Bugtraq: by author
RSS Feed
About List
All Lists
Previous period
296 messages
starting Apr 18 11 and
ending Apr 20 11
Date index |
Thread index |
Author index
abhijeet
Announcement: ClubHACK Magazine Issue 15-April 2011 released abhijeet (Apr 18)
[Annoucement] CHMag Call for Articles abhijeet (Apr 19)
ACM CCS 2011
[ACM CCS'11] Reminder: Deadline Approaching (May 6, 2011) ACM CCS 2011 (Apr 25)
ACROS Security Lists
Microsoft Patches Binary Planting Issues In Various Vendors' Products ACROS Security Lists (Apr 13)
Adam Laurie
Re: DC4420 - London DEFCON - April meet - Wednesday 20th April 2011 Adam Laurie (Apr 04)
advisory
HTB22928: Multiple SQL Injections in WebsiteBaker advisory (Apr 12)
HTB22955: Path disclosure in BuddyPress WordPress plugin advisory (Apr 26)
HTB22941: CSRF (Cross-Site Request Forgery) in Dalbum advisory (Apr 19)
HTB22958: XSS in phpGraphy advisory (Apr 28)
HTB22920: Path disclosure in Viscacha advisory (Apr 07)
HTB22950: SQL injection in 4images advisory (Apr 21)
HTB22915: Path disclosure in Joomla advisory (Apr 07)
HTB22937: Path disclosure in Universal Post Manager wordpress plugin advisory (Apr 19)
HTB22926: XSS vulnerability in Plogger advisory (Apr 12)
HTB22965: Multiple XSS vulnerabilities in BackupPC advisory (Apr 28)
HTB22945: Multiple XSS in ZENphoto advisory (Apr 21)
HTB22931: XSS vulnerability in InTerra Blog Machine advisory (Apr 19)
HTB22916: XSRF (CSRF) in phpCollab advisory (Apr 07)
HTB22935: Multiple XSS in WP-StarsRateBox wordpress plugin advisory (Apr 19)
HTB22956: XSS vulnerabilities in phpList advisory (Apr 26)
HTB22947: XSS in Ajax Category Dropdown wordpress plugin advisory (Apr 21)
HTB22929: Multiple Path disclosure in WebsiteBaker advisory (Apr 12)
HTB22919: Multiple XSS in Viscacha advisory (Apr 07)
HTB22930: Multiple XSS in WebCalendar advisory (Apr 12)
HTB22954: Path disclousure in yappa-ng Photo Gallery advisory (Apr 26)
HTB22961: XSS in WP Photo Album wordpress plugin advisory (Apr 28)
HTB22918: Path disclosure in phpCollab advisory (Apr 07)
HTB22949: Multiple Path disclousure in 4images advisory (Apr 21)
HTB22933: Multiple Path disclosure in webSPELL advisory (Apr 19)
HTB22957: XSRF (CSRF) in phpList advisory (Apr 26)
HTB22911: XSS in Eleanor CMS advisory (Apr 05)
HTB22913: Multiple CSRF (Cross-Site Request Forgery) in UseBB advisory (Apr 05)
HTB22922: XSS vulnerabilities in phpAlbum.net advisory (Apr 14)
HTB22943: XSS in Dalbum advisory (Apr 19)
HTB22932: Multiple XSS in webSPELL advisory (Apr 19)
HTB22939: Multiple SQL Injection in Universal Post Manager wordpress plugin advisory (Apr 19)
HTB22960: XSS in Daily Maui Photo Widget wordpress plugin advisory (Apr 28)
HTB22938: Multiple XSS in Universal Post Manager wordpress plugin advisory (Apr 19)
HTB22952: XSS vulnerabilities in Noah's Classifieds advisory (Apr 26)
HTB22914: Local File Inclusion in UseBB advisory (Apr 05)
HTB22924: Arbitrary Command Execution in phpAlbum.net advisory (Apr 14)
HTB22921: SQL Injection in Viscacha advisory (Apr 07)
HTB22951: XSS in WP-Ajax-Recent-Posts wordpress plugin advisory (Apr 26)
HTB22944: Path disclousure in ZENphoto advisory (Apr 21)
HTB22912: Multiple SQL Injections in Eleanor CMS advisory (Apr 05)
HTB22925: Path disclosure in Plogger advisory (Apr 12)
HTB22953: XSS in Max's PHP Photo Album advisory (Apr 26)
HTB22959: CSRF (Cross-Site Request Forgery) in phpGraphy advisory (Apr 28)
HTB22946: Multiple SQL Injection in Ajax Category Dropdown wordpress plugin advisory (Apr 21)
HTB22942: Path disclousure in Dalbum advisory (Apr 19)
