Home page logo
/

290 messages starting Mar 03 13 and ending Mar 06 13
Date index | Thread index | Author index

adam

Re: how do I know the fbi is followin adam (Mar 03)
Re: SANS PHP Port Scanner Remote Code Execution adam (Mar 08)
Re: SANS PHP Port Scanner Remote Code Execution adam (Mar 08)

Adam Laurie

Announcing ChronIC - a wearable Sub-GHz RF hacking tool Adam Laurie (Mar 12)

Adam Zabrocki

Multiple SQL Injection vulnerabilities in Disk Pool Manager (DPM) Adam Zabrocki (Mar 10)

adrelanos

Whonix ALPHA 0.5.5 - Anonymous Operating System released adrelanos (Mar 03)

alej andr0

WordPress Counter per Day plugin <= 3.2.3. Path Disclosure and Denial-Of-Service (DOS) and WordPress Counter per Day plugin <= 3.2.5. Path Disclosure alej andr0 (Mar 04)
WordPress Count-Per-Day plugin 3.2.5. Type-1 (reflected) Cross Site Scripting (XSS) alej andr0 (Mar 05)

Alex

Re: Deutsche Post Security Cup 2013 Alex (Mar 21)

Alexandre Teixeira

Re: SANS PHP Port Scanner Remote Code Execution Alexandre Teixeira (Mar 06)

Andrew King

Re: SANS PHP Port Scanner Remote Code Execution Andrew King (Mar 08)

antisnatchor

Re: Results of a XSLT fuzzing effort antisnatchor (Mar 08)

Arnaud Jacques

Get rid of french marketing spam Arnaud Jacques (Mar 06)

Asterisk Security Team

AST-2013-001: Buffer Overflow Exploit Through SIP SDP Header Asterisk Security Team (Mar 27)
AST-2013-002: Denial of Service in HTTP server Asterisk Security Team (Mar 27)
AST-2013-003: Username disclosure in SIP channel driver Asterisk Security Team (Mar 27)

Benji

Re: SANS PHP Port Scanner Remote Code Execution Benji (Mar 06)
Re: SANS PHP Port Scanner Remote Code Execution Benji (Mar 06)
Re: Deutsche Post Security Cup 2013 Benji (Mar 20)
Re: Fw: (no subject) Benji (Mar 29)
Re: Fw: Fw: News Delivery Report (Failure) Benji (Mar 29)
Re: Fw: Fw: Fw: Justice for Molly (copskillingcivillians) Benji (Mar 29)

Bryan Baldwin

Re: Justice for Molly (cops killing civillians) Bryan Baldwin (Mar 27)
Re: Fw: Justice for Molly (cops killing civillians) Bryan Baldwin (Mar 28)
Re: Fw: Fw: Justice for Molly (cops killingcivillians) Bryan Baldwin (Mar 30)
Re: Fw: Fw: Justice for Molly (cops killingcivillians) Bryan Baldwin (Mar 30)

BugsNotHugs

Proofpoint Protection Server Session Persistence BugsNotHugs (Mar 02)

Chris L

Re: how do I know the fbi is followin Chris L (Mar 03)

Christian Sciberras

Re: SANS PHP Port Scanner Remote Code Execution Christian Sciberras (Mar 06)
Re: SANS PHP Port Scanner Remote Code Execution Christian Sciberras (Mar 06)
Re: SANS PHP Port Scanner Remote Code Execution Christian Sciberras (Mar 08)

Cisco Systems Product Security Incident Response Team

Cisco Security Response: Cisco IOS and Cisco IOS XE Type 4 Passwords Issue Cisco Systems Product Security Incident Response Team (Mar 18)
Cisco Security Advisory: Cisco IOS Software Resource Reservation Protocol Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Mar 27)
Cisco Security Advisory: Cisco IOS Software Zone-Based Policy Firewall Session Initiation Protocol Inspection Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Mar 27)
Cisco Security Advisory: Cisco IOS Software IP Service Level Agreement Vulnerability Cisco Systems Product Security Incident Response Team (Mar 27)
Cisco Security Advisory: Cisco IOS Software Protocol Translation Vulnerability Cisco Systems Product Security Incident Response Team (Mar 27)
Cisco Security Advisory: Cisco IOS Software Internet Key Exchange Vulnerability Cisco Systems Product Security Incident Response Team (Mar 27)
Cisco Security Advisory: Cisco IOS Software Network Address Translation Vulnerability Cisco Systems Product Security Incident Response Team (Mar 27)
Cisco Security Advisory: Cisco IOS Software Smart Install Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Mar 27)

