PDA

Bekijk Volledige Versie : Bugtraq mailing lijst



Pagina's : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 [49] 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98

  1. Re: Instant Photo Gallery <= Multiple XSS
  2. [ GLSA 200604-17 ] Ethereal: Multiple vulnerabilities in protocol dissectors
  3. [security bulletin] HPSBMA02113 SSRT061148 rev.1 - HP Oracle for OpenView (OfO) Critical Patch Update April 2006
  4. SQL injection exploit IPB <= 2.1.4
  5. Re: Instant Photo Gallery <= Multiple XSS
  6. [USN-275-1] Mozilla vulnerabilities
  7. [SECURITY] [DSA 1045-1] New OpenVPN packages fix arbitrary code execution
  8. [SECURITY] [DSA 1046-1] New Mozilla packages fix several vulnerabilities
  9. BL4's SMTP server BufferOverflow Vulnerable
  10. Re: Recent Oracle exploit is _actually_ an 0day with no patch
  11. Secunia Research: Servant Salamander unacev2.dll Buffer Overflow
  12. WinISO/UltraISO/MagicISO/PowerISO Directory Traversal Vulnerability
  13. [ECHO_ADV_31$2006] Sws Web Server 0.1.7 Strcpy() & Syslog()
  14. Cireos Portal Cross Site Scripting
  15. [Argeniss] Alert - Yahoo! Mail XSS vulnerability
  16. Re: Recent Oracle exploit is _actually_ an 0day with no patch
  17. [Kurdish Security #3] CoolMenus Event Remote File Include
  18. [ GLSA 200604-18 ] Mozilla Suite: Multiple vulnerabilities
  19. [Kurdish Security #2] Artmedic Event Remote File Include
  20. RE: Recent Oracle exploit is _actually_ an 0day with no patch
  21. Neomail.pl Local Cross Site Scripting
  22. Re: Recent Oracle exploit is _actually_ an 0day with no patch
  23. [Kurdish Secure Advisory #1] I-RATER Platinum "Admin/configsettings.tpl.php"
