Mail Index

• Thread Index

• UPDATE: [ GLSA 200605-08 ] PHP: Multiple vulnerabilities
  • From: Sune Kloppenborg Jeppesen
• Re: cpanel login problem
  • From: Scott Gemma
• RE: cpanel login problem
  • From: Bugs
• Re: Portail PHP v1.7 Remote File Include
  • From: x0r0n
• Re: PHP ip2long() function circumvention
  • From: darylf
• Re: cpanel login problem
  • From: usar_y_tirar
• com_moskool (admin.moskool.php) Remote File Include Vulnerabilities
  • From: saudi . unix
• ATutor <= 1.5.3.1 'links' blind SQL injection / admin credentials disclosure
  • From: rgod
• PHPAuction 2.1 (maybe higher) with phpAdsNew 2.0.5 RFI
  • From: philipp . niedziela
• SQL injection Seir Anphin v666 Community Management System
  • From: vulnerabilities
• Re: Cisco VPN Concentrator IKE resource exhaustion DoS Advisory
  • From: Pavel Kankovsky
• Re: Gdiplus.dll division by 0
  • From: Early Warning Team
• Re: Check Point R55W Directory Traversal
  • From: Hugo van der Kooij
• Oracle and Apache mod_rewrite Vulnerability
  • From: tigerblue
• Corsaire Security Advisory - VMware ESX Server Password Cross Site Request Forgery issue
  • From: advisories
• Corsaire Security Advisory - VMware ESX Server Password Disclosure in Log issue
  • From: advisories
• Corsaire Security Advisory - VMware ESX Server Password Disclosure in Cookie issue
  • From: advisories
• Re: [EEYEB-20060227] D-Link Router UPNP Stack Overflow
  • From: solutions_PHP
• Multiple vulnerabilities in Open Cubic Player 2.6.0pre6 / 0.1.10_rc5
  • From: Luigi Auriemma
• RE: cpanel login problem
  • From: Alan
• MyNewsGroups <= 0.6b (myng_root) Remote Inclusion Vulnerability
  • From: philipp . niedziela
• Re: Do world's famous companies take care of their security?
  • From: Steven M. Christey
• Re: Xss in MttKe-php v2.6
  • From: Steven M. Christey
• [ GLSA 200608-01 ] Apache: Off-by-one flaw in mod_rewrite
  • From: Matthias Geerdsen
• NewsLetter v3.5 <= (NL_PATH) Remote File Inclusion Exploit
  • From: tr_zindan
• [Kurdish Security # 16 ] newsReporter v1.0 Remote Command Execution
  • From: botan
• [Kurdish Security # 17 ] GuestBook 3.5 Remote Command Execution
  • From: botan
• [Kurdish Security # 18 ] FAQ Script Remote Command Execution
  • From: botan
• [Kurdish Security # 19 ] FileManager Remote Command Execution
  • From: botan
• [Kurdish Security # 20 ] Quickie Remote Command Execution
  • From: botan
• [Kurdish Security # 21] ShoutBox v4.4 Remote Command Execution
  • From: botan
• [SECURITY] [DSA 1130-1] New sitebar packages fix cross-site scripting
  • From: Martin Schulze
• WoW Roster <= 1.5.x Remote File Include (hsList.php)
  • From: AG Spider
• Re: Gdiplus.dll division by 0
  • From: giacomo collini
• [vuln.sg] Lhaplus LHA Extended Header Handling Buffer Overflow Vulnerability
  • From: vulnpost-remove
• [ MDKSA-2006:135 ] - Updated freeciv packages fix DoS vulnerabilities
  • From: security
• VMSA-2006-0004 Cross site scripting vulnerability and other fixes
  • From: VMware Security Team
• [USN-327-2] firefox regression
  • From: Martin Pitt
• TSEP 0.9.4.2 <= Remote File Inclusion
  • From: philipp . niedziela
• ISS BlackICE PC Protection DLL faking of run-time linked libraries Vulnerability
  • From: David Matousek
• WoW Roster <= 1.5.x Remote File Include (hsList.php)
  • From: AG Spider
• [SECURITY] [DSA 1132-1] New apache2 packages fix buffer overflow
  • From: Steve Kemp
• [SECURITY] [DSA 1131-1] New apache package fix buffer overflow
  • From: Steve Kemp
• SUSE Security Announcement: freetype2 (SUSE-SA:2006:045)
  • From: Thomas Biege
• SUSE Security Announcement: libtiff (SUSE-SA:2006:044)
  • From: Thomas Biege
• [ MDKSA-2006:136 ] - Updated kdegraphics packages fix multiple libtiff vulnerabilities
  • From: security
• SYM06-013 Symantec On-Demand Protection Encrypted Data Exposure
  • From: secure
• Barracuda Vulnerability: Hardcoded Password [NNL-20060801-01]
  • From: gssincla
• Barracuda Vulnerability: Arbitrary File Disclosure [NNL-20060801-02]
  • From: gssincla
• DMA[2006-0801a] - 'Apple OSX fetchmail buffer overflow'
  • From: K F (lists)
• Re: Gdiplus.dll division by 0
  • From: Dennis Lubert
• [ MDKSA-2006:137 ] - Updated libtiff packages fix multiple vulnerabilities
  • From: security
• [SECURITY] [DSA 1133-1] New mantis packages fix execution of arbitrary web script code
  • From: Moritz Muehlenhoff
• JavaScript port scanning
  • From: pdp (architect)
• rPSA-2006-0142-1 libtiff
  • From: Justin M. Forbes
• EEYE: research.eeye.com
  • From: Marc Maiffret
• [SECURITY] [DSA 1134-1] New Mozilla Thunderbird packages fix several vulnerabilities
  • From: Martin Schulze
• Secunia Research: Jetbox Multiple Vulnerabilities
  • From: Secunia Research
• Re: Cisco VPN Concentrator IKE resource exhaustion DoS Advisory
  • From: Roy Hills
• Re: SYM06-013 Symantec On-Demand Protection Encrypted Data Exposure
  • From: Chris Wysopal
• SaveWeb Portal 3.4 <- (SITE_Path) Remote File Inclusion Vulnerability
  • From: x0r0n
• Content Management Framework "G3" - XSS Vulnerability in Search Function
  • From: Stefan Friedli
• rPSA-2006-0143-1 gnupg
  • From: Justin M. Forbes
• [USN-330-1] tiff vulnerabilities
  • From: Martin Pitt
• [eVuln] MyBB 'Avatar URL' XSS Vulnerability
  • From: alex
• Re: Barracuda Vulnerability: Hardcoded Password [NNL-20060801-01]
  • From: pingywon
• [security bulletin] HPSBUX02108 SSRT061133 rev.13 - HP-UX Running Sendmail, Remote Execution of Arbitrary Code
  • From: security-alert
• [SECURITY] [DSA 1136-1] New gpdf packages fix denial of service
  • From: Martin Schulze
• [security bulletin] HPSBUX02124 SSRT061159 rev.1 - HP-UX Sendmail MIME Remote Denial of Service (DoS)
  • From: security-alert
• OZJournal v1.5 - XSS
  • From: luny
• [SECURITY] [DSA 1137-1] New tiff packages fix several vulnerabilities
  • From: Martin Schulze
• [security bulletin] HPSBGN02136 SSRT061173 rev.1 - ProCurve Series 3500yl, 6200yl, and 5400zl Switches Running Software Prior to K.11.33 Remote Denial of Service (DoS)
  • From: security-alert
• Hobbit monitor security bugfix release - 4.1.2p2
  • From: Henrik Stoerner
• [SECURITY] [DSA 1138-1] New cfs packages fix denial of service
  • From: Moritz Muehlenhoff
• [SECURITY] [DSA 1135-1] New libtunepimp packages fix arbitrary code execution
  • From: Martin Schulze
• [security bulletin] HPSBUX02087 SSRT4728 rev.3 - HP-UX running TCP/IP Remote Denial of Service (DoS)
  • From: security-alert
• Simpliciti Locked Browser Jail Breakout Vulnerability
  • From: EvilPacket
• RE: Barracuda Vulnerability: Hardcoded Password [NNL-20060801-01]
  • From: Roger A. Grimes
• TSEP <= 0.942 Remote File Include
  • From: beford
• Vwar v1.5.0 <= Sql Injection and XSS vuln.
