Bugtraq
[Prev Page][Next Page]
- [IMF 2009] Call for Papers,
Oliver Goebel
- [ GLSA 200901-14 ] Scilab: Insecure temporary file usage,
Pierre-Yves Rofes
- Joomla component beamospetition 1.0.12 Sql Injection,
vds_s
- Cisco Security Advisory: Cisco Unified Communications Manager CAPF Denial of Service Vulnerability`,
Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco Security Manager Vulnerability,
Cisco Systems Product Security Incident Response Team
- [DSECRG-09-004] AXIS 70U Network Document Server - Privilege Escalation and XSS,
Digital Security Research Group
- CfP: 16th ACM Conference on Computer and Communications Security (CCS) 2009,
Christopher Kruegel
- [SECURITY] [DSA 1709-1] New shadow packages fix privilege escalation,
Thijs Kinkhorst
- [SECURITY] [DSA 1693-2] New phppgadmin packages fix regression,
Thijs Kinkhorst
- rPSA-2009-0014-1 hplip,
rPath Update Announcements
- [ GLSA 200901-13 ] Pidgin: Multiple vulnerabilities,
Pierre-Yves Rofes
- rPSA-2009-0008-1 openssl,
rPath Update Announcements
- rPSA-2009-0010-1 ntp ntp-utils,
rPath Update Announcements
- rPSA-2009-0009-1 bind bind-utils,
rPath Update Announcements
- rPSA-2009-0011-1 perl,
rPath Update Announcements
- Videos from HITBSecConf2008 - Malaysia released!,
Praburaajan
- Secunia Research: OpenSG Radiance RGBE Buffer Overflow Vulnerability,
Secunia Research
- Microsoft Bluetooth Stack OBEX Directory Traversal,
alberto . morenot
- [security bulletin] HPSBMA02400 SSRT080144 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code,
security-alert
- Secunia Research: Trend Micro Network Security Component Vulnerabilities,
Secunia Research
- Oracle Containers For Java Directory Traversal (OC4J) Oracle Application Server 10g (10.1.3.1.0) Oracle HTTP Server,
Eduardo Vela
MoinMoin Wiki Engine XSS Vulnerability,
swhite
[ANNOUNCE] Apache Jackrabbit 1.5.2 released,
Jukka Zitting
Cybershade CMS Remote File include vulnerability,
security
Secunia Research: EasyHDR Pro Radiance RGBE Buffer Overflow,
Secunia Research
[SECURITY] [DSA 1708-1] New Git packages fix remote code execution,
Florian Weimer
[ MDVSA-2009:019 ] imlib2,
security
Web Hacking Incidents update for Jan 19th,
Ofer Shezaf
Advisory: Oracle EBusiness Suite Sensitive Information Disclosure Vulnerability,
Aditya K Sood
[ GLSA 200901-12 ] noip-updater: Execution of arbitrary code,
Pierre-Yves Rofes
[Wintercore Research ] Fujitsu SystemcastWizard Lite PXEService Remote Buffer Overflow.,
vulns
Ralinktech wireless cards drivers vulnerability,
springsec
53KF Web IM 2009 Cross-Site Scripting Vulnerabilities,
Heart
[ MDVSA-2009:018 ] tomcat5,
security
FBI XSS Vulnerability,
sohrab_behroozian
Sagem router f@st 2404 remote reset poc,
alphanix00
Excel Viewer OCX 3.1/3.2 Denial of Service PoC,
alphanix00
[ MDVSA-2009:017 ] kdebase,
security
[ MDVSA-2009:016 ] xen,
security
Announce: RSBAC 1.4.0 released,
Amon Ott
Active Bids,
pouya . s3rver
[ MDVSA-2009:013 ] mplayer,
security
DMXReady Blog Manager (SQL/XSS),
pouya . s3rver
[ MDVSA-2009:015 ] ffmpeg,
security
[ MDVSA-2009:014 ] mplayer,
security
Syslserve 1.058 Denial of Service Vulnerability,
vuln_research
[USN-700-2] Perl regression,
Kees Cook
[SECURITY] [DSA 1706-1] New amarok packages fix arbitrary code execution,
Moritz Muehlenhoff
[ MDVSA-2009:012 ] mozilla-thunderbird,
security
[SECURITY] [DSA 1707-1] New iceweasel packages fix several vulnerabilities,
Steffen Joeris
[USN-709-1] tar vulnerability,
Jamie Strandboge
[SECURITY] [DSA 1705-1] New netatalk packages fix arbitrary code execution,
Nico Golde
[waraxe-2009-SA#070] - Multiple Vulnerabilities in MKPortal <= 1.2.1,
come2waraxe
[TZO-2009-2] Avira Antivir - Priviledge escalation,
Thierry Zoller
Errata: [TZO-2009-1] Avira Antivir - RAR - Division by Zero & Null Pointer Dereference,
Thierry Zoller
ANNOUNCE: apache_1.3.41+ssl_1.60 released,
Adam Laurie
Oracle Secure Backup NDMP_CONECT_CLIENT_AUTH Command Buffer Overflow Vulnerability,
noreply-secresearch@xxxxxxxxxxxx
Oracle Secure Backup's observiced.exe Denial Of Service vulnerability,
noreply-secresearch@xxxxxxxxxxxx
Oracle Secure Backup Multiple Denial Of Service vulnerabilities,
noreply-secresearch@xxxxxxxxxxxx
[ MDVSA-2009:011 ] virtualbox,
security
Re: Assurent VR - Oracle BEA WebLogic Server Apache Connector Buffer Overflow,
security curmudgeon
Windows NTP Time Server Syslog Monitor 1.0.000 Denial of Service Vulnerability,
vuln_research
TFTPUtil GUI TFTP Server Denial of Service Vulnerability,
vuln_research
TFTPUtil GUI TFTP Directory Traversal,
vuln_research
[ GLSA 200901-11 ] Avahi: Denial of Service,
Pierre-Yves Rofes
[ GLSA 200901-10 ] GnuTLS: Certificate validation error,
Pierre-Yves Rofes
Oracle TimesTen Remote Format String,
Joxean Koret
Oracle Secure Backup 10g Remote Code Execution,
Joxean Koret
ZDI-09-004: Oracle TimesTen evtdump Remote Format String Vulnerability,
zdi-disclosures
ZDI-09-003: Oracle Secure Backup exec_qr() Command Injection Vulnerability,
zdi-disclosures
