- Newsphp Multiple SQL Injection Vulnerabilities
- [eVuln] Text Rider Sensitive Information Disclosure
- What A Click! [Internet Explorer]
- MyBB 1.0.2 XSS attack in search.php redirection
- Updated mozilla-thunderbird packages fix vulnerability
- Re: [OSVDB Mods] iNETstore E Commerce Solution - Cross Site Scripting
- [SECURITY] [DSA 956-1] New lsh-utils packages fix local vulnerabilities
- [security bulletin] SSRT061104 rev.1 - HP Oracle for OpenView (OfO) Critical Patch Update January 20
- [ GLSA 200601-12 ] Trac: Cross-site scripting vulnerability
- HYSA-2006-002 Phpclanwebsite 1.23.1 Multiple Vulnerabilities
- BlackWorm: 2 million infected? ISP notifications.
- SamiFTPd buffer overflow
- Cisco Security Advisory: Cisco VPN 3000 Concentrator Vulnerable to Crafted HTTP Attack
- [ISecAuditors Advisories] Arbitrary flash code remote execution in
- [HSC] Multiple transversal bug in vis
- [eVuln] AndoNET Blog SQL Injection Vulnerability
- Windows mem leakage
- [eVuln] "my little homepage" products [link] BBCode XSS Vulnerability
- [SECURITY] [DSA 957-1] New ImageMagick packages fix arbitrary command execution
- Urgent Alert: Possible BlackWorm DDay February 3rd (Snort signatures
- [SECURITY] [DSA 950-1] New CUPS packages fix arbitrary code execution
- [ Rosiello Security ] Eterm-LibAST Advisory
- iDefense Security Advisory 01.23.06: Computer Associates iTechnology
- [ MDKSA-2006:022 ] - Updated perl-Convert-UUlib packages fix vulnerability
- Re: [Full-disclosure] Urgent Alert: Possible BlackWorm DDay February 3rd (Snort signatures included)
- BitComet URI Proof of Concept
- [SECURITY] [DSA 952-1] New libapache-auth-ldap packages fix arbitrary code execution
- hello
- [ MDKSA-2006:023 ] - Updated perl-Net_SSLeay packages fix vulnerability
- [ MDKSA-2006:025 ] - Updated net-snmp packages fix vulnerabilities
- [Argeniss] Oracle Database Buffer overflows vulnerabilities in public procedures of XDB.DBMS_XMLSCHE
- [SECURITY] [DSA 958-1] New drupal packages fix several vulnerabilities
- Re: [security] What A Click! [Internet Explorer]
- CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability [v1.1]
- Shareaza P2P Remote Vulnerability
- [ MDKSA-2006:024 ] - Updated ImageMagick packages fix vulnerabilities
- Azbb v1.1.00 Cross-Site Scripting
- The WorldsEnd.NET - Free Ping Script, written in PHP (2 vulns)
- Ege Internet Web Desing Remote Command Exucetion
- Multiple vulnerabilities in CommuniGate Pro Server
- LibAST 0.7 Release Fixes Security Vulnerability
- [CORRECTIONS AND ADDITIONS ]Azbb v1.1.00 Cross-Site Scripting
- [USN-246-1] imagemagick vulnerabilities
- BlackWorm naming confusing [CME entry now available]
- [eVuln] Pixelpost Photoblog XSS Vulnerability
- [FLSA-2006:152845] Updated perl packages fix security issues
- BlackWorm technical information
- CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability
- [ GLSA 200601-13 ] Gallery: Cross-site scripting vulnerability
- [SECURITY] [DSA 951-1] New trac packages fix SQL injection and cross-site scripting
- zbattle.net
- Cross Site Cooking
- [ GLSA 200601-14 ] LibAST: Privilege escalation
- UebiMiau Webmail System Security Vulnerability
- [ GLSA 200601-15 ] Paros: Default administrator password
- TSLSA-2006-0004 - multi
- [SECURITY] [DSA 951-2] New trac packages fix SQL injection and cross-site scripting
- [xpl#2] MiniNuke 1.8.2 - change member's passwrod < Perl >
- Re: [Full-disclosure] [ GLSA 200601-15 ] Paros: Default administrator password
- Arescom NetDSL-1000 DoS atack source
- Winamp 5.12 - 0day exploit - code execution through playlist
- EasyCMS vulnerable to XSS injection.
- sPaiz-Nuke Cross-Site Scripting Vulnerability
- MyBB 1.2 usercp2.php [ $url ] CrossSiteScripting ( XSS )
- Nuked-klaN Cross-Site Scripting Vulnerability
- Re: Airscanner Mobile Security Advisory: Remote Hard Reset Data
- gnome evolution mail client inline text file DoS issue
- BlackWorm: statistics and numbers
- XSS flaw in MG2 Image Gallery (v.0.5.1)
- MyBB 1.2 Local File Incusion
- [SECURITY] [DSA 959-1] New unalz packages fix arbitrary code execution
- CME-24 (BlackWorm) Users' FAQ
- Etomite CMS "Backdoored"
- [ MDKSA-2006:026 ] - Updated bzip2 packages fix bzgrep vulnerabilities
- New worm crawling trough blogs?!
- [ MDKSA-2006:027 ] - Updated gzip packages fix zgrep vulnerabilities
- [ GLSA 200601-16 ] MyDNS: Denial of Service
- [ GLSA 200601-17 ] Xpdf, Poppler, GPdf, libextractor, pdftohtml: Heap overflows
- Etomite followup information
- BrowserCRM vulnerable for XSS
- Cerberus Helpdesk vulnerable to XSS
- Re: Re: Winamp 5.12 - 0day exploit - code execution through
- Proof of concept for CommuniGate Pro Server vulnerability
- MyCO multiple vulnerabilities
- [SECURITY] [DSA 957-2] New ImageMagick packages fix arbitrary command execution
- [SECURITY] [DSA 960-1] New libmail-audit-perl packages fix insecure temporary file use
- FarsiNews 2.1 PHP Remote File Inclusion
- Nmap 4.00 Released
- Xmame 0.102 local vulnerability proof-of-concept
- [SECURITY] [DSA 960-2] New libmail-audit-perl packages fix insecure temporary file use
- Windows Access Control Demystified
- [eVuln] Calendarix SQL Injection & Authorization Bypass
- Blackboard Authentication Error
- [eVuln] SZUserMgnt Authentication Bypass
- ZRCSA-200601: SPIP - Multiple Vulnerabilities
- [SECURITY] [DSA 961-1] New pdfkit.framework packages fix arbitrary code execution
- [SECURITY] [DSA 962-1] New pdftohtml packages fix arbitrary code execution
- [security bulletin] SSRT051007 rev.1 - HP Tru64 UNIX Running DNS BIND Remote Unauthorized Privileged
- DISIT - OPEN SOURCE DISASSEMBLER ENGINE
- Verified evasion in Snort
- iDefense Security Advisory 02.01.06: Winamp m3u/pls .WMA Extension
- RE: Buffer Overflow /Font on mIRC
- iDefense Security Advisory 02.01.06: Winamp m3u Parsing Stack Overflow
- FreeBSD Security Advisory FreeBSD-SA-06:08.sack
- Fcrontab - memory corruption on heap.
- Daffodil CRM - vulnerable to SQL-injection.
- [ MDKSA-2006:028 ] - Updated php packages fix XSS and response splitting vulnerabilities
- [SECURITY] [DSA 963-1] New mydns packages fix denial of service
- Black Hat USA CFP opens, Europe early bird reminder, Federal
- SoftMaker Shop is vulnerable to XSS
- security contact @lycos.com
- CAID 33581 - CA Message Queuing Denial of Service Vulnerabilities
- The History of the Oracle PLSQL Gateway Flaw
- More on the workaround for the unpatched Oracle PLSQL Gateway flaw
- [ MDKSA-2006:030 ] - Updated poppler packages fixes heap-based buffer overflow vulnerability
- [SLAB] NetBSD / OpenBSD kernfs_xread patch evasion
- [ MDKSA-2006:031 ] - Updated kdegraphics packages fixes heap-based buffer overflow vulnerability
- [ MDKSA-2006:032 ] - Updated xpdf packages fixes heap-based buffer overflow vulnerability
- [ MDKSA-2006:029 ] - Updated libast packages fixes buffer overflow vulnerability
- [ MDKSA-2006:033 ] - Updated OpenOffice.org packages fix issue with disabled hyperlinks
- [KDE Security Advisory] kpdf/xpdf heap based buffer overflow
- Trend Micro ServerProtect version 5.58 can be easily circumvented via the mechanism that limits how
- IronMail-5.0.1-Denial of-Service-Protection-Lets-Remote-Users-Deny-Service
- Neomail Cross Site Scripting Vulnerability
- cPanel Multiple Cross Site Scripting Vulnerability
- [SECURITY] [DSA 964-1] New gnocatan packages fix denial of service
- Exchangepop3 rcpt buffer overflow vulnerability
- AOL Instant Messenger Version 5.9.3861 Local Buffer Overrun
- Database Manager Default pass
- Re: Trend Micro ServerProtect version 5.58 can be easily circumvented via the mechanism that limits
- Blacklist defenses as a breeding ground for vulnerability variants
- Outblaze Cross Site Scripting Vulnerability
- Re: Trend Micro ServerProtect version 5.58 can be easily circumvented
- Re: AOL Instant Messenger Version 5.9.3861 Local Buffer Overrun Vulnerability
- [eVuln] MyQuiz Arbitrary Command Execution Vulnerability
- Bug for libs in php link directory 2.0
- CyberShop Ultimate E-commerce Script Cross Site Scripting
- Internet Explorer remotely exploitable vulnerability in JScript's
- LoudBlog <= 0.4 arbitrary remote inclusion
- sql injection in ASP Survey
- [KAPDA::#26] - MyTopix Sql Injection & Path Disclosure
- PluggedOut Blog SQL injection and XSS
- VSR Advisory: IBM Tivoli Access Manager - Web Server Plug-in File
- [eVuln] Vanilla Guestbook Multiple XSS & SQL Injection
- mwcollect Alliance Launch
- cleartext passwords get into log files
- ProtoVer LDAP vs CommuniGate Pro 5.0.7
- SECURITY.NNOV: The Bat! 2.x message headers spoofing
- [ GLSA 200602-02 ] ADOdb: PostgresSQL command injection
- [ GLSA 200602-03 ] Apache: Multiple vulnerabilities
- [ Secuobs - Advisory ] Bluetooth : DoS on hcidump 1.29 + PoC
- [ Secuobs - Tools release ] BSS (Bluetooth Stack Smasher) fuzzer
- CAIDA analysis on CME-24/BlackWorm
- cPanel 10 handle.html XSS Vulnerability
- Easily exploitable Pseudo Random Number generator in phpbb
- mailback script exploit
- Vulnerabilities in vBulltin(3.0.7 - 3.5.3) and IPB(2.0.0 - 2.1.4).
- [ GLSA 200602-01 ] GStreamer FFmpeg plugin: Heap-based buffer overflow
- DarkStarlings.com XSS Vulnerability
- (OLD) Eudora WorldMail 3.0 Windows 2000 Remote System Exploit
- [SECURITY] [DSA 965-1] New ipsec-tools packages fix denial of service
- RE: Trend Micro ServerProtect version 5.58 can be easily circumvented via the mechanism that limits
- Announcement: Domain Contamination By Amit Klein
- [xfocus-SD-060206]BCB compiler incorrect deal sizeof operator vulnerability
- [ Secuobs - Advisory ] Bluetooth : DoS on Sony/Ericsson cell phones
- PeopleSoft (Oracle) PSCipher Encryption Weakness
- [ MDKSA-2006:034 ] - Updated openssh packages fix vulnerability
- MyQuiz Arbitrary Command Execution Exploit (perl)
- High Risk Vulnerability in Lexmark Printer Sharing Service
- Re: [xfocus-SD-060206]BCB compiler incorrect deal sizeof operator
- crypt_blowfish 1.0
- [ MDKSA-2006:035 ] - Updated php packages fix vulnerability
- eyeOS <= 0.8.9 Remote Code Execution
- Re: Vulnerabilities in vBulltin(3.0.7 - 3.5.3) and IPB(2.0.0 -
- [myimei]MyBB 1.0.2 XSS attack in search.php
- [myimei]MyBB1.0.3~moderation.php~SqlInject while merging posts
- [ MDKSA-2006:037 ] - Updated mozilla-firefox packages to address DoS vulnerability
- iDefense Security Advisory 02.07.06: QNX Neutrino RTOS fontsleuth
- iDefense Security Advisory 02.07.06: QNX Neutrino RTOS su Command
- iDefense Security Advisory 02.07.06: QNX RTOS 6.3.0 Local Denial
- iDefense Security Advisory 02.07.06: QNX Neutrino RTOS phfont Race
- iDefense Security Advisory 02.07.06: QNX Neutrino RTOS libph PHOTON_PATH
- Whomp Real Estate Manager XP 2005 Sql Injection
- iDefense Security Advisory 02.07.06: QNX Neutrino RTOS libAp ABLPATH
- iDefense Security Advisory 02.07.06: QNX Neutrino RTOS phgrafx Command
- iDefense Security Advisory 02.07.06: QNX Neutrino RTOS crttrap Arbitrary
- [eVuln] PHP iCalendar File Inclusion Vulnerability
- WiredRed EPOP XSS Vulnerability
- [ MDKSA-2006:036 ] - Updated mozilla packages to address DoS vulnerability
- iDefense Security Advisory 02.07.06: QNX Neutrino RTOS passwd Command
- iDefense Security Advisory 02.07.06: QNX RTOS 6.3.0 rc.local Insecure
- CPGNuke Dragonfly 9.0.6.1 remote commands execution through
- [ MDKSA-2006:038 ] - Updated groff packages fix temporary file vulnerabilities
- John the Ripper 1.7; pam_passwdqc 1.0+; tcb 1.0; phpass 0.0
- ProtoVer SSL: GnuTLS
- [SECURITY] [DSA 966-1] New adzapper packages fix denial of service
- [ECHO_ADV_27$2006] Indexu <= 5.0.1 Remote File Inclusion
- [security bulletin] SSRT051007 rev.2 - HP Tru64 UNIX Running DNS BIND4/BIND8 with Forwarders: Remote
- What can a Remote Vulnerability Scanner do in Future?
