oss-security February 2012 archive
Main Archive Page > Month Archives  > oss-security archives
oss-security: By Author

oss-security By Author

AuthorSubject Date
Agostino Sarubbo
 [oss-security] CVE request: phpldapadmin "base" Cross-Site Scripting Vulnerability02 Feb 2012
 Re: [oss-security] Subscribe to linux-distros01 Feb 2012
Alex Legler
 Re: [oss-security] Subscribe to linux-distros01 Feb 2012
Andres Gomez
 [oss-security] TORCS 1.3.2 xml buffer overflow - CVE-2012-118918 Feb 2012
ArkanoiD
 Re: [oss-security] Attack on badly configured Netfilter-based firewalls27 Feb 2012
Berke Viktor
 [oss-security] Re: CVE Request (two ids) -- Xchat-WDK (prior 1499-4 [2012-01-18]) and Xchat-v2.8.6 on Maemo architecture -- Heap-based buffer overflow by processing UTF-8 line from server containing characters outside BMP01 Feb 2012
Carsten Eiram
 RE: [oss-security] XSS hiding CSRF (was: Re: [oss-security] Mibew messenger multiple XSS)02 Feb 2012
CERT(R) Coordination Center
 [oss-security] Bugs in "file" program VU#62174520 Feb 2012
cve-assign_at_nospam
 Re: [oss-security] Re: CVE Status Clarification / Request -- kadu: Stored XSS by parsing contact's status and sms messages in history29 Feb 2012
 Re: [oss-security] Re: CVE Status Clarification / Request -- kadu: Stored XSS by parsing contact's status and sms messages in history28 Feb 2012
 [oss-security] Re: CVE Status Clarification / Request -- kadu: Stored XSS by parsing contact's status and sms messages in history28 Feb 2012
Daniel Suarez
 RE: [oss-security] CVE request: surf10 Feb 2012
David Malcolm
 Re: [oss-security] CVE Request -- python (SimpleXMLRPCServer): DoS (excessive CPU usage) via malformed XML-RPC / HTTP POST request14 Feb 2012
Djalal Harouni
 Re: [oss-security] Linux procfs infoleaks via self-read by a SUID/SGID program (was: CVE-2011-3637 Linux kernel: proc: fix Oops on invalid /proc/<pid>/maps access)09 Feb 2012
 Re: [oss-security] Linux procfs infoleaks via self-read by a SUID/SGID program (was: CVE-2011-3637 Linux kernel: proc: fix Oops on invalid /proc/<pid>/maps access)08 Feb 2012
Eitan Adler
 Re: [oss-security] CVE-request: Webcalendar 1.2.4 location XSS12 Feb 2012
Emilien Girault
 [oss-security] [vs] CVE-2012-1037 GLPI <= 0.80.61 LFI/RFI10 Feb 2012
Eric Leblond
 Re: [oss-security] Attack on badly configured Netfilter-based firewalls28 Feb 2012
 Re: [oss-security] Attack on badly configured Netfilter-based firewalls27 Feb 2012
 Re: [oss-security] Attack on badly configured Netfilter-based firewalls27 Feb 2012
 Re: [oss-security] Attack on badly configured Netfilter-based firewalls26 Feb 2012
 Re: [oss-security] Attack on badly configured Netfilter-based firewalls26 Feb 2012
 Re: [oss-security] Attack on badly configured Netfilter-based firewalls25 Feb 2012
 [oss-security] Attack on badly configured Netfilter-based firewalls25 Feb 2012
Eugene Teo
 Re: [oss-security] Attack on badly configured Netfilter-based firewalls27 Feb 2012
Filippo Cavallarin
 Re: [oss-security] XSS hiding CSRF (was: Re: [oss-security] Mibew messenger multiple XSS)02 Feb 2012
Florian Weimer
 Re: [oss-security] Bugs in "file" program VU#62174529 Feb 2012
 Re: [oss-security] CVE request: smokeping XSS27 Feb 2012
