Bekijk Volledige Versie : Bugtraq mailing lijst
- Re: [OpenID] OpenID/Debian PRNG/DNS Cache poisoning advisory
- Vim: Unfixed Vulnerabilities in Tar Plugin Version 20
- [ GLSA 200808-07 ] ClamAV: Multiple Denials of Service
- [ GLSA 200808-08 ] stunnel: Security bypass
- [DSECRG-08-035] Local File Include Vulnerability in Gallery 1.5.7, 1.6-alpha3
- [ GLSA 200808-09 ] OpenLDAP: Denial of Service vulnerability
- New paper: An Illustrated Guide to the Kaminsky DNS Vulnerability
- [security bulletin] HPSBUX02351 SSRT080058 rev.4 - HP-UX Running BIND, Remote DNS Cache Poisoning
- Kayako SupportSuite < 3.30.00 Multiple Vulnerabilities
- [ GLSA 200808-10 ] Adobe Reader: User-assisted execution of arbitrary code
- Ovidentia Sql Injection
- Re: [DSECRG-08-035] Local File Include Vulnerability in Gallery1.5.7, 1.6-alpha3
- K-Links Directory Blind SQL Injection Exploit
- rPSA-2008-0247-1 gvim vim vim-minimal
- rPSA-2008-0249-1 openldap openldap-clients openldap-servers
- [ GLSA 200808-11 ] UUDeview: Insecure temporary file creation
- Apache Tomcat <= 6.0.18 UTF8 Directory Traversal Vulnerability
- Layered Defense Research Advisory: Alcatel-Lucent OmniSwitchproducts, Stack Buffer Overflow
- iDefense Security Advisory 08.04.08: Solaris snoop SMB Decoding MultipleFormat String Vulnerabilities
- [AJECT] hMailServer 4.4.1 DoS vulnerability
- iDefense Security Advisory 08.04.08: Solaris snoop SMB Decoding MultipleStack Buffer Overflow Vulnerabilities
- Internet attacks against Georgian web sites
- VMSA-2008-0012 Updated VirtualCenter addresses User Account DisclosureVulnerability
- rPSA-2008-0253-1 git gitweb
- Re: OpenID/Debian PRNG/DNS Cache poisoning advisory
- VMSA-2008-0013 Updated ESX packages for OpenSSL, net-snmp, perl
- Surf Jack - HTTPS will not save you
- Re: [funsec] Internet attacks against Georgian web sites
- Re: [funsec] Internet attacks against Georgian web sites
- [security bulletin] HPSBUX02356 SSRT080051 rev.1 - HP-UX Running ftpd, Remote Privileged Access
- iDefense Security Advisory 08.12.08: Microsoft Office BMP Input FilterHeap Overflow Vulnerability
- Re: Vim: Netrw: FTP User Name and Password Disclosure
- [ MDVSA-2008:167 ] kernel
- [ MDVSA-2008:166 ] clamav
- iDefense Security Advisory 08.12.08: Microsoft Office WPG Image FileHeap Buffer Overflow Vulnerability
- [TKADV2008-006] CA HIPS KmxFw.sys Kernel Memory Corruption
- iDefense Security Advisory 08.12.08: Microsoft PowerPoint Viewer2003 Out of Bounds Array Index Vulnerability
- iDefense Security Advisory 08.12.08: Microsoft PowerPoint Viewer2003 Cstring Integer Overflow Vulnerability
- Vim: Netrw: FTP User Name and Password Disclosure
- iDefense Security Advisory 08.12.08: Microsoft Excel Chart AxesSetInvalid Array Index Vulnerability
- iDefense Security Advisory 08.12.08: Microsoft Excel FORMAT RecordInvalid Array Index Vulnerability
- iDefense Security Advisory 08.12.08: Microsoft Windows Color ManagementModule Heap Buffer Overflow Vulnerability
- rPSA-2008-0243-1 idle python
- Vim 7.2c.002 Fixes Arbitrary Command Execution when Handling Tar Archives
- [security bulletin] HPSBTU02358 SSRT080058 rev.1 - HP Tru64 UNIX running BIND, Remote DNS Cache Poisoning
- CORE-2008-0103: Internet Explorer Zone Elevation Restrictions Bypassand Security Zone Restrictions Bypass
- [ MDVSA-2008:170 ] cups
- Microsoft Windows Messenger Remote Illegal Access Vulnerability
- [ MDVSA-2008:168 ] stunnel
- [ MDVSA-2008:169 ] hplip
- [security bulletin] HPSBOV02357 SSRT080058 rev.1 - HP OpenVMS TCP/IP Services running BIND, Remote DNS Cache Poisoning
- Postfix local privilege escalation via hardlinked symlinks
- Security Assessment of the Internet Protocol
- rPSA-2008-0255-1 freetype
- [ GLSA 200808-12 ] Postfix: Local privilege escalationvulnerability
- Cisco Security Advisory: Vulnerability in Cisco WebEx Meeting Manager ActiveX Control
- Re: MicroWorld MailScan - Multiple Vulnerabilities within Admin-Webinterface
- munky-bliki lfi
- Mambo 4.6.2 Full Version - Multiple Cross Site Scripting - ByKhashayar Fereidani
- FlexCMS <= 2.5 Cross Site Scripting Vulnerability
- [ MDVSA-2008:171 ] postfix
- [ MDVSA-2008:172 ] amarok
- PHP Live Helper <= 2.0.1 Multiple Vulnerabilities
- Nokia 6131 NFC URI/URL Spoofing and DoS Advisory
- Re: ManageEngine Firewall Analyzer arbitrary file disclosure to authorized user
- NewsHOWLER 1.03 Beta Cookie Handling Via Sql injection
- [DSECRG-08-036] Multiple Security Vulnerabilities in Freeway eCommerce 1.4.1.171
- Tool: PorkBind v1.3 Nameserver Security Scanner (New Version)
- Ovidentia 6.6.5 XSS (index.php)‏
- [security bulletin] HPSBMA02345 SSRT080039 rev.2 - HP System Management Homepage (SMH) for Linux and Windows, Remote Cross Site Scripting (XSS)
- [security bulletin] HPSBST02360 SSRT080117 rev.2 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-041 to MS08-051
- SunShop <= 4.1.4 SQL Injection
- Vanilla <= 1.1.4 Script Injection/ XSS
- [ MDVSA-2008:173 ] kdegraphics
- [ MDVSA-2008:174 ] kernel
- ToorCon 10 Call For Papers
- Folder Lock <= 5.9.5 Local Password Information Disclosure
- [USN-636-1] Postfix vulnerability
- [ MDVSA-2008:175 ] yelp
- IMF 2008 - Call for Participation
- [ MDVSA-2008:176 ] mtr
- CORE-2008-0624: Anzio Web Print Object Buffer Overflow
- Null Byte Local file Inclusion in FAR - PHP Project version:1.0
- CORE-2008-0813 - vBulletin Cross Site Scripting Vulnerability
- rPSA-2008-0259-1 postfix
- [ MDVSA-2008:177 ] xine-lib
- [ MDVSA-2008:178 ] xine-lib
- UPDATE: [ GLSA 200804-22 ] PowerDNS Recursor: DNS Cache Poisoning
- TimeTrex Time and Attendance Cookie Theft
- Rolex, Rado, Pattek Philippe, Omega, Gucci
- Contest: Best Advances for OpenVAS Network Vulnerability Tests
- Vim: Arbitrary Code Execution in Commands: K, Control-], g]
- Call For Papers - Hackers 2 Hackers Conference 5th Edition - Brazil
- PR08-20: Bypassing ASP .NET "ValidateRequest" for Script InjectionAttacks
- [ MDVSA-2008:179 ] metisse
- [ MDVSA-2008:180 ] libxml2
- Secunia Research: Trend Micro Products Web Management Authentication Bypass
- Apple OSX Leopard (10.5+), inadequate ACL insight can create vuln
- Fedora confirms: Our servers were breached
- Re: RE: TimeTrex Time and Attendance Cookie Theft
- [oCERT-2008-008] multiple heap overflows in xine-lib
- Rolex, Rado, Patekk Philippe, Omegga, Gucci
- Rollex, Rado, Patek Philipppe, Omega, Gucci
- OneNews Beta 2 Multiple Vulnerabilities
- Rolex, Radoo, Patekk Philippe, Omega, Gucci
- Rolex, Raado, Patek Philippe, Omega, Gucci
- Rolex, Rado, Pattek Philippe, Omega, Gucci
- Rolexx, Rado, Patek Phillippe, Omega, Gucci
- Rolex, Raado, Patek Philippe, Omega, Gucci
- Secunia Research: Novell iPrint Client ActiveX Control "GetFileList()" Information Disclosure
- [DSECRG-08-038] Multiple Local File Include Vulnerabilities in ezContents CMS 2.0.3
- Secunia Research: Calendarix Basic Two SQL Injection Vulnerabilities
- Secunia Research: Novell iPrint Client ActiveX Control Multiple Buffer Overflows
- [DSECRG-08-037] Multiple Local File Include Vulnerabilities in Pluck CMS 4.5.2
- [IVIZ-08-009] Grub Legacy Security Model bypass exploiting wrong BIOS API usage
- SECOBJADV-2008-03.2: PartyGaming PartyPoker Malicious UpdateVulnerability
- [IVIZ-08-006] DiskCryptor Security Model bypass exploiting wrong BIOS API usage
- Crafty Syntax Live Help <= 2.14.6 SQL Injection
- Rolex, Rado, Pateek Philippe, Omega, Gucci
- Rolex, Rado,, Patek Philippee, Omega, Gucci
- ToorCon X CFP Closing and Workshops and Seminars discounted until Friday!
- ZoneMinder Multiple Vulnerabilities
- Hopeless comments regarding the pointless "HP System Management Homepage (SMH) Unspecified XSS"
- Multiple Vulnerabilities in AWStats Totals
- White Wolf Labs #080826-1: Kyocera Mita Scanner File Utility (Multiple)
- PacSec 2008 CFP (Deadline Sept. 1, Conference Nov. 12/13) and BA-Con 2008 Speakers (Sept .30/ Oct. 1)
- [ MDVSA-2008:180-1 ] libxml2
- [security bulletin] HPSBMA02363 SSRT080106 rev.1 - HP Enterprise Discovery Running on Windows, Remote Authorized User, Gain Extended Privileges
- [IVIZ-08-008] LILO Security Model bypass exploiting wrong BIOS API usage
- [IVIZ-08-007] DriveCrypt Security Model bypass exploiting wrong BIOS API usage
- [IVIZ-08-003] TrueCrypt Security Model bypass exploiting wrong BIOS API usage
- [USN-638-1] Yelp vulnerability
- [IVIZ-08-004] Intel BIOS Plain Text Password Disclosure
- [IVIZ-08-002] Hewlett-Packard BIOS Plain Text Password Disclosure
- [IVIZ-08-005] IBM Lenovo BIOS Plain Text Password Disclosure
- [security bulletin] HPSBUX02365 SSRT080118 rev.1 - HP-UX Running Apache, Remote Cross Site Scripting (XSS) or Denial of Service (DoS)
- reviving the botnets@ mailing list: a new statregy in fighting cybercrime
- [Advisory] Invision Power Board <= 2.3.5 MultipleVulnerabilities and Security Bypass
- [ MDVSA-2008:181 ] ipsec-tools
- [Exploit] Invision Power Board <= 2.3.5 Multiple Vulnerabilities
- Re: [Exploit] Invision Power Board <= 2.3.5 Multiple Vulnerabilities
- VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMwareACE, VMware Server, VMware ESX address information disclosure, privilegeescalation and other security issues.
- Re: [Advisory] Invision Power Board <= 2.3.5 MultipleVulnerabilities and Security Bypass
- Multiple Cross Site Scripting (XSS) Vulnerabilities in vtigerCRM5.0.4, CVE-2008-3101
- rPSA-2008-0264-1 ruby
- [oCERT-2008-014] WordNet stack and heap overflows
- Postfix Linux-only local denial of service
- HPSBUX02354 SSRT080113 rev.1 - HP-UX Running Netscape / Red Hat Directory Server, Remote Cross Site Scripting (XSS) or Remote Denial of Service (DoS)
- [security bulletin] HPSBMA02362 SSRT080044, SSRT080045 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Denial of Service (DoS)
- ToorCon X Lineup & Training Seminars Posted & Pre-Registration Ending
- [AJECT] Softalk IMAP Server 8.5.1 DoS vulnerability
- [ MDVSA-2008:182 ] wordnet
- CS-Cart <= 1.3.5 SQL Injection
- [Tool] sqlmap 0.6 released
- [USN-639-1] tiff vulnerability
- [Suspected Spam]New IETF I-D-: Security Assessment of the Internet Protocolversion 4
- [ MDVSA-2008:183 ] opensc
- In search of examples of malicious source code
- Exploit
- Has anyone implemented "double forward DNS"?
- RUXCON 2008 Final Call For Papers
- Secunia Research: Novell iPrint Client nipplib.dll "IppCreateServerRef()" Buffer Overflow
- [Tool] Distack framework for attack detection and traffic analysis
- Google Chrome Automatic File Download
- Google Chrome Browser (ver.0.2.149.27) Vulnerability
- TransLucid 1.75 (fckeditor) Remote Arbitrary File Upload
- Cisco Secure ACS EAP Parsing Vulnerability
- Cisco Secure ACS Denial Of Service Vulnerability
- FreeBSD Security Advisory FreeBSD-SA-08:08.nmount
- [ MDVSA-2008:184 ] libtiff
- [ MDVSA-2008:185 ] python-django
- FreeBSD Security Advisory FreeBSD-SA-08:09.icmp6
- FreeBSD Security Advisory FreeBSD-SA-08:07.amd64
- Multiple Cross Site Scripting (XSS) and SQL injectionVulnerabilities in XRMS, CVE-2008-3664
- Marvell Driver EAPoL-Key Length Overflow
- Marvell Driver Null SSID Association Request Vulnerability
- [USN-640-1] libxml2 vulnerability
- Re: Google Chrome Automatic File Download
- Atheros Vendor Specific Information Element Overflow
- Zen Cart <= 1.3.8a SQL Injection
- [ GLSA 200809-04 ] MySQL: Privilege bypass
- [ GLSA 200809-01 ] yelp: User-assisted execution of arbitrary code
- clamav: Crash with crafted chm, CVE-2008-1389
- [ GLSA 200809-02 ] dnsmasq: Denial of Service and DNS spoofing
- [ GLSA 200809-03 ] RealPlayer: Buffer overflow
- Multiple MicroWorld products insecure directory permissions
- [ MDVSA-2008:186 ] python
- [security bulletin] HPSBMA02361 SSRT080119 rev.1 - HP OpenView Select Identity Connectors running on Windows, Local Information Disclosure
- other google chrome crash
- rPSA-2008-0268-1 libtiff
- Risky Chrome (The perfect cleartext password offering )
- XCon 2008 Call for Paper
- Re: XCon 2008 Call for Paper
- Google Chrome 0.2.149.27 'SaveAs' Function Buffer Overflow Vulnerability
- Re: Oracle 10g Dynamic Monitoring Services XSS /servlet/Spy
- [ GLSA 200809-05 ] Courier Authentication Library: SQL injectionvulnerability
- Google Chrome Auto download exploit ..
- [ MDVSA-2008:188 ] tomcat5
- xoops-1.3.10 shell command execute vulnerability ( causing snoopyclass )
- phpAdultSite CMS flaws
- [ GLSA 200809-06 ] VLC: Multiple vulnerabilities
- [scip_Advisory 3808] D-Link DIR-100 long url filter evasion
- DEFCON London - DC4420 - September meet this Thursday 11th
- Re: Re: SECURITY ADVISORY - Level Platforms, Inc. Service CenterInstall Data HTTP Vulnerability
- Sagem Router F@ST 2404 Remote Denial Of Service Exploit
- Chrome(0.2.149.27) title(not the tag) Denial of Service(Freeze) exploit
- WASC Announcement: 2007 Web Application Security Statistics Published
- [ GLSA 200809-07 ] libTIFF: User-assisted execution of arbitrarycode
- [ GLSA 200809-08 ] Amarok: Insecure temporary file creation
- Transfer Of Fund,
- [USN-641-1] Racoon vulnerabilities
- Stash v1.0.3 Admin bypass / Remote File Disclosure
- Sun M-class hardware denial of service
- Re: Chrome(0.2.149.27) title(not the tag) Denial of Service(Freeze) exploit
- Re: Sun M-class hardware denial of service
- Re: Sun M-class hardware denial of service
- SQL Smuggling
- [SECURITY] CVE-2008-2938 - Apache Tomcat information disclosure vulnerability- Updated
- DeepSec 2008 - Conference Schedule
- iDefense Security Advisory 09.09.08: Apple QuickTime PICT IntegerOverflow Vulnerability
- Multiple Vulnerabilities: LedgerSMB < 1.2.15
- iDefense Security Advisory 09.09.08: Microsoft Windows GDI+ GradientFill Heap Overflow Vulnerability
- Windows GDI+ GIF memory corruption
- [oCERT-2008-012] Horde, Popoon frameworks common inputsanitization errors (XSS)
- Re: E-Php B2B Trading Marketplace(cid) Remote SQL InjectionVulnerability
- [ MDVSA-2008:190 ] postfix
- [USN-642-1] Postfix vulnerabilities
- Ezphotogallery 2.1 Multiple Vulnerabilities ( Xss/LoginBypass/Sql injection Exploit/File Disclosure)
- ZoneAlarm Security Suite buffer overflow
- PhpWebGallery 1.3.4 Multiple Vulnerabilities (XSS/LFI)
- sqlvdir.dll ActiveX Remote Buffer Overflow Exploit
- PhsBlog v0.2 Bypass Sql injection Filtering Exploit
- minb Remote Code Execution Exploit
- [security bulletin] HPSBOV02364 SSRT080078 rev.1 - HP OpenVMS SMGRTL Run Time Library, Local Authorized User, Gain Privileged Access
- Nooms 1.1
- Advisory 04/2008: Joomla Weak Random Password Reset Token Vulnerability
- [ MDVSA-2008:191 ] rsh
- Advisory 05/2008: Wordpress user_login Column SQL Truncation Vulnerability
- Re: OpenWiki<--v0.78 Cross-Site Scripting
- Secunia Research: Trend Micro OfficeScan "cgiRecvFile.exe" Buffer Overflow
- [USN-643-1] FreeType vulnerabilities
- [USN-644-1] libxml2 vulnerabilities
- [ MDVSA-2008:192 ] libxml2
- Avant Browser <= 11.7 Build 9 Integer Denial Of Service Exploit
- community real-time BGP hijack notification service
- [scip_Advisory 3809] Pro2col StingRay FTS login username cross sitescripting
- CORE-2008-0126: iPhone Safari JavaScript alert Denial of Service
- Baidu Hi IM software parsing plaintext stack overflow
- [ MDVSA-2008:193 ] kolab-server
- [ MDVSA-2008:194 ] apache2