Bugtraq: by author
RSS Feed
About List
All Lists
Previous period
172 messages
starting Jul 16 12 and
ending Jul 12 12
Date index |
Thread index |
Author index
0a29 40
0A29-12-2 :Metasploit 'pcap_log' plugin privilege escalation vulnerability 0a29 40 (Jul 16)
Aaron T. Myers
[CVE-2012-3376] Apache Hadoop HDFS information disclosure vulnerability Aaron T. Myers (Jul 09)
abhijeet
[Announcement] ClubHack Magazine's July 2012 Issue Released abhijeet (Jul 19)
ClubHack2012 CFP Open Now abhijeet (Jul 05)
Adam Behnke
Malicious Code Execution in PCI Expansion ROM Adam Behnke (Jul 03)
Adam Caudill
Spark IM Client Local Password Decryption Adam Caudill (Jul 30)
Admin
TP Link Gateway v3.12.4 - Multiple Web Vulnerabilities Admin (Jul 12)
Administrator
AVAVoIP v1.5.12 - Multiple Web Vulnerabilities Administrator (Jul 17)
advisory
Multiple Cross-Site Scripting (XSS) in Kajona advisory (Jul 11)
Cross-Site Scripting (XSS) in Redaxo advisory (Jul 25)
Blind SQL Injection in Webmatic advisory (Jul 04)
Amir
Wordpress (editormonkey) Arbitrary File Upload Vulnerability Amir (Jul 04)
Wordpress (chenpress Plugin) Arbitrary File Upload Vulnerability Amir (Jul 23)
Apple Product Security
APPLE-SA-2012-07-25-2 Xcode 4.4 Apple Product Security (Jul 26)
APPLE-SA-2012-07-25-1 Safari 6.0 Apple Product Security (Jul 25)
Asterisk Security Team
AST-2012-011: Remote crash vulnerability in voice mail application Asterisk Security Team (Jul 09)
AST-2012-010: Possible resource leak on uncompleted re-invite transactions Asterisk Security Team (Jul 09)
Ben Laurie
Cyberoam advisory Ben Laurie (Jul 04)
Bertrand Delacretaz
[SECURITY] CVE-2012-2138 Apache Sling denial of service vulnerability Bertrand Delacretaz (Jul 09)
bugreport
.Net Framework Tilde Character DoS bugreport (Jul 04)
.Net Framework Tilde Character DoS - Sorry, exploit-db link corrected bugreport (Jul 04)
IIS Short File/Folder Name Disclosure by using tilde ~ character bugreport (Jul 04)
BugsNotHugs
IBM Edge Components Caching Proxy XSS Followup BugsNotHugs (Jul 02)
IBM developerWorks ncp (Nigel's Capacity Planning) 2.1 Remote Information Disclosure BugsNotHugs (Jul 02)
Sun iPlanet Error Page Link Injection BugsNotHugs (Jul 02)
Bookmark4U lostpasswd.php env[include_prefix] Parameter RFI BugsNotHugs (Jul 02)
Call for papers
Call for Papers: The 7th International Conference for Internet Technology and Secured Transactions (ICITST-2012) Call for papers (Jul 09)
Chris Travers
Security Advisory in LedgerSMBv 1.3.20 and below: Denial of Service vulnerability Chris Travers (Jul 30)
Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Immersive Endpoint Devices Cisco Systems Product Security Incident Response Team (Jul 11)
Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Recording Server Cisco Systems Product Security Incident Response Team (Jul 11)
Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Manager Cisco Systems Product Security Incident Response Team (Jul 11)
Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Multipoint Switch Cisco Systems Product Security Incident Response Team (Jul 11)
CORE Security Technologies Advisories
CORE-2011-1123 - Windows Kernel ReadLayoutFile Heap Overflow CORE Security Technologies Advisories (Jul 17)
