Bugtraq: by thread
192 messages
starting Feb 01 12 and
ending Feb 29 12
Date index |
Thread index |
Author index
- [Announce] Apache HTTP Server 2.2.22 Released William A. Rowe Jr. (Feb 01)
- 802.1X password exploit on many HTC Android devices Bret Jordan (Feb 01)
- Security advisory for Bugzilla 4.2rc2, 4.0.4, 3.6.8 and 3.4.14 LpSolit (Feb 01)
- Multiple vulnerabilities in OpenEMR advisory (Feb 01)
- ESA-2012-009: EMC Documentum Content Server privilege elevation vulnerability Security_Alert (Feb 01)
- XSS phpLDAPadmin: 1.2.0.5 (Debian package) and 1.2.2 (sourceforge) andsarmiento (Feb 01)
- [ MDVSA-2012:012 ] apache security (Feb 02)
- APPLE-SA-2012-02-01-1 OS X Lion v10.7.3 and Security Update 2012-001 Apple Product Security (Feb 02)
- Call For Paper asemailing (Feb 02)
- Fwd: RA-Guard: Advice on the implementation (feedback requested) Fernando Gont (Feb 02)
- [CAL-2012-0004] opera array integer overflow Code Audit Labs (Feb 02)
- [security bulletin] HPSBMU02739 SSRT100280 rev.1 - HP Data Protector Media Operations, Remote Execution of Arbitrary Code security-alert (Feb 02)
- GLSA (Gentoo Linux Security Advisory) publication changes Alex Legler (Feb 02)
- [security bulletin] HPSBGN02740 SSRT100741 rev.1 - HP Operations Manager, Operations Agent, Performance Agent, Service Health Reporter, Service Health Optimizer, Performance Manager, Remote Execution of Arbitrary Code security-alert (Feb 03)
- [SECURITY] [DSA 2401-1] tomcat6 security update Moritz Muehlenhoff (Feb 03)
- [SECURITY] [DSA 2400-1] iceweasel security update Moritz Muehlenhoff (Feb 03)
- [SECURITY] [DSA 2402-1] iceape security update Moritz Muehlenhoff (Feb 03)
- [SECURITY] [DSA 2403-1] php5 security update Thijs Kinkhorst (Feb 03)
- RFC 6528 on Defending against Sequence Number Attacks Fernando Gont (Feb 03)
- ESA-2012-010: EMC Documentum xPlore information disclosure vulnerability Security_Alert (Feb 03)
- [ MDVSA-2012:013 ] mozilla security (Feb 03)
- [SECURITY] [DSA 2384-2] cacti regression Luk Claes (Feb 06)
- [SECURITY] [DSA 2404-1] xen-qemu-dm-4.0 security update Florian Weimer (Feb 06)
- [SECURITY] [DSA 2405-1] apache2 security update Stefan Fritsch (Feb 06)
- Mathopd - Directory Traversal Vulnerability Mateusz Goik (Feb 06)
- [ MDVSA-2012:014 ] glpi security (Feb 07)
- [SECURITY] [DSA 2403-2] php5 security update Thijs Kinkhorst (Feb 07)
- SimpleGroupware 0.742 Cross-Site-Scripting vulnerability security (Feb 07)
- DEF CON 20 Capture the Flag Announcement The Dark Tangent (Feb 07)
- CVE-2012-0803: Apache CXF does not validate UsernameToken policies correctly Colm O hEigeartaigh (Feb 07)
- SQL Injection Vulnerability in Batavi 1.1.2 Netsparker Advisories (Feb 07)
- [security bulletin] HPSBMU02736 SSRT100699 rev.2 - HP Business Availability Center (BAC) and Business Service Management (BSM), Remote Unauthorized Access to Sensitive Information security-alert (Feb 07)
- eFronts Community++ v3.6.10 - Cross Site Vulnerability research () vulnerability-lab com (Feb 07)
- Unauthenticated remote code execution on D-Link ShareCenter products roberto . paleari (Feb 08)
- [security bulletin] HPSBUX02741 SSRT100728 rev.1 - HP-UX Apache Running Tomcat Servlet Engine, Remote Denial of Service (DoS), Access Restriction Bypass security-alert (Feb 08)
- Cyberoam Central Console v2.00.2 - File Include Vulnerability research () vulnerability-lab com (Feb 08)
- Multiple vulnerabilities in ZENphoto advisory (Feb 08)
