Hosting Provided By

Mailing List Archive For bugtraq@securityfocus.com Jul 2007 By Author

3APA3A
- Re: [BuHa-Security] Winamp 5.35 (Infinite) M3U File Inclusion DoS Vulnerability (Tue Jul 31 2007 - 16:49:07 EDT)
- Re: TippingPoint IPS Signature Evasion (Wed Jul 11 2007 - 10:30:04 EDT)
- durito: enVivo!CMS SQL injection (Wed Jul 11 2007 - 04:29:32 EDT)
- Moodle XSS / Liesbeth base CMS sensitive information disclosure (Tue Jul 03 2007 - 05:10:27 EDT)
A. R.
- Cross Site Scripting in Oliver Library Management System (Tue Jul 03 2007 - 13:01:30 EDT)
Aaron Katz
- Re: Internet Explorer 0day exploit (Fri Jul 20 2007 - 14:36:50 EDT)
- Re: Internet Explorer 0day exploit (Fri Jul 20 2007 - 14:43:16 EDT)
abrash_han(at)hotmail.com
- Re: Retrieving "deleted" sms/mms from Nokia phone (Symbian S60) (Fri Jul 27 2007 - 08:03:32 EDT)
activereports.support(at)datadynamics.com
- Re: [Eleytt] 7LIPIEC2007 (Mon Jul 23 2007 - 14:41:45 EDT)
Adam Laurie
- London DC4420 meet - tommorrow, Wednesday 18th July (Tue Jul 17 2007 - 11:13:40 EDT)
- Announce: RFIDIOt PC/SC support - new release 0.1p (July 2007) (Tue Jul 10 2007 - 10:44:30 EDT)
Aditya K Sood
- [CVE-2007-3816][Advisory] JWIG Context-Dependent Template Calling Dos (Sat Jul 21 2007 - 03:12:24 EDT)
- WhitePapers By SecNiche Security (Sun Jul 15 2007 - 22:01:12 EDT)
- Advisory : Internet Explorer Zone Domain Specification Dos and Page suppressing. (Sun Jul 01 2007 - 12:53:42 EDT)
admin(at)majorsecurity.de
- [MajorSecurity Advisory #51]Virtual Hosting Control System - Session fixation Issue (Sat Jul 21 2007 - 04:49:56 EDT)
Advisory(at)aria-security.net
- E-commerceScripts ALL Apps (Auction Script, Shopping Cart Script and Multi-Vendor E-Shop Script) admin.aspx SQL (Sat Jul 28 2007 - 19:18:52 EDT)
- WebEvents: Online Event Registration Template Username Fields SQL INJECTION (Fri Jul 27 2007 - 20:00:00 EDT)
- WebEvents: Online Event Registration Template Username Fields SQL INJECTION (Fri Jul 27 2007 - 19:59:53 EDT)
- Message Board / Threaded Discussion Forum SQL INJECTION (Fri Jul 27 2007 - 20:00:31 EDT)
- Pay Roll - Time Sheet and Punch Card Application With Web Interface SQL Injection (Fri Jul 27 2007 - 20:00:48 EDT)
- Real Estate listing website application template SQL Injection (Fri Jul 27 2007 - 20:01:00 EDT)
- WebStore - Online Store Application Template SQL INJECTION (Fri Jul 27 2007 - 20:00:10 EDT)
- Dependet Forums (Username Field) Remote SQL Injection (Wed Jul 25 2007 - 23:24:20 EDT)
- cPanel 10.9.1 XSS (Mon Jul 23 2007 - 20:01:06 EDT)
- [Aria-Security] Image Racer SearchResults.asp SQL INJECTION vuln. (Sun Jul 22 2007 - 19:42:46 EDT)
- [Aria-Security] Munch Pro Remote Login ByPass (Sat Jul 21 2007 - 03:20:17 EDT)
- [Aria-Security] Property Pro Remote Login ByPass (Sat Jul 21 2007 - 03:21:40 EDT)
ak(at)red-database-security.com
- Oracle Security: SQL Injection in APEX CHECK_DB_PASSWORD (Wed Jul 18 2007 - 01:57:14 EDT)
- Oracle Security: SQL Injection in package DBMS_PRVTAQIS (Wed Jul 18 2007 - 01:55:13 EDT)
- Oracle Security: Insert / Update / Delete Data via Views (Wed Jul 18 2007 - 01:54:20 EDT)
Alex Stamos
- Re: Guidance Software response to iSEC report on EnCase (Thu Jul 26 2007 - 19:32:39 EDT)
Alexander Sotirov
- Re: Guidance Software response to iSEC report on EnCase (fwd) (Thu Jul 26 2007 - 18:38:07 EDT)
- The Pwnie Awards! (Mon Jul 23 2007 - 17:12:13 EDT)
Amit Klein
- Re: "BIND 9 DNS Cache Poisoning" by Amit Klein (Trusteer) (Fri Jul 27 2007 - 18:34:13 EDT)
- Re: "BIND 9 DNS Cache Poisoning" by Amit Klein (Trusteer) (Fri Jul 27 2007 - 15:19:19 EDT)
- Re: "BIND 9 DNS Cache Poisoning" by Amit Klein (Trusteer) (Tue Jul 24 2007 - 16:07:59 EDT)
- "BIND 9 DNS Cache Poisoning" by Amit Klein (Trusteer) (Tue Jul 24 2007 - 03:33:51 EDT)
- Re: Whitepaper - DNS pinning and web proxies (Tue Jul 10 2007 - 14:19:05 EDT)
Amon Ott
- [ANNOUNCE] RSBAC 1.3.5 released (Thu Jul 19 2007 - 05:49:11 EDT)
Andres Riancho
- TippingPoint detection bypass (Wed Jul 11 2007 - 08:20:19 EDT)
announce(at)breakpointsecurity.net
- Breakpoint Security: Encase Pre-Advisory (Fri Jul 27 2007 - 03:25:32 EDT)
anonymous.c7ffa4057a
- TS-2007-001-0: BlueCat Networks Adonis Linux-HA heartbeat DoS Vulnerability (Sun Jul 29 2007 - 14:32:52 EDT)
Bigby Findrake
- Re: Internet Explorer 0day exploit (Wed Jul 18 2007 - 14:37:02 EDT)
BlackHawk
- Re: PHMe CMS 0.0.2 local File Include Vulnerabilitiy (Mon Jul 23 2007 - 12:57:44 EDT)
- Re[2]: Light Blog 4.1 XSS Vulnerability (Tue Jul 03 2007 - 07:52:31 EDT)
brad(at)isecpartners.com
- Whitepaper: Command Injection in XML Digital Signatures and Encryption (Thu Jul 12 2007 - 16:34:40 EDT)
Brett Moore
- SUN Java JNLP Overflow (Tue Jul 10 2007 - 22:37:26 EDT)
bugtraq(at)cgisecurity.net
- Re: [Full-disclosure] Mozilla protocol abuse (Wed Jul 25 2007 - 15:00:44 EDT)
bugtraq(at)henningpingel.de
- MySQLDumper vulnerability: Bypassing Apache based access control possible (Tue Jul 03 2007 - 17:01:49 EDT)
bunker
- Oracle bad Views - Exploit released (Sat Jul 21 2007 - 05:53:40 EDT)
Calyptix Security
- Calyptix Security Advisory CX-2007-05 - eSoft InstaGate EX2 Cross-Site Request Forgery Attack (Wed Jul 11 2007 - 13:42:00 EDT)
Carl Livitt
- AsteriDex (Asterisk / Trixbox) remote code execution (Thu Jul 05 2007 - 12:24:44 EDT)
