Mail Thread Index

• Date Index

• [SECURITY] [DSA-2154-1] exim4 security update, Stefan Fritsch
• VirtueMart eCommerce for Joomla <= 1.1.6 Blind SQL Injection, Andrea Fabrizi
• CVE-2010-3854: Apache CouchDB Cross Site Scripting Issue, Jan Lehnardt
• [SECURITY] [DSA-2154-2] exim4 regression fix, Stefan Fritsch
• [SECURITY] [DSA-2156-1] pcscd security update, Steve Kemp
• [HITB-Announce] Reminder: HITB2011AMS - Call for Papers closes on the 18th of Feb, Hafez Kamal
• [SECURITY] [DSA 2155-1] freetype security update, Moritz Muehlenhoff
• [SECURITY] [DSA 2153-1] linux-2.6 security update, dann frazier
• ZDI-11-034: HP OpenView Performance Insight Server Backdoor Account Code Execution Vulnerability, ZDI Disclosures
• HTB22803: Path disclosure in Razor CMS, advisory
• ZDI-11-035: IBM DB2 db2dasrrm validateUser Remote Code Execution Vulnerability, ZDI Disclosures
• [USN-1053-1] Subversion vulnerabilities, Marc Deslauriers
• ZDI-11-036: IBM DB2 db2dasrrm receiveDASMessage Remote Code Execution Vulnerability, ZDI Disclosures
• HTB22799: Path disclosure in Pluck CMS, advisory
• [security bulletin] HPSBMA02627 SSRT090246 rev.1 - HP OpenView Performance Insight Server, Remote Execution of Arbitrary Code, security-alert
• ZDI-11-037: Symantec IM Manager Administrative Interface IMAdminSchedTask.asp Eval Code Injection Remote Code Execution Vulnerability, ZDI Disclosures
• Zikula CMS 1.2.4 <= Cross Site Request Forgery (CSRF) Vulnerability, YGN Ethical Hacker Group
• HTB22804: SQL Injection in Redaxscript, advisory
• HTB22798: Path disclosure in Pluck CMS, advisory
• HTB22805: Path disclosure in Redaxscript, advisory
• Aruba Mobility Controller - multiple advisories: DoS and authentication bypass, Robbie Gill
• TinyWebGallery: XSS + Directory Traversal, Yam Mesicka
  • <Possible follow-ups>
  • Re: TinyWebGallery: XSS + Directory Traversal, tinywebgallery
• [CORE-2010-1001] Cisco WebEx .atp and .wrf Overflow Vulnerabilities, CORE Security Technologies Advisories
• Cisco Security Advisory: Multiple Cisco WebEx Player Vulnerabilities, Cisco Systems Product Security Incident Response Team
• fix for Nvidia CUDA drivers security breach, Massimo Bernaschi
• [USN-1054-1] Linux kernel vulnerabilities, Kees Cook
• [USN-1055-1] OpenJDK vulnerabilities, Steve Beattie
• Cisco Security Advisory: Default Credentials for Root Account on Tandberg E, EX and C Series Endpoints, Cisco Systems Product Security Incident Response Team
• HTB22809: SQL Injection in ReOS, advisory
• HTB22801: Local File Inclusion in Podcast Generator, advisory
• HTB22800: Path disclosure in Podcast Generator, advisory
• HTB22808: Local File Inclusion in ReOS, advisory
• HTB22807: SQL Injection in ReOS, advisory
• HTB22802: XSS in Podcast Generator, advisory
• HTB22810: SQL Injection in ReOS, advisory
• HTB22806: SQL Injection in ReOS, advisory
• Majordomo2 - Directory Traversal (SMTP/HTTP), mike
• WOOT '11 Call for Papers, Michal Zalewski
• [ MDVSA-2011:020 ] pango, security
• ZDI-11-039: BMC PATROL Agent Service Daemon BGS_MULTIPLE_READS Remote Code Execution Vulnerability, ZDI Disclosures
• [USN-1058-1] PostgreSQL vulnerability, Steve Beattie
