290 messages starting Mar 01 13 and ending Mar 31 13 Date index | Thread index | Author index
CVE-2013-1413 Stephan Rickauer Re: list patch John Cartwright [SECURITY] [DSA 2635-1] cfingerd security update Salvatore Bonaccorso [Security-news] SA-CONTRIB-2013-031 - Premium Responsive theme - Cross Site Scripting (XSS) security-news [SECURITY] [DSA 2636-1] xen security update Moritz Muehlenhoff XSS vulnerabilities in em-shorty, RepRapCalculator, Fulcrum, Django and aCMS MustLive
BF, IAA and CSRF vulnerabilities in Question2Answer MustLive USB Disk & File Transfer v1.3.1 - File Include > Arbitrary File Upload Vulnerability Vulnerability Lab IPMap v2.5 iPad iPhone - File Upload Web Vulnerabilities Vulnerability Lab Paypal Bug Bounty #5 - Persistent Web Vulnerability Vulnerability Lab Proofpoint Protection Server Session Persistence BugsNotHugs Re: list patch Georgi Guninski Re: XSS vulnerabilities in em-shorty, RepRapCalculator, Fulcrum, Django and aCMS Henri Salo Re: list patch Valdis . Kletnieks Administrivia: FD Returns John Cartwright
Whonix ALPHA 0.5.5 - Anonymous Operating System released adrelanos how do I know the fbi is followin Jerry dePriest Re: how do I know the fbi is followin Sanguinarious Rose Re: how do I know the fbi is followin Reed Loden Re: how do I know the fbi is followin Jeff Kell Re: XSS vulnerabilities in em-shorty, RepRapCalculator, Fulcrum, Django and aCMS - ZeroClipboard.swf Kurt Seifried Re: how do I know the fbi is followin adam Re: how do I know the fbi is followin Chris L Re: how do I know the fbi is followin Stefan Jon Silverman Re: how do I know the fbi is followin Laurelai Re: how do I know the fbi is followin Sanguinarious Rose Remote command execution for Ruby Gem ftpd-0.2.1 Larry W. Cashdollar Re: list patch Georgi Guninski Re: list patch Laurelai Re: list patch Georgi Guninski [SECURITY] [DSA 2636-2] xen regression update Moritz Muehlenhoff Re: how do I know the fbi is followin Kenneth Stox Re: how do I know the fbi is followin William Scott Lockwood III AoF, IAA and CSRF vulnerabilities in Question2Answer MustLive Ruby Gem Flash Tool 0.6.0 Remote code execution vulnerability Larry W. Cashdollar
Re: how do I know the fbi is followin Pat Litke Remote system freeze thanks to Kaspersky Internet Security 2013 Marc Heuse Re: how do I know the fbi is followin Ned Fleming [SE-2012-01] One more attack affecting Oracle's Java SE 7u15 Security Explorations Re: how do I know the fbi is followin Jason Storm Re: how do I know the fbi is followin Valdis . Kletnieks Re: how do I know the fbi is followin Gary Baribault Re: how do I know the fbi is followin Gary Baribault WordPress Counter per Day plugin <= 3.2.3. Path Disclosure and Denial-Of-Service (DOS) and WordPress Counter per Day plugin <= 3.2.5. Path Disclosure alej andr0 [IA32] HP Intelligent Management Center v5.1 E0202 topoContent.jsf Non-Persistent Cross-Site Scripting Inshell Security [SECURITY] [DSA 2638-1] openafs security update Moritz Muehlenhoff [SECURITY] [DSA 2637-1] apache2 security update Stefan Fritsch
