Bugtraq: by author
RSS Feed
About List
All Lists
Previous period
192 messages
starting Feb 13 12 and
ending Feb 24 12
Date index |
Thread index |
Author index
abhijeet
[Announcement] ClubHack Mag - Call for Articles abhijeet (Feb 13)
ACROS Security Lists
Downloads Folder: A Binary Planting Minefield ACROS Security Lists (Feb 20)
adam
OWASP AppSec USA 2011 Video & Slides Posted adam (Feb 13)
advisory
Multiple XSS in Chyrp advisory (Feb 22)
Multiple XSS in Dotclear advisory (Feb 29)
Multiple vulnerabilities in 11in1 advisory (Feb 15)
Multiple vulnerabilities in OpenEMR advisory (Feb 01)
Multiple vulnerabilities in LEPTON advisory (Feb 15)
Multiple vulnerabilities in ZENphoto advisory (Feb 08)
Alex Legler
GLSA (Gentoo Linux Security Advisory) publication changes Alex Legler (Feb 02)
andsarmiento
XSS phpLDAPadmin: 1.2.0.5 (Debian package) and 1.2.2 (sourceforge) andsarmiento (Feb 01)
Apple Product Security
APPLE-SA-2012-02-01-1 OS X Lion v10.7.3 and Security Update 2012-001 Apple Product Security (Feb 02)
asemailing
Call For Paper asemailing (Feb 02)
Bret Jordan
802.1X password exploit on many HTC Android devices Bret Jordan (Feb 01)
cfp2012
Recon 2012 - Call For Papers - June 14-16, 2012 - Montreal, Quebec cfp2012 (Feb 27)
Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Wireless LAN Controllers Cisco Systems Product Security Incident Response Team (Feb 29)
Cisco Security Advisory: Cisco Unified Communications Manager Skinny Client Control Protocol Vulnerabilities Cisco Systems Product Security Incident Response Team (Feb 29)
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unity Connection Cisco Systems Product Security Incident Response Team (Feb 29)
Cisco Security Advisory: Cisco NX-OS Malformed IP Packet Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Feb 16)
Cisco Security Advisory: Cisco Small Business SRP 500 Series Multiple Vulnerabilities Cisco Systems Product Security Incident Response Team (Feb 24)
Cisco Security Advisory: Cisco Cius Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Feb 29)
Cisco Security Advisory: Cisco TelePresence Video Communication Server Session Initiation Protocol Denial of Service Vulnerabilities Cisco Systems Product Security Incident Response Team (Feb 29)
Code Audit Labs
[CAL-2011-0055]Adobe Shockwave Player Parsing block_cout memory corruption vulnerability Code Audit Labs (Feb 15)
[CAL-2011-0071]Adobe Shockwave Player Parsing cupt atom heap overflow Code Audit Labs (Feb 15)
[CAL-2012-0004] opera array integer overflow Code Audit Labs (Feb 02)
Colm O hEigeartaigh
CVE-2012-0803: Apache CXF does not validate UsernameToken policies correctly Colm O hEigeartaigh (Feb 07)
CorryL
Mobile Mp3 Search Engine HTTP Response Splitting CorryL (Feb 24)
ImgPals Photo Host Version 1.0 Admin Account Disactivation CorryL (Feb 28)
YVS Image Gallery Sql injection CorryL (Feb 24)
Danny Fullerton
Dropbear SSH server use-after-free vulnerability Danny Fullerton (Feb 24)
DeepSec Conference
DeepSec "Sector v6" - Call for Papers DeepSec Conference (Feb 27)
demonalex
CJWSoft ASPGuest GuestBook 'edit.asp' - SQL Injection Vulnerability demonalex (Feb 24)
