Bugtraq: by thread
247 messages
starting Feb 02 09 and
ending Feb 27 09
Date index |
Thread index |
Author index
- [ MDVSA-2009:031 ] avahi security (Feb 02)
- VMSA-2009-0001 ESX patches address an issue loading corrupt virtual disks and update Service Console packages VMware Security Team (Feb 02)
- [SECURITY] [DSA 1716-1] New vnc4 packages fix remote code execution Florian Weimer (Feb 02)
- BruCON call for papers Filip Waeytens (Feb 02)
- [ MDVSA-2009:032 ] kernel security (Feb 02)
- Secunia Research: Free Download Manager Torrent Parsing Buffer Overflows Secunia Research (Feb 02)
- [Wintercore Research WS02-0209] Kaspersky Products Klim5.sys local privilege escalation vulns (Feb 02)
- Secunia Research: Free Download Manager Remote Control Server Buffer Overflow Secunia Research (Feb 02)
- ZDI-09-010: Novell Netware Groupwise GWIA RCPT Command Buffer Overflow Vulnerability zdi-disclosures (Feb 02)
- Hex Workshop v6 "ColorMap files .cmap" Invalid Memory Reference crash POC xhakerman2006 (Feb 03)
- Security Advisory for Bugzilla 3.2.1, 3.0.7, and 3.3.2 mkanat (Feb 03)
- Web Hacking Incidents update for Feb 3rd Ofer Shezaf (Feb 03)
- NaviCopa webserver 3.01 Multiple Vulnerabilities ew1zz (Feb 03)
- SMF 1.1.7 Persistent XSS (requires permision to edit censor) Eduardo Vela (Feb 03)
- <Possible follow-ups>
- Re: SMF 1.1.7 Persistent XSS (requires permision to edit censor) metallica48423 (Feb 05)
- [security bulletin] HPSBUX02407 SSRT080107 rev.1 - HP-UX Running IPv6, Remote Denial of Service (DoS) and Unauthorized Access security-alert (Feb 03)
- Nokia Multimedia Player v1.1 .m3u Heap Overflow PoC exploit 0in . email (Feb 03)
- Team SHATTER Security Advisory: Oracle Database Buffer Overflow in SYS.OLAPIMPL_T.ODCITABLESTART Shatter (Feb 03)
- Re: Team SHATTER Security Advisory: Oracle Database Buffer Overflow in SYS.OLAPIMPL_T.ODCITABLESTART security curmudgeon (Feb 20)
- Call for papers and trainers - note extended deadline - SeacureIT 2009 Stefano Zanero (Feb 03)
- Team SHATTER Security Advisory: SQL Injection in Oracle Enterprise Manager (TARGET Parameter) Shatter (Feb 03)
- CORE-2008-1009 - VNC Multiple Integer Overflows CORE Security Technologies Advisories (Feb 03)
- Euphonics Audio Player v1.0 (.pls) Local BOF POC darkb0x97 (Feb 04)
- Squid Proxy Cache Denial of Service in request handling Amos Jeffries (Feb 04)
- [security bulletin] HPSBUX02401 SSRT090005 rev.1 - HP-UX Running Apache Web Server Suite, Remote Denial of Service (DoS), Cross-site Scripting (XSS), Execution of Arbitrary Code, Cross-Site Request Forgery (CSRF) security-alert (Feb 04)
- [ MDVSA-2009:033 ] sudo security (Feb 04)
- QIP 2005 Denial of Service Vulnerability ss_contacts (Feb 04)
- DDIVRT-2008-19 HP JetDirect Web Administration Directory Traversal vulnerabilityresearch (Feb 04)
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco Wireless LAN Controllers Cisco Systems Product Security Incident Response Team (Feb 04)
- rgboard v4 (07.07.27) Multiple Vulnerability make0day (Feb 04)
