Mail Thread Index
- Re: Office 10 applications & flashdrives can be used to browse restricted drives,
Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]
- 7a69Adv#22 - UNIX unzip keep setuid and setgid files,
Albert Puigsech Galicia
- Re: iDEFENSE Security Advisory 02.25.05: WU-FTPD File Globbing Denial of Service Vulnerability,
Rainer Schöpf
- WASC-Articles: 'The Insecure Indexing Vulnerability - Attacks Against Local Search Engines' By Amit Klein,
robert
- iDEFENSE Security Advisory 02.28.05: Mozilla Firefox and Mozilla Browser Out Of Memory Heap Corruption Design Error,
iDEFENSE Labs
- iDEFENSE Security Advisory 02.28.05: KPPP Privileged File Descriptor Leak Vulnerability,
iDEFENSE Labs
- [Hat-Squad] GFI L.N.S.S 5.0 Insecure Credential Storage,
Hat-Squad Security Team
- [SECURITYREASON.COM] PostNuke SQL Injection 0.760-RC2=>x cXIb8O3.3,
Maksymilian Arciemowicz
- [SECURITYREASON.COM] PostNuke Critical XSS 0.760-RC2=>x cXIb8O3.2,
Maksymilian Arciemowicz
- [SECURITYREASON.COM] PostNuke Critical SQL Injection 0.760-RC2=>x cXIb8O3.1,
Maksymilian Arciemowicz
- Firefox Software Update,
Kai Howells
- Badblue HTTP Server Exploit,
Miguel Tarascó Acuña
- [ Postnuke all versions + pnphpbb <=1.2 sql injection - jocanor ],
JoCaNoR SeCuRiTy TeaM
- Re: BizMail 2.1 Spam Exploit,
Jason Frisvold
- [SIG^2 G-TEC] RaidenHTTPD Server Buffer Overflow and CGI Source Disclosure Vulnerabilities,
chewkeong
- Kernelpanik Labs Digest 2005-2,
Kernelpanik Labs - Security Lists
- IObjectSafety and Internet Explorer,
Shane Hird
- phpBB <= 2.0.12 UID Exploit,
federico gonzales
- OpenServer 5.0.6 OpenServer 5.0.7 : A vulnerability in TCP,
please_reply_to_security
- 427BB profile.php XSS vulnerability.,
Raven
- [KDE Security Advisory] kppp Privileged fd Leak Vulnerability,
Dirk Mueller
- Software PBLang 4.63 delpm.php authentication vulnerability,
Raven
- Software PBLang 4.63 sendpm.php reply file read vulnerability,
Raven
- Forumwa search.php xss vulnerability,
Raven
- [ GLSA 200503-01 ] Qt: Untrusted library search path,
Sune Kloppenborg Jeppesen
- iDEFENSE Security Advisory 03.01.05: RealNetworks RealPlayer .smil Buffer Overflow Vulnerability,
Michael Sutton
- PHP News <= 1.2.4 - Remote File Inclusion (VXSfx),
Filip Groszynski
- [ GLSA 200503-03 ] Gaim: Multiple Denial of Service issues,
Sune Kloppenborg Jeppesen
- [ GLSA 200503-04 ] phpWebSite: Arbitrary PHP execution and path disclosure,
Thierry Carrez
- [ GLSA 200503-02 ] phpBB: Multiple vulnerabilities,
Thierry Carrez
- [ GLSA 200502-33 ] MediaWiki: Multiple vulnerabilities,
Thierry Carrez
- [USN-89-1] XML library vulnerabilities,
Martin Pitt
- [USN-88-1] reportbug information disclosure,
Martin Pitt
- [USN-86-1] cURL vulnerability,
Martin Pitt
- [USN-87-1] Cyrus IMAP server vulnerability,
Martin Pitt
- iDEFENSE Security Advisory 03.02.05: Computer Associates License Client/Server GCR Checksum Buffer Overflow,
iDEFENSE Labs
- iDEFENSE Security Advisory 03.02.05: Computer Associates License Client/Server GCR Network Buffer Overflow,
iDEFENSE Labs
- iDEFENSE Security Advisory 03.02.05: Computer Associates License Client/Server GETCONFIG Buffer Overflow,
iDEFENSE Labs
- iDEFENSE Security Advisory 03.02.05: Computer Associates License Client PUTOLF Directory Traversal,
iDEFENSE Labs
- iDEFENSE Security Advisory 03.02.05: Computer Associates License Client PUTOLF Buffer Overflow,
iDEFENSE Labs
- iDEFENSE Security Advisory 03.02.05: Computer Associates License Client and Server Invalid Command Buffer Overflow,
iDEFENSE Labs
- License Patches Are Now Available To Address Buffer Overflows,
Williams, James K
- [CLA-2005:926] Conectiva Security Announcement - mod_python,
Conectiva Updates
- RealOne Player / Real .WAV Heap Overflow File Format Vulnerability,
Mark Litchfield
- Foxmail server "USER" command Multiple remote buffer overflow,
Xin Ouyang
- [FLSA-2005:2314] Updated XFree86 packages fix security flaws,
Dominic Hargreaves
- Vulnerabilities in Aura CMS,
echo staff
- [ GLSA 200503-05 ] xli, xloadimage: Multiple vulnerabilities,
Thierry Carrez
- Golden Ftp server 1.29 Username remote Buffer Overflow,
Carlos Ulver
- Security Advisory: Computalynx CProxy Server Multiple Remote Vulnerabilities,
Kristof Philipsen
- iDEFENSE Labs Releases IDA Sync,
iDEFENSE Labs
- EEYE: Computer Associates License Manager Remote Vulnerabilities,
Karl Lynn
- [SECURITY BULLETIN] SSRT4866 rev.0 MUP HP OpenVMS V6.x and V7.x privileged file access,
Boren, Rich (SSRT)
- Advisory #08 - phpBB 2.0.13 Bad filtered in usercp_register.php,
Paisterist
- [USN-90-1] Imagemagick vulnerability,
Martin Pitt
- Re: SHA-1 broken,
Pavel Machek
- Microsoft AntiSpyware Beta and Windows Scripting Host,
Joe Stocker
- [XSS] paBox 1.6,
Rift
- [CLA-2005:928] Conectiva Security Announcement - clamav,
Conectiva Updates
- TYPO3 SQL Injection vunerabilitie,
Fabian Becker
- Microsoft Antispyware Beta window docking issue,
Jeroen van Rijn
- My-forum.org cookies vulnerability - data bug,
Black Angel
- [ GLSA 200503-06 ] BidWatcher: Format string vulnerability,
Sune Kloppenborg Jeppesen
- [ GLSA 200503-07 ] phpMyAdmin: Multiple vulnerabilities,
Sune Kloppenborg Jeppesen
- PHP News <= 1.2.4 - Remote File Inclusion Exploit,
mozako
- GIMP gifload.exe GIF file (image width)*(image height)==0 DOS vulnerability,
Hongzhen Zhou
- Download Center Lite (DCL) - Arbitrary File Inclusion (VXSfx),
Filip Groszynski
- PHP Form Mail Script (2.3) - Arbitrary File Inclusion (VXSfx),
Filip Groszynski
- -==phpBB 2.0.13 Full path disclosure==-,
HaCkZaTaN
- [ GLSA 200503-08 ] OpenMotif, LessTif: New libXpm buffer overflows,
Thierry Carrez
- [ GLSA 200503-09 ] xv: Filename handling vulnerability,
Thierry Carrez
- [ GLSA 200503-10 ] Mozilla Firefox: Various vulnerabilities,
Thierry Carrez
- Bypass of 22 Antivirus software with GDI+ bug exploit Mutations - part 2,
Andrey Bayora
- phpBB 2.0.12 Session Handling Administrator Authentication Bypass -SIMPLIFIED-,
Wesley aka PPC
- LOOKNMEET HTML INJECT EXPLOIT,
Wesley aka PPC
- PaX privilege elevation security bug,
pageexec
- MDKSA-2005:048 - Updated curl packages fix vulnerability,
Mandrakelinux Security Team
- MDKSA-2005:049 - Updated gaim packages fix multiple vulnerabilities,
Mandrakelinux Security Team
- MDKSA-2005:051 - Updated cyrus-imapd packages fix vulnerabilities,
Mandrakelinux Security Team
- MDKSA-2005:052 - Updated kdegraphics packages fix vulnerabilities,
Mandrakelinux Security Team
- MDKSA-2005:050 - Updated gftp packages fix vulnerability,
Mandrakelinux Security Team
- Windows Server 2003 and XP SP2 LAND attack vulnerability,
Dejan Levaja
- [ GLSA 200503-13 ] mlterm: Integer overflow vulnerability,
Luke Macken
- [SECURITY] [DSA 691-1] New abuse packages fix local root exploit,
Martin Schulze
- Remote Command Execution,
Francisco Alisson
- [ GLSA 200503-11 ] ImageMagick: Filename handling vulnerability,
Thierry Carrez
- [ GLSA 200503-12 ] Hashcash: Format string vulnerability,
Thierry Carrez
- [FLSA-2005:1748] Updated subversion packages fix security issues,
Marc Deslauriers
- [Hat-Squad] Computer-Associates, License Manager POC Exploit,
Hat-Squad Security Team
- [FLSA-2005:2344] Updated php packages fix security issues,
Marc Deslauriers
- Real Realplayer 10 .smil local buffer overflow POC,
nolimit bugtraq
- CIRT.DK Advisory - SafeNet Inc Sentinel License Manager 7.2.0.2 Buffer Overflow,
CIRT Advisory
- [USN-91-1] EXIF library vulnerability,
Martin Pitt
- phpBB 2.0.12 Session Handling Administrator Authentication Bypass Exploit,
thephuket
- thoughts and a possible solution on homograph attacks,
Michael Roitzsch
- Gene6 FTP Server Local Privilege Escalation Vulnerability,
Sowhat
- Lingo VoIP ATA / UTStarcom iAN-02EX remote access vulnerability,
Atom Smasher
- Remote Testing SocialMPN Remote File Inclusion by y3dips,
echo staff
- PHP Form Mail Script <= 2.3 arbitrary file inclusion exploit exploit,
mozako
- vBulletin Worm - perl.Santy variant,
The Prohacker
- phpBB 2.0.13 - user level exploit,
Some one
- PHP-FUSION 5.* XSS VULNERABILITY,
FireSt0rm
- drone armies C&C report - Feb/2005,
Gadi Evron
- Re: phpGiftReq SQL Injection,
Ryan Walberg
- See-security advisory: Trillian Basic 3.0 PNG Processing Buffer overflow,
tal zeltzer
- - Argeniss - Oracle Database Server Directory transversal,
Cesar
- [CLA-2005:930] Conectiva Security Announcement - kernel,
Conectiva Updates
- PHP mcNews <= 1.3 arbitrary file inclusion (VXSfx),
Filip Groszynski
- phpWebLog <= 0.5.3 arbitrary file inclusion (VXSfx),
Filip Groszynski
- [USN-92-1] LessTif vulnerabilities,
Martin Pitt
- [ GLSA 200503-14 ] KDE dcopidlng: Insecure temporary file creation,
Sune Kloppenborg Jeppesen
- UnixWare 7.1.4 : Samba multiple security issues,
please_reply_to_security
- Hosting Controller Multiple Unauthenticated information disclose,
small mouse
- UnixWare 7.1.4 : squid updated package fixes several security issues,
please_reply_to_security
- iDEFENSE Labs Releases IDA RPC Enumerator,
iDEFENSE Labs
- Multiples Vulnerabilities,
Francisco Alisson
- PE Multiple Remote Access Validation Vulnerabilities (Participate Systems Inc. / Outstart Inc.),
Altrus Wollesen
- RE: Avaya IP Office Phone Manager - Sensitive Information Cleartext Vulnerability,
Walton, John Michael (John)
- [SCAN Associates Security Advisory] xoops 2.0.9.2 and below weak file extension validation,
pokley
- [CLA-2005:931] Conectiva Security Announcement - squid,
Conectiva Updates
- Multiple vulnerabilities in paFileDB,
sp3x
- ArGoSoft FTP Server 1.4.2.8 Buffer Overflow,
CorryL
- failles dans ProjectBB v0.4.5.1,
[hacktinium]@securityfocus.com@www.securityfocus.com
- [SECURITY] [DSA 692-1] New kppp packages fix privileged file descriptor leak,
Martin Schulze
- Ethereal remote buffer overflow,
LSS Security
- [FLSA-2005:2404] Updated less package fixes security issue,
Marc Deslauriers
- [USN-93-1] Squid vulnerability,
Martin Pitt
- RE: Ethereal remote buffer overflow - addon,
LSS Security
- [USN-94-1] Perl vulnerability,
Martin Pitt
- [Security Bulletin] SSRT4891 rev.0 HP Tru64 UNIX message queue local denial of service (DoS),
Boren, Rich (SSRT)
- Update: MS05-011 EEYE: Windows SMB Client Transaction Response Handling Vulnerability,
Marc Maiffret
- [Updated][FLSA-2005:2344] Updated php packages fix security issues,
Marc Deslauriers
- Multiple AV Vendor Incorrect CRC32 Bypass Vulnerability.,
Bipin Gautam
- XCode 1.5 and distcc 2.x Exploit,
Ray Slakinski
- iDEFENSE Security Advisory 03.10.05: Ipswitch Collaboration Suite IMAP EXAMINE Buffer Overflow Vulnerability,
iDEFENSE Labs
- Wfsection 1.07 vulnerabilities,
kreon
- iDownload/iSearch responds to Spyware Critics,
Paul Laudanski
- UBB.threads 6 SQL Injection,
kre0n
- Security Masters Dojo,
Dragos Ruiu
- [SECURITYREASON.COM][phpBB 2.0.13 SQL error in session cXIb8O3.8],
Maksymilian Arciemowicz
- [ GLSA 200503-16 ] Ethereal: Multiple vulnerabilities,
Luke Macken
- [SECURITYREASON.COM] SQL injection and XSS in paFileDB,
SecurityReason
- [badroot.org] The Includer remote commands execution exploit,
Federico Ozak
- PhotoPost PHP 5.0 RC3, and later, multiple vulnerabilities,
Igor Franchuk
- Mysql CREATE FUNCTION mysql.func table arbitrary library injection,
Stefano Di Paola
- summercon looking for speakers,
louis
- Mysql CREATE FUNCTION libc arbitrary code execution.,
Stefano Di Paola
- [ GLSA 200503-15 ] X.org: libXpm vulnerability,
Matthias Geerdsen
- PlatinumFTP 1.0.18 remote DoS,
ports
- [SECURITYREASON.COM] Mass Full Path Disclosure in paFileDB,
SecurityReason
- Virginity Security Advisory 2005-001 : Hola CMS - File destruction and System access,
Virginity Security
- aeNovo Database Content Disclosure Vulnerability,
farhad koosha
- KnowledgeBase,
Francisco Alisson
- Av issues,
Bipin Gautam
- Ethereal remote buffer overflow #2,
LSS Security
- [ GLSA 200503-17 ] libexif: Buffer overflow vulnerability,
Luke Macken
- [SECURITY] [DSA 662-2] New squirrelmail package fixes regression,
Martin Schulze
- [CLA-2005:933] Conectiva Security Announcement - gaim,
Conectiva Updates
- SUSE Security Announcement: openslp (SUSE-SA:2005:015),
Sebastian Krahmer
- [HAT-SQUAD] SafeNet Sentinel LM, UDP License Manager Exploit,
class 101
- [SECURITY] [DSA 693-1] New luxman packages fix local root exploit,
Martin Schulze
- LimeWire Gnutella client two vulnerabilities,
Kevin Walsh
- New Version of WinBlox is Available,
Liu Die Yu
- [ZH2005-02SA] Insecure tmp file creation in Wine,
Giovanni Delvecchio
- Master RPC program number data base (/etc/rpc),
Eilon Gishri
- SimpGB SQL Injection Vulnerability,
Alexander Müller
- [XSS] paBox 2.0,
Rift
- ...::: hotforum.nl XSS exploit :::...,
Rebyte Security
- Ethereal 0.10.9 and below remote root exploit,
Diego Giagio
- 3 XSS Vulnerabilities in Phorum <= 5.0.14,
Jon Oberheide
- [SECURITYREASON.COM] phpAdsNew 2.0.4-pr1 Multiple vulnerabilities cXIb8O3.9,
Maksymilian Arciemowicz
- YaBB2 rc1 XSS,
alireza hassani
- "Drop to STARTUP Folder II" published on 2005/02/08,
Liu Die Yu
- DMA[2005-0310a] - 'Frank McIngvale LuxMan buffer overflow',
Kevin Finisterre
- iDEFENSE Security Advisory 03.14.05: MySQL MaxDB Web Agent Multiple Denial of Service Vulnerabilities,
iDEFENSE Labs
- Not SQL injection and XSS in paFileDB?,
saudi linux
- html code include in phpnuke news crash IE 6,
WoRmZ Web
- PlantinumFTP server <= 1.0.18 Remote DOS exploit,
Exoduks
- Unfiltered escape sequences in filenames contained in ZIP archives wouldn't be escaped on displaying or logging, and can also lead to bypass AV scanning,
Dr. Peter Bieringer
- phpbb <= 2.0.12 uid vuln + admin_styles.php php code injection exploit,
bad boy
- phpbb cookie admin access,
pureone
- SAV9 Functionality Hole - misses virus files,
me3
- Few remote bugs in zPanel,
Mik-
- Virginity Security Advisory 2005-002 : Hola CMS - Another File destruction and System access,
Virginity Security
- [ISR] - Novell iChain Mini FTP Server Valid User Disclosure Vulnerability,
Francisco Amato
- [ISR] - Novell iChain Mini FTP Server Unauthorized Remote Path Disclosure Vulnerability,
Francisco Amato
- [ISR] Insecure communication and Reproduce the Session authentication,
Francisco Amato
- Denial of Service Vulnerability in MySQL Server for Windows,
Luca Ercoli
- [ GLSA 200503-18 ] Ringtone Tools: Buffer overflow vulnerability,
Luke Macken
- [USN-95-1] Linux kernel vulnerabilities,
Martin Pitt
- UPDATE: [ GLSA 200501-38 ] Perl: rmtree and DBI tmpfile vulnerabilities,
Thierry Carrez
- [ISR] - Novell iChain Mini FTP Server Bruteforce Problem,
Francisco Amato
- Re: [Full-disclosure] Unfiltered escape sequences in filenames contained in ZIP archives wouldn't be escaped on displaying or logging, and can also lead to bypass AV scanning,
Dr. Peter Bieringer
- GoodTech Telnet Server Buffer Overflow Vulnerability,
Komrade
- MDKSA-2005:053 - Updated ethereal packages fix multiple vulnerabilities,
Mandrakelinux Security Team
- MDKSA-2005:054 - Updated cyrus-sasl packages fix vulnerability,
Mandrakelinux Security Team
- MDKSA-2005:055 - Updated openslp packages fix multiple vulnerabilities,
Mandrakelinux Security Team
- ADVISORY: DataRescue Interactive Disassembler Pro Debugger Format String Vulnerability,
Piotr Bania
- Multiple KDE Security Advisories (2005-03-16),
Waldo Bastian
- PlatinumFTPserver format string vulnerability ( IHSTeam ),
c0d3r
- SUSE Security Announcement: multiple Mozilla Firefox vulnerabilities (SUSE-SA:2005:016),
Marcus Meissner
- MDKSA-2005:056 - Updated koffice packages fix vulnerabilities on 64 bit platforms,
Mandrakelinux Security Team
- MDKSA-2005:057 - Updated gnupg packages fix vulnerability,
Mandrakelinux Security Team
- [CLA-2005:934] Conectiva Security Announcement - kdenetwork,
Conectiva Updates
- [USN-97-1] libxpm vulnerability,
Martin Pitt
- ASPjar Tell-a-Friend,
farhad koosha
- Servers Alive: Local Privilege Escalation,
Michael Starks
- [ GLSA 200503-20 ] curl: NTLM response buffer overflow,
Sune Kloppenborg Jeppesen
- [ GLSA 200503-19 ] MySQL: Multiple vulnerabilities,
Sune Kloppenborg Jeppesen
- [USN-96-1] mySQL vulnerabilities,
Martin Pitt
- Re: GoodTech Telnet Server Buffer Overflow Vulnerability [EXPLOIT],
cybertronic
- LLSSRV Clarifications <Immunity>,
Dave Aitel
- MDKSA-2005:059 - Updated evolution packages fix crasher,
Mandrakelinux Security Team
- [ GLSA 200503-21 ] Grip: CDDB response overflow,
Luke Macken
- See-security Advisory: Format string vulnerability in MailEnable 1.8,
a a
- [CLA-2005:937] Conectiva Security Announcement - cyrus-imapd,
Conectiva Updates
- Windows 2000 GDI32.DLL GetEnhMetaFilePaletteEntries() API specially crafted EMF file DOS vulnerability,
Hongzhen Zhou
- XSS in ACS blog,
farhad koosha
- PHP mcNews arbitrary file inclusion,
Jonathan Whiteley
- MDKSA-2005:058 - Updated kdelibs packages fix multiple vulnerabilities,
Mandrakelinux Security Team
- Another includer.cgi problem?,
cout
- [USN-98-1] OpenSLP vulnerabilities,
Martin Pitt
- LLSSRV Redux,
Dave Aitel
- Kevin Walsh: LimeWire Gnutella client two vulnerabilities,
Ill will
- Linux ISO9660 handling flaws,
Michal Zalewski
- Re: Windows Security Checklists - 10 Parts,
Paul Laudanski
- Cain & Abel PSK Sniffer Heap overflow,
Gary O'leary-Steele
- Security Contact at RSA?,
Gary O'leary-Steele
- [PersianHacker.NET 200503-09]PHPOpenChat v3.x XSS Multiple Vulnerability,
PersianHacker Team
- Social Engineering: You Have Been A Victim,
Paul Laudanski
- myPHP Forum v1, 2 & 3,
Terencentanio Enache
- possible SQL injection in Subdreamer,
GHC team
- [USN-99-1] PHP4 vulnerabilities,
Martin Pitt
- runcms installation path,
Majid NT
- runcms highlight.php hole,
Majid NT
- PHP-Post Exploit,
Terencentanio Enache
- Java Web Start argument injection vulnerability,
Jouko Pynnonen
- [phpbb <= 2.0.13 full path disclosure & directory listing],
JoCaNoR SeCuRiTy TeaM
- IceCast up to v2.20 multiple vulnerabilities,
Patrick
- [ GLSA 200503-22 ] KDE: Local Denial of Service,
Sune Kloppenborg Jeppesen
- Ciamos Installation path(IHS),
Majid NT
- Ciamos Highlight.php Security Hole(IHS),
Majid NT
- [PersianHacker.NET 200503-10]PHP-Fusion v5.01 Html Injection Vulnerability,
PersianHacker Team
- OllyDbg long process Module debug Vulnerability,
ATmaCA ATmaCA
- [ GLSA 200503-23 ] rxvt-unicode: Buffer overflow,
Sune Kloppenborg Jeppesen
- [ GLSA 200503-24 ] LTris: Buffer overflow,
Sune Kloppenborg Jeppesen
- Symantec Antivirus client locally created scheduled scan is not running if the local console is logged off,
Eitan Caspi
- [ GLSA 200503-26 ] Sylpheed, Sylpheed-claws: Message reply overflow,
Luke Macken
- -==CoolForum Path Disclosure & Possible SQL Injection==-,
HaCkZaTaN
- [CLA-2005:940] Conectiva Security Announcement - curl,
Conectiva Updates
- 2 vulnerabilities in BetaParticle,
farhad koosha
- TSL-2005-0009 - multi,
Trustix Security Advisor
- [SECURITY] [DSA 695-1] New xli packages fix several vulnerabilities,
Martin Schulze
- -==PVDasm Long Name Debug Vulnerability==-,
HaCkZaTaN
- phpMyFamily 1.4.0 SQL vulnerabilities,
kreon
- [ GLSA 200503-27 ] Xzabite dyndnsupdate: Multiple vulnerabilities,
Thierry Carrez
- [ GLSA 200503-25 ] OpenSLP: Multiple buffer overflows,
Thierry Carrez
- Details of Sybase ASE bugs withheld,
NGSSoftware Insight Security Research
- New Whitepaper: Anti Brute Force Resource Metering,
Gunter Ollmann (NGS)
- iDEFENSE Security Advisory 03.21.05: Mac OS X CF_CHARSET_PATH Buffer Overflow Vulnerability,
iDefense Customer Service
- Re: [ISN] How To Save The Internet,
Jason Coombs
- SecurityForest Exploitation Framework Beta has been released!,
Alon Swartz
- MDKSA-2005:060 - Updated MySQL packages fix multiple vulnerabilities,
Mandrakelinux Security Team
- Kayako eSupport Cross Site Scripting,
GulfTech Security Research
- Mac OSX[CF_CHARSET_PATH]: local root exploit.,
Vade 79
- RUXCON 2005 Call for Papers,
RUXCON Call for Papers
- [SECURITY] [DSA 696-1] New perl packages fix privilege escalation,
Martin Schulze
- Nortel VPN Client Issue: Clear-text password stored in memory,
Roy Hills
- Possible windows+python bug,
liquid
- [ Positive Technologies #SA] Phorum "location" HTTP Response Splitting Vulnerability,
Alexander Anisimov
- Black Hat Briefings & Trainings: Registration now open!,
Jeff Moss
- osCommerce File Manager Directory Traversal Vulnerability,
Megasky
- RE: [VulnWatch] Details of Sybase ASE bugs withheld,
Marchand, Tom
- root-equivalent groups,
psz
- Security Development Lifecycle Whitepaper Available,
Michael Howard
- [SIG^2 G-TEC] SurgeMail Webmail Attachment Upload and XSS Vulnerabilities,
chewkeong
- Backdoors in AS/400 emulations allow the server to attack connected PC workstations,
Shalom Carmel
- SUSE Security Announcement: ImageMagick problems (SUSE-SA:2005:017),
Marcus Meissner
- Notacon: Apr. 8-10, 2005 in Cleveland, OH,
Froggy
- Interspire ArticleLive 2005 (php version) is vulnerable to XSS,
mircia mircia
- Vortex Portal,
Francisco Alisson
- [SECURITYREASON.COM] phpSysInfo 2.3 Multiple vulnerabilities cXIb8O3.11,
Maksymilian Arciemowicz
- Multiple vulnerabilities in Topic Calendar 1.0.1 for phpBB,
Alberto Trivero
- Oracle Reports Server 10g Vulnerable to XSS,
Paolo Paolo
- Hashcash in mail (was: New Whitepaper: Anti Brute Force Resource Metering),
Peter J. Holzer
- Firescrolling 2 [Firefox 1.0.1],
mikx
- SUSE Security Announcement: several kernel security problems (SUSE-SA:2005:018),
Marcus Meissner
- SUSE Security Announcement: MySQL vulnerabilities (SUSE-SA:2005:019),
Marcus Meissner
- [USN-100-1] cdrecord vulnerability,
Martin Pitt
- [USN-99-2] Fixed php4 packages for USN-99-1,
Martin Pitt
- Secure Science issues preview of their upcoming block cipher,
BugTraq
- [ GLSA 200503-29 ] GnuPG: OpenPGP protocol attack,
Thierry Carrez
- [ GLSA 200503-28 ] Sun Java: Web Start argument injection vulnerability,
Thierry Carrez
- LogicLibrary BugScan VSR,Trillian 2.0, 3.0 and 3.1,
Matt Hargett
- Which anti-spyware cleaner is the best?,
Paul Laudanski
- Security Flaw with Digital signatures in Microsoft Outlook,
Roberto Franceschetti
- phpMyDirectory 10.1.3-rel Cross site scripting,
mircia mircia
- RX250305 - OpenMosixView : Multiple Race conditions - advisory and exploit,
rexolab
- smail remote and local root holes,
sean
- Netcomm 1300NB DSL Modem Denial of Service,
Chris Rock
- [FLSA-2005:2155] Updated sharutils package fixes security issues,
Marc Deslauriers
- [FLSA-2005:2129] Updated mysql packages fix security issues,
Marc Deslauriers
- [FLSA-2005:2268] Updated spamassassin package fixes security issues,
Marc Deslauriers
- [ GLSA 200503-30 ] Mozilla Suite: Multiple vulnerabilities,
Thierry Carrez
- [ GLSA 200503-33 ] IPsec-Tools: racoon Denial of Service,
Matthias Geerdsen
- TCP timestamp & advanced fingerprinting,
Erwan Arzur
- ZH2005-03SA -- multiple vulnerabilities in NukeBookmarks .6,
Gerardo Astharot Di Giacomo
- AS/400 LDAP user accounts disclosure,
Shalom Carmel
- QuickTime malformed JPEG buffer overflow,
liquid
- File inclusion and XSS vulnerability in E-Store Kit-2 PayPal Edition,
dcrab
- Re: smail remote and local root holes (no, not really ;-),
Greg A. Woods
- Brute-Force scanning the entire 32-bit IP space using Javascript.,
cyber_flash
- FreeBSD Security Advisory FreeBSD-SA-05:01.telnet,
FreeBSD Security Advisories
- iDEFENSE Security Advisory 03.28.05: Multiple Telnet Client env_opt_add() Buffer Overflow Vulnerability,
iDEFENSE Labs
- iDEFENSE Security Advisory 03.28.05: Multiple Telnet Client slc_add_reply() Buffer Overflow Vulnerability,
iDEFENSE Labs
- [CLA-2005:942] Conectiva Security Announcement - ethereal,
Conectiva Updates
- [ GLSA 200503-34 ] mpg321: Format string vulnerability,
Sune Kloppenborg Jeppesen
- Buffer-overflow in Tincat 2 minor than 2.0.28 (Sacred, Settlers 5 and others),
Luigi Auriemma
- Multiple sql injection, and xss vulnerabilities in Vladersoft Shopping Cart v.3.0,
dcrab
- Multiple Sql injection, and multiple XSS vulnerabilities in Photopost PHP Pro Photo Gallery Software.,
dcrab
- local root security bug in linux >= 2.4.6 <= 2.4.30-rc1 and 2.6.x.y <= 2.6.11.5,
advisories
- Multiple Sql injection, and multiple XSS vulnerabilities in Easy Community Management System Forum (E-XOOPS),
dcrab
- [USN-101-1] telnet vulnerabilities,
Martin Pitt
- Multiple XSS vulnerabilities in ACS Blog,
Dan Crowley
- Multiple Sql injection, and multiple XSS vulnerabilities in Photopost PHP Pro Photo Gallery Software,
dcrab
- Multiple XSS issues in Sun AnswerBook2,
B00B00
- phishing sites report - March/2005,
Gadi Evron
- DoS of LAN via D-Link switches,
Frank Bures
- [SECURITY] [DSA 698-1] New mc packages fix buffer overflow,
Martin Schulze
- THai's Shoutbox XSS (Spoofing URL) BUG,
CorryL
- [SECURITY] [DSA 699-1] New netkit-telnet-ssl packages fix arbitrary code execution,
Martin Schulze
- [USN-102-1] shar vulnerabilities,
Martin Pitt
- MITKRB5-SA-2005-001: buffer overflows in telnet client,
Tom Yu
- directory traversal in FastStone 4in1 Browser 1.2,
Donato Ferrante
- Multiple sql injection, and xss vulnerabilities in AspApp,
dcrab
- Invision Power Board v2.0.3 XSS vulnerabilities,
hoang yen
- Multiple sql injection, and xss vulnerabilities in PortalApp,
dcrab
- Code insertion in Blogger comments,
Antone Roundy
- [SECURITY] [DSA 697-1] New netkit-telnet packages fix arbitrary code execution,
Martin Schulze
- [PersianHacker.NET 200503-12]Chatness 2.5.1 and prior XSS Vulnerabilities,
PersianHacker Team
- abuse & security issues > Israel,
Gadi Evron
- Multiple phpCoin Vulnerabilities,
GulfTech Security Research
- [PersianHacker.NET 200503-11]Ublog reload 1.0.4 and prior Multiple Vulnerbilities,
PersianHacker Team
- Portcullis Security Advisory 05-011 ACPI 1.6 BIOS,
Paul J Docherty
- MDKSA-2005:061 - Updated krb5 packages fix telnet client vulnerability,
Mandrakelinux Security Team
- Cisco Security Advisory: Cisco VPN 3000 Concentrator Vulnerable to Crafted SSL Attack,
Cisco Systems Product Security Incident Response Team
- [ GLSA 200503-35 ] Smarty: Template vulnerability,
Thierry Carrez
- [SECURITY] [DSA 700-1] New mailreader packages fix cross-site scripting vulnerability,
Martin Schulze
- PaFileDB Version 3.1 and below are exploitable via a XSS and a SQL injection vulnerability,
dcrab
- Multiple sql injection, and xss vulnerabilities in Pay pal Storefront,
Diabolic Crab
Mail converted by MHonArc 2.6.10