Bugtraq: by date

PreviousPrevious period
Next periodNext

172 messages starting Jul 02 12 and ending Jul 31 12
Date index | Thread index | Author index

Monday, 02 July

[SECURITY] [DSA 2505-1] zendframework security update Florian Weimer
Basilic RCE bug m . razavi777
IBM Edge Components Caching Proxy XSS Followup BugsNotHugs
Sun iPlanet Error Page Link Injection BugsNotHugs
IBM developerWorks ncp (Nigel's Capacity Planning) 2.1 Remote Information Disclosure BugsNotHugs
Bookmark4U lostpasswd.php env[include_prefix] Parameter RFI BugsNotHugs
[ MDVSA-2012:096-1 ] python security
[security bulletin] HPSBMU02781 SSRT100617 rev.1 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows running PostgreSQL, Remote Execution of Arbitrary Code, Denial of Service (DoS) security-alert
[security bulletin] HPSBMU02783 SSRT100806 rev.1 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Cross Site Scripting (XSS) security-alert
NGS00196 Patch Notification: Nagios XI Network Monitor OS Command Injection Research@NGSSecure
NGS00194 Patch Notification: Nagios XI Network Monitor Blind SQL Injection Research@NGSSecure
NGS00195 Patch Notification: Nagios XI Network Monitor Stored and Reflected XSS Research@NGSSecure
NGS00162 Patch Notification: Symantec Message Filter Session Hijacking via session fixation Research@NGSSecure

Tuesday, 03 July

Malicious Code Execution in PCI Expansion ROM Adam Behnke
[IA30] Photodex ProShow Producer v5.0.3256 Local Buffer Overflow Vulnerability Inshell Security
[SECURITY] [DSA 2506-1] libapache-mod-security security update Yves-Alexis Perez
Slideware of IPv6 hacking training (HIP 2012 edition), and future trainings (Portugal & Belgium) Fernando Gont
[security bulletin] HPSBUX02795 SSRT100878 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS) security-alert

Wednesday, 04 July

[ MDVSA-2012:101 ] libtiff security
[CVE-2012-0911] Tiki Wiki CMS Groupware <= 8.3 "unserialize()" PHP Code Execution n0b0d13s
Cyberoam advisory Ben Laurie
From XSLT code execution to Meterpreter shells Nicolas Grégoire
plow 0.0.5 <= Buffer Overflow Vulnerability pereira
Forum Oxalis 0.1.2 <= SQL Injection Vulnerability pereira
Vulnerable Microsoft VC++ 2005 runtime libraries in "Microsoft Live Meeting 2007 Client" installed in private location Stefan Kanthak
Blind SQL Injection in Webmatic advisory
Just4meeting 3.0 - Lisbon/Portugal - 6 to 8 - July Ralf Braga
Wordpress (editormonkey) Arbitrary File Upload Vulnerability Amir
[SECURITY] [DSA 2507-1] openjdk-6 security update Moritz Muehlenhoff
IIS Short File/Folder Name Disclosure by using tilde ~ character bugreport
.Net Framework Tilde Character DoS bugreport
.Net Framework Tilde Character DoS - Sorry, exploit-db link corrected bugreport
Event Script PHP v1.1 CMS - Multiple Web Vulnerabilites Research
GuestBook Scripts PHP v1.5 - Multiple Web Vulnerabilites Research
Classified Ads Script PHP v1.1 - SQL Injection Vulnerabilities Research
Freeside SelfService CGI|API 2.3.3 - Multiple Vulnerabilities Research
ESA-2012-026: RSA Access Manager Session Replay Vulnerability Security_Alert

Thursday, 05 July

CLscript CMS v3.0 - Multiple Web Vulnerabilities Research
ClubHack2012 CFP Open Now abhijeet
IPv6 security tools released Fernando Gont
[security bulletin] HPSBGN02750 SSRT100795 rev.1 - HP ProtectTools Enterprise Device Access Manager Running on Windows, Remote Execution of Arbitrary Code, Denial of Service (DoS) security-alert

