|
|
Prev week |
Colapse all |
Post message
Domino Sametime Multiple Reflected Cross-Site Scripting 2011-02-21 david daly dionach com Class Input Validation Error CVE CVE-2011-1038 Remote Yes Local No Published Feb 16 2011 09:33AM Credit Dave Daly Vulnerable Domino Sametime 8.0.1 Domino Sametime is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker [ more ] [ reply ] www.eVuln.com : "time" SQL Injection vulnerability in WSN Guest 2011-02-21 bt evuln com www.eVuln.com advisory: "time" SQL Injection vulnerability in WSN Guest -----------Summary----------- http://evuln.com/vulns/175/summary.html eVuln ID: EV0175 Software: WSN Guest Vendor: n/a Version: 1.24 Critical Level: medium Type: SQL Injection Status: Unpatched. No reply from deve [ more ] [ reply ] Privacy, Security, Trust (PST 2011) - Call for Papers 2011-02-19 Serguei A. Mokhov on behalf of PST-11 (mokhov cse concordia ca) [ Apologies if you receive multiple copies of this announcement. Please pass it on to your colleagues and students who might be interested in contributing. ] Ninth Annual Conference on Privacy, Security and Trust ------------------------------------------------------ July 19-21, 2011 Montreal, [ more ] [ reply ] [security bulletin] HPSBUX02628 SSRT090183 rev.1 - HP-UX Running CDE Calendar Manager, Remote Execution of Arbitrary Code 2011-02-18 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02702395 Version: 1 HPSBUX02628 SSRT090183 rev.1 - HP-UX Running CDE Calendar Manager, Remote Execution of Arbitrary Code NOTICE: The information in this Security Bulletin should be acted upon a [ more ] [ reply ] ZDI-11-089: Novell ZenWorks TFTPD Remote Code Execution Vulnerability 2011-02-17 ZDI Disclosures (zdi-disclosures tippingpoint com) ZDI-11-089: Novell ZenWorks TFTPD Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-089 February 17, 2011 -- CVE ID: CVE-2010-4323 -- CVSS: 10, (AV:N/AC:L/Au:N/C:C/I:C/A:C) -- Affected Vendors: Novell -- Affected Products: Novell Zenworks -- TippingPoint( [ more ] [ reply ] Re: DC4420 - London DEFCON - February meet - Tuesday 22nd February 2011 2011-02-18 Major Malfunction (majormal pirate-radio org) *** REMINDER *** This is next Tuesday! If it ain't in your diary already, make sure it is now... THC talk promises to be a stonker, and Christer is, well.... Christer!!! > > This month we have a spectacular start to the year with a stellar guest > speaker from The Hacker's Choice presenting n [ more ] [ reply ] [USN-1067-1] Telepathy Gabble vulnerability 2011-02-17 Jamie Strandboge (jamie canonical com) =========================================================== Ubuntu Security Notice USN-1067-1 February 17, 2011 telepathy-gabble vulnerability https://launchpad.net/bugs/720201 =========================================================== A security issue affects the following Ubuntu releases [ more ] [ reply ] www.eVuln.com : "wsnuser" Cookie SQL Injection vulnerability in WSN Guest 2011-02-18 bt evuln com www.eVuln.com advisory: "wsnuser" Cookie SQL Injection vulnerability in WSN Guest -----------Summary----------- http://evuln.com/vulns/174/summary.html eVuln ID: EV0174 Software: WSN Guest Vendor: n/a Version: 1.24 Critical Level: medium Type: SQL Injection Status: Unpatched. No reply from develo [ more ] [ reply ] Re: PHP 5.3.5 grapheme_extract() NULL Pointer Dereference 2011-02-17 Marcin Orlowski (carlos wfmh org pl) On Wed, 16 Feb 2011 16:11:23 -0700 cxib wrote: > Affected Software: > - PHP 5.3.5 grapheme is neither part of PHP core, nor built-in PHP extension, therefore above is false as bug is not in PHP itself. People using PHP 5.3.5 but not using grapheme (some distros like Debian