HTB22934: SQL Injection in WP-StarsRateBox wordpress plugin advisory (Apr 19)
HTB22917: XSS vulnerabilities in phpCollab advisory (Apr 07)
HTB22927: CSRF (Cross-Site Request Forgery) in Webjaxe advisory (Apr 12)
HTB22923: XSRF (CSRF) in phpAlbum.net advisory (Apr 14)
HTB22940: XSS in SocialGrid wordpress plugin advisory (Apr 19)
HTB22948: Path disclosure in Cotonti advisory (Apr 26)
Alexandr Polyakov
[DSECRG-11-018] Kaspersky administration Kit - Remote code execution via SMBRelay Alexandr Polyakov (Apr 25)
astera
B-Sides Vienna | NinjaCon 11 Call For Participation astera (Apr 27)
Asterisk Security Team
AST-2011-005: File Descriptor Resource Exhaustion Asterisk Security Team (Apr 25)
AST-2011-006: Asterisk Manager User Shell Access Asterisk Security Team (Apr 25)
Auffret Patrice
RE: THOMSON Router XSS Auffret Patrice (Apr 15)
by_argos
Directory Traversal Vulnerability in 1024cms Admin Control Panel v1.1.0 Beta (Complete-Modules Package) by_argos (Apr 08)
XSS Vulnerability in 1024cms Admin Control Panel v1.1.0 Beta (Master-cPanel Package) by_argos (Apr 08)
LFI Vulnerability in 1024cms Admin Control Panel v1.1.0 Beta (Master-cPanel Package) by_argos (Apr 08)
Directory Traversal Vulnerability in Viola DVR VIO-4/1000 by_argos (Apr 20)
XSS Vulnerabilities in 1024cms Admin Control Panel v1.1.0 Beta by_argos (Apr 08)
LFI Vulnerability in 024cms Admin Control Panel v1.1.0 Beta (Complete-Modules Package) by_argos (Apr 08)
Arbitary File Upload Vulnerability in Elxis CMS component eForum v1.1 by_argos (Apr 11)
Carlos A. Lozano
CFP for BugCON 2011 @ Mexico City Carlos A. Lozano (Apr 12)
Christian Kujau
Re: HTB22945: Multiple XSS in ZENphoto Christian Kujau (Apr 25)
Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco Wireless LAN Controllers Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Apr 27)
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified Communications Manager Cisco Systems Product Security Incident Response Team (Apr 27)
Crash
[DCA-2011-0011] - Ocomon Multiple SQL Injection Crash (Apr 19)
EC-Council USA
Announcing TakeDownCon Dallas - May 14-19 - Dallas, TX EC-Council USA (Apr 13)
edgard . chammas
THOMSON Router XSS edgard . chammas (Apr 04)
eidelweiss
joomlacontenteditor (com_jce) BLIND sql injection vulnerability eidelweiss (Apr 08)
Flavio do Carmo Junior aka waKKu
[DCA-2011-0010] TOTVS Microsiga Protheus ERP - Memory Corruption Flavio do Carmo Junior aka waKKu (Apr 13)
Florian Weimer
[SECURITY] [DSA 2224-1] openjdk-6 security update Florian Weimer (Apr 21)
[SECURITY] [DSA 2220-1] Request Tracker security update Florian Weimer (Apr 20)
[SECURITY] [DSA 2223-1] doctrine security update Florian Weimer (Apr 20)
FreeBSD Security Advisories
FreeBSD Security Advisory FreeBSD-SA-11:01.mountd FreeBSD Security Advisories (Apr 21)
hack.lu 2011 information team
hack.lu 2011 CFP hack.lu 2011 information team (Apr 21)
Hanno Böck
O2 classic router: persistent cross site scripting (XSS) and cross site request forgery (CSRF) Hanno Böck (Apr 08)
phplist: cross site request forgery (CSRF), CVE-2011-0748 Hanno Böck (Apr 08)
Hashdays CFP
hashdays 2011 - Call for Papers (#days CFP) Hashdays CFP (Apr 28)
Henrik Størner
Xymon monitor cross-site scripting vulnerabilities Henrik Størner (Apr 04)
Henri Lindberg
nSense-2011-001: VeryPDF pdf2tif Henri Lindberg (Apr 13)
Henri Salo
Re: Xymon monitor cross-site scripting vulnerabilities Henri Salo (Apr 04)
hfortier
Recon 2011 - Accepted Talks , Training, Call For Papers Reminder - July 8 to 10, 2011 - Montreal, Quebec hfortier (Apr 14)
