Mail Thread Index
- [security bulletin] HPSBUX02108 SSRT061133 rev.2 - HP-UX running Sendmail, Remote Execution of Arbitrary Code,
security-alert
- RE: WebVulnCrawl searching excluded directories for hackable web servers,
Michael Scheidell
- OSSTMM Security Analyst Training Live Stream on the Web,
Pete Herzog
- Re: Sudo tricks,
Javor Ninov
- Re: On classifying attacks,
Gadi Evron
- EzASPSite <= 2.0 RC3 Remote SQL Injection Exploit Vulnerability.,
Mustafa Can Bjorn IPEKCI
- Re: [Full-disclosure] Critical PHP bug - act ASAP if you are running web with sensitive data,
Jeff Rosowski
- Re: Re: Cantv/Movilnet's Web SMS vulnerability.,
rrecabarren
- DbbS<=2.0-alpha SQL injection,
dabdoub-mosikar
- Buffer-overflow and in-game crash in Zdaemon 1.08.01,
Luigi Auriemma
- Warcraft III Replay Parser Script Remote Command Exucetion Vulnerability And Cross-Site Scripting Attacking,
botan
- Mis-diagnosed XSS bugs hiding worse issues due to PHP feature,
Steven M. Christey
- linksubmit <= All version Html Tag Injector in index.php,
ali
- Re: recursive DNS servers DDoS as a growing DDoS problem,
Gadi Evron
- SQuery <= 4.5 Remote File Inclusion Exploit,
uid0
- FleXiBle Development Script Remote Command Exucetion And XSS Attacking,
botan
- Re: Re: Re: phpBB 2.06 search.php SQL injection,
theguywhocouldwipeyourphpBB
- DoS-ing sysklogd?,
Milen Rangelov
- PHPNuke-Clan 3.0.1 Remote File Inclusion Exploit,
uid0
- GeSWall 2.2 – Free Intrusion Prevention System for Windows,
GentleSecurity Team
- SiteMan <= All version SQL injection in admin_login.asp,
ali
- Phpwebgallery <= 1.4.1 SQL injection Vulnerability,
t4h4
- Secunia Research: AN HTTPD Script Source Disclosure Vulnerability,
Secunia Research
- Re: On product vulnerability history and vulnerability complexity,
Crispin Cowan
- [USN-266-1] dia vulnerabilities,
Martin Pitt
- [SECURITY] [DSA 1000-2] New Apache2::Request packages fix denial of service,
Martin Schulze
- Another Internet Explorer Address Bar Spoofing Vulnerability,
hainamluke
- Hosting Controller AccountActions.asp and saveuploadfiles.asp vulns (PoC),
paolo . difebbo
- Flaw in commonly used bash random seed method,
coderpunk
- VWar <= 1.5.0 R12 Remote File Inclusion Exploit,
uid0
- Multiple Vulnerabilities in LucidCMS,
crasher
- MyBB 1.10 New CrossSiteScripting,
o . y . 6
- SQL Injection in Softbiz Image Gallery,
xx_hack_xx_2004
- [ MDKSA-2006:064 ] - Updated MySQL packages fix logging bypass vulnerability,
security
- [ MDKSA-2006:062 ] - Updated dia packages fix buffer overflow vulnerabilities,
security
- ReloadCMS <= 1.2.5stable Cross site scripting / remote command execution,
rgod
- SYMSA-2006-002: McAfee WebShield SMTP Format String Vulnerability,
CS_Advisories Mailbox
- Bypassing ISA Server 2004 with IPv6,
Romain . Le . Guen
- RUXCON 2006 Call for Papers,
cfp
- SMART Technologies SynchronEyes Remote Denial of Services,
dennis
- Format string in Doomsday 1.8.6,
Luigi Auriemma
- [USN-267-1] mailman vulnerability,
Martin Pitt
- [ GLSA 200604-01 ] MediaWiki: Cross-site scripting vulnerability,
Stefan Cornelius
- Barracuda LHA archiver security bug leads to remote compromise,
Jean-Sébastien Guay-Leroux
- Barracuda ZOO archiver security bug leads to remote compromise,
Jean-Sébastien Guay-Leroux
- [security bulletin] HPSBPI2109 SSRT061141 rev.1 - HP Color LaserJet 2500 and 4600 Toolbox Running on Microsoft Windows Remote Unauthorized Disclosure of Information,
security-alert
- [ GLSA 200604-02 ] Horde Application Framework: Remote code execution,
Stefan Cornelius
- [ GLSA 200604-03 ] FreeRADIUS: Authentication bypass in EAP-MSCHAPv2 module,
Matthias Geerdsen
- Buffer-overflow in Ultr@VNC 1.0.1 viewer and server,
Luigi Auriemma
- Re: [Full-disclosure] Critical PHP bug - act ASAP if you are running web with sensitive data,
