NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 2008-07

Most recent messages
305 messages sorted by: [ author ] [ date ] [ subject ]

Starting: Tue Jul 01 2008 - 09:09:54 CDT
Ending: Thu Jul 31 2008 - 15:24:15 CDT

Re: Rhythmbox Vulnerability wargame89yahoo.it (Mon Jun 30 2008 - 14:40:55 CDT)
Endless loop in Soldner 33724 Luigi Auriemma (Mon Jun 30 2008 - 19:52:44 CDT)
[USN-617-2] Samba regression Jamie Strandboge (Mon Jun 30 2008 - 15:50:18 CDT)
[SCANIT-2008-002] Wordtrans-web Remote Command Execution Vulnerability Scanit Labs (Mon Jun 30 2008 - 23:25:17 CDT)
[SCANIT-2008-003] Wordtrans-web Remote Command Execution Vulnerability Scanit Labs (Mon Jun 30 2008 - 23:25:21 CDT)
CFP 25C3 - The 25th Chaos Communication Congress 2008 fukami (Tue Jul 01 2008 - 03:33:30 CDT)
[SCANIT-2008-001] QNX phgrafx Privilege Escalation Vulnerability Scanit Labs (Mon Jun 30 2008 - 23:25:12 CDT)
[ GLSA 200807-01 ] Python: Multiple integer overflows Tobias Heinlein (Tue Jul 01 2008 - 06:51:43 CDT)
[security bulletin] HPSBMA02345 SSRT080039 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Cross Site Scripting (XSS) security-alerthp.com (Tue Jul 01 2008 - 07:38:41 CDT)
[ GLSA 200807-02 ] Motion: Execution of arbitrary code Tobias Heinlein (Tue Jul 01 2008 - 06:59:36 CDT)
New Paper: More than 600 million users surf at high risk Stefan Frei (Tue Jul 01 2008 - 10:39:51 CDT)
- RE: New Paper: More than 600 million users surf at high risk Larry Seltzer (Tue Jul 01 2008 - 14:26:07 CDT)
- RE: New Paper: More than 600 million users surf at high risk Larry Seltzer (Tue Jul 01 2008 - 14:31:32 CDT)
- RE: New Paper: More than 600 million users surf at high risk Paul Schmehl (Tue Jul 01 2008 - 15:39:11 CDT)
- RE: New Paper: More than 600 million users surf at high risk Nick FitzGerald (Tue Jul 01 2008 - 19:27:14 CDT)
- Re: New Paper: More than 600 million users surf at high risk Rainer Duffner (Wed Jul 02 2008 - 10:44:53 CDT)
- Re: New Paper: More than 600 million users surf at high risk Rob Thompson (Tue Jul 01 2008 - 15:02:38 CDT)
- RE: New Paper: More than 600 million users surf at high risk Jeff Martin (Fri Jul 11 2008 - 14:16:13 CDT)
- Re: New Paper: More than 600 million users surf at high risk Rob Thompson (Sat Jul 12 2008 - 14:21:15 CDT)
Vuln name: Ruby rb_ary_fill() DOS snaggsecurenetwork.it (Mon Jun 30 2008 - 15:46:27 CDT)
Deepsec Talks 2007 are online - registration for 2008 is open DeepSec 2008 (Tue Jul 01 2008 - 14:46:55 CDT)
Re: Collection of Vulnerabilities in Fully Patched Vim 7.1 Jan Minář (Tue Jul 01 2008 - 14:36:29 CDT)
[SECURITY] [DSA 1560-1] New sympa packages fix denial of service Steve Kemp (Tue Jul 01 2008 - 15:25:39 CDT)
[USN-619-1] Firefox vulnerabilities Jamie Strandboge (Wed Jul 02 2008 - 07:45:38 CDT)
[tool] ratproxy - passive web application security assessment tool Michal Zalewski (Tue Jul 01 2008 - 19:02:02 CDT)
ISEC 2008(Information Security Conference) Guide isecboannews.com (Wed Jul 02 2008 - 02:21:05 CDT)
Secunia Research: VLC Media Player WAV Processing Integer Overflow Secunia Research (Wed Jul 02 2008 - 09:53:29 CDT)
Release of Pass-The-Hash Toolkit v1.4 Hernan Ochoa (Wed Jul 02 2008 - 13:41:21 CDT)
rPSA-2008-0211-1 mercurial mercurial-hgk rPath Update Announcements (Thu Jul 03 2008 - 07:57:26 CDT)
rPSA-2008-0212-1 tshark wireshark rPath Update Announcements (Thu Jul 03 2008 - 08:05:45 CDT)
[ MDVSA-2008:125 ] - Updated PHP packages fix multiple vulnerabilities securitymandriva.com (Thu Jul 03 2008 - 18:51:00 CDT)
[ MDVSA-2008:126 ] - Updated PHP packages fix multiple vulnerabilities securitymandriva.com (Thu Jul 03 2008 - 18:55:00 CDT)
[ MDVSA-2008:127 ] - Updated PHP packages fix multiple vulnerabilities securitymandriva.com (Thu Jul 03 2008 - 18:59:00 CDT)
[ MDVSA-2008:128 ] - Updated PHP packages fix multiple vulnerabilities securitymandriva.com (Thu Jul 03 2008 - 19:05:00 CDT)
[SECURITY] [DSA 1601-1] New wordpress packages fix several vulnerabilities Thijs Kinkhorst (Fri Jul 04 2008 - 02:16:56 CDT)
Local vulnerability in WeFi Client v3.2.1.4.1(Update) XiaShinggmail.com (Fri Jul 04 2008 - 01:35:36 CDT)
- Re: Local vulnerability in WeFi Client v3.2.1.4.1(Update) galiawefi.com (Tue Jul 08 2008 - 02:49:04 CDT)
[ MDVSA-2008:130 ] - Updated PHP packages fix multiple vulnerabilities securitymandriva.com (Thu Jul 03 2008 - 22:20:00 CDT)
[ MDVSA-2008:129 ] - Updated PHP packages fix multiple vulnerabilities securitymandriva.com (Thu Jul 03 2008 - 22:16:00 CDT)
