Bugtraq
[Prev Page][Next Page]
- Multiple Cross Site Scripting (XSS) and SQL injection Vulnerabilities in XRMS, CVE-2008-3664
- FreeBSD Security Advisory FreeBSD-SA-08:09.icmp6
- From: FreeBSD Security Advisories
- Re: Has anyone implemented "double forward DNS"?
- FreeBSD Security Advisory FreeBSD-SA-08:07.amd64
- From: FreeBSD Security Advisories
- Re: Has anyone implemented "double forward DNS"?
- Re: Has anyone implemented "double forward DNS"?
- Re: Has anyone implemented "double forward DNS"?
- Re: In search of examples of malicious source code
- [ MDVSA-2008:185 ] python-django
- [ MDVSA-2008:184 ] libtiff
- FreeBSD Security Advisory FreeBSD-SA-08:08.nmount
- From: FreeBSD Security Advisories
- RE: Google Chrome Automatic File Download
- Re: Has anyone implemented "double forward DNS"?
- TransLucid 1.75 (fckeditor) Remote Arbitrary File Upload
- Cisco Secure ACS Denial Of Service Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Cisco Secure ACS EAP Parsing Vulnerability
- Re: Google Chrome Automatic File Download
- RES: Google Chrome Automatic File Download
- Cisco Security Advisory: Remote Access VPN and SIP Vulnerabilities in Cisco PIX and Cisco ASA
- From: Cisco Systems Product Security Incident Response Team
- [Tool] Distack framework for attack detection and traffic analysis
- Google Chrome Browser (ver.0.2.149.27) Vulnerability
- Google Chrome Automatic File Download
- Secunia Research: Novell iPrint Client nipplib.dll "IppCreateServerRef()" Buffer Overflow
- RUXCON 2008 Final Call For Papers
- Has anyone implemented "double forward DNS"?
- Exploit
- T2´08 Challenge - Free Tickets Available
- In search of examples of malicious source code
- [ MDVSA-2008:183 ] opensc
- [Suspected Spam]New IETF I-D-: Security Assessment of the Internet Protocol version 4
- [USN-639-1] tiff vulnerability
- [Tool] sqlmap 0.6 released
- From: Bernardo Damele A. G.
- CS-Cart <= 1.3.5 SQL Injection
- From: GulfTech Security Research
- [ MDVSA-2008:182 ] wordnet
- [AJECT] Softalk IMAP Server 8.5.1 DoS vulnerability
- Postfix Linux-only local denial of service
- ToorCon X Lineup & Training Seminars Posted & Pre-Registration Ending
- [security bulletin] HPSBMA02362 SSRT080044, SSRT080045 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Denial of Service (DoS)
- HPSBUX02354 SSRT080113 rev.1 - HP-UX Running Netscape / Red Hat Directory Server, Remote Cross Site Scripting (XSS) or Remote Denial of Service (DoS)
- [SECURITY] [DSA 1634-1] New wordnet packages fix arbitrary code execution
- [SECURITY] [DSA 1633-1] New slash packages fix multiple vulnerabilities
- [oCERT-2008-014] WordNet stack and heap overflows
- PoCfix (PoC for Postfix local root vuln - CVE-2008-2936)
- From: Roman Medina-Heigl Hernandez
- rPSA-2008-0264-1 ruby
- From: rPath Update Announcements
- Multiple Cross Site Scripting (XSS) Vulnerabilities in vtigerCRM 5.0.4, CVE-2008-3101
- [SECURITY] [DSA 1627-2] New opensc package fix incomplete check
- Plesk 8.6.0 authentication flaw allows to gain virtual user priviledges
- [SECURITY] [DSA-1597-2] New mt-daapd package fix regression
- Re: [Advisory] Invision Power Board <= 2.3.5 Multiple Vulnerabilities and Security Bypass
- VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.
- From: VMware Security team
- Re: [Exploit] Invision Power Board <= 2.3.5 Multiple Vulnerabilities
- [Exploit] Invision Power Board <= 2.3.5 Multiple Vulnerabilities
- [ MDVSA-2008:181 ] ipsec-tools
- [Advisory] Invision Power Board <= 2.3.5 Multiple Vulnerabilities and Security Bypass
- [scip_Advisory 3807] Dreambox DM500 webserver long URL request denial of service
- ZDI-08-054: Multiple Vendor libpurple MSN Protocol SLP Message Heap Overflow Vulnerability
- reviving the botnets@ mailing list: a new statregy in fighting cyber crime
- [security bulletin] HPSBUX02365 SSRT080118 rev.1 - HP-UX Running Apache, Remote Cross Site Scripting (XSS) or Denial of Service (DoS)
- [IVIZ-08-005] IBM Lenovo BIOS Plain Text Password Disclosure
- From: iViZ Security Advisories
- [IVIZ-08-002] Hewlett-Packard BIOS Plain Text Password Disclosure
- From: iViZ Security Advisories
- XSS and Data Manipulation attacks found in CMS PHPCart.
- [IVIZ-08-004] Intel BIOS Plain Text Password Disclosure
- From: iViZ Security Advisories
- [IVIZ-08-003] TrueCrypt Security Model bypass exploiting wrong BIOS API usage
- From: iViZ Security Advisories
- [USN-638-1] Yelp vulnerability
- [IVIZ-08-007] DriveCrypt Security Model bypass exploiting wrong BIOS API usage
- From: iViZ Security Advisories
- [IVIZ-08-008] LILO Security Model bypass exploiting wrong BIOS API usage
- From: iViZ Security Advisories
- [security bulletin] HPSBMA02363 SSRT080106 rev.1 - HP Enterprise Discovery Running on Windows, Remote Authorized User, Gain Extended Privileges
- [ MDVSA-2008:180-1 ] libxml2
- PacSec 2008 CFP (Deadline Sept. 1, Conference Nov. 12/13) and BA-Con 2008 Speakers (Sept .30/ Oct. 1)
- White Wolf Labs #080826-1: Kyocera Mita Scanner File Utility (Multiple)
- [SECURITY] [DSA 1631-1] New libxml2 packages fix denial of service
- Multiple Vulnerabilities in AWStats Totals
- Hopeless comments regarding the pointless "HP System Management Homepage (SMH) Unspecified XSS"
- [SECURITY] [DSA 1632-1] New tiff packages fix arbitrary code execution
- ZoneMinder Multiple Vulnerabilities
- Mini-NUKE v2.3 Freehost (tr) Multiple Remote SQL Injection Vulnerabilities
- ToorCon X CFP Closing and Workshops and Seminars discounted until Friday!