 Re: [oss-security] Attack on badly configured Netfilter-based firewalls27 Feb 2012
 Re: [oss-security] CVE request: surf10 Feb 2012
 [oss-security] CVE request: surf10 Feb 2012
Henri Salo
 Re: [oss-security] Case YVS Image Gallery27 Feb 2012
 [oss-security] Case YVS Image Gallery27 Feb 2012
 Re: [oss-security] Vulnerabilitites in Debian F*EX <= 20100208 and F*EX 20111129-2.20 Feb 2012
 Re: [oss-security] CVE-request: Webcalendar 1.2.4 location XSS12 Feb 2012
 Re: [oss-security] CVE-request: Webcalendar 1.2.4 location XSS12 Feb 2012
 [oss-security] CVE-request: Webcalendar 1.2.4 location XSS11 Feb 2012
 [oss-security] imagemagick invalid validation DoS CVE-2012-0247 and CVE-2012-0247810 Feb 2012
 Re: [oss-security] MySQL 0-day - does it need a CVE?10 Feb 2012
 Re: [oss-security] MySQL 0-day - does it need a CVE?09 Feb 2012
 Re: [oss-security] MySQL 0-day - does it need a CVE?09 Feb 2012
 [oss-security] CVE-request: Joomla! Security News 2012-02-0303 Feb 2012
Huzaifa Sidhpurwala
 [oss-security] libxml2: hash table collisions CPU usage DoS22 Feb 2012
Ian Campbell
 Re: [oss-security] Adding Xen.org contact to linux-distros security list05 Feb 2012
 [oss-security] Adding Xen.org contact to linux-distros security list03 Feb 2012
Ian Jackson
 [oss-security] Xen Security Advisory 6 (CVE-2012-0029) - HVM e1000, buffer overflow02 Feb 2012
Jan Lieskovsky
 [oss-security] CVE Request (minor) -- osc: Improper sanitization of terminal emulator escape sequences when displaying build log and build status28 Feb 2012
 [oss-security] CVE Request -- Multiple instances of insecure temporary file use27 Feb 2012
 [oss-security] CVE Status Clarification / Request -- kadu: Stored XSS by parsing contact's status and sms messages in history27 Feb 2012
 [oss-security] CVE Request -- python-paste-script: Supplementary groups not dropped when started an application with "paster serve" as root23 Feb 2012
 Re: [oss-security] CVE Request -- python (SimpleXMLRPCServer): DoS (excessive CPU usage) via malformed XML-RPC / HTTP POST request14 Feb 2012
 [oss-security] CVE Request -- python (SimpleXMLRPCServer): DoS (excessive CPU usage) via malformed XML-RPC / HTTP POST request13 Feb 2012
 [oss-security] CVE Request (two ids) -- Xchat-WDK (prior 1499-4 [2012-01-18]) and Xchat-v2.8.6 on Maemo architecture -- Heap-based buffer overflow by processing UTF-8 line from server containing characters outside BMP01 Feb 2012
Jason A. Donenfeld
 Re: [oss-security] Linux procfs infoleaks via self-read by a SUID/SGID program (was: CVE-2011-3637 Linux kernel: proc: fix Oops on invalid /proc/<pid>/maps access)09 Feb 2012
 Re: [oss-security] Linux procfs infoleaks via self-read by a SUID/SGID program (was: CVE-2011-3637 Linux kernel: proc: fix Oops on invalid /proc/<pid>/maps access)09 Feb 2012
 Re: [oss-security] Linux procfs infoleaks via self-read by a SUID/SGID program (was: CVE-2011-3637 Linux kernel: proc: fix Oops on invalid /proc/<pid>/maps access)09 Feb 2012
 Re: [oss-security] CVE-2011-3637 Linux kernel: proc: fix Oops on invalid /proc/<pid>/maps access08 Feb 2012
Kurt Seifried
 Re: [oss-security] Bugs in "file" program VU#62174529 Feb 2012
 Re: [oss-security] Bugs in "file" program VU#62174529 Feb 2012