Re: list patch Laurelai WordPress Count-Per-Day plugin 3.2.5. Type-1 (reflected) Cross Site Scripting (XSS) alej andr0 Re: Remote system freeze thanks to Kaspersky Internet Security 2013 (SA52053) Vulnerability Mailbox Samsung S3 : Full Lock Screen Bypass Sean McMillan [SECURITY] [DSA 2639-1] php5 security update Thijs Kinkhorst [ MDVSA-2013:017 ] libxml2 security Re: Kingcopes AthCon 2012 Slides & Notes --> Video online king cope Security BSides Las Vegas 31Jul -01Aug Call For Presenters / Call For Mentors Info Varnish 2.1.5, 3.0.3 DoS in VRY_Create() while parsing Vary header tytusromekiatomek Apache Subversion mod_dav_svn DoS via MKACTIVITY/PROPFIND tytusromekiatomek Samsung TV DoS (possible overflow) via SOAPACTION tytusromekiatomek Varnish 2.1.5 DoS in STV_alloc() while parsing Content-Length header tytusromekiatomek Squid 3.2.7 DoS (loop, 100% cpu) strHdrAcptLangGetItem() at errorpage.cc tytusromekiatomek SIP Witch 0.7.4 w/libosip2-4.0.0 DoS via NULL pointer derefence in libosip2 tytusromekiatomek Varnish 2.1.5, 3.0.3 DoS in http_GetHdr() while parsing Vary header tytusromekiatomek Squid 3.2.5 httpMakeVaryMark() header value DoS, 2.7.Stable9 memory corruption. tytusromekiatomek Varnish 2.1.5 DoS in fetch_straight() while parsing Content-Length header tytusromekiatomek
Re: list patch Michael Simpson Remote File Manager v1.2 iOS - Multiple Web Vulnerabilities Vulnerability Lab AirDrive HD 1.6 iPad iPhone - Multiple Web Vulnerabilities Vulnerability Lab SANS PHP Port Scanner Remote Code Execution laurent gaffie Re: SANS PHP Port Scanner Remote Code Execution Fayyaz Ali Re: SANS PHP Port Scanner Remote Code Execution Harry Hoffman Re: SANS PHP Port Scanner Remote Code Execution laurent gaffie Re: rpi-update tmpfile vulnerability Larry W. Cashdollar USB Disk & File Transfer v1.3.1 - File Include Vulnerability Vulnerability Lab Re: SANS PHP Port Scanner Remote Code Execution Źmicier Januszkiewicz Re: SANS PHP Port Scanner Remote Code Execution Alexandre Teixeira Re: SANS PHP Port Scanner Remote Code Execution Benji [SECURITY] CVE-2013-0248 Apache Commons FileUpload - Insecure examples Mark Thomas Re: SANS PHP Port Scanner Remote Code Execution Benji Re: SANS PHP Port Scanner Remote Code Execution Ulisses Montenegro Get rid of french marketing spam Arnaud Jacques Re: SANS PHP Port Scanner Remote Code Execution Źmicier Januszkiewicz Re: SANS PHP Port Scanner Remote Code Execution Dan Ballance Re: SANS PHP Port Scanner Remote Code Execution Christian Sciberras Re: SANS PHP Port Scanner Remote Code Execution Ulisses Montenegro Re: Get rid of french marketing spam gremlin Re: SANS PHP Port Scanner Remote Code Execution Christian Sciberras Fwd: lame Michael Simpson OpenFabrics ibutils 1.5.7 /tmp clobbering vulnerability Larry W. Cashdollar [ MDVSA-2013:018 ] openssl security DDIVRT-2013-51 DALIM Dialog Server 'logfile' Local File Inclusion ddivulnalert
[ MDVSA-2013:019 ] gnutls security Re: Oracle Auto Service Request /tmp file clobbering vulnerability Larry W. Cashdollar Exploit for stealing admin's account in Question2Answer MustLive
Re: SANS PHP Port Scanner Remote Code Execution Andrew King Re: SANS PHP Port Scanner Remote Code Execution Christian Sciberras Re: SANS PHP Port Scanner Remote Code Execution adam Re: SANS PHP Port Scanner Remote Code Execution adam Re: SANS PHP Port Scanner Remote Code Execution Nick FitzGerald Re: SANS PHP Port Scanner Remote Code Execution Stefan Jon Silverman [ MDVSA-2013:020 ] wireshark security Results of a XSLT fuzzing effort Nicolas Grégoire [ MDVSA-2013:021 ] java-1.6.0-openjdk security SEC Consult SA-20130308-0 :: Multiple critical vulnerabilities in GroundWork Monitor Enterprise (part 1) SEC Consult Vulnerability Lab SEC Consult SA-20130308-1 :: Multiple vulnerabilities in GroundWork Monitor Enterprise (part 2) SEC Consult Vulnerability Lab Re: Results of a XSLT fuzzing effort antisnatchor Re: Results of a XSLT fuzzing effort Simeon Exploit for D-Link DAP 1150 MustLive
