Bugtraq: by date
RSS Feed
About List
All Lists
Previous period
289 messages
starting Mar 02 09 and
ending Mar 31 09
Date index |
Thread index |
Author index
Monday, 02 March
[SECURITY] [DSA 1719-2] New GNUTLS packages fix regression Florian Weimer
Weekly Web Hacking Incidents update for Feb 25th Ofer Shezaf
Re: djbdns misformats some long response packets; patch and example attack Matthew Dempsky
Afian Document Manager Local File Inclusion contact
Re: Nokia N95-8 browser denial of service MustLive
YEKTA WEB Academic Web Tools CMS Multiple XSS mr . faghani
BlogMan 0.45 Multiple Vulnerabilities Salvatore "drosophila" Fresta
EZ-Blog Beta 1 Multiple SQL Injection Salvatore "drosophila" Fresta
Announcing Cap'r Mak'r kowsik
[CFP] FRHACK 2nd Call For Papers Jerome Athias
[security bulletin] HPSBUX02401 SSRT090005 rev.3 - HP-UX Running Apache Web Server Suite, Remote Denial of Service (DoS), Cross-site Scripting (XSS), Execution of Arbitrary Code, Cross-Site Request Forgery (CSRF) security-alert
[SECURITY] [DSA 1729-1] New gst-plugins-bad0.10 packages fix multiple vulnerabilities Steffen Joeris
rPSA-2009-0035-1 php php-cgi php-imap php-mcrypt php-mysql php-mysqli php-pgsql php-soap php-xsl php5 php5-cgi php5-imap php5-mcrypt php5-mysql php5-mysqli php5-pear php5-pgsql php5-soap php5-xsl rPath Update Announcements
[ISecAuditors Security Advisories] eXtplorer Remote Code Execution ISecAuditors Security Advisories
[SECURITY] [DSA 1730-1] New proftpd-dfsg packages fix SQL injection vulnerabilites Steffen Joeris
[ MDVSA-2009:062 ] shadow-utils security
Re: Re: Local vulnerability in suexec + FastCGI + PHP configurations security . 432
RitsBlog 0.4.2 (Authentication Bypass) SQL Injection Vulnerability / XSS Persistent Vulnerability Salvatore "drosophila" Fresta
Blogsa <= 1.0 Beta 3 XSS Vulnerability contact
[SECURITY] [DSA 1731-1] New ndiswrapper packages fix arbitrary code execution vulnerability Steffen Joeris
Tuesday, 03 March
[SECURITY] [DSA 1732-1] New squid3 packages fix denial of service Steffen Joeris
WARNING - CORRECT: BlindBlog 1.3.1 Multiple Vulnerabilities (SQL Inj - Auth Bypass - LFI) Salvatore "drosophila" Fresta
[ MDVSA-2009:063 ] eog security
Zabbix 1.6.2 Frontend Multiple Vulnerabilities ascii
[SECURITY] [DSA 1733-1] New vim packages fix multiple vulnerabilities Steffen Joeris
Secunia Research: Winamp CAF Processing Integer Overflow Vulnerability Secunia Research
Secunia Research: libsndfile CAF Processing Integer Overflow Vulnerability Secunia Research
BlindBlog 1.3.1 Multiple Vulnerabilities (SQL Inj - Auth Bypass - LFI) Salvatore "drosophila" Fresta
[USN-726-1] curl vulnerability Marc Deslauriers
[USN-727-1] network-manager-applet vulnerabilities Marc Deslauriers
[USN-727-2] NetworkManager vulnerability Marc Deslauriers
[ MDVSA-2009:064 ] imap security
NovaBoard <= 1.0.1 / XSS Vulnerability Jose Luis
Wednesday, 04 March
[USN-726-2] curl regression Marc Deslauriers
Cisco Security Advisory: Cisco 7600 Series Router Session Border Controller Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team
Thursday, 05 March
CelerBB 0.0.2 Multiple Vulnerabilities Salvatore "drosophila" Fresta
Re: djbdns misformats some long response packets; patch and example attack Matthew Dempsky
Re: iDefense COMRaider 'DeleteFile()' Method Arbitrary File Deletion Vulnerability iDefense Labs
