NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 2008-07

305 messages sorted by: [ date ] [ thread ] [ subject ]

Starting: Tue Jul 01 2008 - 09:09:54 CDT
Ending: Thu Jul 31 2008 - 15:24:15 CDT

[ISR] - Infobyte Security Research
- Tool release: [evilgrade] - Using DNS cache poisoning to exploit poor update implementations (Mon Jul 28 2008 - 05:21:09 CDT)
- Novell GroupWise Messenger Client (GWIM) Remote Stack Overflow (Fri Jul 04 2008 - 11:09:25 CDT)
a.polyakovdsec.ru
- Re: Lateral SQL Injection Revisited - No Special Privs Required (Fri Jul 18 2008 - 06:30:02 CDT)
Abe Getchell
- RE: Windows Vista Power Management & Local Security Policy (Tue Jul 22 2008 - 17:37:07 CDT)
- RE: Windows Vista Power Management & Local Security Policy (Sun Jul 20 2008 - 17:04:19 CDT)
- RE: Windows Vista Power Management & Local Security Policy (Sun Jul 20 2008 - 14:32:03 CDT)
- RE: Windows Vista Power Management & Local Security Policy (Sat Jul 19 2008 - 02:33:12 CDT)
- Windows Vista Power Management & Local Security Policy (Thu Jul 17 2008 - 21:39:23 CDT)
adminbugreport.ir
- MyBlog <=0.9.8 Multiple Vulnerabilities (Sun Jul 20 2008 - 07:26:18 CDT)
- Pluck Local File inclusion (Sun Jul 13 2008 - 07:29:18 CDT)
Adrian Pastor
- Re: E-Mail header Injection in HiFriend (Tue Jul 29 2008 - 04:31:49 CDT)
adve-rdc.org
- [ECHO_ADV_100$2008] Comdev Web Blogger <= 4.1.3 (arcmonth) Sql Injection Vulnerability (Wed Jul 16 2008 - 04:05:35 CDT)
advisorieshost.security-objectives.com
- SECOBJADV-2008-02: Cygwin Installation and Update Process can be Subverted Vulnerability (Fri Jul 25 2008 - 11:57:49 CDT)
Alberto Trivero
- [White Paper] Abusing HTML 5 Structured Client-side Storage (Sun Jul 20 2008 - 19:59:13 CDT)
Alexander Sotirov
- Pwnie Awards 2008 (Tue Jul 08 2008 - 03:37:51 CDT)
Alexandr Polyakov
- [DSECRG-08-028] File read in Velocity web-server (Wed Jul 16 2008 - 12:31:19 CDT)
alien
- London DEFCON July meet - DC4420 - Thursday 10th July (today!) (Thu Jul 10 2008 - 02:59:15 CDT)
Andrea Barisani
- [oCERT-2008-009] libxslt heap overflow (Thu Jul 31 2008 - 10:08:59 CDT)
- [oCERT-2008-007] libpoppler uninitialized pointer (Mon Jul 07 2008 - 09:06:53 CDT)
Andrea Purificato
- Oracle Portal XSS fixed by CPU July 2008 (Wed Jul 16 2008 - 17:26:59 CDT)
Andy Davis
- Cisco IOS shellcode explanation - additional (Wed Jul 30 2008 - 12:51:12 CDT)
- Cisco IOS shellcode explanation (Wed Jul 30 2008 - 04:03:51 CDT)
- Remote Cisco IOS FTP exploit (Tue Jul 29 2008 - 05:31:11 CDT)
Asterisk Security Team
- AST-2008-010: Asterisk IAX 'POKE' resource exhaustion (Tue Jul 22 2008 - 18:15:49 CDT)
- AST-2008-011: Traffic amplification in IAX2 firmware provisioning system (Tue Jul 22 2008 - 18:16:07 CDT)
azzcoderhotmail.com
- XRMS 1.99.2 (RFI/XSS/IG) Multiple Remote Vulnerabilities (Fri Jul 25 2008 - 10:13:03 CDT)
Bboyhacksgmail.com
- Security Bypass Vulnerabilities AXESSTEL (Sun Jul 27 2008 - 19:24:17 CDT)
Brett Moore
- Insomnia : ISVA-080709.1 - Microsoft SQL Server - Corrupt Backup File Heap Overflow (Wed Jul 09 2008 - 00:13:45 CDT)
Cesar
- Re: [Full-disclosure] iDefense Security Advisory 07.08.08: Microsoft SQL Server Restore Integer Underflow Vulnerability (Tue Jul 08 2008 - 18:26:11 CDT)
Chandrashekhar B
- Nessus plugins for recent MS Bulletins (Thu Jul 10 2008 - 05:48:35 CDT)
Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Multiple Cisco Products Vulnerable to DNS Cache Poisoning Attacks (Tue Jul 08 2008 - 13:36:40 CDT)
ClubHack
- CFP now open for ClubHack2008 - India (Tue Jul 15 2008 - 05:17:29 CDT)
cocoruder
- RealNetworks RealPlayer ActiveX Illegal Resource Reference Vulnerability (Tue Jul 29 2008 - 21:43:10 CDT)
Context IS - Disclosure
- Context IS Advisory - MS08-39 OWA XSS (Thu Jul 10 2008 - 04:41:49 CDT)
Cru3l.b0ygmail.com
