236 messages
starting Jul 01 11 and
ending Jul 29 11
Date index |
Thread index |
Author index
[SECURITY] [DSA 2267-1] perl security update Moritz Muehlenhoff (Jul 04)
[SECURITY] [DSA 2268-1] iceweasel security update Moritz Muehlenhoff (Jul 04)
[SECURITY] [DSA 2262-2] php5 update Moritz Muehlenhoff (Jul 04)
[SECURITY] [DSA 2269-1] iceape security update Moritz Muehlenhoff (Jul 04)
Vega beta release: a new open-source web-application security assessment platform David Mirza (Jul 04)
[SECURITY] [DSA 2270-1] qemu-kvm security update Moritz Muehlenhoff (Jul 04)
APPLE-SA-2011-06-28-2 Java for Mac OS X 10.5 Update 10 Apple Product Security (Jul 04)
Breaking the links: Exploiting the linker Tim Brown (Jul 04)
NGS00062 Patch Notification: Apple Mac OS X ImageIO TIFF Heap Overflow Research@NGSSecure (Jul 04)
NGS00051 Technical Advisory: Cisco VPN Client Privilege Escalation Research@NGSSecure (Jul 04)
NGS00052 Technical Advisory: Apple Mac OS X Image RAW Multiple Buffer Overflows Research@NGSSecure (Jul 04)
NGS00057 Technical Advisory: Apple Mac OS X ImageIO Integer Overflow Research@NGSSecure (Jul 04)
Multiple vulnerabilities in Open-Realty advisory (Jul 04)
XSS in FlatPress advisory (Jul 04)
Arbitrary files deletion in HP OpenView Communication Broker Luigi Auriemma (Jul 06)
Integer overflow in foobar2000 1.1.7 Luigi Auriemma (Jul 06)
NGS00060 Technical Advisory: Blue Coat BCAAA Remote Code Execution Vulnerability Research@NGSSecure (Jul 06)
MITKRB5-SA-2011-005 FTP daemon fails to set effective group ID [CVE-2011-1526] Tom Yu (Jul 06)
[SECURITY] [DSA 2272-1] bind9 security update Florian Weimer (Jul 06)
Fwd: RFC 6274 on Security Assessment of the Internet Protocol Version 4 Fernando Gont (Jul 06)
[security bulletin] HPSBUX02688 SSRT100513 rev.1 - HP-UX Dynamic Loader, Local Privilege Escalation, Denial of Service (DoS) security-alert (Jul 06)
Ubuntu: reseed(8), random.org, and HTTP request Jeffrey Walton (Jul 06)
IDrive Online Backup ActiveX control Insecure Method advisory (Jul 06)
aTube Catcher ActiveX Control Insecure Method advisory (Jul 06)
Cisco Security Advisory: Cisco Content Services Gateway Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Jul 06)
Security Advisory: CVE-2011-2464 - ISC BIND 9 Remote packet Denial of Service against Authoritative and Recursive Servers Barry Greene (Jul 07)
Security Advisory: CVE-2011-2465 ISC BIND 9 Remote Crash with Certain RPZ Configurations Barry Greene (Jul 07)
[SECURITY] [DSA 2273-1] icedove security update Moritz Muehlenhoff (Jul 07)
[security bulletin] HPSBMA02674 SSRT100487 rev.2 - HP Service Manager and HP Service Center, Unauthorized Remote Access, Unsecured Local Access, Remote Disclosure of Privileged Information, HTTP Session Credential Re-use, Cross Site Scripting (XSS) and Remote Script Inject security-alert (Jul 07)
Security Advisory: CVE-2011-2516 Cantor, Scott E. (Jul 07)
Aruba Advisory AID-070611 Cross Site Scripting vulnerability in ArubaOS and AirWave Administration Web Interfaces RGill (Jul 07)
