PDA

Bekijk Volledige Versie : Bugtraq mailing lijst



Pagina's : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 [53] 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98

  1. [ GLSA 200606-11 ] JPEG library: Denial of Service
  2. [ GLSA 200606-12 ] Mozilla Firefox: Multiple vulnerabilities
  3. [ GLSA 200606-13 ] MySQL: SQL Injection
  4. Mydeardiary.com - XSS
  5. Diaryland.com - XSS
  6. Lycos.com - XSS vulnerability
  7. Hotbot.com - XSS vulnerability in search engine
  8. 5 Star Review - review-script.com - XSS w/ cookie output
  9. vbulletin.com Multiple XSS Vulnerabilities
  10. Secunia Research: MyBB "domecode()" PHP Code Execution
  11. WinSCP - URI Handler Command Switch Parsing
  12. Re: iFoto v0.20-06/06/06
  13. RCblog 1.03 Directory Traversal [index.php]
  14. CS-Forum <= 0.81 Cross Site Scripting, SQL Injection, Full Path
  15. Myscrapbook v3.1 - XSS
  16. Wanderlist.com - XSS vuln with sessions disclosure
  17. PaintedOver.com, Inc. 2004-2006 Xss Vulnerabilities
  18. [KAPDA::48]CopperminePhotoGallery1.4.8~ addhit() function~
  19. tempnam() Bypass unique file name PHP 5.1.4
  20. Opengaia.com - XSS Vuln & Session Include
  21. Foing (manage_songs.php) Remote File Inclusion[phpBB]
  22. sorry i wrong something, this is original AWF CMS 1.11 adv
  23. Nowtalking.com - XSS
  24. ThWboard 3.0 <= SQL Injection
  25. Stargazer.org - XSS with Session output
  26. cescripts.com - XSS
  27. Windows XP Task Scheduler Local Privilege Escalation (Advisory)
  28. Wireclub.com - XSS & cookie disclosure
  29. Re: igloo DoubleSpeak v 0.1 Multiple remote file inclusion
  30. Virtualtourist.com - XSS with cookie disclosure
  31. rPSA-2006-0100-1 freetype
  32. [ MDKSA-2006:099 ] - Updated freetype2 packages fixes multiple vulnerabilities.
  33. Re: SSL VPNs and security
  34. RE: Internet Explorer vulnerbility
  35. myPHP Guestbook 2.0.2 XSS Vulnerabilitie
  36. Flork.com
  37. [ GLSA 200606-14 ] GDM: Privilege escalation
  38. Vampirefreaks.com - XSS with cookie disclosure
  39. # MHG Security Team --- PHORUM 5.1.13 Remote File Inc.
  40. Re: SSL VPNs and security
  41. [EEYEB-20060524] Symantec Remote Management Stack Buffer Overflow
  42. Onlinenode.com - XSS
  43. Re: Internet Explorer vulnerbility
  44. Re: SSL VPNs and security
  45. Yourfacesucks.com - XSS & cookie disclosure
  46. [ GLSA 200606-09 ] SpamAssassin: Execution of arbitrary code
  47. Blackplanet.com - XSS & cookie disclosure vuln.
  48. Meefo.com - XSS with cookie include
  49. Re: Ie opera dos exploit
  50. Invision Power Board XSS
  51. Re: Windows XP Task Scheduler Local Privilege Escalation (Advisory)
  52. Re: Internet Explorer vulnerbility
  53. internet explorer vulnerability based on MarjinZ & Mr.Niega discovered
  54. [FSA013] phpCMS 1.2.1pl2, Remote command execution
  55. Call For Papers - No cON Name 2006 Edition Spain
  56. Emllabs.com - XSS
  57. Content-Builder (CMS) 0.7.5, Remote command execution
  58. DCP-Portal 6.1.x, Remote command execution
  59. Re: BUGTRAQ:20060611 ThWboard 3.0 <= SQL Injection
  60. Re: SSL VPNs and security
  61. [SECURITY] [DSA 1096-1] New webcalendar packages fix arbitrary code execution
  62. VBZooM <<--V1.11 "subject.php" SQL injection
  63. VBZooM <<--V1.02 "meaning.php" SQL injection
  64. VBZooM <<--V1.01 "language.php" SQL injection
  65. Simpnews <= All version - Remote File Include Vulnerabilities
  66. multiple Xss exploits in 35mmslidegallery V6
  67. High Risk Vulnerability in Microsoft Windows RASMAN Service
  68. iDefense Security Advisory 06.13.06: Windows MRXSMB.SYS MRxSmbCscIoctlOpenForCopyChunk
  69. iDefense Security Advisory 06.13.06: Microsoft Internet Explorer
  70. ZDI-06-017: Microsoft Internet Explorer UTF-8 Decoding Heap Overflow
  71. PHP MESSENGER 1.0 Version - Remote File Include Vulnerability
  72. Jobline 1 1 1 Version - Remote File Include Vulnerability
  73. Amr Talkbox talkbox.PHP - Remote File Include Vulnerabilities
  74. S H O U T B O X (v1.5) Version - Remote File Include Vulnerability
  75. Re: Shoutpro 1.0 Version - Remote File Include Vulnerability
  76. iDefense Security Advisory 06.13.06: Windows MRXSMB.SYS MrxSmbCscIoctlCloseForCopyChunk
  77. Ltwcalendar 4.1.3 version - Remote File Include Vulnerabilities
  78. [REVERSEMODE ADVISORY] MS06-030 - Microsoft Mrxsmb.sys privilege
  79. Re: Simpnews <= All version - Remote File Include Vulnerabilities
  80. # MHG Security Team --- PHPAskIt v2.0.1 Remote File Inc.
