Bugtraq: by author
RSS Feed
About List
All Lists
Previous period
184 messages
starting Jun 14 11 and
ending Jun 21 11
Date index |
Thread index |
Author index
abhijeet
[Annoucement] ClubHack Magazine - Call for Articles abhijeet (Jun 14)
[Announcement] ClubHACK Magazine Issue 17-June 2011 released abhijeet (Jun 09)
ACROS Security Lists
RE: [Full-disclosure] COM Server-Based Binary Planting Proof OfConcept ACROS Security Lists (Jun 02)
COM Server-Based Binary Planting Proof Of Concept ACROS Security Lists (Jun 02)
adam . baso
AppSec USA 2011 CFP Reminder, CTF Pre-Conference Challenge #2 adam . baso (Jun 06)
Last Day for AppSec USA 2011 CFP! adam . baso (Jun 14)
advisory
HTB23016: Kofax e-Transactions Sender Sendbox ActiveX Control Insecure Method advisory (Jun 22)
HTB23012: Gogago YouTube Video Converter ActiveX Control "Download()" Buffer Overflow Vulnerability advisory (Jun 15)
HTB22997: XSS in A Really Simple Chat (ARSC) advisory (Jun 01)
Ashampoo 3D CAD Professional 3 ActiveX control Insecure Method advisory (Jun 30)
HTB23010: Multiple XSS & Local File Inclusion in Free Simple CMS advisory (Jun 17)
HTB23008: Multiple XSS & CSRF (Cross-Site Request Forgery) in miniblog advisory (Jun 17)
HTB22999: Multiple SQL Injections in A Really Simple Chat (ARSC) advisory (Jun 01)
HTB23005: Multiple XSS in N-13 News advisory (Jun 18)
HTB23004: Multiple Vulnerabilities in e107 advisory (Jun 17)
HTB23015: Easewe FTP ActiveX Control Multiple Insecure Methods advisory (Jun 24)
Apple Product Security
APPLE-SA-2011-06-28-1 Java for Mac OS X 10.6 Update 5 Apple Product Security (Jun 29)
bede
Javascript Injection in Microsoft Lync 4.0.7577.0 bede (Jun 13)
Brad Hards
Re: Perfect PDF products distributed with vulnerable MSVC++ libraries Brad Hards (Jun 25)
Carsten Eilers
International PHP Conference - Call for Papers Carsten Eilers (Jun 02)
Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Default Credentials for root Account on the Cisco Media Experience Engine 5600 Cisco Systems Product Security Incident Response Team (Jun 01)
Cisco Security Advisory: Default Credentials Vulnerability in Cisco Network Registrar Cisco Systems Product Security Incident Response Team (Jun 01)
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified IP Phones 7900 Series Cisco Systems Product Security Incident Response Team (Jun 01)
Cisco Security Advisory: Multiple Vulnerabilities in Cisco AnyConnect Secure Mobility Client Cisco Systems Product Security Incident Response Team (Jun 01)
CORE Security Technologies Advisories
CORE-2011-0203 - MS HyperV Persistent DoS Vulnerability CORE Security Technologies Advisories (Jun 17)
CORE-2010-1021: IBM WebSphere Application Server Cross-Site Request Forgery CORE Security Technologies Advisories (Jun 18)
Dan Kaminsky
Re: [Full-disclosure] COM Server-Based Binary Planting ProofOfConcept Dan Kaminsky (Jun 03)
Re: [Full-disclosure] COM Server-Based Binary Planting Proof Of Concept Dan Kaminsky (Jun 02)
dann frazier
[SECURITY] [DSA 2264-1] linux-2.6 security update dann frazier (Jun 20)
Fernando Gont
Re: Ra-Guard evasion (new Internet-Drafts) Fernando Gont (Jun 01)
IPv6 RA-Guard evasion (and neighbor discovery monitoring) vulnerabilities Fernando Gont (Jun 01)
Florian Weimer
