Full Disclosure: by author
382 messages
starting Apr 15 12 and
ending Apr 24 12
Date index |
Thread index |
Author index
_
Re: Most Linux distributions don't use tmpfs nor encrypt swap by default _ (Apr 15)
アドリアンヘンドリック
Re(3): An April Fools' Day Android Payload アドリアンヘンドリック (Apr 02)
Re(2): An April Fools' Day Android Payload アドリアンヘンドリック (Apr 02)
Aaron T. Myers
[CVE-2012-1574] Apache Hadoop user impersonation vulnerability Aaron T. Myers (Apr 06)
Abhijeet Patil
[Announcement] CHMag's Issue 27, April 2012 Released Abhijeet Patil (Apr 18)
ACROS Security Lists
ACROS Blog: Adobe Reader X (10.1.2) msiexec.exe Planting ACROS Security Lists (Apr 11)
adam
Re: Windows XP denial of service 0day found in CTF exercise adam (Apr 17)
Adam Behnke
Hacking AutoUpdate by Injecting Fake Updates Adam Behnke (Apr 03)
Erronous post concerning Backtrack 5 R2 0day Adam Behnke (Apr 12)
Backtrack 5 R2 priv escalation 0day found in CTF exercise Adam Behnke (Apr 11)
Hacking WolframAlpha Adam Behnke (Apr 24)
SQL Injection through HTTP Headers Adam Behnke (Apr 04)
Windows XP denial of service 0day found in CTF exercise Adam Behnke (Apr 16)
Adam Zabrocki
Apache 2.2.xx 0day exploit Adam Zabrocki (Apr 02)
Akita Software Security
.NET Framework EncoderParameter integer overflow vulnerability Akita Software Security (Apr 23)
Alex Buie
Re: phpMyBible 0.5.1 Mutiple XSS Alex Buie (Apr 23)
Re: Fwd: Vulnerability research and exploit writing Alex Buie (Apr 25)
Almaz
March 2012 mini Threat Intelligence report Almaz (Apr 01)
Andrew Farmer
Re: Re(2): An April Fools' Day Android Payload Andrew Farmer (Apr 02)
Asterisk Security Team
AST-2012-004: Asterisk Manager User Unauthorized Shell Access Asterisk Security Team (Apr 23)
AST-2012-005: Heap Buffer Overflow in Skinny Channel Driver Asterisk Security Team (Apr 23)
AST-2012-006: Remote Crash Vulnerability in SIP Channel Driver Asterisk Security Team (Apr 23)
Benjamin Kreuter
Re: incorrect integer conversions in OpenSSL can result in memory corruption. Benjamin Kreuter (Apr 19)
Benji
Re: Vulnerability in Gentoo hardened Benji (Apr 25)
Re: Vulnerability in Gentoo hardened Benji (Apr 25)
Re: Vulnerability in Gentoo hardened Benji (Apr 25)
Re: Erronous post concerning Backtrack 5 R2 0day Benji (Apr 12)
Re: Vulnerability in Gentoo hardened Benji (Apr 25)
Re: Compromised VPN provider out there? Benji (Apr 10)
BMF
Re: phpMyBible 0.5.1 Mutiple XSS BMF (Apr 22)
Re: phpMyBible 0.5.1 Mutiple XSS BMF (Apr 22)
Bob McConnell
Re: We're now paying up to $20, 000 for web vulns in our services Bob McConnell (Apr 27)
Carlo Di Dato
LibreOffice 3.5.2.2 - memory corruption with a specific .rtf file Carlo Di Dato (Apr 18)
SumatraPDF v2.0.1 chm and mobi files memory corruption Carlo Di Dato (Apr 23)
BeyondCHM 1.1 Buffer Overflow Carlo Di Dato (Apr 24)
Mobipocket Reader version 6.2 Build 608 Buffer Overflow Carlo Di Dato (Apr 23)
Carl "Thomas" Guething
Re: mac trojan Carl "Thomas" Guething (Apr 06)
cfp
Ruxcon 2012 Call For Papers cfp (Apr 19)
Champ Clark III
Sagan 0.2.1 [Security Event/Log Analyzer] Released. Champ Clark III (Apr 05)
Charles Morris
Re: Hacking AutoUpdate by Injecting Fake Updates Charles Morris (Apr 03)
Re: We're now paying up to $20, 000 for web vulns in our services Charles Morris (Apr 24)
Charlie Derr
Re: [funsec] mac trojan Charlie Derr (Apr 06)
Re: We're now paying up to $20, 000 for web vulns in our services Charlie Derr (Apr 27)
Christian Sciberras
Re: DoS vulnerability in WordPress Christian Sciberras (Apr 20)
Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Buffer Overflow Vulnerabilities in the Cisco WebEx Player Cisco Systems Product Security Incident Response Team (Apr 04)
