Bugtraq: by thread
157 messages
starting Feb 04 13 and
ending Feb 28 13
Date index |
Thread index |
Author index
- ESA-2013-002: RSA Archer® GRC Multiple Vulnerabilities Security Alert (Feb 04)
- [HITB-Announce] #HITB2013AMS FINAL CALL for Paper Submissions Hafez Kamal (Feb 04)
- Oracle Automated Service Manager 1.3 & Auto Service Request 4.3 local root during install larry0 (Feb 04)
- FreeBSD 9.1 ftpd Remote Denial of Service max (Feb 04)
- [ MDVSA-2013:006 ] freetype2 security (Feb 04)
- [security bulletin] HPSBMU02842 SSRT100909 rev.1 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Cross Site Scripting (XSS) security-alert (Feb 04)
- DC++ 0.802 and below incorrectly registers URI schemes in Windows ullner (Feb 04)
- APPLE-SA-2013-02-01-1 Java for Mac OS X v10.6 Update 12 Apple Product Security (Feb 04)
- [SECURITY] [DSA 2614-1] libupnp security update Yves-Alexis Perez (Feb 04)
- [SECURITY] [DSA 2615-1] libupnp4 security update Yves-Alexis Perez (Feb 04)
- [SECURITY] [DSA 2617-1] samba security update Luciano Bello (Feb 04)
- [SECURITY] [DSA 2616-1] nagios3 security update Jonathan Wiltshire (Feb 04)
- Directory Traversal - EasyITSP <= 2.0.7 Michał Błaszczak (Feb 04)
- NGS00336 Patch Notification: Symantec Network Access Control Privilege Escalation NCC Group Research (Feb 04)
- NGS00315 Patch Notification: Symantec Enterprise Security Management Agent Privilege Escalation NCC Group Research (Feb 04)
- [SE-2012-01] Details of issues fixed by Feb 2013 Java SE CPU Security Explorations (Feb 04)
- Re: [SE-2012-01] Details of issues fixed by Feb 2013 Java SE CPU Security Explorations (Feb 05)
- [IMF 2013] Call for Participation Oliver Goebel (Feb 04)
- Multiple Vulnerabilities in D'Link DIR-600 and DIR-300 (rev B) devnull (Feb 04)
- Free Monthly Websites v2.0 - Multiple Web Vulnerabilities Vulnerability Lab (Feb 04)
- 0day full - Free Monthly Websites v2.0 - Multiple Web Vulnerabilities Vulnerability Lab (Feb 04)
- APPLE-SA-2013-02-04-1 OS X Server v2.2.1 Apple Product Security (Feb 05)
- [ MDVSA-2013:007 ] mysql security (Feb 05)
- [security bulletin] HPSBST02846 SSRT100798 rev.1 - HP LeftHand Virtual SAN Appliance hydra, Remote Execution of Arbitrary Code security-alert (Feb 05)
- [MajorSecurity-SA-2013-014] Sony Playstation Vita Browser - firmware 2.05 - Adressbar spoofing research (Feb 05)
- CVE-2012-6451 Authentication Bypass in LOREX IP Cameras doylej . ia (Feb 05)
- [PT-2012-53] Privilege Gaining in DataLife Engine noreply (Feb 05)
- Multiple Vulnerabilities in Linksys E1500/E2500 devnull (Feb 05)
- [CVE-2013-1463]Wordpress wp-table-reloaded‏ plugin XSS in SWF hip (Feb 06)
- SQL Injection Vulnerability in Wysija Newsletters WordPress Plugin advisory (Feb 06)
- Cross-Site Scripting (XSS) Vulnerability in CommentLuv WordPress Plugin advisory (Feb 06)
- [KIS-2013-02] CubeCart <= 5.2.0 (cubecart.class.php) PHP Object Injection Vulnerability Egidio Romano (Feb 06)
- [ MDVSA-2013:008 ] mysql security (Feb 06)
- DefenseCode Security Advisory: Cisco Linksys Remote Preauth 0day Root Exploit Follow-Up DefenseCode (Feb 06)
- Cisco Security Advisory: Cisco ATA 187 Analog Telephone Adaptor Remote Access Vulnerability Cisco Systems Product Security Incident Response Team (Feb 06)
- [CVE-2013-1464]Wordpress Audio Player Plugin XSS in SWF‏‏ hip (Feb 07)
- DIMVA 2013 - Extended deadline for paper submission: February 17, 2013! Collin Mulliner (Feb 08)
- [SECURITY] [DSA 2618-1] ircd-hybrid security update Luciano Bello (Feb 08)
- [slackware-security] curl (SSA:2013-038-01) Slackware Security Team (Feb 08)
