Hosting Provided By

Mailing List Archive For bugtraq@securityfocus.com By Thread

SolpotCrew Advisory #15 (home_edition2001) - Weblogicnet (files_dir) Remote File Inclusion home_edition2001(at)irc.mildnet.org (31 Aug 2007)
[SECURITY] [DSA 1363-1] New Linux 2.6.18 packages fix several vulnerabilities dann frazier (31 Aug 2007)
[ MDKSA-2007:172 ] - Updated clamav packages vulnerabilities security(at)mandriva.com (31 Aug 2007)
Olate Download 3.4.2~uploads folder ~ directory traversal imei Addmimistrator (31 Aug 2007)
Olate Download 3.4.2 ~ userupload.php ~ Upload Executable Files imei Addmimistrator (31 Aug 2007)
Aztech router DSL600EU IP and ARP spoof acheddamiman(at)gmail.com (30 Aug 2007)
Team SHATTER Advisory: IBM DB2 Buffer overflow in sysproc.auth_list_groups_for_authid Team SHATTER (31 Aug 2007)
[USN-510-1] Linux kernel vulnerabilities Kees Cook (31 Aug 2007)
HPSBMA02239 SSRT061260 rev.2 - HP OpenView Operations (OVO) Agents Running Shared Trace Service, Remote Arbitrary Code Execution security-alert(at)hp.com (31 Aug 2007)
HPSBTU02256 SSRT071449 rev.1 - HP Tru64 UNIX or HP Tru64 Internet Express running BIND, Remote DNS Cache Poisoning security-alert(at)hp.com (31 Aug 2007)
[USN-509-1] Linux kernel vulnerabilities Kees Cook (30 Aug 2007)
Ragnarok Online Control Panel Authentication Bypass Vulnerability [new method] dp14(at)hotmail.com (31 Aug 2007)
Re: Digital Armaments Security Advisory 24.07.2006: Siemens Speedstream Wireless/Router Denial of Service Vulnerability malaguka(at)yahoo.com (31 Aug 2007)
[USN-508-1] Linux kernel vulnerabilities Kees Cook (31 Aug 2007)
Immunity Debugger v1.1 Release Nicolas Waisman (30 Aug 2007)
Cisco CSS WebNS ssh crash NetExpress (30 Aug 2007)
SQL Injection in Cisco CallManager Elliot Kendall (30 Aug 2007)
iDefense Security Advisory 08.30.07: Yahoo Messenger YVerInfo.dll ActiveX Multiple Remote Buffer Overflow Vulnerabilities iDefense Labs (30 Aug 2007)
Sony: The Return Of The Rootkit Quark IT - Hilton Travis (29 Aug 2007)
- Re: Sony: The Return Of The Rootkit Paul Sebastian Ziegler (30 Aug 2007)
  - Re: Sony: The Return Of The Rootkit Chad Perrin (31 Aug 2007)
  - Re: Sony: The Return Of The Rootkit Jason Brooke (31 Aug 2007)
    - Re: Sony: The Return Of The Rootkit Paul Sebastian Ziegler (31 Aug 2007)
    - Re: Sony: The Return Of The Rootkit Tyler Reguly (01 Sep 2007)
    - Re: Sony: The Return Of The Rootkit John Hammond (01 Sep 2007)
- Re: Sony: The Return Of The Rootkit Juha-Matti Laurio (31 Aug 2007)
Updated: VMware poor guest isolation design VMware Security team (29 Aug 2007)
Re: Re: Multiple OS kernel insecure handling of stdio file descriptor watercloud(at)xfocus.org (30 Aug 2007)
PR07-23: Non-persistent Cross-site Scripting (XSS) on Absolute Poll Manager XE admin page research(at)procheckup.com (30 Aug 2007)
VMware poor guest isolation design VMware Security team (29 Aug 2007)
[USN-507-1] tcp-wrappers vulnerability Kees Cook (29 Aug 2007)
[SECURITY] [DSA 1362-1] New lighttpd packages fix several vulnerabilities Steve Kemp (29 Aug 2007)
The Long Run Dave Aitel (29 Aug 2007)
[SECURITY] [DSA 1361-1] New postfix-policyd packages fix arbitrary code execution Steve Kemp (29 Aug 2007)
Multiple vulnerabilities in Doomsday 1.9.0-beta5.1 Luigi Auriemma (29 Aug 2007)
HPSBMA02236 SSRT061260 rev.1 - HP OpenView Performance Manager (OVPM) Running Shared Trace Service on HP-UX, Solaris, and Windows, Remote Arbitrary Code Execution security-alert(at)hp.com (29 Aug 2007)
Cisco Security Advisory: XSS and SQL Injection in Cisco CallManager/Unified Communications Manager Logon Page Cisco Systems Product Security Incident Response Team (29 Aug 2007)
[USN-469-2] Enigmail regression Kees Cook (28 Aug 2007)
[HISPASEC] Blizzard StarCraft Brood War 1.15.1 Remote DoS Gynvael Coldwind (29 Aug 2007)
[USN-506-1] tar vulnerability Kees Cook (28 Aug 2007)
[USN-504-1] Emacs vulnerability Kees Cook (28 Aug 2007)
[USN-505-1] vim vulnerability Kees Cook (28 Aug 2007)
[ MDKSA-2007:171 ] - Updated kernel packages fix multiple vulnerabilities and bugs security(at)mandriva.com (28 Aug 2007)
[SECURITY] [DSA 1360-1] New rsync packages fix arbitrary code execution Steve Kemp (28 Aug 2007)
[SECURITY] [DSA 1359-1] New dovecot packages fix directory traversal Steve Kemp (28 Aug 2007)
n.runs, Sophos, German laws, and customer safety Steven M. Christey (28 Aug 2007)
- Re: n.runs, Sophos, German laws, and customer safety Jerome Athias (28 Aug 2007)
  - Re: n.runs, Sophos, German laws, and customer safety alan (28 Aug 2007)
- Re: n.runs, Sophos, German laws, and customer safety Oliver Karow (28 Aug 2007)
- Re: n.runs, Sophos, German laws, and customer safety Anonymous(at)Anonymous.de (28 Aug 2007)
Found nice mass exploits for fedora and imap linux0day(at)yahoo.co.uk (27 Aug 2007)
- Re: Found nice mass exploits for fedora and imap jf (28 Aug 2007)
- Re: Found nice mass exploits for fedora and imap Jon Lewis (28 Aug 2007)
Community input/questions for ISOI 3? Gadi Evron (25 Aug 2007)
HPSBUX02249 SSRT071442 rev.1 HP-UX Running the Ignite-UX or the DynRootDisk (DRD) get_system_info Command, Local Unqualified Configuration Change security-alert(at)hp.com (27 Aug 2007)
PhpGedView login page multiple XSS morin.josh(at)gmail.com (27 Aug 2007)
BIND 8 EOL and BIND 8 DNS Cache Poisoning (Amit Klein, Trusteer) Amit Klein (27 Aug 2007)
eyeOS checksum prediction komarov(at)itdefence.ru (27 Aug 2007)
FLEA-2007-0049-1 tar Foresight Linux Essential Announcement Service (27 Aug 2007)
OpenBSD 4.1 - Heap overflow vulnerabillity acheddamiman(at)gmail.com (25 Aug 2007)
- Re: OpenBSD 4.1 - Heap overflow vulnerabillity Steve Shockley (28 Aug 2007)
[USN-503-1] Thunderbird vulnerabilities Kees Cook (27 Aug 2007)
iDefense Security Advisory 08.27.07: Motorola Timbuktu Pro Directory Traversal Vulnerability iDefense Labs (27 Aug 2007)
