290 messages
starting Mar 01 13 and
ending Mar 31 13
Date index |
Thread index |
Author index
[SECURITY] [DSA 2635-1] cfingerd security update Salvatore Bonaccorso (Mar 01)
[Security-news] SA-CONTRIB-2013-031 - Premium Responsive theme - Cross Site Scripting (XSS) security-news (Mar 01)
[SECURITY] [DSA 2636-1] xen security update Moritz Muehlenhoff (Mar 01)
XSS vulnerabilities in em-shorty, RepRapCalculator, Fulcrum, Django and aCMS MustLive (Mar 01)
BF, IAA and CSRF vulnerabilities in Question2Answer MustLive (Mar 01)
USB Disk & File Transfer v1.3.1 - File Include > Arbitrary File Upload Vulnerability Vulnerability Lab (Mar 01)
IPMap v2.5 iPad iPhone - File Upload Web Vulnerabilities Vulnerability Lab (Mar 01)
Paypal Bug Bounty #5 - Persistent Web Vulnerability Vulnerability Lab (Mar 01)
Proofpoint Protection Server Session Persistence BugsNotHugs (Mar 01)
Administrivia: FD Returns John Cartwright (Mar 02)
Whonix ALPHA 0.5.5 - Anonymous Operating System released adrelanos (Mar 02)
how do I know the fbi is followin Jerry dePriest (Mar 02)
Remote command execution for Ruby Gem ftpd-0.2.1 Larry W. Cashdollar (Mar 02)
[SECURITY] [DSA 2636-2] xen regression update Moritz Muehlenhoff (Mar 03)
AoF, IAA and CSRF vulnerabilities in Question2Answer MustLive (Mar 03)
Ruby Gem Flash Tool 0.6.0 Remote code execution vulnerability Larry W. Cashdollar (Mar 03)
Remote system freeze thanks to Kaspersky Internet Security 2013 Marc Heuse (Mar 03)
[SE-2012-01] One more attack affecting Oracle's Java SE 7u15 Security Explorations (Mar 04)
WordPress Counter per Day plugin <= 3.2.3. Path Disclosure and Denial-Of-Service (DOS) and WordPress Counter per Day plugin <= 3.2.5. Path Disclosure alej andr0 (Mar 04)
[IA32] HP Intelligent Management Center v5.1 E0202 topoContent.jsf Non-Persistent Cross-Site Scripting Inshell Security (Mar 04)
[SECURITY] [DSA 2638-1] openafs security update Moritz Muehlenhoff (Mar 04)
[SECURITY] [DSA 2637-1] apache2 security update Stefan Fritsch (Mar 04)
WordPress Count-Per-Day plugin 3.2.5. Type-1 (reflected) Cross Site Scripting (XSS) alej andr0 (Mar 05)
Re: Remote system freeze thanks to Kaspersky Internet Security 2013 (SA52053) Vulnerability Mailbox (Mar 05)
Samsung S3 : Full Lock Screen Bypass Sean McMillan (Mar 05)
[SECURITY] [DSA 2639-1] php5 security update Thijs Kinkhorst (Mar 05)
[ MDVSA-2013:017 ] libxml2 security (Mar 05)
Re: Kingcopes AthCon 2012 Slides & Notes --> Video online king cope (Mar 05)
Security BSides Las Vegas 31Jul -01Aug Call For Presenters / Call For Mentors Info (Mar 05)
Varnish 2.1.5, 3.0.3 DoS in VRY_Create() while parsing Vary header tytusromekiatomek (Mar 05)
Apache Subversion mod_dav_svn DoS via MKACTIVITY/PROPFIND tytusromekiatomek (Mar 05)
Samsung TV DoS (possible overflow) via SOAPACTION tytusromekiatomek (Mar 05)
Varnish 2.1.5 DoS in STV_alloc() while parsing Content-Length header tytusromekiatomek (Mar 05)
Squid 3.2.7 DoS (loop, 100% cpu) strHdrAcptLangGetItem() at errorpage.cc tytusromekiatomek (Mar 05)
SIP Witch 0.7.4 w/libosip2-4.0.0 DoS via NULL pointer derefence in libosip2 tytusromekiatomek (Mar 05)
