NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 2007-04

492 messages sorted by: [ date ] [ thread ] [ subject ]

Starting: Mon Apr 02 2007 - 10:29:04 CDT
Ending: Mon Apr 30 2007 - 14:34:50 CDT

1one1lifeisbeginer.org
- Sphider Version 1.2.x (include_dir) file include (Sat Apr 28 2007 - 02:45:44 CDT)
3APA3A
- Re[2]: Windows DNS Cache Poisoning by Forwarder DNS Spoofing (Tue Apr 17 2007 - 15:49:59 CDT)
- Re[2]: APOP vulnerability (Tue Apr 03 2007 - 11:50:15 CDT)
- Re: APOP vulnerability (Tue Apr 03 2007 - 03:22:12 CDT)
?? ???? ??????
- Sitebar 3.3.5 (index.php writerFile)Remote File Include Vulnerabilities (Sat Apr 14 2007 - 13:53:27 CDT)
adminmajorsecurity.de
- [MajorSecurity Advisory #46]Plogger - Session fixation Issue (Tue Apr 24 2007 - 14:29:56 CDT)
- [MajorSecurity Advisory #45]oe2edit CMS - Cross Site Scripting and Cookie Manipulation Issue (Sun Apr 15 2007 - 02:19:02 CDT)
- [MajorSecurity Advisory #44]MailBee WebMail Pro - Cross Site Scripting Issue (Fri Apr 13 2007 - 09:05:20 CDT)
- [MajorSecurity Advisory #43]Calacode ATMail 5.0 - Cross Site Scripting and Cookie Manipulation Issue (Wed Apr 11 2007 - 13:08:22 CDT)
ajannhwthotmail.com
- CmailServer WebMail <= V.5.3.4 (signup) Remote XSS Exploit (Sat Apr 07 2007 - 13:37:01 CDT)
akred-database-security.com
- Advisory: XSS Vulnerability in Oracle Secure Enterprise Search [SES01] (Wed Apr 18 2007 - 03:06:11 CDT)
- Advisory: Shutdown unprotected Oracle TNS Listener via Oracle Discoverer Servlet [AS01] (Wed Apr 18 2007 - 03:07:29 CDT)
- Advisory: SQL Injection in package SYS.DBMS_UPGRADE_INTERNAL (Wed Apr 18 2007 - 03:04:20 CDT)
- Advisory: SQL Injection in package SYS.DBMS_AQADM_SYS (Wed Apr 18 2007 - 03:03:27 CDT)
- Advisory: Bypass Oracle Logon Trigger (Wed Apr 18 2007 - 03:01:09 CDT)
Akamai Security Team
- Akamai Technologies Security Advisory 2007-0001 (Mon Apr 16 2007 - 15:08:10 CDT)
Alexander Klimov
- Re: On-going Internet Emergency and Domain Names (Sun Apr 08 2007 - 01:39:48 CDT)
alijsbyahoo.com
- :doruk100net >> RFI (Wed Apr 25 2007 - 05:56:36 CDT)
- download engine V1.4.1 >> RFI (local) (Wed Apr 25 2007 - 13:59:23 CDT)
- nucleus 3.22 >> RFI (Wed Apr 25 2007 - 13:54:20 CDT)
- comus 2.0 Final >> RFI (Wed Apr 25 2007 - 05:56:14 CDT)
- Built2Go_PHP_Link_Portal_v1.79 >> RFI (Wed Apr 25 2007 - 05:56:00 CDT)
- Searchactivity >> RFI (Wed Apr 25 2007 - 05:56:49 CDT)
- B2 Weblog and News Publishing Tool v0.6.1 >> RFI (Wed Apr 25 2007 - 05:55:39 CDT)
- adrevenue script (CyKuH.com)>> RFI (Wed Apr 25 2007 - 05:55:14 CDT)
- Shop-Script v 2.0 >> RFI (Wed Apr 25 2007 - 05:54:42 CDT)
- phpMYTGP v v1.4b >> RFI (Wed Apr 25 2007 - 05:54:09 CDT)
- netbingo v 2000 >> RFI (Wed Apr 25 2007 - 05:53:26 CDT)
- DynaTracker &v151>> RFI (Wed Apr 25 2007 - 05:56:50 CDT)
- HTMLeditbox & 2.2 >> RFI (Wed Apr 25 2007 - 05:52:50 CDT)
- HYIP Manager Pro Script >> Remote file Include (Wed Apr 25 2007 - 02:41:08 CDT)
- MyNewsGroups >> RFI in include.php (Tue Apr 24 2007 - 17:45:42 CDT)
Andrea \
- Re: [Full-disclosure] [RECTIFY] Oracle 10g exploit - dbms_aq.enqueue - become DBA (Tue Apr 03 2007 - 08:14:33 CDT)
- 0day Oracle 10g exploit - dbms_aq.enqueue - become DBA (Mon Apr 02 2007 - 05:33:12 CDT)
Andrea Purificato - bunker
- Re: 0day Oracle 10g exploit - dbms_aq.enqueue - become DBA (Mon Apr 02 2007 - 13:32:34 CDT)
Andreas Beck
- Re: Steganos Encrypted Safe NOT so safe (Fri Apr 13 2007 - 19:28:42 CDT)
announcementswebappsec.org
- WASC-Articles: 'The business case for security frameworks' (Sun Apr 22 2007 - 13:13:12 CDT)
ascii
- Re: [Full-disclosure] Cross Domain XMLHttpRequest (Sun Apr 15 2007 - 16:21:36 CDT)
asdasd asdsadas
- Allfaclassfieds (level2.php dir) remote file inclusion (Sun Apr 22 2007 - 02:08:30 CDT)
- New bug :) (Wed Apr 11 2007 - 07:17:31 CDT)
- nEw Bug :D (Wed Apr 11 2007 - 10:33:53 CDT)
BlackHawk
- Re: claroline <= Multiple Remote File Include Vulnerablitiy (Mon Apr 23 2007 - 14:27:26 CDT)
- MyBlog <= 0.9.8 Remote Command Execution Exploit (Sun Apr 15 2007 - 12:07:30 CDT)
Blue Boar
- Re: [Full-disclosure] [WEB SECURITY] Persistent CSRF and The Hotlink Hell (Mon Apr 16 2007 - 20:09:46 CDT)
Bob Fiero
- Re: On-going Internet Emergency and Domain Names (Mon Apr 02 2007 - 09:18:08 CDT)
Bojan Zdrnja
- Re: Windows DNS Cache Poisoning by Forwarder DNS Spoofing (Wed Apr 18 2007 - 08:25:01 CDT)
BorN To K!LL BorN To K!LL
- Gizzar <= (basePath) Remote File Include Vulnerability (Mon Apr 16 2007 - 14:33:43 CDT)
- 2BGal 3.1.1 <= (admin/index.php) Remote File Include Vulnerability (Sat Mar 31 2007 - 14:38:04 CDT)
C. Bergström
- Re: Internet Explorer Crash (Thu Apr 19 2007 - 02:47:44 CDT)
Cesar
- [Argeniss] Hacking Databases for owning your data (paper) (Thu Apr 12 2007 - 18:24:03 CDT)
Chris Kelly
- Re: gallery >> 1.5.6 Remote File Inclusion (Tue Apr 24 2007 - 12:34:13 CDT)
Chris Travers
- ACLS ineffective in SQL-Ledger and LedgerSMB (Fri Apr 06 2007 - 01:48:25 CDT)
- LedgerSMB 1.2.0 finally released, fixes CVE-2006-5589 (Thu Apr 05 2007 - 00:16:07 CDT)
Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Default Passwords in NetFlow Collection Engine (Wed Apr 25 2007 - 11:01:26 CDT)
- Cisco Security Advisory: Multiple Vulnerabilities in the Cisco Wireless Control System (Thu Apr 12 2007 - 11:00:00 CDT)
- Cisco Security Advisory: Multiple Vulnerabilities in the Cisco Wireless LAN Controller and Cisco Lightweight Access Points (Thu Apr 12 2007 - 11:00:00 CDT)
come2waraxeyahoo.com
- [waraxe-2007-SA#049] - Multiple vulnerabilities in Phorum 5.1.20 (Thu Apr 19 2007 - 11:33:00 CDT)
- [waraxe-2007-SA#048] - Multiple vulnerabilities in Virtual War 1.5 module for PhpNuke (Fri Apr 13 2007 - 11:01:13 CDT)
contactwebappsec.org
- WASC-Articles: 'The Importance of Application Classification in Secure Application Development' (Mon Apr 16 2007 - 01:34:49 CDT)
crazy_kingeno7.org
- GHH Portal 1.1 (passwd.txt) Remote Password Disclosure Vulnerability (Mon Apr 30 2007 - 06:10:51 CDT)
- Joomla/Mambo Jambook v1.0 beta7 Rfi Vuln. (Sun Apr 15 2007 - 02:04:04 CDT)
CYBSEC Advisories
- CYBSEC Security Pre-Advisory: SAP RFC_SET_REG_SERVER_PROPERTY RFC Function Denial Of Service (Wed Apr 04 2007 - 07:51:45 CDT)
- CYBSEC Security Pre-Advisory: SAP SYSTEM_CREATE_INSTANCE RFC Function Buffer Overflow (Wed Apr 04 2007 - 07:48:15 CDT)
