Bugtraq: by author
RSS Feed
About List
All Lists
Previous period
289 messages
starting Mar 13 09 and
ending Mar 05 09
Date index |
Thread index |
Author index
aanisimov
[Positive Technologies SA:2009-14] BLOG CMS Cross-Site Scripting vulnerability aanisimov (Mar 13)
[Positive Technologies SA:2009-15] Living CMS Cross-Site Scripting vulnerability aanisimov (Mar 13)
[Positive Technologies SA:2009-20] A.CMS Multiple Vulnerabilities aanisimov (Mar 13)
[Positive Technologies SA:2009-13] TinX CMS 3.x SQL Injection Vulnerability aanisimov (Mar 06)
[Positive Technologies SA:2009-12] UMI.CMS Cross-Site Scripting vulnerability aanisimov (Mar 06)
Adam Baldwin
NGENUITY-2009-005 OpenCart Order By Blind SQL Injection Adam Baldwin (Mar 16)
ExpressionEngine Persistent Cross-Site Scripting Adam Baldwin (Mar 23)
Zabbix Multiple Frontend CSRF (Password reset & command execution) Adam Baldwin (Mar 31)
admin
PHPRunner SQL Injection admin (Mar 17)
Alexandr Polyakov
[DSECRG-09-016] SAP SAPDB Multiple XSS Alexandr Polyakov (Mar 31)
alexchf . fyp
Re: Vulnerability CVE-2008-3671 - MyReview's vulnerability in the access control system alexchf . fyp (Mar 09)
Alex Legler
Re: Adobe Flash Player plug-in null pointer dereference and browser crash Alex Legler (Mar 12)
Andrea Barisani
[oCERT-2009-003] LittleCMS integer errors Andrea Barisani (Mar 20)
Anon
flv2mpeg4: Malformed parameters Denial of Service Anon (Mar 12)
ascii
Zabbix 1.6.2 Frontend Multiple Vulnerabilities ascii (Mar 03)
Asterisk Security Team
AST-2009-002: Remote Crash Vulnerability in SIP channel driver Asterisk Security Team (Mar 10)
Bernhard Mueller
SEC Consult SA-20090305-1 :: IBM Director CIM Server Remote Denial of Service Vulnerability Bernhard Mueller (Mar 10)
SEC Consult SA-20090305-2 :: IBM Director CIM Server Local Privilege Escalation Vulnerability Bernhard Mueller (Mar 10)
SEC Consult SA-20090305-0 :: NextApp Echo XML Injection Vulnerability Bernhard Mueller (Mar 10)
Bkis
[Bkis-03-2009] Multiple Vulnerabilities found in Rapidleech rev.36 Bkis (Mar 16)
[Bkis-04-2009] GOM Encoder Heap-based Buffer Overflow Bkis (Mar 16)
[Bkis-05-2009] PowerCHM Stack-based Buffer Overflow Bkis (Mar 26)
Bugs NotHugs
Aurora Nutritive Analysis Module Multiple XSS Bugs NotHugs (Mar 27)
Novell Netstorage Multiple Vulnerabilities Bugs NotHugs (Mar 27)
Cisco ASA5520 Web VPN Host Header XSS Bugs NotHugs (Mar 31)
Check Point Firewall-1 PKI Web Service HTTP Header Remote Overflow Bugs NotHugs (Mar 30)
Carsten Eilers
Multiple Vulnerabilities in iAntiVirus Carsten Eilers (Mar 10)
Chris Evans
LittleCMS vulnerabilities (OpenJDK, Firefox, GIMP, etc. impacted) Chris Evans (Mar 20)
Christian Eibl
Moodle: Sensitive File Disclosure Christian Eibl (Mar 27)
Chris Weber
[tool release] Watcher v1.0.0 - passive Web-app security testing and compliance auditing Chris Weber (Mar 30)
Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco Unified Communications Manager IP Phone Personal Address Book Synchronizer Privilege Escalation Vulnerability Cisco Systems Product Security Incident Response Team (Mar 11)
Cisco Security Advisory: Cisco IOS Software Secure Copy Privilege Escalation Vulnerability Cisco Systems Product Security Incident Response Team (Mar 25)
Cisco Security Advisory: Cisco IOS Software WebVPN and SSLVPN Vulnerabilities Cisco Systems Product Security Incident Response Team (Mar 25)
