Bugtraq: by author
RSS Feed
About List
All Lists
Previous period
318 messages
starting Dec 14 09 and
ending Dec 09 09
Date index |
Thread index |
Author index
admin
WX Guest Book 1.1.208 (SQL/XSS) Multiple Remote Vulnerabilities admin (Dec 14)
phpPollScript - 1.3 Remote File Include admin (Dec 21)
Loggix Project <= 9.4.5 Multiple Remote File Inclusion Vulnerabilities admin (Dec 14)
advisories
[InterN0T] LiveZilla - XSS Vulnerability advisories (Dec 28)
[InterN0T] Google Analytics plugin for Wordpress - XSS Vulnerability advisories (Dec 04)
Akita Software Security
FreeWebshop.org: multiple vulnerabilities Akita Software Security (Dec 29)
Alessandro Tanasi
[tools] hostmap-0.2.1 released Alessandro Tanasi (Dec 28)
Alexander Klink
SQL-Ledger – several vulnerabilities Alexander Klink (Dec 21)
Alex Legler
[ GLSA 200912-01 ] OpenSSL: Multiple vulnerabilities Alex Legler (Dec 02)
[ GLSA 200912-02 ] Ruby on Rails: Multiple vulnerabilities Alex Legler (Dec 21)
Andrea Barisani
[oCERT-2009-017] PHP multiple issues Andrea Barisani (Dec 01)
[Suspected Spam][oCERT-2009-019] Ganeti path sanitization errors Andrea Barisani (Dec 17)
Andrea Fabrizi
PhpShop Multiple Vulnerabilities Andrea Fabrizi (Dec 07)
Andrea Purificato
Re: [rejected] Oracle exploit for CTXSYS.DRVXTABC.CREATE_TABLES and others Andrea Purificato (Dec 02)
Andrew Farmer
Re: [Full-disclosure] Remote Command Execution in dotDefender Site Management Andrew Farmer (Dec 02)
anonymous
Re: Re: Re: Re: Back door trojan in acajoom-3.2.6 for joomla anonymous (Dec 07)
Asterisk Security Team
AST-2009-010: RTP Remote Crash Vulnerability Asterisk Security Team (Dec 01)
Barkın KILIÇ
Re: ** FreeBSD local r00t zeroday Barkın KILIÇ (Dec 02)
Barry Raveendran Greene
RE: TLS Renegotiation Vulnerability: Proof of Concept Code (Python) Barry Raveendran Greene (Dec 22)
Blair
Trango Broadband Wireless Rogue SU Authentication Bug Blair (Dec 15)
Bogdan Calin
Zen Cart local file disclosure vulnerability Bogdan Calin (Dec 09)
bugreport
Microsoft IIS 0Day Vulnerability in Parsing Files (semi-colon bug) bugreport (Dec 28)
c0dy
Theeta CMS (Cross Site Scripting,SQL Injection) Multiple Vulnerabilities c0dy (Dec 01)
Campus Party EU Spain
Campus Party Eu 2010 Security Challenge - Call For Participants Campus Party EU Spain (Dec 17)
Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Multiple Cisco WebEx WRF Player Vulnerabilities Cisco Systems Product Security Incident Response Team (Dec 16)
ClubHack
ClubHack2009 presentations are now online ClubHack (Dec 28)
CORE Security Technologies Advisories
CORE-2009-0911: DAZ Studio Arbitrary Command Execution CORE Security Technologies Advisories (Dec 03)
CORE-2009-1013: Multiple XSS and Injection Vulnerabilities in TestLink Test Management and Execution System CORE Security Technologies Advisories (Dec 10)
crashbrz
Re: RE: Tests about semicolon zero-day (BID 37460) crashbrz (Dec 30)
Crash - DcLabs
Tests about semicolon zero-day (BID 37460) Crash - DcLabs (Dec 29)
cxib
PHP 5.3.1 open_basedir bypass cxib (Dec 04)
Flock 2.5.2 Remote Array Overrun (Arbitrary code execution) cxib (Dec 11)
Camino 1.6.10 Remote Array Overrun (Arbitrary code execution) cxib (Dec 11)
Dawid Golunski
Invision Power Board <= 3.0.4 Local PHP File Inclusion and SQL Injection Dawid Golunski (Dec 04)
Dominick LaTrappe