- CYBSEC Security Pre-Advisory: SAP RFC_START_GUI RFC Function Buffer Overflow (Wed Apr 04 2007 - 07:47:50 CDT)
- CYBSEC Security Pre-Advisory: SAP RFC_START_PROGRAM RFC Function Multiple Vulnerabilities (Wed Apr 04 2007 - 07:47:39 CDT)
- CYBSEC Pre-Advisory: SAP TRUSTED_SYSTEM_SECURITY RFC Function Information Disclosure (Wed Apr 04 2007 - 07:47:29 CDT)
d4rksofthotmail.com
- Re: Latinchat Denial Of Service (Sun Apr 08 2007 - 08:08:27 CDT)
Daniel Veditz
- Re: [WEB SECURITY] Firefox extensions go Evil - Critical Vulnerabilities in Firefox/Firebug (Wed Apr 04 2007 - 18:53:43 CDT)
Dave Walker
- Re: Internet Explorer Crash (Thu Apr 19 2007 - 10:55:36 CDT)
David Litchfield
- Analysis of the Oracle April 2007 Critical Patch Update (Wed Apr 18 2007 - 10:02:31 CDT)
- Three New Papers on Oracle Forensics (Wed Apr 04 2007 - 07:29:06 CDT)
deanbrettle.com
- NeatUpload vulnerability and fix (Fri Apr 20 2007 - 01:40:38 CDT)
Denis Jedig
- Re: Exploiting Microsoft dynamic Dns updates (Tue Apr 03 2007 - 02:55:15 CDT)
dharmeshmmgmail.com
- Security Concerns in Web 2.0 (Fri Apr 27 2007 - 08:18:15 CDT)
dj_remix_20hotmail.com
- Burak Yılmaz Blog (tr) v1.0 SQL injection vulnerability (Thu Apr 26 2007 - 11:50:24 CDT)
Dr.Ninuxbsdmail.org
- ImageProcessing ... Local (Denial of Service Exploit) (Tue Apr 24 2007 - 10:52:05 CDT)
eEye Advisories
- EEYE: Windows Vista CSRSS Dangling Process Pointer Privilege Escalation (Tue Apr 10 2007 - 12:58:09 CDT)
- EEYE: Windows VDM Zero Page Race Condition Privilege Escalation (Tue Apr 10 2007 - 12:57:36 CDT)
elflord91hotmail.com
- Re: Internet Explorer Crash (Wed Apr 18 2007 - 10:22:14 CDT)
encytemediagmail.com
- Re: Cross site scripting in mephisto 0.7.3 (Thu Apr 12 2007 - 15:07:45 CDT)
Fergie
- Re: [funsec] Re: [Full-disclosure] A Botted Fortune 500 a Day (Tue Apr 17 2007 - 18:28:39 CDT)
Foresight Linux Essential Announcement Service
- FLEA-2007-0015-1: gimp (Mon Apr 30 2007 - 13:51:59 CDT)
- FLEA-2007-0014-1: vim (Mon Apr 30 2007 - 12:11:52 CDT)
- FLEA-2007-0012-1: madwifi (Sun Apr 22 2007 - 21:36:05 CDT)
- FLEA-2007-0013-1: xine-lib (Mon Apr 23 2007 - 14:53:13 CDT)
- FLEA-2007-0011-1: lighttpd (Fri Apr 20 2007 - 14:46:13 CDT)
- FLEA-2007-0010-1: evolution (Thu Apr 05 2007 - 14:41:29 CDT)
- FLEA-2007-0009-1: xorg-x11 freetype (Thu Apr 05 2007 - 13:56:34 CDT)
- FLEA-2007-0008-1: krb5 (Thu Apr 05 2007 - 13:52:50 CDT)
- FLEA-2007-0006-1: ImageMagick (Tue Apr 03 2007 - 13:15:44 CDT)
- FLEA-2007-0007-1: nas (Tue Apr 03 2007 - 14:58:04 CDT)
- FLEA-2007-0006-2: ImageMagick (Tue Apr 03 2007 - 13:18:52 CDT)
frankrizzo604gmail.com
- Steganos Encrypted Safe NOT so safe (Wed Apr 11 2007 - 13:30:13 CDT)
FreeBSD Security Advisories
- FreeBSD Security Advisory FreeBSD-SA-07:03.ipv6 (Thu Apr 26 2007 - 18:49:47 CDT)
Gadi Evron
- Re: [exploits] RPC vuln in DNS Server (fwd) (Sat Apr 14 2007 - 19:23:16 CDT)
- Re: Critical phpwiki c99shell exploit (Thu Apr 12 2007 - 11:50:19 CDT)
- Re: 0day Oracle 10g exploit - dbms_aq.enqueue - become DBA (Mon Apr 02 2007 - 13:12:04 CDT)
- More information on ZERT patch for ANI 0day (Sun Apr 01 2007 - 21:19:39 CDT)
- MS announces out-of-band patch for ANI 0day (Sun Apr 01 2007 - 21:42:56 CDT)
Gaëtan LEURENT
- Re: APOP vulnerability (Tue Apr 03 2007 - 11:18:04 CDT)
- APOP vulnerability (Mon Apr 02 2007 - 10:13:28 CDT)
gmdarkfiggmail.com
- PunBB <= 1.2.14 Multiple Vulnerabilities (Advisory) (Wed Apr 11 2007 - 10:23:55 CDT)
- PunBB <= 1.2.14 Remote Code Execution (Exploit) (Wed Apr 11 2007 - 10:24:47 CDT)
- MyBulletinBoard (MyBB) <= 1.2.3 Remote Code Execution Exploit (Tue Apr 03 2007 - 09:18:48 CDT)
GomoR
- Re: Nine Vista CVEs, including Microsoft inaccurate Teredo use case documentation (Sat Apr 07 2007 - 10:44:03 CDT)
Greg Merideth
- RE: Yet another SQL injection framework (Mon Apr 23 2007 - 15:03:39 CDT)
Guillermo Marro
- Re: Yet another SQL injection framework (file corruption) (Fri Apr 20 2007 - 06:56:29 CDT)
- Yet another SQL injection framework (Thu Apr 19 2007 - 13:44:26 CDT)
Hanno BÃ¶ck
- Cross site scripting in mephisto 0.7.3 (Wed Apr 11 2007 - 18:44:06 CDT)
- CVE-2007-1872: Cross site scripting in toendaCMS 1.5.3 (Wed Apr 11 2007 - 18:43:09 CDT)
- CVE-2007-1871: Cross site scripting in chcounter 3.1.3 (Wed Apr 11 2007 - 18:42:11 CDT)
iDefense Labs
- iDefense Security Advisory 04.27.07: VMware Workstation Shared Folders Directory Traversal Vulnerability (Mon Apr 30 2007 - 11:46:46 CDT)
- iDefense Security Advisory 04.26.07: Symantec Norton Ghost 10 Recovery Points Insecure Password Storage Vulnerability (Fri Apr 27 2007 - 11:29:42 CDT)
- iDefense Security Advisory 04.26.07: Symantec Norton Ghost 10 Service Manager Buffer Overflow Vulnerability (Fri Apr 27 2007 - 11:28:49 CDT)
- iDefense Security Advisory 04.26.07: Novell eDirectory NCP Fragment Denial of Service Vulnerability (Thu Apr 26 2007 - 15:09:49 CDT)
- iDefense Security Advisory 04.20.07: Check Point Zone Labs SRESCAN IOCTL Local Privilege Escalation Vulnerability (Fri Apr 20 2007 - 13:39:32 CDT)
- iDefense Security Advisory 04.17.07: McAfee E-Business Admin Server Invalid Data Length DoS Vulnerability (Tue Apr 17 2007 - 19:20:35 CDT)
- iDefense Security Advisory 04.17.07: McAfee VirusScan On-Access Scanner Long Unicode File Name Buffer Overflow (Tue Apr 17 2007 - 19:15:15 CDT)
- iDefense Security Advisory 04.16.07: Akamai Download Manager ActiveX Stack Buffer Overflow Vulnerability (Mon Apr 16 2007 - 18:23:34 CDT)
- iDefense Security Advisory 04.16.07: ClamAV CAB File Unstore Buffer Overflow Vulnerability (Mon Apr 16 2007 - 11:30:37 CDT)
- iDefense Security Advisory 04.12.07: Hewlett Packard HP-UX Remote pfs_mountd.rpc Buffer Overflow Vulnerability (Thu Apr 12 2007 - 15:16:29 CDT)
- iDefense Security Advisory 04.11.07: Apache HTTPD suEXEC Multiple Vulnerabilities (Wed Apr 11 2007 - 15:53:52 CDT)
- iDefense Security Advisory 04.10.07: Microsoft Windows Universal Plug and Play Memory Corruption Vulnerability (Tue Apr 10 2007 - 13:59:50 CDT)
- iDefense Security Advisory 04.09.07: AOL AIM and ICQ File Transfer Path-Traversal Vulnerability (Mon Apr 09 2007 - 16:32:50 CDT)
- iDefense Security Advisory 04.04.07: ESRI ArcSDE Buffer Overflow Vulnerability (Wed Apr 04 2007 - 20:37:56 CDT)