Moriyoshi Koizumi
- ArabPortal 2.0.1 Stable [ 9 CrossSiteScripting & 1 SQL Injection ] MultBugz,
o . y . 6
- NOD32 local privilege escalation vulnerability,
visitbipin
- Another way to spoof Internet Explorer Address Bar,
hainamluke
- Re: [Full-disclosure] Critical PHP bug - act ASAP if you are runningweb with sen,
mailinglist mailinglist
- Re: Limbo CMS code execution,
gergero
- Black Hat Call for Papers and Registration now open,
Jeff Moss
- [Full-disclosure] PIRANA exploitation framework and SMTP contentfilter security,
Jean-Sébastien Guay-Leroux
- [SECURITY] [DSA 1022-1] New storebackup packages fix several vulnerabilities,
Moritz Muehlenhoff
- [ECHO_ADV_27$2006] AngelineCMS 0.8.1 Installpath Remote File Inclusion,
eufrato
- [SEC-1 LTD] HP Colour LaserJet 2500 and 4600 Toolbox Directory Traversal Vulnerability,
Richard Horsman
- Linux Kernel Local DoS vulnerability.,
fingerout
- [FLSA-2006:152873] Updated xine package fixes security issues,
Marc Deslauriers
- [SECURITY] [DSA 1024-1] New clamav packages fix several vulnerabilities,
Moritz Muehlenhoff
- Cisco Security Advisory: Cisco 11500 Content Services Switch HTTP Request Vulnerability,
Cisco Systems Product Security Incident Response Team
- [FLSA-2006:152896] Updated mod_python package fixes a security issue,
Marc Deslauriers
- Autonomous LAN party File iNclusion,
codexploder
- [ MDKSA-2006:066 ] - Updated FreeRADIUS packages fix off-by-one overflow vulnerabilty,
security
- Xss In SaphpLesson3.0,
w3 . _
- [FLSA-2006:156139] Updated tcpdump packages fix security issues,
Marc Deslauriers
- [FLSA-2006:156290] Updated cyrus-imapd packages fix security issues,
Marc Deslauriers
- [FLSA-2006:170411] Updated imap packages fix security issue,
Marc Deslauriers
- [FLSA-2006:183571-1] Updated tar package fixes security issue,
Marc Deslauriers
- [FLSA-2006:183571-2] Updated tar package fixes security issue,
Marc Deslauriers
- [FLSA-2006:180159] Updated unzip package fixes security issue,
Marc Deslauriers
- [eVuln] Null news SQL Injection Vulnerability,
alex
- [FLSA-2006:184074] Updated pine package fixes security issue,
Marc Deslauriers
- [FLSA-2006:184098] Updated libc-client packages fixes security issue,
Marc Deslauriers
- [Updated] [FLSA-2006:186277] Updated sendmail packages fix security issue,
Marc Deslauriers
- SQL Injection in Chipmunk Guestbook,
dr . jr7
- Sire 2.0 Nws Remote File inclusion & Arbitary Files Upload,
simo64
- [Kaffeine Security Advisory] Heap based buffer overflow in http_peek(),
Dirk Mueller
- [eVuln] phpNewsManager Multiple SQL Injections,
alex
- Welcome to XCon2006 in China!,
xcon
- [SECURITY] [DSA 1031-1] New cacti packages fix several vulnerabilities,
Martin Schulze
- [SECURITY] [DSA 946-2] New sudo packages fix privilege escalation,
Martin Schulze
- google xss,
almfnod
- [security bulletin] HPSBUX02108 SSRT061133 rev.3 - HP-UX running Sendmail, Remote Execution of Arbitrary Code,
security-alert
- [ MDKSA-2006:068 ] - Updated mplayer packages fix integer overflow vulnerabilities,
security
- [KAPDA::#38] - MyBB 1.1.0~functions_post.php~XSS Attack,
addmimistrator
- [eVuln] VSNS Lemon Multiple Vulnerabilities,
alex
- PHPMyChat 0.15.0dev "SYS enter" remote commands xctn (not properly patched from previous versions),
rgod
- [ MDKSA-2006:065 ] - Updated kaffeine packages fix remote buffer overflow vulnerability,
security
- Matt Wright Guestbook Xss Script İnjection,
liz0
- [eVuln] vCounter - sourceworkshop SQL Injection Vulnerability,
alex
- [USN-268-1] Kaffeine vulnerability,
Martin Pitt
- LayerOne 2006 - Finalized Speaker Line-Up Announced,
Layer One
- PHPMyChat <= 0.14.5 remote commands execution,
rgod
- Re: SQL injection in Invision Power Board v2.1.5,
optix_prorat100
