oss-sec: by author
RSS Feed
About List
All Lists
Previous period
383 messages
starting Oct 12 10 and
ending Nov 23 10
Date index |
Thread index |
Author index
akiphie
Re: kernel: avoid pgoff overflow in remap_file_pages akiphie (Oct 12)
Anthon Pang
Re: CVE Request: OpenWebAnalytics < 1.2.4 - remote/local file inclusion vulnerability Anthon Pang (Dec 31)
CVE Request: OpenWebAnalytics < 1.2.4 - remote/local file inclusion vulnerability Anthon Pang (Dec 30)
CVE Request: CrawlTrack < 3.2.7 - remote php code execution Anthon Pang (Dec 31)
Re: CVE request: openx unknown vulnerability before 2.8.7 Anthon Pang (Dec 06)
Benji
Re: CVE Request: gif2png: command-line buffer overflow problem Benji (Nov 22)
Ben Laurie
Re: CVE Request -- Mercurial --Doesn't verify subject Common Name properly Ben Laurie (Nov 16)
Bhadrinath
Re: Interesting behavior with struct initiailization Bhadrinath (Dec 05)
Re: Interesting behavior with struct initiailization Bhadrinath (Dec 05)
Re: Interesting behavior with struct initiailization Bhadrinath (Dec 05)
Daniel J Walsh
Re: filesystem capabilities Daniel J Walsh (Nov 18)
Dan Rosenberg
CVE request: kernel: SCTP memory corruption in HMAC handling Dan Rosenberg (Oct 04)
Re: CVE request: kernel stack infoleaks Dan Rosenberg (Nov 02)
Re: econet iovec Dan Rosenberg (Nov 14)
CVE request: kernel: Multiple DoS issues in block layer Dan Rosenberg (Nov 10)
Linux kernel address leaks Dan Rosenberg (Nov 22)
Re: CVE request: kernel stack infoleaks Dan Rosenberg (Nov 02)
Re: CVE request: kernel: CAN information leak, 2nd attempt Dan Rosenberg (Dec 20)
Re: CVE request: ettercap GTK Dan Rosenberg (Oct 14)
CVE request: kernel: CAN information leak Dan Rosenberg (Nov 03)
Re: econet iovec Dan Rosenberg (Nov 15)
Re: CVE request: kernel: gdth: integer overflow in ioc_general() Dan Rosenberg (Nov 09)
Re: CVE request: kernel: CAN information leak, 2nd attempt Dan Rosenberg (Dec 20)
CVE request: kernel: failure to revert address limit override in OOPS error path Dan Rosenberg (Dec 02)
Re: CVE request: multiple kernel stack memory disclosures Dan Rosenberg (Oct 06)
Re: kernel: Dangerous interaction between clear_child_tid, set_fs(), and kernel oopses Dan Rosenberg (Dec 02)
CVE request: X.25 remote DoS Dan Rosenberg (Nov 03)
CVE request: kernel: buffer overflow in OSS load_mixer_volumes Dan Rosenberg (Dec 30)
Re: econet iovec Dan Rosenberg (Nov 14)
Re: CVE Request: gif2png: command-line buffer overflow problem Dan Rosenberg (Nov 22)
Re: Re: Interesting behavior with struct initiailization Dan Rosenberg (Dec 05)
CVE request: kernel: integer overflow in RDS Dan Rosenberg (Nov 17)
CVE request: kernel: remote DoS in X.25 Dan Rosenberg (Nov 11)
CVE request: ettercap GTK Dan Rosenberg (Oct 13)
Re: CVE request: kernel: gdth: integer overflow in ioc_general() Dan Rosenberg (Nov 08)
Re: CVE request: multiple kernel stack memory disclosures Dan Rosenberg (Oct 01)
Re: Linux kernel proactive security hardening Dan Rosenberg (Nov 07)
Re: CVE request: multiple kernel stack memory disclosures Dan Rosenberg (Oct 06)
CVE request: kernel: heap overflow in TIPC Dan Rosenberg (Oct 22)
dave b
Re: CVE Request -- OfflineIMAP -- 1), failed to validate remote SSL server certificate 2), allows SSLv2 protocol dave b (Dec 23)
Re: CVE Request -- Mercurial --Doesn't verify subject Common Name properly dave b (Nov 17)
Can I request a cve for pfsense regarding --> "pfSense "graph.php" Cross-Site Scripting Vulnerabilities" dave b (Nov 22)
Re: CVE Request -- Mercurial --Doesn't verify subject Common Name properly dave b (Nov 17)
David Hicks
CVE request: MantisBT <=1.2.3 (db_type) Local File Inclusion Vulnerability David Hicks (Dec 15)
CVE request: MantisBT <=1.2.3 (db_type) Cross-Site Scripting & Path Disclosure Vulnerability David Hicks (Dec 15)
Dmitry V. Levin
Re: Minor security flaw with pam_xauth Dmitry V. Levin (Oct 03)
Re: glibc $ORIGIN problem - CVE-2010-3847 Dmitry V. Levin (Oct 26)
Earl Hood
Re: CVE Request -- MHonArc: Improper escaping of certain HTML sequences (XSS) Earl Hood (Dec 21)