- Mathematica9.0.1 on Linux /tmp/MathLink vulnerability paul . szabo (Feb 08)
- [ MDVSA-2013:009 ] libssh security (Feb 11)
- [SECURITY] [DSA 2619-1] xen-qemu-dm-4.0 security update Moritz Muehlenhoff (Feb 11)
- [SECURITY] [DSA 2612-2] ircd-ratbox update Moritz Muehlenhoff (Feb 11)
- [ MDVSA-2013:010 ] java-1.6.0-openjdk security (Feb 11)
- Multiple Vulnerabilities in Linksys WRT160Nv2 devnull (Feb 11)
- Multiple Vulnerabilities in Linksys WAG200G devnull (Feb 11)
- Atmel "secure" crypto co-processor series microprocessors (AT91SAM7XC) leaking keys, plus bonus DESFire hack Adam Laurie (Feb 11)
- I Read It Somewhere (IRIS) citations management tool <= v1.3 (post auth) Remote Command Execution aeon . s . flux (Feb 11)
- [slackware-security] openssl (SSA:2013-042-01) Slackware Security Team (Feb 12)
- Simple password obfuscation in Enterprise Architect Diening, Holm (Feb 13)
- [SECURITY] [DSA 2620-1] rails security update Florian Weimer (Feb 13)
- [ MDVSA-2013:011 ] samba security (Feb 13)
- Multiple Vulnerabilities in OpenPLI devnull (Feb 13)
- [SECURITY] [DSA 2622-1] polarssl security update Thijs Kinkhorst (Feb 13)
- [SECURITY] [DSA 2621-1] openssl security update Thijs Kinkhorst (Feb 13)
- CA20130213-01: Security Notice for CA ControlMinder Kotas, Kevin J (Feb 14)
- Sonicwall OEM Scrutinizer v9.5.2 - Multiple Vulnerabilities Vulnerability Lab (Feb 14)
- Sonicwall Scrutinizer v9.5.2 - SQL Injection Vulnerability Vulnerability Lab (Feb 14)
- <Possible follow-ups>
- Sonicwall Scrutinizer v9.5.2 - SQL Injection Vulnerability Vulnerability Lab (Feb 21)
- [slackware-security] pidgin (SSA:2013-044-01) Slackware Security Team (Feb 14)
- Re: Aastra IP Telephone encrypted .tuz configuration file leakage noreply (Feb 14)
- Re: Aastra IP Telephone encrypted .tuz configuration file leakage Timo Juhani Lindfors (Feb 18)
- [security bulletin] HPSBMU02815 SSRT100715 rev.5 - HP SiteScope SOAP Security Issues, Remote Disclosure of Information, Remote Code Execution security-alert (Feb 14)
- Multiple Vulnerabilities in TP-Link TL-WA701N / TL-WA701ND devnull (Feb 14)
- Multiple Vulnerabilities in Edimax EW-7206-APg and EW-7209APg devnull (Feb 14)
- [SECURITY] [DSA 2623-1] openconnect security update Florian Weimer (Feb 14)
- [IA46] Photodex ProShow Producer v5.0.3297 ColorPickerProc() Memory Corruption Inshell Security (Feb 14)
- Re: CFP: InfoSec Southwest 2013 Tod Beardsley (Feb 15)
- [ MDVSA-2013:012 ] postgresql security (Feb 15)
- Empirum Password Obfuscation Design Flaw otr (Feb 15)
- CORE-2012-1128 - SAP Netweaver Message Server Multiple Vulnerabilities CORE Security Technologies Advisories (Feb 18)
- SI6 Networks IPv6 Toolkit v1.3 released! Fernando Gont (Feb 18)
- [SECURITY] [DSA 2624-1] ffmpeg security update Moritz Muehlenhoff (Feb 18)
- [SECURITY] [DSA 2625-1] wireshark security update Moritz Muehlenhoff (Feb 18)
- Scanning the IPv6 Internet with the scan6 tool (SI6 IPv6 toolkit) Fernando Gont (Feb 18)
- Re: Scanning the IPv6 Internet with the scan6 tool (SI6 IPv6 toolkit) Marc Heuse (Feb 18)
- [SECURITY] [DSA 2626-1] lighttpd security update Thijs Kinkhorst (Feb 18)
- [SECURITY] [DSA 2627-1] nginx security update Thijs Kinkhorst (Feb 18)
- Sniffing HDCP crypto keys with a $30 Bus Pirate and a broken HDMI cable Adam Laurie (Feb 18)
- Multiple Vulnerabilities in Netgear DGN2200B devnull (Feb 18)
- [IA47] Photodex ProShow Producer v5.0.3297 PXT File title Value Handling Buffer Overflow Inshell Security (Feb 18)
- PHP-Fusion 7.02.05 SQL Injection Krzysztof Katowicz-Kowalewski (Feb 18)
