Mail Index
- MD5 hash extension attack breaks API authentication of Flickr and others
- C4 SCADA Security Advisory - OSISoft PI Server Authentication Weakness
- [ MDVSA-2009:176 ] postgresql
- [ MDVSA-2009:177 ] postgresql
- [ MDVSA-2009:178 ] perl-IO-Socket-SSL
- THOTCON 0x1 - Call For Papers is Open -> October 1, 2009
- {PRL} Novell Edirectory 8.8 SP5 XSS
- From: Protek Research Lab
- {PRL} Cerberus FTP server 3.0.6 Pre-Auth DoS
- From: Protek Research Lab
- [ MDVSA-2009:253 ] backuppc
- ZDI-09-067: Novell NetWare NFS Portmapper and RPC Module Stack Overflow Vulnerability
- [ MDVSA-2009:254 ] graphviz
- Rooted CON 2010 - CFP
- From: Roman Medina-Heigl Hernandez
- [USN-839-1] Samba vulnerabilities
- [USN-840-1] OpenOffice.org vulnerabilities
- google apps googleapps.url.mailto:// uri handler cross-browser remote command execution exploit (IE)
- VMSA-2009-0013 VMware Fusion resolves two security issues
- From: VMware Security team
- Re: VMSA-2009-0013 VMware Fusion resolves two security issues
- [SECURITY] [DSA 1898-1] New openswan packages fix denial of service
- [SECURITY] [DSA 1900-1] New PostgreSQL packages fix various problems
- [SECURITY] [DSA 1899-1] New strongswan packages fix denial of service
- FreeBSD Security Advisory FreeBSD-SA-09:14.devfs
- From: FreeBSD Security Advisories
- [ MDVSA-2009:255 ] perl-DBD-Pg
- FreeBSD Security Advisory FreeBSD-SA-09:13.pipe
- From: FreeBSD Security Advisories
- [security bulletin] HPSBUX02421 SSRT090047 rev.2 - HP-UX Running Kerberos, Remote Denial of Service (DoS), Execution of Arbitrary Code
- CORE-2009-0812-Hyperic HQ Multiple XSS
- From: CORE Security Technologies Advisories
- Palm Pre WebOS <=1.1 Remote File Access Vulnerability
- [SECURITY] [DSA 1901-1] New mediawiki1.7 packages fix several vulnerabilities
- [oCERT-2009-014] Android denial-of-service issues
- CVE-2009-2897: Hyperic HQ - Reflected XSS in stack trace
- From: SpringSource Security Team
- CVE-2009-2898: Hyperic HQ - Stored XSS in alerts list
- From: SpringSource Security Team
- [SECURITY] [DSA 1902-1] New elinks packages fix arbitrary code execution
- [USN-841-1] GLib vulnerability
- FRHACK01 Slides are online
- Re: Cross-Site Scripting vulnerability in eCaptcha
- AlleyCode SEH overflow POC‏‏
- Re: WinRAR v3.80 - ZIP Filename Spoofing
- [Sec-Area Advisory]PBBoard <=2.0.2 - XSS in Topic
- [Advisory]PBBoard <=2.0.2 Full Path Disclosure
- [USN-842-1] Wget vulnerability
- Dopewars 1.5.12 Server Denial of Service
- CORE-2009-0922: Jetty Persistent XSS in Sample Cookies Application
- From: CORE Security Technologies Advisories
- [USN-843-1] BackupPC vulnerability
- [ MDVSA-2009:257 ] qemu
- [ MDVSA-2009:256 ] dbus
- Re: FRHACK01 Slides are online
- {PRL} XLPD 3.0 Remote DoS
- From: Protek Research Lab
- Remote File Inclusion In AIOCP
- BulletProof FTP Client Buffer Overflow (SEH)
- [security bulletin] HPSBPI02463 SSRT090061 rev.1 - HP LaserJet Printers, HP Color LaserJet Printers, Remote Cross Site Scripting (XSS)
