Mail Thread Index
- [SECURITY] [DSA 2579-1] apache2 security update,
Stefan Fritsch
- SilverStripe CMS - Multiple Vulnerabilities - Security Advisory - SOS-12-011,
Lists
- NGS000193 Technical Advisory: DataArmor Full Disk Encryption Restricted Environment breakout,
NCC Group Research
- NGS000107 Technical Advisory: Oracle Gridengine sgepasswd Buffer Overflow,
NCC Group Research
- NGS000196 Technical Advisory: Nagios XI Network Monitor OS Command Injection,
NCC Group Research
- NGS000194 Technical Advisory: Nagios XI Network Monitor Blind SQL Injection,
NCC Group Research
- NGS000330 Technical Advisory: Squiz CMS File Path Traversal,
NCC Group Research
- NGS000241 Technical Advisory: SysAid Helpdesk Pro Blind SQL Injection,
NCC Group Research
- NGS000267 Technical Advisory: Symantec Messaging Gateway SSH with backdoor user account plus privilege escalation to root due to very old Kernel,
NCC Group Research
- NGS000266 Technical Advisory: Symantec Messaging Gateway Arbitrary file download is possible with a crafted URL,
NCC Group Research
- NGS000268 Technical Advisory: Symantec Messaging Gateway - Out-of-band stored-XSS delivered by email,
NCC Group Research
- NGS000263 Technical Advisory: Symantec Messaging Gateway Easy CSRF to add a backdoor-administrator,
NCC Group Research
- [SECURITY] [DSA 2577-1] libssh security update,
Yves-Alexis Perez
- ESA-2012-052 RSA NetWitness Informer Cross-Site Request Forgery and Click-jacking Vulnerabilities,
Security Alert
- Low severity flaw in RIM BlackBerry PlayBook OS browser,
Tim Brown
- FortiGate FortiDB 2kB 1kC & 400B - Cross Site Vulnerability,
Vulnerability Lab
- FortiWeb 4kC,3kC,1kC & VA - Cross Site Vulnerabilities,
Vulnerability Lab
- IBM System Director Remote System Level Exploit (CVE-2009-0880 extended zeroday),
king cope
- MySQL (Linux) Stack based buffer overrun PoC Zeroday,
king cope
- MySQL (Linux) Heap Based Overrun PoC Zeroday,
king cope
- MySQL (Linux) Database Privilege Elevation Zeroday Exploit,
king cope
- MySQL Denial of Service Zeroday PoC,
king cope
- MySQL Remote Preauth User Enumeration Zeroday,
king cope
- Re: [Full-disclosure] MySQL 5.1/5.5 WiNDOWS REMOTE R00T (mysqljackpot),
Kurt Seifried
- [SECURITY] [DSA 2580-1] libxml security update,
Moritz Muehlenhoff
- [ MDVSA-2012:176 ] libxml2,
security
- tinymcpuk xss vulnerability,
admin
- SEC Consult SA-20121203-0 :: F5 FirePass SSL VPN Unauthenticated local file inclusion,
SEC Consult Vulnerability Lab
- Re: phpGiftReq SQL Injection,
generalpf
- [SECURITY] [DSA 2581-1] mysql-5.1 security update,
Yves-Alexis Perez
- DC4420 - London DEFCON - Christmas 2012 meet! Tuesday 11th December 2012,
Major Malfunction
- MySQL Local/Remote FAST Account Password Cracking,
king cope
- Privilege Escalation through Binary Planting in Panda Internet Security,
by_argos
- Centrify Deployment Manager v2.1.0.283,
larry0
- FreeFTPD Remote Authentication Bypass Zeroday Exploit (Stuxnet technique),
king cope
- FreeSSHD Remote Authentication Bypass Zeroday Exploit,
king cope
- Re: MySQL Windows Remote System Level Exploit (Stuxnet technique) 0day,
king cope
- [security bulletin] HPSBPI02807 SSRT100928 rev.1 - HP LaserJet Pro 400 Multi Function Printers, Remote Unauthorized Access,
security-alert
- [security bulletin] HPSBPI02828 SSRT100778 rev.1 - HP LaserJet and Color LaserJet, Cross-Site Scripting (XSS),
security-alert
- CVE-2012-4534 Apache Tomcat denial of service,
Mark Thomas
- CVE-2012-3546 Apache Tomcat Bypass of security constraints,
Mark Thomas
- CVE-2012-4431 Apache Tomcat Bypass of CSRF prevention filter,
Mark Thomas
- [security bulletin] HPSB3C02831 SSRT100661 rev.1 - HP Intelligent Management Center User Access Manager (UAM), Remote Execution of Arbitrary Code,
security-alert
