Bugtraq: by thread
164 messages
starting Sep 30 13 and
ending Oct 31 13
Date index |
Thread index |
Author index
- CFP: WorldCIST'14 - World Conference on IST, at Madeira Island Maria Lemos (Sep 30)
- iOS: List of available trusted root certificates Jeffrey Walton (Sep 30)
- Re: iOS: List of available trusted root certificates Jason Hellenthal (Oct 01)
- CORE-2013-0904 - PinApp Mail-SeCure Access Control Failure CORE Advisories Team (Oct 01)
- CORE-2013-0828 - PDFCool Studio Buffer Overflow Vulnerability CORE Advisories Team (Oct 01)
- Defense in depth -- the Microsoft way (part 11): privilege escalation for dummies Stefan Kanthak (Oct 01)
- Remote Code Execution in GLPI High-Tech Bridge Security Research (Oct 02)
- Multiple Vulnerabilities in Gnew High-Tech Bridge Security Research (Oct 02)
- All in One SEO Pack Plugin for WordPress 1.3.6.4 - 2.0.3 XSS Charlie Briggs (Oct 02)
- Cisco Security Advisory: Cisco IOS XR Software Memory Exhaustion Vulnerability Cisco Systems Product Security Incident Response Team (Oct 02)
- RootedCON 2014 - Call For Papers Javier Olascoaga (Oct 02)
- Paypal Inc Bug Bounty #99 - Filter Bypass & Persistent Vulnerability Vulnerability Lab (Oct 02)
- Security Guard CMS QT 4.7.3 - Local Stack Buffer Overflow Vulnerability Vulnerability Lab (Oct 03)
- Hide Photo+Video Safe v1.6 iOS - Multiple Vulnerabilities Vulnerability Lab (Oct 03)
- SilverStripe Framework CMS 3.0.5 - Multiple Web Vulnerabilities Vulnerability Lab (Oct 03)
- elproLOG MONITOR WebAccess 2.1 - Multiple Web Vulnerabilities Vulnerability Lab (Oct 03)
- WebAssist PowerCMS PHP - Multiple Web Vulnerabilities Vulnerability Lab (Oct 03)
- Apple iOS 7 iPad2 Face-Time 1.0.2 - Privacy Vulnerability Vulnerability Lab (Oct 03)
- SEC Consult SA-20131003-0 :: Denial of service vulnerability in Citrix NetScaler SEC Consult Vulnerability Lab (Oct 03)
- [ MDVSA-2013:245 ] proftpd security (Oct 03)
- [SOJOBO-ADV-13-01] - Zenphoto 1.4.5.2 multiple vulnerabilities advisories (Oct 03)
- ESA-2013-062: EMC Atmos Unauthenticated Database Access Vulnerability Security Alert (Oct 03)
- [security bulletin] HPSBPI02892 rev.1 - Certain HP FutureSmart MFP, Weak PDF Encryption, Local Disclosure of Information security-alert (Oct 03)
- APPLE-SA-2013-10-03-1 OS X v10.8.5 Supplemental Update Apple Product Security (Oct 03)
- SEC Consult SA-20131004-0 :: SQL injection vulnerability in Zabbix SEC Consult Vulnerability Lab (Oct 04)
- [SECURITY] [DSA 2768-1] icedtea-web security update Salvatore Bonaccorso (Oct 07)
- [KIS-2013-09] Vanilla Forums <= 2.0.18.5 (class.utilitycontroller.php) PHP Object Injection Vulnerability Egidio Romano (Oct 07)
- Apple Motion Integer Overflow Vulnerability pereira (Oct 07)
- [ MDVSA-2013:246 ] openjpa security (Oct 07)
- NotSoSecure CTF (in partnership with Appsec USA) sid (Oct 08)
- [SECURITY] [DSA-2769-1] kfreebsd-9 security update Salvatore Bonaccorso (Oct 08)
- [security bulletin] HPSBGN02929 rev.1 - HP Intelligent Management Center (iMC), HP IMC Branch Intelligent Management System Software Module (BIMS), and Comware Based Switches and Routers, Remote Code Execution, Disclosure of Information security-alert (Oct 08)
