Bugtraq: by author
RSS Feed
About List
All Lists
Previous period
320 messages
starting Mar 17 11 and
ending Mar 21 11
Date index |
Thread index |
Author index
abhijeet
[Announcement] ClubHACK Magazine Issue 14-March 2011 released abhijeet (Mar 17)
ClubHACK Magazine: Call for Articles abhijeet (Mar 14)
Adam Baso
OWASP AppSec USA 2011 Call for Papers Adam Baso (Mar 18)
admin
Re: HTB22884: XSS vulnerability in LotusCMS admin (Mar 21)
Advisories Toucan-System
TSSA-2011-01 xpdf : multiple vulnerabilities allow remote code execution Advisories Toucan-System (Mar 28)
advisory
HTB22895: XSS vulnerability in Ripe website manager advisory (Mar 24)
HTB22879: Multiple XSS vulnerabilities in CosmoShop advisory (Mar 10)
HTB22898: XSRF (CSRF) in Ripe website manager advisory (Mar 24)
HTB22878: XSS vulnerability in CosmoShop advisory (Mar 10)
HTB22903: XSS in Spitfire CMS advisory (Mar 29)
HTB22880: XSS vulnerability in CosmoShop advisory (Mar 10)
HTB22859: SQL Injection in WP Forum wordpress plugin advisory (Mar 01)
HTB22902: XSS in SyndeoCMS advisory (Mar 24)
HTB22853: XSS vulnerability in Pragyan CMS advisory (Mar 03)
HTB22907: Directory Traversal in Collabtive advisory (Mar 31)
HTB22931: XSS vulnerability in InTerra Blog Machine advisory (Mar 31)
HTB22870: SQL Injection in GRAND Flash Album Gallery wordpress plugin advisory (Mar 08)
HTB22896: SQL injection vulnerability in Ripe website manager advisory (Mar 24)
HTB22875: XSS in Lazyest Gallery wordpress plugin advisory (Mar 10)
HTB22855: XSRF (CSRF) in Pragyan CMS advisory (Mar 03)
HTB22866: XSS vulnerability in xtcModified advisory (Mar 03)
HTB22881: SQL injection vulnerability in CosmoShop advisory (Mar 10)
HTB22869: SQL Injection in 1 Flash Gallery wordpress plugin advisory (Mar 08)
HTB22900: Multiple XSS vulnerabilities in SyndeoCMS advisory (Mar 24)
HTB22908: XSRF (CSRF) in Collabtive advisory (Mar 31)
HTB22909: Path disclosure in Tine 2.0 advisory (Mar 31)
HTB22861: XSS in Question and Answer Forum wordpress plugin advisory (Mar 01)
HTB22848: XSS in Mingle Forum wordpress plugin advisory (Mar 01)
HTB22905: Path disclosure in Wordpress advisory (Mar 29)
HTB22883: XSS vulnerability in LotusCMS advisory (Mar 15)
HTB22871: File Content Disclosure in GRAND Flash Album Gallery wordpress plugin advisory (Mar 08)
HTB22857: Path disclosure in Tribiq CMS advisory (Mar 03)
HTB22863: XSS vulnerability in xtcModified advisory (Mar 03)
HTB22897: SQL injection vulnerability in Ripe website manager advisory (Mar 24)
HTB22867: XSS in PhotoSmash wordpress plugin advisory (Mar 08)
HTB22872: Path disclosure in Cool Video Gallery wordpress plugin advisory (Mar 08)
HTB22885: XSS vulnerability in LotusCMS advisory (Mar 15)
HTB22849: Path disclosure in Mingle Forum wordpress plugin advisory (Mar 01)
HTB22868: XSS in 1 Flash Gallery wordpress plugin advisory (Mar 08)
HTB22890: XSS in Rating-Widget wordpress plugin advisory (Mar 17)
HTB22877: Path disclosure in xt:Commerce advisory (Mar 15)
HTB22889: XSS in Rating-Widget wordpress plugin advisory (Mar 17)
HTB22886: XSRF (CSRF) in LotusCMS advisory (Mar 15)
HTB22893: XSS in Sodahead Polls wordpress plugin advisory (Mar 17)
HTB22873: XSS in Inline Gallery wordpress plugin advisory (Mar 08)
HTB22884: XSS vulnerability in LotusCMS advisory (Mar 15)
HTB22894: XSS in Sodahead Polls wordpress plugin advisory (Mar 17)
HTB22862: Path disclosure in NextGEN Gallery wordpress plugin advisory (Mar 01)