  • From: mfoxhacker
• Secunia Research: PC Tools AntiVirus Insecure Default Directory Permissions
  • From: Secunia Research
• CMSimple Cross Site Scripting
  • From: Outlaw
• [USN-331-1] Linux kernel vulnerabilities
  • From: Martin Pitt
• [USN-332-1] gnupg vulnerability
  • From: Martin Pitt
• Re: [Announcement] Apache HTTP Server 2.2.3 (2.0.59, 1.3.37) Released
  • From: Philip M. Gollucci
• [SECURITY] [DSA 1139-1] New ruby1.6 packages fix privilege escalation
  • From: Moritz Muehlenhoff
• Re: [Announcement] Apache HTTP Server 2.2.3 (2.0.59, 1.3.37) Released
  • From: William A. Rowe, Jr.
• Javascript software authentication brute force attack
  • From: Gianstefano Monni
• [MajorSecurity Advisory #27]ToendaCMS - Cross Site Scripting Issue
  • From: admin
• SendCard <= 3.4.0 unauthorized administrative access / remote commands execution
  • From: rgod
• [SECURITY] [DSA 1140-1] New GnuPG packages fix denial of service
  • From: Martin Schulze
• [ GLSA 200608-02 ] Mozilla SeaMonkey: Multiple vulnerabilities
  • From: Stefan Cornelius
• SolpotCrew Advisory #5 - modernbill ver 1.6 (DIR) Remote File Inclusion
  • From: chris_hasibuan
• [DRUPAL-SA-2006-011] Drupal 4.7.3 / 4.6.9 fixes XSS issue
  • From: Uwe Hermann
• Re: Barracuda Vulnerability: Arbitrary File Disclosure [NNL-20060801-02]
  • From: Matthew Hall
• [ GLSA 200608-03 ] Mozilla Firefox: Multiple vulnerabilities
  • From: Thierry Carrez
• vbulletin 3.5.4 IE exploit xss
  • From: stefan
• ME Download System 1.3 Remote File Inclusion
  • From: philipp . niedziela
• [ GLSA 200608-04 ] Mozilla Thunderbird: Multiple vulnerabilities
  • From: Thierry Carrez
• ZoneX 1.0.3 - Publishers Gold Edition Remote File Inclusion Vulnerability
  • From: x0r0n
• [security bulletin] HPSBUX02137 SSRT051024 rev.1 - HP-UX Running Xserver Local Execution of Arbitrary Code, Privilege Elevation
  • From: security-alert
• GaesteChaos <= 0.2 Multiple Vulnerabilities
  • From: Tamriel
• CounterChaos <= 0.48c SQL Injection Vulnerability
  • From: Tamriel
• GeheimChaos <= 0.5 Multiple SQL Injection Vulnerabilities
  • From: Tamriel
• XSS in Vbulletin 3.6.0 in IE 0nly
  • From: Stefan
• [SECURITY] [DSA 1141-1] New GnuPG2 packages fix denial of service
  • From: Martin Schulze
• [ GLSA 200608-05 ] LibVNCServer: Authentication bypass
  • From: Sune Kloppenborg Jeppesen
• [ GLSA 200608-06 ] Courier MTA: Denial of Service vulnerability
  • From: Sune Kloppenborg Jeppesen
• [ECHO_ADV_42$2006] BufferOverflow in Eremove Client
  • From: erdc
• [SECURITY] [DSA 1142-1] New freeciv packages fix arbitrary code execution
  • From: Martin Schulze
• [ECHO_ADV_42$2006] PHP Live Helper <= 2.0 (abs_path) Remote File Inclusion
  • From: matdhule
• [SECURITY] [DSA 1143-1] New dhcp packages fix denial of service
  • From: Martin Schulze
• TSLSA-2006-0044 - multi
  • From: Trustix Security Advisor
• CAID 34509 - CA eTrust Antivirus WebScan vulnerabilities
  • From: Williams, James K
• phpAutoMembersArea 3.2.5 ($installed_config_file) Remote File Inclusion
  • From: philipp . niedziela
• Barracuda Spam Firewall: Administrator Level Remote Command Execution [ID-20060804-01]
  • From: Matthew Hall
• [ GLSA 200608-07 ] libTIFF: Multiple vulnerabilities
  • From: Sune Kloppenborg Jeppesen
• vBulletin 3.0.14 ~ init.php~ registerring global arbitary variable~ XSS exploit
  • From: addmimistrator
• Tinyportal Shoutbox
  • From: exploitex
• [ GLSA 200608-08 ] GnuPG: Integer overflow vulnerability
  • From: Sune Kloppenborg Jeppesen
• MyBloggie <= 2.1.4 trackback.php SQL injection / admin credentials disclosure
  • From: rgod
• XSS Vulnerability in FTD v3.7.3
  • From: try_og
• Re: flatnuke <= 2.5.7 arbitrary php file upload
  • From: segatom
• [ECHO_ADV_44$2006] PHP Simple Shop <= 2.0 (abs_path) Remote File Inclusion
  • From: erdc
• XennoBB <= 2.1.0 "birthday" SQL injection
  • From: c . boulton
• SAPID CMS remote File Inclusion vulnerabilities
  • From: simo64
• 0-day XP SP2 wmf exploit
  • From: cyanid-E
• SolpotCrew Advisory #6 - phpCC - Beta 4.2 (base_dir) Remote File Inclusion
  • From: chris_hasibuan
• 0-day XP SP2 wmf exploit (some details)
  • From: cyanid-E
• NEWSolved Lite v1.9.2 (abs_path) Remote File Inclusion
  • From: philipp . niedziela
• when will AV vendors fix this???
  • From: Bipin Gautam
• blur6ex 0.3 Comment title HTML inyection vuln.
  • From: piiiiiii pppiiiiiiii
• PHP: Zend_Hash_Del_Key_Or_Index Vulnerability
  • From: Stefan Esser
• IMENDIO PLANNER REMOTE FILENAME FORMAT STRING VULNERABILITY
  • From: king_purba
• Multiple vulnerabilities in DConnect Daemon 0.7.0 (CVS 30 Jul 2006)
  • From: Luigi Auriemma
• php local buffer underflow could lead to arbitary code execution
  • From: heintz
• [ GLSA 200608-10 ] pike: SQL injection vulnerability
  • From: Sune Kloppenborg Jeppesen
• Re: when will AV vendors fix this???
  • From: Denis Jedig
• [ GLSA 200608-11 ] Webmin, Usermin: File Disclosure
  • From: Sune Kloppenborg Jeppesen
• Virtual War v1.5.0 Remote File Include (vwar_root)
  • From: AG Spider
• [vuln.sg] Lhaz LHA Long Filename Buffer Overflow Vulnerability
  • From: vulnpost-remove
• Will Microsoft patch remarkable old Msjet40.dll issue?
  • From: Juha-Matti Laurio
• Re: Vanilla CMS <= 1.0.1 (RootDirectory) Remote file inclusion Vuln.
