Mail Index
- {PRL} Multiple Panda Security Products Local Privilege Escalation Vulnerability
- From: Protek Research Lab
- Re: TwonkyMedia Server Multiple Cross-Site Scripting Vulnerabilities
- Reminder for DeepSec 2009 Conference
- From: DeepSec Conference - Announcement
- ACROS Security: HTML Injection in Oracle WebLogic Server Console (ASPR #2009-10-30-1)
- [USN-853-1] Firefox and Xulrunner vulnerabilities
- [SECURITY] [DSA 1924-1] New mahara packages fix several vulnerabilities
- [SECURITY] [DSA 1925-1] New proftpd-dfsg packages fix SSL certificate verification weakness
- Re: {PRL} Multiple Panda Security Products Local Privilege Escalation Vulnerability
- From: Vladimir '3APA3A' Dubrovin
- Re: /proc filesystem allows bypassing directory permissions on
- Re: /proc filesystem allows bypassing directory permissions on
- NSOADV-2009-001: Symantec ConsoleUtilities ActiveX Control Buffer Overflow
- Re: /proc filesystem allows bypassing directory permissions on
- ZDI-09-075: Novell eDirectory LDAP Null Base DN Denial of Service Vulnerability
- Re: /proc filesystem allows bypassing directory permissions on
- [USN-850-3] poppler vulnerabilities
- Re: /proc filesystem allows bypassing directory permissions on
- Re: /proc filesystem allows bypassing directory permissions on
- QuahogCon Call for Papers
- Fwd: {Lostmon´s Group} Re: Wowd search client multiple variable xss (solution)
- [ MDVSA-2009:292 ] wireshark
- [ MDVSA-2009:293 ] squidGuard
- New vulnerability in Xerox Fiery Webtools
- Re: Cherokee Web Server 0.5.4 Denial Of Service
- Secunia Research: IBM Tivoli Storage Manager CAD Service Buffer Overflow
- Bractus SunTrack Multiple XSS
- Re: /proc filesystem allows bypassing directory permissions on
- Re: /proc filesystem allows bypassing directory permissions on
- Re: /proc filesystem allows bypassing directory permissions on
- Re: /proc filesystem allows bypassing directory permissions on
- [security bulletin] HPSBUX02355 SSRT080023 rev.2 - HP-UX Using libc, Remote Denial of Service (DoS)
- VUPEN Security - Adobe Shockwave Player Multiple Code Execution Vulnerabilities
- From: VUPEN Security Research
- Re: /proc filesystem allows bypassing directory permissions on
- Re: /proc filesystem allows bypassing directory permissions on
- Context IS Advisory - Autocomplete Data Theft in Mozilla Firefox
- From: Context IS - Disclosure
- [SECURITY] [DSA 1926-1] New TYPO3 packages fix several vulnerabilities
- AST-2009-009: Cross-site AJAX request vulnerability
- From: Asterisk Security Team
- AST-2009-008: SIP responses expose valid usernames
- From: Asterisk Security Team
- ZDI-09-076: Sun Java HsbParser.getSoundBank Stack Buffer Overflow Vulnerability
- ZDI-09-079: Sun Java Runtime AWT setBytePixels Heap Overflow Vulnerability
- ZDI-09-080: Sun Java Runtime Environment JPEGImageReader Heap Overflow Vulnerability
- ZDI-09-077: Sun Java Web Start Arbitrary Command Execution Vulnerability
- ZDI-09-078: Sun Java Runtime AWT setDifflCM Stack Overflow Vulnerability
- Re: /proc filesystem allows bypassing directory permissions on
- CONFidence 2.0 schedule online - last time to register
- [Bkis-12-2009] eoCMS SQL injection vulnerability - Bkis Report
- [security bulletin] HPSBMA02474 SSRT090107 rev.1 - HP Power Manager, Remote Execution of Arbitrary Code
- CORE-2009-0912: Blender .blend Project Arbitrary Command Execution
- From: CORE Security Technologies Advisories
- ZDI-09-081: Hewlett-Packard Power Manager Administration Web Server Stack Overflow Vulnerability
- [USN-855-1] libhtml-parser-perl vulnerability
- [SECURITY] [DSA 1927-1] New Linux 2.6.26 packages fix several vulnerabilities
- [USN-854-1] GD library vulnerabilities
- [SECURITY] [DSA 1928-1] New Linux 2.6.24 packages fix several vulnerabilities
- Using Blended Browser Threats involving Chrome to steal files on your computer
- [ MDVSA-2009:294 ] firefox
- [SECURITY] [DSA 1929-1] New Linux 2.6.18 packages fix several vulnerabilities
- Php 5.3.0 pdflib extension open_basedir bypass
- [ GLSA 200911-01 ] Horde: Multiple vulnerabilities
- [SECURITY] [DSA 1930-1] New drupal6 packages fix several vulnerabilities
- [SECURITY] [DSA 1931-1] New NSPR packages fix several vulnerabilities