• [SECURITY] [DSA-2157-1] PostgreSQL security update, Florian Weimer
• (TAD-2011-001) Vulnerability in HTC Peep: Twitter Credentials Disclosure, Raul Siles
• [USN-1057-1] Linux kernel vulnerabilities, Kees Cook
• [SECURITY] CVE-2010-3718 Apache Tomcat Local bypass of security manger file permissions, Mark Thomas
  • <Possible follow-ups>
  • [SECURITY] CVE-2010-3718 Apache Tomcat Local bypass of security manger file permissions, Mark Thomas
• Troopers11 - Security Conference in Germany, mozilla
• Chamilo 1.8.7 / Dokeos 1.8.6 Remote File Disclosure, beford
  • <Possible follow-ups>
  • Re: Chamilo 1.8.7 / Dokeos 1.8.6 Remote File Disclosure, info
• Re: [DSECRG-09-038] Sun Glassfish Woodstock Project - Linked XSS Vulnerability, simpsoed
• [SECURITY] Oracle JVM bug causes denial of service in Apache Tomcat, Mark Thomas
• [SECURITY] CVE-2011-0534 Apache Tomcat DoS vulnerability, Mark Thomas
• [SECURITY] CVE-2011-0013 Apache Tomcat Manager XSS vulnerability, Mark Thomas
• [ MDVSA-2011:021 ] postgresql, security
• ZDI-11-043: Microsoft Excel 2007 Office Drawing Layer Remote Code Execution Vulnerability, ZDI Disclosures
• HTB22811: XSS vulnerability in UMI.CMS, advisory
• HTB22816: XSS vulnerability in ViArt Shop, advisory
• ZDI-11-044: Microsoft PowerPoint 2007 OfficeArt Atom Remote Code Execution Vulnerability, ZDI Disclosures
• ZDI-11-041: Microsoft Office Excel Office Art Object Parsing Remote Code Execution Vulnerability, ZDI Disclosures
• ZDI-11-045: IBM Lotus Domino IMAP/POP3 Non-Printable Character Expansion Remote Code Execution Vulnerability, ZDI Disclosures
• ZDI-11-046: IBM Lotus Domino Calendar Request Attachment Name Parsing Remote Code Execution Vulnerability, ZDI Disclosures
• ZDI-11-040: Microsoft Office Excel 2003 Invalid Object Type Remote Code Execution Vulnerability, ZDI Disclosures
• HTB22814: XSS vulnerability in ViArt Shop, advisory
• HTB22815: XSS vulnerability in ViArt Shop, advisory
• ZDI-11-047: IBM Lotus Domino LDAP Bind Request Remote Code Execution Vulnerability, ZDI Disclosures
• ZDI-11-048: IBM Lotus Domino iCalendar Meeting Request Parsing Remote Code Execution Vulnerability, ZDI Disclosures
• R7-0038: Check Point Endpoint Security Server Information Disclosure, HD Moore
• ZDI-11-049: IBM Lotus Domino SMTP Multiple Filename Arguments Remote Code Execution Vulnerability, ZDI Disclosures
• R7-0039: Accellion File Transfer Appliance Multiple Vulnerabilities, HD Moore
• ZDI-11-050: IBM Informix Dynamic Server SET ENVIRONMENT Remote Code Execution Vulnerability, ZDI Disclosures
• ZDI-11-051: IBM Lotus Notes cai URI Handler Remote Code Execution Vulnerability, ZDI Disclosures
• ZDI-11-052: Lotus Domino Server diiop Client Request Operation Remote Code Execution Vulnerability, ZDI Disclosures
• ZDI-11-053: Lotus Domino Server diiop getEnvironmentString Remote Code Execution Vulnerability, ZDI Disclosures
• HTB22819: XSS vulnerability in WebAsyst Shop-Script, advisory
• ZDI-11-054: Hewlett-Packard Data Protector Client EXEC_CMD omni_chk_ds.sh Remote Code Execution Vulnerability, ZDI Disclosures
• HTB22813: XSS vulnerability in UMI.CMS, advisory
• VMSA-2011-0002 Cisco Nexus 1000V VEM updates address denial of service in VMware ESX/ESXi, VMware Security Team
