Hosting Provided By

Mailing List Archive For bugtraq@securityfocus.com Aug 2007 By Subject

24th Chaos Communication Congress 2007: Call for Participation
- fukami (Fri Aug 24 2007 - 05:52:08 EDT)
[ GLSA 200708-01 ] Macromedia Flash Player: Remote arbitrary code execution
- Raphael Marichez (Wed Aug 08 2007 - 16:50:47 EDT)
[ GLSA 200708-02 ] Xvid: Array indexing vulnerabilities
- Raphael Marichez (Wed Aug 08 2007 - 17:26:36 EDT)
[ GLSA 200708-03 ] libarchive (formerly named as bsdtar): Multiple pax Extension Header Vulnerabilities
- Raphael Marichez (Wed Aug 08 2007 - 18:43:11 EDT)
[ GLSA 200708-04 ] ClamAV: Denial of Service
- Raphael Marichez (Thu Aug 09 2007 - 18:10:50 EDT)
[ GLSA 200708-05 ] GD: Multiple vulnerabilities
- Raphael Marichez (Thu Aug 09 2007 - 18:21:06 EDT)
[ GLSA 200708-06 ] Net::DNS: Multiple vulnerabilities
- Raphael Marichez (Sat Aug 11 2007 - 17:32:22 EDT)
[ GLSA 200708-07 ] Xfce Terminal: Remote arbitrary code execution
- Raphael Marichez (Sat Aug 11 2007 - 17:59:18 EDT)
[ GLSA 200708-08 ] SquirrelMail G/PGP plugin: Arbitrary code execution
- Raphael Marichez (Sat Aug 11 2007 - 18:18:48 EDT)
[ GLSA 200708-09 ] Mozilla products: Multiple vulnerabilities
- Raphael Marichez (Tue Aug 14 2007 - 19:27:56 EDT)
[ GLSA 200708-10 ] MySQL: Denial of Service and information leakage
- Raphael Marichez (Thu Aug 16 2007 - 13:02:20 EDT)
[ GLSA 200708-11 ] Lighttpd: Multiple vulnerabilities
- Raphael Marichez (Thu Aug 16 2007 - 15:44:13 EDT)
[ GLSA 200708-12 ] Wireshark: Multiple vulnerabilities
- Raphael Marichez (Thu Aug 16 2007 - 15:55:00 EDT)
[ GLSA 200708-13 ] BIND: Weak random number generation
- Raphael Marichez (Sat Aug 18 2007 - 13:38:00 EDT)
[ GLSA 200708-14 ] NVIDIA drivers: Denial of Service
- Raphael Marichez (Sun Aug 19 2007 - 18:47:54 EDT)
[ GLSA 200708-15 ] Apache mod_jk: Directory traversal
- Raphael Marichez (Sun Aug 19 2007 - 18:57:24 EDT)
[ GLSA 200708-16 ] Qt: Multiple format string vulnerabilities
- Raphael Marichez (Wed Aug 22 2007 - 18:28:05 EDT)
[ GLSA 200708-17 ] Opera: Multiple vulnerabilities
- Raphael Marichez (Wed Aug 22 2007 - 18:41:22 EDT)
[ MDKSA-2007:151 ] - Updated qt3 packages fix multiple vulnerabilities
- security(at)mandriva.com (Wed Aug 01 2007 - 17:56:11 EDT)
[ MDKSA-2007:152 ] - Updated Firefox packages fix multiple vulnerabilities
- security(at)mandriva.com (Wed Aug 01 2007 - 21:48:43 EDT)
[ MDKSA-2007:153 ] - Updated gd packages fix several vulnerabilities
- security(at)mandriva.com (Fri Aug 03 2007 - 21:09:19 EDT)
[ MDKSA-2007:154 ] - Updated xine-ui packages fix denial of service and arbitrary code execution
- security(at)mandriva.com (Thu Aug 09 2007 - 19:34:22 EDT)
[ MDKSA-2007:155 ] - Updated tcpdump packages fix remote denial of service
- security(at)mandriva.com (Thu Aug 09 2007 - 20:41:58 EDT)
[ MDKSA-2007:156 ] - Updated imlib2 packages fix several issues
- security(at)mandriva.com (Fri Aug 10 2007 - 18:47:14 EDT)
[ MDKSA-2007:157 ] - Updated kdelibs packages fix cross-site scripting (XSS) vulnerabilities
- security(at)mandriva.com (Fri Aug 10 2007 - 20:58:41 EDT)
[ MDKSA-2007:158 ] - Updated xpdf packages fix vulnerability
- security(at)mandriva.com (Mon Aug 13 2007 - 20:29:11 EDT)
[ MDKSA-2007:159 ] - Updated gpdf packages fix vulnerability
- security(at)mandriva.com (Mon Aug 13 2007 - 20:33:15 EDT)
[ MDKSA-2007:160 ] - Updated pdftohtml packages fix vulnerability
- security(at)mandriva.com (Mon Aug 13 2007 - 20:48:31 EDT)
[ MDKSA-2007:161 ] - Updated poppler packages fix vulnerability
- security(at)mandriva.com (Mon Aug 13 2007 - 23:02:11 EDT)
[ MDKSA-2007:162 ] - Updated kdegraphics packages fix vulnerability
- security(at)mandriva.com (Tue Aug 14 2007 - 16:22:24 EDT)
[ MDKSA-2007:163 ] - Updated koffice packages fix vulnerability
- security(at)mandriva.com (Tue Aug 14 2007 - 17:02:56 EDT)
[ MDKSA-2007:164 ] - Updated tetex packages fix multiple vulnerabilities
- security(at)mandriva.com (Tue Aug 14 2007 - 18:26:14 EDT)
[ MDKSA-2007:165 ] - Updated cups packages fix vulnerability
- security(at)mandriva.com (Wed Aug 15 2007 - 15:54:22 EDT)
[ MDKSA-2007:166 ] - Updated rsync packages fix off-by-one buffer overflow
- security(at)mandriva.com (Sat Aug 18 2007 - 20:32:38 EDT)
[ MDKSA-2007:167 ] - Updated libvorbis packages fix vulnerabilities
- security(at)mandriva.com (Sat Aug 18 2007 - 20:43:52 EDT)
[ MDKSA-2007:167-1 ] - Updated libvorbis packages fix vulnerabilities
- security(at)mandriva.com (Mon Aug 20 2007 - 15:25:25 EDT)
[ MDKSA-2007:168 ] - Updated vim packages fix vulnerability
- security(at)mandriva.com (Tue Aug 21 2007 - 20:01:36 EDT)
[ MDKSA-2007:169 ] - Updated gdm packages fix DoS vulnerability
- security(at)mandriva.com (Wed Aug 22 2007 - 00:56:07 EDT)
[ MDKSA-2007:170 ] - Updated gimp packages fix input data validation issues in several plugins
- security(at)mandriva.com (Thu Aug 23 2007 - 15:05:23 EDT)
[ MDKSA-2007:171 ] - Updated kernel packages fix multiple vulnerabilities and bugs
- security(at)mandriva.com (Tue Aug 28 2007 - 14:22:09 EDT)
[ MDKSA-2007:172 ] - Updated clamav packages vulnerabilities
- security(at)mandriva.com (Fri Aug 31 2007 - 21:36:35 EDT)
[Aria-Security.Net] Gallery In A Box Username & Password Parameters SQL Injection
- Advisory(at)Aria-security.net (Thu Aug 02 2007 - 19:28:23 EDT)
[Aria-Security.Net] Next Gen Portfolio Manager SQL Injection
- Advisory(at)Aria-security.net (Fri Aug 03 2007 - 00:05:55 EDT)
[Aria-Security.net] SAS Hotel Management System SQL Injection
- Advisory(at)Aria-security.net (Thu Aug 09 2007 - 03:33:56 EDT)
[BuHa-Security] DoS Vulnerability in Konqueror 3.5.7
- bugtraq(at)morph3us.org (Wed Aug 01 2007 - 15:20:20 EDT)
[BuHa-Security] Winamp 5.35 (Infinite) M3U File Inclusion DoS Vulnerability
- bugtraq(at)morph3us.org (Wed Aug 01 2007 - 06:54:59 EDT)
[BuHa-Security] Winamp 5.35 (Infinite) M3U File Inclusion Stack Overflow
- Werner Van Belle (Wed Aug 01 2007 - 15:46:28 EDT)
[CFP] Kiwicon 2k7 - Call For Papers
- kiwicon(at)kiwicon.org (Fri Aug 03 2007 - 21:34:45 EDT)
[ELEYTT] 3SIERPIEN2007
- Michal Bucko (Thu Aug 09 2007 - 18:48:11 EDT)
