Bugtraq: by thread
149 messages
starting Sep 02 13 and
ending Sep 30 13
Date index |
Thread index |
Author index
- [slackware-security] gnutls (SSA:2013-242-03) Slackware Security Team (Sep 02)
- [SECURITY] [DSA 2747-1] cacti security update Florian Weimer (Sep 02)
- list of vulnerability discovered by RealPentesting Pedro Guillen (Sep 02)
- Full Disclosure - Multiple vulnerabilities in five Zoom ADSL Modem/Routers kyle Lovett (Sep 02)
- Defense in depth -- the Microsoft way (part 9): erroneous documentation Stefan Kanthak (Sep 02)
- IndiaNIC Testimonail WP plugin - Multiple vulnerabilities roguecoder (Sep 02)
- [SECURITY] [DSA 2740-2] python-django regression update Florian Weimer (Sep 02)
- [SECURITY] [DSA 2748-1] exactimage security update Florian Weimer (Sep 02)
- Mikrotik RouterOS 5.* and 6.* sshd remote preauth heap corruption king cope (Sep 02)
- [SECURITY] [DSA 2749-1] asterisk security update Moritz Muehlenhoff (Sep 03)
- [ MDVSA-2013:224 ] libtiff security (Sep 03)
- [ MDVSA-2013:225 ] libdigidoc security (Sep 03)
- ESA-2013-057: RSA Archer(r) GRC Multiple Vulnerabilities Security Alert (Sep 03)
- PayPal's "invalid" aksession Padding Oracle Flaw Timothy D. Morgan (Sep 03)
- [SECURITY] [DSA 2750-1] imagemagick security update Florian Weimer (Sep 03)
- [PSA-2013-0903-1] Apple Safari Heap Buffer Overflow bugtraq (Sep 03)
- SEC Consult SA-20130904-0 :: GroupLink everything HelpDesk - undocumented password reset/admin takeover and XSS vulnerabilities SEC Consult Vulnerability Lab (Sep 04)
- Call for Paper/Event - nullcon Goa 2014 nullcon (Sep 04)
- Cisco Security Advisory: Multiple Vulnerabilities in the Cisco WebEx Recording Format and Advanced Recording Format Players Cisco Systems Product Security Incident Response Team (Sep 04)
- [SECURITY] [DSA 2751-1] libmodplug security update Raphael Geissert (Sep 04)
- [ MDVSA-2013:226 ] roundcubemail security (Sep 05)
- CFP: WorldCIST'14 - World Conference on IST; Best papers published in ISI Journals Maria Lemos (Sep 07)
- APPLE-SA-2013-09-06-1 AirPort Base Station Firmware Update 7.6.4 Mihaela Popescu-Stanesti (Sep 07)
- <Possible follow-ups>
- APPLE-SA-2013-09-06-1 AirPort Base Station Firmware Update 7.6.4 Apple Product Security (Sep 07)
- [CORE-2013-0809] Sophos Web Protection Appliance Multiple Vulnerabilities CORE Advisories Team (Sep 08)
- Event Easy Calendar 1.0.0 WP plugin roguecoder (Sep 10)
- [SECURITY] [DSA 2752-1] phpbb3 security update Thijs Kinkhorst (Sep 10)
- [CVE-2013-5701] Watchguard Server Center v11.7.4 wgpr.dll Insecure Library Loading Local Privilege Escalation Vulnerability Julien Ahrens (Sep 10)
- [slackware-security] subversion (SSA:2013-251-01) Slackware Security Team (Sep 10)
- [ MDVSA-2013:227 ] python-setuptools security (Sep 10)
- Multiple vulnerabilities on D-Link Dir-505 devices alessandro . dipinto (Sep 10)
- Open-Xchange Security Advisory 2013-09-10 Martin Braun (Sep 10)
- [ MDVSA-2013:228 ] cacti security (Sep 10)
- FreeBSD Security Advisory FreeBSD-SA-13:12.ifioctl FreeBSD Security Advisories (Sep 10)
- FreeBSD Security Advisory FreeBSD-SA-13:13.nullfs FreeBSD Security Advisories (Sep 10)
- FreeBSD Security Advisory FreeBSD-SA-13:10.sctp [REVISED] FreeBSD Security Advisories (Sep 10)
- FreeBSD Security Advisory FreeBSD-SA-13:11.sendfile FreeBSD Security Advisories (Sep 10)
- FreeBSD Security Advisory FreeBSD-SA-13:09.ip_multicast [REVISED] FreeBSD Security Advisories (Sep 10)
- [ MDVSA-2013:229 ] bzr security (Sep 10)
