PDA

Bekijk Volledige Versie : Bugtraq mailing lijst



Pagina's : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 [46] 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98

  1. [SECURITY] [DSA 1016-1] New evolution packages fix arbitrary code execution
  2. Re: sendmail vuln advisories (CVE-2006-0058)
  3. [SECURITY] [DSA 1015-1] New sendmail packages fix arbitrary code execution
  4. [ GLSA 200603-21 ] Sendmail: Race condition in the handling of asynchronous signals
  5. [KAPDA::#37] - CoMoblog XSS
  6. PasswordSafe 3.0 weak random number generator allows key recovery attack
  7. Vulnerability Alert Services - Independent List
  8. [SECURITY] [DSA 1017-1] New Linux kernel 2.6.8 packages fix several vulnerabilities
  9. Microsoft Internet Explorer (mshtml.dll) - Remote Code Execution
  10. iDefense Security Advisory 03.23.05: ISS Multiple Products Local
  11. iDefense Security Advisory 03.23.06: RealNetworks RealPlayer and
  12. [ GLSA 200603-23 ] NetHack, Slash'EM, Falcon's Eye: Local privilege escalation
  13. Secunia Research: Microsoft Internet Explorer "createTextRange()"
  14. Secunia Research: Orion Application Server JSP Source Disclosure
  15. SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS,
  16. trusting SMTP [was: SendGate: Sendmail Multiple Vulnerabilities]
  17. Re: Linux zero IP ID vulnerability?
  18. ArabPortal 2.0 Stable [ Full Patch Disclosure ]
  19. Re: [CVE-2006-0745] X.Org Security Advisory: privilege escalation and DoS in X11R6.9, X11R7.0
  20. Re: PasswordSafe 3.0 weak random number generator allows key recovery attack
  21. Re: [Full-disclosure] SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS, Memory Jumps, Integer Overflow)
  22. Popup Blocker Bypass Script
  23. Sudo tricks
  24. [HV-PAPER] Security Product Evaluation Tips
  25. Re: Linux zero IP ID vulnerability?
  26. Re: PHP-Stats <= 0.1.9.1 remote commands execution
  27. Digital Armaments April-2006 Hacking Challenge: Oracle Database
  28. Re: [SPAM:] - ASPPortal <= 3.1.1 Multiple Remote SQL Injection Vulnerabilities - Email has different SMTP TO: and MIME TO: fields in the email addresses
  29. Vulnerabilitiy found in comodo hacker guardian free scan.
  30. Re: [Full-disclosure] Re: recursive DNS servers DDoS as a growing DDoSproblem
  31. Re: recursive DNS servers DDoS as a growing DDoS problem
  32. w3wp remote DoS
  33. [ MDKSA-2006:060 ] - Updated FreeRADIUS packages fix EAP-MSCHAPv2 module vulnerability
  34. Re: SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS, Memory Jumps, Integer Overflow)
  35. Re: SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS, Memory Jumps, Integer Overflow)
  36. [FLSA-2006:186277] Updated sendmail packages fix security issues
  37. Re: SendGate: Sendmail Multiple Vulnerabilities (Race
  38. [SECURITY] [DSA 1019-1] New kpdf packages fix several vulnerabilities
  39. [eVuln] @1 File Store Multiple XSS and SQL Injection Vulnerabilities
  40. [SECURITY] [DSA 1018-1] New Linux kernel 2.4.27 packages fix several vulnerabilities
  41. On product vulnerability history and vulnerability complexity
  42. Re: [Full-disclosure] trusting SMTP [was: SendGate: Sendmail Multiple Vulnerabilities]
  43. [eVuln] DSPoll Multiple SQL Injection Vulnerabilities
  44. [eVuln] DSNewsletter SQL Injection Vulnerability
  45. [security bulletin] HPSBUX02105 SSRT061134 rev.1 - HP-UX Running swagentd Remote Denial of Service (DoS)
  46. Re: [ GLSA 200603-23 ] NetHack, Slash'EM, Falcon's Eye: Local privilege escalation
  47. Secunia Research: Quick 'n Easy/Baby Web Server ASP Code
  48. HeffnerCMS Remote Command Exucetion And Cross Scripting Attack
  49. Re: SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS, Memory Jumps, Integer Overflow)
  50. VihorDesing Script Remote Command Exucetion And Cross Scripting
  51. Re: [ GLSA 200603-23 ] NetHack, Slash'EM, Falcon's Eye: Local
  52. Re: SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS, Memory Jumps, Integer Overflow)
  53. Re: [Full-disclosure] trusting SMTP [was: SendGate: Sendmail Multiple
  54. Re: SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS,