- [IVIZ-08-006] DiskCryptor Security Model bypass exploiting wrong BIOS API usage
- From: iViZ Security Advisories
- [IVIZ-08-009] Grub Legacy Security Model bypass exploiting wrong BIOS API usage
- From: iViZ Security Advisories
- Crafty Syntax Live Help <= 2.14.6 SQL Injection
- From: GulfTech Security Research
- SECOBJADV-2008-03.2: PartyGaming PartyPoker Malicious Update Vulnerability
- From: Security Objectives Corporation
- [DSECRG-08-037] Multiple Local File Include Vulnerabilities in Pluck CMS 4.5.2
- From: Digital Security Research Group [DSecRG]
- Secunia Research: Novell iPrint Client ActiveX Control Multiple Buffer Overflows
- Secunia Research: Calendarix Basic Two SQL Injection Vulnerabilities
- [DSECRG-08-038] Multiple Local File Include Vulnerabilities in ezContents CMS 2.0.3
- From: Digital Security Research Group [DSecRG]
- RE: Arbitrary Code Execution in Commands: K, Control-], g]
- Secunia Research: Novell iPrint Client ActiveX Control "GetFileList()" Information Disclosure
- Re: TimeTrex Time and Attendance Cookie Theft
- OneNews Beta 2 Multiple Vulnerabilities
- Fedora confirms: Our servers were breached
- Secunia Research: Trend Micro Products Web Management Authentication Bypass
- Re: Fedora confirms: Our servers were breached
- [SECURITY] [DSA 1631-1] New libxml2 packages fix denial of service
- Re: RE: TimeTrex Time and Attendance Cookie Theft
- [oCERT-2008-008] multiple heap overflows in xine-lib
- Re: Null Byte Local file Inclusion in FAR - PHP Project version:1.0
- Apple OSX Leopard (10.5+), inadequate ACL insight can create vuln
- From: bgtrq . tryfixingit
- Contest: Best Advances for OpenVAS Network Vulnerability Tests
- Call For Papers - Hackers 2 Hackers Conference 5th Edition - Brazil
- [ MDVSA-2008:180 ] libxml2
- Vim: Arbitrary Code Execution in Commands: K, Control-], g]
- RE: TimeTrex Time and Attendance Cookie Theft
- [ MDVSA-2008:179 ] metisse
- PR08-20: Bypassing ASP .NET "ValidateRequest" for Script Injection Attacks
- From: ProCheckUp Research
- TimeTrex Time and Attendance Cookie Theft
- [SECURITY] [DSA 1630-1] New Linux 2.6.18 packages fix several vulnerabilities
- Null Byte Local file Inclusion in FAR - PHP Project version:1.0
- UPDATE: [ GLSA 200804-22 ] PowerDNS Recursor: DNS Cache Poisoning
- [ MDVSA-2008:178 ] xine-lib
- [ MDVSA-2008:177 ] xine-lib
- rPSA-2008-0259-1 postfix
- From: rPath Update Announcements
- CORE-2008-0813 - vBulletin Cross Site Scripting Vulnerability
- From: CORE Security Technologies Advisories
- CORE-2008-0624: Anzio Web Print Object Buffer Overflow
- From: CORE Security Technologies Advisories
- IMF 2008 - Call for Participation
- [ MDVSA-2008:176 ] mtr
- [ MDVSA-2008:175 ] yelp
- [USN-636-1] Postfix vulnerability
- Folder Lock <= 5.9.5 Local Password Information Disclosure
- ToorCon 10 Call For Papers
- [ MDVSA-2008:174 ] kernel
- [ MDVSA-2008:173 ] kdegraphics
- [SECURITY] [DSA 1629-2] New postfix packages fix installability problem on i386
- SunShop <= 4.1.4 SQL Injection
- From: GulfTech Security Research
- Vanilla <= 1.1.4 Script Injection/ XSS
- From: GulfTech Security Research
- [security bulletin] HPSBST02360 SSRT080117 rev.2 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-041 to MS08-051
- [SECURITY] [DSA 1629-1] New postfix packages fix privilege escalation
- [security bulletin] HPSBMA02345 SSRT080039 rev.2 - HP System Management Homepage (SMH) for Linux and Windows, Remote Cross Site Scripting (XSS)
- Ovidentia 6.6.5 XSS (index.php)‏
- Tool: PorkBind v1.3 Nameserver Security Scanner (New Version)
- [DSECRG-08-036] Multiple Security Vulnerabilities in Freeway eCommerce 1.4.1.171
- From: Digital Security Research Group [DSecRG]
- NewsHOWLER 1.03 Beta Cookie Handling Via Sql injection
- Re: ManageEngine Firewall Analyzer arbitrary file disclosure to authorized user
- Nokia 6131 NFC URI/URL Spoofing and DoS Advisory
- PHP Live Helper <= 2.0.1 Multiple Vulnerabilities
- From: GulfTech Security Research
- [ MDVSA-2008:172 ] amarok
- [ MDVSA-2008:171 ] postfix
- FlexCMS <= 2.5 Cross Site Scripting Vulnerability
- Mambo 4.6.2 Full Version - Multiple Cross Site Scripting - By Khashayar Fereidani
- munky-bliki lfi
- Re: MicroWorld MailScan - Multiple Vulnerabilities within Admin-Webinterface
- Cisco Security Advisory: Vulnerability in Cisco WebEx Meeting Manager ActiveX Control
- From: Cisco Systems Product Security Incident Response Team
- [ GLSA 200808-12 ] Postfix: Local privilege escalation vulnerability
- rPSA-2008-0255-1 freetype
- From: rPath Update Announcements
- Security Assessment of the Internet Protocol
- ZDI-08-053: Symantec Veritas Storage Foundation Scheduler Service NULL Session Authentication Bypass Vulnerability
- SYM08-015_SFW_SecurityUpdateBypass
- Postfix local privilege escalation via hardlinked symlinks
- [ MDVSA-2008:169 ] hplip
- [security bulletin] HPSBOV02357 SSRT080058 rev.1 - HP OpenVMS TCP/IP Services running BIND, Remote DNS Cache Poisoning
- [ MDVSA-2008:168 ] stunnel
- Microsoft Windows Messenger Remote Illegal Access Vulnerability
- [ MDVSA-2008:170 ] cups
- CORE-2008-0103: Internet Explorer Zone Elevation Restrictions Bypass and Security Zone Restrictions Bypass
- From: CORE Security Technologies Advisories
- [security bulletin] HPSBTU02358 SSRT080058 rev.1 - HP Tru64 UNIX running BIND, Remote DNS Cache Poisoning
- NULL pointer in Ventrilo 3.0.2
- Vim 7.2c.002 Fixes Arbitrary Command Execution when Handling Tar Archives
- rPSA-2008-0243-1 idle python
- From: rPath Update Announcements
- iDefense Security Advisory 08.12.08: Microsoft Windows Color Management Module Heap Buffer Overflow Vulnerability
- iDefense Security Advisory 08.12.08: Microsoft Excel FORMAT Record Invalid Array Index Vulnerability