- Re: Stack overflow in Microsoft HTML Help 6.1 (CHM files),
chiles . simpson . ctr
- Buffalo LinkStation LS-WTGL Default Admin Account & Guest Access Information,
Darius Freamon
- [security bulletin] HPSBMU02816 SSRT100949 rev.1 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Access,
security-alert
- [ MDVSA-2012:177 ] bind,
security
- CA20121205-01: Security Notice for CA XCOM Data Transport on Unix and Linux,
Kotas, Kevin J
- [slackware-security] ruby (SSA:2012-341-04),
Slackware Security Team
- [slackware-security] libxml2 (SSA:2012-341-03),
Slackware Security Team
- [SECURITY] [DSA 2582-1] xen security update,
Yves-Alexis Perez
- TVMOBiLi Media Server Multiple Remote DoS Vulnerabilities,
advisory
- Multiple SQL Injection vulnerabilities in ClipBucket,
advisory
- Multiple vulnerabilities in Achievo,
advisory
- Fwd: SQL injection,
Emmanuel FARCY
- CanSecWest13 CFP Open Until December 14 2012, Conf March 7-9 2013, Vancouver,
Dragos Ruiu
- Update on CVE assigned for Video Lead Form Plugin Cross-Site,
nauty . me04
- Update on CVE assigned for Wordpress Plugin Simple Gmail Login,
nauty . me04
- [slackware-security] libssh (SSA:2012-341-02),
Slackware Security Team
- [slackware-security] bind (SSA:2012-341-01),
Slackware Security Team
- [SECURITY] [DSA 2583-1] iceweasel security update,
Yves-Alexis Perez
- [SECURITY] [DSA 2584-1] iceape security update,
Yves-Alexis Perez
- [ MDVSA-2012:178 ] mysql,
security
- Android Kernel 2.6 Local DoS,
Thomas Richards
- Centrify Deployment Manager v2.1.0.283 local root,
larry0
- FreeVimager 4.1.0 <= WriteAV Arbitrary Code Execution,
pereira
- DIMIN Viewer 5.4.0 <= WriteAV Arbitrary Code Execution,
pereira
- SimpleInvoices 2011.1 Cross-Site-Scripting (XSS) Vulnerabilities CVE-2012-4932,
tommccredie
- Multiple Command Execution Vulnerabilities in Smartphone Pentest Framework,
advisory
- Call for Papers: DIMVA 2013,
Collin Mulliner
- Snare for Linux Cross-Site Scripting via Log Injection,
sometimesbugs
- Snare for Linux Cross-Site Request Forgery,
sometimesbugs
- Snare for Linux Password Disclosure,
sometimesbugs
- [security bulletin] HPSBOV02834 SSRT101055 rev.1 - HP OpenVMS LOGIN or ACMELOGIN, Remote or Local Denial of Service (DoS),
security-alert
- Path Traversal Vulnerability on Secure Transport versions 5.1 SP2 and earlier,
Perez, Sebastian \(LATCO - Buenos Aires\)
- Information disclosure (mouse tracking) vulnerability in Microsoft Internet Explorer versions 6-10,
Nick Johnson
- [SECURITY] [DSA 2585-1] bogofilter security update,
Florian Weimer
- [SECURITY] [DSA 2586-1] perl security update,
Florian Weimer
- Multiple critical vulnerabilities in Maxthon and Avant browsers,
Roberto Suggi Liverani
- [SECURITY] [DSA 2587-1] libcgi-pm-perl security update,
Florian Weimer
- [ MDVSA-2012:179 ] cups,
security
- Addressbook v8.1.24.1 Group Name XSS,
Kenneth F. Belva
- OpenDocMan 1.2.6.2 - 3 Vulnerabilities,
Kenneth F. Belva
- File Upload Concern in Front Account 2.3.13 and OpenDocMan 1.2.6.2,
Kenneth F. Belva
- FCKEditor File Upload Vulnerability,
bugreport
- Network Reconnaissance in IPv6 Networks,
Fernando Gont
- 'portable-phpMyAdmin (WordPress Plugin)' Authentication Bypass (CVE-2012-5469),
Mark Stanislav
- Network Reconnaissance in IPv6 Networks (errata),
Fernando Gont
- RVAsec 2013 CFP Now Open,
Sullo
- [security bulletin] HPSBUX02832 SSRT101042 rev.1 - HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities,
security-alert
- [btrfs] is vulnerable to a hash-DoS attack,
Pascal Junod \(Mailing Lists\)
- Password Disclosure in D-Link IP Cameras (CVE-2012-4046),
doylej . ia
- Issues in Netgear WGR614 wireless router,
gsuberland
- DDIVRT-2012-48 VMware View Connection Server Directory Traversal (CVE-2012-5978),
ddivulnalert
- Wordpress Pingback Port Scanner,
