Bugtraq
[Prev Page][Next Page]
- [ GLSA 200806-04 ] rdesktop: Multiple vulnerabilities,
Pierre-Yves Rofes
- GSC Privilege Escalation Exploit,
Moose
- Collection of Vulnerabilities in Fully Patched Vim 7.1,
Jan Minář
- [ MDVSA-2008:113 ] - Updated kernel packages fix security issue,
security
- [ MDVSA-2008:114 ] - Updated util-linux-ng packages fix log injection issue,
security
- Technical Details of Security Issues Regarding Safari for Windows,
LIUDIEYU dot COM
- [USN-612-9] openssl-blacklist update,
Jamie Strandboge
- Securify bulletin: Microsoft Active Directory Denial-of-service,
Securify Bulletins
- [USN-612-10] OpenVPN regression,
Jamie Strandboge
- Exploit for vBulletin "obscure" XSS (3.7.1 & 3.6.10),
Jessica Hope
- AS/400 Vulnerabilities,
Jon Kibler
- [USN-616-1] X.org vulnerabilities,
Kees Cook
- [SECURITY] [DSA 1597-1] New mt-daapd packages fix several vulnerabilities,
Devin Carraway
- [SECURITY] [DSA 1596-1] New typo3 packages fix several vulnerabilities,
Thijs Kinkhorst
- [ MDVSA-2008:112 ] - Updated kernel packages fix security issues,
security
- [SECURITY] [DSA 1595-1] New xorg-server packages fix several vulnerabilities,
Thijs Kinkhorst
- Pooya Site Builder (PSB) SQL Injection Vulnerabilities,
Admin
- DEFCON Switzerland looking for DEFCON visitors,
DEF CON Switzerland
- SNMPv3 Authentication Bypass - CVE-2008-0960,
inode
- ASPPortal Free Version (Topic_Id) Remote SQL Injection Vulnerability,
sys-project
- rPSA-2008-0189-1 kernel xen,
rPath Update Announcements
- iDefense Security Advisory 06.11.08: Multiple Vendor X Server MIT-SHM Extension Information Disclosure Vulnerability,
iDefense Labs
- iDefense Security Advisory 06.11.08: Multiple Vendor X Server Record and Security Extensions Multiple Memory Corruption Vulnerabilities,
iDefense Labs
- Xigla Multiple Products - Multiple Vulnerabilities,
Admin
- iDefense Security Advisory 06.11.08: Multiple Vendor X Server Render Extension Gradient Creation Integer Overflow Vulnerability,
iDefense Labs
- iDefense Security Advisory 06.11.08: Multiple Vendor X Server Render Extension ProcRenderCreateCursor() Integer Overflow Vulnerability,
iDefense Labs
- iDefense Security Advisory 06.11.08: Multiple Vendor X Server Render Extension AllocateGlyph() Integer Overflow Vulnerability,
iDefense Labs
- [SECURITY] [DSA 1594-1] New imlib2 packages fix arbitrary code execution,
Moritz Muehlenhoff
- [security bulletin] HPSBMA02340 SSRT080024, SSRT080041 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code, Denial of Service (DoS),
security-alert
- phpRaider <= v1.0.6,7 Maybe Other Versions Remote File include Vulnerable,
none
- Flat Calendar v1.1 Remote Permission Bypass Vulnerability,
none
- CORE-2008-0125: CitectSCADA ODBC service vulnerability,
CORE Security Technologies Advisories
- Secunia Research: uTorrent / BitTorrent Web UI HTTP "Range" Header DoS,
Secunia Research
- PHPEasyData 1.5.4 Multiple Vulnerabilities,
Sylvain
- TYPO3 Security Bulletin TYPO3-20080611-1: Multiple vulnerabilities in TYPO3 Core,
lars
- [security bulletin] HPSBUX02342 SSRT080063 rev.1 - HP-UX Running Apache or Tomcat with PHP, Remote Execution of Arbitrary Code,
security-alert
- ZDI-08-040: Microsoft DirectX SAMI File Format Name Parsing Stack Overflow Vulnerability,
zdi-disclosures
- ZDI-08-039: Microsoft Internet Explorer DOM Ojbect substringData() Heap Overflow Vulnerability,
zdi-disclosures
- Many bugs on CMS system Piugame,
Psymera
- [ MDVSA-2008:111 ] - Updated Evolution packages fix vulnerabilities,
security
- ZDI-08-038: QuickTime SMIL qtnext Redirect File Execution,
zdi-disclosures
- iDefense Security Advisory 06.10.08: Multiple Vendor FreeType2 PFB Memory Corruption Vulnerability,
iDefense Labs
- ZDI-08-037: Apple QuickTime Indeo Video Buffer Overflow Vulnerability,
zdi-disclosures
- XSS - Glassfish Web Admin Interface (Sun Java System Application Server 9.1_01 (build b09d-fcs) ),
Eduardo Jorge
- iDefense Security Advisory 06.10.08: Multiple Vendor FreeType2 Multiple Heap Overflow Vulnerabilities,
iDefense Labs
- iDefense Security Advisory 06.10.08: Multiple Vendor FreeType2 PFB Integer Overflow Vulnerability,
iDefense Labs
- Cisco Security Advisory: SNMP Version 3 Authentication Vulnerabilities,
Cisco Systems Product Security Incident Response Team
- iDefense Security Advisory 06.10.08: Multiple Vendor OpenOffice rtl_allocateMemory() Integer Overflow Vulnerability,
iDefense Labs
- [security bulletin] HPSBMA02338 SSRT080024, SSRT080041 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code, Denial of Service (DoS),
security-alert
- Secunia Research: Apple QuickTime PICT Image Parsing Buffer Overflow,
Secunia Research
- [web-app] Insanely Simple Blog 0.5 (index) Remote SQL Injection Vulnerabilities,
unohope
- [web-app] yBlog 0.2.2.2 Multiple Remote Vulnerabilities,
unohope
- [web-app] DCFM Blog 0.9.4 (comments) Remote SQL Injection Vulnerability,
unohope
- [web-app] ErfurtWiki <= R1.02b (css) Local File Inclusion Vulnerability,
unohope
- [oCERT-2008-006] multiple SNMP implementations HMAC authentication spoofing,
Andrea Barisani
- [web-app] Tornado Knowledge Retrieval System <= 4.2 Remote XSS Vulnerability,
unohope
- [SECURITY] [DSA 1593-1] New tomcat5.5 packages cross-site scripting,
Moritz Muehlenhoff
- [SECURITY] [DSA 1592-2] New Linux 2.6.18 packages fix overflow conditions,
dann frazier
- webTA by kronos - XSS,
Alex Eden
- XSS - NEXTGEN GALLERY 0.96 WORDPRESS PLUGIN,
Eduardo Jorge
- [SECURITY] [DSA 1592-1] New Linux 2.6.18 packages fix overflow conditions,
dann frazier
- [ GLSA 200806-03 ] Imlib 2: User-assisted execution of arbitrary code,
Tobias Heinlein
- FreeSSHD 1.2.1 (Post Auth) Remote Seh Overflow Exploit,
