Mail Thread Index
- Zone Labs response to "Bypassing Personal Firewall (Zone Alarm Pro) Using DDE-IPC",
Zone Labs Security Team
- [SECURITY] [DSA 832-1] New gopher packages fix several buffer overflows,
Martin Schulze
- Re: PocketPC exploitation,
Denis Jedig
- apachetop insecure temporary file creation,
ZATAZ Audits
- [SECURITY] [DSA 830-1] New ntlmaps packages fix information leak,
Martin Schulze
- Re: Serendipity: Account Hijacking / CSRF Vulnerability,
kreon
- Multiple vulnerabilities in Merak Mail Server 8.2.4r with Icewarp Web Mail 5.5.1,
ss_contacts
- [ GLSA 200509-21 ] Hylafax: Insecure temporary file creation in xferfaxstats script,
Thierry Carrez
- [SECURITY] [DSA 826-1] New helix-player packages fix multiple vulnerabilities,
Michael Stone
- Re: PHP-Fusion v6.00.109 SQL Injection / admin|users credentials disclosure,
security curmudgeon
- Re: Bypassing Personal Firewall (Zone Alarm Pro) Using DDE-IPC,
Paul Laudanski
- RE: "Exploiting the XmlHttpRequest object in IE" - paper by Amit Klein,
Sergey V. Gordeychik
- Citrix Metaframe Presentation Server bypassing policies,
gustavog
- [SECURITY] [DSA 831-1] New mysql-dfsg packages fix arbitrary code execution,
Martin Schulze
- [USN-192-1] Squid vulnerability,
Martin Pitt
- Announce: Bluetooth mailing list - Bluetraq,
Adam Laurie
- iDEFENSE Security Advisory 09.30.05: RealNetworks RealPlayer/HelixPlayer RealPix Format String Vulnerability,
iDEFENSE Labs
- Buffer-overflow and directory traversal bugs in Virtools Web Player 3.0.0.100,
Luigi Auriemma
- TSLSA-2005-0053 - unzip,
Trustix Security Advisor
- Re: IIS 5.1 allows for remote viewing of source code on FAT/FAT32 volumes using WebDAV,
inge . henriksen
- UPDATE: [ GLSA 200509-11 ] Mozilla Suite, Mozilla Firefox: Multiple vulnerabilities,
Thierry Carrez
- [SECURITY] [DSA 829-1] New mysql packages fix arbitrary code execution,
Martin Schulze
- BID #14752 update,
Josh Zlatin-Amishav
- [SECURITY] [DSA 809-2] New squid packages fix denial of service,
Martin Schulze
- [ GLSA 200509-20 ] AbiWord: RTF import stack-based buffer overflow,
Thierry Carrez
- [SECURITY] [DSA 828-1] New squid packages fix denial of service,
Martin Schulze
- [SECURITY] [DSA 827-1] New backupninja packages fix insecure temporary file,
Michael Stone
- [SECURITY] [DSA 836-1] New cfengine2 packages fix arbitrary file overwriting,
Martin Schulze
- MyBloggie 2.1.3beta null char + SQL Injection -> Login Bypass,
retrogod
- [SECURITY] [DSA 835-1] New cfengine packages fix arbitrary file overwriting,
Martin Schulze
- [Information Disclosure] NetForce v4.02 Sends NIS Password Maps with passwords hashes over sendmail,
bambenek
- [SECURITY] [DSA 833-1] New mysql-dfsg-4.1 packages fix arbitrary code execution,
Martin Schulze
- [SECURITY] [DSA 834-1] New prozilla packages fix arbitrary code execution,
Martin Schulze
- Security Advisory for Bugzilla 2.18.3, 2.20rc2, and 2.21,
mkanat
- RE: Careless Law Enforcement Computer Forensics Lacking InfoSec Expertise Causes Suicides,
Lachniet, Mark
- [SECURITY] [DSA 837-1] New Mozilla Firefox packages fix denial of service,
Martin Schulze
- [SECURITY] [DSA 838-1] New mozilla-firefox packages fox multiple vulnerabilities,
Michael Stone
- Re: Online Dating Software by AEwebworks - aeDating Script <= 4.0 Version Vulnerability,
security
- Trillian remote crashable,
philipp
- Kaspersky Antivirus Remote Heap Overflow,
list
- MDKSA-2005:171 - Updated kernel packages fix multiple vulnerabilities,
Mandriva Security Team
