PDA

Bekijk Volledige Versie : Bugtraq mailing lijst



Pagina's : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 [70] 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98

  1. [ GLSA 200704-03 ] OpenAFS: Privilege escalation
  2. Three New Papers on Oracle Forensics
  3. rPSA-2007-0063-1 krb5 krb5-server krb5-services krb5-test
  4. CYBSEC Pre-Advisory: SAP TRUSTED_SYSTEM_SECURITY RFC Function Information
  5. iDefense Security Advisory 04.03.07: Multiple Vendor X Server XC-MISC
  6. CYBSEC Security Pre-Advisory: SAP RFC_START_PROGRAM RFC Function
  7. lite-cms-0.2.1 Remote File Include Vulnerabilities
  8. CYBSEC Security Pre-Advisory: SAP RFC_START_GUI RFC Function Buffer
  9. CYBSEC Security Pre-Advisory: SAP SYSTEM_CREATE_INSTANCE RFC Function
  10. [USN-449-1] krb5 vulnerabilities
  11. CYBSEC Security Pre-Advisory: SAP RFC_SET_REG_SERVER_PROPERTY RFC
  12. rPSA-2007-0064-1 ImageMagick
  13. CYBSEC Release: SAP Security - Paper & Tool release
  14. [ MDKSA-2007:074 ] - Updated qt3 packages to address utf8 decoder bug
  15. [MajorSecurity Advisory #38]eXV2 CMS - Session fixation and
  16. Remot File Include In phpexplorator_2_0
  17. [USN-448-1] X.org vulnerabilities
  18. iXon_CMS 0.30 Remote File Include Vulnerabilities
  19. rPSA-2007-0067-1 nas
  20. K-CMS v1.0 Remote File Include Vulnerabilities
  21. rPSA-2007-0066-1 kdelibs qt-x11-free
  22. Monkey CMS v0.0.3 Remote File Include Vulnerabilitiy
  23. phpechocms v.2 Cross-Site Scripting Vulnerabilitiy
  24. iDefense Security Advisory 04.03.07: Multiple Vendor X Server BDF
  25. phpechocms2 Remote File Include Vulnerabilities
  26. rPSA-2007-0065-1 freetype xorg-x11 xorg-x11-fonts xorg-x11-tools
  27. MyBlog: PHP and MySQL Blog/CMS software Cross-Site Scripting
  28. [ MDKSA-2007:076 ] - Updated kdelibs packages to address UTF8 issue in KJS
  29. Mozilla Firefox Insecure Element Stealth Injection Vulnerability
  30. rPSA-2007-0062-1 firefox
  31. Re: Denial of Service Vulnerabilities in TrueCrypt 4.3 Linux (re.
  32. High Risk Vulnerability in OpenOffice
  33. Several Windows image viewers vulnerabilities
  34. Re: More information on ZERT patch for ANI 0day
  35. Re: More information on ZERT patch for ANI 0day
  36. Re: More information on ZERT patch for ANI 0day
  37. [SECURITY] [DSA 1277-1] New XMMS packages fix arbitrary code execution
  38. Gazi Okul Sitesi 2007(tr)(fotokategori.asp) Remote SQL Injection
  39. [ MDKSA-2007:077 ] - Updated krb5 packages fix vulnerabilities
  40. Firefox extensions go Evil - Critical Vulnerabilities in Firefox/Firebug
  41. VMSA-2007-0003 VMware ESX 3.0.1 and 3.0.0 server security updates
  42. [ MDKSA-2007:078 ] - Updated kernel packages fix multiple vulnerabilities and bugs
  43. MyBlog: PHP and MySQL Blog/CMS software Remote File Include
  44. LedgerSMB 1.2.0 finally released, fixes CVE-2006-5589
  45. [ MDKSA-2007:080 ] - Updated tightvnc packages fix integer overflow vulnerabilities
  46. [ MDKSA-2007:081 ] - Updated freetype2 packages fix vulnerability
  47. iDefense Security Advisory 04.04.07: Kaspersky AntiVirus SysInfo
  48. iDefense Security Advisory 04.04.07: Kaspersky Internet Security
  49. Microsoft .NET request filtering bypass vulnerability (BID 20753)
  50. iDefense Security Advisory 04.04.07: ESRI ArcSDE Buffer Overflow
  51. FLEA-2007-0008-1: krb5
  52. FLEA-2007-0009-1: xorg-x11 freetype
  53. Wserve HTTP Server 4.6 Version (Long Directory Name) Buffer
  54. FLEA-2007-0010-1: evolution
  55. [security bulletin] HPSBUX02204 SSRT071341 rev.1 - HP-UX Running CIFS Server (Samba), Remote Denial of Service (DoS)
