Mail Thread Index
- OlateDownload 3.4.0 Multiple Vulnerabilities,
no-reply
- setSlice exploited in the wild - massively,
Gadi Evron
- [SECURITY] [DSA 1187-1] New migrationtools packages fix denial of service,
Moritz Muehlenhoff
- [SECURITY] [DSA 1186-1] New cscope packages fix arbitrary code execution,
Moritz Muehlenhoff
- Yblog => Cross Site Scripting,
h4ck3riran
- phpBB XS <= 0.58 (phpbb_root_path) Remote File Include Vulnerability(2),
x0r0n
- ZERT patch for setSlice(),
Gadi Evron
- Advisory 07/2006: phpMyAdmin Multiple CSRF Vulnerabilities,
Stefan Esser
- zero-day flaws in Firefox: about 30 unpatched Firefox flaws,
ragan
- phpMyWebmin 1.0 <= (target) Remote File Include Vulnerability,
x0r0n
- [OpenPKG-SA-2006.022] OpenPKG Security Advisory (openssh),
OpenPKG
- 0day in Firefox from ToorCon '06,
Thor Larholm
- Layered Defense Advisory: TrendMicro OfficesScan Corporate Edition Format String Vulnerability,
dh
- EasyBannerFree (functions.php) Remote File Include Exploit,
las_kid
- IBM Informix Dynamic Server V10.0 File Clobbering during Install,
Larry Cashdollar
- Kerio Multiple insufficient argument validation of hooked SSDT function Vulnerability,
David Matousek
- Pebble 2.0.0 RC[1,2] XSS vulnerability,
Paolo Perego
- "POC 2006" by Korean hackers,
securityproof
- Dayfox Blog v2.0 Remote file include,
dj_remix_20
- [security bulletin] HPSBUX02157 SSRT061220 rev.1 HP-UX Running Ignite-UX Server, Remote Unauthorized Access and Privilege Elevation,
security-alert
- IE UXSS (Universal XSS in IE, was Re: Microsoft Internet Information Services UTF-7 XSS Vulnerability [MS06-053]),
Paul Szabo
- [USN-355-1] openssh vulnerabilities,
Martin Pitt
- [USN-356-1] gdb vulnerability,
Martin Pitt
- digishop v 4.0.0 Xss Vuln.,
meto5757
- [USN-354-1] Firefox vulnerabilities,
Martin Pitt
- Security contact for Myspace/Fox?,
E Mintz
- Microsoft Internet Information Services UTF-7 XSS Vulnerability [MS06-053],
Eiji James Yoshida
- Portable shell-exploit for buffer-overflow bugs,
Roman Medina-Heigl Hernandez
- Re: WebCalendar-1.0.3 reading of any files,
webcalendar
- Re: net2ftp: a web based FTP client :) <= Remote File Inclusion,
securfrog
- FreeBSD Security Advisory FreeBSD-SA-06:22.openssh,
FreeBSD Security Advisories
- [security bulletin] HPSBUX02129 SSRT061149 rev.1 - HP-UX running SLP, Remote Unauthorized Access,
security-alert
- [SECURITY] [DSA 1185-2] New openssl packages fix arbitrary code execution,
Noah Meyerhans
- [ MDKSA-2006:172-1 ] - Updated openssl packages fix vulnerabilities,
security
- [ MDKSA-2006:177 ] - Updated MySQL packages rebuilt against updated openssl.,
security
- [ MDKSA-2006:178 ] - Updated ntp packages rebuilt against updated openssl.,
security
- Re: WebspotBlogging => 3.0 Remote File Include Vulnerabilities,
Steven M. Christey
- Security flaw in IBM Client Security Password Manager,
Luís Miguel Silva
- Re: [Full-disclosure] IE UXSS (Universal XSS in IE, was Re: Microsoft Internet Information Services UTF-7 XSS Vulnerability [MS06-053]),
Paul Szabo
- PacSec 2006 Papers announcement and EUSecWest Call For Papers,
Dragos Ruiu
- iDefense Security Advisory 10.02.06: Novell GroupWise Messenger nmma.exe DoS Vulnerability,
iDefense Labs
- phpMyProfiler remote file include,
mozi2weed
- [CAID 34661]: CA Unicenter WSDM File System Read Access Vulnerability,
Williams, James K
- Advisory 08/2006: PHP open_basedir Race Condition Vulnerability,
Stefan Esser
- [ MDKSA-2006:179 ] - Updated openssh packages fix DoS vulnerabilities,
security
- [SECURITY] [DSA 1188-1] New mailman packages fix several problems,
Martin Schulze
- Directory Traversal Vulnerability in Goop Gallery 2.0.2,
security
- Yener Haber Script v2.0 SQL injection,
dj_remix_20
- Technical Paper on the ZERT Patch and VML [was: Re: ZERT patch for setSlice()],
Gadi Evron
- [USN-358-1] ffmpeg, xine-lib vulnerabilities,
Martin Pitt
- [USN-353-2] OpenSSL vulnerability,
Martin Pitt
- [USN-357-1] Mono vulnerability,
Martin Pitt
- Invision Power Board Multiple Vulnerabilities,
Rapigator
- [ GLSA 200610-01 ] Mozilla Thunderbird: Multiple vulnerabilities,
Matthias Geerdsen
- [SECURITY] [DSA 1189-1] New openssh-krb5 packages fix denial of service and potential execution of arbitrary code,
