Bekijk Volledige Versie : Bugtraq mailing lijst
- AppServ Open Project < = 2.5.10 Remote XSS Vulnerability
- An account of the Estonian Internet War
- eCMS-v0.4.2 (SQL/PB) Multiple Remote Vulnerabilities
- Vulnerability Advisory on GnuTLS
- Vbulletin 3.7.0 Gold >> Sql injection on faq.php
- Secunia Research: Foxit Reader "util.printf()" Buffer Overflow
- Starsgames Control Panel <= 4.6.2 Remote XSS Vulnerability
- [security bulletin] HPSBUX02335 SSRT071454 rev.1 - HP-UX Running useradd(1M), Local Unauthorized Access
- [ GLSA 200805-19 ] ClamAV: Multiple vulnerabilities
- [ GLSA 200805-18 ] Mozilla products: Multiple vulnerabilities
- CORE-2008-0415: Borland Interbase 2007 Integer Overflow
- Re: Vbulletin 3.7.0 Gold >> Sql injection on faq.php
- [ MDVSA-2008:105 ] - Updated kernel packages fix vulnerabilities
- [DSECRG-08-023] SAP Web Application Server XSS Security Vulnerability
- [DSECRG-08-020] Alcatel OmniPCX Office Remote Comand Execution
- Re: mjguest 6.7 (ALL VERSION) Xss & Redirection Vuln
- Re: Re: Re: Exploiting Google MX servers as Open SMTP Relays
- Cisco Security Advisory: Cisco Voice Portal Privilege Escalation Vulnerability
- iDefense Security Advisory 05.21.08: Multiple Vendor Snort IP FragmentTTL Evasion Vulnerability
- CORE-2008-0126: Multiple vulnerabilities in iCal
- www file share pro 5.30 insecure multiple
- MDAP ANTs PWNAGE: dumping the admin password of the BT Home Hub
- [ GLSA 200805-20 ] GnuTLS: Execution of arbitrary code
- PHPFreeForum <= 1.0 RC2 Remote XSS Vulnerability
- phpSQLiteCMS Multiple Remote XSS Vulnerability
- [security bulletin] HPSBUX02337 SSRT080072 rev.1 - HP-UX Running HP-UX Secure Shell, Local Unauthorized Access and Denial of Service (DoS)
- Exteen Blog XSS Remote Cookie Disclosure Exploit
- BMForum Remote 5.6 Miltiple XSS Vulnerability
- /home/putnopvut/asa/AST-2008-007/AST-2008-007: AST-2008-007 Cryptographic keys generated by OpenSSL on Debian-based systems compromised
- rPSA-2008-0174-1 gnutls
- IRM Security Advisory : Barracuda Networks Spam Firewall Cross-Site Scripting Vulnerability
- abledating 2.4 >> Sql injection and cross site scripting onsearch_results.php
- Re: Re: Vbulletin 3.7.0 Gold >> Sql injection on faq.php
- [DSECRG-08-024] Multiple Security Vulnerabilities (RFI,LFI,XSS) in QuateCMS
- e107 Plugin BLOG Engine v2.2 (macgurublog.php/uid) Blind SQLInjection Vulnerability
- [DSECRG-08-025] Local File Include in OneCMS 2.5
- PR07-15: Cross-site Scripting (XSS) / HTML injection on F5 FirePass 4100 SSL VPN 'my.logon.php3' server-side script
- rPSA-2008-0176-1 php php-cgi php-imap php-mcrypt php-mysqlphp-mysqli php-pgsql php-soap php-xsl php5 php5-cgi php5-imap php5-mcryptphp5-mysql php5-mysqli php5-pear php5-pgsql php5-soap php5-xsl
- xt:Commerce possible DoS
- [ MDVSA-2008:106 ] - Updated gnutls packages fix denial of servicevulnerabilities
- dzoic handshakes sql injection >> index.php on $fname
- Re: BosNews v4.0 Remote add user admin
- vuln in WordPress plugin Upload File(UP)
- PCPIN Chat 6: potential XSS vulnerability in URL redirection script
- Re: IOS rootkits (fwd)
- Re: vuln in WordPress plugin Upload File(UP)
- Excuse Online (pwd) SQL Injection Vulnerability
- phpFix v2 Multiple SQL Injection Vulnerability
- function sleep() in all versions of PHP
- Class System v2.3 Multiple Remote Vulnerabilities
- Ablespace 1.0 'cat_id' Parameter SQL Injection Vulnerability
