Bugtraq: by thread
192 messages
starting Apr 01 13 and
ending Apr 30 13
Date index |
Thread index |
Author index
- MailOrderWorks v5.907 - Multiple Web Vulnerabilities Vulnerability Lab (Apr 01)
- [security bulletin] HPSBUX02859 SSRT101144 rev.1 - HP-UX Running XNTP, Remote Denial of Service (DoS) and Execute Arbitrary Code security-alert (Apr 01)
- [Suspected Spam] [slackware-security] libssh (SSA:2013-087-01) Slackware Security Team (Apr 01)
- [waraxe-2013-SA#100] - Update Spoofing Vulnerability in mRemote 1.50 come2waraxe (Apr 01)
- [waraxe-2013-SA#101] - Update Spoofing Vulnerability in Royal TS 2.1.5 come2waraxe (Apr 01)
- Authentication bypass on Netgear WNR1000 roberto (Apr 01)
- [SECURITY] [DSA 2656-1] bind9 security update Salvatore Bonaccorso (Apr 01)
- US-CERT Alert TA13-088A: DNS Amplification Attacks US-CERT Alerts (Apr 01)
- [security bulletin] HPSBUX02860 SSRT101146 rev.1 - HP-UX Apache Running Tomcat Servlet Engine, Remote Denial of Service (DoS), Access Restriction Bypass, Unauthorized Modification and Other Vulnerabilities security-alert (Apr 01)
- Remote command execution in Ruby Gem ldoce 0.0.2 larry0 (Apr 02)
- NGS00248 Patch Notification: Virtual Access Monitor Multiple SQL Injection Vulnerabilities NCC Group Research (Apr 02)
- FreeBSD Security Advisory FreeBSD-SA-13:03.openssl FreeBSD Security Advisories (Apr 03)
- FreeBSD Security Advisory FreeBSD-SA-13:04.bind FreeBSD Security Advisories (Apr 03)
- SEC Consult SA-20130403-0 :: Multiple vulnerabilities in Sophos Web Protection Appliance SEC Consult Vulnerability Lab (Apr 03)
- Google AD Sync Tool - Exposure of Sensitive Information Vulnerability - Security Advisory - SOS-13-001 Lists (Apr 03)
- [slackware-security] mozilla-thunderbird (SSA:2013-093-02) Slackware Security Team (Apr 03)
- [slackware-security] mozilla-firefox (SSA:2013-093-01) Slackware Security Team (Apr 03)
- SQL Injection Vulnerability in Symphony advisory (Apr 03)
- PHP Code Injection in FUDforum advisory (Apr 03)
- TC-SA-2013-01: Reflected Cross-Site-Scripting (XSS) vulnerability in e107 CMS v1.0.2 Simon Bieber (Apr 03)
- Novell GroupWise Multiple Remote Code Execution Vulnerabilities advisory (Apr 03)
- [ MDVSA-2013:015-1 ] apache security (Apr 04)
- <Possible follow-ups>
- [ MDVSA-2013:015-1 ] apache security (Apr 04)
- Groovy Media Player buffer overflow Vulnerability akshay . vaghela (Apr 04)
- SEC Consult 20130404-0 :: Multiple Vulnerabilities in Censornet Professional v4 (2.1.7) SEC Consult Vulnerability Lab (Apr 04)
- [ MDVSA-2013:016 ] apache-mod_security security (Apr 04)
- [ MDVSA-2013:017 ] arpwatch security (Apr 04)
- [SECURITY] [DSA 2658-1] postgresql-9.1 security update Giuseppe Iuculano (Apr 04)
- GreHack 2013 - Call For Papers - November 15, Grenoble, France F. Duchene (Apr 04)
- [SECURITY] [DSA 2657-1] postgresql-8.4 security update Giuseppe Iuculano (Apr 04)
- [ MDVSA-2013:018 ] automake security (Apr 04)
