oss-security December 2010 archive
Main Archive Page > Month Archives  > oss-security archives
oss-security: By Thread

oss-security By Thread

SubjectAuthor Date
[oss-security] CVE Request: WiresharkUlrik Persson31 Dec 2010
[oss-security] CVE Request: CrawlTrack < 3.2.7 - remote php code executionAnthon Pang31 Dec 2010
[oss-security] CVE Request: OpenWebAnalytics < 1.2.4 - remote/local file inclusion vulnerabilityAnthon Pang31 Dec 2010
[oss-security] Re: CVE Request: OpenWebAnalytics < 1.2.4 - remote/local file inclusion vulnerabilityAnthon Pang31 Dec 2010
[oss-security] CVE request: kernel: buffer overflow in OSS load_mixer_volumesDan Rosenberg31 Dec 2010
Re: [oss-security] CVE request: kernel: buffer overflow in OSS load_mixer_volumesHuzaifa Sidhpurwala31 Dec 2010
[oss-security] Fix for CVE-2010-4524 and CVE-2010-1677 ready for verficationEarl Hood30 Dec 2010
[oss-security] CVE request: wordpress before 3.0.4 XSSHanno Böck30 Dec 2010
[oss-security] CVE Request -- Pidgin v2.7.6 <= x <= v2.7.8 -- MSN DirectConnect DoS (crash due NULL ptr dereference) after receiving a short P2P messageJan Lieskovsky27 Dec 2010
Re: [oss-security] CVE Request -- Pidgin v2.7.6 <= x <= v2.7.8 -- MSN DirectConnect DoS (crash due NULL ptr dereference) after receiving a short P2P messageHuzaifa Sidhpurwala31 Dec 2010
[oss-security] CVE-2010-2094: PECL's phar code is vulnerable tooEygene Ryabinkin26 Dec 2010
[oss-security] Re: CVE-2010-2094: PECL's phar code is vulnerable tooFelipe Pena26 Dec 2010
--> Re: [oss-security] Re: CVE-2010-2094: PECL's phar code is vulnerable tooEygene Ryabinkin26 Dec 2010
--> Re: [oss-security] Re: CVE-2010-2094: PECL's phar code is vulnerable tooFelipe Pena26 Dec 2010
[oss-security] IO::Socket::SSL perl module: CVE-2010-4501/CVE-2010-4334 dupeMoritz Muehlenhoff24 Dec 2010
Re: [oss-security] IO::Socket::SSL perl module: CVE-2010-4501/CVE-2010-4334 dupeTomas Hoger29 Dec 2010
[oss-security] CVE Request -- Django 1.2.4, Django 1.1.3 and Django 1.3 beta 1 -- addressing two security flawsJan Lieskovsky23 Dec 2010
[oss-security] CVE Request -- OfflineIMAP -- 1), failed to validate remote SSL server certificate 2), allows SSLv2 protocolJan Lieskovsky23 Dec 2010
[oss-security] Re: CVE Request -- OfflineIMAP -- 1), failed to validate remote SSL server certificate 2), allows SSLv2 protocoldave b23 Dec 2010
[oss-security] Re: CVE Request -- OfflineIMAP -- 1), failed to validate remote SSL server certificate 2), allows SSLv2 protocolJohn Goerzen23 Dec 2010
[oss-security] Re: CVE Request -- OfflineIMAP -- 1), failed to validate remote SSL server certificate 2), allows SSLv2 protocolNicolas Sebrecht23 Dec 2010
--> [oss-security] Re: CVE Request -- OfflineIMAP -- 1), failed to validate remote SSL server certificate 2), allows SSLv2 protocolJohannes Stezenbach23 Dec 2010
[oss-security] CVE request: kernel: irda: prevent integer underflow in IRLMP_ENUMDEVICESEugene Teo23 Dec 2010
[oss-security] CVE Request -- 1, ccid -- int.overflow leading to array index error 2, pcsc-lite stack-based buffer overflow in ATR decoder [was: [oss-security] CVE request: opensc buffer overflow ]Jan Lieskovsky22 Dec 2010