- [SECURITY] [DSA 1028-1] New libimager-perl packages fix denial of service,
Martin Schulze
- [ECHO_ADV_28$2006] Clever Copy <= 3.0 Connect.inc Critical Information Disclosure,
eufrato
- [ MDKSA-2006:067 ] - Updated clamav packages fix vulnerabilities,
security
- [ GLSA 200604-05 ] Doomsday: Format string vulnerability,
Stefan Cornelius
- MAXDEV CMS Multiple vulnerabilities,
king_purba
- [SECURITY] [DSA 1018-2] New Linux kernel 2.4.27 packages fix several vulnerabilities,
Moritz Muehlenhoff
- [eVuln] newsletter - sourceworkshop SQL Injection Vulnerability,
alex
- [ GLSA 200604-04 ] Kaffeine: Buffer overflow,
Sune Kloppenborg Jeppesen
- Shadowed Portal Cross Site Scripting,
liz0
- [SECURITY] [DSA 1027-1] New mailman packages fix denial of service,
Martin Schulze
- XSS Bug in Cherokee Webserver,
rubengarrote
- [SECURITY] [DSA 1029-1] New libphp-adodb packages fix several vulnerabilities,
Martin Schulze
- Google Reader "preview" and "lens" script improper feed validation,
Debasis Mohanty
- Virtual War File İnclusion,
liz0
- Cisco Security Advisory: Cisco Optical Networking System 15000 series and Cisco Transport Controller Vulnerabilities,
Cisco Systems Product Security Incident Response Team
- [SECURITY] [DSA 1030-1] New moodle packages fix several vulnerabilities,
Martin Schulze
- Multiple vulnerability in jupiter CMS,
king_purba
- [SECURITY] [DSA 1026-1] New sash packages fix potential arbitrary code execution,
Moritz Muehlenhoff
- [ GLSA 200604-06 ] ClamAV: Multiple vulnerabilities,
Sune Kloppenborg Jeppesen
- [SECURITY] [DSA 1023-1] New kaffeine packages fix arbitrary code execution,
Martin Schulze
- Re: Bios Information Leakage,
darmawan_salihun
- [security bulletin] HPSBUX02110 SSRT061110 rev.1 - HP-UX Running wu-ftpd Remote Denial of Service (DoS),
security-alert
- [security bulletin] HPSBUX02111 SSRT061132 rev.1 - HP-UX su(1) Local Unauthorized Access,
security-alert
- [SECURITY] [DSA 1025-1] New dia packages fix arbitrary code execution,
Martin Schulze
- IE6 Crash,
tel
- [Overflow.pl] Clam AntiVirus Win32-UPX Heap Overflow (not default configuration),
Damian Put
- XMB Forum 1.9.5-Final XSS,
r0xes . ratm
- Oracle read-only user can insert/update/delete data via specially crafted views,
ak
- TUGZip Archive Extraction Directory traversal,
h e
- Vulnerabilities in SPIP,
crasher
- PhpOpenChat 3.0.x ADODB Server.php "sql" SQL injection,
rgod
- phpinfo() Cross Site Scripting PHP 5.1.2 and 4.4.2,
cxib
- function *() php/apache Crash PHP 4.4.2 and 5.1.2,
cxib
- tempnam() open_basedir bypass PHP 4.4.2 and 5.1.2,
cxib
- copy() Safe Mode Bypass PHP 4.4.2 and 5.1.2,
cxib
- MyBB 1.10 'newthread.php' < CrossSiteScripting >,
o . y . 6
- Myspace.com - Intricate Script Injection,
silentproducts
- Vegadns blind sql injection and cross site scripting,
king_purba
- PHPList <= 2.10.2 remote commands execution,
rgod
- Jbook Cross Site Scripting,
root__
- phpMyForum Cross Site Scripting & CRLF injection,
root__
- PHPWebGallery Multiple Cross Site Scripting Vulnerabilities,
root__
- [USN-269-1] xscreensaver vulnerability,
Martin Pitt
- Confixx 3.1.2 <= Cross Site Scripting Vuln,
sn4k3 . 23
- INDEXU <= 5.0.1 (theme_path)and (base_path) Remote File Inclusion Exploit,
selfar2002
- [ MDKSA-2006:069 ] - Updated openvpn packages fix vulnerability,
security
- Multiple vulnerabilities in Blur6ex,
crasher
- phpListPro <= 2.0 - Remote File Include Vulnerability,
admin
- Realplayer .SWF Multiple Remote Memory Corruption Vulnerabilities,
Sowhat
- [eVuln] [V]Book Multiple Vulnerabilities,
alex
- ZDI-06-007: Microsoft Windows Address Book (WAB) File Format Parsing Vulnerability,
zdi-disclosures
- Manila <= 9.5 - XSS Vulnerabilities,
d4igoro
- Confixx 3.1.2 <= SQL Injection,
sn4k3 . 23
- IBM,
ptt
- Tritanium Bulletin Board 1.2.3 - XSS,
d4igoro
