PDA

Bekijk Volledige Versie : Bugtraq mailing lijst



Pagina's : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 [27] 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98

  1. [ GLSA 200501-45 ] Gallery: Cross-site scripting vulnerability
  2. Re: iDEFENSE Security Advisory 01.24.05: DataRescue Interactive Disassembler Pro Buffer Overflow Vul
  3. [PersianHacker.net] Full Path Disclosure and PHP Injection In
  4. Zyxel / Netgear and probably other routers leaking information.
  5. New Whitepaper available on security best practices
  6. MDKSA-2005:025 - Updated clamav packages fix vulnerability
  7. [ GLSA 200501-46 ] ClamAV: Multiple issues
  8. SAME LADY, DIFFERENT HAT: REELY
  9. [ Security Bulletin] SSRT5900 rev.0 HP-UX TGA daemon remote Denial of Service (DoS)
  10. [USN-71-1] PostgreSQL vulnerability
  11. [ GLSA 200502-01 ] FireHOL: Insecure temporary file creation
  12. [SECURITY] [DSA 662-1] New squirrelmail package fixes several vulnerabilities
  13. Re: [Full-Disclosure] [ GLSA 200501-46 ] ClamAV: Multiple issues
  14. Re:WinAmp POC: How to get 900+ shellcodespace!?
  15. [SECURITY] [DSA 664-1] New cpio packages fix insecure file permissions
  16. MDKSA-2005:028 - Updated ncpfs packages fix vulnerabilities
  17. SQL injection in EveryDNS.net Service
  18. MDKSA-2005:027 - Updated chbg packages fix vulnerability
  19. MDKSA-2005:026 - Updated imap packages fix authentication vulnerability
  20. Limited buffer-overflow in Painkiller 1.35
  21. 7a69Adv#19 - ZipGenius unpack path disclosure
  22. [ GLSA 200502-03 ] enscript: Multiple vulnerabilities
  23. [FLSA-2005:2255] Updated zip package fixes security issue
  24. [FLSA-2005:2272] Updated unarj package fixes security issue
  25. [ GLSA 200502-02 ] UW IMAP: CRAM-MD5 authentication bypass
  26. 7a69Adv#20 - ZipGenius unpack one-folder path disclosure
  27. 7a69Adv#21 - WinRAR unpack one-folder path disclosure
  28. [SIG^2 G-TEC] DeskNow Mail and Collaboration Server Directory
  29. [FLSA-2005:2187] Updated freeradius packages fix security flaws
  30. Portcullis Advisory 05-005 Update, Webseries Payment Application
  31. Portcullis Advisory 05-001 Update, Webseries Payment Application
  32. Portcullis Advisory 05-006 Update, Webseries Payment Application
  33. Portcullis Advisory 05-007 Update, Webseries Payment Application
  34. Portcullis Advisory 05-008 Update, Webseries Payment Application
  35. Gallery is still vulnerable to Cross-site Scripting attacks
  36. Windows Security Checklists - 10 Parts
  37. Re[2]: WinAmp POC: How to get 900+ shellcodespace!?
  38. Google getting smarter ?!?!
  39. [ GLSA 200502-04 ] Squid: Multiple vulnerabilities
  40. Re: [Full-Disclosure] [ GLSA 200501-40 ] ngIRCd: Buffer overflow
  41. SV: Zyxel / Netgear and probably other routers leaking information.
  42. [ GLSA 200502-05 ] Newspost: Buffer overflow vulnerability
  43. MDKSA-2005:029 - Updated vim packages fix vulnerabilities
  44. New presentation: Advanced SQL Injection in Oracle databases
  45. RE: SECURITEY.NNOV.RU NewsPost buffer overflow [EXPLOIT]
  46. ngIRCd <= v0.8.2 Format String Vulnerability