iDefense Security Advisory 08.27.07: Motorola Timbuktu Multiple Buffer Overflow Vulnerabilities iDefense Labs (27 Aug 2007)
Moonware Software Multiple Vulnerabilities s0cratex(at)hotmail.com (25 Aug 2007)
Abledesign Dynamic Picture Frame XSS morin.josh(at)gmail.com (26 Aug 2007)
InterWorx-CP Multiple HTML Injections Vulnerabilitie DoZ(at)HackersCenter.com (26 Aug 2007)
- Re: InterWorx-CP Multiple HTML Injections Vulnerabilitie info(at)interworx.com (29 Aug 2007)
Sunshop v4.0 <= Blind SQL Injection exploit auah(at)gelap.com (26 Aug 2007)
[SECURITY] [DSA 1358-1] New asterisk packages fix several vulnerabilities Moritz Muehlenhoff (26 Aug 2007)
SIDVault LDAP Server Remote Buffer Overflow Joxean Koret (25 Aug 2007)
- EnterpriseDB Advanced Server 8.2 Unitialized Pointer Joxean Koret (29 Aug 2007)
n.runs-SA-2007.027 - Sophos Antivirus UPX parsing Arbitrary CodeExecution Advisory security(at)nruns.com (24 Aug 2007)
- Re: n.runs-SA-2007.027 - Sophos Antivirus UPX parsing Arbitrary CodeExecution Advisory 3APA3A (27 Aug 2007)
  - Re: n.runs-SA-2007.027 - Sophos Antivirus UPX parsing Arbitrary CodeExecution Advisory Sergio Alvarez (27 Aug 2007)
  - Re: n.runs-SA-2007.027 - Sophos Antivirus UPX parsing Arbitrary CodeExecution Advisory Sergio Alvarez (03 Sep 2007)
    - Re: [Full-disclosure] n.runs-SA-2007.027 - Sophos Antivirus UPX parsing Arbitrary CodeExecution Advisory Jan Münther (03 Sep 2007)
    - Re: [Sec] Re: [Full-disclosure] n.runs-SA-2007.027 - Sophos Antivirus UPX parsing Arbitrary CodeExecution Advisory Thierry Zoller (03 Sep 2007)
rPSA-2007-0172-1 tar rPath Update Announcements (25 Aug 2007)
Re: SPIP v1.7 Remote File Inclusion Bug Magnus Holmgren (24 Aug 2007)
AST-2007-021: Crash from invalid/corrupted MIME bodies when using voicemail with IMAP storage Asterisk Security Team (24 Aug 2007)
Security vulnerability in BufferZone 2.5 seppi(at)seppig.de (24 Aug 2007)
n.runs-SA-2007.025 - ClamAV Remote Code Execution Advisory security(at)nruns.com (24 Aug 2007)
[USN-502-1] KDE vulnerabilities Kees Cook (24 Aug 2007)
n.runs-SA-2007.026 - Sophos Antivirus BZip parsing Infinite Loop Advisory security(at)nruns.com (24 Aug 2007)
security vulnerability in VMware seppi(at)seppig.de (24 Aug 2007)
about recent phpMyAdmin "vulnerabilities" Marc Delisle (24 Aug 2007)
24th Chaos Communication Congress 2007: Call for Participation fukami (24 Aug 2007)
Tikiwiki 1.9.7 HTML/embed object injection morin.josh(at)gmail.com (24 Aug 2007)
The Korean Hacking & Security Conference "POC 2007" call for papers poc2007(at)gmail.com (23 Aug 2007)
Multiple denial of service in Soldat 1.4.2/2.6.2 Luigi Auriemma (23 Aug 2007)
Heap overflow in Skulltag 0.97d-beta4.1 Luigi Auriemma (23 Aug 2007)
FLEA-2007-0048-1 xterm Foresight Linux Essential Announcement Service (23 Aug 2007)
Security Advisory for Bugzilla 3.0, 2.22.1, and 2.20.4 mkanat(at)bugzilla.org (23 Aug 2007)
FLEA-2007-0047-1 rsync Foresight Linux Essential Announcement Service (23 Aug 2007)
rPSA-2007-0169-1 xterm rPath Update Announcements (23 Aug 2007)
[ MDKSA-2007:170 ] - Updated gimp packages fix input data validation issues in several plugins security(at)mandriva.com (23 Aug 2007)
X-Diesel Unreal Commander v0.92 (build 573) multiple vulnerabilities Gynvael Coldwind (23 Aug 2007)
Reminder: HITBSecConf2007 - Malaysia is less than 2 weeks away Praburaajan (22 Aug 2007)
VMWare poor guest isolation design M. Burnett (22 Aug 2007)
- Re: VMWare poor guest isolation design Arthur Corliss (23 Aug 2007)
  - RE: VMWare poor guest isolation design M. Burnett (23 Aug 2007)
    - RE: VMWare poor guest isolation design Arthur Corliss (24 Aug 2007)
  - RE: VMWare poor guest isolation design William Holmberg (23 Aug 2007)
    - RE: VMWare poor guest isolation design Arthur Corliss (24 Aug 2007)
  - RE: VMWare poor guest isolation design James C. Slora Jr. (23 Aug 2007)
  - Re: VMWare poor guest isolation design Jonathan Yu (23 Aug 2007)
    - Re: VMWare poor guest isolation design Arthur Corliss (24 Aug 2007)
    - Re: VMWare poor guest isolation design Jonathan Yu (24 Aug 2007)
    - More on VMWare poor guest isolation design M. Burnett (24 Aug 2007)
    - Re: More on VMWare poor guest isolation design Tim Newsham (25 Aug 2007)
    - RE: More on VMWare poor guest isolation design M. Burnett (27 Aug 2007)
    - RE: More on VMWare poor guest isolation design Tim Newsham (27 Aug 2007)
    - RE: More on VMWare poor guest isolation design Arthur Corliss (28 Aug 2007)
    - Re: More on VMWare poor guest isolation design Wietse Venema (27 Aug 2007)
  - Re: VMWare poor guest isolation design Matt Richard (24 Aug 2007)
    - Re: VMWare poor guest isolation design Arthur Corliss (24 Aug 2007)
- Re: VMWare poor guest isolation design Tim Newsham (24 Aug 2007)
- RE: VMWare poor guest isolation design Ken Kousky (24 Aug 2007)
  - RE: VMWare poor guest isolation design Arthur Corliss (24 Aug 2007)
    - RE: VMWare poor guest isolation design Ken Kousky (25 Aug 2007)
    - RE: VMWare poor guest isolation design Arthur Corliss (28 Aug 2007)
rPSA-2007-0168-1 rsync rPath Update Announcements (22 Aug 2007)
phpress 0.2.0 (adisplay.php) Remote File Inclusion naxx (22 Aug 2007)
[ GLSA 200708-17 ] Opera: Multiple vulnerabilities Raphael Marichez (22 Aug 2007)
[ GLSA 200708-16 ] Qt: Multiple format string vulnerabilities Raphael Marichez (22 Aug 2007)
Buffer-overflow in the Asura engine Luigi Auriemma (22 Aug 2007)
Olate Download 3.4.2~download.php ~ sql injection imei Addmimistrator (22 Aug 2007)
TeamSpeak 2 Server Vulnerabilities? lehox (21 Aug 2007)
- Re: TeamSpeak 2 Server Vulnerabilities? 3APA3A (23 Aug 2007)
Announcement: Releasing CORE GRASP for PHP. An open source, dynamic web application protection system. Ezequiel Gutesman (22 Aug 2007)
Camino release 1.5.1 fixes several vulnerabilities Juha-Matti Laurio (22 Aug 2007)
