Mailing List Archive For bugtraq@securityfocus.com Aug 2007 By Thread

• SolpotCrew Advisory #15 (home_edition2001) - Weblogicnet (files_dir) Remote File Inclusion home_edition2001(at)irc.mildnet.org (Fri Aug 31 2007 - 19:51:19 EDT)
• [SECURITY] [DSA 1363-1] New Linux 2.6.18 packages fix several vulnerabilities dann frazier (Fri Aug 31 2007 - 19:33:55 EDT)
• [ MDKSA-2007:172 ] - Updated clamav packages vulnerabilities security(at)mandriva.com (Fri Aug 31 2007 - 21:36:35 EDT)
• Olate Download 3.4.2~uploads folder ~ directory traversal imei Addmimistrator (Fri Aug 31 2007 - 17:33:31 EDT)
• Olate Download 3.4.2 ~ userupload.php ~ Upload Executable Files imei Addmimistrator (Fri Aug 31 2007 - 17:34:25 EDT)
• Aztech router DSL600EU IP and ARP spoof acheddamiman(at)gmail.com (Thu Aug 30 2007 - 19:10:01 EDT)
• Team SHATTER Advisory: IBM DB2 Buffer overflow in sysproc.auth_list_groups_for_authid Team SHATTER (Fri Aug 31 2007 - 16:57:41 EDT)
• [USN-510-1] Linux kernel vulnerabilities Kees Cook (Fri Aug 31 2007 - 14:42:10 EDT)
• HPSBMA02239 SSRT061260 rev.2 - HP OpenView Operations (OVO) Agents Running Shared Trace Service, Remote Arbitrary Code Execution security-alert(at)hp.com (Fri Aug 31 2007 - 10:34:17 EDT)
• HPSBTU02256 SSRT071449 rev.1 - HP Tru64 UNIX or HP Tru64 Internet Express running BIND, Remote DNS Cache Poisoning security-alert(at)hp.com (Fri Aug 31 2007 - 10:42:15 EDT)
• [USN-509-1] Linux kernel vulnerabilities Kees Cook (Thu Aug 30 2007 - 20:55:57 EDT)
• Ragnarok Online Control Panel Authentication Bypass Vulnerability [new method] dp14(at)hotmail.com (Fri Aug 31 2007 - 08:05:51 EDT)
• Re: Digital Armaments Security Advisory 24.07.2006: Siemens Speedstream Wireless/Router Denial of Service Vulnerability malaguka(at)yahoo.com (Fri Aug 31 2007 - 02:38:50 EDT)
• [USN-508-1] Linux kernel vulnerabilities Kees Cook (Fri Aug 31 2007 - 00:46:07 EDT)
• Immunity Debugger v1.1 Release Nicolas Waisman (Thu Aug 30 2007 - 17:17:15 EDT)
• Cisco CSS WebNS ssh crash NetExpress (Thu Aug 30 2007 - 12:02:36 EDT)
• SQL Injection in Cisco CallManager Elliot Kendall (Thu Aug 30 2007 - 13:06:27 EDT)
• iDefense Security Advisory 08.30.07: Yahoo Messenger YVerInfo.dll ActiveX Multiple Remote Buffer Overflow Vulnerabilities iDefense Labs (Thu Aug 30 2007 - 12:18:07 EDT)
• Sony: The Return Of The Rootkit Quark IT - Hilton Travis (Wed Aug 29 2007 - 17:34:25 EDT)
  • Re: Sony: The Return Of The Rootkit Paul Sebastian Ziegler (Thu Aug 30 2007 - 12:10:25 EDT)
    • Re: Sony: The Return Of The Rootkit Chad Perrin (Fri Aug 31 2007 - 15:03:25 EDT)
    • Re: Sony: The Return Of The Rootkit Jason Brooke (Fri Aug 31 2007 - 17:45:13 EDT)
      • Re: Sony: The Return Of The Rootkit Paul Sebastian Ziegler (Fri Aug 31 2007 - 18:48:49 EDT)
  • Re: Sony: The Return Of The Rootkit Juha-Matti Laurio (Fri Aug 31 2007 - 18:40:36 EDT)
• Updated: VMware poor guest isolation design VMware Security team (Wed Aug 29 2007 - 21:29:29 EDT)
• Re: Re: Multiple OS kernel insecure handling of stdio file descriptor watercloud(at)xfocus.org (Thu Aug 30 2007 - 04:20:00 EDT)
• PR07-23: Non-persistent Cross-site Scripting (XSS) on Absolute Poll Manager XE admin page research(at)procheckup.com (Thu Aug 30 2007 - 06:27:26 EDT)
• VMware poor guest isolation design VMware Security team (Wed Aug 29 2007 - 21:09:10 EDT)
• [USN-507-1] tcp-wrappers vulnerability Kees Cook (Wed Aug 29 2007 - 20:05:07 EDT)
• [SECURITY] [DSA 1362-1] New lighttpd packages fix several vulnerabilities Steve Kemp (Wed Aug 29 2007 - 17:21:11 EDT)
• The Long Run Dave Aitel (Wed Aug 29 2007 - 12:20:24 EDT)
• [SECURITY] [DSA 1361-1] New postfix-policyd packages fix arbitrary code execution Steve Kemp (Wed Aug 29 2007 - 16:43:36 EDT)
• Multiple vulnerabilities in Doomsday 1.9.0-beta5.1 Luigi Auriemma (Wed Aug 29 2007 - 17:39:48 EDT)
• HPSBMA02236 SSRT061260 rev.1 - HP OpenView Performance Manager (OVPM) Running Shared Trace Service on HP-UX, Solaris, and Windows, Remote Arbitrary Code Execution security-alert(at)hp.com (Wed Aug 29 2007 - 13:17:56 EDT)
• Cisco Security Advisory: XSS and SQL Injection in Cisco CallManager/Unified Communications Manager Logon Page Cisco Systems Product Security Incident Response Team (Wed Aug 29 2007 - 12:55:34 EDT)
• [USN-469-2] Enigmail regression Kees Cook (Tue Aug 28 2007 - 20:51:01 EDT)
• [HISPASEC] Blizzard StarCraft Brood War 1.15.1 Remote DoS Gynvael Coldwind (Wed Aug 29 2007 - 08:24:30 EDT)
• [USN-506-1] tar vulnerability Kees Cook (Tue Aug 28 2007 - 17:53:35 EDT)
• [USN-504-1] Emacs vulnerability Kees Cook (Tue Aug 28 2007 - 17:51:58 EDT)
• [USN-505-1] vim vulnerability Kees Cook (Tue Aug 28 2007 - 17:53:01 EDT)
• [ MDKSA-2007:171 ] - Updated kernel packages fix multiple vulnerabilities and bugs security(at)mandriva.com (Tue Aug 28 2007 - 14:22:09 EDT)
• [SECURITY] [DSA 1360-1] New rsync packages fix arbitrary code execution Steve Kemp (Tue Aug 28 2007 - 14:07:55 EDT)
• [SECURITY] [DSA 1359-1] New dovecot packages fix directory traversal Steve Kemp (Tue Aug 28 2007 - 13:58:39 EDT)
• n.runs, Sophos, German laws, and customer safety Steven M. Christey (Tue Aug 28 2007 - 13:00:22 EDT)
  • Re: n.runs, Sophos, German laws, and customer safety Jerome Athias (Tue Aug 28 2007 - 14:43:38 EDT)
    • Re: n.runs, Sophos, German laws, and customer safety alan (Tue Aug 28 2007 - 15:50:28 EDT)
  • Re: n.runs, Sophos, German laws, and customer safety Oliver Karow (Tue Aug 28 2007 - 13:12:49 EDT)
  • Re: n.runs, Sophos, German laws, and customer safety Anonymous(at)Anonymous.de (Tue Aug 28 2007 - 16:20:01 EDT)
• Found nice mass exploits for fedora and imap linux0day(at)yahoo.co.uk (Mon Aug 27 2007 - 21:33:20 EDT)
  • Re: Found nice mass exploits for fedora and imap jf (Tue Aug 28 2007 - 18:54:44 EDT)
  • Re: Found nice mass exploits for fedora and imap Jon Lewis (Tue Aug 28 2007 - 11:24:15 EDT)
• Community input/questions for ISOI 3? Gadi Evron (Sat Aug 25 2007 - 23:41:37 EDT)
• HPSBUX02249 SSRT071442 rev.1 HP-UX Running the Ignite-UX or the DynRootDisk (DRD) get_system_info Command, Local Unqualified Configuration Change security-alert(at)hp.com (Mon Aug 27 2007 - 16:17:00 EDT)
• PhpGedView login page multiple XSS morin.josh(at)gmail.com (Mon Aug 27 2007 - 17:22:51 EDT)
• BIND 8 EOL and BIND 8 DNS Cache Poisoning (Amit Klein, Trusteer) Amit Klein (Mon Aug 27 2007 - 15:01:56 EDT)
• eyeOS checksum prediction komarov(at)itdefence.ru (Mon Aug 27 2007 - 14:48:21 EDT)
• FLEA-2007-0049-1 tar Foresight Linux Essential Announcement Service (Mon Aug 27 2007 - 08:44:34 EDT)
• OpenBSD 4.1 - Heap overflow vulnerabillity acheddamiman(at)gmail.com (Sat Aug 25 2007 - 16:18:39 EDT)
  • Re: OpenBSD 4.1 - Heap overflow vulnerabillity Steve Shockley (Tue Aug 28 2007 - 14:14:22 EDT)
• [USN-503-1] Thunderbird vulnerabilities Kees Cook (Mon Aug 27 2007 - 02:02:40 EDT)
• iDefense Security Advisory 08.27.07: Motorola Timbuktu Pro Directory Traversal Vulnerability iDefense Labs (Mon Aug 27 2007 - 11:01:23 EDT)
• iDefense Security Advisory 08.27.07: Motorola Timbuktu Multiple Buffer Overflow Vulnerabilities iDefense Labs (Mon Aug 27 2007 - 11:01:47 EDT)
