Bugtraq: by author
RSS Feed
About List
All Lists
Previous period
302 messages
starting May 29 09 and
ending May 12 09
Date index |
Thread index |
Author index
a
Re: PHP Nuke v.8.0 (referer) SQL Injection a (May 29)
abb () scanit be
Sun IDM Arbitrary Commands Execution Vulnerability abb () scanit be (May 12)
Aditya K Sood
[SecNiche WhitePaper ] - PDF Silent HTTP Form Repurposing Attacks Aditya K Sood (May 04)
Advisory - Gmail/Google Doc PDF Repurposing Integrated Attacks - Cookie Hijacking / Stealing Aditya K Sood (May 11)
Alex Keller
speaker Bill Blunden on Rootkits... Alex Keller (May 09)
Alex Legler
[ GLSA 200905-04 ] GnuTLS: Multiple vulnerabilities Alex Legler (May 25)
[ GLSA 200905-09 ] libsndfile: User-assisted execution of arbitrary code Alex Legler (May 27)
[ GLSA 200905-03 ] IPSec Tools: Denial of Service Alex Legler (May 25)
[ GLSA 200905-05 ] FreeType: Multiple vulnerabilities Alex Legler (May 25)
[ GLSA 200905-08 ] NTP: Remote execution of arbitrary code Alex Legler (May 26)
[ GLSA 200905-07 ] Pidgin: Multiple vulnerabilities Alex Legler (May 26)
Andrea Barisani
[oCERT-2009-004] AjaxTerm session id collision Andrea Barisani (May 11)
Andres Riancho
[TOOL] moth - vulnerable web application vmware Andres Riancho (May 07)
andrzej . targosz
CONFidence 2009 trainings andrzej . targosz (May 05)
Ansgar Wiechers
Re: Insufficient Authentication vulnerability in Asus notebook Ansgar Wiechers (May 14)
Re: Insufficient Authentication vulnerability in Asus notebook Ansgar Wiechers (May 19)
arulvadivel1
Re: POC & exploit for Apache mod_rewrite off-by-one arulvadivel1 (May 19)
ascii
FormMail 1.92 Multiple Vulnerabilities ascii (May 12)
Re: FormMail 1.92 Multiple Vulnerabilities ascii (May 13)
Ben Hawkes
DotNetNuke ErrorPage.aspx Cross-Site Scripting Vulnerability Ben Hawkes (May 22)
Benjilenoob
Durzosploit v0.1 alpha Benjilenoob (May 01)
Bernhard Mueller
SEC Consult SA-20090525-1 :: Nortel Contact Center Manager Server Password Disclosure Vulnerability Bernhard Mueller (May 26)
SEC Consult SA-20090525-0 :: Nortel Contact Center Manager Server Authentication Bypass Vulnerability Bernhard Mueller (May 26)
SEC Consult SA-20090525-2 :: SonicWALL Global Security Client Local Privilege Escalation Vulnerability Bernhard Mueller (May 26)
SEC Consult SA-20090525-4 :: SonicOS Format String Vulnerability Bernhard Mueller (May 26)
SEC Consult SA-20090525-3 :: SonicWALL Global VPN Client Local Privilege Escalation Vulnerability Bernhard Mueller (May 26)
Bkis
[Bkis-09-2009] XSS vulnerability in 'Monitor_Bandwidth' - PRTG Traffic Grapher Bkis (May 28)
[Bkis-08-2009] Microchip MPLAB IDE Buffer Overflow Vulnerability Bkis (May 11)
Bob Fiero
Re: Insufficient Authentication vulnerability in Asus notebook Bob Fiero (May 19)
Re: Insufficient Authentication vulnerability in Asus notebook Bob Fiero (May 14)
bugdigger
xcon2009 is coming bugdigger (May 12)
c3rb3r
Novell Groupwise fails to properly sanitize emails. c3rb3r (May 28)
Carlos Augusto
BugCON '09 has swine influenza!! Carlos Augusto (May 19)
Christopher Kruegel
Call For Papers – ACM CCS 2009 Workshops Christopher Kruegel (May 28)
Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: CiscoWorks TFTP Directory Traversal Vulnerability Cisco Systems Product Security Incident Response Team (May 20)
CORE Security Technologies Advisories
CORE-2009-0401 - StoneTrip S3DPlayers remote command injection CORE Security Technologies Advisories (May 28)
CORE-2009-0109 - Multiple XSS in Sun Communications Express CORE Security Technologies Advisories (May 20)