  • From: dinoboff
• [SECURITY] [DSA 1144-1] New chmlib packages fix denial of service
  • From: Moritz Muehlenhoff
• linksys WRT54g authentication bypass
  • From: Ginsu Rabbit
• [ GLSA 200608-12 ] x11vnc: Authentication bypass in included LibVNCServer code
  • From: Sune Kloppenborg Jeppesen
• DeluxeBB Multiple Vulnerabilities
  • From: darkz . gsa
• RE: linksys WRT54g authentication bypass
  • From: Andy Meyers
• simplog 0.9.3 and prior XSS
  • From: piiiiiii pppiiiiiiii
• Visual Events Calendar v1.1 (cfg_dir) Remote Inclusion Vulnerability
  • From: x0r0n
• TSRT-06-06: Computer Associates eTrust AntiVirus WebScan Manifest Processing Buffer Overflow Vulnerability
  • From: TSRT
• TSRT-06-05: Computer Associates eTrust AntiVirus WebScan Automatic Update Code Execution Vulnerability
  • From: TSRT
• Re: [Announcement] Apache HTTP Server 2.2.3 (2.0.59, 1.3.37) Released
  • From: Steve VanDevender
• Re: SolpotCrew Advisory #5 - modernbill ver 1.6 (DIR) Remote File Inclusion
  • From: Mailinglists Address
• ARES 2007: Call for workshop proposals, deadline Sept 10, 2006
  • From: Manh Tho
• Attacking the local LAN via XSS
  • From: pdp (architect)
• Re: [Full-disclosure] Attacking the local LAN via XSS
  • From: Schanulleke
• Re: [Full-disclosure] Attacking the local LAN via XSS
  • From: Thierry Zoller
• Re: [Full-disclosure] Attacking the local LAN via XSS
  • From: pdp (architect)
• Re: Re[2]: [Full-disclosure] Attacking the local LAN via XSS
  • From: pdp (architect)
• Re[2]: [Full-disclosure] Attacking the local LAN via XSS
  • From: Thierry Zoller
• Re: vbulletin 3.5.4 IE exploit xss
  • From: james
• AUTODAFE: an Act of Software Torture [FUZZER]
  • From: Martin Vuagnoux
• phpPrintAnalyzer <= 1.1 (rep_par_rapport_racine) Remote File Inclusion Vulnerability
  • From: sh3ll
• [EEYEB-20060719] McAfee Subscription Manager Stack Buffer Overflow
  • From: eEye Advisories
• Announcement: Feed Injection in Web 2.0: Hacking RSS and Atom Feed Implementations [Whitepaper]
  • From: SPI Labs
• [ GLSA 200608-13 ] ClamAV: Heap buffer overflow
  • From: Matthias Geerdsen
• ZDI-06-026: Microsoft Internet Explorer Multiple CSS Imports Memory Corruption Vulnerability
  • From: zdi-disclosures
• ZDI-06-027: Microsoft Internet Explorer CSS Class Ordering Memory Corruption Vulnerability
  • From: zdi-disclosures
• [SECURITY] [DSA 1145-1] New freeradius packages fix several vulnerabilities
  • From: Moritz Muehlenhoff
• Archangel Weblog 0.90.02 and prior Multiple HTML injections
  • From: piiiiiii pppiiiiiiii
• docpile:we v0.2.2 (INIT_PATH) Remote File Inclusion Vulnerability
  • From: x0r0n
• rPSA-2006-0147-1 mysql mysql-bench mysql-server
  • From: Justin M. Forbes
• phNNTP <= 1.3 (article-raw.php) Remote File Include Vulnerability
  • From: tr_zindan
• Microsoft PowerPoint Malformed Record Memory Corruption
  • From: Sowhat
• [ GLSA 200608-14 ] DUMB: Heap buffer overflow
  • From: Sune Kloppenborg Jeppesen
• TSRT-06-07: eIQnetworks Enterprise Security Analyzer Monitoring Agent Buffer Overflow Vulnerabilities
  • From: TSRT
• unwrapping PL/SQL
  • From: pete
• MojoScripts' xss vulnerable
  • From: tugra
• MITKRB-SA-2006-001: multiple local privilege escalation vulnerabilities
  • From: Tom Yu
• Re: Will Microsoft patch remarkable old Msjet40.dll issue?
  • From: Juha-Matti Laurio
• AW: Virtual War v1.5.0 Remote File Include (vwar_root)
  • From: Frank Reißner
• ERRATA: [ GLSA 200608-08 ] GnuPG: Integer overflow vulnerability
  • From: Sune Kloppenborg Jeppesen
• rPSA-2006-0150-1 krb5 krb5-server krb5-services krb5-test krb5-workstation
  • From: Justin M. Forbes
• [Overflow.pl] Clam AntiVirus Win32-UPX Heap Overflow
  • From: pucik
• SUSE Security Announcement: clamav (SUSE-SA:2006:046)
  • From: Ludwig Nussel
• PgMarket 2.2.3 (CFG[libdir]) Remote File Inclusion Vulnerabilities
  • From: x0r0n
• [USN-333-1] libwmf vulnerability
  • From: Martin Pitt
• Latinchat Denial Of Service
  • From: Vicente Perez
• Assessment of Vista Kernel Mode Security
  • From: ATR-Bugtraq
• [SECURITY] [DSA 1146-1] New krb5 packages fix privilege escalation
  • From: Martin Schulze
• [ MDKSA-2006:138 ] - Updated clamav packages fix vulnerability
  • From: security
• CivicSpace Version 0.8.5 HTML injection
  • From: HeLiOsZ RooT
• BlogHoster v2.2 Post Comment Html Injection
  • From: piiiiiii pppiiiiiiii
• [ MDKSA-2006:139 ] - Updated krb5 packages fix local privilege escalation vulnerability
  • From: security
• Cwfm <= 0.9.1 (Language) Remote File Inclusion Vulnerability
  • From: philipp . niedziela
• [ISR] - Novell Groupwise Webaccess (Cross-Site Scripting)
  • From: Francisco Amato
• TSRT-06-10: Microsoft HLINK.DLL Hyperlink Object Library Buffer Overflow Vulnerability
  • From: TSRT
• Multiple buffer-overflows in AlsaPlayer 0.99.76
  • From: Luigi Auriemma
• TSRT-06-09: Microsoft DirectAnimation COM Object Memory Corruption Vulnerability
  • From: TSRT
• Stack and heap overflows in MODPlug Tracker/OpenMPT 1.17.02.43 and libmodplug 0.8
  • From: Luigi Auriemma
• TSRT-06-08: Microsoft Internet Help COM Object Memory Corruption Vulnerability
  • From: TSRT
• [SECURITY] [DSA 1148-1] New gallery packages fix several vulnerabilities
  • From: Moritz Muehlenhoff
• [SECURITY] [DSA 1147-1] New drupal packages fix cross-site scripting
  • From: Moritz Muehlenhoff
• [ MDKSA-2006:140 ] - Updated ncompress packages fix vulnerability
  • From: security
• XChat <= 2.6.4-1 (win version) Remote Denial of Service Exploit (php)
  • From: ratboy727
• PHPMyRing <= 4.2.0 (view_com.php) Remote SQL Injection
  • From: simo64
• Yabb XSS
  • From: Outlaw
• TinyWebGallery v1.5 ( image ) Remote Include Vulnerability
  • From: x0r0n
• [SECURITY] [DSA 1149-1] New ncompress packages fix potential code execution
  • From: Martin Schulze
• Sending multipart/form-data requests from Flash (with arbitrary headers)
  • From: Amit Klein (AKsecurity)
• Directory Traversal vulnerability in IPCheck Monitor Server
  • From: auuw73
• CYBSEC - Security Pre-Advisory: SAP Internet Graphics Service (IGS) Remote Denial of Service
  • From: Mariano Nuñez Di Croce
• CYBSEC - Security Pre-Advisory: SAP Internet Graphics Service (IGS) Remote Buffer Overflow
  • From: Mariano Nuñez Di Croce
• PocketPC MMS - Remote Code Injection/Execution Vulnerability and Denial-of-Service
  • From: Collin R. Mulliner
• [ GLSA 200608-15 ] MIT Kerberos 5: Multiple local privilege escalation (test Falco for security@)
  • From: Raphael Marichez
• [ GLSA 200608-17 ] libwmf: Buffer overflow vulnerability
  • From: Sune Kloppenborg Jeppesen
• [ GLSA 200608-18 ] Net::Server: Format string vulnerability
  • From: Sune Kloppenborg Jeppesen
• [ GLSA 200608-16 ] Warzone 2100 Resurrection: Multiple buffer overflows
  • From: Sune Kloppenborg Jeppesen
• Re: SYM06-013 Symantec On-Demand Protection Encrypted Data Exposure
  • From: dm
• Mambo/Joomla Component Remository v3.25 (mosConfig_absolute_path) Remote File Inclusion Vulnerability
  • From: camino
• Netgear FVG318 is vunerable to DOS attack
  • From: root
• Mafia Moblog <= 6 (pathtotemplate) Remote File Inclusion Vulnerability
  • From: sh3ll
• InfanView 3.98 (with plugins) - Access violation at processing images ANI files
  • From: sehato
• myBloggie <= 2.1.3 (mybloggie_root_path) Remote File Inclusion Vulnerability
  • From: sh3ll
• Compersus ASP shopping cart <= DataBase Downloading vuln.
