Bugtraq: by author

• RSS Feed
• About List
• All Lists

Previous period

Next period

130 messages starting May 02 13 and ending May 29 13
Date index | Thread index | Author index

admin

WordPress Plugin: Advanced XML Reader v0.3.4 XXE Vulnerability admin (May 02)

advisory

Multiple Vulnerabilities in Exponent CMS advisory (May 15)
Multiple Cross-Site Scripting (XSS) vulnerabilities in GetSimple CMS advisory (May 01)
SQL Injection in b2evolution advisory (May 01)
Cross-Site Request Forgery (CSRF) in UMI.CMS advisory (May 08)

announcements

WASC Announcement: Static Analysis Technologies Evaluation Criteria Published announcements (May 13)

Apple Product Security

APPLE-SA-2013-05-16-1 iTunes 11.0.3 Apple Product Security (May 17)
APPLE-SA-2013-05-22-1 QuickTime 7.7.4 Apple Product Security (May 23)

aure

Static analysis tool exposition (SATE) V Call for participation aure (May 21)

az . bugreport . subscriber

Unchecked Buffer in Microchip TCP/IP Stack Could Allow Remote Code Execution az . bugreport . subscriber (May 01)

cfp

CFP: Hacktivity 2013, October 11-12, Budapest, Hungary cfp (May 10)

chudakovma

CVE-2013-3496. Local privilege escalation vulnerability in Infotecs products (ViPNet Client\Coordinator, SafeDisk, Personal Firewall) chudakovma (May 21)

Cisco Systems Product Security Incident Response Team

[2.0 Update] Cisco Security Advisory: Cisco Prime Data Center Network Manager Remote Command Execution Vulnerability Cisco Systems Product Security Incident Response Team (May 08)
Cisco Security Advisory: Cisco TelePresence Supervisor MSE 8050 Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (May 15)
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified Customer Voice Portal Software Cisco Systems Product Security Incident Response Team (May 08)

come2waraxe

[waraxe-2013-SA#104] - Multiple Vulnerabilities in Spider Event Calendar Wordpress Plugin come2waraxe (May 22)
[waraxe-2013-SA#105] - Multiple Vulnerabilities in Spider Catalog Wordpress Plugin come2waraxe (May 22)

CORE Security Technologies Advisories

CORE-2013-0302 - Zavio IP Cameras multiple vulnerabilities CORE Security Technologies Advisories (May 29)
CORE-2013-0318 - TP-Link IP Cameras Multiple Vulnerabilities CORE Security Technologies Advisories (May 29)
CORE-2013-0322 - MayGion IP Cameras multiple vulnerabilities CORE Security Technologies Advisories (May 29)

dann frazier

[SECURITY] [DSA 2669-1] linux security update dann frazier (May 16)
[SECURITY] [DSA 2668-1] linux-2.6 security update dann frazier (May 15)

ddivulnalert

DDIVRT-2013-53 Actuate 'ActuateJavaComponent' Multiple Vulnerabilities ddivulnalert (May 09)

devnull

Multiple Vulnerabilities in D-Link DSL-320B devnull (May 06)

dougtko

Monkey HTTPD 1.1.1 - Denial of Service Vulnerability dougtko (May 29)

F. Duchene

GreHack 2013 - 2nd Call For Papers - November 15, Grenoble, France F. Duchene (May 27)

Fernando Gont

Revision of "IPv6 Stable Privacy Addresses" (Fwd: I-D Action: draft-ietf-6man-stable-privacy-addresses-07.txt) Fernando Gont (May 21)

Florian Weimer

[SECURITY] [DSA 2697-1] gnutls26 security update Florian Weimer (May 30)
[SECURITY] [DSA 2672-1] kfreebsd-9 security update Florian Weimer (May 23)

Giuseppe Iuculano

[SECURITY] [DSA 2696-1] otrs2 security update Giuseppe Iuculano (May 30)

Hafez Kamal

[HITB-Announce] #HITB2013KUL Call for Papers Hafez Kamal (May 01)

