PDA

Bekijk Volledige Versie : Bugtraq mailing lijst



Pagina's : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 [93] 94 95 96 97 98

  1. fetchmail REVISED security announcement fetchmail-SA-2008-01(CVE-2008-2711)
  2. [ MDVSA-2008:122 ] - Updated clamav packages fix vulnerability
  3. [ GLSA 200806-11 ] IBM JDK/JRE: Multiple vulnerabilities
  4. [BMSA 2008-07] Format string vulnerability in 5th street
  5. ERRATA - n.runs-SA-2008.001 - Jscape Secure FTP Applet
  6. Cisco Security Advisory: Cisco Unified Communications Manager Denial of Service and Authentication Bypass Vulnerabilities
  7. [ECHO_ADV_99$2008] Relative Real Estate Systems <= 3.0(listing_id) Sql Injection Vulnerability
  8. [ MDVSA-2008:123 ] - Updated imlib2 packages fix vulnerabilities
  9. Re: IdeBox (include) Remote File Inclusion Vulnerability
  10. Multiple vulnerabilities in TietoEnator's Procapita schooladministration system, at least version "842 Procapita 840SP1"
  11. The Rat CMS (SQL/XSS) Multiple Remote Vulnerabilities
  12. Pidgin 2.4.1 Vulnerability
  13. Evolution Vulnerability
  14. Rhythmbox Vulnerability
  15. Re: Rhythmbox Vulnerability
  16. [SCANIT-2008-002] Wordtrans-web Remote Command ExecutionVulnerability
  17. [SCANIT-2008-003] Wordtrans-web Remote Command ExecutionVulnerability
  18. CFP 25C3 - The 25th Chaos Communication Congress 2008
  19. [SCANIT-2008-001] QNX phgrafx Privilege Escalation Vulnerability
  20. [ GLSA 200807-01 ] Python: Multiple integer overflows
  21. [security bulletin] HPSBMA02345 SSRT080039 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Cross Site Scripting (XSS)