coderman
Re: (no subject) coderman (Apr 25)
CorryL
WordPress BruteForce Script CorryL (Apr 29)
Cristina Pascual
Last Mile, April 20 || CfP: SECURWARE 2012 || August 19-24, 2012 - Rome, Italy Cristina Pascual (Apr 12)
Dan Rosenberg
An April Fools' Day Android Payload Dan Rosenberg (Apr 01)
Re: An April Fools' Day Android Payload Dan Rosenberg (Apr 02)
Dave
Re: PenTest Market is for FREE Now Dave (Apr 06)
Re: new law proposal on EU against hacking tools and practices Dave (Apr 09)
Re: www.LEORAT.com is scam Dave (Apr 03)
Re: www.LEORAT.com is scam Dave (Apr 02)
Re: www.LEORAT.com is scam Dave (Apr 02)
David3 Gonnella
Re: Vulnerability in Backtrack David3 Gonnella (Apr 24)
Re: Joomla! Plugin - Beatz 1.x <= Multiple Cross Site Scripting Vulnerabilities David3 Gonnella (Apr 16)
ddivulnalert
DDIVRT-2012-41 ACTi Web Configurator cgi-bin Directory Traversal ddivulnalert (Apr 27)
DDIVRT-2012-40 PacketVideo TwonkyServer and TwonkyMedia Directory Traversal ddivulnalert (Apr 27)
Dennis
Re: mac trojan Dennis (Apr 05)
Disposable
Re: Vulnerability in Backtrack Disposable (Apr 25)
Dobbins, Roland
Re: Attacking Critical Internet Infrastructure Dobbins, Roland (Apr 22)
Douglas Huff
Re: incorrect integer conversions in OpenSSL can result in memory corruption. Douglas Huff (Apr 20)
Elazar Broad
Re: Fwd: Vulnerability research and exploit writing Elazar Broad (Apr 24)
Re: Windows XP denial of service 0day found in CTF exercise Elazar Broad (Apr 17)
fabrice
Re: FSA2012-1 and FSA2012-2: Chocolate easter egss vulnerable to egg white injection and usable as trojan horses. fabrice (Apr 07)
Fatherlaptop
Drop box Fatherlaptop (Apr 06)
Feighen Oosterbroek
Re: Most Linux distributions don't use tmpfs nor encrypt swap by default Feighen Oosterbroek (Apr 13)
Ferenc Kovacs
Fwd: Vulnerability research and exploit writing Ferenc Kovacs (Apr 24)
Fermín J . Serna
CVE-2012-0769, the case of the perfect info leak Fermín J . Serna (Apr 09)
Fernando Gont
IPv6 host scanning in IPv6 Fernando Gont (Apr 20)
Slides for "Recent Advances in IPv6 Security" at Hackito Ergo Sum 2012 Fernando Gont (Apr 14)
New IETF I-D: Security Implications of IPv6 on IPv4 networks Fernando Gont (Apr 24)
Filip Palian
Sourcefire Defense Center - multiple vulnerabilities. Filip Palian (Apr 04)
fireball9
Attacking Critical Internet Infrastructure fireball9 (Apr 22)
Florent Daigniere
[MATTA-2012-001] CVE-2012-1301; 0day; Open Proxy vulnerability in Umbraco 4.7 Florent Daigniere (Apr 05)
Florian Weimer
[SECURITY] [DSA 2459-1] quagga security update Florian Weimer (Apr 25)
Gabriel S. Craciun
Re: Full-Disclosure Digest, Vol 86, Issue 34 Gabriel S. Craciun (Apr 26)
Gage Bystrom
Re: keeping data safe offline Gage Bystrom (Apr 10)
Re: Vulnerability in Backtrack Gage Bystrom (Apr 24)
Re: Vulnerability in Backtrack Gage Bystrom (Apr 24)
Re: Working to get more people to check if their infected with DNS Changer Gage Bystrom (Apr 04)
Re: nullsec-bypass-aslr.pdf - ASLR / ASLR bypass techniques Gage Bystrom (Apr 15)
Georgi Guninski
Re: Vulnerability in Gentoo hardened Georgi Guninski (Apr 25)
So, so you think you can tell April 1 joke from a 0day? Georgi Guninski (Apr 01)
Re: We're now paying up to $20, 000 for web vulns in our services Georgi Guninski (Apr 25)
Re: Vulnerability in Gentoo hardened Georgi Guninski (Apr 25)
Grandma Eubanks
Re: Most Linux distributions don't use tmpfs nor encrypt swap by default Grandma Eubanks (Apr 12)
Hafez Kamal
[HITB-Announce] HITB Magazine Issue 008 (now with print edition!) Hafez Kamal (Apr 23)
Henri Salo
Re: PenTest is one year old now Henri Salo (Apr 20)
HI-TECH .