  47. Python Security Advisory PSF-2005-001 - SimpleXMLRPCServer.py
  48. DoS in LANChat Pro Revival 1.666c
  49. [Linux kernel ipv6_setsockopt integer overflow]
  50. [ RSTACK Public Security Advisory ] Remote DOS against Linksys PSUS4
  51. Prevent MS Word document from being deleted
  52. [SECURITY] [DSA 666-1] New Python2.2 packages fix unauthorised XML-RPC internals access
  53. Exploit For Savant Web Server 3.1 (tested on win2003)
  54. Wireless networks/Default Admin username security problem in Croatia
  55. [SECURITY] [DSA 667-1] New PostgreSQL packages fix arbitrary library loading
  56. Re: [ RSTACK Public Security Advisory ] Remote DOS against Linksys
  57. Input Validation Vulnerability in Apple Safari version 1.2.4 v125.12
  58. [SECURITY] [DSA 667-1] New squid packages fix several vulnerabilities
  59. Webroot Software Resigns from COAST
  60. Re: Input Validation Vulnerability in Apple Safari version 1.2.4
  61. Re: Wireless networks/Default Admin username security problem in
  62. Foxmail Server Remote Buffer Overflow Vulnerability
  63. directory traversal in RaidenHTTPD 1.1.27
  64. [PersianHacker.NET 200502-05] WWWoard passwd
  65. [USN-74-1] Postfix vulnerability
  66. [USN-75-1] cpio vulnerability
  67. [USN-74-2] Fixed Postfix packages for USN-74-1
  68. [SECURITY] [DSA 669-1] New php3 packages fix several vulnerabilities
  69. XSS Vulnerability at thefacebook.com
  70. VOIPSEC
  71. New version of ike-scan (IPsec IKE scanner) available - v1.7
  72. [OSX Finder] DS_Store arbitrary file overwrite vulnerability.
  73. DMA[2005-0131a] - 'Setuid Perl PERLIO_DEBUG root owned file creation'
  74. DMA[2005-0131b] - 'Setuid Perl PERLIO_DEBUG buffer overflow'
  75. [USN-76-1] Emacs vulnerability
  76. [ GLSA 200502-07 ] OpenMotif: Multiple vulnerabilities in libXpm
  77. [USN-77-1] Squid vulnerabilities
  78. [ GLSA 200502-06 ] LessTif: Multiple vulnerabilities in libXpm
  79. [Security Bulletin] HP Tru64 Unix Mozilla Application Suite 1.7.3 Remote Denial of Service (DoS)
  80. iDEFENSE Security Advisory 02.11.05: ZoneAlarm 5.1 Invalid Pointer Dereference Vulnerability
  81. [ GLSA 200502-12 ] Webmin: Information leak in Gentoo binary package
  82. Re: International Domain Name [IDN] support in modern browsers allows attackers to spoof domain name
  83. Re: International Domain Name [IDN] support in modern browsers
  84. MDKSA-2005:032-1 - Updated cpio packages fix vulnerability
  85. Re: International Domain Name [IDN] support in modern browsers allows attackers to spoof domain n
  86. Re: [Full-Disclosure] Fireflashing [Firefox 1.0]
  87. Infostring crash and shutdown in the Quake 3 engine
  88. exim auth_spa_server() PoC exploit
  89. Re: BrightStor ARCserve Backup buffer overflow PoC
  90. [CLA-2005:924] Conectiva Security Announcement - XFree86
  91. [SECURITY] [DSA 679-1] New toolchain-source package fixes insecure temporary files
  92. [SECURITY] [DSA 680-1] New htdig packages fix cross-site scripting vulnerability
  93. RE: International Domain Name [IDN] support in modern browsers al
  94. [ GLSA 200502-16 ] ht://Dig: Cross-site scripting vulnerability
