PDA

Bekijk Volledige Versie : Bugtraq mailing lijst



Pagina's : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 [94] 95 96 97 98

  1. Re: [OpenID] OpenID/Debian PRNG/DNS Cache poisoning advisory
  2. Vim: Unfixed Vulnerabilities in Tar Plugin Version 20
  3. [ GLSA 200808-07 ] ClamAV: Multiple Denials of Service
  4. [ GLSA 200808-08 ] stunnel: Security bypass
  5. [DSECRG-08-035] Local File Include Vulnerability in Gallery 1.5.7, 1.6-alpha3
  6. [ GLSA 200808-09 ] OpenLDAP: Denial of Service vulnerability
  7. New paper: An Illustrated Guide to the Kaminsky DNS Vulnerability
  8. [security bulletin] HPSBUX02351 SSRT080058 rev.4 - HP-UX Running BIND, Remote DNS Cache Poisoning
  9. Kayako SupportSuite < 3.30.00 Multiple Vulnerabilities
  10. [ GLSA 200808-10 ] Adobe Reader: User-assisted execution of arbitrary code
  11. Ovidentia Sql Injection
  12. Re: [DSECRG-08-035] Local File Include Vulnerability in Gallery1.5.7, 1.6-alpha3
  13. K-Links Directory Blind SQL Injection Exploit
  14. rPSA-2008-0247-1 gvim vim vim-minimal
  15. rPSA-2008-0249-1 openldap openldap-clients openldap-servers
  16. [ GLSA 200808-11 ] UUDeview: Insecure temporary file creation
  17. Apache Tomcat <= 6.0.18 UTF8 Directory Traversal Vulnerability
  18. Layered Defense Research Advisory: Alcatel-Lucent OmniSwitchproducts, Stack Buffer Overflow
  19. iDefense Security Advisory 08.04.08: Solaris snoop SMB Decoding MultipleFormat String Vulnerabilities
  20. [AJECT] hMailServer 4.4.1 DoS vulnerability
  21. iDefense Security Advisory 08.04.08: Solaris snoop SMB Decoding MultipleStack Buffer Overflow Vulnerabilities
  22. Internet attacks against Georgian web sites
  23. VMSA-2008-0012 Updated VirtualCenter addresses User Account DisclosureVulnerability
  24. rPSA-2008-0253-1 git gitweb
  25. Re: OpenID/Debian PRNG/DNS Cache poisoning advisory
  26. VMSA-2008-0013 Updated ESX packages for OpenSSL, net-snmp, perl
  27. Surf Jack - HTTPS will not save you
  28. Re: [funsec] Internet attacks against Georgian web sites
  29. Re: [funsec] Internet attacks against Georgian web sites
  30. [security bulletin] HPSBUX02356 SSRT080051 rev.1 - HP-UX Running ftpd, Remote Privileged Access
  31. iDefense Security Advisory 08.12.08: Microsoft Office BMP Input FilterHeap Overflow Vulnerability
  32. Re: Vim: Netrw: FTP User Name and Password Disclosure
  33. [ MDVSA-2008:167 ] kernel
  34. [ MDVSA-2008:166 ] clamav
  35. iDefense Security Advisory 08.12.08: Microsoft Office WPG Image FileHeap Buffer Overflow Vulnerability
  36. [TKADV2008-006] CA HIPS KmxFw.sys Kernel Memory Corruption
  37. iDefense Security Advisory 08.12.08: Microsoft PowerPoint Viewer2003 Out of Bounds Array Index Vulnerability
  38. iDefense Security Advisory 08.12.08: Microsoft PowerPoint Viewer2003 Cstring Integer Overflow Vulnerability
  39. Vim: Netrw: FTP User Name and Password Disclosure
  40. iDefense Security Advisory 08.12.08: Microsoft Excel Chart AxesSetInvalid Array Index Vulnerability
  41. iDefense Security Advisory 08.12.08: Microsoft Excel FORMAT RecordInvalid Array Index Vulnerability
  42. iDefense Security Advisory 08.12.08: Microsoft Windows Color ManagementModule Heap Buffer Overflow Vulnerability
  43. rPSA-2008-0243-1 idle python
