Mail Index
- [ MDKSA-2006:157 ] - Updated musicbrainz packages fix buffer overflow vulnerabilities
- Re: JetBox cms (search_function.php) Remote File Include
- [ECHO_ADV_46$2006] ExBB v1.9.1 (exbb[home_path]) Multiple Remote File Inclusion
- [ MDKSA-2006:156 ] - Updated sendmail packages fix DoS vulnerabilities
- New NT4/Windows botnet reported
- XXS in learncenter.asp
- rPSA-2006-0161-1 libmusicbrainz
- From: rPath Update Announcements
- Lyris ListManager 8.95: Add arbitrary administrator to arbitrary list
- Membrepass v1.5 Php code execution, Xss, Sql Injection
- AW: AW: JetBox cms (search_function.php) Remote File Include
- [SECURITY] [DSA 1164-1] New sendmail packages fix denial of service
- [ MDKSA-2006:158 ] - Updated MySQL packages fix DoS vuln, initscript bug
- Compression Plus and Tumblweed EMF Stack Overflow
- Re: Re: BlackBoard Multiple Vulnerabilities (XSS)
- rPSA-2006-0162-1 kernel
- From: rPath Update Announcements
- Pheap CMS<= (lpref) Remote File Inclusion Exploit
- ModuleBased CMS alfa 1 Multiple Remote File Inclusion
- [ISR] - IBM eGatherer ActiveX Code Execution PoC
- Re: Submit ( b2evolution<= 1.8 Remote File Include Vulnerabilities )
- Re: ZoneX 1.0.3 - Publishers Gold Edition Remote File Inclusion Vulnerability
- [SECURITY] [DSA 1165-1] New capi4hylafax packages fix arbitrary command execution
- ISS BlackICE PC Protection Insufficient validation of arguments of NtOpenSection Vulnerability
- Re: Submit ( ToendaCMS<= ( Remote File Include Vulnerabilities )
- [ MDKSA-2006:159 ] - Updated sudo packages whitelist environments
- [ MDKSA-2006:160 ] - Updated xorg-x11/XFree86 packages fix potential vulnerabilities
- [Informix] Is Telelogic's Synergy integrated Informix server also vulnerable?
- forum v0.4c (members.dat) MD5 Passwd Hash Disclosure Poc
- Icblogger <= "YID" Remote Blind SQL Injection
- From: ChironeX . FleckeriX
- Sql injection in SMF [Admin section]
- Sql injections in e107 [Admin section]
- Re: ModuleBased CMS alfa 1 Multiple Remote File Inclusion
- XXS in Powered by vbzoom
- PHP-Revista Multiple vulnerabilities
- Autentificator <=2.01 SQL Injection Vulnerability
- ssLinks <=v1.22 Multiple SQL Injection Vulnerabilities
- Annuaire 1Two 2.2 Remote SQL Injection Exploit
- Tr Forum V2.0 Multiple Vulnerabilities
- The Amazing Little Poll Admin Pwd
- Airscanner Mobile Security Advisory #05081701: IM+ v3.10 Local Password Plaintext Exposure
- Re: [ECHO_ADV_45$2006] WEBinsta CMS 0.3.1 (templates_dir) Remote File Inclusion Vulnerability
- [SECURITY] [DSA 1166-1] New cheesetraceker packages fix buffer overflow
- Web Dictate Admin Null Password Vulnerability
- Airscanner Mobile Security Advisory #05081201: PDAapps Verichat v1.30bh Local Password Disclosure
- SoftBB 0.1 Remote PHP Code Execution Exploit
- [SECURITY] [DSA 1167-1] New apache packages fix several vulnerabilities
- AnywhereUSB/5 1.80.00 Drivers Integer Overflow
- From: SecuriTeam Assisted Disclosure
- Re: TinyWebGallery v1.5 ( image ) Remote Include Vulnerability
- CFP, IT Underground, Warsaw, Poland 2006
- [USN-338-1] MySQL vulnerabilities
- TTG0602 - Alt-N WebAdmin MDaemon Account Hijacking
- [USN-339-1] OpenSSL vulnerability
- SoftBB v0.1 < = Cross-Site Scripting
- [SECURITY] [DSA 1168-1] New imagemagick packages fix arbitrary code execution
- Microsoft Word 0-day Vulnerability (September) FAQ document available
- HITBSecConf2006 Final Call !
- [SECURITY] [DSA 1169-1] New MySQL 4.1 packages fix several vulnerabilities
- [Kurdish Security # 25 ] GrapAgenda Remote Command Vulnerability
- SolpotCrew Advisory #7 - AlstraSoft Template Seller Remote File Include Vulnerability
- MyBace Light (hauptverzeichniss) Remote File Inclusion
- From: philipp . niedziela
- VirtualPC 2004 (build 528) detection (?)
- Re: CuteNews 1.3.* Remote File Include Vulnerability
- [Kurdish Security # 26 ] AnnonceV News Script Remote Command Vulnerability
- Buffer overflow vulnerability in dsocks
- Anti-vir vulnerability
- 2nd European Conference on Computer Network Defense (EC2ND)
- ZIXForum 1.12 <= "RepId" Remote SQL Injection
- From: ChironeX . FleckeriX
- [security bulletin] HPSBUX02145 SSRT061202 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), and Unauthorized Access
- AuditWizard 6.3.2 gives away administrator password
- UPDATE: [ GLSA 200509-09 ] Py2Play: Remote execution of arbitrary Python code
- From: Sune Kloppenborg Jeppesen
- Re: VirtualPC 2004 (build 528) detection (?)
