SecurityFeed.info » Bugtraq (bugtraq) Mailing List

Feeds

57036 items (57036 unread) in 90 feeds

• Aviv Raff On .NET (29 unread)
• Bugtraq (bugtraq) Mailing List (2860 unread)
• CGISecurity.com: Your Web Site and Application Security Resource (415 unread)
• christian's weblog (25 unread)
• Irongeek's Security Site (344 unread)
• Jeremiah Grossman (191 unread)
• Heorot.net (19 unread)
• milw0rm.com (1332 unread)
• Nmap Hackers (nmap-hackers) Mailing List (27 unread)
• Rootsecure.net (3262 unread)
• SecuriTeam.com (645 unread)
• Security Vulnerability Research & Defense (147 unread)
• SecurityFocus News (435 unread)
• SecurityFocus Vulnerabilities (2707 unread)
• Securityvulns news channel (1735 unread)
• SecWatch - Latest Exploit Alerts (10 unread)
• Taking Network Security to the Streets (28 unread)
• The One And Only Matt Parnell.com (86 unread)
• The Register - Security (2360 unread)
• The Register - Software (2742 unread)
• VulnWatch (vulnwatch) Mailing List (19 unread)
• Web App Security (webappsec) Mailing List (433 unread)
• IceСμbeς (15 unread)
• Linmagazine (757 unread)
• ‫netcraft Bytes :) (130 unread)
• Blonde 2.0 (218 unread)
• The Microsoft Security Response Center (MSRC) (175 unread)
• (IN)SECURE Magazine Notifications RSS (45 unread)
• 0x000000 Security (95 unread)
• ----- Anti-Malware ----- Analysis and Defense (16 unread)
• Apple Fun (25 unread)
• Technorati Search for: aviv.raffon.net (368 unread)
• C.I.S.R.T. (25 unread)
• Determina Zero-Day Protection (6 unread)
• Didier Stevens (157 unread)
• eEye Digital Security - Research Blog (12 unread)
• Ryan Naraine's Security Watch (488 unread)
• Security - RSS Feeds (1100 unread)
• Exploit Prevention Labs (28 unread)
• Software Vulnerability Exploitation Blog (22 unread)
• F-Secure Antivirus Research Weblog (470 unread)
• Full Disclosure (1289 unread)
• George Ou (10 unread)
• GNUCITIZEN Media Portfolio (157 unread)
• ha.ckers.org web application security lab (135 unread)
• heise security (1864 unread)
• invisiblethings' blog (57 unread)
• Jeff Jones's blog (13 unread)
• JScript Blog (26 unread)
• Matasano Chargen (74 unread)
• McAfee Avert Labs (354 unread)
• Michael Howard's Web Log (46 unread)
• PandaLabs (227 unread)
• Zero Day (867 unread)
• SANS Internet Storm Center, InfoCON: green (1115 unread)
• Latest Secunia Security Watchdog Blog Entries (71 unread)
• SecuriTeam Blogs (248 unread)
• Security Fix (494 unread)
• HP ASC Portal (30 unread)
• Strike Center (12 unread)
• Sunbelt Blog (909 unread)
• Sunnet Beskerming Security Advisories (149 unread)
• Technobabylon
• The Recurity Lablog (34 unread)
• Wired: Threat Level (1460 unread)
• TrendLabs | Malware Blog - by Trend Micro (636 unread)
• Uninformed Journal (49 unread)
• WabiSabiLabi's blog (23 unread)
• WatchGuard Wire (134 unread)
• Latest Blog Entires From WebSense Security Labs (164 unread)
• Hackszine.com (664 unread)
• DVLabs: Blogs (145 unread)
• Errata Security (177 unread)
• Robert Hensing's Blog (93 unread)
• PaulDotCom Community Blog (14 unread)
• David LeBlanc's Web Log (34 unread)
• Billy (BK) Rios (29 unread)
• David Litchfield's blog (22 unread)
• Farfromr00tin (27 unread)
• aut disce, aut discede (17 unread)
• pwn* (26 unread)
• hackademix.net (106 unread)
• SecurityDot Vulnerabilities (1939 unread)
• Vulnerabilities & Exploits (87 unread)
• Malicious Code (100 unread)
• Security Risks (66 unread)
• Digg / Security / upcoming (17371 unread)
• digg.com: News / Security / Popular (395 unread)
• DarkReading - Security News (926 unread)
• DarkReading - All Stories (148 unread)

Bugtraq (bugtraq) Mailing List (10 unread)

• March 09, 2010
• 20:55

  ZDI-10-025: Microsoft Office Excel XLSX File Parsing Remote Code Execution Vulnerability

   » ‎ Bugtraq (bugtraq) Mailing List

  Posted by ZDI Disclosures on Mar 09

  ZDI-10-025: Microsoft Office Excel XLSX File Parsing Remote Code Execution Vulnerability
  [www.zerodayinitiative.com]
  March 9, 2010
  
  -- CVE ID:
  CVE-2010-0263
  
  -- Affected Vendors:
  Microsoft
  
  -- Affected Products:
  Microsoft Office Excel
  
  -- Vulnerability Details:
  This vulnerability allows remote attackers to execute arbitrary code on
  vulnerable installations of Microsoft Office Excel. User interaction is
  required to...
  