Last public release HI-TECH . (Apr 03)
imipak
FW: (no subject) imipak (Apr 25)
InterN0T Advisories
Re: Backtrack 5 R2 priv escalation 0day found in CTF exercise InterN0T Advisories (Apr 12)
DoS vulnerability in MustLive InterN0T Advisories (Apr 15)
Re: Brute Force vulnerability in WordPress InterN0T Advisories (Apr 04)
Re: DoS vulnerabilities in Firefox, Internet Explorer and Opera InterN0T Advisories (Apr 30)
Jacopo Cappellato
[CVE-2012-1621] Apache OFBiz information disclosure vulnerability Jacopo Cappellato (Apr 16)
[CVE-2012-1622] Apache OFBiz information disclosure vulnerability Jacopo Cappellato (Apr 16)
James Condron
Re: Vulnerability in Backtrack James Condron (Apr 25)
Re: Fwd: Vulnerability research and exploit writing James Condron (Apr 25)
Jason Hellenthal
Re: phpMyBible 0.5.1 Mutiple XSS Jason Hellenthal (Apr 23)
Re: Thor's Private Key Jason Hellenthal (Apr 09)
Re: HTC IQRD Android Permission Leakage (CVE-2012-2217) Jason Hellenthal (Apr 22)
Javier Reoyo
Re: DoS vulnerability in WordPress Javier Reoyo (Apr 17)
jc
RuggedCom - Backdoor Accounts in my SCADA network? You don't say... jc (Apr 24)
Jeff Kell
Re: STEP Security Jeff Kell (Apr 01)
Jeffrey Walton
Re: HTC IQRD Android Permission Leakage (CVE-2012-2217) Jeffrey Walton (Apr 21)
Re: incorrect integer conversions in OpenSSL can result in memory corruption. Jeffrey Walton (Apr 21)
Re: incorrect integer conversions in OpenSSL can result in memory corruption. Jeffrey Walton (Apr 21)
Re: phpMyBible 0.5.1 Mutiple XSS Jeffrey Walton (Apr 22)
Re: mac trojan Jeffrey Walton (Apr 05)
Jerome Athias
Opcodes Database Revival Jerome Athias (Apr 24)
Re: [New tool] - Exploit Pack - Web Security Jerome Athias (Apr 24)
XSS in UMP-Sarkozy mailer system Jerome Athias (Apr 30)
MoroccoTel Box Default Open Telnet Password Jerome Athias (Apr 25)
CWEs translation Jerome Athias (Apr 30)
Jim Harrison
Re: We're now paying up to $20, 000 for web vulns in our services Jim Harrison (Apr 25)
Re: We're now paying up to $20, 000 for web vulns in our services Jim Harrison (Apr 24)
Re: We're now paying up to $20, 000 for web vulns in our services Jim Harrison (Apr 26)
John Cartwright
List Charter John Cartwright (Apr 10)
John Jacobs
Re: PenTest Market is for FREE Now John Jacobs (Apr 06)
Jonathan Wiltshire
[SECURITY] [DSA 2448-1] inspircd security update Jonathan Wiltshire (Apr 10)
Jon Dowland
Re: Most Linux distributions don't use tmpfs nor encrypt swap by default Jon Dowland (Apr 19)
J. Oquendo
STEP Security J. Oquendo (Apr 01)
Jose Miguel Esparza
[Tool] New release of peepdf (PDF analysis) Jose Miguel Esparza (Apr 02)
Joxean Koret
Oracle TNS Poison vulnerability is actually a 0day with no patch available Joxean Koret (Apr 26)
The history of a -probably- 13 years old Oracle bug: TNS Poison Joxean Koret (Apr 18)
Justin C. Klein Keane
Re: Windows XP denial of service 0day found in CTF exercise Justin C. Klein Keane (Apr 17)
klondike
Vulnerability in Gentoo hardened klondike (Apr 24)
XSS parameter injection in the search field of http://chicasdetorbe.com klondike (Apr 20)
FSA2012-1 and FSA2012-2: Chocolate easter egss vulnerable to egg white injection and usable as trojan horses. klondike (Apr 07)
Krzysztof Marczyk
10 Ways to Enhance Your Career in Information Security Krzysztof Marczyk (Apr 18)
PenTest Market is for FREE Now Krzysztof Marczyk (Apr 06)
PenTest is one year old now Krzysztof Marczyk (Apr 20)
Kurt Seifried
Re: DoS vulnerability in WordPress Kurt Seifried (Apr 17)
Laurelai
Re: Vulnerability in Gentoo hardened Laurelai (Apr 25)
Re: phpMyBible 0.5.1 Mutiple XSS Laurelai (Apr 22)
Re: Vulnerability in Gentoo hardened Laurelai (Apr 25)
Re: Vulnerability in Gentoo hardened Laurelai (Apr 25)
Re: phpMyBible 0.5.1 Mutiple XSS Laurelai (Apr 22)
Re: Vulnerability in Gentoo hardened Laurelai (Apr 25)
Re: Vulnerability in Gentoo hardened Laurelai (Apr 25)
Re: Vulnerability in Gentoo hardened Laurelai (Apr 25)
Levent Kayan
nullsec-bypass-aslr.pdf - ASLR / ASLR bypass techniques Levent Kayan (Apr 15)
Lincoln Anderson
Re: Hacking WolframAlpha Lincoln Anderson (Apr 25)
luks
Weak password reset token & code exec in ownCloud 3.0.0 luks (Apr 20)
Major Malfunction
DC4420 - London DEFCON - April meet - Tuesday April 24th 2012 Major Malfunction (Apr 20)
Manu
PHP Denial of Service - Memory leak in getimagesize(). Manu (Apr 29)
Marcio B. Jr.