  24. Re: VWar Path Disclosure
  25. RE: Invision Vulnerabilities, including remote code execution
  26. Re: Apple Mac OS X Safari 2.0.3 Vulnerability
  27. Re: Recent Oracle exploit is _actually_ an 0day with no patch
  28. Re: phpMyForum Cross Site Scripting & CRLF injection
  29. Invision Power Board 2.1.5 POC
  30. poll.pl<--remote commands execution exploit
  31. W-Agora 4.20 XSS
  32. XSS Attack On DirectAdmin Hosting Managment
  33. TopList <= 1.3.8 (PHPBB Hack) Remote File Inclusion Vulnerability
  34. TextFileBB 1.0.16 Multiple XSS
  35. DMCounter Remote File Include
  36. [ GLSA 200605-01 ] MPlayer: Heap-based buffer overflow
  37. JMK's Picture Gallery admin login
  38. planetGallery admin login
  39. free-php.net Poll 1.0 admin login
  40. Secunia Research: WinHKI unacev2.dll Buffer Overflow Vulnerability
  41. [SECURITY] [DSA 1048-1] New Asterisk packages fix arbitrary code execution
  42. Re: Apple Mac OS X Safari 2.0.3 Vulnerability
  43. [SECURITY] [DSA 1047-1] New resmgr packages fix unauthorised access
  44. Image file crashes Finder, Safari and other apps
  45. Thyme 1.3 Cross Site Scripting
  46. 4images<-- 1.7.1 SQL Injection
  47. Invision Power Board v2.1.5 Remote SQL Injection
  48. OpenBB 1.0.8 Full Path Disclosure
  49. Poll: Emerging Threats
  50. RE: Poll: Emerging Threats
  51. I-RATER Platinum Remote File Inclusion exploit Cod3d by R@1D3N
  52. CoolMenus Event Remote File Inclusion exploit
  53. XINE format string bugs when handling non existen file
  54. Carrier Set in Aironet 1130/IOS
  55. Blog Mod <= 0.2.x SQL Injection
  56. Re: CoolMenus Event Remote File Inclusion exploit
  57. RE: Oracle 10g 10.2.0.2.0 DBA exploit
  58. FTP Fuzzer
  59. VHCS --- Virtual Hosting Control System Cross Site Scripting
  60. [ MDKSA-2006:080 ] - Updated clamav packages fix vulnerability
  61. JSBoard XSS vulnerability
  62. Cisco Security Advisory: Cisco Unity Express Expired Password Reset Privilege Escalation
  63. X7 Chat <=2.0 remote commands execution
  64. [SECURITY] [DSA 1049-1] New Ethereal packages fix several vulnerabilities
  65. zenphoto Multiple Path Disclosure and Cross Site Scripting
  66. Ejabberd : Symlink vulnerability during installation process
  67. geoBlog Mutiple XSS Vulnerability
  68. sBlog SQL Injection and Path Disclosure Vulnerability
  69. Cmscout <= V1.10 multiple XSS attack vectors
  70. SF-Users V1.0 XSS injection
  71. FileProtection Express <= 1.0.1 authentification bypass
  72. Russcom.net Loginphp multiple vulnerabilties
  73. TyroCms beta V1.0 multiple XSS injections
  74. Invision Gallery 2.0.6 ( SQL Injection )
  75. Oracle, where are the patches???
  76. MySQL Anonymous Login Handshake - Information Leakage.
  77. MySQL COM_TABLE_DUMP Information Leakage and Arbitrary command
  78. [ GLSA 200605-02 ] X.Org: Buffer overflow in XRender extension
  79. [ GLSA 200605-04 ] phpWebSite: Local file inclusion
  80. [ GLSA 200605-03 ] ClamAV: Buffer overflow in Freshclam
  81. RE: Oracle, where are the patches???
  82. [ MDKSA-2006:081 ] - Updated xorg-x11 packages fix vulnerability
  83. Re: Quagga RIPD unauthenticated route injection
  84. SUSE Security Announcement: xorg-x11-server (SUSE-SA:2006:023)
  85. [USN-276-1] Thunderbird vulnerabilities
  86. Quagga RIPD unauthenticated route table broadcast
  87. [SECURITY] [DSA 1050-1] New ClamAV packages fix denial of service or arbitrary code execution
  88. Dynamic Evaluation Vulnerabilities in PHP applications
  89. [USN-277-1] TIFF library vulnerabilities
  90. Re: FTP Fuzzer
  91. Quagga RIPD unauthenticated route injection
  92. [USN-278-1] gdm vulnerability
  93. Vulnerability in the way Ultr@VNC-1.0.1 handles MS-Logon
  94. OpenVPN 2.0.7 and below: Remote OpenVPN Management Interface Flaw
  95. BankTown's ActiveX Buffer Overflow Vulnerability
  96. [USN-279-1] libnasl/nessus vulnerability
  97. [ MDKSA-2006:082 ] - Updated libtiff packages fix vulnerabilities
  98. Re: OpenVPN 2.0.7 and below: Remote OpenVPN Management Interface
  99. Re: Ejabberd : Symlink vulnerability during installation process
  100. software services
  101. [SECURITY] [DSA 1051-1] New Mozilla Thunderbird packages fix several vulnerabilities
  102. ISA Server 2004 Log Manipulation
  103. [security bulletin] HPSBUX02108 SSRT061133 rev.10 - HP-UX running Sendmail, Remote Execution of Arbitrary Code
  104. Re: Invision Power Board v2.1.5 Remote SQL Injection
  105. [REWTERZ-20060504] - Sami FTP Server Remote Buffer Overflow
  106. Re: Invision Gallery 2.0.6 ( SQL Injection )
  107. CuteGuestbook XSS attack
  108. PunBB 1.2.11 Cross-Site Scripting
  109. zawhttpd - Buffer Overflow
  110. Fast Click SQL Lite <= 1.1.3 Remote File Inclusion
  111. Fast Click <= 2.3.8 Remote File Inclusion
  112. 321soft PhP Gallery 0.9 - directory travel & XSS
  113. [USN-281-1] Linux kernel vulnerabilities
  114. [USN-280-1] X.org server vulnerability
  115. libero.it XSS vulnerability - HTML injection
  116. Panda Antivirus Enterprise Secure, Norton Antivirus 2005 and the virus "I Love You"
  117. [REWTERZ-20060503] XM Easy Personal FTP Server Remote Buffer
  118. bigwebmaster guestbook multiply XSS
  119. Re: gcc 4.1 bug miscompiles pointer range checks, may place you
  120. Re: [Full-disclosure] RE: Oracle, where are the patches???
  121. Re: Dynamic Evaluation Vulnerabilities in PHP applications
  122. Re: OpenVPN 2.0.7 and below: Remote OpenVPN Management Interface Flaw
  123. foreseeing (cough) critical problems futile? (was: Oracle, where are the patches???)
