Bugtraq: by date

PreviousPrevious period
Next periodNext

157 messages starting Dec 03 12 and ending Dec 31 12
Date index | Thread index | Author index

Monday, 03 December

[SECURITY] [DSA 2577-1] libssh security update Yves-Alexis Perez
ESA-2012-052 RSA NetWitness Informer Cross-Site Request Forgery and Click-jacking Vulnerabilities Security Alert
Low severity flaw in RIM BlackBerry PlayBook OS browser Tim Brown
FortiGate FortiDB 2kB 1kC & 400B - Cross Site Vulnerability Vulnerability Lab
FortiWeb 4kC,3kC,1kC & VA - Cross Site Vulnerabilities Vulnerability Lab
IBM System Director Remote System Level Exploit (CVE-2009-0880 extended zeroday) king cope
MySQL (Linux) Stack based buffer overrun PoC Zeroday king cope
MySQL (Linux) Heap Based Overrun PoC Zeroday king cope
MySQL (Linux) Database Privilege Elevation Zeroday Exploit king cope
MySQL Denial of Service Zeroday PoC king cope
MySQL Remote Preauth User Enumeration Zeroday king cope
Re: [Full-disclosure] MySQL (Linux) Heap Based Overrun PoC Zeroday Jeffrey Walton
Re: [Full-disclosure] MySQL (Linux) Stack based buffer overrun PoC Zeroday Jeffrey Walton
Re: [Full-disclosure] MySQL (Linux) Stack based buffer overrun PoC Zeroday Kurt Seifried
Re: [Full-disclosure] MySQL (Linux) Heap Based Overrun PoC Zeroday Kurt Seifried
Re: [Full-disclosure] MySQL (Linux) Database Privilege Elevation Zeroday Exploit Kurt Seifried
Re: [Full-disclosure] MySQL Denial of Service Zeroday PoC Kurt Seifried
Re: [Full-disclosure] MySQL Remote Preauth User Enumeration Zeroday Kurt Seifried
Re: [Full-disclosure] MySQL 5.1/5.5 WiNDOWS REMOTE R00T (mysqljackpot) Kurt Seifried
Re: [Full-disclosure] MySQL (Linux) Heap Based Overrun PoC Zeroday Kurt Seifried
Re: [oss-security] Re: [Full-disclosure] MySQL (Linux) Stack based buffer overrun PoC Zeroday Sergei Golubchik
Re: [oss-security] Re: [Full-disclosure] MySQL (Linux) Stack based buffer overrun PoC Zeroday Huzaifa Sidhpurwala
Re: [oss-security] Re: [Full-disclosure] MySQL (Linux) Stack based buffer overrun PoC Zeroday Sergei Golubchik
Re: [oss-security] Re: [Full-disclosure] MySQL (Linux) Stack based buffer overrun PoC Zeroday Yves-Alexis Perez
Re: [oss-security] Re: [Full-disclosure] MySQL (Linux) Stack based buffer overrun PoC Zeroday king cope
[SECURITY] [DSA 2580-1] libxml security update Moritz Muehlenhoff
[ MDVSA-2012:176 ] libxml2 security
Re: [oss-security] Re: [Full-disclosure] MySQL (Linux) Stack based buffer overrun PoC Zeroday Sergei Golubchik
tinymcpuk xss vulnerability admin
SEC Consult SA-20121203-0 :: F5 FirePass SSL VPN Unauthenticated local file inclusion SEC Consult Vulnerability Lab
Re: phpGiftReq SQL Injection generalpf

Tuesday, 04 December

[SECURITY] [DSA 2581-1] mysql-5.1 security update Yves-Alexis Perez
DC4420 - London DEFCON - Christmas 2012 meet! Tuesday 11th December 2012 Major Malfunction
MySQL Local/Remote FAST Account Password Cracking king cope
Privilege Escalation through Binary Planting in Panda Internet Security by_argos
Centrify Deployment Manager v2.1.0.283 larry0
Centrify Deployment Manager v2.1.0.283 larry0
FreeFTPD Remote Authentication Bypass Zeroday Exploit (Stuxnet technique) king cope
FreeSSHD Remote Authentication Bypass Zeroday Exploit king cope
Re: MySQL Windows Remote System Level Exploit (Stuxnet technique) 0day king cope