Moritz Muehlenhoff
- [SECURITY] [DSA 1190-1] New maxdb-7.5.00 packages fix execution of arbitrary code,
Moritz Muehlenhoff
- [ GLSA 200610-02 ] Adobe Flash Player: Arbitrary code execution,
Matthias Geerdsen
- Vulnerability Type Distributions in CVE,
Steven M. Christey
- WikyBlog <= v1.4 (WN_BASEDIR) Remote File Inclusion Exploit,
xp1o
- Re: Concurrency-related vulnerabilities in browsers - expect problems,
Mike
- [SECURITY] [DSA 1191-1] New Mozilla Thunderbird packages fix several vulnerabilities,
Martin Schulze
- iDefense Security Advisory 10.05.06: Symantec AntiVirus IOCTL Kernel Privilege Escalation Vulnerability,
iDefense Labs
- [ MDKSA-2006:180 ] - Updated php packages fix integer overflow vulnerability,
security
- Vulnerable function in newest PowerPoint case (MS Advisory #925984),
Juha-Matti Laurio
- Hazir Site v2.0 Admin SQL Injection,
dj_remix_20
- SUSE Security Summary Report SUSE-SR:2006:024,
Thomas Biege
- [SECURITY] [DSA 1192-1] New Mozilla packages fix several vulnerabilities,
Martin Schulze
- TSLSA-2006-0055 - multi,
Trustix Security Advisor
- TorrentFlux User-Agent XSS Vulnerability,
sec
- [USN-359-1] Python vulnerability,
Martin Pitt
- phpMyTeam v2.0 <= (smileys_dir) Remote File Include Vulnerability,
x0r0n
- ackerTodo 4.2 SQL Injection Vulnerability,
Francesco Laurita
- ZDI-06-030: CA Multiple Product Discovery Service Remote Buffer Overflow Vulnerability,
zdi-disclosures
- ZDI-06-031: CA Multiple Product Message Engine RPC Server Code Execution Vulnerability,
zdi-disclosures
- [Reversemode Advisory] Symantec Antivirus Engine Privilege Escalation,
Reversemode
- [CAID 34693, 34694]: CA BrightStor ARCserve Backup Multiple Buffer Overflow Vulnerabilities,
Williams, James K
- TSRT-06-12: CA BrightStor Discovery Service Mailslot Buffer Overflow Vulnerability,
TSRT
- rPSA-2006-0183-1 nss_ldap,
rPath Update Announcements
- rPSA-2006-0185-1 gnome-ssh-askpass openssh openssh-client openssh-server,
rPath Update Announcements
- TSRT-06-11: CA Multiple Product DBASVR RPC Server Multiple Buffer Overflow Vulnerabilities,
TSRT
- rPSA-2006-0182-1 php php-mysql php-pgsql,
rPath Update Announcements
- FreeWPS File Upload Command Execution,
security
- Details of Lotus Notes Java Applet vulnerabilities,
Jouko Pynnonen
- Emek Portal v2.1 SQL Injection,
dj_remix_20
- phponline <= (LangFile) Remote File Inclusion Exploit,
xp1o
- [ GLSA 200610-03 ] ncompress: Buffer Underflow,
Raphael Marichez
- Re: net2ftp Remote File Inclusion - bogus report,
david
- LS-20060330 - CA BrightStor ARCserve Backup Remote Buffer Overflow Vulnerability,
advisories
- Vulnerability in Btitracker,
aeroxteam
- LS-20060220 - CA BrightStor ARCserve Backup Remote Buffer Overflow Vulnerability,
advisories
- FreeForum 0.9.7 (fpath) Remote File Include Vulnerability,
x0r0n
- phpBB User Viewed Posts Tracker Version <= 1.0 [phpbb_root_path] File Include Vulnerability,
x0r0n
- LS-20060313 - CA BrightStor ARCserve Backup Remote Buffer Overflow Vulnerability,
advisories
- Cahier de textes 2.0 Remote SQL injection Exploit,
sami
- Sorry....My Message With Out Live Site....,
Dr . Ninux
- Observations on Mandatory Integrity Control (MIC) in Windows Vista,
Enno Rey
- RE: Informing Companies about security vulnerabilities...,
bugtraq
- PHP Live! <= 3.1 help.php Remote File Inclusion vulnerability,
paisterist . nst
- JavaScript Spider (code that can traverse the web),
pdp (architect)
- The latest version of iSearch is V2.16 <= (index.php) Remote File Inclusion Exploit,
xp1o
- [ECHO_ADV_49$2006]OpenDock Easy Doc <=1.4 (doc_directory) Multiple Remote File Inclusion Vulnerability,
erdc
- [ECHO_ADV_50$2006]OpenDock Easy Blog <=1.4 (doc_directory) Multiple Remote File Inclusion Vulnerability,
erdc
- Advanced Poll v2.02 :) <= Remote File Inclusion,
alguidy
- [ECHO_ADV_51$2006] docmint <= 2.0 (MY_ENV[BASE_ENGINE_LOC]) Remote File Inclusion Vulnerability,
erdc
- Advisory 09/2006: PHP unserialize() Array Creation Integer Overflow,
Stefan Esser
- PHPMyNews 1.4 <= (cfg_include_dir) Remote File Include Vulnerability,
xorontr
- [ECHO_ADV_48$2006] WebYep <= 1.1.9 (webyep_sIncludePath) Multiple Remote File Inclusion Vulnerability,
erdc
- XSS IN paFileDB 3.1,
