NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 2007-11

Most recent messages
440 messages sorted by: [ author ] [ thread ] [ subject ]

Starting: Thu Nov 01 2007 - 10:29:14 CDT
Ending: Fri Nov 30 2007 - 17:30:45 CST

ZDI-07-058: Oracle E-Business Suite SQL Injection Vulnerability zdi-disclosures3com.com (Wed Oct 31 2007 - 18:13:34 CDT)
Synergiser <= 1.2 RC1 Local File Inclusion & Full path disclosure kingoftheworld92fastwebnet.it (Thu Nov 01 2007 - 07:59:25 CDT)
Re: Comments re ISC's announcement on bind9 security Henrik Langos (Thu Nov 01 2007 - 07:17:40 CDT)
ZDI-07-059: Verity KeyView SDK Multiple File Format Parsing Vulnerabilities zdi-disclosures3com.com (Wed Oct 31 2007 - 18:13:45 CDT)
sBlog 0.7.3 Beta Cross Site Request Forgery Guns0x90.com.ar (Thu Nov 01 2007 - 10:39:44 CDT)
CFP: International workshop on Secure Software Engineering - Deadline extended! secse08gmail.com (Thu Nov 01 2007 - 09:16:37 CDT)
ZDI-07-061: RealNetworks RealPlayer SWF Processing Remote Code Execution Vulnerability zdi-disclosures3com.com (Wed Oct 31 2007 - 18:14:31 CDT)
(tool announce) Orizon v0.50 announce Paolo Perego (Thu Nov 01 2007 - 08:08:24 CDT)
mac trojan in-the-wild Gadi Evron (Wed Oct 31 2007 - 18:21:00 CDT)
SEC Consult SA-20071101-0 :: Multiple Vulnerabilities in SonicWALL SSL-VPN Client Bernhard Mueller (Thu Nov 01 2007 - 07:06:37 CDT)
ZDI-07-062: RealNetworks RealPlayer PLS File Memory Corruption Vulnerability zdi-disclosures3com.com (Wed Oct 31 2007 - 18:14:42 CDT)
Re: Comments re ISC's announcement on bind9 security Network Protocol Security (Wed Oct 31 2007 - 16:28:36 CDT)
ZDI-07-063: RealPlayer RA Field Size File Processing Heap Oveflow Vulnerability zdi-disclosures3com.com (Wed Oct 31 2007 - 18:14:50 CDT)
Re: Airkiosk/formlib application is XSS vuln skien (Thu Nov 01 2007 - 12:37:24 CDT)
Cryptome: NSA has access to Windows Mobile smartphones Juha-Matti Laurio (Thu Nov 01 2007 - 13:16:12 CDT)
Two XSS on Blue Coat ProxySG Management Console researchprocheckup.com (Thu Nov 01 2007 - 12:20:04 CDT)
Re: Re: Comments re ISC's announcement on bind9 security ntnnetworkontap.com (Thu Nov 01 2007 - 14:14:06 CDT)
Re: Airkiosk/formlib application is XSS vuln Raymond Pete (Thu Nov 01 2007 - 11:39:05 CDT)
ZDI-07-060: HP OpenView Radia Integration Server File System Exposure Vulnerability zdi-disclosures3com.com (Wed Oct 31 2007 - 18:14:03 CDT)
[ MDKSA-2007:203 ] - Updated xen packages fix multiple vulnerabilities securitymandriva.com (Thu Nov 01 2007 - 12:52:44 CDT)
Re: Comments re ISC's announcement on bind9 security Theo de Raadt (Thu Nov 01 2007 - 14:51:56 CDT)
Re: mac trojan in-the-wild Matthew Leeds (Thu Nov 01 2007 - 15:57:06 CDT)
[ MDKSA-2007:204 ] - Updated cups packages fix vulnerability securitymandriva.com (Thu Nov 01 2007 - 15:36:52 CDT)
RE: mac trojan in-the-wild Thor (Hammer of God) (Thu Nov 01 2007 - 19:14:43 CDT)
Re: Comments re ISC's announcement on bind9 security Tim (Thu Nov 01 2007 - 15:50:20 CDT)
RE: mac trojan in-the-wild Alex Eckelberry (Thu Nov 01 2007 - 16:47:14 CDT)
RE: Cryptome: NSA has access to Windows Mobile smartphones Kurt Dillard (Thu Nov 01 2007 - 16:34:35 CDT)
RE: mac trojan in-the-wild Alex Eckelberry (Thu Nov 01 2007 - 16:49:09 CDT)
ZDI-07-064: Novell Client Trust Heap Overflow Vulnerability zdi-disclosures3com.com (Wed Oct 31 2007 - 18:18:00 CDT)
the heart of the problem [was: RE: mac trojan in-the-wild] Gadi Evron (Thu Nov 01 2007 - 21:35:59 CDT)
[ GLSA 200711-01 ] gFTP: Multiple vulnerabilities Pierre-Yves Rofes (Thu Nov 01 2007 - 18:58:03 CDT)
IM upgrade automated social engineering attack Dragos Ruiu (Thu Nov 01 2007 - 22:08:43 CDT)
[ GLSA 200711-03 ] Gallery: Multiple vulnerabilities Pierre-Yves Rofes (Thu Nov 01 2007 - 19:32:22 CDT)
Secunia Research: ACDSee Products Image and Archive Plug-ins Buffer Overflows Secunia Research (Fri Nov 02 2007 - 04:08:46 CDT)
Scribe <= 2.0 Remote PHP Code Execution kingoftheworld92fastwebnet.it (Thu Nov 01 2007 - 17:14:59 CDT)
Re: Comments re ISC's announcement on bind9 security Shane Kerr (Fri Nov 02 2007 - 05:45:53 CDT)
Re: Comments re ISC's announcement on bind9 security Tim (Fri Nov 02 2007 - 07:23:43 CDT)
Re: Comments re ISC's announcement on bind9 security Shane Kerr (Fri Nov 02 2007 - 09:57:33 CDT)
[USN-537-2] Compiz vulnerability Kees Cook (Fri Nov 02 2007 - 10:33:53 CDT)
Re: [botnets] re MAC trojan (fwd) Gadi Evron (Thu Nov 01 2007 - 19:55:44 CDT)
Re: mac trojan in-the-wild nnp (Thu Nov 01 2007 - 17:27:55 CDT)
Re: [Full-disclosure] mac trojan in-the-wild Peter Besenbruch (Thu Nov 01 2007 - 20:36:00 CDT)
Re: mac trojan in-the-wild Robert McArdle (Fri Nov 02 2007 - 05:42:10 CDT)
RE: mac trojan in-the-wild Roger A. Grimes (Thu Nov 01 2007 - 19:37:00 CDT)
RE: mac trojan in-the-wild Memisyazici, Aras (Thu Nov 01 2007 - 17:14:49 CDT)
Re: mac trojan in-the-wild Nick FitzGerald (Thu Nov 01 2007 - 18:36:57 CDT)
RE: mac trojan in-the-wild Thor (Hammer of God) (Fri Nov 02 2007 - 00:18:55 CDT)
Re: [Full-disclosure] mac trojan in-the-wild Peter Besenbruch (Thu Nov 01 2007 - 18:44:05 CDT)
[UPH-07-03] Firefly Media Server remote format string vulnerability nnp (Fri Nov 02 2007 - 13:00:12 CDT)
[UPH-07-02] Firefly Media Server DoS nnp (Fri Nov 02 2007 - 12:57:50 CDT)
Re: [UPH-07-01] Firefly Media Server DoS nnp (Fri Nov 02 2007 - 13:04:56 CDT)
[UPH-07-01] Firefly Media Server DoS nnp (Fri Nov 02 2007 - 12:55:06 CDT)
Re: [Full-disclosure] mac trojan in-the-wild Paul Schmehl (Thu Nov 01 2007 - 21:13:10 CDT)
[ GLSA 200711-02 ] OpenSSH: Security bypass Pierre-Yves Rofes (Thu Nov 01 2007 - 19:15:30 CDT)
RE: mac trojan in-the-wild Roger A. Grimes (Fri Nov 02 2007 - 03:42:15 CDT)
RE: mac trojan in-the-wild Jim Harrison (Thu Nov 01 2007 - 19:52:10 CDT)
RE: mac trojan in-the-wild Gadi Evron (Thu Nov 01 2007 - 20:04:44 CDT)
Re: [UPH-07-03] Firefly Media Server remote format string vulnerability nnp (Fri Nov 02 2007 - 13:03:42 CDT)
[ MDKSA-2007:205 ] - Updated opal packages fix vulnerability securitymandriva.com (Fri Nov 02 2007 - 17:00:00 CDT)
DoS Exploit for DHCPd bug (Bugtraq ID 25984 ; CVE-2007-5365) Roman Medina-Heigl Hernandez (Fri Nov 02 2007 - 16:06:07 CDT)