Olate Download 3.4.2~modules/core/fldm.php~comments tag [url] XSS imei Addmimistrator (22 Aug 2007)
Olate Download 3.4.2~modules/core/uim.php~XSS imei Addmimistrator (22 Aug 2007)
HPSBST02255 SSRT071456 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS07-042 to MS07-050 security-alert(at)hp.com (22 Aug 2007)
Announcement: Releasing CORE GRASP for PHP. An open source, dynamic web application protection system. Ezequiel Gutesman (22 Aug 2007)
Ripe Website Manager SQL Injection and Cross Site Scripting Vulnerabilities OS2A BTO (22 Aug 2007)
Encryption Weakness in Sun Sun AS 9.0_0.1 (build b02-p01) fred(at)donovannetworks.com (22 Aug 2007)
Local Privilege Escalation Vulnerabilities in Lotus Notes Client kochetkov.vladimir(at)gmail.com (22 Aug 2007)
- Re: Local Privilege Escalation Vulnerabilities in Lotus Notes Client 3APA3A (22 Aug 2007)
[ MDKSA-2007:169 ] - Updated gdm packages fix DoS vulnerability security(at)mandriva.com (22 Aug 2007)
[ MDKSA-2007:168 ] - Updated vim packages fix vulnerability security(at)mandriva.com (21 Aug 2007)
iDefense Security Advisory 08.21.07: Trend Micro ServerProtect RPCFN_SYNC_TASK Integer Overflow Vulnerability iDefense Labs (21 Aug 2007)
iDefense Security Advisory 08.21.07: Trend Micro ServerProtect Multiple Buffer Overflow Vulnerabilities iDefense Labs (21 Aug 2007)
AST-2007-020: Resource Exhaustion Vulnerability in Asterisk SIP channel driver Asterisk Security Team (21 Aug 2007)
Vulnerabilities digest 3APA3A (21 Aug 2007)
- Re: Vulnerabilities digest Steven M. Christey (22 Aug 2007)
iDefense Security Advisory 08.20.07: Trend Micro SSAPI Long Path Buffer Overflow Vulnerability iDefense Labs (21 Aug 2007)
Joomla Component SimpleFAQ V2.11 - Remote SQL Injection k1tk4t(at)newhack.org (20 Aug 2007)
No cON Name 2007 - CALL FOR PAPERS deese(at)spezialk.net (21 Aug 2007)
[USN-501-1] jasper vulnerability Kees Cook (21 Aug 2007)
[USN-500-1] rsync vulnerability Kees Cook (20 Aug 2007)
Invision Power Board D22-Shoutbox HTML Injections DoZ(at)HackersCenter.com (21 Aug 2007)
SIEMENS Gigaset SE361 router XSS morin.josh(at)gmail.com (21 Aug 2007)
ZDI-07-049: EMC Legato Networker Remote Exec Service Stack Overflow Vulnerabilities zdi-disclosures(at)3com.com (20 Aug 2007)
Mambo Component SimpleFAQ V2.11 - Remote SQL Injection k1tk4t(at)newhack.org (20 Aug 2007)
[HISPASEC] Fileinfo 2.0.9 plugin for Total Commander multiple vulnerabilities Gynvael Coldwind (20 Aug 2007)
[ MDKSA-2007:167-1 ] - Updated libvorbis packages fix vulnerabilities security(at)mandriva.com (20 Aug 2007)
SYMSA-2007-007: Palm OS Treo Smartphone Denial of Service research(at)symantec.com (17 Aug 2007)
- Re: SYMSA-2007-007: Palm OS Treo Smartphone Denial of Service Stuart Moore (20 Aug 2007)
  - RE: SYMSA-2007-007: Palm OS Treo Smartphone Denial of Service Michael Bednar (20 Aug 2007)
    - Re: RE: SYMSA-2007-007: Palm OS Treo Smartphone Denial of Service bjohnson(at)bsu.edu (21 Aug 2007)
    - Re: SYMSA-2007-007: Palm OS Treo Smartphone Denial of Service Tuc at T-B-O-H.NET (21 Aug 2007)
    - Re: Re: SYMSA-2007-007: Palm OS Treo Smartphone Denial of Service s1m0n13(at)hotmail.com (21 Aug 2007)
report a bug ! Advisory(at)Aria-security.net (18 Aug 2007)
- Re: report a bug ! Steve Shockley (20 Aug 2007)
  - Re: report a bug ! Draichis (24 Aug 2007)
[Reversemode Advisory] CheckPoint ZoneLabs Vsdatant.sys multiple local privilege escalation vulnerabilities Reversemode (20 Aug 2007)
[ MDKSA-2007:167 ] - Updated libvorbis packages fix vulnerabilities security(at)mandriva.com (18 Aug 2007)
[ MDKSA-2007:166 ] - Updated rsync packages fix off-by-one buffer overflow security(at)mandriva.com (18 Aug 2007)
[ GLSA 200708-14 ] NVIDIA drivers: Denial of Service Raphael Marichez (19 Aug 2007)
[SECURITY] [DSA 1357-1] New koffice packages fix arbitrary code execution Moritz Muehlenhoff (19 Aug 2007)
IMF 2007 - Call for Participation Oliver Goebel (20 Aug 2007)
iDefense Security Advisory 08.20.07: Check Point Zone Labs Multiple Products Privilege Escalation Vulnerability iDefense Labs (20 Aug 2007)
iDefense Security Advisory 08.20.07: Check Point Zone Labs VSDATANT Multiple IOCTL Privilege Escalation Vulnerabilities iDefense Labs (20 Aug 2007)
[ GLSA 200708-15 ] Apache mod_jk: Directory traversal Raphael Marichez (19 Aug 2007)
Astaro DOS and POP3 bypass issues partially resolved William Warren (18 Aug 2007)
OWASP Mumbai Meeting : 6th Sep 2007 dharmeshmm(at)gmail.com (20 Aug 2007)
Gurur Haber v2.0 the.dumenci(at)gmail.com (20 Aug 2007)
Unexploitable buffer-overflow in the logging function of the Unreal engine Luigi Auriemma (18 Aug 2007)
- Re: Unexploitable buffer-overflow in the logging function of the Unreal engine rickmccl(at)gmail.com (29 Aug 2007)
  - Re[2]: Unexploitable buffer-overflow in the logging function of the Unreal engine 3APA3A (29 Aug 2007)
Multiple vulnerabilities in Toribash 2.71 Luigi Auriemma (18 Aug 2007)
Multiple vulnerabilities in rFactor 1.250 Luigi Auriemma (18 Aug 2007)
[ GLSA 200708-13 ] BIND: Weak random number generation Raphael Marichez (18 Aug 2007)
Remote Memory Read in Diskeeper 9 - 2007 auto48696(at)hushmail.com (16 Aug 2007)
iDefense Security Advisory 08.16.07: IBM DB2 Universal Database Directory Creation Vulnerability iDefense Labs (16 Aug 2007)
iDefense Security Advisory 08.16.07: IBM DB2 Universal Database Multiple File Creation Vulnerabilities iDefense Labs (16 Aug 2007)
Re: iDefense Security Advisory 08.16.07: IBM DB2 Universal Database Multiple Race Condition Vulnerabilities iDefense Labs (16 Aug 2007)
HPSBMA02242 SSRT061260 rev.2 - HP OpenView Network Node Manager (OV NNM) Running Shared Trace Service, Remote Arbitrary Code Execution -------- security-alert(at)hp.com (17 Aug 2007)
Cross Platform remote IM vulnerability / DOS Danslo(at)yahoo.com (17 Aug 2007)
- Re: Cross Platform remote IM vulnerability / DOS Gavin Hanover (17 Aug 2007)
