July 2017 Archives by thread

• Messages sorted by: [ subject ] [ author ] [ date ]
• More info on this list...

Starting: Sat Jul 1 06:46:13 UTC 2017
Ending: Mon Jul 31 20:53:40 UTC 2017
Messages: 135

• [Secure-testing-team] Bug#866711: mcollective: CVE-2017-2292: Remote code execution via YAML deserialization   Salvatore Bonaccorso
• [Secure-testing-team] Bug#866719: ntopng: CVE-2017-7459: HTTP Response Splitting   Salvatore Bonaccorso
• [Secure-testing-team] Bug#866721: ntopng: CVE-2017-7458   Salvatore Bonaccorso
• [Secure-testing-team] Bug#866722: ntopng: CVE-2017-7416   Salvatore Bonaccorso
• [Secure-testing-team] Bug#866769: keepassx fails to clear KDE clipboard history, leaving passwords visible   Henrik Størner
• [Secure-testing-team] Bug#866799: tor: CVE-2017-0377: TROVE-2017-006: Path selection issue   Salvatore Bonaccorso
• [Secure-testing-team] Bug#866818: libdbd-mysql-perl: CVE-2017-10788   Salvatore Bonaccorso
• [Secure-testing-team] Bug#866821: libdbd-mysql-perl: CVE-2017-10789   Salvatore Bonaccorso
• [Secure-testing-team] Bug#866860: mpg123: CVE-2017-10683   Salvatore Bonaccorso
• [Secure-testing-team] Bug#866890: CVE-2017-10791 CVE-2017-10792   Moritz Muehlenhoff
• [Secure-testing-team] Bug#866968: dwarfutils: CVE-2017-9998: SEGV libdwarf/dwarf_leb.c:291 in _dwarf_decode_s_leb128_chk   Salvatore Bonaccorso
• [Secure-testing-team] Bug#867032: jabberd2 allowing anyone to authenticate using SASL ANONYMOUS, even when the option is not enabled   Sergey Korobitsin
• [Secure-testing-team] Bug#867060: graphicsmagick: CVE-2017-10800: OOM in ReadMATImage()   Salvatore Bonaccorso
• [Secure-testing-team] Bug#867077: graphicsmagick: CVE-2017-10799: denial of service (OOM) can occur inReadDPXImage()   Salvatore Bonaccorso
• [Secure-testing-team] Bug#867085: graphicsmagick: CVE-2017-10794   Salvatore Bonaccorso
• [Secure-testing-team] Actif à céder - Société de securité et gardiennage   Jean-Michel Geslin
• [Secure-testing-team] Bug#867229: CVE-2017-0647   Moritz Muehlenhoff
• [Secure-testing-team] Bug#867367: imagemagick: CVE-2017-10928   Salvatore Bonaccorso
• [Secure-testing-team] Bug#867369: radare2: CVE-2017-10929   Salvatore Bonaccorso
• [Secure-testing-team] Bug#867398: libtasn1-6: CVE-2017-10790   Salvatore Bonaccorso
• [Secure-testing-team] Bug#867477: poppler: CVE-2017-9865 stack-based overflow leading to denial-of-service   Antoine Beaupre
• [Secure-testing-team] Bug#867492: xorg-server: CVE-2017-10971 CVE-2017-10972   Salvatore Bonaccorso
• [Secure-testing-team] Bug#867493: CVE-2016-2141   Moritz Muehlenhoff
• [Secure-testing-team] Bug#867495: CVE-2017-9840   Moritz Muehlenhoff
• [Secure-testing-team] Bug#867532: cacti: CVE-2017-10970: XSS vulnerability via link.php   Salvatore Bonaccorso
• [Secure-testing-team] Bug#867560: netfilter-persistent fails randomly during boot; restarting later works   David
• [Secure-testing-team] Bug#867598: irssi: CVE-2017-10965 CVE-2017-10966   Salvatore Bonaccorso
• [Secure-testing-team] Bug#867601: slim: should no longer run the Xorg server as root   Salvatore Bonaccorso
• [Secure-testing-team] Restaurant haut de gamma a céder - Paris 75016   Jean-Michel Geslin
• [Secure-testing-team] Bug#867618: sqlite3: CVE-2017-10989   Salvatore Bonaccorso
• [Secure-testing-team] Bug#867712: lucene-solr: CVE-2017-3163   Salvatore Bonaccorso
• [Secure-testing-team] Bug#867717: CVE-2017-11110   Moritz Muehlenhoff
• [Secure-testing-team] Bug#867718: CVE-2017-11108   Moritz Muehlenhoff
• [Secure-testing-team] Bug#867719: phpldapadmin: CVE-2017-11107   Salvatore Bonaccorso
• [Secure-testing-team] Bug#867720: CVE-2017-11109   Moritz Muehlenhoff