 Re: [oss-security] CVE request: init script x11-common creates directories in insecure manners29 Feb 2012
 Re: [oss-security] Re: CVE Request (minor) -- osc: Improper sanitization of terminal emulator escape sequences when displaying build log and build status28 Feb 2012
 Re: [oss-security] CVE request: openssl: null pointer dereference issue28 Feb 2012
 Re: [oss-security] Re: CVE Status Clarification / Request -- kadu: Stored XSS by parsing contact's status and sms messages in history28 Feb 2012
 Re: [oss-security] Re: CVE Status Clarification / Request -- kadu: Stored XSS by parsing contact's status and sms messages in history28 Feb 2012
 Re: [oss-security] Re: CVE Status Clarification / Request -- kadu: Stored XSS by parsing contact's status and sms messages in history28 Feb 2012
 Re: [oss-security] Re: CVE Status Clarification / Request -- kadu: Stored XSS by parsing contact's status and sms messages in history28 Feb 2012
 Re: [oss-security] Re: CVE Status Clarification / Request -- kadu: Stored XSS by parsing contact's status and sms messages in history28 Feb 2012
 Re: [oss-security] CVE request -- kernel: cifs: dentry refcount leak when opening a FIFO on lookup leads to panic on unmount28 Feb 2012
 Re: [oss-security] Re: CVE Status Clarification / Request -- kadu: Stored XSS by parsing contact's status and sms messages in history27 Feb 2012
 Re: [oss-security] Re: DesktopOnNet 3 Beta LFI27 Feb 2012
 Re: [oss-security] CVE request: openssl: null pointer dereference issue27 Feb 2012
 Re: [oss-security] CVE Request -- Multiple instances of insecure temporary file use27 Feb 2012
 Re: [oss-security] CVE Status Clarification / Request -- kadu: Stored XSS by parsing contact's status and sms messages in history27 Feb 2012
 Re: [oss-security] Case YVS Image Gallery27 Feb 2012
 Re: [oss-security] Attack on badly configured Netfilter-based firewalls26 Feb 2012
 Re: [oss-security] MySQL 0-day - does it need a CVE?24 Feb 2012
 Re: [oss-security] CVE request -- kernel: block: CLONE_IO io_context refcounting issues23 Feb 2012
 Re: [oss-security] CVE Request -- python-paste-script: Supplementary groups not dropped when started an application with "paster serve" as root23 Feb 2012
 Re: [oss-security] Dolphin 7.0.7 <= Multiple Cross Site Scripting Vulnerabilities20 Feb 2012
 Re: [oss-security] OxWall 1.1.1 <= Multiple Cross Site Scripting Vulnerabilities20 Feb 2012
 Re: [oss-security] Bugs in "file" program VU#62174520 Feb 2012
 Re: [oss-security] Vulnerabilitites in Debian F*EX <= 20100208 and F*EX 20111129-2.20 Feb 2012
 Re: [oss-security] CubeCart 3.0.20 (3.0.x) and lower | Open URL Redirection Vulnerability18 Feb 2012
 Re: [oss-security] CubeCart 3.0.20 (3.0.x) and lower | Open URL Redirection Vulnerability17 Feb 2012
 Re: [oss-security] CVE request: mumble local information disclosure16 Feb 2012
 Re: [oss-security] CVE request: mumble local information disclosure15 Feb 2012
 Re: [oss-security] CVE Requests for FFmpeg 0.9.114 Feb 2012
 Re: [oss-security] CVE-request: Webcalendar 1.2.4 location XSS13 Feb 2012
 Re: [oss-security] CubeCart 3.0.20 (3.0.x) and lower | Open URL Redirection Vulnerability13 Feb 2012
 Re: [oss-security] CVE Request -- python (SimpleXMLRPCServer): DoS (excessive CPU usage) via malformed XML-RPC / HTTP POST request13 Feb 2012
