Bugtraq: by date

• RSS Feed
• About List
• All Lists

Previous period

Next period

198 messages starting Sep 01 11 and ending Sep 30 11
Date index | Thread index | Author index

Thursday, 01 September

ZDI-11-277: Apple QuickTime 3g2 'mp4v' atom size Remote Code Execution Vulnerability ZDI Disclosures
[security bulletin] HPSBUX02700 SSRT100506 rev.1 - HP-UX running VEA, Remote Denial of Service (DoS), Execution of Arbitrary Code security-alert
Secunia Research: InduSoft ISSymbol ActiveX Control Buffer Overflow Vulnerabilities Secunia Research
Sana Net (viewpages.php?id) Remote SQL injection Vulnerability ehsan_hp200
More on IPv6 RA-Guard evasion (IPv6 security) Fernando Gont
Re: [Full-disclosure] HP A-series switches are affected, too. [WAS: More on IPv6 RA-Guard evasion (IPv6 security)] Dan Luedtke
Re: [Full-disclosure] HP A-series switches are affected, too. [WAS: More on IPv6 RA-Guard evasion (IPv6 security)] Fernando Gont
Re: [Full-disclosure] HP A-series switches are affected, too. [WAS: More on IPv6 RA-Guard evasion (IPv6 security)] Dan Luedtke
Re: [Full-disclosure] HP A-series switches are affected, too. [WAS: More on IPv6 RA-Guard evasion (IPv6 security)] Marc Heuse
Re: [Full-disclosure] HP A-series switches are affected, too. [WAS: More on IPv6 RA-Guard evasion (IPv6 security)] Fernando Gont
Fulci (prodotto.php?id) Remote SQL injection Vulnerability ehsan_hp200
Olonet (prodotto.php?idproduct) Remote SQL injection Vulnerability ehsan_hp200

Monday, 05 September

Vulnerabilities in BroadWin WebAccess Client 1.0.0.10 Luigi Auriemma
ITTWeb Remote SQL injection Vulnerability ehsan_hp200
[PT-2011-19] SQL injection vulnerability in Help Request System noreply
KnFTPd v1.0.0 Multiple Command Remote Buffer Overflow liuqx
PMCMA: Post Memory Corruption Memory Analysis Jonathan Brossard
Studio Linea (prodotto.php?id) Remote SQL injection Vulnerability ehsan_hp200
ph5gruppo (prodotto.php?id) Remote SQL injection Vulnerability ehsan_hp200

Tuesday, 06 September

Virtualismi (prodotto.php?id) Cross Site Scripting Vulnerabilities ehsan_hp200
Loop (ricetta.php?id) Remote SQL injection Vulnerability ehsan_hp200
Manifattura Web (prodotto.php?id) Remote SQL injection Vulnerability ehsan_hp200
XSS Ebuddy (responsible disclosure) Rener Silva
ZDI-11-278: Novell Cloud Manager Insufficient Framework User Validation Vulnerability ZDI Disclosures
ZDI-11-279: (0day) Witness Systems eQuality Unify Remote Code Execution Vulnerability ZDI Disclosures
[ MDVSA-2011:129 ] mozilla security
Editel (news-dettaglio.php?id) Remote SQL injection Vulnerability ehsan_hp200
BvCom (dettaglio.php?idnews) Remote SQL injection Vulnerability ehsan_hp200
WSTAFF Remote SQL injection Vulnerability ehsan_hp200
MaiNick (ricetta.php?id) Remote SQL injection Vulnerability ehsan_hp200
Abarkam (detail.php?input) Remote SQL injection Vulnerability ehsan_hp200
TTW (ricetta.php?id) Remote SQL injection Vulnerability ehsan_hp200
Pranian Group e107 Cross Site Scripting Vulnerabilities ehsan_hp200
Extended submission deadline for: The 6th International Conference for Internet Technology and Secured Transactions (ICITST-2011)! Call for papers
t2′11 Challenge to be released 2011-09-10 10:00 EEST Tomi Tuominen
[ MDVSA-2011:130 ] apache security
[ MDVSA-2011:131 ] libxml security
Multiple vulnerabilities in MantisBT advisory
[Announcement] ClubHack Mag Issue 20- September 2011 Released abhijeet
[SECURITY] [DSA 2298-2] apache2 regression fix Stefan Fritsch
[SECURITY] [DSA 2300-2] nss security update Thijs Kinkhorst
[SECURITY] [DSA 2301-1] rails security update Luciano Bello
[ MDVSA-2011:132 ] pidgin security
openvas 2.x race condition Bugs NotHugs

