stdin
By Date

Most recent messages
300 messages sorted by: [ author ] [ thread ] [ subject ]

Starting: Mon Mar 02 2009 - 18:32:36 EET
Ending: Tue Mar 31 2009 - 21:44:54 EEST

Re: djbdns misformats some long response packets; patch and example attack Matthew Dempsky (Sat Feb 28 2009 - 20:41:46 EET)
Afian Document Manager Local File Inclusion contact@vnbrain.net (Sat Feb 28 2009 - 05:46:57 EET)
Re: Nokia N95-8 browser denial of service MustLive (Sun Mar 01 2009 - 01:23:08 EET)
Weekly Web Hacking Incidents update for Feb 25th Ofer Shezaf (Sun Mar 01 2009 - 09:54:34 EET)
[SECURITY] [DSA 1719-2] New GNUTLS packages fix regression Florian Weimer (Sat Feb 28 2009 - 13:44:38 EET)
YEKTA WEB Academic Web Tools CMS Multiple XSS mr.faghani@gmail.com (Sun Mar 01 2009 - 13:58:13 EET)
BlogMan 0.45 Multiple Vulnerabilities Salvatore \ (Sun Mar 01 2009 - 17:47:38 EET)
EZ-Blog Beta 1 Multiple SQL Injection Salvatore \ (Mon Mar 02 2009 - 00:15:23 EET)
[CFP] FRHACK 2nd Call For Papers Jerome Athias (Mon Mar 02 2009 - 08:20:49 EET)
[security bulletin] HPSBUX02401 SSRT090005 rev.3 - HP-UX Running Apache Web Server Suite, Remote Denial of Service (DoS), Cross-site Scripting (XSS), Execution of Arbitrary Code, Cross-Site Request Forgery (CSRF) security-alert@hp.com (Mon Mar 02 2009 - 15:34:19 EET)
Announcing Cap'r Mak'r kowsik@gmail.com (Mon Mar 02 2009 - 05:52:03 EET)
[SECURITY] [DSA 1729-1] New gst-plugins-bad0.10 packages fix multiple vulnerabilities Steffen Joeris (Mon Mar 02 2009 - 22:38:00 EET)
rPSA-2009-0035-1 php php-cgi php-imap php-mcrypt php-mysql php-mysqli php-pgsql php-soap php-xsl php5 php5-cgi php5-imap php5-mcrypt php5-mysql php5-mysqli php5-pear php5-pgsql php5-soap php5-xsl rPath Update Announcements (Mon Mar 02 2009 - 22:45:26 EET)
[ISecAuditors Security Advisories] eXtplorer Remote Code Execution ISecAuditors Security Advisories (Mon Mar 02 2009 - 22:54:03 EET)
[SECURITY] [DSA 1730-1] New proftpd-dfsg packages fix SQL injection vulnerabilites Steffen Joeris (Mon Mar 02 2009 - 22:56:21 EET)
[ MDVSA-2009:062 ] shadow-utils security@mandriva.com (Tue Mar 03 2009 - 00:00:01 EET)
Re: Re: Local vulnerability in suexec + FastCGI + PHP configurations security.432@amxl.com (Mon Mar 02 2009 - 23:38:21 EET)
RitsBlog 0.4.2 (Authentication Bypass) SQL Injection Vulnerability / XSS Persistent Vulnerability Salvatore \ (Mon Mar 02 2009 - 23:52:02 EET)
Blogsa <= 1.0 Beta 3 XSS Vulnerability contact@onuryilmaz.info (Tue Mar 03 2009 - 00:28:20 EET)
[SECURITY] [DSA 1731-1] New ndiswrapper packages fix arbitrary code execution vulnerability Steffen Joeris (Mon Mar 02 2009 - 23:09:55 EET)
Zabbix 1.6.2 Frontend Multiple Vulnerabilities ascii (Tue Mar 03 2009 - 17:30:26 EET)
[SECURITY] [DSA 1732-1] New squid3 packages fix denial of service Steffen Joeris (Tue Mar 03 2009 - 10:23:22 EET)
WARNING - CORRECT: BlindBlog 1.3.1 Multiple Vulnerabilities (SQL Inj - Auth Bypass - LFI) Salvatore \ (Tue Mar 03 2009 - 17:24:55 EET)
[ MDVSA-2009:063 ] eog security@mandriva.com (Tue Mar 03 2009 - 01:39:00 EET)
Secunia Research: Winamp CAF Processing Integer Overflow Vulnerability Secunia Research (Tue Mar 03 2009 - 14:08:46 EET)
[SECURITY] [DSA 1733-1] New vim packages fix multiple vulnerabilities Steffen Joeris (Tue Mar 03 2009 - 10:35:06 EET)
Secunia Research: libsndfile CAF Processing Integer Overflow Vulnerability Secunia Research (Tue Mar 03 2009 - 14:06:47 EET)
BlindBlog 1.3.1 Multiple Vulnerabilities (SQL Inj - Auth Bypass - LFI) Salvatore \ (Tue Mar 03 2009 - 16:32:27 EET)
[USN-727-1] network-manager-applet vulnerabilities Marc Deslauriers (Tue Mar 03 2009 - 21:45:21 EET)
[USN-726-1] curl vulnerability Marc Deslauriers (Tue Mar 03 2009 - 21:44:12 EET)
NovaBoard <= 1.0.1 / XSS Vulnerability Jose Luis (Tue Mar 03 2009 - 23:26:33 EET)
[ MDVSA-2009:064 ] imap security@mandriva.com (Tue Mar 03 2009 - 17:49:00 EET)
[USN-727-2] NetworkManager vulnerability Marc Deslauriers (Tue Mar 03 2009 - 21:46:12 EET)
[USN-726-2] curl regression Marc Deslauriers (Wed Mar 04 2009 - 17:09:19 EET)
Cisco Security Advisory: Cisco 7600 Series Router Session Border Controller Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Wed Mar 04 2009 - 18:30:00 EET)
CelerBB 0.0.2 Multiple Vulnerabilities Salvatore \ (Thu Mar 05 2009 - 16:37:49 EET)