• Moonware Software Multiple Vulnerabilities s0cratex(at)hotmail.com (Sat Aug 25 2007 - 23:40:36 EDT)
• Abledesign Dynamic Picture Frame XSS morin.josh(at)gmail.com (Sun Aug 26 2007 - 16:45:09 EDT)
• InterWorx-CP Multiple HTML Injections Vulnerabilitie DoZ(at)HackersCenter.com (Sun Aug 26 2007 - 00:22:42 EDT)
  • Re: InterWorx-CP Multiple HTML Injections Vulnerabilitie info(at)interworx.com (Wed Aug 29 2007 - 14:53:27 EDT)
• Sunshop v4.0 <= Blind SQL Injection exploit auah(at)gelap.com (Sun Aug 26 2007 - 12:44:11 EDT)
• [SECURITY] [DSA 1358-1] New asterisk packages fix several vulnerabilities Moritz Muehlenhoff (Sun Aug 26 2007 - 04:04:07 EDT)
• SIDVault LDAP Server Remote Buffer Overflow Joxean Koret (Sat Aug 25 2007 - 20:50:11 EDT)
  • EnterpriseDB Advanced Server 8.2 Unitialized Pointer Joxean Koret (Wed Aug 29 2007 - 12:34:39 EDT)
• n.runs-SA-2007.027 - Sophos Antivirus UPX parsing Arbitrary CodeExecution Advisory security(at)nruns.com (Fri Aug 24 2007 - 15:15:01 EDT)
  • Re: n.runs-SA-2007.027 - Sophos Antivirus UPX parsing Arbitrary CodeExecution Advisory 3APA3A (Mon Aug 27 2007 - 12:33:56 EDT)
    • Re: n.runs-SA-2007.027 - Sophos Antivirus UPX parsing Arbitrary CodeExecution Advisory Sergio Alvarez (Mon Aug 27 2007 - 16:41:50 EDT)
• rPSA-2007-0172-1 tar rPath Update Announcements (Sat Aug 25 2007 - 09:24:16 EDT)
• Re: SPIP v1.7 Remote File Inclusion Bug Magnus Holmgren (Fri Aug 24 2007 - 15:57:46 EDT)
• AST-2007-021: Crash from invalid/corrupted MIME bodies when using voicemail with IMAP storage Asterisk Security Team (Fri Aug 24 2007 - 18:26:10 EDT)
• Security vulnerability in BufferZone 2.5 seppi(at)seppig.de (Fri Aug 24 2007 - 18:24:20 EDT)
• n.runs-SA-2007.025 - ClamAV Remote Code Execution Advisory security(at)nruns.com (Fri Aug 24 2007 - 15:14:25 EDT)
• [USN-502-1] KDE vulnerabilities Kees Cook (Fri Aug 24 2007 - 15:03:17 EDT)
• n.runs-SA-2007.026 - Sophos Antivirus BZip parsing Infinite Loop Advisory security(at)nruns.com (Fri Aug 24 2007 - 15:14:41 EDT)
• security vulnerability in VMware seppi(at)seppig.de (Fri Aug 24 2007 - 18:34:05 EDT)
• about recent phpMyAdmin "vulnerabilities" Marc Delisle (Fri Aug 24 2007 - 08:02:23 EDT)
• 24th Chaos Communication Congress 2007: Call for Participation fukami (Fri Aug 24 2007 - 05:52:08 EDT)
• Tikiwiki 1.9.7 HTML/embed object injection morin.josh(at)gmail.com (Fri Aug 24 2007 - 02:57:59 EDT)
• The Korean Hacking & Security Conference "POC 2007" call for papers poc2007(at)gmail.com (Thu Aug 23 2007 - 21:04:28 EDT)
• Multiple denial of service in Soldat 1.4.2/2.6.2 Luigi Auriemma (Thu Aug 23 2007 - 19:28:39 EDT)
• Heap overflow in Skulltag 0.97d-beta4.1 Luigi Auriemma (Thu Aug 23 2007 - 19:19:47 EDT)
• FLEA-2007-0048-1 xterm Foresight Linux Essential Announcement Service (Thu Aug 23 2007 - 17:01:00 EDT)
• Security Advisory for Bugzilla 3.0, 2.22.1, and 2.20.4 mkanat(at)bugzilla.org (Thu Aug 23 2007 - 16:53:16 EDT)
• FLEA-2007-0047-1 rsync Foresight Linux Essential Announcement Service (Thu Aug 23 2007 - 16:52:51 EDT)
• rPSA-2007-0169-1 xterm rPath Update Announcements (Thu Aug 23 2007 - 14:52:48 EDT)
• [ MDKSA-2007:170 ] - Updated gimp packages fix input data validation issues in several plugins security(at)mandriva.com (Thu Aug 23 2007 - 15:05:23 EDT)
• X-Diesel Unreal Commander v0.92 (build 573) multiple vulnerabilities Gynvael Coldwind (Thu Aug 23 2007 - 07:39:44 EDT)
• Reminder: HITBSecConf2007 - Malaysia is less than 2 weeks away Praburaajan (Wed Aug 22 2007 - 23:43:01 EDT)
• VMWare poor guest isolation design M. Burnett (Wed Aug 22 2007 - 23:22:37 EDT)
  • Re: VMWare poor guest isolation design Arthur Corliss (Thu Aug 23 2007 - 12:49:15 EDT)
    • RE: VMWare poor guest isolation design M. Burnett (Thu Aug 23 2007 - 16:30:49 EDT)
      • RE: VMWare poor guest isolation design Arthur Corliss (Fri Aug 24 2007 - 03:50:51 EDT)
    • RE: VMWare poor guest isolation design William Holmberg (Thu Aug 23 2007 - 16:46:27 EDT)
      • RE: VMWare poor guest isolation design Arthur Corliss (Fri Aug 24 2007 - 03:16:17 EDT)
    • RE: VMWare poor guest isolation design James C. Slora Jr. (Thu Aug 23 2007 - 18:40:04 EDT)
    • Re: VMWare poor guest isolation design Jonathan Yu (Thu Aug 23 2007 - 21:06:36 EDT)
      • Re: VMWare poor guest isolation design Arthur Corliss (Fri Aug 24 2007 - 04:13:37 EDT)
      • Re: VMWare poor guest isolation design Jonathan Yu (Fri Aug 24 2007 - 09:51:51 EDT)
      • More on VMWare poor guest isolation design M. Burnett (Fri Aug 24 2007 - 21:29:57 EDT)
      • Re: More on VMWare poor guest isolation design Tim Newsham (Sat Aug 25 2007 - 15:05:13 EDT)
      • RE: More on VMWare poor guest isolation design M. Burnett (Mon Aug 27 2007 - 13:51:46 EDT)
      • RE: More on VMWare poor guest isolation design Tim Newsham (Mon Aug 27 2007 - 19:36:54 EDT)
      • RE: More on VMWare poor guest isolation design Arthur Corliss (Tue Aug 28 2007 - 02:49:35 EDT)
      • Re: More on VMWare poor guest isolation design Wietse Venema (Mon Aug 27 2007 - 10:37:35 EDT)
    • Re: VMWare poor guest isolation design Matt Richard (Fri Aug 24 2007 - 10:43:34 EDT)
      • Re: VMWare poor guest isolation design Arthur Corliss (Fri Aug 24 2007 - 14:03:28 EDT)
  • Re: VMWare poor guest isolation design Tim Newsham (Fri Aug 24 2007 - 17:07:08 EDT)
  • RE: VMWare poor guest isolation design Ken Kousky (Fri Aug 24 2007 - 14:42:40 EDT)
    • RE: VMWare poor guest isolation design Arthur Corliss (Fri Aug 24 2007 - 17:45:23 EDT)
      • RE: VMWare poor guest isolation design Ken Kousky (Sat Aug 25 2007 - 13:30:30 EDT)
      • RE: VMWare poor guest isolation design Arthur Corliss (Tue Aug 28 2007 - 02:22:08 EDT)
• rPSA-2007-0168-1 rsync rPath Update Announcements (Wed Aug 22 2007 - 20:29:01 EDT)
• phpress 0.2.0 (adisplay.php) Remote File Inclusion naxx (Wed Aug 22 2007 - 19:28:12 EDT)
• [ GLSA 200708-17 ] Opera: Multiple vulnerabilities Raphael Marichez (Wed Aug 22 2007 - 18:41:22 EDT)
• [ GLSA 200708-16 ] Qt: Multiple format string vulnerabilities Raphael Marichez (Wed Aug 22 2007 - 18:28:05 EDT)
• Buffer-overflow in the Asura engine Luigi Auriemma (Wed Aug 22 2007 - 19:13:28 EDT)
• Olate Download 3.4.2~download.php ~ sql injection imei Addmimistrator (Wed Aug 22 2007 - 14:00:29 EDT)
• TeamSpeak 2 Server Vulnerabilities? lehox (Tue Aug 21 2007 - 17:00:47 EDT)
  • Re: TeamSpeak 2 Server Vulnerabilities? 3APA3A (Thu Aug 23 2007 - 07:13:25 EDT)
• Announcement: Releasing CORE GRASP for PHP. An open source, dynamic web application protection system. Ezequiel Gutesman (Wed Aug 22 2007 - 15:59:46 EDT)
• Camino release 1.5.1 fixes several vulnerabilities Juha-Matti Laurio (Wed Aug 22 2007 - 15:09:47 EDT)
• Olate Download 3.4.2~modules/core/fldm.php~comments tag [url] XSS imei Addmimistrator (Wed Aug 22 2007 - 13:51:37 EDT)
• Olate Download 3.4.2~modules/core/uim.php~XSS imei Addmimistrator (Wed Aug 22 2007 - 13:50:09 EDT)
• HPSBST02255 SSRT071456 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS07-042 to MS07-050 security-alert(at)hp.com (Wed Aug 22 2007 - 14:08:12 EDT)
