Home page logo
/

263 messages starting Apr 01 13 and ending Apr 30 13
Date index | Thread index | Author index

Monday, 01 April

Remote command execution in Ruby Gem ldoce 0.0.2 Larry W. Cashdollar
Network Weathermap 0.97a - Persistent XSS Daniel Ricardo dos Santos
Aspen 0.8 - Directory Traversal Daniel Ricardo dos Santos

Tuesday, 02 April

Advisory: PonyOS Security Issues John Cartwright
Re: Advisory: PonyOS Security Issues coderman

Wednesday, 03 April

SEC Consult SA-20130403-0 :: Multiple vulnerabilities in Sophos Web Protection Appliance SEC Consult Vulnerability Lab
Google AD Sync Tool - Exposure of Sensitive Information Vulnerability Lists
[Security-news] SA-CONTRIB-2013-040 - Commerce Skrill (Formerly Moneybookers) - Access bypass security-news
[Security-news] SA-CONTRIB-2013-041 - Chaos tool suite (ctools) - Access bypass security-news
DoS vulnerability in Adobe Flash Player (BSOD) MustLive

Thursday, 04 April

[SECURITY] [DSA 2654-1] libxslt security update Salvatore Bonaccorso
Hackersh 0.1 Release Announcement Itzik Kotler
Re: DoS vulnerability in Adobe Flash Player (BSOD) Jann Horn
[ MDVSA-2013:018 ] automake security
[ MDVSA-2013:019 ] bash security
[ MDVSA-2013:027-1 ] clamav security
[ MDVSA-2013:015-1 ] apache security
[SECURITY] [DSA 2658-1] postgresql-9.1 security update Giuseppe Iuculano
[ MDVSA-2013:017 ] arpwatch security
[ MDVSA-2013:016 ] apache-mod_security security
[SECURITY] [DSA 2657-1] postgresql-8.4 security update Giuseppe Iuculano
GreHack 2013 - Call For Papers - November 15, Grenoble, France F. Duchene
SEC Consult 20130404-0 :: Multiple Vulnerabilities in Censornet Professional v4 (2.1.7) SEC Consult Vulnerability Lab
[ MDVSA-2013:015-1 ] apache security

Friday, 05 April

[ MDVSA-2013:029 ] apache-mod_security security
[ MDVSA-2013:030 ] arpwatch security
[ MDVSA-2013:031 ] automake security
[ MDVSA-2013:032 ] bash security
[ MDVSA-2013:023-1 ] coreutils security
[ MDVSA-2013:033 ] cronie security
[ MDVSA-2013:034 ] cups security
[ MDVSA-2013:035 ] libexif security
[ MDVSA-2013:036 ] exif security
[ MDVSA-2013:037 ] fetchmail security
[ MDVSA-2013:038 ] freeradius security
[ MDVSA-2013:039 ] freetype2 security
[ MDVSA-2013:001-1 ] gnupg security
[ MDVSA-2013:040 ] gnutls security
[ MDVSA-2013:041 ] html2ps security
[ MDVSA-2013:042 ] krb5 security
[ MDVSA-2013:043 ] libgssglue security
[ MDVSA-2013:044 ] libjpeg security
[ MDVSA-2013:045 ] libssh security
[ MDVSA-2013:046 ] libtiff security
c0c0n 2013 - Call For Papers and Call For Workshops c0c0n International Information Security Conference

Saturday, 06 April

[ MDVSA-2013:055 ] wireshark security
[ MDVSA-2013:048 ] ncpfs security
[ MDVSA-2013:052 ] openssl security
[ MDVSA-2013:049 ] net-snmp security
[ MDVSA-2013:047 ] libxslt security
[ MDVSA-2013:050 ] nss security
[ MDVSA-2013:054 ] sudo security
[ MDVSA-2013:053 ] proftpd security
[ MDVSA-2013:051 ] openssh security
[Slightly OT] "Summerschool at the NSA" - a screenplay where the NSA gets pwned by two Hollywood actresses (100% non-violently ; WiP) Shlomi Fish
[ISecAuditors Security Advisories] Multiple Full Path Disclosure Vulnerabilities in TinyWebGallery <= v1.8.9 ISecAuditors Security Advisories
Last Mile: SECURWARE 2013 || August 25 - 31, 2013 - Barcelona, Spain Cristina Pascual