zarloule04
- PHP open_basedir with symlink() function Race Condition PoC exploit,
paisterist . nst
- Freenews v1.1 <= (chemin) Remote File Include Vulnerability,
xorontr
- SQL injection - 4images,
disfigure
- SQL injection - moodle,
disfigure
- HITBSecConf2006 CTF Source code and daemons,
Praburaajan
- SUSE Security Announcement: php4,php5 (SUSE-SA:2006:059),
Ludwig Nussel
- Cisco Security Advisory: Limitations in Cisco Secure Desktop,
Cisco Systems Product Security Incident Response Team
- [ECHO_ADV_52$2006]OpenDock Easy Gallery <=1.4 (doc_directory) Multiple Remote File Inclusion Vulnerability,
erdc
- yet another OpenSSH timing leak?,
Marco Ivaldi
- [SECURITY] [DSA 1194-1] New libwmf packages fix arbitrary code execution,
Moritz Muehlenhoff
- Re: net2ftp: a web based FTP client :) <= Remote File Inclusion,
Steven M. Christey
- [USN-361-1] Mozilla vulnerabilities,
Martin Pitt
- [USN-360-1] awstats vulnerabilities,
Martin Pitt
- 7 php scripts File Inclusion / Source disclosure Vuln,
gmdarkfig
- [ECHO_ADV_54$2006]vtiger CRM <=4.2 (calpath) Multiple Remote File Inclusion Vulnerability,
erdc
- MS Windows DRM software Memory Corruption,
Joxean Koret
- phpWebSite 0.10.2 Remote File Include Vulnerabilities,
crackers_child
- MHL-2006-001 Public Advisory: "Eazy Cart" Multiple Security Issues,
Mayhemic Labs Security
- eXpBlog <= 0.3.5 Cross Site Scripting Vulnerabilities,
Tamriel
- [security bulletin] HPSBUX02087 SSRT4728 rev.4 - HP-UX running TCP/IP Remote Denial of Service (DoS),
security-alert
- ZDI-06-033: Microsoft Office Excel File Format DATETIME Record Parsing Vulnerability,
zdi-disclosures
- ZDI-06-032: Microsoft Office PowerPoint Malformed Slide Notes Rebuilding Vulnerability,
zdi-disclosures
- ZDI-06-034: Microsoft Office Word Malformed Chart Code Execution Vulnerability,
zdi-disclosures
- [USN-362-1] PHP vulnerabilities,
Martin Pitt
- [Fedora] libtool-ltdl uses relative paths to resolve and load libraries,
Enrico Scholz
- [SECURITY] [DSA 1195-1] new openssl096 packages fix denial of service,
Noah Meyerhans
- PHPLibrary <= 1.5.3 Remote File Inclusion,
k1tk4t
- tagit2b -- Remote File Inclusion,
k1tk4t
- claroline <= 180rc1 Remote File Inclusion,
k1tk4t
- blueshoes <= 4.6_public Remote File Inclusion,
k1tk4t
- pacsec hype security team: 7 words of warning about Macromedia Flash Player 9+,
Dragos Ruiu
- iDefense Security Advisory 10.10.06: FreeBSD ptrace PT_LWPINFO Denial of Service Vulnerability,
iDefense Labs
- [ MDKSA-2006:181 ] - Updated python packages fix vulnerability,
security
- Re: The latest version of iSearch is V2.16 <= (index.php) Remote File Inclusion Exploit,
Steven M. Christey
- rPSA-2006-0187-1 idle python,
rPath Update Announcements
- ShmooCon 2006 CFP Announcement,
B Potter
- Microsoft Office Malformed Record Memory Corruption Vulnerability,
Sowhat
- MysqlDumper Version 1.21 b6 Xss Vulnerability,
crackers_child
- Secunia Research: Microsoft Windows Object Packager Dialog Spoofing,
Secunia Research
- [USN-363-1] libmusicbrainz vulnerability,
Kees Cook
- Jinzora <= 2.1 Remote File Inclusion,
k1tk4t
- gcards (languagefile) <= Remote File Include,
D-virus
- Noah's Classifieds Cross Site Scripting Vulnerability,
raphael . huck
- New tool release today - "wyd" - password profiling,
Max Moser
- CommunityPortals <= 1.0 Remote File Include Vulnerability,
nima . salehi
- AlberT-EasySite <= 1.0.a5 Remote File Inclusion,
k1tk4t
- [ MDKSA-2006:182 ] - Updated kernel packages fix multiple vulnerabilities and bugs,
security
- zenphoto Multiple Path Disclosure and Cross Site Scripting Vulnerabilities,
raphael . huck
- iDefense Security Advisory 10.11.06: AOL YGPPDownload SetAlbumName ActiveX Control Buffer Overflow Vulnerability,
iDefense Labs
- new version of phplist fix XSS vulnerability,
info
- iDefense Security Advisory 10.11.06: Sun Microsystems Solaris NSPR Library Arbitrary File Creation Vulnerability,
iDefense Labs
- MS06-060 Microsoft Word Memmove Code Execution,
Avert
- SecureWorks Research Client Advisory: Multiple Vendor Bluetooth Memory Stack Corruption Vulnerability,
Research
- MHL-2006-002 Public Advisory: "Call-Center-Software" Multiple Security Issues,
Mayhemic Labs Security
- XeoPort <= 0.81 SQL Injection Vulnerability,