Re: We're now paying up to $20, 000 for web vulns in our services Marcio B. Jr. (Apr 27)
Mario Vilas
Re: [New tool] - Exploit Pack - Web Security Mario Vilas (Apr 24)
Re: [New tool] - Exploit Pack - Web Security Mario Vilas (Apr 26)
Mark J Cox
OpenSSL Security Advisory Mark J Cox (Apr 24)
Mark Krenz
Re: Most Linux distributions don't use tmpfs nor encrypt swap by default Mark Krenz (Apr 13)
Most Linux distributions don't use tmpfs nor encrypt swap by default Mark Krenz (Apr 12)
Re: Most Linux distributions don't use tmpfs nor encrypt swap by default Mark Krenz (Apr 17)
Mark Stanislav
'Hotel Booking Portal' SQL Injection (CVE-2012-1672) Mark Stanislav (Apr 04)
'phpPaleo' Local File Inclusion (CVE-2012-1671) Mark Stanislav (Apr 04)
'e-ticketing' SQL Injection (CVE-2012-1673) Mark Stanislav (Apr 04)
Martin Allert
Re: phpMyBible 0.5.1 Mutiple XSS Martin Allert (Apr 26)
Memory Vandal
Re: Windows XP denial of service 0day found in CTF exercise Memory Vandal (Apr 17)
Re: Windows XP denial of service 0day found in CTF exercise Memory Vandal (Apr 17)
Re: STEP Security Memory Vandal (Apr 01)
Mezgani Ali via LinkedIn
Invitation to connect on LinkedIn Mezgani Ali via LinkedIn (Apr 13)
mgogoulos
[Tool] Introducing plown: security scanner for Plone CMS mgogoulos (Apr 24)
Michael Wood
Re: FW: (no subject) Michael Wood (Apr 25)
Michal Zalewski
Re: We're now paying up to $20, 000 for web vulns in our services Michal Zalewski (Apr 24)
Re: Fwd: Vulnerability research and exploit writing Michal Zalewski (Apr 24)
Re: We're now paying up to $20, 000 for web vulns in our services Michal Zalewski (Apr 24)
FYI: We're now paying up to $20, 000 for web vulns in our services Michal Zalewski (Apr 23)
Michele Orru
Re: [New tool] - Exploit Pack - Web Security Michele Orru (Apr 26)
Re: [New tool] - Exploit Pack - Web Security Michele Orru (Apr 24)
Mihamina Rakotomandimby
Re: Windows XP denial of service 0day found in CTF exercise Mihamina Rakotomandimby (Apr 17)
Milan Berger
Re: Vulnerability in Gentoo hardened Milan Berger (Apr 24)
Moritz Muehlenhoff
[SECURITY] [DSA 2447-1] tiff security update Moritz Muehlenhoff (Apr 04)
[SECURITY] [DSA 2462-1] imagemagick security update Moritz Muehlenhoff (Apr 29)
[SECURITY] [DSA 2457-1] iceweasel security update Moritz Muehlenhoff (Apr 24)
[SECURITY] [DSA 2456-1] dropbear security update Moritz Muehlenhoff (Apr 24)
[SECURITY] [DSA 2461-1] spip security update Moritz Muehlenhoff (Apr 26)
[SECURITY] [DSA 2460-1] asterisk security update Moritz Muehlenhoff (Apr 25)
[SECURITY] [DSA 2548-1] iceape security update Moritz Muehlenhoff (Apr 24)
[SECURITY] [DSA 2446-1] libpng security update Moritz Muehlenhoff (Apr 04)
murtuja bharmal
nullcon Delhi 2012 Call for Paper/Call for Event murtuja bharmal (Apr 28)
MustLive
IA, CSRF and FPD vulnerabilities in Organizer for WordPress MustLive (Apr 26)
Re: DoS vulnerability in WordPress MustLive (Apr 20)
Re: Brute Force vulnerability in WordPress MustLive (Apr 04)
DoS vulnerabilities in Firefox, Internet Explorer and Opera MustLive (Apr 30)
DoS vulnerability in WordPress MustLive (Apr 15)
XSS and FPD vulnerabilities in Organizer for WordPress MustLive (Apr 22)
XSS, CSRF and AFU vulnerabilities in Organizer for WordPress MustLive (Apr 25)
Nahuel Grisolia
Dolibarr ERP & CRM OS Command Injection Nahuel Grisolia (Apr 06)
Netsparker Advisories
XSS and Blind SQL Injection Vulnerabilities in ExponentCMS Netsparker Advisories (Apr 23)
Nick FitzGerald
Re: STEP Security Nick FitzGerald (Apr 01)
Nico Golde
[SECURITY] [DSA 2455-1] typo3-src security update Nico Golde (Apr 20)
[SECURITY] [DSA 2453-2] gajim regression Nico Golde (Apr 19)
[SECURITY] [DSA 2453-1] gajim security update Nico Golde (Apr 16)
