Bugtraq: by date
RSS Feed
About List
All Lists
Previous period
192 messages
starting Feb 01 12 and
ending Feb 29 12
Date index |
Thread index |
Author index
Wednesday, 01 February
[Announce] Apache HTTP Server 2.2.22 Released William A. Rowe Jr.
802.1X password exploit on many HTC Android devices Bret Jordan
Security advisory for Bugzilla 4.2rc2, 4.0.4, 3.6.8 and 3.4.14 LpSolit
Multiple vulnerabilities in OpenEMR advisory
ESA-2012-009: EMC Documentum Content Server privilege elevation vulnerability Security_Alert
XSS phpLDAPadmin: 1.2.0.5 (Debian package) and 1.2.2 (sourceforge) andsarmiento
Thursday, 02 February
[ MDVSA-2012:012 ] apache security
APPLE-SA-2012-02-01-1 OS X Lion v10.7.3 and Security Update 2012-001 Apple Product Security
Call For Paper asemailing
Fwd: RA-Guard: Advice on the implementation (feedback requested) Fernando Gont
[CAL-2012-0004] opera array integer overflow Code Audit Labs
[security bulletin] HPSBMU02739 SSRT100280 rev.1 - HP Data Protector Media Operations, Remote Execution of Arbitrary Code security-alert
GLSA (Gentoo Linux Security Advisory) publication changes Alex Legler
Friday, 03 February
[security bulletin] HPSBGN02740 SSRT100741 rev.1 - HP Operations Manager, Operations Agent, Performance Agent, Service Health Reporter, Service Health Optimizer, Performance Manager, Remote Execution of Arbitrary Code security-alert
[SECURITY] [DSA 2401-1] tomcat6 security update Moritz Muehlenhoff
[SECURITY] [DSA 2400-1] iceweasel security update Moritz Muehlenhoff
[SECURITY] [DSA 2402-1] iceape security update Moritz Muehlenhoff
[SECURITY] [DSA 2403-1] php5 security update Thijs Kinkhorst
RFC 6528 on Defending against Sequence Number Attacks Fernando Gont
ESA-2012-010: EMC Documentum xPlore information disclosure vulnerability Security_Alert
[ MDVSA-2012:013 ] mozilla security
Monday, 06 February
[SECURITY] [DSA 2384-2] cacti regression Luk Claes
[SECURITY] [DSA 2404-1] xen-qemu-dm-4.0 security update Florian Weimer
[SECURITY] [DSA 2405-1] apache2 security update Stefan Fritsch
Mathopd - Directory Traversal Vulnerability Mateusz Goik
Tuesday, 07 February
[ MDVSA-2012:014 ] glpi security
[SECURITY] [DSA 2403-2] php5 security update Thijs Kinkhorst
SimpleGroupware 0.742 Cross-Site-Scripting vulnerability security
DEF CON 20 Capture the Flag Announcement The Dark Tangent
CVE-2012-0803: Apache CXF does not validate UsernameToken policies correctly Colm O hEigeartaigh
SQL Injection Vulnerability in Batavi 1.1.2 Netsparker Advisories
[security bulletin] HPSBMU02736 SSRT100699 rev.2 - HP Business Availability Center (BAC) and Business Service Management (BSM), Remote Unauthorized Access to Sensitive Information security-alert
eFronts Community++ v3.6.10 - Cross Site Vulnerability research () vulnerability-lab com
Wednesday, 08 February
Unauthenticated remote code execution on D-Link ShareCenter products roberto . paleari
[security bulletin] HPSBUX02741 SSRT100728 rev.1 - HP-UX Apache Running Tomcat Servlet Engine, Remote Denial of Service (DoS), Access Restriction Bypass security-alert
Cyberoam Central Console v2.00.2 - File Include Vulnerability research () vulnerability-lab com
Multiple vulnerabilities in ZENphoto advisory