- phpslash <= 0.8.1.1 Remote Code Execution Exploit gmdarkfig (Feb 04)
- metabbs 0.11 Change admin password vulnerability make0day (Feb 04)
- flatnux Flatnux-2009-01-27 Remote File Include blabla-34 (Feb 04)
- StreamDown v6.4.3 Local Buffer Overflow PoC todor . donev (Feb 04)
- LCPlayer (.qt file) EOP change PoC (app crash) darkb0x97 (Feb 04)
- Microsoft SDL meets CWE/SANS Top25 Juha-Matti Laurio (Feb 04)
- [Tool] sqlmap 0.6.4 released Bernardo Damele A. G. (Feb 04)
- Re: DMXReady Blog Manager (SQL/XSS) support (Feb 04)
- Cisco IOS XSS/CSRF Vulnerability azask2 (Feb 04)
- [SECURITY] [DSA 1717-1] New devil packages fix buffer overflow Devin Carraway (Feb 05)
- [SVRT-02-09] FeedDemon (ver<=2.7) Buffer Overflow Vulnerability SVRT-Bkis (Feb 05)
- Nokia N95-8 browser denial of service jplopezy (Feb 05)
- Re: Nokia N95-8 browser denial of service Thierry Zoller (Feb 05)
- C4 SCADA Security Advisory - AREVA e-terrahabitat / e-terraplatform Multiple Vulnerabilities Eyal Udassin (Feb 05)
- dBpowerAMP Audio Player local buffer overflow exploit maroc-anti-connexion (Feb 05)
- Speaking line up confirmed! uCon Security Conference 2009 - Recife, Brazil uCon Security Conference (Feb 05)
- SFX-SQLi: A new SQL injection technique for MSSQL (dumps a table in one request!) Daniel Kachakil (Feb 06)
- Re: SFX-SQLi: A new SQL injection technique for MSSQL (dumps a table in one request!) Razi Shaban (Feb 06)
- Re: SFX-SQLi: A new SQL injection technique for MSSQL (dumps a table in one request!) Roman Medina-Heigl Hernandez (Feb 09)
- Re: SFX-SQLi: A new SQL injection technique for MSSQL (dumps a table in one request!) Razi Shaban (Feb 06)
- [security bulletin] HPSBPI02398 SSRT080166 rev.1 - Certain HP LaserJet Printers, HP Color LaserJet Printers, and HP Digital Senders, Remote Unauthorized Access to Files security-alert (Feb 06)
- RealNetworks RealPlayer IVR File Processing Multiple Code Execute Vulnerabilities noreply-secresearch () fortinet com (Feb 06)
- [security bulletin] HPSBMA02406 SSRT080100 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code security-alert (Feb 06)
- [security bulletin] HPSBUX02408 SSRT080182 rev.1 - HP-UX Running NFS, Local Denial of Service (DoS) security-alert (Feb 06)
- Vulnerable: Ilch CMS Gizmore (Feb 06)
- iDefense Security Advisory 02.06.09: HP Network Node Manager Multiple Command Injection Vulnerabilities iDefense Labs (Feb 06)
- CamFrog Password Disclosure Vulnerability zigmatn (Feb 06)
- iDefense Security Advisory 02.06.09: HP Network Node Manager Multiple Information Disclosure Vulnerabilities iDefense Labs (Feb 06)
- [ GLSA 200902-01 ] sudo: Privilege escalation Tobias Heinlein (Feb 09)
- [oCERT-2009-002] OpenCORE insufficient bounds checking during MP3 decoding Will Drewry (Feb 09)
- PHP filesystem attack vectors ascii (Feb 09)
- Re: [Full-disclosure] PHP filesystem attack vectors Stefan Esser (Feb 09)
- <Possible follow-ups>
- Re: PHP filesystem attack vectors cxib (Feb 10)
- [SECURITY] [DSA 1718-1] New boinc packages fix validation bypass Moritz Muehlenhoff (Feb 09)
