Mail Thread Index

Date Index

Cisco Security Advisory: Cisco Unified Presence Server Denial of Service Vulnerability, Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco Prime Central for Hosted Collaboration Solution Assurance Excessive CPU Utilization Vulnerability, Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco Unified Communications Manager Multiple Denial of Service Vulnerabilities, Cisco Systems Product Security Incident Response Team
[ MDVSA-2013:016 ] php, security
[waraxe-2013-SA#097] - Multiple Vulnerabilities in PHP-Fusion 7.02.05, come2waraxe
Unauthenticated remote access to D-Link DIR-645 devices, roberto
[KIS-2013-03] Joomla! <= 3.0.2 (highlight.php) PHP Object Injection Vulnerability, Egidio Romano
Multiple Vulnerabilities in Piwigo, advisory
Cross-Site Scripting (XSS) in Geeklog, advisory
Stored Cross-site Scripting ('XSS') in Airvana HubBub C1-600-RT Femtocell, scott . behrens
PHEARCON Call For Papers, AA
Fileutils ruby gem possible remote command execution and insecure file handling in /tmp, larry0
ESA-2013-012: RSA® Authentication Agent 7.1.1 for Microsoft Windows® Access Control Vulnerability, Security Alert
[SECURITY] [DSA 2635-1] cfingerd security update, Salvatore Bonaccorso
[SECURITY] [DSA 2636-1] xen security update, Moritz Muehlenhoff
[SECURITY] [DSA 2636-2] xen regression update, Moritz Muehlenhoff
[slackware-security] httpd (SSA:2013-062-01), Slackware Security Team
[SE-2012-01] One more attack affecting Oracle's Java SE 7u15, Security Explorations
rpi-update tmpfile vulnerability, Technion
- <Possible follow-ups>
- Re: rpi-update tmpfile vulnerability, larry0
CVE-2013-1413, stephan . rickauer
[CVE-REQUEST] Foscam <= 11.37.2.48 path traversal vulnerability, Frédéric Basse
- <Possible follow-ups>
- Re: [CVE-REQUEST] Foscam <= 11.37.2.48 path traversal vulnerability, Frédéric BASSE
Proofpoint Protection Server Session Persistence, BugsNotHugs
Remote command execution for Ruby Gem ftpd-0.2.1, larry0
Remote system freeze thanks to Kaspersky Internet Security 2013, Marc Heuse
[IA32] HP Intelligent Management Center v5.1 E0202 topoContent.jsf Non-Persistent Cross-Site Scripting, Inshell Security
[SECURITY] [DSA 2637-1] apache2 security update, Stefan Fritsch
APPLE-SA-2013-03-04-1 Java for OS X 2013-002 and Mac OS X v10.6 Update 14, Apple Product Security
[SECURITY] [DSA 2638-1] openafs security update, Moritz Muehlenhoff
WordPress Count-Per-Day plugin 3.2.5. Type-1 (reflected) Cross Site Scripting (XSS), alej andr0
[PT-2013-17] Arbitrary Files Reading in mnoGoSearch, noreply
RE: [Full-disclosure] Remote system freeze thanks to Kaspersky Internet Security 2013 (SA52053), Vulnerability Mailbox
[SECURITY] [DSA 2639-1] php5 security update, Thijs Kinkhorst
[ MDVSA-2013:017 ] libxml2, security
Varnish 2.1.5, 3.0.3 DoS in VRY_Create() while parsing Vary header, tytusromekiatomek
Samsung TV DoS (possible overflow) via SOAPACTION, tytusromekiatomek
Varnish 2.1.5 DoS in STV_alloc() while parsing Content-Length header, tytusromekiatomek
Squid 3.2.7 DoS (loop, 100% cpu) strHdrAcptLangGetItem() at errorpage.cc, tytusromekiatomek
- Re: Squid 3.2.7 DoS (loop, 100% cpu) strHdrAcptLangGetItem() at errorpage.cc, Kurt Seifried
  - Re: Squid 3.2.7 DoS (loop, 100% cpu) strHdrAcptLangGetItem() at errorpage.cc, Amos Jeffries
- Re: Squid 3.2.7 DoS (loop, 100% cpu) strHdrAcptLangGetItem() at errorpage.cc, Amos Jeffries
