NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 2007-06

375 messages sorted by: [ date ] [ thread ] [ subject ]

Starting: Fri Jun 01 2007 - 09:45:16 CDT
Ending: Sat Jun 30 2007 - 12:15:59 CDT

3APA3A
- ShAnKaR: Simle machines forum CAPTCHA bypass and PHP injection (Mon Jun 18 2007 - 04:49:53 CDT)
- Re: [SECURITY] [DSA 1299-1] New ipsec-tools packages fix denial of service (Mon Jun 11 2007 - 05:18:10 CDT)
accountingcomcity.com
- Re: RedLevel Advisory #23 - SalesCart Shopping Cart SQL Injection Vulnerability (Wed Jun 13 2007 - 12:36:20 CDT)
Adam Laurie
- Announce - Release RFIDIOt ver 0.1n (June 2007) (Wed Jun 06 2007 - 10:44:39 CDT)
adblakedeloitte.co.uk
- Cisco Trust Agent Vulnerability (Mon Jun 11 2007 - 08:57:04 CDT)
Aditya K Sood
- SECNICHE : Dwelling Security is On the Run (Wed Jun 13 2007 - 01:30:03 CDT)
- MLabs is Shifted Fully : SecNiche Initiative (Mon Jun 11 2007 - 17:33:45 CDT)
- Project CERA Is Up Again : Secniche Initiative (Mon Jun 11 2007 - 17:31:13 CDT)
adminbatznet.com
- Re: PHP parse_str() arbitrary variable overwrite (Tue Jun 12 2007 - 13:57:12 CDT)
adminmajorsecurity.de
- Re: [MajorSecurity Advisory #50]chameleon cms - Session fixation Issue (Thu Jun 07 2007 - 10:33:22 CDT)
- [MajorSecurity Advisory #49]Calimero.CMS - Session fixation Issue (Fri Jun 01 2007 - 11:48:21 CDT)
- [MajorSecurity Advisory #50]chameleon cms - Session fixation Issue (Fri Jun 01 2007 - 11:48:53 CDT)
Airscanner Corp.
- Airscanner Advisory #07062901: FlexiSPY Victim/User Database Exposure (Full world readable access to ALL SMS/Emails/Voice data from victims/users) (Fri Jun 29 2007 - 12:45:31 CDT)
Andreas Beck
- Re: uTorrent overflow (Thu Jun 07 2007 - 05:30:25 CDT)
Andres Riancho
- [TOOL] w3af - Web Application Attack and Audit Framework (Sun Jun 10 2007 - 13:20:29 CDT)
anonymoushackermail.com
- Re: Re: BlackBoard Multiple Vulnerabilities (XSS) (Thu Jun 14 2007 - 01:33:19 CDT)
Anurag Agarwal
- OWASP and WASC Cocktail party at Blackhat USA 2007 (Thu Jun 07 2007 - 12:31:46 CDT)
azizovitdefence.ru
- Safari Bookmarks Buffer Overflow Vulnerability (Sun Jun 24 2007 - 11:14:59 CDT)
- Local Denial of Service in Safari (Sat Jun 16 2007 - 14:42:08 CDT)
BlackHawk
- RevokeBB Blind SQL Injection / Hash Extractor (Fri Jun 01 2007 - 11:54:30 CDT)
Blazej Miga
- Apache Prefork MPM vulnerabilities - Report (Tue Jun 19 2007 - 18:50:36 CDT)
Calyptix Security
- Calyptix Security Advisory CX-2007-04 - Cross-Site Request Forgery Attack Against Check Point Safe<img src="/imgs/at.gif" border=0 align=middle>Office Device (Tue Jun 26 2007 - 13:44:53 CDT)
CarcaBotCarcaBot.ro
- Sitellite cms <= 4.2.12 RFI Vuln (Sat Jun 16 2007 - 11:24:16 CDT)
Charles Kim
- Fusetalk SQL injection submission. (Mon Jun 18 2007 - 11:06:42 CDT)
chrisseclab.tuwien.ac.at
- CfP: 5th ACM Workshop on Recurring Malware (WORM) - Deadline extension (Tue Jun 19 2007 - 09:59:42 CDT)
Chuck Swiger
- Re: PHP parse_str() arbitrary variable overwrite (Wed Jun 13 2007 - 12:23:43 CDT)
corrado.liottaalice.it
- PhpListPro Persistent XSS Vulnerability (Fri Jun 15 2007 - 15:21:54 CDT)
crackers_childsibersavascilar.com
- W1L3D4 WEBmarket v0,1 SQL Injection Vuln (Tue Jun 19 2007 - 15:35:29 CDT)
cxibsecurityreason.com
- PHP 4/5 htaccess safemode and open_basedir Bypass (Tue Jun 26 2007 - 19:42:04 CDT)
Daniel Cid
- Remote log injection on DenyHosts, Fail2ban and BlockHosts (Wed Jun 06 2007 - 15:15:29 CDT)
dann frazier
- [SECURITY] [DSA 1304-1] New Linux kernel 2.6.8 packages fix several vulnerabilities (Sat Jun 16 2007 - 05:57:02 CDT)
- Re: [SECURITY] [DSA 1299-1] New ipsec-tools packages fix denial of service (Tue Jun 12 2007 - 11:37:07 CDT)
- [SECURITY] [DSA 1299-1] New ipsec-tools packages fix denial of service (Thu Jun 07 2007 - 12:52:59 CDT)
darkz.gsagmail.com
- POWER PHLOGGER v.2.2.5 (username) SQL Injection (Mon Jun 25 2007 - 03:47:55 CDT)
David Thiel
- flac123 0.0.9 - Stack overflow in comment parsing (Thu Jun 28 2007 - 21:34:02 CDT)
- VLC 0.8.6b format string vulnerability & integer overflow (Thu Jun 21 2007 - 13:28:11 CDT)
Dennis Rand
- CSIS Advisory: BlueCoat K9 Web Protection 3.2.36 Overflow (Fri Jun 08 2007 - 02:00:21 CDT)
- CSIS Advisory: Microsoft GDI+ Integer division by zero flaw handling .ICO files (Thu Jun 07 2007 - 04:21:23 CDT)
Dj.r4iDeNgmail.com
- Re: uTorrent overflow (Tue Jun 05 2007 - 20:28:27 CDT)
- uTorrent overflow (Sat Jun 02 2007 - 15:15:09 CDT)
Dj_ReMix_20hotmail.com
- W1L3D4 WEBmarket Remote SQL İnjection (Wed Jun 06 2007 - 23:11:08 CDT)
- Hnkaray Duyuru Script Remote SQL İnjection (Wed Jun 06 2007 - 23:12:06 CDT)
DoZHackersCenter.com
- Comersus Shop Cart 7.07 SQL Injection & XSS (Tue Jun 19 2007 - 20:51:20 CDT)
- CACTUSHOP 6 Default Installation Allows Remote Database Disclosure (Sun Jun 03 2007 - 19:30:24 CDT)
