Bugtraq
[Prev Page][Next Page]
- Firefox 3.0 security bug: Extensions can STILL hide themselves
- Trust Testing and Metrics
- n.runs-SA-2008.001 - Jscape Secure FTP Applet
- Benja CMS 0.1 (Upload/XSS) Multiple Remote Vulnerabilities
- [ MDVSA-2008:120 ] - Updated nasm packages fix vulnerability
- rPSA-2008-0201-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs
- From: rPath Update Announcements
- rPSA-2008-0200-1 xorg-server
- From: rPath Update Announcements
- [ MDVSA-2008:119 ] - Updated exiv2 packages fix vulnerability
- [ MDVSA-2008:118 ] - Updated net-snmp/ucd-snmp packages fix vulnerabilities
- Diigo Toolbar - Global XSS and Information Leakage in SSL URLs
- BackTrack 3 Final has been released
- [SECURITY] [DSA 1598-1] New libtk-img packages fix arbitrary code execution
- Secunia Research: XnView, NConvert, and GFL SDK Sun TAAC Buffer Overflow
- [ MDVSA-2008:117 ] - Updated fetchmail packages fix DoS vulnerability
- Re: RFI ====> vBulletin v3.6.5
- An Apology.
- [ GLSA 200806-07 ] X.Org X server: Multiple vulnerabilities
- RE: A more detailed description of the Jura F90 vulnerability.
- RE: A more detailed description of the Jura F90 vulnerability.
- From: Thor (Hammer of God)
- CSW Security Advisory 0002: Oral B SmartMonitor Information Disclosure Vulnerability and DoS
- vBulletin 3.7.1 PL1 and lower, vBulletin 3.6.10 PL1: XSS in modcp index
- Academic Web Tools CMS <= 1.4.2.8 Multiple Vulnerabilities
- eLineStudio Site Composer (ESC) <=2.6 Multiple Vulnerabilities
- [USN-612-11] openssl-blacklist update
- RE: A more detailed description of the Jura F90 vulnerability.
- From: Thor (Hammer of God)
- Cisco Security Advisory: Cisco Intrusion Prevention System Jumbo Frame Denial of Service
- From: Cisco Systems Product Security Incident Response Team
- A more detailed description of the Jura F90 vulnerability.
- CA ARCserve Backup Discovery Service Denial of Service Vulnerability
- Secunia Research: TorrentTrader Multiple SQL Injection Vulnerabilities
- Announcement && CFP: ISOI 5, Tallinn Estonia
- [USN-617-1] Samba vulnerabilities
- [security bulletin] HPSBST02344 SSRT080087 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-030 to MS08-036
- S21SEC-044-en:OpenDocMan Cross Site Scripting (XSS)
- [ GLSA 200806-06 ] Evolution: User-assisted execution of arbitrary code
- iPhoneDbg Toolkit
- From: Nicolas A. Economou
- fetchmail security announcement fetchmail-SA-2007-02 (CVE-2007-4565)
- [ GLSA 200806-05 ] cbrPager: User-assisted execution of arbitrary code
- fetchmail security announcement fetchmail-SA-2008-01 (CVE-2008-2711)
- Server freezed in Skulltag 0.97d2-RC2
- Hacking Coffee Makers.
- NULL pointer in the HTTP/XML-RPC service of Crysis 1.21
- [ MDVSA-2008:115 ] - Updated x11-server packages fix several vulnerabilities
- [ MDVSA-2008:116 ] - Updated x11-server packages fix several vulnerabilities
- [DSECRG-08-026] LFI in Open Azimyt CMS 0.22
- From: Digital Security Research Group
- VistaReseller Panel BETA Xss Vulnerability
- Returnil Virtual System 2008 - Password Disclosure Issue
- [ECHO_ADV_97$2008] Pre News Manager <= 1.0 (index.php id) Sql Injection Vulnerability
- PHP JOBWEBSITE PRO (JobSearch3.php) SQL Injection Vulnerability
- [ECHO_ADV_98$2008] Pre Ads Portal <= 2.0 Sql Injection Vulnerability
- Denial of Service in S.T.A.L.K.E.R. 1.0006
- DUC NO-IP Local Password Information Disclosure Vulnerability
- E-SMART CART (productsofcat.asp) Remote SQL Injection Vulnerability
- Muitiple XSS - Glassfish Web Interface (Sun Java System Application Server 9.1_01 (build b09d-fcs) )
- Re: AS/400 Vulnerabilities
- [ GLSA 200806-04 ] rdesktop: Multiple vulnerabilities
- GSC Privilege Escalation Exploit
- Collection of Vulnerabilities in Fully Patched Vim 7.1
- Re: Collection of Vulnerabilities in Fully Patched Vim 7.1
- Re: AS/400 Vulnerabilities
- From: security curmudgeon
- [ MDVSA-2008:113 ] - Updated kernel packages fix security issue
- [ MDVSA-2008:114 ] - Updated util-linux-ng packages fix log injection issue
- Technical Details of Security Issues Regarding Safari for Windows
- RE: Securify bulletin: Microsoft Active Directory Denial-of-service
- RE: AS/400 Vulnerabilities
- [USN-612-9] openssl-blacklist update
- Securify bulletin: Microsoft Active Directory Denial-of-service
- [USN-612-10] OpenVPN regression
- Exploit for vBulletin "obscure" XSS (3.7.1 & 3.6.10)
- AS/400 Vulnerabilities
- [USN-616-1] X.org vulnerabilities
- [SECURITY] [DSA 1597-1] New mt-daapd packages fix several vulnerabilities
- [SECURITY] [DSA 1596-1] New typo3 packages fix several vulnerabilities
- [ MDVSA-2008:112 ] - Updated kernel packages fix security issues
- [SECURITY] [DSA 1595-1] New xorg-server packages fix several vulnerabilities
- Pooya Site Builder (PSB) SQL Injection Vulnerabilities
- DEFCON Switzerland looking for DEFCON visitors
- From: DEF CON Switzerland
- SNMPv3 Authentication Bypass - CVE-2008-0960
- ASPPortal Free Version (Topic_Id) Remote SQL Injection Vulnerability
- rPSA-2008-0189-1 kernel xen
- From: rPath Update Announcements
- iDefense Security Advisory 06.11.08: Multiple Vendor X Server MIT-SHM Extension Information Disclosure Vulnerability
- iDefense Security Advisory 06.11.08: Multiple Vendor X Server Record and Security Extensions Multiple Memory Corruption Vulnerabilities
- Xigla Multiple Products - Multiple Vulnerabilities
- iDefense Security Advisory 06.11.08: Multiple Vendor X Server Render Extension Gradient Creation Integer Overflow Vulnerability
- iDefense Security Advisory 06.11.08: Multiple Vendor X Server Render Extension ProcRenderCreateCursor() Integer Overflow Vulnerability
- iDefense Security Advisory 06.11.08: Multiple Vendor X Server Render Extension AllocateGlyph() Integer Overflow Vulnerability
- [SECURITY] [DSA 1594-1] New imlib2 packages fix arbitrary code execution
- [security bulletin] HPSBMA02340 SSRT080024, SSRT080041 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code, Denial of Service (DoS)
- phpRaider <= v1.0.6,7 Maybe Other Versions Remote File include Vulnerable
- Flat Calendar v1.1 Remote Permission Bypass Vulnerability
- CORE-2008-0125: CitectSCADA ODBC service vulnerability
- From: CORE Security Technologies Advisories
- Secunia Research: uTorrent / BitTorrent Web UI HTTP "Range" Header DoS
- PHPEasyData 1.5.4 Multiple Vulnerabilities
- TYPO3 Security Bulletin TYPO3-20080611-1: Multiple vulnerabilities in TYPO3 Core
- [security bulletin] HPSBUX02342 SSRT080063 rev.1 - HP-UX Running Apache or Tomcat with PHP, Remote Execution of Arbitrary Code
- ZDI-08-040: Microsoft DirectX SAMI File Format Name Parsing Stack Overflow Vulnerability
- ZDI-08-039: Microsoft Internet Explorer DOM Ojbect substringData() Heap Overflow Vulnerability
- Many bugs on CMS system Piugame
- [ MDVSA-2008:111 ] - Updated Evolution packages fix vulnerabilities
