Mail Thread Index
- Re: rPSA-2008-0151-1 libpng,
Liran Cohen
- CFP: Workshop on Open Source Software for Computer and Network Forensics,
Stefano Zanero
- heanet.dl.sourceforge.net hacked?,
Michael Scheidell
- [SECURITY] [DSA 1563-1] New asterisk packages fix denial of service,
Moritz Muehlenhoff
- Re: R.I.P. rgod,
Christian Kujau
- XSS in AstroCam,
Steffen Wendzel
- iDefense Security Advisory 04.30.08: Akamai Download Manager Arbitrary Program Execution Vulnerability,
iDefense Labs
- [SECURITY] [DSA 1564-1] New wordpress packages fix several vulnerabilities,
Thijs Kinkhorst
- Team SHATTER Security Advisory: Oracle Database Buffer Overflow in SYS.DBMS_AQJMS_INTERNAL (DB15),
Team SHATTER
- mjguest 6.7 (ALL VERSION) Xss & Redirection Vuln,
irancrash
- vlBook 1.21 (ALL VERSION),
irancrash
- Team SHATTER Security Advisory: Oracle Database SQL Injection in SYS.DBMS_CDC_UTILITY.LOCK_CHANGE_SET (DB02),
Team SHATTER
- Team SHATTER Security Advisory: Oracle Database Buffer Overflow in SYS.KUPF$FILE_INT.GET_FULL_FILENAME (DB11),
Team SHATTER
- [SECURITY] [DSA 1565-1] New Linux 2.6.18 packages fix several vulnerabilities,
dann frazier
- php-addressbook v2.0 Multiple Remote Vulnerabilities (LFI/XSS),
irancrash
- Re: netOffice Dwins 1.3 Remote code execution.,
luiswang
- [SECURITY] [DSA 1566-1] New cpio packages fix denial of service,
Steve Kemp
- BlackBook v1.0 Multiple XSS Vulnerabilities,
irancrash
- Lifetype 1.2.7 XSS Vulnerability,
irancrash
- project alumni v1.0.9 (info.php) SQL Injection Vulnerability,
hadihadi_zedehal_2006
- Zomplog 3.8.2 XSS Vulnerability,
irancrash
- [ MDVSA-2008:095 ] - Updated OpenOffice.org packages fix vulnerabilities,
security
- chicomas.2.0.4,
hadikiamarsi
- Denial of Service in Call of Duty 4 1.5,
Luigi Auriemma
- rPSA-2008-0157-1 kernel,
rPath Update Announcements
- blur6ex-0.3.462 LOCAL FILE INCLUSION Vulnerbility,
hadihadi_zedehal_2006
- Fixed: LiveCart SQL injection vulnerability fixed since version 1.1.2,
LiveCart
- [TOOL] SSL Capable NetCat (and more),
GomoR
- SiteXS CMS Remote File Upload Vulnerability,
hadikiamarsi
- Re: GroupWise 7.0 mailto: scheme buffer overflow,
hollebcons
- Photos and Presentation Materials from HITBSecConf2008 - Dubai Released,
Praburaajan
- Maian Gallery v2.0 XSS Vulnerability,
irancrash
- Maian Cart v1.1 XSS Vulnerabilities,
irancrash
- Maian Search v1.1 Multiple Vulnerabilities (XSS/SQL INJECTION),
irancrash
- Maian Guestbook v3.2 XSS Vulnerabilities,
irancrash
- Maian Greeting v2.1 Multiple Vulnerabilities (XSS/SQL INJECTION),
irancrash
- Maian Support v1.3 Xss Vulnerabilities,
irancrash
- Multiple vulnerabilities in WebMod 0.48,
Luigi Auriemma
- Maian Recipe v1.2 Xss Vulnerabilities,
irancrash
- Maian Weblog v4.0 XSS Vulnerabilities,
irancrash
- Maian Links v3.1 XSS Vulnerabilities,
irancrash
- Maian Music v1.1 Multiple Vulnerabilities (Xss/SQL Injection),
irancrash
- Microsot DID DISCLOSE potential Backdoor,
J. Oquendo
- Maian Uploader v4.0 XSS Vulnerabilities,
irancrash
- LifeType 1.2.8,
irancrash
- [USN-606-1] CUPS vulnerability,
Jamie Strandboge
- [SECURITY] [DSA 1567-1] New blender packages fix arbitrary code execution,
Devin Carraway
- [ECHO_ADV_91$2008] Online Rental Property Script <= 4.5 (pid) Blind Sql Injection Vulnerability,
erdc
- [SECURITY] [DSA 1568-1] New b2evolution packages fix cross site scripting,
Thijs Kinkhorst
- [ECHO_ADV_95$2008] BackLinkSpider (cat_id) Blind Sql Injection Vulnerability,