SupportSoft DNA Editor Module (dnaedit.dll v6.9.2205) remote code execution exploit (IE6/7) nospam
libc:fts_*():multiple vendors, Denial-of-service cxib
ZDI-09-013: Mozilla Firefox XUL Linked Clones Double Free Vulnerability ZDI Disclosures
iDefense COMRaider, ActiveX controls, and browser configuration Steven M. Christey
[ MDVSA-2009:065 ] php4 security
[ MDVSA-2009:066 ] php security
Friday, 06 March
[USN-729-1] Python Crypto vulnerability Kees Cook
[USN-728-1] Firefox and Xulrunner vulnerabilities Jamie Strandboge
[USN-728-2] Firefox vulnerabilities Jamie Strandboge
[USN-728-3] Firefox vulnerabilities Jamie Strandboge
[ MDVSA-2009:067 ] libsndfile security
[USN-730-1] libpng vulnerabilities Jamie Strandboge
[Positive Technologies SA:2009-12] UMI.CMS Cross-Site Scripting vulnerability aanisimov
Wili-CMS 0.4.0 Multiple Vulnerabilities (Remote/Local File Inclusion - Authentication Bypass) Salvatore "drosophila" Fresta
Re: [Full-disclosure] Zabbix 1.6.2 Frontend Multiple Vulnerabilities Roberto Muñoz Fernandez
Re: iDefense COMRaider, ActiveX controls, and browser configuration Vladimir '3APA3A' Dubrovin
[SECURITY] CVE-2009-0781 XSS in Apache Tomcat examples web application Mark Thomas
DEFCON CTF Submissions are in, DC-16 video online! The Dark Tangent
WarVOX 1.0.0 Released H D Moore
[Positive Technologies SA:2009-13] TinX CMS 3.x SQL Injection Vulnerability aanisimov
[ MDVSA-2009:068 ] poppler security
[ GLSA 200903-01 ] Vinagre: User-assisted execution of arbitrary code Pierre-Yves Rofes
nForum 1.5 Multiple SQL Injection Salvatore "drosophila" Fresta
Monday, 09 March
[ GLSA 200903-02 ] ZNC: Privilege escalation Tobias Heinlein
[ GLSA 200903-03 ] Audacity: User-assisted execution of arbitrary code Tobias Heinlein
[ GLSA 200903-04 ] DevIL: User-assisted execution of arbitrary code Tobias Heinlein
[ MDVSA-2009:069 ] curl security
[ MDVSA-2009:068-1 ] poppler security
[ GLSA 200903-05 ] PDFjam: Multiple vulnerabilities Robert Buchholz
[ GLSA 200903-06 ] nfs-utils: Access restriction bypass Robert Buchholz
[ GLSA 200903-07 ] Samba: Data disclosure Robert Buchholz
[ GLSA 200903-08 ] gEDA: Insecure temporary file creation Robert Buchholz
[ GLSA 200903-09 ] OpenTTD: Execution of arbitrary code Robert Buchholz
phpCommunity 2 2.1.8 Multiple Vulnerabilities (SQL Injection / Directory Traversal / XSS) Salvatore "drosophila" Fresta
[ GLSA 200903-10 ] Irrlicht: User-assisted execution of arbitrary code Pierre-Yves Rofes
Re: Vulnerability CVE-2008-3671 - MyReview's vulnerability in the access control system alexchf . fyp
Re: Zabbix 1.6.2 Frontend Multiple Vulnerabilities Eygene Ryabinkin
Secunia Research: Foxit Reader JBIG2 Symbol Dictionary Processing Vulnerability Secunia Research
[ GLSA 200903-11 ] PyCrypto: Execution of arbitrary code Robert Buchholz
[ GLSA 200903-12 ] OptiPNG: User-assisted execution of arbitrary code Robert Buchholz
[ GLSA 200903-13 ] MPFR: Denial of Service Robert Buchholz
[ GLSA 200903-14 ] BIND: Incorrect signature verification Robert Buchholz
[ GLSA 200903-15 ] git: Multiple vulnerabilties Robert Buchholz
[ GLSA 200903-16 ] Epiphany: Untrusted search path Robert Buchholz
[ GLSA 200903-17 ] Real VNC: User-assisted execution of arbitrary code Robert Buchholz
