PDA

Bekijk Volledige Versie : Bugtraq mailing lijst



Pagina's : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 [60] 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98

  1. iDefense Security Advisory 11.08.06: Cisco Secure Desktop Privilege
  2. knowledgeBuilder v.2.2.php.NuLL-WDYL=> Remote File Include
  3. Speedwiki 2.0 Arbitrary File Upload Vulnerability
  4. [ MDKSA-2006:202 ] - Updated wv packages fix vulnerabilities
  5. Immediacy .NET CMS possibly vulnerable to Cross Site Scripting through
  6. FreeWebshop <=2.2.2 [local file include & xss]
  7. FreeBSD Security Advisory FreeBSD-SA-06:24.libarchive
  8. Antwort: Joomla 1.0.11 Remote File Include
  9. [ MDKSA-2006:204 ] - Updated openssh packages fix vulnerability
  10. bitweaver <=1.3.1 [injection sql (post) & xss (post)]
  11. GNU gv Stack Overflow Vulnerability
  12. [SECURITY] [DSA 1207-1] New phpmyadmin packages fix several vulnerabilities
  13. LandShop Real Estate [multiple injection sql & xss]
  14. [USN-379-1] texinfo vulnerability
  15. Re: Multiple vulnerabilities in SAP Web Application Server 6.40
  16. Wheatblog [multiple xss (post) & full path disclosure]
  17. [security bulletin] HPSBMA02167 SSRT061262 rev.2 - HP OpenView Client Configuration Manager (CCM), Remote Unauthorized Arbitrary Code Execution or Denial of Service (DoS)
  18. [ GLSA 200611-04 ] Bugzilla: Multiple Vulnerabilities
  19. rPSA-2006-0204-1 kernel
  20. rPSA-2006-0205-1 php php-mysql php-pgsql
  21. rPSA-2006-0206-1 firefox thunderbird
  22. rPSA-2006-0207-1 openssh openssh-client openssh-server
  23. [ MDKSA-2006:205 ] - Updated Firefox packages fix multiple vulnerabilities
  24. [ MDKSA-2006:206 ] - Updated Thunderbird packages fix multiple vulnerabilities
  25. [OpenPKG-SA-2006.033] OpenPKG Security Advisory (openldap)
  26. [ GLSA 200611-05 ] Netkit FTP Server: Privilege escalation
  27. [x0n3-h4ck]Essentia Web Server v.2.15 Buffer Overflow
  28. [x0n3-h4ck]Drake CMS v 0.2 XSS exploit
  29. ZDI-06-039: Marshal MailMarshal ARJ Extraction Directory Traversal
  30. encapscms 0.3.6 - Remote File Include by Firewall
  31. PHPKit 1.6.1 RC2 (faq/faq.php) Remote SQL Injection Exploit
  32. Mega Mall [ multiples injection sql & full path disclosure ]
  33. MyStats <=1.0.8 [injection sql, multiples xss, array & full path
  34. Exophpdesk V1.2 - Remote File Include
  35. [SECURITY] [DSA 1209-1] New trac packages fix cross-site request forgery
  36. Wordpress File Inclusion
  37. TOPSTORY BASIC Version 1.0 => Remote File Include Vulnerability
  38. [MajorSecurity Advisory #33]ShopSystems - SQL Injection Issue
  39. phpManta - Mdoc <= 1.0.2 (view-sourcecode.php) Local File Include
  40. AspPired2 Poll <= 1.0 (MoreInfo.asp) Remote SQL Injection Exploit
  41. UStore 1.0 (detail.asp) Remote SQL Injection Vulnerability
  42. NuCommunity 1.0 (cl_CatListing.asp) Remote SQL Injection Exploit
  43. Re: [ GLSA 200611-03 ] NVIDIA binary graphics driver: Privilege escalation vulnerability
  44. NuRems 1.0 Remote XSS/SQL Injection Exploit
  45. NuStore 1.0 (Products.asp) Remote SQL Injection Vulnerability
  46. Re: feedsplitter considered harmful
  47. NuSchool 1.0 (CampusNewsDetails.asp) Remote SQL Injection Exploit
  48. Re: Wordpress File Inclusion
  49. [SECURITY] [DSA 1208-1] New bugzilla packages fix several vulnerabilities
  50. XSS in Email Signature Script
  51. infinicart [ multiples injection sql & xss (post) ]
  52. shambo2 Component For Mambo 4.5 Remote File Inclusion Exploit
  53. Re: Cross Site Scripting (XSS) Vulnerability in Netquery by "VIRtech"
  54. Web Interface remote file inclusion
  55. VBulletin DoS Exploit [ all Versions ]
  56. Digipass Go3 Token Dumper (at least for 2006)
  57. ZDI-06-038: Citrix MetaFrame IMA Management Module Remote Heap Overflow
  58. Phpjobscheduler 3.0 - Multiple Remote File Include
  59. Phpdebug 1.1.0 - Remote File Include by Firewall
