Bugtraq: by date

PreviousPrevious period
Next periodNext

157 messages starting Feb 04 13 and ending Feb 28 13
Date index | Thread index | Author index

Monday, 04 February

ESA-2013-002: RSA Archer® GRC Multiple Vulnerabilities Security Alert
[HITB-Announce] #HITB2013AMS FINAL CALL for Paper Submissions Hafez Kamal
Oracle Automated Service Manager 1.3 & Auto Service Request 4.3 local root during install larry0
FreeBSD 9.1 ftpd Remote Denial of Service max
[ MDVSA-2013:006 ] freetype2 security
[security bulletin] HPSBMU02842 SSRT100909 rev.1 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Cross Site Scripting (XSS) security-alert
DC++ 0.802 and below incorrectly registers URI schemes in Windows ullner
APPLE-SA-2013-02-01-1 Java for Mac OS X v10.6 Update 12 Apple Product Security
[SECURITY] [DSA 2614-1] libupnp security update Yves-Alexis Perez
[SECURITY] [DSA 2615-1] libupnp4 security update Yves-Alexis Perez
[SECURITY] [DSA 2617-1] samba security update Luciano Bello
[SECURITY] [DSA 2616-1] nagios3 security update Jonathan Wiltshire
Directory Traversal - EasyITSP <= 2.0.7 Michał Błaszczak
NGS00336 Patch Notification: Symantec Network Access Control Privilege Escalation NCC Group Research
NGS00315 Patch Notification: Symantec Enterprise Security Management Agent Privilege Escalation NCC Group Research
[SE-2012-01] Details of issues fixed by Feb 2013 Java SE CPU Security Explorations
[IMF 2013] Call for Participation Oliver Goebel
Multiple Vulnerabilities in D'Link DIR-600 and DIR-300 (rev B) devnull
Free Monthly Websites v2.0 - Multiple Web Vulnerabilities Vulnerability Lab
0day full - Free Monthly Websites v2.0 - Multiple Web Vulnerabilities Vulnerability Lab

Tuesday, 05 February

APPLE-SA-2013-02-04-1 OS X Server v2.2.1 Apple Product Security
Re: [SE-2012-01] Details of issues fixed by Feb 2013 Java SE CPU Security Explorations
[ MDVSA-2013:007 ] mysql security
[security bulletin] HPSBST02846 SSRT100798 rev.1 - HP LeftHand Virtual SAN Appliance hydra, Remote Execution of Arbitrary Code security-alert
[MajorSecurity-SA-2013-014] Sony Playstation Vita Browser - firmware 2.05 - Adressbar spoofing research
CVE-2012-6451 Authentication Bypass in LOREX IP Cameras doylej . ia
[PT-2012-53] Privilege Gaining in DataLife Engine noreply
Multiple Vulnerabilities in Linksys E1500/E2500 devnull

Wednesday, 06 February

[CVE-2013-1463]Wordpress wp-table-reloaded&#8207; plugin XSS in SWF hip
SQL Injection Vulnerability in Wysija Newsletters WordPress Plugin advisory
Cross-Site Scripting (XSS) Vulnerability in CommentLuv WordPress Plugin advisory
[KIS-2013-02] CubeCart <= 5.2.0 (cubecart.class.php) PHP Object Injection Vulnerability Egidio Romano
[ MDVSA-2013:008 ] mysql security
DefenseCode Security Advisory: Cisco Linksys Remote Preauth 0day Root Exploit Follow-Up DefenseCode
Cisco Security Advisory: Cisco ATA 187 Analog Telephone Adaptor Remote Access Vulnerability Cisco Systems Product Security Incident Response Team

Thursday, 07 February

[CVE-2013-1464]Wordpress Audio Player Plugin XSS in SWF&#8207;&#8207; hip

Friday, 08 February

DIMVA 2013 - Extended deadline for paper submission: February 17, 2013! Collin Mulliner
[SECURITY] [DSA 2618-1] ircd-hybrid security update Luciano Bello
[slackware-security] curl (SSA:2013-038-01) Slackware Security Team
Mathematica9.0.1 on Linux /tmp/MathLink vulnerability paul . szabo