phphelpdesk Multiple vulnerabilities Joseph.giron13gmail.com (Fri Nov 02 2007 - 17:53:35 CDT)
[ MDKSA-2007:206 ] - Updated pwlib packages fix vulnerability securitymandriva.com (Fri Nov 02 2007 - 17:15:52 CDT)
[SECURITY] [DSA 1397-1] New mono packages fix integer overflow Moritz Muehlenhoff (Sat Nov 03 2007 - 10:52:14 CDT)
Skalinks <= 1_5 Cross Site Request Forgery Add Admin djvincyhotmail.it (Sat Nov 03 2007 - 18:09:18 CDT)
JBC Explorer <= V7.20 RC 1 Remote Code Execution Exploit gmdarkfiggmail.com (Sun Nov 04 2007 - 14:17:14 CST)
[SECURITY] [DSA 1398-1] New perdition packages fix arbitrary code execution Noah Meyerhans (Mon Nov 05 2007 - 07:03:47 CST)
[Tool] sqlmap: a blind SQL injection tool (release 0.5) Bernardo Damele (Sun Nov 04 2007 - 15:56:48 CST)
iDefense Security Advisory 11.02.07: Sun Microsystems Solaris srsexec Format String Vulnerability iDefense Labs (Mon Nov 05 2007 - 11:03:07 CST)
Re: Comments re ISC's announcement on bind9 security Tim (Fri Nov 02 2007 - 11:01:42 CDT)
Leopard's firewall damages Skype and WoW Juergen Schmidt (Mon Nov 05 2007 - 13:36:51 CST)
[SECURITY] [DSA 1399-1] New pcre3 packages fix arbitrary code execution Florian Weimer (Mon Nov 05 2007 - 14:22:19 CST)
iDefense Security Advisory 11.05.07: Apple QuickTime Panorama Sample Atom Heap Buffer Overflow Vulnerability iDefense Labs (Mon Nov 05 2007 - 15:19:12 CST)
ZDI-07-066: Apple Quicktime PICT File PackBitsRgn Parsing Heap Corruption Vulnerability zdi-disclosures3com.com (Mon Nov 05 2007 - 16:39:51 CST)
ZDI-07-065: Apple QuickTime Color Table RGB Parsing Heap Corruption Vulnerability zdi-disclosures3com.com (Mon Nov 05 2007 - 16:39:45 CST)
ZDI-07-068: Apple QuickTime Uncompressedfile Opcode Stack Overflow Vulnerability zdi-disclosures3com.com (Mon Nov 05 2007 - 16:40:00 CST)
ZDI-07-067: Apple QuickTime PICT File Poly Opcodes Heap Corruption Vulnerability zdi-disclosures3com.com (Mon Nov 05 2007 - 16:39:55 CST)
[SECURITY] [DSA 1401-1] New iceape packages fix several vulnerabilities Moritz Muehlenhoff (Mon Nov 05 2007 - 17:44:32 CST)
[ MDKSA-2007:207 ] - Updated perl packages fix vulnerability securitymandriva.com (Mon Nov 05 2007 - 23:35:36 CST)
[ MDKSA-2007:208 ] - Updated ghostscript packages fix vulnerability securitymandriva.com (Mon Nov 05 2007 - 23:36:53 CST)
rPSA-2007-0232-1 perl rPath Update Announcements (Tue Nov 06 2007 - 08:19:54 CST)
[USN-539-1] CUPS vulnerability Kees Cook (Mon Nov 05 2007 - 23:57:44 CST)
[ MDKSA-2007:209 ] - Updated netpbm packages fix vulnerability securitymandriva.com (Mon Nov 05 2007 - 23:41:26 CST)
[CVE-2007-5741] Plone: statusmessages and linkintegrity unsafe network data hotfix mjjarn.com (Tue Nov 06 2007 - 12:08:25 CST)
Re: IM upgrade automated social engineering attack Roman Shirokov (Tue Nov 06 2007 - 04:37:50 CST)
SMF .htaccess bypass h3llcodehotmail.it (Tue Nov 06 2007 - 03:36:42 CST)
Re: SMF .htaccess bypass Matt D. Harris (Tue Nov 06 2007 - 12:39:34 CST)
Re: IM upgrade automated social engineering attack Dragos Ruiu (Tue Nov 06 2007 - 14:50:47 CST)
IDMOS v1.0 Alpha Multiple RFI Vulnerability Guns0x90.com.ar (Tue Nov 06 2007 - 14:10:46 CST)
Re: SMF .htaccess bypass anuj tenani (Tue Nov 06 2007 - 13:31:40 CST)
Cypress BX script backdoored? Chris (Tue Nov 06 2007 - 13:58:22 CST)
PhpNuke (add-on) MS TopSites Edit Exploit And Html Injection Guns0x90.com.ar (Tue Nov 06 2007 - 14:05:17 CST)
rPSA-2007-0231-1 pcre rPath Update Announcements (Tue Nov 06 2007 - 14:15:34 CST)
iDefense Security Advisory 11.06.07: Microsoft DebugView Privilege Escalation Vulnerability iDefense Labs (Tue Nov 06 2007 - 14:40:18 CST)
MyWebFTP Password Disclosure AdvisoryAria-Security.net, (Mon Nov 05 2007 - 20:05:20 CST)
[SECURITY] [DSA 1400-1] New perl packages fix arbitrary code execution Florian Weimer (Tue Nov 06 2007 - 15:32:59 CST)
[ GLSA 200711-04 ] Evolution: User-assisted remote execution of arbitrary code Pierre-Yves Rofes (Tue Nov 06 2007 - 15:42:42 CST)
[ MDKSA-2007:210 ] - Updated xfs package prevents arbitrary code execution vulnerabilities securitymandriva.com (Tue Nov 06 2007 - 16:06:30 CST)
[ GLSA 200711-05 ] SiteBar: Multiple issues Pierre-Yves Rofes (Tue Nov 06 2007 - 16:52:20 CST)
SiteMinder Agent: Cross Site Scripting Giuseppe Gottardi (Tue Nov 06 2007 - 21:10:00 CST)
Secunia Research: Link Grammar "separate_sentence()" Buffer Overflow Secunia Research (Wed Nov 07 2007 - 05:40:22 CST)
Secunia Research: AbiWord Link Grammar "separate_sentence()" Buffer Overflow Secunia Research (Wed Nov 07 2007 - 05:41:02 CST)
Secunia Research: Xpdf "Stream.cc" Multiple Vulnerabilities Secunia Research (Wed Nov 07 2007 - 09:42:22 CST)
[ GLSA 200711-06 ] Apache: Multiple vulnerabilities Pierre-Yves Rofes (Wed Nov 07 2007 - 13:31:44 CST)
[ GLSA 200711-07 ] Python: User-assisted execution of arbitrary code Pierre-Yves Rofes (Wed Nov 07 2007 - 13:45:33 CST)
[ GLSA 200711-08 ] libpng: Multiple Denials of Service Pierre-Yves Rofes (Wed Nov 07 2007 - 14:15:31 CST)
[SECURITY] [DSA 1402-1] New gforge packages fix several vulnerabilities Steve Kemp (Wed Nov 07 2007 - 14:15:11 CST)
iDefense Security Advisory 11.07.07: Oracle 10g R2 PITRIG_DROPMETADATA Buffer Overflow Vulnerability iDefense Labs (Wed Nov 07 2007 - 15:09:30 CST)
[ GLSA 200711-09 ] MadWifi: Denial of Service Pierre-Yves Rofes (Wed Nov 07 2007 - 14:43:26 CST)
[ GLSA 200711-10 ] Mono: Buffer overflow Pierre-Yves Rofes (Wed Nov 07 2007 - 17:00:03 CST)
Aria-Security.Net Research: Request For Travel Sql Injection Advisoryaria-security.net (Wed Nov 07 2007 - 20:31:52 CST)
Re: iDefense Security Advisory 11.07.07: Oracle 10g R2 PITRIG_DROPMETADATA Buffer Overflow Vulnerability buzzypoczta.fm (Thu Nov 08 2007 - 06:26:20 CST)
Simple Machine Forum - Private section/posts/info disclosure h3llcodehotmail.it (Thu Nov 08 2007 - 07:40:19 CST)
[OpenPKG-SA-2007.023] OpenPKG Security Advisory (perl) OpenPKG GmbH (Thu Nov 08 2007 - 01:52:52 CST)
Re: SiteMinder Agent: Cross Site Scripting securityfocusnetdevice.com (Thu Nov 08 2007 - 09:08:57 CST)
[ GLSA 200711-12 ] Tomboy: User-assisted execution of arbitrary code Pierre-Yves Rofes (Thu Nov 08 2007 - 13:46:43 CST)
