Mail Index
- [USN-1072-1] Linux vulnerabilities
- [USN-1073-1] Linux kernel vulnerabilities
- [USN-1074-1] Linux kernel vulnerabilities
- [SECURITY] [DSA 2173-1] pam-pgsql security update
- [SECURITY] [DSA 2174-1] avahi security update
- Imageview v6.0 Remote [and] Local Directory Traversal Vulnerability
- CONFidence 2011- CfP only 6 days left, we are still waiting for your submission
- [security bulletin] HPSBPI02635 SSRT100391 rev.1 - HP Web Jetadmin Running on Windows, Local Unauthorized Access to Managed Resources
- Re: prestashop vuln: sql injection submitted to bugtraq@xxxxxxxxxxxxxxxxx
- FreeBSD crontab information leakage
- [ MDVSA-2011:038 ] samba
- [USN-1075-1] Samba vulnerability
- [USN-1076-1] ClamAV vulnerability
- [USN-1077-1] FUSE vulnerabilities
- [USN-1074-2] Linux kernel vulnerabilities
- weechat does not properly use gnutls and allow an attacker to bypass certificate verification
- [SECURITY] [DSA 2175-1] samba security update
- ZDI-11-094: (0 day) Hewlett-Packard StorageWorks File Migration Agent Remote Archive Tampering Vulnerability
- [security bulletin] HPSBUX02633 SSRT100387 rev.1 - HP-UX running Java, Remote Denial of Service (DoS)
- vsftpd 2.3.2 remote denial-of-service
- [USN-1078-1] Logwatch vulnerability
- SnapProof (cart.php) Cross Site Scripting
- Re: prestashop vuln: sql injection submitted to bugtraq@xxxxxxxxxxxxxxxxx
- [USN-1079-1] OpenJDK 6 vulnerabilities
- Re: Re: prestashop vuln: sql injection submitted to bugtraq () securityfocus com
- HTB22862: Path disclosure in NextGEN Gallery wordpress plugin
- HTB22861: XSS in Question and Answer Forum wordpress plugin
- HTB22860: SQL Injection in WP Forum wordpress plugin
- HTB22859: SQL Injection in WP Forum wordpress plugin
- HTB22858: SQL Injection in WP Forum wordpress plugin
- HTB22849: Path disclosure in Mingle Forum wordpress plugin
- HTB22848: XSS in Mingle Forum wordpress plugin
- DDIVRT-2010-30 Alcatel-Lucent OmniVista 4760 NMS 'lang' Directory Traversal Vulnerability [ CVE-2011-0345 ]
- [SECURITY] [DSA 2163-2] dajaxice regression fix
- [USN-1081-1] Linux kernel vulnerabilities
- [SECURITY] [DSA 2176-1] cups security update
- [USN-1080-1] Linux kernel vulnerabilities
- [ MDVSA-2011:039 ] webkit
- [USN-1082-1] Pango vulnerabilities
- VidiScript (index.php) Cross Site Scripting
- PhotoPost PHP 4.8c (showgallery.php) Cross Site Scripting
- CubeCart 2.0.6 SQL injection / Cross Site Scripting
- Prestashop Cartium 1.3.3 Multiple Cross Site Scripting (XSS)
- [SECURITY] [DSA 2177-1] pywebdav security update
- ZDI-11-103: Mozilla Firefox JSON.stringify Dangling Pointer Remote Code Execution Vulnerability
- [SECURITY] [DSA 2178-1] pango1.0 security update
- [USN-1083-1] Linux kernel vulnerabilities
- [SECURITY] [DSA 2179-1] dtc security update
- iDefense Security Advisory 03.01.11: Alcatel-Lucent OmniPCX Enterprise CS CGI Cookie Buffer Overflow Vulnerability
- ZDI-11-102: PostgreSQL Plus Advanced Server DBA Management Server Remote Authentication Bypass Vulnerability
- [security bulletin] HPSBUX02638 SSRT100339 rev.1 - HP-UX Running OpenSSL, Remote Execution of Arbitrary Code, Denial of Service (DoS), Authentication Bypass