James Joshi

CFP: IEEE SafeConfig: 6th Symposium on Security Analytics and Automation James Joshi (May 23)

Josh Thompson

Apache VCL improper input validation Josh Thompson (May 06)

Kotas, Kevin J

CA20130528-01: Security Notice for CA Process Automation (CA PAM) Kotas, Kevin J (May 29)

Kurt Seifried

Re: [oss-security] KDE Paste Applet Kurt Seifried (May 30)

Lukasz Lenart

[ANN] Struts 2.3.14.1 GA (fast track | security) Lukasz Lenart (May 23)

Mark Thomas

CVE-2013-2071 Request mix-up if AsyncListener method throws RuntimeException Mark Thomas (May 10)
[SECURITY] CVE-2012-3544 Chunked transfer encoding extension size is not limited Mark Thomas (May 10)
[SECURITY] CVE-2013-2067 Session fixation with FORM authenticator Mark Thomas (May 10)

Michael Gilbert

[SECURITY] [DSA 2695-1] chromium-browser security update Michael Gilbert (May 30)

Michael Samuel

KDE Paste Applet Michael Samuel (May 29)

Moritz Muehlenhoff

[SECURITY] [DSA 2678-1] mesa security update Moritz Muehlenhoff (May 24)
[SECURITY] [DSA 2673-1] libdmx security update Moritz Muehlenhoff (May 24)
[SECURITY] [DSA 2675-1] libxvmc security update Moritz Muehlenhoff (May 24)
[SECURITY] [DSA 2682-1] libxext security update Moritz Muehlenhoff (May 24)
[SECURITY] [DSA 2676-1] libxfixes security update Moritz Muehlenhoff (May 24)
[SECURITY] [DSA 2674-1] libxv security update Moritz Muehlenhoff (May 24)
[SECURITY] [DSA 2667-1] mysql-5.5 security update Moritz Muehlenhoff (May 13)
[SECURITY] [DSA 2685-1] libxp security update Moritz Muehlenhoff (May 24)
[SECURITY] [DSA 2683-1] libxi security update Moritz Muehlenhoff (May 24)
[SECURITY] [DSA 2689-1] libxtst security update Moritz Muehlenhoff (May 24)
[SECURITY] [DSA 2692-1] libxxf86vm security update Moritz Muehlenhoff (May 24)
[SECURITY] [DSA 2680-1] libxt security update Moritz Muehlenhoff (May 24)
[SECURITY] [DSA 2681-1] libxcursor security update Moritz Muehlenhoff (May 24)
[SECURITY] [DSA 2677-1] libxrender security update Moritz Muehlenhoff (May 24)
[SECURITY] [DSA 2687-1] libfs security update Moritz Muehlenhoff (May 24)
[SECURITY] [DSA 2679-1] xserver-xorg-video-openchrome security update Moritz Muehlenhoff (May 24)
[SECURITY] [DSA 2690-1] libxxf86dga security update Moritz Muehlenhoff (May 24)
[SECURITY] [DSA 2688-1] libxres security update Moritz Muehlenhoff (May 24)
[SECURITY] [DSA 2684-1] libxrandr security update Moritz Muehlenhoff (May 24)
[SECURITY] [DSA 2686-1] libxcb security update Moritz Muehlenhoff (May 24)
[SECURITY] [DSA 2691-1] libxinerama security update Moritz Muehlenhoff (May 24)

NCC Group Research

NGS00415 Patch Notification: Oracle 11g TNS listener remote Null Pointer Dereference (pre-auth) NCC Group Research (May 02)
NGS00416 Patch Notification: Oracle 11g TNS listener remote Invalid Pointer Read (pre-auth) NCC Group Research (May 02)
NGS00423 Patch Notification: Oracle Retail Invoice Manager SQL Injection NCC Group Research (May 02)
NGS00422 Patch Notification: Oracle Retail Integration Bus Manager Directory Traversal NCC Group Research (May 02)