  124. WebCalendar User Account Enumeration Weakness
  125. modules name(Sections)SQL Injection Exploit
  126. modules name(Downloads)SQL Injection Exploit
  127. CuteNews 1.4.1 Multiple vulnerabilities
  128. Re: OpenVPN 2.0.7 and below: Remote OpenVPN Management Interface Flaw
  129. [ MDKSA-2006:081-1 ] - Updated xorg-x11 packages fix vulnerability
  130. Re: ISA Server 2004 Log Manipulation
  131. Re: ISA Server 2004 Log Manipulation
  132. Invision Community Blog .. Bugs
  133. SaPHPLesson 3.0 Multbugs
  134. Cryptomathic ActiveX Buffer Overflow (TDC Digital signature)
  135. TSLSA-2006-0024 - multi
  136. Re: WebCalendar User Account Enumeration Weakness
  137. [ GLSA 200605-05 ] rsync: Potential integer overflow
  138. OpenFAQ - HTML injection and XSS (Cross Site Scripting)
  139. JetBox CMS Remote File Include
  140. ChipmunkBlogger improper input sanitizing
  141. ChipmunkBoard Multiple Attack vectors
  142. FlexCustomer <= 0.0.4 sql injection
  143. myBloggie <= 2.1.3 XSS
  144. PassMasterFlex (and PassMasterFlex+) XSS injection
  145. [ GLSA 200605-06 ] Mozilla Firefox: Potential remote code execution
  146. VisionSource CMS <= 0.6 XSS vectors
  147. WebsiteBaker CMS lack of sanitizing
  148. X7Chat <= 2.0.2 avatar XSS injection
  149. Re: DB_eSession deleteSession() SQL injection
  150. Alexadex.com players.py XSS Exploit
  151. Re: gcc 4.1 bug miscompiles pointer range checks, may place you at
  152. Intel wireless service s24evmon.exe confidential information
  153. Re: Re: Invision Gallery 2.0.6 ( SQL Injection )
  154. phpBB 2.0.20 Full Path Disclosure and SQL Errors
  155. Firefox 1.5.0.3 code execution exploit
  156. Re: ISA Server 2004 Log Manipulation
  157. Idle scan rediscovered!!!
  158. URL Bug On 1ASPHost and DomainDLX Hosting Services
  159. Re: OpenVPN 2.0.7 and below: Remote OpenVPN Management Interface Flaw
  160. Re: ISA Server 2004 Log Manipulation
  161. X-POLL admin By-Pass
  162. Limbo CMS (option=weblinks) SQL injection exploit
  163. Phil's Bookmark script admin By-pass
  164. OpenEngine (PHP CMS)
  165. [KAPDA] MyBB1.1.1~Email Verification in User Activation ~SQL
  166. [ GLSA 200605-07 ] Nagios: Buffer overflow
  167. AngelineCMS Multiple Vulnerabilities
  168. Re: BankTown's ActiveX Buffer Overflow Vulnerability
  169. [SECURITY] [DSA 1052-1] New cgiirc packages fix arbitrary code execution
  170. PHPFusion <= v6.00.306 avatar mod_mime arbitrary file upload &
  171. Unfiltered Header Injection in Apache 1.3.34/2.0.57/2.2.1
  172. VSR Advisory: WebSense content filter bypass when deployed in conjunction
  173. VSR Advisory: WebSense content filter bypass when deployed in conjunction
  174. CAID 34013 - CA Common Services CAIRIM on z/OS LMP SVC vulnerability
  175. Dokeos Learning Management System 1.6.4 Remote File Include
  176. Re: SYMSA-2006-003: Cisco Secure ACS for Windows - Administrator
  177. Multiple Vulnerabilities In IdealBB ASP Bulletin Board
  178. Claroline Open Source e-Learning 1.7.5 Remote File Include
  179. singapore v0.9.7 XSS Vulnerabilities
  180. INFIGO-2006-05-03: Multiple FTP Servers vulnerabilities
  181. [Kurdish Security # 4] phpRaid Remote File Include Vulnerability
  182. [Kurdish Security # 5] phpRaid Remote File Include [SMF]
  183. Re: Invision Community Blog .. Bugs
  184. [USN-282-1] Nagios vulnerability
  185. [MajorSecurity] phpListPro <= 2.01 - Multiple Remote File Include
  186. Secunia Research: TZipBuilder ZIP File Handling Buffer Overflow
  187. ZDI-06-012: Sophos Anti-Virus CAB Unpacking Code Execution Vulnerability
  188. SYMSA-2006-003: Cisco Secure ACS for Windows - Administrator
  189. Secunia Research: Anti-Trojan unacev2.dll Buffer Overflow
