PDA

Bekijk Volledige Versie : Bugtraq mailing lijst



Pagina's : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 [92] 93 94 95 96 97 98

  1. AppServ Open Project < = 2.5.10 Remote XSS Vulnerability
  2. An account of the Estonian Internet War
  3. eCMS-v0.4.2 (SQL/PB) Multiple Remote Vulnerabilities
  4. Vulnerability Advisory on GnuTLS
  5. Vbulletin 3.7.0 Gold >> Sql injection on faq.php
  6. Secunia Research: Foxit Reader "util.printf()" Buffer Overflow
  7. Starsgames Control Panel <= 4.6.2 Remote XSS Vulnerability
  8. [security bulletin] HPSBUX02335 SSRT071454 rev.1 - HP-UX Running useradd(1M), Local Unauthorized Access
  9. [ GLSA 200805-19 ] ClamAV: Multiple vulnerabilities
  10. [ GLSA 200805-18 ] Mozilla products: Multiple vulnerabilities
  11. CORE-2008-0415: Borland Interbase 2007 Integer Overflow
  12. Re: Vbulletin 3.7.0 Gold >> Sql injection on faq.php
  13. [ MDVSA-2008:105 ] - Updated kernel packages fix vulnerabilities
  14. [DSECRG-08-023] SAP Web Application Server XSS Security Vulnerability
  15. [DSECRG-08-020] Alcatel OmniPCX Office Remote Comand Execution
  16. Re: mjguest 6.7 (ALL VERSION) Xss & Redirection Vuln
  17. Re: Re: Re: Exploiting Google MX servers as Open SMTP Relays
  18. Cisco Security Advisory: Cisco Voice Portal Privilege Escalation Vulnerability
  19. iDefense Security Advisory 05.21.08: Multiple Vendor Snort IP FragmentTTL Evasion Vulnerability
  20. CORE-2008-0126: Multiple vulnerabilities in iCal
  21. www file share pro 5.30 insecure multiple
  22. MDAP ANTs PWNAGE: dumping the admin password of the BT Home Hub
  23. [ GLSA 200805-20 ] GnuTLS: Execution of arbitrary code
  24. PHPFreeForum <= 1.0 RC2 Remote XSS Vulnerability
  25. phpSQLiteCMS Multiple Remote XSS Vulnerability
  26. [security bulletin] HPSBUX02337 SSRT080072 rev.1 - HP-UX Running HP-UX Secure Shell, Local Unauthorized Access and Denial of Service (DoS)
  27. Exteen Blog XSS Remote Cookie Disclosure Exploit
  28. BMForum Remote 5.6 Miltiple XSS Vulnerability
  29. /home/putnopvut/asa/AST-2008-007/AST-2008-007: AST-2008-007 Cryptographic keys generated by OpenSSL on Debian-based systems compromised
  30. rPSA-2008-0174-1 gnutls
  31. IRM Security Advisory : Barracuda Networks Spam Firewall Cross-Site Scripting Vulnerability
  32. abledating 2.4 >> Sql injection and cross site scripting onsearch_results.php
  33. Re: Re: Vbulletin 3.7.0 Gold >> Sql injection on faq.php
  34. [DSECRG-08-024] Multiple Security Vulnerabilities (RFI,LFI,XSS) in QuateCMS
  35. e107 Plugin BLOG Engine v2.2 (macgurublog.php/uid) Blind SQLInjection Vulnerability
  36. [DSECRG-08-025] Local File Include in OneCMS 2.5
  37. PR07-15: Cross-site Scripting (XSS) / HTML injection on F5 FirePass 4100 SSL VPN 'my.logon.php3' server-side script
  38. rPSA-2008-0176-1 php php-cgi php-imap php-mcrypt php-mysqlphp-mysqli php-pgsql php-soap php-xsl php5 php5-cgi php5-imap php5-mcryptphp5-mysql php5-mysqli php5-pear php5-pgsql php5-soap php5-xsl
  39. xt:Commerce possible DoS
  40. [ MDVSA-2008:106 ] - Updated gnutls packages fix denial of servicevulnerabilities
  41. dzoic handshakes sql injection >> index.php on $fname
  42. Re: BosNews v4.0 Remote add user admin
  43. vuln in WordPress plugin Upload File(UP)
  44. PCPIN Chat 6: potential XSS vulnerability in URL redirection script
  45. Re: IOS rootkits (fwd)
  46. Re: vuln in WordPress plugin Upload File(UP)
  47. Excuse Online (pwd) SQL Injection Vulnerability
  48. phpFix v2 Multiple SQL Injection Vulnerability
  49. function sleep() in all versions of PHP
