Bugtraq: by author
RSS Feed
About List
All Lists
Previous period
157 messages
starting Feb 28 13 and
ending Feb 27 13
Date index |
Thread index |
Author index
AA
PHEARCON Call For Papers AA (Feb 28)
Adam Laurie
Sniffing HDCP crypto keys with a $30 Bus Pirate and a broken HDMI cable Adam Laurie (Feb 18)
Re: Atmel "secure" crypto co-processor series microprocessors (AT91SAM7XC) leaking keys, plus bonus DESFire hack Adam Laurie (Feb 12)
Atmel "secure" crypto co-processor series microprocessors (AT91SAM7XC) leaking keys, plus bonus DESFire hack Adam Laurie (Feb 11)
advisory
SQL Injection Vulnerability in Wysija Newsletters WordPress Plugin advisory (Feb 06)
Multiple Vulnerabilities in Piwigo advisory (Feb 28)
Multiple Cross-Site Scripting (XSS) in glFusion advisory (Feb 20)
Cross-Site Scripting (XSS) in Geeklog advisory (Feb 28)
Cross-Site Scripting (XSS) Vulnerability in CommentLuv WordPress Plugin advisory (Feb 06)
aeon . s . flux
I Read It Somewhere (IRIS) citations management tool <= v1.3 (post auth) Remote Command Execution aeon . s . flux (Feb 11)
Andrzej Targosz
CONFidence 2013 - Call for Papers - 28-29.05.2013 Krakow, Poland Andrzej Targosz (Feb 25)
Apple Product Security
APPLE-SA-2013-02-04-1 OS X Server v2.2.1 Apple Product Security (Feb 05)
APPLE-SA-2013-02-01-1 Java for Mac OS X v10.6 Update 12 Apple Product Security (Feb 04)
APPLE-SA-2013-02-19-1 Java for OS X 2013-001 and Mac OS X v10.6 Update 13 Apple Product Security (Feb 20)
Ariel Berkman
Paper - Hiding Data in Hard-drive Service Areas Ariel Berkman (Feb 21)
brad . wyro
Re: Alt-N MDaemon Email Body HTML/JS Injection Vulnerability brad . wyro (Feb 21)
Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco ATA 187 Analog Telephone Adaptor Remote Access Vulnerability Cisco Systems Product Security Incident Response Team (Feb 06)
Cisco Security Advisory: Cisco Unified Communications Manager Multiple Denial of Service Vulnerabilities Cisco Systems Product Security Incident Response Team (Feb 28)
Cisco Security Advisory: Cisco Prime Central for Hosted Collaboration Solution Assurance Excessive CPU Utilization Vulnerability Cisco Systems Product Security Incident Response Team (Feb 28)
Cisco Security Advisory: Cisco Unified Presence Server Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Feb 28)
Collin Mulliner
DIMVA 2013 - Extended deadline for paper submission: February 17, 2013! Collin Mulliner (Feb 08)
come2waraxe
[waraxe-2013-SA#097] - Multiple Vulnerabilities in PHP-Fusion 7.02.05 come2waraxe (Feb 28)
CORE Security Technologies Advisories
CORE-2012-1128 - SAP Netweaver Message Server Multiple Vulnerabilities CORE Security Technologies Advisories (Feb 18)
dann frazier
[SECURITY] [DSA 2632-1] linux-2.6 security update dann frazier (Feb 26)
DefenseCode
DefenseCode Security Advisory: Cisco Linksys Remote Preauth 0day Root Exploit Follow-Up DefenseCode (Feb 06)
demetris papapetrou
Alt-N MDaemon's WebAdmin Remote Code Execution Vulnerability demetris papapetrou (Feb 20)
