Bugtraq: by date
RSS Feed
About List
All Lists
Previous period
318 messages
starting Dec 01 09 and
ending Dec 31 09
Date index |
Thread index |
Author index
Tuesday, 01 December
Re: [Full-disclosure] ** FreeBSD local r00t zeroday Ed Carp
WinAppDbg 1.3 is out! Mario Alejandro Vilas Jerez
[oCERT-2009-017] PHP multiple issues Andrea Barisani
** FreeBSD local r00t zeroday Kingcope
Re: [Full-disclosure] ** FreeBSD local r00t zeroday Ryan Steinmetz
Upcoming FreeBSD Security Advisory FreeBSD Security Officer
AST-2009-010: RTP Remote Crash Vulnerability Asterisk Security Team
Theeta CMS (Cross Site Scripting,SQL Injection) Multiple Vulnerabilities c0dy
Wednesday, 02 December
Re: [rejected] Oracle exploit for CTXSYS.DRVXTABC.CREATE_TABLES and others Andrea Purificato
Secunia Research: Roxio Creator Image Rendering Integer Overflow Vulnerability Secunia Research
40 vulnerabilities in SMF 1.1.10/SMF 2.0RC2 by elhacker.net (Simple Audit) smf2 . review
Re: [Full-disclosure] Remote Command Execution in dotDefender Site Management Andrew Farmer
Re: ** FreeBSD local r00t zeroday Robert BARABAS
[ GLSA 200912-01 ] OpenSSL: Multiple vulnerabilities Alex Legler
Same-origin policy bypass vulnerabilities in several VPN products reported Juha-Matti Laurio
Secunia Research: Lateral Arts Photobox uploader ActiveX Control Buffer Overflow Secunia Research
Re: ** FreeBSD local r00t zeroday Barkın KILIÇ
Call for Papers - you Sh0t the Sheriff 4 - Security Conference, Brazil Luiz Eduardo
Thursday, 03 December
[SECURITY] [DSA 1943-1] New openldap2.3/openldap packages fix SSL certificate verification weakness Giuseppe Iuculano
[ MDVSA-2009:121-1 ] lcms security
Adobe Illustrator CS4 (V14.0.0) Encapsulated Postscript (.eps) Overlong DSC Comment Buffer Overflow Exploit nospam
Re: Millions of PDF invisibly embedded with your internal disk paths Pavel Machek
FreeBSD Security Advisory FreeBSD-SA-09:15.ssl FreeBSD Security Advisories
FreeBSD Security Advisory FreeBSD-SA-09:16.rtld FreeBSD Security Advisories
FreeBSD Security Advisory FreeBSD-SA-09:17.freebsd-update FreeBSD Security Advisories
[SECURITY] [DSA 1944-1] New request-tracker packages fix session hijack vulnerability Steffen Joeris
[SECURITY] [DSA 1945-1] New gforge packages fix denial of service Steffen Joeris
[ MDVSA-2009:197-3 ] nss security
[ MDVSA-2009:217-3 ] mozilla-thunderbird security
[ MDVSA-2009:107-1 ] acpid security
[ MDVSA-2009:112-1 ] ipsec-tools security
[ MDVSA-2009:103-1 ] udev security
[ MDVSA-2009:106-1 ] libwmf security
[ MDVSA-2009:108-1 ] zsh security
U.S. Defense Information Systems Agency (DISA) Unix Security Readiness Review (SRR) root compromise / VU#433821 Frank Stuart
[ MDVSA-2009:309 ] ntp security
[ MDVSA-2009:113-1 ] cyrus-sasl security
[USN-863-1] QEMU vulnerability Jamie Strandboge
CORE-2009-0911: DAZ Studio Arbitrary Command Execution CORE Security Technologies Advisories
[ MDVSA-2009:310 ] openssl security
FreeBSD Security Advisory FreeBSD-SA-09:15.ssl [REVISED] FreeBSD Security Advisories
[ MDVSA-2009:308 ] gnutls security
Friday, 04 December
[ MDVSA-2009:292-1 ] wireshark security
[ MDVSA-2009:132-1 ] libsndfile security
RE: Millions of PDF invisibly embedded with your internal disk paths Thor (Hammer of God)