Dan Fandrich
libexif project security advisory July 12, 2012 Dan Fandrich (Jul 16)
Fabien DUCHENE
GreHack 2012 - Call For Musicians/Artists/DJs application open till October 5th 2012 (Grenoble, France) Fabien DUCHENE (Jul 19)
GreHack 2012 - extended deadline CFP 15th August 2012 (Grenoble, France) Fabien DUCHENE (Jul 09)
Fernando Gont
Slideware of IPv6 hacking training (HIP 2012 edition), and future trainings (Portugal & Belgium) Fernando Gont (Jul 03)
IPv6 security tools released Fernando Gont (Jul 05)
Florian Weimer
[SECURITY] [DSA 2505-1] zendframework security update Florian Weimer (Jul 02)
Henri Salo
Re: plow 0.0.5 <= Buffer Overflow Vulnerability Henri Salo (Jul 09)
Re: Wordpress (chenpress Plugin) Arbitrary File Upload Vulnerability Henri Salo (Jul 24)
Inshell Security
[IA30] Photodex ProShow Producer v5.0.3256 Local Buffer Overflow Vulnerability Inshell Security (Jul 03)
Ivan Buetler
Free Web App Security Challenges - Hackademics Project Ivan Buetler (Jul 23)
Kathrin Schäberle
security advisory: AirDroid 1.0.4 beta Kathrin Schäberle (Jul 13)
king cope
Unpatched IIS Vulnerabilities / Microsoft July Security Bulletin king cope (Jul 17)
komarov
Checkpoint Abra - Vulnerabilities komarov (Jul 09)
Krzysztof Kotowicz
CodeIgniter <= 2.1.1 xss_clean() Cross Site Scripting filter bypass Krzysztof Kotowicz (Jul 23)
larry0
Re: Basilic RCE bug larry0 (Jul 06)
file clobbering vulnerability in Solaris update manager & local root with SUNWbindr install. larry0 (Jul 23)
LpSolit
Security advisory for Bugzilla 4.3.2, 4.2.2, 4.0.7 and 3.6.10 LpSolit (Jul 27)
Luciano Bello
[SECURITY] [DSA 2509-1] pidgin security update Luciano Bello (Jul 09)
[SECURITY] [DSA 2510-1] extplorer security update Luciano Bello (Jul 13)
Major Malfunction
DC4420 - London DEFCON - July meet - Tuesday July 17th 2012 Major Malfunction (Jul 17)
mbsarwin
Re: CitrusDB 2.4.1 - LFI/SQLi Vulnerability mbsarwin (Jul 11)
Moritz Muehlenhoff
[SECURITY] [DSA 2511-1] puppet security update Moritz Muehlenhoff (Jul 12)
[SECURITY] [DSA 2507-1] openjdk-6 security update Moritz Muehlenhoff (Jul 04)
[SECURITY] [DSA 2512-1] mono security update Moritz Muehlenhoff (Jul 12)
moshez
Google Chrome 19 metro_driver.dll mishandling moshez (Jul 16)
m . razavi777
Basilic RCE bug m . razavi777 (Jul 02)
n0b0d13s
[CVE-2012-0911] Tiki Wiki CMS Groupware <= 8.3 "unserialize()" PHP Code Execution n0b0d13s (Jul 04)
Nico Golde
[SECURITY] [DSA 2514-1] iceweasel security update Nico Golde (Jul 18)
[SECURITY] [DSA 2517-1] bind9 security update Nico Golde (Jul 30)
[SECURITY] [DSA 2515-1] nsd3 security update Nico Golde (Jul 19)
[SECURITY] [DSA 2516-1] isc-dhcp security update Nico Golde (Jul 26)
Nicolas Grégoire
From XSLT code execution to Meterpreter shells Nicolas Grégoire (Jul 04)
noreply
[PT-2012-23] SQL Injection in Dr.Web Anti-virus noreply (Jul 17)
Oliver Karow
Dr. Web Control Center Admin UI Remote Script Code Injection Oliver Karow (Jul 30)
pawel . wylecial
CakePHP 2.x-2.2.0-RC2 XXE Injection pawel . wylecial (Jul 16)
pereira
plow 0.0.5 <= Buffer Overflow Vulnerability pereira (Jul 04)
Forum Oxalis 0.1.2 <= SQL Injection Vulnerability pereira (Jul 04)
BookNux 0.2 <= Multiple Vulnerabilities pereira (Jul 09)