F5 FirePass 1200 SNMP daemon DoS nnposterdisclosed.not (Thu Jul 03 2008 - 20:29:05 CDT)
Novell GroupWise Messenger Client (GWIM) Remote Stack Overflow [ISR] - Infobyte Security Research (Fri Jul 04 2008 - 11:09:25 CDT)
[DSECRG-08-027] Multiple RFI-LFI in 1024 CMS 1.4.3, 1.4.4 RFC Digital Security Research Group [DSecRG] (Fri Jul 04 2008 - 10:44:26 CDT)
[ MDVSA-2008:131 ] - Updated phpMyAdmin packages fix multiple vulnerabilities securitymandriva.com (Fri Jul 04 2008 - 15:58:00 CDT)
[ MDVSA-2008:132 ] - Updated gnome-screensaver packages fix authentication vulnerability securitymandriva.com (Fri Jul 04 2008 - 17:26:00 CDT)
[ MDVSA-2008:133 ] - Updated sympa packages fix DoS vulnerability securitymandriva.com (Fri Jul 04 2008 - 17:46:00 CDT)
[ MDVSA-2008:134 ] - Updated squid packages fix DoS vulnerability securitymandriva.com (Fri Jul 04 2008 - 19:27:00 CDT)
[ MDVSA-2008:135 ] - Updated gnome-screensaver packages fix authentication vulnerability securitymandriva.com (Fri Jul 04 2008 - 22:17:00 CDT)
[SECURITY] [DSA 1602-1] New pcre3 packages fix arbitrary code execution Florian Weimer (Sat Jul 05 2008 - 07:37:12 CDT)
[oCERT-2008-007] libpoppler uninitialized pointer Andrea Barisani (Mon Jul 07 2008 - 09:06:53 CDT)
Re: Multiple vulnerabilities in TietoEnator's Procapita school administration system, at least version Juha-Matti Laurio (Sun Jul 06 2008 - 15:10:46 CDT)
[ GLSA 200807-03 ] PCRE: Buffer overflow Robert Buchholz (Mon Jul 07 2008 - 15:34:53 CDT)
PHP-NUKE SQL Module's Name 4ndvddb lovebughotmail.it (Mon Jul 07 2008 - 14:24:55 CDT)
Pwnie Awards 2008 Alexander Sotirov (Tue Jul 08 2008 - 03:37:51 CDT)
- Re: Pwnie Awards 2008 David Litchfield (Mon Jul 21 2008 - 09:58:44 CDT)
Call for Papers for the MEITSEC 2008 is now open. Meitsec2008 Conference (Tue Jul 08 2008 - 05:20:10 CDT)
Call for Papers for the MEITSEC 2008 is now open. Meitsec2008 Conference (Tue Jul 08 2008 - 05:20:10 CDT)
[security bulletin] HPSBMA02348 SSRT080033 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code, Denial of Service (DoS) security-alerthp.com (Tue Jul 08 2008 - 10:44:47 CDT)
[security bulletin] HPSBMA02349 SSRT080043 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Unauthorized Access to Data security-alerthp.com (Tue Jul 08 2008 - 10:45:29 CDT)
[SECURITY] [DSA 1603-1] New bind9 packages fix cache poisoning Florian Weimer (Tue Jul 08 2008 - 12:03:12 CDT)
[SECURITY] [DSA 1604-1] BIND 8 deprecation notice Florian Weimer (Tue Jul 08 2008 - 12:03:55 CDT)
XSS in admin logs - vBulletin 3.7.2 and lower, vBulletin 3.6.10 PL2 and lower Jessica Hope (Tue Jul 08 2008 - 11:59:06 CDT)
[SECURITY] [DSA 1605-1] DNS vulnerability impact on the libc stub resolver Florian Weimer (Tue Jul 08 2008 - 12:05:29 CDT)
[ GLSA 200807-04 ] Poppler: User-assisted execution of arbitrary code Matthias Geerdsen (Tue Jul 08 2008 - 13:48:06 CDT)
Cisco Security Advisory: Multiple Cisco Products Vulnerable to DNS Cache Poisoning Attacks Cisco Systems Product Security Incident Response Team (Tue Jul 08 2008 - 13:36:40 CDT)
iDefense Security Advisory 07.08.08: Microsoft SQL Server Restore Integer Underflow Vulnerability iDefense Labs (Tue Jul 08 2008 - 16:18:29 CDT)
[USN-622-1] Bind vulnerability Kees Cook (Tue Jul 08 2008 - 16:19:56 CDT)
[ MDVSA-2008:136 ] - Updated Firefox packages fix vulnerabilities securitymandriva.com (Tue Jul 08 2008 - 16:30:00 CDT)
Minneapolis DC612 Meeting July 10th, 2008<img src="/imgs/at.gif" border=0 align=middle>6pm David Bryan (Tue Jul 08 2008 - 14:28:30 CDT)
rPSA-2008-0216-1 firefox rPath Update Announcements (Tue Jul 08 2008 - 17:12:52 CDT)
rPSA-2008-0217-1 vsftpd rPath Update Announcements (Tue Jul 08 2008 - 17:15:49 CDT)
Re: [Full-disclosure] iDefense Security Advisory 07.08.08: Microsoft SQL Server Restore Integer Underflow Vulnerability Cesar (Tue Jul 08 2008 - 18:26:11 CDT)
[ MDVSA-2008:137 ] - Updated OpenOffice.org fix vulnerability, and a few other bugs securitymandriva.com (Tue Jul 08 2008 - 19:23:00 CDT)
[ MDVSA-2008:138 ] - Updated OpenOffice.org packages fix vulnerability securitymandriva.com (Wed Jul 09 2008 - 00:02:01 CDT)
Local information disclosure in WeFi Client v3.3.3.0 XiaShingGmail.Com (Wed Jul 09 2008 - 08:12:41 CDT)
Insomnia : ISVA-080709.1 - Microsoft SQL Server - Corrupt Backup File Heap Overflow Brett Moore (Wed Jul 09 2008 - 00:13:45 CDT)