Cisco Security Advisory: Cisco IOS cTCP Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Mar 25)
Cisco Security Advisory: Cisco 7600 Series Router Session Border Controller Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Mar 04)
Cisco Security Advisory: Cisco IOS Software Mobile IP and Mobile IPv6 Vulnerabilities Cisco Systems Product Security Incident Response Team (Mar 25)
Cisco Security Advisory: Cisco IOS Software Multiple Features Crafted TCP Sequence Vulnerability Cisco Systems Product Security Incident Response Team (Mar 25)
contact
Afian Document Manager Local File Inclusion contact (Mar 02)
Blogsa <= 1.0 Beta 3 XSS Vulnerability contact (Mar 02)
Core Security Technologies Advisories
Foxit Reader Multiple Vulnerabilities (CORE-2009-0218) Core Security Technologies Advisories (Mar 09)
CORE-2009-0108: Multiple vulnerabilities in Sun Calendar Express Web Server CORE Security Technologies Advisories (Mar 31)
CORE-2009-0122: HP OpenView Buffer Overflows CORE Security Technologies Advisories (Mar 23)
Corrado Leita
CFP RAID 2009 Corrado Leita (Mar 25)
cxib
libc:fts_*():multiple vendors, Denial-of-service cxib (Mar 05)
dann frazier
[SECURITY] [DSA 1749-1] New Linux 2.6.26 packages fix several vulnerabilities dann frazier (Mar 21)
danny
Re: TikiWiki 2.2 XSS Vulnerability in URI danny (Mar 13)
ddivulnalert
DDIVRT-2009-22 SMART Board Whiteboard Directory Traversal Vulnerability ddivulnalert (Mar 09)
DDIVRT-2009-21 vBook Login Application Cross-site Scripting Vulnerability ddivulnalert (Mar 09)
DeepSec Conference
DeepSec 2009 - Call for Papers is open DeepSec Conference (Mar 30)
dh
Layered Defense Research Advisory: Format String Vulnerablity in Symantec PcAnywhere v10-12.5 dh (Mar 18)
DSecRG
[DSECRG-09-030] PrecisionID Datamatrix ActiveX control - Arbitrary File overwriting DSecRG (Mar 31)
[DSECRG-09-013] IBM WebSphere Application Server 7.0 Multiple XSS Vulnerabilities DSecRG (Mar 31)
Elazar Broad
Belkin BullDog Plus UPS-Service Buffer Overflow Vulnerability Elazar Broad (Mar 09)
Elliot Kendall
Command Execution in Hannon Hill Cascade Server Elliot Kendall (Mar 19)
Eric C. Lukens
Re: Secunia Research: Adobe Reader JBIG2 Symbol Dictionary Buffer Overflow Eric C. Lukens (Mar 25)
Eygene Ryabinkin
Re: Zabbix 1.6.2 Frontend Multiple Vulnerabilities Eygene Ryabinkin (Mar 09)
Florian Weimer
[SECURITY] [DSA 1735-1] New znc packages fix privilege escalation Florian Weimer (Mar 10)
[SECURITY] [DSA 1719-2] New GNUTLS packages fix regression Florian Weimer (Mar 02)
[SECURITY] [DSA 1739-1] New mldonkey packages fix information disclosure Florian Weimer (Mar 13)
[SECURITY] [DSA 1752-1] New webcit packages fix potential remote code execution Florian Weimer (Mar 23)
Re: Secunia Research: Adobe Reader JBIG2 Symbol Dictionary Buffer Overflow Florian Weimer (Mar 25)
[SECURITY] [DSA 1750-1] New libpng packages fix several vulnerabilities Florian Weimer (Mar 23)
FreeBSD Security Advisories
FreeBSD Security Advisory FreeBSD-SA-09:06.ktimer FreeBSD Security Advisories (Mar 23)
h1kari
TOORCAMP 2009 CALL FOR PARTICIPATION h1kari (Mar 12)
H D Moore
WarVOX 1.0.0 Released H D Moore (Mar 06)
Henri Lindberg
HP Laserjet multiple models web management CSRF vulnerability & insecure default configuration Henri Lindberg (Mar 17)
Henri Lindberg - Smilehouse Oy
