Nmap Security Scanner
Intro
Ref Guide
Install Guide
Download
Changelog
Book
Docs
Security Lists
Nmap Hackers
Nmap Dev
Bugtraq
Full Disclosure
Pen Test
Basics
More
Security Tools
Pass crackers
Sniffers
Vuln Scanners
Web scanners
Wireless
Exploitation
Packet crafters
More
Site News
Advertising
About/Contact
Sponsors:
oss-sec
: by thread
RSS Feed
About List
All Lists
Previous period
Next period
591 messages
starting
Jul 01 12 and
ending
Sep 30 12
Date index
| Thread index |
Author index
Re: ScriptFu Server Buffer Overflow in GIMP <= 2.6
mancha (Jul 01)
CVE #'s for WordPress 3.4.1 release
Kurt Seifried (Jul 02)
Re: CVE #'s for WordPress 3.4.1 release
Kurt Seifried (Jul 08)
CVE Request: Stability fixes in UDF Logical Volume Descriptor handling
Marcus Meissner (Jul 03)
Re: CVE Request: Stability fixes in UDF Logical Volume Descriptor handling
Kurt Seifried (Jul 03)
Re: CVE Request: Stability fixes in UDF Logical Volume Descriptor handling
Timo Warns (Jul 03)
Re: CVE Request: Stability fixes in UDF Logical Volume Descriptor handling
Kurt Seifried (Jul 04)
Re: CVE Request: Stability fixes in UDF Logical Volume Descriptor handling
Marcus Meissner (Jul 06)
Re: CVE Request: Stability fixes in UDF Logical Volume Descriptor handling
Kurt Seifried (Jul 10)
[OSSA 2012-008] Arbitrary file injection/corruption through directory traversal issues (CVE-2012-3360, CVE-2012-3361)
Thierry Carrez (Jul 03)
CVE Request -- kernel: epoll: can leak file descriptors when returning -ELOOP
Petr Matousek (Jul 04)
Re: CVE Request -- kernel: epoll: can leak file descriptors when returning -ELOOP
Kurt Seifried (Jul 04)
Three CVE requests: at-spi2-atk, as31, naxsi
Moritz Muehlenhoff (Jul 05)
Re: Three CVE requests: at-spi2-atk, as31, naxsi
Kurt Seifried (Jul 06)
Re: Three CVE requests: at-spi2-atk, as31, naxsi
Steven M. Christey (Aug 31)
Re: Three CVE requests: at-spi2-atk, as31, naxsi
Kurt Seifried (Aug 31)
CVE request: VLC / Asterisk
Moritz Muehlenhoff (Jul 06)
Re: CVE request: VLC / Asterisk
Kurt Seifried (Jul 06)
Re: CVE request: Asterisk
Kurt Seifried (Jul 06)
Re: CVE request: Asterisk
cve-assign (Jul 06)
Re: CVE request: Asterisk
Matthew Jordan (Jul 06)
CVE Request: sblim-sfcb: insecure LD_LIBRARY_PATH usage
Kurt Seifried (Jul 06)
Re: CVE Request: sblim-sfcb: insecure LD_LIBRARY_PATH usage
Kurt Seifried (Jul 06)
CVE Request: XSS in a Mono System.web error page
Marcus Meissner (Jul 06)
Re: CVE Request: XSS in a Mono System.web error page
Kurt Seifried (Jul 06)
CVE Request -- dnsmasq: When being run by libvirt open DNS proxy (reachable out-of the virtual network set for the particular guest domain too) is created
Jan Lieskovsky (Jul 09)
Re: CVE Request -- dnsmasq: When being run by libvirt open DNS proxy (reachable out-of the virtual network set for the particular guest domain too) is created
Jan Lieskovsky (Jul 09)
Re: Re: CVE Request -- dnsmasq: When being run by libvirt open DNS proxy (reachable out-of the virtual network set for the particular guest domain too) is created
Kurt Seifried (Jul 12)
CVE-2012-3881 RTG and RTG2: 95.php/rtg.php/view.php SQL injection
cve-assign (Jul 09)
CVE-request: Basilic 1.5.14 diff.php remote code execution vulnerability
Henri Salo (Jul 09)
Re: CVE-request: Basilic 1.5.14 diff.php remote code execution vulnerability
Kurt Seifried (Jul 10)
ecryptfs headsup
Sebastian Krahmer (Jul 10)
Re: ecryptfs headsup
Kurt Seifried (Jul 10)
Re: ecryptfs headsup
Sebastian Krahmer (Jul 10)
Re: ecryptfs headsup
Marcus Meissner (Jul 10)
Re: ecryptfs headsup
Dan Rosenberg (Jul 10)
Re: ecryptfs headsup
Tyler Hicks (Jul 11)
Re: ecryptfs headsup
Tyler Hicks (Jul 11)
Re: ecryptfs headsup
Dustin Kirkland (Jul 11)
Re: ecryptfs headsup
Kurt Seifried (Jul 11)
Re: Re: ecryptfs headsup
Tyler Hicks (Jul 11)
Re: Re: ecryptfs headsup
Kurt Seifried (Jul 11)
Re: Re: ecryptfs headsup
Tyler Hicks (Jul 12)
Re: Re: ecryptfs headsup
Dustin Kirkland (Jul 13)
Re: Re: ecryptfs headsup
Jason A. Donenfeld (Jul 14)
Re: Re: ecryptfs headsup
Jason A. Donenfeld (Jul 14)
Re: Re: ecryptfs headsup
Sebastian Krahmer (Jul 16)
Re: Re: ecryptfs headsup
Justin Ossevoort (Jul 16)
libdbus hardening
Sebastian Krahmer (Jul 10)
Re: libdbus hardening
Florian Weimer (Jul 10)
Re: libdbus hardening
Solar Designer (Jul 10)
Re: libdbus hardening
Florian Weimer (Jul 10)
Re: libdbus hardening
Solar Designer (Jul 10)
Re: libdbus hardening
Sebastian Krahmer (Jul 10)
Re: libdbus hardening
yersinia (Jul 10)
Re: libdbus hardening
Sebastian Krahmer (Jul 10)
Re: libdbus hardening
Solar Designer (Jul 10)
Re: libdbus hardening
Sebastian Krahmer (Jul 10)
Re: libdbus hardening
Solar Designer (Jul 10)
Re: libdbus hardening
Florian Weimer (Jul 11)
Re: libdbus hardening
Tomas Hoger (Sep 13)
Re: libdbus hardening
Simon McVittie (Jul 10)
Re: libdbus hardening
Sebastian Krahmer (Jul 11)
Re: libdbus hardening
Solar Designer (Jul 11)
Re: libdbus hardening
yersinia (Jul 11)
Re: libdbus hardening
Solar Designer (Jul 17)
Re: libdbus hardening
Florian Weimer (Jul 17)
Re: libdbus hardening
Florian Weimer (Jul 25)
Re: libdbus hardening
yersinia (Jul 26)
Re: libdbus hardening
Ludwig Nussel (Jul 30)
Re: libdbus hardening
Florian Weimer (Jul 30)
Re: libdbus hardening
Ludwig Nussel (Jul 30)
Re: libdbus hardening
Simon McVittie (Jul 26)
Re: libdbus hardening
Ludwig Nussel (Jul 30)
Openjpeg: heap-buffer overflow when processing JPEG2000 image files
Huzaifa Sidhpurwala (Jul 11)
CVE request: glibc formatted printing vulnerabilities
Stefan Cornelius (Jul 11)
Re: CVE request: glibc formatted printing vulnerabilities
Kurt Seifried (Jul 11)
Re: CVE request: glibc formatted printing vulnerabilities
Kees Cook (Jul 11)
Re: CVE request: glibc formatted printing vulnerabilities
Stefan Cornelius (Jul 12)
CVE-request: plow buffer overflow vulnerability
Henri Salo (Jul 11)
Re: CVE-request: plow buffer overflow vulnerability
Kurt Seifried (Jul 11)