- [SECURITY] [DSA 2654-1] libxslt security update Salvatore Bonaccorso (Apr 04)
- Hackersh 0.1 Release Announcement Itzik Kotler (Apr 04)
- [ MDVSA-2013:019 ] bash security (Apr 05)
- [ MDVSA-2013:027-1 ] clamav security (Apr 05)
- [slackware-security] subversion (SSA:2013-095-01) Slackware Security Team (Apr 08)
- [ MDVSA-2013:029 ] apache-mod_security security (Apr 08)
- [ MDVSA-2013:030 ] arpwatch security (Apr 08)
- [ MDVSA-2013:031 ] automake security (Apr 08)
- [ MDVSA-2013:032 ] bash security (Apr 08)
- [ MDVSA-2013:023-1 ] coreutils security (Apr 08)
- [ MDVSA-2013:033 ] cronie security (Apr 08)
- Aastra IP Telephone hardcoded telnet admin password Timo Juhani Lindfors (Apr 08)
- [ MDVSA-2013:034 ] cups security (Apr 08)
- [ MDVSA-2013:035 ] libexif security (Apr 08)
- [ MDVSA-2013:036 ] exif security (Apr 08)
- [ MDVSA-2013:037 ] fetchmail security (Apr 08)
- [ MDVSA-2013:038 ] freeradius security (Apr 08)
- [ MDVSA-2013:039 ] freetype2 security (Apr 08)
- [ MDVSA-2013:001-1 ] gnupg security (Apr 08)
- [ MDVSA-2013:040 ] gnutls security (Apr 08)
- [ MDVSA-2013:041 ] html2ps security (Apr 08)
- [security bulletin] HPSBMU02785 SSRT100526 rev.2 - HP LoadRunner Running on Windows, Remote Execution of Arbitrary Code, Denial of Service (DoS) security-alert (Apr 08)
- [ MDVSA-2013:042 ] krb5 security (Apr 08)
- [ MDVSA-2013:043 ] libgssglue security (Apr 08)
- [ MDVSA-2013:044 ] libjpeg security (Apr 08)
- [ MDVSA-2013:045 ] libssh security (Apr 08)
- [ MDVSA-2013:046 ] libtiff security (Apr 08)
- [ MDVSA-2013:047 ] libxslt security (Apr 08)
- [ MDVSA-2013:048 ] ncpfs security (Apr 08)
- [ MDVSA-2013:049 ] net-snmp security (Apr 08)
- [ MDVSA-2013:050 ] nss security (Apr 08)
- [ MDVSA-2013:051 ] openssh security (Apr 08)
- [ MDVSA-2013:052 ] openssl security (Apr 08)
- [ MDVSA-2013:053 ] proftpd security (Apr 08)
- [ MDVSA-2013:054 ] sudo security (Apr 08)
- [ MDVSA-2013:055 ] wireshark security (Apr 08)
- Vanilla Forums 2.0.18 / SQL-Injection / Insert arbitrary user & dump usertable mschratt (Apr 08)
- Multiple Vulnerabilities in D-Link devices devnull (Apr 08)
- [slackware-security] seamonkey (SSA:2013-097-01) Slackware Security Team (Apr 08)
- [ MDVSA-2013:056 ] libxml2 security (Apr 08)
- [ MDVSA-2013:057 ] xinetd security (Apr 08)
- [ MDVSA-2013:058 ] bind security (Apr 08)
- [ MDVSA-2013:059 ] dhcp security (Apr 08)
- [ MDVSA-2013:060 ] accountsservice security (Apr 08)
- [ MDVSA-2013:061 ] awstats security (Apr 08)
- [ MDVSA-2013:062 ] backuppc security (Apr 08)
- [ MDVSA-2013:063 ] bip security (Apr 08)
- [ MDVSA-2013:064 ] bogofilter security (Apr 08)
- [ MDVSA-2013:065 ] boost security (Apr 08)
- [ MDVSA-2013:066 ] bugzilla security (Apr 08)
- [ MDVSA-2013:067 ] couchdb security (Apr 08)
- [ MDVSA-2013:068 ] courier-authlib security (Apr 08)
- [ MDVSA-2013:069 ] cups-pk-helper security (Apr 08)
- [ MDVSA-2013:070 ] dbus security (Apr 08)
- [ MDVSA-2013:071 ] dbus-glib security (Apr 08)
