Bekijk Volledige Versie : Bugtraq mailing lijst
- SECNICHE : Dwelling Security is On the Run
- [ GLSA 200706-04 ] MadWifi: Multiple vulnerabilities
- [USN-439-2] file vulnerability
- [USN-471-1] libexif vulnerability
- [USN-472-1] libpng vulnerability
- [USN-473-1] libgd2 vulnerabilities
- RE: [Full-disclosure] Safari for Windows,0day URL protocol handler command injection
- Re: Sudo: local root compromise with krb5 enabled
- Safari for Windows, 0day URL protocol handler command injection
- Re: [SECURITY] [DSA 1299-1] New ipsec-tools packages fix denial of
- [SECURITY] [DSA 1306-1] New xulrunner packages fix several vulnerabilities
- PHP parse_str() arbitrary variable overwrite
- ZDI-07-036: Arris Cadant C3 CMTS Remote DoS Vulnerability
- [SECURITY] [DSA 1307-1] New OpenOffice.org packages fix arbitrary code execution
- [security bulletin] HPSBUX02219 SSRT061273 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS)
- Re: PHP parse_str() arbitrary variable overwrite
- [ MDKSA-2007:119 ] - Updated Thunderbird packages fix multiple
- Windows Oday release
- [ MDKSA-2007:120 ] - Updated Firefox packages fix multiple
- ZDI-07-037: Microsoft Internet Explorer Language Pack Installation Remote
- ZDI-07-038: Microsoft Internet Explorer Prototype Dereference Code
- Re: Windows Oday release
- Menu Manager Mod for WebAPP - No Input Filtering
- iDefense Security Advisory 06.12.07: Microsoft License Manager and
- Webmin group started. Gurus needed.
- [USN-474-1] xscreensaver vulnerability
- Re: PHP parse_str() arbitrary variable overwrite
- Apple Safari: cookie stealing
- Re: Windows Oday release
- Re: Re: PHP parse_str() arbitrary variable overwrite
- Re: [Full-disclosure] Apple Safari: cookie stealing
- iDefense Security Advisory 06.13.07: Multiple Vendor libexif Integer
- Re: Windows Oday release
- High risk vulnerability in OpenOffice RTF parser
- Re: PHP parse_str() arbitrary variable overwrite
- [SECURITY] [DSA 1305-1] New icedove packages fix several vulnerabilities
- FLEA-2007-0025-1: openoffice.org
- [ MDKSA-2007:123 ] - Updated libwmf packages fix vulnerability
- Singapore Gallery fullpath disclosure
- [ MDKSA-2007:122 ] - Updated gd packages fix vulnerability
- Re: Sudo: local root compromise with krb5 enabled
- rPSA-2007-0119-1 spamassassin
- [ MDKSA-2007:124 ] - Updated tetex packages fix vulnerability
- [CVE-2007-2450]: Apache Tomcat XSS vulnerability in Manager
- [ MDKSA-2007:121 ] - Updated freetype2 packages fix integer overflow
- Re: Re: BlackBoard Multiple Vulnerabilities (XSS)
- [CVE-2007-2449] Apache Tomcat XSS vulnerabilities in the JSP examples
- [SECURITY] [DSA 1308-1] New iceweasel packages fix several vulnerabilities
- iDefense Security Advisory 06.14.07: Apache MyFaces Tomahawk JSF
- Elxis CMS <= 2006.4 - banner module - sql injection
- Re: RedLevel Advisory #23 - SalesCart Shopping Cart SQL Injection
- ByPass In PortalApp
- Re: RedLevel Advisory #23 - SalesCart Shopping Cart SQL Injection Vulnerability
- RFI In Script SH-News 3.1
- Re: Windows Oday release
- [ MDKSA-2007:125 ] - Updated spamassassin packages fix possible DoS
- Re: [Full-disclosure] Windows Oday release
- Re: [MajorSecurity Advisory #47]Simple Machines Forum (SMF) -
- Re: [Full-disclosure] Apple Safari: urlbar/window title spoofing
- Kaspersky Multiple insufficient argument validation of hooked SSDT
- rPSA-2007-0123-1 squirrelmail
- Re: [Full-disclosure] Apple Safari: urlbar/window title spoofing
- rPSA-2007-0124-1 kernel xen
- rPSA-2007-0126-1 util-linux
- rPSA-2007-0122-1 evolution-data-server
