Home page logo
/

277 messages starting Oct 01 12 and ending Oct 31 12
Date index | Thread index | Author index

Monday, 01 October

BF, XSS, CSRF and Redirector vulnerabilities in IBM Lotus Notes Traveler MustLive
[ MDVSA-2012:154-1 ] apache security
CarolinaCon-9 - March 2013 - Call for Presenters/Speakers/Papers/Demos Vic Vandal
CA20121001-01: Security Notice for CA License Williams, James K

Tuesday, 02 October

Reminder: ClubHack2012 Call for Papers Closing Soon Abhijeet Patil
PrezziPazzi.com vulnerable to XSS tig3rhack
[ MDVSA-2012:152-1 ] bind security
[ MDVSA-2012:156 ] inn security
GTA UTM Firewall GB 6.0.3 - Multiple Web Vulnerabilities Vulnerability Lab
Switchvox Asterisk v5.1.2 - Multiple Web Vulnerabilities Vulnerability Lab
OPlayer v2.0.05 iOS - Multiple Web Vulnerabilities Vulnerability Lab
[HTTPCS] Handshakes Professional 'frm_id' Remote SQL Injection Vulnerability HTTPCS
Google Talk s2s SSL configuration Tim Brown
Switchvox Asterisk v5.1.2 - Multiple Web Vulnerabilities Vulnerability Lab
Google Maps pseudonym disclosure vulnerability via Google Places reviews Sai
Paypal BugBounty #9 - Persistent Web Vulnerabilities Vulnerability Lab
Paypal BugBounty #9 - Persistent Web Vulnerabilities [FULL] Vulnerability Lab
Cookie stealing and XSS vulnerable in Zenphoto version 1.4.3.2 Scott Herbert
Re: Paypal BugBounty #9 - Persistent Web Vulnerabilities Benji
[ MDVSA-2012:155-1 ] xinetd security
Re: Cookie stealing and XSS vulnerable in Zenphoto version 1.4.3.2 Benji
XSS Vulnerabilities in phpFreeChat Netsparker Advisories
[ MDVSA-2012:153-1 ] dhcp security
Re: Cookie stealing and XSS vulnerable in Zenphoto version 1.4.3.2 Scott Herbert

Wednesday, 03 October

[ MDVSA-2012:157 ] openjpeg security
Novell Sentinel Log Manager <= 1.2.0.2 retention policy vulnerability Piotr Chmylkowski
Paypal BugBounty #9 - Persistent Web Vulnerabilities [FULL DETAILS] Vulnerability Lab
Omnistar Mailer v7.2 - Multiple Web Vulnerabilities Vulnerability Lab
winAUTOPWN v3.2 Released QUAKER DOOMER
[ MDVSA-2012:158 ] gc security
[waraxe-2012-SA#091] - Multiple Vulnerabilities in phpMyBitTorrent 2.04 Janek Vind
[ MDVSA-2012:159 ] freeradius security
[Security-news] SA-CONTRIB-2012-149 - Hostip - Cross Site Scripting (XSS) security-news
[Security-news] SA-CONTRIB-2012-150 - Twitter Pull - Cross Site Scripting (XSS) security-news
[Security-news] SA-CONTRIB-2012-151 - Commerce Extra Panes - Cross Site Request Forgery security-news
ANNOUNCE: RFIDIOt v1.0d released and code migration Adam Laurie

Thursday, 04 October

XnView JLS File Decompression Heap Overflow Joseph Sheridan
Vulnerable MSVC++ 2008 runtime libraries distributed with and installed by Ogg DirectShow filters Stefan Kanthak

