Bugtraq: by date
RSS Feed
About List
All Lists
Previous period
298 messages
starting Jan 01 09 and
ending Jan 30 09
Date index |
Thread index |
Author index
Thursday, 01 January
Linux Kernel 2.6.18/2.6.24/2.6.20/2.6.22/2.6.21 denial of service exploit i9p
Re: apache 1.x <=> 2.x suphp (suPHP_ConfigPath) bypass safe mode exploit‎ ms5ote
Friday, 02 January
A tool to identify the MD5 certs on FF Memisyazici, Aras
Saturday, 03 January
[SECURITY] [DSA 1694-1] New xterm packages fix remote code execution Florian Weimer
[SECURITY] [DSA 1695-1] New Ruby packages fix denial of service Florian Weimer
Re: Linux Kernel 2.6.18/2.6.24/2.6.20/2.6.22/2.6.21 denial of service exploit joris
Monday, 05 January
Top 5-ish Threats to Watch for in 2009 Pete Herzog
PollPro 3.0 XSRF VuLn. b4DchiLd
Call for papers and trainers - SeacureIT 2009 Stefano Zanero
Re: Linux Kernel 2.6.18/2.6.24/2.6.20/2.6.22/2.6.21 denial of service exploit Eugene Teo
Google Chrome FTP PASV IP Malicious Port Scanning Vulnerability. Aditya K Sood
SolucionWeb (main.php?id_area) Remote SQL injection Vulnerability Ehsan_Hp200
php 4.x php5.2.x all "show_source()" ,"highlight_file()" bypass‏ l1un
Destiny Media Player 1.61 (.lst File) Local Stack Overflow Exploit crimson . loyd
ANNOUNCE: RFIDIOt ver 01.v released - Jan 2009 Adam Laurie
MSFXDC Metasploit eXploits Development Contest Jerome Athias
Re: php 4.x php5.2.x all "show_source()" ,"highlight_file()" bypass‏ a
Re: php 4.x php5.2.x all "show_source()" ,"highlight_file()" bypass‏ faze0r
Walusoft TFTPServer2000 Version 3.6.1 Directory Traversal vuln_research
[USN-702-1] Samba vulnerability Marc Deslauriers
Tuesday, 06 January
[Suspected Spam]"Security Assessment of the Internet Protocol" & the IETF Fernando Gont
[SECURITY] [DSA 1694-2] New xterm packages fix regression Florian Weimer
Re: php 4.x php5.2.x all "show_source()" ,"highlight_file()" bypass‏ Slack Traq
[USN-703-1] xterm vulnerability Kees Cook
New WHID web hacking incidents Ofer Shezaf
VUPLAYER BufferOver flow POC alphanix00
Wednesday, 07 January
Secunia Research: HP OpenView Network Node Manager Multiple Vulnerabilities Secunia Research
[oCERT-2008-016] Multiple OpenSSL signature verification API misuses Will Drewry
PHP-Fusion Mod Members Bewerb Sql Injection r3d . w0rm
Cisco Security Advisory: Cisco Global Site Selector Appliances DNS Vulnerability Cisco Systems Product Security Incident Response Team
Plunet BusinessManager failure in access controls and multiple stored cross site scripting Matteo Ignaccolo
CFP: COLSEC 2009 Patrice CLEMENTE
Secunia Research: TSC2 Help Desk CTab ActiveX Control Buffer Overflow Secunia Research
[USN-701-2] Thunderbird vulnerabilities Jamie Strandboge
PHP-Fusion Mod E-Cart Sql Injection r3d . w0rm
[USN-701-1] Thunderbird vulnerabilities Jamie Strandboge
Plunet BusinessManager failure in access controls and multiple stored cross site scripting Matteo Ignaccolo
[SECURITY] [DSA 1696-1] New icedove packages fix several vulnerabilities Steffen Joeris
[SECURITY] [DSA 1697-1] New iceape packages fix several vulnerabilities Steffen Joeris
FreeBSD Security Advisory FreeBSD-SA-09:02.openssl FreeBSD Security Advisories
FreeBSD Security Advisory FreeBSD-SA-09:01.lukemftpd FreeBSD Security Advisories