dr.rezengmail.com
- bugtraq submission (Fri Jun 01 2007 - 11:50:17 CDT)
eEye Advisories
- EEYE: Yahoo Webcam ActiveX Controls Multiple Buffer Overflows (Fri Jun 08 2007 - 12:58:19 CDT)
Eitan Caspi
- "run as" local denial-of-service enables administrative account processes to be killed (Sat Jun 23 2007 - 15:44:59 CDT)
esc6hush.com
- Conti FTP Server v1.0 DoS (Tue Jun 26 2007 - 22:24:16 CDT)
Firewall1954hotmail.com
- XEForum Cookie Modification Privilege Escalation Vulnerability (Wed Jun 27 2007 - 20:12:55 CDT)
Foresight Linux Essential Advisory Service
- FLEA-2007-0024-1: libexif (Mon Jun 04 2007 - 15:18:54 CDT)
Foresight Linux Essential Announcement Service
- FLEA-2007-0030-1: avahi avahi-glib avahi-sharp (Thu Jun 28 2007 - 09:33:43 CDT)
- FLEA-2007-0029-1: krb5 krb5-workstation (Wed Jun 27 2007 - 19:27:48 CDT)
- FLEA-2007-0028-1: libexif (Fri Jun 22 2007 - 14:08:41 CDT)
- FLEA-2007-0027-1: thunderbird (Wed Jun 20 2007 - 10:49:51 CDT)
- FLEA-2007-0026-1: evolution-data-server (Mon Jun 18 2007 - 21:12:40 CDT)
- FLEA-2007-0025-1: openoffice.org (Wed Jun 13 2007 - 13:37:54 CDT)
- FLEA-2007-0021-2: madwifi (Wed Jun 06 2007 - 12:23:27 CDT)
Francisco Amato
- [ISR] :: Infobyte Security Research :: release (ISR-sqlget.pl) v1.0.0 (Mon Jun 25 2007 - 16:02:20 CDT)
Frank Berek
- Re: Having Fun With PostgreSQL (Mon Jun 18 2007 - 15:16:39 CDT)
Gadi Evron
- CFP: ISOI III (a DA workshop) (Mon Jun 25 2007 - 23:16:19 CDT)
Gavin Hanover
- Re: uTorrent overflow (Wed Jun 06 2007 - 18:51:16 CDT)
gelinuxbox.org
- Re: Windows Oday release (Wed Jun 13 2007 - 12:48:07 CDT)
- Re: Windows Oday release (Tue Jun 12 2007 - 15:21:56 CDT)
Gerhard Wagner
- SEC Consult SA-20070601-0 :: PHP chunk_split() integer overflow (Fri Jun 01 2007 - 09:19:15 CDT)
glafkosgmail.com
- WebStudio Multiple XSS Vulnerabilities (Mon Jun 04 2007 - 06:36:06 CDT)
glafkosinfosec.org.uk
- WmsCMS < = 2.0 Multiple XSS Vulnerabilities (Thu Jun 07 2007 - 10:39:12 CDT)
- Evenzia CMS XSS (Fri Jun 01 2007 - 11:58:16 CDT)
gmdarkfiggmail.com
- Pluxml 0.3.1 Remote Code Execution Exploit (Sun Jun 24 2007 - 10:08:05 CDT)
- Re: Re: PHP parse_str() arbitrary variable overwrite (Wed Jun 13 2007 - 10:27:01 CDT)
- PHP parse_str() arbitrary variable overwrite (Tue Jun 12 2007 - 08:56:38 CDT)
Goodfellas SRT
- [GOODFELLAS - VULN] hpqxml.dll 2.0.0.133 from HP Digital Imaging Arbitary Data Write. (Wed Jun 27 2007 - 15:27:57 CDT)
- [GOODFELLAS - VULN ] Avaxswf.dll v.1.0.0.1 from Avax Vector software ActiveX Arbitrary Data Write (Tue Jun 26 2007 - 15:03:50 CDT)
- [GOODFELLAS - VULN] BarCodeAx.dll v. 4.9 ActiveX Control Remote Stack Buffer Overflow (Sat Jun 23 2007 - 11:07:17 CDT)
H D Moore
- Re: CSIS Advisory: Microsoft GDI+ Integer division by zero flaw handling .ICO files (Thu Jun 07 2007 - 10:34:17 CDT)
h0tturkh0tturk.com
- CERN İmage Map Dispatcher (Sun Jun 03 2007 - 17:48:23 CDT)
- Dansie Cart Script Exploit Reported (Sun Jun 03 2007 - 17:50:52 CDT)
hack2prisonyahoo.com
- Singapore Gallery fullpath disclosure (Thu Jun 14 2007 - 08:15:07 CDT)
- ASP Folder Gallery Vulnerabilities (Wed Jun 06 2007 - 11:08:44 CDT)
HASEGAWA Yosuke
- MS07-034: Executing arbitrary script with mhtml: protocol handler (Thu Jun 21 2007 - 22:42:13 CDT)
Henri Lindberg - Louhi Networks Oy
- CheckPoint VPN-1 UTM Edge Cross Site Request Forgery vulnerability (Tue Jun 26 2007 - 20:01:32 CDT)
Hugo van der Kooij
- Re: Windows Oday release (Thu Jun 14 2007 - 17:05:03 CDT)
iantnetcplus.com
- Re: Buffer overflow in BusinessMail email server system 4.60.00 (Mon Jun 04 2007 - 09:32:32 CDT)
iDefense Labs
- iDefense Security Advisory 06.26.07: RealNetworks RealPlayer/HelixPlayer SMIL wallclock Stack Overflow Vulnerability (Tue Jun 26 2007 - 14:53:46 CDT)
- iDefense Security Advisory 06.26.07: Multiple Vendor Kerberos kadmind Rename Principal Buffer Overflow Vulnerability (Tue Jun 26 2007 - 13:46:14 CDT)
- iDefense Security Advisory 06.21.07: Ingres Database Multiple Heap Corruption Vulnerabilities (Thu Jun 21 2007 - 15:50:32 CDT)
- iDefense Security Advisory 06.18.07: Cerulean Studios Trillian UTF-8 Word Wrap Heap Overflow Vulnerability (Mon Jun 18 2007 - 16:36:26 CDT)
- iDefense Security Advisory 06.14.07: Apache MyFaces Tomahawk JSF Framework Cross-Site Scripting (XSS) Vulnerability (Thu Jun 14 2007 - 12:41:28 CDT)
- iDefense Security Advisory 06.13.07: Multiple Vendor libexif Integer Overflow Heap Corruption Vulnerability (Wed Jun 13 2007 - 10:59:55 CDT)
- iDefense Security Advisory 06.12.07: Microsoft License Manager and urlmon.dll COM Object Interaction Invalid Memory Access Vulnerability (Tue Jun 12 2007 - 16:33:02 CDT)
- iDefense Security Advisory 06.07.07: Linux Kernel cpuset tasks Information Disclosure Vulnerability (Fri Jun 08 2007 - 11:48:51 CDT)
