Bugtraq: by thread
203 messages
starting May 02 11 and
ending May 31 11
Date index |
Thread index |
Author index
- [ MDVSA-2011:079 ] firefox security (May 02)
- [SECURITY] [DSA 2227-1] iceape security update Moritz Muehlenhoff (May 02)
- [ MDVSA-2011:081 ] kdenetwork4 security (May 02)
- [USN-1121-1] firefox vulnerabilities Micah Gersten (May 02)
- [ISecAuditors Security Advisories] XSS in Oracle AS Portal 10g ISecAuditors Security Advisories (May 02)
- OSI Security: LANSA aXes Web Terminal (TN5250) Cross-Site Scripting Vulnerability Patrick Webster (May 02)
- [SECURITY] [DSA 2230-1] qemu-kvm security update Moritz Muehlenhoff (May 02)
- [USN-1112-1] Firefox and Xulrunner vulnerabilities Micah Gersten (May 02)
- Multiple Vendors libc/glob(3) GLOB_BRACE|GLOB_LIMIT memory exhaustion cxib (May 02)
- [USN-1123-1] xulrunner-1.9.1 vulnerabilities Micah Gersten (May 02)
- [ MDVSA-2011:080 ] mozilla-thunderbird security (May 02)
- [SECURITY] [DSA 2229-1] spip security update Moritz Muehlenhoff (May 02)
- [SECURITY] [DSA 2228-1] iceweasel security update Moritz Muehlenhoff (May 02)
- [security bulletin] HPSBMA02661 SSRT100408 rev.2 - HP Proliant Support Pack (PSP) Running on Linux and Windows, Remote Cross Site Scripting (XSS), URL Redirection, Information Disclosure security-alert (May 03)
- HTB22967: Multiple SQL Injection in Shutter advisory (May 03)
- HTB22966: XSS in (e)2 interactive Photo Gallery advisory (May 03)
- [USN-1127-1] usb-creator vulnerability Marc Deslauriers (May 03)
- SQL injection in 4images bolok . boloke80 (May 03)
- HTB22964: XSS in SelectaPix Image Gallery advisory (May 03)
- XSS in GOT.MY CLASSMATES bolok . boloke80 (May 03)
- HTB22963: CSRF (Cross-Site Request Forgery) in SelectaPix Image Gallery advisory (May 03)
- [ MDVSA-2011:082 ] python-feedparser security (May 03)
- XSS in DEAL INFORMER bolok . boloke80 (May 03)
- HTB22962: Multiple XSS in YaPiG advisory (May 03)
- TeamSHATTER Security Advisory: XSS in locale parameter on IASTOP_CS_FARM_PAGE.html Shatter (May 03)
- [USN-1129-1] Perl vulnerabilities Marc Deslauriers (May 03)
- Path disclousure in MEGA PORTAL bolok . boloke80 (May 03)
- Revised: Portable OpenSSH security advisory: portable-keysign-rand-helper.adv Damien Miller (May 03)
- XSS in CLASSIFIED ADS bolok . boloke80 (May 03)
- TeamSHATTER Security Advisory: Oracle Malformed Network Package Spins CPU Shatter (May 03)
- NATO CCD COE's 3rd International Conference on Cyber Conflict . 7-10 June, Tallinn, Estonia. iccc (May 03)
- Proofpoint Protection Server Cross-Site Scripting Vulnerability - SOS-11-005 Lists (May 03)
- [USN-1128-1] Vino vulnerabilities Marc Deslauriers (May 03)
- CSRF (Cross-Site Request Forgery) in FREELANCER bolok . boloke80 (May 03)
- TeamSHATTER Security Advisory: Multiple SQL Injection in Oracle Enterprise Manager Service Level component Shatter (May 03)
- Cisco IOS UDP Denial of Service Vulnerability vuln (May 04)
- <Possible follow-ups>
- Re: Cisco IOS UDP Denial of Service Vulnerability psirt (May 05)
- [security bulletin] HPSBMA02667 SSRT100464 rev.3 - HP SiteScope, Cross Site Scripting (XSS) and HTML Injection security-alert (May 04)
- [RT-SA-2011-004] Client Side Authorization ZyXEL ZyWALL USG Appliances Web Interface RedTeam Pentesting GmbH (May 04)
- [RT-SA-2011-003] Authentication Bypass in Configuration Import and Export of ZyXEL ZyWALL USG Appliances RedTeam Pentesting GmbH (May 04)
- Cisco IOS SNMP Message Processing Denial Of Service Vulnerability vuln (May 04)
- <Possible follow-ups>
- Re: Cisco IOS SNMP Message Processing Denial Of Service Vulnerability psirt (May 05)
- Announcement - DeepSec 2011 - Call for Papers DeepSec Conference (May 04)
