Full Disclosure: by date
RSS Feed
About List
All Lists
Previous period
339 messages
starting Oct 01 09 and
ending Oct 30 09
Date index |
Thread index |
Author index
Thursday, 01 October
ZDI-09-067: Novell NetWare NFS Portmapper and RPC Module Stack Overflow Vulnerability Kate Fly
Microsuck delaying patch for SMB2 on purpose? Nick
mudos from pcapr.net Nakidi Sujaykumar-B22389
Re: Microsuck delaying patch for SMB2 on purpose? Rohit Patnaik
Re: Microsuck delaying patch for SMB2 on purpose? Sub
Re: Microsuck delaying patch for SMB2 on purpose? Chris
Re: Modifying SSH to Capture Login Credentials from Attackers Chris
Re: Microsuck delaying patch for SMB2 on purpose? G. D. Fuego
Exploiting memory corruption vulnerabilities on Internet Explorer 8 Freddie Vicious
Re: Microsuck delaying patch for SMB2 on purpose? Freddie Vicious
Re: Exploiting memory corruption vulnerabilities on Internet Explorer 8 Jared DeMott
Re: Exploiting memory corruption vulnerabilities on Internet Explorer 8 Freddie Vicious
[ MDVSA-2009:253 ] backuppc security
[ MDVSA-2009:254 ] graphviz security
Rooted CON 2010 - CFP Roman Medina-Heigl Hernandez
[USN-839-1] Samba vulnerabilities Marc Deslauriers
Re: Exploiting memory corruption vulnerabilities on Internet Explorer 8 Berend-Jan Wever
Re: Exploiting memory corruption vulnerabilities on Internet Explorer 8 Valdis . Kletnieks
Re: Exploiting memory corruption vulnerabilities on Internet Explorer 8 Michal Zalewski
[USN-840-1] OpenOffice.org vulnerabilities Jamie Strandboge
Re: Modifying SSH to Capture Login Credentials from Attackers my.hndl
Drupal CCK 5.x-1.10 XSS Vulnerability Justin Klein Keane
VMSA-2009-0013 VMware Fusion resolves two security issues VMware Security team
Re: So weev... Wintermute
Re: So weev... Wintermute
Friday, 02 October
Re: So weev... dramacrat
Re: VMSA-2009-0013 VMware Fusion resolves two security issues mu-b
libc:fts_*() Multiple Denial of Service Maksymilian Arciemowicz
So weev... Nobody Special
Drupal Service Links 6.x-1.0 XSS Vulnerability Justin Klein Keane
[SECURITY] [DSA 1898-1] New openswan packages fix denial of service Florian Weimer
Please ban the Trolls. full-censorship
[SECURITY] [DSA 1899-1] New strongswan packages fix denial of service Florian Weimer
[SECURITY] [DSA 1900-1] New PostgreSQL packages fix various problems Florian Weimer
Re: Please ban the Trolls. Stuart Dunkeld
THE FULL-CENSORSHIP MOVEMENT full-censorship
[ MDVSA-2009:255 ] perl-DBD-Pg security
Re: THE FULL-CENSORSHIP MOVEMENT vulcanius
n3td3v the new age martyr of the full-disclosure mailing list full-censorship
Re: So weev... GOBBLES
Re: n3td3v the new age martyr of the full-disclosure mailing list TheLearner
So weev... GOBBLES
Re: So weev... Wintermute
Re: So weev... Wintermute
Geeklog <= v1.6.0sr2 - Remote File Upload Jaloh Smith
Re: n3td3v the new age martyr of the full-disclosure mailing list meandmine
Saturday, 03 October
Re: Geeklog <= v1.6.0sr2 - Remote File Upload darky
Re: [EquipoFraude] Full Path Disclosure in most wordpress' plugins [?] Zerial.