  81. [REVERSEMODE ADVISORY] MS06-030 NtClose DeadLock.
  82. Web-CMS <<--1.0 "print.php" SQL injection
  83. TikiWiki Sql injection & XSS Vulnerabilities
  84. Re: vbulletin.com Multiple XSS Vulnerabilities
  85. Re: PHP-Nuke <= 7.9 Search XSS Vulnerability
  86. blur6ex <= 0.3.462 'ID' blind sql injection
  87. REMOTE FILE INCLUSION ( ALL )
  88. RE: Dell Openmanage CD Vulnerability
  89. Chipmailer <= 1.09 Multiple Vulnerabilities
  90. RE: Windows Software Restriction Policy Protection Bypass
  91. iDefense Security Advisory 06.13.06: Windows Media Player PNG Chunk
  92. GamePlay.co.uk XSS
  93. PhpMyFactures 1.0 Cross Site Scripting, SQL Injection, Full Path
  94. Oracle DBMS_STANDARD security problem
  95. Re: PaintedOver.com, Inc. 2004-2006 Xss Vulnerabilities
  96. file include exploits in mcGuestbook 1.3
  97. SYMSA-2006-004: Vulnerability in Graphics Rendering Engine Could
  98. Simpleshout 1.6.0 Version - Remote File Include Vulnerability
  99. ZDI-06-018: Microsoft Internet Explorer DXImageTransform ActiveX Memory
  100. VBZooM <<-- V1.11 "show.php" SQL injection
  101. Shoutpro 1.0 Version - Remote File Include Vulnerability
  102. [MajorSecurity #17] SixCMS <= 6 - Multiple XSS and directory
  103. G Shout 1.3.1 Version - Remote File Include Vulnerability
  104. Barracuda Spam Firewall: Administrator Level Remote Command Execution
  105. [ GLSA 200608-07 ] libTIFF: Multiple vulnerabilities
  106. vBulletin 3.0.14 ~ init.php~ registerring global arbitary
  107. Tinyportal Shoutbox
  108. [ GLSA 200608-08 ] GnuPG: Integer overflow vulnerability
  109. MyBloggie <= 2.1.4 trackback.php SQL injection / admin
  110. XSS Vulnerability in FTD v3.7.3
  111. Re: flatnuke <= 2.5.7 arbitrary php file upload
  112. XennoBB <= 2.1.0 "birthday" SQL injection
  113. SAPID CMS remote File Inclusion vulnerabilities
  114. 0-day XP SP2 wmf exploit
  115. [ECHO_ADV_44$2006] PHP Simple Shop <= 2.0 (abs_path) Remote File
  116. SolpotCrew Advisory #6 - phpCC - Beta 4.2 (base_dir) Remote File
  117. 0-day XP SP2 wmf exploit (some details)
  118. NEWSolved Lite v1.9.2 (abs_path) Remote File Inclusion
  119. blur6ex 0.3 Comment title HTML inyection vuln.
  120. when will AV vendors fix this???
