|
|
Prev week |
Colapse all |
Post message
Security-Assessment.com Advisory: BroadWorks Call Detail Record Disclosure Vulnerability 2010-11-01 Nick Freeman (nick freeman security-assessment com) [SECURITY] [DSA 2124-1] New Xulrunner packages fix several vulnerabilities 2010-11-01 Florian Weimer (fw deneb enyo de) [SECURITY] [DSA 2123-1] New NSS packages fix cryptographic weaknesses 2010-11-01 Florian Weimer (fw deneb enyo de) Call for Papers: The International Conference on Cyber Conflict, Estonia 2010-11-01 k g (kgconference gmail com) Call for Papers! The International Conference on Cyber Conflict Cooperative Cyber Defence Centre of Excellence, Tallinn, Estonia Co-Sponsored by IEEE http://www.ccdcoe.org/ICCC In 2011, the conference will focus on a combination of defensive and offensive aspects of *Cyber Forces*. The conferen [ more ] [ reply ] Call for Papers -YSTS V - Security Conference, Brazil 2010-10-31 Luiz Eduardo (le ysts org) Hello Bugtraq readers, the CFP for YSTS V is now open! --- YSTS 5th Edition Sao Paulo, Brazil May 16th, 2011 Call for Papers Opens: November 1st 2010 Call for Papers Close: February 28th 2011 http://www.ysts.org @ystscon INTRODUCTION Following the success of previous editions, the 5th edi [ more ] [ reply ] Joomla 1.5.21 | Potential SQL Injection Flaws 2010-10-31 YGN Ethical Hacker Group (lists yehg net) 1. VULNERABILITY DESCRIPTION Potential SQL Injection Flaws were detected Joomla! CMS version 1.5.20. These flaws were reported along with our Cross Scripting Flaw which was fixed in 1.5.21. Developers believed that our reported SQL Injection flaws are not fully exploitable because of Joomla! built [ more ] [ reply ] 'WSN Links' SQL Injection Vulnerability (CVE-2010-4006) 2010-10-31 Mark Stanislav (mark stanislav gmail com) 'WSN Links' SQL Injection Vulnerability (CVE-2010-4006) Mark Stanislav - mark.stanislav (at) gmail (dot) com [email concealed] I. DESCRIPTION --------------------------------------- A vulnerability exists in the search.php code that allows for SQL injection of various parameters. By assembling portions of SQL code between the [ more ] [ reply ] XSS and SQL Injection vulnerabilities in CMS WebManager-Pro 2010-10-30 MustLive (mustlive websecurity com ua) Hello Bugtraq! I want to warn you about Cross-Site Scripting and SQL Injection vulnerabilities in CMS WebManager-Pro. It's Ukrainian commercial CMS. ------------------------- Affected products: ------------------------- Vulnerable are CMS WebManager-Pro v.7.4.3 (version from FGS_Studio) and pre [ more ] [ reply ] Adobe Shockwave Player Memory Corruption Vulnerability - CVE-2010-4089 2010-10-30 Rodrigo Branco (rbranco checkpoint com) Dear List, I'm writing on behalf of the Check Point Vulnerability Discovery Team to publish the following vulnerability. Check Point Software Technologies - Vulnerability Discovery Team (VDT) http://www.checkpoint.com/defense/ Memory corruption when Adobe Shockwave Player parses .dir media file [ more ] [ reply ] Adobe Shockwave Player Memory Corruption Vulnerability - CVE-2010-4087 2010-10-30 Rodrigo Branco (rbranco checkpoint com) Dear List, I'm writing on behalf of the Check Point Vulnerability Discovery Team to publish the following vulnerability. Check Point Software Technologies - Vulnerability Discovery Team (VDT) http://www.checkpoint.com/defense/ Memory corruption when Adobe Shockwave Player parses .dir media file [ more ] [ reply ] Adobe Shockwave Player Memory Corruption Vulnerability - CVE-2010-4088 2010-10-30 Rodrigo Branco (rbranco checkpoint com) Dear List, I'm writing on behalf of the Check Point Vulnerability Discovery Team to publish the following vulnerability. Check Point Software Technologies - Vulnerability Discovery Team (VDT) http://www.checkpoint.com/defense/ Memory corruption when Adobe Shockwave Player parses .dir media file [ more ] [ reply ] cforms WordPress Plugin Cross Site Scripting Vulnerability - CVE-2010-3977 2010-10-30 Rodrigo Branco (rbranco checkpoint com) Dear List, I'm writing on behalf of the Check Point Vulnerability Discovery Team to publish the following vulnerability. Check Point Software Technologies - Vulnerability Discovery Team (VDT) http://www.checkpoint.com/defense/ cforms WordPress Plugin Cross Site Scripting Vulnerability CVE-2010- [ more ] [ reply ] Adobe Shockwave Player Memory Corruption Vulnerability - CVE-2010-4086 2010-10-30 Rodrigo Branco (rbranco checkpoint com) Dear List, I'm writing on behalf of the Check Point Vulnerability Discovery Team to publish the following vulnerability. Check Point Software Technologies - Vulnerability Discovery Team (VDT) http://www.checkpoint.com/defense/ Memory corruption when Adobe Shockwave Player parses .dir media file [ more ] [ reply ] Revision: Audacity <= 1.3 Beta Multiple Local Vulnerabilities ===> Audacity <= 1.3 Beta DLL Hijacking Vulnerability 2010-10-29 Salvatore Fresta aka Drosophila (drosophilaxxx gmail com) [DEMO] Sample videos about IDS/IPS evasions... 