Mail Thread Index
- Re: Re: Progress Webspeed exploit for all releases,
suresync
- WheatBlog 1.1 RFI/SQL Injection,
underwater
- akocomment SQL INJECTION (all version),
Emanuele Gentili
- [SECURITY] [DSA 1327-1] New gsambad packages fix unsafe temporary files,
Steve Kemp
- [ GLSA 200707-01 ] Firebird: Buffer overflow,
Raphael Marichez
- [SECURITY] [DSA 1326-1] New fireflier-server packages fix unsafe temporary files,
Steve Kemp
- eTicket v.1.5.1.1 Multiple Cross-Site Scripting,
darkz . gsa
- Re: Light Blog 4.1 XSS Vulnerability,
prodigy . zero
- FreeDomain.co.nr Clone SQL Injection,
teh_lost_byte
- Advisory : Internet Explorer Zone Domain Specification Dos and Page suppressing.,
Aditya K Sood
- PHPDirector <= 0.21 (SQL injection/Upload SHELL) Remote Vulnerabilities,
teh_lost_byte
- [SECURITY] [DSA 1328-1] New unicon-imc2 packages fix buffer overflow,
Steve Kemp
- AV Arcade 2.1b (view_page.php) Remote SQL Injection,
teh_lost_byte
- AV Arcade 2.1b (COOKIE[ava_userid]) Get Admin Rights,
teh_lost_byte
- High Risk Flaw in Sun's Java Web Start,
NGSSoftware Insight Security Research
- [ GLSA 200707-02 ] OpenOffice.org: Two buffer overflows,
Raphael Marichez
- Two Unpublished IE Cases,
LIUDIEYU dot COM
- Moodle XSS / Liesbeth base CMS sensitive information disclosure,
3APA3A
- Buffer overflow in HP Instant Support Driver Check (SDD) ActiveX control,
NGSSoftware Insight Security Research
- Security on AIR: Local file access through JavaScript,
fukami
- iPhone Security Settings,
John Smith
- Cross Site Scripting in Oliver Library Management System,
A. R.
- [ MDKSA-2007:138 ] - Updated kdebase packages fix Flash Player interaction vulnerability,
security
- [ GLSA 200707-04 ] GNU C Library: Integer overflow,
Raphael Marichez
- MySQLDumper vulnerability: Bypassing Apache based access control possible,
bugtraq
- Re: Remote File Include In Script SoftNews Media Group,
foster
- SQL Injection in saphp "showcat.php",
Sw33t . h4cK3r
- Fujitsu-Siemens ServerView Remote Command Execution,
RedTeam Pentesting GmbH
- SQL Injection in SaphpLesson2.0 "show.php",
Sw33t . h4cK3r
- Fujitsu-Siemens PRIMERGY BX300 Switch Blade Information Disclosure,
RedTeam Pentesting GmbH
- Multiple Remote unauthenticated stack overflows in Asterisk chan_sip.c,
NGSSoftware Insight Security Research
- PacSec 2007 Call For Papers (Nov. 29/30, deadline July 27),
Dragos Ruiu
- [USN-480-1] Gimp vulnerability,
Kees Cook
- [ MDKSA-2007:139 ] - Updated MySQL packages fix multiple security issues,
security
- [ MDKSA-2007:140 ] - Updated apache packages fix multiple security issues,
security
- [ MDKSA-2007:141 ] - Updated apache packages fix multiple security issues,
security
- [ MDKSA-2007:142 ] - Updated apache packages fix multiple security issues,
security
- Session fixation in Zen Cart CMS,
tomaz . bratusa
- [security bulletin] HPSBPI02228 SSRT071404 rev.1 - HP Instant Support - Driver Check Running on Windows XP, Remote Unauthorized Access,
security-alert
- Re: Serious holes affecting JFFNMS,
not
- Redirection Vulnerability in wp-pass.php, WordPress 2.2.1,
Nick S. Coblentz
- [NETRAGARD SECURITY ADVISORY][Maia Mailguard 1.0.2 Arbitrary Code Execution][NETRAGARD-20070628],
Netragard Security Advisories
- EnjoySAP, SAP GUI for Windows - Stack Overflow,
NGSSoftware Insight Security Research
- SAP Message Server Heap Overflow,
NGSSoftware Insight Security Research
- SAP Internet Graphics Server XSS and Heap Overflow,
NGSSoftware Insight Security Research
- Internet Communication Manager Denial Of Service Attack,
NGSSoftware Insight Security Research
- SAP DB Web Server Stack Overflow,
NGSSoftware Insight Security Research
- AsteriDex (Asterisk / Trixbox) remote code execution,
Carl Livitt
- [SECURITY] [DSA 1329-1] New gfax packages fix privilege escalation,
Steve Kemp
- [ GLSA 200707-05 ] Webmin, Usermin: Cross-site scripting vulnerabilities,
Raphael Marichez
- phpTrafficA <=1.4.3 Admin Login Bypass,
corrado . liotta
- An Auction Site for Vulnerabilities,
Ivan .