- ZDI-08-038: QuickTime SMIL qtnext Redirect File Execution
- iDefense Security Advisory 06.10.08: Multiple Vendor FreeType2 PFB Memory Corruption Vulnerability
- ZDI-08-037: Apple QuickTime Indeo Video Buffer Overflow Vulnerability
- XSS - Glassfish Web Admin Interface (Sun Java System Application Server 9.1_01 (build b09d-fcs) )
- iDefense Security Advisory 06.10.08: Multiple Vendor FreeType2 Multiple Heap Overflow Vulnerabilities
- iDefense Security Advisory 06.10.08: Multiple Vendor FreeType2 PFB Integer Overflow Vulnerability
- Cisco Security Advisory: SNMP Version 3 Authentication Vulnerabilities
- From: Cisco Systems Product Security Incident Response Team
- iDefense Security Advisory 06.10.08: Multiple Vendor OpenOffice rtl_allocateMemory() Integer Overflow Vulnerability
- [security bulletin] HPSBMA02338 SSRT080024, SSRT080041 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code, Denial of Service (DoS)
- Secunia Research: Apple QuickTime PICT Image Parsing Buffer Overflow
- [web-app] Insanely Simple Blog 0.5 (index) Remote SQL Injection Vulnerabilities
- [web-app] yBlog 0.2.2.2 Multiple Remote Vulnerabilities
- [web-app] DCFM Blog 0.9.4 (comments) Remote SQL Injection Vulnerability
- [web-app] ErfurtWiki <= R1.02b (css) Local File Inclusion Vulnerability
- [oCERT-2008-006] multiple SNMP implementations HMAC authentication spoofing
- [web-app] Tornado Knowledge Retrieval System <= 4.2 Remote XSS Vulnerability
- Further Correction to BID 29112 "Apache Server HTML Injection and UTF-7 XSS Vulnerability"
- From: William A. Rowe, Jr.
- [SECURITY] [DSA 1593-1] New tomcat5.5 packages cross-site scripting
- [SECURITY] [DSA 1592-2] New Linux 2.6.18 packages fix overflow conditions
- webTA by kronos - XSS
- XSS - NEXTGEN GALLERY 0.96 WORDPRESS PLUGIN
- [SECURITY] [DSA 1592-1] New Linux 2.6.18 packages fix overflow conditions
- [ GLSA 200806-03 ] Imlib 2: User-assisted execution of arbitrary code
- FreeSSHD 1.2.1 (Post Auth) Remote Seh Overflow Exploit
- [USN-615-1] Evolution vulnerabilities
- Re: iDefense Security Advisory 06.04.08: VMware Tools HGFS Local Privilege Escalation Vulnerability
- SchoolCenter URL Handling Cross Site Scripting Vulnerability
- rPSA-2008-0185-1 vsftpd
- From: rPath Update Announcements
- Vulnerability in Network General/Net Scout product
- Akamai Technologies Security Advisory 2008-0003 (Akamai Client Software)
- From: Akamai Security Team
- Secunia Research: Akamai Red Swoosh Cross-Site Request Forgery
- [ MDVSA-2008:110 ] - Updated Firefox packages fix vulnerabilities
- WEBAlbum <= 2.0 Remote Stored Cross Site Scripting Vulnerability
- F5 FirePass Content Inspection Management XSS
- Re: iDefense Security Advisory 06.04.08: VMware Tools HGFS Local Privilege Escalation Vulnerability
- iDefense Security Advisory 06.04.08: VMware Multiple Products vmware-authd Untrusted Library Loading Vulnerability
- iDefense Security Advisory 06.04.08: VMware Tools HGFS Local Privilege Escalation Vulnerability
- AST-2008-009: (Corrected subject) Remote crash vulnerability in ooh323 channel driver
- From: Asterisk Security Team
- Akamai Download Manager File Downloaded To Arbitrary Location Vulnerability
- SMEweb 1.4b (SQL/XSS) Multiple Remote Vulnerabilities
- Remote DoS vulnerability in Linksys WRH54G
- [security bulletin] HPSBST02312 SSRT071428 rev.2 - HP StorageWorks Storage Mirroring Software, Remote Execution of Arbitrary Code
- e107 Plugin echat MENU Blind SQL Injection Vulnerability
- From: hadihadi_zedehal_2006
- AST-2008-009: AST-2008-007 Cryptographic keys generated by OpenSSL on Debian-based systems compromised
- From: Asterisk Security Team
- CA Secure Content Manager HTTP Gateway Service FTP Request Vulnerabilities
- CORE-2008-0425 - NASA BigView Stack Buffer Overflow
- From: CORE Security Technologies Advisories
- Re: ZDI-08-034: HP StorageWorks Storage Mirroring Authentication Processing Stack Overflow Vulnerability
- iDefense Security Advisory 06.04.08: Kaspersky Internet Security IOCTL Stack Based Buffer Overflow Vulnerability
- iDefense Security Advisory 06.04.08: Skype File URI Security Bypass Code Execution Vulnerability
- TPTI-08-05: CA ETrust Secure Content Manager Gateway FTP LIST Stack Overflow Vulnerability
- ZDI-08-036: CA ETrust Secure Content Manager Gateway FTP LIST Stack Overflow
- ZDI-08-035: CA ETrust Secure Content Manager Gateway FTP PASV Stack Overflow Vulnerability
- ZDI-08-034: HP StorageWorks Storage Mirroring Authentication Processing Stack Overflow Vulnerability
- VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues
- From: VMware Security team
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco PIX and Cisco ASA
- From: Cisco Systems Product Security Incident Response Team
- Akamai Technologies Security Advisory 2008-0001 (Download Manager)
- From: Akamai Security Team
- iDefense Security Advisory 06.03.08: Sun Java System Active Server Pages Buffer Overflow Vulnerability
- iDefense Security Advisory 06.03.08: Sun Java System Active Server Pages Authorization Bypass Vulnerability
- iDefense Security Advisory 06.03.08: Sun Java System Active Server Pages Multiple Directory Traversal Vulnerabilities
- IMF 2008 - Deadline Extension (2nd try)
- iDefense Security Advisory 06.03.08: Sun Java System Active Server Pages Multiple Command Injection Vulnerabilities
- CSIS-RI-0003: Multiple buffer overflow vulnerabilities in HP ActiveX
- iDefense Security Advisory 06.03.08: Sun Java System Active Server Pages Information Disclosure Vulnerability
- [security bulletin] HPSBMA02326 SSRT071490 rev.1 - HP Instant Support HPISDataManager.dll Running on Windows, Remote Execution of Arbitrary Code
- iDefense Security Advisory 06.03.08: Sun Java System Active Server Pages File Creation Vulnerability
- QuickerSite Multiple Vulnerabilities
- [ MDVSA-2008:109 ] - Updated kernel packages fix bugs
- AST-2008-008: Remote Crash Vulnerability in SIP channel driver when run in pedantic mode
- From: Asterisk Security Team
- [USN-614-1] Linux kernel vulnerabilities
- AccessMe Tool Release
- [NSG 03-06-2008] C6 Messenger Installation Url DownloaderActiveX Control Remote Download & Execute Exploit
- London DEFCON June meet - DC4420 - Thursday 5th June
- [ GLSA 200806-01 ] mtr: Stack-based buffer overflow
- RE: Windows Installer msiexec GUID Buffer Overflow
- From: Thor (Hammer of God)
- [ GLSA 200806-02 ] libxslt: Execution of arbitrary code
- Re: Windows Installer msiexec GUID Buffer Overflow
- [security bulletin] HPSBST02312 SSRT071428 rev.1 - HP StorageWorks Storage Mirroring Software, Remote Execution of Arbitrary Code
- [SECURITY] [DSA 1591-1] New libvorbis packages fix several vulnerabilities
- Windows Installer msiexec GUID Buffer Overflow
- [SECURITY] CVE-2008-1947: Tomcat host-manager XSS vulnerability
- Advisory: Xerox Workaround & planned patch
- DEFCON 16 Updates - Get involved!