  50. Class System v2.3 Multiple Remote Vulnerabilities
  51. Ablespace 1.0 'cat_id' Parameter SQL Injection Vulnerability
  52. Campus Bulletin Board v3.4 Multiple Remote Vulnerabilities
  53. SECOBJADV-2008-01: Lenovo SystemUpdate SSL Certificate Issuer SpoofingVulnerability
  54. Advisory - Rsyncrypto maybe affected from Debian OpenSSL reduced entropy problem
  55. Zina 1.0rc3 Remote Directory Traversal Vulnerability & XSSVulnerability
  56. Mini-CWB <= 2.1.1 Remote XSS Vulnerability
  57. Repair Online v1.2 (sentout) Create Admin Vulnerability
  58. T2'08: Call for Papers 2008 (Helsinki / Finland)
  59. Re: Vbulletin 3.7.0 Gold >> Sql injection on faq.php
  60. [security bulletin] HPSBUX02335 SSRT071454 rev.2 - HP-UX Running useradd(1M), Local Unauthorized Access
  61. RoomPHPlanning 1.5 (weekview.php) SQL Injection Vulnerability
  62. IOS Rookit: the sky isn't falling (yet)
  63. Security, Open Source Style
  64. Re: function sleep() in all versions of PHP
  65. rPSA-2008-0177-1 emacs emacs-leim
  66. [ GLSA 200805-21 ] Roundup: Permission bypass
  67. iDefense Security Advisory 05.27.08: EMC AlphaStor Library ManagerArbitrary Command Execution Vulnerability
  68. iDefense Security Advisory 05.27.08: EMC AlphaStor Server Agent MultipleStack Buffer Overflow Vulnerabilities
  69. rPSA-2008-0178-1 php php-mysql php-pgsql
  70. [NSG_28-5-08] CA Internet Security Suite 2008 (UmxEventCli.dll/SaveToFile())remote file corruption poc
  71. rPSA-2008-0105-1 evolution
  72. Cisco Security Advisory: CiscoWorks Common Services Arbitrary Code Execution Vulnerability
  73. [SAMBA] CVE-2008-1105 - Boundary failure when parsing SMB responses
  74. [security bulletin] HPSBUX02334 SSRT071403 rev.2 - HP-UX Running ftp, Remote Denial of Service (DoS)
  75. [ MDVSA-2008:107 ] - Updated openssl package fixes denial of servicevulnerabilities
  76. Vulnerability Advisory on OpenSSL
  77. Bypassing URL Authentication and Authorization with HTTP Verb Tampering
  78. Secunia Research: Samba "receive_smb_raw()" Buffer OverflowVulnerability
  79. Secunia Research: imlib2 PNM and XPM Buffer Overflow
  80. FlashBlog Remote File Upload Vulnerability
  81. [ GLSA 200805-23 ] Samba: Heap-based buffer overflow
  82. Re: [HV-INFO] Enova hardware encryption: false sense of security
  83. [ GLSA 200805-22 ] MPlayer: User-assisted execution of arbitrarycode
  84. Flash Blog Sql Injection
  85. [ MDVSA-2008:108 ] - Updated samba packages fix arbitrary codeexecution vulnerability
  86. dvbbs8.2(access/sql)version login.asp remote sql injection
  87. Re: [HV-INFO] Enova hardware encryption: false sense of security
  88. XEROX DocuShare URL XSS Injection Vulnerabilities
  89. Dot Net Nuke (DNN) <= 4.8.3 XSS Vulnerability
  90. VMSA-2008-0008 Updates to VMware Workstation, VMware Player, VMwareACE, VMware Fusion resolve critical security issues
  91. VisualSentinel 0.7 Cross Agent Scripting Vulnerability
  92. LokiCMS Multiple Vulnerabilities through Authorization weakness
  93. Re: VisualSentinel 0.7 Cross Agent Scripting Vulnerability
  94. SQL Injection leading to authorization bypass in Torrent Trader Classic v1.08 and earlier
  95. rPSA-2008-0180-1 samba samba-client samba-server samba-swat
  96. ARP handler Inspection tool released
  97. BP Blog 6.0 (id) Remote Blind SQL Injection Vulnerability
  98. Re: xt:Commerce possible DoS
  99. OtomiGenX v2.2 Ultimate Authentication bypass Vulnerability
  100. ComicShout 2.8 (news.php news_id) SQL Injection Vulnerability
  101. [ECHO_ADV_96$2008] HiveMaker Professional <= 1.0.2 (cid) SqlInjection Vulnerability