- [security bulletin] HPSBGN02930 rev.1 - HP Intelligent Management Center(iMC) and HP IMC Service Operation Management Software Module, Remote Authentication Bypass, Disclosure of Information, Unauthorized Access, SQL Injection security-alert (Oct 08)
- Cross-Site Scripting (XSS) in Feng Office High-Tech Bridge Security Research (Oct 09)
- [ISecAuditors Security Advisories] Multiple Vulnerabilities in Uebimiau <= 2.7.11 ISecAuditors Security Advisories (Oct 09)
- [ISecAuditors Security Advisories] Multiple Reflected XSS vulnerabilities in BoltWire <= v3.5 ISecAuditors Security Advisories (Oct 09)
- [SECURITY] [DSA 2770-1] torque security update Salvatore Bonaccorso (Oct 09)
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA Software Cisco Systems Product Security Incident Response Team (Oct 09)
- <Possible follow-ups>
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA Software Cisco Systems Product Security Incident Response Team (Oct 17)
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco Firewall Services Module Software Cisco Systems Product Security Incident Response Team (Oct 09)
- [SECURITY] [DSA 2771-1] nas security update Moritz Muehlenhoff (Oct 09)
- [SECURITY] [DSA 2775-1] ejabberd security update Thijs Kinkhorst (Oct 10)
- [ MDVSA-2013:248 ] xinetd security (Oct 10)
- [SECURITY] [DSA 2772-1] typo3-src security update Moritz Muehlenhoff (Oct 10)
- [ MDVSA-2013:247 ] gnupg security (Oct 10)
- [ MDVSA-2013:249 ] libraw security (Oct 10)
- [SECURITY] [DSA 2774-1] gnupg security update Thijs Kinkhorst (Oct 10)
- [security bulletin] HPSBMU02901 rev.1 - HP Business Process Monitor running on Windows, Remote Execution of Arbitrary Code and Disclosure of Information security-alert (Oct 10)
- [SECURITY] [DSA 2773-1] gnupg security update Thijs Kinkhorst (Oct 11)
- [SECURITY] [DSA 2776-1] drupal6 security update Moritz Muehlenhoff (Oct 11)
- [SECURITY] [DSA 2777-1] systemd security update Moritz Muehlenhoff (Oct 11)
- Wordpress Cart66 Plugin 1.5.1.14 Multiple Vulnerabilities jsibley1 (Oct 11)
- <Possible follow-ups>
- Wordpress Cart66 Plugin 1.5.1.14 Multiple Vulnerabilities jsibley1 (Oct 14)
- [SECURITY] [DSA 2778-1] libapache2-mod-fcgid security update Salvatore Bonaccorso (Oct 14)
- [CISTI'2014]: Call for Workshops Maria Lemos (Oct 14)
- CFP: Passwords^13 Bergen (Norway), December 2-3 2013 Per Thorsheim (Oct 14)
- [SECURITY] [DSA 2779-1] libxml2 security update Michael Gilbert (Oct 14)
- [slackware-security] libgpg-error (SSA:2013-287-04) Slackware Security Team (Oct 15)
- [slackware-security] gnutls (SSA:2013-287-03) Slackware Security Team (Oct 15)
- [slackware-security] gnupg (SSA:2013-287-01) Slackware Security Team (Oct 15)
- [slackware-security] xorg-server (SSA:2013-287-05) Slackware Security Team (Oct 15)
- [slackware-security] gnupg2 (SSA:2013-287-02) Slackware Security Team (Oct 15)
- Critical vulnerabilities discovered in Gazelle and TBDEV.net Bogdan Calin (Oct 15)