- [CVE-2012-5389] Null Pointer Derefence in Dart Webserver <= 1.9.2 Ken (Apr 08)
- [CVE-REQUEST] Multiple CSRF vulnerabilities on Foscam IP cameras web UI shekyan (Apr 08)
- [ISecAuditors Security Advisories] Multiple Full Path Disclosure Vulnerabilities in TinyWebGallery <= v1.8.9 ISecAuditors Security Advisories (Apr 08)
- [ MDVSA-2013:072 ] dnsmasq security (Apr 09)
- [ MDVSA-2013:073 ] dokuwiki security (Apr 09)
- [ MDVSA-2013:074 ] drupal security (Apr 09)
- [ MDVSA-2013:075 ] elinks security (Apr 09)
- [ MDVSA-2013:076 ] emacs security (Apr 09)
- [ MDVSA-2013:081 ] gegl security (Apr 09)
- [ MDVSA-2013:082 ] gimp security (Apr 09)
- [ MDVSA-2013:083 ] glib2.0 security (Apr 09)
- [ MDVSA-2013:084 ] gnome-keyring security (Apr 09)
- [ MDVSA-2013:085 ] groff security (Apr 09)
- [ MDVSA-2013:086 ] groff security (Apr 09)
- [ MDVSA-2013:087 ] firefox security (Apr 09)
- [ MDVSA-2013:088 ] hplip security (Apr 09)
- [ MDVSA-2013:089 ] icclib security (Apr 09)
- [ MDVSA-2013:090 ] argyllcms security (Apr 09)
- [ MDVSA-2013:091 ] icecast security (Apr 09)
- [ MDVSA-2013:092 ] imagemagick security (Apr 09)
- Hackito Ergo Sum 2013 Speaker Announcement! Alexandre De Oliveira (Apr 09)
- CVE-2013-0798 : World read and write access to app_tmp directory on Android suzuki (Apr 09)
- [waraxe-2013-SA#102] - Reflected XSS in phpMyAdmin 3.5.7 come2waraxe (Apr 09)
- [ MDVSA-2013:078 ] fail2ban security (Apr 09)
- [ MDVSA-2013:077 ] ettercap security (Apr 09)
- Remote command injection in Ruby Gem kelredd-pruview 0.3.8 larry0 (Apr 12)
- [ MDVSA-2013:142 ] postgresql security (Apr 12)
- [ MDVSA-2013:143 ] poppler security (Apr 16)
- DDIVRT-2013-52 Dell EqualLogic PS6110X Directory Traversal ddivulnalert (Apr 16)
- [security bulletin] HPSBUX02866 SSRT101139 rev.1 - HP-UX Running Apache, Remote Denial of Service (DoS), Execution of Arbitrary Code and other vulnerabilities security-alert (Apr 16)
- [SE-2012-01] Details of issues fixed by Java SE 7 Update 21 Security Explorations (Apr 17)
- Re: [SE-2012-01] Details of issues fixed by Java SE 7 Update 21 Security Explorations (Apr 17)
- [ESNC-2013-001] Privilege Escalation in SAP Healthcare Industry Solution ESNC Security (Apr 17)
- Sitecom WLM-3500 backdoor accounts roberto . paleari (Apr 17)
- [ESNC-2013-002] Privilege Escalation in SAP Production Planning and Control ESNC Security (Apr 17)
- [ESNC-2013-003] Remote OS Command Execution in SAP BASIS Communication Services ESNC Security (Apr 17)
- [ MDVSA-2013:144 ] phpmyadmin security (Apr 17)
- APPLE-SA-2013-04-16-1 Safari 6.0.4 Apple Product Security (Apr 17)
- APPLE-SA-2013-04-16-2 Java for OS X 2013-003 and Mac OS X v10.6 Update 15 Apple Product Security (Apr 17)
- Open-Xchange Security Advisory 2013-04-17 Martin Braun (Apr 17)
- Multiple Vulnerabilities in KrisonAV CMS advisory (Apr 17)
- SI6 Networks' IPv6 Toolkit v1.3.4 released! Fernando Gont (Apr 17)