- eTicket version 1.5.5 XSS Attack Vulnerability,
securityresearch
- [SECURITY] [DSA 1330-1] New php5 packages fix arbitrary code execution,
Moritz Muehlenhoff
- [SECURITY] [DSA 1331-1] New php4 packages fix arbitrary code execution,
Moritz Muehlenhoff
- [Eleytt] 7LIPIEC2007,
sapheal
- PHP Comet-Server,
o_0p
- CodeIgniter 1.5.3 vulnerabilities,
Łukasz Pilorz
- Another You tube clone script vulnerability,
Samael De Icaro
- Firefox wyciwyg:// cache zone bypass,
Michal Zalewski
- [SECURITY] [DSA 1332-1] New vlc packages fix arbitrary code execution,
Moritz Muehlenhoff
- EEYE: Sun Java WebStart JNLP Stack Buffer Overflow Vulnerability,
eEye Advisories
- iDefense Security Advisory 07.09.07: Multiple Vendor GIMP Multiple Integer Overflow Vulnerabilities,
iDefense Labs
- iDefense Security Advisory 07.09.07: WinPcap NPF.SYS Local Privilege Escalation Vulnerability,
iDefense Labs
- WinPcap NPF.SYS Privilege Elevation Vulnerability,
mballano
- Internet Explorer 0day exploit,
Thor Larholm
- [ MDKSA-2007:143 ] - Updated mplayer packages fix buffer overflow remote vulnerabilities,
security
- [security bulletin] HPSBTU02233 SSRT071424 rev.1 - HP Tru64 UNIX Internet Express running Samba, Remote Arbitrary Code Execution or Local Unauthorized Privilege Elevation,
security-alert
- [USN-481-1] ImageMagick vulnerabilities,
Kees Cook
- Announce: RFIDIOt PC/SC support - new release 0.1p (July 2007),
Adam Laurie
- Flashbb <= 1.1.7 - Remote File Inclusion Exploit,
mata
- Entertainment CMS Admin Login Bypass,
mata
- Regarding http://www.securityfocus.com/bid/24744,
urtrapped9
- Whitepaper - DNS pinning and web proxies,
Dafydd Stuttard
- iDefense Security Advisory 07.09.07: IBM AIX libodm ODMPATH Stack Overflow Vulnerability,
iDefense Labs
- SYMSA-2007-005: Vista Windows Firewall Incorrectly Applies Filtering to Teredo Interface,
research
- [ MDKSA-2007:144 ] - Updated OpenOffice.org packages fix RTF import vulnerability,
security
- EEYE: Microsoft Publisher 2007 Arbitrary Pointer Dereference,
eEye Advisories
- TippingPoint IPS Signature Evasion,
Paul Craig
- XSS Tunnelling White Paper and Tool,
Ferruh Mavituna
- Multiple .NET Null Byte Injection Vulnerabilities,
Paul Craig
- [ MDKSA-2007:145 ] - Updated wireshark packages fix multiple vulnerabilities,
security
- SUN Java JNLP Overflow,
Brett Moore
- durito: enVivo!CMS SQL injection,
3APA3A
- [USN-482-1] OpenOffice.org vulnerability,
Kees Cook
- Low Risk Vulnerability in Active Directory,
NGSSoftware Insight Security Research
- Advisory: Arbitrary kernel mode memory writes in AVG,
john-lindsay
- rPSA-2007-0137-1 tshark wireshark,
rPath Update Announcements
- SquirrelMail G/PGP Encryption Plug-in Remote Command Execution Vulnerability,
does_not_exist
- Advisory - Clam AntiVirus RAR File Handling Denial Of Service Vulnerability.,
Metaeye SG
- Powered By Dvbbs Version 7.1.0 Sp1 By Pass,
RaeD
- Cisco Security Advisory: Cisco Unified Communications Manager Overflow Vulnerabilities,
Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco Unified Communications Manager and Presence Server Unauthorized Access Vulnerabilities,
Cisco Systems Product Security Incident Response Team
- Dotclear remote script execution,
Sacha
- iDefense Security Advisory 07.11.07: Symantec Backup Exec RPC Remote Heap Overflow Vulnerability,
iDefense Labs
- iDefense Security Advisory 07.11.07: Symantec AntiVirus symtdi.sys Local Privilege Escalation Vulnerability,
iDefense Labs
- TippingPoint detection bypass,
Andres Riancho
- 0day linux 2.6 /dev/mem rootkit found,
James E. Jones
- [ GLSA 200707-06 ] XnView: Stack-based buffer overflow,
Stefan Cornelius
- iDefense Security Advisory 07.11.07: SquirrelMail G/PGP Plugin gpg_check_sign_pgp_mime() Command Injection Vulnerability,
iDefense Labs
- iDefense Security Advisory 07.11.07: SquirrelMail G/PGP Plugin gpg_help.php Local File Inclusion Vulnerability,
iDefense Labs
- iDefense Security Advisory 07.11.07: SquirrelMail G/PGP Plugin deleteKey() Command Injection Vulnerability,
iDefense Labs
- iDefense Security Advisory 07.11.07: SquirrelMail G/PGP Plugin gpg_recv_key() Command Injection Vulnerability,
iDefense Labs
- iDefense Security Advisory 07.11.07: Apple QuickTime SMIL File Processing Integer Overflow Vulnerability,
iDefense Labs
- FreeBSD Security Advisory FreeBSD-SA-07:05.libarchive,
FreeBSD Security Advisories
- rPSA-2007-0138-1 gimp,
rPath Update Announcements
- MkPortal - Multiple SQL Injection Vulnerabilities,
does_not_exist
- iDefense Security Advisory 07.12.07: Red Hat Enterprise Linux init.d XFS Script chown Race Condition Vulnerability,
iDefense Labs
- FLEA-2007-0031-1: xfs,
Foresight Linux Essential Announcement Service
- Command Injection in XML Digital Signatures,
brad
- Whitepaper: Command Injection in XML Digital Signatures and Encryption,
brad
- [ MDKSA-2007:146 ] - Updated perl-Net-DNS packages fix multiple vulnerabilities,
security
- ZDI-07-039: Symantec AntiVirus Engine RAR File Parsing DoS Vulnerability,
zdi-disclosures
- ZDI-07-040: Symantec AntiVirus Engine CAB Parsing Heap Overflow Vulnerability,
TSRT
- TPTI-07-12: Multiple Vendor Progress Server Heap Overflow Vulnerability,
TSRT
- [scip_Advisory 3159] SiteScape forum prior 7.3 Cross Site Scripting,
Marc Ruef
- ActiveWeb Contentserver CMS Clientside Filtering of Page Editor Content,
RedTeam Pentesting GmbH
- ActiveWeb Contentserver CMS Editor Permission Settings Problem,
RedTeam Pentesting GmbH
- ActiveWeb Contentserver CMS SQL Injection Management Interface,
RedTeam Pentesting GmbH
- ActiveWeb Contentserver CMS Multiple Cross Site Scriptings,
RedTeam Pentesting GmbH
- No Patch for IE on Windows Mobile/CE,
LIUDIEYU dot COM
- [Eleytt] 12LIPIEC2007 2007-07-12,
Michal Bucko
- [MSA01110707] Flash Player/Plugin Video file parsing Remote Code Execution,
Minded Security Research Labs
- [USN-483-1] libnet-dns-perl vulnerabilities,
Kees Cook
- Re: [Eleytt] 12LIPIEC2007 2007-07-12,
michal . bucko