HTB22837: Path disclosure in PrestaShop advisory (Mar 03)
HTB22888: File Content Disclosure in LotusCMS advisory (Mar 15)
HTB22856: XSS vulnerability in Pragyan CMS advisory (Mar 03)
HTB22858: SQL Injection in WP Forum wordpress plugin advisory (Mar 01)
HTB22906: XSS vulnerabilities in Collabtive advisory (Mar 31)
HTB22904: Path disclosure in bbPress advisory (Mar 29)
HTB22910: XSRF (CSRF) in Feng Office advisory (Mar 31)
HTB22899: Path disclosure in SyndeoCMS advisory (Mar 24)
HTB22874: Path disclosure in Lazyest Gallery wordpress plugin advisory (Mar 10)
HTB22901: SQL injection in SyndeoCMS advisory (Mar 24)
HTB22887: XSS vulnerability in LotusCMS advisory (Mar 15)
HTB22860: SQL Injection in WP Forum wordpress plugin advisory (Mar 01)
HTB22891: XSS in Rating-Widget wordpress plugin advisory (Mar 17)
HTB22892: Path disclosure in Smen Social Button wordpress plugin advisory (Mar 17)
HTB22865: XSS vulnerability in xtcModified advisory (Mar 03)
HTB22882: Path disclosure in OXID eShop advisory (Mar 15)
Alexandr Polyakov
[DSECRG-11-009] SAP NetWaver XI SOAP Adapter - XSS Alexandr Polyakov (Mar 14)
[DSECRG-11-012] SAP NetWeaver Integration Directory - multiple XSS Alexandr Polyakov (Mar 16)
[DSECRG-11-013] SAP NetWeaver Runtime - multiple XSS Alexandr Polyakov (Mar 16)
[DSECRG-11-014] SAP GUI (sapgui) - DLL hijacking Alexandr Polyakov (Mar 16)
[DSECRG-11-010] SAP NetWeaver logon.html - XSS Alexandr Polyakov (Mar 14)
[DSECRG-11-011] SAP Crystal Reports 2008 - Multiple XSS Alexandr Polyakov (Mar 16)
Antonio S.M
Re: Re: prestashop vuln: sql injection submitted to bugtraq () securityfocus com Antonio S.M (Mar 01)
Prestashop Cartium 1.3.3 Multiple Cross Site Scripting (XSS) Antonio S.M (Mar 02)
antonio_s_martino
Re: prestashop vuln: sql injection submitted to bugtraq () securityfocus com antonio_s_martino (Mar 01)
Asterisk Security Team
AST-2011-003: Asterisk Security Team (Mar 17)
AST-2011-004: Asterisk Security Team (Mar 17)
bugtraq
Re: Vulnerabilities in some SCADA server softwares bugtraq (Mar 24)
Casper . Dik
Re: Solaris 10 Port Stealing Vulnerability Casper . Dik (Mar 31)
cdx . security
BoutikOne Multiples SQL Injection Vulnerability cdx . security (Mar 14)
Chris O'Regan
RE: Solaris 10 Port Stealing Vulnerability Chris O'Regan (Mar 31)
Solaris 10 Port Stealing Vulnerability Chris O'Regan (Mar 29)
Christian Sciberras
Re: HTB22905: Path disclosure in Wordpress Christian Sciberras (Mar 30)
Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco Network Access Control Guest Server System Software Authentication Bypass Vulnerability Cisco Systems Product Security Incident Response Team (Mar 30)
Cisco Security Advisory: Cisco Secure Access Control System Unauthorized Password Change Vulnerability Cisco Systems Product Security Incident Response Team (Mar 30)
Deferral Announcement for the March 2011 Cisco IOS Software Security Advisories Cisco Systems Product Security Incident Response Team (Mar 17)
CJC
Re: Vulnerabilities in some SCADA server softwares CJC (Mar 24)
CORE Security Technologies Advisories
CORE-2011-0208: VLC Vulnerabilities handling .AMV and .NSV files CORE Security Technologies Advisories (Mar 23)
Crash
[DCA-2011-0001] TP-LINK TL-WR740N Multiple Vulnerabilities - Stored XSS - Web Console and Upnp server DoS Crash (Mar 04)
[DCA-2011-0004] - Trend WebReputation API Bypass Crash (Mar 14)
cseye_ut