and derrivatives offer t [ more ] [ reply ] [USN-1066-1] Django vulnerabilities 2011-02-17 Jamie Strandboge (jamie canonical com) =========================================================== Ubuntu Security Notice USN-1066-1 February 17, 2011 python-django vulnerabilities CVE-2011-0696, CVE-2011-0697 =========================================================== A security issue affects the following Ubuntu releases: Ubu [ more ] [ reply ] HTB22834: Path disclosure in FlatnuX 2011-02-17 advisory htbridge ch Vulnerability ID: HTB22834 Reference: http://www.htbridge.ch/advisory/path_disclosure_in_flatnux.html Product: FlatNux Vendor: Alessandro Vernassa ( http://www.flatnux.altervista.org/ ) Vulnerable Version: flatnux-2011-01.26 and probably prior versions Vendor Notification: 03 February 2011 Vulnera [ more ] [ reply ] HTB22835: DoS (Denial of Service) Risk in FlatnuX 2011-02-17 advisory htbridge ch Vulnerability ID: HTB22835 Reference: http://www.htbridge.ch/advisory/dos_denial_of_service_risk_in_flatnux.ht ml Product: FlatNux Vendor: Alessandro Vernassa ( http://www.flatnux.altervista.org/ ) Vulnerable Version: flatnux-2011-01.26 and probably prior versions Vendor Notification: 03 February 20 [ more ] [ reply ] HTB22836: Path disclosure in Coppermine 2011-02-17 advisory htbridge ch Vulnerability ID: HTB22836 Reference: http://www.htbridge.ch/advisory/path_disclosure_in_coppermine.html Product: Coppermine Vendor: The Coppermine Dev Team ( http://coppermine-gallery.net/ ) Vulnerable Version: 1.5.12 and probably prior versions Vendor Notification: 03 February 2011 Vulnerability [ more ] [ reply ] ZDI-11-087: Novell iPrint LPD Remote Code Execution Vulnerability 2011-02-17 ZDI Disclosures (zdi-disclosures tippingpoint com) ZDI-11-087: Novell iPrint LPD Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-087 February 16, 2011 -- CVE ID: CVE-2010-4328 -- CVSS: 9, (AV:N/AC:L/Au:N/C:P/I:P/A:C) -- Affected Vendors: Novell -- Affected Products: Novell iPrint -- TippingPoint(TM) IPS [ more ] [ reply ] ZDI-11-088: Cisco Security Agent Management st_upload Remote Code Execution Vulnerability 2011-02-17 ZDI Disclosures (zdi-disclosures tippingpoint com) ZDI-11-088: Cisco Security Agent Management st_upload Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-088 February 16, 2011 -- CVE ID: CVE-2011-0364 -- CVSS: 10, (AV:N/AC:L/Au:N/C:C/I:C/A:C) -- Affected Vendors: Cisco -- Affected Products: Cisco Security [ more ] [ reply ] PHP 5.3.5 grapheme_extract() NULL Pointer Dereference 2011-02-16 cxib securityreason com [ PHP 5.3.5 grapheme_extract() NULL Pointer Dereference ] Author: Maksymilian Arciemowicz http://securityreason.com/ http://cxib.net/ Date: - Dis.: 09.12.2010 - Pub.: 17.02.2011 CVE: CVE-2011-0420 CERT: VU#210829 Affected Software: - PHP 5.3.5 Fixed: SVN Original URL: http://securityreason.com [ more ] [ reply ] Cisco Security Advisory: Management Center for Cisco Security Agent Remote Code Execution Vulnerability 2011-02-16 Cisco Systems Product Security Incident Response Team (psirt cisco com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Management Center for Cisco Security Agent Remote Code Execution Vulnerability Advisory ID: cisco-sa-20110216-csa Revision 1.0 For Public Release 2011 February 16 1600 UTC (GMT) +------------------------------------------- [ more ] [ reply ] [SECURITY] [DSA 2166-1] chromium-browser security update 2011-02-16 Giuseppe Iuculano (iuculano debian org) |
|
Privacy Statement |
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2011:034
http://www.mandriva.com/security/
______________________________________________________________________
[ more ] [ reply ]