- Re: Cross Platform remote IM vulnerability / DOS J. Oquendo (17 Aug 2007)
Skype Network Remote DoS Exploit Valery Marchuk (17 Aug 2007)
- Re: Skype Network Remote DoS Exploit Steven M. Christey (20 Aug 2007)
  - RE: Skype Network Remote DoS Exploit Marc Maiffret (20 Aug 2007)
    - RE: Skype Network Remote DoS Exploit David Harley (21 Aug 2007)
  - Re[2]: Skype Network Remote DoS Exploit Matthew Leeds (20 Aug 2007)
  - Re: Skype Network Remote DoS Exploit Valery Marchuk (20 Aug 2007)
    - Re: Skype Network Remote DoS Exploit Roland Dobbins (21 Aug 2007)
- Re: Skype Network Remote DoS Exploit Jay (21 Aug 2007)
ToorCon 9 CFP David Hulton (16 Aug 2007)
Olate Download 3.4.1~environment.php.php~Code Execution imei Addmimistrator (17 Aug 2007)
Release of Pass-The-Hash Toolkit for Windows v1.0 Hernan Ochoa (15 Aug 2007)
vBulletin V3.6.8 XSS Password Md5 Hash RaeD(at)BsdMail.Com (17 Aug 2007)
- Re: vBulletin V3.6.8 XSS Password Md5 Hash scott-REMOVE(at)vbulletin.com (17 Aug 2007)
iDefense Security Advisory 08.16.07: IBM DB2 Universal Database Multiple Untrusted Search Path Vulnerabilities iDefense Labs (16 Aug 2007)
rPSA-2007-0164-1 kernel rPath Update Announcements (16 Aug 2007)
iDefense Security Advisory 08.16.07: IBM DB2 Universal Database buildDasPaths Buffer Overflow Vulnerability iDefense Labs (16 Aug 2007)
iDefense Security Advisory 08.16.07: IBM DB2 Universal Database Directory Traversal Vulnerability iDefense Labs (16 Aug 2007)
[USN-499-1] Apache vulnerabilities Kees Cook (17 Aug 2007)
[ GLSA 200708-10 ] MySQL: Denial of Service and information leakage Raphael Marichez (16 Aug 2007)
Local privilege escalation vulnerability in Cisco VPN client NGSSoftware Insight Security Research (16 Aug 2007)
[ GLSA 200708-12 ] Wireshark: Multiple vulnerabilities Raphael Marichez (16 Aug 2007)
[ GLSA 200708-11 ] Lighttpd: Multiple vulnerabilities Raphael Marichez (16 Aug 2007)
TS-2007-003-0: BlueCat Networks Adonis CLI root privilege escalation anonymous.c7ffa4057a (16 Aug 2007)
- Re: TS-2007-003-0: BlueCat Networks Adonis CLI root privilege escalation security(at)bluecatnetworks.com (20 Aug 2007)
Another Oracle Forensics Paper... David Litchfield (16 Aug 2007)
FLEA-2007-0046-1 cups Foresight Linux Essential Announcement Service (16 Aug 2007)
MS07-042 XMLDOM substringData() PoC Alla Bezroutchko (16 Aug 2007)
Olate Download 3.4.1 ~ admin.php ~ Admin authentication bypassing imei Addmimistrator (16 Aug 2007)
- Re: Olate Download 3.4.1 ~ admin.php ~ Admin authentication bypassing postmaster(at)centrixonline.com (21 Aug 2007)
[USN-498-1] libvorbis vulnerabilities Kees Cook (16 Aug 2007)
TlbInf32 ActiveX Command Execution Brett Moore (15 Aug 2007)
[SECURITY] [DSA 1356-1] New Linux 2.6.18 packages fix several vulnerabilities dann frazier (15 Aug 2007)
[ MDKSA-2007:165 ] - Updated cups packages fix vulnerability security(at)mandriva.com (15 Aug 2007)
Safari for windows remote arbitry file upload laurent.gaffie(at)gmail.com (11 Aug 2007)
- Re: Safari for windows remote arbitry file upload Neil Dickey (15 Aug 2007)
  - Re: Re: Safari for windows remote arbitry file upload laurent.gaffie(at)gmail.com (16 Aug 2007)
  - Re: Re: Safari for windows remote arbitry file upload Neil Dickey (20 Aug 2007)
Contact at Secure Computing Dave Piscitello (14 Aug 2007)
Trackeur v.1 Remote File İnclude Bug cybermilitan(at)hotmail.com (14 Aug 2007)
- Re: Trackeur v.1 Remote File İnclude Bug the.tiger100(at)gmail.com (16 Aug 2007)
rPSA-2007-0161-1 dovecot rPath Update Announcements (14 Aug 2007)
iDefense Security Advisory 08.15.07: ESRI ArcSDE Numeric Literal Buffer Overflow Vulnerability iDefense Labs (15 Aug 2007)
Systme de vote en temps rel v1.0 Remote File include Bug cybermilitan(at)hotmail.com (14 Aug 2007)
[ MDKSA-2007:162 ] - Updated kdegraphics packages fix vulnerability security(at)mandriva.com (14 Aug 2007)
Cisco Security Advisory: Local Privilege Escalation Vulnerabilities in Cisco VPN Client Cisco Systems Product Security Incident Response Team (15 Aug 2007)
HPSBMA02240 SSRT061260 rev.1 - HP OpenView Operations Manager for Windows (OVOW) with the OpenView Operations Add On Module for OpenView Operations-Business Availability Center Integration Running Shared Trace Service, Remote Arbitrary Code Execution security-alert(at)hp.com (15 Aug 2007)
SecNiche : Microsoft Internet Explorer Pop up Blocker Bypassing and Dos Vulnerability Aditya K Sood (16 Aug 2007)
- RE: [Full-disclosure] SecNiche : Microsoft Internet Explorer Pop up Blocker Bypassing and Dos Vulnerability Debasis Mohanty (15 Aug 2007)
  - Re: [Full-disclosure] SecNiche : Microsoft Internet Explorer Pop up Blocker Bypassing and Dos Vulnerability Aditya K Sood (17 Aug 2007)
McAfee Virus Scan for Linux and Unix v5.10.0 Local Buffer Overflow Sebastian Wolfgarten (15 Aug 2007)
- Re: [Full-disclosure] McAfee Virus Scan for Linux and Unix v5.10.0 Local Buffer Overflow Harry Muchow (15 Aug 2007)
NSFOCUS SA2007-01 : Microsoft IE5 CSS Parsing Memory Corruption Vulnerability NSFOCUS Security Team (15 Aug 2007)
Cross Site Request Forgery in 2wire routers hkm(at)hakim.ws (15 Aug 2007)
[ GLSA 200708-09 ] Mozilla products: Multiple vulnerabilities Raphael Marichez (14 Aug 2007)
iDefense Security Advisory 08.14.07: Microsoft XML Core Services XMLDOM Memory Corruption Vulnerability iDefense Labs (14 Aug 2007)
iDefense Security Advisory 08.14.07: Microsoft Windows Vista Sidebar RSS Feeds Gadget Cross Site Scripting Vulnerability iDefense Labs (14 Aug 2007)
[ MDKSA-2007:164 ] - Updated tetex packages fix multiple vulnerabilities security(at)mandriva.com (14 Aug 2007)
ZDI-07-047: Microsoft Windows Media Player Malformed Skin Header Code Execution Vulnerability zdi-disclosures(at)3com.com (14 Aug 2007)
ZDI-07-046: Microsoft Windows Media Player Skin Parsing Size Mismatch Heap Overflow Vulnerability zdi-disclosures(at)3com.com (14 Aug 2007)