  95. [ GLSA 200502-15 ] PowerDNS: Denial of Service vulnerability
  96. AWStats <= 6.4 Multiple vulnerabilities
  97. RE: International Domain Name [IDN] support in modern browsers allows attackers to spoof domain name
  98. Credit Card Phishing with executable download
  99. [SECURITY] [DSA 681-1] New synaesthesia packages fix unauthorised file access
  100. eBay Account Phishing with eBay Redirect
  101. vbulletin 3.0.x PHP code execution
  102. [ GLSA 200502-14 ] mod_python: Publisher Handler vulnerability
  103. Microsoft Baseline Security Analyzer not seeing KB887742 and KB88
  104. [NOBYTES.COM: #2] CubeCart 2.0.4 - Multiple Vulnerabilities
  105. [ GLSA 200502-17 ] Opera: Multiple vulnerabilities
  106. [ GLSA 200502-19 ] PostgreSQL: Buffer overflows in PL/PgSQL parser
  107. [SECURITY] [DSA 683-1] New postgresql packages fix arbitrary code execution
  108. ASPjar Guestbook login.asp not official patch
  109. Re: International Domain Name [IDN] support in modern browsers allows attackers to spoof domain name
  110. [SECURITY] [DSA 682-1] New awstats packages fix arbitrary command execution
  111. MDKSA-2005:037 - Updated mailman packages fix directory traversal vulnerability
  112. Re: AWStats <= 6.4 Multiple vulnerabilities - can't reproduce in
  113. Re: International Domain Name [IDN] support in modern browsers allows
  114. IE6 SP1 - Click N Crash
  115. Re: International Domain Name [IDN] support in modern browsers allows attackers to spoof domain name
  116. Re: IE6 SP1 - Click N Crash is old news
  117. Scottrader Application Exploit
  118. Scottsave.com Trade History Exploit
  119. [NOBYTES.COM: #3] osCommerce 2.2-MS2 - XSS Vulnerability
  120. RE: AWStats <= 6.4 Multiple vulnerabilities - can't reproduce in 6.3?
  121. RE: Microsoft Baseline Security Analyzer not seeing KB887742 and
  122. Re: AWStats <= 6.4 Multiple vulnerabilities - can't reproduce
  123. RE: Microsoft Baseline Security Analyzer not seeing KB887742 and KB886185
  124. XSS in MySpace.com RuWeb.net and Primus.com
  125. RE: [Full-Disclosure] RE: Microsoft Baseline Security Analyzer no
  126. [Full Disclosure] Using DHTML XSS to launch HHCTRL exploit
  127. [CLA-2005:925] Conectiva Security Announcement - evolution
  128. Re: International Domain Name [IDN] support in modern browsers allows attackers to spoof domain name
  129. MDKSA-2005:038 - Updated emacs/xemacs packages fix vulnerability
  130. [KDE Security Advisory] Buffer overflow in fliccd of kdeedu/kstars/indi
  131. [hackgen-2005-#003] - SQL injection bugs in DCP-Portal
  132. [KDE Security Advisory] Buffer overflow in fliccd of kdeedu/kstars/indi
  133. [ GLSA 200502-22 ] wpa_supplicant: Buffer overflow vulnerability
  134. Re: International Domain Name [IDN] support in modern browsers allows attackers to spoof domain name
  135. xprobe2 v0.2.2 released
  136. [ GLSA 200502-23 ] KStars: Buffer overflow in fliccd
  137. UPDATE: [ GLSA 200501-36 ] AWStats: Remote code execution
  138. [ GLSA 200502-18 ] VMware Workstation: Untrusted library search path
  139. Blind Sql-Injection in MySQL Databases
  140. [USN-82-1] Linux kernel vulnerabilities
