PDA

Bekijk Volledige Versie : Bugtraq mailing lijst



Pagina's : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 [45] 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98

  1. M-Phorum Cross Site Scripting
  2. DCP Portal: Multiple XSS Vulnerabilities
  3. MyBloggie: Multiple XSS Vulnerabilities
  4. txtForum: Multiple XSS Vulnerabilities
  5. txtForum: Script Injection Vulnerability
  6. Re: a worm for mediaWiki??
  7. RevilloC MailServer 1.x "USER" Command Handling Remote Buffer Overflow Exploit
  8. Re: 18 ways to escalate privileges in Zone Labs ZoneAlarm
  9. Re: Re: [CORRECTIONS AND ADDITIONS ]Azbb v1.1.00 Cross-Site Scripting
  10. RE: [Full-disclosure] PHP-based CMS mass-exploitation
  11. Aluria/WhenU Troubled Past and Whitewashing History
  12. Re: [waraxe-2006-SA#047] - Evading sql-injection filters in
  13. Re: [waraxe-2006-SA#047] - Evading sql-injection filters in
  14. UnrealIRCd3.2.3 Server-Link Denial of Service
  15. DVguestbook 1.0 And 1.2.2 Cross Site Scripting
  16. PHP Upload Center Download users password hashes And phpshell Upload
  17. PHP Advanced Transfer Manager Download users password hashes
  18. n8cms 1.1 & 1.2 version Sql İnjection And XSS
  19. Re: HYSA-2006-005 WordPress 2.0.1 Remote DoS Exploit
  20. ADP Forum 2.0,* script İnjection
  21. [KDE Security Advisory] kpdf of KDE 3.3.x heap based buffer overflow
  22. [USN-261-1] PHP vulnerabilities
  23. [ MDKSA-2006:035-1 ] - Updated php packages fix vulnerability
  24. Statement Regarding Reported Local Escalation of Privileges Vulnerability for ZoneAlarm
  25. RE: [Full-disclosure] Re: recursive DNS servers DDoS as a growing DDoSproblem
  26. [SECURITY] [DSA 990-1] New bluez-hcidump packages fix denial of service
  27. [SECURITY] [DSA 919-2] New curl packages fix potential security problem
  28. announcement: reporting and mitigating malicious websites and phishing
  29. Re: [Full-disclosure] Re: recursive DNS servers DDoS as a growing DDoSproblem
  30. [SECURITY] [DSA 991-1] New zoo packages fix arbitrary code execution
  31. [SECURITY] [DSA 992-1] New ffmpeg packages fix arbitrary code execution
  32. [eVuln] FreeForum PHP Code Execution & Multiple XSS Vulnerabilities
  33. GnuPG does not detect injection of unsigned data
  34. Advisory: Jiros Banner Experience Pro Remote Privilege Escalation.
  35. Re: Thomson SpeedTouch 500 modems vulnerable to XSS
  36. RE: Purple Paper: Exegesis Of Virtual Hosts Hacking
  37. [KAPDA::#33] - GuppY <= 4.5.11 Remote DoS vulnerability
  38. Re: recursive DNS servers DDoS as a growing DDoS problem
  39. [ GLSA 200603-06 ] GNU tar: Buffer overflow
  40. Re: HYSA-2006-005 WordPress 2.0.1 Remote DoS Exploit
  41. Re: HYSA-2006-005 WordPress 2.0.1 Remote DoS Exploit
  42. Re: Dropbear SSH server Denial of Service
  43. [SECURITY] [DSA 993-1] New GnuPG packages fix broken signature check
  44. [ GLSA 200603-08 ] GnuPG: Incorrect signature verification
  45. Re: Dropbear SSH server Denial of Service
  46. Re: [Full-disclosure] Re: recursive DNS servers DDoS as a growing
  47. Re: [Full-disclosure] Re: recursive DNS servers DDoS as a growing
  48. CoreNews 2.0.1 Remote Command Exucetion
  49. [ GLSA 200603-07 ] flex: Potential insecure code generation
  50. Re: Dropbear SSH server Denial of Service