VideoCache 1.9.2 vccleaner root vulnerability Dominick LaTrappe (Dec 16)
Don HO
Notepad++ buffer overflow issue Don HO (Dec 09)
ds . adv . pub
Code to mitigate IIS semicolon zero-day ds . adv . pub (Dec 28)
dvlabs
TPTI-09-09: HP OpenView NNM ovsessionmgr.exe userid/passwd Heap Overflow Vulnerability dvlabs (Dec 09)
TPTI-09-15: HP OpenView Data Protector Cell Manager Heap Overflow Vulnerability dvlabs (Dec 21)
TPTI-09-14: HP OpenView NNM ovwebsnmpsrv.exe OVwSelection Stack Overflow Vulnerability dvlabs (Dec 09)
TPTI-09-08: HP OpenView NNM ovlogin.exe CGI userid/passwd Heap Overflow Vulnerability dvlabs (Dec 09)
TPTI-09-13: HP OpenView NNM snmpviewer.exe CGI Host Header Stack Overflow Vulnerability dvlabs (Dec 09)
TPTI-09-12: HP OpenView NNM ovalarm.exe CGI Accept-Language Stack Overflow Vulnerability dvlabs (Dec 09)
TPTI-09-11: HP OpenView NNM OvWebHelp.exe CGI Topic Heap Overflow Vulnerability dvlabs (Dec 09)
TPTI-09-10: HP OpenView NNM webappmon.exe CGI Host Header Buffer Overflow Vulnerability dvlabs (Dec 09)
Ed Carp
Re: [Full-disclosure] ** FreeBSD local r00t zeroday Ed Carp (Dec 01)
edgard . chammas
ClarkConnect XSS vulnerability edgard . chammas (Dec 22)
faghani
Sheedravi CMS SQL Injection Vulnerability faghani (Dec 28)
Florian Weimer
[SECURITY] [DSA 1963-1] New unbound packages fix DNSSEC validation Florian Weimer (Dec 28)
[SECURITY] [DSA 1961-1] New bind9 packages fix cache poisoning Florian Weimer (Dec 23)
[SECURITY] [DSA-1964-1] New PostgreSQL packages fix several vulnerabilities Florian Weimer (Dec 31)
Frank Stuart
U.S. Defense Information Systems Agency (DISA) Unix Security Readiness Review (SRR) root compromise / VU#433821 Frank Stuart (Dec 03)
UPDATE: DISA Unix SRR root compromise / CVE-2009-4211 / VU#433821 Frank Stuart (Dec 09)
FreeBSD Security Advisories
FreeBSD Security Advisory FreeBSD-SA-09:15.ssl FreeBSD Security Advisories (Dec 03)
FreeBSD Security Advisory FreeBSD-SA-09:16.rtld FreeBSD Security Advisories (Dec 03)
FreeBSD Security Advisory FreeBSD-SA-09:17.freebsd-update FreeBSD Security Advisories (Dec 03)
FreeBSD Security Advisory FreeBSD-SA-09:15.ssl [REVISED] FreeBSD Security Advisories (Dec 03)
FreeBSD Security Officer
Upcoming FreeBSD Security Advisory FreeBSD Security Officer (Dec 01)
Giuseppe Iuculano
[SECURITY] [DSA-1950-1] New webkit packages fix several vulnerabilities Giuseppe Iuculano (Dec 14)
[SECURITY] [DSA 1943-1] New openldap2.3/openldap packages fix SSL certificate verification weakness Giuseppe Iuculano (Dec 03)
[SECURITY] [DSA-1962-1] New kvm packages fix several vulnerabilities Giuseppe Iuculano (Dec 23)
hadikiamarsi
Daloradius XSS Vulnerability hadikiamarsi (Dec 15)
Rumba XML XSS vulnerability hadikiamarsi (Dec 17)
pragmaMx CMS Blind SQL/XPath Injection vulnerability hadikiamarsi (Dec 21)
Ian Bradshaw
RE: Millions of PDF invisibly embedded with your internal disk paths Ian Bradshaw (Dec 04)
iDefense Labs
iDefense Security Advisory 12.08.09: Microsoft Windows Indeo32 Codec Parsing Heap Corruption Vulnerability iDefense Labs (Dec 10)
iDefense Security Advisory 12.08.09: Microsoft WordPad Word97 Converter Integer Overflow Vulnerability iDefense Labs (Dec 10)
iDefense Security Advisory 12.08.09: Microsoft Internet Explorer HTML Layout Engine Uninitialized Memory Vulnerability iDefense Labs (Dec 10)
info
