PDA

Bekijk Volledige Versie : Bugtraq mailing lijst



Pagina's : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 [65] 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98

  1. [ GLSA 200701-18 ] xine-ui: Format string vulnerabilities
  2. [ MDKSA-2006:217-2 ] - Updated proftpd packages fix vulnerabilities
  3. [ GLSA 200701-19 ] OpenLDAP: Insecure usage of /tmp during installation
  4. subscribe (pwd.txt) Remote Password Disclosur
  5. rPSA-2007-0013-1 poppler tetex tetex-afm tetex-dvips tetex-fonts
  6. [USN-411-1] libsoup vulnerability
  7. PR06-14: IP Phones based on Centrality Communications/Aredfox PA168
  8. Advanced Guestbook <=- 2.4.2 (include_path) Remote File Include Vulnerability
  9. SUSE Security Announcement: xine (SUSE-SA:2007:013)
  10. [ MDKSA-2007:026 ] - Updated squid packages fix vulnerabilities
  11. [ GLSA 200701-20 ] Centericq: Remote buffer overflow in LiveJournal handling
  12. [USN-412-1] GeoIP vulnerability
  13. [USN-413-1] BlueZ vulnerability
  14. Re: Safari Improperly Parses HTML Documents & BlogSpot XSS vulnerability
  15. [Aria-Security Team] MyBB Cross-Site Scripting
  16. Toxiclab Shoutbox Password Disclosure Vulnerability
  17. Secunia Research: NCTsoft Products NCTAudioFile2 ActiveX Control
  18. Secunia Research: Sienzo Digital Music Mentor NCTAudioFile2
  19. [CAID 34993]: CA BrightStor ARCserve Backup for Laptops and Desktops Multiple Overflow Vulnerabilities
  20. Re: AToZed Software Intraweb Component for Borland Delphi and
  21. attn: antonetta - very natural news server access - cow mic - (1/1)
  22. ZixForum <= 1.14 (Zixforum.mdb) Remote Password Disclosure Vulnerability
  23. Maxtricity Tagger Password Disclosure Vulnerability
  24. Re: Advanced Guestbook <=- 2.4.2 (include_path) Remote File Include
  25. Re: FreeForum 0.9.0 <=- (index.php fpath) Remote File Include Vulnerability
  26. Re: Secunia Research: NCTsoft Products NCTAudioFile2 ActiveX
  27. Cisco Security Advisory: Crafted TCP Packet Can Cause Denial of Service
  28. Cisco Security Advisory: IPv6 Routing Header Vulnerability
  29. Cisco Security Advisory: Crafted IP Option Vulnerability
  30. [OPENADS-SA-2007-001] phpAdsNew and phpPgAds 2.0.9-pr1 vulnerability
  31. Re: phpAdsNew 2.0.7 Remote File Include
  32. [ GLSA 200701-21 ] MIT Kerberos 5: Arbitrary Remote Code Execution
  33. DoS against Telligent Community Server
  34. [security bulletin] HPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access
  35. ZDI-07-006: Citrix Metaframe Presentation Server Print Provider Buffer
  36. Multiple Remote Vulnerabilities in Wordpress
  37. Oracle Buffer Overflow in DBMS_REPCAT_UNTRUSTED.UNREGISTER_SNAPSHOT
  38. Oracle Buffer Overflow in DBMS_LOGMNR.ADD_LOGFILE
  39. Oracle Buffer Overflow in DBMS_LOGREP_UTIL.GET_OBJECT_NAME
