Mail Thread Index
- [ MDKSA-2006:157 ] - Updated musicbrainz packages fix buffer overflow vulnerabilities,
security
- Re: JetBox cms (search_function.php) Remote File Include,
Steven M. Christey
- [ECHO_ADV_46$2006] ExBB v1.9.1 (exbb[home_path]) Multiple Remote File Inclusion,
erdc
- [ MDKSA-2006:156 ] - Updated sendmail packages fix DoS vulnerabilities,
security
- New NT4/Windows botnet reported,
Juha-Matti Laurio
- XXS in learncenter.asp,
exe_crack
- rPSA-2006-0161-1 libmusicbrainz,
rPath Update Announcements
- Lyris ListManager 8.95: Add arbitrary administrator to arbitrary list,
Design Properly
- Membrepass v1.5 Php code execution, Xss, Sql Injection,
gmdarkfig
- AW: AW: JetBox cms (search_function.php) Remote File Include,
Frank Reißner
- [SECURITY] [DSA 1164-1] New sendmail packages fix denial of service,
Martin Schulze
- [ MDKSA-2006:158 ] - Updated MySQL packages fix DoS vuln, initscript bug,
security
- Compression Plus and Tumblweed EMF Stack Overflow,
Michael Hale Ligh
- Re: Re: BlackBoard Multiple Vulnerabilities (XSS),
Pr070n
- rPSA-2006-0162-1 kernel,
rPath Update Announcements
- Pheap CMS<= (lpref) Remote File Inclusion Exploit,
SHiKaA-
- ModuleBased CMS alfa 1 Multiple Remote File Inclusion,
amir . scorpino
- [ISR] - IBM eGatherer ActiveX Code Execution PoC,
Francisco Amato
- Re: Submit ( b2evolution<= 1.8 Remote File Include Vulnerabilities ),
do
- Re: ZoneX 1.0.3 - Publishers Gold Edition Remote File Inclusion Vulnerability,
maric_sasa
- [SECURITY] [DSA 1165-1] New capi4hylafax packages fix arbitrary command execution,
Martin Schulze
- ISS BlackICE PC Protection Insufficient validation of arguments of NtOpenSection Vulnerability,
David Matousek
- Re: Submit ( ToendaCMS<= ( Remote File Include Vulnerabilities ),
Carsten Eilers
- [ MDKSA-2006:159 ] - Updated sudo packages whitelist environments,
security
- [ MDKSA-2006:160 ] - Updated xorg-x11/XFree86 packages fix potential vulnerabilities,
security
- [Informix] Is Telelogic's Synergy integrated Informix server also vulnerable?,
Sec Anon
- forum v0.4c (members.dat) MD5 Passwd Hash Disclosure Poc,
gmdarkfig
- Icblogger <= "YID" Remote Blind SQL Injection,
ChironeX . FleckeriX
- Sql injection in SMF [Admin section],
Omid
- Sql injections in e107 [Admin section],
Omid
- XXS in Powered by vbzoom,
exe_crack
- PHP-Revista Multiple vulnerabilities,
sirdarckcat
- Autentificator <=2.01 SQL Injection Vulnerability,
sirdarckcat
- ssLinks <=v1.22 Multiple SQL Injection Vulnerabilities,
sirdarckcat
- Annuaire 1Two 2.2 Remote SQL Injection Exploit,
gmdarkfig
- Tr Forum V2.0 Multiple Vulnerabilities,
gmdarkfig
- The Amazing Little Poll Admin Pwd,
tugra
- Airscanner Mobile Security Advisory #05081701: IM+ v3.10 Local Password Plaintext Exposure,
contact_removethis
- Re: [ECHO_ADV_45$2006] WEBinsta CMS 0.3.1 (templates_dir) Remote File Inclusion Vulnerability,
atomo64
- [SECURITY] [DSA 1166-1] New cheesetraceker packages fix buffer overflow,
Steve Kemp
- Web Dictate Admin Null Password Vulnerability,
revnic
- Airscanner Mobile Security Advisory #05081201: PDAapps Verichat v1.30bh Local Password Disclosure,
contact_removethis
- SoftBB 0.1 Remote PHP Code Execution Exploit,
gmdarkfig
- [SECURITY] [DSA 1167-1] New apache packages fix several vulnerabilities,
Steve Kemp
- AnywhereUSB/5 1.80.00 Drivers Integer Overflow,
SecuriTeam Assisted Disclosure
- Re: TinyWebGallery v1.5 ( image ) Remote Include Vulnerability,
tinywebgallery
- CFP, IT Underground, Warsaw, Poland 2006,
Piotr Sobolewski
- [USN-338-1] MySQL vulnerabilities,
Martin Pitt
- TTG0602 - Alt-N WebAdmin MDaemon Account Hijacking,
TTG
- [USN-339-1] OpenSSL vulnerability,
Martin Pitt
- SoftBB v0.1 < = Cross-Site Scripting,
the . leo . 008
- [SECURITY] [DSA 1168-1] New imagemagick packages fix arbitrary code execution,
Moritz Muehlenhoff
- Microsoft Word 0-day Vulnerability (September) FAQ document available,
Juha-Matti Laurio
- HITBSecConf2006 Final Call !,
Praburaajan
- [SECURITY] [DSA 1169-1] New MySQL 4.1 packages fix several vulnerabilities,
Martin Schulze
- [Kurdish Security # 25 ] GrapAgenda Remote Command Vulnerability,
botan
