April 2012 Archives by date
Starting: Sun Apr 1 00:24:50 BST 2012
Ending: Mon Apr 30 23:16:42 BST 2012
Messages: 384
- [Full-disclosure] Android wipe unreliable
Jeffrey Walton
- [Full-disclosure] Hackito 2012 Crypto Challenge
Jonathan Brossard
- [Full-disclosure] iis bug
yuange
- [Full-disclosure] Flatnux CMS 2011 08.09.2 - Multiple Web Vulnerabilities
Research
- [Full-disclosure] ME Firewall Analyzer v7.2 - Cross Site Vulnerabilities
Research
- [Full-disclosure] Swedish Army Web Database - SQL Injection Vulnerability
Research
- [Full-disclosure] HITB2011KUL - Skype Vulnerabilities 0Day Exploitation PART 1
Research
- [Full-disclosure] FW: iis bug
yuange
- [Full-disclosure] March 2012 mini Threat Intelligence report
Almaz
- [Full-disclosure] So, so you think you can tell April 1 joke from a 0day?
Georgi Guninski
- [Full-disclosure] Apache 2.2.xx 0day exploit
Adam Zabrocki
- [Full-disclosure] STEP Security
J. Oquendo
- [Full-disclosure] STEP Security
Memory Vandal
- [Full-disclosure] An April Fools' Day Android Payload
Dan Rosenberg
- [Full-disclosure] STEP Security
Nick FitzGerald
- [Full-disclosure] STEP Security
Jeff Kell
- [Full-disclosure] Amongst data breaches and misc 'leakage', not necessarily digital, DEFCON CTF continues at DEFCON XX
Vulcan DDtek
- [Full-disclosure] iis bug
yuange
- [Full-disclosure] BulletProof FTP Client 2010 - Buffer Overflow Vulnerability
Research
- [Full-disclosure] DirectAdmin v1.403 - Cross Site Scripting Vulnerability
Research
- [Full-disclosure] [ MDVSA-2012:046 ] libpng
security at mandriva.com
- [Full-disclosure] An April Fools' Day Android Payload
ZeroDay.JP
- [Full-disclosure] [ MDVSA-2012:047 ] freeradius
security at mandriva.com
- [Full-disclosure] An April Fools' Day Android Payload
Dan Rosenberg
- [Full-disclosure] www.LEORAT.com is scam
Valdis.Kletnieks at vt.edu
- [Full-disclosure] www.LEORAT.com is scam
Dave
- [Full-disclosure] www.LEORAT.com is scam
Dave
- [Full-disclosure] [ MDVSA-2012:048 ] mutt
security at mandriva.com
- [Full-disclosure] [ MDVSA-2012:049 ] nagios
security at mandriva.com
- [Full-disclosure] www.LEORAT.com is scam
Thor (Hammer of God)
- [Full-disclosure] Re(2): An April Fools' Day Android Payload
アドリアンヘンドリック
- [Full-disclosure] www.LEORAT.com is scam
Sanguinarious Rose
- [Full-disclosure] [Tool] New release of peepdf (PDF analysis)
Jose Miguel Esparza
- [Full-disclosure] Re(2): An April Fools' Day Android Payload
Andrew Farmer
- [Full-disclosure] Re(3): An April Fools' Day Android Payload
アドリアンヘンドリック
- [Full-disclosure] www.LEORAT.com is scam
Sebastian Rakowski
- [Full-disclosure] [SE-2012-01] Security vulnerabilities in Java SE
Security Explorations
- [Full-disclosure] [ MDVSA-2012:050 ] phpmyadmin
security at mandriva.com
- [Full-disclosure] Hacking AutoUpdate by Injecting Fake Updates
Adam Behnke
- [Full-disclosure] [ MDVSA-2012:051 ] libvorbis
security at mandriva.com
- [Full-disclosure] [ MDVSA-2012:052 ] libvorbis
security at mandriva.com
- [Full-disclosure] [ZEM560] Vulnerability on Fingerprint & Proximity Access Controller
Zerial.
- [Full-disclosure] Mind Control Security Awareness
Pete Herzog
- [Full-disclosure] SmartJobBoard v3.4 b5140 - Multiple Web Vulnerabilites
Research
- [Full-disclosure] Astaro Command Center v2.x - Multiple Web Vulnerabilities
Research
- [Full-disclosure] www.LEORAT.com is scam
Dave
- [Full-disclosure] Last public release
HI-TECH .
- [Full-disclosure] Hacking AutoUpdate by Injecting Fake Updates
Charles Morris
- [Full-disclosure] www.LEORAT.com is scam
Sebastian Rakowski
- [Full-disclosure] Brute Force vulnerability in WordPress
MustLive
- [Full-disclosure] Brute Force vulnerability in WordPress
Sanguinarious Rose
- [Full-disclosure] 'phpPaleo' Local File Inclusion (CVE-2012-1671)
Mark Stanislav
- [Full-disclosure] 'e-ticketing' SQL Injection (CVE-2012-1673)
Mark Stanislav
- [Full-disclosure] 'Hotel Booking Portal' SQL Injection (CVE-2012-1672)
Mark Stanislav
- [Full-disclosure] SQL Injection through HTTP Headers
Adam Behnke
- [Full-disclosure] Cisco Security Advisory: Buffer Overflow Vulnerabilities in the Cisco WebEx Player
Cisco Systems Product Security Incident Response Team
- [Full-disclosure] [ MDVSA-2012:053 ] ocsinventory
security at mandriva.com
- [Full-disclosure] Working to get more people to check if their infected with DNS Changer
Gage Bystrom
- [Full-disclosure] Sourcefire Defense Center - multiple vulnerabilities.
