Mail Index

• Thread Index

• Browser bugs hit IE, Firefox today (SANS)
  • From: Bill Stout
• Re: [Full-disclosure] Browser bugs hit IE, Firefox today (SANS)
  • From: Juha-Matti Laurio
• ezWaiter v3.0 - XSS
  • From: luny
• [SECURITY] [DSA 1104-1] New OpenOffice.org packages fix several vulnerabilities
  • From: Martin Schulze
• libwmf integer/heap overflow
  • From: sean
• [ GLSA 200606-30 ] Kiax: Arbitrary code execution
  • From: Sune Kloppenborg Jeppesen
• Zen-Cart 1.3.0.2 Full Path Disclosure
  • From: o . y . 6
• [Kil13r-SA-20060701-1] Ahnlab Search Cross-Site Scripting Vulnerability
  • From: mac68k
• [Kil13r-SA-20060701-2] MoniWiki 1.1.1 Cross-Site Scripting Vulnerability
  • From: mac68k
• [Kil13r-SA-20060701-3] Massting Cross-Site Scripting Vulnerability
  • From: mac68k
• ISC: Firefox immune to outerHTML flaw in MSIE [Was: Browser bugs hit IE, Firefox]
  • From: Juha-Matti Laurio
• ZDI-06-020: Apple iTunes AAC File Parsing Integer Overflow Vulnerability
  • From: zdi-disclosures
• FreeHost "misc.php & news.php" SQL Injection
  • From: CrAzY . CrAcKeR
• MyNewsGroups<<--v. 0.6 "tree.php" SQL Injection
  • From: CrAzY . CrAcKeR
• CDJ<<--V NITKID 2.0 "category.php" SQL Injection
  • From: CrAzY . CrAcKeR
• Module's Name "Classifieds" SQL Injection
  • From: CrAzY . CrAcKeR
• My smiles "browse.php" SQL Injection
  • From: CrAzY . CrAcKeR
• Hobbit monitor: Security issue with Hobbit 4.2-beta client
  • From: Henrik Stoerner
• NewsPHP 2006 PRO XSS SQL injection Vulnerability
  • From: securityconnection
• News <= 5.2 XSS, SQL Injection, Full Path Disclosure
  • From: gmdarkfig
• Re: [Full-disclosure] Re[2]: Is Windows TCP/IP source routing PoC code available?
  • From: 3APA3A
• phpBB 2.0.21 Full Path Disclosure
  • From: xzerox
• Re: PHP security (or the lack thereof)
  • From: Kevin Waterson
• RE: [Full-disclosure] Browser bugs hit IE, Firefox today (SANS)
  • From: Schmehl, Paul L
• Re: Browser bugs hit IE, Firefox today (SANS)
  • From: Alex Potter
• Re: Msie 7.0 beta Crash
  • From: mike
• [security bulletin] HPSBUX02128 SSRT5996 - rev.1 HP-UX mkdir(1) Local Unauthorized Access
  • From: security-alert
• [security bulletin] HPSBUX02103 SSRT5953 rev.3 - HP-UX passwd(1) Local Denial of Service (DoS)
  • From: security-alert
• Buddy Zone Version 1.0.1 - XSS
  • From: luny
• mAds v1.0
  • From: lunY
• phpMyAdmin : Cross-Site Scripting Vulnerability
  • From: bug@xxxxxxxxxxxxxxx
• DEF CON 14: Speakers Selected and more.
  • From: The Dark Tangent
• OPERA Web Browser 9 Denial OF Service
  • From: y3dips
• Internet Crna Gora SQL Injection
  • From: Breeeeh
• SmS Script SQL Injection
  • From: Breeeeh
• Sql injection in Diesel joke site script
  • From: black code
• SturGeoN Upload v1 Remote Command Execution Exploit
  • From: gmdarkfig
• Whitepaper: IT (in)security implementation in a real world example
  • From: Denis Jedig
• Php-Fusion (Xss) With Avatar Upload
  • From: zeberus_
• Glossaire<<--v1.7 Remote File Include
  • From: CrAzY . CrAcKeR
• call for papers - IT Underground, Italy 2006
  • From: it_underground
• [MajorSecurity #19] AutoRank <= 5.01 - Multiple XSS and cookie disclosure
  • From: admin
• WordPress 2.0.3 SQL Error and Full Path Disclosure
  • From: xzerox
• plume-cms v1.0.4 Multiple Remote File include
  • From: KARKOR23
• Pearl Products Multiple Remote File Inclusion
  • From: xzerox
• free QBoard v1.1 Multiple Remote File include
  • From: KARKOR23
• Re: [Full Disclosure] [Kil13r-SA-20060701-2] MoniWiki 1.1.1 Cross-Site Scripting Vulnerability
  • From: mac68k
• Multiple vulnerabilities in TK8 Safe v.3.0.5
  • From: clappymonkey
• popup Vacation Rentals[calendar_year.php] SQL Injection
  • From: BoNy-m
• QTOFileManager 1.0
  • From: securityconnection
• Invision Power Board v1.3 Final SQL Injection
  • From: Breeeeh
• Contact for nhl.com
  • From: C. Hamby
• Excel 2000/XP/2003 Style 0day POC
  • From: nanika
• 5 php scripts remote database password disclosure
  • From: gmdarkfig
• Call For Papers - No cON Name 2006 Edition Spain
  • From: deese
• [ GLSA 200607-01 ] mpg123: Heap overflow
  • From: Sune Kloppenborg Jeppesen
• ZoneAlarm Insufficient protection of registry key 'VETFDDNT\Enum' Vulnerability
  • From: David Matousek
• TBE 4.0 XSS
  • From: securityconnection
• imgsvr dos exploit by n00b
  • From: co296
• Re: Browser bugs hit IE, Firefox today (SANS)
  • From: Thor Larholm
• [scip_Advisory 2351] Kyberna AG ky2help various form fields SQL Injection
  • From: Marc Ruef
• galleria <= 1.0 Remote File Inclusion Vulnerability
  • From: ineal
• Re: WordPress 2.0.3 SQL Error and Full Path Disclosure
  • From: James Davis
• [scip_Advisory 2352] F5 FirePass 4100 prior 6.x multiple Cross Site Scripting
  • From: Marc Ruef
• file include exploits in randshop v1.2
  • From: black code
• PhpWebGallery Cross Site Scripting Vulnerability
  • From: iss4m . h
• Re: file include exploits in randshop v1.2
  • From: Rainer Duffner
• Re: WordPress 2.0.3 SQL Error and Full Path Disclosure
  • From: Jaroslaw Sajko
• [Bugtraq] Re: flock d0s exploit remote. beta 1 (v0.7)
  • From: .myke lyons
• Invision Power Board "v1.X & 2.X" SQL Injection
  • From: CrAzY . CrAcKeR
• Re: Browser bugs hit IE, Firefox today (SANS)
  • From: Paul Szabo
• Shopping Cart V0.9
  • From: luny
• Windows Explorer URL File format overflow
  • From: nanika
• Touch arbitrary file execute vulnerability
  • From: Alex Park
• sNews 1.3 XSS SQL
  • From: securityconnection
• BLOG:CMS 4.1.0 SQL injection File Include Vulnerability
  • From: securityconnection
• Re: PHP security (or the lack thereof)
  • From: Dan Falconer
• [ MDKSA-2006:116 ] - Updated kernel packages fixes multiple vulnerabilities
  • From: security
• vBulletin 3.5.4 (install_path) Exploit
  • From: CarcaBotx
• TigerTom Scripts
  • From: luny
• [SECURITY] [DSA 1104-2] New OpenOffice.org packages fix arbitrary code execution
  • From: Martin Schulze
• Public Advisory: Horde 3.1.1, 3.0.10 Multiple Security Issues
  • From: Moritz Naumann
• Re: vBulletin 3.5.4 (install_path) Exploit
  • From: mikathebest2003
• [USN-308-1] shadow vulnerability
  • From: Martin Pitt
• [USN-309-1] libmms vulnerability
  • From: Martin Pitt
• [USN-310-1] ppp vulnerability
  • From: Martin Pitt
• Re: vBulletin 3.5.4 (install_path) Exploit
  • From: scott
• Re: IBM AIX Security contact?
