Mail Index
Thread Index
[FD] Defense in depth -- the Microsoft way (part 16): our developers and their QA dont follow our own security recommendations
From
: Stefan Kanthak
[FD] LE, BF and IAA vulnerabilities in Catapulta I.W. Edition
From
: MustLive
[FD] Yarubo #1: Arbitrary SQL Execution in Participants Database for Wordpress
From
: Yarubo Security Research Team
[FD] LSE Leading Security Experts GmbH - LSE-2014-05-22 - F*EX - Multiple Issues
From
: advisories
[FD] NG WifiTransfer Pro 1.1 - File Include Vulnerability
From
: Vulnerability Lab
[FD] Files Desk Pro v1.4 iOS - File Include Web Vulnerability
From
: Vulnerability Lab
[FD] Privacy Pro v1.2 HZ iOS - File Include Web Vulnerability
From
: Vulnerability Lab
[FD] TigerCom My Assistant v1.1 iOS - File Include Vulnerability
From
: Vulnerability Lab
[FD] Bluetooth Photo-File Share v2.1 iOS - Multiple Web Vulnerabilities
From
: Vulnerability Lab
[FD] CVE-2014-0907 - SetUID/SetGID Programs Allow Privilege Escalation Via Insecure RPATH In IBM DB2
From
: Portcullis Advisories
[FD] iScan Online Mobile 2.0.1 iOS - Command Inject Vulnerability
From
: Vulnerability Lab
[FD] GoAgent vulnerabilities: CA cert with known private key, TLS MITM
From
: David Fifield
[FD] CVE-2013-6876 s3dvt Root shell
From
: Hector Marco
[FD] CVE-2013-6825 DCMTK Root Privilege escalation
From
: Hector Marco
[FD] CVE-2014-1226 s3dvt Root shell (still)
From
: Hector Marco
[FD] Bug in bash <= 4.3 [security feature bypassed]
From
: Hector Marco
[FD] Is Your Antivirus Tracking You? You'd Be Surprised At What It Sends
From
: Ivan .Heca
[FD] [CVE-2014-2577] XSS on Transform Foundation Server 4.3.1 and 5.2 from Bottomline Technologies
From
: Fran
Re: [FD] TrueCrypt?
From
: Dave Howe
Re: [FD] TrueCrypt 7.1 repos on GitHub - forking starting point
From
: Dave Howe
Re: [FD] TrueCrypt 7.1 repos on GitHub - forking starting point
From
: Greg Bromage
[FD] IPSwitch IMail Server WEB client 12.4 persistent XSS
From
: fulldisclosure
Re: [FD] [oss-security] Bug in bash <= 4.3 [security feature bypassed]
From
: Jose Carlos Luna Duran
[FD] More /tmp fun (PHP, Lynis)
From
: A B
[FD] Linksys E4200 Authentication Bypass
From
: Jordan Bradley
Re: [FD] TrueCrypt?
From
: Dave Warren
[FD] [RT-SA-2014-006] Directory Traversal in DevExpress ASP.NET File Manager
From
: RedTeam Pentesting GmbH
[FD] More OpenSSL issues
From
: Jordan Urie
[FD] Scrumworks Pro authenticated arbitrary password reset
From
: Brandon Perry
[FD] PHPBTTracker+ 2.2 SQL Injection
From
: Enrico Cinquini
Re: [FD] [oss-security] Bug in bash <= 4.3 [security feature bypassed]
From
: lists
Re: [FD] [oss-security] Bug in bash <= 4.3 [security feature bypassed]
From
: Hector Marco
[FD] Computer hackers face life in prison under new Government crackdown on cyber terrorism | Mail Online
From
: Ivan .Heca
Re: [FD] More OpenSSL issues
From
: Brandon Vincent
Re: [FD] Computer hackers face life in prison under new Government crackdown on cyber terrorism | Mail Online
From
: Jeffrey Walton
Re: [FD] [oss-security] Bug in bash <= 4.3 [security feature bypassed]
From
: Jeffrey Walton
Re: [FD] More OpenSSL issues
From
: P Vixie
[FD] SEC Consult SA-20140606-0 :: Multiple critical vulnerabilities in WebTitan
From
: SEC Consult Vulnerability Lab
[FD] [Onapsis Security Advisories] Multiple Hard-coded Usernames in SAP Components
From
: Onapsis Research Labs
[FD] [Onapsis Security Advisory 2014-020] SAP SLD Information Tampering
From
: Onapsis Research Labs
Re: [FD] More OpenSSL issues
From
: Craig Young
[FD] [Tool] Pcredz
From
: laurent gaffie
[FD] Xornic Contact Us Form - Captcha Bypass / XSS
From
: Scott Arciszewski
Re: [FD] GoAgent vulnerabilities: CA cert with known private key, TLS MITM
From
: Dave Howe
[FD] CVE-2014-3740 - SpiceWorks Cross-site scripting
From
: Dolev Farhi
[FD] Responsible disclosure: terms and conditions
From
: Pedro Ribeiro
Re: [FD] TrueCrypt?