  56. Re: Firefox extensions go Evil - Critical Vulnerabilities in Firefox/Firebug
  57. ACLS ineffective in SQL-Ledger and LedgerSMB
  58. Re: Nine Vista CVEs, including Microsoft inaccurate Teredo use
  59. ZDI-07-014: Kaspersky Anti-Virus ActiveX Control Unsafe Method Exposure
  60. phpContact Multiple Remote File Inclusion Vulnerabilities
  61. [MajorSecurity Advisory #39]onelook onebyone CMS - Session
  62. ZDI-07-013: Kaspersky AntiVirus Engine ARJ Archive Parsing Heap Overflow
  63. [MajorSecurity Advisory #40]onelook oboShop - Session fixation Issue
  64. [MajorSecurity Advisory #41]onelook courts online - Session
  65. livor 2.5 Cross-Site Scripting Vulnerability
  66. AOL Nullsoft Winamp LIBSNDFILE.DLL Remote Memory Corruption (Off
  67. AOL Nullsoft Winamp S3M Module "IN_MOD.DLL" Remote Heap Memory Corruption
  68. AOL Nullsoft Winamp IT Module "IN_MOD.DLL" Remote Heap Memory Corruption
  69. [SECURITY] [DSA 1278-1] New man-db packages fix arbitrary code execution
  70. LayerOne 2007 - Speaker Line up Announced
  71. [ GLSA 200704-06 ] Evince: Stack overflow in included gv code
  72. [ GLSA 200704-07 ] libwpd: Multiple vulnerabilities
  73. PHP <= 5.2.1 wbmp file handling integer overflow
  74. [MajorSecurity Advisory #42]webblizzard CMS - Cross Site
  75. Re: Nine Vista CVEs, including Microsoft inaccurate Teredo use case documentation
  76. CmailServer WebMail <= V.5.3.4 (signup) Remote XSS Exploit
  77. witshare 0.9 Remote File Include Vulnerabilitiy
  78. UBB.threads (<= 6.1.1) SQL Injection Vulnerability
  79. Scorp Book <== v1.0 (smilies.php) Remote File Include Exploit
  80. Take Control In Script Jeebles Directory
  81. phpMyAdmin 2.6.1 Local Cross Site Scripting
  82. Remot File Include In Script Lore v1
  83. DeskPRO v2.0.1 - Cross-Site Scripting Vulnerability
  84. Gsylvain35 Portail Web Remote File Include Vulnerabilities
  85. Request It : Song Request System 1.0b - remote file inclusion
  86. QuizShock 1.6.1 - Cross-Site Scripting Vulnerability
  87. Mybb Hot Editor Plugin Local File Inclusion
  88. Hot Editor v4.0 Local File Inclusion
  89. Re: Mybb Hot Editor Plugin Local File Inclusion
  90. xodagallery Remote Code Execution Vulnerability
  91. rPSA-2007-0070-1 openoffice.org
  92. Re: Re: Mybb Hot Editor Plugin Local File Inclusion
  93. iDefense Security Advisory 04.09.07: AOL AIM and ICQ File Transfer
  94. [USN-450-1] ipsec-tools vulnerability
  95. phpGalleryScript 1.0 - File Inclusion Vulnerabilities
  96. DEF CON One Five CfP in effect!
  97. EEYE: Windows VDM Zero Page Race Condition Privilege Escalation
  98. EEYE: Windows Vista CSRSS Dangling Process Pointer Privilege Escalation
  99. PhpOpenChat <= 3.0.1 (poc.php) Multiple Remote File Include
  100. Secunia Research: Microsoft Agent URL Parsing Memory Corruption
  101. iDefense Security Advisory 04.10.07: Microsoft Windows Universal
  102. [ MDKSA-2007:077-1 ] - Updated krb5 packages fix vulnerabilities
  103. Re: vbulletin admincp sql injection