CVE Request: Overflow fix in bash 4.2 patch 33
Marcus Meissner (Jul 11)
Re: CVE Request: Overflow fix in bash 4.2 patch 33
Kurt Seifried (Jul 11)
Re: CVE Request: Overflow fix in bash 4.2 patch 33
Marcus Meissner (Jul 12)
Re: CVE Request: Overflow fix in bash 4.2 patch 33
Kurt Seifried (Jul 12)
Re: CVE Request: Overflow fix in bash 4.2 patch 33
Henri Salo (Jul 11)
Re: CVE Request for Drupal contributed modules
Greg Knaddison (Jul 11)
<Possible follow-ups>
Re: CVE Request for Drupal contributed modules
Greg Knaddison (Aug 02)
[OSSA 2012-009] Scheduler denial of service through scheduler_hints (CVE-2012-3371)
Thierry Carrez (Jul 11)
Re: Fwd: New Security Vulnerabilities in Puppet
Kurt Seifried (Jul 11)
Re: Re: Fwd: New Security Vulnerabilities in Puppet
Kurt Seifried (Jul 11)
GLPI 0.83.2 CVE-2012-4002 CSRF and CVE-2012-4003 XSS
cve-assign (Jul 13)
[dan () coneharvesters com: [Libexif-devel] libexif project security advisory July 12, 2012]
Marcus Meissner (Jul 13)
CVE Request: KDE Pim
Marc Deslauriers (Jul 13)
Re: CVE Request: KDE Pim
Kurt Seifried (Jul 13)
Re: CVE Request: KDE Pim
Vincent Danen (Jul 16)
Re: CVE Request: KDE Pim
laurent Montel (Jul 17)
Re: CVE Request: KDE Pim
David Faure (Jul 17)
Re: CVE Request: KDE Pim
Tomas Hoger (Jul 17)
Re: CVE Request: KDE Pim
Vincent Danen (Jul 17)
Re: CVE Request: KDE Pim
Kurt Seifried (Jul 17)
Re: CVE Request: KDE Pim
David Faure (Jul 17)
CVE id request: libjs-swfupload
Nico Golde (Jul 16)
Re: CVE id request: libjs-swfupload
Kurt Seifried (Jul 16)
Re: CVE id request: libjs-swfupload
Nico Golde (Jul 16)
Re: CVE id request: libjs-swfupload
Kurt Seifried (Jul 17)
Re: CVE id request: libjs-swfupload
Nico Golde (Jul 17)
Re: CVE id request: libjs-swfupload
Kurt Seifried (Jul 17)
Re: CVE id request: libjs-swfupload
Nico Golde (Jul 17)
Re: CVE id request: libjs-swfupload
Kurt Seifried (Jul 18)
Moodle security notifications public
Michael de Raadt (Jul 17)
<Possible follow-ups>
Moodle security notifications public
Michael de Raadt (Sep 17)
libjpeg-turbo: Heap-based buffer overflow when decompressing corrupt JPEG images
Huzaifa Sidhpurwala (Jul 17)
tiff2pdf: Heap-based buffer overflow due to improper initialization of T2P context struct pointer
Huzaifa Sidhpurwala (Jul 19)
Re: tiff2pdf: Heap-based buffer overflow due to improper initialization of T2P context struct pointer
Henri Salo (Jul 19)
Re: tiff2pdf: Heap-based buffer overflow due to improper initialization of T2P context struct pointer
Huzaifa Sidhpurwala (Jul 19)
Re: tiff2pdf: Heap-based buffer overflow due to improper initialization of T2P context struct pointer
Solar Designer (Sep 23)
CVE Request: libtiff: Heap-buffer overflow when processing a TIFF image with PixarLog Compression
Huzaifa Sidhpurwala (Sep 25)
Re: CVE Request: libtiff: Heap-buffer overflow when processing a TIFF image with PixarLog Compression
Kurt Seifried (Sep 25)
Re: CVE Request: libtiff: Heap-buffer overflow when processing a TIFF image with PixarLog Compression
Sebastian Krahmer (Sep 26)
Re: CVE Request: libtiff: Heap-buffer overflow when processing a TIFF image with PixarLog Compression
Huzaifa Sidhpurwala (Sep 26)
Re: CVE Request: libtiff: Heap-buffer overflow when processing a TIFF image with PixarLog Compression
Tom Lane (Sep 26)
CVE Request: quota: incorrect use of tcp_wrappers
Huzaifa Sidhpurwala (Jul 19)
Re: CVE Request: quota: incorrect use of tcp_wrappers
Kurt Seifried (Jul 19)
CVE-2012-4024 and CVE-2012-4025: Squashfs overflows
cve-assign (Jul 19)
CVE for JBOSS EAP 5.0(twiddle and jmx invocations) ?
yersinia (Jul 20)
Re: CVE for JBOSS EAP 5.0(twiddle and jmx invocations) ?
David Jorm (Jul 23)
Re: CVE for JBOSS EAP 5.0(twiddle and jmx invocations) ?
Kurt Seifried (Jul 23)
Wireshark before 1.8.1 (etc.) CVE-2012-4048 CVE-2012-4049
cve-assign (Jul 24)
Re: Wireshark before 1.8.1 (etc.) CVE-2012-4048 CVE-2012-4049
Huzaifa Sidhpurwala (Jul 24)
CVE Request: libpng: Out-of heap-based buffer read by inflating certain PNG images
Huzaifa Sidhpurwala (Jul 24)
Re: CVE Request: libpng: Out-of heap-based buffer read by inflating certain PNG images
Kurt Seifried (Jul 24)
CVE-request: WordPress plugin Count Per Day XSS (SSCHADV2012-015)
Henri Salo (Jul 24)
Re: CVE-request: WordPress plugin Count Per Day XSS (SSCHADV2012-015)
Kurt Seifried (Jul 27)
CVE Request -- kernel: recv{from,msg}() on an rds socket can leak kernel memory
Petr Matousek (Jul 26)
Re: CVE Request -- kernel: recv{from,msg}() on an rds socket can leak kernel memory
Kurt Seifried (Jul 26)
Xen Security Advisory 10 - HVM guest user mode MMIO emulation DoS
Xen . org security team (Jul 26)
Re: Xen Security Advisory 10 - HVM guest user mode MMIO emulation DoS
Kurt Seifried (Jul 27)
Ruby on Rails DoS Vulnerability in authenticate_or_request_with_http_digest (CVE-2012-3424)
Aaron Patterson (Jul 26)
Xen Security Advisory 10 (CVE-2012-3432) - HVM user mode MMIO emul DoS
Xen . org security team (Jul 27)
[OSSA 2012-010] Various Keystone token expiration issues (CVE-2012-3426)
Thierry Carrez (Jul 27)
Quick question regarding CVEs
Kurt Seifried (Jul 28)
Re: Quick question regarding CVEs
Kurt Seifried (Jul 28)
CVE request for OpenTTD
frosch (Jul 27)
Re: CVE request for OpenTTD
Kurt Seifried (Jul 28)
Re: CVE request for OpenTTD
frosch (Jul 28)
Re: CVE request for OpenTTD
Kurt Seifried (Jul 28)
Re: CVE request for OpenTTD
frosch (Jul 31)
Zabbix SQL injection flaw (CVE request)
Vincent Danen (Jul 27)
Re: Zabbix SQL injection flaw (CVE request)
Kurt Seifried (Jul 28)
ocPortal 7.1.5 <= | Open URL Redirection Vulnerability
YGN Ethical Hacker Group (Jul 28)
ImageMagick Magick_png_malloc() / GraphicsMagick png_IM_malloc() size issue
Kurt Seifried (Jul 30)
CVE Request: icinga sample db creation scripts
Marcus Meissner (Jul 30)
Re: CVE Request: icinga sample db creation scripts
Kurt Seifried (Jul 30)
CVE Request: Django 1.3.1 and 1.4.0 security issues
Kurt Seifried (Jul 31)
