Mail Thread Index
- Affiliate Network Pro Multiple Input Validation and Local file inclusion,
hack2prison
- RE: feedreader3 has XSS vulnerability,
avivra
- ASP Product catalog SQL injection vulnerability,
joseph . giron13
- [ GLSA 200709-18 ] Bugzilla: Multiple vulnerabilities,
Raphael Marichez
- eGov Content Manager Cross Site Scripting Vulrnability,
DoZ
- phpBB Mod OpenID 0.2.0 BBStore.php Remote File Inclusion,
h3llcode
- Re: OpenSSL SSL_get_shared_ciphers() off-by-one buffer overflow,
snagg
- CheckPoint Secure Platform Multiple Buffer Overflows,
hvazquez
- ASP-CMS version 1 default password location.,
joseph . giron13
- New Advisory: X-script GuestBook,
m2x
- smbftpd 0.96 format string vulnerability,
Jerry Illikainen
- Two buffer-overflow in FSD V2.052 d9 and FSFDT V3.000 d9,
Luigi Auriemma
- Unexploitable buffer-overflow in America's Army 2.8.2 through PB,
Luigi Auriemma
- Format string in the Doom 3 engine through PB,
Luigi Auriemma
- Format string in F.E.A.R. 1.08 through PB,
Luigi Auriemma
- ClubHack - CFP closing by 15th October 2007,
`ClubHack `
- Immunity Debugger v1.2 Release,
Nicolas Waisman
- [ MDKSA-2007:191 ] - Updated libsndfile packages fix vulnerability,
security
- [ MDKSA-2007:192 ] - Updated mplayer packages fix vulnerability,
security
- WifiZoo v1.2 release,
Hernan Ochoa
- [SECURITY] [DSA 1365-3] New id3lib3.8.3 packages fix denial of service,
dann frazier
- Original Photo Gallery Remote Command Execution,
ascii
- Re: dvddb-0.6 media sql-inj. vuln.,
james
- [SECURITY] [DSA 1379-1] New openssl packages fix arbitrary code execution,
Noah Meyerhans
- TPTI-07-16: CA BrightStor Hierarchical Storage Manager Buffer Overflow Vulnerabilities,
TSRT
- TPTI-07-17: CA BrightStor Hierarchical Storage Manager SQL Injection Vulnerabilities,
TSRT
- iDefense Security Advisory 10.02.07: Multiple Vendor X Font Server Multiple Vulnerabilities,
iDefense Labs
- rPSA-2007-0203-1 rmake rmake-proxy rmake-repos,
rPath Update Announcements
- [SECURITY] [DSA 1380-1] New elinks packages fix information disclosure,
Steve Kemp
- FLEA-2007-0057-1 pidgin,
Foresight Linux Essential Announcement Service
- [SECURITY] [DSA 1379-1] New quagga packages fix denial of service,
Steve Kemp
- [SECURITY] [DSA 1381-1] New Linux 2.6.18 packages fix several vulnerabilities,
dann frazier
- iDefense Security Advisory 10.02.07: Sun Microsystems Solaris FIFO FS Information Disclosure Vulnerability,
iDefense Labs
- 0day: mIRC pwns Windows,
jinc4fareijj
- International Hacking & Security Conference "POC200",
poc2007
- Re: Ruby Net::HTTPS library does not validate server certificate CN,
Thomas
- Re: BIND 8 EOL and BIND 8 DNS Cache Poisoning (Amit Klein, Trusteer),
sathyakrishnadas
- DRBGuestbook Remote XSS Vulnerability,
gokhankaya
- rPSA-2007-0204-1 qt-x11-free,
rPath Update Announcements
- rPSA-2007-0205-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs,
rPath Update Announcements
- rPSA-2007-0206-1 openssl openssl-scripts,
rPath Update Announcements
- Content Builder 0.7.5 RFI Bug,
mehrad1989
- FreeBSD Security Advisory FreeBSD-SA-07:08.openssl,
FreeBSD Security Advisories
- FLEA-2007-0058-1 openssl openssl-scripts,
Foresight Linux Essential Announcement Service
- [RISE-2007003] Firebird Relational Database Multiple Buffer Overflow Vulnerabilities,
RISE Security
- Cart32 Arbitrary File Download Vulnerability,
Paul Craig
- [RISE-2007002] Borland InterBase Multiple Buffer Overflow Vulnerabilities,
RISE Security
- Re: Two buffer-overflow in FSD V2.052 d9 and FSFDT V3.000 d9[EXPLOIT],
weak
- [USN-523-1] ImageMagick vulnerabilities,
Kees Cook
- FLEA-2007-0059-1 qt qt-tools,
Foresight Linux Essential Announcement Service
- [Aria-Security] Stuffed Tracker Multiple Cross-Site Scripting VULN,
[ NO REPLY ]
- DDIVRT-2007-05 NetSupport Manager Client Buffer Overflow,
vulnerabilityresearch
- [ GLSA 200710-01 ] RPCSEC_GSS library: Buffer overflow,
Pierre-Yves Rofes
- [USN-524-1] OpenOffice.org vulnerability,
Kees Cook
- [USN-525-1] libsndfile vulnerability,
Kees Cook
- [USN-526-1] debian-goodies vulnerability,
Kees Cook
- URI handling woes in Acrobat Reader, Netscape, Miranda, Skype,
Juergen Schmidt
- RE: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype,
Roger A. Grimes
- Re[2]: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype,
Thierry Zoller
- Re: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape,Miranda, Skype,
Geo.