Tamriel
- Xeobook <= 0.93 Multiple SQL Injection Vulnerabilities,
Tamriel
- [security bulletin] HPSBMA02158 SSRT061251 rev.1 - HP Version Control Agent, Remote Unauthorized Access and Possible Elevation of Privilege,
security-alert
- ExtCalThai_Component <= 0.9.1 Remote File Inclusion,
k1tk4t
- Cisco Security Advisory: Default Password in Wireless Location Appliance,
Cisco Systems Product Security Incident Response Team
- Journals System <= 1.0.2 [RC2] Remote File Include Vulnerability,
nima . salehi
- Admin User Viewed Posts Tracker Remote File Include Vulnerability,
nima . salehi
- Iono all version fullpath disclosure,
hack2prison
- Security Suite IP Logger Remote File Inclusion,
ReeM_HaCk
- Download-Engine Remote File Include,
v1per-hacker
- Black Hat CFP, Registration, and Announcements for October,
Jeff Moss
- Phpbb insert mod Remote file include,
By_KorsaN_Son
- Google Earth (kml & kmz files) buffer overflow,
Alexander Hristov
- Open Conference Systems <= 1.1.3 Remote File Inclusion,
k1tk4t
- Mcafee Network Agent (mcnasvc.exe) Remote DoS,
Alexander Hristov
- CMS contenido Remote File Inclusion,
CvIr . System
- [security bulletin] HPSBST02160 SSRT061254 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS06-055,
security-alert
- [security bulletin] HPSBST02134 SSRT061187 rev.2 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS06-052, MS06-053 and MS06-054,
security-alert
- RamaCMS (adodb.inc.php) Remote File Inclue Vulnerability,
Le . CoPrA
- PacSec Hype Security Team: CGI.pm param injection,
Dragos Ruiu
- Morcego CMS <= 0.9.6 Remote File Inclue Vulnerability,
Le . CoPrA
- CMS contenido Path Disclosure,
CvIr . System
- SpamBlockerMODv <= 1.0.2 Remote File Include Vulnerability,
nima . salehi
- ISOI II - a DA Workshop (announcement and CFP),
Gadi Evron
- Download-Engine Remote File İnclude,
By_KorsaN_Son
- phpBB PlusXL 2.x <= biuld 272 Remote File Include Vulnerability,
nima . salehi
- PHP Cards <= 1.3 Remote File Inclue Vulnerability,
Le . CoPrA
- Utimaco Safeguard Easy vulnerability,
boomboom999
- Bloq 0.5.4 Remote File İnclude,
By_KorsaN_Son
- phpBB Security <= 1.0.1 Remote File Include Vulnerability,
nima . salehi
- PHPht Topsites Remote File İnclude,
By_KorsaN_Son
- news7 <= (news.php) Remote File Inclusion Exploit,
xp1o
- Jax Newspage Remote File include,
dj_remix_20
- TorrentFlux startpop.php torrent Script Insertion,
566d9bfe
- [SECURITY] [DSA 1166-2] New cheesetraceker packages fix buffer overflow,
Steve Kemp
- pbpbb archive for search engines Remote File Include Vulnerability,
nima . salehi
- Jax LinkLists Remote File include,
dj_remix_20
- MNews <= 2.0 (noticias.php) Remote File Inclue Vulnerability,
Le . CoPrA
- phpMyConferences <= 8.0.2 Remote File Inclusion,
k1tk4t
- phpBB Add Name Remote File Include Vulnerability,
nima . salehi
- SpamOborona PHPBB Plugin Remote File Include Vulnerability,
nima . salehi
- maluinfo version 206.2.38l Remote File Include Vulnerability,
nima . salehi
- AMAZONIA MOD Remote File Include Vulnerability,
nima . salehi
- news defilante horizontale <= 4.1.1 Remote File Include Vulnerability,
nima . salehi
- phpBB lat2cyr <= 1.0.1 Remote File Include Vulnerability,
nima . salehi
- RPG Events 1.0.0 Remote File Include Vulnerability,
nima . salehi
- PhpBB Prillian French Remote File Include Vulnerability,
nima . salehi
- PHP Top webs (config.php) Remote File Inclue Vulnerability,
Le . CoPrA
- Buzlas <= v2006-1 Full Remote File Include Vulnerability,
nima . salehi
- iDefense Security Advisory 10.13.06: Apache HTTP Server mod_tcl set_var Format String Vulnerability,
iDefense Labs
- @lex Guestbook <=(ModeliXe.php) Remote File Inclusion Exploit,
xp1o
- EXlor 1.0 (/fonctions/template.php) Remote File Include Vulnerability,
mahmood ali
- Re: iDefense Security Advisory 10.11.06: Sun Microsystems Solaris NSPR Library Arbitrary File Creation Vulnerability,
Marco Ivaldi
- Multiple XSS Vulnerability in Gcontact,
security
- Re: DanPHPSupport => 0.5 Cross Site Scripting Vulnerabilities,
dansoftaus
- WDT:- osTicket File Include all V,
stormhacker
- Re: Multiple XSS Vulnerabilities in Zen Cart 1.3.5,
security
- Jinzora 2.6 - Remote File Include Vulnerabilities,
erne