- Flip V3.0 final (Mon Jul 21 2008 - 08:36:03 CDT)
danlangille.org
- Re: [ GLSA 200807-10 ] Bacula: Information disclosure (Mon Jul 21 2008 - 10:56:25 CDT)
davee1sbcglobal.net
- Re: Microsoft DNS patch KB951748 incompatible with Zonealarm FIXED (Wed Jul 09 2008 - 22:00:37 CDT)
David Bryan
- Minneapolis DC612 Meeting July 10th, 2008<img src="/imgs/at.gif" border=0 align=middle>6pm (Tue Jul 08 2008 - 14:28:30 CDT)
David Litchfield
- Re: Pwnie Awards 2008 (Mon Jul 21 2008 - 09:58:44 CDT)
- RE: Lateral SQL Injection Revisited - No Special Privs Required (Fri Jul 18 2008 - 18:50:01 CDT)
- Lateral SQL Injection Revisited - No Special Privs Required (Fri Jul 18 2008 - 09:03:16 CDT)
- Oracle Application Server PLSQL injection flaw (Tue Jul 15 2008 - 15:24:06 CDT)
DeepSec 2008
- Deepsec Talks 2007 are online - registration for 2008 is open (Tue Jul 01 2008 - 14:46:55 CDT)
DeepSec Conference Vienna
- DeepSec 2008 - Last call for submissions (Mon Jul 14 2008 - 05:13:20 CDT)
Devin Carraway
- [SECURITY] [DSA 1619-1] New python-dns packages fix DNS response spoofing (Sun Jul 27 2008 - 04:36:54 CDT)
- [SECURITY] [DSA 1616-2] New clamav packages fix denial of service (Fri Jul 25 2008 - 23:49:24 CDT)
- [SECURITY] [DSA 1617-1] New refpolicy packages fix incompatible policy (Fri Jul 25 2008 - 01:29:36 CDT)
- [SECURITY] [DSA 1616-1] new clamav packages fix denial of service (Thu Jul 24 2008 - 02:36:24 CDT)
- [SECURITY] [DSA 1613-1] new libgd2 packages fix multiple vulnerabilities (Tue Jul 22 2008 - 02:01:19 CDT)
- [SECURITY] [DSA 1608-1] New mysql-dfsg-5.0 packages fix authorization bypass (Sat Jul 12 2008 - 23:55:16 CDT)
Digital Security Research Group
- [DSECRG-08-029] Local File Include in Dokeos E-Learning System 1.8.5 (Thu Jul 17 2008 - 01:56:46 CDT)
Digital Security Research Group [DSecRG]
- [DSECRG-08-034] Local File Include Vulnerability in Minishowcase v09b136 (Tue Jul 29 2008 - 02:55:06 CDT)
- [DSECRG-08-033] Local File Include Vulnerability in Pixelpost 1.7.1 (Mon Jul 28 2008 - 03:30:28 CDT)
- [DSECRG-08-032] Claroline 1.8.10 Multiple XSS Vulnerabilities (Tue Jul 22 2008 - 10:34:48 CDT)
- [DSECRG-08-031] Local File Include Vulnerability in Interact 2.4.1 (Mon Jul 21 2008 - 08:55:18 CDT)
- [DSECRG-08-030] Claroline 1.8.9 Multiple Security Vulnerabilities (Fri Jul 18 2008 - 09:55:35 CDT)
- [DSECRG-08-027] Multiple RFI-LFI in 1024 CMS 1.4.3, 1.4.4 RFC (Fri Jul 04 2008 - 10:44:26 CDT)
dwg5901fhda.edu
- Re: Re: Microsoft DNS patch KB951748 incompatible with Zonealarm (Tue Jul 15 2008 - 16:05:41 CDT)
ekoparty
- ekoparty security trainings (2008) announcement (Wed Jul 16 2008 - 23:17:42 CDT)
Fabian Fingerle
- Cross Site Scripting (XSS) in Owl <=0.95, CVE-2008-3100 (Mon Jul 28 2008 - 16:15:40 CDT)
Fernando Gont
- IETF Internet-Draft on TCP Port randomization (Wed Jul 16 2008 - 14:23:28 CDT)
Florian Weimer
- [SECURITY] [DSA 1544-2] New pdns-recursor packages fix predictable randomness (Wed Jul 16 2008 - 14:09:37 CDT)
- [SECURITY] [DSA 1605-1] DNS vulnerability impact on the libc stub resolver (Tue Jul 08 2008 - 12:05:29 CDT)
- [SECURITY] [DSA 1604-1] BIND 8 deprecation notice (Tue Jul 08 2008 - 12:03:55 CDT)
- [SECURITY] [DSA 1603-1] New bind9 packages fix cache poisoning (Tue Jul 08 2008 - 12:03:12 CDT)
- [SECURITY] [DSA 1602-1] New pcre3 packages fix arbitrary code execution (Sat Jul 05 2008 - 07:37:12 CDT)
FreeBSD Security Advisories
- FreeBSD Security Advisory FreeBSD-SA-08:06.bind (Sun Jul 13 2008 - 14:10:04 CDT)
fukami
- CFP 25C3 - The 25th Chaos Communication Congress 2008 (Tue Jul 01 2008 - 03:33:30 CDT)
galiawefi.com
- Re: Local vulnerability in WeFi Client v3.2.1.4.1(Update) (Tue Jul 08 2008 - 02:49:04 CDT)
Ganbold
- Re: [Full-disclosure] CAU-EX-2008-0002: Kaminsky DNS Cache Poisoning Flaw Exploit (Thu Jul 24 2008 - 23:18:29 CDT)