- FlashChat <= 4.5.7 Remote File Include Vulnerability
- rPSA-2006-0163-1 openssl openssl-scripts
- From: rPath Update Announcements
- in-link <=2.3.4 (adodb-postgres7.inc.php) Remote File Inclusion Exploit
- Dyn CMS <= REleased (x_admindir) Remote File Inclusion Exploit
- Anti-vir2
- php download local file include
- Easy Address Book Web Server Format String Vulnerability
- Re: Microsoft Word 0-day Vulnerability (September) FAQ document available
- [OpenPKG-SA-2006.018] OpenPKG Security Advisory (openssl)
- Details for BID 18428
- Details for BID 19586
- [USN-340-1] imagemagick vulnerabilities
- Reminder: 3rd Annual US OWASP AppSec Conference - Oct 16-18 2006 - Seattle, WA
- release uhooker v1.2
- Cisco IOS GRE issue
- Canon ImageRunner reveals SMB, IPX, and FTP username/passwords
- [SECURITY] [DSA 1170-1] New fastjar packages fix directory traversal
- [security bulletin] HPSBUX02102 SSRT051078 rev.4 - HP-UX usermod(1M) Local Unauthorized Access.
- [ GLSA 200609-04 ] LibXfont: Multiple integer overflows
- From: Sune Kloppenborg Jeppesen
- [ GLSA 200609-03 ] OpenTTD: Remote Denial of Service
- From: Sune Kloppenborg Jeppesen
- [ GLSA 200609-01 ] Streamripper: Multiple remote buffer overflows
- From: Sune Kloppenborg Jeppesen
- Sql Injection and Path Disclosoure Wordpress v2.0.5
- IBM Lotus Notes DUNZIP32.dll Buffer Overflow Vulnerability
- [ GLSA 200609-02 ] GTetrinet: Remote code execution
- From: Sune Kloppenborg Jeppesen
- Microsoft confirmed Word 0-day vulnerability
- WDT :-phpopenchat-3.0.* ($sourcedir) Remote File Inclusion Exploit
- FreeBSD Security Advisory FreeBSD-SA-06:19.openssl
- From: FreeBSD Security Advisories
- [ MDKSA-2006:161 ] - Updated openssl packages fix vulnerability
- [OpenPKG-SA-2006.019] OpenPKG Security Advisory (bind)
- [USN-341-1] libxfont vulnerability
- NDSS CFP Due September 10th
- [USN-342-1] PHP vulnerabilities
- Re: Sql Injection and Path Disclosoure Wordpress v2.0.5
- Re: ZoneX 1.0.3 - Publishers Gold Edition Remote File Inclusion Vulnerability
- SECURITY.NNOV: Panda Platinum Internet Security privilege escalation / bayesian filter control security vulnerabilities
- PHPFusion <= 6.01.4 extract()/_SERVER[REMOTE_ADDR] sql injection exploit
- Re: ZoneX 1.0.3 - Publishers Gold Edition Remote File Inclusion Vulnerability
- Host header cannot be trusted as an anti anti DNS-pinning measure
- From: Amit Klein (AKsecurity)
- [ GLSA 200609-05 ] OpenSSL, AMD64 x86 emulation base libraries: RSA signature forgery
- From: Sune Kloppenborg Jeppesen
- BinGoPHP News <= 3.01 [bnrep] Remote File Include Vulnerability
- Re: PasswordSafe 3.0 weak random number generator allows key recovery attack
- [ MDKSA-2006:162 ] - Updated php packages fix vulnerabilities
- xxs in MKPortal M1.1
- CORE-2006-0321: AOL ICQ Pro 2003b heap overflow vulnerability
- From: CORE Security Technologies Advisories
- CORE-2006-0322: Multiple vulnerabilities in ICQ Toolbar 1.3 for Internet Explorer
- From: CORE Security Technologies Advisories
- DokuWiki <= 2006-03-09brel /bin/dwpage.php remote commands execution
- Shadow Prmod <= 2.7.1 [phpbb_root_path] Remote File Include Vulnerability
- SL_Site <= 1.0 [spaw_root] Remote File Include Vulnerability
- Full Disclosure for SQL-Ledger vulnerability CVE-2006-4244
- ZDI-06-028: Ipswitch Collaboration Suite SMTP Server Stack Overflow
- Re: WDT :-phpopenchat-3.0.* ($sourcedir) Remote File Inclusion Exploit
- Re: [Full-disclosure] Linux kernel source archive vulnerable
- Sql injection in RunCMS
- WM-News v0.5 - Remote File Include Vulnerabilities
- Re: Canon ImageRunner reveals SMB, IPX, and FTP username/passwords
- XSS in AckerTodo v4.0
- Linux kernel source archive vulnerable
- FreeBSD Security Advisory FreeBSD-SA-06:20.bind
- From: FreeBSD Security Advisories
- Sql injection in BLOG:CMS
- Re: [Full-disclosure] Linux kernel source archive vulnerable
- Re: Microsoft confirmed Word 0-day vulnerability
- From: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]
- [SECURITY] [DSA 1171-1] New ethereal packages fix execution of arbitrary code
- Black Hat Briefings Japan Speakers Selected!