Mercurycom MR804 Router - Multiple HTTP Header Fields Denial Of Service Vulnerability demonalex (Feb 21)
Dimitris Glynos
Re: [Full-disclosure] pidgin OTR information leakage Dimitris Glynos (Feb 28)
Re: [Full-disclosure] pidgin OTR information leakage Dimitris Glynos (Feb 28)
pidgin OTR information leakage Dimitris Glynos (Feb 27)
dougw
FreePBX Remote Exploit dougw (Feb 15)
Felipe M. Aragon
Syhunt: Google V8 - Server-Side JS Injection in vulnerable web apps Felipe M. Aragon (Feb 27)
Fernando Gont
RFC 6528 on Defending against Sequence Number Attacks Fernando Gont (Feb 03)
IPv6 NIDS evasion and IPv6 fragmentation/reassembly improvements Fernando Gont (Feb 21)
Fwd: RA-Guard: Advice on the implementation (feedback requested) Fernando Gont (Feb 02)
IETF I-D: Security and Interoperability Implications of Oversized IPv6 Header Chains Fernando Gont (Feb 17)
Florian Weimer
[SECURITY] [DSA 2407-1] cvs security update Florian Weimer (Feb 09)
[SECURITY] [DSA 2404-1] xen-qemu-dm-4.0 security update Florian Weimer (Feb 06)
[SECURITY] [DSA 2420-1] openjdk-6 security update Florian Weimer (Feb 28)
[SECURITY] [DSA 2422-1] file security update Florian Weimer (Feb 29)
[SECURITY] [DSA 2411-1] mumble security update Florian Weimer (Feb 20)
[SECURITY] [DSA 2419-1] puppet security update Florian Weimer (Feb 27)
Guillaume Arcas
2012 Honeynet Project Security Workshop Guillaume Arcas (Feb 16)
Henri Salo
Re: sqlinjection bug in nova cms Henri Salo (Feb 16)
Case YVS Image Gallery Henri Salo (Feb 27)
Re: [oss-security] Case YVS Image Gallery Henri Salo (Feb 28)
Ivan Fratric
Reliable Windows 7 Exploitation: A Case Study Ivan Fratric (Feb 28)
Jann Horn
Re: pidgin OTR information leakage Jann Horn (Feb 27)
Jeffrey Walton
Re: [Full-disclosure] pidgin OTR information leakage Jeffrey Walton (Feb 28)
jnatal
SQL Injection Vulnerabilities in TestLink jnatal (Feb 20)
Jonathan Brossard
Hackito Ergo sum // HES2012 Final CFP // Call for Hackers Jonathan Brossard (Feb 16)
Kousuke Ebihara
0-DAY XSS of cforms II is now fixed after a year and four months (was Re: cforms WordPress Plugin Cross Site Scripting Vulnerability - CVE-2010-3977) Kousuke Ebihara (Feb 17)
Kurt Seifried
Re: [oss-security] OxWall 1.1.1 <= Multiple Cross Site Scripting Vulnerabilities Kurt Seifried (Feb 21)
Re: [oss-security] Dolphin 7.0.7 <= Multiple Cross Site Scripting Vulnerabilities Kurt Seifried (Feb 21)
Leonardo Uribe
[SECURITY] CVE-2011-4367 Apache MyFaces information disclosure vulnerability Leonardo Uribe (Feb 09)
LpSolit
Security advisory for Bugzilla 4.2 and 4.0.5 LpSolit (Feb 24)
Security advisory for Bugzilla 4.2rc2, 4.0.4, 3.6.8 and 3.4.14 LpSolit (Feb 01)
Luk Claes
[SECURITY] [DSA 2384-2] cacti regression Luk Claes (Feb 06)
[SECURITY] [DSA 2413-1] libarchive security update Luk Claes (Feb 21)
Major Malfunction
DC4420 - London DEFCON - February meet - Tuesday February 21st 2012 Major Malfunction (Feb 20)
Mateusz Goik
Mathopd - Directory Traversal Vulnerability Mateusz Goik (Feb 06)
Michele Orru
Re: [Full-disclosure] pidgin OTR information leakage Michele Orru (Feb 27)