- Re[2]: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape,Miranda, Skype,
Thierry Zoller
- Re: Re[2]: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape,Miranda, Skype,
Kurt Dillard
- Re[3]: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape,Miranda, Skype,
3APA3A
- Re: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape,Miranda, Skype,
Geo.
- Re: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype,
Valdis . Kletnieks
- Re: URI handling woes in Acrobat Reader, Netscape,Miranda, Skype,
Thierry Zoller
- RE: Re[2]: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype,
Roger A. Grimes
- Re: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype,
Andreas Lindenblatt
- Re: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype,
Andreas Lindenblatt
- <Possible follow-ups>
- RE: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype,
Juergen Schmidt
- Re[2]: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype,
Thierry Zoller
- RE: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype,
Jim Slora
- [ MDKSA-2007:193 ] - Updated openssl packages fix vulnerabilities,
security
- rPSA-2007-0209-1 elinks,
rPath Update Announcements
- [SECURITY] [DSA 1383-1] New gforge packages fix cross-site scripting,
Thijs Kinkhorst
- Multiple vulnerabilities in Dropteam 1.3.3,
Luigi Auriemma
- Reporting Vulnerable Public Web mail,
ivan . sanchez
- Re: Re: file upload vulnerability in joomla media component,
vinodsharma . mimit
- Format string in The Dawn of Time 1.69s beta4,
Luigi Auriemma
- [SECURITY] [DSA 1384-1] New xen-utils packages fix several vulnerabilities,
Steve Kemp
- CMS Creamotion - Remote File inclusion,
security
- SSHatter 0.6,
Tim Brown
- idmos-phoenix cms Remote File inclusion,
security
- Else If cms Multiple Remote vulnerabilities,
security
- [ GLSA 200710-02 ] PHP: Multiple vulnerabilities,
Raphael Marichez
- [SECURITY] [DSA 1362-2] New lighttpd packages fix buffer overflow,
Steve Kemp
- [ GLSA 200710-04 ] libsndfile: Buffer overflow,
Raphael Marichez
- [ GLSA 200710-07 ] Tk: Buffer overflow,
Raphael Marichez
- [ GLSA 200710-03 ] libvorbis: Multiple vulnerabilities,
Raphael Marichez
- [ GLSA 200710-05 ] QGit: Insecure temporary file creation,
Pierre-Yves Rofes
- new vuln in snewscms.net.ru in lang file,
info
- [ GLSA 200710-06 ] OpenSSL: Multiple vulnerabilities,
Pierre-Yves Rofes
- TorrentTrader Classic Mutiple Remote vulnerabilities,
security
- rPSA-2007-0210-1 xen,
rPath Update Announcements
- [security bulletin] HPSBUX02262 SSRT071447 rev. 1 - HP-UX running Apache, Remote Arbitrary Code Execution, Cross Site Scripting (XSS),
security-alert
- [security bulletin] HPSBUX01137 SSRT5954 rev.11 - HP-UX Running TCP/IP (IPv4), Remote Denial of Service (DoS),
security-alert
- BT Home Flub: Pwnin the BT Home Hub,
Adrian P
- [security bulletin] HPSBUX02181 SSRT061289 rev.3 - HP-UX Running IPFilter, Remote Denial of Service (DoS),
security-alert
- [security bulletin] HPSBMA02274 SSRT071445 rev.1 - HP System Management Homepage (SMH) for HP-UX, Remote Cross Site Scripting (XSS),
security-alert
- [security bulletin] HPSBMA02275 SSRT071445 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Cross Site Scripting (XSS),
security-alert
- Black Hat Tokyo + DC and Europe CfPs now open.,
Jeff Moss
- Viart Shopping Cart Directory Transversal Vuln,