- ACGV News v0.9.1 - Remote File Include Vulnerabilities
- News Evolution v3.0.3 - Remote File Include Vulnerabilities
- [USN-343-1] bind9 vulnerabilities
- [RISE-2006001] X11R6 XKEYBOARD extension Strcmp() buffer overflow
- AW: WDT :-phpopenchat-3.0.* ($sourcedir) Remote File Inclusion Exploit
- PhotoKorn Gallery => 1.52 (dir_path) Remote File Inclusion Exploit
- rPSA-2006-0165-1 mailman
- From: rPath Update Announcements
- rPSA-2006-0166-1 bind bind-utils
- From: rPath Update Announcements
- client side vulnerability in yahoo mail
- Timesheet 1.2.1 Blind SQL Injection Vulnerability
- Akarru rfi
- mcNews v1.3 - Remote File Include
- Airscanner Mobile Security Advisory #06260602: Pocket Expense Pro 3.9.1 Authentication Bypass
- Airscanner Mobile Security Advisory #06070101: Abidia & OAnywhere (All versions)
- Re: Re: Sql Injection and Path Disclosoure Wordpress v2.0.5
- RSA SecurID SID800 Token vulnerable by design
- [ MDKSA-2006:163 ] - Updated bind packages fix DoS vulnerabilities
- Re: RSA SecurID SID800 Token vulnerable by design
- Multible injections and vulnerabilities in Jetbox CMS
- PHP 5.1.6 / 4.4.4 Critical php_admin* bypass by ini_restore()
- Cross Context Scripting with Sage
- Re: [Full-disclosure] Re: RSA SecurID SID800 Token vulnerable by design
- [SECURITY] [DSA 1172-1] New bind9 packages fix denial of service
- Re: PHP 5.1.6 / 4.4.4 Critical php_admin* bypass by ini_restore()
- Re: RSA SecurID SID800 Token vulnerable by design
- Re: Re: Sql Injection and Path Disclosoure Wordpress v2.0.5
- SimpleBoard Mambo Component 1.1.0 Remote File Include
- ConSec Symposium - Sept 20-22 in Austin, TX
- Re[2]: RSA SecurID SID800 Token vulnerable by design
- [SECURITY] [DSA 1159-2] New Mozilla Thunderbird packages fix several problems
- Re: RSA SecurID SID800 Token vulnerable by design
- Web Server Creator v0.1 (l) Remote Include Vulnerability
- Re[3]: RSA SecurID SID800 Token vulnerable by design
- XHP CMS v0.5.1 Vuls Xss and Full path vuls
- Re: [Full-disclosure] Linux kernel source archive vulnerable
- MagpieRSS (a simple RSS integration tool) Full path vul
- Re: WDT :-phpopenchat-3.0.* ($sourcedir) Remote File Inclusion Exploit
- R: Linux kernel source archive vulnerable
- From: Perego Paolo Franco
- Vikingboard 0.1b Multiple Vulnerabilities
- Re: Linux kernel source archive vulnerable
- From: Gerald (Jerry) Carter
- [SECURITY] [DSA 1174-1] New openssl096 packages fix RSA signature forgery cryptographic weakness
- PHP Advanced Transfer Manager v1.20 ; Multiple Remote File Include Vulnerabilities
- PUMA 1.0 RC 2 (config.php) Remote File Inclusion
- From: philipp . niedziela
- Open Bulletin Board <= 1.0.8 (root_path) File Include Vulnerability
- text ads xss attack
- PayProCart <= 1146078425 Multiple Remote File Include Vulnerabilities
- HotPlug CMS Config File Include Vulnerability
- Re: [Full-disclosure] Re: RSA SecurID SID800 Token vulnerable by design
- PhpLinkExchange v1.0 RFI + RC + Xss [RC-exploit]
- [SECURITY] [DSA 1173-1] New openssl packages fix RSA signature forgery cryptographic weakness
- SIPS v 0.2.2 < = Remote File Include Vulnerability
- Microsoft visual basic 6. overflow
- C-News v 1.0.1 < = Multiple Remote File Include Vulnerabilities
- SolpotCrew Advisory #8 - Mcgallerypro (path_to_folder) Remote File Inclusion
- ShAnKaR: multiple PHP application poison NULL byte vulnerability
- CMS.R. the Content Management System admin authentication baypass
- RE: [Full-disclosure] Re: RSA SecurID SID800 Token vulnerable by design
- Re[5]: RSA SecurID SID800 Token vulnerable by design
- Sql injection in Tikiwiki
- Re: Re[3]: RSA SecurID SID800 Token vulnerable by design
- WTools v0.0.1-ALPH - Remote File Include Vulnerabilities
- AzzCoder => phpBB XS 0.58 Remote File Include
- rPSA-2006-0167-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs
- From: rPath Update Announcements
- LedgerSMB 1.0.0 and SQL-Ledger 2.6.18 and earler arbitrary code execution
- Newsscript version 0.5 (print.php) Local File Inclusion Vulnerability
- NETGEAR Rotuer DG834GT Firmware V1.01.28 (DoS)
- Re: ShAnKaR: multiple PHP application poison NULL byte vulnerability
- Session Token Remains Valid After Logout in IBM Lotus Domino Web Access
- ERRATA: [ GLSA 200609-05 ] OpenSSL, AMD64 x86 emulation base libraries: RSA signature forgery
- From: Sune Kloppenborg Jeppesen
