Mail Index

• Thread Index

• [slackware-security] gnutls (SSA:2013-242-03)
  • From: Slackware Security Team
• [SECURITY] [DSA 2747-1] cacti security update
  • From: Florian Weimer
• list of vulnerability discovered by RealPentesting
  • From: Pedro Guillen
• Full Disclosure - Multiple vulnerabilities in five Zoom ADSL Modem/Routers
  • From: kyle Lovett
• Defense in depth -- the Microsoft way (part 9): erroneous documentation
  • From: Stefan Kanthak
• IndiaNIC Testimonail WP plugin - Multiple vulnerabilities
  • From: roguecoder
• [SECURITY] [DSA 2740-2] python-django regression update
  • From: Florian Weimer
• [SECURITY] [DSA 2748-1] exactimage security update
  • From: Florian Weimer
• Mikrotik RouterOS 5.* and 6.* sshd remote preauth heap corruption
  • From: king cope
• [SECURITY] [DSA 2749-1] asterisk security update
  • From: Moritz Muehlenhoff
• [ MDVSA-2013:224 ] libtiff
  • From: security
• [ MDVSA-2013:225 ] libdigidoc
  • From: security
• ESA-2013-057: RSA Archer(r) GRC Multiple Vulnerabilities
  • From: Security Alert
• PayPal's "invalid" aksession Padding Oracle Flaw
  • From: Timothy D. Morgan
• [SECURITY] [DSA 2750-1] imagemagick security update
  • From: Florian Weimer
• [PSA-2013-0903-1] Apple Safari Heap Buffer Overflow
  • From: bugtraq
• SEC Consult SA-20130904-0 :: GroupLink everything HelpDesk - undocumented password reset/admin takeover and XSS vulnerabilities
  • From: SEC Consult Vulnerability Lab
• Call for Paper/Event - nullcon Goa 2014
  • From: nullcon
• Cisco Security Advisory: Multiple Vulnerabilities in the Cisco WebEx Recording Format and Advanced Recording Format Players
  • From: Cisco Systems Product Security Incident Response Team
• [SECURITY] [DSA 2751-1] libmodplug security update
  • From: Raphael Geissert
• [ MDVSA-2013:226 ] roundcubemail
  • From: security
• CFP: WorldCIST'14 - World Conference on IST; Best papers published in ISI Journals
  • From: Maria Lemos
• APPLE-SA-2013-09-06-1 AirPort Base Station Firmware Update 7.6.4
  • From: Mihaela Popescu-Stanesti
• APPLE-SA-2013-09-06-1 AirPort Base Station Firmware Update 7.6.4
  • From: Apple Product Security
• [CORE-2013-0809] Sophos Web Protection Appliance Multiple Vulnerabilities
  • From: CORE Advisories Team
• Event Easy Calendar 1.0.0 WP plugin
  • From: roguecoder
• [SECURITY] [DSA 2752-1] phpbb3 security update
  • From: Thijs Kinkhorst
• [CVE-2013-5701] Watchguard Server Center v11.7.4 wgpr.dll Insecure Library Loading Local Privilege Escalation Vulnerability
  • From: Julien Ahrens
• [slackware-security] subversion (SSA:2013-251-01)
  • From: Slackware Security Team
• [ MDVSA-2013:227 ] python-setuptools
  • From: security
• Multiple vulnerabilities on D-Link Dir-505 devices
  • From: alessandro . dipinto
• Open-Xchange Security Advisory 2013-09-10
  • From: Martin Braun
• [ MDVSA-2013:228 ] cacti
  • From: security
• FreeBSD Security Advisory FreeBSD-SA-13:12.ifioctl
  • From: FreeBSD Security Advisories
• FreeBSD Security Advisory FreeBSD-SA-13:13.nullfs
  • From: FreeBSD Security Advisories
• FreeBSD Security Advisory FreeBSD-SA-13:10.sctp [REVISED]
  • From: FreeBSD Security Advisories
• FreeBSD Security Advisory FreeBSD-SA-13:11.sendfile
  • From: FreeBSD Security Advisories
• FreeBSD Security Advisory FreeBSD-SA-13:09.ip_multicast [REVISED]
  • From: FreeBSD Security Advisories
• [ MDVSA-2013:229 ] bzr
  • From: security