mkey
FrameJammer DOM based XSS mkey (Feb 27)
Moritz Muehlenhoff
[SECURITY] [DSA 2418-1] postgresql-8.4 security update Moritz Muehlenhoff (Feb 27)
[SECURITY] [DSA 2421-1] moodle security update Moritz Muehlenhoff (Feb 29)
[SECURITY] [DSA 2400-1] iceweasel security update Moritz Muehlenhoff (Feb 03)
[SECURITY] [DSA 2410-1] libpng security update Moritz Muehlenhoff (Feb 16)
[SECURITY] [DSA 2401-1] tomcat6 security update Moritz Muehlenhoff (Feb 03)
[SECURITY] [DSA 2412-1] libvorbis security update Moritz Muehlenhoff (Feb 20)
[SECURITY] [DSA 2408-1] php5 security update Moritz Muehlenhoff (Feb 13)
[SECURITY] [DSA 2402-1] iceape security update Moritz Muehlenhoff (Feb 03)
muuratsalo experimental hack lab
Vulnerabilitites in Debian F*EX <= 20100208 and F*EX 20111129-2. muuratsalo experimental hack lab (Feb 21)
Re: Vulnerabilitites in Debian F*EX <= 20100208 and F*EX 20111129-2. muuratsalo experimental hack lab (Feb 21)
F*EX 20111129-2 Cross Site Scripting Vulnerability muuratsalo experimental hack lab (Feb 21)
F*EX <= 20100208 Cross Site Scripting Vulnerabilities muuratsalo experimental hack lab (Feb 21)
Netsparker Advisories
SQL Injection Vulnerability in Batavi 1.1.2 Netsparker Advisories (Feb 07)
Nico Golde
[SECURITY] [DSA 2414-2] fex regression Nico Golde (Feb 27)
[SECURITY] [DSA 2417-1] libxml2 security update Nico Golde (Feb 24)
[SECURITY] [DSA 2414-1] fex security update Nico Golde (Feb 22)
[SECURITY] [DSA 2415-1] libmodplug security update Nico Golde (Feb 22)
noreply
TELUS Security Labs VR - Oracle Java Web Start Command Argument Injection Remote Code Execution noreply (Feb 15)
Onapsis Research Labs
[Onapsis Security Advisory 2012-06] Oracle JD Edwards JDENET Large Packets Denial of Service Onapsis Research Labs (Feb 24)
[Onapsis Security Advisory 2012-08] Oracle JD Edwards Security Kernel Information Disclosure Onapsis Research Labs (Feb 24)
[Onapsis Security Advisory 2012-03] Oracle JD Edwards SawKernel Arbitrary File Read Onapsis Research Labs (Feb 24)
[Onapsis Security Advisory 2012-02] Oracle JD Edwards Security Kernel Remote Password Disclosure Onapsis Research Labs (Feb 24)
[Onapsis Security Advisory 2012-01] Oracle JD Edwards JDENET Arbitrary File Write Onapsis Research Labs (Feb 24)
[Onapsis Security Advisory 2012-04] Oracle JD Edwards SawKernel GET_INI Information Disclosure Onapsis Research Labs (Feb 24)
[Onapsis Security Advisory 2012-05] Oracle JD Edwards JDENET Multiple Information Disclosure Onapsis Research Labs (Feb 24)
[Onapsis Security Advisory 2012-07] Oracle JD Edwards SawKernel SET_INI Configuration Modification Onapsis Research Labs (Feb 24)
Raphael Geissert
[SECURITY] [DSA 2409-1] devscripts security update Raphael Geissert (Feb 15)
regis
Re: Dolibarr CMS v3.2.0 Alpha - File Include Vulnerabilities regis (Feb 27)
Research@NGSSecure
NGS00237 Patch Notification: Samba Andx request Remote Code Execution Research@NGSSecure (Feb 27)
NGS00120 Patch Notification: BlackBerry PlayBook Samba Remote Code Execution Research@NGSSecure (Feb 24)
research () vulnerability-lab com
Yahoo! Messenger v11.5 - Buffer Overflow Vulnerability research () vulnerability-lab com (Feb 13)