Jamie Strandboge
[USN-1114-1] KDENetwork vulnerability Jamie Strandboge (Apr 19)
[USN-1110-1] KDE-Libs vulnerabilities Jamie Strandboge (Apr 14)
Jann Horn
Does anyone know how to contact OpenSSH non-public? Jann Horn (Apr 18)
Javier Bassi
XSS in Webmin 1.540 + exploit for privilege escalation Javier Bassi (Apr 25)
J. Oquendo
Microsoft VISTA TCP/IP heap buffer underflow J. Oquendo (Apr 01)
jozsef . tiborcz
CFP: Hacktivity 2011, September 17-18, Budapest, Hungary jozsef . tiborcz (Apr 28)
Kees Cook
[USN-1116-1] Kerberos vulnerability Kees Cook (Apr 20)
[USN-1117-1] PolicyKit vulnerability Kees Cook (Apr 20)
[USN-1105-1] Linux kernel vulnerabilities Kees Cook (Apr 06)
[USN-1115-1] language-selector vulnerability Kees Cook (Apr 20)
[USN-1119-1] Linux kernel (OMAP4) vulnerabilities Kees Cook (Apr 21)
Kotas, Kevin J
CA20110426-01: Security Notice for CA Arcot WebFort Versatile Authentication Server Kotas, Kevin J (Apr 27)
CA20110413-01: Security Notice for CA Total Defense Kotas, Kevin J (Apr 14)
labs-no-reply
iDefense Security Advisory 04.12.11: Microsoft Internet Explorer Use-After-Free Memory Corruption Vulnerability labs-no-reply (Apr 13)
iDefense Security Advisory 03.31.10: RealNetworks Helix DNA Server RTSP Stack Buffer Overflow labs-no-reply (Apr 01)
iDefense Security Advisory 04.12.11: Microsoft Excel Memory Corruption Vulnerability labs-no-reply (Apr 13)
Lists
cPassMan v1.82 Arbitrary File Download - SOS-11-004 Lists (Apr 18)
Windows Synchronization Object Vulnerabilites in Antivirus Suites Lists (Apr 19)
Luigi Auriemma
Vulnerabilities in Microsoft Reader and HIS Luigi Auriemma (Apr 11)
Stack overflow in Microsoft HTML Help 6.1 (CHM files) Luigi Auriemma (Apr 12)
Major Malfunction
DC4420 - London DEFCON - April meet - Wednesday 22nd April 2011 Major Malfunction (Apr 04)
Re: DC4420 - London DEFCON - April meet - Wednesday 20th April 2011 Major Malfunction (Apr 18)
Marc Deslauriers
[USN-1118-1] OpenSLP vulnerability Marc Deslauriers (Apr 20)
[USN-1109-1] GIMP vulnerabilities Marc Deslauriers (Apr 13)
[USN-1108-2] DHCP vulnerability Marc Deslauriers (Apr 20)
[USN-1108-1] DHCP vulnerability Marc Deslauriers (Apr 12)
[USN-1125-1] PCSC-Lite vulnerability Marc Deslauriers (Apr 28)
[USN-1113-1] Postfix vulnerabilities Marc Deslauriers (Apr 18)
[USN-1124-1] rsync vulnerability Marc Deslauriers (Apr 27)
[USN-1107-1] x11-xserver-utils vulnerability Marc Deslauriers (Apr 06)
[USN-1103-1] tex-common vulnerability Marc Deslauriers (Apr 04)
[USN-1104-1] FFmpeg vulnerabilities Marc Deslauriers (Apr 04)
[USN-1102-1] tiff vulnerability Marc Deslauriers (Apr 04)
[USN-1120-1] tiff vulnerability Marc Deslauriers (Apr 21)
Marc Heuse
ICMPv6 Router Announcement flooding denial of service affecting multiple systems Marc Heuse (Apr 06)
Mark Thomas
[SECURITY] CVE-2011-1475 Apache Tomcat information disclosure Mark Thomas (Apr 06)
[SECURITY] CVE-2011-1183 Apache Tomcat security constraint bypass Mark Thomas (Apr 06)
md . r00t . defacer
StartSite.ir Cross-site Scripting Vulnerability md . r00t . defacer (Apr 05)
Micah Gersten
[USN-1106-1] NSS vulnerabilities Micah Gersten (Apr 06)
Michal Zalewski
WOOT '11 Call for Papers (reminder) Michal Zalewski (Apr 11)
mike
Stored and Reflective XSS in Yaws-Wiki 1.88-1 (Erlang) mike (Apr 04)
Miroslav Stampar
[Tool] sqlmap 0.9 released Miroslav Stampar (Apr 11)
Moritz Muehlenhoff
[SECURITY] [DSA 2221-1] Mojolicious security update Moritz Muehlenhoff (Apr 20)
[SECURITY] [DSA 2222-1] tinyproxy security update Moritz Muehlenhoff (Apr 20)