Wednesday, 05 December

[security bulletin] HPSBPI02807 SSRT100928 rev.1 - HP LaserJet Pro 400 Multi Function Printers, Remote Unauthorized Access security-alert
[security bulletin] HPSBPI02828 SSRT100778 rev.1 - HP LaserJet and Color LaserJet, Cross-Site Scripting (XSS) security-alert
CVE-2012-4534 Apache Tomcat denial of service Mark Thomas
CVE-2012-3546 Apache Tomcat Bypass of security constraints Mark Thomas
CVE-2012-4431 Apache Tomcat Bypass of CSRF prevention filter Mark Thomas
[security bulletin] HPSBMU02816 SSRT100949 rev.1 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Access security-alert
[security bulletin] HPSB3C02831 SSRT100661 rev.1 - HP Intelligent Management Center User Access Manager (UAM), Remote Execution of Arbitrary Code security-alert
Re: Stack overflow in Microsoft HTML Help 6.1 (CHM files) chiles . simpson . ctr
Buffalo LinkStation LS-WTGL Default Admin Account & Guest Access Information Darius Freamon

Thursday, 06 December

[ MDVSA-2012:177 ] bind security
CA20121205-01: Security Notice for CA XCOM Data Transport on Unix and Linux Kotas, Kevin J

Friday, 07 December

[slackware-security] ruby (SSA:2012-341-04) Slackware Security Team
[slackware-security] libxml2 (SSA:2012-341-03) Slackware Security Team
[SECURITY] [DSA 2582-1] xen security update Yves-Alexis Perez
TVMOBiLi Media Server Multiple Remote DoS Vulnerabilities advisory
Multiple SQL Injection vulnerabilities in ClipBucket advisory
Multiple vulnerabilities in Achievo advisory
Fwd: SQL injection Emmanuel FARCY
CanSecWest13 CFP Open Until December 14 2012, Conf March 7-9 2013, Vancouver Dragos Ruiu
Update on CVE assigned for Video Lead Form Plugin Cross-Site nauty . me04
Update on CVE assigned for Wordpress Plugin Simple Gmail Login nauty . me04
Multiple vulnerabilities in Achievo advisory
Multiple SQL Injection vulnerabilities in ClipBucket advisory
TVMOBiLi Media Server Multiple Remote DoS Vulnerabilities advisory

Monday, 10 December

[slackware-security] libssh (SSA:2012-341-02) Slackware Security Team
[slackware-security] bind (SSA:2012-341-01) Slackware Security Team
[SECURITY] [DSA 2583-1] iceweasel security update Yves-Alexis Perez
[SECURITY] [DSA 2584-1] iceape security update Yves-Alexis Perez
[ MDVSA-2012:178 ] mysql security
Android Kernel 2.6 Local DoS Thomas Richards
Centrify Deployment Manager v2.1.0.283 local root larry0
FreeVimager 4.1.0 <= WriteAV Arbitrary Code Execution pereira
DIMIN Viewer 5.4.0 <= WriteAV Arbitrary Code Execution pereira
SimpleInvoices 2011.1 Cross-Site-Scripting (XSS) Vulnerabilities CVE-2012-4932 tommccredie
Multiple Command Execution Vulnerabilities in Smartphone Pentest Framework advisory
Call for Papers: DIMVA 2013 Collin Mulliner
Snare for Linux Cross-Site Scripting via Log Injection sometimesbugs
Snare for Linux Cross-Site Request Forgery sometimesbugs
Snare for Linux Password Disclosure sometimesbugs