  22. [ GLSA 200807-02 ] Motion: Execution of arbitrary code
  23. New Paper: More than 600 million users surf at high risk
  24. Vuln name: Ruby rb_ary_fill() DOS
  25. Deepsec Talks 2007 are online - registration for 2008 is open
  26. [tool] ratproxy - passive web application security assessment tool
  27. ISEC 2008(Information Security Conference) Guide
  28. Secunia Research: VLC Media Player WAV Processing Integer Overflow
  29. Release of Pass-The-Hash Toolkit v1.4
  30. Re: Vivvo Cms 4.0 Csrf Bug (Change Profile Information)
  31. Vivvo Cms 4.0 Csrf Bug (Change Profile Information) By S_e_YM_e_N
  32. wordpressplugins.eu
  33. Re: Multiple vulnerabilities in TietoEnator's Procapita schooladministration system, at least version
  34. ezmlm warning
  35. [ GLSA 200807-05 ] OpenOffice.org: User-assisted execution of arbitrarycode
  36. [ MDVSA-2008:139 ] - Updated BIND packages fix critical DNSvulnerability
  37. Context IS Advisory - MS08-39 OWA XSS
  38. [ MDVSA-2008:142 ] - Updated ruby packages fix vulnerabilities
  39. Nessus plugins for recent MS Bulletins
  40. Re: Microsoft DNS patch KB951748 incompatible with Zonealarm FIXED
  41. [ GLSA 200807-07 ] NX: User-assisted execution of arbitrary code
  42. rPSA-2008-0223-1 poppler
  43. London DEFCON July meet - DC4420 - Thursday 10th July (today!)
  44. iDefense Security Advisory 07.09.08: Novell eDirectory LDAP SearchRequest Heap Corruption Vulnerability
  45. Re: PR07-37: XSS on Apache HTTP Server 413 error pages viamalformed HTTP method
  46. [ MDVSA-2008:143 ] - Updated pidgin packages fix MSN protocol handler vulnerability
  47. [NETRAGARD SECURITY ADVISORY][Apple Core Image Fun House <= 2.0 OSX -- Arbitrary Code Execution][NETRAGARD-20080711]
  48. [ MDVSA-2008:138-1 ] - Updated OpenOffice.org packages fix vulnerability
  49. [ MDVSA-2008:144 ] - Updated openldap packages fix slapd DoS vulnerability
  50. Re: Microsoft DNS patch KB951748 incompatible with Zonealarm
  51. Re: New Paper: More than 600 million users surf at high risk
  52. Re: Re: Microsoft DNS patch KB951748 incompatible with Zonealarm
  53. Simple DNS Plus 5.0/4.1 < remote Denial of Service exploit
  54. Pluck Local File inclusion
  55. FreeBSD Security Advisory FreeBSD-SA-08:06.bind
  56. DeepSec 2008 - Last call for submissions
  57. unix books
  58. [ MDVSA-2008:145 ] - Updated bluez/bluez-utils packages fix SDP packet parsing vulnerability
  59. CFP now open for ClubHack2008 - India
  60. HPSBST02350 SSRT080102 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-037 to MS08-040
  61. [ GLSA 200807-09 ] Mercurial: Directory traversal
  62. [ MDVSA-2008:147 ] - Updated pcre packages fix vulnerability
  63. iDefense Security Advisory 07.15.08: Oracle Internet Directory Pre-AuthenticationLDAP DoS Vulnerability
  64. iDefense Security Advisory 07.15.08: Oracle Database DBMS_AQELM PackageBuffer Overflow Vulnerability
  65. iDefense Security Advisory 07.15.08: Oracle Database Local UntrustedLibrary Path Vulnerability
  66. [ MDVSA-2008:146 ] - Updated poppler packages fix arbitrary codeexecution vulnerability
  67. [security bulletin] HPSBMA02346 SSRT080097 rev.1 - HP Select Identity Active Directory Bidirectional LDAP Connector, Remote Unauthorized Access
  68. Oracle Application Server PLSQL injection flaw
  69. Arbitrary code execution in Netrw version 127, Vim 7.2b
  70. [security bulletin] HPSBMA02133 SSRT061201 rev.9 - HP Oracle for OpenView (OfO) Critical Patch Update
  71. [ECHO_ADV_100$2008] Comdev Web Blogger <= 4.1.3 (arcmonth) SqlInjection Vulnerability
  72. [DSECRG-08-028] File read in Velocity web-server
  73. n.runs-SA-2008.002 - F-Prot Out-of-Bound Memory Access DoS (remote)
  74. rPSA-2008-0035-1 httpd mod_ssl
  75. IETF Internet-Draft on TCP Port randomization
  76. [security bulletin] HPSBUX02351 SSRT080058 rev.1 - HP-UX Running BIND, Remote DNS Cache Poisoning
  77. ekoparty security trainings (2008) announcement
  78. [DSECRG-08-029] Local File Include in Dokeos E-Learning System 1.8.5
  79. HPSBMA02346 SSRT080097 rev.2 - HP Select Identity Active Directory Bidirectional LDAP Connector, Remote Unauthorized Access
  80. Oracle Portal XSS fixed by CPU July 2008
  81. [USN-623-1] Firefox vulnerabilities
  82. communitycms-0.1 Remote File Includion
  83. Security Vacation Guide