DBHCMS Web Content Management System v1.1.4 RFI Vulnerability info (Dec 28)
irancrash
SMF (Simple Machine Forum) 1.1.11 XSS - Discovered by : Khashayar Fereidani irancrash (Dec 21)
ISecAuditors Security Advisories
[ISecAuditors Security Advisories] Cisco ASA <= 8.x VPN SSL module Clientless URL-list control bypass ISecAuditors Security Advisories (Dec 17)
[ISecAuditors Security Advisories] QuiXplorer <=2.4.1beta Remote Code Execution vulnerability ISecAuditors Security Advisories (Dec 17)
[ISecAuditors Security Advisories] WP-Forum <= 2.3 SQL Injection vulnerabilities ISecAuditors Security Advisories (Dec 16)
[ISecAuditors Security Advisories] PHP-Calendar <= v1.1 'configfile' Remote and Local File Inclusion vulnerability ISecAuditors Security Advisories (Dec 21)
[ISecAuditors Security Advisories] Simple PHP Blog <= 0.5.1 Local File Include vulnerability ISecAuditors Security Advisories (Dec 21)
[ISecAuditors Security Advisories] Horde 3.3.5 "PHP_SELF" Cross-Site Scripting vulnerability ISecAuditors Security Advisories (Dec 17)
Ivan Buetler
RE: TLS Renegotiation Vulnerability: Proof of Concept Code (Python) Ivan Buetler (Dec 23)
Jamie Strandboge
[USN-867-1] Ntp vulnerability Jamie Strandboge (Dec 09)
[USN-863-1] QEMU vulnerability Jamie Strandboge (Dec 03)
[USN-874-1] Firefox 3.5 and Xulrunner 1.9.1 vulnerabilities Jamie Strandboge (Dec 21)
[USN-873-1] Firefox 3.0 and Xulrunner 1.9 vulnerabilities Jamie Strandboge (Dec 21)
[USN-871-2] KDE 4 vulnerabilities Jamie Strandboge (Dec 11)
[USN-871-1] KDE vulnerability Jamie Strandboge (Dec 11)
[USN-875-1] Red Hat Cluster Suite vulnerabilities Jamie Strandboge (Dec 21)
[USN-872-1] KDE 4 Runtime vulnerabilities Jamie Strandboge (Dec 11)
[USN-868-1] GRUB 2 vulnerability Jamie Strandboge (Dec 09)
[USN-870-1] PyGreSQL vulnerability Jamie Strandboge (Dec 11)
jpecou
APC Switched Rack PDU XSS Vulnerability jpecou (Dec 15)
Juha-Matti Laurio
Same-origin policy bypass vulnerabilities in several VPN products reported Juha-Matti Laurio (Dec 02)
Kees Cook
[USN-869-1] Linux kernel vulnerabilities Kees Cook (Dec 10)
Kingcope
** FreeBSD local r00t zeroday Kingcope (Dec 01)
Kotas, Kevin J
CA20091208-01: Security Notice for CA Service Desk Kotas, Kevin J (Dec 10)
Luiz Eduardo
Call for Papers - you Sh0t the Sheriff 4 - Security Conference, Brazil Luiz Eduardo (Dec 02)
Lukas Weichselbaum
SEC Consult SA-20091217-0 :: Authentication bypass and file manipulation in Sitecore Staging Module Lukas Weichselbaum (Dec 17)
macaco-listo
Re: Powered By Dvbbs Version 7.1.0 Sp1 By Pass macaco-listo (Dec 21)
Major Malfunction
DC4420 - London DEFCON - Christmas drinks - Wednesday 16th December Major Malfunction (Dec 14)
Marc Deslauriers
[USN-865-1] Bind vulnerability Marc Deslauriers (Dec 07)
[USN-866-1] gnome-screensaver vulnerability Marc Deslauriers (Dec 07)
Mario Alejandro Vilas Jerez
WinAppDbg 1.3 is out! Mario Alejandro Vilas Jerez (Dec 01)
Martin Barbella
XSS Vulnerability in JpGraph 3.0.6 Martin Barbella (Dec 23)
Maxim A. Kulakov
Kaspersky Lab Multiple Products Local Privilege Escalation Vulnerability Maxim A. Kulakov (Dec 16)
Michael Gripenstedt
Security Contact for Netcool at IBM? Michael Gripenstedt (Dec 08)
Moritz Muehlenhoff
[SECURITY] [DSA 1947-1] New Shibboleth packages fix cross-site scripting Moritz Muehlenhoff (Dec 08)