[security bulletin] HPSBMU02742 SSRT100740 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Unauthorized Disclosure of Information security-alert
ZDI-12-021 : Adobe Reader BMP Resource Signedness Remote Code Execution Vulnerability ZDI Disclosures
ZDI-12-022 : Total Defense Suite UNC Management Console ExportReport SQL Injection Vulnerability ZDI Disclosures
ZDI-12-023 : Total Defense Suite UNC Management Web Service Database Credentials Disclosure Vulnerability ZDI Disclosures
ZDI-12-024 : Total Defense Suite UNC Management Web Service uncsp_ViewReportsHomepage SQL Injection Vulnerability ZDI Disclosures
ZDI-12-025 : EMC Networker indexd.exe Opcode 0x01 Parsing Remote Code Execution ZDI Disclosures
ZDI-12-026 : IBM SPSS ExportHTML.dll ActiveX Control Render Method Remote Code Execution Vulnerability ZDI Disclosures
ZDI-12-027 : IBM SPSS VsVIEW6.ocx ActiveX Control SaveDoc Method Remote Code Execution Vulnerability ZDI Disclosures
ZDI-12-028 : IBM Rational Rhapsody BBFlashBack.FBRecorder.1 Control Multiple Remote Code Execution Vulnerabilities ZDI Disclosures
ZDI-12-029 : IBM Rational Rhapsody BBFlashBack.Recorder.1 InsertMarker Remote Code Execution Vulnerability ZDI Disclosures
ZDI-12-030 : IBM Rational Rhapsody BBFlashBack.Recorder.1 TestCompatibilityRecordMode Remote Code Execution Vulnerability ZDI Disclosures
ZDI-12-031 : Novell iPrint Server attributes-natural-language Remote Code Execution Vulnerability ZDI Disclosures
Thursday, 09 February
[SECURITY] [DSA 2407-1] cvs security update Florian Weimer
[ MDVSA-2012:015 ] wireshark security
[SECURITY] CVE-2011-4367 Apache MyFaces information disclosure vulnerability Leonardo Uribe
[Suspected Spam] eFront Community++ v3.6.10 - Multiple Web Vulnerabilities research () vulnerability-lab com
Friday, 10 February
Dolibarr CMS v3.2.0 Alpha - File Include Vulnerabilities research () vulnerability-lab com
OnxShop CMS v1.5.0 - Multiple Web Vulnerabilities research () vulnerability-lab com
Dolibarr CMS v3.2.0 Alpha - SQL Injection Vulnerabilities research () vulnerability-lab com
Kloxo LxCenter Server CP v6.1.10 - Multiple Web Vulnerabilities research () vulnerability-lab com
CubeCart 3.0.20 (3.0.x) and lower | Open URL Redirection Vulnerability YGN Ethical Hacker Group
[ MDVSA-2012:016 ] glpi security
Monday, 13 February
[slackware-security] vsftpd (SSA:2012-041-05) Slackware Security Team
[slackware-security] glibc (SSA:2012-041-03) Slackware Security Team
[slackware-security] proftpd (SSA:2012-041-04) Slackware Security Team
[slackware-security] httpd (SSA:2012-041-01) Slackware Security Team
[slackware-security] php (SSA:2012-041-02) Slackware Security Team
OWASP AppSec USA 2011 Video & Slides Posted adam
Yahoo! Messenger v11.5 - Buffer Overflow Vulnerability research () vulnerability-lab com
[Suspected Spam] eFront Community++ v3.6.10 - SQL Injection Vulnerability research () vulnerability-lab com
sqlinjection bug in nova cms rezahmail
[ MDVSA-2012:017 ] firefox security
[ MDVSA-2012:018 ] mozilla-thunderbird security
[Announcement] ClubHack Mag - Call for Articles abhijeet
[SECURITY] [DSA 2408-1] php5 security update Moritz Muehlenhoff
Tuesday, 14 February
[ MDVSA-2012:019 ] apr security
Wednesday, 15 February
