Bekijk Volledige Versie : Bugtraq mailing lijst
- [ GLSA 200704-03 ] OpenAFS: Privilege escalation
- Three New Papers on Oracle Forensics
- rPSA-2007-0063-1 krb5 krb5-server krb5-services krb5-test
- CYBSEC Pre-Advisory: SAP TRUSTED_SYSTEM_SECURITY RFC Function Information
- iDefense Security Advisory 04.03.07: Multiple Vendor X Server XC-MISC
- CYBSEC Security Pre-Advisory: SAP RFC_START_PROGRAM RFC Function
- lite-cms-0.2.1 Remote File Include Vulnerabilities
- CYBSEC Security Pre-Advisory: SAP RFC_START_GUI RFC Function Buffer
- CYBSEC Security Pre-Advisory: SAP SYSTEM_CREATE_INSTANCE RFC Function
- [USN-449-1] krb5 vulnerabilities
- CYBSEC Security Pre-Advisory: SAP RFC_SET_REG_SERVER_PROPERTY RFC
- rPSA-2007-0064-1 ImageMagick
- CYBSEC Release: SAP Security - Paper & Tool release
- [ MDKSA-2007:074 ] - Updated qt3 packages to address utf8 decoder bug
- [MajorSecurity Advisory #38]eXV2 CMS - Session fixation and
- Remot File Include In phpexplorator_2_0
- [USN-448-1] X.org vulnerabilities
- iXon_CMS 0.30 Remote File Include Vulnerabilities
- rPSA-2007-0067-1 nas
- K-CMS v1.0 Remote File Include Vulnerabilities
- rPSA-2007-0066-1 kdelibs qt-x11-free
- Monkey CMS v0.0.3 Remote File Include Vulnerabilitiy
- phpechocms v.2 Cross-Site Scripting Vulnerabilitiy
- iDefense Security Advisory 04.03.07: Multiple Vendor X Server BDF
- phpechocms2 Remote File Include Vulnerabilities
- rPSA-2007-0065-1 freetype xorg-x11 xorg-x11-fonts xorg-x11-tools
- MyBlog: PHP and MySQL Blog/CMS software Cross-Site Scripting
- [ MDKSA-2007:076 ] - Updated kdelibs packages to address UTF8 issue in KJS
- Mozilla Firefox Insecure Element Stealth Injection Vulnerability
- rPSA-2007-0062-1 firefox
- Re: Denial of Service Vulnerabilities in TrueCrypt 4.3 Linux (re.
- High Risk Vulnerability in OpenOffice
- Several Windows image viewers vulnerabilities
- Re: More information on ZERT patch for ANI 0day
- Re: More information on ZERT patch for ANI 0day
- Re: More information on ZERT patch for ANI 0day
- [SECURITY] [DSA 1277-1] New XMMS packages fix arbitrary code execution
- Gazi Okul Sitesi 2007(tr)(fotokategori.asp) Remote SQL Injection
- [ MDKSA-2007:077 ] - Updated krb5 packages fix vulnerabilities
- Firefox extensions go Evil - Critical Vulnerabilities in Firefox/Firebug
- VMSA-2007-0003 VMware ESX 3.0.1 and 3.0.0 server security updates
- [ MDKSA-2007:078 ] - Updated kernel packages fix multiple vulnerabilities and bugs
- MyBlog: PHP and MySQL Blog/CMS software Remote File Include
- LedgerSMB 1.2.0 finally released, fixes CVE-2006-5589
- [ MDKSA-2007:080 ] - Updated tightvnc packages fix integer overflow vulnerabilities
- [ MDKSA-2007:081 ] - Updated freetype2 packages fix vulnerability
- iDefense Security Advisory 04.04.07: Kaspersky AntiVirus SysInfo
- iDefense Security Advisory 04.04.07: Kaspersky Internet Security
- Microsoft .NET request filtering bypass vulnerability (BID 20753)
- iDefense Security Advisory 04.04.07: ESRI ArcSDE Buffer Overflow
- FLEA-2007-0008-1: krb5
- FLEA-2007-0009-1: xorg-x11 freetype
- Wserve HTTP Server 4.6 Version (Long Directory Name) Buffer
- FLEA-2007-0010-1: evolution
- [security bulletin] HPSBUX02204 SSRT071341 rev.1 - HP-UX Running CIFS Server (Samba), Remote Denial of Service (DoS)
- Re: Firefox extensions go Evil - Critical Vulnerabilities in Firefox/Firebug
- ACLS ineffective in SQL-Ledger and LedgerSMB
- Re: Nine Vista CVEs, including Microsoft inaccurate Teredo use
- ZDI-07-014: Kaspersky Anti-Virus ActiveX Control Unsafe Method Exposure
- phpContact Multiple Remote File Inclusion Vulnerabilities
- [MajorSecurity Advisory #39]onelook onebyone CMS - Session
- ZDI-07-013: Kaspersky AntiVirus Engine ARJ Archive Parsing Heap Overflow
- [MajorSecurity Advisory #40]onelook oboShop - Session fixation Issue
- [MajorSecurity Advisory #41]onelook courts online - Session
- livor 2.5 Cross-Site Scripting Vulnerability
- AOL Nullsoft Winamp LIBSNDFILE.DLL Remote Memory Corruption (Off
- AOL Nullsoft Winamp S3M Module "IN_MOD.DLL" Remote Heap Memory Corruption
- AOL Nullsoft Winamp IT Module "IN_MOD.DLL" Remote Heap Memory Corruption
- [SECURITY] [DSA 1278-1] New man-db packages fix arbitrary code execution
- LayerOne 2007 - Speaker Line up Announced
- [ GLSA 200704-06 ] Evince: Stack overflow in included gv code
- [ GLSA 200704-07 ] libwpd: Multiple vulnerabilities
- PHP <= 5.2.1 wbmp file handling integer overflow
- [MajorSecurity Advisory #42]webblizzard CMS - Cross Site
- Re: Nine Vista CVEs, including Microsoft inaccurate Teredo use case documentation
- CmailServer WebMail <= V.5.3.4 (signup) Remote XSS Exploit
- witshare 0.9 Remote File Include Vulnerabilitiy
- UBB.threads (<= 6.1.1) SQL Injection Vulnerability
- Scorp Book <== v1.0 (smilies.php) Remote File Include Exploit
- Take Control In Script Jeebles Directory
- phpMyAdmin 2.6.1 Local Cross Site Scripting
- Remot File Include In Script Lore v1
- DeskPRO v2.0.1 - Cross-Site Scripting Vulnerability
- Gsylvain35 Portail Web Remote File Include Vulnerabilities
- Request It : Song Request System 1.0b - remote file inclusion
- QuizShock 1.6.1 - Cross-Site Scripting Vulnerability
- Mybb Hot Editor Plugin Local File Inclusion
- Hot Editor v4.0 Local File Inclusion
- Re: Mybb Hot Editor Plugin Local File Inclusion
- xodagallery Remote Code Execution Vulnerability
- rPSA-2007-0070-1 openoffice.org
- Re: Re: Mybb Hot Editor Plugin Local File Inclusion
- iDefense Security Advisory 04.09.07: AOL AIM and ICQ File Transfer
- [USN-450-1] ipsec-tools vulnerability
- phpGalleryScript 1.0 - File Inclusion Vulnerabilities
- DEF CON One Five CfP in effect!
- EEYE: Windows VDM Zero Page Race Condition Privilege Escalation
- EEYE: Windows Vista CSRSS Dangling Process Pointer Privilege Escalation
- PhpOpenChat <= 3.0.1 (poc.php) Multiple Remote File Include
- Secunia Research: Microsoft Agent URL Parsing Memory Corruption
- iDefense Security Advisory 04.10.07: Microsoft Windows Universal
- [ MDKSA-2007:077-1 ] - Updated krb5 packages fix vulnerabilities
- Re: vbulletin admincp sql injection
- [ MDKSA-2007:081-1 ] - Updated freetype2 packages fix vulnerability
- [USN-451-1] Linux kernel vulnerabilities
- webMethods Glue Management Console Directory Traversal
- [ MDKSA-2007:080-1 ] - Updated tightvnc packages fix integer overflow vulnerabilities
- nEw Bug :D
- New bug :)
- pL-PHP beta 0.9 - Multiple Vulnerabilities
- [MajorSecurity Advisory #43]Calacode ATMail 5.0 - Cross Site
- CodeBreak (codebreak.php process_method) - Remote File Inclusion
- Cosign SSO Authentication Bypass
- Re: On-going Internet Emergency and Domain Names
- Re: Latinchat Denial Of Service
- PunBB <= 1.2.14 Remote Code Execution (Exploit)
- PunBB <= 1.2.14 Multiple Vulnerabilities (Advisory)
- Steganos Encrypted Safe NOT so safe
- [ MDKSA-2007:079-1 ] - Updated xorg-x11/XFree86 packages fix integer overflow vulnerabilities
- [ MDKSA-2007:083 ] - Updated apache-mod_perl packages fix DoS vulnerability
- [ MDKSA-2007:075-1 ] - Updated qt4 packages to address utf8 decoder bug
- iDefense Security Advisory 04.11.07: Apache HTTPD suEXEC Multiple
- [ MDKSA-2007:082 ] - Updated madwifi-source, wpa_supplicant packages fix vulnerabilities
- libpng compilation issue
- E107 - (v0.7.8) Access Escalation Vulnerbility - PoC
- HPSBUX02205 SSRT061120 rev.1 - HP-UX Running ARPA Transport, Local Denial of Service (DoS)
- CVE-2007-1871: Cross site scripting in chcounter 3.1.3
- INFIGO-2007-04-05: Enterprise Security Analyzer server remote
- CVE-2007-1872: Cross site scripting in toendaCMS 1.5.3
- Critical phpwiki c99shell exploit
- [security bulletin] HPSBST02206 SSRT071354 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS07-014
- [security bulletin] HPSBUX01137 SSRT5954 rev.9 - HP-UX Running TCP/IP (IPv4), Remote Denial of Service (DoS)
- Cisco Security Advisory: Multiple Vulnerabilities in the Cisco Wireless LAN Controller and Cisco Lightweight Access Points
- [ GLSA 200704-08 ] DokuWiki: Cross-site scripting vulnerability
- Cisco Security Advisory: Multiple Vulnerabilities in the Cisco Wireless Control System
- [security bulletin] HPSBGN02199 SSRT071312 rev.1 - Mercury Quality Center ActiveX, Remote Unauthorized Arbitrary Code Execution
- Re: Critical phpwiki c99shell exploit
- Cross site scripting in mephisto 0.7.3
- [security bulletin] HPSBUX02203 SSRT071339 rev.1 - HP-UX Running Portable File System (PFS), Remote Increase in Privilege
- TuMusika Evolution 1.6 Cross Site Scripting Vulnerabilitiy
- phpwebnews v.1 Multiple Cross Site Scripting Vulnerabilites
- Chatness <= 2.5.3 - Arbitrary Code Execution
- Re: Cross site scripting in mephisto 0.7.3
- RE: Critical phpwiki c99shell exploit
- FAC GuestBook v2.0 remote database disclosure vulnerability
- Aircrack-ng (airodump-ng) remote buffer overflow vulnerability
- iDefense Security Advisory 04.12.07: Hewlett Packard HP-UX Remote
- [USN-452-1] KDE library vulnerability
- [Argeniss] Hacking Databases for owning your data (paper)
- [OPENADS-SA-2007-003] Openads 2.0.11 vulnerability fixed
- [OPENADS-SA-2007-004] Max Media Manager v0.1.29-rc and v0.3.31-alpha-pr2
- [MajorSecurity Advisory #44]MailBee WebMail Pro - Cross Site
- [waraxe-2007-SA#048] - Multiple vulnerabilities in Virtual War
- TSRT-07-04: LANDesk Management Suite Alert Service Stack Overflow
- Vbulletin 3.6.5 Sql Injection ! [misc.php]
- bloofoxCMS 0.2.2 Cross Site Scripting
- Re: Vbulletin 3.6.5 Sql Injection ! [misc.php]
- VCDGear <= 3.56 Build 050213 (FILE) Local Code Execution Exploit
- Re: Steganos Encrypted Safe NOT so safe
- Back-End CMS Database Tables v0.4.7 Cross Site Scripting
- MobilePublisherphp v1.1.2 Remote File Include Vulnerabilities
- FloweRS v2.0 Cross Site Scripting
- Maian Search v1.1
- Maian Gallery v1.0
- B2evolution 1.6 RFi
- MySpeach v1.9
- Back-End CMS Database Tables v0.4.7 Remote File Include
- Flip-search-add-on 2.0
- Maian Weblog v3.1
- bloofoxCMS 0.2.2 Remote File Include Vulnerabilitiy
- phpMyChat-0.14.5
- Re: VCDGear <= 3.56 Build 050213 (FILE) Local Code Execution Exploit
- Pixaria Gallery 1.0 (class.Smarty.php) Remote File Include
- Re: sitex multiple vulnerabilities
- Re: Maian Gallery v1.0
- Re: Maian Search v1.1
- Sitebar 3.3.5 (index.php writerFile)Remote File Include Vulnerabilities
- [ GLSA 200704-09 ] xine-lib: Heap-based buffer overflow
- Re: [exploits] RPC vuln in DNS Server (fwd)
- LS simple guestbook - arbitrary code execution
- Joomla/Mambo Jambook v1.0 beta7 Rfi Vuln.
- [MajorSecurity Advisory #45]oe2edit CMS - Cross Site Scripting
- ZoneAlarm Multiple insufficient argument validation of hooked SSDT
- ActionPoll Script (actionpoll.php) Remote File Include //
- MyBlog <= 0.9.8 Remote Command Execution Exploit
- Re: phpMyChat-0.14.5
- Microsoft DNS Server Remote Code execution: Analysis and exploit
- Windows DNS Cache Poisoning by Forwarder DNS Spoofing
- Re: Critical phpwiki c99shell exploit
- [ GLSA 200704-10 ] Inkscape: Two format string vulnerabilities
- Persistent CSRF and The Hotlink Hell
- iDefense Security Advisory 04.16.07: ClamAV CAB File Unstore Buffer
- Ivan Gallery Script V.0.1 (index.php) Remote File Include Exploit
- [ GLSA 200704-11 ] Vixie Cron: Denial of Service
- rPSA-2007-0071-1 kernel
- Akamai Technologies Security Advisory 2007-0001
- [ MDKSA-2007:086 ] - Updated cups packages fix DoS vulnerability
- [ MDKSA-2007:084 ] - Updated ipsec-tools packages fix DoS vulnerability
- [ MDKSA-2007:085 ] - Updated freeradius packages fix DoS vulnerability
- [ GLSA 200704-12 ] OpenOffice.org: Multiple vulnerabilities
- iDefense Security Advisory 04.16.07: Akamai Download Manager ActiveX
- Netsprint Toolbar 1.1 arbitrary remote code vulnerability
- PHP Nuke <= 8.0.0.3.3b SQL Injections and Bypass SQL Injection
- Remot File Include In Script phphd_downloads
- Remot File Include download_engine_V1.4.3
- Wabbit PHP Gallery v0.9 Cross Site Scripting
- my little weblog Cross Site Scripting
- my little forum 1.7 Remote File Include Vulnerabilitiy
- Re: [Full-disclosure] [WEB SECURITY] Persistent CSRF and The Hotlink
- RE: Windows DNS Cache Poisoning by Forwarder DNS Spoofing
- Re: [WEB SECURITY] Persistent CSRF and The Hotlink Hell
- Re: Netsprint Toolbar 1.1 arbitrary remote code vulnerability
- webMethods Security Advisory: Glue console directory traversal vu
- RE: Windows DNS Cache Poisoning by Forwarder DNS Spoofing
- Re: bloofoxCMS 0.2.2 Remote File Include Vulnerabilitiy
- Internet Explorer Crash
- [security bulletin] HPSBTU02207 SSRT061213, SSRT061239, SSRT071304 rev.1 - HP Tru64 UNIX SSL and BIND Remote Arbitrary Code Execution or Denial of Service (DoS)
- Multiple Ask IE Toolbar denial of service vulnerabilities
- Re[2]: Windows DNS Cache Poisoning by Forwarder DNS Spoofing
- Gizzar <= (basePath) Remote File Include Vulnerability
- BlueArc Firmware 4.2.944b FTP bounce
- SYMSA-2007-003 Macrovision InstallAnywhere Password and Serial
- Re: Internet Explorer Crash
- Re: [Full-disclosure] Cross Domain XMLHttpRequest
- ShoutPro 1.5.2 - arbitrary code execution
- Re: Internet Explorer Crash
- WASC-Articles: 'The Importance of Application Classification in Secure Application Development'
- Re: [Full-disclosure] A Botted Fortune 500 a Day
- n.runs-SA-2007.007 - Sun Solaris 10 - Format string vulnerability
- Re: [Full-disclosure] A Botted Fortune 500 a Day
- Re: [Full-disclosure] A Botted Fortune 500 a Day
- Re: [Full-disclosure] A Botted Fortune 500 a Day
- Re: Windows DNS Cache Poisoning by Forwarder DNS Spoofing
- Re: [Full-disclosure] A Botted Fortune 500 a Day
- Cross Domain XMLHttpRequest
- Mambo/Joomla Component New Article Component RFI
- Re: Windows DNS Cache Poisoning by Forwarder DNS Spoofing
- [ GLSA 200704-14 ] FreeRADIUS: Denial of Service
- NukeSentinel Bypass SQL Injection & Nuke Evolution <= 2.0.3 SQL
- Advisory: Bypass Oracle Logon Trigger
- Re: Internet Explorer Crash
- Advisory: SQL Injection in package SYS.DBMS_AQADM_SYS
- iDefense Security Advisory 04.17.07: McAfee VirusScan On-Access Scanner
- Advisory: SQL Injection in package SYS.DBMS_UPGRADE_INTERNAL
- Advisory: XSS Vulnerability in Oracle Secure Enterprise Search
- Reminder: HITBSecConf2007 - Malaysia: Call for Papers closing in
- Advisory: Shutdown unprotected Oracle TNS Listener via Oracle
- Analysis of the Oracle April 2007 Critical Patch Update
- iDefense Security Advisory 04.17.07: McAfee E-Business Admin Server
- rPSA-2007-0072-1 lighttpd