- Training : Advanced Android & iOS Hands-on Exploitation at Toorcon San Diego [16th-17th Oct,2013] xys3c team (Oct 15)
- <Possible follow-ups>
- Training : Advanced Android & iOS Hands-on Exploitation at Toorcon San Diego [16th-17th Oct,2013] xys3c team (Oct 15)
- OliveOffice Mobile Suite 2.0.3 iOS - File Include Vulnerability Vulnerability Lab (Oct 15)
- SEC Consult SA-20131015-0 :: Multiple vulnerabilities in SpamTitan SEC Consult Vulnerability Lab (Oct 15)
- My File Explorer v1.3.1 iOS - Multiple Web Vulnerabilities Vulnerability Lab (Oct 15)
- Paypal Inc Bug Bounty #105 MOS - Multiple Persistent Print Layout Vulnerabilities Vulnerability Lab (Oct 15)
- Apple iOS 7.2 - Sim Lock Screen Display Bypass Vulnerability Vulnerability Lab (Oct 15)
- DornCMS Application v1.4 - Multiple Web Vulnerabilities Vulnerability Lab (Oct 15)
- ZAPms v1.42 CMS - Client Side Cross Site Scripting Web Vulnerability Vulnerability Lab (Oct 15)
- [security bulletin] HPSBMU02931 rev.1 - HP Service Manager, Injection of Arbitrary Code, Remote Privilege Elevation, Remote Disclosure of Privileged Information and Cross Site Scripting (XSS) security-alert (Oct 15)
- APPLE-SA-2013-10-15-1 Java for OS X 2013-005 and Mac OS X v10.6 Update 17 Apple Product Security (Oct 16)
- [ISecAuditors Security Advisories] PL/SQL Injection in Oracle Portal Demo Organization Chart ISecAuditors Security Advisories (Oct 16)
- Remote Code Execution in Microweber High-Tech Bridge Security Research (Oct 16)
- [SE-2012-01] Issue 69 details and IBM Java vulnerabilities Security Explorations (Oct 16)
- PayPal Inc Bug Bounty #61 - Persistent Mail Encoding Vulnerability Vulnerability Lab (Oct 16)
- <Possible follow-ups>
- PayPal Inc Bug Bounty #61 - Persistent Mail Encoding Vulnerability Vulnerability Lab (Oct 17)
- [security bulletin] HPSBPV02918 rev.2 - HP ProCurve Manager (PCM), HP PCM+ and HP Identity Driven Manager (IDM), SQL Injection, Remote Code Execution, Session Reuse security-alert (Oct 16)
- [ MDVSA-2013:250 ] mysql security (Oct 17)
- Security Advisory for Bugzilla 4.4.1, 4.2.7 and 4.0.11 LpSolit (Oct 17)
- Zikula CMS v1.3.5 - Multiple Web Vulnerabilities Vulnerability Lab (Oct 17)
- Bluetooth U v1.2.0 iOS - Directory Traversal Vulnerability Vulnerability Lab (Oct 17)
- [ISecAuditors Security Advisories] CSRF vulnerability in LinkedIn ISecAuditors Security Advisories (Oct 17)
- [ANN] Struts 2.3.15.3 GA release available - security fix Lukasz Lenart (Oct 17)
- Elite Graphix ElitCMS 1.01 & PRO - Multiple Web Vulnerabilities Vulnerability Lab (Oct 17)
- NEW VMSA-2013-0012 VMware vSphere updates address multiple vulnerabilities "VMware Security Response Center" (Oct 17)
- [ MDVSA-2013:253 ] libtar security (Oct 18)
- [ MDVSA-2013:251 ] aircrack-ng security (Oct 18)
- [ MDVSA-2013:252 ] torque security (Oct 18)
- [ MDVSA-2013:254 ] quagga security (Oct 18)
- [ MDVSA-2013:255 ] clutter security (Oct 18)
- [ MDVSA-2013:256 ] apache-mod_fcgid security (Oct 18)
- [SECURITY] [DSA 2780-1] mysql-5.1 security update Moritz Muehlenhoff (Oct 18)
