Home page logo
/

222 messages starting Nov 01 13 and ending Nov 30 13
Date index | Thread index | Author index

Friday, 01 November

coderman's keys coderman
Re: coderman's keys coderman
Re: ASUS RT-N13U Unsecured Telnet on LAN and WAN Rob Whitney
[Article] The Internal of Reloc .text x90c
How to take advantage of Chrome autofill feature to get sensitive information vulns () 11paths com
[SECURITY] [DSA 2789-1] strongswan security update Yves-Alexis Perez
Re: [cryptography] coderman's keys Natanael
Re: [cryptography] coderman's keys Julian Silden Langlo
Re: [cryptography] coderman's keys Rob Whitney
[CVE-2013-5726] - Tweetbot for iOS and Mac user disclosure/privacy issue Guillaume Ross
Re: [cryptography] coderman's keys Michael Hallgren
Re: [cryptography] coderman's keys Jeffrey Goldberg
pdirl PHP Directory Listing 1.0.4 - Cross Site Scripting Web Vulnerabilities Vulnerability Lab

Saturday, 02 November

[SECURITY] [DSA 2790-1] nss security update Salvatore Bonaccorso
XXE Injection in Spring Framework MustLive

Sunday, 03 November

Case Study: CVE-2010-0436 KDE TOCTTOU vulnerability x90c
Hack.LU 2013 CTF Wannabe challenge writeup Arne Swinnen
HOTBOX Multiple Vulnerabilities Oz
Re: [cryptography] coderman's keys Pedro Worcel
Defense in depth -- the Microsoft way (part 13): surprising and inconsistent behaviour, sloppy coding, sloppy QA, sloppy documentation Stefan Kanthak
Re: Defense in depth -- the Microsoft way (part 13): surprising and inconsistent behaviour, sloppy coding, sloppy QA, sloppy documentation Mario Vilas
Re: [cryptography] coderman's keys Daniël W . Crompton
Re: Defense in depth -- the Microsoft way (part 13): surprising and inconsistent behaviour, sloppy coding, sloppy QA, sloppy documentation Stefan Kanthak

Monday, 04 November

XADV-2013003 Linux Kernel eCryptfs write_tag_3_packet Heap Buffer Overflow Vulnerability x90c
XADV-2013003 Linux Kernel eCryptfs write_tag_3_packet Heap Buffer Overflow Vulnerability x90c
[SECURITY] [DSA 2791-1] tryton-client security update Florian Weimer
Power of Community 2013 special releases of ICS/SCADA toolkit scadastrangelove
Re: [cryptography] coderman's keys Daniel Llewellyn
Re: [cryptography] coderman's keys Daniel Llewellyn
[SECURITY] [DSA 2792-1] wireshark security update Salvatore Bonaccorso
XSS and FPD vulnerabilities in LBG Zoom In/Out Effect Slider for WordPress MustLive

Tuesday, 05 November

Re: XXE Injection in Spring Framework /-\\\\ndrew /\\//ady
Re: ASUS RT-N13U Unsecured Telnet on LAN and WAN Shelby Spencer
Re: XXE Injection in Spring Framework Mark Thomas
[ISecAuditors Security Advisories] SQL Injection vulnerability in "Project'Or RIA" allow arbitrary access to the database and the file system ISecAuditors Security Advisories
[ISecAuditors Security Advisories] Multiple XSS vulnerabilities in "Project'Or RIA" ISecAuditors Security Advisories
Geox fails.. pr0n4h4x
[ISecAuditors Security Advisories] LinkedIn social network is affected by Persistent Cross-Site Scripting vulnerability ISecAuditors Security Advisories
[SOJOBO-ADV-13-03] - Wordpress pl ugin Gallery Bank 2.0.19 Reflected Cross Site Scripting advisories
Re: Geox fails.. Alex
CORE-2013-0704 - Vivotek IP Cameras RTSP Authentication Bypass CORE Advisories Team