CA20090107-01: CA Service Metric Analysis and CA Service Level Management smmsnmpd Arbitrary Command Execution Vulnerability Williams, James K
Thursday, 08 January
Re: [Suspected Spam]"Security Assessment of the Internet Protocol" & the IETF Jerome Athias
[USN-704-1] OpenSSL vulnerability Jamie Strandboge
PHP-Fusion Mod vArcade 1.8 Sql Injection Vulnerability irancrash
[IBM Datapower XS40] Denial of Service erik
CORE-2008-1128: Openfire multiple vulnerabilities CORE Security Technologies Advisories
LayerOne 2009 Call for Papers LayerOne Call For Papers
Re: [IBM Datapower XS40] Denial of Service terrordactylspam
AST-2009-001: Information leak in IAX2 authentication Asterisk Security Team
[USN-705-1] NTP vulnerability Jamie Strandboge
Friday, 09 January
[USN-706-1] Bind vulnerability Jamie Strandboge
[SECURITY] [DSA 1698-1] New gforge packages fix SQL injection Thijs Kinkhorst
Re: Plunet BusinessManager failure in access controls and multiple stored cross site scripting Stefano Zanero
Re: Linux Kernel 2.6.18/2.6.24/2.6.20/2.6.22/2.6.21 denial of service exploit Shaochun Wang
ShakaCon 2009 Call for Papers and Trainers Shakacon
Leak of SNMP write password via SNMP read community in NETGEAR WG102 - Prosafe 802.11g Access Point mad-vaittes
Re: Leak of SNMP write password via SNMP read community in NETGEAR WG102 - Prosafe 802.11g Access Point Simon Richter
Java Runtime UTF-8 Decoder Smuggling Vector William A. Rowe, Jr.
Re: Leak of SNMP write password via SNMP read community in NETGEAR WG102 - Prosafe 802.11g Access Point Steve Shockley
Re: Leak of SNMP write password via SNMP read community in NETGEAR WG102 - Prosafe 802.11g Access Point Simon Richter
Saturday, 10 January
[ MDVSA-2009:003 ] python security
[ MDVSA-2009:004 ] pam_mount security
[ MDVSA-2009:002 ] bind security
Re: Team SHATTER Security Advisory: Oracle Database Buffer Overflow in SYS.KUPF$FILE_INT.GET_FULL_FILENAME (DB11) security curmudgeon
Re: Team SHATTER Security Advisory: Oracle Database Buffer Overflow in SYS.KUPF$FILE_INT.GET_FULL_FILENAME (DB11) Joxean Koret
Monday, 12 January
[ GLSA 200901-01 ] NDISwrapper: Arbitrary remote code execution Robert Buchholz
[ GLSA 200901-02 ] JHead: Multiple vulnerabilities Robert Buchholz
Comersus Shopping Cart <= v6 Remote User Pass Exploit ajannhwt
[ GLSA 200901-03 ] pdnsd: Denial of Service and cache poisoning Robert Buchholz
[ GLSA 200901-04 ] D-Bus: Denial of Service Robert Buchholz
Hack Aethra SV 1042 Adsl/Voip Router SmoKe
[SECURITY] [DSA 1699-1] New zaptel packages fix privilege escalation Florian Weimer
PHP Buffer Overflow(popen) ew1zz
[ GLSA 200901-05 ] Streamripper: Multiple vulnerabilities Pierre-Yves Rofes
[BMSA-2009-01] Authentication bypass in Interspire Shopping Cart v4.0.1 and below Nam Nguyen
RE: Oracle Database Buffer Overflow in SYS.KUPF$FILE_INT.GET_FULL_FILENAME (Oracle CPU April 2008 DB11) Integrigy Alerts
[TKADV2009-001] Sun Solaris aio_suspend() Kernel Integer Overflow Vulnerability Tobias Klein
[USN-707-1] CUPS vulnerabilities Marc Deslauriers
[SECURITY] [DSA 1700-1] New lasso packages fix validation bypass Moritz Muehlenhoff
[TKADV2009-002] Amarok Integer Overflow and Unchecked Allocation Vulnerabilities Tobias Klein