• HTB22817: XSS vulnerability in WebAsyst Shop-Script, advisory
• ESA-2011-004: EMC Replication Manager remote code execution vulnerability, Security_Alert
• Re: Microsoft Terminal Services vulnerable to MITM-attacks., sam . vaughey
  • Re: Microsoft Terminal Services vulnerable to MITM-attacks., Ansgar Wiechers
    • RE: Microsoft Terminal Services vulnerable to MITM-attacks., Ziots, Edward
  • RE: Microsoft Terminal Services vulnerable to MITM-attacks., Jim Harrison
• ZDI-11-055: Hewlett-Packard Data Protector Client EXEC_CMD Perl Remote Code Execution Vulnerability, ZDI Disclosures
• [ MDVSA-2011:023 ] proftpd, security
• Data Encryption Systems - DESLock+ - Local Kernel Code Execution/Denial of Service, Digit Security Research
• [USN-1059-1] Dovecot vulnerabilities, Marc Deslauriers
• ZDI-11-056: Hewlett-Packard Data Protector Client EXEC_SETUP Remote Code Execution Vulnerability, ZDI Disclosures
• HTB22812: XSRF (CSRF) in UMI.CMS, advisory
• ZDI-11-057: Hewlett-Packard Data Protector Cell Manager Service Authentication Bypass Vulnerability, ZDI Disclosures
• ZDI-11-063: Microsoft Visio 2007 LZW Stream Decompression Exception Vulnerability, ZDI Disclosures
• ZDI-11-058: SCO Openserver IMAP Daemon Long Verb Parsing Remote Code Execution Vulnerability, ZDI Disclosures
• ZDI-11-064: Microsoft Windows WmiTraceMessageVa Local Kernel Vulnerability, ZDI Disclosures
• ZDI-11-059: CA ETrust Secure Content Manager Common Services Transport Remote Code Execution Vulnerability, ZDI Disclosures
• ZDI-11-060: Novell eDirectory Malformed NCP Request Denial of Service Vulnerability, ZDI Disclosures
• ZDI-11-042: Microsoft Office Excel Axis Properties Record Parsing Remote Code Execution Vulnerability, ZDI Disclosures
• ZDI-11-061: EMC Replication Manager Client irccd.exe Remote Code Execution Vulnerability, ZDI Disclosures
• DC4420 - London DEFCON - February meet - Tuesday 22nd February 2011, Major Malfunction
  • Re: DC4420 - London DEFCON - February meet - Tuesday 22nd February 2011, Major Malfunction
• rPSA-2011-0010-1 kernel, rPath Update Announcements
• ZDI-11-062: Multiple Vendor Calendar Manager RPC Service Remote Code Execution Vulnerability, ZDI Disclosures
• [security bulletin] HPSBST02630 SSRT1000385 rev.1 - HP StorageWorks X9000 Network Storage Systems, Remote Unauthenticated Access, security-alert
• HTB22818: Stored XSS vulnerability in WebAsyst Shop-Script, advisory
• [security bulletin] HPSBMA02629 SSRT100381 rev.1 - HP Power Manager (HPPM) Running on Linux and Windows, Cross Site Request Forgery (CSRF), security-alert
• MITKRB5-SA-2011-001 kpropd denial of service [CVE-2010-4022], Tom Yu
• iDefense Security Advisory 02.08.11: Microsoft Windows Picture and Fax Viewer Library, labs-no-reply
• MITKRB5-SA-2011-002 KDC denial of service attacks [CVE-2011-0281 CVE-2011-0282 CVE-2011-0283], Tom Yu
• ZDI-11-066: Adobe Acrobat Reader U3D Texture .iff RLE Decompression Remote Code Execution Vulnerability, ZDI Disclosures
• ZDI-11-065: Adobe Reader Controlled memset Remote Code Execution Vulnerability, ZDI Disclosures
• [ MDVSA-2011:024 ] krb5, security