- rPSA-2008-0181-1 openssl openssl-scripts
- From: rPath Update Announcements
- [ECHO_ADV_96$2008] HiveMaker Professional <= 1.0.2 (cid) Sql Injection Vulnerability
- ComicShout 2.8 (news.php news_id) SQL Injection Vulnerability
- OtomiGenX v2.2 Ultimate Authentication bypass Vulnerability
- From: hadihadi_zedehal_2006
- Re: xt:Commerce possible DoS
- BP Blog 6.0 (id) Remote Blind SQL Injection Vulnerability
- ARP handler Inspection tool released
- rPSA-2008-0180-1 samba samba-client samba-server samba-swat
- From: rPath Update Announcements
- [SECURITY] [DSA 1553-2] New ikiwiki packages fix regression
- SQL Injection leading to authorization bypass in Torrent Trader Classic v1.08 and earlier
- Re: VisualSentinel 0.7 Cross Agent Scripting Vulnerability
- LokiCMS Multiple Vulnerabilities through Authorization weakness
- VisualSentinel 0.7 Cross Agent Scripting Vulnerability
- [SECURITY] [DSA 1588-2] New Linux 2.6.18 packages fix several vulnerabilities
- [SECURITY] [DSA 1590-1] New samba packages fix arbitrary code execution
- VMSA-2008-0008 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion resolve critical security issues
- From: VMware Security team
- Dot Net Nuke (DNN) <= 4.8.3 XSS Vulnerability
- XEROX DocuShare URL XSS Injection Vulnerabilities
- Re: [HV-INFO] Enova hardware encryption: false sense of security
- dvbbs8.2(access/sql)version login.asp remote sql injection
- RE: Bypassing URL Authentication and Authorization with HTTP Verb Tampering
- [ MDVSA-2008:108 ] - Updated samba packages fix arbitrary code execution vulnerability
- Flash Blog Sql Injection
- [ GLSA 200805-22 ] MPlayer: User-assisted execution of arbitrary code
- Re: [HV-INFO] Enova hardware encryption: false sense of security
- FlashBlog Remote File Upload Vulnerability
- [ GLSA 200805-23 ] Samba: Heap-based buffer overflow
- Secunia Research: imlib2 PNM and XPM Buffer Overflow
- Secunia Research: Samba "receive_smb_raw()" Buffer Overflow Vulnerability
- Calcium web calendar: Reflected XSS
- Bypassing URL Authentication and Authorization with HTTP Verb Tampering
- Vulnerability Advisory on OpenSSL
- [ MDVSA-2008:107 ] - Updated openssl package fixes denial of service vulnerabilities
- [security bulletin] HPSBUX02334 SSRT071403 rev.2 - HP-UX Running ftp, Remote Denial of Service (DoS)
- [SAMBA] CVE-2008-1105 - Boundary failure when parsing SMB responses
- From: Gerald (Jerry) Carter
- Cisco Security Advisory: CiscoWorks Common Services Arbitrary Code Execution Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- rPSA-2008-0105-1 evolution
- From: rPath Update Announcements
- Re: CORE-2008-0126: Multiple vulnerabilities in iCal
- [NSG_28-5-08] CA Internet Security Suite 2008 (UmxEventCli.dll/SaveToFile()) remote file corruption poc
- RE: function sleep() in all versions of PHP
- Re: function sleep() in all versions of PHP
- rPSA-2008-0178-1 php php-mysql php-pgsql
- From: rPath Update Announcements
- iDefense Security Advisory 05.27.08: EMC AlphaStor Server Agent Multiple Stack Buffer Overflow Vulnerabilities
- ZDI-08-033: Motorola RAZR JPG Processing Stack Overflow Vulnerability
- iDefense Security Advisory 05.27.08: EMC AlphaStor Library Manager Arbitrary Command Execution Vulnerability
- Re: IOS Rookit: the sky isn't falling (yet)
- [ GLSA 200805-21 ] Roundup: Permission bypass
- rPSA-2008-0177-1 emacs emacs-leim
- From: rPath Update Announcements
- Re: function sleep() in all versions of PHP
- Re: function sleep() in all versions of PHP
- [SECURITY] [DSA 1588-1] New Linux 2.6.18 packages fix several vulnerabilities
- Re: function sleep() in all versions of PHP
- Re: MDAP ANTs PWNAGE: dumping the admin password of the BT Home Hub
- Security, Open Source Style
- Re: function sleep() in all versions of PHP
- From: Juan Miguel - Prisma Virtual -
- Re: CORE-2008-0126: Multiple vulnerabilities in iCal
- From: security curmudgeon
- IOS Rookit: the sky isn't falling (yet)
- RoomPHPlanning 1.5 (weekview.php) SQL Injection Vulnerability
- From: hadihadi_zedehal_2006
- [security bulletin] HPSBUX02335 SSRT071454 rev.2 - HP-UX Running useradd(1M), Local Unauthorized Access
- Re: Vbulletin 3.7.0 Gold >> Sql injection on faq.php
- T2'08: Call for Papers 2008 (Helsinki / Finland)
- Re: function sleep() in all versions of PHP
- [SECURITY] [DSA 1587-1] New mtr packages fix execution of arbitrary code
- SECOBJADV-2008-01: Lenovo SystemUpdate SSL Certificate Issuer Spoofing Vulnerability
- From: Security Objectives, Inc.