[ GLSA 200901-06 ] Tremulous: User-assisted execution of arbitrary code Pierre-Yves Rofes
[ MDVSA-2009:005 ] xterm security
SyScan'09 Call For Paper - Shanghai, Hong Kong, Singapore, Taipei organiser () syscan org
Visuplay CMS SQL injection vulnerability joseph . giron13
[security bulletin] HPSBMA02392 SSRT071481 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Denial of Service (DoS) security-alert
[SECURITY] [DSA 1701-1] New OpenSSL packages fix cryptographic weakness Florian Weimer
[ GLSA 200901-07 ] MPlayer: Multiple vulnerabilities Tobias Heinlein
[SECURITY] [DSA 1702-1] New ntp packages fix cryptographic weakness Florian Weimer
[SECURITY] [DSA 1703-1] New bind9 packages fix cryptographic weakness Florian Weimer
Tuesday, 13 January
Secunia Research: DevIL "iGetHdrHeader()" Buffer Overflow Vulnerabilities Secunia Research
PDFBuilderX 2.2 Arbitrary File Overwrite fakeperson7
[ GLSA 200901-09 ] Adobe Reader: User-assisted execution of arbitrary code Robert Buchholz
[ GLSA 200901-08 ] Online-Bookmarks: Multiple vulnerabilities Pierre-Yves Rofes
[ MDVSA-2009:006 ] openoffice.org security
ANNOUNCE: DEFCON London - DC4420 - January meet - Thursday 15th Jan 2009 Major Malfunction
rPSA-2009-0006-1 samba samba-client samba-server samba-swat rPath Update Announcements
iDefense Security Advisory 01.13.09: RIM BlackBerry Enterprise Server Attachment Service PDF Distiller 'symWidths' Heap Overflow Vulnerability iDefense Labs
ZDI-09-001: Microsoft SMB NT Trans Request Parsing Remote Code Execution Vulnerability zdi-disclosures
ZDI-09-002: Microsoft SMB NT Trans2 Request Parsing Remote Code Execution Vulnerability zdi-disclosures
rPSA-2009-0005-1 git gitweb rPath Update Announcements
rPSA-2009-0007-1 pam_krb5 rPath Update Announcements
[USN-708-1] HPLIP vulnerability Marc Deslauriers
iDefense Security Advisory 01.13.09: RIM BlackBerry Enterprise Server Attachment Service PDF Distiller 'bitmaps' Heap Overflow Vulnerability iDefense Labs
iDefense Security Advisory 01.13.09: RIM BlackBerry Enterprise Server Attachment Service PDF Distiller Uninitialized Memory Vulnerability iDefense Labs
Wednesday, 14 January
FreeBSD Security Advisory FreeBSD-SA-09:04.bind FreeBSD Security Advisories
iDefense Security Advisory 01.13.09: Oracle Database 10g R2 Summary Advisor Arbitrary File Rewrite Vulnerability iDefense Labs
Cisco Unified IP Phone 7960G and 7940G (SIP) RTP Header Vulnerability Laurent Butti
phpList <= 2.10.8 Local File inclusion admin
iDefense Security Advisory 01.13.09: Oracle Secure Backup Administration Server login.php Command Injection Vulnerability iDefense Labs
Trigger Abuse of MDSYS.SDO_TOPO_DROP_FTBL in Oracle 10g R1 and R2 David Litchfield
[ MDVSA-2009:007 ] ntp security
WowWee Rovio - Insufficient Access Controls - Covert Audio/Video Snooping Possible Brian Dowling
RE: DoS code for Cisco VLAN Trunking Protocol Vulnerability Paul Oxman (poxman)
Oracle CPU Jan 2009 Advisories. Alexandr Polyakov
PR08-19: XSS on Cisco IOS HTTP Server ProCheckUp Research
DoS code for Cisco VLAN Trunking Protocol Vulnerability showrun . lee
Cisco Security Advisory: Cisco ONS Platform Crafted Packet Vulnerability Cisco Systems Product Security Incident Response Team
[ MDVSA-2009:008 ] qemu security