  - Re: Squid 3.2.7 DoS (loop, 100% cpu) strHdrAcptLangGetItem() at errorpage.cc, Kurt Seifried
SIP Witch 0.7.4 w/libosip2-4.0.0 DoS via NULL pointer derefence in libosip2, tytusromekiatomek
Varnish 2.1.5, 3.0.3 DoS in http_GetHdr() while parsing Vary header, tytusromekiatomek
Squid 3.2.5 httpMakeVaryMark() header value DoS, 2.7.Stable9 memory corruption., tytusromekiatomek
Varnish 2.1.5 DoS in fetch_straight() while parsing Content-Length header, tytusromekiatomek
Apache Subversion mod_dav_svn DoS via MKACTIVITY/PROPFIND, tytusromekiatomek
Re: Kingcopes AthCon 2012 Slides & Notes --> Video online, king cope
OS Command Injection in CosCms, advisory
Multiple XSS vulnerabilities in Events Manager WordPress plugin, advisory
[SECURITY] CVE-2013-0248 Apache Commons FileUpload - Insecure examples, Mark Thomas
Verax NMS Authenication Bypass (CVE-2013-1350), Just Bugs
Verax NMS Password Replay Attack (CVE-2013-1351), Just Bugs
Verax NMS Hardcoded Private Key (CVE-2013-1352), Just Bugs
Verax NMS Password Disclosure (CVE-2013-1631), Just Bugs
[ MDVSA-2013:018 ] openssl, security
DDIVRT-2013-51 DALIM Dialog Server 'logfile' Local File Inclusion, ddivulnalert
[security bulletin] HPSBMU02849 SSRT101124 rev.1 - HP ServiceCenter, Remote Denial of Service (DoS), security-alert
[slackware-security] sudo (SSA:2013-065-01), Slackware Security Team
[security bulletin] HPSBPI02851 SSRT101078 rev.1 - Certain HP LaserJet Pro Printers, Unauthorized Access to Data, security-alert
[ MDVSA-2013:019 ] gnutls, security
[security bulletin] HPSBGN02854 SSRT100881 rev.1 - HP Intelligent Management Center (iMC), iMC TACACS+ Authentication Manager (TAM), and iMC User Access Manager (UAM), Cross Site Scripting (XSS), Remote Code Execution, Remote Disclosure of Information, security-alert
Untrusted Pointer Dereference Vulnerability in Corel WordPerfect X6, advisory
Multiple NULL Pointer Dereference Vulnerabilities in Corel Quattro Pro X6, advisory
Re: Oracle Auto Service Request /tmp file clobbering vulnerability, larry0
[ MDVSA-2013:020 ] wireshark, security
[ MDVSA-2013:021 ] java-1.6.0-openjdk, security
SEC Consult SA-20130308-0 :: Multiple critical vulnerabilities in GroundWork Monitor Enterprise (part 1), SEC Consult Vulnerability Lab
SEC Consult SA-20130308-1 :: Multiple vulnerabilities in GroundWork Monitor Enterprise (part 2), SEC Consult Vulnerability Lab
Stored XSS in Terillion Reviews Wordpress Plugin, nauty . me04
[SECURITY] [DSA 2642-1] sudo security update, Michael Gilbert
[slackware-security] mozilla-thunderbird (SSA:2013-068-02), Slackware Security Team
[slackware-security] mozilla-firefox (SSA:2013-068-01), Slackware Security Team
[SECURITY] [DSA 2641-1] perl security update, Salvatore Bonaccorso
Recon 2013 Call For Papers - June 21-23, 2013 - Montreal, Quebec, cfp2013@xxxxxxxx
OpenFabrics ibutils 1.5.7 /tmp clobbering vulnerability, larry0
[ISecAuditors Security Advisories] Reflected XSS in Asteriskguru Queue Statistics, ISecAuditors Security Advisories
Privoxy Proxy Authentication Credential Exposure - CVE-2013-2503, Chris John Riley
- <Possible follow-ups>
- Privoxy Proxy Authentication Credential Exposure - CVE-2013-2503, contact
Host tracking in IPv6 (SI6 Networks' IPv6 toolkit v1.3.3), Fernando Gont
SEC Consult SA-20130311-0 :: Persistent cross-site scripting in jforum, SEC Consult Vulnerability Lab