- SolpotCrew Advisory #7 - AlstraSoft Template Seller Remote File Include Vulnerability,
jong_amq
- MyBace Light (hauptverzeichniss) Remote File Inclusion,
philipp . niedziela
- VirtualPC 2004 (build 528) detection (?),
gynvael
- Re: CuteNews 1.3.* Remote File Include Vulnerability,
satalin
- [Kurdish Security # 26 ] AnnonceV News Script Remote Command Vulnerability,
botan
- Buffer overflow vulnerability in dsocks,
Michael Adams
- Anti-vir vulnerability,
rugginello
- 2nd European Conference on Computer Network Defense (EC2ND),
Blyth A J C (AT)
- ZIXForum 1.12 <= "RepId" Remote SQL Injection,
ChironeX . FleckeriX
- [security bulletin] HPSBUX02145 SSRT061202 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), and Unauthorized Access,
security-alert
- AuditWizard 6.3.2 gives away administrator password,
Terry Donaldson
- UPDATE: [ GLSA 200509-09 ] Py2Play: Remote execution of arbitrary Python code,
Sune Kloppenborg Jeppesen
- FlashChat <= 4.5.7 Remote File Include Vulnerability,
mc . nadz
- rPSA-2006-0163-1 openssl openssl-scripts,
rPath Update Announcements
- in-link <=2.3.4 (adodb-postgres7.inc.php) Remote File Inclusion Exploit,
saudi . unix
- Dyn CMS <= REleased (x_admindir) Remote File Inclusion Exploit,
SHiKaA-
- Anti-vir2,
rugginello
- php download local file include,
ali
- Easy Address Book Web Server Format String Vulnerability,
revnic
- [OpenPKG-SA-2006.018] OpenPKG Security Advisory (openssl),
OpenPKG
- Details for BID 18428,
shulman
- Details for BID 19586,
shulman
- [USN-340-1] imagemagick vulnerabilities,
Martin Pitt
- Reminder: 3rd Annual US OWASP AppSec Conference - Oct 16-18 2006 - Seattle, WA,
Dave Wichers
- release uhooker v1.2,
Hernan Ochoa
- Cisco IOS GRE issue,
FX
- Canon ImageRunner reveals SMB, IPX, and FTP username/passwords,
gunrnr
- [SECURITY] [DSA 1170-1] New fastjar packages fix directory traversal,
Martin Schulze
- [security bulletin] HPSBUX02102 SSRT051078 rev.4 - HP-UX usermod(1M) Local Unauthorized Access.,
security-alert
- [ GLSA 200609-04 ] LibXfont: Multiple integer overflows,
Sune Kloppenborg Jeppesen
- [ GLSA 200609-03 ] OpenTTD: Remote Denial of Service,
Sune Kloppenborg Jeppesen
- [ GLSA 200609-01 ] Streamripper: Multiple remote buffer overflows,
Sune Kloppenborg Jeppesen
- Sql Injection and Path Disclosoure Wordpress v2.0.5,
vannovax
- IBM Lotus Notes DUNZIP32.dll Buffer Overflow Vulnerability,
Juha-Matti Laurio
- [ GLSA 200609-02 ] GTetrinet: Remote code execution,
Sune Kloppenborg Jeppesen
- Microsoft confirmed Word 0-day vulnerability,
Juha-Matti Laurio
- WDT :-phpopenchat-3.0.* ($sourcedir) Remote File Inclusion Exploit,
stormhacker
- FreeBSD Security Advisory FreeBSD-SA-06:19.openssl,
FreeBSD Security Advisories
- [ MDKSA-2006:161 ] - Updated openssl packages fix vulnerability,
security
- [OpenPKG-SA-2006.019] OpenPKG Security Advisory (bind),
OpenPKG
- [USN-341-1] libxfont vulnerability,
Martin Pitt
- NDSS CFP Due September 10th,
Crispin Cowan
- [USN-342-1] PHP vulnerabilities,
Martin Pitt
- Re: ZoneX 1.0.3 - Publishers Gold Edition Remote File Inclusion Vulnerability,
Steven M. Christey
- SECURITY.NNOV: Panda Platinum Internet Security privilege escalation / bayesian filter control security vulnerabilities,
3APA3A
- PHPFusion <= 6.01.4 extract()/_SERVER[REMOTE_ADDR] sql injection exploit,
rgod
- Host header cannot be trusted as an anti anti DNS-pinning measure,
Amit Klein (AKsecurity)
- [ GLSA 200609-05 ] OpenSSL, AMD64 x86 emulation base libraries: RSA signature forgery,
Sune Kloppenborg Jeppesen
- BinGoPHP News <= 3.01 [bnrep] Remote File Include Vulnerability,
ciriboflacs
- Re: PasswordSafe 3.0 weak random number generator allows key recovery attack,
ronys
- [ MDKSA-2006:162 ] - Updated php packages fix vulnerabilities,
security
- xxs in MKPortal M1.1,
exe_crack
- CORE-2006-0321: AOL ICQ Pro 2003b heap overflow vulnerability,
CORE Security Technologies Advisories
- CORE-2006-0322: Multiple vulnerabilities in ICQ Toolbar 1.3 for Internet Explorer,
CORE Security Technologies Advisories
- DokuWiki <= 2006-03-09brel /bin/dwpage.php remote commands execution,
rgod
- Shadow Prmod <= 2.7.1 [phpbb_root_path] Remote File Include Vulnerability,
ciriboflacs