- [ MDVSA-2009:258 ] openssl
- [DSECRG-09-017] SAP GUI vsflexGrid ActiveX - Buffer Overflow vulnerability
- [SECURITY] [DSA 1903-1] New graphicsmagick packages fix several vulnerabilities
- [DSECRG-09-048] HP LaserJet printers - Multiple Stored XSS vulnerabilities
- iDefense Security Advisory 10.07.09: IBM AIX rpc.cmsd Stack Buffer Overflow Vulnerability
- DreamPoll 3.1 Vulnerabilities
- [ MDVSA-2009:259 ] snort
- Remote buffer overflow in httpdx
- BMW 'inventory.php"<= SQL Injection Vulnerability
- [USN-844-1] mimeTeX vulnerabilities
- [USN-845-1] Pan vulnerability
- [ MDVSA-2009:217-1 ] mozilla-thunderbird
- [ MDVSA-2009:217-2 ] mozilla-thunderbird
- FreeBSD 6.4 pipeclose()/knlist_cleardel() race condition exploit
- From: Przemyslaw Frasunek
- FreeBSD 7.2 VFS/devfs race condition exploit
- From: Przemyslaw Frasunek
- WASC Announcement: Announcing the Web Application Security Scanner Evaluation Criteria v1
- vBulletin - Multiple Versions - Cross Site Script Redirection
- [USN-846-1] ICU vulnerability
- QuickCart Multiple vlunerabilities
- [ MDVSA-2009:261 ] graphicsmagick
- [USN-847-1] Devscripts vulnerability
- CA20091008-01: Security Notice for CA Anti-Virus Engine
- [USN-847-2] devscripts vulnerability
- [ MDVSA-2009:260 ] imagemagick
- Docebo Multiple SQL-Injection Vulnerabilities
- [ MDVSA-2009:262 ] netpbm
- [SECURITY] [DSA 1904-1] New wget packages fix SSL certificate verification weakness
- Re: Remote buffer overflow in httpdx
- [ MDVSA-2009:263 ] sympa
- [ MDVSA-2009:265 ] egroupware
- [ MDVSA-2009:264 ] gd
- [SECURITY] [DSA 1895-2] New opensaml2 and shibboleth-sp2 packages fix regression
- [ MDVSA-2009:266 ] awstats
- [ MDVSA-2009:275 ] python-django
- [G-SEC 46-2009] Computer Associates multiple products arbritary code execution
- Re: Re: Remote buffer overflow in httpdx
- [ MDVSA-2009:267 ] xmlsec1
- [SECURITY] [DSA 1905-1] New python-django packages fix denial of service
- [SECURITY] [DSA 1906-1] End-of-life announcement for clamav in stable and oldstable
- DEDECMS v5.1 Sql Injection Vulnerability
- [ MDVSA-2009:268 ] mono
- [ MDVSA-2009:269 ] mono
- [ MDVSA-2009:271 ] libnasl
- [ MDVSA-2009:270 ] wireshark
- [ MDVSA-2009:272 ] libmikmod
- [ MDVSA-2009:273 ] strongswan
- Quick Heal Local Privilege Escalation Vulnerability
- Palm Pre WebOS version <= 1.1 Floating Point Exception
- [SECURITY] [DSA 1907-1] New kvm packages fix several vulnerabilities
- [ MDVSA-2009:274 ] phpmyadmin
- [BONSAI] SQL Injection in Achievo
- From: Bonsai - Information Security
- [BONSAI] XSS in Achievo - Customized XSS payload included
- From: Bonsai - Information Security
- [ MDVSA-2009:276 ] python-django
- ZDI-09-071: Microsoft Internet Explorer writing-mode Memory Corruption Vulnerability
- iDefense Security Advisory 10.13.09: Adobe Acrobat and Reader U3D File Invalid Array Index Vulnerability
