Bugtraq: by author

• RSS Feed
• About List
• All Lists

Previous period

Next period

236 messages starting Feb 02 10 and ending Feb 09 10
Date index | Thread index | Author index

admin

Tinypug Multiple Vulnerabilities admin (Feb 02)
SphereCMS Blind SQL Injection Vulnerability admin (Feb 18)

Adrian P.

Re: Chuck Norris Botnet and Broadband Routers Adrian P. (Feb 23)

Akita Software Security

getPlus insufficient domain name validation vulnerability Akita Software Security (Feb 26)

Alexandr Polyakov

[DSECRG-09-065] TVUPlayer PlayerOcx.ocx ActiveX - Insecure method Alexandr Polyakov (Feb 08)
[DSECRG-09-011] HP StorageWorks 1_8 G2 Tape Autoloader - privilege escalation DOS Alexandr Polyakov (Feb 03)
[DSECRG-09-039] Symantec Antivirus 10.0 ActiveX - buffer Overflow. Alexandr Polyakov (Feb 23)

Alex Roichman

Cross-Site History Manipulation (XSHM) Alex Roichman (Feb 01)

Amit Klein

RE: Trusteer Rapport Security Circumvention Amit Klein (Feb 18)

Ansgar Wiechers

Re: Circumventing Critical Security in Windows XP Ansgar Wiechers (Feb 19)

Arash . Setayeshi

LDF (Default.asp) Sql Injection Vulnerability Arash . Setayeshi (Feb 08)

Arian J. Evans

Re: [WEB SECURITY] Trustwave's SpiderLabs Security Advisory TWSL2010-001 Arian J. Evans (Feb 10)
Re: [Webappsec] Paper: Weaning the Web off of Session Cookies Arian J. Evans (Feb 01)

Asterisk Security Team

AST-2010-001: T.38 Remote Crash Vulnerability Asterisk Security Team (Feb 03)
AST-2010-002: Dialplan injection vulnerability Asterisk Security Team (Feb 19)
AST-2010-003: Invalid parsing of ACL rules can compromise security Asterisk Security Team (Feb 26)

barkley

Circumventing Critical Security in Windows XP barkley (Feb 18)
Trusteer Rapport Security Circumvention barkley (Feb 16)

beenudel1986

cmsmadesimple Multiple Security Issues : XSS+ LFI beenudel1986 (Feb 12)
Multiple Stored XSS in XOOPS 2.4.4 Admin Section beenudel1986 (Feb 16)

ben

OpenCart CSRF Vulnerability ben (Feb 02)

bill . robson

e-Sentinel Security Advisory - Ref: Session Hijacking iPhone Facebook Application ver 3.1.2 bill . robson (Feb 12)

Brett Moore

Insomnia : ISVA-100216.1 - Windows URL Handling Vulnerability Brett Moore (Feb 16)

Christopher Kruegel

ACM CCS 2010: Call for Workshop Proposals Christopher Kruegel (Feb 09)

Chris Travers

Re: [Webappsec] Paper: Weaning the Web off of Session Cookies Chris Travers (Feb 01)

Chris Weber

(resend) RE: [WEB SECURITY] Trustwave's SpiderLabs Security Advisory TWSL2010-001 Chris Weber (Feb 12)

Cisco Systems Product Security Incident Response Team

Cisco Security Advisory: Multiple Vulnerabilities in Cisco IronPort Encryption Appliance Cisco Systems Product Security Incident Response Team (Feb 10)
Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances Cisco Systems Product Security Incident Response Team (Feb 18)
Cisco Security Advisory: Cisco Firewall Services Module Skinny Client Control Protocol Inspection Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Feb 18)
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Security Agent Cisco Systems Product Security Incident Response Team (Feb 18)

CodeScan Labs Advisories

jQuery Validate 1.6.0 Demo Code Advisory CodeScan Labs Advisories (Feb 23)

