[Full-disclosure] [ MDVSA-2010:105 ] openoffice.org

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2010:105 http://www.mandriva.com/security/

Re: [Full-disclosure] Windows' future (reprise)

On Tue, May 18, 2010 at 11:27:22AM -0400, valdis.kletni...@vt.edu wrote: > > (Note that the esteemed Mroverlooked "unknown > knowns" - that class > of stuff we don't realize or refuse to admit we actually *do* know: > ok, i know i am a writer not a reader (like a narcisist chukcha is ;) ) ca

[Full-disclosure] PR10-03: Authenticated Cross-Site Scripting (XSS) within the Apache Axis2 administration console

PR10-03: Authenticated XSS within the Apache Axis2 administration console Vulnerability found: 30th January 2010 Vendor informed: 1st February 2010 Vulnerability fixed: Severity: Medium Description: Axis2 is a web services/SOAP/WDSL engine, widely used within many commercial products Procheck

[Full-disclosure] SDS Parent Connect SQL Injection

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Vendor : Specialized Data Systems (SDS) Product : Parent Connect Version : 2010.04.11 tested, all versions presumed vulnerable URL : http://www.schooloffice.com/newweb/Items.aspx?catId=c22 Description (from vendor website): "SDS [...] brin

[Full-disclosure] Sun Solaris 10 libc/*convert (*cvt) buffer overflow

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [ Sun Solaris 10 libc/*convert (*cvt) buffer overflow ] Author: Maksymilian Arciemowicz http://SecurityReason.com Date: - - Dis.: 15.04.2010 - - Pub.: 21.05.2010 Affected Software: - - Sun Solaris 10 10/9 Original URL: http://securityreason.com/achi

[Full-disclosure] Sun Solaris 10 filesystem rm(1), find(1), etc, Denial-of-service

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [ Sun Solaris 10 filesystem rm(1),find(1),etc, Denial-of-service ] Author: Maksymilian Arciemowicz SecurityReason.com Date: - - Dis.: 17.04.2010 - - Pub.: 21.05.2010 Affected Software: - - Sun Solaris 10 10/09 Original URL: http://securityreason.com

[Full-disclosure] Sun Solaris 10 ftpd Cross-site request forgery

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [ Sun Solaris 10 ftpd Cross-site request forgery ] Author: Maksymilian Arciemowicz SecurityReason.com Date: - - Dis.: 24.02.2010 - - Pub.: 21.05.2010 Affected Software: - - Sun Solaris 10 10/09 - - OpenSoalris 2009.06 Original URL: http://securityre

[Full-disclosure] HP-UX, IBM AIX, SGI IRIX Remote Vulnerability - CVE-2010-1039

Dear List, I'm writing on behalf of the Check Point Vulnerability Discovery Team to publish the following vulnerability. Check Point Software Technologies - Vulnerability Discovery Team (VDT) http://www.checkpoint.com/defense/ rpc.pcnfsd syslog format string vulnerability CVE-2010-1039 INTROD

[Full-disclosure] Vulnerability in widget Flash Tag Cloud for Blogsa and other ASP.NET engines

Hello Full-Disclosure! I want to warn you about security vulnerability in Flash Tag Cloud control for ASP.NET. - Advisory: Vulnerability in widget Flash Tag Cloud for Blogsa and other ASP.NET engines - URL: http://websecurity.com.ua/4213/ --

[Full-disclosure] GVI 2010-02 Multiple vulnerabilities in Open-AudIT

GVI-2010-02 : Multiple vulnerabilities in Open-AudIT 1 Overview -- Excerpt from http://www.open-audit.org : "Open-AudIT is an application to tell you exactly what is on your network, how it is configured and when it changes. Open-AudIT

[Full-disclosure] [ MDVSA-2010:104 ] dovecot

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2010:104 http://www.mandriva.com/security/

[Full-disclosure] Month of PHP Security - Summary - 11st May - 21th

Hello Everyone, it is 21th of May. The Month of PHP Security (http://www.php-security.org) is still running and we have reached a vulnerability count of 40 vulnerabilities, which is nearly as much as we disclosed during the whole Month of PHP Bugs in 2007. However there are 11 more days until the