oss-sec: by author
RSS Feed
About List
All Lists
Previous period
250 messages
starting Feb 25 09 and
ending Mar 24 09
Date index |
Thread index |
Author index
Alex Legler
CVE request: Psi <0.12.1 DoS Alex Legler (Feb 25)
CVE Request: Opera <9.64: Execution of arbitrary code Alex Legler (Mar 07)
Andrea Barisani
[oCERT-2009-003] LittleCMS integer errors Andrea Barisani (Mar 20)
Andreas Jellinghaus
OpenSC Security Advisory Andreas Jellinghaus (Feb 26)
Anthony
[Fwd: Cross-Site Scripting in Banshee DAAP Extension] Anthony (Mar 30)
Bernhard R. Link
Re: Fwd: Using xdg-open in /etc/mailcap causes hole in Firefox (Demonstration/Exploit included) Bernhard R. Link (Jan 07)
COLSEC Organizers
COLSEC 2009 CFP: **Update** COLSEC Organizers (Jan 21)
Dan Poltawski
CVS request - Moodle Dan Poltawski (Feb 04)
Eugene Teo
CVE request: kernel: inotify local DoS Eugene Teo (Mar 06)
CVE request: kernel: sctp: memory overflow when FWD-TSN chunk is received with bad stream ID Eugene Teo (Jan 04)
Re: CVE request: kernel: memory disclosure in SO_BSDCOMPAT gsopt Eugene Teo (Mar 03)
CVE request: kernel: skfp_ioctl inverted logic flaw Eugene Teo (Feb 19)
Re: CVE request: kernel: memory disclosure in SO_BSDCOMPAT gsopt Eugene Teo (Feb 24)
CVE request: kernel: KVM: VMX: Dont allow uninhibited access to EFER on i386 Eugene Teo (Mar 31)
CVE request: kernel: memory disclosure in SO_BSDCOMPAT gsopt Eugene Teo (Feb 19)
CVE request: kernel: x86-64: syscall-audit: 32/64 syscall hole Eugene Teo (Mar 01)
Re: CVE request: kernel: inotify local DoS Eugene Teo (Mar 18)
CVE request: kernel: udp: Wrong locking code in udp seq_file infrastructure Eugene Teo (Mar 31)
CVE-2008-4307 kernel: local denial of service in locks_remove_flock Eugene Teo (Jan 13)
CVE-2009-0028 Linux kernel minor signal handling vulnerability Eugene Teo (Mar 10)
Re: CVE request: kernel: memory disclosure in SO_BSDCOMPAT gsopt Eugene Teo (Mar 02)
CVE-2009-0024 kernel: local privilege escalation in sys_remap_file_pages Eugene Teo (Jan 11)
CVE request: kernel: shm: fix shmctl(SHM_INFO) lockup with !CONFIG_SHMEM Eugene Teo (Mar 06)
CVE request: kernel: nfsd did not drop CAP_MKNOD for non-root Eugene Teo (Mar 22)
Re: CVE request: kernel: memory disclosure in SO_BSDCOMPAT gsopt Eugene Teo (Feb 23)
CVE-2009-0778 kernel: rt_cache leak Eugene Teo (Mar 10)
CVE request: kernel: x86-64: seccomp: 32/64 syscall hole Eugene Teo (Mar 01)
Florian Weimer
CVE id request: znc Florian Weimer (Mar 01)
CVE id request: tinydns crafted zone file cache poisoning vulnerability Florian Weimer (Mar 01)
Re: CVE request: kernel: memory disclosure in SO_BSDCOMPAT gsopt Florian Weimer (Mar 04)
Re: Lua 5.1.4 Florian Weimer (Mar 25)
CVE request: WebSVN Florian Weimer (Jan 18)
CVE request: mldonkey arbitrary file download vulnerability Florian Weimer (Feb 23)
CVE request -- git Florian Weimer (Jan 15)
Re: CVE request -- git Florian Weimer (Jan 19)
Hanno Böck
CVE request: XSS in MUC logs of ejabberd Hanno Böck (Mar 16)
CVE request: < tikiwiki 2.3: XSS Hanno Böck (Mar 27)