Wednesday, 06 November

Flatpress version 1.0 remote code execution NULLday Wire Ghoul
CVE-2013-4425: Private key disclosure, Osirix (lite, 64bit and FDA cleader version) (Medical Application) Dirk-Willem van Gulik
Cisco Security Advisory: Cisco TelePresence VX Clinical Assistant Administrative Password Reset Vulnerability Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco WAAS Mobile Remote Code Execution Vulnerability Cisco Systems Product Security Incident Response Team
[Security-news] SA-CONTRIB-2013-087 - Payment for Webform - Access Bypass security-news
[Security-news] SA-CONTRIB-2013-089 - Node Access Keys - Access Bypass security-news
[Security-news] SA-CONTRIB-2013-088 - Secure Pages - Missing Encryption of Sensitive Data security-news

Thursday, 07 November

FOSCAM Wireless IP Camera - SSID Cross Site Scripting LIAD Mizrachi
I'm new here, and I already have something to share Jack Johnson

Friday, 08 November

Apple MacOSX 10.9 Hard Link Memory Corruption [CXSEC]
Re: I'm new here, and I already have something to share Alex
OpenSSH Security Advisory: gcmrekey.adv coderman
Re: OpenSSH Security Advisory: gcmrekey.adv coderman

Saturday, 09 November

Re: OpenSSH Security Advisory: gcmrekey.adv Harry Hoffman
Re: OpenSSH Security Advisory: gcmrekey.adv coderman
Re: OpenSSH Security Advisory: gcmrekey.adv yersinia
[SECURITY] [DSA 2793-1] libav security update Moritz Muehlenhoff
Vulnerabilities in Redaxo 4.5 CMS Root User
Re: OpenSSH Security Advisory: gcmrekey.adv CERT OPS Marienfeldt
Cloud Questions David Miller
Re: I'm new here, and I already have something to share Jasper Kips
Re: OpenSSH Security Advisory: gcmrekey.adv Bob Man Van Kim
Re: I'm new here, and I already have something to share Jack Johnson
Re: Cloud Questions Jeffrey Walton
Re: Cloud Questions Yvan Janssens
Re: Cloud Questions silence_is_best
Re: Cloud Questions Jeffrey Walton
Re: Cloud Questions Jeffrey Walton
XADV-2013003 Linux Kernel bt8xx Video Driver IOCTL Heap Overflow x90c
the advisory canceled. x90c

Sunday, 10 November

SPLUNK > 6 universal forwarder cypher weakness fortinet42
[ MDVSA-2013:265 ] kernel security
[SECURITY] [DSA 2794-1] spip security update Salvatore Bonaccorso

Monday, 11 November

XADV-2013003 Linux Kernel fbdev Driver arcfb_write() Overflow x90c
D-Link Router 2760N (DSL-2760U-BN) Multiple XSS LIAD Mizrachi
XADV-2013004 Linux Kernel ipvs Kernel Stack Overflow x90c
Re: XADV-2013004 Linux Kernel ipvs Kernel Stack Overflow Alan J . Wylie
Another Apple Security Failure (Apple Mail on the iPhone).... Jeffrey Walton

Tuesday, 12 November

WebSurgery v1.1 released (Web application security testing suite) John Stamatakis
CSRF vulnerabilities in OS of fortianalyzer 5.0.4 William Costa
Windows Local DOS on Win32 Handle Validation sixtyvividtails
bugs in IJG jpeg6b & libjpeg-turbo Michal Zalewski
n.runs-SA-2013.006 - Microsoft Outlook/Crypto API - Design Bug security
Recruiting Troopers - Call for Papers, March 19-20 2014 Enno Rey