- Campus Bulletin Board v3.4 Multiple Remote Vulnerabilities
- SECOBJADV-2008-01: Lenovo SystemUpdate SSL Certificate Issuer SpoofingVulnerability
- Advisory - Rsyncrypto maybe affected from Debian OpenSSL reduced entropy problem
- Zina 1.0rc3 Remote Directory Traversal Vulnerability & XSSVulnerability
- Mini-CWB <= 2.1.1 Remote XSS Vulnerability
- Repair Online v1.2 (sentout) Create Admin Vulnerability
- T2'08: Call for Papers 2008 (Helsinki / Finland)
- Re: Vbulletin 3.7.0 Gold >> Sql injection on faq.php
- [security bulletin] HPSBUX02335 SSRT071454 rev.2 - HP-UX Running useradd(1M), Local Unauthorized Access
- RoomPHPlanning 1.5 (weekview.php) SQL Injection Vulnerability
- IOS Rookit: the sky isn't falling (yet)
- Security, Open Source Style
- Re: function sleep() in all versions of PHP
- rPSA-2008-0177-1 emacs emacs-leim
- [ GLSA 200805-21 ] Roundup: Permission bypass
- iDefense Security Advisory 05.27.08: EMC AlphaStor Library ManagerArbitrary Command Execution Vulnerability
- iDefense Security Advisory 05.27.08: EMC AlphaStor Server Agent MultipleStack Buffer Overflow Vulnerabilities
- rPSA-2008-0178-1 php php-mysql php-pgsql
- [NSG_28-5-08] CA Internet Security Suite 2008 (UmxEventCli.dll/SaveToFile())remote file corruption poc
- rPSA-2008-0105-1 evolution
- Cisco Security Advisory: CiscoWorks Common Services Arbitrary Code Execution Vulnerability
- [SAMBA] CVE-2008-1105 - Boundary failure when parsing SMB responses
- [security bulletin] HPSBUX02334 SSRT071403 rev.2 - HP-UX Running ftp, Remote Denial of Service (DoS)
- [ MDVSA-2008:107 ] - Updated openssl package fixes denial of servicevulnerabilities
- Vulnerability Advisory on OpenSSL
- Bypassing URL Authentication and Authorization with HTTP Verb Tampering
- Secunia Research: Samba "receive_smb_raw()" Buffer OverflowVulnerability
- Secunia Research: imlib2 PNM and XPM Buffer Overflow
- FlashBlog Remote File Upload Vulnerability
- [ GLSA 200805-23 ] Samba: Heap-based buffer overflow
- Re: [HV-INFO] Enova hardware encryption: false sense of security
- [ GLSA 200805-22 ] MPlayer: User-assisted execution of arbitrarycode
- Flash Blog Sql Injection
- [ MDVSA-2008:108 ] - Updated samba packages fix arbitrary codeexecution vulnerability
- dvbbs8.2(access/sql)version login.asp remote sql injection
- Re: [HV-INFO] Enova hardware encryption: false sense of security
- XEROX DocuShare URL XSS Injection Vulnerabilities
- Dot Net Nuke (DNN) <= 4.8.3 XSS Vulnerability
- VMSA-2008-0008 Updates to VMware Workstation, VMware Player, VMwareACE, VMware Fusion resolve critical security issues
- VisualSentinel 0.7 Cross Agent Scripting Vulnerability
- LokiCMS Multiple Vulnerabilities through Authorization weakness
- Re: VisualSentinel 0.7 Cross Agent Scripting Vulnerability
- SQL Injection leading to authorization bypass in Torrent Trader Classic v1.08 and earlier
- rPSA-2008-0180-1 samba samba-client samba-server samba-swat
- ARP handler Inspection tool released
- BP Blog 6.0 (id) Remote Blind SQL Injection Vulnerability
- Re: xt:Commerce possible DoS
- OtomiGenX v2.2 Ultimate Authentication bypass Vulnerability
- ComicShout 2.8 (news.php news_id) SQL Injection Vulnerability
- [ECHO_ADV_96$2008] HiveMaker Professional <= 1.0.2 (cid) SqlInjection Vulnerability
- rPSA-2008-0181-1 openssl openssl-scripts
- DEFCON 16 Updates - Get involved!