Filip Palian
- [Full-disclosure] [Security-news] SA-CONTRIB-2012-056 - Janrain Engage - Sensitive Data Protection Vulnerability
security-news at drupal.org
- [Full-disclosure] Working to get more people to check if their infected with DNS Changer
Valdis.Kletnieks at vt.edu
- [Full-disclosure] [SECURITY] [DSA 2446-1] libpng security update
Moritz Muehlenhoff
- [Full-disclosure] Brute Force vulnerability in WordPress
InterN0T Advisories
- [Full-disclosure] [SECURITY] [DSA 2447-1] tiff security update
Moritz Muehlenhoff
- [Full-disclosure] [Security-news] SA-CONTRIB-2012-057 - Printer, email and PDF versions - Cross Site Scripting (XSS)
security-news at drupal.org
- [Full-disclosure] Teensy USB HID (and Kautilya) for Penetration Testers
Nikhil Mittal
- [Full-disclosure] Shakacon CFP - Extended Deadline: April 13, 2012
Shakacon
- [Full-disclosure] [ MDVSA-2012:054 ] libtiff
security at mandriva.com
- [Full-disclosure] [MATTA-2012-001] CVE-2012-1301; 0day; Open Proxy vulnerability in Umbraco 4.7
Florent Daigniere
- [Full-disclosure] Drop box
Fatherlaptop
- [Full-disclosure] PenTest Market is for FREE Now
Krzysztof Marczyk
- [Full-disclosure] mac trojan
RandallM
- [Full-disclosure] [funsec] mac trojan
Charlie Derr
- [Full-disclosure] Sagan 0.2.1 [Security Event/Log Analyzer] Released.
Champ Clark III
- [Full-disclosure] mac trojan
Carl "Thomas" Guething
- [Full-disclosure] mac trojan
Dennis
- [Full-disclosure] mac trojan
Jeffrey Walton
- [Full-disclosure] [CVE-2012-1574] Apache Hadoop user impersonation vulnerability
Aaron T. Myers
- [Full-disclosure] PenTest Market is for FREE Now
John Jacobs
- [Full-disclosure] Dolibarr ERP & CRM OS Command Injection
Nahuel Grisolia
- [Full-disclosure] PenTest Market is for FREE Now
Dave
- [Full-disclosure] FSA2012-1 and FSA2012-2: Chocolate easter egss vulnerable to egg white injection and usable as trojan horses.
klondike
- [Full-disclosure] FSA2012-1 and FSA2012-2: Chocolate easter egss vulnerable to egg white injection and usable as trojan horses.
fabrice
- [Full-disclosure] FSA2012-1 and FSA2012-2: Chocolate easter egss vulnerable to egg white injection and usable as trojan horses.
rancor
- [Full-disclosure] AnvSoft Any Video Converter 4.3.6 - Multiple Buffer Overflow Vulnerabilities
Research
- [Full-disclosure] idev Game Site CMS v1.0 - Multiple Web Vulnerabilites
Research
- [Full-disclosure] osCmax Shop CMS v2.5.1 - Multiple Web Vulnerabilities
Research
- [Full-disclosure] CsForum v0.8 - Cross Site Scripting Vulnerability
Research
- [Full-disclosure] Astaro Command Center v2.x - Multiple Web Vulnerabilities
Research
- [Full-disclosure] Astaro Security Gateway v7.504 - Multiple Web Vulnerabilities
Research
- [Full-disclosure] US UF Services EDU Health - File Include Vulnerability
Research
- [Full-disclosure] Thor's Private Key
Thor (Hammer of God)
- [Full-disclosure] Microsoft MSDN - Persistent Web Service Vulnerability
Research
- [Full-disclosure] Thor's Private Key
Jason Hellenthal
- [Full-disclosure] Thor's Private Key
Thor (Hammer of God)
- [Full-disclosure] Secunia Research: RealNetworks Helix Server Credentials Disclosure Security Issue
Secunia Research
- [Full-disclosure] Secunia Research: Helix Server SNMP Master Agent Service Two Denial of Service Vulnerabilities
Secunia Research
- [Full-disclosure] ZDI-12-055 : Webkit.org Webkit copyNonAttributeProperties Remote Code Execution Vulnerability
ZDI Disclosures
- [Full-disclosure] ZDI-12-056 : Mozilla Firefox nsSVGValue Out-of-Bounds Access Remote Code Execution Vulnerability
ZDI Disclosures
- [Full-disclosure] Teensy USB HID (and Kautilya) for Penetration Testers - Part 2 - Basics of Arduino and Hello World
Nikhil Mittal
- [Full-disclosure] CVE-2012-0769, the case of the perfect info leak
Fermín J. Serna
- [Full-disclosure] ZDI-12-057 : (Pwn2Own) Adobe Flash Player NetStream addBytes Remote Code Execution Vulnerability
ZDI Disclosures
- [Full-disclosure] ZDI-12-058 : Apple Quicktime PNG Depth Decoding Remote Code Execution Vulnerability
ZDI Disclosures
- [Full-disclosure] ZDI-12-059 : Mozilla Firefox Ogg Vorbis Decoding Memory Corruption Remote Code Execution Vulnerability