Cisco Security Response: Cisco IOS Cross-Site Scripting Vulnerabilities Cisco Systems Product Security Incident Response Team
iDefense Security Advisory 01.13.09: Oracle Secure Backup Administration Server login.php Command Injection Vulnerability iDefense Labs
[ MDVSA-2009:009 ] kvm security
[ MDVSA-2009:010 ] qemu security
Call for Papers: Cyber Warfare kgconference
Cisco Security Advisory: IronPort Encryption Appliance / PostX and PXE Encryption Vulnerabilities Cisco Systems Product Security Incident Response Team
OTSTurntables 1.00.027 (.ofl) Local Stack Overflow Exploit crimson . loyd
[TZO-2009-1] Avira Antivir - RAR - Division by Zero & Null Pointer Dereference Thierry Zoller
[SECURITY] [DSA 1704-1] New xulrunner packages fix several vulnerabilities Steffen Joeris
ZDI-09-003: Oracle Secure Backup exec_qr() Command Injection Vulnerability zdi-disclosures
ZDI-09-004: Oracle TimesTen evtdump Remote Format String Vulnerability zdi-disclosures
Oracle Secure Backup 10g Remote Code Execution Joxean Koret
Oracle TimesTen Remote Format String Joxean Koret
Thursday, 15 January
[ GLSA 200901-10 ] GnuTLS: Certificate validation error Pierre-Yves Rofes
[ GLSA 200901-11 ] Avahi: Denial of Service Pierre-Yves Rofes
TFTPUtil GUI TFTP Directory Traversal vuln_research
TFTPUtil GUI TFTP Server Denial of Service Vulnerability vuln_research
Windows NTP Time Server Syslog Monitor 1.0.000 Denial of Service Vulnerability vuln_research
Re: Assurent VR - Oracle BEA WebLogic Server Apache Connector Buffer Overflow security curmudgeon
[ MDVSA-2009:011 ] virtualbox security
Re: iDefense Security Advisory 01.13.09: Oracle Secure Backup Administration Server login.php Command Injection Vulnerability security curmudgeon
Oracle Secure Backup Multiple Denial Of Service vulnerabilities noreply-secresearch () fortinet com
Oracle Secure Backup's observiced.exe Denial Of Service vulnerability noreply-secresearch () fortinet com
Oracle Secure Backup NDMP_CONECT_CLIENT_AUTH Command Buffer Overflow Vulnerability noreply-secresearch () fortinet com
ANNOUNCE: apache_1.3.41+ssl_1.60 released Adam Laurie
Errata: [TZO-2009-1] Avira Antivir - RAR - Division by Zero & Null Pointer Dereference Thierry Zoller
[TZO-2009-2] Avira Antivir - Priviledge escalation Thierry Zoller
[waraxe-2009-SA#070] - Multiple Vulnerabilities in MKPortal <= 1.2.1 come2waraxe
[SECURITY] [DSA 1705-1] New netatalk packages fix arbitrary code execution Nico Golde
[USN-709-1] tar vulnerability Jamie Strandboge
[SECURITY] [DSA 1707-1] New iceweasel packages fix several vulnerabilities Steffen Joeris
[ MDVSA-2009:012 ] mozilla-thunderbird security
[SECURITY] [DSA 1706-1] New amarok packages fix arbitrary code execution Moritz Muehlenhoff
[USN-700-2] Perl regression Kees Cook
Friday, 16 January
Syslserve 1.058 Denial of Service Vulnerability vuln_research
[ MDVSA-2009:014 ] mplayer security
[ MDVSA-2009:013 ] mplayer security
[ MDVSA-2009:015 ] ffmpeg security
DMXReady Blog Manager (SQL/XSS) pouya . s3rver
Active Bids pouya . s3rver
Announce: RSBAC 1.4.0 released Amon Ott
[ MDVSA-2009:016 ] xen security
[ MDVSA-2009:017 ] kdebase security
Excel Viewer OCX 3.1/3.2 Denial of Service PoC alphanix00
Sagem router f@st 2404 remote reset poc alphanix00
Saturday, 17 January
FBI XSS Vulnerability sohrab_behroozian
