Mail Index

• Thread Index

• Re: Xaraya <= 1.0.0 RC4 D.O.S / file corruption
  • From: Paul Laudanski
• Re: WebCalendar Multiple Vulnerabilities
  • From: ascii
• Re: DNS query spam
  • From: Florian Weimer
• Re: DNS query spam
  • From: Jim Pingle
• [SECURITY] [DSA 912-1] New centericq packages fix denial of service
  • From: Martin Schulze
• Re: DNS query spam
  • From: Stephen Stuart
• Gallery 2.x Security Advisory
  • From: Bharat Mediratta
• Opera 8.50 DoS with simple java applet
  • From: Marc Schoenefeld
• Re: WebCalendar Multiple Vulnerabilities
  • From: Paul Laudanski
• Re: DNS query spam
  • From: Joe
• MDKSA-2005:219 - Updated kernel packages fix numerous vulnerabilities
  • From: Mandriva Security Team
• MDKSA-2005:218 - Updated kernel packages fix numerous vulnerabilities
  • From: Mandriva Security Team
• Re: Opera 8.50 DoS with simple java applet
  • From: Edward D Wiget
• MDKSA-2005:217 - Updated netpbm packages fix pnmtopng vulnerabilities
  • From: Mandriva Security Team
• Re: Re: Xaraya <= 1.0.0 RC4 D.O.S / file corruption
  • From: retrogod
• MDKSA-2005:220 - Updated kernel packages fix numerous vulnerabilities
  • From: Mandriva Security Team
• Re: DNS query spam
  • From: fugi
• Re: - Cisco IOS HTTP Server code injection/execution vulnerability-
  • From: Florian Weimer
• Re: What is wrong with these people?
  • From: Steve Shockley
• PhpX <= 3.5.9 SQL Injection -> login bypass -> remote command/code execution
  • From: retrogod
• Re: WebCalendar Multiple Vulnerabilities
  • From: craig
• Sunbelt set to acquire Kerio Personal Firewall
  • From: Paul Laudanski
• Re: DNS query spam
  • From: Piotr Kamisiski
• Re: Opera 8.50 DoS with simple java applet
  • From: Yngve N. Pettersen (Developer Opera Software ASA)
• [security bulletin] SSRT4787 Revised - HP Systems Insight Manager (SIM) for HP-UX Remote Denial of Service (DoS)
  • From: security-alert
• WebCalendar Multiple Vulnerabilities.
  • From: lwang
• Microsoft Windows CreateRemoteThread Exploit
  • From: q7x
• [SECURITY] [DSA 914-1] New horde2 packages fix cross-site scripting
  • From: Martin Schulze
• [DRUPAL-SA-2005-008] Drupal 4.6.4 / 4.5.6 fixes XSS and HTTP header injection issue
  • From: Uwe Hermann
• [DRUPAL-SA-2005-007] Drupal 4.6.4 / 4.5.6 fixes XSS issue
  • From: Uwe Hermann
• Edgewall Trac SQL Injection Vulnerability
  • From: David Maciejak
• [USN-220-1] w3c-libwww vulnerability
  • From: Martin Pitt
• Perl format string integer wrap vulnerability
  • From: robert
• [SECURITY] [DSA 913-1] New gdk-pixbuf packages fix several vulnerabilities
  • From: Martin Schulze
• [DRUPAL-SA-2005-009] Drupal 4.6.4 / 4.5.6 fixes minor access control issue
  • From: Uwe Hermann
• Cisco Security Advisory: IOS HTTP Server Command Injection Vulnerability
  • From: Cisco Systems Product Security Incident Response Team
• [SECURITY] [DSA 915-1] New helix-player packages fix arbitrary code execution
  • From: Martin Schulze
• phpMyChat Multiple XSS vulnerabilities.