[ MDVSA-2009:313-1 ] bind security
Invision Power Board <= 3.0.4 Local PHP File Inclusion and SQL Injection Dawid Golunski
[ MDVSA-2009:290-1 ] firefox security
[ MDVSA-2009:169-1 ] libtiff security
[ MDVSA-2009:203-1 ] curl security
[ MDVSA-2009:158-3 ] pango security
[InterN0T] Google Analytics plugin for Wordpress - XSS Vulnerability advisories
[ MDVSA-2009:208-1 ] libgadu security
Secunia Research: DevIL DICOM "GetUID()" Buffer Overflow Vulnerability Secunia Research
PHP 5.3.1 open_basedir bypass cxib
[ MDVSA-2009:287-1 ] xpdf security
[ MDVSA-2009:311 ] ghostscript security
[ MDVSA-2009:142-1 ] jasper security
[ MDVSA-2009:157-1 ] perl-Compress-Raw-Zlib security
[ MDVSA-2009:212-1 ] python security
[ MDVSA-2009:315 ] libneon security
[ MDVSA-2009:223-1 ] xerces-c security
[ MDVSA-2009:211-1 ] expat security
[ MDVSA-2009:312 ] dhcp security
[ MDVSA-2009:206-1 ] wget security
[ MDVSA-2009:218-1 ] w3c-libwww security
[ MDVSA-2009:213-1 ] wxgtk security
[ MDVSA-2009:200-1 ] libxml security
[ MDVSA-2009:130-1 ] gstreamer0.10-plugins-good security
[ MDVSA-2009:224-1 ] postfix security
[ MDVSA-2009:128-1 ] libmodplug security
RE: Millions of PDF invisibly embedded with your internal disk paths Ian Bradshaw
[ MDVSA-2009:314 ] apr security
[ MDVSA-2009:201-1 ] fetchmail security
Monday, 07 December
[ MDVSA-2009:231-1 ] htmldoc security
[ MDVSA-2009:232-1 ] libsamplerate security
[ MDVSA-2009:297-1 ] ffmpeg security
[ MDVSA-2009:249-1 ] newt security
[ MDVSA-2009:318 ] xmlsec1 security
[ MDVSA-2009:319 ] xine-lib security
[ MDVSA-2009:316 ] expat security
[ MDVSA-2009:307-1 ] libtool security
[ MDVSA-2009:272-1 ] libmikmod security
[ MDVSA-2009:317 ] netpbm security
[ MDVSA-2009:320 ] samba security
[ MDVSA-2009:284-1 ] gd security
[ MDVSA-2009:321 ] pidgin security
[ MDVSA-2009:215-1 ] audacity security
[ MDVSA-2009:260-1 ] imagemagick security
[ MDVSA-2009:219-1 ] kompozer security
Re: Millions of PDF invisibly embedded with your internal disk paths Nick FitzGerald
[SECURITY] [DSA 1946-1] New belpic packages fix cryptographic weakness Steffen Joeris
[ MDVSA-2009:322 ] mono security
Re: Millions of PDF invisibly embedded with your internal disk paths Nick FitzGerald
Re: Re: Re: Re: Back door trojan in acajoom-3.2.6 for joomla anonymous
[ MDVSA-2009:234-2 ] silc-toolkit security
Re: Millions of PDF invisibly embedded with your internal disk paths Pavel Machek
[ MDVSA-2009:323 ] apache security
PhpShop Multiple Vulnerabilities Andrea Fabrizi
CVE-2009-3586: CoreHTTP web server off-by-one buffer overflow vulnerability Patroklos Argyroudis
[ MDVSA-2009:254-1 ] graphviz security
[USN-865-1] Bind vulnerability Marc Deslauriers
Mozilla Firefox JavaScript Prompt Spoofing Weakness tcphttp
[ MDVSA-2009:229-1 ] cyrus-imapd security
[ MDVSA-2008:233-1 ] libcdaudio security
[ MDVSA-2009:252-1 ] perl-IO-Socket-SSL security
[ MDVSA-2009:324 ] php security
[ MDVSA-2009:243-2 ] freetype2 security
[ MDVSA-2009:256-1 ] dbus security
[ MDVSA-2009:199-1 ] subversion security
[ MDVSA-2009:325 ] ruby security
[ MDVSA-2009:326 ] mysql security
[USN-866-1] gnome-screensaver vulnerability Marc Deslauriers
Tuesday, 08 December