ZDI Disclosures
- [Full-disclosure] new law proposal on EU against hacking tools and practices
psy
- [Full-disclosure] ZDI-12-060 : Oracle Java Runtime readMabCurveData nTblSize Remote Code Execution Vulnerability
ZDI Disclosures
- [Full-disclosure] CIntruder v0.1
psy
- [Full-disclosure] CIntruder v0.1
Travis Biehn
- [Full-disclosure] new law proposal on EU against hacking tools and practices
Valdis.Kletnieks at vt.edu
- [Full-disclosure] new law proposal on EU against hacking tools and practices
Travis Biehn
- [Full-disclosure] new law proposal on EU against hacking tools and practices
Valdis.Kletnieks at vt.edu
- [Full-disclosure] new law proposal on EU against hacking tools and practices
Dave
- [Full-disclosure] new law proposal on EU against hacking tools and practices
Valdis.Kletnieks at vt.edu
- [Full-disclosure] [SECURITY] [DSA 2448-1] inspircd security update
Jonathan Wiltshire
- [Full-disclosure] Compromised VPN provider out there?
nix at myproxylists.com
- [Full-disclosure] List Charter
John Cartwright
- [Full-disclosure] Compromised VPN provider out there?
Benji
- [Full-disclosure] 44Con London 2012 CFP - September 5th - 7th
Steve
- [Full-disclosure] keeping data safe offline
Gage Bystrom
- [Full-disclosure] Matterdaddy Market v1.1 - SQL Injection Vulnerabilities
Research
- [Full-disclosure] National Center EDU Research - SQL Injection Vulnerability
Research
- [Full-disclosure] GroupWare epesiBIM CRM 1.2.1 - Multiple Web Vulnerabilities
Research
- [Full-disclosure] National Center EDU Research - SQL Injection Vulnerability
Research
- [Full-disclosure] ACROS Blog: Adobe Reader X (10.1.2) msiexec.exe Planting
ACROS Security Lists
- [Full-disclosure] [ MDVSA-2012:055 ] samba
security at mandriva.com
- [Full-disclosure] Backtrack 5 R2 priv escalation 0day found in CTF exercise
Adam Behnke
- [Full-disclosure] TeamSHATTER Security Advisory: Privilege escalation via internal sql injection in RESTORE DATABASE command
Shatter
- [Full-disclosure] [Security-news] SA-CONTRIB-2012-058 - Fivestar - Input Validation
security-news at drupal.org
- [Full-disclosure] [Security-news] SA-CONTRIB-2012-059 - Autosave - Cross Site Scripting
security-news at drupal.org
- [Full-disclosure] Patrick Belcher
Rand Flieger
- [Full-disclosure] TWSL2012-008: Multiple Vulnerabilities in Scrutinizer NetFlow & sFlow Analyzer
Trustwave Advisories
- [Full-disclosure] DHTMLX Suite v.3.0 - Multiple Web Vulnerabilities
Research
- [Full-disclosure] Netjuke 1.0 RC1 - SQL Injection Vulnerabilities
Research
- [Full-disclosure] Oracle Service Applications - SQL Injection Vulnerabilities
Research
- [Full-disclosure] CRUNCH TV SHOW - Live Stream & Security Videos
Research
- [Full-disclosure] Crystal Office Suite v1.43 - Buffer Overflow Vulnerability
Research
- [Full-disclosure] [SECURITY] [DSA 2449-1] sqlalchemy security update
Nico Golde
- [Full-disclosure] [ MDVSA-2012:056 ] rpm
security at mandriva.com
- [Full-disclosure] Most Linux distributions don't use tmpfs nor encrypt swap by default
Mark Krenz
- [Full-disclosure] [ MDVSA-2012:057 ] freetype2
security at mandriva.com
- [Full-disclosure] Last Mile, April 20 || CfP: SECURWARE 2012 || August 19-24, 2012 - Rome, Italy
Cristina Pascual
- [Full-disclosure] [SE-2012-01] Security weakness in Apple Quicktime Java extensions
Security Explorations
- [Full-disclosure] [SECURITY] [DSA 2450-1] samba security update
Thijs Kinkhorst
- [Full-disclosure] Backtrack 5 R2 priv escalation 0day found in CTF exercise
InterN0T Advisories
- [Full-disclosure] Backtrack 5 R2 priv escalation 0day found in CTF exercise
Urlan
- [Full-disclosure] Erronous post concerning Backtrack 5 R2 0day
Adam Behnke
- [Full-disclosure] Erronous post concerning Backtrack 5 R2 0day
Benji
- [Full-disclosure] Erronous post concerning Backtrack 5 R2 0day
Ryan Dewhurst
- [Full-disclosure] Most Linux distributions don't use tmpfs nor encrypt swap by default
Grandma Eubanks
- [Full-disclosure] VMSA-2012-0007 VMware hosted products and ESXi/ESX patches address privilege escalation