  • From: secresearch
• Re: Sunbelt set to acquire Kerio Personal Firewall
  • From: Nick Boyce
• Re: Microsoft Windows CreateRemoteThread Exploit
  • From: Anton
• RE: Microsoft Windows CreateRemoteThread Exploit
  • From: Michael Wojcik
• SEC Consult SA-20051202-1 :: GMX Webmail XSS
  • From: Sec Consult Research
• SEC Consult SA-20050212-1 :: A Word on Webmail Security and Browser related XSS Bugs
  • From: Sec Consult Research
• SEC Consult SA-XXXXXXXXXXX
  • From: Bernhard Mueller
• 22nd CCC conference in Berlin
  • From: Harry Behrens
• [xfocus-SD-051202]openMotif libUil Multiple vulnerability
  • From: alert7@xxxxxxxxxx
• Format String Vulnerabilities in Perl Programs
  • From: Steven M. Christey
• [USN-221-1] racoon vulnerability
  • From: Martin Pitt
• [USN-222-1] Perl vulnerability
  • From: Martin Pitt
• WinEggDropShell Multiple Remote Stack Overflow
  • From: Sowhat
• Re: - Cisco IOS HTTP Server code injection/execution vulnerability-
  • From: Mike Caudill
• MDKSA-2005:223 - Updated webmin package fixes format string vulnerability
  • From: Mandriva Security Team
• [OpenPKG-SA-2005.026] OpenPKG Security Advisory (lynx)
  • From: OpenPKG
• MDKSA-2005:221 - Updated spamassassin packages fixes vulnerability
  • From: Mandriva Security Team
• Re: Re: Microsoft Windows CreateRemoteThread Exploit
  • From: warl0ck
• eXtreme Styles mod <= 2.2.1 Multiple Vulnerabilities
  • From: tommie1
• [OpenPKG-SA-2005.025] OpenPKG Security Advisory (perl)
  • From: OpenPKG
• Alisveristr E-Commerce Admin Login SQL &#304;njection
  • From: B3g0k
• Re: WebCalendar
  • From: Louis Wang
• MDKSA-2005:222 - Updated mailman packages fix various vulnerabilities
  • From: Mandriva Security Team
• [Updated] [FLSA-2005:166943] Updated php packages fix security issues
  • From: Marc Deslauriers
• QNX 4.25 suided dhcp.client binary
  • From: lms
• DMA[2005-1202a] - 'sobexsrv - Scripting/Secure OBEX Server format string vulnerability'
  • From: KF (lists)
• [OpenPKG-SA-2005.027] OpenPKG Security Advisory (php)
  • From: OpenPKG
• PHP-Fusion v6.00.109 SQL Injection and Info. Disclosure
  • From: xer0x . west
• Zen-Cart <= 1.2.6d blind SQL injection / remote commands execution:
  • From: retrogod
• eXtreme Styles mod <= 2.2.1 Multiple Vulnerabilities
  • From: tommie1
• more MD5 colliding examples
  • From: Gerardo Richarte
• [USN-223-1] Inkscape vulnerability
  • From: Martin Pitt
• [scip_Advisory] e107 v0.6 rate.php manipulation
  • From: Marc Ruef
• have you ever been BluePIMped?
  • From: KF (lists)
• [USN-180-2] MySQL 4.1 vulnerability
  • From: Martin Pitt
• [security bulletin] HPSBUX01059 SSRT4704 Revised - HP-UX Running wu-ftpd Local Unauthorized Access
  • From: security-alert
• Blog System v1.2 Multiple SQL Injection Vulnerabilities
  • From: vipsta
• Outpost24 Public Security Note: Linux/Elxbot
  • From: David Jacoby
• Buffer Overflow in MultiTech VoIP Implementations
  • From: SecurityLab Research
• SUSE Security Announcement: kernel various security and bugfixes (SUSE-SA:2005:067)
  • From: Marcus Meissner
• Horde IMP Webmail Client XSS all versions
  • From: Igor
• iDefense Security Advisory 12.05.05: Multiple Vendor xpdf DCTStream Baseline Heap Overflow Vulnerability
  • From: iDEFENSE Labs
• iDefense Security Advisory 12.05.05: Multiple Vendor xpdf DCTStream Progressive Heap Overflow
  • From: iDEFENSE Labs
• iDefense Security Advisory 12.05.05: Multiple Vendor xpdf JPX Stream Reader Heap Overflow Vulnerability
  • From: iDEFENSE Labs
• iDefense Security Advisory 12.05.05: Multiple Vendor xpdf StreamPredictor Heap Overflow Vulnerability
  • From: iDEFENSE Labs
• [USN-224-1] Kerberos vulnerabilities
  • From: Martin Pitt
• [USN-225-1] Apache 2 vulnerability
  • From: Martin Pitt
• Critical Myspace.com Vulnerabilites
  • From: silentproducts
• [KAPDA::#15] - ThWboard multiple vulnerabilities
  • From: alireza hassani
• SimpleBBS <= v1.1 remote commands execution in c by: unitedasia security crew
  • From: unitedasia
• SugarSuite Open Source <= 4.0beta Remote code execution
  • From: retrogod