- iDefense Security Advisory 08.12.08: Microsoft Excel Chart AxesSet Invalid Array Index Vulnerability
- [TKADV2008-006] CA HIPS KmxFw.sys Kernel Memory Corruption
- iDefense Security Advisory 08.12.08: Microsoft PowerPoint Viewer 2003 Cstring Integer Overflow Vulnerability
- iDefense Security Advisory 08.12.08: Microsoft PowerPoint Viewer 2003 Out of Bounds Array Index Vulnerability
- iDefense Security Advisory 08.12.08: Microsoft Office WPG Image File Heap Buffer Overflow Vulnerability
- Vim: Netrw: FTP User Name and Password Disclosure
- [ MDVSA-2008:166 ] clamav
- ZDI-08-050: Microsoft Internet Explorer XHTML Rendering Memory Corruption Vulnerability
- [ MDVSA-2008:167 ] kernel
- Re: Vim: Netrw: FTP User Name and Password Disclosure
- iDefense Security Advisory 08.12.08: Microsoft Office BMP Input Filter Heap Overflow Vulnerability
- ZDI-08-049: Microsoft Windows Graphics Rendering Engine PICT Heap Corruption
- ZDI-08-051: Microsoft Internet Explorer Table Layout Memory Corruption Vulnerability
- ZDI-08-048: Microsoft Excel COUNTRY Record Memory Corruption Vulnerability
- [security bulletin] HPSBUX02356 SSRT080051 rev.1 - HP-UX Running ftpd, Remote Privileged Access
- Surf Jack - HTTPS will not save you
- Re: [funsec] Internet attacks against Georgian web sites
- Re: OpenID/Debian PRNG/DNS Cache poisoning advisory
- Re: [funsec] Internet attacks against Georgian web sites
- CA Host-Based Intrusion Prevention System SDK kmxfw.sys Multiple Vulnerabilities
- Re: OpenID/Debian PRNG/DNS Cache poisoning advisory
- Re: OpenID/Debian PRNG/DNS Cache poisoning advisory
- rPSA-2008-0253-1 git gitweb
- From: rPath Update Announcements
- Re: OpenID/Debian PRNG/DNS Cache poisoning advisory
- VMSA-2008-0012 Updated VirtualCenter addresses User Account Disclosure Vulnerability
- From: VMware Security Team
- VMSA-2008-0013 Updated ESX packages for OpenSSL, net-snmp, perl
- From: VMware Security Team
- Internet attacks against Georgian web sites
- Re: OpenID/Debian PRNG/DNS Cache poisoning advisory
- From: Forrest J. Cavalier III
- Re: OpenID/Debian PRNG/DNS Cache poisoning advisory
- Re: OpenID/Debian PRNG/DNS Cache poisoning advisory
- iDefense Security Advisory 08.04.08: Solaris snoop SMB Decoding Multiple Stack Buffer Overflow Vulnerabilities
- [AJECT] hMailServer 4.4.1 DoS vulnerability
- iDefense Security Advisory 08.04.08: Solaris snoop SMB Decoding Multiple Format String Vulnerabilities
- Re: TGS CMS Remote Code Execution Exploit
- Re: OpenID/Debian PRNG/DNS Cache poisoning advisory
- Re: OpenID/Debian PRNG/DNS Cache poisoning advisory
- RE: OpenID/Debian PRNG/DNS Cache poisoning advisory
- From: Clausen, Martin (DK - Copenhagen)
- Layered Defense Research Advisory: Alcatel-Lucent OmniSwitch products, Stack Buffer Overflow
- Re: Team SHATTER Security Advisory: SQL Injection in Oracle Database (DBMS_DEFER_SYS.DELETE_TRAN)
- Apache Tomcat <= 6.0.18 UTF8 Directory Traversal Vulnerability
- rPSA-2008-0247-1 gvim vim vim-minimal
- From: rPath Update Announcements
- [ GLSA 200808-11 ] UUDeview: Insecure temporary file creation
- rPSA-2008-0249-1 openldap openldap-clients openldap-servers
- From: rPath Update Announcements
- K-Links Directory Blind SQL Injection Exploit
- From: hadihadi_zedehal_2006
- Re: [DSECRG-08-035] Local File Include Vulnerability in Gallery 1.5.7, 1.6-alpha3
- [SECURITY] [DSA 1627-1] New PowerDNS packages reduce DNS spoofing risk
- Ovidentia Sql Injection
- [ GLSA 200808-10 ] Adobe Reader: User-assisted execution of arbitrary code
- Kayako SupportSuite < 3.30.00 Multiple Vulnerabilities
- From: GulfTech Security Research
- [security bulletin] HPSBUX02351 SSRT080058 rev.4 - HP-UX Running BIND, Remote DNS Cache Poisoning
- key blacklisting & file size (was: OpenID/Debian PRNG/DNS Cache poisoning advisory)
- Re: OpenID/Debian PRNG/DNS Cache poisoning advisory
- Re: OpenID/Debian PRNG/DNS Cache poisoning advisory
- Re: OpenID/Debian PRNG/DNS Cache poisoning advisory
- Re: OpenID/Debian PRNG/DNS Cache poisoning advisory
- Re: OpenID/Debian PRNG/DNS Cache poisoning advisory
- Re: [OpenID] OpenID/Debian PRNG/DNS Cache poisoning advisory
- Re: OpenID/Debian PRNG/DNS Cache poisoning advisory
- Re: OpenID/Debian PRNG/DNS Cache poisoning advisory
- Re: OpenVMS fingerd remote stack overflow
- Re: OpenID/Debian PRNG/DNS Cache poisoning advisory
- Re: OpenID/Debian PRNG/DNS Cache poisoning advisory
- New paper: An Illustrated Guide to the Kaminsky DNS Vulnerability
- Re: OpenID/Debian PRNG/DNS Cache poisoning advisory
- Re: OpenID/Debian PRNG/DNS Cache poisoning advisory
- RE: OpenID/Debian PRNG/DNS Cache poisoning advisory
- RE: OpenID/Debian PRNG/DNS Cache poisoning advisory
- [ GLSA 200808-09 ] OpenLDAP: Denial of Service vulnerability
- [DSECRG-08-035] Local File Include Vulnerability in Gallery 1.5.7, 1.6-alpha3
- From: Digital Security Research Group [DSecRG]
- Re: [OpenID] OpenID/Debian PRNG/DNS Cache poisoning advisory
- [ GLSA 200808-08 ] stunnel: Security bypass
- Re: OpenID/Debian PRNG/DNS Cache poisoning advisory
- [ GLSA 200808-07 ] ClamAV: Multiple Denials of Service
- Re: OpenID/Debian PRNG/DNS Cache poisoning advisory
- RE: OpenID/Debian PRNG/DNS Cache poisoning advisory
- Vim: Unfixed Vulnerabilities in Tar Plugin Version 20
- Re: [OpenID] OpenID/Debian PRNG/DNS Cache poisoning advisory
- [AJECT] WinGate Email Server (IMAP) vulnerability
- Re: OpenID/Debian PRNG/DNS Cache poisoning advisory
- Re: [OpenID] OpenID/Debian PRNG/DNS Cache poisoning advisory
- [AJECT] NoticeWare IMAP Email Server 4.6.2 DoS vulnerability
- OpenID/Debian PRNG/DNS Cache poisoning advisory
- Re: [funsec] facebook messages worm