- SL_Site <= 1.0 [spaw_root] Remote File Include Vulnerability,
ciriboflacs
- Full Disclosure for SQL-Ledger vulnerability CVE-2006-4244,
Chris Travers
- ZDI-06-028: Ipswitch Collaboration Suite SMTP Server Stack Overflow,
zdi-disclosures
- Sql injection in RunCMS,
Omid
- WM-News v0.5 - Remote File Include Vulnerabilities,
erne
- XSS in AckerTodo v4.0,
viz . security
- Linux kernel source archive vulnerable,
Hadmut Danisch
- FreeBSD Security Advisory FreeBSD-SA-06:20.bind,
FreeBSD Security Advisories
- Sql injection in BLOG:CMS,
Omid
- [SECURITY] [DSA 1171-1] New ethereal packages fix execution of arbitrary code,
Moritz Muehlenhoff
- Black Hat Briefings Japan Speakers Selected!,
Jeff Moss
- ACGV News v0.9.1 - Remote File Include Vulnerabilities,
erne
- News Evolution v3.0.3 - Remote File Include Vulnerabilities,
erne
- [USN-343-1] bind9 vulnerabilities,
Martin Pitt
- [RISE-2006001] X11R6 XKEYBOARD extension Strcmp() buffer overflow,
advisories
- PhotoKorn Gallery => 1.52 (dir_path) Remote File Inclusion Exploit,
saudi . unix
- rPSA-2006-0165-1 mailman,
rPath Update Announcements
- rPSA-2006-0166-1 bind bind-utils,
rPath Update Announcements
- client side vulnerability in yahoo mail,
p3rlhax
- Timesheet 1.2.1 Blind SQL Injection Vulnerability,
secaware2006
- Akarru rfi,
erne
- mcNews v1.3 - Remote File Include,
erne
- Airscanner Mobile Security Advisory #06260602: Pocket Expense Pro 3.9.1 Authentication Bypass,
removethis_contact
- Airscanner Mobile Security Advisory #06070101: Abidia & OAnywhere (All versions),
removethis_contact
- RSA SecurID SID800 Token vulnerable by design,
Hadmut Danisch
- [ MDKSA-2006:163 ] - Updated bind packages fix DoS vulnerabilities,
security
- Multible injections and vulnerabilities in Jetbox CMS,
security
- PHP 5.1.6 / 4.4.4 Critical php_admin* bypass by ini_restore(),
cxib
- Cross Context Scripting with Sage,
pdp (architect)
- [SECURITY] [DSA 1172-1] New bind9 packages fix denial of service,
Martin Schulze
- SimpleBoard Mambo Component 1.1.0 Remote File Include,
stormhacker
- ConSec Symposium - Sept 20-22 in Austin, TX,
Michael Allgeier
- [SECURITY] [DSA 1159-2] New Mozilla Thunderbird packages fix several problems,
Martin Schulze
- Web Server Creator v0.1 (l) Remote Include Vulnerability,
x0r0n
- XHP CMS v0.5.1 Vuls Xss and Full path vuls,
security
- MagpieRSS (a simple RSS integration tool) Full path vul,
security
- Vikingboard 0.1b Multiple Vulnerabilities,
no-replay
- [SECURITY] [DSA 1174-1] New openssl096 packages fix RSA signature forgery cryptographic weakness,
Moritz Muehlenhoff
- PHP Advanced Transfer Manager v1.20 ; Multiple Remote File Include Vulnerabilities,
l0x3
- PUMA 1.0 RC 2 (config.php) Remote File Inclusion,
philipp . niedziela
- Open Bulletin Board <= 1.0.8 (root_path) File Include Vulnerability,
l0x3
- text ads xss attack,
ali
- PayProCart <= 1146078425 Multiple Remote File Include Vulnerabilities,
l0x3
- HotPlug CMS Config File Include Vulnerability,
security
- PhpLinkExchange v1.0 RFI + RC + Xss [RC-exploit],
ali
- [SECURITY] [DSA 1173-1] New openssl packages fix RSA signature forgery cryptographic weakness,
Moritz Muehlenhoff
- SIPS v 0.2.2 < = Remote File Include Vulnerability,
the . leo . 008
- Microsoft visual basic 6. overflow,
mallahzadeh
- C-News v 1.0.1 < = Multiple Remote File Include Vulnerabilities,
the . leo . 008
- SolpotCrew Advisory #8 - Mcgallerypro (path_to_folder) Remote File Inclusion,
chris_hasibuan
- ShAnKaR: multiple PHP application poison NULL byte vulnerability,
3APA3A
- CMS.R. the Content Management System admin authentication baypass,
security
- Sql injection in Tikiwiki,
Omid
- WTools v0.0.1-ALPH - Remote File Include Vulnerabilities,
erne
- AzzCoder => phpBB XS 0.58 Remote File Include,
azzcoder
- rPSA-2006-0167-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs,
rPath Update Announcements
- LedgerSMB 1.0.0 and SQL-Ledger 2.6.18 and earler arbitrary code execution,
Chris Travers
- Newsscript version 0.5 (print.php) Local File Inclusion Vulnerability,
daftrix
- NETGEAR Rotuer DG834GT Firmware V1.01.28 (DoS),
nullflag
- Session Token Remains Valid After Logout in IBM Lotus Domino Web Access,
dave . ferguson
