Home page logo
/

390 messages starting Mar 01 12 and ending Apr 01 12
Date index | Thread index | Author index

Thursday, 01 March

[ MDVSA-2012:028 ] libxslt security
Re: Anon war?- arrests Julius Kivimäki
Re: Anon war?- arrests Julius Kivimäki
Re: Anon war?- arrests Julius Kivimäki
phxEventManager 2.0 beta 5 search.php search_terms SQL Injection Vulnerability David Guimaraes
Re: Anon war?- arrests Christian Sciberras
Re: Anon war?- arrests Valdis . Kletnieks
FlashFXP v4.1.8.1701 - Buffer Overflow Vulnerability research () vulnerability-lab com
LDAP Account Manager Pro v3.6 (lamp) - Multiple Vulnerabilities research () vulnerability-lab com
Endian UTM Firewall v2.4.x & v2.5.0 - Multiple Web Vulnerabilities research () vulnerability-lab com

Friday, 02 March

linode.com hacked? anyone else? stuxnet
[SECURITY] [DSA 2423-1] movabletype-opensource security update Florian Weimer

Sunday, 04 March

Security Implications of Predictable IPv6 Fragment Identification values (rev'ed IETF I-D) Fernando Gont
[SECURITY] [DSA 2424-1] libxml-atom-perl security update Florian Weimer
Only two weeks left to Troopers12 Florian Horsch
[SECURITY] [DSA 2425-1] plib security update Florian Weimer

Monday, 05 March

Symfony2 Local File Disclosure - Security Advisory - SOS-12-002 Lists
%windir%\temp\sso\ssoexec.dll (or: how trustworthy is Microsoft's build process) Stefan Kanthak
Path Traversal and O.S. Command Injection vulnerabilities in Polycom products João Paulo Caldas Campello
Open-Realty CMS 2.5.8 (2.x.x) <= "select_users_template" Local File Inclusion Vulnerability YGN Ethical Hacker Group
Etano 1.x <= Multiple Cross Site Scripting Vulnerabilities YGN Ethical Hacker Group

Tuesday, 06 March

[SECURITY] [DSA 2426-1] gimp security update Florian Weimer
[SECURITY] [DSA 2427-1] imagemagick security update Florian Weimer
Re: Full disclosure is arrest of Sabu Ferenc Kovacs
Cookie based SQL Injection Adam Behnke
Re: Cookie based SQL Injection Valdis . Kletnieks
Re: Cookie based SQL Injection Zach C.
Re: Cookie based SQL Injection Benji
Re: Full disclosure is arrest of Sabu Laurelai
Re: Full disclosure is arrest of Sabu Sanguinarious Rose
Re: Full disclosure is arrest of Sabu Ivan .Heca

Wednesday, 07 March

Joining LulzSec Fatherlaptop
gnome-terminal, xfce4-terminal, terminator and others write scrollback buffer to disk Mark Krenz
Sabu, the FBI informant? Ramo
Re: Sabu, the FBI informant? Ivan .Heca
Re: Sabu, the FBI informant? Laurelai
Re: gnome-terminal, xfce4-terminal, terminator and others write scrollback buffer to disk coderman
Re: Sabu, the FBI informant? Elly_Tran_Ha
Iciniti Store SQL Injection - Security Advisory - SOS-12-003 Lists
Re: gnome-terminal, xfce4-terminal, terminator and others write scrollback buffer to disk Mark Krenz
Re: Iciniti Store SQL Injection - Security Advisory - SOS-12-003 James Parson
Pokemon.com has no respect for user's personal data klondike
HITB2011KUL - Satellite Telephony Security - Jim Geovedi research () vulnerability-lab com
Re: Full disclosure is arrest of Sabu Erik Falor
[Security-news] SA-CONTRIB-2012-030 - Data - Cross Site Scripting (XSS) security-news
[SECURITY] [DSA 2429-1] mysql-5.1 security update Florian Weimer
[Security-news] SA-CONTRIB-2012-031 - Multiple Modules Unsupported - UC PayDutchGroup - Information leakage and Multisite Search sql injection security-news
[Security-news] SA-CONTRIB-2012-032 - Block Class - Cross Site scripting security-news
[Security-news] SA-CONTRIB-2012-034 - Node Recommendation Cross Site Scripting (XSS) security-news
[Security-news] SA-CONTRIB-2012-033 - Read More Link - Cross Site Scripting security-news
[Security-news] SA-CONTRIB-2012-035 - Webform Cross Site Scripting (XSS) security-news
[Security-news] DRUPAL-PSA-2012-001 - localizations - Cross Site Scripting security-news