  40. Oracle Multiple Buffer Overflows and DoS attacks in public procedures
  41. [CAID 34818]: CA Personal Firewall Multiple Privilege Escalation Vulnerabilities
  42. Oracle Buffer Overflows in DBMS_CAPTURE_ADM_INTERNAL
  43. Oracle Buffer Overflow in DBMS_DRS.GET_PROPERTY
  44. [USN-414-1] Squid vulnerabilities
  45. Remove all admin->root authorization prompts from OSX
  46. Re: AToZed Software Intraweb Component for Borland Delphi and
  47. rPSA-2007-0019-1 gtk
  48. ASP NEWS <= V3 (news_detail.asp) Remote SQL Injection Vulnerability
  49. Xero Portal v1.2 (phpbb_root_path) Remote File Include Vulnerablity
  50. uniForum <= v4 (wbsearch.aspx) Remote SQL Injection Vulnerability
  51. ASP EDGE <= V1.2b (user.asp) Remote SQL Injection Vulnerability
  52. EzDatabase Multiple Cross-Site Scripting Vulnerability
  53. Re: phpCOIN <= RC-1 (modules/mail/index.php) Remote File Include Vulnerability
  54. makit news/blog poster <=v3(news_page.asp) Remote SQL Injection
  55. BIND remote exploit (low severity) [Fwd: Internet Systems Consortium
  56. Aztek Forum 4.1 Multiple Vulnerabilities Exploit
  57. phpCOIN <= RC-1 (modules/mail/index.php) Remote File Include Vulnerability
  58. [x0n3-h4ck] Siteman 1.1.11 Remote Md5 Hash Disclosure Vulnerability
  59. [x0n3-h4ck] Siteman 2.0.x2 Remote Md5 Hash Disclosure Vulnerability
  60. GPS 1.2 Content Managing System (print.asp) Remote SQL Injection
  61. MI5 Persecution: Toronto Freenet supports free speech (671)
  62. MI5 Persecution: Intelligence agency sources on the Web (1576)
  63. MI5 Persecution: Newsgroup members join in the discussion (2481)
  64. Re: Oracle Buffer Overflows in DBMS_CAPTURE_ADM_INTERNAL
  65. MI5 Persecution: BBC's Hidden Shame 4/5/95 (671)
  66. MI5 Persecution: A doubting Thomas is heard 9/5/95 (1576)
  67. [ GLSA 200701-22 ] Squid: Multiple Denial of Service vulnerabilities
  68. MI5 Persecution: Recognition by Strangers is Normal 12/5/95 (2481)
  69. Buffer overflow in VSAPI library of Trend Micro VirusWall 3.81 for Linux
  70. [NETRAGARD-20061218 SECURITY ADVISORY] [@Mail WebMail Cross Site
  71. MI5 Persecution: Truth or Troll? 13/5/95 (3386)
  72. The certification password of Internet Explorer 7 and operation
  73. MI5 Persecution: Let it go 1/8/95 (4291)
  74. high5 Review script Security Risk
  75. RE: Remove all admin->root authorization prompts from OSX
  76. MI5 Persecution: But why? 2/8/95 (5196)
  77. MI5 Persecution: Surveillance methods 5/8/95 (6101)
  78. Re: Aztek Forum 4.1 Multiple Vulnerabilities Exploit
  79. Re: Remove all admin->root authorization prompts from OSX
  80. BORGChat Exploit
  81. Vulnerability disclosure comments
  82. Omniture SiteCatalyst Multiple Cross-Site Scripting Vulnerabilities
  83. Re: Oracle Buffer Overflow in DBMS_LOGREP_UTIL.GET_OBJECT_NAME
  84. Re: [Full-disclosure] 0trace - traceroute on established