- xyborg(at)gmail.com (Mon Aug 06 2007 - 01:40:21 EDT)
- Michal Bucko (Sat Aug 04 2007 - 17:10:44 EDT)
- Michal Zalewski (Sat Aug 04 2007 - 16:05:23 EDT)
- Michal Bucko (Fri Aug 03 2007 - 18:08:02 EDT)
- Michal Zalewski (Fri Aug 03 2007 - 16:29:58 EDT)
- Michal Bucko (Fri Aug 03 2007 - 11:48:07 EDT)
[ELEYTT] 4SIERPIEN2007
- support1(at)advancedsearchbar.com (Thu Aug 09 2007 - 06:48:52 EDT)
- Michal Bucko (Sat Aug 04 2007 - 08:19:34 EDT)
[Full-disclosure] Konqueror: URL address bar spoofing vulnerabilities
- Patrick Nagel (Tue Aug 07 2007 - 16:58:44 EDT)
- Jonathan Smith (Mon Aug 06 2007 - 19:33:43 EDT)
- Robert Swiecki (Tue Aug 07 2007 - 01:13:05 EDT)
[Full-disclosure] McAfee Virus Scan for Linux and Unix v5.10.0 Local Buffer Overflow
- Harry Muchow (Wed Aug 15 2007 - 11:48:39 EDT)
[Full-disclosure] SecNiche : Microsoft Internet Explorer Pop up Blocker Bypassing and Dos Vulnerability
- Debasis Mohanty (Wed Aug 15 2007 - 12:57:08 EDT)
- Aditya K Sood (Fri Aug 17 2007 - 01:59:14 EDT)
[HISPASEC] Blizzard StarCraft Brood War 1.15.1 Remote DoS
- Gynvael Coldwind (Wed Aug 29 2007 - 08:24:30 EDT)
[HISPASEC] Fileinfo 2.0.9 plugin for Total Commander multiple vulnerabilities
- Gynvael Coldwind (Mon Aug 20 2007 - 16:00:11 EDT)
[HS-A007] Qbik WinGate Remote Denial of Service
- Harmony Security Advisory (Fri Aug 10 2007 - 00:28:42 EDT)
[o0o] Bypassing servlet input validation filters (OWASP Stinger + Struts example)
- Meder Kydyraliev (Mon Aug 13 2007 - 12:45:21 EDT)
[Reversemode Advisory] CheckPoint ZoneLabs Vsdatant.sys multiple local privilege escalation vulnerabilities
- Reversemode (Mon Aug 20 2007 - 12:56:34 EDT)
[security bulletin] HPSBMA02235 SSRT061260 rev.1 - HP OpenView Internet Service (OVIS) Running Shared Trace Service, Remote Arbitrary Code Execution
- security-alert(at)hp.com (Mon Aug 13 2007 - 16:15:51 EDT)
[security bulletin] HPSBMA02237 SSRT061260 rev.1 - HP OpenView Performance Agent (OVPA) Running Shared Trace Service, Remote Arbitrary Code Execution
- security-alert(at)hp.com (Mon Aug 13 2007 - 16:17:25 EDT)
[security bulletin] HPSBMA02238 SSRT061260 rev.1 - HP OpenView Reporter Running Shared Trace Service, Remote Arbitrary Code Execution
- security-alert(at)hp.com (Mon Aug 13 2007 - 16:18:16 EDT)
[security bulletin] HPSBMA02239 SSRT061260 rev.1 - HP OpenView Operations (OVO) Agents Running Shared Trace Service, Remote Arbitrary Code Execution
- security-alert(at)hp.com (Mon Aug 13 2007 - 16:19:22 EDT)
[security bulletin] HPSBMA02241 SSRT061260 rev.1 - HP OpenView Service Quality Manager (OV SQM) Running Shared Trace Service, Remote Arbitrary Code Execution
- security-alert(at)hp.com (Mon Aug 13 2007 - 16:20:14 EDT)
[security bulletin] HPSBMA02242 SSRT061260 rev.1 - HP OpenView Network Node Manager (OV NNM) Running Shared Trace Service, Remote Arbitrary Code Execution
- security-alert(at)hp.com (Mon Aug 13 2007 - 16:21:18 EDT)
[security bulletin] HPSBMA02244 SSRT061260 rev.1 - HP OpenView Business Process Insight and Related Products Running Shared Trace Service, Remote Arbitrary Code Execution
- security-alert(at)hp.com (Mon Aug 13 2007 - 16:22:20 EDT)
[security bulletin] HPSBMA02245 SSRT061260 rev.1 - HP OpenView Dashboard Running Shared Trace Service, Remote Arbitrary Code Execution
- security-alert(at)hp.com (Mon Aug 13 2007 - 16:23:24 EDT)
[security bulletin] HPSBMA02246 SSRT061260 rev.1 - HP OpenView Performance Insight (OVPI) Running Shared Trace Service, Remote Arbitrary Code Execution --------
- security-alert(at)hp.com (Mon Aug 13 2007 - 16:25:46 EDT)
[security bulletin] HPSBMA02250 SSRT061275 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Execution of Arbitrary Code and Denial of Service (DoS)
- security-alert(at)hp.com (Mon Aug 06 2007 - 10:22:17 EDT)
[security bulletin] HPSBUX02247 SSRT071432 rev.1 - HP-UX Running ARPA Transport, Local Denial of Service (DoS)
- security-alert(at)hp.com (Wed Aug 01 2007 - 06:15:34 EDT)
[security bulletin] HPSBUX02248 SSRT071437 rev.1 - HP-UX Running ARPA Transport, Remote Denial of Service (DoS)
- security-alert(at)hp.com (Wed Aug 01 2007 - 06:14:45 EDT)
[security bulletin] HPSBUX02251 SSRT071449 rev.1 - HP-UX Running BIND, Remote DNS Cache Poisoning
- security-alert(at)hp.com (Mon Aug 06 2007 - 10:23:09 EDT)
[SECURITY] [DSA 1344-1] New iceweasel packages fix several vulnerabilities
- Moritz Muehlenhoff (Fri Aug 03 2007 - 11:57:59 EDT)
[SECURITY] [DSA 1345-1] New xulrunner packages fix several vulnerabilities
- Moritz Muehlenhoff (Sat Aug 04 2007 - 07:42:41 EDT)
[SECURITY] [DSA 1346-1] New iceape packages fix several vulnerabilities
- Moritz Muehlenhoff (Sat Aug 04 2007 - 07:54:19 EDT)
[SECURITY] [DSA 1347-1] New xpdf packages fix arbitrary code execution
- Moritz Muehlenhoff (Sat Aug 04 2007 - 08:55:49 EDT)
[SECURITY] [DSA 1348-1] New poppler packages fix arbitrary code execution
- Moritz Muehlenhoff (Sat Aug 04 2007 - 09:04:16 EDT)
[SECURITY] [DSA 1349-1] New libextractor packages fix arbitrary code execution
- Moritz Muehlenhoff (Sun Aug 05 2007 - 16:05:24 EDT)
[SECURITY] [DSA 1350-1] New tetex-bin packages fix arbitrary code execution
- Moritz Muehlenhoff (Mon Aug 06 2007 - 13:32:16 EDT)
[SECURITY] [DSA 1351-] New bochs packages fix privilege escalation
- Moritz Muehlenhoff (Tue Aug 07 2007 - 17:19:59 EDT)
[SECURITY] [DSA 1352-1] New pdfkit.framework packages fix arbitrary code execution
- Moritz Muehlenhoff (Tue Aug 07 2007 - 17:25:54 EDT)
[SECURITY] [DSA 1353-1] New tcpdump packages fix arbitrary code execution
- Moritz Muehlenhoff (Sat Aug 11 2007 - 06:59:22 EDT)
[SECURITY] [DSA 1354-1] New gpdf packages fix arbitrary code execution
- Moritz Muehlenhoff (Mon Aug 13 2007 - 13:13:33 EDT)
[SECURITY] [DSA 1355-1] New kdegraphics packages fix arbitrary code execution
- Moritz Muehlenhoff (Mon Aug 13 2007 - 15:18:23 EDT)
[SECURITY] [DSA 1356-1] New Linux 2.6.18 packages fix several vulnerabilities
- dann frazier (Wed Aug 15 2007 - 21:00:53 EDT)
[SECURITY] [DSA 1357-1] New koffice packages fix arbitrary code execution
- Moritz Muehlenhoff (Sun Aug 19 2007 - 17:04:45 EDT)
