Mail Index
- [SECURITY] [DSA 1221-1] New libgsf packages fix arbitrary code execution
- [SECURITY] [DSA 1222-1] New proftpd packages fix several vulnerabilities
- [ MDKSA-2006:217-1 ] - Updated proftpd packages fix vulnerabilities
- Secunia Research: MailEnable IMAP Service Two Vulnerabilities
- [security bulletin] HPSBUX02153 SSRT061181 rev.2 - HP-UX Running Firefox, Remote Unauthorized Access or Elevation of Privileges or Denial of Service (DoS)
- [USN-390-1] evince vulnerability
- @lex Guestbook 4.0.1 : Full Path Disclosure & XSS
- Seditio <= 1.10 (pollid) Remote SQL Injection Vulnerability
- Invision Community Blog Mod 1.2.4 .PHP SQL Injection Vulnerability
- [ GLSA 200611-26 ] ProFTPD: Remote execution of arbitrary code
- Re: [Full-disclosure] ZDI-06-043: Novell Netware Client Print Provider Buffer Overflow Vulnerability
- safely concatenating strings in portable C (Re: GnuPG 1.4 and 2.0 buffer overflow)
- contentserv 4.x
- LDU <= 8.x (polls.php) Remote SQL Injection Vulnerability
- iDefense Security Advisory 11.30.06: Multiple Vendor libgsf Heap Overflow Vulnerability
- Woltlab Burning Board 2.3.X XSS Vulnerability (0-Day) FIXED VERSION
- LifeType version 1.1.2 Multiple Path Disclosure Vulnerabilities
- Re: [Full-disclosure] ZDI-06-043: Novell Netware Client Print Provider Buffer Overflow Vulnerability
- Invision Gallery 2.0.7 SQL Injection Vulnerability
- Re: Invision Community Blog Mod 1.2.4 .PHP SQL Injection Vulnerability
- [SECURITY] [DSA 1205-2] New thttpd packages fix insecure temporary file creation
- [ MDKSA-2006:220 ] - Updated libgsf packages fix heap buffer overflow vulnerability
- [ MDKSA-2006:221 ] - Updated gnupg packages fix vulnerability
- rPSA-2006-0221-1 openldap openldap-clients openldap-servers
- From: rPath Update Announcements
- [Aria-Security.Net] Web Hosting Control Panel - cPanel 11 Multiple Cross-Site Scripting Vulnerabilites
- deV!L`z Clanportal - Arbitrary File Upload [061124b]
- Layered Defense Advisory: Novell Client 4.91 Format String Vulnerability
- [SECURITY] [DSA 1223-1] New tar packages fix arbitrary file overwrite
- Outpost Bypassing Self-Protection via Advanced DLL injection with handle stealing Vulnerability
- From: Matousec - Transparent security Research
- deV!L`z Clanportal - SQL Injection [061124a]
- rPSA-2006-0220-1 dovecot
- From: rPath Update Announcements
- Aspee Ziyareti Defteri (tr) Sql injection Vuln.
- iDefense Security Advisory 12.01.06: Novell ZENworks Asset Management Msg.dll Heap Overflow Vulnerability
- [SECURITY] [DSA 1222-2] New proftpd packages fix several vulnerabilities
- iDefense Security Advisory 12.01.06: Novell ZENworks Asset Management Collection Client Heap Overflow Vulnerability
- Re: [Full-disclosure] ZDI-06-043: Novell Netware Client Print Provider Buffer Overflow Vulnerability
- rPSA-2006-0224-1 gnupg
- From: rPath Update Announcements
- TSLSA-2006-0068 - multi
- From: Trustix Security Advisor
- Re: safely concatenating strings in portable C (Re: GnuPG 1.4 and 2.0 buffer overflow)
- rPSA-2006-0222-1 tar
- From: rPath Update Announcements
- freeqboard <= 1.1 (qb_path) Remote File Include Vulnerability
- From: -= SHELL =- -= SHELL =-
- [ MDKSA-2006:223 ] - Updated ImageMagick packages fixes vulnerability
- [Aria-Security Team] DuWare DuNews SQL Injection Vuln
- [Aria-Security Team] DuWare DuClassMate SQL Injection Vuln
- [Aria-Security Team] DuWare DuPortal SQL Injection Vuln
- PHPNews 1.3.0 XSS
- KhaledMuratList mdb
- [ MDKSA-2006:222 ] - Updated koffice packages fixes integer overflow vulnerability
- [Aria-Security Team] DuWare DuDownloads SQL Injection Vuln
- CuteNews 1.3.6 XSS
- [Aria-Security Team] DuWare DuForum SQL Injection Vuln
- [Aria-Security Team] DuWare DuPaypal SQL Injection Vuln
- [ISecAuditors Advisories] BlueSocket web administration is vulnerable to XSS
- From: ISecAuditors Security Advisories
- listpics v5
- [ISecAuditors Security Advisories] IMAP/SMTP Injection in Hastymail
- From: ISecAuditors Security Advisories
- Metyus Okul Ynetim Sistemi V.1.0 (tr) Sql injection Vuln.