Re: CVE Request: Django 1.3.1 and 1.4.0 security issues
Kurt Seifried (Jul 31)
CVE request for Ushahidi
Robbie MacKay (Jul 31)
Re: CVE request for Ushahidi
Kurt Seifried (Jul 31)
Re: CVE request for Ushahidi
Robbie Mackay (Aug 02)
Re: CVE request for Ushahidi
Tim (Aug 09)
Re: CVE request for Ushahidi
Kurt Seifried (Aug 09)
CVE Request -- libvirt: crash in virTypedParameterArrayClear
Petr Matousek (Jul 31)
Re: CVE Request -- libvirt: crash in virTypedParameterArrayClear
Kurt Seifried (Jul 31)
RSGallery2 before 2.3.0 (etc.) CVE-2012-3554 CVE-2012-4071
cve-assign (Jul 31)
CVE Request: NVidia Linux driver
Marc Deslauriers (Aug 01)
Re: CVE Request: NVidia Linux driver
Petr Matousek (Aug 01)
Re: CVE Request: NVidia Linux driver
Marc Deslauriers (Aug 01)
Re: CVE Request: NVidia Linux driver
Tavis Ormandy (Aug 01)
Re: Re: CVE Request: NVidia Linux driver
Marc Deslauriers (Aug 01)
Re: Re: CVE Request: NVidia Linux driver
Marcus Meissner (Aug 01)
Re: Re: CVE Request: NVidia Linux driver
Tavis Ormandy (Aug 01)
Re: CVE Request: NVidia Linux driver
Kurt Seifried (Aug 01)
Re: CVE Request: NVidia Linux driver
Marc Deslauriers (Aug 01)
Re: CVE Request: NVidia Linux driver
cve-assign (Aug 08)
CVE request: Ganglia Web 3.5.1
Vincent Danen (Aug 01)
Re: CVE request: Ganglia Web 3.5.1
Kurt Seifried (Aug 02)
CVE Request: php5 pdo array overread/crash
Marcus Meissner (Aug 02)
Re: CVE Request: php5 pdo array overread/crash
Kurt Seifried (Aug 02)
IcedTea-Web security fixes in 1.1.6 and 1.2.1
Tomas Hoger (Aug 02)
bind-dyndb-ldap DoS CVE-2012-3429
Tomas Hoger (Aug 02)
openvswitch world writable directories (CVE-2012-3449)
Kurt Seifried (Aug 02)
Re: openvswitch world writable directories (CVE-2012-3449)
Yves-Alexis Perez (Aug 03)
Re: openvswitch world writable directories (CVE-2012-3449)
Kurt Seifried (Aug 03)
Re: MySQL CVEs (was: Security vulnerability in MySQL/MariaDB sql/password.c)
Tomas Hoger (Aug 03)
Re: MySQL CVEs (was: Security vulnerability in MySQL/MariaDB sql/password.c)
Tomas Hoger (Aug 10)
Re: MySQL CVEs (was: Security vulnerability in MySQL/MariaDB sql/password.c)
Steven M. Christey (Aug 16)
gnome-screensaver 3.4.2 locked only active screen
Marcus Meissner (Aug 03)
Re: gnome-screensaver 3.4.2 locked only active screen
Kurt Seifried (Aug 03)
Remote DoS in Linux sfc driver through TCP MSS option (CVE-2012-3412)
Ben Hutchings (Aug 03)
CVE ASSIGNMENT: extplorer: creates world writable directory /var/lib/extplorer/ftp_tmp
Kurt Seifried (Aug 03)
CVE ASSIGNMENT: logol: creates world writable directory: /var/lib/logol/results
Kurt Seifried (Aug 03)
CVE request for Calligra
Jeff Mitchell (Aug 04)
Re: CVE request for Calligra
Agostino Sarubbo (Aug 04)
Re: CVE request for Calligra
Jeff Mitchell (Aug 04)
Re: CVE request for Calligra
Agostino Sarubbo (Aug 04)
Re: CVE request for Calligra
Jeff Mitchell (Aug 04)
Re: CVE request for Calligra
Jorge Manuel B. S. Vicetto (Aug 05)
Re: CVE request for Calligra
Kurt Seifried (Aug 05)
Re: CVE request for Calligra
Charlie Miller (Aug 06)
Re: CVE request for Calligra
Jeff Mitchell (Aug 06)
Re: CVE request for Calligra
Kurt Seifried (Aug 06)
Re: CVE request for Calligra
Kurt Seifried (Aug 06)
Re: CVE request for Calligra
Jeff Mitchell (Aug 08)
Re: CVE request for Calligra
Jeff Mitchell (Aug 10)
Re: CVE request for Calligra
Kurt Seifried (Aug 05)
CVE Request: Linux kernel net/rds max socket length checking
Marcus Meissner (Aug 06)
Re: CVE Request: Linux kernel net/rds max socket length checking
Petr Matousek (Aug 06)
CVE ASSIGN: pnp4nagios: process_perfdata.cfg world readable
Kurt Seifried (Aug 06)
Re: CVE ASSIGN: pnp4nagios: process_perfdata.cfg world readable
Christoph Anton Mitterer (Aug 06)
[OSSA 2012-011] Compute node filesystem injection/corruption (CVE-2012-3447)
Thierry Carrez (Aug 07)
Test email - please ignore
Kurt Seifried (Aug 08)
Re: CVE Request -- libotr: Multiple heap-based buffer overflows in the Base64 decoder
Kurt Seifried (Aug 08)
CVE Request: gnome-keyring: improper caching of gpg password/passphrase
Huzaifa Sidhpurwala (Aug 09)
Re: CVE Request: gnome-keyring: improper caching of gpg password/passphrase
Kurt Seifried (Aug 09)
Xen Security Advisory 11 (CVE-2012-3433) - HVM destroy p2m host DoS
Xen . org security team (Aug 09)
CVE-2012-3467: Unauthorized access (authentication bypass) from client to broker due to use of NullAuthenticator in shadow connections
Vincent Danen (Aug 09)
Randomness Attacks Against PHP Applications
Yves-Alexis Perez (Aug 09)
Re: Randomness Attacks Against PHP Applications
Yves-Alexis Perez (Aug 10)
Re: Randomness Attacks Against PHP Applications
Solar Designer (Aug 22)
Re: Randomness Attacks Against PHP Applications
Solar Designer (Sep 15)
Re: Randomness Attacks Against PHP Applications
Josh Bressers (Sep 17)
Re: Randomness Attacks Against PHP Applications
Raphael Geissert (Sep 17)
Re: Randomness Attacks Against PHP Applications
Daniel Kahn Gillmor (Sep 17)
Re: Randomness Attacks Against PHP Applications
Kurt Seifried (Sep 18)
Re: Randomness Attacks Against PHP Applications
George Argyros (Sep 20)
Re: Randomness Attacks Against PHP Applications
Solar Designer (Sep 23)
Re: Randomness Attacks Against PHP Applications
Vladimir Vorontsov (Sep 23)
Re: Randomness Attacks Against PHP Applications
George Argyros (Sep 28)
Re: Randomness Attacks Against PHP Applications
Raphael Geissert (Sep 25)
Re: Randomness Attacks Against PHP Applications
George Argyros (Sep 28)
Re: Randomness Attacks Against PHP Applications
Vladimir Vorontsov (Sep 17)
Ruby on Rails Potential XSS Vulnerability in select_tag prompt
Santiago Pastorino (Aug 09)
XSS Vulnerability in strip_tags
Santiago Pastorino (Aug 09)
Potential XSS Vulnerability in Ruby on Rails
Santiago Pastorino (Aug 09)
Possible data loss or data modification in ownCloud
Bruno Kleinert (Aug 10)
Re: Possible data loss or data modification in ownCloud