[ NO REPLY ]
- rPSA-2007-0212-1 util-linux,
rPath Update Announcements
- DNewsWeb Softwares Cross Site Scripting Vulrnability,
DoZ
- Vulnerabilities,
xoxland
- LedgerSMB < 1.2.8, SQL-Ledger 2.x Multiple SQL Injection Issues,
Chris Travers
- Research: Cybercrime and the Electoral System,
Oliver Friedrichs
- RE: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype,
Brett Moore
- [USN-527-1] xen-3.0 vulnerability,
Kees Cook
- NULL pointer crash in World in Conflict 1.000,
Luigi Auriemma
- iDefense Security Advisory 10.09.07: Microsoft Windows Mail and Outlook Express NNTP Protocol Heap Overflow,
iDefense Labs
- The Death of Defence in Depth ? - An invitation to Hack.lu,
Thierry Zoller
- [ GLSA 200710-09 ] NX 2.1: User-assisted execution of arbitrary code,
Pierre-Yves Rofes
- [ GLSA 200710-08 ] KOffice, KWord, KPDF, KDE Graphics Libraries: Stack-based buffer overflow,
Pierre-Yves Rofes
- Regarding vulnerability in ViArt Shop,
support
- 3Com WIFI router remote administration vulnerability.,
Guy Mizrahi
- Cisco PSIRT response on IRM Demonstrates Multiple Cisco IOS Exploitation Techniques,
Damir Rajnovic
- Remote Desktop Command Fixation Attacks,
pdp (architect)
- wmtrssreader joomla component 1.0 Remote File Include Vulnerability,
cyber-crime
- Several vulnerabilities in CMS Made Simple 1.1.3.1,
Omid
- 0day: Hacking secured CITRIX from outside,
pdp (architect)
- Cisco Security Advisory: Cisco Wireless Control System Conversion Utility Adds Default Password,
Cisco Systems Product Security Incident Response Team
- AST-2007-022: Buffer overflows in voicemail when using IMAP storage,
The Asterisk Development Team
- [SECURITY] [DSA 1379-2] New openssl packages fix arbitrary code execution,
Noah Meyerhans
- Vulnerabilities digest,
3APA3A
- iDefense Security Advisory 10.10.07: Kaspersky Web Scanner ActiveX Format String Vulnerability,
iDefense Labs
- ZDI-07-055: Microsoft Windows DCERPC Authentication Denial of Service Vulnerability,
zdi-disclosures
- ZDI-07-056: IBM DB2 DB2JDS Multiple Vulnerabilities,
zdi-disclosures
- ZDI-07-057: Firebird process_packet() Remote Stack Overflow Vulnerability,
zdi-disclosures
- TPTI-07-18: EMC RepliStor Server Heap Overflow Vulnerability,
TSRT
- [ELEYTT] 10PAZDZIERNIK2007,
Michal Bucko
- IRM Advisory: Cisco IOS LPD Remote Stack Overflow,
Andy Davis
- URI handling as the harbinger of interaction errors,
Steven M. Christey
- CORE-2007-0928: Stack-based buffer overflow vulnerability in OpenBSD’s DHCP server,
Core Security Technologies Advisories
- [ MDKSA-2007:194 ] - Updated libvorbis packages fix vulnerabilities,
security
- October Microsoft Tuesday,
Todd Manning
- M$ will fix URI?,
Memisyazici, Aras
- Joomla! swMenuFree 4.6 Component Remote File Include,
Guns
- [security bulletin] HPSBUX02273 SSRT071476 rev. 1 - HP-UX running Apache, Remote Unauthorized Denial of Service (DoS),
security-alert
- CA BrightStor ARCServe BackUp Message Engine Remote Stack Overflow Vulnerability,
hfli
- [USN-528-1] MySQL vulnerabilities,
Kees Cook
- EEYE: CA BrightStor ArcServe Backup Server Arbitrary Pointer Dereference,
eEye Advisories
- iDefense Security Advisory 10.11.07: Multiple Vendor FLAC Library Multiple Integer Overflow Vulnerabilities,
iDefense Labs
- [security bulletin] HPSBMA02230 SSRT071436 rev.1 - HP Select Identity, Remote Unauthorized Access,