Re: djbdns misformats some long response packets; patch and example attack Matthew Dempsky (Thu Mar 05 2009 - 08:05:24 EET)
Re: iDefense COMRaider 'DeleteFile()' Method Arbitrary File Deletion Vulnerability iDefense Labs (Wed Mar 04 2009 - 23:42:50 EET)
SupportSoft DNA Editor Module (dnaedit.dll v6.9.2205) remote code execution exploit (IE6/7) nospam@gmail.it (Thu Mar 05 2009 - 13:04:41 EET)
libc:fts_*():multiple vendors, Denial-of-service cxib@securityreason.com (Thu Mar 05 2009 - 18:48:20 EET)
ZDI-09-013: Mozilla Firefox XUL Linked Clones Double Free Vulnerability ZDI Disclosures (Thu Mar 05 2009 - 20:01:53 EET)
SecurityFocus Newsletter #493 sfa@securityfocus.com (Thu Mar 05 2009 - 20:12:01 EET)
SecurityFocus Microsoft Newsletter #434 sfa@securityfocus.com (Thu Mar 05 2009 - 20:12:04 EET)
SecurityFocus Linux Newsletter #429 sfa@securityfocus.com (Thu Mar 05 2009 - 20:12:08 EET)
iDefense COMRaider, ActiveX controls, and browser configuration Steven M. Christey (Thu Mar 05 2009 - 20:41:00 EET)
[ MDVSA-2009:065 ] php4 security@mandriva.com (Thu Mar 05 2009 - 22:56:00 EET)
[ MDVSA-2009:066 ] php security@mandriva.com (Thu Mar 05 2009 - 23:18:00 EET)
[USN-729-1] Python Crypto vulnerability Kees Cook (Fri Mar 06 2009 - 01:38:36 EET)
[USN-728-1] Firefox and Xulrunner vulnerabilities Jamie Strandboge (Fri Mar 06 2009 - 02:35:49 EET)
[USN-728-2] Firefox vulnerabilities Jamie Strandboge (Fri Mar 06 2009 - 02:36:13 EET)
Re: [Full-disclosure] Zabbix 1.6.2 Frontend Multiple Vulnerabilities Roberto Muñoz Fernandez (Fri Mar 06 2009 - 01:42:48 EET)
[USN-728-3] Firefox vulnerabilities Jamie Strandboge (Fri Mar 06 2009 - 02:37:17 EET)
[ MDVSA-2009:067 ] libsndfile security@mandriva.com (Fri Mar 06 2009 - 01:36:00 EET)
[USN-730-1] libpng vulnerabilities Jamie Strandboge (Fri Mar 06 2009 - 04:25:22 EET)
Wili-CMS 0.4.0 Multiple Vulnerabilities (Remote/Local File Inclusion - Authentication Bypass) Salvatore \ (Fri Mar 06 2009 - 14:05:06 EET)
Re: iDefense COMRaider, ActiveX controls, and browser configuration Vladimir '3APA3A' Dubrovin (Fri Mar 06 2009 - 15:19:19 EET)
[Positive Technologies SA:2009-12] UMI.CMS Cross-Site Scripting vulnerability aanisimov@ptsecurity.com (Fri Mar 06 2009 - 16:45:48 EET)
DEFCON CTF Submissions are in, DC-16 video online! The Dark Tangent (Fri Mar 06 2009 - 05:13:46 EET)
[SECURITY] CVE-2009-0781 XSS in Apache Tomcat examples web application Mark Thomas (Fri Mar 06 2009 - 17:56:34 EET)
WarVOX 1.0.0 Released H D Moore (Fri Mar 06 2009 - 08:51:31 EET)
[Positive Technologies SA:2009-13] TinX CMS 3.x SQL Injection Vulnerability aanisimov@ptsecurity.com (Fri Mar 06 2009 - 18:53:21 EET)
[ MDVSA-2009:068 ] poppler security@mandriva.com (Fri Mar 06 2009 - 23:26:00 EET)
[ GLSA 200903-01 ] Vinagre: User-assisted execution of arbitrary code Pierre-Yves Rofes (Fri Mar 06 2009 - 23:59:44 EET)
nForum 1.5 Multiple SQL Injection Salvatore \ (Fri Mar 06 2009 - 22:42:37 EET)
[ GLSA 200903-02 ] ZNC: Privilege escalation Tobias Heinlein (Sat Mar 07 2009 - 00:35:27 EET)
[ GLSA 200903-03 ] Audacity: User-assisted execution of arbitrary code Tobias Heinlein (Sat Mar 07 2009 - 00:37:05 EET)
[ GLSA 200903-04 ] DevIL: User-assisted execution of arbitrary code Tobias Heinlein (Sat Mar 07 2009 - 00:38:29 EET)
[ MDVSA-2009:069 ] curl security@mandriva.com (Sat Mar 07 2009 - 02:48:00 EET)
[ MDVSA-2009:068-1 ] poppler security@mandriva.com (Sat Mar 07 2009 - 05:07:00 EET)
[ GLSA 200903-05 ] PDFjam: Multiple vulnerabilities Robert Buchholz (Sat Mar 07 2009 - 18:22:51 EET)
[ GLSA 200903-06 ] nfs-utils: Access restriction bypass Robert Buchholz (Sat Mar 07 2009 - 18:24:44 EET)
[ GLSA 200903-07 ] Samba: Data disclosure Robert Buchholz (Sat Mar 07 2009 - 18:26:15 EET)
[ GLSA 200903-08 ] gEDA: Insecure temporary file creation Robert Buchholz (Sat Mar 07 2009 - 18:27:52 EET)
[ GLSA 200903-09 ] OpenTTD: Execution of arbitrary code Robert Buchholz (Sat Mar 07 2009 - 18:29:53 EET)
phpCommunity 2 2.1.8 Multiple Vulnerabilities (SQL Injection / Directory Traversal / XSS) Salvatore \ (Sat Mar 07 2009 - 19:25:19 EET)
[ GLSA 200903-10 ] Irrlicht: User-assisted execution of arbitrary code Pierre-Yves Rofes (Sat Mar 07 2009 - 23:31:03 EET)
Re: Vulnerability CVE-2008-3671 - MyReview's vulnerability in the access control system alexchf.fyp@gmail.com (Mon Mar 09 2009 - 09:50:03 EET)