  44. Vim 7.2c.002 Fixes Arbitrary Command Execution when Handling Tar Archives
  45. [security bulletin] HPSBTU02358 SSRT080058 rev.1 - HP Tru64 UNIX running BIND, Remote DNS Cache Poisoning
  46. CORE-2008-0103: Internet Explorer Zone Elevation Restrictions Bypassand Security Zone Restrictions Bypass
  47. [ MDVSA-2008:170 ] cups
  48. Microsoft Windows Messenger Remote Illegal Access Vulnerability
  49. [ MDVSA-2008:168 ] stunnel
  50. [ MDVSA-2008:169 ] hplip
  51. [security bulletin] HPSBOV02357 SSRT080058 rev.1 - HP OpenVMS TCP/IP Services running BIND, Remote DNS Cache Poisoning
  52. Postfix local privilege escalation via hardlinked symlinks
  53. Security Assessment of the Internet Protocol
  54. rPSA-2008-0255-1 freetype
  55. [ GLSA 200808-12 ] Postfix: Local privilege escalationvulnerability
  56. Cisco Security Advisory: Vulnerability in Cisco WebEx Meeting Manager ActiveX Control
  57. Re: MicroWorld MailScan - Multiple Vulnerabilities within Admin-Webinterface
  58. munky-bliki lfi
  59. Mambo 4.6.2 Full Version - Multiple Cross Site Scripting - ByKhashayar Fereidani
  60. FlexCMS <= 2.5 Cross Site Scripting Vulnerability
  61. [ MDVSA-2008:171 ] postfix
  62. [ MDVSA-2008:172 ] amarok
  63. PHP Live Helper <= 2.0.1 Multiple Vulnerabilities
  64. Nokia 6131 NFC URI/URL Spoofing and DoS Advisory
  65. Re: ManageEngine Firewall Analyzer arbitrary file disclosure to authorized user
  66. NewsHOWLER 1.03 Beta Cookie Handling Via Sql injection
  67. [DSECRG-08-036] Multiple Security Vulnerabilities in Freeway eCommerce 1.4.1.171
  68. Tool: PorkBind v1.3 Nameserver Security Scanner (New Version)
  69. Ovidentia 6.6.5 XSS (index.php)&#8207;
  70. [security bulletin] HPSBMA02345 SSRT080039 rev.2 - HP System Management Homepage (SMH) for Linux and Windows, Remote Cross Site Scripting (XSS)
  71. [security bulletin] HPSBST02360 SSRT080117 rev.2 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-041 to MS08-051
  72. SunShop <= 4.1.4 SQL Injection
  73. Vanilla <= 1.1.4 Script Injection/ XSS
  74. [ MDVSA-2008:173 ] kdegraphics
  75. [ MDVSA-2008:174 ] kernel
  76. ToorCon 10 Call For Papers
  77. Folder Lock <= 5.9.5 Local Password Information Disclosure
  78. [USN-636-1] Postfix vulnerability
  79. [ MDVSA-2008:175 ] yelp
  80. IMF 2008 - Call for Participation
  81. [ MDVSA-2008:176 ] mtr
  82. CORE-2008-0624: Anzio Web Print Object Buffer Overflow
  83. Null Byte Local file Inclusion in FAR - PHP Project version:1.0
  84. CORE-2008-0813 - vBulletin Cross Site Scripting Vulnerability
  85. rPSA-2008-0259-1 postfix
  86. [ MDVSA-2008:177 ] xine-lib
  87. [ MDVSA-2008:178 ] xine-lib
  88. UPDATE: [ GLSA 200804-22 ] PowerDNS Recursor: DNS Cache Poisoning
  89. TimeTrex Time and Attendance Cookie Theft
  90. Rolex, Rado, Pattek Philippe, Omega, Gucci
  91. Contest: Best Advances for OpenVAS Network Vulnerability Tests
  92. Vim: Arbitrary Code Execution in Commands: K, Control-], g]
  93. Call For Papers - Hackers 2 Hackers Conference 5th Edition - Brazil
  94. PR08-20: Bypassing ASP .NET "ValidateRequest" for Script InjectionAttacks
  95. [ MDVSA-2008:179 ] metisse
  96. [ MDVSA-2008:180 ] libxml2
  97. Secunia Research: Trend Micro Products Web Management Authentication Bypass
  98. Apple OSX Leopard (10.5+), inadequate ACL insight can create vuln