Chad Perrin
- Re: Internet Explorer 0day exploit (Fri Jul 20 2007 - 17:08:52 EDT)
Charles Kim
- Mitridat Form Processor Pro XSS (Wed Jul 25 2007 - 13:13:25 EDT)
Chris Stromblad
- Re: Internet Explorer 0day exploit (Wed Jul 18 2007 - 16:17:13 EDT)
- Re: Internet Explorer 0day exploit (Fri Jul 20 2007 - 04:22:32 EDT)
- Re: Internet Explorer 0day exploit (Wed Jul 18 2007 - 16:12:11 EDT)
- Re: Internet Explorer 0day exploit (Wed Jul 18 2007 - 04:37:07 EDT)
Chris Travers
- Security Advisory: Login bypass in LedgerSMB 1.2.0 through 1.2.6 (Wed Jul 18 2007 - 11:36:58 EDT)
- Clarifications on LedgerSMB vulnerability with Bugtraq ID:24940 (Tue Jul 17 2007 - 20:55:47 EDT)
Christopher Schwardt
- Session Riding and multiple XSS in WebCit (Sat Jul 14 2007 - 17:01:00 EDT)
Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Wireless ARP Storm Vulnerabilities (Tue Jul 24 2007 - 13:22:52 EDT)
- Cisco Security Advisory: Denial of Service Vulnerability in Cisco Wide Area Application Services (WAAS) Software (Wed Jul 18 2007 - 12:16:09 EDT)
- Cisco Security Advisory: Cisco Unified Communications Manager and Presence Server Unauthorized Access Vulnerabilities (Wed Jul 11 2007 - 12:00:00 EDT)
- Cisco Security Advisory: Cisco Unified Communications Manager Overflow Vulnerabilities (Wed Jul 11 2007 - 12:00:00 EDT)
Code Audit Labs
- CAL-20070730-1 BlueSkyCat ActiveX Remote Heap Overflow vulnerability (Mon Jul 30 2007 - 20:36:11 EDT)
Cornelius Riemenschneider
- Re: LFI On SMF 1.1.3 (Wed Jul 18 2007 - 15:03:52 EDT)
corrado.liotta(at)alice.it
- phpTrafficA <=1.4.3 Admin Login Bypass (Fri Jul 06 2007 - 14:28:23 EDT)
crazy_king(at)eno7.org
- Metyus Forum Portal v1.0 (Fri Jul 27 2007 - 07:36:40 EDT)
Cyrill Brunschwiler
- DokuWiki suffers XSS (Thu Jul 19 2007 - 10:49:24 EDT)
Dafydd Stuttard
- Whitepaper - DNS pinning and web proxies (Tue Jul 10 2007 - 11:29:57 EDT)
Dan Harkless
- Re: iDefense Security Advisory 07.11.07: Apple QuickTime SMIL File Processing Integer Overflow Vulnerability (Mon Jul 16 2007 - 20:13:57 EDT)
darkz.gsa(at)gmail.com
- eTicket v.1.5.1.1 Multiple Cross-Site Scripting (Mon Jul 02 2007 - 03:42:56 EDT)
darthballsbr(at)hotmail.com
- PHPBlogger cookie privilege escalation (Sat Jul 28 2007 - 07:03:24 EDT)
does_not_exist(at)jmp-esp.kicks-ass.net
- MkPortal - Multiple SQL Injection Vulnerabilities (Thu Jul 12 2007 - 09:04:50 EDT)
- SquirrelMail G/PGP Encryption Plug-in Remote Command Execution Vulnerability (Wed Jul 11 2007 - 10:10:30 EDT)
DoZ(at)HackersCenter.com
- PHPSysInfo Index.php Cross Site Scripting (Tue Jul 24 2007 - 23:12:09 EDT)
Dragos Ruiu
- Really, really, penultimate, PacSec CFP deadline, Aug 10. (Tue Jul 31 2007 - 17:25:23 EDT)
- Re: Internet Explorer 0day exploit (Sat Jul 14 2007 - 22:40:42 EDT)
- PacSec 2007 Call For Papers (Nov. 29/30, deadline July 27) (Tue Jul 03 2007 - 23:32:44 EDT)
eEye Advisories
- EEYE: Microsoft Publisher 2007 Arbitrary Pointer Dereference (Tue Jul 10 2007 - 18:01:13 EDT)
- EEYE: Sun Java WebStart JNLP Stack Buffer Overflow Vulnerability (Mon Jul 09 2007 - 17:09:41 EDT)
f00(at)nowayyyy.de
- Webspell 4.x Local File Inclusion (Sun Jul 22 2007 - 09:45:55 EDT)
Fady Anwar
- Anti XSS AJAX (Thu Jul 26 2007 - 05:28:47 EDT)
- The dark side of ajax (Fri Jul 13 2007 - 15:45:03 EDT)
Ferruh Mavituna
- XSS Tunnelling White Paper and Tool (Tue Jul 10 2007 - 17:51:02 EDT)
Foresight Linux Essential Announcement Service
- FLEA-2007-0037-1 unrar (Mon Jul 30 2007 - 21:39:26 EDT)
- FLEA-2007-0036-1 vim vim-minimal gvim (Mon Jul 30 2007 - 12:49:46 EDT)
- FLEA-2007-0035-1: libvorbis (Fri Jul 27 2007 - 13:16:17 EDT)
- FLEA-2007-0034-1: (Thu Jul 26 2007 - 11:52:21 EDT)
- FLEA-2007-0033-1: firefox thunderbird (Tue Jul 24 2007 - 12:55:32 EDT)
- FLEA-2007-0032-1: flashplayer (Fri Jul 20 2007 - 15:49:23 EDT)
- FLEA-2007-0031-1: xfs (Thu Jul 12 2007 - 15:08:51 EDT)
foster(at)ghc.ru
- Re: Remote File Include In Script SoftNews Media Group (Wed Jul 04 2007 - 02:26:35 EDT)
Francois Larouche
- Official release of SQL Power Injector 1.2 (Mon Jul 16 2007 - 14:06:25 EDT)
FreeBSD Security Advisories
- FreeBSD Security Advisory FreeBSD-SA-07:05.libarchive (Thu Jul 12 2007 - 11:09:47 EDT)
fukami
- Security on AIR: Local file access through JavaScript (Tue Jul 03 2007 - 11:24:01 EDT)
Gadi Evron
- Re: Exploit In Internet Explorer (Tue Jul 31 2007 - 01:01:49 EDT)
- Re: "BIND 9 DNS Cache Poisoning" by Amit Klein (Trusteer) (Fri Jul 27 2007 - 00:40:55 EDT)
- Re: Internet Explorer 0day exploit (Sat Jul 14 2007 - 22:41:38 EDT)
- Re: Internet Explorer 0day exploit (Tue Jul 10 2007 - 11:53:21 EDT)
Gerald Combs
- Re: WinPcap NPF.SYS Privilege Elevation Vulnerability (Tue Jul 10 2007 - 14:37:12 EDT)
Guns(at)0x90.com.ar
- sBlog 0.7.3 Beta XSS Vulnerabilitie (Thu Jul 26 2007 - 19:45:41 EDT)
gynvael(at)coldwind.pl
- Re: Re: [Eleytt] 7LIPIEC2007 (Tue Jul 10 2007 - 17:46:47 EDT)
h4ck3riran(at)yahoo.com
- [Aria-security] community Cross-site Scripting (XSS) (Sun Jul 29 2007 - 12:03:41 EDT)
- [Aria-security] itcms 0.2 Cross-site Scripting (XSS) (Sun Jul 29 2007 - 12:05:23 EDT)
- PHMe CMS 0.0.2 local File Include Vulnerabilitiy (Mon Jul 23 2007 - 10:04:41 EDT)
hack2prison(at)yahoo.com
- phpCoupon Vulnerabilities (Sat Jul 28 2007 - 01:18:04 EDT)
hadihadi_zedehal_2006(at)yahoo.com