  51. XSS in vCard
  52. Coppermine exploit used by a Chase Phish?
  53. SGI IRIX 6.*usr/sysadm/bin/runpriv local root exploit
  54. Copy protection scheme SafeDisc allows privilege escalation
  55. AntiVir PersonalEdition Classic: Local Privilige Escalation
  56. Jupiter CMS <= 1.1.5 multiple XSS attack vectors.
  57. [ GLSA 200603-09 ] SquirrelMail: Cross-site scripting and IMAP command injection
  58. [ GLSA 200603-10 ] Cube: Multiple vulnerabilities
  59. [USN-262-1] Ubuntu 5.10 installer password disclosure
  60. [USN-263-1] Linux kernel vulnerabilities
  61. [USN-264-1] gnupg vulnerability
  62. directory traversal Fixed in DirectContact 0.3c
  63. Multiple vulnerabilities in ENet library (Jul 2005)
  64. [SECURITY] [DSA 994-1] New freeciv packages fix denial of service
  65. [SECURITY] [DSA 995-1] New metamail packages fix arbitrary code execution
  66. [eVuln] Vegas Forum SQL Injection Vulnerability
  67. Kerio MailServer bugfun
  68. [SECURITY] [DSA 996-1] New Crypt::CBC packages fix cryptographic weakness
  69. [SECURITY] [DSA 993-2] New GnuPG packages fix broken signature check
  70. Secunia Research: unalz Filename Handling Directory Traversal
  71. Secunia Research: Dwarf HTTP Server Source Disclosure and
  72. WMNews Cross Site Scripting
  73. Buffer Overflow and Installation Script Error in Firebird 1.5.3
  74. [INetCop Security Advisory] zeroboard IP session bypass XSS
  75. Re: Coppermine exploit used by a Chase Phish?
  76. ZDI-06-003: Ipswitch Collaboration Suite Code Execution Vulnerability
  77. [SECURITY] [DSA 997-1] New bomberclone packages fix arbitrary code execution
  78. [ MDKSA-2006:055 ] - Updated gnupg packages fix signature file verification vulnerability
  79. [DRUPAL-SA-2006-001] Drupal 4.6.6 / 4.5.8 fixes access control issue
  80. [DRUPAL-SA-2006-003] Drupal 4.6.6 / 4.5.8 fixes session fixation issue
  81. [DRUPAL-SA-2006-002] Drupal 4.6.6 / 4.5.8 fixes XSS issue
  82. [SECURITY] [DSA 999-1] New lurker packages fix several vulnerabilities
  83. [SECURITY] [DSA 998-1] New libextractor packages fix several vulnerabilities
  84. DMA[2006-0313a] - 'Apple OSX Mail.app RFC1740 Real Name Buffer Overflow'
  85. [DRUPAL-SA-2006-004] Drupal 4.6.6 / 4.5.8 fixes mail header injection issue
  86. [SECURITY] [DSA 1000-1] New Apache2::Request packages fix denial of service
  87. [SECURITY] [DSA 1001-1] New crossfire packages fix arbitrary code execution
  88. Linux zero IP ID vulnerability?
  89. [eVuln] CyBoards PHP Lite SQL Injection Vulnerability
  90. ZDI-06-004: Microsoft Excel File Format Parsing Vulnerability
  91. High Risk Vulnerability in Microsoft Excel
  92. Re: histhost v1.0.0 xss and possible rmdir
  93. Fortinet Security Advisory: FSA-2006-09
  94. Fortinet Security Advisory: FSA-2006-08
  95. SYMSA-2006-001: Buffer overflow in Microsoft Office 2000, Office XP (2002), and
  96. [xfocus-SD-060314]Microsoft Office Excel Buffer Overflow Vulnerability
  97. Re: histhost v1.0.0 xss and possible rmdir
  98. [HV-HIGH] Microsoft Excel Named Range Arbitrary Code Execution
  99. WLSI - Windows Local Shellcode Injection - Paper
  100. CodeScan Advisory: Multiple Vulnerabilities In ASPPortal.net
  101. [SECURITY] [DSA 1002-1] New webcalendar packages fix several vulnerabilities
