Home page logo
/

383 messages starting Oct 01 10 and ending Dec 31 10
Date index | Thread index | Author index

Friday, 01 October

Re: CVE requests: Poppler, Quassel, Pyfribidi, Overkill, DocUtils, FireGPG, Wireshark Tomas Hoger
Re: CVE request - phpCAS: prevent symlink attacks, directory traversal and XSS during a proxy callback Joachim Fritschi
CVE request: freeradius Vincent Danen
Re: CVE request: multiple kernel stack memory disclosures Dan Rosenberg
Re: CVE request - phpCAS: prevent symlink attacks, directory traversal and XSS during a proxy callback Josh Bressers
Re: CVE request: Horde Gollem <1.1.2 XSS in view.php Josh Bressers
Re: CVE requests: Poppler, Quassel, Pyfribidi, Overkill, DocUtils, FireGPG, Wireshark Vincent Danen
Re: CVE request: freeradius Josh Bressers
Re: CVE requests: Poppler, Quassel, Pyfribidi, Overkill, DocUtils, FireGPG, Wireshark Gerald Combs
Re: CVE requests: Poppler, Quassel, Pyfribidi, Overkill, DocUtils, FireGPG, Wireshark Vincent Danen
Re: Minor security flaw with pam_xauth Vincent Danen
Re: Small exposure in ocfs2 fast symlinks. Joel Becker

Sunday, 03 October

Re: Minor security flaw with pam_xauth Dmitry V. Levin

Monday, 04 October

Re: CVE requests: Poppler, Quassel, Pyfribidi, Overkill, DocUtils, FireGPG, Wireshark Tomas Hoger
CVE request: kernel: SCTP memory corruption in HMAC handling Dan Rosenberg
CVE request, security issues fixed in MySQL 5.1.51 Vincent Danen
CVE Request: more dovecot ACL issues Ludwig Nussel
Re: Small exposure in ocfs2 fast symlinks. Josh Bressers
Re: CVE requests: Poppler, Quassel, Pyfribidi, Overkill, DocUtils, FireGPG, Wireshark Josh Bressers
Re: CVE request: kernel: SCTP memory corruption in HMAC handling Josh Bressers
Re: CVE Request: more dovecot ACL issues Josh Bressers
Re: CVE request, security issues fixed in MySQL 5.1.51 Josh Bressers

Tuesday, 05 October

Nagios format string issues Florian Weimer

Wednesday, 06 October

Re: Nagios format string issues Oden Eriksson
Re: Nagios format string issues Josh Bressers
Re: Nagios format string issues Steven M. Christey
Re: CVE request: multiple kernel stack memory disclosures Steven M. Christey
Re: Nagios format string issues Oden Eriksson
Re: CVE request: multiple kernel stack memory disclosures Dan Rosenberg

Thursday, 07 October

Re: CVE request: multiple kernel stack memory disclosures Dan Rosenberg
Re: Nagios format string issues Tomas Hoger
Re: CVE request, security issues fixed in MySQL 5.1.51 Steven M. Christey

Friday, 08 October

qpidd SSL connection DoS (CVE-2010-3083) Vincent Danen
CVE Request -- Mercurial --Doesn't verify subject Common Name properly Jan Lieskovsky
CVE request eoCMS SQL injection vulnerability Henri Salo
CVE request: joomla before 1.5.21 XSS Hanno Böck
CVE request: usebb before 1.0.11 unauthorized access to content Hanno Böck
CVE request (2009): vanilla forums before 1.1.8 Hanno Böck
CVE request: mybb before 1.4.11 and before 1.4.12 Hanno Böck
Fwd: CVE id request: fluxbb < 1.2.22 XSS Hanno Böck

Monday, 11 October

CVE request: TYPO3-SA-2010-020 Moritz Muehlenhoff
CVE request: Simple Machines Forum Cross-Site Request Forgery Henri Salo
Re: CVE request eoCMS SQL injection vulnerability Josh Bressers
Re: CVE request: joomla before 1.5.21 XSS Josh Bressers
Re: CVE request: usebb before 1.0.11 unauthorized access to content Josh Bressers
Re: CVE request (2009): vanilla forums before 1.1.8 Josh Bressers
Re: CVE Request -- Mercurial --Doesn't verify subject Common Name properly Josh Bressers
Re: CVE request: mybb before 1.4.11 and before 1.4.12 Josh Bressers
Re: CVE id request: fluxbb < 1.2.22 XSS Josh Bressers
Re: CVE request: Simple Machines Forum Cross-Site Request Forgery Josh Bressers
Re: CVE request: TYPO3-SA-2010-020 Josh Bressers

