Bugtraq: by author

• RSS Feed
• About List
• All Lists

Previous period

Next period

157 messages starting May 22 12 and ending May 14 12
Date index | Thread index | Author index

abhijeet

[Announcement] CHMag's Issue 28, May 2012 Released abhijeet (May 22)

admin

PHP CGI Argument Injection Remote Exploit V0.3 - PHP Version admin (May 22)

advisory

2 Buffer Overflows in Wireless Manager Sony VAIO advisory (May 30)
Multiple vulnerabilities in OrangeHRM advisory (May 11)
Multiple XSS in pragmaMx advisory (May 24)
Local File Inclusion in PluXml advisory (May 02)
Multiple vulnerabilities in Pligg CMS advisory (May 24)
Cross-Site Scripting (XSS) in Pivotx advisory (May 11)

Apple Product Security

APPLE-SA-2012-05-14-2 Leopard Security Update 2012-003 Apple Product Security (May 15)
APPLE-SA-2012-05-15-1 QuickTime 7.7.2 Apple Product Security (May 16)
APPLE-SA-2012-05-09-2 Safari 5.1.7 Apple Product Security (May 10)
APPLE-SA-2012-05-07-1 iOS 5.1.1 Software Update Apple Product Security (May 08)
APPLE-SA-2012-05-09-1 OS X Lion v10.7.4 and Security Update 2012-002 Apple Product Security (May 10)
APPLE-SA-2012-05-14-1 Flashback Removal Security Update Apple Product Security (May 15)

asemailing

Call for Paper: 3rd Workshop on Security and Privacy in Social Networks asemailing (May 01)

Asterisk Security Team

AST-2012-007: Remote crash vulnerability in IAX2 channel driver. Asterisk Security Team (May 30)
AST-2012-008: Skinny Channel Driver Remote Crash Vulnerability Asterisk Security Team (May 30)

Attila Bartfai

CFP: Hacktivity 2012, October 12-13, Budapest, Hungary Attila Bartfai (May 25)

bede

SQL Injection and other issues in Micro Technology Services, Inc. Lynx bede (May 03)

brian . radovich

Re: DDIVRT-2011-39 SolarWinds Storage Manager Server SQL Injection Authentication Bypass brian . radovich (May 04)

bruk0ut . sec

Mapserver for Windows (MS4W) Remote Code Execution bruk0ut . sec (May 30)

Call for papers

Call for Papers: The 7th International Conference for Internet Technology and Secured Transactions (ICITST-2012) Call for papers (May 22)

chenz9187

OpenSSL 1.0.1 Buffer Overflow Vulnerability chenz9187 (May 31)

Cisco Systems Product Security Incident Response Team

Cisco Security Advisory: Cisco IOS XR Software Route Processor Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (May 30)

come2waraxe

[waraxe-2012-SA#088] - Reflected XSS in Joomla 2.5.4 admin sysinfo page come2waraxe (May 03)
[waraxe-2012-SA#087] - Reflected XSS in Joomla 1.5.26 "ja_purity" template come2waraxe (May 03)

CORE Security Technologies Advisories

CORE-2012-0123 - SAP Netweaver Dispatcher Multiple Vulnerabilities CORE Security Technologies Advisories (May 11)

dann frazier

[SECURITY] [DSA 2469-1] linux-2.6 security update dann frazier (May 11)

ddivulnalert

DDIVRT-2012-44 Epicor Returns Management SOAP-Based Blind SQL Injection ddivulnalert (May 17)
DDIVRT-2012-43 SCLIntra Enterprise SQL Injection and Authentication Bypass ddivulnalert (May 29)

demonalex

Tftpd32 DNS Server Denial Of Service Vulnerability demonalex (May 28)
WinRadius Server Denial Of Service Vulnerability demonalex (May 28)
Tftpd32 DHCP Server Denial Of Service Vulnerability demonalex (May 22)
FlashPeak SlimBrowser TITLE Denial Of Service Vulnerability demonalex (May 16)
Universal Reader Filename Denial Of Service Vulnerability demonalex (May 14)

Derek Martin

Re: rssh security announcement Derek Martin (May 15)
Re: rssh security announcement Derek Martin (May 10)
rssh security announcement Derek Martin (May 09)
Re: rssh security announcement Derek Martin (May 10)

ds . adv . pub

VMware Backdoor ghi.guest.trashFolder.state Uninitialized Memory Potential VM Break ds . adv . pub (May 08)
VMware Backdoor Response Uninitialized Memory Potential VM Break ds . adv . pub (May 04)

