<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>
Nmap Security Scanner
Intro
Ref Guide
Install Guide
Download
Changelog
Book
Docs
Security Lists
Nmap Hackers
Nmap Dev
Bugtraq
Full Disclosure
Pen Test
Basics
More
Security Tools
Pass crackers
Sniffers
Vuln Scanners
Web scanners
Wireless
Exploitation
Packet crafters
More
Site News
Advertising
About/Contact
Sponsors:
oss-sec
: by thread
RSS Feed
About List
All Lists
Previous period
Next period
815 messages
starting
Jan 01 12 and
ending
Mar 31 12
Date index
| Thread index |
Author index
Re: CVE-request: Elxis CMS two XSS-vulnerabilities
Henri Salo (Jan 01)
speaking of DoS, openssh and dropbear (CVE-2006-1206)
Nico Golde (Jan 01)
Re: speaking of DoS, openssh and dropbear (CVE-2006-1206)
Solar Designer (Jan 01)
Re: speaking of DoS, openssh and dropbear (CVE-2006-1206)
Mike O'Connor (Jan 01)
Re: speaking of DoS, openssh and dropbear (CVE-2006-1206)
Solar Designer (Jan 01)
Re: speaking of DoS, openssh and dropbear (CVE-2006-1206)
Kurt Seifried (Jan 01)
Re: speaking of DoS, openssh and dropbear (CVE-2006-1206)
Eitan Adler (Jan 01)
Re: speaking of DoS, openssh and dropbear (CVE-2006-1206)
Kurt Seifried (Jan 02)
Re: speaking of DoS, openssh and dropbear (CVE-2006-1206)
Nico Golde (Jan 02)
Re: speaking of DoS, openssh and dropbear (CVE-2006-1206)
Solar Designer (Jan 02)
Re: speaking of DoS, openssh and dropbear (CVE-2006-1206)
Nico Golde (Jan 03)
Re: speaking of DoS, openssh and dropbear (CVE-2006-1206)
Solar Designer (Jan 03)
Re: speaking of DoS, openssh and dropbear (CVE-2006-1206)
Kurt Seifried (Jan 03)
Re: speaking of DoS, openssh and dropbear (CVE-2006-1206)
Solar Designer (Jan 11)
Re: speaking of DoS, openssh and dropbear (CVE-2006-1206)
David Hicks (Jan 05)
Re: speaking of DoS, openssh and dropbear (CVE-2006-1206)
The Fungi (Jan 05)
Re: speaking of DoS, openssh and dropbear (CVE-2006-1206)
Kurt Seifried (Jan 05)
Re: mpack 1.6 allows eavesdropping on mails sent by other users
Sebastian Pipping (Jan 01)
<Possible follow-ups>
Re: mpack 1.6 allows eavesdropping on mails sent by other users
Sebastian Pipping (Jan 18)
OpenSSL and *BSD *_Final context struct zeroization (was: weird crypt-sha* in DragonFly BSD)
Solar Designer (Jan 01)
Re: OpenBSD bcrypt error return
Solar Designer (Jan 01)
Re: *BSD's DES-based crypt(3) treats all invalid salt chars as '.'
Solar Designer (Jan 01)
<Possible follow-ups>
Re: *BSD's DES-based crypt(3) treats all invalid salt chars as '.'
Solar Designer (Jan 01)
OpenBSD bcrypt 8-bit key_len wraparound
Solar Designer (Jan 01)
Re: weird crypt-sha* in DragonFly BSD
Solar Designer (Jan 01)
<Possible follow-ups>
Re: weird crypt-sha* in DragonFly BSD
Solar Designer (Jan 16)
Re: weird crypt-sha* in DragonFly BSD
Solar Designer (Jan 19)
Re: weird crypt-sha* in DragonFly BSD
Solar Designer (Jan 20)
Re: weird crypt-sha* in DragonFly BSD
Samuel J. Greear (Jan 20)
Re: weird crypt-sha* in DragonFly BSD
Samuel J. Greear (Jan 20)
Re: weird crypt-sha* in DragonFly BSD
Solar Designer (Jan 20)
Re: weird crypt-sha* in DragonFly BSD
Solar Designer (Jan 21)
Re: Disputing CVE-2011-4122
Oswald Buddenhagen (Jan 02)
Re: Disputing CVE-2011-4122
Solar Designer (Jan 02)
Two CVE requests
Moritz Muehlenhoff (Jan 02)
Re: Two CVE requests
Kurt Seifried (Jan 03)
CVE request: libfpx "Free_All_Memory()" Double-Free Vulnerability
Agostino Sarubbo (Jan 02)
Re: CVE request: libfpx "Free_All_Memory()" Double-Free Vulnerability
Kurt Seifried (Jan 03)
CVE-request: PHP Booking Calendar 10e XSS
Henri Salo (Jan 03)
Re: CVE-request: PHP Booking Calendar 10e XSS
Steven M. Christey (Jan 03)
Re: CVE-request: PHP Booking Calendar 10e XSS
Henri Salo (Jan 03)
Re: CVE-request: Symphony CMS Multiple Cross-Site Scripting and SQL Injection Vulnerabilities (NS-11-008)
Netsparker Advisories (Jan 03)
CVE request: maradns hash table collision cpu dos
Vincent Danen (Jan 03)
Re: CVE request: maradns hash table collision cpu dos
Henri Salo (Jan 03)
Re: CVE request: maradns hash table collision cpu dos
Vincent Danen (Jan 03)
Re: CVE request: maradns hash table collision cpu dos
Kurt Seifried (Jan 03)
Re: CVE Request: Security issue in backuppc
Moritz Mühlenhoff (Jan 03)
Re: CVE Request: Security issue in backuppc
Kurt Seifried (Jan 03)
Re: CVE Request: Security issue in backuppc
Moritz Muehlenhoff (Jan 04)
Re: CVE Request: Security issue in backuppc
Steven M. Christey (Jan 04)
Re: CVE Request: Security issue in backuppc
Kurt Seifried (Jan 04)
Re: CVE Request: Security issue in backuppc
Kurt Seifried (Jan 04)
Closed list unsubscribe
Josh Bressers (Jan 03)
CVE-request: WordPress SQL injection and arbitrary code injection (2003)
Henri Salo (Jan 03)
Re: CVE-request: WordPress SQL injection and arbitrary code injection (2003)
Kurt Seifried (Jan 04)
Re: CVE-request: WordPress SQL injection and arbitrary code injection (2003)
Henri Salo (Jan 06)
Re: CVE-request: WordPress SQL injection and arbitrary code injection (2003)
Kurt Seifried (Jan 06)
CVE-request: Multiple e107 vulnerabilities
Henri Salo (Jan 03)
Re: CVE-request: Multiple e107 vulnerabilities
Kurt Seifried (Jan 03)
CVE request: XSS in wordpress 3.3
Hanno Böck (Jan 03)
Re: CVE request: XSS in wordpress 3.3
Kurt Seifried (Jan 03)
Re: CVE request: XSS in wordpress 3.3
cve-assign (Jan 03)
CVE-2011-4858 confusion
Sebastian Krahmer (Jan 04)
Re: CVE-2011-4858 confusion
cve-assign (Jan 04)
Re: Re: CVE-2011-4858 confusion
Vincent Danen (Jan 04)
Re: Re: CVE-2011-4858 confusion
Mark Thomas (Jan 05)
Re: CVE-2011-4858 confusion
cve-assign (Jan 06)
CVE request: ghostscript: system initialization file uncontrolled search path element
Ramon de C Valle (Jan 04)
Re: CVE request: ghostscript: system initialization file uncontrolled search path element
Kurt Seifried (Jan 04)
CVE request: Pidgin
Moritz Muehlenhoff (Jan 04)
Re: CVE request: Pidgin
Kurt Seifried (Jan 04)
Re: CVE request: Pidgin
Steven M. Christey (Jan 04)
CVE Request -- kernel: futex: clear robust_list on execve
Petr Matousek (Jan 04)
Re: CVE Request -- kernel: futex: clear robust_list on execve
Kurt Seifried (Jan 04)
Re: CVE Request -- kernel: futex: clear robust_list on execve
Greg KH (Jan 04)
Re: CVE Request -- kernel: futex: clear robust_list on execve
Petr Matousek (Jan 05)
Re: CVE Request -- kernel: futex: clear robust_list on execve
akuster (Jan 05)
Re: CVE Request -- kernel: futex: clear robust_list on execve
Petr Matousek (Jan 05)
CVE request: TORQUE Munge Authentication Security Bypass
Agostino Sarubbo (Jan 05)
Re: CVE request: TORQUE Munge Authentication Security Bypass
Kurt Seifried (Jan 05)
CVE-request: WordPress plugin Adminimize XSS
Henri Salo (Jan 05)
Re: CVE-request: WordPress plugin Adminimize XSS
Kurt Seifried (Jan 05)
CVE Requests for FFmpeg 0.9.1
Michael Niedermayer (Jan 05)
Re: CVE Requests for FFmpeg 0.9.1
Kurt Seifried (Jan 05)
Re: CVE Requests for FFmpeg 0.9.1
Michael Niedermayer (Jan 05)
Re: CVE Requests for FFmpeg 0.9.1
Kurt Seifried (Jan 05)
Re: CVE Requests for FFmpeg 0.9.1
Kurt Seifried (Feb 14)
Re: CVE Requests for FFmpeg 0.9.1
Steven M. Christey (Jan 05)
Re: CVE Requests for FFmpeg 0.9.1
Michael Niedermayer (Jan 05)
Re: CVE Requests for FFmpeg 0.9.1
Kurt Seifried (Feb 01)
CVE request: redmine issues
Moritz Muehlenhoff (Jan 06)
Re: CVE request: redmine issues
Kurt Seifried (Jan 06)
Re: CVE request: wordpress plugin timthumb before 2.0 remote code execution
Hanno Böck (Jan 06)
CVE Request for spamdyke "STARTTLS" Plaintext Injection Vulnerability
Michael Harrison (Jan 06)
Re: CVE Request for spamdyke "STARTTLS" Plaintext Injection Vulnerability
Kurt Seifried (Jan 06)
CVE request for OpenTTD
Rubidium (Jan 07)
Re: CVE request for OpenTTD
Kurt Seifried (Jan 09)
Re: CVE request for OpenTTD
Kurt Seifried (Jan 13)
Re: CVE request for OpenTTD - use CVE-2012-0049!