- printenv.pl(all versions) cross site scripting Vulnerability (Tue Jul 24 2007 - 10:42:39 EDT)
- dbdisplay.pl(all versions) Remote execut Vulnerability (Tue Jul 24 2007 - 10:47:21 EDT)
Hans Wolters
- security contact for uat.edu needed (Mon Jul 30 2007 - 18:42:30 EDT)
Harri Porten
- Re: Opera/Konqueror: data: URL scheme address bar spoofing (Sat Jul 14 2007 - 16:11:37 EDT)
Heine Deelstra
- [DRUPAL-SA-2007-017] Drupal 5.2 fixes multiple CSRF vulnerabilities (Sun Jul 29 2007 - 17:47:49 EDT)
- [DRUPAL-SA-2007-018] Drupal 4.7.7 and 5.2 fix multiple cross site scripting vulnerabilities (Sun Jul 29 2007 - 17:49:50 EDT)
Hugo van der Kooij
- RE: Internet Explorer 0day exploit (Tue Jul 24 2007 - 01:37:08 EDT)
iDefense Labs
- iDefense Security Advisory 07.26.07: IBM AIX ftp gets() Multiple Buffer Overflow Vulnerabilities (Thu Jul 26 2007 - 17:31:02 EDT)
- iDefense Security Advisory 07.26.07: IBM AIX capture Terminal Control Sequence Buffer Overflow Vulnerability (Thu Jul 26 2007 - 17:27:38 EDT)
- iDefense Security Advisory 07.26.07: IBM AIX pioout Arbitrary Library Loading Vulnerability (Thu Jul 26 2007 - 17:17:29 EDT)
- iDefense Security Advisory 07.24.07: Computer Associates eTrust Intrusion Detection CallCode ActiveX Control Code Execution Vulnerability (Tue Jul 24 2007 - 18:29:03 EDT)
- iDefense Security Advisory 07.24.07: Computer Associates AntiVirus CHM File Handling DoS Vulnerability (Tue Jul 24 2007 - 18:18:54 EDT)
- iDefense Security Advisory 07.23.07: Ipswitch Instant Messaging Server Denial of Service Vulnerability (Mon Jul 23 2007 - 17:33:35 EDT)
- iDefense Security Advisory 07.19.07: Multiple Vendor Multiple Product URI Handler Input Validation Vulnerability (Thu Jul 19 2007 - 12:04:30 EDT)
- iDefense Security Advisory 07.19.07: Opera Software Opera Web Browser BitTorrent Dangling Pointer Vulnerability (Thu Jul 19 2007 - 11:44:48 EDT)
- iDefense Security Advisory 07.18.07: Microsoft DirectX RLE Compressed Targa Image File Heap Overflow (Wed Jul 18 2007 - 16:57:46 EDT)
- iDefense Security Advisory 07.18.07: Ipswitch IMail Server 2006 IMAP Search Command Buffer Overflow Vulnerability (Wed Jul 18 2007 - 17:08:23 EDT)
- iDefense Security Advisory 07.17.07: Computer Associates Alert Notification Server Multiple Buffer Overflow Vulnerabilities (Tue Jul 17 2007 - 20:34:30 EDT)
- iDefense Security Advisory 07.17.07: IBM Tivoli Provisioning Manager for OS Deployment TFTP Blocksize DoS Vulnerability (Tue Jul 17 2007 - 18:35:02 EDT)
- iDefense Security Advisory 07.16.07: Trend Micro OfficeScan Management Console Authorization Bypass Vulnerability (Mon Jul 16 2007 - 18:59:01 EDT)
- iDefense Security Advisory 07.16.07: Trend Micro OfficeScan Session Cookie Buffer Overflow Vulnerability (Mon Jul 16 2007 - 18:57:05 EDT)
- iDefense Security Advisory 07.12.07: Red Hat Enterprise Linux init.d XFS Script chown Race Condition Vulnerability (Thu Jul 12 2007 - 12:37:10 EDT)
- iDefense Security Advisory 07.11.07: Apple QuickTime SMIL File Processing Integer Overflow Vulnerability (Wed Jul 11 2007 - 18:50:06 EDT)
- iDefense Security Advisory 07.11.07: SquirrelMail G/PGP Plugin gpg_recv_key() Command Injection Vulnerability (Wed Jul 11 2007 - 17:18:40 EDT)
- iDefense Security Advisory 07.11.07: SquirrelMail G/PGP Plugin deleteKey() Command Injection Vulnerability (Wed Jul 11 2007 - 17:15:19 EDT)
- iDefense Security Advisory 07.11.07: SquirrelMail G/PGP Plugin gpg_help.php Local File Inclusion Vulnerability (Wed Jul 11 2007 - 17:19:41 EDT)
- iDefense Security Advisory 07.11.07: SquirrelMail G/PGP Plugin gpg_check_sign_pgp_mime() Command Injection Vulnerability (Wed Jul 11 2007 - 17:17:09 EDT)
- iDefense Security Advisory 07.11.07: Symantec AntiVirus symtdi.sys Local Privilege Escalation Vulnerability (Wed Jul 11 2007 - 14:19:20 EDT)
- iDefense Security Advisory 07.11.07: Symantec Backup Exec RPC Remote Heap Overflow Vulnerability (Wed Jul 11 2007 - 14:01:38 EDT)
- iDefense Security Advisory 07.09.07: IBM AIX libodm ODMPATH Stack Overflow Vulnerability (Tue Jul 10 2007 - 13:10:20 EDT)
- iDefense Security Advisory 07.09.07: WinPcap NPF.SYS Local Privilege Escalation Vulnerability (Mon Jul 09 2007 - 16:52:36 EDT)
- iDefense Security Advisory 07.09.07: Multiple Vendor GIMP Multiple Integer Overflow Vulnerabilities (Mon Jul 09 2007 - 17:20:52 EDT)
ilkerkandemir(at)mynet.com
- BellaBook Admin Bypass/Remote Code Execution (Tue Jul 31 2007 - 06:44:20 EDT)
- BellaBiblio Admin Login Bypass (Mon Jul 30 2007 - 15:29:58 EDT)
- Dora Emlak Script v1.0 (tr) Admin Login ByPass (Mon Jul 30 2007 - 15:13:48 EDT)
- phpVoter v0.6 Remote File Include Vulnerability (Mon Jul 30 2007 - 15:12:48 EDT)
- Phorm v3.0 Remote File Upload Vulnerability (Mon Jul 30 2007 - 15:12:06 EDT)
- Madoa Poll v1.1 Remote File Include Vulnerabilities (Mon Jul 30 2007 - 15:11:15 EDT)
- phpWebFileManager v0.5 (PN_PathPrefix) Remote File Include Vulnerability (Mon Jul 30 2007 - 15:10:33 EDT)
- RIG Image Gallery (dir_abs_src) Remote File Include Vulnerability (Mon Jul 30 2007 - 15:09:56 EDT)
info(at)web-app.net
- Re: Menu Manager Mod for WebAPP - No Input Filtering (Sat Jul 14 2007 - 00:56:20 EDT)
Integrigy Alerts
- Oracle E-Business Suite - Multiple Vulnerabilities (Mon Jul 23 2007 - 22:33:57 EDT)
Ivan .