Ghost hacker
- [~] Greetz : Me93fg & Mr.SaFa7 (Thu Jul 31 2008 - 08:15:52 CDT)
- HIOX Browser Statistics 2.0 Remote File Inclusion Vulnerability (Wed Jul 30 2008 - 07:35:35 CDT)
- HIOX Random Ad 1.3 (hioxRandomAd.php hm) RFI Vulnerability (Wed Jul 30 2008 - 07:08:38 CDT)
- HIOX Star Rating System 1.0 Remote File Inclusion Vulnerability (Wed Jul 30 2008 - 07:51:25 CDT)
- shoutbox Remote Database Dawnload Exploit (Wed Jul 30 2008 - 02:41:24 CDT)
- plugin Rss Remote File Inclusion Vulnerability (Tue Jul 29 2008 - 00:04:50 CDT)
- PhpJobScheduler 3.1 Remote File Inclusion Vulnerability (Tue Jul 29 2008 - 01:29:52 CDT)
- EZWebAlbum (dlfilename) Remote File Disclosure Vulnerability (Sun Jul 20 2008 - 07:12:09 CDT)
- openPro 1.3.1 (LIBPATH) Remote RFI Vulnerability (Wed Jul 16 2008 - 15:10:38 CDT)
- phpuserbase 1.3 (menu) Remote File Inclusion Vulnerability (Thu Jul 10 2008 - 11:57:47 CDT)
- gapicms v9.0.2 (dirDepth) Remote File Inclusion Vulnerability (Thu Jul 10 2008 - 11:53:00 CDT)
Good Securitypractice
- RE: Windows Vista Power Management & Local Security Policy (Wed Jul 23 2008 - 12:16:06 CDT)
Greg
- RE: Windows Vista Power Management & Local Security Policy (Sun Jul 27 2008 - 16:26:02 CDT)
GulfTech Security Research
- Pligg <= 9.9.0 Multiple Vulnerabilities (Wed Jul 30 2008 - 16:49:08 CDT)
- Gregarius <= 0.5.4 SQL Injection (Tue Jul 29 2008 - 03:36:23 CDT)
- ViArt <= 3.5 SQL Injection (Mon Jul 28 2008 - 13:38:57 CDT)
- JamRoom <= 3.3.8 Authentication Bypass (Mon Jul 28 2008 - 10:43:40 CDT)
Hernan Ochoa
- Release of Pass-The-Hash Toolkit v1.4 (Wed Jul 02 2008 - 13:41:21 CDT)
I)ruid
- CAU-EX-2008-0002: Kaminsky DNS Cache Poisoning Flaw Exploit (Wed Jul 23 2008 - 18:34:26 CDT)
iDefense Labs
- iDefense Security Advisory 07.30.08: SAP MaxDB dbmsrv Untrusted Execution Path Vulnerability (Thu Jul 31 2008 - 12:38:11 CDT)
- iDefense Security Advisory 07.28.08: Hewlett-Packard OVIS Probe Builder Arbitrary Process Termination Vulnerability (Mon Jul 28 2008 - 18:30:08 CDT)
- iDefense Security Advisory 07.15.08: Oracle Database Local Untrusted Library Path Vulnerability (Tue Jul 15 2008 - 17:12:19 CDT)
- iDefense Security Advisory 07.15.08: Oracle Database DBMS_AQELM Package Buffer Overflow Vulnerability (Tue Jul 15 2008 - 17:11:30 CDT)
- iDefense Security Advisory 07.15.08: Oracle Internet Directory Pre-Authentication LDAP DoS Vulnerability (Tue Jul 15 2008 - 17:10:42 CDT)
- iDefense Security Advisory 07.09.08: Novell eDirectory LDAP Search Request Heap Corruption Vulnerability (Thu Jul 10 2008 - 13:06:10 CDT)
- iDefense Security Advisory 07.08.08: Microsoft SQL Server Restore Integer Underflow Vulnerability (Tue Jul 08 2008 - 16:18:29 CDT)
irancrashgmail.com
- DEV WMS Multiple Vulnerabilities (Wed Jul 30 2008 - 13:34:06 CDT)
- MJGuest 6.8 GT Cross Site Scripting Vulnerability (Tue Jul 29 2008 - 15:33:41 CDT)
- Easydynamicpages 30tr Multipe Vulerabilities ( Xss / Sql Injection Exploit / File Disclosure Exploit ) (Sat Jul 19 2008 - 07:13:24 CDT)
- Maran PHP Blog Xss By Khashayar Fereidani (Sat Jul 19 2008 - 12:29:52 CDT)
- Easyecards 310a Multipe Vulerabilities ( Xss / Sql Injection Exploit / File Disclosure Exploit ) By Khashayar Fereidani (Sat Jul 19 2008 - 07:18:06 CDT)
- EasyPublish 3.0tr Multiple Vulnerabilities ( Xss / Sql Injection Exploit / File Disclosure Exploit ) (Sat Jul 19 2008 - 07:37:21 CDT)
- Easybookmarker 40tr Xss Vulnerability By Khashayar Fereidani (Sat Jul 19 2008 - 07:22:52 CDT)
isecboannews.com
- ISEC 2008(Information Security Conference) Guide (Wed Jul 02 2008 - 02:21:05 CDT)
ISecAuditors Security Advisories
- [ISecAuditors Security Advisories] SmbClientParser Perl module allows remote command execution (Fri Jul 18 2008 - 06:46:24 CDT)
James C. Slora Jr.