Re: Zabbix 1.6.2 Frontend Multiple Vulnerabilities Eygene Ryabinkin (Mon Mar 09 2009 - 13:59:00 EET)
Secunia Research: Foxit Reader JBIG2 Symbol Dictionary Processing Vulnerability Secunia Research (Mon Mar 09 2009 - 14:27:51 EET)
[ GLSA 200903-11 ] PyCrypto: Execution of arbitrary code Robert Buchholz (Mon Mar 09 2009 - 15:05:47 EET)
[ GLSA 200903-12 ] OptiPNG: User-assisted execution of arbitrary code Robert Buchholz (Mon Mar 09 2009 - 15:06:55 EET)
[ GLSA 200903-13 ] MPFR: Denial of Service Robert Buchholz (Mon Mar 09 2009 - 15:07:38 EET)
[ GLSA 200903-14 ] BIND: Incorrect signature verification Robert Buchholz (Mon Mar 09 2009 - 15:10:06 EET)
[ GLSA 200903-15 ] git: Multiple vulnerabilties Robert Buchholz (Mon Mar 09 2009 - 15:56:27 EET)
[ GLSA 200903-16 ] Epiphany: Untrusted search path Robert Buchholz (Mon Mar 09 2009 - 15:57:37 EET)
[ GLSA 200903-17 ] Real VNC: User-assisted execution of arbitrary code Robert Buchholz (Mon Mar 09 2009 - 15:58:19 EET)
[ GLSA 200903-18 ] Openswan: Insecure temporary file creation Robert Buchholz (Mon Mar 09 2009 - 16:00:47 EET)
[ GLSA 200903-19 ] Xerces-C++: Denial of Service Robert Buchholz (Mon Mar 09 2009 - 16:01:23 EET)
[ GLSA 200903-20 ] WebSVN: Multiple vulnerabilities Robert Buchholz (Mon Mar 09 2009 - 16:02:04 EET)
DDIVRT-2009-22 SMART Board Whiteboard Directory Traversal Vulnerability ddivulnalert@ddifrontline.com (Mon Mar 09 2009 - 16:44:23 EET)
DDIVRT-2009-21 vBook Login Application Cross-site Scripting Vulnerability ddivulnalert@ddifrontline.com (Mon Mar 09 2009 - 16:45:01 EET)
Belkin BullDog Plus UPS-Service Buffer Overflow Vulnerability Elazar Broad (Sun Mar 08 2009 - 05:06:46 EET)
Re: Vulnerability CVE-2008-3671 - MyReview's vulnerability in the access control system Julien Thomas (Mon Mar 09 2009 - 20:51:07 EET)
[ GLSA 200903-21 ] cURL: Arbitrary file access Tobias Heinlein (Mon Mar 09 2009 - 20:58:39 EET)
Foxit Reader Multiple Vulnerabilities (CORE-2009-0218) Core Security Technologies Advisories (Mon Mar 09 2009 - 21:40:33 EET)
Re: [ GLSA 200903-18 ] Openswan: Insecure temporary file creation Paul Wouters (Mon Mar 09 2009 - 22:12:41 EET)
Re: [ GLSA 200903-18 ] Openswan: Insecure temporary file creation Robert Buchholz (Tue Mar 10 2009 - 12:47:14 EET)
FINAL: Call for Papers on Cyber Warfare k g (Tue Mar 10 2009 - 13:26:55 EET)
SEC Consult SA-20090305-2 :: IBM Director CIM Server Local Privilege Escalation Vulnerability Bernhard Mueller (Tue Mar 10 2009 - 12:09:14 EET)
SEC Consult SA-20090305-1 :: IBM Director CIM Server Remote Denial of Service Vulnerability Bernhard Mueller (Tue Mar 10 2009 - 12:07:41 EET)
SEC Consult SA-20090305-0 :: NextApp Echo XML Injection Vulnerability Bernhard Mueller (Tue Mar 10 2009 - 11:58:46 EET)
Aryanic HighCMS and HighPortal multiple Vulnerabilities mr.faghani@gmail.com (Tue Mar 10 2009 - 15:19:10 EET)
[ GLSA 200903-22 ] Ganglia: Execution of arbitrary code Robert Buchholz (Tue Mar 10 2009 - 16:27:40 EET)
Multiple Vulnerabilities in iAntiVirus Carsten Eilers (Tue Mar 10 2009 - 17:13:10 EET)
[ MDVSA-2009:070 ] openoffice.org security@mandriva.com (Tue Mar 10 2009 - 17:17:00 EET)
Paper: Socket Capable Browser Plugins Result In Transparent Proxy Abuse robert@webappsec.org (Tue Mar 10 2009 - 19:05:31 EET)
Addonics NAS Adapter Post-Auth DoS mcyr2@csc.com (Tue Mar 10 2009 - 18:20:40 EET)
[USN-731-1] Apache vulnerabilities Marc Deslauriers (Tue Mar 10 2009 - 18:54:06 EET)
[USN-732-1] dash vulnerability Marc Deslauriers (Tue Mar 10 2009 - 18:54:50 EET)
AST-2009-002: Remote Crash Vulnerability in SIP channel driver Asterisk Security Team (Tue Mar 10 2009 - 19:38:37 EET)
[ECHO_ADV_104$2009] WeBid <= 0.7.3 RC9 Multiple Remote File Inclution Vulnerabilities vuln@e-rdc.org (Tue Mar 10 2009 - 20:10:49 EET)
[ MDVSA-2009:071 ] kernel security@mandriva.com (Tue Mar 10 2009 - 21:03:01 EET)
[ISecAuditors Security Advisories] WordPress MU HTTP Header XSS Vulnerability ISecAuditors Security Advisories (Tue Mar 10 2009 - 22:26:46 EET)
[SECURITY] [DSA 1735-1] New znc packages fix privilege escalation Florian Weimer (Tue Mar 10 2009 - 22:23:49 EET)
Sun Java System Communications Express [HTML Injection] sosoblood@hotmail.com (Tue Mar 10 2009 - 23:16:51 EET)
[ GLSA 200903-24 ] Shadow: Privilege escalation Pierre-Yves Rofes (Wed Mar 11 2009 - 00:34:59 EET)