"Simple PHP Newsletter" Remote Admin Password Change With install path cseye_ut (Mar 29)
"WESPA PHP Newsletter v3.0" Remote Admin Password Change With install path cseye_ut (Mar 29)
"WESPA PHP Newsletter v3.0" Remote Admin Password Change With install path cseye_ut (Mar 29)
"Simple PHP Newsletter" Remote Admin Password Change With install path cseye_ut (Mar 29)
cxib
vsftpd 2.3.2 remote denial-of-service cxib (Mar 01)
libzip 0.9.3 _zip_name_locate NULL Pointer Dereference (incl PHP 5.3.5) cxib (Mar 18)
david . daly
DataDynamics Report Library CoreHandler XSS david . daly (Mar 30)
ddivulnalert
DDIVRT-2010-30 Alcatel-Lucent OmniVista 4760 NMS 'lang' Directory Traversal Vulnerability [ CVE-2011-0345 ] ddivulnalert (Mar 01)
difficult-511
SnapProof (cart.php) Cross Site Scripting difficult-511 (Mar 01)
eidelweiss
Tugux CMS (nid) BLIND sql injection vulnerability eidelweiss (Mar 21)
CMS Balitbang 3.3 Arbitary File Upload Vulnerability eidelweiss (Mar 22)
Flavio do Carmo Junior aka waKKu
[DCA-2011-0003]: LMS Web Ensino - Multiple XSS, Session Fixation, CSRF and SQL Injection Flavio do Carmo Junior aka waKKu (Mar 04)
[DCA-2011-0002]: TOTVS ERP Microsiga Protheus - Users Enumeration Flavio do Carmo Junior aka waKKu (Mar 04)
Florian Weimer
[SECURITY] [DSA 2178-1] pango1.0 security update Florian Weimer (Mar 03)
[SECURITY] [DSA 2184-1] isc-dhcp security update Florian Weimer (Mar 06)
[SECURITY] [DSA 2182-1] logwatch security update Florian Weimer (Mar 06)
[SECURITY] [DSA 2208-1] bind9 security update Florian Weimer (Mar 31)
[SECURITY] [DSA 2181-1] subversion security update Florian Weimer (Mar 04)
[SECURITY] [DSA 2177-1] pywebdav security update Florian Weimer (Mar 03)
[SECURITY] [DSA 2197-1] quagga security update Florian Weimer (Mar 22)
[SECURITY] [DSA 2208-2] bind9 security update Florian Weimer (Mar 31)
[SECURITY] [DSA 2179-1] dtc security update Florian Weimer (Mar 03)
[SECURITY] [DSA 2205-1] gdm3 security update Florian Weimer (Mar 29)
Giuseppe Iuculano
[SECURITY] [DSA 2190-1] wordpress security update Giuseppe Iuculano (Mar 11)
[SECURITY] [DSA 2192-1] chromium-browser security update Giuseppe Iuculano (Mar 15)
[SECURITY] [DSA 2188-1] webkit security update Giuseppe Iuculano (Mar 10)
Hafez Kamal
[HITB-Announce] HITB Magazine Call for Articles Hafez Kamal (Mar 08)
Hector . x90
XSS vulnerability in Web Poll Pro Hector . x90 (Mar 21)
hfortier
RECON 2011 CFP hfortier (Mar 07)
irancrash
RecordPress Multiple Vulnerabilities irancrash (Mar 09)
Ivan Buetler
Swiss Cyber Storm 3 2011 Announcement Ivan Buetler (Mar 11)
Jamie Riden
Re: Vulnerabilities in some SCADA server softwares Jamie Riden (Mar 24)
Jamie Strandboge
[USN-1100-1] OpenLDAP vulnerabilities Jamie Strandboge (Mar 31)
[USN-1093-1] Linux Kernel vulnerabilities (Marvell Dove) Jamie Strandboge (Mar 28)
[USN-1050-1] Thunderbird vulnerabilities Jamie Strandboge (Mar 03)
[USN-1094-1] Libvirt vulnerability Jamie Strandboge (Mar 30)
[USN-1092-1] Linux Kernel vulnerabilities Jamie Strandboge (Mar 28)
Jim Harrison
RE: Vulnerabilities in some SCADA server softwares Jim Harrison (Mar 23)
RE: Vulnerabilities in some SCADA server softwares Jim Harrison (Mar 23)
john . doe
weechat does not properly use gnutls and allow an attacker to bypass certificate verification john . doe (Mar 01)
J. Oquendo
Re: Vulnerabilities in some SCADA server softwares J. Oquendo (Mar 22)
Re: Vulnerabilities in some SCADA server softwares J. Oquendo (Mar 23)
