Mail Thread Index

Date Index

CAL-20070730-1 BlueSkyCat ActiveX Remote Heap Overflow vulnerability, Code Audit Labs
rPSA-2007-0151-1 gvim vim vim-minimal, rPath Update Announcements
BellaBook Admin Bypass/Remote Code Execution, ilkerkandemir
- <Possible follow-ups>
- Re: BellaBook Admin Bypass/Remote Code Execution, jem
FLEA-2007-0037-1 unrar, Foresight Linux Essential Announcement Service
Re: RFI ====> vBulletin v3.6.5, scott-REMOVE
- <Possible follow-ups>
- Re: RFI ====> vBulletin v3.6.5, no-reply
[USN-492-1] tcpdump vulnerability, Kees Cook
security contact for uat.edu needed, Hans Wolters
- Re: security contact for uat.edu needed, Hans Wolters
  - Re: security contact for uat.edu needed, Hans Wolters
    - Re: security contact for uat.edu needed, Hans Wolters
[BuHa-Security] Winamp 5.35 (Infinite) M3U File Inclusion DoS Vulnerability, bugtraq
- Re: [BuHa-Security] Winamp 5.35 (Infinite) M3U File Inclusion DoS Vulnerability, 3APA3A
- <Possible follow-ups>
- Re: Re: [BuHa-Security] Winamp 5.35 (Infinite) M3U File Inclusion DoS Vulnerability, bugtraq
  - Re: [BuHa-Security] Winamp 5.35 (Infinite) M3U File Inclusion Stack Overflow, Werner Van Belle
Really, really, penultimate, PacSec CFP deadline, Aug 10., Dragos Ruiu
[SECURITY] [DSA 1343-1] New file packages fix arbitrary code execution, Moritz Muehlenhoff
[USN-493-1] Firefox vulnerabilities, Kees Cook
Pwnie Awards Ceremony, Alexander Sotirov
WikiWebWeaver 1.1 beta Upload Shell Vulnerability, yollubunlar
[security bulletin] HPSBUX02247 SSRT071432 rev.1 - HP-UX Running ARPA Transport, Local Denial of Service (DoS), security-alert
[security bulletin] HPSBUX02248 SSRT071437 rev.1 - HP-UX Running ARPA Transport, Remote Denial of Service (DoS), security-alert
Mambo 4.6.2 CMS - Session fixation Issue in backend Administration interface, tomaz . bratusa
PHP-Nuke (ALL versions) Multiple XSS and HTML injection, mikispag
FLEA-2007-0038-1 gimp, Foresight Linux Essential Announcement Service
FLEA-2007-0039-1 firefox, Foresight Linux Essential Announcement Service
[BuHa-Security] DoS Vulnerability in Konqueror 3.5.7, bugtraq
FreeBSD Security Advisory FreeBSD-SA-07:01.jail [REVISED], FreeBSD Security Advisories
FreeBSD Security Advisory FreeBSD-SA-07:06.tcpdump, FreeBSD Security Advisories
FreeBSD Security Advisory FreeBSD-SA-07:07.bind, FreeBSD Security Advisories
[ MDKSA-2007:152 ] - Updated Firefox packages fix multiple vulnerabilities, security
Pluck 4.3 themes.php Remote File Inclusion and disclosure, no-reply
[USN-494-1] Gimp vulnerability, Kees Cook
CVE-2007-3384: XSS in Tomcat cookies example, Mark Thomas
[ MDKSA-2007:151 ] - Updated qt3 packages fix multiple vulnerabilities, security
Baidu Soba Remote Code Execute Vulnerability(FGA-2007-10), hfli
rPSA-2007-0153-1 qt-x11-free, rPath Update Announcements
RE: Re: Guidance Software response to iSEC report on EnCase, Alex Stamos
- <Possible follow-ups>
- Re: Guidance Software response to iSEC report on EnCase, luke . cleverley
Minimo .2 and more Firefox 2.0.0.6 Password Manager Vulnerabilites, Seth Fogie
Hunkaray Okul Portali v1.1 (tr) Sql injection Vuln, yollubunlar
our de France Pool 1.0.1 Remote File İnclude Bug, yollubunlar
[Whitepaper SecNiche] Insecurities in Implementing Serialization in BISON, Aditya K Sood
Panda Antivirus 2008 Local Privileg Escalation (UPS they did it again), tarkus
la-nai cms_v1.2.14 - Remote SQL Injection, k1tk4t
[Aria-Security.Net] Next Gen Portfolio Manager SQL Injection, Advisory
FLEA-2007-0040-1 thunderbird, Foresight Linux Essential Announcement Service
[USN-495-1] Qt vulnerability, Martin Pitt
FLEA-2007-0041-1 gdm, Foresight Linux Essential Announcement Service
[USN-496-1] koffice vulnerability, Martin Pitt
Re: TS-2007-001-0: BlueCat Networks Adonis Linux-HA heartbeat DoS Vulnerability, bmiskov
[SECURITY] [DSA 1344-1] New iceweasel packages fix several vulnerabilities, Moritz Muehlenhoff
[Aria-Security.Net] Gallery In A Box Username & Password Parameters SQL Injection, Advisory
[ELEYTT] 3SIERPIEN2007, Michal Bucko
- Re: [ELEYTT] 3SIERPIEN2007, Michal Zalewski
- <Possible follow-ups>
- Re: [ELEYTT] 3SIERPIEN2007, Michal Bucko
  - Re: [ELEYTT] 3SIERPIEN2007, Michal Zalewski
- Re:Re: [ELEYTT] 3SIERPIEN2007, Michal Bucko
- Re: [ELEYTT] 3SIERPIEN2007, xyborg
- Re:Re: [ELEYTT] 3SIERPIEN2007, Michal Bucko
Aceboard forum, SQL injection, karmaguedon
FLEA-2007-0042-1 qt, Foresight Linux Essential Announcement Service
Re: Exploit In Internet Explorer, Gadi Evron
[ELEYTT] 4SIERPIEN2007, Michal Bucko