Kurt Seifried (Jan 13)
Malicious devices & vulnerabilties
Xi Wang (Jan 07)
Re: Malicious devices & vulnerabilties
Florian Weimer (Jan 08)
Re: Malicious devices & vulnerabilties
Eugene Teo (Jan 08)
Re: Malicious devices & vulnerabilties
Alistair Crooks (Jan 08)
Re: Malicious devices & vulnerabilties
Ludwig Nussel (Jan 09)
Re: Malicious devices & vulnerabilties
Alistair Crooks (Jan 09)
Re: Malicious devices & vulnerabilties
Xi Wang (Jan 08)
Re: Malicious devices & vulnerabilties
Eitan Adler (Jan 08)
Re: Malicious devices & vulnerabilties
Xi Wang (Jan 08)
Re: Malicious devices & vulnerabilties
Vasiliy Kulikov (Jan 09)
Re: Malicious devices & vulnerabilties
Kurt Seifried (Jan 08)
Re: Malicious devices & vulnerabilties
Florian Weimer (Jan 09)
Re: Malicious devices & vulnerabilties
Kurt Seifried (Jan 09)
Re: Malicious devices & vulnerabilties
Greg KH (Jan 08)
Re: Malicious devices & vulnerabilties
Xi Wang (Jan 08)
Re: Malicious devices & vulnerabilties
Hanno Böck (Jan 08)
Re: Malicious devices & vulnerabilties
Eugene Teo (Jan 08)
Re: Malicious devices & vulnerabilties
Eitan Adler (Jan 08)
CVE request: znc
Moritz Muehlenhoff (Jan 08)
Re: CVE request: znc
Henri Salo (Jan 09)
Re: CVE request: znc
Henri Salo (Jan 09)
Re: CVE request: znc
Kurt Seifried (Jan 09)
New Intrusion Detection Evaluation Dataset
Hadi Shiravi (Jan 08)
CVE Request: CEDET/Emacs global-ede-mode file loading vulnerability
Kurt Seifried (Jan 09)
Re: CVE Request: CEDET/Emacs global-ede-mode file loading vulnerability
Chong Yidong (Jan 09)
Re: Re: CVE Request: CEDET/Emacs global-ede-mode file loading vulnerability
Kurt Seifried (Jan 09)
Re: CVE Request: CEDET/Emacs global-ede-mode file loading vulnerability
David Engster (Jan 11)
CVE-2012-0207 kernel: igmp: Avoid zero delay when receiving odd mixture of IGMP queries
Eugene Teo (Jan 09)
Re: CVE-2012-0207 kernel: igmp: Avoid zero delay when receiving odd mixture of IGMP queries
Kurt Seifried (Jan 10)
Re: CVE-2012-0207 kernel: igmp: Avoid zero delay when receiving odd mixture of IGMP queries
Moritz Muehlenhoff (Jan 10)
Re: CVE-2012-0207 kernel: igmp: Avoid zero delay when receiving odd mixture of IGMP queries
Kurt Seifried (Jan 10)
Re: CVE-2012-0207 kernel: igmp: Avoid zero delay when receiving odd mixture of IGMP queries
Eugene Teo (Jan 17)
CVE request: kernel: xfs heap overflow
Xi Wang (Jan 10)
Re: CVE request: kernel: xfs heap overflow
Kurt Seifried (Jan 10)
Re: CVE request: kernel: xfs heap overflow
Kurt Seifried (Jan 10)
glib2 hash dos oCert-2011-003
Kurt Seifried (Jan 10)
CVE request: simpleSAMLphp 1.8.2 cross site scripting
Thijs Kinkhorst (Jan 11)
Re: CVE request: simpleSAMLphp 1.8.2 cross site scripting
Kurt Seifried (Jan 11)
Re: CVE request: simpleSAMLphp 1.8.2 cross site scripting
Steven M. Christey (Jan 20)
CVE request - kernel: drm: integer overflow in drm_mode_dirtyfb_ioctl()
Eugene Teo (Jan 11)
Re: CVE request - kernel: drm: integer overflow in drm_mode_dirtyfb_ioctl()
Kurt Seifried (Jan 11)
CVE request: Wireshark multiple vulnerabilities
Agostino Sarubbo (Jan 11)
Re: CVE request: Wireshark multiple vulnerabilities
Kurt Seifried (Jan 11)
Re: CVE request: Wireshark multiple vulnerabilities
Steven M. Christey (Jan 11)
Re: CVE request: Wireshark multiple vulnerabilities
Kurt Seifried (Jan 11)
Re: CVE request: Wireshark multiple vulnerabilities
Steven M. Christey (Jan 12)
Re: CVE request: Wireshark multiple vulnerabilities
Huzaifa Sidhpurwala (Jan 12)
Re: CVE request: Wireshark multiple vulnerabilities
Kurt Seifried (Jan 15)
Re: CVE request: Wireshark multiple vulnerabilities
Huzaifa Sidhpurwala (Jan 16)
Re: CVE request: Wireshark multiple vulnerabilities
Kurt Seifried (Jan 17)
Re: CVE request: Wireshark multiple vulnerabilities
Huzaifa Sidhpurwala (Jan 19)
Re: CVE request: Wireshark multiple vulnerabilities
Kurt Seifried (Jan 19)
CVE request -- kernel: kvm: syscall instruction induced guest panic
Petr Matousek (Jan 11)
Re: CVE request -- kernel: kvm: syscall instruction induced guest panic
Kurt Seifried (Jan 11)
CVE request: Mediawiki
Moritz Muehlenhoff (Jan 12)
Re: CVE request: Mediawiki
Kurt Seifried (Jan 12)
details about Tahoe-LAFS security problem #1654
Zooko Wilcox-O'Hearn (Jan 12)
Re: details about Tahoe-LAFS security problem #1654
Kurt Seifried (Jan 15)
Secunia looking for Linux Vulnerability Specialist
Henri Salo (Jan 13)
CVE affected for PHP 5.3.9 ?
Nicolas Grégoire (Jan 13)
Re: CVE affected for PHP 5.3.9 ?
Kurt Seifried (Jan 13)
Re: CVE affected for PHP 5.3.9 ?
Nicolas Grégoire (Jan 13)
Re: CVE affected for PHP 5.3.9 ?
Kurt Seifried (Jan 13)
Re: CVE affected for PHP 5.3.9 ?
Nicolas Grégoire (Jan 13)
Re: CVE affected for PHP 5.3.9 ?
Kurt Seifried (Jan 13)
Re: CVE affected for PHP 5.3.9 ?
Ignacio Espinosa (Jan 14)
Re: CVE affected for PHP 5.3.9 ?
Kurt Seifried (Jan 14)
Re: CVE affected for PHP 5.3.9 ?
Nicolas Grégoire (Jan 14)
Re: CVE affected for PHP 5.3.9 ?
Kurt Seifried (Jan 14)
Re: CVE affected for PHP 5.3.9 ?
Nicolas Grégoire (Jan 15)
Re: CVE affected for PHP 5.3.9 ?
Kurt Seifried (Jan 17)
CVE-request: WordPress 3.1.1
Henri Salo (Jan 15)
Re: CVE-request: WordPress 3.1.1
Hanno Böck (Jan 15)
Re: CVE-request: WordPress 3.1.1
Henri Salo (Jan 15)
Re: CVE-request: WordPress 3.1.1
Kurt Seifried (Jan 18)
Re: CVE-request: WordPress 3.1.1
Yves-Alexis Perez (Jan 19)
Re: CVE-request: WordPress 3.1.1
Yves-Alexis Perez (Jan 15)
CVE Request for spamdyke "STARTTLS" Plaintext
Agostino Sarubbo (Jan 15)
Re: CVE Request for spamdyke "STARTTLS" Plaintext
Kurt Seifried (Jan 19)
ANNOUNCING Tahoe, the Least-Authority File System, v1.9.1
Zooko Wilcox-O'Hearn (Jan 15)
CVE-request: NGS00109 remote code execution in ImpressPages CMS
Henri Salo (Jan 15)
Re: CVE-request: NGS00109 remote code execution in ImpressPages CMS
Kurt Seifried (Jan 18)
CVE request: Jenkins
Moritz Muehlenhoff (Jan 16)
Re: CVE request: Jenkins
Kurt Seifried (Jan 19)
gpw password generator giving short password at low rate
Yves-Alexis Perez (Jan 17)
Re: gpw password generator giving short password at low rate
Henri Salo (Jan 17)
Re: gpw password generator giving short password at low rate
Yves-Alexis Perez (Jan 17)
Re: gpw password generator giving short password at low rate
Kurt Seifried (Jan 17)
Re: gpw password generator giving short password at low rate
Steven M. Christey (Jan 17)
pwgen: non-uniform distribution of passwords
Solar Designer (Jan 17)
Re: pwgen: non-uniform distribution of passwords
Solar Designer (Jan 17)
Re: Re: pwgen: non-uniform distribution of passwords
Henri Salo (Jan 17)
Re: Re: pwgen: non-uniform distribution of passwords
Kurt Seifried (Jan 17)
Re: pwgen: non-uniform distribution of passwords
Solar Designer (Jan 17)
Re: Re: pwgen: non-uniform distribution of passwords
Steven M. Christey (Jan 17)
R: pwgen: non-uniform distribution of passwords
valentino.angeletti (Jan 19)
Re: pwgen: non-uniform distribution of passwords
Solar Designer (Jan 19)
Re: Re: pwgen: non-uniform distribution of passwords
Michael Niedermayer (Jan 19)
Re: pwgen: non-uniform distribution of passwords
Solar Designer (Jan 22)
CVE Request: overlayfs
Marc Deslauriers (Jan 17)
Re: CVE Request: overlayfs
Kurt Seifried (Jan 17)
CVE-request: golismero symlink vulnerability
Henri Salo (Jan 17)
Re: CVE-request: golismero symlink vulnerability
Kurt Seifried (Jan 17)
CVE request: kernel: proc: clean up and fix /proc/<pid>/mem handling
Eugene Teo (Jan 17)
Re: CVE request: kernel: proc: clean up and fix /proc/<pid>/mem handling
Kurt Seifried (Jan 17)
Re: CVE request: kernel: proc: clean up and fix /proc/<pid>/mem handling
Eugene Teo (Jan 17)
Re: CVE request: kernel: proc: clean up and fix /proc/<pid>/mem handling
Kees Cook (Jan 18)
Re: CVE request: kernel: proc: clean up and fix /proc/<pid>/mem handling
Eugene Teo (Jan 18)
Re: CVE request: kernel: proc: clean up and fix /proc/<pid>/mem handling
Eugene Teo (Jan 20)
Re: CVE request: kernel: proc: clean up and fix /proc/<pid>/mem handling
Eugene Teo (Jan 23)
Re: CVE request: kernel: proc: clean up and fix /proc/<pid>/mem handling
Solar Designer (Jan 22)
Message not available
Message not available
Re: CVE request: kernel: proc: clean up and fix /proc/<pid>/mem handling
Jason A. Donenfeld (Jan 22)
Re: CVE request: kernel: proc: clean up and fix /proc/<pid>/mem handling
Solar Designer (Jan 22)
Re: CVE request: kernel: proc: clean up and fix /proc/<pid>/mem handling
Eugene Teo (Jan 22)
CVE request: kernel: Unused iocbs in a batch should not be accounted as active
Eugene Teo (Jan 17)
Re: CVE request: kernel: Unused iocbs in a batch should not be accounted as active
Kurt Seifried (Jan 17)