• Announcement: Releasing CORE GRASP for PHP. An open source, dynamic web application protection system. Ezequiel Gutesman (Wed Aug 22 2007 - 12:26:55 EDT)
• Ripe Website Manager SQL Injection and Cross Site Scripting Vulnerabilities OS2A BTO (Wed Aug 22 2007 - 12:06:12 EDT)
• Encryption Weakness in Sun Sun AS 9.0_0.1 (build b02-p01) fred(at)donovannetworks.com (Wed Aug 22 2007 - 08:09:50 EDT)
• Local Privilege Escalation Vulnerabilities in Lotus Notes Client kochetkov.vladimir(at)gmail.com (Wed Aug 22 2007 - 06:25:28 EDT)
  • Re: Local Privilege Escalation Vulnerabilities in Lotus Notes Client 3APA3A (Wed Aug 22 2007 - 12:29:51 EDT)
• [ MDKSA-2007:169 ] - Updated gdm packages fix DoS vulnerability security(at)mandriva.com (Wed Aug 22 2007 - 00:56:07 EDT)
• [ MDKSA-2007:168 ] - Updated vim packages fix vulnerability security(at)mandriva.com (Tue Aug 21 2007 - 20:01:36 EDT)
• iDefense Security Advisory 08.21.07: Trend Micro ServerProtect RPCFN_SYNC_TASK Integer Overflow Vulnerability iDefense Labs (Tue Aug 21 2007 - 18:43:02 EDT)
• iDefense Security Advisory 08.21.07: Trend Micro ServerProtect Multiple Buffer Overflow Vulnerabilities iDefense Labs (Tue Aug 21 2007 - 18:21:26 EDT)
• AST-2007-020: Resource Exhaustion Vulnerability in Asterisk SIP channel driver Asterisk Security Team (Tue Aug 21 2007 - 17:08:27 EDT)
• Vulnerabilities digest 3APA3A (Tue Aug 21 2007 - 15:36:43 EDT)
  • Re: Vulnerabilities digest Steven M. Christey (Wed Aug 22 2007 - 18:16:35 EDT)
• iDefense Security Advisory 08.20.07: Trend Micro SSAPI Long Path Buffer Overflow Vulnerability iDefense Labs (Tue Aug 21 2007 - 15:16:59 EDT)
• Joomla Component SimpleFAQ V2.11 - Remote SQL Injection k1tk4t(at)newhack.org (Mon Aug 20 2007 - 17:02:26 EDT)
• No cON Name 2007 - CALL FOR PAPERS deese(at)spezialk.net (Tue Aug 21 2007 - 07:31:50 EDT)
• [USN-501-1] jasper vulnerability Kees Cook (Tue Aug 21 2007 - 00:57:55 EDT)
• [USN-500-1] rsync vulnerability Kees Cook (Mon Aug 20 2007 - 18:37:44 EDT)
• Invision Power Board D22-Shoutbox HTML Injections DoZ(at)HackersCenter.com (Tue Aug 21 2007 - 00:34:19 EDT)
• SIEMENS Gigaset SE361 router XSS morin.josh(at)gmail.com (Tue Aug 21 2007 - 09:35:30 EDT)
• ZDI-07-049: EMC Legato Networker Remote Exec Service Stack Overflow Vulnerabilities zdi-disclosures(at)3com.com (Mon Aug 20 2007 - 16:40:46 EDT)
• Mambo Component SimpleFAQ V2.11 - Remote SQL Injection k1tk4t(at)newhack.org (Mon Aug 20 2007 - 16:31:17 EDT)
• [HISPASEC] Fileinfo 2.0.9 plugin for Total Commander multiple vulnerabilities Gynvael Coldwind (Mon Aug 20 2007 - 16:00:11 EDT)
• [ MDKSA-2007:167-1 ] - Updated libvorbis packages fix vulnerabilities security(at)mandriva.com (Mon Aug 20 2007 - 15:25:25 EDT)
• SYMSA-2007-007: Palm OS Treo Smartphone Denial of Service research(at)symantec.com (Fri Aug 17 2007 - 09:21:57 EDT)
  • Re: SYMSA-2007-007: Palm OS Treo Smartphone Denial of Service Stuart Moore (Mon Aug 20 2007 - 16:12:53 EDT)
    • RE: SYMSA-2007-007: Palm OS Treo Smartphone Denial of Service Michael Bednar (Mon Aug 20 2007 - 17:21:08 EDT)
      • Re: RE: SYMSA-2007-007: Palm OS Treo Smartphone Denial of Service bjohnson(at)bsu.edu (Tue Aug 21 2007 - 16:14:51 EDT)
      • Re: SYMSA-2007-007: Palm OS Treo Smartphone Denial of Service Tuc at T-B-O-H.NET (Tue Aug 21 2007 - 12:51:57 EDT)
      • Re: Re: SYMSA-2007-007: Palm OS Treo Smartphone Denial of Service s1m0n13(at)hotmail.com (Tue Aug 21 2007 - 11:46:39 EDT)
• report a bug ! Advisory(at)Aria-security.net (Sat Aug 18 2007 - 14:59:15 EDT)
  • Re: report a bug ! Steve Shockley (Mon Aug 20 2007 - 17:34:56 EDT)
    • Re: report a bug ! Draichis (Fri Aug 24 2007 - 00:00:47 EDT)
• [Reversemode Advisory] CheckPoint ZoneLabs Vsdatant.sys multiple local privilege escalation vulnerabilities Reversemode (Mon Aug 20 2007 - 12:56:34 EDT)
• [ MDKSA-2007:167 ] - Updated libvorbis packages fix vulnerabilities security(at)mandriva.com (Sat Aug 18 2007 - 20:43:52 EDT)
• [ MDKSA-2007:166 ] - Updated rsync packages fix off-by-one buffer overflow security(at)mandriva.com (Sat Aug 18 2007 - 20:32:38 EDT)
• [ GLSA 200708-14 ] NVIDIA drivers: Denial of Service Raphael Marichez (Sun Aug 19 2007 - 18:47:54 EDT)
• [SECURITY] [DSA 1357-1] New koffice packages fix arbitrary code execution Moritz Muehlenhoff (Sun Aug 19 2007 - 17:04:45 EDT)
• IMF 2007 - Call for Participation Oliver Goebel (Mon Aug 20 2007 - 11:12:28 EDT)
• iDefense Security Advisory 08.20.07: Check Point Zone Labs Multiple Products Privilege Escalation Vulnerability iDefense Labs (Mon Aug 20 2007 - 11:27:47 EDT)
• iDefense Security Advisory 08.20.07: Check Point Zone Labs VSDATANT Multiple IOCTL Privilege Escalation Vulnerabilities iDefense Labs (Mon Aug 20 2007 - 11:39:27 EDT)
• [ GLSA 200708-15 ] Apache mod_jk: Directory traversal Raphael Marichez (Sun Aug 19 2007 - 18:57:24 EDT)
• Astaro DOS and POP3 bypass issues partially resolved William Warren (Sat Aug 18 2007 - 20:48:01 EDT)
• OWASP Mumbai Meeting : 6th Sep 2007 dharmeshmm(at)gmail.com (Mon Aug 20 2007 - 09:47:39 EDT)
• Gurur Haber v2.0 the.dumenci(at)gmail.com (Mon Aug 20 2007 - 07:02:00 EDT)
• Unexploitable buffer-overflow in the logging function of the Unreal engine Luigi Auriemma (Sat Aug 18 2007 - 18:04:52 EDT)
  • Re: Unexploitable buffer-overflow in the logging function of the Unreal engine rickmccl(at)gmail.com (Wed Aug 29 2007 - 10:48:35 EDT)
    • Re[2]: Unexploitable buffer-overflow in the logging function of the Unreal engine 3APA3A (Wed Aug 29 2007 - 14:58:32 EDT)
• Multiple vulnerabilities in Toribash 2.71 Luigi Auriemma (Sat Aug 18 2007 - 18:06:26 EDT)
• Multiple vulnerabilities in rFactor 1.250 Luigi Auriemma (Sat Aug 18 2007 - 18:05:44 EDT)
• [ GLSA 200708-13 ] BIND: Weak random number generation Raphael Marichez (Sat Aug 18 2007 - 13:38:00 EDT)
• Remote Memory Read in Diskeeper 9 - 2007 auto48696(at)hushmail.com (Thu Aug 16 2007 - 15:17:07 EDT)
• iDefense Security Advisory 08.16.07: IBM DB2 Universal Database Directory Creation Vulnerability iDefense Labs (Thu Aug 16 2007 - 18:55:39 EDT)
• iDefense Security Advisory 08.16.07: IBM DB2 Universal Database Multiple File Creation Vulnerabilities iDefense Labs (Thu Aug 16 2007 - 18:55:30 EDT)
• Re: iDefense Security Advisory 08.16.07: IBM DB2 Universal Database Multiple Race Condition Vulnerabilities iDefense Labs (Thu Aug 16 2007 - 18:54:58 EDT)
• HPSBMA02242 SSRT061260 rev.2 - HP OpenView Network Node Manager (OV NNM) Running Shared Trace Service, Remote Arbitrary Code Execution -------- security-alert(at)hp.com (Fri Aug 17 2007 - 13:47:21 EDT)
• Cross Platform remote IM vulnerability / DOS Danslo(at)yahoo.com (Fri Aug 17 2007 - 15:04:27 EDT)
  • Re: Cross Platform remote IM vulnerability / DOS Gavin Hanover (Fri Aug 17 2007 - 16:15:15 EDT)
  • Re: Cross Platform remote IM vulnerability / DOS J. Oquendo (Fri Aug 17 2007 - 16:37:46 EDT)
• Skype Network Remote DoS Exploit Valery Marchuk (Fri Aug 17 2007 - 03:13:04 EDT)
  • Re: Skype Network Remote DoS Exploit Steven M. Christey (Mon Aug 20 2007 - 13:39:14 EDT)
    • RE: Skype Network Remote DoS Exploit Marc Maiffret (Mon Aug 20 2007 - 17:05:32 EDT)
      • RE: Skype Network Remote DoS Exploit David Harley (Tue Aug 21 2007 - 06:25:47 EDT)