- ZDI-11-095: Apple Webkit Error Message Mutation Remote Code Execution Vulnerability
- ZDI-11-096: Apple Safari WebKit Range Object Remote Code Execution Vulnerability
- ZDI-11-097: Apple Webkit setOuterText Memory Corruption Remote Code Execution Vulnerability
- ZDI-11-098: Apple Safari Webkit Runin Box Promotion Remote Code Execution Vulnerability
- ZDI-11-099: Apple Webkit Font Glyph Layout Remote Code Execution Vulnerability
- [USN-1080-2] Linux kernel vulnerabilities
- ZDI-11-100: Apple Webkit Root HTMLBRElement Style Remote Code Execution Vulnerability
- ZDI-11-101: Apple iPhone Webkit Library Javascript Array sort Method Remote Code Execution Vulnerability
- iDefense Security Advisory 03.02.11: Apple CoreGraphics Library Heap Memory Corruption Vulnerability
- [USN-1050-1] Thunderbird vulnerabilities
- Re: Prestashop Cartium 1.3.3 Multiple Cross Site Scripting (XSS)
- HTB22863: XSS vulnerability in xtcModified
- HTB22857: Path disclosure in Tribiq CMS
- HTB22866: XSS vulnerability in xtcModified
- HTB22855: XSRF (CSRF) in Pragyan CMS
- HTB22856: XSS vulnerability in Pragyan CMS
- HTB22853: XSS vulnerability in Pragyan CMS
- HTB22865: XSS vulnerability in xtcModified
- HTB22837: Path disclosure in PrestaShop
- [ MDVSA-2011:040 ] pango
- [security bulletin] HPSBPI02640 SSRT100410 rev.1 - HP MFP Digital Sending Software Running on Windows, Authentication Bypass
- [DCA-2011-0001] TP-LINK TL-WR740N Multiple Vulnerabilities - Stored XSS - Web Console and Upnp server DoS
- From: Ewerson Guimarães (Crash) - Dclabs
- [DCA-2011-0002]: TOTVS ERP Microsiga Protheus - Users Enumeration
- From: Flavio do Carmo Junior aka waKKu
- [DCA-2011-0003]: LMS Web Ensino - Multiple XSS, Session Fixation, CSRF and SQL Injection
- From: Flavio do Carmo Junior aka waKKu
- Mutare Software EVM - CSRF and XSS Vulnerabilities
- [SECURITY] [DSA 2182-1] logwatch security update
- [DCA-2011-0006] Hiawatha 7.4 - Denial-of-Service
- [ MDVSA-2011:041 ] firefox
- XSS in CubeCart <= 2.0.7
- [SECURITY] [DSA 2183-1] nbd security update
- [SECURITY] [DSA 2184-1] isc-dhcp security update
- 'Quick Polls' Local File Inclusion & Deletion Vulnerabilities (CVE-2011-1099)
- [DCA-2011-0009] Weborf 0.12.4 Denial-of-Service
- RECON 2011 CFP
- Kodak InSite Login Page Cross-Site Scripting
- InSite Troubleshooting Cross-Site Scripting
- [USN-1085-1] tiff vulnerabilities
- [USN-1084-1] avahi vulnerability
- [TEHTRI-Security] Security and iPhone iOS 4.3 Personal Hotspot feature
- From: Laurent OUDOT at TEHTRI-Security
- [ MDVSA-2011:042 ] mozilla-thunderbird
- Plaintext injection in STARTTLS (multiple implementations)
- HTB22872: Path disclosure in Cool Video Gallery wordpress plugin
- HTB22873: XSS in Inline Gallery wordpress plugin
- HTB22871: File Content Disclosure in GRAND Flash Album Gallery wordpress plugin
- HTB22870: SQL Injection in GRAND Flash Album Gallery wordpress plugin
- [ MDVSA-2011:043 ] libtiff
- HTB22869: SQL Injection in 1 Flash Gallery wordpress plugin
- [HITB-Announce] HITB Magazine Call for Articles
- HTB22868: XSS in 1 Flash Gallery wordpress plugin
- VMSA-2011-0004 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm.