m . memelli
- [USN-615-1] Evolution vulnerabilities,
Jamie Strandboge
- SchoolCenter URL Handling Cross Site Scripting Vulnerability,
DoZ
- rPSA-2008-0185-1 vsftpd,
rPath Update Announcements
- Vulnerability in Network General/Net Scout product,
jgrove_2000
- Akamai Technologies Security Advisory 2008-0003 (Akamai Client Software),
Akamai Security Team
- Secunia Research: Akamai Red Swoosh Cross-Site Request Forgery,
Secunia Research
- [ MDVSA-2008:110 ] - Updated Firefox packages fix vulnerabilities,
security
- WEBAlbum <= 2.0 Remote Stored Cross Site Scripting Vulnerability,
tan_prathan
- F5 FirePass Content Inspection Management XSS,
nnposter
- iDefense Security Advisory 06.04.08: VMware Multiple Products vmware-authd Untrusted Library Loading Vulnerability,
iDefense Labs
- iDefense Security Advisory 06.04.08: VMware Tools HGFS Local Privilege Escalation Vulnerability,
iDefense Labs
- AST-2008-009: (Corrected subject) Remote crash vulnerability in ooh323 channel driver,
Asterisk Security Team
- Akamai Download Manager File Downloaded To Arbitrary Location Vulnerability,
cocoruder
- SMEweb 1.4b (SQL/XSS) Multiple Remote Vulnerabilities,
tan_prathan
- Remote DoS vulnerability in Linksys WRH54G,
dubingyao
- [security bulletin] HPSBST02312 SSRT071428 rev.2 - HP StorageWorks Storage Mirroring Software, Remote Execution of Arbitrary Code,
security-alert
- e107 Plugin echat MENU Blind SQL Injection Vulnerability,
hadihadi_zedehal_2006
- AST-2008-009: AST-2008-007 Cryptographic keys generated by OpenSSL on Debian-based systems compromised,
Asterisk Security Team
- CA Secure Content Manager HTTP Gateway Service FTP Request Vulnerabilities,
Williams, James K
- CORE-2008-0425 - NASA BigView Stack Buffer Overflow,
CORE Security Technologies Advisories
- iDefense Security Advisory 06.04.08: Kaspersky Internet Security IOCTL Stack Based Buffer Overflow Vulnerability,
iDefense Labs
- iDefense Security Advisory 06.04.08: Skype File URI Security Bypass Code Execution Vulnerability,
iDefense Labs
- TPTI-08-05: CA ETrust Secure Content Manager Gateway FTP LIST Stack Overflow Vulnerability,
DVLabs
- ZDI-08-036: CA ETrust Secure Content Manager Gateway FTP LIST Stack Overflow,
zdi-disclosures
- ZDI-08-035: CA ETrust Secure Content Manager Gateway FTP PASV Stack Overflow Vulnerability,
zdi-disclosures
- ZDI-08-034: HP StorageWorks Storage Mirroring Authentication Processing Stack Overflow Vulnerability,
zdi-disclosures
- VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues,
VMware Security team
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco PIX and Cisco ASA,
Cisco Systems Product Security Incident Response Team
- Akamai Technologies Security Advisory 2008-0001 (Download Manager),
Akamai Security Team
- iDefense Security Advisory 06.03.08: Sun Java System Active Server Pages Buffer Overflow Vulnerability,
iDefense Labs
- iDefense Security Advisory 06.03.08: Sun Java System Active Server Pages Authorization Bypass Vulnerability,
iDefense Labs
- iDefense Security Advisory 06.03.08: Sun Java System Active Server Pages Multiple Directory Traversal Vulnerabilities,
iDefense Labs
- IMF 2008 - Deadline Extension (2nd try),
Oliver Goebel
- iDefense Security Advisory 06.03.08: Sun Java System Active Server Pages Multiple Command Injection Vulnerabilities,
iDefense Labs
- CSIS-RI-0003: Multiple buffer overflow vulnerabilities in HP ActiveX,
rand
- iDefense Security Advisory 06.03.08: Sun Java System Active Server Pages Information Disclosure Vulnerability,
iDefense Labs
- [security bulletin] HPSBMA02326 SSRT071490 rev.1 - HP Instant Support HPISDataManager.dll Running on Windows, Remote Execution of Arbitrary Code,
security-alert
- iDefense Security Advisory 06.03.08: Sun Java System Active Server Pages File Creation Vulnerability,
iDefense Labs
- QuickerSite Multiple Vulnerabilities,
Admin
- [ MDVSA-2008:109 ] - Updated kernel packages fix bugs,
security
- AST-2008-008: Remote Crash Vulnerability in SIP channel driver when run in pedantic mode,
Asterisk Security Team
- [USN-614-1] Linux kernel vulnerabilities,
Kees Cook
- AccessMe Tool Release,
Oliver Lavery
- [NSG 03-06-2008] C6 Messenger Installation Url DownloaderActiveX Control Remote Download & Execute Exploit,
ipsdix
- London DEFCON June meet - DC4420 - Thursday 5th June,
Major Malfunction
- [ GLSA 200806-01 ] mtr: Stack-based buffer overflow,
Tobias Heinlein
- [ GLSA 200806-02 ] libxslt: Execution of arbitrary code,
Tobias Heinlein
- [security bulletin] HPSBST02312 SSRT071428 rev.1 - HP StorageWorks Storage Mirroring Software, Remote Execution of Arbitrary Code,
security-alert
- [SECURITY] [DSA 1591-1] New libvorbis packages fix several vulnerabilities,
Thijs Kinkhorst
- Windows Installer msiexec GUID Buffer Overflow,
Patrick Webster
- [SECURITY] CVE-2008-1947: Tomcat host-manager XSS vulnerability,
Mark Thomas
- Advisory: Xerox Workaround & planned patch,
suzanne . hawley
- DEFCON 16 Updates - Get involved!,
The Dark Tangent
- rPSA-2008-0181-1 openssl openssl-scripts,
rPath Update Announcements
- [ECHO_ADV_96$2008] HiveMaker Professional <= 1.0.2 (cid) Sql Injection Vulnerability,
erdc
- ComicShout 2.8 (news.php news_id) SQL Injection Vulnerability,
sys-project
- OtomiGenX v2.2 Ultimate Authentication bypass Vulnerability,
hadihadi_zedehal_2006
- BP Blog 6.0 (id) Remote Blind SQL Injection Vulnerability,
sys-project
- ARP handler Inspection tool released,
Andrea Di Pasquale
- rPSA-2008-0180-1 samba samba-client samba-server samba-swat,
rPath Update Announcements
- [SECURITY] [DSA 1553-2] New ikiwiki packages fix regression,
Thijs Kinkhorst