Alt-N MDaemon's WorldClient & WebAdmin Cross-Site Request Forgery Vulnerability demetris papapetrou (Feb 20)
Alt-N MDaemon's WorldClient Disclosure of Authentication Credentials Vulnerability demetris papapetrou (Feb 20)
Alt-N MDaemon Email Body HTML/JS Injection Vulnerability demetris papapetrou (Feb 20)
Alt-N MDaemon's WorldClient Predictable Session ID Vulnerability demetris papapetrou (Feb 20)
Alt-N MDaemon's WorldClient Username Enumeration Vulnerability demetris papapetrou (Feb 20)
devnull
Multiple Vulnerabilities in TP-Link TL-WA701N / TL-WA701ND devnull (Feb 14)
Multiple Vulnerabilities in Netgear DGN2200B devnull (Feb 18)
Multiple Vulnerabilities in Linksys WAG200G devnull (Feb 11)
Multiple Vulnerabilities in D'Link DIR-600 and DIR-300 (rev B) devnull (Feb 04)
Multiple Vulnerabilities in Linksys WRT160Nv2 devnull (Feb 11)
Multiple Vulnerabilities in Linksys E1500/E2500 devnull (Feb 05)
Multiple Vulnerabilities in Edimax EW-7206-APg and EW-7209APg devnull (Feb 14)
Multiple Vulnerabilities in OpenPLI devnull (Feb 13)
Diening, Holm
Simple password obfuscation in Enterprise Architect Diening, Holm (Feb 13)
doylej . ia
CVE-2012-6451 Authentication Bypass in LOREX IP Cameras doylej . ia (Feb 05)
Egidio Romano
[KIS-2013-03] Joomla! <= 3.0.2 (highlight.php) PHP Object Injection Vulnerability Egidio Romano (Feb 28)
[KIS-2013-02] CubeCart <= 5.2.0 (cubecart.class.php) PHP Object Injection Vulnerability Egidio Romano (Feb 06)
Fernando Gont
Scanning the IPv6 Internet with the scan6 tool (SI6 IPv6 toolkit) Fernando Gont (Feb 18)
SI6 Networks IPv6 Toolkit v1.3 released! Fernando Gont (Feb 18)
Florian Weimer
[SECURITY] [DSA 2623-1] openconnect security update Florian Weimer (Feb 14)
[SECURITY] [DSA 2620-1] rails security update Florian Weimer (Feb 13)
FreeBSD Security Advisories
FreeBSD Security Advisory FreeBSD-SA-13:01.bind FreeBSD Security Advisories (Feb 19)
FreeBSD Security Advisory FreeBSD-SA-13:02.libc FreeBSD Security Advisories (Feb 19)
George Clark
Foswiki Security: Alert CVE-2013-1666 - Remote Code Execution Vulnerability in MAKETEXT macro. George Clark (Feb 19)
Hafez Kamal
[HITB-Announce] #HITB2013AMS FINAL CALL for Paper Submissions Hafez Kamal (Feb 04)
hip
[CVE-2013-1463]Wordpress wp-table-reloaded‏ plugin XSS in SWF hip (Feb 06)
[CVE-2013-1636]Wordpress pretty-link plugin XSS in SWF‏ hip (Feb 20)
[CVE-2013-1464]Wordpress Audio Player Plugin XSS in SWF‏‏ hip (Feb 07)
Inshell Security
[IA48] Photodex ProShow Producer v5.0.3297 Insecure Library Loading Vulnerability Inshell Security (Feb 25)
[IA47] Photodex ProShow Producer v5.0.3297 PXT File title Value Handling Buffer Overflow Inshell Security (Feb 18)
[IA46] Photodex ProShow Producer v5.0.3297 ColorPickerProc() Memory Corruption Inshell Security (Feb 14)
Jarle Aase
Denial of Service vulnerability in War FTP Daemon 1.82 Jarle Aase (Feb 26)
Jonathan Brossard
NoSuchCon CFP 2.0 / 15-17 May 2013 / Paris, France Jonathan Brossard (Feb 25)
Jonathan Wiltshire
[SECURITY] [DSA 2616-1] nagios3 security update Jonathan Wiltshire (Feb 04)