- [ISecAuditors Security Advisories] XSS vulnerability in error page of ISMail
- From: ISecAuditors Security Advisories
- fl0p - passive L7 flow fingerprinting
- Online BookMarks Multiple SQL Injection/XSS Vulnerabilities
- [SECURITY] [DSA 1224-1] New Mozilla packages fix several vulnerabilities
- [SECURITY] [DSA 1225-1] New Mozilla Firefox packages fix several vulnerabilities
- SMF upload XSS vulnerability
- 2[xss]Vulnerabilities in Script Mobile Ac4p.com
- PhpMyAdmin 2.7.0-pl2 Path Disclosure | Multiple CRLF/Http Response Splitting
- MS Internet Explorer 6.0 (mshtml.dll) Denial of Service Exploit
- [SECURITY] [DSA 1225-2] New Mozilla Firefox packages fix several vulnerabilities
- [SECURITY] [DSA 1226-1] New links packages fix arbitrary shell command execution
- Vt-Forum Lite System V.1.3 Xss Vuln.
- Re: UPublisher Exploit - Superfreaker
- [Aria-Security Team] uGestBook SQL Injection Vuln
- Re: Invision Gallery 2.0.7 SQL Injection Vulnerability
- [SECURITY] [DSA 1227-1] New Mozilla Thunderbird packages fix several vulnerabilities
- Multiple bugs in TFT-Gallery
- F-Prot Antivirus for Unix: heap overflow and Denial of Service
- [USN-392-1] xine-lib vulnerability
- Re: aBitWhizzy [local file include]
- [USN-391-1] libgsf vulnerability
- [ MDKSA-2006:214-1 ] - Updated gv packages fix buffer overflow vulnerability
- Symantec LiveState Agent for Windows vulnerability - Local Privilege Escalation
- XSS in JAB Guest Book
- rPSA-2006-0211-2 doxygen libpng
- From: rPath Update Announcements
- Re: Multiple bugs in TFT-Gallery
- new xss in modbb forum
- TSRT-06-14: IBM Tivoli Storage Manager Mutiple Buffer Overflow Vulnerabilities
- [KOffice security advisory] KOffice OLEfilter integer overflow
- SNORT Covered channels detector patch
- RE: Symantec LiveState Agent for Windows vulnerability - Local Privilege Escalation
- Re: GnuPG 1.4 and 2.0 buffer overflow
- Re: [Aria-Security Team] uGestBook SQL Injection Vuln
- Re: MS Internet Explorer 6.0 (mshtml.dll) Denial of Service Exploit
- Re: Evolve Merchant[ injection sql ]
- URL Rdirecction Bug Yahoo
- CYBSEC - Security Pre-Advisory: SAP Internet Graphics Service (IGS) Undocumented Features
- From: Mariano Nuñez Di Croce
- CYBSEC - Security Pre-Advisory: SAP Internet Graphics Service (IGS) Remote Arbitrary File Removal
- From: Mariano Nuñez Di Croce
- DistrRTgen 1.0 launched!
- Re: Symantec LiveState Agent for Windows vulnerability - Local Privilege Escalation
- Re: Symantec LiveState Agent for Windows vulnerability - Local Privilege Escalation
- [SECURITY] [DSA 1228-1] New elinks packages fix arbitrary shell command execution
- Re: Symantec LiveState Agent for Windows vulnerability - Local Privilege Escalation
- From: Thor (Hammer of God)
- EasyPage Portal ( all ver )SQL Injection
- eEye's Zero-Day Tracker Launch
- Re: Symantec LiveState Agent for Windows vulnerabi
- Re: Re: [Aria-Security Team] uGestBook SQL Injection Vuln
- Re: Symantec LiveState Agent for Windows vulnerabi
- Re: EasyPage Portal ( all ver )SQL Injection
- [security bulletin] HPSBUX02145 SSRT061202 rev.2 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), and Unauthorized Access
- Re: Symantec LiveState Agent for Windows vulnerability - Local Privilege Escalation
- From: Ansgar -59cobalt- Wiechers
- HPSBUX02178 SSRT061267 rev.1 - HP-UX Secure Shell Remote Denial of Service (DoS)
- EEYE: Adobe Download Manager AOM Stack Buffer Overflow Vulnerability
- [ MDKSA-2006:224 ] - Updated xine-lib packages fix buffer overflow vulnerability
- [USN-390-2] evince vulnerability
- Barracuda Convert-UUlib library buffer overflow leads to remote compromise
- From: Jean-Sébastien Guay-Leroux
- Internet Explorer 6. CSS Expression Denial of Service (P.o.C.)