• 19:57

  [security bulletin] HPSBMA02489 SSRT090065 rev.1 - HP Performance Insight , Remote Execution of Arbitrary Commands

   » ‎ Bugtraq (bugtraq) Mailing List

  Posted by security-alert on Mar 09

  SUPPORT COMMUNICATION - SECURITY BULLETIN
  
  Document ID: c02033170
  Version: 1
  
  HPSBMA02489 SSRT090065 rev.1 - HP Performance Insight , Remote Execution of Arbitrary Commands
  
  NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
  
  Release Date: 2010-03-08
  Last Updated: 2010-03-08
  
  Potential Security Impact: Remote execution of arbitrary commands
  
  Source: Hewlett-Packard Company, HP Software Security Response...
  
• 19:31

  [SECURITY] [DSA 2008-1] New typo3-src packages fix several vulnerabilities

   » ‎ Bugtraq (bugtraq) Mailing List

  Posted by Moritz Muehlenhoff on Mar 09

  ------------------------------------------------------------------------
  Debian Security Advisory DSA-2008-1 security () debian org
  [www.debian.org] Moritz Muehlenhoff
  March 08, 2010 [www.debian.org]
  ------------------------------------------------------------------------
  
  Package : typo3-src
  Vulnerability : several
  Problem type : local/remote...
  
• 18:41

  IBM ENOVIA SmarTeam v5 Cross Site Scripting Vulnerability

   » ‎ Bugtraq (bugtraq) Mailing List

  Posted by lament on Mar 09

  =========================================
  Yaniv Miron aka "Lament" Advisory March 7, 2010
  IBM ENOVIA SmarTeam v5 Cross Site Scripting Vulnerability
  =========================================
  
  =====================
  I. BACKGROUND
  =====================
  ENOVIA SmarTeam provides highly flexible product data management
  and mission-critical business process management.
  It helps your team optimally leverage product knowledge,
  driving...
  
• 18:36

  Re: Apple Airport Wireless Products: Promiscuous FTP PORT Allowed in FTP Proxy Provides Security Bypass

   » ‎ Bugtraq (bugtraq) Mailing List

  Posted by Sabahattin Gucukoglu on Mar 09

  Do you have firmware information on which products it affects.
  
  Tested with firmware 7.5 on the latest-generation units. Should work just fine with 7.4.2, on the previous generation.
  These are the latest versions. I don't know about previous releases for Airport Express, Airport Extreme, or Time
  Capsule, and what revisions they will be at. They will probably be affected as long as they offer FTP access, which I
  think was true for Airport...
  
• 18:31

  SQL injection vulnerability in wILD CMS

   » ‎ Bugtraq (bugtraq) Mailing List

  Posted by Maciej Gojny on Mar 09

  # Title: [SQL injection vulnerability in wILD CMS]
  # Date: [09.03.2010]
  # Author: [Ariko-Security]
  # Software Link: [[www.wildcms.com]]
  # Version: [ALL]
  
  ============ { Ariko-Security - Advisory #4/3/2010 } =============
  
  SQL injection vulnerability in wILD CMS
  
  Vendor's Description of Software:
  # [www.wildcms.com]
  Vulnerable DEMO
  # [www.wildcms.com]
  
  Dork:
  # N/A
  
  Application Info:
  # Name: wILD CMS...
  
• 18:26

  Croogo CMS 1.2 Cross Site Scripting Vulnerabilities

   » ‎ Bugtraq (bugtraq) Mailing List

  Posted by Paulino Calderon on Mar 09

  Croogo CMS 1.2 Cross Site Scripting Vulnerabilities
  ==========================================
  
  Vulnerable Software: 1.2 and prior
  Release Date: 2010-03-06
  Last Update: 2010-02-01
  Critical: Low
  Impact: Session hijack
  Denial of service
  Code execution
  
  Solution Status: Webvuln has informed and submitted a patch to the vendor
  Croogo 1.2.1 has been released
  WebVuln Advisory: 1-009
  
  BACKGROUND...
  
• 4:55

  [ MDVSA-2010:057 ] apache

   » ‎ Bugtraq (bugtraq) Mailing List

  Posted by security on Mar 08

  _______________________________________________________________________
  
  Mandriva Linux Security Advisory MDVSA-2010:057
  [www.mandriva.com]
  _______________________________________________________________________
  
  Package : apache
  Date : March 6, 2010
  Affected: 2008.0, 2009.0, 2009.1, 2010.0, Corporate 4.0,
  Enterprise Server 5.0...
  
• March 08, 2010
• 23:57

  Re: phpinfo() XSS Vulnerability

   » ‎ Bugtraq (bugtraq) Mailing List

  Posted by Salvatore Fresta aka Drosophila on Mar 08

  I tested it with php 5.1.6 and 5.2.6 and seems not work. The
  request_uri's content is encoded before to be printed:
  
  /phpinfo.php?+%3CScRipT%3Ealert(0111001101100101011000110111010101110010011010010111010001111001);%3C/sCrIpT%3E+
  
• 22:04

  [USN-907-1] gnome-screensaver vulnerabilities

   » ‎ Bugtraq (bugtraq) Mailing List

  Posted by Marc Deslauriers on Mar 08

  ===========================================================
  Ubuntu Security Notice USN-907-1 March 08, 2010
  gnome-screensaver vulnerabilities
  CVE-2010-0285, CVE-2010-0422
  ===========================================================
  
  A security issue affects the following Ubuntu releases:
  
  Ubuntu 8.10
  Ubuntu 9.04
  Ubuntu 9.10
  
  This advisory also applies to the corresponding versions of
  Kubuntu, Edubuntu, and Xubuntu.
  
  The problem can be...