• [SECURITY] [DSA 916-1] New Inkscape packages fix arbitrary code execution
  • From: Martin Schulze
• Advisory 25/2005: phpMyAdmin Variables Overwrite Vulnerability
  • From: Stefan Esser
• Advisory 24/2005: libcurl URL parsing vulnerability
  • From: Stefan Esser
• Mobile Antivirus Researchers Assoc. Call for White Papers
  • From: contact . removethis
• DRZES HMS XSS and SQL Injection Vulnerabilities
  • From: vipsta
• Journal of Computer Virology-Call for Papers
  • From: Saeed Abu Nimeh
• [security bulletin] SSRT4884 HP-UX TCP/IP Remote Denial of Service (DoS)
  • From: security-alert
• [KDE Security Advisory] multiple buffer overflows in kpdf/koffice
  • From: Dirk Mueller
• [ GLSA 200512-02 ] Webmin, Usermin: Format string vulnerability
  • From: Sune Kloppenborg Jeppesen
• [ GLSA 200512-01 ] Perl: Format string errors can lead to code execution
  • From: Sune Kloppenborg Jeppesen
• [security bulletin] SSRT5954 Revised - HP-UX TCP/IP Remote Denial of Service (DoS)
  • From: security-alert
• [security bulletin] SSRT051037 HP-UX Running IPSec Remote Unauthorized Access
  • From: security-alert
• iDefense Security Advisory 12.07.05: Dell TrueMobile 2300 Wireless Broadband Router Authentication Bypass Vulnerability
  • From: labs-no-reply@xxxxxxxxxxxx
• Airscanner Mobile Security Advisory: Remote Hard Reset Data Wipe and DoS of Pocket Controller v5.0 (#AS05080401)
  • From: contact . removethis
• -Exploiting Freelist[0] On Windows XP Service Pack 2-
  • From: Brett Moore
• [SECURITY] [DSA 917-1] New courier packages fix unauthorised access
  • From: Martin Schulze
• 3com product security hole
  • From: jaime . blasco
• Website Baker <=2.6.0 SQL Injection -> Login bypass -> remote code execution
  • From: retrogod
• = 1.2.6d blind SQL injection / remote commands execution:
  • From: retrogod
• [security bulletin] SSRT051069 - HP Tru64 Unix Secure Web Server (SWS 6.4.1 and earlier) PHP/XMLRPC Remote Unauthorized Execution of Arbitrary Code
  • From: security-alert
• [TKPN2005-12-001] Multiple critical vulnerabilities in MyBB
  • From: tk
• Re: 3com product security hole
  • From: Juha-Matti Laurio
• [KAPDA::#16] - SMF SQL Injection
  • From: alireza hassani
• Milliscript 1.4 Multiple Vulnerabilities
  • From: NaPa
• [USN-226-1] Courier vulnerability
  • From: Martin Pitt
• MDKSA-2005:224 - Updated curl package fixes format string vulnerability
  • From: Mandriva Security Team
• [SECURITY] [DSA 918-1] New osh packages fix privilege escalation
  • From: Martin Schulze
• iDefense Security Advisory 12.09.05: Ethereal OSPF Protocol Dissector Buffer Overflow Vulnerability
  • From: labs-no-reply@xxxxxxxxxxxx
• TSLSA-2005-0070 - multi
  • From: Trustix Security Advisor
• MDKSA-2005:225 - Updated perl package fixes format string vulnerability
  • From: Mandriva Security Team
• Motorola SB5100E Cable Modem DoS
  • From: Алексей Синцов
• Re: 3com product security hole
  • From: Nicob
• PGP Wipe Free Space, Lyris ListManager Flaws, Windows Timestamps, Sam Juicer
  • From: H D Moore
• Apani Network Response to ISAKMP cert-fi:7710 Alert
  • From: mkuch
• Re: [KAPDA::#16] - SMF SQL Injection
  • From: grudge
• Flatnuke 2.5.6 privilege escalation / remote commands execution exploit
  • From: retrogod
• MDKSA-2005:206-1 - Updated openvpn packages fix multiple vulnerabilities
  • From: Mandriva Security Team
• DEFCON London group - DC4420 - inaugural meeting and Christmas Drinks!
  • From: Major Malfunction
• Torrential 1.2 Directory Traversal
  • From: Shell
• [SECURITY] [DSA 919-1] New curl packages fix potential security problem
  • From: Martin Schulze
• BTGrup Admin WebController Script SQL injection
  • From: khc
• IMOEL CMS Sql password discovery
  • From: silversmith
• [ GLSA 200512-03 ] phpMyAdmin: Multiple vulnerabilities
  • From: Sune Kloppenborg Jeppesen
• Guestserver guestbook system vulnerabilities
  • From: jaakko
• Re: [Full-disclosure] [scip_Advisory] NetGear RP114 Flooding Denial ofService
  • From: Morning Wood
• Re: Re: [KAPDA::#16] - SMF SQL Injection
  • From: retrogod
• oracle not only offeder - researchers NOT responsible?