[ GLSA 200711-11 ] Nagios Plugins: Two buffer overflows Pierre-Yves Rofes (Thu Nov 08 2007 - 13:17:41 CST)
[security bulletin] HPSBUX02285 SSRT071484 rev.1 - HP-UX Running Aries PA Emulator, Local Unauthorized Access security-alerthp.com (Thu Nov 08 2007 - 13:51:17 CST)
Aria-Security.Net Research: Lotfian BROCHURE Management System Advisoryaria-security.net (Thu Nov 08 2007 - 14:44:07 CST)
[ GLSA 200711-13 ] 3proxy: Denial of Service Pierre-Yves Rofes (Thu Nov 08 2007 - 14:41:26 CST)
[ MDKSA-2007:211 ] - Updated pcre packages fix vulnerability securitymandriva.com (Thu Nov 08 2007 - 15:02:47 CST)
[ MDKSA-2007:213 ] - Updated pcre packages fix vulnerability securitymandriva.com (Thu Nov 08 2007 - 15:12:10 CST)
[ MDKSA-2007:212 ] - Updated pcre packages fix vulnerability securitymandriva.com (Thu Nov 08 2007 - 15:07:15 CST)
[SECURITY] [DSA 1404-1] New gallery2 packages fix privilege escalation Thijs Kinkhorst (Thu Nov 08 2007 - 16:40:13 CST)
AST-2007-024 - Fallacious security advisory spread on the Internet involving buffer overflow in Zaptel's sethdlc application The Asterisk Development Team (Thu Nov 08 2007 - 16:02:37 CST)
[SECURITY] [DSA 1403-1] New phpmyadmin packages fix cross-site scripting Thijs Kinkhorst (Thu Nov 08 2007 - 16:13:37 CST)
[ MDKSA-2007:214 ] - Updated flac packages fix vulnerability securitymandriva.com (Thu Nov 08 2007 - 18:12:59 CST)
CanSecWest 2008 CFP (deadline Nov 30, conf Mar 26-28) and PacSec Dojo's Dragos Ruiu (Thu Nov 08 2007 - 22:18:34 CST)
[ MDKSA-2007:215 ] - Updated openldap packages fix vulnerability securitymandriva.com (Thu Nov 08 2007 - 22:23:31 CST)
Re: Re: SiteMinder Agent: Cross Site Scripting overetsecuritydate.it (Fri Nov 09 2007 - 03:32:27 CST)
li-guestbook sql inj abc.seogmail.com (Fri Nov 09 2007 - 05:12:27 CST)
Re: SiteMinder Agent: Cross Site Scripting Williams, James K (Fri Nov 09 2007 - 10:48:34 CST)
Re: Simple Machine Forum - Private section/posts/info disclosure klynn.securityfocuskevinlynn.com (Fri Nov 09 2007 - 11:52:58 CST)
xoops mylinks module - sql injection roothanicker.it (Fri Nov 09 2007 - 05:38:55 CST)
Re: Simple Machine Forum - Private section/posts/info disclosure Jindrich Kubec (Thu Nov 08 2007 - 16:36:58 CST)
[SECURITY] [DSA 1405-1] New zope-cmfplone packages fix arbitrary code execution Thijs Kinkhorst (Fri Nov 09 2007 - 16:38:37 CST)
SQL injection bug found in TBSource. drakomogmail.com (Fri Nov 09 2007 - 15:25:48 CST)
iDefense Security Advisory 11.09.07: IBM Informix Dynamic Server DBLANG Directory Traversal Vulnerability iDefense Labs (Fri Nov 09 2007 - 16:07:53 CST)
[SECURITY] [DSA 1406-1] New horde3 packages fix several vulnerabilities Thijs Kinkhorst (Fri Nov 09 2007 - 16:47:35 CST)
iDefense Security Advisory 11.09.07: AOL AmpX ActiveX Control Multiple Buffer Overflow Vulnerabilities iDefense Labs (Fri Nov 09 2007 - 15:33:50 CST)
Aria-Security.Net Research: Rapid Classified HotList Image Advisoryaria-security.net (Sat Nov 10 2007 - 14:34:07 CST)
[48Bits Advisory] QuickTime Panorama Sample Atom Heap Overflow [48bits] vulndev (Sat Nov 10 2007 - 07:41:32 CST)
[SECURITY] [DSA 1405-2] New zope-cmfplone packages fix regression Thijs Kinkhorst (Sun Nov 11 2007 - 10:43:44 CST)
Eggblog v3.1.0 XSS Vulnerability mesuth-labs.org (Sun Nov 11 2007 - 14:13:27 CST)
FLEA-2007-0066-1 ImageMagick Foresight Linux Essential Announcement Service (Sun Nov 11 2007 - 22:54:03 CST)
Oracle 0-day to get SYSDBA access petepetefinnigan.com (Mon Nov 12 2007 - 07:13:37 CST)
Re: Re: Simple Machine Forum - Private section/posts/info disclosure rxh4cky0u.org (Sun Nov 11 2007 - 07:20:41 CST)
Standing Up Against German Laws - Project HayNeedle Paul Sebastian Ziegler (Sat Nov 10 2007 - 11:28:54 CST)
Re: [Full-disclosure] Standing Up Against German Laws - Project HayNeedle Jan Newger (Sat Nov 10 2007 - 12:53:56 CST)
PeopleAggregatory security advisory - re CVE-2007-5631 philbroadbandmechanics.com (Sun Nov 11 2007 - 16:24:26 CST)
CVE-2007-3694: Cross site scripting (XSS) in broadcast machine Hanno BÃ¶ck (Mon Nov 12 2007 - 06:55:02 CST)
PHP-Nuke Module Advertising Blind SQL Injection Guns0x90.com.ar (Sat Nov 10 2007 - 16:14:25 CST)
FLEA-2007-0063-1 perl Foresight Linux Essential Announcement Service (Sat Nov 10 2007 - 00:04:26 CST)
FLEA-2007-0064-1 pcre Foresight Linux Essential Announcement Service (Sun Nov 11 2007 - 22:43:56 CST)
FLEA-2007-0068-1 ruby Foresight Linux Essential Announcement Service (Sun Nov 11 2007 - 23:08:53 CST)
iDefense Security Advisory 11.12.07: WinPcap NPF.SYS bpf_filter_init Arbitrary Array Indexing Vulnerability iDefense Labs (Mon Nov 12 2007 - 12:00:40 CST)
Re: Standing Up Against German Laws - Project HayNeedle johan beisser (Mon Nov 12 2007 - 11:55:29 CST)
FLEA-2007-0069-1 perl Foresight Linux Essential Announcement Service (Sun Nov 11 2007 - 23:19:51 CST)
FLEA-2007-0065-1 libpng Foresight Linux Essential Announcement Service (Sun Nov 11 2007 - 22:50:02 CST)
Alice - dns spoofer fabio (Sun Nov 11 2007 - 14:31:17 CST)
FLEA-2007-0067-1 pidgin Foresight Linux Essential Announcement Service (Sun Nov 11 2007 - 22:58:09 CST)
Cisco IOS Shellcode Research (Mon Nov 12 2007 - 03:53:22 CST)
Re: Standing Up Against German Laws - Project HayNeedle Matt D. Harris (Mon Nov 12 2007 - 13:27:52 CST)
RFID: Security Briefings angelorosiello.org (Mon Nov 12 2007 - 14:23:14 CST)
HPSBUX02287 SSRT071485 rev.1 - HP-UX Running HP Secure Shell, Remotely Gain Extended Privileges security-alerthp.com (Mon Nov 12 2007 - 13:57:33 CST)
AutoIndex <= 2.2.2 Cross Site Scripting and Denial of Service L4teral (Mon Nov 12 2007 - 14:32:35 CST)
[ GLSA 200711-14 ] Mozilla Firefox, SeaMonkey, XULRunner: Multiple vulnerabilities Pierre-Yves Rofes (Mon Nov 12 2007 - 15:16:07 CST)
Re: Standing Up Against German Laws - Project HayNeedle johan beisser (Mon Nov 12 2007 - 15:15:53 CST)
[ GLSA 200711-15 ] FLAC: Buffer overflow Pierre-Yves Rofes (Mon Nov 12 2007 - 15:42:33 CST)
[ MDKSA-2007:204-1 ] - Updated cups packages fix vulnerability securitymandriva.com (Mon Nov 12 2007 - 15:49:30 CST)
[ GLSA 200711-16 ] CUPS: Memory corruption Pierre-Yves Rofes (Mon Nov 12 2007 - 15:56:28 CST)