- RE: Windows Vista Power Management & Local Security Policy (Tue Jul 22 2008 - 10:15:22 CDT)
Jamie Strandboge
- [USN-626-1] Firefox and xulrunner vulnerabilities (Mon Jul 28 2008 - 18:29:38 CDT)
- [USN-626-1] Firefox and xulrunner vulnerabilities (Mon Jul 28 2008 - 18:29:38 CDT)
- [USN-629-1] Thunderbird vulnerabilities (Thu Jul 24 2008 - 22:20:11 CDT)
- [USN-628-1] PHP vulnerabilities (Wed Jul 23 2008 - 14:39:07 CDT)
- [USN-627-1] Dnsmasq vulnerability (Tue Jul 22 2008 - 11:37:02 CDT)
- [USN-623-1] Firefox vulnerabilities (Thu Jul 17 2008 - 10:10:04 CDT)
- [USN-619-1] Firefox vulnerabilities (Wed Jul 02 2008 - 07:45:38 CDT)
- [USN-617-2] Samba regression (Mon Jun 30 2008 - 15:50:18 CDT)
Jan Minář
- Re: [Full-disclosure] Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution (Sat Jul 26 2008 - 07:33:24 CDT)
- Re: [Full-disclosure] Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution (Thu Jul 24 2008 - 21:16:00 CDT)
- Vim: Flawed Fix of Arbitrary Code Execution Vulnerability in filetype.vim (Wed Jul 23 2008 - 13:29:01 CDT)
- Vim: Improper Implementation of shellescape()/Arbitrary Code Execution (Mon Jul 21 2008 - 07:07:53 CDT)
- Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution (Thu Jul 17 2008 - 17:54:18 CDT)
- Arbitrary code execution in Netrw version 127, Vim 7.2b (Wed Jul 16 2008 - 06:53:29 CDT)
- Re: Collection of Vulnerabilities in Fully Patched Vim 7.1 (Tue Jul 01 2008 - 14:36:29 CDT)
Jeff Martin
- RE: New Paper: More than 600 million users surf at high risk (Fri Jul 11 2008 - 14:16:13 CDT)
Jessica Hope
- XSS in admin logs - vBulletin 3.7.2 and lower, vBulletin 3.6.10 PL2 and lower (Tue Jul 08 2008 - 11:59:06 CDT)
jgablezonelabs.com
- Re: Microsoft DNS patch KB951748 incompatible with Zonealarm (Fri Jul 11 2008 - 16:36:49 CDT)
Jim Harrison
- RE: Windows Vista Power Management & Local Security Policy (Tue Jul 22 2008 - 14:46:43 CDT)
- RE: Windows Vista Power Management & Local Security Policy (Sun Jul 20 2008 - 15:33:19 CDT)
- RE: Windows Vista Power Management & Local Security Policy (Sat Jul 19 2008 - 00:36:09 CDT)
jmpascual
- Re: Oracle Database Local Untrusted Library Path Vulnerability (Sat Jul 19 2008 - 17:10:56 CDT)
Joxean Koret
- Oracle Database Local Untrusted Library Path Vulnerability (Sat Jul 19 2008 - 10:08:40 CDT)
jplopezygmail.com
- Outpost Security Suite Pro ver. 2009 Multiple vulnerabilities (Tue Jul 22 2008 - 12:21:26 CDT)
Juha-Matti Laurio
- Re: Multiple vulnerabilities in TietoEnator's Procapita school administration system, at least version (Sun Jul 06 2008 - 15:10:46 CDT)
Julien Thomas
- Vulnerability CVE-2008-3671 - MyReview's vulnerability in the access control system (Sat Jul 19 2008 - 18:09:56 CDT)
Kees Cook
- [USN-630-1] ffmpeg vulnerability (Mon Jul 28 2008 - 17:17:30 CDT)
- [USN-631-1] poppler vulnerability (Mon Jul 28 2008 - 17:18:05 CDT)
- [USN-631-1] poppler vulnerability (Mon Jul 28 2008 - 17:18:05 CDT)
- [USN-624-1] PCRE vulnerability (Mon Jul 14 2008 - 21:06:08 CDT)
- [USN-622-1] Bind vulnerability (Tue Jul 08 2008 - 16:19:56 CDT)
Larry Seltzer
- RE: New Paper: More than 600 million users surf at high risk (Tue Jul 01 2008 - 14:31:32 CDT)
- RE: New Paper: More than 600 million users surf at high risk (Tue Jul 01 2008 - 14:26:07 CDT)
lovebughotmail.it
- PHP-NUKE SQL Module's Name 4ndvddb (Mon Jul 07 2008 - 14:24:55 CDT)
Luigi Auriemma
- NULL pointer in Unreal Tournament 2004 v3369 (Tue Jul 29 2008 - 18:36:07 CDT)
- Memory corruption and NULL pointer in Unreal Tournament III 1.2 (Tue Jul 29 2008 - 18:37:27 CDT)
- NULL pointer in ZDaemon 1.08.07 (Mon Jul 21 2008 - 18:02:21 CDT)
- Endless loop in Soldner 33724 (Mon Jun 30 2008 - 19:52:44 CDT)
Matthias Geerdsen
- [ GLSA 200807-08 ] BIND: Cache poisoning (Fri Jul 11 2008 - 13:13:17 CDT)
- [ GLSA 200807-04 ] Poppler: User-assisted execution of arbitrary code (Tue Jul 08 2008 - 13:48:06 CDT)
mcalauttgmail.com
- Re: PR07-37: XSS on Apache HTTP Server 413 error pages via malformed HTTP method (Thu Jul 10 2008 - 11:53:20 CDT)
Meitsec2008 Conference
- Call for Papers for the MEITSEC 2008 is now open. (Tue Jul 08 2008 - 05:20:10 CDT)
- Call for Papers for the MEITSEC 2008 is now open. (Tue Jul 08 2008 - 05:20:10 CDT)
Michal Zalewski