[SECURITY] [DSA 1947-1] New Shibboleth packages fix cross-site scripting Moritz Muehlenhoff
[ MDVSA-2009:282-1 ] cups security
Secunia Research: Novell iPrint Client "target-frame" Parameter Buffer Overflow Secunia Research
Secunia Research: Novell iPrint Client Date/Time Parsing Buffer Overflow Secunia Research
Security Contact for Netcool at IBM? Michael Gripenstedt
[ MDVSA-2009:251-1 ] postgresql8.2 security
[security bulletin] HPSBMA02481 SSRT090113 rev.1 - HP OpenView Data Protector Application Recovery Manager, Remote Denial security-alert
[ MDVSA-2009:191-1 ] OpenEXR security
Re: Security Contact for Netcool at IBM? Troy Bollinger
[ MDVSA-2009:327 ] clamav security
Applicure Technologies response tomer
[ MDVSA-2009:133-1 ] irssi security
[ MDVSA-2009:098-1 ] krb5 security
[ MDVSA-2009:099-1 ] openafs security
[ MDVSA-2009:126-1 ] eggdrop security
[SECURITY] [DSA 1948-1] New ntp packages fix denial of service Nico Golde
Wednesday, 09 December
ZDI-09-086: Microsoft Internet Explorer XHTML DOM Manipulation Memory Corruption Vulnerability ZDI Disclosures
[ MDVSA-2009:091-1 ] mod_perl security
ZDI-09-089: Microsoft Windows Intel Indeo Codec Parsing Heap Overflow Vulnerability ZDI Disclosures
[ MDVSA-2009:093-1 ] mpg123 security
[ MDVSA-2009:038-1 ] blender security
[security bulletin] HPSBUX02495 SSRT090151 rev.1 - HP-UX Running sendmail, Remote Denial of Service (DoS) security-alert
Notepad++ buffer overflow issue Don HO
ZDI-09-087: Microsoft Internet Explorer CSS Race Condition Code Execution Vulnerability ZDI Disclosures
ZDI-09-091: Hewlett-Packard Application Recovery Manager MSG_PROTOCOL Stack Overflow Vulnerability ZDI Disclosures
[ MDVSA-2009:046-1 ] dia security
IPB v2.x up to 3.0.4 XSS vulnerability Xacker
Fortinet Advisory: Fortinet Discovers Vulnerability in Indeo Codec noreply-secresearch
ZDI-09-093: Adobe Flash Player ActionScript Exception Handler Integer Overflow Vulnerability ZDI Disclosures
ZDI-09-092: Adobe Flash Player JPEG Parsing Heap Overflow Vulnerability ZDI Disclosures
ZDI-09-090: Microsoft Windows Intel Indeo Codec Parsing Stack Overflow Vulnerability ZDI Disclosures
UPDATE: DISA Unix SRR root compromise / CVE-2009-4211 / VU#433821 Frank Stuart
Advisory 03/2009: Piwik Cookie unserialize() Vulnerability Stefan Esser
Fortinet Advisory: Fortinet Discovers Microsoft Office Project Vulnerability noreply-secresearch
Zen Cart local file disclosure vulnerability Bogdan Calin
[USN-867-1] Ntp vulnerability Jamie Strandboge
[ MDVSA-2009:276-1 ] python-django security
[ MDVSA-2009:059-1 ] xchat security
Advisory 02/2009: PHPIDS Unserialize() Vulnerability Stefan Esser
ZDI-09-094: Hewlett-Packard OpenView NNM Multiple Command Injection Vulnerabilities ZDI Disclosures
[USN-868-1] GRUB 2 vulnerability Jamie Strandboge
ZDI-09-096: Hewlett-Packard OpenView NNM nnmRptConfig.exe Template Variable vsprintf Overflow Vulnerability ZDI Disclosures
[ MDVSA-2009:328 ] ntp security
ZDI-09-097: Hewlett-Packard OpenView NNM nnmRptConfig.exe Template Variable strcat Overflow Vulnerability ZDI Disclosures
ZDI-09-095: Hewlett-Packard OpenView NNM Snmp.exe Oid Variable Buffer Overflow Vulnerability ZDI Disclosures
ZDI-09-088: Microsoft Internet Explorer IFrame Attributes Circular Reference Dangling Pointer Vulnerability ZDI Disclosures