CORE Security Technologies Advisories

[CORE-2010-0121] Multiple Vulnerabilities with 8.3 Filename Pseudonyms in Web Servers CORE Security Technologies Advisories (Feb 08)
CORE-2010-0104 - LANDesk OS command injection CORE Security Technologies Advisories (Feb 05)
[CORE-2009-1126] Corel Paint Shop Pro Photo X2 FPX Heap Overflow CORE Security Technologies Advisories (Feb 01)
CORE-2009-0827: Microsoft Office Excel / Word OfficeArtSpgr Container Pointer Overwrite Vulnerability CORE Security Technologies Advisories (Feb 09)
[CORE-2010-0106] Cisco Secure Desktop XSS/JavaScript Injection Core Security Technologies Advisories (Feb 01)
CORE-2009-0625: Internet Explorer Dynamic OBJECT tag and URLMON sniffing vulnerabilities Core Security Technologies Advisories (Feb 03)

cryptopath

iPhone certificate flaws cryptopath (Feb 01)

Damien Miller

Advisory: jBCrypt < 0.3 character encoding vulnerability Damien Miller (Feb 01)

Dan Kaminsky

Re: Samba Remote Zero-Day Exploit Dan Kaminsky (Feb 08)
Re: Samba Remote Zero-Day Exploit Dan Kaminsky (Feb 08)

dann frazier

[SECURITY] [DSA 2003-1] New Linux 2.6.18 packages fix several vulnerabilities dann frazier (Feb 23)
[SECURITY] [DSA-1996-1] New Linux 2.6.26 packages fix several vulnerabilities dann frazier (Feb 16)

david

[MajorSecurity Advisory #64]Apple Safari 4.0.4 Denial of Service david (Feb 04)
[MajorSecurity Advisory #65]Motorola Milestone Smartphone Denial of Service david (Feb 08)

David Byrne

RE: [WEB SECURITY] Trustwave's SpiderLabs Security Advisory TWSL2010-001 David Byrne (Feb 23)
RE: Trustwave's SpiderLabs Security Advisory TWSL2010-001 David Byrne (Feb 11)
RE: Trustwave's SpiderLabs Security Advisory TWSL2010-001 David Byrne (Feb 16)

david . durham

Re: [Onapsis Security Advisory 2010-004] SAP J2EE Authentication Phishing Vector david . durham (Feb 19)

David Jacoby

RE: Samba Remote Zero-Day Exploit David Jacoby (Feb 09)

Fernando Gont

Request for feedback on TCP security (IETF effort) Fernando Gont (Feb 23)

Florian Weimer

[SECURITY] [DSA-1990-1] New trac-git packages fix code execution Florian Weimer (Feb 04)

Francis Provencher

{PRL} Xerox Workcenter 4150 Remote Buffer Overflow Francis Provencher (Feb 01)

Gadi Evron

Chuck Norris Botnet and Broadband Routers Gadi Evron (Feb 23)

Giuseppe Iuculano

[SECURITY] [DSA 1985-1] New sendmail packages fix SSL certificate verification weakness Giuseppe Iuculano (Feb 01)
[SECURITY] [DSA-1988-1] New qt4-x11 packages fix several vulnerabilities Giuseppe Iuculano (Feb 03)
[SECURITY] [DSA 1984-1] New libxerces2-java packages fix denial of service Giuseppe Iuculano (Feb 01)
[SECURITY] [DSA-1989-1] New fuse packages fix denial of service Giuseppe Iuculano (Feb 03)
[SECURITY] [DSA-1997-1] New mysql-dfsg-5.0 packages fix several vulnerabilities Giuseppe Iuculano (Feb 16)

Hafez Kamal

#HITB - Special Report: HITB2009 CTF Weapons of Mass Destruction Hafez Kamal (Feb 09)

Hernan Ochoa

Windows SMB NTLM Authentication Weak Nonce Vulnerability Hernan Ochoa (Feb 10)