CVE request - Batavi 1.2.1 Fixes Blind SQL Injection vulnerability in boxToReload parameter of ajax.php
Ronald van den Blink (Jan 18)
Re: CVE request - Batavi 1.2.1 Fixes Blind SQL Injection vulnerability in boxToReload parameter of ajax.php
Kurt Seifried (Jan 18)
Re: CVE request - Batavi 1.2.1 Fixes Blind SQL Injection vulnerability in boxToReload parameter of ajax.php
Ronald van den Blink (Jan 18)
Re: CVE request - Batavi 1.2.1 Fixes Blind SQL Injection vulnerability in boxToReload parameter of ajax.php
Ronald van den Blink (Jan 19)
Re: CVE request - Batavi 1.2.1 Fixes Blind SQL Injection vulnerability in boxToReload parameter of ajax.php
Kurt Seifried (Jan 19)
Re: CVE request - Batavi 1.2.1 Fixes Blind SQL Injection vulnerability in boxToReload parameter of ajax.php
Henri Salo (Jan 19)
Screen locking programs on Xorg 1.11
Gu1 (Jan 18)
Re: Screen locking programs on Xorg 1.11
Michael Gilbert (Jan 18)
Re: Screen locking programs on Xorg 1.11
Michael Gilbert (Jan 18)
Re: Screen locking programs on Xorg 1.11
Kurt Seifried (Jan 18)
Re: Screen locking programs on Xorg 1.11
Sebastian Pipping (Jan 18)
Re: Screen locking programs on Xorg 1.11
Yves-Alexis Perez (Jan 19)
Re: Screen locking programs on Xorg 1.11
Florian Weimer (Jan 19)
Re: Screen locking programs on Xorg 1.11
Tim Zingelman (Jan 19)
<Possible follow-ups>
Re: Screen locking programs on Xorg 1.11
Gu1 (Jan 19)
CVE request: tucan insecure plugin update mechanism
Vincent Danen (Jan 18)
Re: CVE request: tucan insecure plugin update mechanism
Kurt Seifried (Jan 18)
CVE-2011-4924 assignment notification -- Zope2, Zope3: Incomplete upstream fix for CVE-2010-1104 issue
Jan Lieskovsky (Jan 19)
Re: CVE-2011-4924 assignment notification -- Zope2, Zope3: Incomplete upstream fix for CVE-2010-1104 issue
Yves-Alexis Perez (Jan 19)
Re: CVE-2011-4924 assignment notification -- Zope2, Zope3: Incomplete upstream fix for CVE-2010-1104 issue
Jan Lieskovsky (Jan 19)
Re: CVE-2011-4924 assignment notification -- Zope2, Zope3: Incomplete upstream fix for CVE-2010-1104 issue
Jan-Wijbrand Kolman (Jan 19)
Request for linux-distros () vs openwall org membership
John Johansen (Jan 19)
Re: Request for linux-distros () vs openwall org membership
Jamie Strandboge (Jan 19)
Re: Request for linux-distros () vs openwall org membership
Solar Designer (Jan 20)
CVE request: usbmuxd 1.0.7 "receive_packet()" Buffer Overflow Vulnerability
Kurt Seifried (Jan 19)
Re: CVE request: usbmuxd 1.0.7 "receive_packet()" Buffer Overflow Vulnerability
Kurt Seifried (Jan 19)
Potential security issues fixed in PHP 5.3.9
Kurt Seifried (Jan 19)
Re: Potential security issues fixed in PHP 5.3.9
Pierre Joye (Jan 20)
Re: Potential security issues fixed in PHP 5.3.9
Kurt Seifried (Jan 20)
pdf attacks vectors
Alexander Pletnev (Jan 19)
Re: pdf attacks vectors
Solar Designer (Jan 20)
Re: pdf attacks vectors
Alexander Pletnev (Jan 20)
Re: pdf attacks vectors
Solar Designer (Jan 20)
Re: pdf attacks vectors
Henri Salo (Jan 21)
CVE request: spamdyke buffer overflow vulnerability
Agostino Sarubbo (Jan 20)
Re: CVE request: spamdyke buffer overflow vulnerability
Kurt Seifried (Jan 20)
Re: CVE request: spamdyke buffer overflow vulnerability
Kurt Seifried (Jan 23)
Re: CVE request: spamdyke buffer overflow vulnerability
Michael Harrison (Jan 23)
distros & linux-distros embargo period and message format
Solar Designer (Jan 20)
Re: distros & linux-distros embargo period and message format
Kurt Seifried (Jan 20)
Re: distros & linux-distros embargo period and message format
Solar Designer (Jan 20)
Re: distros & linux-distros embargo period and message format
Michael Gilbert (Jan 22)
Re: distros & linux-distros embargo period and message format
Solar Designer (Feb 01)
Re: distros & linux-distros embargo period and message format
Marc Deslauriers (Feb 01)
Re: distros & linux-distros embargo period and message format
Solar Designer (Feb 01)
Re: distros & linux-distros embargo period and message format
Kurt Seifried (Feb 01)
Re: distros & linux-distros embargo period and message format
Solar Designer (Feb 01)
Re: distros & linux-distros embargo period and message format
Kurt Seifried (Feb 01)
Re: distros & linux-distros embargo period and message format
Marc Deslauriers (Feb 01)
Re: distros & linux-distros embargo period and message format
Solar Designer (Feb 01)
Re: distros & linux-distros embargo period and message format
Kurt Seifried (Feb 01)
Re: distros & linux-distros embargo period and message format
Solar Designer (Feb 01)
Re: distros & linux-distros embargo period and message format
Michael Gilbert (Feb 03)
Re: distros & linux-distros embargo period and message format
Solar Designer (Feb 03)
Re: distros & linux-distros embargo period and message format
Michael Gilbert (Feb 03)
Re: distros & linux-distros embargo period and message format
Solar Designer (Feb 03)
Re: distros & linux-distros embargo period and message format
Michael Gilbert (Feb 03)
Re: distros & linux-distros embargo period and message format
Solar Designer (Feb 03)
Re: distros & linux-distros embargo period and message format
Thomas Klausner (Feb 01)
Re: distros & linux-distros embargo period and message format
Solar Designer (Feb 01)
CVE Request -- Asterisk AST-2012-001 / Remote DoS while processing crypto line for media stream with non-existing RTP
Jan Lieskovsky (Jan 20)
Re: CVE Request -- Asterisk AST-2012-001 / Remote DoS while processing crypto line for media stream with non-existing RTP
Steven M. Christey (Jan 20)
Re: CVE Request -- Asterisk AST-2012-001 / Remote DoS while processing crypto line for media stream with non-existing RTP
Jan Lieskovsky (Jan 20)
CVE request: moodle 2.2.1, 2.1.4, 2.0.7, 1.9.16 vulnerabilities
Vincent Danen (Jan 20)
Re: CVE request: moodle 2.2.1, 2.1.4, 2.0.7, 1.9.16 vulnerabilities
Kurt Seifried (Jan 21)
CVE request: smokeping XSS
Vincent Danen (Jan 20)
Re: CVE request: smokeping XSS
Kurt Seifried (Jan 20)
Re: CVE request: smokeping XSS
Florian Weimer (Feb 27)
Re: CVE request: smokeping XSS
Vincent Danen (Mar 06)
CVE Request -- Horde IMP -- Multiple XSS flaws fixed in v5.0.18
Jan Lieskovsky (Jan 21)
Re: CVE Request -- Horde IMP -- Multiple XSS flaws fixed in v5.0.18
Kurt Seifried (Jan 21)
Re: CVE Request -- Horde IMP -- Multiple XSS flaws fixed in v5.0.18
Steven M. Christey (Jan 21)
CVE id assignment dates
Solar Designer (Jan 23)
Re: CVE id assignment dates
Steven M. Christey (Jan 23)
Re: CVE id assignment dates
Michael Gilbert (Jan 23)
Re: CVE id assignment dates
Kurt Seifried (Jan 23)
Re: CVE id assignment dates
Steven M. Christey (Jan 24)
Re: CVE id assignment dates
Henri Salo (Jan 24)
CVE request: bip buffer overflow
Luciano Bello (Jan 24)
Re: CVE request: bip buffer overflow
Kurt Seifried (Jan 24)
CVE requests: Suhosin extension / as31
Moritz Muehlenhoff (Jan 24)
Re: CVE requests: Suhosin extension / as31
Kurt Seifried (Jan 24)
XSLT issue in MoinMoin
Nicolas Grégoire (Jan 24)
Re: XSLT issue in MoinMoin
Kurt Seifried (Jan 24)
Re: XSLT issue in MoinMoin
Nicolas Grégoire (Jan 24)
Re: XSLT issue in MoinMoin
Kurt Seifried (Jan 26)
Fwd Joomla! Security News 2012-01
Henri Salo (Jan 25)
Re: Fwd Joomla! Security News 2012-01
Henri Salo (Jan 25)
Re: Fwd Joomla! Security News 2012-01
Kurt Seifried (Jan 25)
Re: Fwd Joomla! Security News 2012-01
Henri Salo (Jan 25)
Re: Fwd Joomla! Security News 2012-01
Kurt Seifried (Jan 26)
Re: Fwd Joomla! Security News 2012-01
Kurt Seifried (Jan 29)
TWSL2012-002: Multiple Vulnerabilities in WordPress
Henri Salo (Jan 25)
Re: TWSL2012-002: Multiple Vulnerabilities in WordPress
Kurt Seifried (Jan 25)
Re: TWSL2012-002: Multiple Vulnerabilities in WordPress
Henri Salo (Jan 25)
CVE request: PostfixAdmin SQL injections and XSS
Christian Boltz (Jan 26)
Re: CVE request: PostfixAdmin SQL injections and XSS
Kurt Seifried (Jan 26)
Re: CVE request: PostfixAdmin SQL injections and XSS
Christian Boltz (Jan 26)
Re: CVE request: PostfixAdmin SQL injections and XSS
Kurt Seifried (Jan 26)
Re: CVE request: PostfixAdmin SQL injections and XSS
Christian Boltz (Jan 27)
Request for CVE for Vulnerability in Tahoe-LAFS 1.9.0
Patrick R McDonald (Jan 26)
Re: Request for CVE for Vulnerability in Tahoe-LAFS 1.9.0
Christian Hoffmann (Jan 26)
Re: Request for CVE for Vulnerability in Tahoe-LAFS 1.9.0
Patrick R McDonald (Jan 26)
Re: Request for CVE for Vulnerability in Tahoe-LAFS 1.9.0
Kurt Seifried (Jan 26)
CVE request: wicd writes sensitive information in log files (password, passphrase...)
Kurt Seifried (Jan 26)
Re: CVE request: wicd writes sensitive information in log files (password, passphrase...)