TPTI-07-14: HP OpenView Multiple Product Shared Trace Service Stack Overflow Vulnerabilities TSRT(at)3com.com (14 Aug 2007)
Multiple vulnerabilities in Babo Violent 2 2.08.00 Luigi Auriemma (14 Aug 2007)
ZDI-07-048: Microsoft Internet Explorer substringData() Heap Overflow Vulnerability zdi-disclosures(at)3com.com (14 Aug 2007)
[ MDKSA-2007:163 ] - Updated koffice packages fix vulnerability security(at)mandriva.com (14 Aug 2007)
FLEA-2007-0045-1 poppler Foresight Linux Essential Announcement Service (14 Aug 2007)
rPSA-2007-0160-1 openoffice.org rPath Update Announcements (14 Aug 2007)
Crash in Zoidcom 0.6.7 Luigi Auriemma (14 Aug 2007)
Multiple vulnerabilities in Live for Speed 0.5X10 Luigi Auriemma (14 Aug 2007)
FLEA-2007-0044-1 tetex tetex-dvips tetex-fonts Foresight Linux Essential Announcement Service (14 Aug 2007)
EEYE: Windows Metafile AttemptWrite Heap Overflow eEye Advisories (14 Aug 2007)
EEYE: VGX.DLL Compressed Content Heap Overflow Vulnerability eEye Advisories (14 Aug 2007)
IBM Rational ClearQuest Web SQL Injection Login Bypass swhite(at)securestate.com (14 Aug 2007)
WireShark MMS Remote Denial of Service vulnerability zwell(at)sohu.com (14 Aug 2007)
COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability Wojciech Purczynski (14 Aug 2007)
- Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability Dan Yefimov (14 Aug 2007)
  - Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability Wojciech Purczynski (14 Aug 2007)
    - Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability Dan Yefimov (14 Aug 2007)
  - Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability Glynn Clements (15 Aug 2007)
    - Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability Dan Yefimov (15 Aug 2007)
    - Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability Glynn Clements (15 Aug 2007)
    - Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability Dan Yefimov (16 Aug 2007)
    - Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability Glynn Clements (16 Aug 2007)
    - Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability Dan Yefimov (16 Aug 2007)
    - Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability Glynn Clements (17 Aug 2007)
    - Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability Dan Yefimov (17 Aug 2007)
    - Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability Glynn Clements (17 Aug 2007)
    - Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability Dan Yefimov (18 Aug 2007)
    - Re: Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability x82_(at)bk.ru (15 Aug 2007)
    - Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability Wojciech Purczynski (15 Aug 2007)
    - Re: Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability x82_(at)bk.ru (16 Aug 2007)
    - Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability Nicolas Rachinsky (17 Aug 2007)
    - Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability Dan Yefimov (17 Aug 2007)
- Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability Wojciech Purczynski (14 Aug 2007)
  - Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability Dan Yefimov (15 Aug 2007)
DeskPRO Admin Panel Multiple HTML Injections DoZ(at)HackersCenter.com (14 Aug 2007)
[USN-497-1] xfce4-terminal vulnerability Kees Cook (13 Aug 2007)
CVE-2007-3386: XSS in Host Manager Mark Thomas (13 Aug 2007)
CVE-2007-3385: Handling of \" in cookies Mark Thomas (13 Aug 2007)
[ MDKSA-2007:158 ] - Updated xpdf packages fix vulnerability security(at)mandriva.com (13 Aug 2007)
CVE-2007-3382: Handling of cookies containing a ' character Mark Thomas (13 Aug 2007)
- Re: CVE-2007-3382: Handling of cookies containing a ' character Christopher Schultz (14 Aug 2007)
[ MDKSA-2007:160 ] - Updated pdftohtml packages fix vulnerability security(at)mandriva.com (13 Aug 2007)
[ MDKSA-2007:161 ] - Updated poppler packages fix vulnerability security(at)mandriva.com (13 Aug 2007)
PHP Blue Dragon CMS 3.0.0 Remote File Inclusion Vulnerability (0dd exploit) Emanuele Gentili (13 Aug 2007)
[ MDKSA-2007:159 ] - Updated gpdf packages fix vulnerability security(at)mandriva.com (13 Aug 2007)
[security bulletin] HPSBMA02239 SSRT061260 rev.1 - HP OpenView Operations (OVO) Agents Running Shared Trace Service, Remote Arbitrary Code Execution security-alert(at)hp.com (13 Aug 2007)
FLEA-2007-0043-1 openssl Foresight Linux Essential Announcement Service (13 Aug 2007)
[security bulletin] HPSBMA02244 SSRT061260 rev.1 - HP OpenView Business Process Insight and Related Products Running Shared Trace Service, Remote Arbitrary Code Execution security-alert(at)hp.com (13 Aug 2007)
[security bulletin] HPSBMA02235 SSRT061260 rev.1 - HP OpenView Internet Service (OVIS) Running Shared Trace Service, Remote Arbitrary Code Execution security-alert(at)hp.com (13 Aug 2007)
[security bulletin] HPSBMA02246 SSRT061260 rev.1 - HP OpenView Performance Insight (OVPI) Running Shared Trace Service, Remote Arbitrary Code Execution -------- security-alert(at)hp.com (13 Aug 2007)
[security bulletin] HPSBMA02245 SSRT061260 rev.1 - HP OpenView Dashboard Running Shared Trace Service, Remote Arbitrary Code Execution security-alert(at)hp.com (13 Aug 2007)
[security bulletin] HPSBMA02242 SSRT061260 rev.1 - HP OpenView Network Node Manager (OV NNM) Running Shared Trace Service, Remote Arbitrary Code Execution security-alert(at)hp.com (13 Aug 2007)
[security bulletin] HPSBMA02241 SSRT061260 rev.1 - HP OpenView Service Quality Manager (OV SQM) Running Shared Trace Service, Remote Arbitrary Code Execution security-alert(at)hp.com (13 Aug 2007)
[security bulletin] HPSBMA02238 SSRT061260 rev.1 - HP OpenView Reporter Running Shared Trace Service, Remote Arbitrary Code Execution security-alert(at)hp.com (13 Aug 2007)