VMware Security Team
- [Full-disclosure] Most Linux distributions don't use tmpfs nor encrypt swap by default
Mark Krenz
- [Full-disclosure] [SECURITY] [DSA 2451-1] puppet security update
Nico Golde
- [Full-disclosure] hi
Patrick Klos
- [Full-disclosure] Amongst data breaches and misc 'leakage', not necessarily digital, DEFCON CTF continues at DEFCON XX
Roman Medina-Heigl Hernandez
- [Full-disclosure] Most Linux distributions don't use tmpfs nor encrypt swap by default
Feighen Oosterbroek
- [Full-disclosure] [ MDVSA-2012:058 ] curl
security at mandriva.com
- [Full-disclosure] ACC PHP eMail v1.1 - Multiple Web Vulnerabilites
Research
- [Full-disclosure] [Spanish] - Exploit Pack - Web Security Framework
runlvl
- [Full-disclosure] EmbryoCore CMS v1.03 - Multiple Web Vulnerabilities
Research
- [Full-disclosure] Microsoft Service - Persistent Web Vulnerabilities
Research
- [Full-disclosure] Invitation to connect on LinkedIn
Mezgani Ali via LinkedIn
- [Full-disclosure] K-Meleon Browser v1.5.4 - Denial of Service Vulnerability
Research
- [Full-disclosure] EmbryoCore CMS v1.03 - Multiple Web Vulnerabilities
Research
- [Full-disclosure] Microsoft AFKAR Website Service - Cross Site Vulnerabilities
Research
- [Full-disclosure] Slides for "Recent Advances in IPv6 Security" at Hackito Ergo Sum 2012
Fernando Gont
- [Full-disclosure] Mathematica8.0.4 on Linux /tmp/MathLink vulnerability
paul.szabo at sydney.edu.au
- [Full-disclosure] Siche Search v.0.5 Zerboard - Multiple Web Vulnerabilities
Research
- [Full-disclosure] Cyberoam UTM v10.01.2 build 059 - File Include Vulnerabilities
Research
- [Full-disclosure] Most Linux distributions don't use tmpfs nor encrypt swap by default
_
- [Full-disclosure] [CVE-2012-1621] Apache OFBiz information disclosure vulnerability
Jacopo Cappellato
- [Full-disclosure] [CVE-2012-1622] Apache OFBiz information disclosure vulnerability
Jacopo Cappellato
- [Full-disclosure] Most Linux distributions don't use tmpfs nor encrypt swap by default
Pedro Martelletto
- [Full-disclosure] FastPath Webchat | Multiple Cross Site Scripting Vulnerabilities
YGN Ethical Hacker Group
- [Full-disclosure] Joomla! Plugin - Beatz 1.x <= Multiple Cross Site Scripting Vulnerabilities
YGN Ethical Hacker Group
- [Full-disclosure] nullsec-bypass-aslr.pdf - ASLR / ASLR bypass techniques
Levent Kayan
- [Full-disclosure] DoS vulnerability in WordPress
MustLive
- [Full-disclosure] [SECURITY] [DSA 2452-1] apache2 security update
Stefan Fritsch
- [Full-disclosure] nullsec-bypass-aslr.pdf - ASLR / ASLR bypass techniques
Gage Bystrom
- [Full-disclosure] DoS vulnerability in MustLive
InterN0T Advisories
- [Full-disclosure] [SECURITY] [DSA 2453-1] gajim security update
Nico Golde
- [Full-disclosure] Joomla! Plugin - Beatz 1.x <= Multiple Cross Site Scripting Vulnerabilities
David3 Gonnella
- [Full-disclosure] [ MDVSA-2012:059 ] python-sqlalchemy
security at mandriva.com
- [Full-disclosure] PHP Gift Registry 1.5.5 SQL Injection
Thomas Richards
- [Full-disclosure] Mathematica8.0.4 on Linux /tmp/MathLink vulnerability
Vikram Dhillon
- [Full-disclosure] DoS vulnerability in WordPress
Kurt Seifried
- [Full-disclosure] Most Linux distributions don't use tmpfs nor encrypt swap by default
Mark Krenz
- [Full-disclosure] Mathematica8.0.4 on Linux /tmp/MathLink vulnerability
paul.szabo at sydney.edu.au
- [Full-disclosure] Windows XP denial of service 0day found in CTF exercise
Adam Behnke
- [Full-disclosure] Windows XP denial of service 0day found in CTF exercise
Memory Vandal
- [Full-disclosure] Windows XP denial of service 0day found in CTF exercise
Romain Bourdy
- [Full-disclosure] Windows XP denial of service 0day found in CTF exercise
Memory Vandal
- [Full-disclosure] Windows XP denial of service 0day found in CTF exercise
Mihamina Rakotomandimby
- [Full-disclosure] winAUTOPWN v3.0 Released
QUAKER DOOMER
- [Full-disclosure] Windows XP denial of service 0day found in CTF exercise
Justin C. Klein Keane
- [Full-disclosure] SEC Consult whitepaper :: The Source Is A Lie
SEC Consult Vulnerability Lab
- [Full-disclosure] Windows XP denial of service 0day found in CTF exercise