- [eVuln] VNews Multiple Vulnerabilities,
alex
- [SRC-Telindus advisory] - HP System Management Homepage Remote Unauthorized Access,
SRC Telindus
- AzDGVote File inclusion,
selfar2002
- [ MDKSA-2006:071 ] - Updated xscreensaver packages fix clear-text password vulnerability,
security
- [ MDKSA-2006:070 ] - Updated openvpn packages fix vulnerability,
security
- IMF 2006 - Submission Deadline Extension,
Oliver Goebel
- IT Underground, London 2006 - call for papers,
it_underground
- SAXoPRESS - directory traversal,
securiteam
- 2nd European Conference on Computer Network Defense (EC2ND),
Blyth A J C (Comp)
- Microsoft Internet Explorer DBCS Remote Memory Corruption Vulnerability,
Sowhat
- Re: Buffer-overflow in Ultr@VNC 1.0.1 viewer POC,
phaas
- [SECURITY] [DSA 1032-1] New zope-cmfplone packages fix unprivileged data manipulation,
Moritz Muehlenhoff
- [eVuln] QLnews XSS and PHP Code Insertion Vulnerabilities,
alex
- Simplog <=0.9.2 multiple vulnerabilities,
rgod
- [SECURITY] [DSA 1033-1] New horde3 packages fix several vulnerabilities,
Moritz Muehlenhoff
- Vulnerability in Microsoft FrontPage Server Extensions Could Allow Cross-Site Scripting,
Esteban Martinez Fayo
- [security bulletin] HPSBUX02108 SSRT061133 rev.6 - HP-UX running Sendmail, Remote Execution of Arbitrary Code,
security-alert
- [USN-270-1] xpdf vulnerabilities,
Martin Pitt
- Clansys Multiple Xss Vulnerabilities,
Soothackers
- Re: phpWebsite <= SQL Injection (friend.php) & (article.php),
shaun
- PatroNet CMS Xss Vuln,
Soothackers
- Windows Help Heap Overflow,
c0ntexb
- SimpleBBS v1.1(posts.php) remote command execution,
stormhacker
- [BuHa-Security] DoS Vulnerability in Firefox 1.5.0.1,
bugtraq
- [eVuln] qliteNews SQL Injection Vulnerability,
alex
- [BuHa-Security] Stack Based Buffer Overflow Vulnerability in Amaya 9.4,
bugtraq
- [BuHa-Security] Stack Based Buffer Overflow Vulnerability in Amaya 9.4 #2,
bugtraq
- Remote File Inclusion in VBulletin ImpEx,
dr . jr7
- [BuHa-Security] Multiple Vulnerabilities in MS IE 6.0 SP2,
bugtraq
- phpWebSite 0.10.? (topics.php) Remote SQL Injection Exploit,
selfar2002
- RevoBoard [email] tag XSS,
r0xes . ratm
- Recon 2006: speaker lineup announcement,
Recon
- MyBB 1.10 New XSS ' member.php ',
o . y . 6
- QuickBlogger v1.4 Cross-Site Scripting,
botan
- phpMyAdmin 2.7.0-pl1,
kr4ch
- Re: Jupiter CMS <= 1.1.5 multiple XSS attack vectors.,
anonss
- MyBB 1.10 New CrossSiteScripting ' member.php ',
o . y . 6
- SaphpLesson 2.0 (forumid) Remote SQL Injection Exploit,
selfar2002
- Secunia Research: Adobe Document Server for Reader Extensions Multiple Vulnerabilities,
Secunia Research
- SEC Consult SA-20060314 :: Opera Browser CSS Attribute Integer Wrap / Buffer Overflow,
Bernhard Mueller
- ZDI-06-008: Novell GroupWise Messenger Accept-Language Buffer Overflow,
zdi-disclosures
- TalentSoft Web+Shop Path Disclosure,
revnic
- [eVuln] RedCMS Multiple XSS and SQL Injection Vulnerabilities,
alex
- Camino Browser HTML Parsing Null Pointer Dereference Denial of Service Vulnerability,
izimask
- PowerClan 1.14 - SQL Injection,
d4igoro
- [eVuln] aWebNews Multiple XSS and SQL Injection Vulnerabilities,
alex
- Vulnerabilities in lifetype,
crasher
- Vulnerabilities in Papoo,
crasher
- Vulnerabilities in MODx,
crasher
- Farsinews Cross-Site Scripting & Path disclosure vulnerability,
aminrayden
- osCommerce "extras/" information/source code disclosure,
rgod
- Encyclopedia <= 3.0 (login.php) CrossSite Scripting - XSS,
n0m3rcy
- phpBB Admin command execution,
noch22
- Serendipity Blog vuln,
moep
- [SECURITY] [DSA 1034-1] New horde2 packages fix several vulnerabilities,
Moritz Muehlenhoff
- phpBB template file code execution,
noch22
- Avast Linux Home Edition (vulnerability on a temporary folder creation),
Julien L.