  55. Re: Vulnerability Alert Services - Independent List
  56. Re: SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS,
  57. Re: SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS, Memory Jumps, Integer Overflow)
  58. Re: SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS,
  59. Re: [Full-disclosure] SendGate: Sendmail Multiple Vulnerabilities
  60. Re: [ GLSA 200603-23 ] NetHack, Slash'EM, Falcon's Eye: Local privilege escalation
  61. Re: Sudo tricks
  62. RE: SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS, Memory Jumps, Integer Overflow)
  63. Re: SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS,
  64. Re: SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS,
  65. Systrace 1.6: Phoenix Release
  66. [eVuln] DSCounter 'X-Forwarded-For' SQL Injection Vulnerability
  67. [eVuln] DSDownload Multiple SQL Injection Vulnerabilities
  68. Re: SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS,
  69. Re: [optimized PoC] Remote overflow in MSIE script action
  70. Re: SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS, Memory Jumps, Integer Overflow)
  71. Re: Quick 'n Easy FTP Server 3.0 pro / lite (buffer overflow
  72. Re: SendGate: Sendmail Multiple Vulnerabilities (Race
  73. Re: recursive DNS servers DDoS as a growing DDoS problem
  74. Re: recursive DNS servers DDoS as a growing DDoS problem
  75. UBBThreads<=5.5.1+6.0.2+6.0 br5+6.0.1 SQL injection
  76. SQL Injection in SaphpLesson2.0
  77. HPSBUX02108 SSRT061133 rev.1 - HP-UX Sendmail, Remote Execution
  78. AkoComment SQL injection vulnerability
  79. SQL injection in VGM Forbin.
  80. nuked-klan<=1.7.5 SQL Injection
  81. [ GLSA 200603-24 ] RealPlayer: Buffer overflow vulnerability
  82. [PHPADSNEW-SA-2006-001] phpAdsNew and phpPgAds 2.0.8 fix multiple
  83. CanfTool v1.1 Cross Site Scripting Attack
  84. HYSA-2006-006 G-Book 1.0 XSS And Other Vulnerabilities
  85. HYSA-2006-007 phpmyfamily 1.4.1 CRLF injection & XSS
  86. [Full-disclosure] [USN-265-1] cairo/Evolution library vulnerability
  87. [eVuln] DSLogin Authentication Bypass Vulnerability
  88. [eVuln] Maian Weblog Multiple SQL Injection Vulnerabilities
  89. [ GLSA 200603-25 ] OpenOffice.org: Heap overflow in included libcurl
  90. Blog Pixel Motion<=1.xx Authentication Bypass Vulnerability & SQL
  91. Microsoft MSN Hotmail : Cross-Site Scripting Vulnerability
  92. Re: PasswordSafe 3.0 weak random number generator allows key
  93. Re: recursive DNS servers DDoS as a growing DDoS problem
  94. Microsoft Windows XP SP2 Firewall issue
  95. [DDSi-SA] XSS in Raindance Communications Web Conferencing Pro
  96. XSS & SQL Injection in Music Box v2.3
  97. Re: SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS, Memory Jumps, Integer Overflow)
  98. Re: SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS, Memory Jumps, Integer Overflow)
  99. Re: SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS, Memory Jumps, Integer Overflow)
  100. Re: Sudo tricks
  101. Re: recursive DNS servers DDoS as a growing DDoS problem
  102. TSRT-06-01: Symantec VERITAS NetBackup vnetd Buffer Overflow Vulnerability
  103. ZDI-06-006: Symantec VERITAS NetBackup Database Manager Buffer Overflow
  104. ZDI-06-005: Symantec VERITAS NetBackup Volume Manager Buffer Overflow
  105. SYM06-006, Veritas NetBackup: Multiple Overflow Vulnerabilities
  106. [SECURITY] [DSA 1020-1] New flex packages fix insecure code generation
  107. PHPLiveHelper 1.8 remote command execution (include) Xploit (perl)
  108. EEYE: Temporary workaround for IE createTextRange vulnerability
  109. VWar <= 1.5.0 R11 Remote Code Execution Exploit
  110. [eVuln] Maian Events SQL Injection Vulnerability
  111. [eVuln] Maian Support Authentication Bypass
  112. XSS in AL-Caricatier
  113. Genius VideoCAM NB Local Privilege Escalation
  114. Re: SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS, Memory Jumps, Integer Overflow)
  115. Secunia Research: Blazix Web Server JSP Source Code Disclosure
  116. [SECURITY] [DSA 1021-1] New netpbm-free packages fix arbitrary command execution