- An Auction Site for Vulnerabilities (Fri Jul 06 2007 - 02:39:29 EDT)
James E. Jones
- 0day linux 2.6 /dev/mem rootkit found (Wed Jul 11 2007 - 11:53:21 EDT)
Jamie Riden
- Re: "BIND 9 DNS Cache Poisoning" by Amit Klein (Trusteer) (Tue Jul 24 2007 - 16:18:47 EDT)
jf
- Re: Guidance Software response to iSEC report on EnCase (fwd) (Fri Jul 27 2007 - 01:03:18 EDT)
Jim Mellander
- Solaris finger bug (Fri Jul 27 2007 - 14:17:39 EDT)
jkloske(at)itee.uq.edu.au
- Re: LFI On SMF 1.1.3 (Tue Jul 17 2007 - 20:51:53 EDT)
Joep Vesseur
- Re: Solaris finger bug (Fri Jul 27 2007 - 15:18:48 EDT)
Johannes Greil
- SEC Consult SA-20070722-0 :: Remote command execution in Joomla! CMS (Sun Jul 22 2007 - 05:36:55 EDT)
john-lindsay(at)ngssoftware.com
- Advisory: Arbitrary kernel mode memory writes in AVG (Wed Jul 11 2007 - 08:55:06 EDT)
Jonathan Smith
- zdnet reports on java vulnerabilities (Fri Jul 13 2007 - 13:42:08 EDT)
Joseph.giron13(at)gmail.com
- Minb Is Not A Blog default password directory (Sun Jul 22 2007 - 06:25:17 EDT)
- Geoblog v1 administrator bypass (Thu Jul 19 2007 - 04:14:25 EDT)
- Insanely simple blog - Multiple vulnerabilities (Tue Jul 17 2007 - 06:08:41 EDT)
Juha-Matti Laurio
- Wii's Internet Channel affected to Flash FLV parser vulnerability (Thu Jul 19 2007 - 17:40:50 EDT)
kaneda(at)bohater.net
- Re: rare bug in Opera 9.20 browser (Sat Jul 21 2007 - 23:45:19 EDT)
Kees Cook
- [USN-493-1] Firefox vulnerabilities (Tue Jul 31 2007 - 22:12:32 EDT)
- [USN-492-1] tcpdump vulnerability (Mon Jul 30 2007 - 23:20:16 EDT)
- [USN-491-1] Bind vulnerability (Wed Jul 25 2007 - 10:09:05 EDT)
- [USN-490-1] Firefox vulnerabilities (Thu Jul 19 2007 - 21:12:02 EDT)
- [USN-486-1] Linux kernel vulnerabilities (Wed Jul 18 2007 - 18:57:48 EDT)
- [USN-489-1] Linux kernel vulnerabilities (Thu Jul 19 2007 - 09:57:31 EDT)
- [USN-489-2] redhat-cluster-suite vulnerability (Thu Jul 19 2007 - 09:57:55 EDT)
- [USN-488-1] mod_perl vulnerability (Tue Jul 17 2007 - 20:03:16 EDT)
- [USN-485-1] PHP vulnerabilities (Tue Jul 17 2007 - 17:17:36 EDT)
- [USN-487-1] Dovecot vulnerability (Tue Jul 17 2007 - 17:57:01 EDT)
- [USN-484-1] curl vulnerability (Tue Jul 17 2007 - 13:34:39 EDT)
- [USN-483-1] libnet-dns-perl vulnerabilities (Fri Jul 13 2007 - 14:57:25 EDT)
- [USN-482-1] OpenOffice.org vulnerability (Wed Jul 11 2007 - 05:17:25 EDT)
- [USN-481-1] ImageMagick vulnerabilities (Tue Jul 10 2007 - 09:32:46 EDT)
- [USN-480-1] Gimp vulnerability (Wed Jul 04 2007 - 18:48:40 EDT)
Ken Kousky
- RE: Internet Explorer 0day exploit (Sat Jul 21 2007 - 11:22:00 EDT)
Kevin P. Fleming
- ASA-2007-017: Remote Crash Vulnerability in STUN implementation (Tue Jul 17 2007 - 19:01:31 EDT)
- ASA-2007-015: Remote Crash Vulnerability in IAX2 channel driver (Tue Jul 17 2007 - 18:57:44 EDT)
- ASA-2007-016: Remote crash vulnerability in Skinny channel driver (Tue Jul 17 2007 - 18:59:40 EDT)
- ASA-2007-014: Stack buffer overflow in IAX2 channel driver (Tue Jul 17 2007 - 18:54:56 EDT)
KJK::Hyperion
- Re: [Full-disclosure] iDefense Security Advisory 07.09.07: WinPcap NPF.SYS Local Privilege Escalation Vulnerability (Wed Jul 11 2007 - 13:35:18 EDT)
Larry Seltzer
- RE: Exploit In Internet Explorer (Mon Jul 30 2007 - 17:55:54 EDT)
larry.gill(at)guidancesoftware.com
- Guidance Software response to iSEC report on EnCase (Thu Jul 26 2007 - 13:51:19 EDT)
LIUDIEYU dot COM
- No Patch for IE on Windows Mobile/CE (Fri Jul 13 2007 - 11:10:59 EDT)
- Two Unpublished IE Cases (Tue Jul 03 2007 - 01:15:22 EDT)
lockoom(at)gmail.com
- Re: Opera/Konqueror: data: URL scheme address bar spoofing (Mon Jul 16 2007 - 06:58:24 EDT)
Marc Ruef
- [scip_Advisory 3159] SiteScape forum prior 7.3 Cross Site Scripting (Fri Jul 13 2007 - 03:14:14 EDT)
Mark Thomas
- CVE-2007-3383: XSS in Tomcat send mail example (Sat Jul 21 2007 - 19:51:11 EDT)
Martin Schulze
- [SECURITY] [DSA 1340-1] New ClamAV packages fix denial of service (Tue Jul 24 2007 - 03:24:05 EDT)
mata(at)kw3rlndoarme.net
- Entertainment CMS Admin Login Bypass (Tue Jul 10 2007 - 11:17:07 EDT)
- Flashbb <= 1.1.7 - Remote File Inclusion Exploit (Tue Jul 10 2007 - 11:16:38 EDT)
Matthew Cook
- ExLibris Aleph and Metalib Cross Site Scripting Attack (Mon Jul 16 2007 - 10:10:23 EDT)
mballano(at)gmail.com
- Re: Re: WinPcap NPF.SYS Privilege Elevation Vulnerability (Tue Jul 10 2007 - 15:21:54 EDT)
- WinPcap NPF.SYS Privilege Elevation Vulnerability (Mon Jul 09 2007 - 19:32:13 EDT)
Metaeye SG
- Re: Advisory - Clam AntiVirus RAR File Handling Denial Of Service Vulnerability. (Wed Jul 11 2007 - 11:46:56 EDT)
- Advisory - Clam AntiVirus RAR File Handling Denial Of Service Vulnerability. (Wed Jul 11 2007 - 11:13:03 EDT)