- [BMSA-2009-02] XML injection in PyBlosxom Nam Nguyen (Feb 09)
- rooting your own phone: android security Pavel Machek (Feb 09)
- LFI in Drupal CMS rasool . nasr (Feb 09)
- <Possible follow-ups>
- Re: LFI in Drupal CMS security (Feb 12)
- Re: LFI in Drupal CMS security (Feb 18)
- Nokia N95-8 JPG crash jplopezy (Feb 09)
- Re: Nokia N95-8 JPG crash Dmitry Yu. Bolkhovityanov (Feb 10)
- 3Com OfficeConnect Wireless Cable/DSL Router Authentication Bypass luca . caretton (Feb 09)
- ZeroShell <= 1.0beta11 Remote Code Execution Luca Carettoni (Feb 09)
- Trend micro - IWSVA/IWSS - Authorization module password leak david . vorel (Feb 09)
- London DEFCON DC4420 - February 2009 Meet - Thursday 12th Major Malfunction (Feb 09)
- Remote Authentication Bypass - Swann DVR4 SecuraNet (possibly DVR9 as well) tez (Feb 10)
- [ECHO_ADV_102$2009] BusinessSpace <= 1.2 (id) Remote SQL Injection Vulnerability adv (Feb 10)
- [SECURITY] [DSA 1719-1] New gnutls13 packages fix certificate validation Florian Weimer (Feb 10)
- [ MDVSA-2009:034 ] squid security (Feb 10)
- Another SQL injection in ProFTPd with mod_mysql (probably postgres as well) gat3way (Feb 10)
- Re: Another SQL injection in ProFTPd with mod_mysql (probably postgres as well) Daniel Mayer (Feb 10)
- Re: Another SQL injection in ProFTPd with mod_mysql (probably postgres as well) Sergio Aguayo (Feb 11)
- Re: Another SQL injection in ProFTPd with mod_mysql (probably postgres as well) Edward Bjarte Fjellskål (Feb 11)
- <Possible follow-ups>
- Re: Re: Another SQL injection in ProFTPd with mod_mysql (probably postgres as well) gat3way (Feb 11)
- Craft Silicon Banking@Home SQL Injection Francesco Bianchino (Feb 10)
- Web Hacking Incidents update for Feb 10th Ofer Shezaf (Feb 10)
- [Suspected Spam][Fwd: Re: Novell-QuickFinder Server Xss & Java remote execution Code] ivan . sanchez (Feb 10)
- Nokia Phoenix Service Software 2008.04.007.32837 overflow POC murderskill (Feb 10)
- ZDI-09-011: Microsoft Internet Explorer CFunctionPointer Memory Corruption Vulnerability ZDI Disclosures (Feb 10)
- [SECURITY] [DSA 1720-1] New TYPO3 packages fix several vulnerabilities Nico Golde (Feb 10)
- ZDI-09-012: Microsoft Internet Explorer Malformed CSS Memory Corruption ZDI Disclosures (Feb 10)
- [USN-717-1] Firefox and Xulrunner vulnerabilities Jamie Strandboge (Feb 11)
- Local vulnerability in suexec + FastCGI + PHP configurations security . 432 (Feb 11)
- Re: Local vulnerability in suexec + FastCGI + PHP configurations Martijn Vernooij (Feb 13)
- ProFTPd with mod_mysql Authentication Bypass Exploit alphanix00 (Feb 11)
- [ MDVSA-2009:035 ] gstreamer0.10-plugins-good security (Feb 11)
- [USN-717-3] Firefox vulnerabilities Jamie Strandboge (Feb 11)
- Full Path Disclosure In Photolibrary 1.009 XiaShing (Feb 11)
- [USN-717-2] Firefox vulnerabilities Jamie Strandboge (Feb 11)
- [security bulletin] HPSBMA02331 SSRT080000 rev.3 - HP-UX running WBEM Services, Remote Execution of Arbitrary Code, Gain Extended Privileges security-alert (Feb 11)