- [SECURITY] [DSA 840-1] New drupal packages fix remote command execution,
Martin Schulze
- [SECURITY] [DSA 842-1] New egroupware packages fix arbitrary code execution,
Martin Schulze
- Call for Papers - DIMVA 2006,
Thomas Biege
- [SECURITY] [DSA 839-1] New apachetop packages fix insecure temporary file,
Martin Schulze
- Advisory: WZCS vulnerabilities,
donctl
- [ GLSA 200510-01 ] gtkdiskfree: Insecure temporary file creation,
Thierry Carrez
- [USN-155-3] Fixed mozilla locale packages,
Martin Pitt
- [USN-193-1] dia vulnerability,
Martin Pitt
- [ GLSA 200510-02 ] Berkeley MPEG Tools: Multiple insecure temporary files,
Thierry Carrez
- [security bulletin] SSRT051041 rev.0 - HP-UX Mozilla Remote Unauthorized Execution of Privileged Code or Denial of Service (DoS),
security-alert
- [SECURITY] [DSA 833-2] New mysql-dfsg-4.1 package fixes arbitrary code execution,
Martin Schulze
- [ GLSA 200510-03 ] Uim: Privilege escalation vulnerability,
Sune Kloppenborg Jeppesen
- A common researcher diagnosis error: misreading error messages,
Steven M. Christey
- [security bulletin] SSRT051040 rev.0 - HP-UX Mozilla Remote Unauthorized Execution of Privileged Code,
security-alert
- [security bulletin] SSRT5940 rev.2 - HP-UX Mozilla remote, unauthorized user may execute privileged code,
security-alert
- [security bulletin] SSRT051030 rev.1 - HP OpenView Event Correlation Services (OV ECS) Remote Unauthorized Privileged Access,
security-alert
- [security bulletin] SSRT051023 rev.5 - HP OpenView Network Node Manager (OV NNM) Remote Unauthorized Privileged Access,
security-alert
- [ GLSA 200510-04 ] Texinfo: Insecure temporary file creation,
Thierry Carrez
- iDEFENSE Security Advisory 10.04.05: UW-IMAP Netmailbox Name Parsing Buffer Overflow Vulnerability,
iDEFENSE Labs
- iDEFENSE Security Advisory 10.04.05: Symantec AntiVirus Scan Engine Web Service Buffer Overflow Vulnerability,
iDEFENSE Labs
- [SECURITY] [DSA 843-1] New arc packages fix insecure temporary files,
Martin Schulze
- Patches available for critical flaws in HP Openview,
NGSSoftware Insight Security Research
- [SECURITY] [DSA 844-1] New mod-auth-shadow packages fix authentication bypass,
Martin Schulze
- Some new whitepapers ...,
David Litchfield
- Secunia Research: ALZip Multiple Archive Handling Buffer Overflow,
Secunia Research
- PAKCON II: Call for Paper (CfP), Final Call!,
Ayaz Ahmed Khan
- [security bulletin] SSRT4743, SSRT4884 rev.1 - HP Tru64 UNIX TCP/IP remote Denial of Service (DoS),
security-alert
- Secunia Research: PHP-Fusion Two SQL Injection Vulnerabilities,
Secunia Research
- Secunia Research: Webroot Desktop Firewall Two Vulnerabilities,
Secunia Research
- Planet Technology Corp FGSW2402RS switch default password / "backdoor",
lms
- WASC Threat Classification in 4 languages,
contact
- [security bulletin] SSRT051004 rev.1 - HP-UX Java Runtime Environment (JRE) Untrusted Applet Elevates Privilege,
security-alert
- aspReady FAQ - open for SQL-injections,
preben
- [ GLSA 200510-06 ] Dia: Arbitrary code execution through SVG import,
Sune Kloppenborg Jeppesen
- High Risk Vulnerability in Sun Directory Server,
NGSSoftware Insight Security Research
- Opinion: Complete failure of Oracle security response and utter neglect of their responsibility to their customers,
David Litchfield
- [SECURITY] [DSA 845-1] New mason packages fix missing init script,
Martin Schulze
- [ GLSA 200510-05 ] Ruby: Security bypass vulnerability,
Sune Kloppenborg Jeppesen
- [USN-194-1] texinfo vulnerability,
Martin Pitt