CVE request: nucleus cms < 3.40 (3.33 and below) directory traversal Hanno Böck (Mar 08)
CVE request: typo3 xss (typo3-sa-2009-002) Hanno Böck (Feb 10)
CVE request: API key disclosure in piwik Hanno Böck (Mar 23)
CVE request: phpbb < 3.0.4 Hanno Böck (Feb 06)
CVE request: SimpleMachinesForum (SMF) < 1.1.8: HTML injection Hanno Böck (Feb 10)
CVE request: XSS in Phorum < 5.2.10 Hanno Böck (Feb 06)
CVE request: dotclear < 2.1.5 XSS Hanno Böck (Mar 08)
Jamie Strandboge
Added protection in KMail when accessing URLs to executables Jamie Strandboge (Feb 26)
CVE request for yaws Jamie Strandboge (Feb 19)
CVE Request: MoinMoin Jamie Strandboge (Jan 27)
Jan Lieskovsky
CVE Request -- net-snmp (sensitive host information disclosure) Jan Lieskovsky (Feb 12)
CVE Request -- gstreamer-plugins-good Jan Lieskovsky (Jan 23)
CVE Request -- pam Jan Lieskovsky (Mar 05)
CVE Request -- (sort of urgent) gstreamer-plugins-good (repost) (more details about affected versions -- final version) Jan Lieskovsky (Jan 29)
Re: CVE Request -- net-snmp (sensitive host information disclosure) Jan Lieskovsky (Feb 12)
CVE Request - php (PHP BZ#27421) Jan Lieskovsky (Jan 29)
CVE request -- zsh, XFree86-xfs/xorg-x11-xfs, screen Jan Lieskovsky (Mar 25)
CVE Request -- tsqllib, slurm-llnl, libnasl, libcrypt-openssl-dsa-perl, erlang, boinc-client, m2crypto Jan Lieskovsky (Jan 12)
CVE request -- Python < 2.6 PySys_SetArgv issues (epiphany, csound, dia, eog, gedit, xchat, vim, nautilus-python, Gnumeric) Jan Lieskovsky (Jan 26)
CVE Request -- openoffice.org (CVE-2008-4841) Jan Lieskovsky (Jan 21)
CVE Request -- (sor of urgent) gstreamer-plugins, gstreamer-plugins-good (repost) Jan Lieskovsky (Jan 29)
CVE Request -- evolution Jan Lieskovsky (Feb 10)
CVE Request -- libmikmod Jan Lieskovsky (Jan 13)
CVE Request -- amarok Jan Lieskovsky (Jan 14)
Re: CVE request -- Python < 2.6 PySys_SetArgv issues (epiphany, csound, dia, eog, gedit, xchat, vim, nautilus-python, Gnumeric) Jan Lieskovsky (Jan 30)
Re: CVE Request -- net-snmp (sensitive host information disclosure) Jan Lieskovsky (Feb 13)
CVE request -- ucd-snmp / net-snmp, libnss-ldapd / nss_ldap Jan Lieskovsky (Mar 23)
CVE request -- firefox, vlc, WeeChat Jan Lieskovsky (Mar 17)
Joe Orton
Re: Re: CVE id request: php5 Joe Orton (Jan 29)
Josh Bressers
libpng non issue Josh Bressers (Jan 09)
Re: CVE id request: php5 Josh Bressers (Jan 28)
libvirt_proxy heads up Josh Bressers (Feb 10)
Re: CVE request: Squid <2.7.6, 3.0.13, 3.1.0.5 DoS Josh Bressers (Feb 06)
CVE Request (mediawiki) Josh Bressers (Feb 09)
Re: CVE Request - php (PHP BZ#27421) Josh Bressers (Feb 25)
Re: CFPs on this list (was: CFP: COLSEC 2009) Josh Bressers (Jan 07)
CVE Request (ruby) Josh Bressers (Feb 12)
Fwd: Using xdg-open in /etc/mailcap causes hole in Firefox (Demonstration/Exploit included) Josh Bressers (Jan 06)
Re: CVE request: Squid <2.7.6, 3.0.13, 3.1.0.5 DoS Josh Bressers (Feb 08)
CVE Request (trickle) Josh Bressers (Jan 29)
Kees Cook
Lua 5.1.4 Kees Cook (Mar 24)
Ludwig Nussel
Re: CVE request - horde, imp Ludwig Nussel (Mar 12)
