Bekijk Volledige Versie : Bugtraq mailing lijst
- fetchmail REVISED security announcement fetchmail-SA-2008-01(CVE-2008-2711)
- [ MDVSA-2008:122 ] - Updated clamav packages fix vulnerability
- [ GLSA 200806-11 ] IBM JDK/JRE: Multiple vulnerabilities
- [BMSA 2008-07] Format string vulnerability in 5th street
- ERRATA - n.runs-SA-2008.001 - Jscape Secure FTP Applet
- Cisco Security Advisory: Cisco Unified Communications Manager Denial of Service and Authentication Bypass Vulnerabilities
- [ECHO_ADV_99$2008] Relative Real Estate Systems <= 3.0(listing_id) Sql Injection Vulnerability
- [ MDVSA-2008:123 ] - Updated imlib2 packages fix vulnerabilities
- Re: IdeBox (include) Remote File Inclusion Vulnerability
- Multiple vulnerabilities in TietoEnator's Procapita schooladministration system, at least version "842 Procapita 840SP1"
- The Rat CMS (SQL/XSS) Multiple Remote Vulnerabilities
- Pidgin 2.4.1 Vulnerability
- Evolution Vulnerability
- Rhythmbox Vulnerability
- Re: Rhythmbox Vulnerability
- [SCANIT-2008-002] Wordtrans-web Remote Command ExecutionVulnerability
- [SCANIT-2008-003] Wordtrans-web Remote Command ExecutionVulnerability
- CFP 25C3 - The 25th Chaos Communication Congress 2008
- [SCANIT-2008-001] QNX phgrafx Privilege Escalation Vulnerability
- [ GLSA 200807-01 ] Python: Multiple integer overflows
- [security bulletin] HPSBMA02345 SSRT080039 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Cross Site Scripting (XSS)
- [ GLSA 200807-02 ] Motion: Execution of arbitrary code
- New Paper: More than 600 million users surf at high risk
- Vuln name: Ruby rb_ary_fill() DOS
- Deepsec Talks 2007 are online - registration for 2008 is open
- [tool] ratproxy - passive web application security assessment tool
- ISEC 2008(Information Security Conference) Guide
- Secunia Research: VLC Media Player WAV Processing Integer Overflow
- Release of Pass-The-Hash Toolkit v1.4
- Re: Vivvo Cms 4.0 Csrf Bug (Change Profile Information)
- Vivvo Cms 4.0 Csrf Bug (Change Profile Information) By S_e_YM_e_N
- wordpressplugins.eu
- Re: Multiple vulnerabilities in TietoEnator's Procapita schooladministration system, at least version
- ezmlm warning
- [ GLSA 200807-05 ] OpenOffice.org: User-assisted execution of arbitrarycode
- [ MDVSA-2008:139 ] - Updated BIND packages fix critical DNSvulnerability
- Context IS Advisory - MS08-39 OWA XSS
- [ MDVSA-2008:142 ] - Updated ruby packages fix vulnerabilities
- Nessus plugins for recent MS Bulletins
- Re: Microsoft DNS patch KB951748 incompatible with Zonealarm FIXED
- [ GLSA 200807-07 ] NX: User-assisted execution of arbitrary code
- rPSA-2008-0223-1 poppler
- London DEFCON July meet - DC4420 - Thursday 10th July (today!)