Sunday, 07 April

Vanilla Forums 2.0.18 / SQL-Injection / Insert arbitrary user & dump usertable Ing. Michael F. Schratt, MSc
Hackito Ergo Sum 2013 – Call For Paper – HES2013 CFP choukoumoun

Monday, 08 April

[ MDVSA-2013:056 ] libxml2 security
SEC Consult 20130408-0 :: Nitro Pro 8 - Insecure Library Loading Allows Remote Code Execution (DLL Hijacking) SEC Consult Vulnerability Lab
[ MDVSA-2013:057 ] xinetd security
APT1: technical backstage rootbsd
[ MDVSA-2013:058 ] bind security
[ MDVSA-2013:059 ] dhcp security
[ MDVSA-2013:060 ] accountsservice security
[ MDVSA-2013:061 ] awstats security
[ MDVSA-2013:062 ] backuppc security
[ MDVSA-2013:063 ] bip security
[ MDVSA-2013:064 ] bogofilter security
[ MDVSA-2013:065 ] boost security
[ MDVSA-2013:066 ] bugzilla security
[ MDVSA-2013:067 ] couchdb security
[ MDVSA-2013:068 ] courier-authlib security
[ MDVSA-2013:069 ] cups-pk-helper security
[ MDVSA-2013:070 ] dbus security
[ MDVSA-2013:071 ] dbus-glib security
[ MDVSA-2013:072 ] dnsmasq security
Poshing the Hashes Nikhil Mittal
GitHub Login Cookie Failure Chris Roussel
[ MDVSA-2013:073 ] dokuwiki security
[ MDVSA-2013:074 ] drupal security
[ MDVSA-2013:075 ] elinks security
Re: GitHub Login Cookie Failure Gregory Boddin
Re: GitHub Login Cookie Failure Jeffrey Walton
Re: GitHub Login Cookie Failure Jann Horn
Re: GitHub Login Cookie Failure Jann Horn
XSS vulnerabilities in ZeroClipboard in multiple plugins for WordPress MustLive
XSS and FPD vulnerabilities in ZeroClipboard in multiple themes for WordPress MustLive
[ MDVSA-2013:076 ] emacs security

Tuesday, 09 April

[ MDVSA-2013:077 ] ettercap security
[ MDVSA-2013:078 ] fail2ban security
[ MDVSA-2013:079 ] ffmpeg security
[ MDVSA-2013:080 ] ganglia security
[ MDVSA-2013:081 ] gegl security
[ MDVSA-2013:082 ] gimp security
[ MDVSA-2013:083 ] glib2.0 security
[ MDVSA-2013:084 ] gnome-keyring security
SVN extractor for Web Application Pentesters Anant Shrivastava
Re: GitHub Login Cookie Failure Chris Roussel
[waraxe-2013-SA#102] - Reflected XSS in phpMyAdmin 3.5.7 Janek Vind
List Charter John Cartwright
[ MDVSA-2013:085 ] groff security
[ MDVSA-2013:086 ] groff security
Remote Command Injection Ruby Gem Karteek Docsplit 0.5.4 Larry W. Cashdollar
[ MDVSA-2013:087 ] firefox security
[ MDVSA-2013:088 ] hplip security
[ MDVSA-2013:089 ] icclib security
[ MDVSA-2013:090 ] argyllcms security
[ MDVSA-2013:091 ] icecast security
[ MDVSA-2013:092 ] imagemagick security