- Zina 1.0rc3 Remote Directory Traversal Vulnerability & XSS Vulnerability
- Repair Online v1.2 (sentout) Create Admin Vulnerability
- Advisory - Rsyncrypto maybe affected from Debian OpenSSL reduced entropy problem
- Campus Bulletin Board v3.4 Multiple Remote Vulnerabilities
- Ablespace 1.0 'cat_id' Parameter SQL Injection Vulnerability
- Class System v2.3 Multiple Remote Vulnerabilities
- Mini-CWB <= 2.1.1 Remote XSS Vulnerability
- function sleep() in all versions of PHP
- phpFix v2 Multiple SQL Injection Vulnerability
- Excuse Online (pwd) SQL Injection Vulnerability
- Re: vuln in WordPress plugin Upload File(UP)
- Re: IOS rootkits (fwd)
- PCPIN Chat 6: potential XSS vulnerability in URL redirection script
- vuln in WordPress plugin Upload File(UP)
- Re: BosNews v4.0 Remote add user admin
- dzoic handshakes sql injection >> index.php on $fname
- [ MDVSA-2008:106 ] - Updated gnutls packages fix denial of service vulnerabilities
- xt:Commerce possible DoS
- rPSA-2008-0176-1 php php-cgi php-imap php-mcrypt php-mysql php-mysqli php-pgsql php-soap php-xsl php5 php5-cgi php5-imap php5-mcrypt php5-mysql php5-mysqli php5-pear php5-pgsql php5-soap php5-xsl
- From: rPath Update Announcements
- PR07-15: Cross-site Scripting (XSS) / HTML injection on F5 FirePass 4100 SSL VPN 'my.logon.php3' server-side script
- From: Ricardo Martins - Chief Security Officers
- [DSECRG-08-025] Local File Include in OneCMS 2.5
- From: Digital Security Research Group
- e107 Plugin BLOG Engine v2.2 (macgurublog.php/uid) Blind SQL Injection Vulnerability
- From: hadihadi_zedehal_2006
- [DSECRG-08-024] Multiple Security Vulnerabilities (RFI,LFI,XSS) in QuateCMS
- From: Digital Security Research Group
- Re: Re: Vbulletin 3.7.0 Gold >> Sql injection on faq.php
- Re: /home/putnopvut/asa/AST-2008-007/AST-2008-007: AST-2008-007 Cryptographic keys generated by OpenSSL on Debian-based systems compromised
- [SECURITY] [DSA 1586-1] New xine-lib packages fix several vulnerabilities
- abledating 2.4 >> Sql injection and cross site scripting on search_results.php
- IRM Security Advisory : Barracuda Networks Spam Firewall Cross-Site Scripting Vulnerability
- rPSA-2008-0174-1 gnutls
- From: rPath Update Announcements
- /home/putnopvut/asa/AST-2008-007/AST-2008-007: AST-2008-007 Cryptographic keys generated by OpenSSL on Debian-based systems compromised
- From: Asterisk Security Team
- BMForum Remote 5.6 Miltiple XSS Vulnerability
- Exteen Blog XSS Remote Cookie Disclosure Exploit
- [security bulletin] HPSBUX02337 SSRT080072 rev.1 - HP-UX Running HP-UX Secure Shell, Local Unauthorized Access and Denial of Service (DoS)
- phpSQLiteCMS Multiple Remote XSS Vulnerability
- PHPFreeForum <= 1.0 RC2 Remote XSS Vulnerability
- ZDI-08-031: Trillian MSN MIME Header Stack-Based Overflow Vulnerability
- ZDI-08-030: Trillian Multiple Protocol XML Parsing Memory Corruption Vulnerability
- ZDI-08-029: Trillian AIM.DLL Long HTML Font Parameter Stack Overflow Vulnerability
- ZDI-08-028: IBM Lotus Sametime Community Services Multiplexer Stack Overflow Vulnerability
- [ GLSA 200805-20 ] GnuTLS: Execution of arbitrary code
- MDAP ANTs PWNAGE: dumping the admin password of the BT Home Hub
- iDefense Security Advisory 05.21.08: Multiple Vendor Snort IP Fragment TTL Evasion Vulnerability
- www file share pro 5.30 insecure multiple
- CORE-2008-0126: Multiple vulnerabilities in iCal
- From: Core Security Technologies Advisories
- Re: Vbulletin 3.7.0 Gold >> Sql injection on faq.php
- [SECURITY] [DSA 1584-1] New libfissound packages fix execution of arbitrary code
- [USN-612-8] openssl-blacklist update
- Cisco Security Advisory: Cisco Voice Portal Privilege Escalation Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco IOS Secure Shell Denial of Service
- From: Cisco Systems Product Security Incident Response Team
- [USN-613-1] GnuTLS vulnerabilities
- Re: Re: Re: Exploiting Google MX servers as Open SMTP Relays
- Re: mjguest 6.7 (ALL VERSION) Xss & Redirection Vuln
- [DSECRG-08-020] Alcatel OmniPCX Office Remote Comand Execution
- From: Digital Security Research Group
- [DSECRG-08-023] SAP Web Application Server XSS Security Vulnerability
- From: Digital Security Research Group
- [ MDVSA-2008:105 ] - Updated kernel packages fix vulnerabilities
- Re: Vbulletin 3.7.0 Gold >> Sql injection on faq.php
- CORE-2008-0415: Borland Interbase 2007 Integer Overflow
- From: CORE Security Technologies
- RE: An account of the Estonian Internet War
- [ GLSA 200805-18 ] Mozilla products: Multiple vulnerabilities
- [ GLSA 200805-19 ] ClamAV: Multiple vulnerabilities
- [ GLSA 200805-17 ] Perl: Execution of arbitrary code
- [SECURITY] [DSA 1582-1] New peercast packages fix arbitrary code execution
- [SECURITY] [DSA 1583-1] New gnome-peercast packages fix several vulnerabilities
- RE: An account of the Estonian Internet War
- Mantis Bug Tracker 1.1.1 Multiple Vulnerabilities
- [SECURITY] [DSA 1581-1] New gnutls13 packages fix potential code execution
- [security bulletin] HPSBUX02332 SSRT080056 rev.2 - HP-UX Running Apache With PHP, Remote Denial of Service (DoS), Gain Extended Privileges
- [security bulletin] HPSBUX02335 SSRT071454 rev.1 - HP-UX Running useradd(1M), Local Unauthorized Access
- ZDI-08-026: CA BrightStor ARCserve Backup Remote Buffer Overflow
- Starsgames Control Panel <= 4.6.2 Remote XSS Vulnerability
- [SECURITY] [DSA 1580-1] New phpgedview packages fix privilege escalation
- Secunia Research: Foxit Reader "util.printf()" Buffer Overflow
- Vbulletin 3.7.0 Gold >> Sql injection on faq.php
- eCMS-v0.4.2 (SQL/PB) Multiple Remote Vulnerabilities
- From: hadihadi_zedehal_2006
- Vulnerability Advisory on GnuTLS
- [USN-612-7] OpenSSH update
- CA ARCserve Backup caloggerd and xdr Functions Vulnerabilities
- An account of the Estonian Internet War
- AppServ Open Project < = 2.5.10 Remote XSS Vulnerability
- ZDI-08-027: CA BrightStor ARCserve Backup Arbitrary File Writing Vulnerability
- Mtr - remote and local stack overflow - uncomment situation in libresolv.
