Mail Index
- MailOrderWorks v5.907 - Multiple Web Vulnerabilities
- [security bulletin] HPSBUX02859 SSRT101144 rev.1 - HP-UX Running XNTP, Remote Denial of Service (DoS) and Execute Arbitrary Code
- [Suspected Spam] [slackware-security] libssh (SSA:2013-087-01)
- From: Slackware Security Team
- [waraxe-2013-SA#100] - Update Spoofing Vulnerability in mRemote 1.50
- [waraxe-2013-SA#101] - Update Spoofing Vulnerability in Royal TS 2.1.5
- Authentication bypass on Netgear WNR1000
- [SECURITY] [DSA 2656-1] bind9 security update
- From: Salvatore Bonaccorso
- US-CERT Alert TA13-088A: DNS Amplification Attacks
- [security bulletin] HPSBUX02860 SSRT101146 rev.1 - HP-UX Apache Running Tomcat Servlet Engine, Remote Denial of Service (DoS), Access Restriction Bypass, Unauthorized Modification and Other Vulnerabilities
- Remote command execution in Ruby Gem ldoce 0.0.2
- NGS00248 Patch Notification: Virtual Access Monitor Multiple SQL Injection Vulnerabilities
- FreeBSD Security Advisory FreeBSD-SA-13:03.openssl
- From: FreeBSD Security Advisories
- FreeBSD Security Advisory FreeBSD-SA-13:04.bind
- From: FreeBSD Security Advisories
- SEC Consult SA-20130403-0 :: Multiple vulnerabilities in Sophos Web Protection Appliance
- From: SEC Consult Vulnerability Lab
- Google AD Sync Tool - Exposure of Sensitive Information Vulnerability - Security Advisory - SOS-13-001
- [slackware-security] mozilla-thunderbird (SSA:2013-093-02)
- From: Slackware Security Team
- [slackware-security] mozilla-firefox (SSA:2013-093-01)
- From: Slackware Security Team
- SQL Injection Vulnerability in Symphony
- PHP Code Injection in FUDforum
- TC-SA-2013-01: Reflected Cross-Site-Scripting (XSS) vulnerability in e107 CMS v1.0.2
- Novell GroupWise Multiple Remote Code Execution Vulnerabilities
- [SECURITY] [DSA 2654-1] libxslt security update
- From: Salvatore Bonaccorso
- [SECURITY] [DSA 2657-1] postgresql-8.4 security update
- [SECURITY] [DSA 2658-1] postgresql-9.1 security update
- [ MDVSA-2013:015-1 ] apache
- [ MDVSA-2013:015-1 ] apache
- SEC Consult 20130404-0 :: Multiple Vulnerabilities in Censornet Professional v4 (2.1.7)
- From: SEC Consult Vulnerability Lab
- GreHack 2013 - Call For Papers - November 15, Grenoble, France
- Hackersh 0.1 Release Announcement
- Groovy Media Player buffer overflow Vulnerability
- [ MDVSA-2013:016 ] apache-mod_security
- [ MDVSA-2013:017 ] arpwatch
- [ MDVSA-2013:018 ] automake
- [ MDVSA-2013:019 ] bash
- [ MDVSA-2013:027-1 ] clamav
- [slackware-security] subversion (SSA:2013-095-01)
- From: Slackware Security Team
