Hosting Provided By

Mailing List Archive For bugtraq@securityfocus.com Jun 2007 By Thread

Re: eTicket version 1.5.5 XSS Attack Vulnerability sf(at)hm2k.org (Fri Jun 29 2007 - 05:56:41 EDT)

iPhone Security Settings John Smith (Fri Jun 29 2007 - 20:10:06 EDT)
Re: Light Blog 4.1 XSS Vulnerability prodigy.zero(at)gmail.com (Sat Jun 30 2007 - 14:39:49 EDT)
akocomment SQL INJECTION (all version) Emanuele Gentili (Fri Jun 29 2007 - 17:12:37 EDT)
WheatBlog 1.1 RFI/SQL Injection underwater(at)itdefence.ru (Sat Jun 30 2007 - 10:52:04 EDT)
Re: Re: Progress Webspeed exploit for all releases suresync(at)gmail.com (Fri Jun 29 2007 - 17:51:26 EDT)
Airscanner Advisory #07062901: FlexiSPY Victim/User Database Exposure (Full world readable access to ALL SMS/Emails/Voice data from victims/users) Airscanner Corp. (Fri Jun 29 2007 - 13:45:31 EDT)
[USN-479-1] MadWifi vulnerabilities Kees Cook (Fri Jun 29 2007 - 01:37:26 EDT)
SQL Injection In Script VBZooM V1.12 RaeD(at)BsdMail.Com (Fri Jun 29 2007 - 03:36:10 EDT)
flac123 0.0.9 - Stack overflow in comment parsing David Thiel (Thu Jun 28 2007 - 22:34:02 EDT)
[SECURITY] [DSA 1325-1] New evolution packages fix arbitrary code execution Moritz Muehlenhoff (Fri Jun 29 2007 - 11:06:48 EDT)
TSLSA-2007-0021 - kerberos5 Trustix Security Advisor (Fri Jun 29 2007 - 08:08:59 EDT)
[SECURITY] [DSA 1323-1] New krb5 packages fix several vulnerabilities Moritz Muehlenhoff (Thu Jun 28 2007 - 16:13:18 EDT)
[SECURITY] [DSA 1324-1] New hiki packages fix missing input sanitising Steve Kemp (Thu Jun 28 2007 - 17:04:32 EDT)
FLEA-2007-0030-1: avahi avahi-glib avahi-sharp Foresight Linux Essential Announcement Service (Thu Jun 28 2007 - 10:33:43 EDT)
[security bulletin] HPSBTU02232 SSRT071429 rev.1 - Secure Web Server for HP Tru64 UNIX Powered by Apache (SWS) or HP Internet Express for Tru64 UNIX running PHP, Remote Arbitrary Code Execution, Unauthorized Disclosure of Information, or Denial of Service (DoS) security-alert(at)hp.com (Thu Jun 28 2007 - 10:28:21 EDT)
Secunia Research: KVIrc irc:// URI Handler Command Execution Vulnerability Secunia Research (Thu Jun 28 2007 - 09:19:18 EDT)
Secunia Research: Symantec Mail Security for SMTP Boundary Errors Secunia Research (Thu Jun 28 2007 - 09:17:09 EDT)
[SecurInfos] PCSoft WinDEV .wdp Project File Handling Buffer Overflow Jerome Athias (Thu Jun 28 2007 - 02:48:06 EDT)
XEForum Cookie Modification Privilege Escalation Vulnerability Firewall1954(at)hotmail.com (Wed Jun 27 2007 - 21:12:55 EDT)
FLEA-2007-0029-1: krb5 krb5-workstation Foresight Linux Essential Announcement Service (Wed Jun 27 2007 - 20:27:48 EDT)
rPSA-2007-0136-1 httpd mod_ssl rPath Update Announcements (Wed Jun 27 2007 - 17:32:41 EDT)
eTicket version 1.5.5 XSS Attack Vulnerability securityresearch(at)netvigilance.com (Wed Jun 27 2007 - 17:04:24 EDT)
eTicket version 1.5.5 Path Disclosure Vulnerability securityresearch(at)netvigilance.com (Wed Jun 27 2007 - 17:04:15 EDT)
[SECURITY] [DSA 1322-1] New wireshark packages fix denial of service Moritz Muehlenhoff (Wed Jun 27 2007 - 16:57:25 EDT)
[GOODFELLAS - VULN] hpqxml.dll 2.0.0.133 from HP Digital Imaging Arbitary Data Write. Goodfellas SRT (Wed Jun 27 2007 - 16:27:57 EDT)
rPSA-2007-0135-1 krb5 krb5-server krb5-services krb5-test krb5-workstation rPath Update Announcements (Wed Jun 27 2007 - 16:18:20 EDT)