Tuesday, 12 October

Re: CVE requests: Poppler, Quassel, Pyfribidi, Overkill, DocUtils, FireGPG, Wireshark Gerald Combs
kernel: avoid pgoff overflow in remap_file_pages Eugene Teo
Re: kernel: avoid pgoff overflow in remap_file_pages Thomas Pollet
Re: Nagios format string issues Oden Eriksson
Re: CVE requests: Poppler, Quassel, Pyfribidi, Overkill, DocUtils, FireGPG, Wireshark Vincent Danen
Re: kernel: avoid pgoff overflow in remap_file_pages akiphie

Wednesday, 13 October

CVE Request -- cURL / mingw32-cURL -- Did not strip directory parts separated by backslashes, when downloading files Jan Lieskovsky
CVE request: ettercap GTK Dan Rosenberg
CVE request: Apache-AuthenHook perl module Moritz Muehlenhoff
Re: CVE Request -- cURL / mingw32-cURL -- Did not strip directory parts separated by backslashes, when downloading files Jan Lieskovsky
Re: CVE Request -- cURL / mingw32-cURL -- Did not strip directory parts separated by backslashes, when downloading files Josh Bressers
Re: CVE request: ettercap GTK Josh Bressers
Re: CVE request: Apache-AuthenHook perl module Josh Bressers

Thursday, 14 October

Re: CVE request: ettercap GTK Steven M. Christey
Re: CVE request: ettercap GTK Dan Rosenberg

Monday, 18 October

CVE request -- libguestfs: missing disk format specifier when adding a disk Petr Matousek
Re: CVE request -- libguestfs: missing disk format specifier when adding a disk Eugene Teo

Thursday, 21 October

CVE request: kernel: setup_arg_pages: diagnose excessive argument size Eugene Teo
glibc $ORIGIN problem - CVE-2010-3847 Marcus Meissner
Re: glibc $ORIGIN problem - CVE-2010-3847 Robert Święcki

Friday, 22 October

CVE-2010-1693: OFED openibd startup script uses predictable tmpfile Mike O'Connor
CVE request: kernel: heap overflow in TIPC Dan Rosenberg
Re: glibc $ORIGIN problem - CVE-2010-3847 Florian Weimer
Re: CVE request: kernel: setup_arg_pages: diagnose excessive argument size Josh Bressers
Re: CVE request: kernel: heap overflow in TIPC Josh Bressers

Monday, 25 October

Re: glibc $ORIGIN problem - CVE-2010-3847 Solar Designer
Re: Minor security flaw with pam_xauth Solar Designer
Re: CVE request: multiple kernel stack memory disclosures Steven M. Christey
CVE request: kernel: heap contents leak from ETHTOOL_GRXCLSRLALL Kees Cook

Tuesday, 26 October

Re: CVE request: kernel: heap contents leak from ETHTOOL_GRXCLSRLALL Eugene Teo
Re: glibc $ORIGIN problem - CVE-2010-3847 Dmitry V. Levin

Friday, 29 October

CVE request: kernel: iovec overflow in rds_rdma_pages() Eugene Teo
CVE request: moodle 1.9.10 Ludwig Nussel

Monday, 01 November

Re: CVE request: kernel: iovec overflow in rds_rdma_pages() Josh Bressers
Proftpd pre-authentication buffer overflow in Telnet code Florian Weimer
Re: CVE request: moodle 1.9.10 Josh Bressers
Re: Proftpd pre-authentication buffer overflow in Telnet code Josh Bressers

Tuesday, 02 November

utf-8 security issue in php Oden Eriksson
Re: utf-8 security issue in php Pierre Joye
Re: utf-8 security issue in php Pierre Joye
Re: utf-8 security issue in php Josh Bressers
libxml2 xpath Sebastian Krahmer
Re: utf-8 security issue in php Pierre Joye
CVE request: kernel stack infoleaks Jon Oberheide
Re: utf-8 security issue in php Vincent Danen
Re: CVE request: kernel stack infoleaks Dan Rosenberg
Re: CVE request: kernel stack infoleaks Dan Rosenberg
Re: utf-8 security issue in php Pierre Joye
Re: CVE request: kernel stack infoleaks Steven M. Christey
Re: utf-8 security issue in php Vincent Danen