Dan Ballance

Re: SANS PHP Port Scanner Remote Code Execution Dan Ballance (Mar 06)

Daniel Franke

On the impact of CVE-2013-2266 (BIND9) Daniel Franke (Mar 27)

Daniel Preussker

Re: Deutsche Post Security Cup 2013 Daniel Preussker (Mar 20)
Re: Deutsche Post Security Cup 2013 Daniel Preussker (Mar 20)

Daniel Preußker

Re: Fw: Fw: Justice for Molly (cops killingcivillians) Daniel Preußker (Mar 30)

Daniel Sichel

Donkey Kick Exploit Daniel Sichel (Mar 29)

ddivulnalert

DDIVRT-2013-51 DALIM Dialog Server 'logfile' Local File Inclusion ddivulnalert (Mar 06)
DDIVRT-2013-50 EverFocus EPARA264-16X1 Directory Traversal ddivulnalert (Mar 15)

Dirk-Willem van Gulik

CVE-2013-186y: tokend (Apple, Gemalto) - privacy leak & arbitrary file creation (OSX, All versions) Dirk-Willem van Gulik (Mar 20)
CVE-2013-1866: OpenSC.tokend - privacy leak & arbitrary file creation (OSX, All versions) Dirk-Willem van Gulik (Mar 20)
CVE-2013-1867: tokend (Apple, Gemalto) - privacy leak & arbitrary file creation (OSX, All versions) Dirk-Willem van Gulik (Mar 20)

Eric Urban

Fwd: Remote command injection vulnerability in Rosewill RSVA11001 (Hi3515 based) Eric Urban (Mar 25)
Re: Fwd: Remote command injection vulnerability in Rosewill RSVA11001 (Hi3515 based) Eric Urban (Mar 25)

Fayyaz Ali

Re: SANS PHP Port Scanner Remote Code Execution Fayyaz Ali (Mar 06)

Fernando A. Lagos B.

XSS vulnerability on WP-Banners-Lite (wordpress plugin) Fernando A. Lagos B. (Mar 25)

Fernando Gont

Host tracking in IPv6 (SI6 Networks' IPv6 toolkit v1.3.3) Fernando Gont (Mar 11)

Florian Weimer

[SECURITY] [DSA 2653-1] icinga security update Florian Weimer (Mar 26)

Gage Bystrom

Re: Port scanning /0 using insecure embedded devices Gage Bystrom (Mar 27)
Re: Fw: Fw: Fw: Justice for Molly (cops killingcivillians) Gage Bystrom (Mar 29)
Re: Fw: petition to remove Aaron Swartz prosecutor Gage Bystrom (Mar 29)
Re: Fw: Fw: Fw: Justice for Molly (copskillingcivillians) Gage Bystrom (Mar 29)
Re: Fw: Fw: Fw: Justice for Molly(copskillingcivillians) Gage Bystrom (Mar 31)

Gary Baribault

Re: how do I know the fbi is followin Gary Baribault (Mar 04)
Re: how do I know the fbi is followin Gary Baribault (Mar 04)
Re: Fw: Fw: Justice for Molly (cops killingcivillians) Gary Baribault (Mar 29)

Georgi Guninski

Re: list patch Georgi Guninski (Mar 02)
Re: list patch Georgi Guninski (Mar 03)
Re: list patch Georgi Guninski (Mar 03)

Gregory Boddin

Re: Justice for Molly (cops killing civillians) Gregory Boddin (Mar 27)

gremlin

Re: Get rid of french marketing spam gremlin (Mar 06)

Harry Behrens

Re: Deutsche Post Security Cup 2013 Harry Behrens (Mar 20)