Wednesday, 07 September

Windows server 2008 R1 local DoS Aliz 'Randomdude'
[slackware-security] mozilla-firefox (SSA:2011-249-01) Slackware Security Team
[slackware-security] seamonkey (SSA:2011-249-03) Slackware Security Team
[slackware-security] mozilla-thunderbird (SSA:2011-249-02) Slackware Security Team
Arbitrary File Upload in '1 Flash Gallery' Wordpress Plugin supernothing
Embarcadero ER/Studio XE2 Server Portal Tom Sawyer's Default GET Extension Factory ActiveX Control Remote Code Execution nospam
XSS in Zikula advisory
Cisco Security Advisory: Cisco Nexus 5000 and 3000 Series Switches Access Control List Bypass Vulnerability Cisco Systems Product Security Incident Response Team

Thursday, 08 September

OWASP AppSec USA 2011 - Two Weeks Away Adam Baso
[ MDVSA-2011:133 ] mozilla security
[SECURITY] [DSA 2302-1] bcfg2 security update Nico Golde
Multiple XSS vulnerabilities in LightNEasy 3.2.4 sschurtz
[security bulletin] HPSBUX02702 SSRT100606 rev.1 - HP-UX Apache Web Server, Remote Denial of Service (DoS) security-alert

Friday, 09 September

[SECURITY] [DSA 2303-1] linux-2.6 security update dann frazier
[security bulletin] HPSBUX02702 SSRT100606 rev.2 - HP-UX Apache Web Server, Remote Denial of Service (DoS) security-alert
28C3: CFP for 28th Chaos Communication Congress fukami
Disassembling .NET Client Challenge Ivan Buetler
CVE-2011-2730: Spring Framework Information Disclosure s2-security
CVE-2011-2732: Spring Security header injection vulnerability s2-security
CVE-2011-2894: Spring Framework and Spring Security serialization-based remoting vulnerabilities s2-security
CVE-2011-2731: Spring Security privilege escalation when using RunAsManager s2-security
[ MDVSA-2011:134 ] rsyslog security
[slackware-security] httpd (SSA:2011-252-01) Slackware Security Team
APPLE-SA-2011-09-09-1 Security Update 2011-005 Apple Product Security

Monday, 12 September

[SECURITY] [DSA 2303-2] New linux-2.6 packages fix regression dann frazier
[SECURITY] [DSA 2306-1] ffmpeg security update Giuseppe Iuculano
[SECURITY] [DSA 2307-1] chromium-browser security update Giuseppe Iuculano
[SECURITY] [DSA 2304-1] squid3 security update Nico Golde
[Announcement] ClubHack Magazine - Call for Articles abhijeet
[NTMS 2012] Call for Papers, Istanbul- Turkey, 7 - 10 May 2012 mbadra
Multiple XSS vulnerabilities in CMS Papoo Light Version sschurtz
ESA-2011-018: Domain administration privilege enforcement bypass in EMC Avamar Security_Alert
[SECURITY] [DSA 2308-1] mantis security update Moritz Muehlenhoff

Tuesday, 13 September

Advisory for MS11-035 / ZDI-11-167 Luigi Auriemma
XSS vulnerability in FortiMail Messaging Security Appliance sschurtz
Vulnerabilities in trading and SCADA softwares Luigi Auriemma
[security bulletin] HPSBMU02703 SSRT100242 rev.1 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Denial of Service (DoS), Unauthorized Disclosure of Information, Unauthorized Modification security-alert
Seeker Advisory Sep11: Reflected Cross Site Scripting in Microsoft SharePoint Portal Irene Abezgauz