DomsHttpd 1.0 <= Remote Denial Of Service pereira (Jul 17)
Re: Re: plow 0.0.5 <= Buffer Overflow Vulnerability pereira (Jul 10)
BookNux 0.2 <= Multiple Vulnerabilities pereira (Jul 09)
pocadm
POC2012 Call for Paper pocadm (Jul 23)
Ralf Braga
Just4meeting 3.0 - Lisbon/Portugal - 6 to 8 - July Ralf Braga (Jul 04)
Research
PBBoard v2.1.4 CMS - Multiple Web Vulnerabilities Research (Jul 16)
Classified Ads Script PHP v1.1 - SQL Injection Vulnerabilities Research (Jul 04)
SMF Board v2.0.2 - Multiple Web Vulnerabilities Research (Jul 16)
Freeside SelfService CGI|API 2.3.3 - Multiple Vulnerabilities Research (Jul 04)
Phonalisa v5.0 VoiP - Multiple Web Vulnerabilities Research (Jul 12)
PHP Jobsite v1.36 - Cross Site Scripting Vulnerabilities Research (Jul 12)
Funeral Script PHP - Multiple Web Vulnerabilites Research (Jul 12)
Blackboard Mobile Learn v3.0 - Persistent Web Vulnerability Research (Jul 16)
VamCart v0.9 CMS - Multiple Web Vulnerabilities Research (Jul 16)
GuestBook Scripts PHP v1.5 - Multiple Web Vulnerabilites Research (Jul 04)
KeyPass Password Safe v1.22 - Software Filter Vulnerability Research (Jul 17)
Reserve Logic v1.2 Booking CMS - Multiple Vulnerabilities Research (Jul 12)
Event Calendar PHP 1.2 - Multiple Web Vulnerabilites Research (Jul 16)
Event Script PHP v1.1 CMS - Multiple Web Vulnerabilites Research (Jul 04)
CLscript CMS v3.0 - Multiple Web Vulnerabilities Research (Jul 05)
Research@NGSSecure
NGS00194 Patch Notification: Nagios XI Network Monitor Blind SQL Injection Research@NGSSecure (Jul 02)
NGS00196 Patch Notification: Nagios XI Network Monitor OS Command Injection Research@NGSSecure (Jul 02)
NGS00195 Patch Notification: Nagios XI Network Monitor Stored and Reflected XSS Research@NGSSecure (Jul 02)
NGS00162 Patch Notification: Symantec Message Filter Session Hijacking via session fixation Research@NGSSecure (Jul 02)
Roee Hay
Android DNS poisoning: Randomness gone bad (CVE-2012-2808) Roee Hay (Jul 24)
Secunia Research
Secunia Research: Cisco Linksys PlayerPT ActiveX Control "SetSource()" Buffer Overflow Secunia Research (Jul 17)
security
[ MDVSA-2012:108 ] php security (Jul 23)
[ MDVSA-2012:103 ] automake security (Jul 12)
[ MDVSA-2012:113 ] arpwatch security (Jul 26)
[ MDVSA-2012:107 ] exif security (Jul 13)
[ MDVSA-2012:119 ] bind security (Jul 30)
[ MDVSA-2012:105 ] pidgin security (Jul 12)
[ MDVSA-2012:096-1 ] python security (Jul 02)
[ MDVSA-2012:117 ] python-pycrypto security (Jul 27)
[ MDVSA-2012:106 ] libexif security (Jul 13)
[ MDVSA-2012:110 ] mozilla security (Jul 24)
[ MDVSA-2012:101 ] libtiff security (Jul 04)
[ MDVSA-2012:112 ] perl-DBD-Pg security (Jul 26)
[ MDVSA-2012:114 ] apache-mod_auth_openid security (Jul 26)
[ MDVSA-2012:109 ] libxslt security (Jul 24)
[ MDVSA-2012:116 ] dhcp security (Jul 26)
[ MDVSA-2012:115 ] dhcp security (Jul 26)
[ MDVSA-2012:111 ] libgdata security (Jul 25)
[ MDVSA-2012:102 ] krb5 security (Jul 06)
[ MDVSA-2012:104 ] openjpeg security (Jul 12)
[ MDVSA-2012:110-1 ] mozilla security (Jul 30)
[ MDVSA-2012:118 ] apache-mod_security security (Jul 27)
Security_Alert
ESA-2012-023: RSA Authentication Manager Multiple Vulnerabilities Security_Alert (Jul 12)