- [ GLSA 200706-05 ] ClamAV: Multiple Denials of Service
- Re: Sudo: local root compromise with krb5 enabled
- Papoo CMS - Multiple Cross Site Scripting
- PhpListPro Persistent XSS Vulnerability
- [ MDKSA-2007:126 ] - Updated Firefox packages fix multiple
- [SECURITY] [DSA 1304-1] New Linux kernel 2.6.8 packages fix several
- Sitellite cms <= 4.2.12 RFI Vuln
- Local Denial of Service in Safari
- Having Fun With PostgreSQL
- [SECURITY] [DSA 1309-1] New PostgreSQL 8.1 packages fix privilege escalation
- [ MDKSA-2007:126-1 ] - Updated Firefox packages fix multiple
- [SECURITY] [DSA 1309-1] New libexif packages fix integer overflow
- [SECURITY] [DSA 1310-1] New libexif packages fix integer overflow
- WSPortal version 1.0 Path Disclosure Vulnerability
- Utopia News Pro version 1.4.0 XSS Attack Vulnerability
- WSPortal version 1.0 SQL Injection Vulnerability
- [SECURITY] [DSA 1311-1] New PostgreSQL 7.4 packages fix privilege escalation
- [SECURITY] [DSA 1312-1] New libapache-mod-jk packages fix information disclosure
- Re: Menu Manager Mod for WebAPP - No Input Filtering
- PHP hosting Biller
- Re: Having Fun With PostgreSQL
- [security bulletin] HPSBMA02224 SSRT071334 rev.1 - HP System Management Homepage (SMH) for Linux, Remote Privileged Access
- Webif.cgi local file inclusion
- fuzzylime (forum) XSS
- Fusetalk SQL injection submission.
- iDefense Security Advisory 06.18.07: Cerulean Studios Trillian UTF-8
- Re: Sitellite cms <= 4.2.12 RFI Vuln
- FLEA-2007-0026-1: evolution-data-server
- [CVE-2007-1358] Apache Tomcat XSS vulnerability in Accept-Language
- rPSA-2007-0127-1 fetchmail
- fusetalk SQL (autherror.cfm)
- CfP: 5th ACM Workshop on Recurring Malware (WORM) - Deadline
- iG Shop 1.4 eval Inclusion Vulnerability
- MaraDNS denial of service vulnerabilities
- Local File Include Vulnerabilities in YaBB <= 2.1(all version)
- Persistent cross-site scripting in wordpress.com dashboard
- Re: Having Fun With PostgreSQL
- [SECURITY] [DSA 1313-1] New MPlayer packages fix arbitrary code execution
- Re: Windows Oday release
- Re: RedLevel Advisory #23 - SalesCart Shopping Cart SQL Injection Vulnerability
- [SECURITY] [DSA 1314-1] New open-iscsi packages fix several vulnerabilities
- W1L3D4 WEBmarket v0,1 SQL Injection Vuln
- [SECURITY] [DSA 1315-1] New libphp-phpmailer packages fix arbitrary shell command execution
- [ GLSA 200706-06 ] Mozilla products: Multiple vulnerabilities
- [ GLSA 200706-07 ] PHProjekt: Multiple vulnerabilities
- [ MDKSA-2007:127 ] - Updated apache packages fix mod_mem_cache issue
- New post Topic Hijacking XSS All vBulletin v 3.x.x (2)
- Comersus Shop Cart 7.07 SQL Injection & XSS
- Apache Prefork MPM vulnerabilities - Report
- [ MDKSA-2007:129 ] - Updated jasper packages fix vulnerability
- New Include Redirect Bug XSS All vBulletin v 3.x.x
- Pixy - An Open-Source Vulnerability Scanner for PHP Applications
- FLEA-2007-0027-1: thunderbird
- [ MDKSA-2007:128 ] - Updated libexif packages fix integer overflow flaw
- fusetalk CSS (comfinish.cfm)
- fusetalk CSS (autherror.cfm)
- [security bulletin] HPSBPI02226 SSRT061274 rev.1 - HP Help and Support Center Running on HP Notebook Computers Running with Windows XP, Remote Unauthorized Access
- [security bulletin] HPSBTU02218 SSRT071424 rev.1 - HP Tru64 UNIX Internet Express running Samba, Remote Arbitrary Code Execution or Local Unauthorized Privilege Elevation
- HTTP SERVER (httpsv1.6.2) source code disclosure
- MyServer-0.8.9 - source code disclosure
- MyServer-0.8.9 - xss in sample cgi page
- HTTP SERVER (httpsv1.6.2) 404 Denial of Service