[SECURITY] [DSA 2642-1] sudo security update Michael Gilbert [SECURITY] [DSA 2641-1] perl security update Salvatore Bonaccorso
Multiple SQL Injection vulnerabilities in Disk Pool Manager (DPM) Adam Zabrocki CS and XSS vulnerabilities in SWFUpload MustLive
Host tracking in IPv6 (SI6 Networks' IPv6 toolkit v1.3.3) Fernando Gont [ISecAuditors Security Advisories] Reflected XSS in Asteriskguru Queue Statistics ISecAuditors Security Advisories SEC Consult SA-20130311-0 :: Persistent cross-site scripting in jforum SEC Consult Vulnerability Lab XSS Vulnerability in TinyMCE Justin C. Klein Keane CVE-2013-1763 Ubuntu 12.10 64bit Kacper Szczesniak Vulnerabilities in SWFUpload in multiple web applications: WordPress, Dotclear, InstantCMS, AionWeb and others MustLive
AirDrive HD 1.6 iPad iPhone - Multiple Web Vulnerabilities Vulnerability Lab Paypal Bug Bounty #19 - Persistent Web Vulnerability Vulnerability Lab Re: [oss-security] Multiple SQL Injection vulnerabilities in Disk Pool Manager (DPM) Kurt Seifried Announcing ChronIC - a wearable Sub-GHz RF hacking tool Adam Laurie Cam2pc BMP Image Processing Integer Overflow Vulnerability kaveh ghaemmaghami Ruby gem fastreader-1.0.8 remote code exec Larry W. Cashdollar MiniMagic ruby gem remote code execution Larry W. Cashdollar Curl Ruby Gem Remote command execution Larry W. Cashdollar
[SECURITY] [DSA 2643-1] puppet security update Yves-Alexis Perez ASUS RT-N66U multiple vulns sec [CVE-2013-1814] Apache Rave exposes User over API Matt Franklin Re: CVE-2013-1763 Ubuntu 12.10 64bit Thiébaud Weksteen SEC Consult SA-20130313-0 :: QlikView Desktop Client Integer Overflow SEC Consult Vulnerability Lab [ MDVSA-2013:022 ] openssh security [ MDVSA-2013:023 ] coreutils security [ MDVSA-2013:024 ] firefox security [Security-news] SA-CONTRIB-2013-034 - Node Parameter Control - Access Bypass security-news
Chrome Null Pointer in InspectDataSource::StartDataRequest Heyder Andrade FULL-DISCLOSURE Exclusive Henry Garrison List Charter John Cartwright [ MDVSA-2013:025 ] pidgin security [SECURITY] [DSA 2644-1] wireshark security update Moritz Muehlenhoff [SECURITY] [DSA 2640-1] zoneminder security update Salvatore Bonaccorso A few android security issues Jann Horn [SECURITY] [DSA 2645-1] inetutils security update Yves-Alexis Perez web app pentesting - short research survey kill my xss Petite Annonce v1 XSS Vulnerability metropolis haxor
Skype Click to Call Update Service local privilege escalation Oliver-Tobias Ripka DDIVRT-2013-50 EverFocus EPARA264-16X1 Directory Traversal ddivulnalert [SECURITY] [DSA 2647-1] firebird2.1 security update Moritz Muehlenhoff [SECURITY] [DSA 2648-1] firebird2.5 security update Moritz Muehlenhoff n.runs-SA-2013.001 - Polycom - Command Shell Grants System-Level Access security n.runs-SA-2013.002 - Polycom - Firmware Update Command Injection security n.runs-SA-2013.003 - Polycom - H.323 CDR Database SQL Injection security n.runs-SA-2013.004 - Polycom - H.323 Format String Vulnerability security