[oss-security] FYI -- Tor v0.2.1.28 addressing CVE-2010-1676 -- remotely exploitable heap-based buffer overflowJan Lieskovsky21 Dec 2010
[oss-security] CVE Request -- MHonArc: Improper escaping of certain HTML sequences (XSS)Jan Lieskovsky21 Dec 2010
[oss-security] Re: CVE Request -- MHonArc: Improper escaping of certain HTML sequences (XSS)Earl Hood21 Dec 2010
--> [oss-security] Re: CVE Request -- MHonArc: Improper escaping of certain HTML sequences (XSS)Raphael Geissert22 Dec 2010
--> [oss-security] Re: CVE Request -- MHonArc: Improper escaping of certain HTML sequences (XSS)Jeff Breidenbach30 Dec 2010
--> [oss-security] Re: CVE Request -- MHonArc: Improper escaping of certain HTML sequences (XSS)Earl Hood30 Dec 2010
Re: [oss-security] CVE Request -- MHonArc: Improper escaping of certain HTML sequences (XSS)Josh Bressers22 Dec 2010
[oss-security] CVE request: opensc buffer overflowLudwig Nussel21 Dec 2010
Re: [oss-security] CVE request: opensc buffer overflowJamie Strandboge21 Dec 2010
Re: [oss-security] CVE request: opensc buffer overflowJosh Bressers22 Dec 2010
[oss-security] CVE request: kernel: CAN information leak, 2nd attemptPetr Matousek20 Dec 2010
Re: [oss-security] CVE request: kernel: CAN information leak, 2nd attemptDan Rosenberg20 Dec 2010
--> Re: [oss-security] CVE request: kernel: CAN information leak, 2nd attemptPetr Matousek20 Dec 2010
--> Re: [oss-security] CVE request: kernel: CAN information leak, 2nd attemptSteven M. Christey20 Dec 2010
--> Re: [oss-security] CVE request: kernel: CAN information leak, 2nd attemptDan Rosenberg20 Dec 2010
[oss-security] CVE Request: MyBB XSS bugsUlrik Persson20 Dec 2010
Re: [oss-security] CVE Request: MyBB XSS bugsJosh Bressers22 Dec 2010
[oss-security] CVE request: Drupal views module CSRF/XSS before 2.11, XSS before 2.12Hanno Böck16 Dec 2010
Re: [oss-security] CVE request: Drupal views module CSRF/XSS before 2.11, XSS before 2.12Josh Bressers22 Dec 2010
[oss-security] CVE Request -- D-BUS -- Stack frame overflow by validating message with excessive number of nested variantsJan Lieskovsky16 Dec 2010
Re: [oss-security] CVE Request -- D-BUS -- Stack frame overflow by validating message with excessive number of nested variantsJosh Bressers16 Dec 2010
--> Re: Re: [oss-security] CVE Request -- D-BUS -- Stack frame overflow by validating message with excessive number of nested variantsJan Lieskovsky21 Dec 2010
[oss-security] CVE request: MantisBT <=1.2.3 (db_type) Local File Inclusion VulnerabilityDavid Hicks15 Dec 2010
Re: [oss-security] CVE request: MantisBT <=1.2.3 (db_type) Local File Inclusion VulnerabilityJosh Bressers16 Dec 2010
[oss-security] CVE request: MantisBT <=1.2.3 (db_type) Cross-Site Scripting & Path Disclosure VulnerabilityDavid Hicks15 Dec 2010
Re: [oss-security] CVE request: MantisBT <=1.2.3 (db_type) Cross-Site Scripting & Path Disclosure VulnerabilityJosh Bressers16 Dec 2010
[oss-security] CVE Request: local privilege escalation via /sys/kernel/debug/acpi/custom_methodMarcus Meissner15 Dec 2010
Re: [oss-security] CVE Request: local privilege escalation via /sys/kernel/debug/acpi/custom_methodEugene Teo15 Dec 2010
