Home page logo
/

227 messages starting May 17 13 and ending May 21 13
Date index | Thread index | Author index

Alex

Re: On Skype URL eavesdropping Alex (May 17)

Alexander Georgiev

Re: My ISP is routing traffic to private addresses... Alexander Georgiev (May 18)
Re: My ISP is routing traffic to private addresses... Alexander Georgiev (May 20)

Amplia Security Research

Windows Credentials Editor (WCE) v1.4beta (x32/x64/universal) release Amplia Security Research (May 31)

Andre Helwig

Re: PayPal.com XSS Vulnerability Andre Helwig (May 29)

Anthony G. Basile

No Directory Traversal Vulnerability in sthttpd Anthony G. Basile (May 31)

Arturo Filastò

GlobaLeaks 0.2 Alpha (herMario edition) released! Arturo Filastò (May 10)

Brian Blankenship

Re: exploitation ideas under memory pressure Brian Blankenship (May 22)

Bruce Ediger

Re: On Skype URL eavesdropping Bruce Ediger (May 17)

c0c0n International Information Security Conference

c0c0n 2013 CFP - Extended Deadline: 9 June, 2013 c0c0n International Information Security Conference (May 27)

Carlos Pantelides

Re: Pentesting Distributions or Projects for Raspberry Pi Carlos Pantelides (May 23)

Carl \"Thomas\" Guething

Re: My ISP is routing traffic to private addresses... Carl \"Thomas\" Guething (May 17)

cfp

Breakpoint 2013 Call For Papers cfp (May 01)
Ruxcon 2013 Call For Papers cfp (May 07)

Cisco Systems Product Security Incident Response Team

[2.0 Update] Cisco Security Advisory: Cisco Prime Data Center Network Manager Remote Command Execution Vulnerability Cisco Systems Product Security Incident Response Team (May 08)
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified Customer Voice Portal Software Cisco Systems Product Security Incident Response Team (May 08)
Cisco Security Advisory: Cisco TelePresence Supervisor MSE 8050 Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (May 15)

CORE Security Technologies Advisories

CORE-2013-0302 - Zavio IP Cameras multiple vulnerabilities CORE Security Technologies Advisories (May 28)
CORE-2013-0322 - MayGion IP Cameras multiple vulnerabilities CORE Security Technologies Advisories (May 28)
CORE-2013-0318 - TP-Link IP Cameras Multiple Vulnerabilities CORE Security Technologies Advisories (May 28)

Dan Dart

Re: My ISP is routing traffic to private addresses... Dan Dart (May 18)

Daniela Hermina

Re: Sony PS3 Firmware v4.31 - Code Execution Vulnerability Daniela Hermina (May 27)

Daniel Preussker

Re: PayPal.com XSS Vulnerability Daniel Preussker (May 30)

Daniël W . Crompton

Re: PayPal.com XSS Vulnerability Daniël W . Crompton (May 28)

Dan Kaminsky

Re: Using CSS :visited to steal your history (again, zzzz...) Dan Kaminsky (May 06)
Re: PayPal.com XSS Vulnerability Dan Kaminsky (May 28)

dann frazier

[SECURITY] [DSA 2668-1] linux-2.6 security update dann frazier (May 15)
[SECURITY] [DSA 2669-1] linux security update dann frazier (May 16)

David Tapia

XSS in images.samsung.com David Tapia (May 31)

ddivulnalert

DDIVRT-2013-53 Actuate 'ActuateJavaComponent' Multiple Vulnerabilities ddivulnalert (May 10)

Drew Calcott

Security-Assessment.com Advisory: Gallery Server Pro File Upload Filter Bypass Drew Calcott (May 14)

Eric Freyssinet

[Botconf] Botconf announcement and CFP reminder Eric Freyssinet (May 11)

ESNC Security

[ESNC-2013-005] Remote Code Injection in SAP ERP Central Component - Project System ESNC Security (May 07)

F. Duchene

GreHack 2013 - Call For Papers - November 15, Grenoble, France F. Duchene (May 14)