PR07-13: Cross-site Scripting / HTML injection on F5 FirePass 4100 SSL VPN 'download_plugin.php3' server-side script researchprocheckup.com (Mon Nov 12 2007 - 17:04:15 CST)
[ISecAuditors Security Advisories] VTLS.web.gateway cgi is vulnerable to XSS ISecAuditors Security Advisories (Tue Nov 13 2007 - 02:38:39 CST)
ATC-08 Call for papers (repost) atc08atilf.no (Tue Nov 13 2007 - 08:34:20 CST)
Re: Bosdev Multiple vulnerabilities salesbosdev.com (Mon Nov 12 2007 - 18:08:58 CST)
[ MDKSA-2007:216 ] - Updated kernel packages fix multiple vulnerabilities and bugs securitymandriva.com (Tue Nov 13 2007 - 12:12:03 CST)
After 6 months - fix available for Microsoft DNS cache poisoning attack Amit Klein (Tue Nov 13 2007 - 12:26:43 CST)
PHP <= 5.2.5 stream_wrapper_register() denial of service laurent.gaffiegmail.com (Tue Nov 13 2007 - 13:47:05 CST)
PHP <= 5.2.5 Gettext Lib Multiple Denial of service laurent.gaffiegmail.com (Tue Nov 13 2007 - 13:03:45 CST)
Re: [Full-disclosure] Standing Up Against German Laws - Project HayNeedle Peter Conrad (Tue Nov 13 2007 - 04:13:06 CST)
Oracle 11g/10g Installation Vulnerability David Litchfield (Tue Nov 13 2007 - 13:27:50 CST)
Re: Standing Up Against German Laws - Project HayNeedle Florian Echtler (Tue Nov 13 2007 - 03:59:53 CST)
Re: [Full-disclosure] Standing Up Against German Laws - Project HayNeedle Duncan Simpson (Sun Nov 11 2007 - 15:26:51 CST)
[USN-540-1] flac vulnerability Kees Cook (Tue Nov 13 2007 - 14:11:12 CST)
iDefense Security Advisory 11.12.07: Novell NetWare Client Local Privilege Escalation Vulnerability iDefense Labs (Tue Nov 13 2007 - 14:20:14 CST)
Re: Standing Up Against German Laws - Project HayNeedle Paul Wouters (Tue Nov 13 2007 - 14:39:47 CST)
[ MDKSA-2007:217 ] - Updated libpng packages fix multiple vulnerabilities securitymandriva.com (Tue Nov 13 2007 - 14:52:26 CST)
Re: [Full-disclosure] Standing Up Against German Laws - Project HayNeedle johan beisser (Tue Nov 13 2007 - 15:03:16 CST)
Re: Standing Up Against German Laws - Project HayNeedle johan beisser (Tue Nov 13 2007 - 15:07:02 CST)
Re: Standing Up Against German Laws - Project HayNeedle Valdis.Kletnieksvt.edu (Tue Nov 13 2007 - 15:38:39 CST)
Re: Standing Up Against German Laws - Project HayNeedle Stefano Zanero (Tue Nov 13 2007 - 16:03:31 CST)
[USN-541-1] Emacs vulnerability Kees Cook (Tue Nov 13 2007 - 16:16:04 CST)
ExoPHPdesk user profile XSS / profile SQL injection Joseph.giron13gmail.com (Tue Nov 13 2007 - 16:44:36 CST)
Aria-Security.Net: MetaCart SQL Injection No-ReplyAria-Security.net (Tue Nov 13 2007 - 18:30:01 CST)
Predictable DNS transaction IDs in Microsoft DNS Server Alla Bezroutchko (Wed Nov 14 2007 - 06:07:28 CST)
[USN-542-1] poppler vulnerabilities Kees Cook (Tue Nov 13 2007 - 23:34:40 CST)
Free Forums "search" Sql Injection No-ReplyAria-Security.net (Tue Nov 13 2007 - 18:44:51 CST)
DocuSafe "Search" SQL Injection No-ReplyAria-Security.net (Tue Nov 13 2007 - 17:28:13 CST)
Konqueror Remote Denial Of Service laurent.gaffiegmail.com (Wed Nov 14 2007 - 09:33:10 CST)
[USN-541-1] Emacs vulnerability Kees Cook (Tue Nov 13 2007 - 16:16:04 CST)
Six Remote Memory Corruption Vulnerabilities in IBM WebSphere MQ 6.0 IRM Research (Wed Nov 14 2007 - 08:48:49 CST)
[ MDKSA-2007:218 ] - Updated mono packages fix arbitrary code execution vulnerability securitymandriva.com (Wed Nov 14 2007 - 11:25:57 CST)
[security bulletin] HPSBMA02288 SSRT071465 rev.1 - HP OpenView Operations (OVO) Running on HP-UX and Solaris, Remote Unauthorized Access, Denial of Service (DoS) security-alerthp.com (Wed Nov 14 2007 - 10:33:29 CST)
Re: Standing Up Against German Laws - Project HayNeedle Raj Mathur (Tue Nov 13 2007 - 21:20:50 CST)
[ GLSA 200711-17 ] Ruby on Rails: Multiple vulnerabilities Pierre-Yves Rofes (Wed Nov 14 2007 - 15:14:44 CST)
Re: Standing Up Against German Laws - Project HayNeedle imipak (Wed Nov 14 2007 - 15:01:19 CST)
TPTI-07-20: Apple Quicktime Movie Stack Overflow Vulnerability DVLabs (Wed Nov 14 2007 - 14:56:06 CST)
[ GLSA 200711-18 ] Cpio: Buffer overflow Pierre-Yves Rofes (Wed Nov 14 2007 - 15:42:15 CST)
[ GLSA 200711-19 ] TikiWiki: Multiple vulnerabilities Pierre-Yves Rofes (Wed Nov 14 2007 - 16:00:20 CST)
Breaking RSA: Totient indirect factorization gandlf (Wed Nov 14 2007 - 15:59:42 CST)
[ GLSA 200711-20 ] Pioneers: Denial of Service Pierre-Yves Rofes (Wed Nov 14 2007 - 16:11:12 CST)
Re: Standing Up Against German Laws - Project HayNeedle Frank Guthausen (Wed Nov 14 2007 - 15:34:33 CST)
iDefense Security Advisory 11.14.07: Apple Mac OS X AppleTalk mbuf Kernel Heap Overflow Vulnerability iDefense Labs (Wed Nov 14 2007 - 17:44:13 CST)
Re: Breaking RSA: Totient indirect factorization Alexander Klimov (Thu Nov 15 2007 - 02:29:19 CST)
iDefense Security Advisory 11.14.07: Apple Mac OS X AppleTalk ASP Message Kernel Heap Overflow Vulnerability iDefense Labs (Wed Nov 14 2007 - 17:43:20 CST)
iDefense Security Advisory 11.14.07: Apple Mac OS X Mach Port Inheritance Privilege Escalation Vulnerability iDefense Labs (Wed Nov 14 2007 - 17:59:06 CST)
Some hashes for the record shadown (Wed Nov 14 2007 - 18:58:08 CST)
[security bulletin] HPSBUX02284 SSRT071483 rev.2 - HP-UX Running Java JRE and JDK, Remote Unauthorized Access security-alerthp.com (Thu Nov 15 2007 - 07:54:54 CST)
[SAMBA] CVE-2007-4572 - GETDC mailslot processing buffer overrun in nmbd Gerald (Jerry) Carter (Thu Nov 15 2007 - 07:20:13 CST)
[SAMBA] CVE-2007-5398 - Remote Code Execution in Samba's nmbd Gerald (Jerry) Carter (Thu Nov 15 2007 - 07:20:59 CST)
Secunia Research: Samba "reply_netbios_packet()" Buffer Overflow Vulnerability Secunia Research (Thu Nov 15 2007 - 09:12:38 CST)
iDefense Security Advisory 11.14.07: Apple Mac OS X AppleTalk Socket IOCTL Kernel Stack Buffer Overflow Vulnerability iDefense Labs (Wed Nov 14 2007 - 17:43:54 CST)
Re: HPSBUX02287 SSRT071485 rev.1 - HP-UX Running HP Secure Shell, Remotely Gain Extended Privileges Nick Boyce (Thu Nov 15 2007 - 11:15:30 CST)
Re: Breaking RSA: Totient indirect factorization Clifton Royston (Thu Nov 15 2007 - 10:58:34 CST)
Aida-Web Information Exposure MC Iglo (Thu Nov 15 2007 - 03:41:14 CST)
