Bugtraq: by author
RSS Feed
About List
All Lists
Previous period
157 messages
starting Dec 03 12 and
ending Dec 10 12
Date index |
Thread index |
Author index
admin
tinymcpuk xss vulnerability admin (Dec 03)
advisory
Multiple vulnerabilities in Achievo advisory (Dec 07)
Multiple vulnerabilities in Banana Dance advisory (Dec 19)
Multiple SQL Injection Vulnerabilities in Elite Bulletin Board advisory (Dec 19)
Multiple SQL Injection vulnerabilities in ClipBucket advisory (Dec 07)
Multiple Command Execution Vulnerabilities in Smartphone Pentest Framework advisory (Dec 10)
Multiple vulnerabilities in Achievo advisory (Dec 07)
TVMOBiLi Media Server Multiple Remote DoS Vulnerabilities advisory (Dec 07)
TVMOBiLi Media Server Multiple Remote DoS Vulnerabilities advisory (Dec 07)
Firefly MediaServer Multiple Remote DoS Vulnerabilities advisory (Dec 19)
Multiple SQL Injection vulnerabilities in ClipBucket advisory (Dec 07)
Arne Vidström
DoS vulnerability in Siemens S7-1200 PLCs Arne Vidström (Dec 24)
bugreport
FCKEditor File Upload Vulnerability bugreport (Dec 13)
by_argos
Privilege Escalation through Binary Planting in Panda Internet Security by_argos (Dec 04)
chiles . simpson . ctr
Re: Stack overflow in Microsoft HTML Help 6.1 (CHM files) chiles . simpson . ctr (Dec 05)
Collin Mulliner
Call for Papers: DIMVA 2013 Collin Mulliner (Dec 10)
Darius Freamon
Buffalo LinkStation LS-WTGL Default Admin Account & Guest Access Information Darius Freamon (Dec 05)
ddivulnalert
DDIVRT-2012-48 VMware View Connection Server Directory Traversal (CVE-2012-5978) ddivulnalert (Dec 14)
doylej . ia
Password Disclosure in D-Link IP Cameras (CVE-2012-4046) doylej . ia (Dec 14)
Dragos Ruiu
CanSecWest13 CFP Open Until December 14 2012, Conf March 7-9 2013, Vancouver Dragos Ruiu (Dec 07)
Emmanuel FARCY
Fwd: SQL injection Emmanuel FARCY (Dec 07)
Fabio Baroni
Re: Microsoft Internet Explorer 9.x <= Remote Stack Overflow Vulnerability Fabio Baroni (Dec 20)
Fernando Gont
Network Reconnaissance in IPv6 Networks Fernando Gont (Dec 13)
Network Reconnaissance in IPv6 Networks (errata) Fernando Gont (Dec 13)
IPv6 Neighbor Discovery security (new documents) Fernando Gont (Dec 17)
FireFart
Wordpress Pingback Port Scanner FireFart (Dec 14)
Florian Weimer
[SECURITY] [DSA 2585-1] bogofilter security update Florian Weimer (Dec 11)
[SECURITY] [DSA 2589-1] tiff security update Florian Weimer (Dec 17)
[SECURITY] [DSA 2588-1] icedove security update Florian Weimer (Dec 17)
[SECURITY] [DSA 2587-1] libcgi-pm-perl security update Florian Weimer (Dec 11)
[SECURITY] [DSA 2586-1] perl security update Florian Weimer (Dec 11)
fulldisclosure
EMC Avamar: World writable cache files fulldisclosure (Dec 19)
generalpf
Re: phpGiftReq SQL Injection generalpf (Dec 03)
George Clark
Foswiki Security Alert CVE-2012-6329, CVE-2012-6330 Remote code execution and other vulnerabilities in MAKETEXT macro George Clark (Dec 17)