Harry Hoffman

Re: SANS PHP Port Scanner Remote Code Execution Harry Hoffman (Mar 06)

Henri Salo

Re: XSS vulnerabilities in em-shorty, RepRapCalculator, Fulcrum, Django and aCMS Henri Salo (Mar 02)
Re: Vulnerabilities in SWFUpload in multiple web applications: WordPress, Dotclear, InstantCMS, AionWeb and others Henri Salo (Mar 18)
Re: Fwd: Remote command injection vulnerability in Rosewill RSVA11001 (Hi3515 based) Henri Salo (Mar 25)
Re: XSS vulnerability on WP-Banners-Lite (wordpress plugin) Henri Salo (Mar 25)
Re: WP FuneralPress - Stored XSS in Guestbook Henri Salo (Mar 31)
Re: WP FuneralPress - Stored XSS in Guestbook Henri Salo (Mar 31)

Henry Garrison

FULL-DISCLOSURE Exclusive Henry Garrison (Mar 14)

Heyder Andrade

Chrome Null Pointer in InspectDataSource::StartDataRequest Heyder Andrade (Mar 14)

Hurgel Bumpf

Re: Deutsche Post Security Cup 2013 Hurgel Bumpf (Mar 20)
Re: Deutsche Post Security Cup 2013 Hurgel Bumpf (Mar 21)

Ian Hayes

Re: Donkey Kick Exploit Ian Hayes (Mar 29)

IEhrepus

"Data-Clone" -- a new way to attack android apps IEhrepus (Mar 17)
Re: "Data-Clone" -- a new way to attack android apps IEhrepus (Mar 18)
Re: "Data-Clone" -- a new way to attack android apps IEhrepus (Mar 18)

Info

Security BSides Las Vegas 31Jul -01Aug Call For Presenters / Call For Mentors Info (Mar 05)

Inshell Security

[IA32] HP Intelligent Management Center v5.1 E0202 topoContent.jsf Non-Persistent Cross-Site Scripting Inshell Security (Mar 04)
[IA49] Photodex ProShow Producer v5.0.3310 ScsiAccess Local Privilege Escalation Inshell Security (Mar 19)

internet census

Port scanning /0 using insecure embedded devices internet census (Mar 18)

ISecAuditors Security Advisories

[ISecAuditors Security Advisories] Reflected XSS in Asteriskguru Queue Statistics ISecAuditors Security Advisories (Mar 11)
[ISecAuditors Security Advisories] CSRF vulnerability in LinkedIn ISecAuditors Security Advisories (Mar 26)
[ISecAuditors Security Advisories] Multiple Reflected XSS vulnerabilities in LinkedIn Investors ISecAuditors Security Advisories (Mar 26)
[ISecAuditors Security Advisories] Reflected XSS in Atmail WebMail <= v7.0.2 ISecAuditors Security Advisories (Mar 27)

Jaime Lloret Mauri

CFP (Extended Deadline) : S.I. on Intrusion Detection and Security Mechanisms for WSNs Jaime Lloret Mauri (Mar 21)

Janek Vind

[waraxe-2013-SA#098] - Directory Traversal Vulnerabilities in OpenCart 1.5.5.1 Janek Vind (Mar 19)
[waraxe-2013-SA#099] - Update Spoofing Vulnerability in LibreOffice 4.0.1.2 Janek Vind (Mar 21)
[waraxe-2013-SA#100] - Update Spoofing Vulnerability in mRemote 1.50 Janek Vind (Mar 29)
[waraxe-2013-SA#101] - Update Spoofing Vulnerability in Royal TS 2.1 Janek Vind (Mar 29)

Jann Horn

A few android security issues Jann Horn (Mar 14)
Re: "Data-Clone" -- a new way to attack android apps Jann Horn (Mar 17)

Jason Storm

Re: how do I know the fbi is followin Jason Storm (Mar 04)

Jeff Kell

Re: how do I know the fbi is followin Jeff Kell (Mar 03)