• [Secure-testing-team] Bug#867724: Multiple security issues   Moritz Muehlenhoff
• [Secure-testing-team] Bug#867725: CVE-2017-9869 CVE-2017-9870 CVE-2017-9871 CVE-2017-9872   Moritz Muehlenhoff
• [Secure-testing-team] Bug#867746: graphicsmagick: CVE-2017-11102   Salvatore Bonaccorso
• [Secure-testing-team] Bug#867747: rsyslog: /var/log/dmesg world-readable despite kernel.dmesg_restrict = 1   mv87
• [Secure-testing-team] Bug#867748: imagemagick: CVE-2017-10995   Salvatore Bonaccorso
• [Secure-testing-team] Bug#867751: qemu: CVE-2017-10806: usb-redirect: stack buffer overflow in debug logging   Salvatore Bonaccorso
• [Secure-testing-team] Bug#867778: imagemagick: CVE-2017-9500: assertion failed in ResetImageProfileIterator   Salvatore Bonaccorso
• [Secure-testing-team] Bug#867986: CVE-2016-10396   Moritz Muehlenhoff
• [Secure-testing-team] Bug#867988: CVE-2017-11111 CVE-2017-10686   Moritz Muehlenhoff
• [Secure-testing-team] Stop being fat, and start being healthy   test at tedasoip.com
• [Secure-testing-team] Bug#868080: CVE-2017-11163   Moritz Muehlenhoff
• [Secure-testing-team] Bug#868083: CVE-2017-7506   Moritz Muehlenhoff
• [Secure-testing-team] Bug#868109: nginx: CVE-2017-7529 Integer overflow in the range filter   Christos Trochalakis
• [Secure-testing-team] actif a céder - Société de bâtiment et travaux publics   Jean-Michel Geslin
• [Secure-testing-team] Bug#868162: July 11th Security release   Moritz Muehlenhoff
• [Secure-testing-team] Bug#868184: CVE-2017-11141 CVE-2017-11166 CVE-2017-11170 CVE-2017-11188   Moritz Muehlenhoff
• [Secure-testing-team] Bug#868185: CVE-2016-4383   Moritz Muehlenhoff
• [Secure-testing-team] Bug#868208: CVE-2017-11103: MitM attack, impersonation of the Kerberos client, know as Orpheus Lyre   Raphael Hertzog
• [Secure-testing-team] Learn how a university scientist made a legit discovery   qc at hanwoong.co.kr
• [Secure-testing-team] Bug#868466: php-cas: CVE-2017-1000071   Salvatore Bonaccorso
• [Secure-testing-team] Bug#868467: apache2: CVE-2017-9788   Salvatore Bonaccorso
• [Secure-testing-team] Bug#868469: imagemagick: Incomplete fix for CVE-2017-9144   Salvatore Bonaccorso
• [Secure-testing-team] Bug#868500: atril: CVE-2017-1000083   Salvatore Bonaccorso
• [Secure-testing-team] Bug#868508: fedmsg: CVE-2017-1000001   Salvatore Bonaccorso
• [Secure-testing-team] Bug#868513: tiff: CVE-2017-11335: tiff2pdf: heap based buffer write overflow   Salvatore Bonaccorso
• [Secure-testing-team] Bug#868572: ruby-mixlib-archive: CVE-2017-1000026   Salvatore Bonaccorso
• [Secure-testing-team] Bug#868577: CVE-2017-11341 CVE-2017-11342   Moritz Muehlenhoff
• [Secure-testing-team] Bug#868578: CVE-2017-11335 CVE-2017-11336 CVE-2017-11337 CVE-2017-11338 CVE-2017-11339 CVE-2017-11340   Moritz Muehlenhoff
• [Secure-testing-team] Bug#868580: cairo: CVE-2017-9814   Salvatore Bonaccorso
• [Secure-testing-team] Bug#868701: memcached: CVE-2017-9951: Heap-based buffer over-read in try_read_command function   Salvatore Bonaccorso
• [Secure-testing-team] Bug#868705: gnome-exe-thumbnailer: Thumbnail generation for MSI files executes arbitrary VBScript   Nils Dagsson Moskopp
• [Secure-testing-team] Bug#868730: rkhunter: /var/lib/rkhunter/tmp shouldn't be world-readable   Christoph Anton Mitterer
• [Secure-testing-team] Bug#868765: freeradius: New upstream version 3.0.15 fixing security critical bugs   Karsten Heymann
• [Secure-testing-team] Bug#868831: apport: CVE-2017-10708   Salvatore Bonaccorso
• [Secure-testing-team] restaurant à céder 75016   Jean-Michel Geslin
• [Secure-testing-team] Bug#868950: imagemagick: CVE-2017-11446   Salvatore Bonaccorso