  99. Fedora confirms: Our servers were breached
  100. Re: RE: TimeTrex Time and Attendance Cookie Theft
  101. [oCERT-2008-008] multiple heap overflows in xine-lib
  102. Rolex, Rado, Patekk Philippe, Omegga, Gucci
  103. Rollex, Rado, Patek Philipppe, Omega, Gucci
  104. OneNews Beta 2 Multiple Vulnerabilities
  105. Rolex, Radoo, Patekk Philippe, Omega, Gucci
  106. Rolex, Raado, Patek Philippe, Omega, Gucci
  107. Rolex, Rado, Pattek Philippe, Omega, Gucci
  108. Rolexx, Rado, Patek Phillippe, Omega, Gucci
  109. Rolex, Raado, Patek Philippe, Omega, Gucci
  110. Secunia Research: Novell iPrint Client ActiveX Control "GetFileList()" Information Disclosure
  111. [DSECRG-08-038] Multiple Local File Include Vulnerabilities in ezContents CMS 2.0.3
  112. Secunia Research: Calendarix Basic Two SQL Injection Vulnerabilities
  113. Secunia Research: Novell iPrint Client ActiveX Control Multiple Buffer Overflows
  114. [DSECRG-08-037] Multiple Local File Include Vulnerabilities in Pluck CMS 4.5.2
  115. [IVIZ-08-009] Grub Legacy Security Model bypass exploiting wrong BIOS API usage
  116. SECOBJADV-2008-03.2: PartyGaming PartyPoker Malicious UpdateVulnerability
  117. [IVIZ-08-006] DiskCryptor Security Model bypass exploiting wrong BIOS API usage
  118. Crafty Syntax Live Help <= 2.14.6 SQL Injection
  119. Rolex, Rado, Pateek Philippe, Omega, Gucci
  120. Rolex, Rado,, Patek Philippee, Omega, Gucci
  121. ToorCon X CFP Closing and Workshops and Seminars discounted until Friday!
  122. ZoneMinder Multiple Vulnerabilities
  123. Hopeless comments regarding the pointless "HP System Management Homepage (SMH) Unspecified XSS"
  124. Multiple Vulnerabilities in AWStats Totals
  125. White Wolf Labs #080826-1: Kyocera Mita Scanner File Utility (Multiple)
  126. PacSec 2008 CFP (Deadline Sept. 1, Conference Nov. 12/13) and BA-Con 2008 Speakers (Sept .30/ Oct. 1)
  127. [ MDVSA-2008:180-1 ] libxml2
  128. [security bulletin] HPSBMA02363 SSRT080106 rev.1 - HP Enterprise Discovery Running on Windows, Remote Authorized User, Gain Extended Privileges
  129. [IVIZ-08-008] LILO Security Model bypass exploiting wrong BIOS API usage
  130. [IVIZ-08-007] DriveCrypt Security Model bypass exploiting wrong BIOS API usage
  131. [IVIZ-08-003] TrueCrypt Security Model bypass exploiting wrong BIOS API usage
  132. [USN-638-1] Yelp vulnerability
  133. [IVIZ-08-004] Intel BIOS Plain Text Password Disclosure
  134. [IVIZ-08-002] Hewlett-Packard BIOS Plain Text Password Disclosure
  135. [IVIZ-08-005] IBM Lenovo BIOS Plain Text Password Disclosure
  136. [security bulletin] HPSBUX02365 SSRT080118 rev.1 - HP-UX Running Apache, Remote Cross Site Scripting (XSS) or Denial of Service (DoS)
  137. reviving the botnets@ mailing list: a new statregy in fighting cybercrime
  138. [Advisory] Invision Power Board <= 2.3.5 MultipleVulnerabilities and Security Bypass
  139. [ MDVSA-2008:181 ] ipsec-tools
  140. [Exploit] Invision Power Board <= 2.3.5 Multiple Vulnerabilities
  141. Re: [Exploit] Invision Power Board <= 2.3.5 Multiple Vulnerabilities
  142. VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMwareACE, VMware Server, VMware ESX address information disclosure, privilegeescalation and other security issues.