[security bulletin] HPSBMA02237 SSRT061260 rev.1 - HP OpenView Performance Agent (OVPA) Running Shared Trace Service, Remote Arbitrary Code Execution security-alert(at)hp.com (13 Aug 2007)
[SECURITY] [DSA 1355-1] New kdegraphics packages fix arbitrary code execution Moritz Muehlenhoff (13 Aug 2007)
Remote Denial of Service for SSH service at Dell DRAC4 (maybe Mocana SSH) Robert Scheck (13 Aug 2007)
- Re: Remote Denial of Service for SSH service at Dell DRAC4 (maybeMocana SSH) Thierry Zoller (13 Aug 2007)
  - Re: Remote Denial of Service for SSH service at Dell DRAC4 (maybeMocana SSH) Robert Scheck (15 Aug 2007)
Streamripper 1.62.1 - Buffer Overflows chris.rohlf(at)gmail.com (12 Aug 2007)
Multiple vulnerabilities in ircu Wouter Coekaerts (12 Aug 2007)
eXV2.de Browser Cookie is not properly sanitised webmaster(at)i-s-o.org (13 Aug 2007)
JobLister3 SQL injection vulnerabilities joseph.giron13(at)gmail.com (13 Aug 2007)
[SECURITY] [DSA 1354-1] New gpdf packages fix arbitrary code execution Moritz Muehlenhoff (13 Aug 2007)
[o0o] Bypassing servlet input validation filters (OWASP Stinger + Struts example) Meder Kydyraliev (13 Aug 2007)
Default Root Password in Infrant (now Netgear) ReadyNAS "RAIDiator" Felix Domke (13 Aug 2007)
Vulnerability in multiple "now playing" scripts for various IRC clients Wouter Coekaerts (12 Aug 2007)
- Re: Vulnerability in multiple "now playing" scripts for various IRC clients v9(at)fakehalo.us (15 Aug 2007)
  - Re: Vulnerability in multiple "now playing" scripts for various IRC clients Michael Tharp (15 Aug 2007)
  - Re: Vulnerability in multiple "now playing" scripts for various IRC clients Wouter Coekaerts (16 Aug 2007)
Neuron Blog Admin Permission Bypass and Remote File Upload Vulnerability rizgar(at)linuxmail.org (13 Aug 2007)
PHPCentral Poll Script Remote Command Execution Vulnerability rizgar(at)linuxmail.org (12 Aug 2007)
- Re: PHPCentral Poll Script Remote Command Execution Vulnerability Coopercentral(at)gmail.com (20 Aug 2007)
  - Re: PHPCentral Poll Script Remote Command Execution Vulnerability Eren TÃ¼rkay (20 Aug 2007)
PHPCentral Login Script Remote Command Execution Vulnerability rizgar(at)linuxmail.org (12 Aug 2007)
- Re: PHPCentral Login Script Remote Command Execution Vulnerability Magnus Holmgren (14 Aug 2007)
- Re: PHPCentral Login Script Remote Command Execution Vulnerability Steven M. Christey (14 Aug 2007)
[ GLSA 200708-07 ] Xfce Terminal: Remote arbitrary code execution Raphael Marichez (11 Aug 2007)
mcNews (skinfile) Remote File Include Vulnerability ilkerkandemir(at)mynet.com (11 Aug 2007)
CounterPath X-Lite SIP phone Remote Denial of Service vulnerability zwell(at)sohu.com (12 Aug 2007)
Beautifier Version 0.1 Remote File Include Vulnerability // MefistoLabs.Com ilkerkandemir(at)mynet.com (11 Aug 2007)
Lib2 PHP v0.2 (DOCUMENT_ROOT) Remote File Inclusion Vulnerability ilkerkandemir(at)mynet.com (11 Aug 2007)
WengoPhone SIP phone Remote Denial of Service vulnerability zwell(at)sohu.com (12 Aug 2007)
SOTEeSKLEP Remote File Disclosure Vulnerability theoden(at)interia.pl (13 Aug 2007)
- Re: SOTEeSKLEP Remote File Disclosure Vulnerability m(at)sote.pl (14 Aug 2007)
[ GLSA 200708-08 ] SquirrelMail G/PGP plugin: Arbitrary code execution Raphael Marichez (11 Aug 2007)
[ GLSA 200708-06 ] Net::DNS: Multiple vulnerabilities Raphael Marichez (11 Aug 2007)
Best Top List Remote File Upload Vulnerability rizgar(at)linuxmail.org (11 Aug 2007)
phpDVD v1.0.4 (dvd_config_file) Remote File Include Exploit ilkerkandemir(at)mynet.com (11 Aug 2007)
- Re: phpDVD v1.0.4 (dvd_config_file) Remote File Include Exploit BlackHawk (14 Aug 2007)
[SECURITY] [DSA 1353-1] New tcpdump packages fix arbitrary code execution Moritz Muehlenhoff (11 Aug 2007)
FCMS (Family Connections) <= 0.1.1 Remote Command Execution Exploit // www.MefistoLabs.com ilkerkandemir(at)mynet.com (11 Aug 2007)
- Re: FCMS (Family Connections) <= 0.1.1 Remote Command Execution Exploit // www.MefistoLabs.com hawkgotyou(at)gmail.com (13 Aug 2007)
[ MDKSA-2007:157 ] - Updated kdelibs packages fix cross-site scripting (XSS) vulnerabilities security(at)mandriva.com (10 Aug 2007)
php-stats xss whois.php vasodipandora(at)gmail.com (11 Aug 2007)
[ MDKSA-2007:156 ] - Updated imlib2 packages fix several issues security(at)mandriva.com (10 Aug 2007)
[ MDKSA-2007:155 ] - Updated tcpdump packages fix remote denial of service security(at)mandriva.com (09 Aug 2007)
Zyxel Zywall 2 multiple vulnerabilities Henri Lindberg - Smilehouse Oy (10 Aug 2007)
Joomla 1.0.12 CMS - Session fixation Issue in backend Administration interface router(at)email.si (10 Aug 2007)
rPSA-2007-0157-1 firefox thunderbird rPath Update Announcements (10 Aug 2007)
[ GLSA 200708-05 ] GD: Multiple vulnerabilities Raphael Marichez (09 Aug 2007)
rPSA-2007-0155-1 openssl openssl-scripts rPath Update Announcements (10 Aug 2007)
[HS-A007] Qbik WinGate Remote Denial of Service Harmony Security Advisory (10 Aug 2007)
[ MDKSA-2007:154 ] - Updated xine-ui packages fix denial of service and arbitrary code execution security(at)mandriva.com (09 Aug 2007)
rPSA-2007-0154-1 cups poppler tetex tetex-afm tetex-dvips tetex-fonts tetex-latex tetex-xdvi rPath Update Announcements (10 Aug 2007)
New Oracle Forensics Paper David Litchfield (10 Aug 2007)
BH/DC: Tactical Exploitation Materials H D Moore (09 Aug 2007)
TSLSA-2007-0024 - multi Trustix Security Advisor (10 Aug 2007)
[ GLSA 200708-04 ] ClamAV: Denial of Service Raphael Marichez (09 Aug 2007)
Join us at OWASP Mumbai Meet : 6th September 2007 dharmeshmm(at)owasp.org (09 Aug 2007)
FinDix Remote File Inclusion Vulnerability rizgar(at)linuxmail.org (09 Aug 2007)
iDefense Security Advisory 08.09.07: Hewlett-Packard OpenView Operations OVTrace Buffer Overflow Vulnerabilities iDefense Labs (09 Aug 2007)
VNSECON07 Materials released Jerome Athias (08 Aug 2007)
Design flaw in AS3 socket handling allows port probing fukami (09 Aug 2007)