Marcus Meissner
CVE Request: sblim-sfcb genSslCert.sh temp race Marcus Meissner (Feb 03)
http://www.securityfocus.com/bid/33672/info kernel issue Marcus Meissner (Feb 12)
Re: CVE Request -- amarok Marcus Meissner (Jan 19)
Re: http://www.securityfocus.com/bid/33672/info kernel issue Marcus Meissner (Feb 12)
Re: CVE Request -- amarok Marcus Meissner (Jan 19)
CVE request: optipng security release Marcus Meissner (Feb 24)
CVE Request: winetricks symlink problem Marcus Meissner (Jan 27)
Mark J Cox
Re: http://www.securityfocus.com/bid/33672/info kernel issue Mark J Cox (Feb 12)
Re: CVE request -- Linux kernel irda driver buffer overflow Mark J Cox (Jan 26)
CVE-2009-0031 kernel: local denial of service in keyctl_join_session_keyring Mark J Cox (Jan 19)
Matti Bickel
CVE request - openfire Matti Bickel (Mar 21)
Michael K. Johnson
Re: lxc-sshd security issues? Michael K. Johnson (Mar 18)
lxc-sshd security issues? Michael K. Johnson (Mar 04)
Re: CVE request: kernel: inotify local DoS Michael K. Johnson (Mar 19)
Re: lxc-sshd security issues? Michael K. Johnson (Mar 05)
Re: CVE Request: Poppler -Two Denial of Service Vulnerabilities Michael K. Johnson (Feb 19)
Re: CVE request: kernel: inotify local DoS Michael K. Johnson (Mar 18)
Miklos Vajna
Re: CVE request -- Linux kernel irda driver buffer overflow Miklos Vajna (Jan 27)
CVE request -- Linux kernel irda driver buffer overflow Miklos Vajna (Jan 26)
Moritz Muehlenhoff
CVE requests: Bugzilla Moritz Muehlenhoff (Feb 04)
CVE request: ktorrent Moritz Muehlenhoff (Jan 08)
Re: CVE request -- firefox, vlc, WeeChat Moritz Muehlenhoff (Mar 17)
Nico Golde
clarification on CVE-2008-5687 (mediawiki) Nico Golde (Jan 07)
update on CVE-2008-5718 Nico Golde (Jan 13)
Re: CFPs on this list (was: CFP: COLSEC 2009) Nico Golde (Jan 07)
Re: CVE request -- ucd-snmp / net-snmp, libnss-ldapd / nss_ldap Nico Golde (Mar 23)
Re: libpng non issue Nico Golde (Jan 18)
Re: CVE id request: typo3 SA-2009-001 Nico Golde (Jan 23)
CVE id request: ldns Nico Golde (Mar 24)
CVE id request: typo3 SA-2009-001 Nico Golde (Jan 22)
Re: CVE id request: audiofile Nico Golde (Jan 03)
Re: CVE-2009-0876 (VirtualBox) references Nico Golde (Mar 17)
Re: update on CVE-2008-5718 Nico Golde (Jan 14)
Re: update on CVE-2008-5718 Nico Golde (Jan 28)
CVE-2008-6049 is bogus Nico Golde (Feb 08)
Re: CVE-2009-0876 (VirtualBox) references Nico Golde (Mar 17)
organiser () syscan org
SyScan'09 Call For Paper - Shanghai, Hong Kong, Singapore, Taipei organiser () syscan org (Jan 12)
Re: SyScan'09 Call For Paper - Shanghai, Hong Kong, Singapore, Taipei organiser () syscan org (Feb 18)
Patrice CLEMENTE
CFP: COLSEC 2009 Patrice CLEMENTE (Jan 07)
Pierre-Yves Rofes
CVE Request: courier-authlib < 0.62.0 SQL Injection Pierre-Yves Rofes (Mar 10)
Pinar Yanardag
CVE Request: Poppler -Two Denial of Service Vulnerabilities Pinar Yanardag (Feb 13)
CVE Request: pycrypto Pinar Yanardag (Feb 07)
CVE Request: Wireshark DoS Pinar Yanardag (Mar 31)
CVE Request: mpfr (Buffer Overflow) Pinar Yanardag (Mar 02)