Hugo Fortier

Recon Call for Papers - July 9-11 2010 Hugo Fortier (Feb 05)

iDefense Labs

iDefense Security Advisory 02.09.10: Microsoft PowerPoint OEPlaceholderAtom Invalid Array Indexing Vulnerability iDefense Labs (Feb 12)
iDefense Security Advisory 02.01.10: RealNetworks RealPlayer CMediumBlockAllocator Integer Overflow Vulnerability iDefense Labs (Feb 01)
iDefense Security Advisory 02.09.10: Microsoft PowerPoint LinkedSlideAtom Heap Overflow Vulnerability iDefense Labs (Feb 12)
iDefense Security Advisory 02.01.10: Real Networks RealPlayer Compressed GIF Handling Integer Overflow iDefense Labs (Feb 01)
iDefense Security Advisory 02.23.10: Multiple Vendor NOS Microsystems getPlus Downloader Input Validation Vulnerability iDefense Labs (Feb 24)
iDefense Security Advisory 02.01.10: RealNetworks RealPlayer 11 HTTP Chunked Encoding Integer Overflow Vulnerability iDefense Labs (Feb 01)
iDefense Security Advisory 02.09.10: Microsoft PowerPoint OEPlaceholderAtom Use-After-Free Vulnerability iDefense Labs (Feb 12)

info

eWebeditor ASP Version Multiple Vulnerabilities info (Feb 01)
Re: Re: Joomla (Jw_allVideos) Remote File Download Vulnerability info (Feb 18)
RaakCms Multiple Vulnerabilities info (Feb 01)
Pixel Portal Sql Injection Vulnerability info (Feb 18)
Joomla (Jw_allVideos) Remote File Download Vulnerability info (Feb 16)
Official Portal 2007 Multiple Vulnerabilities info (Feb 23)
mongoose Space Character Remote File Disclosure Vulnerability info (Feb 08)
Tavanmand Portal (fckeditor) Remote Arbitrary File Upload Vulnerability info (Feb 01)
IE address bar characters into a small feature info (Feb 16)

Ivan Buetler

RE: [WEB SECURITY] Trustwave's SpiderLabs Security Advisory TWSL2010-001 Ivan Buetler (Feb 18)

ivan . markovic

Huawei HG510 CSRF, Auth Bypass, DoS ivan . markovic (Feb 16)

Jamie Strandboge

[USN-890-5] XML-RPC for C and C++ vulnerabilities Jamie Strandboge (Feb 19)
[USN-895-1] Firefox 3.0 and Xulrunner 1.9 vulnerabilities Jamie Strandboge (Feb 18)
[USN-896-1] Firefox 3.5 and Xulrunner 1.9.1 vulnerabilities Jamie Strandboge (Feb 18)

Jeroen

Re: Circumventing Critical Security in Windows XP Jeroen (Feb 23)

jonbutler88

Easy FTP Server 1.7.0.2 Remote BoF jonbutler88 (Feb 23)

karakorsankara

[Hellcode Research]: AOL 9.5 File Parsing Buffer Overflow Vulnerability karakorsankara (Feb 03)

Kingcope

Re: Samba Remote Zero-Day Exploit Kingcope (Feb 08)
Re: Samba Remote Zero-Day Exploit Kingcope (Feb 05)
Samba Remote Zero-Day Exploit Kingcope (Feb 05)

Kotas, Kevin J

CA20100222-01: Security Notice for CA Service Desk Kotas, Kevin J (Feb 23)
CA20100223-01: Security Notice for CA eHealth Performance Manager Kotas, Kevin J (Feb 23)

Krzysztof Halasa

Re: [Full-disclosure] Samba Remote Zero-Day Exploit Krzysztof Halasa (Feb 09)

lafrancevi

Re: Joomla (Jw_allVideos) Remote File Download Vulnerability lafrancevi (Feb 16)

lars

Re: Enomaly ECP: Multiple vulnerabilities in VMcasting protocol & implementation. lars (Feb 18)

Maciej Gojny

SQL injection vulnerability in Amelia CMS Maciej Gojny (Feb 19)
SQL injection vulnerability in WebAdministrator Lite CMS Maciej Gojny (Feb 25)
Pogodny CMS SQL vulnerabilities Maciej Gojny (Feb 16)
SQL injection vulnerability in apemCMS Maciej Gojny (Feb 12)

Major Malfunction

London DEFCON February meet - DC4420 - Wed 24th Feb 2010 Major Malfunction (Feb 23)