  121. PHP: Zend_Hash_Del_Key_Or_Index Vulnerability
  122. IMENDIO PLANNER REMOTE FILENAME FORMAT STRING VULNERABILITY
  123. Multiple vulnerabilities in DConnect Daemon 0.7.0 (CVS 30 Jul 2006)
  124. [ GLSA 200608-10 ] pike: SQL injection vulnerability
  125. php local buffer underflow could lead to arbitary code execution
  126. [ GLSA 200608-11 ] Webmin, Usermin: File Disclosure
  127. [vuln.sg] Lhaz LHA Long Filename Buffer Overflow Vulnerability
  128. Virtual War v1.5.0 Remote File Include (vwar_root)
  129. Re: when will AV vendors fix this???
  130. [SECURITY] [DSA 1144-1] New chmlib packages fix denial of service
  131. linksys WRT54g authentication bypass
  132. [ GLSA 200608-12 ] x11vnc: Authentication bypass in included LibVNCServer code
  133. Will Microsoft patch remarkable old Msjet40.dll issue?
  134. Re: Vanilla CMS <= 1.0.1 (RootDirectory) Remote file inclusion Vuln.
  135. RE: linksys WRT54g authentication bypass
  136. Visual Events Calendar v1.1 (cfg_dir) Remote Inclusion
  137. DeluxeBB Multiple Vulnerabilities
  138. simplog 0.9.3 and prior XSS
  139. TSRT-06-06: Computer Associates eTrust AntiVirus WebScan Manifest
  140. TSRT-06-05: Computer Associates eTrust AntiVirus WebScan Automatic Update
  141. Re: [Announcement] Apache HTTP Server 2.2.3 (2.0.59, 1.3.37) Released
  142. Re: SolpotCrew Advisory #5 - modernbill ver 1.6 (DIR) Remote File
  143. ARES 2007: Call for workshop proposals, deadline Sept 10, 2006
  144. Attacking the local LAN via XSS
  145. Re: [Full-disclosure] Attacking the local LAN via XSS
  146. Re: [Full-disclosure] Attacking the local LAN via XSS
  147. Re: [Full-disclosure] Attacking the local LAN via XSS
  148. Re: Re[2]: [Full-disclosure] Attacking the local LAN via XSS
  149. Re[2]: [Full-disclosure] Attacking the local LAN via XSS
  150. Re: vbulletin 3.5.4 IE exploit xss
  151. AUTODAFE: an Act of Software Torture [FUZZER]
  152. phpPrintAnalyzer <= 1.1 (rep_par_rapport_racine) Remote File
  153. [EEYEB-20060719] McAfee Subscription Manager Stack Buffer Overflow
  154. Announcement: Feed Injection in Web 2.0: Hacking RSS and Atom Feed Implementations [Whitepaper]
  155. [ GLSA 200608-13 ] ClamAV: Heap buffer overflow
  156. ZDI-06-026: Microsoft Internet Explorer Multiple CSS Imports Memory
  157. ZDI-06-027: Microsoft Internet Explorer CSS Class Ordering Memory
  158. [SECURITY] [DSA 1145-1] New freeradius packages fix several vulnerabilities
  159. Archangel Weblog 0.90.02 and prior Multiple HTML injections
  160. docpile:we v0.2.2 (INIT_PATH) Remote File Inclusion Vulnerability
  161. rPSA-2006-0147-1 mysql mysql-bench mysql-server
  162. phNNTP <= 1.3 (article-raw.php) Remote File Include Vulnerability
  163. Microsoft PowerPoint Malformed Record Memory Corruption
  164. [ GLSA 200608-14 ] DUMB: Heap buffer overflow
  165. unwrapping PL/SQL
  166. MojoScripts' xss vulnerable
  167. TSRT-06-07: eIQnetworks Enterprise Security Analyzer Monitoring Agent
  168. MITKRB-SA-2006-001: multiple local privilege escalation vulnerabilities
  169. Re: Will Microsoft patch remarkable old Msjet40.dll issue?
  170. ERRATA: [ GLSA 200608-08 ] GnuPG: Integer overflow vulnerability
  171. AW: Virtual War v1.5.0 Remote File Include (vwar_root)
  172. rPSA-2006-0150-1 krb5 krb5-server krb5-services krb5-test
  173. [Overflow.pl] Clam AntiVirus Win32-UPX Heap Overflow
  174. SUSE Security Announcement: clamav (SUSE-SA:2006:046)
  175. PgMarket 2.2.3 (CFG[libdir]) Remote File Inclusion Vulnerabilities
  176. [USN-333-1] libwmf vulnerability
  177. Latinchat Denial Of Service
  178. Assessment of Vista Kernel Mode Security
  179. [SECURITY] [DSA 1146-1] New krb5 packages fix privilege escalation
  180. [ MDKSA-2006:138 ] - Updated clamav packages fix vulnerability
  181. CivicSpace Version 0.8.5 HTML injection
  182. BlogHoster v2.2 Post Comment Html Injection
  183. Cwfm <= 0.9.1 (Language) Remote File Inclusion Vulnerability
  184. [ISR] - Novell Groupwise Webaccess (Cross-Site Scripting)
  185. [ MDKSA-2006:139 ] - Updated krb5 packages fix local privilege escalation vulnerability