Wednesday, 03 November

Re: utf-8 security issue in php Sebastian Krahmer
CVE request: X.25 remote DoS Dan Rosenberg
CVE request: kernel: CAN information leak Dan Rosenberg

Thursday, 04 November

CVE request: kernel: sys_semctl: fix kernel stack leakage Eugene Teo
Re: CVE request: kernel: sys_semctl: fix kernel stack leakage Eugene Teo
Re: CVE request: X.25 remote DoS Eugene Teo
Re: CVE request: kernel: CAN information leak Eugene Teo
Re: CVE request: kernel stack infoleaks Josh Bressers
Re: libxml2 xpath Josh Bressers
CVE Clarification: OpenFabrics ofed stack also contains RDS protocol Marcus Meissner
CVE request: fuse Marc Deslauriers
CVE request: kernel: logic error in INET_DIAG bytecode auditing Nelson Elhage
CVE request: kernel: kvm kernel stack leakage Petr Matousek

Friday, 05 November

Re: CVE Clarification: OpenFabrics ofed stack also contains RDS protocol Josh Bressers
Re: CVE request: fuse Josh Bressers
Re: CVE request: kernel: logic error in INET_DIAG bytecode auditing Josh Bressers
Re: CVE request: kernel: kvm kernel stack leakage Josh Bressers

Sunday, 07 November

Re: CVE request: moodle 1.9.10 Steven M. Christey
CVE Request: PHP 5.3.3, libmbfl, mb_strcut Pierre Joye
Linux kernel proactive security hardening Kees Cook

Monday, 08 November

Re: Linux kernel proactive security hardening Solar Designer
Re: Linux kernel proactive security hardening Dan Rosenberg
filesystem capabilities Solar Designer
Re: Linux kernel proactive security hardening Solar Designer
Re: Linux kernel proactive security hardening Solar Designer
Re: filesystem capabilities Ludwig Nussel
Re: filesystem capabilities Sebastian Krahmer
Re: filesystem capabilities yersinia
Re: Linux kernel proactive security hardening Vasiliy Kulikov
Re: filesystem capabilities Steve Grubb
Re: filesystem capabilities Steve Grubb
Re: Linux kernel proactive security hardening Vasiliy Kulikov
Re: CVE Request: PHP 5.3.3, libmbfl, mb_strcut Josh Bressers

Tuesday, 09 November

CVE request: kernel: gdth: integer overflow in ioc_general() Petr Matousek
Re: filesystem capabilities James Morris
Re: CVE request: kernel: gdth: integer overflow in ioc_general() Dan Rosenberg
Re: CVE request: kernel: gdth: integer overflow in ioc_general() Petr Matousek
Re: CVE request: kernel: gdth: integer overflow in ioc_general() Dan Rosenberg
Re: libxml2 xpath Giuseppe Iuculano

Wednesday, 10 November

CVE-2010-3086 kernel panic via futex Eugene Teo
CVE Request: kernel: socket filters infoleak Eugene Teo
CVE request: mono loading shared libs from cwd Thomas Biege
Re: CVE request: mono loading shared libs from cwd Thomas Biege
CVE request: kernel: L2TP send buffer allocation size overflows Petr Matousek
Re: Linux kernel proactive security hardening Kees Cook
Re: Linux kernel proactive security hardening Kees Cook
Re: filesystem capabilities Kees Cook
Re: filesystem capabilities Kees Cook
Re: Linux kernel proactive security hardening Vasiliy Kulikov
Re: filesystem capabilities Steve Grubb
Re: CVE request: kernel: gdth: integer overflow in ioc_general() Josh Bressers
Re: CVE Request: kernel: socket filters infoleak Josh Bressers
Re: CVE request: mono loading shared libs from cwd Josh Bressers
Re: filesystem capabilities Kees Cook
Re: CVE request: kernel: L2TP send buffer allocation size overflows Josh Bressers
Re: filesystem capabilities Steve Grubb
CVE request: kernel: Multiple DoS issues in block layer Dan Rosenberg

Thursday, 11 November

[HITB-Announce] HITB Magazine #5 Call for Articles Hafez Kamal
CVE request: kernel: remote DoS in X.25 Dan Rosenberg