  102. rPSA-2008-0181-1 openssl openssl-scripts
  103. DEFCON 16 Updates - Get involved!
  104. Advisory: Xerox Workaround & planned patch
  105. [SECURITY] CVE-2008-1947: Tomcat host-manager XSS vulnerability
  106. Windows Installer msiexec GUID Buffer Overflow
  107. [security bulletin] HPSBST02312 SSRT071428 rev.1 - HP StorageWorks Storage Mirroring Software, Remote Execution of Arbitrary Code
  108. Re: Windows Installer msiexec GUID Buffer Overflow
  109. [ GLSA 200806-02 ] libxslt: Execution of arbitrary code
  110. [ GLSA 200806-01 ] mtr: Stack-based buffer overflow
  111. London DEFCON June meet - DC4420 - Thursday 5th June
  112. [NSG 03-06-2008] C6 Messenger Installation Url DownloaderActiveXControl Remote Download & Execute Exploit
  113. AccessMe Tool Release
  114. [USN-614-1] Linux kernel vulnerabilities
  115. AST-2008-008: Remote Crash Vulnerability in SIP channel driver when run in pedantic mode
  116. [ MDVSA-2008:109 ] - Updated kernel packages fix bugs
  117. QuickerSite Multiple Vulnerabilities
  118. [security bulletin] HPSBMA02326 SSRT071490 rev.1 - HP Instant Support HPISDataManager.dll Running on Windows, Remote Execution of Arbitrary Code
  119. iDefense Security Advisory 06.03.08: Sun Java System Active ServerPages File Creation Vulnerability
  120. iDefense Security Advisory 06.03.08: Sun Java System Active ServerPages Information Disclosure Vulnerability
  121. iDefense Security Advisory 06.03.08: Sun Java System Active ServerPages Multiple Command Injection Vulnerabilities
  122. CSIS-RI-0003: Multiple buffer overflow vulnerabilities in HP ActiveX
  123. IMF 2008 - Deadline Extension (2nd try)
  124. iDefense Security Advisory 06.03.08: Sun Java System Active ServerPages Multiple Directory Traversal Vulnerabilities
  125. iDefense Security Advisory 06.03.08: Sun Java System Active ServerPages Authorization Bypass Vulnerability
  126. iDefense Security Advisory 06.03.08: Sun Java System Active ServerPages Buffer Overflow Vulnerability
  127. Akamai Technologies Security Advisory 2008-0001 (Download Manager)
  128. Cisco Security Advisory: Multiple Vulnerabilities in Cisco PIX and Cisco ASA
  129. VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMwareACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXiresolve critical security issues
  130. TPTI-08-05: CA ETrust Secure Content Manager Gateway FTP LIST Stack Overflow Vulnerability
  131. iDefense Security Advisory 06.04.08: Skype File URI Security BypassCode Execution Vulnerability
  132. iDefense Security Advisory 06.04.08: Kaspersky Internet SecurityIOCTL Stack Based Buffer Overflow Vulnerability
  133. CORE-2008-0425 - NASA BigView Stack Buffer Overflow
  134. AST-2008-009: AST-2008-007 Cryptographic keys generated by OpenSSL on Debian-based systems compromised
  135. e107 Plugin echat MENU Blind SQL Injection Vulnerability
  136. [security bulletin] HPSBST02312 SSRT071428 rev.2 - HP StorageWorks Storage Mirroring Software, Remote Execution of Arbitrary Code
  137. Remote DoS vulnerability in Linksys WRH54G
  138. SMEweb 1.4b (SQL/XSS) Multiple Remote Vulnerabilities
  139. Akamai Download Manager File Downloaded To Arbitrary Location Vulnerability
  140. AST-2008-009: (Corrected subject) Remote crash vulnerability in ooh323 channel driver
  141. iDefense Security Advisory 06.04.08: VMware Tools HGFS Local PrivilegeEscalation Vulnerability
  142. iDefense Security Advisory 06.04.08: VMware Multiple Products vmware-authdUntrusted Library Loading Vulnerability
  143. F5 FirePass Content Inspection Management XSS
  144. WEBAlbum <= 2.0 Remote Stored Cross Site Scripting Vulnerability
  145. [ MDVSA-2008:110 ] - Updated Firefox packages fix vulnerabilities