[SECURITY] [DSA 1704-1] New xulrunner packages fix several vulnerabilities,
Steffen Joeris
[TZO-2009-1] Avira Antivir - RAR - Division by Zero & Null Pointer Dereference,
Thierry Zoller
OTSTurntables 1.00.027 (.ofl) Local Stack Overflow Exploit,
crimson . loyd
Cisco Security Advisory: IronPort Encryption Appliance / PostX and PXE Encryption Vulnerabilities,
Cisco Systems Product Security Incident Response Team
Call for Papers: Cyber Warfare,
kgconference
[ MDVSA-2009:010 ] qemu,
security
Cisco Security Advisory: Cisco ONS Platform Crafted Packet Vulnerability,
Cisco Systems Product Security Incident Response Team
[ MDVSA-2009:009 ] kvm,
security
Oracle CPU Jan 2009 Advisories.,
Alexandr Polyakov
Cisco Security Response: Cisco IOS Cross-Site Scripting Vulnerabilities,
Cisco Systems Product Security Incident Response Team
[ MDVSA-2009:008 ] qemu,
security
PR08-19: XSS on Cisco IOS HTTP Server,
ProCheckUp Research
RE: DoS code for Cisco VLAN Trunking Protocol Vulnerability,
Paul Oxman (poxman)
WowWee Rovio - Insufficient Access Controls - Covert Audio/Video Snooping Possible,
Brian Dowling
[ MDVSA-2009:007 ] ntp,
security
Trigger Abuse of MDSYS.SDO_TOPO_DROP_FTBL in Oracle 10g R1 and R2,
David Litchfield
phpList <= 2.10.8 Local File inclusion,
admin
iDefense Security Advisory 01.13.09: Oracle Secure Backup Administration Server login.php Command Injection Vulnerability,
iDefense Labs
Cisco Unified IP Phone 7960G and 7940G (SIP) RTP Header Vulnerability,
Laurent Butti
iDefense Security Advisory 01.13.09: Oracle Database 10g R2 Summary Advisor Arbitrary File Rewrite Vulnerability,
iDefense Labs
FreeBSD Security Advisory FreeBSD-SA-09:04.bind,
FreeBSD Security Advisories
iDefense Security Advisory 01.13.09: RIM BlackBerry Enterprise Server Attachment Service PDF Distiller Uninitialized Memory Vulnerability,
iDefense Labs
iDefense Security Advisory 01.13.09: RIM BlackBerry Enterprise Server Attachment Service PDF Distiller 'bitmaps' Heap Overflow Vulnerability,
iDefense Labs
[USN-708-1] HPLIP vulnerability,
Marc Deslauriers
rPSA-2009-0007-1 pam_krb5,
rPath Update Announcements
rPSA-2009-0005-1 git gitweb,
rPath Update Announcements
ZDI-09-002: Microsoft SMB NT Trans2 Request Parsing Remote Code Execution Vulnerability,
zdi-disclosures
ZDI-09-001: Microsoft SMB NT Trans Request Parsing Remote Code Execution Vulnerability,
zdi-disclosures
iDefense Security Advisory 01.13.09: RIM BlackBerry Enterprise Server Attachment Service PDF Distiller 'symWidths' Heap Overflow Vulnerability,
iDefense Labs
rPSA-2009-0006-1 samba samba-client samba-server samba-swat,
rPath Update Announcements
ANNOUNCE: DEFCON London - DC4420 - January meet - Thursday 15th Jan 2009,
Major Malfunction
[ MDVSA-2009:006 ] openoffice.org,
security
[ GLSA 200901-08 ] Online-Bookmarks: Multiple vulnerabilities,
Pierre-Yves Rofes
[ GLSA 200901-09 ] Adobe Reader: User-assisted execution of arbitrary code,
Robert Buchholz
PDFBuilderX 2.2 Arbitrary File Overwrite ,
fakeperson7
Secunia Research: DevIL "iGetHdrHeader()" Buffer Overflow Vulnerabilities,
Secunia Research
[SECURITY] [DSA 1703-1] New bind9 packages fix cryptographic weakness,
Florian Weimer
[SECURITY] [DSA 1702-1] New ntp packages fix cryptographic weakness,
Florian Weimer
[TKADV2009-001] Sun Solaris aio_suspend() Kernel Integer Overflow Vulnerability,
Tobias Klein
[ GLSA 200901-07 ] MPlayer: Multiple vulnerabilities,
Tobias Heinlein
[SECURITY] [DSA 1701-1] New OpenSSL packages fix cryptographic weakness,
Florian Weimer
Hack Aethra SV 1042 Adsl/Voip Router,
SmoKe
[TKADV2009-002] Amarok Integer Overflow and Unchecked Allocation Vulnerabilities,
Tobias Klein
[security bulletin] HPSBMA02392 SSRT071481 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Denial of Service (DoS),
security-alert
Visuplay CMS SQL injection vulnerability,
joseph . giron13
SyScan'09 Call For Paper - Shanghai, Hong Kong, Singapore, Taipei,
organiser@xxxxxxxxxx
[ MDVSA-2009:005 ] xterm,
security
[SECURITY] [DSA 1700-1] New lasso packages fix validation bypass,
Moritz Muehlenhoff
[ GLSA 200901-06 ] Tremulous: User-assisted execution of arbitrary code,
Pierre-Yves Rofes
[BMSA-2009-01] Authentication bypass in Interspire Shopping Cart v4.0.1 and below,
Nam Nguyen
PHP Buffer Overflow(popen),
ew1zz
[USN-707-1] CUPS vulnerabilities,
Marc Deslauriers
[ GLSA 200901-05 ] Streamripper: Multiple vulnerabilities,
Pierre-Yves Rofes
[SECURITY] [DSA 1699-1] New zaptel packages fix privilege escalation,
Florian Weimer
[ GLSA 200901-04 ] D-Bus: Denial of Service,
Robert Buchholz
[ GLSA 200901-03 ] pdnsd: Denial of Service and cache poisoning,
Robert Buchholz
Comersus Shopping Cart <= v6 Remote User Pass Exploit,
ajannhwt
[ GLSA 200901-02 ] JHead: Multiple vulnerabilities,
Robert Buchholz
[ GLSA 200901-01 ] NDISwrapper: Arbitrary remote code execution,
Robert Buchholz
[ MDVSA-2009:002 ] bind,
security
[ MDVSA-2009:004 ] pam_mount,
security
[ MDVSA-2009:003 ] python,
security
Java Runtime UTF-8 Decoder Smuggling Vector,
William A. Rowe, Jr.