[SECURITY] [DSA 2211-1] vlc security update Moritz Muehlenhoff (Apr 07)
[SECURITY] [DSA 2226-1] libmodplug security update Moritz Muehlenhoff (Apr 27)
[SECURITY] [DSA 2225-1] asterisk security update Moritz Muehlenhoff (Apr 27)
[SECURITY] [DSA 2209-1] tgt security update Moritz Muehlenhoff (Apr 04)
Nelson Brito
[TOOL RELEASE] T50 - an Experimental Mixed Packet Injector ( v5.3) Nelson Brito (Apr 25)
Netsparker Advisories
XSS Vulnerability in Redmine 1.0.1 to 1.1.1 Netsparker Advisories (Apr 06)
Nico Golde
[SECURITY] [DSA 2216-1] isc-dhcp security update Nico Golde (Apr 11)
[SECURITY] [DSA 2213-1] x11-xserver-utils security update Nico Golde (Apr 11)
[SECURITY] [DSA 2218-1] vlc security update Nico Golde (Apr 12)
[SECURITY] [DSA 2217-1] dhcp3 security update Nico Golde (Apr 11)
[SECURITY] [DSA 2214-1] ikiwiki security update Nico Golde (Apr 11)
[SECURITY] [DSA 2212-1] tmux security update Nico Golde (Apr 08)
[SECURITY] [DSA 2215-1] gitolite security update Nico Golde (Apr 11)
nospam
RealNetworks RealGames StubbyUtil.ShellCtl.1 ActiveX Control (InstallerDlg.dll v2.6.0.445) Multiple Remote Commands Execution and Code Execution Vulnerabilities nospam (Apr 04)
RealNetworks RealGames StubbyUtil.ProcessMgr.1 ActiveX Control (InstallerDlg.dll v2.6.0.445) Multiple Remote Commands Execution Vulnerabilities nospam (Apr 04)
Re: ZDI-11-117: McAfee Firewall Reporter GeneralUtilities.pm isValidClient Authentication Bypass Vulnerability nospam (Apr 14)
Oliver Goebel
[IMF 2011] Call for Participation Oliver Goebel (Apr 12)
Onapsis Research Labs
[Onapsis Security Advisory 2011-003] SAP WebAS ITS Mobile Start Service Multiple Vulnerabilities Onapsis Research Labs (Apr 28)
[Onapsis Security Advisory 2011-008] Oracle JD Edwards JDENET CallObjectKernel Remote Command Execution Onapsis Research Labs (Apr 28)
[Onapsis Security Advisory 2011-004] SAP WebAS ITS Mobile Test Service Multiple Vulnerabilities Onapsis Research Labs (Apr 28)
[Onapsis Security Advisory 2011-007] Oracle JD Edwards JDENET Kernel Shutdown Onapsis Research Labs (Apr 28)
[Onapsis Security Advisory 2011-005] SAP Enterprise Portal Path Disclosure Onapsis Research Labs (Apr 28)
[Onapsis Security Advisory 2011-010] Oracle JD Edwards JDENET Remote Logging Deactivation Onapsis Research Labs (Apr 28)
[Onapsis Security Advisory 2011-012] Oracle JD Edwards JDENET Firewall Bypass Onapsis Research Labs (Apr 28)
[Onapsis Security Advisory 2011-013] Oracle JD Edwards JDENET USRBROADCAST Denial of Service Onapsis Research Labs (Apr 28)
[Onapsis Security Advisory 2011-011] Oracle JD Edwards JDENET Buffer Overflow Onapsis Research Labs (Apr 28)
[Onapsis Security Advisory 2011-006] Oracle JD Edwards JDENET Kernel Denial of Service Onapsis Research Labs (Apr 28)
[Onapsis Security Advisory 2011-009] Oracle JD Edwards JDENET SawKernel Remote Password Disclosure Onapsis Research Labs (Apr 28)
Per Thorsheim
Passwords^11 - Call for Papers ending April 17! Per Thorsheim (Apr 11)
psiinon
The BodgeIt Store - another vulnerable web app psiinon (Apr 14)
rafdw
Linksys WRT54G - read router password from file placed on FTP rafdw (Apr 11)
Research@NGSSecure
NGS00068 Patch Notification: LibAVCodec AMV Out of Array Write Research@NGSSecure (Apr 27)
Rico Secada
Re: Does anyone know how to contact OpenSSH non-public? Rico Secada (Apr 18)
robkraus
Sonexis ConferenceManager Multiple Cross-site Scripting (XSS) Vulnerabilities robkraus (Apr 06)
Sonexis ConferenceManager SQL Injection robkraus (Apr 06)
rPath Update Announcements