- zdnet reports on java vulnerabilities,
Jonathan Smith
- Bogus BID 24744,
urtrapped9
- Calyptix Security Advisory CX-2007-05 - eSoft InstaGate EX2 Cross-Site Request Forgery Attack,
Calyptix Security
- AzDG Dating Gold v3.0.5 ===> Remote File Include Vulnerability,
mostafa_ragab
- MSIE7 entrapment again (+ FF tidbit),
Michal Zalewski
- Opera/Konqueror: data: URL scheme address bar spoofing,
Robert Swiecki
- Re: Menu Manager Mod for WebAPP - No Input Filtering,
info
- WhitePapers By SecNiche Security,
Aditya K Sood
- The dark side of ajax,
Fady Anwar
- Session Riding and multiple XSS in WebCit,
Christopher Schwardt
- [security bulletin] HPSBGN02234 SSRT071435 rev.1 - HP ServiceGuard for Linux, Local Unauthorized Access, Increase in Privilege,
security-alert
- ExLibris Aleph and Metalib Cross Site Scripting Attack,
Matthew Cook
- Re: Sudo: local root compromise with krb5 enabled,
Thor Lancelot Simon
- Official release of SQL Power Injector 1.2,
Francois Larouche
- LFI On SMF 1.1.3,
sirn0n
- Insanely simple blog - Multiple vulnerabilities,
joseph . giron13
- rPSA-2007-0141-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs,
rPath Update Announcements
- rPSA-2007-0142-1 perl-Net-DNS,
rPath Update Announcements
- rPSA-2007-0143-1 mysql mysql-bench mysql-server,
rPath Update Announcements
- London DC4420 meet - tommorrow, Wednesday 18th July,
Adam Laurie
- iDefense Security Advisory 07.16.07: Trend Micro OfficeScan Session Cookie Buffer Overflow Vulnerability,
iDefense Labs
- iDefense Security Advisory 07.16.07: Trend Micro OfficeScan Management Console Authorization Bypass Vulnerability,
iDefense Labs
- [USN-484-1] curl vulnerability,
Kees Cook
- [USN-487-1] Dovecot vulnerability,
Kees Cook
- [USN-485-1] PHP vulnerabilities,
Kees Cook
- iDefense Security Advisory 07.17.07: IBM Tivoli Provisioning Manager for OS Deployment TFTP Blocksize DoS Vulnerability,
iDefense Labs
- ASA-2007-014: Stack buffer overflow in IAX2 channel driver,
Kevin P. Fleming
- iDefense Security Advisory 07.17.07: Computer Associates Alert Notification Server Multiple Buffer Overflow Vulnerabilities,
iDefense Labs
- ASA-2007-016: Remote crash vulnerability in Skinny channel driver,
Kevin P. Fleming
- Clarifications on LedgerSMB vulnerability with Bugtraq ID:24940,
Chris Travers
- ASA-2007-017: Remote Crash Vulnerability in STUN implementation,
Kevin P. Fleming
- [USN-488-1] mod_perl vulnerability,
Kees Cook
- Oracle Security: Insert / Update / Delete Data via Views,
ak
- ASA-2007-015: Remote Crash Vulnerability in IAX2 channel driver,
Kevin P. Fleming
- Oracle Security: SQL Injection in package DBMS_PRVTAQIS,
ak
- Oracle Security: SQL Injection in APEX CHECK_DB_PASSWORD,
ak
- Security Advisory: Login bypass in LedgerSMB 1.2.0 through 1.2.6,
Chris Travers
- Cisco Security Advisory: Denial of Service Vulnerability in Cisco Wide Area Application Services (WAAS) Software,
Cisco Systems Product Security Incident Response Team