Daniel Hazelton
Re: Insufficient Authentication vulnerability in Asus notebook Daniel Hazelton (May 14)
dann frazier
[SECURITY] [DSA 1787-1] New Linux 2.6.24 packages fix several vulnerabilities dann frazier (May 04)
[SECURITY] [DSA 1800-1] New Linux 2.6.26 packages fix several vulnerabilities dann frazier (May 19)
[SECURITY] [DSA 1794-1] New Linux 2.6.18 packages fix several vulnerabilities dann frazier (May 07)
darkz . gsa
PHP Nuke v.8.0 (referer) SQL Injection darkz . gsa (May 27)
Claroline v.1.8.11 Cross-Site Scripting darkz . gsa (May 08)
Vanilla v.1.1.7 Cross-Site Scripting darkz . gsa (May 27)
Coppermine Photo Gallery 1.4.21 Cross-Site Scripting darkz . gsa (May 04)
David Cantrell
Re: FormMail 1.92 Multiple Vulnerabilities David Cantrell (May 13)
David Sánchez Martín
RE: Insufficient Authentication vulnerability in Acer notebooks David Sánchez Martín (May 11)
ddvulnalert
DDIVRT-2009-25 IPsession SQL Injection Vulnerability ddvulnalert (May 21)
Devin Carraway
[SECURITY] [DSA 1795-1] New ldns packages fix arbitrary code execution Devin Carraway (May 07)
Digital Security Research Group [DSecRG]
[DSECRG-09-034] Sun Glassfish Enterprise Server - Multiple Linked XSS vulnerabilies Digital Security Research Group [DSecRG] (May 05)
[DSECRG-09-038] Sun Glassfish Woodstock Project - Linked XSS Vulnerability Digital Security Research Group [DSecRG] (May 05)
dpo5003
Re: Insufficient Authentication vulnerability in Acer notebooks dpo5003 (May 12)
Dragos Ruiu
EUSecWest 2009 (May27/28) London Agenda and PacSec 2009 (Nov 4/5) Tokyo CFP deadline: June 1 2009 Dragos Ruiu (May 06)
Re: Five days left to find the oldest data loss incident Dragos Ruiu (May 11)
Elazar Broad
Re: Five days left to find the oldest data loss incident Elazar Broad (May 12)
Felipe M. Aragon
Syhunt: A-A-S (Application Access Server) Multiple Security Vulnerabilities Felipe M. Aragon (May 12)
Florian Weimer
[SECURITY] [DSA 1787-1] New quagga packages fix denial of service Florian Weimer (May 04)
Garrett M. Groff
Re: Insufficient Authentication vulnerability in Acer notebooks Garrett M. Groff (May 12)
hack.lu 2009 info
Call for Papers Hack.lu 2009 hack.lu 2009 info (May 04)
iDefense Labs
iDefense Security Advisory 05.14.09: Multiple Vendor Outside In Spreadsheet Buffer Overflow Vulnerability iDefense Labs (May 19)
iDefense Security Advisory 05.12.09: Microsoft PowerPoint 4.2 Conversion Filter Stack Buffer Overflow Vulnerability iDefense Labs (May 12)
iDefense Security Advisory 05.12.09: Microsoft PowerPoint 4.2 Conversion Filter Stack Overflow iDefense Labs (May 12)
iDefense Security Advisory 05.12.09: Microsoft PowerPoint Build List Memory Corruption Vulnerability iDefense Labs (May 13)
iDefense Security Advisory 05.12.09: Microsoft PowerPoint 4.2 Conversion Filter Heap Corruption Vulnerability iDefense Labs (May 12)
iDefense Security Advisory 05.12.09: Microsoft PowerPoint PPT 4.0 Importer Multiple Stack Buffer Overflow Vulnerabilities iDefense Labs (May 12)
iDefense Security Advisory 05.20.09: IBM AIX libc MALLOCDEBUG File Overwrite Vulnerability iDefense Labs (May 20)
iDefense Security Advisory 05.14.09: Apple Mac OS X xnu Kernel workqueue_additem/workqueue_removeitem Index Validation Vulnerability iDefense Labs (May 14)
iDefense Security Advisory 05.12.09: Microsoft PowerPoint PPT95 Import Multiple Stack Buffer Overflow Vulnerabilities iDefense Labs (May 12)
iDefense Security Advisory 05.14.09: Multiple Vendor Outside In Multiple Integer Overflow Vulnerabilities iDefense Labs (May 19)