- From: José Carlos Nieto Jarquín
- Re: Internet Explorer 6 CSS "expression" Denial of Service Exploit (P.o.C.)
- From: José Carlos Nieto Jarquín
- Uploadscript Vulnerabilities: Text file Hash password
- FreeBSD Security Advisory FreeBSD-SA-06:25.kmem
- From: FreeBSD Security Advisories
- FreeBSD Security Advisory FreeBSD-SA-06:26.gtar
- From: FreeBSD Security Advisories
- [SECURITY] [DSA 1229-1] New Asterisk packages fix arbitrary code execution
- Oracle PL/SQL Fuzzing Tool
- BTSaveMySql 1.2 (acces to config files)
- RE: Symantec LiveState Agent for Windows vulnerability - Local Privilege Escalation
- Multiple Vendor Unusual MIME Encoding Content Filter Bypass
- SYMSA-2006-012: 2X ThinClientServer Create Admin Account Replay Vulnerability
- GnuPG: remotely controllable function pointer [CVE-2006-6235]
- rPSA-2006-0226-1 kernel
- From: rPath Update Announcements
- [ MDKSA-2006:225 ] - Updated ruby packages fix DoS vulnerability
- rPSA-2006-0227-1 gnupg
- From: rPath Update Announcements
- Microsoft 0-day word vulnerability - Secunia - Extremely critical
- New MySpace worm could be on its way
- ZDI-06-044: Adobe Download Manager AOM Parsing Buffer Overflow Vulnerability
- Linksys WIP 330 VoIP wireless phone crash from Nmap scan
- [ GLSA 200612-01 ] wv library: Multiple integer overflows
- From: Sune Kloppenborg Jeppesen
- Digital Armaments Security Advisory 07.12.2006: Yahoo multiple services authentication bypass Vulnerability
- TSRT-06-15: Citrix Presentation Server Client ActiveX Heap Overflow Vulnerability
- Re: Microsoft 0-day word vulnerability - Secunia - Extremely critical
- Re: Multiple Vendor Unusual MIME Encoding Content Filter Bypass
- Re: Multiple Vendor Unusual MIME Encoding Content Filter Bypass
- Re: XSS in JAB Guest Book
- Some Thoughts about Office Open XML and Malware Detection
- Re: Multiple Vendor Unusual MIME Encoding Content Filter Bypass
- [USN-393-1] GnuPG vulnerability
- Re: The Week of Oracle Database Bugs
- Re: Internet Explorer 6 CSS "expression" Denial of Service Exploit (P.o.C.)
- phpbb 2.0.x [xss]
- [USN-390-3] evince-gtk vulnerability
- Re: Microsoft 0-day word vulnerability - Secunia - Extremely critical
- Re: Multiple Vendor Unusual MIME Encoding Content Filter Bypass
- From: michele.sandrelli@xxxxxxxxxxxx
- Re[2]: Multiple Vendor Unusual MIME Encoding Content Filter Bypass
- phpAdsNew-2.0.4-pr2 Remote File Inclusion Exploit
- Re: Multiple Vendor Unusual MIME Encoding Content Filter Bypass
- [USN-393-2] GnuPG2 vulnerabilities
- DUdirectory Admin Panel SQL Injection
- [OpenPKG-SA-2006.037] OpenPKG Security Advisory (gnupg)
- EEYE: Intel Network Adapter Driver Local Privilege Escalation
- [Aria-Security Team] CentOS 4.2 i686 - WHM X v3.1.0 Cross-Site Scripting
- [Aria-Security Team] cPanel 11 pops.html Cross-Site Scripting
- [Aria-Security Team] cPanel BoxTrapper Cross Site Scripting
- TSLSA-2006-0070 - multi
- From: Trustix Security Advisor
- [OpenPKG-SA-2006.038] OpenPKG Security Advisory (tar)
- [SECURITY] [DSA-1230-1] new l2tpns packages fix buffer overflow
- Microsoft Word 0-day Vulnerability FAQ (CVE-2006-5994) written
- Midicart vulerable
- [CAID 34846]: CA BrightStor ARCserve Backup Discovery Service Buffer Overflow Vulnerability
- Re: Internet Explorer 6 CSS "expression" Denial of Service Exploit (P.o.C.)
- LS-20060908 - Computer Associates BrightStor ARCserve Backup v11.5 Remote Buffer Overflow Vulnerability
- LS-20061001 - Computer Associates BrightStor ARCserve Backup v11.5 Remote Buffer Overflow Vulnerability
- Animated Smiley Generator File Include Vul.