- Apple QuickTime Player H.264 Codec Remote Integer Overflow
- Computer Terrorism (UK) :: Incident Response Centre - Microsoft Publisher Font Parsing Vulnerability
- Computer Terrorism (UK) :: Incident Response Centre - Adobe/Macromedia Flash Player Vulnerability
- [USN-344-1] X.org vulnerabilities
- Apple QuickTime H.264 Integer Overflow Vulnerability
- iDefense Security Advisory 09.12.06: Apple QuickTime FLIC File Heap Overflow Vulnerability
- iDefense Security Advisory 09.12.06: Multiple Vendor X Server CID-keyed Fonts 'scan_cidfont()' Integer Overflow Vulnerability
- iDefense Security Advisory 09.12.06: Multiple Vendor X Server CID-keyed Fonts 'CIDAFM()' Integer Overflow
- [EEYEB-20080824] Internet Explorer Compressed Content URL Heap Overflow Vulnerability #2
- [SECURITY] [DSA 1175-1] New isakmpd packages fix replay protection bypass
- # ForumJBC v4 < = Cross-Site Scripting - XSS Exploit ;
- PHP Event Calendar Multiple Parameter Cross Site Scripting Vulnerability
- Re: PHP 5.1.6 / 4.4.4 Critical php_admin* bypass by ini_restore()
- NetPerformer FRAD ACT Multiple Vulnerabilities
- [ GLSA 200609-07 ] LibXfont, monolithic X.org: Multiple integer overflows
- From: Sune Kloppenborg Jeppesen
- Re: PHP Advanced Transfer Manager v1.20 ; Multiple Remote File Include Vulnerabilities
- Multiple Vulnerabilities in Apple QuickTime
- Re: SECURITY.NNOV: Panda Platinum Internet Security privilege escalation / bayesian filter control security vulnerabilities
- [security bulletin] HPSBUX02151 SSRT051021 rev.1 - HP-UX Running ARPA Transport Software, Local Denial of Service (DoS)
- [USN-345-1] mailman vulnerabilities
- [security bulletin] HPSBMA02149 SSRT050968 rev.1 - HP OpenView Operations, Remote Unauthorized Access and Denial of Service (DoS)
- [SECURITY] [DSA 1161-2] New Mozilla Firefox packages fix several vulnerabilities
- Cisco IOS VTP issues
- [0day] daxctle2.c - Internet Explorer COM Object Heap Overflow Download Exec Exploit
- Snitz Forums 2000 v3.4.06
- [eVuln] Doika guestbook 'page' XSS Vulnerability
- [eVuln] indexcity SQL Injection and XSS Vulnerabilities
- [eVuln] Links Manager Multiple XSS and SQL Injection Vulnerabilities
- [eVuln] CJ Tag Board XSS Vulnerability
- [ GLSA 200609-09 ] FFmpeg: Buffer overflows
- From: Sune Kloppenborg Jeppesen
- [eVuln] NX5Linkx Multiple Vulnerabilities
- TualBLOG v 1.0 multiple sql injection
- [ GLSA 200609-08 ] xine-lib: Buffer overflows
- From: Sune Kloppenborg Jeppesen
- PAKCON III: Announce (2006)
- [SECURITY] [DSA 1176-1] New zope2.7 packages fix information disclosure
- PAKCON III: Call for Papers (CfP 2006)
- Re: Cisco IOS VTP issues
- Mailman 2.1.8 Multiple Security Issues
- [ MDKSA-2006:164 ] - Updated xorg-x11/XFree86 packages fix integer overflow vulnerabilities
- ToorCon Pre-Registration Closing Friday!
- ADOdb Date Library Full path Bugs
- DCP-Portal SE 6.0 multiple injections
- [ GLSA 200609-10 ] DokuWiki: Arbitrary command execution
- From: Sune Kloppenborg Jeppesen
- XSS vulnerability in Blojsom
- Secunia Research: Tagger LE PHP "eval()" Injection Vulnerabilities
- [USN-346-2] Fixed linux-restricted-modules-2.6.15 for previous Linux kernel update
- Magic News Pro => 1.0.3 (script_path) Remote File Inclusion Exploit
- Re: PHP Advanced Transfer Manager v1.20 ; Multiple Remote File Include Vulnerabilities
- SIP over TLS: X.509 peer authentication vulnerability in Ingate products
- Fullpath disclosure in Blue Magic Board 5.5
- SolpotCrew Advisory #9 - phpQuiz v0.01 design and coding byJule Slootbeek (pagename) Remote File Inclusion
- Layered Defense Advisory :Symantec AntiVirus Corporate Edition Format String Vulnerability
- [security bulletin] HPSBUX02126 SSRT051019 rev.1 - HP-UX running X.25 Local Denial of Service (Dos)
- Re: Snitz Forums 2000 v3.4.06
- PhotoPost =>4.6 (PP_PATH) Remote File Inclusion Exploit
- Hackers to Hackers Conference III - Call for Papers
- From: Rodrigo Rubira Branco (BSDaemon)
- Fwd: IE ActiveX 0day?
- PhotoPost => 4.6 (PP_PATH) Remote File Inclusion Exploit
- [SECURITY] [DSA 1160-2] New Mozilla packages fix several vulnerabilities
- [SECURITY] [DSA 1177-1] New usermin packages fix denial of service
- ClickBlog! <= v2.0 (default.asp) Admin ByPASS SQL Injection
- mcLinksCounter v1.1 - Remote File Include Vulnerabilities
- Complain Center v1(loginprocess.asp) Admin ByPASS SQL Injection
- RE: IE ActiveX 0day?