[SECURITY] [DSA 1956-1] New xulrunner packages fix several vulnerabilities Moritz Muehlenhoff (Dec 16)
MustLive
Re: IPB v2.x up to 3.0.4 XSS vulnerability MustLive (Dec 14)
Cross-Site Scripting vulnerabilities in Invision Power Board MustLive (Dec 14)
Vulnerability in Joomulus for Joomla MustLive (Dec 28)
Nam Nguyen
[BMSA-2009-08] Multiple Vulnerabilities in PyForum Nam Nguyen (Dec 15)
Nelson Brito
RE: Tests about semicolon zero-day (BID 37460) Nelson Brito (Dec 29)
RE: Tests about semicolon zero-day (BID 37460) Nelson Brito (Dec 30)
Nick FitzGerald
Re: Millions of PDF invisibly embedded with your internal disk paths Nick FitzGerald (Dec 07)
Re: Millions of PDF invisibly embedded with your internal disk paths Nick FitzGerald (Dec 07)
Nicob
Zabbix Agent : Bypass of EnableRemoteCommands=0 Nicob (Dec 14)
Zabbix Server : Multiple remote vulnerabilities Nicob (Dec 14)
Nico Golde
[SECURITY] [DSA 1948-1] New ntp packages fix denial of service Nico Golde (Dec 08)
noreply-secresearch
Fortinet Advisory: Fortinet Discovers Microsoft Office Project Vulnerability noreply-secresearch (Dec 09)
Fortinet Advisory: Fortinet Discovers Vulnerability in Indeo Codec noreply-secresearch (Dec 09)
nospam
Adobe Illustrator CS4 (V14.0.0) Encapsulated Postscript (.eps) Overlong DSC Comment Buffer Overflow Exploit nospam (Dec 03)
Ofer Maor
Hacktics Advisory Dec09: Oracle eBusiness Suite - Multiple Vulnerabilities Allow Remote Takeover Ofer Maor (Dec 14)
Packet Storm
Re: phpPollScript - 1.3 Remote File Include Packet Storm (Dec 22)
Re: E-Store SQL Injection Vulnerability Packet Storm (Dec 14)
Re: WX Guest Book 1.1.208 (SQL/XSS) Multiple Remote Vulnerabilities Packet Storm (Dec 15)
Patroklos Argyroudis
CVE-2009-3586: CoreHTTP web server off-by-one buffer overflow vulnerability Patroklos Argyroudis (Dec 07)
Monkey HTTPd improper input validation vulnerability Patroklos Argyroudis (Dec 14)
Pavel Machek
Re: Millions of PDF invisibly embedded with your internal disk paths Pavel Machek (Dec 03)
Re: Millions of PDF invisibly embedded with your internal disk paths Pavel Machek (Dec 07)
Protek Research Lab
{PRL} QuickHeal antivirus 2010 Local Privilege Escalation Protek Research Lab (Dec 16)
Raphael Geissert
[SECURITY] [DSA 1958-1] New libtool packages fix privilege escalation Raphael Geissert (Dec 29)
[SECURITY] [DSA 1960-1] New acpid packages fix weak file permissions Raphael Geissert (Dec 21)
[SECURITY] [DSA-1959-1] New ganeti packages fix arbitrary command execution Raphael Geissert (Dec 21)
[SECURITY] [DSA 1949-1] New php-net-ping packages fix arbitrary code execution Raphael Geissert (Dec 14)
RedTeam Pentesting GmbH
TLS Renegotiation Vulnerability: Proof of Concept Code (Python) RedTeam Pentesting GmbH (Dec 21)
Reversemode
Exposing HMS HICP Protocol + Intellicom NetBiterConfig.exe Remote Buffer Overflow (Not patched) Reversemode (Dec 14)
Robert BARABAS
Re: ** FreeBSD local r00t zeroday Robert BARABAS (Dec 02)
rPath Update Announcements
rPSA-2009-0161-1 hwdata kernel rPath Update Announcements (Dec 16)
Ryan Steinmetz
Re: [Full-disclosure] ** FreeBSD local r00t zeroday Ryan Steinmetz (Dec 01)
Salvatore Fresta aka Drosophila
Miniweb 2.0 Full Path Disclosure Salvatore Fresta aka Drosophila (Dec 14)
Family Connections <= 2.1.3 Multiple Remote Vulnerabilities Salvatore Fresta aka Drosophila (Dec 16)