Shoutbox 1.0 Remote Command Execution Vulnerability rizgar(at)linuxmail.org (09 Aug 2007)
File Uploader Version 1.1 Remote Command Execution Vulnerability rizgar(at)linuxmail.org (09 Aug 2007)
Web News 1.1 Remote Command Execution Vulnerability rizgar(at)linuxmail.org (09 Aug 2007)
Bilder Uploader 1.3 Remote Command Execution Vulnerability rizgar(at)linuxmail.org (09 Aug 2007)
Mapos Bilder Galerie Version 1.0 Remote Command Execution Vulnerability rizgar(at)linuxmail.org (09 Aug 2007)
Gstebuch Version 1.5 Remote Command Execution Vulnerability rizgar(at)linuxmail.org (09 Aug 2007)
- Re: Gstebuch Version 1.5 Remote Command Execution Vulnerability ilkerkandemir(at)mynet.com (10 Aug 2007)
  - Re: Gstebuch Version 1.5 Remote Command Execution Vulnerability Carsten Eilers (10 Aug 2007)
Summercon 2007 Atlanta August 24 - 26 rragan(at)spidynamics.com (09 Aug 2007)
Cisco NHRP denial of service (cisco-sa-20070808-nhrp) Martin Kluge (09 Aug 2007)
[ GLSA 200708-03 ] libarchive (formerly named as bsdtar): Multiple pax Extension Header Vulnerabilities Raphael Marichez (08 Aug 2007)
[Aria-Security.net] SAS Hotel Management System SQL Injection Advisory(at)Aria-security.net (09 Aug 2007)
[ GLSA 200708-01 ] Macromedia Flash Player: Remote arbitrary code execution Raphael Marichez (08 Aug 2007)
[ GLSA 200708-02 ] Xvid: Array indexing vulnerabilities Raphael Marichez (08 Aug 2007)
Coppermine Photo Gallery (yabbse.inc.php) Remote File Inclusion Vulnerability master-of-desastor(at)hotmail.com (06 Aug 2007)
- Re: Coppermine Photo Gallery (yabbse.inc.php) Remote File Inclusion Vulnerability laurent.gaffie(at)gmail.com (09 Aug 2007)
Cisco Security Advisory: Cisco IOS Secure Copy Authorization Bypass Vulnerability Cisco Systems Product Security Incident Response Team (08 Aug 2007)
Guestbook Script 1.9 RFI Ma$tEr-0F-De$a$t0r(at)hotmail.com (07 Aug 2007)
- Re: Guestbook Script 1.9 RFI laurent.gaffie(at)gmail.com (09 Aug 2007)
[USN-496-2] poppler vulnerability Kees Cook (07 Aug 2007)
XSS vulnerability in Cisco MeetingPlace Disclosure (08 Aug 2007)
- RE: XSS vulnerability in Cisco MeetingPlace Paul Oxman (poxman) (08 Aug 2007)
DoS in Microsoft Media Player 11 on Win XP SP2 thesinoda(at)hotmail.com (07 Aug 2007)
ASA-2007-019: Remote crash vulnerability in Skinny channel driver Security Response Team (07 Aug 2007)
iDefense Security Advisory 08.07.07: Apple Mac OS X mDNSResponder HTTP Request Heap Overflow Vulnerability iDefense Labs (07 Aug 2007)
[SECURITY] [DSA 1351-] New bochs packages fix privilege escalation Moritz Muehlenhoff (07 Aug 2007)
iDefense Security Advisory 08.07.07: Hewlett-Packard HP-UX Remote ldcconn Buffer Overflow Vulnerability iDefense Labs (07 Aug 2007)
[SECURITY] [DSA 1352-1] New pdfkit.framework packages fix arbitrary code execution Moritz Muehlenhoff (07 Aug 2007)
VietPHP Remote File Inclusion Vulnerbility master-of-desastor(at)hotmail.com (07 Aug 2007)
C-SAM oneWallet forget password Cross Site Scripting vulnerability tusharvartak(at)hotmail.com (07 Aug 2007)
ZDI-07-045: Novell Client NWSPOOL.DLL Stack Overflow Vulnerability zdi-disclosures(at)3com.com (06 Aug 2007)
Konqueror: URL address bar spoofing vulnerabilities Robert Swiecki (06 Aug 2007)
- Re: Konqueror: URL address bar spoofing vulnerabilities paraw (06 Aug 2007)
  - Re: [Full-disclosure] Konqueror: URL address bar spoofing vulnerabilities Robert Swiecki (07 Aug 2007)
    - Re: [Full-disclosure] Konqueror: URL address bar spoofing vulnerabilities Patrick Nagel (07 Aug 2007)
- Re: Konqueror: URL address bar spoofing vulnerabilities Jonathan Smith (06 Aug 2007)
  - Re: [Full-disclosure] Konqueror: URL address bar spoofing vulnerabilities Jonathan Smith (06 Aug 2007)
Ariadne CMS Remote File Inclusion Advisory(at)Aria-security.net (06 Aug 2007)
EZPhotoSales 1.9.3 Multiple Vulnerabilities Seth Fogie (06 Aug 2007)
[SECURITY] [DSA 1350-1] New tetex-bin packages fix arbitrary code execution Moritz Muehlenhoff (06 Aug 2007)
TS-2007-002-0: BlueCat Networks Adonis root Privilege Access anonymous.c7ffa4057a (06 Aug 2007)
- Re: TS-2007-002-0: BlueCat Networks Adonis root Privilege Access security(at)bluecatnetworks.com (09 Aug 2007)
cfp: TRsec, Istanbul Turkey gadie(at)beyondsecurity.com (05 Aug 2007)
Active Gmail "Sidejacking" - https is NOT ENOUGH Mike Perry (06 Aug 2007)
[security bulletin] HPSBUX02251 SSRT071449 rev.1 - HP-UX Running BIND, Remote DNS Cache Poisoning security-alert(at)hp.com (06 Aug 2007)
[security bulletin] HPSBMA02250 SSRT061275 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Execution of Arbitrary Code and Denial of Service (DoS) security-alert(at)hp.com (06 Aug 2007)
CORRECTION: EXPL0it FIXED :JPG PoC denial of service exploit by CrazyAngel reza_zahfaran(at)yahoo.com (06 Aug 2007)
- Re: CORRECTION: EXPL0it FIXED :JPG PoC denial of service exploit by CrazyAngel ifsecure(at)gmail.com (07 Aug 2007)
DOS issue in Astaro Version 7 packet filter reporting, POSSIBLE security issue in POP3 proxy William Warren (04 Aug 2007)
Envolution (News) <= v1.1.0 Remote SQL Injection k1tk4t(at)newhack.org (04 Aug 2007)
Question about exploit exposing SSN & user info hsukowa(at)yahoo.com (05 Aug 2007)
- RE: Question about exploit exposing SSN & user info J. Patterson Wicks (06 Aug 2007)
  - Re: Question about exploit exposing SSN & user info J. Oquendo (06 Aug 2007)
- RE: Question about exploit exposing SSN & user info Michal Bucko (06 Aug 2007)
[SECURITY] [DSA 1349-1] New libextractor packages fix arbitrary code execution Moritz Muehlenhoff (05 Aug 2007)
AL-Athkar.v2.0 Remote File Include RaeD(at)BsdMail.Com (04 Aug 2007)
AuraCMS [Forum Module] - Remote SQL Injection k1tk4t(at)newhack.org (05 Aug 2007)
ALL vgallite Remote File Include RaeD(at)BsdMail.Com (04 Aug 2007)
AL-Caricatier V.2.5 Remote File Include RaeD(at)BsdMail.Com (04 Aug 2007)