[SECURITY] [DSA 1358-1] New asterisk packages fix several vulnerabilities
- Moritz Muehlenhoff (Sun Aug 26 2007 - 04:04:07 EDT)
[SECURITY] [DSA 1359-1] New dovecot packages fix directory traversal
- Steve Kemp (Tue Aug 28 2007 - 13:58:39 EDT)
[SECURITY] [DSA 1360-1] New rsync packages fix arbitrary code execution
- Steve Kemp (Tue Aug 28 2007 - 14:07:55 EDT)
[SECURITY] [DSA 1361-1] New postfix-policyd packages fix arbitrary code execution
- Steve Kemp (Wed Aug 29 2007 - 16:43:36 EDT)
[SECURITY] [DSA 1362-1] New lighttpd packages fix several vulnerabilities
- Steve Kemp (Wed Aug 29 2007 - 17:21:11 EDT)
[SECURITY] [DSA 1363-1] New Linux 2.6.18 packages fix several vulnerabilities
- dann frazier (Fri Aug 31 2007 - 19:33:55 EDT)
[USN-469-2] Enigmail regression
- Kees Cook (Tue Aug 28 2007 - 20:51:01 EDT)
[USN-494-1] Gimp vulnerability
- Kees Cook (Thu Aug 02 2007 - 02:15:37 EDT)
[USN-495-1] Qt vulnerability
- Martin Pitt (Fri Aug 03 2007 - 06:34:59 EDT)
[USN-496-1] koffice vulnerability
- Martin Pitt (Fri Aug 03 2007 - 06:34:53 EDT)
[USN-496-2] poppler vulnerability
- Kees Cook (Tue Aug 07 2007 - 19:28:00 EDT)
[USN-497-1] xfce4-terminal vulnerability
- Kees Cook (Mon Aug 13 2007 - 23:32:55 EDT)
[USN-498-1] libvorbis vulnerabilities
- Kees Cook (Thu Aug 16 2007 - 01:23:12 EDT)
[USN-499-1] Apache vulnerabilities
- Kees Cook (Fri Aug 17 2007 - 00:41:48 EDT)
[USN-500-1] rsync vulnerability
- Kees Cook (Mon Aug 20 2007 - 18:37:44 EDT)
[USN-501-1] jasper vulnerability
- Kees Cook (Tue Aug 21 2007 - 00:57:55 EDT)
[USN-502-1] KDE vulnerabilities
- Kees Cook (Fri Aug 24 2007 - 15:03:17 EDT)
[USN-503-1] Thunderbird vulnerabilities
- Kees Cook (Mon Aug 27 2007 - 02:02:40 EDT)
[USN-504-1] Emacs vulnerability
- Kees Cook (Tue Aug 28 2007 - 17:51:58 EDT)
[USN-505-1] vim vulnerability
- Kees Cook (Tue Aug 28 2007 - 17:53:01 EDT)
[USN-506-1] tar vulnerability
- Kees Cook (Tue Aug 28 2007 - 17:53:35 EDT)
[USN-507-1] tcp-wrappers vulnerability
- Kees Cook (Wed Aug 29 2007 - 20:05:07 EDT)
[USN-508-1] Linux kernel vulnerabilities
- Kees Cook (Fri Aug 31 2007 - 00:46:07 EDT)
[USN-509-1] Linux kernel vulnerabilities
- Kees Cook (Thu Aug 30 2007 - 20:55:57 EDT)
[USN-510-1] Linux kernel vulnerabilities
- Kees Cook (Fri Aug 31 2007 - 14:42:10 EDT)
[Whitepaper SecNiche] Insecurities in Implementing Serialization in BISON
- Aditya K Sood (Sat Aug 04 2007 - 01:17:36 EDT)
Abledesign Dynamic Picture Frame XSS
- morin.josh(at)gmail.com (Sun Aug 26 2007 - 16:45:09 EDT)
about recent phpMyAdmin "vulnerabilities"
- Marc Delisle (Fri Aug 24 2007 - 08:02:23 EDT)
Aceboard forum, SQL injection
- karmaguedon(at)hotmail.com (Fri Aug 03 2007 - 08:13:39 EDT)
Active Gmail "Sidejacking" - https is NOT ENOUGH
- Mike Perry (Mon Aug 06 2007 - 00:50:34 EDT)
AL-Athkar.v2.0 Remote File Include
- RaeD(at)BsdMail.Com (Sat Aug 04 2007 - 12:04:19 EDT)
AL-Caricatier V.2.5 Remote File Include
- RaeD(at)BsdMail.Com (Sat Aug 04 2007 - 11:54:59 EDT)
ALL vgallite Remote File Include
- RaeD(at)BsdMail.Com (Sat Aug 04 2007 - 12:00:17 EDT)
Announcement: Releasing CORE GRASP for PHP. An open source, dynamic web application protection system.
- Ezequiel Gutesman (Wed Aug 22 2007 - 15:59:46 EDT)
- Ezequiel Gutesman (Wed Aug 22 2007 - 12:26:55 EDT)
Another Oracle Forensics Paper...
- David Litchfield (Thu Aug 16 2007 - 08:12:36 EDT)
Ariadne CMS Remote File Inclusion
- Advisory(at)Aria-security.net (Mon Aug 06 2007 - 17:41:32 EDT)
ASA-2007-019: Remote crash vulnerability in Skinny channel driver
- Security Response Team (Tue Aug 07 2007 - 18:07:34 EDT)
AST-2007-020: Resource Exhaustion Vulnerability in Asterisk SIP channel driver
- Asterisk Security Team (Tue Aug 21 2007 - 17:08:27 EDT)
AST-2007-021: Crash from invalid/corrupted MIME bodies when using voicemail with IMAP storage
- Asterisk Security Team (Fri Aug 24 2007 - 18:26:10 EDT)
Astaro DOS and POP3 bypass issues partially resolved
- William Warren (Sat Aug 18 2007 - 20:48:01 EDT)
AuraCMS [Forum Module] - Remote SQL Injection
- k1tk4t(at)newhack.org (Sun Aug 05 2007 - 19:04:57 EDT)
Aztech router DSL600EU IP and ARP spoof
- acheddamiman(at)gmail.com (Thu Aug 30 2007 - 19:10:01 EDT)
Baidu Soba Remote Code Execute Vulnerability(FGA-2007-10)
- hfli (Wed Aug 01 2007 - 21:57:15 EDT)
Beautifier Version 0.1 Remote File Include Vulnerability // MefistoLabs.Com
- ilkerkandemir(at)mynet.com (Sat Aug 11 2007 - 11:06:24 EDT)
BellaBook Admin Bypass/Remote Code Execution
- jem(at)jemjabella.co.uk (Wed Aug 01 2007 - 13:36:47 EDT)
Best Top List Remote File Upload Vulnerability
- rizgar(at)linuxmail.org (Sat Aug 11 2007 - 12:51:00 EDT)
BH/DC: Tactical Exploitation Materials
- H D Moore (Thu Aug 09 2007 - 19:38:15 EDT)
Bilder Uploader 1.3 Remote Command Execution Vulnerability
- rizgar(at)linuxmail.org (Thu Aug 09 2007 - 12:17:32 EDT)
BIND 8 EOL and BIND 8 DNS Cache Poisoning (Amit Klein, Trusteer)
- Amit Klein (Mon Aug 27 2007 - 15:01:56 EDT)
Buffer-overflow in the Asura engine
- Luigi Auriemma (Wed Aug 22 2007 - 19:13:28 EDT)
C-SAM oneWallet forget password Cross Site Scripting vulnerability
- tusharvartak(at)hotmail.com (Tue Aug 07 2007 - 03:33:51 EDT)
Camino release 1.5.1 fixes several vulnerabilities
- Juha-Matti Laurio (Wed Aug 22 2007 - 15:09:47 EDT)
cfp: TRsec, Istanbul Turkey
- gadie(at)beyondsecurity.com (Sun Aug 05 2007 - 05:26:53 EDT)
Cisco CSS WebNS ssh crash
- NetExpress (Thu Aug 30 2007 - 12:02:36 EDT)
Cisco NHRP denial of service (cisco-sa-20070808-nhrp)
- Martin Kluge (Thu Aug 09 2007 - 04:54:38 EDT)
Cisco Security Advisory: Cisco IOS Secure Copy Authorization Bypass Vulnerability
- Cisco Systems Product Security Incident Response Team (Wed Aug 08 2007 - 12:37:21 EDT)
Cisco Security Advisory: Local Privilege Escalation Vulnerabilities in Cisco VPN Client
- Cisco Systems Product Security Incident Response Team (Wed Aug 15 2007 - 12:49:35 EDT)
Cisco Security Advisory: XSS and SQL Injection in Cisco CallManager/Unified Communications Manager Logon Page
- Cisco Systems Product Security Incident Response Team (Wed Aug 29 2007 - 12:55:34 EDT)
Community input/questions for ISOI 3?