Monday, 11 February

[ MDVSA-2013:009 ] libssh security
[SECURITY] [DSA 2619-1] xen-qemu-dm-4.0 security update Moritz Muehlenhoff
[SECURITY] [DSA 2612-2] ircd-ratbox update Moritz Muehlenhoff
[ MDVSA-2013:010 ] java-1.6.0-openjdk security
Multiple Vulnerabilities in Linksys WRT160Nv2 devnull
Multiple Vulnerabilities in Linksys WAG200G devnull
Atmel "secure" crypto co-processor series microprocessors (AT91SAM7XC) leaking keys, plus bonus DESFire hack Adam Laurie
I Read It Somewhere (IRIS) citations management tool <= v1.3 (post auth) Remote Command Execution aeon . s . flux

Tuesday, 12 February

[slackware-security] openssl (SSA:2013-042-01) Slackware Security Team
Re: Atmel "secure" crypto co-processor series microprocessors (AT91SAM7XC) leaking keys, plus bonus DESFire hack Adam Laurie

Wednesday, 13 February

Simple password obfuscation in Enterprise Architect Diening, Holm
[SECURITY] [DSA 2620-1] rails security update Florian Weimer
[ MDVSA-2013:011 ] samba security
Multiple Vulnerabilities in OpenPLI devnull
[SECURITY] [DSA 2622-1] polarssl security update Thijs Kinkhorst
[SECURITY] [DSA 2621-1] openssl security update Thijs Kinkhorst

Thursday, 14 February

CA20130213-01: Security Notice for CA ControlMinder Kotas, Kevin J
Sonicwall OEM Scrutinizer v9.5.2 - Multiple Vulnerabilities Vulnerability Lab
Sonicwall Scrutinizer v9.5.2 - SQL Injection Vulnerability Vulnerability Lab
[slackware-security] pidgin (SSA:2013-044-01) Slackware Security Team
Re: Aastra IP Telephone encrypted .tuz configuration file leakage noreply
[security bulletin] HPSBMU02815 SSRT100715 rev.5 - HP SiteScope SOAP Security Issues, Remote Disclosure of Information, Remote Code Execution security-alert
Multiple Vulnerabilities in TP-Link TL-WA701N / TL-WA701ND devnull
Multiple Vulnerabilities in Edimax EW-7206-APg and EW-7209APg devnull
[SECURITY] [DSA 2623-1] openconnect security update Florian Weimer
[IA46] Photodex ProShow Producer v5.0.3297 ColorPickerProc() Memory Corruption Inshell Security

Friday, 15 February

Re: CFP: InfoSec Southwest 2013 Tod Beardsley
[ MDVSA-2013:012 ] postgresql security
Empirum Password Obfuscation Design Flaw otr

Monday, 18 February

CORE-2012-1128 - SAP Netweaver Message Server Multiple Vulnerabilities CORE Security Technologies Advisories
SI6 Networks IPv6 Toolkit v1.3 released! Fernando Gont
[SECURITY] [DSA 2624-1] ffmpeg security update Moritz Muehlenhoff
[SECURITY] [DSA 2625-1] wireshark security update Moritz Muehlenhoff
Scanning the IPv6 Internet with the scan6 tool (SI6 IPv6 toolkit) Fernando Gont
[SECURITY] [DSA 2626-1] lighttpd security update Thijs Kinkhorst
[SECURITY] [DSA 2627-1] nginx security update Thijs Kinkhorst
Sniffing HDCP crypto keys with a $30 Bus Pirate and a broken HDMI cable Adam Laurie
Re: Scanning the IPv6 Internet with the scan6 tool (SI6 IPv6 toolkit) Marc Heuse
Multiple Vulnerabilities in Netgear DGN2200B devnull
[IA47] Photodex ProShow Producer v5.0.3297 PXT File title Value Handling Buffer Overflow Inshell Security
PHP-Fusion 7.02.05 SQL Injection Krzysztof Katowicz-Kowalewski
Re: Aastra IP Telephone encrypted .tuz configuration file leakage Timo Juhani Lindfors
[SECURITY] [DSA 2628-1] nss-pam-ldapd security update Moritz Muehlenhoff
Reflective XSS in Marekkis Watermark-Plugin Cross-Site Scripting Vulnerability nauty . me04
Reflective/Stored XSS in Responsive Logo Slideshow Plugin Cross-Site Scripting Vulnerability nauty . me04