  • From: Troy Bollinger
• Major updates to Excel 0-day Vulnerability FAQ at SecuriTeam Blogs
  • From: Juha-Matti Laurio
• Various heap and stack overflow bugs in AdPlug library 2.0 (CVS 04 Jul 2006)
  • From: Luigi Auriemma
• McAfee VirusScan Enterprise 8.0.0 Buffer Overflow
  • From: johndoe1529
• Mico crashes when contected with wrong IOR / DoS
  • From: tuergeist
• TSLSA-2006-0040 - kernel
  • From: Trustix Security Advisor
• WebEx Downloader Plug-in Multiple Vulnerabilities + rant
  • From: Mark Litchfield
• PHP-Blogger Multiple Cross Site Scripting Vulnerabilities
  • From: OS2A BTO
• ATutor : Cross-Site Scripting Vulnerabilities
  • From: bug@xxxxxxxxxxxxxxx
• [ECHO_ADV_36$2006] ExtCalendar <== v2.0 Remote File Include Vulnerabilities
  • From: matdhule
• Possible code execution in Kaillera 0.86
  • From: Luigi Auriemma
• rPSA-2006-0122-1 kernel
  • From: Justin M. Forbes
• Format string bug in Sparklet 0.9.4try3
  • From: Luigi Auriemma
• PBL Guestbook <= 1.32 XSS & SQL Querys Vulnerabilities
  • From: paisterist . nst
• [ MDKSA-2006:117 ] - Updated libmms packages fix buffer overflow vulnerability
  • From: security
• HostingController: An attacker can gain reseller privileges and after that can gain admin privileges
  • From: Irsdl
• Sport-slo.net Guestbook v1.0
  • From: luny
• IBM AIX Security contact?
  • From: Joxean Koret
• Pivot <=1.30rc2 privilege escalation / remote commands execution
  • From: rgod
• [SECURITY] [DSA 1105-1] New xine-lib packages fix denial of service
  • From: Martin Schulze
• lintah_|adv|_01@2006>=========<[Aura-CMS v1.62]<===>[XSS vulnerable]&[bug]
  • From: k07iX
• ZDI-06-021: WebEx Downloader Plug-in Code Execution Vulnerability
  • From: zdi-disclosures
• [ MDKSA-2006:118 ] - Updated OpenOffice.org packages fix various vulnerabilities
  • From: security
• PAPOO <=3RC3 sql injection / admin credentials disclosure
  • From: rgod
• Re: [Bugtraq] Re: flock d0s exploit remote. beta 1 (v0.7)
  • From: flockoyd
• [KAPDA::#46] - AjaxPortal Authentication Bypass
  • From: alireza hassani
• ATutor 1.5.3 Cross Site Scripting
  • From: securityconnection
• RW::Download stats.php Remote File Inc.
  • From: StorMBoY
• [ GLSA 200607-03 ] libTIFF: Multiple buffer overflows
  • From: Sune Kloppenborg Jeppesen
• Webvizyon Portal 2006 Version SQL Injection
  • From: StorMBoY
• Securing PHP or finding PHP alternatives (was: PHP security (or the lack thereof))
  • From: Gezim Hoxha
• Re: Invision Power Board "v1.X & 2.X" SQL Injection
  • From: mattmecham
• Graffiti Forums v1.0 SQL Injection Vulnerabilities
  • From: paisterist . nst
• Re: Mico crashes when contected with wrong IOR / DoS
  • From: tuergeist
• [ GLSA 200607-04 ] PostgreSQL: SQL injection
  • From: Sune Kloppenborg Jeppesen
• MT rmcek Toplist v2.2 Version Microsoft Access Driver ( MDB ) Download
  • From: StorMBoY
• LAMP vs Microsoft
  • From: Darren Reed
• Re: RE: Invision Vulnerabilities, including remote code execution
  • From: mattmecham
• Re: [KAPDA::#46] - AjaxPortal Authentication Bypass
  • From: earthquake
• ERNW Security Advisory 02/2006 - Buffer Overflow in sipXtapi (used in AOL Triton)
  • From: mozilla
• Re: rPSA-2006-0122-1 kernel
  • From: Paul Starzetz
• [ECHO_ADV_37$2006] pc_cookbook Mambo/Joomla Component <= v0.3 Remote File Include Vulnerabilities
  • From: matdhule
• [SECURITY] [DSA 1106-1] New ppp packages fix privilege escalation
  • From: Martin Schulze
• Re: [ MDKSA-2006:116 ] - Updated kernel packages fixes multiple vulnerabilities
  • From: Paul Starzetz
• phpPolls 1.0.3 Administration ByPass
  • From: alp_eren
• Re: galleria <= 1.0 Remote File Inclusion Vulnerability
  • From: counterpoint
• Re: Invision Power Board v1.3 Final SQL Injection
  • From: mattmecham
• [USN-312-1] gimp vulnerability
  • From: Martin Pitt
• RE: MIMESweeper For Web 5.X Cross Site Scripting
  • From: Erez Metula
• CC announces new Rootkit help forum insync with Book
  • From: Paul Laudanski
• MS Word Unchecked Boundary Condition Vulnerability
  • From: naveed
• Re: Re: vBulletin 3.5.4 (install_path) Exploit
  • From: mikathebest2003
• RE: WebEx Downloader Plug-in Multiple Vulnerabilities + rant
  • From: Web Ex
• Digital Armaments Security Advisory 10.07.2006: Flexwath Authorization Bypassing and XSS Vulnerability
  • From: info
• Re: Mico crashes when contected with wrong IOR / DoS
  • From: Karel Gardas
• Re: PHP security (or the lack thereof)
  • From: Darren Reed
• Old vulnerable sotwares collection
  • From: Jerome Athias