Re: Exploiting memory corruption vulnerabilities on Internet Explorer 8 yersinia
n3td3v banned from full-disclosure mailing list full-censorship
Weev, AKA Andrew Auernheimer [Fullinfo Doc(TM) revision #1] full-censorship
Re: [Full-disclosure] Weev, AKA Andrew Auernheimer [Fullinfo Doc(TM) revision #1] TheLearner
Re: Weev, AKA Andrew Auernheimer [Fullinfo Doc(TM) revision #1] Probably Shadowgamers
Re: Exploiting memory corruption vulnerabilities on Internet Explorer 8 Freddie Vicious
n3td3v mentioned in a book? full-censorship
Sunday, 04 October
Re: n3td3v mentioned in a book? Gichuki John Chuksjonia
Re: n3td3v mentioned in a book? GOBBLES
Re: [EquipoFraude] Full Path Disclosure in most wordpress' plugins [?] Victor Antonio Torre Villahoz
Re: Geeklog <= v1.6.0sr2 - Remote File Upload Jaloh Smith
gmail pipe character inconsistencies and fun com|com pipecharacter
Re: Geeklog <= v1.6.0sr2 - Remote File Upload Andrew Farmer
Weev, AKA Andrew Auernheimer [Fullinfo Doc(TM) revision #3] TheLearner
Re: Geeklog <= v1.6.0sr2 - Remote File Upload 啊賢 .
Re: Windows Vista/7 : SMB2.0 NEGOTIATE PROTOCOL REQUEST Remote B.S.O.D. laurent gaffie
Monday, 05 October
[SECURITY] [DSA 1901-1] New mediawiki1.7 packages fix several vulnerabilities Giuseppe Iuculano
Yahoo cookie stealer Pasca
[SECURITY] [DSA 1902-1] New elinks packages fix arbitrary code execution Moritz Muehlenhoff
null-prefix certificate for paypal Tim Jones
[USN-841-1] GLib vulnerability Kees Cook
Advisory: Cross-Site Scripting flaw in AfterLogic WebMail Pro Sébastien Duquette
GV-2009-01 : Cross-Site Scripting flaw in AfterLogic WebMail Pro Sébastien Duquette
Tuesday, 06 October
when I grow up RandallM
Re: when I grow up T Biehn
Re: when I grow up T Biehn
[USN-842-1] Wget vulnerability Marc Deslauriers
[USN-843-1] BackupPC vulnerability Marc Deslauriers
Re: when I grow up Valdis . Kletnieks
CORE-2009-0922: Jetty Persistent XSS in Sample Cookies Application CORE Security Technologies Advisories
[ MDVSA-2009:256 ] dbus security
[ MDVSA-2009:257 ] qemu security
Wednesday, 07 October
Re: Dear friend - o z - .
Source for USB stick with hardware write-protect? K K
[ MDVSA-2009:258 ] openssl security
Re: Source for USB stick with hardware write-protect? Thierry Zoller
Re: Source for USB stick with hardware write-protect? K K
[SECURITY] [DSA 1903-1] New graphicsmagick packages fix several vulnerabilities Giuseppe Iuculano
iDefense Security Advisory 10.07.09: IBM AIX rpc.cmsd Stack Buffer Overflow Vulnerability iDefense Labs
Riorey "RIOS" Hardcoded Password Vulnerability full-disclosure-bounces
[ MDVSA-2009:259 ] snort security
Re: Riorey "RIOS" Hardcoded Password Vulnerability Rohit Patnaik
Thursday, 08 October
Re: Source for USB stick with hardware write-protect? Joe
Re: Source for USB stick with hardware write-protect? Willem Koenings
[USN-844-1] mimeTeX vulnerabilities Marc Deslauriers
[USN-845-1] Pan vulnerability Marc Deslauriers
[ MDVSA-2009:217-1 ] mozilla-thunderbird security
FreeBSD 6.4 pipeclose()/knlist_cleardel() race condition exploit Przemyslaw Frasunek
[ MDVSA-2009:217-2 ] mozilla-thunderbird security
Re: Source for USB stick with hardware write-protect? Michael Holstein
Re: Source for USB stick with hardware write-protect? Thierry Zoller