Thursday, 08 March

Stakeout: how the FBI tracked and busted a Chicago Anon Ivan .Heca
Barracuda WAF 660 v7.6.0.028 - Cross Site Vulnerability research () vulnerability-lab com
Barracuda CudaTel v2.0.029.1 - Multiple Web Vulnerabilities research () vulnerability-lab com
Ilient SysAid v8.5.05 - Multiple Web Vulnerabilities research () vulnerability-lab com
Enterasys SecureStack Switch v6.x - Multiple Vulnerabilities research () vulnerability-lab com
Pitrinec MacroToolworks 7.5 - Buffer Overflow Vulnerability research () vulnerability-lab com
[HITB-Announce] HITB2012AMS SIGINT - Call for Submissions Hafez Kamal
Re: Stakeout: how the FBI tracked and busted a Chicago Anon Elly_Tran_Ha
Re: Stakeout: how the FBI tracked and busted a Chicago Anon Laurelai
[SECURITY] [DSA 2428-1] freetype security update Moritz Muehlenhoff
Re: Stakeout: how the FBI tracked and busted a Chicago Anon Elly_Tran_Ha

Friday, 09 March

VMSA-2012-0002 VMware vCenter Chargeback Manager Information Leak and Denial of Service VMware Security Team
VMSA-2012-0003 VMware VirtualCenter Update and ESX 3.5 patch update JRE VMware Security Team
Re: Full disclosure is arrest of Sabu Julius Kivimäki
Re: Stakeout: how the FBI tracked and busted a Chicago Anon _
Re: Stakeout: how the FBI tracked and busted a Chicago Anon Sebastian Rakowski
LSE-2012-03-01: PyPAM -- Python bindings for PAM - Double Free Corruption Markus Vervier
Re: Stakeout: how the FBI tracked and busted a Chicago Anon Kyle Creyts
[Announcement] Call For Papers: OWASP InfoSec India Conference 2012 d3v1l !
List Charter John Cartwright
power of this list.. RandallM
LulzSec $ Sabu - lessons learned Mikhail A. Utin
Re: LulzSec $ Sabu - lessons learned 夜神 岩男
EGRC (formerly EITC) 2012 Save The Date (June 12th-14th, 2012) larry Cashdollar
Re: Stakeout: how the FBI tracked and busted a Chicago Anon Dave

Saturday, 10 March

Windows Credentials Editor (WCE) v1.3beta 32bit release Amplia Security Research
The Mystery of the Duqu Framework fd
Re: The Mystery of the Duqu Framework Sanguinarious Rose
Re: The Mystery of the Duqu Framework Laurelai
Re: The Mystery of the Duqu Framework Sanguinarious Rose
Re: The Mystery of the Duqu Framework Laurelai
Re: The Mystery of the Duqu Framework Sanguinarious Rose
Re: The Mystery of the Duqu Framework Laurelai
Re: The Mystery of the Duqu Framework 夜神 岩男
[SECURITY] [DSA 2430-1] python-pam security update Moritz Muehlenhoff
Re: [SECURITY] [DSA 2430-1] python-pam security update John Favorite
Re: The Mystery of the Duqu Framework Laurelai
Re: The Mystery of the Duqu Framework William Pitcock
Re: The Mystery of the Duqu Framework Laurelai
Re: The Mystery of the Duqu Framework Sanguinarious Rose
Re: The Mystery of the Duqu Framework William Pitcock
Re: The Mystery of the Duqu Framework Christian Sciberras