• Webmin / Usermin Arbitrary File Disclosure Vulnerability exploit
  • From: Alexander Hristov
• Re: Windows Explorer URL File format overflow
  • From: naveed
• Re: Mico crashes when contected with wrong IOR / DoS
  • From: Karel Gardas
• [SECURITY] [DSA 1107-1] New GnuPG packages fix denial of service
  • From: Martin Schulze
• Re: Mico crashes when contected with wrong IOR / DoS
  • From: tuergeist
• Local file inclusion in Farsinews3.0BETA1
  • From: armin390
• [ANNOUNCEMENT] Samba 3.0.1 - 3.0.22: memory exhaustion DoS against smbd
  • From: Gerald (Jerry) Carter
• randshop <= 1.1.x (index.php) Remote File Inclusion Vulnerability
  • From: Saudi . Unix
• Re: LAMP vs Microsoft
  • From: Jarrod Frates
• Juniper Networks DX Web Administration Persistent System Log XSS Vulnerability
  • From: Darren Bounds
• Re: LAMP vs Microsoft
  • From: Bob Beck
• Re: Securing PHP or finding PHP alternatives
  • From: Crispin Cowan
• [ GLSA 200607-02 ] FreeType: Multiple integer overflows
  • From: Sune Kloppenborg Jeppesen
• [ GLSA 200607-05 ] SHOUTcast server: Multiple vulnerabilities
  • From: Sune Kloppenborg Jeppesen
• SYMSA-2006-007: Microsoft Office Malformed String Parsing Vulnerability
  • From: research
• CYBSEC - Security Pre-Advisory: Microsoft Windows DHCP Client Service Remote Buffer Overflow
  • From: Mariano Nuñez Di Croce
• TSRT-06-02: Microsoft SRV.SYS Mailslot Ring0 Memory Corruption Vulnerability
  • From: Tippingpoint Security Research Team
• ZDI-06-022: Microsoft Office Excel File Rebuilding Code Execution Vulnerability
  • From: zdi-disclosures
• Re: LAMP vs Microsoft
  • From: Steven M. Christey
• [USN-313-1] OpenOffice.org vulnerabilities
  • From: Martin Pitt
• [USN-316-1] installer vulnerability
  • From: Martin Pitt
• [USN-315-1] libmms, xine-lib vulnerabilities
  • From: Martin Pitt
• Cisco Security Advisory: Multiple Cisco Unified CallManager Vulnerabilities
  • From: Cisco Systems Product Security Incident Response Team
• [ MDKA-2006:119 ] - Updated ppp packages fix plugin vulnerability
  • From: security
• Cisco Security Advisory: Cisco Router Web Setup Ships with Insecure Default IOS Configuration
  • From: Cisco Systems Product Security Incident Response Team
• Re: ATutor 1.5.3 Cross Site Scripting
  • From: info
• SQuery <= 4.5(libpath) Remote File Inclusion Exploit
  • From: SHiKaA-
• Re: [ANNOUNCEMENT] Samba 3.0.1 - 3.0.22: memory exhaustion DoS against smbd
  • From: Gerald (Jerry) Carter
• [USN-314-1] samba vulnerability
  • From: Martin Pitt
• Cisco Security Advisory: Cisco Intrusion Prevention System Malformed Packet Denial of Service
  • From: Cisco Systems Product Security Incident Response Team
• rPSA-2006-0128-1 samba samba-swat
  • From: Justin M. Forbes
• Fuzzing Microsoft Office
  • From: naveed
• SMB Information Disclosure Vulnerability
  • From: Avert
• Linux Kernel 2.6.x PRCTL Core Dump Handling - Local r00t Exploit ( BID 18874 / CVE-2006-2451 )
  • From: Roman Medina-Heigl Hernandez
• Microsoft Excel Array Index Error Remote Code Execution
  • From: Sowhat
• [ MDKSA-2006:117-1 ] - Updated libmms packages fix buffer overflow vulnerability
  • From: security
• NSFOCUS SA2006-04 : Microsoft Office GIF Filter Buffer Overflow Vulnerability
  • From: NSFOCUS Security Team
• [SECURITY] [DSA 1108-1] New mutt packages fix arbitrary code execution
  • From: Moritz Muehlenhoff
• TOPo v.2.2.178 Account Reset
  • From: darkz . gsa
• S21Sec-032-en: Vulnerability in Fatwire Content Server
  • From: labs
• Re: Browser bugs hit IE, Firefox today (SANS)
  • From: 3CO
• RE: Old vulnerable sotwares collection
  • From: John Rigali
• Lazarus Guestbook Cross Site Scripting Vulnerabilities
  • From: simo64
• [ MDKSA-2006:120 ] - Updated samba packages fix DoS vulnerability
  • From: security
• NSFOCUS SA2006-06 : Microsoft Excel COLINFO Record Buffer Overflow Vulnerability
  • From: NSFOCUS Security Team
• New CVE number states Excel Style handling as a separate issue
  • From: Juha-Matti Laurio
• Re: WordPress 2.0.3 SQL Error and Full Path Disclosure
  • From: zck zck
• Re: # MHG Security Team --- PHPAskIt v2.0.1 Remote File Inc.
  • From: Amelie
• NSFOCUS SA2006-05 : Microsoft Excel SELECTION Record Memory Corruption Vulnerability
  • From: NSFOCUS Security Team
• FLV Players Multiple Input Validation Vulnerabilities
  • From: xzerox
• [ MDKSA-2006:121 ] - Updated xine-lib packages fix buffer overflow vulnerability
  • From: security
• Re: # MHG Security Team --- PHPAskIt v2.0.1 Remote File Inc.
