Bugtraq http://www.spinics.net/lists/bugtraq/ Archive updates for Bugtraq en-us Tue, 21 May 2013 18:57:52 GMT Tue, 21 May 2013 18:57:52 GMT http://blogs.law.harvard.edu/tech/rss [slackware-security] kernel (SSA:2013-140-01) http://www.spinics.net/lists/bugtraq/msg49158.html [slackware-security] kernel (SSA:2013-140-01) Tue, 21 May 2013 16:00:14 GMT Slackware Security Team <security@xxxxxxxxxxxxx> http://www.spinics.net/lists/bugtraq/msg49158.html Sony PS3 Firmware v4.31 - Code Execution Vulnerability http://www.spinics.net/lists/bugtraq/msg49157.html Sony PS3 Firmware v4.31 - Code Execution Vulnerability Tue, 21 May 2013 15:43:16 GMT Vulnerability Lab <research@xxxxxxxxxxxxxxxxxxxxx> http://www.spinics.net/lists/bugtraq/msg49157.html CVE-2013-3496. Local privilege escalation vulnerability in Infotecs products (ViPNet Client\Coordinator, SafeDisk, Personal Firewall) http://www.spinics.net/lists/bugtraq/msg49156.html CVE-2013-3496. Local privilege escalation vulnerability in Infotecs products (ViPNet Client\Coordinator, SafeDisk, Personal Firewall) Tue, 21 May 2013 15:24:28 GMT chudakovma@xxxxxxxxx http://www.spinics.net/lists/bugtraq/msg49156.html Static analysis tool exposition (SATE) V Call for participation http://www.spinics.net/lists/bugtraq/msg49155.html Static analysis tool exposition (SATE) V Call for participation Tue, 21 May 2013 15:19:45 GMT aure@xxxxxxxx http://www.spinics.net/lists/bugtraq/msg49155.html Revision of "IPv6 Stable Privacy Addresses" (Fwd: I-D Action: draft-ietf-6man-stable-privacy-addresses-07.txt) http://www.spinics.net/lists/bugtraq/msg49154.html Revision of "IPv6 Stable Privacy Addresses" (Fwd: I-D Action: draft-ietf-6man-stable-privacy-addresses-07.txt) Tue, 21 May 2013 15:09:52 GMT Fernando Gont <fgont@xxxxxxxxxxxxxxx> http://www.spinics.net/lists/bugtraq/msg49154.html Defense in depth -- the Microsoft way http://www.spinics.net/lists/bugtraq/msg49153.html Defense in depth -- the Microsoft way Tue, 21 May 2013 14:57:50 GMT "Stefan Kanthak" <stefan.kanthak@xxxxxxxx> http://www.spinics.net/lists/bugtraq/msg49153.html CONFidence - May, 28-29, Krakow, Poland - a conference adventure that never stops! http://www.spinics.net/lists/bugtraq/msg49152.html CONFidence - May, 28-29, Krakow, Poland - a conference adventure that never stops! Fri, 17 May 2013 15:30:20 GMT Sławomir Jabs <slawomir.jabs@xxxxxxxxx> http://www.spinics.net/lists/bugtraq/msg49152.html [slackware-security] ruby (SSA:2013-136-02) http://www.spinics.net/lists/bugtraq/msg49151.html [slackware-security] ruby (SSA:2013-136-02) Fri, 17 May 2013 15:15:13 GMT Slackware Security Team <security@xxxxxxxxxxxxx> http://www.spinics.net/lists/bugtraq/msg49151.html [slackware-security] mozilla-thunderbird x86_64 packages (SSA:2013-136-01) http://www.spinics.net/lists/bugtraq/msg49150.html [slackware-security] mozilla-thunderbird x86_64 packages (SSA:2013-136-01) Fri, 17 May 2013 15:02:51 GMT Slackware Security Team <security@xxxxxxxxxxxxx> http://www.spinics.net/lists/bugtraq/msg49150.html APPLE-SA-2013-05-16-1 iTunes 11.0.3 http://www.spinics.net/lists/bugtraq/msg49149.html APPLE-SA-2013-05-16-1 iTunes 11.0.3 Fri, 17 May 2013 14:49:50 GMT Apple Product Security <product-security-noreply@xxxxxxxxxxxxxxx> http://www.spinics.net/lists/bugtraq/msg49149.html ESA-2013-029: RSA SecurID Sensitive Information Disclosure Vulnerability http://www.spinics.net/lists/bugtraq/msg49148.html ESA-2013-029: RSA SecurID Sensitive Information Disclosure Vulnerability Thu, 16 May 2013 15:35:04 GMT Security Alert <Security_Alert@xxxxxxx> http://www.spinics.net/lists/bugtraq/msg49148.html ESA-2013-041: EMC VNX and Celerra