- Re: Re: [SE-2008-01] J2ME Security Vulnerabilities 2008
- [ MDVSA-2008:164 ] python
- re: [SE-2008-01] J2ME Security Vulnerabilities 2008
- From: Security Explorations
- [ MDVSA-2008:163 ] python
- [ MDVSA-2008:162 ] qemu
- Re: OpenVMS fingerd remote stack overflow
- [ MDVSA-2008:161 ] rxvt
- Re: [SE-2008-01] J2ME Security Vulnerabilities 2008
- e107 <= 0.7.11 Arbitrary Variable Overwriting
- From: GulfTech Security Research
- Re: OpenVMS fingerd remote stack overflow
- From: Kevin Finisterre (lists)
- Re: OpenVMS fingerd remote stack overflow
- [SE-2008-01] J2ME Security Vulnerabilities 2008
- From: Security Explorations
- Re: [funsec] facebook messages worm
- Whitepaper: DNS zone redelegation
- facebook messages worm
- Re: [funsec] facebook messages worm
- Re: [Full-disclosure] [funsec] facebook messages worm
- Endless loop and resources consumption in Halo 1.0.7.0615
- Re: [funsec] facebook messages worm
- OpenVMS fingerd remote stack overflow
- [security bulletin] HPSBUX02355 SSRT080023 rev.1 - HP-UX Using libc, Remote Denial of Service (DoS)
- [security bulletin] HPSBUX02351 SSRT080058 rev.3 - HP-UX Running BIND, Remote DNS Cache Poisoning
- [ GLSA 200808-06 ] libxslt: Execution of arbitrary code
- [USN-635-1] xine-lib vulnerabilities
- [ GLSA 200808-05 ] ISC DHCP: Denial of Service
- Apache HTTP Server mod_proxy_ftp Wildcard Characters Cross-Site Scripting
- Google Notebook and Google Bookmarks Cross Site Scripting Vulnerabilities
- CA Products That Embed Ingres Multiple Vulnerabilities
- Interesting things at sec-consult.com, DNS-whitepaper available tomorrow
- Re: 8e6 Technologies R3000 Internet Filter Bypass with Host Decoy
- MyClan Sql Injection
- PHP-NUKE module Kleinanzeigen SQL injection (lid)
- rPSA-2008-0246-1 gaim
- From: rPath Update Announcements
- rPSA-2008-0245-1 cups
- From: rPath Update Announcements
- [ GLSA 200808-04 ] Wireshark: Denial of Service
- [ GLSA 200808-03 ] Mozilla products: Multiple vulnerabilities
- [ GLSA 200808-02 ] Net-SNMP: Multiple vulnerabilities
- [ GLSA 200808-01 ] xine-lib: User-assisted execution of arbitrary code
- Pluck 4.5.2 Multiple Cross Site Scripting Vulnerabilities
- IGES CMS <=2.0 Multiple Vulnerabilities
- Plogger <= 3.0 SQL Injection
- From: GulfTech Security Research
- 8e6 Technologies R3000 Internet Filter Bypass with Host Decoy
- Xampp Linux 1.6.7 Multiple Cross Site Scripting Vulnerabilities
- CORE-2008-0716 - Sun xVM VirtualBox Privilege Escalation Vulnerability
- From: CORE Security Technologies Advisories
- Team SHATTER Security Advisory: SQL Injection in Oracle Database (DBMS_DEFER_SYS.DELETE_TRAN)
- Team SHATTER Security Advisory: Cross-site scripting in Oracle Enterprise Manager (REFRESHCHOICE Parameter)
- Team SHATTER Security Advisory: SQL Injection in Oracle Application Server (WWEXP_API_ENGINE)
- [USN-626-2] Devhelp, Epiphany, Midbrowser and Yelp update
- UNAK-CMS Lfi
- [SECURITY] [DSA 1627-1] New opensc packages fix smart card vulnerability
- TGS CMS Remote Code Execution Exploit
- Keld: PHP-MySQL News Script 0.7.1 Remote SQL injection Vulnerability
- Server termination in America's Army 2.8.3.1
- Homes 4 Sale Remote XSS Vulnerabilitiy
- Pligg Auto-Voter Using XSS to Bypass CSRF Protection
- iDefense Security Advisory 08.01.08: Ingres Database for Linux ingvalidpw Untrusted Library Path Vulnerability
- iDefense Security Advisory 08.01.08: Ingres Database for Linux libbecompat Stack Based Buffer Overflow Vulnerability
- iDefense Security Advisory 08.01.08: Ingres Database for Linux verifydb Insecure File Permissions Modification Vulnerability
- file upload exploit
- [ MDVSA-2008:160 ] libxslt
- Re: Windows Vista Power Management & Local Security Policy
- From: William A. Rowe, Jr.
- Re: how to request a cve id?
- From: William A. Rowe, Jr.
- n.runs-SA-2008.005 - Apple Inc. - CoreServices Framework’s CarbonCore Framework - Arbitrary Code Execution (remote)
- iDefense Security Advisory 07.31.08: Apple Mac OS X CoreGraphics PDF Type1 Font Integer Overflow Vulnerability
- [USN-632-1] Python vulnerabilities
- [USN-633-1] libxslt vulnerabilities
- DNS Multiple Race Exploiting Tool
- eVision 2.0 Sql Injection/Remote File Disclosure/Remote File Upload/IG
- [USN-634-1] OpenLDAP vulnerability
- [CVE-2008-1232] Apache Tomcat XSS vulnerability
- [SECURITY] [DSA 1626-1] New httrack packages fix arbitrary code execution
- [SECURITY] [DSA 1625-1] New cupsys packages fix arbitrary code execution
- libxslt heap overflow
- [CVE-2008-2370] Apache Tomcat information disclosure vulnerability
- CA ARCserve Backup for Laptops and Desktops Server LGServer Service Vulnerability
- [ GLSA 200807-16 ] Python: Multiple vulnerabilities
- [SECURITY] [DSA 1624-1] New libxslt packages fix arbitrary code execution
- [ GLSA 200807-13 ] VLC: Multiple vulnerabilities
- [ GLSA 200807-14 ] Linux Audit: Buffer overflow
- [SECURITY] [DSA 1623-1] New dnsmasq packages fix cache poisoning
- [ GLSA 200807-15 ] Pan: User-assisted execution of arbitrary code
- iDefense Security Advisory 07.30.08: SAP MaxDB dbmsrv Untrusted Execution Path Vulnerability
- [~] Greetz : Me93fg & Mr.SaFa7
- [SECURITY] [DSA 1622-1] New newsx packages fix arbitrary code execution
- Secunia Research: Blue Coat K9 Web Protection Response Handling Buffer Overflows
- Pligg <= 9.9.0 Multiple Vulnerabilities
- From: GulfTech Security Research
- [security bulletin] HPSBUX02286 SSRT071466 rev.1 - HP-UX Running System Administration Manager (SAM), Unintended Remote Access
- Secunia Research: Blue Coat K9 Web Protection "Referer" Header Buffer Overflow
- [oCERT-2008-009] libxslt heap overflow
- [ MDVSA-2008:159 ] licq
- Citrix MetaFrame Privilege Escalation
- From: Wendel Guglielmetti Henrique