gsuberland
Issues in Netgear WGR614 wireless router gsuberland (Dec 14)
Huzaifa Sidhpurwala
Re: [oss-security] Re: [Full-disclosure] MySQL (Linux) Stack based buffer overrun PoC Zeroday Huzaifa Sidhpurwala (Dec 03)
Jeffrey Walton
Re: [Full-disclosure] MySQL (Linux) Heap Based Overrun PoC Zeroday Jeffrey Walton (Dec 03)
Re: [Full-disclosure] MySQL (Linux) Stack based buffer overrun PoC Zeroday Jeffrey Walton (Dec 03)
Jonathan Wiltshire
[SECURITY] [DSA 2596-1] mediawiki-extensions security update Jonathan Wiltshire (Dec 31)
KB Sriram
GnuPG 1.4.12 and lower - memory access errors and keyring database corruption KB Sriram (Dec 31)
Ken
Multiple XSS vulnerabilities in Cerberus FTP Server <= 5.0.5.1 [CVE-2012-6339] Ken (Dec 19)
Kenneth F. Belva
Addressbook v8.1.24.1 Group Name XSS Kenneth F. Belva (Dec 13)
File Upload Concern in Front Account 2.3.13 and OpenDocMan 1.2.6.2 Kenneth F. Belva (Dec 13)
RE: PHP Addressbook v8.2.5 Group Name XSS Kenneth F. Belva (Dec 17)
OpenDocMan 1.2.6.2 - 3 Vulnerabilities Kenneth F. Belva (Dec 13)
king cope
MySQL Remote Preauth User Enumeration Zeroday king cope (Dec 03)
MySQL (Linux) Database Privilege Elevation Zeroday Exploit king cope (Dec 03)
FreeSSHD Remote Authentication Bypass Zeroday Exploit king cope (Dec 04)
MySQL Local/Remote FAST Account Password Cracking king cope (Dec 04)
MySQL Denial of Service Zeroday PoC king cope (Dec 03)
MySQL (Linux) Heap Based Overrun PoC Zeroday king cope (Dec 03)
MySQL (Linux) Stack based buffer overrun PoC Zeroday king cope (Dec 03)
FreeFTPD Remote Authentication Bypass Zeroday Exploit (Stuxnet technique) king cope (Dec 04)
Re: [oss-security] Re: [Full-disclosure] MySQL (Linux) Stack based buffer overrun PoC Zeroday king cope (Dec 03)
Re: MySQL Windows Remote System Level Exploit (Stuxnet technique) 0day king cope (Dec 04)
IBM System Director Remote System Level Exploit (CVE-2009-0880 extended zeroday) king cope (Dec 03)
koppensb
Re: Re: Re: Microsoft Internet Explorer 9.x <= Remote Stack Overflow Vulnerability koppensb (Dec 24)
Kotas, Kevin J
CA20121205-01: Security Notice for CA XCOM Data Transport on Unix and Linux Kotas, Kevin J (Dec 06)
Kurt Seifried
Re: [Full-disclosure] MySQL 5.1/5.5 WiNDOWS REMOTE R00T (mysqljackpot) Kurt Seifried (Dec 03)
Re: [Full-disclosure] MySQL Remote Preauth User Enumeration Zeroday Kurt Seifried (Dec 03)
Re: [Full-disclosure] MySQL (Linux) Heap Based Overrun PoC Zeroday Kurt Seifried (Dec 03)
Re: [Full-disclosure] MySQL (Linux) Stack based buffer overrun PoC Zeroday Kurt Seifried (Dec 03)
Re: [Full-disclosure] MySQL (Linux) Database Privilege Elevation Zeroday Exploit Kurt Seifried (Dec 03)
Re: [Full-disclosure] MySQL Denial of Service Zeroday PoC Kurt Seifried (Dec 03)
Re: [Full-disclosure] MySQL (Linux) Heap Based Overrun PoC Zeroday Kurt Seifried (Dec 03)
larry0
Centrify Deployment Manager v2.1.0.283 larry0 (Dec 04)