  • From: mfoxhacker
• Virtual War v1.5.0 <= Sql Injection vuln.
  • From: mfoxhacker
• XennoBB <= "avatar gallery" Directory Transversal
  • From: c . boulton
• CGI Script Source Code Disclosure Vulnerability in Apache for Windows
  • From: susam . pal
• Simple one-file GuestBook 1.0
  • From: omnipresent
• Dragonfly CMS 9.0.6.1 and prior XSS
  • From: HeLiOsZ RooT
• Security Contact
  • From: Sean Warnock
• Re: when will AV vendors fix this???
  • From: Marius Huse Jacobsen
• RE: when will AV vendors fix this???
  • From: Thomas D.
• Re: when will AV vendors fix this???
  • From: Paul Schmehl
• RE: [Full-disclosure] RE: when will AV vendors fix this???
  • From: Thomas D.
• Re: Re: Cisco VPN Concentrator IKE resource exhaustion DoS Advisory
  • From: henry . sieff
• Re: [Full-disclosure] Attacking the local LAN via XSS
  • From: Nikolay Kubarelov
• Re: linksys WRT54g authentication bypass
  • From: Nicholas Knight
• Re: linksys WRT54g authentication bypass
  • From: Rodrigo Barbosa
• Re: linksys WRT54g authentication bypass
  • From: Ginsu Rabbit
• RE: linksys WRT54g authentication bypass
  • From: Miguel Valentin
• RE: linksys WRT54g authentication bypass
  • From: Ginsu Rabbit
• Re: when will AV vendors fix this???
  • From: Bipin Gautam
• Bypassing script filters with variable-width encodings
  • From: Cheng Peng Su
• Re: linksys WRT54g authentication bypass
  • From: guant a
• XSSing the Lan 3 (web trojans.. not a new idea)
  • From: pdp (architect)
• Re: linksys WRT54g authentication bypass
  • From: Ginsu Rabbit
• Security Vulnerability in Ruby on Rails 1.1.x
  • From: michael
• [security bulletin] HPSBUX02108 SSRT061133 rev.14 - HP-UX Running Sendmail, Remote Execution of Arbitrary Code
  • From: security-alert
• [security bulletin] HPSBUX02124 SSRT061159 rev.2 - HP-UX Sendmail MIME Remote Denial of Service (DoS)
  • From: security-alert
• TSLSA-2006-0046 - multi
  • From: Trustix Security Advisor
• Re: Re: Cisco VPN Concentrator IKE resource exhaustion DoS Advisory
  • From: Henry Sieff
• miniBloggie <= 1.0 (fname) Remote File Inclusion Vulnerability
  • From: sh3ll
• [ GLSA 200608-19 ] WordPress: Privilege escalation
  • From: Raphael Marichez
• Startpage <= 1.0 (cfgLanguage) Remote File Inclusion Vulnerability
  • From: sh3ll
• rPSA-2006-0152-1 squirrelmail
  • From: Justin M. Forbes
• WEBInsta Mailing list manager (cabsolute_path) 1.3e RFI
  • From: philipp . niedziela
• Re: [ GLSA 200608-12 ] x11vnc: Authentication bypass in included LibVNCServer code
  • From: xvml
• wheatblog &#1615;Session.php Remote File Inclusion
  • From: Outlaw
• UPDATE: [ GLSA 200511-12 ] Scorched 3D: Multiple vulnerabilities
  • From: Raphael Marichez
• VWar <= 1.50 R14 (n) Remote SQL Injection
  • From: brom0815
• Nokia Browser Crash
  • From: qode
• SquirrelMail 1.4.8 released - fixes variable overwriting attack
  • From: Thijs Kinkhorst
• Re: [SM-ANNOUNCE] SquirrelMail 1.4.8 released - fixes variable overwriting attack
  • From: Yves Goergen
• Calendarix <= 0.7 (calpath) Remote File Inclusion Vulnerability
  • From: sh3ll
• myEvent <= 1.4 Multiple Remote File Include Vulnerabilities
  • From: sh3ll
• Concurrency-related vulnerabilities in browsers - expect problems
  • From: Michal Zalewski
• [SECURITY] [DSA 1150-1] New shadow packages fix privilege escalation
  • From: Martin Schulze
• Microsoft Help (WINHLP32.EXE) - Multiple Remote Code Execution and Denial Of Service Vulnerabilities
  • From: Benjamin Tobias Franz
• Re: myBloggie <= 2.1.3 (mybloggie_root_path) Remote File Inclusion Vulnerability
  • From: nukedx
• Forum Software ASPPlayground.NET Advanced Edition 2.4.5 Unicode Xss
  • From: blood2_20032003
• (Security Advisory) SYM06-014 Symantec Backup Exec Internal RPC Overflow
  • From: Secure
• ScatterChat Advisory 2006-01: Cryptanalytic Attack Vulnerability
  • From: ScatterChat Advisories
• Re: Microsoft Help (WINHLP32.EXE) - Multiple Remote Code Execution and Denial Of Service Vulnerabilities
  • From: Reversemode
• Re: TSRT-06-02: Microsoft SRV.SYS Mailslot Ring0 Memory Corruption Vulnerability
  • From: public
• Informix - Discovery, Attack and Defense
  • From: David Litchfield
• Informix Long Username Buffer Overflow Vulnerability
  • From: NGSSoftware Insight Security Research
• Error logging buffer overflow in Informix
  • From: NGSSoftware Insight Security Research
• Re: myEvent <= 1.4 Multiple Remote File Include Vulnerabilities
  • From: Carsten Eilers
• Re: Calendarix <= 0.7 (calpath) Remote File Inclusion Vulnerability
  • From: Carsten Eilers
• Re: Mafia Moblog <= 6 (pathtotemplate) Remote File Inclusion Vulnerability
  • From: noname
• [ECHO_ADV_45$2006] WEBinsta CMS 0.3.1 (templates_dir) Remote File Inclusion Vulnerability
  • From: erdc
• RE: [Full-disclosure] RE: when will AV vendors fix this???