Michal Bucko
- [Eleytt] 12LIPIEC2007 2007-07-12 (Thu Jul 12 2007 - 17:35:01 EDT)
Michal Zalewski
- MSIE7 entrapment again (+ FF tidbit) (Fri Jul 13 2007 - 18:20:54 EDT)
- Re: [Eleytt] 7LIPIEC2007 (Mon Jul 09 2007 - 12:34:41 EDT)
- Firefox wyciwyg:// cache zone bypass (Mon Jul 09 2007 - 09:37:26 EDT)
michal.bucko(at)eleytt.com
- Re: [Eleytt] 12LIPIEC2007 2007-07-12 (Fri Jul 13 2007 - 14:38:54 EDT)
- Re: Re: [Eleytt] 7LIPIEC2007 (Mon Jul 09 2007 - 15:36:28 EDT)
MichaÅ‚ Melewski
- Re: Re: [Eleytt] 7LIPIEC2007 (Thu Jul 12 2007 - 05:55:13 EDT)
Minded Security Research Labs
- [MSA01110707] Flash Player/Plugin Video file parsing Remote Code Execution (Fri Jul 13 2007 - 12:51:40 EDT)
Moritz Muehlenhoff
- [SECURITY] [DSA 1343-1] New file packages fix arbitrary code execution (Tue Jul 31 2007 - 17:36:42 EDT)
- [SECURITY] [DSA 1342-1] New xfs packages fix privilege escalation (Mon Jul 30 2007 - 14:53:28 EDT)
- [SECURITY] [DSA 1342-2] New bind9 packages fix DNS cache poisoning (Thu Jul 26 2007 - 13:03:40 EDT)
- [SECURITY] [DSA 1341-1] New bind9 packages fix DNS cache poisoning (Wed Jul 25 2007 - 17:13:15 EDT)
- [SECURITY] [DSA 1339-1] New iceape packages fix several vulnerabilities (Mon Jul 23 2007 - 20:00:33 EDT)
- [SECURITY] [DSA 1338-1] New iceweasel packages fix several vulnerabilities (Mon Jul 23 2007 - 13:27:52 EDT)
- [SECURITY] [DSA 1337-1] New xulrunner packages fix several vulnerabilities (Sun Jul 22 2007 - 15:19:22 EDT)
- [SECURITY] [DSA 1336-1] New mozilla-firefox packages fix several vulnerabilities (Sun Jul 22 2007 - 13:43:28 EDT)
- [SECURITY] [DSA 1335-1] New gimp packages fix arbitrary code execution (Wed Jul 18 2007 - 17:47:38 EDT)
- [SECURITY] [DSA 1332-1] New vlc packages fix arbitrary code execution (Mon Jul 09 2007 - 13:56:42 EDT)
- [SECURITY] [DSA 1331-1] New php4 packages fix arbitrary code execution (Sat Jul 07 2007 - 11:00:42 EDT)
- [SECURITY] [DSA 1330-1] New php5 packages fix arbitrary code execution (Sat Jul 07 2007 - 10:24:03 EDT)
mostafa_ragab(at)msn.com
- AzDG Dating Gold v3.0.5 ===> Remote File Include Vulnerability (Thu Jul 12 2007 - 21:33:38 EDT)
Netragard Security Advisories
- [NETRAGARD SECURITY ADVISORY][Maia Mailguard 1.0.2 Arbitrary Code Execution][NETRAGARD-20070628] (Thu Jul 05 2007 - 11:18:54 EDT)
NGSSoftware Insight Security Research
- Low Risk Vulnerability in Active Directory (Wed Jul 11 2007 - 06:07:04 EDT)
- SAP DB Web Server Stack Overflow (Thu Jul 05 2007 - 11:55:11 EDT)
- Internet Communication Manager Denial Of Service Attack (Thu Jul 05 2007 - 11:52:05 EDT)
- SAP Internet Graphics Server XSS and Heap Overflow (Thu Jul 05 2007 - 11:45:33 EDT)
- SAP Message Server Heap Overflow (Thu Jul 05 2007 - 11:49:17 EDT)
- EnjoySAP, SAP GUI for Windows - Stack Overflow (Thu Jul 05 2007 - 11:46:47 EDT)
- Multiple Remote unauthenticated stack overflows in Asterisk chan_sip.c (Wed Jul 04 2007 - 11:47:14 EDT)
- Buffer overflow in HP Instant Support Driver Check (SDD) ActiveX control (Tue Jul 03 2007 - 06:20:34 EDT)
- High Risk Flaw in Sun's Java Web Start (Mon Jul 02 2007 - 15:06:44 EDT)
Nick FitzGerald
- Re: Exploit In Internet Explorer (Mon Jul 30 2007 - 18:35:21 EDT)
Nick S. Coblentz
- Redirection Vulnerability in wp-pass.php, WordPress 2.2.1 (Thu Jul 05 2007 - 11:14:20 EDT)
no-reply(at)aria-security.net
- Re: RFI ====> vBulletin v3.6.5 (Tue Jul 31 2007 - 03:19:44 EDT)
Noam Rathaus
- Re: Advisory - Clam AntiVirus RAR File Handling Denial Of Service Vulnerability. (Wed Jul 11 2007 - 11:32:53 EDT)
not(at)themoment.thanks
- Re: Serious holes affecting JFFNMS (Thu Jul 05 2007 - 07:48:36 EDT)
o_0p(at)hotmail.com
- PHP Comet-Server (Sun Jul 08 2007 - 05:43:05 EDT)
Oliver Karow
- Secure Computing - Security Reporter Auth Bypass and Directory Traversal Vulnerability (Fri Jul 20 2007 - 13:22:14 EDT)
OpenPKG GmbH
- [OpenPKG-SA-2007.022] OpenPKG Security Advisory (bind) (Wed Jul 25 2007 - 06:19:09 EDT)
paraw
- Re: Exploit In Internet Explorer (Mon Jul 30 2007 - 17:11:37 EDT)
Paul Craig
- RE: TippingPoint IPS Signature Evasion (Wed Jul 11 2007 - 16:44:26 EDT)
- Multiple .NET Null Byte Injection Vulnerabilities (Tue Jul 10 2007 - 17:46:12 EDT)
- TippingPoint IPS Signature Evasion (Tue Jul 10 2007 - 17:37:03 EDT)
piercede(at)pdx.edu
- Re: Re: Internet Explorer 0day exploit (Fri Jul 20 2007 - 14:35:47 EDT)
Pranay Kanwar
- Re: [WEB SECURITY] [CVE-2007-3816][Advisory] JWIG Context-Dependent Template Calling Dos (Sat Jul 21 2007 - 10:19:19 EDT)
Radoslav Dejanoviæ
- Re: An Auction Site for Vulnerabilities (Sat Jul 07 2007 - 16:10:32 EDT)
RaeD(at)BsdMail.Com
- RFI ====> vBulletin v3.6.5 (Mon Jul 30 2007 - 04:28:22 EDT)