- [ MDKSA-2007:130 ] - Updated proftpd packages fix authentication
- [ MDKSA-2007:131 ] - Updated Thunderbird packages fix multiple
- [SECURITY] [DSA 1316-1] New emacs21 packages fix denial of service
- Re: New Include Redirect Bug XSS All vBulletin v 3.x.x
- Re: New post Topic Hijacking XSS All vBulletin v 3.x.x (2)
- VLC 0.8.6b format string vulnerability & integer overflow
- Re: New Include Redirect Bug XSS All vBulletin v 3.x.x
- [ MDKSA-2007:132 ] - Updated madwifi-source,
- NetClassifieds [multiple vulnerabilities]
- [security bulletin] HPSBGN02199 SSRT071312 rev.3 - Mercury Quality Center ActiveX, Remote Unauthorized Arbitrary Code Executio
- HPSBST02231 SSRT071438 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS07-030 to MS07-035
- Re: New Include Redirect Bug XSS All vBulletin(r) v 3.x.x
- iDefense Security Advisory 06.21.07: Ingres Database Multiple Heap
- [ MDKSA-2007:133 ] - Updated emacs packages fix DoS vulnerability
- [ MDKSA-2007:134 ] - Updated xfsdump packages fix unsafe temporary
- MS07-034: Executing arbitrary script with mhtml: protocol handler
- [USN-475-1] evolution-data-server vulnerability
- Re: Re: New Include Redirect Bug XSS All vBulletin(r) v 3.x.x
- All Of the Mambo & Joomla Script Remote File Inclussion Bugs..
- [CAID 35450, 35451, 35452, 35453]: CA Products That Embed Ingres Multiple Vulnerabilities
- Re: Re: New Include Redirect Bug XSS All vBulletin v 3.x.x
- eNdonesia 8.4 [multiple injection sql]
- [USN-476-1] redhat-cluster-suite vulnerability
- FLEA-2007-0028-1: libexif
- [ MDKSA-2007:135 ] - Updated webmin packages fix XSS vulnerability
- [SECURITY] [DSA 1317-1] New tinymux packages fix buffer overflow
- Re: Re: PHPMyDesk Beta Release 1.0b ==> RFI
- [SECURITY] [DSA 1318-1] New ekg packages fix denial of service
- [SECURITY] [DSA 1319-1] New maradns packages fix denial of service
- [SECURITY] [DSA 1321-1] New evolution-data-server packages fix arbitrary code execution
- [SECURITY] [DSA 1320-1] New clamav packages fix several vulnerabilities
- Stock of CISCO dumps
- Stock of CISCO dumps
- [GOODFELLAS - VULN] BarCodeAx.dll v. 4.9 ActiveX Control Remote
- SHTTPD V1.38 server source code disclosure
- Ingres Unauthenticated Pointer Overwrite 2
- KF Web Server 3.1.0 admin console XSS
- Ingres verifydb local stack overflow
- Papoo CMS 3.6 - SQL Injection
- Ingres Unauthenticated Pointer Overwrite 1
- POWER PHLOGGER v.2.2.5 (username) SQL Injection
- Ingres stack overflow in uuid_from_char function
- Ingres wakeup setuid(ingres) file truncation
- LiteWEB 2.7 404 Denial of Services
- Pluxml 0.3.1 Remote Code Execution Exploit
- Calendarix version 0.7. 20070307 Multiple Path Disclosure
- Safari Bookmarks Buffer Overflow Vulnerability
- Calendarix version 0.7. 20070307 Multiple XSS Attacks
- phpTrafficA < 1.4.2
- Calendarix version 0.7. 20070307 Multiple Path Disclosure
- Papoo CMS 3.6 - Access Restriction Bypass
- Re: Re: [MajorSecurity Advisory #47]Simple Machines Forum (SMF) -
- Safari XMLHttpRequest HTTP header injection
- "run as" local denial-of-service enables administrative account processes to be killed
- rPSA-2007-0131-1 libexif
- MyNews version 0.10 SQL Injection Vulnerability
- Calendarix version 0.7. 20070307 Multiple SQL Injection
- Re: Apple Safari: idn urlbar spoofing
- Re: [Full-disclosure] Apple Safari: idn urlbar spoofing
- RE: [Full-disclosure] Apple Safari: idn urlbar spoofing
- [ISR] :: Infobyte Security Research :: release (ISR-sqlget.pl) v1.0.0
- CFP: ISOI III (a DA workshop)
- rPSA-2007-0133-1 emacs emacs-leim
- SYMSA-2007-004: Multiple Vulnerabilities in Xythos Server Products
