Mail Thread Index
- {PRL} Multiple Panda Security Products Local Privilege Escalation Vulnerability,
Protek Research Lab
- Re: TwonkyMedia Server Multiple Cross-Site Scripting Vulnerabilities,
schwartz
- Reminder for DeepSec 2009 Conference,
DeepSec Conference - Announcement
- ACROS Security: HTML Injection in Oracle WebLogic Server Console (ASPR #2009-10-30-1),
ACROS Lists
- [USN-853-1] Firefox and Xulrunner vulnerabilities,
Jamie Strandboge
- [SECURITY] [DSA 1924-1] New mahara packages fix several vulnerabilities,
Steffen Joeris
- [SECURITY] [DSA 1925-1] New proftpd-dfsg packages fix SSL certificate verification weakness,
Steffen Joeris
- Re: /proc filesystem allows bypassing directory permissions on,
Martin Rex
- NSOADV-2009-001: Symantec ConsoleUtilities ActiveX Control Buffer Overflow,
NSO Research
- ZDI-09-075: Novell eDirectory LDAP Null Base DN Denial of Service Vulnerability,
ZDI Disclosures
- [USN-850-3] poppler vulnerabilities,
Marc Deslauriers
- QuahogCon Call for Papers,
info
- Fwd: {Lostmon´s Group} Re: Wowd search client multiple variable xss (solution),
Lostmon lords
- [ MDVSA-2009:292 ] wireshark,
security
- [ MDVSA-2009:293 ] squidGuard,
security
- New vulnerability in Xerox Fiery Webtools,
Bernardo Luis
- Re: Cherokee Web Server 0.5.4 Denial Of Service,
daniel . crowley
- Secunia Research: IBM Tivoli Storage Manager CAD Service Buffer Overflow,
Secunia Research
- Bractus SunTrack Multiple XSS,
Bugs NotHugs
- [security bulletin] HPSBUX02355 SSRT080023 rev.2 - HP-UX Using libc, Remote Denial of Service (DoS),
security-alert
- VUPEN Security - Adobe Shockwave Player Multiple Code Execution Vulnerabilities,
VUPEN Security Research
- Context IS Advisory - Autocomplete Data Theft in Mozilla Firefox,
Context IS - Disclosure
- [SECURITY] [DSA 1926-1] New TYPO3 packages fix several vulnerabilities,
Thijs Kinkhorst
- AST-2009-009: Cross-site AJAX request vulnerability,
Asterisk Security Team
- AST-2009-008: SIP responses expose valid usernames,
Asterisk Security Team
- ZDI-09-076: Sun Java HsbParser.getSoundBank Stack Buffer Overflow Vulnerability,
ZDI Disclosures
- ZDI-09-079: Sun Java Runtime AWT setBytePixels Heap Overflow Vulnerability,
ZDI Disclosures
- ZDI-09-080: Sun Java Runtime Environment JPEGImageReader Heap Overflow Vulnerability,
ZDI Disclosures
- ZDI-09-077: Sun Java Web Start Arbitrary Command Execution Vulnerability,
ZDI Disclosures
- ZDI-09-078: Sun Java Runtime AWT setDifflCM Stack Overflow Vulnerability,
ZDI Disclosures
- CONFidence 2.0 schedule online - last time to register,
Andrzej Targosz
- [Bkis-12-2009] eoCMS SQL injection vulnerability - Bkis Report,
Bkis
- [security bulletin] HPSBMA02474 SSRT090107 rev.1 - HP Power Manager, Remote Execution of Arbitrary Code,
security-alert
- CORE-2009-0912: Blender .blend Project Arbitrary Command Execution,
CORE Security Technologies Advisories
- ZDI-09-081: Hewlett-Packard Power Manager Administration Web Server Stack Overflow Vulnerability,
ZDI Disclosures
- [USN-855-1] libhtml-parser-perl vulnerability,
Marc Deslauriers
- [SECURITY] [DSA 1927-1] New Linux 2.6.26 packages fix several vulnerabilities,
dann frazier