iDefense Security Advisory 05.12.09: Microsoft PowerPoint PPT95 Import Multiple Stack Buffer Overflow Vulnerabilities iDefense Labs (May 12)
iDefense Security Advisory 05.14.09: Multiple Vendor Outside In Spreadsheet Integer Overflow Vulnerability iDefense Labs (May 19)
iDefense Security Advisory 05.14.09: Multiple Vendor Outside In Multiple Spreadsheet Buffer Overflow Vulnerabilities iDefense Labs (May 19)
iDefense Security Advisory 05.12.09: Microsoft PowerPoint Notes Container Heap Corruption Vulnerability iDefense Labs (May 13)
iDefense Security Advisory 05.12.09: Microsoft PowerPoint Integer Overflow Vulnerability iDefense Labs (May 13)
Inferno
Exploiting IE8 UTF-7 XSS Vulnerability using Local Redirection Inferno (May 12)
Universal XSS in all Google Services Inferno (May 09)
info
Namad Cms Remote File Download info (May 19)
maxcms2.0 creat new admin exploit info (May 13)
LxBlog info (May 22)
DMXReady Registration Manager Arbitrary File Upload Vulnerability info (May 20)
ChinaGames (CGAgent.dll) ActiveX Remote Code Execution Exploit info (May 25)
ecshop 2.6.2 info (May 28)
innate
about inactive account hijacking innate (May 02)
ipsdix
Pinnacle Studio 12 "Hollywood FX Compressed Archive" (.hfz) directory traversal vulnerability poc ipsdix (May 13)
Jacobo Avariento Gimeno
Vpopmail/QmailAdmin User's Quota Multiple Integer Overflows Jacobo Avariento Gimeno (May 08)
Jacques Copeau
“Cross-Site Scripting” vulnerability in MyBB 1.4.5 Jacques Copeau (May 04)
Survey: "MIME/Content-Type-Sniffing" Issues in Image Uploads in Forum Scripts Jacques Copeau (May 28)
Jakob Lell
Multiple vulnerabilities in several ATEN IP KVM Switches Jakob Lell (May 26)
Jamie Strandboge
[USN-777-1] Ntp vulnerabilities Jamie Strandboge (May 20)
[USN-770-1] ClamAV vulnerability Jamie Strandboge (May 05)
Jan van Niekerk
Backdoor in com_rsgallery2 gallery extension for joomla Jan van Niekerk (May 26)
Jared DeMott
Whitepaper Jared DeMott (May 29)
Jeremy Brown
Re: Insufficient Authentication vulnerability in Asus notebook Jeremy Brown (May 14)
Jim Harrison
RE: Insufficient Authentication vulnerability in Asus notebook Jim Harrison (May 19)
Jim Parkhurst
Re: Addendum : [TZO-26-2009] Firefox (all?) Denial of Service through unclamped loop (SVG) Jim Parkhurst (May 27)
jmoss
BH USA CFP closing next Tuesday jmoss (May 01)
Jonah Braun
Re: Backdoor in com_rsgallery2 gallery extension for joomla Jonah Braun (May 27)
Juha-Matti Laurio
Five days left to find the oldest data loss incident Juha-Matti Laurio (May 11)
Just1n T1mberlake
Re: Insufficient Authentication vulnerability in Asus notebook Just1n T1mberlake (May 19)
Kees Cook
[USN-776-1] KVM vulnerabilities Kees Cook (May 12)
[USN-775-1] Quagga vulnerability Kees Cook (May 12)
KF (lists)
Re: Insufficient Authentication vulnerability in Asus notebook KF (lists) (May 14)
kgconference
Conference on Cyber Warfare: registration open! kgconference (May 19)
LayerOne Call For Papers
LayerOne 2009 - Final Announcement LayerOne Call For Papers (May 04)
Luca.carettoni
HTTP Parameter Pollution Luca.carettoni (May 19)
Marc Deslauriers
[USN-773-1] Pango vulnerability Marc Deslauriers (May 07)
[USN-776-2] KVM regression Marc Deslauriers (May 13)
[USN-769-1] libwmf vulnerability Marc Deslauriers (May 04)
[USN-772-1] MPFR vulnerability Marc Deslauriers (May 07)
[USN-774-1] MoinMoin vulnerability Marc Deslauriers (May 11)
[USN-771-1] libmodplug vulnerabilities Marc Deslauriers (May 07)
Marc Schoenefeld
Hardening OSX against CVE-2008-5353 Marc Schoenefeld (May 25)