- iDefense Security Advisory 04.04.07: Kaspersky Internet Security Suite klif.sys Heap Overflow Vulnerability (Wed Apr 04 2007 - 18:38:13 CDT)
- iDefense Security Advisory 04.04.07: Kaspersky AntiVirus SysInfo ActiveX Control Information Disclosure Vulnerability (Wed Apr 04 2007 - 18:38:09 CDT)
- iDefense Security Advisory 04.03.07: Multiple Vendor X Server BDF Font Parsing Integer Overflow Vulnerability (Tue Apr 03 2007 - 18:43:38 CDT)
- iDefense Security Advisory 04.03.07: Multiple Vendor X Server XC-MISC Extension Memory Corruption Vulnerability (Tue Apr 03 2007 - 18:45:53 CDT)
- iDefense Security Advisory 04.03.07: Multiple Vendor X Server fonts.dir File Parsing Integer Overflow Vulnerability (Tue Apr 03 2007 - 18:44:34 CDT)
- iDefense Security Advisory 04.03.07: Multiple Vendor Kerberos kadmind Buffer Overflow Vulnerability (Tue Apr 03 2007 - 14:21:48 CDT)
- iDefense Security Advisory 04.03.07: Microsoft Windows WMF Triggerable Kernel Design Error DoS Vulnerability (Tue Apr 03 2007 - 13:06:21 CDT)
- iDefense Security Advisory 03.31.07: IBM Tivoli Provisioning Manager for OS Deployment Multiple Vulnerabilities (Mon Apr 02 2007 - 15:43:21 CDT)
- iDefense Security Advisory 04.02.07: Hewlett-Packard Mercury Quality Center ActiveX Control ProgColor Buffer Overflow Vulnerability (Mon Apr 02 2007 - 13:36:52 CDT)
- iDefense Security Advisory 03.31.07: Multiple Vendor ImageMagick DCM and XWD Buffer Overflow Vulnerabilities (Mon Apr 02 2007 - 10:52:29 CDT)
ijoo.kerengmail.com
- Re: Sphider Version 1.2.x (include_dir) file include (Mon Apr 30 2007 - 13:18:24 CDT)
ilkerkandemirmynet.com
- E-Annu (home.php) Remote SQL Injection Vulnerability (Mon Apr 30 2007 - 13:49:18 CDT)
- Seir Anphin (file.php a[filepath]) Remote File Disclosure Vulnerability (Sat Apr 28 2007 - 08:01:59 CDT)
- EsForum <= 3.0 SQL Injection Vulnerability (Sun Apr 22 2007 - 10:45:03 CDT)
info
- CfP Hack.lu 2007 (Thu Apr 19 2007 - 06:40:26 CDT)
infobloofox.com
- Re: bloofoxCMS 0.2.2 Remote File Include Vulnerabilitiy (Tue Apr 17 2007 - 11:55:58 CDT)
infohackerz.ir
- blogsystem 1.4 >> local & remote = -rfi & lfi & -xss (Wed Apr 25 2007 - 10:25:46 CDT)
- sunshop v4 >> RFI (Wed Apr 25 2007 - 10:38:16 CDT)
infocusinfigo.hr
- INFIGO-2007-04-05: Enterprise Security Analyzer server remote buffer overflows (Thu Apr 12 2007 - 04:13:12 CDT)
InyeXiongmail.com
- Post Revolution Remote File Inclusion (Sun Apr 22 2007 - 17:16:59 CDT)
- bibtex mase Remote File Inclusion (Sun Apr 22 2007 - 14:13:41 CDT)
- File117 Remote File Inclusion (Sun Apr 22 2007 - 13:50:14 CDT)
- lms 1.5.3 Remote File Inclusion (Sun Apr 22 2007 - 14:21:35 CDT)
Irene Abezgauz
- Security Advisory: CA CleverPath SQL Injection (Tue Apr 24 2007 - 11:59:56 CDT)
irvian_yoeyahoo.com
- Pixaria Gallery 1.0 (class.Smarty.php) Remote File Include Vulnerability (Sat Apr 14 2007 - 13:20:48 CDT)
Ivan Fratric
- PHP <= 5.2.1 wbmp file handling integer overflow (Sat Apr 07 2007 - 05:10:42 CDT)
- Several Windows image viewers vulnerabilities (Wed Apr 04 2007 - 03:03:35 CDT)
J. Oquendo
- Internet Explorer Crash (Tue Apr 17 2007 - 12:09:13 CDT)
Jamie Riden
- Re: GHH Portal 1.1 (passwd.txt) Remote Password Disclosure Vulnerability (Mon Apr 30 2007 - 11:20:38 CDT)
- Re: [Full-disclosure] A Botted Fortune 500 a Day (Fri Apr 13 2007 - 10:05:27 CDT)
- Re: [Full-disclosure] A Botted Fortune 500 a Day (Fri Apr 13 2007 - 09:03:11 CDT)
- Re: Critical phpwiki c99shell exploit (Thu Apr 12 2007 - 11:59:25 CDT)
jamikazugmail.com
- Windows XP/Vista (.ANI) Remote Exploit (bypass eeye patch) (Sun Apr 01 2007 - 19:02:47 CDT)
Jason Frisvold
- Re: More information on ZERT patch for ANI 0day (Tue Apr 03 2007 - 20:20:33 CDT)
- Re: More information on ZERT patch for ANI 0day (Tue Apr 03 2007 - 21:39:54 CDT)
jasus
- Re: Maplab <= 2.2.1 (gszAppPath) Remote File Inclusion Vulnerability (Mon Apr 02 2007 - 14:02:03 CDT)
jd2k2000hotmail.com
- ShoutPro 1.5.2 - arbitrary code execution (Tue Apr 17 2007 - 14:59:08 CDT)
- LS simple guestbook - arbitrary code execution (Sat Apr 14 2007 - 22:53:22 CDT)
- Chatness <= 2.5.3 - Arbitrary Code Execution (Thu Apr 12 2007 - 16:20:26 CDT)
- E107 - (v0.7.8) Access Escalation Vulnerbility - PoC (Wed Apr 11 2007 - 18:31:25 CDT)
Jeremy Epstein
- webMethods Security Advisory: Glue console directory traversal vu lnerability (Tue Apr 17 2007 - 10:42:22 CDT)
Jim Hoagland
- Re: Nine Vista CVEs, including Microsoft inaccurate Teredo use case documentation (Thu Apr 05 2007 - 18:46:06 CDT)
- Nine Vista CVEs, including Microsoft inaccurate Teredo use case documentation (Tue Apr 03 2007 - 16:23:21 CDT)
johnmartinelli.com
- phpMySpace Gold (v8.10) - Blind SQL/XPath Injection Exploit (Sun Apr 22 2007 - 17:23:32 CDT)
- Ripe Website Manager (<= 0.8.4) - SQL Injection Vulnerability and Cross-Site Scripting Exploit (Sun Apr 22 2007 - 17:11:21 CDT)
- NuclearBB Alpha 1 - Multiple Blind SQL/XPath Injection Vulnerabilities (Wed Apr 18 2007 - 14:16:26 CDT)
- CodeBreak (codebreak.php process_method) - Remote File Inclusion Vulnerability (Wed Apr 11 2007 - 13:25:52 CDT)
- QuizShock 1.6.1 - Cross-Site Scripting Vulnerability (Sat Apr 07 2007 - 23:35:26 CDT)
- DeskPRO v2.0.1 - Cross-Site Scripting Vulnerability (Sun Apr 08 2007 - 10:04:15 CDT)
- UBB.threads (<= 6.1.1) SQL Injection Vulnerability (Sat Apr 07 2007 - 23:35:52 CDT)
Jon Oberheide
- Cosign SSO Authentication Bypass (Wed Apr 11 2007 - 10:04:44 CDT)
jonnynop-art.net
- Aircrack-ng (airodump-ng) remote buffer overflow vulnerability (Thu Apr 12 2007 - 12:32:51 CDT)
k4rtalgmail.com
- phpMyChat-0.14.5 (Sat Apr 14 2007 - 10:25:42 CDT)
- Maian Weblog v3.1 (Sat Apr 14 2007 - 10:24:43 CDT)
- Flip-search-add-on 2.0 (Sat Apr 14 2007 - 10:23:33 CDT)
- MySpeach v1.9 (Sat Apr 14 2007 - 10:25:10 CDT)
- B2evolution 1.6 RFi (Sat Apr 14 2007 - 10:22:25 CDT)
- Maian Gallery v1.0 (Sat Apr 14 2007 - 10:22:57 CDT)
- Maian Search v1.1 (Sat Apr 14 2007 - 10:24:03 CDT)
- Scorp Book <== v1.0 (smilies.php) Remote File Include Exploit (Sun Apr 08 2007 - 03:46:55 CDT)
Kanedaaa Bohater
- DirectAdmin persistant XSS [takeover an Administrator`s account] (Sat Mar 31 2007 - 22:36:44 CDT)
Kees Cook
- [USN-453-1] X.org vulnerability (Wed Apr 18 2007 - 17:41:20 CDT)