[SECURITY] [DSA 1606-1] poppler packages fix execution of arbitrary code Steve Kemp (Wed Jul 09 2008 - 12:46:37 CDT)
rPSA-2008-0218-1 ruby rPath Update Announcements (Tue Jul 08 2008 - 17:52:16 CDT)
Microsoft DNS patch KB951748 incompatible with Zonealarm Pages-Web.com - Services internet (Wed Jul 09 2008 - 13:24:04 CDT)
- Re: Microsoft DNS patch KB951748 incompatible with Zonealarm jgablezonelabs.com (Fri Jul 11 2008 - 16:36:49 CDT)
- Re: Microsoft DNS patch KB951748 incompatible with Zonealarm Steve Shockley (Sat Jul 12 2008 - 13:32:53 CDT)
- Re: Re: Microsoft DNS patch KB951748 incompatible with Zonealarm nelsrobmts.net (Sat Jul 12 2008 - 18:54:05 CDT)
- Re: Re: Microsoft DNS patch KB951748 incompatible with Zonealarm dwg5901fhda.edu (Tue Jul 15 2008 - 16:05:41 CDT)
[ GLSA 200807-05 ] OpenOffice.org: User-assisted execution of arbitrary code Pierre-Yves Rofes (Wed Jul 09 2008 - 15:49:07 CDT)
[ MDVSA-2008:139 ] - Updated BIND packages fix critical DNS vulnerability securitymandriva.com (Wed Jul 09 2008 - 15:49:00 CDT)
Context IS Advisory - MS08-39 OWA XSS Context IS - Disclosure (Thu Jul 10 2008 - 04:41:49 CDT)
[ MDVSA-2008:142 ] - Updated ruby packages fix vulnerabilities securitymandriva.com (Wed Jul 09 2008 - 21:57:00 CDT)
Nessus plugins for recent MS Bulletins Chandrashekhar B (Thu Jul 10 2008 - 05:48:35 CDT)
Re: Microsoft DNS patch KB951748 incompatible with Zonealarm FIXED davee1sbcglobal.net (Wed Jul 09 2008 - 22:00:37 CDT)
gapicms v9.0.2 (dirDepth) Remote File Inclusion Vulnerability Ghost hacker (Thu Jul 10 2008 - 11:53:00 CDT)
[ GLSA 200807-07 ] NX: User-assisted execution of arbitrary code Robert Buchholz (Wed Jul 09 2008 - 17:01:47 CDT)
phpuserbase 1.3 (menu) Remote File Inclusion Vulnerability Ghost hacker (Thu Jul 10 2008 - 11:57:47 CDT)
rPSA-2008-0223-1 poppler rPath Update Announcements (Wed Jul 09 2008 - 17:18:44 CDT)
London DEFCON July meet - DC4420 - Thursday 10th July (today!) alien (Thu Jul 10 2008 - 02:59:15 CDT)
[ GLSA 200807-06 ] Apache: Denial of Service Robert Buchholz (Wed Jul 09 2008 - 17:00:06 CDT)
[ MDVSA-2008:141 ] - Updated ruby packages fix vulnerabilities securitymandriva.com (Wed Jul 09 2008 - 20:58:00 CDT)
[ MDVSA-2008:140 ] - Updated ruby packages fix vulnerabilities securitymandriva.com (Wed Jul 09 2008 - 20:43:00 CDT)
iDefense Security Advisory 07.09.08: Novell eDirectory LDAP Search Request Heap Corruption Vulnerability iDefense Labs (Thu Jul 10 2008 - 13:06:10 CDT)
Re: PR07-37: XSS on Apache HTTP Server 413 error pages via malformed HTTP method mcalauttgmail.com (Thu Jul 10 2008 - 11:53:20 CDT)
- Re: PR07-37: XSS on Apache HTTP Server 413 error pages via malformed HTTP method ProCheckUp Research (Mon Jul 14 2008 - 07:13:35 CDT)
[ MDVSA-2008:143 ] - Updated pidgin packages fix MSN protocol handler vulnerability securitymandriva.com (Thu Jul 10 2008 - 21:47:00 CDT)
ZDI-08-041: Novell eDirectory dhost Integer Overflow Code Execution Vulnerability zdi-disclosures3com.com (Thu Jul 10 2008 - 12:20:04 CDT)
[SECURITY] [DSA 1607-1] New iceweasel packages fix several vulnerabilities Moritz Muehlenhoff (Fri Jul 11 2008 - 11:11:41 CDT)
[ GLSA 200807-08 ] BIND: Cache poisoning Matthias Geerdsen (Fri Jul 11 2008 - 13:13:17 CDT)
[NETRAGARD SECURITY ADVISORY][Apple Core Image Fun House <= 2.0 OS X -- Arbitrary Code Execution][NETRAGARD-20080711] Netragard Security Advisories (Fri Jul 11 2008 - 13:38:30 CDT)
[ MDVSA-2008:138-1 ] - Updated OpenOffice.org packages fix vulnerability securitymandriva.com (Fri Jul 11 2008 - 19:17:00 CDT)
[ MDVSA-2008:144 ] - Updated openldap packages fix slapd DoS vulnerability securitymandriva.com (Sat Jul 12 2008 - 01:15:00 CDT)
[SECURITY] [DSA 1608-1] New mysql-dfsg-5.0 packages fix authorization bypass Devin Carraway (Sat Jul 12 2008 - 23:55:16 CDT)
Simple DNS Plus 5.0/4.1 < remote Denial of Service exploit Rotem-BugSec (Sun Jul 13 2008 - 04:02:57 CDT)
Pluck Local File inclusion adminbugreport.ir (Sun Jul 13 2008 - 07:29:18 CDT)
FreeBSD Security Advisory FreeBSD-SA-08:06.bind FreeBSD Security Advisories (Sun Jul 13 2008 - 14:10:04 CDT)
DeepSec 2008 - Last call for submissions DeepSec Conference Vienna (Mon Jul 14 2008 - 05:13:20 CDT)
Yuhhu Pubs Black Cat Remote SQL Injection Exploit RM-xmsn.com (Mon Jul 14 2008 - 10:09:08 CDT)
[ MDVSA-2008:145 ] - Updated bluez/bluez-utils packages fix SDP packet parsing vulnerability securitymandriva.com (Mon Jul 14 2008 - 23:48:00 CDT)
CFP now open for ClubHack2008 - India ClubHack (Tue Jul 15 2008 - 05:17:29 CDT)