Friday, 12 November

CVE request: kernel: possible kernel oops from user MSS Eugene Teo
Re: CVE request: kernel: Multiple DoS issues in block layer Josh Bressers
Re: CVE request: kernel: remote DoS in X.25 Josh Bressers
Re: CVE request: kernel: possible kernel oops from user MSS Josh Bressers
CVE request: Joomla 1.5.21 SQL Injection and Information Disclosure Henri Salo
Re: CVE request: Joomla 1.5.21 SQL Injection and Information Disclosure Josh Bressers

Saturday, 13 November

CVE request: ImageMagick opens config files in $CWD Vincent Danen

Sunday, 14 November

Re: CVE Request -- Mercurial --Doesn't verify subject Common Name properly Marc Deslauriers
econet iovec Thomas Pollet
Re: econet iovec Dan Rosenberg
Re: econet iovec Dan Rosenberg
CVE request for OpenTTD Rubidium
Re: utf-8 security issue in php Pierre Joye

Monday, 15 November

Re: econet iovec Eugene Teo
CVE request: kernel: perf bug Eugene Teo
Re: CVE request: ImageMagick opens config files in $CWD Josh Bressers
Re: CVE request for OpenTTD Josh Bressers
Re: CVE request: kernel: perf bug Josh Bressers
Re: econet iovec Steven M. Christey
Re: econet iovec Dan Rosenberg
Re: CVE Request -- Mercurial --Doesn't verify subject Common Name properly Steven M. Christey

Tuesday, 16 November

utf-8 security issue in php - 2 CVEs? Huzaifa Sidhpurwala
CVE Request: libsdp Huzaifa Sidhpurwala
Re: utf-8 security issue in php - 2 CVEs? Pierre Joye
Re: CVE Request -- Mercurial --Doesn't verify subject Common Name properly Marc Deslauriers
Re: CVE Request -- Mercurial --Doesn't verify subject Common Name properly Ben Laurie
Clear text password in process list when using MySQL GUI tools Martin Drescher
Re: CVE Request: libsdp Josh Bressers

Wednesday, 17 November

Re: CVE Request -- Mercurial --Doesn't verify subject Common Name properly Ludwig Nussel
Re: CVE Request -- Mercurial --Doesn't verify subject Common Name properly Matthias Andree
Re: CVE Request -- Mercurial --Doesn't verify subject Common Name properly dave b
Re: Re: utf-8 security issue in php - 2 CVEs? Huzaifa Sidhpurwala
Re: CVE Request -- Mercurial --Doesn't verify subject Common Name properly dave b
Re: Clear text password in process list when using MySQL GUI tools Josh Bressers
Re: Re: utf-8 security issue in php - 2 CVEs? Pierre Joye
CVE request: kernel: integer overflow in RDS Dan Rosenberg
Re: Clear text password in process list when using MySQL GUI tools Moritz Muehlenhoff
Re: Clear text password in process list when using MySQL GUI tools Steven M. Christey

Thursday, 18 November

Re: CVE request: kernel: integer overflow in RDS Eugene Teo
Re: Clear text password in process list when using MySQL GUI tools Josh Bressers
[HITB-Announce] HITB2011AMS -- Call For Papers now Open Hafez Kamal
NULL byte poisoning fix in php 5.3.4+ Pierre Joye
Re: NULL byte poisoning fix in php 5.3.4+ Pierre Joye
Re: filesystem capabilities Kees Cook
Re: filesystem capabilities Daniel J Walsh
CVE request: tikiwiki <= 5.2 XSS, CSRF, file inclusion Hanno Böck

Saturday, 20 November

Re: Clear text password in process list when using MySQL GUI tools Moritz Muehlenhoff