  104. [ MDKSA-2007:081-1 ] - Updated freetype2 packages fix vulnerability
  105. [USN-451-1] Linux kernel vulnerabilities
  106. webMethods Glue Management Console Directory Traversal
  107. [ MDKSA-2007:080-1 ] - Updated tightvnc packages fix integer overflow vulnerabilities
  108. nEw Bug :D
  109. New bug :)
  110. pL-PHP beta 0.9 - Multiple Vulnerabilities
  111. [MajorSecurity Advisory #43]Calacode ATMail 5.0 - Cross Site
  112. CodeBreak (codebreak.php process_method) - Remote File Inclusion
  113. Cosign SSO Authentication Bypass
  114. Re: On-going Internet Emergency and Domain Names
  115. Re: Latinchat Denial Of Service
  116. PunBB <= 1.2.14 Remote Code Execution (Exploit)
  117. PunBB <= 1.2.14 Multiple Vulnerabilities (Advisory)
  118. Steganos Encrypted Safe NOT so safe
  119. [ MDKSA-2007:079-1 ] - Updated xorg-x11/XFree86 packages fix integer overflow vulnerabilities
  120. [ MDKSA-2007:083 ] - Updated apache-mod_perl packages fix DoS vulnerability
  121. [ MDKSA-2007:075-1 ] - Updated qt4 packages to address utf8 decoder bug
  122. iDefense Security Advisory 04.11.07: Apache HTTPD suEXEC Multiple
  123. [ MDKSA-2007:082 ] - Updated madwifi-source, wpa_supplicant packages fix vulnerabilities
  124. libpng compilation issue
  125. E107 - (v0.7.8) Access Escalation Vulnerbility - PoC
  126. HPSBUX02205 SSRT061120 rev.1 - HP-UX Running ARPA Transport, Local Denial of Service (DoS)
  127. CVE-2007-1871: Cross site scripting in chcounter 3.1.3
  128. INFIGO-2007-04-05: Enterprise Security Analyzer server remote
  129. CVE-2007-1872: Cross site scripting in toendaCMS 1.5.3
  130. Critical phpwiki c99shell exploit
  131. [security bulletin] HPSBST02206 SSRT071354 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS07-014
  132. [security bulletin] HPSBUX01137 SSRT5954 rev.9 - HP-UX Running TCP/IP (IPv4), Remote Denial of Service (DoS)
  133. Cisco Security Advisory: Multiple Vulnerabilities in the Cisco Wireless LAN Controller and Cisco Lightweight Access Points
  134. [ GLSA 200704-08 ] DokuWiki: Cross-site scripting vulnerability
  135. Cisco Security Advisory: Multiple Vulnerabilities in the Cisco Wireless Control System
  136. [security bulletin] HPSBGN02199 SSRT071312 rev.1 - Mercury Quality Center ActiveX, Remote Unauthorized Arbitrary Code Execution
  137. Re: Critical phpwiki c99shell exploit
  138. Cross site scripting in mephisto 0.7.3
  139. [security bulletin] HPSBUX02203 SSRT071339 rev.1 - HP-UX Running Portable File System (PFS), Remote Increase in Privilege
  140. TuMusika Evolution 1.6 Cross Site Scripting Vulnerabilitiy
  141. phpwebnews v.1 Multiple Cross Site Scripting Vulnerabilites
  142. Chatness <= 2.5.3 - Arbitrary Code Execution
  143. Re: Cross site scripting in mephisto 0.7.3
  144. RE: Critical phpwiki c99shell exploit
  145. FAC GuestBook v2.0 remote database disclosure vulnerability
  146. Aircrack-ng (airodump-ng) remote buffer overflow vulnerability
  147. iDefense Security Advisory 04.12.07: Hewlett Packard HP-UX Remote