TPTI-09-08: HP OpenView NNM ovlogin.exe CGI userid/passwd Heap Overflow Vulnerability dvlabs
TPTI-09-09: HP OpenView NNM ovsessionmgr.exe userid/passwd Heap Overflow Vulnerability dvlabs
TPTI-09-10: HP OpenView NNM webappmon.exe CGI Host Header Buffer Overflow Vulnerability dvlabs
TPTI-09-11: HP OpenView NNM OvWebHelp.exe CGI Topic Heap Overflow Vulnerability dvlabs
TPTI-09-12: HP OpenView NNM ovalarm.exe CGI Accept-Language Stack Overflow Vulnerability dvlabs
TPTI-09-13: HP OpenView NNM snmpviewer.exe CGI Host Header Stack Overflow Vulnerability dvlabs
TPTI-09-14: HP OpenView NNM ovwebsnmpsrv.exe OVwSelection Stack Overflow Vulnerability dvlabs
[ MDVSA-2009:030-1 ] amarok security
ZDI-09-098: Symantec Multiple Products VRTSweb.exe Remote Code Execution Vulnerability ZDI Disclosures
Thursday, 10 December
CA20091208-01: Security Notice for CA Service Desk Kotas, Kevin J
iDefense Security Advisory 12.08.09: Microsoft Internet Explorer HTML Layout Engine Uninitialized Memory Vulnerability iDefense Labs
iDefense Security Advisory 12.08.09: Microsoft WordPad Word97 Converter Integer Overflow Vulnerability iDefense Labs
iDefense Security Advisory 12.08.09: Microsoft Windows Indeo32 Codec Parsing Heap Corruption Vulnerability iDefense Labs
RE: Millions of PDF invisibly embedded with your internal disk paths Thor (Hammer of God)
CORE-2009-1013: Multiple XSS and Injection Vulnerabilities in TestLink Test Management and Execution System CORE Security Technologies Advisories
[security bulletin] HPSBUX02480 SSRT090253 rev.1 - HP-UX Running VRTSweb, Remote Execution of Arbitrary Code, Increase of Privilege security-alert
[USN-869-1] Linux kernel vulnerabilities Kees Cook
[ MDVSA-2009:329 ] kernel security
[security bulletin] HPSBMA02483 SSRT090257 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code security-alert
[security bulletin] HPSBMA02477 SSRT090177 rev.3 - HP OpenView Network Node Manager (OV NNM), Remote Denial of Service (DoS) security-alert
[ MDVSA-2009:330 ] kdelibs security
[ MDVSA-2009:331 ] kdegraphics security
Friday, 11 December
[USN-871-1] KDE vulnerability Jamie Strandboge
[USN-871-2] KDE 4 vulnerabilities Jamie Strandboge
E-Store SQL Injection Vulnerability Salvatore Fresta aka Drosophila
Digital Scribe 1.4.1 Multiple SQL Injection Vulnerabilities Salvatore Fresta aka Drosophila
[USN-872-1] KDE 4 Runtime vulnerabilities Jamie Strandboge
Re: TLS / SSLv3 vulnerability explained (New ways to leverage the vulnerability) Thierry Zoller
[ MDVSA-2009:332 ] gimp security
[security bulletin] HPSBMA02400 SSRT080144 rev.3 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code security-alert
phpCollegeExchange 0.1.5c Multiple SQL Injection Vulnerabilities Salvatore Fresta aka Drosophila
[security bulletin] HPSBMA02424 SSRT080125 rev.2 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code security-alert
[security bulletin] HPSBMA02425 SSRT080091 rev.2 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code security-alert
[security bulletin] HPSBPI02472 SSRT090196 rev.2 - Certain HP Color LaserJet Printers, Remote Unauthorized Access to Data, Denial of Service security-alert