Tuesday, 11 December

[security bulletin] HPSBOV02834 SSRT101055 rev.1 - HP OpenVMS LOGIN or ACMELOGIN, Remote or Local Denial of Service (DoS) security-alert
Path Traversal Vulnerability on Secure Transport versions 5.1 SP2 and earlier Perez, Sebastian (LATCO - Buenos Aires)
Information disclosure (mouse tracking) vulnerability in Microsoft Internet Explorer versions 6-10 Nick Johnson
[SECURITY] [DSA 2585-1] bogofilter security update Florian Weimer
[SECURITY] [DSA 2586-1] perl security update Florian Weimer
Multiple critical vulnerabilities in Maxthon and Avant browsers Roberto Suggi Liverani
[SECURITY] [DSA 2587-1] libcgi-pm-perl security update Florian Weimer

Thursday, 13 December

[ MDVSA-2012:179 ] cups security
Addressbook v8.1.24.1 Group Name XSS Kenneth F. Belva
OpenDocMan 1.2.6.2 - 3 Vulnerabilities Kenneth F. Belva
File Upload Concern in Front Account 2.3.13 and OpenDocMan 1.2.6.2 Kenneth F. Belva
FCKEditor File Upload Vulnerability bugreport
'portable-phpMyAdmin (WordPress Plugin)' Authentication Bypass (CVE-2012-5469) Mark Stanislav
Network Reconnaissance in IPv6 Networks Fernando Gont
Network Reconnaissance in IPv6 Networks (errata) Fernando Gont
RVAsec 2013 CFP Now Open Sullo
[security bulletin] HPSBUX02832 SSRT101042 rev.1 - HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities security-alert

Friday, 14 December

Re: Centrify Deployment Manager v2.1.0.283 to-choi . lau
[btrfs] is vulnerable to a hash-DoS attack Pascal Junod (Mailing Lists)
Password Disclosure in D-Link IP Cameras (CVE-2012-4046) doylej . ia
Issues in Netgear WGR614 wireless router gsuberland
DDIVRT-2012-48 VMware View Connection Server Directory Traversal (CVE-2012-5978) ddivulnalert
Wordpress Pingback Port Scanner FireFart

Monday, 17 December

[SECURITY] [DSA 2588-1] icedove security update Florian Weimer
[SECURITY] [DSA 2589-1] tiff security update Florian Weimer
[ MDVSA-2012:180 ] perl-CGI security
Foswiki Security Alert CVE-2012-6329, CVE-2012-6330 Remote code execution and other vulnerabilities in MAKETEXT macro George Clark
Re: Issues in Netgear WGR614 wireless router Liam
RE: PHP Addressbook v8.2.5 Group Name XSS Kenneth F. Belva
IPv6 Neighbor Discovery security (new documents) Fernando Gont

Wednesday, 19 December

Microsoft Internet Explorer 9.x <= Remote Stack Overflow Vulnerability pereira
SonicWall SonicOS 5.8.1.8 WAF - POST Inject Vulnerability Vulnerability Lab
Enterpriser16 LoadBalancer v7.1 - Multiple Web Vulnerabilities Vulnerability Lab
Local root exploit for Centrify Deployment Manager < v2.1.0.283 local root larry0
Multiple SQL Injection Vulnerabilities in Elite Bulletin Board advisory
Firefly MediaServer Multiple Remote DoS Vulnerabilities advisory
Multiple vulnerabilities in Banana Dance advisory
[ MDVSA-2012:181 ] python-django security
Multiple XSS vulnerabilities in Cerberus FTP Server <= 5.0.5.1 [CVE-2012-6339] Ken
EMC Avamar: World writable cache files fulldisclosure

Thursday, 20 December

Re: Microsoft Internet Explorer 9.x <= Remote Stack Overflow Vulnerability Fabio Baroni
Re: Re: Microsoft Internet Explorer 9.x <= Remote Stack Overflow Vulnerability pereira