- [security bulletin] HPSBST02336 SSRT080071 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-026 to MS08-029
- [ MDVSA-2008:103 ] - Updated libid3tag packages fix denial of service vulnerability
- Re: Cpanel all version >> root access with a reseller account.
- Insomnia : ISVA-080516.1 - Altiris Deployment Solution - SQL Injection
- DoS attacks using SQL Wildcards - White Paper
- Re: Apache Server HTML Injection and UTF-7 XSS Vulnerability
- From: William A. Rowe, Jr.
- Microsoft word javascript execution
- Wordpress Malicious File Execution Vulnerability
- Re: Re: Re: Re: Re: Apache Server HTML Injection and UTF-7 XSS Vulnerability
- Insomnia : ISVA-080516.2 - Altiris Deployment Solution - Domain Account Disclosure
- Smeego CMS vulnerability
- [SECURITY] [DSA 1579-1] New netpbm-free packages fix arbitrary code execution
- Re: Apple iPhone 1.1.3 remote DoS exploit
- Cpanel all version >> root access with a reseller account.
- Re: Re: Re: Re: Apache Server HTML Injection and UTF-7 XSS Vulnerability
- Re: Re: Re: Re: Apache Server HTML Injection and UTF-7 XSS Vulnerability
- Re: Re: Re: Re: Apache Server HTML Injection and UTF-7 XSS Vulnerability
- StanWeb.CMS (default.asp id) Remote SQL Injection Exploit
- PHP-Nuke Module KuraniKerim [sid] SQL Injection
- [SECURITY] [DSA 1578-1] New php4 packages fix several vulnerabilities
- CFP for HITBSecConf2008 - Malaysia now open
- IOS rootkits
- [ MDVSA-2008:101 ] - Updated rdesktop packages fix vulnerabilities
- [ MDVSA-2008:102 ] - Updated libvorbis packages fix vulnerabilities
- [SECURITY] [DSA 1576-2] New openssh packages fix predictable randomness
- Re: Re: Re: Apache Server HTML Injection and UTF-7 XSS Vulnerability
- Hack.lu 2008 CfP
- ZDI-08-025: Symantec Altiris Deployment Solution Domain Credential Disclosure Vulnerability
- ZDI-08-024: Symantec Altiris Deployment Solution SQL Injection Vulnerability
- SunShop Version 3.5.1 Remote Blind Sql Injection
- RE: Cisco Security Advisory: Cisco Unified Presence Denial of Service Vulnerabilities (UNCLASSIFIED)
- From: Walker, Theresa A CIV DISA CSD
- Re: Re: Re: Apache Server HTML Injection and UTF-7 XSS Vulnerability
- Aruba Mobility Controller TACACS User Authentication and Cross Site Scripting Vulnerabilities (Aruba Advisory ID: AID-051408)
- From: Robbie (Rupinder) Gill
- Debian generated SSH-Keys working exploit
- Kostenloses Linkmanagementscript SQL Injection Vulnerabilities
- From: hadihadi_zedehal_2006
- Re: Re: Re: Apache Server HTML Injection and UTF-7 XSS Vulnerability
- [USN-612-6] OpenVPN regression
- [ GLSA 200805-16 ] OpenOffice.org: Multiple vulnerabilities
- Correction to BID 29112 "Apache Server HTML Injection and UTF-7 XSS Vulnerability"
- From: William A. Rowe, Jr.
- Re: Cisco BBSM Captive Portal Cross-site Scripting
- Cisco Security Advisory: Cisco Unified Presence Denial of Service Vulnerabilities
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco Content Switching Module Memory Leak Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- [ GLSA 200805-15 ] libid3tag: Denial of Service
- [USN-612-5] OpenSSH update
- Cisco Security Advisory: Cisco Unified Communications Manager Denial of Service Vulnerabilities
- From: Cisco Systems Product Security Incident Response Team
- CFP: European Conference on Computer Network Defense
- [SECURITY] [DSA 1576-1] New openssh packages fix predictable randomness
- [USN-612-4] ssl-cert vulnerability
- Malformed Acrobat Distiller 8 .joboptions
- Microsoft Office Publisher PUB File Parsing Remote Memory Corruption Vulnerability
- [SECURITY] [DSA 1577-1] New gforge packages fix insecure temporary files
- Cisco BBSM Captive Portal Cross-site Scripting
- [ GLSA 200805-14 ] Common Data Format library: User-assisted execution of arbitrary code
- iDefense Security Advisory 05.13.08: Microsoft Word CSS Processing Memory Corruption Vulnerability
- ZDI-08-023: Microsoft Office RTF Parsing Engine Memory Corruption Vulnerability
- TPTI-08-04: Microsoft Office Jet Database Engine Column Parsing Stack Overflow Vulnerability
- [USN-612-2] OpenSSH vulnerability
- [USN-612-1] OpenSSL vulnerability
- [SECURITY] [DSA 1571-1] New openssl packages fix predictable random number generator
- iDefense Security Advisory 05.12.08: Microsoft Windows I2O Filter Utility Driver (i2omgmt.sys) Local Privilege Escalation Vulnerability
- [SECURITY] [DSA 1575-1] New Linux 2.6.18 packages fix denial of service
- [MajorSecurity Advisory #52]ActualAnalyzer family - Cross Site Scripting Issues
- [ GLSA 200805-13 ] PTeX: Multiple vulnerabilities
- [ GLSA 200805-12 ] Blender: Multiple vulnerabilities
- [ GLSA 200805-11 ] Chicken: Multiple vulnerabilities
- Re: Re: Re: Apache Server HTML Injection and UTF-7 XSS Vulnerability
- [security bulletin] HPSBUX02334 SSRT071403 rev.1 - HP-UX Running ftp, Remote Denial of Service (DoS)
- Re: Exploiting Google MX servers as Open SMTP Relays
- Re: Re: Exploiting Google MX servers as Open SMTP Relays
- [SECURITY] [DSA 1574-1] New icedove packages fix several vulnerabilities
- Re: Exploiting Google MX servers as Open SMTP Relays
- [SECURITY] [DSA 1573-1] New php5 packages fix several vulnerabilities
- Confirmed Program for SyScan'08 Hong Kong
- From: organiser@xxxxxxxxxx
- [ GLSA 200805-10 ] Pngcrush: User-assisted execution of arbitrary code
- [SECURITY] [DSA 1572-1] New php5 packages fix several vulnerabilities
- Re: Exploiting Google MX servers as Open SMTP Relays
- Joomla Component xsstream-dm 0.01 Beta SQL Injection
- [ MDVSA-2008:100 ] - Updated perl packages fix denial of service vulnerability
- [SECURITY] [DSA 1573-1] New rdesktop packages fix several vulnerabilities
