PDA

Bekijk Volledige Versie : Bugtraq mailing lijst



Pagina's : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 [74] 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98

  1. SECNICHE : Dwelling Security is On the Run
  2. [ GLSA 200706-04 ] MadWifi: Multiple vulnerabilities
  3. [USN-439-2] file vulnerability
  4. [USN-471-1] libexif vulnerability
  5. [USN-472-1] libpng vulnerability
  6. [USN-473-1] libgd2 vulnerabilities
  7. RE: [Full-disclosure] Safari for Windows,0day URL protocol handler command injection
  8. Re: Sudo: local root compromise with krb5 enabled
  9. Safari for Windows, 0day URL protocol handler command injection
  10. Re: [SECURITY] [DSA 1299-1] New ipsec-tools packages fix denial of
  11. [SECURITY] [DSA 1306-1] New xulrunner packages fix several vulnerabilities
  12. PHP parse_str() arbitrary variable overwrite
  13. ZDI-07-036: Arris Cadant C3 CMTS Remote DoS Vulnerability
  14. [SECURITY] [DSA 1307-1] New OpenOffice.org packages fix arbitrary code execution
  15. [security bulletin] HPSBUX02219 SSRT061273 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS)
  16. Re: PHP parse_str() arbitrary variable overwrite
  17. [ MDKSA-2007:119 ] - Updated Thunderbird packages fix multiple
  18. Windows Oday release
  19. [ MDKSA-2007:120 ] - Updated Firefox packages fix multiple
  20. ZDI-07-037: Microsoft Internet Explorer Language Pack Installation Remote
  21. ZDI-07-038: Microsoft Internet Explorer Prototype Dereference Code
  22. Re: Windows Oday release
  23. Menu Manager Mod for WebAPP - No Input Filtering
  24. iDefense Security Advisory 06.12.07: Microsoft License Manager and
  25. Webmin group started. Gurus needed.
  26. [USN-474-1] xscreensaver vulnerability
  27. Re: PHP parse_str() arbitrary variable overwrite
  28. Apple Safari: cookie stealing
  29. Re: Windows Oday release
  30. Re: Re: PHP parse_str() arbitrary variable overwrite
  31. Re: [Full-disclosure] Apple Safari: cookie stealing
  32. iDefense Security Advisory 06.13.07: Multiple Vendor libexif Integer
  33. Re: Windows Oday release
  34. High risk vulnerability in OpenOffice RTF parser
  35. Re: PHP parse_str() arbitrary variable overwrite
  36. [SECURITY] [DSA 1305-1] New icedove packages fix several vulnerabilities
  37. FLEA-2007-0025-1: openoffice.org
  38. [ MDKSA-2007:123 ] - Updated libwmf packages fix vulnerability
  39. Singapore Gallery fullpath disclosure
  40. [ MDKSA-2007:122 ] - Updated gd packages fix vulnerability
  41. Re: Sudo: local root compromise with krb5 enabled
  42. rPSA-2007-0119-1 spamassassin
  43. [ MDKSA-2007:124 ] - Updated tetex packages fix vulnerability
  44. [CVE-2007-2450]: Apache Tomcat XSS vulnerability in Manager
  45. [ MDKSA-2007:121 ] - Updated freetype2 packages fix integer overflow
  46. Re: Re: BlackBoard Multiple Vulnerabilities (XSS)