Mario Alejandro Vilas Jerez
WinAppDbg module v1.1 is out! Mario Alejandro Vilas Jerez (May 19)
mcyr2
Addonics NAS Adapter FTP Remote Denial of Service mcyr2 (May 01)
michael
Re: TinyWebGallery <= 1.7.6 LFI / Remote Code Execution Exploit michael (May 11)
Michael Scheidell
Re: Insufficient Authentication vulnerability in Asus notebook Michael Scheidell (May 14)
Michal Zalewski
Re: [Full-disclosure] [TZO-26-2009] Firefox (all?) Denial of Service through unclamped loop (SVG) Michal Zalewski (May 27)
Michelangelo Sidagni
W3af ninja training class in NYC Michelangelo Sidagni (May 27)
Mike Vasquez
Re: Insufficient Authentication vulnerability in Asus notebook Mike Vasquez (May 14)
Mike Wilson
RE: Insufficient Authentication vulnerability in Asus notebook Mike Wilson (May 14)
RE: Insufficient Authentication vulnerability in Asus notebook Mike Wilson (May 14)
militan . c7
Security Advisory: Banks in Australia militan . c7 (May 12)
Moritz Muehlenhoff
[SECURITY] [DSA 1797-1] New xulrunner packages fix several vulnerabilities Moritz Muehlenhoff (May 09)
[SECURITY] [DSA 1806-1] New cscope packages fix arbitrary code execution Moritz Muehlenhoff (May 25)
[SECURITY] [DSA 1805-1] New pidgin packages fix several vulnerabilities Moritz Muehlenhoff (May 22)
[SECURITY] [DSA 1799-1] New qemu packages fix several vulnerabilities Moritz Muehlenhoff (May 11)
[SECURITY] [DSA 1785-1] New wireshark packages fix several vulnerabilities Moritz Muehlenhoff (May 01)
MustLive
Insufficient Authentication vulnerability in Asus notebook MustLive (May 14)
Insufficient Authentication vulnerability in Acer notebooks MustLive (May 11)
Re: Insufficient Authentication vulnerability in Acer notebooks MustLive (May 19)
Re: Insufficient Authentication vulnerability in Acer notebooks MustLive (May 28)
nameless
Re: Insufficient Authentication vulnerability in Asus notebook nameless (May 14)
Re: Insufficient Authentication vulnerability in Asus notebook nameless (May 14)
Nam Nguyen
Re: Universal XSS in all Google Services Nam Nguyen (May 12)
naudefj
Re: FUD Forum < 2.7.1 PHP code injection vurnelability naudefj (May 25)
Nick FitzGerald
Re: Symantec Fax Viewer Control v10 (DCCFAXVW.DLL) remote buffer overflow exploit Nick FitzGerald (May 01)
Nico Golde
[SECURITY] [DSA 1784-1] New freetype packages fix arbitrary code execution Nico Golde (May 01)
[SECURITY] [DSA 1804-1] New ipsec-tools packages fix denial of service Nico Golde (May 20)
[SECURITY] [DSA 1796-1] New libwmf packages fix denial of service Nico Golde (May 07)
Niels Teusink
Grabit <= 1.7.2 beta 3 NZB file parsing stack overflow Niels Teusink (May 04)
Noah Meyerhans
[SECURITY] [DSA 1792-1] New drupal6 packages fix multiple vulnerabilities Noah Meyerhans (May 06)
[SECURITY] [DSA 1790-1] New xpdf packages fix multiple vulnerabilities Noah Meyerhans (May 05)
[SECURITY] [DSA 1793-1] New kdegraphics packages fix multiple vulnerabilities Noah Meyerhans (May 06)
nospam
COWON America jetCast 2.0.4.1109 (.mp3) local heap buffer overlow exploit nospam (May 26)
Bitweaver <= 2.6 /boards/boards_rss.php / saveFeed() remote code execution exploit nospam (May 12)
Oliver Goebel
[IMF 2009] 3rd Call - Deadline Extended Oliver Goebel (May 27)
Øystein Larsen
Re: Insufficient Authentication vulnerability in Acer notebooks Øystein Larsen (May 12)
Patrick Webster
SonicWALL SSL-VPN Appliance Format String Vulnerability Patrick Webster (May 29)
pen-test
Persistent XSS in Kayako Support Suite pen-test (May 06)
Pierre-Yves Rofes
[ GLSA 200905-06 ] acpid: Denial of Service Pierre-Yves Rofes (May 25)