rPSA-2011-0014-1 httpd mod_ssl rPath Update Announcements (Apr 11)
rPSA-2011-0013-1 openssl openssl-scripts rPath Update Announcements (Apr 11)
SEC Consult Vulnerability Lab
SEC Consult SA-20110407-0 :: Libmodplug ReadS3M Stack Overflow SEC Consult Vulnerability Lab (Apr 07)
SecPod Research
AT-TFTP Server Remote Denial of Service Vulnerability SecPod Research (Apr 25)
AR Web Content Manager (AWCM) Cross-Site scripting Vulnerability SecPod Research (Apr 01)
security
[ MDVSA-2011:069 ] php security (Apr 08)
[ MDVSA-2011:062 ] ffmpeg security (Apr 04)
[ MDVSA-2011:072 ] gwenhywfar security (Apr 08)
[ MDVSA-2011:061 ] ffmpeg security (Apr 04)
[ MDVSA-2011:077 ] krb5 security (Apr 25)
[ MDVSA-2011:070 ] gdm security (Apr 08)
[ MDVSA-2011:059 ] ffmpeg security (Apr 01)
[ MDVSA-2011:063 ] xmlsec1 security (Apr 04)
[ MDVSA-2011:071 ] kdelibs4 security (Apr 08)
[ MDVSA-2011:073 ] dhcp security (Apr 11)
[ MDVSA-2011:074 ] qt4 security (Apr 13)
[ MDVSA-2011:075 ] kdelibs4 security (Apr 20)
[ MDVSA-2011:058 ] quagga security (Apr 01)
[ MDVSA-2011:057 ] apache security (Apr 01)
[ MDVSA-2011:078 ] libtiff security (Apr 25)
[ MDVSA-2011:064 ] libtiff security (Apr 04)
[ MDVSA-2011:060 ] ffmpeg security (Apr 04)
[ MDVSA-2011:066 ] rsync security (Apr 06)
[ MDVSA-2011:065 ] logrotate security (Apr 05)
[ MDVSA-2011:076 ] xrdb security (Apr 21)
Security_Alert
ESA-2011-014: RSA, The Security Division of EMC, announces the release of Adaptive Authentication (On-Premise) Flash File Security Patch Security_Alert (Apr 18)
ESA-2011-015: RSA, The Security Division of EMC, announces a fix for a security vulnerability in RSA Data Loss Prevention Security_Alert (Apr 29)
ESA-2011-013: EMC NetWorker arbitrary code execution with elevated privileges vulnerability Security_Alert (Apr 18)
security-alert
[security bulletin] HPSBUX02639 SSRT100293 rev.1 - HP-UX Running XNTP, Remote Denial of Service (DoS) security-alert (Apr 01)
[security bulletin] HPSBMA02659 SSRT100440 rev.1 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Access security-alert (Apr 19)
[security bulletin] HPSBMA02660 SSRT100433 rev.1 - HP Performance Insight Running on HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Access to Sensitive Information security-alert (Apr 20)
[security bulletin] HPSBUX02655 SSRT100353 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS) security-alert (Apr 13)
[security bulletin] HPSBMA02667 SSRT100464 rev.2 - HP SiteScope, Cross Site Scripting (XSS) and HTML Injection security-alert (Apr 27)
[security bulletin] HPSBUX02645 SSRT100387 rev.1 - HP-UX Apache Web Server, Remote Information Disclosure, Cross-Site Scripting (XSS), Denial of Service (DoS) security-alert (Apr 01)
[security bulletin] HPSBPI02656 SSRT090262 rev.1 - Certain HP Photosmart Printers, Remote Unauthorized Access, Cross Site Scripting (XSS) security-alert (Apr 12)
[security bulletin] HPSBMA02643 SSRT100416 rev.2 - HP Network Node Manager i (NNMi), Local Unauthorized Read Access to Files, Remote Cross Site Scripting (XSS) security-alert (Apr 13)
[security bulletin] HPSBMA02652 SSRT100432 rev.2 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Information Disclosure security-alert (Apr 05)
[security bulletin] HPSBMA02668 SSRT100474 rev.1 - HP OpenView Storage Data Protector, Remote Execution of Arbitrary Code security-alert (Apr 29)
[security bulletin] HPSBUX02653 SSRT100310 rev.1 - HP-UX Running NFS/ONCplus, Remote Denial of Service (DoS) security-alert (Apr 13)
[security bulletin] HPSBMA02667 SSRT100464 rev.1 - HP SiteScope, Cross Site Scripting (XSS) and HTML Injection security-alert (Apr 25)