- ZDI-09-069: Microsoft Windows Media Player Audio Voice Sample Rate Memory Corruption Vulnerability
- ZDI-09-073: Adobe Reader Compact Font Format Malformed Index Memory Corruption Vulnerability
- ZDI-09-070: Microsoft Internet Explorer Event Object Type Double-Free Vulnerability
- ZDI-09-072: Microsoft Windows GDI+ TIFF Parsing Code Execution Vulnerability
- iDefense Security Advisory 10.13.09: Microsoft Windows GDI+ TIFF File Parsing Buffer Overflow Vulnerability
- iDefense Security Advisory 10.13.09: Adobe Acrobat and Reader Firefox Plugin Use After Free Vulnerability
- iDefense Security Advisory 10.13.09: Microsoft Office Drawing Format Shape Properties Memory Corruption Vulnerability
- [SECURITY] [DSA 1908-1] New samba packages fix several vulnerabilities
- Windows GDI+ TIFF memory corruption
- Windows Media Audio Voice remote code execution
- [AntiSnatchOr] Pentaho Bi-server multiple vulnerabilities
- [AntiSnatchOr] Eclipse BIRT <= 2.2.1 Reflected XSS
- [ MDVSA-2009:277 ] samba
- Secunia Research: Microsoft Office BMP Image Colour Handling Integer Overflow
- DEFCON London - DC4420 October 2009 Meet - This Thursday 15th
- Cisco Security Advisory: Cisco Unified Presence Denial of Service Vulnerabilities
- From: Cisco Systems Product Security Incident Response Team
- [USN-848-1] Zope vulnerabilities
- [ MDVSA-2009:278 ] compiz-fusion-plugins-main
- [SECURITY] [DSA 1911-1] New pygresql packages provide secure escaping
- [SECURITY] [DSA 1910-1] New mysql-ocaml packages provide secure escaping
- [SECURITY] [DSA 1909-1] New postgresql-ocaml packages provide secure escaping
- Snitz Forums 2000 Multiple Cross-Site Scripting Vulnerabilities
- [ MDVSA-2009:279 ] ocaml-mysql
- [USN-849-1] libsndfile vulnerabilities
- Re: Easy Music Player 1.0.0.2 (wav) Universal Local Buffer Exploit
- NSFOCUS SA2009-01 : UiTV UiPlayer UiCheck Component Stack Buffer Overflow Vulnerability
- From: NSFOCUS Security Team
- NSFOCUS SA2009-02 : IBM DB2 JDBC Applet Server Remote DoS Vulnerability
- From: NSFOCUS Security Team
- NSFOCUS SA2009-03 : Windows Kernel Malformed PE File Remote DoS Vulnerability
- From: NSFOCUS Security Team
- n.runs-SA-2009.007 - Adobe Acrobat - Invalid pointer write could lead to arbitrary code execution
- [SECURITY] [DSA 1912-1] New camlimages fix arbitrary code execution
- DWebPro allow an invader to execute any program at server side
- WASC Announcement: 2008 Web Application Security Statistics Published
- VMSA-2009-0014 VMware ESX patches for DHCP, Service Console kernel, and JRE resolve multiple security issues
- From: VMware Security Team
- VUPEN Security - Adobe Acrobat and Reader U3D Filter Code Execution Vulnerabilities
- From: VUPEN Security Research
- CanSecWest 2010 CALL FOR PAPERS (deadline Nov 30, conf. Mar22-26) and PacSec (Nov 4/5) Selections
- [SECURITY] [DSA 1913-1] New bugzilla packages fix SQL injection
- Xpdf - Integer overflow which causes heap overflow and NULL pointer derefernce.