Rittal CMC-TC Processing Unit II multiple vulnerabilities Henri Lindberg - Smilehouse Oy (Mar 23)
iDefense Labs
iDefense Security Advisory 03.26.09: Sun Java Web Start (JWS ) GIF Decoding Heap Corruption Vulnerability iDefense Labs (Mar 27)
iDefense Security Advisory 03.26.09: Sun Java Runtine Environment (JRE) GIF Decoding Heap Corruption Vulnerability iDefense Labs (Mar 27)
Re: iDefense COMRaider 'DeleteFile()' Method Arbitrary File Deletion Vulnerability iDefense Labs (Mar 05)
iDefense Security Advisory 03.26.09: Sun Java Web Start (JWS ) PNG Decoding Integer Overflow Vulnerability iDefense Labs (Mar 27)
iDefense Security Advisory 03.26.09: Sun Java Runtine Environment (JRE) Type1 Font Parsing Integer Signedness Vulnerability iDefense Labs (Mar 27)
Re: iDefense Security Advisory 03.17.09: Autonomy KeyView Word Perfect File Parsing Buffer Overflow Vulnerability iDefense Labs (Mar 18)
iDefense Security Advisory 03.26.09: Sun Java Runtime Environment (JRE) Pack200 Decompression Integer Overflow Vulnerability iDefense Labs (Mar 27)
iDefense Security Advisory 03.17.09: Autonomy KeyView Word Perfect File Parsing Buffer Overflow Vulnerability iDefense Labs (Mar 18)
iDefense Security Advisory 03.24.09: Adobe Reader and Acrobat JBIG2 Encoded Stream Heap Overflow Vulnerability iDefense Labs (Mar 24)
iliz-z
TikiWiki 2.2 XSS Vulnerability in URI iliz-z (Mar 12)
ISecAuditors Security Advisories
[ISecAuditors Security Advisories] ModSecurity < 2.5.9 remote Denial of Service (DoS) ISecAuditors Security Advisories (Mar 19)
[ISecAuditors Security Advisories] eXtplorer Remote Code Execution ISecAuditors Security Advisories (Mar 02)
[ISecAuditors Security Advisories] WordPress MU HTTP Header XSS Vulnerability ISecAuditors Security Advisories (Mar 10)
Jamie Strandboge
[USN-741-1] Thunderbird vulnerabilities Jamie Strandboge (Mar 20)
[USN-745-1] Firefox and Xulrunner vulnerabilities Jamie Strandboge (Mar 30)
[USN-728-3] Firefox vulnerabilities Jamie Strandboge (Mar 06)
[USN-738-1] GLib vulnerability Jamie Strandboge (Mar 17)
[USN-750-1] OpenSSL vulnerability Jamie Strandboge (Mar 31)
[USN-728-1] Firefox and Xulrunner vulnerabilities Jamie Strandboge (Mar 06)
[USN-730-1] libpng vulnerabilities Jamie Strandboge (Mar 06)
[USN-724-1] Squid vulnerability Jamie Strandboge (Mar 12)
[USN-740-1] NSS vulnerability Jamie Strandboge (Mar 18)
[USN-728-2] Firefox vulnerabilities Jamie Strandboge (Mar 06)
Jerome Athias
[CFP] FRHACK 2nd Call For Papers Jerome Athias (Mar 02)
Jose Luis
NovaBoard <= 1.0.1 / XSS Vulnerability Jose Luis (Mar 03)
joseph . giron13
aspWebCalendar Free Edition bug joseph . giron13 (Mar 31)
Julien Thomas
Re: Vulnerability CVE-2008-3671 - MyReview's vulnerability in the access control system Julien Thomas (Mar 09)
Kees Cook
[USN-748-1] OpenJDK vulnerabilities Kees Cook (Mar 27)
[USN-729-1] Python Crypto vulnerability Kees Cook (Mar 06)
k g
FINAL: Call for Papers on Cyber Warfare k g (Mar 10)
kowsik
Announcing Cap'r Mak'r kowsik (Mar 02)
Krakow Labs
POP Peeper 3.4.0.0 Date Remote Buffer Overflow Vulnerability Krakow Labs (Mar 12)
larry
Trellis Desk v1.0 XSS Vulnerability larry (Mar 12)
Major Malfunction
DEFCON London DC4420 March meeting - Thursday 19th March Major Malfunction (Mar 17)
Marc Deslauriers
[USN-749-1] libsndfile vulnerability Marc Deslauriers (Mar 30)
[USN-746-1] xine-lib vulnerability Marc Deslauriers (Mar 27)