FireFart
- [SECURITY] [DSA 2588-1] icedove security update,
Florian Weimer
- [SECURITY] [DSA 2589-1] tiff security update,
Florian Weimer
- [ MDVSA-2012:180 ] perl-CGI,
security
- Foswiki Security Alert CVE-2012-6329, CVE-2012-6330 Remote code execution and other vulnerabilities in MAKETEXT macro,
George Clark
- RE: PHP Addressbook v8.2.5 Group Name XSS,
Kenneth F. Belva
- IPv6 Neighbor Discovery security (new documents),
Fernando Gont
- Microsoft Internet Explorer 9.x <= Remote Stack Overflow Vulnerability,
pereira
- SonicWall SonicOS 5.8.1.8 WAF - POST Inject Vulnerability,
Vulnerability Lab
- Enterpriser16 LoadBalancer v7.1 - Multiple Web Vulnerabilities,
Vulnerability Lab
- Local root exploit for Centrify Deployment Manager < v2.1.0.283 local root,
larry0
- Multiple SQL Injection Vulnerabilities in Elite Bulletin Board,
advisory
- Firefly MediaServer Multiple Remote DoS Vulnerabilities,
advisory
- Multiple vulnerabilities in Banana Dance,
advisory
- [ MDVSA-2012:181 ] python-django,
security
- Multiple XSS vulnerabilities in Cerberus FTP Server <= 5.0.5.1 [CVE-2012-6339],
Ken
- EMC Avamar: World writable cache files,
fulldisclosure
- DoS vulnerability in Siemens S7-1200 PLCs,
Arne Vidström
- [security bulletin] HPSBUX02835 SSRT100763 rev.1 - HP-UX Running BIND, Remote Domain Name Revalidation,
security-alert
- ESA-2012-060: EMC Data Protection Advisor Information Disclosure Vulnerability.,
Security Alert
- CA20121220-01: Security Notice for CA IdentityMinder,
Williams, James K
- VMSA-2012-0018 VMware security updates for vCSA and ESXi,
VMware Security Response Center
- CubeCart 3.0.20 (3.0.x) and lower | Multiple Cross Site Scripting Vulnerabilities,
YGN Ethical Hacker Group
- CubeCart 3.0.20 (3.0.x) and lower | Arbitrary File Upload,
YGN Ethical Hacker Group
- CubeCart 3.0.20 (3.0.x) and lower | Multiple SQL Injection Vulnerabilities,
YGN Ethical Hacker Group
- [ MDVSA-2012:182 ] apache-mod_security,
security
- CubeCart 4.4.6 and lower | Open URL Redirection Vulnerability,
YGN Ethical Hacker Group
- [TOOL RELEASE] SQL Fingerprint powered by ENG++ Technology [Version 1.33.23-170308],
Nelson Brito
- [ MDVSA-2012:183 ] apache-mod_security,
security
- CubeCart 5.0.7 and lower | Open URL Redirection Vulnerability,
YGN Ethical Hacker Group
- CubeCart 4.4.6 and lower | Cross Site Request Forgery (CSRF) Vulnerability,
YGN Ethical Hacker Group
- CubeCart 4.4.6 and lower | Multiple Cross Site Scripting Vulnerabilities,
YGN Ethical Hacker Group
- CubeCart 4.4.6 and lower | Multiple SQL Injection Vulnerabilities,
YGN Ethical Hacker Group
- CubeCart 4.4.6 and lower | Local File Inclusion Vulnerability,
YGN Ethical Hacker Group
- CubeCart 4.x/5.x | Setup Re-installation Privilege Escalation Vulnerability,
YGN Ethical Hacker Group
- Open-Realty CMS 3.x | Cross Site Request Forgery (CSRF) Vulnerability,
YGN Ethical Hacker Group
- Open-Realty CMS 3.x | Persistent Cross Site Scripting (XSS) Vulnerability,
YGN Ethical Hacker Group
- [SECURITY] [DSA 2590-1] wireshark security update,
Moritz Muehlenhoff
- [ MDVSA-2012:184 ] libtiff,
security
- Polycom® HDX® Video End Points Web Management Cross Site Scripting (XSS) vulnerability,
Rustein, Fara Denise \(LATCO - Buenos Aires\)
- Log Analyzer 3.6.0 - Cross Site Scripting Vulnerability,
Vulnerability Lab
- SonicWall Email Security 7.4.1.x - Persistent Web Vulnerability,
Vulnerability Lab
- [SECURITY] [DSA 2591-1] mahara security update,
Moritz Muehlenhoff
- [SECURITY] [DSA 2592-1] elinks security update,
Moritz Muehlenhoff
- CubeCart 5.0.7 and lower versions | Insecure Backup File Handling,
YGN Ethical Hacker Group
- GnuPG 1.4.12 and lower - memory access errors and keyring database corruption,
KB Sriram
Mail converted by MHonArc