- Spoofing security dialog in object packager - 2,
seejay . 11
- ISS BlackICE PC Protection Filelock protection bypass Vulnerability,
Matousec - Transparent security Research
- Re: [Full-disclosure] Kmail <= 1.9.1 (table/frameset) DOS,
Vidar Løkken
- Kmail <= 1.9.1 (table/frameset) DOS,
nnp
- Security Advisory for Bugzilla 2.18.5, 2.20.2, 2.22, and 2.23.2,
mkanat
- vbulletin Exploit Tool Box,
[dot]
- bbsNew ( File Include Vulnerability Exploit ),
h4ck3riran
- SYMSA-2006-010: Directory Traversal in IronWebMail,
research
- Back-end ( File Include Vulnerability Exploit ),
h4ck3riran
- maintain-3.0.0-RC2 - Remote File Include Vulnerabilities,
erne
- Full Path Disclosure in PHP-Wyana,
xx_hack_xx_2004
- :ShAnKaR: WoltLab Burning Book <=1.1.2 multiple vulnerabilities,
3APA3A
- MOStlyCEV454 - Remote File Include Vulnerabilities,
erne
- VoMM: Taking browser exploits to the next level,
avivra
- WebYep-1.1.9 - Remote File Include Vulnerabilities,
erne
- [USN-364-1] Xsession vulnerability,
Kees Cook
- [ GLSA 200610-04 ] Seamonkey: Multiple vulnerabilities,
Raphael Marichez
- osprey 1.0 (ListRecords.php) Remote File Include Vulnerability,
KaBaRa . HaCk . eGy
- iDefense Security Advisory 10.15.06: Clam AntiVirus ClamAV CHM Chunk Name Length DoS Vulnerability,
iDefense Labs
- Full Path Disclosure in PHP-Wyana (2),
xx_hack_xx_2004
- iDefense Security Advisory 10.15.06: Clam AntiVirus ClamAV rebuildpe Heap Overflow Vulnerability,
iDefense Labs
- patchlodel-0.7.3 - Remote File Include Vulnerabilities,
erne
- Rapid7 Advisory R7-0025: Buffer Overflow in NVIDIA Binary Graphics Driver For Linux,
advisory
- PHP Forge 3b2 (/inc/inc.php) Remote File Include Vulnerability,
mahmood ali
- Advisory 10/2006: ViewVC Undefined Charset UTF-7 XSS Vulnerability,
Stefan Esser
- About.com contact,
C. Hamby
- [Xss] IN phplist v 2.10.2,,
the-free_kernel
- [USN-365-1] libksba vulnerability,
Kees Cook
- PR06-03b: F5 Firepass 1000 SSL VPN version 5.5 vulnerable to Cross-Site Scripting,
research
- TorrentFlux action Script Insertion,
3cab7cc7
- TorrentFlux file Script Insertion,
3cab7cc7
- TorrentFlux user_id Script Insertion,
3cab7cc7
- [OpenPKG-SA-2006.023] OpenPKG Security Advisory (php),
OpenPKG
- [ECHO_ADV_55$2006]Phpmybibli <=2.1 Multiple Remote File Inclusion Vulnerability,
erdc
- Flaw in Firefox 2.0 RC2,
Mike
- [security bulletin] HPSBUX02155 SSRT061235 rev.2 HP-UX CIFS Server (Samba) Local Unauthorized Access, Elevated Privileges,
security-alert
- [ GLSA 200610-05 ] CAPI4Hylafax fax receiver: Execution of arbitrary code,
Raphael Marichez
- [ GLSA 200610-06 ] Mozilla Network Security Service (NSS): RSA signature forgery,
Raphael Marichez
- phpAdsNew include bug!,
wacky
- rPSA-2006-0194-1 kernel,
rPath Update Announcements
- [ GLSA 200610-07 ] Python: Buffer Overflow,
Raphael Marichez
- Rapid7 Advisory R7-0026: HTTP Header Injection Vulnerabilities in the Flash Player Plugin,
advisory
- iDefense Security Advisory 10.17.06: Opera Software Opera Web Browser URL Parsing Heap Overflow Vulnerability,
iDefense Labs
- [ MDKSA-2006:183 ] - Updated libksba packages correct DoS vulnerability,
security
- [ MDKSA-2006:184 ] - Updated clamav packages fix vulnerabilities,
security
- [ MDKSA-2006:185 ] - Updated php packages to address multiple vulnerabilities,
security
- Comdev One Admin 4.1 Remote File Inclusion,
disfigure
- Boonex Dolphin 5.2 Remote File Inclusion,
disfigure
- Simplog 0.9.3.1 SQL Injection,
disfigure
- zorum_3_5 <=(dbproperty.php) Remote File Inclusion Exploit,
MoHaNdKo
- [ECHO_ADV_46$2006] P-Book <= 1.17 (pb_lang) Remote File Inclusion,
erdc
- Analysis of the Oracle October 2006 Critical Patch Update,
David Litchfield
- TSLSA-2006-0057 - multi,
Trustix Security Advisor
- CS-Forum 0.82 (ajouter.php) Remote File Include Vulnerability,
mahmood ali
- PhpBB<=2.0.10 (groupcp.php) Remote File Include Vulnerability,
mahmood ali
- PHPRecipeBook <= 2.35 ((g_rb_basedir)) Remote File Include Exploit,
CarcaBotx
- Call for Papers - First International Workshop on Secure Software Engineering (SecSE 2007),
Lillian Røstad
- Multiple vulnerabilities in Highwall Enterprise and Highwall Endpoint management interface,
noreply
- Airmagnet management interfaces multiple vulnerabilities,