Raphael Geissert
Re: CVE id request: php5 Raphael Geissert (Jan 28)
Raphael Marichez
CVE id request: Tor <0.2.0.34 multiple DoS Raphael Marichez (Mar 01)
Robby Workman
CVE Request - Wicd <= 1.5.8 Robby Workman (Feb 06)
Robert Buchholz
CVE request: Tor <0.2.0.33 Heap corruption Robert Buchholz (Jan 23)
Re: CVE request: Squid <2.7.6, 3.0.13, 3.1.0.5 DoS Robert Buchholz (Feb 07)
Re: CVE request: optipng security release Robert Buchholz (Feb 25)
CVE request: libpng memory leak Robert Buchholz (Feb 12)
Re: CVE request -- Python < 2.6 PySys_SetArgv issues (epiphany, csound, dia, eog, gedit, xchat, vim, nautilus-python, Gnumeric) Robert Buchholz (Jan 28)
CVE request: Openfire <3.6.3 XSS vulnerabilities Robert Buchholz (Feb 04)
CVE request: ffmpeg <r16846 Type conversion vulnerability Robert Buchholz (Feb 04)
Re: [oCERT-2008-015] glib and glib-predecessor heap overflows Robert Buchholz (Mar 16)
Re: CVE Request -- net-snmp (sensitive host information disclosure) Robert Buchholz (Feb 12)
CVE-2009-0876 (VirtualBox) references Robert Buchholz (Mar 15)
CVE request: Squid <2.7.6, 3.0.13, 3.1.0.5 DoS Robert Buchholz (Feb 04)
CVE request: Audacity <1.3.6 Buffer overflow Robert Buchholz (Feb 04)
Sebastian Krahmer
Re: CVE request -- git Sebastian Krahmer (Jan 20)
Re: CVE request -- git Sebastian Krahmer (Jan 20)
Solar Designer
local list archive Solar Designer (Feb 09)
CFPs on this list (was: CFP: COLSEC 2009) Solar Designer (Jan 07)
Debian's list of embedded code copies Solar Designer (Feb 09)
Steffen Joeris
CVE id request: avahi Steffen Joeris (Mar 01)
CVE id request: php5 Steffen Joeris (Jan 28)
CVE id request: mahara Steffen Joeris (Feb 04)
mod-auth-mysql: SQL injection Steffen Joeris (Jan 21)
CVE id request: auth2db Steffen Joeris (Mar 30)
Re: CVE Request: courier-authlib < 0.62.0 SQL Injection Steffen Joeris (Mar 10)
CVE id request: dkim-milter Steffen Joeris (Mar 01)
Steven M. Christey
Re: CVE request: < tikiwiki 2.3: XSS Steven M. Christey (Mar 31)
Re: CVE request -- ucd-snmp / net-snmp, libnss-ldapd / nss_ldap Steven M. Christey (Mar 24)
Re: CVE request for proftpd Steven M. Christey (Feb 12)
Re: CVE-2009-0876 (VirtualBox) references Steven M. Christey (Mar 17)
Re: CVE id request: audiofile Steven M. Christey (Jan 07)
Re: CVE Request - php (PHP BZ#27421) Steven M. Christey (Feb 03)
Re: CVE Request -- openoffice.org (CVE-2008-4841) Steven M. Christey (Jan 22)
Re: mod-auth-mysql: SQL injection Steven M. Christey (Jan 22)
Re: Lua 5.1.4 Steven M. Christey (Mar 24)
Re: CVE request: WebSVN Steven M. Christey (Jan 20)
Re: CVE request -- git Steven M. Christey (Jan 22)
Re: CVE request: Audacity <1.3.6 Buffer overflow Steven M. Christey (Feb 09)
Re: Fwd: Using xdg-open in /etc/mailcap causes hole in Firefox (Demonstration/Exploit included) Steven M. Christey (Jan 07)
Re: [Fwd: Cross-Site Scripting in Banshee DAAP Extension] Steven M. Christey (Mar 30)
Re: CVE request: XSS in Phorum < 5.2.10 Steven M. Christey (Feb 09)
Re: CVE id request: typo3 SA-2009-001 Steven M. Christey (Jan 22)