Felipe Manzano

CVE-2013-3662 - Sketchup MAC Pict Material Palette Stack Corruption Felipe Manzano (May 31)
CVE-2013-3663 - SketchUp BMP RLE8 Heap Overflow Felipe Manzano (May 31)
CVE-2013-3664 - Sketchup Multiple Vulnerabilities Felipe Manzano (May 31)

Fernando Gont

Revision of "IPv6 Stable Privacy Addresses" (Fwd: I-D Action: draft-ietf-6man-stable-privacy-addresses-07.txt) Fernando Gont (May 19)

Florian Weimer

Re: Q: CVE Database with Programming Language and Failure Classification? Florian Weimer (May 15)
[SECURITY] [DSA 2672-1] kfreebsd-9 security update Florian Weimer (May 22)
[SECURITY] [DSA 2697-1] gnutls26 security update Florian Weimer (May 29)

Gary Baribault

Re: My ISP is routing traffic to private addresses... Gary Baribault (May 17)
Re: My ISP is routing traffic to private addresses... Gary Baribault (May 17)
Re: My ISP is routing traffic to private addresses... Gary Baribault (May 17)
Re: My ISP is routing traffic to private addresses... Gary Baribault (May 18)
Re: My ISP is routing traffic to private addresses... Gary Baribault (May 18)

Gary Driggs

Re: Sony PS3 Firmware v4.31 - Code Execution Vulnerability Gary Driggs (May 24)

Georgi Guninski

OT bait on freelancer.com about md5 preimage Georgi Guninski (May 10)

Giuseppe Iuculano

[SECURITY] [DSA 2696-1] otrs2 security update Giuseppe Iuculano (May 29)

Ground Zero

Open challenge to Design the logo for Ground Zero Summit Ground Zero (May 24)

Hack The Planet

HTP5 ezine released Hack The Planet (May 07)

Hafez Kamal

[HITB-Announce] #HITB2013KUL Call for Papers Hafez Kamal (May 01)
[HITB-Announce] HITB Magazine Issue 010 Hafez Kamal (May 14)

halfdog

Interesting referrer URLs when accessing vulnerability disclosure information halfdog (May 19)

illwill

Re: Vulnerabilities in VideoJS illwill (May 08)

Jakub Zoczek

Re: Paypal Bug Bounty #31 - Mail Encoding Web Vulnerability Jakub Zoczek (May 12)

James Condron

Re: PayPal.com XSS Vulnerability James Condron (May 29)
Re: PayPal.com XSS Vulnerability James Condron (May 29)

Janek Vind

[waraxe-2013-SA#105] - Multiple Vulnerabilities in Spider Catalog Wordpress Plugin Janek Vind (May 23)
[waraxe-2013-SA#104] - Multiple Vulnerabilities in Spider Event Calendar Wordpress Plugin Janek Vind (May 23)

Jann Horn

Trying to send mail to Broadcom Jann Horn (May 03)
little proof-of-concept for remote traffic statistics using the IP ID field Jann Horn (May 23)

Jay Turla

Pentesting Distributions or Projects for Raspberry Pi Jay Turla (May 22)
Re: Pentesting Distributions or Projects for Raspberry Pi Jay Turla (May 23)

Jeffrey Walton

Q: CVE Database with Programming Language and Failure Classification? Jeffrey Walton (May 14)
Re: On Skype URL eavesdropping Jeffrey Walton (May 16)
Re: PayPal.com XSS Vulnerability Jeffrey Walton (May 27)
Re: PayPal.com XSS Vulnerability Jeffrey Walton (May 28)
Re: PayPal.com XSS Vulnerability Jeffrey Walton (May 28)
Re: PayPal.com XSS Vulnerability Jeffrey Walton (May 29)
Re: PayPal.com XSS Vulnerability Jeffrey Walton (May 29)

John Cartwright

List Charter John Cartwright (May 08)

John JEAN

IPB (Invision Power Board) all versions (1.x? / 2.x / 3.x) Admin account Takeover leading to code execution John JEAN (May 13)

John Parker

13 more XSS on Paypal John Parker (May 28)