noreply
- {x0n3-h4ck} DEV Web Manager System <= 1.5 XSS Exploit,
corrado . liotta
- Secunia Research: Joomla BSQ Sitestats Script Insertion and SQL Injection,
Secunia Research
- Secunia Research: IBM Lotus Notes Insecure Default Folder Permissions,
Secunia Research
- Static fmat exploits with random va,
root
- Security-Assessment.com Advisory: Asterisk remote heap overflow,
Adam Boileau
- [USN-366-1] binutils vulnerability,
Kees Cook
- rPSA-2006-0195-1 kdelibs,
rPath Update Announcements
- [USN-367-1] Pike vulnerability,
Kees Cook
- [security bulletin] HPSBST02161 SSRT061264 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS06-056 Through MS06-065,
security-alert
- [SECURITY] [DSA 1196-1] New clamav packages fix arbitrary code execution,
Moritz Muehlenhoff
- [OpenPKG-SA-2006.024] OpenPKG Security Advisory (asterisk),
OpenPKG
- Advisory 11/2006: Serendipity Weblog XSS Vulnerabilities,
Stefan Esser
- [DRUPAL-SA-2006-024] Drupal 4.6.10 / 4.7.4 fixes multiple XSS issues,
Uwe Hermann
- [DRUPAL-SA-2006-025] Drupal 4.6.10 / 4.7.4 fixes CRF issue,
Uwe Hermann
- [DRUPAL-SA-2006-026] Drupal 4.6.10 / 4.7.4 fixes HTML attribute injection issue,
Uwe Hermann
- DigitalHive 2.0 RC2 (base_include.php)File Include,
mahmood ali
- UltraCMS 0.9 sql injection,
fireboy2006
- SQL Injection simplog,
navairum
- KICS CMS sql injection,
fireboy2006
- Multiple XSS Vulnerabilities in KnowledgeBank 1.01,
security
- ERRATA: [ GLSA 200610-07 ] Python: Buffer Overflow,
Raphael Marichez
- PHP "exec", "system", "popen" problem,
Дмитрий Borgir
- ATutor 1.5.3.2=> Remote File Include Vulnerability,
subzero . 0000
- [Xss] IN SMF 1.1 RC2,
the_free_kernel
- TORQUE Spool Job Race condition (torque <= 2.0.0p8),
Luís Miguel Silva
- [ MDKSA-2006:186 ] - Updated kdelibs packages fix KHTML vulnerability,
security
- iDefense Security Advisory 10.19.06: Kaspersky Labs Anti-Virus IOCTL Local Privilege Escalation Vulnerability,
iDefense Labs
- [CAID 34693, 34694]: CA BrightStor ARCserve Backup Multiple Buffer Overflow Vulnerabilities (UPDATED),
Williams, James K
- [KAPDA::#60] Mambo V4.6.x vulnerabilities,
alireza hassani
- HPSBUX02162 SSRT061223 rev.1 - HP-UX Running dtmail, Local Execution of Arbitrary Code,
security-alert
- Simple Machines Forum (SMF) XSS issue,
josecarlos . norte
- PHP Classifieds 7.1 - Remote File Include Vulnerability,
Le . CoPrA
- [ GLSA 200610-08 ] Cscope: Multiple buffer overflows,
Raphael Marichez
- [security bulletin] HPSBTU02163 SSRT061223 rev.1 - HP Tru64 UNIX Running dtmail, Local Execution of Arbitrary Code,
security-alert
- PHP Poll Creator 1.04 (poll_vote.php)File Include,
mahmood ali
- [Reversemode Advisory] Kaspersky Anti-Virus Privilege Escalation,
Reversemode
- Advisory for Oneorzero helpdesk,
Mike Klingler
- PHPLibrary-1.5.3(Description.php) Remote File Include,
arab_anaconda
- [OpenPKG-SA-2006.025] OpenPKG Security Advisory (drupal),
OpenPKG
- Open Meetings Filing Application (PROJECT_ROOT) Remote File Include Vulnerability,
xorontr
- Hustle Labs & MNIN eDirectory Vulnerability,
Ryan Smith
- Virtual Law Office (phpc_root_path) Remote File Include Vulnerability,
xorontr
- [USN-368-1] Qt vulnerability,
Martin Pitt
- [ GLSA 200610-09 ] libmusicbrainz: Multiple buffer overflows,
Matthias Geerdsen
- RMSOFT Cross Site Scripting,
FREAK_PR
- trawler <= 1.8.1 Remote File Inclusion,
k1tk4t
- IPEER Remote file inclusion,
navairum
- iDefense Security Advisory 10.21.06: Novell eDirectory evtFilteredMonitorEventsRequest Heap Overflow Vulnerability,
iDefense Labs
- iDefense Security Advisory 10.21.06: Novell eDirectory NCP over IP length Heap Overflow Vulnerability,
iDefense Labs
- iDefense Security Advisory 10.21.06: Novell eDirectory evtFilteredMonitorEventsRequest Invalid Free Vulnerability,
iDefense Labs
- XSS in Zwahlen Online Shop,
MC Iglo
- speedberg <= 1.2beta1 Remote File Inclusion,
k1tk4t
- WHM 10.8.0 cPanel 10.9.0 R50 CentOS 4.4 i686 WHM X v3.1.0 Xss Vulnerability,
crackers_child
- PHP Generator of Object SQL Database (path) Remote File Include Vulnerability,
xorontr
- AROUNDMe 0.6.9 remonte file inclusion,
noislet . nospam
- [SECURITY] [DSA 1197-1] New python2.4 packages fix arbitrary code execution,