[SECURITY] [DSA 2265-1] perl security update Florian Weimer (Jun 20)
[SECURITY] [DSA 2259-1] rails security update Florian Weimer (Jun 18)
[SECURITY] [DSA 2263-1] movabletype-opensource security update Florian Weimer (Jun 17)
Fly, Kate
ZDI-11-179: Novell iPrint nipplib.dll iprint-client-config-info Remote Code Execution Vulnerability Fly, Kate (Jun 07)
Hafez Kamal
[HITB-Announce] HITB eZine Issue #006 Released! Hafez Kamal (Jun 13)
[HITB-Announce] HITB2011AMS Conference Materials & Photos Hafez Kamal (Jun 08)
Henri Salo
Re: HTB22943: XSS in Dalbum Henri Salo (Jun 13)
Re: [Full-disclosure] XSS Vulnerability in Redmine 1.0.1 to 1.1.1 Henri Salo (Jun 17)
info
myBloggie 2.1.6 SQL-Injection, Advanced INSERT INTO Injection technique info (Jun 18)
iPower N/A
EQDKP plus Cross Site Scripting and Bypass file extension iPower N/A (Jun 17)
Javier Bassi
Post Revolution 0.8.0c Multiple Remote Vulnerabilities Javier Bassi (Jun 01)
Jeffrey Walton
Re: Perfect PDF products distributed with vulnerable MSVC++ libraries Jeffrey Walton (Jun 29)
Jonathan Rose
AST-2011-007 Jonathan Rose (Jun 03)
justinzzhan
CFP: IEEE SocialCom11 /PASSAT11 justinzzhan (Jun 03)
IEEE SocialCom/PASSAT Call For Paper Deadline: June 15, 2011 justinzzhan (Jun 10)
Konrad Rieck
Call for Participation: DIMVA 2011 Konrad Rieck (Jun 10)
labs-no-reply
iDefense Security Advisory 06.14.11: Adobe Shockwave Cursor Asset tSAC Chunk Integer Overflow Vulnerability labs-no-reply (Jun 17)
iDefense Security Advisory 06.14.11: Adobe Shockwave 3D Asset DEMX Integer Overflow Vulnerability labs-no-reply (Jun 18)
iDefense Security Advisory 06.14.11: Adobe Shockwave Font Asset Heap Overflow Vulnerability labs-no-reply (Jun 17)
iDefense Security Advisory 06.14.11: Adobe Shockwave Lingo Script Opcodes Integer Signedness Vulnerability labs-no-reply (Jun 18)
iDefense Security Advisory 05.03.11: Tom Sawyer GET Extension Factory COM Object Instantiation Memory Corruption Vulnerability labs-no-reply (Jun 06)
iDefense Security Advisory 06.01.11: Cisco AnyConnect VPN Client Arbitrary Program Execution Vulnerability labs-no-reply (Jun 03)
Luciano Bello
[SECURITY] [DSA-2210-2] tiff security update Luciano Bello (Jun 29)
[SECURITY] [DSA 2254-1] oprofile security update Luciano Bello (Jun 06)
Luigi Auriemma
Multiple vulnerabilities in Winamp 5.61 Luigi Auriemma (Jun 30)
ma+bt
fetchmail security announcement fetchmail-SA-2011-01 (CVE-2011-1947) ma+bt (Jun 06)
mailinglists
phion netfence / Barracuda NG Firewall: Remote Command Execution with root Privileges mailinglists (Jun 13)
Major Malfunction
DC4420 - London DEFCON - June meet - Tuesday 21st June 2011 Major Malfunction (Jun 14)
Marc Heuse
Re: Ra-Guard evasion (new Internet-Drafts) Marc Heuse (Jun 01)
Michal Zalewski
Re: WOOT '11 Call for Papers (reminder) Michal Zalewski (Jun 17)
Mitja Kolsek
RE: [Full-disclosure] COM Server-Based Binary Planting ProofOfConcept Mitja Kolsek (Jun 02)
RE: [Full-disclosure] COM Server-Based Binary Planting ProofOfConcept Mitja Kolsek (Jun 03)
Re: [Full-disclosure] COM Server-Based Binary Planting ProofOfConcept Mitja Kolsek (Jun 03)
Moritz Muehlenhoff
[SECURITY] [DSA 2252-1] dovecot security update Moritz Muehlenhoff (Jun 03)
[SECURITY] [DSA 2262-1] moodle security update Moritz Muehlenhoff (Jun 18)