Friday, 05 October

Team SHATTER Security Advisory: JAR file overwrite vulnerability via SQLJ.DB2_INSTALL_JAR system stored Shatter
Team SHATTER Security Advisory: XML file disclosure vulnerability via GET_WRAP_CFG_C and GET_WRAP_CFG_C2 Shatter
Team SHATTER Security Advisory: Multiple SQL Injection in Oracle Enterprise Manager (SQL Tunning Sets components) Shatter
Team SHATTER Security Advisory: Elevated roles through DBCC Shatter
Team SHATTER Security Advisory: Java Operating System command execution Shatter
VMSA-2012-0014 VMware vCenter Operations, CapacityIQ, and Movie Decoder security updates VMware Security Team
Your account could be at risk of state-sponsored attacks Aftermath
[ MDVSA-2012:151-1 ] ghostscript security
[ MDVSA-2012:150-1 ] java-1.6.0-openjdk security
[ MDVSA-2012:160 ] imagemagick security
[SECURITY] [DSA 2555-1] libxslt security update Moritz Muehlenhoff
Re: Your account could be at risk of state-sponsored attacks Nick Boyce
Re: Your account could be at risk of state-sponsored attacks Peter Dawson

Saturday, 06 October

-== MySQL Brute Force Account Scanner ==- king cope
[ MDVSA-2012:161 ] html2ps security
utempter allows fake host setting paul . szabo

Sunday, 07 October

Re: Your account could be at risk of state-sponsored attacks Aftermath
rubilyn-0.0.1.tar.gz - Mac OS X rootkit Levent Kayan
Multiple vulnerabilities in Megapolis.Portal Manager MustLive

Monday, 08 October

JSON-RPC Cross-Site Request Forgery little exploitation trick DefenseCode
[SECURITY] [DSA 2556-1] icedove security update Nico Golde
[SECURITY] [DSA 2557-1] hostapd security update Nico Golde
[PRE-SA-2012-07] hostapd: Missing EAP-TLS message length validation Timo Warns
Re: Cookie stealing and XSS vulnerable in Zenphoto version 1.4.3.2 Henri Salo
Endpoint Protector v4.0.4.0 - Multiple Web Vulnerabilities Vulnerability Lab
Paypal BugBounty #5 - Persistent Web Vulnerability Vulnerability Lab
Interspire Email Marketer v6.0.1 - Multiple Vulnerabilites Vulnerability Lab
GTA UTM Firewall GB 6.0.3 - Multiple Web Vulnerabilities Vulnerability Lab
[SECURITY] [DSA 2558-1] bacula security update Raphael Geissert
Re: Cookie stealing and XSS vulnerable in Zenphoto version 1.4.3.2 Scott Herbert

Tuesday, 09 October

Multiple 0-days in Dark Comet RAT Hertz, Jesse

Wednesday, 10 October

Re: Multiple 0-days in Dark Comet RAT Philip Whitehouse
Re: Cookie stealing and XSS vulnerable in Zenphoto version 1.4.3.2 Malte Müller
[ MDVSA-2012:162 ] bind security
Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Firewall Services Module Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Multiple Vulnerabilities in the Cisco WebEx Recording Format Player Cisco Systems Product Security Incident Response Team
List Charter John Cartwright
[Security-news] SA-CONTRIB-2012-152 - Feeds - Access bypass security-news
[Security-news] SA-CONTRIB-2012-153 - Mandrill - Information Disclosure security-news
[Security-news] SA-CONTRIB-2012-154 - Basic webmail - Multiple vulnerabilities security-news
[Security-news] SA-CONTRIB-2012-155 - ShareThis - Cross Site Scripting (XSS) security-news
binfmt_script kernel stack data disclosure during exec halfdog
Re: Multiple 0-days in Dark Comet RAT Thor (Hammer of God)
FileBound - Privilege Escalation Vulnerability - Security Advisory - SOS-12-010 Lists

Thursday, 11 October

Last reminder for ClubHack 2012 : Call for Papers Abhijeet Patil
thc-ipv6 v2.0 Marc Heuse
Omnistar Document Manager v8.0 - Multiple Vulnerabilities Vulnerability Lab
vOlk Botnet Framework v4.0 - Multiple Web Vulnerabilities Vulnerability Lab
Re: Multiple 0-days in Dark Comet RAT Pascal Ernster
[ MDVSA-2012:163 ] firefox security
Re: Multiple 0-days in Dark Comet RAT Valdis . Kletnieks
[ MDVSA-2012:164 ] libxslt security
Re: Multiple 0-days in Dark Comet RAT Gage Bystrom
Re: Multiple 0-days in Dark Comet RAT Julius Kivimäki
Re: Cookie stealing and XSS vulnerable in Zenphoto version 1.4.3.2 Henri Salo
[CORE-2012-0613] - Cisco WebEx .wrf Memory Corruption Vulnerability Core Security Advisories Team
Wordpress plugin abtest vulnerable to a directory traversal attack Scott Herbert