- [SECURITY] [DSA 1932-1] New pidgin packages fix arbitrary code execution
- [ MDVSA-2009:295 ] apache
- [SECURITY] CVE-2009-3548 Apache Tomcat Windows Installer insecure default administrative password
- FRHACK01 DVDs
- ToutVirtual VirtualIQ Multiple Vulnerabilities
- DoS vulnerability in Internet Explorer
- Cisco Security Advisory: Transport Layer Security Renegotiation Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Re: DoS vulnerability in Internet Explorer
- Re: Re: DoS vulnerability in Internet Explorer
- Re: FRHACK01 DVDs
- Atheros Driver Reserved Frame Vulnerability
- [USN-856-1] CUPS vulnerability
- [USN-857-1] Qt vulnerabilities
- [MORNINGSTAR-2009-02] Multiple security issues in Cute News and UTF-8 Cute News
- Marvell Driver Multiple Information Element Overflows
- [security bulletin] HPSBUX02476 SSRT090250 rev.1 - HP-UX Running Java, Remote Increase in Privilege, Denial of Service and Other Vulnerabilities
- [SECURITY] [DSA 1933-1] New cups packages fix cross-site scripting
- XM Easy Personal FTP Server 'LIST' Command Remote DoS Vulnerability
- TPTI-09-07: Microsoft Windows License Logging Service Heap Corruption Vulnerability
- ZDI-09-082: Microsoft Office Excel PivotTable Cache Record Parsing Memory Corruption Vulnerability
- ZDI-09-083: Microsoft Excel Shared Feature Header Pointer Offset Memory Corruption Vulnerability
- iDefense Security Advisory 11.10.09: Microsoft Word FIB Processing Stack Buffer Overflow Vulnerability
- iDefense Security Advisory 11.10.09: Microsoft Excel FEATHEADER Record Memory Corruption Vulnerability
- Exploit writing tutorials
- From: Peter Van Eeckhoutte
- Novell eDirectory 8.8 SP5 Denial of Service
- Secunia Research: Gimp BMP Image Parsing Integer Overflow Vulnerability
- [USN-858-1] OpenLDAP vulnerability
- Re: New vulnerability in Xerox Fiery Webtools
- Re: XM Easy Personal FTP Server 'LIST' Command Remote DoS Vulnerability
- From: Protek Research Lab
- Panda Security Software Local Privilege Escalation
- Yahoo Messenger 9 ActiveX DoS (Null Pointer) Vulnerability
- [USN-853-2] Firefox and Xulrunner regression
- [SWRX-2009-002] McAfee Network Security Manager Authentication Bypass and Session Hijacking Vulnerability
- VUPEN Security Research - Microsoft Office Excel Code Execution Vulnerabilities
- From: VUPEN Security Research
- WordPress 2.8.5 Unrestricted File Upload Arbitrary PHP Code Execution
- [SWRX-2009-001] McAfee Network Security Manager Cross-Site Scripting (XSS) Vulnerability
- RE: Exploit writing tutorials
- From: Peter Van Eeckhoutte
- Re: WordPress 2.8.5 Unrestricted File Upload Arbitrary PHP Code Execution
- rPSA-2009-0142-1 httpd mod_ssl
- From: rPath Update Announcements
- rPSA-2009-0143-1 util-linux util-linux-extras
- From: rPath Update Announcements
- rPSA-2009-0144-1 apr-util
- From: rPath Update Announcements
- XM Easy Personal FTP Server 'APPE' and 'DELE' Command Remote Denial of Service Vulnerability
- rPSA-2009-0145-1 samba samba-client samba-server samba-swat
- From: rPath Update Announcements
- rPSA-2009-0142-2 httpd mod_ssl
- From: rPath Update Announcements
- [ MDVSA-2009:296 ] gimp
- [USN-859-1] OpenJDK vulnerabilities
- [ MDVSA-2009:298 ] xine-lib
- [ MDVSA-2009:297 ] ffmpeg
- [ MDVSA-2009:299 ] xine-lib
- [ MDVSA-2009:300 ] apache-conf
- [ MDVSA-2009:158-1 ] pango
- [DSECRG-09-062] Alteon OS BBI (Nortell) - Multiple Vulnerabilities
- Home FTP Server 'SITE INDEX' Command Remote Denial of Service Vulnerability
- Avast aswRdr.sys Kernel Pool Corruption and Local Privilege Escalation
- [SECURITY] [DSA-1934-1] New apache2 packages fix several issues
- Re: DoS vulnerability in Internet Explorer
- [ MDVSA-2009:158-2 ] pango
- [security bulletin] HPSBUX02451 SSRT090137 rev.2 - HP-UX Running BIND, Remote Denial of Service (DoS)
- Hellcode Research: Novell eDirectory HTTPSTK Login Stack Overflow Vulnerability
- [SECURITY] [DSA 1935-1] New gnutls23/gnutls26 packages fix SSL certificate verification weakness
- Metasploit Framework 3.3 Released
- Secunia Research: Gimp PSD Image Parsing Integer Overflow Vulnerability
- [security bulletin] HPSBMA02474 SSRT090107 rev.1 - HP Power Manager, Remote Execution of Arbitrary Code