  102. CodeScan Advisory: Unauthenticated Arbitrary File Read in Horde v3.09 and prior
  103. [eVuln] discussion - xhawk.net BBCode 'img' XSS & SQL Injection
  104. Secunia Research: Adobe Document/Graphics Server File URI Resource
  105. FW: call for speakers and thoughts on VoIP Security - there's a long way to go!
  106. Sasser variant that effects 2k3 SP1 completely updated?
  107. [[KAPDA::#35] MyBB 1.0.3~member.php~XSS Attack in contact details
  108. [KAPDA::#35] - MyBB1.0.4~member.php~XSS after login
  109. [KAPDA::#34] - MyBB1.0.4~redirectfunction()~HeaderInjection
  110. Re: Purple Paper: Exegesis Of Virtual Hosts Hacking
  111. GnuPG weak as one guy with a spare laptop.
  112. Invision Power Board v2.1.4 - session hijacking
  113. Re: Linux zero IP ID vulnerability?
  114. Re: HYSA-2006-005 WordPress 2.0.1 Remote DoS Exploit
  115. WebVulnCrawl searching excluded directories for hackable web servers
  116. Latest MS patches kill wireless networking?
  117. Re: Latest MS patches kill wireless networking?
  118. Re: Sasser variant that effects 2k3 SP1 completely updated?
  119. Vulnerability in e-gold
  120. Vulnerability fixed in E-gold
  121. [ GLSA 200603-11 ] Freeciv: Denial of Service
  122. [ GLSA 200603-12 ] zoo: Buffer overflow
  123. [SECURITY] [DSA 1003-1] New xpvm packages fix insecure temporary file
  124. [SECURITY] [DSA 1004-1] New vlc packages fix arbitrary code execution
  125. Re: Invision Power Board v2.1.4 - session hijacking
  126. Re: Invision Power Board v2.1.4 - session hijacking
  127. Re: [VulnWatch] [xfocus-SD-060314]Microsoft Office Excel Buffer Overflow Vulnerability
  128. Milkeyway Multiple Vulnerabilities
  129. Re: [Full-disclosure] Re: [VulnWatch] [xfocus-SD-060314]Microsoft Office Excel Buffer Overflow Vulnerability
  130. Re: [Full-disclosure] Re: [VulnWatch] [xfocus-SD-060314]Microsoft
  131. Re: Linux zero IP ID vulnerability?
  132. Re: Invision Power Board v2.1.4 - session hijacking
  133. Remote overflow in MSIE script action handlers (mshtml.dll)
  134. Re: Remote overflow in MSIE script action handlers (mshtml.dll)
  135. Re: Remote overflow in MSIE script action handlers (mshtml.dll)
  136. help about RealSecure 6.5 Signatures
  137. [SECURITY] [DSA 1005-1] New xine-lib packages fix arbitrary code execution
  138. [FLSA-2006:178606] Updated kdelibs packages fix security issues
  139. Re: Remote overflow in MSIE script action handlers (mshtml.dll)
  140. [FLSA-2006:157459-3] Updated kernel packages fix security issues
  141. RE: Remote overflow in MSIE script action handlers (mshtml.dll)
  142. Re: GnuPG weak as one guy with a spare laptop.
  143. [FLSA-2006:157459-4] Updated kernel packages fix security issues
  144. [ GLSA 200603-14 ] Heimdal: rshd privilege escalation
  145. Re: Remote overflow in MSIE script action handlers (mshtml.dll)
  146. [ GLSA 200603-13 ] PEAR-Auth: Potential authentication bypass
  147. Re: [Full-disclosure] Re: recursive DNS servers DDoS as a growing