- SQL Injection leading to authorization bypass in Torrent Trader Classic v1.08 and earlier,
Charles Vaughn
- LokiCMS Multiple Vulnerabilities through Authorization weakness,
Alireza Hassani
- VisualSentinel 0.7 Cross Agent Scripting Vulnerability,
bugtraq
- [SECURITY] [DSA 1588-2] New Linux 2.6.18 packages fix several vulnerabilities,
dann frazier
- [SECURITY] [DSA 1590-1] New samba packages fix arbitrary code execution,
Florian Weimer
- VMSA-2008-0008 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion resolve critical security issues,
VMware Security team
- Dot Net Nuke (DNN) <= 4.8.3 XSS Vulnerability,
Admin
- XEROX DocuShare URL XSS Injection Vulnerabilities,
DoZ
- dvbbs8.2(access/sql)version login.asp remote sql injection,
hackerb
- [ MDVSA-2008:108 ] - Updated samba packages fix arbitrary code execution vulnerability,
security
- Flash Blog Sql Injection,
16 . her0
- [ GLSA 200805-22 ] MPlayer: User-assisted execution of arbitrary code,
Tobias Heinlein
- FlashBlog Remote File Upload Vulnerability,
mefisto
- [ GLSA 200805-23 ] Samba: Heap-based buffer overflow,
Tobias Heinlein
- Secunia Research: imlib2 PNM and XPM Buffer Overflow,
Secunia Research
- Secunia Research: Samba "receive_smb_raw()" Buffer Overflow Vulnerability,
Secunia Research
- Bypassing URL Authentication and Authorization with HTTP Verb Tampering,
Arshan Dabirsiaghi
- Vulnerability Advisory on OpenSSL,
josh
- [ MDVSA-2008:107 ] - Updated openssl package fixes denial of service vulnerabilities,
security
- [security bulletin] HPSBUX02334 SSRT071403 rev.2 - HP-UX Running ftp, Remote Denial of Service (DoS),
security-alert
- [SAMBA] CVE-2008-1105 - Boundary failure when parsing SMB responses,
Gerald (Jerry) Carter
- Cisco Security Advisory: CiscoWorks Common Services Arbitrary Code Execution Vulnerability,
Cisco Systems Product Security Incident Response Team
- rPSA-2008-0105-1 evolution,
rPath Update Announcements
- [NSG_28-5-08] CA Internet Security Suite 2008 (UmxEventCli.dll/SaveToFile()) remote file corruption poc,
ipsdix
- rPSA-2008-0178-1 php php-mysql php-pgsql,
rPath Update Announcements
- iDefense Security Advisory 05.27.08: EMC AlphaStor Server Agent Multiple Stack Buffer Overflow Vulnerabilities,
iDefense Labs
- ZDI-08-033: Motorola RAZR JPG Processing Stack Overflow Vulnerability,
zdi-disclosures
- iDefense Security Advisory 05.27.08: EMC AlphaStor Library Manager Arbitrary Command Execution Vulnerability,
iDefense Labs
- [ GLSA 200805-21 ] Roundup: Permission bypass,
Tobias Heinlein
- rPSA-2008-0177-1 emacs emacs-leim,
rPath Update Announcements
- [SECURITY] [DSA 1588-1] New Linux 2.6.18 packages fix several vulnerabilities,
dann frazier
- Security, Open Source Style,
Josh Bressers
- IOS Rookit: the sky isn't falling (yet),
Nicolas FISCHBACH
- RoomPHPlanning 1.5 (weekview.php) SQL Injection Vulnerability,
hadihadi_zedehal_2006
- [security bulletin] HPSBUX02335 SSRT071454 rev.2 - HP-UX Running useradd(1M), Local Unauthorized Access,
security-alert
- T2'08: Call for Papers 2008 (Helsinki / Finland),
Tomi Tuominen
- [SECURITY] [DSA 1587-1] New mtr packages fix execution of arbitrary code,
Steve Kemp
- SECOBJADV-2008-01: Lenovo SystemUpdate SSL Certificate Issuer Spoofing Vulnerability,
Security Objectives, Inc.
- Zina 1.0rc3 Remote Directory Traversal Vulnerability & XSS Vulnerability,
irancrash
- Repair Online v1.2 (sentout) Create Admin Vulnerability,
unohope
- Advisory - Rsyncrypto maybe affected from Debian OpenSSL reduced entropy problem,
Aviram Jenik
- Campus Bulletin Board v3.4 Multiple Remote Vulnerabilities,
unohope
- Ablespace 1.0 'cat_id' Parameter SQL Injection Vulnerability,
a . jasbi
- Class System v2.3 Multiple Remote Vulnerabilities,
unohope
- Mini-CWB <= 2.1.1 Remote XSS Vulnerability,
tan_prathan
- function sleep() in all versions of PHP,
gogulas
- phpFix v2 Multiple SQL Injection Vulnerability,
unohope
- Excuse Online (pwd) SQL Injection Vulnerability,
unohope
- Re: IOS rootkits (fwd),
Gadi Evron
- PCPIN Chat 6: potential XSS vulnerability in URL redirection script,
admin
- vuln in WordPress plugin Upload File(UP),
my
- dzoic handshakes sql injection >> index.php on $fname,
a . jasbi
- [ MDVSA-2008:106 ] - Updated gnutls packages fix denial of service vulnerabilities,
security
- xt:Commerce possible DoS,
decoder-bugtraq
- rPSA-2008-0176-1 php php-cgi php-imap php-mcrypt php-mysql php-mysqli php-pgsql php-soap php-xsl php5 php5-cgi php5-imap php5-mcrypt php5-mysql php5-mysqli php5-pear php5-pgsql php5-soap php5-xsl,
rPath Update Announcements
- [DSECRG-08-025] Local File Include in OneCMS 2.5,
Digital Security Research Group
- e107 Plugin BLOG Engine v2.2 (macgurublog.php/uid) Blind SQL Injection Vulnerability,
hadihadi_zedehal_2006
- [DSECRG-08-024] Multiple Security Vulnerabilities (RFI,LFI,XSS) in QuateCMS,
Digital Security Research Group
- [SECURITY] [DSA 1586-1] New xine-lib packages fix several vulnerabilities,
Devin Carraway
- abledating 2.4 >> Sql injection and cross site scripting on search_results.php,
a . jasbi
- IRM Security Advisory : Barracuda Networks Spam Firewall Cross-Site Scripting Vulnerability,
Mark Crowther
- rPSA-2008-0174-1 gnutls,
rPath Update Announcements
- /home/putnopvut/asa/AST-2008-007/AST-2008-007: AST-2008-007 Cryptographic keys generated by OpenSSL on Debian-based systems compromised,
Asterisk Security Team
- BMForum Remote 5.6 Miltiple XSS Vulnerability,
tan_prathan
- Exteen Blog XSS Remote Cookie Disclosure Exploit,
tan_prathan
- [security bulletin] HPSBUX02337 SSRT080072 rev.1 - HP-UX Running HP-UX Secure Shell, Local Unauthorized Access and Denial of Service (DoS),
security-alert
- phpSQLiteCMS Multiple Remote XSS Vulnerability,
tan_prathan