Marc Deslauriers

[USN-900-1] Ruby vulnerabilities Marc Deslauriers (Feb 16)
[USN-899-1] Tomcat vulnerabilities Marc Deslauriers (Feb 11)
[USN-898-1] gnome-screensaver vulnerability Marc Deslauriers (Feb 10)
[USN-902-1] Pidgin vulnerabilities Marc Deslauriers (Feb 23)
[USN-904-1] Squid vulnerability Marc Deslauriers (Feb 24)
[USN-901-1] Squid vulnerabilities Marc Deslauriers (Feb 16)
[USN-897-1] MySQL vulnerabilities Marc Deslauriers (Feb 10)

Martin Barbella

XSS vulnerability in Drupal's MP3 Player contributed module (version 6.x-1.0-beta1) Martin Barbella (Feb 01)
Information disclosure vulnerability in Drupal's Realname User Reference Widget contributed module (version 6.x-1.0) Martin Barbella (Feb 16)

Matthias -apoc- Hecker

Rbot Owner Reaction Command Execution Matthias -apoc- Hecker (Feb 24)
JDownloader Remote Code Execution Matthias -apoc- Hecker (Feb 08)

md . r00t . defacer

Joomla (com_gambling) SQL Injection Vulnerabilities md . r00t . defacer (Feb 01)

Michael Wojcik

RE: Samba Remote Zero-Day Exploit Michael Wojcik (Feb 08)
RE: Samba Remote Zero-Day Exploit Michael Wojcik (Feb 09)

Michal Zalewski

Re: Cross-Site History Manipulation (XSHM) Michal Zalewski (Feb 01)

mkanat

Security Advisory for Bugzilla 3.0.10, 3.2.5, 3.4.4, and 3.5.2 mkanat (Feb 01)

m . mahdjoub

[Hacking Event] Night Da Hack 2010 : Call For Proposals m . mahdjoub (Feb 08)

Moritz Muehlenhoff

[SECURITY] [DSA 1983-1] New Wireshark packages fix several vulnerabilities Moritz Muehlenhoff (Feb 01)
[SECURITY] [DSA 2000-1] New ffmpeg packages fix several vulnerabilities Moritz Muehlenhoff (Feb 19)
[SECURITY] [DSA 1998-1] New kdelibs packages fix arbitrary code execution Moritz Muehlenhoff (Feb 18)
[SECURITY] [DSA 1999-1] New xulrunner packages fix several vulnerabilities Moritz Muehlenhoff (Feb 18)

MustLive

[Suspected Spam]Vulnerability in Tagcloud for DataLife Engine MustLive (Feb 08)
Re: Multiple vulnerabilities in XAMPP (advisory #7) MustLive (Feb 08)
Re: Multiple vulnerabilities in XAMPP (advisory #7) MustLive (Feb 04)

Nicob

Kojoney (SSH honeypot) remote DoS Nicob (Feb 23)

Nico Golde

[SECURITY] [DSA 1987-1] New lighttpd packages fix denial of service Nico Golde (Feb 02)
[SECURITY] [DSA 1992-1] New chrony packages fix denial of service Nico Golde (Feb 04)

noreply

JAHx101 - Huski retail mulitple SQL injection vulnerabilities noreply (Feb 05)
JAHx102 - HuskiCMS local file inclusion noreply (Feb 05)

NSO Research

NSOADV-2010-003: DATEV ActiveX Control remote command execution NSO Research (Feb 25)

Ofer Maor

Hacktics Advisory Feb10: Persistent XSS in Microsoft SharePoint Portal Ofer Maor (Feb 23)
Hacktics Advisory Feb09: XSS in Oracle E-Business Suite Ofer Maor (Feb 09)
Hacktics Advisory Feb10: XSS in IBM WebSphere Portal & Lotus WCM Ofer Maor (Feb 25)

Onapsis Research Labs

[Onapsis Security Advisory 2010-004] SAP J2EE Authentication Phishing Vector Onapsis Research Labs (Feb 11)
[Onapsis Security Advisory 2010-002] SAP J2EE Engine MDB Path Traversal Onapsis Research Labs (Feb 11)
[Onapsis Security Advisory 2010-003] SAP WebDynpro Runtime XSS/CSS Injection Onapsis Research Labs (Feb 11)

