Bugtraq: by author

• RSS Feed
• About List
• All Lists

Previous period

Next period

130 messages starting Sep 24 12 and ending Sep 27 12
Date index | Thread index | Author index

abhijeet

[Announcement] ClubHack Magazine's Sept 2012 Issue Out abhijeet (Sep 24)
[Announcement] CHMag - Call for Articles abhijeet (Sep 25)

advisory

Cross-Site Scripting (XSS) Vulnerabilities in Flogr advisory (Sep 05)
Сross-Site Request Forgery (CSRF) in TestLink advisory (Sep 05)
Cross-Site Scripting (XSS) in Kayako Fusion advisory (Sep 05)

Andrea Fabrizi

QNAP Turbo NAS Multiple Path Injection Andrea Fabrizi (Sep 05)

Apple Product Security

APPLE-SA-2012-09-19-1 iOS 6 Apple Product Security (Sep 21)
APPLE-SA-2012-09-19-2 OS X Mountain Lion v10.8.2, OS X Lion v10.7.5 and Security Update 2012-004 Apple Product Security (Sep 21)
APPLE-SA-2012-09-19-3 Safari 6.0.1 Apple Product Security (Sep 21)
APPLE-SA-2012-09-24-1 Apple TV 5.1 Apple Product Security (Sep 24)
APPLE-SA-2012-09-05-1 Java for OS X 2012-005 and Java for Mac OS X 10.6 Update 10 Apple Product Security (Sep 05)
APPLE-SA-2012-09-12-1 iTunes 10.7 Apple Product Security (Sep 13)
APPLE-SA-2012-09-17-1 Apple Remote Desktop 3.5.3 Apple Product Security (Sep 18)

A. Ramos

XSS in OSSEC wui 0.3 A. Ramos (Sep 27)

Carl-Eric Menzel

[CVE-2012-3373] Apache Wicket XSS vulnerability via manipulated URL parameter Carl-Eric Menzel (Sep 06)

Cisco Systems Product Security Incident Response Team

Cisco Security Advisory: Cisco ASA-CX and Cisco PRSM Log Retention Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Sep 13)
Cisco Security Advisory: Cisco IOS Software Network Address Translation Vulnerabilities Cisco Systems Product Security Incident Response Team (Sep 27)
[2.0 Update] Cisco Security Advisory: Multiple Vulnerabilities in Cisco AnyConnect Secure Mobility Client Cisco Systems Product Security Incident Response Team (Sep 21)
Cisco Security Advisory: Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Sep 27)
Cisco Security Advisory: Cisco Unified Presence and Jabber Extensible Communications Platform Stream Header Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Sep 13)
Cisco Security Advisory: Cisco IOS Software DHCP Version 6 Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Sep 27)
Cisco Security Advisory: Cisco Catalyst 4500E Series Switch with Cisco Catalyst Supervisor Engine 7L-E Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Sep 27)
Cisco Security Advisory: Cisco IOS Software Tunneled Traffic Queue Wedge Vulnerability Cisco Systems Product Security Incident Response Team (Sep 27)
Cisco Security Advisory: Cisco IOS Software DHCP Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Sep 27)
Cisco Security Advisory: Cisco Unified Communications Manager Session Initiation Protocol Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Sep 27)
Cisco Security Advisory: Cisco IOS Software Intrusion Prevention System Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Sep 27)
Cisco Security Advisory: Cisco IOS Software Malformed Border Gateway Protocol Attribute Vulnerability Cisco Systems Product Security Incident Response Team (Sep 27)

come2waraxe

[waraxe-2012-SA#090] - Insecure SSL Connection in Thomson SpeedTouch ST780 come2waraxe (Sep 25)
[waraxe-2012-SA#089] - Multiple Vulnerabilities in TorrentTrader 2.08 come2waraxe (Sep 17)

ddivulnalert

DDIVRT-2012-42 Novell GroupWise Agents Arbitrary File Retrieval (CVE-2012-0419) ddivulnalert (Sep 24)

ds . adv . pub

Internet Explorer Script Interjection Code Execution (updated) ds . adv . pub (Sep 06)