[CAL-2011-0055]Adobe Shockwave Player Parsing block_cout memory corruption vulnerability Code Audit Labs
[CAL-2011-0071]Adobe Shockwave Player Parsing cupt atom heap overflow Code Audit Labs
FreePBX Remote Exploit dougw
[ MDVSA-2012:020 ] phpldapadmin security
Multiple vulnerabilities in 11in1 advisory
Multiple vulnerabilities in LEPTON advisory
[SECURITY] [DSA 2409-1] devscripts security update Raphael Geissert
TELUS Security Labs VR - Oracle Java Web Start Command Argument Injection Remote Code Execution noreply
Thursday, 16 February
Cisco Security Advisory: Cisco NX-OS Malformed IP Packet Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team
[SECURITY] [DSA 2410-1] libpng security update Moritz Muehlenhoff
2012 Honeynet Project Security Workshop Guillaume Arcas
[PRE-SA-2012-01] Denial-of-service vulnerability in java.util.zip Timo Warns
Re: sqlinjection bug in nova cms Henri Salo
Hackito Ergo sum // HES2012 Final CFP // Call for Hackers Jonathan Brossard
Friday, 17 February
Pandora FMS v4.0.1 - Local File Include Vulnerability + VD Session research () vulnerability-lab com
[Spam] Skype v5.6.59.x - Memory Corruption Vulnerability research () vulnerability-lab com
0-DAY XSS of cforms II is now fixed after a year and four months (was Re: cforms WordPress Plugin Cross Site Scripting Vulnerability - CVE-2010-3977) Kousuke Ebihara
Re: Fwd: 0-DAY XSS of cforms II is now fixed after a year and four months (was Re: cforms WordPress Plugin Cross Site Scripting Vulnerability - CVE-2010-3977) Rodrigo Rubira Branco (BSDaemon)
[security bulletin] HPSBPI02728 SSRT100692 rev.4 - Certain HP Printers and HP Digital Senders, Remote Firmware Update Enabled by Default security-alert
IETF I-D: Security and Interoperability Implications of Oversized IPv6 Header Chains Fernando Gont
PHP 5.2.x Remote Code Execution Vulnerability Worawit Wang
Puppet Dashboard insecure by default Schweiss, Chip
[ MDVSA-2012:021 ] java-1.6.0-openjdk security
Monday, 20 February
Downloads Folder: A Binary Planting Minefield ACROS Security Lists
WebsiteBaker 2.8.2 SP2 HTTP-Referer XSS vulnerability sschurtz
CubeCart 3.0.20 (3.0.x) and lower | Open URL Redirection Vulnerability [Updated] YGN Ethical Hacker Group
[SECURITY] [DSA 2411-1] mumble security update Florian Weimer
[SECURITY] [DSA 2412-1] libvorbis security update Moritz Muehlenhoff
SEC Consult SA-20120220-1 :: Multiple Vulnerabilities in ELBA5 SEC Consult Vulnerability Lab
SEC Consult SA-20120220-0 :: Multiple critical vulnerabilities in VOXTRONIC voxlog professional SEC Consult Vulnerability Lab
SQL Injection Vulnerabilities in TestLink jnatal
DC4420 - London DEFCON - February meet - Tuesday February 21st 2012 Major Malfunction
OxWall 1.1.1 <= Multiple Cross Site Scripting Vulnerabilities YGN Ethical Hacker Group
Dolphin 7.0.7 <= Multiple Cross Site Scripting Vulnerabilities YGN Ethical Hacker Group
Tuesday, 21 February
[SECURITY] [DSA 2413-1] libarchive security update Luk Claes
Vulnerabilitites in Debian F*EX <= 20100208 and F*EX 20111129-2. muuratsalo experimental hack lab
F*EX <= 20100208 Cross Site Scripting Vulnerabilities muuratsalo experimental hack lab
F*EX 20111129-2 Cross Site Scripting Vulnerability muuratsalo experimental hack lab