Jeffrey Walton

Re: Port scanning /0 using insecure embedded devices Jeffrey Walton (Mar 19)
Re: Owning Samsung Android devices Jeffrey Walton (Mar 19)
Re: Fw: Fw: Justice for Molly (cops killingcivillians) Jeffrey Walton (Mar 29)
Re: petition to remove Aaron Swartz prosecutor Jeffrey Walton (Mar 29)
Re: petition to remove Aaron Swartz prosecutor Jeffrey Walton (Mar 29)

Jeff Wright

Re: On the impact of CVE-2013-2266 (BIND9) Jeff Wright (Mar 28)

Jerry dePriest

how do I know the fbi is followin Jerry dePriest (Mar 03)
Justice for Molly (cops killing civillians) Jerry dePriest (Mar 27)
Fw: Justice for Molly (cops killing civillians) Jerry dePriest (Mar 27)
Fw: Fw: Justice for Molly (cops killing civillians) Jerry dePriest (Mar 27)
reward Jerry dePriest (Mar 27)
Fw: Justice for Molly (cops killing civillians) Jerry dePriest (Mar 27)
Fw: Fw: Justice for Molly (cops killingcivillians) Jerry dePriest (Mar 29)
Fw: Fw: Fw: Justice for Molly (cops killingcivillians) Jerry dePriest (Mar 29)
Re: petition to remove Aaron Swartz prosecutor Jerry dePriest (Mar 29)
Fw: (no subject) Jerry dePriest (Mar 29)
Fw: Fw: News Delivery Report (Failure) Jerry dePriest (Mar 29)
Fw: [waraxe-2013-SA#101] - Update SpoofingVulnerability in Royal TS 2.1 Jerry dePriest (Mar 29)
Fw: petition to remove Aaron Swartz prosecutor Jerry dePriest (Mar 29)
Re: Fw: Fw: Fw: Justice for Molly (copskillingcivillians) Jerry dePriest (Mar 29)
Re: Fw: Fw: Fw: Justice for Molly(copskillingcivillians) Jerry dePriest (Mar 31)

Jody Melbourne (HackLabs)

Great read for the Australians Jody Melbourne (HackLabs) (Mar 23)

John Cartwright

Re: list patch John Cartwright (Mar 01)
Administrivia: FD Returns John Cartwright (Mar 02)
List Charter John Cartwright (Mar 14)

Juergen.Pabel

Deutsche Post Security Cup 2013 Juergen.Pabel (Mar 20)
Re: Deutsche Post Security Cup 2013 Juergen.Pabel (Mar 20)

Julius Kivimäki

Re: n.runs-SA-2013.001 - Polycom - Command Shell Grants System-Level Access Julius Kivimäki (Mar 16)

Justin C. Klein Keane

XSS Vulnerability in TinyMCE Justin C. Klein Keane (Mar 11)

Kacper Szczesniak

CVE-2013-1763 Ubuntu 12.10 64bit Kacper Szczesniak (Mar 11)

kaveh ghaemmaghami

Cam2pc BMP Image Processing Integer Overflow Vulnerability kaveh ghaemmaghami (Mar 12)

Kenneth Stox

Re: how do I know the fbi is followin Kenneth Stox (Mar 03)

kill my xss

web app pentesting - short research survey kill my xss (Mar 14)

king cope

Re: Kingcopes AthCon 2012 Slides & Notes --> Video online king cope (Mar 05)

Kotas, Kevin J

CA20130319-01: Security Notice for SiteMinder products using SAML Kotas, Kevin J (Mar 20)

Kurt Seifried

Re: XSS vulnerabilities in em-shorty, RepRapCalculator, Fulcrum, Django and aCMS - ZeroClipboard.swf Kurt Seifried (Mar 03)
Re: [oss-security] Multiple SQL Injection vulnerabilities in Disk Pool Manager (DPM) Kurt Seifried (Mar 12)

larry Cashdollar

Remote command execution in Ruby Gem Command Wrap larry Cashdollar (Mar 18)