- xloadimage buffer overflow.,
Ariel Berkman
- [SECURITY] [DSA 846-1] New cpio packages fix several vulnerabilities,
Martin Schulze
- [security bulletin] SSRT051043 rev.0 - Apache Remote Unauthorized access,
security-alert
- [security bulletin] SSRT051003 rev.1 - HP-UX Java Web Start remote unauthorized privileged access,
security-alert
- Cross-Site-Scripting Vulnerabilities in Oracle HTMLDB,
ak
- Plaintext Password Vulnerabilitiy during Installation of Oracle HTMLDB,
ak
- Cross-Site-Scripting Vulnerability in Oracle iSQL*Plus,
ak
- Cross-Site-Scripting Vulnerability in Oracle XMLDB,
ak
- Shutdown TNS Listener via Oracle iSQL*Plus,
ak
- Shutdown TNS Listener via Oracle Forms Servlet,
ak
- MDKSA-2005:172 - Updated openssh packages fix GSSAPI credentials vulnerability,
Mandriva Security Team
- MDKSA-2005:173 - Updated mozilla-firefox packages fix vulnerabilities,
Mandriva Security Team
- MDKSA-2005:174 - Updated mozilla-thunderbird packages fix multiple vulnerabilities,
Mandriva Security Team
- MDKSA-2005:175 - Updated texinfo packages fix temporary file vulnerability,
Mandriva Security Team
- Aenovo Multiple Vulnerabilities,
advisory
- [ GLSA 200510-07 ] RealPlayer, Helix Player: Format string vulnerability,
Thierry Carrez
- Re: [Dailydave] Security contact for ...,
security curmudgeon
- MailEnable W3C Logging Remote Buffer Overflow Proof of Concept,
advisory
- Utopia News Pro 1.1.3 SQL Injection / cross site scripting,
retrogod
- Re: Security contact for ...,
Williams, James K
- [ GLSA 200510-09 ] Weex: Format string vulnerability,
Sune Kloppenborg Jeppesen
- [ GLSA 200510-08 ] xine-lib: Format string vulnerability,
Sune Kloppenborg Jeppesen
- [SECURITY] [DSA 849-1] New shorewall packages fix firewall bypass,
Martin Schulze
- [SECURITY] [DSA 848-1] New masqmail packages fix several vulnerabilities,
Martin Schulze
- [SECURITY] [DSA 847-1] New dia packages fix arbitrary code execution,
Martin Schulze
- Cyphor 0.19 SQL Injection / Board takeover / cross site scripting,
retrogod
- MDKSA-2005:177 - Updated hylafax packages fix temporary file vulnerability,
Mandriva Security Team
- MDKSA-2005:176 - Updated webmin package fixes authentication bypass vulnerability,
Mandriva Security Team
- gnome-pty-helper writes arbitrary utmp records,
Paul Szabo
- Antivirus detection bypass by special crafted archive.,
unsecure
- [USN-196-1] Xine library vulnerability,
Martin Pitt
- [USN-198-1] cfengine vulnerabilities,
Martin Pitt
- [USN-197-1] Shorewall vulnerability,
Martin Pitt
- [USN-199-1] Linux kernel vulnerabilities,
Martin Pitt
- [USN-195-1] Ruby vulnerability,
Martin Pitt
- CodeCon 2006 Call For Papers,
Len Sassaman
- [EEYEB20050803] - Windows UMPNPMGR wsprintfW Stack Buffer Overflow Vulnerability,
Advisories
- [EEYEB20050915] - MDT2DD.DLL COM Object Uninitialized Heap Memory Vulnerability,
Advisories
- [EEYEB20050708] Microsoft Distributed Transaction Coordinator Memory Modification Vulnerability,
Advisories
- [EEYEB20050510] - Microsoft DirectShow Remote Code Vulnerability,
Advisories
- iDEFENSE Security Advisory 10.11.05: Microsoft Distributed Transaction Controller TIP DoS Vulnerability,
iDEFENSE Labs
- iDEFENSE Security Advisory 10.11.05: Microsoft Distributed Transaction Controller Packet Relay DoS Vulnerability,
iDEFENSE Labs
- The Malloc Maleficarum,
Phantasmal Phantasmagoria
- Secunia Research: WinRAR Format String and Buffer Overflow Vulnerabilities,
Secunia Research
- [KDE Security Advisory] KOffice/KWord RTF import buffer overflow,
