Mail Index
- [Full-disclosure] [ MDVSA-2013:159 ] clamav
- [Full-disclosure] [SECURITY] [DSA 2665-1] strongswan security update
- [Full-disclosure] n.runs-SA-2013.005 - IBM Lotus Notes - arbitrary code execution
- [Full-disclosure] Breakpoint 2013 Call For Papers
- [Full-disclosure] [HITB-Announce] #HITB2013KUL Call for Papers
- [Full-disclosure] Forticlient VPN client credential interception vulnerability
- Re: [Full-disclosure] Forticlient VPN client credential interception vulnerability
- [Full-disclosure] [Security-news] SA-CONTRIB-2013-046 - Filebrowser - Reflected Cross Site Scripting (XSS)
- Re: [Full-disclosure] Forticlient VPN client credential interception vulnerability
- [Full-disclosure] [SECURITY] [DSA 2664-1] stunnel4 security update
- From: Salvatore Bonaccorso
- [Full-disclosure] [RT-SA-2013-001] Advisory: Exim with Dovecot: Typical Misconfiguration Leads to Remote Command Execution
- From: RedTeam Pentesting GmbH
- [Full-disclosure] [ MDVSA-2013:160 ] phpmyadmin
- [Full-disclosure] Trying to send mail to Broadcom
- [Full-disclosure] Vulnerability in Microsoft Security Essentials <v4.2
- [Full-disclosure] XSS vulnerability in JW Player and JW Player Pro
- [Full-disclosure] Using CSS :visited to steal your history (again, zzzz...)
- Re: [Full-disclosure] Using CSS :visited to steal your history (again, zzzz...)
- [Full-disclosure] Vulnerabilities in Windows 8 Professional x64 factory preinstallation of Fujitsu Lifebook A512
- [Full-disclosure] [SE-2012-01] New security vulnerabilities and broken fixes in IBM Java
- From: Security Explorations
- [Full-disclosure] [ MDVSA-2013:161 ] java-1.7.0-openjdk
- [Full-disclosure] Introducing libOnionRoute, the library to anonymize software
- [Full-disclosure] Apache VCL improper input validation
- [Full-disclosure] VULNERABLE and COMPLETELY outdated 3rd-party libraries/components used in 3CX Phone 6
- [Full-disclosure] VULNERABLE and COMPLETELY outdated 3rd-party libraries/components used in 3CX Phone System 11
- [Full-disclosure] Vulnerabilities in VideoJS
- [Full-disclosure] Ruxcon 2013 Call For Papers
- [Full-disclosure] [ESNC-2013-005] Remote Code Injection in SAP ERP Central Component - Project System
- [Full-disclosure] SEC Consult SA-20130507-0 :: Multiple vulnerabilities in NetApp OnCommand System Manager
- From: SEC Consult Vulnerability Lab
- [Full-disclosure] HTP5 ezine released
- Re: [Full-disclosure] SEC Consult SA-20130507-0 :: Multiple vulnerabilities in NetApp OnCommand System Manager
- [Full-disclosure] [ MDVSA-2013:162 ] glibc
- [Full-disclosure] [ MDVSA-2013:163 ] glibc
- [Full-disclosure] Unscribe
- Re: [Full-disclosure] Vulnerabilities in VideoJS
- Re: [Full-disclosure] [ESNC-2013-005] Remote Code Injection in SAP ERP Central Component - Project System
- [Full-disclosure] [2.0 Update] Cisco Security Advisory: Cisco Prime Data Center Network Manager Remote Command Execution Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- [Full-disclosure] Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified Customer Voice Portal Software
- From: Cisco Systems Product Security Incident Response Team
- Re: [Full-disclosure] Vulnerabilities in VideoJS
- [Full-disclosure] Vulnerabilities in multiple web applications with VideoJS
- [Full-disclosure] Vulnerability in "Fujitsu Desktop Update" (for Windows)
- Re: [Full-disclosure] Vulnerabilities in Windows 8 Professional x64 factory preinstallation of Fujitsu Lifebook A512 [continued]
- [Full-disclosure] AlienVault OSSIM multiple SQL Injection vulnerabilities
- [Full-disclosure] List Charter
- [Full-disclosure] DDIVRT-2013-53 Actuate 'ActuateJavaComponent' Multiple Vulnerabilities
- [Full-disclosure] GlobaLeaks 0.2 Alpha (herMario edition) released!