- [ MDVSA-2013:029 ] apache-mod_security
- [ MDVSA-2013:030 ] arpwatch
- [ MDVSA-2013:031 ] automake
- [ MDVSA-2013:032 ] bash
- [ MDVSA-2013:023-1 ] coreutils
- [ MDVSA-2013:033 ] cronie
- Aastra IP Telephone hardcoded telnet admin password
- From: Timo Juhani Lindfors
- [ MDVSA-2013:034 ] cups
- [ MDVSA-2013:035 ] libexif
- [ MDVSA-2013:036 ] exif
- [ MDVSA-2013:037 ] fetchmail
- [ MDVSA-2013:038 ] freeradius
- [ MDVSA-2013:039 ] freetype2
- [ MDVSA-2013:001-1 ] gnupg
- [ MDVSA-2013:040 ] gnutls
- [ MDVSA-2013:041 ] html2ps
- [security bulletin] HPSBMU02785 SSRT100526 rev.2 - HP LoadRunner Running on Windows, Remote Execution of Arbitrary Code, Denial of Service (DoS)
- [ MDVSA-2013:042 ] krb5
- [ MDVSA-2013:043 ] libgssglue
- [ MDVSA-2013:044 ] libjpeg
- [ MDVSA-2013:045 ] libssh
- [ MDVSA-2013:046 ] libtiff
- [ MDVSA-2013:047 ] libxslt
- [ MDVSA-2013:048 ] ncpfs
- [ MDVSA-2013:049 ] net-snmp
- [ MDVSA-2013:050 ] nss
- [ MDVSA-2013:051 ] openssh
- [ MDVSA-2013:052 ] openssl
- [ MDVSA-2013:053 ] proftpd
- [ MDVSA-2013:054 ] sudo
- [ MDVSA-2013:055 ] wireshark
- Vanilla Forums 2.0.18 / SQL-Injection / Insert arbitrary user & dump usertable
- Multiple Vulnerabilities in D-Link devices
- [slackware-security] seamonkey (SSA:2013-097-01)
- From: Slackware Security Team
- [ MDVSA-2013:056 ] libxml2
- [ MDVSA-2013:057 ] xinetd
- [ MDVSA-2013:058 ] bind
- [ MDVSA-2013:059 ] dhcp
- [ MDVSA-2013:060 ] accountsservice
- [ MDVSA-2013:061 ] awstats
- [ MDVSA-2013:062 ] backuppc
- [ MDVSA-2013:063 ] bip
- [ MDVSA-2013:064 ] bogofilter
- [ MDVSA-2013:065 ] boost
- [ MDVSA-2013:066 ] bugzilla
- [ MDVSA-2013:067 ] couchdb
- [ MDVSA-2013:068 ] courier-authlib
- [ MDVSA-2013:069 ] cups-pk-helper
- [ MDVSA-2013:070 ] dbus
- [ MDVSA-2013:071 ] dbus-glib
- [CVE-2012-5389] Null Pointer Derefence in Dart Webserver <= 1.9.2
- [CVE-REQUEST] Multiple CSRF vulnerabilities on Foscam IP cameras web UI
- [ISecAuditors Security Advisories] Multiple Full Path Disclosure Vulnerabilities in TinyWebGallery <= v1.8.9
- From: ISecAuditors Security Advisories
- [ MDVSA-2013:072 ] dnsmasq
- [ MDVSA-2013:073 ] dokuwiki
- [ MDVSA-2013:074 ] drupal
- [ MDVSA-2013:075 ] elinks
- [ MDVSA-2013:076 ] emacs
- [ MDVSA-2013:081 ] gegl
- [ MDVSA-2013:082 ] gimp
- [ MDVSA-2013:083 ] glib2.0
- [ MDVSA-2013:084 ] gnome-keyring
- [ MDVSA-2013:085 ] groff
- [ MDVSA-2013:086 ] groff
- [ MDVSA-2013:087 ] firefox
- [ MDVSA-2013:088 ] hplip
- [ MDVSA-2013:089 ] icclib
- [ MDVSA-2013:090 ] argyllcms
- [ MDVSA-2013:091 ] icecast
- [ MDVSA-2013:092 ] imagemagick
- Hackito Ergo Sum 2013 Speaker Announcement!