Wednesday, 14 September

iDefense Security Advisory 09.13.11: Microsoft Excel Record Memory Corruption Vulnerability labs-no-reply
iDefense Security Advisory 09.13.11: Microsoft Excel Record Integer Signedness Vulnerability labs-no-reply
iDefense Security Advisory 09.13.11: Microsoft Excel Record Memory Corruption Vulnerability labs-no-reply
iDefense Security Advisory 09.13.11: Adobe Reader and Acrobat JPEG Processing Use After Free Vulnerability labs-no-reply
[SECURITY] [DSA 2309-1] openssl security update Raphael Geissert
Colasoft Capsa7.2.1 Malformed SNMP Packet Denial of Service vuln
Seeker Advisory Sep11: Insecure Redirect in Microsoft SharePoint Portal Irene Abezgauz
Multiple vulnerabilities in SiT! Support Incident Tracker advisory
Re: Vulnerabilities in trading and SCADA softwares fergal . cassidy
VUPEN Security Research - Adobe Acrobat and Reader TIFF BitsPerSample Heap Overflow Vulnerability VUPEN Security Research
VUPEN Security Research - Adobe Acrobat and Reader Picture Dimensions Heap Overflow Vulnerability VUPEN Security Research
VUPEN Security Research - Adobe Acrobat and Reader IFF Processing Heap Overflow Vulnerability VUPEN Security Research
VUPEN Security Research - Adobe Acrobat and Reader PCX Processing Heap Overflow Vulnerability VUPEN Security Research
VUPEN Security Research - Adobe Acrobat and Reader BMP Dimensions Heap Overflow Vulnerability VUPEN Security Research
VUPEN Security Research - Adobe Acrobat and Reader Picture Processing Stack Overflow Vulnerability VUPEN Security Research
Invitation to Register and Participate in the Entretiens Jacques Cartier (EJC) Colloquium on IT Security, Cyber Forensics and Combating Cybercrime Serguei A. Mokhov (on behalf of EJC2011SecForensics-11)

Thursday, 15 September

ESA-2011-029: Buffer overflow vulnerability in multiple EMC Ionix products Security_Alert
Cisco Security Advisory: CiscoWorks LAN Management Solution Remote Code Execution Vulnerabilities Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco Unified Service Monitor and Cisco Unified Operations Manager Remote Code Execution Vulnerabilities Cisco Systems Product Security Incident Response Team
Re: Vulnerabilities in trading and SCADA softwares Jeffrey Walton
CORE-2011-0506 - Multiples Vulnerabilities in ManageEngine ServiceDesk Plus CORE Security Technologies Advisories
Nortel Contact Recording Centralized Archive 6.5.1 EyrAPIConfiguration getSubKeys() Remote SQL Injection Exploit nospam
XEE vulnerabilities in SharePoint (MS11-074) and DotNetNuke Nicolas Grégoire
Microsoft's Binary Planting Clean-Up Mission ACROS Security Lists
[Onapsis Security Advisory 2011-014] SAP WebAS Remote Denial of Service Onapsis Research Labs
[Onapsis Security Advisory 2011-015] SAP WebAS webrfc Cross-Site Scripting Onapsis Research Labs
[Onapsis Security Advisory 2011-016] SAP WebAS Malicious SAP Shortcut Generation Onapsis Research Labs

Friday, 16 September

RE: [Full-disclosure] Microsoft's Binary Planting Clean-Up Mission Thor (Hammer of God)
RE: [Full-disclosure] Microsoft's Binary Planting Clean-Up Mission ACROS Security Lists
RE: [Full-disclosure] Microsoft's Binary Planting Clean-Up Mission ACROS Security Lists
RE: [Full-disclosure] Microsoft's Binary Planting Clean-Up Mission Thor (Hammer of God)
RE: [Full-disclosure] Microsoft's Binary Planting Clean-Up Mission ACROS Security Lists
RE: [Full-disclosure] Microsoft's Binary Planting Clean-Up Mission ACROS Security Lists
CFP for first independent international Security Conference in Russia - ZeroNights (by Defcon-Russia) Alexandr Polyakov
[DSECRG-11-033] SAP Crystal Report Server pubDBLogon - Linked ХSS vulnerability (by ERPScan) Alexandr Polyakov
[DSECRG-11-032] SAP NetWeaver ipcpricing - information disclose (by ERPScan) Alexandr Polyakov
Re: [Full-disclosure] Microsoft's Binary Planting Clean-Up Mission Jeffrey Walton