Re: Vulnerabilitites in Debian F*EX <= 20100208 and F*EX 20111129-2. muuratsalo experimental hack lab
Re: [oss-security] OxWall 1.1.1 <= Multiple Cross Site Scripting Vulnerabilities Kurt Seifried
Re: [oss-security] Dolphin 7.0.7 <= Multiple Cross Site Scripting Vulnerabilities Kurt Seifried
IPv6 NIDS evasion and IPv6 fragmentation/reassembly improvements Fernando Gont
Mercurycom MR804 Router - Multiple HTTP Header Fields Denial Of Service Vulnerability demonalex
Wednesday, 22 February
[SECURITY] [DSA 2414-1] fex security update Nico Golde
[SECURITY] [DSA 2415-1] libmodplug security update Nico Golde
Multiple security vulnerabilities in Tremulous 1.1.0, GPP1, and unofficial MG and TJW engines Simon McVittie
[ MDVSA-2012:022 ] libpng security
Multiple XSS in Chyrp advisory
[ MDVSA-2012:023 ] libxml2 security
Friday, 24 February
Mobile Mp3 Search Engine HTTP Response Splitting CorryL
ZDI-12-032 : Oracle Java Runtime Environment readMabCurveData Integer Overflow Remote Code Execution Vulnerability ZDI Disclosures
ZDI-12-033 : ABB WebWare RobNetScanHost.exe Remote Code Execution Vulnerability ZDI Disclosures
ZDI-12-034 : Microsoft Windows Media Player ASX Meta-File Parsing Remote Code Execution Vulnerability ZDI Disclosures
ZDI-12-035 : Microsoft Internet Explorer CDispNode t:MEDIA Remote Code Execution Vulnerability ZDI Disclosures
ZDI-12-036 : Microsoft Internet Explorer VML CDispScroller Remote Code Execution Vulnerability ZDI Disclosures
ZDI-12-037 : Oracle Java Web Start JNLP Double Quote Remote Code Execution Vulnerability ZDI Disclosures
ZDI-12-038 : Oracle Java JavaFX Arbitrary Argument Remote Code Execution Vulnerability ZDI Disclosures
ZDI-12-039 : Oracle Java Web Start java-vm-args Command Argument Injection Remote Code Execution ZDI Disclosures
TPTI-12-01 : Oracle Java True Type Font IDEF Opcode Parsing Remote Code Execution Vulnerability ZDI Disclosures
[SECURITY] [DSA 2417-1] libxml2 security update Nico Golde
NGS00120 Patch Notification: BlackBerry PlayBook Samba Remote Code Execution Research@NGSSecure
YVS Image Gallery Sql injection CorryL
Security advisory for Bugzilla 4.2 and 4.0.5 LpSolit
Cisco Security Advisory: Cisco Small Business SRP 500 Series Multiple Vulnerabilities Cisco Systems Product Security Incident Response Team
CJWSoft ASPGuest GuestBook 'edit.asp' - SQL Injection Vulnerability demonalex
[SECURITY] [DSA 2416-1] notmuch security update Thijs Kinkhorst
[ MDVSA-2012:022 ] mozilla security
[security bulletin] HPSBUX02737 SSRT100747 rev.2 - HP-UX Running OpenSSL, Remote Denial of Service (DoS) security-alert
[security bulletin] HPSBMU02739 SSRT100280 rev.2 - HP Data Protector Storage Media Operations (SMO), Remote Execution of Arbitrary Code security-alert
[Onapsis Security Advisory 2012-01] Oracle JD Edwards JDENET Arbitrary File Write Onapsis Research Labs
[Onapsis Security Advisory 2012-02] Oracle JD Edwards Security Kernel Remote Password Disclosure Onapsis Research Labs
[Onapsis Security Advisory 2012-03] Oracle JD Edwards SawKernel Arbitrary File Read Onapsis Research Labs
[Onapsis Security Advisory 2012-04] Oracle JD Edwards SawKernel GET_INI Information Disclosure Onapsis Research Labs
[Onapsis Security Advisory 2012-05] Oracle JD Edwards JDENET Multiple Information Disclosure Onapsis Research Labs
[Onapsis Security Advisory 2012-06] Oracle JD Edwards JDENET Large Packets Denial of Service Onapsis Research Labs
[Onapsis Security Advisory 2012-07] Oracle JD Edwards SawKernel SET_INI Configuration Modification Onapsis Research Labs
[Onapsis Security Advisory 2012-08] Oracle JD Edwards Security Kernel Information Disclosure Onapsis Research Labs
PHP Gift Registry 1.5.5 SQL Injection Thomas Richards
Dropbear SSH server use-after-free vulnerability Danny Fullerton
Monday, 27 February
TWSL2012-003: Cross-Site Scripting Vulnerability in Movable Type Publishing Platform Trustwave Advisories
Kongreg8 1.7.3 Mutiple XSS Thomas Richards
Syhunt: Google V8 - Server-Side JS Injection in vulnerable web apps Felipe M. Aragon
NGS00237 Patch Notification: Samba Andx request Remote Code Execution Research@NGSSecure
[SECURITY] [DSA 2414-2] fex regression Nico Golde
pidgin OTR information leakage Dimitris Glynos
DeepSec "Sector v6" - Call for Papers DeepSec Conference
FrameJammer DOM based XSS mkey
Case YVS Image Gallery Henri Salo
[ MDVSA-2012:023 ] libvpx security
Socusoft Photo 2 Video v8.05 - Buffer Overflow Vulnerability research () vulnerability-lab com
OSQA CMS v3b - Multiple Persistent Vulnerabilities research () vulnerability-lab com
Wolf CMS v0.7.5 - Multiple Web Vulnerabilities research () vulnerability-lab com
Re: pidgin OTR information leakage Jann Horn
[SECURITY] [DSA 2418-1] postgresql-8.4 security update Moritz Muehlenhoff
Re: Dolibarr CMS v3.2.0 Alpha - File Include Vulnerabilities regis
Recon 2012 - Call For Papers - June 14-16, 2012 - Montreal, Quebec cfp2012
Re: [Full-disclosure] pidgin OTR information leakage Michele Orru
[SECURITY] [DSA 2419-1] puppet security update Florian Weimer
Re: [Full-disclosure] pidgin OTR information leakage Rich Pieri
Tuesday, 28 February
Re: [Full-disclosure] pidgin OTR information leakage Jeffrey Walton
Re: [oss-security] Case YVS Image Gallery Henri Salo
Re: [Full-disclosure] pidgin OTR information leakage Dimitris Glynos
Re: [Full-disclosure] pidgin OTR information leakage Dimitris Glynos
[ MDVSA-2012:022-1 ] mozilla security
[ MDVSA-2012:023-1 ] libvpx security
Reliable Windows 7 Exploitation: A Case Study Ivan Fratric
ImgPals Photo Host Version 1.0 Admin Account Disactivation CorryL
[ MDVSA-2012:025 ] samba security
[SECURITY] [DSA 2420-1] openjdk-6 security update Florian Weimer
Wednesday, 29 February
Multiple XSS in Dotclear advisory
[ MDVSA-2012:026 ] postgresql security
[ MDVSA-2012:027 ] postgresql8.3 security
Cisco Security Advisory: Cisco Cius Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco Unified Communications Manager Skinny Client Control Protocol Vulnerabilities Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Wireless LAN Controllers Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unity Connection Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco TelePresence Video Communication Server Session Initiation Protocol Denial of Service Vulnerabilities Cisco Systems Product Security Incident Response Team
[SECURITY] [DSA 2421-1] moodle security update Moritz Muehlenhoff
[SECURITY] [DSA 2422-1] file security update Florian Weimer