Re: CVE Request -- MHonArc: Improper escaping of certain HTML sequences (XSS) Earl Hood (Dec 30)
Fix for CVE-2010-4524 and CVE-2010-1677 ready for verfication Earl Hood (Dec 30)
Eugene Teo
Re: CVE request: kernel: sys_semctl: fix kernel stack leakage Eugene Teo (Nov 04)
CVE request: kernel: mm: mem allocated invisible to oom_kill() when not attached to any threads Eugene Teo (Nov 22)
Re: CVE request: kernel: Multiple DoS issues in block layer Eugene Teo (Nov 29)
Re: CVE Request: local privilege escalation via /sys/kernel/debug/acpi/custom_method Eugene Teo (Dec 15)
Re: CVE request: kernel: NULL pointer dereference in AF_ECONET Eugene Teo (Dec 08)
kernel: avoid pgoff overflow in remap_file_pages Eugene Teo (Oct 12)
CVE-2010-4161 kernel: rhel5 backport of 93821778 caused deadlock Eugene Teo (Nov 22)
CVE Request: kernel: socket filters infoleak Eugene Teo (Nov 09)
CVE-2010-3086 kernel panic via futex Eugene Teo (Nov 09)
CVE request: kernel: igb panics when receiving tag vlan packet Eugene Teo (Dec 05)
CVE request: kernel: iovec overflow in rds_rdma_pages() Eugene Teo (Oct 28)
CVE request: kernel: perf bug Eugene Teo (Nov 14)
Re: econet iovec Eugene Teo (Nov 14)
CVE request: kernel: posix-cpu-timers: workaround to suppress the problems with mt exec Eugene Teo (Nov 23)
Re: CVE request: X.25 remote DoS Eugene Teo (Nov 04)
CVE request: kernel: irda: prevent integer underflow in IRLMP_ENUMDEVICES Eugene Teo (Dec 22)
CVE request: xen: x86-64: don't crash Xen upon direct pv guest access Eugene Teo (Nov 29)
CVE request: kernel: pipe_fcntl local DoS Eugene Teo (Nov 29)
CVE request: kernel: possible kernel oops from user MSS Eugene Teo (Nov 11)
Re: CVE request: kernel: integer overflow in RDS Eugene Teo (Nov 17)
Re: CVE request: libvirt when compiled with openvz support has a potential security hole Eugene Teo (Dec 07)
Re: CVE request: kernel: Multiple DoS issues in block layer Eugene Teo (Nov 29)
CVE request: kernel: missing tty ops write function presence check in hci_uart_tty_open() Eugene Teo (Nov 22)
CVE request: kernel: bfa driver sysfs crash Eugene Teo (Dec 07)
Re: CVE request -- libguestfs: missing disk format specifier when adding a disk Eugene Teo (Oct 18)
CVE request: kernel: setup_arg_pages: diagnose excessive argument size Eugene Teo (Oct 20)
CVE request: xen: request-processing loop is unbounded in blkback Eugene Teo (Nov 23)
Re: CVE request: kernel: heap contents leak from ETHTOOL_GRXCLSRLALL Eugene Teo (Oct 25)
Re: CVE request: kernel: CAN information leak Eugene Teo (Nov 04)
CVE request: kernel: sys_semctl: fix kernel stack leakage Eugene Teo (Nov 03)
Eygene Ryabinkin
Re: Re: CVE-2010-2094: PECL's phar code is vulnerable too Eygene Ryabinkin (Dec 26)
CVE-2010-2094: PECL's phar code is vulnerable too Eygene Ryabinkin (Dec 26)
Felipe Pena
Re: CVE-2010-2094: PECL's phar code is vulnerable too Felipe Pena (Dec 26)
Re: Re: CVE-2010-2094: PECL's phar code is vulnerable too Felipe Pena (Dec 26)
Florian Weimer
Nagios format string issues Florian Weimer (Oct 05)
Re: glibc $ORIGIN problem - CVE-2010-3847 Florian Weimer (Oct 22)
Proftpd pre-authentication buffer overflow in Telnet code Florian Weimer (Nov 01)
Geoff Keating
Re: Interesting behavior with struct initiailization Geoff Keating (Nov 29)
Re: Interesting behavior with struct initiailization Geoff Keating (Dec 03)
Gerald Combs
Re: CVE requests: Poppler, Quassel, Pyfribidi, Overkill, DocUtils, FireGPG, Wireshark Gerald Combs (Oct 11)
Re: CVE requests: Poppler, Quassel, Pyfribidi, Overkill, DocUtils, FireGPG, Wireshark Gerald Combs (Oct 01)
Giuseppe Iuculano
Re: libxml2 xpath Giuseppe Iuculano (Nov 09)
Hafez Kamal
[HITB-Announce] HITB Magazine #5 Call for Articles Hafez Kamal (Nov 11)
[HITB-Announce] HITB2011AMS -- Call For Papers now Open Hafez Kamal (Nov 18)
Hanno Böck
CVE request: joomla before 1.5.21 XSS Hanno Böck (Oct 08)
CVE request: tikiwiki <= 5.2 XSS, CSRF, file inclusion Hanno Böck (Nov 18)
CVE request: vanilla forums before 2.0.10, xss Hanno Böck (Dec 05)
CVE request: mybb before 1.4.11 and before 1.4.12 Hanno Böck (Oct 08)