adam at infosecinstitute.com
- [Full-disclosure] DoS vulnerability in WordPress
Javier Reoyo
- [Full-disclosure] Acuity CMS 2.6.x <= Cross Site Scripting
YGN Ethical Hacker Group
- [Full-disclosure] Windows XP denial of service 0day found in CTF exercise
Terrence
- [Full-disclosure] [ MDVSA-2012:032-1 ] mozilla
security at mandriva.com
- [Full-disclosure] 10 Ways to Enhance Your Career in Information Security
Krzysztof Marczyk
- [Full-disclosure] Windows XP denial of service 0day found in CTF exercise
Elazar Broad
- [Full-disclosure] Windows XP denial of service 0day found in CTF exercise
Valdis.Kletnieks at vt.edu
- [Full-disclosure] LibreOffice 3.5.2.2 - memory corruption with a specific .rtf file
Carlo Di Dato
- [Full-disclosure] Hack Cup 2012
Nicolas Waisman
- [Full-disclosure] [Announcement] CHMag's Issue 27, April 2012 Released
Abhijeet Patil
- [Full-disclosure] The history of a -probably- 13 years old Oracle bug: TNS Poison
Joxean Koret
- [Full-disclosure] [Security-news] SA-CONTRIB-2012-060 - Commerce Reorder - Cross Site Request Forgery
security-news at drupal.org
- [Full-disclosure] [Security-news] SA-CONTRIB-2012-061 - Gigya - Social optimization - Cross Site Scripting (XSS)
security-news at drupal.org
- [Full-disclosure] [SECURITY] [DSA 2453-2] gajim regression
Nico Golde
- [Full-disclosure] Ruxcon 2012 Call For Papers
cfp at ruxcon.org.au
- [Full-disclosure] [Announcement] CHMag's Issue 27, April 2012 Released
Robert Kim App and Facebook Marketing
- [Full-disclosure] incorrect integer conversions in OpenSSL can result in memory corruption.
Tavis Ormandy
- [Full-disclosure] Most Linux distributions don't use tmpfs nor encrypt swap by default
Jon Dowland
- [Full-disclosure] incorrect integer conversions in OpenSSL can result in memory corruption.
Benjamin Kreuter
- [Full-disclosure] [ MDVSA-2012:060 ] openssl
security at mandriva.com
- [Full-disclosure] Weak password reset token & code exec in ownCloud 3.0.0
luks
- [Full-disclosure] incorrect integer conversions in OpenSSL can result in memory corruption.
Douglas Huff
- [Full-disclosure] Incomplete protection of Oracle Database locked accounts (CVE-2012-0510)
Shatter
- [Full-disclosure] Some failed authentication attempts using OCIPasswordChange API are not recorded (CVE-2012-0511)
Shatter
- [Full-disclosure] SQL Injection in Oracle Enterprise Manager (compareWizFirstConfig web page) (CVE-2012-0512)
Shatter
- [Full-disclosure] SQL Injection in Oracle Enterprise Manager (searchPage web page) (CVE-2012-0525)
Shatter
- [Full-disclosure] HTTP Response Splitting in Oracle Enterprise Manager (prevPage parameter) (CVE-2012-0526)
Shatter
- [Full-disclosure] HTTP Response Splitting in Oracle Enterprise Manager (pageName parameter) (CVE-2012-0527)
Shatter
- [Full-disclosure] Oracle Enterprise Manager vulnerable to Session fixation (CVE-2012-0528)
Shatter
- [Full-disclosure] OCIPasswordChange API leaks information of password hash (CVE-2012-0511)
Shatter
- [Full-disclosure] [SECURITY] [DSA 2454-1] openssl security update
Raphael Geissert
- [Full-disclosure] IPv6 host scanning in IPv6
Fernando Gont
- [Full-disclosure] PenTest is one year old now
Krzysztof Marczyk
- [Full-disclosure] DC4420 - London DEFCON - April meet - Tuesday April 24th 2012
Major Malfunction
- [Full-disclosure] PenTest is one year old now
Henri Salo
- [Full-disclosure] [SECURITY] [DSA 2455-1] typo3-src security update
Nico Golde
- [Full-disclosure] DoS vulnerability in WordPress
MustLive
- [Full-disclosure] DoS vulnerability in WordPress
Christian Sciberras
- [Full-disclosure] XSS parameter injection in the search field of http://chicasdetorbe.com
klondike
- [Full-disclosure] Attacking Critical Internet Infrastructure
fireball9 at hushmail.com
- [Full-disclosure] [ MDVSA-2012:061 ] raptor
security at mandriva.com
- [Full-disclosure] [ MDVSA-2012:062 ] openoffice.org
security at mandriva.com
- [Full-disclosure] [ MDVSA-2012:063 ] libreoffice
security at mandriva.com
- [Full-disclosure] incorrect integer conversions in OpenSSL can result in memory corruption.