Friday, 12 October

[ MDVSA-2012:165 ] graphicsmagick security
[ MDVSA-2012:166 ] bacula security

Saturday, 13 October

[ MDVSA-2012:167 ] firefox security

Sunday, 14 October

P1 WiMAX modems port 80 open with default login Nursyafiq Mohamad
Re: Multiple 0-days in Dark Comet RAT Hertz, Jesse

Monday, 15 October

Is it OK to hold credit card numbers in cookies? Santander? auto62098873
SilverStripe CMS 2.4.7 <= Arbitrary URL Redirection YGN Ethical Hacker Group
SilverStripe CMS 2.4.7 <= Persistent Cross Site Scripting Vulnerability YGN Ethical Hacker Group
Re: Multiple 0-days in Dark Comet RAT Valdis . Kletnieks
Re: Is it OK to hold credit card numbers in cookies? Santander? klondike
Re: Is it OK to hold credit card numbers in cookies? Santander? Rainer Duffner
Visual Tools DVR multiple vulnerabilities Andrea Fabrizi

Tuesday, 16 October

Critical issues affecting Steam users ReVuln
Re: Is it OK to hold credit card numbers in cookies? Santander? Alexander Georgiev
Re: Is it OK to hold credit card numbers in cookies? Santander? Christian Sciberras
Re: Is_it_OK_to_hold_credit_card_numbers_ in_cookies?_Santander? Christian Rost
Last minute CFP: FSCONS (G öteborg, Sweden) Security related topics track klondike

Wednesday, 17 October

SEC Consult SA-20121017-0 :: ModSecurity multipart/invalid part ruleset bypass SEC Consult Vulnerability Lab
SEC Consult SA-20121017-1 :: Unirgy uStoreLocator SQL Injection - Magento extension SEC Consult Vulnerability Lab
[IMF 2013] 3rd Call for Papers: Deadline Extended Oliver Goebel
SEC Consult SA-20121017-2 :: Multiple vulnerabilities in Oracle WebCenter Sites (former FatWire Content Server) SEC Consult Vulnerability Lab
[waraxe-2012-SA#092] - Multiple Vulnerabilities in Wordpress Slideshow Plugin Janek Vind
Re: Multiple 0-days in Dark Comet RAT Hertz, Jesse
Credentials leaks in Legrand-003598 / Bticino-F454 SCS Web Gateway sxpert
[waraxe-2012-SA#093] - Multiple Vulnerabilities in Wordpress Social Discussions Plugin Janek Vind
[Security-news] SA-CONTRIB-2012-156 - Search API - Cross Site Request Forgery (CSRF) security-news
[Security-news] SA-CORE-2012-003 - Drupal core - Arbitrary PHP code execution and Information disclosure security-news

Thursday, 18 October

RealPlayer suffers from Arbitrary Code Execution kaveh ghaemmaghami
[SECURITY] [DSA 2559-1] libexif security update Yves-Alexis Perez
Re: [Full-disclosure] [Security-news] SA-CORE-2012-003 - Drupal core - Arbitrary PHP code execution and Inf ormation disclosure Dex
CA20121018-01: Security Notice for CA ARCserve Backup Kotas, Kevin J
Before We Knew It Jeffrey Walton
Re: Multiple 0-days in Dark Comet RAT scriptjunkie
Re: Multiple 0-days in Dark Comet RAT kaveh ghaemmaghami

Friday, 19 October

Re: Multiple 0-days in Dark Comet RAT Valdis . Kletnieks
favicon debug
CMSQLITE v1.3.2 - Multiple Web Vulnerabiltiies Vulnerability Lab
XSS Vulnerabilities in TaskFreak Netsparker Advisories
XSS Vulnerabilities in CMSMini Netsparker Advisories
XSS Vulnerabilities in ClipBucket Netsparker Advisories
XSS and SQL Injection Vulnerabilities in DotProject Netsparker Advisories
[HTTPCS] 52 Vulnerabilities in Dolibarr HTTPCS
Re: favicon Milan Berger
XSS and IAA vulnerabilities in Wordfence Security for WordPress MustLive

