Mail Thread Index
- Spooky Login Multiple HTML Injection Vulnerability,
DoZ
- WinZip10.0 FileView ActiveX Controls CreateNewFolderFromName Method Buffer overflow,
76693223
- Re: PocketPC MMS - Remote Code Injection/Execution Vulnerability and Denial-of-Service,
Collin R. Mulliner
- Rediff Bol Downloader Allows Downloading and Spawning Arbitary Files,
gregory_panakkal
- WinZip FileView ActiveX controls CreateNewFolderFromName Method Buffer Overflow Vulnerability,
76693223
- PHPIrc_bot <= Remote File Include,
zooz_998
- vBulletin vCard PRO XSS,
exexp
- Re: PlatinumFTP 1.0.18 remote DoS,
info
- [NGSEC] ngGame #3 - BrainStorming,
labs@NGSEC
- BattleBlog Database Download Vulnerability,
Advisory
- Kerio Fake 'iphlpapi' DLL injection Vulnerability,
Matousec - Transparent security Research
- golden book XSS,
sn0oPy . team
- rblog Database Download Vulnerability,
Advisory
- ATMEL Linux PCI PCMCIA USB Drivers arbitrary code execution,
sapheal
- Re: PHP as a secure language? PHP worms? [was: Re: new linux malware],
Kevin Waterson
- [OpenPKG-SA-2007.001] OpenPKG Security Advisory (cacti),
OpenPKG GmbH
- AShop Shopping Cart Multiple XSS Vulnerabilities,
DoZ
- Mozilla Firefox 2.0 denial of service vulnerability,
sapheal
- Re: XSS with Vbulletin (new idea !),
marco . van . herwaarden
- Dailymotion password reset vulnerability,
daftrix
- Welcome to Pwndertino...,
K F (lists)
- Re: [Full-disclosure] simplog 0.9.3.2 SQL injection,
str0ke
- FreeRadius 1.1.3 SMB_Handle_Type SMB_Connect_Server arbitrary code execution,
sapheal
- lblog Remote Password Disclosure,
Advisory
- Openforum Remote password Disclosure,
Advisory
- AspBB Remote Password Disclosure,
Advisory
- Windows Vista 64bits and unexported kernel symbols,
Matthieu Suiche
- [ MDKSA-2007:001 ] - Update libmodplug packages fix buffer overflow vulnerabilities,
security
- Nuked Klan <= 1.7 Remote Cookie Disclosure Exploit,
kadaj-diabolik
- rPSA-2006-0234-2 firefox thunderbird,
rPath Update Announcements
- Windows NT Message Compiler 1.00.5239 arbitrary code execution,
sapheal
- [ MDKSA-2007:002 ] - Updated kernel packages fix multiple vulnerabilities and bugs,
security
- Re: SoftArtisans FileUp(TM) viewsrc.asp remote script source disclosure exploit,
wihl
- Whos Johny Pwnerseed?,
K F
- GuestBook v0.3a Remote Password Disclosure,
Advisory
- Universal XSS with PDF files: highly dangerous,
pdp (architect)
- openmedia local read file,
exe_crack
- [USN-399-1] w3m vulnerabilities,
Kees Cook
- Adobe Acrobat Reader Plugin - Multiple Vulnerabilities,
Stefano Di Paola
- Hacking AJAX DWR Applications,
shulman
- WineGlass "data.mdb" Remote Password Disclosure,
Advisory
- OpenPinboard <= Remote File Include,
zooz_998
- Black Hat New Years Updates (Free Stuff, too!),
Jeff Moss
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco Clean Access,
Cisco Systems Product Security Incident Response Team
- [USN-398-1] Firefox vulnerabilities,
Kees Cook
- Simple Web Content Management System SQL Injection Exploit,
gmdarkfig
- [USN-398-2] Firefox vulnerabilities,
Kees Cook
- jgbbs,
dr . t3rr0r1st
- a cheesy Apache / IIS DoS vuln (+a question),
Michal Zalewski
- CFP for RAID 2007,
Jeffrey Horton
- Re: [Full-disclosure] Universal XSS with PDF files: highly dangerous,
Juha-Matti Laurio
- Re: OpenSER OSP Module remote code execution,
bogdan
- Re: SMS handling OpenSER remote code executing,
bogdan
- 23C3 - Bluetooth hacking revisted [Summary and Code],
Thierry Zoller
- LS-20061102 - Business Objects Crystal Reports XI Professional Stack Overflow Vulnerability,
advisories
- MkPortal "All Guests are Admin" Exploit,
info
- Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous,
pdp (architect)
- [vuln.sg] PowerArchiver PAISO.DLL Buffer Overflow Vulnerability,
vulnpost-remove
- Universal PDF XSS After Party,
pdp (architect)
- SAP Security Contact,
Mark Litchfield
- [ GLSA 200701-01 ] DenyHosts: Denial of Service,
Raphael Marichez
- Wordpress <= 2.x dictionnary & Bruteforce attack,
kadaj-diabolik
- [ GLSA 200701-02 ] Mozilla Firefox: Multiple vulnerabilities,
Raphael Marichez
- Correction (High Risk Vulnerability in the OpenOffice and StarOffice Suites),