• [Secure-testing-team] Bug#868956: libmspack: CVE-2017-11423   Salvatore Bonaccorso
• [Secure-testing-team] Bug#868988: phamm: CVE-2017-0378 reflected XSS in phamm   John Lightsey
• [Secure-testing-team] Bug#869129: librsvg: CVE-2017-11464   Salvatore Bonaccorso
• [Secure-testing-team] Bug#869171: slirp: out-of-bounds read while parsing dhcp options   Guido Günther
• [Secure-testing-team] Bug#869173: exec: oob access during dma operation   Guido Günther
• [Secure-testing-team] Bug#869220: agrep crash caused by double free   Stefan Weil
• [Secure-testing-team] Bug#869242: CVE-2017-11468   Moritz Muehlenhoff
• [Secure-testing-team] Bug#869260: CVE-2017-11368   Moritz Muehlenhoff
• [Secure-testing-team] Bug#869261: CVE-2017-7537   Moritz Muehlenhoff
• [Secure-testing-team] Bug#869263: libgd2: CVE-2017-7890: Buffer over-read into uninitialized memory   Salvatore Bonaccorso
• [Secure-testing-team] Bug#869404: resiprocate: CVE-2017-11521: Adding too many media connections may lead to memory exhaustion   Salvatore Bonaccorso
• [Secure-testing-team] Bug#869423: radare2: CVE-2017-9763   Salvatore Bonaccorso
• [Secure-testing-team] Bug#869426: radare2: CVE-2017-9762   Salvatore Bonaccorso
• [Secure-testing-team] Bug#869428: radare2: CVE-2017-9761   Salvatore Bonaccorso
• [Secure-testing-team] “Hasta 15.000 Pesos de descuento para tu 0km”   consultas en el formulario (no responder)
• [Secure-testing-team] Bug#869614: fontforge: CVE-2017-11568 CVE-2017-11569 CVE-2017-11570 CVE-2017-11571 CVE-2017-11572 CVE-2017-11573 CVE-2017-11574 CVE-2017-11575 CVE-2017-11576 CVE-2017-11577   Salvatore Bonaccorso
• [Secure-testing-team] Bug#869633: CVE-2015-5191   Moritz Muehlenhoff
• [Secure-testing-team] Bug#869639: firmware-brcm80211: BroadPwn vulnerability CVE-2017-8386   Mark Robinson
• [Secure-testing-team] Bug#869702: rbenv: CVE-2017-1000047   Salvatore Bonaccorso
• [Secure-testing-team] Bug#869706: qemu: CVE-2017-10911   Salvatore Bonaccorso
• [Secure-testing-team] Bug#869708: jbigkit: CVE-2017-9937   Salvatore Bonaccorso
• [Secure-testing-team] Bug#869803: sipcrack: CVE-2017-11654 CVE-2017-11655   Salvatore Bonaccorso
• [Secure-testing-team] Bug#869823: tiff: CVE-2017-11613   Salvatore Bonaccorso
• [Secure-testing-team] Bug#869848: cacti: Cross-site scripting vulnerability in auth_profile.php   Salvatore Bonaccorso
• [Secure-testing-team] Nueva Estrategia Digital   El que cree crea y Codigoe Marketing
• [Secure-testing-team] Bug#869879: ghostscript: CVE-2017-9610 CVE-2017-9618 CVE-2017-9619 CVE-2017-9620 CVE-2017-9740   Salvatore Bonaccorso
• [Secure-testing-team] Bug#869880: CVE-2017-2834 CVE-2017-2835 CVE-2017-2836 CVE-2017-2837 CVE-2017-2838 CVE-2017-2839   Moritz Muehlenhoff
• [Secure-testing-team] Bug#869907: ghostscript: CVE-2017-9835: heap-buffer-overflow in gs_alloc_ref_array(ialloc.c)   Salvatore Bonaccorso
• [Secure-testing-team] Bug#869910: ghostscript: CVE-2017-9739: heap-buffer-overflow in Ins_JMPR   Salvatore Bonaccorso
• [Secure-testing-team] Bug#869912: zookeeper: JMX opened for remote hosts   Christoph Anton Mitterer
• [Secure-testing-team] Bug#869913: ghostscript: CVE-2017-9727: heap-buffer-overflow in gx_ttfReader__Read(base/gxttfb.c)   Salvatore Bonaccorso
• [Secure-testing-team] Bug#869915: ghostscript: CVE-2017-9726: heap-use-after-free in Ins_MDRP(base/ttinterp.c)   Salvatore Bonaccorso
• [Secure-testing-team] Bug#869916: ghostscript: CVE-2017-9612: heap-use-after-free in Ins_IP(base/ttinterp.c)   Salvatore Bonaccorso
• [Secure-testing-team] Bug#869917: ghostscript: CVE-2017-9611: heap-buffer-overflow in Ins_MIRP(base/ttinterp.c)   Salvatore Bonaccorso