- PHPFreeForum <= 1.0 RC2 Remote XSS Vulnerability,
tan_prathan
- ZDI-08-031: Trillian MSN MIME Header Stack-Based Overflow Vulnerability,
zdi-disclosures
- ZDI-08-030: Trillian Multiple Protocol XML Parsing Memory Corruption Vulnerability,
zdi-disclosures
- ZDI-08-029: Trillian AIM.DLL Long HTML Font Parameter Stack Overflow Vulnerability,
zdi-disclosures
- ZDI-08-028: IBM Lotus Sametime Community Services Multiplexer Stack Overflow Vulnerability,
zdi-disclosures
- [ GLSA 200805-20 ] GnuTLS: Execution of arbitrary code,
Robert Buchholz
- MDAP ANTs PWNAGE: dumping the admin password of the BT Home Hub,
Adrian Pastor
- iDefense Security Advisory 05.21.08: Multiple Vendor Snort IP Fragment TTL Evasion Vulnerability,
iDefense Labs
- www file share pro 5.30 insecure multiple,
output
- CORE-2008-0126: Multiple vulnerabilities in iCal,
Core Security Technologies Advisories
- [SECURITY] [DSA 1584-1] New libfissound packages fix execution of arbitrary code,
Steve Kemp
- [USN-612-8] openssl-blacklist update,
Jamie Strandboge
- Cisco Security Advisory: Cisco Voice Portal Privilege Escalation Vulnerability,
Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco IOS Secure Shell Denial of Service,
Cisco Systems Product Security Incident Response Team
- [USN-613-1] GnuTLS vulnerabilities,
Kees Cook
- [DSECRG-08-020] Alcatel OmniPCX Office Remote Comand Execution,
Digital Security Research Group
- [DSECRG-08-023] SAP Web Application Server XSS Security Vulnerability,
Digital Security Research Group
- [ MDVSA-2008:105 ] - Updated kernel packages fix vulnerabilities,
security
- CORE-2008-0415: Borland Interbase 2007 Integer Overflow,
CORE Security Technologies
- [ GLSA 200805-18 ] Mozilla products: Multiple vulnerabilities,
Robert Buchholz
- [ GLSA 200805-19 ] ClamAV: Multiple vulnerabilities,
Robert Buchholz
- [ GLSA 200805-17 ] Perl: Execution of arbitrary code,
Tobias Heinlein
- [SECURITY] [DSA 1582-1] New peercast packages fix arbitrary code execution,
Thijs Kinkhorst
- [SECURITY] [DSA 1583-1] New gnome-peercast packages fix several vulnerabilities,
Thijs Kinkhorst
- Mantis Bug Tracker 1.1.1 Multiple Vulnerabilities,
ascii
- [SECURITY] [DSA 1581-1] New gnutls13 packages fix potential code execution,
Florian Weimer
- [security bulletin] HPSBUX02332 SSRT080056 rev.2 - HP-UX Running Apache With PHP, Remote Denial of Service (DoS), Gain Extended Privileges,
security-alert
- [security bulletin] HPSBUX02335 SSRT071454 rev.1 - HP-UX Running useradd(1M), Local Unauthorized Access,
security-alert
- ZDI-08-026: CA BrightStor ARCserve Backup Remote Buffer Overflow,
zdi-disclosures
- Starsgames Control Panel <= 4.6.2 Remote XSS Vulnerability,
tan_prathan
- [SECURITY] [DSA 1580-1] New phpgedview packages fix privilege escalation,
Thijs Kinkhorst
- Secunia Research: Foxit Reader "util.printf()" Buffer Overflow,
Secunia Research
- Vbulletin 3.7.0 Gold >> Sql injection on faq.php,
a . jasbi
- eCMS-v0.4.2 (SQL/PB) Multiple Remote Vulnerabilities,
hadihadi_zedehal_2006
- Vulnerability Advisory on GnuTLS,
josh
- [USN-612-7] OpenSSH update,
Kees Cook
- CA ARCserve Backup caloggerd and xdr Functions Vulnerabilities,
Williams, James K
- An account of the Estonian Internet War,
Gadi Evron
- AppServ Open Project < = 2.5.10 Remote XSS Vulnerability,
tan_prathan
- ZDI-08-027: CA BrightStor ARCserve Backup Arbitrary File Writing Vulnerability,
zdi-disclosures
- Mtr - remote and local stack overflow - uncomment situation in libresolv.,
pi3
- [security bulletin] HPSBST02336 SSRT080071 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-026 to MS08-029,
security-alert
- [ MDVSA-2008:103 ] - Updated libid3tag packages fix denial of service vulnerability,
security
- Insomnia : ISVA-080516.1 - Altiris Deployment Solution - SQL Injection,
Brett Moore
- DoS attacks using SQL Wildcards - White Paper,
Ferruh Mavituna
- Microsoft word javascript execution,
jplopezy
- Wordpress Malicious File Execution Vulnerability,
tan_prathan
- Insomnia : ISVA-080516.2 - Altiris Deployment Solution - Domain Account Disclosure,
Brett Moore
- Smeego CMS vulnerability,
0in . email
- [SECURITY] [DSA 1579-1] New netpbm-free packages fix arbitrary code execution,
Devin Carraway
- Cpanel all version >> root access with a reseller account.,
a . jasbi
- StanWeb.CMS (default.asp id) Remote SQL Injection Exploit,
sys-project
- PHP-Nuke Module KuraniKerim [sid] SQL Injection,
lovebug
- [SECURITY] [DSA 1578-1] New php4 packages fix several vulnerabilities,
Thijs Kinkhorst
- CFP for HITBSecConf2008 - Malaysia now open,
Praburaajan
- IOS rootkits,
Gadi Evron
- [ MDVSA-2008:101 ] - Updated rdesktop packages fix vulnerabilities,
security
- [ MDVSA-2008:102 ] - Updated libvorbis packages fix vulnerabilities,
security
- [SECURITY] [DSA 1576-2] New openssh packages fix predictable randomness,
Noah Meyerhans
- Hack.lu 2008 CfP,
info
- ZDI-08-025: Symantec Altiris Deployment Solution Domain Credential Disclosure Vulnerability,
zdi-disclosures
- ZDI-08-024: Symantec Altiris Deployment Solution SQL Injection Vulnerability,
zdi-disclosures
- SunShop Version 3.5.1 Remote Blind Sql Injection,
irvian . info
- Aruba Mobility Controller TACACS User Authentication and Cross Site Scripting Vulnerabilities (Aruba Advisory ID: AID-051408),
Robbie (Rupinder) Gill
- Debian generated SSH-Keys working exploit,
mm
- Kostenloses Linkmanagementscript SQL Injection Vulnerabilities,
hadihadi_zedehal_2006
- [USN-612-6] OpenVPN regression,
Jamie Strandboge
- [ GLSA 200805-16 ] OpenOffice.org: Multiple vulnerabilities,
Robert Buchholz
- Correction to BID 29112 "Apache Server HTML Injection and UTF-7 XSS Vulnerability",
William A. Rowe, Jr.