- From: Alexandre De Oliveira
- CVE-2013-0798 : World read and write access to app_tmp directory on Android
- [waraxe-2013-SA#102] - Reflected XSS in phpMyAdmin 3.5.7
- [ MDVSA-2013:078 ] fail2ban
- [ MDVSA-2013:077 ] ettercap
- [ MDVSA-2013:093 ] ircd-hybrid
- [ MDVSA-2013:094 ] jakarta-poi
- [ MDVSA-2013:095 ] java-1.7.0-openjdk
- [ MDVSA-2013:096 ] keepalived
- [ MDVSA-2013:097 ] libotr
- [ MDVSA-2013:098 ] libupnp
- [ MDVSA-2013:099 ] libytnef
- [ MDVSA-2013:100 ] lighttpd
- [ MDVSA-2013:101 ] lynx
- [ MDVSA-2013:102 ] mariadb
- [ MDVSA-2013:103 ] mesa
- [ MDVSA-2013:104 ] mosh
- [ MDVSA-2013:105 ] munin
- [ MDVSA-2013:106 ] nss-pam-ldapd
- [ MDVSA-2013:107 ] ocaml-xml-light
- [ MDVSA-2013:108 ] openconnect
- [ MDVSA-2013:109 ] open-iscsi
- [ MDVSA-2013:110 ] openjpeg
- [ MDVSA-2013:111 ] openslp
- [ MDVSA-2013:112 ] otrs
- [ MDVSA-2013:113 ] perl
- [ MDVSA-2013:114 ] php
- [ MDVSA-2013:115 ] php-ZendFramework
- [ MDVSA-2013:116 ] pixman
- [ MDVSA-2013:117 ] python
- [ MDVSA-2013:118 ] python-feedparser
- [ MDVSA-2013:119 ] python-httplib2
- [ MDVSA-2013:120 ] python-pycrypto
- DeepSec 2013 - Call for Papers
- [ MDVSA-2013:121 ] qemu
- [ MDVSA-2013:122 ] quagga
- [ MDVSA-2013:123 ] rpmdevtools
- [ MDVSA-2013:124 ] ruby
- [ MDVSA-2013:125 ] sleuthkit
- [ MDVSA-2013:126 ] snack
- [ MDVSA-2013:127 ] socat
- [ MDVSA-2013:128 ] squashfs-tools
- [ MDVSA-2013:129 ] squid
- [ MDVSA-2013:130 ] stunnel
- [ MDVSA-2013:131 ] taglib
- [ MDVSA-2013:132 ] tor
- [ MDVSA-2013:133 ] usbmuxd
- [ MDVSA-2013:134 ] viewvc
- [ MDVSA-2013:135 ] vte
- [ MDVSA-2013:136 ] weechat
- [ MDVSA-2013:137 ] wordpress
- [ MDVSA-2013:138 ] x11-driver-video-qxl
- [ MDVSA-2013:139 ] x11-server
- [security bulletin] HPSBUX02859 SSRT101144 rev.2 - HP-UX Running XNTP, Remote Denial of Service (DoS) and Execute Arbitrary Code
- [security bulletin] HPSBUX02864 SSRT101156 rev.1 - HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA Software
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco Firewall Services Module Software
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified MeetingPlace Solution
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco IOS XE Software for 1000 Series Aggregation Services Routers
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco Prime Network Control Systems Database Default Credentials Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- [SECURITY] [DSA 2659-1] libapache-mod-security security update
- From: Salvatore Bonaccorso
- [ MDVSA-2013:141 ] libxslt
- MacOSX 10.8.3 ftpd Remote Resource Exhaustion
- [ MDVSA-2013:142 ] postgresql
- Remote command injection in Ruby Gem kelredd-pruview 0.3.8
- [ MDVSA-2013:143 ] poppler
- DDIVRT-2013-52 Dell EqualLogic PS6110X Directory Traversal
- [security bulletin] HPSBUX02866 SSRT101139 rev.1 - HP-UX Running Apache, Remote Denial of Service (DoS), Execution of Arbitrary Code and other vulnerabilities
- [SE-2012-01] Details of issues fixed by Java SE 7 Update 21
- From: Security Explorations
- [ESNC-2013-001] Privilege Escalation in SAP Healthcare Industry Solution
- Sitecom WLM-3500 backdoor accounts
- [ESNC-2013-002] Privilege Escalation in SAP Production Planning and Control
- [ESNC-2013-003] Remote OS Command Execution in SAP BASIS Communication Services
- [ MDVSA-2013:144 ] phpmyadmin
- APPLE-SA-2013-04-16-1 Safari 6.0.4
- From: Apple Product Security
- APPLE-SA-2013-04-16-2 Java for OS X 2013-003 and Mac OS X v10.6 Update 15
- From: Apple Product Security
- Open-Xchange Security Advisory 2013-04-17
- Multiple Vulnerabilities in KrisonAV CMS
- SI6 Networks' IPv6 Toolkit v1.3.4 released!