[TKADV2007-001] Mac OS X TIOCSETD IOCTL Kernel Memory Corruption Vulnerability Tobias Klein (Thu Nov 15 2007 - 13:43:39 CST)
[ MDKSA-2007:219 ] - Updated xpdf packages fix vulnerabilities securitymandriva.com (Thu Nov 15 2007 - 14:12:21 CST)
EEYE: Multiple Vulnerabilities In .FLAC File Format and Various Media Applications eEye Advisories (Thu Nov 15 2007 - 13:59:31 CST)
[USN-542-2] KOffice vulnerabilities Jamie Strandboge (Thu Nov 15 2007 - 15:46:12 CST)
PR07-26: Persistent XSS on Aruba 800 Mobility Controller's login page researchprocheckup.com (Thu Nov 15 2007 - 15:47:59 CST)
Re: Breaking RSA: Totient indirect factorization gandlf (Thu Nov 15 2007 - 14:46:44 CST)
PR07-02: XSS on Liferay Portal Enterprise 4.1.1 login page ('login' parameter) researchprocheckup.com (Thu Nov 15 2007 - 15:46:11 CST)
[USN-543-1] VMWare vulnerabilities Kees Cook (Thu Nov 15 2007 - 16:40:14 CST)
[ MDKSA-2007:220 ] - Updated gpdf packages fix vulnerabilities securitymandriva.com (Thu Nov 15 2007 - 15:23:52 CST)
[RISE-2007004] Apple Mac OS X 10.4.x Kernel i386_set_ldt() Integer Overflow Vulnerability RISE Security (Thu Nov 15 2007 - 21:02:24 CST)
[USN-544-1] Samba vulnerabilities Jamie Strandboge (Thu Nov 15 2007 - 21:12:21 CST)
[ MDKSA-2007:221 ] - Updated kdegraphics packages fix vulnerabilities in kpdf securitymandriva.com (Thu Nov 15 2007 - 22:07:14 CST)
Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability cocoruder (Fri Nov 16 2007 - 05:25:29 CST)
AhnLab AntiVirus Remote Kernel Memory Corruption Sowhat (Fri Nov 16 2007 - 09:12:29 CST)
Javamail login username and password same email problem thetaunggmail.com (Fri Nov 16 2007 - 02:06:37 CST)
Re: Breaking RSA: Totient indirect factorization Watson Ladd (Wed Nov 14 2007 - 17:40:31 CST)
Re: Breaking RSA: Totient indirect factorization Erick Galinkin (Thu Nov 15 2007 - 21:33:16 CST)
JiRos Upload Manager SQL Injection no-replyaria-security.net (Fri Nov 16 2007 - 18:10:19 CST)
rPSA-2007-0241-1 samba samba-swat rPath Update Announcements (Fri Nov 16 2007 - 20:58:52 CST)
[USN-544-2] Samba regression Jamie Strandboge (Sat Nov 17 2007 - 06:49:21 CST)
RE: Standing Up Against German Laws - Project HayNeedle Quark IT - Hilton Travis (Fri Nov 16 2007 - 21:05:23 CST)
net-finity (links.php) Remote SQL Injection Vulnerability verys-secrethotmail.com (Sat Nov 17 2007 - 10:02:19 CST)
Black Lily 2007 (products.php class) Remote SQL Injection Vulnerability verys-secrethotmail.com (Sat Nov 17 2007 - 10:00:58 CST)
Myspace Clone Script (index.php) Remote File Inclusion Vulnerability verys-secrethotmail.com (Sat Nov 17 2007 - 09:57:01 CST)
Re: Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability CaseArmour.net Security Administrator (Fri Nov 16 2007 - 15:43:13 CST)
security contact for mitsubishi electric? Chris Withers (Sat Nov 17 2007 - 05:12:30 CST)
Sciurus Hosting Panel Code İnjection adminbiyofrm.com (Fri Nov 16 2007 - 23:20:29 CST)
[ MDKSA-2007:222 ] - Updated koffice packages fix vulnerabilities securitymandriva.com (Sat Nov 17 2007 - 13:56:53 CST)
[ MDKSA-2007:223 ] - Updated pdftohtml packages fix vulnerabilities securitymandriva.com (Sat Nov 17 2007 - 14:13:08 CST)
[ MDKSA-2007:224 ] - Updated samba packages fix vulnerabilities securitymandriva.com (Sat Nov 17 2007 - 15:05:45 CST)
Crash in LIVE555 Media Server 2007.11.01 Luigi Auriemma (Sun Nov 18 2007 - 12:45:51 CST)
[Aria-Secutiy Net] Click&BaneX SQL Injection no-replyAria-Security.net (Sun Nov 18 2007 - 19:15:30 CST)
Re: Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability Juha-Matti Laurio (Sat Nov 17 2007 - 17:58:02 CST)
[ECHO_ADV_84$2007] ProfileCMS <= 1.0 Remote SQL Injection Vulnerability erdcecho.or.id (Sat Nov 17 2007 - 20:11:40 CST)
[ GLSA 200711-24 ] Mozilla Thunderbird: Multiple vulnerabilities Pierre-Yves Rofes (Sun Nov 18 2007 - 15:33:23 CST)
[ GLSA 200711-26 ] teTeX: Multiple vulnerabilities Pierre-Yves Rofes (Sun Nov 18 2007 - 16:30:08 CST)
Vulnerability Hash Database - Maillist Sowhat (Sun Nov 18 2007 - 00:18:48 CST)
Re: [Full-disclosure] Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability jf (Sun Nov 18 2007 - 02:27:29 CST)
[ GLSA 200711-25 ] MySQL: Denial of Service Pierre-Yves Rofes (Sun Nov 18 2007 - 15:51:17 CST)
[ GLSA 200711-27 ] Link Grammar: User-assisted execution of arbitrary code Pierre-Yves Rofes (Sun Nov 18 2007 - 17:10:18 CST)
[ GLSA 200711-23 ] VMware Workstation and Player: Multiple vulnerabilities Pierre-Yves Rofes (Sun Nov 18 2007 - 15:12:26 CST)
[ GLSA 200711-21 ] Bochs: Multiple vulnerabilities Pierre-Yves Rofes (Sat Nov 17 2007 - 17:58:21 CST)
VigileCMS 1.4 Multiple Remote Vulnerabilities infoopencosmo.com (Sun Nov 18 2007 - 07:24:49 CST)
Belkin Wireless G Router DoS r00tbl4ckh0l3.com (Sat Nov 17 2007 - 23:50:17 CST)
[ MDKSA-2007:225 ] - Updated net-snmp packages fix remote denial of service vulnerability securitymandriva.com (Mon Nov 19 2007 - 12:12:22 CST)
IceBB 1.0rc6 <= Remote SQL Injection aeroxteam-nospamgmail.com (Sun Nov 18 2007 - 17:46:41 CST)
[ GLSA 200711-22 ] Poppler, KDE: User-assisted execution of arbitrary code Pierre-Yves Rofes (Sun Nov 18 2007 - 14:55:35 CST)
[SECURITY] [DSA 1407-1] New cupsys packages fix arbitrary code execution Moritz Muehlenhoff (Sun Nov 18 2007 - 07:22:48 CST)
Re: IceBB 1.0rc6 <= Remote SQL Injection aeroxteam-nospamgmail.com (Mon Nov 19 2007 - 12:45:08 CST)
Citrix NetScaler Web Management XSS nnposterdisclosed.not (Mon Nov 19 2007 - 08:10:13 CST)
Wordpress Cookie Authentication Vulnerability Steven J. Murdoch (Mon Nov 19 2007 - 12:44:43 CST)
Alcatel OmniPCX Enterprise VoIP Vulnerability daniel.stirnimanncsnc.ch (Mon Nov 19 2007 - 01:15:29 CST)
Certificate spoofing issue with Mozilla, Konqueror, Safari 2 Nils Toedtmann (Sun Nov 18 2007 - 13:43:45 CST)
rPSA-2007-0242-1 php5 php5-cgi php5-mysql php5-pear php5-pgsql php5-soap php5-xsl rPath Update Announcements (Mon Nov 19 2007 - 14:06:46 CST)
[ GLSA 200711-28 ] Perl: Buffer overflow Pierre-Yves Rofes (Mon Nov 19 2007 - 15:10:42 CST)
Re: Certificate spoofing issue with Mozilla, Konqueror, Safari 2 Kapetanakis Giannis (Mon Nov 19 2007 - 16:51:49 CST)
Re: Certificate spoofing issue with Mozilla, Konqueror, Safari 2 Graeme Fowler (Mon Nov 19 2007 - 17:17:50 CST)