- [USN-1126-2] PHP Regressions Steve Beattie (May 05)
- t2'11: Call for Papers 2011 (Helsinki / Finland) Tomi Tuominen (May 05)
- Fwd: [USN-1122-1] Thunderbird vulnerabilities Micah Gersten (May 05)
- Cisco Security Response: Cisco IOS Software Denial of Service Vulnerabilities Cisco Systems Product Security Incident Response Team (May 05)
- HTB22968: XSS in PHP Directory Listing Script advisory (May 05)
- HTB22970: Multiple XSS vulnerabilities in PHPDug advisory (May 05)
- HTB22973: XSS in AJAX Calendar advisory (May 05)
- HTB22971: XSRF (CSRF) in PHPDug advisory (May 05)
- HTB22972: Multiple SQL injection vulnerabilities in PHPDug advisory (May 05)
- HTB22969: CSRF (Cross-Site Request Forgery) in VCalendar advisory (May 05)
- [USN-1122-2] Thunderbird vulnerabilities Micah Gersten (May 05)
- PR10-13: Multiple XSS and Authentication flaws within BMC Remedy Knowledge Management research (May 05)
- [SECURITY] [DSA 2232-1] exim4 security update Florian Weimer (May 06)
- [USN-1111-1] Linux kernel vulnerabilities Kees Cook (May 06)
- Silently Pwning Protected-Mode IE9 and Innocent Windows Applications Mitja Kolsek (May 06)
- VMSA-2011-0008 VMware vCenter Server and vSphere Client security vulnerabilities VMware Security Team (May 06)
- [SECURITY] [DSA 2231-1] otrs2 security update Florian Weimer (May 07)
- Swiss Cyber Storm 3 Ivan Buetler (May 09)
- TSSA-2011-02 - Opera : SELECT SIZE Arbitrary null write Advisories Toucan-System (May 09)
- TSSA-2011-03 - Perl : multiple functions null pointer dereference uppon parameters injection Advisories Toucan-System (May 09)
- Memory corruption in Postfix SMTP server Cyrus SASL support (CVE-2011-1720) Wietse Venema (May 09)
- [security bulletin] HPSBOV02634 SSRT100390 rev.1 - HP OpenVMS running Java, Remote Denial of Service (DoS) security-alert (May 09)
- [security bulletin] HPSBTU02684 SSRT100390 rev.1 - HP Tru64 UNIX running Java, Remote Denial of Service (DoS) security-alert (May 09)
- [security bulletin] HPSBOV02682 SSRT100495 rev.1 - HP OpenVMS running Kerberos, Remote Denial of Service (DoS), Execution of Arbitrary Code, Unauthorized Modification security-alert (May 09)
- [security bulletin] HPSBOV02670 SSRT100475 rev.1 - HP OpenVMS running SSL, Remote Denial of Service (DoS), Unauthorized Disclosure of Information, Unauthorized Modification security-alert (May 09)
- [security bulletin] HPSBOV02683 SSRT090208 rev.1 - HP Secure Web Server (SWS) for OpenVMS running Apache/PHP, Remote Denial of Service (DoS), Unauthorized Access, Unauthorized Disclosure of Information, Unauthorized Modification security-alert (May 09)
- PR10-17 Various XSS and information disclosure flaws within KeyFax response management system research (May 09)
- ZDI-11-154: Sybase M-Business Anywhere agSoap.exe password Tag Remote Code Execution Vulnerability ZDI Disclosures (May 09)
- ZDI-11-155: Sybase M-Business Anywhere Server agd.exe encodeUsername Remote Code Execution Vulnerability ZDI Disclosures (May 09)
- ZDI-11-156: Sybase M-Business Anywhere agd.exe username Parameter Remote Code Execution Vulnerability ZDI Disclosures (May 09)
- ZDI-11-157: Mozilla Firefox nsTreeRange Dangling Pointer Remote Code Execution Vulnerability ZDI Disclosures (May 10)
- OSI Security: Civica Spydus Library Management System (LMS) - Cross-Site Scripting Vulnerability Patrick Webster (May 10)
- Re: SQL Injection in Pixie security curmudgeon (May 10)
- HTB22974: Multiple XSS in Calendarix advisory (May 10)
- HTB22975: SQL injection in Calendarix advisory (May 10)
- HTB22976: Multiple XSS (Cross Site Scripting) vulnerabilities in poMMo advisory (May 10)
- HTB22977: XSRF (CSRF) in poMMo advisory (May 10)