Re: Vulnerabilities in some SCADA server softwares J. Oquendo (Mar 23)
Re: Vulnerabilities in some SCADA server softwares J. Oquendo (Mar 24)
Kees Cook
[USN-1074-2] Linux kernel vulnerabilities Kees Cook (Mar 01)
[USN-1085-2] tiff regression Kees Cook (Mar 15)
[USN-1080-2] Linux kernel vulnerabilities Kees Cook (Mar 03)
[USN-1090-1] Linux kernel vulnerabilities Kees Cook (Mar 21)
[USN-1080-1] Linux kernel vulnerabilities Kees Cook (Mar 02)
[USN-1083-1] Linux kernel vulnerabilities Kees Cook (Mar 03)
[USN-1089-1] Linux kernel vulnerabilities Kees Cook (Mar 21)
[USN-1081-1] Linux kernel vulnerabilities Kees Cook (Mar 02)
[USN-1086-1] Linux kernel (EC2) vulnerabilities Kees Cook (Mar 09)
Kent Borg
Re: Vulnerabilities in some SCADA server softwares Kent Borg (Mar 23)
Re: Vulnerabilities in some SCADA server softwares Kent Borg (Mar 24)
kyprianos
AthCon 2011 Announcement kyprianos (Mar 09)
labs-no-reply
iDefense Security Advisory 03.01.11: Alcatel-Lucent OmniPCX Enterprise CS CGI Cookie Buffer Overflow Vulnerability labs-no-reply (Mar 03)
iDefense Security Advisory 03.21.11: Apple OfficeImport Framework Excel Memory Corruption Vulnerability labs-no-reply (Mar 22)
iDefense Security Advisory 03.02.11: Apple CoreGraphics Library Heap Memory Corruption Vulnerability labs-no-reply (Mar 03)
Laurent OUDOT at TEHTRI-Security
[TEHTRI-Security] Security and iPhone iOS 4.3 Personal Hotspot feature Laurent OUDOT at TEHTRI-Security (Mar 07)
[TEHTRI-Security] Quick BlackBerry Security Check Laurent OUDOT at TEHTRI-Security (Mar 17)
lazyest
Re: HTB22874: Path disclosure in Lazyest Gallery wordpress plugin lazyest (Mar 11)
Re: HTB22875: XSS in Lazyest Gallery wordpress plugin lazyest (Mar 10)
Lists
Wordpress plugin BackWPup Remote and Local Code Execution Vulnerability - SOS-11-003 Lists (Mar 28)
Luigi Auriemma
Re: Vulnerabilities in some SCADA server softwares Luigi Auriemma (Mar 23)
Re: Vulnerabilities in some SCADA server softwares Luigi Auriemma (Mar 22)
Heap overflow in RealPlayer 14.0.1.633 Luigi Auriemma (Mar 21)
Vulnerabilities in some SCADA server softwares Luigi Auriemma (Mar 21)
Major Malfunction
DC4420 - London DEFCON - March meet - Tuesday 22nd March 2011 Major Malfunction (Mar 11)
Marc Deslauriers
[USN-1095-1] Quagga vulnerabilities Marc Deslauriers (Mar 30)
[USN-1082-1] Pango vulnerabilities Marc Deslauriers (Mar 02)
[USN-1085-1] tiff vulnerabilities Marc Deslauriers (Mar 07)
[USN-1084-1] avahi vulnerability Marc Deslauriers (Mar 07)
[USN-1096-1] Subversion vulnerability Marc Deslauriers (Mar 30)
[USN-1097-1] Tomcat vulnerabilities Marc Deslauriers (Mar 30)
[USN-1098-1] vsftpd vulnerability Marc Deslauriers (Mar 30)
Mark Stanislav
'Andy's PHP Knowledgebase' SQL Injection Vulnerability (CVE-2011-1546) Mark Stanislav (Mar 31)
'Quick Polls' Local File Inclusion & Deletion Vulnerabilities (CVE-2011-1099) Mark Stanislav (Mar 06)
Mark Thomas
[SECURITY] CVE-2011-1088 Apache Tomcat security constraint bypass Mark Thomas (Mar 15)
Martin Schulze
[SECURITY] [DSA 2206-1] New mahara packages fix several vulnerabilities Martin Schulze (Mar 30)
Micah Gersten
[USN-1091-1] Firefox and Xulrunner vulnerabilities Micah Gersten (Mar 25)
[USN-1087-1] libvpx vulnerability Micah Gersten (Mar 14)
Michal Zalewski
Re: Vulnerabilities in some SCADA server softwares Michal Zalewski (Mar 23)
Re: Vulnerabilities in some SCADA server softwares Michal Zalewski (Mar 24)