- [tool] ratproxy - passive web application security assessment tool (Tue Jul 01 2008 - 19:02:02 CDT)
Moritz Muehlenhoff
- [SECURITY] [DSA 1624-1] New libxslt packages fix arbitrary code execution (Thu Jul 31 2008 - 15:19:20 CDT)
- [SECURITY] [DSA 1623-1] New dnsmasq packages fix cache poisoning (Thu Jul 31 2008 - 11:45:20 CDT)
- [SECURITY] [DSA 1621-1] New icedove packages fix several vulnerabilities (Sun Jul 27 2008 - 16:38:47 CDT)
- [SECURITY] [DSA 1620-1] New python2.5 packages fix several vulnerabilities (Sun Jul 27 2008 - 08:13:22 CDT)
- [SECURITY] [DSA 1618-1] New ruby1.9 packages fix several vulnerabilities (Sat Jul 26 2008 - 10:17:57 CDT)
- [SECURITY] [DSA 1615-1] New xulrunner packages fix several vulnerabilities (Wed Jul 23 2008 - 15:33:58 CDT)
- [SECURITY] [DSA 1614-1] New iceweasel packages fix several vulnerabilities (Wed Jul 23 2008 - 15:07:11 CDT)
- [SECURITY] [DSA 1612-1] New ruby1.8 packages fix several vulnerabilities (Mon Jul 21 2008 - 12:29:08 CDT)
- [SECURITY] [DSA 1607-1] New iceweasel packages fix several vulnerabilities (Fri Jul 11 2008 - 11:11:41 CDT)
n3tr00t3ryahoo.com
- communitycms-0.1 Remote File Includion (Thu Jul 17 2008 - 10:46:47 CDT)
Nahuel C. Riva
- [Full-disclosure] [tool] SDT Cleaner 1.0 (Wed Jul 23 2008 - 17:49:33 CDT)
nelsrobmts.net
- Re: Re: Microsoft DNS patch KB951748 incompatible with Zonealarm (Sat Jul 12 2008 - 18:54:05 CDT)
Netragard Security Advisories
- [NETRAGARD SECURITY ADVISORY][Apple Core Image Fun House <= 2.0 OS X -- Arbitrary Code Execution][NETRAGARD-20080711] (Fri Jul 11 2008 - 13:38:30 CDT)
Nick FitzGerald
- RE: New Paper: More than 600 million users surf at high risk (Tue Jul 01 2008 - 19:27:14 CDT)
Nikolai Weibull
- Re: Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution (Fri Jul 18 2008 - 02:38:28 CDT)
nnposterdisclosed.not
- F5 FirePass 1200 SNMP daemon DoS (Thu Jul 03 2008 - 20:29:05 CDT)
ottoottodestruct.com
- Re: Wordpress Malicious File Execution Vulnerability (Wed Jul 23 2008 - 14:44:51 CDT)
Pages-Web.com - Services internet
- Microsoft DNS patch KB951748 incompatible with Zonealarm (Wed Jul 09 2008 - 13:24:04 CDT)
Paul Oxman (poxman)
- RE: Remote Cisco IOS FTP exploit (Wed Jul 30 2008 - 01:31:29 CDT)
Paul Schmehl
- RE: New Paper: More than 600 million users surf at high risk (Tue Jul 01 2008 - 15:39:11 CDT)
Pete Herzog
- Security Vacation Guide (Thu Jul 17 2008 - 16:36:30 CDT)
Peter Wiesen
- E-Mail header Injection in HiFriend (Mon Jul 21 2008 - 13:01:18 CDT)
Pierre-Yves Rofes
- [ GLSA 200807-13 ] VLC: Multiple vulnerabilities (Thu Jul 31 2008 - 13:26:24 CDT)
- [ GLSA 200807-14 ] Linux Audit: Buffer overflow (Thu Jul 31 2008 - 13:36:48 CDT)
- [ GLSA 200807-15 ] Pan: User-assisted execution of arbitrary code (Thu Jul 31 2008 - 13:44:08 CDT)
- [ GLSA 200807-12 ] BitchX: Multiple vulnerabilities (Mon Jul 21 2008 - 17:08:33 CDT)
- [ GLSA 200807-11 ] PeerCast: Buffer overflow (Mon Jul 21 2008 - 14:52:38 CDT)
- [ GLSA 200807-10 ] Bacula: Information disclosure (Mon Jul 21 2008 - 13:08:18 CDT)
- [ GLSA 200807-05 ] OpenOffice.org: User-assisted execution of arbitrary code (Wed Jul 09 2008 - 15:49:07 CDT)
ProCheckUp Research
- PR08-16: CSRF (Cross-site Request Forgery) on Moodle edit profile page (Tue Jul 22 2008 - 10:59:48 CDT)
- PR08-15: Several Webroot Disclosures on Moodle (Tue Jul 22 2008 - 10:48:39 CDT)
- PR08-13: Persistent Cross-site Scripting (XSS) on Moodle via blog entry title (Tue Jul 22 2008 - 10:46:23 CDT)
- Re: PR07-37: XSS on Apache HTTP Server 413 error pages via malformed HTTP method (Mon Jul 14 2008 - 07:13:35 CDT)
Rainer Duffner
- Re: New Paper: More than 600 million users surf at high risk (Wed Jul 02 2008 - 10:44:53 CDT)
RM-xmsn.com
- Yuhhu Pubs Black Cat Remote SQL Injection Exploit (Mon Jul 14 2008 - 10:09:08 CDT)
Rob Thompson
- Re: New Paper: More than 600 million users surf at high risk (Sat Jul 12 2008 - 14:21:15 CDT)
- Re: New Paper: More than 600 million users surf at high risk (Tue Jul 01 2008 - 15:02:38 CDT)
Robert Buchholz
- Re: [Full-disclosure] Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution (Fri Jul 25 2008 - 05:18:21 CDT)
- Re: [Full-disclosure] Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution (Thu Jul 24 2008 - 20:17:08 CDT)