FreeBSD 7.2 VFS/devfs race condition exploit Przemyslaw Frasunek
[USN-846-1] ICU vulnerability Jamie Strandboge
Attack pattern selection criteria for IPS products srujan
Re: Attack pattern selection criteria for IPS products Valdis . Kletnieks
[USN-847-1] Devscripts vulnerability Jamie Strandboge
[ MDVSA-2009:261 ] graphicsmagick security
When is it valid to claim that a vulnerability leads to a remote attack? Jonathan Leffler
[ MDVSA-2009:260 ] imagemagick security
Friday, 09 October
Re: When is it valid to claim that a vulnerability leads to a remote attack? Thierry Zoller
Re: When is it valid to claim that a vulnerability leads to a remote attack? Valdis . Kletnieks
[SECURITY] [DSA 1904-1] New wget packages fix SSL certificate verification weakness Giuseppe Iuculano
Cellphone with USB host Mohammad Hosein
Re: Attack pattern selection criteria for IPS products srujan
CA20091008-01: Security Notice for CA Anti-Virus Engine Williams, James K
[ MDVSA-2009:262 ] netpbm security
[USN-847-2] devscripts vulnerability Jamie Strandboge
Re: When is it valid to claim that a vulnerability leads to a remote attack? Paul Schmehl
[ MDVSA-2009:263 ] sympa security
Re: Attack pattern selection criteria for IPS products Rohit Patnaik
Re: [Dailydave] R. RHEL, RHCS, and Selinux : hype, reality or dream? Marco Ermini
Re: When is it valid to claim that a vulnerability leads to a remote attack? Elazar Broad
[ MDVSA-2009:265 ] egroupware security
[ MDVSA-2009:264 ] gd security
[SECURITY] [DSA 1895-2] New opensaml2 and shibboleth-sp2 packages fix regression Florian Weimer
Drupal 5.20 and 6.14 (Core) XSS Vulnerabilities Justin Klein Keane
Drupal 5.20 and 6.14 Filter Module (Core) XSS Vulnerabilities Justin Klein Keane
Drupal Wikitools 6.x-1.2 and 5.x-1.3 XSS Vulnerability Justin Klein Keane
[ MDVSA-2009:266 ] awstats security
Drupal Wikitools 6.x-1.2 and 5.x-1.3 XSS Vulnerability Justin Klein Keane
Saturday, 10 October
Re: When is it valid to claim that a vulnerability leads to a remote attack? Thierry Zoller
Re: Cellphone with USB host Mohammad Hosein
Re: Cellphone with USB host Valdis . Kletnieks
Re: Cellphone with USB host Michael Lenz
[ MDVSA-2009:267 ] xmlsec1 security
[SECURITY] [DSA 1905-1] New python-django packages fix denial of service Nico Golde
Re: When is it valid to claim that a vulnerability leads to a remote attack? Chris
Re: When is it valid to claim that a vulnerability leads to a remote attack? Rohit Patnaik
Re: When is it valid to claim that a vulnerability leads to a remote attack? Chris
Re: When is it valid to claim that a vulnerability leads to a remote attack? Thor (Hammer of God)
Sunday, 11 October
Re: Attack pattern selection criteria for IPS products James Matthews
Re: When is it valid to claim that a vulnerability leads to a remote attack? James Matthews
Re: When is it valid to claim that a vulnerability leads to a remote attack? Jeremy Brown
money mule RandallM
Re: When is it valid to claim that a vulnerability leads to a remote attack? Paul Schmehl
Re: When is it valid to claim that a vulnerability leads to a remote attack? Thor (Hammer of God)
Monday, 12 October
Re: Remote buffer overflow in httpdx Freddie Vicious