- iDefense Security Advisory 06.05.07: Symantec Ghost Multiple Denial of Service Vulnerabilities (Wed Jun 06 2007 - 10:08:43 CDT)
- iDefense Security Advisory 06.01.07: Symantec VERITAS Storage Foundation Administration Service DoS Vulnerability (Fri Jun 01 2007 - 18:59:23 CDT)
ifxcupu.us
- iG Shop 1.4 eval Inclusion Vulnerability (Tue Jun 19 2007 - 01:49:54 CDT)
impriligmail.com
- LiteWEB 2.7 404 Denial of Services (Sat Jun 23 2007 - 14:51:56 CDT)
- KF Web Server 3.1.0 admin console XSS (Sat Jun 23 2007 - 14:18:37 CDT)
- SHTTPD V1.38 server source code disclosure (Sat Jun 23 2007 - 12:21:38 CDT)
- HTTP SERVER (httpsv1.6.2) 404 Denial of Service (Wed Jun 20 2007 - 19:55:16 CDT)
- MyServer-0.8.9 - xss in sample cgi page (Wed Jun 20 2007 - 19:47:08 CDT)
- MyServer-0.8.9 - source code disclosure (Wed Jun 20 2007 - 19:45:05 CDT)
- HTTP SERVER (httpsv1.6.2) source code disclosure (Wed Jun 20 2007 - 15:17:37 CDT)
infolucasvd.nl
- Re: LuckyBot v3 Remote File Include (Wed Jun 06 2007 - 10:29:18 CDT)
Ivan Almuina
- fusetalk CSS (autherror.cfm) (Wed Jun 20 2007 - 06:21:45 CDT)
- fusetalk CSS (comfinish.cfm) (Wed Jun 20 2007 - 06:32:09 CDT)
- fusetalk SQL (autherror.cfm) (Tue Jun 19 2007 - 07:38:29 CDT)
Ivan Buetler
- SAP Internet Communication Framework (BC-MID-ICF) Vulnerability (Wed Jun 27 2007 - 02:03:39 CDT)
- SAP Web Dynpro Java (BC-WD-JAV) Vulnerability (Wed Jun 27 2007 - 02:00:50 CDT)
James C. Slora Jr.
- RE: "run as" local denial-of-service enables administrative account processes to be killed (Tue Jun 26 2007 - 09:30:18 CDT)
James Downs
- Re: Sudo: local root compromise with krb5 enabled (Thu Jun 07 2007 - 12:13:46 CDT)
jantunesdi.fc.ul.pt
- MaraDNS denial of service vulnerabilities (Tue Jun 19 2007 - 08:00:28 CDT)
Jared DeMott
- Re: [Full-disclosure] Windows Oday release (Wed Jun 13 2007 - 12:41:42 CDT)
Jerome Athias
- [SecurInfos] PCSoft WinDEV .wdp Project File Handling Buffer Overflow (Thu Jun 28 2007 - 01:48:06 CDT)
Jim Geovedi
- BCS'07 Call For Papers (Mon Jun 04 2007 - 02:37:38 CDT)
Joanna Rutkowska
- Re: Windows Oday release (Wed Jun 13 2007 - 05:10:23 CDT)
John M. Martinelli
- Re: RedLevel Advisory #23 - SalesCart Shopping Cart SQL Injection Vulnerability (Thu Jun 14 2007 - 16:31:14 CDT)
John Smith
- Wordpress default theme XSS (admin) and other problems (Fri Jun 08 2007 - 08:15:38 CDT)
john-lindsayngssoftware.com
- Contact request - nVidia (Wed Jun 27 2007 - 11:38:07 CDT)
johnmartinelli.com
- Redlevel Advisory #025 - Vonage VoIP Telephone Adapter Default Misconfiguration (Sat Jun 02 2007 - 00:37:40 CDT)
johnnytalkerhotmail.com
- Comdev eCommerce 4.1 RFI Vulnerability (Sat Jun 02 2007 - 20:41:34 CDT)
- Comdev Web Blogger 4.1 RFI Vulnerability (Sat Jun 02 2007 - 20:42:39 CDT)
Jon Ribbens
- Re: RedLevel Advisory #23 - SalesCart Shopping Cart SQL Injection Vulnerability (Thu Jun 14 2007 - 18:27:29 CDT)
- Re: uTorrent overflow (Mon Jun 04 2007 - 18:23:16 CDT)
kanedabohater.net
- Re: New Include Redirect Bug XSS All vBulletin v 3.x.x (Thu Jun 21 2007 - 13:39:11 CDT)
Kees Cook
- [USN-479-1] MadWifi vulnerabilities (Fri Jun 29 2007 - 00:37:26 CDT)
- [USN-478-1] libexif vulnerability (Tue Jun 26 2007 - 19:10:18 CDT)
- [USN-477-1] krb5 vulnerabilities (Tue Jun 26 2007 - 19:01:44 CDT)
- [USN-476-1] redhat-cluster-suite vulnerability (Fri Jun 22 2007 - 13:22:56 CDT)
- [USN-475-1] evolution-data-server vulnerability (Thu Jun 21 2007 - 18:52:28 CDT)
- [USN-474-1] xscreensaver vulnerability (Tue Jun 12 2007 - 18:33:57 CDT)
- [USN-473-1] libgd2 vulnerabilities (Mon Jun 11 2007 - 19:44:35 CDT)
- [USN-472-1] libpng vulnerability (Mon Jun 11 2007 - 19:43:10 CDT)
- [USN-471-1] libexif vulnerability (Mon Jun 11 2007 - 17:22:22 CDT)
- [USN-439-2] file vulnerability (Mon Jun 11 2007 - 17:20:16 CDT)
- [USN-470-1] Linux kernel vulnerabilities (Fri Jun 08 2007 - 17:32:34 CDT)
- [USN-469-1] Thunderbird vulnerabilities (Wed Jun 06 2007 - 00:25:24 CDT)
- [USN-468-1] Firefox vulnerabilities (Fri Jun 01 2007 - 16:47:37 CDT)
Ken Raeburn
- Re: Sudo: local root compromise with krb5 enabled (Fri Jun 15 2007 - 13:36:11 CDT)
- Re: Sudo: local root compromise with krb5 enabled (Mon Jun 11 2007 - 17:52:11 CDT)
kraszagmail.com
- Local File Include Vulnerabilities in YaBB <= 2.1(all version) (Tue Jun 19 2007 - 08:26:48 CDT)
Kyle Wheeler
- Re: Sudo: local root compromise with krb5 enabled (Thu Jun 14 2007 - 10:00:55 CDT)
Larry Seltzer
- RE: [Full-disclosure] Apple Safari: idn urlbar spoofing (Mon Jun 25 2007 - 16:15:22 CDT)
- RE: [Full-disclosure] Safari for Windows,0day URL protocol handler command injection (Tue Jun 12 2007 - 08:19:54 CDT)
laurent.gaffiegmail.com
- phpTrafficA < 1.4.2 (Sun Jun 24 2007 - 12:56:56 CDT)
- eNdonesia 8.4 [multiple injection sql] (Fri Jun 22 2007 - 11:24:52 CDT)