  186. TSRT-06-10: Microsoft HLINK.DLL Hyperlink Object Library Buffer Overflow
  187. Multiple buffer-overflows in AlsaPlayer 0.99.76
  188. Stack and heap overflows in MODPlug Tracker/OpenMPT 1.17.02.43 and
  189. TSRT-06-09: Microsoft DirectAnimation COM Object Memory Corruption
  190. TSRT-06-08: Microsoft Internet Help COM Object Memory Corruption
  191. [SECURITY] [DSA 1148-1] New gallery packages fix several vulnerabilities
  192. [SECURITY] [DSA 1147-1] New drupal packages fix cross-site scripting
  193. [ MDKSA-2006:140 ] - Updated ncompress packages fix vulnerability
  194. XChat <= 2.6.4-1 (win version) Remote Denial of Service Exploit (php)
  195. PHPMyRing <= 4.2.0 (view_com.php) Remote SQL Injection
  196. Yabb XSS
  197. TinyWebGallery v1.5 ( image ) Remote Include Vulnerability
  198. [SECURITY] [DSA 1149-1] New ncompress packages fix potential code execution
  199. Sending multipart/form-data requests from Flash (with arbitrary
  200. Directory Traversal vulnerability in IPCheck Monitor Server
  201. CYBSEC - Security Pre-Advisory: SAP Internet Graphics Service (IGS)
  202. CYBSEC - Security Pre-Advisory: SAP Internet Graphics Service (IGS)
  203. PocketPC MMS - Remote Code Injection/Execution Vulnerability and
  204. [ GLSA 200608-15 ] MIT Kerberos 5: Multiple local privilege escalation (test Falco for security@)
  205. [ GLSA 200608-17 ] libwmf: Buffer overflow vulnerability
  206. [ GLSA 200608-18 ] Net::Server: Format string vulnerability
  207. [ GLSA 200608-16 ] Warzone 2100 Resurrection: Multiple buffer overflows
  208. Re: SYM06-013 Symantec On-Demand Protection Encrypted Data Exposure
  209. Mambo/Joomla Component Remository v3.25 (mosConfig_absolute_path)
  210. Netgear FVG318 is vunerable to DOS attack
  211. Mafia Moblog <= 6 (pathtotemplate) Remote File Inclusion
  212. InfanView 3.98 (with plugins) - Access violation at processing
  213. myBloggie <= 2.1.3 (mybloggie_root_path) Remote File Inclusion
  214. Compersus ASP shopping cart <= DataBase Downloading vuln.
  215. Virtual War v1.5.0 <= Sql Injection vuln.
  216. XennoBB <= "avatar gallery" Directory Transversal
  217. CGI Script Source Code Disclosure Vulnerability in Apache for Windows
  218. Simple one-file GuestBook 1.0
  219. Dragonfly CMS 9.0.6.1 and prior XSS
  220. Security Contact
  221. Re: when will AV vendors fix this???
  222. RE: when will AV vendors fix this???
  223. Re: when will AV vendors fix this???
  224. RE: [Full-disclosure] RE: when will AV vendors fix this???
  225. Re: Re: Cisco VPN Concentrator IKE resource exhaustion DoS Advisory
  226. Re: [Full-disclosure] Attacking the local LAN via XSS
  227. Re: linksys WRT54g authentication bypass
  228. Re: linksys WRT54g authentication bypass
  229. Re: linksys WRT54g authentication bypass
  230. RE: linksys WRT54g authentication bypass
  231. RE: linksys WRT54g authentication bypass
  232. Re: when will AV vendors fix this???
  233. Bypassing script filters with variable-width encodings
  234. Re: linksys WRT54g authentication bypass
  235. XSSing the Lan 3 (web trojans.. not a new idea)
  236. Re: linksys WRT54g authentication bypass
  237. Security Vulnerability in Ruby on Rails 1.1.x
  238. [security bulletin] HPSBUX02108 SSRT061133 rev.14 - HP-UX Running Sendmail, Remote Execution of Arbitrary Code
  239. [security bulletin] HPSBUX02124 SSRT061159 rev.2 - HP-UX Sendmail MIME Remote Denial of Service (DoS)
  240. TSLSA-2006-0046 - multi
  241. Re: Re: Cisco VPN Concentrator IKE resource exhaustion DoS Advisory
  242. miniBloggie <= 1.0 (fname) Remote File Inclusion Vulnerability
  243. [ GLSA 200608-19 ] WordPress: Privilege escalation
  244. Startpage <= 1.0 (cfgLanguage) Remote File Inclusion Vulnerability
  245. rPSA-2006-0152-1 squirrelmail
  246. WEBInsta Mailing list manager (cabsolute_path) 1.3e RFI
  247. Re: [ GLSA 200608-12 ] x11vnc: Authentication bypass in included
  248. wheatblog &#1615;Session.php Remote File Inclusion
  249. UPDATE: [ GLSA 200511-12 ] Scorched 3D: Multiple vulnerabilities
  250. VWar <= 1.50 R14 (n) Remote SQL Injection