- Exploit In Internet Explorer (Sun Jul 29 2007 - 04:58:00 EDT)
- Powered By Dvbbs Version 7.1.0 Sp1 By Pass (Wed Jul 11 2007 - 06:46:04 EDT)
Raphael Marichez
- [ GLSA 200707-14 ] tcpdump: Integer overflow (Sat Jul 28 2007 - 18:42:40 EDT)
- [ GLSA 200707-13 ] Fail2ban: Denial of Service (Sat Jul 28 2007 - 18:33:31 EDT)
- [ GLSA 200707-12 ] VLC media player: Format string vulnerabilities (Sat Jul 28 2007 - 16:04:45 EDT)
- [ GLSA 200707-11 ] MIT Kerberos 5: Arbitrary remote code execution (Wed Jul 25 2007 - 18:11:22 EDT)
- [ GLSA 200707-10 ] Festival: Privilege elevation (Wed Jul 25 2007 - 17:30:54 EDT)
- [ GLSA 200707-09 ] GIMP: Multiple integer overflows (Wed Jul 25 2007 - 15:23:12 EDT)
- [ GLSA 200707-08 ] NVClock: Insecure file usage (Tue Jul 24 2007 - 18:48:12 EDT)
- [ GLSA 200707-07 ] MPlayer: Multiple buffer overflows (Tue Jul 24 2007 - 18:33:33 EDT)
- [ GLSA 200707-05 ] Webmin, Usermin: Cross-site scripting vulnerabilities (Thu Jul 05 2007 - 18:56:27 EDT)
- [ GLSA 200707-04 ] GNU C Library: Integer overflow (Tue Jul 03 2007 - 16:52:59 EDT)
- [ GLSA 200707-02 ] OpenOffice.org: Two buffer overflows (Mon Jul 02 2007 - 17:16:54 EDT)
- [ GLSA 200707-01 ] Firebird: Buffer overflow (Sun Jul 01 2007 - 17:41:31 EDT)
RedTeam Pentesting GmbH
- ActiveWeb Contentserver CMS Multiple Cross Site Scriptings (Fri Jul 13 2007 - 03:49:39 EDT)
- ActiveWeb Contentserver CMS SQL Injection Management Interface (Fri Jul 13 2007 - 03:48:48 EDT)
- ActiveWeb Contentserver CMS Editor Permission Settings Problem (Fri Jul 13 2007 - 03:51:14 EDT)
- ActiveWeb Contentserver CMS Clientside Filtering of Page Editor Content (Fri Jul 13 2007 - 03:50:40 EDT)
- Fujitsu-Siemens PRIMERGY BX300 Switch Blade Information Disclosure (Wed Jul 04 2007 - 09:20:39 EDT)
- Fujitsu-Siemens ServerView Remote Command Execution (Wed Jul 04 2007 - 09:17:39 EDT)
research(at)procheckup.com
- PR07-18: Cross-site Scripting (XSS) / HTML injection on Webbler CMS admin login page (1) (Tue Jul 24 2007 - 06:17:13 EDT)
- PR07-20: Webroot disclosure on Webbler CMS (Tue Jul 24 2007 - 06:20:56 EDT)
- PR07-19: Cross-site Scripting (XSS) / HTML injection on Webbler CMS admin login page (2) (Tue Jul 24 2007 - 06:15:59 EDT)
- PR07-21: Webbler CMS forms are susceptible to spamming and phishing abuses (Tue Jul 24 2007 - 06:31:18 EDT)
research(at)symantec.com
- SYMSA-2007-006: Citrix EPA ActiveX Control Design Flaw (Wed Jul 18 2007 - 14:58:02 EDT)
- SYMSA-2007-005: Vista Windows Firewall Incorrectly Applies Filtering to Teredo Interface (Mon Jul 09 2007 - 17:29:06 EDT)
Reversemode
- [Reversemode Advisory] Microsoft DirectX RLE Compressed Targa Image File Heap Overflow (Wed Jul 18 2007 - 18:06:14 EDT)
Robert Swiecki
- Opera/Konqueror: data: URL scheme address bar spoofing (Fri Jul 13 2007 - 19:50:49 EDT)
Roger A. Grimes
- RE: Internet Explorer 0day exploit (Tue Jul 24 2007 - 10:54:00 EDT)
Ronald Chmara
- Re: Anti XSS AJAX (Sat Jul 28 2007 - 02:39:22 EDT)
rPath Update Announcements
- rPSA-2007-0151-1 gvim vim vim-minimal (Tue Jul 31 2007 - 00:05:44 EDT)
- rPSA-2007-0150-1 libvorbis (Fri Jul 27 2007 - 11:25:28 EDT)
- rPSA-2007-0149-1 bind bind-utils (Fri Jul 27 2007 - 06:21:39 EDT)
- rPSA-2007-0147-1 tcpdump (Fri Jul 20 2007 - 08:37:03 EDT)
- rPSA-2007-0148-1 firefox thunderbird (Fri Jul 20 2007 - 08:39:57 EDT)
- rPSA-2007-0145-1 lighttpd (Thu Jul 19 2007 - 07:55:21 EDT)
- rPSA-2007-0143-1 mysql mysql-bench mysql-server (Tue Jul 17 2007 - 08:24:47 EDT)
- rPSA-2007-0142-1 perl-Net-DNS (Tue Jul 17 2007 - 08:11:50 EDT)
- rPSA-2007-0141-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs (Tue Jul 17 2007 - 08:06:26 EDT)
- rPSA-2007-0138-1 gimp (Wed Jul 11 2007 - 19:38:23 EDT)
- rPSA-2007-0137-1 tshark wireshark (Wed Jul 11 2007 - 09:11:52 EDT)
s4m3k(at)ganteng.la
- SolpotCrew Advisory #14 (S4M3K) - PhpHostBot (login_form) Remote File Inclusion (Thu Jul 26 2007 - 00:46:36 EDT)
s4mi(at)LinuxMail.org
- JBlog 1.0 Creat Admin exploit, xss, Cookie Manipulation (Fri Jul 20 2007 - 17:28:53 EDT)
- UseBB 1.0.x Cross Site Scripting (XSS) (Fri Jul 20 2007 - 15:54:36 EDT)
Sacha
- Dotclear remote script execution (Wed Jul 11 2007 - 13:38:36 EDT)
Samael De Icaro
- Another You tube clone script vulnerability (Fri Jul 06 2007 - 18:53:56 EDT)
sapheal(at)hack.pl
- [Eleytt] 7LIPIEC2007 (Sat Jul 07 2007 - 17:02:23 EDT)
scott-REMOVE(at)vbulletin.com
- Re: RFI ====> vBulletin v3.6.5 (Tue Jul 31 2007 - 09:21:26 EDT)
Sebastian Wolfgarten
- Buffer overflow in Areca CLI, version <= 1.72.250 (Sun Jul 22 2007 - 08:59:54 EDT)
Security Guy
- Re: XSS Tunnelling White Paper and Tool (Wed Jul 11 2007 - 08:57:26 EDT)