[ GLSA 200903-18 ] Openswan: Insecure temporary file creation Robert Buchholz
[ GLSA 200903-19 ] Xerces-C++: Denial of Service Robert Buchholz
[ GLSA 200903-20 ] WebSVN: Multiple vulnerabilities Robert Buchholz
DDIVRT-2009-22 SMART Board Whiteboard Directory Traversal Vulnerability ddivulnalert
DDIVRT-2009-21 vBook Login Application Cross-site Scripting Vulnerability ddivulnalert
Belkin BullDog Plus UPS-Service Buffer Overflow Vulnerability Elazar Broad
Re: Vulnerability CVE-2008-3671 - MyReview's vulnerability in the access control system Julien Thomas
[ GLSA 200903-21 ] cURL: Arbitrary file access Tobias Heinlein
Re: [ GLSA 200903-18 ] Openswan: Insecure temporary file creation Paul Wouters
Foxit Reader Multiple Vulnerabilities (CORE-2009-0218) Core Security Technologies Advisories
Tuesday, 10 March
SEC Consult SA-20090305-1 :: IBM Director CIM Server Remote Denial of Service Vulnerability Bernhard Mueller
Re: [ GLSA 200903-18 ] Openswan: Insecure temporary file creation Robert Buchholz
SEC Consult SA-20090305-2 :: IBM Director CIM Server Local Privilege Escalation Vulnerability Bernhard Mueller
SEC Consult SA-20090305-0 :: NextApp Echo XML Injection Vulnerability Bernhard Mueller
Aryanic HighCMS and HighPortal multiple Vulnerabilities mr . faghani
[ GLSA 200903-22 ] Ganglia: Execution of arbitrary code Robert Buchholz
Multiple Vulnerabilities in iAntiVirus Carsten Eilers
[ MDVSA-2009:070 ] openoffice.org security
FINAL: Call for Papers on Cyber Warfare k g
Paper: Socket Capable Browser Plugins Result In Transparent Proxy Abuse robert
Addonics NAS Adapter Post-Auth DoS mcyr2
[USN-731-1] Apache vulnerabilities Marc Deslauriers
[USN-732-1] dash vulnerability Marc Deslauriers
AST-2009-002: Remote Crash Vulnerability in SIP channel driver Asterisk Security Team
[ECHO_ADV_104$2009] WeBid <= 0.7.3 RC9 Multiple Remote File Inclution Vulnerabilities vuln
[ MDVSA-2009:071 ] kernel security
[ISecAuditors Security Advisories] WordPress MU HTTP Header XSS Vulnerability ISecAuditors Security Advisories
[SECURITY] [DSA 1735-1] New znc packages fix privilege escalation Florian Weimer
Wednesday, 11 March
Sun Java System Communications Express [HTML Injection] sosoblood
[ GLSA 200903-24 ] Shadow: Privilege escalation Pierre-Yves Rofes
[ GLSA 200903-23 ] Adobe Flash Player: Multiple vulnerabilities Pierre-Yves Rofes
[SECURITY] [DSA 1736-1] New mahara packages fix cross-site scripting Steffen Joeris
[security bulletin] HPSBUX02411 SSRT080111 rev.1 - HP-UX Running Java, Remote Execution of Arbitrary Code and Other Vulnerabilities security-alert
[security bulletin] HPSBMA02412 SSRT080040 rev.1 - WMI Mapper for HP Systems Insight Manager Running on Windows, Remote Unauthorized Access to Data, Local Unauthorized Access security-alert
Re: Adobe Flash Player plug-in null pointer dereference and browser crash Matthew Dempsky
[SECURITY] [DSA 1738-1] New curl packages fix arbitrary file access Nico Golde
Cisco Security Advisory: Cisco Unified Communications Manager IP Phone Personal Address Book Synchronizer Privilege Escalation Vulnerability Cisco Systems Product Security Incident Response Team
Thursday, 12 March
TOORCAMP 2009 CALL FOR PARTICIPATION h1kari
TikiWiki 2.2 XSS Vulnerability in URI iliz-z
[ MDVSA-2009:072 ] perl-MDK-Common security
POP Peeper 3.4.0.0 Date Remote Buffer Overflow Vulnerability Krakow Labs