  47. [CVE-2007-2449] Apache Tomcat XSS vulnerabilities in the JSP examples
  48. [SECURITY] [DSA 1308-1] New iceweasel packages fix several vulnerabilities
  49. iDefense Security Advisory 06.14.07: Apache MyFaces Tomahawk JSF
  50. Elxis CMS <= 2006.4 - banner module - sql injection
  51. Re: RedLevel Advisory #23 - SalesCart Shopping Cart SQL Injection
  52. ByPass In PortalApp
  53. Re: RedLevel Advisory #23 - SalesCart Shopping Cart SQL Injection Vulnerability
  54. RFI In Script SH-News 3.1
  55. Re: Windows Oday release
  56. [ MDKSA-2007:125 ] - Updated spamassassin packages fix possible DoS
  57. Re: [Full-disclosure] Windows Oday release
  58. Re: [MajorSecurity Advisory #47]Simple Machines Forum (SMF) -
  59. Re: [Full-disclosure] Apple Safari: urlbar/window title spoofing
  60. Kaspersky Multiple insufficient argument validation of hooked SSDT
  61. rPSA-2007-0123-1 squirrelmail
  62. Re: [Full-disclosure] Apple Safari: urlbar/window title spoofing
  63. rPSA-2007-0124-1 kernel xen
  64. rPSA-2007-0126-1 util-linux
  65. rPSA-2007-0122-1 evolution-data-server
  66. [ GLSA 200706-05 ] ClamAV: Multiple Denials of Service
  67. Re: Sudo: local root compromise with krb5 enabled
  68. Papoo CMS - Multiple Cross Site Scripting
  69. PhpListPro Persistent XSS Vulnerability
  70. [ MDKSA-2007:126 ] - Updated Firefox packages fix multiple
  71. [SECURITY] [DSA 1304-1] New Linux kernel 2.6.8 packages fix several
  72. Sitellite cms <= 4.2.12 RFI Vuln
  73. Local Denial of Service in Safari
  74. Having Fun With PostgreSQL
  75. [SECURITY] [DSA 1309-1] New PostgreSQL 8.1 packages fix privilege escalation
  76. [ MDKSA-2007:126-1 ] - Updated Firefox packages fix multiple
  77. [SECURITY] [DSA 1309-1] New libexif packages fix integer overflow
  78. [SECURITY] [DSA 1310-1] New libexif packages fix integer overflow
  79. WSPortal version 1.0 Path Disclosure Vulnerability
  80. Utopia News Pro version 1.4.0 XSS Attack Vulnerability
  81. WSPortal version 1.0 SQL Injection Vulnerability
  82. [SECURITY] [DSA 1311-1] New PostgreSQL 7.4 packages fix privilege escalation
  83. [SECURITY] [DSA 1312-1] New libapache-mod-jk packages fix information disclosure
  84. Re: Menu Manager Mod for WebAPP - No Input Filtering
  85. PHP hosting Biller
  86. Re: Having Fun With PostgreSQL
  87. [security bulletin] HPSBMA02224 SSRT071334 rev.1 - HP System Management Homepage (SMH) for Linux, Remote Privileged Access
  88. Webif.cgi local file inclusion
  89. fuzzylime (forum) XSS
  90. Fusetalk SQL injection submission.
  91. iDefense Security Advisory 06.18.07: Cerulean Studios Trillian UTF-8
  92. Re: Sitellite cms <= 4.2.12 RFI Vuln
  93. FLEA-2007-0026-1: evolution-data-server
  94. [CVE-2007-1358] Apache Tomcat XSS vulnerability in Accept-Language
  95. rPSA-2007-0127-1 fetchmail