[security bulletin] HPSBMA02664 SSRT100417 rev.1 - HP Insight Control Performance Management for Windows, Remote Privilege Elevation, Cross Site Request Forgery (CSRF) security-alert (Apr 21)
[security bulletin] HPSBUX02642 SSRT100415 rev.1 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows running Java, Remote Denial of Service (DoS) security-alert (Apr 13)
[security bulletin] HPSBMA02662 SSRT100409 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Unauthorized Access, Execution of Arbitrary Code, Denial of Service (DoS) security-alert (Apr 20)
[security bulletin] HPSBMA02666 SSRT100434 rev.1 - HP Network Automation Running on Linux, Solaris, and Windows, Remote Information Disclosure security-alert (Apr 25)
[security bulletin] HPSBMA02652 SSRT100432 rev.3 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Information Disclosure security-alert (Apr 14)
[security bulletin] HPSBMA02658 SSRT100413 rev.1 - Insight Control for Linux (IC-Linux), Remote Unauthorized Elevation of Privilege, Execution of Arbitrary Code, Encryption Downgrade, Information Disclosure, Denial of Service (DoS) security-alert (Apr 20)
[security bulletin] HPSBUX02646 SSRT100396 rev.1 - HP-UX, Local Denial of Service (DoS) security-alert (Apr 01)
[security bulletin] HPSBMA02665 SSRT100185 rev.1 - HP Virtual Server Environment for Windows, Remote Privilege Elevation security-alert (Apr 21)
[security bulletin] HPSBMA02650 SSRT100429 rev.1 - HP Operations for UNIX, Remote Cross Site Scripting (XSS), Unauthorized Access security-alert (Apr 01)
[security bulletin] HPSBMA02654 SSRT100441 rev.1 - HP OpenView Storage Data Protector, Remote Execution of Arbitrary Code security-alert (Apr 27)
[security bulletin] HPSBMA02661 SSRT100408 rev.1 - HP Proliant Support Pack (PSP) Running on Linux and Windows, Remote Cross Site Scripting (XSS), URL Redirection, Information Disclosure security-alert (Apr 20)
[security bulletin] HPSBMA02663 SSRT100428 rev.1 - HP Systems Insight Manager (SIM) for HP-UX, Linux, and Windows, Remote Cross Site Scripting (XSS), Cross Site Request Forgery (CSRF), Execution of Arbitrary Code, Denial of Service (DoS) security-alert (Apr 20)
security curmudgeon
Re: HTB22827: File Content Disclosure in Wikipad security curmudgeon (Apr 29)
Re: SQL Injection in phpMySport security curmudgeon (Apr 26)
Re: Multiple vulnerabilities in chCounter <= 3.1.3 security curmudgeon (Apr 06)
Re: SQL Injection in LightNEasy security curmudgeon (Apr 19)
Re: XSS in CompactCMS security curmudgeon (Apr 06)
Re: Stored XSS vulnerability in diafan.CMS security curmudgeon (Apr 27)
Re: XSRF (CSRF) in Wolf CMS security curmudgeon (Apr 11)
Re: SQL Injection in LightNEasy security curmudgeon (Apr 19)
Re: AWCM v2.2 Auth Bypass Vulnerabilities security curmudgeon (Apr 06)
Re: [eVuln.com] Cookie Auth Bypass in Hot Links SQL security curmudgeon (Apr 06)
Re: RFI in JAF CMS security curmudgeon (Apr 04)
Solar Designer
6-year FreeBSD-SA-05:02.sendfile exploit Solar Designer (Apr 01)
Stephen Brandon
Re: joomlacontenteditor (com_jce) BLIND sql injection vulnerability Stephen Brandon (Apr 13)
Steve Beattie
[USN-1126-1] PHP vulnerabilities Steve Beattie (Apr 29)
Tavis Ormandy
BSD derived RFC3173 IPComp encapsulation will expand arbitrarily nested payload Tavis Ormandy (Apr 01)
Thijs Kinkhorst
[SECURITY] [DSA 2210-1] tiff security update Thijs Kinkhorst (Apr 04)
[SECURITY] [DSA 2219-1] xmlsec1 security update Thijs Kinkhorst (Apr 19)
Thor (Hammer of God)