  • From: Gadi Evron
• Re: Re: [KAPDA::#16] - SMF SQL Injection
  • From: polnby
• [USN-227-1] xpdf vulnerabilities
  • From: Martin Pitt
• iDEFENSE Security Advisory 12.12.05: SCO Unixware Setuid 'uidadmin' Scheme Buffer Overflow Vulnerability
  • From: labs-no-reply@xxxxxxxxxxxx
• SEC Consult SA-20051211-0 :: Several XSS issues in Horde Framework, Kronolith Calendar, Mnemo Notes, Nag Tasks and Turba Addressbook
  • From: Johannes Greil
• [ GLSA 200512-04 ] Openswan, IPsec-Tools: Vulnerabilities in ISAKMP Protocol implementation
  • From: Thierry Carrez
• Re: Re: [Full-disclosure] Kerio Personal Firewall and Kerio Server Firewall FWDRV driver Local Denial of Service
  • From: JHannah01
• Re: [DCG] DEFCON London group - DC4420 - inaugural meeting and Christmas Drinks!
  • From: racerx
• SEC Consult SA-20051211-0 :: Nortel SSL VPN Cross Site Scripting/Command Execution
  • From: SEC Consult Research
• Re: Website Baker <=2.6.0 SQL Injection -> Login bypass -> remote code execution
  • From: ryan
• Arab Portal v2 Beta2 SQL Injections
  • From: stranger-killer
• Re: [KAPDA::#16] - SMF SQL Injection
  • From: ascii
• [PHP-CHECKER] 99 potential SQL injection vulnerabilities
  • From: php-checker
• Status on PGP NTFS File Wipe issue, 11 Dec 2005
  • From: Jon Callas
• [OpenPKG-SA-2005.028] OpenPKG Security Advisory (curl)
  • From: OpenPKG
• [USN-228-1] curl library vulnerability
  • From: Martin Pitt
• [scip_Advisory] NetGear RP114 Flooding Denial of Service
  • From: Marc Ruef
• Re: Re: [KAPDA::#16] - SMF SQL Injection
  • From: Steven M. Christey
• [USN-222-2] Perl vulnerability
  • From: Martin Pitt
• [USN-229-1] Zope vulnerability
  • From: Martin Pitt
• [EEYEB-20050523] Windows Kernel APC Data-Free Local Privilege Escalation Vulnerability
  • From: Advisories
• phpCOIN 1.2.2 multiple vulnerabilities
  • From: retrogod
• MDKSA-2005:226 - Updated mozilla-thunderbird package fix vulnerability in enigmail
  • From: Mandriva Security Team
• Re: [ GLSA 200512-04 ] Openswan, IPsec-Tools: Vulnerabilities in ISAK MP Protocol implementation
  • From: Paul Wouters
• Secunia Research: Internet Explorer Suppressed "Download Dialog" Vulnerability
  • From: Secunia Research
• [SECURITY] [DSA 920-1] New ethereal packages fix arbitrary code execution
  • From: Martin Schulze
• ADP Forum 2.0,ADP Forum 2.0.1,ADP Forum 2.0.2,ADP Forum 2.0.3 versiyon user md5 hash bug
  • From: liz0
• RE: [Full-disclosure] [EEYEB-20050523] Windows Kernel APC Data-FreeLocal Privilege Escalation Vulnerability
  • From: Marc Maiffret
• LIMBO CMS <= v1.0.4.2 _SERVER[] array overwrite / remote code execution
  • From: retrogod
• Re: [Full-disclosure] Re: [EEYEB-20050523] Windows Kernel APC Data-FreeLocal Privilege Escalation Vulnerability
  • From: Tom Ferris
• iDefense Security Advisory 12.14.05: Trend Micro ServerProtect isaNVWRequest.dll Chunked Overflow
  • From: labs-no-reply@xxxxxxxxxxxx
• Re: [Full-disclosure] [EEYEB-20050523] Windows Kernel APC Data-Free Local Privilege Escalation Vulnerability
  • From: Joshua Russel
• iDefense Security Advisory 12.14.05: Trend Micro ServerProtect relay.dll Chunked Overflow Vulnerability
  • From: labs-no-reply@xxxxxxxxxxxx
• Re: [scip_Advisory] NetGear RP114 Flooding Denial of Service
  • From: Thierry Zoller
• iDefense Security Advisory 12.14.05: Trend Micro ServerProtect EarthAgent Remote DoS Vulnerability
  • From: labs-no-reply@xxxxxxxxxxxx
• [PHP-CHECKER] 99 potential SQL injection vulnerabilities
  • From: Yichen Xie
• [OpenPKG-SA-2005.029] OpenPKG Security Advisory (apache)
  • From: OpenPKG
• Re: [PHP-CHECKER] 99 potential SQL injection vulnerabilities
  • From: Andy Lindeman
• Disclosure timelines from vendors - a promising practice?