[ MDVSA-2009:073 ] sarg security
[USN-724-1] Squid vulnerability Jamie Strandboge
[SECURITY] [DSA 1737-1] New wesnoth packages fix several vulnerabilities Steffen Joeris
[ GLSA 200903-25 ] Courier Authentication Library: SQL Injection vulnerability Pierre-Yves Rofes
[ GLSA 200903-26 ] TMSNC: Execution of arbitrary code Robert Buchholz
Trellis Desk v1.0 XSS Vulnerability larry
Re: Adobe Flash Player plug-in null pointer dereference and browser crash Alex Legler
[ MDVSA-2009:074 ] libneon0.27 security
flv2mpeg4: Malformed parameters Denial of Service Anon
Re: Sun Java System Communications Express [HTML Injection] sosoblood
[security bulletin] HPSBMA02413 SSRT080040 rev.1 - HP WMI Mapper for Windows Server 2003 and Windows Server 2008 for Itanium-based Servers, Remote Unauthorized Access to Data, Local Unauthorized Access security-alert
[Suspected Spam][PT-2009-11] SlySoft Multiple Products ElbyCDIO.sys Denial of Service Valery Marchuk
[oCERT-2008-015] glib and glib-predecessor heap overflows Will Drewry
Friday, 13 March
rPSA-2009-0042-1 curl rPath Update Announcements
rPSA-2009-0041-1 dhclient dhcp libdhcp4client rPath Update Announcements
[ GLSA 200903-27 ] ProFTPD: Multiple vulnerabilities Pierre-Yves Rofes
rPSA-2009-0040-1 tshark wireshark rPath Update Announcements
Apple iTunes DAAP Messages Handling Denial of Service Vulnerability secresearch () fortinet com
rPSA-2009-0046-1 libpng rPath Update Announcements
Re: TikiWiki 2.2 XSS Vulnerability in URI danny
rPSA-2009-0045-1 glib rPath Update Announcements
GeoVision LiveAudio ActiveX Control GetAudioPlayingTime() remote freed-memory access exploit nospam
[Positive Technologies SA:2009-15] Living CMS Cross-Site Scripting vulnerability aanisimov
[Positive Technologies SA:2009-14] BLOG CMS Cross-Site Scripting vulnerability aanisimov
[Positive Technologies SA:2009-20] A.CMS Multiple Vulnerabilities aanisimov
[ MDVSA-2009:075 ] firefox security
[SECURITY] [DSA 1739-1] New mldonkey packages fix information disclosure Florian Weimer
Infopop UBB.Threads Admin Credentials via SQL Injection swhite
Monday, 16 March
[SECURITY] [DSA 1740-1] New yaws packages fix denial of service Steffen Joeris
[ MDVSA-2009:076 ] avahi security
[SECURITY] [DSA 1741-1] New psi packages fix denial of service Moritz Muehlenhoff
[ GLSA 200903-28 ] libpng: Multiple vulnerabilities Pierre-Yves Rofes
[Bkis-03-2009] Multiple Vulnerabilities found in Rapidleech rev.36 Bkis
rosoft media player local BOF exploit multi tagets maroc-anti-connexion
[Bkis-04-2009] GOM Encoder Heap-based Buffer Overflow Bkis
[SECURITY] [DSA 1742-1] New libsnd packages fix arbitrary code execution Nico Golde
NGENUITY-2009-005 OpenCart Order By Blind SQL Injection Adam Baldwin
reporting CVE rahimeh . khodadadi
Tuesday, 17 March
[USN-734-1] FFmpeg vulnerabilities Marc Deslauriers
[USN-738-1] GLib vulnerability Jamie Strandboge
[USN-733-1] evolution-data-server vulnerability Marc Deslauriers
CPANEL File Manager XSS Vulnerability rizki . wicaksono
[USN-736-1] GStreamer Good Plugins vulnerabilities Marc Deslauriers
[ GLSA 200903-29 ] BlueZ: Arbitrary code execution Pierre-Yves Rofes
HP Laserjet multiple models web management CSRF vulnerability & insecure default configuration Henri Lindberg
PHPRunner SQL Injection admin
