Bugtraq: by thread
320 messages
starting Mar 01 11 and
ending Mar 31 11
Date index |
Thread index |
Author index
- [USN-1074-2] Linux kernel vulnerabilities Kees Cook (Mar 01)
- weechat does not properly use gnutls and allow an attacker to bypass certificate verification john . doe (Mar 01)
- [SECURITY] [DSA 2175-1] samba security update Moritz Muehlenhoff (Mar 01)
- ZDI-11-094: (0 day) Hewlett-Packard StorageWorks File Migration Agent Remote Archive Tampering Vulnerability ZDI Disclosures (Mar 01)
- [security bulletin] HPSBUX02633 SSRT100387 rev.1 - HP-UX running Java, Remote Denial of Service (DoS) security-alert (Mar 01)
- [USN-1078-1] Logwatch vulnerability Steve Beattie (Mar 01)
- SnapProof (cart.php) Cross Site Scripting difficult-511 (Mar 01)
- Re: prestashop vuln: sql injection submitted to bugtraq () securityfocus com antonio_s_martino (Mar 01)
- [USN-1079-1] OpenJDK 6 vulnerabilities Steve Beattie (Mar 01)
- vsftpd 2.3.2 remote denial-of-service cxib (Mar 01)
- Re: Re: prestashop vuln: sql injection submitted to bugtraq () securityfocus com Antonio S.M (Mar 01)
- HTB22862: Path disclosure in NextGEN Gallery wordpress plugin advisory (Mar 01)
- HTB22861: XSS in Question and Answer Forum wordpress plugin advisory (Mar 01)
- HTB22860: SQL Injection in WP Forum wordpress plugin advisory (Mar 01)
- HTB22859: SQL Injection in WP Forum wordpress plugin advisory (Mar 01)
- HTB22858: SQL Injection in WP Forum wordpress plugin advisory (Mar 01)
- HTB22849: Path disclosure in Mingle Forum wordpress plugin advisory (Mar 01)
- HTB22848: XSS in Mingle Forum wordpress plugin advisory (Mar 01)
- DDIVRT-2010-30 Alcatel-Lucent OmniVista 4760 NMS 'lang' Directory Traversal Vulnerability [ CVE-2011-0345 ] ddivulnalert (Mar 01)
- [SECURITY] [DSA 2163-2] dajaxice regression fix Thijs Kinkhorst (Mar 01)
- [USN-1081-1] Linux kernel vulnerabilities Kees Cook (Mar 02)
- [USN-1080-1] Linux kernel vulnerabilities Kees Cook (Mar 02)
- [SECURITY] [DSA 2176-1] cups security update Moritz Muehlenhoff (Mar 02)
- [ MDVSA-2011:039 ] webkit security (Mar 02)
- [USN-1082-1] Pango vulnerabilities Marc Deslauriers (Mar 02)
- VidiScript (index.php) Cross Site Scripting Root (Mar 02)
- CubeCart 2.0.6 SQL injection / Cross Site Scripting Root (Mar 02)
- PhotoPost PHP 4.8c (showgallery.php) Cross Site Scripting Root (Mar 02)
- Prestashop Cartium 1.3.3 Multiple Cross Site Scripting (XSS) Antonio S.M (Mar 02)
- <Possible follow-ups>
- Re: Prestashop Cartium 1.3.3 Multiple Cross Site Scripting (XSS) mike (Mar 03)
- [SECURITY] [DSA 2177-1] pywebdav security update Florian Weimer (Mar 03)
- [SECURITY] [DSA 2178-1] pango1.0 security update Florian Weimer (Mar 03)
- [USN-1083-1] Linux kernel vulnerabilities Kees Cook (Mar 03)
- [SECURITY] [DSA 2179-1] dtc security update Florian Weimer (Mar 03)
- ZDI-11-103: Mozilla Firefox JSON.stringify Dangling Pointer Remote Code Execution Vulnerability ZDI Disclosures (Mar 03)
- iDefense Security Advisory 03.01.11: Alcatel-Lucent OmniPCX Enterprise CS CGI Cookie Buffer Overflow Vulnerability labs-no-reply (Mar 03)