  • From: Steven M. Christey
• Bypass XSS filter in PHPNUKE 7.9=>x
  • From: max
• iDefense Security Advisory 12.14.05: Trend Micro ServerProtect Crystal Reports ReportServer File Disclosure
  • From: labs-no-reply@xxxxxxxxxxxx
• DIMVA 2006 - 2nd Call for Papers
  • From: Thomas Biege
• Re: IMOEL CMS Sql password discovery
  • From: Steven M. Christey
• SUSE Security Announcement: php4, php5 (SUSE-SA:2005:069)
  • From: Ludwig Nussel
• [ GLSA 200512-05 ] Xmail: Privilege escalation through sendmail
  • From: Thierry Carrez
• [SECURITY] [DSA 921-1] New Linux 2.4.27 packages fix several vulnerabilities
  • From: Martin Schulze
• Re: [ GLSA 200512-04 ] Openswan, IPsec-Tools: Vulnerabilities in ISAK MP Protocol implementation
  • From: VANHULLEBUS Yvan
• Business Objects WebIntelligence 6.5x Account Lockout and System DoS
  • From: mkemp4
• RLA ("Remote LanD Attack")
  • From: Synister Syntax
• SUSE Security Announcement: kernel various security and bugfixes (SUSE-SA:2005:068)
  • From: Marcus Meissner
• CodeCon submission deadline reminder
  • From: Len Sassaman
• [USN-230-1] ffmpeg vulnerability
  • From: Martin Pitt
• Secunia Research: Microsoft Internet Explorer Keyboard Shortcut Processing Vulnerability
  • From: Secunia Research
• Re: Re: Re: [KAPDA::#16] - SMF SQL Injection
  • From: grudge
• Re: [ GLSA 200512-04 ] Openswan, IPsec-Tools: Vulnerabilities in ISAKMP Protocol implementation
  • From: Thierry Carrez
• [ GLSA 200512-06 ] Ethereal: Buffer overflow in OSPF protocol dissector
  • From: Thierry Carrez
• Re: Countering Trusting Trust through Diverse Double-Compiling
  • From: Mike Lisanke
• [SECURITY] [DSA 922-1] New Linux 2.6.8 packages fix several vulnerabilities
  • From: Martin Schulze
• iDefense Security Advisory 12.14.05: Trend Micro PC-Cillin Internet Security Insecure File Permission Vulnerability
  • From: labs-no-reply@xxxxxxxxxxxx
• MDKSA-2005:227 - Updated ethereal packages fix vulnerability
  • From: Mandriva Security Team
• Re: Countering Trusting Trust through Diverse Double-Compiling
  • From: David A. Wheeler
• MDKSA-2005:228 - Updated xine-lib packages fix buffer overflow vulnerability
  • From: Mandriva Security Team
• MDKSA-2005:229 - Updated xmovie packages fix buffer overflow vulnerability
  • From: Mandriva Security Team
• MDKSA-2005:230 - Updated mplayer packages fix buffer overflow vulnerability
  • From: Mandriva Security Team
• MDKSA-2005:231 - Updated ffmpeg packages fix buffer overflow vulnerability
  • From: Mandriva Security Team
• MDKSA-2005:232 - Updated gstreamer-ffmpeg packages fix buffer overflow vulnerability
  • From: Mandriva Security Team
• Patches available for IBM AIX flaws
  • From: NGSSoftware Insight Security Research
• Notacon Call for Proposals open
  • From: Paul Schneider
• Metasploit Framework v3.0 Alpha Release 1
  • From: H D Moore
• CYBSEC - Security Advisory: Watchfire AppScan QA Remote Code Execution
  • From: Mariano Nuñez Di Croce
• MarmaraWeb E-commerce Remote Command Exucetion
  • From: B3g0k
• MarmaraWeb E-commerce Script Cross Site Scripting
  • From: B3g0k
• Re: RLA ("Remote LanD Attack")
  • From: Synister Syntax
• Re: RLA ("Remote LanD Attack")
  • From: Synister Syntax
• [security bulletin] SSRT4728 rev.1 - HP-UX running TCP/IP Remote Denial of Service (DoS)
  • From: security-alert
• AIX Heap Overflow paper
  • From: David Litchfield
• RE: RLA ("Remote LanD Attack")
  • From: Roger A. Grimes
• Re: [Full-disclosure] [EEYEB-20050523] Windows Kernel APC Data-Free Local Privilege Escalation Vulnerability
  • From: Ron
• Re: [Full-disclosure] iDEFENSE Security Advisory 12.06.05: Ipswitch Collaboration Suite SMTP Format String Vulnerability
  • From: Owen Dhu
• Bios Information Leakage
  • From: Jonathan Brossard
• Countering Trusting Trust through Diverse Double-Compiling
  • From: David A. Wheeler
• [ GLSA 200512-09 ] cURL: Off-by-one errors in URL handling