Kurt Seifried (Jan 26)
CVE Request: Debian (others?) openssh-server: Forced Command handling leaks private information to ssh clients
Kurt Seifried (Jan 26)
Re: CVE Request: Debian (others?) openssh-server: Forced Command handling leaks private information to ssh clients
Kurt Seifried (Jan 26)
Re: CVE Request: Debian (others?) openssh-server: Forced Command handling leaks private information to ssh clients
Marc Deslauriers (Jan 26)
Re: CVE Request: Debian (others?) openssh-server: Forced Command handling leaks private information to ssh clients
Yves-Alexis Perez (Jan 27)
Re: CVE Request: Debian (others?) openssh-server: Forced Command handling leaks private information to ssh clients
Kurt Seifried (Jan 27)
Re: CVE Request: Debian (others?) openssh-server: Forced Command handling leaks private information to ssh clients
Yves-Alexis Perez (Jan 27)
Re: CVE Request: Debian (others?) openssh-server: Forced Command handling leaks private information to ssh clients
Kurt Seifried (Jan 27)
Re: CVE Request: Debian (others?) openssh-server: Forced Command handling leaks private information to ssh clients
Kurt Seifried (Jan 27)
testing pwqgen
Solar Designer (Jan 26)
Subscribe to linux-distros
Ramon de C Valle (Jan 27)
Re: Subscribe to linux-distros
Kurt Seifried (Jan 27)
Re: Subscribe to linux-distros
Solar Designer (Jan 27)
Re: Subscribe to linux-distros
Ramon de C Valle (Jan 27)
Re: Subscribe to linux-distros
Agostino Sarubbo (Feb 01)
Re: Subscribe to linux-distros
Alex Legler (Feb 01)
Re: Subscribe to linux-distros
Solar Designer (Feb 01)
Re: Subscribe to linux-distros
Solar Designer (Feb 02)
Re: non-Linux advance notification list
Solar Designer (Jan 27)
<Possible follow-ups>
Re: non-Linux advance notification list
Solar Designer (Jan 27)
Re: non-Linux advance notification list
Stuart Henderson (Jan 27)
Re: non-Linux advance notification list
Solar Designer (Jan 27)
(maybe) CVE request: libvpx before 1.0 crasher
Hanno Böck (Jan 28)
Re: (maybe) CVE request: libvpx before 1.0 crasher
Kurt Seifried (Jan 29)
Re: Yubiserver package ships with pre-filled identities
Jonathan Wiltshire (Jan 30)
Re: Re: Yubiserver package ships with pre-filled identities
Kurt Seifried (Jan 30)
Re: Re: Yubiserver package ships with pre-filled identities
Nanakos Chrysostomos (Jan 30)
Re: Re: Yubiserver package ships with pre-filled identities
Kurt Seifried (Jan 30)
Re: Re: Yubiserver package ships with pre-filled identities
Nanakos Chrysostomos (Jan 30)
Re: Re: Yubiserver package ships with pre-filled identities
Kurt Seifried (Jan 30)
Re: Re: Yubiserver package ships with pre-filled identities
Nanakos Chrysostomos (Jan 30)
Re: Re: Yubiserver package ships with pre-filled identities
Gian Piero Carrubba (Jan 30)
Re: Re: Yubiserver package ships with pre-filled identities
Steven M. Christey (Jan 31)
Re: Yubiserver package ships with pre-filled identities
Nanakos V. Chrysostomos (Jan 30)
Sudo format string vulnerability (CVE 2012-0809)
nicolas vigier (Jan 30)
gnusound 0.7.5 file name handling format string issue
Kurt Seifried (Jan 30)
Re: gnusound 0.7.5 file name handling format string issue
Kurt Seifried (Jan 30)
Mibew messenger multiple XSS
Henri Salo (Jan 31)
Re: Mibew messenger multiple XSS
Kurt Seifried (Feb 01)
XSS hiding CSRF (was: Re: [oss-security] Mibew messenger multiple XSS)
Steven M. Christey (Feb 01)
RE: XSS hiding CSRF (was: Re: [oss-security] Mibew messenger multiple XSS)
Carsten Eiram (Feb 01)
Re: XSS hiding CSRF (was: Re: [oss-security] Mibew messenger multiple XSS)
Filippo Cavallarin (Feb 02)
Fwd: Apache HTTP Server 2.2.22 Released
Solar Designer (Jan 31)
Re: Fwd: Apache HTTP Server 2.2.22 Released
Kurt Seifried (Jan 31)
Re: Fwd: Apache HTTP Server 2.2.22 Released
Solar Designer (Jan 31)
CVE Request (two ids) -- Xchat-WDK (prior 1499-4 [2012-01-18]) and Xchat-v2.8.6 on Maemo architecture -- Heap-based buffer overflow by processing UTF-8 line from server containing characters outside BMP
Jan Lieskovsky (Feb 01)
Re: CVE Request (two ids) -- Xchat-WDK (prior 1499-4 [2012-01-18]) and Xchat-v2.8.6 on Maemo architecture -- Heap-based buffer overflow by processing UTF-8 line from server containing characters outside BMP
Berke Viktor (Feb 01)
Re: Re: CVE Request (two ids) -- Xchat-WDK (prior 1499-4 [2012-01-18]) and Xchat-v2.8.6 on Maemo architecture -- Heap-based buffer overflow by processing UTF-8 line from server containing characters outside BMP
Yves-Alexis Perez (Feb 01)
Re: CVE Request (two ids) -- Xchat-WDK (prior 1499-4 [2012-01-18]) and Xchat-v2.8.6 on Maemo architecture -- Heap-based buffer overflow by processing UTF-8 line from server containing characters outside BMP
Kurt Seifried (Feb 01)
CVE request: phpldapadmin "base" Cross-Site Scripting Vulnerability
Agostino Sarubbo (Feb 02)
Re: CVE request: phpldapadmin "base" Cross-Site Scripting Vulnerability
Kurt Seifried (Feb 03)
Xen Security Advisory 6 (CVE-2012-0029) - HVM e1000, buffer overflow
Ian Jackson (Feb 02)
PHP remote code execution introduced via HashDoS fix
Tomas Hoger (Feb 02)
Re: PHP remote code execution introduced via HashDoS fix
Solar Designer (Feb 02)
Re: PHP remote code execution introduced via HashDoS fix
Pierre Joye (Feb 02)
Adding Xen.org contact to linux-distros security list
Ian Campbell (Feb 03)
Re: Adding Xen.org contact to linux-distros security list
Kurt Seifried (Feb 03)
Re: Adding Xen.org contact to linux-distros security list
Solar Designer (Feb 03)
Re: Adding Xen.org contact to linux-distros security list
Ian Campbell (Feb 05)
CVE Request (2002): Linux TCP stack could accept invalid TCP flag combinations
Marcus Meissner (Feb 03)
Re: CVE Request (2002): Linux TCP stack could accept invalid TCP flag combinations
Kurt Seifried (Feb 03)
CVE-request: Joomla! Security News 2012-02-03
Henri Salo (Feb 03)
Re: CVE-request: Joomla! Security News 2012-02-03
Kurt Seifried (Feb 03)
CVE-2011-3637 Linux kernel: proc: fix Oops on invalid /proc/<pid>/maps access
Solar Designer (Feb 05)
Re: CVE-2011-3637 Linux kernel: proc: fix Oops on invalid /proc/<pid>/maps access
Jason A. Donenfeld (Feb 07)
Linux procfs infoleaks via self-read by a SUID/SGID program (was: CVE-2011-3637 Linux kernel: proc: fix Oops on invalid /proc/<pid>/maps access)
Solar Designer (Feb 08)
Re: Linux procfs infoleaks via self-read by a SUID/SGID program (was: CVE-2011-3637 Linux kernel: proc: fix Oops on invalid /proc/<pid>/maps access)
Djalal Harouni (Feb 08)
Re: Linux procfs infoleaks via self-read by a SUID/SGID program (was: CVE-2011-3637 Linux kernel: proc: fix Oops on invalid /proc/<pid>/maps access)
Jason A. Donenfeld (Feb 08)
Re: Linux procfs infoleaks via self-read by a SUID/SGID program (was: CVE-2011-3637 Linux kernel: proc: fix Oops on invalid /proc/<pid>/maps access)
Jason A. Donenfeld (Feb 08)
Re: Linux procfs infoleaks via self-read by a SUID/SGID program (was: CVE-2011-3637 Linux kernel: proc: fix Oops on invalid /proc/<pid>/maps access)
Solar Designer (Feb 08)
Re: Linux procfs infoleaks via self-read by a SUID/SGID program (was: CVE-2011-3637 Linux kernel: proc: fix Oops on invalid /proc/<pid>/maps access)
Jason A. Donenfeld (Feb 08)
Re: Linux procfs infoleaks via self-read by a SUID/SGID program (was: CVE-2011-3637 Linux kernel: proc: fix Oops on invalid /proc/<pid>/maps access)
Solar Designer (Feb 08)
Re: Linux procfs infoleaks via self-read by a SUID/SGID program (was: CVE-2011-3637 Linux kernel: proc: fix Oops on invalid /proc/<pid>/maps access)
Djalal Harouni (Feb 09)
Re: CVE Request -- kernel: jbd/jbd2: invalid value of first log block leads to oops
Solar Designer (Feb 05)
Re: CVE-2011-4324 kernel: nfsv4: mknod(2) DoS
Solar Designer (Feb 06)
CVE-2011-4325 Linux kernel: nfs: diotest4 from LTP crash client
Solar Designer (Feb 06)
Re: CVE-2011-4325 Linux kernel: nfs: diotest4 from LTP crash client
Petr Matousek (Feb 07)
Re: CVE-2011-4325 Linux kernel: nfs: diotest4 from LTP crash client
Solar Designer (Feb 08)
CVE request: Hash DoS vulnerability (ocert-2011-003)
Kurt Seifried (Feb 06)
Re: CVE request: Hash DoS vulnerability (ocert-2011-003)
Kurt Seifried (Feb 06)
CVE request: apr - Hash DoS vulnerability
Moritz Muehlenhoff (Feb 08)
Re: CVE request: apr - Hash DoS vulnerability
Kurt Seifried (Feb 08)
MySQL 0-day - does it need a CVE?
Kurt Seifried (Feb 09)
Re: MySQL 0-day - does it need a CVE?
Henri Salo (Feb 09)
Re: MySQL 0-day - does it need a CVE?
Henri Salo (Feb 09)
Re: MySQL 0-day - does it need a CVE?
Solar Designer (Feb 09)
Re: MySQL 0-day - does it need a CVE?
Yves-Alexis Perez (Feb 09)
Re: MySQL 0-day - does it need a CVE?
Kurt Seifried (Feb 09)
Re: MySQL 0-day - does it need a CVE?
Yves-Alexis Perez (Feb 09)
Re: MySQL 0-day - does it need a CVE?
Henri Salo (Feb 10)
Re: MySQL 0-day - does it need a CVE?
Solar Designer (Feb 11)
Re: MySQL 0-day - does it need a CVE?
Tomas Hoger (Feb 24)
Re: MySQL 0-day - does it need a CVE?