HPSBST02350 SSRT080102 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-037 to MS08-040 security-alerthp.com (Tue Jul 15 2008 - 04:41:45 CDT)
[USN-624-1] PCRE vulnerability Kees Cook (Mon Jul 14 2008 - 21:06:08 CDT)
[SECURITY] [DSA 1609-1] New lighttpd packages fix multiple DOS issues Steve Kemp (Tue Jul 15 2008 - 12:39:09 CDT)
[SECURITY] [DSA 1610-1] New gaim packages fix execution of arbitrary code Steve Kemp (Tue Jul 15 2008 - 12:46:45 CDT)
[SECURITY] [DSA 1569-3] New cacti packages fix regression Thijs Kinkhorst (Tue Jul 15 2008 - 14:05:33 CDT)
[ GLSA 200807-09 ] Mercurial: Directory traversal Tobias Heinlein (Tue Jul 15 2008 - 17:08:53 CDT)
[ MDVSA-2008:147 ] - Updated pcre packages fix vulnerability securitymandriva.com (Wed Jul 16 2008 - 01:57:00 CDT)
iDefense Security Advisory 07.15.08: Oracle Internet Directory Pre-Authentication LDAP DoS Vulnerability iDefense Labs (Tue Jul 15 2008 - 17:10:42 CDT)
iDefense Security Advisory 07.15.08: Oracle Database DBMS_AQELM Package Buffer Overflow Vulnerability iDefense Labs (Tue Jul 15 2008 - 17:11:30 CDT)
iDefense Security Advisory 07.15.08: Oracle Database Local Untrusted Library Path Vulnerability iDefense Labs (Tue Jul 15 2008 - 17:12:19 CDT)
[ MDVSA-2008:146 ] - Updated poppler packages fix arbitrary code execution vulnerability securitymandriva.com (Tue Jul 15 2008 - 18:58:00 CDT)
[security bulletin] HPSBMA02346 SSRT080097 rev.1 - HP Select Identity Active Directory Bidirectional LDAP Connector, Remote Unauthorized Access security-alerthp.com (Wed Jul 16 2008 - 06:59:46 CDT)
Oracle Application Server PLSQL injection flaw David Litchfield (Tue Jul 15 2008 - 15:24:06 CDT)
Arbitrary code execution in Netrw version 127, Vim 7.2b Jan Minář (Wed Jul 16 2008 - 06:53:29 CDT)
[security bulletin] HPSBMA02133 SSRT061201 rev.9 - HP Oracle for OpenView (OfO) Critical Patch Update security-alerthp.com (Wed Jul 16 2008 - 07:00:29 CDT)
[ECHO_ADV_100$2008] Comdev Web Blogger <= 4.1.3 (arcmonth) Sql Injection Vulnerability adve-rdc.org (Wed Jul 16 2008 - 04:05:35 CDT)
[DSECRG-08-028] File read in Velocity web-server Alexandr Polyakov (Wed Jul 16 2008 - 12:31:19 CDT)
n.runs-SA-2008.002 - F-Prot Out-of-Bound Memory Access DoS (remote) securitynruns.com (Wed Jul 16 2008 - 11:32:35 CDT)
[SECURITY] [DSA 1544-2] New pdns-recursor packages fix predictable randomness Florian Weimer (Wed Jul 16 2008 - 14:09:37 CDT)
openPro 1.3.1 (LIBPATH) Remote RFI Vulnerability Ghost hacker (Wed Jul 16 2008 - 15:10:38 CDT)
rPSA-2008-0035-1 httpd mod_ssl rPath Update Announcements (Wed Jul 16 2008 - 15:43:10 CDT)
IETF Internet-Draft on TCP Port randomization Fernando Gont (Wed Jul 16 2008 - 14:23:28 CDT)
[SECURITY] [DSA 1611-1] New afuse packages fix privilege escalation Thijs Kinkhorst (Wed Jul 16 2008 - 14:18:32 CDT)
[security bulletin] HPSBUX02351 SSRT080058 rev.1 - HP-UX Running BIND, Remote DNS Cache Poisoning security-alerthp.com (Wed Jul 16 2008 - 21:21:10 CDT)
ekoparty security trainings (2008) announcement ekoparty (Wed Jul 16 2008 - 23:17:42 CDT)
[DSECRG-08-029] Local File Include in Dokeos E-Learning System 1.8.5 Digital Security Research Group (Thu Jul 17 2008 - 01:56:46 CDT)
HPSBMA02346 SSRT080097 rev.2 - HP Select Identity Active Directory Bidirectional LDAP Connector, Remote Unauthorized Access security-alerthp.com (Thu Jul 17 2008 - 08:00:13 CDT)
Oracle Portal XSS fixed by CPU July 2008 Andrea Purificato (Wed Jul 16 2008 - 17:26:59 CDT)
[USN-623-1] Firefox vulnerabilities Jamie Strandboge (Thu Jul 17 2008 - 10:10:04 CDT)
communitycms-0.1 Remote File Includion n3tr00t3ryahoo.com (Thu Jul 17 2008 - 10:46:47 CDT)
ZDI-08-044: Mozilla Firefox CSSValue Array Memory Corruption Vulnerability zdi-disclosures3com.com (Thu Jul 17 2008 - 14:17:58 CDT)
ZDI-08-043: Sun Java Web Start vm args Stack Buffer Overflow zdi-disclosures3com.com (Thu Jul 17 2008 - 14:17:41 CDT)
ZDI-08-042: Sun Java Web Start Sandbox Bypass Vulnerability zdi-disclosures3com.com (Thu Jul 17 2008 - 14:17:22 CDT)
Security Vacation Guide Pete Herzog (Thu Jul 17 2008 - 16:36:30 CDT)
Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution Jan Minář (Thu Jul 17 2008 - 17:54:18 CDT)
- Re: Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution Nikolai Weibull (Fri Jul 18 2008 - 02:38:28 CDT)
Def_Blog 1.0.3 Multiple Remote SQL Injection Vulnerabilities tan_prathanhotmail.com (Thu Jul 17 2008 - 20:30:27 CDT)