AthCon 2013 Rev. Challenge 2013, info
Results of a XSLT fuzzing effort, Nicolas Grégoire
Announcing ChronIC - a wearable Sub-GHz RF hacking tool, Adam Laurie
TagScanner v5.1 - Stack Buffer Overflow Vulnerability, Vulnerability Lab
[SECURITY] [DSA 2643-1] puppet security update, Yves-Alexis Perez
Open-Xchange Security Advisory 2013-03-13, Martin Braun
SEC Consult SA-20130313-0 :: QlikView Desktop Client Integer Overflow, SEC Consult Vulnerability Lab
[ MDVSA-2013:022 ] openssh, security
[CVE-2013-1814] Apache Rave exposes User over API, Matt Franklin
[ MDVSA-2013:023 ] coreutils, security
Cisco Video Surveillance Operations Manager Multiple vulnerabilities, b . saleh
[ MDVSA-2013:024 ] firefox, security
Re: SQLi found in Kodak Insite, chris . joughin
[slackware-security] perl (SSA:2013-072-01), Slackware Security Team
[slackware-security] seamonkey (SSA:2013-072-02), Slackware Security Team
[ MDVSA-2013:025 ] pidgin, security
[SECURITY] [DSA 2640-1] zoneminder security update, Salvatore Bonaccorso
[SECURITY] [DSA 2644-1] wireshark security update, Moritz Muehlenhoff
APPLE-SA-2013-03-14-1 OS X Mountain Lion v10.8.3 and Security Update 2013-001, Apple Product Security
APPLE-SA-2013-03-14-2 Safari 6.0.3, Apple Product Security
[SECURITY] [DSA 2645-1] inetutils security update, Yves-Alexis Perez
Curl Ruby Gem Remote command execution, Larry0
MiniMagic ruby gem remote code execution, Larry0
DDIVRT-2013-50 EverFocus EPARA264-16X1 Directory Traversal, ddivulnalert
Skype Click to Call Update Service local privilege escalation, Oliver-Tobias Ripka
[SECURITY] [DSA 2647-1] firebird2.1 security update, Moritz Muehlenhoff
[SECURITY] [DSA 2648-1] firebird2.5 security update, Moritz Muehlenhoff
n.runs-SA-2013.002 - Polycom - Firmware Update Command Injection, security
n.runs-SA-2013.003 - Polycom - H.323 CDR Database SQL Injection, security
n.runs-SA-2013.004 - Polycom - H.323 Format String Vulnerability, security
n.runs-SA-2013.001 - Polycom - Command Shell Grants System-Level Access, security
[SECURITY] [DSA 2646-1] typo3-src security update, Yves-Alexis Perez
[SECURITY] [DSA 2649-1] lighttpd security update, Yves-Alexis Perez
[SECURITY] [DSA 2650-1] libvirt-bin security update, Yves-Alexis Perez
[slackware-security] ruby (SSA:2013-075-01), Slackware Security Team
Remote command execution in fastreader ruby gem, larry0
[SECURITY] [DSA 2650-2] libvirt regression update, Yves-Alexis Perez
[ MDVSA-2013:026 ] sudo, security
[SE-2012-01] The "allowed behavior" in Java SE 7 (Issue 54), Security Explorations
[ MDVSA-2013:027 ] clamav, security
[ MDVSA-2013:028 ] nagios, security
NGS00440 Patch Notification: Windows USB RNDIS driver kernel pool overflow, NCC Group Research
Cisco Security Response: Cisco IOS and Cisco IOS XE Type 4 Passwords Issue, Cisco Systems Product Security Incident Response Team
NOPcon 2013 - Call for paper - Istanbul , Turkey, info
Remote command execution in Ruby Gem Command Wrap, Larry0
VUPEN Security Research - Mozilla Firefox "nsHTMLEditRules" Use-After-Free (MFSA-2013-29 / CVE-2013-0787), VUPEN Security Research
VUPEN Security Research - Microsoft Internet Explorer 10-9-8-7-6 "OnResize" Use-after-free (MS13-021 / CVE-2013-0087), VUPEN Security Research
- Re: VUPEN Security Research - Microsoft Internet Explorer 10-9-8-7-6 "OnResize" Use-after-free (MS13-021 / CVE-2013-0087), Thomas D.