Leak of SNMP write password via SNMP read community in NETGEAR WG102 - Prosafe 802.11g Access Point,
mad-vaittes
ShakaCon 2009 Call for Papers and Trainers,
Shakacon
[SECURITY] [DSA 1698-1] New gforge packages fix SQL injection,
Thijs Kinkhorst
[USN-706-1] Bind vulnerability,
Jamie Strandboge
AST-2009-001: Information leak in IAX2 authentication,
Asterisk Security Team
[USN-705-1] NTP vulnerability,
Jamie Strandboge
LayerOne 2009 Call for Papers,
LayerOne Call For Papers
CORE-2008-1128: Openfire multiple vulnerabilities,
CORE Security Technologies Advisories
[IBM Datapower XS40] Denial of Service,
erik
PHP-Fusion Mod vArcade 1.8 Sql Injection Vulnerability,
irancrash
[USN-704-1] OpenSSL vulnerability,
Jamie Strandboge
CA20090107-01: CA Service Metric Analysis and CA Service Level Management smmsnmpd Arbitrary Command Execution Vulnerability,
Williams, James K
FreeBSD Security Advisory FreeBSD-SA-09:01.lukemftpd,
FreeBSD Security Advisories
FreeBSD Security Advisory FreeBSD-SA-09:02.openssl,
FreeBSD Security Advisories
[SECURITY] [DSA 1697-1] New iceape packages fix several vulnerabilities,
Steffen Joeris
[SECURITY] [DSA 1696-1] New icedove packages fix several vulnerabilities,
Steffen Joeris
PHP-Fusion Mod E-Cart Sql Injection,
r3d . w0rm
[USN-701-1] Thunderbird vulnerabilities,
Jamie Strandboge
Secunia Research: TSC2 Help Desk CTab ActiveX Control Buffer Overflow,
Secunia Research
Cisco Security Advisory: Cisco Global Site Selector Appliances DNS Vulnerability,
Cisco Systems Product Security Incident Response Team
PHP-Fusion Mod Members Bewerb Sql Injection,
r3d . w0rm
[USN-701-2] Thunderbird vulnerabilities,
Jamie Strandboge
Secunia Research: HP OpenView Network Node Manager Multiple Vulnerabilities,
Secunia Research
CFP: COLSEC 2009,
Patrice CLEMENTE
Plunet BusinessManager failure in access controls and multiple stored cross site scripting,
Matteo Ignaccolo
[oCERT-2008-016] Multiple OpenSSL signature verification API misuses,
Will Drewry
VUPLAYER BufferOver flow POC,
alphanix00
New WHID web hacking incidents,
Ofer Shezaf
[SECURITY] [DSA 1694-2] New xterm packages fix regression,
Florian Weimer
[USN-703-1] xterm vulnerability,
Kees Cook
[Suspected Spam]"Security Assessment of the Internet Protocol" & the IETF,
Fernando Gont
[USN-702-1] Samba vulnerability,
Marc Deslauriers
Walusoft TFTPServer2000 Version 3.6.1 Directory Traversal,
vuln_research
MSFXDC Metasploit eXploits Development Contest,
Jerome Athias
php 4.x php5.2.x all "show_source()" ,"highlight_file()" bypass‏,
l1un
ANNOUNCE: RFIDIOt ver 01.v released - Jan 2009,
Adam Laurie
Google Chrome FTP PASV IP Malicious Port Scanning Vulnerability.,
Aditya K Sood
Destiny Media Player 1.61 (.lst File) Local Stack Overflow Exploit,
crimson . loyd
SolucionWeb (main.php?id_area) Remote SQL injection Vulnerability,
Ehsan_Hp200
Call for papers and trainers - SeacureIT 2009,
Stefano Zanero
PollPro 3.0 XSRF VuLn.,
b4DchiLd
Top 5-ish Threats to Watch for in 2009,
Pete Herzog
[SECURITY] [DSA 1695-1] New Ruby packages fix denial of service,
Florian Weimer
[SECURITY] [DSA 1694-1] New xterm packages fix remote code execution,
Florian Weimer
A tool to identify the MD5 certs on FF,
Memisyazici, Aras
Linux Kernel 2.6.18/2.6.24/2.6.20/2.6.22/2.6.21 denial of service exploit,
i9p
CFP uCon Security Conference 2009 - Recife, Brazil,
uCon Security Conference
apache 1.x <=> 2.x suphp (suPHP_ConfigPath) bypass safe mode exploit‎,
v8i
MD5 Considered Harmful Today: Creating a rogue CA certificate,
Alexander Sotirov
php-nuke 8.0 module sections artid blind sql inj vuln.,
the . dumenci
Megacubo 5.0.7 (mega://) remote eval() injection exploit,
pyro
reliable IOS exploitation,
Gadi Evron
[SECURITY] [DSA 1693-1] New phppgadmin packages fix several vulnerabilities,
Thijs Kinkhorst
Mavi Emlak Sql Injection,
r3d . w0rm
[ MDVSA-2008:246 ] kernel,
security
MagpieRSS XSS 0day,
admin
Madrese-Portal Sql Injection,
r3d . w0rm
ViArt Shopping Cart v3.5 Multiple Remote Vulnerabilities,
XiaShing
MSN messenger sends IP addresses Public and Private,
Carmelo Brancato
hm? new vulnerabilities? wav windows media,
anonymous
[SECURITY] [DSA 1692-1] New php-xajax packages fix cross-site scripting,
Steffen Joeris
Joomla Component mdigg 2.2.8 Blind SQL Injection Exploit,
hadihadi_zedehal_2006
ClubHack2008 presentations are now online,
ClubHack
PHP-Fusion Mod TI - Blog System Sql Injection,
r3d . w0rm
Castlecops security site closed for good,
Michael Scheidell
joomla com_lowcosthotels sql injection,
lovebug
MS Windows Media Player * (.WAV) Remote Integrer Overflow,
Laurent . gaffie
Google Chrome Browser (ChromeHTML://) remote parameter injection POC,
nospam
FreeBSD Security Advisory FreeBSD-SA-08:12.ftpd,
FreeBSD Security Advisories
PGP Desktop 9.0.6 Denial Of Service - ZeroDay,
contact . fingers
[ GLSA 200812-21 ] ClamAV: Multiple vulnerabilities,
Pierre-Yves Rofes
[ GLSA 200812-24 ] VLC: Multiple vulnerabilities,
Tobias Heinlein
[ GLSA 200812-22 ] Ampache: Insecure temporary file usage,
Pierre-Yves Rofes
[USN-698-3] Nagios vulnerabilities,
Marc Deslauriers
FRHACK Registration open (Christmas offer),
Jerome Athias
Personal Sticky Threads v1.0.3c vbulletin Add-on problem,
xl4nothing
[ GLSA 200812-23 ] Imlib2: User-assisted execution of arbitrary code,
Pierre-Yves Rofes
[SECURITY] [DSA 1688-2] New courier-authlib packages fix regression,
Florian Weimer