OSQA CMS v3b - Multiple Persistent Vulnerabilities research () vulnerability-lab com (Feb 27)
Socusoft Photo 2 Video v8.05 - Buffer Overflow Vulnerability research () vulnerability-lab com (Feb 27)
OnxShop CMS v1.5.0 - Multiple Web Vulnerabilities research () vulnerability-lab com (Feb 10)
Kloxo LxCenter Server CP v6.1.10 - Multiple Web Vulnerabilities research () vulnerability-lab com (Feb 10)
Dolibarr CMS v3.2.0 Alpha - File Include Vulnerabilities research () vulnerability-lab com (Feb 10)
Wolf CMS v0.7.5 - Multiple Web Vulnerabilities research () vulnerability-lab com (Feb 27)
Dolibarr CMS v3.2.0 Alpha - SQL Injection Vulnerabilities research () vulnerability-lab com (Feb 10)
eFronts Community++ v3.6.10 - Cross Site Vulnerability research () vulnerability-lab com (Feb 07)
Pandora FMS v4.0.1 - Local File Include Vulnerability + VD Session research () vulnerability-lab com (Feb 17)
[Suspected Spam] eFront Community++ v3.6.10 - Multiple Web Vulnerabilities research () vulnerability-lab com (Feb 09)
Cyberoam Central Console v2.00.2 - File Include Vulnerability research () vulnerability-lab com (Feb 08)
[Suspected Spam] eFront Community++ v3.6.10 - SQL Injection Vulnerability research () vulnerability-lab com (Feb 13)
[Spam] Skype v5.6.59.x - Memory Corruption Vulnerability research () vulnerability-lab com (Feb 17)
rezahmail
sqlinjection bug in nova cms rezahmail (Feb 13)
Rich Pieri
Re: [Full-disclosure] pidgin OTR information leakage Rich Pieri (Feb 27)
roberto . paleari
Unauthenticated remote code execution on D-Link ShareCenter products roberto . paleari (Feb 08)
Rodrigo Rubira Branco (BSDaemon)
Re: Fwd: 0-DAY XSS of cforms II is now fixed after a year and four months (was Re: cforms WordPress Plugin Cross Site Scripting Vulnerability - CVE-2010-3977) Rodrigo Rubira Branco (BSDaemon) (Feb 17)
Schweiss, Chip
Puppet Dashboard insecure by default Schweiss, Chip (Feb 17)
SEC Consult Vulnerability Lab
SEC Consult SA-20120220-1 :: Multiple Vulnerabilities in ELBA5 SEC Consult Vulnerability Lab (Feb 20)
SEC Consult SA-20120220-0 :: Multiple critical vulnerabilities in VOXTRONIC voxlog professional SEC Consult Vulnerability Lab (Feb 20)
security
[ MDVSA-2012:018 ] mozilla-thunderbird security (Feb 13)
[ MDVSA-2012:023-1 ] libvpx security (Feb 28)
[ MDVSA-2012:019 ] apr security (Feb 14)
[ MDVSA-2012:025 ] samba security (Feb 28)
[ MDVSA-2012:022 ] mozilla security (Feb 24)
[ MDVSA-2012:017 ] firefox security (Feb 13)
[ MDVSA-2012:027 ] postgresql8.3 security (Feb 29)
[ MDVSA-2012:022-1 ] mozilla security (Feb 28)
[ MDVSA-2012:023 ] libxml2 security (Feb 22)
[ MDVSA-2012:021 ] java-1.6.0-openjdk security (Feb 17)
[ MDVSA-2012:012 ] apache security (Feb 02)
[ MDVSA-2012:022 ] libpng security (Feb 22)
[ MDVSA-2012:014 ] glpi security (Feb 07)
SimpleGroupware 0.742 Cross-Site-Scripting vulnerability security (Feb 07)
[ MDVSA-2012:016 ] glpi security (Feb 10)
[ MDVSA-2012:013 ] mozilla security (Feb 03)
[ MDVSA-2012:020 ] phpldapadmin security (Feb 15)
[ MDVSA-2012:026 ] postgresql security (Feb 29)