- [USN-452-1] KDE library vulnerability (Wed Apr 11 2007 - 17:22:11 CDT)
- [USN-451-1] Linux kernel vulnerabilities (Tue Apr 10 2007 - 19:08:50 CDT)
- [USN-450-1] ipsec-tools vulnerability (Mon Apr 09 2007 - 16:49:54 CDT)
- [USN-448-1] X.org vulnerabilities (Tue Apr 03 2007 - 18:51:51 CDT)
- [USN-449-1] krb5 vulnerabilities (Tue Apr 03 2007 - 20:34:13 CDT)
Kevin Finisterre (lists)
- Re: Internet Explorer Crash (Wed Apr 18 2007 - 23:00:28 CDT)
- Re: Mybb Hot Editor Plugin Local File Inclusion (Mon Apr 09 2007 - 12:08:18 CDT)
Kevin P. Fleming
- ASA-2007-012: Remote Crash Vulnerability in Manager Interface (Wed Apr 25 2007 - 14:04:30 CDT)
- ASA-2007-011: Multiple problems in SIP channel parser handling response codes (Wed Apr 25 2007 - 14:04:20 CDT)
- ASA-2007-010: Two stack buffer overflows in SIP channel's T.38 SDP parsing code (Wed Apr 25 2007 - 14:04:11 CDT)
Layer One
- LayerOne 2007 - Speaker Line up Announced (Fri Apr 06 2007 - 11:50:48 CDT)
legolas558users.sourceforge.net
- Re: Drake CMS v0.3.2 < = RFi Vulnerabilities (Mon Apr 02 2007 - 10:32:45 CDT)
liz0expw0rm.com
- Re: Re: Mybb Hot Editor Plugin Local File Inclusion (Mon Apr 09 2007 - 14:30:50 CDT)
- Hot Editor v4.0 Local File Inclusion (Mon Apr 09 2007 - 08:42:37 CDT)
- Mybb Hot Editor Plugin Local File Inclusion (Mon Apr 09 2007 - 08:40:18 CDT)
Lostmongmail.com
- Re: sitex multiple vulnerabilities (Sat Apr 14 2007 - 13:34:24 CDT)
mailhackberry.ath.cx
- Request It : Song Request System 1.0b - remote file inclusion (Mon Apr 09 2007 - 06:53:35 CDT)
Makoto Shiotsuki
- Re: Windows DNS Cache Poisoning by Forwarder DNS Spoofing (Wed Apr 18 2007 - 00:26:41 CDT)
- Re: Windows DNS Cache Poisoning by Forwarder DNS Spoofing (Tue Apr 17 2007 - 11:30:35 CDT)
- Windows DNS Cache Poisoning by Forwarder DNS Spoofing (Mon Apr 16 2007 - 01:03:50 CDT)
Marco Ivaldi
- Re: Denial of Service Vulnerabilities in TrueCrypt 4.3 Linux (re. bid 23180) (Wed Apr 04 2007 - 07:12:07 CDT)
Mariano Nuñez Di Croce
- CYBSEC Release: SAP Security - Paper & Tool release (Wed Apr 04 2007 - 08:03:44 CDT)
Martin Pitt
- [USN-454-1] PostgreSQL vulnerability (Fri Apr 27 2007 - 08:26:31 CDT)
- [USN-455-1] PHP vulnerabilities (Fri Apr 27 2007 - 07:10:26 CDT)
- [USN-453-2] rdesktop regression (Thu Apr 26 2007 - 06:24:02 CDT)
Matousec - Transparent security Research
- ZoneAlarm Multiple insufficient argument validation of hooked SSDT function Vulnerability (Sun Apr 15 2007 - 04:41:52 CDT)
- Norton Multiple insufficient argument validation of hooked SSDT function Vulnerability (Sun Apr 01 2007 - 02:39:15 CDT)
Matteo Beccati
- [OPENADS-SA-2007-004] Max Media Manager v0.1.29-rc and v0.3.31-alpha-pr2 vulnerability fixed (Fri Apr 13 2007 - 05:16:56 CDT)
- [OPENADS-SA-2007-003] Openads 2.0.11 vulnerability fixed (Fri Apr 13 2007 - 05:16:40 CDT)
Matthew Dixon Cowles
- Re: Windows DNS Cache Poisoning by Forwarder DNS Spoofing (Wed Apr 18 2007 - 16:40:26 CDT)
Matthew Murphy
- Re: [Full-disclosure] More information on ZERT patch for ANI 0day (Tue Apr 03 2007 - 12:32:31 CDT)
Matthias Geerdsen
- [ GLSA 200704-21 ] ClamAV: Multiple vulnerabilities (Tue Apr 24 2007 - 10:36:47 CDT)
- [ GLSA 200704-11 ] Vixie Cron: Denial of Service (Mon Apr 16 2007 - 13:51:13 CDT)
- [ GLSA 200704-10 ] Inkscape: Two format string vulnerabilities (Mon Apr 16 2007 - 09:36:54 CDT)
- [ GLSA 200704-08 ] DokuWiki: Cross-site scripting vulnerability (Thu Apr 12 2007 - 09:03:13 CDT)
mballanogmail.com
- Microsoft DNS Server Remote Code execution: Analysis and exploit (Sun Apr 15 2007 - 22:15:47 CDT)
meftunmeftunnet.com
- Mambo/Joomla Component New Article Component RFI (Sun Apr 15 2007 - 08:58:07 CDT)
- VCDGear <= 3.56 Build 050213 (FILE) Local Code Execution Exploit (Sat Apr 14 2007 - 06:49:22 CDT)
Michal Bucko
- WS_FTP Home 2007 NetscapeFTPHandler denial of service (Sat Apr 21 2007 - 15:42:26 CDT)
- RaidenFTPd IXceedCompression multiple denial of service vulnerabilities (Thu Apr 19 2007 - 16:31:51 CDT)
- Multiple Ask IE Toolbar denial of service vulnerabilities (Tue Apr 17 2007 - 13:25:11 CDT)
- Netsprint Toolbar 1.1 arbitrary remote code vulnerability (Tue Apr 17 2007 - 06:01:00 CDT)
Michal Majchrowicz
- Cross Domain XMLHttpRequest (Sun Apr 15 2007 - 14:14:43 CDT)
- Mozilla Firefox Insecure Element Stealth Injection Vulnerability (Wed Apr 04 2007 - 06:29:14 CDT)
Michal Zalewski
- Re: Netsprint Toolbar 1.1 arbitrary remote code vulnerability (Tue Apr 17 2007 - 10:32:28 CDT)
Mike Ely
- Re: Internet Explorer Crash (Tue Apr 17 2007 - 18:02:08 CDT)
mike20061005webmail.co.za
- 3Com's TippingPoint Denial of Service (Tue Apr 24 2007 - 16:24:34 CDT)
MohandkoGmail.com
- acvsws_php5_v1.0 <= Multiple Remote File Include Vulnerablitiy (Sun Apr 22 2007 - 23:07:55 CDT)
- c-arbre <= Multiple Remote File Include Vulnerablitiy (Sun Apr 22 2007 - 10:02:18 CDT)
- PHPMyBibli <= Multiple Remote File Include (Sun Apr 22 2007 - 22:50:51 CDT)
- claroline <= Multiple Remote File Include Vulnerablitiy (Sun Apr 22 2007 - 10:00:45 CDT)
Moritz Muehlenhoff
- [SECURITY] [DSA 1283-1] New php5 packages fix several vulnerabilities (Sun Apr 29 2007 - 15:16:06 CDT)
- [SECURITY] [DSA 1282-1] New php4 packages fix several vulnerabilities (Thu Apr 26 2007 - 13:23:29 CDT)
- [SECURITY] [DSA 1281-1] New clamav packages fix several vulnerabilities (Wed Apr 25 2007 - 12:55:33 CDT)
- [SECURITY] [DSA 1280-1] New aircrack-ng packages fix arbitrary code execution (Tue Apr 24 2007 - 15:37:58 CDT)
- [SECURITY] [DSA 1279-1] New webcalendar packages fix cross-site scripting (Sun Apr 22 2007 - 09:58:35 CDT)
- [SECURITY] [DSA 1276-1] New krb5 packages fix several vulnerabilities (Tue Apr 03 2007 - 16:15:24 CDT)
mufti.rizalgmail.com
- Maplab <= 2.2.1 (gszAppPath) Remote File Inclusion Vulnerability (Mon Apr 02 2007 - 02:32:02 CDT)
nexusplayhack.net
- SineCMS (Thu Apr 26 2007 - 03:35:02 CDT)
NGSSoftware Insight Security Research
- High Risk Vulnerability in OpenOffice (Wed Apr 04 2007 - 11:32:00 CDT)
Nick Boyce
- Re: Yet another SQL injection framework (Fri Apr 20 2007 - 08:12:32 CDT)
Nick FitzGerald
- Re: [Full-disclosure] A Botted Fortune 500 a Day (Tue Apr 17 2007 - 18:05:30 CDT)
no-mailyahoo.fr
- Re: Linksys WAG200G - Information disclosure (Wed Apr 18 2007 - 12:51:05 CDT)