[security bulletin] HPSBMA02483 SSRT090257 rev.2 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code security-alert
[ MDVSA-2009:296-1 ] gimp security
[USN-870-1] PyGreSQL vulnerability Jamie Strandboge
Flock 2.5.2 Remote Array Overrun (Arbitrary code execution) cxib
Camino 1.6.10 Remote Array Overrun (Arbitrary code execution) cxib
[ MDVSA-2009:259-1 ] snort security
Monday, 14 December
[SECURITY] [DSA 1949-1] New php-net-ping packages fix arbitrary code execution Raphael Geissert
Hacktics Advisory Dec09: Oracle eBusiness Suite - Multiple Vulnerabilities Allow Remote Takeover Ofer Maor
Loggix Project <= 9.4.5 Multiple Remote File Inclusion Vulnerabilities admin
Zabbix Server : Multiple remote vulnerabilities Nicob
WX Guest Book 1.1.208 (SQL/XSS) Multiple Remote Vulnerabilities admin
Miniweb 2.0 Full Path Disclosure Salvatore Fresta aka Drosophila
Re: E-Store SQL Injection Vulnerability Packet Storm
Re: IPB v2.x up to 3.0.4 XSS vulnerability MustLive
Zabbix Agent : Bypass of EnableRemoteCommands=0 Nicob
B2C Booking Centre Systems - SQL Injection Vulnerability Salvatore Fresta aka Drosophila
Cross-Site Scripting vulnerabilities in Invision Power Board MustLive
EEGshop v1.2 secu_lab_ir
Monkey HTTPd improper input validation vulnerability Patroklos Argyroudis
[SECURITY] [DSA-1950-1] New webkit packages fix several vulnerabilities Giuseppe Iuculano
DC4420 - London DEFCON - Christmas drinks - Wednesday 16th December Major Malfunction
[security bulletin] HPSBUX02409 SSRT080171 rev.3 - HP-UX Running VERITAS File System (VRTSvxfs) or VERITAS Oracle Disk security-alert
Exposing HMS HICP Protocol + Intellicom NetBiterConfig.exe Remote Buffer Overflow (Not patched) Reversemode
Tuesday, 15 December
[security bulletin] HPSBUX02482 SSRT090249 rev.2 - HP-UX Running OpenSSL, Remote Unauthorized Data Injection, Denial of Service (DoS) security-alert
Re: WX Guest Book 1.1.208 (SQL/XSS) Multiple Remote Vulnerabilities Packet Storm
WSCreator 1.1 Blind SQL Injection Salvatore Fresta aka Drosophila
[SECURITY] [DSA 1951-1] New firefox-sage packages fix insufficient input sanitizing Steffen Joeris
[SECURITY] [DSA 1952-2] End-of-life announcement for asterisk in oldstable Steffen Joeris
Trango Broadband Wireless Rogue SU Authentication Bug Blair
[SECURITY] [DSA 1952-1] New asterisk packages fix several vulnerabilities Steffen Joeris
Daloradius XSS Vulnerability hadikiamarsi
[BMSA-2009-08] Multiple Vulnerabilities in PyForum Nam Nguyen
[scip-Advisory 4063] PasswordManager Pro 6.1 Script Injection Vulnerability Stefan Friedli
APC Switched Rack PDU XSS Vulnerability jpecou
[ MDVSA-2009:333 ] postgresql security
VMSA-2009-0017 VMware vCenter, ESX patch and vCenter Lab Manager releases address cross-site scripting issues VMware Security Team
Wednesday, 16 December
[SECURITY] [DSA-1953-1] New expat packages fix denial of service Stefan Fritsch
[ISecAuditors Security Advisories] WP-Forum <= 2.3 SQL Injection vulnerabilities ISecAuditors Security Advisories
Family Connections <= 2.1.3 Multiple Remote Vulnerabilities Salvatore Fresta aka Drosophila
File Access Vulnerability in Easy File Sharing Web Server Thor (Hammer of God)
[SECURITY] [DSA 1954-1] New cacti packages fix insufficient input sanitising Steffen Joeris