NGSSoftware Insight Security Research
- [ GLSA 200701-03 ] Mozilla Thunderbird: Multiple vulnerabilities,
Raphael Marichez
- High Risk Vulnerability in the OpenOffice and StarOffice Suites,
NGSSoftware Insight Security Research
- Concurrency strikes MSIE (potentially exploitable msxml3 flaws),
Michal Zalewski
- DMA[2007-0104a] - 'iLife iPhoto Photocasing Format String Vulnerability',
K F (lists)
- [USN-398-3] Firefox theme regression,
Kees Cook
- Perforce client: security hole by design,
Ben Bucksch
- SAP Security,
Mark Litchfield
- CMS Made Simple non-permanent XSS,
nanoymaster
- [USN-401-1] D-Bus vulnerability,
Kees Cook
- [USN-400-1] Thunderbird vulnerabilities,
Kees Cook
- MkPortal Admin XSS,
info
- IG Shop remote code execution,
asdfj38
- IG Calendar SQL Injection,
asdfj38
- Uber Uploader 4.2 Arbitrary File Upload Vulnerability,
null_hack
- Intranet Open Source Remote Password Disclosure "intranet.mdb",
Advisory
- Advisory 02/2007: WordPress Trackback Charset Decoding SQL Injection Vulnerability,
Stefan Esser
- Coppermine Photo Gallery <= 1.4.10 SQL Injection Exploit,
gmdarkfig
- iDefense Security Advisory 01.05.07: Opera Software Opera Web Browser createSVGTransformFromMatrix Object Typecasting Vulnerability,
iDefense Labs
- [DRUPAL-SA-2007-001] Drupal 4.6.11 / 4.7.5 fixes XSS issue,
Uwe Hermann
- RI Blog 1.3 XSS Vuln.,
ShaFuq31
- [DRUPAL-SA-2007-002] Drupal 4.6.11 / 4.7.5 fixes DoS issue,
Uwe Hermann
- Advisory 01/2007: WordPress CSRF Protection XSS Vulnerability,
Stefan Esser
- Multiple bugs in EditTag,
nj
- [USN-402-1] Avahi vulnerability,
Kees Cook
- Flog 1.1.2 Remote Admin Password Disclosure,
corrado . liotta
- iDefense Security Advisory 01.05.07: Opera Software Opera Web Browser JPG Image DHT Marker Heap Corruption Vulnerability,
iDefense Labs
- Kolayindir Download (Yenionline) (tr) SqL Injection Vuln.,
ShaFuq31
- [OpenPKG-SA-2007.002] OpenPKG Security Advisory (bzip2),
OpenPKG GmbH
- ZDI-07-001: QUALCOMM Eudora WorldMail Remote Management Heap Overflow Vulnerability,
zdi-disclosures
- iDefense Security Advisory 01.05.07: Kaspersky Antivirus Scan Engine PE File Denial of Service Vulnerability,
iDefense Labs
- fetchmail security announcement 2006-03 (CVE-2006-5974),
Matthias Andree
- fetchmail security announcement 2006-02 (CVE-2006-5867),
Matthias Andree
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco Secure Access Control Server,
Cisco Systems Product Security Incident Response Team
- ohhASP Remote Password Disclosure,
Advisory
- Yet Another Link Directory v1.0,
lunY
- [OpenPKG-SA-2007.003] OpenPKG Security Advisory (drupal),
OpenPKG GmbH
- [OpenPKG-SA-2007.004] OpenPKG Security Advisory (fetchmail),
OpenPKG GmbH
- Fix & Chips CMS v1.0,
luny
- shopstorenow (orange.asp) sql injection,
emel_gw_ini
- FON Router allows anonymous web access,
l . friedrichs
- [OpenPKG-SA-2007.005] OpenPKG Security Advisory (wordpress),
OpenPKG GmbH
- 0trace - traceroute on established connections,
Michal Zalewski
- @lex Guestbook <= 4.0.2 Remote Command Execution Exploit,
gmdarkfig
- AJLogin v3.5 Remote Password Disclosure Vulnerability,
beks
- EMembersPro 1.0 Remote Password Disclosure Vulnerability,
beks
- MitiSoft Remote Password Disclosure Vulnerability,
beks
- M-Core Remote Password Disclosure Vulnerability,
beks
- HarikaOnline v2.0 Remote Password Disclosure Vulnerability,
beks
- Webulas Remote Password Disclosure Vulnerability,
beks
- Uguestbook Remote Password Disclosure Vulnerability,
beks
- NUNE News Script (custom_admin_path) Remote File Include Vulnerablity,
xorontr
- [SECURITY] [DSA 1245-1] New proftpd packages fix denial of service,
Moritz Muehlenhoff
- Dayfox Blog Remote File Include Vuln.,
ShaFuq31
- GeoBB Georgian Bulletin Board Remote File Include Vuln.,
ShaFuq31
- TK53 Advisory #1: CenterICQ remote DoS buffer overflow in LiveJournal handling,
Lolek of TK53
- MKPortal Full Path Disclosure,
info
- HP Multiple Products PML Driver Local Privilege Escalation,
Sowhat
- magic photo storage website Remote File Inclusion,
k1tk4t
- QASEC Announcement: Writing Software Security Test Cases,
bugtraq
- Packeteer PacketWise CLI overflow DoS,