Josh Thompson

Apache VCL improper input validation Josh Thompson (May 06)

Joshua Zukerman

Re: My ISP is routing traffic to private addresses... Joshua Zukerman (May 17)

Juan Pablo Daniel

Call For Papers - ekoparty security conference 2013 Juan Pablo Daniel (May 31)

Julius Kivimäki

Re: My ISP is routing traffic to private addresses... Julius Kivimäki (May 17)
Re: Sony PS3 Firmware v4.31 - Code Execution Vulnerability Julius Kivimäki (May 22)
Re: Sony PS3 Firmware v4.31 - Code Execution Vulnerability Julius Kivimäki (May 23)
Re: Sony PS3 Firmware v4.31 - Code Execution Vulnerability Julius Kivimäki (May 25)
Re: PayPal.com XSS Vulnerability Julius Kivimäki (May 29)

Justin Case

CVE-2013-3666 - LG Optimus G command injection (as system user) vulnerability Justin Case (May 25)

Justin Elze

Re: My ISP is routing traffic to private addresses... Justin Elze (May 17)
Re: My ISP is routing traffic to private addresses... Justin Elze (May 18)

Kirils Solovjovs

On Skype URL eavesdropping Kirils Solovjovs (May 16)
Re: My ISP is routing traffic to private addresses... Kirils Solovjovs (May 18)
Re: PayPal.com XSS Vulnerability Kirils Solovjovs (May 28)
Re: PayPal.com XSS Vulnerability Kirils Solovjovs (May 28)

Kotas, Kevin J

CA20130528-01: Security Notice for CA Process Automation (CA PAM) Kotas, Kevin J (May 28)

kyle kemmerer

My ISP is routing traffic to private addresses... kyle kemmerer (May 17)

Larry W. Cashdollar

Remote command Injection in Creme Fraiche 0.6 Ruby Gem Larry W. Cashdollar (May 14)
Show In Browser 0.0.3 Ruby Gem /tmp file injection vulnerability Larry W. Cashdollar (May 24)

Lukasz Lenart

[ANN] Struts 2.3.14.1 GA (fast track | security) Lukasz Lenart (May 23)

Mario Vilas

Re: SEC Consult SA-20130507-0 :: Multiple vulnerabilities in NetApp OnCommand System Manager Mario Vilas (May 07)

Mark Thomas

CVE-2013-2071 Request mix-up if AsyncListener method throws RuntimeException Mark Thomas (May 10)
[SECURITY] CVE-2013-2067 Session fixation with FORM authenticator Mark Thomas (May 10)
[SECURITY] CVE-2012-3544 Chunked transfer encoding extension size is not limited Mark Thomas (May 10)

metropolis haxor

Thttpd 2.25b Directory Traversal Vulnerability metropolis haxor (May 20)

mezgani ali

Re: My ISP is routing traffic to private addresses... mezgani ali (May 17)

Michael Gilbert

[SECURITY] [DSA 2695-1] chromium-browser security update Michael Gilbert (May 29)

Michal Zalewski

Using CSS :visited to steal your history (again, zzzz...) Michal Zalewski (May 06)
Re: Paypal Bug Bounty #31 - Mail Encoding Web Vulnerability Michal Zalewski (May 12)

Milan Berger

Re: Sony PS3 Firmware v4.31 - Code Execution Vulnerability Milan Berger (May 22)

Moritz Muehlenhoff

[SECURITY] [DSA 2667-1] mysql-5.5 security update Moritz Muehlenhoff (May 12)
[SECURITY] [DSA 2677-1] libxrender security update Moritz Muehlenhoff (May 23)
[SECURITY] [DSA 2678-1] mesa security update Moritz Muehlenhoff (May 23)
[SECURITY] [DSA 2679-1] xserver-xorg-video-openchrome security update Moritz Muehlenhoff (May 23)
[SECURITY] [DSA 2680-1] libxt security update Moritz Muehlenhoff (May 23)
[SECURITY] [DSA 2681-1] libxcursor security update Moritz Muehlenhoff (May 23)
[SECURITY] [DSA 2682-1] libxext security update Moritz Muehlenhoff (May 23)
[SECURITY] [DSA 2683-1] libxi security update Moritz Muehlenhoff (May 23)
[SECURITY] [DSA 2684-1] libxrandr security update Moritz Muehlenhoff (May 23)
[SECURITY] [DSA 2685-1] libxp security update Moritz Muehlenhoff (May 23)
[SECURITY] [DSA 2686-1] libxcb security update Moritz Muehlenhoff (May 23)
[SECURITY] [DSA 2687-1] libfs security update Moritz Muehlenhoff (May 23)
[SECURITY] [DSA 2688-1] libxres security update Moritz Muehlenhoff (May 23)
[SECURITY] [DSA 2689-1] libxtst security update Moritz Muehlenhoff (May 23)
[SECURITY] [DSA 2676-1] libxfixes security update Moritz Muehlenhoff (May 23)
[SECURITY] [DSA 2675-1] libxvmc security update Moritz Muehlenhoff (May 23)
[SECURITY] [DSA 2674-1] libxv security update Moritz Muehlenhoff (May 23)
[SECURITY] [DSA 2673-1] libdmx security update Moritz Muehlenhoff (May 23)
[SECURITY] [DSA 2690-1] libxxf86dga security update Moritz Muehlenhoff (May 23)
[SECURITY] [DSA 2691-1] libxinerama security update Moritz Muehlenhoff (May 23)
[SECURITY] [DSA 2692-1] libxxf86vm security update Moritz Muehlenhoff (May 23)

MustLive

XSS vulnerability in JW Player and JW Player Pro MustLive (May 05)
Vulnerabilities in VideoJS MustLive (May 06)
Vulnerabilities in multiple web applications with VideoJS MustLive (May 08)
XSS and FPD vulnerabilities in Search and Share for WordPress MustLive (May 12)
Vulnerabilities in multiple plugins for WordPress with VideoJS MustLive (May 14)
Multiple vulnerabilities in multiple themes for WordPress with VideoJS MustLive (May 16)
AFU vulnerabilities in MCFileManager for TinyMCE MustLive (May 18)
AFU vulnerabilities in MCImageManager for TinyMCE MustLive (May 19)
XSS and FPD vulnerabilities in I Love It New theme for WordPress MustLive (May 23)
Multiple vulnerabilities in aCMS MustLive (May 25)
Backdoor scanners testing MustLive (May 27)
FPD and Security bypass vulnerabilities in Exploit Scanner for WordPress MustLive (May 29)

Parth Shukla

Analysis of the Carna Botnet (Internet Census 2012) Parth Shukla (May 24)

Patrick Webster

Re: Forticlient VPN client credential interception vulnerability Patrick Webster (May 02)
Re: My ISP is routing traffic to private addresses... Patrick Webster (May 20)

PHD

Take Part in Positive Hack Days in Any Part of the World PHD (May 16)

Philippe oechslin

Forticlient VPN client credential interception vulnerability Philippe oechslin (May 01)

Rahul T

Indusface Website Hacked and Infected? Rahul T (May 15)

Raphael Geissert

[SECURITY] [DSA 2693-1] libx11 security update Raphael Geissert (May 25)

RedTeam Pentesting GmbH

[RT-SA-2013-001] Advisory: Exim with Dovecot: Typical Misconfiguration Leads to Remote Command Execution RedTeam Pentesting GmbH (May 03)

Rene Gielen

[CVE-2013-2115] Struts 2.3.14.2 GA (important security fix) Rene Gielen (May 27)

ReVuln

Critical issues affecting multiple game engines ReVuln (May 20)

Robert Kugler

PayPal.com XSS Vulnerability Robert Kugler (May 25)
Re: PayPal.com XSS Vulnerability Robert Kugler (May 27)
Re: PayPal.com XSS Vulnerability Robert Kugler (May 28)
Re: PayPal.com XSS Vulnerability Robert Kugler (May 29)