Paul Craig

ChemViewX v1.9.5 ActiveX Control Mutliple Stack Overflows Paul Craig (Feb 12)

paul . szabo

Re: Samba Remote Zero-Day Exploit paul . szabo (Feb 08)
Re: Samba Remote Zero-Day Exploit paul . szabo (Feb 08)
Re: [Full-disclosure] Samba Remote Zero-Day Exploit paul . szabo (Feb 08)
Re: Samba Remote Zero-Day Exploit paul . szabo (Feb 08)
Re: Samba Remote Zero-Day Exploit paul . szabo (Feb 08)

Peter Van Eeckhoutte

CORELAN-10-008 - Multiple vulnerabilities found in evalmsi 2.1.03 Peter Van Eeckhoutte (Feb 05)

Philippe Mailinglist

[Suspected Spam]Hackito Ergo Sum 2010 - Call For Paper - HES2010 CFP Philippe Mailinglist (Feb 03)

qiqiguaiguai

360 Security Guard breg device drivers Privilege Escalation Vulnerabilitie qiqiguaiguai (Feb 02)

Raphael Geissert

[SECURITY] [DSA-2001-1] New php5 packages fix multiple vulnerabilities Raphael Geissert (Feb 19)
[SECURITY] [DSA 1994-1] New ajaxterm packages fix session hijacking Raphael Geissert (Feb 11)
[SECURITY] [DSA 1993-1] New otrs2 packages fix SQL injection Raphael Geissert (Feb 11)

research

Cross-Site Scriting on Portwise SSL VPN v4.6 research (Feb 18)

Ricardo Martins - Chief Security Officers

[CSO10002] Attachment path traversal in Outlook Web Access Ricardo Martins - Chief Security Officers (Feb 03)

Robbie Gill

Aruba Advisory ID: AID-020810 TLS Protocol Session Renegotiation Security Vulnerability Robbie Gill (Feb 09)

Roberto Suggi Liverani

Multiple Adobe Products - XML External Entity And XML Injection Vulnerabilities Roberto Suggi Liverani (Feb 23)

Rodrigo Rubira Branco (BSDaemon)

Remote Vulnerability in AIX RPC.cmsd released by iDefense Rodrigo Rubira Branco (BSDaemon) (Feb 02)

saintarmin

BugCon 2010 Call For Papers saintarmin (Feb 18)

sam . johnston

Enomaly ECP: Multiple vulnerabilities in VMcasting protocol & implementation. sam . johnston (Feb 16)

SEC Consult Research

SEC Consult SA-20100208-0 :: Backdoor and Vulnerabilities in Xerox WorkCentre Printers Web Interface SEC Consult Research (Feb 23)

Secunia Research

Secunia Research: Microsoft PowerPoint File Path Handling Buffer Overflow Secunia Research (Feb 09)
Secunia Research: Bournal ccrypt Information Disclosure Security Issue Secunia Research (Feb 23)
Secunia Research: libmikmod Module Parsing Vulnerabilities Secunia Research (Feb 05)
Secunia Research: Mozilla Firefox Memory Corruption Vulnerability Secunia Research (Feb 18)
Secunia Research: Bournal Insecure Temporary Files Security Issue Secunia Research (Feb 23)