Control Station Elevation of Privilege Vulnerability http://www.spinics.net/lists/bugtraq/msg49147.html ESA-2013-041: EMC VNX and Celerra Control Station Elevation of Privilege Vulnerability Thu, 16 May 2013 15:20:46 GMT Security Alert <Security_Alert@xxxxxxx> http://www.spinics.net/lists/bugtraq/msg49147.html [slackware-security] mozilla-thunderbird (SSA:2013-135-02) http://www.spinics.net/lists/bugtraq/msg49146.html [slackware-security] mozilla-thunderbird (SSA:2013-135-02) Thu, 16 May 2013 14:57:01 GMT Slackware Security Team <security@xxxxxxxxxxxxx> http://www.spinics.net/lists/bugtraq/msg49146.html [slackware-security] mozilla-firefox (SSA:2013-135-01) http://www.spinics.net/lists/bugtraq/msg49145.html [slackware-security] mozilla-firefox (SSA:2013-135-01) Thu, 16 May 2013 14:45:49 GMT Slackware Security Team <security@xxxxxxxxxxxxx> http://www.spinics.net/lists/bugtraq/msg49145.html [SECURITY] [DSA 2669-1] linux security update http://www.spinics.net/lists/bugtraq/msg49144.html [SECURITY] [DSA 2669-1] linux security update Thu, 16 May 2013 14:32:36 GMT dann frazier <dannf@xxxxxxxxxx> http://www.spinics.net/lists/bugtraq/msg49144.html Cisco Security Advisory: Cisco TelePresence Supervisor MSE 8050 Denial of Service Vulnerability http://www.spinics.net/lists/bugtraq/msg49143.html Cisco Security Advisory: Cisco TelePresence Supervisor MSE 8050 Denial of Service Vulnerability Wed, 15 May 2013 18:59:37 GMT Cisco Systems Product Security Incident Response Team <psirt@xxxxxxxxx> http://www.spinics.net/lists/bugtraq/msg49143.html Multiple Vulnerabilities in Exponent CMS http://www.spinics.net/lists/bugtraq/msg49142.html Multiple Vulnerabilities in Exponent CMS Wed, 15 May 2013 18:43:22 GMT advisory@xxxxxxxxxxxx http://www.spinics.net/lists/bugtraq/msg49142.html [ MDVSA-2013:165 ] firefox http://www.spinics.net/lists/bugtraq/msg49141.html [ MDVSA-2013:165 ] firefox Wed, 15 May 2013 15:50:15 GMT security@xxxxxxxxxxxx http://www.spinics.net/lists/bugtraq/msg49141.html [security bulletin] HPSBUX02859 SSRT101144 rev.3 - HP-UX Running XNTP, Remote Denial of Service (DoS) and Execution of Arbitrary Code http://www.spinics.net/lists/bugtraq/msg49140.html [security bulletin] HPSBUX02859 SSRT101144 rev.3 - HP-UX Running XNTP, Remote Denial of Service (DoS) and Execution of Arbitrary Code Wed, 15 May 2013 15:39:42 GMT security-alert@xxxxxx http://www.spinics.net/lists/bugtraq/msg49140.html [SECURITY] [DSA 2668-1] linux-2.6 security update http://www.spinics.net/lists/bugtraq/msg49139.html [SECURITY] [DSA 2668-1] linux-2.6 security update Wed, 15 May 2013 15:22:50 GMT dann frazier <dannf@xxxxxxxxxx> http://www.spinics.net/lists/bugtraq/msg49139.html WASC Announcement: Static Analysis Technologies Evaluation Criteria Published http://www.spinics.net/lists/bugtraq/msg49138.html WASC Announcement: Static Analysis Technologies Evaluation Criteria Published Mon, 13 May 2013 17:06:31 GMT announcements@xxxxxxxxxxxxx http://www.spinics.net/lists/bugtraq/msg49138.html File Lite 3.3 & 3.5 PRO iOS - Multiple Web Vulnerabilities http://www.spinics.net/lists/bugtraq/msg49137.html File Lite 3.3 & 3.5 PRO iOS - Multiple Web Vulnerabilities Mon, 13 May 2013 16:45:42 GMT Vulnerability Lab <research@xxxxxxxxxxxxxxxxxxxxx> http://www.spinics.net/lists/bugtraq/msg49137.html SimpleTransfer 2.2.1 - Command Injection Vulnerabilities http://www.spinics.net/lists/bugtraq/msg49136.html SimpleTransfer 2.2.1 - Command Injection Vulnerabilities Mon, 13 May 2013 16:34:30 GMT Vulnerability Lab <research@xxxxxxxxxxxxxxxxxxxxx> http://www.spinics.net/lists/bugtraq/msg49136.html Wireless Photo Access 1.0.10 iOS - Multiple Vulnerabilities http://www.spinics.net/lists/bugtraq/msg49135.html Wireless Photo Access 1.0.10 iOS - Multiple Vulnerabilities Mon, 13 May 2013 16:25:23 GMT Vulnerability Lab <research@xxxxxxxxxxxxxxxxxxxxx> http://www.spinics.net/lists/bugtraq/msg49135.html Wifi Album v1.47 iOS - Command Injection Vulnerability http://www.spinics.net/lists/bugtraq/msg49134.html Wifi Album v1.47 iOS - Command Injection Vulnerability Mon, 13 May 2013 16:08:59 GMT Vulnerability Lab <research@xxxxxxxxxxxxxxxxxxxxx> http://www.spinics.net/lists/bugtraq/msg49134.html Wifi Photo Transfer 2.1 & 1.1 PRO - Multiple Vulnerabilities http://www.spinics.net/lists/bugtraq/msg49133.html Wifi Photo Transfer 2.1 & 1.1 PRO - Multiple Vulnerabilities Mon, 13 May 2013 15:54:29 GMT Vulnerability Lab <research@xxxxxxxxxxxxxxxxxxxxx> http://www.spinics.net/lists/bugtraq/msg49133.html Wireless Disk PRO v2.3 iOS - Multiple Web Vulnerabilities http://www.spinics.net/lists/bugtraq/msg49132.html Wireless Disk PRO v2.3 iOS - Multiple Web Vulnerabilities Mon, 13 May 2013 15:39:37 GMT Vulnerability Lab <research@xxxxxxxxxxxxxxxxxxxxx> http://www.spinics.net/lists/bugtraq/msg49132.html [RT-SA-2013-001] Advisory: Exim with Dovecot: Typical Misconfiguration Leads to Remote Command Execution http://www.spinics.net/lists/bugtraq/msg49131.html [RT-SA-2013-001] Advisory: Exim with Dovecot: Typical Misconfiguration Leads to Remote Command Execution Mon, 13 May 2013 15:28:14 GMT RedTeam Pentesting GmbH <release@xxxxxxxxxxxxxxxxxxxxx> http://www.spinics.net/lists/bugtraq/msg49131.html [ MDVSA-2013:164 ] mesa http://www.spinics.net/lists/bugtraq/msg49130.html [ MDVSA-2013:164 ] mesa Mon, 13 May 2013 15:14:20 GMT security@xxxxxxxxxxxx http://www.spinics.net/lists/bugtraq/msg49130.html [SECURITY] [DSA 2667-1] mysql-5.5 security update http://www.spinics.net/lists/bugtraq/msg49129.html [SECURITY] [DSA 2667-1] mysql-5.5 security update Mon, 13 May 2013 14:56:25 GMT Moritz Muehlenhoff <jmm@xxxxxxxxxx> http://www.spinics.net/lists/bugtraq/msg49129.html [SECURITY] [DSA 2666-1] xen security update http://www.spinics.net/lists/bugtraq/msg49128.html [SECURITY] [DSA 2666-1] xen security update Mon, 13 May 2013 14:40:31 GMT Salvatore Bonaccorso <carnil@xxxxxxxxxx> http://www.spinics.net/lists/bugtraq/msg49128.html CVE-2013-2071 Request mix-up if AsyncListener method throws RuntimeException http://www.spinics.net/lists/bugtraq/msg49127.html CVE-2013-2071 Request mix-up if AsyncListener method throws RuntimeException Fri, 10 May 2013 18:11:39 GMT Mark Thomas <markt@xxxxxxxxxx> http://www.spinics.net/lists/bugtraq/msg49127.html ESA-2013-031: RSA® Authentication Agent Cross-Site Scripting (XSS) Vulnerability http://www.spinics.net/lists/bugtraq/msg49126.html ESA-2013-031: RSA® Authentication Agent Cross-Site Scripting (XSS) Vulnerability Fri, 10 May 2013 18:05:08 GMT Security Alert <Security_Alert@xxxxxxx> http://www.spinics.net/lists/bugtraq/msg49126.html [SECURITY] CVE-2012-3544 Chunked transfer encoding extension size is not limited http://www.spinics.net/lists/bugtraq/msg49125.html [SECURITY] CVE-2012-3544 Chunked transfer encoding extension size is not limited Fri, 10 May 2013 17:52:12 GMT Mark Thomas <markt@xxxxxxxxxx> http://www.spinics.net/lists/bugtraq/msg49125.html CFP: Hacktivity 2013, October 11-12, Budapest, Hungary http://www.spinics.net/lists/bugtraq/msg49124.html CFP: Hacktivity 2013, October 11-12, Budapest, Hungary Fri, 10 May 2013 17:46:38 GMT cfp@xxxxxxxxxxxxxx http://www.spinics.net/lists/bugtraq/msg49124.html [SECURITY] CVE-2013-2067 Session fixation with FORM authenticator http://www.spinics.net/lists/bugtraq/msg49123.html [SECURITY] CVE-2013-2067 Session fixation with FORM authenticator Fri, 10 May 2013 17:42:05 GMT Mark Thomas <markt@xxxxxxxxxx> http://www.spinics.net/lists/bugtraq/msg49123.html DDIVRT-2013-53 Actuate 'ActuateJavaComponent' Multiple Vulnerabilities http://www.spinics.net/lists/bugtraq/msg49122.html DDIVRT-2013-53 Actuate 'ActuateJavaComponent' Multiple Vulnerabilities Thu, 09 May 2013 20:18:26 GMT ddivulnalert@xxxxxxxxxxxxxxxx http://www.spinics.net/lists/bugtraq/msg49122.html ESA-2013-021: EMC Documentum Multiple Vulnerabilities http://www.spinics.net/lists/bugtraq/msg49121.html ESA-2013-021: EMC Documentum Multiple Vulnerabilities Thu, 09 May 2013 20:04:38 GMT Security Alert <Security_Alert@xxxxxxx> http://www.spinics.net/lists/bugtraq/msg49121.html Re: Vulnerabilities in Windows 8 Professional x64 factory preinstallation of Fujitsu Lifebook A512 [continued] http://www.spinics.net/lists/bugtraq/msg49120.html Re: Vulnerabilities in Windows 8 Professional x64 factory preinstallation of Fujitsu Lifebook A512 [continued] Thu, 09 May 2013 19:45:53 GMT "Stefan Kanthak" <stefan.kanthak@xxxxxxxx> http://www.spinics.net/lists/bugtraq/msg49120.html ESA-2013-037: EMC AlphaStor Buffer Overflow Vulnerability http://www.spinics.net/lists/bugtraq/msg49119.html ESA-2013-037: EMC AlphaStor Buffer Overflow Vulnerability Thu, 09 May 2013 19:27:44 GMT Security Alert <Security_Alert@xxxxxxx> http://www.spinics.net/lists/bugtraq/msg49119.html Vulnerability in "Fujitsu Desktop Update" (for Windows) http://www.spinics.net/lists/bugtraq/msg49118.html Vulnerability in "Fujitsu Desktop Update" (for Windows) Thu, 09 May 2013 19:14:01 GMT "Stefan Kanthak" <stefan.kanthak@xxxxxxxx> http://www.spinics.net/lists/bugtraq/msg49118.html [security bulletin] HPSBMU02786 SSRT100877 rev.2 - HP System Management Homepage (SMH) Running on Linux, Windows, and VMware ESX, Remote Unauthorized Access, Disclosure of Information, Data Modification, Denial of Service (DoS), Execution of Arbitrary Code http://www.spinics.net/lists/bugtraq/msg49117.html [security bulletin] HPSBMU02786 SSRT100877 rev.2 - HP System Management Homepage (SMH) Running on Linux, Windows, and VMware ESX, Remote Unauthorized Access, Disclosure of Information, Data Modification, Denial of Service (DoS), Execution of Arbitrary Code Thu, 09 May 2013 19:00:46 GMT security-alert@xxxxxx http://www.spinics.net/lists/bugtraq/msg49117.html [security bulletin] HPSBUX02876 SSRT101148 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS) http://www.spinics.net/lists/bugtraq/msg49116.html [security bulletin] HPSBUX02876 SSRT101148 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS) Wed, 08 May 2013 20:49:16 GMT security-alert@xxxxxx http://www.spinics.net/lists/bugtraq/msg49116.html [2.0 Update] Cisco Security Advisory: Cisco Prime Data Center Network Manager Remote Command Execution Vulnerability http://www.spinics.net/lists/bugtraq/msg49115.html [2.0 Update] Cisco Security Advisory: Cisco Prime Data Center Network Manager Remote Command Execution Vulnerability Wed, 08 May 2013 20:38:44 GMT Cisco Systems Product Security Incident Response Team <psirt@xxxxxxxxx> http://www.spinics.net/lists/bugtraq/msg49115.html Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified Customer Voice Portal Software http://www.spinics.net/lists/bugtraq/msg49114.html Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified Customer Voice Portal Software Wed, 08 May 2013 17:48:59 GMT Cisco Systems Product Security Incident Response Team <psirt@xxxxxxxxx> http://www.spinics.net/lists/bugtraq/msg49114.html Cross-Site Request Forgery (CSRF) in UMI.CMS