ESA-2012-026: RSA Access Manager Session Replay Vulnerability Security_Alert (Jul 04)
ESA-2012-027: EMC Celerra/VNX/VNXe Improper Access Control Vulnerability Security_Alert (Jul 11)
security-alert
[security bulletin] HPSBGN02750 SSRT100795 rev.1 - HP ProtectTools Enterprise Device Access Manager Running on Windows, Remote Execution of Arbitrary Code, Denial of Service (DoS) security-alert (Jul 05)
[security bulletin] HPSBUX02795 SSRT100878 rev.2 - HP-UX Running BIND, Remote Denial of Service (DoS) security-alert (Jul 26)
[security bulletin] HPSBGN02787 SSRT100876 rev.1 - HP AssetManager, Remote Cross Site Scripting (XSS) and Unauthorized Data Modification security-alert (Jul 16)
[security bulletin] HPSBMU02783 SSRT100806 rev.1 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Cross Site Scripting (XSS) security-alert (Jul 02)
[security bulletin] HPSBMU02796 SSRT100594 rev.2 - HP Operations Agent for AIX, HP-UX, Linux, Solaris and Windows, Remote Execution of Arbitrary Code security-alert (Jul 13)
[security bulletin] HPSBMU02781 SSRT100617 rev.1 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows running PostgreSQL, Remote Execution of Arbitrary Code, Denial of Service (DoS) security-alert (Jul 02)
[security bulletin] HPSBUX02795 SSRT100878 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS) security-alert (Jul 03)
[security bulletin] HPSBMU02796 SSRT100594 rev.1 - HP Operations Agent for AIX, HP-UX, Linux, Solaris and Windows, Remote Execution of Arbitrary Code security-alert (Jul 10)
[security bulletin] HPSBMU02797 SSRT100867 rev.1 - HP Network Node Manager i (NNMi) v9.1x Running JDK for HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Information Disclosure, Modification, Denial of Service (DoS) security-alert (Jul 17)
[security bulletin] HPSBUX02789 SSRT100824 rev.3 - HP-UX CIFS Server (Samba), Remote Execution of Arbitrary Code, Elevation of Privileges security-alert (Jul 25)
[security bulletin] HPSBMU02799 SSRT100867 rev.1 - HP Network Node Manager i (NNMi) v9.0x Running JDK for HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Information Disclosure, Modification, Denial of Service (DoS) security-alert (Jul 17)
securityfocus
NESSUS ANDROID APP - stores login info in plain text securityfocus (Jul 23)
Slackware Security Team
[slackware-security] mozilla-firefox (SSA:2012-200-02) Slackware Security Team (Jul 18)
[slackware-security] php (SSA:2012-195-01) Slackware Security Team (Jul 16)
[slackware-security] bind (SSA:2012-209-01) Slackware Security Team (Jul 30)
[slackware-security] libexif (SSA:2012-200-01) Slackware Security Team (Jul 19)
[slackware-security] libpng (SSA:2012-206-01) Slackware Security Team (Jul 25)
[slackware-security] pidgin (SSA:2012-195-02) Slackware Security Team (Jul 16)
[slackware-security] mozilla-thunderbird (SSA:2012-200-03) Slackware Security Team (Jul 18)
[slackware-security] seamonkey (SSA:2012-200-04) Slackware Security Team (Jul 18)
Socket_0x03
tekno.Portal 0.1b - SQLi Vulnerability in "anket.php" Socket_0x03 (Jul 26)
sschurtz
MGB OpenSource Guestbook 0.6.9.1 Multiple security vulnerabilities sschurtz (Jul 16)
WordPress Plugin 'Count Per Day' 3.1.1 Multiple Cross-site scripting vulnerabilities sschurtz (Jul 16)