- <Possible follow-ups>
- Re: [ELEYTT] 4SIERPIEN2007, support1
[SECURITY] [DSA 1347-1] New xpdf packages fix arbitrary code execution, Moritz Muehlenhoff
[SECURITY] [DSA 1348-1] New poppler packages fix arbitrary code execution, Moritz Muehlenhoff
Immunity Debugger is now released, nicolas . waisman
[ MDKSA-2007:153 ] - Updated gd packages fix several vulnerabilities, security
[CFP] Kiwicon 2k7 - Call For Papers, kiwicon
Re: MySQLDumper vulnerability: Bypassing Apache based access control possible, admin
Joomla J! Reactions Component Remote File include Bug, yollubunlar
- <Possible follow-ups>
- Re: Joomla J! Reactions Component Remote File include Bug, software
- Re: Re: Joomla J! Reactions Component Remote File include Bug, yollubunlar
ContentDM Search.php XSS Vulnerability, Monkeyboy9997
[SECURITY] [DSA 1345-1] New xulrunner packages fix several vulnerabilities, Moritz Muehlenhoff
[SECURITY] [DSA 1346-1] New iceape packages fix several vulnerabilities, Moritz Muehlenhoff
AL-Caricatier V.2.5 Remote File Include, RaeD
ALL vgallite Remote File Include, RaeD
AuraCMS [Forum Module] - Remote SQL Injection, k1tk4t
AL-Athkar.v2.0 Remote File Include, RaeD
[SECURITY] [DSA 1349-1] New libextractor packages fix arbitrary code execution, Moritz Muehlenhoff
Question about exploit exposing SSN & user info, hsukowa
- RE: Question about exploit exposing SSN & user info, J. Patterson Wicks
  - Re: Question about exploit exposing SSN & user info, J. Oquendo
- <Possible follow-ups>
- RE: Question about exploit exposing SSN & user info, Michal Bucko
Envolution (News) <= v1.1.0 Remote SQL Injection, k1tk4t
DOS issue in Astaro Version 7 packet filter reporting, POSSIBLE security issue in POP3 proxy, William Warren
CORRECTION: EXPL0it FIXED :JPG PoC denial of service exploit by CrazyAngel, reza_zahfaran
- <Possible follow-ups>
- Re: CORRECTION: EXPL0it FIXED :JPG PoC denial of service exploit by CrazyAngel, ifsecure
[security bulletin] HPSBMA02250 SSRT061275 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Execution of Arbitrary Code and Denial of Service (DoS), security-alert
[security bulletin] HPSBUX02251 SSRT071449 rev.1 - HP-UX Running BIND, Remote DNS Cache Poisoning, security-alert
Active Gmail "Sidejacking" - https is NOT ENOUGH, Mike Perry
PHP mSQL (msql_connect) Buffer Overflow PoC, nima_501
cfp: TRsec, Istanbul Turkey, gadie
TS-2007-002-0: BlueCat Networks Adonis root Privilege Access, anonymous.c7ffa4057a
- <Possible follow-ups>
- Re: TS-2007-002-0: BlueCat Networks Adonis root Privilege Access, security
[SECURITY] [DSA 1350-1] New tetex-bin packages fix arbitrary code execution, Moritz Muehlenhoff
EZPhotoSales 1.9.3 Multiple Vulnerabilities, Seth Fogie
Ariadne CMS Remote File Inclusion, Advisory
Konqueror: URL address bar spoofing vulnerabilities, Robert Swiecki
- Re: Konqueror: URL address bar spoofing vulnerabilities, paraw
  - Re: [Full-disclosure] Konqueror: URL address bar spoofing vulnerabilities, Robert Swiecki
    - Re: [Full-disclosure] Konqueror: URL address bar spoofing vulnerabilities, Patrick Nagel
- Re: Konqueror: URL address bar spoofing vulnerabilities, Jonathan Smith
  - Re: [Full-disclosure] Konqueror: URL address bar spoofing vulnerabilities, Jonathan Smith
ZDI-07-045: Novell Client NWSPOOL.DLL Stack Overflow Vulnerability, zdi-disclosures
C-SAM oneWallet forget password Cross Site Scripting vulnerability, tusharvartak
VietPHP Remote File Inclusion Vulnerbility, master-of-desastor
[SECURITY] [DSA 1352-1] New pdfkit.framework packages fix arbitrary code execution, Moritz Muehlenhoff
iDefense Security Advisory 08.07.07: Hewlett-Packard HP-UX Remote ldcconn Buffer Overflow Vulnerability, iDefense Labs
[SECURITY] [DSA 1351-] New bochs packages fix privilege escalation, Moritz Muehlenhoff
iDefense Security Advisory 08.07.07: Apple Mac OS X mDNSResponder HTTP Request Heap Overflow Vulnerability, iDefense Labs
ASA-2007-019: Remote crash vulnerability in Skinny channel driver, Security Response Team
XSS vulnerability in Cisco MeetingPlace, Disclosure
- RE: XSS vulnerability in Cisco MeetingPlace, Paul Oxman (poxman)
DoS in Microsoft Media Player 11 on Win XP SP2, thesinoda
[USN-496-2] poppler vulnerability, Kees Cook
Guestbook Script 1.9 RFI, Ma$tEr-0F-De$a$t0r
- <Possible follow-ups>
- Re: Guestbook Script 1.9 RFI, laurent . gaffie
Cisco Security Advisory: Cisco IOS Secure Copy Authorization Bypass Vulnerability, Cisco Systems Product Security Incident Response Team