[ MDVSA-2012:023 ] libvpx security (Feb 27)
[ MDVSA-2012:015 ] wireshark security (Feb 09)
Security_Alert
ESA-2012-010: EMC Documentum xPlore information disclosure vulnerability Security_Alert (Feb 03)
ESA-2012-009: EMC Documentum Content Server privilege elevation vulnerability Security_Alert (Feb 01)
security-alert
[security bulletin] HPSBPI02728 SSRT100692 rev.4 - Certain HP Printers and HP Digital Senders, Remote Firmware Update Enabled by Default security-alert (Feb 17)
[security bulletin] HPSBMU02739 SSRT100280 rev.1 - HP Data Protector Media Operations, Remote Execution of Arbitrary Code security-alert (Feb 02)
[security bulletin] HPSBGN02740 SSRT100741 rev.1 - HP Operations Manager, Operations Agent, Performance Agent, Service Health Reporter, Service Health Optimizer, Performance Manager, Remote Execution of Arbitrary Code security-alert (Feb 03)
[security bulletin] HPSBUX02741 SSRT100728 rev.1 - HP-UX Apache Running Tomcat Servlet Engine, Remote Denial of Service (DoS), Access Restriction Bypass security-alert (Feb 08)
[security bulletin] HPSBMU02739 SSRT100280 rev.2 - HP Data Protector Storage Media Operations (SMO), Remote Execution of Arbitrary Code security-alert (Feb 24)
[security bulletin] HPSBUX02737 SSRT100747 rev.2 - HP-UX Running OpenSSL, Remote Denial of Service (DoS) security-alert (Feb 24)
[security bulletin] HPSBMU02736 SSRT100699 rev.2 - HP Business Availability Center (BAC) and Business Service Management (BSM), Remote Unauthorized Access to Sensitive Information security-alert (Feb 07)
[security bulletin] HPSBMU02742 SSRT100740 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Unauthorized Disclosure of Information security-alert (Feb 08)
Simon McVittie
Multiple security vulnerabilities in Tremulous 1.1.0, GPP1, and unofficial MG and TJW engines Simon McVittie (Feb 22)
Slackware Security Team
[slackware-security] glibc (SSA:2012-041-03) Slackware Security Team (Feb 13)
[slackware-security] proftpd (SSA:2012-041-04) Slackware Security Team (Feb 13)
[slackware-security] vsftpd (SSA:2012-041-05) Slackware Security Team (Feb 13)
[slackware-security] httpd (SSA:2012-041-01) Slackware Security Team (Feb 13)
[slackware-security] php (SSA:2012-041-02) Slackware Security Team (Feb 13)
sschurtz
WebsiteBaker 2.8.2 SP2 HTTP-Referer XSS vulnerability sschurtz (Feb 20)
Stefan Fritsch
[SECURITY] [DSA 2405-1] apache2 security update Stefan Fritsch (Feb 06)
The Dark Tangent
DEF CON 20 Capture the Flag Announcement The Dark Tangent (Feb 07)
Thijs Kinkhorst
[SECURITY] [DSA 2403-2] php5 security update Thijs Kinkhorst (Feb 07)
[SECURITY] [DSA 2416-1] notmuch security update Thijs Kinkhorst (Feb 24)
[SECURITY] [DSA 2403-1] php5 security update Thijs Kinkhorst (Feb 03)
Thomas Richards
PHP Gift Registry 1.5.5 SQL Injection Thomas Richards (Feb 24)
Kongreg8 1.7.3 Mutiple XSS Thomas Richards (Feb 27)
Timo Warns
[PRE-SA-2012-01] Denial-of-service vulnerability in java.util.zip Timo Warns (Feb 16)
Trustwave Advisories
TWSL2012-003: Cross-Site Scripting Vulnerability in Movable Type Publishing Platform Trustwave Advisories (Feb 27)
William A. Rowe Jr.