Simon McVittie (Aug 10)
ownCloud - matching CVEs to fix information and vice versa
Kurt Seifried (Aug 11)
Re: ownCloud - matching CVEs to fix information and vice versa
Kurt Seifried (Aug 27)
CVE Request: NeoInvoice Blind SQL Injection in signup_check.php
Adam Caudill (Aug 10)
Re: CVE Request: NeoInvoice Blind SQL Injection in signup_check.php
Kurt Seifried (Aug 10)
CVE Request: rssh command-line parsing vulnerability
Russ Allbery (Aug 10)
Re: CVE Request: rssh command-line parsing vulnerability
Kurt Seifried (Aug 11)
Re: CVE Request: rssh command-line parsing vulnerability
Russ Allbery (Aug 11)
Tunnel Blick: Multiple Vulnerabilities to Local Root and DoS (OS X)
Jason A. Donenfeld (Aug 11)
Re: Tunnel Blick: Multiple Vulnerabilities to Local Root and DoS (OS X)
Jason A. Donenfeld (Aug 11)
Re: Tunnel Blick: Multiple Vulnerabilities to Local Root and DoS (OS X)
Solar Designer (Aug 11)
Re: Tunnel Blick: Multiple Vulnerabilities to Local Root and DoS (OS X)
Kyle Creyts (Aug 11)
Re: Tunnel Blick: Multiple Vulnerabilities to Local Root and DoS (OS X)
Kurt Seifried (Aug 13)
Re: Tunnel Blick: Multiple Vulnerabilities to Local Root and DoS (OS X)
Jason A. Donenfeld (Aug 13)
Re: Tunnel Blick: Multiple Vulnerabilities to Local Root and DoS (OS X)
Kurt Seifried (Aug 14)
Security flaw in GNU Emacs file-local variables
Chong Yidong (Aug 13)
Re: Security flaw in GNU Emacs file-local variables
Kurt Seifried (Aug 13)
CVE Request -- glibc: Integer overflows, leading to stack-based buffer overflows in strto* related routines
Jan Lieskovsky (Aug 13)
Re: CVE Request -- glibc: Integer overflows, leading to stack-based buffer overflows in strto* related routines
Kurt Seifried (Aug 13)
Total Shop UK eCommerce Generic Cross-Site Scripting
research (Aug 13)
TCExam Edit SQL Injection
research (Aug 13)
CVE ID request for fetchmail segfault in NTLM protocol exchange
Matthias Andree (Aug 13)
Re: CVE ID request for fetchmail segfault in NTLM protocol exchange
Kurt Seifried (Aug 13)
ANN: Beaker 1.6.4 released with important security update
Ben Bangert (Aug 13)
pcp: Multiple security flaws
Huzaifa Sidhpurwala (Aug 16)
CVE Request: SquidClamav insufficient escaping flaws
Sean Amoss (Aug 16)
Re: CVE Request: SquidClamav insufficient escaping flaws
Kurt Seifried (Aug 16)
Re: CVE Request: SquidClamav insufficient escaping flaws
Steven M. Christey (Aug 25)
phpMyAdmin PMASA-2012-3 (CVE-2012-4219) and PMASA-2012-4 (CVE-2012-4345) issues
Jan Lieskovsky (Aug 16)
GIMP Scriptfu Python Remote Command Execution
research (Aug 16)
Re: [Full-disclosure] GIMP Scriptfu Python Remote Command Execution
Julius Kivimäki (Aug 17)
Re: [Full-disclosure] GIMP Scriptfu Python Remote Command Execution
Giles Coochey (Aug 17)
RE: [Full-disclosure] GIMP Scriptfu Python Remote Command Execution
research (Aug 20)
CVE request: tinyproxy
Jamie Strandboge (Aug 17)
Re: CVE request: tinyproxy
Kurt Seifried (Aug 18)
ocPoral CMS 8.x | Cross Site Request Forgery (CSRF) Vulnerability
YGN Ethical Hacker Group (Aug 19)
ocPoral CMS 8.x | Session Hijacking Vulnerability
YGN Ethical Hacker Group (Aug 19)
CVE-request: Roundcube XSS issues
Henri Salo (Aug 20)
Re: CVE-request: Roundcube XSS issues
Henri Salo (Aug 20)
Re: CVE-request: Roundcube XSS issues
Hanno Böck (Aug 20)
Re: CVE-request: Roundcube XSS issues
Henri Salo (Aug 20)
Re: CVE-request: Roundcube XSS issues
Kurt Seifried (Aug 20)
Re: CVE-request: Roundcube XSS issues
Steven M. Christey (Aug 25)
Re: CVE-request: Roundcube XSS issues
Eygene Ryabinkin (Aug 26)
Re: CVE-request: Roundcube XSS issues
Eygene Ryabinkin (Aug 26)
The Gimp PSD plug-in CVE-2012-3402 issue
Jan Lieskovsky (Aug 20)
The Gimp CEL plug-in CVE-2012-3403 issue
Jan Lieskovsky (Aug 20)
The Gimp GIF plug-in CVE-2012-3481 issue
Matthias Weckbecker (Aug 20)
CVE Request -- kernel: taskstats: use-after-free in xacct_add_tsk()
Petr Matousek (Aug 20)
Re: CVE Request -- kernel: taskstats: use-after-free in xacct_add_tsk()
Kurt Seifried (Aug 20)
Re: CVE Request -- kernel: taskstats: use-after-free in xacct_add_tsk()
akuster (Aug 21)
Re: CVE Request -- kernel: taskstats: use-after-free in xacct_add_tsk()
Petr Matousek (Aug 21)
CVE Request -- kernel: mm: use-after-free in madvise_remove()
Petr Matousek (Aug 20)
Re: CVE Request -- kernel: mm: use-after-free in madvise_remove()
Kurt Seifried (Aug 20)
Two munin issues, now with CVEs
Kurt Seifried (Aug 21)
ocaml-xml-light: hash table collisions CPU usage DoS CVE-2012-3514
Kurt Seifried (Aug 21)
CVE Request -- Tor 0.2.2.38: Three issues
Jan Lieskovsky (Aug 21)
Re: CVE Request -- Tor 0.2.2.38: Three issues
Kurt Seifried (Aug 21)
CVE Request -- php-geshi / GeSHi (1.0.8.11): Remote directory traversal and information disclosure in the cssgen contrib module (plus possibly XSS, but it needs upstream to confirm)
Jan Lieskovsky (Aug 21)
Re: CVE Request -- php-geshi / GeSHi (1.0.8.11): Remote directory traversal and information disclosure in the cssgen contrib module (plus possibly XSS, but it needs upstream to confirm)
Raphael Geissert (Aug 21)
Re: CVE Request -- php-geshi / GeSHi (1.0.8.11): Remote directory traversal and information disclosure in the cssgen contrib module (plus possibly XSS, but it needs upstream to confirm)
Kurt Seifried (Aug 21)
CVE Request -- inn (nnrpd): Prone to STARTTLS plaintext command injection
Jan Lieskovsky (Aug 21)
Re: CVE Request -- inn (nnrpd): Prone to STARTTLS plaintext command injection
Kurt Seifried (Aug 22)
CVE request: Typo3
Moritz Muehlenhoff (Aug 21)
Re: CVE request: Typo3
Kurt Seifried (Aug 22)
CVE-2012-3520 kernel: af_netlink: invalid handling of SCM_CREDENTIALS passing
Petr Matousek (Aug 22)
CVE Request: Apache mod RPAF denial of service
Thijs Kinkhorst (Aug 22)
Re: CVE Request: Apache mod RPAF denial of service
Kurt Seifried (Aug 22)
Any information on mesa/CVE-2012-2864?
Moritz Muehlenhoff (Aug 22)
Re: Any information on mesa/CVE-2012-2864?