Moritz Muehlenhoff
- -==PHP Nuke <= 7.9 SQL Injection and Bypass SQL Injection Protection vulnerabilities==-,
paisterist . nst
- [PHPADSNEW-SA-2006-002] phpAdsNew and phpPgAds 2.0.8-pr1 fix XSS vulnerability,
Matteo Beccati
- D-Link DSL-G624T several vulnerabilities,
jose . palanco
- Flaw in Firefox 2.0 Final,
mike
- Smarty-2.6.1 Remote File Include Vulnerabilities,
crackers_child
- SQL Injection Vulnerability in Oracle WWV_FLOW_UTILITIES,
ak
- Cross-Site-Scripting Vulnerability in Oracle APEX WWV_FLOW_ITEM_HELP,
ak
- http://www.red-database-security.com/advisory/oracle_apex_css_notification_msg.html,
ak
- Various Cross-Site-Scripting Vulnerabilities in Oracle Reports,
ak
- hack.lu Bluetooth demo,
K F (lists)
- Modify Data via Inline Views,
ak
- SQL Injection in package SYS.DBMS_SQLTUNE_INTERNAL,
ak
- SQL Injection in package XDB.DBMS_XDBZ0,
ak
- INCA IM-204 Dsl several vulnerabilities,
crackers_child
- SQL Injection in package SYS.DBMS_CDC_IMPDP,
ak
- SQL Injection in Oracle package MDSYS.SDO_LRS,
ak
- Multiple HTTP response splitting vulnerabilities in SHOP-SCRIPT,
Debasis Mohanty
- Application orders Linux in WebAPP v0.9.9.2.1,
the_free_kernel
- WikiNi Multiple Cross Site Scripting Vulnerabilities,
raphael . huck
- [SECURITY] [DSA 1198-1] New python2.3 packages fix arbitrary code execution,
Moritz Muehlenhoff
- Symantec Product Security: Symantec Device Driver Elevation of Privileg,
secure
- [ GLSA 200610-10 ] ClamAV: Multiple Vulnerabilities,
Raphael Marichez
- [ GLSA 200610-11 ] OpenSSL: Multiple vulnerabilities,
Raphael Marichez
- Month of Kernel Bugs and fsfuzzer release (0.6),
L.M.H.
- [SECURITY] [DSA 1199-1] New webmin packages fix input validation problems,
Noah Meyerhans
- ProgSys verion 0.151 XSS vulnerability,
security
- [vuln.sg] CruiseWorks Directory Traversal and Buffer Overflow Vulnerabilities,
vulnpost-remove
- who needs a server ...,
auto113922
- CSLH2.9.9 Remote File Include Vulnerabilities,
crackers_child
- adobe php sdk Remote File Include Vulnerabilities,
crackers_child
- InteliEditor (sys_path) Remote File Include Vulnerability,
xorontr
- [ GLSA 200610-12 ] Apache mod_tcl: Format string vulnerability,
Raphael Marichez
- Cisco Security Advisory: Cisco Security Agent for Linux Port Scan Denial of Service,
Cisco Systems Product Security Incident Response Team
- Re: Yahoo! Messenger Service 18 Remote Buffer Overflow Vulnerability,
Gadi Evron
- [KAPDA::#61] - PacPoll <= 4.0 Multiple Vulnerabilities,
farhadkey
- phpMyConferences_8.0.2 Remote File Inclusion,
Outlaw
- [ MDKSA-2006:187 ] - Updated Qt packages fix vulnerability,
security
- iDefense Security Advisory 10.25.06: AOL Nullsoft Winamp Ultravox 'ultravox-max-msg' Header Heap Overflow Vulnerability,
iDefense Labs
- iDefense Security Advisory 10.25.06: AOL YGPPDownload downloadFileDirectory ActiveX Control Heap Corruption Vulnerability,
iDefense Labs
- Mozilla Firefox JavaScript Handler Race Condition Memory Corruption Vulnerability,
erreale
- iDefense Security Advisory 10.25.06: AOL YGPPDownload AddPictureNoAlbum ActiveX Control Heap Corruption Vulnerability,
iDefense Labs
- Web-style Wireless IDS attacks,
noreply
- iDefense Security Advisory 10.25.06: AOL Nullsoft Winamp Ultravox Lyrics3 v2.00 tags Heap Overflow Vulnerability,
iDefense Labs
- [security bulletin] HPSBMA02133 SSRT061201 rev.2 - HP Oracle for OpenView (OfO) Critical Patch Update,
security-alert
- [OpenPKG-SA-2006.026] OpenPKG Security Advisory (screen),
OpenPKG
- rPSA-2006-0195-2 kdelibs qt-x11-free,
rPath Update Announcements
- rPSA-2006-0198-1 screen,
rPath Update Announcements
- IE7 is a Source of Problem - Secunia IE7 Release Incident of October 2006,
LIUDIEYU dot COM
- TSLSA-2006-0059 - postgresql,
Trustix Security Advisor
- MHL-2006-003 Public Advisory: "ezOnlineGallery" Multiple Security Issues,
Mayhemic Labs Security
- MiniBILL v2006-10-10 (config[page_dir] Remote File Include Vulnerability,
xorontr
- Insecure storage of passwords in Axalto Protiva,
nnposter
- Joomla extended_registration mod Remote File Include Vulnerabilities,
crackers_child
- Directory Traversal in TorrentFlux 2.1,
Christopher
- phpFaber CMS Cross Site Scripting,
security