- [security bulletin] HPSBUX02638 SSRT100339 rev.1 - HP-UX Running OpenSSL, Remote Execution of Arbitrary Code, Denial of Service (DoS), Authentication Bypass security-alert (Mar 03)
- ZDI-11-095: Apple Webkit Error Message Mutation Remote Code Execution Vulnerability ZDI Disclosures (Mar 03)
- ZDI-11-102: PostgreSQL Plus Advanced Server DBA Management Server Remote Authentication Bypass Vulnerability ZDI Disclosures (Mar 03)
- ZDI-11-096: Apple Safari WebKit Range Object Remote Code Execution Vulnerability ZDI Disclosures (Mar 03)
- ZDI-11-097: Apple Webkit setOuterText Memory Corruption Remote Code Execution Vulnerability ZDI Disclosures (Mar 03)
- ZDI-11-098: Apple Safari Webkit Runin Box Promotion Remote Code Execution Vulnerability ZDI Disclosures (Mar 03)
- ZDI-11-099: Apple Webkit Font Glyph Layout Remote Code Execution Vulnerability ZDI Disclosures (Mar 03)
- ZDI-11-100: Apple Webkit Root HTMLBRElement Style Remote Code Execution Vulnerability ZDI Disclosures (Mar 03)
- ZDI-11-101: Apple iPhone Webkit Library Javascript Array sort Method Remote Code Execution Vulnerability ZDI Disclosures (Mar 03)
- iDefense Security Advisory 03.02.11: Apple CoreGraphics Library Heap Memory Corruption Vulnerability labs-no-reply (Mar 03)
- [USN-1080-2] Linux kernel vulnerabilities Kees Cook (Mar 03)
- [USN-1050-1] Thunderbird vulnerabilities Jamie Strandboge (Mar 03)
- HTB22863: XSS vulnerability in xtcModified advisory (Mar 03)
- HTB22857: Path disclosure in Tribiq CMS advisory (Mar 03)
- HTB22866: XSS vulnerability in xtcModified advisory (Mar 03)
- HTB22855: XSRF (CSRF) in Pragyan CMS advisory (Mar 03)
- HTB22856: XSS vulnerability in Pragyan CMS advisory (Mar 03)
- HTB22853: XSS vulnerability in Pragyan CMS advisory (Mar 03)
- HTB22865: XSS vulnerability in xtcModified advisory (Mar 03)
- HTB22837: Path disclosure in PrestaShop advisory (Mar 03)
- [ MDVSA-2011:040 ] pango security (Mar 03)
- [security bulletin] HPSBPI02640 SSRT100410 rev.1 - HP MFP Digital Sending Software Running on Windows, Authentication Bypass security-alert (Mar 03)
- [SECURITY] [DSA 2180-1] iceape security update Moritz Muehlenhoff (Mar 04)
- [DCA-2011-0001] TP-LINK TL-WR740N Multiple Vulnerabilities - Stored XSS - Web Console and Upnp server DoS Crash (Mar 04)
- [DCA-2011-0002]: TOTVS ERP Microsiga Protheus - Users Enumeration Flavio do Carmo Junior aka waKKu (Mar 04)
- [DCA-2011-0003]: LMS Web Ensino - Multiple XSS, Session Fixation, CSRF and SQL Injection Flavio do Carmo Junior aka waKKu (Mar 04)
- [SECURITY] [DSA 2181-1] subversion security update Florian Weimer (Mar 04)
- Mutare Software EVM - CSRF and XSS Vulnerabilities Travis Lee (Mar 06)
- [SECURITY] [DSA 2182-1] logwatch security update Florian Weimer (Mar 06)
- [DCA-2011-0006] Hiawatha 7.4 - Denial-of-Service Rodrigo Escobar (Mar 06)
- [ MDVSA-2011:041 ] firefox security (Mar 06)
- [SECURITY] [DSA 2183-1] nbd security update Raphael Geissert (Mar 06)
- [SECURITY] [DSA 2184-1] isc-dhcp security update Florian Weimer (Mar 06)
- 'Quick Polls' Local File Inclusion & Deletion Vulnerabilities (CVE-2011-1099) Mark Stanislav (Mar 06)