- [USN-854-1] GD library vulnerabilities,
Marc Deslauriers
- [SECURITY] [DSA 1928-1] New Linux 2.6.24 packages fix several vulnerabilities,
dann frazier
- Using Blended Browser Threats involving Chrome to steal files on your computer,
Inferno
- [ MDVSA-2009:294 ] firefox,
security
- [SECURITY] [DSA 1929-1] New Linux 2.6.18 packages fix several vulnerabilities,
dann frazier
- Php 5.3.0 pdflib extension open_basedir bypass,
r3d . w0rm
- [ GLSA 200911-01 ] Horde: Multiple vulnerabilities,
Alex Legler
- [SECURITY] [DSA 1930-1] New drupal6 packages fix several vulnerabilities,
Steffen Joeris
- [SECURITY] [DSA 1931-1] New NSPR packages fix several vulnerabilities,
Moritz Muehlenhoff
- [SECURITY] [DSA 1932-1] New pidgin packages fix arbitrary code execution,
Moritz Muehlenhoff
- [ MDVSA-2009:295 ] apache,
security
- [SECURITY] CVE-2009-3548 Apache Tomcat Windows Installer insecure default administrative password,
Mark Thomas
- FRHACK01 DVDs,
Jerome Athias
- ToutVirtual VirtualIQ Multiple Vulnerabilities,
Claudio Criscione
- DoS vulnerability in Internet Explorer,
MustLive
- Cisco Security Advisory: Transport Layer Security Renegotiation Vulnerability,
Cisco Systems Product Security Incident Response Team
- Atheros Driver Reserved Frame Vulnerability,
Laurent Butti
- [USN-856-1] CUPS vulnerability,
Marc Deslauriers
- [USN-857-1] Qt vulnerabilities,
Marc Deslauriers
- [MORNINGSTAR-2009-02] Multiple security issues in Cute News and UTF-8 Cute News,
Andrew Horton
- Marvell Driver Multiple Information Element Overflows,
Laurent Butti
- [security bulletin] HPSBUX02476 SSRT090250 rev.1 - HP-UX Running Java, Remote Increase in Privilege, Denial of Service and Other Vulnerabilities,
security-alert
- [SECURITY] [DSA 1933-1] New cups packages fix cross-site scripting,
Steffen Joeris
- XM Easy Personal FTP Server 'LIST' Command Remote DoS Vulnerability,
zhangmc
- TPTI-09-07: Microsoft Windows License Logging Service Heap Corruption Vulnerability,
dvlabs
- ZDI-09-082: Microsoft Office Excel PivotTable Cache Record Parsing Memory Corruption Vulnerability,
ZDI Disclosures
- ZDI-09-083: Microsoft Excel Shared Feature Header Pointer Offset Memory Corruption Vulnerability,
ZDI Disclosures
- iDefense Security Advisory 11.10.09: Microsoft Word FIB Processing Stack Buffer Overflow Vulnerability,
iDefense Labs
- iDefense Security Advisory 11.10.09: Microsoft Excel FEATHEADER Record Memory Corruption Vulnerability,
iDefense Labs
- Exploit writing tutorials,
Peter Van Eeckhoutte
- Novell eDirectory 8.8 SP5 Denial of Service,
advisory
- Secunia Research: Gimp BMP Image Parsing Integer Overflow Vulnerability,
Secunia Research
- [USN-858-1] OpenLDAP vulnerability,
Marc Deslauriers
- Panda Security Software Local Privilege Escalation,
Maxim A. Kulakov
- Yahoo Messenger 9 ActiveX DoS (Null Pointer) Vulnerability,
advisory
- [USN-853-2] Firefox and Xulrunner regression,
Jamie Strandboge
- [SWRX-2009-002] McAfee Network Security Manager Authentication Bypass and Session Hijacking Vulnerability,
ctu-no-reply
- VUPEN Security Research - Microsoft Office Excel Code Execution Vulnerabilities,
VUPEN Security Research
- WordPress 2.8.5 Unrestricted File Upload Arbitrary PHP Code Execution,