Noah Meyerhans
- [SECURITY] [DSA 1278-1] New man-db packages fix arbitrary code execution (Fri Apr 06 2007 - 11:31:33 CDT)
- [SECURITY] [DSA 1277-1] New XMMS packages fix arbitrary code execution (Wed Apr 04 2007 - 17:04:39 CDT)
- [SECURITY] [DSA 1275-1] New zope2.7 packages fix cross-site scripting flaw (Mon Apr 02 2007 - 18:24:41 CDT)
- [SECURITY] [DSA 1274-1] New file packages fix arbitrary code execution (Mon Apr 02 2007 - 07:10:57 CDT)
Oliver Friedrichs
- RE: Re[2]: Windows DNS Cache Poisoning by Forwarder DNS Spoofing (Wed Apr 18 2007 - 17:26:03 CDT)
Omid
- Remote file inclusion in Joomla 1.5.0 Beta (Mon Apr 23 2007 - 16:50:00 CDT)
omnipresentemail.it
- YA Book 0.98 Persistent XSS (Tue Apr 24 2007 - 10:28:29 CDT)
- turbolence core 0.0.1 alpha Remote File Inclusion (Sat Apr 21 2007 - 05:55:11 CDT)
- pL-PHP beta 0.9 - Multiple Vulnerabilities (Wed Apr 11 2007 - 02:39:25 CDT)
ottoottodestruct.com
- Re: WordPress v2.1.3 >> remote file include~ (Thu Apr 26 2007 - 09:44:02 CDT)
Patrick Webster
- webMethods Glue Management Console Directory Traversal (Wed Apr 11 2007 - 06:31:00 CDT)
Paul Laudanski
- Re: PHP Nuke <= 8.0.0.3.3b SQL Injections and Bypass SQL Injection Protection vulnerabilities (Wed Apr 18 2007 - 15:17:42 CDT)
Pavel Kankovsky
- Re: Denial of Service Vulnerabilities in TrueCrypt 4.3 Linux (re. bid 23180) (Sun Apr 01 2007 - 09:58:47 CDT)
pdp (architect)
- Persistent CSRF and The Hotlink Hell (Mon Apr 16 2007 - 10:09:56 CDT)
- Firefox extensions go Evil - Critical Vulnerabilities in Firefox/Firebug (Wed Apr 04 2007 - 14:23:41 CDT)
Piotr Bania
- AOL Nullsoft Winamp IT Module "IN_MOD.DLL" Remote Heap Memory Corruption (Fri Apr 06 2007 - 04:47:12 CDT)
- AOL Nullsoft Winamp S3M Module "IN_MOD.DLL" Remote Heap Memory Corruption (Fri Apr 06 2007 - 04:47:04 CDT)
- AOL Nullsoft Winamp LIBSNDFILE.DLL Remote Memory Corruption (Off By Zero) (Fri Apr 06 2007 - 04:46:53 CDT)
Praburaajan
- Reminder: HITBSecConf2007 - Malaysia: Call for Papers closing in 2 weeks (Wed Apr 18 2007 - 07:38:15 CDT)
programmerserbiansite.com
- NukeSentinel Bypass SQL Injection & Nuke Evolution <= 2.0.3 SQL Injections (Tue Apr 17 2007 - 20:59:15 CDT)
- PHP Nuke <= 8.0.0.3.3b SQL Injections and Bypass SQL Injection Protection vulnerabilities (Tue Apr 17 2007 - 07:42:56 CDT)
r00t-balancehotmail.com
- Gazi Okul Sitesi 2007(tr)(fotokategori.asp) Remote SQL Injection (Wed Apr 04 2007 - 15:21:23 CDT)
RaeDBsdMail.Com
- Remot File Include download_engine_V1.4.3 (Tue Apr 17 2007 - 09:51:09 CDT)
- Remot File Include In Script phphd_downloads (Tue Apr 17 2007 - 09:44:53 CDT)
- Remot File Include In Script Lore v1 (Sun Apr 08 2007 - 08:53:17 CDT)
- Take Control In Script Jeebles Directory (Sun Apr 08 2007 - 08:44:55 CDT)
- Remot File Include In phpexplorator_2_0 (Wed Apr 04 2007 - 12:02:35 CDT)
- Remote File Include In Script stat12 (Tue Apr 03 2007 - 11:42:25 CDT)
Raphael Marichez
- [ GLSA 200704-22 ] BEAST: Denial of Service (Fri Apr 27 2007 - 15:35:26 CDT)
- [ GLSA 200704-23 ] capi4k-utils: Buffer overflow (Fri Apr 27 2007 - 16:07:14 CDT)
- [ GLSA 200704-20 ] NAS: Multiple vulnerabilities (Mon Apr 23 2007 - 15:50:43 CDT)
- [ GLSA 200704-19 ] Blender: User-assisted remote execution of arbitrary code (Mon Apr 23 2007 - 15:25:53 CDT)
- [ GLSA 200704-18 ] Courier-IMAP: Remote execution of arbitrary code (Sun Apr 22 2007 - 16:18:36 CDT)
- [ GLSA 200704-16 ] Aircrack-ng: Remote execution of arbitrary code (Sun Apr 22 2007 - 15:57:28 CDT)
- [ GLSA 200704-17 ] 3proxy: Buffer overflow (Sun Apr 22 2007 - 16:05:14 CDT)
- [ GLSA 200704-15 ] MadWifi: Multiple vulnerabilities (Tue Apr 17 2007 - 17:36:48 CDT)
- [ GLSA 200704-13 ] File: Denial of Service (Tue Apr 17 2007 - 17:26:02 CDT)
- [ GLSA 200704-14 ] FreeRADIUS: Denial of Service (Tue Apr 17 2007 - 17:33:13 CDT)
- [ GLSA 200704-12 ] OpenOffice.org: Multiple vulnerabilities (Mon Apr 16 2007 - 17:18:12 CDT)
- [ GLSA 200704-09 ] xine-lib: Heap-based buffer overflow (Sat Apr 14 2007 - 17:30:14 CDT)
- [ GLSA 200704-07 ] libwpd: Multiple vulnerabilities (Fri Apr 06 2007 - 18:17:58 CDT)
- [ GLSA 200704-06 ] Evince: Stack overflow in included gv code (Fri Apr 06 2007 - 18:13:57 CDT)
- [ GLSA 200704-03 ] OpenAFS: Privilege escalation (Tue Apr 03 2007 - 17:41:11 CDT)
- [ GLSA 200704-05 ] zziplib: Buffer Overflow (Tue Apr 03 2007 - 17:50:22 CDT)
- [ GLSA 200703-28 ] CUPS: Denial of Service (Sat Mar 31 2007 - 15:12:12 CDT)
- [ GLSA 200703-27 ] Squid: Denial of Service (Sat Mar 31 2007 - 15:07:10 CDT)
rashbihushmail.com
- Re: ZDI-07-020: BMC Performance Manager SNMP Command Execution Vulnerability (Thu Apr 19 2007 - 08:59:25 CDT)
rd
- [CFP] VNSECON 07 - Call for Papers / HCMC - August 03-04, 2007 (Mon Apr 02 2007 - 14:17:04 CDT)
researchprocheckup.com
- Microsoft .NET request filtering bypass vulnerability (BID 20753) (Thu Apr 05 2007 - 10:51:02 CDT)
researchsymantec.com
- SYMSA-2007-003 Macrovision InstallAnywhere Password and Serial Number Bypass (Mon Apr 16 2007 - 10:13:48 CDT)
Reversemode
- [Reversemode advisory] CheckPoint Zonelabs - ZoneAlarm SRESCAN driver local privilege escalation (Mon Apr 23 2007 - 07:40:24 CDT)
rjmjr69aol.com
- Re: vbulletin admincp sql injection (Mon Apr 09 2007 - 22:02:50 CDT)
rko.thelegendkillergmail.com
- livor 2.5 Cross-Site Scripting Vulnerability (Fri Apr 06 2007 - 03:51:39 CDT)
- phpContact Multiple Remote File Inclusion Vulnerabilities (Fri Apr 06 2007 - 02:19:53 CDT)
Rob Bartlett
- Re: Internet Explorer Crash (Wed Apr 18 2007 - 15:14:50 CDT)
Roger A. Grimes
- RE: Re[2]: Windows DNS Cache Poisoning by Forwarder DNS Spoofing (Tue Apr 17 2007 - 17:46:34 CDT)
- RE: Windows DNS Cache Poisoning by Forwarder DNS Spoofing (Tue Apr 17 2007 - 17:44:38 CDT)
- RE: Windows DNS Cache Poisoning by Forwarder DNS Spoofing (Tue Apr 17 2007 - 11:48:04 CDT)
- RE: Windows DNS Cache Poisoning by Forwarder DNS Spoofing (Tue Apr 17 2007 - 06:29:59 CDT)
rPath Update Announcements
- rPSA-2007-0081-1 postgresql postgresql-server (Mon Apr 23 2007 - 23:57:07 CDT)
- rPSA-2007-0074-1 dovecot (Wed Apr 18 2007 - 11:03:43 CDT)
- rPSA-2007-0073-1 php php-mysql php-pgsql (Wed Apr 18 2007 - 11:03:10 CDT)
- rPSA-2007-0072-1 lighttpd (Wed Apr 18 2007 - 11:02:50 CDT)
- rPSA-2007-0071-1 kernel (Mon Apr 16 2007 - 14:33:37 CDT)