• ZDI-11-067: Adobe Acrobat Reader U3D Texture rgba RLE Decompression Remote Code Execution Vulnerability, ZDI Disclosures
• CVE-2010-4435 - Multiple Vendor Calendar Manager Remote Code Execution, Rodrigo Rubira Branco (BSDaemon)
• ZDI-11-068: Adobe Acrobat Reader U3D Texture bmp RLE Decompression Remote Code Execution Vulnerability, ZDI Disclosures
• ZDI-11-069: Adobe Acrobat Reader U3D Texture psd RLE Decompression Remote Code Execution Vulnerability, ZDI Disclosures
• ZDI-11-070: Adobe Acrobat Reader U3D Texture .fli RLE Decompression Remote Code Execution Vulnerability, ZDI Disclosures
• ZDI-11-071: Adobe Reader BMP RLE_8 Decompression Remote Code Execution Vulnerability, ZDI Disclosures
• ZDI-11-072: Adobe Reader BMP ColorData Remote Code Execution Vulnerability, ZDI Disclosures
• ZDI-11-073: Adobe Reader ICC Parsing Remote Code Execution Vulnerability, ZDI Disclosures
• ZDI-11-074: Adobe Reader u3d Parent Node Count Remote Code Execution Vulnerability, ZDI Disclosures
• ZDI-11-075: Adobe Acrobat Reader rt3d.dll Multimedia Playing Arbitrary Memory Overwite Remote Code Execution Vulnerability, ZDI Disclosures
• ZDI-11-076: RealNetworks Real Player Predictable Temporary File Remote Code Execution Vulnerability, ZDI Disclosures
• iDefense Security Advisory 02.08.11: Adobe Reader and Acrobat JP2K Invalid Indexing Vulnerability, labs-no-reply
• ZDI-11-077: Adobe Acrobat Reader U3D Texture Parser ILBM Remote Code Execution Vulnerability, ZDI Disclosures
• [HITB-Announce] HITB Magazine Issue 005 Released, Hafez Kamal
• iDefense Security Advisory 02.08.11: Adobe Shockwave Player Memory Corruption Vulnerability, labs-no-reply
• ZDI-11-078: Adobe Shockwave Player FFFFFF88 Record Count Element Remote Code Execution Vulnerability, ZDI Disclosures
• ZDI-11-079: Adobe Shockwave Player 0xFFFFFF45 Record Count Element Remote Code Execution Vulnerability, ZDI Disclosures
• ZDI-11-080: Adobe Shockwave CSWV Chunk Substructure Offset Value Remote Code Execution Vulnerability, ZDI Disclosures
• ZDI-11-081: Adobe Flash Player Point Object Remote Code Execution Vulnerability, ZDI Disclosures
• iDefense Security Advisory 02.08.11: Adobe Flash Player ActionScript Integer Overflow Vulnerability, labs-no-reply
• iDefense Security Advisory 02.08.11: Adobe Flash Player ActionScript Memory Corruption Vulnerability, labs-no-reply
• CGI:IRC XSS issue (CVE-2011-0050), David Leadbeater
• TPTI-11-03: Adobe Shockwave Font Xtra String Decoding Remote Code Execution Vulnerability, ZDI Disclosures
• TPTI-11-04: Adobe Shockwave GIF Logical Screen Descriptor Parsing Remote Code Execution Vulnerability, ZDI Disclosures
• TPTI-11-02: Adobe Shockwave TextXtra Invalid Seek Remote Code Execution Vulnerability, ZDI Disclosures
• TPTI-11-05: Adobe Shockwave PFR1 Font Chunk Parsing Remote Code Execution Vulnerability, ZDI Disclosures
• SourceBans Version 1.4.7 XSS, null
• TPTI-11-01: Adobe Shockwave dirapi.dll IFWV Trusted Offset Remote Code Execution Vulnerability, ZDI Disclosures
• [SECURITY] CVE-2010-3449: Apache Continuum CSRF vulnerability, Brett Porter
• Linksys WAP610N Unauthenticated Root Consle, Matteo Ignaccolo
  • Re: Linksys WAP610N Unauthenticated Root Console, Matteo Ignaccolo