Nico Golde
[SECURITY] [DSA 2259-1] fex security update Nico Golde (Jun 13)
[SECURITY] [DSA 2257-1] vlc security update Nico Golde (Jun 10)
[SECURITY] [DSA 2250-1] citadel security update Nico Golde (Jun 01)
[SECURITY] [DSA 2258-1] kolab-cyrus-imapd security update Nico Golde (Jun 13)
[SECURITY] [DSA 2248-1] ejabberd security update Nico Golde (Jun 01)
[SECURITY] [DSA 2249-1] jabberd14 security update Nico Golde (Jun 01)
NNT Support
Resolved - NNT Change Tracker - Hard-Coded Encryption Key - Originally posted as http://seclists.org/fulldisclosure/2011/May/460 NNT Support (Jun 30)
nospam
WebSVN 2.3.2 Unproper Metacharacters Escaping exec() Remote Commands Injection Vulnerability nospam (Jun 03)
NSFOCUS Security Team
NSFOCUS SA2011-01 : Microsoft Internet Explorer Link Property Processing Memory Corruption Vulnerability NSFOCUS Security Team (Jun 17)
Patrick Webster
JFreeChart - Path Disclosure vulnerability Patrick Webster (Jun 17)
Squiz Matrix - Cross-Site Scripting Vulnerability Patrick Webster (Jun 06)
psiinon
OWASP Zed Attack Proxy version 1.3.0 psiinon (Jun 07)
Robert Gilbert
[CVE-ID REQUEST] vBulletin - Multiple Open Redirects Robert Gilbert (Jun 03)
roberto . paleari
Multiple vulnerabilities in several IP camera products roberto . paleari (Jun 08)
robkraus
PDFill Insecure Library Loading robkraus (Jun 09)
CodeMeter WebAdmin Cross-site Scripting (XSS) Vulnerability robkraus (Jun 01)
root
PopScript Multiple Vulnerabilities root (Jun 06)
security
[ MDVSA-2011:105 ] wireshark security (Jun 01)
[ MDVSA-2011:104 ] bind security (Jun 01)
[ MDVSA-2011:108 ] xerces-j2 security (Jun 13)
[ MDVSA-2011:106 ] subversion security (Jun 06)
[ MDVSA-2011:110 ] gimp security (Jun 17)
[ MDVSA-2011:109 ] webmin security (Jun 13)
[ MDVSA-2011:107 ] fetchmail security (Jun 07)
Security_Alert
ESA-2011-009 (revised): RSA, The Security Division of EMC, announces new fix for potential security vulnerability in RSA(r) Access Manager Server. Security_Alert (Jun 06)
security-alert
[security bulletin] HPSBMA02631 SSRT100324 rev.1 - HP OpenView Storage Data Protector, Remote Execution of Arbitrary Code security-alert (Jun 09)
[security bulletin] HPSBMA02674 SSRT100487 rev.1 - HP Service Manager and HP Service Center, Unauthorized Remote Access, Unsecured Local Access, Remote Disclosure of Privileged Information, HTTP Session Credential Re-use, Cross Site Scripting (XSS) and Remote Script Inject security-alert (Jun 08)
[security bulletin] HPSBMA02627 SSRT090246 rev.2 - HP OpenView Performance Insight Server, Remote Execution of Arbitrary Code security-alert (Jun 14)
[security bulletin] HPSBMA02652 SSRT100432 rev.4 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Information Disclosure security-alert (Jun 03)
[security bulletin] HPSBUX02657 SSRT100460 rev.1 - CIFS Server (Samba), Remote Execution of Arbitrary Code, Denial of Service (DoS) security-alert (Jun 17)
signaladvisory
[BGA - SignalSEC Advisory]:Adobe Shockwave Player Remote Code Execution signaladvisory (Jun 15)
Slackware Security Team
[slackware-security] mozilla-firefox (SSA:2011-174-01) Slackware Security Team (Jun 29)
[slackware-security] fetchmail (SSA:2011-171-01) Slackware Security Team (Jun 24)
sschurtz
Cross-Site Scripting vulnerability in Nagios sschurtz (Jun 01)