[USN-700-1] Perl vulnerabilities,
Kees Cook
[security bulletin] HPSBST02397 SSRT080187 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-078,
security-alert
[USN-677-2] OpenOffice.org Internationalization update,
Jamie Strandboge
DDIVRT-2008-16 Citrix Broadcast Server 6.0 login.asp SQL Injection --- Update for BID 32832,
VulnerabilityResearch
FreeBSD Security Advisory FreeBSD-SA-08:13.protosw,
FreeBSD Security Advisories
[ISecAuditors Security Advisories] PSI remote integer overflow DoS,
ISecAuditors Security Advisories
[ MDVA-2008:241 ] mailscanner,
security
CORE-2008-1210: Qemu and KVM VNC server remote DoS,
CORE Security Technologies Advisories
[ GLSA 200812-20 ] phpCollab: Multiple vulnerabilities,
Pierre-Yves Rofes
rPSA-2008-0341-1 dovecot,
rPath Update Announcements
[ISecAuditors Security Advisories] Multiple vulnerabilities in WiFi router COMTREND CT-536/HG-536+,
ISecAuditors Security Advisories
[SECURITY] [DSA 1690-1] New avahi packages fix denial of service,
Florian Weimer
[ISecAuditors Security Advisories] Wordpress is vulnerable to an unauthorized upgrade and XSS,
ISecAuditors Security Advisories
[SECURITY] [DSA 1689-1] New proftpd-dfsg packages fix Cross-Site Request Forgery,
Martin Schulze
Secunia Research: Trend Micro HouseCall ActiveX Control Arbitrary Code Execution,
Secunia Research
CoolPlayer 2.19 (Skin File) Local Buffer Overflow Exploit,
writ3r-dont-want-bugtraq-spam-
[USN-697-1] Imlib2 vulnerability,
Marc Deslauriers
FreeSSHd Multiple Remote Stack Overflow Vulnerabilities,
writ3r-dont-want-bugtraq-spam-
POC for CVE-2008-5619 (roundcubemail PHP arbitrary code injection),
Jacobo Avariento Gimeno
[SECURITY] [DSA 1691-1] New moodle packages fix several vulnerabilities,
Thijs Kinkhorst
[UPRSN] Ubuntu Privacy Remix 8.04r2 introduces "noexec"-mounting by default,
Ubuntu Privacy Remix Team
[USN-698-2] Nagios3 vulnerabilities,
Marc Deslauriers
[USN-699-1] Blender vulnerabilities,
Marc Deslauriers
Secunia Research: Trend Micro HouseCall "notifyOnLoadNative()" Vulnerability,
Secunia Research
[SECURITY] [DSA 1678-2] New perl packages fix regression,
Florian Weimer
[USN-698-1] Nagios vulnerability,
Marc Deslauriers
chicomas <=2.0.4 Multiple Vulnerabilities,
admin
[SECURITY] [DSA 1688-1] New courier-authlib packages fix SQL injection,
Steffen Joeris
[ GLSA 200812-19 ] PowerDNS: Multiple vulnerabilities,
Pierre-Yves Rofes
rPSA-2008-0338-1 cups,
rPath Update Announcements
PHP APC vulnerable to local attacks,
Moritz Naumann
HTC Touch vCard over IP Denial of Service,
Mobile Security Lab
[security bulletin] HPSBST02394 SSRT080183 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-070 to MS08-077,
security-alert
SEC Consult SA-20081219-0 :: Fujitsu-Siemens WebTransactions remote command injection vulnerability,
Bernhard Mueller
[USN-696-1] Avahi vulnerabilities,
Jamie Strandboge
CONFidence 2009, CFP,
Andrzej Targosz
EasySiteNetwork (joke.php?id) Remote SQL injection Vulnerability,
Ehsan_Hp200
[ MDVSA-2008:245 ] firefox,
security
php python extension safe_mode bypass,
amir
[USN-695-1] shadow vulnerability,
Kees Cook
Firefox cross-domain text theft (CESA-2008-011),
Chris Evans
[USN-694-1] libvirt vulnerability,
Jamie Strandboge
[SECURITY] CVE-2008-2938 - Apache Tomcat information disclosure vulnerability - Update 2,
Mark Thomas
[USN-690-3] Firefox vulnerabilities,
Jamie Strandboge
[USN-690-2] Firefox vulnerabilities,
Jamie Strandboge
[TKADV2008-015] Sun Solaris SIOCGTUNPARAM IOCTL Kernel NULL pointer dereference,
Tobias Klein
[USN-693-1] LittleCMS vulnerability,
Kees Cook
[USN-692-1] Gadu vulnerability,
Kees Cook
[USN-690-1] Firefox and xulrunner vulnerabilities,
Jamie Strandboge
[ MDVSA-2008:244 ] mozilla-firefox,
security
Network Security Scanner OpenVAS 2.0.0 Released,
Michael Wiegand
n.runs-SA-2008.010 - Opera HTML parsing Code Execution,
security
[ GLSA 200812-18 ] JasPer: User-assisted execution of arbitrary code,
Robert Buchholz
Joomla: Session hijacking vulnerability, CVE-2008-4122,
Hanno Böck
CVE-2008-0971 - Barracuda Networks products Multiple Cross-Site Scripting Vulnerabilities,
marian . ventuneac
CVE-2008-1094 - Barracuda Span Firewall SQL Injection Vulnerability,
marian . ventuneac
ZDI-08-088: Oracle E-Business Suite Business Intelligence SQL Injection Vulnerability,
zdi-disclosures
[ GLSA 200812-17 ] Ruby: Multiple vulnerabilities,
Tobias Heinlein
[ MDVSA-2008:243 ] enscript,
security
[USN-691-1] Ruby vulnerability,
Marc Deslauriers
[SECURITY] [DSA 1687-1] New Linux 2.6.18 packages fix several vulnerabilities,
dann frazier
[ MDVSA-2008:242 ] wireshark,
security
TmaxSoft JEUS Alternate Data Streams Vulnerability,
Simon Ryeo
phpList vulnerability,
phplist
Multiple XSS Vulnerabilities in World Recipe 2.11,
security
[TKADV2008-014] MPlayer TwinVQ Processing Stack Buffer Overflow Vulnerability,
Tobias Klein
CFAGCMS Remote File Inclusion,
admin
[ GLSA 200812-16 ] Dovecot: Multiple vulnerabilities,
Tobias Heinlein
[ GLSA 200812-15 ] POV-Ray: User-assisted execution of arbitrary code,
Pierre-Yves Rofes
[SECURITY] [DSA 1686-1] New no-ip packages fix arbitrary code execution,
Moritz Muehlenhoff
[ GLSA 200812-14 ] aview: Insecure temporary file usage,
Tobias Heinlein
[ GLSA 200812-13 ] OpenOffice.org: Multiple vulnerabilities,
Pierre-Yves Rofes
[ GLSA 200812-12 ] Honeyd: Insecure temporary file creation,
Tobias Heinlein
Moodle 1.9.3 Remote Code Execution,