[SECURITY] [DSA 2646-1] typo3-src security update Yves-Alexis Perez [SECURITY] [DSA 2649-1] lighttpd security update Yves-Alexis Perez [SECURITY] [DSA 2650-1] libvirt-bin security update Yves-Alexis Perez Critical issue affecting EA Origin users ReVuln Re: n.runs-SA-2013.001 - Polycom - Command Shell Grants System-Level Access Julius Kivimäki 10 years of Hackers to Hackers Conference - Call for Papers Rodrigo Rubira Branco (BSDaemon)
"Data-Clone" -- a new way to attack android apps IEhrepus NOPcon 2013 - Call for paper - Istanbul , Turkey NOPcon Team Fake Applications in browser Roman Kümmel Re: "Data-Clone" -- a new way to attack android apps Jann Horn
Re: "Data-Clone" -- a new way to attack android apps IEhrepus Re: "Data-Clone" -- a new way to attack android apps IEhrepus [SECURITY] [DSA 2650-2] libvirt regression update Yves-Alexis Perez Re: n.runs-SA-2013.001 - Polycom - Command Shell Grants System-Level Access some one Port scanning /0 using insecure embedded devices internet census [SE-2012-01] The "allowed behavior" in Java SE 7 (Issue 54) Security Explorations [ MDVSA-2013:026 ] sudo security [ MDVSA-2013:027 ] clamav security [ MDVSA-2013:028 ] nagios security Cisco Security Response: Cisco IOS and Cisco IOS XE Type 4 Passwords Issue Cisco Systems Product Security Incident Response Team iKAT 2013 Release - Interactive Kiosk Attack Tool Paul Craig Re: Vulnerabilities in SWFUpload in multiple web applications: WordPress, Dotclear, InstantCMS, AionWeb and others Henri Salo [CVE-2013-2294] Multiple Cross Site Scripting (XSS) vulnerabilities in ViewGit Matthew Bucci Remote command execution in Ruby Gem Command Wrap larry Cashdollar
[waraxe-2013-SA#098] - Directory Traversal Vulnerabilities in OpenCart 1.5.5.1 Janek Vind [IA49] Photodex ProShow Producer v5.0.3310 ScsiAccess Local Privilege Escalation Inshell Security Re: Port scanning /0 using insecure embedded devices Jeffrey Walton Owning Samsung Android devices Roberto Paleari Re: Owning Samsung Android devices Jeffrey Walton
CA20130319-01: Security Notice for SiteMinder products using SAML Kotas, Kevin J Deutsche Post Security Cup 2013 Juergen.Pabel Re: Deutsche Post Security Cup 2013 Harry Behrens Re: Deutsche Post Security Cup 2013 Hurgel Bumpf Re: Deutsche Post Security Cup 2013 Daniel Preussker Re: Deutsche Post Security Cup 2013 Benji CVE-2013-186y: tokend (Apple, Gemalto) - privacy leak & arbitrary file creation (OSX, All versions) Dirk-Willem van Gulik CVE-2013-1866: OpenSC.tokend - privacy leak & arbitrary file creation (OSX, All versions) Dirk-Willem van Gulik CVE-2013-1867: tokend (Apple, Gemalto) - privacy leak & arbitrary file creation (OSX, All versions) Dirk-Willem van Gulik Re: Deutsche Post Security Cup 2013 Juergen.Pabel Re: Deutsche Post Security Cup 2013 Daniel Preussker [SECURITY] [DSA 2641-2] libapache2-mod-perl2 update related to DSA 2641-1 Salvatore Bonaccorso [Security-news] SA-CONTRIB-2013-035 - Views - Cross Site Scripting (XSS) security-news
New WinCC/TIA Porta vulns/fixes scadastrangelove [SECURITY] [DSA 2651-1] smokeping security update Salvatore Bonaccorso [SE-2011-01] PoC code for digital SAT TV research released Security Explorations PHDays Call For Papers Initiates Its Second Stage PHD [waraxe-2013-SA#099] - Update Spoofing Vulnerability in LibreOffice 4.0.1.2 Janek Vind Re: Deutsche Post Security Cup 2013 Alex Re: Deutsche Post Security Cup 2013 Hurgel Bumpf CFP (Extended Deadline) : S.I. on Intrusion Detection and Security Mechanisms for WSNs Jaime Lloret Mauri