[USN-743-1] Ghostscript vulnerabilities Marc Deslauriers (Mar 23)
[USN-726-2] curl regression Marc Deslauriers (Mar 04)
[USN-742-1] JasPer vulnerabilities Marc Deslauriers (Mar 19)
[USN-726-1] curl vulnerability Marc Deslauriers (Mar 03)
[USN-733-1] evolution-data-server vulnerability Marc Deslauriers (Mar 17)
[USN-737-1] libsoup vulnerability Marc Deslauriers (Mar 17)
[USN-727-1] network-manager-applet vulnerabilities Marc Deslauriers (Mar 03)
[USN-734-1] FFmpeg vulnerabilities Marc Deslauriers (Mar 17)
[USN-747-1] ICU vulnerability Marc Deslauriers (Mar 27)
[USN-732-1] dash vulnerability Marc Deslauriers (Mar 10)
[USN-739-1] Amarok vulnerabilities Marc Deslauriers (Mar 17)
[USN-744-1] LittleCMS vulnerabilities Marc Deslauriers (Mar 23)
[USN-727-2] NetworkManager vulnerability Marc Deslauriers (Mar 03)
[USN-735-1] GStreamer Base Plugins vulnerability Marc Deslauriers (Mar 17)
[USN-736-1] GStreamer Good Plugins vulnerabilities Marc Deslauriers (Mar 17)
[USN-731-1] Apache vulnerabilities Marc Deslauriers (Mar 10)
Mark Thomas
[SECURITY] CVE-2009-0781 XSS in Apache Tomcat examples web application Mark Thomas (Mar 06)
maroc-anti-connexion
rosoft media player local BOF exploit multi tagets maroc-anti-connexion (Mar 16)
Martin Huter
ICAP adaptation: missing data flow control to client side Martin Huter (Mar 27)
Matthew Dempsky
Re: djbdns misformats some long response packets; patch and example attack Matthew Dempsky (Mar 05)
Re: Adobe Flash Player plug-in null pointer dereference and browser crash Matthew Dempsky (Mar 11)
Re: djbdns misformats some long response packets; patch and example attack Matthew Dempsky (Mar 02)
mcyr2
Addonics NAS Adapter Post-Auth DoS mcyr2 (Mar 10)
Moritz Muehlenhoff
[SECURITY] [DSA 1758-1] New nss-ldapd packages fix information disclosure Moritz Muehlenhoff (Mar 31)
[SECURITY] [DSA 1751-1] New xulrunner packages fix several vulnerabilities Moritz Muehlenhoff (Mar 23)
[SECURITY] [DSA 1753-1] End-of-life announcement for Iceweasel in oldstable Moritz Muehlenhoff (Mar 24)
[SECURITY] [DSA 1755-1] New systemtap packages fix local privilege escalation Moritz Muehlenhoff (Mar 25)
[SECURITY] [DSA 1741-1] New psi packages fix denial of service Moritz Muehlenhoff (Mar 16)
mr . faghani
Aryanic HighCMS and HighPortal multiple Vulnerabilities mr . faghani (Mar 10)
YEKTA WEB Academic Web Tools CMS Multiple XSS mr . faghani (Mar 02)
MustLive
Re: Nokia N95-8 browser denial of service MustLive (Mar 02)
Nico Golde
[SECURITY] [DSA 1742-1] New libsnd packages fix arbitrary code execution Nico Golde (Mar 16)
[SECURITY] [DSA 1738-1] New curl packages fix arbitrary file access Nico Golde (Mar 11)
[SECURITY] [DSA 1744-1] New weechat packages fix denial of service Nico Golde (Mar 18)
Noah Meyerhans
[SECURITY] [DSA 1756-1] New xulrunner packages fix multiple vulnerabilities Noah Meyerhans (Mar 30)
nospam
Bs.Player <= 2.34 Build 980 (.bsl) local buffer overflow 0day exploit (seh) nospam (Mar 20)
PHPizabi v0.848b C1 HFP1 proc.inc.php remote privilege escalation (php.ini independent) nospam (Mar 24)
SupportSoft DNA Editor Module (dnaedit.dll v6.9.2205) remote code execution exploit (IE6/7) nospam (Mar 05)
glFusion <= 1.1.2 COM_applyFilter()/order sql injection exploit nospam (Mar 30)
GeoVision LiveAudio ActiveX Control GetAudioPlayingTime() remote freed-memory access exploit nospam (Mar 13)