- [ GLSA 200807-06 ] Apache: Denial of Service (Wed Jul 09 2008 - 17:00:06 CDT)
- [ GLSA 200807-07 ] NX: User-assisted execution of arbitrary code (Wed Jul 09 2008 - 17:01:47 CDT)
- [ GLSA 200807-03 ] PCRE: Buffer overflow (Mon Jul 07 2008 - 15:34:53 CDT)
Rotem-BugSec
- Simple DNS Plus 5.0/4.1 < remote Denial of Service exploit (Sun Jul 13 2008 - 04:02:57 CDT)
rPath Update Announcements
- rPSA-2008-0235-1 fetchmail fetchmailconf (Mon Jul 28 2008 - 20:06:18 CDT)
- rPSA-2008-0238-1 firefox (Mon Jul 28 2008 - 20:24:50 CDT)
- rPSA-2008-0237-1 tshark wireshark (Mon Jul 28 2008 - 20:18:53 CDT)
- rPSA-2008-0236-1 httpd mod_ssl (Mon Jul 28 2008 - 20:11:43 CDT)
- rPSA-2008-0231-1 bind bind-utils (Sat Jul 19 2008 - 09:31:24 CDT)
- rPSA-2008-0035-1 httpd mod_ssl (Wed Jul 16 2008 - 15:43:10 CDT)
- rPSA-2008-0223-1 poppler (Wed Jul 09 2008 - 17:18:44 CDT)
- rPSA-2008-0218-1 ruby (Tue Jul 08 2008 - 17:52:16 CDT)
- rPSA-2008-0217-1 vsftpd (Tue Jul 08 2008 - 17:15:49 CDT)
- rPSA-2008-0216-1 firefox (Tue Jul 08 2008 - 17:12:52 CDT)
- rPSA-2008-0212-1 tshark wireshark (Thu Jul 03 2008 - 08:05:45 CDT)
- rPSA-2008-0211-1 mercurial mercurial-hgk (Thu Jul 03 2008 - 07:57:26 CDT)
Scanit Labs
- [SCANIT-2008-001] QNX phgrafx Privilege Escalation Vulnerability (Mon Jun 30 2008 - 23:25:12 CDT)
- [SCANIT-2008-003] Wordtrans-web Remote Command Execution Vulnerability (Mon Jun 30 2008 - 23:25:21 CDT)
- [SCANIT-2008-002] Wordtrans-web Remote Command Execution Vulnerability (Mon Jun 30 2008 - 23:25:17 CDT)
Secunia Research
- Secunia Research: Blue Coat K9 Web Protection Response Handling Buffer Overflows (Thu Jul 31 2008 - 09:32:28 CDT)
- Secunia Research: Blue Coat K9 Web Protection "Referer" Header Buffer Overflow (Thu Jul 31 2008 - 09:32:25 CDT)
- Secunia Research: RealPlayer SWF Frame Handling Buffer Overflow (Fri Jul 25 2008 - 10:01:50 CDT)
- Secunia Research: VLC Media Player WAV Processing Integer Overflow (Wed Jul 02 2008 - 09:53:29 CDT)
security-alerthp.com
- [security bulletin] HPSBUX02286 SSRT071466 rev.1 - HP-UX Running System Administration Manager (SAM), Unintended Remote Access (Thu Jul 31 2008 - 07:51:29 CDT)
- [security bulletin] HPSBMA02353 SSRT080066 rev.1 - HP OpenView Internet Services Running Probe Builder, Remote Denial of Service (DoS) (Mon Jul 28 2008 - 10:20:35 CDT)
- [security bulletin] HPSBMA02346 SSRT080097 rev.3 - HP OpenView Select Identity Active Directory Bidirectional LDAP Connector, Remote Unauthorized Access (Tue Jul 22 2008 - 09:24:41 CDT)
- [security bulletin] HPSBUX02351 SSRT080058 rev.2 - HP-UX Running BIND, Remote DNS Cache Poisoning (Sat Jul 19 2008 - 06:29:00 CDT)
- HPSBMA02346 SSRT080097 rev.2 - HP Select Identity Active Directory Bidirectional LDAP Connector, Remote Unauthorized Access (Thu Jul 17 2008 - 08:00:13 CDT)
- [security bulletin] HPSBUX02351 SSRT080058 rev.1 - HP-UX Running BIND, Remote DNS Cache Poisoning (Wed Jul 16 2008 - 21:21:10 CDT)
- [security bulletin] HPSBMA02133 SSRT061201 rev.9 - HP Oracle for OpenView (OfO) Critical Patch Update (Wed Jul 16 2008 - 07:00:29 CDT)
- [security bulletin] HPSBMA02346 SSRT080097 rev.1 - HP Select Identity Active Directory Bidirectional LDAP Connector, Remote Unauthorized Access (Wed Jul 16 2008 - 06:59:46 CDT)
- HPSBST02350 SSRT080102 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-037 to MS08-040 (Tue Jul 15 2008 - 04:41:45 CDT)
- [security bulletin] HPSBMA02349 SSRT080043 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Unauthorized Access to Data (Tue Jul 08 2008 - 10:45:29 CDT)
- [security bulletin] HPSBMA02348 SSRT080033 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code, Denial of Service (DoS) (Tue Jul 08 2008 - 10:44:47 CDT)
- [security bulletin] HPSBMA02345 SSRT080039 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Cross Site Scripting (XSS) (Tue Jul 01 2008 - 07:38:41 CDT)
securitymandriva.com
- [ MDVSA-2008:159 ] licq (Wed Jul 30 2008 - 17:03:00 CDT)
- [ MDVSA-2008:158 ] silc-toolkit (Wed Jul 30 2008 - 13:50:00 CDT)
- [ MDVSA-2008:157 ] - ffmpeg (Tue Jul 29 2008 - 16:15:00 CDT)
- [ MDVSA-2008:156 ] - Updated libpng packages fix vulnerability (Mon Jul 28 2008 - 18:52:00 CDT)
- [ MDVSA-2008:155-1 ] - Updated Thunderbird packages fix multiple vulnerabilities (Sun Jul 27 2008 - 13:47:00 CDT)
