PDA

Bekijk Volledige Versie : Bugtraq mailing lijst



Pagina's : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 [83] 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98

  1. Creating Backdoors in Cisco IOS using Tcl
  2. [USN-546-1] Firefox vulnerabilities
  3. [USN-547-1] PCRE vulnerabilities
  4. Announce: RFIDIOt release RFIDIOt-0.1r, November 2007
  5. National Computer and Information Security Conferences ACIS 2008 - COLOMBIA
  6. [SECURITY] [DSA 1414-1] New wireshark packages fix several vulnerabilities
  7. OWASP Israel Conference 2007, Dec 3rd 2007
  8. [security bulletin] HPSBUX02251 SSRT071449 rev.3 - HP-UX Running BIND, Remote DNS Cache Poisoning
  9. Ruby/Gnome2 0.16.0 Format String Vulnerability
  10. Re: [Full-disclosure] Creating Backdoors in Cisco IOS using Tcl
  11. Eurologon CMS Multiple SQL Injection
  12. Eurologon CMS Db credentials disclosure / files download
  13. Re: Creating Backdoors in Cisco IOS using Tcl
  14. CORE-2007-0821: Lotus Notes buffer overflow in the Lotus WorkSheet
  15. Liferay Enterprise Portal multiple XSS
  16. PHPSlideShow XSS Update
  17. PHPkit 1.6.1 (include.php?path=) Remote File Inclusion
  18. [SECURITY] [DSA 1416-1] New tk8.3 packages fix arbitrary code execution
  19. [SECURITY] [DSA 1415-1] New tk8.4 packages fix arbitrary code execution
  20. Win2K3 Priv Escalation
  21. Re: Win2K3 Priv Escalation
  22. Microsoft FTP Client Multiple Bufferoverflow Vulnerability
  23. Secunia Research: Symantec Backup Exec Job Engine Denial of Service
  24. RE: Win2K3 Priv Escalation
  25. Re: Win2K3 Priv Escalation
  26. RE: Win2K3 Priv Escalation
  27. Gekko <=0.8.2 (temp directory) Path Disclosure
  28. SYM07-029 Symantec BEWS Multiple DoS in Job Engine
  29. [ MDKSA-2007:232 ] - Updated kernel packages fix multiple
  30. Some Data of POC2007
  31. [ MDKSA-2007:233 ] - Updated cpio package fixes buffer overflow and
  32. Re: Gekko <=0.8.2 (temp directory) Path Disclosure
  33. rPSA-2007-0252-1 cups poppler tetex tetex-afm tetex-dvips
  34. [USN-548-1] Pidgin vulnerability
  35. [ MDKSA-2007:233 ] - Updated cpio package fixes buffer overflow and
  36. [security bulletin] HPSBMA02283 SSRT071319 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Cross Site Scripting (XSS)
  37. [security bulletin] HPSBUX02292 SSRT071499 rev.1 - HP-UX Running Apache, Remote Execution of Arbitrary Code
  38. [SECURITY] [DSA 1409-3] New samba packages fix several vulnerabilities
  39. Digital Armaments November-December Hacking Challenge: Diffuse
  40. APC Management Vulnerability
  41. Re: Microsoft FTP Client Multiple Bufferoverflow Vulnerability
  42. IRM025: TIBCO Rendezvous RVD Daemon Remote Memory Leak DoS
  43. FreeBSD Security Advisory FreeBSD-SA-07:10.gtar
  44. FreeBSD Security Advisory FreeBSD-SA-07:09.random
  45. ERRATA: [ GLSA 200711-20 ] Pioneers: Multiple Denials of Service
  46. AST-2007-026 - SQL Injection issue in cdr_pgsql
