[bugtraq] Thread Index

• Chronological Index · RSS feed

• [security bulletin] HPSBPI02398 SSRT080166 rev.1 - Certain HP LaserJet Printers, HP Color LaserJet Printers, and HP Digital Senders, Remote Unauthorized Access to Files, security-alert   (February 06, 2009)
• [security bulletin] HPSBMA02406 SSRT080100 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code, security-alert   (February 06, 2009)
• [security bulletin] HPSBUX02408 SSRT080182 rev.1 - HP-UX Running NFS, Local Denial of Service (DoS), security-alert   (February 06, 2009)
• Vulnerable: Ilch CMS, Gizmore   (February 06, 2009)
• iDefense Security Advisory 02.06.09: HP Network Node Manager Multiple Command Injection Vulnerabilities, iDefense Labs   (February 06, 2009)
• CamFrog Password Disclosure Vulnerability, zigmatn   (February 06, 2009)
• iDefense Security Advisory 02.06.09: HP Network Node Manager Multiple Information Disclosure Vulnerabilities, iDefense Labs   (February 06, 2009)
• [ GLSA 200902-01 ] sudo: Privilege escalation, Tobias Heinlein   (February 09, 2009)
• [oCERT-2009-002] OpenCORE insufficient bounds checking during MP3 decoding, Will Drewry   (February 09, 2009)
• [SECURITY] [DSA 1718-1] New boinc packages fix validation bypass, Moritz Muehlenhoff   (February 09, 2009)
• [BMSA-2009-02] XML injection in PyBlosxom, Nam Nguyen   (February 09, 2009)
• PHP filesystem attack vectors, ascii   (February 09, 2009)
  • Re: [Full-disclosure] PHP filesystem attack vectors, Stefan Esser   (February 09, 2009)  
  • <Possible follow-ups>
  • Re: PHP filesystem attack vectors, cxib   (February 10, 2009)  
   
• rooting your own phone: android security, Pavel Machek   (February 09, 2009)
• LFI in Drupal CMS, rasool . nasr   (February 09, 2009)
  • <Possible follow-ups>
  • Re: LFI in Drupal CMS, security   (February 12, 2009)  
  • Re: LFI in Drupal CMS, security   (February 18, 2009)  
   
• Nokia N95-8 JPG crash, jplopezy   (February 09, 2009)
  • Re: Nokia N95-8 JPG crash, Dmitry Yu. Bolkhovityanov   (February 10, 2009)  
   
• Trend micro - IWSVA/IWSS - Authorization module password leak, david . vorel   (February 09, 2009)
• 3Com OfficeConnect Wireless Cable/DSL Router Authentication Bypass, luca . caretton   (February 09, 2009)
• ZeroShell <= 1.0beta11 Remote Code Execution, Luca Carettoni   (February 09, 2009)
• London DEFCON DC4420 - February 2009 Meet - Thursday 12th, Major Malfunction   (February 09, 2009)
• Remote Authentication Bypass - Swann DVR4 SecuraNet (possibly DVR9 as well), tez   (February 10, 2009)
• [SECURITY] [DSA 1719-1] New gnutls13 packages fix certificate validation, Florian Weimer   (February 10, 2009)
• [ECHO_ADV_102$2009] BusinessSpace <= 1.2 (id) Remote SQL Injection Vulnerability, adv   (February 10, 2009)
• Another SQL injection in ProFTPd with mod_mysql (probably postgres as well), gat3way   (February 10, 2009)
  • Re: Another SQL injection in ProFTPd with mod_mysql (probably postgres as well), Daniel Mayer   (February 10, 2009)
    • Re: Another SQL injection in ProFTPd with mod_mysql (probably postgres as well), Shino   (February 11, 2009)