WSCreator 1.1 Blind SQL Injection Salvatore Fresta aka Drosophila (Dec 15)
E-Store SQL Injection Vulnerability Salvatore Fresta aka Drosophila (Dec 11)
B2C Booking Centre Systems - SQL Injection Vulnerability Salvatore Fresta aka Drosophila (Dec 14)
phpCollegeExchange 0.1.5c Multiple SQL Injection Vulnerabilities Salvatore Fresta aka Drosophila (Dec 11)
Digital Scribe 1.4.1 Multiple SQL Injection Vulnerabilities Salvatore Fresta aka Drosophila (Dec 11)
secu_lab_ir
EEGshop v1.2 secu_lab_ir (Dec 14)
Secunia Research
Secunia Research: Winamp Ultratracker File Parsing Buffer Overflow Secunia Research (Dec 17)
Secunia Research: Novell iPrint Client "target-frame" Parameter Buffer Overflow Secunia Research (Dec 08)
Secunia Research: AproxEngine Multiple Vulnerabilities Secunia Research (Dec 29)
Secunia Research: Winamp Impulse Tracker Sample Parsing Buffer Overflow Secunia Research (Dec 17)
Secunia Research: Lateral Arts Photobox uploader ActiveX Control Buffer Overflow Secunia Research (Dec 02)
Secunia Research: Winamp Oktalyzer Parsing Integer Overflow Vulnerability Secunia Research (Dec 17)
Secunia Research: DevIL DICOM "GetUID()" Buffer Overflow Vulnerability Secunia Research (Dec 04)
Secunia Research: Novell iPrint Client Date/Time Parsing Buffer Overflow Secunia Research (Dec 08)
Secunia Research: Roxio Creator Image Rendering Integer Overflow Vulnerability Secunia Research (Dec 02)
Secunia Research: Winamp Impulse Tracker Instrument Parsing Buffer Overflows Secunia Research (Dec 17)
security
[ MDVSA-2009:126-1 ] eggdrop security (Dec 08)
[ MDVSA-2009:108-1 ] zsh security (Dec 03)
[ MDVSA-2009:169-1 ] libtiff security (Dec 04)
[ MDVSA-2009:292-1 ] wireshark security (Dec 04)
[ MDVSA-2009:157-1 ] perl-Compress-Raw-Zlib security (Dec 04)
[ MDVSA-2009:336 ] koffice security (Dec 21)
[ MDVSA-2009:046-1 ] dia security (Dec 09)
[ MDVSA-2009:310 ] openssl security (Dec 03)
[ MDVSA-2009:342 ] acpid security (Dec 28)
[ MDVSA-2009:317 ] netpbm security (Dec 07)
[ MDVSA-2009:320 ] samba security (Dec 07)
[ MDVSA-2009:189-1 ] apache-mod_auth_mysql security (Dec 28)
[ MDVSA-2008:233-1 ] libcdaudio security (Dec 07)
[ MDVSA-2009:231-1 ] htmldoc security (Dec 07)
[ MDVSA-2009:030-1 ] amarok security (Dec 09)
[ MDVSA-2009:215-1 ] audacity security (Dec 07)
[ MDVSA-2009:232-1 ] libsamplerate security (Dec 07)
[ MDVSA-2009:091-1 ] mod_perl security (Dec 09)
[ MDVSA-2009:309 ] ntp security (Dec 03)
[ MDVSA-2009:315 ] libneon security (Dec 04)
[ MDVSA-2009:343 ] acpid security (Dec 28)
[ MDVSA-2009:200-1 ] libxml security (Dec 04)
[ MDVSA-2009:130-1 ] gstreamer0.10-plugins-good security (Dec 04)
[ MDVSA-2009:146-1 ] imap security (Dec 29)
[ MDVSA-2009:307-1 ] libtool security (Dec 07)
[ MDVSA-2009:098-1 ] krb5 security (Dec 08)
[ MDVSA-2009:312 ] dhcp security (Dec 04)
[ MDVSA-2009:197-3 ] nss security (Dec 03)
[ MDVSA-2009:103-1 ] udev security (Dec 03)
[ MDVSA-2009:201-1 ] fetchmail security (Dec 04)
[ MDVSA-2009:284-1 ] gd security (Dec 07)
[ MDVSA-2009:206-1 ] wget security (Dec 04)
[ MDVSA-2009:325 ] ruby security (Dec 07)
[ MDVSA-2009:339 ] firefox security (Dec 23)
[ MDVSA-2009:330 ] kdelibs security (Dec 10)
[ MDVSA-2009:322 ] mono security (Dec 07)
[ MDVSA-2009:272-1 ] libmikmod security (Dec 07)
[ MDVSA-2009:254-1 ] graphviz security (Dec 07)