Saturday, 20 October

nullcon Goa 2013 Final Call For Papers/Events and First Round of Speakers nullcon
[SECURITY] [DSA 2560-1] bind9 security update Florian Weimer
Adobe reader 10.1.4 memory corruption kaveh ghaemmaghami

Sunday, 21 October

Re: vOlk Botnet Framework v4.0 - Multiple Web Vulnerabilities ZeroDay.JP
Re: vOlk Botnet Framework v4.0 - Multiple Web Vulnerabilities Benji
Re: XSS and IAA vulnerabilities in Wordfence Security for WordPress Philip Whitehouse
Re: XSS and IAA vulnerabilities in Wordfence Security for WordPress Mark Maunder
Re: Google Maps pseudonym disclosure vulnerability via Google Places reviews Sai
F5 FirePass SSL VPN 4xxx Series | Arbitrary URL Redirection YGN Ethical Hacker Group
Re: vOlk Botnet Framework v4.0 - Multiple Web Vulnerabilities アドリアンヘンドリック
[SECURITY] [DSA 2561-1] tiff security update Moritz Muehlenhoff
Re: F5 FirePass SSL VPN 4xxx Series | Arbitrary URL Redirection Gary Driggs

Monday, 22 October

[ MDVSA-2012:168 ] hostapd security
DC4420 - London DEFCON - October meet - tomorrow, Tuesday 23rd October. alien DC4420
how to steal openssh private key nothacking
[SE-2012-01] Challenging Oracle (in a different way) Security Explorations
[ANNOUNCE] Apache OFBiz 10.04.03 released Jacopo Cappellato
Content Spoofing and Cross-Site Scripting vulnerabilities in Bitrix Site Manager MustLive
Re: how to steal openssh private key Nate Theis

Tuesday, 23 October

Google Numbers Search Marshall Whittaker
stealing ssh keys Daniel Sichel
HP/H3C and Huawei SNMP Weak Access to Critical Data Kurt Grutzmacher
[SECURITY] [DSA 2565-1] iceweasel security update Florian Weimer

Wednesday, 24 October

SEC Consult Vulnerability Lab Study - "Application Security of Core Banking Systems - A first reality check" SEC Consult Vulnerability Lab
[SECURITY] [DSA 2562-1] cups-pk-helper security update Thijs Kinkhorst
[SECURITY] [DSA 2563-1] viewvc security update Thijs Kinkhorst
[SECURITY] [DSA 2564-1] tinyproxy security update Thijs Kinkhorst
Re: XSS and IAA vulnerabilities in Wordfence Security for WordPress Troy Rose
Grandstream GXP1405 Executive IP Phone Persistent XSS Are You Likeme Now
Re: Google Numbers Search boardnerd
Microsoft Office Word 2010 Stack Overflow kaveh ghaemmaghami
Re: Microsoft Office Word 2010 Stack Overflow Mario Vilas
Re: SEC Consult Vulnerability Lab Study - "Application Security of Core Banking Systems - A first reality check" Jeffrey Walton
Re: stealing ssh keys Jacqui Caren
[Security-news] SA-CONTRIB-2012-157 - Time Spent - Multiple Vulnerabilities - (unsupported) security-news
[Security-news] SA-CONTRIB-2012-158 - MailChimp - Cross Site Scripting (XSS) security-news
Re: stealing ssh keys Thor (Hammer of God)

Thursday, 25 October

Re: stealing ssh keys Raj Mathur (राज माथुर)
Microsoft Office Picture Manager 2010 memory corruption kaveh ghaemmaghami