  47. Re: Microsoft FTP Client Multiple Bufferoverflow Vulnerability
  48. AST-2007-025 - SQL Injection issue in res_config_pgsql
  49. [USN-549-1] PHP vulnerabilities
  50. Re: Microsoft FTP Client Multiple Bufferoverflow Vulnerability
  51. [ MDKSA-2007:224-3 ] - Updated samba packages fix regressions
  52. DOS in Realplayer 11 ActiveX on Win Vista and Win XP SP2
  53. Re: Microsoft FTP Client Multiple Bufferoverflow Vulnerability
  54. Re[2]: Microsoft FTP Client Multiple Bufferoverflow
  55. Re[2]: Microsoft FTP Client Multiple Bufferoverflow Vulnerability
  56. SCARE metrics and tool release
  57. PR07-14: Cross-site Scripting (XSS) / HTML injection on F5
  58. PR07-15: Cross-site Scripting (XSS) / HTML injection on F5
  59. Re: Aria-Security.net: CoolShot E-Lite POS 1.0
  60. rPSA-2007-0254-1 idle python
  61. PR07-37: XSS on Apache HTTP Server 413 error pages via malformed
  62. 27Mhz based wireless security insecurities - Aka - "We know what you typed last summer"
  63. Re: 27Mhz based wireless security insecurities - Aka - "We know what
  64. rPSA-2007-0255-1 nss_ldap
  65. DC4420 - London DEFCON chapter Christmas Party - 11th December
  66. Realplayer 11 DOS attack when processing a malformed AU file on
  67. PR06-08: BEA Plumtree portal internal hostname disclosure
  68. [SECURITY] [DSA 1417-1] New asterisk packages fix SQL injection
  69. [SECURITY] [DSA 1418-1] New cacti packages fix SQL injection
  70. Re: SQL Injection in saphp "showcat.php"
  71. [WhitePaper (SecNiche)] Information Prone LDAP Garbage Dumps
  72. sing (debian) vunlerability?
  73. PR06-11: BEA Plumtree portal search facility leaks usernames to
  74. PR06-09: BEA Plumtree portal full version disclosure vulnerability
  75. SYMSA-2007-014: SQL Injection Vulnerability in Beehive Forum
  76. McAfee SecurityCenter Privacy Service HTML Execution Vulnerability
  77. [USN-550-1] Cairo vulnerability
  78. Fwd: PR06-08: BEA Plumtree portal internal hostname disclosure vulnerability
  79. Re: SQL Injection in SaphpLesson2.0 "show.php"
  80. Lotfian Brochure and cataloge Script XSS And SQL Injection
  81. Re: PR06-08: BEA Plumtree portal internal hostname disclosure vulnerability
  82. [MacOS X] Insecure eval() in Twitgit and Twitterlex dashboard
  83. SEC Consult SA-20071204-0 :: SonicWALL Global VPN Client Format
  84. [USN-549-2] PHP regression
  85. [ MDKSA-2007:235 ] - Updated apache packages fix vulnerabilities
  86. Snitz2000 SQL Injection: A user can gain admin level
  87. [USN-551-1] OpenLDAP vulnerabilities
  88. [ MDKSA-2007:234 ] - Updated vixie-cron packages fix DoS vulnerability
  89. Re: [dns-operations] Web Proxy Auto-Discovery (WPAD) Information
  90. (Re-post) ATC-08 CFP
  91. The first release of SWFIntruder is out !
  92. PR07-39: Multiple vulnerabilities on Absolute News Manager.NET
  93. [security bulletin] HPSBMA02293 SSRT071494 rev.1 - HP Select Identity, Remote Unauthorized Access
