oss-security February 2011 archive
Main Archive Page > Month Archives  > oss-security archives
oss-security: By Thread

oss-security By Thread

SubjectAuthor Date
[oss-security] CVE request: kernel: OOM-killer via argv expansionKees Cook28 Feb 2011
Re: [oss-security] CVE request: kernel: OOM-killer via argv expansionKees Cook28 Feb 2011
--> Re: [oss-security] CVE request: kernel: OOM-killer via argv expansionKees Cook28 Feb 2011
--> Re: [oss-security] CVE request: kernel: OOM-killer via argv expansionNelson Elhage01 Mar 2011
--> Re: [oss-security] CVE request: kernel: OOM-killer via argv expansionEugene Teo01 Mar 2011
[oss-security] CVE request: FreeBSD/OS X crontab information leakageDan Rosenberg28 Feb 2011
Re: [oss-security] CVE request: FreeBSD/OS X crontab information leakageJosh Bressers28 Feb 2011
[oss-security] CVE request: kernel: two bluetooth and one ebtables infoleaks/DoSesVasiliy Kulikov28 Feb 2011
[oss-security] CVE Request: PEAR Installer 1.9.1 <= - Symlink AttackHelgi Þormar Þorbjörnsson28 Feb 2011
Re: [oss-security] CVE Request: PEAR Installer 1.9.1 <= - Symlink AttackDan Rosenberg28 Feb 2011
Re: [oss-security] CVE Request: PEAR Installer 1.9.1 <= - Symlink AttackJosh Bressers28 Feb 2011
[oss-security] cve request: eglibc memory corruptionMichael Gilbert26 Feb 2011
Re: [oss-security] cve request: eglibc memory corruptionJosh Bressers28 Feb 2011
--> Re: [oss-security] cve request: eglibc memory corruptionMichael Gilbert28 Feb 2011
[oss-security] CVE request: v86d: Failure to validate netlink message senderNelson Elhage26 Feb 2011
Re: [oss-security] CVE request: v86d: Failure to validate netlink message senderJosh Bressers28 Feb 2011
[oss-security] CVE Request: PHPShop 0.8.1 <= | Cross Site Scripting VulnerabilityYGN Ethical Hacker Group25 Feb 2011
Re: [oss-security] CVE Request: PHPShop 0.8.1 <= | Cross Site Scripting VulnerabilityJosh Bressers28 Feb 2011
[oss-security] CVE request: libcgroup: Failure to verify netlink messagesNelson Elhage25 Feb 2011
Re: [oss-security] CVE request: libcgroup: Failure to verify netlink messagesEugene Teo25 Feb 2011
--> Re: [oss-security] CVE request: libcgroup: Failure to verify netlink messagesSteve Grubb25 Feb 2011
--> Re: [oss-security] CVE request: libcgroup: Failure to verify netlink messagesNelson Elhage25 Feb 2011
--> Re: [oss-security] CVE request: libcgroup: Failure to verify netlink messagesSteve Grubb25 Feb 2011
[oss-security] CVE request: kernel: /sys/kernel/debug/acpi/custom_method can bypass module restrictionsKees Cook25 Feb 2011
Re: [oss-security] CVE request: kernel: /sys/kernel/debug/acpi/custom_method can bypass module restrictionsEugene Teo25 Feb 2011
Re: [oss-security] CVE request: kernel: /sys/kernel/debug/acpi/custom_method can bypass module restrictionsVasiliy Kulikov25 Feb 2011
--> Re: [oss-security] CVE request: kernel: /sys/kernel/debug/acpi/custom_method can bypass module restrictionsKees Cook26 Feb 2011
[oss-security] CVE request: kernel: /proc/$pid/ leaks contents across setuid execKees Cook24 Feb 2011
Re: [oss-security] CVE request: kernel: /proc/$pid/ leaks contents across setuid execEugene Teo25 Feb 2011
[oss-security] CVE request: kernel: CAP_SYS_MODULE bypass via CAP_NET_ADMINKees Cook24 Feb 2011
Re: [oss-security] CVE request: kernel: CAP_SYS_MODULE bypass via CAP_NET_ADMINEugene Teo25 Feb 2011
[oss-security] CVE Request -- Smarty -- {smarty.template} && {smarty.currentdir} security bypassJan Lieskovsky24 Feb 2011