[ GLSA 200903-23 ] Adobe Flash Player: Multiple vulnerabilities Pierre-Yves Rofes (Wed Mar 11 2009 - 00:27:02 EET)
[SECURITY] [DSA 1736-1] New mahara packages fix cross-site scripting Steffen Joeris (Tue Mar 10 2009 - 22:33:38 EET)
[security bulletin] HPSBUX02411 SSRT080111 rev.1 - HP-UX Running Java, Remote Execution of Arbitrary Code and Other Vulnerabilities security-alert@hp.com (Wed Mar 11 2009 - 17:20:52 EET)
[security bulletin] HPSBMA02412 SSRT080040 rev.1 - WMI Mapper for HP Systems Insight Manager Running on Windows, Remote Unauthorized Access to Data, Local Unauthorized Access security-alert@hp.com (Wed Mar 11 2009 - 17:20:07 EET)
Re: Adobe Flash Player plug-in null pointer dereference and browser crash Matthew Dempsky (Wed Mar 11 2009 - 19:30:49 EET)
[SECURITY] [DSA 1738-1] New curl packages fix arbitrary file access Nico Golde (Wed Mar 11 2009 - 18:46:54 EET)
Cisco Security Advisory: Cisco Unified Communications Manager IP Phone Personal Address Book Synchronizer Privilege Escalation Vulnerability Cisco Systems Product Security Incident Response Team (Wed Mar 11 2009 - 17:40:00 EET)
SecurityFocus Microsoft Newsletter #435 sfa@securityfocus.com (Thu Mar 12 2009 - 00:40:29 EET)
SecurityFocus Linux Newsletter #430 sfa@securityfocus.com (Thu Mar 12 2009 - 00:40:34 EET)
SecurityFocus Newsletter #494 sfa@securityfocus.com (Thu Mar 12 2009 - 00:40:25 EET)
TOORCAMP 2009 CALL FOR PARTICIPATION h1kari@toorcon.org (Wed Mar 11 2009 - 20:54:34 EET)
TikiWiki 2.2 XSS Vulnerability in URI iliz-z@yandex.rui (Thu Mar 12 2009 - 10:54:41 EET)
[ MDVSA-2009:072 ] perl-MDK-Common security@mandriva.com (Wed Mar 11 2009 - 21:29:00 EET)
POP Peeper 3.4.0.0 Date Remote Buffer Overflow Vulnerability Krakow Labs (Thu Mar 12 2009 - 06:14:01 EET)
[ MDVSA-2009:073 ] sarg security@mandriva.com (Wed Mar 11 2009 - 23:45:01 EET)
[USN-724-1] Squid vulnerability Jamie Strandboge (Thu Feb 26 2009 - 14:28:55 EET)
[SECURITY] [DSA 1737-1] New wesnoth packages fix several vulnerabilities Steffen Joeris (Wed Mar 11 2009 - 17:16:56 EET)
[ GLSA 200903-25 ] Courier Authentication Library: SQL Injection vulnerability Pierre-Yves Rofes (Wed Mar 11 2009 - 21:33:55 EET)
[ GLSA 200903-26 ] TMSNC: Execution of arbitrary code Robert Buchholz (Thu Mar 12 2009 - 15:58:21 EET)
Trellis Desk v1.0 XSS Vulnerability larry@jlogica.com (Thu Mar 12 2009 - 01:25:41 EET)
Re: Adobe Flash Player plug-in null pointer dereference and browser crash Alex Legler (Thu Mar 12 2009 - 15:17:23 EET)
flv2mpeg4: Malformed parameters Denial of Service Anon@elhacker.net (Mon Mar 09 2009 - 20:16:24 EET)
[ MDVSA-2009:074 ] libneon0.27 security@mandriva.com (Thu Mar 12 2009 - 00:31:01 EET)
Re: Sun Java System Communications Express [HTML Injection] sosoblood@hotmail.com (Wed Mar 11 2009 - 22:07:02 EET)
[security bulletin] HPSBMA02413 SSRT080040 rev.1 - HP WMI Mapper for Windows Server 2003 and Windows Server 2008 for Itanium-based Servers, Remote Unauthorized Access to Data, Local Unauthorized Access security-alert@hp.com (Thu Mar 12 2009 - 20:28:31 EET)
[Suspected Spam][PT-2009-11] SlySoft Multiple Products ElbyCDIO.sys Denial of Service Valery Marchuk (Thu Mar 12 2009 - 19:11:16 EET)
[oCERT-2008-015] glib and glib-predecessor heap overflows Will Drewry (Thu Mar 12 2009 - 18:07:54 EET)
rPSA-2009-0042-1 curl rPath Update Announcements (Fri Mar 13 2009 - 01:04:21 EET)
rPSA-2009-0041-1 dhclient dhcp libdhcp4client rPath Update Announcements (Fri Mar 13 2009 - 01:02:09 EET)
[ GLSA 200903-27 ] ProFTPD: Multiple vulnerabilities Pierre-Yves Rofes (Fri Mar 13 2009 - 00:29:21 EET)
rPSA-2009-0040-1 tshark wireshark rPath Update Announcements (Fri Mar 13 2009 - 01:00:28 EET)
Apple iTunes DAAP Messages Handling Denial of Service Vulnerability  secresearch@fortinet.com (Fri Mar 13 2009 - 03:59:57 EET)
rPSA-2009-0046-1 libpng rPath Update Announcements (Fri Mar 13 2009 - 01:07:00 EET)
Re: TikiWiki 2.2 XSS Vulnerability in URI danny@orionrobots.co.uk (Fri Mar 13 2009 - 01:19:16 EET)
rPSA-2009-0045-1 glib rPath Update Announcements (Fri Mar 13 2009 - 01:08:49 EET)
GeoVision LiveAudio ActiveX Control GetAudioPlayingTime() remote freed-memory access exploit nospam@gmail.it (Fri Mar 13 2009 - 17:36:33 EET)