Jeffrey Walton
- [Full-disclosure] incorrect integer conversions in OpenSSL can result in memory corruption.
Zach C.
- [Full-disclosure] incorrect integer conversions in OpenSSL can result in memory corruption.
Jeffrey Walton
- [Full-disclosure] HTC IQRD Android Permission Leakage (CVE-2012-2217)
VSR Advisories
- [Full-disclosure] HTC IQRD Android Permission Leakage (CVE-2012-2217)
Jeffrey Walton
- [Full-disclosure] HTC IQRD Android Permission Leakage (CVE-2012-2217)
Jason Hellenthal
- [Full-disclosure] Attacking Critical Internet Infrastructure
Dobbins, Roland
- [Full-disclosure] phpMyBible 0.5.1 Mutiple XSS
Thomas Richards
- [Full-disclosure] phpMyBible 0.5.1 Mutiple XSS
Thor (Hammer of God)
- [Full-disclosure] XSS and FPD vulnerabilities in Organizer for WordPress
MustLive
- [Full-disclosure] IPhone TreasonSMS - HTML Inject & File Include Vulnerability
Research
- [Full-disclosure] Havalite CMS v1.0.4 - Multiple Web Vulnerabilities
Research
- [Full-disclosure] PSFTP v.1.8 Build 921 - Null Pointer (DoS) Vulnerability
Research
- [Full-disclosure] Chengdu Bureau of Commerce - SQL Injection Vulnerability
Research
- [Full-disclosure] phpMyBible 0.5.1 Mutiple XSS
Valdis.Kletnieks at vt.edu
- [Full-disclosure] phpMyBible 0.5.1 Mutiple XSS
Terrence
- [Full-disclosure] phpMyBible 0.5.1 Mutiple XSS
Alex Buie
- [Full-disclosure] phpMyBible 0.5.1 Mutiple XSS
Thor (Hammer of God)
- [Full-disclosure] phpMyBible 0.5.1 Mutiple XSS
Jeffrey Walton
- [Full-disclosure] phpMyBible 0.5.1 Mutiple XSS
BMF
- [Full-disclosure] phpMyBible 0.5.1 Mutiple XSS
Jason Hellenthal
- [Full-disclosure] phpMyBible 0.5.1 Mutiple XSS
Laurelai
- [Full-disclosure] phpMyBible 0.5.1 Mutiple XSS
BMF
- [Full-disclosure] phpMyBible 0.5.1 Mutiple XSS
Laurelai
- [Full-disclosure] SumatraPDF v2.0.1 chm and mobi files memory corruption
Carlo Di Dato
- [Full-disclosure] Mobipocket Reader version 6.2 Build 608 Buffer Overflow
Carlo Di Dato
- [Full-disclosure] XSS and Blind SQL Injection Vulnerabilities in ExponentCMS
Netsparker Advisories
- [Full-disclosure] [HITB-Announce] HITB Magazine Issue 008 (now with print edition!)
Hafez Kamal
- [Full-disclosure] .NET Framework EncoderParameter integer overflow vulnerability
Akita Software Security
- [Full-disclosure] Microsoft Incremental Linker Integer Overflow
Walied Assar
- [Full-disclosure] AST-2012-004: Asterisk Manager User Unauthorized Shell Access
Asterisk Security Team
- [Full-disclosure] AST-2012-005: Heap Buffer Overflow in Skinny Channel Driver
Asterisk Security Team
- [Full-disclosure] AST-2012-006: Remote Crash Vulnerability in SIP Channel Driver
Asterisk Security Team
- [Full-disclosure] FYI: We're now paying up to $20, 000 for web vulns in our services
Michal Zalewski
- [Full-disclosure] [New Tool] - Exploit Pack - Web Security
runlvl
- [Full-disclosure] RuggedCom - Backdoor Accounts in my SCADA network? You don't say...