[SECURITY] [DSA 2451-1] puppet security update Nico Golde (Apr 13)
[SECURITY] [DSA 2449-1] sqlalchemy security update Nico Golde (Apr 12)
Nicolas Waisman
Hack Cup 2012 Nicolas Waisman (Apr 18)
Nikhil Mittal
Teensy USB HID (and Kautilya) for Penetration Testers - Part 2 - Basics of Arduino and Hello World Nikhil Mittal (Apr 09)
Teensy USB HID (and Kautilya) for Penetration Testers Nikhil Mittal (Apr 04)
nix
Re: Compromised VPN provider out there? nix (Apr 09)
noreply () exploitpack com
[New tool] - Exploit Pack - Web Security noreply () exploitpack com (Apr 24)
Patrick Klos
hi Patrick Klos (Apr 13)
paul . szabo
Mathematica8.0.4 on Linux /tmp/MathLink vulnerability paul . szabo (Apr 14)
Re: Mathematica8.0.4 on Linux /tmp/MathLink vulnerability paul . szabo (Apr 16)
Pedro Martelletto
Re: Most Linux distributions don't use tmpfs nor encrypt swap by default Pedro Martelletto (Apr 16)
Pete Herzog
Mind Control Security Awareness Pete Herzog (Apr 03)
psy
new law proposal on EU against hacking tools and practices psy (Apr 09)
CIntruder v0.2 released psy (Apr 26)
CIntruder v0.1 psy (Apr 09)
QUAKER DOOMER
winAUTOPWN v3.0 Released QUAKER DOOMER (Apr 17)
R00T_ATI
Re: WordPress BruteForce Script R00T_ATI (Apr 29)
Ramon de C Valle
Re: We're now paying up to $20, 000 for web vulns in our services Ramon de C Valle (Apr 24)
Ramon Driessen
(no subject) Ramon Driessen (Apr 25)
rancor
Re: FSA2012-1 and FSA2012-2: Chocolate easter egss vulnerable to egg white injection and usable as trojan horses. rancor (Apr 07)
RandallM
mac trojan RandallM (Apr 05)
Rand Flieger
Patrick Belcher Rand Flieger (Apr 12)
Raphael Geissert
[SECURITY] [DSA 2454-1] openssl security update Raphael Geissert (Apr 20)
[SECURITY] [DSA 2454-2] openssl incomplete fix Raphael Geissert (Apr 25)
Research
China Pujia Government - Blind SQL Injection Vulnerability Research (Apr 29)
EmbryoCore CMS v1.03 - Multiple Web Vulnerabilities Research (Apr 15)
CRUNCH TV SHOW - Live Stream & Security Videos Research (Apr 12)
Astaro Command Center v2.x - Multiple Web Vulnerabilities Research (Apr 03)
Havalite CMS v1.0.4 - Multiple Web Vulnerabilities Research (Apr 23)
US UF Services EDU Health - File Include Vulnerability Research (Apr 08)
CsForum v0.8 - Cross Site Scripting Vulnerability Research (Apr 08)
Pritlog v0.821 CMS - Multiple Web Vulnerabilities Research (Apr 30)
Opial CMS v2.0 - Multiple Web Vulnerabilities Research (Apr 29)
K-Meleon Browser v1.5.4 - Denial of Service Vulnerability Research (Apr 15)
IPhone TreasonSMS - HTML Inject & File Include Vulnerability Research (Apr 23)
Car Portal CMS v3.0 - Multiple Web Vulnerabilities Research (Apr 27)
Microsoft MSDN - Persistent Web Service Vulnerability Research (Apr 09)
GroupWare epesiBIM CRM 1.2.1 - Multiple Web Vulnerabilities Research (Apr 10)
China Pujiang Government - Blind SQL Injection Vulnerability Research (Apr 29)
Croogo v1.3.4 CMS - Multiple Web Vulnerabilities Research (Apr 29)
C4B XPhone UC Web 4.1.890S R1 - Cross Site Vulnerability Research (Apr 27)
National Center EDU Research - SQL Injection Vulnerability Research (Apr 10)
osCmax Shop CMS v2.5.1 - Multiple Web Vulnerabilities Research (Apr 08)
HITB2011KUL - Skype Vulnerabilities 0Day Exploitation PART 1 Research (Apr 01)
idev Game Site CMS v1.0 - Multiple Web Vulnerabilites Research (Apr 08)
ME Firewall Analyzer v7.2 - Cross Site Vulnerabilities Research (Apr 01)
Astaro Command Center v2.x - Multiple Web Vulnerabilities Research (Apr 08)
Microsoft Service - Persistent Web Vulnerabilities Research (Apr 15)
DHTMLX Suite v.3.0 - Multiple Web Vulnerabilities Research (Apr 12)
Crystal Office Suite v1.43 - Buffer Overflow Vulnerability Research (Apr 12)
Flatnux CMS 2011 08.09.2 - Multiple Web Vulnerabilities Research (Apr 01)