Dirk Mueller
- XSS vulnerability in Zeroblog,
alireza hassani
- FreeBSD Security Advisory FreeBSD-SA-05:21.openssl,
FreeBSD Security Advisories
- [SECURITY] [DSA 862-1] New Ruby 1.6 packages fix safety bypass,
Martin Schulze
- [SECURITY] [DSA 861-1] New uw-imap packages fix arbitrary code execution,
Martin Schulze
- [SECURITY] [DSA 860-1] New Ruby packages fix safety bypass,
Martin Schulze
- versatileBulletinBoard V1.0.0 RC2 (possibly prior versions) multiple SQL injection vulnerabilities / login bypass / board takeover,
rgod
- iDEFENSE Security Advisory 10.10.05: Kaspersky Anti-Virus Engine CHM File Parser Buffer Overflow Vulnerability,
iDEFENSE Labs
- iDEFENSE Security Advisory 10.10.05: SGI IRIX runpriv Design Error Vulnerability,
iDEFENSE Labs
- [SECURITY] [DSA 859-1] New xli packages fix arbitrary code execution,
Martin Schulze
- [SECURITY] [DSA 858-1] New xloadimage packages fix arbitrary code execution,
Martin Schulze
- [SECURITYREASON.COM] phpMyAdmin Local file inclusion 2.6.4-pl1,
max
- PullThePlug Contest: Call For Papers,
announcements
- [SECURITY] [DSA 857-1] New graphviz packages fix insecure temporary file,
Martin Schulze
- [SECURITY] [DSA 856-1] New py2play packages fix arbitrary code execution,
Martin Schulze
- [SECURITY] [DSA 855-1] New weex packages fix arbitrary code execution,
Martin Schulze
- Announcement: The Web Application Firewall Evaluation Criteria v1,
contact
- [SECURITY] [DSA 854-1] New tcpdump packages fix denial of service,
Martin Schulze
- [SECURITY] [DSA 853-1] New ethereal packages fix several vulnerabilities,
Martin Schulze
- [SECURITY] [DSA 852-1] New up-imapproxy packages fix arbitrary code execution,
Martin Schulze
- [SECURITY] [DSA 851-1] New openvpn packages fix denial of service,
Martin Schulze
- [SECURITY] [DSA 850-1] New tcpdump packages fix denial of service,
Martin Schulze
- [USN-200-1] Thunderbird vulnerabilities,
Martin Pitt
- [ GLSA 200510-10 ] uw-imap: Remote buffer overflow,
Thierry Carrez
- using php local file include vulnerabilities for command execution,
Andreas Zeidler
- MDKSA-2005:180 - Updated xine-lib packages fixes cddb vulnerability,
Mandriva Security Team
- MDKSA-2005:179 - Updated openssl packages fix vulnerabilities,
Mandriva Security Team
- MDKSA-2005:178 - Updated squirrelmail packages fixes XSS vulberability,
Mandriva Security Team
- [USN-202-1] KOffice vulnerability,
Martin Pitt
- [SECURITY] [DSA 863-1] New xine-lib packages fix arbitrary code execution,
Martin Schulze
- [ GLSA 200510-11 ] OpenSSL: SSL 2.0 protocol rollback,
Thierry Carrez
- [SEC-1 Advisory] GFI MailSecurity 8.1 Web Module Buffer Overflow,
Gary Oleary-Steele
- [USN-201-1] SqWebmail vulnerabilities,
Martin Pitt
- MDKSA-2005:181 - Updated squid packages fix vulnerabilities,
Mandriva Security Team
- Linux Orinoco drivers information leakage,
Meder Kydyraliev
- Research for network security news article,
lgreenem
- [SEC-1 Advisory] Collaboration Data Objects Buffer Overflow Vulnerability,
Gary Oleary-Steele
- VERITAS NetBackup: Java User-Interface, format string vulnerability,
secure
- Re: VoIP-Phones: Weakness in proccessing SIP-Notify-Messages,
Tobias Glemser
- ZDI-05-001: VERITAS NetBackup Remote Code Execution,
zdi-disclosures
- Secunia Research: Novell NetMail NMAP Agent "USER" Buffer Overflow Vulnerability,
Secunia Research
- [SECURITY] [DSA 865-1] New hylafax packages fix insecure temporary files,
Martin Schulze
- [SECURITY] [DSA 864-1] New Ruby 1.8 packages fix safety bypass,
Martin Schulze