Sunday, 11 March

Re: The Mystery of the Duqu Framework coderman
Re: The Mystery of the Duqu Framework coderman
Re: The Mystery of the Duqu Framework Valdis . Kletnieks
Re: The Mystery of the Duqu Framework coderman
Re: The Mystery of the Duqu Framework coderman
Re: The Mystery of the Duqu Framework William Pitcock
Re: Welcome Back IRL coderman
Re: Circumventing NAT via UDP hole punching. coderman
Re: power of this list.. coderman
Re: The Mystery of the Duqu Framework 夜神 岩男
[SECURITY] [DSA 2431-1] libdbd-pg-perl security update Moritz Muehlenhoff
Re: The Mystery of the Duqu Framework Alberto Fabiano
Re: The Mystery of the Duqu Framework Alberto Fabiano
Re: The Mystery of the Duqu Framework coderman
coverity coderman
Re: Circumventing NAT via UDP hole punching. Valdis . Kletnieks
Multiple vulnerabilities in EJBCA MustLive

Monday, 12 March

Re: coverity Jeffrey Walton
Aurora WebOPAC SQL Injection - Security Advisory - SOS-12-004 Lists
Why a Computer Programming *History* Class is Needed Re: The Mystery of the Duqu Framework dr_250
audio may be NSFW...just something I've been playing with Andrew King
[SECURITY] [DSA 2432-1] libyaml-libyaml-perl security update Moritz Muehlenhoff

Tuesday, 13 March

[Announcement] ClubHack Magazine Issue 26, March 2012 Released Abhijeet Patil
[iputils] Integer overflow in iputils ping/ping6 tools Christophe Alladoum
QR code and the jester Fatherlaptop
Re: QR code and the jester not here
GrrCON 2012: Grand Rapids, MI - Sept 27-28 cfp
pentesting market Krzysztof Marczyk
Re: QR code and the jester Sanguinarious Rose
Re: [iputils] Integer overflow in iputils ping/ping6 tools Marcus Meissner
Multiple vulnerabilities in ZyXel GS1510 web front end upsploit advisories
Re: [iputils] Integer overflow in iputils ping/ping6 tools James Condron
Re: [iputils] Integer overflow in iputils ping/ping6 tools Jeffrey Walton

Wednesday, 14 March

Re: [iputils] Integer overflow in iputils ping/ping6 tools Gage Bystrom
Re: [iputils] Integer overflow in iputils ping/ping6 tools paul . szabo
Re: The Mystery of the Duqu Framework evilrabbi
Re: The Mystery of the Duqu Framework Marco Ermini
Re: [iputils] Integer overflow in iputils ping/ping6 tools Darius Jahandarie
Re: [iputils] Integer overflow in iputils ping/ping6 tools Frankie Cutlass
Re: [iputils] Integer overflow in iputils ping/ping6 tools Ferenc Kovacs
Drupal 7.x Search Module - Full Path Disclosure Ursu Mihail
Re: Drupal 7.x Search Module - Full Path Disclosure David Flores
Re: Drupal 7.x Search Module - Full Path Disclosure Ferenc Kovacs
Re: Drupal 7.x Search Module - Full Path Disclosure Christian Sciberras
Re: Drupal 7.x Search Module - Full Path Disclosure Roger
Cisco Security Advisory: Cisco ASA 5500 Series Adaptive Security Appliance Clientless VPN ActiveX Control Remote Code Execution Vulnerability Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco Firewall Services Module Crafted Protocol Independent Multicast Message Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module Cisco Systems Product Security Incident Response Team
[Security-news] SA-CONTRIB-2012-036 - Multiple Modules Unsupported security-news
[Security-news] SA-CONTRIB-2012-037 - Slidebox - access bypass security-news
[Security-news] SA-CONTRIB-2012-040 - CKEditor and FCKeditor - multiple XSS, arbitrary code execution security-news
[Security-news] SA-CONTRIB-2012-038 - Views Language Switcher Cross Site Scripting (XSS) security-news
[Security-news] SA-CONTRIB-2012-039 - Language Icons - Cross Site Scripting (XSS) security-news
Re: [Security-news] SA-CONTRIB-2012-0 40 - CKEditor and FCKeditor - multiple XSS, arbitrary code execution InterN0T Advisories
Re: [Security-news] SA-CONTRIB-2012-0 40 - CKEditor and FCKeditor - multiple XSS, arbitrary code execution InterN0T Advisories
[Security-news] SA-CONTRIB-2012-041 - Fancy Slide - Cross Site Scripting (XSS) security-news
Oracle Exadata Infiniband Switch default logins and world readable shadow file larry Cashdollar