  96. fusetalk SQL (autherror.cfm)
  97. CfP: 5th ACM Workshop on Recurring Malware (WORM) - Deadline
  98. iG Shop 1.4 eval Inclusion Vulnerability
  99. MaraDNS denial of service vulnerabilities
  100. Local File Include Vulnerabilities in YaBB <= 2.1(all version)
  101. Persistent cross-site scripting in wordpress.com dashboard
  102. Re: Having Fun With PostgreSQL
  103. [SECURITY] [DSA 1313-1] New MPlayer packages fix arbitrary code execution
  104. Re: Windows Oday release
  105. Re: RedLevel Advisory #23 - SalesCart Shopping Cart SQL Injection Vulnerability
  106. [SECURITY] [DSA 1314-1] New open-iscsi packages fix several vulnerabilities
  107. W1L3D4 WEBmarket v0,1 SQL Injection Vuln
  108. [SECURITY] [DSA 1315-1] New libphp-phpmailer packages fix arbitrary shell command execution
  109. [ GLSA 200706-06 ] Mozilla products: Multiple vulnerabilities
  110. [ GLSA 200706-07 ] PHProjekt: Multiple vulnerabilities
  111. [ MDKSA-2007:127 ] - Updated apache packages fix mod_mem_cache issue
  112. New post Topic Hijacking XSS All vBulletin v 3.x.x (2)
  113. Comersus Shop Cart 7.07 SQL Injection & XSS
  114. Apache Prefork MPM vulnerabilities - Report
  115. [ MDKSA-2007:129 ] - Updated jasper packages fix vulnerability
  116. New Include Redirect Bug XSS All vBulletin v 3.x.x
  117. Pixy - An Open-Source Vulnerability Scanner for PHP Applications
  118. FLEA-2007-0027-1: thunderbird
  119. [ MDKSA-2007:128 ] - Updated libexif packages fix integer overflow flaw
  120. fusetalk CSS (comfinish.cfm)
  121. fusetalk CSS (autherror.cfm)
  122. [security bulletin] HPSBPI02226 SSRT061274 rev.1 - HP Help and Support Center Running on HP Notebook Computers Running with Windows XP, Remote Unauthorized Access
  123. [security bulletin] HPSBTU02218 SSRT071424 rev.1 - HP Tru64 UNIX Internet Express running Samba, Remote Arbitrary Code Execution or Local Unauthorized Privilege Elevation
  124. HTTP SERVER (httpsv1.6.2) source code disclosure
  125. MyServer-0.8.9 - source code disclosure
  126. MyServer-0.8.9 - xss in sample cgi page
  127. HTTP SERVER (httpsv1.6.2) 404 Denial of Service
  128. [ MDKSA-2007:130 ] - Updated proftpd packages fix authentication
  129. [ MDKSA-2007:131 ] - Updated Thunderbird packages fix multiple
  130. [SECURITY] [DSA 1316-1] New emacs21 packages fix denial of service
  131. Re: New Include Redirect Bug XSS All vBulletin v 3.x.x
  132. Re: New post Topic Hijacking XSS All vBulletin v 3.x.x (2)
  133. VLC 0.8.6b format string vulnerability & integer overflow
  134. Re: New Include Redirect Bug XSS All vBulletin v 3.x.x
  135. [ MDKSA-2007:132 ] - Updated madwifi-source,
  136. NetClassifieds [multiple vulnerabilities]
  137. [security bulletin] HPSBGN02199 SSRT071312 rev.3 - Mercury Quality Center ActiveX, Remote Unauthorized Arbitrary Code Executio