[ MDVSA-2008:148 ] - Updated Firefox packages fix vulnerabilities securitymandriva.com (Thu Jul 17 2008 - 19:51:00 CDT)
Lateral SQL Injection Revisited - No Special Privs Required David Litchfield (Fri Jul 18 2008 - 09:03:16 CDT)
- Re: Lateral SQL Injection Revisited - No Special Privs Required a.polyakovdsec.ru (Fri Jul 18 2008 - 06:30:02 CDT)
- RE: Lateral SQL Injection Revisited - No Special Privs Required David Litchfield (Fri Jul 18 2008 - 18:50:01 CDT)
[ISecAuditors Security Advisories] SmbClientParser Perl module allows remote command execution ISecAuditors Security Advisories (Fri Jul 18 2008 - 06:46:24 CDT)
[DSECRG-08-030] Claroline 1.8.9 Multiple Security Vulnerabilities Digital Security Research Group [DSecRG] (Fri Jul 18 2008 - 09:55:35 CDT)
Windows Vista Power Management & Local Security Policy Abe Getchell (Thu Jul 17 2008 - 21:39:23 CDT)
- RE: Windows Vista Power Management & Local Security Policy Jim Harrison (Sat Jul 19 2008 - 00:36:09 CDT)
- RE: Windows Vista Power Management & Local Security Policy Abe Getchell (Sat Jul 19 2008 - 02:33:12 CDT)
- RE: Windows Vista Power Management & Local Security Policy Thor (Hammer of God) (Sat Jul 19 2008 - 17:19:46 CDT)
- RE: Windows Vista Power Management & Local Security Policy Abe Getchell (Sun Jul 20 2008 - 14:32:03 CDT)
- RE: Windows Vista Power Management & Local Security Policy Jim Harrison (Sun Jul 20 2008 - 15:33:19 CDT)
- RE: Windows Vista Power Management & Local Security Policy Abe Getchell (Sun Jul 20 2008 - 17:04:19 CDT)
- RE: Windows Vista Power Management & Local Security Policy James C. Slora Jr. (Tue Jul 22 2008 - 10:15:22 CDT)
- RE: Windows Vista Power Management & Local Security Policy Jim Harrison (Tue Jul 22 2008 - 14:46:43 CDT)
- RE: Windows Vista Power Management & Local Security Policy Abe Getchell (Tue Jul 22 2008 - 17:37:07 CDT)
- RE: Windows Vista Power Management & Local Security Policy Good Securitypractice (Wed Jul 23 2008 - 12:16:06 CDT)
- RE: Windows Vista Power Management & Local Security Policy Greg (Sun Jul 27 2008 - 16:26:02 CDT)
[security bulletin] HPSBUX02351 SSRT080058 rev.2 - HP-UX Running BIND, Remote DNS Cache Poisoning security-alerthp.com (Sat Jul 19 2008 - 06:29:00 CDT)
rPSA-2008-0231-1 bind bind-utils rPath Update Announcements (Sat Jul 19 2008 - 09:31:24 CDT)
Oracle Database Local Untrusted Library Path Vulnerability Joxean Koret (Sat Jul 19 2008 - 10:08:40 CDT)
- Re: Oracle Database Local Untrusted Library Path Vulnerability jmpascual (Sat Jul 19 2008 - 17:10:56 CDT)
Easybookmarker 40tr Xss Vulnerability By Khashayar Fereidani irancrashgmail.com (Sat Jul 19 2008 - 07:22:52 CDT)
[ MDVSA-2008:149 ] - Updated mysql packages fix vulnerabilities securitymandriva.com (Sat Jul 19 2008 - 14:42:00 CDT)
EasyPublish 3.0tr Multiple Vulnerabilities ( Xss / Sql Injection Exploit / File Disclosure Exploit ) irancrashgmail.com (Sat Jul 19 2008 - 07:37:21 CDT)
Easyecards 310a Multipe Vulerabilities ( Xss / Sql Injection Exploit / File Disclosure Exploit ) By Khashayar Fereidani irancrashgmail.com (Sat Jul 19 2008 - 07:18:06 CDT)
[ MDVSA-2008:150 ] - Updated mysql packages fix vulnerabilities securitymandriva.com (Sat Jul 19 2008 - 18:06:00 CDT)
Maran PHP Blog Xss By Khashayar Fereidani irancrashgmail.com (Sat Jul 19 2008 - 12:29:52 CDT)
EMC Dantz Retrospect 7 backup Client PlainText Password Hash Disclosure Vulnerability zhliufortinet.com (Mon Jul 21 2008 - 08:45:55 CDT)
FGA-2008-16: EMC Dantz Retrospect 7 backup Client 7.5.116 Remote Memory corruption Vulnerability zhliufortinet.com (Mon Jul 21 2008 - 08:44:11 CDT)
Vulnerability CVE-2008-3671 - MyReview's vulnerability in the access control system Julien Thomas (Sat Jul 19 2008 - 18:09:56 CDT)
Easydynamicpages 30tr Multipe Vulerabilities ( Xss / Sql Injection Exploit / File Disclosure Exploit ) irancrashgmail.com (Sat Jul 19 2008 - 07:13:24 CDT)
EZWebAlbum (dlfilename) Remote File Disclosure Vulnerability Ghost hacker (Sun Jul 20 2008 - 07:12:09 CDT)
MyBlog <=0.9.8 Multiple Vulnerabilities adminbugreport.ir (Sun Jul 20 2008 - 07:26:18 CDT)
Vim: Improper Implementation of shellescape()/Arbitrary Code Execution Jan Minář (Mon Jul 21 2008 - 07:07:53 CDT)
FGA-2008-16: EMC Dantz Retrospect 7 backup Client 7.5.116 NULL-Pointer reference Denial of Service Vulnerability zhliufortinet.com (Mon Jul 21 2008 - 08:49:25 CDT)
[DSECRG-08-031] Local File Include Vulnerability in Interact 2.4.1 Digital Security Research Group [DSecRG] (Mon Jul 21 2008 - 08:55:18 CDT)