  84. Def_Blog 1.0.3 Multiple Remote SQL Injection Vulnerabilities
  85. Lateral SQL Injection Revisited - No Special Privs Required
  86. [ MDVSA-2008:148 ] - Updated Firefox packages fix vulnerabilities
  87. [ISecAuditors Security Advisories] SmbClientParser Perl module allowsremote command execution
  88. [DSECRG-08-030] Claroline 1.8.9 Multiple Security Vulnerabilities
  89. Windows Vista Power Management & Local Security Policy
  90. Re: Lateral SQL Injection Revisited - No Special Privs Required
  91. [security bulletin] HPSBUX02351 SSRT080058 rev.2 - HP-UX Running BIND, Remote DNS Cache Poisoning
  92. rPSA-2008-0231-1 bind bind-utils
  93. Oracle Database Local Untrusted Library Path Vulnerability
  94. Easybookmarker 40tr Xss Vulnerability By Khashayar Fereidani
  95. [ MDVSA-2008:149 ] - Updated mysql packages fix vulnerabilities
  96. Re: Oracle Database Local Untrusted Library Path Vulnerability
  97. EasyPublish 3.0tr Multiple Vulnerabilities ( Xss / Sql InjectionExploit / File Disclosure Exploit )
  98. Easyecards 310a Multipe Vulerabilities ( Xss / Sql InjectionExploit / File Disclosure Exploit ) By Khashayar Fereidani
  99. [ MDVSA-2008:150 ] - Updated mysql packages fix vulnerabilities
  100. EMC Dantz Retrospect 7 backup Client PlainText Password HashDisclosure Vulnerability
  101. FGA-2008-16: EMC Dantz Retrospect 7 backup Client 7.5.116 RemoteMemory corruption Vulnerability
  102. Vulnerability CVE-2008-3671 - MyReview's vulnerability in the access control system
  103. Easydynamicpages 30tr Multipe Vulerabilities ( Xss / SqlInjection Exploit / File Disclosure Exploit )
  104. Maran PHP Blog Xss By Khashayar Fereidani
  105. MyBlog <=0.9.8 Multiple Vulnerabilities
  106. Vim: Improper Implementation of shellescape()/Arbitrary Code Execution
  107. FGA-2008-16: EMC Dantz Retrospect 7 backup Client 7.5.116NULL-Pointer reference Denial of Service Vulnerability
  108. [DSECRG-08-031] Local File Include Vulnerability in Interact 2.4.1
  109. Re: Pwnie Awards 2008
  110. Flip V3.0 final
  111. Re: SchoolCenter URL Handling Cross Site Scripting Vulnerability
  112. [White Paper] Abusing HTML 5 Structured Client-side Storage
  113. E-Mail header Injection in HiFriend
  114. [ GLSA 200807-10 ] Bacula: Information disclosure
  115. [ GLSA 200807-11 ] PeerCast: Buffer overflow
  116. Re: [ GLSA 200807-10 ] Bacula: Information disclosure
  117. [ MDVSA-2008:151 ] - Updated libxslt packages fix buffer overflow vulnerability
  118. [ GLSA 200807-12 ] BitchX: Multiple vulnerabilities
  119. FGA-2008-16: EMC Dantz Retrospect 7 backup Server AuthenticationModule Weak Password Hash Arithmetic Vulnerability
  120. Vulnerability: SocialEngine (SocialEngine.net) high risk security flaw
  121. [security bulletin] HPSBMA02346 SSRT080097 rev.3 - HP OpenView Select Identity Active Directory Bidirectional LDAP Connector, Remote Unauthorized Access
  122. [DSECRG-08-032] Claroline 1.8.10 Multiple XSS Vulnerabilities
  123. PR08-13: Persistent Cross-site Scripting (XSS) on Moodle via blogentry title
  124. PR08-15: Several Webroot Disclosures on Moodle
  125. PR08-16: CSRF (Cross-site Request Forgery) on Moodle edit profilepage
  126. [USN-627-1] Dnsmasq vulnerability
  127. [ MDVSA-2008:152 ] - Updated wireshark packages fix denial of service vulnerability
  128. AST-2008-011: Traffic amplification in IAX2 firmware provisioning system
  129. AST-2008-010: Asterisk IAX 'POKE' resource exhaustion
  130. RE: Windows Vista Power Management & Local Security Policy
  131. Vim: Flawed Fix of Arbitrary Code Execution Vulnerability in filetype.vim
  132. [USN-628-1] PHP vulnerabilities
  133. [ MDVSA-2008:153 ] - Updated emacs packages fix vulnerability
  134. [ MDVSA-2008:154 ] - Updated xemacs packages fix vulnerability
  135. CAU-EX-2008-0002: Kaminsky DNS Cache Poisoning Flaw Exploit
  136. [Full-disclosure] [tool] SDT Cleaner 1.0
  137. Re: [Full-disclosure] Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution
  138. Secunia Research: RealPlayer SWF Frame Handling Buffer Overflow
  139. XRMS 1.99.2 (RFI/XSS/IG) Multiple Remote Vulnerabilities
  140. ezContents CMS Renote File inclusion
  141. [ MDVSA-2008:155 ] - Updated Thunderbird packages fix multiple vulnerabilities
  142. how to request a cve id?