2010-10-29 Nelson Brito (nbrito sekure org) Hi, everyone! As so many highlights have been given on Intrusion Detection System and Intrusion Prevention System evasions (?) last week, I decided to send this message just to let you all know that I published a brand-new sample video, demonstrating two Exploit Next GenerationR example modules, su [ more ] [ reply ] H2HC 2010 - Final Speakers List Available 2010-10-29 Rodrigo Rubira Branco (BSDaemon) (rodrigo kernelhacking com) Dear All, The final list of speakers is available for H2HC 2010: http://www.h2hc.com.br/en/. It is my pleasure to announce that the final list of speakers is available for H2HC in São Paulo. The list for Cancun will be available soon (http://www.h2hc.com.br/cancun/)! It was a real challenge to [ more ] [ reply ] [security bulletin] HPSBMA02598 SSRT100314 rev.2 - HP Insight Control Virtual Machine Management for Windows, Remote Cross Site Scripting (XSS), Denial of Service (DoS), Cross Site Request Forgery (CSRF) 2010-10-29 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02560655 Version: 2 HPSBMA02598 SSRT100314 rev.2 - HP Insight Control Virtual Machine Management for Windows, Remote Cross Site Scripting (XSS), Denial of Service (DoS), Cross Site Request Forger [ more ] [ reply ] [security bulletin] HPSBMA02600 SSRT100239 rev.1 - HP Insight Control Performance Management for Windows, Remote Arbitrary File Download 2010-10-29 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02574359 Version: 1 HPSBMA02600 SSRT100239 rev.1 - HP Insight Control Performance Management for Windows, Remote Arbitrary File Download NOTICE: The information in this Security Bulletin should [ more ] [ reply ] [security bulletin] HPSBMA02606 SSRT100321 rev.1 - HP Insight Orchestration Software for Windows, Remote Arbitrary File Download, Unauthorized Access 2010-10-29 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02573285 Version: 1 HPSBMA02606 SSRT100321 rev.1 - HP Insight Orchestration Software for Windows, Remote Arbitrary File Download, Unauthorized Access NOTICE: The information in this Security Bul [ more ] [ reply ] [security bulletin] HPSBMA02604 SSRT100320 rev.1 - HP Insight Recovery for Windows, Remote Cross Site Scripting (XSS), Arbitrary File Download 2010-10-29 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02571464 Version: 1 HPSBMA02604 SSRT100320 rev.1 - HP Insight Recovery for Windows, Remote Cross Site Scripting (XSS), Arbitrary File Download NOTICE: The information in this Security Bulletin s [ more ] [ reply ] [security bulletin] HPSBMA02607 SSRT100214 rev.1 - HP Insight Control for Linux, Remote Cross Site Request Forgery (CSRF) 2010-10-29 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02573692 Version: 1 HPSBMA02607 SSRT100214 rev.1 - HP Insight Control for Linux, Remote Cross Site Request Forgery (CSRF) NOTICE: The information in this Security Bulletin should be acted upon a [ more ] [ reply ] [security bulletin] HPSBMA02605 SSRT100238 rev.1 - HP Insight Managed System Setup Wizard for Windows, Remote Arbitrary File Download 2010-10-29 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02573176 Version: 1 HPSBMA02605 SSRT100238 rev.1 - HP Insight Managed System Setup Wizard for Windows, Remote Arbitrary File Download NOTICE: The information in this Security Bulletin should be [ more ] [ reply ] [security bulletin] HPSBMA02602 SSRT100317 rev.1 - HP Insight Control Performance Management for Windows, Remote Cross Site Scripting (XSS), Privilege Escalation, Cross Site Request Forgery (CSRF) 2010-10-29 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02563642 Version: 1 HPSBMA02602 SSRT100317 rev.1 - HP Insight Control Performance Management for Windows, Remote Cross Site Scripting (XSS), Privilege Escalation, Cross Site Request Forgery (CSRF [ more ] [ reply ] Audacity <= 1.3 Beta Multiple Local Vulnerabilities 2010-10-29 Salvatore Fresta aka Drosophila (drosophilaxxx gmail com) |
|
Privacy Statement |
( , ) (,
. `.' ) ('. ',
). , ('. ( ) (
(_,) .`), ) _ _,
/ _____/ / _ \ ____ ____ _____
\____ \==/ /_\ \ _/ ___\/ _ \ / / \/ | \\ \__( <_> ) Y Y /______ /\___|__ / \___ >____/|__|_| /
\/ \/.-. \/ \/:wq
[ more ] [ reply ]