Kurt Seifried (Feb 24)
Re: MySQL 0-day - does it need a CVE?
Larry Stefonic (Feb 24)
CVE request: surf
Florian Weimer (Feb 09)
Re: CVE request: surf
Kurt Seifried (Feb 09)
Re: CVE request: surf
Florian Weimer (Feb 10)
RE: CVE request: surf
Daniel Suarez (Feb 10)
Re: CVE request: surf
Kurt Seifried (Feb 11)
imagemagick invalid validation DoS CVE-2012-0247 and CVE-2012-02478
Henri Salo (Feb 10)
Re: imagemagick invalid validation DoS CVE-2012-0247 and CVE-2012-02478
Vincent Danen (Feb 10)
Re: imagemagick invalid validation DoS CVE-2012-0247 and CVE-2012-02478
Vincent Danen (Feb 10)
[vs] CVE-2012-1037 GLPI <= 0.80.61 LFI/RFI
Emilien Girault (Feb 10)
CVE-request: Webcalendar 1.2.4 location XSS
Henri Salo (Feb 11)
Re: CVE-request: Webcalendar 1.2.4 location XSS
Eitan Adler (Feb 11)
Re: CVE-request: Webcalendar 1.2.4 location XSS
Henri Salo (Feb 12)
Re: CVE-request: Webcalendar 1.2.4 location XSS
Henri Salo (Feb 12)
Re: CVE-request: Webcalendar 1.2.4 location XSS
Kurt Seifried (Feb 13)
CubeCart 3.0.20 (3.0.x) and lower | Open URL Redirection Vulnerability
YGN Ethical Hacker Group (Feb 12)
Re: CubeCart 3.0.20 (3.0.x) and lower | Open URL Redirection Vulnerability
Kurt Seifried (Feb 13)
Re: CubeCart 3.0.20 (3.0.x) and lower | Open URL Redirection Vulnerability
YGN Ethical Hacker Group (Feb 16)
Re: CubeCart 3.0.20 (3.0.x) and lower | Open URL Redirection Vulnerability
Kurt Seifried (Feb 17)
Re: CubeCart 3.0.20 (3.0.x) and lower | Open URL Redirection Vulnerability
Kurt Seifried (Feb 17)
Subscribe to linux-distros?
Matthias Weckbecker (Feb 13)
Re: Subscribe to linux-distros?
Marcus Meissner (Feb 13)
Re: Subscribe to linux-distros?
Solar Designer (Feb 14)
CVE Request -- python (SimpleXMLRPCServer): DoS (excessive CPU usage) via malformed XML-RPC / HTTP POST request
Jan Lieskovsky (Feb 13)
Re: CVE Request -- python (SimpleXMLRPCServer): DoS (excessive CPU usage) via malformed XML-RPC / HTTP POST request
Kurt Seifried (Feb 13)
Re: CVE Request -- python (SimpleXMLRPCServer): DoS (excessive CPU usage) via malformed XML-RPC / HTTP POST request
Jan Lieskovsky (Feb 14)
Re: CVE Request -- python (SimpleXMLRPCServer): DoS (excessive CPU usage) via malformed XML-RPC / HTTP POST request
David Malcolm (Feb 14)
CVE request: mumble local information disclosure
Vincent Danen (Feb 15)
Re: CVE request: mumble local information disclosure
Kurt Seifried (Feb 15)
Re: CVE request: mumble local information disclosure
Ludwig Nussel (Feb 16)
Re: CVE request: mumble local information disclosure
Kurt Seifried (Feb 16)
CVE-2012-0864 assignment notification -- glibc F_S format string protection bypass via "nargs" integer overflow
Stefan Cornelius (Feb 17)
TORCS 1.3.2 xml buffer overflow - CVE-2012-1189
Andres Gomez (Feb 18)
Re: TORCS 1.3.2 xml buffer overflow - CVE-2012-1189
Andres Gomez (Mar 05)
Message not available
Re: Re: TORCS 1.3.2 xml buffer overflow - CVE-2012-1189
Andres Gomez (Mar 06)
Re: Re: TORCS 1.3.2 xml buffer overflow - CVE-2012-1189
Tomas Hoger (Mar 06)
Re: Re: TORCS 1.3.2 xml buffer overflow - CVE-2012-1189
Andres Gomez (Mar 09)
Vulnerabilitites in Debian F*EX <= 20100208 and F*EX 20111129-2.
muuratsalo experimental hack lab (Feb 20)
Re: Vulnerabilitites in Debian F*EX <= 20100208 and F*EX 20111129-2.
Nico Golde (Feb 20)
Re: Vulnerabilitites in Debian F*EX <= 20100208 and F*EX 20111129-2.
Henri Salo (Feb 20)
Re: Vulnerabilitites in Debian F*EX <= 20100208 and F*EX 20111129-2.
Nico Golde (Feb 20)
Re: Vulnerabilitites in Debian F*EX <= 20100208 and F*EX 20111129-2.
Kurt Seifried (Feb 20)
Re: Vulnerabilitites in Debian F*EX <= 20100208 and F*EX 20111129-2.
Steven M. Christey (Feb 23)
OxWall 1.1.1 <= Multiple Cross Site Scripting Vulnerabilities
YGN Ethical Hacker Group (Feb 20)
Re: OxWall 1.1.1 <= Multiple Cross Site Scripting Vulnerabilities
Kurt Seifried (Feb 20)
Dolphin 7.0.7 <= Multiple Cross Site Scripting Vulnerabilities
YGN Ethical Hacker Group (Feb 20)
Re: Dolphin 7.0.7 <= Multiple Cross Site Scripting Vulnerabilities
Kurt Seifried (Feb 20)
Bugs in "file" program VU#621745
CERT(R) Coordination Center (Feb 20)
Re: Bugs in "file" program VU#621745
Kurt Seifried (Feb 20)
Re: Bugs in "file" program VU#621745
Florian Weimer (Feb 29)
Re: Bugs in "file" program VU#621745
Kurt Seifried (Feb 29)
Re: Bugs in "file" program VU#621745
Kurt Seifried (Feb 29)
<Possible follow-ups>
Re: Bugs in "file" program VU#621745
Jan Lieskovsky (Mar 20)
Re: Re: Bugs in "file" program VU#621745
Kurt Seifried (Mar 20)
libxml2: hash table collisions CPU usage DoS
Huzaifa Sidhpurwala (Feb 21)
CVE-2012-0875: systemtap memory disclosure/kernel panic when processing malformed DWARF unwind data
Vincent Danen (Feb 22)
CVE Request -- python-paste-script: Supplementary groups not dropped when started an application with "paster serve" as root
Jan Lieskovsky (Feb 23)
Re: CVE Request -- python-paste-script: Supplementary groups not dropped when started an application with "paster serve" as root
Kurt Seifried (Feb 23)
CVE request -- kernel: block: CLONE_IO io_context refcounting issues
Petr Matousek (Feb 23)
Re: CVE request -- kernel: block: CLONE_IO io_context refcounting issues
Kurt Seifried (Feb 23)
Attack on badly configured Netfilter-based firewalls
Eric Leblond (Feb 25)
Re: Attack on badly configured Netfilter-based firewalls
Yves-Alexis Perez (Feb 25)
Re: Attack on badly configured Netfilter-based firewalls
Eric Leblond (Feb 26)
Re: Attack on badly configured Netfilter-based firewalls
Eugene Teo (Feb 26)
Re: Attack on badly configured Netfilter-based firewalls
Solar Designer (Feb 26)
Re: Attack on badly configured Netfilter-based firewalls
Eric Leblond (Feb 27)
Re: Attack on badly configured Netfilter-based firewalls
Eric Leblond (Mar 09)
Re: Attack on badly configured Netfilter-based firewalls
ArkanoiD (Mar 09)
Re: Attack on badly configured Netfilter-based firewalls
Eric Leblond (Mar 09)
Re: Attack on badly configured Netfilter-based firewalls
Kurt Seifried (Mar 09)
Re: Attack on badly configured Netfilter-based firewalls
Jussi Eronen (Mar 02)
Re: Attack on badly configured Netfilter-based firewalls
Kurt Seifried (Mar 02)
Re: Attack on badly configured Netfilter-based firewalls
Jussi Eronen (Mar 20)
Re: Attack on badly configured Netfilter-based firewalls
Kurt Seifried (Feb 26)
Re: Attack on badly configured Netfilter-based firewalls
Eric Leblond (Feb 26)
Re: Attack on badly configured Netfilter-based firewalls
Solar Designer (Feb 26)
Re: Attack on badly configured Netfilter-based firewalls
Eric Leblond (Feb 26)
Re: Attack on badly configured Netfilter-based firewalls
yersinia (Feb 27)
Re: Attack on badly configured Netfilter-based firewalls
Sebastian Krahmer (Feb 27)
Re: Attack on badly configured Netfilter-based firewalls
ArkanoiD (Feb 27)
Re: Attack on badly configured Netfilter-based firewalls
Sebastian Krahmer (Feb 27)
Re: Attack on badly configured Netfilter-based firewalls
Florian Weimer (Feb 27)
Re: Attack on badly configured Netfilter-based firewalls
Eric Leblond (Feb 27)
Re: Attack on badly configured Netfilter-based firewalls
Eric Leblond (Feb 28)
CVE Status Clarification / Request -- kadu: Stored XSS by parsing contact's status and sms messages in history
Jan Lieskovsky (Feb 27)
Re: CVE Status Clarification / Request -- kadu: Stored XSS by parsing contact's status and sms messages in history
Kurt Seifried (Feb 27)
Re: CVE Status Clarification / Request -- kadu: Stored XSS by parsing contact's status and sms messages in history
Rafał Malinowski (Feb 28)
Re: CVE Status Clarification / Request -- kadu: Stored XSS by parsing contact's status and sms messages in history
cve-assign (Feb 28)
Re: Re: CVE Status Clarification / Request -- kadu: Stored XSS by parsing contact's status and sms messages in history
Kurt Seifried (Feb 28)
Re: Re: CVE Status Clarification / Request -- kadu: Stored XSS by parsing contact's status and sms messages in history
cve-assign (Feb 28)
Re: Re: CVE Status Clarification / Request -- kadu: Stored XSS by parsing contact's status and sms messages in history
Kurt Seifried (Feb 28)
Re: Re: CVE Status Clarification / Request -- kadu: Stored XSS by parsing contact's status and sms messages in history
Marcus Meissner (Feb 29)
Re: Re: CVE Status Clarification / Request -- kadu: Stored XSS by parsing contact's status and sms messages in history
cve-assign (Feb 29)
Re: Re: CVE Status Clarification / Request -- kadu: Stored XSS by parsing contact's status and sms messages in history
Kurt Seifried (Feb 28)
Re: Re: CVE Status Clarification / Request -- kadu: Stored XSS by parsing contact's status and sms messages in history
Kurt Seifried (Feb 28)
Re: CVE Status Clarification / Request -- kadu: Stored XSS by parsing contact's status and sms messages in history
Rafał Malinowski (Feb 27)
Re: CVE Status Clarification / Request -- kadu: Stored XSS by parsing contact's status and sms messages in history
Mateusz Goik (Feb 27)
Re: CVE Status Clarification / Request -- kadu: Stored XSS by parsing contact's status and sms messages in history
Mateusz Goik (Feb 27)