Local root exploit for Centrify Deployment Manager < v2.1.0.283 local root larry0 (Dec 19)
Centrify Deployment Manager v2.1.0.283 local root larry0 (Dec 10)
Centrify Deployment Manager v2.1.0.283 larry0 (Dec 04)
Liam
Re: Issues in Netgear WGR614 wireless router Liam (Dec 17)
Major Malfunction
DC4420 - London DEFCON - Christmas 2012 meet! Tuesday 11th December 2012 Major Malfunction (Dec 04)
Mark Stanislav
'portable-phpMyAdmin (WordPress Plugin)' Authentication Bypass (CVE-2012-5469) Mark Stanislav (Dec 13)
Mark Thomas
CVE-2012-4431 Apache Tomcat Bypass of CSRF prevention filter Mark Thomas (Dec 05)
CVE-2012-3546 Apache Tomcat Bypass of security constraints Mark Thomas (Dec 05)
CVE-2012-4534 Apache Tomcat denial of service Mark Thomas (Dec 05)
Moritz Muehlenhoff
[SECURITY] [DSA 2592-1] elinks security update Moritz Muehlenhoff (Dec 28)
[SECURITY] [DSA 2580-1] libxml security update Moritz Muehlenhoff (Dec 03)
[SECURITY] [DSA 2591-1] mahara security update Moritz Muehlenhoff (Dec 28)
[SECURITY] [DSA 2590-1] wireshark security update Moritz Muehlenhoff (Dec 27)
[SECURITY] [DSA 2595-1] ghostscript security update Moritz Muehlenhoff (Dec 31)
[SECURITY] [DSA 2594-1] virtualbox-ose security update Moritz Muehlenhoff (Dec 31)
[SECURITY] [DSA 2593-1] moin security update Moritz Muehlenhoff (Dec 31)
nauty . me04
Update on CVE assigned for Wordpress Plugin Simple Gmail Login nauty . me04 (Dec 07)
Update on CVE assigned for Video Lead Form Plugin Cross-Site nauty . me04 (Dec 07)
Nelson Brito
[TOOL RELEASE] SQL Fingerprint powered by ENG++ Technology [Version 1.33.23-170308] Nelson Brito (Dec 24)
Nick Johnson
Information disclosure (mouse tracking) vulnerability in Microsoft Internet Explorer versions 6-10 Nick Johnson (Dec 11)
Pascal Junod (Mailing Lists)
[btrfs] is vulnerable to a hash-DoS attack Pascal Junod (Mailing Lists) (Dec 14)
pereira
Re: Re: Microsoft Internet Explorer 9.x <= Remote Stack Overflow Vulnerability pereira (Dec 24)
Microsoft Internet Explorer 9.x <= Remote Stack Overflow Vulnerability pereira (Dec 19)
DIMIN Viewer 5.4.0 <= WriteAV Arbitrary Code Execution pereira (Dec 10)
FreeVimager 4.1.0 <= WriteAV Arbitrary Code Execution pereira (Dec 10)
Re: Re: Microsoft Internet Explorer 9.x <= Remote Stack Overflow Vulnerability pereira (Dec 20)
Perez, Sebastian (LATCO - Buenos Aires)
Path Traversal Vulnerability on Secure Transport versions 5.1 SP2 and earlier Perez, Sebastian (LATCO - Buenos Aires) (Dec 11)
Roberto Suggi Liverani
Multiple critical vulnerabilities in Maxthon and Avant browsers Roberto Suggi Liverani (Dec 11)
Rustein, Fara Denise (LATCO - Buenos Aires)
Polycom® HDX® Video End Points Web Management Cross Site Scripting (XSS) vulnerability Rustein, Fara Denise (LATCO - Buenos Aires) (Dec 27)
Sean Jenkins
Re: CubeCart 5.0.7 and lower versions | Insecure Backup File Handling Sean Jenkins (Dec 31)
SEC Consult Vulnerability Lab