- [ MDVSA-2008:155 ] - Updated Thunderbird packages fix multiple vulnerabilities (Fri Jul 25 2008 - 17:24:00 CDT)
- [ MDVSA-2008:154 ] - Updated xemacs packages fix vulnerability (Wed Jul 23 2008 - 18:29:00 CDT)
- [ MDVSA-2008:153 ] - Updated emacs packages fix vulnerability (Wed Jul 23 2008 - 16:56:00 CDT)
- [ MDVSA-2008:152 ] - Updated wireshark packages fix denial of service vulnerability (Tue Jul 22 2008 - 18:07:01 CDT)
- [ MDVSA-2008:151 ] - Updated libxslt packages fix buffer overflow vulnerability (Mon Jul 21 2008 - 20:49:00 CDT)
- [ MDVSA-2008:150 ] - Updated mysql packages fix vulnerabilities (Sat Jul 19 2008 - 18:06:00 CDT)
- [ MDVSA-2008:149 ] - Updated mysql packages fix vulnerabilities (Sat Jul 19 2008 - 14:42:00 CDT)
- [ MDVSA-2008:148 ] - Updated Firefox packages fix vulnerabilities (Thu Jul 17 2008 - 19:51:00 CDT)
- [ MDVSA-2008:146 ] - Updated poppler packages fix arbitrary code execution vulnerability (Tue Jul 15 2008 - 18:58:00 CDT)
- [ MDVSA-2008:147 ] - Updated pcre packages fix vulnerability (Wed Jul 16 2008 - 01:57:00 CDT)
- [ MDVSA-2008:145 ] - Updated bluez/bluez-utils packages fix SDP packet parsing vulnerability (Mon Jul 14 2008 - 23:48:00 CDT)
- [ MDVSA-2008:144 ] - Updated openldap packages fix slapd DoS vulnerability (Sat Jul 12 2008 - 01:15:00 CDT)
- [ MDVSA-2008:138-1 ] - Updated OpenOffice.org packages fix vulnerability (Fri Jul 11 2008 - 19:17:00 CDT)
- [ MDVSA-2008:143 ] - Updated pidgin packages fix MSN protocol handler vulnerability (Thu Jul 10 2008 - 21:47:00 CDT)
- [ MDVSA-2008:140 ] - Updated ruby packages fix vulnerabilities (Wed Jul 09 2008 - 20:43:00 CDT)
- [ MDVSA-2008:141 ] - Updated ruby packages fix vulnerabilities (Wed Jul 09 2008 - 20:58:00 CDT)
- [ MDVSA-2008:142 ] - Updated ruby packages fix vulnerabilities (Wed Jul 09 2008 - 21:57:00 CDT)
- [ MDVSA-2008:139 ] - Updated BIND packages fix critical DNS vulnerability (Wed Jul 09 2008 - 15:49:00 CDT)
- [ MDVSA-2008:138 ] - Updated OpenOffice.org packages fix vulnerability (Wed Jul 09 2008 - 00:02:01 CDT)
- [ MDVSA-2008:137 ] - Updated OpenOffice.org fix vulnerability, and a few other bugs (Tue Jul 08 2008 - 19:23:00 CDT)
- [ MDVSA-2008:136 ] - Updated Firefox packages fix vulnerabilities (Tue Jul 08 2008 - 16:30:00 CDT)
- [ MDVSA-2008:135 ] - Updated gnome-screensaver packages fix authentication vulnerability (Fri Jul 04 2008 - 22:17:00 CDT)
- [ MDVSA-2008:134 ] - Updated squid packages fix DoS vulnerability (Fri Jul 04 2008 - 19:27:00 CDT)
- [ MDVSA-2008:133 ] - Updated sympa packages fix DoS vulnerability (Fri Jul 04 2008 - 17:46:00 CDT)
- [ MDVSA-2008:132 ] - Updated gnome-screensaver packages fix authentication vulnerability (Fri Jul 04 2008 - 17:26:00 CDT)
- [ MDVSA-2008:131 ] - Updated phpMyAdmin packages fix multiple vulnerabilities (Fri Jul 04 2008 - 15:58:00 CDT)
- [ MDVSA-2008:129 ] - Updated PHP packages fix multiple vulnerabilities (Thu Jul 03 2008 - 22:16:00 CDT)
- [ MDVSA-2008:130 ] - Updated PHP packages fix multiple vulnerabilities (Thu Jul 03 2008 - 22:20:00 CDT)
- [ MDVSA-2008:128 ] - Updated PHP packages fix multiple vulnerabilities (Thu Jul 03 2008 - 19:05:00 CDT)
- [ MDVSA-2008:127 ] - Updated PHP packages fix multiple vulnerabilities (Thu Jul 03 2008 - 18:59:00 CDT)
- [ MDVSA-2008:126 ] - Updated PHP packages fix multiple vulnerabilities (Thu Jul 03 2008 - 18:55:00 CDT)
- [ MDVSA-2008:125 ] - Updated PHP packages fix multiple vulnerabilities (Thu Jul 03 2008 - 18:51:00 CDT)
securitynruns.com
- n.runs-SA-2008.004 - AVG Anti-Virus Divide by Zero - DoS (remote) (Tue Jul 29 2008 - 05:03:25 CDT)
- n.runs-SA-2008.002 - F-Prot Out-of-Bound Memory Access DoS (remote) (Wed Jul 16 2008 - 11:32:35 CDT)
securitysoqor.net
- ezContents CMS Renote File inclusion (Fri Jul 25 2008 - 05:04:14 CDT)
snaggsecurenetwork.it
- Vuln name: Ruby rb_ary_fill() DOS (Mon Jun 30 2008 - 15:46:27 CDT)
Stefan Frei
- New Paper: More than 600 million users surf at high risk (Tue Jul 01 2008 - 10:39:51 CDT)
Steve Kemp
- [SECURITY] [DSA 1610-1] New gaim packages fix execution of arbitrary code (Tue Jul 15 2008 - 12:46:45 CDT)
- [SECURITY] [DSA 1609-1] New lighttpd packages fix multiple DOS issues (Tue Jul 15 2008 - 12:39:09 CDT)