• [Secure-testing-team] Bug#869922: policykit-1: members of group sudo become root with pkexec while ignoring /etc/sudoers   mviereck
• [Secure-testing-team] Bug#869927: libjpeg-turbo: CVE-2017-9614: invalid memory access in the fill_input_buffer function   Salvatore Bonaccorso
• [Secure-testing-team] Bug#869977: ghostscript: CVE-2017-11714: Out of bounds read in igc_reloc_struct_ptr()   Salvatore Bonaccorso
• [Secure-testing-team] ⇧ CELULAS MADRES ALOPECIA - JULIO 25% OFF + 1 MES GRATIS   consultas en el formulario (no responder)
• [Secure-testing-team] Terrazas al Delta - Torre y Delta Vista Desde un Drone   Terrazas al Delta
• [Secure-testing-team] Bug#870149: CVE-2017-11636, CVE-2017-11637, CVE-2017-11638, CVE-2017-11641, CVE-2017-11642, CVE-2017-11643, CVE-2017-11722   Markus Koschany
• [Secure-testing-team] Bug#870170: wolfssl: CVE-2017-8855   Salvatore Bonaccorso
• [Secure-testing-team] Bug#870172: wireshark: CVE-2017-11406 CVE-2017-11407 CVE-2017-11408   Salvatore Bonaccorso
• [Secure-testing-team] Bug#870173: wireshark: CVE-2017-9616: Over deep mp4 chunks may cause stack Exhausted   Salvatore Bonaccorso
• [Secure-testing-team] Bug#870174: wireshark: CVE-2017-9617: DAAP dissector dissect_daap_one_tag recursion stack exhausted   Salvatore Bonaccorso
• [Secure-testing-team] Bug#870175: wireshark: CVE-2017-9766: Malformed DCERPC PNIO packet decode, exception handler invalid pointer reference   Salvatore Bonaccorso
• [Secure-testing-team] Bug#870179: wireshark: CVE-2017-11411   Salvatore Bonaccorso
• [Secure-testing-team] Bug#870180: wireshark: CVE-2017-11410   Salvatore Bonaccorso
• [Secure-testing-team] Bug#870182: libsass: CVE-2017-11554 CVE-2017-11555 CVE-2017-11556   Salvatore Bonaccorso
• [Secure-testing-team] Bug#870183: libgxps: CVE-2017-11590   Salvatore Bonaccorso
• [Secure-testing-team] Bug#870184: libsass: CVE-2017-11605   Salvatore Bonaccorso
• [Secure-testing-team] Bug#870186: libsass: CVE-2017-11608   Salvatore Bonaccorso
• [Secure-testing-team] Bug#870187: supervisor: CVE-2017-11610: Command injection via malicious XML-RPC request   Salvatore Bonaccorso
• [Secure-testing-team] Bug#870188: CVE-2017-11610   Markus Koschany
• [Secure-testing-team] Bug#870192: libytnef: CVE-2017-9474: heap-based buffer overflow in DecompressRTF   Salvatore Bonaccorso
• [Secure-testing-team] Bug#870193: libytnef: CVE-2017-9472: heap-based buffer overflow in SwapDWord   Salvatore Bonaccorso
• [Secure-testing-team] Bug#870194: libytnef: CVE-2017-9471: heap-based-buffer overflow in SwapWord   Salvatore Bonaccorso
• [Secure-testing-team] Bug#870196: libytnef: CVE-2017-9470: NULL pointer dereference in MAPIPrint   Salvatore Bonaccorso
• [Secure-testing-team] Bug#870197: libytnef: CVE-2017-9473: memory allocation failure in TNEFFillMapi   Salvatore Bonaccorso
• [Secure-testing-team] Bug#870233: smplayer: executes javascript code downloaded from insecure URL   Jonas Smedegaard
• [Secure-testing-team] Bug#870243: cacti: Followup fix to CVE-2017-11691   Salvatore Bonaccorso
• [Secure-testing-team] Bug#870264: cairo: CVE-2017-7475: NULL pointer dereference with a crafted font file   Salvatore Bonaccorso
• [Secure-testing-team] Bug#870266: chicken: CVE-2017-11343   Salvatore Bonaccorso
• [Secure-testing-team] Bug#870271: zookeeper: insecure permissions of /var/lib/zookeeper   Christoph Anton Mitterer
• [Secure-testing-team] Bug#870307: tinyproxy: CVE-2017-11747: Creating PID file after privileges dropping allows local DoS   Salvatore Bonaccorso

Last message date: Mon Jul 31 20:53:40 UTC 2017
Archived on: Mon Jul 31 20:57:09 UTC 2017

• Messages sorted by: [ subject ] [ author ] [ date ]
• More info on this list...