  • From: Dmitry Yu. Bolkhovityanov
• Re: miniBloggie <= 1.0 (fname) Remote File Inclusion Vulnerability
  • From: Carsten Eilers
• Google Picasa Listening on Port 80?
  • From: Geoff Vass
• SQLIDEBUG envariable overflow on Informix
  • From: NGSSoftware Insight Security Research
• XMB <= 1.9.6 Final basename()/'langfilenew' arbitrary local inclusion / remote commands execution
  • From: rgod
• Re: Yabb XSS - or NOT
  • From: Volker Tanger
• BlaBla 4U XSS Vulnerabilite
  • From: vampire_chiristof
• Virtual War v1.5.0 SQL injection and XSS
  • From: vampire_chiristof
• Re: [SM-ANNOUNCE] SquirrelMail 1.4.8 released - fixes variable overwriting attack
  • From: Allie Daneman
• JavaScript get Internal Address (thanks to DanBUK)
  • From: pdp (architect)
• RE: Re: Cisco VPN Concentrator IKE resource exhaustion DoS Advisory
  • From: Lance Seelbach
• Re: Startpage <= 1.0 (cfgLanguage) Remote File Inclusion Vulnerability
  • From: Carsten Eilers
• HPSBMA02138 SSRT061184 rev.1 - HP OpenView Storage Data Protector, Remote Arbitrary Command Execution
  • From: security-alert
• Kaspersky Anti-Hacker personal firewall unstealthy stealth mode
  • From: tbratusa
• Wordpress WP-DB Backup Plugin Directory Traversal Vulnerability
  • From: ss_team
• Arbitrary Library Loading in Informix
  • From: NGSSoftware Insight Security Research
• Multiple Arbitrary Command Execution Vulnerabilities
  • From: NGSSoftware Insight Security Research
• InfanView 3.98 (with plugins) - Access violation at processing images CUR files
  • From: sehato
• Re: [SM-ANNOUNCE] SquirrelMail 1.4.8 released - fixes variable overwriting attack
  • From: Michael Engert
• Technical note: under some conditions, it's possible to steal HTTP credentials using Flash
  • From: Amit Klein (AKsecurity)
• Unauthorized Database Creation Privilege on Informix
  • From: NGSSoftware Insight Security Research
• Local privilege Escalation in SmartLine DeviceLock 5.73
  • From: seppi
• Multiple Password Exposures Flaws
  • From: NGSSoftware Insight Security Research
• Re: Re: TSRT-06-02: Microsoft SRV.SYS Mailslot Ring0 Memory Corruption Vulnerability
  • From: mr
• osDate 1.1.8 - Multiple HTML Injection Vulnerability - fixed
  • From: vijay
• RE: ANNOUNCING: 3rd Annual US OWASP AppSec Conference - Oct 16-18 2006 - Seattle, WA
  • From: Dave Wichers
• Re: Startpage <= 1.0 (cfgLanguage) Remote File Inclusion Vulnerability
  • From: noname
• Peoplebook Mambo Component <= v1.0 Remote File Include Vulnerabilities
  • From: matdhule
• Multiple buffer-overflows in libmusicbrainz 2.1.2
  • From: Luigi Auriemma
• [Overflow.pl] ImageMagick ReadSGIImage() Heap Overflow
  • From: Damian Put
• (somewhat) breaking the same-origin policy by undermining dns-pinning
  • From: Martin Johns
• Multiple Buffer Overflow Vulnerabilities in Informix
  • From: NGSSoftware Insight Security Research
• Joomla Webring Component (component_dir) Remote File Inclusion Vulnerabilities
  • From: x0r0n
• [ GLSA 200608-20 ] Ruby on Rails: Several vulnerabilities
  • From: Raphael Marichez
• RE: linksys WRT54g authentication bypass
  • From: TeamXMM Consulting, Inc.
• Multiple Arbitrary File Access (Write/Read) Vulnerabilities
  • From: NGSSoftware Insight Security Research
• Opera 9 Remote Denial of Service
  • From: NNP
• Re: TSRT-06-02: Microsoft SRV.SYS Mailslot Ring0 Memory Corruption Vulnerability
  • From: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]
• Re: RE: linksys WRT54g authentication bypass
  • From: gooorguss
• Re: Re: myBloggie <= 2.1.3 (mybloggie_root_path) Remote File Inclusion Vulnerability
  • From: istgha
• Security contact from Critical Path Inc
  • From: Guillermo Marro
• Re: Calendarix <= 0.7 (calpath) Remote File Inclusion Vulnerability
  • From: Steven M. Christey
• [ MDKSA-2006:142 ] - Updated heartbeat packages fix vulnerability
  • From: security
• [ MDKSA-2006:141 ] - Updated gnupg packages fix vulnerability
  • From: security
• Re: phpPrintAnalyzer <= 1.1 (rep_par_rapport_racine) Remote File Inclusion Vulnerability
  • From: Carsten Eilers
• local file include in PHP-Nuke (autohtml.php)
  • From: MosT3mR
• Mailslot bug (MS06-035) vs non-Mailslot bug (CVE-2006-3942)
  • From: Gerardo Richarte
• [XSec-06-02]: Internet Explorer (IMSKDIC.DLL) COM Object Instantiation Vulnerability
  • From: nop
• Re: Calendarix <= 0.7 (calpath) Remote File Inclusion Vulnerability
  • From: Carsten Eilers
• Koobi Pro CMS 5.6 SQL injection & XSS
  • From: vampire_chiristof
• [XSec-06-03]: Internet Explorer (CHTSKDIC.DLL) COM Object Instantiation Vulnerability
  • From: nop
• [XSec-06-04]: Internet Explorer (msoe.dll) COM Object Instantiation Vulnerability
  • From: nop
• [SECURITY] [DSA 1151-1] New heartbeat packages fix denial of service
  • From: Martin Schulze
• [security bulletin] HPSBUX02141 SSRT51153 rev.1 - HP-UX in Trusted mode, Local Denial of Service (DoS)
  • From: security-alert
• Re: Concurrency-related vulnerabilities in browsers - expect problems
  • From: Michal Zalewski
• Lizge V.20 Web Portal File Include Vulnerability
  • From: crackers_child
• otopholder 1.8 suffers from a local file inclusion,XSS and directory listing vuln
  • From: vampire_chiristof
• fusionnews 3,7 Remote File Inclusion
  • From: Outlaw
• CORE-2006-0714: Microsoft SRV.SYS SMB_COM_TRANSACTION Denial of Service
  • From: Core Security Technologies advisories
• [USN-334-1] krb5 vulnerabilities
  • From: Martin Pitt
• [XSec-06-05]: VMware 5.5.1 for Windows arbitrary partition table delete issue.