erdc
- [ECHO_ADV_90$2008] PostNuke Module pnEncyclopedia <= 0.2.0 (id) Blind Sql Injection Vulnerability,
erdc
- [ECHO_ADV_92$2008] Anserv Auction XL (viewfaqs.php cat) Blind Sql Injection Vulnerability,
erdc
- Scout Portal Toolkit <= 1.4.0 (ParentId) Remote SQL Injection Exploit,
sys-project
- [ECHO_ADV_94$2008] Kmita Mail <= 3.0 (file) Remote File Inclusion Vulnerability,
erdc
- [SECURITY] [DSA 1569-1] New cacti packages fix multiple vulnerabilities,
Thijs Kinkhorst
- [ECHO_ADV_93$2008] Kmita Tellfriend <= 2.0 (file) Remote File Inclusion Vulnerability,
erdc
- Novell eDirectory DoS via HTTP headers,
Nicob
- Novell eDirectory unauthenticated access to SOAP interface,
Nicob
- CORE-2008-0129 - Wonderware SuiteLink Denial of Service vulnerability,
CORE Security Technologies Advisories
- [ GLSA 200805-01 ] Horde Application Framework: Multiple vulnerabilities,
Pierre-Yves Rofes
- Security Advisory for Bugzilla 3.0.3, 3.1.3, 2.22.3, and 2.20.5,
mkanat
- Advisory SE-2008-02: PHP GENERATE_SEED() Weak Random Number Seed Vulnerability,
Stefan Esser
- [ GLSA 200805-02 ] phpMyAdmin: Information disclosure,
Pierre-Yves Rofes
- [SECURITY] [DSA 1569-2] New cacti packages fix regression,
Thijs Kinkhorst
- Advisory SE-2008-03: PHP Multibyte Shell Command Escaping Bypass Vulnerability,
Stefan Esser
- [SECURITY] [DSA 1554-2] New roundup packages fix regression,
Thijs Kinkhorst
- [tool announcement] tmin - a handy fuzzing test case optimizer,
Michal Zalewski
- HPSBUX02324 SSRT080034 rev.1 - HP-UX Running Netscape Directory Server (NDS), Local Gain Extended Privileges,
security-alert
- HPSBUX02332 SSRT080056 rev.1 - HP-UX running Apache with PHP, Remote Denial of Service (DoS), Gain Extended Privileges,
security-alert
- [security bulletin] HPSBMA02331 SSRT080000 rev.2 - HP-UX running WBEM Services, Remote Execution of Arbitrary Code, Gain Extended Privileges,
security-alert
- [USN-608-1] KDE vulnerability,
Jamie Strandboge
- Invitation - OWASP AppSec Europe May 19-22 2008 - Belgium,
Sebastien Deleersnyder
- QTOFileManager V 1.0<== Remote File Upload Vulnerability,
Cr4zY . CrAcKeR
- [USN-607-1] Emacs vulnerabilities,
Jamie Strandboge
- Power Editor LOCAL FILE INCLUSION Vulnerbility,
hadihadi_zedehal_2006
- [SECURITY] [DSA 1570-1] New kazehakase packages fix execution of arbitrary code,
Steve Kemp
- [USN-605-1] Thunderbird vulnerabilities,
Jamie Strandboge
- Sphider 1.3.4 Cross Site Scripting,
decoder-bugtraq
- mvnForum 1.1 Cross Site Scripting,
decoder-bugtraq
- [ MDVSA-2008:097 ] - Updated kdelibs packages fix vulnerability in start_kdeinit,
security
- [ MDVSA-2008:096 ] - Updated emacs packages fix vulnerability in vcdiff,
security
- [ MDVSA-2008:098 ] - Updated openssh packages fix vulnerability,
security
- [Advisory Update]Adobe Reader/Acrobat Remote PDF Print Silently Vulnerability,
cocoruder
- Adobe Acrobat Professional Javascript For PDF Security Feature Bypass and Memory Corruption Vulnerabilities,
cocoruder
- rPSA-2008-0162-1 kernel,
rPath Update Announcements
- [USN-609-1] OpenOffice.org vulnerabilities,
Kees Cook
- [USN-610-1] LTSP vulnerability,
Kees Cook
- [ GLSA 200805-03 ] Multiple X11 terminals: Local privilege escalation,
Tobias Heinlein
- Multiple XSS In TuxCMS All Version,
hadikiamarsi
- Vulnerability in Multiple Web Application,
linux0day
- VBZooM <=V1.11 "reply.php" SQL Injection Vulnerability,
Cr4zY . CrAcKeR