  85. Re: AToZed Software Intraweb Component for Borland Delphi and Kylix DoS vulnerability
  86. Re: ZixForum <= 1.14 (Zixforum.mdb) Remote Password Disclosure
  87. RubyGems 0.9.0 and earlier installation exploit
  88. Medium Risk Vulnerability in PGP Desktop
  89. Re: [Full-disclosure] rPSA-2007-0011-1 wget
  90. [USN-410-2] teTeX vulnerability
  91. [ GLSA 200701-24 ] VLC media player: Format string vulnerability
  92. [OPENADS-SA-2007-002] Max Media Manager v0.1.29 and v0.3.30 vulnerability
  93. Movable Type <= 3.33 XSS Exploit
  94. Re: Re: Re: Re: SMF "index.php?action=pm" Cross Site-Scripting
  95. [ MDKSA-2007:027 ] - Updated xine-ui packages fix vulnerabilities
  96. Re: SMF "index.php?action=pm" Cross Site-Scripting
  97. [ GLSA 200701-23 ] Cacti: Command execution and SQL injection
  98. Cross-site Scripting with Local Privilege Vulnerability in Yahoo
  99. PHP Membership Manager Cross-Site Scripting Vulnerability
  100. FdScript <= v1.3.2 Remote File Disclosure Vulnerability
  101. S21sec-034-en: Cisco VTP DoS vulnerability
  102. iDefense Security Advisory 01.26.07: Multiple Vendor libchm Page
  103. Re: Remove all admin->root authorization prompts from OSX
  104. Re: Remove all admin->root authorization prompts from OSX
  105. Re: Remove all admin->root authorization prompts from OSX
  106. rPSA-2007-0021-1 bind bind-utils
  107. rPSA-2007-0020-1 rmake
  108. Dexia website security alert
  109. WS_FTP 2007 Professional SCP handling format string vulnerability
  110. Re: [OPENADS-SA-2007-002] Max Media Manager v0.1.29 and v0.3.30 vulnerability
  111. [ MDKSA-2007:029 ] - Updated libsoup packages fix DoS vulnerability
  112. stompy the session stomper - tool availability
  113. Full Disclosure: Arbitrary Code Execution in LedgerSMB CVE-2006-5872
  114. [USN-398-4] Firefox regression
  115. Re: Cross-site Scripting with Local Privilege Vulnerability in
  116. Open Conference Systems = 2.8.2 Remote File Inclusion
  117. [ MDKSA-2007:028 ] - Updated ulogd packaged to address buffer overflow vulnerability
  118. AdMentor (banners) admin SQL injection
  119. local Calendar System v1.1 (lcStdLib.inc) Remote File Include
  120. RE: Cross-site Scripting with Local Privilege Vulnerability in Yahoo Messenger
  121. [SECURITY] [DSA 1252-1] New vlc packages fix arbitrary code execution
  122. [SECURITY] [DSA 1253-1] New Mozilla Firefox packages fix several vulnerabilities
  123. Re: Open Conference Systems = 2.8.2 Remote File Inclusion
  124. [OpenPKG-SA-2007.007] OpenPKG Security Advisory (bind)
  125. [SECURITY] [DSA 1254-1] New bind9 packages fix denial of service
  126. MDPro 1.0.76 - Multiple Remote Vulnerabilities
  127. Internet Explorer 7 ActiveX bgColor property NULL pointer dereference
  128. [OpenPKG-SA-2007.008] OpenPKG Security Advisory (cvstrac)
