Mail Index
- Call for new mailing lists @ SecurityFocus
- secure client-side platform
- [security bulletin] SSRT051004 rev.0 - HP-UX Java Runtime Environment (JRE) Untrusted Applet Elevates Privilege
- [ GLSA 200508-22 ] pam_ldap: Authentication bypass vulnerability
- From: Sune Kloppenborg Jeppesen
- Indiatimes Messenger 6.0 Buffer Overflow (Remote)
- [ GLSA 200508-21 ] phpWebSite: Arbitrary command execution through XML-RPC and SQL injection
- From: Sune Kloppenborg Jeppesen
- [security bulletin] SSRT051003 rev.0 - HP-UX Java Web Start remote unauthorized privileged access
- [SECURITY] [DSA 792-1] New pstotext packages fix arbitrary command execution
- XSS in GreyMatter blog
- Obsidis #1 Call for Papers
- Simple Machine Forum 1-0-5 (possibly prior versions) user IP address / information disclosure
- Re: ICMP attacks against TCP: Conclusions
- Flatnuke 2.5.6 (possibly prior versions) Underlying system information disclosure / Administrative & users credentials disclosure
- RE: secure client-side platform
- CMS Made Simple <= 0.10 - PHP injection
- Vulnerability in Symantec Anti Virus Corporate Edition v9.x
- Ariba password exposure vulnerability
- Re: Vulnerability in Symantec Anti Virus Corporate Edition v9.x]
- [USN-173-4] PCRE vulnerabilities
- SimplePHPBlog Arbitrary File Deletion and Sample Exploit
- RE: Vulnerability in Symantec Anti Virus Corporate Edition v9.x
- Adobe Version Cue exploits.
- [ GLSA 200509-01 ] MPlayer: Heap overflow in ad_pcm.c
- UMN gopher[v3.0.9+] multiple(2) client buffer overflows.
- RE: Ariba password exposure vulnerability
- [SecuriWeb.2005.1] - Barracuda SPAM firewall advisory
- Re: secure client-side platform
- File aribitary read access in frox
- Re: Vulnerability in Symantec Anti Virus Corporate Edition v9.x
- [SECURITY] [DSA 793-1] New sqwebmail packages fix cross-site scripting
- silc server and toolkit insecure temporary file creation
- From: Eric Romang / ZATAZ.com
- re: Ariba Spend Management System
- [SECURITY] [DSA 779-2] New Mozilla Firefox packages fix several vulnerabilities
- [security bulletin] SSRT051005 rev.1 - HP ProLiant DL585 Servers Unauthorized Remote Access
- From: Boren, Rich (HP SSRT)
- SUSE Security Announcement: kernel multiple security problems (SUSE-SA:2005:050)
- iDEFENSE Security Advisory 09.01.05: 3Com Network Supervisor Directory Traversal Vulnerability
- iDEFENSE Security Advisory 09.01.05: Novell NetMail IMAPD Command Continuation Request Heap Overflow
- Re: secure client-side platform
- RE: Re: secure client-side platform
- [SECURITY] [DSA 794-1] New polygen packages fix denial of service
- Re: secure client-side platform
- CYBSEC - Multiple Vendor Web Vulnerability Scanner Arbitrary Script Injection Vulnerability
- From: Mariano Nuñez Di Croce
- [SECURITY] [DSA 800-1] New pcre3 packages fix arbitrary code execution
- [SECURITY] [DSA 798-1] New phproupware packages fix several vulnerabilities
- [SECURITY] [DSA 799-1] New webcalendar packages fix remote code execution
- Re: Vulnerability in Symantec Anti Virus Corporate Edition v9.x]
- CodePimps e-zine #0x07 was released
- FileZilla weakly-encrypted password vulnerability: advisory + PoC
- MAXdev MD-Pro 1.0.73 (possibly prior versions) remote code execution / cross site scripting / path disclosure
- [NOBYTES.COM: #11] MidiCart ASP Shopping Cart, Evaluation Version 7 & Standard & Pro - Multiple Vulnerabilities
- I have discovered small xss error in open webmail 2.41