- Gadi Evron (Sat Aug 25 2007 - 23:41:37 EDT)
Contact at Secure Computing
- Dave Piscitello (Tue Aug 14 2007 - 12:54:20 EDT)
ContentDM Search.php XSS Vulnerability
- Monkeyboy9997(at)hotmail.com (Sat Aug 04 2007 - 06:55:13 EDT)
Coppermine Photo Gallery (yabbse.inc.php) Remote File Inclusion Vulnerability
- laurent.gaffie(at)gmail.com (Thu Aug 09 2007 - 18:49:43 EDT)
- master-of-desastor(at)hotmail.com (Mon Aug 06 2007 - 23:23:04 EDT)
CORRECTION: EXPL0it FIXED :JPG PoC denial of service exploit by CrazyAngel
- ifsecure(at)gmail.com (Tue Aug 07 2007 - 08:57:30 EDT)
- reza_zahfaran(at)yahoo.com (Mon Aug 06 2007 - 03:54:05 EDT)
COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability
- Dan Yefimov (Sat Aug 18 2007 - 07:02:49 EDT)
- Glynn Clements (Fri Aug 17 2007 - 17:33:35 EDT)
- Nicolas Rachinsky (Fri Aug 17 2007 - 16:20:48 EDT)
- Dan Yefimov (Fri Aug 17 2007 - 16:35:40 EDT)
- Glynn Clements (Fri Aug 17 2007 - 09:37:30 EDT)
- x82_(at)bk.ru (Thu Aug 16 2007 - 12:44:14 EDT)
- Dan Yefimov (Fri Aug 17 2007 - 10:07:18 EDT)
- Dan Yefimov (Thu Aug 16 2007 - 21:27:40 EDT)
- Glynn Clements (Thu Aug 16 2007 - 15:37:23 EDT)
- Glynn Clements (Wed Aug 15 2007 - 21:18:53 EDT)
- Dan Yefimov (Thu Aug 16 2007 - 09:17:29 EDT)
- Wojciech Purczynski (Wed Aug 15 2007 - 17:37:53 EDT)
- Dan Yefimov (Wed Aug 15 2007 - 18:16:53 EDT)
- Dan Yefimov (Wed Aug 15 2007 - 17:19:31 EDT)
- Dan Yefimov (Wed Aug 15 2007 - 16:50:58 EDT)
- Wojciech Purczynski (Wed Aug 15 2007 - 17:05:09 EDT)
- Wojciech Purczynski (Wed Aug 15 2007 - 16:31:44 EDT)
- Wojciech Purczynski (Wed Aug 15 2007 - 15:09:48 EDT)
- Dan Yefimov (Wed Aug 15 2007 - 13:54:35 EDT)
- Dan Yefimov (Wed Aug 15 2007 - 08:46:28 EDT)
- Glynn Clements (Wed Aug 15 2007 - 11:23:07 EDT)
- x82_(at)bk.ru (Wed Aug 15 2007 - 06:19:43 EDT)
- Wojciech Purczynski (Tue Aug 14 2007 - 16:18:38 EDT)
- Wojciech Purczynski (Tue Aug 14 2007 - 17:03:46 EDT)
- Dan Yefimov (Tue Aug 14 2007 - 16:49:49 EDT)
- Dan Yefimov (Tue Aug 14 2007 - 14:20:32 EDT)
- Wojciech Purczynski (Tue Aug 14 2007 - 11:17:14 EDT)
CounterPath X-Lite SIP phone Remote Denial of Service vulnerability
- zwell(at)sohu.com (Sun Aug 12 2007 - 00:31:44 EDT)
Crash in Zoidcom 0.6.7
- Luigi Auriemma (Tue Aug 14 2007 - 18:18:09 EDT)
Cross Platform remote IM vulnerability / DOS
- J. Oquendo (Fri Aug 17 2007 - 16:37:46 EDT)
- Gavin Hanover (Fri Aug 17 2007 - 16:15:15 EDT)
- Danslo(at)yahoo.com (Fri Aug 17 2007 - 15:04:27 EDT)
Cross Site Request Forgery in 2wire routers
- hkm(at)hakim.ws (Wed Aug 15 2007 - 01:48:10 EDT)
CVE-2007-3382: Handling of cookies containing a ' character
- Christopher Schultz (Tue Aug 14 2007 - 11:52:22 EDT)
- Mark Thomas (Mon Aug 13 2007 - 23:28:21 EDT)
CVE-2007-3384: XSS in Tomcat cookies example
- Mark Thomas (Wed Aug 01 2007 - 23:18:45 EDT)
CVE-2007-3385: Handling of \" in cookies
- Mark Thomas (Mon Aug 13 2007 - 23:28:37 EDT)
CVE-2007-3386: XSS in Host Manager
- Mark Thomas (Mon Aug 13 2007 - 23:28:50 EDT)
Default Root Password in Infrant (now Netgear) ReadyNAS "RAIDiator"
- Felix Domke (Mon Aug 13 2007 - 08:52:26 EDT)
Design flaw in AS3 socket handling allows port probing
- fukami (Thu Aug 09 2007 - 14:21:41 EDT)
DeskPRO Admin Panel Multiple HTML Injections
- DoZ(at)HackersCenter.com (Tue Aug 14 2007 - 10:41:17 EDT)
Digital Armaments Security Advisory 24.07.2006: Siemens Speedstream Wireless/Router Denial of Service Vulnerability
- malaguka(at)yahoo.com (Fri Aug 31 2007 - 02:38:50 EDT)
DoS in Microsoft Media Player 11 on Win XP SP2
- thesinoda(at)hotmail.com (Tue Aug 07 2007 - 20:53:57 EDT)
DOS issue in Astaro Version 7 packet filter reporting, POSSIBLE security issue in POP3 proxy
- William Warren (Sat Aug 04 2007 - 22:04:21 EDT)
EEYE: VGX.DLL Compressed Content Heap Overflow Vulnerability
- eEye Advisories (Tue Aug 14 2007 - 15:47:18 EDT)
EEYE: Windows Metafile AttemptWrite Heap Overflow
- eEye Advisories (Tue Aug 14 2007 - 15:47:21 EDT)
Encryption Weakness in Sun Sun AS 9.0_0.1 (build b02-p01)
- fred(at)donovannetworks.com (Wed Aug 22 2007 - 08:09:50 EDT)
EnterpriseDB Advanced Server 8.2 Unitialized Pointer
- Joxean Koret (Wed Aug 29 2007 - 12:34:39 EDT)
Envolution (News) <= v1.1.0 Remote SQL Injection
- k1tk4t(at)newhack.org (Sat Aug 04 2007 - 19:13:12 EDT)
eXV2.de Browser Cookie is not properly sanitised
- webmaster(at)i-s-o.org (Mon Aug 13 2007 - 04:56:46 EDT)
eyeOS checksum prediction
- komarov(at)itdefence.ru (Mon Aug 27 2007 - 14:48:21 EDT)
EZPhotoSales 1.9.3 Multiple Vulnerabilities
- Seth Fogie (Mon Aug 06 2007 - 15:25:58 EDT)
FCMS (Family Connections) <= 0.1.1 Remote Command Execution Exploit // www.MefistoLabs.com
- hawkgotyou(at)gmail.com (Mon Aug 13 2007 - 13:15:18 EDT)
- ilkerkandemir(at)mynet.com (Sat Aug 11 2007 - 11:07:52 EDT)
File Uploader Version 1.1 Remote Command Execution Vulnerability
- rizgar(at)linuxmail.org (Thu Aug 09 2007 - 12:18:31 EDT)
FinDix Remote File Inclusion Vulnerability
- rizgar(at)linuxmail.org (Thu Aug 09 2007 - 09:41:39 EDT)
FLEA-2007-0038-1 gimp
- Foresight Linux Essential Announcement Service (Wed Aug 01 2007 - 14:31:22 EDT)
FLEA-2007-0039-1 firefox
- Foresight Linux Essential Announcement Service (Wed Aug 01 2007 - 15:03:24 EDT)
FLEA-2007-0040-1 thunderbird
- Foresight Linux Essential Announcement Service (Fri Aug 03 2007 - 10:05:24 EDT)
FLEA-2007-0041-1 gdm
- Foresight Linux Essential Announcement Service (Fri Aug 03 2007 - 10:26:23 EDT)
FLEA-2007-0042-1 qt
- Foresight Linux Essential Announcement Service (Fri Aug 03 2007 - 15:09:25 EDT)
FLEA-2007-0043-1 openssl
- Foresight Linux Essential Announcement Service (Mon Aug 13 2007 - 16:48:10 EDT)
FLEA-2007-0044-1 tetex tetex-dvips tetex-fonts
- Foresight Linux Essential Announcement Service (Tue Aug 14 2007 - 15:47:54 EDT)
FLEA-2007-0045-1 poppler
- Foresight Linux Essential Announcement Service (Tue Aug 14 2007 - 16:30:57 EDT)
FLEA-2007-0046-1 cups
- Foresight Linux Essential Announcement Service (Thu Aug 16 2007 - 08:51:22 EDT)
FLEA-2007-0047-1 rsync
- Foresight Linux Essential Announcement Service (Thu Aug 23 2007 - 16:52:51 EDT)
FLEA-2007-0048-1 xterm
- Foresight Linux Essential Announcement Service (Thu Aug 23 2007 - 17:01:00 EDT)
FLEA-2007-0049-1 tar
- Foresight Linux Essential Announcement Service (Mon Aug 27 2007 - 08:44:34 EDT)
Found nice mass exploits for fedora and imap
- Jon Lewis (Tue Aug 28 2007 - 11:24:15 EDT)
- jf (Tue Aug 28 2007 - 18:54:44 EDT)
- linux0day(at)yahoo.co.uk (Mon Aug 27 2007 - 21:33:20 EDT)
FreeBSD Security Advisory FreeBSD-SA-07:01.jail [REVISED]