Monday, 22 November

CVE Request: gif2png: command-line buffer overflow problem Kurt Seifried
CVE Request -- pootle -- XSS via 'match_names' parameter on translate.html page Jan Lieskovsky
CVE request: kernel: missing tty ops write function presence check in hci_uart_tty_open() Eugene Teo
Re: CVE request: tikiwiki <= 5.2 XSS, CSRF, file inclusion Josh Bressers
Re: CVE Request: gif2png: command-line buffer overflow problem Josh Bressers
Re: CVE Request: gif2png: command-line buffer overflow problem Dan Rosenberg
Re: Re: NULL byte poisoning fix in php 5.3.4+ Josh Bressers
CVE request: kernel: mm: mem allocated invisible to oom_kill() when not attached to any threads Eugene Teo
Re: CVE Request: gif2png: command-line buffer overflow problem Steven M. Christey
Re: CVE request: kernel: missing tty ops write function presence check in hci_uart_tty_open() Josh Bressers
Re: CVE Request: gif2png: command-line buffer overflow problem Steven M. Christey
Re: CVE request: kernel: mm: mem allocated invisible to oom_kill() when not attached to any threads Josh Bressers
Re: CVE Request -- pootle -- XSS via 'match_names' parameter on translate.html page Josh Bressers
Re: NULL byte poisoning fix in php 5.3.4+ Pierre Joye
CVE assignments for Wireshark LDSS / ZCL issues Steven M. Christey
Re: CVE Request: gif2png: command-line buffer overflow problem Kurt Seifried
Can I request a cve for pfsense regarding --> "pfSense "graph.php" Cross-Site Scripting Vulnerabilities" dave b
CVE-2010-4161 kernel: rhel5 backport of 93821778 caused deadlock Eugene Teo
Re: CVE Request: gif2png: command-line buffer overflow problem Benji
Linux kernel address leaks Dan Rosenberg
Re: Linux kernel address leaks Michael Gilbert

Tuesday, 23 November

CVE request: xen: request-processing loop is unbounded in blkback Eugene Teo
CVE request: kernel: posix-cpu-timers: workaround to suppress the problems with mt exec Eugene Teo
Re: Linux kernel address leaks Yves-Alexis Perez

Friday, 26 November

Re: CVE request: kernel: unix socket local dos Thomas Biege

Monday, 29 November

Re: CVE request: kernel: Multiple DoS issues in block layer Eugene Teo
Re: Linux kernel address leaks Steven M. Christey
Re: CVE request: mono/moonlight: execution of arbitrary code due to mutable Strings Josh Bressers

Tuesday, 30 November

kernel: Multiple vulnerabilities in AF_ECONET Nelson Elhage
Re: Re: NULL byte poisoning fix in php 5.3.4+ Pierre Joye
Re: Interesting behavior with struct initiailization Geoff Keating
Re: CVE request: kernel: Multiple DoS issues in block layer Eugene Teo
CVE request: xen: x86-64: don't crash Xen upon direct pv guest access Eugene Teo
CVE request: kernel: pipe_fcntl local DoS Eugene Teo
Re: CVE request: kernel: Multiple DoS issues in block layer Thomas Biege
Re: CVE request: xen: x86-64: don't crash Xen upon direct pv guest access Josh Bressers
Re: CVE request: kernel: pipe_fcntl local DoS Josh Bressers

Wednesday, 01 December

CVE Request -- perl-CGI two ids, perl-CGI-Simple one id (CVE-2010-3172 already assigned for Bugzilla part) Jan Lieskovsky
Re: CVE Request -- perl-CGI two ids, perl-CGI-Simple one id (CVE-2010-3172 already assigned for Bugzilla part) Reed Loden
Re: CVE Request -- perl-CGI two ids, perl-CGI-Simple one id (CVE-2010-3172 already assigned for Bugzilla part) Mark Stosberg

Thursday, 02 December

CVE Request -- Wordpress v3.0.2 SQL injection flaw + two minor XSS issues Jan Lieskovsky
CVE request: kernel: failure to revert address limit override in OOPS error path Dan Rosenberg
kernel: Dangerous interaction between clear_child_tid, set_fs(), and kernel oopses Nelson Elhage
Re: kernel: Dangerous interaction between clear_child_tid, set_fs(), and kernel oopses Dan Rosenberg
CVE Request -- FontForge: Stack-based buffer overflow by processing specially-crafted CHARSET_REGISTRY font file header Jan Lieskovsky
Re: CVE Request -- Wordpress v3.0.2 SQL injection flaw + two minor XSS issues Josh Bressers
Re: CVE request: kernel: failure to revert address limit override in OOPS error path Josh Bressers
Re: CVE Request -- FontForge: Stack-based buffer overflow by processing specially-crafted CHARSET_REGISTRY font file header Josh Bressers

Friday, 03 December

clamav 0.96.5 released Thomas Biege
CVE Request -- Xfig: Stack-based buffer overflow by processing FIG image with crafted color definition Jan Lieskovsky
Re: clamav 0.96.5 released Hanno Böck
RE: Interesting behavior with struct initiailization Robert Seacord
Re: Interesting behavior with struct initiailization Geoff Keating
Re: clamav 0.96.5 released Josh Bressers