[ GLSA 200905-02 ] Cscope: User-assisted execution of arbitrary code Pierre-Yves Rofes (May 25)
Piotr Bania
PAPER: Generic Unpacking of Self-modifying, Aggressive, Packed Binary Programs Piotr Bania (May 25)
PAPER: Dynamic Data Flow Analysis via Virtual Code Integration (aka The SpiderPig case) Piotr Bania (May 19)
publists
Armorlogic Profense Web Application Firewall 2.4 multiple vulnerabilities. publists (May 20)
RedTeam Pentesting GmbH
[RT-SA-2009-002] IceWarp WebMail Server: User-assisted Cross Site Scripting in RSS Feed Reader RedTeam Pentesting GmbH (May 05)
[RT-SA-2009-003] IceWarp WebMail Server: SQL Injection in Groupware Component RedTeam Pentesting GmbH (May 05)
[RT-SA-2009-004] IceWarp WebMail Server: Client-Side Specification of "Forgot Password" eMail Content RedTeam Pentesting GmbH (May 05)
[RT-SA-2009-001] IceWarp WebMail Server: Cross Site Scripting in Email View RedTeam Pentesting GmbH (May 05)
rembrandt
multiple vendor - PF NULL pointer dereference rembrandt (May 01)
Robert Buchholz
[ GLSA 200905-01 ] Asterisk: Multiple vulnerabilities Robert Buchholz (May 04)
robi
Re: MULTIPLE REMOTE SQL INJECTION VULNERABILITIES---MIM:InfiniX v1.2.003---> robi (May 14)
roland . gruber . extern
Serena Dimensions CM Desktop Client does not validate the server SSL certificate roland . gruber . extern (May 22)
romain
Re: [WEB SECURITY] [TOOL] moth - vulnerable web application vmware romain (May 08)
rPath Update Announcements
rPSA-2009-0095-1 tshark wireshark rPath Update Announcements (May 28)
rPSA-2009-0092-1 ntp ntp-utils rPath Update Announcements (May 28)
rPSA-2009-0084-1 kernel rPath Update Announcements (May 19)
rPSA-2009-0086-1 postgresql postgresql-contrib postgresql-server rPath Update Announcements (May 19)
rPSA-2009-0091-1 cyrus-sasl cyrus-sasl-server rPath Update Announcements (May 28)
Secunia Research
Secunia Research: Sun Solaris "sadmind" Integer Overflow Vulnerability Secunia Research (May 25)
Secunia Research: Garmin Communicator Plug-In Domain Locking Security Bypass Secunia Research (May 07)
Secunia Research: Microsoft PowerPoint Atom Parsing Buffer Overflows Secunia Research (May 12)
Secunia Research: Sun Solaris "sadmind" Buffer Overflow Vulnerability Secunia Research (May 25)
Secunia Research: IBM Tivoli Storage Manager Remote Agent Service Buffer Overflows Secunia Research (May 04)
security
[ MDVSA-2009:102 ] apache security (May 01)
[ MDVSA-2009:119 ] kernel security (May 19)
[ MDVSA-2009:121 ] lcms security (May 22)
[InterN0T] Achievo 1.3.4 - XSS Vulnerability security (May 28)
[ MDVSA-2009:110 ] squirrelmail security (May 13)
[ MDVSA-2009:122 ] squirrelmail security (May 25)
[InterN0T] AMember 3.1.7 - Multiple Vulnerabilities security (May 25)
[ MDVSA-2009:107 ] acpid security (May 07)
[ MDVSA-2009:103 ] udev security (May 01)
[ MDVSA-2009:115 ] phpMyAdmin security (May 19)
[ MDVSA-2009:120 ] openssl security (May 21)
n.runs-SA-2009.001 - OS X CFNetwork advisory security (May 19)
[ MDVSA-2009:123 ] opensc security (May 27)
[ MDVSA-2009:109 ] quagga security (May 11)
[ MDVSA-2009:116 ] gnutls security (May 19)
[ MDVSA-2009:108 ] zsh security (May 07)
[ MDVSA-2009:117 ] ntp security (May 19)
[ MDVSA-2009:112 ] ipsec-tools security (May 13)
[ MDVSA-2009:118 ] kernel security (May 19)
[ MDVSA-2009:111 ] firefox security (May 13)
Re: [InterN0T] Achievo 1.3.4 - XSS Vulnerability security (May 29)
[InterN0T] AdPeeps 8.5d1 - XSS and HTML Injection Vulnerabilities security (May 27)
Re: Re: [InterN0T] AMember 3.1.7 - Multiple Vulnerabilities security (May 29)