- PHP 5.2.0 session.save_path safe_mode and open_basedir bypass
- [USN-394-1] Ruby vulnerability
- ASX Playlists and Jumping to Conclusions
- PhpBB Toplist 1.3.7 Xss Vuln.
- Enforcing Java Security Manager in Restricted Windows Environments?
- iDefense Security Advisory 12.08.06: Multiple Vendor Antivirus RAR File Denial of Service Vulnerability
- iDefense Security Advisory 12.08.06: Sophos Antivirus CHM Chunk Name Length Memory Corruption Vulnerability
- iDefense Security Advisory 12.08.06: Sophos Antivirus CHM File Heap Overflow Vulnerability
- Re: XSS in JAB Guest Book
- Call For Papers: SecurityOPUS 2007
- [ GLSA 200612-02 ] xine-lib: Buffer overflow
- From: Sune Kloppenborg Jeppesen
- KDPics Multiple Vulnerabities
- ProNews V1.5 XSS & SQL Injection
- Messageriescripthp V2.0 XSS & SQL Injection
- AnnonceScriptHP V2.0 Multiple Vulnerabilities
- [SECURITY] [DSA 1231-1] New gnupg packages fix arbitrary code execution
- [SECURITY] [DSA 1232-1] New clamav packages fix denial of service
- [SECURITY] [DSA 1233-1] New Linux 2.6.8 packages fix several vulnerabilities
- WASC-Announcement: MX Injection - Capturing and Exploiting Hidden Mail Servers By Vicente Aguilera Diaz
- D-LINK DWL-2000AP+ remote DoS
- [ GLSA 200612-09 ] MadWifi: Kernel driver buffer overflow
- [SBDA] - ColdFusion MX7 - Multiple Vulnerabilities
- Unauthenticated access to IBM Host On-Demand administration pages
- From: Ferguson, David (Kansas City)
- [ MDKSA-2006:226 ] - Updated squirrelmail packages fix vulnerabilities
- RFIDIOt release - version 0.1i
- Firefox 2.0 security bug: Extensions can hide themself
- ERRATA: [ GLSA 200612-03 ] GnuPG: Multiple vulnerabilities
- Multiple vulnerabilities in Winamp Web Interface 7.5.13
- [ GLSA 200612-08 ] SeaMonkey: Multiple vulnerabilities
- Several updates in Microsoft Word 0-day (CVE-2006-5994) FAQ document
- Another, different MS Word 0-day vulnerability reported
- shopsite advisory
- Secunia Research: MailEnable IMAP Service Buffer Overflow Vulnerability
- looking for security community input
- Re: Another, different MS Word 0-day vulnerability reported
- [ GLSA 200612-04 ] ModPlug: Multiple buffer overflows
- [ GLSA 200612-06 ] Mozilla Thunderbird: Multiple vulnerabilities
- Re: LS-20061001 - Computer Associates BrightStor ARCserve Backup
- [ GLSA 200612-10 ] Tar: Directory traversal vulnerability
- The newest Word flaw is due to malformed data structure handling
- Re: LS-20060908 - Computer Associates BrightStor ARCserve Backup
- [ GLSA 200612-03 ] GnuPG: Multiple vulnerabilities
- RFID access control tokens widely open to cloning
- [ GLSA 200612-07 ] Mozilla Firefox: Multiple vulnerabilities
- Secunia Research: AOL CDDBControl ActiveX Control "SetClientInfo()" Buffer Overflow
- [ GLSA 200612-05 ] KOffice shared libraries: Heap corruption
- From: Sune Kloppenborg Jeppesen
- [ MDKSA-2006:227 ] - Updated kdegraphics packages fix EXIF vulnerability
- [ GLSA 200612-09 ] MadWifi: Kernel driver buffer overflow
- Re: The newest Word flaw is due to malformed data structure handling
- [ MDKSA-2006:228 ] - Updated gnupg packages fix vulnerability
- OpenLDAP kbind authentication buffer overflow
- [SBDA] SiteKiosk - FileSystem Access
- Web Apps- Rad Upload Version 3.02 Remote File Include Vulnerability
- From: rko . thelegendkiller
- rPSA-2006-0230-1 evince
- From: rPath Update Announcements
- rPSA-2006-0231-1 squirrelmail
- From: rPath Update Announcements
- ZDI-06-045: Sophos Anti-Virus CPIO Archive Parsing Buffer Overflow Vulnerability
- Re: [fuzzing] OWASP Fuzzing page
- Re: The newest Word flaw is due to malformed data structure handling
- From: Dave \"No, not that one\" Korn
- Re: PHP 5.2.0 session.save_path safe_mode and open_basedir bypass
- ZDI-06-047: Microsoft Visual Studio WmiScriptUtils.dll Cross-Zone Scripting Vulnerability
- BLOG:CMS Remote file include Vulnerability
- Secunia Research: Internet Explorer Script Error Handling Memory Corruption
- Re: Internet Explorer 6 CSS "expression" Denial of Service Exploit (P.o.C.)