  • From: root
• Re: CGI Script Source Code Disclosure Vulnerability in Apache for Windows
  • From: Joe Orton
• Re: TinyWebGallery v1.5 ( image ) Remote Include Vulnerability
  • From: tinywebgallery
• Mambo com_lm component (archive.php) Remote File Include Vulnerabilities
  • From: crackers_child
• [USN-335-1] heartbeat vulnerability
  • From: Martin Pitt
• [scip_Advisory 2456] Horde Framework and Horde IMP /index.php cross site referencing
  • From: Marc Ruef
• [scip_Advisory 2457] Horde Framework and Horde IMP /horde/imp/search.php cross site scripting
  • From: Marc Ruef
• MS Terminal Server application session breakout
  • From: pedantic1
• ShockwaveFlash 9 (Stack overflow)
  • From: Mr . Niega
• [security bulletin] HPSBUX02115 SSRT061077 rev.2 - HP-UX running Support Tools Manager (xstm, cstm, stm) Local Denial of Service (DoS)
  • From: security-alert
• Technical note by Amit Klein: "Sending arbitrary HTTP requests with Flash 7/8 (+IE 6.0)"
  • From: Amit Klein (AKsecurity)
• [ MDKSA-2006:143 ] - Updated Firefox packages fix multiple vulnerabilities
  • From: security
• Re: MS Terminal Server application session breakout
  • From: Thor (Hammer of God)
• SYM06-16 Symantec NetBackup PureDisk Remote Office Edition Elevation of Privilege
  • From: Mike Prosser
• Reporter Mambo Component Remote File &#304;nclude
  • From: crackers_child
• Re: [Overflow.pl] ImageMagick ReadSGIImage() Heap Overflow
  • From: Daniel Kobras
• discloser 0.0.4 Remote File Inclusion (with Exploit)
  • From: dr . t3rr0r1st
• [USN-337-1] imagemagick vulnerability
  • From: Martin Pitt
• [EEYEB-20060703] IBM eGatherer ActiveX Code Execution Vulnerability
  • From: eEye Advisories
• Registration Now Open!: Security OPUS Infosec Conference - Oct 2-5 2006 - San Francisco, CA
  • From: Richard Lindberg
• [USN-336-1] binutils vulnerability
  • From: Martin Pitt
• CubeCart <= 3.0.11 SQL injection & cross site scripting
  • From: rgod
• Re: Re: CGI Script Source Code Disclosure Vulnerability in Apache for Windows
  • From: nareshhacker
• [XSec-06-06]: Windows 2003 (tsuserex.dll) COM Object Instantiation Vulnerability
  • From: nop
• Re: [VulnWatch] Re: Concurrency-related vulnerabilities in browsers - expect problems
  • From: Steven M. Christey
• World Summit on Intrusion Prevention
  • From: wsip
• UPDATED: MITKRB5-SA-2006-001: multiple local privilege escalation vulnerabilities
  • From: Tom Yu
• Re: discloser 0.0.4 Remote File Inclusion (with Exploit)
  • From: Carsten Eilers
• RE: [VulnWatch] Re: Concurrency-related vulnerabilities in browsers - expect problems
  • From: Michael Wojcik
• powergap <= (s0x.php) Remote File Inclusion
  • From: saudi . unix
• Re: SYM06-16 Symantec NetBackup PureDisk Remote Office Edition Elevation of Privilege
  • From: secure
• [security bulletin] HPSBUX02139 SSRT5981 rev.1 - HP-UX Running the LP Subsystem, remote Denial of Service (DoS)
  • From: security-alert
• [ MDKSA-2006:143-1 ] - Updated Firefox packages fix multiple vulnerabilities
  • From: security
• [XSec-06-07]: Visual Studio 6.0 Multiple COM Object Instantiation Vulnerability
  • From: nop
• RE: Mailslot bug (MS06-035) vs non-Mailslot bug (CVE-2006-3942)
  • From: Marc Maiffret
• ToorCon 8 Call for Papers Closing Tomorrow & Workshops/Seminars Added
  • From: h1kari@xxxxxxxxxxx
• Secunia Research: AOL Insecure Default Directory Permissions
  • From: Jakob Balle
• mtg_myhomepage Component For Mambo R.F.I
  • From: Outlaw
• Joomla x-shop <= 1.7 Remote File Include Vulnerability
  • From: crackers_child
• anjel Mambo Component Remote File Include
  • From: crackers_child
• Joomla Rssxt <= 1.0 Remote File Include Vulnerability
  • From: crackers_child
• [SECURITY] [DSA 1152-1] New trac packages fix information disclosure
  • From: Martin Schulze
• mambo-phphop Product Scroller Module R.F.I
  • From: Outlaw
• Norton DLL faking via 'SuiteOwners' protection bypass Vulnerability
  • From: David Matousek
• Mambo jim Component Remote Include Vulnerability
  • From: x0r0n
• Re: when will AV vendors fix this???
  • From: Andreas Marx
• Re: [Full-disclosure] RE: when will AV vendors fix this???
  • From: Paul Schmehl
• Multiple xxs cPanel 10
  • From: preth00nker
• Re: [Full-disclosure] Re: when will AV vendors fix this???
  • From: Paul Schmehl
• Re: [VulnWatch] Re: Concurrency-related vulnerabilities in browsers - expect problems
  • From: Michal Zalewski
• RE: Google Picasa Listening on Port 80?
  • From: Kameron Gasso
• UPDATE vBulletin Version 3.5.4 exploit
  • From: dicomdk
• RE: Security contact from Critical Path Inc
  • From: Tony Maupin
• Registration Now Open!: 3rd Annual US OWASP AppSec Conference - Oct 16-18 2006 - Seattle, WA
  • From: Dave Wichers
• OneOrZero Helpdesk V1.6.4.1 susceptible to SQL injection and XSS
  • From: vampire_chiristof
• Re: [Full-disclosure] RE: when will AV vendors fix this???
  • From: Bipin Gautam
• JavaScript Lazy Authorization Forcer and Visited Link Scaner
  • From: pdp (architect)
• contentpublisher Mambo Component Remote File Include Vulnerabilities
  • From: crackers_child
• Re: Mailslot bug (MS06-035) vs non-Mailslot bug (CVE-2006-3942)
  • From: naveed
• Mambo mambelfish Component <= 1.1 Remote File Include Vulnerability
  • From: bilkopat
• [SECURITY] [DSA 1153-1] New ClamAV packages fix arbitrary code execution
  • From: Martin Schulze
• Re: UPDATE vBulletin Version 3.5.4 exploit
  • From: scott
• Re: Concurrency-related vulnerabilities in browsers - expect problems
  • From: mannion
• Joomla Kochsuite Component <= 0.9.4 (config.kochsuite.php) Remote File Inclusion Vulnerability
  • From: camino
• Joomla MamboWiki Component <= 0.9.4 (MamboLogin.php) Remote File Inclusion Vulnerability
  • From: camino
• [KAPDA::#55] - Joomla poll component vulnerability
  • From: alireza hassani
• Joomla RF&#304; ( ERNE )
  • From: erne
• Sonium Enterprise Adressbook Version 0.2 (folder) RFI
  • From: philipp . niedziela
• Re: Concurrency-related vulnerabilities in browsers - expect problems
  • From: Michal Zalewski
• Re: Re: discloser 0.0.4 Remote File Inclusion (with Exploit)
  • From: dr . t3rr0r1st
• Re: JavaScript Lazy Authorization Forcer and Visited Link Scaner
  • From: mikeiscool
• Modification For OpenSEF Remote file Inclusion
  • From: Outlaw
• Ako Comments (mod) Remote File Inclusion
  • From: Outlaw
• [Kurdish Security # 23] Spaw Editor Remote Include Vulnerability
  • From: botan
• Mambo CatalogShop Remote File Inclusion
  • From: Outlaw
• Mambo com_cropimage 1.0 Component Remote Include Vulnerability
  • From: x0r0n
• XennoBB <= 2.2.1 "icon_topic" SQL Injection
  • From: c . boulton
• POC & exploit for Apache mod_rewrite off-by-one
  • From: Jacobo Avariento
• LBlog <= "comments.asp" SQL Injection Exploit
  • From: ChironeX . FleckeriX
• WoltLab Burning Board 2.3.5(WBB) in XSS
  • From: ZeberuS
• [SECURITY] [DSA 1154-1] New squirrelmail packages fix information disclosure
  • From: Moritz Muehlenhoff
• New PowerPoint 0-day and Trojan - FAQ document ready
  • From: Juha-Matti Laurio
• Re: [SECURITY] [DSA 1150-1] New shadow packages fix privilege escalation
  • From: Henry Jensen
• [XSec-06-08]: Windows 2000 Multiple COM Object Instantiation Vulnerability
  • From: nop
• Mambo Component - Display MOSBot Manager Remote File Inclusion Vuln
  • From: Outlaw
• Mambo Component - Display MOSBot Manager Remote File Inclusion Vuln
  • From: Outlaw
• DoS 2wire Gateway
  • From: preth00nker
• Mambo Component - EstateAgent Remote File Inclusion
  • From: Outlaw
• [XSec-06-09]: Internet Explorer Multiple COM Objects Color Property DoS Vulnerability
  • From: nop
• ToendaCMS <= 1.0.3 -(tcms_administer_site) Remote File Include
  • From: h4ck3riran
• Re: Startpage <= 1.0 (cfgLanguage) Remote File Inclusion Vulnerability
  • From: securityfocus
• SimpleBlog 2.0 <= "comments.asp" SQL Injection Exploit
  • From: ChironeX . FleckeriX
• Diesel Job Site forgot.php Cross-Site Scripting
  • From: night_warrior-
• Diesel Paid Mail getad.php Cross-Site Scripting Vulnerability
  • From: night_warrior-
• Smart Traffic Remote File Include Vulnerability
  • From: night_warrior-
• DieselPay &#304;ndex.php Cross-Site Scripting Vulnerability
  • From: night_warrior-
• [ MDKSA-2006:144 ] - Updated php packages fix vulnerability
  • From: security
• [ MDKSA-2006:145 ] - Updated Firefox packages fix multiple vulnerabilities
  • From: security
• MDaemon POP3 server remote buffer overflow (preauth)
  • From: infocus
• [ MDKSA-2006:146 ] - Updated Thunderbird packages fix multiple vulnerabilities
  • From: security
• TTG0601 - Alt-N WebAdmin Multiple Vulnerabilities
  • From: TTG
• Vendor Statement: fixed Mobotix IP Network Cameras Multiple XSS bug
  • From: dkabs
• Simpliciti Locked Browser Jail Breakout Vulnerability
  • From: dc
• EEYE:ALERT: MS06-042 Related Internet Explorer 'Crash' is Exploitable
  • From: Marc Maiffret
• Major updates in PowerPoint FAQ document - not a 0-day issue
  • From: Juha-Matti Laurio
• Simple Machines Forum <=1.1RC2 unset() vulnerabilities
  • From: rgod
• Re: Joomla x-shop <= 1.7 Remote File Include Vulnerability
  • From: Carsten Eilers
• Re: Joomla Rssxt <= 1.0 Remote File Include Vulnerability
  • From: Carsten Eilers
• unauthorized VNC access in AK-Systems Windows Terminals
  • From: Victor Sudakov
• Re: Mambo Component - Display MOSBot Manager Remote File Inclusion Vuln
  • From: Jan de Groot
• Re: mtg_myhomepage Component For Mambo R.F.I
  • From: Carsten Eilers
• (exploit) firefox 1.5.0.6 linux DoS
  • From: tomas
• Linux Kernel SCTP Privilege Elevation Vulnerability
  • From: Avert
• Tons of SQL-injections and XSS in Eichhorn Portal and vendor page
  • From: MC Iglo
• Symantec Enterprise Security Manager Denial-of-Service Vulnerability
  • From: Avert
• Re: mambo-phphop Product Scroller Module R.F.I
  • From: Carsten Eilers
• PHlyMail Lite [PM_[path][lib]=] Remote File Include Vulnerability
  • From: D3nGeR
• PHProjekt v0.6.1 Remote File Inclusion Vulnerability (2)
  • From: D3nGeR
• BlackBoard Multiple Vulnerabilities (XSS)
  • From: Pr070n
• Re: discloser 0.0.4 Remote File Inclusion (with Exploit)
  • From: Carsten Eilers
• Re: anjel Mambo Component Remote File Include
  • From: Carsten Eilers
• [ MDKSA-2006:147 ] - Updated squirrelmail packages fix vulnerabilities
  • From: security
• faille include in "VeriTECH" isreal
  • From: king-hacker
• Re: BlackBoard Multiple Vulnerabilities (XSS)
  • From: C. Hamby
• Symantec Gateway Security DNS exploit
  • From: Gianstefano Monni
• Re: BlackBoard Multiple Vulnerabilities (XSS)
  • From: pr0t0n
• Cisco Security Advisory: Cisco VPN 3000 Concentrator FTP Management Vulnerabilities
  • From: Cisco Systems Product Security Incident Response Team
• Cisco Security Advisory: Unintentional Password Modification in Cisco Firewall Products
  • From: Cisco Systems Product Security Incident Response Team
• AW: Symantec Gateway Security DNS exploit
  • From: Andre Braun
• RE: Symantec Gateway Security DNS exploit
  • From: Pretorius, Wynand (ZA - Johannesburg)
• Bugtraq ID: 18402
  • From: The Cute Group
• New malware names and updates to PowerPoint FAQ document
  • From: Juha-Matti Laurio
• [ GLSA 200608-21 ] Heimdal: Multiple local privilege escalation vulnerabilities
  • From: Raphael Marichez
• [ GLSA 200608-22 ] fbida: Arbitrary command execution
  • From: Raphael Marichez
• FreeBSD Security Advisory FreeBSD-SA-06:18.ppp
  • From: FreeBSD Security Advisories
• Advisory: VistaBB <= 2.x Multiple File Inclusion Vulnerabilities
  • From: Mustafa Can Bjorn IPEKCI
• Advisory: Integramod Portal <= 2.x File Inclusion Vulnerability
  • From: Mustafa Can Bjorn IPEKCI
• Re: Modification For OpenSEF Remote file Inclusion
  • From: Carsten Eilers
• Re: Joomla RF&#304; ( ERNE )
  • From: Carsten Eilers
• Re: Opsware NAS 6.0 reveals MySQL 'root' password
  • From: danil9470
• [SECURITY] [DSA 1155-1] New sendmail packages fix denial of service
  • From: Martin Schulze
• Re: Directory Traversal vulnerability in IPCheck Monitor Server
  • From: support
• Re: PHProjekt v0.6.1 Remote File Inclusion Vulnerability (2)
  • From: Carsten Eilers
• Re: PHlyMail Lite [PM_[path][lib]=] Remote File Include Vulnerability
  • From: Carsten Eilers
• Re: Mambo Component - EstateAgent Remote File Inclusion
  • From: Carsten Eilers
• [ GLSA 200608-23 ] Heartbeat: Denial of Service
  • From: Sune Kloppenborg Jeppesen
• [SECURITY] [DSA 1155-2] New sendmail packages fix denial of service
  • From: Martin Schulze
• Re: ToendaCMS <= 1.0.3 -(tcms_administer_site) Remote File Include
  • From: Carsten Eilers
• EEYE: Internet Explorer Compressed Content URL Heap Overflow Vulnerability
  • From: Marc Maiffret
• [ MDKSA-2006:149 ] - Updated MySQL packages fix user privilege vulnerabilities
  • From: security
• [ MDKSA-2006:148 ] - Updated xorg-x11 packages fix vulnerabilities
  • From: security
• Advisory 05/2006: Zend Platform Multiple Remote Vulnerabilities
  • From: Stefan Esser