Wednesday, 13 November

Securelist.com (Kaspersky) released a misleading information about Kelihos Botnet actual status アドリアンヘンドリック
[SECURITY] [DSA 2795-1] lighttpd security update Michael Gilbert
Re: Windows Local DOS on Win32 Handle Validation sixtyvividtails
ColdFusion and Adobe Flash Player Security Updates Osama Alrashid
[SECURITY] [DSA 2796-1] torque security update Salvatore Bonaccorso
[Security-news] SA-CONTRIB-2013-091 - Groups, Communities and Co (GCC) - Access Bypass security-news
[Security-news] SA-CONTRIB-2013-090 - Revisioning - Access Bypass security-news
[Security-news] SA-CONTRIB-2013-092 - Misery - Denial of Service (DOS) vulnerability. security-news
[SECURITY] [DSA 2797-1] icedove security update Moritz Muehlenhoff

Thursday, 14 November

whatsapp opening url in background Frank Habermann

Friday, 15 November

NEW VMSA-2013-0013 VMware Workstation host privilege escalation vulnerability \"VMware Security Response Center\"
Re: Another Apple Security Failure (Apple Mail on the iPhone).... Caspian Kilkelly
Re: Another Apple Security Failure (Apple Mail on the iPhone).... Jeffrey Walton
Re: whatsapp opening url in background Frank Habermann
Re: whatsapp opening url in background Ander Juaristi Alamos
Re: whatsapp opening url in background Jerome Athias
[OVSA20131108] OpenVAS Manager And OpenVAS Administrator Vulnerable To Partial Authentication Bypass Tim Brown
Re: whatsapp opening url in background Ferran Pichel
CVE-2013-5966 - XSS in ZK Framework Stephan Rickauer
Re: whatsapp opening url in background Alex
Re: whatsapp opening url in background Ferran Pichel
Re: whatsapp opening url in background Pål Nilsen
Some more on Geox.. pr0nh4x
XADV-2013005 FreeBSD 10 <= nand Driver IOCTL Kernel Memory Leak Bug x90c
XADV-2013006 FreeBSD <= 10 kernel qlxge/qlxgbe Driver IOCTL Multiple Kernel Memory Leak Bugs x90c

Saturday, 16 November

ClipBucket v2.6-r738 Arbitrary File Upload 0-Day Rob Whitney
Re: ClipBucket v2.6-r738 Arbitrary File Upload 0-Day Henri Salo
CVE-2013-622 Livezilla Remote Code Execution (Cure-2013-1007) Curesec Research Team
[CVE-2013-6356] Avira Secure Backup v1.0.0.1 Multiple Registry Key Value Parsing Local Buffer Overflow Vulnerability Julien Ahrens
Ip address and mac address hardcoded mramelie
Re: Ip address and mac address hardcoded coderman
Re: Ip address and mac address hardcoded Augusto Pereyra

Sunday, 17 November

[SECURITY] [DSA 2795-2] lighttpd regression update Michael Gilbert
Re: Ip address and mac address hardcoded Maximilian Grobecker
Re: Ip address and mac address hardcoded Jason Hellenthal
Re: Ip address and mac address hardcoded mramelie
Re: Ip address and mac address hardcoded Maximilian Grobecker
Re: [CVE-2013-6356] Avira Secure Backup v1.0.0.1 Multiple Registry Key Value Parsing Local Buffer Overflow Vulnerability Jann Horn
Re: [CVE-2013-6356] Avira Secure Backup v1.0.0.1 Multiple Registry Key Value Parsing Local Buffer Overflow Vulnerability Julien Ahrens
BF, LE and IAA vulnerabilities in InstantCMS MustLive

Monday, 18 November

XADV-2013007 Linux Kernel bt8xx Video Driver IOCTL Heap Overflow x90c
[SECURITY] [DSA 2797-1] chromium-browser security update Michael Gilbert
[SECURITY] [DSA 2798-1] curl security update Michael Gilbert
Kaseya 6.3 Arbitrary File Upload Vulnerability Thomas Hibbert
DesktopCentral Arbitrary File Upload Vulnerability Thomas Hibbert
[SOJOBO-ADV-13-04] - PHP-Nuke 8 .2.4 multiple vulnerabilities advisories