kian . mohageri
- [SECURITY] [DSA 1246-1] New OpenOffice.org packages fix arbitrary code execution,
Martin Schulze
- rPSA-2007-0001-1 openoffice.org,
rPath Update Announcements
- [SECURITY] [DSA 1247-1] New libapache-mod-auth-kerb packages fix remote denial of service,
Noah Meyerhans
- Re: Sun java System Messenger Express XSS,
b2wang
- cisco nac bypass vulnerability - cisco trust agent,
thorben schroeder
- Vendor guidelines regarding security contacts,
Steven M. Christey
- createauction (cats.asp) Remote SQL Injection Vulnerability,
emel_gw_ini
- GForge Cross Site Scripting vulnerability,
jose . palanco
- [ MDKSA-2007:003 ] - Updated avahi packages fix DoS vulnerability,
security
- RFID open source library - RFIDIOt code release - version 0.1k,
Adam Laurie
- Cracking Steganography Application in less than ONE minute,
thesinoda
- Re: RE: [Full-disclosure] Concurrency strikes MSIE (potentially exploitablemsxml3 flaws),
socket69
- [ MDKSA-2007:004 ] - Updated geoip packages fix geoipupdate vulnerability,
security
- [KDE Security Advisory] ksirc Denial of Service vulnerability,
Dirk Mueller
- ppc engine Multiple file inclusion,
emel_gw_ini
- Re: PHPKit 1.6.1 RC2 (faq/faq.php) Remote SQL Injection Exploit,
yorn
- Sina UC ActiveX Multiple Remote Stack Overflow,
Sowhat
- magic photo storage website Multiple Remote File Inclusion,
emel_gw_ini
- rPSA-2007-0003-1 fetchmail,
rPath Update Announcements
- [USN-403-1] X.org vulnerabilities,
Kees Cook
- MITKRB5-SA-2006-002: kadmind (via RPC lib) calls uninitialized function pointer,
Tom Yu
- MITKRB5-SA-2006-003: kadmind (via GSS-API lib) frees uninitialized pointers,
Tom Yu
- iDefense Security Advisory 01.09.07: Microsoft Excel Long Palette Heap Overflow Vulnerability,
iDefense Labs
- iDefense Security Advisory 01.09.07: Multiple Microsoft Products VML 'recolorinfo' Element Integer Overflow Vulnerability,
iDefense Labs
- iDefense Security Advisory 01.09.07: Microsoft Excel Invalid Column Heap Corruption Vulnerability,
iDefense Labs
- [USN-404-1] MadWifi vulnerability,
Kees Cook
- Easy Banner Pro Version 2.8 <= Remote File Inclusion,
stormhacker
- CA BrightStor ARCserve Backup Tape Engine Exploit Security Notice,
Williams, James K
- Circumventing CSFR Form Token Defense,
Jim Manico
- rPSA-2007-0004-1 bzip2,
rPath Update Announcements
- iDefense Security Advisory 01.09.07: Multiple Vendor X Server Render Extension ProcRenderAddGlyphs Memory Corruption Vulnerability,
iDefense Labs
- rPSA-2007-0005-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs,
rPath Update Announcements
- [ MDKSA-2007-005 ] - Updated xorg-x11/XFree86 packages fix integer overflow vulnerabilities,
security
- iDefense Security Advisory 01.09.07: Multiple Vendor X Server DBE Extension ProcDbeGetVisualInfo Memory Corruption Vulnerability,
iDefense Labs
- iDefense Security Advisory 01.09.07: Multiple Vendor X Server DBE Extension ProcDbeSwapBuffers Memory Corruption Vulnerability,
iDefense Labs
- edit-x ecommerce (include_dir) Remote File include,
emel_gw_ini
- iDefense Security Advisory 01.09.07: Adobe Macromedia ColdFusion Source Code Disclosure Vulnerability,
iDefense Labs
- slocate leaks filenames of protected directories,
steven
- Adobe Reader Remote Heap Memory Corruption - Subroutine Pointer Overwrite,
Piotr Bania
- [OpenPKG-SA-2007.006] OpenPKG Security Advisory (kerberos),
OpenPKG GmbH
- Cisco Security Advisory: Cisco Unified Contact Center and IP Contact Center JTapi Gateway Vulnerability,
Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: DLSw Vulnerability,
Cisco Systems Product Security Incident Response Team
- iDefense Q-1 2007 Challenge,
contributor
- [ MDKSA-2007:006 ] - Updated OpenOffice.org packages fix WMF vulnerability,
security
- A Major design Bug in Steganography 1.7.x, 1.8 (latest) (Updated Version),
thesinoda
- VLC Format String Vulnerability also in XINE,
Sven . Czaja
- [ GLSA 200701-04 ] SeaMonkey: Multiple vulnerabilities,
Raphael Marichez
- CS-Cart 1.3.3 (install.php) Remote File Include Vulnerability,
ahmed_labib_hilmy
- A Major design Bug in Camouflage 1.2.1 (latest),
thesinoda
- sazcart v1.5 (cart.php) Remote File include,