Fwd: CVE id request: fluxbb < 1.2.22 XSS Hanno Böck (Oct 08)
CVE request: openx unknown vulnerability before 2.8.7 Hanno Böck (Dec 06)
Re: CVE request: mybb before 1.4.11 and before 1.4.12 Hanno Böck (Dec 05)
CVE request: Drupal views module CSRF/XSS before 2.11, XSS before 2.12 Hanno Böck (Dec 16)
CVE request: wordpress before 3.0.4 XSS Hanno Böck (Dec 30)
Re: clamav 0.96.5 released Hanno Böck (Dec 03)
CVE request: usebb before 1.0.11 unauthorized access to content Hanno Böck (Oct 08)
CVE request (2009): vanilla forums before 1.1.8 Hanno Böck (Oct 08)
Havoc Pennington
Re: Clarifications on the D-Bus specification Havoc Pennington (Dec 12)
Henri Salo
CVE request eoCMS SQL injection vulnerability Henri Salo (Oct 08)
CVE request: Joomla 1.5.21 SQL Injection and Information Disclosure Henri Salo (Nov 12)
CVE request: Simple Machines Forum Cross-Site Request Forgery Henri Salo (Oct 11)
Huzaifa Sidhpurwala
utf-8 security issue in php - 2 CVEs? Huzaifa Sidhpurwala (Nov 15)
Re: Re: utf-8 security issue in php - 2 CVEs? Huzaifa Sidhpurwala (Nov 17)
Re: CVE request: kernel: buffer overflow in OSS load_mixer_volumes Huzaifa Sidhpurwala (Dec 31)
CVE Request: libsdp Huzaifa Sidhpurwala (Nov 15)
Re: CVE Request -- Pidgin v2.7.6 <= x <= v2.7.8 -- MSN DirectConnect DoS (crash due NULL ptr dereference) after receiving a short P2P message Huzaifa Sidhpurwala (Dec 31)
James Morris
Re: filesystem capabilities James Morris (Nov 08)
Jamie Nguyen
Re: Breaking the links: Exploiting the linker Jamie Nguyen (Dec 22)
Re: Breaking the links: Exploiting the linker Jamie Nguyen (Dec 22)
Jamie Strandboge
Re: CVE request: opensc buffer overflow Jamie Strandboge (Dec 21)
Jan Lieskovsky
Re: CVE Request -- cURL / mingw32-cURL -- Did not strip directory parts separated by backslashes, when downloading files Jan Lieskovsky (Oct 13)
CVE Request -- Xfig: Stack-based buffer overflow by processing FIG image with crafted color definition Jan Lieskovsky (Dec 03)
CVE Request -- Pidgin v2.7.6 <= x <= v2.7.8 -- MSN DirectConnect DoS (crash due NULL ptr dereference) after receiving a short P2P message Jan Lieskovsky (Dec 27)
FYI -- Tor v0.2.1.28 addressing CVE-2010-1676 -- remotely exploitable heap-based buffer overflow Jan Lieskovsky (Dec 21)
Re: Re: CVE Request -- D-BUS -- Stack frame overflow by validating message with excessive number of nested variants Jan Lieskovsky (Dec 21)
CVE Request -- D-BUS -- Stack frame overflow by validating message with excessive number of nested variants Jan Lieskovsky (Dec 16)
CVE Request -- Mercurial --Doesn't verify subject Common Name properly Jan Lieskovsky (Oct 08)
CVE Request -- Wordpress v3.0.2 SQL injection flaw + two minor XSS issues Jan Lieskovsky (Dec 02)
CVE Request -- FontForge: Stack-based buffer overflow by processing specially-crafted CHARSET_REGISTRY font file header Jan Lieskovsky (Dec 02)
CVE Request -- perl-CGI two ids, perl-CGI-Simple one id (CVE-2010-3172 already assigned for Bugzilla part) Jan Lieskovsky (Dec 01)
CVE Request -- cURL / mingw32-cURL -- Did not strip directory parts separated by backslashes, when downloading files Jan Lieskovsky (Oct 13)
CVE Request -- 1, ccid -- int.overflow leading to array index error 2, pcsc-lite stack-based buffer overflow in ATR decoder [was: [oss-security] CVE request: opensc buffer overflow ] Jan Lieskovsky (Dec 22)
CVE Request -- pootle -- XSS via 'match_names' parameter on translate.html page Jan Lieskovsky (Nov 22)
CVE Request -- MHonArc: Improper escaping of certain HTML sequences (XSS) Jan Lieskovsky (Dec 21)
CVE Request -- Django 1.2.4, Django 1.1.3 and Django 1.3 beta 1 -- addressing two security flaws Jan Lieskovsky (Dec 23)
CVE Request -- OfflineIMAP -- 1), failed to validate remote SSL server certificate 2), allows SSLv2 protocol Jan Lieskovsky (Dec 23)
Jeff Breidenbach
Re: CVE Request -- MHonArc: Improper escaping of certain HTML sequences (XSS) Jeff Breidenbach (Dec 30)
Joachim Fritschi
Re: CVE request - phpCAS: prevent symlink attacks, directory traversal and XSS during a proxy callback Joachim Fritschi (Oct 01)