Kotas, Kevin J
CA20130213-01: Security Notice for CA ControlMinder Kotas, Kevin J (Feb 14)
Krzysztof Katowicz-Kowalewski
PHP-Fusion 7.02.05 SQL Injection Krzysztof Katowicz-Kowalewski (Feb 18)
Kurt Seifried
CVE-2013-0162 rubygem-ruby_parser: incorrect temporary file usage / Public Service Announcement Kurt Seifried (Feb 22)
larry0
Oracle Automated Service Manager 1.3 & Auto Service Request 4.3 local root during install larry0 (Feb 04)
Fileutils ruby gem possible remote command execution and insecure file handling in /tmp larry0 (Feb 28)
Luciano Bello
[SECURITY] [DSA 2618-1] ircd-hybrid security update Luciano Bello (Feb 08)
[SECURITY] [DSA 2617-1] samba security update Luciano Bello (Feb 04)
Major Malfunction
DC4420 - London DEFCON Tuesday 26th Feb 2013 Major Malfunction (Feb 25)
Marc Heuse
Re: Scanning the IPv6 Internet with the scan6 tool (SI6 IPv6 toolkit) Marc Heuse (Feb 18)
max
FreeBSD 9.1 ftpd Remote Denial of Service max (Feb 04)
Michael Gilbert
[SECURITY] [DSA 2629-1] openjpeg security update Michael Gilbert (Feb 25)
Michał Błaszczak
Directory Traversal - EasyITSP <= 2.0.7 Michał Błaszczak (Feb 04)
Moritz Muehlenhoff
[SECURITY] [DSA 2625-1] wireshark security update Moritz Muehlenhoff (Feb 18)
[SECURITY] [DSA 2628-1] nss-pam-ldapd security update Moritz Muehlenhoff (Feb 18)
[SECURITY] [DSA 2624-1] ffmpeg security update Moritz Muehlenhoff (Feb 18)
[SECURITY] [DSA 2619-1] xen-qemu-dm-4.0 security update Moritz Muehlenhoff (Feb 11)
[SECURITY] [DSA 2630-1] postgresql-8.4 security update Moritz Muehlenhoff (Feb 20)
[SECURITY] [DSA 2612-2] ircd-ratbox update Moritz Muehlenhoff (Feb 11)
nauty . me04
Reflective/Stored XSS in Responsive Logo Slideshow Plugin Cross-Site Scripting Vulnerability nauty . me04 (Feb 18)
Reflective XSS in Marekkis Watermark-Plugin Cross-Site Scripting Vulnerability nauty . me04 (Feb 18)
NCC Group Research
NGS00336 Patch Notification: Symantec Network Access Control Privilege Escalation NCC Group Research (Feb 04)
NGS00315 Patch Notification: Symantec Enterprise Security Management Agent Privilege Escalation NCC Group Research (Feb 04)
Nico Golde
[SECURITY] [DSA 2634-1] python-django security update Nico Golde (Feb 27)
noreply
[PT-2012-53] Privilege Gaining in DataLife Engine noreply (Feb 05)
Re: Aastra IP Telephone encrypted .tuz configuration file leakage noreply (Feb 14)
Oliver Goebel
[IMF 2013] Call for Participation Oliver Goebel (Feb 04)
Olivier Lamy
Fwd: [SECURITY] CVE-2013-0253 Apache Maven 3.0.4 Olivier Lamy (Feb 25)
Onapsis Research Labs
[Onapsis Security Advisory 2013-001] SAP Portal PDC Information Disclosure Onapsis Research Labs (Feb 25)
[Onapsis Security Advisory 2013-003] SAP Enterprise Portal Cross-Site-Scripting Onapsis Research Labs (Feb 25)
[Onapsis Security Advisory 2013-005] SAP CCMS Agent Code Injection Onapsis Research Labs (Feb 25)
[Onapsis Security Advisory 2013-004] SAP J2EE Core Service Arbitrary File Access Onapsis Research Labs (Feb 25)
[Onapsis Security Advisory 2013-006] SAP SMD Agent Code Injection Onapsis Research Labs (Feb 25)