Re: Vulnerabilities in some SCADA server softwares Michal Zalewski (Mar 23)
Michele Orru
[AntiSnatchOr] OpenCMS <= 7.5.3 multiple vulnerabilities Michele Orru (Mar 28)
Michele Spagnuolo
XSS in CubeCart <= 2.0.7 Michele Spagnuolo (Mar 06)
mike
Re: Prestashop Cartium 1.3.3 Multiple Cross Site Scripting (XSS) mike (Mar 03)
Re: Re: HTB22905: Path disclosure in Wordpress mike (Mar 31)
Mike Hoskins
Re: Vulnerabilities in some SCADA server softwares Mike Hoskins (Mar 23)
Moritz Muehlenhoff
[SECURITY] [DSA 2203-1] nss security update Moritz Muehlenhoff (Mar 28)
[SECURITY] [DSA 2200-1] iceweasel security update Moritz Muehlenhoff (Mar 24)
[SECURITY] [DSA 2175-1] samba security update Moritz Muehlenhoff (Mar 01)
[SECURITY] [DSA 2186-1] iceweasel security update Moritz Muehlenhoff (Mar 10)
[SECURITY] [DSA 2207-1] tomcat5.5 security update Moritz Muehlenhoff (Mar 30)
[SECURITY] [DSA 2186-2] vimperator regression fix Moritz Muehlenhoff (Mar 18)
[SECURITY] [DSA 2187-1] icedove security update Moritz Muehlenhoff (Mar 10)
[SECURITY] [DSA 2176-1] cups security update Moritz Muehlenhoff (Mar 02)
[SECURITY] [DSA 2180-1] iceape security update Moritz Muehlenhoff (Mar 04)
[SECURITY] [DSA 2201-1] wireshark security update Moritz Muehlenhoff (Mar 24)
[SECURITY] [DSA 2199-1] iceape security update Moritz Muehlenhoff (Mar 24)
[SECURITY] [DSA 2191-1] proftpd security update Moritz Muehlenhoff (Mar 14)
Moritz Mühlenhoff
[SECURITY] [DSA 2185-1] proftpd-dfsg security update Moritz Mühlenhoff (Mar 09)
Netsparker Advisories
XSS Vulnerability in Tracks 1.7.2 Netsparker Advisories (Mar 29)
Nico Golde
[SECURITY] [DSA 2198-1] tex-common security update Nico Golde (Mar 23)
np
Unidesk ReportingService Forceful Browsing Vulnerability np (Mar 28)
NSO Research
NSOADV-2011-003: Majordomo2 'help' Command Directory Traversal (Patch Bypass) NSO Research (Mar 09)
NSOADV-2011-001: Symantec LiveUpdate Administrator CSRF vulnerability NSO Research (Mar 22)
Patrick Kelley
Re: HTB22905: Path disclosure in Wordpress Patrick Kelley (Mar 30)
Re: "Simple PHP Newsletter" Remote Admin Password Change With install path Patrick Kelley (Mar 30)
Re: HTB22905: Path disclosure in Wordpress Patrick Kelley (Mar 30)
paul . szabo
XSS in Oracle default fcgi-bin/echo paul . szabo (Mar 23)
Pavel Kankovsky
Re: Vulnerabilities in some SCADA server softwares Pavel Kankovsky (Mar 24)
Per Thorsheim
Call for Papers: Passwords^11 Per Thorsheim (Mar 10)
Raphael Geissert
[SECURITY] [DSA 2183-1] nbd security update Raphael Geissert (Mar 06)
[SECURITY] [DSA 2195-1] php5 security update Raphael Geissert (Mar 21)
[SECURITY] [DSA 2196-1] maradns security update Raphael Geissert (Mar 21)
RedTeam Pentesting GmbH
[RT-SA-2011-002] SugarCRM list privilege restriction bypass RedTeam Pentesting GmbH (Mar 15)
[RT-SA-2011-001] nostromo nhttpd directory traversal leading to arbitrary command execution RedTeam Pentesting GmbH (Mar 15)
Research@NGSSecure
NGS00051 Patch Notification: Cisco VPN Client Privilege Escalation Research@NGSSecure (Mar 25)
NGS00052 Patch Notification: Apple Mac OS X Image RAW Multiple Buffer Overflows Research@NGSSecure (Mar 22)
NGS00016 Technical Advisory: Immunity Debugger Buffer Overflow Research@NGSSecure (Mar 22)
NGS00057 Patch Notification: Apple Mac OS X ImageIO Integer Overflow Research@NGSSecure (Mar 22)
NGS00014 Technical Advisory: Cisco IPSec VPN Implementation Group Name Enumeration Research@NGSSecure (Mar 22)