- [ GLSA 200805-09 ] MoinMoin: Privilege escalation
- Re: Re: Apache Server HTML Injection and UTF-7 XSS Vulnerability
- Re: Exploiting Google MX servers as Open SMTP Relays
- Re: Exploiting Google MX servers as Open SMTP Relays
- Re: Exploiting Google MX servers as Open SMTP Relays
- OtherLogic[vocourse.php]SQL Injection Exploit
- Re: Exploiting Google MX servers as Open SMTP Relays
- Re: Apache Server HTML Injection and UTF-7 XSS Vulnerability
- SazCart <= 1.5.1 (prodid) Remote SQL Injection Exploit
- [ GLSA 200805-07 ] Linux Terminal Server Project: Multiple vulnerabilities
- [ MDVSA-2008:099 ] - Updated ImageMagick packages fix vulnerabilities
- XSS and CSRF vulnerability on Cpanel 11
- FInal EUSecWest 2008 Speakers
- [ GLSA 200805-06 ] Firebird: Data disclosure
- Oracle Application Server 10G ORA_DAV Basic Authentication Bypass Vulnerability
- [ GLSA 200805-08 ] InspIRCd: Denial of Service
- Apache Server HTML Injection and UTF-7 XSS Vulnerability
- [USN-611-3] GStreamer Good Plugins vulnerability
- [USN-611-2] vorbis-tools vulnerability
- FLEA-2008-0008-1 firefox
- From: Foresight Linux Essential Announcement Service
- [USN-611-1] Speex vulnerability
- Re: After 6 months - fix available for Microsoft DNS cache poisoning attack
- ezContents CMS Version 2.0.0 SQL Injection Vulnerabilities
- From: hadihadi_zedehal_2006
- Re: [ECHO_ADV_91$2008] Online Rental Property Script <= 4.5 (pid) Blind Sql Injection Vulnerability
- iDefense Security Advisory 05.07.08: Multiple Vendor rdesktop process_redirect_pdu() BSS Overflow Vulnerability
- ZYWALL Referer Header XSS Vulnerability
- iDefense Security Advisory 05.07.08: Multiple Vendor rdesktop channel_process() Integer Signedness Vulnerability
- [ GLSA 200805-04 ] eGroupWare: Multiple vulnerabilities
- Re: After 6 months - fix available for Microsoft DNS cache poisoning attack
- Novell Client <= 4.91 SP4 Local Stack overflow / B.S.O.D (unauthentificated user)
- iDefense Security Advisory 05.07.08: Multiple Vendor rdesktop iso_recv_msg() Integer Underflow Vulnerability
- Exploiting Google MX servers as Open SMTP Relays
- Vulnerability in Multiple Web Application
- Re: Microsot DID DISCLOSE potential Backdoor
- Re: Microsot DID DISCLOSE potential Backdoor
- RE: Microsot DID DISCLOSE potential Backdoor
- VBZooM <=V1.11 "reply.php" SQL Injection Vulnerability
- Re: QTOFileManager V 1.0<== Remote File Upload Vulnerability
- Multiple XSS In TuxCMS All Version
- [ GLSA 200805-03 ] Multiple X11 terminals: Local privilege escalation
- [USN-610-1] LTSP vulnerability
- [USN-609-1] OpenOffice.org vulnerabilities
- rPSA-2008-0162-1 kernel
- From: rPath Update Announcements
- Adobe Acrobat Professional Javascript For PDF Security Feature Bypass and Memory Corruption Vulnerabilities
- [Advisory Update]Adobe Reader/Acrobat Remote PDF Print Silently Vulnerability
- rPSA-2008-0157-1 kernel
- [ MDVSA-2008:098 ] - Updated openssh packages fix vulnerability
- [ MDVSA-2008:096 ] - Updated emacs packages fix vulnerability in vcdiff
- [ MDVSA-2008:097 ] - Updated kdelibs packages fix vulnerability in start_kdeinit
- mvnForum 1.1 Cross Site Scripting
- Sphider 1.3.4 Cross Site Scripting
- [SECURITY] [DSA 1570-1] New kazehakase packages fix execution of arbitrary code
- [USN-605-1] Thunderbird vulnerabilities
- Power Editor LOCAL FILE INCLUSION Vulnerbility
- From: hadihadi_zedehal_2006
- [USN-607-1] Emacs vulnerabilities
- QTOFileManager V 1.0<== Remote File Upload Vulnerability
- Invitation - OWASP AppSec Europe May 19-22 2008 - Belgium
- From: Sebastien Deleersnyder
- [USN-608-1] KDE vulnerability
- [security bulletin] HPSBMA02331 SSRT080000 rev.2 - HP-UX running WBEM Services, Remote Execution of Arbitrary Code, Gain Extended Privileges
- HPSBUX02332 SSRT080056 rev.1 - HP-UX running Apache with PHP, Remote Denial of Service (DoS), Gain Extended Privileges
- RE: Microsot DID DISCLOSE potential Backdoor
- HPSBUX02324 SSRT080034 rev.1 - HP-UX Running Netscape Directory Server (NDS), Local Gain Extended Privileges
- [tool announcement] tmin - a handy fuzzing test case optimizer
- [SECURITY] [DSA 1554-2] New roundup packages fix regression
- Advisory SE-2008-03: PHP Multibyte Shell Command Escaping Bypass Vulnerability
- [SECURITY] [DSA 1569-2] New cacti packages fix regression
- [ GLSA 200805-02 ] phpMyAdmin: Information disclosure
- Advisory SE-2008-02: PHP GENERATE_SEED() Weak Random Number Seed Vulnerability
- Security Advisory for Bugzilla 3.0.3, 3.1.3, 2.22.3, and 2.20.5
- [ GLSA 200805-01 ] Horde Application Framework: Multiple vulnerabilities
- CORE-2008-0129 - Wonderware SuiteLink Denial of Service vulnerability
- From: CORE Security Technologies Advisories
- Novell eDirectory unauthenticated access to SOAP interface
- Novell eDirectory DoS via HTTP headers
- [SECURITY] [DSA 1569-1] New cacti packages fix multiple vulnerabilities
- [ECHO_ADV_93$2008] Kmita Tellfriend <= 2.0 (file) Remote File Inclusion Vulnerability
- [ECHO_ADV_94$2008] Kmita Mail <= 3.0 (file) Remote File Inclusion Vulnerability
- Scout Portal Toolkit <= 1.4.0 (ParentId) Remote SQL Injection Exploit
- [ECHO_ADV_92$2008] Anserv Auction XL (viewfaqs.php cat) Blind Sql Injection Vulnerability
- [ECHO_ADV_90$2008] PostNuke Module pnEncyclopedia <= 0.2.0 (id) Blind Sql Injection Vulnerability
- [ECHO_ADV_95$2008] BackLinkSpider (cat_id) Blind Sql Injection Vulnerability
- [SECURITY] [DSA 1568-1] New b2evolution packages fix cross site scripting
- [SECURITY] [DSA 1567-1] New blender packages fix arbitrary code execution
- [ECHO_ADV_91$2008] Online Rental Property Script <= 4.5 (pid) Blind Sql Injection Vulnerability