- Cisco Security Advisory: Cisco Network Admission Control Manager SQL Injection Vulnerability Cisco Systems Product Security Incident Response Team (Apr 18)
- Cisco Security Advisory: Cisco TelePresence Infrastructure Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Apr 18)
- SEC Consult SA-20130417-1 :: Java ActiveX Control Memory Corruption SEC Consult Vulnerability Lab (Apr 18)
- <Possible follow-ups>
- Re: SEC Consult SA-20130417-1 :: Java ActiveX Control Memory Corruption SEC Consult Vulnerability Lab (Apr 19)
- [SECURITY] [DSA 2661-1] xorg-server security update Yves-Alexis Perez (Apr 18)
- DC4420 - London DEFCON - April meet - Tuesday 23rd April 2013 Major Malfunction (Apr 18)
- SEC Consult SA-20130417-2 :: HTTP header injection/Cache poisoning in Oracle WebCenter Sites Satellite Server SEC Consult Vulnerability Lab (Apr 18)
- VUPEN Security Research - Oracle Java JavaFX Video Frame Decoding Remote Heap Overflow (Pwn2Own 2013) VUPEN Security Research (Apr 18)
- [SECURITY] [DSA 2662-1] xen security update Salvatore Bonaccorso (Apr 18)
- CVE-2013-2504 : Matrix42 Service Desk XSS 43z sec (Apr 18)
- SEC Consult 20130417-0 :: Multiple vulnerabilities in Sosci Survey SEC Consult Vulnerability Lab (Apr 18)
- VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555) VUPEN Security Research (Apr 19)
- TWSL2013-004: Group Name Enumeration Vulnerability in Cisco IKE Implementation Trustwave Advisories (Apr 19)
- [ MDVSA-2013:145 ] java-1.6.0-openjdk security (Apr 19)
- [ MDVSA-2013:146 ] icedtea-web security (Apr 19)
- [ MDVSA-2013:147 ] libarchive security (Apr 22)
- [SECURITY] [DSA 2660-1] curl security update Salvatore Bonaccorso (Apr 22)
- [SE-2012-01] Yet another Reflection API flaw affecting Oracle's Java SE Security Explorations (Apr 22)
- 44Café 23rd April details Steve (Apr 22)
- [SQLi] vBilling for FreeSWITCH Michał Błaszczak (Apr 22)
- Multiple Vulnerabilities in D'Link DIR-615 - Hardware revision D3 / DIR-300 - Hardware revision A devnull (Apr 23)
- [ MDVSA-2013:148 ] roundcubemail security (Apr 23)
- [ MDVSA-2013:149 ] roundcubemail security (Apr 23)
- [ MDVSA-2013:150 ] mysql security (Apr 23)
- [SECURITY] [DSA 2663-1] tinc security update Yves-Alexis Perez (Apr 23)
- [security bulletin] HPSBHF02865 SSRT101158 rev.1 - HP ElitePad 900, Secure Boot Configuration Inconsistency security-alert (Apr 24)
- Cisco/Linksys HTTP Service Remote DoS (Denial of Service) Carl Benedict (Apr 24)
- [ESNC-2013-004] Remote ABAP Code Injection in OpenText/IXOS ECM for SAP NetWeaver ESNC Security (Apr 24)
- Cisco Security Advisory: Cisco Device Manager Command Execution Vulnerability Cisco Systems Product Security Incident Response Team (Apr 25)
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified Computing System Cisco Systems Product Security Incident Response Team (Apr 25)
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco NX-OS-Based Product Cisco Systems Product Security Incident Response Team (Apr 25)