- XSS in CubeCart <= 2.0.7 Michele Spagnuolo (Mar 06)
- [DCA-2011-0009] Weborf 0.12.4 Denial-of-Service Rodrigo Escobar (Mar 06)
- RECON 2011 CFP hfortier (Mar 07)
- Kodak InSite Login Page Cross-Site Scripting vulns (Mar 07)
- InSite Troubleshooting Cross-Site Scripting vulns (Mar 07)
- [USN-1085-1] tiff vulnerabilities Marc Deslauriers (Mar 07)
- [USN-1084-1] avahi vulnerability Marc Deslauriers (Mar 07)
- [TEHTRI-Security] Security and iPhone iOS 4.3 Personal Hotspot feature Laurent OUDOT at TEHTRI-Security (Mar 07)
- [ MDVSA-2011:042 ] mozilla-thunderbird security (Mar 07)
- Plaintext injection in STARTTLS (multiple implementations) Wietse Venema (Mar 07)
- HTB22872: Path disclosure in Cool Video Gallery wordpress plugin advisory (Mar 08)
- HTB22873: XSS in Inline Gallery wordpress plugin advisory (Mar 08)
- HTB22870: SQL Injection in GRAND Flash Album Gallery wordpress plugin advisory (Mar 08)
- HTB22869: SQL Injection in 1 Flash Gallery wordpress plugin advisory (Mar 08)
- HTB22868: XSS in 1 Flash Gallery wordpress plugin advisory (Mar 08)
- VMSA-2011-0004 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm. VMware Security Team (Mar 08)
- HTB22867: XSS in PhotoSmash wordpress plugin advisory (Mar 08)
- [ MDVSA-2011:043 ] libtiff security (Mar 08)
- Cross-Site Scripting vulnerabilities in Icinga sschurtz (Mar 08)
- [HITB-Announce] HITB Magazine Call for Articles Hafez Kamal (Mar 08)
- HTB22871: File Content Disclosure in GRAND Flash Album Gallery wordpress plugin advisory (Mar 08)
- [security bulletin] HPSBUX02641 SSRT100412 rev.1 - HP OpenView Network Node Manager (OV NNM) for HP-UX, Linux, Solaris, and Windows running Java, Remote Denial of Service (DoS) security-alert (Mar 08)
- AthCon 2011 Announcement kyprianos (Mar 09)
- NSOADV-2011-003: Majordomo2 'help' Command Directory Traversal (Patch Bypass) NSO Research (Mar 09)
- [ MDVSA-2011:044 ] wireshark security (Mar 09)
- [USN-1086-1] Linux kernel (EC2) vulnerabilities Kees Cook (Mar 09)
- [SECURITY] [DSA 2185-1] proftpd-dfsg security update Moritz Mühlenhoff (Mar 09)
- RecordPress Multiple Vulnerabilities irancrash (Mar 09)
- HTB22878: XSS vulnerability in CosmoShop advisory (Mar 10)
- HTB22875: XSS in Lazyest Gallery wordpress plugin advisory (Mar 10)
- <Possible follow-ups>
- Re: HTB22875: XSS in Lazyest Gallery wordpress plugin lazyest (Mar 10)
- [DCA-2011-0007] Air Contacts Lite (iPhone / iPod App Denial Of Service) Rodrigo Escobar (Mar 10)
- HTB22880: XSS vulnerability in CosmoShop advisory (Mar 10)
- HTB22874: Path disclosure in Lazyest Gallery wordpress plugin advisory (Mar 10)
- <Possible follow-ups>
- Re: HTB22874: Path disclosure in Lazyest Gallery wordpress plugin lazyest (Mar 11)
- [SECURITY] [DSA 2187-1] icedove security update Moritz Muehlenhoff (Mar 10)
- [SECURITY] [DSA 2188-1] webkit security update Giuseppe Iuculano (Mar 10)
- Cross-Site Scripting vulnerability in Nagios sschurtz (Mar 10)
- <Possible follow-ups>
- Re: Cross-Site Scripting vulnerability in Nagios sschurtz (Mar 10)
- Call for Papers: Passwords^11 Per Thorsheim (Mar 10)