- Apache Struts 2 Multiple Reflected XSS in XWork error pages marian . ventuneac (May 11)
- [security bulletin] HPSBGN02680 SSRT100361 rev.1 - HP Intelligent Management Center (IMC), Remote Execution of Arbitrary Code security-alert (May 11)
- ZDI-11-164: HP 3COM/H3C Intelligent Management Center tftpserver DATA/ERROR Remote Code Execution Vulnerability ZDI Disclosures (May 11)
- ZDI-11-161: HP 3COM/H3C Intelligent Management Center tftpserver WRQ Remote Code Execution Vulnerability ZDI Disclosures (May 11)
- ZDI-11-160: HP 3COM/H3C Intelligent Management Center img Remote Code Execution Vulnerability ZDI Disclosures (May 11)
- [SECURITY] [DSA 2235-1] icedove security update Moritz Muehlenhoff (May 11)
- ZDI-11-165: HP 3COM/H3C Intelligent Management Center tftpserver opcode_table Remote Code Execution Vulnerability ZDI Disclosures (May 11)
- ZDI-11-162: HP 3COM/H3C Intelligent Management Center dbman sprintf Remote Code Execution Vulnerability ZDI Disclosures (May 11)
- [USN-1131-1] Postfix vulnerability Marc Deslauriers (May 11)
- ZDI-11-159: Mozilla Firefox OBJECT mObserverList Remote Code Execution Vulnerability ZDI Disclosures (May 11)
- [security bulletin] HPSBMI02632 SSRT100379 rev.1 - HP/Palm webOS, Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized File System Write Access security-alert (May 11)
- [SECURITY] [DSA 2234-1] zodb security update Luciano Bello (May 11)
- ZDI-11-158: Mozilla Firefox OBJECT mChannel Remote Code Execution Vulnerability ZDI Disclosures (May 11)
- [SECURITY] [DSA 2233-1] postfix security update Florian Weimer (May 11)
- CA20110510-01: Security Notice for CA eHealth Kotas, Kevin J (May 11)
- [PRE-SA-2011-04] Heap overflow in EFI partition handling code of the Linux kernel Timo Warns (May 11)
- [Announcement] ClubHACK Magazine Issue 16-May 2011 released abhijeet (May 11)
- [security bulletin] HPSBMA02672 SSRT100485 rev.1 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Local Read and Write Access to Data and Log Files security-alert (May 11)
- ZDI-11-163: HP 3COM/H3C Intelligent Management Center tftpserver mode Remote Code Execution Vulnerability ZDI Disclosures (May 11)
- ZDI-11-167: Microsoft WINS Service Failed Response Memory Corruption Remote Code Execution Vulnerability ZDI Disclosures (May 11)
- ZDI-11-166: HP 3COM/H3C Intelligent Management Center imcsyslogdm Remote Code Execution Vulnerability ZDI Disclosures (May 11)
- [security bulletin] HPSBMA02642 SSRT100415 rev.2 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows running Java, Remote Denial of Service (DoS) security-alert (May 11)
- [USN-1130-1] Exim vulnerability Kees Cook (May 11)
- CORE-2010-1118: Oracle GlassFish Server Administration Console Authentication Bypass CORE Security Technologies Advisories (May 12)
- [Bkis] sNews 1.7.1 XSS vulnerability Bkis (May 12)
- HTB22980: XSRF (CSRF) in Open Classifieds advisory (May 12)
- [security bulletin] HPSBMA02661 SSRT100408 rev.3 - HP SNMP Agents Running on Linux and HP Insight Management Agents Running on Windows, Remote Cross Site Scripting (XSS), URL Redirection, Information Disclosure security-alert (May 12)
- HTB22979: Multiple XSS (Cross Site Scripting) vulnerabilities in Argyle Social advisory (May 12)
- HTB22978: XSRF (CSRF) in Argyle Social advisory (May 12)
- CORE-2011-0204: Adobe Audition vulnerability processing malformed session file CORE Security Technologies Advisories (May 12)
- [security bulletin] HPSBMA02681 SSRT100493 rev.1 - HP Business Availability Center (BAC) Running on Windows and Solaris, Remote Cross Site Scripting (XSS) security-alert (May 16)
- [Annoucement] ClubHack Magazine - Call for Articles abhijeet (May 16)