  • From: amelie
• [ECHO_ADV_38$2006] Multiple Mambo/Joomla Component Remote File Include Vulnerabilities
  • From: matdhule
• RE: WordPress 2.0.3 SQL Error and Full Path Disclosure
  • From: Aaron Newman
• SYMSA-2006-004 (Full Details): Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution
  • From: research
• [USN-317-1] zope2.8 vulnerability
  • From: Martin Pitt
• Photocycle v1.0 - XSS
  • From: luny
• ScozNews Final-Php <=1.1 Remote File Inclusion Vulnerability
  • From: x0r0n
• Orbitmatrix PHP Script v1.0
  • From: luny
• Flipper Poll <= 1.1.0 Remote File Inclusion Vulnerability
  • From: x0r0n
• [USN-318-1] libtunepimp vulnerability
  • From: Martin Pitt
• [ MDKSA-2006:122 ] - Updated php packages fix multiple vulnerabilities
  • From: security
• flatnuke <= 2.5.7 arbitrary php file upload
  • From: rgod
• PHORUM 5 arbitrary local inclusion
  • From: rgod
• phpbb 3.x sql injection (with global moderator rights)
  • From: rgod
• [ MDKSA-2006:123 ] - Updated kernel packages fixes multiple vulnerabilities
  • From: security
• Re: [ECHO_ADV_38$2006] Multiple Mambo/Joomla Component Remote File Include Vulnerabilities
  • From: Joxean Koret
• perForms <= 1.0 ([mosConfig_absolute_path]) Remote File Inclusion
  • From: endeneu
• [security bulletin] HPSBUX02120 SSRT051057 rev.2 - HP-UX Local Denial of Service (DoS)
  • From: security-alert
• rPSA-2006-0122-2 kernel
  • From: Justin M. Forbes
• Re: WebEx Downloader Plug-in Multiple Vulnerabilities + rant
  • From: Mark Rowe
• IE <= 6 DoS vulnerability
  • From: jonasschaub
• Phorum 5.1.15 security release (fixes "PHORUM 5 arbitrary local inclusion")
  • From: Maurice Makaay
• Microsoft Works - Buffer Overflows / Denial of Service (DoS)-Vulnerabilities
  • From: Benjamin Tobias Franz
• Linux Kernel 2.6.x PRCTL Core Dump Handling -- Simple workaround
  • From: Caveo Internet BV - Security
• EEYE: McAfee ePolicy Orchestrator Remote Compromise
  • From: eEye Advisories
• Re: Photocycle v1.0 - XSS
  • From: securityfocus
• Re: Linux Kernel 2.6.x PRCTL Core Dump Handling -- Simple workaround
  • From: Hugo van der Kooij
• Bybass HTTP ( extension files ) in ISA 2004
  • From: medozero
• MS Power Point Multiple Vulnerabilities (powerpnt.exe)- POC
  • From: naveed
• MS Power Point Multiple Vulnerabilities - (mso.dll) POC
  • From: naveed
• MS Power Point Multiple Vulnerabilities - (memory corruption) POC
  • From: naveed
• Norton Insufficient protection of Norton service registry keys
  • From: David Matousek
• Kerio Terminating 'kpf4ss.exe' using internal runtime error Vulnerability
  • From: David Matousek
• Re: Securing PHP or finding PHP alternatives
  • From: Michael Shigorin
• Re: Securing PHP or finding PHP alternatives
  • From: SkyFlash
• Linux sys_prctl LKM based hotfix
  • From: Abhisek Datta
• crashing firefox <= 1.5.0.4
  • From: reywen
• saphp "add.php" forumid Parameter SQL Injection
  • From: Breeeeh
• RE: Re: vBulletin 3.5.4 (install_path) Exploit
  • From: Robert Marquardt
• XSS phpBB 2.0.21 in administration
  • From: renatrix
• MyGallery "Room.php" SQL Injection
  • From: Breeeeh
• Rocks Clusters <=4.1 local root
  • From: Xavier
• Re: WordPress 2.0.3 SQL Error and Full Path Disclosure
  • From: jholguin
• [SECURITY] Plain text password in Finjan Appliance 5100/8100 NG backup file
  • From: finde_schwachstelle
• Re: Webmin / Usermin Arbitrary File Disclosure Vulnerability exploit
  • From: José Parrella
• Phorum 5.1.14 XSS SQL injection Vulnerability
  • From: securityconnection
• Re: WordPress 2.0.3 SQL Error and Full Path Disclosure
  • From: nate
• MiniBB Forum <= 1.5a Remote File Include Vulnerabilities
  • From: matdhule
• VBZooM "sendmail.php" SQL Injection
  • From: Breeeeh
• Re: [Full-disclosure] ERNW Security Advisory 02/2006 - Buffer Overflow in sipXtapi (used in AOL Triton)
  • From: Mailinglists
• Re: LAMP vs Microsoft
  • From: Darren Reed
• SubberZ[Lite] - Remote File Include
  • From: ChironeX . FleckeriX
• RE: MIMESweeper For Web 5.X Cross Site Scripting
  • From: Erez Metula
• VBZooM <=V1.11 " reply.php" SQL Injection
  • From: Breeeeh
• VBZooM <=V1.11 " ignore-pm.php" SQL Injection
  • From: Breeeeh
• Microsoft PowerPoint 0-day Vulnerability FAQ document written
  • From: Juha-Matti Laurio
• Re: [ GLSA 200607-05 ] SHOUTcast server: Multiple vulnerabilities
  • From: Cyneox
• Re: Securing PHP or finding PHP alternatives
  • From: Sheryl Coppenger
• Re: phpbb 3.x sql injection (with global moderator rights)
  • From: bugtraq
• Crtical Shockwave Embeded XSS Execution
  • From: spammeanddie
• Re: Securing PHP or finding PHP alternatives (was: PHP security (or the lack thereof))
  • From: Matthias Kestenholz
• VBZooM <=V1.11 "sub-join.php" SQL Injection
  • From: Breeeeh
• [OpenPKG-SA-2006.013] OpenPKG Security Advisory (mutt)
  • From: OpenPKG
• Re: LAMP vs Microsoft
  • From: Bob Beck
• Fantastic Guestbook v2.0.1 Advisory
  • From: omnipresent
• Re: LAMP vs Microsoft
  • From: Darren Reed
• Re: Buddy Zone Version 1.0.1 - XSS
  • From: support
• Re: LAMP vs Microsoft
  • From: Bob Beck
• Re: LAMP vs Microsoft
  • From: Joel Maslak
• Re: Linux Kernel 2.6.x PRCTL Core Dump Handling -- Simple workaround
  • From: Michael Shigorin
• Invision Power Board 2.1 <= 2.1.6 sql injection
  • From: rst
• Re: Securing PHP or finding PHP alternatives (was: PHP security (or the lack thereof))
  • From: Meet Myself on the Internet
• Re: Linux Kernel 2.6.x PRCTL Core Dump Handling -- Simple workaround
  • From: Lukasz Trabinski
• Re: [Full-disclosure] Re: Linux Kernel 2.6.x PRCTL Core Dump Handling - Local r00t Exploit ( BID 18874 / CVE-2006-2451 )
  • From: Jon Hart
• Gracenote buffer overflow
  • From: MNV
• MyBulletinBoard (MyBB) 1.1.5 'CLIENT-IP' sql injection
  • From: rgod
• Mercury Messenger
  • From: Hans Wolters
• Re: Bybass HTTP ( extension files ) in ISA 2004
  • From: Thor (Hammer of God)
• Several updates in MS PowerPoint 0-day Vulnerability FAQ at SecuriTeam Blogs
  • From: Juha-Matti Laurio
• PHP Event Calendar versi 1.4 (path_to_calendar) Remote File Inclusion
  • From: chris_hasibuan
• Calendar Module <= 1.5.7 Remote File Include Vulnerabilities
  • From: matdhule
• Plesk Control Panel <= 8.0.0 XSS vulnerability
  • From: vuln . invent
• Re: Phorum 5.1.14 XSS SQL injection Vulnerability
  • From: Maurice Makaay
• Secunia Research: IceWarp Web Mail Two File Inclusion Vulnerabilities
  • From: Secunia Research
• [SECURITY] [DSA 1109-1] New rssh packages fix privilege escalation
  • From: Moritz Muehlenhoff
• RE: Bybass HTTP ( extension files ) in ISA 2004
  • From: Edward Tripovich
• rPSA-2006-0130-1 kernel
  • From: Justin M. Forbes
• [EEYEB-20060227] D-Link Router UPNP Stack Overflow
  • From: eEye Advisories
• Secunia Research: VisNetic Mail Server Two File Inclusion Vulnerabilities
  • From: Secunia Research
• [SECURITY] [DSA 1110-1] New samba packages fix denial of service
  • From: Moritz Muehlenhoff
• Secunia Research: BitZipper unacev2.dll Buffer Overflow Vulnerability
  • From: Secunia Research
• PacSec 2006 CALL FOR PAPERS (Deadline Aug. 4; Event Nov. 27-30)
  • From: Dragos Ruiu
• boastMachine <= 3.1 SQL Injection Exploit
  • From: gmdarkfig
• ListMessenger v0.9.3 Remote File Inclusion Vulnerability
  • From: x0r0n
• Multiple vulnerabilities in UFO2000 svn 1057
  • From: Luigi Auriemma
• [SECURITY] [DSA 1111-1] New Linux kernel 2.6.8 packages fix privilege escalation
  • From: Moritz Muehlenhoff
• About the latest three Powerpoint vulnerabilities: exploitable?