Larry W. Cashdollar

Remote command execution for Ruby Gem ftpd-0.2.1 Larry W. Cashdollar (Mar 03)
Ruby Gem Flash Tool 0.6.0 Remote code execution vulnerability Larry W. Cashdollar (Mar 03)
Re: rpi-update tmpfile vulnerability Larry W. Cashdollar (Mar 06)
OpenFabrics ibutils 1.5.7 /tmp clobbering vulnerability Larry W. Cashdollar (Mar 06)
Re: Oracle Auto Service Request /tmp file clobbering vulnerability Larry W. Cashdollar (Mar 07)
Ruby gem fastreader-1.0.8 remote code exec Larry W. Cashdollar (Mar 12)
MiniMagic ruby gem remote code execution Larry W. Cashdollar (Mar 12)
Curl Ruby Gem Remote command execution Larry W. Cashdollar (Mar 12)
Ruby gem Thumbshooter 0.1.5 remote command execution Larry W. Cashdollar (Mar 26)

Laurelai

Re: how do I know the fbi is followin Laurelai (Mar 03)
Re: list patch Laurelai (Mar 03)
Re: list patch Laurelai (Mar 05)

laurent gaffie

SANS PHP Port Scanner Remote Code Execution laurent gaffie (Mar 06)
Re: SANS PHP Port Scanner Remote Code Execution laurent gaffie (Mar 06)

Major Malfunction

DC4420 - London DEFCON - March meet - Tuesday 26th March 2013 Major Malfunction (Mar 22)

Marc Heuse

Remote system freeze thanks to Kaspersky Internet Security 2013 Marc Heuse (Mar 04)

Mark Thomas

[SECURITY] CVE-2013-0248 Apache Commons FileUpload - Insecure examples Mark Thomas (Mar 06)

Matt Franklin

[CVE-2013-1814] Apache Rave exposes User over API Matt Franklin (Mar 13)

Matthew Bucci

[CVE-2013-2294] Multiple Cross Site Scripting (XSS) vulnerabilities in ViewGit Matthew Bucci (Mar 18)

metropolis haxor

Petite Annonce v1 XSS Vulnerability metropolis haxor (Mar 14)
JAOW 2.4.8 XSS Vulnerability metropolis haxor (Mar 24)

Michael Gilbert

[SECURITY] [DSA 2642-1] sudo security update Michael Gilbert (Mar 09)
[SECURITY] [DSA 2652-1] libxml2 security update Michael Gilbert (Mar 26)

Michael Simpson

Re: list patch Michael Simpson (Mar 06)
Fwd: lame Michael Simpson (Mar 06)

Michael T

Re: Fw: Fw: Fw: Justice for Molly (copskillingcivillians) Michael T (Mar 30)

Moritz Muehlenhoff

[SECURITY] [DSA 2636-1] xen security update Moritz Muehlenhoff (Mar 01)
[SECURITY] [DSA 2636-2] xen regression update Moritz Muehlenhoff (Mar 03)
[SECURITY] [DSA 2638-1] openafs security update Moritz Muehlenhoff (Mar 04)
[SECURITY] [DSA 2644-1] wireshark security update Moritz Muehlenhoff (Mar 14)
[SECURITY] [DSA 2647-1] firebird2.1 security update Moritz Muehlenhoff (Mar 15)
[SECURITY] [DSA 2648-1] firebird2.5 security update Moritz Muehlenhoff (Mar 15)
[SECURITY] [DSA 2655-1] rails security update Moritz Muehlenhoff (Mar 28)

MustLive

XSS vulnerabilities in em-shorty, RepRapCalculator, Fulcrum, Django and aCMS MustLive (Mar 01)
BF, IAA and CSRF vulnerabilities in Question2Answer MustLive (Mar 02)
AoF, IAA and CSRF vulnerabilities in Question2Answer MustLive (Mar 03)
Exploit for stealing admin's account in Question2Answer MustLive (Mar 07)
Exploit for D-Link DAP 1150 MustLive (Mar 08)
CS and XSS vulnerabilities in SWFUpload MustLive (Mar 10)
Vulnerabilities in SWFUpload in multiple web applications: WordPress, Dotclear, InstantCMS, AionWeb and others MustLive (Mar 11)
XSS vulnerabilities in ZeroClipboard and multiple web applications MustLive (Mar 24)
Multiple XSS vulnerabilities in IBM Lotus Domino MustLive (Mar 26)

Ned Fleming

Re: how do I know the fbi is followin Ned Fleming (Mar 04)