  60. ELOG Web Logbook Remote Denial of Service Vulnerability
  61. UltraSite 1.0 (update.asp) Remote SQL Injection Vulnerability
  62. Asp Scripter Products (cpLogin.asp) Remote SQL ByPass Injection
  63. CPanel Multiple Cross Site Scription
  64. Old SAP exploits
  65. Property Pro v1.0 (vir_Login.asp) Remote Login ByPass SQL
  66. Re: [x0n3-h4ck]Essentia Web Server v.2.15 Buffer Overflow
  67. ASPPortal <= 4.0.0 (default1.asp) Remote SQL Injection Exploit
  68. UPublisher 1.0 (viewarticle.asp) Remote SQL Injection Vulnerability
  69. [FLSA-2006:211760] Updated gzip package fixes security issues
  70. Estate Agent Manager <= v1.3 (default.asp) Remote Login ByPass
  71. [SECURITY] [DSA 1209-2] New trac packages fix cross-site request forgery
  72. Challenges faced by automated web application security assessment tools
  73. DirectAdmin Multiple Cross Site Scription
  74. VMSA-2006-0006 - VMware ESX Server 2.5.3 Upgrade Patch 4
  75. [ GLSA 200611-06 ] OpenSSH: Multiple Denial of Service vulnerabilities
  76. SinFP 2.04 release, works under Windows
  77. Re: [ GLSA 200611-03 ] NVIDIA binary graphics driver: Privilege escalation vulnerability
  78. iDefense Security Advisory 11.09.06: Citrix Presentation Server 4.0
  79. [ GLSA 200611-08 ] RPM: Buffer overflow
  80. VMSA-2006-0007 - VMware ESX Server 2.1.3 Upgrade Patch 2
  81. New Bug MiniBB Forum <= 2 Remote File Include (index.php)
  82. VMSA-2006-0005 - VMware ESX Server 2.5.4 Upgrade Patch 1
  83. Online Event Registration <= v2.0 (save_profile.asp) Remote User
  84. VMSA-2006-0009 - VMware ESX Server 3.0.0 AMD fxsave/restore issue
  85. VMSA-2006-0008 - VMware ESX Server 2.0.2 Upgrade Patch 2
  86. [ GLSA 200611-07 ] GraphicsMagick: PALM and DCM buffer overflows
  87. Re: Wordpress File Inclusion
  88. Re: GNU gv Stack Overflow Vulnerability
  89. [SECURITY] [DSA 1210-1] New Mozilla Firefox packages fix several vulnerabilities
  90. Real Estate Listing System SQL Injection
  91. ASPintranet SQL Injection
  92. SiteXpress SQL Injection
  93. WWWeb Cocepts SQL Injection
  94. Ustore SQL Injection
  95. eShopping SQL Injection
  96. ECommerce Store Shop Builder
  97. Engine Manager SQL Injection
  98. Advisory 14/2006: Dotdeb PHP Email Header Injection Vulnerability
  99. BPG Content Management System SQL Injection
  100. Apple Safari "match" Buffer Overflow Vulnerability
  101. Re: [ GLSA 200611-03 ] NVIDIA binary graphics driver: Privilege
  102. Re: [ GLSA 200611-03 ] NVIDIA binary graphics driver: Privilege escalation vulnerability
  103. Inventory Manager [injection sql & xss (get)]
  104. Evolve Merchant[ injection sql ]
  105. Re: New Bug MiniBB Forum <= 2 Remote File Include (index.php)
  106. FunkyASP Glossary v1.0 [injection sql]
  107. Blogme v3 [admin login bypass & xss (post)]
  108. Property Site Manager [login bypass ,multiples injection sql &
  109. [Fwd: DMA[2006-1031a] - 'Intego VirusBarrier X4 definition bypass
  110. Re: [Full-disclosure] ZDI-06-040: WinZip FileView ActiveX Control Unsafe Method Exposure Vulnerability
  111. [Fwd: OpenBase SQL multiple vulnerabilities Part Deux]
  112. EEYE: Workstation Service NetpManageIPCConnect Buffer Overflow
  113. ZDI-06-040: WinZip FileView ActiveX Control Unsafe Method Exposure
  114. ZDI-06-041: Microsoft Internet Explorer CSS Float Property Memory
  115. A+ Store E-Commerce[ injection sql & xss (post) ]
  116. A-Cart pro[ injection sql (post&get)]
  117. hpecs shopping cart[login bypass & injection sql (post)]
  118. Car Site Manager [injection sql & xss (get)]
  119. Dragon calendar [ login bypass & injection sql ]
  120. [SECURITY] [DSA 1211-1] New pdns packages fix arbitrary code execution
  121. MultiCalendars [ multiples injection sql ]
  122. NetBSD all versions FireWire IOCTL kernel integer overflow information disclousure
  123. [OpenPKG-SA-2006.034] OpenPKG Security Advisory (texinfo)