Fabien DUCHENE

GreHack 2012 - 19th Oct. Grenoble, France - Conference + CTF - Call For [ Participation, Student Grants Application, Music Bands/Artists/DJ ] Fabien DUCHENE (Sep 24)
GreHack 2012 - 19th Oct. Grenoble, France - Call For [ Participation, Student Grants Application, Music Bands/Artists/DJ ] Fabien DUCHENE (Sep 11)

Fernando Gont

IPv6 Toolkit v1.2.3 released! (and upcoming IPv6 security trainings) Fernando Gont (Sep 17)
IPv6 implications on IPv4 nets: IPv6 RAs, IPv4, and VPN "evasion" Fernando Gont (Sep 05)
ipv6mon v1.0 released! (IPv6 address monitoring daemon) Fernando Gont (Sep 17)

Florian Weimer

[SECURITY] [DSA 2547-1] bind9 security update Florian Weimer (Sep 13)

Inshell Security

[IA38] NCMedia Sound Editor Pro v7.5.1 MRUList201202.dat File Handling Local Buffer Overflow Inshell Security (Sep 17)

INTREST SEC

[INTREST SEC] Atlassian Confluence Wiki XSS Vulnerability INTREST SEC (Sep 17)

irist . ir

Vbulletin (blog_plugin_useradmin) v4.1.12 Sql Injection Vulnerability irist . ir (Sep 18)

Joseph Sheridan

Group-Office Calendar SQL Injection Joseph Sheridan (Sep 04)
Wordpress Download Monitor - Download Page Cross-Site Scripting Joseph Sheridan (Sep 11)
Toshiba ConfigFree CF7 File Stack Buffer Overflow (Comment Field Joseph Sheridan (Sep 24)
Toshiba ConfigFree CF7 File Stack Buffer Overflow (ProfileName) Joseph Sheridan (Sep 24)
Toshiba ConfigFree CF7 File Remote Command Execution Joseph Sheridan (Sep 24)

Kiwicon

KIWICON: THE ANNUCIATION Kiwicon (Sep 05)

Lists

Ektron CMS - Multiple Vulnerabilities - Security Advisory - SOS-12-009 Lists (Sep 05)

Luciano Bello

[SECURITY] [DSA 2552-1] tiff security update Luciano Bello (Sep 27)

mattijs

Security Advisory AA-004: Directory Traversal Vulnerability in Sitecom Home Storage Center mattijs (Sep 04)
Security Advisory AA-003: Directory Traversal Vulnerability in Conceptronic GrabnGo Network Storage mattijs (Sep 04)
Security Advisory AA-007: Command Injection Vulnerability in Sitecom Home Storage Center mattijs (Sep 13)
Security Advisory AA-007: Arbitrary File Upload Vulnerability in Sitecom Home Storage Center mattijs (Sep 13)

Moritz Muehlenhoff

[SECURITY] [DSA 2550-1] asterisk security update Moritz Muehlenhoff (Sep 19)
[SECURITY] [DSA 2548-1] tor security update Moritz Muehlenhoff (Sep 14)
[SECURITY] [DSA 2550-2] asterisk regression update Moritz Muehlenhoff (Sep 27)

moshez

VMWare Tools susceptible to binary planting by hijack moshez (Sep 05)

NCC Group Research

NGS00254 Patch Notification: Apple Mac OS X Lion USB Hub Class Hub Descriptor Arbitrary Code Execution NCC Group Research (Sep 27)
NGS00267 Patch Notification: Symantec Messaging Gateway SSH with backdoor user account NCC Group Research (Sep 18)
NGS00265 Patch Notification: Symantec Messaging Gateway - Unauthenticated detailed version disclosure NCC Group Research (Sep 18)
NGS00268 Patch Notification: Symantec Messaging Gateway Out-of-band stored XSS - delivered by email NCC Group Research (Sep 18)
NGS00263 Patch Notification: Symantec Messaging Gateway - Easy CSRF to add a backdoor-administrator NCC Group Research (Sep 18)
NGS00266 Patch Notification: Symantec Messaging Gateway Arbitrary file download is possible with a crafted URL NCC Group Research (Sep 18)