- [security bulletin] HPSBMU02742 SSRT100740 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Unauthorized Disclosure of Information security-alert (Feb 08)
- ZDI-12-021 : Adobe Reader BMP Resource Signedness Remote Code Execution Vulnerability ZDI Disclosures (Feb 08)
- ZDI-12-022 : Total Defense Suite UNC Management Console ExportReport SQL Injection Vulnerability ZDI Disclosures (Feb 08)
- ZDI-12-023 : Total Defense Suite UNC Management Web Service Database Credentials Disclosure Vulnerability ZDI Disclosures (Feb 08)
- ZDI-12-024 : Total Defense Suite UNC Management Web Service uncsp_ViewReportsHomepage SQL Injection Vulnerability ZDI Disclosures (Feb 08)
- ZDI-12-025 : EMC Networker indexd.exe Opcode 0x01 Parsing Remote Code Execution ZDI Disclosures (Feb 08)
- ZDI-12-026 : IBM SPSS ExportHTML.dll ActiveX Control Render Method Remote Code Execution Vulnerability ZDI Disclosures (Feb 08)
- ZDI-12-027 : IBM SPSS VsVIEW6.ocx ActiveX Control SaveDoc Method Remote Code Execution Vulnerability ZDI Disclosures (Feb 08)
- ZDI-12-028 : IBM Rational Rhapsody BBFlashBack.FBRecorder.1 Control Multiple Remote Code Execution Vulnerabilities ZDI Disclosures (Feb 08)
- ZDI-12-029 : IBM Rational Rhapsody BBFlashBack.Recorder.1 InsertMarker Remote Code Execution Vulnerability ZDI Disclosures (Feb 08)
- ZDI-12-030 : IBM Rational Rhapsody BBFlashBack.Recorder.1 TestCompatibilityRecordMode Remote Code Execution Vulnerability ZDI Disclosures (Feb 08)
- ZDI-12-031 : Novell iPrint Server attributes-natural-language Remote Code Execution Vulnerability ZDI Disclosures (Feb 08)
- [SECURITY] [DSA 2407-1] cvs security update Florian Weimer (Feb 09)
- [ MDVSA-2012:015 ] wireshark security (Feb 09)
- [SECURITY] CVE-2011-4367 Apache MyFaces information disclosure vulnerability Leonardo Uribe (Feb 09)
- [Suspected Spam] eFront Community++ v3.6.10 - Multiple Web Vulnerabilities research () vulnerability-lab com (Feb 09)
- Dolibarr CMS v3.2.0 Alpha - File Include Vulnerabilities research () vulnerability-lab com (Feb 10)
- <Possible follow-ups>
- Re: Dolibarr CMS v3.2.0 Alpha - File Include Vulnerabilities regis (Feb 27)
- OnxShop CMS v1.5.0 - Multiple Web Vulnerabilities research () vulnerability-lab com (Feb 10)
- Dolibarr CMS v3.2.0 Alpha - SQL Injection Vulnerabilities research () vulnerability-lab com (Feb 10)
- Kloxo LxCenter Server CP v6.1.10 - Multiple Web Vulnerabilities research () vulnerability-lab com (Feb 10)
- CubeCart 3.0.20 (3.0.x) and lower | Open URL Redirection Vulnerability YGN Ethical Hacker Group (Feb 10)
- [ MDVSA-2012:016 ] glpi security (Feb 10)
- [slackware-security] vsftpd (SSA:2012-041-05) Slackware Security Team (Feb 13)
- [slackware-security] glibc (SSA:2012-041-03) Slackware Security Team (Feb 13)
- [slackware-security] proftpd (SSA:2012-041-04) Slackware Security Team (Feb 13)
- [slackware-security] httpd (SSA:2012-041-01) Slackware Security Team (Feb 13)
- [slackware-security] php (SSA:2012-041-02) Slackware Security Team (Feb 13)
- OWASP AppSec USA 2011 Video & Slides Posted adam (Feb 13)
- Yahoo! Messenger v11.5 - Buffer Overflow Vulnerability research () vulnerability-lab com (Feb 13)
- [Suspected Spam] eFront Community++ v3.6.10 - SQL Injection Vulnerability research () vulnerability-lab com (Feb 13)
- sqlinjection bug in nova cms rezahmail (Feb 13)
- Re: sqlinjection bug in nova cms Henri Salo (Feb 16)
- [ MDVSA-2012:017 ] firefox security (Feb 13)