Sunday, 05 December

Re: Interesting behavior with struct initiailization Bhadrinath
Re: Interesting behavior with struct initiailization Bhadrinath
Re: Re: Interesting behavior with struct initiailization Dan Rosenberg
Re: Interesting behavior with struct initiailization Bhadrinath

Monday, 06 December

CVE request: vanilla forums before 2.0.10, xss Hanno Böck
Re: CVE request: mybb before 1.4.11 and before 1.4.12 Hanno Böck
CVE request: kernel: igb panics when receiving tag vlan packet Eugene Teo
CVE request: openx unknown vulnerability before 2.8.7 Hanno Böck
Re: CVE request: openx unknown vulnerability before 2.8.7 Anthon Pang
CVE request (PHP 5.3.x getSymbol() DoS; CERT VU#479900) Vincent Danen
Re: Can I request a cve for pfsense regarding --> "pfSense "graph.php" Cross-Site Scripting Vulnerabilities" Steven M. Christey
Re: CVE Request -- Xfig: Stack-based buffer overflow by processing FIG image with crafted color definition Josh Bressers
Re: CVE request: kernel: igb panics when receiving tag vlan packet Josh Bressers
Re: CVE request (PHP 5.3.x getSymbol() DoS; CERT VU#479900) Steven M. Christey
Re: CVE request: vanilla forums before 2.0.10, xss Josh Bressers
Re: CVE request: openx unknown vulnerability before 2.8.7 Josh Bressers
Re: CVE request: vanilla forums before 2.0.10, xss Steven M. Christey
Re: CVE request (PHP 5.3.x getSymbol() DoS; CERT VU#479900) Vincent Danen

Tuesday, 07 December

CVE requests: IO::Socket::SSL, cakephp, collectd, gnash, ocrodjvu, hypermail, libcloud, piwigo Raphael Geissert
Re: CVE request (PHP 5.3.x getSymbol() DoS; CERT VU#479900) Tomas Hoger
Re: CVE request: vanilla forums before 2.0.10, xss Josh Bressers
Re: CVE requests: IO::Socket::SSL, cakephp, collectd, gnash, ocrodjvu, hypermail, libcloud, piwigo Josh Bressers
Re: CVE request (PHP 5.3.x getSymbol() DoS; CERT VU#479900) Maksymilian Arciemowicz

Wednesday, 08 December

CVE request: libvirt when compiled with openvz support has a potential security hole Vincent Danen
Re: CVE request: libvirt when compiled with openvz support has a potential security hole Eugene Teo
CVE request: kernel: bfa driver sysfs crash Eugene Teo
Re: kernel: Dangerous interaction between clear_child_tid, set_fs(), and kernel oopses Solar Designer
Re: kernel: Dangerous interaction between clear_child_tid, set_fs(), and kernel oopses Solar Designer
Re: CVE request (PHP 5.3.x getSymbol() DoS; CERT VU#479900) Pierre Joye
Re: Re: CVE request (PHP 5.3.x getSymbol() DoS; CERT VU#479900) Tomas Hoger
Re: CVE request (PHP 5.3.x getSymbol() DoS; CERT VU#479900) Maksymilian Arciemowicz
Re: kernel: Dangerous interaction between clear_child_tid, set_fs(), and kernel oopses Nelson Elhage
Re: Re: CVE request (PHP 5.3.x getSymbol() DoS; CERT VU#479900) Tomas Hoger
Re: CVE request: libvirt when compiled with openvz support has a potential security hole Vincent Danen

Thursday, 09 December

CVE request: kernel: NULL pointer dereference in AF_ECONET Nelson Elhage
Re: CVE request: kernel: NULL pointer dereference in AF_ECONET Eugene Teo
Re: CVE requests: IO::Socket::SSL, cakephp, collectd, gnash, ocrodjvu, hypermail, libcloud, piwigo Ludwig Nussel
Re: kernel: Dangerous interaction between clear_child_tid, set_fs(), and kernel oopses Solar Designer
Re: Re: NULL byte poisoning fix in php 5.3.4+ Pierre Joye
Re: Re: NULL byte poisoning fix in php 5.3.4+ Pierre Joye
Re: CVE request (PHP 5.3.x getSymbol() DoS; CERT VU#479900) Tomas Hoger
Re: CVE requests: IO::Socket::SSL, cakephp, collectd, gnash, ocrodjvu, hypermail, libcloud, piwigo Steven M. Christey
Re: Re: NULL byte poisoning fix in php 5.3.4+ Steven M. Christey
Re: Re: NULL byte poisoning fix in php 5.3.4+ Pierre Joye
Re: Re: NULL byte poisoning fix in php 5.3.4+ Steven M. Christey
[taviso () cmpxchg8b com: [PATCH] install_special_mapping skips security_file_mmap check.] Tavis Ormandy
Re: [taviso () cmpxchg8b com: [PATCH] install_special_mapping skips security_file_mmap check.] Solar Designer
Re: kernel: Dangerous interaction between clear_child_tid, set_fs(), and kernel oopses Solar Designer
Re: CVE request: kernel: bfa driver sysfs crash Josh Bressers