Thursday, 15 March

Informations about old Sun-java-System-Web-Server/7.0 Cédric Jeanneret
Re: [Security-news] SA-CONTRIB-2012-040 - CKEditor and FCKeditor - multiple XSS, arbitrary code execution Greg Knaddison
Earth to Facebook J. Oquendo
SEC Consult SA-20120315-0 :: Multiple permanent XSS vulnerabilities in EMC Documentum eRoom SEC Consult Vulnerability Lab
ZDI-12-044 : Microsoft Remote Desktop Protocol Channel Abort Condition Remote Code Execution Vulnerability ZDI Disclosures
[SECURITY] [DSA 2433-1] iceweasel security update Moritz Muehlenhoff
AST-2012-002: Remote Crash Vulnerability in Milliwatt Application Asterisk Security Team
AST-2012-003: Stack Buffer Overflow in HTTP Manager Asterisk Security Team
nSense-2012-001: Citrix License Server Henri Lindberg

Friday, 16 March

[Announcement] ClubHack Mag - Call for Articles Abhijeet Patil
VMSA-2012-0004 VMware View privilege escalation and cross-site scripting VMware Security Team
VMSA-2012-0005 VMware vCenter Server, Orchestrator, Update Manager, vShield, vSphere Client, ESXi and ESX address several security issues VMware Security Team
[ MDVSA-2012:029 ] pidgin security
Re: Oracle Exadata Infiniband Switch default logins and world readable shadow file Alex Buie
Microsoft Bing - Editor Flash Component Vulnerability Research
JPM Article Script 6 - SQL Injection Vulnerability Research
ms12-020 PoC kyle kemmerer
is my ISP lying or stupid? Jerry dePriest
Re: is my ISP lying or stupid? Julius Kivimäki
Re: ms12-020 PoC Exibar
Re: is my ISP lying or stupid? rancor
Re: ms12-020 PoC Ian Hayes
Re: ms12-020 PoC root
Re: ms12-020 PoC Exibar
[ MDVSA-2012:030 ] systemd security
Re: ms12-020 PoC kyle kemmerer
Re: is my ISP lying or stupid? James Condron
Re: [Security-news] SA-CONTRIB-2012-040 - CKEditor and FCKeditor - multiple XSS, arbitrary code execution InterN0T Advisories
Re: is my ISP lying or stupid? Valdis . Kletnieks
Re: [Security-news] SA-CONTRIB-2012-040 - CKEditor and FCKeditor - multiple XSS, arbitrary code execution Greg Knaddison

Saturday, 17 March

Re: is my ISP lying or stupid? Nick FitzGerald
Re: is my ISP lying or stupid? gold flake
Re: Oracle Exadata Infiniband Switch default logins and world readable shadow file larry Cashdollar
Re: is my ISP lying or stupid? Peter Maxwell
[ MDVSA-2012:031 ] firefox security
Re: is my ISP lying or stupid? Thor (Hammer of God)