[oss-security] Breaking the links: Exploiting the linkerTim Brown15 Dec 2010
Re: [oss-security] Breaking the links: Exploiting the linkerTomas Hoger15 Dec 2010
--> Re: [oss-security] Breaking the links: Exploiting the linkerJustin Ossevoort15 Dec 2010
--> Re: [oss-security] Breaking the links: Exploiting the linkerTim Brown16 Dec 2010
[oss-security] Re: Breaking the links: Exploiting the linkerRalf Wildenhues16 Dec 2010
--> Re: [oss-security] Re: Breaking the links: Exploiting the linkerTim Brown16 Dec 2010
[oss-security] Re: Breaking the links: Exploiting the linkerJamie Nguyen22 Dec 2010
--> Re: [oss-security] Re: Breaking the links: Exploiting the linkerTim Brown22 Dec 2010
--> [oss-security] Re: Breaking the links: Exploiting the linkerJamie Nguyen22 Dec 2010
[oss-security] Issues without CVE names in PHP 5.3.4/5.2.15 releaseVincent Danen13 Dec 2010
Re: [oss-security] Issues without CVE names in PHP 5.3.4/5.2.15 releasePierre Joye13 Dec 2010
--> Re: [oss-security] Issues without CVE names in PHP 5.3.4/5.2.15 releaseVincent Danen13 Dec 2010
--> Re: [oss-security] Issues without CVE names in PHP 5.3.4/5.2.15 releasePierre Joye13 Dec 2010
--> [oss-security] Re: Issues without CVE names in PHP 5.3.4/5.2.15 releaseRaphael Geissert13 Dec 2010
[oss-security] Exim security issue in historical releasenigel_at_nospam13 Dec 2010
[oss-security] Re: Clarifications on the D-Bus specificationRmi Denis-Courmont11 Dec 2010
[oss-security] Re: Clarifications on the D-Bus specificationHavoc Pennington13 Dec 2010
[oss-security] Subject: [oss-security] CVE request: kernel: install_special_mapping skips security_file_mmap checkPetr Matousek10 Dec 2010
Re: [oss-security] Subject: [oss-security] CVE request: kernel: install_special_mapping skips security_file_mmap checkJosh Bressers10 Dec 2010
[oss-security] Exim remote rootMark J Cox10 Dec 2010
[oss-security] [taviso@cmpxchg8b.com: [PATCH] install_special_mapping skips security_file_mmap check.]Tavis Ormandy09 Dec 2010
Re: [oss-security] [taviso@cmpxchg8b.com: [PATCH] install_special_mapping skips security_file_mmap check.]Solar Designer09 Dec 2010
Re: [oss-security] Re: NULL byte poisoning fix in php 5.3.4+Pierre Joye09 Dec 2010
Re: [oss-security] Re: NULL byte poisoning fix in php 5.3.4+Pierre Joye09 Dec 2010
Re: [oss-security] Re: NULL byte poisoning fix in php 5.3.4+Steven M. Christey09 Dec 2010
--> Re: [oss-security] Re: NULL byte poisoning fix in php 5.3.4+Pierre Joye09 Dec 2010
--> Re: [oss-security] Re: NULL byte poisoning fix in php 5.3.4+Steven M. Christey09 Dec 2010
[oss-security] CVE request: kernel: NULL pointer dereference in AF_ECONETNelson Elhage09 Dec 2010
Re: [oss-security] CVE request: kernel: NULL pointer dereference in AF_ECONETEugene Teo09 Dec 2010
[oss-security] CVE request: kernel: bfa driver sysfs crashEugene Teo08 Dec 2010
Re: [oss-security] CVE request: kernel: bfa driver sysfs crashJosh Bressers09 Dec 2010
[oss-security] CVE request: libvirt when compiled with openvz support has a potential security holeVincent Danen08 Dec 2010