Re: [oss-security] CVE Request -- Smarty -- {smarty.template} && {smarty.currentdir} security bypassJosh Bressers28 Feb 2011
[oss-security] CVE Request -- logwatch: Privilege escalation due improper sanitization of special characters in log file namesJan Lieskovsky24 Feb 2011
Re: [oss-security] CVE Request -- logwatch: Privilege escalation due improper sanitization of special characters in log file namesJosh Bressers24 Feb 2011
[oss-security] CVE Request -- OpenLDAP -- two issuesJan Lieskovsky24 Feb 2011
Re: [oss-security] CVE Request -- OpenLDAP -- two issuesJosh Bressers25 Feb 2011
--> Re: [oss-security] CVE Request -- OpenLDAP -- two issuesThomas Biege28 Feb 2011
--> Re: [oss-security] CVE Request -- OpenLDAP -- two issuesVincent Danen28 Feb 2011
[oss-security] XSSer v1.5 -beta- aka "Swarm Edition!" released.psy24 Feb 2011
[oss-security] CVE request: kernel: drm/radeon/kms: check AA resolve registers on r300Eugene Teo24 Feb 2011
Re: [oss-security] CVE request: kernel: drm/radeon/kms: check AA resolve registers on r300Josh Bressers24 Feb 2011
Re: [oss-security] CVE request: kernel: drm/radeon/kms: check AA resolve registers on r300Eugene Teo25 Feb 2011
[oss-security] Pattern lock bypass on SE X10 with Android 1.6Tim Brown23 Feb 2011
Re: [oss-security] Pattern lock bypass on SE X10 with Android 1.6Josh Bressers24 Feb 2011
[oss-security] CVE request: Information disclosure in CGIHTTPServer from PythonMoritz Muehlenhoff23 Feb 2011
Re: [oss-security] CVE request: Information disclosure in CGIHTTPServer from PythonJosh Bressers24 Feb 2011
[oss-security] CVE request: pmwiki before 2.2.21Hanno Böck23 Feb 2011
Re: [oss-security] CVE request: pmwiki before 2.2.21Josh Bressers23 Feb 2011
[oss-security] CVE request: kernel: fs/partitions: Kernel heap overflow via corrupted LDM partition tablesTimo Warns23 Feb 2011
Re: [oss-security] CVE request: kernel: fs/partitions: Kernel heap overflow via corrupted LDM partition tablesJosh Bressers23 Feb 2011
--> Re: [oss-security] CVE request: kernel: fs/partitions: Kernel heap overflow via corrupted LDM partition tablesEugene Teo24 Feb 2011
--> Re: [oss-security] CVE request: kernel: fs/partitions: Kernel heap overflow via corrupted LDM partition tablesJon Oberheide24 Feb 2011
--> Re: [oss-security] CVE request: kernel: fs/partitions: Kernel heap overflow via corrupted LDM partition tablesJosh Bressers24 Feb 2011
[oss-security] Physical access vulnerabilities and auto-mountingDan Rosenberg23 Feb 2011
Re: [oss-security] Physical access vulnerabilities and auto-mountingEugene Teo23 Feb 2011
--> Re: [oss-security] Physical access vulnerabilities and auto-mountingEugene Teo23 Feb 2011
--> Re: [oss-security] Physical access vulnerabilities and auto-mountingSteve Grubb23 Feb 2011
--> Re: [oss-security] Physical access vulnerabilities and auto-mountingTimo Warns23 Feb 2011
--> Re: [oss-security] Physical access vulnerabilities and auto-mountingSteven M. Christey23 Feb 2011
Re: [oss-security] Physical access vulnerabilities and auto-mountingNelson Elhage23 Feb 2011
--> Re: [oss-security] Physical access vulnerabilities and auto-mountingSolar Designer23 Feb 2011
--> Re: [oss-security] Physical access vulnerabilities and auto-mountingMichael Tokarev23 Feb 2011
Re: [oss-security] Physical access vulnerabilities and auto-mountingSebastian Krahmer23 Feb 2011
--> Re: [oss-security] Physical access vulnerabilities and auto-mountingVincent Danen23 Feb 2011
Re: [oss-security] Physical access vulnerabilities and auto-mountingHanno Böck23 Feb 2011