Re: When is it valid to claim that a vulnerability leads to a remote attack? Valdis . Kletnieks
Re: Cellphone with USB host imipak
A CALL TO ARMS ON RESPONSIBLE DISCLOSURE Jean Trolleur
[ MDVSA-2009:268 ] mono security
[ MDVSA-2009:269 ] mono security
[SECURITY] [DSA 1906-1] End-of-life announcement for clamav in stable and oldstable Steffen Joeris
[ MDVSA-2009:270 ] wireshark security
[ MDVSA-2009:271 ] libnasl security
Re: [-SPAM-] Re: When is it valid to claim that a vulnerability leads to a remote attack? Thierry Zoller
[ MDVSA-2009:272 ] libmikmod security
[ MDVSA-2009:273 ] strongswan security
Tuesday, 13 October
[SECURITY] [DSA 1907-1] New kvm packages fix several vulnerabilities Giuseppe Iuculano
List Charter John Cartwright
DEFCON London - DC4420 October 2009 Meet - This Thursday 15th Major Malfunction
[ MDVSA-2009:274 ] phpmyadmin security
Re: Cellphone with USB host Michael Holstein
Re: Cellphone with USB host Shawn Merdinger
[ MDVSA-2009:275 ] python-django security
[G-SEC 46-2009] Computer Associates multiple products arbritary code execution Thierry Zoller
[ MDVSA-2009:276 ] python-django security
[BONSAI] XSS in Achievo - Customized XSS payload included Bonsai - Information Security
[BONSAI] SQL Injection in Achievo Bonsai - Information Security
iDefense Security Advisory 10.13.09: Adobe Acrobat and Reader U3D File Invalid Array Index Vulnerability iDefense Labs
Memory corruption when loading/unloading Adobe objects through EMBED tag in Firefox Berend-Jan Wever
MSIE Content-Encoding: deflate memory corruption vulnerability Berend-Jan Wever
iDefense Security Advisory 10.13.09: Adobe Acrobat and Reader Firefox Plugin Use After Free Vulnerability iDefense Labs
ZDI-09-069: Microsoft Windows Media Player Audio Voice Sample Rate Memory Corruption Vulnerability ZDI Disclosures
ZDI-09-070: Microsoft Internet Explorer Event Object Type Double-Free Vulnerability ZDI Disclosures
ZDI-09-071: Microsoft Internet Explorer writing-mode Memory Corruption Vulnerability ZDI Disclosures
ZDI-09-072: Microsoft Windows GDI+ TIFF Parsing Code Execution Vulnerability ZDI Disclosures
ZDI-09-073: Adobe Reader Compact Font Format Malformed Index Memory Corruption Vulnerability ZDI Disclosures
iDefense Security Advisory 10.13.09: Microsoft Windows GDI+ TIFF File Parsing Buffer Overflow Vulnerability iDefense Labs
iDefense Security Advisory 10.13.09: Microsoft Office Drawing Format Shape Properties Memory Corruption Vulnerability iDefense Labs
Re: Memory corruption when loading/unloading Adobe objects through EMBED tag in Firefox mrx
Re: Memory corruption when loading/unloading Adobe objects through EMBED tag in Firefox Rohit Patnaik
Re: Memory corruption when loading/unloading Adobe objects through EMBED tag in Firefox mrx
Re: Memory corruption when loading/unloading Adobe objects through EMBED tag in Firefox Rohit Patnaik
Re: Memory corruption when loading/unloading Adobe objects through EMBED tag in Firefox mrx
Re: Memory corruption when loading/unloading Adobe objects through EMBED tag in Firefox Rohit Patnaik
Re: Memory corruption when loading/unloading Adobe objects through EMBED tag in Firefox mrx
Re: ZDI-09-070: Microsoft Internet Explorer Event Object Type Double-Free Vulnerability 啊賢 .