- Re: [SE-2012-01] Details of issues fixed by Java SE 7 Update 21
- From: Security Explorations
- SEC Consult 20130417-0 :: Multiple vulnerabilities in Sosci Survey
- From: SEC Consult Vulnerability Lab
- SEC Consult SA-20130417-1 :: Java ActiveX Control Memory Corruption
- From: SEC Consult Vulnerability Lab
- SEC Consult SA-20130417-2 :: HTTP header injection/Cache poisoning in Oracle WebCenter Sites Satellite Server
- From: SEC Consult Vulnerability Lab
- Cisco Security Advisory: Cisco Network Admission Control Manager SQL Injection Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco TelePresence Infrastructure Denial of Service Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- [SECURITY] [DSA 2661-1] xorg-server security update
- DC4420 - London DEFCON - April meet - Tuesday 23rd April 2013
- VUPEN Security Research - Oracle Java JavaFX Video Frame Decoding Remote Heap Overflow (Pwn2Own 2013)
- From: VUPEN Security Research
- [SECURITY] [DSA 2662-1] xen security update
- From: Salvatore Bonaccorso
- CVE-2013-2504 : Matrix42 Service Desk XSS
- VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555)
- From: VUPEN Security Research
- TWSL2013-004: Group Name Enumeration Vulnerability in Cisco IKE Implementation
- From: Trustwave Advisories
- Re: SEC Consult SA-20130417-1 :: Java ActiveX Control Memory Corruption
- From: SEC Consult Vulnerability Lab
- [ MDVSA-2013:145 ] java-1.6.0-openjdk
- [ MDVSA-2013:146 ] icedtea-web
- [ MDVSA-2013:147 ] libarchive
- [SECURITY] [DSA 2660-1] curl security update
- From: Salvatore Bonaccorso
- [SE-2012-01] Yet another Reflection API flaw affecting Oracle's Java SE
- From: Security Explorations
- 44Café 23rd April details
- [SQLi] vBilling for FreeSWITCH
- Multiple Vulnerabilities in D'Link DIR-615 - Hardware revision D3 / DIR-300 - Hardware revision A
- [ MDVSA-2013:148 ] roundcubemail
- [ MDVSA-2013:149 ] roundcubemail
- [ MDVSA-2013:150 ] mysql
- [SECURITY] [DSA 2663-1] tinc security update
- [security bulletin] HPSBHF02865 SSRT101158 rev.1 - HP ElitePad 900, Secure Boot Configuration Inconsistency
- Cisco/Linksys HTTP Service Remote DoS (Denial of Service)
- [ESNC-2013-004] Remote ABAP Code Injection in OpenText/IXOS ECM for SAP NetWeaver
- Cisco Security Advisory: Cisco Device Manager Command Execution Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified Computing System
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco NX-OS-Based Product
- From: Cisco Systems Product Security Incident Response Team
- [waraxe-2013-SA#103] - Multiple Vulnerabilities in phpMyAdmin
- Nginx ngx_http_close_connection function integer overflow
- Borland Caliber 11.0 Quiksoft EasyMail SMTP Object Buffer Overflows
- Borland Silk Central 12.1 TeeChart Pro Activex control AddSeries Remote Code Execution
- Multiple Vulnerabilities in D'Link DIR-635
- [security bulletin] HPSBMU02830 SSRT100889 rev.2 - HP Data Protector, Local Increase of Privilege
- Re: Nginx ngx_http_close_connection function integer overflow
- [security bulletin] HPSBPI02868 SSRT101017 rev.1 - HP Managed Printing Administration (MPA), Remote Cross Site Scripting (XSS)
- [security bulletin] HPSBPI02869 SSRT100936 rev.1 - HP LaserJet MFP Printers, HP Color LaserJet MFP Printers, Certain HP LaserJet Printers, Remote Unauthorized Access to Files
- Hacking IPv6 networks training (slideware, upcoming trainings, etc.)
- EDSC 2013 CFP Open
- [ MDVSA-2013:151 ] curl
- [ MDVSA-2013:152 ] subversion
- [ MDVSA-2013:153 ] subversion
- [KIS-2013-04] Joomla! <= 3.0.3 (remember.php) PHP Object Injection Vulnerability
- Cisco/Linksys E1200 N300 Reflected XSS
- [ MDVSA-2013:154 ] util-linux
- [ MDVSA-2013:155 ] fuse
- Re: Nginx ngx_http_close_connection function integer overflow
- [security bulletin] HPSBMU02873 SSRT101182 rev.1 - HP Service Manager, Apache Tomcat Security Update
- [security bulletin] HPSBMU02874 SSRT101184 rev.1 - HP Service Manager, Java Runtime Environment (JRE) Security Update
- [ MDVSA-2013:156 ] apache-mod_security
Mail converted by MHonArc