Joel Becker
Re: Small exposure in ocfs2 fast symlinks. Joel Becker (Oct 01)
Johannes Stezenbach
Re: CVE Request -- OfflineIMAP -- 1), failed to validate remote SSL server certificate 2), allows SSLv2 protocol Johannes Stezenbach (Dec 23)
John Goerzen
Re: CVE Request -- OfflineIMAP -- 1), failed to validate remote SSL server certificate 2), allows SSLv2 protocol John Goerzen (Dec 23)
Jon Oberheide
CVE request: kernel stack infoleaks Jon Oberheide (Nov 02)
Josh Bressers
Re: CVE request: kernel: L2TP send buffer allocation size overflows Josh Bressers (Nov 10)
Re: Nagios format string issues Josh Bressers (Oct 06)
Re: CVE Request -- Xfig: Stack-based buffer overflow by processing FIG image with crafted color definition Josh Bressers (Dec 06)
Re: CVE request: TYPO3-SA-2010-020 Josh Bressers (Oct 11)
Re: CVE Request: kernel: socket filters infoleak Josh Bressers (Nov 10)
Re: CVE request: Horde Gollem <1.1.2 XSS in view.php Josh Bressers (Oct 01)
Re: utf-8 security issue in php Josh Bressers (Nov 02)
Re: CVE request: Simple Machines Forum Cross-Site Request Forgery Josh Bressers (Oct 11)
Re: CVE request: kernel: igb panics when receiving tag vlan packet Josh Bressers (Dec 06)
Re: CVE request: ImageMagick opens config files in $CWD Josh Bressers (Nov 15)
Re: CVE request: vanilla forums before 2.0.10, xss Josh Bressers (Dec 06)
Re: CVE request: kernel stack infoleaks Josh Bressers (Nov 04)
Re: CVE Request -- cURL / mingw32-cURL -- Did not strip directory parts separated by backslashes, when downloading files Josh Bressers (Oct 13)
Re: CVE request: kernel: logic error in INET_DIAG bytecode auditing Josh Bressers (Nov 05)
Re: CVE Request -- FontForge: Stack-based buffer overflow by processing specially-crafted CHARSET_REGISTRY font file header Josh Bressers (Dec 02)
Re: CVE request: kernel: setup_arg_pages: diagnose excessive argument size Josh Bressers (Oct 22)
Re: CVE request: Drupal views module CSRF/XSS before 2.11, XSS before 2.12 Josh Bressers (Dec 21)
Re: CVE Clarification: OpenFabrics ofed stack also contains RDS protocol Josh Bressers (Nov 05)
Re: CVE request: kernel: iovec overflow in rds_rdma_pages() Josh Bressers (Nov 01)
Re: CVE request: kernel: mm: mem allocated invisible to oom_kill() when not attached to any threads Josh Bressers (Nov 22)
Re: Subject: [oss-security] CVE request: kernel: install_special_mapping skips security_file_mmap check Josh Bressers (Dec 10)
Re: CVE request: kernel: missing tty ops write function presence check in hci_uart_tty_open() Josh Bressers (Nov 22)
Re: CVE Request -- MHonArc: Improper escaping of certain HTML sequences (XSS) Josh Bressers (Dec 21)
Re: CVE request: freeradius Josh Bressers (Oct 01)
Re: CVE Request -- Mercurial --Doesn't verify subject Common Name properly Josh Bressers (Oct 11)
Re: CVE request: kernel: pipe_fcntl local DoS Josh Bressers (Nov 30)
Re: CVE Request -- Wordpress v3.0.2 SQL injection flaw + two minor XSS issues Josh Bressers (Dec 02)
Re: Re: NULL byte poisoning fix in php 5.3.4+ Josh Bressers (Nov 22)
Re: CVE request: kernel: perf bug Josh Bressers (Nov 15)
Re: CVE request: kernel: possible kernel oops from user MSS Josh Bressers (Nov 12)
Re: CVE request: kernel: remote DoS in X.25 Josh Bressers (Nov 12)
Re: CVE request: vanilla forums before 2.0.10, xss Josh Bressers (Dec 07)
Re: CVE request: kernel: heap overflow in TIPC Josh Bressers (Oct 22)
Re: CVE request: Apache-AuthenHook perl module Josh Bressers (Oct 13)
Re: CVE request: kernel: SCTP memory corruption in HMAC handling Josh Bressers (Oct 04)
Re: CVE request eoCMS SQL injection vulnerability Josh Bressers (Oct 11)
Re: CVE request: kernel: Multiple DoS issues in block layer Josh Bressers (Nov 12)
Re: CVE request: usebb before 1.0.11 unauthorized access to content Josh Bressers (Oct 11)
Re: Small exposure in ocfs2 fast symlinks. Josh Bressers (Oct 04)
Re: CVE request: xen: x86-64: don't crash Xen upon direct pv guest access Josh Bressers (Nov 30)
Re: CVE request: joomla before 1.5.21 XSS Josh Bressers (Oct 11)