RE: [Full-disclosure] Microsoft VISTA TCP/IP heap buffer underflow Thor (Hammer of God) (Apr 01)
Tim Brown
Re: [Full-disclosure] Medium severity flaw in Konqueror Tim Brown (Apr 12)
Medium severity flaw in Konqueror Tim Brown (Apr 12)
Timo Warns
[PRE-SA-2011-03] Denial-of-service vulnerability in EFI partition handling code of the Linux kernel Timo Warns (Apr 13)
Tom Yu
MITKRB5-SA-2011-004 kadmind invalid pointer free() [CVE-2011-0285] Tom Yu (Apr 13)
Vincent Danen
Re: [Full-disclosure] Medium severity flaw in Konqueror Vincent Danen (Apr 12)
Vladimir '3APA3A' Dubrovin
Re: [DSECRG-11-018] Kaspersky administration Kit - Remote code execution via SMBRelay Vladimir '3APA3A' Dubrovin (Apr 26)
VMware Security Team
VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console VMware Security Team (Apr 28)
VUPEN Security Research
VUPEN Security Research - Microsoft Internet Explorer Layouts Use-after-free Vulnerability (CVE-2011-0094) VUPEN Security Research (Apr 15)
VUPEN Security Research - Microsoft Internet Explorer Property Change Memory Corruption (CVE-2011-1345) VUPEN Security Research (Apr 15)
VUPEN Security Research - Microsoft Office Excel Real Time Data Stack Overwrite Vulnerability (CVE-2011-0105) VUPEN Security Research (Apr 15)
VUPEN Security Research - Microsoft Windows OpenType CFF Driver Stack Overflow Vulnerability (CVE-2011-0034) VUPEN Security Research (Apr 15)
VUPEN Security Research - Apple Safari Text Nodes Remote Use-after-free Vulnerability (CVE-2011-1344) VUPEN Security Research (Apr 15)
VUPEN Security Research - Microsoft Windows GDI+ Size Handling Integer Overflow Vulnerability VUPEN Security Research (Apr 13)
VUPEN Security Research - Microsoft Office MSO Size Handling Integer Overflow Vulnerability VUPEN Security Research (Apr 13)
Williams, James K
CA20110420-01: Security Notice for CA SiteMinder Williams, James K (Apr 21)
CA20110420-02: Security Notice for CA Output Management Web Viewer Williams, James K (Apr 21)
xcon
XCon 2011 XFocus Information Security Conference Call for Paper xcon (Apr 04)
^Xecuti0N3r
Flag this message Windows Media player 11.0.5721.5145 Buffer overflow/DOS Exploit ^Xecuti0N3r (Apr 01)
Movie Player v4.82 0Day Buffer overflow/DOS Exploit ^Xecuti0N3r (Apr 01)
ZDI Disclosures
ZDI-11-137: Oracle Application Server Authentication Bypass Remote Code Execution Vulnerability ZDI Disclosures (Apr 20)
ZDI-11-119: (Pwn2Own) Microsoft Internet Explorer onPropertyChange Remote Code Execution Vulnerability ZDI Disclosures (Apr 13)
ZDI-11-150: HP Data Protector Backup Client Service omniiaputil Message Processing Remote Code Execution Vulnerability ZDI Disclosures (Apr 29)
ZDI-11-132: CA Total Defense Suite UNC Management Console DeleteReportLayout SQL Injection Vulnerability ZDI Disclosures (Apr 14)
ZDI-11-143: Cisco Unified CallManager xmldirectorylist.jsp SQL Injection Vulnerability ZDI Disclosures (Apr 28)
ZDI-11-121: Microsoft Office XP Data Validation Record Parsing Remote Code Execution Vulnerability ZDI Disclosures (Apr 13)
ZDI-11-127: CA Total Defense Suite UNCWS Web Service getDBConfigSettings Credential Disclosure Vulnerability ZDI Disclosures (Apr 14)
ZDI-11-147: HP Data Protector Backup Client Service EXEC_INTEGUTIL Remote Code Execution Vulnerability ZDI Disclosures (Apr 29)
ZDI-11-135: (Pwn2Own) WebKit WBR Tag Removal Remote Code Execution Vulnerability ZDI Disclosures (Apr 14)
ZDI-11-146: HP Data Protector Backup Client Service EXEC_SCRIPT Remote Code Execution Vulnerability ZDI Disclosures (Apr 29)