  117. Re: SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS, Memory Jumps, Integer Overflow)
  118. Re: Microsoft Windows XP SP2 Firewall issue
  119. ArabPortal 2.0 Stable CrossSiteScripting
  120. Re: Sudo tricks
  121. Re: SYM06-006, Veritas NetBackup: Multiple Overflow
  122. Re: On classifying attacks
  123. Announcement: The Web Hacking Incidents Database
  124. Re: [SECURITY] [DSA 1020-1] New flex packages fix insecure code generation
  125. Determina Fix for CVE-2006-1359 (Zero Day MS Internet Explorer Remote "CreateTextRange()" Code Execution)
  126. Cantv/Movilnet's Web SMS vulnerability.
  127. Re: SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS,
  128. Re: Sudo tricks
  129. Re: PHP-Stats <= 0.1.9.1 remote commands execution
  130. Re: [Full-disclosure] Critical PHP bug - act ASAP if you are running
  131. Critical PHP bug - act ASAP if you are running web with sensitive data
  132. Re: Secunia Research: Microsoft Internet Explorer "createTextRange()"Code
  133. Re: [Full-disclosure] Critical PHP bug - act ASAP if you are runningweb with sensitive data
  134. XSS in PHPKIT Version 1.6.03
  135. Re: [SECURITY] [DSA 1020-1] New flex packages fix insecure code generation
  136. [HV-INFO] Enova hardware encryption: false sense of security
  137. [xfocus-SD-060329]MPlayer: Multiple integer overflows
  138. [eVuln] Skull-Splitter's PHP Guestbook XSS Vulnerability
  139. [eVuln] Skull-Splitter's PHP Downloadcounter for Wallpapers SQL
  140. Re: Sudo tricks
  141. Re: Re: phpBB 2.06 search.php SQL injection
  142. PhxContacts <= 0.93.1 beta Multiple SQL injection & xss
  143. Re: [Full-disclosure] Critical PHP bug - act ASAP if you are running
  144. Resource to Report and Stop Phishing Scams
  145. Re: Cantv/Movilnet's Web SMS vulnerability.
  146. Re: [Full-disclosure] Critical PHP bug - act ASAP if you are running
  147. Full path disclosure in Webcalendar 1.1.0-CVS
  148. [ GLSA 200603-26 ] bsd-games: Local privilege escalation in tetris-bsd
  149. [ MDKSA-2006:061 ] - Updated mailman packages fix DoS from badly formed mime multipart messages.
  150. X-Changer <=v0.2 Demo SQL injection
  151. Buffer overflows in Dia XFig import
  152. McAfee VirusScan DUNZIP32.dll Buffer Overflow Vulnerability
  153. Re: On classifying attacks
  154. Smurfable Linux Kernel
  155. [SECURITY] Samba 3.0.21-3.0.21c: Exposure of machine account credentials
  156. strip_tags() but not only vulnerability
  157. [security bulletin] HPSBUX02103 SSRT5953 rev.2 - HP-UX passwd(1) Local Denial of Service (DoS)
  158. [security bulletin] HPSBUX02102 SSRT051078 rev.2 - HP-UX usermod(1M) Local Unauthorized Access.
  159. Re: recursive DNS servers DDoS as a growing DDoS problem
  160. Re: recursive DNS servers DDoS as a growing DDoS problem
  161. Re: recursive DNS servers DDoS as a growing DDoS problem
  162. Re: recursive DNS servers DDoS as a growing DDoS problem
  163. MediaSlash Gallery 'rub' variable Remote File inlcusion
  164. Oxygen<=1.x.x SQL injection
  165. MonAlbum 0.8.7 SQL Injection
  166. Black Hat Call for Papers and Registration now open
  167. [security bulletin] HPSBUX02108 SSRT061133 rev.2 - HP-UX running Sendmail, Remote Execution of Arbitrary Code