[ MDVSA-2009:212-1 ] python security (Dec 04)
[ MDVSA-2009:112-1 ] ipsec-tools security (Dec 03)
[ MDVSA-2009:113-1 ] cyrus-sasl security (Dec 03)
[ MDVSA-2009:121-1 ] lcms security (Dec 03)
[ MDVSA-2009:318 ] xmlsec1 security (Dec 07)
[ MDVSA-2009:331 ] kdegraphics security (Dec 10)
[ MDVSA-2009:324 ] php security (Dec 07)
[ MDVSA-2009:158-3 ] pango security (Dec 04)
[ MDVSA-2009:345 ] acl security (Dec 29)
[ MDVSA-2009:256-1 ] dbus security (Dec 07)
[ MDVSA-2009:229-1 ] cyrus-imapd security (Dec 07)
[ MDVSA-2009:329 ] kernel security (Dec 10)
[ MDVSA-2009:208-1 ] libgadu security (Dec 04)
[ MDVSA-2009:128-1 ] libmodplug security (Dec 04)
[ MDVSA-2009:224-1 ] postfix security (Dec 04)
[ MDVSA-2009:260-1 ] imagemagick security (Dec 07)
[ MDVSA-2009:319 ] xine-lib security (Dec 07)
[ MDVSA-2009:296-1 ] gimp security (Dec 11)
[ MDVSA-2009:334 ] poppler security (Dec 17)
[ MDVSA-2009:328 ] ntp security (Dec 09)
[ MDVSA-2009:251-1 ] postgresql8.2 security (Dec 08)
[ MDVSA-2009:333 ] postgresql security (Dec 15)
[ MDVSA-2009:249-1 ] newt security (Dec 07)
[ MDVSA-2009:191-1 ] OpenEXR security (Dec 08)
[ MDVSA-2009:107-1 ] acpid security (Dec 03)
[ MDVSA-2009:308 ] gnutls security (Dec 03)
[ MDVSA-2009:337 ] proftpd security (Dec 22)
[ MDVSA-2009:106-1 ] libwmf security (Dec 03)
[ MDVSA-2009:327 ] clamav security (Dec 08)
[ MDVSA-2009:313-1 ] bind security (Dec 04)
[ MDVSA-2009:203-1 ] curl security (Dec 04)
[ MDVSA-2009:282-1 ] cups security (Dec 08)
[ MDVSA-2009:132-1 ] libsndfile security (Dec 04)
[ MDVSA-2009:297-1 ] ffmpeg security (Dec 07)
[ MDVSA-2009:059-1 ] xchat security (Dec 09)
[ MDVSA-2009:338 ] firefox security (Dec 23)
[ MDVSA-2009:259-1 ] snort security (Dec 11)
[ MDVSA-2009:133-1 ] irssi security (Dec 08)
[ MDVSA-2009:276-1 ] python-django security (Dec 09)
[ MDVSA-2009:335 ] ffmpeg security (Dec 17)
[ MDVSA-2009:326 ] mysql security (Dec 07)
[ MDVSA-2009:323 ] apache security (Dec 07)
[ MDVSA-2009:234-2 ] silc-toolkit security (Dec 07)
[ MDVSA-2009:093-1 ] mpg123 security (Dec 09)
[ MDVSA-2009:332 ] gimp security (Dec 11)
[ MDVSA-2009:287-1 ] xpdf security (Dec 04)
[ MDVSA-2009:316 ] expat security (Dec 07)
[ MDVSA-2009:219-1 ] kompozer security (Dec 07)
[ MDVSA-2009:038-1 ] blender security (Dec 09)
[ MDVSA-2009:311 ] ghostscript security (Dec 04)
[ MDVSA-2009:321 ] pidgin security (Dec 07)
[ MDVSA-2009:099-1 ] openafs security (Dec 08)
[ MDVSA-2009:252-1 ] perl-IO-Socket-SSL security (Dec 07)
[ MDVSA-2009:213-1 ] wxgtk security (Dec 04)
[ MDVSA-2009:244-1 ] xfig security (Dec 28)
[ MDVSA-2009:290-1 ] firefox security (Dec 04)
[ MDVSA-2009:346 ] kde security (Dec 30)
[ MDVSA-2009:217-3 ] mozilla-thunderbird security (Dec 03)
[ MDVSA-2009:199-1 ] subversion security (Dec 07)
[ MDVSA-2009:142-1 ] jasper security (Dec 04)
[ MDVSA-2009:314 ] apr security (Dec 04)
[ MDVSA-2009:340 ] jpgraph security (Dec 28)
[ MDVSA-2009:243-2 ] freetype2 security (Dec 07)
[ MDVSA-2009:341 ] dstat security (Dec 28)
[ MDVSA-2009:218-1 ] w3c-libwww security (Dec 04)
[ MDVSA-2009:344 ] perl-DBD-Pg security (Dec 28)
[ MDVSA-2009:211-1 ] expat security (Dec 04)
[ MDVSA-2009:223-1 ] xerces-c security (Dec 04)
security-alert
[security bulletin] HPSBUX02495 SSRT090151 rev.1 - HP-UX Running sendmail, Remote Denial of Service (DoS) security-alert (Dec 09)