  94. Some more widgets: Facebook, Hockey, FlickrInterestingNess (Re:
  95. Re: Powerschool 404 Admin Exposure
  96. CORE-2007-1004: VLC Activex Bad Pointer Initialization Vulnerability
  97. TIBCO Rendezvous Exploitation Video
  98. RFI and Multiple XSS in PhpMyChat
  99. [USN-546-2] Firefox regression
  100. Re: sing (debian) vunlerability?
  101. The recent number of unpatched QuickTime flaws is: two
  102. rPSA-2007-0257-1 rsync
  103. [ MDKSA-2007:236 ] - Updated openssh packages fix X11 cookie
  104. [ MDKSA-2007:237 ] - Updated openssl packages fix DTLS vulnerability
  105. [USN-552-1] Perl vulnerability
  106. Blind Sql-Injection in Joomla 1.5 RC3
  107. Re: 27Mhz based wireless security insecurities - Aka - "We know what
  108. Opera 9.50 beta and prior remote DoS (freeze)
  109. [ECHO_ADV_86$2007] Mambo/Joomla Component rsgallery <= 2.0 beta 5
  110. [USN-553-1] Mono vulnerability
  111. Sql Injection in wordpress 2.3.1
  112. Advisory: Cross Site Scripting in CiscoWorks
  113. [SECURITY] [DSA 1419-1] New OpenOffice.org packages fix arbitrary Java code execution
  114. [ELEYTT] Public Advisory 05-12-2007
  115. [SECURITY] [DSA 1420-1] New zabbix packages fix privilege escalation
  116. Cisco Security Advisory: Cisco Security Agent for Windows System Driver Remote Buffer Overflow Vulnerability
  117. Re: Sql Injection in wordpress 2.3.1
  118. Firefox 2.0.0.11 INPUT Denial Of Service
  119. Re: Sql Injection in wordpress 2.3.1
  120. [ GLSA 200712-02 ] Cacti: SQL injection
  121. SineCMS <= 2.3.4 Calendar SQL Injection 'n something else..
  122. ezContents Version 1.4.5 Remote File Disclosure Vulnerability.
  123. [ GLSA 200712-01 ] Hugin: Insecure temporary file creation
  124. Aria-Security.Net: PenPals Login and search page SQL Injection
  125. Avast! AntiVirus TAR Processing Remote Heap Corruption
  126. [security bulletin] HPSBMA02281 SSRT061261 rev.1 - HP OpenView Network Node Manager (OV NNM) Remote Unauthorized Execution of Arbitrary Code
  127. [UPDATE]CA BrightStor ARCServe BackUp Message Engine Remote Stack Overflow Vulnerability
  128. [SECURITY] [DSA 1421-1] New wesnoth packages fix arbitrary file disclosure
  129. NSFOCUS SA2007-02 : Cisco Security Agent Remote Buffer Overflow Vulnerability
  130. SQUID-2007:2, Dec 4, 2007
  131. Re: Re: Aria-Security.net: NetAuctionHelp SQL Injection
  132. HITBSecConf2007 Malaysia Videos Now Available
  133. [XSS] OpenNewsletter v2.5 Multipe XSS Attacks
  134. UPDATE: [ GLSA 200711-29 ] Samba: Execution of arbitrary code
  135. [Security Advisorie] OpenNewsletter v2.5 Multipe XSS Attacks
  136. [ MDKSA-2007:238 ] - Updated liblcms package fixes buffer overflow
  137. [USN-554-1] teTeX and TeX Live vulnerabilities
  138. Potential SQL injection vulnerability in Apache::AuthCAS
  139. [SECURITY] [DSA 1422-1] New e2fsprogs packages fix arbitrary code execution
  140. [ MDKSA-2007:239 ] - Updated heimdal packages fix potential
  141. Re: RIG Image Gallery (dir_abs_src) Remote File Include Vulnerability
  142. Re: Friend Script 2.5 - 2.4 Remote File &#304;nclude
  143. rPSA-2007-0260-1 firefox
  144. Re: BellaBiblio Admin Login Bypass
  145. [ISecAuditors Security Advisories] wwwstats is vulnerable to Persistent
  146. Re: Phorm v3.0 Remote File Upload Vulnerability
  147. TCP Port randomization paper
  148. R7-0031: JFreeChart Image Map Cross-Site Scripting Vulnerabilities
  149. [SECURITY] [DSA 1423-1] New sitebar packages fix several vulnerabilities
  150. Kvaliitti WebDoc 3.0 CMS SQL Injection vulnerability
  151. [ MDKSA-2007:240 ] - Updated libnfsidmap packages fix username lookup
  152. Two vulnerabilities in Simple HTTPD 1.38
  153. Limited upload directory traversal in HTTP File Server 2.2a / 2.3