- From: VMware Security Team
- HTB22867: XSS in PhotoSmash wordpress plugin
- Cross-Site Scripting vulnerabilities in Icinga
- [security bulletin] HPSBUX02641 SSRT100412 rev.1 - HP OpenView Network Node Manager (OV NNM) for HP-UX, Linux, Solaris, and Windows running Java, Remote Denial of Service (DoS)
- AthCon 2011 Announcement
- NSOADV-2011-003: Majordomo2 'help' Command Directory Traversal (Patch Bypass)
- [ MDVSA-2011:044 ] wireshark
- [USN-1086-1] Linux kernel (EC2) vulnerabilities
- [SECURITY] [DSA 2185-1] proftpd-dfsg security update
- RecordPress Multiple Vulnerabilities
- HTB22880: XSS vulnerability in CosmoShop
- HTB22875: XSS in Lazyest Gallery wordpress plugin
- HTB22878: XSS vulnerability in CosmoShop
- [DCA-2011-0007] Air Contacts Lite (iPhone / iPod App Denial Of Service)
- HTB22874: Path disclosure in Lazyest Gallery wordpress plugin
- HTB22879: Multiple XSS vulnerabilities in CosmoShop
- [SECURITY] [DSA 2186-1] iceweasel security update
- [SECURITY] [DSA 2187-1] icedove security update
- Cross-Site Scripting vulnerability in Nagios
- [SECURITY] [DSA 2188-1] webkit security update
- Call for Papers: Passwords^11
- HTB22881: SQL injection vulnerability in CosmoShop
- [security bulletin] HPSBMA02629 SSRT100381 rev.3 - HP Power Manager (HPPM) Running on Linux and Windows, Cross Site Request Forgery (CSRF), Cross Site Scripting (XSS)
- Re: HTB22875: XSS in Lazyest Gallery wordpress plugin
- Re: Cross-Site Scripting vulnerability in Nagios
- Medium severity flaw in QNX Neutrino RTOS
- Re: HTB22874: Path disclosure in Lazyest Gallery wordpress plugin
- Swiss Cyber Storm 3 2011 Announcement
- [SECURITY] [DSA 2190-1] wordpress security update
- DC4420 - London DEFCON - March meet - Tuesday 22nd March 2011
- VUPEN Security Research - Apple Safari WebKit Iframe Event Handling Remote Use-after-free
- From: VUPEN Security Research
- VUPEN Security Research - Apple Safari WebKit Scroll Event Handling Remote Use-after-free
- From: VUPEN Security Research
- VUPEN Security Research - Apple Safari WebKit Block Dimensions Handling Integer Overflow
- From: VUPEN Security Research
- Privacy, Security, Trust (PST 2011) - 2nd Call for Papers (Deadline: March 20)
- From: Serguei A. Mokhov on behalf of PST-11
- Checkpoint VPN - Priviledge Escalation
- Joomla! 1.6.0 | Cross Site Scripting (XSS) Vulnerability
- From: YGN Ethical Hacker Group
- bbPress 1.0.2 <= Cross Site Scripting Vulnerability
- From: YGN Ethical Hacker Group
- Joomla! 1.6.0 | SQL Injection Vulnerability
- From: YGN Ethical Hacker Group
- BoutikOne Multiples SQL Injection Vulnerability
- ClubHACK Magazine: Call for Articles
- [DSECRG-11-009] SAP NetWaver XI SOAP Adapter - XSS
- [USN-1087-1] libvpx vulnerability
- [SECURITY] [DSA 2191-1] proftpd security update
- [security bulletin] HPSBMA02644 SSRT100284 rev.1 - HP Client Automation Enterprise (HPCA) Running on Windows, Remote Execution of Arbitrary Code
- [DCA-2011-0004] - Trend WebReputation API Bypass
- From: Ewerson Guimarães (Crash) - Dclabs
- [DSECRG-11-010] SAP NetWeaver logon.html - XSS
- [USN-1085-2] tiff regression
- [USN-1079-2] OpenJDK 6 vulnerabilities
- [SECURITY] CVE-2011-1088 Apache Tomcat security constraint bypass
- HTB22888: File Content Disclosure in LotusCMS
- VMSA-2011-0005 VMware vCenter Orchestrator remote code execution vulnerability
- From: VMware Security Team
- HTB22883: XSS vulnerability in LotusCMS
- HTB22882: Path disclosure in OXID eShop