Reversemode
SCADA Trojans: Attacking the Grid + Advantech vulnerabilities Reversemode (Mar 23)
R Michael Williams
Re: Vulnerabilities in some SCADA server softwares R Michael Williams (Mar 23)
Rodrigo Escobar
[DCA-2011-0006] Hiawatha 7.4 - Denial-of-Service Rodrigo Escobar (Mar 06)
[DCA-2011-0009] Weborf 0.12.4 Denial-of-Service Rodrigo Escobar (Mar 06)
[DCA-2011-0007] Air Contacts Lite (iPhone / iPod App Denial Of Service) Rodrigo Escobar (Mar 10)
root
SimplisCMS 1.0.3.0 Remote File Disclosure Vulnerability root (Mar 28)
PhotoPost PHP 4.8c (showgallery.php) Cross Site Scripting Root (Mar 02)
CubeCart 2.0.6 SQL injection / Cross Site Scripting Root (Mar 02)
VidiScript (index.php) Cross Site Scripting Root (Mar 02)
SimplisCMS 1.0.3.0 SQL injection / Cross Site Scripting root (Mar 28)
security
[ MDVSA-2011:048 ] krb5 security (Mar 18)
[ MDVSA-2011:045 ] postfix security (Mar 16)
[ MDVSA-2011:055 ] openldap security (Mar 30)
[ MDVSA-2011:043 ] libtiff security (Mar 08)
[ MDVSA-2011:041 ] firefox security (Mar 06)
[ MDVSA-2011:054 ] java-1.6.0-openjdk security (Mar 28)
[ MDVSA-2011:049 ] vsftpd security (Mar 21)
[ MDVSA-2011:044 ] wireshark security (Mar 09)
[ MDVSA-2011:040 ] pango security (Mar 03)
[ MDVSA-2011:046 ] pure-ftpd security (Mar 17)
[ MDVSA-2011:051 ] kernel security (Mar 21)
[ MDVSA-2011:047 ] proftpd security (Mar 18)
[ MDVSA-2011:050 ] pidgin security (Mar 21)
[ MDVSA-2011:053 ] php security (Mar 23)
[ MDVSA-2011:042 ] mozilla-thunderbird security (Mar 07)
[ MDVSA-2011:039 ] webkit security (Mar 02)
[ MDVSA-2011:052 ] php security (Mar 23)
[ MDVSA-2011:056 ] openldap security (Mar 30)
Security_Alert
ESA-2011-010: EMC Data Protection Advisor Collector arbitrary code execution with elevated privileges vulnerability Security_Alert (Mar 25)
ESA-2011-009: RSA, The Security Division of EMC, announces a fix for potential security vulnerability in RSA Access Manager Server Security_Alert (Mar 15)
ESA-2011-007: EMC Avamar sensitive information disclosure vulnerability Security_Alert (Mar 15)
ESA-2011-012: Security update for EMC NetWorker Module for Microsoft Applications Security_Alert (Mar 30)
ESA-2011-006: EMC Avamar privilege escalation vulnerability Security_Alert (Mar 15)
security-alert
[security bulletin] HPSBUX02638 SSRT100339 rev.1 - HP-UX Running OpenSSL, Remote Execution of Arbitrary Code, Denial of Service (DoS), Authentication Bypass security-alert (Mar 03)
[security bulletin] HPSBMA02644 SSRT100284 rev.1 - HP Client Automation Enterprise (HPCA) Running on Windows, Remote Execution of Arbitrary Code security-alert (Mar 14)
[security bulletin] HPSBMA02649 SSRT100430 rev.1 - HP Diagnostics, Remote Cross Site Scripting (XSS) security-alert (Mar 28)
[security bulletin] HPSBUX02641 SSRT100412 rev.1 - HP OpenView Network Node Manager (OV NNM) for HP-UX, Linux, Solaris, and Windows running Java, Remote Denial of Service (DoS) security-alert (Mar 08)
[security bulletin] HPSBUX02633 SSRT100387 rev.1 - HP-UX running Java, Remote Denial of Service (DoS) security-alert (Mar 01)
[security bulletin] HPSBPI02640 SSRT100410 rev.1 - HP MFP Digital Sending Software Running on Windows, Authentication Bypass security-alert (Mar 03)
[security bulletin] HPSBMA02629 SSRT100381 rev.3 - HP Power Manager (HPPM) Running on Linux and Windows, Cross Site Request Forgery (CSRF), Cross Site Scripting (XSS) security-alert (Mar 10)