Nick FitzGerald

Re: SANS PHP Port Scanner Remote Code Execution Nick FitzGerald (Mar 08)

Nicolas Grégoire

Results of a XSLT fuzzing effort Nicolas Grégoire (Mar 08)

NOPcon Team

NOPcon 2013 - Call for paper - Istanbul , Turkey NOPcon Team (Mar 17)

Oliver-Tobias Ripka

Skype Click to Call Update Service local privilege escalation Oliver-Tobias Ripka (Mar 15)

Pat Litke

Re: how do I know the fbi is followin Pat Litke (Mar 04)

Paul Craig

iKAT 2013 Release - Interactive Kiosk Attack Tool Paul Craig (Mar 18)

Paul Dart

Re: [DC4420] DC4420 - London DEFCON - March meet - Tuesday 26th March 2013 Paul Dart (Mar 25)

Peter Westwood

Re: WP FuneralPress - Stored XSS in Guestbook Peter Westwood (Mar 31)

PHD

PHDays Call For Papers Initiates Its Second Stage PHD (Mar 21)

Philip Whitehouse

Re: Fw: Fw: Fw: Justice for Molly (copskillingcivillians) Philip Whitehouse (Mar 30)

QUAKER DOOMER

winAUTOPWN v3.4 Released - Completing 4 years !! QUAKER DOOMER (Mar 27)

Reed Loden

Re: how do I know the fbi is followin Reed Loden (Mar 03)

ReVuln

Critical issue affecting EA Origin users ReVuln (Mar 16)

Rob Armstrong

Backupbuddy wordpress plugin - sensitive data exposure in importbuddy.php Rob Armstrong (Mar 24)
WP FuneralPress - Stored XSS in Guestbook Rob Armstrong (Mar 30)

Roberto Paleari

Owning Samsung Android devices Roberto Paleari (Mar 19)

Rodrigo Rubira Branco (BSDaemon)

10 years of Hackers to Hackers Conference - Call for Papers Rodrigo Rubira Branco (BSDaemon) (Mar 16)

Roee Hay

AUTO: Roee Hay is on vacation (returning 10/04/2013) Roee Hay (Mar 31)

Roman Kümmel

Fake Applications in browser Roman Kümmel (Mar 17)

Salvatore Bonaccorso

[SECURITY] [DSA 2635-1] cfingerd security update Salvatore Bonaccorso (Mar 01)
[SECURITY] [DSA 2641-1] perl security update Salvatore Bonaccorso (Mar 09)
[SECURITY] [DSA 2640-1] zoneminder security update Salvatore Bonaccorso (Mar 14)
[SECURITY] [DSA 2641-2] libapache2-mod-perl2 update related to DSA 2641-1 Salvatore Bonaccorso (Mar 20)
[SECURITY] [DSA 2651-1] smokeping security update Salvatore Bonaccorso (Mar 21)
[SECURITY] [DSA 2656-1] bind9 security update Salvatore Bonaccorso (Mar 30)

Sanguinarious Rose

Re: how do I know the fbi is followin Sanguinarious Rose (Mar 03)
Re: how do I know the fbi is followin Sanguinarious Rose (Mar 03)

scadastrangelove

New WinCC/TIA Porta vulns/fixes scadastrangelove (Mar 21)

Sean McMillan

Samsung S3 : Full Lock Screen Bypass Sean McMillan (Mar 05)

sec

ASUS RT-N66U multiple vulns sec (Mar 13)

SEC Consult Vulnerability Lab

SEC Consult SA-20130308-0 :: Multiple critical vulnerabilities in GroundWork Monitor Enterprise (part 1) SEC Consult Vulnerability Lab (Mar 08)
SEC Consult SA-20130308-1 :: Multiple vulnerabilities in GroundWork Monitor Enterprise (part 2) SEC Consult Vulnerability Lab (Mar 08)
SEC Consult SA-20130311-0 :: Persistent cross-site scripting in jforum SEC Consult Vulnerability Lab (Mar 11)
SEC Consult SA-20130313-0 :: QlikView Desktop Client Integer Overflow SEC Consult Vulnerability Lab (Mar 13)