- HTB22884: XSS vulnerability in LotusCMS
- HTB22877: Path disclosure in xt:Commerce
- HTB22885: XSS vulnerability in LotusCMS
- HTB22886: XSRF (CSRF) in LotusCMS
- HTB22887: XSS vulnerability in LotusCMS
- ESA-2011-007: EMC Avamar sensitive information disclosure vulnerability
- ESA-2011-009: RSA, The Security Division of EMC, announces a fix for potential security vulnerability in RSA Access Manager Server
- ESA-2011-006: EMC Avamar privilege escalation vulnerability
- [RT-SA-2011-002] SugarCRM list privilege restriction bypass
- From: RedTeam Pentesting GmbH
- [SECURITY] [DSA 2192-1] chromium-browser security update
- [RT-SA-2011-001] nostromo nhttpd directory traversal leading to arbitrary command execution
- From: RedTeam Pentesting GmbH
- MITKRB5-SA-2011-003 [CVE-2011-0284] KDC double-free when PKINIT enabled
- [USN-1088-1] Kerberos vulnerability
- [DSECRG-11-013] SAP NetWeaver Runtime - multiple XSS
- [DSECRG-11-012] SAP NetWeaver Integration Directory - multiple XSS
- [DSECRG-11-011] SAP Crystal Reports 2008 - Multiple XSS
- [DSECRG-11-014] SAP GUI (sapgui) - DLL hijacking
- [ MDVSA-2011:045 ] postfix
- [SECURITY] [DSA 2193-1] libcgroup security update
- HTB22894: XSS in Sodahead Polls wordpress plugin
- HTB22893: XSS in Sodahead Polls wordpress plugin
- HTB22892: Path disclosure in Smen Social Button wordpress plugin
- HTB22891: XSS in Rating-Widget wordpress plugin
- HTB22890: XSS in Rating-Widget wordpress plugin
- HTB22889: XSS in Rating-Widget wordpress plugin
- [Announcement] ClubHACK Magazine Issue 14-March 2011 released
- [PRE-SA-2011-02] Information disclosure vulnerability in the OSF partition handling code of the Linux kernel
- AST-2011-003:
- From: Asterisk Security Team
- AST-2011-004:
- From: Asterisk Security Team
- Deferral Announcement for the March 2011 Cisco IOS Software Security Advisories
- From: Cisco Systems Product Security Incident Response Team
- [ MDVSA-2011:046 ] pure-ftpd
- [TEHTRI-Security] Quick BlackBerry Security Check
- From: Laurent OUDOT at TEHTRI-Security
- [USN-1079-3] OpenJDK 6 vulnerabilities
- [SECURITY] [DSA 2194-1] libvirt security update
- [ MDVSA-2011:047 ] proftpd
- OWASP AppSec USA 2011 Call for Papers
- XOOPS 2.5.0 <= Cross Site Scripting Vulnerability
- From: YGN Ethical Hacker Group
- [ MDVSA-2011:048 ] krb5
- libzip 0.9.3 _zip_name_locate NULL Pointer Dereference (incl PHP 5.3.5)
- [SECURITY] [DSA 2186-2] vimperator regression fix
- [USN-1090-1] Linux kernel vulnerabilities
- Tugux CMS (nid) BLIND sql injection vulnerability
- Buffer overflow in libtiff in Imagemagick
- XSS vulnerability in Web Poll Pro
- [SECURITY] [DSA 2195-1] php5 security update
- Re: HTB22884: XSS vulnerability in LotusCMS
- Privacy, Security, Trust (PST 2011) - Call for Papers (EXTENDED Deadline: April 3, 2011)
- From: Serguei A. Mokhov on behalf of PST-11
- Vulnerabilities in some SCADA server softwares
- ZDI-11-105: Hewlett-Packard Client Automation radexecd.exe Remote Code Execution Vulnerability
- Heap overflow in RealPlayer 14.0.1.633
- ZDI-11-106: Novell Netware NWFTPD.NLM DELE Remote Code Execution Vulnerability
- [ MDVSA-2011:051 ] kernel
- Douran Portal File Download/Source Code Disclosure Vulnerability
- [USN-1089-1] Linux kernel vulnerabilities
- [SECURITY] [DSA 2196-1] maradns security update
- [ MDVSA-2011:049 ] vsftpd
- [ MDVSA-2011:050 ] pidgin
- Re: Vulnerabilities in some SCADA server softwares
- Re: Vulnerabilities in some SCADA server softwares