- [ GLSA 200612-12 ] F-PROT Antivirus: Multiple vulnerabilities
- From: Sune Kloppenborg Jeppesen
- ZDI-06-048: Microsoft Internet Explorer normalize() Function Memory Corruption Vulnerability
- [ GLSA 200612-13 ] libgsf: Buffer overflow
- From: Sune Kloppenborg Jeppesen
- [ GLSA 200612-14 ] Trac: Cross-site request forgery
- From: Sune Kloppenborg Jeppesen
- Re: shopsite advisory
- ZDI-06-046: Sophos Anti-Virus SIT Archive Parsing Buffer Overflow Vulnerability
- Re: Re: The newest Word flaw is due to malformed data structure handling
- iDefense Security Advisory 12.12.06: Sun Microsystems Solaris ld.so 'doprf()' Buffer Overflow Vulnerability
- iDefense Security Advisory 12.12.06: Sun Microsystems Solaris ld.so Directory Traversal Vulnerability
- [SECURITY] [DSA-1234-1] New ruby1.6 package fix denial of service
- Re: worksystem => Remote File Include Vulnerability Exploit
- From: Laurent . van_den_reysen
- [SECURITY] [DSA-1235-1] New ruby1.8 package fix denial of service
- [SECURITY] [DSA-1236-1] New enemies-of-carlotta package fix missing sanity checks
- ASP Cmd Shell On IIS 5.1
- IBM DB2 Remote DoS during CONNECT processing
- ZDI-06-050: Symantec Veritas NetBackup CONNECT_OPTIONS Buffer Overflow Vulnerability
- ZDI-06-049: Symantec Veritas NetBackup Long Request Buffer Overflow Vulnerability
- CORE-2006-1127: ProFTPD Controls Buffer Overflow
- From: CORE Security Technologies Advisories
- Re: The newest Word flaw is due to malformed data structure handling
- Call for papers and presenters - Dec. 15th deadline
- The (in)security of Xorg and DRI
- [ GLSA 200612-16 ] Links: Arbitrary Samba command execution
- Re: [fuzzing] NOT a 0day! Re: [Full-disclosure] OWASP Fuzzing page
- GenesisTrader v1.0 - Multiple Vulnerabilities
- HyperAccess - Multiple Vulnerabilities
- [USN-380-2] avahi regression
- rPSA-2006-0232-1 libgsf
- From: rPath Update Announcements
- Re: Microsoft 0-day word vulnerability - Secunia - Extremely critical
- [ MDKSA-2006:229 ] - Updated evince packages fix buffer overflow vulnerability
- NOT a 0day! Re: [fuzzing] [Full-disclosure] OWASP Fuzzing page
- [ MDKSA-2006:230 ] - Updated clamav packages fix vulnerability
- [CAID 34870]: CA Anti-Virus vetfddnt.sys, vetmonnt.sys Local Denial of Service Vulnerabilities
- [ MDKSA-2006:164-2 ] - Updated xorg-x11/XFree86 packages fix integer overflow vulnerabilities
- iDefense Security Advisory 12.14.06: GNOME Foundation Display Manager gdmchooser Format String Vulnerability
- Re: [fuzzing] NOT a 0day! Re: [Full-disclosure] OWASP Fuzzing page
- Re: The newest Word flaw is due to malformed data structure handling
- Re: iDefense Security Advisory 12.14.06: GNOME Foundation Display Manager gdmchooser Format String Vulnerability
- Re: Re: Microsoft 0-day word vulnerability - Secunia - Extremely critical
- [ GLSA 200612-17 ] GNU Radius: Format string vulnerability
- Re: [fuzzing] NOT a 0day! Re: [Full-disclosure] OWASP Fuzzing page
- Kerio MailServer < 6.3.1 remote Denial of Service
- [ GLSA 200612-15 ] McAfee VirusScan: Insecure DT_RPATH
- From: Sune Kloppenborg Jeppesen
- CanSecWest 2007 (April 18-20) Call For Papers (Deadline January 7th)
- Top 10 Real Computer Crimes for 2007
- [ MDKSA-2006:231 ] - Updated gdm packages fix string vulnerability
- BitDefender AV Packed PE File Parsing Engine Heap Overflow
- TSLSA-2006-0072 - clamav
- From: Trustix Security Advisor
- Windows Explorer WMV File Denial Of Service Vulnerability
- [USN-396-1] gdm vulnerability
- Windows Media MID File Denial Of Service Vulnerability
- [security bulletin] HPSBMA02173 SSRT061230 rev. 1 - HP Integrated Lights Out (iLO & iLO 2) Running SSH Key Based Authentication Remote Unauthorized Access
- Project Server 2003 - Credential Disclosure
- Re: The (in)security of Xorg and DRI
- Flaw in OpenOffice.org 2.1: OpenOffice 2.1 is vulnerable to MS Word 0 day vulnerability!!!