 Re: [oss-security] CVE request: surf11 Feb 2012
 Re: [oss-security] CVE request: surf10 Feb 2012
 Re: [oss-security] MySQL 0-day - does it need a CVE?09 Feb 2012
 [oss-security] MySQL 0-day - does it need a CVE?09 Feb 2012
 Re: [oss-security] CVE request: apr - Hash DoS vulnerability09 Feb 2012
 Re: [oss-security] CVE request: Hash DoS vulnerability (ocert-2011-003)07 Feb 2012
 [oss-security] CVE request: Hash DoS vulnerability (ocert-2011-003)07 Feb 2012
 Re: [oss-security] CVE-request: Joomla! Security News 2012-02-0303 Feb 2012
 Re: [oss-security] Adding Xen.org contact to linux-distros security list03 Feb 2012
 Re: [oss-security] CVE Request (2002): Linux TCP stack could accept invalid TCP flag combinations03 Feb 2012
 Re: [oss-security] CVE request: phpldapadmin "base" Cross-Site Scripting Vulnerability03 Feb 2012
 Re: [oss-security] distros & linux-distros embargo period and message format02 Feb 2012
 Re: [oss-security] distros & linux-distros embargo period and message format02 Feb 2012
 Re: [oss-security] distros & linux-distros embargo period and message format02 Feb 2012
 Re: [oss-security] CVE Requests for FFmpeg 0.9.101 Feb 2012
 Re: [oss-security] Mibew messenger multiple XSS01 Feb 2012
 Re: [oss-security] CVE Request (two ids) -- Xchat-WDK (prior 1499-4 [2012-01-18]) and Xchat-v2.8.6 on Maemo architecture -- Heap-based buffer overflow by processing UTF-8 line from server containing characters outside BMP01 Feb 2012
Larry Stefonic
 Re: [oss-security] MySQL 0-day - does it need a CVE?24 Feb 2012
Ludwig Nussel
 [oss-security] CVE Request: NetworkManager arbitrary file access29 Feb 2012
 Re: [oss-security] CVE request: mumble local information disclosure16 Feb 2012
Marc Deslauriers
 Re: [oss-security] distros & linux-distros embargo period and message format02 Feb 2012
 Re: [oss-security] distros & linux-distros embargo period and message format01 Feb 2012
Marcus Meissner
 Re: [oss-security] Re: CVE Request (minor) -- osc: Improper sanitization of terminal emulator escape sequences when displaying build log and build status29 Feb 2012
 Re: [oss-security] Re: CVE Status Clarification / Request -- kadu: Stored XSS by parsing contact's status and sms messages in history29 Feb 2012
 [oss-security] Re: CVE Request (minor) -- osc: Improper sanitization of terminal emulator escape sequences when displaying build log and build status28 Feb 2012
 Re: [oss-security] Subscribe to linux-distros?13 Feb 2012
 [oss-security] CVE Request (2002): Linux TCP stack could accept invalid TCP flag combinations03 Feb 2012
Mateusz Goik
 [oss-security] Re: CVE Status Clarification / Request -- kadu: Stored XSS by parsing contact's status and sms messages in history27 Feb 2012
 [oss-security] Re: CVE Status Clarification / Request -- kadu: Stored XSS by parsing contact's status and sms messages in history27 Feb 2012
Matthias Weckbecker
 [oss-security] CVE request: openssl: null pointer dereference issue27 Feb 2012
 [oss-security] Subscribe to linux-distros?13 Feb 2012
Michael Gilbert
 Re: [oss-security] distros & linux-distros embargo period and message format04 Feb 2012
 Re: [oss-security] distros & linux-distros embargo period and message format04 Feb 2012