• [security bulletin] HPSBPV02918 rev.1 - HP ProCurve Manager (PCM), HP PCM+ and HP Identity Driven Manager (IDM), SQL Injection, Remote Code Execution, Session Reuse
  • From: security-alert
• eTransfer Lite v1.0 iOS - Persistent Filename Vulnerability
  • From: Vulnerability Lab
• Talkie Bluetooth Video iFiles 2.0 iOS - Multiple Vulnerabilities
  • From: Vulnerability Lab
• Synology DSM multiple vulnerabilities
  • From: Andrea Fabrizi
• [security bulletin] HPSBUX02926 SSRT101281 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS)
  • From: security-alert
• [SECURITY] [DSA 2754-1] exactimage security update
  • From: Raphael Geissert
• Microsoft SharePoint 2013 (Cloud) - Persistent Exception Handling Web Vulnerability
  • From: Vulnerability Lab
• Insecure CHIASMUS encryption in GSTOOL
  • From: Jan Schejbal
• Cross-Site Scripting (XSS) in WikkaWiki
  • From: High-Tech Bridge Security Research
• ProFTPd mod_sftp/mod_sftp_pam invalid pool allocation in kbdint authentication
  • From: king cope
• [SECURITY] [DSA 2755-1] python-django security update
  • From: Salvatore Bonaccorso
• OWASP Zed Attack Proxy 2.2.0
  • From: psiinon
• [ MDVSA-2013:230 ] gdm
  • From: security
• [security bulletin] HPSBUX02928 SSRT101274 rev.1 - HP-UX running perl, Remote Denial of Service (DoS)
  • From: security-alert
• [ MDVSA-2013:231 ] openswan
  • From: security
• [iBliss Security Advisory] Cross-Site Scripting (XSS) vulnerability in Design-approval-system wordpress plugin
  • From: Alexandro Silva
• APPLE-SA-2013-09-12-1 OS X Mountain Lion v10.8.5 and Security Update 2013-004
  • From: Apple Product Security
• APPLE-SA-2013-09-12-2 Safari 5.1.10
  • From: Apple Product Security
• WordPress Fixes Multiple Vulnerabilities With 3.6.1 Release
  • From: danielthomson72
• OpenSSL,OpenSSH ecdsa authentication code inconsistent return values.. no vulnerability?
  • From: king cope
• [SECURITY] [DSA 2753-1] mediawiki security update
  • From: Thijs Kinkhorst
• [ MDVSA-2013:233 ] python-OpenSSL
  • From: security
• [SECURITY] [DSA 2756-1] wireshark security update
  • From: Moritz Muehlenhoff
• Zimbra Collaboration Suite (ZCS) Session Replay Vulnerability
  • From: brianwarehime
• [ MDVSA-2013:232 ] libmodplug
  • From: security
• [ MDVSA-2013:234 ] python-django
  • From: security
• [SECURITY] [DSA 2757-1] wordpress security update
  • From: Yves-Alexis Perez
• Moodle 2.5.0-1 (badges/external.php) PHP Object Injection Vulnerability
  • From: emilio . pinn
• OWASP ESAPI Security Advisory: MAC Bypass in ESAPI Symmetric Encryption
  • From: Kevin W. Wall
• Botconf 2013 - Pre-programme pubished & registration open (Nantes, France, 5-6/12/2013)
  • From: Eric Freyssinet
• [ MDVSA-2013:235 ] mediawiki
  • From: security
• ExpressionEngine 2.6 Persistent XSS
  • From: Richard Clifford
• EarthVPN certificate configuration vulnerabilities
  • From: y6whynrzab
• [ MDVSA-2013:236 ] subversion
  • From: security
• APPLE-SA-2013-09-17-1 OS X Server v2.2.2
  • From: Apple Product Security
• [SECURITY] [DSA 2758-1] python-django security update
  • From: Salvatore Bonaccorso
• [slackware-security] mozilla-firefox (SSA:2013-260-02)
  • From: Slackware Security Team
• [slackware-security] mozilla-thunderbird (SSA:2013-260-03)
  • From: Slackware Security Team
• [ MDVSA-2013:237 ] firefox
  • From: security
• SQL Injection in vtiger CRM
  • From: High-Tech Bridge Security Research
• [SECURITY] [DSA 2759-1] iceweasel security update