    • Re[2]: Skype Network Remote DoS Exploit Matthew Leeds (Mon Aug 20 2007 - 17:50:30 EDT)
    • Re: Skype Network Remote DoS Exploit Valery Marchuk (Mon Aug 20 2007 - 21:52:23 EDT)
      • Re: Skype Network Remote DoS Exploit Roland Dobbins (Tue Aug 21 2007 - 13:44:34 EDT)
  • Re: Skype Network Remote DoS Exploit Jay (Tue Aug 21 2007 - 15:18:22 EDT)
• ToorCon 9 CFP David Hulton (Thu Aug 16 2007 - 20:00:40 EDT)
• Olate Download 3.4.1~environment.php.php~Code Execution imei Addmimistrator (Fri Aug 17 2007 - 07:45:25 EDT)
• Release of Pass-The-Hash Toolkit for Windows v1.0 Hernan Ochoa (Wed Aug 15 2007 - 18:29:24 EDT)
• vBulletin V3.6.8 XSS Password Md5 Hash RaeD(at)BsdMail.Com (Fri Aug 17 2007 - 06:56:04 EDT)
  • Re: vBulletin V3.6.8 XSS Password Md5 Hash scott-REMOVE(at)vbulletin.com (Fri Aug 17 2007 - 13:23:56 EDT)
• iDefense Security Advisory 08.16.07: IBM DB2 Universal Database Multiple Untrusted Search Path Vulnerabilities iDefense Labs (Thu Aug 16 2007 - 18:55:46 EDT)
• rPSA-2007-0164-1 kernel rPath Update Announcements (Thu Aug 16 2007 - 19:31:11 EDT)
• iDefense Security Advisory 08.16.07: IBM DB2 Universal Database buildDasPaths Buffer Overflow Vulnerability iDefense Labs (Thu Aug 16 2007 - 18:55:54 EDT)
• iDefense Security Advisory 08.16.07: IBM DB2 Universal Database Directory Traversal Vulnerability iDefense Labs (Thu Aug 16 2007 - 18:55:21 EDT)
• [USN-499-1] Apache vulnerabilities Kees Cook (Fri Aug 17 2007 - 00:41:48 EDT)
• [ GLSA 200708-10 ] MySQL: Denial of Service and information leakage Raphael Marichez (Thu Aug 16 2007 - 13:02:20 EDT)
• Local privilege escalation vulnerability in Cisco VPN client NGSSoftware Insight Security Research (Thu Aug 16 2007 - 05:48:52 EDT)
• [ GLSA 200708-12 ] Wireshark: Multiple vulnerabilities Raphael Marichez (Thu Aug 16 2007 - 15:55:00 EDT)
• [ GLSA 200708-11 ] Lighttpd: Multiple vulnerabilities Raphael Marichez (Thu Aug 16 2007 - 15:44:13 EDT)
• TS-2007-003-0: BlueCat Networks Adonis CLI root privilege escalation anonymous.c7ffa4057a (Thu Aug 16 2007 - 12:50:28 EDT)
  • Re: TS-2007-003-0: BlueCat Networks Adonis CLI root privilege escalation security(at)bluecatnetworks.com (Mon Aug 20 2007 - 15:23:47 EDT)
• Another Oracle Forensics Paper... David Litchfield (Thu Aug 16 2007 - 08:12:36 EDT)
• FLEA-2007-0046-1 cups Foresight Linux Essential Announcement Service (Thu Aug 16 2007 - 08:51:22 EDT)
• MS07-042 XMLDOM substringData() PoC Alla Bezroutchko (Thu Aug 16 2007 - 05:32:10 EDT)
• Olate Download 3.4.1 ~ admin.php ~ Admin authentication bypassing imei Addmimistrator (Thu Aug 16 2007 - 12:30:17 EDT)
  • Re: Olate Download 3.4.1 ~ admin.php ~ Admin authentication bypassing postmaster(at)centrixonline.com (Tue Aug 21 2007 - 01:14:29 EDT)
• [USN-498-1] libvorbis vulnerabilities Kees Cook (Thu Aug 16 2007 - 01:23:12 EDT)
• TlbInf32 ActiveX Command Execution Brett Moore (Wed Aug 15 2007 - 19:06:14 EDT)
• [SECURITY] [DSA 1356-1] New Linux 2.6.18 packages fix several vulnerabilities dann frazier (Wed Aug 15 2007 - 21:00:53 EDT)
• [ MDKSA-2007:165 ] - Updated cups packages fix vulnerability security(at)mandriva.com (Wed Aug 15 2007 - 15:54:22 EDT)
• Safari for windows remote arbitry file upload laurent.gaffie(at)gmail.com (Sat Aug 11 2007 - 11:09:59 EDT)
  • Re: Safari for windows remote arbitry file upload Neil Dickey (Wed Aug 15 2007 - 17:18:43 EDT)
    • Re: Re: Safari for windows remote arbitry file upload laurent.gaffie(at)gmail.com (Thu Aug 16 2007 - 17:32:51 EDT)
    • Re: Re: Safari for windows remote arbitry file upload Neil Dickey (Mon Aug 20 2007 - 18:08:00 EDT)
• Contact at Secure Computing Dave Piscitello (Tue Aug 14 2007 - 12:54:20 EDT)
• Trackeur v.1 Remote File &#304;nclude Bug cybermilitan(at)hotmail.com (Tue Aug 14 2007 - 09:04:59 EDT)
  • Re: Trackeur v.1 Remote File &#304;nclude Bug the.tiger100(at)gmail.com (Thu Aug 16 2007 - 11:25:02 EDT)
• rPSA-2007-0161-1 dovecot rPath Update Announcements (Tue Aug 14 2007 - 18:12:33 EDT)
• iDefense Security Advisory 08.15.07: ESRI ArcSDE Numeric Literal Buffer Overflow Vulnerability iDefense Labs (Wed Aug 15 2007 - 14:40:55 EDT)
• Systme de vote en temps rel v1.0 Remote File include Bug cybermilitan(at)hotmail.com (Tue Aug 14 2007 - 09:05:42 EDT)
• [ MDKSA-2007:162 ] - Updated kdegraphics packages fix vulnerability security(at)mandriva.com (Tue Aug 14 2007 - 16:22:24 EDT)
• Cisco Security Advisory: Local Privilege Escalation Vulnerabilities in Cisco VPN Client Cisco Systems Product Security Incident Response Team (Wed Aug 15 2007 - 12:49:35 EDT)
• HPSBMA02240 SSRT061260 rev.1 - HP OpenView Operations Manager for Windows (OVOW) with the OpenView Operations Add On Module for OpenView Operations-Business Availability Center Integration Running Shared Trace Service, Remote Arbitrary Code Execution security-alert(at)hp.com (Wed Aug 15 2007 - 11:34:54 EDT)
• SecNiche : Microsoft Internet Explorer Pop up Blocker Bypassing and Dos Vulnerability Aditya K Sood (Thu Aug 16 2007 - 23:36:58 EDT)
  • RE: [Full-disclosure] SecNiche : Microsoft Internet Explorer Pop up Blocker Bypassing and Dos Vulnerability Debasis Mohanty (Wed Aug 15 2007 - 12:57:08 EDT)
    • Re: [Full-disclosure] SecNiche : Microsoft Internet Explorer Pop up Blocker Bypassing and Dos Vulnerability Aditya K Sood (Fri Aug 17 2007 - 01:59:14 EDT)
• McAfee Virus Scan for Linux and Unix v5.10.0 Local Buffer Overflow Sebastian Wolfgarten (Wed Aug 15 2007 - 08:56:54 EDT)
  • Re: [Full-disclosure] McAfee Virus Scan for Linux and Unix v5.10.0 Local Buffer Overflow Harry Muchow (Wed Aug 15 2007 - 11:48:39 EDT)
• NSFOCUS SA2007-01 : Microsoft IE5 CSS Parsing Memory Corruption Vulnerability NSFOCUS Security Team (Wed Aug 15 2007 - 03:32:33 EDT)
• Cross Site Request Forgery in 2wire routers hkm(at)hakim.ws (Wed Aug 15 2007 - 01:48:10 EDT)
• [ GLSA 200708-09 ] Mozilla products: Multiple vulnerabilities Raphael Marichez (Tue Aug 14 2007 - 19:27:56 EDT)
• iDefense Security Advisory 08.14.07: Microsoft XML Core Services XMLDOM Memory Corruption Vulnerability iDefense Labs (Tue Aug 14 2007 - 18:57:13 EDT)
• iDefense Security Advisory 08.14.07: Microsoft Windows Vista Sidebar RSS Feeds Gadget Cross Site Scripting Vulnerability iDefense Labs (Tue Aug 14 2007 - 18:34:59 EDT)
• [ MDKSA-2007:164 ] - Updated tetex packages fix multiple vulnerabilities security(at)mandriva.com (Tue Aug 14 2007 - 18:26:14 EDT)
• ZDI-07-047: Microsoft Windows Media Player Malformed Skin Header Code Execution Vulnerability zdi-disclosures(at)3com.com (Tue Aug 14 2007 - 16:32:05 EDT)
• ZDI-07-046: Microsoft Windows Media Player Skin Parsing Size Mismatch Heap Overflow Vulnerability zdi-disclosures(at)3com.com (Tue Aug 14 2007 - 16:31:15 EDT)
• TPTI-07-14: HP OpenView Multiple Product Shared Trace Service Stack Overflow Vulnerabilities TSRT(at)3com.com (Tue Aug 14 2007 - 17:13:39 EDT)
• Multiple vulnerabilities in Babo Violent 2 2.08.00 Luigi Auriemma (Tue Aug 14 2007 - 18:05:45 EDT)
• ZDI-07-048: Microsoft Internet Explorer substringData() Heap Overflow Vulnerability zdi-disclosures(at)3com.com (Tue Aug 14 2007 - 16:33:13 EDT)