ascii
[SECURITY] [DSA 1685-1] New uw-imap packages fix multiple vulnerabilities,
Steffen Joeris
Nokia N70/N73 Bluetooth Stack OBEX Implementation Denial of Service,
yangdn
rPSA-2008-0336-1 tshark wireshark,
rPath Update Announcements
ASP-CMS v.1.0 Sql Injection/Database Disclosure,
r3d . w0rm
Aspect9: Internet Explorer 8.0 Beta 2 Anti-XSS Filter Vulnerabilities,
Rafel Ivgi
Secunia Research: CA ARCserve Backup RPC "handle_t" Argument Vulnerability,
Secunia Research
facto Database Disclosure,
r3d . w0rm
Meta Cart Free Database Disclosure,
r3d . w0rm
aspProductCatalog Sql Injection,
r3d . w0rm
Black Hat: New Webinar, Japan audio now on-line.,
jmoss
AST-2008-012: Remote crash vulnerability in IAX2,
Asterisk Security Team
Browser Security Handbook,
Michal Zalewski
[ GLSA 200812-11 ] CUPS: Multiple vulnerabilities,
Pierre-Yves Rofes
CA ARCserve Backup LDBserver Vulnerability,
Williams, James K
[ MDVSA-2008:240 ] vinagre,
security
Max's Guestbook (XSS) Remote Vulnerability,
08253
iDefense Security Advisory 12.10.08: Microsoft Excel Malformed Object Memoy Corruption Vulnerability,
iDefense Labs
[ GLSA 200812-10 ] Archive::Tar: Directory traversal vulnerability,
Robert Buchholz
[ GLSA 200812-09 ] OpenSC: Insufficient protection of smart card PIN,
Robert Buchholz
[security bulletin] HPSBUX02393 SSRT080057 rev.1 - HP-UX Running DCE, Remote Denial of Service (DoS),
security-alert
CORE-2008-0228: Microsoft Word Malformed FIB Arbitrary Free Vulnerability,
CORE Security Technologies Advisories
Microsoft SQL Server 2005 sp_replwritetovarbin memory overwrite (update to SEC Consult SA-20081209),
Bernhard Mueller
[IVIZ-08-016] F-Secure f-prot Antivirus for Linux corrupted ELF header Security Bypass,
iViZ Security Advisories
[IVIZ-08-015] Sophos Antivirus for Linux vulnerability,
iViZ Security Advisories
[IVIZ-08-014] AVG antivirus for Linux vulnerability,
iViZ Security Advisories
[IVIZ-08-013] Avast antivirus for Linux multiple vulnerabilities,
iViZ Security Advisories
[IVIZ-08-012] Bitdefender antivirus for Linux multiple vulnerabilities,
iViZ Security Advisories
[IVIZ-08-011] ClamAV lzh unpacking segmentation fault,
iViZ Security Advisories
[SECURITY] [DSA 1684-1] New lcms packages fix multiple vulnerabilities,
Devin Carraway
[USN-678-2] GnuTLS regression,
Jamie Strandboge
[USN-689-1] Vinagre vulnerability,
Kees Cook
ISOI 6, Dallas, TX - January 29, 30,
Gadi Evron
Insomnia : ISVA-081209.1 - IE Webdav Request Parsing Heap Corruption Vulnerability,
Brett Moore
ZDI-08-087: Microsoft Internet Explorer Webdav Request Parsing Heap Corruption Vulnerability,
zdi-disclosures
ZDI-08-086: Microsoft Office Word Document Table Property Stack Overflow Vulnerability,
zdi-disclosures
ZDI-08-085: Microsoft Office RTF Drawing Object Heap Overflow Vulnerability,
zdi-disclosures
ZDI-08-084: Microsoft Office RTF Consecutive Drawing Object Parsing Heap Corruption Vulnerability,
zdi-disclosures
ZDI-08-083: Microsoft Animation ActiveX Control Malformed AVI Parsing Code Execution Vulnerability,
zdi-disclosures
Secunia Research: Microsoft Hierarchical FlexGrid Control Integer Overflows,
Secunia Research
iDefense Security Advisory 12.09.08: Microsoft Windows Graphics Device Interface Integer Overflow Vulnerability,
iDefense Labs
iDefense Security Advisory 12.09.08: Microsoft Internet Explorer 5.01 EMBED tag Long File Name Extension Stack Buffer Overflow Vulnerability (iDefense Exclusive),
iDefense Labs
CORE-2008-1127 - Vinagre show_error() format string vulnerability,
CORE Security Technologies Advisories
Secunia Research: Microsoft Excel NAME Record Array Indexing Vulnerability,
Secunia Research
Secunia Research: Microsoft Word RTF Polyline/Polygon Integer Overflow,
Secunia Research
Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass -Update-,
xhakerman2006
rPSA-2008-0332-1 kernel,
rPath Update Announcements
SEC Consult SA-20081109-0 :: Microsoft SQL Server 2000 sp_replwritetovarbin limited memory overwrite vulnerability,
Bernhard Mueller
PHP safe_mode can be bypassed via proc_open() and custom environment.,
gat3way
[ MDVSA-2008:236-1 ] vim,
security
DoS attacks on MIME-capable software via complex MIME emails,
bruhns
Multiple XSRF in DD-WRT (Remote Root Command Execution),
th3 . r00k . ieatpork
ZDI-08-082: BMC PatrolAgent Version Logging Format String Vulnerability,
zdi-disclosures
DoS Vulnerability in Aruba Mobility Controller Caused by Malformed EAP Frame (Aruba Advisory ID: AID-12808),
Robbie (Rupinder) Gill
[security bulletin] HPSBMA02390 SSRT071481 rev.1 - HP OpenView Performance Agent, HP Performance Agent, Remote Denial of Service (DoS),
security-alert
[SECURITY] [DSA 1683-1] New streamripper packages fix potential code execution,
Florian Weimer
Neostrada Livebox Remote Network Down PoC Exploit,
0in . email
[security bulletin] HPSBMA02391 SSRT071481 rev.1 - HP OpenView Reporter and HP Reporter Running on Windows, Remote Denial of Service (DoS),
security-alert
[SVRT-07-08] Vulnerability in Face Recognition Authentication Mechanism of Lenovo-Asus-Toshiba Laptops,
SVRT-Bkis
Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass,
xhakerman2006
[DSECRG-08-041] Stored XSS Vulnerability in Xoops 2.3.x,
Digital Security Research Group [DSecRG]
[DSECRG-08-040] Multiple Local File Include Vulnerabilities in Xoops 2.3.x,
Digital Security Research Group [DSecRG]
RadAsm <=2.2.1.5 Local Command Execution,