[Positive Technologies SA:2009-15] Living CMS Cross-Site Scripting vulnerability aanisimov@ptsecurity.com (Fri Mar 13 2009 - 19:57:42 EET)
[Positive Technologies SA:2009-14] BLOG CMS Cross-Site Scripting vulnerability aanisimov@ptsecurity.com (Fri Mar 13 2009 - 19:59:09 EET)
[Positive Technologies SA:2009-20] A.CMS Multiple Vulnerabilities aanisimov@ptsecurity.com (Fri Mar 13 2009 - 20:00:05 EET)
[ MDVSA-2009:075 ] firefox security@mandriva.com (Fri Mar 13 2009 - 22:50:01 EET)
[SECURITY] [DSA 1739-1] New mldonkey packages fix information disclosure Florian Weimer (Fri Mar 13 2009 - 22:58:15 EET)
Infopop UBB.Threads Admin Credentials via SQL Injection swhite@securestate.com (Fri Mar 13 2009 - 20:43:42 EET)
[SECURITY] [DSA 1740-1] New yaws packages fix denial of service Steffen Joeris (Sat Mar 14 2009 - 06:07:11 EET)
[SECURITY] [DSA 1741-1] New psi packages fix denial of service Moritz Muehlenhoff (Sat Mar 14 2009 - 13:47:18 EET)
[ GLSA 200903-28 ] libpng: Multiple vulnerabilities Pierre-Yves Rofes (Sun Mar 15 2009 - 20:42:50 EET)
rosoft media player local BOF exploit multi tagets maroc-anti-connexion@hotmail.com (Sat Mar 14 2009 - 18:09:06 EET)
[ MDVSA-2009:076 ] avahi security@mandriva.com (Sat Mar 14 2009 - 04:02:00 EET)
[SECURITY] [DSA 1742-1] New libsnd packages fix arbitrary code execution Nico Golde (Mon Mar 16 2009 - 02:46:00 EET)
[Bkis-04-2009] GOM Encoder Heap-based Buffer Overflow Bkis (Mon Mar 16 2009 - 06:12:02 EET)
NGENUITY-2009-005 OpenCart Order By Blind SQL Injection Adam Baldwin (Mon Mar 16 2009 - 06:44:43 EET)
reporting CVE rahimeh.khodadadi@gmail.com (Mon Mar 16 2009 - 15:12:25 EET)
[Bkis-03-2009] Multiple Vulnerabilities found in Rapidleech rev.36 Bkis (Sat Mar 14 2009 - 14:50:00 EET)
[USN-734-1] FFmpeg vulnerabilities Marc Deslauriers (Tue Mar 17 2009 - 01:32:01 EET)
[USN-738-1] GLib vulnerability Jamie Strandboge (Tue Mar 17 2009 - 00:35:33 EET)
[USN-733-1] evolution-data-server vulnerability Marc Deslauriers (Mon Mar 16 2009 - 22:39:29 EET)
CPANEL File Manager XSS Vulnerability rizki.wicaksono@gmail.com (Tue Mar 17 2009 - 06:53:27 EET)
[USN-736-1] GStreamer Good Plugins vulnerabilities Marc Deslauriers (Mon Mar 16 2009 - 22:40:32 EET)
HP Laserjet multiple models web management CSRF vulnerability & insecure default configuration Henri Lindberg (Mon Mar 16 2009 - 23:06:21 EET)
[SECURITY] [DSA 1743-1] New libtk-img packages fix arbitrary code execution Steffen Joeris (Tue Mar 17 2009 - 10:52:05 EET)
PHPRunner SQL Injection admin@bugreport.ir (Tue Mar 17 2009 - 12:35:37 EET)
[USN-735-1] GStreamer Base Plugins vulnerability Marc Deslauriers (Mon Mar 16 2009 - 22:41:20 EET)
[ GLSA 200903-29 ] BlueZ: Arbitrary code execution Pierre-Yves Rofes (Mon Mar 16 2009 - 23:36:12 EET)
[ GLSA 200903-30 ] Opera: Multiple vulnerabilities Tobias Heinlein (Tue Mar 17 2009 - 01:54:09 EET)
[USN-737-1] libsoup vulnerability Marc Deslauriers (Mon Mar 16 2009 - 22:43:15 EET)
[USN-739-1] Amarok vulnerabilities Marc Deslauriers (Tue Mar 17 2009 - 19:29:25 EET)
DEFCON London DC4420 March meeting - Thursday 19th March Major Malfunction (Tue Mar 17 2009 - 19:17:46 EET)
[ECHO_ADV_106$2009] FireAnt <= 1.3 Critical File Disclosure Vulnerability vuln@e-rdc.org (Tue Mar 17 2009 - 18:08:20 EET)
[ECHO_ADV_107$2009] FubarForum <= 1.6 Critical File Disclosure Vulnerability vuln@e-rdc.org (Tue Mar 17 2009 - 18:09:58 EET)
[ECHO_ADV_105$2009] chaozzDB <= 1.2 Critical File Disclosure Vulnerability vuln@e-rdc.org (Tue Mar 17 2009 - 18:06:32 EET)
[ GLSA 200903-31 ] libcdaudio: User-assisted execution of arbitrary code Pierre-Yves Rofes (Tue Mar 17 2009 - 23:10:05 EET)
iDefense Security Advisory 03.17.09: Autonomy KeyView Word Perfect File Parsing Buffer Overflow Vulnerability iDefense Labs (Tue Mar 17 2009 - 23:55:16 EET)
Sitecore .NET 5.3.x - web service information disclosure security.assurance@nab.com.au (Wed Mar 18 2009 - 00:38:05 EET)
Layered Defense Research Advisory: Format String Vulnerablity in Symantec PcAnywhere v10-12.5 dh@layereddefense.com (Wed Mar 18 2009 - 06:38:52 EET)
[USN-740-1] NSS vulnerability Jamie Strandboge (Wed Mar 18 2009 - 00:11:30 EET)
Re: iDefense Security Advisory 03.17.09: Autonomy KeyView Word Perfect File Parsing Buffer Overflow Vulnerability iDefense Labs (Wed Mar 18 2009 - 00:22:19 EET)