- [Full-disclosure] CVE-2013-2071 Request mix-up if AsyncListener method throws RuntimeException
- [Full-disclosure] [SECURITY] CVE-2013-2067 Session fixation with FORM authenticator
- [Full-disclosure] [SECURITY] CVE-2012-3544 Chunked transfer encoding extension size is not limited
- [Full-disclosure] OT bait on freelancer.com about md5 preimage
- Re: [Full-disclosure] OT bait on freelancer.com about md5 preimage
- [Full-disclosure] [Botconf] Botconf announcement and CFP reminder
- [Full-disclosure] [SECURITY] [DSA 2666-1] xen security update
- From: Salvatore Bonaccorso
- [Full-disclosure] XSS and FPD vulnerabilities in Search and Share for WordPress
- [Full-disclosure] [SECURITY] [DSA 2667-1] mysql-5.5 security update
- [Full-disclosure] Paypal Bug Bounty #31 - Mail Encoding Web Vulnerability
- [Full-disclosure] Wireless Disk PRO v2.3 iOS - Multiple Web Vulnerabilities
- Re: [Full-disclosure] Paypal Bug Bounty #31 - Mail Encoding Web Vulnerability
- [Full-disclosure] Wifi Photo Transfer 2.1 & 1.1 PRO - Multiple Vulnerabilities
- [Full-disclosure] Wireless Photo Access 1.0.10 iOS - Multiple Vulnerabilities
- [Full-disclosure] Wifi Album v1.47 iOS - Command Injection Vulnerability
- [Full-disclosure] SimpleTransfer 2.2.1 - Command Injection Vulnerabilities
- [Full-disclosure] File Lite 3.3 & 3.5 PRO iOS - Multiple Web Vulnerabilities
- Re: [Full-disclosure] Paypal Bug Bounty #31 - Mail Encoding Web Vulnerability
- [Full-disclosure] [ MDVSA-2013:164 ] mesa
- [Full-disclosure] IPB (Invision Power Board) all versions (1.x? / 2.x / 3.x) Admin account Takeover leading to code execution
- [Full-disclosure] Security-Assessment.com Advisory: Gallery Server Pro File Upload Filter Bypass
- [Full-disclosure] Q: CVE Database with Programming Language and Failure Classification?
- [Full-disclosure] [HITB-Announce] HITB Magazine Issue 010
- [Full-disclosure] GreHack 2013 - Call For Papers - November 15, Grenoble, France
- [Full-disclosure] Vulnerabilities in multiple plugins for WordPress with VideoJS
- [Full-disclosure] www.netcraft.com - "Search Form" Cross-site Scripting vulnerability
- [Full-disclosure] Remote command Injection in Creme Fraiche 0.6 Ruby Gem
- From: Larry W. Cashdollar
- [Full-disclosure] [SECURITY] [DSA 2668-1] linux-2.6 security update
- [Full-disclosure] [ MDVSA-2013:165 ] firefox
- [Full-disclosure] Indusface Website Hacked and Infected?
- [Full-disclosure] Cisco Security Advisory: Cisco TelePresence Supervisor MSE 8050 Denial of Service Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- [Full-disclosure] [Security-news] SA-CONTRIB-2013-047 - Google Authenticator login - Access Bypass
- Re: [Full-disclosure] Q: CVE Database with Programming Language and Failure Classification?
- [Full-disclosure] [SECURITY] [DSA 2669-1] linux security update
- [Full-disclosure] Take Part in Positive Hack Days in Any Part of the World
- [Full-disclosure] Multiple vulnerabilities in multiple themes for WordPress with VideoJS
- [Full-disclosure] On Skype URL eavesdropping
- Re: [Full-disclosure] On Skype URL eavesdropping
- Re: [Full-disclosure] On Skype URL eavesdropping
- Re: [Full-disclosure] On Skype URL eavesdropping
- [Full-disclosure] CONFidence - May, 28-29, Krakow, Poland - a conference adventure that never stops!
- [Full-disclosure] My ISP is routing traffic to private addresses...
- Re: [Full-disclosure] My ISP is routing traffic to private addresses...