Coppermine Photo Gallery (yabbse.inc.php) Remote File Inclusion Vulnerability, master-of-desastor
- <Possible follow-ups>
- Re: Coppermine Photo Gallery (yabbse.inc.php) Remote File Inclusion Vulnerability, laurent . gaffie
[ GLSA 200708-02 ] Xvid: Array indexing vulnerabilities, Raphael Marichez
[ GLSA 200708-01 ] Macromedia Flash Player: Remote arbitrary code execution, Raphael Marichez
[Aria-Security.net] SAS Hotel Management System SQL Injection, Advisory
[ GLSA 200708-03 ] libarchive (formerly named as bsdtar): Multiple pax Extension Header Vulnerabilities, Raphael Marichez
[ECHO_ADV_83$2007] PhpHostBot <= 1.06 (svr_rootscript) Remote File Inclusion Vulnerability, erdc
Cisco NHRP denial of service (cisco-sa-20070808-nhrp), Martin Kluge
Summercon 2007 Atlanta August 24 - 26, rragan
Gstebuch Version 1.5 Remote Command Execution Vulnerability, rizgar
- <Possible follow-ups>
- Re: Gstebuch Version 1.5 Remote Command Execution Vulnerability, ilkerkandemir
  - Re: Gstebuch Version 1.5 Remote Command Execution Vulnerability, Carsten Eilers
Mapos Bilder Galerie Version 1.0 Remote Command Execution Vulnerability, rizgar
Bilder Uploader 1.3 Remote Command Execution Vulnerability, rizgar
Web News 1.1 Remote Command Execution Vulnerability, rizgar
File Uploader Version 1.1 Remote Command Execution Vulnerability, rizgar
Shoutbox 1.0 Remote Command Execution Vulnerability, rizgar
Design flaw in AS3 socket handling allows port probing, fukami
VNSECON07 Materials released, Jerome Athias
iDefense Security Advisory 08.09.07: Hewlett-Packard OpenView Operations OVTrace Buffer Overflow Vulnerabilities, iDefense Labs
FinDix Remote File Inclusion Vulnerability, rizgar
Join us at OWASP Mumbai Meet : 6th September 2007, dharmeshmm
[ GLSA 200708-04 ] ClamAV: Denial of Service, Raphael Marichez
TSLSA-2007-0024 - multi, Trustix Security Advisor
BH/DC: Tactical Exploitation Materials, H D Moore
New Oracle Forensics Paper, David Litchfield
[ GLSA 200708-05 ] GD: Multiple vulnerabilities, Raphael Marichez
[ MDKSA-2007:154 ] - Updated xine-ui packages fix denial of service and arbitrary code execution, security
rPSA-2007-0154-1 cups poppler tetex tetex-afm tetex-dvips tetex-fonts tetex-latex tetex-xdvi, rPath Update Announcements
[HS-A007] Qbik WinGate Remote Denial of Service, Harmony Security Advisory
rPSA-2007-0155-1 openssl openssl-scripts, rPath Update Announcements
Joomla 1.0.12 CMS - Session fixation Issue in backend Administration interface, router
rPSA-2007-0157-1 firefox thunderbird, rPath Update Announcements
[ MDKSA-2007:155 ] - Updated tcpdump packages fix remote denial of service, security
Zyxel Zywall 2 multiple vulnerabilities, Henri Lindberg - Smilehouse Oy
[ MDKSA-2007:156 ] - Updated imlib2 packages fix several issues, security
php-stats xss whois.php, vasodipandora
[ MDKSA-2007:157 ] - Updated kdelibs packages fix cross-site scripting (XSS) vulnerabilities, security
FCMS (Family Connections) <= 0.1.1 Remote Command Execution Exploit // www.MefistoLabs.com, ilkerkandemir
- <Possible follow-ups>
- Re: FCMS (Family Connections) <= 0.1.1 Remote Command Execution Exploit // www.MefistoLabs.com, hawkgotyou
[SECURITY] [DSA 1353-1] New tcpdump packages fix arbitrary code execution, Moritz Muehlenhoff
phpDVD v1.0.4 (dvd_config_file) Remote File Include Exploit, ilkerkandemir
- Re: phpDVD v1.0.4 (dvd_config_file) Remote File Include Exploit, BlackHawk
Best Top List Remote File Upload Vulnerability, rizgar
[ GLSA 200708-06 ] Net::DNS: Multiple vulnerabilities, Raphael Marichez
[ GLSA 200708-08 ] SquirrelMail G/PGP plugin: Arbitrary code execution, Raphael Marichez
SOTEeSKLEP Remote File Disclosure Vulnerability, theoden
- <Possible follow-ups>
- Re: SOTEeSKLEP Remote File Disclosure Vulnerability, m
WengoPhone SIP phone Remote Denial of Service vulnerability, zwell
Lib2 PHP v0.2 (DOCUMENT_ROOT) Remote File Inclusion Vulnerability, ilkerkandemir
PHPCentral Login Script Remote Command Execution Vulnerability, rizgar
- Re: PHPCentral Login Script Remote Command Execution Vulnerability, Magnus Holmgren
- <Possible follow-ups>
- Re: PHPCentral Login Script Remote Command Execution Vulnerability, Steven M. Christey
Beautifier Version 0.1 Remote File Include Vulnerability // MefistoLabs.Com, ilkerkandemir
[ GLSA 200708-07 ] Xfce Terminal: Remote arbitrary code execution, Raphael Marichez
CounterPath X-Lite SIP phone Remote Denial of Service vulnerability, zwell
mcNews (skinfile) Remote File Include Vulnerability, ilkerkandemir
Neuron Blog Admin Permission Bypass and Remote File Upload Vulnerability, rizgar
PHPCentral Poll Script Remote Command Execution Vulnerability, rizgar
- <Possible follow-ups>
- Re: PHPCentral Poll Script Remote Command Execution Vulnerability, Coopercentral
  - Re: PHPCentral Poll Script Remote Command Execution Vulnerability, Eren Türkay
Vulnerability in multiple "now playing" scripts for various IRC clients, Wouter Coekaerts
- <Possible follow-ups>
- Re: Vulnerability in multiple "now playing" scripts for various IRC clients, v9
  - Re: Vulnerability in multiple "now playing" scripts for various IRC clients, Michael Tharp
  - Re: Vulnerability in multiple "now playing" scripts for various IRC clients, Wouter Coekaerts
Default Root Password in Infrant (now Netgear) ReadyNAS "RAIDiator", Felix Domke
[o0o] Bypassing servlet input validation filters (OWASP Stinger + Struts example), Meder Kydyraliev
[SECURITY] [DSA 1354-1] New gpdf packages fix arbitrary code execution, Moritz Muehlenhoff
Multiple vulnerabilities in ircu, Wouter Coekaerts
JobLister3 SQL injection vulnerabilities, joseph . giron13
eXV2.de Browser Cookie is not properly sanitised, webmaster
Streamripper 1.62.1 - Buffer Overflows, chris . rohlf
Remote Denial of Service for SSH service at Dell DRAC4 (maybe Mocana SSH), Robert Scheck
- Re: Remote Denial of Service for SSH service at Dell DRAC4 (maybeMocana SSH), Thierry Zoller
  - Re: Remote Denial of Service for SSH service at Dell DRAC4 (maybeMocana SSH), Robert Scheck
[SECURITY] [DSA 1355-1] New kdegraphics packages fix arbitrary code execution, Moritz Muehlenhoff
[security bulletin] HPSBMA02237 SSRT061260 rev.1 - HP OpenView Performance Agent (OVPA) Running Shared Trace Service, Remote Arbitrary Code Execution, security-alert
[security bulletin] HPSBMA02238 SSRT061260 rev.1 - HP OpenView Reporter Running Shared Trace Service, Remote Arbitrary Code Execution, security-alert
[security bulletin] HPSBMA02241 SSRT061260 rev.1 - HP OpenView Service Quality Manager (OV SQM) Running Shared Trace Service, Remote Arbitrary Code Execution, security-alert
[security bulletin] HPSBMA02242 SSRT061260 rev.1 - HP OpenView Network Node Manager (OV NNM) Running Shared Trace Service, Remote Arbitrary Code Execution, security-alert
[security bulletin] HPSBMA02245 SSRT061260 rev.1 - HP OpenView Dashboard Running Shared Trace Service, Remote Arbitrary Code Execution, security-alert
[security bulletin] HPSBMA02246 SSRT061260 rev.1 - HP OpenView Performance Insight (OVPI) Running Shared Trace Service, Remote Arbitrary Code Execution --------, security-alert
[security bulletin] HPSBMA02235 SSRT061260 rev.1 - HP OpenView Internet Service (OVIS) Running Shared Trace Service, Remote Arbitrary Code Execution, security-alert
[security bulletin] HPSBMA02244 SSRT061260 rev.1 - HP OpenView Business Process Insight and Related Products Running Shared Trace Service, Remote Arbitrary Code Execution, security-alert
FLEA-2007-0043-1 openssl, Foresight Linux Essential Announcement Service
[security bulletin] HPSBMA02239 SSRT061260 rev.1 - HP OpenView Operations (OVO) Agents Running Shared Trace Service, Remote Arbitrary Code Execution, security-alert
[ MDKSA-2007:159 ] - Updated gpdf packages fix vulnerability, security
PHP Blue Dragon CMS 3.0.0 Remote File Inclusion Vulnerability (0dd exploit), Emanuele Gentili
[ MDKSA-2007:161 ] - Updated poppler packages fix vulnerability, security
[ MDKSA-2007:160 ] - Updated pdftohtml packages fix vulnerability, security
CVE-2007-3382: Handling of cookies containing a ' character, Mark Thomas
- Re: CVE-2007-3382: Handling of cookies containing a ' character, Christopher Schultz
[ MDKSA-2007:158 ] - Updated xpdf packages fix vulnerability, security
CVE-2007-3385: Handling of \" in cookies, Mark Thomas
CVE-2007-3386: XSS in Host Manager, Mark Thomas
[USN-497-1] xfce4-terminal vulnerability, Kees Cook
DeskPRO Admin Panel Multiple HTML Injections, DoZ
COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability, Wojciech Purczynski
- Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability, Dan Yefimov
  - Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability, Wojciech Purczynski
    - Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability, Dan Yefimov
  - Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability, Glynn Clements
    - Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability, Dan Yefimov
      - Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability, Glynn Clements
        
        Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability, Dan Yefimov
        
        Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability, Glynn Clements
        
        Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability, Dan Yefimov
        
        Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability, Glynn Clements
        
        Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability, Dan Yefimov
        
        Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability, Glynn Clements
        
        Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability, Dan Yefimov
        
        Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability, Nicolas Rachinsky
        
        Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability, Dan Yefimov
- Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability, Wojciech Purczynski
  - Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability, Dan Yefimov
    - Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability, Wojciech Purczynski
      - Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability, Dan Yefimov
        
        Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability, Wojciech Purczynski
        
        Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability, Dan Yefimov
        
        Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability, Wojciech Purczynski
        
        Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability, Dan Yefimov
- <Possible follow-ups>
- Re: Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability, x82_
  - Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability, Wojciech Purczynski
- Re: Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability, x82_
WireShark MMS Remote Denial of Service vulnerability, zwell
IBM Rational ClearQuest Web SQL Injection Login Bypass, swhite
EEYE: VGX.DLL Compressed Content Heap Overflow Vulnerability, eEye Advisories
EEYE: Windows Metafile AttemptWrite Heap Overflow, eEye Advisories
FLEA-2007-0044-1 tetex tetex-dvips tetex-fonts, Foresight Linux Essential Announcement Service
Multiple vulnerabilities in Live for Speed 0.5X10, Luigi Auriemma
FLEA-2007-0045-1 poppler, Foresight Linux Essential Announcement Service
Crash in Zoidcom 0.6.7, Luigi Auriemma
rPSA-2007-0160-1 openoffice.org, rPath Update Announcements
[ MDKSA-2007:163 ] - Updated koffice packages fix vulnerability, security
ZDI-07-048: Microsoft Internet Explorer substringData() Heap Overflow Vulnerability, zdi-disclosures
Multiple vulnerabilities in Babo Violent 2 2.08.00, Luigi Auriemma
TPTI-07-14: HP OpenView Multiple Product Shared Trace Service Stack Overflow Vulnerabilities, TSRT
ZDI-07-046: Microsoft Windows Media Player Skin Parsing Size Mismatch Heap Overflow Vulnerability, zdi-disclosures
ZDI-07-047: Microsoft Windows Media Player Malformed Skin Header Code Execution Vulnerability, zdi-disclosures
[ MDKSA-2007:164 ] - Updated tetex packages fix multiple vulnerabilities, security
iDefense Security Advisory 08.14.07: Microsoft Windows Vista Sidebar RSS Feeds Gadget Cross Site Scripting Vulnerability, iDefense Labs
iDefense Security Advisory 08.14.07: Microsoft XML Core Services XMLDOM Memory Corruption Vulnerability, iDefense Labs
[ GLSA 200708-09 ] Mozilla products: Multiple vulnerabilities, Raphael Marichez
Cross Site Request Forgery in 2wire routers, hkm
NSFOCUS SA2007-01 : Microsoft IE5 CSS Parsing Memory Corruption Vulnerability, NSFOCUS Security Team
McAfee Virus Scan for Linux and Unix v5.10.0 Local Buffer Overflow, Sebastian Wolfgarten
- Re: [Full-disclosure] McAfee Virus Scan for Linux and Unix v5.10.0 Local Buffer Overflow, Harry Muchow
Cisco Security Advisory: Local Privilege Escalation Vulnerabilities in Cisco VPN Client, Cisco Systems Product Security Incident Response Team
SecNiche : Microsoft Internet Explorer Pop up Blocker Bypassing and Dos Vulnerability, Aditya K Sood
- RE: [Full-disclosure] SecNiche : Microsoft Internet Explorer Pop up Blocker Bypassing and Dos Vulnerability, Debasis Mohanty
  - Re: [Full-disclosure] SecNiche : Microsoft Internet Explorer Pop up Blocker Bypassing and Dos Vulnerability, Aditya K Sood
HPSBMA02240 SSRT061260 rev.1 - HP OpenView Operations Manager for Windows (OVOW) with the OpenView Operations Add On Module for OpenView Operations-Business Availability Center Integration Running Shared Trace Service, Remote Arbitrary Code Execution, security-alert
[ MDKSA-2007:162 ] - Updated kdegraphics packages fix vulnerability, security
Systme de vote en temps rel v1.0 Remote File include Bug, cybermilitan