- NetClassifieds [multiple vulnerabilities] (Thu Jun 21 2007 - 14:21:35 CDT)
leokkxi.com
- Re: [PLESK 7.5 Reload] & [PLESK 7.6 for MS Windows] path passing and disclosure vulnerability (Sat Jun 02 2007 - 23:37:08 CDT)
lscalima.serapis.net
- Maran Blog XSS vulnerability (Sun Jun 10 2007 - 04:24:28 CDT)
- Atom PhotoBlog v1.0.9 XSS vulnerability (Thu Jun 07 2007 - 05:34:28 CDT)
- Light Blog 4.1 XSS Vulnerability (Wed Jun 06 2007 - 14:21:20 CDT)
- My Datebook SQL Injection + XSS (Mon Jun 04 2007 - 13:14:12 CDT)
luxsimian.ca
- Re: Sitellite cms <= 4.2.12 RFI Vuln (Tue Jun 19 2007 - 00:09:32 CDT)
maiosyetmawk.org
- Webif.cgi local file inclusion (Mon Jun 18 2007 - 09:10:55 CDT)
Mark Senior
- Re: [Full-disclosure] Apple Safari: urlbar/window title spoofing (Fri Jun 15 2007 - 09:07:39 CDT)
- Re: Sudo: local root compromise with krb5 enabled (Thu Jun 07 2007 - 14:55:52 CDT)
Mark Thomas
- [CVE-2007-1358] Apache Tomcat XSS vulnerability in Accept-Language header processing (Mon Jun 18 2007 - 18:30:20 CDT)
- [CVE-2007-2449] Apache Tomcat XSS vulnerabilities in the JSP examples (Wed Jun 13 2007 - 21:24:09 CDT)
- [CVE-2007-2450]: Apache Tomcat XSS vulnerability in Manager (Wed Jun 13 2007 - 21:26:44 CDT)
Martin Schulze
- [SECURITY] [DSA 1307-1] New OpenOffice.org packages fix arbitrary code execution (Tue Jun 12 2007 - 13:10:47 CDT)
Matousec - Transparent security Research
- Kaspersky Multiple insufficient argument validation of hooked SSDT function Vulnerability (Fri Jun 15 2007 - 03:15:06 CDT)
- Outpost Enforcing system reboot with 'outpost_ipc_hdr' mutex Vulnerability (Fri Jun 01 2007 - 12:37:09 CDT)
Matteo Carli
- Persistent cross-site scripting in wordpress.com dashboard (Tue Jun 19 2007 - 11:23:59 CDT)
MC Iglo
- static XSS / SQL-Injection in Omegasoft Insel (Fri Jun 01 2007 - 06:45:32 CDT)
Michal Zalewski
- Re: [Full-disclosure] Apple Safari: idn urlbar spoofing (Mon Jun 25 2007 - 16:22:34 CDT)
- Re: [Full-disclosure] Apple Safari: cookie stealing (Wed Jun 13 2007 - 09:46:59 CDT)
- Assorted browser vulnerabilities (Mon Jun 04 2007 - 06:02:40 CDT)
Moritz Muehlenhoff
- [SECURITY] [DSA 1325-1] New evolution packages fix arbitrary code execution (Fri Jun 29 2007 - 10:06:48 CDT)
- [SECURITY] [DSA 1323-1] New krb5 packages fix several vulnerabilities (Thu Jun 28 2007 - 15:13:18 CDT)
- [SECURITY] [DSA 1322-1] New wireshark packages fix denial of service (Wed Jun 27 2007 - 15:57:25 CDT)
- [SECURITY] [DSA 1320-1] New clamav packages fix several vulnerabilities (Sat Jun 23 2007 - 05:57:02 CDT)
- [SECURITY] [DSA 1321-1] New evolution-data-server packages fix arbitrary code execution (Sat Jun 23 2007 - 07:49:54 CDT)
- [SECURITY] [DSA 1319-1] New maradns packages fix denial of service (Sat Jun 23 2007 - 04:54:46 CDT)
- [SECURITY] [DSA 1318-1] New ekg packages fix denial of service (Fri Jun 22 2007 - 16:39:23 CDT)
- [SECURITY] [DSA 1315-1] New libphp-phpmailer packages fix arbitrary shell command execution (Tue Jun 19 2007 - 15:35:39 CDT)
- [SECURITY] [DSA 1314-1] New open-iscsi packages fix several vulnerabilities (Tue Jun 19 2007 - 14:51:02 CDT)
- [SECURITY] [DSA 1313-1] New MPlayer packages fix arbitrary code execution (Tue Jun 19 2007 - 12:45:11 CDT)
- [SECURITY] [DSA 1312-1] New libapache-mod-jk packages fix information disclosure (Sun Jun 17 2007 - 18:26:28 CDT)
- [SECURITY] [DSA 1311-1] New PostgreSQL 7.4 packages fix privilege escalation (Sun Jun 17 2007 - 18:23:17 CDT)
- [SECURITY] [DSA 1309-1] New PostgreSQL 8.1 packages fix privilege escalation (Sat Jun 16 2007 - 16:34:45 CDT)
- [SECURITY] [DSA 1308-1] New iceweasel packages fix several vulnerabilities (Thu Jun 14 2007 - 12:22:37 CDT)
- [SECURITY] [DSA 1305-1] New icedove packages fix several vulnerabilities (Wed Jun 13 2007 - 12:34:11 CDT)
- [SECURITY] [DSA 1306-1] New xulrunner packages fix several vulnerabilities (Tue Jun 12 2007 - 10:57:27 CDT)
- [SECURITY] [DSA 1300-1] New iceape packages fix several vulnerabilities (Thu Jun 07 2007 - 15:16:43 CDT)
- [SECURITY] [DSA 1291-4] New samba packages fix regression (Mon Jun 04 2007 - 14:37:12 CDT)
motokochansimplemachines.org
- Re: Re: [MajorSecurity Advisory #47]Simple Machines Forum (SMF) - Session fixation Issue (Mon Jun 25 2007 - 01:33:01 CDT)
mpegfreeshells.ch
- 2007-06-03: PeerCast streaming server submits cleartext password (Sun Jun 03 2007 - 20:29:27 CDT)
NGSSoftware Insight Security Research
- Ingres wakeup setuid(ingres) file truncation (Mon Jun 25 2007 - 04:41:10 CDT)
- Ingres stack overflow in uuid_from_char function (Mon Jun 25 2007 - 04:35:42 CDT)
- Ingres Unauthenticated Pointer Overwrite 1 (Mon Jun 25 2007 - 04:30:51 CDT)
- Ingres verifydb local stack overflow (Mon Jun 25 2007 - 04:38:58 CDT)
- Ingres Unauthenticated Pointer Overwrite 2 (Mon Jun 25 2007 - 04:33:33 CDT)