Sunday, 18 March

Re: Earth to Facebook crazy frog crazy frog
Apache Tomcat Remote Exploit (PUT request) and Account Scanner HI-TECH .
PenTest Market - All about pentesting business Krzysztof Marczyk
Re: ms12-020 PoC Julius Kivimäki
Re: ms12-020 PoC Nahuel Grisolía
Re: ms12-020 PoC Thomas Richards
Re: ms12-020 PoC Chris L
Re: ms12-020 PoC Nahuel Grisolía
Re: is my ISP lying or stupid? Dave
Re: ms12-020 PoC Adrián
Re: ms12-020 PoC Shawn
ms12-020 new poc yuri goncalves soares
c0c0n 2012 - Call For Papers and Call For Workshops Yashartha Chaturvedi
Re: is my ISP lying or stupid? Peter Maxwell
Re: Earth to Facebook Ferenc Kovacs
Re: Fw: Earth to Facebook upsploit advisories
Re: ms12-020 new poc Mario Vilas
Re: is my ISP lying or stupid? Valdis . Kletnieks
Re: Earth to Facebook Jeffrey Walton
Re: is my ISP lying or stupid? James Condron
Re: ms12-020 PoC Thor (Hammer of God)
Re: ms12-020 PoC Thor (Hammer of God)
Re: ms12-020 PoC James Condron
Re: ms12-020 new poc BGA
Re: ms12-020 PoC Thor (Hammer of God)
Android wipe unreliable Jan Schejbal
Re: is my ISP lying or stupid? Lee
Re: Earth to Facebook Zach C.
Re: Fw: Earth to Facebook Michal Zalewski
Re: Fw: Earth to Facebook upsploit advisories
Re: Fw: Earth to Facebook Thor (Hammer of God)
Re: Fw: Earth to Facebook upsploit advisories
Re: ms12-020 PoC Nahuel Grisolia

Monday, 19 March

Re: Android wipe unreliable Jeffrey Walton
Re: Android wipe unreliable Robert Kim App and Facebook Marketing
DC4420 - London DEFCON - March Meet - Tuesday 20th March 2012 Major Malfunction
LiteSpeed <= 4.1.11 Admin panel XSS pathric due
Re: Fw: Earth to Facebook Michal Zalewski
Re: The Mystery of the Duqu Framework Sanguinarious Rose

Tuesday, 20 March

Re: The Mystery of the Duqu Framework Mario Vilas
Re: The Mystery of the Duqu Framework Valdis . Kletnieks
Re: The Mystery of the Duqu Framework Andrew King
[SECURITY] [DSA 2436-1] libapache2-mod-fcgid security update Thijs Kinkhorst
[SECURITY] [DSA 2434-1] nginx security update Luciano Bello
CVE-2012-1201 Testtrack for Linux Racecondition Simon .
[SECURITY] [DSA 2435-1] gnash security update Gabriele Giacone
Android FTPServer 1.9.0 Remote DoS Thomas Richards
FreePBX remote command execution, xss Martin Tschirsich
Penetration testing business Krzysztof Marczyk
[ MDVSA-2012:032 ] mozilla security
CA20120320-01: Security Notice for CA ARCserve Backup Kotas, Kevin J

Wednesday, 21 March

Mu Dynamics, Inc. Security Advisories MU-201202-01 and MU-201202-02 for GnuTLS and Libtasn1 Security
Re: is my ISP lying or stupid? _
Shakacon 2012 - CFP Deadline Approaching Shakacon
[ MDVSA-2012:033 ] libpng security
Seeker Advisory: Insecure Redirect in .NET Form Authentication - Redirect From Login Mechanism (ReturnURL Parameter) Irene Abezgauz
DarkComet - syrian revolution trojan analysis and author interview Adam Behnke
Re: is my ISP lying or stupid? Giles Coochey
Re: is my ISP lying or stupid? Thor (Hammer of God)
[Security-news] SA-CONTRIB-2012-042 - Wishlist Cross Site Scripting (XSS) security-news
[SECURITY] [DSA 2437-1] icedove security update Moritz Muehlenhoff