Friday, 06 July

[ MDVSA-2012:102 ] krb5 security
Re: Basilic RCE bug larry0

Monday, 09 July

[SECURITY] [DSA 2509-1] pidgin security update Luciano Bello
AST-2012-010: Possible resource leak on uncompleted re-invite transactions Asterisk Security Team
AST-2012-011: Remote crash vulnerability in voice mail application Asterisk Security Team
[SECURITY] CVE-2012-2138 Apache Sling denial of service vulnerability Bertrand Delacretaz
BookNux 0.2 <= Multiple Vulnerabilities pereira
[CVE-2012-3376] Apache Hadoop HDFS information disclosure vulnerability Aaron T. Myers
BookNux 0.2 <= Multiple Vulnerabilities pereira
Call for Papers: The 7th International Conference for Internet Technology and Secured Transactions (ICITST-2012) Call for papers
Checkpoint Abra - Vulnerabilities komarov
Re: plow 0.0.5 <= Buffer Overflow Vulnerability Henri Salo
GreHack 2012 - extended deadline CFP 15th August 2012 (Grenoble, France) Fabien DUCHENE

Tuesday, 10 July

[security bulletin] HPSBMU02796 SSRT100594 rev.1 - HP Operations Agent for AIX, HP-UX, Linux, Solaris and Windows, Remote Execution of Arbitrary Code security-alert
Re: Re: plow 0.0.5 <= Buffer Overflow Vulnerability pereira

Wednesday, 11 July

Re: CitrusDB 2.4.1 - LFI/SQLi Vulnerability mbsarwin
Multiple Cross-Site Scripting (XSS) in Kajona advisory
Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Recording Server Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Immersive Endpoint Devices Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Multipoint Switch Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Manager Cisco Systems Product Security Incident Response Team
ESA-2012-027: EMC Celerra/VNX/VNXe Improper Access Control Vulnerability Security_Alert

Thursday, 12 July

ESA-2012-023: RSA Authentication Manager Multiple Vulnerabilities Security_Alert
[ MDVSA-2012:103 ] automake security
[ MDVSA-2012:104 ] openjpeg security
[ MDVSA-2012:105 ] pidgin security
TP Link Gateway v3.12.4 - Multiple Web Vulnerabilities Admin
Phonalisa v5.0 VoiP - Multiple Web Vulnerabilities Research
Funeral Script PHP - Multiple Web Vulnerabilites Research
PHP Jobsite v1.36 - Cross Site Scripting Vulnerabilities Research
Reserve Logic v1.2 Booking CMS - Multiple Vulnerabilities Research
ZDI-12-114 : HP OpenView Performance Agent coda.exe Opcode 0x34 Remote Code Execution Vulnerability ZDI Disclosures
ZDI-12-115 : HP OpenView Performance Agent coda.exe Opcode 0x8C Remote Code Execution Vulnerability ZDI Disclosures
ZDI-12-116 : EMC AutoStart ftAgent Opcode 50 Subcode 04 Parsing Remote Code Execution Vulnerability ZDI Disclosures
ZDI-12-117 : EMC AutoStart ftAgent Opcode 50 Parsing Remote Code Execution Vulnerability ZDI Disclosures
ZDI-12-118: EMC AutoStart ftAgent Opcode 0x03 Parsing Remote Code Execution Vulnerability ZDI Disclosures
ZDI-12-119: EMC AutoStart ftAgent Opcode 0x41 Subcode 0x00 Parsing Remote Code Execution Vulnerability ZDI Disclosures
ZDI-12-120: EMC AutoStart ftAgent Opcode 85 Subcode 22 Parsing Remote Code Execution Vulnerability ZDI Disclosures
ZDI-12-121: EMC AutoStart ftAgent Opcode 85 Subcode 01 Parsing Remote Code Execution Vulnerability ZDI Disclosures
ZDI-12-122: EMC AutoStart ftAgent Opcode 65 Parsing Remote Code Execution Vulnerability ZDI Disclosures
ZDI-12-123: EMC AutoStart ftAgent Opcode 50 Subcode 60 Parsing Remote Code Execution Vulnerability ZDI Disclosures
ZDI-12-124: EMC AutoStart ftAgent Opcode 50 Subcode 42 Parsing Remote Code Execution Vulnerability ZDI Disclosures
ZDI-12-125: Apple Quicktime QTPlugin SetLanguage Remote Code Execution Vulnerability ZDI Disclosures
[SECURITY] [DSA 2511-1] puppet security update Moritz Muehlenhoff
[SECURITY] [DSA 2512-1] mono security update Moritz Muehlenhoff