- Cisco Security Advisory: Cisco Unified Presence Denial of Service Vulnerabilities,
Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco Content Switching Module Memory Leak Vulnerability,
Cisco Systems Product Security Incident Response Team
- [ GLSA 200805-15 ] libid3tag: Denial of Service,
Tobias Heinlein
- [USN-612-5] OpenSSH update,
Jamie Strandboge
- Cisco Security Advisory: Cisco Unified Communications Manager Denial of Service Vulnerabilities,
Cisco Systems Product Security Incident Response Team
- CFP: European Conference on Computer Network Defense,
Stefano Zanero
- [SECURITY] [DSA 1576-1] New openssh packages fix predictable randomness,
Florian Weimer
- [USN-612-4] ssl-cert vulnerability,
Kees Cook
- Malformed Acrobat Distiller 8 .joboptions,
Paul Craig
- Microsoft Office Publisher PUB File Parsing Remote Memory Corruption Vulnerability,
cocoruder
- [SECURITY] [DSA 1577-1] New gforge packages fix insecure temporary files,
Thijs Kinkhorst
- Cisco BBSM Captive Portal Cross-site Scripting,
brad . antoniewicz
- [ GLSA 200805-14 ] Common Data Format library: User-assisted execution of arbitrary code,
Pierre-Yves Rofes
- iDefense Security Advisory 05.13.08: Microsoft Word CSS Processing Memory Corruption Vulnerability,
iDefense Labs
- ZDI-08-023: Microsoft Office RTF Parsing Engine Memory Corruption Vulnerability,
zdi-disclosures
- TPTI-08-04: Microsoft Office Jet Database Engine Column Parsing Stack Overflow Vulnerability,
DVLabs
- [USN-612-2] OpenSSH vulnerability,
Jamie Strandboge
- [USN-612-1] OpenSSL vulnerability,
Jamie Strandboge
- [SECURITY] [DSA 1571-1] New openssl packages fix predictable random number generator,
Florian Weimer
- iDefense Security Advisory 05.12.08: Microsoft Windows I2O Filter Utility Driver (i2omgmt.sys) Local Privilege Escalation Vulnerability,
iDefense Labs
- [SECURITY] [DSA 1575-1] New Linux 2.6.18 packages fix denial of service,
dann frazier
- [MajorSecurity Advisory #52]ActualAnalyzer family - Cross Site Scripting Issues,
admin
- [ GLSA 200805-13 ] PTeX: Multiple vulnerabilities,
Pierre-Yves Rofes
- [ GLSA 200805-12 ] Blender: Multiple vulnerabilities,
Pierre-Yves Rofes
- [ GLSA 200805-11 ] Chicken: Multiple vulnerabilities,
Pierre-Yves Rofes
- [security bulletin] HPSBUX02334 SSRT071403 rev.1 - HP-UX Running ftp, Remote Denial of Service (DoS),
security-alert
- [SECURITY] [DSA 1574-1] New icedove packages fix several vulnerabilities,
Moritz Muehlenhoff
- [SECURITY] [DSA 1573-1] New php5 packages fix several vulnerabilities,
Thijs Kinkhorst
- Confirmed Program for SyScan'08 Hong Kong,
organiser@xxxxxxxxxx
- [ GLSA 200805-10 ] Pngcrush: User-assisted execution of arbitrary code,
Pierre-Yves Rofes
- [SECURITY] [DSA 1572-1] New php5 packages fix several vulnerabilities,
Thijs Kinkhorst
- Joomla Component xsstream-dm 0.01 Beta SQL Injection,
houssamix
- [ MDVSA-2008:100 ] - Updated perl packages fix denial of service vulnerability,
security
- [SECURITY] [DSA 1573-1] New rdesktop packages fix several vulnerabilities,
Thijs Kinkhorst
- [ GLSA 200805-09 ] MoinMoin: Privilege escalation,
Pierre-Yves Rofes
- OtherLogic[vocourse.php]SQL Injection Exploit,
Breeeeh
- SazCart <= 1.5.1 (prodid) Remote SQL Injection Exploit,
sys-project
- [ GLSA 200805-07 ] Linux Terminal Server Project: Multiple vulnerabilities,
Robert Buchholz
- [ MDVSA-2008:099 ] - Updated ImageMagick packages fix vulnerabilities,
security
- XSS and CSRF vulnerability on Cpanel 11,
Matteo Carli
- FInal EUSecWest 2008 Speakers,
Dragos Ruiu
- [ GLSA 200805-06 ] Firebird: Data disclosure,
Robert Buchholz
- Oracle Application Server 10G ORA_DAV Basic Authentication Bypass Vulnerability,
Deniz Cevik
- [ GLSA 200805-08 ] InspIRCd: Denial of Service,
Robert Buchholz
- Apache Server HTML Injection and UTF-7 XSS Vulnerability,
lament hero
- Re: Re: Re: Apache Server HTML Injection and UTF-7 XSS Vulnerability,
Tom . Donovan
- Re: Re: Re: Re: Apache Server HTML Injection and UTF-7 XSS Vulnerability,
yos20053
- Re: Re: Re: Re: Re: Apache Server HTML Injection and UTF-7 XSS Vulnerability,
Tom . Donovan
[USN-611-3] GStreamer Good Plugins vulnerability,
Jamie Strandboge
[USN-611-2] vorbis-tools vulnerability,
Jamie Strandboge
FLEA-2008-0008-1 firefox,
Foresight Linux Essential Announcement Service
[USN-611-1] Speex vulnerability,
Jamie Strandboge
ezContents CMS Version 2.0.0 SQL Injection Vulnerabilities,
hadihadi_zedehal_2006
iDefense Security Advisory 05.07.08: Multiple Vendor rdesktop process_redirect_pdu() BSS Overflow Vulnerability,
iDefense Labs
ZYWALL Referer Header XSS Vulnerability,
Deniz Cevik
iDefense Security Advisory 05.07.08: Multiple Vendor rdesktop channel_process() Integer Signedness Vulnerability,
iDefense Labs
[ GLSA 200805-04 ] eGroupWare: Multiple vulnerabilities,
Pierre-Yves Rofes
Novell Client <= 4.91 SP4 Local Stack overflow / B.S.O.D (unauthentificated user),
laurent . gaffie
iDefense Security Advisory 05.07.08: Multiple Vendor rdesktop iso_recv_msg() Integer Underflow Vulnerability,
iDefense Labs
Exploiting Google MX servers as Open SMTP Relays,
pablo . ximenes
Vulnerability in Multiple Web Application,
linux0day
VBZooM <=V1.11 "reply.php" SQL Injection Vulnerability,
Cr4zY . CrAcKeR
Multiple XSS In TuxCMS All Version,
hadikiamarsi
[ GLSA 200805-03 ] Multiple X11 terminals: Local privilege escalation,
Tobias Heinlein
[USN-610-1] LTSP vulnerability,
Kees Cook
[USN-609-1] OpenOffice.org vulnerabilities,
Kees Cook
rPSA-2008-0162-1 kernel,
rPath Update Announcements
Adobe Acrobat Professional Javascript For PDF Security Feature Bypass and Memory Corruption Vulnerabilities,
cocoruder
[Advisory Update]Adobe Reader/Acrobat Remote PDF Print Silently Vulnerability,
cocoruder
[ MDVSA-2008:098 ] - Updated openssh packages fix vulnerability,
security
[ MDVSA-2008:096 ] - Updated emacs packages fix vulnerability in vcdiff,
security
[ MDVSA-2008:097 ] - Updated kdelibs packages fix vulnerability in start_kdeinit,
security
mvnForum 1.1 Cross Site Scripting,