xhakerman2006
XSS in PHPepperShop v 1.4,
th3 . r00k . ieatpork
Two XSS Flaws in PrestaShop 1.1.0.3,
th3 . r00k . ieatpork
[SECURITY] [DSA 1682-1] New squirrelmail packages fix cross site scripting,
Thijs Kinkhorst
SecurityReason: PHP 5.2.6 SAPI php_getuid() overload,
cxib
[ GLSA 200812-08 ] Mgetty: Insecure temporary file usage,
Pierre-Yves Rofes
[ MDVSA-2008:239 ] clamav,
security
RE: DDIVRT-DDIVRT-2008-15 iPhone Configuration Web Utility 1.0 for Windows Directory Traversal,
VulnerabilityAlert
CVE-2008-5079: multiple listen()s on same socket corrupts the vcc table,
Hugo Dias
[ MDVSA-2008:238 ] libsamplerate,
security
ZDI-08-081: Sun Java Web Start and Applet Multiple Sandbox Bypass Vulnerabilities,
zdi-disclosures
ZDI-08-080: Sun Java AWT Library Sandbox Violation Vulnerability,
zdi-disclosures
ZDI-08-079: Trillian AIM Plugin Malformed XML Tag Heap Overflow Vulnerability,
zdi-disclosures
ZDI-08-078: Trillian IMG SRC ID Memory Corruption Vulnerability,
zdi-disclosures
ZDI-08-077: Trillian AIM IMG Tag Parsing Stack Overflow Vulnerability,
zdi-disclosures
iDefense Security Advisory 12.04.08: Sun Java JRE TrueType Font Parsing Integer Overflow Vulnerability,
iDefense Labs
[USN-687-1] nfs-utils vulnerability,
Marc Deslauriers
[ MDVSA-2008:237 ] apache2,
security
iDefense Security Advisory 12.04.08: Sun Java JRE Pack200 Decompression Integer Overflow Vulnerability,
iDefense Labs
iDefense Security Advisory 12.04.08: Sun Java Web Start GIF Decoding Memory Corruption Vulnerability,
iDefense Labs
Joomla Component mydyngallery,
r3d . w0rm
iDefense Security Advisory 12.04.08: Sun Java JRE TrueType Font Parsing Heap Overflow Vulnerability,
iDefense Labs
[SECURITY] [DSA 1681-1] New Linux 2.6.24 packages fix several vulnerabilities,
dann frazier
[UPRSN] Ubuntu Privacy Remix 8.04r1 fixes security issues,
Ubuntu Privacy Remix Team
CVE-2008-2086: Java Web Start File Inclusion via System Properties Override,
VSR Advisories
Joomla Component GameQ,
r3d . w0rm
[SECURITY] [DSA 1680-1] New clamav packages fix potential code execution,
Florian Weimer
DDIVRT-2008-18 Orb Denial of Service,
DDI . VulnerabilityAlert
Advisory 06/2008: PHP ZipArchive::extractTo() Directory Traversal Vulnerability,
Stefan Esser
[ MDVSA-2008:236 ] vim,
security
[USN-686-1] AWStats vulnerability,
Kees Cook
[USN-685-1] Net-SNMP vulnerabilities,
Kees Cook
[security bulletin] HPSBUX02389 SSRT080141 rev.1 - HP-UX, Local Denial of Service (DoS),
security-alert
[SVRT-06-08] MULTI SECURITY VULNERABILITIES IN MVNFORUM,
SVRT-Bkis
[SECURITY] [DSA 1679-1] New awstats packages fix cross-site scripting,
Florian Weimer
[USN-684-1] ClamAV vulnerability,
Kees Cook
[HACKATTACK Advisory 20081203]Pro Clan Manager 0.4.2 - Session Fixation,
office
[SECURITY] [DSA 1678-1] New perl packages fix privilege escalation,
Steffen Joeris
VMSA-2008-0019 VMware Hosted products and patches for ESX and ESXi resolve a critical security issue and update bzip2,
VMware Security team
[SECURITY] [DSA 1677-1] New CUPS packages fix arbitrary code execution,
Martin Schulze
[ GLSA 200812-07 ] Mantis: Multiple vulnerabilities,
Robert Buchholz
[ GLSA 200812-02 ] enscript: User-assisted execution of arbitrary code,
Robert Buchholz
[ GLSA 200812-04 ] lighttpd: Multiple vulnerabilities,
Robert Buchholz
[ GLSA 200812-05 ] libsamplerate: User-assisted execution of arbitrary code,
Robert Buchholz
[USN-683-1] Imlib2 vulnerability,
Marc Deslauriers
[ GLSA 200812-03 ] IPsec-Tools: racoon Denial of Service,
Robert Buchholz
[ GLSA 200812-06 ] libxml2: Multiple vulnerabilities,
Robert Buchholz
[ GLSA 200812-01 ] OptiPNG: User-assisted execution of arbitrary code,
Robert Buchholz
Cpanel fantastico Privilege Escalation "ModSec and PHP restriction Bypass",
l1un
Dates for SyScan'09,
organiser@xxxxxxxxxx
[SECURITY] [DSA 1676-1] New flamethrower packages fix denial of service,
dann frazier
[USN-682-1] libvorbis vulnerabilities,
Marc Deslauriers
[USN-681-1] ImageMagick vulnerability,
Marc Deslauriers
[BMSA 2008-09] Two buffer overflow vulnerabilities in Rumpus v6.0,
Nam Nguyen
/bin/login gives root to group utmp,
Paul Szabo
[TKADV2008-013] VLC media player RealMedia Processing Integer Overflow Vulnerability,
Tobias Klein
[SECURITY] [DSA 1675-1] New phpmyadmin packages fix cross site scripting,
Thijs Kinkhorst
[SECURITY] [DSA 1674-1] New jailer packages fix denial of service,
Moritz Muehlenhoff
[SECURITY] [DSA 1673-1] New wireshark packages fix several vulnerabilities,
Moritz Muehlenhoff
[SECURITY] [DSA 1672-1] New imlib2 packages fix arbitrary code execution,
Moritz Muehlenhoff
[tool] Exomind v0.2 is out!,
Jose Orlicki
SecurityReason : PHP 5.2.6 dba_replace() destroying file,
cxib
DC4420 - DEFCON London - Christmas meeting - Tuesday 2nd December 2008,
Major Malfunction
AssoCIateD 1.4.4 Remote Cross Site Scripting Vulnerability,
tan_prathan
[USN-680-1] Samba vulnerability,
Marc Deslauriers
[HACKATTACK Advisory 20081127]Social Impress CMS 1.1 - Session Fixation,
office
FreeRainbowTables.com has changed generation platform,
Jerome Athias
WHMCS V3.7.1 Sensible Information Disclosure,
julianrdz91
XSS in Internet Explorer 6 and 7,
MustLive
Updated: Google Chrome 0.4.154.25 URI Meta Character URL Obfuscation,
Aditya K Sood
[USN-668-1] Thunderbird vulnerabilities,
Jamie Strandboge
[USN-678-1] GnuTLS vulnerability,
Jamie Strandboge
[CFP] FRHACK 01 Call For Papers (save the dates!),