[ MDVSA-2009:018 ] tomcat5 security
Monday, 19 January
53KF Web IM 2009 Cross-Site Scripting Vulnerabilities Heart
Ralinktech wireless cards drivers vulnerability springsec
[Wintercore Research ] Fujitsu SystemcastWizard Lite PXEService Remote Buffer Overflow. vulns
[ GLSA 200901-12 ] noip-updater: Execution of arbitrary code Pierre-Yves Rofes
Advisory: Oracle EBusiness Suite Sensitive Information Disclosure Vulnerability Aditya K Sood
Web Hacking Incidents update for Jan 19th Ofer Shezaf
[ MDVSA-2009:019 ] imlib2 security
[SECURITY] [DSA 1708-1] New Git packages fix remote code execution Florian Weimer
Tuesday, 20 January
Secunia Research: EasyHDR Pro Radiance RGBE Buffer Overflow Secunia Research
Cybershade CMS Remote File include vulnerability security
[ANNOUNCE] Apache Jackrabbit 1.5.2 released Jukka Zitting
Re: Remote Cisco IOS FTP exploit Russell L. Smoak
Microsoft Bluetooth Stack OBEX Directory Traversal alberto . morenot
Oracle Containers For Java Directory Traversal (OC4J) Oracle Application Server 10g (10.1.3.1.0) Oracle HTTP Server Eduardo Vela
Secunia Research: Trend Micro Network Security Component Vulnerabilities Secunia Research
[security bulletin] HPSBMA02400 SSRT080144 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code security-alert
MoinMoin Wiki Engine XSS Vulnerability swhite
Re: Remote Cisco IOS FTP exploit security curmudgeon
Secunia Research: OpenSG Radiance RGBE Buffer Overflow Vulnerability Secunia Research
rPSA-2009-0009-1 bind bind-utils rPath Update Announcements
Videos from HITBSecConf2008 - Malaysia released! Praburaajan
rPSA-2009-0011-1 perl rPath Update Announcements
rPSA-2009-0008-1 openssl rPath Update Announcements
rPSA-2009-0010-1 ntp ntp-utils rPath Update Announcements
[ GLSA 200901-13 ] Pidgin: Multiple vulnerabilities Pierre-Yves Rofes
rPSA-2009-0014-1 hplip rPath Update Announcements
Wednesday, 21 January
[SECURITY] [DSA 1709-1] New shadow packages fix privilege escalation Thijs Kinkhorst
[SECURITY] [DSA 1693-2] New phppgadmin packages fix regression Thijs Kinkhorst
CfP: 16th ACM Conference on Computer and Communications Security (CCS) 2009 Christopher Kruegel
[DSECRG-09-004] AXIS 70U Network Document Server - Privilege Escalation and XSS Digital Security Research Group
Cisco Security Advisory: Cisco Security Manager Vulnerability Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco Unified Communications Manager CAPF Denial of Service Vulnerability` Cisco Systems Product Security Incident Response Team
Joomla component beamospetition 1.0.12 Sql Injection vds_s
Re: [Full-disclosure] Oracle Containers For Java Directory Traversal (OC4J) Oracle Application Server 10g (10.1.3.1.0) Oracle HTTP Server Mark Thomas
[IMF 2009] Call for Papers Oliver Goebel
Digital Security opens a site of its research center DSec Research Group Digital Security Research Group
[ GLSA 200901-14 ] Scilab: Insecure temporary file usage Pierre-Yves Rofes
Thursday, 22 January
[ MDVSA-2009:024 ] php4 security
Asp-project Cookie Handling r3d . w0rm
[ MDVSA-2009:020 ] xine-lib security
ZDI-09-006: Apple QuickTime AVI Header nBlockAlign Heap Corruption Vulnerability zdi-disclosures
ZDI-09-008: Apple QuickTime STSD JPEG Atom Heap Corruption Vulnerability zdi-disclosures