- Jupiter CMS Multiple injections
- Re: Fwd: IE ActiveX 0day?
- Signkorn Guestbook <= v1.3 Multiple Remote File Include Vulnerabilities
- Re: PHP Advanced Transfer Manager v1.20 ; Multiple Remote File Include Vulnerabilities
- MyBB Full path and Cross site scripting vulnerabilities
- Re: PHP Advanced Transfer Manager v1.20 ; Multiple Remote File Include Vulnerabilities
- ppalCart V(2.5 EE) Remote File Inclusion
- SolpotCrew Advisory #11 - ReviewPost 2.5 (RP_PATH) Remote File Inclusion
- SolpotCrew Advisory #10 - phpBB XS (phpbb_root_path) Remote File Include
- Mambo com_serverstat Component <=0.4.4 Remote File Include Vulnerability
- @System Security Meeting in Pisa
- Google Search API Worms
- Symantec Norton Insufficient validation of 'SymEvent' driver input buffer
- phpQuiz sensitive file (install.php)
- BolinOS v.4.5.5 <= (gBRootPath) Remote File Include Vulnerability
- [Reversemode Advisory] Apple Quicktime FLIC File Heap Overflow
- Roller Weblogger XSS vulnerability
- Limbo - Lite Mambo CMS Multiple Vulnerabilities
- rPSA-2006-0169-1 firefox thunderbird
- From: rPath Update Announcements
- easypage.org >> v7 sql injection
- Re: RSA SecurID SID800 Token vulnerable by design
- Re: Fwd: IE ActiveX 0day?
- [ GLSA 200609-11 ] BIND: Denial of Service
- McAfee VirusScan Enterprise - disabling the client side "On-Access Scan"
- From: EitanCaspi@xxxxxxxxx
- BizDirectory all version xss
- PhotoPost PHP 4.6 - 4.5 [PP_PATH] >> Remote File Include Vulnerability
- MyBB 1.2 Full path and Cross site scripting vulnerabilities
- Sql injection in Moodle
- [USN-348-1] GnuTLS vulnerability
- Busy box httpd file traversal vulenrability
- EShoppingPro v1.0(search_run.asp) Remote SQL Injection Vulnerability
- Q-Shop v3.5(browse.asp) Remote SQL Injection Vulnerability
- Re: mcLinksCounter v1.1 - Remote File Include Vulnerabilities
- USB Attacks Going Commercial?
- Charon Cart v3(Review.asp) Remote SQL Injection Vulnerability
- Re: IE ActiveX 0day?
- AzzCoder => PNphpBB (Latest) Remote File Include
- Techno Dreams FAQ Manager Package v1.0(faqview.asp) Remote SQL Injection Vulnerability
- Symantec Security Advisory: Symantec AntiVirus Corporate Edition
- Techno Dreams Articles&Papers Package <=v2.0(ArticlesTableview.asp) Remote SQL Injection Vulnerability
- HitWeb v3.0 - Remote File Include Vulnerabilities
- NixieAffiliate all version bypass admin and xss
- PHPQuiz Multiple Remote Vulnerabilites
- PHP-Post Multiple Input Validation Vulnerabilities
- Plume CMS <= 1.1.10 [prepend.php] Remote File Include Vulnerability
- HP-UX X.25 Denial of Service Vulnerability
- ECardPro v2.0(search.asp) Remote SQL Injection Vulnerability
- [SECURITY] [DSA 1178-1] New freetype packages fix execution of arbitrary code
- [Kurdish Security # 27] Artmedic Links Script Remote File Include Vulnerability
- FreeBSD Security Advisory FreeBSD-SA-06:21.gzip
- From: FreeBSD Security Advisories
- Re: Plume CMS <= 1.1.10 [prepend.php] Remote File Include Vulnerability
- [ MDKSA-2006:165 ] - Updated mailman packages fix multiple vulnerabilities
- [SECURITY] [DSA 1179-1] New alsaplayer packages fix denial of service
- New PowerPoint 0-day Trojan in the wild
- [USN-349-1] gzip vulnerabilities
- eSyndiCat Portal System XSS Vuln.
- Apple Remote Desktop root vulneravility
- Yet another 0day for IE
- [ GLSA 200609-12 ] Mailman: Multiple vulnerabilities
- From: Sune Kloppenborg Jeppesen
- [RLSA_02-2006] OSU httpd for OpenVMS path and directory disclosure - is this a bug or a feature?
- Site@School 2.4.02 and below Multiple remote Command Execution Vulnerabilities
- NextAge Cart Cross-Site Scripting multiple Vulnerabilities
- [ECHO_ADV_47$2006] WAP Y! Messenger Cross-Site Scripting Vulnerability
- PT News 1.7.8 (Search.php) XSS Vulnerability
- Pie Cart Pro => (Home_Path) Remote File Inclusion Exploit
- White paper release: Bypassing network access control (NAC) systems
- Re: ShAnKaR: multiple PHP application poison NULL byte vulnerability
- Innovate Portal v2.0 Index.PHP Xss Vuln.