CheckPoint VPN-1 UTM Edge Cross Site Request Forgery vulnerability Henri Lindberg - Louhi Networks Oy (Tue Jun 26 2007 - 21:01:32 EDT)
Juniper SBR V 6.0.1 CRL-Checking problem USprotte(at)web.de (Wed Jun 27 2007 - 14:56:29 EDT)
Contact request - nVidia john-lindsay(at)ngssoftware.com (Wed Jun 27 2007 - 12:38:07 EDT)
HPSBTU02207 SSRT061239 rev.2 - HP Tru64 UNIX OpenSSL and BIND Remote Arbitrary Code Execution or Denial of Service (DoS) security-alert(at)hp.com (Wed Jun 27 2007 - 09:04:39 EDT)
[ MDKSA-2007:136 ] - Updated evolution packages fix vulnerability security(at)mandriva.com (Tue Jun 26 2007 - 18:27:44 EDT)
Openedge _mprosrv buffer overflow suresync(at)gmail.com (Wed Jun 27 2007 - 06:14:13 EDT)
Conti FTP Server v1.0 DoS esc6(at)hush.com (Tue Jun 26 2007 - 23:24:16 EDT)
SAP Internet Communication Framework (BC-MID-ICF) Vulnerability Ivan Buetler (Wed Jun 27 2007 - 03:03:39 EDT)
PHP 4/5 htaccess safemode and open_basedir Bypass cxib(at)securityreason.com (Tue Jun 26 2007 - 20:42:04 EDT)
SAP Web Dynpro Java (BC-WD-JAV) Vulnerability Ivan Buetler (Wed Jun 27 2007 - 03:00:50 EDT)
[USN-478-1] libexif vulnerability Kees Cook (Tue Jun 26 2007 - 20:10:18 EDT)
[ MDKSA-2007:137 ] - Updated krb5 packages fix vulnerabilities security(at)mandriva.com (Tue Jun 26 2007 - 23:34:58 EDT)
[USN-477-1] krb5 vulnerabilities Kees Cook (Tue Jun 26 2007 - 20:01:44 EDT)
[ GLSA 200706-08 ] emul-linux-x86-java: Multiple vulnerabilities Raphael Marichez (Tue Jun 26 2007 - 17:12:29 EDT)
[ GLSA 200706-09 ] libexif: Buffer overflow Raphael Marichez (Tue Jun 26 2007 - 17:22:02 EDT)
[GOODFELLAS - VULN ] Avaxswf.dll v.1.0.0.1 from Avax Vector software ActiveX Arbitrary Data Write GOODFELLAS SRT (Tue Jun 26 2007 - 16:03:50 EDT)
iDefense Security Advisory 06.26.07: RealNetworks RealPlayer/HelixPlayer SMIL wallclock Stack Overflow Vulnerability iDefense Labs (Tue Jun 26 2007 - 15:53:46 EDT)
Calyptix Security Advisory CX-2007-04 - Cross-Site Request Forgery Attack Against Check Point Safe@Office Device Calyptix Security (Tue Jun 26 2007 - 14:44:53 EDT)
iDefense Security Advisory 06.26.07: Multiple Vendor Kerberos kadmind Rename Principal Buffer Overflow Vulnerability iDefense Labs (Tue Jun 26 2007 - 14:46:14 EDT)
MITKRB5-SA-2007-005: kadmind vulnerable to buffer overflow Tom Yu (Tue Jun 26 2007 - 14:01:56 EDT)
MITKRB5-SA-2007-004: kadmind multiple RPC lib vulnerabilities Tom Yu (Tue Jun 26 2007 - 14:01:54 EDT)
SYMSA-2007-004: Multiple Vulnerabilities in Xythos Server Products research(at)symantec.com (Fri Jun 22 2007 - 14:06:27 EDT)
rPSA-2007-0133-1 emacs emacs-leim rPath Update Announcements (Mon Jun 25 2007 - 20:44:48 EDT)
CFP: ISOI III (a DA workshop) Gadi Evron (Tue Jun 26 2007 - 00:16:19 EDT)
[ISR] :: Infobyte Security Research :: release (ISR-sqlget.pl) v1.0.0 Francisco Amato (Mon Jun 25 2007 - 17:02:20 EDT)
Re: Apple Safari: idn urlbar spoofing Robert Swiecki (Mon Jun 25 2007 - 16:33:19 EDT)
- RE: [Full-disclosure] Apple Safari: idn urlbar spoofing Larry Seltzer (Mon Jun 25 2007 - 17:15:22 EDT)
  - Re: [Full-disclosure] Apple Safari: idn urlbar spoofing Michal Zalewski (Mon Jun 25 2007 - 17:22:34 EDT)
    - Re: Apple Safari: idn urlbar spoofing Robert Swiecki (Wed Jun 27 2007 - 05:27:40 EDT)