phpMyAdmin 3.x Multiple Remote Code Executions Mango (Jul 11)
[SECURITY] [DSA 2274-1] wireshark security update Moritz Muehlenhoff (Jul 11)
ZDI-11-233: Symantec Web Gateway forget.php SQL Injection Vulnerability ZDI Disclosures (Jul 11)
[SECURITY] [DSA 2275-1] openoffice.org security update Nico Golde (Jul 11)
POC2011 Call for Paper pocadm (Jul 11)
[security bulletin] HPSBMU02690 SSRT100569 rev.1 - HP Business Availability Center (BAC) Running on Solaris and Windows, Remote Denial of Service (DoS) security-alert (Jul 11)
[security bulletin] HPSBUX02689 SSRT100494 rev.1 - HP-UX Running OpenSSL, Remote Denial of Service (DoS) security-alert (Jul 11)
Re: [Full-disclosure] Binary Planting Goes "Any File Type" Dan Kaminsky (Jul 11)
phpMyAdmin 3.x preg_replace RCE POC Mango (Jul 11)
[slackware-security] mozilla-thunderbird (SSA:2011-189-02) Slackware Security Team (Jul 11)
[slackware-security] bind (SSA:2011-189-01) Slackware Security Team (Jul 11)
Ferdows CMS Pro <=1.1.0 and Ferdows CMS <=9.0.5 Multiple Vulnerabilities admin (Jul 11)
ZDI-11-234: Trend Micro Control Manager CasLogDirectInsertHandler.cs Remote Code Execution Vulnerability ZDI Disclosures (Jul 11)
[SECURITY] [DSA 2277-1] xml-security-c security update Nico Golde (Jul 11)
[SECURITY] [DSA 2276-1] asterisk security update Luciano Bello (Jul 11)
Wireshark 1.4.0 Malformed IKE Packet Denial of Service vuln (Jul 11)
[HITB-Announce] REMINDER: HITB2011 - Malaysia Call for Papers Closes on the 15th Hafez Kamal (Jul 11)
[SECURITY] [DSA 2276-2] asterisk regression update Luciano Bello (Jul 12)
Tugux CMS 1.2 Multiple vulnerability (BLIND sql & xss) randy (Jul 12)
[Announcement] ClubHack Magazine Issue 18-July2011 Released abhijeet (Jul 12)
ZDI-11-235: TrendMicro Control Manager CASProcessor.exe BLOB Remote Code Execution Vulnerability ZDI Disclosures (Jul 12)
Static Analysis Tool Exposition (SATE) - Call for Participation Delaitre, Aurelien (Jul 15)
Alice (Telefonica Germany) Modem 1111 DoS + XSS Moritz Naumann (Jul 15)
CVE-2010-2404 | Persistent Cross Site Scripting Vulnerability in Oracle I-Recruitment - E-Business Suite Aditya K Sood (Jul 15)
[Annoucement] ClubHack Magazine - Call for Articles abhijeet (Jul 15)
Paltalk Messenger ActiveX Control Multiple Insecure Methods advisory (Jul 15)
Dell IT Assistant detectIESettingsForITA.ocx ActiveX Control readRegVal() Remote Registry Dump Vulnerability nospam (Jul 15)
DC4420 - London DEFCON - July meet - Tuesday 19th July 2011 Major Malfunction (Jul 15)
[SECURITY] CVE-2011-2526 Apache Tomcat Information disclosure and availability vulnerabilities Mark Thomas (Jul 15)
[oCERT-2011-001] Chyrp input sanitization errors Andrea Barisani (Jul 15)
iDefense Security Advisory 07.14.11: Citrix Access Gateway ActiveX Stack Buffer Overflow Vulnerability labs-no-reply (Jul 15)
Torque Server Buffer Overflow Vulnerability pi3 (Jul 15)
[slackware-security] mozilla-firefox (SSA:2011-195-02) Slackware Security Team (Jul 15)
[slackware-security] seamonkey (SSA:2011-195-01) Slackware Security Team (Jul 15)