- [SECURITY] [DSA 1180-1] New bomberclone packages fix several vulnerabilities
- Microsoft PowerPoint 0-day Vulnerability FAQ - September written
- rPSA-2006-0170-1 gzip
- From: rPath Update Announcements
- Re: Apple Remote Desktop root vulneravility
- Camino release 1.0.3 fixes several vulnerabilities
- [OpenPKG-SA-2006.020] OpenPKG Security Advisory (gzip)
- Re: SimpleBoard Mambo Component 1.1.0 Remote File Include
- From: Häussler, Christian
- Cisco Security Advisory: Cisco Guard enables Cross Site Scripting
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco Intrusion Prevention System Management Interface Denial of Service and Fragmented Packet Evasion Vulnerabilities
- From: Cisco Systems Product Security Incident Response Team
- PowerPoint issue fixed in MS06-012/CVE2006-009
- Cisco Security Advisory: DOCSIS Read-Write Community String Enabled in Non-DOCSIS Platforms
- From: Cisco Systems Product Security Incident Response Team
- Re: Apple Remote Desktop root vulneravility
- vml.c - Internet Explorer VML Buffer Overflow Download Exec Exploit
- mysql_error() can lead to Cross Site Scripting attacks
- Dr.Web 4.33 antivirus LHA long directory name heap overflow
- From: Jean-Sébastien Guay-Leroux
- RE: vml.c - Internet Explorer VML Buffer Overflow Download Exec Exploit
- From: Aras \"Russ\" Memisyazici
- Internet Explorer VML Zero-Day Mitigation
- [USN-350-1] Thunderbird vulnerabilities
- [scip_Advisory 2555] Sun Secure Global Desktop prior 4.3 multiple remote vulnerabilities
- Re: HitWeb v3.0 - Remote File Include Vulnerabilities
- Re: AzzCoder => PNphpBB (Latest) Remote File Include
- [ MDKSA-2006:166 ] - Updated gnutls packages fixes PKCS signature verification issue.
- [ MDKSA-2006:167 ] - Updated gzip packages fix multiple vulnerabilities
- Re: CounterPath eyeBeam Handing SIP header Vulnerabilities
- [ MDKSA-2006:168 ] - Updated Firefox packages fix multiple vulnerabilities
- Wili-CMS Multiple Input Validation Vulnerabilities
- Grayscale BandSite CMS Multiple Input Validation Vulnerabilities
- Re: [bugtraq] mysql_error() can lead to Cross Site Scripting attacks
- Re: AzzCoder => PNphpBB (Latest) Remote File Include
- Re: mysql_error() can lead to Cross Site Scripting attacks
- Re: AzzCoder => PNphpBB (Latest) Remote File Include
- Re: AzzCoder => PNphpBB (Latest) Remote File Include
- [CAID 34616, 34617, 34618]: CA eSCC and eTrust Audit vulnerabilities
- [security bulletin] HPSBST02134 SSRT061187 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS06-052, MS06-053 and MS06-054
- FW: APPLE-SA-2006-09-21 AirPort Update 2006-001 and Security Update 2006-005
- [security bulletin] HPSBUX02153 SSRT061181 rev.1 - HP-UX Running Firefox, Remote Unauthorized Access or Elevation of Privileges or Denial of Service (DoS)
- [security bulletin] HPSBUX02156 SSRT061236 rev.1 - HP-UX Running Thunderbird, Remote Unauthorized Access or Elevation of Privileges or Denial of Service (DoS)
- [USN-351-1] firefox vulnerabilities
- [SECURITY] [DSA 1182-1] New gnutls11 packages fix RSA signature forgery cryptographic weakness
- TSLSA-2006-0052 - multi
- From: Trustix Security Advisor
- E-Vision CMS Multible Remote injections
- Eskolar CMS Remote Sql Injection
- RE: Computer Associates eTrust Security Command Center Multiple Vulnerabilities
- ContentKeeper Authenticated Access Password Disclosure
- Squiz MySource Matrix Unauthorised Proxy and Cross Site Scripting
- Google Mini Search Applicance Path Disclosure
- Self-contained XSS Attacks (the new generation of XSS)
- [PLESK 7.5 Reload] & [PLESK 7.6 for MS Windows] path passing and disclosure vulnerability
- More Vulnerable ATM Models
- jevoncms (.inc) Path Disclosure
- Woltlab Burning Board 2.3.X SQL Injection Vulnerability
- [Call for Papers] DIMVA 2007
- Call for Papers and Tutorials for the 19th Annual FIRST Conference, June 17– 22, 2007
- Re: Re: mysql_error() can lead to Cross Site Scripting attacks
- Re: mysql_error() can lead to Cross Site Scripting attacks
- SolpotCrew Advisory #12 - phpQuestionnaire 3.12 (GLOBALS[phpQRootDir]) Remote File Inclusion
- RSA Keyon Log verification bypass vulnerability
- From: Andrei Mikhailovsky
- Re: vml.c - Internet Explorer VML Buffer Overflow Download Exec Exploit
- Backdooring MP3 files (plus QuickTime issues and Cross-context Scripting)
- Re: Apple Remote Desktop root vulneravility
- "Buffer overflow" term considered overloaded
- [RISE-2006002] FreeBSD 5.x kernel i386_set_ldt() integer overflow vulnerability
- Re: "Buffer overflow" term considered overloaded
- From: Dave \"No, not that one\" Korn
- Jamroom Media Content Management System Login.php Xss Vuln.
- ZERT patch [was: 0day for IE (Disabling Javascript no longer a fix)]
- Re: [Full-disclosure] Yet another 0day for IE (Disabling Javascript no longer a fix)
- Windows VML Vulnerability FAQ (CVE-2006-4868) written
- phpstak <= Remote File Include Vulnerability
- [SECURITY] [DSA 1183-1] New Linux 2.4.27 packages fix several vulnerabilities
- Typo3 v4.x: XSS in extension "Indexed Search" v2.9.0
- RSA Keyon Log verification bypass vulnerability
- From: Andrei Mikhailovsky
- [USN-352-1] Thunderbird vulnerabilities
- [ GLSA 200609-13 ] gzip: Multiple vulnerabilities
- From: Sune Kloppenborg Jeppesen
- [SECURITY] [DSA 1184-1] New Linux 2.6.8 packages fix several vulnerabilities
- MyPhotos<= Remote File Include Vulnerability
- Opial Audio/Video Download Management - Version 1.0 index.php Xss vulns.
- PhotoStore Multiple Cross-Site Scripting Vulnerabilities
- [ MDKSA-2006:170 ] - Updated webmin packages fix XSS vulnerability
- wwwthreads <= 5.4.2 croos site script vulnerbilities
- [ MDKSA-2006:169 ] - Updated Thunderbird packages fix multiple vulnerabilities
- Re: ZERT patch [was: 0day for IE (Disabling Javascript no longer a fix)]
- From: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]
- Re: ZERT patch [was: 0day for IE (Disabling Javascript no longer a fix)]
- Re: ZERT patch [was: 0day for IE (Disabling Javascript no longer a fix)]
- From: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]
- PNews v1.1.0 (nbs) Remote File Inclusion
- tech support being flooded due to IE 0day
- Re: [Full-disclosure] Self-contained XSS Attacks (the new generation of XSS)
- Re: [Full-disclosure] Self-contained XSS Attacks (the new generation of XSS)
- Re: More Vulnerable ATM Models
- RE: [Full-disclosure] Yet another 0day for IE
- Re: Woltlab Burning Board 2.3.X SQL Injection Vulnerability
- Local File Inclusion : Kietu
- Re: Woltlab Burning Board 2.3.X SQL Injection Vulnerability
- [security bulletin] HPSBUX02152 SSRT5973 rev.1 - HP-UX Kerberos Client Remote Unauthenticated Execution of Arbitrary Code
- [security bulletin] HPSBUX02155 SSRT061235 rev.1 HP-UX CIFS Server (Samba) Local Unauthorized Access, Elevated Privileges
- Re: ZERT patch [was: 0day for IE (Disabling Javascript no longer a fix)]
- iDefense Security Advisory 09.23.06: FreeBSD i386_set_ldt Integer Overflow Vulnerability
- iDefense Security Advisory 09.23.06: FreeBSD i386_set_ldt Integer Signedness Vulnerability
- Uninformed Journal Release Announcement: Volume 5
- [ GLSA 200609-15 ] GnuTLS: RSA Signature Forgery
- From: Sune Kloppenborg Jeppesen
- [ GLSA 200609-14 ] ImageMagick: Multiple Vulnerabilities
- From: Sune Kloppenborg Jeppesen
- Ruxcon 2006
- WebspotBlogging => 3.0 Remote File Include Vulnerabilities
- DanPHPSupport => 0.5 Cross Site Scripting Vulnerabilities
- QB ( QuickBlogger ) =>1.4 Remote File Include Vulnerabilities
- php_news => 2.0 Remote File Include Vulnerabilities
- Back-end => 0.4.5 Remote File Include Vulnerabilities
- webnews <= v1.4 (WN_BASEDIR) Remote File Inclusion Exploit
- CubeCart Multiple input Validation vulnerabilities
- Vbulletin 2.X sql injection
- SolpotCrew Advisory #13 - phpMyChat 0.1 (ChatPath) Remote File Inclusion
- [ GLSA 200609-16 ] Tikiwiki: Arbitrary command execution
- From: Sune Kloppenborg Jeppesen
- [SECURITY] [DSA 1184-2] New Linux 2.6.8 packages fix several vulnerabilities
- PHP Invoice 2.2 (Billing and client Management) home.php Xss vuln.