- [ GLSA 200604-07 ] Cacti: Multiple vulnerabilities in included ADOdb,
Thierry Carrez
- Firefox 1.5.0.1 Password Manager Arbtirary User Browsing History Disclosure,
franz
- Re: Re: NETGEAR WGT624 Wireless DSL router default user name/password vulnerability,
tranceformer
- [Full-disclosure] Microsoft DNS resolver: deliberately sabotaged hosts-file lookup,
Dave Korn
- PAJAX Remote Code Injection and File Inclusion Vulnerability,
RedTeam Pentesting
- Xss In ar-blog v 5.2,
W3 . _
- RE: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup,
Derek Soeder
- planetSearch+ - XSS Vulnerabilities,
d4igoro
- Re: [ECHO_ADV_27$2006] Indexu <= 5.0.1 Remote File Inclusion,
robert
- Re: SAXoPRESS - directory traversal aka Saxotech Online,
securiteam
- Re: Sql Injection in Confixx 3.06 & 3.08 & 3.?? ?,
iovdin
- a Yahoo Vulnerability,
r57shell
- Dokeos 1.6.4 SQL Injection Vulnerability,
Alvaro Olavarria
- manila.userland cross site scriptable,
Aaron Kaplan
- ZDI-06-010: Mozilla Firefox CSS Letter-Spacing Heap Overflow Vulnerability,
zdi-disclosures
- [KAPDA]MyBB1.1.0~global.php~ParameterExtracting,
addmimistrator
- [KAPDA]CopperminePhotoGallery1.4.4~ PluginInclusionSystem(index.php)~ RemoteFileInclusion attack,
addmimistrator
- [eVuln] aWebBB Multiple XSS and SQL Injection Vulnerabilities,
alex
- [SECURITY] [DSA 1035-1] New fcheck packages fix insecure temporary file creation,
Moritz Muehlenhoff
- PHP Album <= 0.3.2.3 remote commnads execution,
rgod
- Tiny Web Gallery <= 1.4 XSS,
qex
- PhpGuestbook <= 1.0 XSS,
qex
- FlexBB <= 0.5.7 BETA XSS,
qex
- Boardsolution <= 1.12 XSS,
qex
- phpFaber TopSites Script Cross-Site Scripting,
botan
- Snipe Gallery <= 3.1.4 Multiple XSS,
qex
- DbbS<=2.0-alpha Multiple Vulnerabilities,
yamcho
- Xss In bMachine 2٫7,
W3 . _
- FlexBB v0.5.5 BETA [SQL Inj] [XSS] [Login bypass],
kr4ch
- Calendarix "yearcal.php" XSS Attacking,
botan
- MyEvent Remote File Execution And XSS Attacking,
botan
- BetaBoard Cross Site Scripting vulnerability,
easy . mask
- PhpWebFTP 3.2 Login Script,
arko . dhar
- [SECURITY] [DSA 1036-1] New bsdgames packages fix local privilege escalation,
Moritz Muehlenhoff
- - PHPGraphy <= 0.9.11 "editwelcome" unauthorized access / cross site scripting -,
rgod
- ShoutBOOK <= 1.1 XSS,
qex
- Neuron Blog <= 1.1 XSS,
qex
- [eVuln] CzarNews XSS and Multiple SQL Injection Vulnerabilities,
alex
- Tiny PHP forum - vulns,
hessam
- AnimeGenesis <= XSS,
qex
- ZDI-06-009: Mozilla Firefox Tag Parsing Code Execution Vulnerability,
zdi-disclosures
- [ GLSA 200604-08 ] libapreq2: Denial of Service vulnerability,
Thierry Carrez
- FlexBB 0.5.5 Bypass Exploit,
o . y . 6
- Neon Responder (Dos,Exploit),
Stefan Lochbihler
- [Argeniss] Alert - Yahoo! Webmail XSS,
Cesar
- gcc 4.1 bug miscompiles pointer range checks, may place you at risk,
Felix von Leitner
- Re: gcc 4.1 bug miscompiles pointer range checks, may place you at risk,
Michael Chamberlain
- Re: gcc 4.1 bug miscompiles pointer range checks, may place you at risk,
Forrest J. Cavalier III
- Re: gcc 4.1 bug miscompiles pointer range checks, may place you at risk,
Alexander Klimov
- Re: gcc 4.1 bug miscompiles pointer range checks, may place you at risk,
Florian Weimer
- Re: gcc 4.1 bug miscompiles pointer range checks, may place you at risk,
Gabor Gombas
- Re: gcc 4.1 bug miscompiles pointer range checks, may place you at risk,
Nate Eldredge
- <Possible follow-ups>
- RE: gcc 4.1 bug miscompiles pointer range checks, may place you at risk,
Michael Wojcik
- Re: gcc 4.1 bug miscompiles pointer range checks, may place you at risk,
jat-public01
- [eVuln] Wire Plastik wpBlog SQL Injection Vulnerability,
alex
- [SA-03] Example of Grsecurity protection avoid.,
adam
- Linpha 1.1.0 - XSS Vulnerabilities,
d4igoro
- Remote Xine Format String Vulnerability,
c0ntexb
- Another flaw in Firefox 1.5.0.2: to open files from remote,
miky
- axoverzicht.cgi <= XSS,
qex
- blur6ex Local File Inclusion and SQL injection .,
h e
- phpLister v. 0.4.1 XSS Attacking,
botan
- [ MDKSA-2006:072 ] - Updated kernel packages fix multiple vulnerabilities,
security