Flip V3.0 final Cru3l.b0ygmail.com (Mon Jul 21 2008 - 08:36:03 CDT)
Re: SchoolCenter URL Handling Cross Site Scripting Vulnerability Testeryahoo.com (Sat Jul 19 2008 - 22:14:38 CDT)
[White Paper] Abusing HTML 5 Structured Client-side Storage Alberto Trivero (Sun Jul 20 2008 - 19:59:13 CDT)
[SECURITY] [DSA 1612-1] New ruby1.8 packages fix several vulnerabilities Moritz Muehlenhoff (Mon Jul 21 2008 - 12:29:08 CDT)
E-Mail header Injection in HiFriend Peter Wiesen (Mon Jul 21 2008 - 13:01:18 CDT)
- Re: E-Mail header Injection in HiFriend Adrian Pastor (Tue Jul 29 2008 - 04:31:49 CDT)
[ GLSA 200807-10 ] Bacula: Information disclosure Pierre-Yves Rofes (Mon Jul 21 2008 - 13:08:18 CDT)
- Re: [ GLSA 200807-10 ] Bacula: Information disclosure danlangille.org (Mon Jul 21 2008 - 10:56:25 CDT)
[ GLSA 200807-11 ] PeerCast: Buffer overflow Pierre-Yves Rofes (Mon Jul 21 2008 - 14:52:38 CDT)
NULL pointer in ZDaemon 1.08.07 Luigi Auriemma (Mon Jul 21 2008 - 18:02:21 CDT)
[ MDVSA-2008:151 ] - Updated libxslt packages fix buffer overflow vulnerability securitymandriva.com (Mon Jul 21 2008 - 20:49:00 CDT)
Vulnerability: SocialEngine (SocialEngine.net) high risk security flaw Tim Loshak (Tue Jul 22 2008 - 05:20:56 CDT)
[ GLSA 200807-12 ] BitchX: Multiple vulnerabilities Pierre-Yves Rofes (Mon Jul 21 2008 - 17:08:33 CDT)
[security bulletin] HPSBMA02346 SSRT080097 rev.3 - HP OpenView Select Identity Active Directory Bidirectional LDAP Connector, Remote Unauthorized Access security-alerthp.com (Tue Jul 22 2008 - 09:24:41 CDT)
FGA-2008-16: EMC Dantz Retrospect 7 backup Server Authentication Module Weak Password Hash Arithmetic Vulnerability zhliufortinet.com (Mon Jul 21 2008 - 20:41:00 CDT)
[SECURITY] [DSA 1613-1] new libgd2 packages fix multiple vulnerabilities Devin Carraway (Tue Jul 22 2008 - 02:01:19 CDT)
[DSECRG-08-032] Claroline 1.8.10 Multiple XSS Vulnerabilities Digital Security Research Group [DSecRG] (Tue Jul 22 2008 - 10:34:48 CDT)
PR08-13: Persistent Cross-site Scripting (XSS) on Moodle via blog entry title ProCheckUp Research (Tue Jul 22 2008 - 10:46:23 CDT)
PR08-15: Several Webroot Disclosures on Moodle ProCheckUp Research (Tue Jul 22 2008 - 10:48:39 CDT)
PR08-16: CSRF (Cross-site Request Forgery) on Moodle edit profile page ProCheckUp Research (Tue Jul 22 2008 - 10:59:48 CDT)
[USN-627-1] Dnsmasq vulnerability Jamie Strandboge (Tue Jul 22 2008 - 11:37:02 CDT)
Outpost Security Suite Pro ver. 2009 Multiple vulnerabilities jplopezygmail.com (Tue Jul 22 2008 - 12:21:26 CDT)
[ MDVSA-2008:152 ] - Updated wireshark packages fix denial of service vulnerability securitymandriva.com (Tue Jul 22 2008 - 18:07:01 CDT)
AST-2008-011: Traffic amplification in IAX2 firmware provisioning system Asterisk Security Team (Tue Jul 22 2008 - 18:16:07 CDT)
AST-2008-010: Asterisk IAX 'POKE' resource exhaustion Asterisk Security Team (Tue Jul 22 2008 - 18:15:49 CDT)
[SECURITY] [DSA 1540-3] New lighttpd packages fix regression Thijs Kinkhorst (Wed Jul 23 2008 - 13:59:43 CDT)
Vim: Flawed Fix of Arbitrary Code Execution Vulnerability in filetype.vim Jan Minář (Wed Jul 23 2008 - 13:29:01 CDT)
[USN-628-1] PHP vulnerabilities Jamie Strandboge (Wed Jul 23 2008 - 14:39:07 CDT)
[SECURITY] [DSA 1614-1] New iceweasel packages fix several vulnerabilities Moritz Muehlenhoff (Wed Jul 23 2008 - 15:07:11 CDT)
[SECURITY] [DSA 1615-1] New xulrunner packages fix several vulnerabilities Moritz Muehlenhoff (Wed Jul 23 2008 - 15:33:58 CDT)
Re: Wordpress Malicious File Execution Vulnerability ottoottodestruct.com (Wed Jul 23 2008 - 14:44:51 CDT)
[ MDVSA-2008:153 ] - Updated emacs packages fix vulnerability securitymandriva.com (Wed Jul 23 2008 - 16:56:00 CDT)
[SECURITY] [DSA 1616-1] new clamav packages fix denial of service Devin Carraway (Thu Jul 24 2008 - 02:36:24 CDT)
[ MDVSA-2008:154 ] - Updated xemacs packages fix vulnerability securitymandriva.com (Wed Jul 23 2008 - 18:29:00 CDT)
CAU-EX-2008-0002: Kaminsky DNS Cache Poisoning Flaw Exploit I)ruid (Wed Jul 23 2008 - 18:34:26 CDT)
[Full-disclosure] [tool] SDT Cleaner 1.0 Nahuel C. Riva (Wed Jul 23 2008 - 17:49:33 CDT)
Re: [Full-disclosure] Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution Jan Minář (Thu Jul 24 2008 - 21:16:00 CDT)
- Re: [Full-disclosure] Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution Robert Buchholz (Thu Jul 24 2008 - 20:17:08 CDT)