[Onapsis Security Advisory 2013-002] SAP SDM Denial of Service Onapsis Research Labs (Feb 25)
otr
Empirum Password Obfuscation Design Flaw otr (Feb 15)
paul . szabo
Mathematica9.0.1 on Linux /tmp/MathLink vulnerability paul . szabo (Feb 08)
research
[MajorSecurity-SA-2013-014] Sony Playstation Vita Browser - firmware 2.05 - Adressbar spoofing research (Feb 05)
robert
SQLi found in Kodak Insite robert (Feb 19)
roberto
Unauthenticated remote access to D-Link DIR-645 devices roberto (Feb 28)
Rudolph Pereira
OSEC-2013-01: nagios metacharacter filtering omission Rudolph Pereira (Feb 22)
Salvatore Bonaccorso
[SECURITY] [DSA 2631-1] squid3 security update Salvatore Bonaccorso (Feb 25)
scott . behrens
Stored Cross-site Scripting ('XSS') in Airvana HubBub C1-600-RT Femtocell scott . behrens (Feb 28)
security
[ MDVSA-2013:011 ] samba security (Feb 13)
[ MDVSA-2013:010 ] java-1.6.0-openjdk security (Feb 11)
[ MDVSA-2013:009 ] libssh security (Feb 11)
[ MDVSA-2013:012 ] postgresql security (Feb 15)
[ MDVSA-2013:015 ] apache security (Feb 26)
[ MDVSA-2013:006 ] freetype2 security (Feb 04)
[ MDVSA-2013:008 ] mysql security (Feb 06)
[ MDVSA-2013:007 ] mysql security (Feb 05)
[ MDVSA-2013:014 ] java-1.6.0-openjdk security (Feb 25)
[ MDVSA-2013:016 ] php security (Feb 28)
[ MDVSA-2013:013 ] squid security (Feb 20)
Security Alert
ESA-2013-002: RSA Archer® GRC Multiple Vulnerabilities Security Alert (Feb 04)
security-alert
[security bulletin] HPSBMU02842 SSRT100909 rev.1 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Cross Site Scripting (XSS) security-alert (Feb 04)
[security bulletin] HPSBMU02836 SSRT101056 rev.1 - HP ArcSight Connector Appliance and ArcSight Logger, Remote Disclosure of Information, Command Injection, Cross-Site Scripting (XSS) security-alert (Feb 21)
[security bulletin] HPSBMU02815 SSRT100715 rev.5 - HP SiteScope SOAP Security Issues, Remote Disclosure of Information, Remote Code Execution security-alert (Feb 14)
[security bulletin] HPSBST02846 SSRT100798 rev.1 - HP LeftHand Virtual SAN Appliance hydra, Remote Execution of Arbitrary Code security-alert (Feb 05)
Security Explorations
[SE-2012-01] New security issues affecting Oracle's Java SE 7u15 Security Explorations (Feb 25)
Re: [SE-2012-01] Details of issues fixed by Feb 2013 Java SE CPU Security Explorations (Feb 05)
[SE-2012-01] Details of issues fixed by Feb 2013 Java SE CPU Security Explorations (Feb 04)
Shatter
TeamSHATTER Security Advisory: SQL Injection in Oracle Alter FBA Table (CVE-2012-1751) Shatter (Feb 21)
TeamSHATTER Security Advisory: SQL Injection in Oracle EM (advReplicationAdmin) (CVE-2013-0372) Shatter (Feb 22)
TeamSHATTER Security Advisory: HTTP Response Splitting in Oracle EM (policyViewSettings) (CVE-2013-0354) Shatter (Feb 22)
TeamSHATTER Security Advisory: Cross-site scripting in Oracle EM (advReplicationAdmin) (CVE-2013-0355) Shatter (Feb 22)
TeamSHATTER Security Advisory: Oracle Database GeoRaster API overflow (CVE-2012-3220) Shatter (Feb 22)