security-alert
- [USN-529-1] Tk vulnerability,
Kees Cook
- S21SEC-037-en: OPAL SIP Protocol Remote Denial of Service,
S21sec Labs
- [CAID 35724, 35725, 35726]: CA BrightStor ARCserve Backup Multiple Vulnerabilities,
Williams, James K
- rPSA-2007-0214-1 initscripts,
rPath Update Announcements
- Tikiwiki 1.9.8 exploit ITW,
Moritz Naumann
- OpenSSL Security Advisory,
Ben Laurie
- SEC Consult SA-20071012-0 :: Madwifi xrates element remote DOS,
Bernhard Mueller
- [USN-530-1] hplip vulnerability,
Kees Cook
- [ GLSA 200710-10 ] SKK Tools: Insecure temporary file creation,
Raphael Marichez
- [ GLSA 200710-11 ] X Font Server: Multiple Vulnerabilities,
Pierre-Yves Rofes
- [ GLSA 200710-13 ] Ampache: Multiple vulnerabilities,
Pierre-Yves Rofes
- [SECURITY] [DSA 1381-2] New Linux 2.6.18 packages fix several vulnerabilities,
dann frazier
- [ GLSA 200710-14 ] DenyHosts: Denial of Service,
Pierre-Yves Rofes
- playing for fun with <=IE7,
laurent . gaffie
- VImpX ActiveX (VImpX.ocx v. 4.7.3.0) Remote,
saw_xyz
- [ GLSA 200710-12 ] T1Lib: Buffer overflow,
Pierre-Yves Rofes
- Clients buffer-overflow in Live for Speed 0.5X10,
Luigi Auriemma
- [SECURITY] [DSA 1386-2] New wesnoth packages fix denial of service,
Martin Schulze
- [SECURITY] [DSA 1386-1] New wesnoth packages fix denial of service,
Martin Schulze
- [ GLSA 200710-16 ] X.Org X server: Composite local privilege escalation,
Pierre-Yves Rofes
- SYMSA-2007-010: Microsoft ActiveSync 4.x Weak Password Obfuscation,
research
- InnovaShop?® (mgs.jps) Cross Siting Scripting,
jose luis góngora fernández
- Stringbeans (Portal) - Lang Parameter Cross-Site Scripting Vulnerability,
jose luis góngora fernández
- Xcomputer - Lang Parameter Cross-Site Scripting Vulnerability,
jose luis góngora fernández
- [SECURITY] [DSA 1387-1] New librpcsecgss packages fix arbitrary code execution,
Florian Weimer
- eXtremail(ly easy) remote roots,
mu-b
- [ GLSA 200710-15 ] KDM: Local privilege escalation,
Pierre-Yves Rofes
- HTML Injection Vuln in nssboard,
kcghost
- CVE-2007-4600 - Mathcad Protect Worksheet Vulnerability,
bugtraq
- about phpMyAdmin setup.php XSS vulnerability,
Marc Delisle
- FW: [Dailydave] Canada's Response to Black Hat - SecTor 2007,
Taylor, Gord
- IRM Vendor Alerts: Six critical remote vulnerabilities in TIBCO SmartPGM FX,
Andy Davis
- WWWISIS <= 7.1 (IsisScript) Multiple Vulnerabilities,
jose luis góngora fernández
- [ MDKSA-2007:198 ] - Updated util-linux packages fix vulnerability,
security
- Secunia Research: IrfanView Palette File Importing Buffer Overflow Vulnerability,
Secunia Research
- SSH attacks - anyone else seen these?,
Tim
- [security bulletin] HPSBMA02230 SSRT071436 rev.2 - HP Select Identity, Remote Unauthorized Access,
security-alert
- [ MDKSA-2007:197 ] - Updated tar packages prevent buffer overflow,
security
- [security bulletin] HPSBST02280 SSRT071480 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS07-055 to MS07-060,
security-alert
- [security bulletin] HPSBTU02276 SSRT071472 rev.1 - HP Tru64 UNIX Running Apache Tomcat, Remote Unauthorized Access, Remote Denial of Service (DoS),
security-alert
- [ MDKSA-2007:196 ] - Updated kernel packages fix multiple vulnerabilities and bugs,
security
- [security bulletin] HPSBUX02277 SSRT071453 rev.1 - HP-UX Running OpenSSL, Local Denial of Service (DoS),
security-alert