Re: CVE request, security issues fixed in MySQL 5.1.51 Josh Bressers (Oct 04)
Re: Clear text password in process list when using MySQL GUI tools Josh Bressers (Nov 18)
Re: CVE request: mono loading shared libs from cwd Josh Bressers (Nov 10)
Re: CVE request: kernel: failure to revert address limit override in OOPS error path Josh Bressers (Dec 02)
Re: CVE requests: Poppler, Quassel, Pyfribidi, Overkill, DocUtils, FireGPG, Wireshark Josh Bressers (Oct 04)
Re: CVE request: mono/moonlight: execution of arbitrary code due to mutable Strings Josh Bressers (Nov 29)
Re: CVE request: fuse Josh Bressers (Nov 05)
Re: CVE Request -- pootle -- XSS via 'match_names' parameter on translate.html page Josh Bressers (Nov 22)
Re: CVE request - phpCAS: prevent symlink attacks, directory traversal and XSS during a proxy callback Josh Bressers (Oct 01)
Re: libxml2 xpath Josh Bressers (Nov 04)
Re: CVE request: opensc buffer overflow Josh Bressers (Dec 21)
Re: Clear text password in process list when using MySQL GUI tools Josh Bressers (Nov 17)
Re: CVE request (2009): vanilla forums before 1.1.8 Josh Bressers (Oct 11)
Re: CVE request: MantisBT <=1.2.3 (db_type) Cross-Site Scripting & Path Disclosure Vulnerability Josh Bressers (Dec 16)
Re: CVE id request: fluxbb < 1.2.22 XSS Josh Bressers (Oct 11)
Re: CVE request: Joomla 1.5.21 SQL Injection and Information Disclosure Josh Bressers (Nov 12)
Re: CVE Request -- D-BUS -- Stack frame overflow by validating message with excessive number of nested variants Josh Bressers (Dec 16)
Re: CVE request: kernel: gdth: integer overflow in ioc_general() Josh Bressers (Nov 10)
Re: CVE request: MantisBT <=1.2.3 (db_type) Local File Inclusion Vulnerability Josh Bressers (Dec 16)
Re: CVE Request: MyBB XSS bugs Josh Bressers (Dec 21)
Re: CVE request: kernel: kvm kernel stack leakage Josh Bressers (Nov 05)
Re: CVE request: mybb before 1.4.11 and before 1.4.12 Josh Bressers (Oct 11)
Re: CVE request: moodle 1.9.10 Josh Bressers (Nov 01)
Re: CVE Request: PHP 5.3.3, libmbfl, mb_strcut Josh Bressers (Nov 08)
Re: CVE request for OpenTTD Josh Bressers (Nov 15)
Re: CVE Request: gif2png: command-line buffer overflow problem Josh Bressers (Nov 22)
Re: clamav 0.96.5 released Josh Bressers (Dec 03)
Re: CVE request: ettercap GTK Josh Bressers (Oct 13)
Re: Proftpd pre-authentication buffer overflow in Telnet code Josh Bressers (Nov 01)
Re: CVE request: tikiwiki <= 5.2 XSS, CSRF, file inclusion Josh Bressers (Nov 22)
Re: CVE requests: IO::Socket::SSL, cakephp, collectd, gnash, ocrodjvu, hypermail, libcloud, piwigo Josh Bressers (Dec 07)
Re: CVE request: kernel: bfa driver sysfs crash Josh Bressers (Dec 09)
Re: CVE Request: libsdp Josh Bressers (Nov 16)
Re: CVE Request: more dovecot ACL issues Josh Bressers (Oct 04)
Re: CVE request: openx unknown vulnerability before 2.8.7 Josh Bressers (Dec 06)
Justin Ossevoort
Re: Breaking the links: Exploiting the linker Justin Ossevoort (Dec 15)
Kees Cook
Re: filesystem capabilities Kees Cook (Nov 10)
CVE request: kernel: heap contents leak from ETHTOOL_GRXCLSRLALL Kees Cook (Oct 25)
Re: filesystem capabilities Kees Cook (Nov 10)
Re: filesystem capabilities Kees Cook (Nov 10)
Re: Linux kernel proactive security hardening Kees Cook (Nov 10)
Re: Linux kernel proactive security hardening Kees Cook (Nov 10)
Re: filesystem capabilities Kees Cook (Nov 18)
Linux kernel proactive security hardening Kees Cook (Nov 07)
Kurt Seifried
Re: CVE Request: gif2png: command-line buffer overflow problem Kurt Seifried (Nov 22)
CVE Request: gif2png: command-line buffer overflow problem Kurt Seifried (Nov 22)
Ludwig Nussel
Re: CVE requests: IO::Socket::SSL, cakephp, collectd, gnash, ocrodjvu, hypermail, libcloud, piwigo Ludwig Nussel (Dec 09)
CVE Request: more dovecot ACL issues Ludwig Nussel (Oct 04)
Re: Re: CVE Request -- perl-CGI two ids, perl-CGI-Simple one id (CVE-2010-3172 already assigned for Bugzilla part) Ludwig Nussel (Dec 16)
CVE request: opensc buffer overflow Ludwig Nussel (Dec 21)
Re: filesystem capabilities Ludwig Nussel (Nov 08)