- Fwd: Trend Micro ServerProtect version 5.58 can be easily circumvented via the mechanism that limits
- Secunia Research: IBM Lotus Domino iNotes Client Script Insertion
- [security bulletin] SSRT051102 rev.1 - HP HTTP Server Running on Windows, Forced Use of Weaker Secur
- Secunia Research: Lotus Notes ZIP File Handling Buffer Overflow
- ProtoVer Sample LDAP testsuite release
- Secunia Research: Lotus Notes TAR Reader File Extraction Buffer
- CPAINT AJAX Library Cross Site Scripting
- iDEFENSE Security Advisory 02.10.06: IBM Lotus Domino Server LDAP
- [eVuln] Unknown Domain Shoutbox multiple XSS & SQL Injection
- [ Secuobs - Advisory ] Bluetooth : DoS on Nokia cell phones
- LayerOne 2006 - Event Update and Announcement
- Secunia Research: Lotus Notes UUE File Handling Buffer Overflow
- [SECURITY] [DSA 967-1] New elog packages fix arbitrary code execution
- TSLSA-2006-0006 - multi
- runCMS <= 1.3a2 possible remote code execution through the
- Secunia Research: Lotus Notes HTML Speed Reader Link Buffer
- [eVuln] GuestBookHost Authentication Bypass
- FarsiNews 2.5 Multiple Vulnerabilities
- Secunia Research: Lotus Notes Multiple Archive Handling Directory
- SUSE Security Announcement:
- [security bulletin] SSRT061108 rev.2 - HP Systems Insight Manager Remote Unauthorized Access - Direc
- Linpha <= 1.0 multiple arbitrary local inclusion
- HiveMail <= 1.3 Multiple Vulnerabilities
- Corrupt Word file may cause buffer overflow in the Blackberry
- [eVuln] phpht Topsites Multiple Vulnerabilities
- [eVuln] phphg Guestbook Multiple Vulnerabilities
- [USN-247-1] Heimdal vulnerability
- imageVue16.1 upload vulnerability
- RS-2006-1: Multiple flaws in VHCS 2.x
- DocMGR <= 0.54.2 arbitrary remote inclusion
- [ GLSA 200602-04 ] Xpdf, Poppler: Heap overflow
- DB_eSession deleteSession() SQL injection
- [eVuln] phphd Multiple Vulnerabilities
- [eVuln] Clever Copy 'Referer' & 'X-Forwarded-For' XSS Vulnerabilities
- Re: Zen-Cart <= 1.2.6d blind SQL injection / remote commands
- [eVuln] phpstatus Authentication Bypass
- Invision Power Board Army System Mod <= 2.1 SQL Injection Exploit
- [ GLSA 200602-05 ] KPdf: Heap based overflow
- Everyone's loginName variable Cross Site Scripting Vulnerability
- [SECURITY] [DSA 968-1] New noweb packages fix insecure temporary file creation
- Folder Guard password protection bypass
- Latest wu-ftpd exploit :-s
- Bypass Fortinet anti-virus using FTP
- URL filter bypass in Fortinet
- [SECURITY] [DSA 969-1] New scponly packages fix potential root vulnerability
- Internet Explorer drag&drop 0day
- Re: [Full-disclosure] Internet Explorer drag&drop 0day
- Siteframe Beaumont 5.0.1a <== Cross-Site Scripting Vulnerability
- XSS vulnerability in guestbook-php-script
- New winamp m3u/pls .WMA & .M3U Extension overflows
- EGS Enterprise Groupware System 1.0 rc4 remote commands execution