emel_gw_ini
- VMware ESX server security updates,
VMware Security team
- DMA[2007-0107a] OmniWeb Javascript Alert Format String Vulnerabiity and DMA[2007-0109a] Apple Finder Disk Image Volume Label Overflow / DoS,
K F (lists)
- [ MDKSA-2007:007 ] - Updated nvidia driver packages fix vulnerability,
security
- [ MDKSA-2007:009 ] - Updated kdenetwork packages fix ksirc vulnerability,
security
- [ MDKSA-2007:008 ] - Updated kerberos packages fix vulnerability,
security
- Computer Terrorism (UK) :: Incident Response Centre - Microsoft Outlook Vulnerability,
advisories
- WMF CreateBrushIndirect vulnerability (DoS),
Alexander Sotirov
- Xine-ui format string Vulnerabilties.,
saik0pod
- Jshop Server 1.3,
irvian
- phpBB (privmsg.php) XSS Exploit,
info
- Calyptix Security Advisory CX-2007-001 - Snort 2.6.1.2 Integer Underflow Vulnerability,
Calyptix Advisories
- FreeBSD Security Advisory FreeBSD-SA-07:01.jail,
FreeBSD Security Advisories
- rPSA-2007-0006-1 krb5 krb5-server krb5-services krb5-test krb5-workstation,
rPath Update Announcements
- ZDI-07-002: CA BrightStor ARCserve Backup Tape Engine Code Execution Vulnerability,
zdi-disclosures
- ZDI-07-004: CA BrightStor ARCserve Backup Tape Engine Buffer Overflow Vulnerability,
zdi-disclosures
- [security bulletin] HPSBMA02175 SSRT061174 rev.1 - HP OpenView Network Node Manager (OV NNM) Remote Unauthorized Read Access to Files,
security-alert
- LayerOne 2007 CFP Announced,
Layer One
- ZDI-07-003: CA BrightStor ARCserve Backup Message Engine Buffer Overflow Vulnerability,
zdi-disclosures
- easy-content filemanager,
hackerbinhphuoc
- [USN-405-1] fetchmail vulnerability,
Kees Cook
- Digital Armaments Security Pre-Advisory 11.01.2007: Grsecurity Kernel PaX - Local root vulnerability,
info
- [ MDKSA-2007:010 ] - Updated Firefox packages fix multiple vulnerabilities,
security
- [security bulletin] HPSBMA02176 SSRT051035 rev.1 - HP OpenView Network Node Manager (OV NNM) Remote Unauthorized Execution of Arbitrary Code,
security-alert
- LS-20061002 - Computer Associates BrightStor ARCserve Backup Remote Code Execution Vulnerability,
advisories
- Nwom topsites v3.0,
lunY
- LunarPoll (PollDir) Remote File Include Vulnerabilities,
ilkerKandemir
- Ezboxx multiple vulnerabilities.,
Info
- xss in phpmyadmin <= 2.8.1,
alfa
- [ MDKSA-2007:011 ] - Updated Thunderbird packages fix multiple vulnerabilities,
security
- [USN-406-1] OpenOffice.org vulnerability,
Kees Cook
- Re (3): Circumventing CSFR Form Token Defense,
bugtraq
- Corsaire Security Advisory: ChainKey Java Code Protection Bypass issue,
advisories
- Web Honeynet Project: announcement, exploit URLs this Wednesday,
Gadi Evron
- Micro CMS <= 3.5 Remote File Include Exploit,
ilkerKandemir
- [CAID 34955, 34956, 34957, 34958, 34959, 34817]: CA BrightStor ARCserve Backup Multiple Overflow Vulnerabilities,
Williams, James K
- Wordpress disclosure of Table Prefix Weakness,
process
- seeking comments on disclosure articles,
smcalearney
- [ MDKSA-2007:012 ] - Updated kernel packages fix multiple vulnerabilities and bugs,
security
- AIOCP SQL Injection Vulnerability,
coloss7
- AIOCP Login Bypass Vulnerability,
coloss7
- Naig <= 0.5.2 (this_path) Remote File Include Vulnerability,
me you
- [ GLSA 200701-05 ] KDE kfile JPEG info plugin: Denial of Service,
Raphael Marichez
- [ GLSA 200701-06 ] w3m: Format string vulnerability,
Raphael Marichez
- [ GLSA 200701-07 ] OpenOffice.org: EMF/WMF file handling vulnerabilities,
Raphael Marichez
- [ GLSA 200701-08 ] Opera: Two remote code execution vulnerabilities,
Raphael Marichez
- [SECURITY] [DSA 1248-1] New libsoup packages fix denial of service,
Moritz Muehlenhoff
- [ MDKSA-2007:013 ] - Updated libneon0.26 packages fix vulnerability,
security
- Ipswitch WS_FTP 2007 Professional "wsftpurl" access violation vulnerability,
sapheal
- PHP-Nuke <= 7.9 Old-Articles Block "cat" SQL Injection vulnerability,
paisterist
- Trevorchan <= v0.7 Remote File Include Vulnerability,
ilkerkandemir
- Ovidentia 5.6x Series Remote File İnclude,
hotturk
- London DC4420 meet - Wednesday 17th January, 2007,
Major Malfunction
- [USN-407-1] libgtop2 vulnerability,