iDefense Security Advisory 08.15.07: ESRI ArcSDE Numeric Literal Buffer Overflow Vulnerability, iDefense Labs
rPSA-2007-0161-1 dovecot, rPath Update Announcements
Trackeur v.1 Remote File İnclude Bug, cybermilitan
- <Possible follow-ups>
- Re: Trackeur v.1 Remote File İnclude Bug, the . tiger100
Contact at Secure Computing, Dave Piscitello
Safari for windows remote arbitry file upload, laurent . gaffie
- <Possible follow-ups>
- Re: Safari for windows remote arbitry file upload, Neil Dickey
- Re: Re: Safari for windows remote arbitry file upload, laurent . gaffie
- Re: Re: Safari for windows remote arbitry file upload, Neil Dickey
[ MDKSA-2007:165 ] - Updated cups packages fix vulnerability, security
TlbInf32 ActiveX Command Execution, Brett Moore
[SECURITY] [DSA 1356-1] New Linux 2.6.18 packages fix several vulnerabilities, dann frazier
[USN-498-1] libvorbis vulnerabilities, Kees Cook
Olate Download 3.4.1 ~ admin.php ~ Admin authentication bypassing, imei Addmimistrator
- <Possible follow-ups>
- Re: Olate Download 3.4.1 ~ admin.php ~ Admin authentication bypassing, postmaster
MS07-042 XMLDOM substringData() PoC, Alla Bezroutchko
FLEA-2007-0046-1 cups, Foresight Linux Essential Announcement Service
Another Oracle Forensics Paper..., David Litchfield
TS-2007-003-0: BlueCat Networks Adonis CLI root privilege escalation, anonymous.c7ffa4057a
- <Possible follow-ups>
- Re: TS-2007-003-0: BlueCat Networks Adonis CLI root privilege escalation, security
[ GLSA 200708-11 ] Lighttpd: Multiple vulnerabilities, Raphael Marichez
[ GLSA 200708-12 ] Wireshark: Multiple vulnerabilities, Raphael Marichez
Local privilege escalation vulnerability in Cisco VPN client, NGSSoftware Insight Security Research
[ GLSA 200708-10 ] MySQL: Denial of Service and information leakage, Raphael Marichez
ToorCon 9 CFP, David Hulton
[USN-499-1] Apache vulnerabilities, Kees Cook
iDefense Security Advisory 08.16.07: IBM DB2 Universal Database Directory Traversal Vulnerability, iDefense Labs
iDefense Security Advisory 08.16.07: IBM DB2 Universal Database buildDasPaths Buffer Overflow Vulnerability, iDefense Labs
rPSA-2007-0164-1 kernel, rPath Update Announcements
iDefense Security Advisory 08.16.07: IBM DB2 Universal Database Multiple Untrusted Search Path Vulnerabilities, iDefense Labs
vBulletin V3.6.8 XSS Password Md5 Hash, RaeD
- <Possible follow-ups>
- Re: vBulletin V3.6.8 XSS Password Md5 Hash, scott-REMOVE
Release of Pass-The-Hash Toolkit for Windows v1.0, Hernan Ochoa
Olate Download 3.4.1~environment.php.php~Code Execution, imei Addmimistrator
Skype Network Remote DoS Exploit, Valery Marchuk
- <Possible follow-ups>
- Re: Skype Network Remote DoS Exploit, Steven M. Christey
  - RE: Skype Network Remote DoS Exploit, Marc Maiffret
    - RE: Skype Network Remote DoS Exploit, David Harley
  - Re[2]: Skype Network Remote DoS Exploit, Matthew Leeds
  - Re: Skype Network Remote DoS Exploit, Valery Marchuk
    - Re: Skype Network Remote DoS Exploit, Roland Dobbins
- Re: Skype Network Remote DoS Exploit, Jay
Cross Platform remote IM vulnerability / DOS, Danslo
- Re: Cross Platform remote IM vulnerability / DOS, Gavin Hanover
- Re: Cross Platform remote IM vulnerability / DOS, J. Oquendo
HPSBMA02242 SSRT061260 rev.2 - HP OpenView Network Node Manager (OV NNM) Running Shared Trace Service, Remote Arbitrary Code Execution --------, security-alert
Re: iDefense Security Advisory 08.16.07: IBM DB2 Universal Database Multiple Race Condition Vulnerabilities, iDefense Labs
iDefense Security Advisory 08.16.07: IBM DB2 Universal Database Multiple File Creation Vulnerabilities, iDefense Labs
iDefense Security Advisory 08.16.07: IBM DB2 Universal Database Directory Creation Vulnerability, iDefense Labs
Remote Memory Read in Diskeeper 9 - 2007, auto48696
[ GLSA 200708-13 ] BIND: Weak random number generation, Raphael Marichez
Multiple vulnerabilities in rFactor 1.250, Luigi Auriemma
Multiple vulnerabilities in Toribash 2.71, Luigi Auriemma
Unexploitable buffer-overflow in the logging function of the Unreal engine, Luigi Auriemma
- <Possible follow-ups>
- Re: Unexploitable buffer-overflow in the logging function of the Unreal engine, rickmccl
  - Re[2]: Unexploitable buffer-overflow in the logging function of the Unreal engine, 3APA3A
report a bug !, Advisory
- Re: report a bug !, Steve Shockley
  - Re: report a bug !, Draichis
Astaro DOS and POP3 bypass issues partially resolved, William Warren
Gurur Haber v2.0, the . dumenci
[ GLSA 200708-15 ] Apache mod_jk: Directory traversal, Raphael Marichez
[SECURITY] [DSA 1357-1] New koffice packages fix arbitrary code execution, Moritz Muehlenhoff
OWASP Mumbai Meeting : 6th Sep 2007, dharmeshmm