Wednesday, 14 October
[Full-censorship]: Tarik Maliq and Michael Faulkner GOBBLES
[AntiSnatchOr] Pentaho BI-server multiple vulnerabilities Michele Orru
[AntiSnatchOr] Eclipse BIRT <= 2.2.1 Reflected XSS Michele Orru
[SECURITY] [DSA 1908-1] New samba packages fix several vulnerabilities Nico Golde
Multiple Vulnerabilities in Adobe Acrobat / Reader noreply-secresearch () fortinet com
Everfocus EDSR remote authentication bypass Andrea Fabrizi
[ MDVSA-2009:277 ] samba security
Secunia Research: Microsoft Office BMP Image Colour Handling Integer Overflow Secunia Research
Cisco Security Advisory: Cisco Unified Presence Denial of Service Vulnerabilities Cisco Systems Product Security Incident Response Team
[USN-848-1] Zope vulnerabilities Marc Deslauriers
[ MDVSA-2009:278 ] compiz-fusion-plugins-main security
[SECURITY] [DSA 1909-1] New postgresql-ocaml packages provide secure escaping Steffen Joeris
[SECURITY] [DSA 1910-1] New mysql-ocaml packages provide secure escaping Steffen Joeris
[SECURITY] [DSA 1911-1] New pygresql packages provide secure escaping Steffen Joeris
Thursday, 15 October
I miss Netdev. Steven James
Drupal XML Sitemap 6.x-1.1 XSS Vulnerability Justin Klein Keane
Snitz Forums 2000 Multiple Cross-Site Scripting Vulnerabilities Andrea Fabrizi
[ MDVSA-2009:279 ] ocaml-mysql security
[USN-849-1] libsndfile vulnerabilities Jamie Strandboge
Re: Drupal XML Sitemap 6.x-1.1 XSS Vulnerability Andrew Farmer
Friday, 16 October
n.runs-SA-2009.007 - Adobe Acrobat - Invalid pointer write could lead to arbitrary code execution security
Xpdf - Integer overflow which causes heap overflow and NULL pointer derefernce. Adam Zabrocki
Multiple Vulnerabilities in Adobe Acrobat / Reader noreply-secresearch () fortinet com
milw0rm Alexandru Balan
[SECURITY] [DSA 1912-1] New camlimages fix arbitrary code execution Steffen Joeris
Re: milw0rm Killian Faughnan
Re: milw0rm Kema Druma
Re: milw0rm Armando Oliveira
Re: I miss Netdev. McGhee, Eddie
Re: milw0rm McGhee, Eddie
Re: milw0rm Anders Klixbull
Re: milw0rm Juha-Matti Laurio
Re: Drupal XML Sitemap 6.x-1.1 XSS Vulnerability Jan G.B.
Re: Drupal XML Sitemap 6.x-1.1 XSS Vulnerability Justin Klein Keane
Re: Remote buffer overflow in httpdx Freddie Vicious
Re: I miss Netdev. Steven James
VMSA-2009-0014 VMware ESX patches for DHCP, Service Console kernel, and JRE resolve multiple security issues VMware Security Team
Re: milw0rm KF (lists)
Re: milw0rm Valdis . Kletnieks
Re: milw0rm Rohit Patnaik
CanSecWest 2010 CALL FOR PAPERS (deadline Nov 30, conf. Mar22-26) and PacSec (Nov 4/5) Selections Dragos Ruiu
Saturday, 17 October
Re: milw0rm Michal
Fwd: milw0rm Rohit Patnaik
Sunday, 18 October
Nikto 2.1.0 released david lodge
Re: I miss Netdev. Freddie Vicious
insecure elements in https protected pages Mohammad Hosein
Re: insecure elements in https protected pages G. D. Fuego
In-depth research on the recent PDF zero-day exploit (CVE-2009-3459) cocoruder
Monday, 19 October
Re: Nikto 2.1.0 released Saladino Patrick
Amiro.CMS Multiple XSS and Root folder disclosure Владимир Воронцов
Re: milw0rm Loup Samuel
3Com OfficeConnect Firewall/Router multiple remote Vulnerabilities Andrea Fabrizi
Re: insecure elements in https protected pages John Adams
Re: milw0rm yersinia
Re: milw0rm VeNoMouS
McKesson Horizon Clinical Infrastructure (HCI) version 7.6/7.8/10.0/10.1 hardcoded passwords graphic7
[SECURITY] [DSA 1913-1] New bugzilla packages fix SQL injection Giuseppe Iuculano
[Wordpress] Resource Exhaustion (Denial of Service) Zerial.