http://www.spinics.net/lists/bugtraq/msg49113.html Cross-Site Request Forgery (CSRF) in UMI.CMS Wed, 08 May 2013 16:35:26 GMT advisory@xxxxxxxxxxxx http://www.spinics.net/lists/bugtraq/msg49113.html [ MDVSA-2013:163 ] glibc http://www.spinics.net/lists/bugtraq/msg49112.html [ MDVSA-2013:163 ] glibc Wed, 08 May 2013 15:12:52 GMT security@xxxxxxxxxxxx http://www.spinics.net/lists/bugtraq/msg49112.html [ MDVSA-2013:162 ] glibc http://www.spinics.net/lists/bugtraq/msg49111.html [ MDVSA-2013:162 ] glibc Wed, 08 May 2013 14:59:40 GMT security@xxxxxxxxxxxx http://www.spinics.net/lists/bugtraq/msg49111.html SEC Consult SA-20130507-0 :: Multiple vulnerabilities in NetApp OnCommand System Manager http://www.spinics.net/lists/bugtraq/msg49110.html SEC Consult SA-20130507-0 :: Multiple vulnerabilities in NetApp OnCommand System Manager Tue, 07 May 2013 13:59:56 GMT SEC Consult Vulnerability Lab <research@xxxxxxxxxxxxxxx> http://www.spinics.net/lists/bugtraq/msg49110.html Apache VCL improper input validation http://www.spinics.net/lists/bugtraq/msg49109.html Apache VCL improper input validation Mon, 06 May 2013 17:28:12 GMT Josh Thompson <jfthomps@xxxxxxxxxx> http://www.spinics.net/lists/bugtraq/msg49109.html [ MDVSA-2013:161 ] java-1.7.0-openjdk http://www.spinics.net/lists/bugtraq/msg49108.html [ MDVSA-2013:161 ] java-1.7.0-openjdk Mon, 06 May 2013 17:10:21 GMT security@xxxxxxxxxxxx http://www.spinics.net/lists/bugtraq/msg49108.html ESA-2013-015: RSA Archer® GRC Multiple Vulnerabilities http://www.spinics.net/lists/bugtraq/msg49107.html ESA-2013-015: RSA Archer® GRC Multiple Vulnerabilities Mon, 06 May 2013 15:40:57 GMT Security Alert <Security_Alert@xxxxxxx> http://www.spinics.net/lists/bugtraq/msg49107.html VULNERABLE and COMPLETELY outdated 3rd-party libraries/components used in 3CX Phone 6 http://www.spinics.net/lists/bugtraq/msg49106.html VULNERABLE and COMPLETELY outdated 3rd-party libraries/components used in 3CX Phone 6 Mon, 06 May 2013 14:44:37 GMT "Stefan Kanthak" <stefan.kanthak@xxxxxxxx> http://www.spinics.net/lists/bugtraq/msg49106.html Multiple buffer overflows on Huawei SNMPv3 service http://www.spinics.net/lists/bugtraq/msg49105.html Multiple buffer overflows on Huawei SNMPv3 service Mon, 06 May 2013 14:43:10 GMT roberto.paleari@xxxxxxxxx http://www.spinics.net/lists/bugtraq/msg49105.html Vulnerability in Microsoft Security Essentials <v4.2 http://www.spinics.net/lists/bugtraq/msg49104.html Vulnerability in Microsoft Security Essentials <v4.2 Mon, 06 May 2013 14:27:31 GMT "Stefan Kanthak" <stefan.kanthak@xxxxxxxx> http://www.spinics.net/lists/bugtraq/msg49104.html [SE-2012-01] New security vulnerabilities and broken fixes in IBM Java http://www.spinics.net/lists/bugtraq/msg49103.html [SE-2012-01] New security vulnerabilities and broken fixes in IBM Java Mon, 06 May 2013 14:23:35 GMT Security Explorations <contact@xxxxxxxxxxxxxxxxxxxxxxxxx> http://www.spinics.net/lists/bugtraq/msg49103.html Multiple Vulnerabilities in D-Link DSL-320B http://www.spinics.net/lists/bugtraq/msg49102.html Multiple Vulnerabilities in D-Link DSL-320B Mon, 06 May 2013 14:03:53 GMT devnull@xxxxxxxxxxx http://www.spinics.net/lists/bugtraq/msg49102.html [ MDVSA-2013:160 ] phpmyadmin http://www.spinics.net/lists/bugtraq/msg49101.html [ MDVSA-2013:160 ] phpmyadmin Fri, 03 May 2013 18:52:14 GMT security@xxxxxxxxxxxx http://www.spinics.net/lists/bugtraq/msg49101.html VUPEN Security Research - Microsoft Internet Explorer 10-9-8-7-6 "CDisplayPointer" Use-after-free (MS13-028) http://www.spinics.net/lists/bugtraq/msg49100.html VUPEN Security Research - Microsoft Internet Explorer 10-9-8-7-6 "CDisplayPointer" Use-after-free (MS13-028) Fri, 03 May 2013 18:34:56 GMT VUPEN Security Research <advisories@xxxxxxxxx> http://www.spinics.net/lists/bugtraq/msg49100.html VUPEN Security Research - Microsoft Internet Explorer 10-9-8-7-6 "Scroll" Use-after-free (MS13-028) http://www.spinics.net/lists/bugtraq/msg49099.html VUPEN Security Research - Microsoft Internet Explorer 10-9-8-7-6 "Scroll" Use-after-free (MS13-028) Fri, 03 May 2013 18:19:54 GMT VUPEN Security Research <advisories@xxxxxxxxx> http://www.spinics.net/lists/bugtraq/msg49099.html ESA-2013-035: EMC Avamar Client Improper Certificate Validation Vulnerability http://www.spinics.net/lists/bugtraq/msg49098.html ESA-2013-035: EMC Avamar Client Improper Certificate Validation Vulnerability Thu, 02 May 2013 19:03:52 GMT Security Alert <Security_Alert@xxxxxxx> http://www.spinics.net/lists/bugtraq/msg49098.html ESA-2013-028: EMC NetWorker Elevation of Privilege Vulnerability http://www.spinics.net/lists/bugtraq/msg49097.html ESA-2013-028: EMC NetWorker Elevation of Privilege Vulnerability Thu, 02 May 2013 18:43:33 GMT Security Alert <Security_Alert@xxxxxxx> http://www.spinics.net/lists/bugtraq/msg49097.html ESA-2013-034: EMC Avamar Improper Authorization vulnerability http://www.spinics.net/lists/bugtraq/msg49096.html ESA-2013-034: EMC Avamar Improper Authorization vulnerability Thu, 02 May 2013 18:20:12 GMT Security Alert <Security_Alert@xxxxxxx> http://www.spinics.net/lists/bugtraq/msg49096.html [SECURITY] [DSA 2664-1] stunnel4 security update http://www.spinics.net/lists/bugtraq/msg49095.html [SECURITY] [DSA 2664-1] stunnel4 security update Thu, 02 May 2013 18:11:24 GMT Salvatore Bonaccorso <carnil@xxxxxxxxxx> http://www.spinics.net/lists/bugtraq/msg49095.html NGS00415 Patch Notification: Oracle 11g TNS listener remote Null Pointer Dereference (pre-auth) http://www.spinics.net/lists/bugtraq/msg49094.html NGS00415 Patch Notification: Oracle 11g TNS listener remote Null Pointer Dereference (pre-auth) Thu, 02 May 2013 17:50:11 GMT NCC Group Research <research@xxxxxxxxxxxx> http://www.spinics.net/lists/bugtraq/msg49094.html WordPress Plugin: Advanced XML Reader v0.3.4 XXE Vulnerability http://www.spinics.net/lists/bugtraq/msg49093.html WordPress Plugin: Advanced XML Reader v0.3.4 XXE Vulnerability Thu, 02 May 2013 17:39:25 GMT admin@xxxxxxxxxxxxx http://www.spinics.net/lists/bugtraq/msg49093.html NGS00416 Patch Notification: Oracle 11g TNS listener remote Invalid Pointer Read (pre-auth) http://www.spinics.net/lists/bugtraq/msg49092.html NGS00416 Patch Notification: Oracle 11g TNS listener remote Invalid Pointer Read (pre-auth) Thu, 02 May 2013 17:37:56 GMT NCC Group Research <research@xxxxxxxxxxxx> http://www.spinics.net/lists/bugtraq/msg49092.html NGS00422 Patch Notification: Oracle Retail Integration Bus Manager Directory Traversal http://www.spinics.net/lists/bugtraq/msg49091.html NGS00422 Patch Notification: Oracle Retail Integration Bus Manager Directory Traversal Thu, 02 May 2013 17:11:29 GMT NCC Group Research <research@xxxxxxxxxxxx> http://www.spinics.net/lists/bugtraq/msg49091.html NGS00423 Patch Notification: Oracle Retail Invoice Manager SQL Injection http://www.spinics.net/lists/bugtraq/msg49090.html NGS00423 Patch Notification: Oracle Retail Invoice Manager SQL Injection Thu, 02 May 2013 16:54:18 GMT NCC Group Research <research@xxxxxxxxxxxx> http://www.spinics.net/lists/bugtraq/msg49090.html Multiple Cross-Site Scripting (XSS) vulnerabilities in GetSimple CMS http://www.spinics.net/lists/bugtraq/msg49089.html Multiple Cross-Site Scripting (XSS) vulnerabilities in GetSimple CMS Wed, 01 May 2013 17:01:27 GMT advisory@xxxxxxxxxxxx