SEC Consult SA-20121203-0 :: F5 FirePass SSL VPN Unauthenticated local file inclusion SEC Consult Vulnerability Lab (Dec 03)
security
[ MDVSA-2012:176 ] libxml2 security (Dec 03)
[ MDVSA-2012:178 ] mysql security (Dec 10)
[ MDVSA-2012:183 ] apache-mod_security security (Dec 24)
[ MDVSA-2012:180 ] perl-CGI security (Dec 17)
[ MDVSA-2012:177 ] bind security (Dec 06)
[ MDVSA-2012:182 ] apache-mod_security security (Dec 24)
[ MDVSA-2012:184 ] libtiff security (Dec 27)
[ MDVSA-2012:181 ] python-django security (Dec 19)
[ MDVSA-2012:179 ] cups security (Dec 13)
Security Alert
ESA-2012-060: EMC Data Protection Advisor Information Disclosure Vulnerability. Security Alert (Dec 24)
ESA-2012-052 RSA NetWitness Informer Cross-Site Request Forgery and Click-jacking Vulnerabilities Security Alert (Dec 03)
security-alert
[security bulletin] HPSBOV02834 SSRT101055 rev.1 - HP OpenVMS LOGIN or ACMELOGIN, Remote or Local Denial of Service (DoS) security-alert (Dec 11)
[security bulletin] HPSBPI02828 SSRT100778 rev.1 - HP LaserJet and Color LaserJet, Cross-Site Scripting (XSS) security-alert (Dec 05)
[security bulletin] HPSBUX02832 SSRT101042 rev.1 - HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities security-alert (Dec 13)
[security bulletin] HPSBPI02807 SSRT100928 rev.1 - HP LaserJet Pro 400 Multi Function Printers, Remote Unauthorized Access security-alert (Dec 05)
[security bulletin] HPSB3C02831 SSRT100661 rev.1 - HP Intelligent Management Center User Access Manager (UAM), Remote Execution of Arbitrary Code security-alert (Dec 05)
[security bulletin] HPSBMU02816 SSRT100949 rev.1 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Access security-alert (Dec 05)
[security bulletin] HPSBUX02835 SSRT100763 rev.1 - HP-UX Running BIND, Remote Domain Name Revalidation security-alert (Dec 24)
Sergei Golubchik
Re: [oss-security] Re: [Full-disclosure] MySQL (Linux) Stack based buffer overrun PoC Zeroday Sergei Golubchik (Dec 03)
Re: [oss-security] Re: [Full-disclosure] MySQL (Linux) Stack based buffer overrun PoC Zeroday Sergei Golubchik (Dec 03)
Re: [oss-security] Re: [Full-disclosure] MySQL (Linux) Stack based buffer overrun PoC Zeroday Sergei Golubchik (Dec 03)
Slackware Security Team
[slackware-security] bind (SSA:2012-341-01) Slackware Security Team (Dec 10)
[slackware-security] libxml2 (SSA:2012-341-03) Slackware Security Team (Dec 07)
[slackware-security] ruby (SSA:2012-341-04) Slackware Security Team (Dec 07)
[slackware-security] libssh (SSA:2012-341-02) Slackware Security Team (Dec 10)
sometimesbugs
Snare for Linux Cross-Site Scripting via Log Injection sometimesbugs (Dec 10)
Snare for Linux Cross-Site Request Forgery sometimesbugs (Dec 10)
Snare for Linux Password Disclosure sometimesbugs (Dec 10)
Sullo
RVAsec 2013 CFP Now Open Sullo (Dec 13)
Thomas Richards
Android Kernel 2.6 Local DoS Thomas Richards (Dec 10)
Tim Brown