• [SECURITY] [DSA-2158-1] cgiirc security update, Steve Kemp
• [SECURITY] CVE-2011-0533: Apache Continuum cross-site scripting vulnerability, Brett Porter
• [USN-1060-1] Exim vulnerabilities, Marc Deslauriers
• CORE-2011-0103 - ZOHO ManageEngine ADSelfService multiple vulnerabilities, CORE Security Technologies Advisories
• VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX, VMware Security team
• VUPEN Security Research - Adobe Shockwave DIRAPI LCTX Chunck Memory Corruption Vulnerability (APSB11-01), VUPEN Security Research
• HTB22852: SQL Injection in WP Forum Server wordpress plugin, advisory
• [SECURITY] [DSA 2159-1] vlc security update, Moritz Muehlenhoff
• ASPR #2011-02-11-1: Remote Binary Planting in Adobe Reader, ACROS Security Lists
• HTB22851: SQL Injection in WP Forum Server wordpress plugin, advisory
  • <Possible follow-ups>
  • HTB22851: SQL Injection in WP Forum Server wordpress plugin, advisory
• VUPEN Security Research - Microsoft Internet Explorer "mshtml.dll" Dangling Pointer Vulnerability (CVE-2011-0036), VUPEN Security Research
• [SECURITY] [DSA 2160-1] tomcat6 security update, Moritz Muehlenhoff
• HTB22820: SQL Injection in RunCMS, advisory
• [ MDVSA-2011:026 ] phpmyadmin, security
• HTB22821: Path disclosure in RunCMS, advisory
• HTB22822: XSS vulnerability in RunCMS, advisory
• Kunena SQL Injection Vulnerability & Information Leakage, Red Matter
• VUPEN Security Research - Microsoft Windows Shell Graphics BMP "width" Integer Overflow Vulnerability, VUPEN Security Research
• VUPEN Security Research - Microsoft Windows Shell Graphics BMP "height" Integer Overflow Vulnerability, VUPEN Security Research
• ASPR #2011-02-11-2: Remote Binary Planting in Adobe Flash Player, ACROS Security Lists
• VUPEN Security Research - Microsoft Windows Shell Graphics biCompression Buffer Overflow Vulnerability, VUPEN Security Research
• [USN-1061-1] iTALC vulnerability, Kees Cook
• [SECURITY] [DSA 2161-1] OpenJDK security update, Florian Weimer
• [SECURITY] [DSA 2163-1] python-django security update, Nico Golde
• [SECURITY] [DSA 2162-1] openssl security update, Nico Golde
• [ MDVSA-2011:027 ] openoffice.org, security
• [SECURITY] [DSA 2161-2] OpenJDK security update, Florian Weimer
• [USN-1063-1] QEMU vulnerability, Kees Cook
• [USN-1062-1] Kerberos vulnerabilities, Steve Beattie
• HTB22831: XSS vulnerability in Gollos, advisory
• HTB22832: Path disclosure in ArtGK CMS, advisory
• HTB22830: Multiple XSS vulnerabilities in Gollos, advisory
• HTB22833: Information Disclosure in Arctic Fox CMS, advisory
• HTB22826: Multiple XSS vulnerabilities in Wikipad, advisory
• HTB22828: Multiple XSS vulnerabilities in Photopad, advisory
• HTB22824: SQL Injection in Seo Panel, advisory
• HTB22823: SQL Injection in Seo Panel, advisory
• [ MDVSA-2011:028 ] openssl, security
• HTB22829: Path disclosure in Xaraya, advisory
• HTB22827: File Content Disclosure in Wikipad, advisory
• HTB22825: SQL Injection in Seo Panel, advisory
• Tembria Server Monitor Weak Cryptographic Password Storage Vulnerability, robkraus
• Tembria Server Monitor Multiple Cross-site Scripting (XSS) Vulnerabilities, robkraus