- iDefense Security Advisory 07.09.08: Novell eDirectory LDAP SearchRequest Heap Corruption Vulnerability
- Re: PR07-37: XSS on Apache HTTP Server 413 error pages viamalformed HTTP method
- [ MDVSA-2008:143 ] - Updated pidgin packages fix MSN protocol handler vulnerability
- [NETRAGARD SECURITY ADVISORY][Apple Core Image Fun House <= 2.0 OSX -- Arbitrary Code Execution][NETRAGARD-20080711]
- [ MDVSA-2008:138-1 ] - Updated OpenOffice.org packages fix vulnerability
- [ MDVSA-2008:144 ] - Updated openldap packages fix slapd DoS vulnerability
- Re: Microsoft DNS patch KB951748 incompatible with Zonealarm
- Re: New Paper: More than 600 million users surf at high risk
- Re: Re: Microsoft DNS patch KB951748 incompatible with Zonealarm
- Simple DNS Plus 5.0/4.1 < remote Denial of Service exploit
- Pluck Local File inclusion
- FreeBSD Security Advisory FreeBSD-SA-08:06.bind
- DeepSec 2008 - Last call for submissions
- unix books
- [ MDVSA-2008:145 ] - Updated bluez/bluez-utils packages fix SDP packet parsing vulnerability
- CFP now open for ClubHack2008 - India
- HPSBST02350 SSRT080102 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-037 to MS08-040
- [ GLSA 200807-09 ] Mercurial: Directory traversal
- [ MDVSA-2008:147 ] - Updated pcre packages fix vulnerability
- iDefense Security Advisory 07.15.08: Oracle Internet Directory Pre-AuthenticationLDAP DoS Vulnerability
- iDefense Security Advisory 07.15.08: Oracle Database DBMS_AQELM PackageBuffer Overflow Vulnerability
- iDefense Security Advisory 07.15.08: Oracle Database Local UntrustedLibrary Path Vulnerability
- [ MDVSA-2008:146 ] - Updated poppler packages fix arbitrary codeexecution vulnerability
- [security bulletin] HPSBMA02346 SSRT080097 rev.1 - HP Select Identity Active Directory Bidirectional LDAP Connector, Remote Unauthorized Access
- Oracle Application Server PLSQL injection flaw
- Arbitrary code execution in Netrw version 127, Vim 7.2b
- [security bulletin] HPSBMA02133 SSRT061201 rev.9 - HP Oracle for OpenView (OfO) Critical Patch Update
- [ECHO_ADV_100$2008] Comdev Web Blogger <= 4.1.3 (arcmonth) SqlInjection Vulnerability
- [DSECRG-08-028] File read in Velocity web-server
- n.runs-SA-2008.002 - F-Prot Out-of-Bound Memory Access DoS (remote)
- rPSA-2008-0035-1 httpd mod_ssl
- IETF Internet-Draft on TCP Port randomization
- [security bulletin] HPSBUX02351 SSRT080058 rev.1 - HP-UX Running BIND, Remote DNS Cache Poisoning
- ekoparty security trainings (2008) announcement
- [DSECRG-08-029] Local File Include in Dokeos E-Learning System 1.8.5
- HPSBMA02346 SSRT080097 rev.2 - HP Select Identity Active Directory Bidirectional LDAP Connector, Remote Unauthorized Access
- Oracle Portal XSS fixed by CPU July 2008
- [USN-623-1] Firefox vulnerabilities
- communitycms-0.1 Remote File Includion
- Security Vacation Guide
- Def_Blog 1.0.3 Multiple Remote SQL Injection Vulnerabilities
- Lateral SQL Injection Revisited - No Special Privs Required
- [ MDVSA-2008:148 ] - Updated Firefox packages fix vulnerabilities
- [ISecAuditors Security Advisories] SmbClientParser Perl module allowsremote command execution
- [DSECRG-08-030] Claroline 1.8.9 Multiple Security Vulnerabilities
- Windows Vista Power Management & Local Security Policy
- Re: Lateral SQL Injection Revisited - No Special Privs Required
- [security bulletin] HPSBUX02351 SSRT080058 rev.2 - HP-UX Running BIND, Remote DNS Cache Poisoning
- rPSA-2008-0231-1 bind bind-utils
- Oracle Database Local Untrusted Library Path Vulnerability
- Easybookmarker 40tr Xss Vulnerability By Khashayar Fereidani
- [ MDVSA-2008:149 ] - Updated mysql packages fix vulnerabilities
- Re: Oracle Database Local Untrusted Library Path Vulnerability
- EasyPublish 3.0tr Multiple Vulnerabilities ( Xss / Sql InjectionExploit / File Disclosure Exploit )
- Easyecards 310a Multipe Vulerabilities ( Xss / Sql InjectionExploit / File Disclosure Exploit ) By Khashayar Fereidani
- [ MDVSA-2008:150 ] - Updated mysql packages fix vulnerabilities
- EMC Dantz Retrospect 7 backup Client PlainText Password HashDisclosure Vulnerability
- FGA-2008-16: EMC Dantz Retrospect 7 backup Client 7.5.116 RemoteMemory corruption Vulnerability
- Vulnerability CVE-2008-3671 - MyReview's vulnerability in the access control system
- Easydynamicpages 30tr Multipe Vulerabilities ( Xss / SqlInjection Exploit / File Disclosure Exploit )
- Maran PHP Blog Xss By Khashayar Fereidani
- MyBlog <=0.9.8 Multiple Vulnerabilities
- Vim: Improper Implementation of shellescape()/Arbitrary Code Execution
- FGA-2008-16: EMC Dantz Retrospect 7 backup Client 7.5.116NULL-Pointer reference Denial of Service Vulnerability
- [DSECRG-08-031] Local File Include Vulnerability in Interact 2.4.1
- Re: Pwnie Awards 2008
- Flip V3.0 final
- Re: SchoolCenter URL Handling Cross Site Scripting Vulnerability
- [White Paper] Abusing HTML 5 Structured Client-side Storage
- E-Mail header Injection in HiFriend
- [ GLSA 200807-10 ] Bacula: Information disclosure
- [ GLSA 200807-11 ] PeerCast: Buffer overflow
- Re: [ GLSA 200807-10 ] Bacula: Information disclosure
- [ MDVSA-2008:151 ] - Updated libxslt packages fix buffer overflow vulnerability
- [ GLSA 200807-12 ] BitchX: Multiple vulnerabilities
- FGA-2008-16: EMC Dantz Retrospect 7 backup Server AuthenticationModule Weak Password Hash Arithmetic Vulnerability
- Vulnerability: SocialEngine (SocialEngine.net) high risk security flaw
- [security bulletin] HPSBMA02346 SSRT080097 rev.3 - HP OpenView Select Identity Active Directory Bidirectional LDAP Connector, Remote Unauthorized Access
- [DSECRG-08-032] Claroline 1.8.10 Multiple XSS Vulnerabilities
- PR08-13: Persistent Cross-site Scripting (XSS) on Moodle via blogentry title
- PR08-15: Several Webroot Disclosures on Moodle
- PR08-16: CSRF (Cross-site Request Forgery) on Moodle edit profilepage
- [USN-627-1] Dnsmasq vulnerability
- [ MDVSA-2008:152 ] - Updated wireshark packages fix denial of service vulnerability
- AST-2008-011: Traffic amplification in IAX2 firmware provisioning system
- AST-2008-010: Asterisk IAX 'POKE' resource exhaustion
- RE: Windows Vista Power Management & Local Security Policy
- Vim: Flawed Fix of Arbitrary Code Execution Vulnerability in filetype.vim
- [USN-628-1] PHP vulnerabilities
- [ MDVSA-2008:153 ] - Updated emacs packages fix vulnerability
- [ MDVSA-2008:154 ] - Updated xemacs packages fix vulnerability
- CAU-EX-2008-0002: Kaminsky DNS Cache Poisoning Flaw Exploit
- [Full-disclosure] [tool] SDT Cleaner 1.0
- Re: [Full-disclosure] Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution
- Secunia Research: RealPlayer SWF Frame Handling Buffer Overflow
- XRMS 1.99.2 (RFI/XSS/IG) Multiple Remote Vulnerabilities
- ezContents CMS Renote File inclusion
- [ MDVSA-2008:155 ] - Updated Thunderbird packages fix multiple vulnerabilities
- how to request a cve id?
- [ MDVSA-2008:155-1 ] - Updated Thunderbird packages fix multiple vulnerabilities
- Security Bypass Vulnerabilities AXESSTEL
- [DSECRG-08-033] Local File Include Vulnerability in Pixelpost 1.7.1
- Tool release: [evilgrade] - Using DNS cache poisoning to exploit poor update implementations
- [security bulletin] HPSBMA02353 SSRT080066 rev.1 - HP OpenView Internet Services Running Probe Builder, Remote Denial of Service (DoS)
- JamRoom <= 3.3.8 Authentication Bypass
- Multiple Cross-Site Scripting Vulnerabilities in Web Wiz RichText Editor version 4.02
- ViArt <= 3.5 SQL Injection
- Cross Site Scripting (XSS) in Owl <=0.95, CVE-2008-3100
- iDefense Security Advisory 07.28.08: Hewlett-Packard OVIS Probe BuilderArbitrary Process Termination Vulnerability
- [ MDVSA-2008:156 ] - Updated libpng packages fix vulnerability
- [USN-626-1] Firefox and xulrunner vulnerabilities
- rPSA-2008-0236-1 httpd mod_ssl
- rPSA-2008-0237-1 tshark wireshark
- rPSA-2008-0238-1 firefox
- [USN-631-1] poppler vulnerability
- [DSECRG-08-034] Local File Include Vulnerability in Minishowcase v09b136
- Gregarius <= 0.5.4 SQL Injection
- VMSA-2008-00011 Updated ESX service console packages for Samba andvmnix
- rPSA-2008-0235-1 fetchmail fetchmailconf
- [USN-630-1] ffmpeg vulnerability
- n.runs-SA-2008.004 - AVG Anti-Virus Divide by Zero - DoS (remote)
- Remote Cisco IOS FTP exploit
- [ MDVSA-2008:157 ] - ffmpeg
- Cisco IOS shellcode explanation
- MJGuest 6.8 GT Cross Site Scripting Vulnerability
- RealNetworks RealPlayer ActiveX Illegal Resource Reference Vulnerability
- Tool: PorkBind Nameserver Security Scanner
- Cisco IOS shellcode explanation - additional
- DEV WMS Multiple Vulnerabilities
- [ MDVSA-2008:159 ] licq
- [oCERT-2008-009] libxslt heap overflow
- Secunia Research: Blue Coat K9 Web Protection "Referer" Header Buffer Overflow
- [security bulletin] HPSBUX02286 SSRT071466 rev.1 - HP-UX Running System Administration Manager (SAM), Unintended Remote Access
- Pligg <= 9.9.0 Multiple Vulnerabilities
- Secunia Research: Blue Coat K9 Web Protection Response Handling Buffer Overflows
- [~] Greetz : Me93fg & Mr.SaFa7
- iDefense Security Advisory 07.30.08: SAP MaxDB dbmsrv Untrusted ExecutionPath Vulnerability
- [ GLSA 200807-15 ] Pan: User-assisted execution of arbitrary code
- [ GLSA 200807-14 ] Linux Audit: Buffer overflow
- [ GLSA 200807-13 ] VLC: Multiple vulnerabilities
- [ GLSA 200807-16 ] Python: Multiple vulnerabilities
- [CVE-2008-2370] Apache Tomcat information disclosure vulnerability
- libxslt heap overflow
- [CVE-2008-1232] Apache Tomcat XSS vulnerability
- [USN-634-1] OpenLDAP vulnerability
- eVision 2.0 Sql Injection/Remote File Disclosure/Remote FileUpload/IG
- DNS Multiple Race Exploiting Tool
- [USN-632-1] Python vulnerabilities
- [USN-633-1] libxslt vulnerabilities
- iDefense Security Advisory 07.31.08: Apple Mac OS X CoreGraphicsPDF Type1 Font Integer Overflow Vulnerability
- =?UTF-8?B?bi5ydW5zLVNBLTIwMDguMDA1IC0gQXBwbGUgSW5jLiAtIE NvcmVTZXI=?==?UTF-8?B?dmljZXMgRnJhbWV3b3Jr4oCZcyBDYXJib25Db3JlIEZyYW 1ld29yayAtIEFyYmk=?==?UTF-8?B?dHJhcnkgQ29kZSBFeGVjdXRpb24gKHJlbW90ZSk=?=
- Re: how to request a cve id?