Re: Certificate spoofing issue with Mozilla, Konqueror, Safari 2 Michal Zalewski (Mon Nov 19 2007 - 17:38:46 CST)
[ MDKSA-2007:226 ] - Updated kernel packages fix multiple vulnerabilities and bugs securitymandriva.com (Mon Nov 19 2007 - 17:41:14 CST)
[security bulletin] HPSBUX02289 SSRT071461 rev.1 - HP-UX Running BIND 8, Remote DNS Cache Poisoning security-alerthp.com (Tue Nov 20 2007 - 08:00:33 CST)
Re: Certificate spoofing issue with Mozilla, Konqueror, Safari 2 Nils Toedtmann (Mon Nov 19 2007 - 17:58:28 CST)
Banks (Wellsfargo.com) using CDNs to deliver Javascript: enables password theft by anyone compromising or controlling the CDN joelpeshkin.net (Mon Nov 19 2007 - 21:39:28 CST)
[ MDKSA-2007:227 ] - Updated poppler packages fix vulnerabilities securitymandriva.com (Mon Nov 19 2007 - 20:12:41 CST)
[ MDKSA-2007:228 ] - Updated cups packages fix vulnerabilities securitymandriva.com (Mon Nov 19 2007 - 20:23:22 CST)
EEYE: BitDefender Online Scanner 8 Double Decode Heap Overflow eEye Advisories (Tue Nov 20 2007 - 12:24:18 CST)
[ GLSA 200711-29 ] Samba: Execution of arbitrary code Pierre-Yves Rofes (Tue Nov 20 2007 - 15:25:10 CST)
[ GLSA 200711-30 ] PCRE: Multiple vulnerabilities Pierre-Yves Rofes (Tue Nov 20 2007 - 15:44:46 CST)
[ GLSA 200711-31 ] Net-SNMP: Denial of Service Pierre-Yves Rofes (Tue Nov 20 2007 - 16:06:24 CST)
Re: Certificate spoofing issue with Mozilla, Konqueror, Safari 2 Kapetanakis Giannis (Tue Nov 20 2007 - 16:09:46 CST)
[ GLSA 200711-32 ] Feynmf: Insecure temporary file creation Pierre-Yves Rofes (Tue Nov 20 2007 - 16:32:28 CST)
Several persistent XSS and CSRF on Wireless-G ADSL Gateway with SpeedBooster (WAG54GS) Adrian P (Tue Nov 20 2007 - 16:26:03 CST)
[ MDKSA-2007:229 ] - Updated phpMyAdmin packages fix multiple vulnerabilities securitymandriva.com (Tue Nov 20 2007 - 17:26:35 CST)
[Aria-Security.Net] VU Case Manager "Username/Password" SQL Injection no-replyAria-Security.net (Tue Nov 20 2007 - 19:33:10 CST)
Re: Banks (Wellsfargo.com) using CDNs to deliver Javascript: enables password theft by anyone compromising or controlling the CDN Jason Muskat de VE3TSJ - GCFA, GCUX, CEI, CEH (Tue Nov 20 2007 - 23:01:52 CST)
Aria-Security.Net: VU Mailer (Mass Mail) "Password" SQL Injection no-replyAria-Security.net (Tue Nov 20 2007 - 19:32:33 CST)
rPSA-2007-0243-1 flac rPath Update Announcements (Wed Nov 21 2007 - 09:35:02 CST)
Re: [Full-disclosure] Warning: Hackers hijacking unused IP Addresses inside Trusted domains [POC] Paul Schmehl (Wed Nov 21 2007 - 09:56:49 CST)
[ MDKSA-2007:230 ] - Updated tetex packages fix vulnerabilities securitymandriva.com (Tue Nov 20 2007 - 19:20:57 CST)
rPSA-2007-0245-1 kernel rPath Update Announcements (Wed Nov 21 2007 - 10:28:33 CST)
rPSA-2007-0245-2 kernel rPath Update Announcements (Wed Nov 21 2007 - 10:33:17 CST)
Re: [Full-disclosure] Warning: Hackers hijacking unused IP Addresses inside Trusted domains [POC] Gadi Evron (Wed Nov 21 2007 - 11:41:52 CST)
E-vanced Solutions Multiple Vulnerabilites Joseph.giron13gmail.com (Wed Nov 21 2007 - 14:19:54 CST)
GWextranet Multiple Vulnerabilites Joseph.giron13gmail.com (Wed Nov 21 2007 - 14:45:19 CST)
[SECURITY] [DSA 1408-1] New kdegraphics packages fix arbitrary code execution Moritz Muehlenhoff (Wed Nov 21 2007 - 15:32:28 CST)
TalkBack 2.2.7 Multiple Remote File Inclusion Vulnerabilities bugtraqopencosmo.com (Wed Nov 21 2007 - 16:58:07 CST)
Ucms <= 1.8 Backdoor Remote Command Execution Exploit bugtraqopencosmo.com (Wed Nov 21 2007 - 16:59:46 CST)
SkyPortal vRC6 Multiple Remote Vulnerabilities bugtraqopencosmo.com (Wed Nov 21 2007 - 16:56:17 CST)
[ MDKSA-2007:224-1 ] - Updated samba packages fix vulnerabilities securitymandriva.com (Wed Nov 21 2007 - 18:38:34 CST)
Wheatblog (wB) Remote File inclusion .. securitysoqor.net (Thu Nov 22 2007 - 03:30:05 CST)
Aria-Security.net: NetAuctionHelp SQL Injection no-replyAria-Security.net (Wed Nov 21 2007 - 23:46:50 CST)
[ECHO_ADV_85$2007] alstrasoft E-Friends <= 4.98 (seid) Multiple Remote SQL Injection Vulnerabilities erdcecho.or.id (Thu Nov 22 2007 - 03:07:21 CST)
GetBlog local File inclusion .. securitysoqor.net (Thu Nov 22 2007 - 03:39:11 CST)
Remote Shell Command Execution in "KB-Bestellsystem" (amensa-soft.de) zero-xlinuxmail.org (Thu Nov 22 2007 - 05:19:29 CST)
[Argeniss] Data0: Next generation malware for stealing databases (Paper) Cesar (Thu Nov 22 2007 - 05:57:52 CST)
MyBlog (MyCMS) Remote PHP Code execution / PHP Code injection .. securitysoqor.net (Thu Nov 22 2007 - 04:30:15 CST)
Re: Simple Machines Forum multiple sql injection flaws with exploit code. rootfuck.com (Wed Nov 21 2007 - 20:51:43 CST)
MySpace Scripts - Poll Creator JavaScript Injection Vulnerability DoZHackersCenter.com (Thu Nov 22 2007 - 11:26:30 CST)
VigileCMS <= 1.8 Stealth Remote Command Execution Exploit bugtraqopencosmo.com (Thu Nov 22 2007 - 13:45:11 CST)
Gadu-Gadu Local/Remote Buffer Overflow vulnerability j00ru.vxgmail.com (Thu Nov 22 2007 - 14:53:58 CST)
[SECURITY] [DSA 1409-1] New samba packages fix several vulnerabilities Steve Kemp (Thu Nov 22 2007 - 14:51:40 CST)
Using CSRF to Attack Mobile Phones avivra (Thu Nov 22 2007 - 15:16:13 CST)
[ MDKSA-2007:231 ] - Updated cacti packages fix SQL injection vulnerability securitymandriva.com (Thu Nov 22 2007 - 14:35:35 CST)
Re: Gadu-Gadu Local/Remote Buffer Overflow vulnerability gg_vulnyahoo.com (Thu Nov 22 2007 - 16:49:50 CST)
Re: Re: Gadu-Gadu Local/Remote Buffer Overflow vulnerability emacs25gmail.com (Fri Nov 23 2007 - 01:23:05 CST)
Aria-Security.net: Irola My-Time v3.5 SQL Injection no-replyAria-Security.net (Fri Nov 23 2007 - 03:53:35 CST)
Re: MyBlog (MyCMS) Remote PHP Code execution / PHP Code injection .. BlackHawk (Fri Nov 23 2007 - 05:20:57 CST)
[0day Remote Command Execution] VigileCMS <= 1.8 Stealth wegotyourboxgmail.com (Fri Nov 23 2007 - 09:04:21 CST)
Re: Re: Gadu-Gadu Local/Remote Buffer Overflow vulnerability j00ru.vxgmail.com (Fri Nov 23 2007 - 10:55:36 CST)
Re: Re: Re: Gadu-Gadu Local/Remote Buffer Overflow vulnerability gynvaelvexillium.org (Fri Nov 23 2007 - 11:53:51 CST)