Eelko Neven

Re: Progress Webspeed exploit for all releases Eelko Neven (May 30)

Fabien DUCHENE

GreHack 2012 - Call For Papers (Grenoble, France) Fabien DUCHENE (May 25)

Fernando Gont

LACSEC 2012 Agenda (May 6-11, 2012, Quito, Ecuador) Fernando Gont (May 03)
IPv6 security: New IETF I-Ds, slideware and videos for recent presentations, trainings, etc... Fernando Gont (May 24)

Filippo Cavallarin

Multiple vulnerabilities in LogAnalyzer Filippo Cavallarin (May 24)

Florian Weimer

[SECURITY] [DSA 2473-1] openoffice.org security update Florian Weimer (May 17)
[SECURITY] [DSA 2459-2] quagga security update Florian Weimer (May 08)
[SECURITY] [DSA 2464-2] icedove regression update Florian Weimer (May 10)
[SECURITY] [DSA 2468-1] libjakarta-poi-java security update Florian Weimer (May 10)
[SECURITY] [DSA 2472-1] gridengine security update Florian Weimer (May 16)
[SECURITY] [DSA 2480-2] request-tracker3.8 regression update Florian Weimer (May 30)
[SECURITY] [DSA 2477-1] sympa security update Florian Weimer (May 22)

FreeBSD Security Advisories

FreeBSD Security Advisory FreeBSD-SA-12:02.crypt FreeBSD Security Advisories (May 30)
FreeBSD Security Advisory FreeBSD-SA-12:01.openssl FreeBSD Security Advisories (May 30)
FreeBSD Security Advisory FreeBSD-SA-12:01.openssl FreeBSD Security Advisories (May 03)

g

Re: Wordpress WPsc-MijnPress plugin Cross-Site Scripting Vulnerabilities g (May 02)

Gabriel Menezes Nunes

Corrections about Squid/McAfee URL Filtering Bypass Gabriel Menezes Nunes (May 01)

Geffrey Velasquez

Fortinet FortiWeb Web Application Firewall Policy Bypass Geffrey Velasquez (May 03)

HI-TECH .

Kingcopes AthCon 2012 Slides & Notes HI-TECH . (May 25)

Jeffrey Walton

Ubuntu, Linux Mint, and the Guest Account Jeffrey Walton (May 08)
Fwd: [cryptography] Apple Legacy filevault barn door... Jeffrey Walton (May 08)

Jelmer Kuperus

Liferay 6.1 can be compromised without having an account on the portal Jelmer Kuperus (May 15)
Guests can view names and emailadresses of all Liferay users in liferay 6.1 Jelmer Kuperus (May 15)
Liferay 6.1 json webservices are subject to cross-site request forgery attacks Jelmer Kuperus (May 15)
Multiple xss issues in Liferay Jelmer Kuperus (May 15)
Liferay users can assign themselves to organizations, leading to possible privilege escalation Jelmer Kuperus (May 14)

Jonathan Wiltshire

[SECURITY] [DSA 2476-1] pidgin-otr security update Jonathan Wiltshire (May 22)

Joseph Sheridan

script-fu buffer overflow in GIMP 2.6 Joseph Sheridan (May 31)

Kurt Seifried

Re: [oss-security] CVE Request: Planeshift buffer overflow Kurt Seifried (May 18)
Re: [oss-security] CVE Request: Planeshift buffer overflow Kurt Seifried (May 18)
Re: [oss-security] CVE Request: Planeshift buffer overflow Kurt Seifried (May 18)

Lists

NETGEAR Exposure of Sensitive Information - Security Advisory - SOS-12-005 Lists (May 15)

Major Malfunction

DC4420 - London DEFCON - May meet - Tuesday May 22nd 2012 Major Malfunction (May 22)

Marc Deslauriers

Re: [Full-disclosure] Ubuntu, Linux Mint, and the Guest Account Marc Deslauriers (May 08)

Michal Zalewski

things you can do with downloads Michal Zalewski (May 31)

Moritz Muehlenhoff

[SECURITY] [DSA 2478-1] sudo security update Moritz Muehlenhoff (May 24)
[SECURITY] [DSA 2462-2] imagemagick regression update Moritz Muehlenhoff (May 04)
[SECURITY] [DSA 2457-2] New icedove/iceweasel packages fix regression Moritz Muehlenhoff (May 15)
[SECURITY] [DSA 2479-1] libxml2 security update Moritz Muehlenhoff (May 24)
[SECURITY] [DSA 2480-1] request-tracker3.8 security update Moritz Muehlenhoff (May 24)
[SECURITY] [DSA-2471-1] ffmpeg security update Moritz Muehlenhoff (May 15)
[SECURITY] [DSA 2464-1] icedove security update Moritz Muehlenhoff (May 03)
[SECURITY] [DSA 2463-1] samba security update Moritz Muehlenhoff (May 02)

n0b0d13s

[CVE-2012-1002] OpenConf <= 4.11 (author/edit.php) Blind SQL Injection Vulnerability n0b0d13s (May 02)