- Web Hacking Incidents update for Feb 10th (Links corrected) Ofer Shezaf (Feb 11)
- Directory traversal vulnerability in Geovision Digital Video Surveillance System (geohttpserver) dejan . levaja (Feb 11)
- [SECURITY] [DSA 1722-1] New libpam-heimdal packages fix local privilege escalation Moritz Muehlenhoff (Feb 11)
- pam-krb5 security advisory (3.12 and earlier) Russ Allbery (Feb 11)
- Re: pam-krb5 security advisory (3.12 and earlier) Tim Skirvin (Feb 11)
- BackTrack 4 Beta Released Mati Aharoni (Feb 11)
- [SECURITY] [DSA 1721-1] New libpam-krb5 packages fix local privilege escalation Moritz Muehlenhoff (Feb 11)
- Full Path Disclosure In Photolibrary 1.009(Update) XiaShing (Feb 12)
- SEP(Symantec) Bug Sandeep Cheema (Feb 12)
- RE: SEP(Symantec) Bug James C. Slora Jr. (Feb 12)
- RE: SEP(Symantec) Bug Jon Kloske (Feb 13)
- Re: SEP(Symantec) Bug Sandeep Cheema (Feb 13)
- <Possible follow-ups>
- Re: RE: SEP(Symantec) Bug steve . fowler (Feb 13)
- Re: SEP(Symantec) Bug secure (Feb 16)
- Denial of Service using Partial GET Request in Mozilla Firefox 3.06 XiaShing (Feb 12)
- Re: Denial of Service using Partial GET Request in Mozilla Firefox 3.06 Rolphin (Feb 12)
- <Possible follow-ups>
- Re: Denial of Service using Partial GET Request in Mozilla Firefox 3.06 XiaShing (Feb 13)
- Re: Denial of Service using Partial GET Request in Mozilla Firefox 3.06 Mike Duncan (Feb 13)
- Re: Re: Denial of Service using Partial GET Request in Mozilla Firefox 3.06 XiaShing (Feb 13)
- Re: Re: Denial of Service using Partial GET Request in Mozilla Firefox 3.06 node (Feb 20)
- [ MDVSA-2009:036 ] python security (Feb 12)
- [USN-719-1] pam-krb5 vulnerabilities Marc Deslauriers (Feb 12)
- [USN-720-1] PHP vulnerabilities Marc Deslauriers (Feb 12)
- [ GLSA 200902-03 ] Valgrind: Untrusted search path Robert Buchholz (Feb 12)
- [ GLSA 200902-02 ] OpenSSL: Certificate validation error Robert Buchholz (Feb 12)
- [ GLSA 200902-04 ] xterm: User-assisted arbitrary commands execution Pierre-Yves Rofes (Feb 13)
- [security bulletin] HPSBUX02401 SSRT090005 rev.2 - HP-UX Running Apache Web Server Suite, Remote Denial of Service (DoS), Cross-site Scripting (XSS), Execution of Arbitrary Code, Cross-Site Request Forgery (CSRF) security-alert (Feb 13)
- Nokia N95 browser "setAttributeNode" method crash jplopezy (Feb 13)
- Security Assessment of the Transmission Control Protocol (TCP) Fernando Gont (Feb 13)
- Enomaly ECP/Enomalism: Silent update remote command execution vulnerability Sam Johnston (Feb 13)
- Cross-site scripting in Samizdat 0.6.1 Dmitry Borodaenko (Feb 13)
- SEPKILL /im SMC.EXE /f Sandeep Cheema (Feb 13)
- <Possible follow-ups>
- Re: SEPKILL /im SMC.EXE /f Sandeep Cheema (Feb 13)
- Re: SEPKILL /im SMC.EXE /f Sandeep Cheema (Feb 13)
- Re: SEPKILL /im SMC.EXE /f Sandeep Cheema (Feb 13)
- RE: SEPKILL /im SMC.EXE /f David Calabro (Feb 13)
- Re: SEPKILL /im SMC.EXE /f Sandeep Cheema (Feb 13)
- RE: SEPKILL /im SMC.EXE /f David Calabro (Feb 13)
- Re: SEPKILL /im SMC.EXE /f Sandeep Cheema (Feb 19)