  • From: Sune Kloppenborg Jeppesen
• Re: Patches available for IBM AIX flaws
  • From: Shiva Persaud
• [ GLSA 200512-08 ] Xpdf, GPdf, CUPS, Poppler: Multiple vulnerabilities
  • From: Sune Kloppenborg Jeppesen
• [ GLSA 200512-07 ] OpenLDAP, Gauche: RUNPATH issues
  • From: Thierry Carrez
• phpCOIN-1.2.2-Full-2005 SQL Injection
  • From: stranger-killer
• ZRCSA-200505: libremail - "pop.c" Format String Vulnerability
  • From: deepfear
• Re: Patches available for IBM AIX flaws
  • From: David Litchfield
• DMA[2005-1214a] - 'Widcomm BTW - Bluetooth for Windows Remote Audio Eavesdropping'
  • From: Kevin Finisterre
• [USN-230-2] ffmpeg/xine-lib vulnerability
  • From: Martin Pitt
• DoS in Cisco Clean Access
  • From: alex
• iDefense Security Advisory 12.16.05: Citrix Program Neighborhood Name Heap Corruption Vulnerability
  • From: labs-no-reply@xxxxxxxxxxxx
• Advisory: XSS in WebCal (v1.11-v3.04)
  • From: Stan Bubrouski
• Re: Bios Information Leakage
  • From: Ron van Daal
• exploit (html) for Advanced Guestbook 2.2
  • From: irc0d3r
• RE: RLA ("Remote LanD Attack")
  • From: Patrick Galligan
• Update on the PGP NTFS File Wipe Issue, 16 Dec 2005
  • From: Jon Callas
• Bug in HC
  • From: hackeriri
• Microsoft IIS Remote Denial of Service (DoS) .DLL Url exploit
  • From: inge . henriksen
• Fullpath disclosure in roundcube webmail
  • From: king_purba
• Re: Bypass XSS filter in PHPNUKE 7.9=>x
  • From: Paul Laudanski
• Re: Fullpath disclosure in roundcube webmail
  • From: Steven M. Christey
• phpMyAdmin server_privileges.php SQL Injection Vulnerabilities.
  • From: Alice Bryson
• [SECURITY] [DSA 923-1] New dropbear packages fix arbitrary code execution
  • From: Martin Schulze
• [FLSA-2005:152787] Updated redhat-config-nfs package fixes security issue
  • From: Marc Deslauriers
• [FLSA-2005:152832] Updated lynx package fixes security issues
  • From: Marc Deslauriers
• [FLSA-2005:152870] Updated a2ps package fixes security issue
  • From: Marc Deslauriers
• [FLSA-2005:152892] Updated enscript package fixes security issues
  • From: Marc Deslauriers
• [FLSA-2005:155510] Updated gtk2 packages fixes security issues
  • From: Marc Deslauriers
• [FLSA-2005:166939] Updated openssl packages fix security issues
  • From: Marc Deslauriers
• [FLSA-2005:168326] Updated util-linux and mount packages fix security issue
  • From: Marc Deslauriers
• [ GLSA 200512-10 ] Opera: Command-line URL shell command injection
  • From: Thierry Carrez
• Re: phpMyAdmin server_privileges.php SQL Injection Vulnerabilities.
  • From: michal
• Authenticated EIGRP DoS / Information leak
  • From: Andrew A. Vladimirov
• Making unidirectional VLAN and PVLAN jumping bidirectional
  • From: Andrew A. Vladimirov
• about phpMyAdmin's server_privileges.php announced vulnerability
  • From: Marc Delisle
• [security bulletin] SSRT051026 rev. 1 - HP-UX running WBEM Services Denial of Service (DoS)
  • From: security-alert
• Re: Making unidirectional VLAN and PVLAN jumping bidirectional
  • From: Clayton Kossmeyer
• MDKSA-2005:233 - Updated apache2 packages fix vulnerability in worker MPM
  • From: Mandriva Security Team
• Symantec Antivirus Library Remote Heap Overflows
  • From: list
• iDefense Security Advisory 12.20.05: Qualcomm WorldMail IMAP Server String Literal Processing Overflow Vulnerability
  • From: labs-no-reply@xxxxxxxxxxxx
• Enterprise Connector v.1.02 Multiple SQL Vulnerabilities and Login Bypass
  • From: darkz . gsa
• iDefense Security Advisory 12.20.05: McAfee Security Center MCINSCTL.DLL ActiveX Control File Overwrite
  • From: labs-no-reply@xxxxxxxxxxxx
• [security bulletin] SSRT5983 rev.1 - HP-UX Running Software Distributor (SD) Remote Unauthorized Access
  • From: security-alert
• [ GLSA 200512-11 ] CenterICQ: Multiple vulnerabilities
  • From: Thierry Carrez
• Digital Armaments Security Advisory 12.20.2005: WEBsweeper/MIMEsweeper Executable File Content Check bypass Vulnerability