- [ MDVSA-2011:083 ] wireshark security (May 16)
- [ MDVSA-2011:084 ] apr security (May 16)
- ESA-2011-016: EMC SourceOne ASP.NET application tracing information disclosure vulnerability Security_Alert (May 16)
- [ MDVSA-2011:085 ] libmodplug security (May 16)
- [SECURITY] [DSA 2237-1] apr security update Stefan Fritsch (May 16)
- [SECURITY] [DSA 2236-1] exim4 security update Florian Weimer (May 16)
- [ MDVSA-2011:086 ] polkit security (May 16)
- Multiple Vendors libc/fnmatch(3) DoS (incl apache poc) cxib (May 16)
- NSENSE-2011-002: Novell eDirectory/Netware LDAP-SSL daemon Henri Lindberg (May 16)
- DC4420 - London DEFCON - May meet - Tuesday 24th May 2011 Major Malfunction (May 16)
- Linux Kernel 2.6.38 Remote NULL Pointer Dereference roberto . paleari (May 16)
- [ MDVSA-2011:087 ] vino security (May 16)
- WebTech Conference 2011 Call for Papers Carsten Eilers (May 16)
- MalBox Release! A Program Behavior Analysis System! Xiaobo (May 16)
- [ MDVSA-2011:088 ] mplayer security (May 16)
- PR10-15: Multiple XSS flaws within Mitel's AWC (Mitel Audio and Web Conferencing) research (May 16)
- [ MDVSA-2011:089 ] mplayer security (May 16)
- Vulnerable and completely outdated 3rd party ZIP code in FastStone image viewer Stefan Kanthak (May 16)
- [USN-1132-1] apturl vulnerability Marc Deslauriers (May 16)
- ZDI-11-168: Multiple Vendor librpc.dll Remote Information Disclosure Vulnerability ZDI Disclosures (May 16)
- [ MDVSA-2011:090 ] postfix security (May 17)
- [SECURITY] CVE-2011-1582 Apache Tomcat security constraint bypass Mark Thomas (May 17)
- HTB22981: Multiple XSS (Cross Site Scripting) vulnerabilities in PHP Calendar Basic advisory (May 17)
- Ruxcon 2011 Call For Papers cfp (May 17)
- CVE-2010-0217 - Zeacom Chat Server JSESSIONID weak SessionID Vulnerability Daniel Clemens (May 17)
- [ MDVSA-2011:092 ] perl-IO-Socket-SSL security (May 18)
- XSS vulnerability in TWiki < 5.0.2 Netsparker Advisories (May 18)
- DOMinator - The DOMXss Analyzer Tool - is finally public Stefano Di Paola (May 18)
- [ MDVSA-2011:093 ] gnome-screensaver security (May 18)
- Cisco Unified Operations Manager Multiple Vulnerabilities - SOS-11-006 Lists (May 19)
- Apache Struts 2, XWork, OpenSymphony WebWork Java Class Path Information Disclosure marian . ventuneac (May 19)
- [ MDVSA-2011:094 ] pure-ftpd security (May 19)
- Ubuntu Security Notice publication update Jamie Strandboge (May 19)
- RE: CA20110420-02: Security Notice for CA Output Management Web Viewer Williams, James K (May 19)
- [SECURITY] [DSA 2238-1] vino security update Moritz Muehlenhoff (May 19)
- [ MDVSA-2011:095 ] apr security (May 20)
- PHPCaptcha / Securimage 2.0.2 - Authentication Bypass - SOS-11-007 Lists (May 20)
- Session hacking via authentication cookie on Oracle CRM on Demand jeffto (May 20)
- NGS00054 Patch Notification: Lumension Device Control (formerly Sanctuary) remote memory corruption Research@NGSSecure (May 24)
- PR10-11: Multiple XSS injection vulnerabilities and a offsite redirection flaw within HP System Management Homepage (Insight Manager) research (May 24)
- Bypassing Cisco's ICMPv6 Router Advertisement Guard feature Marc Heuse (May 24)
- [ MDVSA-2011:096 ] python security (May 24)
- HTB22995: XSS in Ajax Chat advisory (May 24)
- [SECURITY] [DSA 2237-2] apr security update Stefan Fritsch (May 24)
- [ MDVSA-2011:098 ] ruby security (May 24)
- NNT Change Tracker - Hard-Coded Encryption Key Dennis Brunnen (May 24)
- [ MDVSA-2011:099 ] libzip security (May 24)
- [ MDVSA-2011:100 ] cyrus-imapd security (May 24)
- [ MDVSA-2011:097 ] ruby security (May 24)
- HTB22987: Multiple XSS in phpScheduleIt advisory (May 24)
- Gadu-Gadu 0-Day Remote Code Execution Kacper Szczesniak (May 24)