- Re: SEPKILL /im SMC.EXE /f Sandeep Cheema (Feb 20)
- Re: SEPKILL /im SMC.EXE /f Sandeep Cheema (Feb 20)
- Re: Enomaly ECP/Enomalism: Silent update remote command execution vulnerability sc0ttbeardsley (Feb 13)
- <Possible follow-ups>
- Re: Enomaly ECP/Enomalism: Silent update remote command execution vulnerability lars (Feb 16)
- ACM CCS '09: Call for Workshop Proposals Christopher Kruegel (Feb 13)
- RainbowCrack 1.3 is released, the new generation of time-memory tradeoff hash cracker shuanglei (Feb 13)
- cryptsetup can't destroy last key of a LUKS partition under Ubuntu/Debian Pierre Dinh-van (Feb 13)
- [security bulletin] HPSBPI02398 SSRT080166 rev.2 - Certain HP LaserJet Printers, HP Color LaserJet Printers, and HP Digital Senders, Remote Unauthorized Access to Files security-alert (Feb 16)
- Enomaly ECP/Enomalism: Multiple vulnerabilities in enomalism2.sh (redux) Sam Johnston (Feb 16)
- [SECURITY] [DSA 1725-1] New websvn packages fix information leak Thijs Kinkhorst (Feb 16)
- [UPRSN] Ubuntu Privacy Remix 8.04r3 fixes security issues Ubuntu Privacy Remix Team (Feb 16)
- [waraxe-2009-SA#072] - Multiple Vulnerabilities in RavenNuke 2.3.0 come2waraxe (Feb 16)
- [ MDVSA-2009:037 ] bind security (Feb 16)
- RFI Bug Dr . linux (Feb 16)
- Re: RFI Bug Francesco Laurita (Feb 17)
- [ MDVSA-2009:038 ] blender security (Feb 16)
- [ MDVSA-2009:039 ] gedit security (Feb 16)
- FreeBSD Security Advisory FreeBSD-SA-09:05.telnetd FreeBSD Security Advisories (Feb 17)
- [ MDVSA-2009:040 ] dia security (Feb 17)
- [security bulletin] HPSBMA02406 SSRT080100 rev.2 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code, Unauthorized Access to Data security-alert (Feb 17)
- [ MDVSA-2009:041 ] jhead security (Feb 17)
- [USN-721-1] fglrx-installer vulnerability Kees Cook (Feb 17)
- [USN-722-1] sudo vulnerability Kees Cook (Feb 17)
- Re: SyScan'09 Call For Paper - Shanghai, Hong Kong, Singapore, Taipei organiser () syscan org (Feb 18)
- DDIVRT-2009-20 NetMRI Login Application Cross-site Scripting Vulnerability ddvulnalert (Feb 18)
- RE: hello bug in windows live messenger rasod korad (Feb 18)
- [ MDVSA-2009:042 ] samba security (Feb 18)
- [USN-723-1] Git vulnerabilities Marc Deslauriers (Feb 18)
- Re: [Full-disclosure] Joomla Component com_joomradio SQL Injection Packet Storm (Feb 18)
- Weekly Web Hacking Incidents update for Feb 19th Ofer Shezaf (Feb 19)
- Apache directory traversal on shared hosting environment. davec (Feb 19)
- Re: Apache directory traversal on shared hosting environment. Ben M. Thomas (Feb 19)
- <Possible follow-ups>
- Re: Apache directory traversal on shared hosting environment. dave (Feb 19)
- [ MDVA-2009:027 ] kernel security (Feb 20)
- [ MDVSA-2009:043 ] gnumeric security (Feb 20)
- [ MDVSA-2009:046 ] dia security (Feb 20)
- [ MDVSA-2009:044 ] firefox security (Feb 20)
- PHCDownload 1.1.0 Vulnerabilities contact (Feb 20)
- [ MDVSA-2009:047 ] vim security (Feb 20)
- [ MDVSA-2009:045 ] php security (Feb 20)
- [ MDVSA-2009:048 ] epiphany security (Feb 23)