- [USN-606-1] CUPS vulnerability
- LifeType 1.2.8
- Maian Uploader v4.0 XSS Vulnerabilities
- Re: Lifetype 1.2.7 XSS Vulnerability
- Re: Re: GroupWise 7.0 mailto: scheme buffer overflow
- Microsot DID DISCLOSE potential Backdoor
- Maian Links v3.1 XSS Vulnerabilities
- Maian Music v1.1 Multiple Vulnerabilities (Xss/SQL Injection)
- Maian Recipe v1.2 Xss Vulnerabilities
- Multiple vulnerabilities in WebMod 0.48
- Maian Support v1.3 Xss Vulnerabilities
- Maian Greeting v2.1 Multiple Vulnerabilities (XSS/SQL INJECTION)
- Maian Weblog v4.0 XSS Vulnerabilities
- Maian Guestbook v3.2 XSS Vulnerabilities
- Maian Search v1.1 Multiple Vulnerabilities (XSS/SQL INJECTION)
- Maian Cart v1.1 XSS Vulnerabilities
- Maian Gallery v2.0 XSS Vulnerability
- Photos and Presentation Materials from HITBSecConf2008 - Dubai Released
- Re: GroupWise 7.0 mailto: scheme buffer overflow
- SiteXS CMS Remote File Upload Vulnerability
- [TOOL] SSL Capable NetCat (and more)
- Fixed: LiveCart SQL injection vulnerability fixed since version 1.1.2
- blur6ex-0.3.462 LOCAL FILE INCLUSION Vulnerbility
- From: hadihadi_zedehal_2006
- rPSA-2008-0157-1 kernel
- From: rPath Update Announcements
- Denial of Service in Call of Duty 4 1.5
- chicomas.2.0.4
- [ MDVSA-2008:095 ] - Updated OpenOffice.org packages fix vulnerabilities
- Zomplog 3.8.2 XSS Vulnerability
- project alumni v1.0.9 (info.php) SQL Injection Vulnerability
- From: hadihadi_zedehal_2006
- Lifetype 1.2.7 XSS Vulnerability
- BlackBook v1.0 Multiple XSS Vulnerabilities
- [SECURITY] [DSA 1566-1] New cpio packages fix denial of service
- Re: netOffice Dwins 1.3 Remote code execution.
- php-addressbook v2.0 Multiple Remote Vulnerabilities (LFI/XSS)
- [SECURITY] [DSA 1565-1] New Linux 2.6.18 packages fix several vulnerabilities
- Team SHATTER Security Advisory: Oracle Database Buffer Overflow in SYS.KUPF$FILE_INT.GET_FULL_FILENAME (DB11)
- Team SHATTER Security Advisory: Oracle Database SQL Injection in SYS.DBMS_CDC_UTILITY.LOCK_CHANGE_SET (DB02)
- vlBook 1.21 (ALL VERSION)
- mjguest 6.7 (ALL VERSION) Xss & Redirection Vuln
- Team SHATTER Security Advisory: Oracle Database Buffer Overflow in SYS.DBMS_AQJMS_INTERNAL (DB15)
- [SECURITY] [DSA 1564-1] New wordpress packages fix several vulnerabilities
- iDefense Security Advisory 04.30.08: Akamai Download Manager Arbitrary Program Execution Vulnerability
- XSS in AstroCam
- Re: R.I.P. rgod
- Re: Re: heanet.dl.sourceforge.net hacked?
- From: securityfocus . com
- Re: heanet.dl.sourceforge.net hacked?
- [SECURITY] [DSA 1563-1] New asterisk packages fix denial of service
- Re: heanet.dl.sourceforge.net hacked?
- Re: heanet.dl.sourceforge.net hacked?
- Re: heanet.dl.sourceforge.net hacked?
- heanet.dl.sourceforge.net hacked?
- CFP: Workshop on Open Source Software for Computer and Network Forensics
- Re: rPSA-2008-0151-1 libpng
- Critical Vulnerability in SNMPc
- From: NGSSoftware Insight Security Research
- [security bulletin] HPSBMA02331 SSRT080000 rev.1 - HP-UX running WBEM Services, Remote Execution of Arbitrary Code, Gain Extended Privileges
- [ MDVSA-2008:093 ] - Updated vorbis-tools packages fix vulnerabilities
- [ MDVSA-2008:092 ] - Updated gstreamer-plugins-good packages fix vulnerabilities
- Re: R.I.P. rgod
- XSS Attack
- Re: Yourfreeworld Styleish Text Ads Script
- rPSA-2008-0151-1 libpng
- From: rPath Update Announcements
- SugarCRM Community Edition Local File Disclosure Vulnerability
- [ GLSA 200804-30 ] KDE start_kdeinit: Multiple vulnerabilities
- Re: h2desk helpdesk path disclosure vulnerability
- CORE-2008-0320 - Insufficient argument validation of hooked SSDT functions on multiple Antivirus and Firewalls
- From: CORE Security Technologies Advisories
- [ECHO_ADV_89$2008] Softbiz Web Host Directory Script (search_result.php host_id) Blind Sql Injection Vulnerability
- [ECHO_ADV_88$2008] Prozilla Hosting Index (directory.php cat_id) Blind Sql Injection Vulnerability
- [SECURITY] [DSA 1562-1] New iceape packages fix arbitrary code execution
- Microsoft SWI blog inaccuracies
- Minibb 2.2a XSS Vulnerability
- [SECURITY] [DSA 1561-1] New ldm packages fix information disclosure
- bug report
- London DEFCON meet - Thursday 1st May - DC4420
- GroupWise 7.0 mailto: scheme buffer overflow
- [SECURITY] [DSA 1560-1] New kronolith2 packages fix cross site scripting
- [SECURITY] [DSA 1556-2] New perl packages fix denial of service
- Re: R.I.P. rgod
- Re: Simple Machines Forum "SMF Shoutbox" Mod Persistent XSS
- rPSA-2008-0149-1 idle python
- From: rPath Update Announcements
- IMF 2008 - 2nd Call for Papers
- Re: Firefox 3.0 beta 5 crash (Slightly unrelated)
- Wordpress 2.5 Cookie Integrity Protection Vulnerability
- Re: Curious vulnerability in Excel 2007
- GroupWise 7 attached bugs
- Curious vulnerability in Excel 2007
- Re: Firefox 3.0 beta 5 crash
- [ GLSA 200804-29 ] Comix: Multiple vulnerabilities
- R.I.P. rgod
- Lotus expeditor rcplauncher uri handler vulnerability
- [ MDVSA-2008:091 ] - Updated wireshark packages fix denial of service vulnerabilities
- [SECURITY] [DSA 1558-1] New xulrunner packages fix arbitrary code execution
- [SECURITY] [DSA 1534-2] New iceape packages fix regression
- [SECURITY] [DSA 1556-1] New perl packages fix denial of service
- [SECURITY] [DSA 1557-1] New phpmyadmin packages fix several vulnerabilities
- HPSBGN02333 SSRT080031 rev.1 - HP Software Update HPeDiag Running on Windows, Remote Disclosure of Information and Execution of Arbitrary Code
- A New Class of Vulnerability in Oracle: Lateral SQL Injection
- [ GLSA 200804-27 ] SILC: Multiple vulnerabilities
- DDIVRT-2008-11 BadBlue uninst.exe DoS
- From: vulnerabilityresearch