- [waraxe-2013-SA#103] - Multiple Vulnerabilities in phpMyAdmin come2waraxe (Apr 25)
- Nginx ngx_http_close_connection function integer overflow safe3q (Apr 25)
- Re: Nginx ngx_http_close_connection function integer overflow Maxim Konovalov (Apr 29)
- Re: Nginx ngx_http_close_connection function integer overflow Maxim Konovalov (Apr 29)
- Re: Nginx ngx_http_close_connection function integer overflow Maxim Konovalov (Apr 29)
- Borland Caliber 11.0 Quiksoft EasyMail SMTP Object Buffer Overflows nospam (Apr 26)
- Borland Silk Central 12.1 TeeChart Pro Activex control AddSeries Remote Code Execution nospam (Apr 26)
- Multiple Vulnerabilities in D'Link DIR-635 devnull (Apr 26)
- [security bulletin] HPSBMU02830 SSRT100889 rev.2 - HP Data Protector, Local Increase of Privilege security-alert (Apr 26)
- [security bulletin] HPSBPI02868 SSRT101017 rev.1 - HP Managed Printing Administration (MPA), Remote Cross Site Scripting (XSS) security-alert (Apr 29)
- [security bulletin] HPSBPI02869 SSRT100936 rev.1 - HP LaserJet MFP Printers, HP Color LaserJet MFP Printers, Certain HP LaserJet Printers, Remote Unauthorized Access to Files security-alert (Apr 29)
- Hacking IPv6 networks training (slideware, upcoming trainings, etc.) Fernando Gont (Apr 29)
- EDSC 2013 CFP Open Michael Eddington (Apr 29)
- [ MDVSA-2013:151 ] curl security (Apr 29)
- [ MDVSA-2013:152 ] subversion security (Apr 29)
- [ MDVSA-2013:153 ] subversion security (Apr 29)
- [KIS-2013-04] Joomla! <= 3.0.3 (remember.php) PHP Object Injection Vulnerability Egidio Romano (Apr 29)
- Cisco/Linksys E1200 N300 Reflected XSS Carl Benedict (Apr 29)
- [ MDVSA-2013:154 ] util-linux security (Apr 29)
- [ MDVSA-2013:155 ] fuse security (Apr 29)
- [security bulletin] HPSBMU02873 SSRT101182 rev.1 - HP Service Manager, Apache Tomcat Security Update security-alert (Apr 30)
- [security bulletin] HPSBMU02874 SSRT101184 rev.1 - HP Service Manager, Java Runtime Environment (JRE) Security Update security-alert (Apr 30)
- [ MDVSA-2013:156 ] apache-mod_security security (Apr 30)
- FreeBSD Security Advisory FreeBSD-SA-13:05.nfsserver FreeBSD Security Advisories (Apr 30)
- FreeBSD Security Advisory FreeBSD-SA-13:05.nfsserver [REVISED] FreeBSD Security Advisories (Apr 30)
- CORE-2013-0303 - D-Link IP Cameras Multiple Vulnerabilities CORE Security Technologies Advisories (Apr 30)
- Personal File Share HTTP Server Remote Overflow Vulnerability demonalex (Apr 30)
- WowzaMediaServer StorageDir escape (regression) Michal J. (Apr 30)
- WowzaMediaServer SecureToken bypass (and worse) Michal J. (Apr 30)
- Syslog Watcher Pro 'Date' Parameter Cross Site Scripting Vulnerability demonalex (Apr 30)
- [security bulletin] HPSBMU02872 SSRT101185 rev.1 - HP Service Manager, Remote Disclosure of Information, Cross Site Scripting(XSS) security-alert (Apr 30)
- [ MDVSA-2013:157 ] krb5 security (Apr 30)
- [ MDVSA-2013:158 ] krb5 security (Apr 30)
- [SECURITY] [DSA 2665-1] strongswan security update Yves-Alexis Perez (Apr 30)