Cross-Site Scripting vulnerability in Icinga sschurtz (Jun 01)
Multiple Cross-Site Scripting vulnerabilities in BLOG:CMS sschurtz (Jun 07)
Stefan Kanthak
Essential PIM 4.22: MANY vulnerabilities in 3rd party libraries Stefan Kanthak (Jun 17)
Perfect PDF products distributed with vulnerable MSVC++ libraries Stefan Kanthak (Jun 20)
Re: Perfect PDF products distributed with vulnerable MSVC++ libraries Stefan Kanthak (Jun 23)
support
Resolved - NNT Change Tracker - Hard-Coded Encryption Key Originally posted as http://seclists.org/fulldisclosure/2011/May/460 support (Jun 29)
techhelperjax
2wire password reset module techhelperjax (Jun 27)
Thijs Kinkhorst
[SECURITY] [DSA 2251-1] subversion security update Thijs Kinkhorst (Jun 02)
[SECURITY] [DSA 2253-1] fontforge security update Thijs Kinkhorst (Jun 06)
[SECURITY] [DSA 2256-1] tiff security update Thijs Kinkhorst (Jun 10)
[SECURITY] [DSA 2255-1] libxml2 security update Thijs Kinkhorst (Jun 06)
[SECURITY] [DSA 2261-1] redmine security update Thijs Kinkhorst (Jun 17)
Thor (Hammer of God)
RE: [Full-disclosure] COM Server-Based Binary Planting Proof OfConcept Thor (Hammer of God) (Jun 02)
Trustwave Advisories
TWSL2011-006: IBM Web Application Firewall Bypass Trustwave Advisories (Jun 28)
VSR Advisories
VMware Tools Multiple Vulnerabilities VSR Advisories (Jun 06)
VUPEN Security Research
VUPEN Security Research - Oracle Java ICC Profile "bfd" Tag Integer Overflow Code Execution Vulnerability VUPEN Security Research (Jun 10)
VUPEN Security Research - Oracle Java ICC Profile "clrt" Tag Integer Overflow Code Execution Vulnerability VUPEN Security Research (Jun 10)
VUPEN Security Research - Oracle Java ICC Profile "scrn" Tag Integer Overflow Code Execution Vulnerability VUPEN Security Research (Jun 10)
VUPEN Security Research - Microsoft Windows OLE Automation Integer Underflow Vulnerability (MS11-038) VUPEN Security Research (Jun 17)
VUPEN Security Research - Oracle Java ICC Profile "pseq" Tag Integer Overflow Code Execution Vulnerability VUPEN Security Research (Jun 10)
VUPEN Security Research - Oracle Java ICC Profile "ncl2" Tag Integer Overflow Code Execution Vulnerability VUPEN Security Research (Jun 10)
VUPEN Security Research - Oracle Java ICC Profile "mluc" Tag Integer Overflow Code Execution Vulnerability VUPEN Security Research (Jun 10)
Zacheusz Siedlecki
Java HotSpot Cryptographic Provider signature verification vulnerability Zacheusz Siedlecki (Jun 06)
ZDI Disclosures
ZDI-11-178: Novell iPrint nipplib.dll client-file-name Remote Code Execution Vulnerability ZDI Disclosures (Jun 07)
ZDI-11-177: Novell iPrint nipplib.dll core-package Remote Code Execution Vulnerability ZDI Disclosures (Jun 07)
ZDI-11-196: Microsoft Internet Explorer HTTP 302 Redirect Remote Code Execution Vulnerability ZDI Disclosures (Jun 18)
ZDI-11-198: (Pwn2Own) Microsoft Internet Explorer Uninitialized Variable Information Leak Vulnerability ZDI Disclosures (Jun 17)
ZDI-11-226: Citrix EdgeSight Launcher Service Remote Code Execution Vulnerability ZDI Disclosures (Jun 28)
ZDI-11-186: Oracle Java ICC Profile Multi-Language 'curv' Tag Parsing Remote Code Execution Vulnerability ZDI Disclosures (Jun 08)