Saturday, 13 April

Re: Allegro.pl XSS [0-day] Georgi Guninski
XSS and CS vulnerabilities in Dotclear MustLive

Sunday, 14 April

Re: Allegro.pl XSS [0-day] Maksymilian Arciemowicz
Re: Allegro.pl XSS [0-day] Michal Zalewski
Re: [ MDVSA-2013:101 ] lynx Alex
Vulnerabilities in AI-Bolit MustLive

Monday, 15 April

RAT list Antonio Leiva
Re: RAT list Alex
[ MDVSA-2013:143 ] poppler security
Re: [MDVSA-2013:11X ] ENTIRE OS Alexander Georgiev
Re: [MDVSA-2013:11X ] ENTIRE OS Laurelai
Remote command injection md2pdf ruby gem Larry W. Cashdollar
Re: [MDVSA-2013:11X ] ENTIRE OS Daniel Preußker
Re: [MDVSA-2013:11X ] ENTIRE OS Christophe Garault
Re: [MDVSA-2013:11X ] ENTIRE OS Taylor Burke
DDIVRT-2013-52 Dell EqualLogic PS6110X Directory Traversal ddivulnalert
Re: RAT list Bryan Bickford
Re: RAT list Swair Mehta

Tuesday, 16 April

[ESNC-2013-001] Privilege Escalation in SAP Healthcare Industry Solution ESNC Security
[ESNC-2013-002] Privilege Escalation in SAP Production Planning and Control ESNC Security
[ESNC-2013-003] Remote OS Command Execution in SAP BASIS Communication Services ESNC Security
Re: RAT list Antonio Leiva
Oppida/NoSuchCon challenge has been released NoSuchCon
[ MDVSA-2013:144 ] phpmyadmin security
Re: [ MDVSA-2013:144 ] phpmyadmin yersinia
[SE-2012-01] Details of issues fixed by Java SE 7 Update 21 Security Explorations

Wednesday, 17 April

RAT List Nick Giannoulis
Re: [ MDVSA-2013:144 ] phpmyadmin Taylor Burke
ZPanel arbitrary code execution + root escalation vulnerability Sven Slootweg
SI6 Networks' IPv6 Toolkit v1.3.4 released! Fernando Gont
Re: [SE-2012-01] Details of issues fixed by Java SE 7 Update 21 Security Explorations
Re: [Full-disclosure] ZPanel arbitrary code execution + roo t escalation vulnerability Dex
SEC Consult 20130417-0 :: Multiple vulnerabilities in Sosci Survey SEC Consult Vulnerability Lab
SEC Consult SA-20130417-1 :: Java ActiveX Control Memory Corruption SEC Consult Vulnerability Lab
SEC Consult SA-20130417-2 :: HTTP header injection/Cache poisoning in Oracle WebCenter Sites Satellite Server SEC Consult Vulnerability Lab
Cisco Security Advisory: Cisco Network Admission Control Manager SQL Injection Vulnerability Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco TelePresence Infrastructure Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team
[Security-news] SA-CONTRIB-2013-043 - MP3 Player - Cross Site Scripting (XSS) security-news
[Security-news] SA-CONTRIB-2013-044 - elFinder file manager - Cross Site Request Forgery (CSRF) security-news
[Security-news] SA-CONTRIB-2013-045 - Autocomplete Widgets for Text and Number Fields (autocomplete_widgets) - Access bypass security-news
[SECURITY] [DSA 2661-1] xorg-server security update Yves-Alexis Perez

Thursday, 18 April

DC4420 - London DEFCON - April meet - Tuesday 23rd April 2013 Major Malfunction
Fwd: CVE-2013-2504 : Matrix42 Service Desk XSS 43z sec
[SECURITY] [DSA 2662-1] xen security update Salvatore Bonaccorso
TWSL2013-004: Group Name Enumeration Vulnerability in Cisco IKE Implementation Trustwave Advisories