- DEV WMS Multiple Vulnerabilities
- [ MDVSA-2008:158 ] silc-toolkit
- Cisco IOS shellcode explanation - additional
- Tool: PorkBind Nameserver Security Scanner
- RealNetworks RealPlayer ActiveX Illegal Resource Reference Vulnerability
- MJGuest 6.8 GT Cross Site Scripting Vulnerability
- NULL pointer in Unreal Tournament 2004 v3369
- HIOX Browser Statistics 2.0 Remote File Inclusion Vulnerability
- HIOX Random Ad 1.3 (hioxRandomAd.php hm) RFI Vulnerability
- RE: Remote Cisco IOS FTP exploit
- From: Paul Oxman (poxman)
- Memory corruption and NULL pointer in Unreal Tournament III 1.2
- HIOX Star Rating System 1.0 Remote File Inclusion Vulnerability
- Cisco IOS shellcode explanation
- shoutbox Remote Database Dawnload Exploit
- [ MDVSA-2008:157 ] - ffmpeg
- Re: E-Mail header Injection in HiFriend
- Remote Cisco IOS FTP exploit
- [USN-630-1] ffmpeg vulnerability
- n.runs-SA-2008.004 - AVG Anti-Virus Divide by Zero - DoS (remote)
- Gregarius <= 0.5.4 SQL Injection
- From: GulfTech Security Research
- rPSA-2008-0235-1 fetchmail fetchmailconf
- From: rPath Update Announcements
- [DSECRG-08-034] Local File Include Vulnerability in Minishowcase v09b136
- From: Digital Security Research Group [DSecRG]
- VMSA-2008-00011 Updated ESX service console packages for Samba and vmnix
- From: VMware Security team
- plugin Rss Remote File Inclusion Vulnerability
- [USN-631-1] poppler vulnerability
- rPSA-2008-0238-1 firefox
- From: rPath Update Announcements
- [ MDVSA-2008:156 ] - Updated libpng packages fix vulnerability
- rPSA-2008-0237-1 tshark wireshark
- From: rPath Update Announcements
- PhpJobScheduler 3.1 Remote File Inclusion Vulnerability
- rPSA-2008-0236-1 httpd mod_ssl
- From: rPath Update Announcements
- [USN-626-1] Firefox and xulrunner vulnerabilities
- iDefense Security Advisory 07.28.08: Hewlett-Packard OVIS Probe Builder Arbitrary Process Termination Vulnerability
- Cross Site Scripting (XSS) in Owl <=0.95, CVE-2008-3100
- ViArt <= 3.5 SQL Injection
- From: GulfTech Security Research
- Multiple Cross-Site Scripting Vulnerabilities in Web Wiz Rich Text Editor version 4.02
- Re: how to request a cve id?
- RE: Windows Vista Power Management & Local Security Policy
- JamRoom <= 3.3.8 Authentication Bypass
- From: GulfTech Security Research
- [security bulletin] HPSBMA02353 SSRT080066 rev.1 - HP OpenView Internet Services Running Probe Builder, Remote Denial of Service (DoS)
- Tool release: [evilgrade] - Using DNS cache poisoning to exploit poor update implementations
- From: [ISR] - Infobyte Security Research
- [DSECRG-08-033] Local File Include Vulnerability in Pixelpost 1.7.1
- From: Digital Security Research Group [DSecRG]
- Security Bypass Vulnerabilities AXESSTEL
- [SECURITY] [DSA 1621-1] New icedove packages fix several vulnerabilities
- [ MDVSA-2008:155-1 ] - Updated Thunderbird packages fix multiple vulnerabilities
- how to request a cve id?
- [SECURITY] [DSA 1620-1] New python2.5 packages fix several vulnerabilities
- [SECURITY] [DSA 1619-1] New python-dns packages fix DNS response spoofing
- Re: [Full-disclosure] Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution
- [SECURITY] [DSA 1618-1] New ruby1.9 packages fix several vulnerabilities
- [ MDVSA-2008:155 ] - Updated Thunderbird packages fix multiple vulnerabilities
- [SECURITY] [DSA 1616-2] New clamav packages fix denial of service
- ZDI-08-047: RealNetworks RealPlayer rmoc3260 ActiveX Control Memory Corruption Vulnerability
- http://www.zerodayinitiative.com/advisories/ZDI-08-046
- ZDI-08-045: Apple Safari StyleSheet ownerNode Heap Corruption Vulnerability
- Re: [bugtraq] Re: [Full-disclosure] CAU-EX-2008-0002: Kaminsky DNS Cache Poisoning
- Re: [Full-disclosure] Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution
- Re: [Full-disclosure] CAU-EX-2008-0002: Kaminsky DNS Cache Poisoning Flaw Exploit
- Re: [Full-disclosure] Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution
- SECOBJADV-2008-02: Cygwin Installation and Update Process can be Subverted Vulnerability
- ezContents CMS Renote File inclusion
- XRMS 1.99.2 (RFI/XSS/IG) Multiple Remote Vulnerabilities
- Secunia Research: RealPlayer SWF Frame Handling Buffer Overflow
- [SECURITY] [DSA 1617-1] New refpolicy packages fix incompatible policy
- Re: [Full-disclosure] Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution
- [USN-629-1] Thunderbird vulnerabilities
- Re: [Full-disclosure] Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution
- [ MDVSA-2008:154 ] - Updated xemacs packages fix vulnerability
- CAU-EX-2008-0002: Kaminsky DNS Cache Poisoning Flaw Exploit
- [Full-disclosure] [tool] SDT Cleaner 1.0
- [SECURITY] [DSA 1616-1] new clamav packages fix denial of service
- [ MDVSA-2008:153 ] - Updated emacs packages fix vulnerability
- Re: Wordpress Malicious File Execution Vulnerability
- [SECURITY] [DSA 1615-1] New xulrunner packages fix several vulnerabilities
- [SECURITY] [DSA 1614-1] New iceweasel packages fix several vulnerabilities
- [USN-628-1] PHP vulnerabilities
- Vim: Flawed Fix of Arbitrary Code Execution Vulnerability in filetype.vim
- [SECURITY] [DSA 1540-3] New lighttpd packages fix regression
- RE: Windows Vista Power Management & Local Security Policy
- From: Good Securitypractice
- AST-2008-010: Asterisk IAX 'POKE' resource exhaustion
- From: Asterisk Security Team
- RE: Windows Vista Power Management & Local Security Policy
- AST-2008-011: Traffic amplification in IAX2 firmware provisioning system
- From: Asterisk Security Team
- [ MDVSA-2008:152 ] - Updated wireshark packages fix denial of service vulnerability
- RE: Windows Vista Power Management & Local Security Policy
- RE: Windows Vista Power Management & Local Security Policy