Re: milw0rm yersinia
Re: milw0rm Valdis . Kletnieks
Re: McKesson Horizon Clinical Infrastructure (HCI) version 7.6/7.8/10.0/10.1 hardcoded passwords Shawn Merdinger
Re: McKesson Horizon Clinical Infrastructure (HCI) version 7.6/7.8/10.0/10.1 hardcoded passwords Rohit Patnaik
[ MDVSA-2009:280 ] cups security
[ MDVSA-2009:281 ] cups security
[ MDVSA-2009:282 ] cups security
[ MDVSA-2009:283 ] cups security
Tuesday, 20 October
[CVE-2009-1479] Boxalino - Directory Traversal Vulnerability Axel Neumann
Re: milw0rm xsr
[ MDVSA-2009:284 ] gd security
NSOADV-2009-002: Websense Email Security Web Administrator DoS NSO Research
NSOADV-2009-003: Websense Email Security Cross Site Scripting NSO Research
[ GLSA 200910-01 ] Wget: Certificate validation error Alex Legler
[ MDVSA-2009:285 ] php security
Re: milw0rm Jubei Trippataka
Yahoo! apologises for lap dance at hack event Ivan .
Re: Yahoo! apologises for lap dance at hack event Stack Smasher
Re: Yahoo! apologises for lap dance at hack event Rohit Patnaik
Re: Yahoo! apologises for lap dance at hack event Jubei Trippataka
Wednesday, 21 October
Re: milw0rm VeNoMouS
turbodiff v1.01 beta released Nicolas A. Economou
Adobe Acrobat Reader up to 9.1.1 ONLY Linux integer overflow to heap overflow. Adam Zabrocki
Re: McKesson Horizon Clinical Infrastructure (HCI) version 7.6/7.8/10.0/10.1 hardcoded passwords Michael Krymson
Re: McKesson Horizon Clinical Infrastructure (HCI) version 7.6/7.8/10.0/10.1 hardcoded passwords Shawn Merdinger
[ MDVSA-2009:286 ] ocaml-camlimages security
[USN-850-1] poppler vulnerabilities Marc Deslauriers
[USN-851-1] Elinks vulnerabilities Jamie Strandboge
[USN-852-1] Linux kernel vulnerabilities Kees Cook
Thursday, 22 October
Everfocus EDR1600 remote authentication bypass Andrea Fabrizi
How to own a windows domain - video tutorial Z
[ MDVSA-2009:287 ] xpdf security
[ GLSA 200910-02 ] Pidgin: Multiple vulnerabilities Tobias Heinlein
[USN-850-2] poppler regression Marc Deslauriers
Re: NSOADV-2009-003: Websense Email Security Cross Site Scripting Hubbard, Dan
Snort <= 2.8.5 IPV6 Remote DoS laurent gaffie
H D Moore sells Metasploit: Open source project in commercial hands Ivan .
Re: H D Moore sells Metasploit: Open source project in commercial hands Rohit Patnaik
Re: H D Moore sells Metasploit: Open source project in commercial hands James Lay
Re: H D Moore sells Metasploit: Open source project in commercial hands Ivan .