- [KAPDA::#41] - Mambo/Joomla rss component vulnerability,
alireza hassani
- Multiple critical and high risk issues in Oracle's database server,
NGSSoftware Insight Security Research
- [Symantec Security Advisory] LiveUpdate for Macintosh Local Privilege Escalation,
Secure
- CuteNews 1.4.1 <= Cross Site Scripting,
sn4k3 . 23
- SQL Injection in package SYS.DBMS_LOGMNR_SESSION,
ak
- FreeBSD Security Advisory FreeBSD-SA-06:14.fpu,
FreeBSD Security Advisories
- Oracle 10g 10.2.0.2.0 DBA exploit,
putosoft softputo
- [MajorSecurity]ActualAnalyzer - Remote File Include Vulnerability,
admin
- XSS Vulnerability in Guest-book script powered by Community Architect,
susam . pal
- Cisco Security Advisory: Cisco IOS XR MPLS Vulnerabilities,
Cisco Systems Product Security Incident Response Team
- Re: Path Disclosure and Arbitrary File Read Vulnerability in SLAB5000,
office
- [security bulletin] HPSBUX02108 SSRT061133 rev.7 - HP-UX running Sendmail, Remote Execution of Arbitrary Code,
security-alert
- Multiple vulnerabilities in Linux based Cisco products,
assurance.com.au
- RechnungsZentrale V2 - SQL injection and Remote PHP inclusion vulnerabilities,
info
- ThWboard <= 3 Beta 2.84 SQL Injection,
Qex
- Cisco Security Advisory: Multiple Vulnerabilities in the WLSE Appliance,
Cisco Systems Product Security Incident Response Team
- redirection vuln crawlers breed & security through obscurity,
Ivan Sergio Borgonovo
- Shbablek Mail Vulnerablitiy - Cross-Site Scripting,
n0m3rcy
- WWWThread RC 3 MultBugs,
o . y . 6
- ContentBoxx Login.php Cross-Site Scripting,
botan
- Fortinet28 box does not resist has small synflood!,
testx444
- Tlen.PL e-mail XSS vulnerability.,
koper
- Confixx SQL Injection exploit (confixx_exploit.pl),
defa
- EasyGallery Cross-Site Scripting,
botan
- [eVuln] MD News Authentication Bypass and SQL Injection Vulnerabilities,
alex
- Re: Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotaged hosts-file lookup,
somerandomaddress99
- SQL Injection in incredibleindia.org,
susam_pal
- [eVuln] N.T. Version 1.1.0 XSS and PHP Code Insertion Vulnerabilities,
alex
- PCPIN Chat <= 5.0.4 "login/language" remote cmmnds xctn,
rgod
- [USN-271-1] Firefox vulnerabilities,
Martin Pitt
- Strengthen OpenSSH security?,
Brett Glass
- ASPSitem <= 1.83 Remote SQL Injection Vulnerability,
Mustafa Can Bjorn IPEKCI
- [eVuln] MWGuest XSS Vulnerability,
alex
- PHPSurveyor <= 0.995 'save.php/surveyid' remote cmmnds xctn,
rgod
- ThWboard 3 Beta 2.84 Cross Site Scripting,
CrAzY . CrAcKeR
- axoverzicht.cgi<==Remote File Inclusion,
CrAzY . CrAcKeR
- [security bulletin] HPSBTU02095 SSRT051007 rev.3 - HP Tru64 UNIX Running DNS BIND4/BIND8 as Forwarders: Remote Unauthorized Privileged Access,
security-alert
- [security bulletin] HPSBST02112 SSRT061129 rev.1 - HP StorageWorks Secure Path for Windows Remote Denial of Service (DoS),
security-alert
- Ad-Aware Revisited,
Roy . Batty
- New site about security conferences : www.security-briefings.com,
newslist@xxxxxxxxxxxxxxxxxxxxxx
- Allied Telesyn Switch UDP Data Flood Management Denial Of Service Vulnerability,
kim
- RE: (addendum) redirection vuln crawlers breed & security through obscurity,
Evans, Arian
- [Argeniss] Oracle Database 10gR1 Buffer overflow in VERIFY_LOG procedure,
Cesar
- 4images <= 1.7 XSS,
qex
- Websense Filter Bypass,
qex
- Mini-NUKE v2.3<<--- SQL Injection,
CrAzY . CrAcKeR
- [ GLSA 200604-09 ] Cyrus-SASL: DIGEST-MD5 Pre-Authentication Denial of Service,
Sune Kloppenborg Jeppesen
- [ GLSA 200604-10 ] zgv, xzgv: Heap overflow,
Sune Kloppenborg Jeppesen
- [SecuriWeb 2006.1] directory traversal in Asterisk@Home and ARI,
François Harvey
- BK Forum <<--V.4.0 SQL Injection,
CrAzY . CrAcKeR
- [eVuln] MWNewsletter SQL Injection and XSS Vulnerabilities,
alex
- r57shell.php <= 1.3 XSS,
qex
- bloggage Remote SQL Injection,
omnipresent
- [SECURITY] [DSA 1037-1] New zgv packages fix arbitrary code execution,
Martin Schulze
- RE: [BULK] - Websense Filter Bypass,
Hubbard, Dan
- Scry Gallery Directory Traversal & Full Path Disclosure Vulnerabilites,
simo64
- Rapid7 Advisory R7-0021: Symantec Scan Engine Authentication Fundamental Design Error,