[security bulletin] HPSBMA02647 SSRT100383 rev.1 - HP Discovery & Dependency Mapping Inventory (DDMI) Running on Windows, Insecure SNMP Configuration security-alert (Mar 22)
Serguei A. Mokhov on behalf of PST-11
Privacy, Security, Trust (PST 2011) - 2nd Call for Papers (Deadline: March 20) Serguei A. Mokhov on behalf of PST-11 (Mar 14)
Privacy, Security, Trust (PST 2011) - Call for Papers (EXTENDED Deadline: April 3, 2011) Serguei A. Mokhov on behalf of PST-11 (Mar 21)
Simple Nomad
Re: Vulnerabilities in some SCADA server softwares Simple Nomad (Mar 24)
Re: Vulnerabilities in some SCADA server softwares Simple Nomad (Mar 23)
sschurtz
Cross-Site Scripting vulnerabilities in Icinga sschurtz (Mar 08)
Re: Cross-Site Scripting vulnerability in Nagios sschurtz (Mar 10)
Cross-Site Scripting vulnerability in Nagios sschurtz (Mar 10)
Stefan Fritsch
[SECURITY] [DSA 2202-1] apache2 security update Stefan Fritsch (Mar 24)
Steffen Joeris
[SECURITY] [DSA 2204-1] imp4 security update Steffen Joeris (Mar 28)
Steve Beattie
[USN-1079-2] OpenJDK 6 vulnerabilities Steve Beattie (Mar 15)
[USN-1079-1] OpenJDK 6 vulnerabilities Steve Beattie (Mar 01)
[USN-1078-1] Logwatch vulnerability Steve Beattie (Mar 01)
[USN-1099-1] GDM vulnerability Steve Beattie (Mar 31)
[USN-1079-3] OpenJDK 6 vulnerabilities Steve Beattie (Mar 17)
[USN-1088-1] Kerberos vulnerability Steve Beattie (Mar 15)
support
Douran Portal File Download/Source Code Disclosure Vulnerability support (Mar 21)
Theo de Raadt
Re: Vulnerabilities in some SCADA server softwares Theo de Raadt (Mar 23)
Re: Vulnerabilities in some SCADA server softwares Theo de Raadt (Mar 23)
Thierry Zoller
Checkpoint VPN - Priviledge Escalation Thierry Zoller (Mar 14)
Thijs Kinkhorst
[SECURITY] [DSA 2163-2] dajaxice regression fix Thijs Kinkhorst (Mar 01)
[SECURITY] [DSA 2194-1] libvirt security update Thijs Kinkhorst (Mar 18)
[SECURITY] [DSA 2193-1] libcgroup security update Thijs Kinkhorst (Mar 17)
Tim Brown
Medium severity flaw in QNX Neutrino RTOS Tim Brown (Mar 11)
Timo Warns
[PRE-SA-2011-02] Information disclosure vulnerability in the OSF partition handling code of the Linux kernel Timo Warns (Mar 17)
Tom Yu
MITKRB5-SA-2011-003 [CVE-2011-0284] KDC double-free when PKINIT enabled Tom Yu (Mar 15)
Travis Lee
Mutare Software EVM - CSRF and XSS Vulnerabilities Travis Lee (Mar 06)
Vladimir '3APA3A' Dubrovin
Re: Buffer overflow in libtiff in Imagemagick Vladimir '3APA3A' Dubrovin (Mar 23)
VMware Security Team
VMSA-2011-0005 VMware vCenter Orchestrator remote code execution vulnerability VMware Security Team (Mar 15)
VMSA-2011-0006 VMware vmrun utility local privilege escalation VMware Security Team (Mar 30)
VMSA-2011-0004 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm. VMware Security Team (Mar 08)
VSR Advisories
Apple HFS+ Information Disclosure Vulnerability VSR Advisories (Mar 22)
vulns
InSite Troubleshooting Cross-Site Scripting vulns (Mar 07)
Kodak InSite Login Page Cross-Site Scripting vulns (Mar 07)
VUPEN Security Research
VUPEN Security Research - Apple Safari WebKit Block Dimensions Handling Integer Overflow VUPEN Security Research (Mar 14)
VUPEN Security Research - Apple Safari WebKit Iframe Event Handling Remote Use-after-free VUPEN Security Research (Mar 14)
VUPEN Security Research - Apple Safari WebKit Scroll Event Handling Remote Use-after-free VUPEN Security Research (Mar 14)
Wietse Venema