VideoCache 1.9.2 vccleaner root vulnerability Dominick LaTrappe
FW: [Full-disclosure] File Access Vulnerability in Easy File Sharing Web Server Thor (Hammer of God)
Kaspersky Lab Multiple Products Local Privilege Escalation Vulnerability Maxim A. Kulakov
[security bulletin] HPSBMA02416 SSRT090008 rev.4 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code security-alert
[SECURITY] [DSA 1955-1] New network-manager/network-manager-applet packages fix information disclosure Steffen Joeris
{PRL} QuickHeal antivirus 2010 Local Privilege Escalation Protek Research Lab
Cisco Security Advisory: Multiple Cisco WebEx WRF Player Vulnerabilities Cisco Systems Product Security Incident Response Team
rPSA-2009-0161-1 hwdata kernel rPath Update Announcements
[SECURITY] [DSA 1956-1] New xulrunner packages fix several vulnerabilities Moritz Muehlenhoff
Thursday, 17 December
[security bulletin] HPSBMA02252 SSRT061258, SSRT061259 rev.1 - HP OpenView Storage Data Protector, Remote Arbitrary Code Execution security-alert
[ MDVSA-2009:334 ] poppler security
Secunia Research: Winamp Impulse Tracker Instrument Parsing Buffer Overflows Secunia Research
Secunia Research: Winamp Ultratracker File Parsing Buffer Overflow Secunia Research
SEC Consult SA-20091217-0 :: Authentication bypass and file manipulation in Sitecore Staging Module Lukas Weichselbaum
Secunia Research: Winamp Impulse Tracker Sample Parsing Buffer Overflow Secunia Research
Secunia Research: Winamp Oktalyzer Parsing Integer Overflow Vulnerability Secunia Research
[ISecAuditors Security Advisories] Cisco ASA <= 8.x VPN SSL module Clientless URL-list control bypass ISecAuditors Security Advisories
[ISecAuditors Security Advisories] Horde 3.3.5 "PHP_SELF" Cross-Site Scripting vulnerability ISecAuditors Security Advisories
VUPEN Security Research - Winamp PNG and JPEG Data Integer Overflow Vulnerabilities VUPEN Security Research
[ISecAuditors Security Advisories] QuiXplorer <=2.4.1beta Remote Code Execution vulnerability ISecAuditors Security Advisories
[ MDVSA-2009:335 ] ffmpeg security
[Suspected Spam][oCERT-2009-019] Ganeti path sanitization errors Andrea Barisani
Rumba XML XSS vulnerability hadikiamarsi
Campus Party Eu 2010 Security Challenge - Call For Participants Campus Party EU Spain
Monday, 21 December
ZDI-09-099: Hewlett-Packard OpenView Data Protector Backup Client Service Buffer Overflow Vulnerability ZDI Disclosures
TPTI-09-15: HP OpenView Data Protector Cell Manager Heap Overflow Vulnerability dvlabs
Re: Powered By Dvbbs Version 7.1.0 Sp1 By Pass macaco-listo
[ MDVSA-2009:336 ] koffice security
[ISecAuditors Security Advisories] Simple PHP Blog <= 0.5.1 Local File Include vulnerability ISecAuditors Security Advisories
[ISecAuditors Security Advisories] PHP-Calendar <= v1.1 'configfile' Remote and Local File Inclusion vulnerability ISecAuditors Security Advisories
[USN-875-1] Red Hat Cluster Suite vulnerabilities Jamie Strandboge
SMF (Simple Machine Forum) 1.1.11 XSS - Discovered by : Khashayar Fereidani irancrash
[USN-873-1] Firefox 3.0 and Xulrunner 1.9 vulnerabilities Jamie Strandboge
[USN-874-1] Firefox 3.5 and Xulrunner 1.9.1 vulnerabilities Jamie Strandboge