• pSlash v0.7 (lvc_include_dir) Remote Include Vulnerability
  • From: x0r0n
• Re: contentpublisher Mambo Component Remote File Include Vulnerabilities
  • From: Carsten Eilers
• Re: [eVuln] B-net Software Multiple XSS Vulnerabilities
  • From: anon
• rPSA-2006-0157-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs
  • From: Justin M. Forbes
• Multiple Vulnerabilities in Asterisk 1.2.10 (Fixed in 1.2.11)
  • From: Matt Riddell (IT)
• NSFOCUS SA2006-08 : Microsoft IE6 urlmon.dll Long URL Buffer Overflow Vulnerability
  • From: NSFOCUS Security Team
• rPSA-2006-0158-1 tshark wireshark
  • From: Justin M. Forbes
• TSLSA-2006-0048 - multi
  • From: Trustix Security Advisor
• FreeBSD Security Advisory FreeBSD-SA-06:18.ppp [REVISED]
  • From: FreeBSD Security Advisories
• Indiana University Security Advisory: Fuji Xerox Printing Systems (FXPS) print engine vulnerabilities
  • From: Krulewitch, Sean V
• YaPiG thanks_comment.php Cross-Site Scripting Vulnerability
  • From: Kuon_at_Armorize_dot_com
• Re: Symantec Gateway Security DNS exploit
  • From: axel
• [ MDKSA-2006:150 ] - Updated kernel packages fix multiple vulnerabilities
  • From: security
• [ MDKSA-2006:151 ] - Updated kernel packages fix multiple vulnerabilities
  • From: security
• CuteNews 1.3.* Remote File Include Vulnerability
  • From: stormhacker
• [ MDKSA-2006:152 ] - Updated wireshark packages fix multiple vulnerabilities
  • From: security
• MyBB Html Injection ( XSS )
  • From: Redworm
• AlstraSoft Video Share Enterprise Remote File Include Vulnerability
  • From: night_warrior-
• [ GLSA 200608-24 ] AlsaPlayer: Multiple buffer overflows
  • From: Raphael Marichez
• Sql injection in Mambo & Joomla
  • From: Omid
• Bigace 1.8.2 (GLOBALS) Remote File Inclusion
  • From: vampire_chiristof
• Sql injection in Xoops
  • From: Omid
• Jupiter CMS 1.1.5 index.php Remote File Include
  • From: D3nGeR
• Jetbox CMS search_function.php Remote File
  • From: D3nGeR
• Suggested Fix for CVE-2006-4299
  • From: Michael Jennings
• Cisco NAC Appliance Agent Installation Bypass Vulnerability
  • From: Andreas Gal
• Mambo/Joomla com_comprofiler Components <== v1.0 RC 2 Multiple Remote File Include Vulnerabilities
  • From: matdhule
• Re: Cisco NAC Appliance Agent Installation Bypass Vulnerability
  • From: Eloy Paris
• [SECURITY] [DSA 1156-1] New kdebase packages fix information disclosure
  • From: Moritz Muehlenhoff
• [XSec-06-10]: Internet Explorer (daxctle.ocx) Heap Overflow Vulnerability
  • From: nop
• [SECURITY] [DSA 1159-1] New Mozilla Thunderbird packages fix several problems
  • From: Martin Schulze
• [SECURITY] [DSA 1158-1] New streamripper packages fix arbitrary code execution
  • From: Moritz Muehlenhoff
• [SECURITY] [DSA 1157-1] New ruby1.8 packages fix several vulnerabilities
  • From: Moritz Muehlenhoff
• [ GLSA 200608-25 ] X.org and some X.org libraries: Local privilege escalations
  • From: Raphael Marichez
• interact <= 2.2 (CONFIG[BASE_PATH]) Remote File Include Vulnerability
  • From: carcabotx
• JetBox cms (search_function.php) Remote File Include
  • From: carcabotx
• Re: Another YabbSE Remote Code Execution Vulnerability
  • From: wiziwig
• Possible Myspace Worm
  • From: mjw
• Re: Cisco NAC Appliance Agent Installation Bypass Vulnerability
  • From: Udo Sprotte
• SYMSA-2006-009
  • From: research
• [ GLSA 200608-27 ] Motor: Execution of arbitrary code
  • From: Raphael Marichez
• [ GLSA 200608-26 ] Wireshark: Multiple vulnerabilities
  • From: Raphael Marichez
• [ GLSA 200608-28 ] PHP: Arbitary code execution
  • From: Raphael Marichez
• rPSA-2006-0159-1 ImageMagick
  • From: Justin M. Forbes
• [ MDKSA-2006:155 ] - Updated ImageMagick packages fix vulnerabilities
  • From: security
• [ MDKSA-2006:153 ] - Updated binutils packages fix multiple vulnerabilities
  • From: security
• [ MDKSA-2006:154 ] - Updated lesstif packages fix potential local root vulnerability
  • From: security
• LinksCaffe no checker at admin
  • From: hoangyenxinhdep
• CYBSEC - Security Advisory: Microsoft Windows DHCP Client Service Remote Buffer Overflow
  • From: Mariano Nuñez Di Croce
• [SECURITY] [DSA 1160-1] New Mozilla packages fix several vulnerabilities
  • From: Martin Schulze
• AW: JetBox cms (search_function.php) Remote File Include
  • From: Frank Reißner
• e107 <= 0.75 GLOBALS[] overwrite/Zend_Hash_Del_Key_Or_Index remote commands execution
  • From: rgod
• Submit ( b2evolution<= 1.8 Remote File Include Vulnerabilities )
  • From: h4ck3riran
• Submit ( ToendaCMS<= ( Remote File Include Vulnerabilities )
  • From: h4ck3riran
• JS ASP Faq Manager v1.10 sql injection
  • From: ali
• [SECURITY] [DSA 1161-1] New Mozilla Firefox packages fix several vulnerabilities
  • From: Martin Schulze
• DUpoll 3.1 security alert
  • From: bozkurtserdar
• Portail PHP mod_phpalbum 2.15 Modules Remote File Inclusion
  • From: x0r0n
• Re: Jupiter CMS 1.1.5 index.php Remote File Include
  • From: Carsten Eilers
• Re: CuteNews 1.3.* Remote File Include Vulnerability
  • From: Carsten Eilers
• InfoSec Paper: Creating Business Through Virtual Trust
  • From: Kenneth F. Belva
• Re: Cisco NAC Appliance Agent Installation Bypass Vulnerability
  • From: Joe Feise
• Re: AW: JetBox cms (search_function.php) Remote File Include
  • From: Steven M. Christey
• SQL-Ledger serious security vulnerability and workaround
  • From: chris
• [SECURITY] [DSA 1162-1] New libmusicbrainz packages fix arbitrary code execution
  • From: Martin Schulze
• Ezportal/Ztml v1.0 Multiple vulnerabilities
  • From: Hessamx
• IwebNegar v1.1 Multiple vulnerabilities
  • From: Hessamx
• Nuked Klan 1.7 SP4.3 : Function Anti-XSS Bypassed
  • From: Blwood
• XSS in HLstats 1.34
  • From: MC Iglo
• [KAPDA::#56] - FREEKOT SQL Injection Vulnerability
  • From: farhadkey
• [SECURITY] [DSA 1163-1] New gtetrinet packages fix arbitrary code execution
  • From: Martin Schulze
• Re: JetBox cms (search_function.php) Remote File Include
  • From: Carsten Eilers
• ezContents Version 2.0.3 Remote/Local File Inclusion, SQL Injection, XSS
  • From: gmdarkfig
• osCommerce < 2.2 Milestone 2 060817 POC Exploit
  • From: s10242006
• [KAPDA]MyBB 1.1.7 ~ admin/global.php ~ XSS Attack
  • From: addmimistrator
• feedsplitter considered harmful
  • From: jon
• Hackers to Hackers Conference III - Call for Papers
  • From: Rodrigo Rubira Branco (BSDaemon)
• [KAPDA]MyBB 1.1.7~ htmlspeacialchar_uni(), fixjavascript(), functions_post.php ~[url]XSS attack
  • From: addmimistrator