  168. RE: WebVulnCrawl searching excluded directories for hackable web servers
  169. OSSTMM Security Analyst Training Live Stream on the Web
  170. Re: Sudo tricks
  171. Re: On classifying attacks
  172. EzASPSite <= 2.0 RC3 Remote SQL Injection Exploit Vulnerability.
  173. RE: recursive DNS servers DDoS as a growing DDoS problem
  174. Re: [Full-disclosure] Critical PHP bug - act ASAP if you are running
  175. RE: Sudo tricks
  176. Re: Re: Cantv/Movilnet's Web SMS vulnerability.
  177. DbbS<=2.0-alpha SQL injection
  178. Buffer-overflow and in-game crash in Zdaemon 1.08.01
  179. Warcraft III Replay Parser Script Remote Command Exucetion
  180. Mis-diagnosed XSS bugs hiding worse issues due to PHP feature
  181. linksubmit <= All version Html Tag Injector in index.php
  182. Re: [Full-disclosure] Mis-diagnosed XSS bugs hiding worse issues
  183. RE: recursive DNS servers DDoS as a growing DDoS problem
  184. FleXiBle Development Script Remote Command Exucetion And XSS
  185. Re: recursive DNS servers DDoS as a growing DDoS problem
  186. SQuery <= 4.5 Remote File Inclusion Exploit
  187. Re: Mis-diagnosed XSS bugs hiding worse issues due to PHP feature
  188. Re: Re: Re: phpBB 2.06 search.php SQL injection
  189. DoS-ing sysklogd?
  190. PHPNuke-Clan 3.0.1 Remote File Inclusion Exploit
  191. =?windows-1251?Q?GeSWall_2=2E2_=96_Free_Intrusion_Prevention _System_for?=
  192. Re: recursive DNS servers DDoS as a growing DDoS problem
  193. SiteMan <= All version SQL injection in admin_login.asp
  194. Secunia Research: AN HTTPD Script Source Disclosure Vulnerability
  195. Re: On product vulnerability history and vulnerability complexity
  196. [USN-266-1] dia vulnerabilities
  197. [SECURITY] [DSA 1000-2] New Apache2::Request packages fix denial of service
  198. Another Internet Explorer Address Bar Spoofing Vulnerability
  199. Hosting Controller AccountActions.asp and saveuploadfiles.asp
  200. Flaw in commonly used bash random seed method
  201. Re: Mis-diagnosed XSS bugs hiding worse issues due to PHP feature
  202. RE: DoS-ing sysklogd?
  203. VWar <= 1.5.0 R12 Remote File Inclusion Exploit
  204. Multiple Vulnerabilities in LucidCMS
  205. MyBB 1.10 New CrossSiteScripting
  206. Re: Flaw in commonly used bash random seed method
  207. RE: recursive DNS servers DDoS as a growing DDoS problem
  208. Phpwebgallery <= 1.4.1 SQL injection Vulnerability
  209. ReloadCMS <= 1.2.5stable Cross site scripting / remote command
  210. Bypassing ISA Server 2004 with IPv6
  211. SYMSA-2006-002: McAfee WebShield SMTP Format String Vulnerability
  212. Re: recursive DNS servers DDoS as a growing DDoS problem
  213. Re: On product vulnerability history and vulnerability complexity
  214. Re: On product vulnerability history and vulnerability complexity
  215. SQL Injection in Softbiz Image Gallery
  216. Re: WebVulnCrawl searching excluded directories for hackable web servers
  217. Re: Cantv/Movilnet's Web SMS vulnerability.
  218. Re: On classifying attacks
  219. Re: recursive DNS servers DDoS as a growing DDoS problem
  220. Re: On product vulnerability history and vulnerability complexity
  221. [ MDKSA-2006:064 ] - Updated MySQL packages fix logging bypass vulnerability
  222. Re: On product vulnerability history and vulnerability complexity
  223. [ MDKSA-2006:062 ] - Updated dia packages fix buffer overflow vulnerabilities
  224. Re: Bypassing ISA Server 2004 with IPv6
  225. RUXCON 2006 Call for Papers
  226. SMART Technologies SynchronEyes Remote Denial of Services
  227. Re: recursive DNS servers DDoS as a growing DDoS problem
  228. Re: On product vulnerability history and vulnerability complexity
  229. Re: recursive DNS servers DDoS as a growing DDoS problem
  230. RE: recursive DNS servers DDoS as a growing DDoS problem
  231. Format string in Doomsday 1.8.6
  232. Re: On product vulnerability history and vulnerability complexity
  233. [USN-267-1] mailman vulnerability
  234. Re: On product vulnerability history and vulnerability complexity
  235. RE: recursive DNS servers DDoS as a growing DDoS problem
  236. Barracuda LHA archiver security bug leads to remote compromise
  237. Re: DoS-ing sysklogd?
  238. Re: DoS-ing sysklogd?
  239. Barracuda ZOO archiver security bug leads to remote compromise
  240. [ GLSA 200604-01 ] MediaWiki: Cross-site scripting vulnerability
  241. [ GLSA 200604-02 ] Horde Application Framework: Remote code execution
  242. Re: recursive DNS servers DDoS as a growing DDoS problem
  243. [security bulletin] HPSBPI2109 SSRT061141 rev.1 - HP Color LaserJet 2500 and 4600 Toolbox Running on Microsoft Windows Remote Unauthorized Disclosure of Information
  244. [ GLSA 200604-03 ] FreeRADIUS: Authentication bypass in EAP-MSCHAPv2
  245. RE: recursive DNS servers DDoS as a growing DDoS problem
  246. Re: Flaw in commonly used bash random seed method
  247. Re: [Full-disclosure] Critical PHP bug - act ASAP if you are running
  248. Re: [Full-disclosure] Critical PHP bug - act ASAP if you are runningweb with sen
  249. [Full-disclosure] PIRANA exploitation framework and SMTP contentfilter security
  250. Re: [Full-disclosure] Critical PHP bug - act ASAP if you are running web with sensitive data