jc
- [Full-disclosure] [New tool] - Exploit Pack - Web Security
runlvl
- [Full-disclosure] [New tool] - Exploit Pack - Web Security
noreply at exploitpack.com
- [Full-disclosure] Cross Site Scripting - Exploitation & Penetration Strings
Research
- [Full-disclosure] BeyondCHM 1.1 Buffer Overflow
Carlo Di Dato
- [Full-disclosure] OpenSSL Security Advisory
Mark J Cox
- [Full-disclosure] Fwd: Vulnerability research and exploit writing
Ferenc Kovacs
- [Full-disclosure] New IETF I-D: Security Implications of IPv6 on IPv4 networks
Fernando Gont
- [Full-disclosure] [New tool] - Exploit Pack - Web Security
Jerome Athias
- [Full-disclosure] [New tool] - Exploit Pack - Web Security
Michele Orru
- [Full-disclosure] [New tool] - Exploit Pack - Web Security
Mario Vilas
- [Full-disclosure] Vulnerability in Backtrack
Григорий Братислава
- [Full-disclosure] Vulnerability in Backtrack
Sergio Arcos
- [Full-disclosure] [Tool] Introducing plown: security scanner for Plone CMS
mgogoulos at unweb.me
- [Full-disclosure] [ MDVSA-2012:064 ] openssl0.9.8
security at mandriva.com
- [Full-disclosure] We're now paying up to $20, 000 for web vulns in our services
Jim Harrison
- [Full-disclosure] Vulnerability in Backtrack
Gage Bystrom
- [Full-disclosure] Vulnerability in Backtrack
Urlan
- [Full-disclosure] Vulnerability in Backtrack
Gage Bystrom
- [Full-disclosure] incorrect integer conversions in OpenSSL can result in memory corruption.
sd
- [Full-disclosure] Vulnerability in Backtrack
David3 Gonnella
- [Full-disclosure] We're now paying up to $20, 000 for web vulns in our services
Michal Zalewski
- [Full-disclosure] Vulnerability in Gentoo hardened
klondike
- [Full-disclosure] We're now paying up to $20, 000 for web vulns in our services
Charles Morris
- [Full-disclosure] Vulnerability in Gentoo hardened
Milan Berger
- [Full-disclosure] We're now paying up to $20, 000 for web vulns in our services
Michal Zalewski
- [Full-disclosure] Vulnerability in Gentoo hardened
Valdis.Kletnieks at vt.edu
- [Full-disclosure] Vulnerability in Gentoo hardened
Thor (Hammer of God)
- [Full-disclosure] Vulnerability in Backtrack
Disposable
- [Full-disclosure] We're now paying up to $20, 000 for web vulns in our services
Ramon de C Valle
- [Full-disclosure] Hacking WolframAlpha
Adam Behnke
- [Full-disclosure] [SECURITY] [DSA 2456-1] dropbear security update
Moritz Muehlenhoff
- [Full-disclosure] [SECURITY] [DSA 2457-1] iceweasel security update
Moritz Muehlenhoff
- [Full-disclosure] Fwd: Vulnerability research and exploit writing
Elazar Broad
- [Full-disclosure] Fwd: Vulnerability research and exploit writing
Michal Zalewski
- [Full-disclosure] [SECURITY] [DSA 2548-1] iceape security update
Moritz Muehlenhoff
- [Full-disclosure] Opcodes Database Revival
Jerome Athias
- [Full-disclosure] We're now paying up to $20, 000 for web vulns in our services
Jim Harrison
- [Full-disclosure] Fwd: Vulnerability research and exploit writing
Alex Buie
- [Full-disclosure] [SECURITY] [DSA 2454-2] openssl incomplete fix
Raphael Geissert
- [Full-disclosure] We're now paying up to $20, 000 for web vulns in our services
Georgi Guninski
- [Full-disclosure] Vulnerability in Gentoo hardened
Georgi Guninski
- [Full-disclosure] Vulnerability in Gentoo hardened
Laurelai
- [Full-disclosure] Vulnerability in Gentoo hardened
Laurelai
- [Full-disclosure] Fwd: Vulnerability research and exploit writing
James Condron
- [Full-disclosure] Vulnerability in Backtrack
James Condron
- [Full-disclosure] Vulnerability in Gentoo hardened
Benji
- [Full-disclosure] Vulnerability in Gentoo hardened
Laurelai
- [Full-disclosure] Vulnerability in Gentoo hardened
Benji
- [Full-disclosure] Vulnerability in Gentoo hardened
Laurelai
- [Full-disclosure] Vulnerability in Gentoo hardened
Benji
- [Full-disclosure] Vulnerability in Gentoo hardened
Laurelai
- [Full-disclosure] Vulnerability in Gentoo hardened
Benji
- [Full-disclosure] Vulnerability in Gentoo hardened
Laurelai
- [Full-disclosure] MoroccoTel Box Default Open Telnet Password
Jerome Athias
- [Full-disclosure] Vulnerability in Gentoo hardened
Georgi Guninski
- [Full-disclosure] [SECURITY] [DSA 2460-1] asterisk security update
Moritz Muehlenhoff
- [Full-disclosure] Hacking WolframAlpha
Lincoln Anderson
- [Full-disclosure] XSS, CSRF and AFU vulnerabilities in Organizer for WordPress
MustLive
- [Full-disclosure] (no subject)
Ramon Driessen
- [Full-disclosure] (no subject)