Re: Re: Re: Re: Gadu-Gadu Local/Remote Buffer Overflow vulnerability sdfkjsomcoismwevoiweoo2.pl (Fri Nov 23 2007 - 13:37:30 CST)
Re: Gadu-Gadu Local/Remote Buffer Overflow vulnerability emacs25gmail.com (Fri Nov 23 2007 - 12:35:35 CST)
Mp3 ToolBox 1.0 beta 5 Remote File İnclude Vulnerability cybermilitanhotmail.com (Fri Nov 23 2007 - 13:42:20 CST)
Re: Re: Re: Re: Re: Gadu-Gadu Local/Remote Buffer Overflow vulnerability gynvaelvexillium.org (Fri Nov 23 2007 - 15:30:49 CST)
[ MDKSA-2007:224-2 ] - Updated samba packages fix vulnerabilities securitymandriva.com (Fri Nov 23 2007 - 17:08:33 CST)
Bitcomet Resource Browser v1.1 XSS jplopezygmail.com (Fri Nov 23 2007 - 22:33:40 CST)
Aria-Security.net: CoolShot E-Lite POS 1.0 no-replyAria-Security.net (Sat Nov 24 2007 - 02:27:38 CST)
Re: Aria-Security.net: NetAuctionHelp SQL Injection supportnetauctionhelp.com (Sat Nov 24 2007 - 04:47:09 CST)
PBLang <= 4.99.17.q Remote File Rewriting / Remote Command Execution kingoftheworld92fastwebnet.it (Sat Nov 24 2007 - 04:42:11 CST)
[ISecAuditors Security Advisories] Cygwin buffer overflow due incorrect filename length check ISecAuditors Security Advisories (Sat Nov 24 2007 - 10:12:37 CST)
vBTube v1.1 - Beta ( Vbulletin Tube) Xss Vulnerable cybermilitanhotmail.com (Sat Nov 24 2007 - 14:38:02 CST)
Amber Script 1.0 (show_content.php id) Local File Inclusion Vulnerability cybermilitanhotmail.com (Sat Nov 24 2007 - 14:36:57 CST)
NetAuctionHelp Classified Ads v1.0 SQL Injection no-replyAria-Security.net (Sat Nov 24 2007 - 16:11:33 CST)
Re: Re: Aria-Security.net: NetAuctionHelp SQL Injection no-replyAria-Security.net (Sat Nov 24 2007 - 16:07:28 CST)
[SECURITY] [DSA 1410-1] New ruby1.8 packages fix insecure SSL certificate validation Moritz Muehlenhoff (Sun Nov 25 2007 - 02:08:23 CST)
Aria-Security.Net: Gouae DWD Realty SQL Injection noreplyaria-security.net (Sun Nov 25 2007 - 15:44:17 CST)
[SECURITY] [DSA 1411-1] New libopenssl-ruby packages fix insecure SSL certificate validation Moritz Muehlenhoff (Sun Nov 25 2007 - 02:09:18 CST)
[SECURITY] [DSA 1409-2] New samba packages fix several vulnerabilities Steve Kemp (Mon Nov 26 2007 - 08:53:41 CST)
HPSBST02291 SSRT071498 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS07-061 and MS07-062 security-alerthp.com (Mon Nov 26 2007 - 07:25:33 CST)
[SECURITY] [DSA 1412-1] New ruby1.9 packages fix insecure SSL certificate validation Moritz Muehlenhoff (Sun Nov 25 2007 - 02:10:14 CST)
GWExtranet Script Injections & Privilege Escalation Vulnerability DoZHackersCenter.com (Sun Nov 25 2007 - 20:36:45 CST)
PHP 5.2.4 mail.force_extra_parameters unsecure cxibsecurityreason.com (Sun Nov 25 2007 - 10:04:11 CST)
two bytehoard 2.1 bugs Ernesto Alvarez (Mon Nov 26 2007 - 08:31:27 CST)
PHPSlideShow (toonchapter8.php) Cross-Site Scripting Vulnerability sys-projecthotmail.com (Mon Nov 26 2007 - 11:07:21 CST)
Skype DoS mailme.not (Sun Nov 25 2007 - 13:50:55 CST)
Calendar Proverbs <=1.1 (caladmin.php) Remote SQL Injection sys-projecthotmail.com (Mon Nov 26 2007 - 11:10:04 CST)
Citrix NetScaler Web Management Cookie Weakness nnposterdisclosed.not (Sun Nov 25 2007 - 20:06:03 CST)
FMDeluxe (index.php) Cross-Site Scripting Vulnerability sys-projecthotmail.com (Mon Nov 26 2007 - 11:05:30 CST)
[ GLSA 200711-33 ] nss_ldap: Information disclosure Pierre-Yves Rofes (Sun Nov 25 2007 - 15:43:56 CST)
[ GLSA 200711-34 ] CSTeX: Multiple vulnerabilities Pierre-Yves Rofes (Sun Nov 25 2007 - 16:49:13 CST)
[SECURITY] [DSA 1413-1] New mysql packages fix multiple vulnerabilities Noah Meyerhans (Mon Nov 26 2007 - 11:20:12 CST)
2007-06 Sentinel Protection Server Directory Traversal VulnerabilityResearchDigitalDefense.net (Mon Nov 26 2007 - 06:53:01 CST)
DeluxeBB E-Mail Address Change Security Bypass bugtraqopencosmo.com (Mon Nov 26 2007 - 13:02:35 CST)
Tilde CMS <= v. 4.x "aarstal" parameter of "yeardetail" SQL Injection kingoftheworld92fastwebnet.it (Mon Nov 26 2007 - 13:06:24 CST)
SimpleGallery v0.1.3 (index.php) Cross-Site Scripting Vulnerability sys-projecthotmail.com (Mon Nov 26 2007 - 11:08:54 CST)
PHP-Nuke NSN Script Depository module <= 1.0.3 Remote Source / DB Credentials Disclosure kingoftheworld92fastwebnet.it (Mon Nov 26 2007 - 14:51:32 CST)
Directory Traversal in SafeNet Sentinel Protection Server and Keys Server Elliot Kendall (Mon Nov 26 2007 - 15:06:11 CST)
JLMForo System (modificarPerfil.php) Cross-Site Scripting Vulnerability sys-projecthotmail.com (Mon Nov 26 2007 - 15:38:21 CST)
Re: PHP-Nuke NSN Script Depository module <= 1.0.3 Remote Source / DB Credentials Disclosure kingoftheworld92fastwebnet.it (Mon Nov 26 2007 - 15:27:13 CST)
ZDI-07-069: CA BrightStor ARCserve Backup Message Engine Insecure Method Exposure Vulnerability zdi-disclosures3com.com (Mon Nov 26 2007 - 16:10:30 CST)
FIGIS (FILogin.do) Bypass SQL Injection Vulnerability sys-projecthotmail.com (Mon Nov 26 2007 - 16:11:28 CST)
CONFidence 2008 CfP andrzej.targoszproidea.org.pl (Mon Nov 26 2007 - 17:06:33 CST)
[USN-545-1] link-grammar vulnerability Kees Cook (Mon Nov 26 2007 - 18:47:48 CST)
Creating Backdoors in Cisco IOS using Tcl IRM Research (Tue Nov 27 2007 - 04:48:39 CST)
[USN-546-1] Firefox vulnerabilities Kees Cook (Mon Nov 26 2007 - 20:00:15 CST)
OWASP Israel Conference 2007, Dec 3rd 2007 Ofer Shezaf (Tue Nov 27 2007 - 07:39:43 CST)
[security bulletin] HPSBUX02251 SSRT071449 rev.3 - HP-UX Running BIND, Remote DNS Cache Poisoning security-alerthp.com (Tue Nov 27 2007 - 06:45:16 CST)
[USN-547-1] PCRE vulnerabilities Kees Cook (Mon Nov 26 2007 - 20:58:12 CST)
Ruby/Gnome2 0.16.0 Format String Vulnerability chris.rohlfgmail.com (Tue Nov 27 2007 - 06:16:58 CST)
Announce: RFIDIOt release RFIDIOt-0.1r, November 2007 Adam Laurie (Tue Nov 27 2007 - 07:35:28 CST)
National Computer and Information Security Conferences ACIS 2008 - COLOMBIA Jeimy Cano (Tue Nov 27 2007 - 10:11:32 CST)
[SECURITY] [DSA 1414-1] New wireshark packages fix several vulnerabilities Moritz Muehlenhoff (Mon Nov 26 2007 - 18:39:25 CST)
Eurologon CMS Db credentials disclosure / files download kingoftheworld92fastwebnet.it (Tue Nov 27 2007 - 11:20:11 CST)
Re: [Full-disclosure] Creating Backdoors in Cisco IOS using Tcl Nicolas FISCHBACH (Tue Nov 27 2007 - 09:19:07 CST)
