Mail Thread Index
- [ GLSA 200508-01 ] Compress::Zlib: Buffer overflow,
Sune Kloppenborg Jeppesen
- [SVadvisory] - SQL injection in OpenBook 1.2.2,
svt
- The Java applet sandbox and stateful firewalls,
Florian Weimer
- PHPList Vunerability,
ziot
- Buffer overflow in BusinessMail email server system 4.60.00,
Reed Arvin
- [SECURITY] [DSA 771-1] New pdns packages fix denial of service,
Martin Schulze
- ChurchInfo Multiple Vulnerabilities,
thegreatone2176
- TSLSA-2005-0038 - multi,
Trustix Security Advisor
- Vulnerability in Trendmicro Officescan,
sylvain . roger
- ICMP attacks against TCP: Conclusions,
Fernando Gont
- RE: uguestbook exploit,
Earnhart, Benjamin J
- Re: [BugTraq] Peter Gutmann data deletion theaory?,
Richard Clayton
- [USN-157-1] Mozilla Thunderbird vulnerabilities,
Martin Pitt
- MySQL Eventum Multiple Vulnerabilities,
GulfTech Security Research
- [USN-158-1] gzip utility vulnerability,
Martin Pitt
- Re: Peter Gutmann data deletion theaory?,
Michael Sierchio
- [ GLSA 200507-28 ] AMD64 x86 emulation base libraries: Buffer overflow,
Thierry Carrez
- RE: On classifying attacks,
Forte Systems - Iosif Peterfi
- [USN-159-1] unzip vulnerability,
Martin Pitt
- Re: LSS Security Advisory: Winamp remote buffer overflow vulnerability,
ljuranic
- [security bulletin] SSRT5931 rev.1 Apache on HP-UX Remote Denial of Service and client restriction bypass,
security-alert
- [ GLSA 200508-02 ] ProFTPD: Format string vulnerabilities,
Sune Kloppenborg Jeppesen
- unzip TOCTOU file-permissions vulnerability,
Imran Ghory
- Re: Trillian Ver 3.1 saves password's in plain Text,
security curmudgeon
- Arab Portal,
ABDUCTER_MINDS
- HACK IN THE BOX SECURITY CONFERENCE 2005,
alphademon
- Quick 'n Easy FTP Server 3.0 pro / lite (buffer overflow vulnerabilities),
[at]
- VBZoom Cross Site Scripting Vulnerabilities,
almaster
- Re: Re : [Firefox Bug 302187] New: Shared section vulnerability when opening microsoft office document resulting in DoS,
Cesar
- [ GLSA 200508-03 ] nbSMTP: Format string vulnerability,
Thierry Carrez
- CAID 33239 - Computer Associates BrightStor ARCserve/Enterprise Backup Agents buffer overflow vulnerability,
Williams, James K
- [NOBYTES.COM: #8] Naxtor Shopping Cart 1.0 - Information Disclosure & Possible SQL Injection,
John Cobb
- [security bulletin] SSRT5998 Rev.0 HP System Management Homepage (v2.0.x) Denial of Service (DoS) & XSS,
security-alert
- Zip 2,31 bad default file-permissions vulnerability,
Imran Ghory
- iDEFENSE Security Advisory 08.02.05: CA BrightStor ARCserve Backup Agent for MS SQL Server Buffer Overflow,
iDEFENSE Labs
- [SECURITY] [DSA 772-1] New apt-cacher package fixes arbitrary command execution,
Martin Schulze
- MDKSA-2005:128 - Updated mozilla packages fix multiple vulnerabilities,
Mandriva Security Team
- Coldfusion Fusebox V4.1.0 Vulnerability,
N.N.P
- Re: CAID 33239 - Computer Associates BrightStor ARCserve/Enterprise Backup Agents buffer overflow vulnerability,
cybertronic
- Silvernews 2.0.3 (possibly previous versions ) SQL Injection / Login Bypass / Remote commands execution / cross site scripting,
retrogod
- [security bulletin] SSRT4682 rev.0 - Oracle for Openview (OfO) Critical Patch Update July 2005,
security-alert
- Re: ClamAV Multiple Rem0te Buffer Overflows,
Steven M. Christey
- Zone Alarm Security Contact,
David Cross
- Microsoft ActiveSync information leak and spoofing,
3APA3A
- SUSE Security Announcement: several kernel security problems (SUSE-SA:2005:044),
Ludwig Nussel
- [USN-160-1] Apache 2 vulnerabilities,
Martin Pitt
- Scanning Software Bugs,
Dan . Creed
- [ GLSA 200507-29 ] pstotext: Remote execution of arbitrary code,
Stefan Cornelius
- FINAL Phrack Magazine release #63 is OUT,
phrackstaff
- SQL IN PortailPHP,
ABDUCTER_MINDS
- [USN-161-1] bzip2 utility vulnerability,
Martin Pitt
- Re: Re: Quick 'n Easy FTP Server 3.0 pro / lite (buffer overflow vulnerabilities),
asierillo
- MDKSA-2005:129 - Updated apache2 packages fix vulnerabilities,
Mandriva Security Team
- MDKSA-2005:130 - Updated apache packages fix vulnerabilities,
Mandriva Security Team
- Remote Password Compromise of Microsoft Active Sync 3.7.1,
nospam
- MDKSA-2005:131 - Updated ethereal packages fix multiple vulnerabilities,
Mandriva Security Team
- Silvernews 2.0.3 remote command execution exploit, proxy server support!,
[at]
- [HSC Security Group] Multiple XSS in phpopenchat 3.0.2,
zinho
- FlatNuke 2.5.5 (possibly prior versions) remote commands execution / cross site scripting / path disclosure (by rgod),
retrogod
- TSLSA-2005-0040 - multi,
Trustix Security Advisor
- Comdev eCommerce config.php Vulnerability,
none
- tar preserves setuid bit,
Imran Ghory
- ipb Css bug(now public),
virusishacker
- Defeating Citi-Bank Virtual Keyboard Protection,
Debasis Mohanty
- Comdev eCommerce wce.download.php Download Vulnerability,
none
- Root exploits in Lantonix Secure Console Server,
c0ntex
- Vulnerability in ePing and eTrace plugins of e107,
os2a . bto
- [ GLSA 200508-04 ] Netpbm: Arbitrary code execution in pstopnm,
Thierry Carrez
- [ GLSA 200508-05 ] Heartbeat: Insecure temporary file creation,
Sune Kloppenborg Jeppesen
- Gravity Board X v1.1 multiple vulnerabilities,
retrogod
- SQL IN Open Bulletin Board,
ABDUCTER_MINDS
- E107 + IPB XSS Exploit,
edward11
- iDEFENSE Security Advisory 08.05.05: EMC Navisphere Manager Directory Traversal Vulnerability,
iDEFENSE Labs
- XSS in forums CFBB v1.1.0,
stormhacker
- Advisory 13/2005: Remote code execution in SysCP,
Christopher Kunz
- [SVadvisory#13] - SQL injection in MYFAQ 1.0,
svt
- [AppSecInc Advisory MYSQL05-V0002] Buffer Overflow in MySQL User Defined Functions,
Team SHATTER
- Re: Kent's Guestbook database exploit,
security curmudgeon
- [USN-162-1] ekg and Gadu library vulnerabilities,
Martin Pitt
- Creating a secret web site on IIS 5.x using Alternative Data Streams,
inge_eivind . henriksen
- Nate User Password Disclosed By Anonymous,
saintlinu
- nbSMTP v0.99 remote format string exploit,
coki
- [AppSecInc Advisory MYSQL05-V0001] Improper Filtering of Directory Traversal Characters in MySQL User Defined Functions,
Team SHATTER
- FunkBoard V0.66CF (possibly prior versions) cross site scripting, possible database username/password disclosure & board takeover,possible remote code execution,
retrogod
- [AppSecInc Advisory MYSQL05-V0003] Multiple Issues with MySQL User Defined Functions,
Team SHATTER
- [USN-163-1] xpdf vulnerability,
Martin Pitt
- Apple Safari & Javascript - KERN_INVALID_ADDRESS (0x0001),
Patrick Webster
- Sql injection and global variables poisoning in XMB Forum 1.9.1,
heintz
- Bugtraq ID: 14460 : Coldfusion Fusebox V4.1.0 Vulnerability,
Adrocknaphobia
- iDEFENSE Security Advisory 08.09.05: AWStats ShowInfoURL Remote Command Execution Vulnerability,
iDEFENSE Labs
- Mozilla Firefox up to 1.0.6 and Mozilla Thunderbird up to 1.0 url string obfuscation,
Marc Ruef
- BID 14355, VERITAS NetBackup 5.1 Time Stamp Vulnerability,
secure
- [security bulletin] SSRT5940 rev.1 - HP-UX Mozilla remote, unauthorized user may execute privileged code,
security-alert
- Design Flaw at Microsoft's AntiSpyware,
manolisgavriil
- [security bulletin] SSRT051005 rev.0 - HP ProLiant DL585 Servers Unauthorized Remote Access,
security-alert
- [security bulletin] SSRT5957 rev.0 - HP Tru64 UNIX IPSEC Tunnel ESP Mode Remote Unauthorized Disclosure of Encrypted Data,
Security Alert
- [security bulletin] SSRT5998 rev.1 - HP System Management Homepage (v2.0.x) Denial of Service (DoS) and XSS,
security-alert
- NSFOCUS SA2005-02 : Microsoft IE Devenum.dll COM Instantiation Remote Code Execution Vulnerability,
NSFOCUS Security Team
- [KDE Security Advisory] kpdf temp file writing DoS vulnerability,
Dirk Mueller
- Help put a stop to incompetent computer forensics,
Jason Coombs
- Full path disclosure in CaLogic 1.22 and possible in older versions.,
gb . network
- CoolWebSearch found in massive spyware ring,
Paul Laudanski
- MDKSA-2005:132 - Updated heartbeat packages fix temporary file vulnerabilities,
Mandriva Security Team
- MDKSA-2005:133 - Updated netpbm packages fix temporary file vulnerabilities,
Mandriva Security Team
- Evolution multiple remote format string bugs,
sitic
- Privilege escalation in Nortel Contivity VPN Client V05_01.030,
Jeff Peadro
- ISS vs. Cisco: Chapter 2,
FX
- High Risk Vulnerability in Novell eDirectory Server,
NGSSoftware Insight Security Research
- [USN-166-1] Evolution vulnerabilities,
Martin Pitt
- Re: Compromising pictures of Microsoft Internet Explorer!,
Michal Zalewski
- [USN-164-1] netpbm vulnerability,
Martin Pitt
- [USN-165-1] heartbeat vulnerability,
Martin Pitt
- SUSE Security Announcement: Mozilla various security problems (SUSE-SA:2005:045),
Marcus Meissner
- [SECURITY] [DSA 773-1] New amd64 packages fix several bugs,
Martin Schulze
- MDKSA-2005:138 - Updated cups packages fix vulnerability,
Mandriva Security Team
- remote DOS on Wyse thin client 1125SE,
Josh Zlatin-Amishav
- MDKSA-2005:137 - Updated ucd-snmp packages fix a DoS vulnerability,
Mandriva Security Team
- MDKSA-2005:135 - Updated kdegraphics packages fix vulnerability,
Mandriva Security Team
- [FLSA-2005:129284] Updated spamassassin package fixes security issue,
Marc Deslauriers
- [FLSA-2005:152889] Updated mc packages fix security issues,
Marc Deslauriers
- [FLSA-2005:157696] Updated gzip package fixes security issues,
Marc Deslauriers
- [FLSA-2005:157701] Updated Apache httpd packages fix security issues,
Marc Deslauriers
- MDKSA-2005:136 - Updated gpdf packages fix vulnerability,
Mandriva Security Team
- MDKSA-2005:134 - Updated xpdf packages fix vulnerability,
Mandriva Security Team
- Privilege escalation in Network Associates ePolicy Orchestrator Agent 3.5.0 (patch 3),
Reed Arvin
- Xoops 2.2.1 Full Path Disclosure,
none
- [SECURITY] [DSA 774-1] New fetchmail packages fix arbitrary code execution,
Martin Schulze
- (MS05-039) Microsoft Windows Plug-and-Play Service Remote Overflow (Universal Exploit + no crash shellcode),
houseofdabus
- FW: Updated Version & Exploit - Privilege escalation in Nortel Contivity VPN Client V05_01.030,
Jeff Peadro
- My Bulletin Board RC 4 Vulnerabilities,
phuket
- Insecure directory permissions of default installation of Kaspersky Anti-Virus for Unix/Linux File Servers will lead to local root exploit,
Dr. Peter Bieringer
- Windows 2000 universal exploit for MS05-039,
sl0ppy
- Privilege escalation in Linksys WLAN Monitor v2.0,
Reed Arvin
- Bluetooth: Theft of Link Keys for Fun and Profit?,
KF (lists)
- Grandstream Budge Tone 101/102 DoS Vulnerability,
Kroma Pierre
- [USN-168-1] Gaim vulnerabilities,
Martin Pitt
- Low security hole affecting Mentor's ADSLFR4II router,
Tim Brown
- JaguarControl Activex Buffer Overflow,
Tacettin Karadeniz
- SQL in PHPTB Topic Boards 2.0,
almaster
- [DRUPAL-SA-2005-004] Drupal 4.6.3 / 4.5.5 fixes critical XML-RPC issue,
Uwe Hermann
- Advisory 15/2005: PHPXMLRPC Remote PHP Code Injection Vulnerability,
Stefan Esser
- Advisory 14/2005: PEAR XML_RPC Remote PHP Code Injection Vulnerability,
Stefan Esser
- Vulnerability found in CPAINT Ajax Toolkit,
wiley14
- [SECURITY] [DSA 761-2] New heartbeat packages fix insecure temporary files,
Martin Schulze
- drone armies C&C report - July/2005,
Gadi Evron
- [SECURITY] [DSA 775-1] New Mozilla packages fix frame injection spoofing vulnerability,
Martin Schulze
- [ GLSA 200508-06 ] Gaim: Remote execution of arbitrary code,
Sune Kloppenborg Jeppesen
- Technical Note by Amit Klein: Detecting and Preventing HTTP Response Splitting and HTTP Request Smuggling Attacks at the TCP Le,
Amit Klein (AKsecurity)
- Serious flaw in Linksys wireless AP password security,
Steve Scherf
- MDKSA-2005:139 - Updated gaim packages fix yet more vulnerabilities,
Mandriva Security Team
- Corsaire Security Advisory: HP Ignite-UX passwd file disclosure issue,
advisories
- MDKSA-2005:140 - Updated proftpd packages fix format string vulnerabilities,
Mandriva Security Team
- 249bytes reverse shellcode with "nooil tricks methods",
msuiche
- Corsaire Security Advisory: HP Ignite-UX filesystem permissions issue,
advisories
- [SECURITY] [DSA 776-1] New clamav packages fix several problems,
Martin Schulze
- SUSE Security Announcement: apache, apache2 request smuggling problem (SUSE-SA:2005:046),
Marcus Meissner
- [NOBYTES.COM: #9] ECW Shop 6.0.2 - Multiple Vulnerabilities,
John Cobb
- [ GLSA 200508-07 ] AWStats: Arbitrary code execution using malicious Referrer information,
Sune Kloppenborg Jeppesen
- [ GLSA 200508-08 ] Xpdf, Kpdf, GPdf: Denial of Service vulnerability,
Sune Kloppenborg Jeppesen
- SQL injection in Persianblog,
alireza hassani
- Hummingbird FTP Weak Password Encryption,
nnposter
- Re: [Full-disclosure] Privilege escalation in Network Associates ePolicy Orchestrator Agent 3.5.0 (patch 3),
NoBrain NoPain
- Win32 Port of Nessusd,
Tom Stracener
- [security bulletin] SSRT4874 rev.0 - HP-UX Ignite-UX Remote Unauthorized Access,
Boren, Rich (HP SSRT)
- Cisco Security Advisory: Cisco Clean Access Unauthenticated API Access,
Cisco Systems Product Security Incident Response Team
- NOVL-2005010098073 GroupWise Password Caching,
Ed Reed
- [SECURITYREASON.COM] phpAdsNew/phpPgAds 2.0.5 Local file inclusion cXIb8O3.16,
max
- Buffer-overflow in Chris Moneymaker's World Poker Championship 1.0,
Luigi Auriemma
- SQL injection in mediabox404 v1.2,
cedric
- [SECURITY] [DSA 777-1] New Mozilla packages fix frame injection spoofing vulnerability,
Martin Schulze
- PHPTB Topic Board <= 20: Multiple PHP injection vulnerabilities,
goszynskif
- Unicode Buffer Overflow in WinFtp Server 1.6.8,
Donato Ferrante
- [PHPADSNEW-SA-2005-001] phpAdsNew and phpPgAds 2.0.6 fix multiple vulnerabilities,
Matteo Beccati
- [ GLSA 200508-09 ] bluez-utils: Bluetooth device name validation vulnerability,
Sune Kloppenborg Jeppesen
- MSN Messenger Password Decrypter for WinXP/2003,
ViPeR
- Internet Explorer 6 Meta Refresh Parsing Weakness,
Moritz Naumann
- Juniper Netscreen VPN Username Enumeration Vulnerability,
Roy Hills
- mutt buffer overflow,
Peter Valchev
- Zorum 3.5 remote code execution poc exploit,
retrogod
- Password Disclosure in Whisper32,
Alexey Agapov
- Sensitive Information Disclosure Vulnerability in Kinetics Kiosk Product,
Jason Coombs
- Bluez hcid popen() explained.,
KF (lists)
- BBCaffe 2.0 cross site scripting poc,
retrogod
- MDKSA-2005:143 - Updated kdegraphics packages fix kfax vulnerability,
Mandriva Security Team
- MDKSA-2005:142 - Updated libtiff packages fixes vulnerability,
Mandriva Security Team
- MDKSA-2005:141 - Updated evolution packages fixes format string vulnerabilities,
Mandriva Security Team
- runcms highlight.php hole,
Security Lists
- PHPFreeNews V1.40 and prior Multiple Vulnerabilities,
h4cky0u
- DevC++ V.4.9.9.2 NULL BYTE INSERTION / OBFUSCATION FLAW (by rgod),
retrogod
- MDKSA-2005:144 - Updated wxPythonGTK packages several vulnerabilities,
Mandriva Security Team
- UnixWare 7.1.4 UnixWare 7.1.3 : cpio race condition and directory traversal issues fixed.,
please_reply_to_security
- w-agora 4.2.0 and prior Remote Directory Travel Vulnerability,
h4cky0u
- ATutor 1.5.1 and prior multiple XSS Vulnerabilities,
h4cky0u
- WinAce Temporary File Parsing Buffer Overflow Vulnerability,
atmaca
- [SECURITY] [DSA 778-1] New mantis packages fix several vulnerabilities,
Martin Schulze
- Cisco Clean Access Agent (Perfigo) bypass,
llhansen-bugtraq
- [USN-170-1] gnupg vulnerability,
Martin Pitt
- [ GLSA 200508-10 ] Kismet: Multiple vulnerabilities,
Sune Kloppenborg Jeppesen
- Secunia Research: HAURI Anti-Virus Compressed Archive Directory Traversal,
Secunia Research
- Fwd: Tor security advisory: DH handshake flaw,
Chris Palmer
- [USN-169-1] Linux kernel vulnerabilities,
Martin Pitt
- [ GLSA 200508-11 ] Adobe Reader: Buffer Overflow,
Thierry Carrez
- Vul in MyBB,
s2b
- IBM Lotus Notes multiple disclosures of password hashes,
Shalom Carmel
- Woltlab Burning Board <= 2.2.2/2.3.3 modcp.php SQL injection,
admin
- [USN-171-1] PHP4 vulnerabilities,
Martin Pitt
- [SECURITY] [DSA 779-1] New Mozilla Firefox packages fix several vulnerabilities,
Martin Schulze
- Bugs Land Down Under v800,
bl2k
- ToorCon 7 Lineup Finalized & Pre-Registration Ending,
h1kari@xxxxxxxxxxx
- Nephp Publisher Enterprise 3.04 Cross Site Scripting,
bl2k
- SUSE Security Announcement: Adobe Reader Plugin buffer overflow (SUSE-SA:2005:047),
Marcus Meissner
- ELM < 2.5.8 Remote Exploit POC,
c0ntexb
- Cisco Security Advisory: SSL Certificate Validation Vulnerability in IDS Management Software,
Cisco Systems Product Security Incident Response Team
- DMA[2005-0818a] - 'Apple OSX dsidentity privilege abuse',
KF (lists)
- Cisco Security Advisory: Cisco Intrusion Prevention System Vulnerable to Privilege Escalation,
Cisco Systems Product Security Incident Response Team
- SQL Injection and PHP Code Injection Vulnerabilities in PHPKit 1.6.1,
phuket
- [SECURITYREASON.COM] Multiple vulnerabilities in PostNuke 0.760-RC4b=>x cXIb8O3.15,
max
- Remote IIS 5.x and IIS 6.0 Server Name Spoof,
inge_eivind . henriksen
- [ Suresec Advisories ] - Several MacOS X vulnerabilities,
Suresec Advisories
- 32919 - Computer Associates Message Queuing (CAM/CAFT) multiple vulnerabilities,
Williams, James K
- [SECURITY] [DSA 781-1] New Mozilla Thunderbird packages fix several vulnerabilities,
Martin Schulze
- [SECURITY] [DSA 782-1] New bluez-utils packages fix arbitrary command execution,
Martin Schulze
- MDKSA-2005:145 - Updated openvpn packages fix several vulnerabilities,
Mandriva Security Team
- MDKSA-2005:146 - Updated php-pear packages fix more PEAR XML-RPC vulnerabilities,
Mandriva Security Team
- MDKSA-2005:148 - Updated vim packages fix vulnerability,
Mandriva Security Team
- Oracle Password Checker,
ak
- [ GLSA 200508-12 ] Evolution: Format string vulnerabilities,
Stefan Cornelius
- Server crash in Ventrilo 2.3.0,
Luigi Auriemma
- Mercora IMRadio 4.0.0.0 Discloses Passwords to Local Users,
kozan
- [USN-172-1] lm-sensors vulnerability,
Martin Pitt
- [USN-173-1] PCRE vulnerability,
Martin Pitt
- ZipTorrent 1.3.7.3 Discloses Proxy Passwords to Local Users,
kozan
- Re: Interspire ArticleLive 2005 (php version) is vulnerable to XSS,
eddie
- MDKSA-2005:147 - Updated slocate packages fix vulnerability,
Mandriva Security Team
- [RLSA_01-2005] QNX inputtrap arbitrary file read vulnerability,
julio
- New Whitepaper - The Pharming Guide,
NGSSoftware Insight Security Research
- Multiple Vulnerabilities in Home Ftp Server 1.0.7,
Donato Ferrante
- Cross-site scripting vulnerability in BEA WebLogic administration console,
GomoR
- Secunia Research: SqWebMail Attached File Script Insertion Vulnerability,
Secunia Research
- PaFileDB 3.1 - SQL-Injection,
astovidatu
- Secunia Research: HAURI Anti-Virus ACE Archive Handling Buffer Overflow,
Secunia Research
- Re: Beehive Forum Multiple Vulnerabilities,
wibble
- [SECURITY] [DSA 783-1] New mysql packages fix insecure temporary file,
Martin Schulze
- LeapFTP .lsq Buffer Overflow Vulnerability,
Sowhat .
- Foojan PHP Weblog Information Disclosure - Refferer Html Injection,
ali202
- unload event in ie/mozilla/opera,
Tobias Boonstoppel
- [ GLSA 200508-13 ] PEAR XML-RPC, phpxmlrpc: New PHP script injection vulnerability,
Thierry Carrez
- [USN-173-2] PCRE vulnerability,
Martin Pitt
- [ GLSA 200508-14 ] TikiWiki, eGroupWare: Arbitrary command execution through XML-RPC,
Thierry Carrez
- Advisory: iTAN not as secure as claimed,
release
- [ GLSA 200508-15 ] Apache 2.0: Denial of Service vulnerability,
Sune Kloppenborg Jeppesen
- [SECURITY] [DSA 784-1] New courier packages fix denial of service,
Martin Schulze
- Portcullis Security Advisory 05-014 HP Openview Remote Command Execution Vulnerability,
Paul J Docherty
- [SECURITY] [DSA 785-1] New libpam-ldap packages fix authentication bypass,
Martin Schulze
- MS05_039 Exploitation (different languages),
Roman Medina-Heigl Hernandez
- [ GLSA 200508-17 ] libpcre: Heap integer overflow,
Stefan Cornelius
- [security bulletin] SSRT4702 rev.0 - HP-UX running Veritas 3.3/3.5 unauthorized data access,
Boren, Rich (HP SSRT)
- Tool for Identifying Rogue Linksys Routers,
Martin Mkrtchian
- Quake 2 Lithium Mod V 1.24 Macro Expansion Vuln?,
nukemmeister
- An Illustrated Guide to IPSec,
Steve Friedl
- [ GLSA 200508-16 ] Tor: Information disclosure,
Sune Kloppenborg Jeppesen
- ssl-login-checkbox faked in Lycos webmail-frontend,
Fischer, Andreas
- Tool Announcement: AIRT -- the Advanced Incident Response Tool 0.4.2 released,
madsys
- Astaro Security Linux 6.0 - HTTP CONNECT Access Localhost Weakness,
oliver karow
- CORRECTION: Remote IIS 5.x and IIS 6.0 Server Name Spoof,
Mark Burnett
- [USN-174-1] courier vulnerability,
Martin Pitt
- 22nd Chaos Communication Congress 2005: Call for Papers,
fukami
- [SECURITY] [DSA 787-1] New backup-manager package fixes several vulnerabilities,
Martin Schulze
- MDKSA-2005:152 - Updated php packages fix integer overflow vulnerability,
Mandriva Security Team
- AWstats Path Disclosure Vulnerability,
fournaux
- [security bulletin] SSRT051023 rev.0 - HP Openview Network Node Manager (OV NNM) Remote Unauthorized Access,
Boren, Rich (HP SSRT)
- MDKSA-2005:150 - Updated bluez-utils packages fix vulnerability,
Mandriva Security Team
- [ GLSA 200508-18 ] PhpWiki: Arbitrary command execution through XML-RPC,
Thierry Carrez
- MDKSA-2005:151 - Updated pcre packages fix integer overflow vulnerability,
Mandriva Security Team
- Multiple PHP Images Galleries EXIF Metadata XSS Vulnerabilities,
Cedric Cochin
- Simple PHP Blog File Upload and User Credentials Exposure Vulnerabilities,
Scott Dewey
- [SECURITY] [DSA 786-1] New simpleproxy packages fix arbitrary code execution,
Martin Schulze
- DMA[2005-0826a] - 'Nokia Affix Bluetooth btsrv poor use of popen()',
KF (lists)
- MDKSA-2005:149 - Updated lm_sensors packages fix temporary file vulnerability,
Mandriva Security Team
- Sophos Antivirus Library Remote Heap Overflow,
list
- Looking Glass v20040427 arbitrary commands execution / cross site scripting,
retrogod
- MDKSA-2005:154 - Updated python packages fix integer overflow vulnerability,
Mandriva Security Team
- MDKSA-2005:153 - Updated gnumeric packages fix integer overflow vulnerability,
Mandriva Security Team
- XSS security hole in phpwebnotes.,
nf2
- Multiple CMS/Forum Vulnablilties,
pacifico\", 0] //--></script>a
- Xcon2005 papers released,
alert7
- PHP-Fusion <= v6.00.107 XSS exploit,
slacker4ever_1
- FUD Forum < 2.7.1 PHP code injection vurnelability,
riklaunim
- Land Down Under,
bendeniz_avci
- Secunia Research: SqWebMail HTML Emails Script Insertion Vulnerability,
Secunia Research
- Multiple vulnerabilities in BFCommand & Control for Battlefield 1942 and Vietnam,
Luigi Auriemma
- [cosmoshop <= 8.10.78] be the shopadmin in one step,
innate
- [SECURITY] [DSA 788-1] New kismet packages fix arbitrary code execution,
Martin Schulze
- Land Down Under 801 And Prior Multiple SQL Injection Vulnerabilities,
h4cky0u . org
- SimplePHPBlog Arbitrary File Deletion and Sample Exploit,
'ken'@FTU
- Vulnerability in Helpdesk software Hesk 0.92,
s2b
- WASC-Articles: 'Preventing Log Evasion in IIS',
contact
- PunBB BBCode IMG Tag Script Injection Vulnerability,
y3dips
- Member.php SQL Injection in MyBB,
W7ED
- [SECURITY] [DSA 789-1] New PHP 4 packages fix several vulnerabilities,
Martin Schulze
- AutoLinks Pro 2.1,
none
- SUSE Security Announcement: php4/php5 Pear::XML_RPC code injection and PCRE integer overflow problems (SUSE-SA:2005:049),
Marcus Meissner
- BNBT EasyTracker Remote Denial of Service Vulnerability,
Sowhat .
- SUSE Security Announcement: pcre integer overflows (SUSE-SA:2005:048),
Marcus Meissner
- iDEFENSE Security Advisory 08.29.05: Adobe Version Cue VCNative Arbitrary Library Loading Vulnerability,
iDEFENSE Labs
- iDEFENSE Security Advisory 08.29.05: Adobe Version Cue VCNative Arbitrary File Overwrite Vulnerability,
iDEFENSE Labs
- iDEFENSE Security Advisory 08.29.05: Symantec AntiVirus 9 Corporate Edition Local Privilege Escalation Vulnerability,
iDEFENSE Labs
- phpLDAPadmin 0.9.6 - 0.9.7/alpha5 (possibly prior versions) system disclosure,,
retrogod
- [USN-173-3] Fixed apache2 packages for USN-173-2,
Martin Pitt
- [ GLSA 200508-19 ] lm_sensors: Insecure temporary file creation,
Thierry Carrez
- [ GLSA 200508-20 ] phpGroupWare: Multiple vulnerabilities,
Thierry Carrez
- [UNTRUE] Gadu-Gadu supposedly fixed the invisible detection vulnerability?,
Maciej Soltysiak
- e107 0.6 forum_post.php create new topics in non-existing forums,
Marc Ruef
- [SECURITY] [DSA 790-1] New phpldapadmin packages fix unauthorised access,
Martin Schulze
- Fetchmail 6.2.5 exploit for Bugtraq ID: 14349,
bannedit
- [SECURITY] [DSA 791-1] New maildrop packages fix arbitrary group mail command execution,
Martin Schulze
- MS05-042 Security Update Problems,
Andrew McCullough
Mail converted by MHonArc 2.6.10