Re: CVE request (vim) Steven M. Christey (Feb 21)
Re: CVE request: API key disclosure in piwik Steven M. Christey (Mar 25)
Re: CVE request: kernel: inotify local DoS Steven M. Christey (Mar 17)
Re: CVE request: xrdp Steven M. Christey (Jan 20)
Re: CVE request - ganglia Steven M. Christey (Feb 03)
Re: CVE Request: MoinMoin Steven M. Christey (Jan 27)
Re: CVE Request: pycrypto Steven M. Christey (Feb 12)
Re: CVE requests: Bugzilla Steven M. Christey (Feb 09)
Re: CVE request - Vim netrw.plugin Steven M. Christey (Feb 21)
Re: CVE request: ffmpeg <r16846 Type conversion vulnerability Steven M. Christey (Feb 09)
Re: CVE Request -- net-snmp (sensitive host information disclosure) Steven M. Christey (Feb 12)
Re: clarification on CVE-2008-5687 (mediawiki) Steven M. Christey (Jan 07)
Re: CVE Request -- tsqllib, slurm-llnl, libnasl, libcrypt-openssl-dsa-perl, erlang, boinc-client, m2crypto Steven M. Christey (Jan 20)
Re: CVE request: Openfire <3.6.3 XSS vulnerabilities Steven M. Christey (Feb 09)
Re: CVE request: optipng security release Steven M. Christey (Mar 02)
Re: CVE Request -- amarok Steven M. Christey (Jan 20)
Re: CVE request -- Python < 2.6 PySys_SetArgv issues (epiphany, csound, dia, eog, gedit, xchat, vim, nautilus-python, Gnumeric) Steven M. Christey (Feb 03)
Re: CVE id request: phpMyAdmin Steven M. Christey (Mar 30)
Re: CVE request - openfire Steven M. Christey (Mar 24)
Re: CVE request: kernel: memory disclosure in SO_BSDCOMPAT gsopt Steven M. Christey (Mar 02)
Re: CVE id request: mahara Steven M. Christey (Feb 09)
Re: Re: CVE id request: php5 Steven M. Christey (Jan 29)
Re: CVE request: kernel: nfsd did not drop CAP_MKNOD for non-root Steven M. Christey (Mar 24)
Re: CVE-2008-5621 is a duplicate (was: Re: [oss-security] CVE request: phpMyAdmin < 3.1.1.0 (SQL injection through XSRF on several pages )) Steven M. Christey (Mar 19)
Re: CVE request: kernel: skfp_ioctl inverted logic flaw Steven M. Christey (Feb 22)
Re: CVE request: kernel: memory disclosure in SO_BSDCOMPAT gsopt Steven M. Christey (Feb 22)
Re: CVE Request - Wicd <= 1.5.8 Steven M. Christey (Feb 09)
Re: update on CVE-2008-5718 Steven M. Christey (Jan 28)
Re: CVE id request: ldns Steven M. Christey (Mar 25)
Re: CVE Request -- (sort of urgent) gstreamer-plugins-good (repost) (more details about affected versions -- final version) Steven M. Christey (Feb 03)
Re: CVE request: jhead Steven M. Christey (Mar 19)
Re: CVE id request: Tor <0.2.0.34 multiple DoS Steven M. Christey (Mar 17)
Re: CVE request: kernel: sctp: memory overflow when FWD-TSN chunk is received with bad stream ID Steven M. Christey (Jan 07)
Re: CVE request: nucleus cms < 3.40 (3.33 and below) directory traversal Steven M. Christey (Mar 17)
Re: lxc-sshd security issues? Steven M. Christey (Mar 17)
Re: CVE request: Squid <2.7.6, 3.0.13, 3.1.0.5 DoS Steven M. Christey (Feb 08)
Re: CVE request - ganglia Steven M. Christey (Jan 20)
Re: CVE request -- zsh, XFree86-xfs/xorg-x11-xfs, screen Steven M. Christey (Mar 31)