Tuesday, 19 February

FreeBSD Security Advisory FreeBSD-SA-13:01.bind FreeBSD Security Advisories
FreeBSD Security Advisory FreeBSD-SA-13:02.libc FreeBSD Security Advisories
Foswiki Security: Alert CVE-2013-1666 - Remote Code Execution Vulnerability in MAKETEXT macro. George Clark
SQLi found in Kodak Insite robert

Wednesday, 20 February

APPLE-SA-2013-02-19-1 Java for OS X 2013-001 and Mac OS X v10.6 Update 13 Apple Product Security
[slackware-security] mozilla-firefox (SSA:2013-050-01) Slackware Security Team
[slackware-security] mozilla-thunderbird (SSA:2013-050-02) Slackware Security Team
Multiple Cross-Site Scripting (XSS) in glFusion advisory
Alt-N MDaemon's WorldClient Disclosure of Authentication Credentials Vulnerability demetris papapetrou
Alt-N MDaemon's WebAdmin Remote Code Execution Vulnerability demetris papapetrou
Alt-N MDaemon's WorldClient Username Enumeration Vulnerability demetris papapetrou
Alt-N MDaemon Email Body HTML/JS Injection Vulnerability demetris papapetrou
Alt-N MDaemon's WorldClient Predictable Session ID Vulnerability demetris papapetrou
Alt-N MDaemon's WorldClient & WebAdmin Cross-Site Request Forgery Vulnerability demetris papapetrou
[ MDVSA-2013:013 ] squid security
[CVE-2013-1636]Wordpress pretty-link plugin XSS in SWF&#8207; hip
[SECURITY] [DSA 2630-1] postgresql-8.4 security update Moritz Muehlenhoff

Thursday, 21 February

[security bulletin] HPSBMU02836 SSRT101056 rev.1 - HP ArcSight Connector Appliance and ArcSight Logger, Remote Disclosure of Information, Command Injection, Cross-Site Scripting (XSS) security-alert
TeamSHATTER Security Advisory: SQL Injection in Oracle Alter FBA Table (CVE-2012-1751) Shatter
TeamSHATTER Security Advisory: Oracle 11g Stealth Password Cracking Vulnerability (CVE-2012-3137) Shatter
Sonicwall Scrutinizer v9.5.2 - SQL Injection Vulnerability Vulnerability Lab
MyFi Wireless Disk 1.2 iPad iPhone - Multiple Vulnerabilities Vulnerability Lab
Re: Alt-N MDaemon Email Body HTML/JS Injection Vulnerability brad . wyro
Paper - Hiding Data in Hard-drive Service Areas Ariel Berkman

Friday, 22 February

TeamSHATTER Security Advisory: Oracle EM Cross Site Scripting in XDBResource cancelURL parameter (CVE-2013-0352) Shatter
TeamSHATTER Security Advisory: Oracle Database GeoRaster API overflow (CVE-2012-3220) Shatter
TeamSHATTER Security Advisory: HTTP Response Splitting in Oracle EM (policyViewSettings) (CVE-2013-0354) Shatter
TeamSHATTER Security Advisory: SQL Injection in Oracle EM (advReplicationAdmin) (CVE-2013-0372) Shatter
TeamSHATTER Security Advisory: SQL Injection in Oracle EM (dBClone) (CVE-2013-0374) Shatter
TeamSHATTER Security Advisory: SQL Injection in Oracle EM (SCPLBL_COLLECTED parameters) (CVE-2013-0353) Shatter
TeamSHATTER Security Advisory: SQL Injection in Oracle EM (streams queue) (CVE-2013-0373) Shatter
TeamSHATTER Security Advisory: Oracle EM Segment Advisor Arbitrary URL redirection/phishing (CVE-2012-3219) Shatter
TeamSHATTER Security Advisory: SQL Injection in Oracle EM (Resource Manager) (CVE-2013-0358) Shatter
CVE-2013-0162 rubygem-ruby_parser: incorrect temporary file usage / Public Service Announcement Kurt Seifried
OSEC-2013-01: nagios metacharacter filtering omission Rudolph Pereira
Samsung Galaxy S3 partial screen-lock bypass ukpentestinfo
TeamSHATTER Security Advisory: Cross-site scripting in Oracle EM (advReplicationAdmin) (CVE-2013-0355) Shatter