- [SECURITY] [DSA 1334-1] New freetype packages fix arbitary code execution,
Steve Kemp
- [SECURITY] [DSA 1333-1] New libcurl3-gnutls packages fix certificate handling,
Steve Kemp
- iDefense Security Advisory 07.18.07: Ipswitch IMail Server 2006 IMAP Search Command Buffer Overflow Vulnerability,
iDefense Labs
- iDefense Security Advisory 07.18.07: Microsoft DirectX RLE Compressed Targa Image File Heap Overflow,
iDefense Labs
- [SECURITY] [DSA 1335-1] New gimp packages fix arbitrary code execution,
Moritz Muehlenhoff
- Oracle Database Buffer overflows and Denial of service vulnerabilities in public procedures of MDSYS.MD (DB12),
Team SHATTER
- Oracle Database Buffer overflow vulnerabilities in procedure DBMS_DRS.GET_PROPERTY (DB03),
Team SHATTER
- [Reversemode Advisory] Microsoft DirectX RLE Compressed Targa Image File Heap Overflow,
Reversemode
- Geoblog v1 administrator bypass,
joseph . giron13
- [USN-489-2] redhat-cluster-suite vulnerability,
Kees Cook
- rPSA-2007-0145-1 lighttpd,
rPath Update Announcements
- iDefense Security Advisory 07.19.07: Opera Software Opera Web Browser BitTorrent Dangling Pointer Vulnerability,
iDefense Labs
- [USN-486-1] Linux kernel vulnerabilities,
Kees Cook
- [USN-489-1] Linux kernel vulnerabilities,
Kees Cook
- DokuWiki suffers XSS,
Cyrill Brunschwiler
- iDefense Security Advisory 07.19.07: Multiple Vendor Multiple Product URI Handler Input Validation Vulnerability,
iDefense Labs
- [CAID 35515]: CA Products Alert Service RPC Procedure Buffer Overflow Vulnerabilities,
Williams, James K
- [CVE-2007-3816][Advisory] JWIG Context-Dependent Template Calling Dos,
Aditya K Sood
- [ANNOUNCE] RSBAC 1.3.5 released,
Amon Ott
- Wii's Internet Channel affected to Flash FLV parser vulnerability,
Juha-Matti Laurio
- SYMSA-2007-006: Citrix EPA ActiveX Control Design Flaw,
research
- [USN-490-1] Firefox vulnerabilities,
Kees Cook
- rPSA-2007-0148-1 firefox thunderbird,
rPath Update Announcements
- rare bug in Opera 9.20 browser,
jplopezy
- rPSA-2007-0147-1 tcpdump,
rPath Update Announcements
- Elite Forum Full HTML ENject versin 1.0.0.0,
starext
- 2007-07-20 - n.runs-SA-2007.016 - NOD32 Antivirus CAB parsing Arbitrary Code Execution Advisory,
security
- 2007-07-20 - n.runs-SA-2007.018 - NOD32 Antivirus ASPACK and FSG parsing Divide by Zero Advisory,
security
- FLEA-2007-0032-1: flashplayer,
Foresight Linux Essential Announcement Service
- UseBB 1.0.x Cross Site Scripting (XSS),
s4mi
- 2007-07-20 - n.runs-SA-2007.019 - Panda Antivirus EXE parsing Arbitrary Code Execution Advisory,
security
- 2007-07-20 - n.runs-SA-2007.017 - NOD32 Antivirus ASPACK parsing Infinite Loop Advisory,
security
- JBlog 1.0 Creat Admin exploit, xss, Cookie Manipulation,
s4mi
- [ MDKSA-2007:147 ] - Updated ImageMagick packages fix multiple vulnerabilities,
security
- [Aria-Security] Property Pro Remote Login ByPass,
Advisory
- [Aria-Security] Munch Pro Remote Login ByPass,
Advisory
- [MajorSecurity Advisory #51]Virtual Hosting Control System - Session fixation Issue,