CDex v1.70b2 (.ogg) local buffer overflow exploit poc nospam (Mar 18)
Ofer Shezaf
Weekly Web Hacking Incidents update for Feb 25th Ofer Shezaf (Mar 02)
Paul Wouters
CVE-2009-0790: ISAKMP DPD Remote Vulnerability with Openswan & Strongswan IPsec Paul Wouters (Mar 30)
Re: [ GLSA 200903-18 ] Openswan: Insecure temporary file creation Paul Wouters (Mar 09)
Pierre-Yves Rofes
[ GLSA 200903-27 ] ProFTPD: Multiple vulnerabilities Pierre-Yves Rofes (Mar 13)
[ GLSA 200903-32 ] phpMyAdmin: Multiple vulnerabilities Pierre-Yves Rofes (Mar 19)
[ GLSA 200903-37 ] Ghostscript: User-assisted execution of arbitrary code Pierre-Yves Rofes (Mar 24)
[ GLSA 200903-40 ] Analog: Denial of Service Pierre-Yves Rofes (Mar 30)
[ GLSA 200903-41 ] gedit: Untrusted search path Pierre-Yves Rofes (Mar 31)
[ GLSA 200903-31 ] libcdaudio: User-assisted execution of arbitrary code Pierre-Yves Rofes (Mar 17)
[ GLSA 200903-01 ] Vinagre: User-assisted execution of arbitrary code Pierre-Yves Rofes (Mar 06)
[ GLSA 200903-28 ] libpng: Multiple vulnerabilities Pierre-Yves Rofes (Mar 16)
[ GLSA 200903-38 ] Squid: Multiple Denial of Service vulnerabilities Pierre-Yves Rofes (Mar 25)
[ GLSA 200903-29 ] BlueZ: Arbitrary code execution Pierre-Yves Rofes (Mar 17)
[ GLSA 200903-36 ] MLDonkey: Information disclosure Pierre-Yves Rofes (Mar 24)
[ GLSA 200903-35 ] Muttprint: Insecure temporary file usage Pierre-Yves Rofes (Mar 24)
[ GLSA 200903-33 ] FFmpeg: Multiple vulnerabilities Pierre-Yves Rofes (Mar 20)
[ GLSA 200903-39 ] pam_krb5: Privilege escalation Pierre-Yves Rofes (Mar 26)
[ GLSA 200903-23 ] Adobe Flash Player: Multiple vulnerabilities Pierre-Yves Rofes (Mar 11)
[ GLSA 200903-25 ] Courier Authentication Library: SQL Injection vulnerability Pierre-Yves Rofes (Mar 12)
[ GLSA 200903-24 ] Shadow: Privilege escalation Pierre-Yves Rofes (Mar 11)
[ GLSA 200903-10 ] Irrlicht: User-assisted execution of arbitrary code Pierre-Yves Rofes (Mar 09)
Positron Security
Positron Security Advisory #2009-000: Multiple Vulnerabilities in MapServer v5.2.1 and v4.10.3 Positron Security (Mar 30)
rahimeh . khodadadi
reporting CVE rahimeh . khodadadi (Mar 16)
r_haudenschilt
Re: Family Connections 1.8.1 Multiple Remote Vulnerabilities r_haudenschilt (Mar 31)
rizki . wicaksono
CPANEL File Manager XSS Vulnerability rizki . wicaksono (Mar 17)
robert
Paper: Socket Capable Browser Plugins Result In Transparent Proxy Abuse robert (Mar 10)
Robert Buchholz
[ GLSA 200903-22 ] Ganglia: Execution of arbitrary code Robert Buchholz (Mar 10)
[ GLSA 200903-07 ] Samba: Data disclosure Robert Buchholz (Mar 09)
[ GLSA 200903-12 ] OptiPNG: User-assisted execution of arbitrary code Robert Buchholz (Mar 09)
[ GLSA 200903-14 ] BIND: Incorrect signature verification Robert Buchholz (Mar 09)
Re: [ GLSA 200903-18 ] Openswan: Insecure temporary file creation Robert Buchholz (Mar 10)
[ GLSA 200903-16 ] Epiphany: Untrusted search path Robert Buchholz (Mar 09)
[ GLSA 200903-17 ] Real VNC: User-assisted execution of arbitrary code Robert Buchholz (Mar 09)
[ GLSA 200903-05 ] PDFjam: Multiple vulnerabilities Robert Buchholz (Mar 09)
[ GLSA 200903-19 ] Xerces-C++: Denial of Service Robert Buchholz (Mar 09)
[ GLSA 200903-08 ] gEDA: Insecure temporary file creation Robert Buchholz (Mar 09)
[ GLSA 200903-06 ] nfs-utils: Access restriction bypass Robert Buchholz (Mar 09)