- FreeBSD Security Advisories (Wed Aug 01 2007 - 17:26:08 EDT)
FreeBSD Security Advisory FreeBSD-SA-07:06.tcpdump
- FreeBSD Security Advisories (Wed Aug 01 2007 - 17:26:59 EDT)
FreeBSD Security Advisory FreeBSD-SA-07:07.bind
- FreeBSD Security Advisories (Wed Aug 01 2007 - 17:27:29 EDT)
Gstebuch Version 1.5 Remote Command Execution Vulnerability
- Carsten Eilers (Fri Aug 10 2007 - 16:10:26 EDT)
- ilkerkandemir(at)mynet.com (Fri Aug 10 2007 - 05:57:48 EDT)
- rizgar(at)linuxmail.org (Thu Aug 09 2007 - 12:16:38 EDT)
Guestbook Script 1.9 RFI
- laurent.gaffie(at)gmail.com (Thu Aug 09 2007 - 18:50:03 EDT)
- Ma$tEr-0F-De$a$t0r(at)hotmail.com (Tue Aug 07 2007 - 23:22:52 EDT)
Guidance Software response to iSEC report on EnCase
- luke.cleverley(at)gmail.com (Thu Aug 16 2007 - 00:12:16 EDT)
- Alex Stamos (Thu Aug 02 2007 - 12:41:54 EDT)
Gurur Haber v2.0
- the.dumenci(at)gmail.com (Mon Aug 20 2007 - 07:02:00 EDT)
Heap overflow in Skulltag 0.97d-beta4.1
- Luigi Auriemma (Thu Aug 23 2007 - 19:19:47 EDT)
HPSBMA02236 SSRT061260 rev.1 - HP OpenView Performance Manager (OVPM) Running Shared Trace Service on HP-UX, Solaris, and Windows, Remote Arbitrary Code Execution
- security-alert(at)hp.com (Wed Aug 29 2007 - 13:17:56 EDT)
HPSBMA02239 SSRT061260 rev.2 - HP OpenView Operations (OVO) Agents Running Shared Trace Service, Remote Arbitrary Code Execution
- security-alert(at)hp.com (Fri Aug 31 2007 - 10:34:17 EDT)
HPSBMA02240 SSRT061260 rev.1 - HP OpenView Operations Manager for Windows (OVOW) with the OpenView Operations Add On Module for OpenView Operations-Business Availability Center Integration Running Shared Trace Service, Remote Arbitrary Code Execution
- security-alert(at)hp.com (Wed Aug 15 2007 - 11:34:54 EDT)
HPSBMA02242 SSRT061260 rev.2 - HP OpenView Network Node Manager (OV NNM) Running Shared Trace Service, Remote Arbitrary Code Execution --------
- security-alert(at)hp.com (Fri Aug 17 2007 - 13:47:21 EDT)
HPSBST02255 SSRT071456 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS07-042 to MS07-050
- security-alert(at)hp.com (Wed Aug 22 2007 - 14:08:12 EDT)
HPSBTU02256 SSRT071449 rev.1 - HP Tru64 UNIX or HP Tru64 Internet Express running BIND, Remote DNS Cache Poisoning
- security-alert(at)hp.com (Fri Aug 31 2007 - 10:42:15 EDT)
HPSBUX02249 SSRT071442 rev.1 HP-UX Running the Ignite-UX or the DynRootDisk (DRD) get_system_info Command, Local Unqualified Configuration Change
- security-alert(at)hp.com (Mon Aug 27 2007 - 16:17:00 EDT)
Hunkaray Okul Portali v1.1 (tr) Sql injection Vuln
- yollubunlar(at)yollubunlar.org (Thu Aug 02 2007 - 14:02:40 EDT)
IBM Rational ClearQuest Web SQL Injection Login Bypass
- swhite(at)securestate.com (Tue Aug 14 2007 - 13:53:17 EDT)
iDefense Security Advisory 08.07.07: Apple Mac OS X mDNSResponder HTTP Request Heap Overflow Vulnerability
- iDefense Labs (Tue Aug 07 2007 - 18:29:57 EDT)
iDefense Security Advisory 08.07.07: Hewlett-Packard HP-UX Remote ldcconn Buffer Overflow Vulnerability
- iDefense Labs (Tue Aug 07 2007 - 17:22:59 EDT)
iDefense Security Advisory 08.09.07: Hewlett-Packard OpenView Operations OVTrace Buffer Overflow Vulnerabilities
- iDefense Labs (Thu Aug 09 2007 - 15:03:22 EDT)
iDefense Security Advisory 08.14.07: Microsoft Windows Vista Sidebar RSS Feeds Gadget Cross Site Scripting Vulnerability
- iDefense Labs (Tue Aug 14 2007 - 18:34:59 EDT)
iDefense Security Advisory 08.14.07: Microsoft XML Core Services XMLDOM Memory Corruption Vulnerability
- iDefense Labs (Tue Aug 14 2007 - 18:57:13 EDT)
iDefense Security Advisory 08.15.07: ESRI ArcSDE Numeric Literal Buffer Overflow Vulnerability
- iDefense Labs (Wed Aug 15 2007 - 14:40:55 EDT)
iDefense Security Advisory 08.16.07: IBM DB2 Universal Database buildDasPaths Buffer Overflow Vulnerability
- iDefense Labs (Thu Aug 16 2007 - 18:55:54 EDT)
iDefense Security Advisory 08.16.07: IBM DB2 Universal Database Directory Creation Vulnerability
- iDefense Labs (Thu Aug 16 2007 - 18:55:39 EDT)
iDefense Security Advisory 08.16.07: IBM DB2 Universal Database Directory Traversal Vulnerability
- iDefense Labs (Thu Aug 16 2007 - 18:55:21 EDT)
iDefense Security Advisory 08.16.07: IBM DB2 Universal Database Multiple File Creation Vulnerabilities
- iDefense Labs (Thu Aug 16 2007 - 18:55:30 EDT)
iDefense Security Advisory 08.16.07: IBM DB2 Universal Database Multiple Race Condition Vulnerabilities
- iDefense Labs (Thu Aug 16 2007 - 18:54:58 EDT)
iDefense Security Advisory 08.16.07: IBM DB2 Universal Database Multiple Untrusted Search Path Vulnerabilities
- iDefense Labs (Thu Aug 16 2007 - 18:55:46 EDT)
iDefense Security Advisory 08.20.07: Check Point Zone Labs Multiple Products Privilege Escalation Vulnerability
- iDefense Labs (Mon Aug 20 2007 - 11:27:47 EDT)
iDefense Security Advisory 08.20.07: Check Point Zone Labs VSDATANT Multiple IOCTL Privilege Escalation Vulnerabilities
- iDefense Labs (Mon Aug 20 2007 - 11:39:27 EDT)
iDefense Security Advisory 08.20.07: Trend Micro SSAPI Long Path Buffer Overflow Vulnerability
- iDefense Labs (Tue Aug 21 2007 - 15:16:59 EDT)
iDefense Security Advisory 08.21.07: Trend Micro ServerProtect Multiple Buffer Overflow Vulnerabilities
- iDefense Labs (Tue Aug 21 2007 - 18:21:26 EDT)
iDefense Security Advisory 08.21.07: Trend Micro ServerProtect RPCFN_SYNC_TASK Integer Overflow Vulnerability
- iDefense Labs (Tue Aug 21 2007 - 18:43:02 EDT)
iDefense Security Advisory 08.27.07: Motorola Timbuktu Multiple Buffer Overflow Vulnerabilities
- iDefense Labs (Mon Aug 27 2007 - 11:01:47 EDT)
iDefense Security Advisory 08.27.07: Motorola Timbuktu Pro Directory Traversal Vulnerability
- iDefense Labs (Mon Aug 27 2007 - 11:01:23 EDT)
iDefense Security Advisory 08.30.07: Yahoo Messenger YVerInfo.dll ActiveX Multiple Remote Buffer Overflow Vulnerabilities
- iDefense Labs (Thu Aug 30 2007 - 12:18:07 EDT)
IMF 2007 - Call for Participation
- Oliver Goebel (Mon Aug 20 2007 - 11:12:28 EDT)
Immunity Debugger is now released
- nicolas.waisman(at)immunityinc.com (Fri Aug 03 2007 - 20:59:04 EDT)
Immunity Debugger v1.1 Release
- Nicolas Waisman (Thu Aug 30 2007 - 17:17:15 EDT)
InterWorx-CP Multiple HTML Injections Vulnerabilitie
- info(at)interworx.com (Wed Aug 29 2007 - 14:53:27 EDT)
- DoZ(at)HackersCenter.com (Sun Aug 26 2007 - 00:22:42 EDT)
Invision Power Board D22-Shoutbox HTML Injections
- DoZ(at)HackersCenter.com (Tue Aug 21 2007 - 00:34:19 EDT)
JobLister3 SQL injection vulnerabilities
- joseph.giron13(at)gmail.com (Mon Aug 13 2007 - 02:26:13 EDT)
Join us at OWASP Mumbai Meet : 6th September 2007