[oss-security] CVE request: kernel: Corrupted LDM partition table issuesEugene Teo23 Feb 2011
Re: [oss-security] CVE request: kernel: Corrupted LDM partition table issuesJosh Bressers23 Feb 2011
[oss-security] CVE RequestKurt Seifried23 Feb 2011
Re: [oss-security] CVE RequestEugene Teo23 Feb 2011
[oss-security] CVE request: simple machines forum before 1.1.13Hanno Böck22 Feb 2011
Re: [oss-security] CVE request: simple machines forum before 1.1.13Josh Bressers23 Feb 2011
[oss-security] CVE Request: Vanilla Forums 2.0.17.1 ~ 2.0.17.5 <= Cross Site Scripting VulnerabilityYGN Ethical Hacker Group22 Feb 2011
Re: [oss-security] CVE Request: Vanilla Forums 2.0.17.1 ~ 2.0.17.5 <= Cross Site Scripting VulnerabilityJosh Bressers22 Feb 2011
[oss-security] gdm PostLogin script executes scripts as user gdmThomas Biege22 Feb 2011
Re: [oss-security] gdm PostLogin script executes scripts as user gdmJosh Bressers22 Feb 2011
--> Re: [oss-security] gdm PostLogin script executes scripts as user gdmThomas Biege23 Feb 2011
[oss-security] CVE Request -- rt3 -- two issues: 1) Improper management of form data resubmittion upon user log out 2) SQL queries information leak by user account transitionJan Lieskovsky22 Feb 2011
Re: [oss-security] CVE Request -- rt3 -- two issues: 1) Improper management of form data resubmittion upon user log out 2) SQL queries information leak by user account transitionJosh Bressers22 Feb 2011
[oss-security] Re: CVE Request -- rt3 -- two issues: 1) Improper management of form data resubmittion upon user log out 2) SQL queries information leak by user account transitionThomas Sibley22 Feb 2011
--> Re: [oss-security] Re: CVE Request -- rt3 -- two issues: 1) Improper management of form data resubmittion upon user log out 2) SQL queries information leak by user account transitionJosh Bressers23 Feb 2011
--> Re: [oss-security] Re: CVE Request -- rt3 -- two issues: 1) Improper management of form data resubmittion upon user log out 2) SQL queries information leak by user account transitionVincent Danen24 Feb 2011
--> Re: [oss-security] Re: CVE Request -- rt3 -- two issues: 1) Improper management of form data resubmittion upon user log out 2) SQL queries information leak by user account transitionRalf Corsepius24 Feb 2011
--> Re: [oss-security] Re: CVE Request -- rt3 -- two issues: 1) Improper management of form data resubmittion upon user log out 2) SQL queries information leak by user account transitionVincent Danen24 Feb 2011
[oss-security] CVE request: kernel: a collection of world-writable debugfs bugsEugene Teo22 Feb 2011
Re: [oss-security] CVE request: kernel: a collection of world-writable debugfs bugsJosh Bressers22 Feb 2011
--> Re: [oss-security] CVE request: kernel: a collection of world-writable debugfs bugsEugene Teo23 Feb 2011
--> Re: [oss-security] CVE request: kernel: a collection of world-writable debugfs bugsVasiliy Kulikov23 Feb 2011
--> Re: [oss-security] CVE request: kernel: a collection of world-writable debugfs bugsJosh Bressers23 Feb 2011
[oss-security] CVE request: kernel: fs/partitions: validate map_count in mac partition tablesEugene Teo22 Feb 2011
Re: [oss-security] CVE request: kernel: fs/partitions: validate map_count in mac partition tablesJosh Bressers22 Feb 2011
--> Re: [oss-security] CVE request: kernel: fs/partitions: validate map_count in mac partition tablesGreg KH22 Feb 2011
--> Re: [oss-security] CVE request: kernel: fs/partitions: validate map_count in mac partition tablesJosh Bressers22 Feb 2011