- [SECURITY] [DSA 2186-1] iceweasel security update Moritz Muehlenhoff (Mar 10)
- HTB22879: Multiple XSS vulnerabilities in CosmoShop advisory (Mar 10)
- HTB22881: SQL injection vulnerability in CosmoShop advisory (Mar 10)
- [security bulletin] HPSBMA02629 SSRT100381 rev.3 - HP Power Manager (HPPM) Running on Linux and Windows, Cross Site Request Forgery (CSRF), Cross Site Scripting (XSS) security-alert (Mar 10)
- Medium severity flaw in QNX Neutrino RTOS Tim Brown (Mar 11)
- Swiss Cyber Storm 3 2011 Announcement Ivan Buetler (Mar 11)
- [SECURITY] [DSA 2190-1] wordpress security update Giuseppe Iuculano (Mar 11)
- DC4420 - London DEFCON - March meet - Tuesday 22nd March 2011 Major Malfunction (Mar 11)
- VUPEN Security Research - Apple Safari WebKit Iframe Event Handling Remote Use-after-free VUPEN Security Research (Mar 14)
- VUPEN Security Research - Apple Safari WebKit Scroll Event Handling Remote Use-after-free VUPEN Security Research (Mar 14)
- VUPEN Security Research - Apple Safari WebKit Block Dimensions Handling Integer Overflow VUPEN Security Research (Mar 14)
- Privacy, Security, Trust (PST 2011) - 2nd Call for Papers (Deadline: March 20) Serguei A. Mokhov on behalf of PST-11 (Mar 14)
- Checkpoint VPN - Priviledge Escalation Thierry Zoller (Mar 14)
- bbPress 1.0.2 <= Cross Site Scripting Vulnerability YGN Ethical Hacker Group (Mar 14)
- Joomla! 1.6.0 | SQL Injection Vulnerability YGN Ethical Hacker Group (Mar 14)
- BoutikOne Multiples SQL Injection Vulnerability cdx . security (Mar 14)
- Joomla! 1.6.0 | Cross Site Scripting (XSS) Vulnerability YGN Ethical Hacker Group (Mar 14)
- ClubHACK Magazine: Call for Articles abhijeet (Mar 14)
- [DSECRG-11-009] SAP NetWaver XI SOAP Adapter - XSS Alexandr Polyakov (Mar 14)
- [USN-1087-1] libvpx vulnerability Micah Gersten (Mar 14)
- [DCA-2011-0004] - Trend WebReputation API Bypass Crash (Mar 14)
- [SECURITY] [DSA 2191-1] proftpd security update Moritz Muehlenhoff (Mar 14)
- [security bulletin] HPSBMA02644 SSRT100284 rev.1 - HP Client Automation Enterprise (HPCA) Running on Windows, Remote Execution of Arbitrary Code security-alert (Mar 14)
- [DSECRG-11-010] SAP NetWeaver logon.html - XSS Alexandr Polyakov (Mar 14)
- [USN-1085-2] tiff regression Kees Cook (Mar 15)
- [USN-1079-2] OpenJDK 6 vulnerabilities Steve Beattie (Mar 15)
- [SECURITY] CVE-2011-1088 Apache Tomcat security constraint bypass Mark Thomas (Mar 15)
- HTB22888: File Content Disclosure in LotusCMS advisory (Mar 15)
- VMSA-2011-0005 VMware vCenter Orchestrator remote code execution vulnerability VMware Security Team (Mar 15)
- HTB22883: XSS vulnerability in LotusCMS advisory (Mar 15)
- HTB22882: Path disclosure in OXID eShop advisory (Mar 15)
- HTB22884: XSS vulnerability in LotusCMS advisory (Mar 15)
- <Possible follow-ups>
- Re: HTB22884: XSS vulnerability in LotusCMS admin (Mar 21)
- HTB22885: XSS vulnerability in LotusCMS advisory (Mar 15)
- HTB22886: XSRF (CSRF) in LotusCMS advisory (Mar 15)
- HTB22887: XSS vulnerability in LotusCMS advisory (Mar 15)