- [SECURITY] [DSA 1606-1] poppler packages fix execution of arbitrary code (Wed Jul 09 2008 - 12:46:37 CDT)
- [SECURITY] [DSA 1560-1] New sympa packages fix denial of service (Tue Jul 01 2008 - 15:25:39 CDT)
Steve Shockley
- Re: Microsoft DNS patch KB951748 incompatible with Zonealarm (Sat Jul 12 2008 - 13:32:53 CDT)
Steven M. Christey
- Re: how to request a cve id? (Sat Jul 26 2008 - 12:08:25 CDT)
- Re: [Full-disclosure] Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution (Fri Jul 25 2008 - 10:57:28 CDT)
superinnu.org
- Tool: PorkBind Nameserver Security Scanner (Wed Jul 30 2008 - 11:34:54 CDT)
supportrupgmail.com
- Multiple Cross-Site Scripting Vulnerabilities in Web Wiz Rich Text Editor version 4.02 (Sun Jul 27 2008 - 05:03:26 CDT)
tan_prathanhotmail.com
- Def_Blog 1.0.3 Multiple Remote SQL Injection Vulnerabilities (Thu Jul 17 2008 - 20:30:27 CDT)
Testeryahoo.com
- Re: SchoolCenter URL Handling Cross Site Scripting Vulnerability (Sat Jul 19 2008 - 22:14:38 CDT)
Thijs Kinkhorst
- [SECURITY] [DSA 1622-1] New newsx packages fix arbitrary code execution (Thu Jul 31 2008 - 03:56:14 CDT)
- [SECURITY] [DSA 1540-3] New lighttpd packages fix regression (Wed Jul 23 2008 - 13:59:43 CDT)
- [SECURITY] [DSA 1611-1] New afuse packages fix privilege escalation (Wed Jul 16 2008 - 14:18:32 CDT)
- [SECURITY] [DSA 1569-3] New cacti packages fix regression (Tue Jul 15 2008 - 14:05:33 CDT)
- [SECURITY] [DSA 1601-1] New wordpress packages fix several vulnerabilities (Fri Jul 04 2008 - 02:16:56 CDT)
Thor (Hammer of God)
- RE: Windows Vista Power Management & Local Security Policy (Sat Jul 19 2008 - 17:19:46 CDT)
Tim Loshak
- Vulnerability: SocialEngine (SocialEngine.net) high risk security flaw (Tue Jul 22 2008 - 05:20:56 CDT)
Tobias Heinlein
- [ GLSA 200807-09 ] Mercurial: Directory traversal (Tue Jul 15 2008 - 17:08:53 CDT)
- [ GLSA 200807-02 ] Motion: Execution of arbitrary code (Tue Jul 01 2008 - 06:59:36 CDT)
- [ GLSA 200807-01 ] Python: Multiple integer overflows (Tue Jul 01 2008 - 06:51:43 CDT)
Tuc at T-B-O-H.NET
- Re: [bugtraq] Re: [Full-disclosure] CAU-EX-2008-0002: Kaminsky DNS Cache Poisoning (Fri Jul 25 2008 - 15:09:07 CDT)
VMware Security team
- VMSA-2008-00011 Updated ESX service console packages for Samba and vmnix (Mon Jul 28 2008 - 20:22:48 CDT)
wargame89yahoo.it
- Re: Rhythmbox Vulnerability (Mon Jun 30 2008 - 14:40:55 CDT)
Wendel Guglielmetti Henrique
- Citrix MetaFrame Privilege Escalation (Wed Jul 30 2008 - 15:09:39 CDT)
XiaShingGmail.Com
- Local information disclosure in WeFi Client v3.3.3.0 (Wed Jul 09 2008 - 08:12:41 CDT)
- Local vulnerability in WeFi Client v3.2.1.4.1(Update) (Fri Jul 04 2008 - 01:35:36 CDT)
xpzhang
- how to request a cve id? (Thu Jul 24 2008 - 20:43:46 CDT)
zdi-disclosures3com.com
- ZDI-08-047: RealNetworks RealPlayer rmoc3260 ActiveX Control Memory Corruption Vulnerability (Fri Jul 25 2008 - 16:27:27 CDT)
- http://www.zerodayinitiative.com/advisories/ZDI-08-046 (Fri Jul 25 2008 - 16:27:06 CDT)
- ZDI-08-045: Apple Safari StyleSheet ownerNode Heap Corruption Vulnerability (Fri Jul 25 2008 - 16:26:30 CDT)
- ZDI-08-042: Sun Java Web Start Sandbox Bypass Vulnerability (Thu Jul 17 2008 - 14:17:22 CDT)
- ZDI-08-043: Sun Java Web Start vm args Stack Buffer Overflow (Thu Jul 17 2008 - 14:17:41 CDT)
- ZDI-08-044: Mozilla Firefox CSSValue Array Memory Corruption Vulnerability (Thu Jul 17 2008 - 14:17:58 CDT)
- ZDI-08-041: Novell eDirectory dhost Integer Overflow Code Execution Vulnerability (Thu Jul 10 2008 - 12:20:04 CDT)
zhliufortinet.com
- FGA-2008-16: EMC Dantz Retrospect 7 backup Server Authentication Module Weak Password Hash Arithmetic Vulnerability (Mon Jul 21 2008 - 20:41:00 CDT)
- FGA-2008-16: EMC Dantz Retrospect 7 backup Client 7.5.116 NULL-Pointer reference Denial of Service Vulnerability (Mon Jul 21 2008 - 08:49:25 CDT)
- FGA-2008-16: EMC Dantz Retrospect 7 backup Client 7.5.116 Remote Memory corruption Vulnerability (Mon Jul 21 2008 - 08:44:11 CDT)
- EMC Dantz Retrospect 7 backup Client PlainText Password Hash Disclosure Vulnerability (Mon Jul 21 2008 - 08:45:55 CDT)

Last message date: Thu Jul 31 2008 - 15:24:15 CDT
Archived on: Thu Jul 31 2008 - 15:24:15 CDT

305 messages sorted by: [ date ] [ thread ] [ subject ]