  138. HPSBST02231 SSRT071438 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS07-030 to MS07-035
  139. Re: New Include Redirect Bug XSS All vBulletin(r) v 3.x.x
  140. iDefense Security Advisory 06.21.07: Ingres Database Multiple Heap
  141. [ MDKSA-2007:133 ] - Updated emacs packages fix DoS vulnerability
  142. [ MDKSA-2007:134 ] - Updated xfsdump packages fix unsafe temporary
  143. MS07-034: Executing arbitrary script with mhtml: protocol handler
  144. [USN-475-1] evolution-data-server vulnerability
  145. Re: Re: New Include Redirect Bug XSS All vBulletin(r) v 3.x.x
  146. All Of the Mambo & Joomla Script Remote File Inclussion Bugs..
  147. [CAID 35450, 35451, 35452, 35453]: CA Products That Embed Ingres Multiple Vulnerabilities
  148. Re: Re: New Include Redirect Bug XSS All vBulletin v 3.x.x
  149. eNdonesia 8.4 [multiple injection sql]
  150. [USN-476-1] redhat-cluster-suite vulnerability
  151. FLEA-2007-0028-1: libexif
  152. [ MDKSA-2007:135 ] - Updated webmin packages fix XSS vulnerability
  153. [SECURITY] [DSA 1317-1] New tinymux packages fix buffer overflow
  154. Re: Re: PHPMyDesk Beta Release 1.0b ==> RFI
  155. [SECURITY] [DSA 1318-1] New ekg packages fix denial of service
  156. [SECURITY] [DSA 1319-1] New maradns packages fix denial of service
  157. [SECURITY] [DSA 1321-1] New evolution-data-server packages fix arbitrary code execution
  158. [SECURITY] [DSA 1320-1] New clamav packages fix several vulnerabilities
  159. Stock of CISCO dumps
  160. Stock of CISCO dumps
  161. [GOODFELLAS - VULN] BarCodeAx.dll v. 4.9 ActiveX Control Remote
  162. SHTTPD V1.38 server source code disclosure
  163. Ingres Unauthenticated Pointer Overwrite 2
  164. KF Web Server 3.1.0 admin console XSS
  165. Ingres verifydb local stack overflow
  166. Papoo CMS 3.6 - SQL Injection
  167. Ingres Unauthenticated Pointer Overwrite 1
  168. POWER PHLOGGER v.2.2.5 (username) SQL Injection
  169. Ingres stack overflow in uuid_from_char function
  170. Ingres wakeup setuid(ingres) file truncation
  171. LiteWEB 2.7 404 Denial of Services
  172. Pluxml 0.3.1 Remote Code Execution Exploit
  173. Calendarix version 0.7. 20070307 Multiple Path Disclosure
  174. Safari Bookmarks Buffer Overflow Vulnerability
  175. Calendarix version 0.7. 20070307 Multiple XSS Attacks
  176. phpTrafficA < 1.4.2
  177. Calendarix version 0.7. 20070307 Multiple Path Disclosure
  178. Papoo CMS 3.6 - Access Restriction Bypass
  179. Re: Re: [MajorSecurity Advisory #47]Simple Machines Forum (SMF) -
  180. Safari XMLHttpRequest HTTP header injection
  181. "run as" local denial-of-service enables administrative account processes to be killed
  182. rPSA-2007-0131-1 libexif
  183. MyNews version 0.10 SQL Injection Vulnerability
  184. Calendarix version 0.7. 20070307 Multiple SQL Injection
  185. Re: Apple Safari: idn urlbar spoofing
  186. Re: [Full-disclosure] Apple Safari: idn urlbar spoofing
  187. RE: [Full-disclosure] Apple Safari: idn urlbar spoofing
  188. [ISR] :: Infobyte Security Research :: release (ISR-sqlget.pl) v1.0.0
  189. CFP: ISOI III (a DA workshop)
  190. rPSA-2007-0133-1 emacs emacs-leim
  191. SYMSA-2007-004: Multiple Vulnerabilities in Xythos Server Products
  192. Re: KF Web Server 3.1.0 admin console XSS
  193. RE: "run as" local denial-of-service enables administrative account processes to be killed
  194. MITKRB5-SA-2007-004: kadmind multiple RPC lib vulnerabilities
  195. MITKRB5-SA-2007-005: kadmind vulnerable to buffer overflow