Huzaifa Sidhpurwala (Aug 23)
CVE Request -- jabberd2: Prone to unsolicited XMPP Dialback attacks
Jan Lieskovsky (Aug 22)
Re: CVE Request -- jabberd2: Prone to unsolicited XMPP Dialback attacks
Kurt Seifried (Aug 22)
Stripe Capture the Flag
John Collison (Aug 22)
Re: Stripe Capture the Flag
Solar Designer (Aug 22)
Re: Stripe Capture the Flag
Carlos Alberto Lopez Perez (Aug 23)
Re: Stripe Capture the Flag
Thanh Nguyen (Aug 24)
Re: Stripe Capture the Flag
Filip Palian (Aug 24)
Re: Stripe Capture the Flag
Henri Salo (Aug 24)
Re: Stripe Capture the Flag
Solar Designer (Aug 30)
zenoss issues
Thomas Pollet (Aug 24)
Re: zenoss issues
Thomas Pollet (Aug 24)
Re: Re: zenoss issues
Kurt Seifried (Aug 27)
Re: zenoss issues
Kurt Seifried (Aug 24)
Re: zenoss issues
Kurt Seifried (Aug 24)
oVirt 3.1 does not validate server certificates in python sdk and cli (CVE-2012-3533)
Vincent Danen (Aug 24)
<Possible follow-ups>
Re: oVirt 3.1 does not validate server certificates in python sdk and cli (CVE-2012-3533)
Michael Pasternak (Aug 26)
information request on security bug fix in GNU Gatekeeper 3.1
Raphael Geissert (Aug 25)
Re: information request on security bug fix in GNU Gatekeeper 3.1
Jan Willamowius (Aug 25)
Re: Re: information request on security bug fix in GNU Gatekeeper 3.1
Kurt Seifried (Aug 27)
Re: information request on security bug fix in GNU Gatekeeper 3.1
Raphael Geissert (Aug 28)
CVE Request: Heap-based buffer overflow in openjpeg
Huzaifa Sidhpurwala (Aug 27)
Re: CVE Request: Heap-based buffer overflow in openjpeg
Kurt Seifried (Aug 27)
CVE request: joomla before 1.5.26 password change
Hanno Böck (Aug 27)
Re: CVE request: joomla before 1.5.26 password change
Kurt Seifried (Aug 27)
CVE request: crowbar ohai plugin: local privilege (root) escalation due to insecure tmp file handling
Thomas Biege (Aug 27)
Re: CVE request: crowbar ohai plugin: local privilege (root) escalation due to insecure tmp file handling
Kurt Seifried (Aug 27)
CVE request: letodms multiple issues
Raphael Geissert (Aug 27)
Re: CVE request: letodms multiple issues
Kurt Seifried (Aug 28)
Re: CVE request: letodms multiple issues
Raphael Geissert (Aug 28)
Re: CVE request: letodms multiple issues
Kurt Seifried (Aug 28)
Re: CVE request: letodms multiple issues
Raphael Geissert (Aug 28)
Re: CVE request: letodms multiple issues
Kurt Seifried (Aug 31)
CVE Request: Java 7 code execution 0day
David Jorm (Aug 28)
Re: CVE Request: Java 7 code execution 0day
Kurt Seifried (Aug 28)
Re: CVE Request: Java 7 code execution 0day
Kurt Seifried (Aug 28)
Re: CVE Request: Java 7 code execution 0day
Eygene Ryabinkin (Aug 29)
CVE for FreeBSD SCTP remote DoS?
Raphael Geissert (Aug 28)
Re: CVE for FreeBSD SCTP remote DoS?
Simon L. B. Nielsen (Aug 28)
CVE request: FreeBSD SCTP remote DoS
Raphael Geissert (Aug 28)
Re: CVE request: FreeBSD SCTP remote DoS
Kurt Seifried (Aug 29)
CVE-Request: apache2-mod_php5 AddHandler content confusion
Sebastian Krahmer (Aug 28)
Re: CVE-Request: apache2-mod_php5 AddHandler content confusion
Kurt Seifried (Aug 28)
CVE Request: Hash collision issue in Mono/C# (similar to Microsoft .NET issue)
Marcus Meissner (Aug 28)
Re: CVE Request: Hash collision issue in Mono/C# (similar to Microsoft .NET issue)
Kurt Seifried (Aug 28)
CVE Request -- wireshark (X >= 1.6.8): DoS (excessive CPU use and infinite loop) in DRDA dissector
Jan Lieskovsky (Aug 29)
Re: CVE Request -- wireshark (X >= 1.6.8): DoS (excessive CPU use and infinite loop) in DRDA dissector
Kurt Seifried (Aug 29)
Re: CVE Request -- wireshark (X >= 1.6.8): DoS (excessive CPU use and infinite loop) in DRDA dissector
Eygene Ryabinkin (Aug 31)
Re: CVE Request -- wireshark (X >= 1.6.8): DoS (excessive CPU use and infinite loop) in DRDA dissector
Gerald Combs (Sep 01)
Re: CVE Request -- wireshark (X >= 1.6.8): DoS (excessive CPU use and infinite loop) in DRDA dissector
Kurt Seifried (Sep 01)
Re: CVE Request -- wireshark (X >= 1.6.8): DoS (excessive CPU use and infinite loop) in DRDA dissector
Eygene Ryabinkin (Sep 01)
CVE-2012-3509: objalloc_alloc integer overflows in libiberty
Florian Weimer (Aug 29)
php header() header injection detection bypass
Raphael Geissert (Aug 29)
Re: php header() header injection detection bypass
Kurt Seifried (Aug 31)
Re: php header() header injection detection bypass
Raphael Geissert (Aug 31)
Re: php header() header injection detection bypass
Kurt Seifried (Sep 02)
Re: php header() header injection detection bypass
Eygene Ryabinkin (Sep 04)
Re: php header() header injection detection bypass
cve-assign (Sep 04)
Re: Re: php header() header injection detection bypass
Raphael Geissert (Sep 04)
Re: php header() header injection detection bypass
cve-assign (Sep 05)
Re: Re: php header() header injection detection bypass
Raphael Geissert (Sep 07)
Re: Re: php header() header injection detection bypass
Eygene Ryabinkin (Sep 05)
[icinga-web] rmtmp-files.sh
Simon . (Aug 29)
Re: [icinga-web] rmtmp-files.sh
Kurt Seifried (Aug 30)
Re: [icinga-web] rmtmp-files.sh
Simon . (Aug 30)
CVE request: crowbar XSS
Thomas Biege (Aug 30)
Re: CVE request: crowbar XSS
Kurt Seifried (Aug 31)
[OSSA 2012-012] Horizon, Open redirect through 'next' parameter (CVE-2012-3542)
Russell Bryant (Aug 30)
Re: [Openstack] [OSSA 2012-012] Horizon, Open redirect through 'next' parameter (CVE-2012-3540)
Russell Bryant (Aug 30)
Re: [Openstack] [OSSA 2012-012] Horizon, Open redirect through 'next' parameter (CVE-2012-3540)
andi abes (Sep 13)
Re: [Openstack] [OSSA 2012-012] Horizon, Open redirect through 'next' parameter (CVE-2012-3540)
Kiall Mac Innes (Sep 13)
[OSSA 2012-013] Keystone, Lack of authorization for adding users to tenants (CVE-2012-3542)
Russell Bryant (Aug 30)
CVE request: contao before 2.11.4 sql injection
Hanno Böck (Aug 31)
Re: CVE request: contao before 2.11.4 sql injection
Kurt Seifried (Aug 31)
Information on security issues fixed in ffmpeg 0.11?
Moritz Muehlenhoff (Aug 31)
Re: Information on security issues fixed in ffmpeg 0.11?