Nico Golde

[SECURITY] [DSA 2551-1] isc-dhcp security update Nico Golde (Sep 24)
[SECURITY] [DSA 2548-1] Debian Security Team PGP/GPG key change notice Nico Golde (Sep 17)
[SECURITY] [DSA 2546-1] freeradius security update Nico Golde (Sep 12)

noreply

[Positive Research] Intel SMEP overview and partial bypass on Windows 8 (whitepaper) noreply (Sep 17)
[Positive Research] Intel SMEP Part II: Bypassing Intel SMEP on Windows 8 x64 Using Return-oriented Programming noreply (Sep 24)

nullcon

nullcon CTF HackIM is on nullcon (Sep 11)

Oliver Goebel

[IMF 2013] 2nd Call for Papers Oliver Goebel (Sep 27)
[IMF 2013] Call for Papers Oliver Goebel (Sep 05)

Raphael Geissert

[SECURITY] [DSA 2543-1] xen-qemu-dm-4.0 security update Raphael Geissert (Sep 10)
[SECURITY] [DSA 2539-1] zabbix security update Raphael Geissert (Sep 06)
[SECURITY] [DSA 2549-1] devscripts security update Raphael Geissert (Sep 17)
[SECURITY] [DSA 2540-1] mahara security update Raphael Geissert (Sep 10)
[SECURITY] [DSA 2544-1] xen security update Raphael Geissert (Sep 10)
[SECURITY] [DSA 2542-1] qemu-kvm security update Raphael Geissert (Sep 10)
[SECURITY] [DSA 2541-1] beaker security update Raphael Geissert (Sep 10)
[SECURITY] [DSA 2545-1] qemu security update Raphael Geissert (Sep 10)
[SECURITY] [DSA 2480-4] request-tracker3.8 regression update Raphael Geissert (Sep 17)
[SECURITY] [DSA 2538-1] moin security update Raphael Geissert (Sep 05)

Robert Gilbert

[CVE-ID REQUEST] Atlassian Confluence - Multiple Cross-Site Request Forgery (CSRF) Vulnerabilities Robert Gilbert (Sep 24)

roberto

Multiple vulnerabilities in Ezylog photovoltaic management server roberto (Sep 11)

Román Ramírez

[Rooted CON 2013] CFP starts! Román Ramírez (Sep 05)

Secunia Research

Secunia Research: Novell GroupWise iCalendar Date/Time Parsing Denial of Service Secunia Research (Sep 17)
Secunia Research: Adobe Photoshop TIFF SGI24LogLum Decompression Buffer Overflow Secunia Research (Sep 04)

security

[ MDVSA-2012:151 ] ghostscript security (Sep 12)
[ MDVSA-2012:154 ] apache security (Sep 28)
[ MDVSA-2012:150 ] java-1.6.0-openjdk security (Sep 11)
[ MDVSA-2012:153 ] dhcp security (Sep 17)
[ MDVSA-2012:149 ] fetchmail security (Sep 04)
[ MDVSA-2012:155 ] xinetd security (Sep 28)
[ MDVSA-2012:152 ] bind security (Sep 14)

Security Alert

ESA-2012-029: RSA BSAFE(r) SSL-C Multiple Vulnerabilities Security Alert (Sep 11)
ESA-2012-032: RSA BSAFE(r) Micro Edition Suite Security Update for BEAST (Browser Exploit Against SSL/TLS) attacks Security Alert (Sep 11)
ESA-2012-037: RSA(r) Authentication Agent 7.1 for Microsoft Windows(r) and RSA(r) Authentication Client 3.5 Access Control Vulnerability Security Alert (Sep 24)

security-alert

[security bulletin] HPSBMU02811 SSRT100937 rev.1 - HP Business Availability Center (BAC) Cross Site Scripting (XSS), Cross Site Request Forgery (CSRF), and Web Session Hijacking security-alert (Sep 06)
[security bulletin] HPSBMU02813 SSRT100712 rev.1 - HP Operations Orchestration, Remote Execution of Arbitrary Code security-alert (Sep 18)
[security bulletin] HPSBMU02815 SSRT100715 rev.2 - HP SiteScope SOAP Security Issues, Remote Disclosure of Information, Remote Code Execution security-alert (Sep 21)
[security bulletin] HPSBMU02815 SSRT100715 rev.3 - HP SiteScope SOAP Security Issues, Remote Disclosure of Information, Remote Code Execution security-alert (Sep 24)