  • From: ewt
• [SECURITY] [DSA 1112-1] New mysql-dfsg-4.1 packages fix denial of service
  • From: Moritz Muehlenhoff
• Re: Invision Power Board 2.1 <= 2.1.6 sql injection
  • From: paul dansing
• ToorCon 2006 Call for Papers
  • From: h1kari@xxxxxxxxxxx
• RUXCON 2006 Final Call For Papers
  • From: cfp
• Re: Securing PHP or finding PHP alternatives
  • From: Crispin Cowan
• [USN-319-1] Linux kernel vulnerability
  • From: Martin Pitt
• Re: Linux Kernel 2.6.x PRCTL Core Dump Handling -- Simple workaround
  • From: Michal Zalewski
• Re: LAMP vs Microsoft
  • From: George Capehart
• Re: LAMP vs Microsoft
  • From: Darren Reed
• Unauthenticated access to BT Voyager config file and PPP credentials embedded in HTML form
  • From: pagvacito
• New Article Mambo Component <= 1.0 (com_articles.php) Remote File Include Vulnerabilities
  • From: matdhule
• 23rd Chaos Communication Congress 2006: Call for Participation
  • From: fukami
• Calendar Mambo Module <= 1.5.7 Remote File Include Vulnerabilities
  • From: matdhule
• Re: Invision Power Board 2.1 <= 2.1.6 sql injection
  • From: str0ke
• Re: WebEx Downloader Plug-in Multiple Vulnerabilities + rant
  • From: Mark Litchfield
• Cross Site Scripting Vulnerability in Zoho Virtual Office
  • From: ss_team
• Professional PHP Tools Guestbook Multiple Vulnerabilities
  • From: tamriel
• [ MDKSA-2006:124 ] - Updated kernel packages fix privilege escalation vulnerability
  • From: security
• ToendaCMS <= 1.0.0 arbitrary file upload
  • From: rgod
• Keyif Portal v2.0 - Microsoft Access Driver ( MDB ) Download
  • From: x0r0n
• Outpost Firewall Pro secrately fixing security flaws?
  • From: Bipin Gautam
• Re: Invision Power Board 2.1 <= 2.1.6 sql injection
  • From: mattmecham
• DeluxeBB mutiple vulnerabilities
  • From: Jessica Hope
• [KAPDA::#52] - PHP-Post 1.0 Cookie Modification Privilege Escalation Vulnerability
  • From: farhadkey
• $100 plus several of my books if you can crack my Windows password hashes.
  • From: Roger A. Grimes
• Oracle Database - SQL Injection in SYS.KUPW$WORKER [DB03]
  • From: ak
• Oracle Database - SQL Injection in SYS.DBMS_CDC_IMPDP [DB01]
  • From: ak
• WebScarab <= 20060621-0003 cross site scripting
  • From: security
• [SECURITY] [DSA 1113-1] New zope2.7 packages fix information disclosure
  • From: Moritz Muehlenhoff
• RE: [lists] Re: PHP security (or the lack thereof)
  • From: Curt Purdy
• Re: Bybass HTTP ( extension files ) in ISA 2004
  • From: medozero
• PcAnywhere > 12 Local Privilege Escalation
  • From: root
• Re: Bybass HTTP ( extension files ) in ISA 2004
  • From: medozero
• Consumers of Broadband Providers (ISP) may be open to hijack attacks
  • From: peter_philipp
• ExtCalendar Mambo Module <= v2( extcalendar.php ) Remote File Include Vulnerabilities
  • From: saudi . unix
• Invision Power Board v2.1 <= 2.1.6 sql injection exploit
  • From: paul14075
• Oracle Database - SQL Injection in SYS.DBMS_STATS [DB21]
  • From: ak
• [security bulletin] HPSBTU02132 SSRT061154 rev.1 - HP Tru64 UNIX running NIS ypserv, Remote Denial of Service (DoS)
  • From: security-alert
• Oracle Database - SQL Injection in SYS.DBMS_UPGRADE [DB22]
  • From: ak
• hdweGUEST <= 2.1.1 Cross Site Scripting Vulnerabilities
  • From: tamriel
• ASP.DLL Include File Buffer Overflow
  • From: Brett Moore
• Escalation of privileges in Outpost and Lavasoft Firewalls -Unusual ShellExecute behavior
  • From: mullware
• Re: Re: Invision Power Board 2.1 <= 2.1.6 sql injection
  • From: paul14075
• Re: LAMP vs Microsoft
  • From: Bob Beck
• Re: XSS phpBB 2.0.21 in administration
  • From: Jessica Hope
• Re: LAMP vs Microsoft
  • From: Hugo van der Kooij
• Re: Webmin / Usermin Arbitrary File Disclosure Vulnerability exploit
  • From: str0ke
• osDate 1.1.7 multiple vulnerabilities
  • From: binary . loc
• Webmin / Usermin Arbitrary File Disclosure Vulnerability Perl
  • From: Alexander Hristov
• Re: crashing firefox <= 1.5.0.4
  • From: bugtraq
• New PowerPoint Trojan installs itself as LSP
  • From: Juha-Matti Laurio
• [USN-320-1] PHP vulnerabilities
  • From: Martin Pitt
• [ MDKSA-2006:125 ] - Updated webmin packages fix arbitray file read vulnerability.
  • From: security
• [ MDKSA-2006:127 ] - Updated gimp packages fix buffer overflow vulnerability.
  • From: security
• [ MDKSA-2006:126 ] - Updated libtunepimp packages fixes buffer overflow vulnerabilities.
  • From: security
• [ MDKSA-2006:128 ] - Updated wireshark packages fix numerous vulnerabilities
  • From: security
• Re: Bybass HTTP ( extension files ) in ISA 2004
  • From: Thor (Hammer of God)
• rPSA-2006-0132-1 tshark wireshark
  • From: Justin M. Forbes
• Cisco Security Advisory: Multiple Vulnerabilities in Cisco Security Monitoring, Analysis and Response System (CS-MARS)
  • From: Cisco Systems Product Security Incident Response Team
• VMSA-2006-0003 VMware possible incorrect permissions on SSL key files
  • From: VMware Security Team
• [ GLSA 200607-06 ] libpng: Buffer overflow
  • From: Thierry Carrez
• [USN-319-2] Linux kernel vulnerability
  • From: Martin Pitt
• [USN-313-2] OpenOffice.org vulnerabilities
  • From: Martin Pitt
• Re: imageVue16.1 upload vulnerability
  • From: info
• AFCommerce Shopping Cart
  • From: sledge
• Security point-of-contact for Ameritrade?