golunski
- [SWRX-2009-001] McAfee Network Security Manager Cross-Site Scripting (XSS) Vulnerability,
ctu-no-reply
- rPSA-2009-0142-1 httpd mod_ssl,
rPath Update Announcements
- rPSA-2009-0143-1 util-linux util-linux-extras,
rPath Update Announcements
- rPSA-2009-0144-1 apr-util,
rPath Update Announcements
- XM Easy Personal FTP Server 'APPE' and 'DELE' Command Remote Denial of Service Vulnerability,
zhangmc
- rPSA-2009-0145-1 samba samba-client samba-server samba-swat,
rPath Update Announcements
- rPSA-2009-0142-2 httpd mod_ssl,
rPath Update Announcements
- [ MDVSA-2009:296 ] gimp,
security
- [USN-859-1] OpenJDK vulnerabilities,
Kees Cook
- [ MDVSA-2009:298 ] xine-lib,
security
- [ MDVSA-2009:297 ] ffmpeg,
security
- [ MDVSA-2009:299 ] xine-lib,
security
- [ MDVSA-2009:300 ] apache-conf,
security
- [ MDVSA-2009:158-1 ] pango,
security
- [DSECRG-09-062] Alteon OS BBI (Nortell) - Multiple Vulnerabilities,
DSecRG
- Home FTP Server 'SITE INDEX' Command Remote Denial of Service Vulnerability,
zhangmc
- Avast aswRdr.sys Kernel Pool Corruption and Local Privilege Escalation,
contact . fingers
- [SECURITY] [DSA-1934-1] New apache2 packages fix several issues,
Stefan Fritsch
- [ MDVSA-2009:158-2 ] pango,
security
- [security bulletin] HPSBUX02451 SSRT090137 rev.2 - HP-UX Running BIND, Remote Denial of Service (DoS),
security-alert
- Hellcode Research: Novell eDirectory HTTPSTK Login Stack Overflow Vulnerability,
karakorsankara
- [SECURITY] [DSA 1935-1] New gnutls23/gnutls26 packages fix SSL certificate verification weakness,
Giuseppe Iuculano
- Metasploit Framework 3.3 Released,
HD Moore
- Secunia Research: Gimp PSD Image Parsing Integer Overflow Vulnerability,
Secunia Research
- [security bulletin] HPSBMA02456 SSRT090188 rev.1 - HP Discovery & Dependency Mapping Inventory (DDMI) Running on Windows, Remote Execution of Arbitrary Code,
security-alert
- Home FTP Server 'MKD' Command Directory Traversal Vulnerability,
zhangmc
- Kaspersky Anti-Virus 2010 <= 9.0.0.463 pointer dereference vulnerability,
s . leberre
- [SECURITY] [DSA 1936-1] New libgd2 packages fix several vulnerabilities,
Giuseppe Iuculano
- CORE-2009-0814: HP Openview NNM 7.53 Invalid DB Error Code vulnerability,
CORE Security Technologies Advisories
- [ GLSA 200911-02 ] Sun JDK/JRE: Multiple vulnerabilites,
Alex Legler
- [security bulletin] HPSBUX02409 SSRT080171 rev.2 - HP-UX Running VERITAS File System (VRTSvxfs) or VERITAS Oracle Disk Manager (VRTSodm), Local Escalation of Privilege,
security-alert
- DEFCON London - DC4420 - NO MEETING this Thursday! 19th November 2009,
Major Malfunction
- TLS / SSLv3 vulnerability explained (DRAFT),
Thierry Zoller
- [security bulletin] HPSBMI02473 SSRT080138 rev.1 - Cisco Catalyst Blade Switch 3020/3120, Remote Denial of Service (DoS),
security-alert
- Secunia Research: RhinoSoft Serv-U TEA Decoding Buffer Overflow,
Secunia Research
- Announcement: Critical Internet Infrastructure WG is now open to public participation,
Gadi Evron
- CORE-2009-1027: IBM SolidDB invalid error code vulnerability,
CORE Security Technologies Advisories
- [USN-860-1] Apache vulnerabilities,
Jamie Strandboge