- [ MDKSA-2007:195 ] - Updated kernel packages fix multiple vulnerabilities and bugs,
security
- [ GLSA 200710-17 ] Balsa: Buffer overflow,
Raphael Marichez
- Multiple CSRF in SimplePHPBlog,
deme
- Oracle TNS Listener DoS and/or remote memory inspection,
NGSSoftware Insight Security Research
- Multiple SQL Injection Flaws in Oracle CTX_DOC package,
NGSSoftware Insight Security Research
- Oracle RDBMS TNS Data packet DoS,
NGSSoftware Insight Security Research
- AST-2007-023 - SQL Injection Vulnerabilty in cdr_addon_mysql,
Asterisk Security Team
- Oracle audit issue with XMLDB ftp service,
NGSSoftware Insight Security Research
- Cisco Security Advisory: Cisco Unified Communications Web-based Management Vulnerability,
Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Multiple Vulnerabilities in Firewall Services Module,
Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco PIX and ASA Appliances,
Cisco Systems Product Security Incident Response Team
- Re: Netgear FVG318 is vunerable to DOS attack,
NetGear
- SQL Injection Flaw in Oracle Workspace Manager,
David Litchfield
- [ MDKSA-2007:199 ] - Updated phpMyAdmin packages fix multiple vulnerabilities,
security
- SYMSA-2007-011: Microsoft WM5 PocketPC Phone Ed SMS Handler Issue,
research
- Microsoft Windows XP/2003 Macrovision SecDrv.sys privilege escalation (0day),
Reversemode
- Nortel UNIStim IP Softphone Buffer-Overflow,
daniel . stirnimann
- Nortel IP Phone Surveillance Mode,
daniel . stirnimann
- Nortel IP Phone Flooding Denial of Service,
daniel . stirniman
- Nortel IP Phone forced re-authentication,
daniel . stirnimann
- Latest web hacking incidents,
Ofer Shezaf
- Nortel Telephony Server Denial of Service,
daniel . stirnimann
- [SECURITY] [DSA 1388-1] New dhcp packages fix arbitrary code execution,
Steve Kemp
- [security bulletin] HPSBUX02273 SSRT071476 rev.2 - HP-UX Running Apache, Remote Unauthorized Denial of Service (DoS),
security-alert
- [security bulletin] HPSBMA02274 SSRT071445 rev.2 - HP System Management Homepage (SMH) for HP-UX, Remote Cross Site Scripting (XSS),
security-alert
- [CORRECTED] Microsoft Windows XP SP2/2003 - Macrovision SecDrv.sys privilege escalation (0day),
Reversemode
- CFP C H A S E - 2 0 0 7 Lahore Pakistan,
chase
- Re[2]: [Full-disclosure] The Death of Defence in Depth ? - An invitation to Hack.lu,
Thierry Zoller
- rPSA-2007-0219-1 libpng,
rPath Update Announcements
- [SECURITY] [DSA 1389-1] New zoph packages fix SQL injection,
Moritz Muehlenhoff
- Windows binary of "GSview 4.8" contain vulnerable zlib (CAN-2005-2096),
Stefan Kanthak
- Softwin's anti-virus BitDefender contains vulnerable zlib (CA-2007-07),
Stefan Kanthak
- Serious holes affecting SiteBar 3.3.8,
Tim Brown
- [ GLSA 200710-18 ] util-linux: Local privilege escalation,
Raphael Marichez
- Official Windows binaries of "curl" contain vulnerable zlib 1.2.2 (CAN-2005-2096),
Stefan Kanthak
- [ GLSA 200710-19 ] The Sleuth Kit: Integer underflow,
Raphael Marichez
- S21SEC-038-en: Alcatel Omnivista 4760 Cross-Site Scripting,
S21sec Labs
- [ MDKSA-2007:200 ] - Updated tk packages fix vulnerabilities,
security
- [ GLSA 200710-20 ] PDFKit, ImageKits: Buffer overflow,
Raphael Marichez
- rPSA-2007-0220-1 ImageMagick,
rPath Update Announcements
- [SECURITY] [DSA 1390-1] New t1lib packages fix arbitrary code execution,
Noah Meyerhans