Martin Pitt
- Okul Web Otomasyon Sistemi (etkinlikbak.asp) SQL Injection Vulnerability,
ilkerkandemir
- Oracle Passwords and OraBrute,
paulw
- Remedy Action Request System 5.01.02 - User Enumeration,
Davide Del Vecchio
- [USN-408-1] krb5 vulnerability,
Martin Pitt
- Outpost Bypassing Self-Protection using file links Vulnerability,
Matousec - Transparent security Research
- Jax Petition Book (languagepack) Remote File Include Vulnerabilities,
ilkerkandemir
- wcSimple Poll (password.txt) Remote Password Disclosure Vulnerablity,
ilkerkandemir
- InstantForum.NET Multiple Cross-Site Scripting Vulnerability,
DoZ
- Uninformed Journal Release Announcement: Volume 6,
H D Moore
- [USN-409-1] ksirc vulnerability,
Martin Pitt
- liens_dynamiques xss and admin authentification,
sn0oPy . team
- [ GLSA 200701-10 ] WordPress: Multiple vulnerabilities,
Raphael Marichez
- Gallery <= 1.4.4-pl4 (phpbb_root_path) Remote File Include Vulnerability,
me you
- PHPATM Remote Password Disclosure Vulnerablity,
nightmare
- [ MDKSA-2007:017 ] - Updated wget packages fix ftp vulnerability,
security
- [ MDKSA-2007:015 ] - Updated cacti packages SQL injection vulnerability,
security
- [KDE Security Advisory] kpdf/kword/xpdf denial of service vulnerability,
Dirk Mueller
- [ MDKSA-2007:016 ] - Updated fetchmail packages fix vulnerability,
security
- dt_guestbook version 1.0f XSS vulnerability,
jesper . jurcenoks
- rPSA-2007-0007-1 kdenetwork,
rPath Update Announcements
- Announcement: The Cross-site Request Forgery FAQ,
bugtraq
- [x0n3-h4ck] SmE FileMailer 1.21 Remote Sql Injextion Exploit,
corrado . liotta
- [ GLSA 200701-09 ] oftpd: Denial of Service,
Raphael Marichez
- vulnerability script indexu all versions,
gamr-14
- rPSA-2007-0008-1 gd,
rPath Update Announcements
- [ MDKSA-2007:014 ] - Updated bluez-utils packages fix hidd vulnerability,
security
- [ GLSA 200701-11 ] Kronolith: Local file inclusion,
Raphael Marichez
- [ GLSA 200701-12 ] Mono: Information disclosure,
Raphael Marichez
- SYMSA-2007-001: Oracle Application Server 10g - Directory Traversal,
research
- ZDI-07-005: Sun Microsystems Java GIF File Parsing Memory Corruption Vulnerability,
zdi-disclosures
- Windows logoff bug possible security vulnerability and exploit.,
Rage Coder
- [SECURITY] [DSA 1250-1] New cacti packages fix arbitrary code execution,
Moritz Muehlenhoff
- [ISecAuditors Security Advisories] Oracle Reports Web Cartridge (RWCGI60) vulnerable to XSS,
ISecAuditors Security Advisories
- [x0n3-h4ck] myBloggie 2.1.5 XSS exploit,
corrado . liotta
- Microsoft Help Workshop .CNT contents files buffer overflow vulnerability,
porkythepig
- [security bulletin] HPSBUX02181 SSRT061289 rev.1 - HP-UX Running IPFilter, Remote Unauthorized Denial of Service (DoS),
security-alert
- [security bulletin] HPSBST02184 SSRT071296 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS07-001 Through MS07-004,
security-alert
- Multiple OS kernel insecure handling of stdio file descriptor,
XFOCUS Security Team
- FW: [cacti-announce] Cacti 0.8.6j Released,
Warner Moore
- CYBSEC - Security Advisory: SAP Internet Graphics Service (IGS) Remote Buffer Overflow,
CYBSEC Advisories
- [USN-410-1] poppler vulnerability,
Martin Pitt
- Cisco Security Advisory: SSL/TLS Certificate and SSH Public Key Validation Vulnerability,
Cisco Systems Product Security Incident Response Team
- [security bulletin] HPSBPI02185 SSRT071290 rev.1 - HP Jetdirect Running ftp, Remote Denial of Service (DoS),
security-alert
- Directory Traversal in ArsDigita Community System,
Elliot Kendall
- [ MDKSA-2007:018 ] - Updated koffice packages fix crafted pdf file vulnerability,
security
- [ MDKSA-2007:019 ] - Updated pdftohtml packages fix crafted pdf file vulnerability,
security
- [ MDKSA-2007:020 ] - Updated poppler packages fix crafted pdf file vulnerability,
security
- [ MDKSA-2007:021 ] - Updated xpdf packages fix crafted pdf file vulnerability,
security
- [ MDKSA-2007:022 ] - Updated tetex packages fix crafted pdf file vulnerability,
security
- [x0n3-h4ck] sabros.us 1.7 XSS Exploit,
corrado . liotta
- [ MDKSA-2007:023 ] - Updated libgtop2 packages fix buffer overflow vulnerability,
