Hi, Holger--
On Aug 18, 2010, at 2:59 AM, Holger Rabbach wrote:
I am happy to announce the immediate availability of a web based email
security testing tool at http://www.ismymailsecure.com. [ ... ]
If you have any concerns about having to enter a full email address,
please be advised that
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA-2094-1secur...@debian.org
http://www.debian.org/security/ dann frazier
August 19, 2010
Vulnerability ID: HTB22566
Reference:
http://www.htbridge.ch/advisory/directory_traversal_in_autoftp_manager.html
Product: AutoFTP Manager
Vendor: DeskShare ( http://www.deskshare.com/afm.aspx )
Vulnerable Version: 4.31 and Probably Prior Versions
Vendor Notification: 05 August 2010
RUXCON 2010 FINAL CALL FOR PAPERS
Ruxcon would like to announce the final call for papers for the sixth annual
Ruxcon conference.
This year the conference will take place over the weekend of 20th and 21st of
November.
Ruxcon will be held at CQ, Melbourne, Australia.
The deadline for
Vulnerability ID: HTB22565
Reference:
http://www.htbridge.ch/advisory/directory_traversal_in_3d_ftp_client.html
Product: 3D FTP Client
Vendor: SiteDesigner Technologies, Inc. ( http://3dftp.com/3dftp.htm )
Vulnerable Version: 9.0 build 2 and Probably Prior Versions
Vendor Notification: 05 August
==
phpMyAdmin 3.3.5 / 2.11.10 = Cross Site Scripting (XSS) Vulnerability
==
1. OVERVIEW
The phpMyAdmin web application was vulnerable to Cross
Nagios XI Login XSS
Advisory ID: NGENUITY-2010-007
Vulnerability Information
Class: Cross-Site Scripting (XSS)
Software Description
Nagios XI is the commercial / enterprise version of the open source
Nagios project.
Vulnerability Description
The login page for the Nagios XI management
Vulnerability ID: HTB22567
Reference: http://www.htbridge.ch/advisory/directory_traversal_in_ftpgetter.html
Product: FTPGetter
Vendor: FTPGetter Team ( http://www.ftpgetter.com/ )
Vulnerable Version: 3.51.0.05 and Probably Prior Versions
Vendor Notification: 05 August 2010
Vulnerability Type:
==
Secunia Research 20/08/2010
- Novell iPrint Client call-back-url Buffer Overflow -
==
Table of Contents
Affected
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2010:158
http://www.mandriva.com/security/
[Bkis-04-2010] Multiple Vulnerabilities in OpenBlog
1. General Information
OpenBlog is a free software for developing blogging platform. OpenBlog is
written on PHP language and available at http://www.open-blog.info. In
August 2010, Bkis Security discovered some XSS, CSRF vulnerabilities on this
Hello Bugtraq!
Regarding this XSS in WordPress 3.0.1
(http://www.securityfocus.com/archive/1/513101/30/30/threaded) I'll note
about what I already wrote at my site last week. And already wrote to David.
That for the attack it's needed to know token (_wpnonce), which designed to
protect
Vulnerability ID: HTB22563
Reference: http://www.htbridge.ch/advisory/xss_vulnerability_in_maxdev.html
Product: MAXdev
Vendor: MAXdev ( http://www.maxdev.it/ )
Vulnerable Version: 1.0.83 and Probably Prior Versions
Vendor Notification: 05 August 2010
Vulnerability Type: XSS (Cross Site
Biblioteca 1.0 Beta Joomla Component Multiple SQL Injection Vulnerabilities
Name Biblioteca
Vendorhttp://www.cielostellato.info
Versions Affected 1.0 Beta
AuthorSalvatore Fresta aka Drosophila
Website http://www.salvatorefresta.net
Contact
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2010:155
http://www.mandriva.com/security/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-2095-1 secur...@debian.org
http://www.debian.org/security/Giuseppe Iuculano
August 23, 2010
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2010:157
http://www.mandriva.com/security/
Hi
Google Chrome ( 5.0.375.127 and previous versions) suffers from HTTP
Auth Dialog spoofing vulnerability due to possible
realm manipulation in the HTTP header. Previously, Google chrome has got
a similar bug which can be seen on the following link
2wire support just replied that this has been fixed and new version
(6.x.x.x) has been released.
The advisory has been updated accordingly.
http://yehg.net/lab/pr0js/advisories/2wire/[2wire]_session_hijacking_vulnerability
==
Secunia Research 23/08/2010
- Mono libgdiplus Image Processing Three Integer Overflows -
==
Table of Contents
Affected
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2010:156
http://www.mandriva.com/security/
21 matches
Mail list logo