- A-Cart SQL Injection And Cross-Site Scripting,
[ NO REPLY ]
- [CAID 35754]: CA Host-Based Intrusion Prevention System (CA HIPS) Server Vulnerability,
Williams, James K
- [SECURITY] [DSA 1391-1] New icedove packages fix several vulnerabilities,
Moritz Muehlenhoff
- [Aria-Security.Net] SearchSimon Lite Cross-Site Scripting Vuln.,
[ NO REPLY ]
- [SECURITY] [DSA 1392-1] New xulrunner packages fix several vulnerabilities,
Moritz Muehlenhoff
- Simple Machines Forum multiple sql injection flaws with exploit code.,
th3 . r00k . spammenot
- ReloadCMS Vulnerable,
sekuru
- [ GLSA 200710-21 ] TikiWiki: Arbitrary command execution,
Raphael Marichez
- PacSec 2007 Agenda (Tokyo 11-29/30),
Dragos Ruiu
- [ GLSA 200710-22 ] TRAMP: Insecure temporary file creation,
Raphael Marichez
- [Aria-Security.Net] dmcms.0.7.0 SQL Injection,
[No Reply]
- [ELEYTT] Public Advisory 20-10-2007,
Michal Bucko
- Simple PHP Blog (sphpblog) <= 0.5.1 Multiple Vulnerabilities,
gmdarkfig
- [USN-532-1] nagios-plugins vulnerability,
Kees Cook
- [USN-534-1] OpenSSL vulnerability,
Kees Cook
- Cracking the iPhone (5 article series),
H D Moore
- [USN-533-1] util-linux vulnerability,
Kees Cook
- Folder Access bypass,
hack2prison
- [USN-531-1] dhcp vulnerability,
Kees Cook
- simple dns rebinding protection with dnsmasq,
Collin R. Mulliner
- Jeebles Directory Local File Inclusion,
hack2prison
- [TOOL] w3af - Web Application Attack and Audit Framework,
Andres Riancho
- Hackish XSS in shoutbox/blocco.php,
deme
- Camino release 1.5.2 fixes several vulnerabilities,
Juha-Matti Laurio
- [ GLSA 200710-23 ] Star: Directory traversal vulnerability,
Raphael Marichez
- Corsaire Security Advisory - Citrix Access Gateway session ID disclosure issue,
advisories
- [USN-501-2] Ghostscript vulnerability,
Kees Cook
- [ MDKSA-2007:201 ] - Updated hplip packages fix vulnerabilities,
security
- [USN-535-1] Firefox vulnerabilities,
Kees Cook
- CFP for HITBSecConf2008 - Dubai now open,
Praburaajan
- [ GLSA 200710-24 ] OpenOffice.org: Heap-based buffer overflow,
Raphael Marichez
- Airscanner Mobile Security Advisory #07101401: Mobile-spy Victim/User Phone/SMS/URL Log Spoofing and Persistent XSS Injection,
Seth Fogie
- [vuln.sg] IBM Lotus Notes Attachment Viewer Buffer Overflow Vulnerabilities,
vulnpost-remove
- SYMSA-2007-012: Microsoft Windows CE IGMP Denial of Service,
research
- [Vulz] Seeblick 1.0 Beta File Upload Vulz,
pete . houston . 17187
- [Vulz] Japanese PHP Gallery Hosting File Upload Vulz,
pete . houston . 17187
- [Vulz] eLouai's Download Script Remote File Download Vulnerability,
pete . houston . 17187
- [Vulz] eFileMan 7.x Multiple Vulnerabilities by Xcross87,
pete . houston . 17187
- [ MDKSA-2007:202 ] - Updated Firefox packages fix multiple vulnerabilities,
security
- [Vulz] PHP Basic Multiple Vulnerabilities by Xcross87 & Alucar,
pete . houston . 17187
- Korean GHBoard Multiple Vulnerabilities by Xcross87,
pete . houston . 17187
- SYMSA-2007-013: Lotus Notes Memory Mapped Files Vulnerability,
research
- [SECURITY] [DSA 1393-1] New xfce4-terminal packages fix arbitrary command execution,
Steve Kemp
- 3proxy 0.5.3j released (bugfix),
3APA3A
- [SECURITY] [DSA 1372-2] New ktorrent packages fix directory traversal,
Steve Kemp
- [USN-531-2] dhcp vulnerability,
Kees Cook
- [USN-536-1] Thunderbird vulnerabilities,
Kees Cook