- rPSA-2007-0070-1 openoffice.org (Mon Apr 09 2007 - 13:14:48 CDT)
- rPSA-2007-0062-1 firefox (Wed Apr 04 2007 - 03:23:06 CDT)
- rPSA-2007-0065-1 freetype xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs (Wed Apr 04 2007 - 03:25:29 CDT)
- rPSA-2007-0066-1 kdelibs qt-x11-free (Wed Apr 04 2007 - 03:27:05 CDT)
- rPSA-2007-0067-1 nas (Wed Apr 04 2007 - 12:17:15 CDT)
- rPSA-2007-0064-1 ImageMagick (Wed Apr 04 2007 - 03:24:33 CDT)
- rPSA-2007-0063-1 krb5 krb5-server krb5-services krb5-test krb5-workstation (Wed Apr 04 2007 - 03:23:59 CDT)
rurbanx-ray.at
- Critical phpwiki c99shell exploit (Thu Apr 12 2007 - 08:14:14 CDT)
Ryan Barnett
- Re: [WEB SECURITY] Persistent CSRF and The Hotlink Hell (Mon Apr 16 2007 - 16:49:23 CDT)
Ryan Neufeld
- RE: Critical phpwiki c99shell exploit (Thu Apr 12 2007 - 14:50:50 CDT)
s433d_only_linuxyahoo.de
- modbuild >> 4.1 Remote File Inclusion (Wed Apr 25 2007 - 17:40:16 CDT)
- VirtuaNews.Pro.v1.0.3.Retail.+All.Plugins Remote file Include (Wed Apr 25 2007 - 15:05:15 CDT)
- Remote File Inclusion (Wed Apr 25 2007 - 10:37:24 CDT)
- WordPress v2.1.3 >> remote file include~ (Wed Apr 25 2007 - 03:17:45 CDT)
- dcp-portal v611 >> RFi (Tue Apr 24 2007 - 16:21:27 CDT)
- gallery >> 1.5.6 Remote File Inclusion (Tue Apr 24 2007 - 10:25:38 CDT)
saphealhack.pl
- Re: WS_FTP Home 2007 NetscapeFTPHandler denial of service (Sat Apr 21 2007 - 19:20:19 CDT)
scott-REMOVEvbulletin.com
- Re: Vbulletin 3.6.5 Sql Injection ! [misc.php] (Sat Apr 14 2007 - 09:25:02 CDT)
Secunia Research
- Secunia Research: Microsoft Agent URL Parsing Memory Corruption Vulnerability (Tue Apr 10 2007 - 13:24:33 CDT)
Secure3com.com
- Re: 3Com's TippingPoint Denial of Service (Wed Apr 25 2007 - 17:00:05 CDT)
security-alerthp.com
- [security bulletin] HPSBMA02197 SSRT061285 rev.1 - HP-UX Running HP Power Manager Remote Agent (RA), Local Execution of Arbitrary Code with Root Privileges (Mon Apr 30 2007 - 08:06:23 CDT)
- [security bulletin] HPSBST02200 SSRT071330 rev.1 - HP StorageWorks Command View Advanced Edition for XP, Local Unauthorized Access (Tue Apr 24 2007 - 12:51:13 CDT)
- [security bulletin] HPSBUX02183 SSRT061243 rev.1 - HP-UX sendmail, Remote Denial of Service (DoS) (Mon Apr 23 2007 - 16:43:22 CDT)
- [security bulletin] HPSBST02208 SSRT071365 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS07-018 to MS07-022 (Thu Apr 19 2007 - 17:15:07 CDT)
- [security bulletin] HPSBMA02133 SSRT061201 rev.4 - HP Oracle for OpenView (OfO) Critical Patch Update (Thu Apr 19 2007 - 17:15:57 CDT)
- [security bulletin] HPSBST02206 SSRT071354 rev.2 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS07-017 (Wed Apr 18 2007 - 13:37:33 CDT)
- [security bulletin] HPSBTU02207 SSRT061213, SSRT061239, SSRT071304 rev.1 - HP Tru64 UNIX SSL and BIND Remote Arbitrary Code Execution or Denial of Service (DoS) (Tue Apr 17 2007 - 13:26:22 CDT)
- [security bulletin] HPSBUX02203 SSRT071339 rev.1 - HP-UX Running Portable File System (PFS), Remote Increase in Privilege (Thu Apr 12 2007 - 12:06:08 CDT)
- [security bulletin] HPSBGN02199 SSRT071312 rev.1 - Mercury Quality Center ActiveX, Remote Unauthorized Arbitrary Code Execution (Thu Apr 12 2007 - 08:40:14 CDT)
- [security bulletin] HPSBUX01137 SSRT5954 rev.9 - HP-UX Running TCP/IP (IPv4), Remote Denial of Service (DoS) (Thu Apr 12 2007 - 08:52:48 CDT)
- [security bulletin] HPSBST02206 SSRT071354 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS07-014 (Thu Apr 12 2007 - 09:52:15 CDT)
- HPSBUX02205 SSRT061120 rev.1 - HP-UX Running ARPA Transport, Local Denial of Service (DoS) (Thu Apr 12 2007 - 09:07:23 CDT)
- [security bulletin] HPSBUX02204 SSRT071341 rev.1 - HP-UX Running CIFS Server (Samba), Remote Denial of Service (DoS) (Thu Apr 05 2007 - 15:10:14 CDT)
- [security bulletin] HPSBMA02198 SSRT061177 rev.1 - HP OpenView Network Node Manager (OV NNM) Remote Unauthorized Access (Mon Apr 02 2007 - 08:13:53 CDT)
securitymandriva.com
- [ MDKSA-2007:094 ] - Updated postgresql packages fix vulnerability (Wed Apr 25 2007 - 19:59:21 CDT)
- [ MDKSA-2007:093 ] - Updated zziplib packages fix vulnerability (Mon Apr 23 2007 - 15:34:09 CDT)
- [ MDKSA-2007:092 ] - Updated freeradius packages fix vulnerability (Mon Apr 23 2007 - 15:31:22 CDT)
- [ MDKSA-2007:091 ] - Updated sqlite packages fix vulnerability (Thu Apr 19 2007 - 01:20:57 CDT)
- [ MDKSA-2007:090 ] - Updated php packages fix multiple vulnerabilities (Thu Apr 19 2007 - 01:04:13 CDT)
- [ MDKSA-2007:089 ] - Updated php packages fix multiple vulnerabilities (Thu Apr 19 2007 - 00:49:43 CDT)
- [ MDKSA-2007:088 ] - Updated php packages fix multiple vulnerabilities (Thu Apr 19 2007 - 00:42:39 CDT)
- [ MDKSA-2007:087 ] - Updated php packages fix multiple vulnerabilities (Thu Apr 19 2007 - 00:35:05 CDT)
- [ MDKSA-2007:085 ] - Updated freeradius packages fix DoS vulnerability (Mon Apr 16 2007 - 17:14:48 CDT)
- [ MDKSA-2007:084 ] - Updated ipsec-tools packages fix DoS vulnerability (Mon Apr 16 2007 - 17:08:50 CDT)
- [ MDKSA-2007:086 ] - Updated cups packages fix DoS vulnerability (Mon Apr 16 2007 - 17:32:18 CDT)
- [ MDKSA-2007:082 ] - Updated madwifi-source, wpa_supplicant packages fix vulnerabilities (Wed Apr 11 2007 - 15:02:41 CDT)
- [ MDKSA-2007:075-1 ] - Updated qt4 packages to address utf8 decoder bug (Tue Apr 10 2007 - 21:54:10 CDT)
- [ MDKSA-2007:083 ] - Updated apache-mod_perl packages fix DoS vulnerability (Wed Apr 11 2007 - 15:23:18 CDT)
- [ MDKSA-2007:079-1 ] - Updated xorg-x11/XFree86 packages fix integer overflow vulnerabilities (Wed Apr 11 2007 - 14:02:54 CDT)
- [ MDKSA-2007:080-1 ] - Updated tightvnc packages fix integer overflow vulnerabilities (Tue Apr 10 2007 - 17:59:39 CDT)
- [ MDKSA-2007:081-1 ] - Updated freetype2 packages fix vulnerability (Tue Apr 10 2007 - 16:51:28 CDT)
- [ MDKSA-2007:077-1 ] - Updated krb5 packages fix vulnerabilities (Tue Apr 10 2007 - 14:26:10 CDT)
- [ MDKSA-2007:081 ] - Updated freetype2 packages fix vulnerability (Wed Apr 04 2007 - 18:37:46 CDT)
- [ MDKSA-2007:080 ] - Updated tightvnc packages fix integer overflow vulnerabilities (Wed Apr 04 2007 - 18:29:54 CDT)
- [ MDKSA-2007:079 ] - Updated xorg-x11/XFree86 packages fix integer overflow vulnerabilities (Wed Apr 04 2007 - 18:27:33 CDT)