- Re: [Full-disclosure] My ISP is routing traffic to private addresses...
- Re: [Full-disclosure] My ISP is routing traffic to private addresses...
- Re: [Full-disclosure] My ISP is routing traffic to private addresses...
- Re: [Full-disclosure] My ISP is routing traffic to private addresses...
- Re: [Full-disclosure] My ISP is routing traffic to private addresses...
- Re: [Full-disclosure] My ISP is routing traffic to private addresses...
- [Full-disclosure] exploitation ideas under memory pressure
- Re: [Full-disclosure] My ISP is routing traffic to private addresses...
- Re: [Full-disclosure] My ISP is routing traffic to private addresses...
- Re: [Full-disclosure] My ISP is routing traffic to private addresses...
- From: Carl "Thomas" Guething
- Re: [Full-disclosure] exploitation ideas under memory pressure
- Re: [Full-disclosure] My ISP is routing traffic to private addresses...
- Re: [Full-disclosure] My ISP is routing traffic to private addresses...
- Re: [Full-disclosure] My ISP is routing traffic to private addresses...
- Re: [Full-disclosure] My ISP is routing traffic to private addresses...
- Re: [Full-disclosure] My ISP is routing traffic to private addresses...
- Re: [Full-disclosure] My ISP is routing traffic to private addresses...
- [Full-disclosure] AFU vulnerabilities in MCFileManager for TinyMCE
- [Full-disclosure] AFU vulnerabilities in MCImageManager for TinyMCE
- [Full-disclosure] Revision of "IPv6 Stable Privacy Addresses" (Fwd: I-D Action: draft-ietf-6man-stable-privacy-addresses-07.txt)
- [Full-disclosure] Interesting referrer URLs when accessing vulnerability disclosure information
- [Full-disclosure] Thttpd 2.25b Directory Traversal Vulnerability
- [Full-disclosure] Defense in depth -- the Microsoft way
- Re: [Full-disclosure] My ISP is routing traffic to private addresses...
- [Full-disclosure] Critical issues affecting multiple game engines
- Re: [Full-disclosure] My ISP is routing traffic to private addresses...
- Re: [Full-disclosure] exploitation ideas under memory pressure
- [Full-disclosure] Trend Micro DirectPass 1.5.0.1060 (Cloud) Software - Multiple Software Vulnerabilities
- [Full-disclosure] Sony PS3 Firmware v4.31 - Code Execution Vulnerability
- [Full-disclosure] CVE-2013-3496. Local privilege escalation vulnerability in Infotecs products (ViPNet Client\Coordinator, SafeDisk, Personal Firewall)
- Re: [Full-disclosure] exploitation ideas under memory pressure
- [Full-disclosure] [ MDVSA-2013:166 ] krb5
- Re: [Full-disclosure] exploitation ideas under memory pressure
- Re: [Full-disclosure] exploitation ideas under memory pressure
- Re: [Full-disclosure] Sony PS3 Firmware v4.31 - Code Execution Vulnerability
- [Full-disclosure] Pentesting Distributions or Projects for Raspberry Pi
- Re: [Full-disclosure] Sony PS3 Firmware v4.31 - Code Execution Vulnerability
- [Full-disclosure] [SECURITY] [DSA 2670-1] request-tracker3.8 security update
- From: Salvatore Bonaccorso
- [Full-disclosure] [SECURITY] [DSA 2671-1] request-tracker4 security update
- From: Salvatore Bonaccorso
- [Full-disclosure] [SECURITY] [DSA 2672-1] kfreebsd-9 security update
- Re: [Full-disclosure] Pentesting Distributions or Projects for Raspberry Pi
- [Full-disclosure] [waraxe-2013-SA#105] - Multiple Vulnerabilities in Spider Catalog Wordpress Plugin
- [Full-disclosure] [waraxe-2013-SA#104] - Multiple Vulnerabilities in Spider Event Calendar Wordpress Plugin