Security Explorations

[SE-2012-01] Critical security issue affecting Java SE 5/6/7 Security Explorations (Sep 25)
[SE-2012-01] Security vulnerabilities in IBM Java Security Explorations (Sep 11)

Slackware Security Team

[slackware-security] dhcp (SSA:2012-258-01) Slackware Security Team (Sep 17)
[slackware-security] mozilla-thunderbird (SSA:2012-244-03) Slackware Security Team (Sep 04)
[slackware-security] glibc (SSA:2012-244-01) Slackware Security Team (Sep 04)
[slackware-security] seamonkey (SSA:2012-244-04) Slackware Security Team (Sep 04)
[slackware-security] mozilla-firefox (SSA:2012-244-02) Slackware Security Team (Sep 04)
[slackware-security] bind (SSA:2012-257-01) Slackware Security Team (Sep 17)
[slackware-security] slocate (SSA:2012-244-05) Slackware Security Team (Sep 04)
[slackware-security] patch (SSA:2012-257-02) Slackware Security Team (Sep 17)

sschurtz

Admidio 2.3.5 Multiple security vulnerabilities sschurtz (Sep 04)
Joomla 2.5.6 Multiple Cross-site scripting vulnerabilities sschurtz (Sep 19)

Stefan Kanthak

[Full-disclosure] "Dell Data Protection | Access" for Windows contains and installs outdated, superfluous and vulnerable system components and 3rd party components/drivers Stefan Kanthak (Sep 25)

Timo Juhani Lindfors

CVE-2012-4415: guacamole local root vulnerability Timo Juhani Lindfors (Sep 24)

Timo Warns

[PRE-SA-2012-06] FreeRADIUS: Stack Overflow in TLS-based EAP Methods Timo Warns (Sep 11)

Vulnerability Lab

eFront Enterprise v3.6.11 - Multiple Web Vulnerabilities Vulnerability Lab (Sep 05)
Barracuda Web Filter 910 5.0.015 - Multiple Vulnerabilities Vulnerability Lab (Sep 05)
Knowledge Base EE v4.62.0 - SQL Injection Vulnerability Vulnerability Lab (Sep 13)
Fortigate UTM WAF Appliance - Cross Site Vulnerabilities Vulnerability Lab (Sep 18)
ES Job Search Engine v3.0 - SQL injection vulnerability Vulnerability Lab (Sep 05)
SonicWALL EMail Security 7.3.5 - Multiple Vulnerabilities Vulnerability Lab (Sep 18)
Fortigate UTM WAF Appliance - Multiple Web Vulnerabilities Vulnerability Lab (Sep 13)
ASTPP VoIP Billing (4cf207a) - Multiple Web Vulnerabilities Vulnerability Lab (Sep 17)
NeoBill CMS v0.8 Alpha - Multiple Web Vulnerabilities Vulnerability Lab (Sep 17)
eFront Educational v3.6.11 - Multiple Web Vulnerabilities Vulnerability Lab (Sep 05)
Fortigate UTM WAF Appliance - Multiple Web Vulnerabilities Vulnerability Lab (Sep 18)
Axis VoIP Manager v2.1.5.7 - Multiple Web Vulnerabilities Vulnerability Lab (Sep 18)

VUPEN Security Research

VUPEN - Microsoft Windows Common Controls MSCOMCTL.OCX Use-after-free (CVE-2012-1856 / MS12-060) VUPEN Security Research (Sep 11)
VUPEN - Adobe Flash Player "Matrix3D" Integer Overflow Code Execution (APSB12-19) VUPEN Security Research (Sep 11)
VUPEN - Mozilla Firefox "nsHTMLEditRules" Remote Use-after-free (CVE-2012-3958 / MFSA 2012-58) VUPEN Security Research (Sep 11)

Yves-Alexis Perez

[SECURITY] [DSA 2554-1] iceape security update Yves-Alexis Perez (Sep 27)

Previous period

Next period