  • From: James M. Blackburn
• Re: osDate 1.1.7 multiple vulnerabilities
  • From: binary . loc
• rPSA-2006-0133-1 libpng
  • From: Justin M. Forbes
• Cisco MARS < 4.2.1 remote compromise
  • From: Jon Hart
• [ECHO_ADV_40$2006] iManage CMS <= 4.0.12 (absolute_path) Remote File Inclusion
  • From: matdhule
• Advisory: Remote command execution in planetGallery
  • From: RedTeam Pentesting
• [MajorSecurity #20]SiteDepth CMS <= 3.01 - Remote File Include Vulnerability
  • From: admin
• [MajorSecurity #21] phpFaber TopSites <=2.0.9 - SQL Injection Vulnerability
  • From: admin
• [MajorSecurity #22] Top XL <=1.1 - XSS and cookie disclosure
  • From: admin
• [ MDKSA-2006:129 ] - Updated freetype2 packages fixes overflow vulnerability.
  • From: security
• [security bulletin] HPSBUX02108 SSRT061133 rev.12 - HP-UX Running Sendmail, Remote Execution of Arbitrary Code
  • From: security-alert
• rPSA-2006-0134-1 sendmail sendmail-cf
  • From: Justin M. Forbes
• [USN-321-1] mysql-dfsg-4.1 vulnerability
  • From: Martin Pitt
• [SECURITY] [DSA 1117-1] New libgd2 packages fix denial of service
  • From: Moritz Muehlenhoff
• [security bulletin] HPSBMA02133 SSRT061201 rev.1 - HP Oracle for OpenView (OfO) Critical Patch Update July 2006
  • From: security-alert
• SECURITY UPDATE::Farsinews release FarsiNewsPro3.0Stable1SecurityPath1
  • From: armin390
• [ GLSA 200607-07 ] xine-lib: Buffer overflow
  • From: Thierry Carrez
• [SECURITY] [DSA 1115-1] New GnuPG2 packages fix denial of service
  • From: Martin Schulze
• LoudBlog <=0.5 Sql injection
  • From: rgod
• TSLSA-2006-0042 - multi
  • From: Trustix Security Advisor
• Unidomedia Chameleon LE/Pro Directory Traversal
  • From: kicktd
• Samba Internal Data Structures DOS Vulnerability Exploit
  • From: Alexander Hristov
• [ MDKSA-2006:130 ] - Updated kdelibs packages fix konqueror crash vulnerability.
  • From: security
• [SECURITY] [DSA 1114-1] New hashcash packages fix arbitrary code execution
  • From: Martin Schulze
• SolpotCrew Advisory #2 - Advanced Poll ver 2.02 (base_path) Remote File Inclusion
  • From: chris_hasibuan
• [SECURITY] [DSA 1116-1] New gimp packages fix arbitrary code execution
  • From: Moritz Muehlenhoff
• Re: Samba Internal Data Structures DOS Vulnerability Exploit
  • From: Gerald (Jerry) Carter
• Re: Securing PHP or finding PHP alternatives
  • From: Crispin Cowan
• MiniBB Forum <= 1.5a Remote File Include (search.php-whosOnline.php)
  • From: AG Spider
• iDefense Security Advisory 07.20.06: Sun Microsystems Solaris sysinfo() Kernel Memory Disclosure Vulnerability
  • From: labs-no-reply
• [Kurdish Security # 13] Savant2 Remote File Include Vulnerability [For Mambo, Joomla]
  • From: botan
• Re: [EEYEB-20060227] D-Link Router UPNP Stack Overflow
  • From: kala_z
• RE: $100 plus several of my books if you can crack my Windows password hashes.
  • From: Roger A. Grimes
• Re: LAMP vs Microsoft
  • From: Darren Reed
• Re: ATutor 1.5.3 Cross Site Scripting
  • From: Steven M. Christey
• Re: Securing PHP or finding PHP alternatives
  • From: Michael Cordover
• RE: XSS phpBB 2.0.21 in administration
  • From: David Thomson
• Re: [Full-disclosure] iDefense Security Advisory 07.20.06: Sun Microsystems Solaris sysinfo() Kernel Memory Disclosure Vulnerability
  • From: Micheal Turner
• Microsoft Internet Explorer DOS Vulnerability
  • From: SnoBmsn
• MicroGuestBook Remote XSS Attack
  • From: omnipresent
• [MajorSecurity #25] Advanced Guestbook 2.4 for phpBB - Multiple XSS and SQL-Injection Vulnerabilities
  • From: admin
• RE: [EEYEB-20060227] D-Link Router UPNP Stack Overflow
  • From: m
• [MajorSecurity #24] Fire-Mouse TopList <=v1.1 - Cross Site Scripting
  • From: admin
• Low security hole affecting IPCalc's CGI wrapper
  • From: Tim Brown
• [SECURITY] [DSA 1118-1] New Mozilla packages fix several vulnerabilities
  • From: Martin Schulze
• about bid 17404
  • From: crack
• [SECURITY] [DSA 1119-1] New hiki packages fix denial of service
  • From: Martin Schulze
• Re: XSS phpBB 2.0.21 in administration
  • From: Jessica Hope
• Re: SubberZ[Lite] - Remote File Include
  • From: the . jalal
• RE: $100 plus several of my books if you can crack my Windows password hashes.
  • From: Roger A. Grimes
• New CVE identifiers for separate PowerPoint 0-day issues assigned
  • From: Juha-Matti Laurio
• RE: $100 plus several of my books if you can crack my Windows password hashes.
  • From: Michael Scheidell
• Re: [EEYEB-20060227] D-Link Router UPNP Stack Overflow
  • From: scott
• new shell bypass safe mode
  • From: d3nger
• SolpotCrew Advisory #3 - com_trade Remote File Inclusion (mosConfig_absolute_path)
  • From: mail
• Re: XSS phpBB 2.0.21 in administration
  • From: Jessica Hope
• Re: AFCommerce Shopping Cart
  • From: contact
• Re: ExtCalendar Mambo Module <= v2( extcalendar.php ) Remote File Include Vulnerabilities
  • From: matdhule
• Re: New PowerPoint Trojan installs itself as LSP
  • From: Mike Healan
• MiniBB Forum <= 1.5a Remote File Include (news.php)
  • From: AG Spider
• [MajorSecurity #23] BLOG:CMS <= 4.0.0j - XSS and cookie disclosure
  • From: admin
• Com Multibanners Remote File Inclusion (mosConfig_absolute_path)
  • From: mail
• Blackboard Academic Suite 6.2.23 +/-: Persistent cross-site scripting vulnerability
  • From: harbl
• Re: [MajorSecurity #22] Top XL <=1.1 - XSS and cookie disclosure
  • From: admin
• Re: [Full-disclosure] Re: New PowerPoint Trojan installs itself as LSP
  • From: Juha-Matti Laurio
• Re: Digital Armaments Security Advisory 10.07.2006: Flexwath Authorization Bypassing and XSS Vulnerability
  • From: sales
• Map MS Security Bulletins to MS KB numbers
  • From: Matthew Leeds
• DotClear : Multiples Full Path Disclosure
  • From: Silitix
• [SECURITY] [DSA 1120-1] New Mozilla Firefox packages fix several vulnerabilities
  • From: Martin Schulze
• [Kurdish Security # 14] MoSpray [base_dir] Remote Command Execution [ Mambo & Joomla]
  • From: botan
• Vanilla CMS <= 1.0.1 (RootDirectory) Remote file inclusion Vuln.
  • From: mfoxhacker
• [ GLSA 200607-08 ] GIMP: Buffer overflow
  • From: Sune Kloppenborg Jeppesen
• [CYBSEC] TippingPoint detection bypass
  • From: Andres Riancho
• Buffer-overflow in the XM loader of Cheese Tracker 0.9.9
  • From: Luigi Auriemma
• [SECURITY] [DSA 1121-1] New postgrey packages fix denial of service
  • From: Martin Schulze
• PHP Live! v3.2 (header.php) Remote File Include Vulnerabilities
  • From: saudi . unix
• Re: Re: [Full-disclosure] iDefense Security Advisory 07.20.06: Sun Microsystems Solaris sysinfo() Kernel Memory Disclosure Vulnerability
  • From: Micheal Turner
• Re: [ GLSA 200607-08 ] GIMP: Buffer overflow
  • From: Michael Shigorin
• Check Point R55W Directory Traversal
  • From: Sec-Tec Lists
• [USN-322-1] Konqueror vulnerability
  • From: Martin Pitt
• MusicBox <= 2.3.4 XSS SQL injection Vulnerability
  • From: securityconnection
• [SECURITY] [DSA 1124-1] New fbi packages fix potential deletion of user data
  • From: Moritz Muehlenhoff
• Windows XP/NT/SMB2003/2000 Denial of Service attack
  • From: J. Oquendo
• ERRATA: [ GLSA 200607-08 ] GIMP: Buffer overflow
  • From: Sune Kloppenborg Jeppesen
• Write-up by Amit Klein: "Forging HTTP request headers with Flash"
  • From: Amit Klein (AKsecurity)
• [MajorSecurity #26] Woltlab Burning Board - Multiple Cookie manipulation and session fixation vulnerabilities
  • From: admin
• SQuery v.x (devi.php) (armygame.php) Remote File Inclusion
  • From: saudi . unix
• [SECURITY] [DSA 1123-1] New libdumb packages fix arbitrary code execution
  • From: Moritz Muehlenhoff
• Heap overflow in the GT2 loader of libmikmod 3.2.2
  • From: Luigi Auriemma
• rPSA-2006-0135-1 gimp
  • From: Justin M. Forbes
• Digital Armaments Security Advisory 24.07.2006: Siemens Speedstream Wireless/Router Denial of Service Vulnerability
  • From: info
• SYMSA-2006-008:Password Safe - Lock Password Database Configuration Not Enforced
  • From: research
• Opsware NAS 6.0 reveals MySQL 'root' password
  • From: Freeman, Michael
• Buffer-overflow in recvTextMessage and NETrecvFile in Warzone Resurrection 2.0.3 (SVN 127)
  • From: Luigi Auriemma
• [SECURITY] [DSA 1122-1] New Net::Server packages fix denial of service
  • From: Martin Schulze
• Two crash vulnerabilities in Freeciv 2.1.0-beta1 (SVN 15 Jul 2006)
  • From: Luigi Auriemma
• [ GLSA 200607-09 ] Wireshark: Multiple vulnerabilities
  • From: Sune Kloppenborg Jeppesen
• [USN-296-2] Firefox vulnerabilities
  • From: Martin Pitt
• Advisory: VMware Possible Incorrect Permissions On SSL Key Files
  • From: Nick Breese
• [vuln.sg] DynaZip DZIP32.DLL/DZIPS32.DLL Buffer Overflow Vulnerabilities
  • From: vulnpost-remove
• [vuln.sg] TurboZIP ZIP Repair Buffer Overflow Vulnerability
  • From: vulnpost-remove
• [vuln.sg] AGEphone "sipd.dll" SIP Packet Handling Buffer Overflow
  • From: vulnpost-remove
• LinksCaffe 3.0 SQL injection/Command Execution Vulnerabilties
  • From: simo64
• [ GLSA 200607-10 ] Samba: Denial of Service vulnerability
  • From: Sune Kloppenborg Jeppesen
• [security bulletin] HPSBUX02087 SSRT4728 rev.2 - HP-UX running TCP/IP Remote Denial of Service (DoS)
  • From: security-alert
• Re: Ashop Search Module SQL injection
  • From: security curmudgeon
• [ MDKSA-2006:131 ] - Updated perl-Net-Server packages fix format string vulnerability
  • From: security
• Full Path Disclosure xGuestBook v1.02
  • From: dicomdk
• MS06-034 lies? IIS 6 can still be owned?
  • From: Cesar
• Secunia Research: AutoVue SolidModel Professional Buffer Overflow Vulnerability
  • From: Secunia Research
• [USN-297-3] Thunderbird vulnerabilities
  • From: Martin Pitt
• [USN-320-2] php4 regression
  • From: Martin Pitt
• EzUpload multi file vulnerabilities
  • From: hack2prison
• Multiple vulnerabilities in OpenCMS
  • From: Meder Kydyraliev
• [SECURITY] [DSA 1111-2] New Linux kernel 2.6.8 packages fix privilege escalation
  • From: Moritz Muehlenhoff
• Re: Write-up by Amit Klein: "Forging HTTP request headers with Flash"
  • From: Amit Klein (AKsecurity)
• wwwThreads XSS
  • From: l2odon
• Professional Home Page Tools Login Script Cross Site Scripting Vulnerabilities
  • From: tamriel
• Zyxel Prestige 660H-61 Cross-Site Scripting
  • From: jose . palanco
• PHP-Auction SQL injection
  • From: l2odon
• TP-Book <= 1.00 Cross Site Scripting Vulnerabilities
  • From: tamriel
• ZDI-06-024: eIQNetworks Enterprise Security Analyzer License Manager Buffer Overflow Vulnerability
  • From: zdi-disclosures
• ZDI-06-023: eIQNetworks Enterprise Security Analyzer Syslog Server Buffer Overflow Vulnerability
  • From: zdi-disclosures
• TSRT-06-04: eIQnetworks Enterprise Security Analyzer Topology Server Buffer Overflow Vulnerability
  • From: TSRT
• TSRT-06-03: eIQnetworks Enterprise Security Analyzer Syslog Server Buffer Overflow Vulnerabilities
  • From: TSRT
• [SECURITY] [DSA 1125-1] New drupal packages fix execution of arbitrary web script code
  • From: Moritz Muehlenhoff
• Cisco VPN Concentrator IKE resource exhaustion DoS Advisory
  • From: Roy Hills
• Etomite CMS <= 0.6.1 'rfiles.php' remote command execution
  • From: rgod
• [USN-323-1] mozilla vulnerabilities
  • From: Martin Pitt
• [ECHO_ADV_41$2006] BufferOverflow in Midirecord2
  • From: the_day
• [vuln.sg] PowerArchiver DZIPS32.DLL Buffer Overflow Vulnerability
  • From: vulnpost-remove
• [OpenPKG-SA-2006.014] OpenPKG Security Advisory (shiela)
  • From: OpenPKG
• Secunia Research: FileCOPA Directory Argument Handling Buffer Overflow