Eurologon CMS Multiple SQL Injection kingoftheworld92fastwebnet.it (Tue Nov 27 2007 - 11:26:47 CST)
Re: Creating Backdoors in Cisco IOS using Tcl michaelcleverly.com (Tue Nov 27 2007 - 11:49:24 CST)
CORE-2007-0821: Lotus Notes buffer overflow in the Lotus WorkSheet file processor Core Security Technologies Advisories (Tue Nov 27 2007 - 12:20:41 CST)
Liferay Enterprise Portal multiple XSS morin.joshgmail.com (Tue Nov 27 2007 - 14:20:30 CST)
PHPSlideShow XSS Update morin.joshgmail.com (Tue Nov 27 2007 - 15:16:54 CST)
PHPkit 1.6.1 (include.php?path=) Remote File Inclusion sys-projecthotmail.com (Tue Nov 27 2007 - 13:00:26 CST)
[SECURITY] [DSA 1416-1] New tk8.3 packages fix arbitrary code execution Moritz Muehlenhoff (Tue Nov 27 2007 - 14:56:39 CST)
[SECURITY] [DSA 1415-1] New tk8.4 packages fix arbitrary code execution Moritz Muehlenhoff (Tue Nov 27 2007 - 14:51:17 CST)
Win2K3 Priv Escalation justinescracing.com (Tue Nov 27 2007 - 15:59:05 CST)
RE: Win2K3 Priv Escalation Matt Ausmus (Tue Nov 27 2007 - 18:41:36 CST)
Re: Win2K3 Priv Escalation Jan Münther (Wed Nov 28 2007 - 02:20:20 CST)
Microsoft FTP Client Multiple Bufferoverflow Vulnerability Rajesh Sethumadhavan (Wed Nov 28 2007 - 00:12:03 CST)
Secunia Research: Symantec Backup Exec Job Engine Denial of Service Secunia Research (Wed Nov 28 2007 - 03:43:32 CST)
Re: Win2K3 Priv Escalation JustinESC (Wed Nov 28 2007 - 07:11:31 CST)
RE: Win2K3 Priv Escalation Thor (Hammer of God) (Wed Nov 28 2007 - 11:31:22 CST)
Gekko <=0.8.2 (temp directory) Path Disclosure sys-projecthotmail.com (Wed Nov 28 2007 - 11:05:03 CST)
SYM07-029 Symantec BEWS Multiple DoS in Job Engine Secure (Wed Nov 28 2007 - 12:19:39 CST)
[ MDKSA-2007:232 ] - Updated kernel packages fix multiple vulnerabilities and bugs securitymandriva.com (Wed Nov 28 2007 - 14:46:27 CST)
Some Data of POC2007 poc2007gmail.com (Wed Nov 28 2007 - 14:40:08 CST)
[ MDKSA-2007:233 ] - Updated cpio package fixes buffer overflow and directory traversal vulnerabilities securitymandriva.com (Wed Nov 28 2007 - 16:42:26 CST)
Re: Gekko <=0.8.2 (temp directory) Path Disclosure J. Carlos Nieto (Wed Nov 28 2007 - 17:22:19 CST)
rPSA-2007-0252-1 cups poppler tetex tetex-afm tetex-dvips tetex-fonts tetex-latex tetex-xdvi rPath Update Announcements (Wed Nov 28 2007 - 17:19:51 CST)
[USN-548-1] Pidgin vulnerability Kees Cook (Wed Nov 28 2007 - 17:29:45 CST)
[ MDKSA-2007:233 ] - Updated cpio package fixes buffer overflow and directory traversal vulnerabilities securitymandriva.com (Wed Nov 28 2007 - 17:19:53 CST)
[security bulletin] HPSBMA02283 SSRT071319 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Cross Site Scripting (XSS) security-alerthp.com (Thu Nov 29 2007 - 07:28:37 CST)
[security bulletin] HPSBUX02292 SSRT071499 rev.1 - HP-UX Running Apache, Remote Execution of Arbitrary Code security-alerthp.com (Thu Nov 29 2007 - 07:29:23 CST)
[SECURITY] [DSA 1409-3] New samba packages fix several vulnerabilities Steve Kemp (Thu Nov 29 2007 - 08:28:19 CST)
Digital Armaments November-December Hacking Challenge: Diffuse Client Application (10.000$ extra) infodigitalarmaments.com (Thu Nov 29 2007 - 08:28:58 CST)
APC Management Vulnerability garystotalserversolutions.com (Thu Nov 29 2007 - 08:41:38 CST)
Re: Microsoft FTP Client Multiple Bufferoverflow Vulnerability 3APA3A (Thu Nov 29 2007 - 05:46:06 CST)
IRM025: TIBCO Rendezvous RVD Daemon Remote Memory Leak DoS IRM Research (Thu Nov 29 2007 - 06:31:16 CST)
FreeBSD Security Advisory FreeBSD-SA-07:10.gtar FreeBSD Security Advisories (Thu Nov 29 2007 - 10:31:41 CST)
FreeBSD Security Advisory FreeBSD-SA-07:09.random FreeBSD Security Advisories (Thu Nov 29 2007 - 10:31:19 CST)
ERRATA: [ GLSA 200711-20 ] Pioneers: Multiple Denials of Service Pierre-Yves Rofes (Thu Nov 29 2007 - 16:00:13 CST)
AST-2007-025 - SQL Injection issue in res_config_pgsql Asterisk Security Team (Thu Nov 29 2007 - 16:18:55 CST)
AST-2007-026 - SQL Injection issue in cdr_pgsql Asterisk Security Team (Thu Nov 29 2007 - 16:23:39 CST)
Re: Microsoft FTP Client Multiple Bufferoverflow Vulnerability Valdis.Kletnieksvt.edu (Thu Nov 29 2007 - 16:19:49 CST)
[USN-549-1] PHP vulnerabilities Kees Cook (Thu Nov 29 2007 - 16:45:40 CST)
Re: Microsoft FTP Client Multiple Bufferoverflow Vulnerability Steve Shockley (Thu Nov 29 2007 - 17:09:23 CST)
DOS in Realplayer 11 ActiveX on Win Vista and Win XP SP2 thesinodahotmail.com (Thu Nov 29 2007 - 17:34:50 CST)
Re[2]: Microsoft FTP Client Multiple Bufferoverflow Vulnerability Matthew Leeds (Thu Nov 29 2007 - 18:18:25 CST)
[ MDKSA-2007:224-3 ] - Updated samba packages fix regressions securitymandriva.com (Thu Nov 29 2007 - 23:04:19 CST)
SCARE metrics and tool release Pete Herzog (Fri Nov 30 2007 - 09:30:18 CST)
Re: Microsoft FTP Client Multiple Bufferoverflow Vulnerability Vincent Archer (Fri Nov 30 2007 - 02:44:20 CST)
Re[2]: Microsoft FTP Client Multiple Bufferoverflow Vulnerability 3APA3A (Fri Nov 30 2007 - 03:48:43 CST)
PR07-14: Cross-site Scripting (XSS) / HTML injection on F5 FirePass 4100 SSL VPN 'my.activation.php3' server-side script researchprocheckup.com (Fri Nov 30 2007 - 04:51:53 CST)
PR07-15: Cross-site Scripting (XSS) / HTML injection on F5 FirePass 4100 SSL VPN 'my.logon.php3' server-side script researchprocheckup.com (Fri Nov 30 2007 - 05:50:04 CST)
Re: Aria-Security.net: CoolShot E-Lite POS 1.0 coolshot_nospam_coolshot.net (Fri Nov 30 2007 - 06:35:00 CST)
rPSA-2007-0254-1 idle python rPath Update Announcements (Fri Nov 30 2007 - 07:35:53 CST)
27Mhz based wireless security insecurities - Aka - "We know what you typed last summer" Max Moser (Fri Nov 30 2007 - 10:27:03 CST)
PR07-37: XSS on Apache HTTP Server 413 error pages via malformed HTTP method researchprocheckup.com (Fri Nov 30 2007 - 10:17:45 CST)
QEMU code_gen_buffer overflow POC TeLeMan (Fri Nov 30 2007 - 10:26:53 CST)
Re: 27Mhz based wireless security insecurities - Aka - "We know what you typed last summer" Jacob Appelbaum (Fri Nov 30 2007 - 17:25:37 CST)

Last message date: Fri Nov 30 2007 - 17:30:45 CST
Archived on: Fri Nov 30 2007 - 17:30:45 CST

440 messages sorted by: [ author ] [ thread ] [ subject ]