ESA-2011-022: EMC Documentum eRoom Indexing Server HummingBird Client Connector Buffer Overflow Vulnerability Security_Alert (Jul 18)
APPLE-SA-2011-07-15-2 iOS 4.2.9 Software Update for iPhone Apple Product Security (Jul 18)
APPLE-SA-2011-07-15-1 iOS 4.3.4 Software Update Apple Product Security (Jul 18)
[SECURITY] [DSA 2254-2] oprofile security update Luciano Bello (Jul 18)
[SECURITY] [DSA 2278-1] horde3 security update Steffen Joeris (Jul 18)
Reminder - DeepSec 2011 Call For Papers DeepSec Conference (Jul 18)
Call for Papers: ICITST-2011 Call for papers (Jul 18)
ZDI-11-236: EMC Documentum eRoom Indexing Server OpenText HummingBird Connector Remote Code Execution Vulnerability ZDI Disclosures (Jul 18)
[ MDVSA-2011:112 ] blender security (Jul 18)
[ MDVSA-2011:114 ] blender security (Jul 18)
[SECURITY] [DSA 2279-1] libapache2-mod-authnz-external security update Steffen Joeris (Jul 19)
[SECURITY] [DSA 2280-1] libvirt security update Steffen Joeris (Jul 19)
H2HC Brazil (Hackers 2 Hackers Conference) 8th Edition - Call for Papers Rodrigo Rubira Branco (BSDaemon) (Jul 20)
Oracle Sun GlassFish Enterprise Server Stored XSS Vulnerability - Security Advisory - SOS-11-009 Lists (Jul 20)
HTC / Android OBEX FTP Service Directory Traversal Vulnerability alberto . morenot (Jul 20)
OSI Security: Elitecore Cyberoam UTM - Authenticated Cross-Site Scripting Vulnerability Patrick Webster (Jul 20)
XSS in Tiki Wiki CMS Groupware advisory (Jul 20)
[ MDVSA-2011:115 ] bind security (Jul 20)
APPLE-SA-2011-07-20-1 Safari 5.1 and Safari 5.0.6 Apple Product Security (Jul 21)
Cisco Security Advisory: Cisco ASR 9000 Series Routers Line Card IP Version 4 Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Jul 21)
ZDI-11-237: CA Total Defense Suite Gateway Security Malformed HTTP Packet Remote Code Execution Vulnerability ZDI Disclosures (Jul 21)
Cisco Security Advisory: Cisco SA 500 Series Security Appliances Web Management Interface Vulnerabilities Cisco Systems Product Security Incident Response Team (Jul 21)
CA20110720-01: Security Notice for CA Gateway Security and Total Defense Kotas, Kevin J (Jul 21)
Securstar - DriveCrypt - Local Kernel Denial of Service/Memory Disclosure/Privilege Escalation Digit Security Research (Jul 21)
[SECURITY] [DSA 2281-1] opie security update Steffen Joeris (Jul 21)
iDefense Security Advisory 07.20.11: Multiple Vendor WebKit MathML Use-After-Free Vulnerability labs-no-reply (Jul 21)
iDefense Security Advisory 07.20.11: Safari WebKit TIFF Use-After-Free Vulnerability labs-no-reply (Jul 21)
iDefense Security Advisory 07.20.11: Multiple Vendor WebKit frameset style Heap Corruption Vulnerability labs-no-reply (Jul 21)
iDefense Security Advisory 07.20.11: Apple Safari innerText Use-After-Free Vulnerability labs-no-reply (Jul 21)
iDefense Security Advisory 07.20.11: Multiple Vendor WebKit SVG animVal Memory Corruption Vulnerability labs-no-reply (Jul 21)
Vbulletin 4.0.x => 4.1.3 (messagegroupid) SQL injection Vulnerability fb1h2s Hack 2 Secure (Jul 21)