admin
- Oracle bad Views - Exploit released,
bunker
- Buffer overflow in Areca CLI, version <= 1.72.250,
Sebastian Wolfgarten
- SEC Consult SA-20070722-0 :: Remote command execution in Joomla! CMS,
Johannes Greil
- CVE-2007-3383: XSS in Tomcat send mail example,
Mark Thomas
- [SECURITY] [DSA 1336-1] New mozilla-firefox packages fix several vulnerabilities,
Moritz Muehlenhoff
- [SECURITY] [DSA 1337-1] New xulrunner packages fix several vulnerabilities,
Moritz Muehlenhoff
- n.runs-SA-2007.020 - Norman Antivirus ACE parsing Arbitrary Code Execution Advisory,
security
- [security bulletin] HPSBUX02153 SSRT061181 rev.4 - HP-UX Running Firefox, Remote Unauthorized Access or Elevation of Privileges or Denial of Service (DoS),
security-alert
- n.runs-SA-2007.022 - Norman Antivirus DOC parsing Detection Bypass Advisory,
security
- PHMe CMS 0.0.2 local File Include Vulnerabilitiy,
h4ck3riran
- n.runs-SA-2007.021 - Norman Antivirus LZH parsing Arbitrary Code Execution Advisory,
security
- [Aria-Security] Image Racer SearchResults.asp SQL INJECTION vuln.,
Advisory
- n.runs-SA-2007.023 - Norman Antivirus DOC parsing Divide by Zero Advisory,
security
- [SECURITY] [DSA 1338-1] New iceweasel packages fix several vulnerabilities,
Moritz Muehlenhoff
- Webspell 4.x Local File Inclusion,
f00
- Minb Is Not A Blog default password directory,
Joseph . giron13
- [security bulletin] HPSBST02243 SSRT071446 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS07-036 to MS07-041,
security-alert
- The Pwnie Awards!,
Alexander Sotirov
- iDefense Security Advisory 07.23.07: Ipswitch Instant Messaging Server Denial of Service Vulnerability,
iDefense Labs
- Secure Computing - Security Reporter Auth Bypass and Directory Traversal Vulnerability,
Oliver Karow
- Oracle E-Business Suite - Multiple Vulnerabilities,
Integrigy Alerts
- dbdisplay.pl(all versions) Remote execut Vulnerability,
hadihadi_zedehal_2006
- PR07-21: Webbler CMS forms are susceptible to spamming and phishing abuses,
research
- "BIND 9 DNS Cache Poisoning" by Amit Klein (Trusteer),
Amit Klein
- PR07-19: Cross-site Scripting (XSS) / HTML injection on Webbler CMS admin login page (2),
research
- [SECURITY] [DSA 1339-1] New iceape packages fix several vulnerabilities,
Moritz Muehlenhoff
- PR07-20: Webroot disclosure on Webbler CMS,
research
- printenv.pl(all versions) cross site scripting Vulnerability,
hadihadi_zedehal_2006
- [SECURITY] [DSA 1340-1] New ClamAV packages fix denial of service,
Martin Schulze
- PR07-18: Cross-site Scripting (XSS) / HTML injection on Webbler CMS admin login page (1),
research
- FLEA-2007-0033-1: firefox thunderbird,
Foresight Linux Essential Announcement Service
- Cisco Security Advisory: Wireless ARP Storm Vulnerabilities,
Cisco Systems Product Security Incident Response Team
- ZDI-07-042: Ipswitch IMail Server GetIMailHostEntry Memory Corruption Vulnerability,
zdi-disclosures
- ZDI-07-041: Panda Software AdminSecure Agent Heap Overflow Vulnerability,