- ESA-2011-007: EMC Avamar sensitive information disclosure vulnerability Security_Alert (Mar 15)
- ESA-2011-009: RSA, The Security Division of EMC, announces a fix for potential security vulnerability in RSA Access Manager Server Security_Alert (Mar 15)
- HTB22877: Path disclosure in xt:Commerce advisory (Mar 15)
- ESA-2011-006: EMC Avamar privilege escalation vulnerability Security_Alert (Mar 15)
- [RT-SA-2011-002] SugarCRM list privilege restriction bypass RedTeam Pentesting GmbH (Mar 15)
- [SECURITY] [DSA 2192-1] chromium-browser security update Giuseppe Iuculano (Mar 15)
- [RT-SA-2011-001] nostromo nhttpd directory traversal leading to arbitrary command execution RedTeam Pentesting GmbH (Mar 15)
- MITKRB5-SA-2011-003 [CVE-2011-0284] KDC double-free when PKINIT enabled Tom Yu (Mar 15)
- [USN-1088-1] Kerberos vulnerability Steve Beattie (Mar 15)
- [DSECRG-11-013] SAP NetWeaver Runtime - multiple XSS Alexandr Polyakov (Mar 16)
- [DSECRG-11-012] SAP NetWeaver Integration Directory - multiple XSS Alexandr Polyakov (Mar 16)
- [DSECRG-11-014] SAP GUI (sapgui) - DLL hijacking Alexandr Polyakov (Mar 16)
- [DSECRG-11-011] SAP Crystal Reports 2008 - Multiple XSS Alexandr Polyakov (Mar 16)
- [ MDVSA-2011:045 ] postfix security (Mar 16)
- [SECURITY] [DSA 2193-1] libcgroup security update Thijs Kinkhorst (Mar 17)
- HTB22894: XSS in Sodahead Polls wordpress plugin advisory (Mar 17)
- HTB22893: XSS in Sodahead Polls wordpress plugin advisory (Mar 17)
- HTB22892: Path disclosure in Smen Social Button wordpress plugin advisory (Mar 17)
- HTB22891: XSS in Rating-Widget wordpress plugin advisory (Mar 17)
- HTB22890: XSS in Rating-Widget wordpress plugin advisory (Mar 17)
- HTB22889: XSS in Rating-Widget wordpress plugin advisory (Mar 17)
- [PRE-SA-2011-02] Information disclosure vulnerability in the OSF partition handling code of the Linux kernel Timo Warns (Mar 17)
- AST-2011-003: Asterisk Security Team (Mar 17)
- [Announcement] ClubHACK Magazine Issue 14-March 2011 released abhijeet (Mar 17)
- AST-2011-004: Asterisk Security Team (Mar 17)
- Deferral Announcement for the March 2011 Cisco IOS Software Security Advisories Cisco Systems Product Security Incident Response Team (Mar 17)
- [ MDVSA-2011:046 ] pure-ftpd security (Mar 17)
- [TEHTRI-Security] Quick BlackBerry Security Check Laurent OUDOT at TEHTRI-Security (Mar 17)
- [USN-1079-3] OpenJDK 6 vulnerabilities Steve Beattie (Mar 17)
- [SECURITY] [DSA 2194-1] libvirt security update Thijs Kinkhorst (Mar 18)
- [ MDVSA-2011:047 ] proftpd security (Mar 18)
- OWASP AppSec USA 2011 Call for Papers Adam Baso (Mar 18)
- XOOPS 2.5.0 <= Cross Site Scripting Vulnerability YGN Ethical Hacker Group (Mar 18)
- [ MDVSA-2011:048 ] krb5 security (Mar 18)
- libzip 0.9.3 _zip_name_locate NULL Pointer Dereference (incl PHP 5.3.5) cxib (Mar 18)
- [SECURITY] [DSA 2186-2] vimperator regression fix Moritz Muehlenhoff (Mar 18)
- Tugux CMS (nid) BLIND sql injection vulnerability eidelweiss (Mar 21)
- Buffer overflow in libtiff in Imagemagick zgmzgm (Mar 21)
- Re: Buffer overflow in libtiff in Imagemagick Vladimir '3APA3A' Dubrovin (Mar 23)