- Kerio Personal Firewall and Kerio Server Firewall FWDRV driver Local Denial of Service,
Piotr Bania
- Yapig: XSS / Code Injection Vulnerability,
enji
- [USN-203-1] Abiword vulnerabilities,
Martin Pitt
- Secunia Research: AhnLab V3 Antivirus ALZ/UUE/XXE Archive Handling Buffer Overflow,
Secunia Research
- [security bulletin] SSRT051041 rev.1 - HP-UX Mozilla Remote Unauthorized Execution of Privileged Code or Denial of Service (DoS),
security-alert
- [security bulletin] SSRT5975 HP-UX Running on Itanium Platforms Local Denial of Service (DoS),
Security Alert
- iDEFENSE Security Advisory 10.13.05: Multiple Vendor XMail 'sendmail' Recipient Buffer Overflow Vulnerability,
iDEFENSE Labs
- iDEFENSE Security Advisory 10.13.05: Multiple Vendor wget/curl NTLM Username Buffer Overflow Vulnerability,
iDEFENSE Labs
- [USN-205-1] Curl and wget vulnerabilities,
Martin Pitt
- RTasarim WebAdmin modul SQL injection,
khc
- Google Talk cleartext proxy credentials vulnerability,
m123303
- MDKSA-2005:182 - Updated curl packages fix NTLM authentication vulnerability,
Mandriva Security Team
- Airscanner Mobile Security Advisory #05101001: iTunes Shared Music Denial of Service/Spoofing/Flooding/Abuse,
Seth Fogie
- MDKSA-2005:183 - Updated wget packages fix NTLM authentication vulnerability,
Mandriva Security Team
- Gallery 2.x Remote File Access Vulnerability,
Bharat Mediratta
- CAID 33485 - Computer Associates iGateway debug mode HTTP GET request buffer overflow vulnerability,
Williams, James K
- Trusted Digital, Trusted Mobility Suite Authorization Bypass Vulnerability,
none
- [ GLSA 200510-12 ] KOffice, KWord: RTF import buffer overflow,
Sune Kloppenborg Jeppesen
- [USN-204-1] SSL library vulnerability,
Martin Pitt
- MDKSA-2005:184 - Updated cfengine packages fix temporary file vulnerabilities,
Mandriva Security Team
- [KAPDA::#6] Punbb SQL Injection Vulnerability,
advisory
- Security Contacr for Mycall,
Fixer
- [ GLSA 200510-13 ] SPE: Insecure file permissions,
Thierry Carrez
- MDKSA-2005:185 - Updated koffice packages fix KWord RTF import overflow vulnerability,
Mandriva Security Team
- [ GLSA 200510-14 ] Perl, Qt-UnixODBC, CMake: RUNPATH issues,
Thierry Carrez
- [USN-206-1] Lynx vulnerability,
Martin Pitt
- [USN-208-1] SSH server vulnerability,
Martin Pitt
- [USN-207-1] PHP vulnerability,
Martin Pitt
- [USN-208-1] graphviz vulnerability,
Martin Pitt
- Exploiting Windows Device Drivers Whitepaper,
Piotr Bania
- Ciscos VPN-Client-Passwords can be decrypted,
Thierry Zoller
- Yahoo RSS XSS Vulnerability (Correction),
alljer
- SUSE Security Announcement: OpenWBEM (SUSE-SA:2005:060),
Sebastian Krahmer
- ie7 will have more mechanisms,
liudieyu
- flexbackup default config insecure temporary file creation,
ZATAZ Audits
- [OpenPKG-SA-2005.022] OpenPKG Security Advisory (openssl),
OpenPKG
- Lynx Remote Buffer Overflow,
Ulf Harnhammar
- Yahoo RSS XSS Vulnerability,
alljer
- PHP local safedir restriction bypass,
slythers
- [ GLSA 200510-15 ] Lynx: Buffer overflow in NNTP processing,
Sune Kloppenborg Jeppesen
- [ GLSA 200510-16 ] phpMyAdmin: Local file inclusion vulnerability,
Sune Kloppenborg Jeppesen
- Re: Aenovo Multiple Vulnerabilities (Patch),
ali202
- winrar 3.50 Exploit,
edward11
- [USN-210-1] netpbm vulnerability,
Martin Pitt
- Secunia Research: MySource Cross-Site Scripting and File Inclusion Vulnerabilities,
Secunia Research
- SECURECon 2006 Call for papers!,
Will Belcher
- MDKSA-2005:186 - Updated lynx packages fix remote buffer overflow,
Mandriva Security Team