Re: Re: CVE Status Clarification / Request -- kadu: Stored XSS by parsing contact's status and sms messages in history
Kurt Seifried (Feb 27)
Re: Re: CVE Status Clarification / Request -- kadu: Stored XSS by parsing contact's status and sms messages in history
Rafał Malinowski (Feb 27)
Re: Re: CVE Status Clarification / Request -- kadu: Stored XSS by parsing contact's status and sms messages in history
Kurt Seifried (Feb 28)
Re: Re: CVE Status Clarification / Request -- kadu: Stored XSS by parsing contact's status and sms messages in history
Rafał Malinowski (Feb 29)
Case YVS Image Gallery
Henri Salo (Feb 27)
Re: Case YVS Image Gallery
Kurt Seifried (Feb 27)
Re: Case YVS Image Gallery
Henri Salo (Feb 27)
Re: Case YVS Image Gallery
Kurt Seifried (Mar 19)
CVE Request -- Multiple instances of insecure temporary file use
Jan Lieskovsky (Feb 27)
Re: CVE Request -- Multiple instances of insecure temporary file use
Kurt Seifried (Feb 27)
CVE request: openssl: null pointer dereference issue
Matthias Weckbecker (Feb 27)
Re: CVE request: openssl: null pointer dereference issue
Kurt Seifried (Feb 27)
Re: CVE request: openssl: null pointer dereference issue
Kurt Seifried (Feb 28)
Re: CVE request: openssl: null pointer dereference issue
Tomas Hoger (Mar 12)
Re: CVE request: openssl: null pointer dereference issue
Kurt Seifried (Mar 12)
Re: CVE request: openssl: null pointer dereference issue
Kurt Seifried (Mar 12)
Re: CVE request: openssl: null pointer dereference issue
Tomas Hoger (Mar 13)
DesktopOnNet 3 Beta LFI
Whitney Houston (Feb 27)
Re: DesktopOnNet 3 Beta LFI
Whitney Houston (Feb 27)
Re: Re: DesktopOnNet 3 Beta LFI
Kurt Seifried (Feb 27)
CVE request -- kernel: cifs: dentry refcount leak when opening a FIFO on lookup leads to panic on unmount
Petr Matousek (Feb 28)
Re: CVE request -- kernel: cifs: dentry refcount leak when opening a FIFO on lookup leads to panic on unmount
Kurt Seifried (Feb 28)
CVE request: init script x11-common creates directories in insecure manners
vladz (Feb 28)
Re: CVE request: init script x11-common creates directories in insecure manners
Kurt Seifried (Feb 28)
Re: CVE request: init script x11-common creates directories in insecure manners
vladz (Mar 01)
Re: CVE request: init script x11-common creates directories in insecure manners
Jason A. Donenfeld (Mar 01)
CVE Request (minor) -- osc: Improper sanitization of terminal emulator escape sequences when displaying build log and build status
Jan Lieskovsky (Feb 28)
Re: CVE Request (minor) -- osc: Improper sanitization of terminal emulator escape sequences when displaying build log and build status
Marcus Meissner (Feb 28)
Re: Re: CVE Request (minor) -- osc: Improper sanitization of terminal emulator escape sequences when displaying build log and build status
Kurt Seifried (Feb 28)
Re: Re: CVE Request (minor) -- osc: Improper sanitization of terminal emulator escape sequences when displaying build log and build status
Marcus Meissner (Feb 29)
Re: Re: CVE Request (minor) -- osc: Improper sanitization of terminal emulator escape sequences when displaying build log and build status
Kurt Seifried (Mar 01)
CVE Request: NetworkManager arbitrary file access
Ludwig Nussel (Feb 29)
Re: CVE Request: NetworkManager arbitrary file access
Kurt Seifried (Mar 01)
CVE-request: Joomla core information disclosure 1.7.1
Henri Salo (Mar 01)
Re: CVE-request: Joomla core information disclosure 1.7.1
Henri Salo (Mar 01)
Re: CVE-request: Joomla core information disclosure 1.7.1
Kurt Seifried (Mar 01)
Re: CVE-request: Joomla core information disclosure 1.7.1
Henri Salo (Mar 01)
Re: CVE-request: Joomla core information disclosure 1.7.1
Kurt Seifried (Mar 02)
Re: CVE-request: Joomla core information disclosure 1.7.1
Kurt Seifried (Mar 02)
Re: CVE-request: Joomla core information disclosure 1.7.1
Henri Salo (Mar 02)
CVE Request -- Ruby on Rails (v3.0.12) / rubygem-actionpack: Two XSS flaws
Jan Lieskovsky (Mar 02)
Re: CVE Request -- Ruby on Rails (v3.0.12) / rubygem-actionpack: Two XSS flaws
Kurt Seifried (Mar 02)
Partial ASLR bypass
Tim Brown (Mar 02)
CVE-request: systemd local denial of login or local users can create arbitrary services
Henri Salo (Mar 04)
Re: CVE-request: systemd local denial of login or local users can create arbitrary services
Kurt Seifried (Mar 04)
CVE-Request taglib vulnerabilities
Zubin Mithra (Mar 04)
Re: CVE-Request taglib vulnerabilities
Kurt Seifried (Mar 04)
Re: CVE-Request taglib vulnerabilities
Zubin Mithra (Mar 04)
Re: CVE-Request taglib vulnerabilities
Kurt Seifried (Mar 05)
Re: CVE-Request taglib vulnerabilities
Ludwig Nussel (Mar 21)
Re: CVE-Request taglib vulnerabilities
Kurt Seifried (Mar 21)
Re: CVE-Request taglib vulnerabilities
Zubin Mithra (Mar 21)
Re: CVE-Request taglib vulnerabilities
Ludwig Nussel (Mar 26)
Re: CVE-Request taglib vulnerabilities
Kurt Seifried (Mar 26)
CVE Request: XML entity expansion in the XML::Atom Perl module
Florian Weimer (Mar 04)
Re: CVE Request: XML entity expansion in the XML::Atom Perl module
Florian Weimer (Mar 04)
Re: CVE Request: XML entity expansion in the XML::Atom Perl module
Kurt Seifried (Mar 04)
CVE request: notmuch
Moritz Mühlenhoff (Mar 04)
Re: CVE request: notmuch
Kurt Seifried (Mar 04)
Re: CVE request: notmuch
Florian Weimer (Mar 04)
CVE request: XML::Atom Perl module
Moritz Muehlenhoff (Mar 04)
Re: CVE request: XML::Atom Perl module
Adam D. Barratt (Mar 04)
CVE Requests for phpCAS
Joachim Fritschi (Mar 04)
Re: CVE Requests for phpCAS
Kurt Seifried (Mar 04)
CVE-2012-1097 kernel: regset: Prevent null pointer reference on readonly regsets
Eugene Teo (Mar 04)
CVE-2011-4348 kernel: incomplete fix for CVE-2011-2482
Eugene Teo (Mar 04)
CVE-2011-3593 kernel: vlan: fix panic when handling priority tagged frames
Eugene Teo (Mar 04)
Ruby on Rails github compromise
Kurt Seifried (Mar 04)
CVE Request -- LDAP Account Manager Pro / PhpLDAPadmin -- Multiple XSS flaws
Jan Lieskovsky (Mar 05)
Re: CVE Request -- LDAP Account Manager Pro / PhpLDAPadmin -- Multiple XSS flaws
Kurt Seifried (Mar 05)
Re: CVE Request -- LDAP Account Manager Pro / PhpLDAPadmin -- Multiple XSS flaws
Jan Lieskovsky (Mar 12)
Re: CVE Request -- LDAP Account Manager Pro / PhpLDAPadmin -- Multiple XSS flaws
Roland Gruber (Mar 12)
Re: CVE Request -- LDAP Account Manager Pro / PhpLDAPadmin -- Multiple XSS flaws
Roland Gruber (Mar 05)
Re: CVE Request -- LDAP Account Manager Pro / PhpLDAPadmin -- Multiple XSS flaws
Dmitry Butskoy (Mar 06)
CVE Request: lightdm
Marc Deslauriers (Mar 05)
Re: CVE Request: lightdm
Kurt Seifried (Mar 05)
Open-Realty CMS 2.5.8 (2.x.x) <= "select_users_template" Local File Inclusion Vulnerability
YGN Ethical Hacker Group (Mar 05)
Re: Open-Realty CMS 2.5.8 (2.x.x) <= "select_users_template" Local File Inclusion Vulnerability
Kurt Seifried (Mar 05)
Etano 1.x <= Multiple Cross Site Scripting Vulnerabilities
YGN Ethical Hacker Group (Mar 05)
Re: Etano 1.x <= Multiple Cross Site Scripting Vulnerabilities
Kurt Seifried (Mar 05)
CVE request: mwlib < 0.13.5 DoS flaw
Vincent Danen (Mar 05)
Re: CVE request: mwlib < 0.13.5 DoS flaw
Kurt Seifried (Mar 05)
CVE-2012-1106 assignment notification -- abrt: Setuid process core dump archived with unsafe GID permissions
Stefan Cornelius (Mar 05)
CVE-request: phxEventManager search.php search_terms Parameter SQL Injection
Henri Salo (Mar 05)
Re: CVE-request: phxEventManager search.php search_terms Parameter SQL Injection
Kurt Seifried (Mar 06)
CVE-request: Kish Guest Posting Plugin for WordPress File Upload Remote PHP Code Execution
Henri Salo (Mar 05)
Re: CVE-request: Kish Guest Posting Plugin for WordPress File Upload Remote PHP Code Execution
Kurt Seifried (Mar 06)
Re: CVE-request: Kish Guest Posting Plugin for WordPress File Upload Remote PHP Code Execution
Henri Salo (Mar 07)
CVE request: mantisbt before 1.2.9
Hanno Böck (Mar 06)
Re: CVE request: mantisbt before 1.2.9
David Hicks (Mar 06)
Re: CVE request: mantisbt before 1.2.9
Kurt Seifried (Mar 06)
CVE-request: Joomla! Security News 2012-03
Henri Salo (Mar 06)
Re: CVE-request: Joomla! Security News 2012-03
Kurt Seifried (Mar 06)
Re: CVE-request: Joomla! Security News 2012-03
Kurt Seifried (Mar 06)
CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9
Jan Lieskovsky (Mar 06)
Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9
Kurt Seifried (Mar 06)
Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9
Werner LEMBERG (Mar 07)
CVE request -- kernel: mm: memcg: unregistring of events attached to the same eventfd can lead to oops
Petr Matousek (Mar 07)
Re: CVE request -- kernel: mm: memcg: unregistring of events attached to the same eventfd can lead to oops
Kurt Seifried (Mar 07)
CVE-request: phpMyFAQ index.php URI XSS
Henri Salo (Mar 07)
Re: CVE-request: phpMyFAQ index.php URI XSS
Kurt Seifried (Mar 08)
CVE-request: Parallels Plesk Panel admin/plib/api-rpc/Agent.php Unspecified SQL Injection
Henri Salo (Mar 07)
Re: CVE-request: Parallels Plesk Panel admin/plib/api-rpc/Agent.php Unspecified SQL Injection
Kurt Seifried (Mar 08)