  148. [FLSA-2006:175404] Updated xpdf package fixes security issues
  149. [ GLSA 200603-15 ] Crypt::CBC: Insecure initialization vector
  150. RE: [Full-disclosure] Re: recursive DNS servers DDoS as a growingDDoSproblem
  151. Re: GnuPG weak as one guy with a spare laptop.
  152. Re: [Full-disclosure] Re: recursive DNS servers DDoS as a growing
  153. XSS IN Invision Power Board
  154. Symantec Security Advisory SYM06-004
  155. XCon2006 Call For Paper
  156. Re: Remote overflow in MSIE script action handlers (mshtml.dll)
  157. Generically Determining the Prescence of Virtual Machines
  158. [ GLSA 200603-16 ] Metamail: Buffer overflow
  159. [FLSA-2006:157459-1] Updated kernel packages fix security issues
  160. Re: Remote overflow in MSIE script action handlers (mshtml.dll)
  161. Fedora Legacy Server Outage
  162. Re: Re: Remote overflow in MSIE script action handlers (mshtml.dll)
  163. [SECURITY] [DSA 1006-1] New wzdftpd packages fix arbitrary shell command execution
  164. Re: recursive DNS servers DDoS as a growing DDoS problem
  165. [SECURITY] [DSA 1008-1] New kpdf packages fix arbitrary code execution
  166. Re: Remote overflow in MSIE script action handlers (mshtml.dll)
  167. Re: Remote overflow in MSIE script action handlers (mshtml.dll)
  168. [SECURITY] [DSA 1007-1] New drupal packages fix several vulnerabilities
  169. [FLSA-2006:173274] Updated gdk-pixbuf packages fix security issues
  170. Re: Remote overflow in MSIE script action handlers (mshtml.dll)
  171. Oxynews Sql &#304;njection
  172. [eVuln] NMDeluxe XSS & SQL Injection Vulnerabilities
  173. [FLSA-2006:174479] Updated libungif packages fix security issues
  174. Re: Linux zero IP ID vulnerability?
  175. [FLSA-2006:157459-2] Updated kernel packages fix security issues
  176. Microsoft Commerce Server 2002: Logon as known user with a false password
  177. MyBB 1.10 Full Path Disclosure
  178. Contrexx CMS Xss Vuln
  179. Xss in Wbb 2.3.4
  180. Advisory: BetaParticle Blog <= 6.0 Multiple Remote SQL Injection
  181. Re: Latest MS patches kill wireless networking?
  182. Re: WebVulnCrawl searching excluded directories for hackable web servers
  183. Re: Latest MS patches kill wireless networking?
  184. ExtCalendar v1.0 Multiple Xss Vuln
  185. [SECURITY] [DSA 960-3] New libmail-audit-perl packages fix insecure temporary file use
  186. [SECURITY] [DSA 1009-1] New crossfire packages fix arbitrary code execution
  187. [security bulletin] SSRT051078 rev.1 - HP-UX usermod(1M) Local UnaUthorized Access
  188. [SECURITY] [DSA 1010-1] New ilohamail packages fix cross-site scripting vulnerabilities
  189. [security bulletin] SSRT051251 rev.2 - Apache-based Web Server on HP-UX mod_ssl, proxy_http, Remote Execution of Arbitrary Code, Denial of Service (DoS), and Unauthorized Access
  190. [security bulletin] SSRT051128 rev.1 - HP-UX VirtualVault running Apache 1.3.X Remote Unauthorized Access
  191. phpWebsite <= SQL Injection (friend.php) & (article.php)