- Re: [Full-disclosure] Pentesting Distributions or Projects for Raspberry Pi
- Re: [Full-disclosure] Sony PS3 Firmware v4.31 - Code Execution Vulnerability
- [Full-disclosure] [ANN] Struts 2.3.14.1 GA (fast track | security)
- [Full-disclosure] SEC Consult SA-20130523-0 :: JavaScript Execution in IBM WebSphere DataPower Services
- From: SEC Consult Vulnerability Lab
- [Full-disclosure] SEC Consult whitepaper :: Blackberry Z10 Research Primer - "Dissecting Blackberry 10 - An initial analysis"
- From: SEC Consult Vulnerability Lab
- [Full-disclosure] [SECURITY] [DSA 2677-1] libxrender security update
- [Full-disclosure] [SECURITY] [DSA 2678-1] mesa security update
- [Full-disclosure] [SECURITY] [DSA 2679-1] xserver-xorg-video-openchrome security update
- [Full-disclosure] [SECURITY] [DSA 2680-1] libxt security update
- [Full-disclosure] [SECURITY] [DSA 2681-1] libxcursor security update
- [Full-disclosure] [SECURITY] [DSA 2683-1] libxi security update
- [Full-disclosure] [SECURITY] [DSA 2684-1] libxrandr security update
- [Full-disclosure] [SECURITY] [DSA 2682-1] libxext security update
- [Full-disclosure] [SECURITY] [DSA 2685-1] libxp security update
- [Full-disclosure] [SECURITY] [DSA 2686-1] libxcb security update
- [Full-disclosure] [SECURITY] [DSA 2687-1] libfs security update
- [Full-disclosure] [SECURITY] [DSA 2688-1] libxres security update
- [Full-disclosure] [SECURITY] [DSA 2689-1] libxtst security update
- [Full-disclosure] [SECURITY] [DSA 2676-1] libxfixes security update
- [Full-disclosure] [SECURITY] [DSA 2675-1] libxvmc security update
- [Full-disclosure] [SECURITY] [DSA 2674-1] libxv security update
- [Full-disclosure] [SECURITY] [DSA 2673-1] libdmx security update
- [Full-disclosure] [SECURITY] [DSA 2690-1] libxxf86dga security update
- [Full-disclosure] [SECURITY] [DSA 2691-1] libxinerama security update
- [Full-disclosure] [SECURITY] [DSA 2692-1] libxxf86vm security update
- [Full-disclosure] XSS and FPD vulnerabilities in I Love It New theme for WordPress
- [Full-disclosure] Question on SMBRelay through Meterpreter
- [Full-disclosure] little proof-of-concept for remote traffic statistics using the IP ID field
- [Full-disclosure] Show In Browser 0.0.3 Ruby Gem /tmp file injection vulnerability
- From: Larry W. Cashdollar
- Re: [Full-disclosure] Sony PS3 Firmware v4.31 - Code Execution Vulnerability
- [Full-disclosure] Shakacon V Speaker Selections
- [Full-disclosure] Open challenge to Design the logo for Ground Zero Summit
- [Full-disclosure] Analysis of the Carna Botnet (Internet Census 2012)
- [Full-disclosure] [SECURITY] [DSA 2675-2] libxvmc regression update
- [Full-disclosure] [SECURITY] [DSA 2693-1] libx11 security update
- [Full-disclosure] PayPal.com XSS Vulnerability
- Re: [Full-disclosure] Sony PS3 Firmware v4.31 - Code Execution Vulnerability
- [Full-disclosure] Multiple vulnerabilities in aCMS
- [Full-disclosure] CVE-2013-3666 - LG Optimus G command injection (as system user) vulnerability
- [Full-disclosure] [SECURITY] [DSA 2694-1] spip security update
- From: Salvatore Bonaccorso
- [Full-disclosure] PayPal Bug Bounty #78 FR - Remote SQL Injection Vulnerability
- Re: [Full-disclosure] Trying to send mail to Broadcom
- [Full-disclosure] DC4420 - London DEFCON - May meet - Tuesday 28th May 2013
- [Full-disclosure] [ MDVSA-2013:167 ] openvpn
- [Full-disclosure] [ MDVSA-2013:168 ] python-httplib2
- Re: [Full-disclosure] Sony PS3 Firmware v4.31 - Code Execution Vulnerability