VUPEN Security Research - Microsoft Internet Explorer 10-9-8-7-6 "OnMove" Use-after-free (MS13-021 / CVE-2013-0087), VUPEN Security Research
CA20130319-01: Security Notice for SiteMinder products using SAML, Kotas, Kevin J
[waraxe-2013-SA#098] - Directory Traversal Vulnerabilities in OpenCart 1.5.5.1, come2waraxe
APPLE-SA-2013-03-19-1 iOS 6.1.3, Apple Product Security
APPLE-SA-2013-03-19-2 Apple TV 5.2.1, Apple Product Security
[IA49] Photodex ProShow Producer v5.0.3310 ScsiAccess Local Privilege Escalation, Inshell Security
[SECURITY] [DSA 2641-2] libapache2-mod-perl2 update related to DSA 2641-1, Salvatore Bonaccorso
[SECURITY] [DSA 2651-1] smokeping security update, Salvatore Bonaccorso
[SE-2011-01] PoC code for digital SAT TV research released, Security Explorations
[security bulletin] HPSBUX02856 SSRT101104 rev.1 - HP-UX Running OpenSSL, Remote Denial of Service (DoS) and Unauthorized Disclosure, security-alert
[waraxe-2013-SA#099] - Update Spoofing Vulnerability in LibreOffice 4.0.1.2, come2waraxe
DC4420 - London DEFCON - March meet - Tuesday 26th March 2013, Major Malfunction
[slackware-security] php (SSA:2013-081-01), Slackware Security Team
[security bulletin] HPSBPV02855 SSRT100512 rev.1 - HP ProCurve 1700-8(J9079A) and 1700-24(J9080A) Switches, Cross Site Request Forgery (CSRF), security-alert
[SECURITY] [DSA 2652-1] libxml2 security update, Michael Gilbert
Report OWASP WAF Naxsi bypass Vulnerability, safe3q
- Re: Report OWASP WAF Naxsi bypass Vulnerability, Jeffrey Walton
SynConnect PMS SQL Injection Vulnerability, bhadresh . k . patel
ESA-2013-016: EMC Smarts Network Configuration Manager, Security Alert
[security bulletin] HPSBOV02852 SSRT101108 rev.1 - HP SSL for OpenVMS, Remote Denial of Service (DoS), Unauthorized Disclosure of Information, Unauthorized Modification, security-alert
[security bulletin] HPSBUX02857 SSRT101103 rev.1 - HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities, security-alert
[SECURITY] [DSA 2653-1] icinga security update, Florian Weimer
[slackware-security] dhcp (SSA:2013-086-02), Slackware Security Team
[slackware-security] bind (SSA:2013-086-01), Slackware Security Team
Path Traversal in AWS XMS, advisory
McAfee Virtual Technician ActiveX Control Insecure Method, advisory
[security bulletin] HPSBST02848 SSRT101112 rev.1 - HP XP P9000 Command View Advanced Edition Suite Products, Remote Disclosure of Information, security-alert
Cisco Security Advisory: Cisco IOS Software Zone-Based Policy Firewall Session Initiation Protocol Inspection Denial of Service Vulnerability, Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco IOS Software IP Service Level Agreement Vulnerability, Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco IOS Software Protocol Translation Vulnerability, Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco IOS Software Smart Install Denial of Service Vulnerability, Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco IOS Software Network Address Translation Vulnerability, Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco IOS Software Internet Key Exchange Vulnerability, Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco IOS Software Resource Reservation Protocol Denial of Service Vulnerability, Cisco Systems Product Security Incident Response Team
ESA-2013-018: EMC Smarts Product - Cross Site Scripting Vulnerability, Security Alert
WordPress podPress Plugin XSS in SWF, hip
AST-2013-001: Buffer Overflow Exploit Through SIP SDP Header, Asterisk Security Team
AST-2013-002: Denial of Service in HTTP server, Asterisk Security Team
AST-2013-003: Username disclosure in SIP channel driver, Asterisk Security Team
Workshop Proposal/Paper Submission Deadlines, asemailing
[SECURITY] [DSA 2655-1] rails security update, Moritz Muehlenhoff

Mail converted by MHonArc