  • From: info
• Re: Unauthenticated EIGRP DoS
  • From: Paul Oxman (poxman)
• Acidcat ASP CMS Multiple Vulnerabilities
  • From: h e
• PHPGedView <= 3.3.7 remote code execution
  • From: retrogod
• [Overflow.pl] Blender BlenLoader Integer Overflow
  • From: Damian Put
• Secunia Research: Pegasus Mail Buffer Overflow and Off-by-One Vulnerabilities
  • From: Secunia Research
• IRM 014: Sygate Protection Agent 5.0 vulnerability - A low privileged user can disable the security agent
  • From: Advisories
• IRM 013: Ultraapps Issue Manager is vulnerable to Privilege Escalation
  • From: Advisories
• IRM 012: Portfolio Netpublish Server 7 is vulnerable to a Directory Traversal Attack
  • From: Advisories
• MDKSA-2005:234 - Updated sudo packages fix vulnerability
  • From: Mandriva Security Team
• Call for Paper - VI National Computer and Information Security Conference - COLOMBIA
  • From: Jeimy José Cano Martínez
• [Hat-Squad] Remote Heap Corruption Vulnerability in Interaction SIP Proxy
  • From: service
• Workshop "Dependability Aspects in DWH and Mining applications"Deadline:15-01-06
  • From: Manh Tho
• security patch for Linux Kernel 2.6
  • From: breno
• [ECHO_ADV_24$2005] Full path disclosure on WordPress < 1.5.2
  • From: the_day
• Re: Symantec Antivirus Library Remote Heap Overflows
  • From: ltr
• Tolva PHP website system Remote File Include
  • From: beford
• [ECHO_ADV_24$2005] Full path disclosure on WordPress < 1.5.2
  • From: the_day@xxxxxxxxxx
• [Security-Advisories@acs-inc.com: [Full-disclosure] [ACSSEC-2005-11-25-0x1] VMWare Workstation 5.5.0 <= build-18007 G SX Server Variants And Others]
  • From: Andrew Griffiths
• mIRC buffer overflow
  • From: Crowdat Kurobudetsu
• Vulnerability in Metadot portal server allows users to gain administrative privileges
  • From: Gerry Chng
• [KAPDA::#17] - beehiveforum Script Injection
  • From: alireza hassani
• Re: XSS bypass in PHPNuke - FIX ?
  • From: Paul Laudanski
• [SECURITY] [DSA 924-1] New nbd packages fix potential arbitrary code execution
  • From: Martin Schulze
• Cisco Security Response: DoS in Cisco Clean Access
  • From: Clayton Kossmeyer
• WinRAR - Processing Filename Incorrectly Vulnerability
  • From: agoanywhere
• VMware vulnerability in NAT networking
  • From: vmware-security-alert
• iDefense Security Advisory 12.21.05: Macromedia JRun 4 Web Server URL Parsing Buffer Overflow Vulnerability
  • From: labs-no-reply@xxxxxxxxxxxx
• XSS vulnerabilities in Google.com
  • From: Watchfire Research
• Cisco PIX / CS ACS: Downloadable RADIUS ACLs vulnerability
  • From: ovt
• MDKSA-2005:235 - Updated kernel packages fix numerous vulnerabilities
  • From: Mandriva Security Team
• fetchmail security announcement fetchmail-SA-2005-03 (CVE-2005-4348)
  • From: ma+bt
• [SECURITY] [DSA 925-1] New phpbb2 packages fix several vulnerabilities
  • From: Martin Schulze
• CYBSEC - Security Advisory: httprint Multiple Vulnerabilities
  • From: Mariano Nuñez Di Croce
• Re: Cisco PIX / CS ACS: Downloadable RADIUS ACLs vulnerability
  • From: 3APA3A
• Privilege escalation in McAfee VirusScan Enterprise 8.0i (patch 11) and CMA 3.5 (patch 5)
  • From: Reed Arvin
• iDefense Security Advisory 12.22.05: Linux Kernel Socket Buffer Memory Exhaustion DoS Vulnerability
  • From: labs-no-reply@xxxxxxxxxxxx
• [USN-231-1] Linux kernel vulnerabilities
  • From: Martin Pitt
• Webwasher CSM Appliance Script Security Restriction Bypass
  • From: d0t v0rt3x
• XSS&Sql injection attack in PHP-Fusion 6.00.3 Released
  • From: krasza
• [ GLSA 200512-12 ] Mantis: Multiple vulnerabilities
  • From: Stefan Cornelius
• RE: Webwasher CSM Appliance Script Security Restriction Bypass
  • From: Frank Berzau
• [TKADV2005-12-001] Multiple SQL Injection vulnerabilities in MyBB
  • From: tk
• [SECURITY] [DSA 926-2] New ketm packages fix privilege escalation
  • From: Martin Schulze