- Trillian 3.1 basic nick crash
- [ GLSA 200804-28 ] JRockit: Multiple vulnerabilities
- Re: xine-lib NES Sound Format Demuxer Buffer Overflow
- xine-lib NES Sound Format Demuxer Buffer Overflow
- [W01-0408] Realtek HD Audio Codec Drivers (Vista) - Local Privilege Escalation
- PR07-44: XSS on RSA Authentication Agent login page
- From: ProCheckUp Research
- PR07-43: Cross-domain redirect on RSA Authentication Agent
- From: ProCheckUp Research
- Re: NetClassifieds Sql Injection
- [ GLSA 200804-26 ] Openfire: Denial of Service
- [ GLSA 200804-25 ] VLC: User-assisted execution of arbitrary code
- [SECURITY] [DSA 1555-1] New iceweasel packages fix arbitrary code execution
- Zune software - arbitrary file overwrite
- NetClassifieds Sql Injection
- LayerOne 2008 - Final Pre-Con Update
- Horde Webmail XSS [Aria-Security]
- AST-2008-006 - 3-way handshake in IAX2 incomplete
- Re: Default key algorithm in Thomson and BT Home Hub routers
- Default key algorithm in Thomson and BT Home Hub routers
- [SECURITY] [DSA 1554-1] New roundup packages fix cross-site scripting vulnerability
- Re: Firefox 3.0 beta 5 crash
- Firefox 3.0 beta 5 crash
- Safari 3.1.1 Multiple Vulnerabilities for windows
- Cross site scripting issues in s9y (CVE-2008-1386, CVE-2008-1387)
- [USN-604-1] Gnumeric vulnerability
- Correcting CVEs (was Re: [Full-disclosure] Cross site scripting issues in s9y (CVE-2008-1386, CVE-2008-1387))
- [USN-602-1] Firefox vulnerabilities
- Re: Powered by gCards v1.46 SQL
- [ GLSA 200804-24 ] DBmail: Data disclosure
- Xoops All Version -Articles- Article.PHP (ID) Blind SQL Injection ExpL0it
- [ GLSA 200804-23 ] CUPS: Integer overflow vulnerability
- ANNOUNCE: Security Implications of Windows Access Tokens Whitepaper
- Sea-Surfing on the Motorola Surfboard
- From: th3 . r00k . nospam
- Re: Re: Smf 1.1.4 Remote File Inclusion Vulnerabilities
- Powered by gCards v1.46 SQL
- IRM Security Advisory : RedDot CMS SQL injection vulnerability
- [SECURITY] [DSA 1553-1] New ikiwiki packages fix cross-site request forgery
- Acidcat CMS Multiple Vulnerabilities
- [ MDVSA-2008:090 ] - Updated OpenOffice.org packages fix vulnerabilities
- Deciphering the PHP-Nuke Capthca
- From: Michael . Brooks . SPAM
- SyScan'08 Singapore - Call for Paper
- From: organiser@xxxxxxxxxx
- Deciphering the Simple Machines Forum audio Captcha
- From: Michael . Brooks . SPAM
- Token Kidnapping (Microsoft Security Advisory 951306) presentation available
- [SECURITY] [DSA 1552-1] New mplayer packages fix arbitrary code execution
- [SECURITY] [DSA 1551-1] New python2.4 packages fix several vulnerabilities
- ANNOUNCE: RFIDIOt-0.1s release (now available for Windows)
- Team SHATTER Security Advisory: IBM DB2 UDB Arbitrary code execution in ADMIN_SP_C/ADMIN_SP_C2 procedures
- [ GLSA 200804-22 ] PowerDNS Recursor: DNS Cache Poisoning
- Team SHATTER Security Advisory: IBM DB2 UDB Arbitrary file overwrite in SYSPROC.NNSTAT procedure
- Team SHATTER Security Advisory: Multiple DoS in JAR files manipulation procedures
- Wikepage Wiki v.2007-2 Cross-Site Scripting
- [ GLSA 200804-21 ] Adobe Flash Player: Multiple vulnerabilities
- LightNEasy v.1.2.2 flat Multiple Vulnerabilities
- 5th avenue Shopping Cart SQL Injection
- [ GLSA 200804-20 ] Sun JDK/JRE: Multiple vulnerabilities
- BitTorrent Clients and CSRF
- From: th3 . r00k . nospam
- [ MDVSA-2008:089 ] - Updated poppler packages fix vulnerability
- [ MDVSA-2008:088 ] - Updated clamav packages fix multiple vulnerabilities
- [ GLSA 200804-19 ] PHP Toolkit: Data disclosure and Denial of Service
- iDefense Security Advisory 04.17.08: Multiple Vendor OpenOffice QPRO File Parsing Integer Underflow Vulnerability
- iDefense Security Advisory 04.17.08: Multiple Vendor OpenOffice QPRO Multiple Heap Overflow Vulnerabilities
- iDefense Security Advisory 04.17.08: Multiple Vendor OpenOffice EMF EMR_BITBLT Record Integer Overflow Vulnerability
- iDefense Security Advisory 04.17.08: Multiple Vendor OpenOffice OLE DocumentSummaryInformation Heap Overflow Vulnerability
- [SECURITY] [DSA 1550-1] New suphp packages fix local privilege escalation
- Re: [Full-disclosure] Secunia Research: Lotus Notes Folio Flat File Parsing Buffer Overflows
- [SECURITY] [DSA 1549-1] New clamav packages fix several vulnerabilities
- Re: BigAnt Server 2.2 PreAuth Remote SEH Overflow Exploit (0day)
- [USN-603-2] KOffice vulnerability
- [USN-603-1] poppler vulnerability
- [SECURITY] [DSA 1548-1] New xpdf packages fix arbitrary code exitution
- Announcement - DeepSec Conference 2008, Nov 11-14 2008
- Microsoft Works 7 WkImgSrv.dll crash POC
- [security bulletin] HPSBMA02328 SSRT071293 rev.2 - HP OpenView Network Node Manager (OV NNM) Running Apache, Remote Cross Site Scripting (XSS), Denial of Service (DoS), Execute Arbitrary Code
- [security bulletin] HPSBST02329 SSRT080048 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-018 to MS08-025
- [security bulletin] HPSBMA02133 SSRT061201 rev.8 - HP Oracle for OpenView (OfO) Critical Patch Update
- [ GLSA 200804-18 ] Poppler: User-assisted execution of arbitrary code
- [ GLSA 200804-17 ] Speex: User-assisted execution of arbitrary code
- [ GLSA 200804-16 ] rsync: Execution of arbitrary code
- [SECURITY] [DSA 1547-1] New OpenOffice.org packages fix arbitrary code execution
- [oCERT-2008-004] multiple speex implementations insufficient boundary checks
- [ MDVSA-2008:087 ] - Updated policykit package fixes format string vulnerability
- FreeBSD Security Advisory FreeBSD-SA-08:05.openssh
- From: FreeBSD Security Advisories
[Index of Archives]
[Linux Security]
[Netfilter]
[PHP]
[Yosemite News]
[Linux Kernel]