Re: CVE-request: Parallels Plesk Panel admin/plib/api-rpc/Agent.php Unspecified SQL Injection
Henri Salo (Mar 08)
CVE request for PHP 5.3.x Corrupted $_FILES indices lead to security concern
Kurt Seifried (Mar 08)
Re: CVE request for PHP 5.3.x Corrupted $_FILES indices lead to security concern
Kurt Seifried (Mar 08)
Re: CVE request for PHP 5.3.x Corrupted $_FILES indices lead to security concern
Huzaifa Sidhpurwala (Mar 13)
expat 2.1.0beta fixes 5 Denial of Service attacks, CVE's/details inside
Kurt Seifried (Mar 08)
Re: expat 2.1.0beta fixes 5 Denial of Service attacks, CVE's/details inside
Kurt Seifried (Mar 08)
CVE-request: Ariadne 2.7.6 XSS
Henri Salo (Mar 09)
Re: CVE-request: Ariadne 2.7.6 XSS
Kurt Seifried (Mar 09)
CVE-request: appRain CMF uploadify.php File Upload Remote PHP Code Execution
Henri Salo (Mar 09)
Re: CVE-request: appRain CMF uploadify.php File Upload Remote PHP Code Execution
Kurt Seifried (Mar 09)
CVE Request -- libdbd-pg-perl / perl-DBD-Pg && libyaml-libyaml-perl / perl-YAML-LibYAML: Multiple format string flaws
Jan Lieskovsky (Mar 09)
Re: CVE Request -- libdbd-pg-perl / perl-DBD-Pg && libyaml-libyaml-perl / perl-YAML-LibYAML: Multiple format string flaws
Kurt Seifried (Mar 09)
CVE Request: Python Hash DoS (Issue 13703)
Kurt Seifried (Mar 09)
Re: CVE Request: Python Hash DoS (Issue 13703)
Kurt Seifried (Mar 09)
CVE Request -- openldap (slapd): Assertion failure by processing search queries requesting only attributes for particular entry
Jan Lieskovsky (Mar 12)
Re: CVE Request -- openldap (slapd): Assertion failure by processing search queries requesting only attributes for particular entry
Kurt Seifried (Mar 12)
CVE Request: ldm (LTSP display manager)
Marc Deslauriers (Mar 12)
Re: CVE Request: ldm (LTSP display manager)
Kurt Seifried (Mar 12)
running the distros lists
Solar Designer (Mar 12)
Re: running the distros lists
Solar Designer (Mar 12)
Re: running the distros lists
Thomas Klausner (Mar 13)
Re: running the distros lists
Solar Designer (Mar 13)
Re: running the distros lists
Kurt Seifried (Mar 14)
Re: running the distros lists
Solar Designer (Mar 14)
Re: running the distros lists
Tim Brown (Mar 14)
Re: running the distros lists
Kurt Seifried (Mar 14)
Re: running the distros lists
Josh Bressers (Mar 15)
Re: running the distros lists
Solar Designer (Mar 15)
Re: running the distros lists
Josh Bressers (Mar 19)
CVE Request: libgdata did not verify SSL certificates
Ludwig Nussel (Mar 14)
Re: CVE Request: libgdata did not verify SSL certificates
Marc Deslauriers (Mar 14)
Re: CVE Request: libgdata did not verify SSL certificates
Kurt Seifried (Mar 14)
CVE request: Two Pidgin crashes
Mark Doliner (Mar 14)
Re: CVE request: Two Pidgin crashes
Kurt Seifried (Mar 14)
CVE request: pyfribidi buffer overflow flaw
Vincent Danen (Mar 14)
Re: CVE request: pyfribidi buffer overflow flaw
Kurt Seifried (Mar 14)
CVE request: gnash integer overflow
Vincent Danen (Mar 14)
Re: CVE request: gnash integer overflow
Kurt Seifried (Mar 14)
Was a CVE ever assigned for Python SimpleHTTPServer.py XSS?
Vincent Danen (Mar 14)
Re: Was a CVE ever assigned for Python SimpleHTTPServer.py XSS?
Kurt Seifried (Mar 14)
CVE request: eZ Publish: unspecified vulnerability
Luc ABRIC (Mar 15)
Re: CVE request: eZ Publish: unspecified vulnerability
Kurt Seifried (Mar 15)
Re: CVE request: eZ Publish: unspecified vulnerability
Solar Designer (Mar 15)
CVE Request: nginx fix for malformed HTTP responses from upstream servers
Andrew Alexeev (Mar 15)
Re: CVE Request: nginx fix for malformed HTTP responses from upstream servers
Kurt Seifried (Mar 15)
Android CVE identifiers
Dan Rosenberg (Mar 15)
CVE-2012-1179 kernel: thp: __split_huge_page() mapcount != page_mapcount BUG_ON()
Petr Matousek (Mar 15)
CVE-request: apache's mod-fcgid does not respect configured FcgidMaxProcessesPerClass in VirtualHost
Daniel Kahn Gillmor (Mar 15)
Re: CVE-request: apache's mod-fcgid does not respect configured FcgidMaxProcessesPerClass in VirtualHost
Kurt Seifried (Mar 15)
CVE Requests
Mark Stanislav (Mar 15)
Re: CVE Requests
Kurt Seifried (Mar 15)
Re: CVE Requests
Mark Stanislav (Mar 15)
Re: CVE Requests
Kurt Seifried (Mar 15)
Re: CVE Requests
Mark Stanislav (Mar 15)
Re: CVE Requests
Kurt Seifried (Mar 15)
Re: CVE Requests
Mark Stanislav (Mar 15)
Re: CVE Requests
Solar Designer (Mar 16)
Re: CVE Requests
Kurt Seifried (Mar 16)
Re: CVE Requests
Mark Stanislav (Mar 16)
Re: CVE Requests
Kurt Seifried (Mar 16)
Re: CVE Requests
Andreas Ericsson (Mar 16)
Re: CVE Requests
Adam D. Barratt (Mar 16)
Re: CVE Requests
Mark Stanislav (Mar 16)
Re: CVE Requests
Tim Brown (Mar 16)
Re: CVE Requests
Mark Stanislav (Mar 16)
Re: CVE Requests
Kurt Seifried (Mar 16)
Re: CVE Requests
Tim Brown (Mar 16)
Re: CVE Requests
Eugene Teo (Mar 18)
Re: CVE Requests
Kurt Seifried (Mar 16)
Re: CVE Requests
Andreas Ericsson (Mar 19)
CVE-request: Drupal Finder SA-CONTRIB-2012-017
Henri Salo (Mar 16)
Re: CVE-request: Drupal Finder SA-CONTRIB-2012-017
Kurt Seifried (Mar 19)
CVE Request -- Asterisk: AST-2012-002 and AST-2012-003 flaws
Jan Lieskovsky (Mar 16)
Re: CVE Request -- Asterisk: AST-2012-002 and AST-2012-003 flaws
Kurt Seifried (Mar 16)
Re: CVE Request -- Asterisk: AST-2012-002 and AST-2012-003 flaws
Matthew Jordan (Mar 16)
Joomla! Security News 2012-03-16
Henri Salo (Mar 16)
Re: Joomla! Security News 2012-03-16
Kurt Seifried (Mar 19)
[Notification] CVE-2012-1174 systemd: TOCTOU race condition by removing user session
Jan Lieskovsky (Mar 16)
Drupal CORE and Drupal Contrib
Kurt Seifried (Mar 16)
Re: [security] Drupal CORE and Drupal Contrib
Greg Knaddison (Mar 16)
Re: Re: [security] Drupal CORE and Drupal Contrib
Kurt Seifried (Mar 19)
Re: Re: [security] Drupal CORE and Drupal Contrib
Greg Knaddison (Mar 20)
Re: Re: [security] Drupal CORE and Drupal Contrib
Moritz Muehlenhoff (Mar 21)
Re: Re: [security] Drupal CORE and Drupal Contrib
Kurt Seifried (Mar 21)
Re: CVE request: piwik before 1.6
Henri Salo (Mar 18)
Re: CVE request: piwik before 1.6
Kurt Seifried (Mar 19)
CVE request for bitlebee
David Black (Mar 19)
Re: CVE request for bitlebee
Kurt Seifried (Mar 19)
CVE-2012-1185 / CVE-2012-1186 assignment notification - incomplete ImageMagick fixes for CVE-2012-0247 / CVE-2012-0248
Stefan Cornelius (Mar 19)
CVE request: eZ Publish: insecure direct object reference
Luc ABRIC (Mar 19)
Re: CVE request: eZ Publish: insecure direct object reference
Kurt Seifried (Mar 19)
RE: CVE request: eZ Publish: insecure direct object reference
Luc ABRIC (Mar 20)
Re: CVE request: eZ Publish: insecure direct object reference
Kurt Seifried (Mar 20)
LinuxMint - temp file creation vulns in mintNanny and mintUpdate
Kurt Seifried (Mar 19)
CVE request: maradns deleted domain record cache persistance flaw
Vincent Danen (Mar 19)
Re: CVE request: maradns deleted domain record cache persistance flaw
Kurt Seifried (Mar 20)
CVE request -- kernel: execshield: predictable ascii armour base address
Petr Matousek (Mar 20)
Re: CVE request -- kernel: execshield: predictable ascii armour base address
Eugene Teo (Mar 20)
Re: CVE request -- kernel: execshield: predictable ascii armour base address
Nick Kralevich (Mar 20)
Re: CVE request -- kernel: execshield: predictable ascii armour base address
Marcus Meissner (Mar 20)
Re: CVE request -- kernel: execshield: predictable ascii armour base address
Petr Matousek (Mar 21)
Re: CVE request -- kernel: execshield: predictable ascii armour base address
Kurt Seifried (Mar 20)
CVE request: libtasn1 "asn1_get_length_der()" DER decoding issue
Stefan Cornelius (Mar 20)
Re: CVE request: libtasn1 "asn1_get_length_der()" DER decoding issue
Kurt Seifried (Mar 20)
CVE-2012-1162 / -1163: Incorrect loop construct and numeric overflow in libzip
Timo Warns (Mar 21)
Re: CVE-2012-1162 / -1163: Incorrect loop construct and numeric overflow in libzip
Timo Warns (Mar 29)
CVE request: GnuTLS TLS record handling issue / MU-201202-01
Stefan Cornelius (Mar 21)
Re: CVE request: GnuTLS TLS record handling issue / MU-201202-01
Tomas Hoger (Mar 21)
Vulnerabilities reported in ClamAV 0.96.4
Vincent Danen (Mar 21)
Re: Vulnerabilities reported in ClamAV 0.96.4
Matt Watchinski (Mar 21)
Re: Vulnerabilities reported in ClamAV 0.96.4
Vincent Danen (Mar 21)
Re: Vulnerabilities reported in ClamAV 0.96.4
Török Edwin (Mar 21)
atheme.org Security Advisory ASA-2012-03-01: Improper cleanup of CertFP entries may result in undefined behaviour
William Pitcock (Mar 21)
Re: atheme.org Security Advisory ASA-2012-03-01: Improper cleanup of CertFP entries may result in undefined behaviour
Kurt Seifried (Mar 21)
Re: atheme.org Security Advisory ASA-2012-03-01: Improper cleanup of CertFP entries may result in undefined behaviour
William Pitcock (Mar 22)
Re: atheme.org Security Advisory ASA-2012-03-01: Improper cleanup of CertFP entries may result in undefined behaviour
Kurt Seifried (Mar 22)
Re: Re: atheme.org Security Advisory ASA-2012-03-01: Improper cleanup of CertFP entries may result in undefined behaviour
The Fungi (Mar 23)
CVE for OpenBSD random() bug?