Thursday, 22 March

atheme.org Security Advisory ASA-2012-03-01: Improper cleanup of CertFP entries may result in undefined behaviour William Pitcock
Minify and related plugins DOM-Based XSS Vulnerability Ayoub Aboukir
[CVE-2012-0047] Apache Wicket XSS vulnerability via pageMapName request parameter Martin Grigorov
[CVE-2012-1089] Apache Wicket serving of hidden files vulnerability Martin Grigorov
CVE-2012-0037: OpenOffice.org data leakage vulnerability Rob Weir
[SECURITY] [DSA 2438-1] raptor security update Moritz Muehlenhoff
CarolinaCon-8 (May 2012): General Announcement - Chosen Presenters and Topics - Side Event List Vic Vandal
[SECURITY] [DSA 2439-1] libpng security update Moritz Muehlenhoff

Friday, 23 March

[ MDVSA-2012:034 ] libzip security
[ MDVSA-2012:035 ] file security
'PHP Grade Book' Unauthenticated SQL Database Export (CVE-2012-1670) Mark Stanislav
'phpMoneyBooks' Local File Inclusion (CVE-2012-1669) Mark Stanislav
[ANNOUNCE] Apache Traffic Server releases for security incident CVE-2012-0256 Leif Hedstrom
Re: is my ISP lying or stupid? Alex Buie
Apple IOS security issue pre-advisory record john doe
Re: Apple IOS security issue pre-advisory record adam
[ MDVSA-2012:036 ] libsoup security
[ MDVSA-2012:037 ] cyrus-imapd security
Re: Apple IOS security issue pre-advisory record john doe
Re: Apple IOS security issue pre-advisory record Gary Baribault
Re: Apple IOS security issue pre-advisory record adam
Re: Apple IOS security issue pre-advisory record Dave
Re: Apple IOS security issue pre-advisory record Michal Zalewski

Saturday, 24 March

Re: Apple IOS security issue pre-advisory record Valdis . Kletnieks
Re: Apple IOS security issue pre-advisory record Dave
Re: Apple IOS security issue pre-advisory record Dave
Re: Apple IOS security issue pre-advisory record rackow
Permanent XSS on the nuit du hack webmail service klondike
Re: Oracle based personal data dumping attack on the nuit du hack CTF klondike
Re: Apple IOS security issue pre-advisory record Valdis . Kletnieks
Re: Apple IOS security issue pre-advisory record Dave
Re: Apple IOS security issue pre-advisory record john doe
Re: Apple IOS security issue pre-advisory record Valdis . Kletnieks
CVE-2012-0037: libraptor - XXE in RDF/XML File Interpretation (Multiple office products affected) VSR Advisories
Re: Apple IOS security issue pre-advisory record Dave
[SECURITY] [DSA 2440-1] libtasn1-3 security update Florian Weimer

Sunday, 25 March

Shopping For Zero-Days: A Price List For Hackers' Secret Software Exploits Jeffrey Walton
[SECURITY] [DSA 2441-1] gnutls26 security update Florian Weimer
Brute Force vulnerability in WordPress MustLive
Re: Brute Force vulnerability in WordPress InterN0T Advisories
Re: Brute Force vulnerability in WordPress Christopher Truncer