Nicolas Grégoire

Re: Trigerring Java code from a SVG image Nicolas Grégoire (May 16)
Trigerring Java code from a SVG image Nicolas Grégoire (May 15)

nospam

Adobe Photoshop CS5.1 U3D.8BI Library Collada Asset Elements Stack Based Buffer Overflow Vulnerability nospam (May 11)

oLhrrBHQeTr0EmbKwBXa

Firefox security bug (proxy-bypass) in current Tor BBs oLhrrBHQeTr0EmbKwBXa (May 03)

pereira

Drupal 7.14 <= Full Path Disclosure Vulnerability pereira (May 10)
Drupal 7.14 <= Full Path Disclosure Vulnerability (Update) pereira (May 10)
b2ePMS 1.0 Authentication Bypass Vulnerability pereira (May 14)
Re: Drupal 7.14 <= Full Path Disclosure Vulnerability pereira (May 10)

pi3

The story of the Linux kernel 3.x... pi3 (May 16)

Raphael Geissert

[SECURITY] [DSA 2474-1] ikiwiki security update Raphael Geissert (May 17)
[SECURITY] [DSA 2475-1] openssl security update Raphael Geissert (May 18)

Research

Format Factory v2.95 - Buffer Overflow Vulnerabilities Research (May 08)
Format Factory v2.95 - Buffer Overflow Vulnerabilities Research (May 08)
LAN Messenger v1.2.28 - Denial of Service Vulnerability Research (May 02)

Rob Weir

CVE-2012-1149 OpenOffice.org integer overflow error in vclmi.dll module when allocating memory for an embedded image object Rob Weir (May 16)
CVE-2012-2334 Vulnerabilities related to malformed Powerpoint files in OpenOffice.org 3.3.0 Rob Weir (May 16)
CVE-2012-2149 OpenOffice.org memory overwrite vulnerability Rob Weir (May 16)

Rodrigo Rubira Branco (BSDaemon)

Adobe Shockwave Player Remote Code Execution (CVE-2012-2030) Rodrigo Rubira Branco (BSDaemon) (May 10)
Apple Quicktime Memory Corruption (CVE-2012-0671) Rodrigo Rubira Branco (BSDaemon) (May 16)
Adobe Shockwave Player Remote Code Execution (CVE-2012-2031) Rodrigo Rubira Branco (BSDaemon) (May 10)
Adobe Shockwave Player Remote Code Execution (CVE-2012-2029) Rodrigo Rubira Branco (BSDaemon) (May 10)
H2HC Brazil 9th Edition - Call for Papers Rodrigo Rubira Branco (BSDaemon) (May 18)

Roee Hay

Advisory: Android SQLite Journal Information Disclosure (CVE-2011-3901) Roee Hay (May 03)

SEC Consult Vulnerability Lab

SEC Consult SA-20120518 :: Memory overwrite vulnerability in libwpd (OpenOffice.org) - CVE-2012-2149 SEC Consult Vulnerability Lab (May 18)

security

[ MDVSA-2012:086 ] acpid security (May 31)
[ MDVSA-2012:070 ] samba security (May 08)
[ MDVSA-2012:082 ] pidgin security (May 28)
[ MDVSA-2012:080 ] wireshark security (May 24)
[ MDVSA-2012:074 ] ffmpeg security (May 15)
[ MDVSA-2012:069 ] cifs-utils security (May 08)
[ MDVSA-2012:075 ] ffmpeg security (May 15)
[ MDVSA-2012:079 ] sudo security (May 22)
[ MDVSA-2012:072 ] roundcubemail security (May 11)
[ MDVSA-2012:073 ] openssl security (May 15)
[ MDVSA-2012:067 ] samba security (May 01)
[ MDVSA-2012:076 ] ffmpeg security (May 15)
Serendipity 1.6 Backend Cross-Site Scripting and SQL-Injection vulnerability security (May 09)
[ MDVSA-2012:081 ] firefox security (May 24)
[ MDVSA-2012:084 ] ncpfs security (May 29)
[ MDVSA-2012:083 ] util-linux security (May 29)
[ MDVSA-2012:085 ] tomcat5 security (May 30)
[ MDVSA-2012:078 ] imagemagick security (May 17)
[ MDVSA-2012:077 ] imagemagick security (May 17)
[ MDVSA-2012:068-1 ] php security (May 10)
[ MDVSA-2012:071 ] php security (May 11)