- OWASP Vulnerable Web Applications Directory Project psiinon (Oct 18)
- [SECURITY] [DSA 2781-1] python-crypto security update Yves-Alexis Perez (Oct 18)
- [slackware-security] libtiff (SSA:2013-290-01) Slackware Security Team (Oct 20)
- Wordpress videowall Plugin Xss vulnerabilities iedb . team (Oct 20)
- [slackware-security] hplip (SSA:2013-291-01) Slackware Security Team (Oct 20)
- Defense in depth -- the Microsoft way (part 12): NOOP security fixes Stefan Kanthak (Oct 20)
- [Article] Linux Kernel Patches For Linux Kernel Security geinblues (Oct 20)
- glibc 2.5 <= reloc types to crash bug geinblues (Oct 21)
- [SECURITY] [DSA 2782-1] polarssl security update Moritz Muehlenhoff (Oct 21)
- [SECURITY] [DSA 2783-1] librack-ruby security update Thijs Kinkhorst (Oct 21)
- [CVE-2013-5702] Watchguard Server Center v11.7.4 Multiple Non-Persistent Cross-Site Scripting Vulnerabilities Julien Ahrens (Oct 21)
- [CVE-2013-4295] Apache Shindig information disclosure vulnerability Ryan Baxter (Oct 21)
- [CVE-2013-2751, CVE-2013-2752] NETGEAR ReadyNAS Remote Root Craig Young (Oct 22)
- [SOJOBO-ADV-13-02] - MODx 2.2.10 Reflected Cross Site Scripting advisories (Oct 22)
- [SECURITY] [DSA 2784-1] xorg-server security update Moritz Muehlenhoff (Oct 22)
- AusCERT2014: Call for Presentations NOW OPEN auto-bulletins (Oct 22)
- [Article] The Audit DSOs of the rtld geinblues (Oct 23)
- [ MDVSA-2013:257 ] nss security (Oct 23)
- Cross-Site Scripting (XSS) in GuppY High-Tech Bridge Security Research (Oct 23)
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco Identity Services Engine Cisco Systems Product Security Incident Response Team (Oct 23)
- Cisco Security Advisory: Cisco IOS XR Software Route Processor Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Oct 23)
- Cisco Security Advisory: Apache Struts 2 Command Execution Vulnerability in Multiple Cisco Products Cisco Systems Product Security Incident Response Team (Oct 23)
- ESA-2013-067: RSA® Authentication Agent for Web for Internet Information Services (IIS) Security Controls Bypass Vulnerability Security Alert (Oct 23)
- RPS/APS vulnerability in snom/yealink and others Cal Leeming [Simplicity Media Ltd] (Oct 23)
- Re: RPS/APS vulnerability in snom/yealink and others Cal Leeming [Simplicity Media Ltd] (Oct 24)
- <Possible follow-ups>
- Re: RPS/APS vulnerability in snom/yealink and others god (Oct 24)
- [ISecAuditors Security Advisories] HTTP Response Splitting Vulnerability in WebCollab <= v3.30 ISecAuditors Security Advisories (Oct 24)
- [WorldCIST'14]: World Conference on IST; Proceedings by Springer Maria Lemos (Oct 24)
- CA20131024-01: Security Notice for CA SiteMinder Kotas, Kevin J (Oct 24)
- [SECURITY] [DSA 2783-2] librack-ruby regression update Salvatore Bonaccorso (Oct 24)
- DC4420 - London DEFCON - October meet - Tuesday 29th October 2013 Major Malfunction (Oct 25)
- Symantec Workspace Streaming 7.5.0.493 SWS Streamlet Engine Invoker Servlets Remote Code Execution nospam (Oct 25)
- Onpub CMS 1.4 & 1.5 - Multiple SQL Injection Vulnerabilities Vulnerability Lab (Oct 28)