- 3Com OfficeConnect Firewall/Router multiple remote Vulnerabilities
- In-depth research on the recent PDF zero-day exploit (CVE-2009-3459)
- Vulnerability in Zoiper softphone version 2.22 - Denial Of Service
- McKesson Horizon Clinical Infrastructure (HCI) version 7.6/7.8/10.0/10.1 hardcoded passwords
- phpcms 2008 Remote File Disclosure Vulnerability
- Overland Guardian OS CLI command line bug - let you get uid 0 shell
- [ MDVSA-2009:283 ] cups
- [CVE-2009-1479] Boxalino - Directory Traversal Vulnerability
- [ MDVSA-2009:281 ] cups
- [ MDVSA-2009:282 ] cups
- EMC RepliStor Server (rep_serv.exe) 6.3.1.3 remote denial of service
- South River Technologies WebDrive Service Bad Security Descriptor Local Elevation Of Privileges
- [ MDVSA-2009:280 ] cups
- [ MDVSA-2009:284 ] gd
- NSOADV-2009-002: Websense Email Security Web Administrator DoS
- NSOADV-2009-003: Websense Email Security Cross Site Scripting
- [ MDVSA-2009:285 ] php
- turbodiff v1.01 beta released
- From: Nicolas A. Economou
- [ GLSA 200910-01 ] Wget: Certificate validation error
- [USN-850-1] poppler vulnerabilities
- [ MDVSA-2009:286 ] ocaml-camlimages
- [waraxe-2009-SA#075] - Remote File Disclosure in Vivvo CMS 4.1.5.1
- Anonymous Remote Arbitrary Code Execution in Alien Arena 7.30
- [USN-851-1] Elinks vulnerabilities
- TwonkyMedia Server Multiple Cross-Site Scripting Vulnerabilities
- [oCERT-2009-016] Poppler, xpdf integer overflow during heap allocation
- Call for Papers: Conference on Cyber Conflict, Estonia
- Everfocus EDR1600 remote authentication bypass
- [ MDVSA-2009:287 ] xpdf
- Avast! Multiple Vulnerabilities
- {PRL} Eureka Mail client BoF
- From: Protek Research Lab
- {PRL} Pegasus Mail client BoF
- From: Protek Research Lab
- [ GLSA 200910-02 ] Pidgin: Multiple vulnerabilities
- [security bulletin] HPSBUX02465 SSRT090192 rev.1 - HP-UX Running Apache-based Web Server, Remote Denial of Service (DoS) Cross-Site Scripting (XSS) Unauthorized Access
- [security bulletin] HPSBUX02466 SSRT090192 rev.1 - HP-UX Running Tomcat Servlet Engine, Remote Denial of Service (DoS), Unauthorized Access
- [SECURITY] [DSA 1914-1] New mapserver packages fix serveral vulnerabilities
- RE: [Full-disclosure] NSOADV-2009-003: Websense Email Security Cross Site Scripting
- HP Quality Centre Weak password Obfuscation
- [USN-850-2] poppler regression
- [SECURITY] [DSA 1915-1] New Linux 2.6.26 packages fix several vulnerabilities
- /proc filesystem allows bypassing directory permissions on Linux
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Re: /proc filesystem allows bypassing directory permissions on Linux
- From: Arturo 'Buanzo' Busleiman
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Re: /proc filesystem allows bypassing directory permissions on Linux
- [ MDVSA-2009:288 ] proftpd
- Re: /proc filesystem allows bypassing directory permissions on Linux
- [SECURITY] [DSA 1912-2] New advi packages fix arbitrary code execution
- [SECURITY] [DSA 1916-1] New kdelibs packages fix SSL certificate verification weakness
- [SECURITY] [DSA 1917-1] New mimetex packages fix several vulnerabilities
- Novell eDirectory 8.8 SP5 for Windows - Buffer Overflow Vulnerability
- Re: /proc filesystem allows bypassing directory permissions on Linux
- RunCms v.2M1 /modules/forum/post.php - 'forum' remote semi-blind SQL Injection Exploit
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Re: /proc filesystem allows bypassing directory permissions on Linux
- SharePoint 2007 ASP.NET Source Code Disclosure
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Re: /proc filesystem allows bypassing directory permissions on Linux
- squidGuard 1.3 & 1.4 : buffer overflow
- Jetty 6.x and 7.x Multiple Vulnerabilities
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Re: /proc filesystem allows bypassing directory permissions on Linux
- [SECURITY] [DSA 1918-1] New phpmyadmin packages fix several vulnerabilities
- [SECURITY] [DSA 1919-1] New smarty packages fix several vulnerabilities
- [ GLSA 200910-03 ] Adobe Reader: Multiple vulnerabilities
- Re: /proc filesystem allows bypassing directory permissions on Linux
- [DSECRG-09-010] Oracle 10g CTXSYS.DRVXTABC - plsql injection
- Re: Re: /proc filesystem allows bypassing directory permissions on Linux
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Re: /proc filesystem allows bypassing directory permissions on Linux
- From: Klaus Lichtenwalder
- [SECURITY] [DSA-1920-1] New nginx packages fix denial of service
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Cherokee Web Server 0.5.4 Denial Of Service
- AST-2009-007: ACL not respected on SIP INVITE
- From: Asterisk Security Team
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Rising Multiple Products Local Privilege Escalation Vulnerability
- {PRL} Rising Firewall 2009 Privilege Escalation
- From: Protek Research Lab
- Adobe Acrobat Reader up to 9.1.1 ONLY Linux integer overflow to heap overflow.