  192. Noah's Classifieds Multiple Path Disclosure and Cross Site
  193. Re: Re: Remote overflow in MSIE script action handlers (mshtml.dll)
  194. Re: Remote overflow in MSIE script action handlers (mshtml.dll)
  195. Re: [Full-disclosure] Re: recursive DNS servers DDoS as a growing
  196. Path Disclosure and Arbitrary File Read Vulnerability in SLAB5000
  197. Re: CodeScan Advisory: Unauthenticated Arbitrary File Read in
  198. Re: Remote overflow in MSIE script action handlers (mshtml.dll)
  199. IMF 2006 - 2nd Call for Papers
  200. Re: Generically Determining the Prescence of Virtual Machines
  201. Re: Latest MS patches kill wireless networking?
  202. [CVE-2006-0745] X.Org Security Advisory: privilege escalation and DoS in X11R6.9, X11R7.0
  203. Re: recursive DNS servers DDoS as a growing DDoS problem
  204. RE: Generically Determining the Prescence of Virtual Machines
  205. Re: Re: Invision Power Board v2.1.4 - session hijacking
  206. Re: Invision Power Board v2.1.4 - session hijacking
  207. Re: Invision Power Board v2.1.4 - session hijacking
  208. Symantec Security Advisory, SYM06-005
  209. Re: [CVE-2006-0745] X.Org Security Advisory: privilege escalation and DoS in X11R6.9, X11R7.0
  210. RE: Generically Determining the Prescence of Virtual Machines
  211. Re: Invision Power Board v2.1.4 - session hijacking
  212. [ MDKSA-2006:056 ] - Updated xorg-x11 packages to address local root vuln
  213. Perverting Unix Processes
  214. Re: Invision Power Board v2.1.4 - session hijacking
  215. [ MDKSA-2006:057 ] - Updated cairo packages to address Evolution DoS vulnerability
  216. =?windows-1252?Q?CORE-2006-0124=3A_Cross-Site_Scripting_in?=
  217. DNS Amplification Attacks
  218. [ GLSA 200603-18 ] Pngcrush: Buffer overflow
  219. [SECURITY] [DSA 1011-1] New kernel-patch-vserver packages fix root exploit
  220. [SECURITY] [DSA 1012-1] New unzip packages fix arbitrary code execution
  221. [ GLSA 200603-17 ] PeerCast: Buffer overflow
  222. XSS in Firepass 4100 SSL VPN v.5.4.2 (and probably others)
  223. Cisco Aironet 1300 DoS condition
  224. Recon 2006: Guest speakers announcement. Call for paper and early registration ending in less than 2 weeks.
  225. [ GLSA 200603-19 ] cURL/libcurl: Buffer overflow in the handling
  226. [ GLSA 200603-20 ] Macromedia Flash Player: Arbitrary code execution
  227. Free Articles Directory Remote Command Exucetion
  228. ASPPortal <= 3.1.1 Multiple Remote SQL Injection Vulnerabilities
  229. Mini-Nuke<=1.8.2 SQL injection (6)
  230. FreeBSD Security Advisory FreeBSD-SA-06:13.sendmail
  231. FreeBSD Security Advisory FreeBSD-SA-06:12.opie
  232. FreeBSD Security Advisory FreeBSD-SA-06:11.ipsec
  233. [eVuln] PHP SimpleNEWS, PHP SimpleNEWS MySQL - Authentication
  234. DMA[2006-0321a] - 'Motorola P2K Platform setpath() overflow and Blueline
  235. WinHKI 1.6x Archive Extraction Directory traversal
  236. cutenews 1.4.1 Arbitrary File Access
  237. [SECURITY] [DSA 1013-1] New snmptrapfmt packages fix insecure temporary file
  238. Re: [CVE-2006-0745] X.Org Security Advisory: privilege escalation and DoS in X11R6.9, X11R7.0
  239. PHP Live! XSS status_image.php
  240. IE crash
  241. Re; FreeBSD Security Advisory FreeBSD-SA-06:13.sendmail
  242. SUSE Security Announcement: sendmail remote code execution
  243. [OpenPKG-SA-2006.007] OpenPKG Security Advisory (sendmail)
  244. sendmail vuln advisories (CVE-2006-0058)
  245. [ MDKSA-2006:058 ] - Updated sendmail packages fix remote vulnerability
  246. [SECURITY] [DSA 1014-1] New firebird2 packages fix denial of service
  247. [USN-265-1] cairo/Evolution library vulnerability
  248. Advisory 03/2006: KisMAC Cisco Vendor Tag Encapsulated SSID Overflow
  249. [ MDKSA-2006:059 ] - Updated kernel packages fix multiple vulnerabilities
  250. [ GLSA 200603-22 ] PHP: Format string and XSS vulnerabilities