- Feeder.co RSS Feeder 5.2 Chrome - Persistent Software Vulnerability Vulnerability Lab (Oct 28)
- Paypal Inc Bug Bounty #104 - Persistent Exception Vulnerability Vulnerability Lab (Oct 28)
- [SECURITY] [DSA 2785-1] chromium-browser security update Michael Gilbert (Oct 28)
- [SECURITY] [DSA 2787-1] roundcube security update Salvatore Bonaccorso (Oct 28)
- Call for Papers, 2014 Symposium on Cryptography and Authentication (SCA2014) , Suzhou, China 2014 Symposium on Cryptography and Authentication (SCA2014) (Oct 28)
- [CVE-2012-6297] DD-WRT v24-sp2 Command Injection Craig Young (Oct 28)
- Call for Papers, 2014 Symposium on Protocols and Rules for Security (SPRS2014) 2014 Symposium on Protocols and Rules for Security (SPRS2014) (Oct 28)
- <Possible follow-ups>
- Re: Call for Papers, 2014 Symposium on Protocols and Rules for Security (SPRS2014) Brandon Butterworth (Oct 28)
- [SECURITY] [DSA 2786-1] icu security update Michael Gilbert (Oct 28)
- Multiple CSRF Horde Groupware Web mail Edition 5.1.2 m . benetrix (Oct 28)
- vBulletin remote admin injection exploit simo (Oct 28)
- [ISecAuditors Security Advisories] XSS vulnerability in LinkedIn ISecAuditors Security Advisories (Oct 28)
- [scip_Advisory 10847] MobileIron 4.5.4 Device Registration regpin Cross Site Scripting Marc Ruef (Oct 28)
- [PT-2013-46] Local File Include in Nagios Looking Glass noreply (Oct 28)
- ILIAS eLearning 4.3.4 & 4.4 CMS - Persistent Notes Web Vulnerability Vulnerability Lab (Oct 28)
- CVE-2013-5695 Multilple Cross Site Scripting (XSS) Attacks in Ops View J. Oquendo (Oct 28)
- [ MDVSA-2013:258 ] icu security (Oct 28)
- [ MDVSA-2013:259 ] x11-server security (Oct 28)
- [ MDVSA-2013:260 ] x11-server security (Oct 28)
- [ MDVSA-2013:261 ] dropbear security (Oct 29)
- [ MDVSA-2013:262 ] python-pycrypto security (Oct 29)
- Stem Innovation ‘IZON’ Hard-coded Credentials (CVE-2013-6236) Mark Stanislav (Oct 29)
- [PSA-2013-1022-1] Microsoft Silverlight Invalid Typecast / Memory Disclosure bugtraq (Oct 29)
- CVE-2013-5694 Blind SQL Injection in Ops View J. Oquendo (Oct 29)
- ESA-2013-072: EMC NetWorker Information Disclosure Vulnerability Security Alert (Oct 29)
- GTX CMS 2013 Optima - Multiple Web Vulnerabilities Vulnerability Lab (Oct 29)
- Olat CMS 7.8.0.1 - Persistent Calender Web Vulnerability Vulnerability Lab (Oct 29)
- [ MDVSA-2013:263 ] roundcubemail security (Oct 30)
- Apache PHP Remote Exploit - apache-magika.c king cope (Oct 30)
- ESA-2013-074: EMC Unisphere for VMAX Information Disclosure Vulnerability Security Alert (Oct 30)
- Unicorn Router WB-3300NR CSRF (Factory Reset/DNS Change) jsibley1 (Oct 31)
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco IOS XE Software for 1000 Series Aggregation Services Routers Cisco Systems Product Security Incident Response Team (Oct 31)
- [CVE-2013-4484] DoS vulnerability in Varnish HTTP cache Poul-Henning Kamp (Oct 31)
- nullcon Goa V First Speaker list and CFP closes soon nullcon (Oct 31)
- [SECURITY] [DSA 2788-1] iceweasel security update Raphael Geissert (Oct 31)
- [ MDVSA-2013:264 ] firefox security (Oct 31)