[SECURITY] [DSA 1743-1] New libtk-img packages fix arbitrary code execution Steffen Joeris
[USN-735-1] GStreamer Base Plugins vulnerability Marc Deslauriers
[ GLSA 200903-30 ] Opera: Multiple vulnerabilities Tobias Heinlein
[USN-737-1] libsoup vulnerability Marc Deslauriers
[ECHO_ADV_107$2009] FubarForum <= 1.6 Critical File Disclosure Vulnerability vuln
[USN-739-1] Amarok vulnerabilities Marc Deslauriers
DEFCON London DC4420 March meeting - Thursday 19th March Major Malfunction
[ECHO_ADV_106$2009] FireAnt <= 1.3 Critical File Disclosure Vulnerability vuln
[ECHO_ADV_105$2009] chaozzDB <= 1.2 Critical File Disclosure Vulnerability vuln
[ GLSA 200903-31 ] libcdaudio: User-assisted execution of arbitrary code Pierre-Yves Rofes
Wednesday, 18 March
iDefense Security Advisory 03.17.09: Autonomy KeyView Word Perfect File Parsing Buffer Overflow Vulnerability iDefense Labs
Sitecore .NET 5.3.x - web service information disclosure security . assurance
Layered Defense Research Advisory: Format String Vulnerablity in Symantec PcAnywhere v10-12.5 dh
[USN-740-1] NSS vulnerability Jamie Strandboge
[SECURITY] [DSA 1744-1] New weechat packages fix denial of service Nico Golde
Re: iDefense Security Advisory 03.17.09: Autonomy KeyView Word Perfect File Parsing Buffer Overflow Vulnerability iDefense Labs
CDex v1.70b2 (.ogg) local buffer overflow exploit poc nospam
Thursday, 19 March
[ISecAuditors Security Advisories] ModSecurity < 2.5.9 remote Denial of Service (DoS) ISecAuditors Security Advisories
[ GLSA 200903-32 ] phpMyAdmin: Multiple vulnerabilities Pierre-Yves Rofes
Command Execution in Hannon Hill Cascade Server Elliot Kendall
[USN-742-1] JasPer vulnerabilities Marc Deslauriers
rPSA-2009-0050-1 ghostscript rPath Update Announcements
Slides from uCon Security Conference 2009 available online uCon Security Conference
Friday, 20 March
[ MDVSA-2009:060-1 ] nfs-utils security
[USN-741-1] Thunderbird vulnerabilities Jamie Strandboge
[SECURITY] [DSA 1745-1] New lcms packages fix arbitrary code execution Steffen Joeris
LittleCMS vulnerabilities (OpenJDK, Firefox, GIMP, etc. impacted) Chris Evans
[ GLSA 200903-33 ] FFmpeg: Multiple vulnerabilities Pierre-Yves Rofes
[security bulletin] HPSBMA02338 SSRT080024, SSRT080041 rev.3 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code, Denial of Service (DoS) security-alert
[SECURITY] [DSA 1746-1] New ghostscript packages fix arbitrary code execution Steffen Joeris
[SECURITY] [DSA 1747-1] New glib2.0 packages fix arbitrary code execution Steffen Joeris
Bs.Player <= 2.34 Build 980 (.bsl) local buffer overflow 0day exploit (seh) nospam
[SECURITY] [DSA 1748-1] New libsoup packages fix arbitrary code execution Steffen Joeris
[oCERT-2009-003] LittleCMS integer errors Andrea Barisani
[ GLSA 200903-34 ] Amarok: User-assisted execution of arbitrary code Tobias Heinlein
Saturday, 21 March
[SECURITY] [DSA 1749-1] New Linux 2.6.26 packages fix several vulnerabilities dann frazier
Monday, 23 March
[SECURITY] [DSA 1751-1] New xulrunner packages fix several vulnerabilities Moritz Muehlenhoff
ExpressionEngine Persistent Cross-Site Scripting Adam Baldwin
Rittal CMC-TC Processing Unit II multiple vulnerabilities Henri Lindberg - Smilehouse Oy
[ MDVSA-2009:077 ] pam security
[SECURITY] [DSA 1750-1] New libpng packages fix several vulnerabilities Florian Weimer