Monday, 24 December

DoS vulnerability in Siemens S7-1200 PLCs Arne Vidström
Re: Re: Microsoft Internet Explorer 9.x <= Remote Stack Overflow Vulnerability pereira
[security bulletin] HPSBUX02835 SSRT100763 rev.1 - HP-UX Running BIND, Remote Domain Name Revalidation security-alert
ESA-2012-060: EMC Data Protection Advisor Information Disclosure Vulnerability. Security Alert
CA20121220-01: Security Notice for CA IdentityMinder Williams, James K
VMSA-2012-0018 VMware security updates for vCSA and ESXi VMware Security Response Center
Re: Re: Re: Microsoft Internet Explorer 9.x <= Remote Stack Overflow Vulnerability koppensb
CubeCart 3.0.20 (3.0.x) and lower | Multiple Cross Site Scripting Vulnerabilities YGN Ethical Hacker Group
CubeCart 3.0.20 (3.0.x) and lower | Arbitrary File Upload YGN Ethical Hacker Group
CubeCart 3.0.20 (3.0.x) and lower | Multiple SQL Injection Vulnerabilities YGN Ethical Hacker Group
[ MDVSA-2012:182 ] apache-mod_security security
[ MDVSA-2012:183 ] apache-mod_security security
CubeCart 4.4.6 and lower | Open URL Redirection Vulnerability YGN Ethical Hacker Group
[TOOL RELEASE] SQL Fingerprint powered by ENG++ Technology [Version 1.33.23-170308] Nelson Brito
CubeCart 5.0.7 and lower | Open URL Redirection Vulnerability YGN Ethical Hacker Group
CubeCart 4.4.6 and lower | Cross Site Request Forgery (CSRF) Vulnerability YGN Ethical Hacker Group
CubeCart 4.4.6 and lower | Multiple Cross Site Scripting Vulnerabilities YGN Ethical Hacker Group
CubeCart 4.4.6 and lower | Multiple SQL Injection Vulnerabilities YGN Ethical Hacker Group
CubeCart 4.4.6 and lower | Local File Inclusion Vulnerability YGN Ethical Hacker Group
CubeCart 4.x/5.x | Setup Re-installation Privilege Escalation Vulnerability YGN Ethical Hacker Group

Thursday, 27 December

Open-Realty CMS 3.x | Cross Site Request Forgery (CSRF) Vulnerability YGN Ethical Hacker Group
Open-Realty CMS 3.x | Persistent Cross Site Scripting (XSS) Vulnerability YGN Ethical Hacker Group
[SECURITY] [DSA 2590-1] wireshark security update Moritz Muehlenhoff
[ MDVSA-2012:184 ] libtiff security
Polycom® HDX® Video End Points Web Management Cross Site Scripting (XSS) vulnerability Rustein, Fara Denise (LATCO - Buenos Aires)

Friday, 28 December

Log Analyzer 3.6.0 - Cross Site Scripting Vulnerability Vulnerability Lab
SonicWall Email Security 7.4.1.x - Persistent Web Vulnerability Vulnerability Lab
[SECURITY] [DSA 2591-1] mahara security update Moritz Muehlenhoff
[SECURITY] [DSA 2592-1] elinks security update Moritz Muehlenhoff
CubeCart 5.0.7 and lower versions | Insecure Backup File Handling YGN Ethical Hacker Group

Monday, 31 December

GnuPG 1.4.12 and lower - memory access errors and keyring database corruption KB Sriram
Re: CubeCart 5.0.7 and lower versions | Insecure Backup File Handling Sean Jenkins
[SECURITY] [DSA 2593-1] moin security update Moritz Muehlenhoff
[SECURITY] [DSA 2594-1] virtualbox-ose security update Moritz Muehlenhoff
[SECURITY] [DSA 2595-1] ghostscript security update Moritz Muehlenhoff
[SECURITY] [DSA 2596-1] mediawiki-extensions security update Jonathan Wiltshire
PreviousPrevious period
Next periodNext