  124. DragonFlyBSD all versions FireWire IOCTL kernel integer overflow information disclousure
  125. TrustedBSD* all versions FireWire IOCTL kernel integer overflow information disclousure
  126. TSLSA-2006-0063 - multi
  127. [ MDKSA-2006:207 ] - Updated bind packages fixes RSA signature verification vulnerability
  128. [SECURITY] [DSA 1212-1] New openssh packages fix denial of service
  129. E-Calendar Pro 3.0 [ login bypass & injection sql (post)]
  130. Outpost Multiple insufficient argument validation of hooked SSDT
  131. Helm Cross-Site Scripting (XSS)
  132. FreeBSD all versions FireWire IOCTL kernel integer overflow information disclousure
  133. [ MDKSA-2006:208 ] - Updated openldap packages fixes Bind vulnerability
  134. Bloo => 1.00 Cross Site Scripting
  135. E-commerce Kit 1 PayPal Edition [ injection sql ]
  136. MetaCart e-Shop [multiples injection sql (get & post)]
  137. Xtreme ASP Photo Gallery Cross Site Scripting And SQL Injection
  138. discloser => 0.0.4 Remote File Include Vulnerabilities
  139. Hot Links download backup authorized vulnerabilities
  140. PhpMyAdmin all version [multiples vulnerability]
  141. OdysseusBlog => 1.0.0 Cross Site Scripting
  142. Bloo => 1.00 Remote File Include Vulnerability
  143. [MajorSecurity Advisory #34]Plesk 8 - Multiple Cross Site
  144. Team Evil - Incident #2
  145. Chetcpasswd 2.x: multiple vulnerabilities
  146. Secunia Research: MDaemon Insecure Default Directory Permissions
  147. Re: Apple Safari "match" Buffer Overflow Vulnerability
  148. dev_wms => 1.5 Remote File Include Vulnerabilities
  149. discloser => 0.0.4 Remote File Include Vulnerability Exploit
  150. Etomite CMS 0.6.1.2 Multiple Vulnerabilities ( Sql Injection + Local
  151. Re: Advisory 14/2006: Dotdeb PHP Email Header Injection Vulnerability
  152. eShopping Cart [injection sql]
  153. Whitepaper: Implementing and Detecting a PCI Rootkit
  154. Vulnerabilities in Client Service for NetWare
  155. CandyPress Store[ multiples injection sql ]
  156. BaalAsp forum [login bypass ,injections sql(post), xss(post)]
  157. ZDI-06-042: Verity Ultraseek Request Proxying Vulnerability
  158. Helm Cross Site Scripting
  159. Myphotos => Remote File Include Vulnerability Exploit
  160. i-Gallery 3.4 Cross Site Scripting
  161. Sphpblog => 0.8 Cross Site Scripting
  162. BlogTorrent-preview => 0.92 Cross Site Scripting
  163. Comdev One Admin Pro.v4.1 ( path[skin] ) Remote File include
  164. ASP Cart [multiples injection sql (post & get)]
  165. worksystem => Remote File Include Vulnerability Exploit
  166. Re: FreeBSD all versions FireWire IOCTL kernel integer overflow
  167. Hot Links download backup authorized vulnerabilities (re-post
  168. eggblog=> 3.1.0 Cross Site Scripting
  169. Secunia Research: Panda ActiveScan Multiple Vulnerabilities
  170. RE: VBulletin DoS Exploit [ all Versions ]
  171. UK Security Convention - Continuity 2006
  172. Links smbclient command execution
  173. rPSA-2006-0211-1 libpng
  174. Image gallery with Access Database SQL Injection
  175. My-BIC => 0.6.5 Remote File Include Vulnerability Exploit
  176. ASPintranet SQL Injection
  177. blogcms => 4.0.0 Remote File Include
  178. RED Blog => Remote File Include Vulnerability Exploit
  179. Storystream => 4.0 Remote File Include Vulnerability Exploit
  180. Pilot Cart V.7.2 [ injection sql (post) ]
  181. [ MDKSA-2006:209 ] - Updated libpng packages fix vulnerabilities
  182. Kerio WebSTAR local privilege escalation
  183. [ MDKSA-2006:211 ] - Updated pxelinux packages to fix embedded libpng vulnerabilities
  184. [ MDKSA-2006:210 ] - Updated syslinux packages to fix embedded libpng vulnerabilities
  185. [OpenPKG-SA-2006.035] OpenPKG Security Advisory (proftpd)
  186. Active News Manager [ injection sql (post&get)]
  187. [ MDKSA-2006:212 ] - Updated doxygen packages to fix embedded libpng vulnerabilities
  188. [ MDKSA-2006:213 ] - Updated chromium packages to fix embedded libpng vulnerabilities
