Bugtraq: by author

• RSS Feed
• About List
• All Lists

Previous period

Next period

192 messages starting Apr 18 13 and ending Apr 30 13
Date index | Thread index | Author index

43z sec

CVE-2013-2504 : Matrix42 Service Desk XSS 43z sec (Apr 18)

advisory

Novell GroupWise Multiple Remote Code Execution Vulnerabilities advisory (Apr 03)
SQL Injection Vulnerability in Symphony advisory (Apr 03)
Multiple Vulnerabilities in KrisonAV CMS advisory (Apr 17)
PHP Code Injection in FUDforum advisory (Apr 03)

akshay . vaghela

Groovy Media Player buffer overflow Vulnerability akshay . vaghela (Apr 04)

Alexandre De Oliveira

Hackito Ergo Sum 2013 Speaker Announcement! Alexandre De Oliveira (Apr 09)

Apple Product Security

APPLE-SA-2013-04-16-1 Safari 6.0.4 Apple Product Security (Apr 17)
APPLE-SA-2013-04-16-2 Java for OS X 2013-003 and Mac OS X v10.6 Update 15 Apple Product Security (Apr 17)

Carl Benedict

Cisco/Linksys HTTP Service Remote DoS (Denial of Service) Carl Benedict (Apr 24)
Cisco/Linksys E1200 N300 Reflected XSS Carl Benedict (Apr 29)

Cisco Systems Product Security Incident Response Team

Cisco Security Advisory: Cisco Network Admission Control Manager SQL Injection Vulnerability Cisco Systems Product Security Incident Response Team (Apr 18)
Cisco Security Advisory: Cisco TelePresence Infrastructure Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Apr 18)
Cisco Security Advisory: Multiple Vulnerabilities in Cisco NX-OS-Based Product Cisco Systems Product Security Incident Response Team (Apr 25)
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified Computing System Cisco Systems Product Security Incident Response Team (Apr 25)
Cisco Security Advisory: Cisco Device Manager Command Execution Vulnerability Cisco Systems Product Security Incident Response Team (Apr 25)

come2waraxe

[waraxe-2013-SA#102] - Reflected XSS in phpMyAdmin 3.5.7 come2waraxe (Apr 09)
[waraxe-2013-SA#100] - Update Spoofing Vulnerability in mRemote 1.50 come2waraxe (Apr 01)
[waraxe-2013-SA#103] - Multiple Vulnerabilities in phpMyAdmin come2waraxe (Apr 25)
[waraxe-2013-SA#101] - Update Spoofing Vulnerability in Royal TS 2.1.5 come2waraxe (Apr 01)

CORE Security Technologies Advisories

CORE-2013-0303 - D-Link IP Cameras Multiple Vulnerabilities CORE Security Technologies Advisories (Apr 30)

ddivulnalert

DDIVRT-2013-52 Dell EqualLogic PS6110X Directory Traversal ddivulnalert (Apr 16)

demonalex

Personal File Share HTTP Server Remote Overflow Vulnerability demonalex (Apr 30)
Syslog Watcher Pro 'Date' Parameter Cross Site Scripting Vulnerability demonalex (Apr 30)

devnull

Multiple Vulnerabilities in D'Link DIR-635 devnull (Apr 26)
Multiple Vulnerabilities in D-Link devices devnull (Apr 08)
Multiple Vulnerabilities in D'Link DIR-615 - Hardware revision D3 / DIR-300 - Hardware revision A devnull (Apr 23)

Egidio Romano

[KIS-2013-04] Joomla! <= 3.0.3 (remember.php) PHP Object Injection Vulnerability Egidio Romano (Apr 29)

ESNC Security

[ESNC-2013-001] Privilege Escalation in SAP Healthcare Industry Solution ESNC Security (Apr 17)
[ESNC-2013-004] Remote ABAP Code Injection in OpenText/IXOS ECM for SAP NetWeaver ESNC Security (Apr 24)
[ESNC-2013-003] Remote OS Command Execution in SAP BASIS Communication Services ESNC Security (Apr 17)
[ESNC-2013-002] Privilege Escalation in SAP Production Planning and Control ESNC Security (Apr 17)