Microsoft Internet Explorer 'toStaticHTML' HTML Sanitizing Information Disclosure adic (Jul 21)
ZDI-11-238: Oracle Secure Backup validate_login Command Injection Remote Code Execution Vulnerability ZDI Disclosures (Jul 21)
Foxit Reader Insecure Library Loading robkraus (Jul 21)
Permutation Oriented Programming Nelson Brito (Jul 25)
Joomla! 1.7.0-RC and lower | Multiple Cross Site Scripting (XSS) Vulnerabilities YGN Ethical Hacker Group (Jul 25)
[ MDVSA-2011:116 ] curl security (Jul 25)
[ MDVSA-2011:117 ] krb5-appl security (Jul 25)
Hiding Backdoors in plain sight, again CoreTex Team (Jul 25)
Re: [Full-disclosure] [Bkis] sNews 1.7.1 XSS vulnerability Henri Salo (Jul 25)
[ MDVSA-2011:118 ] wireshark security (Jul 25)
CobraScripts (search_result.php?cid) Remote SQL injection Vulnerability ehsan_hp200 (Jul 25)
phpMyAdmin 3.x Conditional Session Manipulation Mango (Jul 25)
NGS00042 Patch Notification: Solaris USB configuration descriptor kernel stack overflow Research@NGSSecure (Jul 25)
[SECURITY] [DSA 2282-1] qemu-kvm security update Moritz Muehlenhoff (Jul 25)
[SECURITY] [DSA 2283-1] krb5-appl security update Moritz Muehlenhoff (Jul 25)
phpBB AJAX Chat/Shoutbox MOD CSRF Vulnerability spamgoeshere (Jul 25)
[SECURITY] [DSA 2284-1] opensaml2 security update Moritz Muehlenhoff (Jul 25)
[ MDVSA-2011:119 ] libsndfile security (Jul 25)
[DSB-2011-01] Security Advisory FreeRADIUS 2.1.11 advisory (Jul 25)
OWASP AppSec USA 2011 Pre-conference Challenge #3 - July adam . baso (Jul 25)
APPLE-SA-2011-07-20-2 iWork 9.1 Update Apple Product Security (Jul 25)
APPLE-SA-2011-07-25-1 iOS 4.3.5 Software Update Apple Product Security (Jul 25)
APPLE-SA-2011-07-25-2 iOS 4.2.10 Software Update for iPhone Apple Product Security (Jul 25)
TWSL2011-007: iOS SSL Implementation Does Not Validate Certificate Chain Trustwave Advisories (Jul 26)
[SECURITY] [DSA 2285-1] mapserver security update Nico Golde (Jul 26)
PHP-Barcode 0.3pl1 Remote Code Execution beford (Jul 26)
CA ARCserve D2D r15 GWT RPC Request Auth Bypass / Credentials Disclosure and Commands Execution nospam (Jul 26)
Zones Web Solution (index.php?manufacturers_id) Remote SQL injection Vulnerability ehsan_hp200 (Jul 26)
Funnel Web (items.php?&cat_id) Remote SQL injection Vulnerability ehsan_hp200 (Jul 26)
Funnel Web (directory.php?cid) Remote SQL injection Vulnerability ehsan_hp200 (Jul 26)
Funnel Web (selected_product.php?t) Remote SQL injection Vulnerability ehsan_hp200 (Jul 26)
Funnel Web (pages.php?page) Remote SQL injection Vulnerability ehsan_hp200 (Jul 26)
Indonesia Web Design (link-directory.php?cid) (link-directory.php?pid) Remote SQL injection Vulnerability ehsan_hp200 (Jul 26)
DotComEgypt (products.php?cat_id) Remote SQL injection Vulnerability ehsan_hp200 (Jul 26)
Precision (products.php?cat_id) Remote SQL injection Vulnerability ehsan_hp200 (Jul 26)
Lava (news_item.php?id) (album.php?id) (basket.php?baction) Remote SQL injection Vulnerability ehsan_hp200 (Jul 26)
[PT-2011-08] Multiple vulnerabilities in Dlink DPH 150SE/E/F1 noreply (Jul 26)