security

[ MDVSA-2013:017 ] libxml2 security (Mar 05)
[ MDVSA-2013:018 ] openssl security (Mar 06)
[ MDVSA-2013:019 ] gnutls security (Mar 07)
[ MDVSA-2013:020 ] wireshark security (Mar 08)
[ MDVSA-2013:021 ] java-1.6.0-openjdk security (Mar 08)
[ MDVSA-2013:022 ] openssh security (Mar 13)
[ MDVSA-2013:023 ] coreutils security (Mar 13)
[ MDVSA-2013:024 ] firefox security (Mar 13)
[ MDVSA-2013:025 ] pidgin security (Mar 14)
n.runs-SA-2013.001 - Polycom - Command Shell Grants System-Level Access security (Mar 15)
n.runs-SA-2013.002 - Polycom - Firmware Update Command Injection security (Mar 15)
n.runs-SA-2013.003 - Polycom - H.323 CDR Database SQL Injection security (Mar 15)
n.runs-SA-2013.004 - Polycom - H.323 Format String Vulnerability security (Mar 15)
[ MDVSA-2013:026 ] sudo security (Mar 18)
[ MDVSA-2013:027 ] clamav security (Mar 18)
[ MDVSA-2013:028 ] nagios security (Mar 18)

Security Explorations

[SE-2012-01] One more attack affecting Oracle's Java SE 7u15 Security Explorations (Mar 04)
[SE-2012-01] The "allowed behavior" in Java SE 7 (Issue 54) Security Explorations (Mar 18)
[SE-2011-01] PoC code for digital SAT TV research released Security Explorations (Mar 21)

security-news

[Security-news] SA-CONTRIB-2013-031 - Premium Responsive theme - Cross Site Scripting (XSS) security-news (Mar 01)
[Security-news] SA-CONTRIB-2013-034 - Node Parameter Control - Access Bypass security-news (Mar 13)
[Security-news] SA-CONTRIB-2013-035 - Views - Cross Site Scripting (XSS) security-news (Mar 20)
[Security-news] SA-CONTRIB-2013-036 - Zero Point - Cross Site Scripting (XSS) security-news (Mar 27)
[Security-news] SA-CONTRIB-2013-038 - Commons Groups - Access bypass & Privilege escalation security-news (Mar 27)
[Security-news] SA-CONTRIB-2013-037 - Rules - Cross Site Scripting (XSS) security-news (Mar 27)
[Security-news] SA-CONTRIB-2013-039 - Commons Wikis - Access bypass & Privilege escalation security-news (Mar 27)

sergio

Book announcement: Los 27 Controles Criticos de Seguridad Informática (Spanish) sergio (Mar 25)

Simeon

Re: Results of a XSLT fuzzing effort Simeon (Mar 08)

some one

Re: n.runs-SA-2013.001 - Polycom - Command Shell Grants System-Level Access some one (Mar 18)

Stefan Fritsch

[SECURITY] [DSA 2637-1] apache2 security update Stefan Fritsch (Mar 04)

Stefan Jon Silverman

Re: how do I know the fbi is followin Stefan Jon Silverman (Mar 03)
Re: SANS PHP Port Scanner Remote Code Execution Stefan Jon Silverman (Mar 08)
Re: Port scanning /0 using insecure embedded devices Stefan Jon Silverman (Mar 27)

Stephan Rickauer

CVE-2013-1413 Stephan Rickauer (Mar 01)

Steve Wray

Re: petition to remove Aaron Swartz prosecutor Steve Wray (Mar 29)

Thiébaud Weksteen

Re: CVE-2013-1763 Ubuntu 12.10 64bit Thiébaud Weksteen (Mar 13)

