Mail Index
- [ GLSA 200508-01 ] Compress::Zlib: Buffer overflow
- From: Sune Kloppenborg Jeppesen
- [SVadvisory] - SQL injection in OpenBook 1.2.2
- The Java applet sandbox and stateful firewalls
- PHPList Vunerability
- Buffer overflow in BusinessMail email server system 4.60.00
- [SECURITY] [DSA 771-1] New pdns packages fix denial of service
- ChurchInfo Multiple Vulnerabilities
- TSLSA-2005-0038 - multi
- From: Trustix Security Advisor
- Vulnerability in Trendmicro Officescan
- ICMP attacks against TCP: Conclusions
- RE: uguestbook exploit
- From: Earnhart, Benjamin J
- Re: [BugTraq] Peter Gutmann data deletion theaory?
- [USN-157-1] Mozilla Thunderbird vulnerabilities
- MySQL Eventum Multiple Vulnerabilities
- From: GulfTech Security Research
- [USN-158-1] gzip utility vulnerability
- Re: Peter Gutmann data deletion theaory?
- [ GLSA 200507-28 ] AMD64 x86 emulation base libraries: Buffer overflow
- RE: On classifying attacks
- From: Forte Systems - Iosif Peterfi
- [USN-159-1] unzip vulnerability
- Re: LSS Security Advisory: Winamp remote buffer overflow vulnerability
- [security bulletin] SSRT5931 rev.1 Apache on HP-UX Remote Denial of Service and client restriction bypass
- Re: On classifying attacks
- [ GLSA 200508-02 ] ProFTPD: Format string vulnerabilities
- From: Sune Kloppenborg Jeppesen
- unzip TOCTOU file-permissions vulnerability
- Re: Trillian Ver 3.1 saves password's in plain Text
- From: security curmudgeon
- Re: [VulnWatch] The Java applet sandbox and stateful firewalls
- Arab Portal
- Re: [VulnWatch] The Java applet sandbox and stateful firewalls
- HACK IN THE BOX SECURITY CONFERENCE 2005
- Quick 'n Easy FTP Server 3.0 pro / lite (buffer overflow vulnerabilities)
- VBZoom Cross Site Scripting Vulnerabilities
- Re: Re : [Firefox Bug 302187] New: Shared section vulnerability when opening microsoft office document resulting in DoS
- [ GLSA 200508-03 ] nbSMTP: Format string vulnerability
- CAID 33239 - Computer Associates BrightStor ARCserve/Enterprise Backup Agents buffer overflow vulnerability
- [NOBYTES.COM: #8] Naxtor Shopping Cart 1.0 - Information Disclosure & Possible SQL Injection
- [security bulletin] SSRT5998 Rev.0 HP System Management Homepage (v2.0.x) Denial of Service (DoS) & XSS
- Re: Quick 'n Easy FTP Server 3.0 pro / lite (buffer overflow vulnerabilities)
- Re: [NOBYTES.COM: #8] Naxtor Shopping Cart 1.0 - Information Disclosure & Possible SQL Injection
- Zip 2,31 bad default file-permissions vulnerability
- iDEFENSE Security Advisory 08.02.05: CA BrightStor ARCserve Backup Agent for MS SQL Server Buffer Overflow
- [SECURITY] [DSA 772-1] New apt-cacher package fixes arbitrary command execution
- MDKSA-2005:128 - Updated mozilla packages fix multiple vulnerabilities
- From: Mandriva Security Team
- Coldfusion Fusebox V4.1.0 Vulnerability
- Re: CAID 33239 - Computer Associates BrightStor ARCserve/Enterprise Backup Agents buffer overflow vulnerability
- Silvernews 2.0.3 (possibly previous versions ) SQL Injection / Login Bypass / Remote commands execution / cross site scripting
- [security bulletin] SSRT4682 rev.0 - Oracle for Openview (OfO) Critical Patch Update July 2005
- Re: ClamAV Multiple Rem0te Buffer Overflows
- Zone Alarm Security Contact
- Re: Trillian Ver 3.1 saves password's in plain Text
- RE: On classifying attacks
- Microsoft ActiveSync information leak and spoofing
- SUSE Security Announcement: several kernel security problems (SUSE-SA:2005:044)
- [USN-160-1] Apache 2 vulnerabilities
- Scanning Software Bugs
- [ GLSA 200507-29 ] pstotext: Remote execution of arbitrary code
- RE: Trillian Ver 3.1 saves password's in plain Text
- FINAL Phrack Magazine release #63 is OUT
- SQL IN PortailPHP
- RE: Trillian Ver 3.1 saves password's in plain Text
- Re: Trillian Ver 3.1 saves password's in plain Text
- Re: Zip 2,31 bad default file-permissions vulnerability
- Re: Trillian Ver 3.1 saves password's in plain Text
- [USN-161-1] bzip2 utility vulnerability
- Re: Re: Quick 'n Easy FTP Server 3.0 pro / lite (buffer overflow vulnerabilities)
- Re: Zip 2,31 bad default file-permissions vulnerability
- Re: Coldfusion Fusebox V4.1.0 Vulnerability
- MDKSA-2005:129 - Updated apache2 packages fix vulnerabilities
- From: Mandriva Security Team
- MDKSA-2005:130 - Updated apache packages fix vulnerabilities
- From: Mandriva Security Team
- Re: Zip 2,31 bad default file-permissions vulnerability
- Re: Coldfusion Fusebox V4.1.0 Vulnerability
- Re: ClamAV Multiple Rem0te Buffer Overflows
- Re: Zone Alarm Security Contact
- From: security curmudgeon
- Cisco IOS Shellcode - McAfee IPS Protection
- Remote Password Compromise of Microsoft Active Sync 3.7.1
- Re: On classifying attacks
- Re: Scanning Software Bugs
- MDKSA-2005:131 - Updated ethereal packages fix multiple vulnerabilities
- From: Mandriva Security Team
- Re: uguestbook exploit
- From: security curmudgeon
- Silvernews 2.0.3 remote command execution exploit, proxy server support!
- [HSC Security Group] Multiple XSS in phpopenchat 3.0.2
- FlatNuke 2.5.5 (possibly prior versions) remote commands execution / cross site scripting / path disclosure (by rgod)
- Re: Zip 2,31 bad default file-permissions vulnerability
- TSLSA-2005-0040 - multi
- From: Trustix Security Advisor
- Re: Zip 2,31 bad default file-permissions vulnerability
- Re: Trillian Ver 3.1 saves password's in plain Text
- Comdev eCommerce config.php Vulnerability
- tar preserves setuid bit
- ipb Css bug(now public)
- Defeating Citi-Bank Virtual Keyboard Protection
- Comdev eCommerce wce.download.php Download Vulnerability
- Root exploits in Lantonix Secure Console Server
- Vulnerability in ePing and eTrace plugins of e107
- Re: On classifying attacks
- Re: On classifying attacks
- [ GLSA 200508-04 ] Netpbm: Arbitrary code execution in pstopnm
- RE: On classifying attacks
- From: Forte Systems - Iosif Peterfi
- Re: On classifying attacks
- [ GLSA 200508-05 ] Heartbeat: Insecure temporary file creation
- From: Sune Kloppenborg Jeppesen
- Gravity Board X v1.1 multiple vulnerabilities
- Re: SQL IN PortailPHP
- SQL IN Open Bulletin Board
- Re: [NOBYTES.COM: #8] Naxtor Shopping Cart 1.0 - Information Disclosure & Possible SQL Injection
- E107 + IPB XSS Exploit
- Re: ipb Css bug(now public)
- iDEFENSE Security Advisory 08.05.05: EMC Navisphere Manager Directory Traversal Vulnerability
- XSS in forums CFBB v1.1.0
- Advisory 13/2005: Remote code execution in SysCP
- RE: CAID 33239 - Computer Associates BrightStor ARCserve/Enterprise Backup Agents buffer overflow vulnerability
- [SVadvisory#13] - SQL injection in MYFAQ 1.0
- Re: ipb Css bug(now public)
- [AppSecInc Advisory MYSQL05-V0002] Buffer Overflow in MySQL User Defined Functions
- Re: Kent's Guestbook database exploit
- From: security curmudgeon
- [USN-162-1] ekg and Gadu library vulnerabilities
- Creating a secret web site on IIS 5.x using Alternative Data Streams
- From: inge_eivind . henriksen
- Re: Scanning Software Bugs
- Nate User Password Disclosed By Anonymous
- Re: Cisco IOS Shellcode - McAfee IPS Protection
- nbSMTP v0.99 remote format string exploit
- Re: tar preserves setuid bit
- Re: Zip 2,31 bad default file-permissions vulnerability
- Re: tar preserves setuid bit
- Re: Defeating Citi-Bank Virtual Keyboard Protection
- Re: tar preserves setuid bit
- Re: Trillian Ver 3.1 saves password's in plain Text
- Re: GNU tar and the setuid bit
- Re: GNU tar and the setuid bit
- Re: [DCC SPAM] Defeating Citi-Bank Virtual Keyboard Protection
- From: Secure Science Corporation Bugtraq
- [AppSecInc Advisory MYSQL05-V0001] Improper Filtering of Directory Traversal Characters in MySQL User Defined Functions
- FunkBoard V0.66CF (possibly prior versions) cross site scripting, possible database username/password disclosure & board takeover,possible remote code execution
- [AppSecInc Advisory MYSQL05-V0003] Multiple Issues with MySQL User Defined Functions
- [USN-163-1] xpdf vulnerability
- Apple Safari & Javascript - KERN_INVALID_ADDRESS (0x0001)
- Sql injection and global variables poisoning in XMB Forum 1.9.1
- Bugtraq ID: 14460 : Coldfusion Fusebox V4.1.0 Vulnerability
- iDEFENSE Security Advisory 08.09.05: AWStats ShowInfoURL Remote Command Execution Vulnerability
- RE: Creating a secret web site on IIS 5.x using Alternative Data Streams
- Mozilla Firefox up to 1.0.6 and Mozilla Thunderbird up to 1.0 url string obfuscation
- Re: tar preserves setuid bit
- BID 14355, VERITAS NetBackup 5.1 Time Stamp Vulnerability
- [security bulletin] SSRT5940 rev.1 - HP-UX Mozilla remote, unauthorized user may execute privileged code
- Re: Defeating Citi-Bank Virtual Keyboard Protection
- Design Flaw at Microsoft's AntiSpyware
- [security bulletin] SSRT051005 rev.0 - HP ProLiant DL585 Servers Unauthorized Remote Access
- [security bulletin] SSRT5957 rev.0 - HP Tru64 UNIX IPSEC Tunnel ESP Mode Remote Unauthorized Disclosure of Encrypted Data
- [security bulletin] SSRT5998 rev.1 - HP System Management Homepage (v2.0.x) Denial of Service (DoS) and XSS
- NSFOCUS SA2005-02 : Microsoft IE Devenum.dll COM Instantiation Remote Code Execution Vulnerability
- From: NSFOCUS Security Team
- [KDE Security Advisory] kpdf temp file writing DoS vulnerability
- Help put a stop to incompetent computer forensics
- Full path disclosure in CaLogic 1.22 and possible in older versions.
- RE: [Full-disclosure] Help put a stop to incompetent computer forensics
- Re: SQL IN Open Bulletin Board
- From: security curmudgeon
- CoolWebSearch found in massive spyware ring
- MDKSA-2005:132 - Updated heartbeat packages fix temporary file vulnerabilities
- From: Mandriva Security Team
- MDKSA-2005:133 - Updated netpbm packages fix temporary file vulnerabilities
- From: Mandriva Security Team
- Evolution multiple remote format string bugs
- Privilege escalation in Nortel Contivity VPN Client V05_01.030
- ISS vs. Cisco: Chapter 2
- Re: ISS vs. Cisco: Chapter 2
- High Risk Vulnerability in Novell eDirectory Server
- From: NGSSoftware Insight Security Research
- [USN-166-1] Evolution vulnerabilities
- Re: Compromising pictures of Microsoft Internet Explorer!
- [USN-164-1] netpbm vulnerability
- [USN-165-1] heartbeat vulnerability
- SUSE Security Announcement: Mozilla various security problems (SUSE-SA:2005:045)
- [SECURITY] [DSA 773-1] New amd64 packages fix several bugs
- MDKSA-2005:138 - Updated cups packages fix vulnerability
- From: Mandriva Security Team
- remote DOS on Wyse thin client 1125SE
- From: Josh Zlatin-Amishav
- MDKSA-2005:137 - Updated ucd-snmp packages fix a DoS vulnerability
- From: Mandriva Security Team
- MDKSA-2005:135 - Updated kdegraphics packages fix vulnerability
- From: Mandriva Security Team
- [FLSA-2005:129284] Updated spamassassin package fixes security issue
- [FLSA-2005:152889] Updated mc packages fix security issues
- [FLSA-2005:157696] Updated gzip package fixes security issues
- [FLSA-2005:157701] Updated Apache httpd packages fix security issues
- MDKSA-2005:136 - Updated gpdf packages fix vulnerability
- From: Mandriva Security Team
- MDKSA-2005:134 - Updated xpdf packages fix vulnerability
- From: Mandriva Security Team
- Privilege escalation in Network Associates ePolicy Orchestrator Agent 3.5.0 (patch 3)
- Xoops 2.2.1 Full Path Disclosure
- [SECURITY] [DSA 774-1] New fetchmail packages fix arbitrary code execution
- (MS05-039) Microsoft Windows Plug-and-Play Service Remote Overflow (Universal Exploit + no crash shellcode)
- FW: Updated Version & Exploit - Privilege escalation in Nortel Contivity VPN Client V05_01.030
- My Bulletin Board RC 4 Vulnerabilities
- Insecure directory permissions of default installation of Kaspersky Anti-Virus for Unix/Linux File Servers will lead to local root exploit
- From: Dr. Peter Bieringer
- Windows 2000 universal exploit for MS05-039
- Privilege escalation in Linksys WLAN Monitor v2.0
- Re: Xoops 2.2.1 Full Path Disclosure
- Bluetooth: Theft of Link Keys for Fun and Profit?
- Grandstream Budge Tone 101/102 DoS Vulnerability
- [USN-168-1] Gaim vulnerabilities
- Low security hole affecting Mentor's ADSLFR4II router
- JaguarControl Activex Buffer Overflow
- SQL in PHPTB Topic Boards 2.0
- [DRUPAL-SA-2005-004] Drupal 4.6.3 / 4.5.5 fixes critical XML-RPC issue
- Advisory 15/2005: PHPXMLRPC Remote PHP Code Injection Vulnerability
- Advisory 14/2005: PEAR XML_RPC Remote PHP Code Injection Vulnerability
- Vulnerability found in CPAINT Ajax Toolkit
- [SECURITY] [DSA 761-2] New heartbeat packages fix insecure temporary files
- drone armies C&C report - July/2005
- [SECURITY] [DSA 775-1] New Mozilla packages fix frame injection spoofing vulnerability
- [ GLSA 200508-06 ] Gaim: Remote execution of arbitrary code
- From: Sune Kloppenborg Jeppesen
- Technical Note by Amit Klein: Detecting and Preventing HTTP Response Splitting and HTTP Request Smuggling Attacks at the TCP Le
- From: Amit Klein (AKsecurity)
- Serious flaw in Linksys wireless AP password security
- Re: FunkBoard V0.66CF (possibly prior versions) cross site scripting, possible database username/password disclosure & board takeover,possible remote code execution
- Serious flaw in Linksys wireless AP password security
- MDKSA-2005:139 - Updated gaim packages fix yet more vulnerabilities
- From: Mandriva Security Team
- Corsaire Security Advisory: HP Ignite-UX passwd file disclosure issue
- MDKSA-2005:140 - Updated proftpd packages fix format string vulnerabilities
- From: Mandriva Security Team
- 249bytes reverse shellcode with "nooil tricks methods"
- Corsaire Security Advisory: HP Ignite-UX filesystem permissions issue
- [SECURITY] [DSA 776-1] New clamav packages fix several problems
- SUSE Security Announcement: apache, apache2 request smuggling problem (SUSE-SA:2005:046)
- [NOBYTES.COM: #9] ECW Shop 6.0.2 - Multiple Vulnerabilities
- RE: Serious flaw in Linksys wireless AP password security
- From: Robert Thompson Jr.
- [ GLSA 200508-07 ] AWStats: Arbitrary code execution using malicious Referrer information
- From: Sune Kloppenborg Jeppesen
- [ GLSA 200508-08 ] Xpdf, Kpdf, GPdf: Denial of Service vulnerability
- From: Sune Kloppenborg Jeppesen
- SQL injection in Persianblog
- RE: Vulnerability found in CPAINT Ajax Toolkit
- Hummingbird FTP Weak Password Encryption
- Re: [Full-disclosure] Privilege escalation in Network Associates ePolicy Orchestrator Agent 3.5.0 (patch 3)
- Re: [Full-disclosure] Privilege escalation in Network Associates ePolicy Orchestrator Agent 3.5.0 (patch 3)
- Re: [Full-disclosure] Privilege escalation in Network Associates ePolicy Orchestrator Agent 3.5.0 (patch 3)
- Win32 Port of Nessusd
- Re: Serious flaw in Linksys wireless AP password security
- RE: Serious flaw in Linksys wireless AP password security
- From: Robert Thompson Jr.
- [security bulletin] SSRT4874 rev.0 - HP-UX Ignite-UX Remote Unauthorized Access
- From: Boren, Rich (HP SSRT)
- Re: Win32 Port of Nessusd
- Cisco Security Advisory: Cisco Clean Access Unauthenticated API Access
- From: Cisco Systems Product Security Incident Response Team
- NOVL-2005010098073 GroupWise Password Caching
- [SECURITYREASON.COM] phpAdsNew/phpPgAds 2.0.5 Local file inclusion cXIb8O3.16
- Buffer-overflow in Chris Moneymaker's World Poker Championship 1.0
- Re: SQL injection in Persianblog
- SQL injection in mediabox404 v1.2
- [SECURITY] [DSA 777-1] New Mozilla packages fix frame injection spoofing vulnerability
- PHPTB Topic Board <= 20: Multiple PHP injection vulnerabilities
- Unicode Buffer Overflow in WinFtp Server 1.6.8
- [PHPADSNEW-SA-2005-001] phpAdsNew and phpPgAds 2.0.6 fix multiple vulnerabilities
- [ GLSA 200508-09 ] bluez-utils: Bluetooth device name validation vulnerability
- From: Sune Kloppenborg Jeppesen
- MSN Messenger Password Decrypter for WinXP/2003
- Internet Explorer 6 Meta Refresh Parsing Weakness
- Juniper Netscreen VPN Username Enumeration Vulnerability
- Bypassing the new /GS protection in VC++ 7.1
- mutt buffer overflow
- Zorum 3.5 remote code execution poc exploit
- Password Disclosure in Whisper32
- Sensitive Information Disclosure Vulnerability in Kinetics Kiosk Product
- Bluez hcid popen() explained.
- Re: [SECURITY] [DSA 777-1] New Mozilla packages fix frame injection spoofing vulnerability
- Re: [Full-disclosure] mutt buffer overflow
- From: Frank Denis (Jedi/Sector One)
- BBCaffe 2.0 cross site scripting poc
- MDKSA-2005:143 - Updated kdegraphics packages fix kfax vulnerability
- From: Mandriva Security Team
- MDKSA-2005:142 - Updated libtiff packages fixes vulnerability
- From: Mandriva Security Team
- MDKSA-2005:141 - Updated evolution packages fixes format string vulnerabilities
- From: Mandriva Security Team
- runcms highlight.php hole
- PHPFreeNews V1.40 and prior Multiple Vulnerabilities
- Re: Sensitive Information Disclosure Vulnerability in Kinetics Kiosk Product
- DevC++ V.4.9.9.2 NULL BYTE INSERTION / OBFUSCATION FLAW (by rgod)
- MDKSA-2005:144 - Updated wxPythonGTK packages several vulnerabilities
- From: Mandriva Security Team
- UnixWare 7.1.4 UnixWare 7.1.3 : cpio race condition and directory traversal issues fixed.
- From: please_reply_to_security
- w-agora 4.2.0 and prior Remote Directory Travel Vulnerability
- ATutor 1.5.1 and prior multiple XSS Vulnerabilities
- Re: Sensitive Information Disclosure Vulnerability in Kinetics Kiosk Product
- WinAce Temporary File Parsing Buffer Overflow Vulnerability
- [SECURITY] [DSA 778-1] New mantis packages fix several vulnerabilities
- Cisco Clean Access Agent (Perfigo) bypass
- [USN-170-1] gnupg vulnerability
- [ GLSA 200508-10 ] Kismet: Multiple vulnerabilities
- From: Sune Kloppenborg Jeppesen
- Secunia Research: HAURI Anti-Virus Compressed Archive Directory Traversal
- Fwd: Tor security advisory: DH handshake flaw
- [USN-169-1] Linux kernel vulnerabilities
- [ GLSA 200508-11 ] Adobe Reader: Buffer Overflow
- Vul in MyBB
- IBM Lotus Notes multiple disclosures of password hashes
- Woltlab Burning Board <= 2.2.2/2.3.3 modcp.php SQL injection
- [USN-171-1] PHP4 vulnerabilities
- [SECURITY] [DSA 779-1] New Mozilla Firefox packages fix several vulnerabilities
- Bugs Land Down Under v800
- ToorCon 7 Lineup Finalized & Pre-Registration Ending
- Nephp Publisher Enterprise 3.04 Cross Site Scripting
- SUSE Security Announcement: Adobe Reader Plugin buffer overflow (SUSE-SA:2005:047)
- ELM < 2.5.8 Remote Exploit POC
- Cisco Security Advisory: SSL Certificate Validation Vulnerability in IDS Management Software
- From: Cisco Systems Product Security Incident Response Team
- RE: Cisco Clean Access Agent (Perfigo) bypass
- From: Dario Ciccarone (dciccaro)
- DMA[2005-0818a] - 'Apple OSX dsidentity privilege abuse'
- Cisco Security Advisory: Cisco Intrusion Prevention System Vulnerable to Privilege Escalation
- From: Cisco Systems Product Security Incident Response Team
- RE: Cisco Clean Access Agent (Perfigo) bypass
- From: Dario Ciccarone (dciccaro)
- SQL Injection and PHP Code Injection Vulnerabilities in PHPKit 1.6.1
- [SECURITYREASON.COM] Multiple vulnerabilities in PostNuke 0.760-RC4b=>x cXIb8O3.15
- Remote IIS 5.x and IIS 6.0 Server Name Spoof
- From: inge_eivind . henriksen
- Re: RE: Cisco Clean Access Agent (Perfigo) bypass
- [ Suresec Advisories ] - Several MacOS X vulnerabilities
- 32919 - Computer Associates Message Queuing (CAM/CAFT) multiple vulnerabilities
- Re: Remote IIS 5.x and IIS 6.0 Server Name Spoof
- [SECURITY] [DSA 781-1] New Mozilla Thunderbird packages fix several vulnerabilities
- [SECURITY] [DSA 782-1] New bluez-utils packages fix arbitrary command execution
- MDKSA-2005:145 - Updated openvpn packages fix several vulnerabilities
- From: Mandriva Security Team
- MDKSA-2005:146 - Updated php-pear packages fix more PEAR XML-RPC vulnerabilities
- From: Mandriva Security Team
- MDKSA-2005:148 - Updated vim packages fix vulnerability
- From: Mandriva Security Team
- Re: ELM < 2.5.8 Remote Exploit POC
- Oracle Password Checker
- [ GLSA 200508-12 ] Evolution: Format string vulnerabilities
- Server crash in Ventrilo 2.3.0
- Mercora IMRadio 4.0.0.0 Discloses Passwords to Local Users
- [USN-172-1] lm-sensors vulnerability
- [USN-173-1] PCRE vulnerability
- ZipTorrent 1.3.7.3 Discloses Proxy Passwords to Local Users
- Re: Interspire ArticleLive 2005 (php version) is vulnerable to XSS
- MDKSA-2005:147 - Updated slocate packages fix vulnerability
- From: Mandriva Security Team
- [RLSA_01-2005] QNX inputtrap arbitrary file read vulnerability
- New Whitepaper - The Pharming Guide
- From: NGSSoftware Insight Security Research
- Multiple Vulnerabilities in Home Ftp Server 1.0.7
- Cross-site scripting vulnerability in BEA WebLogic administration console
- Secunia Research: SqWebMail Attached File Script Insertion Vulnerability
- PaFileDB 3.1 - SQL-Injection
- Secunia Research: HAURI Anti-Virus ACE Archive Handling Buffer Overflow
- Re: Beehive Forum Multiple Vulnerabilities
- [SECURITY] [DSA 783-1] New mysql packages fix insecure temporary file
- LeapFTP .lsq Buffer Overflow Vulnerability
- Foojan PHP Weblog Information Disclosure - Refferer Html Injection
- Re: ZipTorrent 1.3.7.3 Discloses Proxy Passwords to Local Users
- RE: Remote IIS 5.x and IIS 6.0 Server Name Spoof
- unload event in ie/mozilla/opera
- RE: unload event in ie/mozilla/opera
- [ GLSA 200508-13 ] PEAR XML-RPC, phpxmlrpc: New PHP script injection vulnerability
- [USN-173-2] PCRE vulnerability
- [ GLSA 200508-14 ] TikiWiki, eGroupWare: Arbitrary command execution through XML-RPC
- Re: LeapFTP .lsq Buffer Overflow Vulnerability
- Re: Mercora IMRadio 4.0.0.0 Discloses Passwords to Local Users
- Advisory: iTAN not as secure as claimed
- [ GLSA 200508-15 ] Apache 2.0: Denial of Service vulnerability
- From: Sune Kloppenborg Jeppesen
- Re: unload event in ie/mozilla/opera
- [SECURITY] [DSA 784-1] New courier packages fix denial of service
- Portcullis Security Advisory 05-014 HP Openview Remote Command Execution Vulnerability
- [SECURITY] [DSA 785-1] New libpam-ldap packages fix authentication bypass
- MS05_039 Exploitation (different languages)
- From: Roman Medina-Heigl Hernandez
- [ GLSA 200508-17 ] libpcre: Heap integer overflow
- [security bulletin] SSRT4702 rev.0 - HP-UX running Veritas 3.3/3.5 unauthorized data access
- From: Boren, Rich (HP SSRT)
- Re: Portcullis Security Advisory 05-014 HP Openview Remote Command Execution Vulnerability
- Re: LeapFTP .lsq Buffer Overflow Vulnerability
- Tool for Identifying Rogue Linksys Routers
- Quake 2 Lithium Mod V 1.24 Macro Expansion Vuln?
- An Illustrated Guide to IPSec
- [ GLSA 200508-16 ] Tor: Information disclosure
- From: Sune Kloppenborg Jeppesen
- Re: ZipTorrent 1.3.7.3 Discloses Proxy Passwords to Local Users
- RE: unload event in ie/mozilla/opera
- Re: [NOBYTES.COM: #8] Naxtor Shopping Cart 1.0 - Information Disclosure & Possible SQL Injection
- Re: LeapFTP .lsq Buffer Overflow Vulnerability
- ssl-login-checkbox faked in Lycos webmail-frontend
- Re: unload event in ie/mozilla/opera
- Re: unload event in ie/mozilla/opera
- Re: unload event in ie/mozilla/opera
- Tool Announcement: AIRT -- the Advanced Incident Response Tool 0.4.2 released
- Astaro Security Linux 6.0 - HTTP CONNECT Access Localhost Weakness
- CORRECTION: Remote IIS 5.x and IIS 6.0 Server Name Spoof
- Re: [Full-disclosure] MS05_039 Exploitation (different languages)
- Re: Tool for Identifying Rogue Linksys Routers
- [USN-174-1] courier vulnerability
- RE: Tool for Identifying Rogue Linksys Routers
- From: Thomas Guyot-Sionnest
- Re: unload event in ie/mozilla/opera
- Re: MS05_039 Exploitation (different languages)
- Re: Tool for Identifying Rogue Linksys Routers
- 22nd Chaos Communication Congress 2005: Call for Papers
- [SECURITY] [DSA 787-1] New backup-manager package fixes several vulnerabilities
- MDKSA-2005:152 - Updated php packages fix integer overflow vulnerability
- From: Mandriva Security Team
- Re: Tool for Identifying Rogue Linksys Routers
- RE: Tool for Identifying Rogue Linksys Routers
- Re: [ GLSA 200508-14 ] TikiWiki, eGroupWare: Arbitrary command execution through XML-RPC
- AWstats Path Disclosure Vulnerability
- [security bulletin] SSRT051023 rev.0 - HP Openview Network Node Manager (OV NNM) Remote Unauthorized Access
- From: Boren, Rich (HP SSRT)
- MDKSA-2005:150 - Updated bluez-utils packages fix vulnerability
- From: Mandriva Security Team
- [ GLSA 200508-18 ] PhpWiki: Arbitrary command execution through XML-RPC
- MDKSA-2005:151 - Updated pcre packages fix integer overflow vulnerability
- From: Mandriva Security Team
- Re: unload event in ie/mozilla/opera
- Multiple PHP Images Galleries EXIF Metadata XSS Vulnerabilities
- Simple PHP Blog File Upload and User Credentials Exposure Vulnerabilities
- [SECURITY] [DSA 786-1] New simpleproxy packages fix arbitrary code execution
- DMA[2005-0826a] - 'Nokia Affix Bluetooth btsrv poor use of popen()'
- MDKSA-2005:149 - Updated lm_sensors packages fix temporary file vulnerability
- From: Mandriva Security Team
- Re: Tool for Identifying Rogue Linksys Routers
- Sophos Antivirus Library Remote Heap Overflow
- Looking Glass v20040427 arbitrary commands execution / cross site scripting
- Re: Tool for Identifying Rogue Linksys Routers
- MDKSA-2005:154 - Updated python packages fix integer overflow vulnerability
- From: Mandriva Security Team
- Re: Tool for Identifying Rogue Linksys Routers
- MDKSA-2005:153 - Updated gnumeric packages fix integer overflow vulnerability
- From: Mandriva Security Team
- XSS security hole in phpwebnotes.
- Re: ZipTorrent 1.3.7.3 Discloses Proxy Passwords to Local Users
- Re: Tool for Identifying Rogue Linksys Routers
- RE: Sophos Antivirus Library Remote Heap Overflow
- Re: Tool for Identifying Rogue Linksys Routers
- Multiple CMS/Forum Vulnablilties
- From: pacifico\", 0] //--></script>a
- Xcon2005 papers released
- PHP-Fusion <= v6.00.107 XSS exploit
- FUD Forum < 2.7.1 PHP code injection vurnelability
- Land Down Under
- Secunia Research: SqWebMail HTML Emails Script Insertion Vulnerability
- Multiple vulnerabilities in BFCommand & Control for Battlefield 1942 and Vietnam
- [cosmoshop <= 8.10.78] be the shopadmin in one step
- [SECURITY] [DSA 788-1] New kismet packages fix arbitrary code execution
- Land Down Under 801 And Prior Multiple SQL Injection Vulnerabilities
- SimplePHPBlog Arbitrary File Deletion and Sample Exploit
- Re: unload event in ie/mozilla/opera
- Vulnerability in Helpdesk software Hesk 0.92
- WASC-Articles: 'Preventing Log Evasion in IIS'
- PunBB BBCode IMG Tag Script Injection Vulnerability
- Member.php SQL Injection in MyBB
- [SECURITY] [DSA 789-1] New PHP 4 packages fix several vulnerabilities
- AutoLinks Pro 2.1
- Re: Sophos Antivirus Library Remote Heap Overflow
- SUSE Security Announcement: php4/php5 Pear::XML_RPC code injection and PCRE integer overflow problems (SUSE-SA:2005:049)
- BNBT EasyTracker Remote Denial of Service Vulnerability
- SUSE Security Announcement: pcre integer overflows (SUSE-SA:2005:048)
- iDEFENSE Security Advisory 08.29.05: Adobe Version Cue VCNative Arbitrary Library Loading Vulnerability
- iDEFENSE Security Advisory 08.29.05: Adobe Version Cue VCNative Arbitrary File Overwrite Vulnerability
- iDEFENSE Security Advisory 08.29.05: Symantec AntiVirus 9 Corporate Edition Local Privilege Escalation Vulnerability
- phpLDAPadmin 0.9.6 - 0.9.7/alpha5 (possibly prior versions) system disclosure,
- [USN-173-3] Fixed apache2 packages for USN-173-2
- [ GLSA 200508-19 ] lm_sensors: Insecure temporary file creation
- [ GLSA 200508-20 ] phpGroupWare: Multiple vulnerabilities
- Re: ICMP attacks against TCP: Conclusions
- [UNTRUE] Gadu-Gadu supposedly fixed the invisible detection vulnerability?
- e107 0.6 forum_post.php create new topics in non-existing forums
- [SECURITY] [DSA 790-1] New phpldapadmin packages fix unauthorised access
- Fetchmail 6.2.5 exploit for Bugtraq ID: 14349
- Re: Vulnerability in Helpdesk software Hesk 0.92
- Re: PunBB BBCode IMG Tag Script Injection Vulnerability
- [SECURITY] [DSA 791-1] New maildrop packages fix arbitrary group mail command execution
- MS05-042 Security Update Problems
- Re: Vulnerability in Helpdesk software Hesk 0.92
Mail converted by MHonArc 2.6.10