  190. [ GLSA 200605-08 ] PHP: Multiple vulnerabilities
  191. [ GLSA 200605-09 ] Mozilla Thunderbird: Multiple vulnerabilities
  192. [USN-283-1] MySQL vulnerabilities
  193. Re: ISA Server 2004 Log Manipulation
  194. Secunia Research: Where Is It unacev2.dll Buffer Overflow
  195. tseekdir.cgi<--Local File Include
  196. # MHG Security Team --- OzzyWork Gallery SQL Injection
  197. ICQ Client Cross-Application Scripting (XAS)
  198. plaNetStat Admin ByPass
  199. [SECURITY] [DSA 1053-1] New Mozilla packages fix arbitrary code execution
  200. # MHG Security Team --- DuGallery V2.x SQL Injection
  201. Re: INFIGO-2006-05-03: Multiple FTP Servers vulnerabilities
  202. [EEYEB20051011B] - Microsoft Distributed Transaction Coordinator Denial of Service
  203. [EEYEB20051011A] - Microsoft Distributed Transaction Coordinator Heap Overflow
  204. ZDI-06-013: 3Com TippingPoint SMS Server Information Disclosure
  205. IGNORING SSH CONNECTION USES ARP CACHE POISSONING
  206. Two independent vulnerabilities (client and server side) in Quake3 engine and many derived games
  207. [Reversemode] Microsoft Infotech Storage library Heap Corruption
  208. Re: Phil's Bookmark script admin By-pass
  209. [SECURITY] [DSA 1054-1] New TIFF packages fix denial of service and arbitrary code execution
  210. Re: IGNORING SSH CONNECTION USES ARP CACHE POISSONING
  211. IBM Websphere Application Server Multiple Vulnerabilities
  212. # MHG Security Team --- OzzyWork Gallery Upload Vulnerabilities
  213. [ GLSA 200605-11 ] Ruby: Denial of Service
  214. [ GLSA 200605-10 ] pdnsd: Denial of Service and potential arbitrary code execution
  215. [ GLSA 200605-12 ] Quake 3 engine based games: Buffer Overflow
  216. Multiple SQL Injection Vulnerabilities in Dreamweaver Generated Code
  217. [ MDKSA-2006:083 ] - Updated gdm package fixes symlink attack vulnerability
  218. Re: Firefox 1.5.0.3 code execution exploit
  219. Re: tseekdir.cgi<--Local File Include
  220. Re: Firefox 1.5.0.3 code execution exploit
  221. Re: Firefox 1.5.0.3 code execution exploit
  222. Re: Milliscript 1.4 Multiple Vulnerabilities
  223. Re: phpBB 2.0.20 Full Path Disclosure and SQL Errors
  224. Re: Firefox 1.5.0.3 code execution exploit
  225. UBlog Remote XSS Exploit
  226. Re: OpenVPN 2.0.7 and below: Remote OpenVPN Management Interface
  227. [ MDKSA-2006:084 ] - Updated MySQL packages fix several vulnerabilities
  228. Re: IGNORING SSH CONNECTION USES ARP CACHE POISSONING
  229. Firefox 1.5.0.3 - DoS
  230. mybb v1.1.1(showthread.php) SQL Injection Exploit
  231. [TZO-042006] Insecure Auto-Update and File execution
  232. Re: Firefox 1.5.0.3 - DoS
  233. PhpListPro 2.01 Remote File Include Vulnerability
  234. Re: Firefox 1.5.0.3 code execution exploit
  235. Re: modules name(Downloads)SQL Injection Exploit
  236. vbulletin security Alert
  237. [48Bits.com Advisory] Path conversion design flaw in Microsoft
  238. Hackmaster Group DMCounter Remote File Include
  239. Kerio WinRoute Firewall Protocol Inspection Denial
  240. Oracle - the last word
  241. ZDI-06-014: Verisign I-Nav ActiveX Control Code Execution Vulnerability
  242. Re: phpBB 2.0.20 Full Path Disclosure and SQL Errors
  243. Re: SYMSA-2006-003: Cisco Secure ACS for Windows - AdministratorPassword Disclosure
  244. Cisco Security Advisory: AVS TCP Relay Vulnerability
  245. Re: vbulletin security Alert
  246. [ MDKSA-2006:085 ] - Updated xine-ui packages fix format string vulnerabilities
  247. Re: Oracle - the last word
  248. RE: SYMSA-2006-003: Cisco Secure ACS for Windows - AdministratorPassword Disclosure
  249. [TZO-042006] Insecure Auto-Update and File execution (2)
  250. [SECURITY] [DSA 1055-1] New Mozilla Firefox packages fix arbitrary code execution