zdi-disclosures
- ZDI-07-043: Ipswitch IMail IMAP Daemon SUBSCRIBE Stack Overflow Vulnerability,
zdi-disclosures
- cPanel 10.9.1 XSS,
Advisory
- TPTI-07-13: Borland Interbase ibserver.exe Create-Request Buffer Overflow Vulnerability,
TSRT
- iDefense Security Advisory 07.24.07: Computer Associates AntiVirus CHM File Handling DoS Vulnerability,
iDefense Labs
- iDefense Security Advisory 07.24.07: Computer Associates eTrust Intrusion Detection CallCode ActiveX Control Code Execution Vulnerability,
iDefense Labs
- [ GLSA 200707-07 ] MPlayer: Multiple buffer overflows,
Raphael Marichez
- [ GLSA 200707-08 ] NVClock: Insecure file usage,
Raphael Marichez
- [CAID 35524]: CA eTrust Intrusion Detection caller.dll Vulnerability,
Williams, James K
- [CAID 35525, 35526]: CA Products Arclib Library Denial of Service Vulnerabilities,
Williams, James K
- [CAID 35527]: CA Message Queuing (CAM / CAFT) Buffer Overflow Vulnerability,
Williams, James K
- [OpenPKG-SA-2007.022] OpenPKG Security Advisory (bind),
OpenPKG GmbH
- n.runs-SA-2007.024 - CA eTrust Antivirus Infinite Loop DoS (remote) Advisory,
security
- [USN-491-1] Bind vulnerability,
Kees Cook
- Mitridat Form Processor Pro XSS,
Charles Kim
- Mozilla protocol abuse,
Thor Larholm
- [ GLSA 200707-09 ] GIMP: Multiple integer overflows,
Raphael Marichez
- [ MDKSA-2007:148 ] - Updated tcpdump packages fix BGP dissector vulnerability,
security
- ZDI-07-044: BakBone NetVault Reporter Scheduler Heap Overflow Vulnerability,
zdi-disclosures
- [SECURITY] [DSA 1341-1] New bind9 packages fix DNS cache poisoning,
Moritz Muehlenhoff
- [ MDKSA-2007:149 ] - Updated BIND9 packages fix vulnerabilities,
security
- [ GLSA 200707-10 ] Festival: Privilege elevation,
Raphael Marichez
- [ GLSA 200707-11 ] MIT Kerberos 5: Arbitrary remote code execution,
Raphael Marichez
- [ MDKSA-2007:150 ] - Updated clamav packages fix vulnerabilities,
security
- Dependet Forums (Username Field) Remote SQL Injection,
Advisory
- SolpotCrew Advisory #14 (S4M3K) - PhpHostBot (login_form) Remote File Inclusion,
s4m3k
- [security bulletin] HPSBMA02133 SSRT061201 rev.5 - HP Oracle for OpenView (OfO) Critical Patch Update,
security-alert
- FLEA-2007-0034-1:,
Foresight Linux Essential Announcement Service
- [SECURITY] [DSA 1342-2] New bind9 packages fix DNS cache poisoning,
Moritz Muehlenhoff
- Guidance Software response to iSEC report on EnCase,
larry . gill
- libvorbis 1.1.2 - Multiple memory corruption flaws,
David Thiel
- iDefense Security Advisory 07.26.07: IBM AIX pioout Arbitrary Library Loading Vulnerability,
iDefense Labs
- iDefense Security Advisory 07.26.07: IBM AIX capture Terminal Control Sequence Buffer Overflow Vulnerability,
iDefense Labs
- iDefense Security Advisory 07.26.07: IBM AIX ftp gets() Multiple Buffer Overflow Vulnerabilities,
iDefense Labs
- Re: Guidance Software response to iSEC report on EnCase (fwd),
jf
- PHPSysInfo Index.php Cross Site Scripting,
DoZ
- Breakpoint Security: Encase Pre-Advisory,