Re: [oss-security] CVE request: libvirt when compiled with openvz support has a potential security holeEugene Teo08 Dec 2010
--> Re: [oss-security] CVE request: libvirt when compiled with openvz support has a potential security holeVincent Danen08 Dec 2010
[oss-security] CVE requests: IO::Socket::SSL, cakephp, collectd, gnash, ocrodjvu, hypermail, libcloud, piwigoRaphael Geissert07 Dec 2010
Re: [oss-security] CVE requests: IO::Socket::SSL, cakephp, collectd, gnash, ocrodjvu, hypermail, libcloud, piwigoJosh Bressers07 Dec 2010
--> Re: [oss-security] CVE requests: IO::Socket::SSL, cakephp, collectd, gnash, ocrodjvu, hypermail, libcloud, piwigoLudwig Nussel09 Dec 2010
--> Re: [oss-security] CVE requests: IO::Socket::SSL, cakephp, collectd, gnash, ocrodjvu, hypermail, libcloud, piwigoSteven M. Christey09 Dec 2010
Re: [oss-security] Can I request a cve for pfsense regarding --> "pfSense "graph.php" Cross-Site Scripting Vulnerabilities"Steven M. Christey06 Dec 2010
[oss-security] CVE request (PHP 5.3.x getSymbol() DoS; CERT VU#479900)Vincent Danen06 Dec 2010
Re: [oss-security] CVE request (PHP 5.3.x getSymbol() DoS; CERT VU#479900)Steven M. Christey06 Dec 2010
--> Re: [oss-security] CVE request (PHP 5.3.x getSymbol() DoS; CERT VU#479900)Vincent Danen06 Dec 2010
Re: [oss-security] CVE request (PHP 5.3.x getSymbol() DoS; CERT VU#479900)Tomas Hoger07 Dec 2010
--> [oss-security] Re: CVE request (PHP 5.3.x getSymbol() DoS; CERT VU#479900)Maksymilian Arciemowicz07 Dec 2010
--> Re: [oss-security] Re: CVE request (PHP 5.3.x getSymbol() DoS; CERT VU#479900)Tomas Hoger08 Dec 2010
--> [oss-security] Re: CVE request (PHP 5.3.x getSymbol() DoS; CERT VU#479900)Maksymilian Arciemowicz08 Dec 2010
--> Re: [oss-security] Re: CVE request (PHP 5.3.x getSymbol() DoS; CERT VU#479900)Tomas Hoger08 Dec 2010
Re: [oss-security] CVE request (PHP 5.3.x getSymbol() DoS; CERT VU#479900)Pierre Joye08 Dec 2010
--> Re: [oss-security] CVE request (PHP 5.3.x getSymbol() DoS; CERT VU#479900)Tomas Hoger09 Dec 2010
[oss-security] CVE request: openx unknown vulnerability before 2.8.7Hanno Böck06 Dec 2010
Re: [oss-security] CVE request: openx unknown vulnerability before 2.8.7Anthon Pang06 Dec 2010
--> Re: [oss-security] CVE request: openx unknown vulnerability before 2.8.7Josh Bressers06 Dec 2010
[oss-security] CVE request: kernel: igb panics when receiving tag vlan packetEugene Teo06 Dec 2010
Re: [oss-security] CVE request: kernel: igb panics when receiving tag vlan packetJosh Bressers06 Dec 2010
Re: [oss-security] CVE request: mybb before 1.4.11 and before 1.4.12Hanno Böck06 Dec 2010
[oss-security] CVE request: vanilla forums before 2.0.10, xssHanno Böck06 Dec 2010
Re: [oss-security] CVE request: vanilla forums before 2.0.10, xssJosh Bressers06 Dec 2010
--> Re: [oss-security] CVE request: vanilla forums before 2.0.10, xssSteven M. Christey06 Dec 2010
--> Re: [oss-security] CVE request: vanilla forums before 2.0.10, xssJosh Bressers07 Dec 2010
RE: [oss-security] Interesting behavior with struct initiailizationRobert Seacord03 Dec 2010
Re: [oss-security] Interesting behavior with struct initiailizationGeoff Keating03 Dec 2010