Re: CVE id request: tinydns crafted zone file cache poisoning vulnerability Steven M. Christey (Mar 16)
Re: CVE request: XSS in MUC logs of ejabberd Steven M. Christey (Mar 17)
Re: CVE request - horde, imp Steven M. Christey (Mar 17)
Re: Vim CVE issues cleanup (plugins tar.vim, zip.vim) - CVE-2008-3074 and CVE-2008-3075 Steven M. Christey (Feb 21)
Re: update on CVE-2008-5718 Steven M. Christey (Jan 28)
Re: CVE request -- postgresql Steven M. Christey (Mar 17)
Re: CVS request - Moodle Steven M. Christey (Feb 09)
Re: CVE Request: winetricks symlink problem Steven M. Christey (Jan 27)
Re: CVE request - pdfjam Steven M. Christey (Jan 07)
new dns2tcp buffer overflow in 0.4.2? Steven M. Christey (Feb 24)
Re: CVE request: Tor <0.2.0.33 Heap corruption Steven M. Christey (Feb 03)
Re: CVE request -- Python < 2.6 PySys_SetArgv issues (epiphany, csound, dia, eog, gedit, xchat, vim, nautilus-python, Gnumeric) Steven M. Christey (Jan 27)
Re: CVE request - horde XSS Steven M. Christey (Jan 20)
Re: CVE request -- git Steven M. Christey (Jan 20)
Thijs Kinkhorst
CVE id request: phpMyAdmin Thijs Kinkhorst (Mar 25)
CVE-2008-5621 is a duplicate (was: Re: [oss-security] CVE request: phpMyAdmin < 3.1.1.0 (SQL injection through XSRF on several pages )) Thijs Kinkhorst (Feb 12)
Thomas Biege
Re: update on CVE-2008-5718 Thomas Biege (Jan 28)
Re: update on CVE-2008-5718 Thomas Biege (Jan 14)
Re: update on CVE-2008-5718 Thomas Biege (Jan 14)
CVE request: xrdp Thomas Biege (Jan 12)
Re: update on CVE-2008-5718 Thomas Biege (Jan 28)
TJ Saunders
Re: CVE request for proftpd TJ Saunders (Feb 11)
Re: CVE request for proftpd TJ Saunders (Feb 11)
Tomas Hoger
Re: CVE request -- git Tomas Hoger (Jan 21)
Re: CVE request: ffmpeg <r16846 Type conversion vulnerability Tomas Hoger (Feb 04)
Re: CVE request -- git Tomas Hoger (Jan 20)
Re: CVE requests: Bugzilla Tomas Hoger (Feb 06)
Re: CVE request: jhead Tomas Hoger (Feb 06)
CVE request - horde, imp Tomas Hoger (Jan 28)
CVE request - horde XSS Tomas Hoger (Jan 20)
Re: CVE request -- git Tomas Hoger (Jan 20)
Re: CVE request -- git Tomas Hoger (Jan 23)
Re: CVE request - ganglia Tomas Hoger (Jan 26)
Re: CVE Request -- amarok Tomas Hoger (Jan 19)
CVE request - ganglia Tomas Hoger (Jan 15)
Vincent Danen
Re: CVE request -- ucd-snmp / net-snmp, libnss-ldapd / nss_ldap Vincent Danen (Mar 24)
Re: CVE request -- ucd-snmp / net-snmp, libnss-ldapd / nss_ldap Vincent Danen (Mar 24)
CVE request for proftpd Vincent Danen (Feb 11)
Re: CVE request for proftpd Vincent Danen (Feb 11)
Re: CVE request for proftpd Vincent Danen (Feb 11)
CVE request -- postgresql Vincent Danen (Mar 11)
Re: CVE request for proftpd Vincent Danen (Feb 11)
Will Drewry
[oCERT-2008-016] Multiple OpenSSL signature verification API misuses Will Drewry (Jan 07)
[oCERT-2009-002] OpenCORE insufficient bounds checking during MP3 decoding Will Drewry (Feb 07)
[oCERT-2008-015] glib and glib-predecessor heap overflows Will Drewry (Mar 12)
yersinia
Re: CVE request -- ucd-snmp / net-snmp, libnss-ldapd / nss_ldap yersinia (Mar 24)