F. Duchene

GreHack 2013 - Call For Papers - November 15, Grenoble, France F. Duchene (Apr 04)

Fernando Gont

SI6 Networks' IPv6 Toolkit v1.3.4 released! Fernando Gont (Apr 17)
Hacking IPv6 networks training (slideware, upcoming trainings, etc.) Fernando Gont (Apr 29)

FreeBSD Security Advisories

FreeBSD Security Advisory FreeBSD-SA-13:05.nfsserver FreeBSD Security Advisories (Apr 30)
FreeBSD Security Advisory FreeBSD-SA-13:04.bind FreeBSD Security Advisories (Apr 03)
FreeBSD Security Advisory FreeBSD-SA-13:03.openssl FreeBSD Security Advisories (Apr 03)
FreeBSD Security Advisory FreeBSD-SA-13:05.nfsserver [REVISED] FreeBSD Security Advisories (Apr 30)

Giuseppe Iuculano

[SECURITY] [DSA 2658-1] postgresql-9.1 security update Giuseppe Iuculano (Apr 04)
[SECURITY] [DSA 2657-1] postgresql-8.4 security update Giuseppe Iuculano (Apr 04)

ISecAuditors Security Advisories

[ISecAuditors Security Advisories] Multiple Full Path Disclosure Vulnerabilities in TinyWebGallery <= v1.8.9 ISecAuditors Security Advisories (Apr 08)

Itzik Kotler

Hackersh 0.1 Release Announcement Itzik Kotler (Apr 04)

Ken

[CVE-2012-5389] Null Pointer Derefence in Dart Webserver <= 1.9.2 Ken (Apr 08)

larry0

Remote command injection in Ruby Gem kelredd-pruview 0.3.8 larry0 (Apr 12)
Remote command execution in Ruby Gem ldoce 0.0.2 larry0 (Apr 02)

Lists

Google AD Sync Tool - Exposure of Sensitive Information Vulnerability - Security Advisory - SOS-13-001 Lists (Apr 03)

Major Malfunction

DC4420 - London DEFCON - April meet - Tuesday 23rd April 2013 Major Malfunction (Apr 18)

Martin Braun

Open-Xchange Security Advisory 2013-04-17 Martin Braun (Apr 17)

Maxim Konovalov

Re: Nginx ngx_http_close_connection function integer overflow Maxim Konovalov (Apr 29)
Re: Nginx ngx_http_close_connection function integer overflow Maxim Konovalov (Apr 29)

Michael Eddington

EDSC 2013 CFP Open Michael Eddington (Apr 29)

Michał Błaszczak

[SQLi] vBilling for FreeSWITCH Michał Błaszczak (Apr 22)

Michal J.

WowzaMediaServer StorageDir escape (regression) Michal J. (Apr 30)
WowzaMediaServer SecureToken bypass (and worse) Michal J. (Apr 30)

mschratt

Vanilla Forums 2.0.18 / SQL-Injection / Insert arbitrary user & dump usertable mschratt (Apr 08)

NCC Group Research

NGS00248 Patch Notification: Virtual Access Monitor Multiple SQL Injection Vulnerabilities NCC Group Research (Apr 02)

nospam

Borland Silk Central 12.1 TeeChart Pro Activex control AddSeries Remote Code Execution nospam (Apr 26)
Borland Caliber 11.0 Quiksoft EasyMail SMTP Object Buffer Overflows nospam (Apr 26)

roberto

Authentication bypass on Netgear WNR1000 roberto (Apr 01)

roberto . paleari

Sitecom WLM-3500 backdoor accounts roberto . paleari (Apr 17)

safe3q

Nginx ngx_http_close_connection function integer overflow safe3q (Apr 25)

Salvatore Bonaccorso

[SECURITY] [DSA 2660-1] curl security update Salvatore Bonaccorso (Apr 22)
[SECURITY] [DSA 2656-1] bind9 security update Salvatore Bonaccorso (Apr 01)
[SECURITY] [DSA 2662-1] xen security update Salvatore Bonaccorso (Apr 18)
[SECURITY] [DSA 2654-1] libxslt security update Salvatore Bonaccorso (Apr 04)