- High risk vulnerability in OpenOffice RTF parser (Wed Jun 13 2007 - 12:15:50 CDT)
Nico Leidecker
- Papoo CMS 3.6 - Access Restriction Bypass (Sun Jun 24 2007 - 11:22:03 CDT)
- Papoo CMS 3.6 - SQL Injection (Sun Jun 24 2007 - 11:20:59 CDT)
- Having Fun With PostgreSQL (Sat Jun 16 2007 - 12:11:47 CDT)
- Papoo CMS - Multiple Cross Site Scripting (Fri Jun 15 2007 - 14:26:25 CDT)
- Elxis CMS <= 2006.4 - banner module - sql injection (Thu Jun 14 2007 - 13:07:00 CDT)
Niels Provos
- SpyBye 0.3 released (Sat Jun 09 2007 - 21:51:21 CDT)
nnposterdisclosed.not
- WinPT User ID Spoofing Vulnerability (Mon Jun 11 2007 - 09:01:03 CDT)
- Packeteer PacketShaper Web Management Denial of Service (Fri Jun 08 2007 - 08:30:24 CDT)
no-replyhessamx.net
- IE 6/Microsoft Html Popup Window (mshtml.dll) DoS (Wed Jun 06 2007 - 07:40:10 CDT)
no-replyyahoo.com
- IE 6 / MS Office Outlook Express Address Book Activex DoS (Wed Jun 06 2007 - 07:47:42 CDT)
no-spamprivacy.com
- Re: Re: PHPMyDesk Beta Release 1.0b ==> RFI (Fri Jun 22 2007 - 20:00:58 CDT)
Noah Meyerhans
- [SECURITY] [DSA 1301-1] New Gimp packages fix arbitrary code execution (Sat Jun 09 2007 - 12:09:42 CDT)
nobodydomain.com
- Re: [MajorSecurity Advisory #47]Simple Machines Forum (SMF) - Session fixation Issue (Thu Jun 14 2007 - 16:05:55 CDT)
Oliver Goebel
- RUS-CERT 2007-06:01 (1380): Insecure Defaults in A-L OmniPCX 7.0 (Thu Jun 07 2007 - 05:54:27 CDT)
OpenPKG GmbH
- [OpenPKG-SA-2007.021] OpenPKG Security Advisory (wordpress) (Fri Jun 08 2007 - 10:57:02 CDT)
- [OpenPKG-SA-2007.020] OpenPKG Security Advisory (php) (Fri Jun 01 2007 - 07:11:30 CDT)
Paul Böhm
- Second Call for Papers: DeepSec IDSC 2007 Europe/Vienna: 20-23 Nov 2007 (Thu Jun 07 2007 - 20:54:49 CDT)
Pavel Konov
- Re: uTorrent overflow (Wed Jun 06 2007 - 17:57:57 CDT)
Piotr Bania
- Disinfectors for the calculator virus (ti89.Gaara) (Sun Jun 03 2007 - 03:36:06 CDT)
pito pito
- PBSite - PHP Bulletin Site | CMS ====> RFI (Sat Jun 02 2007 - 06:17:12 CDT)
- Prototype of an PHP application ===> RFI (Fri Jun 01 2007 - 07:26:19 CDT)
- PBSite - PHP Bulletin Site | CMS ====> RFI (Fri Jun 01 2007 - 07:25:22 CDT)
- phpreactor <===1.2.7 remote file include (Fri Jun 01 2007 - 07:26:56 CDT)
pixy-noreplyseclab.tuwien.ac.at
- Pixy - An Open-Source Vulnerability Scanner for PHP Applications (Wed Jun 20 2007 - 04:14:12 CDT)
RaeDBsdMail.Com
- SQL Injection In Script VBZooM V1.12 (Fri Jun 29 2007 - 02:36:10 CDT)
- RFI In Script SH-News 3.1 (Thu Jun 14 2007 - 15:48:20 CDT)
- ByPass In PortalApp (Thu Jun 14 2007 - 15:53:36 CDT)
- Z-Blog 1.7 Authentication Bypass Database Download Vulnerability (Fri Jun 01 2007 - 06:19:38 CDT)
Raphael Marichez
- [ GLSA 200706-08 ] emul-linux-x86-java: Multiple vulnerabilities (Tue Jun 26 2007 - 16:12:29 CDT)
- [ GLSA 200706-09 ] libexif: Buffer overflow (Tue Jun 26 2007 - 16:22:02 CDT)
- [ GLSA 200706-07 ] PHProjekt: Multiple vulnerabilities (Tue Jun 19 2007 - 16:59:17 CDT)
- [ GLSA 200706-06 ] Mozilla products: Multiple vulnerabilities (Tue Jun 19 2007 - 16:03:55 CDT)
- [ GLSA 200706-05 ] ClamAV: Multiple Denials of Service (Fri Jun 15 2007 - 11:35:10 CDT)
- [ GLSA 200706-04 ] MadWifi: Multiple vulnerabilities (Mon Jun 11 2007 - 16:31:29 CDT)
- [ GLSA 200706-02 ] Evolution: User-assisted execution of arbitrary code (Wed Jun 06 2007 - 15:43:33 CDT)
- [ GLSA 200706-03 ] ELinks: User-assisted execution of arbitrary code (Wed Jun 06 2007 - 15:57:23 CDT)
- [ GLSA 200706-01 ] libexif: Integer overflow vulnerability (Tue Jun 05 2007 - 13:58:32 CDT)
Ray Stell
- Re: Having Fun With PostgreSQL (Mon Jun 18 2007 - 07:56:56 CDT)
researchsymantec.com
- SYMSA-2007-004: Multiple Vulnerabilities in Xythos Server Products (Fri Jun 22 2007 - 13:06:27 CDT)
Richard Moore
- Safari XMLHttpRequest HTTP header injection (Mon Jun 25 2007 - 06:03:18 CDT)
rmcalima.serapis.net
- fuzzylime (forum) XSS (Mon Jun 18 2007 - 09:34:23 CDT)
- PHP hosting Biller (Mon Jun 18 2007 - 08:13:23 CDT)
Robert Swiecki
- Re: Apple Safari: idn urlbar spoofing (Wed Jun 27 2007 - 04:27:40 CDT)
- Re: Apple Safari: idn urlbar spoofing (Mon Jun 25 2007 - 15:33:19 CDT)
- Re: [Full-disclosure] Apple Safari: urlbar/window title spoofing (Thu Jun 14 2007 - 18:31:39 CDT)
- Apple Safari: cookie stealing (Wed Jun 13 2007 - 05:34:42 CDT)
rPath Update Announcements
- rPSA-2007-0136-1 httpd mod_ssl (Wed Jun 27 2007 - 16:32:41 CDT)
- rPSA-2007-0135-1 krb5 krb5-server krb5-services krb5-test krb5-workstation (Wed Jun 27 2007 - 15:18:20 CDT)
- rPSA-2007-0133-1 emacs emacs-leim (Mon Jun 25 2007 - 19:44:48 CDT)
- rPSA-2007-0131-1 libexif (Mon Jun 25 2007 - 11:10:39 CDT)
- rPSA-2007-0127-1 fetchmail (Tue Jun 19 2007 - 10:49:53 CDT)
- rPSA-2007-0122-1 evolution-data-server (Thu Jun 14 2007 - 19:51:51 CDT)
- rPSA-2007-0126-1 util-linux (Fri Jun 15 2007 - 09:37:51 CDT)