Re: CVE Request -- Mercurial --Doesn't verify subject Common Name properly Ludwig Nussel (Nov 17)
CVE request: moodle 1.9.10 Ludwig Nussel (Oct 29)
Maksymilian Arciemowicz
Re: CVE request (PHP 5.3.x getSymbol() DoS; CERT VU#479900) Maksymilian Arciemowicz (Dec 07)
Re: CVE request (PHP 5.3.x getSymbol() DoS; CERT VU#479900) Maksymilian Arciemowicz (Dec 08)
Marc Deslauriers
CVE request: fuse Marc Deslauriers (Nov 04)
Re: CVE Request -- Mercurial --Doesn't verify subject Common Name properly Marc Deslauriers (Nov 14)
Re: CVE Request -- Mercurial --Doesn't verify subject Common Name properly Marc Deslauriers (Nov 16)
Marcus Meissner
glibc $ORIGIN problem - CVE-2010-3847 Marcus Meissner (Oct 21)
CVE Request: local privilege escalation via /sys/kernel/debug/acpi/custom_method Marcus Meissner (Dec 15)
CVE Clarification: OpenFabrics ofed stack also contains RDS protocol Marcus Meissner (Nov 04)
Mark J Cox
Exim remote root Mark J Cox (Dec 10)
Mark Stosberg
Re: CVE Request -- perl-CGI two ids, perl-CGI-Simple one id (CVE-2010-3172 already assigned for Bugzilla part) Mark Stosberg (Dec 01)
Martin Drescher
Clear text password in process list when using MySQL GUI tools Martin Drescher (Nov 16)
Matthias Andree
Re: CVE Request -- Mercurial --Doesn't verify subject Common Name properly Matthias Andree (Nov 17)
Michael Gilbert
Re: Linux kernel address leaks Michael Gilbert (Nov 22)
Mike O'Connor
CVE-2010-1693: OFED openibd startup script uses predictable tmpfile Mike O'Connor (Oct 21)
Moritz Muehlenhoff
Re: Clear text password in process list when using MySQL GUI tools Moritz Muehlenhoff (Nov 17)
Re: Clear text password in process list when using MySQL GUI tools Moritz Muehlenhoff (Nov 20)
CVE request: Apache-AuthenHook perl module Moritz Muehlenhoff (Oct 13)
CVE request: TYPO3-SA-2010-020 Moritz Muehlenhoff (Oct 11)
IO::Socket::SSL perl module: CVE-2010-4501/CVE-2010-4334 dupe Moritz Muehlenhoff (Dec 24)
Nelson Elhage
kernel: Multiple vulnerabilities in AF_ECONET Nelson Elhage (Nov 29)
CVE request: kernel: NULL pointer dereference in AF_ECONET Nelson Elhage (Dec 08)
CVE request: kernel: logic error in INET_DIAG bytecode auditing Nelson Elhage (Nov 04)
Re: kernel: Dangerous interaction between clear_child_tid, set_fs(), and kernel oopses Nelson Elhage (Dec 08)
kernel: Dangerous interaction between clear_child_tid, set_fs(), and kernel oopses Nelson Elhage (Dec 02)
Nicolas Sebrecht
Re: CVE Request -- OfflineIMAP -- 1), failed to validate remote SSL server certificate 2), allows SSLv2 protocol Nicolas Sebrecht (Dec 23)
nigel
Exim security issue in historical release nigel (Dec 13)
Oden Eriksson
Re: Nagios format string issues Oden Eriksson (Oct 06)
Re: Nagios format string issues Oden Eriksson (Oct 06)
Re: Nagios format string issues Oden Eriksson (Oct 12)
utf-8 security issue in php Oden Eriksson (Nov 02)
Petr Matousek
CVE request -- libguestfs: missing disk format specifier when adding a disk Petr Matousek (Oct 18)
Re: CVE request: kernel: CAN information leak, 2nd attempt Petr Matousek (Dec 20)
CVE request: kernel: L2TP send buffer allocation size overflows Petr Matousek (Nov 10)
Re: CVE request: kernel: gdth: integer overflow in ioc_general() Petr Matousek (Nov 09)
CVE request: kernel: gdth: integer overflow in ioc_general() Petr Matousek (Nov 08)
Subject: [oss-security] CVE request: kernel: install_special_mapping skips security_file_mmap check Petr Matousek (Dec 10)
CVE request: kernel: kvm kernel stack leakage Petr Matousek (Nov 04)
CVE request: kernel: CAN information leak, 2nd attempt Petr Matousek (Dec 20)
Pierre Joye
Re: CVE request (PHP 5.3.x getSymbol() DoS; CERT VU#479900) Pierre Joye (Dec 07)
Re: utf-8 security issue in php Pierre Joye (Nov 02)
Re: utf-8 security issue in php Pierre Joye (Nov 02)
Re: NULL byte poisoning fix in php 5.3.4+ Pierre Joye (Nov 18)
Re: Re: NULL byte poisoning fix in php 5.3.4+ Pierre Joye (Nov 29)
Re: Re: NULL byte poisoning fix in php 5.3.4+ Pierre Joye (Dec 09)
Re: utf-8 security issue in php Pierre Joye (Nov 02)