Friday, 10 December

Exim remote root Mark J Cox
Subject: [oss-security] CVE request: kernel: install_special_mapping skips security_file_mmap check Petr Matousek
Re: Subject: [oss-security] CVE request: kernel: install_special_mapping skips security_file_mmap check Josh Bressers

Saturday, 11 December

Re: Clarifications on the D-Bus specification Rémi Denis-Courmont

Monday, 13 December

Re: Clarifications on the D-Bus specification Havoc Pennington
Exim security issue in historical release nigel
Issues without CVE names in PHP 5.3.4/5.2.15 release Vincent Danen
Re: Issues without CVE names in PHP 5.3.4/5.2.15 release Pierre Joye
Re: Issues without CVE names in PHP 5.3.4/5.2.15 release Vincent Danen
Re: Issues without CVE names in PHP 5.3.4/5.2.15 release Pierre Joye
Re: Issues without CVE names in PHP 5.3.4/5.2.15 release Raphael Geissert

Wednesday, 15 December

Breaking the links: Exploiting the linker Tim Brown
Re: Breaking the links: Exploiting the linker Tomas Hoger
CVE Request: local privilege escalation via /sys/kernel/debug/acpi/custom_method Marcus Meissner
CVE request: MantisBT <=1.2.3 (db_type) Cross-Site Scripting & Path Disclosure Vulnerability David Hicks
CVE request: MantisBT <=1.2.3 (db_type) Local File Inclusion Vulnerability David Hicks
Re: Breaking the links: Exploiting the linker Justin Ossevoort
Re: CVE Request: local privilege escalation via /sys/kernel/debug/acpi/custom_method Eugene Teo

Thursday, 16 December

Re: CVE request: MantisBT <=1.2.3 (db_type) Cross-Site Scripting & Path Disclosure Vulnerability Josh Bressers
Re: CVE request: MantisBT <=1.2.3 (db_type) Local File Inclusion Vulnerability Josh Bressers
CVE Request -- D-BUS -- Stack frame overflow by validating message with excessive number of nested variants Jan Lieskovsky
Re: Re: CVE Request -- perl-CGI two ids, perl-CGI-Simple one id (CVE-2010-3172 already assigned for Bugzilla part) Ludwig Nussel
Re: Breaking the links: Exploiting the linker Ralf Wildenhues
Re: CVE Request -- D-BUS -- Stack frame overflow by validating message with excessive number of nested variants Josh Bressers
CVE request: Drupal views module CSRF/XSS before 2.11, XSS before 2.12 Hanno Böck
Re: Breaking the links: Exploiting the linker Tim Brown
Re: Re: Breaking the links: Exploiting the linker Tim Brown

Monday, 20 December

CVE Request: MyBB XSS bugs Ulrik Persson
CVE request: kernel: CAN information leak, 2nd attempt Petr Matousek
Re: CVE request: kernel: CAN information leak, 2nd attempt Dan Rosenberg
Re: CVE request: kernel: CAN information leak, 2nd attempt Petr Matousek
Re: CVE request: kernel: CAN information leak, 2nd attempt Dan Rosenberg

Tuesday, 21 December

Re: CVE request: kernel: CAN information leak, 2nd attempt Steven M. Christey
CVE request: opensc buffer overflow Ludwig Nussel
Re: Re: CVE Request -- D-BUS -- Stack frame overflow by validating message with excessive number of nested variants Jan Lieskovsky
CVE Request -- MHonArc: Improper escaping of certain HTML sequences (XSS) Jan Lieskovsky
Re: CVE request: opensc buffer overflow Jamie Strandboge
FYI -- Tor v0.2.1.28 addressing CVE-2010-1676 -- remotely exploitable heap-based buffer overflow Jan Lieskovsky
Re: CVE Request -- MHonArc: Improper escaping of certain HTML sequences (XSS) Earl Hood