Calendarix version 0.7. 20070307 Multiple SQL Injection Vulnerabilities securityresearch(at)netvigilance.com (Mon Jun 25 2007 - 12:20:53 EDT)
MyNews version 0.10 SQL Injection Vulnerability securityresearch(at)netvigilance.com (Mon Jun 25 2007 - 12:18:03 EDT)
[security bulletin] HPSBUX02225 SSRT071295 rev.1 - HP-UX Running Xserver, Local Denial of Service (DoS) security-alert(at)hp.com (Mon Jun 25 2007 - 09:01:05 EDT)
rPSA-2007-0131-1 libexif rPath Update Announcements (Mon Jun 25 2007 - 12:10:39 EDT)
"run as" local denial-of-service enables administrative account processes to be killed Eitan Caspi (Sat Jun 23 2007 - 16:44:59 EDT)
- RE: "run as" local denial-of-service enables administrative account processes to be killed James C. Slora Jr. (Tue Jun 26 2007 - 10:30:18 EDT)
Safari XMLHttpRequest HTTP header injection Richard Moore (Mon Jun 25 2007 - 07:03:18 EDT)
Re: Re: [MajorSecurity Advisory #47]Simple Machines Forum (SMF) - Session fixation Issue motokochan(at)simplemachines.org (Mon Jun 25 2007 - 02:33:01 EDT)
KF Web Server 3.1.0 admin console XSS imprili(at)gmail.com (Sat Jun 23 2007 - 15:18:37 EDT)
- Re: KF Web Server 3.1.0 admin console XSS support(at)keyfocus.net (Tue Jun 26 2007 - 09:26:10 EDT)
Calendarix version 0.7. 20070307 Multiple XSS Attacks securityresearch(at)netvigilance.com (Mon Jun 25 2007 - 12:24:59 EDT)
Papoo CMS 3.6 - Access Restriction Bypass Nico Leidecker (Sun Jun 24 2007 - 12:22:03 EDT)
Calendarix version 0.7. 20070307 Multiple Path Disclosure Vulnerabilities securityresearch(at)netvigilance.com (Mon Jun 25 2007 - 12:20:30 EDT)
phpTrafficA < 1.4.2 laurent.gaffie(at)gmail.com (Sun Jun 24 2007 - 13:56:56 EDT)
Safari Bookmarks Buffer Overflow Vulnerability azizov(at)itdefence.ru (Sun Jun 24 2007 - 12:14:59 EDT)
Calendarix version 0.7. 20070307 Multiple Path Disclosure Vulnerabilities securityresearch(at)netvigilance.com (Mon Jun 25 2007 - 12:18:25 EDT)
Pluxml 0.3.1 Remote Code Execution Exploit gmdarkfig(at)gmail.com (Sun Jun 24 2007 - 11:08:05 EDT)
LiteWEB 2.7 404 Denial of Services imprili(at)gmail.com (Sat Jun 23 2007 - 15:51:56 EDT)
Ingres wakeup setuid(ingres) file truncation NGSSoftware Insight Security Research (Mon Jun 25 2007 - 05:41:10 EDT)
Ingres stack overflow in uuid_from_char function NGSSoftware Insight Security Research (Mon Jun 25 2007 - 05:35:42 EDT)
POWER PHLOGGER v.2.2.5 (username) SQL Injection darkz.gsa(at)gmail.com (Mon Jun 25 2007 - 04:47:55 EDT)
Ingres Unauthenticated Pointer Overwrite 1 NGSSoftware Insight Security Research (Mon Jun 25 2007 - 05:30:51 EDT)
Papoo CMS 3.6 - SQL Injection Nico Leidecker (Sun Jun 24 2007 - 12:20:59 EDT)
Ingres verifydb local stack overflow NGSSoftware Insight Security Research (Mon Jun 25 2007 - 05:38:58 EDT)
Ingres Unauthenticated Pointer Overwrite 2 NGSSoftware Insight Security Research (Mon Jun 25 2007 - 05:33:33 EDT)
SHTTPD V1.38 server source code disclosure imprili(at)gmail.com (Sat Jun 23 2007 - 13:21:38 EDT)
[GOODFELLAS - VULN] BarCodeAx.dll v. 4.9 ActiveX Control Remote Stack Buffer Overflow GOODFELLAS SRT (Sat Jun 23 2007 - 12:07:17 EDT)
[SECURITY] [DSA 1320-1] New clamav packages fix several vulnerabilities Moritz Muehlenhoff (Sat Jun 23 2007 - 06:57:02 EDT)