  141. RE: International Domain Name [IDN] support in modern browsers allows attackers to spoof domain name
  142. [ GLSA 200502-20 ] Emacs, XEmacs: Format string vulnerabilities in
  143. [ GLSA 200502-21 ] lighttpd: Script source disclosure
  144. [USN-83-1] LessTif 2 vulnerabilities
  145. [SECURITY] [DSA 684-1] New typespeed packages fix arbitrary group games code execution
  146. RE: International Domain Name [IDN] support in modern browsers allows attackers to spoof domain name
  147. Update Your Bookmarks
  148. SHA-1 broken
  149. Re: [Full-Disclosure] RE: Microsoft Baseline Security Analyzer not seeing KB887742 and KB886185
  150. [Security Bulletin] SSRT5893 rev.0 - HP Web-enabled Management Software Remote Buffer Overflow
  151. RE: Microsoft Baseline Security Analyzer not seeing KB887742 and KB88 6185 Correction
  152. Re: International Domain Name [IDN] support in modern browsers allows attackers to spoof domain name
  153. [PersianHacker.NET 200505-06] paNews v2.0b4 XSS Vulnerability
  154. NetSec Security Advisory: Multiple Vulnerabilities Resulting From Use Of Apple OSX HFS+
  155. RE: BrightStor ARCserve Backup buffer overflow PoC (fix available)
  156. RE: International Domain Name [IDN] support in modern browsers allows attackers to spoof domain name
  157. XSS vulnerabilty in ASP.Net [with details]
  158. MDKSA-2005:039 - Updated rwho packages fix vulnerability
  159. RECON 2005 CFP [Montreal, Canada]
  160. [ GLSA 200502-24 ] Midnight Commander: Multiple vulnerabilities
  161. Invision Power Boards 1.3.1 FINAL XSS Exploit
  162. Dangers of discarding duplicated messages
  163. RE: BrightStor ARCserve Backup buffer overflow PoC (fixes available)
  164. [ SCL-2005.001 ] - WebCalendar: SQL Injection from encoded cookie
  165. Re: International Domain Name [IDN] support in modern browsers allows attackers to spoof domain name
  166. Re: International Domain Name [IDN] support in modern browsers allows attackers to spoof domain name
  167. RE: International Domain Name [IDN] support in modern browsers allows attackers to spoof domain name
  168. [PersianHacker.NET 200505-07] paFAQ Beta4 Sql Injection
  169. Possible phpBB <=2.0.11 bug or sql injection?
  170. [SECURITY] [DSA 685-1] New emacs21 packages fix arbitrary code execution
  171. Advisory: Multiple Vulnerabilities in BibORB
  172. [SECURITY] [DSA 686-1] New gftp packages fix directory traversal vulnerability
  173. hpm_guestbook.cgi JavaScript-Injection
  174. iDEFENSE Labs Website Launch
  175. RE: International Domain Name [IDN] support in modern browsers allows attackers to spoof domain name
  176. RE: International Domain Name [IDN] support in modern browsers allows attackers to spoof domain name
  177. Phishing hole found in IE and OE
  178. [USN-78-2] Fixed mailman packages for USN-78-1
  179. [USN-66-2] PHP vulnerability
  180. Re: NetSec Security Advisory: Multiple Vulnerabilities Resulting
  181. BizMail 2.1 Spam Exploit
  182. MDKSA-2005:043 - Updated xpdf packages fix vulnerabilities on 64 bit platforms
  183. [SECURITY] [DSA 687-1] New bidwatcher packages fix format string vulnerability