[ MDVSA-2009:106 ] libwmf security (May 06)
[ MDVSA-2009:111-1 ] firefox security (May 13)
[ MDVSA-2009:113 ] cyrus-sasl security (May 19)
[ MDVSA-2009:104 ] udev security (May 01)
[ MDVSA-2009:105 ] memcached security (May 04)
[ MDVSA-2009:114 ] ipsec-tools security (May 19)
security-alert
[security bulletin] HPSBUX02366 SSRT080120 rev.2 - HPUX Running useradd(1M), Local Unauthorized Access security-alert (May 08)
[security bulletin] HPSBPI02398 SSRT080166 rev.3 - Certain HP LaserJet Printers, HP Color LaserJet Printers, and HP Digital Senders, Remote Unauthorized Access to Files security-alert (May 20)
[security bulletin] HPSBUX02429 SSRT090058 rev.1 - HP-UX Running Java, Remote Execution of Arbitrary Code and Other Vulnerabilities security-alert (May 27)
[security bulletin] HPSBMA02426 SSRT090053 rev.1 - HP System Management Homepage (SMH) for Linux and Windows Running PHP and OpenSSL, Remote Cross Site Scripting (XSS), Unauthorized Access security-alert (May 19)
[security bulletin] HPSBMA02427 SSRT090069 rev.1 - HP Remote Graphics Software (RGS) Sender Running Easy Login, Remote Unauthorized Access security-alert (May 19)
[security bulletin] HPSBMA02374 SSRT080046 rev.2 - HP OpenView Network Node Manager (OV NNM), Remote Denial of Service (DoS) security-alert (May 04)
[security bulletin] HPSBMA02428 SSRT090048 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Cross Site Scripting (XSS) security-alert (May 19)
[security bulletin] HPSBMA02349 SSRT080043 rev.3 - HP OpenView Network Node Manager (OV NNM), Remote Unauthorized Access to Data security-alert (May 11)
[security bulletin] HPSBMA02425 SSRT080091 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code security-alert (May 04)
[security bulletin] HPSBMA02348 SSRT080033 rev.2 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code, Denial of Service (DoS) security-alert (May 11)
[security bulletin] HPSBMA02419 SSRT090060 rev.1 - Insight Control Suite For Linux (ICE-LX) Multiple Remote Vulnerabilities In Nagios security-alert (May 05)
[security bulletin] HPSBMA02417 SSRT090031 rev.1 - HP Data Protector Express and HP Data Protector Express Single Server Edition (SSE), Local Denial of Service (DoS), Execution of Arbitrary Code security-alert (May 14)
Shakacon
Shakacon Security Conference - Trainers and Speakers Finalized Shakacon (May 20)
SmOk3
Arcade Trade Script XSS SmOk3 (May 25)
srublev
(whitepaper) Microsoft WPAD Technology Weaknesses [PTResearch Team] srublev (May 29)
Stefan Frei
New Browser Security Paper: Why Silent Updates Boost Security Stefan Frei (May 06)
Steffen Joeris
[SECURITY] [DSA 1798-1] New pango1.0 packages fix arbitrary code execution Steffen Joeris (May 11)
[SECURITY] [DSA 1791-1] New moin packages fix cross-site scripting Steffen Joeris (May 06)
[SECURITY] [DSA 1786-1] New acpid packages fix denial of service Steffen Joeris (May 02)
Stephen Mullins
Re: The security tools list, new version with more than 200 new tools! Stephen Mullins (May 12)
Steve Friedl
New paper: Understanding Microsoft's KB971492 IIS WebDAV Vuln Steve Friedl (May 27)
Steve Quan
RE: Insufficient Authentication vulnerability in Asus notebook Steve Quan (May 14)
Steve Shockley
Re: [security bulletin] HPSBMA02426 SSRT090053 rev.1 - HP System Management Homepage (SMH) for Linux and Windows Running PHP and OpenSSL, Remote Cross Site Scripting (XSS), Unauthorized Access Steve Shockley (May 20)
support
Re: [InterN0T] AdPeeps 8.5d1 - XSS and HTML Injection Vulnerabilities support (May 29)