[SECURITY] [DSA 1321-1] New evolution-data-server packages fix arbitrary code execution Moritz Muehlenhoff (Sat Jun 23 2007 - 08:49:54 EDT)
[SECURITY] [DSA 1319-1] New maradns packages fix denial of service Moritz Muehlenhoff (Sat Jun 23 2007 - 05:54:46 EDT)
[SECURITY] [DSA 1318-1] New ekg packages fix denial of service Moritz Muehlenhoff (Fri Jun 22 2007 - 17:39:23 EDT)
Re: Re: PHPMyDesk Beta Release 1.0b ==> RFI no-spam(at)brierley.com (Fri Jun 22 2007 - 21:00:58 EDT)
[SECURITY] [DSA 1317-1] New tinymux packages fix buffer overflow Steve Kemp (Fri Jun 22 2007 - 21:10:24 EDT)
[ MDKSA-2007:135 ] - Updated webmin packages fix XSS vulnerability security(at)mandriva.com (Fri Jun 22 2007 - 19:37:55 EDT)
FLEA-2007-0028-1: libexif Foresight Linux Essential Announcement Service (Fri Jun 22 2007 - 15:08:41 EDT)
[USN-476-1] redhat-cluster-suite vulnerability Kees Cook (Fri Jun 22 2007 - 14:22:56 EDT)
eNdonesia 8.4 [multiple injection sql] laurent.gaffie(at)gmail.com (Fri Jun 22 2007 - 12:24:52 EDT)
[CAID 35450, 35451, 35452, 35453]: CA Products That Embed Ingres Multiple Vulnerabilities Williams, James K (Fri Jun 22 2007 - 10:00:40 EDT)
All Of the Mambo & Joomla Script Remote File Inclussion Bugs.. spymeta(at)yahoo.com (Fri Jun 22 2007 - 05:36:26 EDT)
[USN-475-1] evolution-data-server vulnerability Kees Cook (Thu Jun 21 2007 - 19:52:28 EDT)
MS07-034: Executing arbitrary script with mhtml: protocol handler HASEGAWA Yosuke (Thu Jun 21 2007 - 23:42:13 EDT)
[ MDKSA-2007:134 ] - Updated xfsdump packages fix unsafe temporary directory creation issue security(at)mandriva.com (Thu Jun 21 2007 - 19:58:30 EDT)
[ MDKSA-2007:133 ] - Updated emacs packages fix DoS vulnerability security(at)mandriva.com (Thu Jun 21 2007 - 18:21:24 EDT)
iDefense Security Advisory 06.21.07: Ingres Database Multiple Heap Corruption Vulnerabilities iDefense Labs (Thu Jun 21 2007 - 16:50:32 EDT)
Re: New Include Redirect Bug XSS All vBulletin(r) v 3.x.x Steven M. Christey (Thu Jun 21 2007 - 16:21:15 EDT)
- Re: Re: New Include Redirect Bug XSS All vBulletin(r) v 3.x.x scott-REMOVE-(at)vbulletin.com (Fri Jun 22 2007 - 06:30:09 EDT)
HPSBST02231 SSRT071438 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS07-030 to MS07-035 security-alert(at)hp.com (Thu Jun 21 2007 - 15:28:25 EDT)
[security bulletin] HPSBGN02199 SSRT071312 rev.3 - Mercury Quality Center ActiveX, Remote Unauthorized Arbitrary Code Executio security-alert(at)hp.com (Thu Jun 21 2007 - 15:27:26 EDT)
NetClassifieds [multiple vulnerabilities] laurent.gaffie(at)gmail.com (Thu Jun 21 2007 - 15:21:35 EDT)
[ MDKSA-2007:132 ] - Updated madwifi-source, wpa_supplicant packages fix vulnerabilities security(at)mandriva.com (Thu Jun 21 2007 - 15:03:01 EDT)
Re: New Include Redirect Bug XSS All vBulletin v 3.x.x kaneda(at)bohater.net (Thu Jun 21 2007 - 14:39:11 EDT)
- Re: Re: New Include Redirect Bug XSS All vBulletin v 3.x.x scott-REMOTE-(at)vbulletin.com (Fri Jun 22 2007 - 07:32:23 EDT)
Outpost Enforcing system reboot with 'outpost_ipc_hdr' mutex Vulnerability Matousec - Transparent security Research (Fri Jun 01 2007 - 13:37:09 EDT)
phpreactor <===1.2.7 remote file include pito pito (Fri Jun 01 2007 - 08:26:56 EDT)

110 messages sort by: [ author ] [ date ] [ subject ] [ attachment ]

This archive was generated by hypermail 2.1.8 : Wed Jul 16 2008 - 14:45:28 EDT