• ZDI-11-082: Oracle Java Runtime NTLM Authentication Information Leakage Vulnerability, ZDI Disclosures
• [SECURITY] CVE-2011-0533: Apache Archiva cross-site scripting vulnerability, Brett Porter
• ZDI-11-085: Oracle Java XGetSamplePtrFromSnd Remote Code Execution Vulnerability, ZDI Disclosures
• ZDI-11-084: Oracle Java Unsigned Applet Applet2ClassLoader Remote Code Execution Vulnerability, ZDI Disclosures
• Gain Windows Domain Admin Privileges - Online Challenge, Ivan Buetler
• [USN-1065-1] shadow vulnerability, Kees Cook
• [SECURITY] [DSA 2165-1] ffmpeg-debian security update, Luciano Bello
• [USN-1064-1] OpenSSL vulnerability, Steve Beattie
• ZDI-11-083: Oracle Java Applet Clipboard Injection Remote Code Execution Vulnerability, ZDI Disclosures
• [SECURITY] [DSA 2164-1] shadow security update, Nico Golde
• [SECURITY] [DSA 2166-1] chromium-browser security update, Giuseppe Iuculano
• ZDI-11-086: Oracle Java Webstart Trusted JNLP Extension Remote Code Execution Vulnerability, ZDI Disclosures
• Cisco Security Advisory: Management Center for Cisco Security Agent Remote Code Execution Vulnerability, Cisco Systems Product Security Incident Response Team
• [SECURITY] [DSA 2167-1] phpmyadmin security update, Thijs Kinkhorst
• [SECURITY] [DSA 2168-1] openafs security update, Moritz Muehlenhoff
• [SECURITY] [DSA 2169-1] telepathy-gabble security update, Nico Golde
• PHP 5.3.5 grapheme_extract() NULL Pointer Dereference, cxib
  • Re: PHP 5.3.5 grapheme_extract() NULL Pointer Dereference, Marcin Orlowski
• ZDI-11-087: Novell iPrint LPD Remote Code Execution Vulnerability, ZDI Disclosures
• ZDI-11-088: Cisco Security Agent Management st_upload Remote Code Execution Vulnerability, ZDI Disclosures
• HTB22836: Path disclosure in Coppermine, advisory
• HTB22835: DoS (Denial of Service) Risk in FlatnuX, advisory
• HTB22834: Path disclosure in FlatnuX, advisory
• [USN-1066-1] Django vulnerabilities, Jamie Strandboge
• [USN-1067-1] Telepathy Gabble vulnerability, Jamie Strandboge
• [ MDVSA-2011:029 ] kernel, security
• www.eVuln.com : "wsnuser" Cookie SQL Injection vulnerability in WSN Guest, bt
• ZDI-11-089: Novell ZenWorks TFTPD Remote Code Execution Vulnerability, ZDI Disclosures
• Privacy, Security, Trust (PST 2011) - Call for Papers, Serguei A. Mokhov on behalf of PST-11
• [ MDVSA-2011:031 ] python-django, security
• [SECURITY] [DSA 2170-1] mailman security update, Thijs Kinkhorst
• [ MDVSA-2011:032 ] eclipse, security
• www.eVuln.com : "time" SQL Injection vulnerability in WSN Guest, bt
• Domino Sametime Multiple Reflected Cross-Site Scripting, david . daly
  • <Possible follow-ups>
  • Re: Domino Sametime Multiple Reflected Cross-Site Scripting, barkley
• [security bulletin] HPSBUX02628 SSRT090183 rev.1 - HP-UX Running CDE Calendar Manager, Remote Execution of Arbitrary Code, security-alert
• [ MDVSA-2011:033 ] awstats, security
• [ MDVSA-2011:030 ] tomcat5, security
• [SECURITY] [DSA 2171-1] asterisk security update, Moritz Muehlenhoff
• [ MDVSA-2011:034 ] banshee, security
• HTB22842: Path disclosure in Comment Rating wordpress plugin, advisory
• HTB22843: Path disclosure in GD Star Rating wordpress plugin, advisory