  143. Re: [Advisory] Invision Power Board <= 2.3.5 MultipleVulnerabilities and Security Bypass
  144. Multiple Cross Site Scripting (XSS) Vulnerabilities in vtigerCRM5.0.4, CVE-2008-3101
  145. rPSA-2008-0264-1 ruby
  146. [oCERT-2008-014] WordNet stack and heap overflows
  147. Postfix Linux-only local denial of service
  148. HPSBUX02354 SSRT080113 rev.1 - HP-UX Running Netscape / Red Hat Directory Server, Remote Cross Site Scripting (XSS) or Remote Denial of Service (DoS)
  149. [security bulletin] HPSBMA02362 SSRT080044, SSRT080045 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Denial of Service (DoS)
  150. ToorCon X Lineup & Training Seminars Posted & Pre-Registration Ending
  151. [AJECT] Softalk IMAP Server 8.5.1 DoS vulnerability
  152. [ MDVSA-2008:182 ] wordnet
  153. CS-Cart <= 1.3.5 SQL Injection
  154. [Tool] sqlmap 0.6 released
  155. [USN-639-1] tiff vulnerability
  156. [Suspected Spam]New IETF I-D-: Security Assessment of the Internet Protocolversion 4
  157. [ MDVSA-2008:183 ] opensc
  158. In search of examples of malicious source code
  159. Exploit
  160. Has anyone implemented "double forward DNS"?
  161. RUXCON 2008 Final Call For Papers
  162. Secunia Research: Novell iPrint Client nipplib.dll "IppCreateServerRef()" Buffer Overflow
  163. [Tool] Distack framework for attack detection and traffic analysis
  164. Google Chrome Automatic File Download
  165. Google Chrome Browser (ver.0.2.149.27) Vulnerability
  166. TransLucid 1.75 (fckeditor) Remote Arbitrary File Upload
  167. Cisco Secure ACS EAP Parsing Vulnerability
  168. Cisco Secure ACS Denial Of Service Vulnerability
  169. FreeBSD Security Advisory FreeBSD-SA-08:08.nmount
  170. [ MDVSA-2008:184 ] libtiff
  171. [ MDVSA-2008:185 ] python-django
  172. FreeBSD Security Advisory FreeBSD-SA-08:09.icmp6
  173. FreeBSD Security Advisory FreeBSD-SA-08:07.amd64
  174. Multiple Cross Site Scripting (XSS) and SQL injectionVulnerabilities in XRMS, CVE-2008-3664
  175. Marvell Driver EAPoL-Key Length Overflow
  176. Marvell Driver Null SSID Association Request Vulnerability
  177. [USN-640-1] libxml2 vulnerability
  178. Re: Google Chrome Automatic File Download
  179. Atheros Vendor Specific Information Element Overflow
  180. Zen Cart <= 1.3.8a SQL Injection
  181. [ GLSA 200809-04 ] MySQL: Privilege bypass
  182. [ GLSA 200809-01 ] yelp: User-assisted execution of arbitrary code
  183. clamav: Crash with crafted chm, CVE-2008-1389
  184. [ GLSA 200809-02 ] dnsmasq: Denial of Service and DNS spoofing
  185. [ GLSA 200809-03 ] RealPlayer: Buffer overflow
  186. Multiple MicroWorld products insecure directory permissions
  187. [ MDVSA-2008:186 ] python
  188. [security bulletin] HPSBMA02361 SSRT080119 rev.1 - HP OpenView Select Identity Connectors running on Windows, Local Information Disclosure
  189. other google chrome crash
  190. rPSA-2008-0268-1 libtiff
  191. Risky Chrome (The perfect cleartext password offering )
  192. XCon 2008 Call for Paper
  193. Re: XCon 2008 Call for Paper
  194. Google Chrome 0.2.149.27 'SaveAs' Function Buffer Overflow Vulnerability
  195. Re: Oracle 10g Dynamic Monitoring Services XSS /servlet/Spy
  196. [ GLSA 200809-05 ] Courier Authentication Library: SQL injectionvulnerability