- Bypassing process identification of several personal firewalls and HIPS
- From: Matousec - Transparent security Research
- Re: Flaw in OpenOffice.org 2.1: OpenOffice 2.1 is vulnerable to MS Word 0 day vulnerability!!!
- [ MDKSA-2006:206 ] - Updated Thunderbird packages fix multiple vulnerabilities
- Re: Flaw in OpenOffice.org 2.1: OpenOffice 2.1 is vulnerable to MS Word 0 day vulnerability!!!
- [OpenPKG-SA-2006.039] OpenPKG Security Advisory (proftpd)
- Drone Armies C&C Report - 15 Dec 2006
- RE: Windows Explorer WMV File Denial Of Service Vulnerability
- Re: Flaw in OpenOffice.org 2.1: OpenOffice 2.1 is vulnerable to MS Word 0 day vulnerability!!!
- XSS in gmial google
- Doğantepe Ziyareti Defteri (tr) Sql Injection Vuln.
- Odysseus 2.0 / Telemachus 1.0 (Beta)
- Re: Re: Flaw in OpenOffice.org 2.1: OpenOffice 2.1 is vulnerable to MS Word 0 day vulnerability!!!
- Re: Re: Flaw in OpenOffice.org 2.1: OpenOffice 2.1 is vulnerable to MS Word 0 day vulnerability!!!
- Re: Re: Flaw in OpenOffice.org 2.1: OpenOffice 2.1 is vulnerable to MS Word 0 day vulnerability!!!
- Re: Flaw in OpenOffice.org 2.1: OpenOffice 2.1 is vulnerable to MS Word 0 day vulnerability!!!
- Re: Re: Flaw in OpenOffice.org 2.1: OpenOffice 2.1 is vulnerable to MS Word 0 day vulnerability!!!
- Contra Haber Sistemi v1.0 SqL Injection Vuln.
- [HSC Security Group] SiteCatalyst Web Login Cross Site Vulrnabilities
- Re: Re: Flaw in OpenOffice.org 2.1: OpenOffice 2.1 is vulnerable to MS Word 0 day vulnerability!!!
- Allied Telesis AT-9000/24 Ethernet switch management can be accessed from all VLANs.
- [SECURITY] [DSA 1237-1] New Linux 2.4.27 packages fix several vulnerabilities
- [SECURITY] [DSA 1238-1] New clamav packages fix several vulnerabilities
- [SECURITY] [DSA 1239-1] New sql-ledger packages fix arbitrary code execution
- Re: The (in)security of Xorg and DRI
- Cisco not honoring update promises?
- HyperVM Cross-Site Scripting
- Re: The (in)security of Xorg and DRI
- RateMe <= all versions => ( main.inc.php ) Remote File Include Vulnerability
- SYMSA-2006-013: Multiple Vulnerabilities in Mandiant First Response
- Secunia Research: MailEnable POP Service "PASS" Command Buffer Overflow
- Checkpoint NG3 ICMP Flood
- Re: Flaw in OpenOffice.org 2.1: OpenOffice 2.1 is vulnerable to MS Word 0 day vulnerability!!!
- Re: Flaw in OpenOffice.org 2.1: OpenOffice 2.1 is vulnerable to MS Word 0 day vulnerability!!!
- Re: Flaw in OpenOffice.org 2.1: OpenOffice 2.1 is vulnerable to MS Word 0 day vulnerability!!!
- [ GLSA 200612-18 ] ClamAV: Denial of Service
- From: Sune Kloppenborg Jeppesen
- Re: Cisco not honoring update promises?
- Re: Checkpoint NG3 ICMP Flood
- From: Michael Schwartzkopff
- Re: Checkpoint NG3 ICMP Flood
- [security bulletin] HPSBUX02178 SSRT061267 rev.2 - HP-UX Secure Shell Remote Unauthorized Denial of Service (DoS)
- [ MDKSA-2006:232 ] - Updated proftpd packages fix mod_ctrls vulnerability
- [ MDKSA-2006:233 ] - Updated dbus packages fix vulnerability
- HITBSecConf2007 - Dubai - Call for Papers now open!
- WebCalendar >=1.0 Cross-Site Scripting Vulnerabilities
- Multiple XSS vulnerabiliteies in Inetmedia's information service - cityinfo.