Varnish 2.1.5, 3.0.3 DoS in http_GetHdr() while parsing Vary header tytusromekiatomek (Mar 05)
Squid 3.2.5 httpMakeVaryMark() header value DoS, 2.7.Stable9 memory corruption. tytusromekiatomek (Mar 05)
Varnish 2.1.5 DoS in fetch_straight() while parsing Content-Length header tytusromekiatomek (Mar 05)
Remote File Manager v1.2 iOS - Multiple Web Vulnerabilities Vulnerability Lab (Mar 05)
AirDrive HD 1.6 iPad iPhone - Multiple Web Vulnerabilities Vulnerability Lab (Mar 05)
SANS PHP Port Scanner Remote Code Execution laurent gaffie (Mar 05)
Re: rpi-update tmpfile vulnerability Larry W. Cashdollar (Mar 05)
USB Disk & File Transfer v1.3.1 - File Include Vulnerability Vulnerability Lab (Mar 05)
[SECURITY] CVE-2013-0248 Apache Commons FileUpload - Insecure examples Mark Thomas (Mar 06)
Get rid of french marketing spam Arnaud Jacques (Mar 06)
Fwd: lame Michael Simpson (Mar 06)
OpenFabrics ibutils 1.5.7 /tmp clobbering vulnerability Larry W. Cashdollar (Mar 06)
[ MDVSA-2013:018 ] openssl security (Mar 06)
DDIVRT-2013-51 DALIM Dialog Server 'logfile' Local File Inclusion ddivulnalert (Mar 06)
[ MDVSA-2013:019 ] gnutls security (Mar 07)
Re: Oracle Auto Service Request /tmp file clobbering vulnerability Larry W. Cashdollar (Mar 07)
Exploit for stealing admin's account in Question2Answer MustLive (Mar 07)
[ MDVSA-2013:020 ] wireshark security (Mar 08)
Results of a XSLT fuzzing effort Nicolas Grégoire (Mar 08)
[ MDVSA-2013:021 ] java-1.6.0-openjdk security (Mar 08)
SEC Consult SA-20130308-0 :: Multiple critical vulnerabilities in GroundWork Monitor Enterprise (part 1) SEC Consult Vulnerability Lab (Mar 08)
SEC Consult SA-20130308-1 :: Multiple vulnerabilities in GroundWork Monitor Enterprise (part 2) SEC Consult Vulnerability Lab (Mar 08)
Exploit for D-Link DAP 1150 MustLive (Mar 08)
[SECURITY] [DSA 2642-1] sudo security update Michael Gilbert (Mar 09)
[SECURITY] [DSA 2641-1] perl security update Salvatore Bonaccorso (Mar 09)
Multiple SQL Injection vulnerabilities in Disk Pool Manager (DPM) Adam Zabrocki (Mar 10)
CS and XSS vulnerabilities in SWFUpload MustLive (Mar 10)
Host tracking in IPv6 (SI6 Networks' IPv6 toolkit v1.3.3) Fernando Gont (Mar 11)
[ISecAuditors Security Advisories] Reflected XSS in Asteriskguru Queue Statistics ISecAuditors Security Advisories (Mar 11)
SEC Consult SA-20130311-0 :: Persistent cross-site scripting in jforum SEC Consult Vulnerability Lab (Mar 11)
XSS Vulnerability in TinyMCE Justin C. Klein Keane (Mar 11)
CVE-2013-1763 Ubuntu 12.10 64bit Kacper Szczesniak (Mar 11)
Vulnerabilities in SWFUpload in multiple web applications: WordPress, Dotclear, InstantCMS, AionWeb and others MustLive (Mar 11)
Paypal Bug Bounty #19 - Persistent Web Vulnerability Vulnerability Lab (Mar 11)
Announcing ChronIC - a wearable Sub-GHz RF hacking tool Adam Laurie (Mar 12)
Cam2pc BMP Image Processing Integer Overflow Vulnerability kaveh ghaemmaghami (Mar 12)
Ruby gem fastreader-1.0.8 remote code exec Larry W. Cashdollar (Mar 12)
MiniMagic ruby gem remote code execution Larry W. Cashdollar (Mar 12)