decoder-bugtraq
Sphider 1.3.4 Cross Site Scripting,
decoder-bugtraq
[SECURITY] [DSA 1570-1] New kazehakase packages fix execution of arbitrary code,
Steve Kemp
[USN-605-1] Thunderbird vulnerabilities,
Jamie Strandboge
Power Editor LOCAL FILE INCLUSION Vulnerbility,
hadihadi_zedehal_2006
[USN-607-1] Emacs vulnerabilities,
Jamie Strandboge
QTOFileManager V 1.0<== Remote File Upload Vulnerability,
Cr4zY . CrAcKeR
Invitation - OWASP AppSec Europe May 19-22 2008 - Belgium,
Sebastien Deleersnyder
[USN-608-1] KDE vulnerability,
Jamie Strandboge
[security bulletin] HPSBMA02331 SSRT080000 rev.2 - HP-UX running WBEM Services, Remote Execution of Arbitrary Code, Gain Extended Privileges,
security-alert
HPSBUX02332 SSRT080056 rev.1 - HP-UX running Apache with PHP, Remote Denial of Service (DoS), Gain Extended Privileges,
security-alert
HPSBUX02324 SSRT080034 rev.1 - HP-UX Running Netscape Directory Server (NDS), Local Gain Extended Privileges,
security-alert
[tool announcement] tmin - a handy fuzzing test case optimizer,
Michal Zalewski
[SECURITY] [DSA 1554-2] New roundup packages fix regression,
Thijs Kinkhorst
Advisory SE-2008-03: PHP Multibyte Shell Command Escaping Bypass Vulnerability,
Stefan Esser
[SECURITY] [DSA 1569-2] New cacti packages fix regression,
Thijs Kinkhorst
[ GLSA 200805-02 ] phpMyAdmin: Information disclosure,
Pierre-Yves Rofes
Advisory SE-2008-02: PHP GENERATE_SEED() Weak Random Number Seed Vulnerability,
Stefan Esser
Security Advisory for Bugzilla 3.0.3, 3.1.3, 2.22.3, and 2.20.5,
mkanat
[ GLSA 200805-01 ] Horde Application Framework: Multiple vulnerabilities,
Pierre-Yves Rofes
CORE-2008-0129 - Wonderware SuiteLink Denial of Service vulnerability,
CORE Security Technologies Advisories
Novell eDirectory unauthenticated access to SOAP interface,
Nicob
Novell eDirectory DoS via HTTP headers,
Nicob
[SECURITY] [DSA 1569-1] New cacti packages fix multiple vulnerabilities,
Thijs Kinkhorst
[ECHO_ADV_93$2008] Kmita Tellfriend <= 2.0 (file) Remote File Inclusion Vulnerability,
erdc
[ECHO_ADV_94$2008] Kmita Mail <= 3.0 (file) Remote File Inclusion Vulnerability,
erdc
Scout Portal Toolkit <= 1.4.0 (ParentId) Remote SQL Injection Exploit,
sys-project
[ECHO_ADV_92$2008] Anserv Auction XL (viewfaqs.php cat) Blind Sql Injection Vulnerability,
erdc
[ECHO_ADV_90$2008] PostNuke Module pnEncyclopedia <= 0.2.0 (id) Blind Sql Injection Vulnerability,
erdc
[ECHO_ADV_95$2008] BackLinkSpider (cat_id) Blind Sql Injection Vulnerability,
erdc
[SECURITY] [DSA 1568-1] New b2evolution packages fix cross site scripting,
Thijs Kinkhorst
[SECURITY] [DSA 1567-1] New blender packages fix arbitrary code execution,
Devin Carraway
[ECHO_ADV_91$2008] Online Rental Property Script <= 4.5 (pid) Blind Sql Injection Vulnerability,
erdc
[USN-606-1] CUPS vulnerability,
Jamie Strandboge
LifeType 1.2.8,
irancrash
Maian Uploader v4.0 XSS Vulnerabilities,
irancrash
Microsot DID DISCLOSE potential Backdoor,
J. Oquendo
Maian Links v3.1 XSS Vulnerabilities,
irancrash
Maian Music v1.1 Multiple Vulnerabilities (Xss/SQL Injection),
irancrash
Maian Recipe v1.2 Xss Vulnerabilities,
irancrash
Multiple vulnerabilities in WebMod 0.48,
Luigi Auriemma
Maian Support v1.3 Xss Vulnerabilities,
irancrash
Maian Greeting v2.1 Multiple Vulnerabilities (XSS/SQL INJECTION),
irancrash
Maian Weblog v4.0 XSS Vulnerabilities,
irancrash
Maian Guestbook v3.2 XSS Vulnerabilities,
irancrash
Maian Search v1.1 Multiple Vulnerabilities (XSS/SQL INJECTION),
irancrash
Maian Cart v1.1 XSS Vulnerabilities,
irancrash
Maian Gallery v2.0 XSS Vulnerability,
irancrash
Photos and Presentation Materials from HITBSecConf2008 - Dubai Released,
Praburaajan
SiteXS CMS Remote File Upload Vulnerability,
hadikiamarsi
[TOOL] SSL Capable NetCat (and more),
GomoR
Fixed: LiveCart SQL injection vulnerability fixed since version 1.1.2,
LiveCart
blur6ex-0.3.462 LOCAL FILE INCLUSION Vulnerbility,
hadihadi_zedehal_2006
rPSA-2008-0157-1 kernel,
rPath Update Announcements
Denial of Service in Call of Duty 4 1.5,
Luigi Auriemma
chicomas.2.0.4,
hadikiamarsi
[ MDVSA-2008:095 ] - Updated OpenOffice.org packages fix vulnerabilities,
security
Zomplog 3.8.2 XSS Vulnerability,
irancrash
project alumni v1.0.9 (info.php) SQL Injection Vulnerability,
hadihadi_zedehal_2006
Lifetype 1.2.7 XSS Vulnerability,
irancrash
BlackBook v1.0 Multiple XSS Vulnerabilities,
irancrash
[SECURITY] [DSA 1566-1] New cpio packages fix denial of service,
Steve Kemp
php-addressbook v2.0 Multiple Remote Vulnerabilities (LFI/XSS),
irancrash
[SECURITY] [DSA 1565-1] New Linux 2.6.18 packages fix several vulnerabilities,
dann frazier
Team SHATTER Security Advisory: Oracle Database Buffer Overflow in SYS.KUPF$FILE_INT.GET_FULL_FILENAME (DB11),
Team SHATTER
Team SHATTER Security Advisory: Oracle Database SQL Injection in SYS.DBMS_CDC_UTILITY.LOCK_CHANGE_SET (DB02),
Team SHATTER
vlBook 1.21 (ALL VERSION),
irancrash
mjguest 6.7 (ALL VERSION) Xss & Redirection Vuln,
irancrash
Team SHATTER Security Advisory: Oracle Database Buffer Overflow in SYS.DBMS_AQJMS_INTERNAL (DB15),
Team SHATTER
[SECURITY] [DSA 1564-1] New wordpress packages fix several vulnerabilities,
Thijs Kinkhorst
iDefense Security Advisory 04.30.08: Akamai Download Manager Arbitrary Program Execution Vulnerability,
iDefense Labs
XSS in AstroCam,
Steffen Wendzel
[SECURITY] [DSA 1563-1] New asterisk packages fix denial of service,
Moritz Muehlenhoff
heanet.dl.sourceforge.net hacked?,
Michael Scheidell
Critical Vulnerability in SNMPc,
NGSSoftware Insight Security Research
[security bulletin] HPSBMA02331 SSRT080000 rev.1 - HP-UX running WBEM Services, Remote Execution of Arbitrary Code, Gain Extended Privileges,
security-alert
[ MDVSA-2008:093 ] - Updated vorbis-tools packages fix vulnerabilities,
security
[ MDVSA-2008:092 ] - Updated gstreamer-plugins-good packages fix vulnerabilities,
security
XSS Attack,
hadikiamarsi
rPSA-2008-0151-1 libpng,
rPath Update Announcements
SugarCRM Community Edition Local File Disclosure Vulnerability,