• [ MDKSA-2007:163 ] - Updated koffice packages fix vulnerability security(at)mandriva.com (Tue Aug 14 2007 - 17:02:56 EDT)
• FLEA-2007-0045-1 poppler Foresight Linux Essential Announcement Service (Tue Aug 14 2007 - 16:30:57 EDT)
• rPSA-2007-0160-1 openoffice.org rPath Update Announcements (Tue Aug 14 2007 - 17:12:20 EDT)
• Crash in Zoidcom 0.6.7 Luigi Auriemma (Tue Aug 14 2007 - 18:18:09 EDT)
• Multiple vulnerabilities in Live for Speed 0.5X10 Luigi Auriemma (Tue Aug 14 2007 - 18:02:39 EDT)
• FLEA-2007-0044-1 tetex tetex-dvips tetex-fonts Foresight Linux Essential Announcement Service (Tue Aug 14 2007 - 15:47:54 EDT)
• EEYE: Windows Metafile AttemptWrite Heap Overflow eEye Advisories (Tue Aug 14 2007 - 15:47:21 EDT)
• EEYE: VGX.DLL Compressed Content Heap Overflow Vulnerability eEye Advisories (Tue Aug 14 2007 - 15:47:18 EDT)
• IBM Rational ClearQuest Web SQL Injection Login Bypass swhite(at)securestate.com (Tue Aug 14 2007 - 13:53:17 EDT)
• WireShark MMS Remote Denial of Service vulnerability zwell(at)sohu.com (Tue Aug 14 2007 - 12:41:24 EDT)
• COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability Wojciech Purczynski (Tue Aug 14 2007 - 11:17:14 EDT)
  • Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability Dan Yefimov (Tue Aug 14 2007 - 14:20:32 EDT)
    • Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability Wojciech Purczynski (Tue Aug 14 2007 - 16:18:38 EDT)
      • Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability Dan Yefimov (Tue Aug 14 2007 - 16:49:49 EDT)
    • Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability Glynn Clements (Wed Aug 15 2007 - 11:23:07 EDT)
      • Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability Dan Yefimov (Wed Aug 15 2007 - 13:54:35 EDT)
      • Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability Glynn Clements (Wed Aug 15 2007 - 21:18:53 EDT)
      • Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability Dan Yefimov (Thu Aug 16 2007 - 09:17:29 EDT)
      • Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability Glynn Clements (Thu Aug 16 2007 - 15:37:23 EDT)
      • Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability Dan Yefimov (Thu Aug 16 2007 - 21:27:40 EDT)
      • Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability Glynn Clements (Fri Aug 17 2007 - 09:37:30 EDT)
      • Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability Dan Yefimov (Fri Aug 17 2007 - 10:07:18 EDT)
      • Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability Glynn Clements (Fri Aug 17 2007 - 17:33:35 EDT)
      • Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability Dan Yefimov (Sat Aug 18 2007 - 07:02:49 EDT)
      • Re: Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability x82_(at)bk.ru (Wed Aug 15 2007 - 06:19:43 EDT)
      • Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability Wojciech Purczynski (Wed Aug 15 2007 - 16:31:44 EDT)
      • Re: Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability x82_(at)bk.ru (Thu Aug 16 2007 - 12:44:14 EDT)
      • Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability Nicolas Rachinsky (Fri Aug 17 2007 - 16:20:48 EDT)
      • Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability Dan Yefimov (Fri Aug 17 2007 - 16:35:40 EDT)
  • Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability Wojciech Purczynski (Tue Aug 14 2007 - 17:03:46 EDT)
    • Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability Dan Yefimov (Wed Aug 15 2007 - 08:46:28 EDT)
      • Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability Wojciech Purczynski (Wed Aug 15 2007 - 15:09:48 EDT)
      • Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability Dan Yefimov (Wed Aug 15 2007 - 16:50:58 EDT)
      • Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability Wojciech Purczynski (Wed Aug 15 2007 - 17:05:09 EDT)
      • Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability Dan Yefimov (Wed Aug 15 2007 - 17:19:31 EDT)
      • Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability Wojciech Purczynski (Wed Aug 15 2007 - 17:37:53 EDT)
      • Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability Dan Yefimov (Wed Aug 15 2007 - 18:16:53 EDT)
• DeskPRO Admin Panel Multiple HTML Injections DoZ(at)HackersCenter.com (Tue Aug 14 2007 - 10:41:17 EDT)
• [USN-497-1] xfce4-terminal vulnerability Kees Cook (Mon Aug 13 2007 - 23:32:55 EDT)
• CVE-2007-3386: XSS in Host Manager Mark Thomas (Mon Aug 13 2007 - 23:28:50 EDT)
• CVE-2007-3385: Handling of \" in cookies Mark Thomas (Mon Aug 13 2007 - 23:28:37 EDT)
• [ MDKSA-2007:158 ] - Updated xpdf packages fix vulnerability security(at)mandriva.com (Mon Aug 13 2007 - 20:29:11 EDT)
• CVE-2007-3382: Handling of cookies containing a ' character Mark Thomas (Mon Aug 13 2007 - 23:28:21 EDT)
  • Re: CVE-2007-3382: Handling of cookies containing a ' character Christopher Schultz (Tue Aug 14 2007 - 11:52:22 EDT)
• [ MDKSA-2007:160 ] - Updated pdftohtml packages fix vulnerability security(at)mandriva.com (Mon Aug 13 2007 - 20:48:31 EDT)
• [ MDKSA-2007:161 ] - Updated poppler packages fix vulnerability security(at)mandriva.com (Mon Aug 13 2007 - 23:02:11 EDT)
• PHP Blue Dragon CMS 3.0.0 Remote File Inclusion Vulnerability (0dd exploit) Emanuele Gentili (Mon Aug 13 2007 - 22:38:59 EDT)
• [ MDKSA-2007:159 ] - Updated gpdf packages fix vulnerability security(at)mandriva.com (Mon Aug 13 2007 - 20:33:15 EDT)
• [security bulletin] HPSBMA02239 SSRT061260 rev.1 - HP OpenView Operations (OVO) Agents Running Shared Trace Service, Remote Arbitrary Code Execution security-alert(at)hp.com (Mon Aug 13 2007 - 16:19:22 EDT)
• FLEA-2007-0043-1 openssl Foresight Linux Essential Announcement Service (Mon Aug 13 2007 - 16:48:10 EDT)
• [security bulletin] HPSBMA02244 SSRT061260 rev.1 - HP OpenView Business Process Insight and Related Products Running Shared Trace Service, Remote Arbitrary Code Execution security-alert(at)hp.com (Mon Aug 13 2007 - 16:22:20 EDT)
• [security bulletin] HPSBMA02235 SSRT061260 rev.1 - HP OpenView Internet Service (OVIS) Running Shared Trace Service, Remote Arbitrary Code Execution security-alert(at)hp.com (Mon Aug 13 2007 - 16:15:51 EDT)
• [security bulletin] HPSBMA02246 SSRT061260 rev.1 - HP OpenView Performance Insight (OVPI) Running Shared Trace Service, Remote Arbitrary Code Execution -------- security-alert(at)hp.com (Mon Aug 13 2007 - 16:25:46 EDT)
• [security bulletin] HPSBMA02245 SSRT061260 rev.1 - HP OpenView Dashboard Running Shared Trace Service, Remote Arbitrary Code Execution security-alert(at)hp.com (Mon Aug 13 2007 - 16:23:24 EDT)
• [security bulletin] HPSBMA02242 SSRT061260 rev.1 - HP OpenView Network Node Manager (OV NNM) Running Shared Trace Service, Remote Arbitrary Code Execution security-alert(at)hp.com (Mon Aug 13 2007 - 16:21:18 EDT)
• [security bulletin] HPSBMA02241 SSRT061260 rev.1 - HP OpenView Service Quality Manager (OV SQM) Running Shared Trace Service, Remote Arbitrary Code Execution security-alert(at)hp.com (Mon Aug 13 2007 - 16:20:14 EDT)