- Re: [Full-disclosure] Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution Steven M. Christey (Fri Jul 25 2008 - 10:57:28 CDT)
- Re: [Full-disclosure] Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution Robert Buchholz (Fri Jul 25 2008 - 05:18:21 CDT)
- Re: [Full-disclosure] Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution Jan Minář (Sat Jul 26 2008 - 07:33:24 CDT)
[USN-629-1] Thunderbird vulnerabilities Jamie Strandboge (Thu Jul 24 2008 - 22:20:11 CDT)
[SECURITY] [DSA 1617-1] New refpolicy packages fix incompatible policy Devin Carraway (Fri Jul 25 2008 - 01:29:36 CDT)
Secunia Research: RealPlayer SWF Frame Handling Buffer Overflow Secunia Research (Fri Jul 25 2008 - 10:01:50 CDT)
XRMS 1.99.2 (RFI/XSS/IG) Multiple Remote Vulnerabilities azzcoderhotmail.com (Fri Jul 25 2008 - 10:13:03 CDT)
ezContents CMS Renote File inclusion securitysoqor.net (Fri Jul 25 2008 - 05:04:14 CDT)
SECOBJADV-2008-02: Cygwin Installation and Update Process can be Subverted Vulnerability advisorieshost.security-objectives.com (Fri Jul 25 2008 - 11:57:49 CDT)
Re: [Full-disclosure] CAU-EX-2008-0002: Kaminsky DNS Cache Poisoning Flaw Exploit Ganbold (Thu Jul 24 2008 - 23:18:29 CDT)
Re: [bugtraq] Re: [Full-disclosure] CAU-EX-2008-0002: Kaminsky DNS Cache Poisoning Tuc at T-B-O-H.NET (Fri Jul 25 2008 - 15:09:07 CDT)
ZDI-08-045: Apple Safari StyleSheet ownerNode Heap Corruption Vulnerability zdi-disclosures3com.com (Fri Jul 25 2008 - 16:26:30 CDT)
http://www.zerodayinitiative.com/advisories/ZDI-08-046 zdi-disclosures3com.com (Fri Jul 25 2008 - 16:27:06 CDT)
ZDI-08-047: RealNetworks RealPlayer rmoc3260 ActiveX Control Memory Corruption Vulnerability zdi-disclosures3com.com (Fri Jul 25 2008 - 16:27:27 CDT)
[SECURITY] [DSA 1616-2] New clamav packages fix denial of service Devin Carraway (Fri Jul 25 2008 - 23:49:24 CDT)
[ MDVSA-2008:155 ] - Updated Thunderbird packages fix multiple vulnerabilities securitymandriva.com (Fri Jul 25 2008 - 17:24:00 CDT)
[SECURITY] [DSA 1618-1] New ruby1.9 packages fix several vulnerabilities Moritz Muehlenhoff (Sat Jul 26 2008 - 10:17:57 CDT)
[SECURITY] [DSA 1619-1] New python-dns packages fix DNS response spoofing Devin Carraway (Sun Jul 27 2008 - 04:36:54 CDT)
[SECURITY] [DSA 1620-1] New python2.5 packages fix several vulnerabilities Moritz Muehlenhoff (Sun Jul 27 2008 - 08:13:22 CDT)
how to request a cve id? xpzhang (Thu Jul 24 2008 - 20:43:46 CDT)
- Re: how to request a cve id? Steven M. Christey (Sat Jul 26 2008 - 12:08:25 CDT)
[ MDVSA-2008:155-1 ] - Updated Thunderbird packages fix multiple vulnerabilities securitymandriva.com (Sun Jul 27 2008 - 13:47:00 CDT)
[SECURITY] [DSA 1621-1] New icedove packages fix several vulnerabilities Moritz Muehlenhoff (Sun Jul 27 2008 - 16:38:47 CDT)
Security Bypass Vulnerabilities AXESSTEL Bboyhacksgmail.com (Sun Jul 27 2008 - 19:24:17 CDT)
[DSECRG-08-033] Local File Include Vulnerability in Pixelpost 1.7.1 Digital Security Research Group [DSecRG] (Mon Jul 28 2008 - 03:30:28 CDT)
Tool release: [evilgrade] - Using DNS cache poisoning to exploit poor update implementations [ISR] - Infobyte Security Research (Mon Jul 28 2008 - 05:21:09 CDT)
[security bulletin] HPSBMA02353 SSRT080066 rev.1 - HP OpenView Internet Services Running Probe Builder, Remote Denial of Service (DoS) security-alerthp.com (Mon Jul 28 2008 - 10:20:35 CDT)
JamRoom <= 3.3.8 Authentication Bypass GulfTech Security Research (Mon Jul 28 2008 - 10:43:40 CDT)
Multiple Cross-Site Scripting Vulnerabilities in Web Wiz Rich Text Editor version 4.02 supportrupgmail.com (Sun Jul 27 2008 - 05:03:26 CDT)
ViArt <= 3.5 SQL Injection GulfTech Security Research (Mon Jul 28 2008 - 13:38:57 CDT)
Cross Site Scripting (XSS) in Owl <=0.95, CVE-2008-3100 Fabian Fingerle (Mon Jul 28 2008 - 16:15:40 CDT)
iDefense Security Advisory 07.28.08: Hewlett-Packard OVIS Probe Builder Arbitrary Process Termination Vulnerability iDefense Labs (Mon Jul 28 2008 - 18:30:08 CDT)
[ MDVSA-2008:156 ] - Updated libpng packages fix vulnerability securitymandriva.com (Mon Jul 28 2008 - 18:52:00 CDT)
[USN-626-1] Firefox and xulrunner vulnerabilities Jamie Strandboge (Mon Jul 28 2008 - 18:29:38 CDT)
rPSA-2008-0236-1 httpd mod_ssl rPath Update Announcements (Mon Jul 28 2008 - 20:11:43 CDT)
PhpJobScheduler 3.1 Remote File Inclusion Vulnerability Ghost hacker (Tue Jul 29 2008 - 01:29:52 CDT)
rPSA-2008-0237-1 tshark wireshark rPath Update Announcements (Mon Jul 28 2008 - 20:18:53 CDT)