- [security bulletin] HPSBPV02918 rev.1 - HP ProCurve Manager (PCM), HP PCM+ and HP Identity Driven Manager (IDM), SQL Injection, Remote Code Execution, Session Reuse security-alert (Sep 10)
- eTransfer Lite v1.0 iOS - Persistent Filename Vulnerability Vulnerability Lab (Sep 11)
- Talkie Bluetooth Video iFiles 2.0 iOS - Multiple Vulnerabilities Vulnerability Lab (Sep 11)
- Synology DSM multiple vulnerabilities Andrea Fabrizi (Sep 11)
- [security bulletin] HPSBUX02926 SSRT101281 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS) security-alert (Sep 11)
- [SECURITY] [DSA 2754-1] exactimage security update Raphael Geissert (Sep 11)
- Microsoft SharePoint 2013 (Cloud) - Persistent Exception Handling Web Vulnerability Vulnerability Lab (Sep 11)
- Insecure CHIASMUS encryption in GSTOOL Jan Schejbal (Sep 11)
- Cross-Site Scripting (XSS) in WikkaWiki High-Tech Bridge Security Research (Sep 11)
- ProFTPd mod_sftp/mod_sftp_pam invalid pool allocation in kbdint authentication king cope (Sep 11)
- [SECURITY] [DSA 2755-1] python-django security update Salvatore Bonaccorso (Sep 11)
- OWASP Zed Attack Proxy 2.2.0 psiinon (Sep 11)
- [ MDVSA-2013:230 ] gdm security (Sep 11)
- [security bulletin] HPSBUX02928 SSRT101274 rev.1 - HP-UX running perl, Remote Denial of Service (DoS) security-alert (Sep 11)
- [ MDVSA-2013:231 ] openswan security (Sep 12)
- [iBliss Security Advisory] Cross-Site Scripting (XSS) vulnerability in Design-approval-system wordpress plugin Alexandro Silva (Sep 13)
- APPLE-SA-2013-09-12-1 OS X Mountain Lion v10.8.5 and Security Update 2013-004 Apple Product Security (Sep 13)
- APPLE-SA-2013-09-12-2 Safari 5.1.10 Apple Product Security (Sep 13)
- WordPress Fixes Multiple Vulnerabilities With 3.6.1 Release danielthomson72 (Sep 13)
- OpenSSL,OpenSSH ecdsa authentication code inconsistent return values.. no vulnerability? king cope (Sep 13)
- [SECURITY] [DSA 2753-1] mediawiki security update Thijs Kinkhorst (Sep 13)
- [ MDVSA-2013:233 ] python-OpenSSL security (Sep 13)
- [SECURITY] [DSA 2756-1] wireshark security update Moritz Muehlenhoff (Sep 13)
- Zimbra Collaboration Suite (ZCS) Session Replay Vulnerability brianwarehime (Sep 13)
- [ MDVSA-2013:232 ] libmodplug security (Sep 13)
- [ MDVSA-2013:234 ] python-django security (Sep 13)
- [SECURITY] [DSA 2757-1] wordpress security update Yves-Alexis Perez (Sep 16)
- Moodle 2.5.0-1 (badges/external.php) PHP Object Injection Vulnerability emilio . pinn (Sep 16)
- OWASP ESAPI Security Advisory: MAC Bypass in ESAPI Symmetric Encryption Kevin W. Wall (Sep 16)
- Botconf 2013 - Pre-programme pubished & registration open (Nantes, France, 5-6/12/2013) Eric Freyssinet (Sep 16)
- [ MDVSA-2013:235 ] mediawiki security (Sep 16)
- ExpressionEngine 2.6 Persistent XSS Richard Clifford (Sep 17)
- EarthVPN certificate configuration vulnerabilities y6whynrzab (Sep 17)
- [ MDVSA-2013:236 ] subversion security (Sep 17)
- APPLE-SA-2013-09-17-1 OS X Server v2.2.2 Apple Product Security (Sep 17)
- [SECURITY] [DSA 2758-1] python-django security update Salvatore Bonaccorso (Sep 17)
- [slackware-security] mozilla-firefox (SSA:2013-260-02) Slackware Security Team (Sep 18)
- [slackware-security] mozilla-thunderbird (SSA:2013-260-03) Slackware Security Team (Sep 18)
- [ MDVSA-2013:237 ] firefox security (Sep 18)
- SQL Injection in vtiger CRM High-Tech Bridge Security Research (Sep 18)
- [SECURITY] [DSA 2759-1] iceweasel security update Moritz Muehlenhoff (Sep 18)