Friday, 26 October

Aladdin Knowledge System Ltd. PrivAgent ActiveX Control 2.0 Multiple Remote Vulnerabilities Carlo Di Dato
Re: how to steal openssh private key Valdis . Kletnieks
[waraxe-2012-SA#094] - Multiple Vulnerabilities in Wordpress GRAND Flash Album Gallery Plugin Janek Vind
Gramophone v0.01b1 'rs' XSS Thomas Richards
Allscripts Homecare Client Local Memory Corruption table_info.ff2 Thomas Richards
Inventory 1.0 Multiple SQL Vulnerabilities Thomas Richards
Inventory 1.0 Multiple XSS Vulnerabilities Thomas Richards
Layton Helpbox 4.4.0 Multiple Security Issues Joseph Sheridan
Medium severity flaw with Perl 5 Tim Brown
[SECURITY] [DSA 2566-1] exim4 security update Nico Golde
Realplayer Watchfolders Long Filepath Overflow Joseph Sheridan
RANDOM NUMBER SECURITY IN PYTHON pr
LiveChatInc.com breached warning
Re: stealing ssh keys Ivaylo Hubanov
Re: stealing ssh keys Thor (Hammer of God)
[SECURITY] [DSA 2567-1] request-tracker3.8 security update Florian Weimer
[SECURITY] [DSA 2568-1] rtfm security update Florian Weimer
Re: stealing ssh keys Jeffrey Walton
Re: XSS and IAA vulnerabilities in Wordfence Security for WordPress MustLive

Saturday, 27 October

Re: stealing ssh keys Raj Mathur (राज माथुर)
Microsoft Windows Help program (WinHlp32.exe) memory corruption kaveh ghaemmaghami
Microsoft Paint 5.1 memory corruption kaveh ghaemmaghami
Re: Microsoft Windows Help program (WinHlp32.exe) memory corruption Mario Vilas
Re: Microsoft Windows Help program (WinHlp32.exe) memory corruption kaveh ghaemmaghami
Re: Microsoft Windows Help program (WinHlp32.exe) memory corruption adam
Re: Microsoft Office Word 2010 Stack Overflow kaveh ghaemmaghami
Re: Microsoft Windows Help program (WinHlp32.exe) memory corruption Benji
Re: Microsoft Windows Help program (WinHlp32.exe) memory corruption Gynvael Coldwind
Re: Microsoft Windows Help program (WinHlp32.exe) memory corruption Peter Ferrie
Re: Microsoft Office Word 2010 Stack Overflow Peter Ferrie
Re: Microsoft Windows Help program (WinHlp32.exe) memory corruption kaveh ghaemmaghami
Re: Microsoft Office Word 2010 Stack Overflow kaveh ghaemmaghami
Microsoft Office Publisher 2010 memory corruption kaveh ghaemmaghami

Sunday, 28 October

Cross-Site Scripting vulnerability in CorePlayer MustLive

Monday, 29 October

Re: Microsoft Office Publisher 2010 memory corruption Peter Ferrie
Microsoft Office Excel 2010 memory corruption kaveh ghaemmaghami
Re: Microsoft Office Excel 2010 memory corruption kaveh ghaemmaghami
Re: Microsoft Office Excel 2010 memory corruption Benji
Re: stealing ssh keys gold flake
Re: stealing ssh keys Jeffrey Walton
Re: Microsoft Windows Help program (WinHlp32.exe) memory corruption Richard Miles
Re: Microsoft Office Publisher 2010 memory corruption Yuhong Bao
IE8 xss filter breaked WooYun
=| Security Advisory - TP-LINK TL-WR841N LFI |= Matan Azugi
Re: Microsoft Office Excel 2010 memory corruption Yuhong Bao
Re: Microsoft Office Excel 2010 memory corruption Yuhong Bao
Re: Microsoft Office Excel 2010 memory corruption Yuhong Bao
Re: Microsoft Office Excel 2010 memory corruption Julius Kivimäki
Positive Hack Days III — Cal l For Papers Has Started PHD
Call for Papers: DIMVA 2013 Collin Mulliner
Re: Microsoft Paint 5.1 memory corruption Yuhong Bao
Re: Microsoft Paint 5.1 memory corruption kaveh ghaemmaghami
Re: Microsoft Office Excel 2010 memory corruption Peter Ferrie
Re: Microsoft Office Excel 2010 memory corruption Jeffrey Walton
Re: Microsoft Office Excel 2010 memory corruption kaveh ghaemmaghami
Re: Microsoft Office Excel 2010 memory corruption kaveh ghaemmaghami
Re: Microsoft Office Excel 2010 memory corruption Antony widmal
Re: Microsoft Paint 5.1 memory corruption Antony widmal
Re: Microsoft Office Excel 2010 memory corruption Thor (Hammer of God)
Re: Microsoft Office Excel 2010 memory corruption kaveh ghaemmaghami
Re: Microsoft Office Excel 2010 memory corruption Julius Kivimäki
Re: Microsoft Office Excel 2010 memory corruption kaveh ghaemmaghami
[SECURITY] [DSA 2569-1] icedove security update Florian Weimer
Re: Microsoft Office Excel 2010 memory corruption Peter Ferrie
Re: Microsoft Office Excel 2010 memory corruption Jeffrey Walton