[Announce] Apache HTTP Server 2.2.22 Released William A. Rowe Jr. (Feb 01)
Worawit Wang
PHP 5.2.x Remote Code Execution Vulnerability Worawit Wang (Feb 17)
YGN Ethical Hacker Group
OxWall 1.1.1 <= Multiple Cross Site Scripting Vulnerabilities YGN Ethical Hacker Group (Feb 20)
CubeCart 3.0.20 (3.0.x) and lower | Open URL Redirection Vulnerability [Updated] YGN Ethical Hacker Group (Feb 20)
Dolphin 7.0.7 <= Multiple Cross Site Scripting Vulnerabilities YGN Ethical Hacker Group (Feb 20)
CubeCart 3.0.20 (3.0.x) and lower | Open URL Redirection Vulnerability YGN Ethical Hacker Group (Feb 10)
ZDI Disclosures
ZDI-12-026 : IBM SPSS ExportHTML.dll ActiveX Control Render Method Remote Code Execution Vulnerability ZDI Disclosures (Feb 08)
TPTI-12-01 : Oracle Java True Type Font IDEF Opcode Parsing Remote Code Execution Vulnerability ZDI Disclosures (Feb 24)
ZDI-12-031 : Novell iPrint Server attributes-natural-language Remote Code Execution Vulnerability ZDI Disclosures (Feb 08)
ZDI-12-022 : Total Defense Suite UNC Management Console ExportReport SQL Injection Vulnerability ZDI Disclosures (Feb 08)
ZDI-12-027 : IBM SPSS VsVIEW6.ocx ActiveX Control SaveDoc Method Remote Code Execution Vulnerability ZDI Disclosures (Feb 08)
ZDI-12-023 : Total Defense Suite UNC Management Web Service Database Credentials Disclosure Vulnerability ZDI Disclosures (Feb 08)
ZDI-12-036 : Microsoft Internet Explorer VML CDispScroller Remote Code Execution Vulnerability ZDI Disclosures (Feb 24)
ZDI-12-037 : Oracle Java Web Start JNLP Double Quote Remote Code Execution Vulnerability ZDI Disclosures (Feb 24)
ZDI-12-032 : Oracle Java Runtime Environment readMabCurveData Integer Overflow Remote Code Execution Vulnerability ZDI Disclosures (Feb 24)
ZDI-12-034 : Microsoft Windows Media Player ASX Meta-File Parsing Remote Code Execution Vulnerability ZDI Disclosures (Feb 24)
ZDI-12-021 : Adobe Reader BMP Resource Signedness Remote Code Execution Vulnerability ZDI Disclosures (Feb 08)
ZDI-12-024 : Total Defense Suite UNC Management Web Service uncsp_ViewReportsHomepage SQL Injection Vulnerability ZDI Disclosures (Feb 08)
ZDI-12-033 : ABB WebWare RobNetScanHost.exe Remote Code Execution Vulnerability ZDI Disclosures (Feb 24)
ZDI-12-028 : IBM Rational Rhapsody BBFlashBack.FBRecorder.1 Control Multiple Remote Code Execution Vulnerabilities ZDI Disclosures (Feb 08)
ZDI-12-030 : IBM Rational Rhapsody BBFlashBack.Recorder.1 TestCompatibilityRecordMode Remote Code Execution Vulnerability ZDI Disclosures (Feb 08)
ZDI-12-035 : Microsoft Internet Explorer CDispNode t:MEDIA Remote Code Execution Vulnerability ZDI Disclosures (Feb 24)
ZDI-12-038 : Oracle Java JavaFX Arbitrary Argument Remote Code Execution Vulnerability ZDI Disclosures (Feb 24)
ZDI-12-025 : EMC Networker indexd.exe Opcode 0x01 Parsing Remote Code Execution ZDI Disclosures (Feb 08)
ZDI-12-029 : IBM Rational Rhapsody BBFlashBack.Recorder.1 InsertMarker Remote Code Execution Vulnerability ZDI Disclosures (Feb 08)
ZDI-12-039 : Oracle Java Web Start java-vm-args Command Argument Injection Remote Code Execution ZDI Disclosures (Feb 24)