• AST-2011-002: Multiple array overflow and crash vulnerabilities in UDPTL code, Asterisk Security Team
• HTB22845: SQL Injection in cdnvote wordpress plugin, advisory
• HTB22844: XSS in GD Star Rating wordpress plugin, advisory
• [ MDVSA-2011:035 ] tomboy, security
• HTB22841: SQL Injection in Comment Rating wordpress plugin, advisory
• HTB22840: Path disclosure in Starbox Voting wordpress plugin, advisory
• [USN-1068-1] Aptdaemon vulnerability, Marc Deslauriers
• HTB22838: Path disclosure in Vote It Up wordpress plugin, advisory
• HTB22839: SQL Injection in Z-Vote wordpress plugin, advisory
• Vanilla Forums 2.0.17.1 ~ 2.0.17.5 <= Cross Site Scripting Vulnerability, YGN Ethical Hacker Group
• [USN-1069-1] Mailman vulnerabilities, Marc Deslauriers
• [SECURITY] [DSA 2172-1] moodle security update, Moritz Muehlenhoff
• [PRE-SA-2011-01] Multiple Linux kernel vulnerabilities in partition handling code of LDM and MAC partition tables, Timo Warns
• Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances, Cisco Systems Product Security Incident Response Team
• Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Endpoint Devices, Cisco Systems Product Security Incident Response Team
• Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Recording Server, Cisco Systems Product Security Incident Response Team
• Cisco Security Advisory: Cisco Firewall Services Module Skinny Client Control Protocol Inspection Denial of Service Vulnerability, Cisco Systems Product Security Incident Response Team
• Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Multipoint Switch, Cisco Systems Product Security Incident Response Team
• [ MDVSA-2011:036 ] mailman, security
• Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Manager, Cisco Systems Product Security Incident Response Team
• [USN-1070-1] Bind vulnerability, Marc Deslauriers
• ZDI-11-090: Novell Netware RPC XNFS xdrDecodeString Remote Code Execution Vulnerability, ZDI Disclosures
• WordPress Uploadify Plugin 1.0 Remote File Upload, Leonardo Rota Botelho
• ZDI-11-091: (0day) Cisco Secure Desktop CSDWebInstaller Remote Code Execution Vulnerability, ZDI Disclosures
• ZDI-11-093: CA Internet Security Suite HIPS XML Security Database Parser Class Remote Code Execution Vulnerability, ZDI Disclosures
• ZDI-11-092: (0day) Cisco Secure Desktop CSDWebInstaller ActiveX Control Cleaner.cab Remote Code Execution Vulnerability, ZDI Disclosures
• HTB22846: SQL Injection in IWantOneButton wordpress plugin, advisory
• HTB22847: XSS in IWantOneButton wordpress plugin, advisory
• HTB22850: SQL Injection in WP Forum Server wordpress plugin, advisory
• [ MDVSA-2011:037 ] avahi, security
• CA20110223-01: Security Notice for CA Host-Based Intrusion Prevention System, Williams, James K
• Linksys Cisco Wag120N CSRF Vulnerability, irancrash
  • <Possible follow-ups>
  • Re: Linksys Cisco Wag120N CSRF Vulnerability, tadeu1
• prestashop vuln: sql injection submitted to bugtraq@xxxxxxxxxxxxxxxxx, Antonio S.M
• [BMSA-2011-01] Insecure secure cookie in web.go, Nam Nguyen
• DoS Condition with Altigen VoIP Phone Systems, Patrick Kelley
• [USN-1071-1] Linux kernel vulnerabilities, Marc Deslauriers