Oracle Service Applications - SQL Injection Vulnerabilities Research (Apr 12)
Microsoft AFKAR Website Service - Cross Site Vulnerabilities Research (Apr 15)
ACC PHP eMail v1.1 - Multiple Web Vulnerabilites Research (Apr 15)
Siche Search v.0.5 Zerboard - Multiple Web Vulnerabilities Research (Apr 15)
Microsoft MSN Hotmail - Password Reset & Setup Vulnerability Research (Apr 26)
Netjuke 1.0 RC1 - SQL Injection Vulnerabilities Research (Apr 12)
PSFTP v.1.8 Build 921 - Null Pointer (DoS) Vulnerability Research (Apr 23)
DirectAdmin v1.403 - Cross Site Scripting Vulnerability Research (Apr 02)
AnvSoft Any Video Converter 4.3.6 - Multiple Buffer Overflow Vulnerabilities Research (Apr 08)
EmbryoCore CMS v1.03 - Multiple Web Vulnerabilities Research (Apr 15)
BulletProof FTP Client 2010 - Buffer Overflow Vulnerability Research (Apr 02)
National Center EDU Research - SQL Injection Vulnerability Research (Apr 11)
DIY CMS v1.0 Poll - Multiple Web Vulnerabilities Research (Apr 27)
Astaro Security Gateway v7.504 - Multiple Web Vulnerabilities Research (Apr 08)
Matterdaddy Market v1.1 - SQL Injection Vulnerabilities Research (Apr 10)
Cyberoam UTM v10.01.2 build 059 - File Include Vulnerabilities Research (Apr 15)
Chengdu Bureau of Commerce - SQL Injection Vulnerability Research (Apr 23)
Cross Site Scripting - Exploitation & Penetration Strings Research (Apr 24)
SmartJobBoard v3.4 b5140 - Multiple Web Vulnerabilites Research (Apr 03)
DirectAdmin v1.403 - Multiple Cross Site Vulnerabilities Research (Apr 27)
C4B XPhone UC Web 4.1.890S R1 - Cross Site Vulnerability Research (Apr 29)
Swedish Army Web Database - SQL Injection Vulnerability Research (Apr 01)
Robert Kim App and Facebook Marketing
Re: [Announcement] CHMag's Issue 27, April 2012 Released Robert Kim App and Facebook Marketing (Apr 19)
Romain Bourdy
Re: Windows XP denial of service 0day found in CTF exercise Romain Bourdy (Apr 17)
Roman Medina-Heigl Hernandez
Re: Amongst data breaches and misc 'leakage', not necessarily digital, DEFCON CTF continues at DEFCON XX Roman Medina-Heigl Hernandez (Apr 13)
runlvl
[New Tool] - Exploit Pack - Web Security runlvl (Apr 23)
[Exploit Pack] - Web Security -Webinar Live demo! runlvl (Apr 26)
[New tool] - Exploit Pack - Web Security runlvl (Apr 23)
[Spanish] - Exploit Pack - Web Security Framework runlvl (Apr 13)
Ryan Dewhurst
Re: Erronous post concerning Backtrack 5 R2 0day Ryan Dewhurst (Apr 13)
Sanguinarious Rose
Re: www.LEORAT.com is scam Sanguinarious Rose (Apr 02)
Re: Brute Force vulnerability in WordPress Sanguinarious Rose (Apr 04)
sd
Re: incorrect integer conversions in OpenSSL can result in memory corruption. sd (Apr 24)
Sebastian Rakowski
Re: www.LEORAT.com is scam Sebastian Rakowski (Apr 03)
Re: www.LEORAT.com is scam Sebastian Rakowski (Apr 04)
SEC Consult Vulnerability Lab
SEC Consult whitepaper :: The Source Is A Lie SEC Consult Vulnerability Lab (Apr 17)
Secunia Research
Secunia Research: RealNetworks Helix Server Credentials Disclosure Security Issue Secunia Research (Apr 09)
Secunia Research: Helix Server SNMP Master Agent Service Two Denial of Service Vulnerabilities Secunia Research (Apr 09)
security
[ MDVSA-2012:061 ] raptor security (Apr 21)
[ MDVSA-2012:048 ] mutt security (Apr 02)
[ MDVSA-2012:065 ] php security (Apr 27)
[ MDVSA-2012:049 ] nagios security (Apr 02)
[ MDVSA-2012:046 ] libpng security (Apr 02)
[ MDVSA-2012:047 ] freeradius security (Apr 02)
[ MDVSA-2012:054 ] libtiff security (Apr 05)
[ MDVSA-2012:066 ] mozilla security (Apr 27)
[ MDVSA-2012:064 ] openssl0.9.8 security (Apr 24)
[ MDVSA-2012:050 ] phpmyadmin security (Apr 03)
[ MDVSA-2012:032-1 ] mozilla security (Apr 17)
[ MDVSA-2012:058 ] curl security (Apr 13)