- [SECURITY] [DSA 2197-1] quagga security update
- NGS00057 Patch Notification: Apple Mac OS X ImageIO Integer Overflow
- ZDI-11-107: Libtiff ThunderCode Decoder THUNDER_2BITDELTAS Remote Code Execution Vulnerability
- iDefense Security Advisory 03.21.11: Apple OfficeImport Framework Excel Memory Corruption Vulnerability
- NGS00014 Technical Advisory: Cisco IPSec VPN Implementation Group Name Enumeration
- CMS Balitbang 3.3 Arbitary File Upload Vulnerability
- NGS00016 Technical Advisory: Immunity Debugger Buffer Overflow
- NGS00052 Patch Notification: Apple Mac OS X Image RAW Multiple Buffer Overflows
- NSOADV-2011-001: Symantec LiveUpdate Administrator CSRF vulnerability
- ZDI-11-108: Mac OS X Compact Font Format Decoder Remote Code Execution Vulnerability
- ZDI-11-109: (Pwn2Own) Apple Safari OfficeArtBlip Parsing Remote Code Execution Vulnerability
- Apple HFS+ Information Disclosure Vulnerability
- [security bulletin] HPSBMA02647 SSRT100383 rev.1 - HP Discovery & Dependency Mapping Inventory (DDMI) Running on Windows, Insecure SNMP Configuration
- Re: Vulnerabilities in some SCADA server softwares
- SCADA Trojans: Attacking the Grid + Advantech vulnerabilities
- [SECURITY] [DSA 2198-1] tex-common security update
- ZDI-11-110: (0day) IBM Lotus Domino Server Controller Authentication Bypass Remote Code Execution Vulnerability
- XSS in Oracle default fcgi-bin/echo
- Joomla! 1.6.0 | Information Disclosure/Full Path Disclosure Vulnerability
- From: YGN Ethical Hacker Group
- RE: Vulnerabilities in some SCADA server softwares
- PHP-Nuke 8.x <= Cross Site Request Forgery (CSRF) / Anti-CSRF Bypass Vulnerability
- From: YGN Ethical Hacker Group
- Re: Vulnerabilities in some SCADA server softwares
- ZDI-11-112: (0 day) Hewlett-Packard Data Protector Media Operations DBServer.exe Remote Code Execution Vulnerability
- Re: Vulnerabilities in some SCADA server softwares
- Re: Buffer overflow in libtiff in Imagemagick
- From: Vladimir '3APA3A' Dubrovin
- RE: Vulnerabilities in some SCADA server softwares
- Re: Vulnerabilities in some SCADA server softwares
- PHP-Nuke 8.x <= Cross Site Scripting Vulnerability
- From: YGN Ethical Hacker Group
- [ MDVSA-2011:052 ] php
- [ MDVSA-2011:053 ] php
- PHP-Nuke 8.x <= "chng_uid" Blind SQL Injection Vulnerability
- From: YGN Ethical Hacker Group
- Re: Vulnerabilities in some SCADA server softwares
- Re: Vulnerabilities in some SCADA server softwares
- ZDI-11-111: (0Day) Hewlett-Packard Virtual SAN Appliance hydra.exe Login Request Remote Code Execution Vulnerability
- Re: Vulnerabilities in some SCADA server softwares
- Re: Vulnerabilities in some SCADA server softwares
- Re: Vulnerabilities in some SCADA server softwares
- Re: Vulnerabilities in some SCADA server softwares
- Re: Vulnerabilities in some SCADA server softwares
- CORE-2011-0208: VLC Vulnerabilities handling .AMV and .NSV files
- From: CORE Security Technologies Advisories
- [SECURITY] [DSA 2199-1] iceape security update
- [SECURITY] [DSA 2200-1] iceweasel security update
- HTB22900: Multiple XSS vulnerabilities in SyndeoCMS
- [SECURITY] [DSA 2201-1] wireshark security update
- [SECURITY] [DSA 2202-1] apache2 security update
- HTB22895: XSS vulnerability in Ripe website manager
- HTB22902: XSS in SyndeoCMS
- HTB22898: XSRF (CSRF) in Ripe website manager
- Re: Vulnerabilities in some SCADA server softwares
- HTB22897: SQL injection vulnerability in Ripe website manager
- Re: Vulnerabilities in some SCADA server softwares