http://www.spinics.net/lists/bugtraq/msg49089.html SQL Injection in b2evolution http://www.spinics.net/lists/bugtraq/msg49088.html SQL Injection in b2evolution Wed, 01 May 2013 16:49:21 GMT advisory@xxxxxxxxxxxx http://www.spinics.net/lists/bugtraq/msg49088.html [HITB-Announce] #HITB2013KUL Call for Papers http://www.spinics.net/lists/bugtraq/msg49087.html [HITB-Announce] #HITB2013KUL Call for Papers Wed, 01 May 2013 16:36:22 GMT Hafez Kamal <aphesz@xxxxxxxxxxxxxxxx> http://www.spinics.net/lists/bugtraq/msg49087.html Unchecked Buffer in Microchip TCP/IP Stack Could Allow Remote Code Execution http://www.spinics.net/lists/bugtraq/msg49086.html Unchecked Buffer in Microchip TCP/IP Stack Could Allow Remote Code Execution Wed, 01 May 2013 16:25:36 GMT az.bugreport.subscriber@xxxxxxxxx http://www.spinics.net/lists/bugtraq/msg49086.html [ MDVSA-2013:159 ] clamav http://www.spinics.net/lists/bugtraq/msg49085.html [ MDVSA-2013:159 ] clamav Wed, 01 May 2013 13:46:12 GMT security@xxxxxxxxxxxx http://www.spinics.net/lists/bugtraq/msg49085.html [ MDVSA-2013:158 ] krb5 http://www.spinics.net/lists/bugtraq/msg49084.html [ MDVSA-2013:158 ] krb5 Tue, 30 Apr 2013 19:44:17 GMT security@xxxxxxxxxxxx http://www.spinics.net/lists/bugtraq/msg49084.html Syslog Watcher Pro 'Date' Parameter Cross Site Scripting Vulnerability http://www.spinics.net/lists/bugtraq/msg49083.html Syslog Watcher Pro 'Date' Parameter Cross Site Scripting Vulnerability Tue, 30 Apr 2013 18:54:04 GMT demonalex@xxxxxxx http://www.spinics.net/lists/bugtraq/msg49083.html [SECURITY] [DSA 2665-1] strongswan security update http://www.spinics.net/lists/bugtraq/msg49082.html [SECURITY] [DSA 2665-1] strongswan security update Tue, 30 Apr 2013 18:34:49 GMT Yves-Alexis Perez <corsac@xxxxxxxxxx> http://www.spinics.net/lists/bugtraq/msg49082.html [ MDVSA-2013:157 ] krb5 http://www.spinics.net/lists/bugtraq/msg49081.html [ MDVSA-2013:157 ] krb5 Tue, 30 Apr 2013 17:56:34 GMT security@xxxxxxxxxxxx http://www.spinics.net/lists/bugtraq/msg49081.html [security bulletin] HPSBMU02872 SSRT101185 rev.1 - HP Service Manager, Remote Disclosure of Information, Cross Site Scripting(XSS) http://www.spinics.net/lists/bugtraq/msg49080.html [security bulletin] HPSBMU02872 SSRT101185 rev.1 - HP Service Manager, Remote Disclosure of Information, Cross Site Scripting(XSS) Tue, 30 Apr 2013 17:32:16 GMT security-alert@xxxxxx http://www.spinics.net/lists/bugtraq/msg49080.html FreeBSD Security Advisory FreeBSD-SA-13:05.nfsserver [REVISED] http://www.spinics.net/lists/bugtraq/msg49079.html FreeBSD Security Advisory FreeBSD-SA-13:05.nfsserver [REVISED] Tue, 30 Apr 2013 16:53:19 GMT FreeBSD Security Advisories <security-advisories@xxxxxxxxxxx> http://www.spinics.net/lists/bugtraq/msg49079.html WowzaMediaServer SecureToken bypass (and worse) http://www.spinics.net/lists/bugtraq/msg49078.html WowzaMediaServer SecureToken bypass (and worse) Tue, 30 Apr 2013 16:49:50 GMT "Michal J." <wejn@xxxxxx> http://www.spinics.net/lists/bugtraq/msg49078.html WowzaMediaServer StorageDir escape (regression) http://www.spinics.net/lists/bugtraq/msg49077.html WowzaMediaServer StorageDir escape (regression) Tue, 30 Apr 2013 16:25:15 GMT "Michal J." <wejn@xxxxxx> http://www.spinics.net/lists/bugtraq/msg49077.html Personal File Share HTTP Server Remote Overflow Vulnerability http://www.spinics.net/lists/bugtraq/msg49076.html Personal File Share HTTP Server Remote Overflow Vulnerability Tue, 30 Apr 2013 16:01:46 GMT demonalex@xxxxxxx http://www.spinics.net/lists/bugtraq/msg49076.html CORE-2013-0303 - D-Link IP Cameras Multiple Vulnerabilities http://www.spinics.net/lists/bugtraq/msg49075.html