security
- EUSecWest 2007 Papers,
Dragos Ruiu
- MyShoutBox Multiple Cross-Site Scripting Vulnerability,
DoZ
- Layered Defense Research Advisory: BitDefender Client 8.02 Format String Vulnerability,
dh
- TSLSA-2007-0003 - multi,
Trustix Security Advisor
- DoS against AVM Fritz!Box 7050 (and others),
collin
- Help project files (.HPJ) buffer overflow vulnerability in Microsoft Help Workshop,
porkythepig
- Virginity Security Advisory 2007-001 : T-Com Speedport 500V Login bypass,
advisory07
- WzdFTPD < 8.1 Denial of service,
S21sec Labs
- DIMVA 2007: Final Call for Papers,
Robin Sommer
- [RISE-2007001] Apple Mac OS X 10.4.x kernel shared_region_map_file_np() memory corruption vulnerability,
RISE Security
- a-forum xss,
sn0oPy
- Login Manager Multiple HTML Injections,
DoZ
- Paypal Subscription Manager Multiple HTML Injections,
DoZ
- SMF "index.php?action=pm" Cross Site-Scripting,
Advisory
- Digital Armaments Security Advisory 20.01.2007: Grsecurity Kernel PaX Vulnerability,
info
- XSS in 212cafeBoard ( Verision 0.08 & 6.30 Beta ),
xx_hack_xx_2004
- Sun Microsystems Java GIF File Parsing Memory Corruption Vulnerability Prove Of Concept Exploit,
luoluonet
- Wiki-how path disclosure,
iamtheevil1
- FishCart [injection sql],
saps . audit
- FreeForum 0.9.0 <=- (index.php fpath) Remote File Include Vulnerability,
me you
- [SECURITY] [DSA 1251-1] New netrik packages fix arbitary shell command execution,
Steve Kemp
- XMB "U2U Instant Messenger" Cross-Site Scripting,
Advisory
- XSS in Guestbook ( v.4.00 beta ),
xx_hack_xx_2004
- SQL Injection in Unique Ads ( UDS ),
xx_hack_xx_2004
- cmsimple 2.7 Remote File Include,
mr alkomandoz
- Microsoft Visual C++ (.RC) resource files buffer overflow vulnerability,
porkythepig
- phpAdsNew 2.0.7 Remote File Include,
mr alkomandoz
- PHP Link Directory XSS Vulnerability version <= 3.0.6,
jussi . vuokko
- Full Path Disclosure in Open-Realty ( v2.3.4 ),
xx_hack_xx_2004
- Fantastic News <=- (news.php) Remote File Include Vulnerability,
me you
- Check Point Connectra End Point security bypass,
Roni Bachar
- [x0n3-h4ck] bitweaver 1.3.1 XSS Exploit,
corrado . liotta
- UploadScript <=- v1.02 (password.txt) Remote Password Disclosure Vulnerability,
me you
- Uploader <= (userdata/user_1.txt) Password Disclosure Vulnerability,
me you
- [ GLSA 200701-13 ] Fetchmail: Denial of Service and password disclosure,
Matthias Geerdsen
- SQL Injection by using Cookie Poisoning for Website Baker Version 2.6.5 and before,
Rolf Huisman
- [ GLSA 200701-14 ] Mod_auth_kerb: Denial of Service,
Raphael Marichez
- [ GLSA 200701-15 ] Sun JDK/JRE: Multiple vulnerabilities,
Raphael Marichez
- [ GLSA 200701-16 ] Adobe Acrobat Reader: Multiple vulnerabilities,
Raphael Marichez
- rPSA-2007-0011-1 wget,
rPath Update Announcements
- Safari Improperly Parses HTML Documents & BlogSpot XSS vulnerability,
Jose Avila III
- [ MDKSA-2007:024 ] - Updated kdegraphics packages fix crafted pdf file vulnerability,
security
- AToZed Software Intraweb Component for Borland Delphi and Kylix DoS vulnerability,
C0r3 1mp4ct
- Bluetooth DoS by obex push,
hornung
- rPSA-2007-0012-1 ed,
rPath Update Announcements
- xss filter to protect from xss attacks,
Anurag Agarwal
- Re: Bluetooth DoS by obex push [readable],
hornung
- Adobe ColdFusion Information Disclosure,
zck zck
- [ GLSA 200701-17 ] libgtop: Privilege escalation,
Matthias Geerdsen
- rPSA-2007-0015-1 libsoup,
rPath Update Announcements
- [ECHO_ADV_62$2007] Upload Service 1.0 remote file inclusion,
y3dips
- rPSA-2007-0014-1 libgtop,
rPath Update Announcements
- [ MDKSA-2007:025 ] - Updated kernel packages fix multiple vulnerabilities and bugs,
security
- Re: Multiple SQL injections and XSS in FishCart 3.1,
michael
- SUSE Security Announcement: squid (SUSE-SA:2007:012),
Thomas Biege
- RANDOM PHP QUOTE 1.0 (pwd.txt) Remote Password Disclosur,
the . tiger100
- [ GLSA 200701-18 ] xine-ui: Format string vulnerabilities,
Raphael Marichez
- [ MDKSA-2006:217-2 ] - Updated proftpd packages fix vulnerabilities,
security
- subscribe (pwd.txt) Remote Password Disclosur,
the . tiger100