• [security bulletin] HPSBMA02238 SSRT061260 rev.1 - HP OpenView Reporter Running Shared Trace Service, Remote Arbitrary Code Execution security-alert(at)hp.com (Mon Aug 13 2007 - 16:18:16 EDT)
• [security bulletin] HPSBMA02237 SSRT061260 rev.1 - HP OpenView Performance Agent (OVPA) Running Shared Trace Service, Remote Arbitrary Code Execution security-alert(at)hp.com (Mon Aug 13 2007 - 16:17:25 EDT)
• [SECURITY] [DSA 1355-1] New kdegraphics packages fix arbitrary code execution Moritz Muehlenhoff (Mon Aug 13 2007 - 15:18:23 EDT)
• Remote Denial of Service for SSH service at Dell DRAC4 (maybe Mocana SSH) Robert Scheck (Mon Aug 13 2007 - 12:09:06 EDT)
  • Re: Remote Denial of Service for SSH service at Dell DRAC4 (maybeMocana SSH) Thierry Zoller (Mon Aug 13 2007 - 15:29:51 EDT)
    • Re: Remote Denial of Service for SSH service at Dell DRAC4 (maybeMocana SSH) Robert Scheck (Wed Aug 15 2007 - 04:38:31 EDT)
• Streamripper 1.62.1 - Buffer Overflows chris.rohlf(at)gmail.com (Sun Aug 12 2007 - 19:01:20 EDT)
• Multiple vulnerabilities in ircu Wouter Coekaerts (Sun Aug 12 2007 - 11:05:16 EDT)
• eXV2.de Browser Cookie is not properly sanitised webmaster(at)i-s-o.org (Mon Aug 13 2007 - 04:56:46 EDT)
• JobLister3 SQL injection vulnerabilities joseph.giron13(at)gmail.com (Mon Aug 13 2007 - 02:26:13 EDT)
• [SECURITY] [DSA 1354-1] New gpdf packages fix arbitrary code execution Moritz Muehlenhoff (Mon Aug 13 2007 - 13:13:33 EDT)
• [o0o] Bypassing servlet input validation filters (OWASP Stinger + Struts example) Meder Kydyraliev (Mon Aug 13 2007 - 12:45:21 EDT)
• Default Root Password in Infrant (now Netgear) ReadyNAS "RAIDiator" Felix Domke (Mon Aug 13 2007 - 08:52:26 EDT)
• Vulnerability in multiple "now playing" scripts for various IRC clients Wouter Coekaerts (Sun Aug 12 2007 - 13:02:24 EDT)
  • Re: Vulnerability in multiple "now playing" scripts for various IRC clients v9(at)fakehalo.us (Wed Aug 15 2007 - 12:27:48 EDT)
    • Re: Vulnerability in multiple "now playing" scripts for various IRC clients Michael Tharp (Wed Aug 15 2007 - 13:34:38 EDT)
    • Re: Vulnerability in multiple "now playing" scripts for various IRC clients Wouter Coekaerts (Thu Aug 16 2007 - 14:57:16 EDT)
• Neuron Blog Admin Permission Bypass and Remote File Upload Vulnerability rizgar(at)linuxmail.org (Mon Aug 13 2007 - 04:17:15 EDT)
• PHPCentral Poll Script Remote Command Execution Vulnerability rizgar(at)linuxmail.org (Sun Aug 12 2007 - 11:17:30 EDT)
  • Re: PHPCentral Poll Script Remote Command Execution Vulnerability Coopercentral(at)gmail.com (Mon Aug 20 2007 - 16:10:22 EDT)
    • Re: PHPCentral Poll Script Remote Command Execution Vulnerability Eren Türkay (Mon Aug 20 2007 - 17:11:57 EDT)
• PHPCentral Login Script Remote Command Execution Vulnerability rizgar(at)linuxmail.org (Sun Aug 12 2007 - 11:12:58 EDT)
  • Re: PHPCentral Login Script Remote Command Execution Vulnerability Magnus Holmgren (Tue Aug 14 2007 - 04:16:18 EDT)
  • Re: PHPCentral Login Script Remote Command Execution Vulnerability Steven M. Christey (Tue Aug 14 2007 - 21:09:42 EDT)
• [ GLSA 200708-07 ] Xfce Terminal: Remote arbitrary code execution Raphael Marichez (Sat Aug 11 2007 - 17:59:18 EDT)
• mcNews (skinfile) Remote File Include Vulnerability ilkerkandemir(at)mynet.com (Sat Aug 11 2007 - 11:09:54 EDT)
• CounterPath X-Lite SIP phone Remote Denial of Service vulnerability zwell(at)sohu.com (Sun Aug 12 2007 - 00:31:44 EDT)
• Beautifier Version 0.1 Remote File Include Vulnerability // MefistoLabs.Com ilkerkandemir(at)mynet.com (Sat Aug 11 2007 - 11:06:24 EDT)
• Lib2 PHP v0.2 (DOCUMENT_ROOT) Remote File Inclusion Vulnerability ilkerkandemir(at)mynet.com (Sat Aug 11 2007 - 11:05:16 EDT)
• WengoPhone SIP phone Remote Denial of Service vulnerability zwell(at)sohu.com (Sun Aug 12 2007 - 00:41:13 EDT)
• SOTEeSKLEP Remote File Disclosure Vulnerability theoden(at)interia.pl (Mon Aug 13 2007 - 08:37:41 EDT)
  • Re: SOTEeSKLEP Remote File Disclosure Vulnerability m(at)sote.pl (Tue Aug 14 2007 - 09:46:38 EDT)
• [ GLSA 200708-08 ] SquirrelMail G/PGP plugin: Arbitrary code execution Raphael Marichez (Sat Aug 11 2007 - 18:18:48 EDT)
• [ GLSA 200708-06 ] Net::DNS: Multiple vulnerabilities Raphael Marichez (Sat Aug 11 2007 - 17:32:22 EDT)
• Best Top List Remote File Upload Vulnerability rizgar(at)linuxmail.org (Sat Aug 11 2007 - 12:51:00 EDT)
• phpDVD v1.0.4 (dvd_config_file) Remote File Include Exploit ilkerkandemir(at)mynet.com (Sat Aug 11 2007 - 11:04:36 EDT)
  • Re: phpDVD v1.0.4 (dvd_config_file) Remote File Include Exploit BlackHawk (Tue Aug 14 2007 - 03:23:37 EDT)
• [SECURITY] [DSA 1353-1] New tcpdump packages fix arbitrary code execution Moritz Muehlenhoff (Sat Aug 11 2007 - 06:59:22 EDT)
• FCMS (Family Connections) <= 0.1.1 Remote Command Execution Exploit // www.MefistoLabs.com ilkerkandemir(at)mynet.com (Sat Aug 11 2007 - 11:07:52 EDT)
  • Re: FCMS (Family Connections) <= 0.1.1 Remote Command Execution Exploit // www.MefistoLabs.com hawkgotyou(at)gmail.com (Mon Aug 13 2007 - 13:15:18 EDT)
• [ MDKSA-2007:157 ] - Updated kdelibs packages fix cross-site scripting (XSS) vulnerabilities security(at)mandriva.com (Fri Aug 10 2007 - 20:58:41 EDT)
• php-stats xss whois.php vasodipandora(at)gmail.com (Sat Aug 11 2007 - 10:21:06 EDT)
• [ MDKSA-2007:156 ] - Updated imlib2 packages fix several issues security(at)mandriva.com (Fri Aug 10 2007 - 18:47:14 EDT)
• [ MDKSA-2007:155 ] - Updated tcpdump packages fix remote denial of service security(at)mandriva.com (Thu Aug 09 2007 - 20:41:58 EDT)
• Zyxel Zywall 2 multiple vulnerabilities Henri Lindberg - Smilehouse Oy (Fri Aug 10 2007 - 06:35:35 EDT)
• Joomla 1.0.12 CMS - Session fixation Issue in backend Administration interface router(at)email.si (Fri Aug 10 2007 - 01:18:47 EDT)
• rPSA-2007-0157-1 firefox thunderbird rPath Update Announcements (Fri Aug 10 2007 - 09:41:33 EDT)
• [ GLSA 200708-05 ] GD: Multiple vulnerabilities Raphael Marichez (Thu Aug 09 2007 - 18:21:06 EDT)
• rPSA-2007-0155-1 openssl openssl-scripts rPath Update Announcements (Fri Aug 10 2007 - 09:38:37 EDT)
• [HS-A007] Qbik WinGate Remote Denial of Service Harmony Security Advisory (Fri Aug 10 2007 - 00:28:42 EDT)
• [ MDKSA-2007:154 ] - Updated xine-ui packages fix denial of service and arbitrary code execution security(at)mandriva.com (Thu Aug 09 2007 - 19:34:22 EDT)
• rPSA-2007-0154-1 cups poppler tetex tetex-afm tetex-dvips tetex-fonts tetex-latex tetex-xdvi rPath Update Announcements (Fri Aug 10 2007 - 09:37:40 EDT)
• New Oracle Forensics Paper David Litchfield (Fri Aug 10 2007 - 09:17:19 EDT)
• BH/DC: Tactical Exploitation Materials H D Moore (Thu Aug 09 2007 - 19:38:15 EDT)
• TSLSA-2007-0024 - multi Trustix Security Advisor (Fri Aug 10 2007 - 09:31:58 EDT)
• [ GLSA 200708-04 ] ClamAV: Denial of Service Raphael Marichez (Thu Aug 09 2007 - 18:10:50 EDT)
• Join us at OWASP Mumbai Meet : 6th September 2007 dharmeshmm(at)owasp.org (Thu Aug 09 2007 - 05:10:44 EDT)
• FinDix Remote File Inclusion Vulnerability rizgar(at)linuxmail.org (Thu Aug 09 2007 - 09:41:39 EDT)
• iDefense Security Advisory 08.09.07: Hewlett-Packard OpenView Operations OVTrace Buffer Overflow Vulnerabilities iDefense Labs (Thu Aug 09 2007 - 15:03:22 EDT)