Tuesday, 30 October

Re: Microsoft Paint 5.1 memory corruption kaveh ghaemmaghami
Re: Microsoft Paint 5.1 memory corruption Antony widmal
RealPlayer 15.0.6.14(.3g2) WriteAV Vulnerability kaveh ghaemmaghami
Cybsec Advisory#2012-1029 Multiple Persistent XSS in Endpoint Protector]] advisories
Context IS Advisory - Citrix XenServer Hypervisor Privilege Escalation Context IS - Disclosure
Re: Microsoft Office Excel 2010 memory corruption Kelvin White
Re: Microsoft Office Excel 2010 memory corruption Richard Miles
Re: Microsoft Office Excel 2010 memory corruption Michael Simpson
Re: Microsoft Windows Help program (WinHlp32.exe) memory corruption Richard Miles
Hack In Paris CFP 2013 sihame
Re: Microsoft Office Excel 2010 memory corruption Michael Simpson
[waraxe-2012-SA#095] - Multiple Vulnerabilities in Wordpress FoxyPress Plugin Janek Vind
Re: RealPlayer 15.0.6.14(.3g2) WriteAV Vulnerability Antony widmal
Re: Full-Disclosure Digest, Vol 92, Issue 34 - 1. Microsoft Windows Help program (WinHlp32.exe) memory Mikhail A. Utin
Re: Full-Disclosure Digest, Vol 92, Issue 34 - 1. Microsoft Windows Help program (WinHlp32.exe) memory Peter Dawson
Re: Full-Disclosure Digest, Vol 92, Issue 34 - 1. Microsoft Windows Help program (WinHlp32.exe) memory Mario Vilas
Re: Microsoft Windows Help program (WinHlp32.exe) memory corruption Peter Ferrie
Re: Microsoft Paint 5.1 memory corruption Peter Ferrie
Re: RealPlayer 15.0.6.14(.3g2) WriteAV Vulnerability kaveh ghaemmaghami
Re: Microsoft Paint 5.1 memory corruption kaveh ghaemmaghami
Cybsec Advisory#2012-1029 Multiple Persistent XSS in Endpoint Protector]]]]]] CYBSEC Labs

Wednesday, 31 October

Medium risk security flaws in Konqueror Tim Brown
VaM Shop v1.69 - Multiple Web Vulnerabilities Vulnerability Lab
PG Dating Pro v1.0 CMS - Multiple Web Vulnerabilities Vulnerability Lab
NetCat CMS v5.0.1 - Multiple Web Vulnerabilities Vulnerability Lab
[BUGTRAQ]Security Advisory - TP-LINK TL-WR841N LFI - [UPDATE] Matan Azugi
Virtual PC 2007 BUG Walied Assar
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified MeetingPlace Web Conferencing Cisco Systems Product Security Incident Response Team
[OT] How much a million facebook passwords would cost? Georgi Guninski
Cisco Security Advisory: Cisco Prime Data Center Network Manager Remote Command Execution Vulnerability Cisco Systems Product Security Incident Response Team
Re: [OT] How much a million facebook passwords would cost? Memory Vandal
[Security-news] SA-CONTRIB-2012-159 - Password policy - Information leakage of hashed passwords security-news
XSS Vulnerabilities in bloofoxCMS Netsparker Advisories
Previous period Next period
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault