PDA

Bekijk Volledige Versie : Bugtraq mailing lijst



Pagina's : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 [95] 96 97 98

  1. [ MDVSA-2008:195 ] apache
  2. Baidu Hi IM client software DoS bug, div zero make client crash
  3. Microsoft Windows WRITE_ANDX SMB command handling Kernel DoS
  4. Critical Vulnerability in Apple =?UTF-8?B?UXVpY2t0aW1l4oCZcyBJbmQ=?==?UTF-8?B?ZW8gQ29kZWM=?=
  5. TPTI-08-06: Landesk QIP Server Service Heal Packet Buffer Overflow
  6. [ MDVSA-2008:196 ] mplayer
  7. [ MDVSA-2008:182-1 ] wordnet
  8. [ MDVSA-2008:197 ] koffice
  9. Team SHATTER Security Advisory: Security Vulnerability in CLR storedprocedure deployment from IBM Database Add-Ins for Visual Studio
  10. Team SHATTER Security Advisory: IBM DB2 UDB - Buffer overrun in XMLQUERYand XMLEXISTS
  11. [NOBYTES.COM: #12] osCommerce 2.2rc2a - Information Disclosure
  12. [ MDVSA-2008:198 ] R-base
  13. [ECHO_ADV_101$2008] Attachmax Dolphin <= 2.1.0 MultipleVulnerabilities
  14. [NOBYTES.COM: #14] Quick.Cms.Lite v2.1 Freeware - Cross Site Scripting
  15. [NOBYTES.COM: #13] Quick.Cart v3.1 Freeware - Cross Site Scripting
  16. [ MDVSA-2008:197-1 ] koffice
  17. Skype IM Client Password Disclosure Vulnerability.
  18. Miranda IM Client Password Disclosure Vulnerability.
  19. Pidgin IM Client Password Disclosure Vulnerability.
  20. [AJECT] SurgeMail IMAP 3.9e vulnerability
  21. Microsoft Internet Explorer DoS in Rendering Malicious PNG Files.
  22. ShmooCon 2009 CFP
  23. [security bulletin] HPSBMA02369 SSRT080115 rev.1 - HP ProLiant Essentials Rapid Deployment Pack (RDP) Running Symantec Altiris Deployment Solution, Remote SQL Injection, Remote or Local Gain Extended Privileges, Local Denial of Service (DoS)
  24. rPSA-2008-0278-1 tshark wireshark
  25. rPSA-2008-0276-1 mercurial mercurial-hgk
  26. [ MDVSA-2008:189-1 ] clamav
  27. [security bulletin] HPSBOV02364 SSRT080078 rev.2 - HP OpenVMS SMGRTL Run Time Library, Local Authorized User, Gain Privileged Access
  28. Hi Two Points to consider
  29. menalto gallery: Session hijacking vulnerability, CVE-2008-3662
  30. Sama XSS Bug
  31. cyask 3.x Local File Inclusion Vulnerability
  32. RE: Pidgin IM Client Password Disclosure Vulnerability.
  33. vi can run arbitrary commands via 'tags' file
  34. LooYu Web IM 2008 Cross-Site Scripting Vulnerabilities
  35. PHP pro bid v 6.04 SQL injection
  36. VMSA-2008-0015 Updated ESXi and ESX 3.5 packages address criticalsecurity issue in openwsman
  37. [USN-646-1] rdesktop vulnerabilities
  38. Annutel - Annuaire Téléphonique v1.0 Sensetive Files (MDP)
  39. [ GLSA 200809-09 ] Postfix: Denial of Service
  40. [ MDVSA-2008:199 ] wireshark
  41. Advanced Electron Forum <= 1.0.6 Remote Code Execution
  42. MyFWB 1.0 Remote SQL Injection
  43. drupal: Session hijacking vulnerability, CVE-2008-3661
  44. MapCal - The Mapping Calendar (v. 0.1) Remote SQL Injection
  45. Blue Coat xss
  46. [security bulletin] HPSBUX02370 SSRT071459 rev.1 - HP-UX Running rpcbind, Remote Denial of Service (DoS)
  47. =?iso-8859-1?Q?=22Exploit_creation_-_The_random_approach=22_or_=22Playing?==?iso-8859-1?Q?_with_random_to_build_exploits=22?=
  48. [ GLSA 200809-10 ] Mantis: Multiple vulnerabilities
  49. [ GLSA 200809-11 ] HAVP: Denial of Service
  50. [MajorSecurity Advisory #53]BLUEPAGE CMS - Cross Site Scriptingand Session Fixation Issues
  51. [MajorSecurity Advisory #54]xt:Commerce - Cross Site Scriptingand Session Fixation Issues
  52. Cross Site Scripting (XSS) Vulnerabilitiy in fuzzylime (cms)>=3.02, CVE-2008-3098
  53. Re: [MajorSecurity Advisory #54]xt:Commerce - Cross SiteScripting and Session Fixation Issues
  54. [ GLSA 200809-12 ] Newsbeuter: User-assisted execution of arbitrarycode
  55. [ GLSA 200809-13 ] R: Insecure temporary file creation
  56. [ MDVSA-2008:200 ] ed
  57. [ MDVSA-2008:201 ] pan
  58. Squirrelmail: Session hijacking vulnerability, CVE-2008-3663
  59. Aruba Mobility Controller Shared Default Certificate
  60. Xss In Datalife Engine CMS 7.2
  61. [ MDVSA-2008:202 ] phpMyAdmin
  62. [ MDVSA-2008:203 ] awstats
  63. menalto gallery: Session hijacking vulnerability, CVE-2008-3102
  64. Re: Aruba Mobility Controller Shared Default Certificate - Responsefrom Aruba Networks
  65. [ GLSA 200809-14 ] BitlBee: Security bypass
  66. [ GLSA 200809-15 ] GNU ed: User-assisted execution of arbitrary code
  67. Advisory : Google Chrome Carriage Return Null Object Memory ExhaustionRemote Dos.
  68. [USN-645-1] Firefox and xulrunner vulnerabilities
  69. [USN-645-2] Firefox vulnerabilities
  70. Internet Information Service remote set password
  71. IAS Helper COM Component (iashlpr.dll) activex remote DOS
  72. Internet Information Service (adsiis.dll) activex remote DOS
  73. Cisco Security Advisory: Cisco IOS Software Layer 2 Tunneling Protocol (L2TP) Denial of Service Vulnerability
  74. Cisco Security Advisory: Vulnerability in Cisco IOS While Processing SSL Packet
  75. Cisco Security Advisory: Cisco 10000, uBR10012, uBR7200 Series Devices IPC Vulnerability
  76. Cisco Security Advisory: Cisco IOS NAT Skinny Call Control Protocol Vulnerability
  77. Cisco Security Advisory: Cisco IOS Software Firewall Application Inspection Control Vulnerability
  78. Cisco Security Advisory: Multiple Cisco IOS Session Initiation Protocol Denial of Service Vulnerabilities
  79. Cisco Security Advisory: Cisco uBR10012 Series Devices SNMP Vulnerability
  80. Cisco Security Advisory: Cisco IOS MPLS VPN May Leak Information
  81. Drupal Brilliant Gallery module SQL injection vulnerability
  82. Drupal Ajax Checklist Module SQL Injection Vulnerability
  83. [ MDVSA-2008:204 ] blender
  84. [security bulletin] HPSBOV02364 SSRT080078 rev.3 - HP OpenVMS SMGRTL Run Time Library, Local Authorized User, Gain Privileged Access
  85. php create_function commond injection vulnerability
  86. Google Docs (HTML code) Multiple Cross Site Scripting Vulnerabilities
  87. [security bulletin] HPSBST02372 SSRT080133 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-052 to MS08-055
  88. Re: php create_function commond injection vulnerability
  89. Cross Site Scripting (XSS) Vulnerabilitiy in flatpress 0.804,CVE-2008-4120
  90. adnforum <= 1.0b / Insecure Cookie Handling Vulnerability
  91. Fwd: Returned post for bugtraq@securityfocus.com
  92. [USN-645-3] Firefox and xulrunner regression
  93. SQL Injection in EasyRealtorPRO 2008
  94. [ GLSA 200809-16 ] Git: User-assisted execution of arbitrary code
  95. [ GLSA 200809-17 ] Wireshark: Multiple Denials of Service
  96. [ GLSA 200809-18 ] ClamAV: Multiple Denials of Service
  97. [ MDVSA-2008:205 ] mozilla-firefox
  98. Linksys/Cisco WRT350N 1.0.3.7 Insecure Samba Static Configuration
  99. [USN-647-1] Thunderbird vulnerabilities
  100. Estonian Cyber Security Strategy document -- now available online
  101. DATAC RealWin 2.0 SCADA Software - Remote PreaAuth Exploit
  102. The Gemini Portal <= 4.7 / Insecure Cookie Handling Vulnerability
  103. Crux Gallery <= 1.32 / Insecure Cookie Handling Vulnerability
  104. RPG.Board <= 0.0.8Beta2 Remote SQL Injection
  105. multiple vendor ftpd - Cross-site request forgery
  106. Re: [Full-disclosure] [IVIZ-08-010] McAfee SafeBoot Device Encryption Plain Text Password Disclosure (v4, Build 4750 and below)
  107. FtitzBox
  108. [ MDVSA-2008:206 ] mozilla-thunderbird
  109. xss in hackmeeting.org
  110. Novell ZENWorks for Desktops Version 6.5 Remote (Heap-Based) PoC
  111. ASP News Remote Password Disclouse Vulnerability
  112. csphonebook 1.02 Remote XSS Vulnerabilitiy
  113. PHP Calendar Script Remote XSS (Permanent) Vulnerabilities
  114. ParsaWeb CMS SQL Injection
  115. Verizon FIOS (and DSL?) wireless access point insecure default WEP key
  116. [oCERT-2008-013] MPlayer Real demuxer heap overflow
  117. Advisory: Mozilla Firefox User Interface Null Pointer DereferenceDispatcher Crash and Remote Denial of Service.
  118. Advisory : Opera Window Object Suppressing Remote Denial of Service
  119. Re: php create_function commond injection vulnerability
  120. [security bulletin] HPSBMA02373 SSRT071467 rev.1 - HP Insight Diagnostics, Remote Unauthorized Access to Files
  121. Re: Sun M-class hardware denial of service
  122. Re: Sun M-class hardware denial of service
  123. Re: Sun M-class hardware denial of service
  124. [ MDVSA-2008:207 ] openafs
  125. Re: Sun M-class hardware denial of service
  126. Re: Sun M-class hardware denial of service
  127. MS Internet Explorer 7 Denial Of Service Exploit
  128. Advisory: Google Chrome Window Object Suppressing Remote Denial ofService.
  129. [MajorSecurity Advisory #56]moziloWiki - Directory Traversal, XSSand SessionFixation Issues
  130. White Wolf Labs #080922-1: Exploitation Through ActiveSync 4.x
  131. rPSA-2008-0286-1 mono
  132. [ MDVSA-2008:208 ] pam_mount
  133. Autodesk DWF Viewer Control / LiveUpdate Module remote codeexecution exploit
  134. MySQL command-line client HTML injection vulnerability
  135. Remote File Inclusion Vulnerability
  136. International Hacking & Security Conference "POC2008"
  137. WordPress MU < 2.6 wpmu-blogs.php Crose Site Scrpting vulnerability
  138. Re: Advisory: Google Chrome Window Object Suppressing Remote Denial of Service.
  139. Re: Advisory: Google Chrome Window Object Suppressing RemoteDenial of Service.
  140. [USN-648-1] nasm vulnerability
  141. Printlog <= 0.4: Remote File Edition Vulnerability
  142. Oracle Password Cracker written in PL/SQL
  143. Remote and Local File Inclusion Vulnerability <= 1.1 Rportal
  144. phpMyID can act as a redirector and as headers injector
  145. [USN-649-1] OpenSSH vulnerabilities
  146. FreeBSD Security Advisory FreeBSD-SA-08:10.nd6
  147. Adobe Flash Player plug-in null pointer dereference and browser crash
  148. XSS vulnerability in phpMyID
  149. Layered Defense Research Advisory: Juniper Netscreen FirewallCross-Site-Scripting (XSS) event log injection
  150. Re: [MajorSecurity Advisory #53]BLUEPAGE CMS - Cross SiteScripting and Session Fixation Issues
  151. HostAdmin Cross-Site Scripting Vulnerabilities
  152. [USN-650-1] cpio vulnerability
  153. Re: RE: MySQL command-line client HTML injection vulnerability
  154. Secunia Research: Trend Micro OfficeScan Directory Traversal Vulnerability
  155. VERIFY YOUR E-MAIL ACCOUNT
  156. CMME Multiple Information disclosure vulnerabilities
  157. VMware Emulation Flaw x64 Guest Privilege Escalation (1/2)
  158. [ENABLESECURITY] Apple's Mail.app stores your S/MIME encryptedemails in clear text
  159. MetaGauge 1.0.0.17 Directory Traversal
  160. [ MDVSA-2008:209 ] pam_krb5
  161. [ MDVSA-2008:210 ] mono
  162. FastStone Image Viewer v3.6 (malformed bmp image) DoS Exploit
  163. VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 andpatches for ESX and ESXi resolve multiple security issues
  164. PHPWebExplorer <= 0.09b: Local File Inclusion Vulnerability
  165. AyeView v2.20 (malformed gif image) DoS Exploit
  166. iFoto, CSS-based GD2 photo gallery <= 1.0: Remote File Disclosure Vulnerability
  167. FOSS Gallery Admin Version <= 1.0 / Remote Arbitrary Upload Vulnerability
  168. FOSS Gallery Public Version <= 1.0 / Arbitrary file upload Vulnerabilities
  169. OpenNMS Multiple Vulnerabilities
  170. Motorola Timbuktu's Internet Locator Service real-time data exposedto public.
  171. Firefox Privacy Broken If Used to Open Web Page File
  172. HostAdmin 3.* Remote File Include Vulnerabilities
  173. Yerba SACphp <= 6.3 / Local File Inclusion Exploit
  174. [security bulletin] HPSBUX02375 SSRT080122 rev.1 - HP-UX Running NFS/ONCplus, Remote Denial of Service (DoS)
  175. [OPENX-SA-2008-002] OpenX 2.4.9 and 2.6.2 fix SQL injection vulnerability
  176. [ GLSA 200810-01 ] WordNet: Execution of arbitrary code
  177. Re: iFoto, CSS-based GD2 photo gallery <= 1.0: Remote FileDisclosure Vulnerability
  178. Re: Motorola Timbuktu's Internet Locator Service real-time dataexposed to public.
  179. ANNOUNCE - RFIDIOt version 0.1t released
  180. Re: HostAdmin 3.* Remote File Include Vulnerabilities
  181. [W02-1008] GearSoftware Powered Products Local Privilege Escalation(Microsoft Windows Kernel IopfCompleteRequest Integer Overflow)
  182. Cisco Security Advisory: Authentication Bypass in Cisco Unity
  183. Windows Mobile 6 insecure password handling and too short WLAN-password
  184. Advisory: Graphviz Buffer Overflow Code Execution
  185. Re: Motorola Timbuktu's Internet Locator Service real-time dataexposed to public.
  186. Token Kidnapping Windows 2003 PoC exploit
  187. FC2 BLOG Cross-Site Scripting Vulnerabilities
  188. [security bulletin] HPSBMA02376 SSRT080099 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Cross Site Scripting (XSS)
  189. PR08-24: Proxim Tsunami MP.11 2411 vulnerable to SNMP Injection
  190. [security bulletin] HPSBMA02362 SSRT080044, SSRT080045, SSRT080042 rev.2 - HP OpenView Network Node Manager (OV NNM), Remote Denial of Service (DoS), Execute Arbitrary Code
  191. News Manager Remote SQL Injection Vulnerability
  192. PR07-31: Unauthenticated SQL Injection, XSS on Login Page and UsernameEnumeration on DPSnet Case Progress
  193. [security bulletin] HPSBMA02374 SSRT080046 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Denial of Service (DoS)
  194. Re: Token Kidnapping Windows 2003 PoC exploit
  195. [ GLSA 200810-02 ] Portage: Untrusted search path local root vulnerability
  196. Re: Motorola Timbuktu's Internet Locator Service real-time dataexposed to public.
  197. [SECURITY] CVE-2008-3271 - Apache Tomcat information disclosure
  198. [USN-651-1] Ruby vulnerabilities
  199. [LC-2008-04] Nokia Browser Array Sort Denial Of Service Vulnerability
  200. iSEC Partners Security Advisory - 2008-002-lenovornr - LenovoRescue and Recovery 4.20
  201. [ MDVSA-2008:211 ] cups
  202. [ MDVSA-2008:210-1 ] mono
  203. NewLife Blogger <= v3.0 / Insecure Cookie Handling & SQL Injection Vulnerability
  204. CA BrightStor ARCServe BackUp Message Engine Remote Command Injection Vulnerability
  205. Uninformed Journal Release Announcement: Volume 10
  206. Marvell Driver Malformed Association Request Vulnerability
  207. CREATE ANY DIRECTORY to SYSDBA
  208. &#304;ltaweb Al&#305;&#351;veri&#351; Sistemi (tr) Sql inj
  209. Re: Re: Token Kidnapping Windows 2003 PoC exploit
  210. [RISE-2008001] Sun Solstice AdminSuite sadmind adm_build_path()Buffer Overflow Vulnerability
  211. WP Comment Remix 1.4.3 Multiple Vulnerabilities
  212. Telecom Italia Alice Pirelli routers backdoor discoverd toactivate telnet/ftp/tftp from internal LAN/WLAN.
  213. [USN-653-1] D-Bus vulnerabilities
  214. Webscene eCommerce (level) Remote Sql Injection
  215. [SECURITY] [DSA 1654-1] New libxml2 packages fix execution of arbitrary code
  216. [USN-652-1] LittleCMS vulnerability
  217. iDefense Security Advisory 10.14.08: Microsoft Host Integration Server2006 Command Execution Vulnerability
  218. How Search Engines Find Sites
  219. CORE-2008-1010: VLC media player XSPF Memory Corruption
  220. TPTI-08-07: Microsoft Windows Message Queuing Service Heap Overflowand Memory Disclosure Vulnerability
  221. iDefense Security Advisory 10.14.08: Microsoft Visual Basic for Applications- Multiple Vulnerabilities
  222. [USN-654-1] libexif vulnerabilities
  223. iDefense Security Advisory 10.14.08: Sun Java Web Proxy Server FTPResource Handling Heap-Based Buffer Overflow
  224. [USN-655-1] exiv2 vulnerabilities
  225. Vivid Ads Shopping Cart (cid) Remote SQL Injection
  226. MS OWA 2003 Redirection Vulnerability
  227. Exploit for MS08-066 - AFD.sys kernel memory overwrite.
  228. Paper: Adventures with a certain Xen vulnerability
  229. Internet Explorer 6 componentFromPoint() remote memory disclosure and remote code execution
  230. [ MDVSA-2008:212 ] libxml2
  231. Multiple Flash Authoring Heap Overflows - Malformed SWF Files
  232. [USN-656-1] CUPS vulnerabilities
  233. [ MDVSA-2008:213 ] dbus
  234. SEC Consult SA-20081016-0 :: Remote command execution in InstantExpert Analysis
  235. HACKATTACK Advisory 20081016]WEB//NEWS SQL Injection and CookieManipulation
  236. rPSA-2008-0295-1 rails
  237. rPSA-2008-0294-1 postfix
  238. [ MDVSA-2008:214 ] mon
  239. Re: Re: MS OWA 2003 Redirection Vulnerability
  240. [SECURITY] [DSA 1655-1] New Linux 2.6.24 packages fix several vulnerabilities
  241. Doubt in MySQL Quick Admin <= 1.5.5 (COOKIE) Local File InclusionVulnerability POC posted on milworm
  242. flashchat severe bug
  243. Re: Doubt in MySQL Quick Admin <= 1.5.5 (COOKIE) Local File Inclusion Vulnerability POC posted on milworm
  244. Application-level OS fingerprinting research - pre-release hashes
  245. HITBSecConf2008 - Malaysia: Online registration closes on 24th Oct
  246. [ MDVSA-2008:208-1 ] pam_mount
  247. CVE-2008-2625: Oracle DBMS – Proxy Authentication Vulnerability
  248. CVE-2008-4000: Oracle PeopleTools – Authentication Weakness
  249. Cross Site Scripting (XSS) Vulnerabilitiy in cpcommerce,CVE-2008-4121
  250. FireGPG Passphrase And Cleartext Vulnerability