iDefense Security Advisory 08.20.07: Check Point Zone Labs VSDATANT Multiple IOCTL Privilege Escalation Vulnerabilities, iDefense Labs
iDefense Security Advisory 08.20.07: Check Point Zone Labs Multiple Products Privilege Escalation Vulnerability, iDefense Labs
IMF 2007 - Call for Participation, Oliver Goebel
[ GLSA 200708-14 ] NVIDIA drivers: Denial of Service, Raphael Marichez
[ MDKSA-2007:166 ] - Updated rsync packages fix off-by-one buffer overflow, security
[ MDKSA-2007:167 ] - Updated libvorbis packages fix vulnerabilities, security
[Reversemode Advisory] CheckPoint ZoneLabs Vsdatant.sys multiple local privilege escalation vulnerabilities, Reversemode
SYMSA-2007-007: Palm OS Treo Smartphone Denial of Service, research
- <Possible follow-ups>
- Re: SYMSA-2007-007: Palm OS Treo Smartphone Denial of Service, Stuart Moore
  - RE: SYMSA-2007-007: Palm OS Treo Smartphone Denial of Service, Michael Bednar
    - Re: SYMSA-2007-007: Palm OS Treo Smartphone Denial of Service, Tuc at T-B-O-H.NET
- Re: Re: SYMSA-2007-007: Palm OS Treo Smartphone Denial of Service, s1m0n13
- Re: RE: SYMSA-2007-007: Palm OS Treo Smartphone Denial of Service, bjohnson
[ MDKSA-2007:167-1 ] - Updated libvorbis packages fix vulnerabilities, security
[HISPASEC] Fileinfo 2.0.9 plugin for Total Commander multiple vulnerabilities, Gynvael Coldwind
Mambo Component SimpleFAQ V2.11 - Remote SQL Injection, k1tk4t
ZDI-07-049: EMC Legato Networker Remote Exec Service Stack Overflow Vulnerabilities, zdi-disclosures
[USN-500-1] rsync vulnerability, Kees Cook
SIEMENS Gigaset SE361 router XSS, morin . josh
[USN-501-1] jasper vulnerability, Kees Cook
Invision Power Board D22-Shoutbox HTML Injections, DoZ
No cON Name 2007 - CALL FOR PAPERS, deese
Joomla Component SimpleFAQ V2.11 - Remote SQL Injection, k1tk4t
Dalai Forum Remote File Inclusion Exploit, system-errrror
Firesoft Remote File Inclusion, system-errrror
iDefense Security Advisory 08.20.07: Trend Micro SSAPI Long Path Buffer Overflow Vulnerability, iDefense Labs
Vulnerabilities digest, 3APA3A
- Re: Vulnerabilities digest, Steven M. Christey
AST-2007-020: Resource Exhaustion Vulnerability in Asterisk SIP channel driver, Asterisk Security Team
iDefense Security Advisory 08.21.07: Trend Micro ServerProtect Multiple Buffer Overflow Vulnerabilities, iDefense Labs
iDefense Security Advisory 08.21.07: Trend Micro ServerProtect RPCFN_SYNC_TASK Integer Overflow Vulnerability, iDefense Labs
[ MDKSA-2007:168 ] - Updated vim packages fix vulnerability, security
[ MDKSA-2007:169 ] - Updated gdm packages fix DoS vulnerability, security
Local Privilege Escalation Vulnerabilities in Lotus Notes Client, kochetkov . vladimir
- Re: Local Privilege Escalation Vulnerabilities in Lotus Notes Client, 3APA3A
Encryption Weakness in Sun Sun AS 9.0_0.1 (build b02-p01), fred
Ripe Website Manager SQL Injection and Cross Site Scripting Vulnerabilities, OS2A BTO
Announcement: Releasing CORE GRASP for PHP. An open source, dynamic web application protection system., Ezequiel Gutesman
- <Possible follow-ups>
- Announcement: Releasing CORE GRASP for PHP. An open source, dynamic web application protection system., Ezequiel Gutesman
HPSBST02255 SSRT071456 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS07-042 to MS07-050, security-alert
Olate Download 3.4.2~modules/core/uim.php~XSS, imei Addmimistrator
Olate Download 3.4.2~modules/core/fldm.php~comments tag [url] XSS, imei Addmimistrator
Camino release 1.5.1 fixes several vulnerabilities, Juha-Matti Laurio
TeamSpeak 2 Server Vulnerabilities?, lehox
- Re: TeamSpeak 2 Server Vulnerabilities?, 3APA3A
Olate Download 3.4.2~download.php ~ sql injection, imei Addmimistrator
Buffer-overflow in the Asura engine, Luigi Auriemma
[ GLSA 200708-16 ] Qt: Multiple format string vulnerabilities, Raphael Marichez
[ GLSA 200708-17 ] Opera: Multiple vulnerabilities, Raphael Marichez
phpress 0.2.0 (adisplay.php) Remote File Inclusion, naxx
rPSA-2007-0168-1 rsync, rPath Update Announcements
VMWare poor guest isolation design, M. Burnett
- Re: VMWare poor guest isolation design, Arthur Corliss
  - RE: VMWare poor guest isolation design, M. Burnett
    - RE: VMWare poor guest isolation design, Arthur Corliss
  - RE: VMWare poor guest isolation design, William Holmberg
    - RE: VMWare poor guest isolation design, Arthur Corliss
  - RE: VMWare poor guest isolation design, James C. Slora Jr.
  - Re: VMWare poor guest isolation design, Jonathan Yu
    - Re: VMWare poor guest isolation design, Arthur Corliss
      - Re: VMWare poor guest isolation design, Jonathan Yu
      - More on VMWare poor guest isolation design, M. Burnett
        