Security_Alert

ESA-2012-019: EMC Documentum Information Rights Management Multiple Vulnerabilities Security_Alert (May 11)
ESA-2012-020: EMC AutoStart Multiple Buffer Overflow Vulnerabilities Security_Alert (May 24)

security-alert

[security bulletin] HPSBOV02780 SSRT100766 rev.1 - HP OpenVMS ACMELOGIN, Local Unauthorized security-alert (May 18)
[security bulletin] HPSBUX02782 SSRT100844 rev.1 - HP-UX Running OpenSSL, Remote Denial of security-alert (May 17)
[security bulletin] HPSBMU02772 SSRT100603 rev.1 - HP System Health Application and Command Line Utilities for Linux, Remote Execution of Arbitrary Code security-alert (May 02)
[security bulletin] HPSBUX02784 SSRT100871 rev.1 - HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities security-alert (May 31)
[security bulletin] HPSBMU02785 SSRT100526 rev.1 - HP LoadRunner Running on Windows, Remote Execution of Arbitrary Code security-alert (May 31)
[security bulletin] HPSBMU02771 SSRT100558 rev.1 - HP SNMP Agents for Linux, Remote Cross Site Scripting (XSS), URL Redirection security-alert (May 02)
[security bulletin] HPSBMU02775 SSRT100853 rev.1 - HP Performance Insight for Networks Running on HP-UX, Linux, Solaris, and Windows, Remote SQL Injection, Cross Site Scripting (XSS), Privilege Elevation security-alert (May 09)
[security bulletin] HPSBUX02777 SSRT100854 rev.1 - HP-UX Running Java JRE and JDK, Remote Denial security-alert (May 17)
[security bulletin] HPSBMU02770 SSRT100848 rev.1 - HP Insight Management Agents for Windows Server, Remote Cross Site Request Forgery (CSRF), Cross Site Scripting (XSS), URL Redirection, Unauthorized Modification, Denial of Service (DoS) security-alert (May 02)
[security bulletin] HPSBMU02775 SSRT100853 rev.2 - HP Performance Insight for Networks Running on HP-UX, Linux, Solaris, and Windows, Remote SQL Injection, Cross Site Scripting (XSS), Privilege Elevation security-alert (May 10)

Security Explorations

[SE-2011-01] Security of SAT TV set-to-boxes and DVB chipsets (details released) Security Explorations (May 28)

Stefan Bodewig

[CVE-2012-2098] Apache Commons Compress and Apache Ant denial of service vulnerability Stefan Bodewig (May 24)

Stefan Kanthak

ICACLS.EXE ignores and destroys SE_DACL_PROTECTED/SE_SACL_PROTECTED Stefan Kanthak (May 15)

Thijs Kinkhorst

[SECURITY] [DSA 2466-1] rails security update Thijs Kinkhorst (May 10)
[SECURITY] [DSA 2422-2] file regression fix Thijs Kinkhorst (May 10)
[SECURITY] [DSA 2465-1] php5 security update Thijs Kinkhorst (May 10)
[SECURITY] [DSA 2467-1] mahara security update Thijs Kinkhorst (May 10)

Timo Warns

[PRE-SA-2012-03] Linux kernel: Buffer overflow in HFS plus filesystem Timo Warns (May 16)

Tomi Tuominen

t2'12: Call for Papers 2012 (Helsinki / Finland) Tomi Tuominen (May 11)

VMware Security Team

VMSA-2012-0009 VMware Workstation, Player, ESXi and ESX patches address critical security issues VMware Security Team (May 03)

webvulscan

New Open Source Web Application Vulnerability Scanner Available webvulscan (May 18)

YGN Ethical Hacker Group

Acuity CMS 2.6.x <= Arbitrary File Upload YGN Ethical Hacker Group (May 22)
Acuity CMS 2.6.x <= Path Traversal Arbitrary File Access YGN Ethical Hacker Group (May 22)

Yves-Alexis Perez

[SECURITY] [DSA 2483-1] strongswan security update Yves-Alexis Perez (May 31)
[SECURITY] [DSA 2670-1] wordpress security update Yves-Alexis Perez (May 14)

Previous period

Next period