Friday, 23 October
[SECURITY] [DSA 1914-1] New mapserver packages fix serveral vulnerabilities Nico Golde
Israelis, take note Gadi Evron
nginx null pointer dereference zeus penguin
Re: Israelis, take note bodik
Re: Israelis, take note Andrew A
Re: Israelis, take note Samuel Beckett
Re: Israelis, take note Andrew A
Re: Israelis, take note ghost
Re: Israelis, take note Elonym (elone)
[SECURITY] [DSA 1915-1] New Linux 2.6.26 packages fix several vulnerabilities dann frazier
[ MDVSA-2009:288 ] proftpd security
Saturday, 24 October
[SECURITY] [DSA 1912-2] New advi packages fix arbitrary code execution Steffen Joeris
[SECURITY] [DSA 1916-1] New kdelibs packages fix SSL certificate verification weakness Giuseppe Iuculano
[SECURITY] [DSA 1917-1] New mimetex packages fix several vulnerabilities Giuseppe Iuculano
[US-1984-1] JTTF (Joint Terrorism Task Force) and Fusion Center. Common Sense. GOBBLES
Jetty 6.x and 7.x Multiple Vulnerabilities ascii
Sunday, 25 October
[ GLSA 200910-03 ] Adobe Reader: Multiple vulnerabilities Alex Legler
Monday, 26 October
squidGuard 1.3 & 1.4 : buffer overflow majinboo
AST-2009-007: ACL not respected on SIP INVITE Asterisk Security Team
Hash laurent gaffie
Tuesday, 27 October
iAWACS PWN2RM Challenge Results Anthony . DESNOS
[SECURITY] [DSA 1918-1] New phpmyadmin packages fix several vulnerabilities Thijs Kinkhorst
[SECURITY] [DSA 1919-1] New smarty packages fix several vulnerabilities Thijs Kinkhorst
[SECURITY] [DSA-1920-1] New nginx packages fix denial of service Stefan Fritsch
Cherokee Web Server 0.5.4 Denial Of Service usman
Strange repeating probes to port 80 boris mutina
Invalid #PF Exception Code in VMware can result in Guest Privilege Escalation Tavis Ormandy
VMSA-2009-0015 VMware hosted products and ESX patches resolve two security issues VMware Security Team
[ MDVSA-2009:289 ] kernel security
[G-SEC 47-2009] Symantec generic PDF detection bypass Thierry Zoller
[G-SEC 48-2009] F-SECURE - Generic PDF detection bypass Thierry Zoller
[G-SEC 49-2009] McAfee generic PDF detection bypass Thierry Zoller
Re: Hash Fionnbharr
Wednesday, 28 October
Hijacking Opera's Native Page using malicious RSS payloads Inferno
iDefense Security Advisory 10.28.09: Mozilla Firefox GIF Color Map Parsing Buffer Overflow Vulnerability iDefense Labs
[SECURITY] [DSA 1922-1] New xulrunner packages fix several vulnerabilities Moritz Muehlenhoff
Re: Hash laurent gaffie
Thursday, 29 October
Re: Hash Fionnbharr
Mariposa Botnet C&C decryption plugin for wireshark Megumi Yanagishita
ZDI-09-074: Multiple Vendor Hummingbird STR Service Stack Overflow Vulnerability ZDI Disclosures
[SECURITY] [DSA 1921-1] New expat packages fix denial of service Giuseppe Iuculano
Secunia Research: Mozilla Firefox Floating Point Memory Allocation Vulnerability Secunia Research
FRHACK 01 Epic fail keynote John Smith
[ MDVSA-2009:290 ] firefox security
2wire Remote Denial of Service hkm
Re: iDefense Security Advisory 10.28.09: Mozilla Firefox GIF Color Map Parsing Buffer Overflow Vulnerability Sébastien Hénarès
[ MDVSA-2009:291 ] jetty5 security
Mura CMS Vladimir Vorontsov
SafeNet SoftRemote Local Buffer Overflow - Security Advisory - SOS-09-008 Lists
Friday, 30 October
CVE-2009-1979 (Oracle RDBMS) Dennis Yurichev
problems with - [USN-850-1] poppler vulnerabilities peter mcbrien
[SECURITY] [DSA 1923-1] New libhtml-parser-perl packages fix denial of service Nico Golde
CubeCart 4 Session Management Bypass Bogdan Calin
SecurityReason: Multiple BSD printf(1) and multiple dtoa/*printf(3) vulnerabilities Maksymilian Arciemowicz
[USN-853-1] Firefox and Xulrunner vulnerabilities Jamie Strandboge