Monday, 26 March

Re: Brute Force vulnerability in WordPress Zach C.
Re: Brute Force vulnerability in WordPress Thor (Hammer of God)
PcwRunAs Password Obfuscation Design Flaw otr
Re: Oracle based personal data dumping attack on the nuit du hack CTF Damien Cauquil
Re: Apple IOS security issue pre-advisory record IA64 LOL
Re: Apple IOS security issue pre-advisory record Charlie Derr
vBulletin vBShout Module <= 6.0.5 (vbshout.php?message=) - Reflected Cross-Site Scripting ( XSS ) & HTML Injection d3v1l
Re: Oracle based personal data dumping attack on the nuit du hack CTF majinboo
Re: Apple IOS security issue pre-advisory record Valdis . Kletnieks
The Best of PenTest Maciej Kozuszek
Mexican Drug Cartels and Cyberspace Adam Behnke
Re: Mexican Drug Cartels and Cyberspace Valdis . Kletnieks
Re: Mexican Drug Cartels and Cyberspace metasansana
Re: Mexican Drug Cartels and Cyberspace Dave
Re: Mexican Drug Cartels and Cyberspace Valdis . Kletnieks
Re: Mexican Drug Cartels and Cyberspace Thor (Hammer of God)
[ MDVSA-2012:038 ] openssl security
Re: Apple IOS security issue pre-advisory record fulldisclosure
Re: Apple IOS security issue pre-advisory record Thor (Hammer of God)
Re: Apple IOS security issue pre-advisory record Aaron Toponce
Re: Apple IOS security issue pre-advisory record coderman
[SECURITY] [DSA 2442-1] openarena security update Florian Weimer
Congress Capitulates To TSA; Refuses To Let Bruce Schneier Testify Ivan .Heca

Tuesday, 27 March

[PRE-SA-2012-02] Incorrect loop construct and numeric overflow in libzip Timo Warns
FreePBX <= 2.8.0 Recordings Interface Allows Remote Code Execution foo net
[SECURITY] [DSA 2443-1] linux-2.6 security update dann frazier
Please do not take down the Sality botnet lawabidingcitizen
[ MDVSA-2012:039 ] libtasn1 security
WordPress plugin 'WordPress Integrator 1.32' XSS vulnerability Stefan Schurtz
Re: WordPress plugin 'WordPress Integrator 1.32' XSS vulnerability Christian Sciberras
Re: Full-Disclosure SALTY Fatherlaptop
[ MDVSA-2012:040 ] gnutls security
Re: Oracle based personal data dumping attack on the nuit du hack CTF klondike
[ MDVSA-2012:041 ] expat security
Re: CVE-2012-0037: libraptor - XXE in RDF/XML File Interpretation (Multiple office products affected) VSR Advisories

Wednesday, 28 March

SEC Consult SA-20120328-0 :: F5 FirePass SSL VPN unauthenticated remote root through SQL injection - CVE-2012-1777 SEC Consult Vulnerability Lab
SEC Consult SA-20120328-1 :: Microsoft ASP.NET Forms Authentication Bypass - follow-up advisory - CVE-2011-3416 SEC Consult Vulnerability Lab
Re: PcwRunAs Password Obfuscation Design Flaw b
Re: CVE-2012-0037: libraptor - XXE in RDF/XML File Interpretation (Multiple office products affected) Solar Designer
Re: Please do not take down the Sality botnet Jason Hellenthal
[ MDVSA-2012:042 ] wireshark security
Re: PcwRunAs Password Obfuscation Design Flaw Thor (Hammer of God)
Re: PcwRunAs Password Obfuscation Design Flaw Jeffrey Walton
Local File Inclusion Vulnerability in TomatoCart Netsparker Advisories
Cisco Security Advisory: Cisco IOS Software Command Authorization Bypass Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco IOS Software RSVP Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco IOS Software Smart Install Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco IOS Software Reverse SSH Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco IOS Software Zone-Based Firewall Vulnerabilities Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco IOS Internet Key Exchange Vulnerability Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Multiple Vulnerabilities in Cisco IOS Software Traffic Optimization Features Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco IOS Software Network Address Translation Vulnerability Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco IOS Software Multicast Source Discovery Protocol Vulnerability Cisco Systems Product Security Incident Response Team
Re: PcwRunAs Password Obfuscation Design Flaw Valdis . Kletnieks
XSS and BF vulnerabilities in WordPress MustLive
[Security-news] SA-CONTRIB-2012-043 - MultiBlock - Cross Site Scripting security-news
[Security-news] SA-CONTRIB-2012-044 - Contact Forms - Cross Site Scripting security-news
[Security-news] SA-CONTRIB-2012-045 - AddToAny - Cross Site Scripting security-news
[Security-news] SA-CONTRIB-2012-047 - Ubercart Views - Information disclosure security-news
[Security-news] SA-CONTRIB-2012-046 - Bundle Copy - Arbitrary Code execution security-news
[Security-news] SA-CONTRIB-2012-048 - Contact Save - Cross Site Scripting security-news
[Security-news] SA-CONTRIB-2012-049 - ShareThis - Multiple Vulnerablies security-news
Re: Brute Force vulnerability in WordPress MustLive
[Security-news] SA-CONTRIB-2012-050 - CDN2 Video - Unsupported security-news
[Security-news] SA-CONTRIB-2012-053 - Organic Groups - Access Bypass security-news
[Security-news] SA-CONTRIB-2012-054 - Chaos tool suite - Cross Site Scripting (XSS) security-news
[Security-news] SA-CONTRIB-2012-051 - Activity - Multiple Vulnerablities security-news
[Security-news] SA-CONTRIB-2012-052 - Node Limit Number - Cross Site Request Forgery security-news
[Security-news] SA-CONTRIB-2012-055 - Fusion theme - Cross Site Scripting (XSS) security-news
Re: Brute Force vulnerability in WordPress Christian Sciberras
Re: [Security-news] SA-CONTRIB-2012-051 - Activity - Multiple Vulnerablities Justin C. Klein Keane
[Spanish-Offtopic] - Desarrollo de Exploits runlvl