Wednesday, 22 December

Re: CVE request: Drupal views module CSRF/XSS before 2.11, XSS before 2.12 Josh Bressers
Re: CVE Request: MyBB XSS bugs Josh Bressers
Re: CVE request: opensc buffer overflow Josh Bressers
Re: CVE Request -- MHonArc: Improper escaping of certain HTML sequences (XSS) Josh Bressers
Re: CVE Request -- MHonArc: Improper escaping of certain HTML sequences (XSS) Raphael Geissert
Re: Breaking the links: Exploiting the linker Jamie Nguyen
CVE Request -- 1, ccid -- int.overflow leading to array index error 2, pcsc-lite stack-based buffer overflow in ATR decoder [was: [oss-security] CVE request: opensc buffer overflow ] Jan Lieskovsky
Re: Re: Breaking the links: Exploiting the linker Tim Brown
Re: Breaking the links: Exploiting the linker Jamie Nguyen

Thursday, 23 December

CVE request: kernel: irda: prevent integer underflow in IRLMP_ENUMDEVICES Eugene Teo
CVE Request -- OfflineIMAP -- 1), failed to validate remote SSL server certificate 2), allows SSLv2 protocol Jan Lieskovsky
Re: CVE Request -- OfflineIMAP -- 1), failed to validate remote SSL server certificate 2), allows SSLv2 protocol dave b
CVE Request -- Django 1.2.4, Django 1.1.3 and Django 1.3 beta 1 -- addressing two security flaws Jan Lieskovsky
Re: CVE Request -- OfflineIMAP -- 1), failed to validate remote SSL server certificate 2), allows SSLv2 protocol John Goerzen
Re: CVE Request -- OfflineIMAP -- 1), failed to validate remote SSL server certificate 2), allows SSLv2 protocol Nicolas Sebrecht
Re: CVE Request -- OfflineIMAP -- 1), failed to validate remote SSL server certificate 2), allows SSLv2 protocol Johannes Stezenbach

Friday, 24 December

IO::Socket::SSL perl module: CVE-2010-4501/CVE-2010-4334 dupe Moritz Muehlenhoff

Sunday, 26 December

CVE-2010-2094: PECL's phar code is vulnerable too Eygene Ryabinkin
Re: CVE-2010-2094: PECL's phar code is vulnerable too Felipe Pena
Re: Re: CVE-2010-2094: PECL's phar code is vulnerable too Eygene Ryabinkin
Re: Re: CVE-2010-2094: PECL's phar code is vulnerable too Felipe Pena

Monday, 27 December

CVE Request -- Pidgin v2.7.6 <= x <= v2.7.8 -- MSN DirectConnect DoS (crash due NULL ptr dereference) after receiving a short P2P message Jan Lieskovsky

Wednesday, 29 December

Re: IO::Socket::SSL perl module: CVE-2010-4501/CVE-2010-4334 dupe Tomas Hoger

Thursday, 30 December

CVE request: wordpress before 3.0.4 XSS Hanno Böck
Re: CVE Request -- MHonArc: Improper escaping of certain HTML sequences (XSS) Jeff Breidenbach
Re: CVE Request -- MHonArc: Improper escaping of certain HTML sequences (XSS) Earl Hood
Fix for CVE-2010-4524 and CVE-2010-1677 ready for verfication Earl Hood

Friday, 31 December

CVE request: kernel: buffer overflow in OSS load_mixer_volumes Dan Rosenberg
CVE Request: OpenWebAnalytics < 1.2.4 - remote/local file inclusion vulnerability Anthon Pang
CVE Request: CrawlTrack < 3.2.7 - remote php code execution Anthon Pang
Re: CVE request: kernel: buffer overflow in OSS load_mixer_volumes Huzaifa Sidhpurwala
Re: CVE Request -- Pidgin v2.7.6 <= x <= v2.7.8 -- MSN DirectConnect DoS (crash due NULL ptr dereference) after receiving a short P2P message Huzaifa Sidhpurwala
Re: CVE Request: OpenWebAnalytics < 1.2.4 - remote/local file inclusion vulnerability Anthon Pang
CVE Request: Wireshark Ulrik Persson
Previous period Next period
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]