- Re: KF Web Server 3.1.0 admin console XSS
- RE: "run as" local denial-of-service enables administrative account processes to be killed
- MITKRB5-SA-2007-004: kadmind multiple RPC lib vulnerabilities
- MITKRB5-SA-2007-005: kadmind vulnerable to buffer overflow
- iDefense Security Advisory 06.26.07: Multiple Vendor Kerberos kadmind
- Calyptix Security Advisory CX-2007-04 - Cross-Site Request Forgery
- iDefense Security Advisory 06.26.07: RealNetworks RealPlayer/HelixPlayer
- [GOODFELLAS - VULN ] Avaxswf.dll v.1.0.0.1 from Avax Vector
- [ GLSA 200706-09 ] libexif: Buffer overflow
- [ GLSA 200706-08 ] emul-linux-x86-java: Multiple vulnerabilities
- [USN-477-1] krb5 vulnerabilities
- [ MDKSA-2007:137 ] - Updated krb5 packages fix vulnerabilities
- SAP Web Dynpro Java (BC-WD-JAV) Vulnerability
- [USN-478-1] libexif vulnerability
- PHP 4/5 htaccess safemode and open_basedir Bypass
- SAP Internet Communication Framework (BC-MID-ICF) Vulnerability
- Re: Apple Safari: idn urlbar spoofing
- Openedge _mprosrv buffer overflow
- Conti FTP Server v1.0 DoS
- [ MDKSA-2007:136 ] - Updated evolution packages fix vulnerability
- HPSBTU02207 SSRT061239 rev.2 - HP Tru64 UNIX OpenSSL and BIND Remote Arbitrary Code Execution or Denial of Service (DoS)
- Contact request - nVidia
- Juniper SBR V 6.0.1 CRL-Checking problem
- CheckPoint VPN-1 UTM Edge Cross Site Request Forgery vulnerability
- rPSA-2007-0135-1 krb5 krb5-server krb5-services krb5-test
- [GOODFELLAS - VULN] hpqxml.dll 2.0.0.133 from HP Digital Imaging
- [SECURITY] [DSA 1322-1] New wireshark packages fix denial of service
- eTicket version 1.5.5 Path Disclosure Vulnerability
- eTicket version 1.5.5 XSS Attack Vulnerability
- rPSA-2007-0136-1 httpd mod_ssl
- FLEA-2007-0029-1: krb5 krb5-workstation
- XEForum Cookie Modification Privilege Escalation Vulnerability
- Secunia Research: Symantec Mail Security for SMTP Boundary Errors
- Secunia Research: KVIrc irc:// URI Handler Command Execution
- [security bulletin] HPSBTU02232 SSRT071429 rev.1 - Secure Web Server for HP Tru64 UNIX Powered by Apache (SWS) or HP Internet Express for Tru64 UNIX running PHP, Remote Arbitrary Code Execution, Unauthorized Disclosure of Information, or Denial of Se
- FLEA-2007-0030-1: avahi avahi-glib avahi-sharp
- [SECURITY] [DSA 1324-1] New hiki packages fix missing input sanitising
- [SECURITY] [DSA 1323-1] New krb5 packages fix several vulnerabilities
- TSLSA-2007-0021 - kerberos5
- [SECURITY] [DSA 1325-1] New evolution packages fix arbitrary code execution
- flac123 0.0.9 - Stack overflow in comment parsing
- SQL Injection In Script VBZooM V1.12
- [USN-479-1] MadWifi vulnerabilities
- Re: eTicket version 1.5.5 XSS Attack Vulnerability
- Airscanner Advisory #07062901: FlexiSPY Victim/User Database Exposure
- Re: Re: Progress Webspeed exploit for all releases
- WheatBlog 1.1 RFI/SQL Injection
- akocomment SQL INJECTION (all version)
- [SECURITY] [DSA 1327-1] New gsambad packages fix unsafe temporary files
- [ GLSA 200707-01 ] Firebird: Buffer overflow
- eTicket v.1.5.1.1 Multiple Cross-Site Scripting
- [SECURITY] [DSA 1326-1] New fireflier-server packages fix unsafe temporary files
- FreeDomain.co.nr Clone SQL Injection
- Re: Light Blog 4.1 XSS Vulnerability
- Advisory : Internet Explorer Zone Domain Specification Dos and Page
- PHPDirector <= 0.21 (SQL injection/Upload SHELL) Remote
- AV Arcade 2.1b (view_page.php) Remote SQL Injection
- [SECURITY] [DSA 1328-1] New unicon-imc2 packages fix buffer overflow
- AV Arcade 2.1b (COOKIE[ava_userid]) Get Admin Rights