[ MDVSA-2012:055 ] samba security (Apr 11)
[ MDVSA-2012:063 ] libreoffice security (Apr 21)
[ MDVSA-2012:062 ] openoffice.org security (Apr 21)
[ MDVSA-2012:053 ] ocsinventory security (Apr 04)
[ MDVSA-2012:052 ] libvorbis security (Apr 03)
[ MDVSA-2012:060 ] openssl security (Apr 19)
[ MDVSA-2012:051 ] libvorbis security (Apr 03)
[ MDVSA-2012:057 ] freetype2 security (Apr 12)
[ MDVSA-2012:056 ] rpm security (Apr 12)
[ MDVSA-2012:059 ] python-sqlalchemy security (Apr 16)
Security Explorations
[SE-2012-01] Security weakness in Apple Quicktime Java extensions Security Explorations (Apr 12)
[SE-2012-01] Security vulnerabilities in Java SE Security Explorations (Apr 03)
security-news
[Security-news] SA-CONTRIB-2012-061 - Gigya - Social optimization - Cross Site Scripting (XSS) security-news (Apr 18)
Re: [Security-news] SA-CONTRIB-2012-063 - RealName - Cross Site Scripting (XSS) security-news (Apr 25)
[Security-news] SA-CONTRIB-2012-057 - Printer, email and PDF versions - Cross Site Scripting (XSS) security-news (Apr 04)
[Security-news] SA-CONTRIB-2012-062 - Creative Commons - Cross Site Scripting (XSS) security-news (Apr 25)
[Security-news] SA-CONTRIB-2012-066 - Spaces and Spaces OG - Access Bypass security-news (Apr 25)
[Security-news] SA-CONTRIB-2012-064 - Ubercart - Multiple vulnerabilities security-news (Apr 25)
[Security-news] SA-CONTRIB-2012-060 - Commerce Reorder - Cross Site Request Forgery security-news (Apr 18)
[Security-news] SA-CONTRIB-2012-067 - Linkit - Access bypass security-news (Apr 25)
[Security-news] SA-CONTRIB-2012-058 - Fivestar - Input Validation security-news (Apr 11)
[Security-news] SA-CONTRIB-2012-059 - Autosave - Cross Site Scripting security-news (Apr 11)
[Security-news] SA-CONTRIB-2012-063 - RealName - Cross Site Scripting (XSS) security-news (Apr 25)
[Security-news] SA-CONTRIB-2012-056 - Janrain Engage - Sensitive Data Protection Vulnerability security-news (Apr 04)
[Security-news] SA-CONTRIB-2012-065 - Sitedoc - Information disclosure security-news (Apr 25)
Sergio Arcos
Re: Vulnerability in Backtrack Sergio Arcos (Apr 24)
Shakacon
Shakacon CFP - Extended Deadline: April 13, 2012 Shakacon (Apr 06)
Shatter
HTTP Response Splitting in Oracle Enterprise Manager (pageName parameter) (CVE-2012-0527) Shatter (Apr 19)
OCIPasswordChange API leaks information of password hash (CVE-2012-0511) Shatter (Apr 19)
Some failed authentication attempts using OCIPasswordChange API are not recorded (CVE-2012-0511) Shatter (Apr 19)
HTTP Response Splitting in Oracle Enterprise Manager (prevPage parameter) (CVE-2012-0526) Shatter (Apr 19)
TeamSHATTER Security Advisory: Privilege escalation via internal sql injection in RESTORE DATABASE command Shatter (Apr 11)
Incomplete protection of Oracle Database locked accounts (CVE-2012-0510) Shatter (Apr 19)
SQL Injection in Oracle Enterprise Manager (compareWizFirstConfig web page) (CVE-2012-0512) Shatter (Apr 19)
SQL Injection in Oracle Enterprise Manager (searchPage web page) (CVE-2012-0525) Shatter (Apr 19)
Oracle Enterprise Manager vulnerable to Session fixation (CVE-2012-0528) Shatter (Apr 19)
smith joseph
www.LEORAT.com is scam smith joseph (Apr 02)
Stefan Fritsch
[SECURITY] [DSA 2452-1] apache2 security update Stefan Fritsch (Apr 16)
Steve
44Con London 2012 CFP - September 5th - 7th Steve (Apr 10)
Tavis Ormandy
incorrect integer conversions in OpenSSL can result in memory corruption. Tavis Ormandy (Apr 19)
Terrence
Re: Windows XP denial of service 0day found in CTF exercise Terrence (Apr 17)
Re: phpMyBible 0.5.1 Mutiple XSS Terrence (Apr 23)
Thijs Kinkhorst
[SECURITY] [DSA 2450-1] samba security update Thijs Kinkhorst (Apr 12)
Thomas Richards