Curl Ruby Gem Remote command execution Larry W. Cashdollar (Mar 12)
[SECURITY] [DSA 2643-1] puppet security update Yves-Alexis Perez (Mar 12)
ASUS RT-N66U multiple vulns sec (Mar 12)
[CVE-2013-1814] Apache Rave exposes User over API Matt Franklin (Mar 12)
SEC Consult SA-20130313-0 :: QlikView Desktop Client Integer Overflow SEC Consult Vulnerability Lab (Mar 13)
[ MDVSA-2013:022 ] openssh security (Mar 13)
[ MDVSA-2013:023 ] coreutils security (Mar 13)
[ MDVSA-2013:024 ] firefox security (Mar 13)
[Security-news] SA-CONTRIB-2013-034 - Node Parameter Control - Access Bypass security-news (Mar 13)
Chrome Null Pointer in InspectDataSource::StartDataRequest Heyder Andrade (Mar 14)
FULL-DISCLOSURE Exclusive Henry Garrison (Mar 14)
List Charter John Cartwright (Mar 14)
[ MDVSA-2013:025 ] pidgin security (Mar 14)
[SECURITY] [DSA 2644-1] wireshark security update Moritz Muehlenhoff (Mar 14)
[SECURITY] [DSA 2640-1] zoneminder security update Salvatore Bonaccorso (Mar 14)
A few android security issues Jann Horn (Mar 14)
[SECURITY] [DSA 2645-1] inetutils security update Yves-Alexis Perez (Mar 14)
web app pentesting - short research survey kill my xss (Mar 14)
Petite Annonce v1 XSS Vulnerability metropolis haxor (Mar 14)
Skype Click to Call Update Service local privilege escalation Oliver-Tobias Ripka (Mar 15)
DDIVRT-2013-50 EverFocus EPARA264-16X1 Directory Traversal ddivulnalert (Mar 15)
[SECURITY] [DSA 2647-1] firebird2.1 security update Moritz Muehlenhoff (Mar 15)
[SECURITY] [DSA 2648-1] firebird2.5 security update Moritz Muehlenhoff (Mar 15)
n.runs-SA-2013.001 - Polycom - Command Shell Grants System-Level Access security (Mar 15)
n.runs-SA-2013.002 - Polycom - Firmware Update Command Injection security (Mar 15)
n.runs-SA-2013.003 - Polycom - H.323 CDR Database SQL Injection security (Mar 15)
n.runs-SA-2013.004 - Polycom - H.323 Format String Vulnerability security (Mar 15)
[SECURITY] [DSA 2646-1] typo3-src security update Yves-Alexis Perez (Mar 16)
[SECURITY] [DSA 2649-1] lighttpd security update Yves-Alexis Perez (Mar 16)
[SECURITY] [DSA 2650-1] libvirt-bin security update Yves-Alexis Perez (Mar 16)
Critical issue affecting EA Origin users ReVuln (Mar 16)
10 years of Hackers to Hackers Conference - Call for Papers Rodrigo Rubira Branco (BSDaemon) (Mar 16)
"Data-Clone" -- a new way to attack android apps IEhrepus (Mar 17)
NOPcon 2013 - Call for paper - Istanbul , Turkey NOPcon Team (Mar 17)
Fake Applications in browser Roman Kümmel (Mar 17)
[SECURITY] [DSA 2650-2] libvirt regression update Yves-Alexis Perez (Mar 18)
Port scanning /0 using insecure embedded devices internet census (Mar 18)
[SE-2012-01] The "allowed behavior" in Java SE 7 (Issue 54) Security Explorations (Mar 18)
[ MDVSA-2013:026 ] sudo security (Mar 18)
[ MDVSA-2013:027 ] clamav security (Mar 18)
[ MDVSA-2013:028 ] nagios security (Mar 18)
Cisco Security Response: Cisco IOS and Cisco IOS XE Type 4 Passwords Issue Cisco Systems Product Security Incident Response Team (Mar 18)
iKAT 2013 Release - Interactive Kiosk Attack Tool Paul Craig (Mar 18)