  197. Google Chrome Auto download exploit ..
  198. [ MDVSA-2008:188 ] tomcat5
  199. xoops-1.3.10 shell command execute vulnerability ( causing snoopyclass )
  200. phpAdultSite CMS flaws
  201. [ GLSA 200809-06 ] VLC: Multiple vulnerabilities
  202. [scip_Advisory 3808] D-Link DIR-100 long url filter evasion
  203. DEFCON London - DC4420 - September meet this Thursday 11th
  204. Re: Re: SECURITY ADVISORY - Level Platforms, Inc. Service CenterInstall Data HTTP Vulnerability
  205. Sagem Router F@ST 2404 Remote Denial Of Service Exploit
  206. Chrome(0.2.149.27) title(not the tag) Denial of Service(Freeze) exploit
  207. WASC Announcement: 2007 Web Application Security Statistics Published
  208. [ GLSA 200809-07 ] libTIFF: User-assisted execution of arbitrarycode
  209. [ GLSA 200809-08 ] Amarok: Insecure temporary file creation
  210. Transfer Of Fund,
  211. [USN-641-1] Racoon vulnerabilities
  212. Stash v1.0.3 Admin bypass / Remote File Disclosure
  213. Sun M-class hardware denial of service
  214. Re: Chrome(0.2.149.27) title(not the tag) Denial of Service(Freeze) exploit
  215. Re: Sun M-class hardware denial of service
  216. Re: Sun M-class hardware denial of service
  217. SQL Smuggling
  218. [SECURITY] CVE-2008-2938 - Apache Tomcat information disclosure vulnerability- Updated
  219. DeepSec 2008 - Conference Schedule
  220. iDefense Security Advisory 09.09.08: Apple QuickTime PICT IntegerOverflow Vulnerability
  221. Multiple Vulnerabilities: LedgerSMB < 1.2.15
  222. iDefense Security Advisory 09.09.08: Microsoft Windows GDI+ GradientFill Heap Overflow Vulnerability
  223. Windows GDI+ GIF memory corruption
  224. [oCERT-2008-012] Horde, Popoon frameworks common inputsanitization errors (XSS)
  225. Re: E-Php B2B Trading Marketplace(cid) Remote SQL InjectionVulnerability
  226. [ MDVSA-2008:190 ] postfix
  227. [USN-642-1] Postfix vulnerabilities
  228. Ezphotogallery 2.1 Multiple Vulnerabilities ( Xss/LoginBypass/Sql injection Exploit/File Disclosure)
  229. ZoneAlarm Security Suite buffer overflow
  230. PhpWebGallery 1.3.4 Multiple Vulnerabilities (XSS/LFI)
  231. sqlvdir.dll ActiveX Remote Buffer Overflow Exploit
  232. PhsBlog v0.2 Bypass Sql injection Filtering Exploit
  233. minb Remote Code Execution Exploit
  234. [security bulletin] HPSBOV02364 SSRT080078 rev.1 - HP OpenVMS SMGRTL Run Time Library, Local Authorized User, Gain Privileged Access
  235. Nooms 1.1
  236. Advisory 04/2008: Joomla Weak Random Password Reset Token Vulnerability
  237. [ MDVSA-2008:191 ] rsh
  238. Advisory 05/2008: Wordpress user_login Column SQL Truncation Vulnerability
  239. Re: OpenWiki<--v0.78 Cross-Site Scripting
  240. Secunia Research: Trend Micro OfficeScan "cgiRecvFile.exe" Buffer Overflow
  241. [USN-643-1] FreeType vulnerabilities
  242. [USN-644-1] libxml2 vulnerabilities
  243. [ MDVSA-2008:192 ] libxml2
  244. Avant Browser <= 11.7 Build 9 Integer Denial Of Service Exploit
  245. community real-time BGP hijack notification service
  246. [scip_Advisory 3809] Pro2col StingRay FTS login username cross sitescripting
  247. CORE-2008-0126: iPhone Safari JavaScript alert Denial of Service
  248. Baidu Hi IM software parsing plaintext stack overflow
  249. [ MDVSA-2008:193 ] kolab-server
  250. [ MDVSA-2008:194 ] apache2