- Re: Vulnerabilities in some SCADA server softwares
- Re: Vulnerabilities in some SCADA server softwares
- HTB22899: Path disclosure in SyndeoCMS
- Re: Vulnerabilities in some SCADA server softwares
- HTB22896: SQL injection vulnerability in Ripe website manager
- HTB22901: SQL injection in SyndeoCMS
- Re: Vulnerabilities in some SCADA server softwares
- Re: Vulnerabilities in some SCADA server softwares
- Re: Vulnerabilities in some SCADA server softwares
- ESA-2011-010: EMC Data Protection Advisor Collector arbitrary code execution with elevated privileges vulnerability
- NGS00051 Patch Notification: Cisco VPN Client Privilege Escalation
- Parallels Plesk 7.0 - 8.2 | Open URL Redirection Vulnerability
- From: YGN Ethical Hacker Group
- Re: Vulnerabilities in some SCADA server softwares
- [USN-1091-1] Firefox and Xulrunner vulnerabilities
- [USN-1093-1] Linux Kernel vulnerabilities (Marvell Dove)
- [SECURITY] [DSA 2203-1] nss security update
- [SECURITY] [DSA 2204-1] imp4 security update
- [security bulletin] HPSBMA02649 SSRT100430 rev.1 - HP Diagnostics, Remote Cross Site Scripting (XSS)
- SimplisCMS 1.0.3.0 Remote File Disclosure Vulnerability
- TSSA-2011-01 xpdf : multiple vulnerabilities allow remote code execution
- From: Advisories Toucan-System
- [USN-1092-1] Linux Kernel vulnerabilities
- Wordpress plugin BackWPup Remote and Local Code Execution Vulnerability - SOS-11-003
- SimplisCMS 1.0.3.0 SQL injection / Cross Site Scripting
- [AntiSnatchOr] OpenCMS <= 7.5.3 multiple vulnerabilities
- [ MDVSA-2011:054 ] java-1.6.0-openjdk
- Unidesk ReportingService Forceful Browsing Vulnerability
- ZDI-11-113: Zend Server Java Bridge Design Flaw Remote Code Execution Vulnerability
- "Simple PHP Newsletter" Remote Admin Password Change With install path
- "Simple PHP Newsletter" Remote Admin Password Change With install path
- HTB22905: Path disclosure in Wordpress
- [SECURITY] [DSA 2205-1] gdm3 security update
- "WESPA PHP Newsletter v3.0" Remote Admin Password Change With install path
- HTB22904: Path disclosure in bbPress
- XSS Vulnerability in Tracks 1.7.2
- From: Netsparker Advisories
- "WESPA PHP Newsletter v3.0" Remote Admin Password Change With install path
- Solaris 10 Port Stealing Vulnerability
- HTB22903: XSS in Spitfire CMS
- [SECURITY] [DSA 2206-1] New mahara packages fix several vulnerabilities
- VMSA-2011-0006 VMware vmrun utility local privilege escalation
- From: VMware Security Team
- [USN-1098-1] vsftpd vulnerability
- DataDynamics Report Library CoreHandler XSS
- [USN-1097-1] Tomcat vulnerabilities
- [ MDVSA-2011:055 ] openldap
- [USN-1096-1] Subversion vulnerability
- Re: "Simple PHP Newsletter" Remote Admin Password Change With install path
- [USN-1094-1] Libvirt vulnerability
- [SECURITY] [DSA 2207-1] tomcat5.5 security update
- [USN-1095-1] Quagga vulnerabilities
- Re: HTB22905: Path disclosure in Wordpress
- From: Christian Sciberras
- ESA-2011-012: Security update for EMC NetWorker Module for Microsoft Applications
- Cisco Security Advisory: Cisco Secure Access Control System Unauthorized Password Change Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco Network Access Control Guest Server System Software Authentication Bypass Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- [ MDVSA-2011:056 ] openldap
- Re: HTB22905: Path disclosure in Wordpress
- Re: HTB22905: Path disclosure in Wordpress
- [SECURITY] [DSA 2208-1] bind9 security update
Mail converted by MHonArc