ZDI-11-205: Adobe Shockwave Missing Lctx Chunk Remote Code Execution Vulnerability ZDI Disclosures (Jun 17)
ZDI-11-176: Novell iPrint nipplib.dll driver-version Remote Code Vulnerability ZDI Disclosures (Jun 07)
ZDI-11-199: Oracle Java Soundbank Decompression Remote Code Execution Vulnerability ZDI Disclosures (Jun 17)
ZDI-11-175: Novell iPrint nipplib.dll file-date-time Remote Code Execution Vulnerability ZDI Disclosures (Jun 07)
ZDI-11-183: Oracle Java ICC Profile MultiLanguage 'mluc' Tag Parsing Remote Code Execution Vulnerability ZDI Disclosures (Jun 08)
ZDI-11-212: Adobe Shockwave KEY* Chunk Invalid Size Remote Code Execution Vulnerability ZDI Disclosures (Jun 18)
ZDI-11-215: Adobe Shockwave DEMX Chunk Multiple Field Parsing Remote Code Execution Vulnerability ZDI Disclosures (Jun 15)
ZDI-11-192: Oracle Java Web Start Command Argument Injection Remote Code Execution Vulnerability ZDI Disclosures (Jun 08)
ZDI-11-208: Adobe Shockwave rcsL Parsing Remote Code Execution Vulnerability ZDI Disclosures (Jun 17)
ZDI-11-221: Adobe Shockwave Shockwave 3d Asset.x32 DEMX 0xFFFFFF45 Field Parsing Remote Code Execution Vulnerability ZDI Disclosures (Jun 17)
ZDI-11-214: Adobe Shockwave CASt Chunk Parsing Remote Code Execution Vulnerability ZDI Disclosures (Jun 17)
ZDI-11-216: Adobe Shockwave rcsL Chunk 16-bit Field Parsing Remote Code Execution Vulnerability ZDI Disclosures (Jun 17)
ZDI-11-207: Adobe Shockwave tSAC Chunk String Termination Remote Code Execution Vulnerability ZDI Disclosures (Jun 17)
ZDI-11-218: Adobe Acrobat Reader tesselate.x3d Multimedia Playing Remote Code Execution Vulnerability ZDI Disclosures (Jun 18)
ZDI-11-209: Adobe Shockwave rcsL Substructure Parsing Remote Code Execution Vulnerability ZDI Disclosures (Jun 17)
ZDI-11-225: Mozilla Firefox nsXULCommandDispatcher Remote Code Execution Vulnerability ZDI Disclosures (Jun 24)
ZDI-11-210: Adobe Shockwave rcsL Chunk Parsing Misallocation Remote Code Execution Vulnerability ZDI Disclosures (Jun 18)
ZDI-11-190: Oracle Java ICC Profile 'crdi' Tag Parsing Remote Code Execution Vulnerability ZDI Disclosures (Jun 08)
ZDI-11-194: Microsoft Internet Explorer layout-grid-char style Remote Code Execution Vulnerability ZDI Disclosures (Jun 17)
TPTI-11-08: Adobe Shockwave iml32.dll DEMX Chunk GIF Parsing Remote Code Execution Vulnerability ZDI Disclosures (Jun 17)
ZDI-11-184: Oracle Java ICC Profile Sequence Description 'pseq' Tag Parsing Remote Code Execution Vulnerability ZDI Disclosures (Jun 08)
ZDI-11-171: Sybase OneBridge Mobile Data Suite Format String Remore Code Execution Vulnerability ZDI Disclosures (Jun 03)
ZDI-11-191: Oracle Java ICC Screening Tag Parsing Remote Code Execution Vulnerability ZDI Disclosures (Jun 08)
ZDI-11-188: Oracle Java ICC Profile ncl2 Count Tag Parsing Remote Code Execution Vulnerability ZDI Disclosures (Jun 08)
TPTI-11-06: Oracle Java ICC Profile rcs2 Tag Parsing Remote Code Execution Vulnerability ZDI Disclosures (Jun 16)
TPTI-11-07: Adobe Shockwave iml32.dll CSWV Chunk Parsing Remote Code Execution Vulnerability ZDI Disclosures (Jun 16)
ZDI-11-224: Mozilla Firefox SVGPointList.appendItem Remote Code Execution Vulnerability ZDI Disclosures (Jun 21)
ZDI-11-213: Adobe Shockwave rcsL Trusted Offset Chunk Processing Remote Code Execution Vulnerability ZDI Disclosures (Jun 17)