Michael Niedermayer (Sep 02)
operator new[] overflow checking in G++
Florian Weimer (Aug 31)
Re: operator new[] overflow checking in G++
Kurt Seifried (Aug 31)
CVE Request -- MediaWiki 1.19.2 and 1.18.5 multiple security flaws
Jan Lieskovsky (Aug 31)
Re: CVE Request -- MediaWiki 1.19.2 and 1.18.5 multiple security flaws
Kurt Seifried (Aug 31)
[Notification] CVE-2012-3500 - rpmdevtools, devscripts: TOCTOU race condition in annotate-output
Jan Lieskovsky (Aug 31)
Re: [Notification] CVE-2012-3500 - rpmdevtools, devscripts: TOCTOU race condition in annotate-output
Jakub Wilk (Aug 31)
CVE Request -- kernel: net: slab corruption due to improper synchronization around inet->opt
Petr Matousek (Aug 31)
Re: CVE Request -- kernel: net: slab corruption due to improper synchronization around inet->opt
Kurt Seifried (Aug 31)
Re: CVE Request -- kernel: net: slab corruption due to improper synchronization around inet->opt
akuster (Aug 31)
Re: CVE Request -- kernel: net: slab corruption due to improper synchronization around inet->opt
Petr Matousek (Sep 07)
CVE Request -- kernel: request_module() OOM local DoS
Petr Matousek (Aug 31)
<Possible follow-ups>
CVE Request -- kernel: request_module() OOM local DoS
Kurt Seifried (Sep 02)
CVE request: Apache Struts S2-010 and S2-011
Raphael Geissert (Sep 01)
Re: CVE request: Apache Struts S2-010 and S2-011
Kurt Seifried (Sep 01)
Re: CVE - ownCloud
Kurt Seifried (Sep 02)
Re: Re: CVE - ownCloud
Steven M. Christey (Sep 05)
CVE-request: CakePHP XXE injection
Henri Salo (Sep 03)
Re: CVE-request: CakePHP XXE injection
Kurt Seifried (Sep 03)
CVE request: moinmoin incorrect ACL evaluation for virtual groups
Raphael Geissert (Sep 04)
Re: CVE request: moinmoin incorrect ACL evaluation for virtual groups
Kurt Seifried (Sep 05)
(linux-)distros membership changes
Solar Designer (Sep 05)
CVE-Request: openstack pickle de-serialization
Sebastian Krahmer (Sep 05)
Re: CVE-Request: openstack pickle de-serialization
Kurt Seifried (Sep 05)
Xen Security Advisory 12 (CVE-2012-3494) - hypercall set_debugreg vulnerability
Xen . org security team (Sep 05)
Xen Security Advisory 13 (CVE-2012-3495) - hypercall physdev_get_free_pirq vulnerability
Xen . org security team (Sep 05)
Xen Security Advisory 14 (CVE-2012-3496) - XENMEM_populate_physmap DoS vulnerability
Xen . org security team (Sep 05)
Xen Security Advisory 15 (CVE-2012-3497) - multiple TMEM hypercall vulnerabilities
Xen . org security team (Sep 05)
Xen Security Advisory 16 (CVE-2012-3498) - PHYSDEVOP_map_pirq index vulnerability
Xen . org security team (Sep 05)
Xen Security Advisory 17 (CVE-2012-3515) - Qemu VT100 emulation vulnerability
Xen . org security team (Sep 05)
Re: [Xen-users] Xen Security Advisory 17 (CVE-2012-3515) - Qemu VT100 emulation vulnerability
Nathan March (Sep 07)
Xen Security Advisory 18 (CVE-2012-3516) - grant table entry swaps have inadequate bounds checking
Xen . org security team (Sep 05)
CVE Request: pidgin lack of SSL checks
Marcus Meissner (Sep 05)
Re: CVE Request: pidgin lack of SSL checks
Jan Lieskovsky (Sep 05)
Re: CVE Request: pidgin lack of SSL checks
Marcus Meissner (Sep 05)
CVE request - mcrypt buffer overflow flaw
Vincent Danen (Sep 06)
Re: CVE request - mcrypt buffer overflow flaw
Kurt Seifried (Sep 06)
Re: CVE request - mcrypt buffer overflow flaw
Raphael Geissert (Sep 06)
Re: CVE request - mcrypt buffer overflow flaw
Vincent Danen (Sep 06)
Re: CVE request - mcrypt buffer overflow flaw
Raphael Geissert (Sep 10)
Re: CVE request - mcrypt buffer overflow flaw
Kurt Seifried (Sep 13)
Re: CVE request - mcrypt buffer overflow flaw
Eygene Ryabinkin (Sep 11)
Re: CVE request - mcrypt buffer overflow flaw
Raphael Geissert (Sep 12)
Re: CVE request - mcrypt buffer overflow flaw
Kurt Seifried (Sep 13)
Re: CVE request - mcrypt buffer overflow flaw
Raphael Geissert (Sep 13)
Re: CVE request - mcrypt buffer overflow flaw
Raphael Geissert (Sep 16)
Xen Security Advisory 19 - guest administrator can access qemu monitor console
Xen . org security team (Sep 06)
Re: Xen Security Advisory 19 - guest administrator can access qemu monitor console
Kurt Seifried (Sep 06)
Re: Xen Security Advisory 19 - guest administrator can access qemu monitor console
Kurt Seifried (Sep 06)
CVE-2010 Request -- blender: Insecure temporary file use by creating file string in undo save quit Blender kernel routine (re-occurrence of CVE-2008-1103)
Jan Lieskovsky (Sep 06)
Re: CVE-2010 Request -- blender: Insecure temporary file use by creating file string in undo save quit Blender kernel routine (re-occurrence of CVE-2008-1103)
Kurt Seifried (Sep 06)
Re: CVE-2010 Request -- blender: Insecure temporary file use by creating file string in undo save quit Blender kernel routine (re-occurrence of CVE-2008-1103)
Eitan Adler (Sep 06)
Re: CVE-2010 Request -- blender: Insecure temporary file use by creating file string in undo save quit Blender kernel routine (re-occurrence of CVE-2008-1103)
Kurt Seifried (Sep 07)
Re: CVE-2010 Request -- blender: Insecure temporary file use by creating file string in undo save quit Blender kernel routine (re-occurrence of CVE-2008-1103)
Kurt Seifried (Sep 07)
Re: CVE-2010 Request -- blender: Insecure temporary file use by creating file string in undo save quit Blender kernel routine (re-occurrence of CVE-2008-1103)
Eitan Adler (Sep 07)
CVE request: opencryptoki insecure lock files handling
Raphael Geissert (Sep 07)
Re: CVE request: opencryptoki insecure lock files handling
Tomas Hoger (Sep 07)
Re: CVE request: opencryptoki insecure lock files handling
Raphael Geissert (Sep 07)
Re: CVE request: opencryptoki insecure lock files handling
Tomas Hoger (Sep 09)
Re: CVE request: opencryptoki insecure lock files handling
Raphael Geissert (Sep 12)
Re: CVE request: opencryptoki insecure lock files handling
Tomas Hoger (Sep 20)
Re: CVE request: opencryptoki insecure lock files handling
Raphael Geissert (Sep 25)
