class - Cross Site scripting security-news (Mar 07)
[Security-news] SA-CONTRIB-2012-034 - Node Recommendation Cross Site Scripting (XSS) security-news (Mar 07)
[Security-news] SA-CONTRIB-2012-033 - Read More Link - Cross Site Scripting security-news (Mar 07)
[Security-news] SA-CONTRIB-2012-035 - Webform Cross Site Scripting (XSS) security-news (Mar 07)
[Security-news] DRUPAL-PSA-2012-001 - localizations - Cross Site Scripting security-news (Mar 07)
[Security-news] SA-CONTRIB-2012-036 - Multiple Modules Unsupported security-news (Mar 14)
[Security-news] SA-CONTRIB-2012-037 - Slidebox - access bypass security-news (Mar 14)
[Security-news] SA-CONTRIB-2012-040 - CKEditor and FCKeditor - multiple XSS, arbitrary code execution security-news (Mar 14)
[Security-news] SA-CONTRIB-2012-038 - Views Language Switcher Cross Site Scripting (XSS) security-news (Mar 14)
[Security-news] SA-CONTRIB-2012-039 - Language Icons - Cross Site Scripting (XSS) security-news (Mar 14)
[Security-news] SA-CONTRIB-2012-041 - Fancy Slide - Cross Site Scripting (XSS) security-news (Mar 14)
[Security-news] SA-CONTRIB-2012-042 - Wishlist Cross Site Scripting (XSS) security-news (Mar 21)
[Security-news] SA-CONTRIB-2012-043 - MultiBlock - Cross Site Scripting security-news (Mar 28)
[Security-news] SA-CONTRIB-2012-044 - Contact Forms - Cross Site Scripting security-news (Mar 28)
[Security-news] SA-CONTRIB-2012-045 - AddToAny - Cross Site Scripting security-news (Mar 28)
[Security-news] SA-CONTRIB-2012-047 - Ubercart Views - Information disclosure security-news (Mar 28)
[Security-news] SA-CONTRIB-2012-046 - Bundle Copy - Arbitrary Code execution security-news (Mar 28)
[Security-news] SA-CONTRIB-2012-048 - Contact Save - Cross Site Scripting security-news (Mar 28)
[Security-news] SA-CONTRIB-2012-049 - ShareThis - Multiple Vulnerablies security-news (Mar 28)
[Security-news] SA-CONTRIB-2012-050 - CDN2 Video - Unsupported security-news (Mar 28)
[Security-news] SA-CONTRIB-2012-053 - Organic Groups - Access Bypass security-news (Mar 28)
[Security-news] SA-CONTRIB-2012-054 - Chaos tool suite - Cross Site Scripting (XSS) security-news (Mar 28)
[Security-news] SA-CONTRIB-2012-051 - Activity - Multiple Vulnerablities security-news (Mar 28)
[Security-news] SA-CONTRIB-2012-052 - Node Limit Number - Cross Site Request Forgery security-news (Mar 28)
[Security-news] SA-CONTRIB-2012-055 - Fusion theme - Cross Site Scripting (XSS) security-news (Mar 28)

Shakacon

Shakacon 2012 - CFP Deadline Approaching Shakacon (Mar 21)

Shawn

Re: ms12-020 PoC Shawn (Mar 18)

Simon .

CVE-2012-1201 Testtrack for Linux Racecondition Simon . (Mar 20)

Solar Designer

Re: CVE-2012-0037: libraptor - XXE in RDF/XML File Interpretation (Multiple office products affected) Solar Designer (Mar 28)

Stefan Kanthak

%windir%\temp\sso\ssoexec.dll (or: how trustworthy is Microsoft's build process) Stefan Kanthak (Mar 05)

Stefan Schurtz

WordPress plugin 'WordPress Integrator 1.32' XSS vulnerability Stefan Schurtz (Mar 27)

stuxnet

linode.com hacked? anyone else? stuxnet (Mar 02)

T

Compromised VPN provider out there? T (Mar 31)

Thijs Kinkhorst

[SECURITY] [DSA 2436-1] libapache2-mod-fcgid security update Thijs Kinkhorst (Mar 20)

Thomas Richards

Re: ms12-020 PoC Thomas Richards (Mar 18)
Android FTPServer 1.9.0 Remote DoS Thomas Richards (Mar 20)

Thor (Hammer of God)

Re: is my ISP lying or stupid? Thor (Hammer of God) (Mar 17)
Re: ms12-020 PoC Thor (Hammer of God) (Mar 18)
Re: ms12-020 PoC Thor (Hammer of God) (Mar 18)
Re: ms12-020 PoC Thor (Hammer of God) (Mar 18)
Re: Fw: Earth to Facebook Thor (Hammer of God) (Mar 18)
Re: is my ISP lying or stupid? Thor (Hammer of God) (Mar 21)
Re: Brute Force vulnerability in WordPress Thor (Hammer of God) (Mar 26)
Re: Mexican Drug Cartels and Cyberspace Thor (Hammer of God) (Mar 26)
Re: Apple IOS security issue pre-advisory record Thor (Hammer of God) (Mar 26)
Re: PcwRunAs Password Obfuscation Design Flaw Thor (Hammer of God) (Mar 28)