- ERRATA: [ GLSA 200609-05 ] OpenSSL, AMD64 x86 emulation base libraries: RSA signature forgery,
Sune Kloppenborg Jeppesen
- Apple QuickTime Player H.264 Codec Remote Integer Overflow,
Piotr Bania
- Computer Terrorism (UK) :: Incident Response Centre - Microsoft Publisher Font Parsing Vulnerability,
irc
- Computer Terrorism (UK) :: Incident Response Centre - Adobe/Macromedia Flash Player Vulnerability,
irc
- [USN-344-1] X.org vulnerabilities,
Martin Pitt
- Apple QuickTime H.264 Integer Overflow Vulnerability,
Sowhat
- iDefense Security Advisory 09.12.06: Apple QuickTime FLIC File Heap Overflow Vulnerability,
iDefense Labs
- iDefense Security Advisory 09.12.06: Multiple Vendor X Server CID-keyed Fonts 'scan_cidfont()' Integer Overflow Vulnerability,
iDefense Labs
- iDefense Security Advisory 09.12.06: Multiple Vendor X Server CID-keyed Fonts 'CIDAFM()' Integer Overflow,
iDefense Labs
- [EEYEB-20080824] Internet Explorer Compressed Content URL Heap Overflow Vulnerability #2,
eEye Advisories
- [SECURITY] [DSA 1175-1] New isakmpd packages fix replay protection bypass,
Martin Schulze
- # ForumJBC v4 < = Cross-Site Scripting - XSS Exploit ;,
x17
- PHP Event Calendar Multiple Parameter Cross Site Scripting Vulnerability,
OS2A BTO
- NetPerformer FRAD ACT Multiple Vulnerabilities,
arif . jatmoko
- [ GLSA 200609-07 ] LibXfont, monolithic X.org: Multiple integer overflows,
Sune Kloppenborg Jeppesen
- Multiple Vulnerabilities in Apple QuickTime,
avert
- [security bulletin] HPSBUX02151 SSRT051021 rev.1 - HP-UX Running ARPA Transport Software, Local Denial of Service (DoS),
security-alert
- [USN-345-1] mailman vulnerabilities,
Martin Pitt
- [security bulletin] HPSBMA02149 SSRT050968 rev.1 - HP OpenView Operations, Remote Unauthorized Access and Denial of Service (DoS),
security-alert
- [SECURITY] [DSA 1161-2] New Mozilla Firefox packages fix several vulnerabilities,
Martin Schulze
- Cisco IOS VTP issues,
FX
- [0day] daxctle2.c - Internet Explorer COM Object Heap Overflow Download Exec Exploit,
nop
- Snitz Forums 2000 v3.4.06,
ajannhwt
- [eVuln] Doika guestbook 'page' XSS Vulnerability,
Alex
- [eVuln] indexcity SQL Injection and XSS Vulnerabilities,
Alex
- [eVuln] Links Manager Multiple XSS and SQL Injection Vulnerabilities,
Alex
- [eVuln] CJ Tag Board XSS Vulnerability,
Alex
- [ GLSA 200609-09 ] FFmpeg: Buffer overflows,
Sune Kloppenborg Jeppesen
- [eVuln] NX5Linkx Multiple Vulnerabilities,
Alex
- TualBLOG v 1.0 multiple sql injection,
dj_remix_20
- [ GLSA 200609-08 ] xine-lib: Buffer overflows,
Sune Kloppenborg Jeppesen
- PAKCON III: Announce (2006),
Ayaz Ahmed Khan
- [SECURITY] [DSA 1176-1] New zope2.7 packages fix information disclosure,
Moritz Muehlenhoff
- PAKCON III: Call for Papers (CfP 2006),
Ayaz Ahmed Khan
- Mailman 2.1.8 Multiple Security Issues,
Moritz Naumann
- [ MDKSA-2006:164 ] - Updated xorg-x11/XFree86 packages fix integer overflow vulnerabilities,
security
- ToorCon Pre-Registration Closing Friday!,
h1kari@xxxxxxxxxxx
- ADOdb Date Library Full path Bugs,
security
- DCP-Portal SE 6.0 multiple injections,
security
- [ GLSA 200609-10 ] DokuWiki: Arbitrary command execution,
Sune Kloppenborg Jeppesen
- XSS vulnerability in Blojsom,
p3rlhax
- Secunia Research: Tagger LE PHP "eval()" Injection Vulnerabilities,
Secunia Research
- [USN-346-2] Fixed linux-restricted-modules-2.6.15 for previous Linux kernel update,
Martin Pitt
- Magic News Pro => 1.0.3 (script_path) Remote File Inclusion Exploit,
saudi . unix
- SIP over TLS: X.509 peer authentication vulnerability in Ingate products,
Per Cederqvist
- Fullpath disclosure in Blue Magic Board 5.5,
hack2prison
- SolpotCrew Advisory #9 - phpQuiz v0.01 design and coding byJule Slootbeek (pagename) Remote File Inclusion,
chris_hasibuan
- Layered Defense Advisory :Symantec AntiVirus Corporate Edition Format String Vulnerability,
dh
- [security bulletin] HPSBUX02126 SSRT051019 rev.1 - HP-UX running X.25 Local Denial of Service (Dos),
security-alert
- PhotoPost =>4.6 (PP_PATH) Remote File Inclusion Exploit,
saudi . unix
- Hackers to Hackers Conference III - Call for Papers,
Rodrigo Rubira Branco (BSDaemon)
- Fwd: IE ActiveX 0day?,
Tyop Tyip
- PhotoPost => 4.6 (PP_PATH) Remote File Inclusion Exploit,
Saudi . unix
- [SECURITY] [DSA 1160-2] New Mozilla packages fix several vulnerabilities,
Martin Schulze
- [SECURITY] [DSA 1177-1] New usermin packages fix denial of service,
Martin Schulze
- ClickBlog! <= v2.0 (default.asp) Admin ByPASS SQL Injection,
ajannhwt
- mcLinksCounter v1.1 - Remote File Include Vulnerabilities,
erne
- Complain Center v1(loginprocess.asp) Admin ByPASS SQL Injection,
ajannhwt
- Jupiter CMS Multiple injections,
security
- Signkorn Guestbook <= v1.3 Multiple Remote File Include Vulnerabilities,
x17
- MyBB Full path and Cross site scripting vulnerabilities,
security
- ppalCart V(2.5 EE) Remote File Inclusion,
l0x3
- SolpotCrew Advisory #11 - ReviewPost 2.5 (RP_PATH) Remote File Inclusion,
bius
- SolpotCrew Advisory #10 - phpBB XS (phpbb_root_path) Remote File Include,
jong_amq
- Mambo com_serverstat Component <=0.4.4 Remote File Include Vulnerability,
x0r0n
- @System Security Meeting in Pisa,
Giorgio Zoppi
- Google Search API Worms,
pdp (architect)
- Symantec Norton Insufficient validation of 'SymEvent' driver input buffer,
David Matousek
- phpQuiz sensitive file (install.php),
sn_0py
- BolinOS v.4.5.5 <= (gBRootPath) Remote File Include Vulnerability,
x0r0n
- [Reversemode Advisory] Apple Quicktime FLIC File Heap Overflow,
Reversemode
- Roller Weblogger XSS vulnerability,
p3rlhax
- Limbo - Lite Mambo CMS Multiple Vulnerabilities,
security
- rPSA-2006-0169-1 firefox thunderbird,
rPath Update Announcements
- easypage.org >> v7 sql injection,
ali
- [ GLSA 200609-11 ] BIND: Denial of Service,
Raphael Marichez
- McAfee VirusScan Enterprise - disabling the client side "On-Access Scan",
EitanCaspi@xxxxxxxxx
- BizDirectory all version xss,
ali
- PhotoPost PHP 4.6 - 4.5 [PP_PATH] >> Remote File Include Vulnerability,
AG- Spider
- MyBB 1.2 Full path and Cross site scripting vulnerabilities,
security
- Sql injection in Moodle,
Omid
- [USN-348-1] GnuTLS vulnerability,
Martin Pitt
- Busy box httpd file traversal vulenrability,
bug-finder
- EShoppingPro v1.0(search_run.asp) Remote SQL Injection Vulnerability,
ajannhwt
- Q-Shop v3.5(browse.asp) Remote SQL Injection Vulnerability,
ajannhwt
- USB Attacks Going Commercial?,
Gadi Evron
- Charon Cart v3(Review.asp) Remote SQL Injection Vulnerability,
ajannhwt
- AzzCoder => PNphpBB (Latest) Remote File Include,
azzcoder
- Techno Dreams FAQ Manager Package v1.0(faqview.asp) Remote SQL Injection Vulnerability,
ajannhwt
- Symantec Security Advisory: Symantec AntiVirus Corporate Edition,
secure
- Techno Dreams Articles&Papers Package <=v2.0(ArticlesTableview.asp) Remote SQL Injection Vulnerability,
ajannhwt
- HitWeb v3.0 - Remote File Include Vulnerabilities,
erne
- NixieAffiliate all version bypass admin and xss,
ali
- PHPQuiz Multiple Remote Vulnerabilites,
simo64
- PHP-Post Multiple Input Validation Vulnerabilities,
security
- Plume CMS <= 1.1.10 [prepend.php] Remote File Include Vulnerability,
D3nGeR
- HP-UX X.25 Denial of Service Vulnerability,
oktayonur
- ECardPro v2.0(search.asp) Remote SQL Injection Vulnerability,
ajannhwt
- [SECURITY] [DSA 1178-1] New freetype packages fix execution of arbitrary code,
Moritz Muehlenhoff
- [Kurdish Security # 27] Artmedic Links Script Remote File Include Vulnerability,
botan
- FreeBSD Security Advisory FreeBSD-SA-06:21.gzip,
FreeBSD Security Advisories
- [ MDKSA-2006:165 ] - Updated mailman packages fix multiple vulnerabilities,
security
- [SECURITY] [DSA 1179-1] New alsaplayer packages fix denial of service,
Martin Schulze
- New PowerPoint 0-day Trojan in the wild,
Juha-Matti Laurio
- [USN-349-1] gzip vulnerabilities,
Martin Pitt
- eSyndiCat Portal System XSS Vuln.,
meto5757
- Apple Remote Desktop root vulneravility,
fribitch
- Yet another 0day for IE,
Gadi Evron
- [ GLSA 200609-12 ] Mailman: Multiple vulnerabilities,
Sune Kloppenborg Jeppesen
- [RLSA_02-2006] OSU httpd for OpenVMS path and directory disclosure - is this a bug or a feature?,
rfdslabs
- Site@School 2.4.02 and below Multiple remote Command Execution Vulnerabilities,
simo64
- NextAge Cart Cross-Site Scripting multiple Vulnerabilities,
meto5757