- IIS 5.1 allows for remote viewing of source code on FAT/FAT32 volumes using WebDAV
- [KDE Security Advisory] kcheckpass local root vulnerability
- Microsoft Windows keybd_event validation vulnerability
- From: Frederic Charpentier
- [OpenPKG-SA-2005.020] OpenPKG Security Advisory (proftpd)
- [ GLSA 200509-02 ] Gnumeric: Heap overflow in the included PCRE library
- [ GLSA 200509-05 ] Net-SNMP: Insecure RPATH
- [ GLSA 200509-04 ] phpLDAPadmin: Authentication bypass
- SUSE Security Announcement: php4, php5 remote code execution (SUSE-SA:2005:051)
- Re: [Full-disclosure] Microsoft Windows keybd_event validation vulnerability
- [USN-145-2] wget bug fix
- [OpenPKG-SA-2005.017] OpenPKG Security Advisory (modssl)
- [ GLSA 200509-03 ] OpenTTD: Format string vulnerabilities
- Re: CMS Made Simple <= 0.10 - PHP injection
- Multiple vulnerabilities in FreeBSD 'urban'
- Land Down Under 'events.php' Cross Site Scripting Vulnerability
- From: conor . e . buckley
- Re: FileZilla weakly-encrypted password vulnerability: advisory + PoC
- PHP-Nuke
- UNB 1.5.3 cross site scripting
- Re: FileZilla weakly-encrypted password vulnerability: advisory + PoC
- Re: FileZilla weakly-encrypted password vulnerability
- [NewAngels Advisory] aMember Pro 2.3.X - Remote File Include Vulnerability
- Re: FileZilla weakly-encrypted password vulnerability: advisory + PoC
- phpCommunityCalendar 4.0.3 (possibly prior versions) sql injection / login bypass / cross site scripting
- [SECURITY] [DSA 801-1] New ntp packages fix group id confusion
- Revised paper on "ICMP attacks against TCP"
- [OpenPKG-SA-2005.019] OpenPKG Security Advisory (openssh)
- [OpenPKG-SA-2005.018] OpenPKG Security Advisory (pcre)
- USB Lock Auto-Protect v1.5 - Local Password Encryption Weakness
- [security bulletin] SSRT051023 rev.1 - HP OpenView Network Node Manager (OV NNM) Remote Unauthorized Privileged Access
- Update: Realchat user impersonation - BSA 200506110001
- [SECURITY] [DSA 795-2] Updated i386 proftpd packages fix format string vulnerability
- Secunia Research: SqWebMail Conditional Comments Script Insertion Vulnerability
- (Annex A) ADSL Road Runner Exploit Description & Theory
- Vulnerability in myBloggie 2.1.3-beta and prior
- [ GLSA 200509-06 ] Squid: Denial of Service vulnerabilities
- From: Sune Kloppenborg Jeppesen
- FreeBSD Security Advisory FreeBSD-SA-05:20.cvsbug
- From: FreeBSD Security Advisories
- Vulnerability In SecureOL VE2 v1.05.1008
- Re: Microsoft Windows keybd_event validation vulnerability
- From: Ansgar -59cobalt- Wiechers
- SQL Injection[2] In MyBB PR2
- Re: [NOBYTES.COM: #11] MidiCart ASP Shopping Cart, Evaluation Version 7 & Standard & Pro - Multiple Vulnerabilities
- [SECURITY] [DSA 802-1] New cvs packages fix insecure temporary files
- MDKSA-2005:160 - Updated kdebase packages fix potential local root vulnerability
- From: Mandriva Security Team
- MDKSA-2005:159 - Updated kdeedu packages fix tempfile vulnerability
- From: Mandriva Security Team
- PBLang 4.65 (possibly prior versions) remote code execution
- WebArchiveX - Unsafe Methods Vulnerability
- MDKSA-2005:158 - Updated mplayer packages fix vulnerabilities
- From: Mandriva Security Team
- MDKSA-2005:157 - Updated smb4k packages fix vulnerabilities
- From: Mandriva Security Team
- [NewAngels Advisory #5] Stylemotion WEB//NEWS 1.4 Vulnerabilities
- Rule bypassing in CheckPoint NGX R60
- MDKSA-2005:156 - Updated ntp packages fix small security-related issue.
- From: Mandriva Security Team
- [ Suresec Advisories ] - Kcheckpass file creation vulnerability
- RE: FileZilla weakly-encrypted password vulnerability: advisory + PoC
- From: MacIntyre, Lawrence Paul
- Re: Microsoft Windows keybd_event validation vulnerability
- USN-160-2: Apache vulnerability
- [USN-177-1] Apache 2 vulnerabilities
- Cisco Security Advisory: Cisco IOS Firewall Authentication Proxy for FTP and Telnet Sessions Buffer Overflow
- From: Cisco Systems Product Security Incident Response Team
- [USN-176-1] kcheckpass vulnerability
- RE: FileZilla weakly-encrypted password vulnerability: advisory + PoC
- anti Windows XP SP2 firewall trick
- [SECURITY] [DSA 803-1] New Apache packages fix HTTP request smuggling
- [SECURITY] [DSA 804-1] New kdelibs packages fix backup file information leak
- Secunia Research: ALZip ACE Archive Handling Buffer Overflow
- Secunia Research: NOD32 Anti-Virus ARJ Archive Handling Buffer Overflow
- [SECURITY] [DSA 805-1] New Apache2 packages fix several vulnerabilities
- MDKSA-2005:161 - Updated apache2 packages to address multiple vulnerabilities
- From: Mandriva Security Team
- [SECURITY] [DSA 806-1] New cvs packages fix insecure temporary files
- TSLSA-2005-0047 - multi
- From: Trustix Security Advisor
- iDEFENSE Security Advisory 09.09.05: GNU Mailutils 0.6 imap4d 'search' Format String Vulnerability
- (TOOL) TAPiON (Polymorphic Decryptor Generator) Engine
- KillProcess 2.20 and priors "FileDescription" Local Buffer Overflow Issue
- Cj Desing Three Aplications One Bug
- KillProcess 2.20 and priors "FileDescription" Local Buffer Overflow Issue
- Zebedee DoS Vulnerability
- class-1 Forum Software v 0.24.4 Remote code execution
- [USN-178-1] Linux kernel vulnerabilities
- [USN-179-1] openssl weak default configuration
- FreeBSD Security Advisory FreeBSD-SA-05:20.cvsbug [REVISED]
- From: FreeBSD Security Advisories
- [SECURITY] [DSA 807-1] New mod_ssl packages fix acl restriction bypass
- Re[2]: [Full-disclosure] (TOOL) TAPiON (Polymorphic Decryptor Generator) Engine
- Sawmill XSS vuln
- Security Flaw in pam_per_user Module
- SUSE Security Announcement: apache2 (SUSE-SA:2005:051)
- [SECURITY] [DSA 808-1] New tdiary packages fix Cross Site Request Forgery
- Re: [Full-disclosure] (TOOL) TAPiON (Polymorphic Decryptor Generator) Engine
- PHP Nuke <= 7.8 Multiple SQL Injections
- Re: [Full-disclosure] (TOOL) TAPiON (Polymorphic Decryptor Generator) Engine
- util-linux: unintentional grant of privileges by umount
- [ GLSA 200509-08 ] Python: Heap overflow in the included PCRE library
- [OpenPKG-SA-2005.021] OpenPKG Security Advisory (squid)
- [ GLSA 200509-07 ] X.Org: Heap overflow in pixmap allocation
- [USN-83-2] LessTif 1 vulnerabilities
- [USN-181-1] Mozilla products vulnerability
- [SECURITY] [DSA 810-1] New Mozilla packages fix several vulnerabilities
- AzDGDatingLite V 2.1.3 remote code execution
- Subscribe Me Pro 2.044.09P and prior Directory Traversal Vulnerability
- [SECURITY] [DSA 809-1] New squid packages fix several vulnerabilities
- MDKSA-2005:162 - Updated squid packages fix vulnerabilities
- From: Mandriva Security Team
- MDKSA-2005:163 - Updated MySQL packages fix vulnerability
- From: Mandriva Security Team
- Re: anti Windows XP SP2 firewall trick
- From: Ansgar -59cobalt- Wiechers
- Serious Security issue with broken - Microsoft's .Net XML Serialization API
- Re: Serious Security issue with broken - Microsoft's .Net XML Serialization API
- iDEFENSE Security Advisory 09.13.05: Linksys WRT54G Router Remote Administration Fixed Encryption Key Vulnerability
- iDEFENSE Security Advisory 09.13.05: Linksys WRT54G 'restore.cgi' Configuration Modification Design Error Vulnerability
- iDEFENSE Security Advisory 09.13.05: Linksys WRT54G Management Interface DoS Vulnerability
- iDEFENSE Security Advisory 09.13.05: Linksys WRT54G 'upgrade.cgi' Firmware Upload Design Error Vulnerability
- iDEFENSE Security Advisory 09.13.05: Linksys WRT54G Router Remote Administration apply.cgi Buffer Overflow Vulnerability
- Re: [Snort-users] Snort DoS Fallacies
- Mozilla / Mozilla Firefox authentication weakness
- Secunia Research: AVIRA Antivirus ACE Archive Handling Buffer Overflow
- ATutor 1.5.1 SQL Injection / Admin credentials disclosure / remote code execution
- [SECURITY] [DSA 814-1] New lm-sensors packages fix insecure temporary file
- Secunia Research: Ahnlab V3 Antivirus Multiple Vulnerabilities
- Digital Scribe v1.4 Login Bypass / SQL injection / remote code execution
- [SECURITY] [DSA 813-1] New centericq packages fix several vulnerabilities
- [SECURITY] [DSA 812-1] New turqstat packages fix buffer overflow
- Airscanner Mobile Security Advisory #05081203: vxTftpSrv 1.7.0 Remote Code Execution Buffer Overflow Vulnerability
- Airscanner Mobile Security Advisory #05081101: vxWeb v.1.1.4 Denial of Service Vulnerability
- DriverStudio Remote Control Authentication Bypass Vulnerability
- Airscanner Mobile Security Advisory #05081102: vxFtpSrv 0.9.7 Remote Code Execution Buffer Overflow Vulnerability
- TWiki Remote Command Execution Vulnerability
- SQL injection & XSS in phpoutsourcing Noah's classifieds
- Avocent CCM: Port Access Control Bypass Vulnerability
- Character Manipulation in Online Systems.
- gtkdiskfree insecure temporary file creation
- Is netcraft publishing URL of your intranet sites?
- Remote File Inclusion in MyGuestbook
- Re: [Full-disclosure] Mozilla / Mozilla Firefox authentication weakness
- 404 error XSS
- From: Josh Zlatin-Amishav
- CastleCops ramps up fight against CoolWebSearch/HomeSearch
- Online Dating Software by AEwebworks - aeDating Script <= 4.0 Version Vulnerability
- Oracle Reports: Generic SQL Injection Vulnerability via Lexical References
- Re: AWstats Path Disclosure Vulnerability
- Re: PHP Nuke <= 7.8 Multiple SQL Injections
- Re: [Full-disclosure] Mozilla / Mozilla Firefox authentication weakness
- RE: [Snort-devel] Re: [Snort-users] Snort DoS Fallacies
- Anti Arp Poisoning Daemon (OpenAAPD) PS: Link corrected
- RE: [Snort-devel] Re: [Snort-users] Snort DoS Fallacies
- From: Ferguson, Justin (IARC)
- Re: Re: Serious Security issue with broken - Microsoft's .Net XML Serialization API
- RE: [Full-disclosure] FireFox Host: Buffer Overflow is not justexploitable on FireFox
- [SECURITY] [DSA 811-1] New common-lisp-controller packages fix arbitrary code injection
- MDKSA-2005:164 - Updated XFree86/x.org packages fix vulnerability
- From: Mandriva Security Team
- Re: PHP Nuke <= 7.8 Multiple SQL Injections
- XSS Vulnerability in MIVA Merchant 5 - Includes Fix
- Airscanner Mobile Security Advisory #05082201: File Transfer Anywhere v3.01 Local Server Password Disclosure
- Re: AWstats Path Disclosure Vulnerability
- PTL Advisory 050825 - HP LaserJet Network Username and Information Enumeration
- Re: AWstats Path Disclosure Vulnerability
- [FLSA-2005:160202] Updated mozilla packages fix security issues
- [FLSA-2005:162680] Updated Zlib packagea fix security issues
- [FLSA-2005:163047] Updated squirrelmail package fixes security issues
- [FLSA-2005:163274] Updated CUPS packages fix security issue
- FF IDN buffer overflow workaround works in Netscape too
- worring about YaST in SuSE 9.3 and maybe lower
- Re: CastleCops ramps up fight against CoolWebSearch/HomeSearch
- arc insecure temporary file creation
- Re: CastleCops ramps up fight against CoolWebSearch/HomeSearch
- SUSE Security Announcement: squid (SUSE-SA:2005:053)
- ncompress insecure temporary file creation
- SUSE Security Announcement: evolution (SUSE-SA:2005:054)
- PHP SESSION MODIFICATION
- gwcc insecure temporary file creation
- [SECURITY] [DSA 815-1] New kdebase packages fix local root vulnerability
- (TOOL) TAPiON ver 0.1c
- [FLSA-2005:152919] Updated grip package fixes security issue
- TSLSA-2005-0049 - multi
- From: Trustix Security Advisor
- Re: PHP SESSION MODIFICATION
- Re: PHP Nuke <= 7.8 Multiple SQL Injections
- Re: PHP Nuke <= 7.8 Multiple SQL Injections
- RE: [Full-disclosure] FireFox Host: Buffer Overflow is not justexploitable on FireFox
- Re: [Full-disclosure] FireFox Host: Buffer Overflow is not just exploitable on FireFox
- CDMA1X Security
- Greyhats Security back online
- Re: worring about YaST in SuSE 9.3 and maybe lower
- Re: [Full-disclosure] FireFox Host: Buffer Overflow is not just exploitable on FireFox
- Re: PHP Nuke <= 7.8 Multiple SQL Injections
- Cisco IOS hacked?
- [ GLSA 200509-10 ] Mailutils: Format string vulnerability in imap4d
- CuteNews 1.4.0 remote code execution
- CuteNews 1.4.0 remote code execution
- [ GLSA 200509-11 ] Mozilla Suite, Mozilla Firefox: Buffer overflow
- Antigen 8.0 for Exchange/SMTP Rule Vulnerability
- router worms and International Infrastructure [was: Re: IOS exploit]
- [Full-disclosure] killbits? should have named them kibbles and bits
- Alstrasoft Epay Pro 2.0 and prior Directory Traversal Vulnerability
- Web Application Security Analyzer for PHP-Nuke/phpBB CMS
- ERRATA: [ GLSA 200507-20 ] Shorewall: Security policy bypass
- Re: Airscanner Mobile Security Advisory #05082201: File Transfer Anywhere v3.01 Local Server Password Disclosure
- [ GLSA 200509-12 ] Apache, mod_ssl: Multiple vulnerabilities
- Dumb Question
- [BuHa-Security] Multiple vulnerabilities in (admincp/modcp of) vBulletin 3.0.8/9
- Possible memory corruption problems in Apple Safari
- Re: PHP Nuke <= 7.8 Multiple SQL Injections
- Re: PHP Nuke <= 7.8 Multiple SQL Injections
- Re: PHP Nuke <= 7.8 Multiple SQL Injections
- [ GLSA 200509-09 ] Py2Play: Remote execution of arbitrary Python code
- [USN-184-1] umount vulnerability
- @System Security Conference
- Whitepaper - Writing small shellcode
- [ GLSA 200509-13 ] Clam AntiVirus: Multiple vulnerabilities
- Alstrasoft Epay Pro 2.0 and prior Directory Traversal Vulnerability
- Re: [Full-disclosure] Cisco IOS hacked?
- From: Andrei Mikhailovsky
- [security bulletin] SSRT5999 rev.0 HP OpenVMS Secure Web Browser Mozilla Application Node Spoofing
- [security bulletin] SSRT5971 rev.0 - HP Tru64 Unix FTP Daemon (ftpd) Remote Denial of Service (DoS)
- Debian Security Host Bandwidth Saturation
- MDKSA-2005:165 - Updated cups packages fix vulnerability
- From: Mandriva Security Team
- bacula insecure temporary file creation
- From: Eric Romang / ZATAZ.com
- phpBB 2.0.17 remote avatar size bug
- Secunia Research: Opera Mail Client Attachment Spoofing and Script Insertion
- Hesk Session ID Validation Vulnerability
- MDKSA-2005:138-1 - Updated cups packages fix vulnerability
- From: Mandriva Security Team
- [USN-185-1] CUPS vulnerability
- mercury imap4 remote BOF exploit ( IHSTeam )
- [ GLSA 200509-14 ] Zebedee: Denial of Service vulnerability
- [ GLSA 200509-15 ] util-linux: umount command validation error
- RE: phpBB 2.0.17 remote avatar size bug
- Paper - How It's Difficult to Ruin a Good Name: An Analysis of Reputational Risk
- Re: Subscribe Me Pro 2.044.09P and prior Directory Traversal Vulnerability
- From: please_use_support_form
- Re: phpBB 2.0.17 remote avatar size bug
- MDKSA-2005:168 - Updated masqmail packages fix vulnerabilities
- From: Mandriva Security Team
- MDKSA-2005:166 - Updated clamv packages fix vulnerabilities
- From: Mandriva Security Team
- MDKSA-2005:167 - Updated util-linux packages fix umount vulnerability
- From: Mandriva Security Team
- [BuHa-Security] Multiple vulnerabilities in (admincp/modcp of) vBulletin 3.0.7
- [SNS Advisory No.83] Webmin/Usermin PAM Authentication Bypass Vulnerability
- PocketPC exploitation
- UnixWare 7.1.4 : LibTIFF < 3.72 malformed data code exec
- From: please_reply_to_security
- Upcoming Black Hat events announcement
- Re: Paper - How It's Difficult to Ruin a Good Name: An Analysis of Reputational Risk
- [security bulletin] SSRT5988 rev.1 - HP Tru64 Unix libXpm Remote Denial of Service (DoS) or Execute Privileged Code
- FireFox exploit updated
- Protty v.01A (beta) - shellcode execution protection library for Windows NT based systems
- OpenServer 6.0.0 : TCP Remote ICMP Denial Of Service Vulnerabilities
- From: please_reply_to_security
- [SECURITY] [DSA 818-1] New kdeedu packages fix insecure temporary files
- RE: router worms and International Infrastructure [was: Re: IOS exploit]
- Platinum Secure smartcard security bypass
- HTTP Request Smuggling - ERRATA (the IIS 48K buffer phenomenon)
- From: Amit Klein (AKsecurity)
- [SECURITY] [DSA 817-1] New python2.2 packages fix arbitrary code execution
- My Little Forum 1.5 / 1.6beta SQL Injection
- Hack Dot AE v2
- [security bulletin] SSRT5998 Rev.2 HP System Management Homepage (v2.0.x) Denial of Service (DoS) and XSS
- [scip_Advisory 1746] Microsoft Internet Explorer 6.0 embedded content cross site scripting
- Re: [Full-disclosure] [scip_Advisory 1746] Microsoft Internet Explorer 6.0 embedded content cross site scripting
- Secunia Research: PowerArchiver ACE/ARJ Archive Handling Buffer Overflow
- Sql injection in jPortal version 2.3.1 (module download)
- TSLSA-2005-0051 - clamav
- From: Trustix Security Advisor
- [SECURITY] [DSA 819-1] New python2.1 packages fix arbitrary code execution
- Secunia Research: 7-Zip ARJ Archive Handling Buffer Overflow
- Re: Remote File Inclusion in MyGuestbook
- From: security curmudgeon
- PhpMyFAQ 1.5.1 multiple vulnerabilities
- Rita Scams Call to Arms - Update
- AlstraSoft E-Friends Remote Command Exucetion
- MailGust 1.9 SQL Injection
- My Little Forum 1.5 / 1.6beta SQL Injection
- "Exploiting the XmlHttpRequest object in IE" - paper by Amit Klein
- From: Amit Klein (AKsecurity)
- Hijacking Bluetooth Headsets for Fun and Profit?
- [ GLSA 200509-17 ] Webmin, Usermin: Remote code execution through PAM authentication
- [SECURITY] [DSA 820-1] New courier packages fix cross-site scripting
- [SECURITY] [DSA 817-1] New python2.2 packages fix arbitrary code execution
- [USN-186-1] Mozilla and Firefox vulnerabilities
- [ GLSA 200509-16 ] Mantis: XSS and SQL injection vulnerabilities
- Server crash and motd deletion in MultiTheftAuto 0.5 patch 1
- FL Studio 5 (.flp file processing) Heap Overflow
- SUSE Security Announcement: XFree86-server,xorg-x11-server (SUSE-SA:2005:056)
- [ GLSA 200509-18 ] Qt: Buffer overflow in the included zlib library
- From: Sune Kloppenborg Jeppesen
- [USN-186-2] Ubuntu 4.10 packages for USN-186-1 Firefox security update
- [USN-187-1] Linux kernel vulnerabilities
- Re: "Exploiting the XmlHttpRequest object in IE" - paper by Amit Klein
- [ISR] - Novell GroupWise Client Integer Overflow
- MDKSA-2005:170 - Updated mozilla packages fix multiple vulnerabilities
- From: Mandriva Security Team
- Re: "Exploiting the XmlHttpRequest object in IE" - paper by Amit Klein
- Announce: RSBAC v1.2.5 released
- lucidCMS 1.0.11 is susceptible to a cross site scripting attack
- ElseNot project
- SEO borad: SQL injection
- Nokia 7610, 3210 denial of service in OBEX.
- FreeBSD GNU Mailutils 0.6 imap4d exploit
- CMS Made Simple 0.10 is susceptible to a cross site scripting attack.
- RealPlayer && HelixPlayer Remote Format String Exploit
- PacSec 05
- MDKSA-2005:169 - Updated mozilla-firefox packages fix multiple vulnerabilities
- From: Mandriva Security Team
- Re: [ISR] - Novell GroupWise Client Integer Overflow
- [ GLSA 200509-19 ] PHP: Vulnerabilities in included PCRE and XML-RPC libraries
- Mantis Bugtracker - Remote Database Scanner and XSS Vulnerabilities
- From: Joxean Guay del Paraguay
- Re: "Exploiting the XmlHttpRequest object in IE" - paper by Amit Klein
- From: Amit Klein (AKsecurity)
- Is the Bottom Line Impacted by Security Breaches?
- [SECURITY] [DSA 821-1] New python2.3 packages fix arbitrary code execution
- Bypassing Personal Firewall (Zone Alarm Pro) Using DDE-IPC
- PHP-Fusion v6.00.109 SQL Injection / admin|users credentials disclosure
- OpenServer 5.0.7 OpenServer 6.0.0 : UnZip File Permissions Change Vulnerability
- From: please_reply_to_security
- Re: PocketPC exploitation
- [SECURITY] [DSA 824-1] New ClamAV packages fix denial of service
- [SECURITY] [DSA 797-2] Updated zsync i386 packages fix build error
- Serendipity: Account Hijacking / CSRF Vulnerability
- Re: Bypassing Personal Firewall (Zone Alarm Pro) Using DDE-IPC
- SquirrelMail Address Add Plugin XSS
- Re: PHP-Fusion v6.00.109 SQL Injection / admin|users credentials disclosure
- [SECURITY] [DSA 823-1] New util-linux packages fix privilege escalation
- [SECURITY] [DSA 825-1] New loop-aes-utils packages fix privilege escalation
- [SECURITY] [DSA 822-1] New gtkdiskfree packages fix insecure temporary file
- [USN-188-1] AbiWord vulnerability
- [USN-189-1] cpio vulnerabilities
- [USN-190-1] SNMP vulnerability
- [USN-191-1] unzip vulnerability
- AV == parasites? (was: PocketPC exploitation)
- Lucid CMS 1.0.11 SQL Injection / Login Bypass / remote code execution
Mail converted by MHonArc 2.6.10