  • From: Moritz Muehlenhoff
• [SECURITY] [DSA 2760-1] chrony security update
  • From: Moritz Muehlenhoff
• [security bulletin] HPSBMU02917 rev.1 - HP System Management Homepage (SMH) running on Linux and Windows, Remote Command Execution and Privilege Escalation
  • From: security-alert
• Cisco Security Advisory: Multiple Vulnerabilities in Cisco Prime Data Center Network Manager
  • From: Cisco Systems Product Security Incident Response Team
• Cisco Security Advisory: Cisco Prime Central for Hosted Collaboration Solution Assurance Unauthenticated Username and Password Enumeration Vulnerability
  • From: Cisco Systems Product Security Incident Response Team
• APPLE-SA-2013-09-18-1 iTunes 11.1
  • From: Apple Product Security
• APPLE-SA-2013-09-18-2 iOS 7
  • From: Apple Product Security
• [security bulletin] HPSBUX02927 SSRT101288 rev.1 - HP-UX Apache Web Server, Remote Execution of Arbitrary Code, Denial of Service (DoS)
  • From: security-alert
• APPLE-SA-2013-09-18-3 Xcode 5.0
  • From: Apple Product Security
• CVE-2013-5210 Adtran Netvanta Remote Code Injection via XSS
  • From: J. Oquendo
• Wordpress Plugin Complete Gallery Manager 3.3.3 - Arbitrary File Upload Vulnerability
  • From: Vulnerability Lab
• [security bulletin] HPSBMU02900 rev.3 - HP System Management Homepage (SMH) running on Linux and Windows, Multiple Remote and Local Vulnerabilities
  • From: security-alert
• [slackware-security] glibc (SSA:2013-260-01)
  • From: Slackware Security Team
• An Analysis of the (In)Security State of the GameHouse Game Installation Mechanism
  • From: RBS Research
• [PT-2013-41] Arbitrary Code Execution in Ajax File and Image Manager
  • From: noreply
• [ MDVSA-2013:238 ] wireshark
  • From: security
• Re: %windir%\temp\sso\ssoexec.dll (or: howtrustworthy is Microsoft's build process)
  • From: Stefan Kanthak
• [ MDVSA-2013:239 ] wordpress
  • From: security
• [security bulletin] HPSBGN02923 rev.1 - HP ArcSight Enterprise Security Manager Management Web Interface, Remote Cross Site Scripting (XSS)
  • From: security-alert
• [SECURITY] [DSA 2761-1] puppet security update
  • From: Raphael Geissert
• [security bulletin] HPSBGN02925 rev.1 - HP IceWall SSO, IceWall File Manager and IceWall Federation Agent, Multiple Remote Unauthorized Access Vulnerabilities
  • From: security-alert
• Paypal Inc Bug Bounty #99 - Filter Bypass & Persistent Web Vulnerability
  • From: Vulnerability Lab
• [iBliss Security Advisory] Blind SQL injection vulnerability in NOSpamPTI wordpress plugin
  • From: Alexandro Silva
• Monstra CMS v1.2.0 - Blind SQL Injection Vulnerability
  • From: Vulnerability Lab
• APPLE-SA-2013-09-20-1 Apple TV 6.0
  • From: Apple Product Security
• [security bulletin] HPSBST02919 rev.1 - HP XP P9000 Command View Advanced Edition Suite Software, Remote Cross Site Scripting (XSS)
  • From: security-alert
• Wordpress fgallery_plus Plugin Xss vulnerabilities
  • From: iedb . team
• [ANN] Struts 2.3.15.2 GA release available - security fix
  • From: Lukasz Lenart
• Wordpress fgallery_plus Plugin Xss vulnerabilities
  • From: iedb . team
• Wordpress fgallery_plus Plugin Xss vulnerabilities
  • From: iedb . team
• Re: [ANN] Struts 2.3.15.2 GA release available - security fix
  • From: Emi Lu
• [SECURITY] [DSA 2762-1] icedove security update
  • From: Moritz Muehlenhoff
• [IBliss Security Advisory] Cross-site scripting ( XSS ) in Bradesco gateway wordpress plugin
  • From: Alexandro Silva