- dharmeshmm(at)owasp.org (Thu Aug 09 2007 - 05:10:44 EDT)
Joomla 1.0.12 CMS - Session fixation Issue in backend Administration interface
- router(at)email.si (Fri Aug 10 2007 - 01:18:47 EDT)
Joomla Component SimpleFAQ V2.11 - Remote SQL Injection
- k1tk4t(at)newhack.org (Mon Aug 20 2007 - 17:02:26 EDT)
Joomla J! Reactions Component Remote File include Bug
- yollubunlar(at)yollubunlar.org (Mon Aug 20 2007 - 19:53:51 EDT)
- software(at)sdecnet.com (Sat Aug 18 2007 - 04:23:16 EDT)
- yollubunlar(at)hotmail.com (Fri Aug 03 2007 - 16:45:54 EDT)
Konqueror: URL address bar spoofing vulnerabilities
- Jonathan Smith (Mon Aug 06 2007 - 18:37:05 EDT)
- paraw (Mon Aug 06 2007 - 19:29:34 EDT)
- Robert Swiecki (Mon Aug 06 2007 - 17:44:15 EDT)
la-nai cms_v1.2.14 - Remote SQL Injection
- k1tk4t(at)newhack.org (Thu Aug 02 2007 - 18:30:22 EDT)
Lib2 PHP v0.2 (DOCUMENT_ROOT) Remote File Inclusion Vulnerability
- ilkerkandemir(at)mynet.com (Sat Aug 11 2007 - 11:05:16 EDT)
Local Privilege Escalation Vulnerabilities in Lotus Notes Client
- 3APA3A (Wed Aug 22 2007 - 12:29:51 EDT)
- kochetkov.vladimir(at)gmail.com (Wed Aug 22 2007 - 06:25:28 EDT)
Local privilege escalation vulnerability in Cisco VPN client
- NGSSoftware Insight Security Research (Thu Aug 16 2007 - 05:48:52 EDT)
Mambo 4.6.2 CMS - Session fixation Issue in backend Administration interface
- tomaz.bratusa(at)teamintell.com (Wed Aug 01 2007 - 10:47:34 EDT)
Mambo Component SimpleFAQ V2.11 - Remote SQL Injection
- k1tk4t(at)newhack.org (Mon Aug 20 2007 - 16:31:17 EDT)
Mapos Bilder Galerie Version 1.0 Remote Command Execution Vulnerability
- rizgar(at)linuxmail.org (Thu Aug 09 2007 - 12:17:02 EDT)
McAfee Virus Scan for Linux and Unix v5.10.0 Local Buffer Overflow
- Sebastian Wolfgarten (Wed Aug 15 2007 - 08:56:54 EDT)
mcNews (skinfile) Remote File Include Vulnerability
- ilkerkandemir(at)mynet.com (Sat Aug 11 2007 - 11:09:54 EDT)
Minimo .2 and more Firefox 2.0.0.6 Password Manager Vulnerabilites
- Seth Fogie (Thu Aug 02 2007 - 13:52:26 EDT)
Moonware Software Multiple Vulnerabilities
- s0cratex(at)hotmail.com (Sat Aug 25 2007 - 23:40:36 EDT)
More on VMWare poor guest isolation design
- Arthur Corliss (Tue Aug 28 2007 - 02:49:35 EDT)
- Tim Newsham (Mon Aug 27 2007 - 19:36:54 EDT)
- M. Burnett (Mon Aug 27 2007 - 13:51:46 EDT)
- Wietse Venema (Mon Aug 27 2007 - 10:37:35 EDT)
- Tim Newsham (Sat Aug 25 2007 - 15:05:13 EDT)
- M. Burnett (Fri Aug 24 2007 - 21:29:57 EDT)
MS07-042 XMLDOM substringData() PoC
- Alla Bezroutchko (Thu Aug 16 2007 - 05:32:10 EDT)
Multiple denial of service in Soldat 1.4.2/2.6.2
- Luigi Auriemma (Thu Aug 23 2007 - 19:28:39 EDT)
Multiple OS kernel insecure handling of stdio file descriptor
- watercloud(at)xfocus.org (Thu Aug 30 2007 - 04:20:00 EDT)
Multiple vulnerabilities in Babo Violent 2 2.08.00
- Luigi Auriemma (Tue Aug 14 2007 - 18:05:45 EDT)
Multiple vulnerabilities in Doomsday 1.9.0-beta5.1
- Luigi Auriemma (Wed Aug 29 2007 - 17:39:48 EDT)
Multiple vulnerabilities in ircu
- Wouter Coekaerts (Sun Aug 12 2007 - 11:05:16 EDT)
Multiple vulnerabilities in Live for Speed 0.5X10
- Luigi Auriemma (Tue Aug 14 2007 - 18:02:39 EDT)
Multiple vulnerabilities in rFactor 1.250
- Luigi Auriemma (Sat Aug 18 2007 - 18:05:44 EDT)
Multiple vulnerabilities in Toribash 2.71
- Luigi Auriemma (Sat Aug 18 2007 - 18:06:26 EDT)
MySQLDumper vulnerability: Bypassing Apache based access control possible
- admin(at)mysqldumper.de (Sat Aug 04 2007 - 05:10:17 EDT)
n.runs, Sophos, German laws, and customer safety
- alan (Tue Aug 28 2007 - 15:50:28 EDT)
- Anonymous(at)Anonymous.de (Tue Aug 28 2007 - 16:20:01 EDT)
- Oliver Karow (Tue Aug 28 2007 - 13:12:49 EDT)
- Jerome Athias (Tue Aug 28 2007 - 14:43:38 EDT)
- Steven M. Christey (Tue Aug 28 2007 - 13:00:22 EDT)
n.runs-SA-2007.025 - ClamAV Remote Code Execution Advisory
- security(at)nruns.com (Fri Aug 24 2007 - 15:14:25 EDT)
n.runs-SA-2007.026 - Sophos Antivirus BZip parsing Infinite Loop Advisory
- security(at)nruns.com (Fri Aug 24 2007 - 15:14:41 EDT)
n.runs-SA-2007.027 - Sophos Antivirus UPX parsing Arbitrary CodeExecution Advisory
- Sergio Alvarez (Mon Aug 27 2007 - 16:41:50 EDT)
- 3APA3A (Mon Aug 27 2007 - 12:33:56 EDT)
- security(at)nruns.com (Fri Aug 24 2007 - 15:15:01 EDT)
Neuron Blog Admin Permission Bypass and Remote File Upload Vulnerability
- rizgar(at)linuxmail.org (Mon Aug 13 2007 - 04:17:15 EDT)
New Oracle Forensics Paper
- David Litchfield (Fri Aug 10 2007 - 09:17:19 EDT)
No cON Name 2007 - CALL FOR PAPERS
- deese(at)spezialk.net (Tue Aug 21 2007 - 07:31:50 EDT)
NSFOCUS SA2007-01 : Microsoft IE5 CSS Parsing Memory Corruption Vulnerability
- NSFOCUS Security Team (Wed Aug 15 2007 - 03:32:33 EDT)
Olate Download 3.4.1 ~ admin.php ~ Admin authentication bypassing
- postmaster(at)centrixonline.com (Tue Aug 21 2007 - 01:14:29 EDT)
- imei Addmimistrator (Thu Aug 16 2007 - 12:30:17 EDT)
Olate Download 3.4.1~environment.php.php~Code Execution
- imei Addmimistrator (Fri Aug 17 2007 - 07:45:25 EDT)
Olate Download 3.4.2 ~ userupload.php ~ Upload Executable Files
- imei Addmimistrator (Fri Aug 31 2007 - 17:34:25 EDT)
Olate Download 3.4.2~download.php ~ sql injection
- imei Addmimistrator (Wed Aug 22 2007 - 14:00:29 EDT)
Olate Download 3.4.2~modules/core/fldm.php~comments tag [url] XSS
- imei Addmimistrator (Wed Aug 22 2007 - 13:51:37 EDT)
Olate Download 3.4.2~modules/core/uim.php~XSS
- imei Addmimistrator (Wed Aug 22 2007 - 13:50:09 EDT)
Olate Download 3.4.2~uploads folder ~ directory traversal
- imei Addmimistrator (Fri Aug 31 2007 - 17:33:31 EDT)
OpenBSD 4.1 - Heap overflow vulnerabillity
- Steve Shockley (Tue Aug 28 2007 - 14:14:22 EDT)
- acheddamiman(at)gmail.com (Sat Aug 25 2007 - 16:18:39 EDT)
our de France Pool 1.0.1 Remote File İnclude Bug
- yollubunlar(at)yollubunlar.org (Thu Aug 02 2007 - 13:58:29 EDT)
OWASP Mumbai Meeting : 6th Sep 2007
- dharmeshmm(at)gmail.com (Mon Aug 20 2007 - 09:47:39 EDT)
PHP Blue Dragon CMS 3.0.0 Remote File Inclusion Vulnerability (0dd exploit)
- Emanuele Gentili (Mon Aug 13 2007 - 22:38:59 EDT)
PHP-Nuke (ALL versions) Multiple XSS and HTML injection
- mikispag(at)gmail.com (Wed Aug 01 2007 - 11:58:47 EDT)
php-stats xss whois.php
- vasodipandora(at)gmail.com (Sat Aug 11 2007 - 10:21:06 EDT)
PHPCentral Login Script Remote Command Execution Vulnerability
- Steven M. Christey (Tue Aug 14 2007 - 21:09:42 EDT)
- Magnus Holmgren (Tue Aug 14 2007 - 04:16:18 EDT)
- rizgar(at)linuxmail.org (Sun Aug 12 2007 - 11:12:58 EDT)
PHPCentral Poll Script Remote Command Execution Vulnerability