- New Skype Worm
- HP Printers FTP Server Denial Of Service
- RE: [BULK] - New Skype Worm
- Trend Micro's Vista "0day exploit auction" claim
- xss in Support Cards v1 ( oSTicket )
- Burak Yilmaz Download Portal Sql Injection Vuln.
- Oracle <= 9i / 10g (extproc) Local/Remote Command Execution Exploit
- Oracle <= 9i / 10g File System Access via utl_file Exploit
- Multiple Bugs in MINI WEB SHOP
- MkPortal Urlobox Cross Site Request Forgery
- RE: Cisco not honoring update promises?
- ZDI-06-051: Mozilla Firefox SVG Processing Remote Code Execution Vulnerability
- SEC Consult SA-20061220-0 :: Typo3 Command Execution Vulnerability
- From: SEC Consult Research
- Oracle Portal 10g HTTP Response Splitting
- NOD32 Antivirus DOC parsing Arbitrary Code Execution Advisory
- Mono XSP ASP.NET Server sourcecode disclosure vulnerability
- Re: Oracle <= 9i / 10g File System Access via utl_file Exploit
- Re: [Full-disclosure] Oracle Portal 10g HTTP Response Splitting
- [security bulletin] HPSBUX02174 SSRT061239 rev.2 HP-UX Running OpenSSL Denial of Service (DoS), Increase Privilege
- [security bulletin] HPSBST02180 SSRT061288 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS06-072 Through MS06-078
- [ GLSA 200612-19 ] pam_ldap: Authentication bypass vulnerability
- [ GLSA 200612-20 ] imlib2: Multiple vulnerabilities
- [ GLSA 200612-21 ] Ruby: Denial of Service vulnerability
- RE: Trend Micro's Vista "0day exploit auction" claim
- critical Flaw in Firefox 2.0.0.1 allows to steal the user passwords with a videoclip
- RE: Trend Micro's Vista "0day exploit auction" claim
- [USN-397-1] mono vulnerability
- [CAID 34876]: CA CleverPath Portal Session Inheritance Vulnerability
- [OpenPKG-SA-2006.041] OpenPKG Security Advisory (dbus)
- NOD32 Antivirus CAB parsing Arbitrary Code Execution Advisory
- Re: Oracle <= 9i / 10g File System Access via utl_file Exploit
- Fun with event logs (semi-offtopic)
- Microsoft Windows XP/2003/Vista memory corruption 0day
- Re[2]: [Full-disclosure] Fun with event logs (semi-offtopic)
- [SECURITY] [DSA-1240-1] New links2 packages fix arbitrary shell command execution
- Re: [Full-disclosure] Microsoft Windows XP/2003/Vista memory corruption 0day
- [ MDKSA-2006:234 ] - Updated mono packages fix vulnerability
- RE: [Full-disclosure] Fun with event logs (semi-offtopic)
- Re: Enforcing Java Security Manager in Restricted Windows Environments?
- Re: [Full-disclosure] Fun with event logs (semi-offtopic)
- Ixprim CMS 1.2 Remote Blind SQL Injection Exploit
- RE: Re[2]: [Full-disclosure] Fun with event logs (semi-offtopic)
- Re: [Full-disclosure] Microsoft Windows XP/2003/Vista memory corruption 0day
- Re: critical Flaw in Firefox 2.0.0.1 allows to steal the user passwords with a videoclip
- SQID v0.1 - SQL Inhection Digger.
- Re: Vulnerability in MG2 php based Image Gallery - bypass security, view password protected images
- From: matthieu . paineauSTOPSPAM
- [TOOL] untidy - XML Fuzzer
- Re: RE: Trend Micro's Vista "0day exploit auction" claim
- Re: Trend Micro's Vista "0day exploit auction" claim
- Re: MkPortal Urlobox Cross Site Request Forgery
- Re: MkPortal Urlobox Cross Site Request Forgery
- [OpenPKG-SA-2006.040] OpenPKG Security Advisory (ruby)
- OpenSER 1.1.0 parse_config buffer overflow vulnerability
- PWDumpX updated (includes CacheDump functionality)
- Re: [Full-disclosure] Microsoft Windows XP/2003/Vista memory corruption 0day
- Re: Oracle Portal 10g HTTP Response Splitting
- RE: Enforcing Java Security Manager in Restricted Windows Environments?
- Re: critical Flaw in Firefox 2.0.0.1 allows to steal the user passwords with a videoclip
- RE: [Full-disclosure] Microsoft Windows XP/2003/Vista memory corruption 0day
- Xt-News 0.1 : SQL Injection Vulnerability & XSS
- rPSA-2006-0234-1 firefox
- From: rPath Update Announcements
- Oracle Applications/Portal 9i/10g Cross Site Scripting
- Re[2]: critical Flaw in Firefox 2.0.0.1 allows to steal the user passwords with a videoclip
- TSLSA-2006-0074 - multi
- From: Trustix Security Advisor
- Re: [Full-disclosure] Oracle Portal 10g HTTP Response Splitting
- Re: Re: [Full-disclosure] Microsoft Windows XP/2003/Vista memory corruption 0day
- SQID v0.2 - SQL Injection Digger.