[SECURITY] [DSA 1744-1] New weechat packages fix denial of service Nico Golde (Wed Mar 18 2009 - 13:55:04 EET)
CDex v1.70b2 (.ogg) local buffer overflow exploit poc nospam@gmail.it (Wed Mar 18 2009 - 00:15:50 EET)
SecurityFocus Newsletter #495 sfa@securityfocus.com (Thu Mar 19 2009 - 00:14:58 EET)
SecurityFocus Microsoft Newsletter #436 sfa@securityfocus.com (Thu Mar 19 2009 - 00:15:02 EET)
SecurityFocus Linux Newsletter #431 sfa@securityfocus.com (Thu Mar 19 2009 - 00:15:06 EET)
[ISecAuditors Security Advisories] ModSecurity < 2.5.9 remote Denial of Service (DoS) ISecAuditors Security Advisories (Thu Mar 19 2009 - 14:53:55 EET)
[ GLSA 200903-32 ] phpMyAdmin: Multiple vulnerabilities Pierre-Yves Rofes (Thu Mar 19 2009 - 00:30:32 EET)
Command Execution in Hannon Hill Cascade Server Elliot Kendall (Thu Mar 19 2009 - 21:07:56 EET)
[USN-742-1] JasPer vulnerabilities Marc Deslauriers (Thu Mar 19 2009 - 20:02:46 EET)
rPSA-2009-0050-1 ghostscript rPath Update Announcements (Thu Mar 19 2009 - 21:52:09 EET)
Slides from uCon Security Conference 2009 available online uCon Security Conference (Thu Mar 19 2009 - 22:51:35 EET)
[ MDVSA-2009:060-1 ] nfs-utils security@mandriva.com (Thu Mar 19 2009 - 23:35:00 EET)
[USN-741-1] Thunderbird vulnerabilities Jamie Strandboge (Fri Mar 20 2009 - 00:30:32 EET)
[ GLSA 200903-33 ] FFmpeg: Multiple vulnerabilities Pierre-Yves Rofes (Fri Mar 20 2009 - 00:59:58 EET)
LittleCMS vulnerabilities (OpenJDK, Firefox, GIMP, etc. impacted) Chris Evans (Fri Mar 20 2009 - 04:24:43 EET)
[SECURITY] [DSA 1745-1] New lcms packages fix arbitrary code execution Steffen Joeris (Fri Mar 20 2009 - 11:16:54 EET)
[security bulletin] HPSBMA02338 SSRT080024, SSRT080041 rev.3 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code, Denial of Service (DoS) security-alert@hp.com (Fri Mar 20 2009 - 15:20:19 EET)
[SECURITY] [DSA 1748-1] New libsoup packages fix arbitrary code execution Steffen Joeris (Fri Mar 20 2009 - 16:15:01 EET)
[SECURITY] [DSA 1746-1] New ghostscript packages fix arbitrary code execution Steffen Joeris (Fri Mar 20 2009 - 11:32:00 EET)
Bs.Player <= 2.34 Build 980 (.bsl) local buffer overflow 0day exploit (seh) nospam@gmail.it (Fri Mar 20 2009 - 04:01:44 EET)
[SECURITY] [DSA 1747-1] New glib2.0 packages fix arbitrary code execution Steffen Joeris (Fri Mar 20 2009 - 16:11:16 EET)
[oCERT-2009-003] LittleCMS integer errors Andrea Barisani (Fri Mar 20 2009 - 20:02:40 EET)
[ GLSA 200903-34 ] Amarok: User-assisted execution of arbitrary code Tobias Heinlein (Fri Mar 20 2009 - 22:22:13 EET)
[SECURITY] [DSA 1749-1] New Linux 2.6.26 packages fix several vulnerabilities dann frazier (Fri Mar 20 2009 - 22:55:47 EET)
ExpressionEngine Persistent Cross-Site Scripting Adam Baldwin (Mon Mar 23 2009 - 01:28:52 EET)
Rittal CMC-TC Processing Unit II multiple vulnerabilities Henri Lindberg - Smilehouse Oy (Mon Mar 23 2009 - 13:37:50 EET)
[SECURITY] [DSA 1751-1] New xulrunner packages fix several vulnerabilities Moritz Muehlenhoff (Sun Mar 22 2009 - 23:30:20 EET)
[ MDVSA-2009:077 ] pam security@mandriva.com (Sat Mar 21 2009 - 21:25:01 EET)
[SECURITY] [DSA 1750-1] New libpng packages fix several vulnerabilities Florian Weimer (Sun Mar 22 2009 - 19:16:04 EET)
FreeBSD Security Advisory FreeBSD-SA-09:06.ktimer FreeBSD Security Advisories (Mon Mar 23 2009 - 02:09:12 EET)
[SECURITY] [DSA 1752-1] New webcit packages fix potential remote code execution Florian Weimer (Mon Mar 23 2009 - 20:14:05 EET)
[ MDVSA-2009:078 ] evolution-data-server security@mandriva.com (Mon Mar 23 2009 - 19:37:00 EET)
CORE-2009-0122: HP OpenView Buffer Overflows CORE Security Technologies Advisories (Mon Mar 23 2009 - 19:45:49 EET)
[ MDVSA-2009:079 ] postgresql security@mandriva.com (Mon Mar 23 2009 - 19:54:00 EET)
[USN-743-1] Ghostscript vulnerabilities Marc Deslauriers (Mon Mar 23 2009 - 20:37:41 EET)
[USN-744-1] LittleCMS vulnerabilities Marc Deslauriers (Mon Mar 23 2009 - 20:38:27 EET)
[ GLSA 200903-35 ] Muttprint: Insecure temporary file usage Pierre-Yves Rofes (Mon Mar 23 2009 - 23:56:40 EET)
[ GLSA 200903-36 ] MLDonkey: Information disclosure Pierre-Yves Rofes (Tue Mar 24 2009 - 00:11:38 EET)
[ GLSA 200903-37 ] Ghostscript: User-assisted execution of arbitrary code Pierre-Yves Rofes (Tue Mar 24 2009 - 00:34:00 EET)