- [ECHO_ADV_47$2006] WAP Y! Messenger Cross-Site Scripting Vulnerability,
erdc
- PT News 1.7.8 (Search.php) XSS Vulnerability,
Snake . Apollyon
- Pie Cart Pro => (Home_Path) Remote File Inclusion Exploit,
saudi . unix
- White paper release: Bypassing network access control (NAC) systems,
Ofir Arkin
- Innovate Portal v2.0 Index.PHP Xss Vuln.,
meto5757
- [SECURITY] [DSA 1180-1] New bomberclone packages fix several vulnerabilities,
Martin Schulze
- Microsoft PowerPoint 0-day Vulnerability FAQ - September written,
Juha-Matti Laurio
- rPSA-2006-0170-1 gzip,
rPath Update Announcements
- Camino release 1.0.3 fixes several vulnerabilities,
Juha-Matti Laurio
- [OpenPKG-SA-2006.020] OpenPKG Security Advisory (gzip),
OpenPKG
- Cisco Security Advisory: Cisco Guard enables Cross Site Scripting,
Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco Intrusion Prevention System Management Interface Denial of Service and Fragmented Packet Evasion Vulnerabilities,
Cisco Systems Product Security Incident Response Team
- PowerPoint issue fixed in MS06-012/CVE2006-009,
Juha-Matti Laurio
- Cisco Security Advisory: DOCSIS Read-Write Community String Enabled in Non-DOCSIS Platforms,
Cisco Systems Product Security Incident Response Team
- vml.c - Internet Explorer VML Buffer Overflow Download Exec Exploit,
nop
- mysql_error() can lead to Cross Site Scripting attacks,
gmdarkfig
- Dr.Web 4.33 antivirus LHA long directory name heap overflow,
Jean-Sébastien Guay-Leroux
- Internet Explorer VML Zero-Day Mitigation,
Matthew Murphy
- [USN-350-1] Thunderbird vulnerabilities,
Martin Pitt
- [scip_Advisory 2555] Sun Secure Global Desktop prior 4.3 multiple remote vulnerabilities,
Marc Ruef
- [ MDKSA-2006:166 ] - Updated gnutls packages fixes PKCS signature verification issue.,
security
- [ MDKSA-2006:167 ] - Updated gzip packages fix multiple vulnerabilities,
security
- Re: CounterPath eyeBeam Handing SIP header Vulnerabilities,
support
- [ MDKSA-2006:168 ] - Updated Firefox packages fix multiple vulnerabilities,
security
- Wili-CMS Multiple Input Validation Vulnerabilities,
security
- Grayscale BandSite CMS Multiple Input Validation Vulnerabilities,
security
- [CAID 34616, 34617, 34618]: CA eSCC and eTrust Audit vulnerabilities,
Williams, James K
- [security bulletin] HPSBST02134 SSRT061187 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS06-052, MS06-053 and MS06-054,
security-alert
- FW: APPLE-SA-2006-09-21 AirPort Update 2006-001 and Security Update 2006-005,
dm
- [security bulletin] HPSBUX02153 SSRT061181 rev.1 - HP-UX Running Firefox, Remote Unauthorized Access or Elevation of Privileges or Denial of Service (DoS),
security-alert
- [security bulletin] HPSBUX02156 SSRT061236 rev.1 - HP-UX Running Thunderbird, Remote Unauthorized Access or Elevation of Privileges or Denial of Service (DoS),
security-alert
- [USN-351-1] firefox vulnerabilities,
Martin Pitt
- [SECURITY] [DSA 1182-1] New gnutls11 packages fix RSA signature forgery cryptographic weakness,
Moritz Muehlenhoff
- TSLSA-2006-0052 - multi,
Trustix Security Advisor
- E-Vision CMS Multible Remote injections,
security
- Eskolar CMS Remote Sql Injection,
security
- RE: Computer Associates eTrust Security Command Center Multiple Vulnerabilities,
Patrick Webster
- ContentKeeper Authenticated Access Password Disclosure,
Patrick Webster
- Squiz MySource Matrix Unauthorised Proxy and Cross Site Scripting,
Patrick Webster
- Google Mini Search Applicance Path Disclosure,
Patrick Webster
- Self-contained XSS Attacks (the new generation of XSS),
pdp (architect)
- [PLESK 7.5 Reload] & [PLESK 7.6 for MS Windows] path passing and disclosure vulnerability,
guanyu_vn
- More Vulnerable ATM Models,
Steve
- jevoncms (.inc) Path Disclosure,
CvIr . System
- Woltlab Burning Board 2.3.X SQL Injection Vulnerability,
sn4k3 . 23
- [Call for Papers] DIMVA 2007,
Robin Sommer
- Call for Papers and Tutorials for the 19th Annual FIRST Conference, June 17– 22, 2007,
Ian Cook
- SolpotCrew Advisory #12 - phpQuestionnaire 3.12 (GLOBALS[phpQRootDir]) Remote File Inclusion,
chris_hasibuan
- RSA Keyon Log verification bypass vulnerability,
Andrei Mikhailovsky
- Backdooring MP3 files (plus QuickTime issues and Cross-context Scripting),
pdp (architect)
- "Buffer overflow" term considered overloaded,
Steven M. Christey
- [RISE-2006002] FreeBSD 5.x kernel i386_set_ldt() integer overflow vulnerability,
advisories
- Jamroom Media Content Management System Login.php Xss Vuln.,
meto5757
- ZERT patch [was: 0day for IE (Disabling Javascript no longer a fix)],
Gadi Evron
- Windows VML Vulnerability FAQ (CVE-2006-4868) written,
Juha-Matti Laurio
- phpstak <= Remote File Include Vulnerability,
h4ck3riran
- [SECURITY] [DSA 1183-1] New Linux 2.4.27 packages fix several vulnerabilities,
Martin Schulze
- Typo3 v4.x: XSS in extension "Indexed Search" v2.9.0,
Moritz Naumann
- [USN-352-1] Thunderbird vulnerabilities,
Martin Pitt
- [ GLSA 200609-13 ] gzip: Multiple vulnerabilities,
Sune Kloppenborg Jeppesen
- [SECURITY] [DSA 1184-1] New Linux 2.6.8 packages fix several vulnerabilities,
Martin Schulze
- MyPhotos<= Remote File Include Vulnerability,
h4ck3riran
- Opial Audio/Video Download Management - Version 1.0 index.php Xss vulns.,
meto5757
- PhotoStore Multiple Cross-Site Scripting Vulnerabilities,
meto5757
- [ MDKSA-2006:170 ] - Updated webmin packages fix XSS vulnerability,
security
- wwwthreads <= 5.4.2 croos site script vulnerbilities,
h4ck3riran
- [ MDKSA-2006:169 ] - Updated Thunderbird packages fix multiple vulnerabilities,
security
- PNews v1.1.0 (nbs) Remote File Inclusion,
CvIr . System
- tech support being flooded due to IE 0day,
Gadi Evron
- RE: [Full-disclosure] Yet another 0day for IE,
Bill Stout
- Local File Inclusion : Kietu,
cdg393
- [security bulletin] HPSBUX02152 SSRT5973 rev.1 - HP-UX Kerberos Client Remote Unauthenticated Execution of Arbitrary Code,
security-alert
- [security bulletin] HPSBUX02155 SSRT061235 rev.1 HP-UX CIFS Server (Samba) Local Unauthorized Access, Elevated Privileges,
security-alert
- iDefense Security Advisory 09.23.06: FreeBSD i386_set_ldt Integer Overflow Vulnerability,
iDefense Labs
- iDefense Security Advisory 09.23.06: FreeBSD i386_set_ldt Integer Signedness Vulnerability,
iDefense Labs
- Uninformed Journal Release Announcement: Volume 5,
H D Moore
- [ GLSA 200609-15 ] GnuTLS: RSA Signature Forgery,
Sune Kloppenborg Jeppesen
- [ GLSA 200609-14 ] ImageMagick: Multiple Vulnerabilities,
Sune Kloppenborg Jeppesen
- Ruxcon 2006,
cfp
- WebspotBlogging => 3.0 Remote File Include Vulnerabilities,
h4ck3riran
- DanPHPSupport => 0.5 Cross Site Scripting Vulnerabilities,
h4ck3riran
- QB ( QuickBlogger ) =>1.4 Remote File Include Vulnerabilities,
h4ck3riran
- php_news => 2.0 Remote File Include Vulnerabilities,
h4ck3riran
- Back-end => 0.4.5 Remote File Include Vulnerabilities,
h4ck3riran
- webnews <= v1.4 (WN_BASEDIR) Remote File Inclusion Exploit,
the-wolf-ksa
- CubeCart Multiple input Validation vulnerabilities,
security
- Vbulletin 2.X sql injection,
security
- SolpotCrew Advisory #13 - phpMyChat 0.1 (ChatPath) Remote File Inclusion,
chris_hasibuan
- [ GLSA 200609-16 ] Tikiwiki: Arbitrary command execution,
Sune Kloppenborg Jeppesen
- [SECURITY] [DSA 1184-2] New Linux 2.6.8 packages fix several vulnerabilities,
Martin Schulze
- PHP Invoice 2.2 (Billing and client Management) home.php Xss vuln.,
meto5757
- [Whitepaper] - Access over Ethernet: Insecurities in AoE,
Morgan Marquis-Boire
- SUSE Security Announcement: gzip (SUSE-SA:2006:056),
Thomas Biege
- VML Exploit vs. AV/IPS/IDS signatures,
avivra
- WD25:- Deparcq Pieter project File Include Vulnerability,
stormhacker
- rPSA-2006-0173-1 openoffice.org,
rPath Update Announcements
- Windows VML security update MS06-055 released,
Juha-Matti Laurio
- ZDI-06-029: Ipswitch WS_FTP Server Checksum Command Parsing Buffer Overflow Vulnerabilities,
zdi-disclosures
- Free Rainbow Tables.com,
Jerome Athias
- JAF CMS 4.0 RC1 multiple vulnerabilities,
nanoymaster
- net2ftp: a web based FTP client :) <= Remote File Inclusion,
stormhacker
- rPSA-2006-0174-1 gnome-ssh-askpass openssh openssh-client openssh-server,
rPath Update Announcements
- Blog Pixel Motion V2.1.1 PHP Code Execution / Create Admin Exploit,
gmdarkfig
- VirtueMart Joomla eCommerce Edition CMS Multiple XSS Vulnerabilities,
Base64
- Digital Armaments September-October Hacking Challenge: Explorer and Mozilla,
info
- Exploit module available for WebViewFolderIcon setSlice 0-day,
Chris Byrd
- bug com_madeira,
ifx
- [ GLSA 200609-17 ] OpenSSH: Denial of Service,
Sune Kloppenborg Jeppesen
- Comdev Vote Caster 3.1 :) <= Remote File Inclusion,
stormhacker
- Comdev Links Directory 3.1 :) <= Remote File Inclusion,
stormhacker
- Comdev Photo Gallery 3.1 :) <= Remote File Inclusion,
stormhacker
- Comdev Customer Helpdesk 3.1 :) <= Remote File Inclusion,
stormhacker
- Comdev Contact Form 3.1 :) <= Remote File Inclusion,
stormhacker
- Comdev News Publisher 3.1 :) <= Remote File Inclusion,
stormhacker
- Comdev Web Blogger 3.1 :) <= Remote File Inclusion,
stormhacker
- MkPortal Cross Site Scripting (All versions) xSS,
vannovax
- Comdev eCommerce 3.1 :) <= Remote File Inclusion,
stormhacker
- Comdev CSV Importer 3.1 :) <= Remote File Inclusion,
stormhacker
- Comdev Guestbook 3.1 :) <= Remote File Inclusion,
stormhacker
- Comdev FAQ Support 3.1 :) <= Remote File Inclusion,
stormhacker
- Comdev Newsletter 3.1 :) <= Remote File Inclusion,
stormhacker
- Comdev Events Calendar 3.1 :) <= Remote File Inclusion,
stormhacker
- PHPSelect Web Development Division <= Remote File Inclusion,
stormhacker
- [ GLSA 200609-18 ] Opera: RSA signature forgery,
Matthias Geerdsen
- Multitple XSS Vulnerabilities in Red Mombin 0.7,
security
- SAP Internet Transaction Server XSS vulnerability,
info
- Newswriter SW v1.4.2 Remote File Include Exploit,
x0r0n
- FreeBSD Security Advisory FreeBSD-SA-06:23.openssl,
FreeBSD Security Advisories
- [OpenPKG-SA-2006.021] OpenPKG Security Advisory (openssl),
OpenPKG
- ERRATA: [ GLSA 200609-17 ] OpenSSH: Denial of Service,
Sune Kloppenborg Jeppesen
- [ MDKSA-2006:170-1 ] - Updated webmin packages fix XSS vulnerability,
security
- [USN-353-1] openssl vulnerabilities,
Martin Pitt
- Multiple XSS Vulnerabilities in Zen Cart 1.3.5,
security
- [SECURITY] [DSA 1185-1] New openssl packages fix denial of service,
Moritz Muehlenhoff
- SolpotCrew Advisory #14 - phpBB XS 2 spain version (phpbb_root_path) Remote File Inclusion,
chris_hasibuan
- An analysis of Microsoft Windows Vista’s ASLR,
Renaud Lifchitz
- [ GLSA 200609-20 ] DokuWiki: Shell command injection and Denial of Service,
Matthias Geerdsen
- [ MDKSA-2006:157-1 ] - Updated musicbrainz packages fix buffer overflow vulnerabilities,
security
- [ GLSA 200609-19 ] Mozilla Firefox: Multiple vulnerabilities,
Matthias Geerdsen
- [ MDKSA-2006:171 ] - Updated openldap packages fixes ACL vulnerability,
security
- MkPortal UrloBox Increment Zize Desfiguration,
vannovax
- [ MDKSA-2006:172 ] - Updated openssl packages fix vulnerabilities,
security
- rPSA-2006-0175-1 openssl openssl-scripts,
rPath Update Announcements
- TSLSA-2006-0054 - multi,
Trustix Security Advisor
- Secunia Research: Joomla BSQ Sitestats Component Multiple Vulnerabilities,
Secunia Research
- FreeBSD Security Advisory FreeBSD-SA-06:23.openssl [REVISED],
FreeBSD Security Advisories
- [MajorSecurity Advisory #28]ConPresso CMS - Multiple Cross Site Scripting and SQL Injection Issues,
admin
- UBB.threads Multiple input validation error,
security
- Advisory 06/2006: PHProjekt (Remote) Include Vulnerabilities,
Stefan Esser
- Sql injection in PostNuke [Admin section],
Omid
- [ MDKSA-2006:173 ] - Updated ffmpeg packages fix buffer overflow vulnerabilities,
security
- [ MDKSA-2006:174 ] - Update gstreamer-ffmpeg packages fix buffer overflow vulnerabilities,
security
- [ MDKSA-2006:175 ] - Updated mplayer packages fix buffer overflow vulnerabilities,
security
- [ MDKSA-2006:176 ] - Updated xine-lib packages fix buffer overflow vulnerabilities,
security
- Determina zero-day fix for CVE-2006-3730 (WebViewFolderIcon setSlice Integer Overflow),
Alexander Sotirov
- rPSA-2006-0175-2 openssl openssl-scripts,
rPath Update Announcements
- Matasano Advisory: MacOS X Mach Exception Server Privilege Escalation,
Matasano Advisories
- rPSA-2006-0176-1 openldap openldap-clients openldap-servers,
rPath Update Announcements
- Mercury SiteScope 8.2 (8.1.2.0) Cross Site Scripting (XSS) Vulnerability,
ozkan . aziz
Mail converted by MHonArc