ZDI-11-144: HP Data Protector Backup Client Service EXEC_BAR Remote Code Execution Vulnerability ZDI Disclosures (Apr 29)
ZDI-11-130: CA Total Defense Suite UNC Management Console DeleteFilter SQL Injection Vulnerability ZDI Disclosures (Apr 14)
ZDI-11-120: Microsoft Office Excel RealTimeData Record Parsing Remote Code Execution Vulnerability ZDI Disclosures (Apr 13)
ZDI-11-126: CA Total Defense Suite Heartbeat Web Service Remote Code Execution Vulnerability ZDI Disclosures (Apr 14)
ZDI-11-129: CA Total Defense Suite UnassignAdminRoles Stored Procedure SQL Injection Vulnerability ZDI Disclosures (Apr 14)
ZDI-11-151: HP Data Protector Backup Client Service bm Message Processing Remote Code Execution Vulnerability ZDI Disclosures (Apr 29)
ZDI-11-134: CA Total Defense Suite UNC Management Console RegenerateReport SQL Injection Vulnerability ZDI Disclosures (Apr 14)
ZDI-11-125: Microsoft Office PowerPoint PersistDirectoryEntry Remote Code Execution Vulnerability ZDI Disclosures (Apr 13)
ZDI-11-138: Webkit Undefined DOM Prototype Attach Remote Code Execution Vulnerability ZDI Disclosures (Apr 20)
ZDI-11-149: HP Data Protector Backup Client Service HPFGConfig Remote Code Execution Vulnerability ZDI Disclosures (Apr 29)
ZDI-11-128: CA Total Defense Suite UnassignFunctionalUsers Stored Procedure SQL Injection Vulnerability ZDI Disclosures (Apr 14)
ZDI-11-116: Novell File Reporter Agent XML Parsing Remote Code Execution Vulnerability ZDI Disclosures (Apr 04)
ZDI-11-136: IBM Tivoli Directory Server ibmslapd.exe SASL Bind Request Remote Code Execution Vulnerability ZDI Disclosures (Apr 19)
ZDI-11-041: (0day) Multiple Browser Node Processing Stack Overflow Vulnerability ZDI Disclosures (Apr 04)
ZDI-11-152: HP Data Protector Backup Client Service GET_FILE Directory Traversal Vulnerability ZDI Disclosures (Apr 29)
ZDI-11-117: McAfee Firewall Reporter GeneralUtilities.pm isValidClient Authentication Bypass Vulnerability ZDI Disclosures (Apr 11)
ZDI-11-118: Novell ZENworks Asset Management Path Traversal File Overwrite Remote Code Execution Vulnerability ZDI Disclosures (Apr 11)
ZDI-11-124: Microsoft PowerPoint TimeColorBehaviorContainer Floating Point Record Remote Code Execution Vulnerability ZDI Disclosures (Apr 13)
ZDI-11-145: HP Data Protector Backup Client Service GET_FILE Remote Code Execution Vulnerability ZDI Disclosures (Apr 29)
ZDI-11-115: IBM solidDB solid.exe Authentication Bypass Remote Code Execution Vulnerability ZDI Disclosures (Apr 04)
ZDI-11-153: Embarcadero Interbase connect Request Parsing Remote Code Execution Vulnerability ZDI Disclosures (Apr 29)
ZDI-11-122: RealNetworks RealPlayer OpenURLInDefaultBrowser Remote Code Execution Vulnerability ZDI Disclosures (Apr 13)
ZDI-11-104: (Pwn2Own) Webkit CSS Text Element Count Remote Code Execution Vulnerability ZDI Disclosures (Apr 15)
ZDI-11-131: CA Total Defense Suite NonAssignedUserList Stored Procedure SQL Injection Vulnerability ZDI Disclosures (Apr 14)
ZDI-11-148: HP Data Protector Backup Client Service stutil Message Processing Remote Code Execution Vulnerability ZDI Disclosures (Apr 29)
ZDI-11-139: Webkit Anonymous Frame Remote Code Execution Vulnerability ZDI Disclosures (Apr 20)
ZDI-11-133: CA Total Defense Suite UNC Management Console DeleteReports SQL Injection Vulnerability ZDI Disclosures (Apr 14)
ZDI-11-123: Microsoft PowerPoint TimeCommandBehaviorContainer Remote Code Execution Vulnerability ZDI Disclosures (Apr 13)
ZDI-11-140: Webkit Detached Body Element Remote Code Execution Vulnerability ZDI Disclosures (Apr 20)