- [USN-537-1] gnome-screensaver vulnerability,
Kees Cook
- [SECURITY] [DSA 1394-1] New reprepro packages fix authentication bypass,
Thijs Kinkhorst
- Aria-Security.Net [Web based alpha tabbed address book SQL Injection],
[ NO REPLY ]
- HPSBMA02279 SSRT071298 rev.1 - HP OpenView Configuration Management (CM) Infrastructure (Radia) and Client Configuration Manager (CCM) Running httpd.tkd, Remote Unauthorized Access to Data,
security-alert
- Aleris Software Systems Web Publisher Calendar SQL injection,
Joseph . giron13
- [Aria-Security.Net] CodeWidgets.Com Online Event Registration Multiple login SQL Injection,
[ NO REPLY ]
- rPSA-2007-0222-1 cpio tar,
rPath Update Announcements
- [GS07-02] RSA Keon Multiple Cross-Site Scripting Vulnerabilities,
Fatih Ozavci
- Novell OpenSUSE SWAMP multiple XSS,
morin . josh
- Bosdev Multiple vulnerabilities,
Joseph . giron13
- OSI CODES - PHP Live! Remote File Inclusion,
[ NO REPLY ]
- iDefense Security Advisory 10.23.07: IBM Lotus Domino IMAP Buffer Overflow Vulnerability,
iDefense Labs
- iDefense Security Advisory 10.23.07: IBM Lotus Notes Client TagAttributeListCopy Buffer Overflow Vulnerability,
iDefense Labs
- [ GLSA 200710-25 ] MLDonkey: Privilege escalation,
Raphael Marichez
- [ GLSA 200710-26 ] HPLIP: Privilege escalation,
Raphael Marichez
- [ GLSA 200710-27 ] ImageMagick: Multiple vulnerabilities,
Raphael Marichez
- [SECURITY] [DSA 1389-2] New zoph packages fix SQL injection,
Thijs Kinkhorst
- Flatnuke3 Remote Cookie Manipoulation / Privilege Escalation,
kingoftheworld92
- HPSBMA02133 SSRT061201 rev.6 - HP Oracle for OpenView (OfO) Critical Patch Update,
security-alert
- [SECURITY] [DSA 1395-1] New xen-utils packages fix file truncation,
Steve Kemp
- rPSA-2007-0221-1 php php-mysql php-pgsql,
rPath Update Announcements
- First ever ModSecurity public training at OWASP/WASC conf in SJ,
Ofer Shezaf
- i-Gallery 3.4 bug crack password!,
hackerbinhphuoc
- [PoC] DNS Recursion bandwidth amplification,
Shadow
- iDefense Security Advisory 10.25.07: Trend Micro Tmxpflt.sys IOCTL 0xa0284403 Buffer Overflow Vulnerability,
iDefense Labs
- Directory traversal flaw in shttp,
digineo Advisories
- usd250 helpdesk XSS vulnerabily.,
Joseph . giron13
- IRM Discover More Vulnerabilities in Cisco IOS,
Andy Davis
- TikiWiki <= 1.9.8.1 Cross Site Scripting / Local File Inclusion,
L4teral
- Multi Host Forum Pro phpbb & ipb Multiple Sql Injection,
kingoftheworld92
- [ GLSA 200710-29 ] Sylpheed, Claws Mail: User-assisted remote execution of arbitrary code,
Raphael Marichez
- [Trick] VigileCMS All Versions DataMining Remote Hash Disclosure,
kingoftheworld92
- [ GLSA 200710-28 ] Qt: Buffer overflow,
Raphael Marichez
- [USN-538-1] libpng vulnerabilities,
Kees Cook
- RealNetworks RealPlayer/RealOne Player/Helix Player Remote Heap Corruption,
Piotr Bania
- Micro Login System v1.0 (userpwd.txt) Password Disclosure Vulnerability,
Guns
- FLEA-2007-0060-1 initscripts,
Foresight Linux Essential Announcement Service
- RealNetworks RealPlayer/RealOne Player/Helix Player Remote Memory Corruption,
Piotr Bania
- rPSA-2007-0225-1 firefox,
rPath Update Announcements
- [SECURITY] [DSA 1396-1] New iceweasel packages fix several vulnerabilities,
Moritz Muehlenhoff
- Smart-Shop Shopping Cart Cross-Site Scripting Vulrnability,
DoZ
- teatro 1.6 ( basePath ) Remote File Include Vulnerability,