TeamSHATTER Security Advisory: SQL Injection in Oracle EM (SCPLBL_COLLECTED parameters) (CVE-2013-0353) Shatter (Feb 22)
TeamSHATTER Security Advisory: Oracle EM Cross Site Scripting in XDBResource cancelURL parameter (CVE-2013-0352) Shatter (Feb 22)
TeamSHATTER Security Advisory: SQL Injection in Oracle EM (streams queue) (CVE-2013-0373) Shatter (Feb 22)
TeamSHATTER Security Advisory: Oracle EM Segment Advisor Arbitrary URL redirection/phishing (CVE-2012-3219) Shatter (Feb 22)
TeamSHATTER Security Advisory: SQL Injection in Oracle EM (dBClone) (CVE-2013-0374) Shatter (Feb 22)
TeamSHATTER Security Advisory: SQL Injection in Oracle EM (Resource Manager) (CVE-2013-0358) Shatter (Feb 22)
TeamSHATTER Security Advisory: Oracle 11g Stealth Password Cracking Vulnerability (CVE-2012-3137) Shatter (Feb 21)
Slackware Security Team
[slackware-security] openssl (SSA:2013-042-01) Slackware Security Team (Feb 12)
[slackware-security] mozilla-firefox (SSA:2013-050-01) Slackware Security Team (Feb 20)
[slackware-security] pidgin (SSA:2013-044-01) Slackware Security Team (Feb 14)
[slackware-security] curl (SSA:2013-038-01) Slackware Security Team (Feb 08)
[slackware-security] seamonkey (SSA:2013-056-01) Slackware Security Team (Feb 26)
[slackware-security] mozilla-thunderbird (SSA:2013-050-02) Slackware Security Team (Feb 20)
Thijs Kinkhorst
[SECURITY] [DSA 2622-1] polarssl security update Thijs Kinkhorst (Feb 13)
[SECURITY] [DSA 2621-1] openssl security update Thijs Kinkhorst (Feb 13)
[SECURITY] [DSA 2627-1] nginx security update Thijs Kinkhorst (Feb 18)
[SECURITY] [DSA 2626-1] lighttpd security update Thijs Kinkhorst (Feb 18)
Timo Juhani Lindfors
Re: Aastra IP Telephone encrypted .tuz configuration file leakage Timo Juhani Lindfors (Feb 18)
Tod Beardsley
Re: CFP: InfoSec Southwest 2013 Tod Beardsley (Feb 15)
ukpentestinfo
Samsung Galaxy S3 partial screen-lock bypass ukpentestinfo (Feb 22)
ullner
DC++ 0.802 and below incorrectly registers URI schemes in Windows ullner (Feb 04)
Vulnerability Lab
Kayako Fusion v4.51.1891 - Multiple Web Vulnerabilities Vulnerability Lab (Feb 25)
Free Monthly Websites v2.0 - Multiple Web Vulnerabilities Vulnerability Lab (Feb 04)
Sonicwall Scrutinizer v9.5.2 - SQL Injection Vulnerability Vulnerability Lab (Feb 14)
MyFi Wireless Disk 1.2 iPad iPhone - Multiple Vulnerabilities Vulnerability Lab (Feb 21)
Sonicwall Scrutinizer v9.5.2 - SQL Injection Vulnerability Vulnerability Lab (Feb 21)
Sonicwall OEM Scrutinizer v9.5.2 - Multiple Vulnerabilities Vulnerability Lab (Feb 14)
0day full - Free Monthly Websites v2.0 - Multiple Web Vulnerabilities Vulnerability Lab (Feb 04)
VUPEN Security Research
VUPEN Security Research - Microsoft Windows OLE Automation Code Execution Vulnerability VUPEN Security Research (Feb 25)
Yves-Alexis Perez
[SECURITY] [DSA 2614-1] libupnp security update Yves-Alexis Perez (Feb 04)
[SECURITY] [DSA 2615-1] libupnp4 security update Yves-Alexis Perez (Feb 04)
[SECURITY] [DSA 2633-1] fusionforge security update Yves-Alexis Perez (Feb 27)