- [ MDKSA-2007:078 ] - Updated kernel packages fix multiple vulnerabilities and bugs (Wed Apr 04 2007 - 17:21:57 CDT)
- [ MDKSA-2007:077 ] - Updated krb5 packages fix vulnerabilities (Wed Apr 04 2007 - 17:03:03 CDT)
- [ MDKSA-2007:076 ] - Updated kdelibs packages to address UTF8 issue in KJS (Tue Apr 03 2007 - 20:45:17 CDT)
- [ MDKSA-2007:074 ] - Updated qt3 packages to address utf8 decoder bug (Tue Apr 03 2007 - 20:34:27 CDT)
- [ MDKSA-2007:075 ] - Updated qt4 packages to address utf8 decoder bug (Tue Apr 03 2007 - 20:35:34 CDT)
securitynruns.com
- n.runs-SA-2007.007 - Sun Solaris 10 - Format string vulnerability (Tue Apr 17 2007 - 16:06:16 CDT)
securitysoqor.net
- DmCMS Shell Uploading (Mon Apr 23 2007 - 15:57:20 CDT)
- IPB (Invision Power Board) Full Path Disclusure (Thu Apr 19 2007 - 09:39:42 CDT)
- EclipseBB Remote File Inclusion (Wed Apr 18 2007 - 12:47:21 CDT)
- Extreme PHPBB2 Remote File Inclusion (Wed Apr 18 2007 - 12:52:08 CDT)
- FullyModdedphpBB2 Remote File Inclusion (Wed Apr 18 2007 - 12:58:29 CDT)
- MediaBeez Sql query Execution .. Wear isn't ?? :) (Wed Apr 18 2007 - 09:10:53 CDT)
Securityauditmajorsecurity.de
- [MajorSecurity Advisory #42]webblizzard CMS - Cross Site Scripting and Session fixation Issues (Sat Apr 07 2007 - 09:41:17 CDT)
- [MajorSecurity Advisory #41]onelook courts online - Session fixation Issue (Fri Apr 06 2007 - 02:43:50 CDT)
- [MajorSecurity Advisory #40]onelook oboShop - Session fixation Issue (Fri Apr 06 2007 - 02:42:41 CDT)
- [MajorSecurity Advisory #39]onelook onebyone CMS - Session fixation Issue (Fri Apr 06 2007 - 02:41:17 CDT)
- [MajorSecurity Advisory #38]eXV2 CMS - Session fixation and Cross-Site-Scripting Issues (Wed Apr 04 2007 - 11:48:08 CDT)
- [MajorSecurity Advisory #37]HolaCMS - Cross Site Scripting Issue (Tue Apr 03 2007 - 08:27:10 CDT)
securityresearchnetvigilance.com
- UseBB Version 1.0.4 Path Disclosure Vulnerability (Fri Apr 20 2007 - 15:48:57 CDT)
sekose-ko.info
- Big Blue Guestbook HTML Injection Vulnerabilities (Mon Apr 23 2007 - 06:05:23 CDT)
- Top Auction 1.0 (viewcat.php) Remote Blind SQL Injection // starhack.org (Sat Apr 21 2007 - 07:46:35 CDT)
- Eba News Version : v1.1 <= (webpages.php) Remote File Include // starhack.org (Fri Apr 20 2007 - 05:49:25 CDT)
- Ivan Gallery Script V.0.1 (index.php) Remote File Include Exploit (Mon Apr 16 2007 - 13:05:45 CDT)
- ActionPoll Script (actionpoll.php) Remote File Include // starhack.org (Sun Apr 15 2007 - 06:53:26 CDT)
- Vbulletin 3.6.5 Sql Injection ! [misc.php] (Fri Apr 13 2007 - 14:01:22 CDT)
- PhpOpenChat <= 3.0.1 (poc.php) Multiple Remote File Include Vulnerabilities (Tue Apr 10 2007 - 13:08:47 CDT)
Shiva Persaud
- Re: AIX 4.3 lsmcode local root command execution (Mon Apr 02 2007 - 11:36:42 CDT)
Simon Smith
- Re: [Full-disclosure] A Botted Fortune 500 a Day (Fri Apr 13 2007 - 10:43:40 CDT)
simone colombo
- Re: Internet Explorer Crash (Thu Apr 19 2007 - 14:30:14 CDT)
Simple Nomad
- Re: 3Com's TippingPoint Denial of Service (Tue Apr 24 2007 - 17:26:59 CDT)
Simson Garfinkel
- please retract CVE-2007-2056 "Time-of-Check-Time-of-Use File Race in AFFLIB" (Sat Apr 28 2007 - 17:25:01 CDT)
Stefan Kelm
- Re: More information on ZERT patch for ANI 0day (Tue Apr 03 2007 - 02:42:42 CDT)
Stefano Di Paola
- IE 7 and Firefox Browsers Digest Authentication Request Splitting (Wed Apr 25 2007 - 12:37:26 CDT)
Stefano Zanero
- CFP: 3rd European Conference on Computer Network Defense (EC2ND) (Wed Apr 25 2007 - 17:06:44 CDT)
Steven Adair
- Re: [Full-disclosure] A Botted Fortune 500 a Day (Fri Apr 13 2007 - 09:28:23 CDT)
- Re: [Full-disclosure] A Botted Fortune 500 a Day (Fri Apr 13 2007 - 08:44:24 CDT)
Steven M. Christey
- Re: 3Com's TippingPoint Denial of Service (Wed Apr 25 2007 - 13:54:49 CDT)
str0ke
- Re: Top Auction 1.0 (viewcat.php) Remote Blind SQL Injection // starhack.org (Sat Apr 21 2007 - 11:06:58 CDT)
- Re: VCDGear <= 3.56 Build 050213 (FILE) Local Code Execution Exploit (Sat Apr 14 2007 - 12:09:36 CDT)
- Re: Maplab <= 2.2.1 (gszAppPath) Remote File Inclusion Vulnerability (Mon Apr 02 2007 - 14:57:26 CDT)
stuart_smithgmail.remove.com
- Re: phpMyChat-0.14.5 (Sun Apr 15 2007 - 19:58:59 CDT)
Sune Kloppenborg Jeppesen
- [ GLSA 200704-02 ] MIT Kerberos 5: Arbitrary remote code execution (Tue Apr 03 2007 - 16:17:20 CDT)
- [ GLSA 200704-01 ] Asterisk: Two SIP Denial of Service vulnerabilities (Mon Apr 02 2007 - 14:50:09 CDT)
supportgeekspiff.com
- Re: Chicken of the VNC 2.0 remote DoS (Thu Apr 26 2007 - 03:42:35 CDT)
supportmaianscriptworld.co.uk
- Re: Maian Search v1.1 (Sat Apr 14 2007 - 13:43:31 CDT)
- Re: Maian Gallery v1.0 (Sat Apr 14 2007 - 13:42:42 CDT)
supportsteganos.com
- Re: Steganos Encrypted Safe NOT so safe (Thu Apr 26 2007 - 07:55:39 CDT)
suresyncgmail.com
- Flaw in about.r OS and Progress version disclosure (Sun Apr 29 2007 - 13:12:01 CDT)
- Progress Webspeed exploit for all releases (Tue Apr 24 2007 - 13:46:35 CDT)
Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]
- Re: More information on ZERT patch for ANI 0day (Tue Apr 03 2007 - 20:27:59 CDT)
- Re: More information on ZERT patch for ANI 0day (Tue Apr 03 2007 - 13:52:42 CDT)
Taneli Leppä
- Re: Critical phpwiki c99shell exploit (Mon Apr 16 2007 - 05:29:01 CDT)
Team SHATTER
- Oracle Database Buffer overflow vulnerabilities in package DBMS_SNAP_INTERNAL (Wed Apr 18 2007 - 13:20:58 CDT)
The Anarcat
- Re: Internet Explorer Crash (Tue Apr 17 2007 - 15:27:45 CDT)
The Dark Tangent
- DEF CON One Five CfP in effect! (Mon Apr 09 2007 - 20:33:50 CDT)
the.tiger100gmail.com
- Re: gallery >> 1.5.6 Remote File Inclusion (Tue Apr 24 2007 - 11:43:36 CDT)
the_3dit0ryahoo.com
- TJSChat Version 0.95 Cross Site Scripting (Sun Apr 22 2007 - 23:55:23 CDT)
- my little forum 1.7 Remote File Include Vulnerabilitiy (Mon Apr 16 2007 - 15:02:32 CDT)
- my little weblog Cross Site Scripting (Mon Apr 16 2007 - 14:59:12 CDT)
- Wabbit PHP Gallery v0.9 Cross Site Scripting (Mon Apr 16 2007 - 14:57:34 CDT)
- bloofoxCMS 0.2.2 Remote File Include Vulnerabilitiy (Sat Apr 14 2007 - 01:31:55 CDT)
- Back-End CMS Database Tables v0.4.7 Remote File Include Vulnerabilities (Sat Apr 14 2007 - 01:39:01 CDT)
- FloweRS v2.0 Cross Site Scripting (Sat Apr 14 2007 - 01:34:37 CDT)