- HTB22986: SQL injection in ExtCalendar 2 advisory (May 24)
- [ MDVSA-2011:095-1 ] apr security (May 24)
- E-mail address spoofing with RLO Wouter Coekaerts (May 24)
- [SECURITY] [DSA 2239-1] libmojolicious-perl security update Moritz Muehlenhoff (May 24)
- VUPEN Security Research - 7T Interactive Graphical SCADA System (IGSS) Remote Memory Corruption VUPEN Security Research (May 24)
- The Anatomy of COM Server-Based Binary Planting Exploits ACROS Security Lists (May 25)
- CORE-2010-0908: Lotus Notes XLS viewer malformed BIFF record heap overflow CORE Security Technologies Advisories (May 25)
- [SECURITY] [DSA 2240-1] linux-2.6 security update dann frazier (May 25)
- Remote Password Disclosure Vulnerability in RXS-3211 IP Camera + others supernothing (May 25)
- [SECURITY] [DSA 2241-1] qemu-kvm security update Moritz Muehlenhoff (May 25)
- Cisco Security Advisory: Cisco Content Delivery System Internet Streamer: Web Server Vulnerability Cisco Systems Product Security Incident Response Team (May 25)
- Cisco Security Advisory: Cisco RVS4000 and WRVS4400N Web Management Interface Vulnerabilities Cisco Systems Product Security Incident Response Team (May 25)
- Cisco Security Advisory: Cisco IOS XR Software IP Packet Vulnerability Cisco Systems Product Security Incident Response Team (May 25)
- Cisco Security Advisory: Cisco XR 12000 Series Shared Port Adapters Interface Processor Vulnerability Cisco Systems Product Security Incident Response Team (May 25)
- iDefense Security Advisory 05.24.11: IBM Lotus Notes LZH Attachment Viewer Stack Buffer Overflow labs-no-reply (May 25)
- iDefense Security Advisory 05.24.11: IBM Lotus Notes RTF Attachment Viewer Stack Buffer Overflow labs-no-reply (May 25)
- Cisco Security Advisory: Cisco IOS XR Software SSHv1 Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (May 25)
- iDefense Security Advisory 05.24.11: IBM Lotus Notes Applix Attachment Viewer Stack Buffer Overflow labs-no-reply (May 25)
- iDefense Security Advisory 05.24.11: IBM Lotus Notes Office Document Attachment Viewer Stack Buffer Overflow labs-no-reply (May 25)
- Talsoft S.R.L. Security Advisory - WordPress User IDs and User Names Disclosure Veronica (May 26)
- [ MDVSA-2011:101 ] dovecot security (May 26)
- [SECURITY] [DSA 2242-1] cyrus-imapd-2.2 security update Moritz Muehlenhoff (May 26)
- [CVE-REQUEST] Plone XSS and permission errors matthew (May 26)
- [SECURITY] CVE-2011-1026: Apache Archiva Multiple CSRF vulnerability Deng Ching (May 27)
- [SECURITY] CVE-2011-1077: Apache Archiva Multiple XSS vulnerability Deng Ching (May 27)
- Viewpoint: Security implications of IPv6 Fernando Gont (May 27)
- [SECURITY] [DSA 2243-1] unbound security update Florian Weimer (May 30)
- [SECURITY] [DSA 2244-1] bind9 security update Florian Weimer (May 30)
- [ MDVSA-2011:103 ] gimp security (May 30)
- [ MDVSA-2011:102 ] rdesktop security (May 30)
- FreeBSD Security Advisory FreeBSD-SA-11:02.bind FreeBSD Security Advisories (May 30)
- CFP for ekoparty 2011 is now OPEN! [Buenos Aires, Argentina] eko security conference (May 30)
- [SECURITY] [DSA 2246-1] mahara security update Giuseppe Iuculano (May 30)
- [SECURITY] [DSA 2245-1] chromium-browser security update Giuseppe Iuculano (May 30)
- [CVE-2011-1077] Apache Archiva Multiple XSS vulnerabilities Walikar Riyaz Ahemed Dawalmalik (May 31)
- Paranoia 2011: Call for papers paranoia (May 31)
- Cross-Site Scripting vulnerability in Serendipity Plugin "serendipity_event_freetag" sschurtz (May 31)
- [CVE-2011-1026] Apache Archiva Multiple CSRF vulnerabilities Walikar Riyaz Ahemed Dawalmalik (May 31)
- [SECURITY] [DSA 2247-1] rails security update Thijs Kinkhorst (May 31)