  189. [OpenPKG-SA-2006.036] OpenPKG Security Advisory (png)
  190. [USN-383-1] libpng vulnerability
  191. [security bulletin] HPSBMA02088 SSRT051026 rev. 2 - HP-UX running WBEM Services Denial of Service (DoS)
  192. [ GLSA 200611-09 ] libpng: Denial of Service
  193. TSLSA-2006-0065 - libpng
  194. [ GLSA 200611-10 ] WordPress: Multiple vulnerabilities
  195. Re: Etomite CMS 0.6.1.2 Multiple Vulnerabilities ( Sql Injection
  196. [Aria-Security] CPanel Network Tools Cross Site Scripting [Advisory]
  197. 20/20 auto gallery [ multiples injection sql ]
  198. 20/20 real estate [ multiples injection sql ]
  199. TFTPD32 v3.01 TFTP Server Long File Name Buffer Overflow
  200. [Reversemode advisory] Computer Associates HIPS Drivers - multiple
  201. Sphpblog => 0.8 Remote File Include Vulnerabilities
  202. Aspmforum [ multiples injection sql (get&post)]
  203. igital Armaments November-Decemberr Hacking Challenge: KERNEL Remote
  204. 20/20 datashed [ multiples injection sql ]
  205. XSS vBulletin 3.6.X Admin Control Painel
  206. MosReporter Joomla Component Remote File Inclusion Exploi
  207. Dating Site [ login bypass & xss]
  208. Re: blogcms => 4.0.0 Remote File Include
  209. Re: Airmagnet management interfaces multiple vulnerabilities
  210. Infinitytechs Restaurants CM
  211. [ MDKSA-2006:214 ] - Updated gv packages fix buffer overflow vulnerability
  212. Re: dev_wms => 1.5 Remote File Include Vulnerabilities
  213. ehomes [multiples injections sql]
  214. Serious crypto problem fixed by envelope HMAC method insteadof currently used prefix
  215. Rialto 1.6[admin login bypass & multiples injections sql]
  216. PhpQuickGallery <= 1.9 Remote File Inclusion Exploit
  217. gNews Publisher SQL Injection Vulnerabilites
  218. RE: FreeBSD all versions FireWire IOCTL kernel integer overflow information disclousure
  219. Shopping_Catalog Remote File Include exploit
  220. dicshunary 0.1 alpha Remote File Inclusion Exploit
  221. DodosMail <= 2.0.1(dodosmail.php) Remote File Inclusion Exploit
  222. klf-realty [injection sql]
  223. enomphp => 4.0 Remote Traversal Directory
  224. iPrimal Forums (index.php) Remote File Include Exploit
  225. mg.applanix <= 1.3.1 Remote File Include Exploit
  226. mxBB calsnails module 1.06 Remote File Inclusion Exploit
  227. Telaen => 1.1.0 Remote File Include Vulnerability
  228. [SECURITY] [DSA 1214-1] New gv packages fix arbitrary code execution
  229. [ MDKSA-2006:217 ] - Updated proftpd packages fix vulnerabilities
  230. LoudMouth => 2.4 Remote File Include Vulnerabilities
  231. The Week of Oracle Database Bugs
  232. [ GLSA 200611-13 ] Avahi: "netlink" message vulnerability
  233. [SECURITY] [DSA 1217-1] New linux-ftpd packages fix access control bypass
  234. [ GLSA 200611-12 ] Ruby: Denial of Service vulnerability
  235. Re: Serious crypto problem fixed by envelope HMAC method insteadof currently used prefix
  236. MyAlbum <= 3.02 (langs_dir) Remote File Inclusion Exploit
  237. [ GLSA 200611-14 ] TORQUE: Insecure temproary file creation
  238. [SECURITY] [DSA 1216-1] New flexbackup packages fix denial of service
  239. BirdBlog => v1.4.0 Cross Site Scripting
  240. [ MDKSA-2006:215 ] - Updated avahi packages fix netlink vulnerability
  241. Wabbit PHP Gallery => 0.9 Remote Traversal Directory
  242. [SECURITY] [DSA 1215-1] New xine-lib packages fix execution of arbitrary code
  243. mAlbum v0.3 Multiple vulnerabilitizzz
  244. my little weblog => Cross Site Scripting
  245. [ GLSA 200611-11 ] TikiWiki: Multiple vulnerabilities
  246. Classified System [injection sql]
  247. Correction: Re: Serious crypto problem fixed by envelope HMAC method insteadof currently used prefix
  248. Re: GPhotos 1.5 Multiple vulnerabilities
  249. ltwCalendar => 4.2.1 Remote File Include Vulnerabilities
  250. [SECURITY] [DSA 1207-2] New phpmyadmin packages fix regression