CVE Request: PHP 5.3.3, libmbfl, mb_strcut Pierre Joye (Nov 07)
Re: Issues without CVE names in PHP 5.3.4/5.2.15 release Pierre Joye (Dec 13)
Re: Issues without CVE names in PHP 5.3.4/5.2.15 release Pierre Joye (Dec 13)
Re: Re: NULL byte poisoning fix in php 5.3.4+ Pierre Joye (Dec 09)
Re: utf-8 security issue in php Pierre Joye (Nov 14)
NULL byte poisoning fix in php 5.3.4+ Pierre Joye (Nov 18)
Re: utf-8 security issue in php Pierre Joye (Nov 02)
Re: Re: NULL byte poisoning fix in php 5.3.4+ Pierre Joye (Dec 09)
Re: Re: utf-8 security issue in php - 2 CVEs? Pierre Joye (Nov 17)
Re: NULL byte poisoning fix in php 5.3.4+ Pierre Joye (Nov 22)
Re: utf-8 security issue in php - 2 CVEs? Pierre Joye (Nov 16)
Ralf Wildenhues
Re: Breaking the links: Exploiting the linker Ralf Wildenhues (Dec 16)
Raphael Geissert
Re: Issues without CVE names in PHP 5.3.4/5.2.15 release Raphael Geissert (Dec 13)
Re: CVE Request -- MHonArc: Improper escaping of certain HTML sequences (XSS) Raphael Geissert (Dec 22)
CVE requests: IO::Socket::SSL, cakephp, collectd, gnash, ocrodjvu, hypermail, libcloud, piwigo Raphael Geissert (Dec 06)
Reed Loden
Re: CVE Request -- perl-CGI two ids, perl-CGI-Simple one id (CVE-2010-3172 already assigned for Bugzilla part) Reed Loden (Dec 01)
Rémi Denis-Courmont
Re: Clarifications on the D-Bus specification Rémi Denis-Courmont (Dec 11)
Robert Seacord
RE: Interesting behavior with struct initiailization Robert Seacord (Dec 03)
Robert Święcki
Re: glibc $ORIGIN problem - CVE-2010-3847 Robert Święcki (Oct 21)
Rubidium
CVE request for OpenTTD Rubidium (Nov 14)
Sebastian Krahmer
Re: utf-8 security issue in php Sebastian Krahmer (Nov 03)
Re: filesystem capabilities Sebastian Krahmer (Nov 08)
libxml2 xpath Sebastian Krahmer (Nov 02)
Solar Designer
Re: Minor security flaw with pam_xauth Solar Designer (Oct 24)
Re: Linux kernel proactive security hardening Solar Designer (Nov 07)
Re: [taviso () cmpxchg8b com: [PATCH] install_special_mapping skips security_file_mmap check.] Solar Designer (Dec 09)
filesystem capabilities Solar Designer (Nov 07)
Re: kernel: Dangerous interaction between clear_child_tid, set_fs(), and kernel oopses Solar Designer (Dec 09)
Re: Linux kernel proactive security hardening Solar Designer (Nov 07)
Re: kernel: Dangerous interaction between clear_child_tid, set_fs(), and kernel oopses Solar Designer (Dec 07)
Re: kernel: Dangerous interaction between clear_child_tid, set_fs(), and kernel oopses Solar Designer (Dec 07)
Re: kernel: Dangerous interaction between clear_child_tid, set_fs(), and kernel oopses Solar Designer (Dec 09)
Re: Linux kernel proactive security hardening Solar Designer (Nov 07)
Re: glibc $ORIGIN problem - CVE-2010-3847 Solar Designer (Oct 24)
Steve Grubb
Re: filesystem capabilities Steve Grubb (Nov 10)
Re: filesystem capabilities Steve Grubb (Nov 08)
Re: filesystem capabilities Steve Grubb (Nov 10)
Re: filesystem capabilities Steve Grubb (Nov 08)
Steven M. Christey
Re: Linux kernel address leaks Steven M. Christey (Nov 29)
Re: CVE request: kernel: CAN information leak, 2nd attempt Steven M. Christey (Dec 20)
Re: CVE request: multiple kernel stack memory disclosures Steven M. Christey (Oct 06)
Re: CVE requests: IO::Socket::SSL, cakephp, collectd, gnash, ocrodjvu, hypermail, libcloud, piwigo Steven M. Christey (Dec 09)
CVE assignments for Wireshark LDSS / ZCL issues Steven M. Christey (Nov 22)
Re: CVE request: multiple kernel stack memory disclosures Steven M. Christey (Oct 25)
Re: CVE Request: gif2png: command-line buffer overflow problem Steven M. Christey (Nov 22)
Re: Re: NULL byte poisoning fix in php 5.3.4+ Steven M. Christey (Dec 09)
Re: CVE Request: gif2png: command-line buffer overflow problem Steven M. Christey (Nov 22)
Re: Clear text password in process list when using MySQL GUI tools Steven M. Christey (Nov 17)
Re: Re: NULL byte poisoning fix in php 5.3.4+ Steven M. Christey (Dec 09)
Re: CVE request: ettercap GTK Steven M. Christey (Oct 14)
Re: Can I request a cve for pfsense regarding --> "pfSense "graph.php" Cross-Site Scripting Vulnerabilities" Steven M. Christey (Dec 06)