Kurt Seifried (Mar 21)
Re: CVE for OpenBSD random() bug?
Todd C. Miller (Mar 22)
Re: CVE for OpenBSD random() bug?
Kurt Seifried (Mar 23)
MediaWiki security and maintenance release 1.18.2
Henri Salo (Mar 22)
Re: MediaWiki security and maintenance release 1.18.2
Kurt Seifried (Mar 22)
CVE-request: ImpressPages CMS Unspecified Remote Code Execution
Henri Salo (Mar 22)
Re: CVE-request: ImpressPages CMS Unspecified Remote Code Execution
Kurt Seifried (Mar 23)
CVE-request: MyBB 1.6 <= SQL Injection
Henri Salo (Mar 23)
Re: CVE-request: MyBB 1.6 <= SQL Injection
Kurt Seifried (Mar 23)
Re: CVE-request: MyBB 1.6 <= SQL Injection
Henri Salo (Mar 25)
CVE Request: Geeklog 1.7.1 <= Cross Site Scripting Vulnerability
Henri Salo (Mar 23)
Re: CVE Request: Geeklog 1.7.1 <= Cross Site Scripting Vulnerability
Kurt Seifried (Mar 23)
CVE-request: OpenKM 5.1.7 Privilege Escalation / OS Command Execution (XSRF based)
Henri Salo (Mar 23)
Re: CVE-request: OpenKM 5.1.7 Privilege Escalation / OS Command Execution (XSRF based)
Kurt Seifried (Mar 23)
openssl security issue or not? (CVE Request?)
Marcus Meissner (Mar 23)
Re: openssl security issue or not? (CVE Request?)
Jan Lieskovsky (Mar 23)
Re: openssl security issue or not? (CVE Request?)
Ivan Nestlerode (Mar 23)
Re: Re: openssl security issue or not? (CVE Request?)
Marcus Meissner (Mar 23)
CVEs for MediaWiki security and maintenance release 1.18.2
Kurt Seifried (Mar 23)
CVE-2010 Request: quake3 / openarena-server: DDoS by processing 'getstatus' and 'rcon' packets
Jan Lieskovsky (Mar 26)
Re: CVE-2010 Request: quake3 / openarena-server: DDoS by processing 'getstatus' and 'rcon' packets
Kurt Seifried (Mar 26)
CVE request: quake3 reflective DoS
Florian Weimer (Mar 26)
CVE id request: cifs-utils
Nico Golde (Mar 26)
Re: CVE id request: cifs-utils
Kurt Seifried (Mar 27)
CVE request: distutils creates ~/.pypirc insecurely
Vincent Danen (Mar 27)
Re: CVE request: distutils creates ~/.pypirc insecurely
Jakub Wilk (Mar 27)
Re: CVE request: distutils creates ~/.pypirc insecurely
Vincent Danen (Mar 27)
Re: CVE request: distutils creates ~/.pypirc insecurely
Kurt Seifried (Mar 27)
Re: CVE request: distutils creates ~/.pypirc insecurely
Vincent Danen (Mar 27)
Re: CVE request: distutils creates ~/.pypirc insecurely
Kurt Seifried (Mar 27)
Re: CVE request: distutils creates ~/.pypirc insecurely
Vincent Danen (Mar 27)
Fwd: CVE-2012-0037: libraptor - XXE in RDF/XML File Interpretation (Multiple office products affected)
Solar Designer (Mar 27)
<Possible follow-ups>
Re: CVE-2012-0037: libraptor - XXE in RDF/XML File Interpretation (Multiple office products affected)
Solar Designer (Mar 27)
Re: CVE-2012-0037: libraptor - XXE in RDF/XML File Interpretation (Multiple office products affected)
VSR Advisories (Mar 27)
Re: CVE-2012-0037: libraptor - XXE in RDF/XML File Interpretation (Multiple office products affected)
Timothy D. Morgan (Mar 27)
Re: CVE-2012-0037: libraptor - XXE in RDF/XML File Interpretation (Multiple office products affected)
Solar Designer (Mar 29)
CVE Request: PolicyKit change allows users in "wheel" group to become root without a password
Tim Sammut (Mar 27)
Re: CVE Request: PolicyKit change allows users in "wheel" group to become root without a password
Kurt Seifried (Mar 27)
CVE request: Struts2 xsltResult local code execution flaw
David Jorm (Mar 27)
Re: CVE request: Struts2 xsltResult local code execution flaw
Kurt Seifried (Mar 28)
CVE-request: e107 HTB23004
Henri Salo (Mar 27)
Re: CVE-request: e107 HTB23004
Kurt Seifried (Mar 28)
CVE-request: clamav floating point exception in OLE2 scanner DoS (2007)
Henri Salo (Mar 27)
Re: CVE-request: clamav floating point exception in OLE2 scanner DoS (2007)
Kurt Seifried (Mar 28)
CVE-request: Joomla core information disclosure 372-20111003
Henri Salo (Mar 28)
CVE Request: Multiple wireshark security flaws resolved in 1.4.12 and 1.6.6
Huzaifa Sidhpurwala (Mar 28)
Re: CVE Request: Multiple wireshark security flaws resolved in 1.4.12 and 1.6.6
Kurt Seifried (Mar 28)
CVE request: eZ Publish XSS
Luc ABRIC (Mar 28)
Re: CVE request: eZ Publish XSS
Kurt Seifried (Mar 28)
CVE 2012-1565 Insecure object reference
Luc ABRIC (Mar 28)
CVE-request: Joomla 20120305 / 20120306
Henri Salo (Mar 28)
Re: CVE-request: Joomla 20120305 / 20120306
Kurt Seifried (Mar 28)
CVE request: phppgadmin before 5.0.4 XSS
Hanno Böck (Mar 28)
Re: CVE request: phppgadmin before 5.0.4 XSS
Kurt Seifried (Mar 28)
Re: CVE request: phppgadmin before 5.0.4 XSS
Henri Salo (Mar 30)
CVE request: egroupware before 1.8.002 various security issues
Hanno Böck (Mar 28)
Re: CVE request: egroupware before 1.8.002 various security issues
Kurt Seifried (Mar 28)
Re: CVE request: egroupware before 1.8.002 various security issues
Hanno Böck (Mar 28)
Re: CVE request: egroupware before 1.8.002 various security issues
Kurt Seifried (Mar 29)
Interesting blog entry - Finding v6 hosts by efficiently mapping ip6.arpa
Kurt Seifried (Mar 28)
Re: Interesting blog entry - Finding v6 hosts by efficiently mapping ip6.arpa
Florian Weimer (Mar 29)
CVE-request: NextBBS 0.6.0 waraxe-2012-SA#080
Henri Salo (Mar 28)
Re: CVE-request: NextBBS 0.6.0 waraxe-2012-SA#080
Kurt Seifried (Mar 29)
CVE request -- kernel: kvm: irqchip_in_kernel() and vcpu->arch.apic inconsistency
Petr Matousek (Mar 29)
Re: CVE request -- kernel: kvm: irqchip_in_kernel() and vcpu->arch.apic inconsistency
Kurt Seifried (Mar 29)
CVE request: TYPO3-CORE-SA-2012-001
Florian Weimer (Mar 29)
Re: CVE request: TYPO3-CORE-SA-2012-001
Kurt Seifried (Mar 29)
CVE-request: Coppermine 1.5.18 waraxe-2012-SA#081
Henri Salo (Mar 30)
Re: CVE-request: Coppermine 1.5.18 waraxe-2012-SA#081
Henri Salo (Mar 30)
Re: CVE-request: Coppermine 1.5.18 waraxe-2012-SA#081
Kurt Seifried (Mar 30)
CVE DISPUTE notification: postgresql-jdbc: SQL injection due improper escaping of JDBC statement parameters
Jan Lieskovsky (Mar 30)
postgresql-jdbc 8.1 SQL injection with postgresql server 9.1
Ludwig Nussel (Mar 30)
Re: [pgsql-security] postgresql-jdbc 8.1 SQL injection with postgresql server 9.1
Robert Haas (Mar 30)
Re: [pgsql-security] postgresql-jdbc 8.1 SQL injection with postgresql server 9.1
Robert Haas (Mar 30)
Re: postgresql-jdbc 8.1 SQL injection with postgresql server 9.1
Florian Weimer (Mar 30)
Re: glibc crypt(3), crypt_r(3), PHP crypt() may use alloca()
Tomas Hoger (Mar 30)
Re: glibc crypt(3), crypt_r(3), PHP crypt() may use alloca()
Solar Designer (Mar 30)
Re: glibc crypt(3), crypt_r(3), PHP crypt() may use alloca()
Jeff Law (Mar 30)
Re: glibc crypt(3), crypt_r(3), PHP crypt() may use alloca()
Solar Designer (Mar 30)
Re: glibc crypt(3), crypt_r(3), PHP crypt() may use alloca()
Jeff Law (Mar 30)
Re: glibc crypt(3), crypt_r(3), PHP crypt() may use alloca()
Solar Designer (Mar 30)
Re: glibc crypt(3), crypt_r(3), PHP crypt() may use alloca()
Jeff Law (Mar 30)
SQL injection attack possible when connecting to PostgreSQL 9.1 with version 8.1 JDBC driver
Steffen Dettmer (Mar 31)
Re: SQL injection attack possible when connecting to PostgreSQL 9.1 with version 8.1 JDBC driver
Kurt Seifried (Mar 31)
Previous period
Next period
[
Nmap
|
Sec Tools
|
Mailing Lists
|
Site News
|
About/Contact
|
Advertising
|
Privacy
]
RSS Feed
About List
All Lists
Previous period