From
: surivaton surivaton
Re: [FD] TrueCrypt?
From
: Dave Warren
Re: [FD] Responsible disclosure: terms and conditions
From
: Paul Vixie
Re: [FD] Responsible disclosure: terms and conditions
From
: Daniel Wood
Re: [FD] Responsible disclosure: terms and conditions
From
: Dave Warren
Re: [FD] Responsible disclosure: terms and conditions
From
: codeinject.org
Re: [FD] Responsible disclosure: terms and conditions
From
: Pedro Ribeiro
Re: [FD] Responsible disclosure: terms and conditions
From
: Paul Vixie
Re: [FD] Responsible disclosure: terms and conditions
From
: Paul Vixie
[FD] SCADA StrangeLove at PHDays IV
From
: scadastrangelove
Re: [FD] SCADA StrangeLove at PHDays IV
From
: scadastrangelove
Re: [FD] Responsible disclosure: terms and conditions
From
: Paul Vixie
Re: [FD] Responsible disclosure: terms and conditions
From
: Paul Vixie
[FD] Cisco AsyncOS Cross-Site Scripting Vulnerability CVE-2014-3289
From
: William Costa
Re: [FD] Responsible disclosure: terms and conditions
From
: Eric Rand
Re: [FD] Responsible disclosure: terms and conditions
From
: coderman
Re: [FD] Responsible disclosure: terms and conditions
From
: Daniel Wood
[FD] [Tool] Responder v2.0.9
From
: laurent gaffie
[FD] CSRF in Featured Comments 1.2.1 allows an attacker to set and unset comment statuses (WordPress plugin)
From
: dxw Security
[FD] CSRF in Member Approval 131109 permits unapproved registrations (WordPress plugin)
From
: dxw Security
[FD] CSRF in JW Player for Flash & HTML5 Video 2.1.2 permits deletion of players (WordPress plugin)
From
: dxw Security
[FD] PayPal supports terrorism
From
: MustLive
[FD] Multiple Vulns in Openfiler 2.99
From
: dsa dsa
[FD] Oracle Access Manager (OAM) Vulnerabilities (CVEs)
From
: Jing Wang
[FD] Embeded Device Security Conference 2014 // CFP
From
: Michael Eddington
Re: [FD] PayPal supports terrorism
From
: †
Re: [FD] PayPal supports terrorism
From
: Fyodor
[FD] NEW : VMSA-2014-0006 - VMware product updates address OpenSSL security vulnerabilities
From
: "VMware Security Response Center"
[FD] CVE-2014-3977 - Privilege Escalation in IBM AIX
From
: Portcullis Advisories
[FD] XSS on Samsung Site
From
: Roberto Garcia Amoriz
[FD] CVE-2014-3427 CRLF Injection and CVE-2014-3428 XSS Injection in Yealink VoIP Phones
From
: J. Oquendo
[FD] AST-2014-005: Remote Crash in PJSIP Channel Driver's Publish/Subscribe Framework
From
: Asterisk Security Team
[FD] AST-2014-006: Asterisk Manager User Unauthorized Shell Access
From
: Asterisk Security Team
[FD] AST-2014-007: Exhaustion of Allowed Concurrent HTTP Connections
From
: Asterisk Security Team
[FD] AST-2014-008: Denial of Service in PJSIP Channel Driver Subscriptions
From
: Asterisk Security Team
[FD] [SE-2014-01] Security vulnerabilities in Oracle Database Java VM
From
: Security Explorations
[FD] T-Mobile webConnect Manager sysauth cookie leak in plain text via http request
From
: Americas Testkitchen
[FD] [Tool] XXE exploit automation - On The Outside, Reaching In 0.2
From
: Ben Lincoln (F7EFC8C9)
[FD] [CFP] Hacktivity 2014 CFP is open
From
: Ferenc Spala
[FD] chatcrypt.com insecure, bad setup for secure chat
From
: johan nestaas
[FD] Securing Ubuntu-Desktop From the Bad-Guys, and the Good-Guys.