- [Whitepaper] - Access over Ethernet: Insecurities in AoE
- From: Morgan Marquis-Boire
- SUSE Security Announcement: gzip (SUSE-SA:2006:056)
- VML Exploit vs. AV/IPS/IDS signatures
- WD25:- Deparcq Pieter project File Include Vulnerability
- rPSA-2006-0173-1 openoffice.org
- From: rPath Update Announcements
- Re: Re: Apple Remote Desktop root vulneravility
- Re: VML Exploit vs. AV/IPS/IDS signatures
- Windows VML security update MS06-055 released
- Re: Re: Woltlab Burning Board 2.3.X SQL Injection Vulnerability
- ZDI-06-029: Ipswitch WS_FTP Server Checksum Command Parsing Buffer Overflow Vulnerabilities
- Free Rainbow Tables.com
- JAF CMS 4.0 RC1 multiple vulnerabilities
- RE: VML Exploit vs. AV/IPS/IDS signatures
- Re: XSS in AckerTodo v4.0
- net2ftp: a web based FTP client :) <= Remote File Inclusion
- rPSA-2006-0174-1 gnome-ssh-askpass openssh openssh-client openssh-server
- From: rPath Update Announcements
- Blog Pixel Motion V2.1.1 PHP Code Execution / Create Admin Exploit
- VirtueMart Joomla eCommerce Edition CMS Multiple XSS Vulnerabilities
- Digital Armaments September-October Hacking Challenge: Explorer and Mozilla
- Exploit module available for WebViewFolderIcon setSlice 0-day
- bug com_madeira
- [ GLSA 200609-17 ] OpenSSH: Denial of Service
- From: Sune Kloppenborg Jeppesen
- Comdev Vote Caster 3.1 :) <= Remote File Inclusion
- Comdev Links Directory 3.1 :) <= Remote File Inclusion
- Comdev Photo Gallery 3.1 :) <= Remote File Inclusion
- Comdev Customer Helpdesk 3.1 :) <= Remote File Inclusion
- Comdev Contact Form 3.1 :) <= Remote File Inclusion
- Comdev News Publisher 3.1 :) <= Remote File Inclusion
- Comdev Web Blogger 3.1 :) <= Remote File Inclusion
- MkPortal Cross Site Scripting (All versions) xSS
- Comdev eCommerce 3.1 :) <= Remote File Inclusion
- Comdev CSV Importer 3.1 :) <= Remote File Inclusion
- Comdev Guestbook 3.1 :) <= Remote File Inclusion
- Comdev FAQ Support 3.1 :) <= Remote File Inclusion
- Comdev Newsletter 3.1 :) <= Remote File Inclusion
- Comdev Events Calendar 3.1 :) <= Remote File Inclusion
- PHPSelect Web Development Division <= Remote File Inclusion
- [ GLSA 200609-18 ] Opera: RSA signature forgery
- Multitple XSS Vulnerabilities in Red Mombin 0.7
- SAP Internet Transaction Server XSS vulnerability
- Newswriter SW v1.4.2 Remote File Include Exploit
- FreeBSD Security Advisory FreeBSD-SA-06:23.openssl
- From: FreeBSD Security Advisories
- [OpenPKG-SA-2006.021] OpenPKG Security Advisory (openssl)
- RE: Windows VML security update MS06-055 released
- ERRATA: [ GLSA 200609-17 ] OpenSSH: Denial of Service
- From: Sune Kloppenborg Jeppesen
- RE: [Full-disclosure] VML Exploit vs. AV/IPS/IDS signatures
- [ MDKSA-2006:170-1 ] - Updated webmin packages fix XSS vulnerability
- [USN-353-1] openssl vulnerabilities
- Multiple XSS Vulnerabilities in Zen Cart 1.3.5
- RE: Canon ImageRunner reveals SMB, IPX, and FTP username/passwords
- [SECURITY] [DSA 1185-1] New openssl packages fix denial of service
- SolpotCrew Advisory #14 - phpBB XS 2 spain version (phpbb_root_path) Remote File Inclusion
- An analysis of Microsoft Windows Vista’s ASLR
- Re: [Full-disclosure] VML Exploit vs. AV/IPS/IDS signatures
- [ GLSA 200609-20 ] DokuWiki: Shell command injection and Denial of Service
- [ MDKSA-2006:157-1 ] - Updated musicbrainz packages fix buffer overflow vulnerabilities
- Re: xxs in MKPortal M1.1
- [ GLSA 200609-19 ] Mozilla Firefox: Multiple vulnerabilities
- [ MDKSA-2006:171 ] - Updated openldap packages fixes ACL vulnerability
- MkPortal UrloBox Increment Zize Desfiguration
- [ MDKSA-2006:172 ] - Updated openssl packages fix vulnerabilities
- rPSA-2006-0175-1 openssl openssl-scripts
- From: rPath Update Announcements
- Re: ssLinks <=v1.22 Multiple SQL Injection Vulnerabilities
- TSLSA-2006-0054 - multi
- From: Trustix Security Advisor
- Secunia Research: Joomla BSQ Sitestats Component Multiple Vulnerabilities
- FreeBSD Security Advisory FreeBSD-SA-06:23.openssl [REVISED]
- From: FreeBSD Security Advisories
- [MajorSecurity Advisory #28]ConPresso CMS - Multiple Cross Site Scripting and SQL Injection Issues
- UBB.threads Multiple input validation error
- Advisory 06/2006: PHProjekt (Remote) Include Vulnerabilities
- Sql injection in PostNuke [Admin section]
- Re: [Full-disclosure] VML Exploit vs. AV/IPS/IDS signatures
- [ MDKSA-2006:173 ] - Updated ffmpeg packages fix buffer overflow vulnerabilities
- [ MDKSA-2006:174 ] - Update gstreamer-ffmpeg packages fix buffer overflow vulnerabilities
- [ MDKSA-2006:175 ] - Updated mplayer packages fix buffer overflow vulnerabilities
- [ MDKSA-2006:176 ] - Updated xine-lib packages fix buffer overflow vulnerabilities
- Determina zero-day fix for CVE-2006-3730 (WebViewFolderIcon setSlice Integer Overflow)
- rPSA-2006-0175-2 openssl openssl-scripts
- From: rPath Update Announcements
- Matasano Advisory: MacOS X Mach Exception Server Privilege Escalation
- From: Matasano Advisories
- rPSA-2006-0176-1 openldap openldap-clients openldap-servers
- From: rPath Update Announcements
- Mercury SiteScope 8.2 (8.1.2.0) Cross Site Scripting (XSS) Vulnerability
Mail converted by MHonArc