[ GLSA 200903-11 ] PyCrypto: Execution of arbitrary code Robert Buchholz (Mar 09)
[ GLSA 200903-09 ] OpenTTD: Execution of arbitrary code Robert Buchholz (Mar 09)
[ GLSA 200903-20 ] WebSVN: Multiple vulnerabilities Robert Buchholz (Mar 09)
[ GLSA 200903-15 ] git: Multiple vulnerabilties Robert Buchholz (Mar 09)
[ GLSA 200903-18 ] Openswan: Insecure temporary file creation Robert Buchholz (Mar 09)
[ GLSA 200903-13 ] MPFR: Denial of Service Robert Buchholz (Mar 09)
[ GLSA 200903-26 ] TMSNC: Execution of arbitrary code Robert Buchholz (Mar 12)
Roberto Muñoz Fernandez
Re: [Full-disclosure] Zabbix 1.6.2 Frontend Multiple Vulnerabilities Roberto Muñoz Fernandez (Mar 06)
rPath Update Announcements
rPSA-2009-0050-1 ghostscript rPath Update Announcements (Mar 19)
rPSA-2009-0040-1 tshark wireshark rPath Update Announcements (Mar 13)
rPSA-2009-0046-1 libpng rPath Update Announcements (Mar 13)
rPSA-2009-0042-1 curl rPath Update Announcements (Mar 13)
rPSA-2009-0035-1 php php-cgi php-imap php-mcrypt php-mysql php-mysqli php-pgsql php-soap php-xsl php5 php5-cgi php5-imap php5-mcrypt php5-mysql php5-mysqli php5-pear php5-pgsql php5-soap php5-xsl rPath Update Announcements (Mar 02)
rPSA-2009-0045-1 glib rPath Update Announcements (Mar 13)
rPSA-2009-0041-1 dhclient dhcp libdhcp4client rPath Update Announcements (Mar 13)
Salvatore "drosophila" Fresta
Wili-CMS 0.4.0 Multiple Vulnerabilities (Remote/Local File Inclusion - Authentication Bypass) Salvatore "drosophila" Fresta (Mar 06)
BlogMan 0.45 Multiple Vulnerabilities Salvatore "drosophila" Fresta (Mar 02)
EZ-Blog Beta 1 Multiple SQL Injection Salvatore "drosophila" Fresta (Mar 02)
BlindBlog 1.3.1 Multiple Vulnerabilities (SQL Inj - Auth Bypass - LFI) Salvatore "drosophila" Fresta (Mar 03)
nForum 1.5 Multiple SQL Injection Salvatore "drosophila" Fresta (Mar 06)
phpCommunity 2 2.1.8 Multiple Vulnerabilities (SQL Injection / Directory Traversal / XSS) Salvatore "drosophila" Fresta (Mar 09)
WARNING - CORRECT: BlindBlog 1.3.1 Multiple Vulnerabilities (SQL Inj - Auth Bypass - LFI) Salvatore "drosophila" Fresta (Mar 03)
CelerBB 0.0.2 Multiple Vulnerabilities Salvatore "drosophila" Fresta (Mar 05)
Community CMS 0.5 Multiple SQL Injection Vulnerabilities Salvatore "drosophila" Fresta (Mar 30)
RitsBlog 0.4.2 (Authentication Bypass) SQL Injection Vulnerability / XSS Persistent Vulnerability Salvatore "drosophila" Fresta (Mar 02)
webEdition 6.0.0.4 Local File Inclusion Salvatore "drosophila" Fresta (Mar 31)
Family Connections 1.8.1 Multiple Remote Vulnerabilities Salvatore "drosophila" Fresta (Mar 30)
secresearch () fortinet com
Apple iTunes DAAP Messages Handling Denial of Service Vulnerability secresearch () fortinet com (Mar 13)
Secunia Research
Secunia Research: Winamp CAF Processing Integer Overflow Vulnerability Secunia Research (Mar 03)
Secunia Research: libsndfile CAF Processing Integer Overflow Vulnerability Secunia Research (Mar 03)
Secunia Research: Adobe Reader JBIG2 Symbol Dictionary Buffer Overflow Secunia Research (Mar 25)
Secunia Research: Foxit Reader JBIG2 Symbol Dictionary Processing Vulnerability Secunia Research (Mar 09)
security
[ MDVSA-2009:077 ] pam security (Mar 23)
[ MDVSA-2009:081 ] libsoup security (Mar 30)
[ MDVSA-2009:079 ] postgresql security (Mar 23)
[ MDVSA-2009:066 ] php security (Mar 05)
[ MDVSA-2009:065 ] php4 security (Mar 05)
[ MDVSA-2009:074 ] libneon0.27 security (Mar 12)