[SECURITY] [DSA-1959-1] New ganeti packages fix arbitrary command execution Raphael Geissert
[SECURITY] [DSA 1960-1] New acpid packages fix weak file permissions Raphael Geissert
[ GLSA 200912-02 ] Ruby on Rails: Multiple vulnerabilities Alex Legler
phpPollScript - 1.3 Remote File Include admin
pragmaMx CMS Blind SQL/XPath Injection vulnerability hadikiamarsi
TLS Renegotiation Vulnerability: Proof of Concept Code (Python) RedTeam Pentesting GmbH
SQL-Ledger – several vulnerabilities Alexander Klink
Tuesday, 22 December
ClarkConnect XSS vulnerability edgard . chammas
Re: phpPollScript - 1.3 Remote File Include Packet Storm
[ MDVSA-2009:337 ] proftpd security
Remote Buffer Overflow Exploit (TFTP Daemon Version 1.9) by Socket_0x03 Socket_0x03
[security bulletin] HPSBUX02498 SSRT090264 rev.1 - HP-UX Running Apache, Remote Unauthorized Data Injection, Denial of security-alert
RE: TLS Renegotiation Vulnerability: Proof of Concept Code (Python) Barry Raveendran Greene
Wednesday, 23 December
[ MDVSA-2009:338 ] firefox security
[ MDVSA-2009:339 ] firefox security
[SECURITY] [DSA 1961-1] New bind9 packages fix cache poisoning Florian Weimer
[SECURITY] [DSA-1962-1] New kvm packages fix several vulnerabilities Giuseppe Iuculano
XSS Vulnerability in JpGraph 3.0.6 Martin Barbella
RE: TLS Renegotiation Vulnerability: Proof of Concept Code (Python) Ivan Buetler
Monday, 28 December
Vulnerability in Joomulus for Joomla MustLive
ClubHack2009 presentations are now online ClubHack
Remote Buffer Overflow Exploit (TFTP Daemon Version 1.9) by Socket_0x03 Socket_0x03
[ MDVSA-2009:340 ] jpgraph security
Microsoft IIS 0Day Vulnerability in Parsing Files (semi-colon bug) bugreport
[ MDVSA-2009:341 ] dstat security
[SECURITY] [DSA 1963-1] New unbound packages fix DNSSEC validation Florian Weimer
[tools] hostmap-0.2.1 released Alessandro Tanasi
[ MDVSA-2009:342 ] acpid security
[ MDVSA-2009:343 ] acpid security
[InterN0T] LiveZilla - XSS Vulnerability advisories
DBHCMS Web Content Management System v1.1.4 RFI Vulnerability info
Sheedravi CMS SQL Injection Vulnerability faghani
[SECURITY] [DSA 1957-1] New aria2 packages fix arbitrary code execution Steffen Joeris
[ MDVSA-2009:244-1 ] xfig security
[ MDVSA-2009:344 ] perl-DBD-Pg security
Code to mitigate IIS semicolon zero-day ds . adv . pub
[ MDVSA-2009:189-1 ] apache-mod_auth_mysql security
MITKRB5-SA-2009-003 [CVE-2009-3295] KDC denial of service in cross-realm referral processing Tom Yu
Tuesday, 29 December
[ MDVSA-2009:146-1 ] imap security
Tests about semicolon zero-day (BID 37460) Crash - DcLabs
[ MDVSA-2009:345 ] acl security
FreeWebshop.org: multiple vulnerabilities Akita Software Security
Secunia Research: AproxEngine Multiple Vulnerabilities Secunia Research
RE: Tests about semicolon zero-day (BID 37460) Nelson Brito
[SECURITY] [DSA 1958-1] New libtool packages fix privilege escalation Raphael Geissert
Wednesday, 30 December
RE: Tests about semicolon zero-day (BID 37460) Nelson Brito
Re: RE: Tests about semicolon zero-day (BID 37460) crashbrz
[ MDVSA-2009:346 ] kde security
Thursday, 31 December
[SECURITY] [DSA-1953-2] New expat packages fix regression Stefan Fritsch
[SECURITY] [DSA-1964-1] New PostgreSQL packages fix several vulnerabilities Florian Weimer