Tuesday, 19 November

PayPal Inc Bug Bounty #65 China - Redirect Web Vulnerability Vulnerability Lab
PayPal Inc Bug Bounty #42 - Persistent POST Inject Vulnerability Vulnerability Lab
Paypal Inc Bug Bounty #47 ALYZ - Persistent Search Vulnerability Vulnerability Lab
spamtitan 6 root exploit c1088422
pineapp mailsecure pwnage full-disclosure-bounces
Intersystems Cache Remote Code Execution (via Default Minimal Security Install) Mike Arnold
16TH AVAR INTERNATIONAL SECURITY CONFERENCE 2013 - (4th-7th Dec'13, Chennai. India) Gregory Panakkal
XADV-2013008 Linux Kernel 3.11.7 <= sk_attach_filter Kernel Heap Corruption x90c
[ MDVSA-2013:266 ] java-1.6.0-openjdk security
[ MDVSA-2013:267 ] java-1.7.0-openjdk security
pineapp mailsecure no authenticated privilege escalation & remote execution code Ruben Garrote
List Charter John Cartwright
[ MDVSA-2013:268 ] torque security
DoS vulnerability in Internet Explorer 6, 7, 8 (access violation) MustLive
Re: DoS vulnerability in Internet Explorer 6, 7, 8 (access violation) laurent gaffie

Wednesday, 20 November

Paypal Bug Bounty #14 - Persistent Payment Mail Encoding Vulnerability Vulnerability Lab
Appologics AirBeam v1.9.2 iOS - Multiple Web Vulnerabilities Vulnerability Lab
Capstone disassembly framework: looking for Beta-testers Nguyen Anh Quynh
SKIDATA RFID Freemotion.Gate Unauthenticated Web Service Aribtrary Remote Command Execution Dennis Kelly
CORRECTION: Kaseya 6.3 Arbitrary File Upload Vulnerability Thomas Hibbert
CORRECTION: DesktopCentral Arbitrary File Upload Vulnerability Thomas Hibbert
[ MDVSA-2013:269 ] firefox security
[ MDVSA-2013:270 ] nss security
[Security-news] SA-CONTRIB-2013-093 - Invitation - Access Bypass security-news
[Security-news] SA-CONTRIB-2013-094 - EU Cookie Compliance - Cross Site Scripting (XSS) security-news
[Security-news] SA-CONTRIB-2013-096 - Entity reference - Access bypass security-news
[Security-news] SA-CONTRIB-2013-095 - Organic Groups - Access bypass security-news
[SECURITY] [DSA 2798-2] curl security update Salvatore Bonaccorso
[Security-news] SA-CORE-2013-003 - Drupal core - Multiple vulnerabilities security-news

Thursday, 21 November

Re: XADV-2013007 Linux Kernel bt8xx Video Driver IOCTL Heap Overflow Dan Carpenter
Imperva WAF/DAF 9.5 patch8 and 10.0 patch 2 localroot vulnerability steve jobs
[ MDVSA-2013:271 ] pmake security
[ MDVSA-2013:272 ] poppler security
[ MDVSA-2013:273 ] libjpeg security
[ MDVSA-2013:274 ] libjpeg security
[ MDVSA-2013:275 ] krb5 security
[ MDVSA-2013:276 ] curl security
[ MDVSA-2013:277 ] lighttpd security
Re: [Dailydave] Capstone disassembly framework: looking for Beta-testers Nguyen Anh Quynh
[ MDVSA-2013:278 ] samba security
Re: [Dailydave] Capstone disassembly framework: looking for Beta-testers Nguyen Anh Quynh
Re: Imperva WAF/DAF 9.5 patch8 and 10.0 patch 2 localroot vulnerability adam
Re: [Dailydave] Capstone disassembly framework: looking for Beta-testers Albert López
Facebook Vulnerability Discloses Friends Lists Defined as Private qsrc Quotium
Re: Imperva WAF/DAF 9.5 patch8 and 10.0 patch 2 localroot vulnerability steve jobs
[SECURITY] [DSA 2801-1] libhttp-body-perl security update Salvatore Bonaccorso
DC4420 (DefCon London) meeting next Tuesday, 26th November 2013 Tony Naggs