[CVE-2013-2294] Multiple Cross Site Scripting (XSS) vulnerabilities in ViewGit Matthew Bucci (Mar 18)
Remote command execution in Ruby Gem Command Wrap larry Cashdollar (Mar 18)
[waraxe-2013-SA#098] - Directory Traversal Vulnerabilities in OpenCart 1.5.5.1 Janek Vind (Mar 19)
[IA49] Photodex ProShow Producer v5.0.3310 ScsiAccess Local Privilege Escalation Inshell Security (Mar 19)
Owning Samsung Android devices Roberto Paleari (Mar 19)
CA20130319-01: Security Notice for SiteMinder products using SAML Kotas, Kevin J (Mar 19)
Deutsche Post Security Cup 2013 Juergen.Pabel (Mar 20)
CVE-2013-186y: tokend (Apple, Gemalto) - privacy leak & arbitrary file creation (OSX, All versions) Dirk-Willem van Gulik (Mar 20)
CVE-2013-1866: OpenSC.tokend - privacy leak & arbitrary file creation (OSX, All versions) Dirk-Willem van Gulik (Mar 20)
CVE-2013-1867: tokend (Apple, Gemalto) - privacy leak & arbitrary file creation (OSX, All versions) Dirk-Willem van Gulik (Mar 20)
[SECURITY] [DSA 2641-2] libapache2-mod-perl2 update related to DSA 2641-1 Salvatore Bonaccorso (Mar 20)
[Security-news] SA-CONTRIB-2013-035 - Views - Cross Site Scripting (XSS) security-news (Mar 20)
New WinCC/TIA Porta vulns/fixes scadastrangelove (Mar 21)
[SECURITY] [DSA 2651-1] smokeping security update Salvatore Bonaccorso (Mar 21)
[SE-2011-01] PoC code for digital SAT TV research released Security Explorations (Mar 21)
PHDays Call For Papers Initiates Its Second Stage PHD (Mar 21)
[waraxe-2013-SA#099] - Update Spoofing Vulnerability in LibreOffice 4.0.1.2 Janek Vind (Mar 21)
CFP (Extended Deadline) : S.I. on Intrusion Detection and Security Mechanisms for WSNs Jaime Lloret Mauri (Mar 21)
DC4420 - London DEFCON - March meet - Tuesday 26th March 2013 Major Malfunction (Mar 22)
Great read for the Australians Jody Melbourne (HackLabs) (Mar 23)
JAOW 2.4.8 XSS Vulnerability metropolis haxor (Mar 24)
Backupbuddy wordpress plugin - sensitive data exposure in importbuddy.php Rob Armstrong (Mar 24)
XSS vulnerabilities in ZeroClipboard and multiple web applications MustLive (Mar 24)
Book announcement: Los 27 Controles Criticos de Seguridad Informática (Spanish) sergio (Mar 25)
XSS vulnerability on WP-Banners-Lite (wordpress plugin) Fernando A. Lagos B. (Mar 25)
Fwd: Remote command injection vulnerability in Rosewill RSVA11001 (Hi3515 based) Eric Urban (Mar 25)
[SECURITY] [DSA 2652-1] libxml2 security update Michael Gilbert (Mar 25)
[ISecAuditors Security Advisories] CSRF vulnerability in LinkedIn ISecAuditors Security Advisories (Mar 26)
[ISecAuditors Security Advisories] Multiple Reflected XSS vulnerabilities in LinkedIn Investors ISecAuditors Security Advisories (Mar 26)
Ruby gem Thumbshooter 0.1.5 remote command execution Larry W. Cashdollar (Mar 26)
Multiple XSS vulnerabilities in IBM Lotus Domino MustLive (Mar 26)
[SECURITY] [DSA 2653-1] icinga security update Florian Weimer (Mar 26)
Justice for Molly (cops killing civillians) Jerry dePriest (Mar 26)
Fw: Fw: Justice for Molly (cops killing civillians) Jerry dePriest (Mar 26)
reward Jerry dePriest (Mar 26)