advisory
- Rapid7 Advisory R7-0022: Symantec Scan Engine Known Immutable DSA Private Key,
advisory
- Rapid7 Advisory R7-0023: Symantec Scan Engine File Disclosure Vulnerability,
advisory
- Rapid7 Advisory R7-0019: Directory traversal vulnerability in SolarWinds TFTP Server for Windows,
advisory
- [Symantec Security Advisor] Symantec Scan Engine Multiple Vulnerabilities,
secure
- [SECURITY] [DSA 1038-1] New xzgv packages fix arbitrary code execution,
Martin Schulze
- VWar <= ver 1.21 Remote Code Execution Exploit,
ali
- dForum <= 1.5 Multiple Remote File Inclusion Vulnerabilities.,
Mustafa Can Bjorn IPEKCI
- vBulletin <= 3.5.4 with MKPortal 1.1 Remote SQL Injection Vulnerability.,
Mustafa Can Bjorn IPEKCI
- Advisory: Simplog <= 0.93 Multiple Remote Vulnerabilities.,
Mustafa Can Bjorn IPEKCI
- Advisory: CoreNews <= 2.0.1 Multiple Remote Vulnerabilities.,
Mustafa Can Bjorn IPEKCI
- [ GLSA 200604-11 ] Crossfire server: Denial of Service and potential arbitrary code execution,
Thierry Carrez
- FlexBB 0.5.5 Exploit [ function/showprofile.php ] Remote SQL Injection,
o . y . 6
- Yahoo! Mail XSS Vulnerability,
Cheng Peng Su
- MSIE (mshtml.dll) OBJECT tag vulnerability,
Michal Zalewski
- [USN-272-1] cyrus-sasl2 vulnerability,
Martin Pitt
- NSFOCUS SA2006-03 : IBM AIX rm_mlcache_file Local Race Condition Vulnerability,
NSFOCUS Security Team
- NSFOCUS SA2006-02 : IBM AIX mklvcopy Local Privilege Escalation Vulnerability,
NSFOCUS Security Team
- [SECURITY] [DSA 1040-1] New gdm packages fix local root exploit,
Martin Schulze
- [SECURITY] [DSA 1039-1] New blender packages fix several vulnerabilities,
Martin Schulze
- Scry Gallery XSS Vulnerability,
arko . dhar
- [ GLSA 200604-14 ] Dia: Arbitrary code execution through XFig import,
Sune Kloppenborg Jeppesen
- [ GLSA 200604-13 ] fbida: Insecure temporary file creation,
Sune Kloppenborg Jeppesen
- [eVuln] RateIt SQL Injection Vulnerability,
alex
- [ GLSA 200604-12 ] Mozilla Firefox: Multiple vulnerabilities,
Thierry Carrez
- FileLodge Bolt (showonlineusers.php) Cross-Site Scripting Vulnerbility,
n0m3rcy
- XSS Bug in OpenGear Server Website,
Aditya
- BK Forum <= 4.0 Remote SQL Injection,
n0m3rcy
- [MajorSecurity] TotalCalendar 2.30 - Remote File Include Vulnerability,
admin
- [USN-273-1] Ruby vulnerability,
Martin Pitt
- RIblog Remote SQL Injection Exploit,
omnipresent
- Re: evoBlog Remote Name tag Script injection,
daniel
- Buffer-overflow and crash in Fenice OMS 1.10,
Luigi Auriemma
- Denial of service bugs in OpenTTD 0.4.7,
Luigi Auriemma
- Multiple PHP4/PHP5 vulnerabilities,
infocus
- Format string bug in Skulltag 0.96f,
Luigi Auriemma
- Advisory: Clansys <= 1.1 PHP Code Insertion Vulnerability.,
Mustafa Can Bjorn IPEKCI
- Apple Mac OS X Safari 2.0.3 Vulnerability,
- Firefox Remote Code Execution and DoS 1.5.0.2,
chris
- [MajorSecurity] phpMyAgenda 3.0 Final - Remote File Include Vulnerability,
admin
- VWar Path Disclosure,
arko . dhar
- vbulletin<--3.0.x SQL Injection,
CrAzY . CrAcKeR
- Advisory: My Gaming Ladder Combo System <= 7.0 Remote File Inclusion Vulnerability.,
Mustafa Can Bjorn IPEKCI
- ADVISORY FOR IOPUS SECURE EMAIL ATTACHMENTS,
ntwak0
- Quick 'n Easy FTP Server pro/lite Logging unicode stack overflow,
Kaveh Razavi
- [ MDKSA-2006:074 ] - Updated php packages address multiple vulnerabilities.,
security
- [ MDKSA-2006:073 ] - Updated cyrus-sasl packages addresses vulnerability,
security
- photokorn 1.53 , 1.542 << Sql,
Dr-Jr7
- NextAge Shopping Cart Software XSS,
AminRayden
- [ MDKSA-2006:075 ] - Updated mozilla-firefox packages fix numerous vulnerabilities,
security
- PhpWebFtp Cross Site Scripting Vulnerability,
arko . dhar
- [SECURITY] [DSA 1041-1] New abc2ps packages fix arbitrary code execution,
Martin Schulze
- NASL 'Split' function Buffer overflow Vulnerability,
OS2A BTO
- Invision Vulnerabilities, including remote code execution,
spam
- [SECURITY] [DSA 1042-1] New Cyrus SASL packages fix denial of service,
Martin Schulze
- Fenice - Open Media Streaming Server remote BOF exploit,
Kaveh Razavi
- PowerPoint Phishing Trojan,