Friday, 22 November

[SECURITY] [DSA 2802-1] nginx security update Thijs Kinkhorst
[ MDVSA-2013:279 ] wireshark security
[ MDVSA-2013:280 ] memcached security
Code Execution vulnerability in Contact Form 7 for WordPress MustLive

Saturday, 23 November

Re: Imperva WAF/DAF 9.5 patch8 and 10.0 patch 2 localroot vulnerability tennc

Sunday, 24 November

[ MDVSA-2013:281 ] nginx security
Defense in depth -- the Microsoft way (part 14): incomplete, misleading and dangerous documentation Stefan Kanthak

Monday, 25 November

[ MDVSA-2013:282 ] perl-HTTP-Body security
Tapuz - Flix Password ByPass LIAD Mizrachi
[ MDVSA-2013:283 ] glibc security
[ MDVSA-2013:284 ] glibc security
[SECURITY] [DSA 2800-1] nss security update Salvatore Bonaccorso

Tuesday, 26 November

[ MDVSA-2013:285 ] bugzilla security
[ MDVSA-2013:286 ] ruby security
[SECURITY] [DSA 2803-1] quagga security update Moritz Muehlenhoff
[ MDVSA-2013:287 ] drupal security
[SECURITY] [DSA 2804-1] drupal7 security update Moritz Muehlenhoff

Wednesday, 27 November

Re: Tapuz - Flix Password ByPass tennc
[HITB-Announce] #HITB2014AMS Call for Papers Now Open Hafez Kamal
Yahoo Open Redirect Vulnerability - or "Designing vulnerabilities" Robert Kugler
Uptime Agent 5.0.1 Stack Overflow Vulnerability Denis Andzakovic
Wapiti 2.3.0 - the python-powered web-application vulnerability scanner Nicolas Surribas
Re: Wapiti 2.3.0 - the python-powered web-application vulnerability scanner coderman

Thursday, 28 November

Re: DEF CON 19 - hackers get hacked! coderman
Re: DEF CON 19 - hackers get hacked! , DEF CON 20 was not DRT coderman
CVE-2013-6271 Remove Android Device Lock by rouge app Curesec Research Team
D-Link! What's wrong with you? matteo ignaccolo
[SECURITY] [DSA 2805-1] sup-mail security update Luciano Bello
Pastebin Captcha Bypass Scott Arciszewski
CVE-2013-6224: XSS in Livezilla prior version 5.1.1.0 Curesec Research Team
iCloud and privacy...last word silence_is_best
CVE-2013-6223: Local Password Disclosure in Livezilla prior version 5.1.1.0 Curesec Research Team
NewsAktuell PressePortal DE - Remote SQL Injection Web Vulnerability Vulnerability Lab
RFP: FOIA with privacy waivers[0] for oversight coderman

Friday, 29 November

Re: iCloud and privacy...last word Jeffrey Walton
[SECURITY] [DSA 2806-1] nbd security update Thijs Kinkhorst

Saturday, 30 November

Re: RFP: FOIA with privacy waivers[0] for oversight coderman
Seems like Coinbase Security Team doesn't know how their cookie works giulio
[SECURITY] [DSA 2807-1] links2 security update Moritz Muehlenhoff
Re: Seems like Coinbase Security Team doesn't know how their cookie works Jeffrey Walton
Day of bugs in WordPress 3 MustLive
Vulnerabilities hiddenly fixed in WordPress 3.6 and 3.6.1 MustLive
Re: Vulnerabilities hiddenly fixed in WordPress 3.6 and 3.6.1 Ryan Dewhurst
Previous period Next period
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault