Bekijk Volledige Versie : Bugtraq mailing lijst
- SecurityReason : PHP 5.2.6 dba_replace() destroying file
- [tool] Exomind v0.2 is out!
- [SECURITY] [DSA 1672-1] New imlib2 packages fix arbitrary code execution
- [SECURITY] [DSA 1673-1] New wireshark packages fix several vulnerabilities
- [SECURITY] [DSA 1674-1] New jailer packages fix denial of service
- [SECURITY] [DSA 1675-1] New phpmyadmin packages fix cross site scripting
- [TKADV2008-013] VLC media player RealMedia Processing Integer OverflowVulnerability
- /bin/login gives root to group utmp
- Re: Re: Wrong report: BID 32287, Pi3Web ISAPI DoS vulnerability
- Re: Re: Wrong report: BID 32287, Pi3Web ISAPI DoS vulnerability
- [BMSA 2008-09] Two buffer overflow vulnerabilities in Rumpus v6.0
- [USN-681-1] ImageMagick vulnerability
- [USN-682-1] libvorbis vulnerabilities
- [SECURITY] [DSA 1676-1] New flamethrower packages fix denial of service
- Dates for SyScan'09
- Cpanel fantastico Privilege Escalation "ModSec and PHP
- Re: /bin/login gives root to group utmp
- [USN-683-1] Imlib2 vulnerability
- [ GLSA 200812-01 ] OptiPNG: User-assisted execution of arbitrary code
- [ GLSA 200812-05 ] libsamplerate: User-assisted execution of arbitrary code
- [ GLSA 200812-06 ] libxml2: Multiple vulnerabilities
- [ GLSA 200812-03 ] IPsec-Tools: racoon Denial of Service
- [ GLSA 200812-04 ] lighttpd: Multiple vulnerabilities
- [ GLSA 200812-02 ] enscript: User-assisted execution of arbitrary code
- [ GLSA 200812-07 ] Mantis: Multiple vulnerabilities
- [SECURITY] [DSA 1677-1] New CUPS packages fix arbitrary code execution
- VMSA-2008-0019 VMware Hosted products and patches for ESX and ESXi
- Re: Re: Re: Wrong report: BID 32287, Pi3Web ISAPI DoS vulnerability
- [HACKATTACK Advisory 20081203]Pro Clan Manager 0.4.2 - Session
- [USN-684-1] ClamAV vulnerability
- [SECURITY] [DSA 1678-1] New perl packages fix privilege escalation
- [SECURITY] [DSA 1679-1] New awstats packages fix cross-site scripting
- [SVRT-06-08] MULTI SECURITY VULNERABILITIES IN MVNFORUM
- [security bulletin] HPSBUX02389 SSRT080141 rev.1 - HP-UX, Local Denial of Service (DoS)
- Re: [HACKATTACK Advisory 20081127]Social Impress CMS 1.1 -
- Re: VMSA-2008-0019 VMware Hosted products and patches for ESX and
- [USN-685-1] Net-SNMP vulnerabilities
- [USN-686-1] AWStats vulnerability
- Re: [USN-684-1] ClamAV vulnerability
- Joomla Component GameQ
- [ MDVSA-2008:236 ] vim
- Advisory 06/2008: PHP ZipArchive::extractTo() Directory Traversal Vulnerability
- DDIVRT-2008-18 Orb Denial of Service
- [SECURITY] [DSA 1680-1] New clamav packages fix potential code execution
- CVE-2008-2086: Java Web Start File Inclusion via System Properties
- [UPRSN] Ubuntu Privacy Remix 8.04r1 fixes security issues
- Re: XSS in Internet Explorer 6 and 7
- [SECURITY] [DSA 1681-1] New Linux 2.6.24 packages fix several vulnerabilities
- iDefense Security Advisory 12.04.08: Sun Java JRE TrueType Font Parsing
- Joomla Component mydyngallery
- iDefense Security Advisory 12.04.08: Sun Java Web Start GIF Decoding
- iDefense Security Advisory 12.04.08: Sun Java JRE Pack200 Decompression
- Re: Joomla Component GameQ
- [ MDVSA-2008:237 ] apache2
- [USN-687-1] nfs-utils vulnerability
- iDefense Security Advisory 12.04.08: Sun Java JRE TrueType Font Parsing
- ESOA CONFERENCE by digiBlitz Technologies
- [ MDVSA-2008:238 ] libsamplerate
- CVE-2008-5079: multiple listen()s on same socket corrupts the vcc
- RE: DDIVRT-DDIVRT-2008-15 iPhone Configuration Web Utility 1.0
- Re: SecurityReason : PHP 5.2.6 dba_replace() destroying file
- Re: SecurityReason : PHP 5.2.6 dba_replace() destroying file
- [ MDVSA-2008:239 ] clamav
- Re: SecurityReason : PHP 5.2.6 dba_replace() destroying file
- [ GLSA 200812-08 ] Mgetty: Insecure temporary file usage
- SecurityReason: PHP 5.2.6 SAPI php_getuid() overload
- love love love love love :))
- [SECURITY] [DSA 1682-1] New squirrelmail packages fix cross site scripting
- Two XSS Flaws in PrestaShop 1.1.0.3
- XSS in PHPepperShop v 1.4
- RadAsm <=2.2.1.5 Local Command Execution
- Re: SecurityReason: PHP 5.2.6 SAPI php_getuid() overload
- Multiple Vendor Anti-Virus Software Malicious WebPage Detection
- [DSECRG-08-040] Multiple Local File Include Vulnerabilities in Xoops 2.3.x
- [DSECRG-08-041] Stored XSS Vulnerability in Xoops 2.3.x
- Re: SecurityReason: PHP 5.2.6 SAPI php_getuid() overload
- Re: SecurityReason: PHP 5.2.6 SAPI php_getuid() overload
- [SVRT-07-08] Vulnerability in Face Recognition Authentication Mechanism of Lenovo-Asus-Toshiba Laptops
- Re: RadAsm <=2.2.1.5 Local Command Execution
- Neostrada Livebox Remote Network Down PoC Exploit
- [security bulletin] HPSBMA02391 SSRT071481 rev.1 - HP OpenView Reporter and HP Reporter Running on Windows, Remote Denial of Service (DoS)
- [SECURITY] [DSA 1683-1] New streamripper packages fix potential code execution
- [security bulletin] HPSBMA02390 SSRT071481 rev.1 - HP OpenView Performance Agent, HP Performance Agent, Remote Denial of Service (DoS)
- DoS Vulnerability in Aruba Mobility Controller Caused by Malformed
- Multiple XSRF in DD-WRT (Remote Root Command Execution)
- Re: [Full-disclosure] MS OWA 2003 Redirection Vulnerability - [MSRC 7368br]
- DoS attacks on MIME-capable software via complex MIME emails
- [ MDVSA-2008:236-1 ] vim
- PHP safe_mode can be bypassed via proc_open() and custom environment.
- SEC Consult SA-20081109-0 :: Microsoft SQL Server 2000
- rPSA-2008-0332-1 kernel
- Re: DoS attacks on MIME-capable software via complex MIME emails
- Multiple Vendor Anti-Virus Software Malicious WebPage Detection
- Secunia Research: Microsoft Word RTF Polyline/Polygon Integer Overflow
- Secunia Research: Microsoft Excel NAME Record Array Indexing Vulnerability
- CORE-2008-1127 - Vinagre show_error() format string vulnerability
- Secunia Research: Microsoft Hierarchical FlexGrid Control Integer Overflows
- iDefense Security Advisory 12.09.08: Microsoft Internet Explorer
- iDefense Security Advisory 12.09.08: Microsoft Windows Graphics Device
- Insomnia : ISVA-081209.1 - IE Webdav Request Parsing Heap Corruption Vulnerability
- ISOI 6, Dallas, TX - January 29, 30
- [USN-689-1] Vinagre vulnerability
- [USN-678-2] GnuTLS regression
- [SECURITY] [DSA 1684-1] New lcms packages fix multiple vulnerabilities
- [IVIZ-08-011] ClamAV lzh unpacking segmentation fault
- [IVIZ-08-012] Bitdefender antivirus for Linux multiple vulnerabilities
- [IVIZ-08-013] Avast antivirus for Linux multiple vulnerabilities
- [IVIZ-08-014] AVG antivirus for Linux vulnerability
- [IVIZ-08-015] Sophos Antivirus for Linux vulnerability
- [IVIZ-08-016] F-Secure f-prot Antivirus for Linux corrupted ELF header Security Bypass
- Re: Multiple XSRF in DD-WRT (Remote Root Command Execution)
- Microsoft SQL Server 2005 sp_replwritetovarbin memory overwrite
- CORE-2008-0228: Microsoft Word Malformed FIB Arbitrary Free Vulnerability
- [security bulletin] HPSBUX02393 SSRT080057 rev.1 - HP-UX Running DCE, Remote Denial of Service (DoS)
- [ GLSA 200812-09 ] OpenSC: Insufficient protection of smart card PIN
- [ GLSA 200812-10 ] Archive::Tar: Directory traversal vulnerability
- iDefense Security Advisory 12.10.08: Microsoft Excel Malformed Object
- Max's Guestbook (XSS) Remote Vulnerability
- [ MDVSA-2008:240 ] vinagre
- CA ARCserve Backup LDBserver Vulnerability
- [ GLSA 200812-11 ] CUPS: Multiple vulnerabilities
- Browser Security Handbook
- AST-2008-012: Remote crash vulnerability in IAX2
- Re: Multiple XSRF in DD-WRT (Remote Root Command Execution)
- Re: Multiple XSRF in DD-WRT (Remote Root Command Execution)
- aspProductCatalog Sql Injection
- Meta Cart Free Database Disclosure
- facto Database Disclosure
- Re: Multiple XSRF in DD-WRT (Remote Root Command Execution)
- Re[2]: Multiple XSRF in DD-WRT (Remote Root Command Execution)
- Secunia Research: CA ARCserve Backup RPC "handle_t" Argument Vulnerability
- Re: Multiple XSRF in DD-WRT (Remote Root Command Execution)
- Re: Multiple XSRF in DD-WRT (Remote Root Command Execution)
- Re: Multiple XSRF in DD-WRT (Remote Root Command Execution)
- Aspect9: Internet Explorer 8.0 Beta 2 Anti-XSS Filter Vulnerabilities
- Black Hat: New Webinar, Japan audio now on-line.
- Re: Multiple XSRF in DD-WRT (Remote Root Command Execution)
- Re: Re: Multiple XSRF in DD-WRT (Remote Root Command Execution)
- ASP-CMS v.1.0 Sql Injection/Database Disclosure
- rPSA-2008-0336-1 tshark wireshark
- Nokia N70/N73 Bluetooth Stack OBEX Implementation Denial of Service
- [SECURITY] [DSA 1685-1] New uw-imap packages fix multiple vulnerabilities
- Moodle 1.9.3 Remote Code Execution
- [ GLSA 200812-12 ] Honeyd: Insecure temporary file creation
- =?utf-8?B?V2VibWFpbCBIZWxwZGVza+KAjw==?=
- 93 tjxzs.com.cn.. 61
- 87 tjxzs.com.cn tjxzs tjxzs@hotmail.com http tjxzs.com.cn13802174064 55
- 99 tjxzs.com.cn 55
- [ GLSA 200812-13 ] OpenOffice.org: Multiple vulnerabilities
- [ GLSA 200812-14 ] aview: Insecure temporary file usage
- [SECURITY] [DSA 1686-1] New no-ip packages fix arbitrary code execution
- [ GLSA 200812-15 ] POV-Ray: User-assisted execution of arbitrary
- [ GLSA 200812-16 ] Dovecot: Multiple vulnerabilities
- CFAGCMS Remote File Inclusion
- [TKADV2008-014] MPlayer TwinVQ Processing Stack Buffer Overflow Vulnerability
- Re: Moodle 1.9.3 Remote Code Execution
- Multiple XSS Vulnerabilities in World Recipe 2.11
- phpList vulnerability
- Re: Moodle 1.9.3 Remote Code Execution
- TmaxSoft JEUS Alternate Data Streams Vulnerability
- Re: Re: Multiple XSRF in DD-WRT (Remote Root Command Execution)
- 27 tjxzs.com.cn 54
- [ MDVSA-2008:242 ] wireshark
- Fwd: TmaxSoft JEUS Alternate Data Streams Vulnerability
- [SECURITY] [DSA 1687-1] New Linux 2.6.18 packages fix several vulnerabilities
- [ MDVSA-2008:243 ] enscript
- Re: Re: Moodle 1.9.3 Remote Code Execution
- Re: Moodle 1.9.3 Remote Code Execution
- [USN-691-1] Ruby vulnerability
- [ GLSA 200812-17 ] Ruby: Multiple vulnerabilities
- CVE-2008-1094 - Barracuda Span Firewall SQL Injection Vulnerability
- CVE-2008-0971 - Barracuda Networks products Multiple Cross-Site
- Joomla: Session hijacking vulnerability, CVE-2008-4122
- [ GLSA 200812-18 ] JasPer: User-assisted execution of arbitrary code
- Re: [IVIZ-08-016] F-Secure f-prot Antivirus for Linux corrupted
- Re: ooVoo 1.7.1.35 (URL Protocol) remote unicode buffer overflow poc
- 70 tjxzs.com.cn 46
- 01 tjxzs.com.cn 68
- RE: [Full-disclosure] ZDI-08-088: Oracle E-Business Suite Self-Service Web Applications SQL Injection Vulnerability
- n.runs-SA-2008.010 - Opera HTML parsing Code Execution
- Network Security Scanner OpenVAS 2.0.0 Released
- [ MDVSA-2008:244 ] mozilla-firefox
- 74 tjxzs.com.cn 31
- 12 tjxzs.com.cn 79
- [USN-690-1] Firefox and xulrunner vulnerabilities
- [TKADV2008-015] Sun Solaris SIOCGTUNPARAM IOCTL Kernel NULL pointer
- Firefox cross-domain text theft (CESA-2008-011)
- Re: Joomla: Session hijacking vulnerability, CVE-2008-4122
- [USN-692-1] Gadu vulnerability
- EasySiteNetwork (joke.php?id) Remote SQL injection Vulnerability
- [USN-693-1] LittleCMS vulnerability
- [SECURITY] CVE-2008-2938 - Apache Tomcat information disclosure vulnerability
- [USN-690-2] Firefox vulnerabilities
- [USN-690-3] Firefox vulnerabilities
- [USN-694-1] libvirt vulnerability
- [USN-695-1] shadow vulnerability
- php python extension safe_mode bypass
- [ MDVSA-2008:245 ] firefox
- CONFidence 2009, CFP
- [USN-696-1] Avahi vulnerabilities
- 70 tjxzs.com.cn 36
- 85 tjxzs.com.cn 42
- Re: CONFidence 2009, CFP
- SEC Consult SA-20081219-0 :: Fujitsu-Siemens WebTransactions
- [security bulletin] HPSBST02394 SSRT080183 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-070 to MS08-077
- HTC Touch vCard over IP Denial of Service
- PHP APC vulnerable to local attacks
- rPSA-2008-0338-1 cups
- [ GLSA 200812-19 ] PowerDNS: Multiple vulnerabilities
- [SECURITY] [DSA 1688-1] New courier-authlib packages fix SQL injection
- chicomas <=2.0.4 Multiple Vulnerabilities
- Re: chicomas <=2.0.4 Multiple Vulnerabilities
- 64 tjxzs.com.cn 21
- [SECURITY] [DSA 1678-2] New perl packages fix regression
- [USN-699-1] Blender vulnerabilities
- [USN-698-1] Nagios vulnerability
- Secunia Research: Trend Micro HouseCall "notifyOnLoadNative()" Vulnerability
- [USN-698-2] Nagios3 vulnerabilities
- POC for CVE-2008-5619 (roundcubemail PHP arbitrary code injection)
- [UPRSN] Ubuntu Privacy Remix 8.04r2 introduces "noexec"-mounting
- [SECURITY] [DSA 1691-1] New moodle packages fix several vulnerabilities
- FreeSSHd Multiple Remote Stack Overflow Vulnerabilities
- Secunia Research: Trend Micro HouseCall ActiveX Control Arbitrary Code Execution
- [USN-697-1] Imlib2 vulnerability
- CoolPlayer 2.19 (Skin File) Local Buffer Overflow Exploit
- [USN-698-1] Nagios vulnerability
- CORE-2008-1210: Qemu and KVM VNC server remote DoS
- [SECURITY] [DSA 1689-1] New proftpd-dfsg packages fix Cross-Site Request Forgery
- [SECURITY] [DSA 1690-1] New avahi packages fix denial of service
- [ISecAuditors Security Advisories] Wordpress is vulnerable to an
- [ISecAuditors Security Advisories] Multiple vulnerabilities in WiFi
- rPSA-2008-0341-1 dovecot
- Re: [IVIZ-08-016] F-Secure f-prot Antivirus for Linux corrupted
- [ GLSA 200812-20 ] phpCollab: Multiple vulnerabilities
- [ MDVA-2008:241 ] mailscanner
- 76 tjxzs.com.cn 33
- 26 tjxzs.com.cn 83
- 73 tjxzs.com.cn 39
- 32 tjxzs.com.cn 99
- [security bulletin] HPSBST02397 SSRT080187 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-078
- FreeBSD Security Advisory FreeBSD-SA-08:13.protosw
- Re: rPSA-2008-0341-1 dovecot
- [USN-677-2] OpenOffice.org Internationalization update
- [ISecAuditors Security Advisories] PSI remote integer overflow DoS
- [SECURITY] [DSA 1688-2] New courier-authlib packages fix regression
- DDIVRT-2008-16 Citrix Broadcast Server 6.0 login.asp SQL
- [USN-700-1] Perl vulnerabilities
- [USN-698-3] Nagios vulnerabilities
- [ GLSA 200812-23 ] Imlib2: User-assisted execution of arbitrary code
- Personal Sticky Threads v1.0.3c vbulletin Add-on problem