Friday, 13 July

security advisory: AirDroid 1.0.4 beta Kathrin Schäberle
[SECURITY] [DSA 2510-1] extplorer security update Luciano Bello
[ MDVSA-2012:106 ] libexif security
[ MDVSA-2012:107 ] exif security
[security bulletin] HPSBMU02796 SSRT100594 rev.2 - HP Operations Agent for AIX, HP-UX, Linux, Solaris and Windows, Remote Execution of Arbitrary Code security-alert

Monday, 16 July

[slackware-security] pidgin (SSA:2012-195-02) Slackware Security Team
[slackware-security] php (SSA:2012-195-01) Slackware Security Team
Google Chrome 19 metro_driver.dll mishandling moshez
Event Calendar PHP 1.2 - Multiple Web Vulnerabilites Research
VamCart v0.9 CMS - Multiple Web Vulnerabilities Research
SMF Board v2.0.2 - Multiple Web Vulnerabilities Research
PBBoard v2.1.4 CMS - Multiple Web Vulnerabilities Research
Blackboard Mobile Learn v3.0 - Persistent Web Vulnerability Research
MGB OpenSource Guestbook 0.6.9.1 Multiple security vulnerabilities sschurtz
WordPress Plugin 'Count Per Day' 3.1.1 Multiple Cross-site scripting vulnerabilities sschurtz
CakePHP 2.x-2.2.0-RC2 XXE Injection pawel . wylecial
libexif project security advisory July 12, 2012 Dan Fandrich
[security bulletin] HPSBGN02787 SSRT100876 rev.1 - HP AssetManager, Remote Cross Site Scripting (XSS) and Unauthorized Data Modification security-alert
0A29-12-2 :Metasploit 'pcap_log' plugin privilege escalation vulnerability 0a29 40

Tuesday, 17 July

CORE-2011-1123 - Windows Kernel ReadLayoutFile Heap Overflow CORE Security Technologies Advisories
Unpatched IIS Vulnerabilities / Microsoft July Security Bulletin king cope
Re: [Full-disclosure] Unpatched IIS Vulnerabilities / Microsoft July Security Bulletin Thor (Hammer of God)
DC4420 - London DEFCON - July meet - Tuesday July 17th 2012 Major Malfunction
AVAVoIP v1.5.12 - Multiple Web Vulnerabilities Administrator
KeyPass Password Safe v1.22 - Software Filter Vulnerability Research
DomsHttpd 1.0 <= Remote Denial Of Service pereira
Secunia Research: Cisco Linksys PlayerPT ActiveX Control "SetSource()" Buffer Overflow Secunia Research
[PT-2012-23] SQL Injection in Dr.Web Anti-virus noreply
[security bulletin] HPSBMU02799 SSRT100867 rev.1 - HP Network Node Manager i (NNMi) v9.0x Running JDK for HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Information Disclosure, Modification, Denial of Service (DoS) security-alert
[security bulletin] HPSBMU02797 SSRT100867 rev.1 - HP Network Node Manager i (NNMi) v9.1x Running JDK for HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Information Disclosure, Modification, Denial of Service (DoS) security-alert

Wednesday, 18 July

[SECURITY] [DSA 2514-1] iceweasel security update Nico Golde
[slackware-security] mozilla-firefox (SSA:2012-200-02) Slackware Security Team
[slackware-security] mozilla-thunderbird (SSA:2012-200-03) Slackware Security Team
[slackware-security] seamonkey (SSA:2012-200-04) Slackware Security Team

Thursday, 19 July

[slackware-security] libexif (SSA:2012-200-01) Slackware Security Team
ZDI-12-126 : (0 day) HP StorageWorks File Migration Agent RsaCIFS.dll Remote Code Execution Vulnerability ZDI Disclosures
ZDI-12-127 : (0Day) HP StorageWorks File Migration Agent RsaFTP.dll Remote Code Execution Vulnerability ZDI Disclosures
GreHack 2012 - Call For Musicians/Artists/DJs application open till October 5th 2012 (Grenoble, France) Fabien DUCHENE
[SECURITY] [DSA 2515-1] nsd3 security update Nico Golde
[Announcement] ClubHack Magazine's July 2012 Issue Released abhijeet