Security Response Team
- ASA-2007-018: Resource exhaustion vulnerability in IAX2 channel driver (Sun Jul 29 2007 - 19:38:05 EDT)
security(at)mandriva.com
- [ MDKSA-2007:150 ] - Updated clamav packages fix vulnerabilities (Wed Jul 25 2007 - 19:32:46 EDT)
- [ MDKSA-2007:149 ] - Updated BIND9 packages fix vulnerabilities (Wed Jul 25 2007 - 17:18:12 EDT)
- [ MDKSA-2007:148 ] - Updated tcpdump packages fix BGP dissector vulnerability (Wed Jul 25 2007 - 14:38:56 EDT)
- [ MDKSA-2007:147 ] - Updated ImageMagick packages fix multiple vulnerabilities (Fri Jul 20 2007 - 20:42:20 EDT)
- [ MDKSA-2007:146 ] - Updated perl-Net-DNS packages fix multiple vulnerabilities (Thu Jul 12 2007 - 20:49:11 EDT)
- [ MDKSA-2007:145 ] - Updated wireshark packages fix multiple vulnerabilities (Tue Jul 10 2007 - 22:03:33 EDT)
- [ MDKSA-2007:144 ] - Updated OpenOffice.org packages fix RTF import vulnerability (Tue Jul 10 2007 - 15:06:46 EDT)
- [ MDKSA-2007:143 ] - Updated mplayer packages fix buffer overflow remote vulnerabilities (Tue Jul 10 2007 - 05:57:57 EDT)
- [ MDKSA-2007:142 ] - Updated apache packages fix multiple security issues (Thu Jul 05 2007 - 00:08:41 EDT)
- [ MDKSA-2007:141 ] - Updated apache packages fix multiple security issues (Wed Jul 04 2007 - 23:56:57 EDT)
- [ MDKSA-2007:140 ] - Updated apache packages fix multiple security issues (Wed Jul 04 2007 - 23:42:33 EDT)
- [ MDKSA-2007:139 ] - Updated MySQL packages fix multiple security issues (Wed Jul 04 2007 - 18:54:20 EDT)
- [ MDKSA-2007:138 ] - Updated kdebase packages fix Flash Player interaction vulnerability (Tue Jul 03 2007 - 16:37:31 EDT)
security(at)nruns.com
- n.runs-SA-2007.024 - CA eTrust Antivirus Infinite Loop DoS (remote) Advisory (Wed Jul 25 2007 - 09:07:41 EDT)
- n.runs-SA-2007.023 - Norman Antivirus DOC parsing Divide by Zero Advisory (Mon Jul 23 2007 - 13:43:21 EDT)
- n.runs-SA-2007.021 - Norman Antivirus LZH parsing Arbitrary Code Execution Advisory (Mon Jul 23 2007 - 11:02:18 EDT)
- n.runs-SA-2007.022 - Norman Antivirus DOC parsing Detection Bypass Advisory (Mon Jul 23 2007 - 11:03:10 EDT)
- n.runs-SA-2007.020 - Norman Antivirus ACE parsing Arbitrary Code Execution Advisory (Mon Jul 23 2007 - 11:01:27 EDT)
- 2007-07-20 - n.runs-SA-2007.017 - NOD32 Antivirus ASPACK parsing Infinite Loop Advisory (Fri Jul 20 2007 - 15:42:56 EDT)
- 2007-07-20 - n.runs-SA-2007.018 - NOD32 Antivirus ASPACK and FSG parsing Divide by Zero Advisory (Fri Jul 20 2007 - 15:43:50 EDT)
- 2007-07-20 - n.runs-SA-2007.016 - NOD32 Antivirus CAB parsing Arbitrary Code Execution Advisory (Fri Jul 20 2007 - 15:41:53 EDT)
security(at)soqor.net
- security@soqor.net (Sun Jul 29 2007 - 05:53:03 EDT)
security-alert(at)hp.com
- [security bulletin] HPSBMA02133 SSRT061201 rev.5 - HP Oracle for OpenView (OfO) Critical Patch Update (Thu Jul 26 2007 - 11:35:52 EDT)
- [security bulletin] HPSBST02243 SSRT071446 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS07-036 to MS07-041 (Mon Jul 23 2007 - 10:13:53 EDT)
- [security bulletin] HPSBUX02153 SSRT061181 rev.4 - HP-UX Running Firefox, Remote Unauthorized Access or Elevation of Privileges or Denial of Service (DoS) (Mon Jul 23 2007 - 10:14:38 EDT)
- [security bulletin] HPSBGN02234 SSRT071435 rev.1 - HP ServiceGuard for Linux, Local Unauthorized Access, Increase in Privilege (Mon Jul 16 2007 - 08:42:21 EDT)
- [security bulletin] HPSBTU02233 SSRT071424 rev.1 - HP Tru64 UNIX Internet Express running Samba, Remote Arbitrary Code Execution or Local Unauthorized Privilege Elevation (Tue Jul 10 2007 - 08:53:45 EDT)
- [security bulletin] HPSBPI02228 SSRT071404 rev.1 - HP Instant Support - Driver Check Running on Windows XP, Remote Unauthorized Access (Thu Jul 05 2007 - 07:19:05 EDT)
securityfocus(at)networkontap.com
- Re: "BIND 9 DNS Cache Poisoning" by Amit Klein (Trusteer) (Tue Jul 24 2007 - 13:40:35 EDT)
securityresearch(at)netvigilance.com
- eTicket version 1.5.5 XSS Attack Vulnerability (Sat Jul 07 2007 - 09:33:56 EDT)
sirn0n(at)yahoo.com
- LFI On SMF 1.1.3 (Tue Jul 17 2007 - 02:52:13 EDT)
starext(at)msn.com
- Elite Forum Full HTML ENject versin 1.0.0.0 (Fri Jul 20 2007 - 03:02:19 EDT)
Stefan Cornelius
- [ GLSA 200707-06 ] XnView: Stack-based buffer overflow (Wed Jul 11 2007 - 15:47:08 EDT)
Stephen Shankland
- RE: zdnet reports on java vulnerabilities (Fri Jul 13 2007 - 19:54:50 EDT)
Steve Kemp
- [SECURITY] [DSA 1334-1] New freetype packages fix arbitary code execution (Wed Jul 18 2007 - 16:18:17 EDT)
- [SECURITY] [DSA 1333-1] New libcurl3-gnutls packages fix certificate handling (Wed Jul 18 2007 - 16:09:50 EDT)