- [SECURITY] [DSA 2628-1] nss-pam-ldapd security update Moritz Muehlenhoff (Feb 18)
- Reflective XSS in Marekkis Watermark-Plugin Cross-Site Scripting Vulnerability nauty . me04 (Feb 18)
- Reflective/Stored XSS in Responsive Logo Slideshow Plugin Cross-Site Scripting Vulnerability nauty . me04 (Feb 18)
- FreeBSD Security Advisory FreeBSD-SA-13:01.bind FreeBSD Security Advisories (Feb 19)
- FreeBSD Security Advisory FreeBSD-SA-13:02.libc FreeBSD Security Advisories (Feb 19)
- Foswiki Security: Alert CVE-2013-1666 - Remote Code Execution Vulnerability in MAKETEXT macro. George Clark (Feb 19)
- SQLi found in Kodak Insite robert (Feb 19)
- APPLE-SA-2013-02-19-1 Java for OS X 2013-001 and Mac OS X v10.6 Update 13 Apple Product Security (Feb 20)
- [slackware-security] mozilla-firefox (SSA:2013-050-01) Slackware Security Team (Feb 20)
- [slackware-security] mozilla-thunderbird (SSA:2013-050-02) Slackware Security Team (Feb 20)
- Multiple Cross-Site Scripting (XSS) in glFusion advisory (Feb 20)
- Alt-N MDaemon's WorldClient Disclosure of Authentication Credentials Vulnerability demetris papapetrou (Feb 20)
- Alt-N MDaemon's WebAdmin Remote Code Execution Vulnerability demetris papapetrou (Feb 20)
- Alt-N MDaemon's WorldClient Username Enumeration Vulnerability demetris papapetrou (Feb 20)
- Alt-N MDaemon Email Body HTML/JS Injection Vulnerability demetris papapetrou (Feb 20)
- <Possible follow-ups>
- Re: Alt-N MDaemon Email Body HTML/JS Injection Vulnerability brad . wyro (Feb 21)
- Alt-N MDaemon's WorldClient Predictable Session ID Vulnerability demetris papapetrou (Feb 20)
- Alt-N MDaemon's WorldClient & WebAdmin Cross-Site Request Forgery Vulnerability demetris papapetrou (Feb 20)
- [ MDVSA-2013:013 ] squid security (Feb 20)
- [CVE-2013-1636]Wordpress pretty-link plugin XSS in SWF‏ hip (Feb 20)
- [SECURITY] [DSA 2630-1] postgresql-8.4 security update Moritz Muehlenhoff (Feb 20)
- [security bulletin] HPSBMU02836 SSRT101056 rev.1 - HP ArcSight Connector Appliance and ArcSight Logger, Remote Disclosure of Information, Command Injection, Cross-Site Scripting (XSS) security-alert (Feb 21)
- TeamSHATTER Security Advisory: SQL Injection in Oracle Alter FBA Table (CVE-2012-1751) Shatter (Feb 21)
- TeamSHATTER Security Advisory: Oracle 11g Stealth Password Cracking Vulnerability (CVE-2012-3137) Shatter (Feb 21)
- MyFi Wireless Disk 1.2 iPad iPhone - Multiple Vulnerabilities Vulnerability Lab (Feb 21)
- Paper - Hiding Data in Hard-drive Service Areas Ariel Berkman (Feb 21)
- TeamSHATTER Security Advisory: Oracle EM Cross Site Scripting in XDBResource cancelURL parameter (CVE-2013-0352) Shatter (Feb 22)
- TeamSHATTER Security Advisory: Oracle Database GeoRaster API overflow (CVE-2012-3220) Shatter (Feb 22)
- TeamSHATTER Security Advisory: HTTP Response Splitting in Oracle EM (policyViewSettings) (CVE-2013-0354) Shatter (Feb 22)
- TeamSHATTER Security Advisory: SQL Injection in Oracle EM (advReplicationAdmin) (CVE-2013-0372) Shatter (Feb 22)
- TeamSHATTER Security Advisory: SQL Injection in Oracle EM (dBClone) (CVE-2013-0374) Shatter (Feb 22)
- TeamSHATTER Security Advisory: SQL Injection in Oracle EM (SCPLBL_COLLECTED parameters) (CVE-2013-0353) Shatter (Feb 22)
- TeamSHATTER Security Advisory: SQL Injection in Oracle EM (streams queue) (CVE-2013-0373) Shatter (Feb 22)
- TeamSHATTER Security Advisory: Oracle EM Segment Advisor Arbitrary URL redirection/phishing (CVE-2012-3219) Shatter (Feb 22)
- TeamSHATTER Security Advisory: SQL Injection in Oracle EM (Resource Manager) (CVE-2013-0358) Shatter (Feb 22)