• VNSECON07 Materials released Jerome Athias (Wed Aug 08 2007 - 15:41:58 EDT)
• Design flaw in AS3 socket handling allows port probing fukami (Thu Aug 09 2007 - 14:21:41 EDT)
• Shoutbox 1.0 Remote Command Execution Vulnerability rizgar(at)linuxmail.org (Thu Aug 09 2007 - 12:18:59 EDT)
• File Uploader Version 1.1 Remote Command Execution Vulnerability rizgar(at)linuxmail.org (Thu Aug 09 2007 - 12:18:31 EDT)
• Web News 1.1 Remote Command Execution Vulnerability rizgar(at)linuxmail.org (Thu Aug 09 2007 - 12:18:03 EDT)
• Bilder Uploader 1.3 Remote Command Execution Vulnerability rizgar(at)linuxmail.org (Thu Aug 09 2007 - 12:17:32 EDT)
• Mapos Bilder Galerie Version 1.0 Remote Command Execution Vulnerability rizgar(at)linuxmail.org (Thu Aug 09 2007 - 12:17:02 EDT)
• Gstebuch Version 1.5 Remote Command Execution Vulnerability rizgar(at)linuxmail.org (Thu Aug 09 2007 - 12:16:38 EDT)
  • Re: Gstebuch Version 1.5 Remote Command Execution Vulnerability ilkerkandemir(at)mynet.com (Fri Aug 10 2007 - 05:57:48 EDT)
    • Re: Gstebuch Version 1.5 Remote Command Execution Vulnerability Carsten Eilers (Fri Aug 10 2007 - 16:10:26 EDT)
• Summercon 2007 Atlanta August 24 - 26 rragan(at)spidynamics.com (Thu Aug 09 2007 - 12:09:23 EDT)
• Cisco NHRP denial of service (cisco-sa-20070808-nhrp) Martin Kluge (Thu Aug 09 2007 - 04:54:38 EDT)
• [ GLSA 200708-03 ] libarchive (formerly named as bsdtar): Multiple pax Extension Header Vulnerabilities Raphael Marichez (Wed Aug 08 2007 - 18:43:11 EDT)
• [Aria-Security.net] SAS Hotel Management System SQL Injection Advisory(at)Aria-security.net (Thu Aug 09 2007 - 03:33:56 EDT)
• [ GLSA 200708-01 ] Macromedia Flash Player: Remote arbitrary code execution Raphael Marichez (Wed Aug 08 2007 - 16:50:47 EDT)
• [ GLSA 200708-02 ] Xvid: Array indexing vulnerabilities Raphael Marichez (Wed Aug 08 2007 - 17:26:36 EDT)
• Coppermine Photo Gallery (yabbse.inc.php) Remote File Inclusion Vulnerability master-of-desastor(at)hotmail.com (Mon Aug 06 2007 - 23:23:04 EDT)
  • Re: Coppermine Photo Gallery (yabbse.inc.php) Remote File Inclusion Vulnerability laurent.gaffie(at)gmail.com (Thu Aug 09 2007 - 18:49:43 EDT)
• Cisco Security Advisory: Cisco IOS Secure Copy Authorization Bypass Vulnerability Cisco Systems Product Security Incident Response Team (Wed Aug 08 2007 - 12:37:21 EDT)
• Guestbook Script 1.9 RFI Ma$tEr-0F-De$a$t0r(at)hotmail.com (Tue Aug 07 2007 - 23:22:52 EDT)
  • Re: Guestbook Script 1.9 RFI laurent.gaffie(at)gmail.com (Thu Aug 09 2007 - 18:50:03 EDT)
• [USN-496-2] poppler vulnerability Kees Cook (Tue Aug 07 2007 - 19:28:00 EDT)
• XSS vulnerability in Cisco MeetingPlace Disclosure (Wed Aug 08 2007 - 10:30:00 EDT)
  • RE: XSS vulnerability in Cisco MeetingPlace Paul Oxman (poxman) (Wed Aug 08 2007 - 12:29:52 EDT)
• DoS in Microsoft Media Player 11 on Win XP SP2 thesinoda(at)hotmail.com (Tue Aug 07 2007 - 20:53:57 EDT)
• ASA-2007-019: Remote crash vulnerability in Skinny channel driver Security Response Team (Tue Aug 07 2007 - 18:07:34 EDT)
• iDefense Security Advisory 08.07.07: Apple Mac OS X mDNSResponder HTTP Request Heap Overflow Vulnerability iDefense Labs (Tue Aug 07 2007 - 18:29:57 EDT)
• [SECURITY] [DSA 1351-] New bochs packages fix privilege escalation Moritz Muehlenhoff (Tue Aug 07 2007 - 17:19:59 EDT)
• iDefense Security Advisory 08.07.07: Hewlett-Packard HP-UX Remote ldcconn Buffer Overflow Vulnerability iDefense Labs (Tue Aug 07 2007 - 17:22:59 EDT)
• [SECURITY] [DSA 1352-1] New pdfkit.framework packages fix arbitrary code execution Moritz Muehlenhoff (Tue Aug 07 2007 - 17:25:54 EDT)
• VietPHP Remote File Inclusion Vulnerbility master-of-desastor(at)hotmail.com (Tue Aug 07 2007 - 08:30:02 EDT)
• C-SAM oneWallet forget password Cross Site Scripting vulnerability tusharvartak(at)hotmail.com (Tue Aug 07 2007 - 03:33:51 EDT)
• ZDI-07-045: Novell Client NWSPOOL.DLL Stack Overflow Vulnerability zdi-disclosures(at)3com.com (Mon Aug 06 2007 - 17:46:02 EDT)
• Konqueror: URL address bar spoofing vulnerabilities Robert Swiecki (Mon Aug 06 2007 - 17:44:15 EDT)
  • Re: Konqueror: URL address bar spoofing vulnerabilities paraw (Mon Aug 06 2007 - 19:29:34 EDT)
    • Re: [Full-disclosure] Konqueror: URL address bar spoofing vulnerabilities Robert Swiecki (Tue Aug 07 2007 - 01:13:05 EDT)
      • Re: [Full-disclosure] Konqueror: URL address bar spoofing vulnerabilities Patrick Nagel (Tue Aug 07 2007 - 16:58:44 EDT)
  • Re: Konqueror: URL address bar spoofing vulnerabilities Jonathan Smith (Mon Aug 06 2007 - 18:37:05 EDT)
    • Re: [Full-disclosure] Konqueror: URL address bar spoofing vulnerabilities Jonathan Smith (Mon Aug 06 2007 - 19:33:43 EDT)
• Ariadne CMS Remote File Inclusion Advisory(at)Aria-security.net (Mon Aug 06 2007 - 17:41:32 EDT)
• EZPhotoSales 1.9.3 Multiple Vulnerabilities Seth Fogie (Mon Aug 06 2007 - 15:25:58 EDT)
• [SECURITY] [DSA 1350-1] New tetex-bin packages fix arbitrary code execution Moritz Muehlenhoff (Mon Aug 06 2007 - 13:32:16 EDT)
• TS-2007-002-0: BlueCat Networks Adonis root Privilege Access anonymous.c7ffa4057a (Mon Aug 06 2007 - 12:57:18 EDT)
  • Re: TS-2007-002-0: BlueCat Networks Adonis root Privilege Access security(at)bluecatnetworks.com (Thu Aug 09 2007 - 17:01:01 EDT)
• cfp: TRsec, Istanbul Turkey gadie(at)beyondsecurity.com (Sun Aug 05 2007 - 05:26:53 EDT)
• Active Gmail "Sidejacking" - https is NOT ENOUGH Mike Perry (Mon Aug 06 2007 - 00:50:34 EDT)
• [security bulletin] HPSBUX02251 SSRT071449 rev.1 - HP-UX Running BIND, Remote DNS Cache Poisoning security-alert(at)hp.com (Mon Aug 06 2007 - 10:23:09 EDT)
• [security bulletin] HPSBMA02250 SSRT061275 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Execution of Arbitrary Code and Denial of Service (DoS) security-alert(at)hp.com (Mon Aug 06 2007 - 10:22:17 EDT)
• CORRECTION: EXPL0it FIXED :JPG PoC denial of service exploit by CrazyAngel reza_zahfaran(at)yahoo.com (Mon Aug 06 2007 - 03:54:05 EDT)
  • Re: CORRECTION: EXPL0it FIXED :JPG PoC denial of service exploit by CrazyAngel ifsecure(at)gmail.com (Tue Aug 07 2007 - 08:57:30 EDT)
• DOS issue in Astaro Version 7 packet filter reporting, POSSIBLE security issue in POP3 proxy William Warren (Sat Aug 04 2007 - 22:04:21 EDT)
• Envolution (News) <= v1.1.0 Remote SQL Injection k1tk4t(at)newhack.org (Sat Aug 04 2007 - 19:13:12 EDT)
• Question about exploit exposing SSN & user info hsukowa(at)yahoo.com (Sun Aug 05 2007 - 22:35:18 EDT)
  • RE: Question about exploit exposing SSN & user info J. Patterson Wicks (Mon Aug 06 2007 - 13:35:23 EDT)
    • Re: Question about exploit exposing SSN & user info J. Oquendo (Mon Aug 06 2007 - 14:57:48 EDT)
  • RE: Question about exploit exposing SSN & user info Michal Bucko (Mon Aug 06 2007 - 12:01:53 EDT)
• [SECURITY] [DSA 1349-1] New libextractor packages fix arbitrary code execution Moritz Muehlenhoff (Sun Aug 05 2007 - 16:05:24 EDT)
• AL-Athkar.v2.0 Remote File Include RaeD(at)BsdMail.Com (Sat Aug 04 2007 - 12:04:19 EDT)
• AuraCMS [Forum Module] - Remote SQL Injection k1tk4t(at)newhack.org (Sun Aug 05 2007 - 19:04:57 EDT)
• ALL vgallite Remote File Include RaeD(at)BsdMail.Com (Sat Aug 04 2007 - 12:00:17 EDT)