- Outpost Security Suite Pro ver. 2009 Multiple vulnerabilities
- [USN-627-1] Dnsmasq vulnerability
- PR08-16: CSRF (Cross-site Request Forgery) on Moodle edit profile page
- From: ProCheckUp Research
- PR08-15: Several Webroot Disclosures on Moodle
- From: ProCheckUp Research
- PR08-13: Persistent Cross-site Scripting (XSS) on Moodle via blog entry title
- From: ProCheckUp Research
- [DSECRG-08-032] Claroline 1.8.10 Multiple XSS Vulnerabilities
- From: Digital Security Research Group [DSecRG]
- [SECURITY] [DSA 1613-1] new libgd2 packages fix multiple vulnerabilities
- FGA-2008-16: EMC Dantz Retrospect 7 backup Server Authentication Module Weak Password Hash Arithmetic Vulnerability
- [security bulletin] HPSBMA02346 SSRT080097 rev.3 - HP OpenView Select Identity Active Directory Bidirectional LDAP Connector, Remote Unauthorized Access
- [ GLSA 200807-12 ] BitchX: Multiple vulnerabilities
- Vulnerability: SocialEngine (SocialEngine.net) high risk security flaw
- [ MDVSA-2008:151 ] - Updated libxslt packages fix buffer overflow vulnerability
- NULL pointer in ZDaemon 1.08.07
- Re: [ GLSA 200807-10 ] Bacula: Information disclosure
- [ GLSA 200807-11 ] PeerCast: Buffer overflow
- [ GLSA 200807-10 ] Bacula: Information disclosure
- E-Mail header Injection in HiFriend
- [SECURITY] [DSA 1612-1] New ruby1.8 packages fix several vulnerabilities
- [White Paper] Abusing HTML 5 Structured Client-side Storage
- Re: SchoolCenter URL Handling Cross Site Scripting Vulnerability
- Flip V3.0 final
- Re: Pwnie Awards 2008
- [DSECRG-08-031] Local File Include Vulnerability in Interact 2.4.1
- From: Digital Security Research Group [DSecRG]
- FGA-2008-16: EMC Dantz Retrospect 7 backup Client 7.5.116 NULL-Pointer reference Denial of Service Vulnerability
- Vim: Improper Implementation of shellescape()/Arbitrary Code Execution
- RE: Windows Vista Power Management & Local Security Policy
- RE: Windows Vista Power Management & Local Security Policy
- MyBlog <=0.9.8 Multiple Vulnerabilities
- RE: Windows Vista Power Management & Local Security Policy
- Easydynamicpages 30tr Multipe Vulerabilities ( Xss / Sql Injection Exploit / File Disclosure Exploit )
- EZWebAlbum (dlfilename) Remote File Disclosure Vulnerability
- Maran PHP Blog Xss By Khashayar Fereidani
- Vulnerability CVE-2008-3671 - MyReview's vulnerability in the access control system
- FGA-2008-16: EMC Dantz Retrospect 7 backup Client 7.5.116 Remote Memory corruption Vulnerability
- Easybookmarker 40tr Xss Vulnerability By Khashayar Fereidani
- EMC Dantz Retrospect 7 backup Client PlainText Password Hash Disclosure Vulnerability
- [ MDVSA-2008:150 ] - Updated mysql packages fix vulnerabilities
- Easyecards 310a Multipe Vulerabilities ( Xss / Sql Injection Exploit / File Disclosure Exploit ) By Khashayar Fereidani
- RE: Windows Vista Power Management & Local Security Policy
- From: Thor (Hammer of God)
- EasyPublish 3.0tr Multiple Vulnerabilities ( Xss / Sql Injection Exploit / File Disclosure Exploit )
- Re: Oracle Database Local Untrusted Library Path Vulnerability
- [ MDVSA-2008:149 ] - Updated mysql packages fix vulnerabilities
- RE: Windows Vista Power Management & Local Security Policy
- RE: Windows Vista Power Management & Local Security Policy
- RE: Lateral SQL Injection Revisited - No Special Privs Required
- Oracle Database Local Untrusted Library Path Vulnerability
- rPSA-2008-0231-1 bind bind-utils
- From: rPath Update Announcements
- [security bulletin] HPSBUX02351 SSRT080058 rev.2 - HP-UX Running BIND, Remote DNS Cache Poisoning
- Re: Lateral SQL Injection Revisited - No Special Privs Required
- Windows Vista Power Management & Local Security Policy
- [DSECRG-08-030] Claroline 1.8.9 Multiple Security Vulnerabilities
- From: Digital Security Research Group [DSecRG]
- Re: Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution
- [ISecAuditors Security Advisories] SmbClientParser Perl module allows remote command execution
- From: ISecAuditors Security Advisories
- Lateral SQL Injection Revisited - No Special Privs Required
- [ MDVSA-2008:148 ] - Updated Firefox packages fix vulnerabilities
- Def_Blog 1.0.3 Multiple Remote SQL Injection Vulnerabilities
- Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution
- Security Vacation Guide
- ZDI-08-042: Sun Java Web Start Sandbox Bypass Vulnerability
- ZDI-08-043: Sun Java Web Start vm args Stack Buffer Overflow
- ZDI-08-044: Mozilla Firefox CSSValue Array Memory Corruption Vulnerability
- communitycms-0.1 Remote File Includion
- [USN-623-1] Firefox vulnerabilities
- Oracle Portal XSS fixed by CPU July 2008
- HPSBMA02346 SSRT080097 rev.2 - HP Select Identity Active Directory Bidirectional LDAP Connector, Remote Unauthorized Access
- [DSECRG-08-029] Local File Include in Dokeos E-Learning System 1.8.5
- From: Digital Security Research Group
- ekoparty security trainings (2008) announcement
- [security bulletin] HPSBUX02351 SSRT080058 rev.1 - HP-UX Running BIND, Remote DNS Cache Poisoning
- [SECURITY] [DSA 1611-1] New afuse packages fix privilege escalation
- IETF Internet-Draft on TCP Port randomization
- rPSA-2008-0035-1 httpd mod_ssl
- From: rPath Update Announcements
- openPro 1.3.1 (LIBPATH) Remote RFI Vulnerability
- [SECURITY] [DSA 1544-2] New pdns-recursor packages fix predictable randomness
- n.runs-SA-2008.002 - F-Prot Out-of-Bound Memory Access DoS (remote)
- [DSECRG-08-028] File read in Velocity web-server
- [ECHO_ADV_100$2008] Comdev Web Blogger <= 4.1.3 (arcmonth) Sql Injection Vulnerability
- [security bulletin] HPSBMA02133 SSRT061201 rev.9 - HP Oracle for OpenView (OfO) Critical Patch Update
- Arbitrary code execution in Netrw version 127, Vim 7.2b