  • From: Secunia Research
• Phpprobid <= 5.24 XSS SQL injection Vulnerability
  • From: securityconnection
• Re: new shell bypass safe mode
  • From: cxib
• Re: Write-up by Amit Klein: "Forging HTTP request headers with Flash"
  • From: 3CO
• NSFOCUS SA2006-07 : ISS RealSecure/BlackICE MailSlot Heap Overflow Detection Remote DoS Vulnerability
  • From: NSFOCUS Security Team
• a6mambohelpdesk Mambo Component <= 18RC1 Remote Include Vulnerability
  • From: Dr . Jr7
• Re: Write-up by Amit Klein: "Forging HTTP request headers with Flash"
  • From: Amit Klein (AKsecurity)
• GeoClassifieds Enterprise <= 2.0.5.2 Cross Site Scripting
  • From: securityconnection
• Re: Opsware NAS 6.0 reveals MySQL 'root' password
  • From: security-alert
• [SECURITY] [DSA 1126-1] New Asterisk packages fix denial of service
  • From: Martin Schulze
• Cross-Site Scripting and Local File Inclusion in Phorum
  • From: Meftun
• Buffer Overflow Vulnerability in Winlpd
  • From: Meftun
• Re: Low security hole affecting IPCalc's CGI wrapper
  • From: krischan
• [USN-324-1] freetype vulnerability
  • From: Martin Pitt
• [USN-325-1] ruby1.8 vulnerability
  • From: Martin Pitt
• [USN-326-1] heartbeat vulnerability
  • From: Martin Pitt
• [SECURITY] [DSA 1125-2] New drupal packages fix execution of arbitrary web script code (revised packages)
  • From: Moritz Muehlenhoff
• Secunia Research: Mozilla Firefox XPCOM Event Handling Memory Corruption
  • From: Secunia Research
• Bypassing Oracle dbms_assert
  • From: ak
• ZDI-06-025: Mozilla Firefox Javascript navigator Object Vulnerability
  • From: zdi-disclosures
• rPSA-2006-0137-1 firefox
  • From: Justin M. Forbes
• Xss in MttKe-php v2.6
  • From: R0t-K33Y
• AIM Triton 1.0.4 (SipXtapi) Remote Buffer Overflow Exploit (PoC)
  • From: c0rrupt
• Oracle 10g R2 and, probably, all previous versions
  • From: putosoft softputo
• Re: HYSA-2006-008 myBloggie 2.1.3 CRLF & SQL Injection
  • From: Steven M. Christey
• [USN-327-1] firefox vulnerabilities
  • From: Martin Pitt
• Cisco Security Advisory: Windows VPN Client Local Privilege Escalation Vulnerability
  • From: Cisco Systems Product Security Incident Response Team
• [USN-328-1] Apache vulnerability
  • From: Martin Pitt
• [FLSA-2006:175040] Updated php packages fix security issues
  • From: Marc Deslauriers
• Re: Bypassing Oracle dbms_assert
  • From: David Litchfield
• [SECURITY] [DSA 1127-1] New ethereal packages fix several vulnerabilities
  • From: Moritz Muehlenhoff
• [OpenPKG-SA-2006.015] OpenPKG Security Advisory (apache)
  • From: OpenPKG
• [SECURITY] [DSA 1128-1] New heartbeat packages fix local denial of service
  • From: Martin Schulze
• Portail PHP v1.7 Remote File Include
  • From: Meftun
• [ MDKSA-2006:132 ] - Updated libwmf packages fixes integer overflow vulnerability
  • From: security
• [OpenPKG-SA-2006.016] OpenPKG Security Advisory (ruby)
  • From: OpenPKG
• [OpenPKG-SA-2006.017] OpenPKG Security Advisory (freetype)
  • From: OpenPKG
• Remote Include Vulnerability ====> in Dr.Jr7 Gallery 3.2 RC1
  • From: R0t-K33Y
• RE: Bypassing Oracle dbms_assert
  • From: Alexander Kornbrust
• Re: Bypassing Oracle dbms_assert
  • From: David Litchfield
• Oracle 10g R2 and, probably, all previous versions
  • From: Russell Lowenthal
• [Announcement] Apache HTTP Server 2.2.3 (2.0.59, 1.3.37) Released
  • From: William A. Rowe, Jr.
• Apache mod_rewrite Buffer Overflow Vulnerability
  • From: Avert
• [SECURITY] [DSA 1129-1] New osiris packages fix arbitrary code execution
  • From: Martin Schulze
• PHP-Nuke INP XSS
  • From: l2odon
• Guestbook Mambo Module <== v1.3.0 Multiple Remote File Include Vulnerabilities
  • From: matdhule
• Re: Fusion Polls (xtrphome) Remote File Inclusion
  • From: security curmudgeon
• Lan-Aces Office Logic
  • From: Mike
• Re: Check Point R55W Directory Traversal
  • From: dave_kwek
• cpanel login problem
  • From: ali
• Hustle -- Tumbleweed Email Firewall Remote Vulnerability
  • From: Ryan Smith
• PrinceClan Chess Mambo Com <= 0.8 Remote Inclusion Vulnerability
  • From: tr_zindan
• rPSA-2006-0139-1 httpd mod_ssl
  • From: Justin M. Forbes
• [USN-329-1] Thunderbird vulnerabilities
  • From: Martin Pitt
• PHP ip2long() function circumvention
  • From: rgod
• Coppermine Photo Gallery v1.2.2b-Nuke Remote File Inclusion Vulnerabilities
  • From: A-S-T2006
• XSS vulnerability on AWBS
  • From: newbinaryfile
• RE: TSRT-06-04: eIQnetworks Enterprise Security Analyzer Topology Server Buffer Overflow Vulnerability
  • From: Desai, Deepen
• Re: Cisco VPN Concentrator IKE resource exhaustion DoS Advisory
  • From: Eloy Paris
• [KAPDA::#53] MYBB XSS and Dir Traversal in usercp.php
  • From: roozbeh_afrasiabi
• Mambo Gallery Manager v095.r3 Remote File Inclusion Vulnerabilities
  • From: A-S-T2006
• [ MDKSA-2006:133 ] - Updated apache packages fix mod_rewrite vulnerability
  • From: security
• mambatstaff Mambo Component <= Remote Include Vulnerability
  • From: Dr . Jr7
• [ GLSA 200607-12 ] OpenOffice.org: Multiple vulnerabilities
  • From: Stefan Cornelius
• artlinks Mambo Component <= Remote Include Vulnerability
  • From: Dr . Jr7
• [ MDKSA-2006:134 ] - Updated ruby packages fix safe-level vulnerabilities
  • From: security
• Gdiplus.dll division by 0
  • From: Mr . Niega
• Re: cpanel login problem
  • From: nate
• [ GLSA 200607-13 ] Audacious: Multiple heap and buffer overflows
  • From: Matthias Geerdsen
• [ GLSA 200607-11 ] TunePimp: Buffer overflow
  • From: Stefan Cornelius