Stefan Kanthak
Vulnerable Microsoft VC++ 2005 runtime libraries in "Microsoft Live Meeting 2007 Client" installed in private location Stefan Kanthak (Jul 04)
Thor (Hammer of God)
Re: [Full-disclosure] Unpatched IIS Vulnerabilities / Microsoft July Security Bulletin Thor (Hammer of God) (Jul 17)
Tom Yu
MITKRB5-SA-2012-001: KDC heap corruption and crash [CVE-2012-1014 CVE-2012-1015] Tom Yu (Jul 31)
Trustwave Advisories
TWSL2012-014: Multiple Vulnerabilities in Scrutinizer NetFlow & sFlow Analyzer Trustwave Advisories (Jul 30)
vulns
DataWatch Monarch Business Intelligence (BI) v5.1 Admin Section Blind XPath Injection vulns (Jul 30)
DataWatch Monarch Business Intelligence (BI) v5.1 admin section stored cross-site scripting vulns (Jul 30)
TEMENOS T24 R07.03 Reflected Cross-Site Scripting vulns (Jul 30)
DataWatch Monarch Business Intelligence (BI) v5.1 client section stored cross-site scripting vulns (Jul 30)
DataWatch Monarch BI v5.1 admin section reflected cross-site scripting vulns (Jul 30)
TEMENOS T24 R07.03 Authentication Bypass vulns (Jul 30)
DataWatch Monarch Business Intelligence (BI) v5.1 Blind SQL injection vulns (Jul 30)
YGN Ethical Hacker Group
ocPortal 7.1.5 <= | Open URL Redirection Vulnerability YGN Ethical Hacker Group (Jul 30)
Yves-Alexis Perez
[SECURITY] [DSA 2506-1] libapache-mod-security security update Yves-Alexis Perez (Jul 03)
[SECURITY] [DSA 2508-1] kfreebsd-8 security update Yves-Alexis Perez (Jul 23)
ZDI Disclosures
ZDI-12-117 : EMC AutoStart ftAgent Opcode 50 Parsing Remote Code Execution Vulnerability ZDI Disclosures (Jul 12)
ZDI-12-126 : (0 day) HP StorageWorks File Migration Agent RsaCIFS.dll Remote Code Execution Vulnerability ZDI Disclosures (Jul 19)
ZDI-12-115 : HP OpenView Performance Agent coda.exe Opcode 0x8C Remote Code Execution Vulnerability ZDI Disclosures (Jul 12)
ZDI-12-122: EMC AutoStart ftAgent Opcode 65 Parsing Remote Code Execution Vulnerability ZDI Disclosures (Jul 12)
ZDI-12-120: EMC AutoStart ftAgent Opcode 85 Subcode 22 Parsing Remote Code Execution Vulnerability ZDI Disclosures (Jul 12)
ZDI-12-119: EMC AutoStart ftAgent Opcode 0x41 Subcode 0x00 Parsing Remote Code Execution Vulnerability ZDI Disclosures (Jul 12)
ZDI-12-121: EMC AutoStart ftAgent Opcode 85 Subcode 01 Parsing Remote Code Execution Vulnerability ZDI Disclosures (Jul 12)
ZDI-12-114 : HP OpenView Performance Agent coda.exe Opcode 0x34 Remote Code Execution Vulnerability ZDI Disclosures (Jul 12)
ZDI-12-127 : (0Day) HP StorageWorks File Migration Agent RsaFTP.dll Remote Code Execution Vulnerability ZDI Disclosures (Jul 19)
ZDI-12-118: EMC AutoStart ftAgent Opcode 0x03 Parsing Remote Code Execution Vulnerability ZDI Disclosures (Jul 12)
ZDI-12-125: Apple Quicktime QTPlugin SetLanguage Remote Code Execution Vulnerability ZDI Disclosures (Jul 12)
ZDI-12-124: EMC AutoStart ftAgent Opcode 50 Subcode 42 Parsing Remote Code Execution Vulnerability ZDI Disclosures (Jul 12)
ZDI-12-116 : EMC AutoStart ftAgent Opcode 50 Subcode 04 Parsing Remote Code Execution Vulnerability ZDI Disclosures (Jul 12)
ZDI-12-123: EMC AutoStart ftAgent Opcode 50 Subcode 60 Parsing Remote Code Execution Vulnerability ZDI Disclosures (Jul 12)