From
: Joshua Rogers
[FD] Onnto RAID Master rev358 for OS X - multiple remote vulnerabilities
From
: Reed Black
[FD] Enom.com security contact? (Account Hijacking -- Google Apps integrations vulnerable)
From
: Kristian Erik Hermansen
[FD] [CVE-2014-3005]Zabbix 1.8.x-2.2.x Local File Inclusion via XXE Attack
From
: pnig0spnig0s
[FD] Paypal Inc Bug Bounty #36 - SecurityKey Card Serialnumber Module Vulnerability
From
: Vulnerability Lab
[FD] Secunia CSI/VIM - Filter Bypass & Persistent Validation Vulnerabilities
From
: Vulnerability Lab
[FD] Secunia CSI/VIM - Filter Bypass & Persistent Validation Vulnerabilities
From
: Vulnerability Lab
[FD] Vulnerabilities in CDVI ACAC22 [2-Door Controller]
From
: gassyjack
[FD] [CVE-2014-3244]SugarCRM v6.5.16 rss dashlet LFI via XXE Attack
From
: pnig0spnig0s
Re: [FD] Secunia CSI/VIM - Filter Bypass & Persistent Validation Vulnerabilities
From
: Secunia Research
[FD] XSS on Dell Site
From
: Roberto Garcia Amoriz
[FD] Call For Papers for 2nd Balkan Computer Congress - BalCCon2k14
From
: Milos Krasojevic
[FD] Project un1c0rn hits 70k hosts
From
: Project Un1c0rn
[FD] XSS on Panasonic site
From
: Roberto Garcia Amoriz
[FD] XSS on Epson site
From
: Roberto Garcia Amoriz
Re: [FD] Project un1c0rn hits 70k hosts
From
: surivaton surivaton
Re: [FD] Project un1c0rn hits 70k hosts
From
: Project Un1c0rn
Re: [FD] XSS on Panasonic site
From
: Adrien Jolibert
[FD] keybase.io
From
: Rikairchy
[FD] BF and XSS vulnerabilities in Zyxel P660RT2 EE
From
: MustLive
Re: [FD] keybase.io
From
: Dennis E. Hamilton
Re: [FD] keybase.io
From
: Attilla de Groot
Re: [FD] keybase.io
From
: Tony Arcieri
Re: [FD] keybase.io
From
: Robert Dannhauer
[FD] Fwd: CFP ekoparty 2014
From
: Juan Pablo Daniel
Re: [FD] keybase.io
From
: Nick Boyce
Re: [FD] keybase.io
From
: Tony Arcieri
[FD] Android KeyStore Stack Buffer Overflow (CVE-2014-3100)
From
: Roee Hay
[FD] Session Hijack Vulnerabilty on ebays german want ad?
From
: Christian K.
[FD] SpamTitan contains a reflected cross-site scripting (XSS) vulnerability CVE-2014-2965
From
: William Costa
Re: [FD] keybase.io
From
: Jonathan Care
[FD] Boolean algebra and CSS history theft
From
: Michal Zalewski
[FD] CVE-2014-3868: ZeusCart 4.x Remote SQL Injection Vulnerability
From
: Kenny Mathis
[FD] Wordpress TimThumb 2.8.13 WebShot Remote Code Execution (0-day)
From
: Pichaya Morimoto
[FD] R2DR2: ANALYSIS AND EXPLOITATION OF UDP AMPLIFICATION VULNERABILITIES
From
: Pablo A.
Re: [FD] Session Hijack Vulnerabilty on ebays german want ad?
From
: Cengizhan.Yuecel
Re: [FD] Session Hijack Vulnerabilty on ebays german want ad?
From
: felsenkotzer
Re: [FD] Session Hijack Vulnerabilty on ebays german want ad?
From
: uname -a
[FD] Exploiting Wildcard Expansion on Linux
From
: Stephen Chavez
[FD] [RT-SA-2013-002] Endeca Latitude Cross-Site Request Forgery
From
: RedTeam Pentesting GmbH
[FD] [RT-SA-2013-003] Endeca Latitude Cross-Site Scripting
From
: RedTeam Pentesting GmbH
[FD] CVE-2014-3752 - Arbitrary Code Execution in G Data TotalProtection 2014
From
: Portcullis Advisories
[FD] CVE-2014-2385 - Multiple Cross Site Scripting in Sophos Antivirus Configuration Console (Linux)
From
: Portcullis Advisories
[FD] HP Enterprise Maps 1.00 Authenticated XXE
From
: Brandon Perry
[FD] Defense in depth -- the Microsoft way (part 17): even a one-line script is vulnerable
From
: Stefan Kanthak
Re: [FD] Boolean algebra and CSS history theft
From
: Diego Rodriguez
Re: [FD] keybase.io
From
: Tony Arcieri
Re: [FD] keybase.io
From
: Sam Stewart
[FD] FCC Net Neutrality
From
: laurent gaffie
Re: [FD] Session Hijack Vulnerabilty on ebays german want ad?