  143. [ MDVSA-2008:155-1 ] - Updated Thunderbird packages fix multiple vulnerabilities
  144. Security Bypass Vulnerabilities AXESSTEL
  145. [DSECRG-08-033] Local File Include Vulnerability in Pixelpost 1.7.1
  146. Tool release: [evilgrade] - Using DNS cache poisoning to exploit poor update implementations
  147. [security bulletin] HPSBMA02353 SSRT080066 rev.1 - HP OpenView Internet Services Running Probe Builder, Remote Denial of Service (DoS)
  148. JamRoom <= 3.3.8 Authentication Bypass
  149. Multiple Cross-Site Scripting Vulnerabilities in Web Wiz RichText Editor version 4.02
  150. ViArt <= 3.5 SQL Injection
  151. Cross Site Scripting (XSS) in Owl <=0.95, CVE-2008-3100
  152. iDefense Security Advisory 07.28.08: Hewlett-Packard OVIS Probe BuilderArbitrary Process Termination Vulnerability
  153. [ MDVSA-2008:156 ] - Updated libpng packages fix vulnerability
  154. [USN-626-1] Firefox and xulrunner vulnerabilities
  155. rPSA-2008-0236-1 httpd mod_ssl
  156. rPSA-2008-0237-1 tshark wireshark
  157. rPSA-2008-0238-1 firefox
  158. [USN-631-1] poppler vulnerability
  159. [DSECRG-08-034] Local File Include Vulnerability in Minishowcase v09b136
  160. Gregarius <= 0.5.4 SQL Injection
  161. VMSA-2008-00011 Updated ESX service console packages for Samba andvmnix
  162. rPSA-2008-0235-1 fetchmail fetchmailconf
  163. [USN-630-1] ffmpeg vulnerability
  164. n.runs-SA-2008.004 - AVG Anti-Virus Divide by Zero - DoS (remote)
  165. Remote Cisco IOS FTP exploit
  166. [ MDVSA-2008:157 ] - ffmpeg
  167. Cisco IOS shellcode explanation
  168. MJGuest 6.8 GT Cross Site Scripting Vulnerability
  169. RealNetworks RealPlayer ActiveX Illegal Resource Reference Vulnerability
  170. Tool: PorkBind Nameserver Security Scanner
  171. Cisco IOS shellcode explanation - additional
  172. DEV WMS Multiple Vulnerabilities
  173. [ MDVSA-2008:159 ] licq
  174. [oCERT-2008-009] libxslt heap overflow
  175. Secunia Research: Blue Coat K9 Web Protection "Referer" Header Buffer Overflow
  176. [security bulletin] HPSBUX02286 SSRT071466 rev.1 - HP-UX Running System Administration Manager (SAM), Unintended Remote Access
  177. Pligg <= 9.9.0 Multiple Vulnerabilities
  178. Secunia Research: Blue Coat K9 Web Protection Response Handling Buffer Overflows
  179. [~] Greetz : Me93fg & Mr.SaFa7
  180. iDefense Security Advisory 07.30.08: SAP MaxDB dbmsrv Untrusted ExecutionPath Vulnerability
  181. [ GLSA 200807-15 ] Pan: User-assisted execution of arbitrary code
  182. [ GLSA 200807-14 ] Linux Audit: Buffer overflow
  183. [ GLSA 200807-13 ] VLC: Multiple vulnerabilities
  184. [ GLSA 200807-16 ] Python: Multiple vulnerabilities
  185. [CVE-2008-2370] Apache Tomcat information disclosure vulnerability
  186. libxslt heap overflow
  187. [CVE-2008-1232] Apache Tomcat XSS vulnerability
  188. [USN-634-1] OpenLDAP vulnerability
  189. eVision 2.0 Sql Injection/Remote File Disclosure/Remote FileUpload/IG
  190. DNS Multiple Race Exploiting Tool
  191. [USN-632-1] Python vulnerabilities
  192. [USN-633-1] libxslt vulnerabilities
  193. iDefense Security Advisory 07.31.08: Apple Mac OS X CoreGraphicsPDF Type1 Font Integer Overflow Vulnerability
  194. =?UTF-8?B?bi5ydW5zLVNBLTIwMDguMDA1IC0gQXBwbGUgSW5jLiAtIE NvcmVTZXI=?==?UTF-8?B?dmljZXMgRnJhbWV3b3Jr4oCZcyBDYXJib25Db3JlIEZyYW 1ld29yayAtIEFyYmk=?==?UTF-8?B?dHJhcnkgQ29kZSBFeGVjdXRpb24gKHJlbW90ZSk=?=