- [ MDVSA-2009:049 ] pycrypto security (Feb 23)
- [ MDVSA-2009:050 ] python-pycrypto security (Feb 23)
- gigCalendar Joomla Component 1.0 SQL Injection Salvatore "drosophila" Fresta (Feb 23)
- gigCalendar 1.0 (banddetails.php) Joomla Component SQL Injection Salvatore "drosophila" Fresta (Feb 23)
- XSS Attack using SMS to Optus/Huawei E960 HSDPA Router rizki . wicaksono (Feb 23)
- gigCalendar 1.0 (venuedetails.php) Joomla Component SQL Injection Salvatore "drosophila" Fresta (Feb 23)
- HP Quality Center vulnerability info (Feb 23)
- Re: HP Quality Center vulnerability Pavel Kankovsky (Feb 25)
- [ECHO_ADV_103$2009] taifajobs <= 1.0 (jobid) Remote SQL Injection Vulnerability adv (Feb 23)
- [ MDVSA-2009:050-1 ] python-pycrypto security (Feb 23)
- [ GLSA 200902-05 ] KTorrent: Multiple vulnerabilitites Pierre-Yves Rofes (Feb 23)
- [ MDVSA-2009:051 ] libpng security (Feb 23)
- [ GLSA 200902-06 ] GNU Emacs, XEmacs: Multiple vulnerabilities Pierre-Yves Rofes (Feb 23)
- [ MDVSA-2009:049-1 ] pycrypto security (Feb 24)
- VMSA-2009-0002 VirtualCenter Update 4 updates Tomcat to 5.5.27 VMware Security team (Feb 24)
- [ MDVSA-2009:048-1 ] epiphany security (Feb 24)
- [ MDVSA-2009:047-1 ] vim security (Feb 24)
- <Possible follow-ups>
- [ MDVSA-2009:047-1 ] vim security (Feb 24)
- iDefense Security Advisory 02.24.09: Adobe Flash Player Invalid Object Reference Vulnerability iDefense Labs (Feb 24)
- [ MDVSA-2009:052 ] php-smarty security (Feb 24)
- [ MDVSA-2009:053 ] squirrelmail security (Feb 25)
- Re: Another SQL injection in ProFTPd with mod_mysql (probably postgres as well) Benjamin Milde (Feb 25)
- pPIM Multiple Vulnerabilities Justin C. Klein Keane (Feb 25)
- [ MDVSA-2009:054 ] nagios security (Feb 25)
- Secunia Research: Orbit Downloader Long URL Parsing Buffer Overflow Secunia Research (Feb 25)
- [security bulletin] HPSBMA02384 SSRT071465 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Unauthorized Access, Denial of Service (DoS) security-alert (Feb 25)
- [BMSA-2009-03] Multiple vulnerabilities in OpenSite v2.1 Nam Nguyen (Feb 25)
- Apple Safari 4 Beta feeds: URI NULL Pointer Dereference Denial of Service Vulnerability Trancer (Feb 25)
- Secunia Research: SHOUTcast DNAS Relay Server Buffer Overflow Secunia Research (Feb 25)
- [DSECRG-09-008] JOnAS(4.10.3) - Linked XSS Vulnerability Digital Security Research Group (Feb 25)
- Secunia Research: ksquirrel-libs Radiance RGBE Buffer Overflows Secunia Research (Feb 25)
- Cisco Security Advisory: Cisco ACE Application Control Engine Device Manager and Application Networking Manager Vulnerabilities Cisco Systems Product Security Incident Response Team (Feb 25)
- Cisco Security Advisory: Multiple Vulnerabilities in the Cisco ACE Application Control Engine Module and Cisco ACE 4710 Application Control Engine Cisco Systems Product Security Incident Response Team (Feb 25)
- Cisco Security Advisory: Cisco Unified MeetingPlace Web Conferencing Authentication Bypass Vulnerability Cisco Systems Product Security Incident Response Team (Feb 25)