- iDefense Security Advisory 10.26.06: Multiple Vendor wvWare LVL Count Integer Overflow Vulnerability,
iDefense Labs
- iDefense Security Advisory 10.26.06: Multiple Vendor wvWare LFO Count Integer Overflow Vulnerability,
iDefense Labs
- ZDI-06-035: Novell eDirectory NDS Server Host Header Buffer Overflow Vulnerability,
zdi-disclosures
- [ GLSA 200610-13 ] Cheese Tracker: Buffer Overflow,
Raphael Marichez
- vulnerability in Symantec products,
security
- TextPattern <=1.19 Remote File Inclusion Vulnerability,
Bithedz
- SMF fgets off-by-one issue and filter size evasion,
josecarlos . norte
- IE7 status: 8 days after release, 3 unfixed issues,
Moritz Naumann
- UNISOR CMS sql injection,
fireboy2006
- PHP-Nuke <= 7.9 Search module "author" SQL Injection vulnerability,
paisterist . nst
- ArticleBeach Script <= 2.0 Remote File Inclusion Vulnerability,
Bithedz
- GestArt <= vbeta 1 Remote File Include Vulnerabilities,
ip . 123 . 456 . 78 . 90
- RFID enabled e-passport skimming proof of concept code released (RFIDIOt),
Adam Laurie
- PLS-Bannieres 1.21 (bannieres.php) File Include,
mahmood ali
- phpLedAds 2.0(dir) File Include,
mahmood ali
- [funsec] Haxdoor: UK Police Count 8, 500 Victims in Data Theft (So Far) (fwd),
Gadi Evron
- phpAdsNew-2.0.8 <= (adlayer.php) Remote File Include,
zooz_998
- Ban v0.1 (bannieres.php) File Include,
mahmood ali
- Thepeak File Upload v1.3 : Read file vulneability,
loveha
- Hosting Controller 6.1 Hotfix <= 3.2 Vulnerability,
playpacific . emulacaid
- Microsoft .NET request filtering bypass vulnerability,
research
- [ MDKSA-2006:189 ] - Updated xsupplicant fixes possible remote root stack smash vulnerability,
security
- [ MDKSA-2006:188 ] - Updated mono packages fix vulnerability,
security
- [ MDKSA-2006:190 ] - Updated mutt packages fix multiple vulnerabilities,
security
- [ MDKSA-2006:192 ] - Updated ruby packages fix DoS vulnerability,
security
- [ MDKSA-2006:191 ] - Updated screen packages fix vulnerability,
security
- [ GLSA 200610-14 ] PHP: Integer overflow,
Raphael Marichez
- [SECURITY] [DSA 1200-1] New Qt packages fix integer overflow,
Noah Meyerhans
- [OpenPKG-SA-2006.027] OpenPKG Security Advisory (wordpress),
OpenPKG
- Re: [Full-disclosure] ZDI-06-035: Novell eDirectory NDS Server Host Header Buffer Overflow Vulnerability,
Matt Richard
- CentiPaid <= 1.4.2 [$class_pwd] Remote File Include,
firewall1954
- Exporia => 0.3.0 Remote File Include Vulnerability Exploit,
h4ck3riran
- bbsNew => 2.0.1 Remote File Include Vulnerability Exploit,
h4ck3riran
- Back-end => 0.4.5 Remote File Include Vulnerability Exploit,
h4ck3riran
- SQL in WebWizForum by almaster hacker,
almaster
- freenews---> fileinclude,
MoHaNdKo
- easy notes manager sql injection and authentication bypass,
poplix
- [MajorSecurity Advisory #29]foresite CMS - Cross Site Scripting Issue,
admin
- Re: imageVue16.1 upload vulnerability,
mjau
- Simple Website Software v0.99 (common.php) Remote File Include,
cw . cybersecurity
- PHPEasyData Pro 1.4.1 (index.php) Remote SQL Injection Vulnerability,
ajannhwt
- PHPEasyData Pro 2.2.1 (index.php) Remote SQL Injection Vulnerability,
ajannhwt
- Nucleus Core v3.23 - Remote File Include,
firewall1954
- Punbb <= 1.2.13 Multiple Vulnerabilities,
Nms
- [ECHO_ADV_53$2006] QnECMS <= 2.5.6 (adminfolderpath) Remote File Inclusion Vulnerability,
erdc
- opendocman <= 1.2p3 Bypass admin/user Login,
k1tk4t
- Metasploit Framework 2.7 Released,
H D Moore
- [ GLSA 200610-15 ] Asterisk: Multiple vulnerabilities,
Raphael Marichez
- CORE FORCE R0.95 released!,
CORE FORCE Team
- Multiple Remote File Include,
firewall1954
- [security bulletin] HPSBMA02138 SSRT061184 rev.2 - HP OpenView Storage Data Protector, Remote Unauthorized Arbitrary Command Execution,
security-alert
- [security bulletin] HPSBMA02121 SSRT061157 rev.3 - HP OpenView Storage Data Protector Remote Unauthorized Arbitrary Command Execution,
security-alert
- [security bulletin] HPSBTU02168 SSRT061237 rev.1 - HP Tru64 UNIX Running gzip, gunzip, and gzcat, Remote Unauthorized Arbitrary Code Execution or Denial of Service (DoS),
security-alert
- Re: Free Rainbow Tables.com,
Jerome Athias
- ModSecurity 2.0, A Core Rule Set and Console now available,
Ofer Shezaf
Mail converted by MHonArc