security

[ MDVSA-2010:034 ] kernel security (Feb 08)
[ MDVSA-2010:038 ] maildrop security (Feb 16)
[ MDVSA-2010:041 ] pidgin security (Feb 18)
[ MDVSA-2010:040 ] gnome-screensaver security (Feb 18)
[ MDVSA-2010:046 ] ncpfs security (Feb 23)
[ MDVSA-2010:032 ] rootcerts security (Feb 04)
[ MDVSA-2010:035 ] openoffice.org security (Feb 11)
CORELAN-10-009 : Ipswitch IMAIL 11.01 multiple vulnerabilities (reversible encryption + weak ACL) Security (Feb 05)
[ MDVSA-2010:033 ] squid security (Feb 05)
[ MDVSA-2010:037 ] fetchmail security (Feb 16)
[ MDVSA-2010:045 ] php security (Feb 23)
[ MDVSA-2010:030 ] kernel security (Feb 01)
[ MDVSA-2010:042 ] firefox security (Feb 19)
[ MDVSA-2010:034-1 ] kernel security (Feb 18)
[ MDVSA-2010:044 ] mysql security (Feb 23)
[ MDVSA-2010:039 ] netpbm security (Feb 18)
[ MDVSA-2010:031 ] wireshark security (Feb 03)
[ MDVSA-2010:047 ] fuse security (Feb 23)
CORELAN-10-010 - GeFest Web HomeServer v1.0 Remote Directory Traversal Vulnerability Security (Feb 08)
[ MDVSA-2010:034-2 ] kernel security (Feb 18)
[ MDVSA-2010:050 ] apache-mod_security security (Feb 26)
[ MDVSA-2010:036 ] webmin security (Feb 16)
[ MDVSA-2010:048 ] roundcubemail security (Feb 25)
[ MDVSA-2010:043 ] libtheora security (Feb 23)
[ MDVSA-2010:049 ] sudo security (Feb 26)

Security_Alert

ESA-2010-003: EMC HomeBase Server Arbitrary File Upload Vulnerability Security_Alert (Feb 24)

security-alert

[security bulletin] HPSBUX02479 SSRT090212 rev.1 - HP-UX running HP CIFS Server (Samba), Remote Unauthorized Access security-alert (Feb 02)
[security bulletin] HPSBMA02486 SSRT090049 rev.2 - HP OpenView Network Node Manager (OV NNM) Java Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Execution of Arbitrary Code and Other Vulnerabilities security-alert (Feb 12)
[security bulletin] HPSBMA02488 SSRT100013 rev.1 - HP ProLiant Support Pack 8.30 for Windows, Remote Code Execution, Information Disclosure security-alert (Feb 11)
[security bulletin] HPSBMA02487 SSRT100024 rev.1 - HP Operations Agent Running on Solaris 10, Remote Unauthorized Access security-alert (Feb 08)
[security bulletin] HPSBUX02503 SSRT100019 rev.1 - HP-UX Running Java, Remote Increase in Privilege, Denial of Service and Other security-alert (Feb 08)
[security bulletin] HPSBMA02486 SSRT090049 rev.1 - HP OpenView Network Node Manager (OV NNM) Java Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Execution of Arbitrary Code and Other Vulnerabilities security-alert (Feb 10)
[security bulletin] HPSBUX02464 SSRT090210 rev.1 - HP Enterprise Cluster Master Toolkit (ECMT) running on HP-UX, Local security-alert (Feb 02)
[security bulletin] HPSBMA02504 SSRT090220 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Cross Site Scripting (XSS) security-alert (Feb 04)
[security bulletin] HPSBPI02507 SSRT100012 rev.2 - HP DreamScreen, Remote Disclosure of Information security-alert (Feb 11)
[security bulletin] HPSBOV02505 SSRT100023 rev.1 - HP OpenVMS RMS, Local Escalation of Privilege security-alert (Feb 03)
[security bulletin] HPSBMA02484 SSRT090076 rev.1 - HP Network Node Manager (NNM), Remote Execution of Arbitrary Commands security-alert (Feb 10)

Stefan Fritsch

[SECURITY] [DSA-1990-2] New trac-git package fixes regression Stefan Fritsch (Feb 04)
[SECURITY] [DSA-2002-1] New polipo packages fix denial of service Stefan Fritsch (Feb 19)

Stefan Kanthak

Re: Samba Remote Zero-Day Exploit Stefan Kanthak (Feb 08)
Re: Samba Remote Zero-Day Exploit Stefan Kanthak (Feb 08)
Re: Samba Remote Zero-Day Exploit Stefan Kanthak (Feb 09)

Steffen Joeris

[SECURITY] [DSA 1982-1] New hybserv packages fix denial of service Steffen Joeris (Feb 01)
[SECURITY] [DSA 1991-1] New squid/squid3 packages fix denial of service Steffen Joeris (Feb 04)
[SECURITY] [DSA 1986-1] New moodle packages fix several vulnerabilities Steffen Joeris (Feb 02)

stratsec Research

stratsec Security Advisory SS-2010-003 - Microsoft SMB Client Pool Overflow stratsec Research (Feb 10)