- MobilePublisherphp v1.1.2 Remote File Include Vulnerabilities (Sat Apr 14 2007 - 01:36:31 CDT)
- Back-End CMS Database Tables v0.4.7 Cross Site Scripting (Sat Apr 14 2007 - 01:40:54 CDT)
- bloofoxCMS 0.2.2 Cross Site Scripting (Sat Apr 14 2007 - 01:30:11 CDT)
- FAC GuestBook v2.0 remote database disclosure vulnerability (Thu Apr 12 2007 - 00:18:16 CDT)
- phpwebnews v.1 Multiple Cross Site Scripting Vulnerabilites (Thu Apr 12 2007 - 00:06:19 CDT)
- TuMusika Evolution 1.6 Cross Site Scripting Vulnerabilitiy (Wed Apr 11 2007 - 23:39:13 CDT)
- xodagallery Remote Code Execution Vulnerability (Sun Apr 08 2007 - 03:37:10 CDT)
- phpMyAdmin 2.6.1 Local Cross Site Scripting (Sun Apr 08 2007 - 03:27:38 CDT)
- Gsylvain35 Portail Web Remote File Include Vulnerabilities (Sun Apr 08 2007 - 03:41:10 CDT)
- witshare 0.9 Remote File Include Vulnerabilitiy (Fri Apr 06 2007 - 23:30:25 CDT)
- MyBlog: PHP and MySQL Blog/CMS software Remote File Include Vulnerabilitiy (Wed Apr 04 2007 - 04:59:26 CDT)
- MyBlog: PHP and MySQL Blog/CMS software Cross-Site Scripting Vulnerabilitiy (Wed Apr 04 2007 - 04:58:11 CDT)
- phpechocms2 Remote File Include Vulnerabilities (Wed Apr 04 2007 - 04:56:43 CDT)
- phpechocms v.2 Cross-Site Scripting Vulnerabilitiy (Wed Apr 04 2007 - 04:51:13 CDT)
- Monkey CMS v0.0.3 Remote File Include Vulnerabilitiy (Wed Apr 04 2007 - 04:48:09 CDT)
- K-CMS v1.0 Remote File Include Vulnerabilities (Wed Apr 04 2007 - 04:45:39 CDT)
- iXon_CMS 0.30 Remote File Include Vulnerabilities (Wed Apr 04 2007 - 04:41:44 CDT)
- lite-cms-0.2.1 Remote File Include Vulnerabilities (Wed Apr 04 2007 - 04:38:52 CDT)
Thor (Hammer of God)
- Re: Internet Explorer Crash (Wed Apr 18 2007 - 11:33:31 CDT)
- Re: Internet Explorer Crash (Tue Apr 17 2007 - 16:09:53 CDT)
Thor Larholm
- Re: Firefox extensions go Evil - Critical Vulnerabilities in Firefox/Firebug (Thu Apr 05 2007 - 22:30:50 CDT)
Tim
- Re: please retract CVE-2007-2056 "Time-of-Check-Time-of-Use File Race in AFFLIB" (Sun Apr 29 2007 - 10:28:30 CDT)
- Re: Windows DNS Cache Poisoning by Forwarder DNS Spoofing (Wed Apr 18 2007 - 06:41:18 CDT)
- Re: Windows DNS Cache Poisoning by Forwarder DNS Spoofing (Tue Apr 17 2007 - 18:58:18 CDT)
- Re: Windows DNS Cache Poisoning by Forwarder DNS Spoofing (Tue Apr 17 2007 - 16:27:13 CDT)
Tim Newsham
- Re: ImageProcessing ... Local (Denial of Service Exploit) (Tue Apr 24 2007 - 16:41:27 CDT)
Tim Rupp
- BlueArc Firmware 4.2.944b FTP bounce (Tue Apr 17 2007 - 15:00:47 CDT)
Tom Gregory
- Re: Internet Explorer Crash (Wed Apr 18 2007 - 11:12:01 CDT)
Tom Yu
- MITKRB5-SA-2007-001: telnetd allows login as arbitrary user [CVE-2007-0956] (Tue Apr 03 2007 - 13:11:35 CDT)
- MITKRB5-SA-2007-003: double-free vulnerability in kadmind (via GSS-API library) [CVE-2007-1216] (Tue Apr 03 2007 - 13:11:44 CDT)
- MITKRB5-SA-2007-002: KDC, kadmind stack overflow in krb5_klog_syslog [CVE-2007-0957] (Tue Apr 03 2007 - 13:11:38 CDT)
Trustix Security Advisor
- TSLSA-2007-0015 - postgresql (Fri Apr 27 2007 - 06:26:13 CDT)
- TSLSA-2007-0013 - multi (Fri Apr 20 2007 - 10:20:03 CDT)
TSRT3com.com
- TSRT-07-04: LANDesk Management Suite Alert Service Stack Overflow Vulnerability (Fri Apr 13 2007 - 14:44:56 CDT)
TWOVB Team
- TWOVB][ The Week Of Vista Bugs: the truth is out there (Tue Apr 03 2007 - 01:49:24 CDT)
- WOVB #01: Bypassing Vista Firewall, Flying over obstructive line (Mon Apr 02 2007 - 11:30:08 CDT)
UniquEUniquE-Key.ORG
- Winamp <= (WMV) 5.3 Buffer Overflow DOS Exploit (0-DAY) (Thu Apr 19 2007 - 13:13:16 CDT)
- Wserve HTTP Server 4.6 Version (Long Directory Name) Buffer Overflow - Denial Of Service (Thu Apr 05 2007 - 13:54:18 CDT)
v9
- 3proxy[v0.5.3g]: (linux/win32 service) remote buffer overflow exploits. (Sun Apr 29 2007 - 22:06:41 CDT)
vaughan.montgomerygmail.com
- Re: Xoops All Version -Articles- Print.PHP (ID) Blind SQL Injection Exploit And PoC (Sat Mar 31 2007 - 13:00:03 CDT)
Vladimir Dubrovin
- 3proxy 0.5.3i bugfix release (Mon Apr 23 2007 - 04:50:24 CDT)
VMware Security team
- VMSA-2007-0003 VMware ESX 3.0.1 and 3.0.0 server security updates (Wed Apr 04 2007 - 15:20:26 CDT)
VSR Advisories
- AFFLIB(TM): Multiple Shell Metacharacter Injections (Fri Apr 27 2007 - 12:40:12 CDT)
- AFFLIB(TM): Multiple Format String Injections (Fri Apr 27 2007 - 12:36:02 CDT)
- AFFLIB(TM): Multiple Buffer Overflows (Fri Apr 27 2007 - 12:45:09 CDT)
- AFFLIB(TM): Time-of-Check-Time-of-Use File Race (Fri Apr 27 2007 - 12:42:26 CDT)
Williams, James K
- [CAID 35198, 35276]: CA BrightStor ARCserve Backup Media Server Vulnerabilities (Thu Apr 26 2007 - 00:46:58 CDT)
- [CAID 35277]: CA CleverPath Portal SQL Injection Vulnerability (Thu Apr 26 2007 - 00:54:11 CDT)
z12xxagmail.com
- phpGalleryScript 1.0 - File Inclusion Vulnerabilities (Mon Apr 09 2007 - 18:19:32 CDT)
zdi-disclosures3com.com
- ZDI-07-022: CA BrightStor ArcServe Media Server Multiple Buffer Overflow Vulnerabilities (Tue Apr 24 2007 - 16:55:58 CDT)
- ZDI-07-021: GraceNote CDDBControl ActiveX Buffer Overflow Vulnerability (Fri Apr 20 2007 - 00:28:34 CDT)
- ZDI-07-020: BMC Performance Manager SNMP Command Execution Vulnerability (Wed Apr 18 2007 - 15:32:03 CDT)
- ZDI-07-019: BMC Patrol PerformAgent bgs_sdservice Memory Corruption Vulnerability (Wed Apr 18 2007 - 15:28:14 CDT)
- ZDI-07-018: IBM Tivoli Monitoring Express Universal Agent Heap Overflow Vunlerability (Wed Apr 18 2007 - 15:16:52 CDT)
- ZDI-07-017: Oracle E-Business Suite Arbitrary Document Download Vulnerability (Wed Apr 18 2007 - 15:12:28 CDT)
- ZDI-07-016: Oracle E-Business Suite Arbitrary Node Deletion Vulnerability (Wed Apr 18 2007 - 15:12:19 CDT)
- ZDI-07-015: Novell Groupwise WebAccess Base64 Decoding Stack Overflow Vulnerability (Wed Apr 18 2007 - 15:08:02 CDT)
- ZDI-07-013: Kaspersky AntiVirus Engine ARJ Archive Parsing Heap Overflow Vulnerability (Thu Apr 05 2007 - 17:58:10 CDT)
- ZDI-07-014: Kaspersky Anti-Virus ActiveX Control Unsafe Method Exposure Vulnerablity (Thu Apr 05 2007 - 17:58:31 CDT)
- ZDI-07-012: Yahoo! Messenger AudioConf ActiveX Control Buffer Overflow (Tue Apr 03 2007 - 15:22:25 CDT)

Last message date: Mon Apr 30 2007 - 14:34:50 CDT
Archived on: Mon Apr 30 2007 - 14:34:50 CDT

492 messages sorted by: [ date ] [ thread ] [ subject ]