- Advisory: Xerox Workaround & planned patch
- [SECURITY] CVE-2008-1947: Tomcat host-manager XSS vulnerability
- Windows Installer msiexec GUID Buffer Overflow
- [security bulletin] HPSBST02312 SSRT071428 rev.1 - HP StorageWorks Storage Mirroring Software, Remote Execution of Arbitrary Code
- Re: Windows Installer msiexec GUID Buffer Overflow
- [ GLSA 200806-02 ] libxslt: Execution of arbitrary code
- [ GLSA 200806-01 ] mtr: Stack-based buffer overflow
- London DEFCON June meet - DC4420 - Thursday 5th June
- [NSG 03-06-2008] C6 Messenger Installation Url DownloaderActiveXControl Remote Download & Execute Exploit
- AccessMe Tool Release
- [USN-614-1] Linux kernel vulnerabilities
- AST-2008-008: Remote Crash Vulnerability in SIP channel driver when run in pedantic mode
- [ MDVSA-2008:109 ] - Updated kernel packages fix bugs
- QuickerSite Multiple Vulnerabilities
- [security bulletin] HPSBMA02326 SSRT071490 rev.1 - HP Instant Support HPISDataManager.dll Running on Windows, Remote Execution of Arbitrary Code
- iDefense Security Advisory 06.03.08: Sun Java System Active ServerPages File Creation Vulnerability
- iDefense Security Advisory 06.03.08: Sun Java System Active ServerPages Information Disclosure Vulnerability
- iDefense Security Advisory 06.03.08: Sun Java System Active ServerPages Multiple Command Injection Vulnerabilities
- CSIS-RI-0003: Multiple buffer overflow vulnerabilities in HP ActiveX
- IMF 2008 - Deadline Extension (2nd try)
- iDefense Security Advisory 06.03.08: Sun Java System Active ServerPages Multiple Directory Traversal Vulnerabilities
- iDefense Security Advisory 06.03.08: Sun Java System Active ServerPages Authorization Bypass Vulnerability
- iDefense Security Advisory 06.03.08: Sun Java System Active ServerPages Buffer Overflow Vulnerability
- Akamai Technologies Security Advisory 2008-0001 (Download Manager)
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco PIX and Cisco ASA
- VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMwareACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXiresolve critical security issues
- TPTI-08-05: CA ETrust Secure Content Manager Gateway FTP LIST Stack Overflow Vulnerability
- iDefense Security Advisory 06.04.08: Skype File URI Security BypassCode Execution Vulnerability
- iDefense Security Advisory 06.04.08: Kaspersky Internet SecurityIOCTL Stack Based Buffer Overflow Vulnerability
- CORE-2008-0425 - NASA BigView Stack Buffer Overflow
- AST-2008-009: AST-2008-007 Cryptographic keys generated by OpenSSL on Debian-based systems compromised
- e107 Plugin echat MENU Blind SQL Injection Vulnerability
- [security bulletin] HPSBST02312 SSRT071428 rev.2 - HP StorageWorks Storage Mirroring Software, Remote Execution of Arbitrary Code
- Remote DoS vulnerability in Linksys WRH54G
- SMEweb 1.4b (SQL/XSS) Multiple Remote Vulnerabilities
- Akamai Download Manager File Downloaded To Arbitrary Location Vulnerability
- AST-2008-009: (Corrected subject) Remote crash vulnerability in ooh323 channel driver
- iDefense Security Advisory 06.04.08: VMware Tools HGFS Local PrivilegeEscalation Vulnerability
- iDefense Security Advisory 06.04.08: VMware Multiple Products vmware-authdUntrusted Library Loading Vulnerability
- F5 FirePass Content Inspection Management XSS
- WEBAlbum <= 2.0 Remote Stored Cross Site Scripting Vulnerability
- [ MDVSA-2008:110 ] - Updated Firefox packages fix vulnerabilities
- Secunia Research: Akamai Red Swoosh Cross-Site Request Forgery