[ISecAuditors Security Advisories] Reflected XSS in Atmail WebMail <= v7.0.2 ISecAuditors Security Advisories (Mar 27)
Cisco Security Advisory: Cisco IOS Software Resource Reservation Protocol Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Mar 27)
Cisco Security Advisory: Cisco IOS Software Zone-Based Policy Firewall Session Initiation Protocol Inspection Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Mar 27)
Cisco Security Advisory: Cisco IOS Software IP Service Level Agreement Vulnerability Cisco Systems Product Security Incident Response Team (Mar 27)
Cisco Security Advisory: Cisco IOS Software Protocol Translation Vulnerability Cisco Systems Product Security Incident Response Team (Mar 27)
Cisco Security Advisory: Cisco IOS Software Internet Key Exchange Vulnerability Cisco Systems Product Security Incident Response Team (Mar 27)
Cisco Security Advisory: Cisco IOS Software Network Address Translation Vulnerability Cisco Systems Product Security Incident Response Team (Mar 27)
Cisco Security Advisory: Cisco IOS Software Smart Install Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Mar 27)
winAUTOPWN v3.4 Released - Completing 4 years !! QUAKER DOOMER (Mar 27)
AST-2013-001: Buffer Overflow Exploit Through SIP SDP Header Asterisk Security Team (Mar 27)
AST-2013-002: Denial of Service in HTTP server Asterisk Security Team (Mar 27)
AST-2013-003: Username disclosure in SIP channel driver Asterisk Security Team (Mar 27)
[Security-news] SA-CONTRIB-2013-036 - Zero Point - Cross Site Scripting (XSS) security-news (Mar 27)
[Security-news] SA-CONTRIB-2013-038 - Commons Groups - Access bypass & Privilege escalation security-news (Mar 27)
[Security-news] SA-CONTRIB-2013-037 - Rules - Cross Site Scripting (XSS) security-news (Mar 27)
[Security-news] SA-CONTRIB-2013-039 - Commons Wikis - Access bypass & Privilege escalation security-news (Mar 27)
On the impact of CVE-2013-2266 (BIND9) Daniel Franke (Mar 27)
[SECURITY] [DSA 2655-1] rails security update Moritz Muehlenhoff (Mar 28)
Paypal Bug Bounty #46 - Persistent Web Vulnerability Vulnerability Lab (Mar 28)
MailOrderWorks v5.907 - Multiple Web Vulnerabilities Vulnerability Lab (Mar 28)
Fw: Fw: Justice for Molly (cops killingcivillians) Jerry dePriest (Mar 29)
Fw: Fw: Fw: Justice for Molly (cops killingcivillians) Jerry dePriest (Mar 29)
Re: petition to remove Aaron Swartz prosecutor Jerry dePriest (Mar 29)
Fw: (no subject) Jerry dePriest (Mar 29)
Fw: Fw: News Delivery Report (Failure) Jerry dePriest (Mar 29)
[waraxe-2013-SA#100] - Update Spoofing Vulnerability in mRemote 1.50 Janek Vind (Mar 29)
[waraxe-2013-SA#101] - Update Spoofing Vulnerability in Royal TS 2.1 Janek Vind (Mar 29)
Fw: [waraxe-2013-SA#101] - Update SpoofingVulnerability in Royal TS 2.1 Jerry dePriest (Mar 29)
Donkey Kick Exploit Daniel Sichel (Mar 29)
Crossbow, a lightweight, cross-platform exploit development framework. Zachary Cutlip (Mar 29)
[SECURITY] [DSA 2656-1] bind9 security update Salvatore Bonaccorso (Mar 30)
WP FuneralPress - Stored XSS in Guestbook Rob Armstrong (Mar 30)
AUTO: Roee Hay is on vacation (returning 10/04/2013) Roee Hay (Mar 31)