• AL-Caricatier V.2.5 Remote File Include RaeD(at)BsdMail.Com (Sat Aug 04 2007 - 11:54:59 EDT)
• [SECURITY] [DSA 1346-1] New iceape packages fix several vulnerabilities Moritz Muehlenhoff (Sat Aug 04 2007 - 07:54:19 EDT)
• [SECURITY] [DSA 1345-1] New xulrunner packages fix several vulnerabilities Moritz Muehlenhoff (Sat Aug 04 2007 - 07:42:41 EDT)
• [ELEYTT] 4SIERPIEN2007 Michal Bucko (Sat Aug 04 2007 - 08:19:34 EDT)
  • Re: [ELEYTT] 4SIERPIEN2007 support1(at)advancedsearchbar.com (Thu Aug 09 2007 - 06:48:52 EDT)
• Joomla J! Reactions Component Remote File include Bug yollubunlar(at)hotmail.com (Fri Aug 03 2007 - 16:45:54 EDT)
  • Re: Joomla J! Reactions Component Remote File include Bug software(at)sdecnet.com (Sat Aug 18 2007 - 04:23:16 EDT)
    • Re: Re: Joomla J! Reactions Component Remote File include Bug yollubunlar(at)yollubunlar.org (Mon Aug 20 2007 - 19:53:51 EDT)
• ContentDM Search.php XSS Vulnerability Monkeyboy9997(at)hotmail.com (Sat Aug 04 2007 - 06:55:13 EDT)
• [CFP] Kiwicon 2k7 - Call For Papers kiwicon(at)kiwicon.org (Fri Aug 03 2007 - 21:34:45 EDT)
• [ MDKSA-2007:153 ] - Updated gd packages fix several vulnerabilities security(at)mandriva.com (Fri Aug 03 2007 - 21:09:19 EDT)
• [SECURITY] [DSA 1348-1] New poppler packages fix arbitrary code execution Moritz Muehlenhoff (Sat Aug 04 2007 - 09:04:16 EDT)
• Immunity Debugger is now released nicolas.waisman(at)immunityinc.com (Fri Aug 03 2007 - 20:59:04 EDT)
• [SECURITY] [DSA 1347-1] New xpdf packages fix arbitrary code execution Moritz Muehlenhoff (Sat Aug 04 2007 - 08:55:49 EDT)
• FLEA-2007-0042-1 qt Foresight Linux Essential Announcement Service (Fri Aug 03 2007 - 15:09:25 EDT)
• Aceboard forum, SQL injection karmaguedon(at)hotmail.com (Fri Aug 03 2007 - 08:13:39 EDT)
• [ELEYTT] 3SIERPIEN2007 Michal Bucko (Fri Aug 03 2007 - 11:48:07 EDT)
  • Re: [ELEYTT] 3SIERPIEN2007 Michal Zalewski (Fri Aug 03 2007 - 16:29:58 EDT)
  • Re: [ELEYTT] 3SIERPIEN2007 Michal Bucko (Fri Aug 03 2007 - 18:08:02 EDT)
    • Re: [ELEYTT] 3SIERPIEN2007 Michal Zalewski (Sat Aug 04 2007 - 16:05:23 EDT)
  • Re: [ELEYTT] 3SIERPIEN2007 xyborg(at)gmail.com (Mon Aug 06 2007 - 01:40:21 EDT)
    • Re:Re: [ELEYTT] 3SIERPIEN2007 Michal Bucko (Sat Aug 04 2007 - 17:10:44 EDT)
    • Re:Re: [ELEYTT] 3SIERPIEN2007 Michal Bucko (Thu Aug 09 2007 - 18:48:11 EDT)
• [Aria-Security.Net] Gallery In A Box Username & Password Parameters SQL Injection Advisory(at)Aria-security.net (Thu Aug 02 2007 - 19:28:23 EDT)
• [SECURITY] [DSA 1344-1] New iceweasel packages fix several vulnerabilities Moritz Muehlenhoff (Fri Aug 03 2007 - 11:57:59 EDT)
• [USN-496-1] koffice vulnerability Martin Pitt (Fri Aug 03 2007 - 06:34:53 EDT)
• FLEA-2007-0041-1 gdm Foresight Linux Essential Announcement Service (Fri Aug 03 2007 - 10:26:23 EDT)
• [USN-495-1] Qt vulnerability Martin Pitt (Fri Aug 03 2007 - 06:34:59 EDT)
• FLEA-2007-0040-1 thunderbird Foresight Linux Essential Announcement Service (Fri Aug 03 2007 - 10:05:24 EDT)
• [Aria-Security.Net] Next Gen Portfolio Manager SQL Injection Advisory(at)Aria-security.net (Fri Aug 03 2007 - 00:05:55 EDT)
• la-nai cms_v1.2.14 - Remote SQL Injection k1tk4t(at)newhack.org (Thu Aug 02 2007 - 18:30:22 EDT)
• [Whitepaper SecNiche] Insecurities in Implementing Serialization in BISON Aditya K Sood (Sat Aug 04 2007 - 01:17:36 EDT)
• our de France Pool 1.0.1 Remote File &#304;nclude Bug yollubunlar(at)yollubunlar.org (Thu Aug 02 2007 - 13:58:29 EDT)
• Hunkaray Okul Portali v1.1 (tr) Sql injection Vuln yollubunlar(at)yollubunlar.org (Thu Aug 02 2007 - 14:02:40 EDT)
• Minimo .2 and more Firefox 2.0.0.6 Password Manager Vulnerabilites Seth Fogie (Thu Aug 02 2007 - 13:52:26 EDT)
• rPSA-2007-0153-1 qt-x11-free rPath Update Announcements (Wed Aug 01 2007 - 19:39:31 EDT)
• Baidu Soba Remote Code Execute Vulnerability(FGA-2007-10) hfli (Wed Aug 01 2007 - 21:57:15 EDT)
• [ MDKSA-2007:151 ] - Updated qt3 packages fix multiple vulnerabilities security(at)mandriva.com (Wed Aug 01 2007 - 17:56:11 EDT)
• CVE-2007-3384: XSS in Tomcat cookies example Mark Thomas (Wed Aug 01 2007 - 23:18:45 EDT)
• [USN-494-1] Gimp vulnerability Kees Cook (Thu Aug 02 2007 - 02:15:37 EDT)
• Pluck 4.3 themes.php Remote File Inclusion and disclosure no-reply(at)aria-security.net (Thu Aug 02 2007 - 07:40:48 EDT)
• [ MDKSA-2007:152 ] - Updated Firefox packages fix multiple vulnerabilities security(at)mandriva.com (Wed Aug 01 2007 - 21:48:43 EDT)
• FreeBSD Security Advisory FreeBSD-SA-07:07.bind FreeBSD Security Advisories (Wed Aug 01 2007 - 17:27:29 EDT)
• FreeBSD Security Advisory FreeBSD-SA-07:06.tcpdump FreeBSD Security Advisories (Wed Aug 01 2007 - 17:26:59 EDT)
• FreeBSD Security Advisory FreeBSD-SA-07:01.jail [REVISED] FreeBSD Security Advisories (Wed Aug 01 2007 - 17:26:08 EDT)
• [BuHa-Security] DoS Vulnerability in Konqueror 3.5.7 bugtraq(at)morph3us.org (Wed Aug 01 2007 - 15:20:20 EDT)
• FLEA-2007-0039-1 firefox Foresight Linux Essential Announcement Service (Wed Aug 01 2007 - 15:03:24 EDT)
• FLEA-2007-0038-1 gimp Foresight Linux Essential Announcement Service (Wed Aug 01 2007 - 14:31:22 EDT)
• PHP-Nuke (ALL versions) Multiple XSS and HTML injection mikispag(at)gmail.com (Wed Aug 01 2007 - 11:58:47 EDT)
• Mambo 4.6.2 CMS - Session fixation Issue in backend Administration interface tomaz.bratusa(at)teamintell.com (Wed Aug 01 2007 - 10:47:34 EDT)
• [security bulletin] HPSBUX02248 SSRT071437 rev.1 - HP-UX Running ARPA Transport, Remote Denial of Service (DoS) security-alert(at)hp.com (Wed Aug 01 2007 - 06:14:45 EDT)
• [security bulletin] HPSBUX02247 SSRT071432 rev.1 - HP-UX Running ARPA Transport, Local Denial of Service (DoS) security-alert(at)hp.com (Wed Aug 01 2007 - 06:15:34 EDT)
• WikiWebWeaver 1.1 beta Upload Shell Vulnerability yollubunlar(at)yollubunlar.org (Wed Aug 01 2007 - 05:40:38 EDT)
• Pwnie Awards Ceremony Alexander Sotirov (Wed Aug 01 2007 - 02:15:13 EDT)
  • Re: Re: [BuHa-Security] Winamp 5.35 (Infinite) M3U File Inclusion DoS Vulnerability bugtraq(at)morph3us.org (Wed Aug 01 2007 - 06:54:59 EDT)
    • Re: [BuHa-Security] Winamp 5.35 (Infinite) M3U File Inclusion Stack Overflow Werner Van Belle (Wed Aug 01 2007 - 15:46:28 EDT)
  • Re: security contact for uat.edu needed Hans Wolters (Thu Aug 02 2007 - 18:00:36 EDT)
    • Re: security contact for uat.edu needed Hans Wolters (Fri Aug 03 2007 - 16:57:30 EDT)
      • Re: security contact for uat.edu needed Hans Wolters (Sat Aug 11 2007 - 17:14:55 EDT)
  • Re: BellaBook Admin Bypass/Remote Code Execution jem(at)jemjabella.co.uk (Wed Aug 01 2007 - 13:36:47 EDT)
  • Re: TS-2007-001-0: BlueCat Networks Adonis Linux-HA heartbeat DoS Vulnerability bmiskov(at)bluecatnetworks.com (Fri Aug 03 2007 - 11:44:31 EDT)
  • Re: Guidance Software response to iSEC report on EnCase luke.cleverley(at)gmail.com (Thu Aug 16 2007 - 00:12:16 EDT)
    • RE: Re: Guidance Software response to iSEC report on EnCase Alex Stamos (Thu Aug 02 2007 - 12:41:54 EDT)
  • Re: MySQLDumper vulnerability: Bypassing Apache based access control possible admin(at)mysqldumper.de (Sat Aug 04 2007 - 05:10:17 EDT)