[security bulletin] HPSBMA02481 SSRT090113 rev.1 - HP OpenView Data Protector Application Recovery Manager, Remote Denial security-alert (Dec 08)
[security bulletin] HPSBMA02400 SSRT080144 rev.3 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code security-alert (Dec 11)
[security bulletin] HPSBUX02409 SSRT080171 rev.3 - HP-UX Running VERITAS File System (VRTSvxfs) or VERITAS Oracle Disk security-alert (Dec 14)
[security bulletin] HPSBMA02252 SSRT061258, SSRT061259 rev.1 - HP OpenView Storage Data Protector, Remote Arbitrary Code Execution security-alert (Dec 17)
[security bulletin] HPSBUX02498 SSRT090264 rev.1 - HP-UX Running Apache, Remote Unauthorized Data Injection, Denial of security-alert (Dec 22)
[security bulletin] HPSBMA02425 SSRT080091 rev.2 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code security-alert (Dec 11)
[security bulletin] HPSBUX02482 SSRT090249 rev.2 - HP-UX Running OpenSSL, Remote Unauthorized Data Injection, Denial of Service (DoS) security-alert (Dec 15)
[security bulletin] HPSBMA02483 SSRT090257 rev.2 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code security-alert (Dec 11)
[security bulletin] HPSBPI02472 SSRT090196 rev.2 - Certain HP Color LaserJet Printers, Remote Unauthorized Access to Data, Denial of Service security-alert (Dec 11)
[security bulletin] HPSBMA02477 SSRT090177 rev.3 - HP OpenView Network Node Manager (OV NNM), Remote Denial of Service (DoS) security-alert (Dec 10)
[security bulletin] HPSBMA02416 SSRT090008 rev.4 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code security-alert (Dec 16)
[security bulletin] HPSBMA02483 SSRT090257 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code security-alert (Dec 10)
[security bulletin] HPSBMA02424 SSRT080125 rev.2 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code security-alert (Dec 11)
[security bulletin] HPSBUX02480 SSRT090253 rev.1 - HP-UX Running VRTSweb, Remote Execution of Arbitrary Code, Increase of Privilege security-alert (Dec 10)
smf2 . review
40 vulnerabilities in SMF 1.1.10/SMF 2.0RC2 by elhacker.net (Simple Audit) smf2 . review (Dec 02)
Socket_0x03
Remote Buffer Overflow Exploit (TFTP Daemon Version 1.9) by Socket_0x03 Socket_0x03 (Dec 22)
Remote Buffer Overflow Exploit (TFTP Daemon Version 1.9) by Socket_0x03 Socket_0x03 (Dec 28)
Stefan Esser
Advisory 03/2009: Piwik Cookie unserialize() Vulnerability Stefan Esser (Dec 09)
Advisory 02/2009: PHPIDS Unserialize() Vulnerability Stefan Esser (Dec 09)
Stefan Friedli
[scip-Advisory 4063] PasswordManager Pro 6.1 Script Injection Vulnerability Stefan Friedli (Dec 15)
Stefan Fritsch
[SECURITY] [DSA-1953-1] New expat packages fix denial of service Stefan Fritsch (Dec 16)
[SECURITY] [DSA-1953-2] New expat packages fix regression Stefan Fritsch (Dec 31)
Steffen Joeris
[SECURITY] [DSA 1944-1] New request-tracker packages fix session hijack vulnerability Steffen Joeris (Dec 03)
[SECURITY] [DSA 1957-1] New aria2 packages fix arbitrary code execution Steffen Joeris (Dec 28)
[SECURITY] [DSA 1946-1] New belpic packages fix cryptographic weakness Steffen Joeris (Dec 07)
[SECURITY] [DSA 1955-1] New network-manager/network-manager-applet packages fix information disclosure Steffen Joeris (Dec 16)
[SECURITY] [DSA 1945-1] New gforge packages fix denial of service Steffen Joeris (Dec 03)