  148. [USN-452-1] KDE library vulnerability
  149. [Argeniss] Hacking Databases for owning your data (paper)
  150. [OPENADS-SA-2007-003] Openads 2.0.11 vulnerability fixed
  151. [OPENADS-SA-2007-004] Max Media Manager v0.1.29-rc and v0.3.31-alpha-pr2
  152. [MajorSecurity Advisory #44]MailBee WebMail Pro - Cross Site
  153. [waraxe-2007-SA#048] - Multiple vulnerabilities in Virtual War
  154. TSRT-07-04: LANDesk Management Suite Alert Service Stack Overflow
  155. Vbulletin 3.6.5 Sql Injection ! [misc.php]
  156. bloofoxCMS 0.2.2 Cross Site Scripting
  157. Re: Vbulletin 3.6.5 Sql Injection ! [misc.php]
  158. VCDGear <= 3.56 Build 050213 (FILE) Local Code Execution Exploit
  159. Re: Steganos Encrypted Safe NOT so safe
  160. Back-End CMS Database Tables v0.4.7 Cross Site Scripting
  161. MobilePublisherphp v1.1.2 Remote File Include Vulnerabilities
  162. FloweRS v2.0 Cross Site Scripting
  163. Maian Search v1.1
  164. Maian Gallery v1.0
  165. B2evolution 1.6 RFi
  166. MySpeach v1.9
  167. Back-End CMS Database Tables v0.4.7 Remote File Include
  168. Flip-search-add-on 2.0
  169. Maian Weblog v3.1
  170. bloofoxCMS 0.2.2 Remote File Include Vulnerabilitiy
  171. phpMyChat-0.14.5
  172. Re: VCDGear <= 3.56 Build 050213 (FILE) Local Code Execution Exploit
  173. Pixaria Gallery 1.0 (class.Smarty.php) Remote File Include
  174. Re: sitex multiple vulnerabilities
  175. Re: Maian Gallery v1.0
  176. Re: Maian Search v1.1
  177. Sitebar 3.3.5 (index.php writerFile)Remote File Include Vulnerabilities
  178. [ GLSA 200704-09 ] xine-lib: Heap-based buffer overflow
  179. Re: [exploits] RPC vuln in DNS Server (fwd)
  180. LS simple guestbook - arbitrary code execution
  181. Joomla/Mambo Jambook v1.0 beta7 Rfi Vuln.
  182. [MajorSecurity Advisory #45]oe2edit CMS - Cross Site Scripting
  183. ZoneAlarm Multiple insufficient argument validation of hooked SSDT
  184. ActionPoll Script (actionpoll.php) Remote File Include //
  185. MyBlog <= 0.9.8 Remote Command Execution Exploit
  186. Re: phpMyChat-0.14.5
  187. Microsoft DNS Server Remote Code execution: Analysis and exploit
  188. Windows DNS Cache Poisoning by Forwarder DNS Spoofing
  189. Re: Critical phpwiki c99shell exploit
  190. [ GLSA 200704-10 ] Inkscape: Two format string vulnerabilities
  191. Persistent CSRF and The Hotlink Hell
  192. iDefense Security Advisory 04.16.07: ClamAV CAB File Unstore Buffer
  193. Ivan Gallery Script V.0.1 (index.php) Remote File Include Exploit
  194. [ GLSA 200704-11 ] Vixie Cron: Denial of Service
  195. rPSA-2007-0071-1 kernel
  196. Akamai Technologies Security Advisory 2007-0001
  197. [ MDKSA-2007:086 ] - Updated cups packages fix DoS vulnerability
  198. [ MDKSA-2007:084 ] - Updated ipsec-tools packages fix DoS vulnerability
  199. [ MDKSA-2007:085 ] - Updated freeradius packages fix DoS vulnerability
  200. [ GLSA 200704-12 ] OpenOffice.org: Multiple vulnerabilities
  201. iDefense Security Advisory 04.16.07: Akamai Download Manager ActiveX