- rPSA-2007-0124-1 kernel xen (Thu Jun 14 2007 - 19:56:06 CDT)
- rPSA-2007-0123-1 squirrelmail (Thu Jun 14 2007 - 19:52:11 CDT)
- rPSA-2007-0119-1 spamassassin (Wed Jun 13 2007 - 16:28:12 CDT)
- rPSA-2007-0117-1 gd php php-mysql php-pgsql (Thu Jun 07 2007 - 17:27:24 CDT)
- rPSA-2007-0115-1 libexif (Mon Jun 04 2007 - 16:41:39 CDT)
- rPSA-2007-0114-1 mutt (Mon Jun 04 2007 - 16:41:14 CDT)
Ryan's spam address
- Recent OpenSSL exploits (Sat Jun 02 2007 - 16:18:32 CDT)
s0cratexhotmail.com
- Comicsense SQL Injection Advisory/Exploit (Tue Jun 05 2007 - 12:21:53 CDT)
S21sec Labs
- S21Sec-035: F5 FirePass command execution vulnerability (Mon Jun 04 2007 - 04:22:48 CDT)
scott-REMOTE-vbulletin.com
- Re: Re: New Include Redirect Bug XSS All vBulletin v 3.x.x (Fri Jun 22 2007 - 06:32:23 CDT)
scott-REMOVE-vbulletin.com
- Re: Re: New Include Redirect Bug XSS All vBulletin(r) v 3.x.x (Fri Jun 22 2007 - 05:30:09 CDT)
- Re: New post Topic Hijacking XSS All vBulletin v 3.x.x (2) (Thu Jun 21 2007 - 10:10:03 CDT)
- Re: New Include Redirect Bug XSS All vBulletin v 3.x.x (Thu Jun 21 2007 - 10:09:46 CDT)
Secunia Research
- Secunia Research: KVIrc irc:// URI Handler Command Execution Vulnerability (Thu Jun 28 2007 - 08:19:18 CDT)
- Secunia Research: Symantec Mail Security for SMTP Boundary Errors (Thu Jun 28 2007 - 08:17:09 CDT)
securesymantec.com
- SYM07-011 Symantec Reporting Server password disclosure (Tue Jun 05 2007 - 14:16:07 CDT)
- SYM07-012 Symantec Reporting Server elevation of privilege (Tue Jun 05 2007 - 14:27:37 CDT)
- SYM07-009,Symantec Storage Foundation for Windows Volume Manager: Authentication Bypass and Potential Code Execution in Scheduler Service (Mon Jun 04 2007 - 11:00:28 CDT)
security-alerthp.com
- [security bulletin] HPSBTU02232 SSRT071429 rev.1 - Secure Web Server for HP Tru64 UNIX Powered by Apache (SWS) or HP Internet Express for Tru64 UNIX running PHP, Remote Arbitrary Code Execution, Unauthorized Disclosure of Information, or Denial of Service (DoS) (Thu Jun 28 2007 - 09:28:21 CDT)
- HPSBTU02207 SSRT061239 rev.2 - HP Tru64 UNIX OpenSSL and BIND Remote Arbitrary Code Execution or Denial of Service (DoS) (Wed Jun 27 2007 - 08:04:39 CDT)
- [security bulletin] HPSBUX02225 SSRT071295 rev.1 - HP-UX Running Xserver, Local Denial of Service (DoS) (Mon Jun 25 2007 - 08:01:05 CDT)
- HPSBST02231 SSRT071438 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS07-030 to MS07-035 (Thu Jun 21 2007 - 14:28:25 CDT)
- [security bulletin] HPSBGN02199 SSRT071312 rev.3 - Mercury Quality Center ActiveX, Remote Unauthorized Arbitrary Code Executio (Thu Jun 21 2007 - 14:27:26 CDT)
- [security bulletin] HPSBTU02218 SSRT071424 rev.1 - HP Tru64 UNIX Internet Express running Samba, Remote Arbitrary Code Execution or Local Unauthorized Privilege Elevation (Wed Jun 20 2007 - 13:48:20 CDT)
- [security bulletin] HPSBPI02226 SSRT061274 rev.1 - HP Help and Support Center Running on HP Notebook Computers Running with Windows XP, Remote Unauthorized Access (Wed Jun 20 2007 - 13:47:25 CDT)
- [security bulletin] HPSBMA02224 SSRT071334 rev.1 - HP System Management Homepage (SMH) for Linux, Remote Privileged Access (Mon Jun 18 2007 - 08:01:36 CDT)
- [security bulletin] HPSBUX02219 SSRT061273 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS) (Tue Jun 12 2007 - 13:40:07 CDT)
- [security bulletin] HPSBUX02218 SSRT071424 rev.1 - HP-UX running CIFS Server (Samba), Remote Arbitrary Code Execution (Tue Jun 05 2007 - 13:52:49 CDT)
- [security bulletin] HPSBUX02217 SSRT071337 rev.2 - HP-UX running Kerberos, Remote Arbitrary Code Execution (Tue Jun 05 2007 - 06:57:29 CDT)
securitymandriva.com
- [ MDKSA-2007:136 ] - Updated evolution packages fix vulnerability (Tue Jun 26 2007 - 17:27:44 CDT)
- [ MDKSA-2007:137 ] - Updated krb5 packages fix vulnerabilities (Tue Jun 26 2007 - 22:34:58 CDT)
- [ MDKSA-2007:135 ] - Updated webmin packages fix XSS vulnerability (Fri Jun 22 2007 - 18:37:55 CDT)
- [ MDKSA-2007:134 ] - Updated xfsdump packages fix unsafe temporary directory creation issue (Thu Jun 21 2007 - 18:58:30 CDT)
- [ MDKSA-2007:133 ] - Updated emacs packages fix DoS vulnerability (Thu Jun 21 2007 - 17:21:24 CDT)
- [ MDKSA-2007:132 ] - Updated madwifi-source, wpa_supplicant packages fix vulnerabilities (Thu Jun 21 2007 - 14:03:01 CDT)
- [ MDKSA-2007:131 ] - Updated Thunderbird packages fix multiple vulnerabilities (Wed Jun 20 2007 - 20:55:19 CDT)
- [ MDKSA-2007:130 ] - Updated proftpd packages fix authentication bypass vulnerability (Wed Jun 20 2007 - 20:45:28 CDT)
- [ MDKSA-2007:128 ] - Updated libexif packages fix integer overflow flaw (Tue Jun 19 2007 - 19:21:33 CDT)
- [ MDKSA-2007:129 ] - Updated jasper packages fix vulnerability (Tue Jun 19 2007 - 20:42:30 CDT)