Thijs Kinkhorst

[SECURITY] [DSA 2639-1] php5 security update Thijs Kinkhorst (Mar 05)

tytusromekiatomek

Varnish 2.1.5, 3.0.3 DoS in VRY_Create() while parsing Vary header tytusromekiatomek (Mar 05)
Apache Subversion mod_dav_svn DoS via MKACTIVITY/PROPFIND tytusromekiatomek (Mar 05)
Samsung TV DoS (possible overflow) via SOAPACTION tytusromekiatomek (Mar 05)
Varnish 2.1.5 DoS in STV_alloc() while parsing Content-Length header tytusromekiatomek (Mar 05)
Squid 3.2.7 DoS (loop, 100% cpu) strHdrAcptLangGetItem() at errorpage.cc tytusromekiatomek (Mar 05)
SIP Witch 0.7.4 w/libosip2-4.0.0 DoS via NULL pointer derefence in libosip2 tytusromekiatomek (Mar 05)
Varnish 2.1.5, 3.0.3 DoS in http_GetHdr() while parsing Vary header tytusromekiatomek (Mar 05)
Squid 3.2.5 httpMakeVaryMark() header value DoS, 2.7.Stable9 memory corruption. tytusromekiatomek (Mar 05)
Varnish 2.1.5 DoS in fetch_straight() while parsing Content-Length header tytusromekiatomek (Mar 05)

Ulisses Montenegro

Re: SANS PHP Port Scanner Remote Code Execution Ulisses Montenegro (Mar 06)
Re: SANS PHP Port Scanner Remote Code Execution Ulisses Montenegro (Mar 06)

Valdis . Kletnieks

Re: list patch Valdis . Kletnieks (Mar 02)
Re: how do I know the fbi is followin Valdis . Kletnieks (Mar 04)
Re: Port scanning /0 using insecure embedded devices Valdis . Kletnieks (Mar 22)

Vulnerability Lab

USB Disk & File Transfer v1.3.1 - File Include > Arbitrary File Upload Vulnerability Vulnerability Lab (Mar 02)
IPMap v2.5 iPad iPhone - File Upload Web Vulnerabilities Vulnerability Lab (Mar 02)
Paypal Bug Bounty #5 - Persistent Web Vulnerability Vulnerability Lab (Mar 02)
Remote File Manager v1.2 iOS - Multiple Web Vulnerabilities Vulnerability Lab (Mar 06)
AirDrive HD 1.6 iPad iPhone - Multiple Web Vulnerabilities Vulnerability Lab (Mar 06)
USB Disk & File Transfer v1.3.1 - File Include Vulnerability Vulnerability Lab (Mar 06)
AirDrive HD 1.6 iPad iPhone - Multiple Web Vulnerabilities Vulnerability Lab (Mar 12)
Paypal Bug Bounty #19 - Persistent Web Vulnerability Vulnerability Lab (Mar 12)
Paypal Bug Bounty #5 - Persistent Web Vulnerability Vulnerability Lab (Mar 28)
Paypal Bug Bounty #46 - Persistent Web Vulnerability Vulnerability Lab (Mar 28)
MailOrderWorks v5.907 - Multiple Web Vulnerabilities Vulnerability Lab (Mar 28)

Vulnerability Mailbox

Re: Remote system freeze thanks to Kaspersky Internet Security 2013 (SA52053) Vulnerability Mailbox (Mar 05)

William Scott Lockwood III

Re: how do I know the fbi is followin William Scott Lockwood III (Mar 03)

Yves-Alexis Perez

[SECURITY] [DSA 2643-1] puppet security update Yves-Alexis Perez (Mar 13)
[SECURITY] [DSA 2645-1] inetutils security update Yves-Alexis Perez (Mar 14)
[SECURITY] [DSA 2646-1] typo3-src security update Yves-Alexis Perez (Mar 16)
[SECURITY] [DSA 2649-1] lighttpd security update Yves-Alexis Perez (Mar 16)
[SECURITY] [DSA 2650-1] libvirt-bin security update Yves-Alexis Perez (Mar 16)
[SECURITY] [DSA 2650-2] libvirt regression update Yves-Alexis Perez (Mar 18)

Zachary Cutlip

Crossbow, a lightweight, cross-platform exploit development framework. Zachary Cutlip (Mar 29)

Źmicier Januszkiewicz

Re: SANS PHP Port Scanner Remote Code Execution Źmicier Januszkiewicz (Mar 06)
Re: SANS PHP Port Scanner Remote Code Execution Źmicier Januszkiewicz (Mar 06)
Previous period Next period
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]