  184. MDKSA-2005:042 - Updated gpdf packages fix vulnerabilities on 64 bit platforms
  185. [ GLSA 200502-26 ] GProFTPD: gprostats format string vulnerability
  186. 3com 3CDaemon FTP "USER" Remote BOverflow POC
  187. Re: International Domain Name [IDN] support in modern browsers allows attackers to spoof domain name
  188. MDKSA-2005:045 - Updated kdelibs packages fix vulnerabilities
  189. Combining Hashes
  190. Adobe Reader invalid root page node Count value DOS
  191. Multiple vulnerabilities in TrackerCam 5.12
  192. MDKSA-2005:044 - Updated tetex packages fix vulnerabilities on 64 bit platforms
  193. [ GLSA 200502-25 ] Squid: Denial of Service through DNS responses
  194. MDKSA-2005:040 - Updated PostgreSQL packages fix multiple vulnerabilities
  195. MDKSA-2005:041 - Updated cups packages fix vulnerabilities on 64 bit platforms
  196. Multiple vulnerabilities in Glftpd v1.26 - v2.00 default zip based
  197. Joint encryption?
  198. [ GLSA 200502-27 ] gFTP: Directory traversal vulnerability
  199. exwormshoucast part of PTjob project: SHOUTcast v1.9.4 remote
  200. [Hat-Squad] Findjmp2 Tool
  201. [FLSA-2005:2137] Updated cyrus-sasl resolves security vulnerabilities
  202. webfsd fun. opensource is god .lol windows
  203. cfengine rsa heap remote exploit: part of PTjob project
  204. Re: Possible phpBB <=2.0.11 bug or sql injection?
  205. Thomson TCW690 POST Password Validation Vulnerability
  206. Re: [lists] Combining Hashes
  207. 3com 3CDaemon FTP Unauthorized "USER" Remote BOverflow
  208. Knox Arkeia remote root/system exploit
  209. Re: [Full-Disclosure] Thomson TCW690 Denial Of Service Vulnerability
  210. [SECURITY] [DSA 674-3] New mailman packages really fix several vulnerabilities
  211. Arkeia Network Backup Client Remote Access
  212. Gigafast/CompUSA router (model EE400-R) vulnerabilities
  213. ADP Elite System Max 9000 Series Login Vulnerability
  214. Windows Firewall Has A Backdoor
  215. [USN-84-1] Squid vulnerabilities
  216. [FLSA-2005:2058] Updated cdrtools packages fix a security issue
  217. [FLSA-2005:1945] Updated sox packages fix buffer overflows
  218. [FLSA-2005:1944] GNOME VFS updates address extfs vulnerability
  219. iDEFENSE Security Advisory 02.21.05: Multiple Unix/Linux Vendor cURL/libcURL NTLM Authentication Buf
  220. iDEFENSE Security Advisory 02.21.05: Multiple Unix/Linux Vendor cURL/libcURL Kerberos Authentication
  221. phpBB 2.0.12 released
  222. Avaya IP Office Phone Manager - Sensitive Information Cleartext
  223. iDEFENSE Security Advisory 02.22.05: phpBB Group phpBB Arbitrary File Disclosure Vulnerability
  224. Re: Avaya IP Office Phone Manager - Sensitive Information Cleartext Vulnerability
  225. SD Server 4.0.70 Directory Traversal Bug
  226. [NOBYTES.COM: #5] iGeneric eShop 1.2 - Information Disclosure & Possible SQL Injection
  227. The WebConnect 6.4.4 and 6.5 contains several vulnerabilities
  228. [SCAN Associates Security Advisory] vbulletin 3.0.6 and below php code injection
  229. iDEFENSE Security Advisory 02.22.05: phpBB Group phpBB2 Arbitrary File Unlink Vulnerability
  230. Software PBLang 4.65 search.php XSS vulnerability
  231. Software PBLang 4.65 pmpshow.php XSS vulnerability
  232. Software PBLang 4.65 pm.php XSS vulnerability
  233. Re: Cross Site Scripting exploitation via malformed files
  234. [SECURITY] [DSA 689-1] New mod_python packages fix information leak
  235. Incorrect Classification of iDownload's Product as Spyware...
  236. [SECURITY] [DSA 688-1] New squid packages fix denial of service
  237. LayerOne Pre-Reg Open
  238. [ GLSA 200502-29 ] Cyrus IMAP Server: Multiple overflow vulnerabilities
  239. Robustness patch for TWiki, vulnerability in ImageGalleryPlugin
  240. Release of Arkeia Network Backup 5.3.5 fixes security issue
  241. [Fwd: [arkeia-announce] Release of Arkeia Network Backup 5.3.5 fixes
  242. Office 10 applications & flashdrives can be used to browse restricted drives
  243. update database by updating Bugzilla von 2.16.3 to 2.18
  244. Multiple vulnerabilities found in CSGuestbook by CoolSerlets.com
  245. iDEFENSE Security Advisory 02.23.05: Sun Solaris kcms_configure Arbitrary File Corruption Vulnerabil
  246. Cisco Security Advisory: ACNS Denial of Service and Default Admin Password Vulnerabilities
  247. [Security Bulletin] SSRT4694 HP-UX ftpd remote unauthorized access
  248. In-game cl_guid crash in Soldier of Fortune II 1.03
  249. Multiple vulns in punBB
  250. MDKSA-2005:046 - Updated uim packages fix vulnerability