 Re: [oss-security] distros & linux-distros embargo period and message format04 Feb 2012
Moritz Muehlenhoff
 [oss-security] CVE request: apr - Hash DoS vulnerability08 Feb 2012
muuratsalo experimental hack lab
 [oss-security] Vulnerabilitites in Debian F*EX <= 20100208 and F*EX 20111129-2.20 Feb 2012
Nico Golde
 Re: [oss-security] Vulnerabilitites in Debian F*EX <= 20100208 and F*EX 20111129-2.20 Feb 2012
 Re: [oss-security] Vulnerabilitites in Debian F*EX <= 20100208 and F*EX 20111129-2.20 Feb 2012
Petr Matousek
 [oss-security] CVE request -- kernel: cifs: dentry refcount leak when opening a FIFO on lookup leads to panic on unmount28 Feb 2012
 [oss-security] CVE request -- kernel: block: CLONE_IO io_context refcounting issues23 Feb 2012
 Re: [oss-security] CVE-2011-4325 Linux kernel: nfs: diotest4 from LTP crash client07 Feb 2012
Pierre Joye
 Re: [oss-security] PHP remote code execution introduced via HashDoS fix03 Feb 2012
RafaƂ Malinowski
 Re: [oss-security] Re: CVE Status Clarification / Request -- kadu: Stored XSS by parsing contact's status and sms messages in history29 Feb 2012
 Re: [oss-security] CVE Status Clarification / Request -- kadu: Stored XSS by parsing contact's status and sms messages in history28 Feb 2012
 Re: [oss-security] Re: CVE Status Clarification / Request -- kadu: Stored XSS by parsing contact's status and sms messages in history27 Feb 2012
 [oss-security] Re: CVE Status Clarification / Request -- kadu: Stored XSS by parsing contact's status and sms messages in history27 Feb 2012
Sebastian Krahmer
 Re: [oss-security] Attack on badly configured Netfilter-based firewalls27 Feb 2012
 Re: [oss-security] Attack on badly configured Netfilter-based firewalls27 Feb 2012
Solar Designer
 Re: [oss-security] Attack on badly configured Netfilter-based firewalls27 Feb 2012
 Re: [oss-security] Attack on badly configured Netfilter-based firewalls26 Feb 2012
 Re: [oss-security] Subscribe to linux-distros?14 Feb 2012
 Re: [oss-security] MySQL 0-day - does it need a CVE?11 Feb 2012
 Re: [oss-security] MySQL 0-day - does it need a CVE?09 Feb 2012
 Re: [oss-security] CVE-2011-4325 Linux kernel: nfs: diotest4 from LTP crash client09 Feb 2012
 Re: [oss-security] Linux procfs infoleaks via self-read by a SUID/SGID program (was: CVE-2011-3637 Linux kernel: proc: fix Oops on invalid /proc/<pid>/maps access)09 Feb 2012
 Re: [oss-security] Linux procfs infoleaks via self-read by a SUID/SGID program (was: CVE-2011-3637 Linux kernel: proc: fix Oops on invalid /proc/<pid>/maps access)09 Feb 2012
 [oss-security] Linux procfs infoleaks via self-read by a SUID/SGID program (was: CVE-2011-3637 Linux kernel: proc: fix Oops on invalid /proc/<pid>/maps access)08 Feb 2012
 [oss-security] CVE-2011-4325 Linux kernel: nfs: diotest4 from LTP crash client06 Feb 2012
 Re: [oss-security] CVE-2011-4324 kernel: nfsv4: mknod(2) DoS06 Feb 2012
 Re: [oss-security] CVE Request -- kernel: jbd/jbd2: invalid value of first log block leads to oops06 Feb 2012
 [oss-security] CVE-2011-3637 Linux kernel: proc: fix Oops on invalid /proc/<pid>/maps access06 Feb 2012
 Re: [oss-security] distros & linux-distros embargo period and message format04 Feb 2012
 Re: [oss-security] distros & linux-distros embargo period and message format04 Feb 2012