[ MDVSA-2009:064 ] imap security (Mar 03)
[ MDVSA-2009:062 ] shadow-utils security (Mar 02)
[ MDVSA-2009:078 ] evolution-data-server security (Mar 23)
[ MDVSA-2009:073 ] sarg security (Mar 12)
[ MDVSA-2009:068-1 ] poppler security (Mar 09)
[ MDVSA-2009:075 ] firefox security (Mar 13)
[ MDVSA-2009:072 ] perl-MDK-Common security (Mar 12)
[ MDVSA-2009:076 ] avahi security (Mar 16)
[ MDVSA-2009:071 ] kernel security (Mar 10)
[ MDVSA-2009:082 ] krb5 security (Mar 30)
[ MDVSA-2009:070 ] openoffice.org security (Mar 10)
[ MDVSA-2009:063 ] eog security (Mar 03)
[ MDVSA-2009:080 ] glib2.0 security (Mar 27)
[ MDVSA-2009:067 ] libsndfile security (Mar 06)
[ MDVSA-2009:068 ] poppler security (Mar 06)
[ MDVSA-2009:069 ] curl security (Mar 09)
[ MDVSA-2009:060-1 ] nfs-utils security (Mar 20)
security . 432
Re: Re: Local vulnerability in suexec + FastCGI + PHP configurations security . 432 (Mar 02)
security-alert
[security bulletin] HPSBUX02401 SSRT090005 rev.3 - HP-UX Running Apache Web Server Suite, Remote Denial of Service (DoS), Cross-site Scripting (XSS), Execution of Arbitrary Code, Cross-Site Request Forgery (CSRF) security-alert (Mar 02)
[security bulletin] HPSBMA02416 SSRT090008 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code security-alert (Mar 24)
[security bulletin] HPSBMA02412 SSRT080040 rev.1 - WMI Mapper for HP Systems Insight Manager Running on Windows, Remote Unauthorized Access to Data, Local Unauthorized Access security-alert (Mar 11)
[security bulletin] HPSBMA02413 SSRT080040 rev.1 - HP WMI Mapper for Windows Server 2003 and Windows Server 2008 for Itanium-based Servers, Remote Unauthorized Access to Data, Local Unauthorized Access security-alert (Mar 12)
[security bulletin] HPSBUX02411 SSRT080111 rev.1 - HP-UX Running Java, Remote Execution of Arbitrary Code and Other Vulnerabilities security-alert (Mar 11)
[security bulletin] HPSBUX02409 SSRT080171 rev.1 - HP-UX Running VERITAS File System (VRTSvxfs) or VERITAS Oracle Disk Manager (VRTSodm), Local Escalation of Privilege security-alert (Mar 24)
[security bulletin] HPSBMA02416 SSRT090008 rev.2 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code security-alert (Mar 31)
[security bulletin] HPSBMA02338 SSRT080024, SSRT080041 rev.3 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code, Denial of Service (DoS) security-alert (Mar 20)
security . assurance
Sitecore .NET 5.3.x - web service information disclosure security . assurance (Mar 18)
sosoblood
Re: Sun Java System Communications Express [HTML Injection] sosoblood (Mar 12)
Sun Java System Communications Express [HTML Injection] sosoblood (Mar 11)
Steffen Joeris
[SECURITY] [DSA 1740-1] New yaws packages fix denial of service Steffen Joeris (Mar 16)
[SECURITY] [DSA 1731-1] New ndiswrapper packages fix arbitrary code execution vulnerability Steffen Joeris (Mar 02)
[SECURITY] [DSA 1748-1] New libsoup packages fix arbitrary code execution Steffen Joeris (Mar 20)
[SECURITY] [DSA 1743-1] New libtk-img packages fix arbitrary code execution Steffen Joeris (Mar 17)
[SECURITY] [DSA 1745-1] New lcms packages fix arbitrary code execution Steffen Joeris (Mar 20)
[SECURITY] [DSA 1745-2] New lcms packages fix regression Steffen Joeris (Mar 25)
[SECURITY] [DSA 1759-1] New strongswan packages fix denial of service Steffen Joeris (Mar 31)