- [Full-disclosure] Barracuda SSL VPN 680 2.2.2.203 - Redirect Web Vulnerability
- [Full-disclosure] [CVE-2013-2115] Struts 2.3.14.2 GA (important security fix)
- [Full-disclosure] DC4420 - London DEFCON - May meet - Tuesday 28th May 2013
- [Full-disclosure] c0c0n 2013 CFP - Extended Deadline: 9 June, 2013
- From: c0c0n International Information Security Conference
- Re: [Full-disclosure] Sony PS3 Firmware v4.31 - Code Execution Vulnerability
- Re: [Full-disclosure] PayPal.com XSS Vulnerability
- [Full-disclosure] Backdoor scanners testing
- Re: [Full-disclosure] PayPal.com XSS Vulnerability
- [Full-disclosure] 13 more XSS on Paypal
- Re: [Full-disclosure] PayPal.com XSS Vulnerability
- Re: [Full-disclosure] PayPal.com XSS Vulnerability
- Re: [Full-disclosure] PayPal.com XSS Vulnerability
- Re: [Full-disclosure] PayPal.com XSS Vulnerability
- Re: [Full-disclosure] PayPal.com XSS Vulnerability
- Re: [Full-disclosure] PayPal.com XSS Vulnerability
- [Full-disclosure] SCADA StrangeLove @Positive Hack Days
- Re: [Full-disclosure] PayPal.com XSS Vulnerability
- Re: [Full-disclosure] PayPal.com XSS Vulnerability
- Re: [Full-disclosure] PayPal.com XSS Vulnerability
- [Full-disclosure] CORE-2013-0302 - Zavio IP Cameras multiple vulnerabilities
- From: CORE Security Technologies Advisories
- [Full-disclosure] CORE-2013-0322 - MayGion IP Cameras multiple vulnerabilities
- From: CORE Security Technologies Advisories
- [Full-disclosure] CORE-2013-0318 - TP-Link IP Cameras Multiple Vulnerabilities
- From: CORE Security Technologies Advisories
- [Full-disclosure] CA20130528-01: Security Notice for CA Process Automation (CA PAM)
- Re: [Full-disclosure] PayPal.com XSS Vulnerability
- [Full-disclosure] [ MDVSA-2013:169 ] socat
- [Full-disclosure] [ MDVSA-2013:170 ] socat
- Re: [Full-disclosure] PayPal.com XSS Vulnerability
- Re: [Full-disclosure] PayPal.com XSS Vulnerability
- From: Źmicier Januszkiewicz
- Re: [Full-disclosure] PayPal.com XSS Vulnerability
- From: Źmicier Januszkiewicz
- Re: [Full-disclosure] PayPal.com XSS Vulnerability
- Re: [Full-disclosure] PayPal.com XSS Vulnerability
- Re: [Full-disclosure] PayPal.com XSS Vulnerability
- Re: [Full-disclosure] PayPal.com XSS Vulnerability
- [Full-disclosure] [SECURITY] [DSA 2696-1] otrs2 security update
- [Full-disclosure] [Security-news] SA-CONTRIB-2013-048 - Edit Limit - Access Bypass
- [Full-disclosure] [Security-news] SA-CONTRIB-2013-049 - Node access user reference - Access Bypass
- [Full-disclosure] [SECURITY] [DSA 2695-1] chromium-browser security update
- [Full-disclosure] PayPal Bug Bounty Controversy - I found the XSS first: They still didn't pay me
- Re: [Full-disclosure] PayPal.com XSS Vulnerability
- Re: [Full-disclosure] PayPal.com XSS Vulnerability
- [Full-disclosure] Barracuda SSL VPN 680 2.2.2.203 - Redirect Vulnerability
- [Full-disclosure] [SECURITY] [DSA 2697-1] gnutls26 security update
- [Full-disclosure] FPD and Security bypass vulnerabilities in Exploit Scanner for WordPress
- [Full-disclosure] [Security-news] SA-CONTRIB-2013-050 - Webform - Cross Site Scripting (XSS)
- [Full-disclosure] [ MDVSA-2013:171 ] gnutls
- Re: [Full-disclosure] PayPal.com XSS Vulnerability
- [Full-disclosure] No Directory Traversal Vulnerability in sthttpd
- [Full-disclosure] XSS in images.samsung.com
- [Full-disclosure] Call For Papers - ekoparty security conference 2013
Mail converted by MHonArc