Monday, 23 July

[ MDVSA-2012:108 ] php security
POC2012 Call for Paper pocadm
NESSUS ANDROID APP - stores login info in plain text securityfocus
CodeIgniter <= 2.1.1 xss_clean() Cross Site Scripting filter bypass Krzysztof Kotowicz
Free Web App Security Challenges - Hackademics Project Ivan Buetler
Wordpress (chenpress Plugin) Arbitrary File Upload Vulnerability Amir
[SECURITY] [DSA 2508-1] kfreebsd-8 security update Yves-Alexis Perez
file clobbering vulnerability in Solaris update manager & local root with SUNWbindr install. larry0

Tuesday, 24 July

[ MDVSA-2012:109 ] libxslt security
Re: Wordpress (chenpress Plugin) Arbitrary File Upload Vulnerability Henri Salo
[ MDVSA-2012:110 ] mozilla security
Android DNS poisoning: Randomness gone bad (CVE-2012-2808) Roee Hay

Wednesday, 25 July

[slackware-security] libpng (SSA:2012-206-01) Slackware Security Team
APPLE-SA-2012-07-25-1 Safari 6.0 Apple Product Security
[ MDVSA-2012:111 ] libgdata security
Cross-Site Scripting (XSS) in Redaxo advisory
[security bulletin] HPSBUX02789 SSRT100824 rev.3 - HP-UX CIFS Server (Samba), Remote Execution of Arbitrary Code, Elevation of Privileges security-alert

Thursday, 26 July

[security bulletin] HPSBUX02795 SSRT100878 rev.2 - HP-UX Running BIND, Remote Denial of Service (DoS) security-alert
APPLE-SA-2012-07-25-2 Xcode 4.4 Apple Product Security
tekno.Portal 0.1b - SQLi Vulnerability in "anket.php" Socket_0x03
[ MDVSA-2012:112 ] perl-DBD-Pg security
[SECURITY] [DSA 2516-1] isc-dhcp security update Nico Golde
[ MDVSA-2012:113 ] arpwatch security
[ MDVSA-2012:114 ] apache-mod_auth_openid security
[ MDVSA-2012:115 ] dhcp security
[ MDVSA-2012:116 ] dhcp security

Friday, 27 July

[ MDVSA-2012:117 ] python-pycrypto security
Security advisory for Bugzilla 4.3.2, 4.2.2, 4.0.7 and 3.6.10 LpSolit
[ MDVSA-2012:118 ] apache-mod_security security

Monday, 30 July

[slackware-security] bind (SSA:2012-209-01) Slackware Security Team
[ MDVSA-2012:119 ] bind security
[ MDVSA-2012:110-1 ] mozilla security
TWSL2012-014: Multiple Vulnerabilities in Scrutinizer NetFlow & sFlow Analyzer Trustwave Advisories
Spark IM Client Local Password Decryption Adam Caudill
ocPortal 7.1.5 <= | Open URL Redirection Vulnerability YGN Ethical Hacker Group
Security Advisory in LedgerSMBv 1.3.20 and below: Denial of Service vulnerability Chris Travers
Dr. Web Control Center Admin UI Remote Script Code Injection Oliver Karow
DataWatch Monarch BI v5.1 admin section reflected cross-site scripting vulns
DataWatch Monarch Business Intelligence (BI) v5.1 admin section stored cross-site scripting vulns
DataWatch Monarch Business Intelligence (BI) v5.1 client section stored cross-site scripting vulns
DataWatch Monarch Business Intelligence (BI) v5.1 Blind SQL injection vulns
DataWatch Monarch Business Intelligence (BI) v5.1 Admin Section Blind XPath Injection vulns
TEMENOS T24 R07.03 Reflected Cross-Site Scripting vulns
TEMENOS T24 R07.03 Authentication Bypass vulns
[SECURITY] [DSA 2517-1] bind9 security update Nico Golde

Tuesday, 31 July

MITKRB5-SA-2012-001: KDC heap corruption and crash [CVE-2012-1014 CVE-2012-1015] Tom Yu
PreviousPrevious period
Next periodNext