 Re: [oss-security] distros & linux-distros embargo period and message format04 Feb 2012
 Re: [oss-security] Adding Xen.org contact to linux-distros security list03 Feb 2012
 Re: [oss-security] Subscribe to linux-distros03 Feb 2012
 Re: [oss-security] PHP remote code execution introduced via HashDoS fix02 Feb 2012
 Re: [oss-security] distros & linux-distros embargo period and message format02 Feb 2012
 Re: [oss-security] distros & linux-distros embargo period and message format02 Feb 2012
 Re: [oss-security] distros & linux-distros embargo period and message format02 Feb 2012
 Re: [oss-security] distros & linux-distros embargo period and message format01 Feb 2012
 Re: [oss-security] Subscribe to linux-distros01 Feb 2012
 Re: [oss-security] distros & linux-distros embargo period and message format01 Feb 2012
 Re: [oss-security] distros & linux-distros embargo period and message format01 Feb 2012
Stefan Cornelius
 [oss-security] CVE-2012-0864 assignment notification -- glibc F_S format string protection bypass via "nargs" integer overflow17 Feb 2012
Steven M. Christey
 Re: [oss-security] Vulnerabilitites in Debian F*EX <= 20100208 and F*EX 20111129-2.23 Feb 2012
 [oss-security] XSS hiding CSRF (was: Re: [oss-security] Mibew messenger multiple XSS)01 Feb 2012
Thomas Klausner
 Re: [oss-security] distros & linux-distros embargo period and message format01 Feb 2012
Tomas Hoger
 Re: [oss-security] MySQL 0-day - does it need a CVE?24 Feb 2012
 [oss-security] PHP remote code execution introduced via HashDoS fix02 Feb 2012
Vincent Danen
 [oss-security] CVE-2012-0875: systemtap memory disclosure/kernel panic when processing malformed DWARF unwind data22 Feb 2012
 [oss-security] CVE request: mumble local information disclosure15 Feb 2012
 Re: [oss-security] imagemagick invalid validation DoS CVE-2012-0247 and CVE-2012-0247810 Feb 2012
 Re: [oss-security] imagemagick invalid validation DoS CVE-2012-0247 and CVE-2012-0247810 Feb 2012
vladz
 [oss-security] CVE request: init script x11-common creates directories in insecure manners28 Feb 2012
Whitney Houston
 [oss-security] Re: DesktopOnNet 3 Beta LFI27 Feb 2012
 [oss-security] DesktopOnNet 3 Beta LFI27 Feb 2012
yersinia
 Re: [oss-security] Attack on badly configured Netfilter-based firewalls27 Feb 2012
YGN Ethical Hacker Group
 [oss-security] Dolphin 7.0.7 <= Multiple Cross Site Scripting Vulnerabilities20 Feb 2012
 [oss-security] OxWall 1.1.1 <= Multiple Cross Site Scripting Vulnerabilities20 Feb 2012
 Re: [oss-security] CubeCart 3.0.20 (3.0.x) and lower | Open URL Redirection Vulnerability16 Feb 2012
 [oss-security] CubeCart 3.0.20 (3.0.x) and lower | Open URL Redirection Vulnerability12 Feb 2012
Yves-Alexis Perez
 Re: [oss-security] Attack on badly configured Netfilter-based firewalls25 Feb 2012
 Re: [oss-security] MySQL 0-day - does it need a CVE?09 Feb 2012
 Re: [oss-security] MySQL 0-day - does it need a CVE?09 Feb 2012
 Re: [oss-security] Re: CVE Request (two ids) -- Xchat-WDK (prior 1499-4 [2012-01-18]) and Xchat-v2.8.6 on Maemo architecture -- Heap-based buffer overflow by processing UTF-8 line from server containing characters outside BMP01 Feb 2012

   © Copyright 2012 Guardian Digital, Inc. All Rights Reserved.