Jerome Athias
WordPress XSS vulnerability in RSS Feed Generator,
Jeremias Reith
RSA EnVision Remote Password Disclosure,
nicolas . viot
[security bulletin] HPSBTU02382 SSRT080132 rev.1 - HP Secure Web Server for Tru64 UNIX or Internet Express for Tru64 UNIX running PHP, Remote Denial of Service (DoS) or Arbitrary Code Execution,
security-alert
New tool and paper for Oracle forensics...,
David Litchfield
[USN-677-1] OpenOffice.org vulnerabilities,
Jamie Strandboge
MyBB 1.4.3 my_post_key Disclosure Vulnerability,
nbbn@xxxxxxx
Re: Re: OpenSSH security advisory: cbc.adv,
"dennis jackson"
CanSecWest 2009 CFP (March 18-20 2009, Deadline December 8 2008),
Dragos Ruiu
[SECURITY] [DSA 1671-1] New iceweasel packages fix several vulnerabilities,
Moritz Muehlenhoff
Siemens C450IP/C475IP DoS,
Martin Kluge
WebStudio CMS 'pageid' Blind SQL Injection,
glafkos
[SECURITY] [DSA 1670-1] New enscript packages fix arbitrary code execution,
Moritz Muehlenhoff
[USN-674-2] HPLIP vulnerabilities,
Marc Deslauriers
[USN-675-2] Gaim vulnerability,
Marc Deslauriers
[USN-676-1] WebKit vulnerability,
Marc Deslauriers
FreeBSD Security Advisory FreeBSD-SA-08:11.arc4random,
FreeBSD Security Advisories
[USN-675-1] Pidgin vulnerabilities,
Marc Deslauriers
Google Chrome MetaCharacter URI Obfuscation Vulnerability,
Aditya K Sood
[SVRT-05-08] Critical BoF vulnerability found in ffdshow affecting all internet browsers (SVRT-Bkis),
svrt
Amaya (id) Remote Stack Overflow Vulnerability,
writ3r
Amaya (URL Bar) Remote Stack Overflow Vulnerability,
writ3r
[ MDVSA-2008:235 ] mozilla-thunderbird,
security
[SECURITY] [DSA 1669-1] New xulrunner packages fix several vulnerabilities,
Moritz Muehlenhoff
Revised: OpenSSH security advisory: cbc.adv,
Damien Miller
Wrong report: BID 32287, Pi3Web ISAPI DoS vulnerability,
zimpel
- <Possible follow-ups>
- Re: Wrong report: BID 32287, Pi3Web ISAPI DoS vulnerability,
tecklord
- Re: Re: Wrong report: BID 32287, Pi3Web ISAPI DoS vulnerability,
zimpel
- Re: Re: Wrong report: BID 32287, Pi3Web ISAPI DoS vulnerability,
het_ebadi
- Re: Re: Wrong report: BID 32287, Pi3Web ISAPI DoS vulnerability,
zimpel
- Re: Re: Re: Wrong report: BID 32287, Pi3Web ISAPI DoS vulnerability,
zimpel
rPSA-2008-0328-1 httpd mod_ssl,
rPath Update Announcements
rPSA-2008-0327-1 httpd mod_ssl,
rPath Update Announcements
rPSA-2008-0324-1 gvim vim vim-minimal,
rPath Update Announcements
[SECURITY] [DSA 1668-1] New hf packages fix execution of arbitrary code,
Steve Kemp
[SVRT-04-08] Vulnerability in WireShark 1.0.4 for DoS Attack,
svrt
Adobe Flash Multiple Vulnerabilities,
iSEC Partners
[ MDVSA-2008:234 ] kernel,
security
DDIVRT-2008-15 iPhone Configuration Web Utility 1.0 for Windows Directory Traversal,
vulnerabilityresearch
OpenSSH security advisory: cbc.adv,
Damien Miller
KVIrc 3.4.2 Shiny (uri handler) remote command execution exploit,
Pyrokinesis
ZDI-08-076: EMC Control Center SAN Manager SST_SENDFILE Remote File Retrieval Vulnerability,
zdi-disclosures
ZDI-08-075: EMC Control Center SAN Manager Master SST_CTGTRANS Overflow Vulnerability,
zdi-disclosures
[ MDVSA-2008:233 ] libcdaudio,
security
SecurityReason : PHP 5.2.6 (error_log) safe_mode bypass,
cxib
Social Engine 2.7 CRLF Injection + SQL injection,
office
[security bulletin] HPSBMA02388 SSRT080059 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Cross Site Scripting (XSS),
security-alert
boastMachine v3.1 Remote Sql Injection,
r3d . w0rm
[ MDVSA-2008:220-1 ] kernel,
security
[ MDVSA-2008:232 ] dovecot,
security
[USN-674-1] HPLIP vulnerabilities,
Marc Deslauriers
rPSA-2008-0325-1 libxml2,
rPath Update Announcements
PR07-40: Authentication Bypass, Passwords Leakage and SNMP Injection on 3Com AP 8760,
ProCheckUp Research
[SECURITY] [DSA 1667-1] New python2.4 packages fix several vulnerabilities,
Moritz Muehlenhoff
[ MDVSA-2008:231 ] libxml2,
security
PR08-09: Unauthenticated File Retrieval on Sun Java System Identity Manager "ext" parameter,
ProCheckUp Research
Secunia Research: Streamripper Multiple Buffer Overflows,
Secunia Research
Microsoft VISTA TCP/IP stack buffer overflow,
Thomas Unterleitner
PR07-11: Cross-site Request Forgery (CSRF) on Sun Java System Identity Manager,
ProCheckUp Research
Metasploit Framework 3.2 Released,
H D Moore
Firefox cross-domain image theft (CESA-2008-009),
Chris Evans
[USN-673-1] libxml2 vulnerabilities,
Kees Cook
Black Hat November News: CFPS Now Open, Webinar 5 and Japan on-line.,
jmoss
[security bulletin] HPSBST02386 SSRT080164 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-067 to MS08-069,
security-alert
Outdated and vulnerable OpenSource libraries used in "Deutsche Telekom" home banking software,
Stefan Kanthak
[DSECRG-08-039] Local File Include Vulnerability in Pluck CMS 4.5.3,
Digital Security Research Group
[ MDVSA-2008:230 ] firefox,
security
[SECURITY] [DSA 1666-1] New libxml2 packages fix several vulnerabilities,
Moritz Muehlenhoff
[USN-672-1] ClamAV vulnerability,
Kees Cook
[USN-667-1] Firefox and xulrunner vulnerabilities,
Jamie Strandboge
[ MDVSA-2008:227-1 ] gnutls,
security
rPSA-2008-0322-1 gnutls,
rPath Update Announcements
Kimson cms cross site scripting vulnerability,
md . r00t . defacer
[USN-671-1] MySQL vulnerabilities,
Marc Deslauriers
[waraxe-2008-SA#069] - Multiple Sql Injection in vBulletin 3.7.4,
come2waraxe
Exodus v0.10 uri handler arbitrary parameter injection,