Re: Port scanning /0 using insecure embedded devices Valdis . Kletnieks DC4420 - London DEFCON - March meet - Tuesday 26th March 2013 Major Malfunction
Great read for the Australians Jody Melbourne (HackLabs)
JAOW 2.4.8 XSS Vulnerability metropolis haxor Backupbuddy wordpress plugin - sensitive data exposure in importbuddy.php Rob Armstrong XSS vulnerabilities in ZeroClipboard and multiple web applications MustLive
Book announcement: Los 27 Controles Criticos de Seguridad Informática (Spanish) sergio XSS vulnerability on WP-Banners-Lite (wordpress plugin) Fernando A. Lagos B. Re: [DC4420] DC4420 - London DEFCON - March meet - Tuesday 26th March 2013 Paul Dart Fwd: Remote command injection vulnerability in Rosewill RSVA11001 (Hi3515 based) Eric Urban Re: Fwd: Remote command injection vulnerability in Rosewill RSVA11001 (Hi3515 based) Henri Salo Re: XSS vulnerability on WP-Banners-Lite (wordpress plugin) Henri Salo Re: Fwd: Remote command injection vulnerability in Rosewill RSVA11001 (Hi3515 based) Eric Urban
[SECURITY] [DSA 2652-1] libxml2 security update Michael Gilbert [ISecAuditors Security Advisories] CSRF vulnerability in LinkedIn ISecAuditors Security Advisories [ISecAuditors Security Advisories] Multiple Reflected XSS vulnerabilities in LinkedIn Investors ISecAuditors Security Advisories Ruby gem Thumbshooter 0.1.5 remote command execution Larry W. Cashdollar Multiple XSS vulnerabilities in IBM Lotus Domino MustLive [SECURITY] [DSA 2653-1] icinga security update Florian Weimer
Justice for Molly (cops killing civillians) Jerry dePriest Re: Port scanning /0 using insecure embedded devices Stefan Jon Silverman Fw: Justice for Molly (cops killing civillians) Jerry dePriest Fw: Fw: Justice for Molly (cops killing civillians) Jerry dePriest reward Jerry dePriest Re: Justice for Molly (cops killing civillians) Bryan Baldwin Re: Justice for Molly (cops killing civillians) Gregory Boddin [ISecAuditors Security Advisories] Reflected XSS in Atmail WebMail <= v7.0.2 ISecAuditors Security Advisories Fw: Justice for Molly (cops killing civillians) Jerry dePriest Cisco Security Advisory: Cisco IOS Software Resource Reservation Protocol Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team Cisco Security Advisory: Cisco IOS Software Zone-Based Policy Firewall Session Initiation Protocol Inspection Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team Cisco Security Advisory: Cisco IOS Software IP Service Level Agreement Vulnerability Cisco Systems Product Security Incident Response Team Cisco Security Advisory: Cisco IOS Software Protocol Translation Vulnerability Cisco Systems Product Security Incident Response Team Cisco Security Advisory: Cisco IOS Software Internet Key Exchange Vulnerability Cisco Systems Product Security Incident Response Team Cisco Security Advisory: Cisco IOS Software Network Address Translation Vulnerability Cisco Systems Product Security Incident Response Team Cisco Security Advisory: Cisco IOS Software Smart Install Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team winAUTOPWN v3.4 Released - Completing 4 years !! QUAKER DOOMER AST-2013-001: Buffer Overflow Exploit Through SIP SDP Header Asterisk Security Team AST-2013-002: Denial of Service in HTTP server Asterisk Security Team AST-2013-003: Username disclosure in SIP channel driver Asterisk Security Team [Security-news] SA-CONTRIB-2013-036 - Zero Point - Cross Site Scripting (XSS) security-news [Security-news] SA-CONTRIB-2013-038 - Commons Groups - Access bypass & Privilege escalation security-news [Security-news] SA-CONTRIB-2013-037 - Rules - Cross Site Scripting (XSS) security-news [Security-news] SA-CONTRIB-2013-039 - Commons Wikis - Access bypass & Privilege escalation security-news Re: Port scanning /0 using insecure embedded devices Gage Bystrom On the impact of CVE-2013-2266 (BIND9) Daniel Franke
Re: Fw: Justice for Molly (cops killing civillians) Bryan Baldwin [SECURITY] [DSA 2655-1] rails security update Moritz Muehlenhoff Paypal Bug Bounty #5 - Persistent Web Vulnerability Vulnerability Lab Paypal Bug Bounty #46 - Persistent Web Vulnerability Vulnerability Lab MailOrderWorks v5.907 - Multiple Web Vulnerabilities Vulnerability Lab Re: On the impact of CVE-2013-2266 (BIND9) Jeff Wright
Fw: Fw: Justice for Molly (cops killingcivillians) Jerry dePriest Re: Fw: Fw: Justice for Molly (cops killingcivillians) Gary Baribault Re: Fw: Fw: Justice for Molly (cops killingcivillians) Jeffrey Walton Fw: Fw: Fw: Justice for Molly (cops killingcivillians) Jerry dePriest Re: petition to remove Aaron Swartz prosecutor Jerry dePriest Fw: (no subject) Jerry dePriest Fw: Fw: News Delivery Report (Failure) Jerry dePriest Re: petition to remove Aaron Swartz prosecutor Jeffrey Walton [waraxe-2013-SA#100] - Update Spoofing Vulnerability in mRemote 1.50 Janek Vind [waraxe-2013-SA#101] - Update Spoofing Vulnerability in Royal TS 2.1 Janek Vind Re: Fw: (no subject) Benji Re: Fw: Fw: News Delivery Report (Failure) Benji Re: petition to remove Aaron Swartz prosecutor Steve Wray Fw: [waraxe-2013-SA#101] - Update SpoofingVulnerability in Royal TS 2.1 Jerry dePriest Re: petition to remove Aaron Swartz prosecutor Jeffrey Walton Fw: petition to remove Aaron Swartz prosecutor Jerry dePriest Re: Fw: Fw: Fw: Justice for Molly (cops killingcivillians) Gage Bystrom Re: Fw: Fw: Fw: Justice for Molly (copskillingcivillians) Jerry dePriest Re: Fw: petition to remove Aaron Swartz prosecutor Gage Bystrom Re: Fw: Fw: Fw: Justice for Molly (copskillingcivillians) Gage Bystrom Re: Fw: Fw: Fw: Justice for Molly (copskillingcivillians) Benji Donkey Kick Exploit Daniel Sichel Re: Donkey Kick Exploit Ian Hayes Crossbow, a lightweight, cross-platform exploit development framework. Zachary Cutlip
Re: Fw: Fw: Justice for Molly (cops killingcivillians) Bryan Baldwin Re: Fw: Fw: Justice for Molly (cops killingcivillians) Bryan Baldwin Re: Fw: Fw: Justice for Molly (cops killingcivillians) Daniel Preußker Re: Fw: Fw: Fw: Justice for Molly (copskillingcivillians) Philip Whitehouse [SECURITY] [DSA 2656-1] bind9 security update Salvatore Bonaccorso WP FuneralPress - Stored XSS in Guestbook Rob Armstrong Re: Fw: Fw: Fw: Justice for Molly (copskillingcivillians) Michael T
Re: Fw: Fw: Fw: Justice for Molly(copskillingcivillians) Jerry dePriest Re: Fw: Fw: Fw: Justice for Molly(copskillingcivillians) Gage Bystrom Re: WP FuneralPress - Stored XSS in Guestbook Henri Salo Re: WP FuneralPress - Stored XSS in Guestbook Henri Salo Re: WP FuneralPress - Stored XSS in Guestbook Peter Westwood AUTO: Roee Hay is on vacation (returning 10/04/2013) Roee Hay
RSS Feed
About List
All Lists
Previous period