[ MDVSA-2009:022 ] php security
ZDI-09-005: Apple QuickTime VR Track Header Atom Heap Corruption Vulnerability zdi-disclosures
[ GLSA 200901-15 ] Net-SNMP: Denial of Service Pierre-Yves Rofes
VUPlayer 2.49 .ASX local universal BOF exploit maroc-anti-connexion
[ MDVSA-2009:023 ] php security
[ MDVSA-2009:021 ] php security
ZDI-09-007: Apple QuickTime Cinepak Codec MDAT Heap Corruption Vulnerability zdi-disclosures
[TKADV2009-003] GStreamer Heap Overflow and Array Index out of Bounds Vulnerabilities Tobias Klein
Friday, 23 January
Secunia Research: AXIS Camera Control "image_pan_tilt" Property Buffer Overflow Secunia Research
PHP-Nuke 8.0 Downloads Blind Sql Injection r3d . w0rm
[ MDVSA-2009:025 ] pidgin security
BBSxp Xss vulnerability arashps0
[ MDVSA-2009:026 ] phpMyAdmin security
Oblog XSS valnerability arash . setayeshi
ZDI-09-009: EMC AutoStart Backbone Engine Trusted Pointer Code Execution Vulnerability zdi-disclosures
Monday, 26 January
Problems with syscall filtering technologies on Linux Chris Evans
VUplayer (.wax file) local buffer overflow crash exploit storms0uth
MediaMonkey 3.0.6 (.m3u file) Local Buffer Overflow PoC alphanix00
[HACKATTACK Advisory 25012009]ConPresso CMS 4.07 - Session Fixation, XFS, XSS office
Lootan(kedor) Sql Injection vulnerability arash . setayeshi
SonyEricsson WAP Push Denial of Service Mobile Security Lab
Nokia Multimedia Player (.AVI File) Null Dereference Pointer Exploit alphanix00
LDF Sql injection vulnerability arash . setayeshi
/bin/login DoS remains after DSA-1709 Paul Szabo
Re: ZDI-09-007: Apple QuickTime Cinepak Codec MDAT Heap Corruption Vulnerability security curmudgeon
Re: [Full-disclosure] ZDI-09-007: Apple QuickTime Cinepak Codec MDAT Heap Corruption Vulnerability Juha-Matti Laurio
Re: munky-bliki lfi security curmudgeon
Browse3d (.sfs file) Local Stack Overflow Exploit alphanix00
Benchmarking attacks and major security weakness on all recent Windows versions up to Windows 200 thadeum
EleCard MPEG PLAYER (.m3u file) Local Stack Overflow Exploit alphanix00
[ MDVSA-2009:027 ] cups security
[SECURITY] [DSA 1710-1] New ganglia-monitor-core packages fix remote code execution Steffen Joeris
CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities Williams, James K
Re: Oblog XSS valnerability dan . crowley
WB News v2.0.X Remote File include .. security
Browser3D 3.5 (.sfs File) Local Stack Overflow Exploit (c) maroc-anti-connexion
[SECURITY] [DSA 1711-1] New TYPO3 packages fix remote code execution Nico Golde
[USN-710-1] xine-lib vulnerabilities Marc Deslauriers
[USN-711-1] KTorrent vulnerabilities Marc Deslauriers
Tuesday, 27 January
Re: FUD Forum < 2.7.1 PHP code injection vurnelability riklaunim
NewsCMSlite Insecure Cookie Handling admin
ACROS Security: HTML Injection in BEA (Oracle) WebLogic Server Console (ASPR #2009-01-27-1) ACROS Security
[USN-712-1] Vim vulnerabilities Marc Deslauriers
Secunia Research: OpenX Multiple Vulnerabilities Secunia Research
OpenX 2.6.3 - Local File Inclusion admin
CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities (Updated - v1.1) Williams, James K
JetAudio Basic 7.0.3 BufferOverFlow PoC alphanix00
SAP NetWeaver XSS Vulnerability Martin Suess