- [SECURITY] [DSA 2760-1] chrony security update Moritz Muehlenhoff (Sep 18)
- [security bulletin] HPSBMU02917 rev.1 - HP System Management Homepage (SMH) running on Linux and Windows, Remote Command Execution and Privilege Escalation security-alert (Sep 18)
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco Prime Data Center Network Manager Cisco Systems Product Security Incident Response Team (Sep 18)
- Cisco Security Advisory: Cisco Prime Central for Hosted Collaboration Solution Assurance Unauthenticated Username and Password Enumeration Vulnerability Cisco Systems Product Security Incident Response Team (Sep 18)
- APPLE-SA-2013-09-18-1 iTunes 11.1 Apple Product Security (Sep 18)
- APPLE-SA-2013-09-18-2 iOS 7 Apple Product Security (Sep 18)
- [security bulletin] HPSBUX02927 SSRT101288 rev.1 - HP-UX Apache Web Server, Remote Execution of Arbitrary Code, Denial of Service (DoS) security-alert (Sep 18)
- APPLE-SA-2013-09-18-3 Xcode 5.0 Apple Product Security (Sep 18)
- CVE-2013-5210 Adtran Netvanta Remote Code Injection via XSS J. Oquendo (Sep 18)
- Wordpress Plugin Complete Gallery Manager 3.3.3 - Arbitrary File Upload Vulnerability Vulnerability Lab (Sep 18)
- [security bulletin] HPSBMU02900 rev.3 - HP System Management Homepage (SMH) running on Linux and Windows, Multiple Remote and Local Vulnerabilities security-alert (Sep 18)
- [slackware-security] glibc (SSA:2013-260-01) Slackware Security Team (Sep 18)
- An Analysis of the (In)Security State of the GameHouse Game Installation Mechanism RBS Research (Sep 19)
- [PT-2013-41] Arbitrary Code Execution in Ajax File and Image Manager noreply (Sep 19)
- [ MDVSA-2013:238 ] wireshark security (Sep 19)
- Re: %windir%\temp\sso\ssoexec.dll (or: howtrustworthy is Microsoft's build process) Stefan Kanthak (Sep 19)
- [ MDVSA-2013:239 ] wordpress security (Sep 19)
- [SECURITY] [DSA 2761-1] puppet security update Raphael Geissert (Sep 19)
- [security bulletin] HPSBGN02925 rev.1 - HP IceWall SSO, IceWall File Manager and IceWall Federation Agent, Multiple Remote Unauthorized Access Vulnerabilities security-alert (Sep 19)
- Paypal Inc Bug Bounty #99 - Filter Bypass & Persistent Web Vulnerability Vulnerability Lab (Sep 19)
- [security bulletin] HPSBGN02923 rev.1 - HP ArcSight Enterprise Security Manager Management Web Interface, Remote Cross Site Scripting (XSS) security-alert (Sep 19)
- [iBliss Security Advisory] Blind SQL injection vulnerability in NOSpamPTI wordpress plugin Alexandro Silva (Sep 20)
- Monstra CMS v1.2.0 - Blind SQL Injection Vulnerability Vulnerability Lab (Sep 20)
- APPLE-SA-2013-09-20-1 Apple TV 6.0 Apple Product Security (Sep 20)
- [security bulletin] HPSBST02919 rev.1 - HP XP P9000 Command View Advanced Edition Suite Software, Remote Cross Site Scripting (XSS) security-alert (Sep 20)
- Wordpress fgallery_plus Plugin Xss vulnerabilities iedb . team (Sep 22)
- <Possible follow-ups>
- Wordpress fgallery_plus Plugin Xss vulnerabilities iedb . team (Sep 23)
- Wordpress fgallery_plus Plugin Xss vulnerabilities iedb . team (Sep 23)
- [ANN] Struts 2.3.15.2 GA release available - security fix Lukasz Lenart (Sep 23)
- Re: [ANN] Struts 2.3.15.2 GA release available - security fix Emi Lu (Sep 23)
- [SECURITY] [DSA 2762-1] icedove security update Moritz Muehlenhoff (Sep 23)
- [IBliss Security Advisory] Cross-site scripting ( XSS ) in Bradesco gateway wordpress plugin Alexandro Silva (Sep 23)
- Re: DC4420 - London DEFCON - September meet - Tuesday 24th September 2013 Tony Naggs (Sep 24)