- [ MDVSA-2012:018 ] mozilla-thunderbird security (Feb 13)
- [Announcement] ClubHack Mag - Call for Articles abhijeet (Feb 13)
- [SECURITY] [DSA 2408-1] php5 security update Moritz Muehlenhoff (Feb 13)
- [ MDVSA-2012:019 ] apr security (Feb 14)
- [CAL-2011-0055]Adobe Shockwave Player Parsing block_cout memory corruption vulnerability Code Audit Labs (Feb 15)
- [CAL-2011-0071]Adobe Shockwave Player Parsing cupt atom heap overflow Code Audit Labs (Feb 15)
- FreePBX Remote Exploit dougw (Feb 15)
- [ MDVSA-2012:020 ] phpldapadmin security (Feb 15)
- Multiple vulnerabilities in 11in1 advisory (Feb 15)
- Multiple vulnerabilities in LEPTON advisory (Feb 15)
- [SECURITY] [DSA 2409-1] devscripts security update Raphael Geissert (Feb 15)
- TELUS Security Labs VR - Oracle Java Web Start Command Argument Injection Remote Code Execution noreply (Feb 15)
- Cisco Security Advisory: Cisco NX-OS Malformed IP Packet Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Feb 16)
- [SECURITY] [DSA 2410-1] libpng security update Moritz Muehlenhoff (Feb 16)
- 2012 Honeynet Project Security Workshop Guillaume Arcas (Feb 16)
- [PRE-SA-2012-01] Denial-of-service vulnerability in java.util.zip Timo Warns (Feb 16)
- Hackito Ergo sum // HES2012 Final CFP // Call for Hackers Jonathan Brossard (Feb 16)
- Pandora FMS v4.0.1 - Local File Include Vulnerability + VD Session research () vulnerability-lab com (Feb 17)
- [Spam] Skype v5.6.59.x - Memory Corruption Vulnerability research () vulnerability-lab com (Feb 17)
- 0-DAY XSS of cforms II is now fixed after a year and four months (was Re: cforms WordPress Plugin Cross Site Scripting Vulnerability - CVE-2010-3977) Kousuke Ebihara (Feb 17)
- <Possible follow-ups>
- Re: Fwd: 0-DAY XSS of cforms II is now fixed after a year and four months (was Re: cforms WordPress Plugin Cross Site Scripting Vulnerability - CVE-2010-3977) Rodrigo Rubira Branco (BSDaemon) (Feb 17)
- [security bulletin] HPSBPI02728 SSRT100692 rev.4 - Certain HP Printers and HP Digital Senders, Remote Firmware Update Enabled by Default security-alert (Feb 17)
- IETF I-D: Security and Interoperability Implications of Oversized IPv6 Header Chains Fernando Gont (Feb 17)
- PHP 5.2.x Remote Code Execution Vulnerability Worawit Wang (Feb 17)
- Puppet Dashboard insecure by default Schweiss, Chip (Feb 17)
- [ MDVSA-2012:021 ] java-1.6.0-openjdk security (Feb 17)
- Downloads Folder: A Binary Planting Minefield ACROS Security Lists (Feb 20)
- WebsiteBaker 2.8.2 SP2 HTTP-Referer XSS vulnerability sschurtz (Feb 20)
- CubeCart 3.0.20 (3.0.x) and lower | Open URL Redirection Vulnerability [Updated] YGN Ethical Hacker Group (Feb 20)
- [SECURITY] [DSA 2411-1] mumble security update Florian Weimer (Feb 20)
- [SECURITY] [DSA 2412-1] libvorbis security update Moritz Muehlenhoff (Feb 20)
- SEC Consult SA-20120220-1 :: Multiple Vulnerabilities in ELBA5 SEC Consult Vulnerability Lab (Feb 20)
- SEC Consult SA-20120220-0 :: Multiple critical vulnerabilities in VOXTRONIC voxlog professional SEC Consult Vulnerability Lab (Feb 20)
- SQL Injection Vulnerabilities in TestLink jnatal (Feb 20)
- DC4420 - London DEFCON - February meet - Tuesday February 21st 2012 Major Malfunction (Feb 20)
- OxWall 1.1.1 <= Multiple Cross Site Scripting Vulnerabilities YGN Ethical Hacker Group (Feb 20)
- Re: [oss-security] OxWall 1.1.1 <= Multiple Cross Site Scripting Vulnerabilities Kurt Seifried (Feb 21)