- [SECURITY] [DSA 1329-1] New gfax packages fix privilege escalation (Thu Jul 05 2007 - 16:11:33 EDT)
- [SECURITY] [DSA 1328-1] New unicon-imc2 packages fix buffer overflow (Sun Jul 01 2007 - 15:12:18 EDT)
- [SECURITY] [DSA 1326-1] New fireflier-server packages fix unsafe temporary files (Sun Jul 01 2007 - 13:56:28 EDT)
- [SECURITY] [DSA 1327-1] New gsambad packages fix unsafe temporary files (Sun Jul 01 2007 - 14:50:24 EDT)
Steve Shockley
- Re: iDefense Security Advisory 07.11.07: Apple QuickTime SMIL File Processing Integer Overflow Vulnerability (Tue Jul 17 2007 - 21:31:38 EDT)
Sw33t.h4cK3r(at)hotmail.com
- SQL Injection in SaphpLesson2.0 "show.php" (Wed Jul 04 2007 - 03:03:00 EDT)
- SQL Injection in saphp "showcat.php" (Wed Jul 04 2007 - 03:09:28 EDT)
Team SHATTER
- Oracle Database Buffer overflow vulnerabilities in procedure DBMS_DRS.GET_PROPERTY (DB03) (Wed Jul 18 2007 - 17:52:12 EDT)
- Oracle Database Buffer overflows and Denial of service vulnerabilities in public procedures of MDSYS.MD (DB12) (Wed Jul 18 2007 - 17:50:13 EDT)
teh_lost_byte(at)yahoo.com
- AV Arcade 2.1b (COOKIE[ava_userid]) Get Admin Rights (Mon Jul 02 2007 - 09:20:32 EDT)
- AV Arcade 2.1b (view_page.php) Remote SQL Injection (Mon Jul 02 2007 - 09:20:05 EDT)
- PHPDirector <= 0.21 (SQL injection/Upload SHELL) Remote Vulnerabilities (Mon Jul 02 2007 - 09:19:02 EDT)
- FreeDomain.co.nr Clone SQL Injection (Mon Jul 02 2007 - 09:17:32 EDT)
Theo de Raadt
- Re: "BIND 9 DNS Cache Poisoning" by Amit Klein (Trusteer) (Thu Jul 26 2007 - 18:50:04 EDT)
Thierry Zoller
- BTsniff - Bleutooth sniffing under *nix (Fri Jul 27 2007 - 12:14:53 EDT)
Thor Lancelot Simon
- Re: Sudo: local root compromise with krb5 enabled (Mon Jul 16 2007 - 13:22:22 EDT)
Thor Larholm
- Re: Mozilla protocol abuse (Wed Jul 25 2007 - 21:32:15 EDT)
- Mozilla protocol abuse (Wed Jul 25 2007 - 14:48:23 EDT)
- Internet Explorer 0day exploit (Tue Jul 10 2007 - 01:09:23 EDT)
Tim
- Re: "BIND 9 DNS Cache Poisoning" by Amit Klein (Trusteer) (Fri Jul 27 2007 - 12:37:49 EDT)
Tim Newsham
- Re: "BIND 9 DNS Cache Poisoning" by Amit Klein (Trusteer) (Fri Jul 27 2007 - 14:54:33 EDT)
tomaz.bratusa(at)teamintell.com
- Session fixation in Zen Cart CMS (Thu Jul 05 2007 - 02:36:49 EDT)
Trustix Security Advisor
- TSLSA-2007-0023 - multi (Sat Jul 28 2007 - 04:00:51 EDT)
TSRT(at)3com.com
- TPTI-07-13: Borland Interbase ibserver.exe Create-Request Buffer Overflow Vulnerability (Tue Jul 24 2007 - 16:43:32 EDT)
- TPTI-07-12: Multiple Vendor Progress Server Heap Overflow Vulnerability (Thu Jul 12 2007 - 20:54:00 EDT)
- ZDI-07-040: Symantec AntiVirus Engine CAB Parsing Heap Overflow Vulnerability (Thu Jul 12 2007 - 20:56:28 EDT)
urtrapped9(at)gmail.com
- Bogus BID 24744 (Thu Jul 12 2007 - 14:14:18 EDT)
- Regarding http://www.securityfocus.com/bid/24744 (Tue Jul 10 2007 - 11:27:45 EDT)
web-app(at)hotmail.com
- Re: Re: Menu Manager Mod for WebAPP - No Input Filtering (Mon Jul 16 2007 - 17:53:57 EDT)
Williams, James K
- RE: [CAID 35525, 35526]: CA Products Arclib Library Denial of Service Vulnerabilities (Thu Jul 26 2007 - 10:30:39 EDT)
- [CAID 35527]: CA Message Queuing (CAM / CAFT) Buffer Overflow Vulnerability (Tue Jul 24 2007 - 21:00:39 EDT)
- [CAID 35525, 35526]: CA Products Arclib Library Denial of Service Vulnerabilities (Tue Jul 24 2007 - 20:55:37 EDT)
- [CAID 35524]: CA eTrust Intrusion Detection caller.dll Vulnerability (Tue Jul 24 2007 - 20:49:53 EDT)
- [CAID 35515]: CA Products Alert Service RPC Procedure Buffer Overflow Vulnerabilities (Thu Jul 19 2007 - 14:10:40 EDT)
yollubunlar(at)yollubunlar.org
- Friend Script 2.5 - 2.4 Remote File İnclude (Fri Jul 27 2007 - 19:48:04 EDT)
- SuskunDuygular - yelik Sistemi v.1 Sql (Fri Jul 27 2007 - 19:50:09 EDT)
- Berthanas Ziyaretci Defteri v2.0 (tr) Sql (Fri Jul 27 2007 - 19:51:11 EDT)
zdi-disclosures(at)3com.com
- ZDI-07-044: BakBone NetVault Reporter Scheduler Heap Overflow Vulnerability (Wed Jul 25 2007 - 15:21:11 EDT)
- ZDI-07-043: Ipswitch IMail IMAP Daemon SUBSCRIBE Stack Overflow Vulnerability (Tue Jul 24 2007 - 15:24:11 EDT)
- ZDI-07-042: Ipswitch IMail Server GetIMailHostEntry Memory Corruption Vulnerability (Tue Jul 24 2007 - 15:22:08 EDT)
- ZDI-07-039: Symantec AntiVirus Engine RAR File Parsing DoS Vulnerability (Thu Jul 12 2007 - 20:56:18 EDT)
Zow
- Re: Internet Explorer 0day exploit (Thu Jul 19 2007 - 16:06:08 EDT)
- Re: Internet Explorer 0day exploit (Wed Jul 18 2007 - 12:53:09 EDT)
Åukasz Pilorz
- CodeIgniter 1.5.3 vulnerabilities (Sun Jul 08 2007 - 11:54:09 EDT)
- 379 messages sort by: [ thread ] [ date ] [ subject ] [ attachment ]
This archive was generated by hypermail 2.1.8 : Sun Oct 28 2007 - 06:19:42 EDT