[oss-security] CVE-2011-0436: dtc sends password of new users to site admin by unencrypted emailRaphael Geissert22 Feb 2011
[oss-security] CVE requests: freebsd kernel/tesseract/xinha/proftpdMoritz Muehlenhoff21 Feb 2011
Re: [oss-security] CVE requests: freebsd kernel/tesseract/xinha/proftpdJosh Bressers23 Feb 2011
[oss-security] CVE request: ruby: FileUtils is vulnerable to symlink race attacks + Exception methods can bypass $SAFEThomas Biege21 Feb 2011
Re: [oss-security] CVE request: ruby: FileUtils is vulnerable to symlink race attacks + Exception methods can bypass $SAFEJosh Bressers21 Feb 2011
[oss-security] clamav 0.97Hanno Böck21 Feb 2011
Re: [oss-security] clamav 0.97Josh Bressers21 Feb 2011
[oss-security] Re: CVE request: More Evince overflowsRaphael Geissert18 Feb 2011
Re: [oss-security] CVE request: patch directory traversal flawVasiliy Kulikov18 Feb 2011
[oss-security] CVE request: avahi daemon remote denial of service by sending NULL UDPThomas Biege18 Feb 2011
Re: [oss-security] CVE request: avahi daemon remote denial of service by sending NULL UDPJosh Bressers18 Feb 2011
--> Re: [oss-security] CVE request: avahi daemon remote denial of service by sending NULL UDPSteven M. Christey22 Feb 2011
[oss-security] CVE id request: telepathy-gabbleNico Golde17 Feb 2011
Re: [oss-security] CVE id request: telepathy-gabbleJosh Bressers17 Feb 2011
[oss-security] CVE request - kernel: thp: prevent hugepages during args/env copying into the user stackEugene Teo17 Feb 2011
Re: [oss-security] CVE request - kernel: thp: prevent hugepages during args/env copying into the user stackJosh Bressers17 Feb 2011
[oss-security] CVE request -- kernel: deficiency in processing igmp host membership reports in br_multicastPetr Matousek17 Feb 2011
Re: [oss-security] CVE request -- kernel: deficiency in processing igmp host membership reports in br_multicastEugene Teo17 Feb 2011
[oss-security] wireshark dct3trace buffer overflowHuzaifa Sidhpurwala16 Feb 2011
[oss-security] kernel: ALSA: caiaq - Fix possible string-buffer overflowEugene Teo16 Feb 2011
Re: [oss-security] kernel: ALSA: caiaq - Fix possible string-buffer overflowJosh Bressers16 Feb 2011
--> Re: [oss-security] kernel: ALSA: caiaq - Fix possible string-buffer overflowEugene Teo16 Feb 2011
[oss-security] CVE request - kernel: xfs infoleakEugene Teo16 Feb 2011
Re: [oss-security] CVE request - kernel: xfs infoleakJosh Bressers16 Feb 2011
[oss-security] CVE request - kernel: s390 task_show_regs infoleakEugene Teo16 Feb 2011
Re: [oss-security] CVE request - kernel: s390 task_show_regs infoleakJosh Bressers16 Feb 2011
[oss-security] CVE request - kernel: bridge br_multicast NULL pointer dereferenceEugene Teo16 Feb 2011
Re: [oss-security] CVE request - kernel: bridge br_multicast NULL pointer dereferenceJosh Bressers16 Feb 2011
--> Re: [oss-security] CVE request - kernel: bridge br_multicast NULL pointer dereferenceMoritz Muehlenhoff16 Feb 2011
[oss-security] PHP Exif 64bit Casting Vulnerability, CVE requestPierre Joye14 Feb 2011
[oss-security] Re: PHP Exif 64bit Casting Vulnerability, CVE requestPierre Joye16 Feb 2011
--> Re: [oss-security] Re: PHP Exif 64bit Casting Vulnerability, CVE requestHuzaifa Sidhpurwala16 Feb 2011
--> Re: [oss-security] Re: PHP Exif 64bit Casting Vulnerability, CVE requestPierre Joye16 Feb 2011
[oss-security] CVE request: aircrack-ngMarc Deslauriers14 Feb 2011
Re: [oss-security] CVE request: aircrack-ngNico Golde15 Feb 2011
[oss-security] [HITB-Announce] HITB Magazine Issue 005 ReleasedHafez Kamal09 Feb 2011