- Dolphin 7.0.7 <= Multiple Cross Site Scripting Vulnerabilities YGN Ethical Hacker Group (Feb 20)
- Re: [oss-security] Dolphin 7.0.7 <= Multiple Cross Site Scripting Vulnerabilities Kurt Seifried (Feb 21)
- [SECURITY] [DSA 2413-1] libarchive security update Luk Claes (Feb 21)
- Vulnerabilitites in Debian F*EX <= 20100208 and F*EX 20111129-2. muuratsalo experimental hack lab (Feb 21)
- Re: Vulnerabilitites in Debian F*EX <= 20100208 and F*EX 20111129-2. muuratsalo experimental hack lab (Feb 21)
- F*EX <= 20100208 Cross Site Scripting Vulnerabilities muuratsalo experimental hack lab (Feb 21)
- F*EX 20111129-2 Cross Site Scripting Vulnerability muuratsalo experimental hack lab (Feb 21)
- IPv6 NIDS evasion and IPv6 fragmentation/reassembly improvements Fernando Gont (Feb 21)
- Mercurycom MR804 Router - Multiple HTTP Header Fields Denial Of Service Vulnerability demonalex (Feb 21)
- [SECURITY] [DSA 2414-1] fex security update Nico Golde (Feb 22)
- [SECURITY] [DSA 2415-1] libmodplug security update Nico Golde (Feb 22)
- Multiple security vulnerabilities in Tremulous 1.1.0, GPP1, and unofficial MG and TJW engines Simon McVittie (Feb 22)
- [ MDVSA-2012:022 ] libpng security (Feb 22)
- Multiple XSS in Chyrp advisory (Feb 22)
- [ MDVSA-2012:023 ] libxml2 security (Feb 22)
- Mobile Mp3 Search Engine HTTP Response Splitting CorryL (Feb 24)
- ZDI-12-032 : Oracle Java Runtime Environment readMabCurveData Integer Overflow Remote Code Execution Vulnerability ZDI Disclosures (Feb 24)
- ZDI-12-033 : ABB WebWare RobNetScanHost.exe Remote Code Execution Vulnerability ZDI Disclosures (Feb 24)
- ZDI-12-034 : Microsoft Windows Media Player ASX Meta-File Parsing Remote Code Execution Vulnerability ZDI Disclosures (Feb 24)
- ZDI-12-035 : Microsoft Internet Explorer CDispNode t:MEDIA Remote Code Execution Vulnerability ZDI Disclosures (Feb 24)
- ZDI-12-036 : Microsoft Internet Explorer VML CDispScroller Remote Code Execution Vulnerability ZDI Disclosures (Feb 24)
- ZDI-12-037 : Oracle Java Web Start JNLP Double Quote Remote Code Execution Vulnerability ZDI Disclosures (Feb 24)
- ZDI-12-038 : Oracle Java JavaFX Arbitrary Argument Remote Code Execution Vulnerability ZDI Disclosures (Feb 24)
- ZDI-12-039 : Oracle Java Web Start java-vm-args Command Argument Injection Remote Code Execution ZDI Disclosures (Feb 24)
- TPTI-12-01 : Oracle Java True Type Font IDEF Opcode Parsing Remote Code Execution Vulnerability ZDI Disclosures (Feb 24)
- [SECURITY] [DSA 2417-1] libxml2 security update Nico Golde (Feb 24)
- NGS00120 Patch Notification: BlackBerry PlayBook Samba Remote Code Execution Research@NGSSecure (Feb 24)
- YVS Image Gallery Sql injection CorryL (Feb 24)
- Case YVS Image Gallery Henri Salo (Feb 27)
- Message not available
- Re: [oss-security] Case YVS Image Gallery Henri Salo (Feb 28)
- Message not available
- Case YVS Image Gallery Henri Salo (Feb 27)
- Re: pidgin OTR information leakage Jann Horn (Feb 27)
- Re: [Full-disclosure] pidgin OTR information leakage Michele Orru (Feb 27)
- Re: [Full-disclosure] pidgin OTR information leakage Rich Pieri (Feb 27)
- Re: [Full-disclosure] pidgin OTR information leakage Jeffrey Walton (Feb 28)
- Message not available
- Re: [Full-disclosure] pidgin OTR information leakage Dimitris Glynos (Feb 28)
- Re: [Full-disclosure] pidgin OTR information leakage Dimitris Glynos (Feb 28)
- Re: [Full-disclosure] pidgin OTR information leakage Michele Orru (Feb 27)