- [ GLSA 200701-19 ] OpenLDAP: Insecure usage of /tmp during installation,
Raphael Marichez
- rPSA-2007-0013-1 poppler tetex tetex-afm tetex-dvips tetex-fonts tetex-latex tetex-xdvi,
rPath Update Announcements
- [USN-411-1] libsoup vulnerability,
Kees Cook
- PR06-14: IP Phones based on Centrality Communications/Aredfox PA168 chipset weak session management vulnerability,
ProCheckUp Research
- Advanced Guestbook <=- 2.4.2 (include_path) Remote File Include Vulnerability,
me you
- SUSE Security Announcement: xine (SUSE-SA:2007:013),
Thomas Biege
- [ MDKSA-2007:026 ] - Updated squid packages fix vulnerabilities,
security
- [ GLSA 200701-20 ] Centericq: Remote buffer overflow in LiveJournal handling,
Raphael Marichez
- [USN-412-1] GeoIP vulnerability,
Kees Cook
- [USN-413-1] BlueZ vulnerability,
Kees Cook
- [Aria-Security Team] MyBB Cross-Site Scripting,
Advisory
- Toxiclab Shoutbox Password Disclosure Vulnerability,
beks
- Secunia Research: NCTsoft Products NCTAudioFile2 ActiveX Control Buffer Overflow,
Secunia Research
- Secunia Research: Sienzo Digital Music Mentor NCTAudioFile2 ActiveX Control Buffer Overflow,
Secunia Research
- [CAID 34993]: CA BrightStor ARCserve Backup for Laptops and Desktops Multiple Overflow Vulnerabilities,
Williams, James K
- ZixForum <= 1.14 (Zixforum.mdb) Remote Password Disclosure Vulnerability,
me you
- Maxtricity Tagger Password Disclosure Vulnerability,
beks
- Cisco Security Advisory: Crafted TCP Packet Can Cause Denial of Service,
Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: IPv6 Routing Header Vulnerability,
Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Crafted IP Option Vulnerability,
Cisco Systems Product Security Incident Response Team
- [OPENADS-SA-2007-001] phpAdsNew and phpPgAds 2.0.9-pr1 vulnerability fixed,
Matteo Beccati
- Weaknesses in Pingback Design,
bmatheny
- [ GLSA 200701-21 ] MIT Kerberos 5: Arbitrary Remote Code Execution,
Matthias Geerdsen
- DoS against Telligent Community Server,
bmatheny
- [security bulletin] HPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access,
security-alert
- ZDI-07-006: Citrix Metaframe Presentation Server Print Provider Buffer Overflow Vulnerability,
zdi-disclosures
- Multiple Remote Vulnerabilities in Wordpress,
bmatheny
- Oracle Buffer Overflow in DBMS_REPCAT_UNTRUSTED.UNREGISTER_SNAPSHOT,
Team SHATTER
- Oracle Buffer Overflow in DBMS_LOGMNR.ADD_LOGFILE,
Team SHATTER
- Oracle Buffer Overflow in DBMS_LOGREP_UTIL.GET_OBJECT_NAME,
Team SHATTER
- Oracle Buffer Overflow in DBMS_DRS.GET_PROPERTY,
Team SHATTER
- Oracle Multiple Buffer Overflows and DoS attacks in public procedures of MDSYS.MD,
Team SHATTER
- [CAID 34818]: CA Personal Firewall Multiple Privilege Escalation Vulnerabilities,
Williams, James K
- Oracle Buffer Overflows in DBMS_CAPTURE_ADM_INTERNAL,
Team SHATTER
- [USN-414-1] Squid vulnerabilities,
Kees Cook
- Remove all admin->root authorization prompts from OSX,
K F (lists)
- ASP NEWS <= V3 (news_detail.asp) Remote SQL Injection Vulnerability,
ajannhwt
- rPSA-2007-0019-1 gtk,
rPath Update Announcements
- uniForum <= v4 (wbsearch.aspx) Remote SQL Injection Vulnerability,
ajannhwt
- Xero Portal v1.2 (phpbb_root_path) Remote File Include Vulnerablity,
xorontr
- ASP EDGE <= V1.2b (user.asp) Remote SQL Injection Vulnerability,
ajannhwt
- EzDatabase Multiple Cross-Site Scripting Vulnerability,
DoZ
- makit news/blog poster <=v3(news_page.asp) Remote SQL Injection Vulnerability,
ajannhwt
- BIND remote exploit (low severity) [Fwd: Internet Systems Consortium Security Advisory.],
Lebbeous Weekley
- Aztek Forum 4.1 Multiple Vulnerabilities Exploit,
gmdarkfig
- phpCOIN <= RC-1 (modules/mail/index.php) Remote File Include Vulnerability,
me you
- [x0n3-h4ck] Siteman 2.0.x2 Remote Md5 Hash Disclosure Vulnerability,
corrado . liotta
- [x0n3-h4ck] Siteman 1.1.11 Remote Md5 Hash Disclosure Vulnerability,
corrado . liotta
- GPS 1.2 Content Managing System (print.asp) Remote SQL Injection Vulnerability,
ajannhwt
- [NETRAGARD-20061218 SECURITY ADVISORY] [@Mail WebMail Cross Site Request Forgery],
Netragard Security Advisories
- [ GLSA 200701-22 ] Squid: Multiple Denial of Service vulnerabilities,