- {PRL} Rising Antivirus 2009 Privilege Escalation
- From: Protek Research Lab
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Aruba Networks Advisory ID: AID-102609 - Malformed 802.11 Association Request frame causes Denial of Service condition on an Access Point
- [oCERT-2009-015] KDE multiple issues
- [ MDVSA-2009:289 ] kernel
- PHP168 v6.0 rc
- Mariposa Botnet C&C decryption plugin for wireshark
- Re: /proc filesystem allows bypassing directory permissions on Linux
- [G-SEC 47-2009] Symantec generic PDF detection bypass
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Secunia Research: Mozilla Firefox Floating Point Memory Allocation Vulnerability
- Re: /proc filesystem allows bypassing directory permissions on Linux
- [SECURITY] [DSA 1921-1] New expat packages fix denial of service
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Re: /proc filesystem allows bypassing directory permissions on Linux
- [G-SEC 49-2009] McAfee generic PDF detection bypass
- VMSA-2009-0015 VMware hosted products and ESX patches resolve two security issues
- From: VMware Security Team
- Invalid #PF Exception Code in VMware can result in Guest Privilege Escalation
- [G-SEC 48-2009] F-SECURE - Generic PDF detection bypass
- Fwd: Wowd search client multiple variable xss
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Re: /proc filesystem allows bypassing directory permissions on Linux
- ZDI-09-074: Multiple Vendor Hummingbird STR Service Stack Overflow Vulnerability
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Re: /proc filesystem allows bypassing directory permissions on Linux
- [SECURITY] [DSA 1922-1] New xulrunner packages fix several vulnerabilities
- iDefense Security Advisory 10.28.09: Mozilla Firefox GIF Color Map Parsing Buffer Overflow Vulnerability
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Hijacking Opera's Native Page using malicious RSS payloads
- Re: /proc filesystem allows bypassing directory permissions on Linux
- [ MDVSA-2009:290 ] firefox
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Re: /proc filesystem allows bypassing directory permissions on
- 2wire Remote Denial of Service
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Re: /proc filesystem allows bypassing directory permissions on Linux
- SafeNet SoftRemote Local Buffer Overflow - Security Advisory - SOS-09-008
- Re: /proc filesystem allows bypassing directory permissions on
- [SECURITY] [DSA 1923-1] New libhtml-parser-perl packages fix denial of service
- com_jumi / jumi 2.0.5 for joomla 1.5 backdoored
- [ MDVSA-2009:291 ] jetty5
- CubeCart 4 Session Management Bypass
- PSAtr v1.2 Sql Injection
- Windows Media Player Plugin: Local File Detection Vulnerability
- CVE-2009-1979 (Oracle RDBMS)
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Re: /proc filesystem allows bypassing directory permissions on Linux
- {PRL} My Remote File Server Privilege Escalation
- From: Protek Research Lab
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Re: /proc filesystem allows bypassing directory permissions on Linux
- Re: /proc filesystem allows bypassing directory permissions on Linux
Mail converted by MHonArc