- Re: Re: Microsoft DNS patch KB951748 incompatible with Zonealarm
- Oracle Application Server PLSQL injection flaw
- [security bulletin] HPSBMA02346 SSRT080097 rev.1 - HP Select Identity Active Directory Bidirectional LDAP Connector, Remote Unauthorized Access
- [ MDVSA-2008:146 ] - Updated poppler packages fix arbitrary code execution vulnerability
- iDefense Security Advisory 07.15.08: Oracle Database Local Untrusted Library Path Vulnerability
- iDefense Security Advisory 07.15.08: Oracle Database DBMS_AQELM Package Buffer Overflow Vulnerability
- [ MDVSA-2008:147 ] - Updated pcre packages fix vulnerability
- iDefense Security Advisory 07.15.08: Oracle Internet Directory Pre-Authentication LDAP DoS Vulnerability
- [ GLSA 200807-09 ] Mercurial: Directory traversal
- [SECURITY] [DSA 1569-3] New cacti packages fix regression
- [SECURITY] [DSA 1610-1] New gaim packages fix execution of arbitrary code
- [SECURITY] [DSA 1609-1] New lighttpd packages fix multiple DOS issues
- [ MDVSA-2008:145 ] - Updated bluez/bluez-utils packages fix SDP packet parsing vulnerability
- HPSBST02350 SSRT080102 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-037 to MS08-040
- [USN-624-1] PCRE vulnerability
- CFP now open for ClubHack2008 - India
- Yuhhu Pubs Black Cat Remote SQL Injection Exploit
- Re: PR07-37: XSS on Apache HTTP Server 413 error pages via malformed HTTP method
- From: ProCheckUp Research
- DeepSec 2008 - Last call for submissions
- From: DeepSec Conference Vienna
- FreeBSD Security Advisory FreeBSD-SA-08:06.bind
- From: FreeBSD Security Advisories
- Pluck Local File inclusion
- Simple DNS Plus 5.0/4.1 < remote Denial of Service exploit
- [SECURITY] [DSA 1608-1] New mysql-dfsg-5.0 packages fix authorization bypass
- Re: Re: Microsoft DNS patch KB951748 incompatible with Zonealarm
- Re: New Paper: More than 600 million users surf at high risk
- Re: Microsoft DNS patch KB951748 incompatible with Zonealarm
- Re: Microsoft DNS patch KB951748 incompatible with Zonealarm
- [ MDVSA-2008:144 ] - Updated openldap packages fix slapd DoS vulnerability
- [ MDVSA-2008:138-1 ] - Updated OpenOffice.org packages fix vulnerability
- RE: New Paper: More than 600 million users surf at high risk
- [NETRAGARD SECURITY ADVISORY][Apple Core Image Fun House <= 2.0 OS X -- Arbitrary Code Execution][NETRAGARD-20080711]
- From: Netragard Security Advisories
- [ GLSA 200807-08 ] BIND: Cache poisoning
- [SECURITY] [DSA 1607-1] New iceweasel packages fix several vulnerabilities
- ZDI-08-041: Novell eDirectory dhost Integer Overflow Code Execution Vulnerability
- [ MDVSA-2008:143 ] - Updated pidgin packages fix MSN protocol handler vulnerability
- Re: PR07-37: XSS on Apache HTTP Server 413 error pages via malformed HTTP method
- iDefense Security Advisory 07.09.08: Novell eDirectory LDAP Search Request Heap Corruption Vulnerability
- [ MDVSA-2008:140 ] - Updated ruby packages fix vulnerabilities
- [ MDVSA-2008:141 ] - Updated ruby packages fix vulnerabilities
- [ GLSA 200807-06 ] Apache: Denial of Service
- London DEFCON July meet - DC4420 - Thursday 10th July (today!)
- rPSA-2008-0223-1 poppler
- From: rPath Update Announcements
- phpuserbase 1.3 (menu) Remote File Inclusion Vulnerability
- [ GLSA 200807-07 ] NX: User-assisted execution of arbitrary code
- gapicms v9.0.2 (dirDepth) Remote File Inclusion Vulnerability
- Re: Microsoft DNS patch KB951748 incompatible with Zonealarm FIXED
- Nessus plugins for recent MS Bulletins
- [ MDVSA-2008:142 ] - Updated ruby packages fix vulnerabilities
- Context IS Advisory - MS08-39 OWA XSS
- From: Context IS - Disclosure
- [ MDVSA-2008:139 ] - Updated BIND packages fix critical DNS vulnerability
- [ GLSA 200807-05 ] OpenOffice.org: User-assisted execution of arbitrary code
- Microsoft DNS patch KB951748 incompatible with Zonealarm
- From: Pages-Web.com - Services internet
- rPSA-2008-0218-1 ruby
- From: rPath Update Announcements
- [SECURITY] [DSA 1606-1] poppler packages fix execution of arbitrary code
- Insomnia : ISVA-080709.1 - Microsoft SQL Server - Corrupt Backup File Heap Overflow
- Local information disclosure in WeFi Client v3.3.3.0
- Re: Unauthorized reading confirmation from Outlook
- [ MDVSA-2008:138 ] - Updated OpenOffice.org packages fix vulnerability
- [ MDVSA-2008:137 ] - Updated OpenOffice.org fix vulnerability, and a few other bugs
- Re: [Full-disclosure] iDefense Security Advisory 07.08.08: Microsoft SQL Server Restore Integer Underflow Vulnerability
- rPSA-2008-0217-1 vsftpd
- From: rPath Update Announcements
- rPSA-2008-0216-1 firefox
- From: rPath Update Announcements
- Minneapolis DC612 Meeting July 10th, 2008@6pm
- [ MDVSA-2008:136 ] - Updated Firefox packages fix vulnerabilities
- [USN-622-1] Bind vulnerability
- iDefense Security Advisory 07.08.08: Microsoft SQL Server Restore Integer Underflow Vulnerability
- Cisco Security Advisory: Multiple Cisco Products Vulnerable to DNS Cache Poisoning Attacks
- From: Cisco Systems Product Security Incident Response Team
- [ GLSA 200807-04 ] Poppler: User-assisted execution of arbitrary code
- [SECURITY] [DSA 1605-1] DNS vulnerability impact on the libc stub resolver
- XSS in admin logs - vBulletin 3.7.2 and lower, vBulletin 3.6.10 PL2 and lower
- [SECURITY] [DSA 1604-1] BIND 8 deprecation notice
- [SECURITY] [DSA 1603-1] New bind9 packages fix cache poisoning
- [security bulletin] HPSBMA02349 SSRT080043 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Unauthorized Access to Data
- [security bulletin] HPSBMA02348 SSRT080033 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code, Denial of Service (DoS)
- Re: Local vulnerability in WeFi Client v3.2.1.4.1(Update)
- Call for Papers for the MEITSEC 2008 is now open.