roberto . suggi
[ GLSA 200804-30 ] KDE start_kdeinit: Multiple vulnerabilities,
Matthias Geerdsen
CORE-2008-0320 - Insufficient argument validation of hooked SSDT functions on multiple Antivirus and Firewalls,
CORE Security Technologies Advisories
[ECHO_ADV_89$2008] Softbiz Web Host Directory Script (search_result.php host_id) Blind Sql Injection Vulnerability,
erdc
[ECHO_ADV_88$2008] Prozilla Hosting Index (directory.php cat_id) Blind Sql Injection Vulnerability,
erdc
[SECURITY] [DSA 1562-1] New iceape packages fix arbitrary code execution,
Moritz Muehlenhoff
Microsoft SWI blog inaccuracies,
Amit Klein
Minibb 2.2a XSS Vulnerability,
irancrash
[SECURITY] [DSA 1561-1] New ldm packages fix information disclosure,
Thijs Kinkhorst
bug report,
hadikiamarsi
London DEFCON meet - Thursday 1st May - DC4420,
Major Malfunction
GroupWise 7.0 mailto: scheme buffer overflow,
jplopezy
[SECURITY] [DSA 1560-1] New kronolith2 packages fix cross site scripting,
Thijs Kinkhorst
[SECURITY] [DSA 1556-2] New perl packages fix denial of service,
Florian Weimer
rPSA-2008-0149-1 idle python,
rPath Update Announcements
IMF 2008 - 2nd Call for Papers,
Oliver Goebel
Wordpress 2.5 Cookie Integrity Protection Vulnerability,
Steven J. Murdoch
GroupWise 7 attached bugs,
jplopezy
Curious vulnerability in Excel 2007,
jplopezy
[ GLSA 200804-29 ] Comix: Multiple vulnerabilities,
Pierre-Yves Rofes
R.I.P. rgod,
ipsdix
Lotus expeditor rcplauncher uri handler vulnerability,
Thomas Pollet
[ MDVSA-2008:091 ] - Updated wireshark packages fix denial of service vulnerabilities,
security
[SECURITY] [DSA 1558-1] New xulrunner packages fix arbitrary code execution,
Moritz Muehlenhoff
[SECURITY] [DSA 1534-2] New iceape packages fix regression,
Moritz Muehlenhoff
[SECURITY] [DSA 1556-1] New perl packages fix denial of service,
Florian Weimer
[SECURITY] [DSA 1557-1] New phpmyadmin packages fix several vulnerabilities,
Thijs Kinkhorst
HPSBGN02333 SSRT080031 rev.1 - HP Software Update HPeDiag Running on Windows, Remote Disclosure of Information and Execution of Arbitrary Code,
security-alert
A New Class of Vulnerability in Oracle: Lateral SQL Injection,
David Litchfield
[ GLSA 200804-27 ] SILC: Multiple vulnerabilities,
Tobias Heinlein
DDIVRT-2008-11 BadBlue uninst.exe DoS,
vulnerabilityresearch
Trillian 3.1 basic nick crash,
jplopezy
[ GLSA 200804-28 ] JRockit: Multiple vulnerabilities,
Tobias Heinlein
xine-lib NES Sound Format Demuxer Buffer Overflow,
laurent . gaffie
[W01-0408] Realtek HD Audio Codec Drivers (Vista) - Local Privilege Escalation,
vulns
PR07-44: XSS on RSA Authentication Agent login page,
ProCheckUp Research
PR07-43: Cross-domain redirect on RSA Authentication Agent,
ProCheckUp Research
[ GLSA 200804-26 ] Openfire: Denial of Service,
Robert Buchholz
[ GLSA 200804-25 ] VLC: User-assisted execution of arbitrary code,
Robert Buchholz
[SECURITY] [DSA 1555-1] New iceweasel packages fix arbitrary code execution,
Moritz Muehlenhoff
Zune software - arbitrary file overwrite,
info
NetClassifieds Sql Injection,
noreply
LayerOne 2008 - Final Pre-Con Update,
Layer One
Horde Webmail XSS [Aria-Security],
noreply
AST-2008-006 - 3-way handshake in IAX2 incomplete,
Security Officer
Default key algorithm in Thomson and BT Home Hub routers,
Adrian Pastor
[SECURITY] [DSA 1554-1] New roundup packages fix cross-site scripting vulnerability,
Noah Meyerhans
Firefox 3.0 beta 5 crash,
jplopezy
Safari 3.1.1 Multiple Vulnerabilities for windows,
jplopezy
Cross site scripting issues in s9y (CVE-2008-1386, CVE-2008-1387),
Hanno Böck
[USN-604-1] Gnumeric vulnerability,
Kees Cook
[USN-602-1] Firefox vulnerabilities,
Jamie Strandboge
[ GLSA 200804-24 ] DBmail: Data disclosure,
Matthias Geerdsen
Xoops All Version -Articles- Article.PHP (ID) Blind SQL Injection ExpL0it,
crazy_kinq
[ GLSA 200804-23 ] CUPS: Integer overflow vulnerability,
Matthias Geerdsen
ANNOUNCE: Security Implications of Windows Access Tokens Whitepaper,
luke . jennings
Sea-Surfing on the Motorola Surfboard,
th3 . r00k . nospam
Powered by gCards v1.46 SQL,
turkish-warriorr
IRM Security Advisory : RedDot CMS SQL injection vulnerability,
Mark Crowther
[SECURITY] [DSA 1553-1] New ikiwiki packages fix cross-site request forgery,
Florian Weimer
Acidcat CMS Multiple Vulnerabilities,
admin
[ MDVSA-2008:090 ] - Updated OpenOffice.org packages fix vulnerabilities,
security
Deciphering the PHP-Nuke Capthca,
Michael . Brooks . SPAM
SyScan'08 Singapore - Call for Paper,
organiser@xxxxxxxxxx
Deciphering the Simple Machines Forum audio Captcha,
Michael . Brooks . SPAM
Token Kidnapping (Microsoft Security Advisory 951306) presentation available,
Cesar
[SECURITY] [DSA 1552-1] New mplayer packages fix arbitrary code execution,
Moritz Muehlenhoff
[SECURITY] [DSA 1551-1] New python2.4 packages fix several vulnerabilities,
Moritz Muehlenhoff
ANNOUNCE: RFIDIOt-0.1s release (now available for Windows),
Adam Laurie
Team SHATTER Security Advisory: IBM DB2 UDB Arbitrary code execution in ADMIN_SP_C/ADMIN_SP_C2 procedures,
Team SHATTER
[ GLSA 200804-22 ] PowerDNS Recursor: DNS Cache Poisoning,
Robert Buchholz
Team SHATTER Security Advisory: IBM DB2 UDB Arbitrary file overwrite in SYSPROC.NNSTAT procedure,
Team SHATTER
Team SHATTER Security Advisory: Multiple DoS in JAR files manipulation procedures,
Team SHATTER
Wikepage Wiki v.2007-2 Cross-Site Scripting,
darkz . gsa
[ GLSA 200804-21 ] Adobe Flash Player: Multiple vulnerabilities,
Robert Buchholz
LightNEasy v.1.2.2 flat Multiple Vulnerabilities,
darkz . gsa
5th avenue Shopping Cart SQL Injection,
noreply
[ GLSA 200804-20 ] Sun JDK/JRE: Multiple vulnerabilities,
Robert Buchholz
BitTorrent Clients and CSRF,
th3 . r00k . nospam
[ MDVSA-2008:089 ] - Updated poppler packages fix vulnerability,
security
[ MDVSA-2008:088 ] - Updated clamav packages fix multiple vulnerabilities,
security
[ GLSA 200804-19 ] PHP Toolkit: Data disclosure and Denial of Service,
Robert Buchholz