Timo Warns

[PRE-SA-2012-02] Incorrect loop construct and numeric overflow in libzip Timo Warns (Mar 27)

upsploit advisories

Multiple vulnerabilities in ZyXel GS1510 web front end upsploit advisories (Mar 13)
Re: Fw: Earth to Facebook upsploit advisories (Mar 18)
Re: Fw: Earth to Facebook upsploit advisories (Mar 18)
Re: Fw: Earth to Facebook upsploit advisories (Mar 18)

Ursu Mihail

Drupal 7.x Search Module - Full Path Disclosure Ursu Mihail (Mar 14)

Valdis . Kletnieks

Re: Anon war?- arrests Valdis . Kletnieks (Mar 01)
Re: Cookie based SQL Injection Valdis . Kletnieks (Mar 06)
Re: The Mystery of the Duqu Framework Valdis . Kletnieks (Mar 11)
Re: Circumventing NAT via UDP hole punching. Valdis . Kletnieks (Mar 11)
Re: is my ISP lying or stupid? Valdis . Kletnieks (Mar 16)
Re: is my ISP lying or stupid? Valdis . Kletnieks (Mar 18)
Re: The Mystery of the Duqu Framework Valdis . Kletnieks (Mar 20)
Re: Apple IOS security issue pre-advisory record Valdis . Kletnieks (Mar 24)
Re: Apple IOS security issue pre-advisory record Valdis . Kletnieks (Mar 24)
Re: Apple IOS security issue pre-advisory record Valdis . Kletnieks (Mar 24)
Re: Apple IOS security issue pre-advisory record Valdis . Kletnieks (Mar 26)
Re: Mexican Drug Cartels and Cyberspace Valdis . Kletnieks (Mar 26)
Re: Mexican Drug Cartels and Cyberspace Valdis . Kletnieks (Mar 26)
Re: PcwRunAs Password Obfuscation Design Flaw Valdis . Kletnieks (Mar 28)

Vic Vandal

CarolinaCon-8 (May 2012): General Announcement - Chosen Presenters and Topics - Side Event List Vic Vandal (Mar 22)

VMware Security Team

VMSA-2012-0002 VMware vCenter Chargeback Manager Information Leak and Denial of Service VMware Security Team (Mar 09)
VMSA-2012-0003 VMware VirtualCenter Update and ESX 3.5 patch update JRE VMware Security Team (Mar 09)
VMSA-2012-0004 VMware View privilege escalation and cross-site scripting VMware Security Team (Mar 16)
VMSA-2012-0005 VMware vCenter Server, Orchestrator, Update Manager, vShield, vSphere Client, ESXi and ESX address several security issues VMware Security Team (Mar 16)
VMSA-2012-0006 VMware ESXi and ESX address several security issues VMware Security Team (Mar 30)

VSR Advisories

CVE-2012-0037: libraptor - XXE in RDF/XML File Interpretation (Multiple office products affected) VSR Advisories (Mar 24)
Re: CVE-2012-0037: libraptor - XXE in RDF/XML File Interpretation (Multiple office products affected) VSR Advisories (Mar 27)

William Pitcock

Re: The Mystery of the Duqu Framework William Pitcock (Mar 10)
Re: The Mystery of the Duqu Framework William Pitcock (Mar 10)
Re: The Mystery of the Duqu Framework William Pitcock (Mar 11)
atheme.org Security Advisory ASA-2012-03-01: Improper cleanup of CertFP entries may result in undefined behaviour William Pitcock (Mar 22)

Yashartha Chaturvedi

c0c0n 2012 - Call For Papers and Call For Workshops Yashartha Chaturvedi (Mar 18)

YGN Ethical Hacker Group

Open-Realty CMS 2.5.8 (2.x.x) <= "select_users_template" Local File Inclusion Vulnerability YGN Ethical Hacker Group (Mar 05)
Etano 1.x <= Multiple Cross Site Scripting Vulnerabilities YGN Ethical Hacker Group (Mar 05)

yuange

iis bug yuange (Apr 01)

yuri goncalves soares

ms12-020 new poc yuri goncalves soares (Mar 18)

Zach C.

Re: Cookie based SQL Injection Zach C. (Mar 06)
Re: Earth to Facebook Zach C. (Mar 18)
Re: Brute Force vulnerability in WordPress Zach C. (Mar 26)

ZDI Disclosures

ZDI-12-044 : Microsoft Remote Desktop Protocol Channel Abort Condition Remote Code Execution Vulnerability ZDI Disclosures (Mar 15)

夜神 岩男

Re: LulzSec $ Sabu - lessons learned 夜神 岩男 (Mar 09)
Re: The Mystery of the Duqu Framework 夜神 岩男 (Mar 10)
Re: The Mystery of the Duqu Framework 夜神 岩男 (Mar 11)
Re: PcwRunAs Password Obfuscation Design Flaw 夜神 岩男 (Mar 29)
Previous period Next period
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]