CORE-2013-0303 - D-Link IP Cameras Multiple Vulnerabilities Tue, 30 Apr 2013 15:44:11 GMT CORE Security Technologies Advisories <advisories@xxxxxxxxxxxxxxxx> http://www.spinics.net/lists/bugtraq/msg49075.html FreeBSD Security Advisory FreeBSD-SA-13:05.nfsserver http://www.spinics.net/lists/bugtraq/msg49074.html FreeBSD Security Advisory FreeBSD-SA-13:05.nfsserver Tue, 30 Apr 2013 15:09:07 GMT FreeBSD Security Advisories <security-advisories@xxxxxxxxxxx> http://www.spinics.net/lists/bugtraq/msg49074.html [ MDVSA-2013:156 ] apache-mod_security http://www.spinics.net/lists/bugtraq/msg49073.html [ MDVSA-2013:156 ] apache-mod_security Tue, 30 Apr 2013 14:44:49 GMT security@xxxxxxxxxxxx http://www.spinics.net/lists/bugtraq/msg49073.html [security bulletin] HPSBMU02874 SSRT101184 rev.1 - HP Service Manager, Java Runtime Environment (JRE) Security Update http://www.spinics.net/lists/bugtraq/msg49072.html [security bulletin] HPSBMU02874 SSRT101184 rev.1 - HP Service Manager, Java Runtime Environment (JRE) Security Update Tue, 30 Apr 2013 14:20:44 GMT security-alert@xxxxxx http://www.spinics.net/lists/bugtraq/msg49072.html [security bulletin] HPSBMU02873 SSRT101182 rev.1 - HP Service Manager, Apache Tomcat Security Update http://www.spinics.net/lists/bugtraq/msg49071.html [security bulletin] HPSBMU02873 SSRT101182 rev.1 - HP Service Manager, Apache Tomcat Security Update Tue, 30 Apr 2013 14:07:00 GMT security-alert@xxxxxx http://www.spinics.net/lists/bugtraq/msg49071.html Re: Nginx ngx_http_close_connection function integer overflow http://www.spinics.net/lists/bugtraq/msg49070.html Re: Nginx ngx_http_close_connection function integer overflow Mon, 29 Apr 2013 17:26:46 GMT Maxim Konovalov <maxim.konovalov@xxxxxxxxx> http://www.spinics.net/lists/bugtraq/msg49070.html [ MDVSA-2013:155 ] fuse http://www.spinics.net/lists/bugtraq/msg49069.html [ MDVSA-2013:155 ] fuse Mon, 29 Apr 2013 17:14:14 GMT security@xxxxxxxxxxxx http://www.spinics.net/lists/bugtraq/msg49069.html [ MDVSA-2013:154 ] util-linux http://www.spinics.net/lists/bugtraq/msg49068.html [ MDVSA-2013:154 ] util-linux Mon, 29 Apr 2013 16:56:53 GMT security@xxxxxxxxxxxx http://www.spinics.net/lists/bugtraq/msg49068.html Cisco/Linksys E1200 N300 Reflected XSS http://www.spinics.net/lists/bugtraq/msg49067.html Cisco/Linksys E1200 N300 Reflected XSS Mon, 29 Apr 2013 16:46:16 GMT Carl Benedict <theinfinitenigma@xxxxxxxxx> http://www.spinics.net/lists/bugtraq/msg49067.html [KIS-2013-04] Joomla! <= 3.0.3 (remember.php) PHP Object Injection Vulnerability http://www.spinics.net/lists/bugtraq/msg49066.html [KIS-2013-04] Joomla! <= 3.0.3 (remember.php) PHP Object Injection Vulnerability Mon, 29 Apr 2013 16:34:38 GMT Egidio Romano <research@xxxxxxxxxxxxxxxxxxx> http://www.spinics.net/lists/bugtraq/msg49066.html [ MDVSA-2013:153 ] subversion http://www.spinics.net/lists/bugtraq/msg49065.html [ MDVSA-2013:153 ] subversion Mon, 29 Apr 2013 16:20:55 GMT security@xxxxxxxxxxxx http://www.spinics.net/lists/bugtraq/msg49065.html [ MDVSA-2013:152 ] subversion http://www.spinics.net/lists/bugtraq/msg49064.html [ MDVSA-2013:152 ] subversion Mon, 29 Apr 2013 16:06:14 GMT security@xxxxxxxxxxxx http://www.spinics.net/lists/bugtraq/msg49064.html [ MDVSA-2013:151 ] curl http://www.spinics.net/lists/bugtraq/msg49063.html [ MDVSA-2013:151 ] curl Mon, 29 Apr 2013 15:55:03 GMT security@xxxxxxxxxxxx http://www.spinics.net/lists/bugtraq/msg49063.html EDSC 2013 CFP Open http://www.spinics.net/lists/bugtraq/msg49062.html EDSC 2013 CFP Open Mon, 29 Apr 2013 15:39:36 GMT Michael Eddington <meddington@xxxxxxxxx> http://www.spinics.net/lists/bugtraq/msg49062.html