- XSS vulnerability in Web Poll Pro Hector . x90 (Mar 21)
- [USN-1090-1] Linux kernel vulnerabilities Kees Cook (Mar 21)
- Privacy, Security, Trust (PST 2011) - Call for Papers (EXTENDED Deadline: April 3, 2011) Serguei A. Mokhov on behalf of PST-11 (Mar 21)
- Vulnerabilities in some SCADA server softwares Luigi Auriemma (Mar 21)
- Re: Vulnerabilities in some SCADA server softwares J. Oquendo (Mar 22)
- Re: Vulnerabilities in some SCADA server softwares Luigi Auriemma (Mar 22)
- Re: Vulnerabilities in some SCADA server softwares Michal Zalewski (Mar 23)
- Re: Vulnerabilities in some SCADA server softwares R Michael Williams (Mar 23)
- Re: Vulnerabilities in some SCADA server softwares Michal Zalewski (Mar 23)
- RE: Vulnerabilities in some SCADA server softwares Jim Harrison (Mar 23)
- Re: Vulnerabilities in some SCADA server softwares Luigi Auriemma (Mar 23)
- RE: Vulnerabilities in some SCADA server softwares Jim Harrison (Mar 23)
- Re: Vulnerabilities in some SCADA server softwares Theo de Raadt (Mar 23)
- Re: Vulnerabilities in some SCADA server softwares J. Oquendo (Mar 23)
- Re: Vulnerabilities in some SCADA server softwares Simple Nomad (Mar 23)
- Message not available
- Re: Vulnerabilities in some SCADA server softwares Simple Nomad (Mar 24)
- Re: Vulnerabilities in some SCADA server softwares Kent Borg (Mar 24)
- Re: Vulnerabilities in some SCADA server softwares Theo de Raadt (Mar 23)
- Re: Vulnerabilities in some SCADA server softwares Jamie Riden (Mar 24)
- Re: Vulnerabilities in some SCADA server softwares Willy Tarreau (Mar 25)
- Re: Vulnerabilities in some SCADA server softwares bugtraq (Mar 24)
- Re: Vulnerabilities in some SCADA server softwares CJC (Mar 24)
- Re: Vulnerabilities in some SCADA server softwares Michal Zalewski (Mar 24)
- Re: Vulnerabilities in some SCADA server softwares J. Oquendo (Mar 23)
- Re: Vulnerabilities in some SCADA server softwares Mike Hoskins (Mar 23)
- Re: Vulnerabilities in some SCADA server softwares Kent Borg (Mar 23)
- Re: Vulnerabilities in some SCADA server softwares J. Oquendo (Mar 24)
- Re: Vulnerabilities in some SCADA server softwares Pavel Kankovsky (Mar 24)
- Re: Vulnerabilities in some SCADA server softwares J. Oquendo (Mar 22)
- Re: "Simple PHP Newsletter" Remote Admin Password Change With install path Patrick Kelley (Mar 30)
- <Possible follow-ups>
- "Simple PHP Newsletter" Remote Admin Password Change With install path cseye_ut (Mar 29)
- <Possible follow-ups>
- "WESPA PHP Newsletter v3.0" Remote Admin Password Change With install path cseye_ut (Mar 29)
- Re: HTB22905: Path disclosure in Wordpress Christian Sciberras (Mar 30)
- Re: HTB22905: Path disclosure in Wordpress Patrick Kelley (Mar 30)
- Message not available
- Re: HTB22905: Path disclosure in Wordpress Patrick Kelley (Mar 30)
- Re: HTB22905: Path disclosure in Wordpress Patrick Kelley (Mar 30)
- Message not available
- RE: Solaris 10 Port Stealing Vulnerability Chris O'Regan (Mar 31)
- Re: Solaris 10 Port Stealing Vulnerability Casper . Dik (Mar 31)
- RE: Solaris 10 Port Stealing Vulnerability Chris O'Regan (Mar 31)