- Re: Multiple Remote Vulnerabilities in KISGB
- Re: Multiple Remote Vulnerabilities in KISGB
- ZDI-06-052: Novell NetMail NMAP STOR Buffer Overflow Vulnerability
- ZDI-06-053: Novell NetMail IMAP Verb Literal Heap Overflow Vulnerability
- ZDI-06-054: Novell NetMail IMAP APPEND Buffer Overflow Vulnerability
- Efkan Forum v1.0 SqL Inj. Vuln.
- Multiple Bugs in Future Internet ( XSS & SQL Injection )
- iDefense Security Advisory 12.23.06: Novell NetMail IMAPD subscribe Buffer Overflow Vulnerability
- iDefense Security Advisory 12.23.06: Novell Netmail IMAP append Denial of Service Vulnerability
- Okul Merkezi Portal v1.0 Remote File IncLude Vuln.
- Chatwm V1.0 SqL Injection Vuln.
- Fishyshoop Security Vulnerability
- TimberWolf 1.2.2 vulnerable to XSS
- Forum AnyBoard - Sql Inyection By Firewall
- ERRATA (Re: "Host header cannot be trusted as an anti anti DNS-pinning measure")
- XSS with Vbulletin (new idea !)
- [SECURITY] [DSA 1241-1] New squirrelmail packages fix cross-site scripting
- PHP Live! 3.2.2 Multiple Cross-Site Scripting Vulnerabilities
- Cahier de texte V2.2 Bypass general access protection exploit
- phpcms <=- 1.1.7 Remote File Inclusion
- LuckyBot v3 Remote File Include
- PhpbbXtra v2.0 (phpbb_root_path) Remote File Include Vulnerability
- HLStats Remote SQL Injection Exploit
- XSS - CMS Made Simple v1.0.2
- logahead UNU edition 1.0 Remote File Upload & code execution
- [OpenPKG-SA-2006.042] OpenPKG Security Advisory (openser)
- [OpenPKG-SA-2006.043] OpenPKG Security Advisory (links)
- Re: ERRATA (Re: "Host header cannot be trusted as an anti anti DNS-pinning measure")
- Re: phpcms <=- 1.1.7 Remote File Inclusion
- Re: phpcms <=- 1.1.7 Remote File Inclusion
- Re: LuckyBot v3 Remote File Include
- Re: The (in)security of Xorg and DRI
- Re: XSS with Vbulletin (new idea !)
- Host directory full disclosure and input error
- Secure Login Manager Multiple Input Validation Vulnerabilities
- Re: Cross site scripting & fullpath disclosure
- NtRaiseHardError Csrss.exe memory Disclosure exploit
- ShmooCon Announcement
- [SECURITY] [DSA 1242-1] New elog packages fix arbitrary code execution
- Limbo CMS event module (lm_absolute_path) Remote File Include Vulnerabilities
- [SECURITY] [DSA 1243-1] New evince packages fix arbitrary code execution
- OpenSER OSP Module remote code execution
- Re: XSS with Vbulletin (new idea !)
- SMS handling OpenSER remote code executing
- Re: XSS - CMS Made Simple v1.0.2
- [OpenPKG-SA-2006.044] OpenPKG Security Advisory (w3m)
- Re: XSS with Vbulletin (new idea !)
- [SECURITY] [DSA 1214-2] Updated gv packages fix arbitrary code execution
- [SECURITY] [DSA 1244-1] New xine-lib packages fix arbitrary code execution
- XSS in script Mobilelib GOLD v2
- XSS with default page parameter in Oracle Portal 10g
- QuickCam linux device driver allows arbitrary code execution
- LDU <= 8.x (journal.php) SQL Injection Vulnerability
- DoceboLMS Xss Vuln.
- Re: XSS in script Mobilelib GOLD v2
- csrss.exe double-free vulnerability - arbitrary DWORD overwrite exploit
- MythControl (MythTV remote control) arbitrary code execution
- SoftArtisans FileUp(TM) viewsrc.asp remote script source disclosure exploit
- From: inge_eivind . henriksen
- [vuln.sg] iso_wincmd Plugin for Total Commander Buffer Overflow Vulnerability
- Enigma Coppermine Bridge (boarddir) Remote File Include
- Enigma WordPress Bridge (boarddir) Remote File Include
Mail converted by MHonArc