SEC Consult Vulnerability Lab

SEC Consult 20130417-0 :: Multiple vulnerabilities in Sosci Survey SEC Consult Vulnerability Lab (Apr 18)
SEC Consult SA-20130403-0 :: Multiple vulnerabilities in Sophos Web Protection Appliance SEC Consult Vulnerability Lab (Apr 03)
SEC Consult 20130404-0 :: Multiple Vulnerabilities in Censornet Professional v4 (2.1.7) SEC Consult Vulnerability Lab (Apr 04)
SEC Consult SA-20130417-1 :: Java ActiveX Control Memory Corruption SEC Consult Vulnerability Lab (Apr 18)
Re: SEC Consult SA-20130417-1 :: Java ActiveX Control Memory Corruption SEC Consult Vulnerability Lab (Apr 19)
SEC Consult SA-20130417-2 :: HTTP header injection/Cache poisoning in Oracle WebCenter Sites Satellite Server SEC Consult Vulnerability Lab (Apr 18)

security

[ MDVSA-2013:042 ] krb5 security (Apr 08)
[ MDVSA-2013:029 ] apache-mod_security security (Apr 08)
[ MDVSA-2013:072 ] dnsmasq security (Apr 09)
[ MDVSA-2013:019 ] bash security (Apr 05)
[ MDVSA-2013:145 ] java-1.6.0-openjdk security (Apr 19)
[ MDVSA-2013:040 ] gnutls security (Apr 08)
[ MDVSA-2013:087 ] firefox security (Apr 09)
[ MDVSA-2013:142 ] postgresql security (Apr 12)
[ MDVSA-2013:045 ] libssh security (Apr 08)
[ MDVSA-2013:034 ] cups security (Apr 08)
[ MDVSA-2013:074 ] drupal security (Apr 09)
[ MDVSA-2013:047 ] libxslt security (Apr 08)
[ MDVSA-2013:148 ] roundcubemail security (Apr 23)
[ MDVSA-2013:063 ] bip security (Apr 08)
[ MDVSA-2013:082 ] gimp security (Apr 09)
[ MDVSA-2013:051 ] openssh security (Apr 08)
[ MDVSA-2013:068 ] courier-authlib security (Apr 08)
[ MDVSA-2013:081 ] gegl security (Apr 09)
[ MDVSA-2013:071 ] dbus-glib security (Apr 08)
[ MDVSA-2013:041 ] html2ps security (Apr 08)
[ MDVSA-2013:075 ] elinks security (Apr 09)
[ MDVSA-2013:037 ] fetchmail security (Apr 08)
[ MDVSA-2013:156 ] apache-mod_security security (Apr 30)
[ MDVSA-2013:149 ] roundcubemail security (Apr 23)
[ MDVSA-2013:031 ] automake security (Apr 08)
[ MDVSA-2013:036 ] exif security (Apr 08)
[ MDVSA-2013:039 ] freetype2 security (Apr 08)
[ MDVSA-2013:066 ] bugzilla security (Apr 08)
[ MDVSA-2013:089 ] icclib security (Apr 09)
[ MDVSA-2013:076 ] emacs security (Apr 09)
[ MDVSA-2013:054 ] sudo security (Apr 08)
[ MDVSA-2013:044 ] libjpeg security (Apr 08)
[ MDVSA-2013:144 ] phpmyadmin security (Apr 17)
[ MDVSA-2013:090 ] argyllcms security (Apr 09)
[ MDVSA-2013:052 ] openssl security (Apr 08)