Re: CVE request: opencryptoki insecure lock files handling
Kurt Seifried (Sep 27)
Xen Security Advisory 19 (CVE-2012-4411) - guest administrator can access qemu monitor console
Xen . org security team (Sep 07)
CVE Request -- urllib3: Does not check for SSL certificates by default
Jan Lieskovsky (Sep 07)
Re: CVE Request -- urllib3: Does not check for SSL certificates by default
Jan Lieskovsky (Sep 07)
Re: CVE Request -- urllib3: Does not check for SSL certificates by default
Andrey Petrov (Sep 07)
CVE Request -- glibc: strcoll() integer overflow leading to buffer overflow + another alloca() stack overflow issue (upstream #14547 && #14552)
Jan Lieskovsky (Sep 07)
Re: CVE Request -- glibc: strcoll() integer overflow leading to buffer overflow + another alloca() stack overflow issue (upstream #14547 && #14552)
Kurt Seifried (Sep 07)
Re: CVE Request -- glibc: strcoll() integer overflow leading to buffer overflow + another alloca() stack overflow issue (upstream #14547 && #14552)
Jeff Law (Sep 07)
Re: CVE Request -- glibc: strcoll() integer overflow leading to buffer overflow + another alloca() stack overflow issue (upstream #14547 && #14552)
Florian Weimer (Sep 10)
Re: CVE Request -- glibc: strcoll() integer overflow leading to buffer overflow + another alloca() stack overflow issue (upstream #14547 && #14552)
Florian Weimer (Sep 10)
Re: CVE Request -- glibc: strcoll() integer overflow leading to buffer overflow + another alloca() stack overflow issue (upstream #14547 && #14552)
Jan Lieskovsky (Sep 10)
Re: CVE Request -- glibc: strcoll() integer overflow leading to buffer overflow + another alloca() stack overflow issue (upstream #14547 && #14552)
Kurt Seifried (Sep 13)
note on gnome shell extensions
Tavis Ormandy (Sep 08)
Re: note on gnome shell extensions
Kurt Seifried (Sep 09)
Re: note on gnome shell extensions
Vincent Danen (Sep 10)
Re: note on gnome shell extensions
Tavis Ormandy (Sep 13)
Re: note on gnome shell extensions
Marcus Meissner (Sep 13)
Re: note on gnome shell extensions
Vincent Danen (Sep 13)
Re: note on gnome shell extensions
Tavis Ormandy (Sep 13)
Re: Re: note on gnome shell extensions
Vincent Danen (Sep 13)
Re: Re: note on gnome shell extensions
Kurt Seifried (Sep 13)
Re: Re: note on gnome shell extensions
Vincent Danen (Sep 17)
Re: Re: note on gnome shell extensions
Sebastian Krahmer (Sep 18)
Re: Re: note on gnome shell extensions
Vincent Danen (Sep 18)
[PRE-SA-2012-06] FreeRADIUS: Stack Overflow in TLS-based EAP Methods
Timo Warns (Sep 10)
CVE Request (minor) -- JVM: heap memory disclosure (possibly various JDKs)
Jan Lieskovsky (Sep 11)
Re: CVE Request (minor) -- JVM: heap memory disclosure (possibly various JDKs)
Kurt Seifried (Sep 11)
Re: CVE Request (minor) -- JVM: heap memory disclosure (possibly various JDKs)
Steven M. Christey (Sep 11)
Re: CVE Request (minor) -- JVM: heap memory disclosure (possibly various JDKs)
Florian Weimer (Sep 12)
Re: CVE Request (minor) -- JVM: heap memory disclosure (possibly various JDKs)
Jan Lieskovsky (Sep 12)
Re: CVE Request (minor) -- JVM: heap memory disclosure (possibly various JDKs)
Kurt Seifried (Sep 13)
Re: CVE Request (minor) -- JVM: heap memory disclosure (possibly various JDKs)
Tomas Hoger (Sep 20)
CVE-2012-4405 ghostscript, argyllcms: Array index error leading to heap-based bufer OOB write
Huzaifa Sidhpurwala (Sep 11)
CVE id request: guacd
Nico Golde (Sep 11)
Re: CVE id request: guacd
Kurt Seifried (Sep 11)
Multiple SQL injections in MySQL/MariaDB
sergii (Sep 11)
NTP authentication
Nico Golde (Sep 11)
CVE-2012-2238: trytond missing permissions check in button model
Raphael Geissert (Sep 11)
CVE Request: Apache Axis2 XML Signature Wrapping Attack
David Jorm (Sep 12)
Re: CVE Request: Apache Axis2 XML Signature Wrapping Attack
Kurt Seifried (Sep 13)
CVEs for wordpress 3.4.2 release
Hanno Boeck (Sep 12)
Re: CVEs for wordpress 3.4.2 release
Kurt Seifried (Sep 12)
Re: CVEs for wordpress 3.4.2 release
Andrew Nacin (Sep 12)
Re: CVEs for wordpress 3.4.2 release
Kurt Seifried (Sep 13)
Re: CVEs for wordpress 3.4.2 release
Yves-Alexis Perez (Sep 13)
Re: CVEs for wordpress 3.4.2 release
Kurt Seifried (Sep 13)
CVE id request: tor
Nico Golde (Sep 12)
Re: CVE id request: tor
Kurt Seifried (Sep 12)
Re: CVE id request: tor
Nico Golde (Sep 12)
Re: CVE id request: tor
Kurt Seifried (Sep 13)
libdbus CVE-2012-3524 fix
Sebastian Krahmer (Sep 12)
Re: libdbus CVE-2012-3524 fix
Kurt Seifried (Sep 13)
Re: libdbus CVE-2012-3524 fix
Tomas Hoger (Sep 14)
Re: libdbus CVE-2012-3524 fix
Sebastian Krahmer (Sep 17)
[OSSA 2012-014] Revoking a role does not affect existing tokens (CVE-2012-4413)
Thierry Carrez (Sep 12)
Re: [Openstack-announce] [OSSA 2012-014] Revoking a role does not affect existing tokens (CVE-2012-4413)
Matt Joyce (Sep 12)
Re: Re: [Openstack-announce] [OSSA 2012-014] Revoking a role does not affect existing tokens (CVE-2012-4413)
Kurt Seifried (Sep 12)
Re: [Openstack] [Openstack-announce] [OSSA 2012-014] Revoking a role does not affect existing tokens (CVE-2012-4413)
Russell Bryant (Sep 12)
Re: [Openstack] [OSSA 2012-014] Revoking a role does not affect existing tokens (CVE-2012-4413)
Soren Hansen (Sep 12)
Re: [Openstack] [OSSA 2012-014] Revoking a role does not affect existing tokens (CVE-2012-4413)
Matt Joyce (Sep 12)
Re: [Openstack] [OSSA 2012-014] Revoking a role does not affect existing tokens (CVE-2012-4413)
Dolph Mathews (Sep 12)
CVE Request -- libvirt: null function pointer invocation in virNetServerProgramDispatchCall()
Petr Matousek (Sep 13)
Re: CVE Request -- libvirt: null function pointer invocation in virNetServerProgramDispatchCall()
Kurt Seifried (Sep 13)
CVE for Virtualbox 0x8 DoS?
Raphael Geissert (Sep 13)
Re: CVE for Virtualbox 0x8 DoS?
Kurt Seifried (Sep 13)
Re: CVE for Virtualbox 0x8 DoS?
halfdog (Sep 14)
Re: CVE for Virtualbox 0x8 DoS?
Frank Mehnert (Sep 14)
Re: CVE for Virtualbox 0x8 DoS?
Kurt Seifried (Sep 14)
Re: CVE for Virtualbox 0x8 DoS?