- [ MDVSA-2008:160 ] libxslt
- file upload exploit
- iDefense Security Advisory 08.01.08: Ingres Database for Linux verifydbInsecure File Permissions Modification Vulnerability
- iDefense Security Advisory 08.01.08: Ingres Database for Linux libbecompatStack Based Buffer Overflow Vulnerability
- iDefense Security Advisory 08.01.08: Ingres Database for Linux ingvalidpwUntrusted Library Path Vulnerability
- Pligg Auto-Voter Using XSS to Bypass CSRF Protection
- Keld: PHP-MySQL News Script 0.7.1 Remote SQL injection Vulnerability
- TGS CMS Remote Code Execution Exploit
- UNAK-CMS Lfi
- [USN-626-2] Devhelp, Epiphany, Midbrowser and Yelp update
- Team SHATTER Security Advisory: SQL Injection in Oracle ApplicationServer (WWEXP_API_ENGINE)
- Team SHATTER Security Advisory: Cross-site scripting in Oracle EnterpriseManager (REFRESHCHOICE Parameter)
- Team SHATTER Security Advisory: SQL Injection in Oracle Database(DBMS_DEFER_SYS.DELETE_TRAN)
- Xampp Linux 1.6.7 Multiple Cross Site Scripting Vulnerabilities
- 8e6 Technologies R3000 Internet Filter Bypass with Host Decoy
- Plogger <= 3.0 SQL Injection
- IGES CMS <=2.0 Multiple Vulnerabilities
- Pluck 4.5.2 Multiple Cross Site Scripting Vulnerabilities
- Excellent new IT Security site
- [ GLSA 200808-01 ] xine-lib: User-assisted execution of arbitrary code
- [ GLSA 200808-02 ] Net-SNMP: Multiple vulnerabilities
- [ GLSA 200808-03 ] Mozilla products: Multiple vulnerabilities
- [ GLSA 200808-04 ] Wireshark: Denial of Service
- rPSA-2008-0245-1 cups
- rPSA-2008-0246-1 gaim
- PHP-NUKE module Kleinanzeigen SQL injection (lid)
- MyClan Sql Injection
- Re: 8e6 Technologies R3000 Internet Filter Bypass with Host Decoy
- Interesting things at sec-consult.com, DNS-whitepaper availabletomorrow
- Google Notebook and Google Bookmarks Cross Site ScriptingVulnerabilities
- Apache HTTP Server mod_proxy_ftp Wildcard Characters Cross-Site Scripting
- [ GLSA 200808-05 ] ISC DHCP: Denial of Service
- [USN-635-1] xine-lib vulnerabilities
- [ GLSA 200808-06 ] libxslt: Execution of arbitrary code
- [security bulletin] HPSBUX02351 SSRT080058 rev.3 - HP-UX Running BIND, Remote DNS Cache Poisoning
- [security bulletin] HPSBUX02355 SSRT080023 rev.1 - HP-UX Using libc, Remote Denial of Service (DoS)
- Re: [funsec] facebook messages worm
- OpenVMS fingerd remote stack overflow
- Re: [Full-disclosure] [funsec] facebook messages worm
- facebook messages worm
- Whitepaper: DNS zone redelegation
- [SE-2008-01] J2ME Security Vulnerabilities 2008
- Re: [SE-2008-01] J2ME Security Vulnerabilities 2008
- [ MDVSA-2008:161 ] rxvt
- [ MDVSA-2008:162 ] qemu
- [ MDVSA-2008:163 ] python
- re: [SE-2008-01] J2ME Security Vulnerabilities 2008
- [ MDVSA-2008:164 ] python
- Re: Re: [SE-2008-01] J2ME Security Vulnerabilities 2008
- Re: [funsec] facebook messages worm
- OpenID/Debian PRNG/DNS Cache poisoning advisory
- [AJECT] NoticeWare IMAP Email Server 4.6.2 DoS vulnerability
- Re: [OpenID] OpenID/Debian PRNG/DNS Cache poisoning advisory
- Re: OpenID/Debian PRNG/DNS Cache poisoning advisory
- [AJECT] WinGate Email Server (IMAP) vulnerability