FreeBSD Security Advisory FreeBSD-SA-09:06.ktimer FreeBSD Security Advisories
CORE-2009-0122: HP OpenView Buffer Overflows CORE Security Technologies Advisories
[SECURITY] [DSA 1752-1] New webcit packages fix potential remote code execution Florian Weimer
[ MDVSA-2009:078 ] evolution-data-server security
[ MDVSA-2009:079 ] postgresql security
[USN-743-1] Ghostscript vulnerabilities Marc Deslauriers
[USN-744-1] LittleCMS vulnerabilities Marc Deslauriers
Tuesday, 24 March
[ GLSA 200903-35 ] Muttprint: Insecure temporary file usage Pierre-Yves Rofes
[ GLSA 200903-36 ] MLDonkey: Information disclosure Pierre-Yves Rofes
[ GLSA 200903-37 ] Ghostscript: User-assisted execution of arbitrary code Pierre-Yves Rofes
[security bulletin] HPSBMA02416 SSRT090008 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code security-alert
PHPizabi v0.848b C1 HFP1 proc.inc.php remote privilege escalation (php.ini independent) nospam
ZDI-09-014: Adobe Acrobat getIcon() Stack Overflow Vulnerability ZDI Disclosures
[security bulletin] HPSBUX02409 SSRT080171 rev.1 - HP-UX Running VERITAS File System (VRTSvxfs) or VERITAS Oracle Disk Manager (VRTSodm), Local Escalation of Privilege security-alert
[SECURITY] [DSA 1753-1] End-of-life announcement for Iceweasel in oldstable Moritz Muehlenhoff
iDefense Security Advisory 03.24.09: Adobe Reader and Acrobat JBIG2 Encoded Stream Heap Overflow Vulnerability iDefense Labs
Wednesday, 25 March
[ GLSA 200903-38 ] Squid: Multiple Denial of Service vulnerabilities Pierre-Yves Rofes
Secunia Research: Adobe Reader JBIG2 Symbol Dictionary Buffer Overflow Secunia Research
[SECURITY] [DSA 1745-2] New lcms packages fix regression Steffen Joeris
Cisco Security Advisory: Cisco IOS Software Secure Copy Privilege Escalation Vulnerability Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco IOS cTCP Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco IOS Software Mobile IP and Mobile IPv6 Vulnerabilities Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco IOS Software Multiple Features Crafted TCP Sequence Vulnerability Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco IOS Software WebVPN and SSLVPN Vulnerabilities Cisco Systems Product Security Incident Response Team
Re: Secunia Research: Adobe Reader JBIG2 Symbol Dictionary Buffer Overflow Florian Weimer
Re: Secunia Research: Adobe Reader JBIG2 Symbol Dictionary Buffer Overflow Eric C. Lukens
Re[2]: Secunia Research: Adobe Reader JBIG2 Symbol Dictionary Buffer Overflow Vladimir '3APA3A' Dubrovin
[SECURITY] [DSA 1755-1] New systemtap packages fix local privilege escalation Moritz Muehlenhoff
CFP RAID 2009 Corrado Leita
Thursday, 26 March
[ GLSA 200903-39 ] pam_krb5: Privilege escalation Pierre-Yves Rofes
[Bkis-05-2009] PowerCHM Stack-based Buffer Overflow Bkis
Friday, 27 March
ICAP adaptation: missing data flow control to client side Martin Huter
iDefense Security Advisory 03.26.09: Sun Java Runtine Environment (JRE) Type1 Font Parsing Integer Signedness Vulnerability iDefense Labs
[USN-746-1] xine-lib vulnerability Marc Deslauriers
[USN-747-1] ICU vulnerability Marc Deslauriers
iDefense Security Advisory 03.26.09: Sun Java Web Start (JWS ) GIF Decoding Heap Corruption Vulnerability iDefense Labs
[ MDVSA-2009:080 ] glib2.0 security
[USN-748-1] OpenJDK vulnerabilities Kees Cook