  202. Netsprint Toolbar 1.1 arbitrary remote code vulnerability
  203. PHP Nuke <= 8.0.0.3.3b SQL Injections and Bypass SQL Injection
  204. Remot File Include In Script phphd_downloads
  205. Remot File Include download_engine_V1.4.3
  206. Wabbit PHP Gallery v0.9 Cross Site Scripting
  207. my little weblog Cross Site Scripting
  208. my little forum 1.7 Remote File Include Vulnerabilitiy
  209. Re: [Full-disclosure] [WEB SECURITY] Persistent CSRF and The Hotlink
  210. RE: Windows DNS Cache Poisoning by Forwarder DNS Spoofing
  211. Re: [WEB SECURITY] Persistent CSRF and The Hotlink Hell
  212. Re: Netsprint Toolbar 1.1 arbitrary remote code vulnerability
  213. webMethods Security Advisory: Glue console directory traversal vu
  214. RE: Windows DNS Cache Poisoning by Forwarder DNS Spoofing
  215. Re: bloofoxCMS 0.2.2 Remote File Include Vulnerabilitiy
  216. Internet Explorer Crash
  217. [security bulletin] HPSBTU02207 SSRT061213, SSRT061239, SSRT071304 rev.1 - HP Tru64 UNIX SSL and BIND Remote Arbitrary Code Execution or Denial of Service (DoS)
  218. Multiple Ask IE Toolbar denial of service vulnerabilities
  219. Re[2]: Windows DNS Cache Poisoning by Forwarder DNS Spoofing
  220. Gizzar <= (basePath) Remote File Include Vulnerability
  221. BlueArc Firmware 4.2.944b FTP bounce
  222. SYMSA-2007-003 Macrovision InstallAnywhere Password and Serial
  223. Re: Internet Explorer Crash
  224. Re: [Full-disclosure] Cross Domain XMLHttpRequest
  225. ShoutPro 1.5.2 - arbitrary code execution
  226. Re: Internet Explorer Crash
  227. WASC-Articles: 'The Importance of Application Classification in Secure Application Development'
  228. Re: [Full-disclosure] A Botted Fortune 500 a Day
  229. n.runs-SA-2007.007 - Sun Solaris 10 - Format string vulnerability
  230. Re: [Full-disclosure] A Botted Fortune 500 a Day
  231. Re: [Full-disclosure] A Botted Fortune 500 a Day
  232. Re: [Full-disclosure] A Botted Fortune 500 a Day
  233. Re: Windows DNS Cache Poisoning by Forwarder DNS Spoofing
  234. Re: [Full-disclosure] A Botted Fortune 500 a Day
  235. Cross Domain XMLHttpRequest
  236. Mambo/Joomla Component New Article Component RFI
  237. Re: Windows DNS Cache Poisoning by Forwarder DNS Spoofing
  238. [ GLSA 200704-14 ] FreeRADIUS: Denial of Service
  239. NukeSentinel Bypass SQL Injection & Nuke Evolution <= 2.0.3 SQL
  240. Advisory: Bypass Oracle Logon Trigger
  241. Re: Internet Explorer Crash
  242. Advisory: SQL Injection in package SYS.DBMS_AQADM_SYS
  243. iDefense Security Advisory 04.17.07: McAfee VirusScan On-Access Scanner
  244. Advisory: SQL Injection in package SYS.DBMS_UPGRADE_INTERNAL
  245. Advisory: XSS Vulnerability in Oracle Secure Enterprise Search
  246. Reminder: HITBSecConf2007 - Malaysia: Call for Papers closing in
  247. Advisory: Shutdown unprotected Oracle TNS Listener via Oracle
  248. Analysis of the Oracle April 2007 Critical Patch Update
  249. iDefense Security Advisory 04.17.07: McAfee E-Business Admin Server
  250. rPSA-2007-0072-1 lighttpd