- Akamai Technologies Security Advisory 2008-0003 (Akamai Client Software)
- Vulnerability in Network General/Net Scout product
- rPSA-2008-0185-1 vsftpd
- SchoolCenter URL Handling Cross Site Scripting Vulnerability
- [USN-615-1] Evolution vulnerabilities
- FreeSSHD 1.2.1 (Post Auth) Remote Seh Overflow Exploit
- [ GLSA 200806-03 ] Imlib 2: User-assisted execution of arbitrarycode
- XSS - NEXTGEN GALLERY 0.96 WORDPRESS PLUGIN
- webTA by kronos - XSS
- [web-app] Tornado Knowledge Retrieval System <= 4.2 Remote XSSVulnerability
- [oCERT-2008-006] multiple SNMP implementations HMAC authenticationspoofing
- [web-app] ErfurtWiki <= R1.02b (css) Local File InclusionVulnerability
- [web-app] DCFM Blog 0.9.4 (comments) Remote SQL InjectionVulnerability
- [web-app] yBlog 0.2.2.2 Multiple Remote Vulnerabilities
- [web-app] Insanely Simple Blog 0.5 (index) Remote SQL InjectionVulnerabilities
- Secunia Research: Apple QuickTime PICT Image Parsing Buffer Overflow
- [security bulletin] HPSBMA02338 SSRT080024, SSRT080041 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code, Denial of Service (DoS)
- iDefense Security Advisory 06.10.08: Multiple Vendor OpenOffice rtl_allocateMemory()Integer Overflow Vulnerability
- Cisco Security Advisory: SNMP Version 3 Authentication Vulnerabilities
- XSS - Glassfish Web Admin Interface (Sun Java System Application Server 9.1_01 (build b09d-fcs) )
- [ MDVSA-2008:111 ] - Updated Evolution packages fix vulnerabilities
- Many bugs on CMS system Piugame
- [security bulletin] HPSBUX02342 SSRT080063 rev.1 - HP-UX Running Apache or Tomcat with PHP, Remote Execution of Arbitrary Code
- TYPO3 Security Bulletin TYPO3-20080611-1: Multiplevulnerabilities in TYPO3 Core
- PHPEasyData 1.5.4 Multiple Vulnerabilities
- Secunia Research: uTorrent / BitTorrent Web UI HTTP "Range" Header DoS
- CORE-2008-0125: CitectSCADA ODBC service vulnerability
- Flat Calendar v1.1 Remote Permission Bypass Vulnerability
- phpRaider <= v1.0.6,7 Maybe Other Versions Remote File includeVulnerable
- [security bulletin] HPSBMA02340 SSRT080024, SSRT080041 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code, Denial of Service (DoS)
- iDefense Security Advisory 06.11.08: Multiple Vendor X Server RenderExtension AllocateGlyph() Integer Overflow Vulnerability
- iDefense Security Advisory 06.11.08: Multiple Vendor X Server RenderExtension ProcRenderCreateCursor() Integer Overflow Vulnerability
- iDefense Security Advisory 06.11.08: Multiple Vendor X Server RenderExtension Gradient Creation Integer Overflow Vulnerability
- Xigla Multiple Products - Multiple Vulnerabilities
- iDefense Security Advisory 06.11.08: Multiple Vendor X Server Recordand Security Extensions Multiple Memory Corruption Vulnerabilities
- iDefense Security Advisory 06.11.08: Multiple Vendor X Server MIT-SHMExtension Information Disclosure Vulnerability
- rPSA-2008-0189-1 kernel xen
- ASPPortal Free Version (Topic_Id) Remote SQL Injection Vulnerability
- SNMPv3 Authentication Bypass - CVE-2008-0960
- DEFCON Switzerland looking for DEFCON visitors
- Pooya Site Builder (PSB) SQL Injection Vulnerabilities
- [ MDVSA-2008:112 ] - Updated kernel packages fix security issues
- [USN-616-1] X.org vulnerabilities
- AS/400 Vulnerabilities
- Exploit for vBulletin "obscure" XSS (3.7.1 & 3.6.10)
- Securify bulletin: Microsoft Active Directory Denial-of-service
- [USN-612-9] openssl-blacklist update
- [USN-612-10] OpenVPN regression