Lance James
- Multiple vulnerabilities in IP3 Networks 'NetAccess' NA75 appliance,
Moonen, Ralph
- Multiple browsers Windows mailto protocol Office 2003 file attachment exploit,
inge . henriksen
- Instant Photo Gallery <= Multiple XSS,
qex
- DCForumLite V 3.0<--XSS/SQL Injection,
Breeeeh
- Recent Oracle exploit is _actually_ an 0day with no patch,
David Litchfield
- [ MDKSA-2006:076 ] - Updated mozilla packages fix numerous vulnerabilities,
security
- [ MDKSA-2006:077 ] - Updated ethereal packages fix numerous vulnerabilities,
security
- [ MDKSA-2006:078 ] - Updated mozilla-thunderbird packages fix numerous vulnerabilities,
security
- [ MDKSA-2006:079 ] - Updated ruby packages fix vulnerability,
security
- Cisco Security Advisory: Cisco VPN 3000 Concentrator Vulnerable to Crafted HTTP Attack,
Cisco Systems Product Security Incident Response Team
- [SECURITY] [DSA 1044-1] New Mozilla Firefox packages fix several vulnerabilities,
Martin Schulze
- MySmartBB<---v 1.1.x SQL Injection/XSS,
BoNy-m
- DevBB <= 1.0.0 XSS,
qex
- Secunia Research: SpeedProject Products ACE Archive Handling Buffer Overflow,
Secunia Research
- [ GLSA 200604-15 ] xine-ui: Format string vulnerabilities,
Sune Kloppenborg Jeppesen
- [SECURITY] [DSA 1043-1] New abcmidi packages fix arbitrary code execution,
Martin Schulze
- [ GLSA 200604-16 ] xine-lib: Buffer overflow vulnerability,
Sune Kloppenborg Jeppesen
- [eVuln] warforge.NEWS SQL Injection and Multiple XSS Vulnerabilities,
alex
- SQL Injection On DUportal,
outlaw
- Open Bulletin Board < Multiple Vulnerability,
qex
- XXS Attack On FarsiNews,
outlaw
- Local XXS Attack On CuteNews,
outlaw
- ZDI-06-011: Mozilla Firefox Table Rebuilding Code Execution Vulnerability,
zdi-disclosures
- Re: Apple Mac OS X Safari 2.0.3 Vulnerability,
jens
- Re: XV multiple buffer overflows (update),
kvea
- [EEYEB-20060227] Juniper Networks SSL-VPN Client Buffer Overflow,
eEye Advisories
- MyBB 1.1.1 Local SQL Injections,
o . y . 6
- ,
Yannick von Arx
- [USN-274-1] MySQL vulnerability,
Martin Pitt
- Land Down Under 802 and below version Path Disclosure Vulnerability,
Advisory
- [security bulletin] HPSBUX02108 SSRT061133 rev.9 - HP-UX running Sendmail, Remote Execution of Arbitrary Code,
security-alert
- [security bulletin] HPSBUX02075 SSRT051074 rev.4 - HP-UX Running xterm Local Unauthorized Access,
security-alert
- [ GLSA 200604-17 ] Ethereal: Multiple vulnerabilities in protocol dissectors,
Sune Kloppenborg Jeppesen
- [security bulletin] HPSBMA02113 SSRT061148 rev.1 - HP Oracle for OpenView (OfO) Critical Patch Update April 2006,
security-alert
- SQL injection exploit IPB <= 2.1.4,
satanchild123
- [USN-275-1] Mozilla vulnerabilities,
Martin Pitt
- [SECURITY] [DSA 1045-1] New OpenVPN packages fix arbitrary code execution,
Martin Schulze
- [SECURITY] [DSA 1046-1] New Mozilla packages fix several vulnerabilities,
Martin Schulze
- BL4's SMTP server BufferOverflow Vulnerable,
the_day
- Secunia Research: Servant Salamander unacev2.dll Buffer Overflow Vulnerability,
Secunia Research
- [ECHO_ADV_31$2006] Sws Web Server 0.1.7 Strcpy() & Syslog() Format String Vulnerability,
the_day
- WinISO/UltraISO/MagicISO/PowerISO Directory Traversal Vulnerability,
Sowhat
- Cireos Portal Cross Site Scripting,
outlaw
- [Argeniss] Alert - Yahoo! Mail XSS vulnerability,
Cesar
- [Kurdish Security #3] CoolMenus Event Remote File Include Vulnerability (For PHP),
botan
- [ GLSA 200604-18 ] Mozilla Suite: Multiple vulnerabilities,
Thierry Carrez
- [Kurdish Security #2] Artmedic Event Remote File Include Vulnerability,
botan
- Neomail.pl Local Cross Site Scripting,
outlaw
- [Kurdish Secure Advisory #1] I-RATER Platinum "Admin/configsettings.tpl.php" Remote File Include Vulnerability,
botan
- Invision Power Board 2.1.5 POC,
Javier Olascoaga
- poll.pl<--remote commands execution exploit,
CrAzY . CrAcKeR
- W-Agora 4.20 XSS,
r0xes . ratm
- XSS Attack On DirectAdmin Hosting Managment,
outlaw
- TopList <= 1.3.8 (PHPBB Hack) Remote File Inclusion Vulnerability,
mfoxhacker
- TextFileBB 1.0.16 Multiple XSS,
r0xes . ratm
Mail converted by MHonArc