Monday, 19 September

[ MDVSA-2011:133-1 ] mozilla security
[ MDVSA-2011:132-1 ] pidgin security
[ MDVSA-2011:134-1 ] rsyslog security
[ MDVSA-2011:130-1 ] apache security
[SECURITY] [DSA 2305-1] vsftpd security update Nico Golde
Cisco TelePresence Multiple Vulnerabilities - SOS-11-010 Lists
VUPEN Security Research - Microsoft Office Excel Formula Record Heap Corruption Vulnerability VUPEN Security Research
[security bulletin] HPSBMU02705 SSRT100622 rev.1 - HP Business Service Automation (BSA) Essentials, Remote Execution of Arbitrary Code security-alert

Tuesday, 20 September

NETGEAR Wireless Cable Modem Gateway Auth Bypass and CSRF - SOS-11-011 Lists
Advisory: Opera Mobile Cache Poisoning XAS Roee Hay
Advisory: Dolphin Browser HD Cross-Application Scripting Roee Hay

Wednesday, 21 September

NGS00099 Patch Notification: Vulnerable SUID script in (nomachine) NX Server for Linux Research@NGSSecure
Multiple vulnerabilities in Help Desk Software advisory
Trusteer Rapport and anti-keylogging mu-b
IPv6 security presentation at Hack.lu 2011 Fernando Gont

Friday, 23 September

Re: NGS00099 Patch Notification: Vulnerable SUID script in (nomachine) NX Server for Linux Tavis Ormandy
[security bulletin] HPSBOV02497 SSRT090245 rev.4 - HP TCP/IP Services for OpenVMS Running NTP, Remote Execution of Arbitrary Code, Denial of Service (DoS) security-alert
[ MDVSA-2011:135 ] iproute2 security
Vulnerabilities in Sunway ForceControl 6.1 sp3 (SCADA) Luigi Auriemma
[SECURITY] [DSA 2310-1] linux-2.6 security update dann frazier
secureURL.php design flaws Boldizsar Bencsath
TLS/SSL Compatibility Report 2011 Thierry Zoller
XSS Vulnerabilities in TWiki < 5.1.0 Netsparker Advisories
Security issue is_a function in PHP 5.3.7+ cipri

Monday, 26 September

TWSL2011-014: Vulnerability in Pantech Web Browser SSL Implementation Trustwave Advisories
TWSL2011-013: Multiple Vulnerabilities in IceWarp Mail Server Trustwave Advisories
Hackito Ergo Sum 2012 dates Philippe Langlois
PunBB 1.3.6 bug Amir
Serendipity freetag plugin 'serendipity[tagview]' Cross-Site Scripting vulnerability sschurtz
Advanced Electron Forums (AEF) 1.0.9 <= Cross Site Request Forgery (CSRF) Vulnerability YGN Ethical Hacker Group
AdaptCMS 2.0.1 Multiple security vulnerabilities sschurtz
[CVE-2011-3645] Multiple vulnerability in Newgen's Omnidocs sohil_garg
[SECURITY] CVE-2011-1184 Apache Tomcat - Multiple weaknesses in HTTP DIGEST authentication Mark Thomas
Vulnerability found in Flynax Classifieds products Nasel Pentest

