[SECURITY] [DSA 1693-2] New phppgadmin packages fix regression

2009-01-21 Thread Thijs Kinkhorst
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-1693-2 secur...@debian.org http://www.debian.org/security/ Thijs Kinkhorst January 21, 2009

[SECURITY] [DSA 1709-1] New shadow packages fix privilege escalation

2009-01-21 Thread Thijs Kinkhorst
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-1709-1 secur...@debian.org http://www.debian.org/security/ Thijs Kinkhorst January 21, 2009

CfP: 16th ACM Conference on Computer and Communications Security (CCS) 2009

2009-01-21 Thread Christopher Kruegel
== Call for Papers: 16th ACM Conference on Computer and Communications Security (CCS) 2009 Nov 9 - 13, 2009: Hyatt Regency Chicago, IL, USA http://sigsac.org/ccs/CCS2009 ===

[DSECRG-09-004] AXIS 70U Network Document Server - Privilege Escalation and XSS

2009-01-21 Thread Digital Security Research Group
Digital Security Research Group [DSecRG] Advisory #DSECRG-09-004 AXIS 70U Network Document Server - Privilege Escalation and XSS http://dsecrg.com/pages/vul/show.php?id=60 Application:AXIS 70U Network Document Server (Web Interface) Versions Affected: 3.0

Cisco Security Advisory: Cisco Security Manager Vulnerability

2009-01-21 Thread Cisco Systems Product Security Incident Response Team
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Security Advisory: Cisco Security Manager Vulnerability Advisory ID: cisco-sa-20090121-csm http://www.cisco.com/warp/public/707/cisco-sa-20090121-csm.shtml Revision 1.0 For Public Release 2009 January 21 1600 UTC (GMT

Cisco Security Advisory: Cisco Unified Communications Manager CAPF Denial of Service Vulnerability`

2009-01-21 Thread Cisco Systems Product Security Incident Response Team
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Security Advisory: Cisco Unified Communications Manager CAPF Denial of Service Vulnerability Advisory ID: cisco-sa-20090121-cucmcapf Revision 1.0 For Public Release 2009 January 21 1600 UTC (GMT

Joomla component beamospetition 1.0.12 Sql Injection

2009-01-21 Thread vds_s
Joomla component beamospetition 1.0.12 Sql Injection / Xss Author : vds_s Dork : "Powered by beamospetition 1.0.12" Dl : http://joomlacode.org/gf/project/beamospetition/ Xss : http://[site]/?option=com_beamospetition&func=sign&pet='>alert('Xss') Sql Injection : http://[site]/?option=com_beam

Re: [Full-disclosure] Oracle Containers For Java Directory Traversal (OC4J) Oracle Application Server 10g (10.1.3.1.0) Oracle HTTP Server

2009-01-21 Thread Mark Thomas
Eduardo Vela wrote: > Probably one of this are the vulnerabilty descriptions of the bugs: > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5460 > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4017 Looks to be an exact match with http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-20

Digital Security opens a site of its research center DSec Research Group

2009-01-21 Thread Digital Security Research Group
Digital Security opens a site of its research center DSec Research Group Digital Security opens a site of its research center DSec Research Group [DSecRG], the main mission of which is to conduct researches of different application and system vulnerabilities. The result of this work is then used

[ GLSA 200901-14 ] Scilab: Insecure temporary file usage

2009-01-21 Thread Pierre-Yves Rofes
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200901-14 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - -

[IMF 2009] Call for Papers

2009-01-21 Thread Oliver Goebel
Dear all, for your information. Please excuse possible cross postings. CALL FOR PAPERS IMF 2009 5th International Conference on IT