  154. Upload directory traversal in Easy File Sharing 4.5
  155. Multiple vulnerabilities in Firefly Media Server (mt-daapd) 2.4.1 /
  156. Nullsoft Winamp MP4 tags Stack Overflow
  157. Windows media player 6.4 MP4 Stack Overflow 0-day
  158. [SECURITY] [DSA 1425-1] New xulrunner packages fix several vulnerabilities
  159. Media Player Classic 6.4.9 MP4 Stack Overflow 0-day
  160. [USN-555-1] e2fsprogs vulnerability
  161. [SECURITY] [DSA 1426-1] New qt-x11-free packages fix several vulnerabilities
  162. Lotfian.com DATABASE DRIVEN TRAVEL SITE Multiple SQL Injection
  163. webSPELL 4.01.02 (calendar.php, usergallery.php) XSS Vulnerability
  164. Call for Papers - Security and High Performance Computing System 2008
  165. Two vulnerabilities in SquirrelMail GPG plugin
  166. The Cookie Tools v0.3 -- first public release
  167. Unsanitized scripting in RoundCube webmail
  168. CVE-2007-6205
  169. Flat PHP Board <= 1.2 Multiple Vulnerabilities
  170. [ GLSA 200712-09 ] Ruby-GNOME2: Format string error
  171. Bitweaver XSS & SQL Injection Vulnerability
  172. Security and hacking papers
  173. bttlxeForum Multiple SQL Injection And Cross Site Scripting
  174. [ GLSA 200712-03 ] GNU Emacs: Multiple vulnerabilities
  175. [ GLSA 200712-06 ] Firebird: Multiple buffer overflows
  176. [ GLSA 200712-05 ] PEAR::MDB2: Information disclosure
  177. SQL injection - GestDownV1.00Beta
  178. squids ICAP implementation lacks a defer check when reading from ICAP server
  179. Falt4 CMS Security Report/Advisory
  180. Secunia Research: Samba "send_mailslot()" Buffer Overflow
  181. [ GLSA 200712-08 ] AMD64 x86 emulation Qt library: Multiple vulnerabilities
  182. [ GLSA 200712-07 ] Lookup: Insecure temporary file creation
  183. Advisory: Websense XSS Vulnerability
  184. [SECURITY] Buffer overrun in send_mailslot()
  185. Re: Windows binary of "GSview 4.8" contain vulnerable zlib (CAN-2005-2096) and vulnerable bz2lib (CAN-2005-0758 & CAN-2005-0953)
  186. rPSA-2007-0261-1 samba samba-swat
  187. WordPress Charset SQL injection vulnerability (re-resend)
  188. Re: Media Player Classic 6.4.9 MP4 Stack Overflow 0-day
  189. [ GLSA 200712-04 ] Cairo: User-assisted execution of arbitrary code
  190. Multiple vulnerabilities in BarracudaDrive 3.7.2
  191. Multiple vulnerabilities in BadBlue 2.72b
  192. Filesystem access in DOSBox 0.72
  193. [USN-550-2] Cairo regression
  194. [SECURITY] [DSA 1427-1] New samba packages fix arbitrary code execution
  195. Dell / Dell Financial Services - Contact
  196. WASC Announcement: The Script Mapping Project Results and Call for Participation
  197. [ GLSA 200712-10 ] Samba: Execution of arbitrary code
  198. Re: Dell / Dell Financial Services - Contact
  199. [ MDKSA-2007:242 ] - Updated e2fsprogs packages fix vulnerability
  200. RE: TCP Port randomization paper
  201. [ MDKSA-2007:243 ] - Updated MySQL packages fix multiple
  202. [SECURITY] [DSA 1481-1] New Linux 2.6.18 packages fix several vulnerabilities
  203. [ MDKSA-2007:241 ] - Updated tomcat5 packages fix multiple
  204. rPSA-2007-0262-1 e2fsprogs
  205. PGMfuzz - a tool for testing Pragmatic General Multicast protocol implementations
  206. HP notebooks remote code execution vulnerability (multiple series)
  207. Black Hat Briefings Call for Papers
  208. Meridian Prolog Manager Username and Plain Text Password Disclosure
  209. [SECURITY] [DSA 1429-1] New htdig packages fix cross site scripting
  210. [SECURITY] [DSA 1430-1] New libnss-ldap packages fix denial of service
  211. [SECURITY] [DSA 1431-1] New ruby-gnome2 packages fix execution of arbitrary code
  212. [ MDKSA-2007:244 ] - Updated samba packages fix vulnerability
  213. [SECURITY] [DSA 1428-2] New Linux 2.6.18 packages fix several vulnerabilities