        Re: More on VMWare poor guest isolation design, Tim Newsham
        
        RE: More on VMWare poor guest isolation design, M. Burnett
        
        RE: More on VMWare poor guest isolation design, Tim Newsham
        
        RE: More on VMWare poor guest isolation design, Arthur Corliss
        
        Re: More on VMWare poor guest isolation design, Wietse Venema
  - Re: VMWare poor guest isolation design, Matt Richard
    - Re: VMWare poor guest isolation design, Arthur Corliss
  - RE: VMWare poor guest isolation design, Ken Kousky
    - RE: VMWare poor guest isolation design, Arthur Corliss
      - RE: VMWare poor guest isolation design, Ken Kousky
        
        RE: VMWare poor guest isolation design, Arthur Corliss
- Re: VMWare poor guest isolation design, Tim Newsham
- <Possible follow-ups>
- VMware poor guest isolation design, VMware Security team
Reminder: HITBSecConf2007 - Malaysia is less than 2 weeks away, Praburaajan
SPIP v1.7 Remote File Inclusion Bug, system-errrror
- Re: SPIP v1.7 Remote File Inclusion Bug, Magnus Holmgren
X-Diesel Unreal Commander v0.92 (build 573) multiple vulnerabilities, Gynvael Coldwind
[ MDKSA-2007:170 ] - Updated gimp packages fix input data validation issues in several plugins, security
rPSA-2007-0169-1 xterm, rPath Update Announcements
FLEA-2007-0047-1 rsync, Foresight Linux Essential Announcement Service
Security Advisory for Bugzilla 3.0, 2.22.1, and 2.20.4, mkanat
FLEA-2007-0048-1 xterm, Foresight Linux Essential Announcement Service
Heap overflow in Skulltag 0.97d-beta4.1, Luigi Auriemma
Multiple denial of service in Soldat 1.4.2/2.6.2, Luigi Auriemma
The Korean Hacking & Security Conference "POC 2007" call for papers, poc2007
Tikiwiki 1.9.7 HTML/embed object injection, morin . josh
24th Chaos Communication Congress 2007: Call for Participation, fukami
about recent phpMyAdmin "vulnerabilities", Marc Delisle
[USN-502-1] KDE vulnerabilities, Kees Cook
security vulnerability in VMware, seppi
n.runs-SA-2007.026 - Sophos Antivirus BZip parsing Infinite Loop Advisory, security
n.runs-SA-2007.025 - ClamAV Remote Code Execution Advisory, security
Security vulnerability in BufferZone 2.5, seppi
AST-2007-021: Crash from invalid/corrupted MIME bodies when using voicemail with IMAP storage, Asterisk Security Team
rPSA-2007-0172-1 tar, rPath Update Announcements
n.runs-SA-2007.027 - Sophos Antivirus UPX parsing Arbitrary CodeExecution Advisory, security
- Re: n.runs-SA-2007.027 - Sophos Antivirus UPX parsing Arbitrary CodeExecution Advisory, 3APA3A
  - Re: n.runs-SA-2007.027 - Sophos Antivirus UPX parsing Arbitrary CodeExecution Advisory, Sergio Alvarez
SIDVault LDAP Server Remote Buffer Overflow, Joxean Koret
- EnterpriseDB Advanced Server 8.2 Unitialized Pointer, Joxean Koret
[SECURITY] [DSA 1358-1] New asterisk packages fix several vulnerabilities, Moritz Muehlenhoff
Sunshop v4.0 <= Blind SQL Injection exploit, auah
Abledesign Dynamic Picture Frame XSS, morin . josh
InterWorx-CP Multiple HTML Injections Vulnerabilitie, DoZ
- <Possible follow-ups>
- Re: InterWorx-CP Multiple HTML Injections Vulnerabilitie, info
Moonware Software Multiple Vulnerabilities, s0cratex
iDefense Security Advisory 08.27.07: Motorola Timbuktu Multiple Buffer Overflow Vulnerabilities, iDefense Labs
[USN-503-1] Thunderbird vulnerabilities, Kees Cook
iDefense Security Advisory 08.27.07: Motorola Timbuktu Pro Directory Traversal Vulnerability, iDefense Labs
OpenBSD 4.1 - Heap overflow vulnerabillity, acheddamiman
- Re: OpenBSD 4.1 - Heap overflow vulnerabillity, Steve Shockley
FLEA-2007-0049-1 tar, Foresight Linux Essential Announcement Service
ePersonnel_RC_2004 Remote File Bug, system-errrror
eyeOS checksum prediction, komarov
BIND 8 EOL and BIND 8 DNS Cache Poisoning (Amit Klein, Trusteer), Amit Klein
PhpGedView login page multiple XSS, morin . josh
HPSBUX02249 SSRT071442 rev.1 HP-UX Running the Ignite-UX or the DynRootDisk (DRD) get_system_info Command, Local Unqualified Configuration Change, security-alert
Community input/questions for ISOI 3?, Gadi Evron
Found nice mass exploits for fedora and imap, linux0day
- Re: Found nice mass exploits for fedora and imap, jf
- Re: Found nice mass exploits for fedora and imap, Jon Lewis
n.runs, Sophos, German laws, and customer safety, Steven M. Christey
- Re: n.runs, Sophos, German laws, and customer safety, Jerome Athias
  - Re: n.runs, Sophos, German laws, and customer safety, alan
- Re: n.runs, Sophos, German laws, and customer safety, Oliver Karow
- <Possible follow-ups>
- Re: n.runs, Sophos, German laws, and customer safety, Anonymous
[SECURITY] [DSA 1359-1] New dovecot packages fix directory traversal, Steve Kemp
[SECURITY] [DSA 1360-1] New rsync packages fix arbitrary code execution, Steve Kemp
[ MDKSA-2007:171 ] - Updated kernel packages fix multiple vulnerabilities and bugs, security
[USN-505-1] vim vulnerability, Kees Cook
[USN-504-1] Emacs vulnerability, Kees Cook
[USN-506-1] tar vulnerability, Kees Cook
[HISPASEC] Blizzard StarCraft Brood War 1.15.1 Remote DoS, Gynvael Coldwind
[USN-469-2] Enigmail regression, Kees Cook
Cisco Security Advisory: XSS and SQL Injection in Cisco CallManager/Unified Communications Manager Logon Page, Cisco Systems Product Security Incident Response Team
HPSBMA02236 SSRT061260 rev.1 - HP OpenView Performance Manager (OVPM) Running Shared Trace Service on HP-UX, Solaris, and Windows, Remote Arbitrary Code Execution, security-alert
Multiple vulnerabilities in Doomsday 1.9.0-beta5.1, Luigi Auriemma
[SECURITY] [DSA 1361-1] New postfix-policyd packages fix arbitrary code execution, Steve Kemp
The Long Run, Dave Aitel
[SECURITY] [DSA 1362-1] New lighttpd packages fix several vulnerabilities, Steve Kemp
[USN-507-1] tcp-wrappers vulnerability, Kees Cook
PR07-23: Non-persistent Cross-site Scripting (XSS) on Absolute Poll Manager XE admin page, research
Re: Re: Multiple OS kernel insecure handling of stdio file descriptor, watercloud
Updated: VMware poor guest isolation design, VMware Security team
Sony: The Return Of The Rootkit, Quark IT - Hilton Travis
iDefense Security Advisory 08.30.07: Yahoo Messenger YVerInfo.dll ActiveX Multiple Remote Buffer Overflow Vulnerabilities, iDefense Labs
SQL Injection in Cisco CallManager, Elliot Kendall
Cisco CSS WebNS ssh crash, NetExpress
Immunity Debugger v1.1 Release, Nicolas Waisman
[48bits] Advisory : Multiple vulnerabilities in Norman NVC 5.82 driver, vulndev 48bits

Mail converted by MHonArc