Susan Bradley
Re: Insufficient Authentication vulnerability in Asus notebook Susan Bradley (May 19)
Re: Insufficient Authentication vulnerability in Asus notebook Susan Bradley (May 14)
Re: Insufficient Authentication vulnerability in Acer notebooks Susan Bradley (May 28)
Re: Insufficient Authentication vulnerability in Asus notebook Susan Bradley (May 14)
Re: Insufficient Authentication vulnerability in Asus notebook Susan Bradley (May 14)
Re: Insufficient Authentication vulnerability in Acer notebooks Susan Bradley (May 20)
swhite
Novell GroupWise Web Access Multiple XSS swhite (May 21)
Tavis Ormandy
Re: [TZO-27-2009] Firefox Denial of Service (Keygen) Tavis Ormandy (May 28)
Thierry Zoller
[TZO-25-2009] Panda generic evasion (TAR) Thierry Zoller (May 22)
[TZO-23-2009] Avira antivir generic evasion of heuristics (for PDF) Thierry Zoller (May 19)
[TZO-28-2009] - Avira Antivir generic RAR,CAB,ZIP Thierry Zoller (May 29)
Fwd: [Full-disclosure] IIS6 + webdav and unicode rides again in 2009 Thierry Zoller (May 19)
Update: [TZO-15-2009] Aladdin eSafe generic bypass - Forced release Thierry Zoller (May 07)
[TZO-21-2009] Fprot CAB bypass / evasion Thierry Zoller (May 09)
[TZO-20-2009] AVG ZIP evasion / bypass Thierry Zoller (May 09)
Re[2]: [Full-disclosure] [TZO-26-2009] Firefox (all?) Denial of Service through unclamped loop (SVG) Thierry Zoller (May 27)
[TZO-26-2009] Firefox (all?) Denial of Service through unclamped loop (SVG) Thierry Zoller (May 26)
Changes : [TZO-17-2009]Trendmicro multiple bypass/evasions Thierry Zoller (May 09)
[TZO-18-2009] Mcafee multiple evasions/bypasses (RAR, ZIP) Thierry Zoller (May 01)
[TZO-22-2009] Bitdefender generic evasion of heuristics (for PDF) Thierry Zoller (May 19)
[TZO-24-2009] Panda generic evasion (CAB) Thierry Zoller (May 22)
Re[2]: [Full-disclosure] Addendum : [TZO-26-2009] Firefox (all?) Denial of Service through unclamped loop (SVG) Thierry Zoller (May 27)
Re[2]: [TZO-27-2009] Firefox Denial of Service (Keygen) Thierry Zoller (May 28)
[TZO-27-2009] Firefox Denial of Service (Keygen) Thierry Zoller (May 28)
Addendum : [TZO-26-2009] Firefox (all?) Denial of Service through unclamped loop (SVG) Thierry Zoller (May 27)
Thijs Kinkhorst
[SECURITY] [DSA 1802-1] New squirrelmail packages fix several vulnerabilities Thijs Kinkhorst (May 19)
[SECURITY] [DSA 1801-1] New ntp packages fix several vulnerabilities Thijs Kinkhorst (May 19)
[SECURITY] [DSA 1802-2] New squirrelmail packages correct incomplete fix Thijs Kinkhorst (May 22)
[SECURITY] [DSA 1803-1] New nsd packages fix denial of service Thijs Kinkhorst (May 20)
[SECURITY] [DSA 1789-1] New php5 packages fix several vulnerabilities Thijs Kinkhorst (May 04)
Thomas Sader
eggdrop/windrop remote crash vulnerability Thomas Sader (May 19)
TK147
Re: [InterN0T] AMember 3.1.7 - Multiple Vulnerabilities TK147 (May 28)
Tobias Klein
[TKADV2009-006] libsndfile/Winamp VOC Processing Heap Buffer Overflow Tobias Klein (May 19)
Tomas Kuliavas
Re: MULTIPLE REMOTE SQL INJECTION VULNERABILITIES---MIM:InfiniX v1.2.003---> Tomas Kuliavas (May 14)
travesti
TinyWebGallery <= 1.7.6 LFI / Remote Code Execution Exploit travesti (May 11)
Ulises2k
Re: Security tools list: First Version Ulises2k (May 01)
Vladimir '3APA3A' Dubrovin
Re[2]: Addendum : [TZO-26-2009] Firefox (all?) Denial of Service through unclamped loop (SVG) Vladimir '3APA3A' Dubrovin (May 27)
VMware Security team
VMSA-2009-0007 VMware Hosted products and ESX and ESXi patches resolve security issues VMware Security team (May 29)
vuln_research