[oss-security] Django multiple flaws (CVEs inside)Josh Bressers09 Feb 2011
Re: [oss-security] CVE assignments for WiresharkJosh Bressers09 Feb 2011
[oss-security] CVE request: kernel: btrfs heap overflowDan Rosenberg09 Feb 2011
Re: [oss-security] CVE request: kernel: btrfs heap overflowEugene Teo09 Feb 2011
--> Re: [oss-security] CVE request: kernel: btrfs heap overflowDan Rosenberg09 Feb 2011
--> Re: [oss-security] CVE request: kernel: btrfs heap overflowEugene Teo09 Feb 2011
--> Re: [oss-security] CVE request: kernel: btrfs heap overflowEugene Teo09 Feb 2011
--> Re: [oss-security] CVE request: kernel: btrfs heap overflowSteven M. Christey10 Feb 2011
--> Re: [oss-security] CVE request: kernel: btrfs heap overflowStéphane Gaudreault09 Feb 2011
--> Re: [oss-security] CVE request: kernel: btrfs heap overflowMoritz Muehlenhoff09 Feb 2011
--> Re: [oss-security] CVE request: kernel: btrfs heap overflowGreg KH09 Feb 2011
Re: [oss-security] CVE request: kernel: btrfs heap overflowEugene Teo22 Feb 2011
[oss-security] CVE request for fehStefan Behte09 Feb 2011
Re: [oss-security] CVE request for fehJosh Bressers09 Feb 2011
[oss-security] CVE request: wordpress before 3.0.5Hanno Böck08 Feb 2011
Re: [oss-security] CVE request: wordpress before 3.0.5Josh Bressers09 Feb 2011
[oss-security] CVE request: phpbb before 3.0.8Hanno Böck07 Feb 2011
Re: [oss-security] CVE request: phpbb before 3.0.8Josh Bressers08 Feb 2011
--> Re: [oss-security] CVE request: phpbb before 3.0.8Hanno Böck08 Feb 2011
[oss-security] Webkit DupesMichael Gilbert05 Feb 2011
Re: [oss-security] Webkit DupesSteven M. Christey17 Feb 2011
--> Re: [oss-security] Webkit DupesMichael Gilbert18 Feb 2011
[oss-security] Webkit RoundupMichael Gilbert05 Feb 2011
[oss-security] Re: [vendor-sec] OpenSSH security advisory: legacy certificate signing in 5.6/5.7Josh Bressers04 Feb 2011
[oss-security] Wireshark: Freeing uninitialized pointerHuzaifa Sidhpurwala04 Feb 2011
Re: [oss-security] CVE Request for phpMyAdmin 3.4.x, 3.4.0 beta 2 <= Stored Cross Site Scripting (XSS) VulnerabilitySteven M. Christey02 Feb 2011
Re: [oss-security] CVE Request for phpMyAdmin 3.4.x, 3.4.0 beta 2 <= Stored Cross Site Scripting (XSS) VulnerabilityYGN Ethical Hacker Group25 Feb 2011
[oss-security] CVE request: fuseMarc Deslauriers02 Feb 2011
Re: [oss-security] CVE request: fuseJosh Bressers03 Feb 2011
--> Re: [oss-security] CVE request: fuseMarc Deslauriers03 Feb 2011
--> Re: [oss-security] CVE request: fuseJosh Bressers08 Feb 2011
Re: [oss-security] CVE request: xpdfMichael Gilbert02 Feb 2011
Re: [oss-security] CVE request: xpdfThomas Biege08 Feb 2011
--> Re: [oss-security] CVE request: xpdfTomas Hoger08 Feb 2011
--> Re: [oss-security] CVE request: xpdfThomas Biege08 Feb 2011
[oss-security] CVE request: Server-side arbitrary script inclusion vulnerability in MediaWiki <=1.16.1Reed Loden01 Feb 2011
Re: [oss-security] CVE request: Server-side arbitrary script inclusion vulnerability in MediaWiki <=1.16.1Josh Bressers03 Feb 2011
[oss-security] CVE request: glibc CVE-2010-3847 fix regressionTomas Hoger01 Feb 2011
Re: [oss-security] CVE request: glibc CVE-2010-3847 fix regressionJosh Bressers03 Feb 2011
Re: [oss-security] possible flaw in widely used strtod.c implementationPierre Joye01 Feb 2011
[oss-security] CVE Request: Zikula CMS 1.2.4 <= Cross Site Request Forgery (CSRF) VulnerabilityYGN Ethical Hacker Group01 Feb 2011
Re: [oss-security] CVE Request: Zikula CMS 1.2.4 <= Cross Site Request Forgery (CSRF) VulnerabilityJosh Bressers03 Feb 2011