- From: Meitsec2008 Conference
- Pwnie Awards 2008
- PHP-NUKE SQL Module's Name 4ndvddb
- [ GLSA 200807-03 ] PCRE: Buffer overflow
- Re: Multiple vulnerabilities in TietoEnator's Procapita school administration system, at least version
- [oCERT-2008-007] libpoppler uninitialized pointer
- [SECURITY] [DSA 1602-1] New pcre3 packages fix arbitrary code execution
- [ MDVSA-2008:135 ] - Updated gnome-screensaver packages fix authentication vulnerability
- [ MDVSA-2008:134 ] - Updated squid packages fix DoS vulnerability
- [ MDVSA-2008:133 ] - Updated sympa packages fix DoS vulnerability
- [ MDVSA-2008:132 ] - Updated gnome-screensaver packages fix authentication vulnerability
- [ MDVSA-2008:131 ] - Updated phpMyAdmin packages fix multiple vulnerabilities
- Novell GroupWise Messenger Client (GWIM) Remote Stack Overflow
- From: [ISR] - Infobyte Security Research
- [DSECRG-08-027] Multiple RFI-LFI in 1024 CMS 1.4.3, 1.4.4 RFC
- From: Digital Security Research Group [DSecRG]
- F5 FirePass 1200 SNMP daemon DoS
- [ MDVSA-2008:129 ] - Updated PHP packages fix multiple vulnerabilities
- [ MDVSA-2008:130 ] - Updated PHP packages fix multiple vulnerabilities
- Unauthorized reading confirmation from Outlook
- From: Augusto Paes de Barros
- Local vulnerability in WeFi Client v3.2.1.4.1(Update)
- [SECURITY] [DSA 1601-1] New wordpress packages fix several vulnerabilities
- [ MDVSA-2008:128 ] - Updated PHP packages fix multiple vulnerabilities
- [ MDVSA-2008:127 ] - Updated PHP packages fix multiple vulnerabilities
- [ MDVSA-2008:126 ] - Updated PHP packages fix multiple vulnerabilities
- [ MDVSA-2008:125 ] - Updated PHP packages fix multiple vulnerabilities
- rPSA-2008-0212-1 tshark wireshark
- From: rPath Update Announcements
- rPSA-2008-0211-1 mercurial mercurial-hgk
- From: rPath Update Announcements
- Re: New Paper: More than 600 million users surf at high risk
- Re: New Paper: More than 600 million users surf at high risk
- Release of Pass-The-Hash Toolkit v1.4
- Secunia Research: VLC Media Player WAV Processing Integer Overflow
- ISEC 2008(Information Security Conference) Guide
- RE: New Paper: More than 600 million users surf at high risk
- [tool] ratproxy - passive web application security assessment tool
- [USN-619-1] Firefox vulnerabilities
- RE: New Paper: More than 600 million users surf at high risk
- [SECURITY] [DSA 1560-1] New sympa packages fix denial of service
- Re: Collection of Vulnerabilities in Fully Patched Vim 7.1
- Deepsec Talks 2007 are online - registration for 2008 is open
- RE: New Paper: More than 600 million users surf at high risk
- RE: New Paper: More than 600 million users surf at high risk
- Vuln name: Ruby rb_ary_fill() DOS
- New Paper: More than 600 million users surf at high risk
- [ GLSA 200807-02 ] Motion: Execution of arbitrary code
- [security bulletin] HPSBMA02345 SSRT080039 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Cross Site Scripting (XSS)
- [ GLSA 200807-01 ] Python: Multiple integer overflows
- [SCANIT-2008-001] QNX phgrafx Privilege Escalation Vulnerability
- CFP 25C3 - The 25th Chaos Communication Congress 2008
- [SCANIT-2008-003] Wordtrans-web Remote Command Execution Vulnerability
- [SCANIT-2008-002] Wordtrans-web Remote Command Execution Vulnerability
- [USN-617-2] Samba regression
- Endless loop in Soldner 33724
- Re: Rhythmbox Vulnerability
- RSS-aggregator Multiple vulnerabilities
- [security bulletin] HPSBMA02338 SSRT080024, SSRT080041 rev.2 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code, Denial of Service (DoS)
- Re: Remote SQL Injection
- Security and Hacking Papers - Updated!
- Endless loop in Halo 1.07
- Remote SQL Injection
- Multiple vulnerabilities in S.T.A.L.K.E.R. 1.0006
- Re: Double Denial of Service in Call of Duty 4 1.6
- [Tool] PktAnon packet trace anonymization tool released
- [security bulletin] HPSBUX02341 SSRT080075 rev.1 - HP-UX running HP CIFS Server (Samba), Remote Execution of Arbitrary Code
- BA-Con 2008 CFP - Buenos Aires, Sept. 30 / Oct. 1 (closes July 11 2008)
- [security bulletin] HPSBUX02342 SSRT080063 rev.2 - HP-UX Running Apache with PHP, Remote Execution of Arbitrary Code
- rPSA-2008-0207-1 kernel
- From: rPath Update Announcements
- New Release of 'Unhide' (20080519)
- [ MDVSA-2008:124 ] - Updated xine-lib packages fix vulnerability in Speex decoder
- [USN-621-1] Ruby vulnerabilities
- WellyBlog Open Source Blog Portal Cross Site Scripting Vulnerabilitiy
- [SECURITY] [DSA 1599-1] New dbus packages fix privilege escalation
- rPSA-2008-0206-1 ruby
- From: rPath Update Announcements
- [USN-620-1] OpenSSL vulnerabilities
- Evolution Vulnerability
- Pidgin 2.4.1 Vulnerability
- The Rat CMS (SQL/XSS) Multiple Remote Vulnerabilities
- Rhythmbox Vulnerability
- Multiple vulnerabilities in TietoEnator's Procapita school administration system, at least version "842 Procapita 840SP1"
- Re: IdeBox (include) Remote File Inclusion Vulnerability
- From: Vladimir '3APA3A' Dubrovin
- [ MDVSA-2008:123 ] - Updated imlib2 packages fix vulnerabilities
- [ECHO_ADV_99$2008] Relative Real Estate Systems <= 3.0 (listing_id) Sql Injection Vulnerability
- Cisco Security Advisory: Cisco Unified Communications Manager Denial of Service and Authentication Bypass Vulnerabilities
- From: Cisco Systems Product Security Incident Response Team
- mcGuestbook 1.2 (lang) Remote File Inclusion Vulnerability
- ERRATA - n.runs-SA-2008.001 - Jscape Secure FTP Applet
- IdeBox (include) Remote File Inclusion Vulnerability
- [ GLSA 200806-11 ] IBM JDK/JRE: Multiple vulnerabilities
- [BMSA 2008-07] Format string vulnerability in 5th street
- RSS-aggregator (display) Remote File Inclusion Vulnerability
- [ MDVSA-2008:122 ] - Updated clamav packages fix vulnerability
- fetchmail REVISED security announcement fetchmail-SA-2008-01 (CVE-2008-2711)
- [ GLSA 200806-10 ] FreeType: User-assisted execution of arbitrary code
- [ GLSA 200806-09 ] libvorbis: Multiple vulnerabilities
- [ GLSA 200806-08 ] OpenSSL: Denial of Service
- NULL pointer in World in Conflict 1.008
- [ MDVSA-2008:121 ] - Updated freetype2 packages fix vulnerabilities
- Re: Summary of AS/400 Vulnerability Information
- Double Denial of Service in Call of Duty 4 1.6
[Index of Archives]
[Linux Security]
[Netfilter]
[PHP]
[Yosemite News]
[Linux Kernel]