- Eren TÃ¼rkay (Mon Aug 20 2007 - 17:11:57 EDT)
- Coopercentral(at)gmail.com (Mon Aug 20 2007 - 16:10:22 EDT)
- rizgar(at)linuxmail.org (Sun Aug 12 2007 - 11:17:30 EDT)
phpDVD v1.0.4 (dvd_config_file) Remote File Include Exploit
- BlackHawk (Tue Aug 14 2007 - 03:23:37 EDT)
- ilkerkandemir(at)mynet.com (Sat Aug 11 2007 - 11:04:36 EDT)
PhpGedView login page multiple XSS
- morin.josh(at)gmail.com (Mon Aug 27 2007 - 17:22:51 EDT)
phpress 0.2.0 (adisplay.php) Remote File Inclusion
- naxx (Wed Aug 22 2007 - 19:28:12 EDT)
Pluck 4.3 themes.php Remote File Inclusion and disclosure
- no-reply(at)aria-security.net (Thu Aug 02 2007 - 07:40:48 EDT)
PR07-23: Non-persistent Cross-site Scripting (XSS) on Absolute Poll Manager XE admin page
- research(at)procheckup.com (Thu Aug 30 2007 - 06:27:26 EDT)
Pwnie Awards Ceremony
- Alexander Sotirov (Wed Aug 01 2007 - 02:15:13 EDT)
Question about exploit exposing SSN & user info
- J. Oquendo (Mon Aug 06 2007 - 14:57:48 EDT)
- Michal Bucko (Mon Aug 06 2007 - 12:01:53 EDT)
- J. Patterson Wicks (Mon Aug 06 2007 - 13:35:23 EDT)
- hsukowa(at)yahoo.com (Sun Aug 05 2007 - 22:35:18 EDT)
Ragnarok Online Control Panel Authentication Bypass Vulnerability [new method]
- dp14(at)hotmail.com (Fri Aug 31 2007 - 08:05:51 EDT)
Release of Pass-The-Hash Toolkit for Windows v1.0
- Hernan Ochoa (Wed Aug 15 2007 - 18:29:24 EDT)
Reminder: HITBSecConf2007 - Malaysia is less than 2 weeks away
- Praburaajan (Wed Aug 22 2007 - 23:43:01 EDT)
Remote Denial of Service for SSH service at Dell DRAC4 (maybe Mocana SSH)
- Robert Scheck (Mon Aug 13 2007 - 12:09:06 EDT)
Remote Denial of Service for SSH service at Dell DRAC4 (maybeMocana SSH)
- Robert Scheck (Wed Aug 15 2007 - 04:38:31 EDT)
- Thierry Zoller (Mon Aug 13 2007 - 15:29:51 EDT)
Remote Memory Read in Diskeeper 9 - 2007
- auto48696(at)hushmail.com (Thu Aug 16 2007 - 15:17:07 EDT)
report a bug !
- Draichis (Fri Aug 24 2007 - 00:00:47 EDT)
- Steve Shockley (Mon Aug 20 2007 - 17:34:56 EDT)
- Advisory(at)Aria-security.net (Sat Aug 18 2007 - 14:59:15 EDT)
Ripe Website Manager SQL Injection and Cross Site Scripting Vulnerabilities
- OS2A BTO (Wed Aug 22 2007 - 12:06:12 EDT)
rPSA-2007-0153-1 qt-x11-free
- rPath Update Announcements (Wed Aug 01 2007 - 19:39:31 EDT)
rPSA-2007-0154-1 cups poppler tetex tetex-afm tetex-dvips tetex-fonts tetex-latex tetex-xdvi
- rPath Update Announcements (Fri Aug 10 2007 - 09:37:40 EDT)
rPSA-2007-0155-1 openssl openssl-scripts
- rPath Update Announcements (Fri Aug 10 2007 - 09:38:37 EDT)
rPSA-2007-0157-1 firefox thunderbird
- rPath Update Announcements (Fri Aug 10 2007 - 09:41:33 EDT)
rPSA-2007-0160-1 openoffice.org
- rPath Update Announcements (Tue Aug 14 2007 - 17:12:20 EDT)
rPSA-2007-0161-1 dovecot
- rPath Update Announcements (Tue Aug 14 2007 - 18:12:33 EDT)
rPSA-2007-0164-1 kernel
- rPath Update Announcements (Thu Aug 16 2007 - 19:31:11 EDT)
rPSA-2007-0168-1 rsync
- rPath Update Announcements (Wed Aug 22 2007 - 20:29:01 EDT)
rPSA-2007-0169-1 xterm
- rPath Update Announcements (Thu Aug 23 2007 - 14:52:48 EDT)
rPSA-2007-0172-1 tar
- rPath Update Announcements (Sat Aug 25 2007 - 09:24:16 EDT)
Safari for windows remote arbitry file upload
- Neil Dickey (Mon Aug 20 2007 - 18:08:00 EDT)
- laurent.gaffie(at)gmail.com (Thu Aug 16 2007 - 17:32:51 EDT)
- Neil Dickey (Wed Aug 15 2007 - 17:18:43 EDT)
- laurent.gaffie(at)gmail.com (Sat Aug 11 2007 - 11:09:59 EDT)
SecNiche : Microsoft Internet Explorer Pop up Blocker Bypassing and Dos Vulnerability
- Aditya K Sood (Thu Aug 16 2007 - 23:36:58 EDT)
Security Advisory for Bugzilla 3.0, 2.22.1, and 2.20.4
- mkanat(at)bugzilla.org (Thu Aug 23 2007 - 16:53:16 EDT)
security contact for uat.edu needed
- Hans Wolters (Sat Aug 11 2007 - 17:14:55 EDT)
- Hans Wolters (Fri Aug 03 2007 - 16:57:30 EDT)
- Hans Wolters (Thu Aug 02 2007 - 18:00:36 EDT)
Security vulnerability in BufferZone 2.5
- seppi(at)seppig.de (Fri Aug 24 2007 - 18:24:20 EDT)
security vulnerability in VMware
- seppi(at)seppig.de (Fri Aug 24 2007 - 18:34:05 EDT)
Shoutbox 1.0 Remote Command Execution Vulnerability
- rizgar(at)linuxmail.org (Thu Aug 09 2007 - 12:18:59 EDT)
SIDVault LDAP Server Remote Buffer Overflow
- Joxean Koret (Sat Aug 25 2007 - 20:50:11 EDT)
SIEMENS Gigaset SE361 router XSS
- morin.josh(at)gmail.com (Tue Aug 21 2007 - 09:35:30 EDT)
Skype Network Remote DoS Exploit
- Jay (Tue Aug 21 2007 - 15:18:22 EDT)
- Roland Dobbins (Tue Aug 21 2007 - 13:44:34 EDT)
- Valery Marchuk (Mon Aug 20 2007 - 21:52:23 EDT)
- Matthew Leeds (Mon Aug 20 2007 - 17:50:30 EDT)
- David Harley (Tue Aug 21 2007 - 06:25:47 EDT)
- Marc Maiffret (Mon Aug 20 2007 - 17:05:32 EDT)
- Steven M. Christey (Mon Aug 20 2007 - 13:39:14 EDT)
- Valery Marchuk (Fri Aug 17 2007 - 03:13:04 EDT)
SolpotCrew Advisory #15 (home_edition2001) - Weblogicnet (files_dir) Remote File Inclusion
- home_edition2001(at)irc.mildnet.org (Fri Aug 31 2007 - 19:51:19 EDT)
Sony: The Return Of The Rootkit
- Jason Brooke (Fri Aug 31 2007 - 17:45:13 EDT)
- Juha-Matti Laurio (Fri Aug 31 2007 - 18:40:36 EDT)
- Chad Perrin (Fri Aug 31 2007 - 15:03:25 EDT)
- Paul Sebastian Ziegler (Fri Aug 31 2007 - 18:48:49 EDT)
- Paul Sebastian Ziegler (Thu Aug 30 2007 - 12:10:25 EDT)
- Quark IT - Hilton Travis (Wed Aug 29 2007 - 17:34:25 EDT)
SOTEeSKLEP Remote File Disclosure Vulnerability
- m(at)sote.pl (Tue Aug 14 2007 - 09:46:38 EDT)
- theoden(at)interia.pl (Mon Aug 13 2007 - 08:37:41 EDT)
SPIP v1.7 Remote File Inclusion Bug
- Magnus Holmgren (Fri Aug 24 2007 - 15:57:46 EDT)
SQL Injection in Cisco CallManager
- Elliot Kendall (Thu Aug 30 2007 - 13:06:27 EDT)
Streamripper 1.62.1 - Buffer Overflows
- chris.rohlf(at)gmail.com (Sun Aug 12 2007 - 19:01:20 EDT)
Summercon 2007 Atlanta August 24 - 26
- rragan(at)spidynamics.com (Thu Aug 09 2007 - 12:09:23 EDT)
Sunshop v4.0 <= Blind SQL Injection exploit
- auah(at)gelap.com (Sun Aug 26 2007 - 12:44:11 EDT)
SYMSA-2007-007: Palm OS Treo Smartphone Denial of Service
- Tuc at T-B-O-H.NET (Tue Aug 21 2007 - 12:51:57 EDT)
- bjohnson(at)bsu.edu (Tue Aug 21 2007 - 16:14:51 EDT)
- Michael Bednar (Mon Aug 20 2007 - 17:21:08 EDT)
- s1m0n13(at)hotmail.com (Tue Aug 21 2007 - 11:46:39 EDT)
- Stuart Moore (Mon Aug 20 2007 - 16:12:53 EDT)
- research(at)symantec.com (Fri Aug 17 2007 - 09:21:57 EDT)
Systme de vote en temps rel v1.0 Remote File include Bug
- cybermilitan(at)hotmail.com (Tue Aug 14 2007 - 09:05:42 EDT)
Team SHATTER Advisory: IBM DB2 Buffer overflow in sysproc.auth_list_groups_for_authid
- Team SHATTER (Fri Aug 31 2007 - 16:57:41 EDT)
TeamSpeak 2 Server Vulnerabilities?