• Multiple Network-related Vulnerabilities in Electric Sheep
  • From: MichaelAiello
• Electric Sheep window-id stack overflow
  • From: MichaelAiello
• MDKSA-2005:236 - Updated fetchmail packages fix vulnerability
  • From: Mandriva Security Team
• MDKSA-2005:237 - Updated cpio packages fix buffer overflow on x86_64
  • From: Mandriva Security Team
• Dev web management system <= 1.5 SQL injection / cross site scripting
  • From: retrogod
• CFP - IT Underground 2006, Prague, Czech Republic
  • From: Piotr Sobolewski
• Found new bug
  • From: hackeriri
• [ GLSA 200512-13 ] Dropbear: Privilege escalation
  • From: Stefan Cornelius
• Airscanner Mobile Security Advisory #0508310 Spb Kiosk Engine Administrator Password & Information Disclosure
  • From: contact . removethis
• [SECURITY] [DSA 928-1] New dhis-tools-dns packages fix insecure temporary file creation
  • From: Martin Schulze
• [BuHa-Security] DoS Vulnerability in M$ IE 6 SP2 #1
  • From: bugtraq
• [BuHa-Security] DoS Vulnerability in M$ IE 6 SP2 #2
  • From: bugtraq
• [BuHa-Security] DoS Vulnerability in M$ IE 6 SP2 #3
  • From: bugtraq
• Multiple Translation websites Cross Site Scripting vulnerability: Google, Altavista, IBM, freetranslation, worldlingo, etc
  • From: simo
• Obsidis n1 released!
  • From: angelo
• Cerberus Helpdesk multiple vulnerabilities.
  • From: A. Ramos
• [ GLSA 200512-15 ] rssh: Privilege escalation
  • From: Stefan Cornelius
• Secunia Research: IceWarp Web Mail Multiple File Inclusion Vulnerabilities
  • From: Secunia Research
• [SECURITY] [DSA 927-1] New tkdiff packages fix insecure temporary file creation
  • From: Martin Schulze
• dtSearch DUNZIP32.dll Buffer Overflow Vulnerability
  • From: Juha-Matti Laurio
• Malware sample site
  • From: mvalsmith
• Is this a new exploit?
  • From: noemailpls
• MDKSA-2005:238 - Updated php/php-mbstring packages fix mail injection vulnerability
  • From: Mandriva Security Team
• Exploitation of Windows WMF on the web
  • From: Daniel Bonekeeper
• Re: Is this a new exploit?
  • From: H D Moore
• [BUGZILLA] Security advisory for Bugzilla < 2.16.11
  • From: David Miller
• RE: [Full-disclosure] Someone wasted a nice bug on spyware...
  • From: Paul
• Re: Is this a new exploit?
  • From: redxii1234
• Re: Is this a new exploit?
  • From: Andreas Marx
• RE: Is this a new exploit?
  • From: Portz, Jon
• [ GLSA 200512-16 ] OpenMotif, AMD64 x86 emulation X libraries: Buffer overflows in libUil library
  • From: Thierry Carrez
• WMF Exploit
  • From: davidribyrne
• WMF Exploit
  • From: davidribyrne
• PhpDocumentor <= 1.3.0 rc4 Arbitrary remote/local inclusion
  • From: retrogod
• [SECURITY] [DSA 927-2] New tkdiff packages fix insecure temporary file creation
  • From: Martin Schulze
• RE: WMF Exploit
  • From: Hayes, Bill
• RE: [Full-disclosure] Someone wasted a nice bug on spyware...
  • From: Jim Serino
• WMF exploit
  • From: ninjapicook
• Airscanner Mobile Security Advisory #05083102 Spb Kiosk Engine Program Bypass
  • From: contact . removethis
• Black Hat Federal and Europe Call for Papers
  • From: Jeff Moss
• [ GLSA 200512-17 ] scponly: Multiple privilege escalation issues
  • From: Thierry Carrez
• rssh: root privilege escalation flaw
  • From: Derek Martin
• phpbb2.0.19 fixes security issues
  • From: Paul Laudanski
• Secunia Research: TUGZip ARJ Archive Handling Buffer Overflow Vulnerability
  • From: Secunia Research
• Advisory 26/2005: TinyMCE Compressor Vulnerabilities
  • From: Stefan Esser
• Re: Exploitation of Windows WMF on the web
  • From: psgw
• WTF??
  • From: veil_of_darkness
• RE: WMF Exploit
  • From: Derick Anderson
• Yahoo mail Cross Site Scripting vulnerability
  • From: simo
• WMF browser-ish exploit vectors
  • From: Evans, Arian
• RE: WMF Exploit
  • From: Bill Busby
• [KAPDA::#18] - WebWiz Products SQL Injection
  • From: advisory
• Re: WMF Exploit
  • From: Paul Laudanski