Thursday, 29 March

[SECURITY] [DSA 2444-1] tryton-server security update Florian Weimer
Re: [Full-disclosure] Please do not take down the Sality botnet Borys Madry
B2Evolution CMS 4.1.3 - Multiple Web Vulnerabilities Research
Barracuda Cloud CC v3.04.015 - Multiple Web Vulnerabilities Research
Skype 5.8x 5.5x - Corruption & Persistent Vulnerability Research
Apple Website Service - SQL Injection Vulnerabilities Research
OWASP AppSec Research EU CFP/CFT OWASP AppSec EU
Re: PcwRunAs Password Obfuscation Design Flaw b
Re: PcwRunAs Password Obfuscation Design Flaw Christian Sciberras
Re: PcwRunAs Password Obfuscation Design Flaw 夜神 岩男
[ MDVSA-2012:043 ] nginx security
[ MDVSA-2012:044 ] cvs security
Cross-site scripting vulnerability in Invision Power Board version 3.2.3 Netsparker Advisories
Multiple PTK DFlabs failures to restrict access to sensitive data SecBugs
Re: [Security-news] SA-CONTRIB-2012-051 - Activity - Multiple Vulnerablities Greg Knaddison
New XSS vulnerabilities in Register Plus Redux for WordPress MustLive

Friday, 30 March

VMSA-2012-0006 VMware ESXi and ESX address several security issues VMware Security Team
Bitsmith PS Knowbase 3.2.3 - Buffer Overflow Vulnerability Research
[ MDVSA-2012:045 ] gnutls security
PHP 5.4/5.3 deprecated eregi() memory_limit bypass Maksymilian Arciemowicz

Saturday, 31 March

Landshop v0.9.2 - Multiple Web Vulnerabilities Research
[SECURITY] [DSA 2445-1] typo3-src security update Florian Weimer
[SECURITY] [DSA 2442-2] openarena regression Florian Weimer
[SECURITY] [DSA 2398-2] curl regression Florian Weimer
Compromised VPN provider out there? T
IPv6 stable privacy addresses Fernando Gont
Re: Android wipe unreliable Jeffrey Walton

Sunday, 01 April

Hackito 2012 Crypto Challenge Jonathan Brossard
iis bug yuange
Previous period Next period
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]