Total video player 1.3.7 local buffer overflow universal exploit maroc-anti-connexion
CA20090126-01: CA Anti-Virus Engine Detection Evasion Multiple Vulnerabilities Williams, James K
Max.Blog <= 1.0.6 (show_post.php) SQL Injection Vulnerability Salvatore "drosophila" Fresta
[ MDVSA-2009:030 ] amarok security
Max.Blog <= 1.0.6 (submit_post.php) SQL Injection Vulnerability Salvatore "drosophila" Fresta
Wednesday, 28 January
Max.Blog <= 1.0.6 (offline_auth.php) Offline Authentication Bypass Salvatore "drosophila" Fresta
[USN-713-1] openjdk-6 vulnerabilities Kees Cook
CONFidence 2009, Final CfP Andrzej Targosz
Web Hacking Incidents update for Jan 28th Ofer Shezaf
Internet explorer 7.0 stack overflow jplopezy
Re: DoS attacks on MIME-capable software via complex MIME emails Dave English
CORE-2008-1211: Amaya web editor XML and HTML parser vulnerabilities Core Security Technologies Advisories
Advisory: Google Chrome 1.0.154.43 ClickJacking Vulnerability. Aditya K Sood
[SECURITY] [DSA 1712-1] New rt2400 packages fix arbitrary code execution Moritz Muehlenhoff
[TKADV2009-004] FFmpeg Type Conversion Vulnerability Tobias Klein
[SECURITY] [DSA 1713-1] New rt2500 packages fix arbitrary code execution Moritz Muehlenhoff
[SECURITY] [DSA 1714-1] New rt2570 packages fix arbitrary code execution Moritz Muehlenhoff
Thursday, 29 January
[SECURITY] [DSA 1715-1] New moin packages fix insufficient input sanitising Devin Carraway
[security bulletin] HPSBMA02403 SSRT090007 rev.1 - HP Select Access Running on HP-UX, Linux, Solaris, and Windows, Remote Cross Site Scripting (XSS) security-alert
dBpowerAMP Audio Player v2 ( .pls file) LoCaL BufferOverFlow Exploit alphanix00
[security bulletin] HPSBMP02404 SSRT090014 rev.1 - MPE/iX Running BIND/iX, Remote DNS Cache Poisoning security-alert
Re: Internet explorer 7.0 stack overflow jplopezy
Oracle Forms Cross site Scripting in (iFcgi60.exe / f60servlet) DoZ
Oracle Application Server 10g Cross Site Scripting Vulnerability DoZ
Re: Advisory: Google Chrome 1.0.154.43 ClickJacking Vulnerability. Michal Zalewski
Re: Secunia Research: OpenX Multiple Vulnerabilities scott . switzer
Motorola Wimax Modem CPEi300 Multiple Vulnerabilities usman
rPSA-2009-0021-1 sudo rPath Update Announcements
[SECURITY] [DSA 1704-2] Updated netatalk packages fix denial of service Nico Golde
PerlSoft Guestbook v1.7b Bruteforcer + RCE! Perforin
Re: XSS vulnerabilty in ASP.Net [with details] m . rajeshpawar
Friday, 30 January
[OPENX-SA-2009-001] OpenX 2.4.10 and 2.6.4 fix multiple vulnerabilities Matteo Beccati
ANNOUNCE - RFIDIOt 0.1w released - January 2009 Adam Laurie
Bugs Online v2.14 Sql Injection r3d . w0rm
CVE-2008-4990 Enomaly ECP/Enomalism: Insecure temporary file creation vulnerabilities Sam Johnston
Re[2]: Internet explorer 7.0 stack overflow Vladimir '3APA3A' Dubrovin
[USN-715-1] Linux kernel vulnerabilities Kees Cook
[USN-716-1] MoinMoin vulnerabilities Jamie Strandboge
PR08-22: Persistent XSS on Novell GroupWise WebAccess ProCheckUp Research
PR08-21: Cross-site Request Forgery (CSRF) on Novell GroupWise WebAccess allows email theft and other attacks ProCheckUp Research
PR08-23: XSS on Novell GroupWise WebAccess ProCheckUp Research
Re: Re: Google Chrome Browser (ChromeHTML://) remote parameter injection POC come2waraxe