  129. Xt-Stats v.2.4.0.b3 - Remote File Include Vulnerabilities
  130. Re: Dexia website security alert
  131. Fake: Open Conference Systems = 2.8.2 Remote File Inclusion
  132. Re: local Calendar System v1.1 (lcStdLib.inc) Remote File Include
  133. CVSTrac 2.0.0 Denial of Service (DoS) vulnerability
  134. Defeating CAPTCHAs via Averaging
  135. Phorum HTML Injection Vulnerability
  136. Re: stompy the session stomper - tool availability
  137. gnopaste <= 0.5.3 (index.php) Remote File Include Vulnerability
  138. AdMentor (banners) admin SQL injection
  139. Re: Fake: Open Conference Systems = 2.8.2 Remote File Inclusion
  140. Re: Phorum HTML Injection Vulnerability
  141. Re: Windows logoff bug possible security vulnerability and exploit.
  142. Re: Fake: Open Conference Systems = 2.8.2 Remote File Inclusion
  143. Re: local Calendar System v1.1 (lcStdLib.inc) Remote File Include
  144. Arbitrary Code Execution in SQL-Ledger and LedgerSMB through redirects
  145. Re: local Calendar System v1.1 (lcStdLib.inc) Remote File Include
  146. [ GLSA 200701-25 ] X.Org X server: Multiple vulnerabilities
  147. Re: Re: Oracle Buffer Overflows in DBMS_CAPTURE_ADM_INTERNAL
  148. Re: local Calendar System v1.1 (lcStdLib.inc) Remote File Include
  149. Re: stompy the session stomper - tool availability
  150. Re: Cross-site Scripting with Local Privilege Vulnerability in Yahoo Messenger
  151. Re: Open Conference Systems = 2.8.2 Remote File Inclusion
  152. VII National Computer and Information Security Conference ACIS 2007 - COLOMBIA
  153. RBL - ASP (scripts with db) SQL injection
  154. Oracle - Indirect Privilege Escalation and Defeating Virtual Private Databases
  155. [DRUPAL-SA-2007-005] Drupal 4.7.6 / 5.1 fixes arbitrary code execution issue
  156. COSEINC Alert: Microsoft Agent Heap Overflow Vulnerability Technical Details (Patched)
  157. rPSA-2007-0020-2 rmake
  158. Re: [Full-disclosure] S21sec-034-en: Cisco VTP DoS vulnerability
  159. RBL - ASP (scripts with db) SQL injection
  160. Re: gnopaste <= 0.5.3 (index.php) Remote File Include Vulnerability
  161. PhP Generic library & framework (include_path) Remote File
  162. Re: Fake: Open Conference Systems = 2.8.2 Remote File Inclusion
  163. EncapsCMS 0.3.6 (common_foot.php) Remote File Include
  164. Atsphp 5.0.1 [Top Sites] [index.php] - Remote File Include
  165. Re: Defeating CAPTCHAs via Averaging
  166. [ MDKSA-2007:030 ] - Updated bind packages fix DoS vulnerabilities
  167. Re: BOGUS: Atsphp 5.0.1 [Top Sites] [index.php] - Remote File Include
  168. Remote Unauthenticated Code Execution CA BrightStor ARCserve Backup
  169. Remote Unauthenticated Code Execution II CA BrightStor ARCserve Backup for Laptops & Desktops
  170. OWASP JBroFuzz 0.4 Fuzzer Released!
  171. Remote DOS BrightStor ARCserve Backup for Laptops & Desktops
  172. Remote Unauthenticated Resource Exhaustion CA Mobile BackupService
  173. Oracle 10g R2 Enterprise Manager Directory Traversal
  174. 2007 Security OPUS CFP: Closed (Agenda included)
  175. Cisco Security Advisory: SIP Packet Reloads IOS Devices Not Configured for SIP
  176. [ECHO_ADV_63$2007] Cadre remote file inclusion
  177. Re: Atsphp 5.0.1 [Top Sites] [index.php] - Remote File Include
  178. Re: Defeating CAPTCHAs via Averaging
  179. Re: local Calendar System v1.1 (lcStdLib.inc) Remote File Include
  180. [SECURITY] [DSA 1255-1] New libgtop2 packages fix arbitrary code execution
  181. Windows Vista and unexported kernel symbols (Part II, 32bits version)
  182. [ GLSA 200701-27 ] ELinks: Arbitrary Samba command execution
  183. [ GLSA 200701-28 ] thttpd: Unauthenticated remote file access
  184. BBED - Oracle Block Browser and Editor
  185. [ GLSA 200701-26 ] KSirc: Denial of Service vulnerability
  186. [SECURITY] [DSA 1256-1] New gtk+2.0 packages fix denial of service
  187. Re: stompy the session stomper - tool availability
  188. Technika - Attack Scripting Environment
  189. Re: Defeating CAPTCHAs via Averaging
  190. Comodo Multiple insufficient argument validation of hooked SSDT function
  191. [USN-415-1] GTK vulnerability
  192. strange behavior on Cisco 2801
  193. php web portail [remote file include & local file include]