- [SECURITY] [DSA 1726-1] New python-crypto packages fix denial of service Moritz Muehlenhoff (Feb 25)
- [ MDVSA-2009:055 ] audacity security (Feb 25)
- Cisco Unified MeetingPlace Web Conferencing Stored Cross Site Scripting Vulnerability security . assurance (Feb 26)
- Sopcast SopCore Control (sopocx.ocx 3.0.3.501) SetExternalPlayer() user assisted remote code execution poc nospam (Feb 26)
- [ MDVSA-2009:057 ] valgrind security (Feb 26)
- Golabi CMS Remote File Inclusion Vulnerability rezazahfaran (Feb 26)
- [SECURITY] [DSA 1727-1] New proftpd-dfsg packages fix SQL injection vulnerabilites Steffen Joeris (Feb 26)
- [ MDVSA-2009:056 ] net-snmp security (Feb 26)
- <Possible follow-ups>
- [ MDVSA-2009:056 ] net-snmp security (Feb 26)
- [DSECRG-09-009] APC PowerChute Network Shutdown's Web Interface - XSS vulnerability Digital Security Research Group (Feb 26)
- Re: [DSECRG-09-009] APC PowerChute Network Shutdown's Web Interface - XSS vulnerability Vladimir '3APA3A' Dubrovin (Feb 26)
- Re: [DSECRG-09-009] APC PowerChute Network Shutdown's Web Interface - XSS vulnerability Ansgar Wiechers (Feb 26)
- Re[2]: [DSECRG-09-009] APC PowerChute Network Shutdown's Web Interface - XSS vulnerability Vladimir '3APA3A' Dubrovin (Feb 27)
- Re[2]: [DSECRG-09-009] APC PowerChute Network Shutdown's Web Interface - XSS vulnerability Alexandr Polyakov (Feb 27)
- Re: [DSECRG-09-009] APC PowerChute Network Shutdown's Web Interface - XSS vulnerability Ansgar Wiechers (Feb 26)
- Re: [DSECRG-09-009] APC PowerChute Network Shutdown's Web Interface - XSS vulnerability Vladimir '3APA3A' Dubrovin (Feb 26)
- [USN-724-1] Squid vulnerability Jamie Strandboge (Feb 26)
- [SECURITY] CVE-2008-4308: Tomcat information disclosure vulnerability Mark Thomas (Feb 26)
- [security bulletin] HPSBGN02410 SSRT080135 rev.1 - HP Virtual Rooms Client Running on Windows, Remote Execution of Arbitrary Code security-alert (Feb 26)
- [ MDVSA-2009:048-2 ] epiphany security (Feb 26)
- [ MDVSA-2009:026-1 ] phpMyAdmin security (Feb 26)
- BitDefender Internet Security XSS jplopezy (Feb 26)
- <Possible follow-ups>
- Re: BitDefender Internet Security XSS rbedy (Feb 27)
- ANNOUNCE: RFIDIOt-0.1x release - February 2009 Adam Laurie (Feb 26)
- Re: New site about security conferences : www.security-briefings.com John (Feb 26)
- VMSA-2009-0003 ESX 2.5.5 patch 12 updates service console package ed VMware Security team (Feb 27)
- djbdns misformats some long response packets; patch and example attack Matthew Dempsky (Feb 27)
- [ MDVSA-2009:058 ] wireshark security (Feb 27)
- Drupal Local File Inclusion Vulnerability (Windows) Bogdan Calin (Feb 27)
- Hex Workshop <= v6 (.hex) File Local Code xhakerman2008 (Feb 27)
- HTC Touch vCard over IP Denial of Service PoC Code Mobile Security Lab (Feb 27)
- [SECURITY] [DSA 1728-1] New dkim-milter packages fix denial of service Florian Weimer (Feb 27)
- On the implementation of TCP urgent data (IETF Internet Draft) Fernando Gont (Feb 27)
- POP Peeper 3.4.0.0 UIDL Remote Buffer Overflow Vulnerability Krakow Labs (Feb 27)