Tuesday, 27 September

Re: PunBB 1.3.6 bug Henri Salo
[security bulletin] HPSBUX02702 SSRT100606 rev.4 - HP-UX Apache Web Server, Remote Denial of Service (DoS) security-alert
openEngine 2.0 'id' Blind SQL Injection vulnerability sschurtz
NGS00109 Patch Notification: ImpressPages CMS Remote code execution Research@NGSSecure
Secunia Research: Novell GroupWise Internet Agent "TZNAME" Parsing Vulnerability Secunia Research
Secunia Research: Novell GroupWise Internet Agent HTTP Interface Buffer Overflow Secunia Research
iDefense Security Advisory 09.26.11: Novell GroupWise iCal TZNAME Heap Overflow Vulnerability labs-no-reply

Wednesday, 28 September

[SECURITY] [DSA 2311-1] openjdk-6 security update Florian Weimer
European Security Services GPS v1.0 - Multiple Vulnerabilities research () vulnerability-lab com
Barracuda Backup v2.0 - Multiple Web Vulnerabilities research () vulnerability-lab com
VUPEN Security Research - Novell GroupWise "TZNAME" Remote Buffer Overflow Vulnerability VUPEN Security Research
VUPEN Security Research - Novell GroupWise "BYWEEKNO" Remote Memory Corruption Vulnerability VUPEN Security Research
VUPEN Security Research - Novell GroupWise "integerList" Remote Buffer Overflow Vulnerability VUPEN Security Research
FreeBSD Security Advisory FreeBSD-SA-11:03.bind FreeBSD Security Advisories
FreeBSD Security Advisory FreeBSD-SA-11:04.compress FreeBSD Security Advisories
FreeBSD Security Advisory FreeBSD-SA-11:05.unix FreeBSD Security Advisories
VUPEN Security Research - Novell GroupWise "RRULE" Remote Buffer Overflow Vulnerability VUPEN Security Research
Vulnerabilities in PcVue 10 (SCADA) Luigi Auriemma
Multiple vulnerabilities in Traq advisory
Vulnerabilities in EViews 7.2 Luigi Auriemma
Integer overflow in Sterling Trader 7.0.2 Luigi Auriemma
iDefense Security Advisory 09.26.11: Novell GroupWise iCal RRULE Weekday Recurrence Heap Overflow Vulnerability labs-no-reply
iDefense Security Advisory 09.26.11: Novell GroupWise iCal Date Invalid Array Indexing Vulnerability labs-no-reply
Cisco Security Advisory: Cisco 10000 Series Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco IOS Software Data-Link Switching Vulnerability Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco IOS Software IPv6 Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco IOS Software IPv6 over MPLS Vulnerabilities Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco IOS Software Network Address Translation Vulnerabilities Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerabilities Cisco Systems Product Security Incident Response Team
iDefense Security Advisory 09.26.11: Novell GroupWise iCal RRULE ByWeekNo Memory Corruption Vulnerability labs-no-reply
Cisco Security Advisory: Cisco Unified Communications Manager Session Initiation Protocol Memory Leak Vulnerabilities Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Jabber Extensible Communications Platform and Cisco Unified Presence XML Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team
[ MDVSA-2011:137 ] openssl security
Cisco Security Advisory: Cisco IOS Software IPS and Zone-Based Firewall Vulnerabilities Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco IOS Software Smart Install Remote Code Execution Vulnerability Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco IOS Software IP Service Level Agreement Vulnerability Cisco Systems Product Security Incident Response Team
[ MDVSA-2011:136 ] openssl security

Thursday, 29 September

[security bulletin] HPSBUX02707 SSRT100626 rev.1 - HP-UX Apache Web Server, Remote Denial of Service (DoS) security-alert
[ MDVSA-2011:138 ] wireshark security
Joomla! 1.7.0 | Multiple Cross Site Scripting (XSS) Vulnerabilities YGN Ethical Hacker Group
Bitweaver 2.8.1 Multiple Cross-site Scripting Vulnerabilities sschurtz
Arbitrary memory corruption in NCSS 07.1.21 Luigi Auriemma
[SECURITY] [DSA 2312-1] iceape security update Moritz Muehlenhoff
DeepSec 2011 Conference - Final Schedule Published DeepSec Conference

Friday, 30 September

[SECURITY] [DSA 2313-1] iceweasel security update Moritz Muehlenhoff

Previous period

Next period