Ron Yount

Re: [ESNC-2013-005] Remote Code Injection in SAP ERP Central Component - Project System Ron Yount (May 08)
Re: Vulnerabilities in VideoJS Ron Yount (May 08)
Unscribe Ron Yount (May 08)

run run level

AlienVault OSSIM multiple SQL Injection vulnerabilities run run level (May 08)

Salvatore Bonaccorso

[SECURITY] [DSA 2664-1] stunnel4 security update Salvatore Bonaccorso (May 02)
[SECURITY] [DSA 2666-1] xen security update Salvatore Bonaccorso (May 12)
[SECURITY] [DSA 2670-1] request-tracker3.8 security update Salvatore Bonaccorso (May 22)
[SECURITY] [DSA 2671-1] request-tracker4 security update Salvatore Bonaccorso (May 22)
[SECURITY] [DSA 2694-1] spip security update Salvatore Bonaccorso (May 26)

scadastrangelove

SCADA StrangeLove @Positive Hack Days scadastrangelove (May 28)

sd

Re: exploitation ideas under memory pressure sd (May 21)
Question on SMBRelay through Meterpreter sd (May 23)

sec

Re: My ISP is routing traffic to private addresses... sec (May 17)
Re: My ISP is routing traffic to private addresses... sec (May 17)

SEC Consult Vulnerability Lab

SEC Consult SA-20130507-0 :: Multiple vulnerabilities in NetApp OnCommand System Manager SEC Consult Vulnerability Lab (May 07)
SEC Consult SA-20130523-0 :: JavaScript Execution in IBM WebSphere DataPower Services SEC Consult Vulnerability Lab (May 23)
SEC Consult whitepaper :: Blackberry Z10 Research Primer - "Dissecting Blackberry 10 - An initial analysis" SEC Consult Vulnerability Lab (May 23)

security

[ MDVSA-2013:160 ] phpmyadmin security (May 03)
[ MDVSA-2013:161 ] java-1.7.0-openjdk security (May 06)
[ MDVSA-2013:162 ] glibc security (May 07)
[ MDVSA-2013:163 ] glibc security (May 07)
[ MDVSA-2013:164 ] mesa security (May 13)
[ MDVSA-2013:165 ] firefox security (May 15)
[ MDVSA-2013:166 ] krb5 security (May 21)
[ MDVSA-2013:167 ] openvpn security (May 27)
[ MDVSA-2013:168 ] python-httplib2 security (May 27)
[ MDVSA-2013:169 ] socat security (May 29)
[ MDVSA-2013:170 ] socat security (May 29)
[ MDVSA-2013:171 ] gnutls security (May 30)

Security Explorations

[SE-2012-01] New security vulnerabilities and broken fixes in IBM Java Security Explorations (May 06)

security-news

[Security-news] SA-CONTRIB-2013-046 - Filebrowser - Reflected Cross Site Scripting (XSS) security-news (May 01)
[Security-news] SA-CONTRIB-2013-047 - Google Authenticator login - Access Bypass security-news (May 15)
[Security-news] SA-CONTRIB-2013-048 - Edit Limit - Access Bypass security-news (May 29)
[Security-news] SA-CONTRIB-2013-049 - Node access user reference - Access Bypass security-news (May 29)
[Security-news] SA-CONTRIB-2013-050 - Webform - Cross Site Scripting (XSS) security-news (May 30)

Shakacon

Shakacon V Speaker Selections Shakacon (May 24)

Shubham Shah

PayPal Bug Bounty Controversy - I found the XSS first: They still didn't pay me Shubham Shah (May 29)

Sławomir Jabs

CONFidence - May, 28-29, Krakow, Poland - a conference adventure that never stops! Sławomir Jabs (May 17)