Friday, 19 April

Re: SEC Consult SA-20130417-1 :: Java ActiveX Control Memory Corruption SEC Consult Vulnerability Lab
[ MDVSA-2013:145 ] java-1.6.0-openjdk security
[ MDVSA-2013:146 ] icedtea-web security
[ MDVSA-2013:147 ] libarchive security
Re: [ MDVSA-2013:147 ] libarchive l3thal
Re: [ MDVSA-2013:147 ] libarchive Valdis . Kletnieks
Re: VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555) paul . szabo

Saturday, 20 April

Re: VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555) Bob The CCIE MSCE Kim
Re: VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555) Joxean Koret
Re: VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555) Mario Vilas
Re: [ MDVSA-2013:147 ] libarchive Geir Skjotskift
Re: [ MDVSA-2013:147 ] libarchive Julius Kivimäki
Re: VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555) Julius Kivimäki
Re: VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555) Sergio Alvarez
Re: VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555) Lee
[SECURITY] [DSA 2660-1] curl security update Salvatore Bonaccorso
Multiple vulnerabilities in Colormix theme for WordPress MustLive
Re: VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555) Bryan
Re: VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555) Benji
Re: VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555) Benji
Re: VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555) Bryan
Re: VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555) Benji
Re: VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555) Benji
Re: VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555) Bryan
Re: VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555) Benji
Re: VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555) Bryan
Re: VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555) Benji
Re: VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555) Benji
Re: VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555) Benji
Re: VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555) Joxean Koret

Sunday, 21 April

Re: VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555) Bryan
Re: VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555) Valdis . Kletnieks
Re: VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555) phocean
Re: VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555) Gregor S.
Re: VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555) Gregor S.
reasonable return on investment; better investments in security [was Re: VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555)] coderman
Vulnerabilities in jPlayer MustLive

Monday, 22 April

Re: VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555) Jeffrey Walton
[SE-2012-01] Yet another Reflection API flaw affecting Oracle's Java SE Security Explorations
Re: VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555) Benji
44Café Tuesday 23rd April, E arls Court London - What to expect Steve
Coliseum101 - Security Conferences Calendar Nahuel Grisolia
NoSuchCon 2013, Paris (France), May 15th-17 th NoSuchCon
How do I contact Vodafone Security? Jann Horn
0day Vulnerability in VLC (this is my first release of the vuln anywhere) jay van
Re: 0day Vulnerability in VLC (this is my first release of the vuln anywhere) Henri Salo
Re: 0day Vulnerability in VLC (this is my first release of the vuln anywhere) kaveh ghaemmaghami
[ MDVSA-2013:148 ] roundcubemail security
[ MDVSA-2013:149 ] roundcubemail security
[ MDVSA-2013:150 ] mysql security
Re: How do I contact Vodafone Security? Jeffrey Walton
Vulnerabilities in multiple plugins for WordPress with jPlayer MustLive
[SECURITY] [DSA 2663-1] tinc security update Yves-Alexis Perez