- [security bulletin] HPSBMA02456 SSRT090188 rev.1 - HP Discovery & Dependency Mapping Inventory (DDMI) Running on Windows, Remote Execution of Arbitrary Code
- Home FTP Server 'MKD' Command Directory Traversal Vulnerability
- Kaspersky Anti-Virus 2010 <= 9.0.0.463 pointer dereference vulnerability
- [SECURITY] [DSA 1936-1] New libgd2 packages fix several vulnerabilities
- CORE-2009-0814: HP Openview NNM 7.53 Invalid DB Error Code vulnerability
- From: CORE Security Technologies Advisories
- [ GLSA 200911-02 ] Sun JDK/JRE: Multiple vulnerabilites
- [security bulletin] HPSBUX02409 SSRT080171 rev.2 - HP-UX Running VERITAS File System (VRTSvxfs) or VERITAS Oracle Disk Manager (VRTSodm), Local Escalation of Privilege
- DEFCON London - DC4420 - NO MEETING this Thursday! 19th November 2009
- TLS / SSLv3 vulnerability explained (DRAFT)
- [security bulletin] HPSBMI02473 SSRT080138 rev.1 - Cisco Catalyst Blade Switch 3020/3120, Remote Denial of Service (DoS)
- Secunia Research: RhinoSoft Serv-U TEA Decoding Buffer Overflow
- Announcement: Critical Internet Infrastructure WG is now open to public participation
- CORE-2009-1027: IBM SolidDB invalid error code vulnerability
- From: CORE Security Technologies Advisories
- [USN-860-1] Apache vulnerabilities
- [security bulletin] HPSBPI02472 SSRT090196 rev.1 - Certain HP Color LaserJet Printers, Remote Unauthorized Access to Data, Denial of Service
- [security bulletin] HPSBMA02477 SSRT090177 rev.2 - HP OpenView Network Node Manager (OV NNM), Remote Denial of Service (DoS)
- Auto Manager admin.cgi Multiple Field XSS
- AssetsSoSimple supplier_admin.php Supplier Field XSS
- NSA Iraqi Computer Attacks And U.S. Defense
- Opera 10.01 Remote Array Overrun (Arbitrary code execution)
- SeaMonkey 1.1.8 Remote Array Overrun (Arbitrary code execution)
- K-Meleon 1.5.3 Remote Array Overrun (Arbitrary code execution)
- KDE KDELibs 4.3.3 Remote Array Overrun (Arbitrary code execution)
- Firefox 3.5.3 Remote Array Overrun (UPDATE)
- PHP "multipart/form-data" denial of service
- [security bulletin] HPSBMA02478 SSRT090251 rev.1 - HP Operations Manager for Windows, Remote Unauthorized Access
- VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components
- From: VMware Security Team
- ZDI-09-085: Hewlett-Packard Operations Manager Server Backdoor Account Code Execution Vulnerability
- [ MDVSA-2009:301 ] kernel
- [Bkis-13-2009] e107 Multiple Vulnerabilities
- [SECURITY] [DSA 1937-1] New gforge packages fix cross-site scripting
- Vulnerabilities in plugins for WordPress
- Code to mitigate IE STYLE zero-day
- [ MDVSA-2009:302 ] php
- [SECURITY] [DSA 1938-1] New php-mail packages fix insufficient input sanitising
- Millions of PDF invisibly embedded with your internal disk paths
- CORE-2009-0908: Autodesk SoftImage Scene TOC Arbitrary Command Execution
- From: CORE Security Technologies Advisories
- CORE-2009-0909: Autodesk 3DS Max Application Callbacks Arbitrary Command Execution
- From: CORE Security Technologies Advisories
- CORE-2009-0910: Autodesk Maya Script Nodes Arbitrary Command Execution
- From: CORE Security Technologies Advisories
- RE: Millions of PDF invisibly embedded with your internal disk paths
- From: Thor (Hammer of God)
- TYPSoft FTP Server 'APPE' and 'DELE' Commands Remote DoS Vulnerabilities
- XM Easy Personal FTP Server Remote DoS Vulnerability
- Executing arbitrary PHP code on OpenX <= 2.8.1
- New Paper: MitM Attacks against the chipTAN comfort Online Banking System
- From: RedTeam Pentesting GmbH
- [USN-861-1] libvorbis vulnerabilities
- [security bulletin] HPSBMA02417 SSRT090031 rev.2 - HP Data Protector Express and HP Data Protector Express Single Server
- Vulnerabilities in WP-Cumulus for WordPress
- [SECURITY] [DSA 1939-1] New libvorbis packages fix several vulnerabilities
- rPSA-2009-0154-1 httpd mod_ssl
- From: rPath Update Announcements
- rPSA-2009-0155-1 httpd mod_ssl
- From: rPath Update Announcements
- rPSA-2009-0156-1 sun-jdk sun-jre
- From: rPath Update Announcements
- Re: Millions of PDF invisibly embedded with your internal disk paths
- [ GLSA 200911-03 ] UW IMAP toolkit: Multiple vulnerabilities
- [resent] [ GLSA 200911-04 ] dstat: Untrusted search path
- [ GLSA 200911-05 ] Wireshark: Multiple vulnerabilities
Mail converted by MHonArc