[PT-2011-25] SQL injection vulnerabilities in Support Incident Tracker noreply (Jul 26)
[PT-2011-05] Cross-Site Scripting in Koha Library Software noreply (Jul 26)
Hacking IPv6 Networks (slides) Fernando Gont (Jul 26)
Re: CA ARCserve D2D r15 GWT RPC Request Auth Bypass / Credentials Williams, James K (Jul 26)
[Tool] DoS for OpenSLP (and others) Nicolas Grégoire (Jul 26)
[SECURITY] [DSA 2286-1] phpmyadmin security update Thijs Kinkhorst (Jul 27)
ESA-2011-024: EMC Captiva eInput multiple vulnerabilities Security_Alert (Jul 27)
ESA-2011-021: EMC Data Protection Advisor sensitive information disclosure vulnerability Security_Alert (Jul 27)
Agent Image (news_details.php?news_ID) Remote SQL injection Vulnerability ehsan_hp200 (Jul 27)
SA500 vulnerabilities - details michal . sajdak (Jul 27)
[ MDVSA-2011:120 ] freetype2 security (Jul 27)
G2webCMS (products.php?cat_id) (member-profile.php?profile) Remote SQL injection Vulnerability ehsan_hp200 (Jul 27)
iCube Lab (product_details.php?cat_id) Remote SQL injection Vulnerability ehsan_hp200 (Jul 27)
Solutiontech (product.php?cat_id) Remote SQL injection Vulnerability ehsan_hp200 (Jul 27)
Chrome Web Solutions (details.php?cat_id) (listing_more.php?id) Remote SQL injection Vulnerability ehsan_hp200 (Jul 27)
Multiple XSS in GBook PHP guestbook advisory (Jul 27)
Redirection vulnerability in MBoard advisory (Jul 27)
[ MDVSA-2011:121 ] samba security (Jul 27)
ZDI-11-239: Apple Safari Webkit FrameOwner Element Remote Code Execution Vulnerability ZDI Disclosures (Jul 27)
ZDI-11-240: Apple Safari Webkit SVG Marker Remote Code Execution Vulnerability ZDI Disclosures (Jul 27)
ZDI-11-241: Webkit setAttributes attributeChanged Remote Code Execution Vulnerability ZDI Disclosures (Jul 27)
ZDI-11-242: Apple Safari Rendering Object Body Detachment Remote Code Execution Vulnerability ZDI Disclosures (Jul 27)
ZDI-11-243: WebKit ContentEditable Inline Style Remote Code Execution Vulnerability ZDI Disclosures (Jul 27)
Dow Group (dynamic.php?id) (sub.php?solutioncat_id) (news_desc.php?id) (product.php?id) Remote SQL injection Vulnerability ehsan_hp200 (Jul 27)
FootBall Cms (view_table_lig.php?group) XSS Vulnerability ehsan_hp200 (Jul 27)
TeamSHATTER Security Advisory: Oracle Enterprise Manager vulnerable to XSS (notifRuleInfo$mode page) Shatter (Jul 28)
TeamSHATTER Security Advisory: Oracle Enterprise Manager vulnerable to XSS (sitemap page) Shatter (Jul 28)
TeamSHATTER Security Advisory: Oracle Enterprise Manager vulnerable to XSS (metricDetail$type page) Shatter (Jul 28)
Coherendz (products.php?cat_id) Remote SQL injection Vulnerability ehsan_hp200 (Jul 28)
WOC Consulting (search_result.php?cid) Remote SQL injection Vulnerability ehsan_hp200 (Jul 28)
Canoy Softwares (search_result.php?loc_id) Remote SQL injection Vulnerability ehsan_hp200 (Jul 28)
Zones Web Solution (StoneDetails.php?stone) XSS Vulnerability ehsan_hp200 (Jul 28)
Zones Web Solution (status.asp?print) (search_result.php?loc_id) Remote SQL injection Vulnerabilities ehsan_hp200 (Jul 28)