- NetFlow Analyzer 4 XSS Vulnerability,
why
- e107 remote commands execution,
retrogod
- Windows host based firewall tester,
Tim
- Linksys WRT54G/S Directory Traversal,
Shell
- Multiple Critical and High Vulnerabilities in Oracle Database Server,
NGSSoftware Insight Security Research
- Re: Require many large corporate emails for contact regarding vulnerability.,
dcrab
- Metasploit Framework v2.5,
H D Moore
- SUSE Security Announcement: openSSL protocol downgrade attack (SUSE-SA:2005:061),
Marcus Meissner
- SecurityAlert SA025 : PHPNuke Remote Directory Traversal,
sp3x
- cacam_logsecurity_win32 exploit published on 20051018 by Metasploit,
Williams, James K
- Cisco Security Advisory:Cisco 11500 Content Services Switch SSL Malformed Client Certificate Vulnerability,
Cisco Systems Product Security Incident Response Team
- [security bulletin] SSRT051052 rev.0 - HP OpenView Operations and OpenView VantagePoint Java Runtime Environment (JRE) Remote Privileged Access,
security-alert
- [SECURITY] [DSA 868-1] New Mozilla Thunderbird packages fix several vulnerabilities,
Martin Schulze
- XSS & Path Disclosure in Chipmunk's products,
alireza hassani
- Oracle 10g - emagent.exe Stack-Based Overflow,
SPI Labs
- [SECURITY] [DSA 866-1] New Mozilla packages fix several vulnerabilities,
Martin Schulze
- Oracle Workflow CSS Vulnerability wf_monitor,
ak
- [SECURITY] [DSA 867-1] New module-assistant package fixes insecure temporary file,
Martin Schulze
- Oracle Workflow CSS Vulnerability wf_route,
ak
- Vulnerabilities in Oracle E-Business Suite 11i - Critical Patch Update October 2005,
Integrigy Security
- [ GLSA 200510-17 ] AbiWord: New RTF import buffer overflows,
Thierry Carrez
- [ GLSA 200510-18 ] Netpbm: Buffer overflow in pnmtopng,
Thierry Carrez
- [USN-211-1] Enigmail vulnerability,
Martin Pitt
- iDEFENSE Security Advisory 10.20.05: Multiple Vendor Ethereal srvloc Buffer Overflow Vulnerability,
iDEFENSE Labs
- iDEFENSE Security Advisory 10.20.05: Symantec Norton AntiVirus LiveUpdate Local Privilege Escalation,
iDEFENSE Labs
- iDEFENSE Security Advisory 10.20.05: Symantec Norton AntiVirus DiskMountNotify Local Privilege Escalation,
iDEFENSE Labs
- [Argeniss] Story of a dumb patch (Paper advisoryabout CSRSS and Windows Explorer vulnerabilities),
Cesar
- UnixWare 7.1.4 UnixWare 7.1.3 : ppp buffer overflow,
please_reply_to_security
- OpenServer 5.0.7 : authsh and backupsh buffer overflow,
please_reply_to_security
- F.E.A.R. 1.01 likes lithsock,
Luigi Auriemma
- [SECURITY] [DSA 869-1] New eric packages fix arbitrary code execution,
Martin Schulze
- Nuked klan 1.7: XSS vulnerability,
papipsycho
- MDKSA-2005:187 - Updated dia packages fix python SVG import vulnerability.,
Mandriva Security Team
- MDKSA-2005:188 - Updated graphviz packages fix temporary file vulnerability.,
Mandriva Security Team
- MDKSA-2005:189 - Updated imap packages fix buffer overflow vulnerabilities.,
Mandriva Security Team
- MDKSA-2005:190 - Updated nss_ldap/pam_ldap packages fix privilege vulnerabilities.,
Mandriva Security Team
- MDKSA-2005:191 - Updated ruby packages fix safe level and taint flag protections vulnerability,
Mandriva Security Team
- MDKSA-2005:192 - Updated xli packages fix buffer overflow vulnerabilities.,
Mandriva Security Team
- [SNS Advisory No.84] Oracle Application Server HTTP Response Splitting Vulnerability,
snsadv
- Secunia Research: ZipGenius Multiple Archive Handling Buffer Overflow,
Secunia Research
- SEC-CONSULT-SA-20051021-0: Yahoo/MSIE XSS,