Support TEAM

SQL injection vulnerability in LiveChatNow Support TEAM (Feb 24)

systemx00

Kusaba X <= 0.9 XSS/CSRF vulnerabilities systemx00 (Feb 18)

Thierry Zoller

TLS/SSL Hardening & Compatibility Report 2010 Thierry Zoller (Feb 18)
Re: [Full-disclosure] Samba Remote Zero-Day Exploit Thierry Zoller (Feb 08)
Re: [Full-disclosure] Samba Remote Zero-Day Exploit Thierry Zoller (Feb 08)

Thijs Kinkhorst

[SECURITY] [DSA 1841-2] New git-core packages fix build failure Thijs Kinkhorst (Feb 01)

thomas () syscan org

SyScan'10 CALL FOR PAPERS thomas () syscan org (Feb 26)

Timothy D. Morgan

Re: [Webappsec] Paper: Weaning the Web off of Session Cookies Timothy D. Morgan (Feb 01)
Form-based HTTP Authentication Proof of Concept Timothy D. Morgan (Feb 25)
Re: [Webappsec] Paper: Weaning the Web off of Session Cookies Timothy D. Morgan (Feb 01)
Re: [Webappsec] Paper: Weaning the Web off of Session Cookies Timothy D. Morgan (Feb 01)
Re: [Webappsec] Paper: Weaning the Web off of Session Cookies Timothy D. Morgan (Feb 05)

Tobias Klein

[TKADV2010-003] avast! 4.8 and 5.0 aavmker4.sys Kernel Memory Corruption Tobias Klein (Feb 23)
[TKADV2010-001] Oracle Solaris UCODE_GET_VERSION IOCTL Kernel NULL Pointer Dereference Tobias Klein (Feb 01)

Tom Yu

MITKRB5-SA-2010-001 [CVE-2010-0283] krb5-1.7 KDC denial of service Tom Yu (Feb 16)

Trustwave Advisories

Trustwave's SpiderLabs Security Advisory TWSL2010-001 Trustwave Advisories (Feb 10)

VMware Security Team

VMSA-2010-0002 VMware vCenter update release addresses multiple security issues in Java JRE VMware Security Team (Feb 01)
VMSA-2010-0003 ESX Service Console update for net-snmp VMware Security Team (Feb 16)

VSR Advisories

Chrome Password Manager Cross Origin Weakness (CVE-2010-0556) VSR Advisories (Feb 16)

VUPEN Security Research

VUPEN Security Research - OpenOffice Word Document Processing Heap Overflow Vulnerabilities VUPEN Security Research (Feb 16)
VUPEN Security Research - Symantec Products "SYMLTCOM.dll" Buffer Overflow Vulnerability VUPEN Security Research (Feb 23)

Yaniv Miron

ARISg5 (version 5.0) cross site scripting vulnerability Yaniv Miron (Feb 26)

ZDI Disclosures

ZDI-10-019: Mozilla Firefox showModalDialog Cross-Domain Scripting Vulnerability ZDI Disclosures (Feb 23)
ZDI-10-018: IBM Cognos Server Backdoor Account Remote Code Execution Vulnerability ZDI Disclosures (Feb 18)
ZDI-10-020: EMC HomeBase SSL Service Arbitrary File Upload Remote Code Execution Vulnerability ZDI Disclosures (Feb 23)
ZDI-10-017: Microsoft Office PowerPoint Viewer TextBytesAtom Record Remote Code Execution Vulnerability ZDI Disclosures (Feb 09)
ZDI-10-021: Novell NetStorage xsrvd Long Pathname Remote Code Execution Vulnerability ZDI Disclosures (Feb 23)
ZDI-10-015: Microsoft Windows RLE Video Decompressor Remote Code Execution Vulnerability ZDI Disclosures (Feb 09)
ZDI-10-016: Microsoft Windows ShellExecute Improper Sanitization Code Execution Vulnerability ZDI Disclosures (Feb 09)
TPTI-10-02: Microsoft Office PowerPoint Viewer TextCharsAtom Record Code Execution Vulnerability ZDI Disclosures (Feb 09)

Previous period

Next period