Aurora Nutritive Analysis Module Multiple XSS Bugs NotHugs
Moodle: Sensitive File Disclosure Christian Eibl
iDefense Security Advisory 03.26.09: Sun Java Runtine Environment (JRE) GIF Decoding Heap Corruption Vulnerability iDefense Labs
iDefense Security Advisory 03.26.09: Sun Java Web Start (JWS ) PNG Decoding Integer Overflow Vulnerability iDefense Labs
iDefense Security Advisory 03.26.09: Sun Java Runtime Environment (JRE) Pack200 Decompression Integer Overflow Vulnerability iDefense Labs
Novell Netstorage Multiple Vulnerabilities Bugs NotHugs
Monday, 30 March
[USN-745-1] Firefox and Xulrunner vulnerabilities Jamie Strandboge
[SECURITY] [DSA 1756-1] New xulrunner packages fix multiple vulnerabilities Noah Meyerhans
[tool release] Watcher v1.0.0 - passive Web-app security testing and compliance auditing Chris Weber
[ GLSA 200903-40 ] Analog: Denial of Service Pierre-Yves Rofes
glFusion <= 1.1.2 COM_applyFilter()/order sql injection exploit nospam
[ MDVSA-2009:081 ] libsoup security
Check Point Firewall-1 PKI Web Service HTTP Header Remote Overflow Bugs NotHugs
[SECURITY] [DSA 1757-1] New auth2db packages fix SQL injection Steffen Joeris
CVE-2009-0790: ISAKMP DPD Remote Vulnerability with Openswan & Strongswan IPsec Paul Wouters
Positron Security Advisory #2009-000: Multiple Vulnerabilities in MapServer v5.2.1 and v4.10.3 Positron Security
[ MDVSA-2009:082 ] krb5 security
Family Connections 1.8.1 Multiple Remote Vulnerabilities Salvatore "drosophila" Fresta
DeepSec 2009 - Call for Papers is open DeepSec Conference
[USN-749-1] libsndfile vulnerability Marc Deslauriers
Community CMS 0.5 Multiple SQL Injection Vulnerabilities Salvatore "drosophila" Fresta
Tuesday, 31 March
[ GLSA 200903-41 ] gedit: Untrusted search path Pierre-Yves Rofes
[SECURITY] [DSA 1758-1] New nss-ldapd packages fix information disclosure Moritz Muehlenhoff
ZDI-09-015: Mozilla Firefox XUL _moveToEdgeShift() Memory Corruption Vulnerability ZDI Disclosures
Zabbix Multiple Frontend CSRF (Password reset & command execution) Adam Baldwin
[ECHO_ADV_108$2009] JobHut <= 1.2 (pk) Remote Sql Injection Vulnerability vuln
[USN-750-1] OpenSSL vulnerability Jamie Strandboge
[SECURITY] [DSA 1759-1] New strongswan packages fix denial of service Steffen Joeris
[SECURITY] [DSA 1760-1] New openswan packages fix denial of service Steffen Joeris
Re: Family Connections 1.8.1 Multiple Remote Vulnerabilities r_haudenschilt
aspWebCalendar Free Edition bug joseph . giron13
Re: [ECHO_ADV_103$2009] taifajobs <= 1.0 (jobid) Remote SQL Injection Vulnerability tiha
Cisco ASA5520 Web VPN Host Header XSS Bugs NotHugs
[Positive Technologies SA 2009-09] Trend Micro Internet Security Pro 2009 tmactmon.sys Priviliege Escalation Vulnerabilities Valery Marchuk
webEdition 6.0.0.4 Local File Inclusion Salvatore "drosophila" Fresta
[DSECRG-09-013] IBM WebSphere Application Server 7.0 Multiple XSS Vulnerabilities DSecRG
[security bulletin] HPSBMA02416 SSRT090008 rev.2 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code security-alert
[DSECRG-09-016] SAP SAPDB Multiple XSS Alexandr Polyakov
[DSECRG-09-030] PrecisionID Datamatrix ActiveX control - Arbitrary File overwriting DSecRG
CORE-2009-0108: Multiple vulnerabilities in Sun Calendar Express Web Server CORE Security Technologies Advisories