Low severity flaw in RIM BlackBerry PlayBook OS browser Tim Brown (Dec 03)
to-choi . lau
Re: Centrify Deployment Manager v2.1.0.283 to-choi . lau (Dec 14)
tommccredie
SimpleInvoices 2011.1 Cross-Site-Scripting (XSS) Vulnerabilities CVE-2012-4932 tommccredie (Dec 10)
VMware Security Response Center
VMSA-2012-0018 VMware security updates for vCSA and ESXi VMware Security Response Center (Dec 24)
Vulnerability Lab
FortiWeb 4kC,3kC,1kC & VA - Cross Site Vulnerabilities Vulnerability Lab (Dec 03)
Enterpriser16 LoadBalancer v7.1 - Multiple Web Vulnerabilities Vulnerability Lab (Dec 19)
FortiGate FortiDB 2kB 1kC & 400B - Cross Site Vulnerability Vulnerability Lab (Dec 03)
SonicWall Email Security 7.4.1.x - Persistent Web Vulnerability Vulnerability Lab (Dec 28)
SonicWall SonicOS 5.8.1.8 WAF - POST Inject Vulnerability Vulnerability Lab (Dec 19)
Log Analyzer 3.6.0 - Cross Site Scripting Vulnerability Vulnerability Lab (Dec 28)
Williams, James K
CA20121220-01: Security Notice for CA IdentityMinder Williams, James K (Dec 24)
YGN Ethical Hacker Group
CubeCart 5.0.7 and lower | Open URL Redirection Vulnerability YGN Ethical Hacker Group (Dec 24)
CubeCart 4.4.6 and lower | Local File Inclusion Vulnerability YGN Ethical Hacker Group (Dec 24)
CubeCart 3.0.20 (3.0.x) and lower | Multiple Cross Site Scripting Vulnerabilities YGN Ethical Hacker Group (Dec 24)
CubeCart 3.0.20 (3.0.x) and lower | Multiple SQL Injection Vulnerabilities YGN Ethical Hacker Group (Dec 24)
Open-Realty CMS 3.x | Cross Site Request Forgery (CSRF) Vulnerability YGN Ethical Hacker Group (Dec 27)
Open-Realty CMS 3.x | Persistent Cross Site Scripting (XSS) Vulnerability YGN Ethical Hacker Group (Dec 27)
CubeCart 4.x/5.x | Setup Re-installation Privilege Escalation Vulnerability YGN Ethical Hacker Group (Dec 24)
CubeCart 4.4.6 and lower | Cross Site Request Forgery (CSRF) Vulnerability YGN Ethical Hacker Group (Dec 24)
CubeCart 3.0.20 (3.0.x) and lower | Arbitrary File Upload YGN Ethical Hacker Group (Dec 24)
CubeCart 4.4.6 and lower | Open URL Redirection Vulnerability YGN Ethical Hacker Group (Dec 24)
CubeCart 4.4.6 and lower | Multiple Cross Site Scripting Vulnerabilities YGN Ethical Hacker Group (Dec 24)
CubeCart 5.0.7 and lower versions | Insecure Backup File Handling YGN Ethical Hacker Group (Dec 28)
CubeCart 4.4.6 and lower | Multiple SQL Injection Vulnerabilities YGN Ethical Hacker Group (Dec 24)
Yves-Alexis Perez
[SECURITY] [DSA 2584-1] iceape security update Yves-Alexis Perez (Dec 10)
[SECURITY] [DSA 2577-1] libssh security update Yves-Alexis Perez (Dec 03)
[SECURITY] [DSA 2581-1] mysql-5.1 security update Yves-Alexis Perez (Dec 04)
[SECURITY] [DSA 2582-1] xen security update Yves-Alexis Perez (Dec 07)
Re: [oss-security] Re: [Full-disclosure] MySQL (Linux) Stack based buffer overrun PoC Zeroday Yves-Alexis Perez (Dec 03)
[SECURITY] [DSA 2583-1] iceweasel security update Yves-Alexis Perez (Dec 10)