Matthias Geerdsen
- Buffer overflow in VSAPI library of Trend Micro VirusWall 3.81 for Linux,
Sebastian Wolfgarten
- The certification password of Internet Explorer 7 and operation of auto complete,
support
- high5 Review script Security Risk,
anon
- Vulnerability disclosure comments,
Shawna McAlearney
- Omniture SiteCatalyst Multiple Cross-Site Scripting Vulnerabilities,
DoZ
- RubyGems 0.9.0 and earlier installation exploit,
Eric Hodel
- Medium Risk Vulnerability in PGP Desktop,
NGSSoftware Insight Security Research
- [USN-410-2] teTeX vulnerability,
Kees Cook
- [ GLSA 200701-24 ] VLC media player: Format string vulnerability,
Matthias Geerdsen
- [OPENADS-SA-2007-002] Max Media Manager v0.1.29 and v0.3.30 vulnerability fixed,
Matteo Beccati
- Movable Type <= 3.33 XSS Exploit,
teracci2002
- [ MDKSA-2007:027 ] - Updated xine-ui packages fix vulnerabilities,
security
- [ GLSA 200701-23 ] Cacti: Command execution and SQL injection,
Matthias Geerdsen
- Cross-site Scripting with Local Privilege Vulnerability in Yahoo Messenger,
hainamluke
- PHP Membership Manager Cross-Site Scripting Vulnerability,
DoZ
- FdScript <= v1.3.2 Remote File Disclosure Vulnerability,
ajannhwt
- S21sec-034-en: Cisco VTP DoS vulnerability,
S21sec Labs
- iDefense Security Advisory 01.26.07: Multiple Vendor libchm Page Block Length Memory Corruption Vulnerability,
iDefense Labs
- rPSA-2007-0021-1 bind bind-utils,
rPath Update Announcements
- rPSA-2007-0020-1 rmake,
rPath Update Announcements
- Dexia website security alert,
Jos Kirps
- WS_FTP 2007 Professional SCP handling format string vulnerability,
Michal Bucko
- [ MDKSA-2007:029 ] - Updated libsoup packages fix DoS vulnerability,
security
- stompy the session stomper - tool availability,
Michal Zalewski
- Full Disclosure: Arbitrary Code Execution in LedgerSMB CVE-2006-5872,
Chris Travers
- [USN-398-4] Firefox regression,
Kees Cook
- Open Conference Systems = 2.8.2 Remote File Inclusion,
trzindan
- [ MDKSA-2007:028 ] - Updated ulogd packaged to address buffer overflow vulnerability,
security
- AdMentor (banners) admin SQL injection,
sn0oPy . team
- local Calendar System v1.1 (lcStdLib.inc) Remote File Include,
trzindan
- [SECURITY] [DSA 1253-1] New Mozilla Firefox packages fix several vulnerabilities,
Martin Schulze
- [SECURITY] [DSA 1252-1] New vlc packages fix arbitrary code execution,
Martin Schulze
- [OpenPKG-SA-2007.007] OpenPKG Security Advisory (bind),
OpenPKG GmbH
- [SECURITY] [DSA 1254-1] New bind9 packages fix denial of service,
Moritz Muehlenhoff
- MDPro 1.0.76 - Multiple Remote Vulnerabilities,
adexior
- Internet Explorer 7 ActiveX bgColor property NULL pointer dereference (DoS),
Alexander Sotirov
- [OpenPKG-SA-2007.008] OpenPKG Security Advisory (cvstrac),
OpenPKG GmbH
- Xt-Stats v.2.4.0.b3 - Remote File Include Vulnerabilities,
h4cked . eg
- CVSTrac 2.0.0 Denial of Service (DoS) vulnerability,
Ralf S. Engelschall
- Defeating CAPTCHAs via Averaging,
noreply9871234
- Phorum HTML Injection Vulnerability,
DoZ
- gnopaste <= 0.5.3 (index.php) Remote File Include Vulnerability,
trzindan
- Arbitrary Code Execution in SQL-Ledger and LedgerSMB through redirects,
Chris Travers
- [ GLSA 200701-25 ] X.Org X server: Multiple vulnerabilities,
Matthias Geerdsen
- VII National Computer and Information Security Conference ACIS 2007 - COLOMBIA,
Jeimy Cano
- RBL - ASP (scripts with db) SQL injection,
sn0oPy . team
- Oracle - Indirect Privilege Escalation and Defeating Virtual Private Databases,
David Litchfield
- [DRUPAL-SA-2007-005] Drupal 4.7.6 / 5.1 fixes arbitrary code execution issue,
Uwe Hermann
- rPSA-2007-0020-2 rmake,
rPath Update Announcements
- COSEINC Alert: Microsoft Agent Heap Overflow Vulnerability Technical Details (Patched),
Coseinc
- RBL - ASP (scripts with db) SQL injection,
sn0oPy . team
- PhP Generic library & framework (include_path) Remote File Include Exploit,
umutc4n
- EncapsCMS 0.3.6 (common_foot.php) Remote File Include,
trzindan
- Atsphp 5.0.1 [Top Sites] [index.php] - Remote File Include,
trzindan
- [ MDKSA-2007:030 ] - Updated bind packages fix DoS vulnerabilities,
security
Mail converted by MHonArc