- [security bulletin] HPSBPI02472 SSRT090196 rev.1 - Certain HP Color LaserJet Printers, Remote Unauthorized Access to Data, Denial of Service,
security-alert
- [security bulletin] HPSBMA02477 SSRT090177 rev.2 - HP OpenView Network Node Manager (OV NNM), Remote Denial of Service (DoS),
security-alert
- Auto Manager admin.cgi Multiple Field XSS,
Bugs NotHugs
- AssetsSoSimple supplier_admin.php Supplier Field XSS,
Bugs NotHugs
- NSA Iraqi Computer Attacks And U.S. Defense,
Gadi Evron
- Opera 10.01 Remote Array Overrun (Arbitrary code execution),
cxib
- SeaMonkey 1.1.8 Remote Array Overrun (Arbitrary code execution),
cxib
- K-Meleon 1.5.3 Remote Array Overrun (Arbitrary code execution),
cxib
- KDE KDELibs 4.3.3 Remote Array Overrun (Arbitrary code execution),
cxib
- Firefox 3.5.3 Remote Array Overrun (UPDATE),
cxib
- PHP "multipart/form-data" denial of service,
Bogdan Calin
- [security bulletin] HPSBMA02478 SSRT090251 rev.1 - HP Operations Manager for Windows, Remote Unauthorized Access,
security-alert
- VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components,
VMware Security Team
- ZDI-09-085: Hewlett-Packard Operations Manager Server Backdoor Account Code Execution Vulnerability,
ZDI Disclosures
- [ MDVSA-2009:301 ] kernel,
security
- [Bkis-13-2009] e107 Multiple Vulnerabilities,
Bkis
- [SECURITY] [DSA 1937-1] New gforge packages fix cross-site scripting,
Steffen Joeris
- Vulnerabilities in plugins for WordPress,
MustLive
- Code to mitigate IE STYLE zero-day,
ds . adv . pub
- [ MDVSA-2009:302 ] php,
security
- [SECURITY] [DSA 1938-1] New php-mail packages fix insufficient input sanitising,
Steffen Joeris
- Millions of PDF invisibly embedded with your internal disk paths,
Inferno
- CORE-2009-0908: Autodesk SoftImage Scene TOC Arbitrary Command Execution,
CORE Security Technologies Advisories
- CORE-2009-0909: Autodesk 3DS Max Application Callbacks Arbitrary Command Execution,
CORE Security Technologies Advisories
- CORE-2009-0910: Autodesk Maya Script Nodes Arbitrary Command Execution,
CORE Security Technologies Advisories
- TYPSoft FTP Server 'APPE' and 'DELE' Commands Remote DoS Vulnerabilities,
leinakesi
- XM Easy Personal FTP Server Remote DoS Vulnerability,
leinakesi
- Executing arbitrary PHP code on OpenX <= 2.8.1,
Moritz Naumann
- New Paper: MitM Attacks against the chipTAN comfort Online Banking System,
RedTeam Pentesting GmbH
- [USN-861-1] libvorbis vulnerabilities,
Marc Deslauriers
- [security bulletin] HPSBMA02417 SSRT090031 rev.2 - HP Data Protector Express and HP Data Protector Express Single Server,
security-alert
- Vulnerabilities in WP-Cumulus for WordPress,
MustLive
- [SECURITY] [DSA 1939-1] New libvorbis packages fix several vulnerabilities,
Giuseppe Iuculano
- rPSA-2009-0154-1 httpd mod_ssl,
rPath Update Announcements
- rPSA-2009-0155-1 httpd mod_ssl,
rPath Update Announcements
- rPSA-2009-0156-1 sun-jdk sun-jre,
rPath Update Announcements
- [ GLSA 200911-03 ] UW IMAP toolkit: Multiple vulnerabilities,
Robert Buchholz
- [resent] [ GLSA 200911-04 ] dstat: Untrusted search path,
Robert Buchholz
- [ GLSA 200911-05 ] Wireshark: Multiple vulnerabilities,
Alex Legler
Mail converted by MHonArc