[ MDVSA-2013:046 ] libtiff security (Apr 08)
[ MDVSA-2013:059 ] dhcp security (Apr 08)
[ MDVSA-2013:056 ] libxml2 security (Apr 08)
[ MDVSA-2013:053 ] proftpd security (Apr 08)
[ MDVSA-2013:155 ] fuse security (Apr 29)
[ MDVSA-2013:033 ] cronie security (Apr 08)
[ MDVSA-2013:070 ] dbus security (Apr 08)
[ MDVSA-2013:055 ] wireshark security (Apr 08)
[ MDVSA-2013:061 ] awstats security (Apr 08)
[ MDVSA-2013:077 ] ettercap security (Apr 09)
[ MDVSA-2013:015-1 ] apache security (Apr 04)
[ MDVSA-2013:150 ] mysql security (Apr 23)
[ MDVSA-2013:049 ] net-snmp security (Apr 08)
[ MDVSA-2013:060 ] accountsservice security (Apr 08)
[ MDVSA-2013:057 ] xinetd security (Apr 08)
[ MDVSA-2013:147 ] libarchive security (Apr 22)
[ MDVSA-2013:069 ] cups-pk-helper security (Apr 08)
[ MDVSA-2013:048 ] ncpfs security (Apr 08)
[ MDVSA-2013:067 ] couchdb security (Apr 08)
[ MDVSA-2013:088 ] hplip security (Apr 09)
[ MDVSA-2013:091 ] icecast security (Apr 09)
[ MDVSA-2013:092 ] imagemagick security (Apr 09)
[ MDVSA-2013:152 ] subversion security (Apr 29)
[ MDVSA-2013:062 ] backuppc security (Apr 08)
[ MDVSA-2013:146 ] icedtea-web security (Apr 19)
[ MDVSA-2013:058 ] bind security (Apr 08)
[ MDVSA-2013:143 ] poppler security (Apr 16)
[ MDVSA-2013:157 ] krb5 security (Apr 30)
[ MDVSA-2013:017 ] arpwatch security (Apr 04)
[ MDVSA-2013:083 ] glib2.0 security (Apr 09)
[ MDVSA-2013:023-1 ] coreutils security (Apr 08)
[ MDVSA-2013:084 ] gnome-keyring security (Apr 09)
[ MDVSA-2013:030 ] arpwatch security (Apr 08)
[ MDVSA-2013:064 ] bogofilter security (Apr 08)
[ MDVSA-2013:153 ] subversion security (Apr 29)
[ MDVSA-2013:151 ] curl security (Apr 29)
[ MDVSA-2013:078 ] fail2ban security (Apr 09)
[ MDVSA-2013:027-1 ] clamav security (Apr 05)
[ MDVSA-2013:015-1 ] apache security (Apr 04)
[ MDVSA-2013:038 ] freeradius security (Apr 08)
[ MDVSA-2013:158 ] krb5 security (Apr 30)
[ MDVSA-2013:035 ] libexif security (Apr 08)
[ MDVSA-2013:001-1 ] gnupg security (Apr 08)
[ MDVSA-2013:073 ] dokuwiki security (Apr 09)
[ MDVSA-2013:032 ] bash security (Apr 08)
[ MDVSA-2013:018 ] automake security (Apr 04)
[ MDVSA-2013:043 ] libgssglue security (Apr 08)
[ MDVSA-2013:085 ] groff security (Apr 09)
[ MDVSA-2013:086 ] groff security (Apr 09)
[ MDVSA-2013:154 ] util-linux security (Apr 29)
[ MDVSA-2013:050 ] nss security (Apr 08)
[ MDVSA-2013:065 ] boost security (Apr 08)
[ MDVSA-2013:016 ] apache-mod_security security (Apr 04)