iDefense Security Advisory 04.17.08: Multiple Vendor OpenOffice QPRO File Parsing Integer Underflow Vulnerability,
iDefense Labs
iDefense Security Advisory 04.17.08: Multiple Vendor OpenOffice QPRO Multiple Heap Overflow Vulnerabilities,
iDefense Labs
iDefense Security Advisory 04.17.08: Multiple Vendor OpenOffice EMF EMR_BITBLT Record Integer Overflow Vulnerability,
iDefense Labs
iDefense Security Advisory 04.17.08: Multiple Vendor OpenOffice OLE DocumentSummaryInformation Heap Overflow Vulnerability,
iDefense Labs
[SECURITY] [DSA 1550-1] New suphp packages fix local privilege escalation,
Moritz Muehlenhoff
Re: [Full-disclosure] Secunia Research: Lotus Notes Folio Flat File Parsing Buffer Overflows,
Juha-Matti Laurio
[SECURITY] [DSA 1549-1] New clamav packages fix several vulnerabilities,
Moritz Muehlenhoff
[USN-603-2] KOffice vulnerability,
Kees Cook
[USN-603-1] poppler vulnerability,
Kees Cook
[SECURITY] [DSA 1548-1] New xpdf packages fix arbitrary code exitution,
Devin Carraway
Announcement - DeepSec Conference 2008, Nov 11-14 2008,
DeepSec Conference
Microsoft Works 7 WkImgSrv.dll crash POC,
wsn1983
[security bulletin] HPSBMA02328 SSRT071293 rev.2 - HP OpenView Network Node Manager (OV NNM) Running Apache, Remote Cross Site Scripting (XSS), Denial of Service (DoS), Execute Arbitrary Code,
security-alert
[security bulletin] HPSBST02329 SSRT080048 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-018 to MS08-025,
security-alert
[security bulletin] HPSBMA02133 SSRT061201 rev.8 - HP Oracle for OpenView (OfO) Critical Patch Update,
security-alert
[ GLSA 200804-18 ] Poppler: User-assisted execution of arbitrary code,
Robert Buchholz
[ GLSA 200804-17 ] Speex: User-assisted execution of arbitrary code,
Robert Buchholz
[ GLSA 200804-16 ] rsync: Execution of arbitrary code,
Robert Buchholz
[SECURITY] [DSA 1547-1] New OpenOffice.org packages fix arbitrary code execution,
Martin Schulze
[oCERT-2008-004] multiple speex implementations insufficient boundary checks,
Andrea Barisani
[ MDVSA-2008:087 ] - Updated policykit package fixes format string vulnerability,
security
FreeBSD Security Advisory FreeBSD-SA-08:05.openssh,
FreeBSD Security Advisories
ZDI-08-022: Apple Safari WebKit PCRE Handling Integer Overflow Vulnerability,
zdi-disclosures
Classifieds Caffe (index.php cat_id) Remote SQL Injection,
sys-project
iDefense Security Advisory 04.15.08: Oracle Application Express Privilege Escalation Vulnerability,
iDefense Labs
iDefense Security Advisory 04.09.08: IBM DB2 Universal Database db2dasStartStopFMDaemon Buffer Overflow Vulnerability,
iDefense Labs
iDefense Security Advisory 04.09.08: IBM DB2 Universal Database Administration Server File Creation Vulnerability,
iDefense Labs
Cisco Security Advisory: Cisco Network Admission Control Shared Secret Vulnerability,
Cisco Systems Product Security Incident Response Team
CA DSM gui_cm_ctrls ActiveX Control Vulnerability,
Williams, James K
Oracle - Hardcoded Password and Password Reset of OUTLN User [DB13],
ak
[INFIGO-2008-04-08]: ICQ 6 remote buffer overflow vulnerability,
infocus
Oracle - SQL Injection Vulnerability in SDO_UTIL [DB05],
ak
Oracle - SQL Injection in package SDO_IDX [DB07],
ak
BigAnt Server 2.2 PreAuth Remote SEH Overflow Exploit (0day),
admin
VMSA-2008-0007 Moderate Updated Service Console packages pcre, net-snmp, and OpenPegasus,
VMware Security team
Carbon Communities forum Multiple Vulnerabilities.,
admin
Oracle - SQL Injection in package SDO_GEOM [DB06],
ak
DIVX Player <= 6.7.0 Buffer Overflow PoC ( .SRT ),
securfrog
iDefense Security Advisory 04.14.08: ClamAV libclamav PE WWPack Heap Overflow Vulnerability,
iDefense Labs
remote file include,
win32 . exe
Koobi Pro 6.25 poll Remote SQL Injection Vulnerability,
Sabun
WordPress 2.5 - Salt cracking vulnerability,
J. Carlos Nieto
Koobi CMS 4.2.4/4.2.5/4.3.0 Multiple Remote SQL Injection Vulnerabilities,
sys-project
[SECURITY] [DSA 1540-2] New lighttpd packages fix denial of service,
Steve Kemp
[ MDVSA-2008:086 ] - Updated kernel packages fix vulnerability,
security
Re: Secunia Research: Lotus Notes Folio Flat File Parsing Buffer Overflows,
Luigi Auriemma
BosNews 2002-2006 Remote add user admin,
houssamix
clamav: Endless loop / hang with crafter arj, CVE-2008-1387,
Hanno Böck
BosNews v4.0 Remote add user admin,
houssamix
[ MDVSA-2008:085 ] - Updated python packages fix arbitrary code execution vulnerability,
security
Dotclear 'ecrire/images.php' Arbitrary File Upload Vulnerability,
Morgan ARMAND
[ GLSA 200804-13 ] Asterisk: Multiple vulnerabilities,
Robert Buchholz
[ GLSA 200804-15 ] libpng: Execution of arbitrary code,
Robert Buchholz
KwsPHP (Upload) Remote Code Execution Exploit,
ajax
[ GLSA 200804-14 ] Opera: Multiple vulnerabilities,
Robert Buchholz
[USN-601-1] Squid vulnerability,
Jamie Strandboge
Fones Clinic Mart SQL,
turkish-warriorr
S21SEC-043-en:Cezanne SW Blind SQL Injection,
S21sec labs
S21SEC-042-en:Cezanne SW Cross-Site Scripting (login required),
S21sec labs
S21SEC-041-en:Cezanne SW Cross-Site Scripting,
S21sec labs
Secunia Research: Internet Explorer Data Stream Handling Vulnerability,
Secunia Research
Secunia Research: Autonomy Keyview Applix Graphics Parsing Vulnerabilities,
Secunia Research
Secunia Research: activePDF DocConverter Applix Graphics Parsing Vulnerabilities,
Secunia Research
Secunia Research: Symantec Mail Security Applix Graphics Parsing Vulnerabilities,
Secunia Research
Secunia Research: Autonomy Keyview EML Reader Buffer Overflows,
Secunia Research
Secunia Research: HP OpenView Network Node Manager OpenView5.exe Directory Traversal,
Secunia Research
Secunia Research: Lotus Notes EML Reader Buffer Overflows,
Secunia Research
Secunia Research: Autonomy Keyview Folio Flat File Parsing Buffer Overflows,
Secunia Research
Secunia Research: Lotus Notes Folio Flat File Parsing Buffer Overflows,
Secunia Research
DOINGSOFT-2008-03-10-001 - XSS issue in BOXiR2,
Sebastien gioria
[Index of Archives]
[Netfilter]
[Security]
[PHP]
[Linux Kernel]