  196. iDefense Security Advisory 06.26.07: Multiple Vendor Kerberos kadmind
  197. Calyptix Security Advisory CX-2007-04 - Cross-Site Request Forgery
  198. iDefense Security Advisory 06.26.07: RealNetworks RealPlayer/HelixPlayer
  199. [GOODFELLAS - VULN ] Avaxswf.dll v.1.0.0.1 from Avax Vector
  200. [ GLSA 200706-09 ] libexif: Buffer overflow
  201. [ GLSA 200706-08 ] emul-linux-x86-java: Multiple vulnerabilities
  202. [USN-477-1] krb5 vulnerabilities
  203. [ MDKSA-2007:137 ] - Updated krb5 packages fix vulnerabilities
  204. SAP Web Dynpro Java (BC-WD-JAV) Vulnerability
  205. [USN-478-1] libexif vulnerability
  206. PHP 4/5 htaccess safemode and open_basedir Bypass
  207. SAP Internet Communication Framework (BC-MID-ICF) Vulnerability
  208. Re: Apple Safari: idn urlbar spoofing
  209. Openedge _mprosrv buffer overflow
  210. Conti FTP Server v1.0 DoS
  211. [ MDKSA-2007:136 ] - Updated evolution packages fix vulnerability
  212. HPSBTU02207 SSRT061239 rev.2 - HP Tru64 UNIX OpenSSL and BIND Remote Arbitrary Code Execution or Denial of Service (DoS)
  213. Contact request - nVidia
  214. Juniper SBR V 6.0.1 CRL-Checking problem
  215. CheckPoint VPN-1 UTM Edge Cross Site Request Forgery vulnerability
  216. rPSA-2007-0135-1 krb5 krb5-server krb5-services krb5-test
  217. [GOODFELLAS - VULN] hpqxml.dll 2.0.0.133 from HP Digital Imaging
  218. [SECURITY] [DSA 1322-1] New wireshark packages fix denial of service
  219. eTicket version 1.5.5 Path Disclosure Vulnerability
  220. eTicket version 1.5.5 XSS Attack Vulnerability
  221. rPSA-2007-0136-1 httpd mod_ssl
  222. FLEA-2007-0029-1: krb5 krb5-workstation
  223. XEForum Cookie Modification Privilege Escalation Vulnerability
  224. Secunia Research: Symantec Mail Security for SMTP Boundary Errors
  225. Secunia Research: KVIrc irc:// URI Handler Command Execution
  226. [security bulletin] HPSBTU02232 SSRT071429 rev.1 - Secure Web Server for HP Tru64 UNIX Powered by Apache (SWS) or HP Internet Express for Tru64 UNIX running PHP, Remote Arbitrary Code Execution, Unauthorized Disclosure of Information, or Denial of Se
  227. FLEA-2007-0030-1: avahi avahi-glib avahi-sharp
  228. [SECURITY] [DSA 1324-1] New hiki packages fix missing input sanitising
  229. [SECURITY] [DSA 1323-1] New krb5 packages fix several vulnerabilities
  230. TSLSA-2007-0021 - kerberos5
  231. [SECURITY] [DSA 1325-1] New evolution packages fix arbitrary code execution
  232. flac123 0.0.9 - Stack overflow in comment parsing
  233. SQL Injection In Script VBZooM V1.12
  234. [USN-479-1] MadWifi vulnerabilities
  235. Re: eTicket version 1.5.5 XSS Attack Vulnerability
  236. Airscanner Advisory #07062901: FlexiSPY Victim/User Database Exposure
  237. Re: Re: Progress Webspeed exploit for all releases
  238. WheatBlog 1.1 RFI/SQL Injection
  239. akocomment SQL INJECTION (all version)
  240. [SECURITY] [DSA 1327-1] New gsambad packages fix unsafe temporary files
  241. [ GLSA 200707-01 ] Firebird: Buffer overflow
  242. eTicket v.1.5.1.1 Multiple Cross-Site Scripting
  243. [SECURITY] [DSA 1326-1] New fireflier-server packages fix unsafe temporary files
  244. FreeDomain.co.nr Clone SQL Injection
  245. Re: Light Blog 4.1 XSS Vulnerability
  246. Advisory : Internet Explorer Zone Domain Specification Dos and Page
  247. PHPDirector <= 0.21 (SQL injection/Upload SHELL) Remote
  248. AV Arcade 2.1b (view_page.php) Remote SQL Injection
  249. [SECURITY] [DSA 1328-1] New unicon-imc2 packages fix buffer overflow
  250. AV Arcade 2.1b (COOKIE[ava_userid]) Get Admin Rights