NetDecision TFTP Server 4.2 TFTP Directory Traversal vuln_research (May 19)
VUPEN Security Research
Novell GroupWise Internet Agent Remote Buffer Overflow Vulnerabilities VUPEN Security Research (May 22)
WebAppSec
New WebApp security paper: Anti-fraud Image Solutions WebAppSec (May 01)
Will Drewry
[oCERT-2009-006] Android improper package verification when using shared uids Will Drewry (May 25)
[oCERT-2009-001] Pango integer overflow in heap allocation size calculations Will Drewry (May 07)
Williams, James K
CA20090429-01: CA ARCserve Backup Apache HTTP Server Multiple Vulnerabilities Williams, James K (May 01)
CA20090126-01: CA Anti-Virus Engine Detection Evasion Multiple Vulnerabilities [Updated] Williams, James K (May 12)
y3nh4ck3r
(GET var 'member') BLIND SQL INJECTION EXPLOIT --FAMILY CONNECTIONS <= v1.9 --> y3nh4ck3r (May 13)
MULTPLE REMOTE VULNERABILITIES --ProjectCMS v-1.1 Beta--> y3nh4ck3r (May 04)
MULTIPLE REMOTE VULNERABILITIES --Small Pirates v-2.1--> y3nh4ck3r (May 28)
MULTIPLE SQL INJECTION VULNERABILITIES --Joomla Component 'Boy Scout Advancement' <= v-0.3 (com_bsadv)--> y3nh4ck3r (May 25)
MULTIPLE REMOTE VULNERABILITIES --my-colex 1.4.2--> y3nh4ck3r (May 19)
(POST var 'rating') BLIND SQL INJECTION--microTopic v1 Initial Release--> y3nh4ck3r (May 11)
MULTIPLE SQL INJECTION VULNERABILITIES --Shutter v-0.1.1--> y3nh4ck3r (May 14)
MULTIPLE SQL INJECTION VULNERABILITIES --Flash Quiz Beta 2--> y3nh4ck3r (May 21)
MULTIPLE REMOTE VULNERABILITIES --MiniTwitter<=v0.3-Beta--> y3nh4ck3r (May 25)
MULTIPLE REMOTE VULNERABILITIES--TemaTres 1.0.3--> y3nh4ck3r (May 05)
SQL INJECTION VULNERABILITIES--ST-Gallery version 0.1 alpha--> y3nh4ck3r (May 07)
BLIND SQL INJECTION exploit (GET var 'AlbumID')--RTWebalbum 1.0.462--> y3nh4ck3r (May 08)
User options changer (SQLi) EXPLOIT --Bigace CMS -stable release- 2.5--> y3nh4ck3r (May 12)
BLIND SQL INJECTION--Leap CMS 0.1.4--> y3nh4ck3r (May 01)
MULTIPLE SQL INJECTION VULNERABILITIES --MiniTwitter v0.2-Beta--> y3nh4ck3r (May 01)
MULTIPLE REMOTE VULNERABILITIES --my-Gesuad 0.9.14--> y3nh4ck3r (May 19)
BLIND SQL INJECTION EXPLOIT--TemaTres 1.0.3--> y3nh4ck3r (May 05)
Re: Re: MULTIPLE REMOTE SQL INJECTION VULNERABILITIES---MIM:InfiniX v1.2.003---> y3nh4ck3r (May 14)
MULTIPLE CODE INJECTION VULNERABILITIES --TUENTI--SPAIN--> y3nh4ck3r (May 14)
INSECURE COOKIE HANDLING VULNERABILITIES --Dog Pedigree Online Database v1.0.1-Beta--> y3nh4ck3r (May 19)
(GET vars 'x' & 'y') ADMIN FUNCTION EXECUTION--Jorp v-1.3.05.09--> y3nh4ck3r (May 20)
USER OPTIONS CHANGER EXPLOIT --MiniTwitter v0.2-Beta+-> y3nh4ck3r (May 01)
(GET var 'id') BLIND SQL INJECTION EXPLOIT --Dog Pedigree Online Database v1.0.1-Beta --> y3nh4ck3r (May 19)
Ying
Re: The security tools list, new version with more than 200 new tools! Ying (May 12)
Re: The security tools list, new version with more than 200 new tools! Ying (May 13)
The security tools list, new version with more than 200 new tools! Ying (May 12)
ZDI Disclosures
ZDI-09-021: Apple QuickTime PICT Unspecified Tag Heap Overflow Vulnerability ZDI Disclosures (May 28)
ZDI-09-019: Microsoft Office PowerPoint OutlineTextRefAtom Parsing Memory Corruption Vulnerability ZDI Disclosures (May 12)
ZDI-09-023: Apple OS X ATSServer Compact Font Format Parsing Memory Corruption Vulnerability ZDI Disclosures (May 19)
ZDI-09-022: Apple Safari Malformed SVGList Parsing Code Execution Vulnerability ZDI Disclosures (May 19)
ZDI-09-020: Microsoft Office PowerPoint Notes Container Heap Overflow Vulnerability ZDI Disclosures (May 12)