Stefan Kanthak

Vulnerability in Microsoft Security Essentials <v4.2 Stefan Kanthak (May 04)
Vulnerabilities in Windows 8 Professional x64 factory preinstallation of Fujitsu Lifebook A512 Stefan Kanthak (May 06)
VULNERABLE and COMPLETELY outdated 3rd-party libraries/components used in 3CX Phone 6 Stefan Kanthak (May 06)
VULNERABLE and COMPLETELY outdated 3rd-party libraries/components used in 3CX Phone System 11 Stefan Kanthak (May 06)
Vulnerability in "Fujitsu Desktop Update" (for Windows) Stefan Kanthak (May 08)
Re: Vulnerabilities in Windows 8 Professional x64 factory preinstallation of Fujitsu Lifebook A512 [continued] Stefan Kanthak (May 08)
Defense in depth -- the Microsoft way Stefan Kanthak (May 20)

Stefan Schurtz

www.netcraft.com - "Search Form" Cross-site Scripting vulnerability Stefan Schurtz (May 14)

Tavis Ormandy

exploitation ideas under memory pressure Tavis Ormandy (May 17)
Re: exploitation ideas under memory pressure Tavis Ormandy (May 18)
Re: exploitation ideas under memory pressure Tavis Ormandy (May 20)

Terrence

Re: PayPal.com XSS Vulnerability Terrence (May 28)

Thierry Zoller

Re: Forticlient VPN client credential interception vulnerability Thierry Zoller (May 01)

Thijs Kinkhorst

[SECURITY] [DSA 2675-2] libxvmc regression update Thijs Kinkhorst (May 25)

Tony Naggs

Re: Trying to send mail to Broadcom Tony Naggs (May 27)
DC4420 - London DEFCON - May meet - Tuesday 28th May 2013 Tony Naggs (May 27)
DC4420 - London DEFCON - May meet - Tuesday 28th May 2013 Tony Naggs (May 27)

Valdis . Kletnieks

Re: OT bait on freelancer.com about md5 preimage Valdis . Kletnieks (May 10)

Vulnerability Lab

Paypal Bug Bounty #31 - Mail Encoding Web Vulnerability Vulnerability Lab (May 12)
Wireless Disk PRO v2.3 iOS - Multiple Web Vulnerabilities Vulnerability Lab (May 12)
Wifi Photo Transfer 2.1 & 1.1 PRO - Multiple Vulnerabilities Vulnerability Lab (May 12)
Wifi Album v1.47 iOS - Command Injection Vulnerability Vulnerability Lab (May 12)
Wireless Photo Access 1.0.10 iOS - Multiple Vulnerabilities Vulnerability Lab (May 12)
SimpleTransfer 2.2.1 - Command Injection Vulnerabilities Vulnerability Lab (May 12)
File Lite 3.3 & 3.5 PRO iOS - Multiple Web Vulnerabilities Vulnerability Lab (May 12)
Trend Micro DirectPass 1.5.0.1060 (Cloud) Software - Multiple Software Vulnerabilities Vulnerability Lab (May 20)
Sony PS3 Firmware v4.31 - Code Execution Vulnerability Vulnerability Lab (May 20)
PayPal Bug Bounty #78 FR - Remote SQL Injection Vulnerability Vulnerability Lab (May 27)
Re: Sony PS3 Firmware v4.31 - Code Execution Vulnerability Vulnerability Lab (May 27)
Barracuda SSL VPN 680 2.2.2.203 - Redirect Web Vulnerability Vulnerability Lab (May 27)
Re: PayPal.com XSS Vulnerability Vulnerability Lab (May 29)
Barracuda SSL VPN 680 2.2.2.203 - Redirect Vulnerability Vulnerability Lab (May 29)

wac

Introducing libOnionRoute, the library to anonymize software wac (May 06)

You Got Pwned

Re: exploitation ideas under memory pressure You Got Pwned (May 22)

Zachary Cutlip

Re: PayPal.com XSS Vulnerability Zachary Cutlip (May 28)

Źmicier Januszkiewicz

Re: PayPal.com XSS Vulnerability Źmicier Januszkiewicz (May 29)
Re: PayPal.com XSS Vulnerability Źmicier Januszkiewicz (May 29)

Максим Чудаков

CVE-2013-3496. Local privilege escalation vulnerability in Infotecs products (ViPNet Client\Coordinator, SafeDisk, Personal Firewall) Максим Чудаков (May 21)
Previous period Next period
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault