Bugtraq: by thread
172 messages
starting Jul 02 12 and
ending Jul 31 12
Date index |
Thread index |
Author index
- [SECURITY] [DSA 2505-1] zendframework security update Florian Weimer (Jul 02)
- Basilic RCE bug m . razavi777 (Jul 02)
- <Possible follow-ups>
- Re: Basilic RCE bug larry0 (Jul 06)
- IBM Edge Components Caching Proxy XSS Followup BugsNotHugs (Jul 02)
- Sun iPlanet Error Page Link Injection BugsNotHugs (Jul 02)
- IBM developerWorks ncp (Nigel's Capacity Planning) 2.1 Remote Information Disclosure BugsNotHugs (Jul 02)
- Bookmark4U lostpasswd.php env[include_prefix] Parameter RFI BugsNotHugs (Jul 02)
- [ MDVSA-2012:096-1 ] python security (Jul 02)
- [security bulletin] HPSBMU02781 SSRT100617 rev.1 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows running PostgreSQL, Remote Execution of Arbitrary Code, Denial of Service (DoS) security-alert (Jul 02)
- [security bulletin] HPSBMU02783 SSRT100806 rev.1 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Cross Site Scripting (XSS) security-alert (Jul 02)
- NGS00196 Patch Notification: Nagios XI Network Monitor OS Command Injection Research@NGSSecure (Jul 02)
- NGS00194 Patch Notification: Nagios XI Network Monitor Blind SQL Injection Research@NGSSecure (Jul 02)
- NGS00195 Patch Notification: Nagios XI Network Monitor Stored and Reflected XSS Research@NGSSecure (Jul 02)
- NGS00162 Patch Notification: Symantec Message Filter Session Hijacking via session fixation Research@NGSSecure (Jul 02)
- Malicious Code Execution in PCI Expansion ROM Adam Behnke (Jul 03)
- [IA30] Photodex ProShow Producer v5.0.3256 Local Buffer Overflow Vulnerability Inshell Security (Jul 03)
- [SECURITY] [DSA 2506-1] libapache-mod-security security update Yves-Alexis Perez (Jul 03)
- Slideware of IPv6 hacking training (HIP 2012 edition), and future trainings (Portugal & Belgium) Fernando Gont (Jul 03)
- [security bulletin] HPSBUX02795 SSRT100878 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS) security-alert (Jul 03)
- [ MDVSA-2012:101 ] libtiff security (Jul 04)
- [CVE-2012-0911] Tiki Wiki CMS Groupware <= 8.3 "unserialize()" PHP Code Execution n0b0d13s (Jul 04)
- Cyberoam advisory Ben Laurie (Jul 04)
- From XSLT code execution to Meterpreter shells Nicolas Grégoire (Jul 04)
- plow 0.0.5 <= Buffer Overflow Vulnerability pereira (Jul 04)
- Re: plow 0.0.5 <= Buffer Overflow Vulnerability Henri Salo (Jul 09)
- <Possible follow-ups>
- Re: Re: plow 0.0.5 <= Buffer Overflow Vulnerability pereira (Jul 10)
- Forum Oxalis 0.1.2 <= SQL Injection Vulnerability pereira (Jul 04)
- Vulnerable Microsoft VC++ 2005 runtime libraries in "Microsoft Live Meeting 2007 Client" installed in private location Stefan Kanthak (Jul 04)
- Blind SQL Injection in Webmatic advisory (Jul 04)
- Just4meeting 3.0 - Lisbon/Portugal - 6 to 8 - July Ralf Braga (Jul 04)
- Wordpress (editormonkey) Arbitrary File Upload Vulnerability Amir (Jul 04)
- [SECURITY] [DSA 2507-1] openjdk-6 security update Moritz Muehlenhoff (Jul 04)
- IIS Short File/Folder Name Disclosure by using tilde ~ character bugreport (Jul 04)
- .Net Framework Tilde Character DoS bugreport (Jul 04)
- .Net Framework Tilde Character DoS - Sorry, exploit-db link corrected bugreport (Jul 04)
- Event Script PHP v1.1 CMS - Multiple Web Vulnerabilites Research (Jul 04)
- GuestBook Scripts PHP v1.5 - Multiple Web Vulnerabilites Research (Jul 04)
- Classified Ads Script PHP v1.1 - SQL Injection Vulnerabilities Research (Jul 04)
- Freeside SelfService CGI|API 2.3.3 - Multiple Vulnerabilities Research (Jul 04)
- ESA-2012-026: RSA Access Manager Session Replay Vulnerability Security_Alert (Jul 04)
- CLscript CMS v3.0 - Multiple Web Vulnerabilities Research (Jul 05)
- ClubHack2012 CFP Open Now abhijeet (Jul 05)
- IPv6 security tools released Fernando Gont (Jul 05)
- [security bulletin] HPSBGN02750 SSRT100795 rev.1 - HP ProtectTools Enterprise Device Access Manager Running on Windows, Remote Execution of Arbitrary Code, Denial of Service (DoS) security-alert (Jul 05)
- [ MDVSA-2012:102 ] krb5 security (Jul 06)
- [SECURITY] [DSA 2509-1] pidgin security update Luciano Bello (Jul 09)
- AST-2012-010: Possible resource leak on uncompleted re-invite transactions Asterisk Security Team (Jul 09)
- AST-2012-011: Remote crash vulnerability in voice mail application Asterisk Security Team (Jul 09)
- [SECURITY] CVE-2012-2138 Apache Sling denial of service vulnerability Bertrand Delacretaz (Jul 09)
- BookNux 0.2 <= Multiple Vulnerabilities pereira (Jul 09)
- <Possible follow-ups>
- BookNux 0.2 <= Multiple Vulnerabilities pereira (Jul 09)
- [CVE-2012-3376] Apache Hadoop HDFS information disclosure vulnerability Aaron T. Myers (Jul 09)
- Call for Papers: The 7th International Conference for Internet Technology and Secured Transactions (ICITST-2012) Call for papers (Jul 09)
- Checkpoint Abra - Vulnerabilities komarov (Jul 09)
- GreHack 2012 - extended deadline CFP 15th August 2012 (Grenoble, France) Fabien DUCHENE (Jul 09)
- [security bulletin] HPSBMU02796 SSRT100594 rev.1 - HP Operations Agent for AIX, HP-UX, Linux, Solaris and Windows, Remote Execution of Arbitrary Code security-alert (Jul 10)
- Re: CitrusDB 2.4.1 - LFI/SQLi Vulnerability mbsarwin (Jul 11)
- Multiple Cross-Site Scripting (XSS) in Kajona advisory (Jul 11)
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Recording Server Cisco Systems Product Security Incident Response Team (Jul 11)
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Immersive Endpoint Devices Cisco Systems Product Security Incident Response Team (Jul 11)
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Multipoint Switch Cisco Systems Product Security Incident Response Team (Jul 11)
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Manager Cisco Systems Product Security Incident Response Team (Jul 11)
- ESA-2012-027: EMC Celerra/VNX/VNXe Improper Access Control Vulnerability Security_Alert (Jul 11)
- ESA-2012-023: RSA Authentication Manager Multiple Vulnerabilities Security_Alert (Jul 12)
- [ MDVSA-2012:103 ] automake security (Jul 12)
- [ MDVSA-2012:104 ] openjpeg security (Jul 12)
- [ MDVSA-2012:105 ] pidgin security (Jul 12)
- TP Link Gateway v3.12.4 - Multiple Web Vulnerabilities Admin (Jul 12)
- Phonalisa v5.0 VoiP - Multiple Web Vulnerabilities Research (Jul 12)
- Funeral Script PHP - Multiple Web Vulnerabilites Research (Jul 12)
- PHP Jobsite v1.36 - Cross Site Scripting Vulnerabilities Research (Jul 12)
- Reserve Logic v1.2 Booking CMS - Multiple Vulnerabilities Research (Jul 12)
- ZDI-12-114 : HP OpenView Performance Agent coda.exe Opcode 0x34 Remote Code Execution Vulnerability ZDI Disclosures (Jul 12)
- ZDI-12-115 : HP OpenView Performance Agent coda.exe Opcode 0x8C Remote Code Execution Vulnerability ZDI Disclosures (Jul 12)
- ZDI-12-116 : EMC AutoStart ftAgent Opcode 50 Subcode 04 Parsing Remote Code Execution Vulnerability ZDI Disclosures (Jul 12)
- ZDI-12-117 : EMC AutoStart ftAgent Opcode 50 Parsing Remote Code Execution Vulnerability ZDI Disclosures (Jul 12)
- ZDI-12-118: EMC AutoStart ftAgent Opcode 0x03 Parsing Remote Code Execution Vulnerability ZDI Disclosures (Jul 12)
- ZDI-12-119: EMC AutoStart ftAgent Opcode 0x41 Subcode 0x00 Parsing Remote Code Execution Vulnerability ZDI Disclosures (Jul 12)
- ZDI-12-120: EMC AutoStart ftAgent Opcode 85 Subcode 22 Parsing Remote Code Execution Vulnerability ZDI Disclosures (Jul 12)
- ZDI-12-121: EMC AutoStart ftAgent Opcode 85 Subcode 01 Parsing Remote Code Execution Vulnerability ZDI Disclosures (Jul 12)
- ZDI-12-122: EMC AutoStart ftAgent Opcode 65 Parsing Remote Code Execution Vulnerability ZDI Disclosures (Jul 12)
- ZDI-12-123: EMC AutoStart ftAgent Opcode 50 Subcode 60 Parsing Remote Code Execution Vulnerability ZDI Disclosures (Jul 12)
- ZDI-12-124: EMC AutoStart ftAgent Opcode 50 Subcode 42 Parsing Remote Code Execution Vulnerability ZDI Disclosures (Jul 12)
- ZDI-12-125: Apple Quicktime QTPlugin SetLanguage Remote Code Execution Vulnerability ZDI Disclosures (Jul 12)
- [SECURITY] [DSA 2511-1] puppet security update Moritz Muehlenhoff (Jul 12)
- [SECURITY] [DSA 2512-1] mono security update Moritz Muehlenhoff (Jul 12)
- security advisory: AirDroid 1.0.4 beta Kathrin Schäberle (Jul 13)
- [SECURITY] [DSA 2510-1] extplorer security update Luciano Bello (Jul 13)
- [ MDVSA-2012:106 ] libexif security (Jul 13)
- [ MDVSA-2012:107 ] exif security (Jul 13)
- [security bulletin] HPSBMU02796 SSRT100594 rev.2 - HP Operations Agent for AIX, HP-UX, Linux, Solaris and Windows, Remote Execution of Arbitrary Code security-alert (Jul 13)
- [slackware-security] pidgin (SSA:2012-195-02) Slackware Security Team (Jul 16)
- [slackware-security] php (SSA:2012-195-01) Slackware Security Team (Jul 16)
- Google Chrome 19 metro_driver.dll mishandling moshez (Jul 16)
- Event Calendar PHP 1.2 - Multiple Web Vulnerabilites Research (Jul 16)
- VamCart v0.9 CMS - Multiple Web Vulnerabilities Research (Jul 16)
- SMF Board v2.0.2 - Multiple Web Vulnerabilities Research (Jul 16)
- PBBoard v2.1.4 CMS - Multiple Web Vulnerabilities Research (Jul 16)
- Blackboard Mobile Learn v3.0 - Persistent Web Vulnerability Research (Jul 16)
- MGB OpenSource Guestbook 0.6.9.1 Multiple security vulnerabilities sschurtz (Jul 16)
- WordPress Plugin 'Count Per Day' 3.1.1 Multiple Cross-site scripting vulnerabilities sschurtz (Jul 16)
- CakePHP 2.x-2.2.0-RC2 XXE Injection pawel . wylecial (Jul 16)
- libexif project security advisory July 12, 2012 Dan Fandrich (Jul 16)
- [security bulletin] HPSBGN02787 SSRT100876 rev.1 - HP AssetManager, Remote Cross Site Scripting (XSS) and Unauthorized Data Modification security-alert (Jul 16)
- 0A29-12-2 :Metasploit 'pcap_log' plugin privilege escalation vulnerability 0a29 40 (Jul 16)
- CORE-2011-1123 - Windows Kernel ReadLayoutFile Heap Overflow CORE Security Technologies Advisories (Jul 17)
- Unpatched IIS Vulnerabilities / Microsoft July Security Bulletin king cope (Jul 17)
- Re: [Full-disclosure] Unpatched IIS Vulnerabilities / Microsoft July Security Bulletin Thor (Hammer of God) (Jul 17)
- DC4420 - London DEFCON - July meet - Tuesday July 17th 2012 Major Malfunction (Jul 17)
- AVAVoIP v1.5.12 - Multiple Web Vulnerabilities Administrator (Jul 17)
- KeyPass Password Safe v1.22 - Software Filter Vulnerability Research (Jul 17)
- DomsHttpd 1.0 <= Remote Denial Of Service pereira (Jul 17)
- Secunia Research: Cisco Linksys PlayerPT ActiveX Control "SetSource()" Buffer Overflow Secunia Research (Jul 17)
- [PT-2012-23] SQL Injection in Dr.Web Anti-virus noreply (Jul 17)
- [security bulletin] HPSBMU02799 SSRT100867 rev.1 - HP Network Node Manager i (NNMi) v9.0x Running JDK for HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Information Disclosure, Modification, Denial of Service (DoS) security-alert (Jul 17)
- [security bulletin] HPSBMU02797 SSRT100867 rev.1 - HP Network Node Manager i (NNMi) v9.1x Running JDK for HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Information Disclosure, Modification, Denial of Service (DoS) security-alert (Jul 17)
- [SECURITY] [DSA 2514-1] iceweasel security update Nico Golde (Jul 18)
- [slackware-security] mozilla-firefox (SSA:2012-200-02) Slackware Security Team (Jul 18)
- [slackware-security] mozilla-thunderbird (SSA:2012-200-03) Slackware Security Team (Jul 18)
- [slackware-security] seamonkey (SSA:2012-200-04) Slackware Security Team (Jul 18)
- [slackware-security] libexif (SSA:2012-200-01) Slackware Security Team (Jul 19)
- ZDI-12-126 : (0 day) HP StorageWorks File Migration Agent RsaCIFS.dll Remote Code Execution Vulnerability ZDI Disclosures (Jul 19)
- ZDI-12-127 : (0Day) HP StorageWorks File Migration Agent RsaFTP.dll Remote Code Execution Vulnerability ZDI Disclosures (Jul 19)
- GreHack 2012 - Call For Musicians/Artists/DJs application open till October 5th 2012 (Grenoble, France) Fabien DUCHENE (Jul 19)
- [SECURITY] [DSA 2515-1] nsd3 security update Nico Golde (Jul 19)
- [Announcement] ClubHack Magazine's July 2012 Issue Released abhijeet (Jul 19)
- [ MDVSA-2012:108 ] php security (Jul 23)
- POC2012 Call for Paper pocadm (Jul 23)
- NESSUS ANDROID APP - stores login info in plain text securityfocus (Jul 23)
- CodeIgniter <= 2.1.1 xss_clean() Cross Site Scripting filter bypass Krzysztof Kotowicz (Jul 23)
- Free Web App Security Challenges - Hackademics Project Ivan Buetler (Jul 23)
- Wordpress (chenpress Plugin) Arbitrary File Upload Vulnerability Amir (Jul 23)
- Re: Wordpress (chenpress Plugin) Arbitrary File Upload Vulnerability Henri Salo (Jul 24)
- [SECURITY] [DSA 2508-1] kfreebsd-8 security update Yves-Alexis Perez (Jul 23)
- file clobbering vulnerability in Solaris update manager & local root with SUNWbindr install. larry0 (Jul 23)
- [ MDVSA-2012:109 ] libxslt security (Jul 24)
- [ MDVSA-2012:110 ] mozilla security (Jul 24)
- Android DNS poisoning: Randomness gone bad (CVE-2012-2808) Roee Hay (Jul 24)
- [slackware-security] libpng (SSA:2012-206-01) Slackware Security Team (Jul 25)
- APPLE-SA-2012-07-25-1 Safari 6.0 Apple Product Security (Jul 25)
- [ MDVSA-2012:111 ] libgdata security (Jul 25)
- Cross-Site Scripting (XSS) in Redaxo advisory (Jul 25)
- [security bulletin] HPSBUX02789 SSRT100824 rev.3 - HP-UX CIFS Server (Samba), Remote Execution of Arbitrary Code, Elevation of Privileges security-alert (Jul 25)
- [security bulletin] HPSBUX02795 SSRT100878 rev.2 - HP-UX Running BIND, Remote Denial of Service (DoS) security-alert (Jul 26)
- APPLE-SA-2012-07-25-2 Xcode 4.4 Apple Product Security (Jul 26)
- tekno.Portal 0.1b - SQLi Vulnerability in "anket.php" Socket_0x03 (Jul 26)
- [ MDVSA-2012:112 ] perl-DBD-Pg security (Jul 26)
- [SECURITY] [DSA 2516-1] isc-dhcp security update Nico Golde (Jul 26)
- [ MDVSA-2012:113 ] arpwatch security (Jul 26)
- [ MDVSA-2012:114 ] apache-mod_auth_openid security (Jul 26)
- [ MDVSA-2012:115 ] dhcp security (Jul 26)
- [ MDVSA-2012:116 ] dhcp security (Jul 26)
- [ MDVSA-2012:117 ] python-pycrypto security (Jul 27)
- Security advisory for Bugzilla 4.3.2, 4.2.2, 4.0.7 and 3.6.10 LpSolit (Jul 27)
- [ MDVSA-2012:118 ] apache-mod_security security (Jul 27)
- [slackware-security] bind (SSA:2012-209-01) Slackware Security Team (Jul 30)
- [ MDVSA-2012:119 ] bind security (Jul 30)
- [ MDVSA-2012:110-1 ] mozilla security (Jul 30)
- TWSL2012-014: Multiple Vulnerabilities in Scrutinizer NetFlow & sFlow Analyzer Trustwave Advisories (Jul 30)
- Spark IM Client Local Password Decryption Adam Caudill (Jul 30)
- ocPortal 7.1.5 <= | Open URL Redirection Vulnerability YGN Ethical Hacker Group (Jul 30)
- Security Advisory in LedgerSMBv 1.3.20 and below: Denial of Service vulnerability Chris Travers (Jul 30)
- Dr. Web Control Center Admin UI Remote Script Code Injection Oliver Karow (Jul 30)
- DataWatch Monarch BI v5.1 admin section reflected cross-site scripting vulns (Jul 30)
- DataWatch Monarch Business Intelligence (BI) v5.1 admin section stored cross-site scripting vulns (Jul 30)
- DataWatch Monarch Business Intelligence (BI) v5.1 client section stored cross-site scripting vulns (Jul 30)
- DataWatch Monarch Business Intelligence (BI) v5.1 Blind SQL injection vulns (Jul 30)
- DataWatch Monarch Business Intelligence (BI) v5.1 Admin Section Blind XPath Injection vulns (Jul 30)
- TEMENOS T24 R07.03 Reflected Cross-Site Scripting vulns (Jul 30)
- TEMENOS T24 R07.03 Authentication Bypass vulns (Jul 30)
- [SECURITY] [DSA 2517-1] bind9 security update Nico Golde (Jul 30)
- MITKRB5-SA-2012-001: KDC heap corruption and crash [CVE-2012-1014 CVE-2012-1015] Tom Yu (Jul 31)