[SECURITY] [DSA 1954-1] New cacti packages fix insufficient input sanitising Steffen Joeris (Dec 16)
[SECURITY] [DSA 1952-1] New asterisk packages fix several vulnerabilities Steffen Joeris (Dec 15)
[SECURITY] [DSA 1951-1] New firefox-sage packages fix insufficient input sanitizing Steffen Joeris (Dec 15)
[SECURITY] [DSA 1952-2] End-of-life announcement for asterisk in oldstable Steffen Joeris (Dec 15)
tcphttp
Mozilla Firefox JavaScript Prompt Spoofing Weakness tcphttp (Dec 07)
Thierry Zoller
Re: TLS / SSLv3 vulnerability explained (New ways to leverage the vulnerability) Thierry Zoller (Dec 11)
Thor (Hammer of God)
RE: Millions of PDF invisibly embedded with your internal disk paths Thor (Hammer of God) (Dec 10)
FW: [Full-disclosure] File Access Vulnerability in Easy File Sharing Web Server Thor (Hammer of God) (Dec 16)
RE: Millions of PDF invisibly embedded with your internal disk paths Thor (Hammer of God) (Dec 04)
File Access Vulnerability in Easy File Sharing Web Server Thor (Hammer of God) (Dec 16)
tomer
Applicure Technologies response tomer (Dec 08)
Tom Yu
MITKRB5-SA-2009-003 [CVE-2009-3295] KDC denial of service in cross-realm referral processing Tom Yu (Dec 28)
Troy Bollinger
Re: Security Contact for Netcool at IBM? Troy Bollinger (Dec 08)
VMware Security Team
VMSA-2009-0017 VMware vCenter, ESX patch and vCenter Lab Manager releases address cross-site scripting issues VMware Security Team (Dec 15)
VUPEN Security Research
VUPEN Security Research - Winamp PNG and JPEG Data Integer Overflow Vulnerabilities VUPEN Security Research (Dec 17)
Xacker
IPB v2.x up to 3.0.4 XSS vulnerability Xacker (Dec 09)
ZDI Disclosures
ZDI-09-087: Microsoft Internet Explorer CSS Race Condition Code Execution Vulnerability ZDI Disclosures (Dec 09)
ZDI-09-090: Microsoft Windows Intel Indeo Codec Parsing Stack Overflow Vulnerability ZDI Disclosures (Dec 09)
ZDI-09-097: Hewlett-Packard OpenView NNM nnmRptConfig.exe Template Variable strcat Overflow Vulnerability ZDI Disclosures (Dec 09)
ZDI-09-093: Adobe Flash Player ActionScript Exception Handler Integer Overflow Vulnerability ZDI Disclosures (Dec 09)
ZDI-09-092: Adobe Flash Player JPEG Parsing Heap Overflow Vulnerability ZDI Disclosures (Dec 09)
ZDI-09-089: Microsoft Windows Intel Indeo Codec Parsing Heap Overflow Vulnerability ZDI Disclosures (Dec 09)
ZDI-09-094: Hewlett-Packard OpenView NNM Multiple Command Injection Vulnerabilities ZDI Disclosures (Dec 09)
ZDI-09-098: Symantec Multiple Products VRTSweb.exe Remote Code Execution Vulnerability ZDI Disclosures (Dec 09)
ZDI-09-095: Hewlett-Packard OpenView NNM Snmp.exe Oid Variable Buffer Overflow Vulnerability ZDI Disclosures (Dec 09)
ZDI-09-088: Microsoft Internet Explorer IFrame Attributes Circular Reference Dangling Pointer Vulnerability ZDI Disclosures (Dec 09)
ZDI-09-099: Hewlett-Packard OpenView Data Protector Backup Client Service Buffer Overflow Vulnerability ZDI Disclosures (Dec 21)
ZDI-09-086: Microsoft Internet Explorer XHTML DOM Manipulation Memory Corruption Vulnerability ZDI Disclosures (Dec 09)
ZDI-09-096: Hewlett-Packard OpenView NNM nnmRptConfig.exe Template Variable vsprintf Overflow Vulnerability ZDI Disclosures (Dec 09)
ZDI-09-091: Hewlett-Packard Application Recovery Manager MSG_PROTOCOL Stack Overflow Vulnerability ZDI Disclosures (Dec 09)