  146. Secunia Research: Akamai Red Swoosh Cross-Site Request Forgery
  147. Akamai Technologies Security Advisory 2008-0003 (Akamai Client Software)
  148. Vulnerability in Network General/Net Scout product
  149. rPSA-2008-0185-1 vsftpd
  150. SchoolCenter URL Handling Cross Site Scripting Vulnerability
  151. [USN-615-1] Evolution vulnerabilities
  152. FreeSSHD 1.2.1 (Post Auth) Remote Seh Overflow Exploit
  153. [ GLSA 200806-03 ] Imlib 2: User-assisted execution of arbitrarycode
  154. XSS - NEXTGEN GALLERY 0.96 WORDPRESS PLUGIN
  155. webTA by kronos - XSS
  156. [web-app] Tornado Knowledge Retrieval System <= 4.2 Remote XSSVulnerability
  157. [oCERT-2008-006] multiple SNMP implementations HMAC authenticationspoofing
  158. [web-app] ErfurtWiki <= R1.02b (css) Local File InclusionVulnerability
  159. [web-app] DCFM Blog 0.9.4 (comments) Remote SQL InjectionVulnerability
  160. [web-app] yBlog 0.2.2.2 Multiple Remote Vulnerabilities
  161. [web-app] Insanely Simple Blog 0.5 (index) Remote SQL InjectionVulnerabilities
  162. Secunia Research: Apple QuickTime PICT Image Parsing Buffer Overflow
  163. [security bulletin] HPSBMA02338 SSRT080024, SSRT080041 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code, Denial of Service (DoS)
  164. iDefense Security Advisory 06.10.08: Multiple Vendor OpenOffice rtl_allocateMemory()Integer Overflow Vulnerability
  165. Cisco Security Advisory: SNMP Version 3 Authentication Vulnerabilities
  166. XSS - Glassfish Web Admin Interface (Sun Java System Application Server 9.1_01 (build b09d-fcs) )
  167. [ MDVSA-2008:111 ] - Updated Evolution packages fix vulnerabilities
  168. Many bugs on CMS system Piugame
  169. [security bulletin] HPSBUX02342 SSRT080063 rev.1 - HP-UX Running Apache or Tomcat with PHP, Remote Execution of Arbitrary Code
  170. TYPO3 Security Bulletin TYPO3-20080611-1: Multiplevulnerabilities in TYPO3 Core
  171. PHPEasyData 1.5.4 Multiple Vulnerabilities
  172. Secunia Research: uTorrent / BitTorrent Web UI HTTP "Range" Header DoS
  173. CORE-2008-0125: CitectSCADA ODBC service vulnerability
  174. Flat Calendar v1.1 Remote Permission Bypass Vulnerability
  175. phpRaider <= v1.0.6,7 Maybe Other Versions Remote File includeVulnerable
  176. [security bulletin] HPSBMA02340 SSRT080024, SSRT080041 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code, Denial of Service (DoS)
  177. iDefense Security Advisory 06.11.08: Multiple Vendor X Server RenderExtension AllocateGlyph() Integer Overflow Vulnerability
  178. iDefense Security Advisory 06.11.08: Multiple Vendor X Server RenderExtension ProcRenderCreateCursor() Integer Overflow Vulnerability
  179. iDefense Security Advisory 06.11.08: Multiple Vendor X Server RenderExtension Gradient Creation Integer Overflow Vulnerability
  180. Xigla Multiple Products - Multiple Vulnerabilities
  181. iDefense Security Advisory 06.11.08: Multiple Vendor X Server Recordand Security Extensions Multiple Memory Corruption Vulnerabilities
  182. iDefense Security Advisory 06.11.08: Multiple Vendor X Server MIT-SHMExtension Information Disclosure Vulnerability
  183. rPSA-2008-0189-1 kernel xen
  184. ASPPortal Free Version (Topic_Id) Remote SQL Injection Vulnerability
  185. SNMPv3 Authentication Bypass - CVE-2008-0960
  186. DEFCON Switzerland looking for DEFCON visitors
  187. Pooya Site Builder (PSB) SQL Injection Vulnerabilities
  188. [ MDVSA-2008:112 ] - Updated kernel packages fix security issues
  189. [USN-616-1] X.org vulnerabilities
  190. AS/400 Vulnerabilities
  191. Exploit for vBulletin "obscure" XSS (3.7.1 & 3.6.10)
  192. Securify bulletin: Microsoft Active Directory Denial-of-service
  193. [USN-612-9] openssl-blacklist update
  194. [USN-612-10] OpenVPN regression