[SECURITY] [DSA 1346-1] New iceape packages fix several vulnerabilities Moritz Muehlenhoff (04 Aug 2007)
[SECURITY] [DSA 1345-1] New xulrunner packages fix several vulnerabilities Moritz Muehlenhoff (04 Aug 2007)
[ELEYTT] 4SIERPIEN2007 Michal Bucko (04 Aug 2007)
- Re: [ELEYTT] 4SIERPIEN2007 support1(at)advancedsearchbar.com (09 Aug 2007)
Joomla J! Reactions Component Remote File include Bug yollubunlar(at)hotmail.com (03 Aug 2007)
- Re: Joomla J! Reactions Component Remote File include Bug software(at)sdecnet.com (18 Aug 2007)
  - Re: Re: Joomla J! Reactions Component Remote File include Bug yollubunlar(at)yollubunlar.org (20 Aug 2007)
ContentDM Search.php XSS Vulnerability Monkeyboy9997(at)hotmail.com (04 Aug 2007)
[CFP] Kiwicon 2k7 - Call For Papers kiwicon(at)kiwicon.org (03 Aug 2007)
[ MDKSA-2007:153 ] - Updated gd packages fix several vulnerabilities security(at)mandriva.com (03 Aug 2007)
[SECURITY] [DSA 1348-1] New poppler packages fix arbitrary code execution Moritz Muehlenhoff (04 Aug 2007)
Immunity Debugger is now released nicolas.waisman(at)immunityinc.com (03 Aug 2007)
[SECURITY] [DSA 1347-1] New xpdf packages fix arbitrary code execution Moritz Muehlenhoff (04 Aug 2007)
FLEA-2007-0042-1 qt Foresight Linux Essential Announcement Service (03 Aug 2007)
Aceboard forum, SQL injection karmaguedon(at)hotmail.com (03 Aug 2007)
[ELEYTT] 3SIERPIEN2007 Michal Bucko (03 Aug 2007)
- Re: [ELEYTT] 3SIERPIEN2007 Michal Zalewski (03 Aug 2007)
- Re: [ELEYTT] 3SIERPIEN2007 Michal Bucko (03 Aug 2007)
  - Re: [ELEYTT] 3SIERPIEN2007 Michal Zalewski (04 Aug 2007)
- Re: [ELEYTT] 3SIERPIEN2007 xyborg(at)gmail.com (06 Aug 2007)
  - Re:Re: [ELEYTT] 3SIERPIEN2007 Michal Bucko (04 Aug 2007)
  - Re:Re: [ELEYTT] 3SIERPIEN2007 Michal Bucko (09 Aug 2007)
[Aria-Security.Net] Gallery In A Box Username & Password Parameters SQL Injection Advisory(at)Aria-security.net (02 Aug 2007)
[SECURITY] [DSA 1344-1] New iceweasel packages fix several vulnerabilities Moritz Muehlenhoff (03 Aug 2007)
[USN-496-1] koffice vulnerability Martin Pitt (03 Aug 2007)
FLEA-2007-0041-1 gdm Foresight Linux Essential Announcement Service (03 Aug 2007)
[USN-495-1] Qt vulnerability Martin Pitt (03 Aug 2007)
FLEA-2007-0040-1 thunderbird Foresight Linux Essential Announcement Service (03 Aug 2007)
[Aria-Security.Net] Next Gen Portfolio Manager SQL Injection Advisory(at)Aria-security.net (03 Aug 2007)
la-nai cms_v1.2.14 - Remote SQL Injection k1tk4t(at)newhack.org (02 Aug 2007)
[Whitepaper SecNiche] Insecurities in Implementing Serialization in BISON Aditya K Sood (04 Aug 2007)
our de France Pool 1.0.1 Remote File İnclude Bug yollubunlar(at)yollubunlar.org (02 Aug 2007)
Hunkaray Okul Portali v1.1 (tr) Sql injection Vuln yollubunlar(at)yollubunlar.org (02 Aug 2007)
Minimo .2 and more Firefox 2.0.0.6 Password Manager Vulnerabilites Seth Fogie (02 Aug 2007)
rPSA-2007-0153-1 qt-x11-free rPath Update Announcements (01 Aug 2007)
Baidu Soba Remote Code Execute Vulnerability(FGA-2007-10) hfli (01 Aug 2007)
[ MDKSA-2007:151 ] - Updated qt3 packages fix multiple vulnerabilities security(at)mandriva.com (01 Aug 2007)
CVE-2007-3384: XSS in Tomcat cookies example Mark Thomas (01 Aug 2007)
[USN-494-1] Gimp vulnerability Kees Cook (02 Aug 2007)
Pluck 4.3 themes.php Remote File Inclusion and disclosure no-reply(at)aria-security.net (02 Aug 2007)
[ MDKSA-2007:152 ] - Updated Firefox packages fix multiple vulnerabilities security(at)mandriva.com (01 Aug 2007)
FreeBSD Security Advisory FreeBSD-SA-07:07.bind FreeBSD Security Advisories (01 Aug 2007)
FreeBSD Security Advisory FreeBSD-SA-07:06.tcpdump FreeBSD Security Advisories (01 Aug 2007)
FreeBSD Security Advisory FreeBSD-SA-07:01.jail [REVISED] FreeBSD Security Advisories (01 Aug 2007)
[BuHa-Security] DoS Vulnerability in Konqueror 3.5.7 bugtraq(at)morph3us.org (01 Aug 2007)
FLEA-2007-0039-1 firefox Foresight Linux Essential Announcement Service (01 Aug 2007)
FLEA-2007-0038-1 gimp Foresight Linux Essential Announcement Service (01 Aug 2007)
PHP-Nuke (ALL versions) Multiple XSS and HTML injection mikispag(at)gmail.com (01 Aug 2007)
Mambo 4.6.2 CMS - Session fixation Issue in backend Administration interface tomaz.bratusa(at)teamintell.com (01 Aug 2007)
[security bulletin] HPSBUX02248 SSRT071437 rev.1 - HP-UX Running ARPA Transport, Remote Denial of Service (DoS) security-alert(at)hp.com (01 Aug 2007)
[security bulletin] HPSBUX02247 SSRT071432 rev.1 - HP-UX Running ARPA Transport, Local Denial of Service (DoS) security-alert(at)hp.com (01 Aug 2007)
WikiWebWeaver 1.1 beta Upload Shell Vulnerability yollubunlar(at)yollubunlar.org (01 Aug 2007)
Pwnie Awards Ceremony Alexander Sotirov (01 Aug 2007)
Re: Re: [BuHa-Security] Winamp 5.35 (Infinite) M3U File Inclusion DoS Vulnerability bugtraq(at)morph3us.org (01 Aug 2007)
- Re: [BuHa-Security] Winamp 5.35 (Infinite) M3U File Inclusion Stack Overflow Werner Van Belle (01 Aug 2007)
Re: security contact for uat.edu needed Hans Wolters (02 Aug 2007)
- Re: security contact for uat.edu needed Hans Wolters (03 Aug 2007)
  - Re: security contact for uat.edu needed Hans Wolters (11 Aug 2007)
Re: BellaBook Admin Bypass/Remote Code Execution jem(at)jemjabella.co.uk (01 Aug 2007)
Re: TS-2007-001-0: BlueCat Networks Adonis Linux-HA heartbeat DoS Vulnerability bmiskov(at)bluecatnetworks.com (03 Aug 2007)
Re: Guidance Software response to iSEC report on EnCase luke.cleverley(at)gmail.com (16 Aug 2007)
- RE: Re: Guidance Software response to iSEC report on EnCase Alex Stamos (02 Aug 2007)
Re: MySQLDumper vulnerability: Bypassing Apache based access control possible admin(at)mysqldumper.de (04 Aug 2007)

Last message date: 31 Aug 2007
Archived on: 26 Sep 2008 EDT

489 messages sort by: [ author ] [ date ] [ subject ] [ attachment ]
Other periods:[ Previous, Thread view ] [ Next, Thread view ]

This archive was generated by hypermail 2.1.8 : 26 Sep 2008 EDT