- [ MDKSA-2007:127 ] - Updated apache packages fix mod_mem_cache issue (Tue Jun 19 2007 - 18:50:14 CDT)
- [ MDKSA-2007:126-1 ] - Updated Firefox packages fix multiple vulnerabilities (Sat Jun 16 2007 - 18:08:16 CDT)
- [ MDKSA-2007:126 ] - Updated Firefox packages fix multiple vulnerabilities (Fri Jun 15 2007 - 16:53:22 CDT)
- [ MDKSA-2007:125 ] - Updated spamassassin packages fix possible DoS condition (Thu Jun 14 2007 - 15:23:18 CDT)
- [ MDKSA-2007:124 ] - Updated tetex packages fix vulnerability (Wed Jun 13 2007 - 21:33:20 CDT)
- [ MDKSA-2007:122 ] - Updated gd packages fix vulnerability (Wed Jun 13 2007 - 20:46:25 CDT)
- [ MDKSA-2007:123 ] - Updated libwmf packages fix vulnerability (Wed Jun 13 2007 - 20:55:23 CDT)
- [ MDKSA-2007:121 ] - Updated freetype2 packages fix integer overflow vulnerability (Wed Jun 13 2007 - 20:24:07 CDT)
- [ MDKSA-2007:120 ] - Updated Firefox packages fix multiple vulnerabilities (Tue Jun 12 2007 - 15:06:22 CDT)
- [ MDKSA-2007:119 ] - Updated Thunderbird packages fix multiple vulnerabilities (Tue Jun 12 2007 - 13:11:17 CDT)
- [ MDKSA-2007:118 ] - Updated libexif packages fix crash and possible arbitrary code execution issue (Fri Jun 08 2007 - 16:22:07 CDT)
- [ MDKSA-2007:117 ] - Updated lha packages fix unsafe temporary files creation issue (Wed Jun 06 2007 - 00:23:43 CDT)
- [ MDKSA-2007:116 ] - Updated libpng packages fix vulnerability (Tue Jun 05 2007 - 18:13:42 CDT)
- [ MDKSA-2007:114 ] - Updated file packages fix vulnerabilities (Tue Jun 05 2007 - 18:07:11 CDT)
- [ MDKSA-2007:111 ] - Updated util-linux packages address login access policies bypassing issue (Mon Jun 04 2007 - 17:00:35 CDT)
- [ MDKSA-2007:112 ] - Updated mplayer packages fix buffer overflow vulnerability (Mon Jun 04 2007 - 17:09:55 CDT)
- [ MDKSA-2007:115 ] - Updated clamav packages fix vulnerabilities (Mon Jun 04 2007 - 20:07:23 CDT)
- [ MDKSA-2007:113 ] - Updated mutt packages fix vulnerabilities (Mon Jun 04 2007 - 17:51:51 CDT)
- [ MDKSA-2007:110 ] - Updated php-pear packages fix directory traversal vulnerability (Mon Jun 04 2007 - 16:51:18 CDT)
securitynruns.com
- n.runs-SA-2007.015 - F-Secure Antivirus FSG packed files parsing Infinite Loop Advisory (Mon Jun 04 2007 - 11:55:52 CDT)
- n.runs-SA-2007.014 - F-Secure Antivirus ARJ parsing Infinite Loop Advisory (Mon Jun 04 2007 - 11:52:21 CDT)
- n.runs-SA-2007.013 - F-Secure Antivirus LZH parsing BufferOverflow Advisory (Fri Jun 01 2007 - 11:37:10 CDT)
securityresearchnetvigilance.com
- eTicket version 1.5.5 XSS Attack Vulnerability (Wed Jun 27 2007 - 16:04:24 CDT)
- eTicket version 1.5.5 Path Disclosure Vulnerability (Wed Jun 27 2007 - 16:04:15 CDT)
- Calendarix version 0.7. 20070307 Multiple SQL Injection Vulnerabilities (Mon Jun 25 2007 - 11:20:53 CDT)
- MyNews version 0.10 SQL Injection Vulnerability (Mon Jun 25 2007 - 11:18:03 CDT)
- Calendarix version 0.7. 20070307 Multiple Path Disclosure Vulnerabilities (Mon Jun 25 2007 - 11:20:30 CDT)
- Calendarix version 0.7. 20070307 Multiple XSS Attacks (Mon Jun 25 2007 - 11:24:59 CDT)
- Calendarix version 0.7. 20070307 Multiple Path Disclosure Vulnerabilities (Mon Jun 25 2007 - 11:18:25 CDT)
- WSPortal version 1.0 SQL Injection Vulnerability (Sun Jun 17 2007 - 14:19:23 CDT)
- Utopia News Pro version 1.4.0 XSS Attack Vulnerability (Sun Jun 17 2007 - 14:19:34 CDT)
- WSPortal version 1.0 Path Disclosure Vulnerability (Sun Jun 17 2007 - 14:19:09 CDT)
sfhm2k.org
- Re: eTicket version 1.5.5 XSS Attack Vulnerability (Fri Jun 29 2007 - 04:56:41 CDT)
spymasterspykod.net
- Webwiz vulnerable (Sun Jun 10 2007 - 19:43:01 CDT)
spymetayahoo.com
- All Of the Mambo & Joomla Script Remote File Inclussion Bugs.. (Fri Jun 22 2007 - 04:36:26 CDT)
Steve Kemp
- [SECURITY] [DSA 1324-1] New hiki packages fix missing input sanitising (Thu Jun 28 2007 - 16:04:32 CDT)
- [SECURITY] [DSA 1317-1] New tinymux packages fix buffer overflow (Fri Jun 22 2007 - 20:10:24 CDT)
- [SECURITY] [DSA 1316-1] New emacs21 packages fix denial of service (Thu Jun 21 2007 - 07:56:55 CDT)
- [SECURITY] [DSA 1310-1] New libexif packages fix integer overflow (Sat Jun 16 2007 - 18:24:15 CDT)
- [SECURITY] [DSA 1309-1] New libexif packages fix integer overflow (Sat Jun 16 2007 - 18:23:43 CDT)
- [SECURITY] [DSA 1303-1] New lighttpd packages fix denial of service (Sun Jun 10 2007 - 08:21:23 CDT)
- [SECURITY] [DSA 1302-1] New freetype packages fix integer overflow (Sun Jun 10 2007 - 08:48:40 CDT)
Steve Tornio
- Re: Buffer overflow in BusinessMail email server system 4.60.00 (Mon Jun 04 2007 - 11:22:43 CDT)
Steven M. Christey
- Re: New Include Redirect Bug XSS All vBulletin(r) v 3.x.x (Thu Jun 21 2007 - 15:21:15 CDT)
- Re: Windows Oday release (Wed Jun 13 2007 - 12:03:36 CDT)
- Re: PHP parse_str() arbitrary variable overwrite (Tue Jun 12 2007 - 18:53:37 CDT)