Raphael Geissert

[SECURITY] [DSA 2693-1] libx11 security update Raphael Geissert (May 27)

RedTeam Pentesting GmbH

[RT-SA-2013-001] Advisory: Exim with Dovecot: Typical Misconfiguration Leads to Remote Command Execution RedTeam Pentesting GmbH (May 13)

roberto . paleari

Multiple buffer overflows on Huawei SNMPv3 service roberto . paleari (May 06)

Ruckus Product Security Team

RUCKUS ADVISORY ID 031813-1: Unauthenticated TCP tunneling on Ruckus devices via SSH server process Ruckus Product Security Team (May 29)
RUCKUS ADVISORY ID 031813-2: User authentication bypass vulnerability in ZoneDirector administrative web interface Ruckus Product Security Team (May 29)

Salvatore Bonaccorso

[SECURITY] [DSA 2664-1] stunnel4 security update Salvatore Bonaccorso (May 02)
[SECURITY] [DSA 2666-1] xen security update Salvatore Bonaccorso (May 13)

SEC Consult Vulnerability Lab

SEC Consult SA-20130523-0 :: JavaScript Execution in IBM WebSphere DataPower Services SEC Consult Vulnerability Lab (May 23)
SEC Consult SA-20130507-0 :: Multiple vulnerabilities in NetApp OnCommand System Manager SEC Consult Vulnerability Lab (May 07)

security

[ MDVSA-2013:168 ] python-httplib2 security (May 27)
[ MDVSA-2013:160 ] phpmyadmin security (May 03)
[ MDVSA-2013:162 ] glibc security (May 08)
[ MDVSA-2013:161 ] java-1.7.0-openjdk security (May 06)
[ MDVSA-2013:164 ] mesa security (May 13)
[ MDVSA-2013:167 ] openvpn security (May 27)
[ MDVSA-2013:170 ] socat security (May 29)
[ MDVSA-2013:169 ] socat security (May 29)
[ MDVSA-2013:159 ] clamav security (May 01)
[ MDVSA-2013:163 ] glibc security (May 08)
[ MDVSA-2013:165 ] firefox security (May 15)
[ MDVSA-2013:166 ] krb5 security (May 22)

Security Alert

ESA-2013-041: EMC VNX and Celerra Control Station Elevation of Privilege Vulnerability Security Alert (May 16)
ESA-2013-015: RSA Archer® GRC Multiple Vulnerabilities Security Alert (May 06)
ESA-2013-029: RSA SecurID Sensitive Information Disclosure Vulnerability Security Alert (May 16)
ESA-2013-037: EMC AlphaStor Buffer Overflow Vulnerability Security Alert (May 09)
ESA-2013-028: EMC NetWorker Elevation of Privilege Vulnerability Security Alert (May 02)
ESA-2013-021: EMC Documentum Multiple Vulnerabilities Security Alert (May 09)
ESA-2013-034: EMC Avamar Improper Authorization vulnerability Security Alert (May 02)
ESA-2013-031: RSA® Authentication Agent Cross-Site Scripting (XSS) Vulnerability Security Alert (May 10)
ESA-2013-040: RSA® Authentication Manager 8.0 Multiple Vulnerabilities Security Alert (May 29)
ESA-2013-035: EMC Avamar Client Improper Certificate Validation Vulnerability Security Alert (May 02)

security-alert

[security bulletin] HPSBUX02881 SSRT101189 rev.1 - HP-UX Directory Server, Remote Disclosure of Information security-alert (May 24)
[security bulletin] HPSBUX02859 SSRT101144 rev.3 - HP-UX Running XNTP, Remote Denial of Service (DoS) and Execution of Arbitrary Code security-alert (May 15)
[security bulletin] HPSBUX02876 SSRT101148 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS) security-alert (May 08)
[security bulletin] HPSBMU02786 SSRT100877 rev.2 - HP System Management Homepage (SMH) Running on Linux, Windows, and VMware ESX, Remote Unauthorized Access, Disclosure of Information, Data Modification, Denial of Service (DoS), Execution of Arbitrary Code security-alert (May 09)
[security bulletin] HPSBPI02869 SSRT100936 rev.2 - HP LaserJet MFP Printers, HP Color LaserJet MFP Printers, Certain HP LaserJet Printers, Remote Unauthorized Access to Files security-alert (May 30)