security-alert

[security bulletin] HPSBHF02865 SSRT101158 rev.1 - HP ElitePad 900, Secure Boot Configuration Inconsistency security-alert (Apr 24)
[security bulletin] HPSBMU02785 SSRT100526 rev.2 - HP LoadRunner Running on Windows, Remote Execution of Arbitrary Code, Denial of Service (DoS) security-alert (Apr 08)
[security bulletin] HPSBMU02830 SSRT100889 rev.2 - HP Data Protector, Local Increase of Privilege security-alert (Apr 26)
[security bulletin] HPSBMU02873 SSRT101182 rev.1 - HP Service Manager, Apache Tomcat Security Update security-alert (Apr 30)
[security bulletin] HPSBUX02866 SSRT101139 rev.1 - HP-UX Running Apache, Remote Denial of Service (DoS), Execution of Arbitrary Code and other vulnerabilities security-alert (Apr 16)
[security bulletin] HPSBMU02874 SSRT101184 rev.1 - HP Service Manager, Java Runtime Environment (JRE) Security Update security-alert (Apr 30)
[security bulletin] HPSBPI02868 SSRT101017 rev.1 - HP Managed Printing Administration (MPA), Remote Cross Site Scripting (XSS) security-alert (Apr 29)
[security bulletin] HPSBUX02860 SSRT101146 rev.1 - HP-UX Apache Running Tomcat Servlet Engine, Remote Denial of Service (DoS), Access Restriction Bypass, Unauthorized Modification and Other Vulnerabilities security-alert (Apr 01)
[security bulletin] HPSBUX02859 SSRT101144 rev.1 - HP-UX Running XNTP, Remote Denial of Service (DoS) and Execute Arbitrary Code security-alert (Apr 01)
[security bulletin] HPSBMU02872 SSRT101185 rev.1 - HP Service Manager, Remote Disclosure of Information, Cross Site Scripting(XSS) security-alert (Apr 30)
[security bulletin] HPSBPI02869 SSRT100936 rev.1 - HP LaserJet MFP Printers, HP Color LaserJet MFP Printers, Certain HP LaserJet Printers, Remote Unauthorized Access to Files security-alert (Apr 29)

Security Explorations

[SE-2012-01] Yet another Reflection API flaw affecting Oracle's Java SE Security Explorations (Apr 22)
Re: [SE-2012-01] Details of issues fixed by Java SE 7 Update 21 Security Explorations (Apr 17)
[SE-2012-01] Details of issues fixed by Java SE 7 Update 21 Security Explorations (Apr 17)

shekyan

[CVE-REQUEST] Multiple CSRF vulnerabilities on Foscam IP cameras web UI shekyan (Apr 08)

Simon Bieber

TC-SA-2013-01: Reflected Cross-Site-Scripting (XSS) vulnerability in e107 CMS v1.0.2 Simon Bieber (Apr 03)

Slackware Security Team

[slackware-security] seamonkey (SSA:2013-097-01) Slackware Security Team (Apr 08)
[slackware-security] mozilla-firefox (SSA:2013-093-01) Slackware Security Team (Apr 03)
[slackware-security] mozilla-thunderbird (SSA:2013-093-02) Slackware Security Team (Apr 03)
[slackware-security] subversion (SSA:2013-095-01) Slackware Security Team (Apr 08)
[Suspected Spam] [slackware-security] libssh (SSA:2013-087-01) Slackware Security Team (Apr 01)

Steve

44Café 23rd April details Steve (Apr 22)

suzuki

CVE-2013-0798 : World read and write access to app_tmp directory on Android suzuki (Apr 09)

Timo Juhani Lindfors

Aastra IP Telephone hardcoded telnet admin password Timo Juhani Lindfors (Apr 08)

Trustwave Advisories

TWSL2013-004: Group Name Enumeration Vulnerability in Cisco IKE Implementation Trustwave Advisories (Apr 19)

US-CERT Alerts

US-CERT Alert TA13-088A: DNS Amplification Attacks US-CERT Alerts (Apr 01)

Vulnerability Lab

MailOrderWorks v5.907 - Multiple Web Vulnerabilities Vulnerability Lab (Apr 01)

VUPEN Security Research

VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555) VUPEN Security Research (Apr 19)
VUPEN Security Research - Oracle Java JavaFX Video Frame Decoding Remote Heap Overflow (Pwn2Own 2013) VUPEN Security Research (Apr 18)

Yves-Alexis Perez

[SECURITY] [DSA 2661-1] xorg-server security update Yves-Alexis Perez (Apr 18)
[SECURITY] [DSA 2663-1] tinc security update Yves-Alexis Perez (Apr 23)
[SECURITY] [DSA 2665-1] strongswan security update Yves-Alexis Perez (Apr 30)

Previous period

Next period