  195. Re: how to request a cve id?
  196. [ MDVSA-2008:160 ] libxslt
  197. file upload exploit
  198. iDefense Security Advisory 08.01.08: Ingres Database for Linux verifydbInsecure File Permissions Modification Vulnerability
  199. iDefense Security Advisory 08.01.08: Ingres Database for Linux libbecompatStack Based Buffer Overflow Vulnerability
  200. iDefense Security Advisory 08.01.08: Ingres Database for Linux ingvalidpwUntrusted Library Path Vulnerability
  201. Pligg Auto-Voter Using XSS to Bypass CSRF Protection
  202. Keld: PHP-MySQL News Script 0.7.1 Remote SQL injection Vulnerability
  203. TGS CMS Remote Code Execution Exploit
  204. UNAK-CMS Lfi
  205. [USN-626-2] Devhelp, Epiphany, Midbrowser and Yelp update
  206. Team SHATTER Security Advisory: SQL Injection in Oracle ApplicationServer (WWEXP_API_ENGINE)
  207. Team SHATTER Security Advisory: Cross-site scripting in Oracle EnterpriseManager (REFRESHCHOICE Parameter)
  208. Team SHATTER Security Advisory: SQL Injection in Oracle Database(DBMS_DEFER_SYS.DELETE_TRAN)
  209. Xampp Linux 1.6.7 Multiple Cross Site Scripting Vulnerabilities
  210. 8e6 Technologies R3000 Internet Filter Bypass with Host Decoy
  211. Plogger <= 3.0 SQL Injection
  212. IGES CMS <=2.0 Multiple Vulnerabilities
  213. Pluck 4.5.2 Multiple Cross Site Scripting Vulnerabilities
  214. Excellent new IT Security site
  215. [ GLSA 200808-01 ] xine-lib: User-assisted execution of arbitrary code
  216. [ GLSA 200808-02 ] Net-SNMP: Multiple vulnerabilities
  217. [ GLSA 200808-03 ] Mozilla products: Multiple vulnerabilities
  218. [ GLSA 200808-04 ] Wireshark: Denial of Service
  219. rPSA-2008-0245-1 cups
  220. rPSA-2008-0246-1 gaim
  221. PHP-NUKE module Kleinanzeigen SQL injection (lid)
  222. MyClan Sql Injection
  223. Re: 8e6 Technologies R3000 Internet Filter Bypass with Host Decoy
  224. Interesting things at sec-consult.com, DNS-whitepaper availabletomorrow
  225. Google Notebook and Google Bookmarks Cross Site ScriptingVulnerabilities
  226. Apache HTTP Server mod_proxy_ftp Wildcard Characters Cross-Site Scripting
  227. [ GLSA 200808-05 ] ISC DHCP: Denial of Service
  228. [USN-635-1] xine-lib vulnerabilities
  229. [ GLSA 200808-06 ] libxslt: Execution of arbitrary code
  230. [security bulletin] HPSBUX02351 SSRT080058 rev.3 - HP-UX Running BIND, Remote DNS Cache Poisoning
  231. [security bulletin] HPSBUX02355 SSRT080023 rev.1 - HP-UX Using libc, Remote Denial of Service (DoS)
  232. Re: [funsec] facebook messages worm
  233. OpenVMS fingerd remote stack overflow
  234. Re: [Full-disclosure] [funsec] facebook messages worm
  235. facebook messages worm
  236. Whitepaper: DNS zone redelegation
  237. [SE-2008-01] J2ME Security Vulnerabilities 2008
  238. Re: [SE-2008-01] J2ME Security Vulnerabilities 2008
  239. [ MDVSA-2008:161 ] rxvt
  240. [ MDVSA-2008:162 ] qemu
  241. [ MDVSA-2008:163 ] python
  242. re: [SE-2008-01] J2ME Security Vulnerabilities 2008
  243. [ MDVSA-2008:164 ] python
  244. Re: Re: [SE-2008-01] J2ME Security Vulnerabilities 2008
  245. Re: [funsec] facebook messages worm
  246. OpenID/Debian PRNG/DNS Cache poisoning advisory
  247. [AJECT] NoticeWare IMAP Email Server 4.6.2 DoS vulnerability
  248. Re: [OpenID] OpenID/Debian PRNG/DNS Cache poisoning advisory
  249. Re: OpenID/Debian PRNG/DNS Cache poisoning advisory
  250. [AJECT] WinGate Email Server (IMAP) vulnerability