Security Explorations

[SE-2012-01] New security vulnerabilities and broken fixes in IBM Java Security Explorations (May 06)

Slackware Security Team

[slackware-security] kernel (SSA:2013-140-01) Slackware Security Team (May 21)
[slackware-security] ruby (SSA:2013-136-02) Slackware Security Team (May 17)
[slackware-security] mozilla-thunderbird (SSA:2013-135-02) Slackware Security Team (May 16)
[slackware-security] mozilla-thunderbird x86_64 packages (SSA:2013-136-01) Slackware Security Team (May 17)
[slackware-security] mozilla-firefox (SSA:2013-135-01) Slackware Security Team (May 16)

Sławomir Jabs

CONFidence - May, 28-29, Krakow, Poland - a conference adventure that never stops! Sławomir Jabs (May 17)

Stefan Kanthak

VULNERABLE and COMPLETELY outdated 3rd-party libraries/components used in 3CX Phone 6 Stefan Kanthak (May 06)
Defense in depth -- the Microsoft way Stefan Kanthak (May 21)
Vulnerability in "Fujitsu Desktop Update" (for Windows) Stefan Kanthak (May 09)
Re: Vulnerabilities in Windows 8 Professional x64 factory preinstallation of Fujitsu Lifebook A512 [continued] Stefan Kanthak (May 09)
Vulnerability in Microsoft Security Essentials <v4.2 Stefan Kanthak (May 06)

Thijs Kinkhorst

[SECURITY] [DSA 2675-2] libxvmc regression update Thijs Kinkhorst (May 24)

Tony Naggs

DC4420 - London DEFCON - May meet - Tuesday 28th May 2013 Tony Naggs (May 27)

Vulnerability Lab

Wireless Disk PRO v2.3 iOS - Multiple Web Vulnerabilities Vulnerability Lab (May 13)
SimpleTransfer 2.2.1 - Command Injection Vulnerabilities Vulnerability Lab (May 13)
Wireless Photo Access 1.0.10 iOS - Multiple Vulnerabilities Vulnerability Lab (May 13)
Sony PS3 Firmware v4.31 - Code Execution Vulnerability Vulnerability Lab (May 21)
Wifi Album v1.47 iOS - Command Injection Vulnerability Vulnerability Lab (May 13)
Trend Micro DirectPass 1.5.0.1060 - Multiple Vulnerabilities Vulnerability Lab (May 22)
File Lite 3.3 & 3.5 PRO iOS - Multiple Web Vulnerabilities Vulnerability Lab (May 13)
Barracuda SSL VPN 680 2.2.2.203 - Redirect Web Vulnerability Vulnerability Lab (May 27)
Wifi Photo Transfer 2.1 & 1.1 PRO - Multiple Vulnerabilities Vulnerability Lab (May 13)

VUPEN Security Research

VUPEN Security Research - Microsoft Internet Explorer 10-9-8-7-6 "Scroll" Use-after-free (MS13-028) VUPEN Security Research (May 03)
VUPEN Security Research - Microsoft Internet Explorer 10-9-8-7-6 "CDisplayPointer" Use-after-free (MS13-028) VUPEN Security Research (May 03)
VUPEN Security Research - Microsoft Internet Explorer 10-9-8-7-6 VML Remote Integer Overflow (MS13-037 / Pwn2Own) VUPEN Security Research (May 22)
VUPEN Security Research - Microsoft Internet Explorer 10-9 Object Confusion Sandbox Bypass (MS13-037 / Pwn2Own) VUPEN Security Research (May 22)

yjaaidi

[SECURITY][CVE-2013-2765][ModSecurity] Remote Null Pointer Dereference yjaaidi (May 29)

Previous period

Next period