[SECURITY] [DSA 1737-1] New wesnoth packages fix several vulnerabilities Steffen Joeris (Mar 12)
[SECURITY] [DSA 1760-1] New openswan packages fix denial of service Steffen Joeris (Mar 31)
[SECURITY] [DSA 1730-1] New proftpd-dfsg packages fix SQL injection vulnerabilites Steffen Joeris (Mar 02)
[SECURITY] [DSA 1736-1] New mahara packages fix cross-site scripting Steffen Joeris (Mar 11)
[SECURITY] [DSA 1747-1] New glib2.0 packages fix arbitrary code execution Steffen Joeris (Mar 20)
[SECURITY] [DSA 1732-1] New squid3 packages fix denial of service Steffen Joeris (Mar 03)
[SECURITY] [DSA 1757-1] New auth2db packages fix SQL injection Steffen Joeris (Mar 30)
[SECURITY] [DSA 1746-1] New ghostscript packages fix arbitrary code execution Steffen Joeris (Mar 20)
[SECURITY] [DSA 1729-1] New gst-plugins-bad0.10 packages fix multiple vulnerabilities Steffen Joeris (Mar 02)
[SECURITY] [DSA 1733-1] New vim packages fix multiple vulnerabilities Steffen Joeris (Mar 03)
Steven M. Christey
iDefense COMRaider, ActiveX controls, and browser configuration Steven M. Christey (Mar 05)
swhite
Infopop UBB.Threads Admin Credentials via SQL Injection swhite (Mar 13)
The Dark Tangent
DEFCON CTF Submissions are in, DC-16 video online! The Dark Tangent (Mar 06)
tiha
Re: [ECHO_ADV_103$2009] taifajobs <= 1.0 (jobid) Remote SQL Injection Vulnerability tiha (Mar 31)
Tobias Heinlein
[ GLSA 200903-02 ] ZNC: Privilege escalation Tobias Heinlein (Mar 09)
[ GLSA 200903-04 ] DevIL: User-assisted execution of arbitrary code Tobias Heinlein (Mar 09)
[ GLSA 200903-03 ] Audacity: User-assisted execution of arbitrary code Tobias Heinlein (Mar 09)
[ GLSA 200903-34 ] Amarok: User-assisted execution of arbitrary code Tobias Heinlein (Mar 20)
[ GLSA 200903-21 ] cURL: Arbitrary file access Tobias Heinlein (Mar 09)
[ GLSA 200903-30 ] Opera: Multiple vulnerabilities Tobias Heinlein (Mar 17)
uCon Security Conference
Slides from uCon Security Conference 2009 available online uCon Security Conference (Mar 19)
Valery Marchuk
[Suspected Spam][PT-2009-11] SlySoft Multiple Products ElbyCDIO.sys Denial of Service Valery Marchuk (Mar 12)
[Positive Technologies SA 2009-09] Trend Micro Internet Security Pro 2009 tmactmon.sys Priviliege Escalation Vulnerabilities Valery Marchuk (Mar 31)
Vladimir '3APA3A' Dubrovin
Re: iDefense COMRaider, ActiveX controls, and browser configuration Vladimir '3APA3A' Dubrovin (Mar 06)
Re[2]: Secunia Research: Adobe Reader JBIG2 Symbol Dictionary Buffer Overflow Vladimir '3APA3A' Dubrovin (Mar 25)
vuln
[ECHO_ADV_106$2009] FireAnt <= 1.3 Critical File Disclosure Vulnerability vuln (Mar 17)
[ECHO_ADV_104$2009] WeBid <= 0.7.3 RC9 Multiple Remote File Inclution Vulnerabilities vuln (Mar 10)
[ECHO_ADV_107$2009] FubarForum <= 1.6 Critical File Disclosure Vulnerability vuln (Mar 17)
[ECHO_ADV_108$2009] JobHut <= 1.2 (pk) Remote Sql Injection Vulnerability vuln (Mar 31)
[ECHO_ADV_105$2009] chaozzDB <= 1.2 Critical File Disclosure Vulnerability vuln (Mar 17)
Will Drewry
[oCERT-2008-015] glib and glib-predecessor heap overflows Will Drewry (Mar 12)
ZDI Disclosures
ZDI-09-015: Mozilla Firefox XUL _moveToEdgeShift() Memory Corruption Vulnerability ZDI Disclosures (Mar 31)
ZDI-09-014: Adobe Acrobat getIcon() Stack Overflow Vulnerability ZDI Disclosures (Mar 24)
ZDI-09-013: Mozilla Firefox XUL Linked Clones Double Free Vulnerability ZDI Disclosures (Mar 05)