- 3APA3A (Thu Aug 23 2007 - 07:13:25 EDT)
- lehox (Tue Aug 21 2007 - 17:00:47 EDT)
The Korean Hacking & Security Conference "POC 2007" call for papers
- poc2007(at)gmail.com (Thu Aug 23 2007 - 21:04:28 EDT)
The Long Run
- Dave Aitel (Wed Aug 29 2007 - 12:20:24 EDT)
Tikiwiki 1.9.7 HTML/embed object injection
- morin.josh(at)gmail.com (Fri Aug 24 2007 - 02:57:59 EDT)
TlbInf32 ActiveX Command Execution
- Brett Moore (Wed Aug 15 2007 - 19:06:14 EDT)
ToorCon 9 CFP
- David Hulton (Thu Aug 16 2007 - 20:00:40 EDT)
TPTI-07-14: HP OpenView Multiple Product Shared Trace Service Stack Overflow Vulnerabilities
- TSRT(at)3com.com (Tue Aug 14 2007 - 17:13:39 EDT)
Trackeur v.1 Remote File İnclude Bug
- the.tiger100(at)gmail.com (Thu Aug 16 2007 - 11:25:02 EDT)
- cybermilitan(at)hotmail.com (Tue Aug 14 2007 - 09:04:59 EDT)
TS-2007-001-0: BlueCat Networks Adonis Linux-HA heartbeat DoS Vulnerability
- bmiskov(at)bluecatnetworks.com (Fri Aug 03 2007 - 11:44:31 EDT)
TS-2007-002-0: BlueCat Networks Adonis root Privilege Access
- security(at)bluecatnetworks.com (Thu Aug 09 2007 - 17:01:01 EDT)
- anonymous.c7ffa4057a (Mon Aug 06 2007 - 12:57:18 EDT)
TS-2007-003-0: BlueCat Networks Adonis CLI root privilege escalation
- security(at)bluecatnetworks.com (Mon Aug 20 2007 - 15:23:47 EDT)
- anonymous.c7ffa4057a (Thu Aug 16 2007 - 12:50:28 EDT)
TSLSA-2007-0024 - multi
- Trustix Security Advisor (Fri Aug 10 2007 - 09:31:58 EDT)
Unexploitable buffer-overflow in the logging function of the Unreal engine
- 3APA3A (Wed Aug 29 2007 - 14:58:32 EDT)
- rickmccl(at)gmail.com (Wed Aug 29 2007 - 10:48:35 EDT)
- Luigi Auriemma (Sat Aug 18 2007 - 18:04:52 EDT)
Updated: VMware poor guest isolation design
- VMware Security team (Wed Aug 29 2007 - 21:29:29 EDT)
vBulletin V3.6.8 XSS Password Md5 Hash
- scott-REMOVE(at)vbulletin.com (Fri Aug 17 2007 - 13:23:56 EDT)
- RaeD(at)BsdMail.Com (Fri Aug 17 2007 - 06:56:04 EDT)
VietPHP Remote File Inclusion Vulnerbility
- master-of-desastor(at)hotmail.com (Tue Aug 07 2007 - 08:30:02 EDT)
VMWare poor guest isolation design
- Arthur Corliss (Tue Aug 28 2007 - 02:22:08 EDT)
- VMware Security team (Wed Aug 29 2007 - 21:09:10 EDT)
- Ken Kousky (Sat Aug 25 2007 - 13:30:30 EDT)
- Ken Kousky (Fri Aug 24 2007 - 14:42:40 EDT)
- Arthur Corliss (Fri Aug 24 2007 - 17:45:23 EDT)
- Tim Newsham (Fri Aug 24 2007 - 17:07:08 EDT)
- Matt Richard (Fri Aug 24 2007 - 10:43:34 EDT)
- Jonathan Yu (Fri Aug 24 2007 - 09:51:51 EDT)
- Arthur Corliss (Fri Aug 24 2007 - 04:13:37 EDT)
- Arthur Corliss (Fri Aug 24 2007 - 03:50:51 EDT)
- Arthur Corliss (Fri Aug 24 2007 - 03:16:17 EDT)
- Arthur Corliss (Fri Aug 24 2007 - 14:03:28 EDT)
- Jonathan Yu (Thu Aug 23 2007 - 21:06:36 EDT)
- James C. Slora Jr. (Thu Aug 23 2007 - 18:40:04 EDT)
- William Holmberg (Thu Aug 23 2007 - 16:46:27 EDT)
- M. Burnett (Thu Aug 23 2007 - 16:30:49 EDT)
- Arthur Corliss (Thu Aug 23 2007 - 12:49:15 EDT)
- M. Burnett (Wed Aug 22 2007 - 23:22:37 EDT)
VNSECON07 Materials released
- Jerome Athias (Wed Aug 08 2007 - 15:41:58 EDT)
Vulnerabilities digest
- Steven M. Christey (Wed Aug 22 2007 - 18:16:35 EDT)
- 3APA3A (Tue Aug 21 2007 - 15:36:43 EDT)
Vulnerability in multiple "now playing" scripts for various IRC clients
- Wouter Coekaerts (Thu Aug 16 2007 - 14:57:16 EDT)
- Michael Tharp (Wed Aug 15 2007 - 13:34:38 EDT)
- v9(at)fakehalo.us (Wed Aug 15 2007 - 12:27:48 EDT)
- Wouter Coekaerts (Sun Aug 12 2007 - 13:02:24 EDT)
Web News 1.1 Remote Command Execution Vulnerability
- rizgar(at)linuxmail.org (Thu Aug 09 2007 - 12:18:03 EDT)
WengoPhone SIP phone Remote Denial of Service vulnerability
- zwell(at)sohu.com (Sun Aug 12 2007 - 00:41:13 EDT)
WikiWebWeaver 1.1 beta Upload Shell Vulnerability
- yollubunlar(at)yollubunlar.org (Wed Aug 01 2007 - 05:40:38 EDT)
WireShark MMS Remote Denial of Service vulnerability
- zwell(at)sohu.com (Tue Aug 14 2007 - 12:41:24 EDT)
X-Diesel Unreal Commander v0.92 (build 573) multiple vulnerabilities
- Gynvael Coldwind (Thu Aug 23 2007 - 07:39:44 EDT)
XSS vulnerability in Cisco MeetingPlace
- Paul Oxman (poxman) (Wed Aug 08 2007 - 12:29:52 EDT)
- Disclosure (Wed Aug 08 2007 - 10:30:00 EDT)
ZDI-07-045: Novell Client NWSPOOL.DLL Stack Overflow Vulnerability
- zdi-disclosures(at)3com.com (Mon Aug 06 2007 - 17:46:02 EDT)
ZDI-07-046: Microsoft Windows Media Player Skin Parsing Size Mismatch Heap Overflow Vulnerability
- zdi-disclosures(at)3com.com (Tue Aug 14 2007 - 16:31:15 EDT)
ZDI-07-047: Microsoft Windows Media Player Malformed Skin Header Code Execution Vulnerability
- zdi-disclosures(at)3com.com (Tue Aug 14 2007 - 16:32:05 EDT)
ZDI-07-048: Microsoft Internet Explorer substringData() Heap Overflow Vulnerability
- zdi-disclosures(at)3com.com (Tue Aug 14 2007 - 16:33:13 EDT)
ZDI-07-049: EMC Legato Networker Remote Exec Service Stack Overflow Vulnerabilities
- zdi-disclosures(at)3com.com (Mon Aug 20 2007 - 16:40:46 EDT)
Zyxel Zywall 2 multiple vulnerabilities
- Henri Lindberg - Smilehouse Oy (Fri Aug 10 2007 - 06:35:35 EDT)
- 489 messages sort by: [ thread ] [ author ] [ date ] [ attachment ]
This archive was generated by hypermail 2.1.8 : Wed Jul 16 2008 - 14:45:29 EDT