Web Fusion Nepal (tour.php?category) XSS Vulnerability ehsan_hp200 (Jul 28)
Avon Groups (search_result.php?cid) Remote SQL injection Vulnerability ehsan_hp200 (Jul 28)
Web Fusion Nepal (find.php?id) Remote SQL injection Vulnerability ehsan_hp200 (Jul 28)
Infocus Web Solutions (news_desc.php?id) Remote SQL injection Vulnerability ehsan_hp200 (Jul 28)
A1 Solutions (cat_sell.php?cid) Remote SQL injection Vulnerability ehsan_hp200 (Jul 28)
indiacon (selloffers.php?cid) Remote SQL injection Vulnerability ehsan_hp200 (Jul 28)
CobraScripts (selloffers.php?cid) Remote SQL injection Vulnerability ehsan_hp200 (Jul 28)
Wireshark 1.6.1 Malformed IKE Packet Denial of Service vuln (Jul 28)
Re: [Full-disclosure] [BMSA-2009-07] Backdoor in PyForum Henri Salo (Jul 28)
Two security issues fixed in ioQuake3 engine Thilo Schulz (Jul 28)
[security bulletin] HPSBMU02692 SSRT100581 rev.2 - HP SiteScope, Remote Cross Site Scripting (XSS) and Session Fixation Attack security-alert (Jul 28)
[SECURITY] [DSA 2287-1] libpng security update Luciano Bello (Jul 28)
[security bulletin] HPSBMU02693 SSRT100583 rev.1 - HP Network Automation Running on Linux, Solaris, and Windows, Remote SQL Injection, Cross Site Scripting (XSS) security-alert (Jul 28)
[security bulletin] HPSBMU02669 SSRT100346 rev.3 - HP Data Protector Media Management Daemon (mmd), Remote Denial of Service (DoS) security-alert (Jul 28)
[security bulletin] HPSBUX02689 SSRT100494 rev.2 - HP-UX Running OpenSSL, Remote Denial of Service (DoS) security-alert (Jul 28)
[security bulletin] HPSBMU02691 SSRT100483 rev.2 - HP Performance Agent and HP Operations Agent, Remote Arbitrary File Deletion security-alert (Jul 28)
Gopal Systems (products.php?cat_id) Remote SQL injection Vulnerability ehsan_hp200 (Jul 28)
n.runs-SA-2011.001 - Citrix XenApp / XenDesktop Stack-Based Buffer Overflow security (Jul 28)
n.runs-SA-2011.002 - Citrix XenApp / XenDesktop XML Service Heap Corruption security (Jul 28)
ZDI-11-244: (0day) FlexNet License Server Manager lmadmin Remote Code Execution Vulnerability ZDI Disclosures (Jul 28)
Sitecore CMS 6.4 Open URL Redirect Vulnerability Tom Neaves (Jul 29)
[SECURITY] [DSA 2288-1] libsndfile security update Moritz Muehlenhoff (Jul 29)
PacSec CFP note, deadline Aug 3; conf Nov 9/10 Tokyo Dragos Ruiu (Jul 29)
Cisco Security Advisory: Cisco TelePresence Recording Server Default Credentials for Root Account Vulnerability Cisco Systems Product Security Incident Response Team (Jul 29)
Vegetav (news_item.php?id) Remote SQL injection Vulnerability ehsan_hp200 (Jul 29)
cgcraft llc (info.php?id) (news_item.php?id) Remote SQL injection Vulnerability ehsan_hp200 (Jul 29)
AppSec USA 2011 Open Source Showcase Call for Demos adam . baso (Jul 29)
ZDI-11-245: Sybase Adaptive Server Backup and Monitor Server Translation Array Remote Code Execution Vulnerability ZDI Disclosures (Jul 29)
ZDI-11-246: Sybase Adaptive Server Backup and Monitor Server NULL Write Remote Code Execution Vulnerability ZDI Disclosures (Jul 29)