Plaintext injection in STARTTLS (multiple implementations) Wietse Venema (Mar 07)
Willy Tarreau
Re: Vulnerabilities in some SCADA server softwares Willy Tarreau (Mar 25)
YGN Ethical Hacker Group
PHP-Nuke 8.x <= Cross Site Request Forgery (CSRF) / Anti-CSRF Bypass Vulnerability YGN Ethical Hacker Group (Mar 23)
Joomla! 1.6.0 | Information Disclosure/Full Path Disclosure Vulnerability YGN Ethical Hacker Group (Mar 23)
bbPress 1.0.2 <= Cross Site Scripting Vulnerability YGN Ethical Hacker Group (Mar 14)
Parallels Plesk 7.0 - 8.2 | Open URL Redirection Vulnerability YGN Ethical Hacker Group (Mar 25)
Joomla! 1.6.0 | SQL Injection Vulnerability YGN Ethical Hacker Group (Mar 14)
PHP-Nuke 8.x <= Cross Site Scripting Vulnerability YGN Ethical Hacker Group (Mar 23)
XOOPS 2.5.0 <= Cross Site Scripting Vulnerability YGN Ethical Hacker Group (Mar 18)
PHP-Nuke 8.x <= "chng_uid" Blind SQL Injection Vulnerability YGN Ethical Hacker Group (Mar 23)
Joomla! 1.6.0 | Cross Site Scripting (XSS) Vulnerability YGN Ethical Hacker Group (Mar 14)
ZDI Disclosures
ZDI-11-095: Apple Webkit Error Message Mutation Remote Code Execution Vulnerability ZDI Disclosures (Mar 03)
ZDI-11-101: Apple iPhone Webkit Library Javascript Array sort Method Remote Code Execution Vulnerability ZDI Disclosures (Mar 03)
ZDI-11-105: Hewlett-Packard Client Automation radexecd.exe Remote Code Execution Vulnerability ZDI Disclosures (Mar 21)
ZDI-11-102: PostgreSQL Plus Advanced Server DBA Management Server Remote Authentication Bypass Vulnerability ZDI Disclosures (Mar 03)
ZDI-11-094: (0 day) Hewlett-Packard StorageWorks File Migration Agent Remote Archive Tampering Vulnerability ZDI Disclosures (Mar 01)
ZDI-11-112: (0 day) Hewlett-Packard Data Protector Media Operations DBServer.exe Remote Code Execution Vulnerability ZDI Disclosures (Mar 23)
ZDI-11-113: Zend Server Java Bridge Design Flaw Remote Code Execution Vulnerability ZDI Disclosures (Mar 28)
ZDI-11-109: (Pwn2Own) Apple Safari OfficeArtBlip Parsing Remote Code Execution Vulnerability ZDI Disclosures (Mar 22)
ZDI-11-103: Mozilla Firefox JSON.stringify Dangling Pointer Remote Code Execution Vulnerability ZDI Disclosures (Mar 03)
ZDI-11-106: Novell Netware NWFTPD.NLM DELE Remote Code Execution Vulnerability ZDI Disclosures (Mar 21)
ZDI-11-096: Apple Safari WebKit Range Object Remote Code Execution Vulnerability ZDI Disclosures (Mar 03)
ZDI-11-100: Apple Webkit Root HTMLBRElement Style Remote Code Execution Vulnerability ZDI Disclosures (Mar 03)
ZDI-11-098: Apple Safari Webkit Runin Box Promotion Remote Code Execution Vulnerability ZDI Disclosures (Mar 03)
ZDI-11-110: (0day) IBM Lotus Domino Server Controller Authentication Bypass Remote Code Execution Vulnerability ZDI Disclosures (Mar 23)
ZDI-11-111: (0Day) Hewlett-Packard Virtual SAN Appliance hydra.exe Login Request Remote Code Execution Vulnerability ZDI Disclosures (Mar 23)
ZDI-11-107: Libtiff ThunderCode Decoder THUNDER_2BITDELTAS Remote Code Execution Vulnerability ZDI Disclosures (Mar 22)
ZDI-11-108: Mac OS X Compact Font Format Decoder Remote Code Execution Vulnerability ZDI Disclosures (Mar 22)
ZDI-11-097: Apple Webkit setOuterText Memory Corruption Remote Code Execution Vulnerability ZDI Disclosures (Mar 03)
ZDI-11-099: Apple Webkit Font Glyph Layout Remote Code Execution Vulnerability ZDI Disclosures (Mar 03)
zgmzgm
Buffer overflow in libtiff in Imagemagick zgmzgm (Mar 21)