ZDI-11-173: Novell iPrint nipplib.dll profile-time Remote Code Execution Vulnerability ZDI Disclosures (Jun 07)
ZDI-11-211: Adobe Shockwave Shockwave 3d Asset.x32 DEMX Chunk 0xFFFFFF49 Field Remote Code Execution Vulnerability ZDI Disclosures (Jun 17)
ZDI-11-169: IBM Tivoli Endpoint lcfd.exe opts Argument Remote Code Execution Vulnerability ZDI Disclosures (Jun 01)
ZDI-11-197: Microsoft Internet Explorer vgx.dll imagedata Remote Code Execution Vulnerability ZDI Disclosures (Jun 17)
ZDI-11-200: Adobe Shockwave AudioMixer Structure Parsing Remote Code Execution Vulnerability ZDI Disclosures (Jun 17)
ZDI-11-182: Oracle Java IE Browser Plugin Corrupted Window Procedure Hook Remote Code Execution Vulnerability ZDI Disclosures (Jun 08)
ZDI-11-217: Adobe Shockwave Font Structure Parsing Remote Code Execution Vulnerability ZDI Disclosures (Jun 17)
ZDI-11-185: Oracle Java ICC Profile 'bfd ' Tag Parsing Remote Code Execution Vulnerability ZDI Disclosures (Jun 08)
ZDI-11-193: Microsoft Internet Explorer DOM Modification Race Remote Code Execution Vulnerability ZDI Disclosures (Jun 17)
ZDI-11-172: Novell iPrint nipplib.dll uri Remote Code Execution Vulnerability ZDI Disclosures (Jun 07)
ZDI-11-203: Adobe Shockwave xtcL Chunk Parsing Integer Overflow Remote Code Execution Vulnerability ZDI Disclosures (Jun 17)
ZDI-11-222: Adobe Shockwave Shockwave 3d Asset.x32 DEMX Chunk Substructure Count Remote Code Execution Vulnerability ZDI Disclosures (Jun 16)
TPTI-11-11: Adobe Shockwave Lnam Chunk Parsing Remote Code Execution Vulnerability ZDI Disclosures (Jun 16)
ZDI-11-202: Adobe Shockwave rcsL String Parsing Remote Code Execution Vulnerability ZDI Disclosures (Jun 18)
ZDI-11-206: Adobe Shockwave GIF Decompression Remote Code Execution Vulnerability ZDI Disclosures (Jun 17)
ZDI-11-201: Adobe Shockwave Cursor Structure Parsing Remote Code Execution Vulnerability ZDI Disclosures (Jun 18)
ZDI-11-220: Adobe Shockwave Director File rcsL Chunk Multiple Opcode Parsing Remote Code Execution Vulnerability ZDI Disclosures (Jun 18)
ZDI-11-174: Novell iPrint nipplib.dll profile-name Remote Code Execution Vulnerability ZDI Disclosures (Jun 07)
ZDI-11-187: Oracle Java ICC Profile clrt Tag Parsing Remote Code Execution Vulnerability ZDI Disclosures (Jun 08)
TPTI-11-10: Adobe Shockwave dirapi.dll rcsL Chunk Parsing Remote Code Execution Vulnerability ZDI Disclosures (Jun 18)
ZDI-11-195: Microsoft Internet Explorer selection.empty Remote Code Execution Vulnerability ZDI Disclosures (Jun 17)
ZDI-11-219: Adobe Acrobat Reader 3difr.x3d Multimedia Playing Remote Code Execution Vulnerability ZDI Disclosures (Jun 15)
ZDI-11-180: Novell iPrint op-printer-list-all-jobs cookie Remote Code Execution Vulnerability ZDI Disclosures (Jun 07)
ZDI-11-181: Novell iPrint op-printer-list-all-jobs url Remote Code Execution Vulnerability ZDI Disclosures (Jun 07)
ZDI-11-189: Oracle Java ICC Profile ncl2 DevCoords Tag Parsing Remote Code Execution Vulnerability ZDI Disclosures (Jun 08)
ZDI-11-204: Adobe Shockwave TextXtra Text Element Parsing Remote Code Execution Vulnerability ZDI Disclosures (Jun 17)
ZDI-11-223: Mozilla Firefox SVGPathSegList.replaceItem Remote Code Execution Vulnerability ZDI Disclosures (Jun 21)