  194. Omegaboard v1.0b4 (phpbb_root_path) Remote File Include Exploit
  195. Cerulean Portal System (phpbb_root_path) Remote File Include Exploit
  196. Phishing Evolution Report Released
  197. Re: strange behavior on Cisco 2801
  198. Re: SMF "index.php?action=pm" Cross Site-Scripting
  199. Sourceforge compromized?
  200. Chicken of the VNC 2.0 remote DoS
  201. Re: Sourceforge compromized?
  202. Re: Sourceforge compromized?
  203. Re: Sourceforge compromized?
  204. Re: strange behavior on Cisco 2801
  205. Re: Sourceforge compromized?
  206. Re: Ipswitch WS_FTP Server 5.04 multiple arbitrary code execution vulnerabilities
  207. Re[2]: Ipswitch WS_FTP Server 5.04 multiple arbitrary code execution vulnerabilities
  208. for celle: really super mp3 music - ilgi - (1/1)
  209. [ MDKSA-2007:031 ] - Updated kdelibs packages fix KHTML vulnerability
  210. Re: Re: Ipswitch WS_FTP Server 5.04 multiple arbitrary code
  211. [ MDKSA-2007:032 ] - Updated mpg123 packages fix DoS vulnerability.
  212. Security Advisory for Bugzilla 2.20.3, 2.22.1, and 2.23.3
  213. [ MDKSA-2007:033 ] - Updated wireshark packages fix multiple vulnerabilities
  214. Ublog Reload Admin Panel Multiple HTML Injections
  215. Re: Web 2.0 backdoors made easy with MSIE & XMLHttpRequest
  216. Vmare workstation guest isolation weaknesses (clipboard transfer)
  217. MysearchEngine XSS
  218. Adrenalin's ASP Chat XSS
  219. Sql injection bugs in Xoops 2.0.16 + Weblinks module
  220. dvddb-0.6 media sql-inj. vuln.
  221. Jetty Session ID Prediction
  222. TSLSA-2007-0005 - multi
  223. Re: [Full-disclosure] Firefox + popup blocker + XMLHttpRequest + srand() = oops
  224. [SAMBA-SECURITY] CVE-2007-0452: Potential DoS against smbd in Samba
  225. [SAMBA-SECURITY] CVE-2007-0453: Buffer overrun in nss_winbind.so.1
  226. dvddb-0.6 media remote file include vuln.
  227. Re: local Calendar System v1.1 (lcStdLib.inc) Remote File Include
  228. Re: Jetty Session ID Prediction
  229. Re: [Full-disclosure] Firefox + popup blocker + XMLHttpRequest +
  230. Cold Fusion Web Server XSS 0 day
  231. [SAMBA-SECURITY] CVE-2007-0454: Format string bug in afsacl.so VFS
  232. Re: Web 2.0 backdoors made easy with MSIE & XMLHttpRequest
  233. Sql injection bugs in PHP-Nuke
  234. [SECURITY] [DSA 1257-1] New samba packages fix several vulnerabilities
  235. Les News v2.2 [Admin news without password]
  236. Re: dvddb-0.6 media sql-inj. vuln.
  237. rPSA-2007-0023-1 tshark wireshark
  238. Mina Ajans Script Remote File Inclusion Vuln.
  239. [ MDKSA-2007:034 ] - Updated samba packages address multiple vulnerabilities
  240. Uphotogallery Multiple Cross-Site Scripting Vulnerability
  241. [USN-417-1] PostgreSQL vulnerabilities
  242. iDefense Security Advisory 02.02.07: Blue Coat Systems WinProxy CONNECT
  243. Firefox + popup blocker + XMLHttpRequest + srand() = oops
  244. Sql injection bugs in Virtuemart and Letterman
  245. Re: Jetty Session ID Prediction
  246. Sql injection bugs in Joomla and Mambo
  247. Re: Jetty Session ID Prediction
  248. Firefox 2.0.0.1 and Opera 9.10 Anty Fraud/Phishing Protection bypass.
  249. Unofficial SQL-Ledger patch for CVE-2007-0667
  250. Re: [Full-disclosure] PS Information Leak on HP Tru64 Alpha OSF1