- Re: Dansie Cart Script Exploit Reported (Tue Jun 05 2007 - 20:33:06 CDT)
stormhackerhotmail.com
- New Include Redirect Bug XSS All vBulletin v 3.x.x (Wed Jun 20 2007 - 08:37:48 CDT)
- New post Topic Hijacking XSS All vBulletin v 3.x.x (2) (Wed Jun 20 2007 - 08:54:07 CDT)
- vSupport Integrated Ticket System 3.*.* SQL injection (Sat Jun 09 2007 - 09:33:40 CDT)
str0ke
- Re: MyEvent1.6 (template.php) Remote File Inclusion Vulnerability (Sat Jun 02 2007 - 11:17:09 CDT)
supportkeyfocus.net
- Re: KF Web Server 3.1.0 admin console XSS (Tue Jun 26 2007 - 08:26:10 CDT)
suresyncgmail.com
- Re: Re: Progress Webspeed exploit for all releases (Fri Jun 29 2007 - 16:51:26 CDT)
- Openedge _mprosrv buffer overflow (Wed Jun 27 2007 - 05:14:13 CDT)
the.tiger100gmail.com
- Re: myBloggie 2.1.5 Remote File Include (Sun Jun 10 2007 - 01:08:27 CDT)
- Re: PHPMyDesk Beta Release 1.0b ==> RFI (Sun Jun 10 2007 - 00:59:19 CDT)
Thomas Lim
- Windows Oday release (Tue Jun 12 2007 - 13:58:24 CDT)
Thor Lancelot Simon
- Sudo: local root compromise with krb5 enabled (Wed Jun 06 2007 - 20:57:25 CDT)
- MIT krb5: makes sudo authentication issue MUCH worse. (Wed Jun 06 2007 - 22:37:37 CDT)
- Re: Sudo: local root compromise with krb5 enabled (Wed Jun 06 2007 - 22:19:01 CDT)
Thor Larholm
- Safari for Windows, 0day URL protocol handler command injection (Mon Jun 11 2007 - 20:45:54 CDT)
- PHPMailer command execution (Mon Jun 11 2007 - 12:46:16 CDT)
- Unpatched input validation flaw in Firefox 2.0.0.4 (Mon Jun 04 2007 - 14:42:05 CDT)
Tim Brown
- Serious holes affecting JFFNMS (Sun Jun 10 2007 - 14:53:41 CDT)
titanichacker titanichacker
- PHPMyDesk Beta Release 1.0b ==> RFI (Thu Jun 07 2007 - 17:22:01 CDT)
- Zen Help Desk ==> Version 2.1 Bypass/ (Thu Jun 07 2007 - 16:12:31 CDT)
- phpWebThings ==>1.5.2 RFI (Thu Jun 07 2007 - 13:18:49 CDT)
Todd C. Miller
- Re: Sudo: local root compromise with krb5 enabled (Thu Jun 07 2007 - 15:05:42 CDT)
Tom Yu
- MITKRB5-SA-2007-005: kadmind vulnerable to buffer overflow (Tue Jun 26 2007 - 13:01:56 CDT)
- MITKRB5-SA-2007-004: kadmind multiple RPC lib vulnerabilities (Tue Jun 26 2007 - 13:01:54 CDT)
Trent Waddington
- jumping sudo using ptrace on Linux/i386 (Fri Jun 01 2007 - 20:08:32 CDT)
Trustix Security Advisor
- TSLSA-2007-0021 - kerberos5 (Fri Jun 29 2007 - 07:08:59 CDT)
- TSLSA-2007-0020 - clamav (Fri Jun 08 2007 - 03:40:38 CDT)
TSRT3com.com
- TPTI-07-09: Macrovision FLEXnet boisweb.dll ActiveX Control Buffer Overflow Vulnerability (Mon Jun 04 2007 - 19:50:01 CDT)
- TPTI-07-10: Centennial Software XferWan.exe Stack Overflow Vulnerability (Mon Jun 04 2007 - 19:50:05 CDT)
- TPTI-07-08: Symantec Veritas Storage Foundation Scheduler Service Authentication Bypass Vulnerability (Mon Jun 04 2007 - 19:49:57 CDT)
underwateritdefence.ru
- WheatBlog 1.1 RFI/SQL Injection (Sat Jun 30 2007 - 09:52:04 CDT)
USprotteweb.de
- Juniper SBR V 6.0.1 CRL-Checking problem (Wed Jun 27 2007 - 13:56:29 CDT)
vagrant - e-hack.org
- Linker index.php - Cross-Site Scripting Vulnerability (Sat Jun 02 2007 - 01:01:20 CDT)
Warner Moore
- RE: bugtraq submission (Mon Jun 04 2007 - 08:10:50 CDT)
web-apphotmail.com
- Menu Manager Mod for WebAPP - No Input Filtering (Tue Jun 12 2007 - 15:52:45 CDT)
webappweb-app.org
- Re: Menu Manager Mod for WebAPP - No Input Filtering (Mon Jun 18 2007 - 02:01:36 CDT)
Williams, James K
- [CAID 35450, 35451, 35452, 35453]: CA Products That Embed Ingres Multiple Vulnerabilities (Fri Jun 22 2007 - 09:00:40 CDT)
- [CAID 35395, 35396]: CA Anti-Virus Engine CAB File Buffer Overflow Vulnerabilities (Thu Jun 07 2007 - 10:43:02 CDT)
wwwhtp.cc
- Re: Monkey CMS v0.0.3 Remote File Include Vulnerabilitiy (Thu Jun 07 2007 - 03:23:19 CDT)
xx_hack_xx_2004hotmail.com
- Full Path Disclosure in SendCard (Thu May 31 2007 - 18:22:41 CDT)
yasergencturk.net
- myBloggie 2.1.5 Remote File Include (Sat Jun 09 2007 - 12:08:39 CDT)
- MyEvent1.6 (template.php) Remote File Inclusion Vulnerability (Sat Jun 02 2007 - 02:07:53 CDT)
zdi-disclosures3com.com
- ZDI-07-038: Microsoft Internet Explorer Prototype Dereference Code Execution Vulnerability (Tue Jun 12 2007 - 15:37:13 CDT)
- ZDI-07-037: Microsoft Internet Explorer Language Pack Installation Remote Code Execution Vulnerability (Tue Jun 12 2007 - 15:37:02 CDT)
- ZDI-07-036: Arris Cadant C3 CMTS Remote DoS Vulnerability (Tue Jun 12 2007 - 12:26:16 CDT)
- ZDI-07-034: CA Multiple Product AV Engine CAB Filename Parsing Stack Overflow Vulnerability (Tue Jun 05 2007 - 14:48:37 CDT)
- ZDI-07-035: CA Multiple Product AV Engine CAB Header Parsing Stack Overflow Vulnerability (Tue Jun 05 2007 - 14:48:42 CDT)

Last message date: Sat Jun 30 2007 - 12:15:59 CDT
Archived on: Sat Jun 30 2007 - 12:15:59 CDT

375 messages sorted by: [ date ] [ thread ] [ subject ]