Tuesday, 23 April

Re: How do I contact Vodafone Security? Alexander Georgiev
Re: How do I contact Vodafone Security? Jann Horn
Re: 0day Vulnerability in VLC (this is my first release of the vuln anywhere) Georgi Guninski
Re: 0day Vulnerability in VLC (this is my first release of the vuln anywhere) Henri Salo
Re: 0day Vulnerability in VLC (this is my first release of the vuln anywhere) Gregory Boddin
Re: 0day Vulnerability in VLC (this is my first release of the vuln anywhere) Georgi Guninski
Re: 0day Vulnerability in VLC (this is my first release of the vuln anywhere) Gregory Boddin
Re: 0day Vulnerability in VLC (this is my first release of the vuln anywhere) Benji
Re: 0day Vulnerability in VLC (this is my first release of the vuln anywhere) Tavis Ormandy
Re: 0day Vulnerability in VLC (this is my first release of the vuln anywhere) Valdis . Kletnieks
Re: 0day Vulnerability in VLC (this is my first release of the vuln anywhere) Gary Baribault
Re: 0day Vulnerability in VLC (this is my first release of the vuln anywhere) Tavis Ormandy
Re: 0day Vulnerability in VLC (this is my first release of the vuln anywhere) Valdis . Kletnieks
Re: 0day Vulnerability in VLC (this is my first release of the vuln anywhere) Taylor Burke
Re: 0day Vulnerability in VLC (this is my first release of the vuln anywhere) dawg
Re: 0day Vulnerability in VLC (this is my first release of the vuln anywhere) Mark Felder
Re: 0day Vulnerability in VLC (this is my first release of the vuln anywhere) Gary Baribault
Re: 0day Vulnerability in VLC (this is my first release of the vuln anywhere) Valdis . Kletnieks
Re: 0day Vulnerability in VLC (this is my first release of the vuln anywhere) Tavis Ormandy

Wednesday, 24 April

Re: 0day Vulnerability in VLC (this is my first release of the vuln anywhere) Georgi Guninski
Re: 0day Vulnerability in VLC (this is my first release of the vuln anywhere) Georgi Guninski
Re: 0day Vulnerability in VLC (this is my first release of the vuln anywhere) Gregory Boddin
[ESNC-2013-004] Remote ABAP Code Injection in OpenText/IXOS ECM for SAP NetWeaver ESNC Security
hornbill supportworks SQL injection research
hornbill supportworks sql injection research
Re: 0day Vulnerability in VLC (this is my first release of the vuln anywhere) Georgi Guninski
Cisco Security Advisory: Cisco Device Manager Command Execution Vulnerability Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified Computing System Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Multiple Vulnerabilities in Cisco NX-OS-Based Product Cisco Systems Product Security Incident Response Team
Vulnerabilities in multiple themes for WordPress with jPlayer MustLive

Thursday, 25 April

Apache CloudStack Security Advisory: Multiple vulnerabilities in Apache CloudStack John Kinsella
[waraxe-2013-SA#103] - Multiple Vulnerabilities in phpMyAdmin Janek Vind
BSidesCLT Call for Presenters Bsides Charlotte
Fwd: Module import security issue Jen Savage

Friday, 26 April

Hacking IPv6 networks training (slideware, upcoming trainings, etc.) Fernando Gont
[ MDVSA-2013:151 ] curl security
[ MDVSA-2013:152 ] subversion security
[ MDVSA-2013:153 ] subversion security

Saturday, 27 April

WPS Office Wpsio.dll Stack Buffer Overflow Vulnerability zhangjiantao
BF and IA vulnerabilities in IBM Lotus Domino MustLive

Monday, 29 April

[ MDVSA-2013:154 ] util-linux security
[ MDVSA-2013:155 ] fuse security
[ MDVSA-2013:156 ] apache-mod_security security
CORE-2013-0301 - Vivotek IP Cameras Multiple Vulnerabilities CORE Security Technologies Advisories
CORE-2013-0303 - D-Link IP Cameras Multiple Vulnerabilities CORE Security Technologies Advisories
PayPal Bug Bounty #45 BillSafe - Remote Auth Bypass Session Web Vulnerability Vulnerability Lab

Tuesday, 30 April

Updated - CA20130213-01: Security Notice for CA ControlMinder Kotas, Kevin J
WowzaMediaServer StorageDir escape (regression) Michal J.
WowzaMediaServer SecureToken bypass (and worse) Michal J.
[ MDVSA-2013:157 ] krb5 security
[ MDVSA-2013:158 ] krb5 security
[ MDVSA-2013:159 ] clamav security
[SECURITY] [DSA 2665-1] strongswan security update Yves-Alexis Perez
n.runs-SA-2013.005 - IBM Lotus Notes - arbitrary code execution security
Previous period Next period
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]