PHPizabi v0.848b C1 HFP1 proc.inc.php remote privilege escalation (php.ini independent) nospam@gmail.it (Tue Mar 24 2009 - 09:04:28 EET)
[security bulletin] HPSBMA02416 SSRT090008 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code security-alert@hp.com (Tue Mar 24 2009 - 14:36:54 EET)
ZDI-09-014: Adobe Acrobat getIcon() Stack Overflow Vulnerability ZDI Disclosures (Tue Mar 24 2009 - 18:51:37 EET)
[security bulletin] HPSBUX02409 SSRT080171 rev.1 - HP-UX Running VERITAS File System (VRTSvxfs) or VERITAS Oracle Disk Manager (VRTSodm), Local Escalation of Privilege security-alert@hp.com (Tue Mar 24 2009 - 20:16:11 EET)
[SECURITY] [DSA 1753-1] End-of-life announcement for Iceweasel in oldstable Moritz Muehlenhoff (Tue Mar 24 2009 - 23:20:14 EET)
iDefense Security Advisory 03.24.09: Adobe Reader and Acrobat JBIG2 Encoded Stream Heap Overflow Vulnerability iDefense Labs (Tue Mar 24 2009 - 21:47:56 EET)
[ GLSA 200903-38 ] Squid: Multiple Denial of Service vulnerabilities Pierre-Yves Rofes (Tue Mar 24 2009 - 23:42:45 EET)
Secunia Research: Adobe Reader JBIG2 Symbol Dictionary Buffer Overflow Secunia Research (Wed Mar 25 2009 - 11:22:05 EET)
[SECURITY] [DSA 1745-2] New lcms packages fix regression Steffen Joeris (Wed Mar 25 2009 - 13:32:18 EET)
Cisco Security Advisory: Cisco IOS Software Mobile IP and Mobile IPv6 Vulnerabilities Cisco Systems Product Security Incident Response Team (Wed Mar 25 2009 - 18:00:00 EET)
Cisco Security Advisory: Cisco IOS Software Secure Copy Privilege Escalation Vulnerability Cisco Systems Product Security Incident Response Team (Wed Mar 25 2009 - 18:00:00 EET)
Cisco Security Advisory: Cisco IOS Software Multiple Features Crafted TCP Sequence Vulnerability Cisco Systems Product Security Incident Response Team (Wed Mar 25 2009 - 18:00:00 EET)
Cisco Security Advisory: Cisco IOS Software WebVPN and SSLVPN Vulnerabilities Cisco Systems Product Security Incident Response Team (Wed Mar 25 2009 - 18:00:00 EET)
Re: Secunia Research: Adobe Reader JBIG2 Symbol Dictionary Buffer Overflow Florian Weimer (Wed Mar 25 2009 - 18:42:11 EET)
Cisco Security Advisory: Cisco IOS cTCP Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Wed Mar 25 2009 - 18:00:00 EET)
Re: Secunia Research: Adobe Reader JBIG2 Symbol Dictionary Buffer Overflow Eric C. Lukens (Wed Mar 25 2009 - 21:20:40 EET)
Re[2]: Secunia Research: Adobe Reader JBIG2 Symbol Dictionary Buffer Overflow Vladimir '3APA3A' Dubrovin (Wed Mar 25 2009 - 21:55:32 EET)
[SECURITY] [DSA 1755-1] New systemtap packages fix local privilege escalation Moritz Muehlenhoff (Wed Mar 25 2009 - 23:16:51 EET)
CFP RAID 2009 Corrado Leita (Wed Mar 25 2009 - 22:58:24 EET)
[ GLSA 200903-39 ] pam_krb5: Privilege escalation Pierre-Yves Rofes (Thu Mar 26 2009 - 00:45:17 EET)
[Bkis-05-2009] PowerCHM Stack-based Buffer Overflow Bkis (Thu Mar 26 2009 - 07:27:29 EET)
SecurityFocus Newsletter #496 sfa@securityfocus.com (Thu Mar 26 2009 - 19:09:43 EET)
SecurityFocus Microsoft Newsletter #437 sfa@securityfocus.com (Thu Mar 26 2009 - 19:09:47 EET)
SecurityFocus Linux Newsletter #432 sfa@securityfocus.com (Thu Mar 26 2009 - 19:10:02 EET)
ICAP adaptation: missing data flow control to client side Martin Huter (Thu Mar 26 2009 - 17:13:32 EET)
iDefense Security Advisory 03.26.09: Sun Java Runtine Environment (JRE) Type1 Font Parsing Integer Signedness Vulnerability iDefense Labs (Thu Mar 26 2009 - 19:49:43 EET)
[USN-746-1] xine-lib vulnerability Marc Deslauriers (Thu Mar 26 2009 - 21:27:37 EET)
[USN-747-1] ICU vulnerability Marc Deslauriers (Thu Mar 26 2009 - 21:28:21 EET)
iDefense Security Advisory 03.26.09: Sun Java Web Start (JWS ) GIF Decoding Heap Corruption Vulnerability iDefense Labs (Thu Mar 26 2009 - 21:47:02 EET)
[ MDVSA-2009:080 ] glib2.0 security@mandriva.com (Thu Mar 26 2009 - 23:50:00 EET)
[USN-748-1] OpenJDK vulnerabilities Kees Cook (Fri Mar 27 2009 - 00:01:35 EET)
Aurora Nutritive Analysis Module Multiple XSS Bugs NotHugs (Fri Mar 27 2009 - 02:43:03 EET)
Moodle: Sensitive File Disclosure Christian Eibl (Fri Mar 27 2009 - 16:30:20 EET)
iDefense Security Advisory 03.26.09: Sun Java Runtine Environment (JRE) GIF Decoding Heap Corruption Vulnerability iDefense Labs (Thu Mar 26 2009 - 22:22:17 EET)
iDefense Security Advisory 03.26.09: Sun Java Web Start (JWS ) PNG Decoding Integer Overflow Vulnerability iDefense Labs (Thu Mar 26 2009 - 22:47:41 EET)