--> [oss-security] Re: Interesting behavior with struct initiailizationBhadrinath05 Dec 2010
--> [oss-security] Re: Interesting behavior with struct initiailizationBhadrinath05 Dec 2010
--> Re: [oss-security] Re: Interesting behavior with struct initiailizationDan Rosenberg05 Dec 2010
--> [oss-security] Re: Interesting behavior with struct initiailizationBhadrinath05 Dec 2010
[oss-security] CVE Request -- Xfig: Stack-based buffer overflow by processing FIG image with crafted color definitionJan Lieskovsky03 Dec 2010
Re: [oss-security] CVE Request -- Xfig: Stack-based buffer overflow by processing FIG image with crafted color definitionJosh Bressers06 Dec 2010
[oss-security] clamav 0.96.5 releasedThomas Biege03 Dec 2010
Re: [oss-security] clamav 0.96.5 releasedHanno Böck03 Dec 2010
--> Re: [oss-security] clamav 0.96.5 releasedJosh Bressers03 Dec 2010
[oss-security] CVE Request -- FontForge: Stack-based buffer overflow by processing specially-crafted CHARSET_REGISTRY font file headerJan Lieskovsky02 Dec 2010
Re: [oss-security] CVE Request -- FontForge: Stack-based buffer overflow by processing specially-crafted CHARSET_REGISTRY font file headerJosh Bressers02 Dec 2010
[oss-security] kernel: Dangerous interaction between clear_child_tid, set_fs(), and kernel oopsesNelson Elhage02 Dec 2010
Re: [oss-security] kernel: Dangerous interaction between clear_child_tid, set_fs(), and kernel oopsesDan Rosenberg02 Dec 2010
Re: [oss-security] kernel: Dangerous interaction between clear_child_tid, set_fs(), and kernel oopsesSolar Designer08 Dec 2010
--> Re: [oss-security] kernel: Dangerous interaction between clear_child_tid, set_fs(), and kernel oopsesSolar Designer08 Dec 2010
--> Re: [oss-security] kernel: Dangerous interaction between clear_child_tid, set_fs(), and kernel oopsesNelson Elhage08 Dec 2010
--> Re: [oss-security] kernel: Dangerous interaction between clear_child_tid, set_fs(), and kernel oopsesSolar Designer09 Dec 2010
--> Re: [oss-security] kernel: Dangerous interaction between clear_child_tid, set_fs(), and kernel oopsesSolar Designer09 Dec 2010
[oss-security] CVE request: kernel: failure to revert address limit override in OOPS error pathDan Rosenberg02 Dec 2010
Re: [oss-security] CVE request: kernel: failure to revert address limit override in OOPS error pathJosh Bressers02 Dec 2010
[oss-security] CVE Request -- Wordpress v3.0.2 SQL injection flaw + two minor XSS issuesJan Lieskovsky02 Dec 2010
Re: [oss-security] CVE Request -- Wordpress v3.0.2 SQL injection flaw + two minor XSS issuesJosh Bressers02 Dec 2010
[oss-security] CVE Request -- perl-CGI two ids, perl-CGI-Simple one id (CVE-2010-3172 already assigned for Bugzilla part)Jan Lieskovsky01 Dec 2010
[oss-security] Re: CVE Request -- perl-CGI two ids, perl-CGI-Simple one id (CVE-2010-3172 already assigned for Bugzilla part)Mark Stosberg01 Dec 2010
--> [oss-security] Re: CVE Request -- perl-CGI two ids, perl-CGI-Simple one id (CVE-2010-3172 already assigned for Bugzilla part)Reed Loden01 Dec 2010
--> Re: [oss-security] Re: CVE Request -- perl-CGI two ids, perl-CGI-Simple one id (CVE-2010-3172 already assigned for Bugzilla part)Ludwig Nussel16 Dec 2010