coderman
- [Full-disclosure] [Security-news] SA-CONTRIB-2012-062 - Creative Commons - Cross Site Scripting (XSS)
security-news at drupal.org
- [Full-disclosure] [Security-news] SA-CONTRIB-2012-063 - RealName - Cross Site Scripting (XSS)
security-news at drupal.org
- [Full-disclosure] [Security-news] SA-CONTRIB-2012-064 - Ubercart - Multiple vulnerabilities
security-news at drupal.org
- [Full-disclosure] [Security-news] SA-CONTRIB-2012-065 - Sitedoc - Information disclosure
security-news at drupal.org
- [Full-disclosure] [Security-news] SA-CONTRIB-2012-063 - RealName - Cross Site Scripting (XSS)
security-news at drupal.org
- [Full-disclosure] FW: (no subject)
imipak
- [Full-disclosure] [Security-news] SA-CONTRIB-2012-066 - Spaces and Spaces OG - Access Bypass
security-news at drupal.org
- [Full-disclosure] [Security-news] SA-CONTRIB-2012-067 - Linkit - Access bypass
security-news at drupal.org
- [Full-disclosure] FW: (no subject)
Michael Wood
- [Full-disclosure] [SECURITY] [DSA 2459-1] quagga security update
Florian Weimer
- [Full-disclosure] Oracle TNS Poison vulnerability is actually a 0day with no patch available
Joxean Koret
- [Full-disclosure] phpMyBible 0.5.1 Mutiple XSS
Martin Allert
- [Full-disclosure] Full-Disclosure Digest, Vol 86, Issue 34
Gabriel S. Craciun
- [Full-disclosure] Microsoft MSN Hotmail - Password Reset & Setup Vulnerability
Research
- [Full-disclosure] We're now paying up to $20, 000 for web vulns in our services
Bob McConnell
- [Full-disclosure] We're now paying up to $20, 000 for web vulns in our services
Jim Harrison
- [Full-disclosure] [New tool] - Exploit Pack - Web Security
Mario Vilas
- [Full-disclosure] [New tool] - Exploit Pack - Web Security
Michele Orru
- [Full-disclosure] IA, CSRF and FPD vulnerabilities in Organizer for WordPress
MustLive
- [Full-disclosure] DDIVRT-2012-40 PacketVideo TwonkyServer and TwonkyMedia Directory Traversal
ddivulnalert
- [Full-disclosure] DDIVRT-2012-41 ACTi Web Configurator cgi-bin Directory Traversal
ddivulnalert
- [Full-disclosure] [SECURITY] [DSA 2461-1] spip security update
Moritz Muehlenhoff
- [Full-disclosure] DirectAdmin v1.403 - Multiple Cross Site Vulnerabilities
Research
- [Full-disclosure] DIY CMS v1.0 Poll - Multiple Web Vulnerabilities
Research
- [Full-disclosure] Car Portal CMS v3.0 - Multiple Web Vulnerabilities
Research
- [Full-disclosure] C4B XPhone UC Web 4.1.890S R1 - Cross Site Vulnerability
Research
- [Full-disclosure] CIntruder v0.2 released
psy
- [Full-disclosure] [Exploit Pack] - Web Security -Webinar Live demo!
runlvl
- [Full-disclosure] VMSA-2012-0008 VMware ESX updates to ESX Service Console
VMware Security Team
- [Full-disclosure] [ MDVSA-2012:065 ] php
security at mandriva.com
- [Full-disclosure] [ MDVSA-2012:066 ] mozilla
security at mandriva.com
- [Full-disclosure] We're now paying up to $20, 000 for web vulns in our services
Charlie Derr
- [Full-disclosure] We're now paying up to $20, 000 for web vulns in our services
Marcio B. Jr.
- [Full-disclosure] nullcon Delhi 2012 Call for Paper/Call for Event
murtuja bharmal
- [Full-disclosure] Opial CMS v2.0 - Multiple Web Vulnerabilities
Research
- [Full-disclosure] C4B XPhone UC Web 4.1.890S R1 - Cross Site Vulnerability
Research
- [Full-disclosure] China Pujia Government - Blind SQL Injection Vulnerability
Research
- [Full-disclosure] China Pujiang Government - Blind SQL Injection Vulnerability
Research
- [Full-disclosure] Croogo v1.3.4 CMS - Multiple Web Vulnerabilities
Research
- [Full-disclosure] [SECURITY] [DSA 2462-1] imagemagick security update
Moritz Muehlenhoff
- [Full-disclosure] WordPress BruteForce Script
CorryL
- [Full-disclosure] WordPress BruteForce Script
R00T_ATI
- [Full-disclosure] PHP Denial of Service - Memory leak in getimagesize().
Manu
- [Full-disclosure] Pritlog v0.821 CMS - Multiple Web Vulnerabilities
Research
- [Full-disclosure] DoS vulnerabilities in Firefox, Internet Explorer and Opera
MustLive
- [Full-disclosure] DoS vulnerabilities in Firefox, Internet Explorer and Opera
Valdis.Kletnieks at vt.edu
- [Full-disclosure] CWEs translation
Jerome Athias
- [Full-disclosure] XSS in UMP-Sarkozy mailer system
Jerome Athias
- [Full-disclosure] DoS vulnerabilities in Firefox, Internet Explorer and Opera
InterN0T Advisories
Last message date:
Mon Apr 30 23:16:42 BST 2012
Archived on: Mon Apr 30 23:16:59 BST 2012
Full-Disclosure is hosted and sponsored by Secunia.