  214. Cpanel Vulnerability?
  215. Re: TCP Port randomization paper
  216. Re: Cpanel Vulnerability?
  217. MS Office 2007: Digital Signature does not protect Meta-Data
  218. Re: Media Player Classic 6.4.9 MP4 Stack Overflow 0-day
  219. iDefense Security Advisory 12.11.07: Microsoft Internet Explorer
  220. rPSA-2007-0264-1 mod_dav_svn subversion
  221. iDefense Security Advisory 12.11.07: Microsoft DirectX 7 and 8 DirectShow
  222. Re: Re: Cpanel Vulnerability?
  223. =?ISO-8859-1?Q?A_Must_Read_-_Cisco?=
  224. QK SMTP Server 3 - Denial of service
  225. [security bulletin] HPSBUX02296 SSRT071504 rev.1 - HP-UX Running OpenSSL, Remote Execution of Arbitrary Code
  226. RE: [Full-disclosure] Fwd: Websense 6.3.1 Filtering Bypass
  227. OpenOffice: Duplicated, Unprotected Certificate Information shown
  228. [security bulletin] HPSBUX02294 SSRT071451 rev.1 - HP-UX Running DCE, Remote Denial of Service (DoS)
  229. SQL MKPortal M1.1 Rc1
  230. Fwd: Websense 6.3.1 Filtering Bypass
  231. MS Office 2007: Target of Hyperlinks not covered by Digital
  232. [USN-550-3] Cairo regression
  233. AW: MS Office 2007: Digital Signature does not protect Meta-Data
  234. SECURITY: 1.4.12 Package Compromise
  235. [ GLSA 200712-11 ] Portage: Information disclosure
  236. [ GLSA 200712-12 ] IRC Services: Denial of Service
  237. [ MDKSA-2007:245 ] - Updated wpa_supplicant package fixes remote
  238. + Trivantis CourseMill Enterprise Learning Management System -
  239. Re: AW: MS Office 2007: Digital Signature does not protect
  240. PHP MySQL Banner Exchange 2.2.1 remote mysql database bug
  241. Re: MS Office 2007: Digital Signature does not protect Meta-Data
  242. HPSBUX02296 SSRT071504 rev.2 - HP-UX Running OpenSSL, Remote Execution of Arbitrary Code
  243. AW: MS Office 2007: Digital Signature does not protect Meta-Data
  244. [ISR] - Novell Groupwise client remote stack overflow silently patched.
  245. [ MDKSA-2007:246 ] - Updated Firefox packages fix multiple
  246. ANNOUNCE: SquirrelMail 1.4.13 Released
  247. Re: Uber Uploader <= 5.3.6 Remote File Upload Vulnerability
  248. [ GLSA 200712-13 ] E2fsprogs: Multiple buffer overflows
  249. [ GLSA 200712-14 ] CUPS: Multiple vulnerabilities
  250. POC for samba send_mailslot()