- Technical Details of Security Issues Regarding Safari for Windows
- [ MDVSA-2008:114 ] - Updated util-linux-ng packages fix log injectionissue
- [ MDVSA-2008:113 ] - Updated kernel packages fix security issue
- Re: Collection of Vulnerabilities in Fully Patched Vim 7.1
- Collection of Vulnerabilities in Fully Patched Vim 7.1
- GSC Privilege Escalation Exploit
- [ GLSA 200806-04 ] rdesktop: Multiple vulnerabilities
- Muitiple XSS - Glassfish Web Interface (Sun Java System Application Server 9.1_01 (build b09d-fcs) )
- E-SMART CART (productsofcat.asp) Remote SQL Injection Vulnerability
- DUC NO-IP Local Password Information Disclosure Vulnerability
- PHP JOBWEBSITE PRO (JobSearch3.php) SQL Injection Vulnerability
- [ECHO_ADV_97$2008] Pre News Manager <= 1.0 (index.php id) SqlInjection Vulnerability
- [ECHO_ADV_98$2008] Pre Ads Portal <= 2.0 Sql Injection Vulnerability
- Returnil Virtual System 2008 - Password Disclosure Issue
- VistaReseller Panel BETA Xss Vulnerability
- [DSECRG-08-026] LFI in Open Azimyt CMS 0.22
- [ MDVSA-2008:116 ] - Updated x11-server packages fix severalvulnerabilities
- [ MDVSA-2008:115 ] - Updated x11-server packages fix severalvulnerabilities
- Hacking Coffee Makers.
- fetchmail security announcement fetchmail-SA-2007-02(CVE-2007-4565)
- fetchmail security announcement fetchmail-SA-2008-01(CVE-2008-2711)
- iPhoneDbg Toolkit
- [ GLSA 200806-06 ] Evolution: User-assisted execution of arbitrarycode
- [ GLSA 200806-05 ] cbrPager: User-assisted execution of arbitrarycode
- S21SEC-044-en:OpenDocMan Cross Site Scripting (XSS)
- [security bulletin] HPSBST02344 SSRT080087 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-030 to MS08-036
- [USN-617-1] Samba vulnerabilities
- Announcement && CFP: ISOI 5, Tallinn Estonia
- Secunia Research: TorrentTrader Multiple SQL Injection Vulnerabilities
- A more detailed description of the Jura F90 vulnerability.
- Cisco Security Advisory: Cisco Intrusion Prevention System Jumbo Frame Denial of Service
- [USN-612-11] openssl-blacklist update
- Academic Web Tools CMS <= 1.4.2.8 Multiple Vulnerabilities
- eLineStudio Site Composer (ESC) <=2.6 Multiple Vulnerabilities
- vBulletin 3.7.1 PL1 and lower, vBulletin 3.6.10 PL1: XSS in modcp index
- CSW Security Advisory 0002: Oral B SmartMonitor InformationDisclosure Vulnerability and DoS
- [ GLSA 200806-07 ] X.Org X server: Multiple vulnerabilities
- An Apology.
- Re: RFI ====> vBulletin v3.6.5
- [ MDVSA-2008:117 ] - Updated fetchmail packages fix DoS vulnerability
- Secunia Research: XnView, NConvert, and GFL SDK Sun TAAC Buffer Overflow
- BackTrack 3 Final has been released
- Diigo Toolbar - Global XSS and Information Leakage in SSL URLs
- [ MDVSA-2008:118 ] - Updated net-snmp/ucd-snmp packages fixvulnerabilities
- [ MDVSA-2008:119 ] - Updated exiv2 packages fix vulnerability
- rPSA-2008-0200-1 xorg-server
- rPSA-2008-0201-1 xorg-x11 xorg-x11-fonts xorg-x11-toolsxorg-x11-xfs
- [ MDVSA-2008:120 ] - Updated nasm packages fix vulnerability
- Benja CMS 0.1 (Upload/XSS) Multiple Remote Vulnerabilities
- n.runs-SA-2008.001 - Jscape Secure FTP Applet
- Trust Testing and Metrics
- Firefox 3.0 security bug: Extensions can STILL hide themselves
- [ MDVSA-2008:121 ] - Updated freetype2 packages fix vulnerabilities
- [ GLSA 200806-08 ] OpenSSL: Denial of Service
- [ GLSA 200806-09 ] libvorbis: Multiple vulnerabilities
- [ GLSA 200806-10 ] FreeType: User-assisted execution of arbitrary code