iDefense Security Advisory 03.26.09: Sun Java Runtime Environment (JRE) Pack200 Decompression Integer Overflow Vulnerability iDefense Labs (Thu Mar 26 2009 - 23:16:54 EET)
Novell Netstorage Multiple Vulnerabilities Bugs NotHugs (Fri Mar 27 2009 - 02:50:24 EET)
[SECURITY] [DSA 1756-1] New xulrunner packages fix multiple vulnerabilities Noah Meyerhans (Sun Mar 29 2009 - 21:03:00 EEST)
[tool release] Watcher v1.0.0 - passive Web-app security testing and compliance auditing Chris Weber (Sun Mar 29 2009 - 08:17:32 EEST)
[ GLSA 200903-40 ] Analog: Denial of Service Pierre-Yves Rofes (Mon Mar 30 2009 - 00:40:57 EEST)
glFusion <= 1.1.2 COM_applyFilter()/order sql injection exploit nospam@gmail.it (Sun Mar 29 2009 - 07:37:13 EEST)
[ MDVSA-2009:081 ] libsoup security@mandriva.com (Sat Mar 28 2009 - 00:13:01 EET)
Check Point Firewall-1 PKI Web Service HTTP Header Remote Overflow Bugs NotHugs (Mon Mar 30 2009 - 11:16:17 EEST)
[USN-745-1] Firefox and Xulrunner vulnerabilities Jamie Strandboge (Sat Mar 28 2009 - 07:27:07 EET)
[SECURITY] [DSA 1757-1] New auth2db packages fix SQL injection Steffen Joeris (Mon Mar 30 2009 - 13:09:41 EEST)
CVE-2009-0790: ISAKMP DPD Remote Vulnerability with Openswan & Strongswan IPsec Paul Wouters (Mon Mar 30 2009 - 19:17:24 EEST)
Positron Security Advisory #2009-000: Multiple Vulnerabilities in MapServer v5.2.1 and v4.10.3 Positron Security (Mon Mar 30 2009 - 20:43:54 EEST)
Family Connections 1.8.1 Multiple Remote Vulnerabilities Salvatore \ (Mon Mar 30 2009 - 20:45:51 EEST)
[ MDVSA-2009:082 ] krb5 security@mandriva.com (Mon Mar 30 2009 - 18:11:01 EEST)
DeepSec 2009 - Call for Papers is open DeepSec Conference (Mon Mar 30 2009 - 21:34:24 EEST)
[USN-749-1] libsndfile vulnerability Marc Deslauriers (Mon Mar 30 2009 - 21:28:13 EEST)
Community CMS 0.5 Multiple SQL Injection Vulnerabilities Salvatore \ (Mon Mar 30 2009 - 22:55:45 EEST)
[ GLSA 200903-41 ] gedit: Untrusted search path Pierre-Yves Rofes (Tue Mar 31 2009 - 00:48:53 EEST)
[SECURITY] [DSA 1758-1] New nss-ldapd packages fix information disclosure Moritz Muehlenhoff (Tue Mar 31 2009 - 00:47:00 EEST)
ZDI-09-015: Mozilla Firefox XUL _moveToEdgeShift() Memory Corruption Vulnerability ZDI Disclosures (Tue Mar 31 2009 - 01:41:16 EEST)
Zabbix Multiple Frontend CSRF (Password reset & command execution) Adam Baldwin (Tue Mar 31 2009 - 02:13:14 EEST)
[ECHO_ADV_108$2009] JobHut <= 1.2 (pk) Remote Sql Injection Vulnerability vuln@e-rdc.org (Tue Mar 31 2009 - 02:14:14 EEST)
[USN-750-1] OpenSSL vulnerability Jamie Strandboge (Tue Mar 31 2009 - 02:23:19 EEST)
[SECURITY] [DSA 1759-1] New strongswan packages fix denial of service Steffen Joeris (Tue Mar 31 2009 - 02:49:22 EEST)
[SECURITY] [DSA 1760-1] New openswan packages fix denial of service Steffen Joeris (Tue Mar 31 2009 - 02:49:43 EEST)
Re: Family Connections 1.8.1 Multiple Remote Vulnerabilities r_haudenschilt@hotmail.com (Tue Mar 31 2009 - 05:18:08 EEST)
aspWebCalendar Free Edition bug joseph.giron13@gmail.com (Tue Mar 31 2009 - 06:46:19 EEST)
Re: [ECHO_ADV_103$2009] taifajobs <= 1.0 (jobid) Remote SQL Injection Vulnerability tiha@taifaweb.net (Tue Mar 31 2009 - 11:07:13 EEST)
Cisco ASA5520 Web VPN Host Header XSS Bugs NotHugs (Tue Mar 31 2009 - 13:17:54 EEST)
[Positive Technologies SA 2009-09] Trend Micro Internet Security Pro 2009 tmactmon.sys Priviliege Escalation Vulnerabilities Valery Marchuk (Tue Mar 31 2009 - 14:49:10 EEST)
webEdition 6.0.0.4 Local File Inclusion Salvatore \ (Tue Mar 31 2009 - 16:22:49 EEST)
[DSECRG-09-013] IBM WebSphere Application Server 7.0 Multiple XSS Vulnerabilities DSecRG (Tue Mar 31 2009 - 20:00:09 EEST)
[security bulletin] HPSBMA02416 SSRT090008 rev.2 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code security-alert@hp.com (Tue Mar 31 2009 - 20:02:12 EEST)
[DSECRG-09-016] SAP SAPDB Multiple XSS Alexandr Polyakov (Tue Mar 31 2009 - 20:09:29 EEST)
[DSECRG-09-030] PrecisionID Datamatrix ActiveX control - Arbitrary File overwriting DSecRG (Tue Mar 31 2009 - 20:22:47 EEST)

Last message date: Tue Mar 31 2009 - 21:44:54 EEST
Archived on: Tue Mar 31 2009 - 21:44:55 EEST

300 messages sorted by: [ author ] [ thread ] [ subject ]

This archive was generated by hypermail 2b28 : Tue Mar 31 2009 - 21:44:55 EEST

stdinBy Date

stdin
By Date