- CVE-2013-5118 - XSS Good for Enterprise iOS mario (Sep 24)
- [SECURITY] [DSA 2763-1] pyopenssl security update Salvatore Bonaccorso (Sep 24)
- GreHack 2013 - 15 Nov. Grenoble, France - Conf. Registration OPEN Fab Duchene (Sep 25)
- Multiple Vulnerabilities in X2CRM High-Tech Bridge Security Research (Sep 25)
- [ MDVSA-2013:240 ] glpi security (Sep 25)
- [ MDVSA-2013:241 ] perl-Crypt-DSA security (Sep 25)
- [security bulletin] HPSBMU02872 SSRT101185 rev.2 - HP Service Manager, Remote Disclosure of Information, Cross Site Scripting(XSS) security-alert (Sep 25)
- Cisco Security Advisory: Cisco IOS Software Queue Wedge Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Sep 26)
- Cisco Security Advisory: Cisco IOS Software IPv6 Virtual Fragmentation Reassembly Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Sep 26)
- Cisco Security Advisory: Cisco IOS Software Network Address Translation Vulnerabilities Cisco Systems Product Security Incident Response Team (Sep 26)
- Cisco Security Advisory: Cisco IOS Software Zone-Based Firewall and Content Filtering Vulnerability Cisco Systems Product Security Incident Response Team (Sep 26)
- AW: Cisco Security Advisory: Cisco IOS Software Zone-Based Firewall and Content Filtering Vulnerability Aichhorn, Herbert (Sep 26)
- Cisco Security Advisory: Cisco IOS Software Multicast Network Time Protocol Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Sep 26)
- Cisco Security Advisory: Cisco IOS Software DHCP Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Sep 26)
- Cisco Security Advisory: Cisco IOS Software Internet Key Exchange Memory Leak Vulnerability Cisco Systems Product Security Incident Response Team (Sep 26)
- Cisco Security Advisory: Cisco IOS Software Resource Reservation Protocol Interface Queue Wedge Vulnerability Cisco Systems Product Security Incident Response Team (Sep 26)
- joomla com_zimbcomment Components Local File Include vulnerability iedb . team (Sep 26)
- <Possible follow-ups>
- Re:joomla com_zimbcomment Components Local File Include vulnerability Sergio Tam (Sep 26)
- [SECURITY] [DSA 2764-1] libvirt security update Moritz Muehlenhoff (Sep 26)
- XAMPP 1.8.1 Local Write Access Vulnerability ISecAuditors Security Advisories (Sep 26)
- [ MDVSA-2013:242 ] kernel security (Sep 26)
- [ISecAuditors Security Advisories] Multiple Reflected Cross-Site Scripting vulnerabilities ISecAuditors Security Advisories (Sep 26)
- ESA-2013-060: EMC VPLEX Information Disclosure Vulnerability Security Alert (Sep 26)
- APPLE-SA-2013-09-26-1 iOS 7.0.2 Apple Product Security (Sep 26)
- [SECURITY] [DSA 2765-1] davfs2 security update Luciano Bello (Sep 26)
- [SECURITY] [DSA 2766-1] linux-2.6 security update dann frazier (Sep 30)
- [ MDVSA-2013:243 ] polkit security (Sep 30)
- [IBliss Security Advisory] Cross-site scripting ( XSS ) in PHP IDNA Convert Alexandro Silva (Sep 30)
- Linux Kernel Patches For Linux Kernel Security geinblues (Sep 30)
- [slackware-security] seamonkey (SSA:2013-271-01) Slackware Security Team (Sep 30)
- [SECURITY] [DSA 27671-1] proftpd-dfsg security update Nico Golde (Sep 30)
- [CVE-2013-5725] - Byword for iOS Data Destruction Vulnerability guillaume (Sep 30)
- Firefox for Android - Same-origin bypass through symbolic links Takeshi Terada (Sep 30)
- Open-Xchange Security Advisory 2013-09-30 Martin Braun (Sep 30)
- [ MDVSA-2013:244 ] davfs2 security (Sep 30)
- CVE-2130-5680, HylaFAX+ heap overflow, unchecked network traffic. Dennis Jenkins (Sep 30)