announce
- rPSA-2007-0149-1 bind bind-utils,
rPath Update Announcements
- sBlog 0.7.3 Beta XSS Vulnerabilitie,
Guns
- rPSA-2007-0150-1 libvorbis,
rPath Update Announcements
- Re: Retrieving "deleted" sms/mms from Nokia phone (Symbian S60),
abrash_han
- Metyus Forum Portal v1.0,
crazy_king
- PHP Safe_mode bypass exploit (win32service),
nima_501
- Solaris finger bug,
Jim Mellander
- FLEA-2007-0035-1: libvorbis,
Foresight Linux Essential Announcement Service
- BTsniff - Bleutooth sniffing under *nix,
Thierry Zoller
- Anti XSS AJAX,
Fady Anwar
- Berthanas Ziyaretci Defteri v2.0 (tr) Sql,
yollubunlar
- WebStore - Online Store Application Template SQL INJECTION,
Advisory
- Real Estate listing website application template SQL Injection,
Advisory
- Pay Roll - Time Sheet and Punch Card Application With Web Interface SQL Injection,
Advisory
- Message Board / Threaded Discussion Forum SQL INJECTION,
Advisory
- PHPBlogger cookie privilege escalation,
darthballsbr
- phpCoupon Vulnerabilities,
hack2prison
- TSLSA-2007-0023 - multi,
Trustix Security Advisor
- SuskunDuygular - yelik Sistemi v.1 Sql,
yollubunlar
- WebEvents: Online Event Registration Template Username Fields SQL INJECTION,
Advisory
- Friend Script 2.5 - 2.4 Remote File İnclude,
yollubunlar
- [ GLSA 200707-12 ] VLC media player: Format string vulnerabilities,
Raphael Marichez
- [ GLSA 200707-13 ] Fail2ban: Denial of Service,
Raphael Marichez
- [ GLSA 200707-14 ] tcpdump: Integer overflow,
Raphael Marichez
- [Aria-security] itcms 0.2 Cross-site Scripting (XSS),
h4ck3riran
- E-commerceScripts ALL Apps (Auction Script, Shopping Cart Script and Multi-Vendor E-Shop Script) admin.aspx SQL,
Advisory
- [Aria-security] community Cross-site Scripting (XSS),
h4ck3riran
- TS-2007-001-0: BlueCat Networks Adonis Linux-HA heartbeat DoS Vulnerability,
anonymous.c7ffa4057a
- security@xxxxxxxxx,
security
- ASA-2007-018: Resource exhaustion vulnerability in IAX2 channel driver,
Security Response Team
- wolioCMS SQL Injection,
k1tk4t
- FLEA-2007-0036-1 vim vim-minimal gvim,
Foresight Linux Essential Announcement Service
- [DRUPAL-SA-2007-018] Drupal 4.7.7 and 5.2 fix multiple cross site scripting vulnerabilities,
Heine Deelstra
- [DRUPAL-SA-2007-017] Drupal 5.2 fixes multiple CSRF vulnerabilities,
Heine Deelstra
- [SECURITY] [DSA 1342-1] New xfs packages fix privilege escalation,
Moritz Muehlenhoff
- RIG Image Gallery (dir_abs_src) Remote File Include Vulnerability,
ilkerkandemir
- phpWebFileManager v0.5 (PN_PathPrefix) Remote File Include Vulnerability,
ilkerkandemir
- Madoa Poll v1.1 Remote File Include Vulnerabilities,
ilkerkandemir
- Phorm v3.0 Remote File Upload Vulnerability,
ilkerkandemir
- phpVoter v0.6 Remote File Include Vulnerability,
ilkerkandemir
- Dora Emlak Script v1.0 (tr) Admin Login ByPass,
ilkerkandemir
- BellaBiblio Admin Login Bypass,
ilkerkandemir
- RFI ====> vBulletin v3.6.5,
RaeD
- Re: Exploit In Internet Explorer,
paraw
Mail converted by MHonArc