- CVE-2013-0162 rubygem-ruby_parser: incorrect temporary file usage / Public Service Announcement Kurt Seifried (Feb 22)
- OSEC-2013-01: nagios metacharacter filtering omission Rudolph Pereira (Feb 22)
- Samsung Galaxy S3 partial screen-lock bypass ukpentestinfo (Feb 22)
- TeamSHATTER Security Advisory: Cross-site scripting in Oracle EM (advReplicationAdmin) (CVE-2013-0355) Shatter (Feb 22)
- [ MDVSA-2013:014 ] java-1.6.0-openjdk security (Feb 25)
- [SECURITY] [DSA 2631-1] squid3 security update Salvatore Bonaccorso (Feb 25)
- NoSuchCon CFP 2.0 / 15-17 May 2013 / Paris, France Jonathan Brossard (Feb 25)
- [SE-2012-01] New security issues affecting Oracle's Java SE 7u15 Security Explorations (Feb 25)
- DC4420 - London DEFCON Tuesday 26th Feb 2013 Major Malfunction (Feb 25)
- VUPEN Security Research - Microsoft Windows OLE Automation Code Execution Vulnerability VUPEN Security Research (Feb 25)
- [SECURITY] [DSA 2629-1] openjpeg security update Michael Gilbert (Feb 25)
- [Onapsis Security Advisory 2013-001] SAP Portal PDC Information Disclosure Onapsis Research Labs (Feb 25)
- [Onapsis Security Advisory 2013-002] SAP SDM Denial of Service Onapsis Research Labs (Feb 25)
- [Onapsis Security Advisory 2013-003] SAP Enterprise Portal Cross-Site-Scripting Onapsis Research Labs (Feb 25)
- [Onapsis Security Advisory 2013-004] SAP J2EE Core Service Arbitrary File Access Onapsis Research Labs (Feb 25)
- [Onapsis Security Advisory 2013-006] SAP SMD Agent Code Injection Onapsis Research Labs (Feb 25)
- [Onapsis Security Advisory 2013-005] SAP CCMS Agent Code Injection Onapsis Research Labs (Feb 25)
- Kayako Fusion v4.51.1891 - Multiple Web Vulnerabilities Vulnerability Lab (Feb 25)
- [IA48] Photodex ProShow Producer v5.0.3297 Insecure Library Loading Vulnerability Inshell Security (Feb 25)
- Fwd: [SECURITY] CVE-2013-0253 Apache Maven 3.0.4 Olivier Lamy (Feb 25)
- CONFidence 2013 - Call for Papers - 28-29.05.2013 Krakow, Poland Andrzej Targosz (Feb 25)
- [slackware-security] seamonkey (SSA:2013-056-01) Slackware Security Team (Feb 26)
- [SECURITY] [DSA 2632-1] linux-2.6 security update dann frazier (Feb 26)
- [ MDVSA-2013:015 ] apache security (Feb 26)
- Denial of Service vulnerability in War FTP Daemon 1.82 Jarle Aase (Feb 26)
- [SECURITY] [DSA 2633-1] fusionforge security update Yves-Alexis Perez (Feb 27)
- [SECURITY] [DSA 2634-1] python-django security update Nico Golde (Feb 27)
- Cisco Security Advisory: Cisco Unified Presence Server Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Feb 28)
- Cisco Security Advisory: Cisco Prime Central for Hosted Collaboration Solution Assurance Excessive CPU Utilization Vulnerability Cisco Systems Product Security Incident Response Team (Feb 28)
- Cisco Security Advisory: Cisco Unified Communications Manager Multiple Denial of Service Vulnerabilities Cisco Systems Product Security Incident Response Team (Feb 28)
- [ MDVSA-2013:016 ] php security (Feb 28)
- [waraxe-2013-SA#097] - Multiple Vulnerabilities in PHP-Fusion 7.02.05 come2waraxe (Feb 28)
- Unauthenticated remote access to D-Link DIR-645 devices roberto (Feb 28)
- [KIS-2013-03] Joomla! <= 3.0.2 (highlight.php) PHP Object Injection Vulnerability Egidio Romano (Feb 28)
- Multiple Vulnerabilities in Piwigo advisory (Feb 28)
- Cross-Site Scripting (XSS) in Geeklog advisory (Feb 28)
- Stored Cross-site Scripting ('XSS') in Airvana HubBub C1-600-RT Femtocell scott . behrens (Feb 28)
- PHEARCON Call For Papers AA (Feb 28)
- Fileutils ruby gem possible remote command execution and insecure file handling in /tmp larry0 (Feb 28)