Bernhard Mueller
- [security bulletin] SSRT051052 rev.1 - HP OpenView Operations and OpenView VantagePoint Java Runtime Environment (JRE) Remote Privileged Access,
security-alert
- Windows UMPNPMGR wsprintfW Stack Buffer Overflow Vulnerability PoC,
ppwd25
- phpBB 2.0.17 (and other BB systems as well) Cookie disclosure exploit.,
alphakgen
- PhpNuke 7.8 with all security fixes/patches "Your_Account", "Downloads", "Web Links" SQL Injection / Remote commans execution,
retrogod
- DBoardGear SQL Injection,
almaster
- SUSE Security Announcement: permissions (SUSE-SA:2005:062),
Ludwig Nussel
- DCP - portal XSS & SQL attacks,
alex
- Remote File Inclusion in forum PunBB,
rod hedor
- Advisory 16/2005: phpMyAdmin Local File Inclusion Vulnerability,
Stefan Esser
- TSLSA-2005-0059 - multi,
Trustix Security Advisor
- Nuked klan 1.7: Bypassed level admin on forum(corrected),
papipsycho
- Insecure Temporary Files in BMC/Control-M Agent,
Scott Cromar
- [security bulletin] SSRT051055 rev.0 - HP Oracle for OpenView (OfO) Critical Patch Update October 2005,
security-alert
- Revised draft on ICMP attacks,
Fernando Gont
- Possible Bug in PHP-Fusion 6.0.204,
peanut
- aRCHILLES Newsworld < 1.5.0-rc1 Multiple Vulnerabilities,
chburchert
- [KAPDA::#8] Domain Manager Pro Vulnerability,
advisory
- SQL saphp Lesson,
almaster
- File Including In FLAT NUKE,
abducter_minds
- Zomplog Script Injection Vulnerability =>3.4 (all versions vulnerable),
sikikmail
- php < 4.4.1 htaccess apache dos,
Eric Romang / ZATAZ.com
- Nuked klan 1.7: Remote Exploit,
papipsycho
- Nuked klan 1.7: SQL vulnerability,
papipsycho
- Flat Nuke Cross Site Scripting,
alex
- iDEFENSE Security Advisory 10.24.05: SCO Openserver backupsh 'Home' Buffer Overflow Vulnerability,
iDEFENSE Labs
- PHP iCalendar CSS,
ascii
- Skype security advisory,
. EADS CCR DCR/STI/C
- DboardGear - uncorrect import themes (SQL-inject),
poizon
- [SECURITY] [DSA 871-1] New libgda2 packages fix arbitrary code execution,
Martin Schulze
- Multiple Vendor Anti-Virus Software Detection Evasion Vulnerability through,
Andrey Bayora
- [ GLSA 200510-19 ] cURL: NTLM username stack overflow,
Thierry Carrez
- [ GLSA 200510-20 ] Zope: File inclusion through RestructuredText,
Thierry Carrez
- [SNS Advisory No.85] XOOPS Multiple Cross-site Scripting Vulnerabilities,
snsadv
- [ GLSA 200510-21 ] phpMyAdmin: Local file inclusion and XSS vulnerabilities,
Thierry Carrez
- iDEFENSE Security Advisory 10.24.05: SCO Unixware Setuid ppp prompt Buffer Overflow Vulnerability,
iDEFENSE Labs
- [SECURITY] [DSA 870-1] New sudo packages fix arbitrary command execution,
Martin Schulze
- Mozilla Thunderbird SMTP down-negotiation weakness,
Thomas Henlich
- Network Appliance iSCSI Authentication Bypass,
advisories
- [SECURITY] [DSA 871-2] New libgda2 packages fix arbitrary code execution,
Martin Schulze
- SEC-Consult SA 20051025-0 :: Snoopy Remote Code Execution Vulnerability,
Bernhard Mueller
- SEC-Consult SA 20051025-1 :: RSA ACE Web Agent XSS,
Bernhard Mueller
- iDEFENSE Security Advisory 10.24.05: SCO Openserver authsh 'Home' Buffer Overflow Vulnerability,
iDEFENSE Labs
- SparkleBlog Journal.php HTML Injection Vulnerability =>v2.1 (all versions vulnerable),
sikikmail
- [SECURITY] [DSA 548-2] New imlib packages fix arbitrary code execution,
Martin Schulze
- MDKSA-2005:193 - Updated ethereal packages fix multiple vulnerabilities,
Mandriva Security Team
- Looking for a security contact at Macrovision/InstallShield,
Richard M. Smith
- Secunia Research: Mantis "t_core_path" File Inclusion Vulnerability,
Secunia Research
- Woltlab Burning Board info_db.php multiple SQL injection,
admin
- SQL-Injection in MyBulletinBoard allows attacker to become a board admin.,
Animal
- Looking for security contacts at Sony and Lenovo (FKA IBM),
Richard M. Smith
- [SECURITY] [DSA 873-1] New net-snmp packages fix denial of service,
Martin Schulze
- [KAPDA::#9] Techno Dreams Scripts Vulnerabilities,
advisory
- Re: [Full-disclosure] Multiple Vendor Anti-Virus Software DetectionEvasion Vulnerability through forged magic byte,
Andrey Bayora
- Update for the magic byte bug,
Andrey Bayora
- MDKSA-2005:197 - Updated unzip packages fix suid, permissions vulnerabilities.,
Mandriva Security Team
- MDKSA-2005:193-1 - Updated ethereal packages fix multiple vulnerabilities,
Mandriva Security Team
- MDKSA-2005:198 - Updated uim packages fix suid linking vulnerabilities.,
Mandriva Security Team
- MDKSA-2005:195 - Updated squid packages fix vulnerabilities,
Mandriva Security Team
- MDKSA-2005:186-1 - Updated lynx packages fix remote buffer overflow,
Mandriva Security Team
- MDKSA-2005:194 - Updated php-imap packages fix buffer overflow vulnerabilities.,
Mandriva Security Team
- MDKSA-2005:196 - Updated perl-Compress-Zlib packages fix vulnerabilities,
Mandriva Security Team
- [SECURITY] [DSA 872-1] New koffice packages fix arbitrary code execution,
Martin Schulze
- PHP-Nuke Cross-Site Scripting Vulnerability,
bhfh01
- MDKSA-2005:199 - Updated netpbm packages fix pnmtopng vulnerabilities,
Mandriva Security Team
- [SECURITY] [DSA 874-1] New lynx packages fix arbitrary code execution,
Martin Schulze
- fetchmail security announcement 2005-02 (CVE-2005-3088),
ma+nomail
- [SECURITY] [DSA 875-1] New OpenSSL packages fix cryptographic weakness,
Martin Schulze
- [SECURITY] [DSA 876-1] New lynx-ssl packages fix arbitrary code execution,
Martin Schulze
- Secunia Research: ATutor Multiple Vulnerabilities,
Secunia Research
- [CIRT.DK] - Novell ZENworks Patch Management Server 6.0.0.52 - SQL injection,
CIRT.DK Advisory
- [SECURITY] [DSA 878-1] New netpbm-free packages fix arbitrary code execution,
Martin Schulze
- [ GLSA 200510-23 ] TikiWiki: XSS vulnerability,
Thierry Carrez
- MDKSA-2005:201 - Updated sudo packages fix vulnerability,
Mandriva Security Team
- [ GLSA 200510-22 ] SELinux PAM: Local password guessing attack,
Thierry Carrez
- [SECURITY] [DSA 877-1] New gnump3d packages fix several vulnerabilities,
Martin Schulze
- MDKSA-2005:200 - Updated apache-mod_auth_shadow packages fix security restriction bypass issues.,
Mandriva Security Team
- [ GLSA 200510-24 ] Mantis: Multiple vulnerabilities,
Thierry Carrez
- iDefense Security Advisory 10.28.05: Multiple Vendor chmlib CHM File Handling Buffer Overflow Vulnerability,
iDEFENSE Labs
- File Including In PBLang,
abducter_minds
- Multiple vulnerabilities within RockLiffe MailSite Express WebMail,
Paul Craig
- Remote File Inclusion in vCard :),
[AT]
- Remote MySQL User on Cpanel Default installation with blank password,
sup3r_linux
- Re: Multiple Vendor Anti-Virus Software Detection Evasion Vulnerability through forged magic byte,
Williams, James K
- Vulnerability in MG2 php based Image Gallery - bypass security, view password protected images,
preben
- Mirabilis ICQ 2003a Buffer Overflow Download Shellcoded Exploit,
atmaca
- uplod phpshell in PHP Advanced Transfer Manager,
sQl
- Trend Micro's Response to the Magic Byte Bug,
Auri Rahimzadeh
Mail converted by MHonArc 2.6.10