  195. Technical Details of Security Issues Regarding Safari for Windows
  196. [ MDVSA-2008:114 ] - Updated util-linux-ng packages fix log injectionissue
  197. [ MDVSA-2008:113 ] - Updated kernel packages fix security issue
  198. Re: Collection of Vulnerabilities in Fully Patched Vim 7.1
  199. Collection of Vulnerabilities in Fully Patched Vim 7.1
  200. GSC Privilege Escalation Exploit
  201. [ GLSA 200806-04 ] rdesktop: Multiple vulnerabilities
  202. Muitiple XSS - Glassfish Web Interface (Sun Java System Application Server 9.1_01 (build b09d-fcs) )
  203. E-SMART CART (productsofcat.asp) Remote SQL Injection Vulnerability
  204. DUC NO-IP Local Password Information Disclosure Vulnerability
  205. PHP JOBWEBSITE PRO (JobSearch3.php) SQL Injection Vulnerability
  206. [ECHO_ADV_97$2008] Pre News Manager <= 1.0 (index.php id) SqlInjection Vulnerability
  207. [ECHO_ADV_98$2008] Pre Ads Portal <= 2.0 Sql Injection Vulnerability
  208. Returnil Virtual System 2008 - Password Disclosure Issue
  209. VistaReseller Panel BETA Xss Vulnerability
  210. [DSECRG-08-026] LFI in Open Azimyt CMS 0.22
  211. [ MDVSA-2008:116 ] - Updated x11-server packages fix severalvulnerabilities
  212. [ MDVSA-2008:115 ] - Updated x11-server packages fix severalvulnerabilities
  213. Hacking Coffee Makers.
  214. fetchmail security announcement fetchmail-SA-2007-02(CVE-2007-4565)
  215. fetchmail security announcement fetchmail-SA-2008-01(CVE-2008-2711)
  216. iPhoneDbg Toolkit
  217. [ GLSA 200806-06 ] Evolution: User-assisted execution of arbitrarycode
  218. [ GLSA 200806-05 ] cbrPager: User-assisted execution of arbitrarycode
  219. S21SEC-044-en:OpenDocMan Cross Site Scripting (XSS)
  220. [security bulletin] HPSBST02344 SSRT080087 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-030 to MS08-036
  221. [USN-617-1] Samba vulnerabilities
  222. Announcement && CFP: ISOI 5, Tallinn Estonia
  223. Secunia Research: TorrentTrader Multiple SQL Injection Vulnerabilities
  224. A more detailed description of the Jura F90 vulnerability.
  225. Cisco Security Advisory: Cisco Intrusion Prevention System Jumbo Frame Denial of Service
  226. [USN-612-11] openssl-blacklist update
  227. Academic Web Tools CMS <= 1.4.2.8 Multiple Vulnerabilities
  228. eLineStudio Site Composer (ESC) <=2.6 Multiple Vulnerabilities
  229. vBulletin 3.7.1 PL1 and lower, vBulletin 3.6.10 PL1: XSS in modcp index
  230. CSW Security Advisory 0002: Oral B SmartMonitor InformationDisclosure Vulnerability and DoS
  231. [ GLSA 200806-07 ] X.Org X server: Multiple vulnerabilities
  232. An Apology.
  233. Re: RFI ====> vBulletin v3.6.5
  234. [ MDVSA-2008:117 ] - Updated fetchmail packages fix DoS vulnerability
  235. Secunia Research: XnView, NConvert, and GFL SDK Sun TAAC Buffer Overflow
  236. BackTrack 3 Final has been released
  237. Diigo Toolbar - Global XSS and Information Leakage in SSL URLs
  238. [ MDVSA-2008:118 ] - Updated net-snmp/ucd-snmp packages fixvulnerabilities
  239. [ MDVSA-2008:119 ] - Updated exiv2 packages fix vulnerability
  240. rPSA-2008-0200-1 xorg-server
  241. rPSA-2008-0201-1 xorg-x11 xorg-x11-fonts xorg-x11-toolsxorg-x11-xfs
  242. [ MDVSA-2008:120 ] - Updated nasm packages fix vulnerability
  243. Benja CMS 0.1 (Upload/XSS) Multiple Remote Vulnerabilities
  244. n.runs-SA-2008.001 - Jscape Secure FTP Applet
  245. Trust Testing and Metrics
  246. Firefox 3.0 security bug: Extensions can STILL hide themselves
  247. [ MDVSA-2008:121 ] - Updated freetype2 packages fix vulnerabilities
  248. [ GLSA 200806-08 ] OpenSSL: Denial of Service
  249. [ GLSA 200806-09 ] libvorbis: Multiple vulnerabilities
  250. [ GLSA 200806-10 ] FreeType: User-assisted execution of arbitrary code