[USN-626-1] Firefox and xulrunner vulnerabilities Jamie Strandboge (Mon Jul 28 2008 - 18:29:38 CDT)
rPSA-2008-0238-1 firefox rPath Update Announcements (Mon Jul 28 2008 - 20:24:50 CDT)
[USN-631-1] poppler vulnerability Kees Cook (Mon Jul 28 2008 - 17:18:05 CDT)
[USN-631-1] poppler vulnerability Kees Cook (Mon Jul 28 2008 - 17:18:05 CDT)
plugin Rss Remote File Inclusion Vulnerability Ghost hacker (Tue Jul 29 2008 - 00:04:50 CDT)
[DSECRG-08-034] Local File Include Vulnerability in Minishowcase v09b136 Digital Security Research Group [DSecRG] (Tue Jul 29 2008 - 02:55:06 CDT)
Gregarius <= 0.5.4 SQL Injection GulfTech Security Research (Tue Jul 29 2008 - 03:36:23 CDT)
n.runs-SA-2008.004 - AVG Anti-Virus Divide by Zero - DoS (remote) securitynruns.com (Tue Jul 29 2008 - 05:03:25 CDT)
VMSA-2008-00011 Updated ESX service console packages for Samba and vmnix VMware Security team (Mon Jul 28 2008 - 20:22:48 CDT)
rPSA-2008-0235-1 fetchmail fetchmailconf rPath Update Announcements (Mon Jul 28 2008 - 20:06:18 CDT)
[USN-630-1] ffmpeg vulnerability Kees Cook (Mon Jul 28 2008 - 17:17:30 CDT)
Remote Cisco IOS FTP exploit Andy Davis (Tue Jul 29 2008 - 05:31:11 CDT)
- RE: Remote Cisco IOS FTP exploit Paul Oxman (poxman) (Wed Jul 30 2008 - 01:31:29 CDT)
[ MDVSA-2008:157 ] - ffmpeg securitymandriva.com (Tue Jul 29 2008 - 16:15:00 CDT)
shoutbox Remote Database Dawnload Exploit Ghost hacker (Wed Jul 30 2008 - 02:41:24 CDT)
Cisco IOS shellcode explanation Andy Davis (Wed Jul 30 2008 - 04:03:51 CDT)
HIOX Star Rating System 1.0 Remote File Inclusion Vulnerability Ghost hacker (Wed Jul 30 2008 - 07:51:25 CDT)
Memory corruption and NULL pointer in Unreal Tournament III 1.2 Luigi Auriemma (Tue Jul 29 2008 - 18:37:27 CDT)
HIOX Random Ad 1.3 (hioxRandomAd.php hm) RFI Vulnerability Ghost hacker (Wed Jul 30 2008 - 07:08:38 CDT)
HIOX Browser Statistics 2.0 Remote File Inclusion Vulnerability Ghost hacker (Wed Jul 30 2008 - 07:35:35 CDT)
NULL pointer in Unreal Tournament 2004 v3369 Luigi Auriemma (Tue Jul 29 2008 - 18:36:07 CDT)
MJGuest 6.8 GT Cross Site Scripting Vulnerability irancrashgmail.com (Tue Jul 29 2008 - 15:33:41 CDT)
RealNetworks RealPlayer ActiveX Illegal Resource Reference Vulnerability cocoruder (Tue Jul 29 2008 - 21:43:10 CDT)
Tool: PorkBind Nameserver Security Scanner superinnu.org (Wed Jul 30 2008 - 11:34:54 CDT)
Cisco IOS shellcode explanation - additional Andy Davis (Wed Jul 30 2008 - 12:51:12 CDT)
[ MDVSA-2008:158 ] silc-toolkit securitymandriva.com (Wed Jul 30 2008 - 13:50:00 CDT)
Citrix MetaFrame Privilege Escalation Wendel Guglielmetti Henrique (Wed Jul 30 2008 - 15:09:39 CDT)
DEV WMS Multiple Vulnerabilities irancrashgmail.com (Wed Jul 30 2008 - 13:34:06 CDT)
[ MDVSA-2008:159 ] licq securitymandriva.com (Wed Jul 30 2008 - 17:03:00 CDT)
[oCERT-2008-009] libxslt heap overflow Andrea Barisani (Thu Jul 31 2008 - 10:08:59 CDT)
Secunia Research: Blue Coat K9 Web Protection "Referer" Header Buffer Overflow Secunia Research (Thu Jul 31 2008 - 09:32:25 CDT)
[security bulletin] HPSBUX02286 SSRT071466 rev.1 - HP-UX Running System Administration Manager (SAM), Unintended Remote Access security-alerthp.com (Thu Jul 31 2008 - 07:51:29 CDT)
Pligg <= 9.9.0 Multiple Vulnerabilities GulfTech Security Research (Wed Jul 30 2008 - 16:49:08 CDT)
Secunia Research: Blue Coat K9 Web Protection Response Handling Buffer Overflows Secunia Research (Thu Jul 31 2008 - 09:32:28 CDT)
[SECURITY] [DSA 1622-1] New newsx packages fix arbitrary code execution Thijs Kinkhorst (Thu Jul 31 2008 - 03:56:14 CDT)
[~] Greetz : Me93fg & Mr.SaFa7 Ghost hacker (Thu Jul 31 2008 - 08:15:52 CDT)
iDefense Security Advisory 07.30.08: SAP MaxDB dbmsrv Untrusted Execution Path Vulnerability iDefense Labs (Thu Jul 31 2008 - 12:38:11 CDT)
[ GLSA 200807-15 ] Pan: User-assisted execution of arbitrary code Pierre-Yves Rofes (Thu Jul 31 2008 - 13:44:08 CDT)
[SECURITY] [DSA 1623-1] New dnsmasq packages fix cache poisoning Moritz Muehlenhoff (Thu Jul 31 2008 - 11:45:20 CDT)
[ GLSA 200807-14 ] Linux Audit: Buffer overflow Pierre-Yves Rofes (Thu Jul 31 2008 - 13:36:48 CDT)
[ GLSA 200807-13 ] VLC: Multiple vulnerabilities Pierre-Yves Rofes (Thu Jul 31 2008 - 13:26:24 CDT)
[SECURITY] [DSA 1624-1] New libxslt packages fix arbitrary code execution Moritz Muehlenhoff (Thu Jul 31 2008 - 15:19:20 CDT)

Last message date: Thu Jul 31 2008 - 15:24:15 CDT
Archived on: Thu Jul 31 2008 - 15:24:15 CDT

305 messages sorted by: [ author ] [ date ] [ subject ]