Re: CVE Request -- Mercurial --Doesn't verify subject Common Name properly Steven M. Christey (Nov 15)
Re: Nagios format string issues Steven M. Christey (Oct 06)
Re: CVE request: moodle 1.9.10 Steven M. Christey (Nov 07)
Re: CVE request: kernel stack infoleaks Steven M. Christey (Nov 02)
Re: CVE request: vanilla forums before 2.0.10, xss Steven M. Christey (Dec 06)
Re: CVE request (PHP 5.3.x getSymbol() DoS; CERT VU#479900) Steven M. Christey (Dec 06)
Re: econet iovec Steven M. Christey (Nov 15)
Re: CVE request, security issues fixed in MySQL 5.1.51 Steven M. Christey (Oct 07)
Tavis Ormandy
[taviso () cmpxchg8b com: [PATCH] install_special_mapping skips security_file_mmap check.] Tavis Ormandy (Dec 09)
Thomas Biege
clamav 0.96.5 released Thomas Biege (Dec 03)
Re: CVE request: kernel: unix socket local dos Thomas Biege (Nov 26)
Re: CVE request: mono loading shared libs from cwd Thomas Biege (Nov 10)
CVE request: mono loading shared libs from cwd Thomas Biege (Nov 10)
Re: CVE request: kernel: Multiple DoS issues in block layer Thomas Biege (Nov 29)
Thomas Pollet
econet iovec Thomas Pollet (Nov 14)
Re: kernel: avoid pgoff overflow in remap_file_pages Thomas Pollet (Oct 12)
Tim Brown
Breaking the links: Exploiting the linker Tim Brown (Dec 14)
Re: Re: Breaking the links: Exploiting the linker Tim Brown (Dec 22)
Re: Re: Breaking the links: Exploiting the linker Tim Brown (Dec 16)
Re: Breaking the links: Exploiting the linker Tim Brown (Dec 16)
Tomas Hoger
Re: Re: CVE request (PHP 5.3.x getSymbol() DoS; CERT VU#479900) Tomas Hoger (Dec 08)
Re: CVE requests: Poppler, Quassel, Pyfribidi, Overkill, DocUtils, FireGPG, Wireshark Tomas Hoger (Oct 01)
Re: Nagios format string issues Tomas Hoger (Oct 07)
Re: CVE request (PHP 5.3.x getSymbol() DoS; CERT VU#479900) Tomas Hoger (Dec 07)
Re: Breaking the links: Exploiting the linker Tomas Hoger (Dec 15)
Re: CVE requests: Poppler, Quassel, Pyfribidi, Overkill, DocUtils, FireGPG, Wireshark Tomas Hoger (Oct 04)
Re: IO::Socket::SSL perl module: CVE-2010-4501/CVE-2010-4334 dupe Tomas Hoger (Dec 29)
Re: CVE request (PHP 5.3.x getSymbol() DoS; CERT VU#479900) Tomas Hoger (Dec 09)
Re: Re: CVE request (PHP 5.3.x getSymbol() DoS; CERT VU#479900) Tomas Hoger (Dec 08)
Ulrik Persson
CVE Request: Wireshark Ulrik Persson (Dec 31)
CVE Request: MyBB XSS bugs Ulrik Persson (Dec 20)
Vasiliy Kulikov
Re: Linux kernel proactive security hardening Vasiliy Kulikov (Nov 10)
Re: Linux kernel proactive security hardening Vasiliy Kulikov (Nov 08)
Re: Linux kernel proactive security hardening Vasiliy Kulikov (Nov 08)
Vincent Danen
CVE request: freeradius Vincent Danen (Oct 01)
Re: CVE requests: Poppler, Quassel, Pyfribidi, Overkill, DocUtils, FireGPG, Wireshark Vincent Danen (Oct 01)
Issues without CVE names in PHP 5.3.4/5.2.15 release Vincent Danen (Dec 13)
CVE request, security issues fixed in MySQL 5.1.51 Vincent Danen (Oct 04)
Re: CVE requests: Poppler, Quassel, Pyfribidi, Overkill, DocUtils, FireGPG, Wireshark Vincent Danen (Oct 01)
Re: CVE request (PHP 5.3.x getSymbol() DoS; CERT VU#479900) Vincent Danen (Dec 06)
Re: CVE requests: Poppler, Quassel, Pyfribidi, Overkill, DocUtils, FireGPG, Wireshark Vincent Danen (Oct 12)
qpidd SSL connection DoS (CVE-2010-3083) Vincent Danen (Oct 07)
CVE request (PHP 5.3.x getSymbol() DoS; CERT VU#479900) Vincent Danen (Dec 06)
Re: utf-8 security issue in php Vincent Danen (Nov 02)
CVE request: libvirt when compiled with openvz support has a potential security hole Vincent Danen (Dec 07)
Re: Minor security flaw with pam_xauth Vincent Danen (Oct 01)
CVE request: ImageMagick opens config files in $CWD Vincent Danen (Nov 12)
Re: CVE request: libvirt when compiled with openvz support has a potential security hole Vincent Danen (Dec 08)
Re: Issues without CVE names in PHP 5.3.4/5.2.15 release Vincent Danen (Dec 13)
Re: utf-8 security issue in php Vincent Danen (Nov 02)
yersinia
Re: filesystem capabilities yersinia (Nov 08)
Yves-Alexis Perez
Re: Linux kernel address leaks Yves-Alexis Perez (Nov 23)