Raphael Geissert (Sep 14)
CVE request: DoS in OpenSLP
Vincent Danen (Sep 13)
Re: CVE request: DoS in OpenSLP
Kurt Seifried (Sep 13)
CVE request: information leak in vino
Vincent Danen (Sep 13)
Re: CVE request: information leak in vino
Kurt Seifried (Sep 14)
CVE-request: SMF index.php msg parameter SQL-injection (2005)
Henri Salo (Sep 14)
Re: CVE-request: SMF index.php msg parameter SQL-injection (2005)
Kurt Seifried (Sep 14)
CVE-request: WordPress insufficient permissions verification on XMLRPC interface
Henri Salo (Sep 14)
Re: CVE-request: WordPress insufficient permissions verification on XMLRPC interface
Kurt Seifried (Sep 14)
CVE request: bacula: Console ACL Bypass
Agostino Sarubbo (Sep 14)
Re: CVE request: bacula: Console ACL Bypass
Agostino Sarubbo (Sep 14)
Re: Re: CVE request: bacula: Console ACL Bypass
Kurt Seifried (Sep 15)
CVE request: OptiPNG Palette Reduction Use-After-Free Vulnerability
Agostino Sarubbo (Sep 17)
Re: CVE request: OptiPNG Palette Reduction Use-After-Free Vulnerability
Kurt Seifried (Sep 18)
Vulnerabilities in Oki CUPS printer drivers
Guido Berhoerster (Sep 18)
CVE Request Smarty / php-Smarty: XSS in Smarty exception messages
Jan Lieskovsky (Sep 19)
Re: CVE Request Smarty / php-Smarty: XSS in Smarty exception messages
Kurt Seifried (Sep 20)
CVE Request -- fwknop 2.0.3: Multiple security issues
Jan Lieskovsky (Sep 19)
Re: CVE Request -- fwknop 2.0.3: Multiple security issues
Michael Rash (Sep 19)
Re: Re: CVE Request -- fwknop 2.0.3: Multiple security issues
Kurt Seifried (Sep 20)
Re: CVE Request -- fwknop 2.0.3: Multiple security issues
Kurt Seifried (Sep 20)
Re: CVE Request -- fwknop 2.0.3: Multiple security issues
Michael Rash (Sep 20)
CVE-request: monkey fails to drop supplemental groups when lowering privileges
Henri Salo (Sep 20)
Re: CVE-request: monkey fails to drop supplemental groups when lowering privileges
Kurt Seifried (Sep 21)
Notification of upstream Condor security fixes
Vincent Danen (Sep 20)
CVE Request: Jenkins and plugins
Kurt Seifried (Sep 21)
Re: CVE Request: Jenkins and plugins
Kurt Seifried (Sep 21)
CVE request(?): gpg: improper file permssions set when en/de-crypting files
Matthias Weckbecker (Sep 21)
Re: CVE request(?): gpg: improper file permssions set when en/de-crypting files
Dan Rosenberg (Sep 21)
Re: CVE request(?): gpg: improper file permssions set when en/de-crypting files
Matthias Weckbecker (Sep 21)
Re: CVE request(?): gpg: improper file permssions set when en/de-crypting files
Tomas Mraz (Sep 21)
Re: Re: CVE request(?): gpg: improper file permssions set when en/de-crypting files
Michael Gilbert (Sep 21)
Re: Re: CVE request(?): gpg: improper file permssions set when en/de-crypting files
Kurt Seifried (Sep 21)
Re: Re: CVE request(?): gpg: improper file permssions set when en/de-crypting files
Michael Gilbert (Sep 21)
Re: Re: CVE request(?): gpg: improper file permssions set when en/de-crypting files
Kurt Seifried (Sep 21)
Re: Re: CVE request(?): gpg: improper file permssions set when en/de-crypting files
Michael Gilbert (Sep 21)
Re: Re: CVE request(?): gpg: improper file permssions set when en/de-crypting files
Michael Gilbert (Sep 21)
Re: Re: CVE request(?): gpg: improper file permssions set when en/de-crypting files
Matthias Weckbecker (Sep 24)
Re: Re: CVE request(?): gpg: improper file permssions set when en/de-crypting files
Tavis Ormandy (Sep 24)
Re: Re: Re: CVE request(?): gpg: improper file permssions set when en/de-crypting files
Michael Gilbert (Sep 24)
Re: Re: Re: CVE request(?): gpg: improper file permssions set when en/de-crypting files
Tavis Ormandy (Sep 24)
Re: Re: Re: Re: CVE request(?): gpg: improper file permssions set when en/de-crypting files
Michael Gilbert (Sep 24)
Re: Re: Re: Re: CVE request(?): gpg: improper file permssions set when en/de-crypting files
Tavis Ormandy (Sep 25)
Re: Re: Re: Re: Re: CVE request(?): gpg: improper file permssions set when en/de-crypting files
Michael Gilbert (Sep 25)
Re: Re: Re: Re: Re: CVE request(?): gpg: improper file permssions set when en/de-crypting files
Michael Gilbert (Sep 25)
Re: Re: Re: Re: CVE request(?): gpg: improper file permssions set when en/de-crypting files
Steven M. Christey (Sep 24)
Re: Re: Re: Re: CVE request(?): gpg: improper file permssions set when en/de-crypting files
Matthias Weckbecker (Sep 25)
Re: Re: Re: Re: CVE request(?): gpg: improper file permssions set when en/de-crypting files
Kurt Seifried (Sep 26)
Re: Re: Re: CVE request(?): gpg: improper file permssions set when en/de-crypting files
Patrick J. Volkerding (Sep 25)
Re: Re: Re: CVE request(?): gpg: improper file permssions set when en/de-crypting files
Kurt Seifried (Sep 24)
Re: Re: Re: CVE request(?): gpg: improper file permssions set when en/de-crypting files
Kurt Seifried (Sep 24)
Re: Re: Re: CVE request(?): gpg: improper file permssions set when en/de-crypting files
Tavis Ormandy (Sep 24)
Re: CVE request(?): gpg: improper file permssions set when en/de-crypting files
Solar Designer (Sep 23)
CVE-request: monkey CGI scripts executed without dropping RUID/RGID root
Henri Salo (Sep 21)
Re: CVE-request: monkey CGI scripts executed without dropping RUID/RGID root
Kurt Seifried (Sep 21)
Request for linux-distros () vs openwall org membership
Seth Arnold (Sep 22)
Re: Request for linux-distros () vs openwall org membership
Solar Designer (Sep 22)
Re: Request for linux-distros () vs openwall org membership
Seth Arnold (Sep 25)
CVE Request -- WordPress (3,4.2): CSRF in the incoming links section of the dashboard
Jan Lieskovsky (Sep 25)
Re: CVE Request -- WordPress (3,4.2): CSRF in the incoming links section of the dashboard
Kurt Seifried (Sep 25)
CVE Request - phpMyAdmin: PMASA-2012-5 incident
Jan Lieskovsky (Sep 25)
Re: CVE Request - phpMyAdmin: PMASA-2012-5 incident
Marcus Meissner (Sep 25)
Re: CVE Request - phpMyAdmin: PMASA-2012-5 incident
cve-assign (Sep 25)
CVE Request -- 389-ds-base: Change on SLAPI_MODRDN_NEWSUPERIOR is not evaluated in ACL (ACL rules bypass possible)
Jan Lieskovsky (Sep 26)
Re: CVE Request -- 389-ds-base: Change on SLAPI_MODRDN_NEWSUPERIOR is not evaluated in ACL (ACL rules bypass possible)
Kurt Seifried (Sep 26)
RFC: ntp behavior with spoofed source IPs
Fiedler Roman (Sep 26)
Re: RFC: ntp behavior with spoofed source IPs
Mike O'Connor (Sep 28)
Re: RFC: ntp behavior with spoofed source IPs
cve-assign (Sep 28)
CVE Request -- php-ZendFramework: XSS vectors in multiple Zend Framework components (ZF2012-03)
Jan Lieskovsky (Sep 26)
Re: CVE Request -- php-ZendFramework: XSS vectors in multiple Zend Framework components (ZF2012-03)
Kurt Seifried (Sep 26)
CVE-2009-4030 regression in mysql
Huzaifa Sidhpurwala (Sep 27)
dracut creates non-world readable initramfs images
Huzaifa Sidhpurwala (Sep 27)
Re: dracut creates non-world readable initramfs images
Daniel Kahn Gillmor (Sep 27)
Re: dracut creates world readable initramfs images
Kurt Seifried (Sep 27)
Re: dracut creates world readable initramfs images
Daniel Kahn Gillmor (Sep 27)
[OSSA 2012-015] Some actions in Keystone admin API do not validate token (CVE-2012-4456)
Russell Bryant (Sep 28)
[OSSA 2012-016] Token authorization for a user in a disabled tenant is allowed (CVE-2012-4457)
Russell Bryant (Sep 28)
Re: [Openstack] [OSSA 2012-016] Token authorization for a user in a disabled tenant is allowed (CVE-2012-4457)
andi abes (Sep 29)
Re: Re: [Openstack] [OSSA 2012-016] Token authorization for a user in a disabled tenant is allowed (CVE-2012-4457)
Kurt Seifried (Sep 29)
Re: Re: [Openstack] [OSSA 2012-016] Token authorization for a user in a disabled tenant is allowed (CVE-2012-4457)
Russell Bryant (Sep 29)
Re: Re: [Openstack] [OSSA 2012-016] Token authorization for a user in a disabled tenant is allowed (CVE-2012-4457)
andi abes (Sep 29)
cgit: heap buffer overflow
Jason A. Donenfeld (Sep 30)
Previous period
Next period
[
Nmap
|
Sec Tools
|
Mailing Lists
|
Site News
|
About/Contact
|
Advertising
|
Privacy
]
RSS Feed
About List
All Lists
Previous period