• Re: DC4420 - London DEFCON - September meet - Tuesday 24th September 2013
  • From: Tony Naggs
• CVE-2013-5118 - XSS Good for Enterprise iOS
  • From: mario
• [SECURITY] [DSA 2763-1] pyopenssl security update
  • From: Salvatore Bonaccorso
• GreHack 2013 - 15 Nov. Grenoble, France - Conf. Registration OPEN
  • From: Fab Duchene
• Multiple Vulnerabilities in X2CRM
  • From: High-Tech Bridge Security Research
• [ MDVSA-2013:240 ] glpi
  • From: security
• [ MDVSA-2013:241 ] perl-Crypt-DSA
  • From: security
• [security bulletin] HPSBMU02872 SSRT101185 rev.2 - HP Service Manager, Remote Disclosure of Information, Cross Site Scripting(XSS)
  • From: security-alert
• Cisco Security Advisory: Cisco IOS Software Queue Wedge Denial of Service Vulnerability
  • From: Cisco Systems Product Security Incident Response Team
• Cisco Security Advisory: Cisco IOS Software IPv6 Virtual Fragmentation Reassembly Denial of Service Vulnerability
  • From: Cisco Systems Product Security Incident Response Team
• Cisco Security Advisory: Cisco IOS Software Network Address Translation Vulnerabilities
  • From: Cisco Systems Product Security Incident Response Team
• Cisco Security Advisory: Cisco IOS Software Zone-Based Firewall and Content Filtering Vulnerability
  • From: Cisco Systems Product Security Incident Response Team
• Cisco Security Advisory: Cisco IOS Software Multicast Network Time Protocol Denial of Service Vulnerability
  • From: Cisco Systems Product Security Incident Response Team
• Cisco Security Advisory: Cisco IOS Software DHCP Denial of Service Vulnerability
  • From: Cisco Systems Product Security Incident Response Team
• Cisco Security Advisory: Cisco IOS Software Internet Key Exchange Memory Leak Vulnerability
  • From: Cisco Systems Product Security Incident Response Team
• Cisco Security Advisory: Cisco IOS Software Resource Reservation Protocol Interface Queue Wedge Vulnerability
  • From: Cisco Systems Product Security Incident Response Team
• joomla com_zimbcomment Components Local File Include vulnerability
  • From: iedb . team
• [SECURITY] [DSA 2764-1] libvirt security update
  • From: Moritz Muehlenhoff
• XAMPP 1.8.1 Local Write Access Vulnerability
  • From: ISecAuditors Security Advisories
• [ MDVSA-2013:242 ] kernel
  • From: security
• [ISecAuditors Security Advisories] Multiple Reflected Cross-Site Scripting vulnerabilities
  • From: ISecAuditors Security Advisories
• AW: Cisco Security Advisory: Cisco IOS Software Zone-Based Firewall and Content Filtering Vulnerability
  • From: Aichhorn, Herbert
• ESA-2013-060: EMC VPLEX Information Disclosure Vulnerability
  • From: Security Alert
• APPLE-SA-2013-09-26-1 iOS 7.0.2
  • From: Apple Product Security
• Re:joomla com_zimbcomment Components Local File Include vulnerability
  • From: Sergio Tam
• [SECURITY] [DSA 2765-1] davfs2 security update
  • From: Luciano Bello
• [SECURITY] [DSA 2766-1] linux-2.6 security update
  • From: dann frazier
• [ MDVSA-2013:243 ] polkit
  • From: security
• [IBliss Security Advisory] Cross-site scripting ( XSS ) in PHP IDNA Convert
  • From: Alexandro Silva
• Linux Kernel Patches For Linux Kernel Security
  • From: geinblues
• [slackware-security] seamonkey (SSA:2013-271-01)
  • From: Slackware Security Team
• [SECURITY] [DSA 27671-1] proftpd-dfsg security update
  • From: Nico Golde
• [CVE-2013-5725] - Byword for iOS Data Destruction Vulnerability
  • From: guillaume