Monday, 25 February

[ MDVSA-2013:014 ] java-1.6.0-openjdk security
[SECURITY] [DSA 2631-1] squid3 security update Salvatore Bonaccorso
NoSuchCon CFP 2.0 / 15-17 May 2013 / Paris, France Jonathan Brossard
[SE-2012-01] New security issues affecting Oracle's Java SE 7u15 Security Explorations
DC4420 - London DEFCON Tuesday 26th Feb 2013 Major Malfunction
VUPEN Security Research - Microsoft Windows OLE Automation Code Execution Vulnerability VUPEN Security Research
[SECURITY] [DSA 2629-1] openjpeg security update Michael Gilbert
[Onapsis Security Advisory 2013-001] SAP Portal PDC Information Disclosure Onapsis Research Labs
[Onapsis Security Advisory 2013-002] SAP SDM Denial of Service Onapsis Research Labs
[Onapsis Security Advisory 2013-003] SAP Enterprise Portal Cross-Site-Scripting Onapsis Research Labs
[Onapsis Security Advisory 2013-004] SAP J2EE Core Service Arbitrary File Access Onapsis Research Labs
[Onapsis Security Advisory 2013-006] SAP SMD Agent Code Injection Onapsis Research Labs
[Onapsis Security Advisory 2013-005] SAP CCMS Agent Code Injection Onapsis Research Labs
Kayako Fusion v4.51.1891 - Multiple Web Vulnerabilities Vulnerability Lab
[IA48] Photodex ProShow Producer v5.0.3297 Insecure Library Loading Vulnerability Inshell Security
Fwd: [SECURITY] CVE-2013-0253 Apache Maven 3.0.4 Olivier Lamy
CONFidence 2013 - Call for Papers - 28-29.05.2013 Krakow, Poland Andrzej Targosz

Tuesday, 26 February

[slackware-security] seamonkey (SSA:2013-056-01) Slackware Security Team
[SECURITY] [DSA 2632-1] linux-2.6 security update dann frazier
[ MDVSA-2013:015 ] apache security
Denial of Service vulnerability in War FTP Daemon 1.82 Jarle Aase

Wednesday, 27 February

[SECURITY] [DSA 2633-1] fusionforge security update Yves-Alexis Perez
[SECURITY] [DSA 2634-1] python-django security update Nico Golde

Thursday, 28 February

Cisco Security Advisory: Cisco Unified Presence Server Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco Prime Central for Hosted Collaboration Solution Assurance Excessive CPU Utilization Vulnerability Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco Unified Communications Manager Multiple Denial of Service Vulnerabilities Cisco Systems Product Security Incident Response Team
[ MDVSA-2013:016 ] php security
[waraxe-2013-SA#097] - Multiple Vulnerabilities in PHP-Fusion 7.02.05 come2waraxe
Unauthenticated remote access to D-Link DIR-645 devices roberto
[KIS-2013-03] Joomla! <= 3.0.2 (highlight.php) PHP Object Injection Vulnerability Egidio Romano
Multiple Vulnerabilities in Piwigo advisory
Cross-Site Scripting (XSS) in Geeklog advisory
Stored Cross-site Scripting ('XSS') in Airvana HubBub C1-600-RT Femtocell scott . behrens
PHEARCON Call For Papers AA
Fileutils ruby gem possible remote command execution and insecure file handling in /tmp larry0
PreviousPrevious period
Next periodNext