phpMyBible 0.5.1 Mutiple XSS Thomas Richards (Apr 22)
Re: PHP Gift Registry 1.5.5 SQL Injection Thomas Richards (Apr 16)
Thor (Hammer of God)
Re: phpMyBible 0.5.1 Mutiple XSS Thor (Hammer of God) (Apr 22)
Re: www.LEORAT.com is scam Thor (Hammer of God) (Apr 02)
Thor's Private Key Thor (Hammer of God) (Apr 08)
Re: phpMyBible 0.5.1 Mutiple XSS Thor (Hammer of God) (Apr 22)
Re: Vulnerability in Gentoo hardened Thor (Hammer of God) (Apr 24)
Re: Thor's Private Key Thor (Hammer of God) (Apr 08)
Travis Biehn
Re: new law proposal on EU against hacking tools and practices Travis Biehn (Apr 09)
Re: CIntruder v0.1 Travis Biehn (Apr 09)
Trustwave Advisories
TWSL2012-008: Multiple Vulnerabilities in Scrutinizer NetFlow & sFlow Analyzer Trustwave Advisories (Apr 11)
Urlan
Re: Backtrack 5 R2 priv escalation 0day found in CTF exercise Urlan (Apr 12)
Re: Vulnerability in Backtrack Urlan (Apr 24)
Valdis . Kletnieks
Re: Working to get more people to check if their infected with DNS Changer Valdis . Kletnieks (Apr 04)
Re: Vulnerability in Gentoo hardened Valdis . Kletnieks (Apr 24)
Re: new law proposal on EU against hacking tools and practices Valdis . Kletnieks (Apr 09)
Re: phpMyBible 0.5.1 Mutiple XSS Valdis . Kletnieks (Apr 22)
Re: Windows XP denial of service 0day found in CTF exercise Valdis . Kletnieks (Apr 17)
Re: DoS vulnerabilities in Firefox, Internet Explorer and Opera Valdis . Kletnieks (Apr 30)
Re: new law proposal on EU against hacking tools and practices Valdis . Kletnieks (Apr 09)
Re: www.LEORAT.com is scam Valdis . Kletnieks (Apr 02)
Re: new law proposal on EU against hacking tools and practices Valdis . Kletnieks (Apr 09)
Vikram Dhillon
Re: Mathematica8.0.4 on Linux /tmp/MathLink vulnerability Vikram Dhillon (Apr 17)
VMware Security Team
VMSA-2012-0008 VMware ESX updates to ESX Service Console VMware Security Team (Apr 26)
VMSA-2012-0007 VMware hosted products and ESXi/ESX patches address privilege escalation VMware Security Team (Apr 12)
VSR Advisories
HTC IQRD Android Permission Leakage (CVE-2012-2217) VSR Advisories (Apr 21)
Vulcan DDtek
Amongst data breaches and misc 'leakage', not necessarily digital, DEFCON CTF continues at DEFCON XX Vulcan DDtek (Apr 01)
Walied Assar
Microsoft Incremental Linker Integer Overflow Walied Assar (Apr 24)
YGN Ethical Hacker Group
FastPath Webchat | Multiple Cross Site Scripting Vulnerabilities YGN Ethical Hacker Group (Apr 16)
Joomla! Plugin - Beatz 1.x <= Multiple Cross Site Scripting Vulnerabilities YGN Ethical Hacker Group (Apr 16)
Acuity CMS 2.6.x <= Cross Site Scripting YGN Ethical Hacker Group (Apr 17)
yuange
FW: iis bug yuange (Apr 01)
Re: iis bug yuange (Apr 01)
Zach C.
Re: incorrect integer conversions in OpenSSL can result in memory corruption. Zach C. (Apr 21)
ZDI Disclosures
ZDI-12-056 : Mozilla Firefox nsSVGValue Out-of-Bounds Access Remote Code Execution Vulnerability ZDI Disclosures (Apr 09)
ZDI-12-059 : Mozilla Firefox Ogg Vorbis Decoding Memory Corruption Remote Code Execution Vulnerability ZDI Disclosures (Apr 09)
ZDI-12-055 : Webkit.org Webkit copyNonAttributeProperties Remote Code Execution Vulnerability ZDI Disclosures (Apr 09)
ZDI-12-057 : (Pwn2Own) Adobe Flash Player NetStream addBytes Remote Code Execution Vulnerability ZDI Disclosures (Apr 09)
ZDI-12-058 : Apple Quicktime PNG Depth Decoding Remote Code Execution Vulnerability ZDI Disclosures (Apr 09)
ZDI-12-060 : Oracle Java Runtime readMabCurveData nTblSize Remote Code Execution Vulnerability ZDI Disclosures (Apr 09)
Zerial.
[ZEM560] Vulnerability on Fingerprint & Proximity Access Controller Zerial. (Apr 03)
ZeroDay.JP
An April Fools' Day Android Payload ZeroDay.JP (Apr 02)
Григорий Братислава
Vulnerability in Backtrack Григорий Братислава (Apr 24)