Pyrokinesis
Opera 9.6x file:// overflow,
send9
rPSA-2008-0321-1 enscript,
rPath Update Announcements
[waraxe-2008-SA#068] - Sql Injection in vBulletin 3.7.3.pl1,
come2waraxe
[ GLSA 200811-05 ] PHP: Multiple vulnerabilities,
Tobias Heinlein
Microsoft Windows Server Service (MS08-067) Exploit,
Debasis Mohanty
ANNOUNCE: RFIDIOt release RFIDIOt-0.1u,
Adam Laurie
[ MDVSA-2008:229 ] clamav,
security
[USN-670-1] VMBuilder vulnerability,
Jamie Strandboge
[ MDVSA-2008:228 ] mozilla-firefox,
security
New Whitepaper - .NET Framework Rootkits: Backdoors inside your Framework,
Erez Metula
Digital Armaments October-November Hacking Challenge: Linux Local Kernel Exploit (5,000$),
info
Team SHATTER Security Advisory: Oracle Database Multiple SQL Injection vulnerabilities in LTADM,
Shatter
[ MDVSA-2008:227 ] gnutls,
security
Team SHATTER Security Advisory: Oracle Database multiple SQL Injection vulnerabilities in Workspace Manager,
Shatter
Team SHATTER Security Advisory: Oracle Database SQL Injection in SYS.DBMS_CDC_PUBLISH.ALTER_AUTOLOG_CHANGE_SOURCE,
Shatter
Team SHATTER Security Advisory: Oracle Database SQL Injection in SYS.DBMS_CDC_IPUBLISH.ALTER_HOTLOG_INTERNAL_CSOURCE,
Shatter
rPSA-2008-0316-1 kernel,
rPath Update Announcements
rPSA-2008-0318-1 initscripts,
rPath Update Announcements
[SECURITY] [DSA 1665-1] New libcdaudio packages fix arbitrary code execution,
Moritz Muehlenhoff
Re: Re: MS OWA 2003 Redirection Vulnerability - [MSRC 7368br],
Giuseppe Gottardi
rPSA-2008-0315-1 net-snmp net-snmp-client net-snmp-server net-snmp-utils,
rPath Update Announcements
[security bulletin] HPSBMA02385 SSRT080161 rev.1 - HP Service Manager (HPSM), Gain Extended Privileges,
security-alert
[USN-669-1] gnome-screensaver vulnerabilities,
Marc Deslauriers
ooVoo 1.7.1.35 (URL Protocol) remote unicode buffer overflow poc,
Pyrokinesis
[security bulletin] HPSBMA02380 SSRT080121 rev.2 - HP System Management Homepage (SMH) for HP-UX, Local Unauthorized Access,
security-alert
Re [WEB SECURITY] countermeasure against attacks through HTML shared files,
fcorella
Joomla Component JooBlog 0.1.1 (PostID) SQL Injection Vuln.,
Stephen Argent
Google Chrome Break,
Liu Die Yu
[SECURITY] [DSA 1664-1] New ekg packages fix denial of service,
Moritz Muehlenhoff
[ GLSA 200811-02 ] Gallery: Multiple vulnerabilities,
Tobias Heinlein
Collabtive 0.4.8 Multiple Vulnerabilities,
ascii
[ GLSA 200811-04 ] Graphviz: User-assisted execution of arbitrary code,
Tobias Heinlein
[ GLSA 200811-03 ] FAAD2: User-assisted execution of arbitrary code,
Tobias Heinlein
ClamAV get_unicode_name() off-by-one buffer overflow,
Moritz Jodeit
Metrica Service Assurance Multiple Cross Site Scripting,
f . bianchino
[SECURITY] [DSA 1663-1] New net-snmp packages fix several vulnerabilities,
Thijs Kinkhorst
Multiple remote vulnerabilities MoinMoin v1.80,
XiaShing
BSOD in Win'2k3, Vista x86 and x64 by nonpriviledged user,
support
[AK-ADV2008-001] Openfire Jabber-Server: Multiple Vulnerabilities (Authentication Bypass, SQL injection, ...),
Andreas Kurtz
Enthusiast 3 Remote Code Execution,
admin
[USN-666-1] Dovecot vulnerability,
Kees Cook
VMware Emulation Flaw x64 Guest Privilege Escalation (2/2),
ds . adv . pub
Re: [WEB SECURITY] countermeasure against attacks through HTML shared files,
fcorella
[ MDVSA-2008:224-1 ] kernel,
security
countermeasure against attacks through HTML shared files,
fcorella
VMSA-2008-0018 VMware Hosted products and patches for ESX and ESXi resolve two security issues,
VMware Security Team
[USN-662-2] Ubuntu kernel modules vulnerability,
Kees Cook
[ MDVSA-2008:226 ] ruby,
security
[USN-665-1] Netpbm vulnerability,
Marc Deslauriers
[security bulletin] HPSBTU02383 SSRT080098 rev.1 - HP Tru64 UNIX running AdvFS "showfile" command, Local Gain Extended Privileges,
security-alert
[TKADV2008-011] VLC media player RealText Processing Stack Overflow Vulnerability,
Tobias Klein
[USN-664-1] Tk vulnerability,
Marc Deslauriers
[TKADV2008-012] VLC media player cue Processing Stack Overflow Vulnerability,
Tobias Klein
hMAilServer 4.4.2 (PHPWebAdmin) local & remote file inclusion,
nospam
[SECURITY] [DSA 1662-1] New mysql-dfsg-5.0 packages fix authorization bypass,
Devin Carraway
Arab Portal v2.1 Remote File Disclosure (Win32),
r3d . w0rm
Remote access vulnerability using BigDump ver. 0.29b,
XiaShing
[ MDVSA-2008:225 ] net-snmp,
security
DFLabs PTK Forensic Local Command Execution Vulnerability,
luca . carettoni
[USN-663-1] system-tools-backends regression,
Kees Cook
Applications can open up remote root access on G1 Phone,
Jim Paris
[USN-662-1] Linux kernel vulnerabilities,
Kees Cook
[ MDVSA-2008:224 ] kernel,
security
iDefense Security Advisory 11.04.08: Adobe Acrobat And Reader AcroJS Heap Corruption Vulnerability,
iDefense Labs
iDefense Security Advisory 11.04.08: Adobe Reader Embedded Font Handling Out of Bounds Array Indexing Vulnerability,
iDefense Labs
ZDI-08-074: Adobe Acrobat PDF Javascript getCosObj Memory Corruption Vulnerability,
zdi-disclosures
ZDI-08-073: Adobe Acrobat Reader Malformed PDF Code Execution Vulnerability,
zdi-disclosures
ZDI-08-072: Adobe Acrobat PDF Javascript printf Stack Overflow Vulnerability,
zdi-disclosures
iDefense Security Advisory 11.04.08: Multiple Vendor NOS Microsystems getPlus Downloader Stack Buffer Overflow Vulnerability,
iDefense Labs
[Index of Archives]
[Netfilter]
[Security]
[PHP]
[Linux Kernel]