From
: R D
[FD] XSS and CSRF vulnerabilities in Zyxel P660RT2 EE
From
: MustLive
Re: [FD] Wordpress TimThumb 2.8.13 WebShot Remote Code Execution (0-day)
From
: Ryan Dewhurst
[FD] Back To The Future: Unix Wildcards Gone Wild
From
: defensecode
[FD] Mailspect Control Panel version 4.0.5 Multiple Vulnerabilities
From
: Onur Alanbel
[FD] CSRF and stored XSS in Simple Share Buttons Adder 4.4 (WordPress plugin)
From
: dxw Security
[FD] [RT-SA-2014-008] Python CGIHTTPServer File Disclosure and Potential Code Execution
From
: RedTeam Pentesting GmbH
Re: [FD] Back To The Future: Unix Wildcards Gone Wild
From
: Michal Zalewski
[FD] check_dhcp - Nagios Plugins = 2.0.2 Race Condition
From
: Dawid Golunski
[FD] Microsoft no longer sending e-mail based security notifications
From
: Reed Loden
[FD] SECV-05-1401 - Vulnerability on World of Tanks servers
From
: info
[FD] SECV-05-1402 - Reportico php admin credentials leak
From
: info
[FD] CSRF Vulnerability on LinkedIn
From
: Kishor Sonawane
[FD] openSIS 4.5 - 5.3 Cross Site Request Forgery Vulnerability
From
: Ubani Balogun
[FD] openSIS 4.5 - 5.3 SQL Injection vulnerability
From
: Ubani Balogun
[FD] titcoin
From
: Vahagn Vardanyan
Re: [FD] Back To The Future: Unix Wildcards Gone Wild
From
: Julius Kivimäki
Re: [FD] Back To The Future: Unix Wildcards Gone Wild
From
: gremlin
Re: [FD] Back To The Future: Unix Wildcards Gone Wild
From
: Nick Lindridge
Re: [FD] Back To The Future: Unix Wildcards Gone Wild
From
: Ivan Delalande
Re: [FD] Session Hijack Vulnerabilty on ebays german want ad?
From
: Christian K.
Re: [FD] Back To The Future: Unix Wildcards Gone Wild
From
: Michal Zalewski
Re: [FD] Session Hijack Vulnerabilty on ebays german want ad?
From
: Michael Brown
Re: [FD] Back To The Future: Unix Wildcards Gone Wild
From
: steel-wing
[FD] Fwd: Re: Microsoft no longer sending e-mail based security notifications
From
: Peter Nas
Re: [FD] Microsoft no longer sending e-mail based security notifications
From
: Zurd
Re: [FD] SECV-05-1401 - Vulnerability on World of Tanks servers
From
: jen140
Re: [FD] Back To The Future: Unix Wildcards Gone Wild
From
: Cley Faye
Re: [FD] Back To The Future: Unix Wildcards Gone Wild
From
: *
Re: [FD] Back To The Future: Unix Wildcards Gone Wild
From
: fulldisclosure
Re: [FD] Back To The Future: Unix Wildcards Gone Wild
From
: Daniel Miller
[FD] Horde Framework Unserialize PHP Code Execution - metasploit port / standalone exploit
From
: Akra Macha
[FD] Sun/Oracle GlassFish Server Authenticated Code Execution - metasploit port / Standalone exploit
From
: Akra Macha
[FD] Asterisk Phreaking How-To
From
: Akra Macha
[FD] Flussonic Media Server 4.3.3 Multiple Vulnerabilities
From
: Onur Alanbel
Re: [FD] Back To The Future: Unix Wildcards Gone Wild
From
: Nico Le Moin
[FD] AV scan on read vs write debate....
From
: Exibar
Re: [FD] Back To The Future: Unix Wildcards Gone Wild
From
: Peter Stamfest
Re: [FD] AV scan on read vs write debate....
From
: Reindl Harald
[FD] Local File Inclusion in Theme My Login 6.3.9 provides access to arbitrary files and could facilitate arbitrary code execution (WordPress plugin)
From
: dxw Security
Mail converted by
MHonArc