alkomandoz-hacker
- [waraxe-2007-SA#059] - XSS in WordPress 2.3,
come2waraxe
- Advisory SE-2007-01: TikiWiki Remote PHP Code Evaluation Vulnerability,
Stefan Esser
- Webroot Desktop Firewall <=5.5.10.20 DNS recursion,
komarov
- Team SHATTER Alert: Oracle Database Buffer overflow vulnerability in function MDSYS.SDO_CS.TRANSFORM,
Team SHATTER
- AGTC-Membership system v1.1a (adduser) Remote Add Admin Exploit,
Guns
- SAXON version 5.4 XSS Attack Vulnerability,
securityresearch
- Final Call for Papers for Security Track at ApacheCon Europe 2008,
Lars Eilebrecht
- Team SHATTER Alert: Oracle Database Buffer overflow vulnerability in procedure DBMS_AQADM_SYS.DBLINK_INFO,
Team SHATTER
- How to subvert Oracle Database Vault,
Joxean Koret
- FLEA-2007-0061-1 sun-jre sun-jdk,
Foresight Linux Essential Announcement Service
- FLEA-2007-0062-1 firefox,
Foresight Linux Essential Announcement Service
- Omnistar Live Software Cross-Site Scripting Vulrnability,
DoZ
- Security Briefings,
angelo
- Secunia Research: IBM Tivoli Storage Manager Client CAD Service Script Insertion,
Secunia Research
- SAXON version 5.4 Multiple Path Disclosure Vulnerabilities,
securityresearch
- SAXON version 5.4 SQL Injection Vulnerability,
securityresearch
- [SECURITY] [DSA 1388-3] New dhcp packages fix arbitrary code execution,
Noah Meyerhans
- rPSA-2007-0225-2 firefox thunderbird,
rPath Update Announcements
- Comments re ISC's announcement on bind9 security,
Network Protocol Security
- Heap overflow in RealPlayer ID3 tag parser,
NGSSoftware Insight Security Research
- Windows binary of "Virtual Floppy Drive 2.1" contains vulnerable zlib (CAN-2005-2096),
Stefan Kanthak
- Untrusted Java applet can connect to localhost,
NGSSoftware Insight Security Research
- Memory overwrites in JVM via malformed TrueType font,
NGSSoftware Insight Security Research
- Airkiosk/formlib application is XSS vuln,
skienlab
- RFIDIOt release - version 0.1q,
Adam Laurie
- Siebel Security Basics,
Jonathan Katz
- Secunia Research: IPSwitch IMail Server IMail Client Buffer Overflow,
Secunia Research
- Django 0.96 (stable) Admin Panel CSRF,
J. Carlos Nieto
- DeepSec 2007 Registration: hurry up, seats are filling fast,
Stefano Zanero
- iDefense Security Advisory 10.30.07: IBM AIX swcons Local Arbitrary File Access Vulnerability,
iDefense Labs
- iDefense Security Advisory 10.30.07: IBM AIX 5.2 crontab BSS Buffer Overflow Vulnerability,
iDefense Labs
- iDefense Security Advisory 10.30.07: IBM AIX dig dns_name_fromtext Integer Underflow Vulnerability,
iDefense Labs
- iDefense Security Advisory 10.30.07: IBM AIX lqueryvg Stack Buffer Overflow Vulnerability,
iDefense Labs
- Firefox / IE6 crash on javascript nested loops,
thabob
- iDefense Security Advisory 10.30.07: IBM AIX lquerypv Stack Buffer Overflow Vulnerability,
iDefense Labs
- iDefense Security Advisory 10.30.07: IBM AIX ftp domacro Parameter Buffer Overflow Vulnerability,
iDefense Labs
- iDefense Security Advisory 10.30.07: IBM AIX bellmail Stack Buffer Overflow Vulnerability,
iDefense Labs
- [ GLSA 200710-31 ] Opera: Multiple vulnerabilities,
Raphael Marichez
- ILIAS <= 3.8.3 Cross Site Scripting,
L4teral
- [ GLSA 200710-30 ] OpenSSL: Remote execution of arbitrary code,
Pierre-Yves Rofes
- In Memoriam: Jun-ichiro Hagino,
Dragos Ruiu
Mail converted by MHonArc