- Exploiting Google MX servers as Open SMTP Relays,
pablo . ximenes
- iDefense Security Advisory 05.07.08: Multiple Vendor rdesktop iso_recv_msg() Integer Underflow Vulnerability,
iDefense Labs
- Novell Client <= 4.91 SP4 Local Stack overflow / B.S.O.D (unauthentificated user),
laurent . gaffie
- Re: After 6 months - fix available for Microsoft DNS cache poisoning attack,
rick . a . cook
- [ GLSA 200805-04 ] eGroupWare: Multiple vulnerabilities,
Pierre-Yves Rofes
- ZYWALL Referer Header XSS Vulnerability,
Deniz Cevik
- iDefense Security Advisory 05.07.08: Multiple Vendor rdesktop channel_process() Integer Signedness Vulnerability,
iDefense Labs
- iDefense Security Advisory 05.07.08: Multiple Vendor rdesktop process_redirect_pdu() BSS Overflow Vulnerability,
iDefense Labs
- ezContents CMS Version 2.0.0 SQL Injection Vulnerabilities,
hadihadi_zedehal_2006
- [USN-611-1] Speex vulnerability,
Jamie Strandboge
- FLEA-2008-0008-1 firefox,
Foresight Linux Essential Announcement Service
- [USN-611-2] vorbis-tools vulnerability,
Jamie Strandboge
- [USN-611-3] GStreamer Good Plugins vulnerability,
Jamie Strandboge
- Apache Server HTML Injection and UTF-7 XSS Vulnerability,
lament hero
- XSS and CSRF vulnerability on Cpanel 11,
Matteo Carli
- [ GLSA 200805-08 ] InspIRCd: Denial of Service,
Robert Buchholz
- Oracle Application Server 10G ORA_DAV Basic Authentication Bypass Vulnerability,
Deniz Cevik
- [ GLSA 200805-06 ] Firebird: Data disclosure,
Robert Buchholz
- FInal EUSecWest 2008 Speakers,
Dragos Ruiu
- [ MDVSA-2008:099 ] - Updated ImageMagick packages fix vulnerabilities,
security
- [ GLSA 200805-07 ] Linux Terminal Server Project: Multiple vulnerabilities,
Robert Buchholz
- SazCart <= 1.5.1 (prodid) Remote SQL Injection Exploit,
sys-project
- OtherLogic[vocourse.php]SQL Injection Exploit,
Breeeeh
- [ GLSA 200805-09 ] MoinMoin: Privilege escalation,
Pierre-Yves Rofes
- [SECURITY] [DSA 1573-1] New rdesktop packages fix several vulnerabilities,
Thijs Kinkhorst
- [ MDVSA-2008:100 ] - Updated perl packages fix denial of service vulnerability,
security
- Joomla Component xsstream-dm 0.01 Beta SQL Injection,
houssamix
- [SECURITY] [DSA 1572-1] New php5 packages fix several vulnerabilities,
Thijs Kinkhorst
- [ GLSA 200805-10 ] Pngcrush: User-assisted execution of arbitrary code,
Pierre-Yves Rofes
- Confirmed Program for SyScan'08 Hong Kong,
organiser@xxxxxxxxxx
- [SECURITY] [DSA 1573-1] New php5 packages fix several vulnerabilities,
Thijs Kinkhorst
- [SECURITY] [DSA 1574-1] New icedove packages fix several vulnerabilities,
Moritz Muehlenhoff
- [security bulletin] HPSBUX02334 SSRT071403 rev.1 - HP-UX Running ftp, Remote Denial of Service (DoS),
security-alert
- [ GLSA 200805-11 ] Chicken: Multiple vulnerabilities,
Pierre-Yves Rofes
- [ GLSA 200805-12 ] Blender: Multiple vulnerabilities,
Pierre-Yves Rofes
- [ GLSA 200805-13 ] PTeX: Multiple vulnerabilities,
Pierre-Yves Rofes
- [MajorSecurity Advisory #52]ActualAnalyzer family - Cross Site Scripting Issues,
admin
- [SECURITY] [DSA 1575-1] New Linux 2.6.18 packages fix denial of service,
dann frazier
- iDefense Security Advisory 05.12.08: Microsoft Windows I2O Filter Utility Driver (i2omgmt.sys) Local Privilege Escalation Vulnerability,
iDefense Labs
- [SECURITY] [DSA 1571-1] New openssl packages fix predictable random number generator,
Florian Weimer
- [USN-612-1] OpenSSL vulnerability,
Jamie Strandboge
- [USN-612-2] OpenSSH vulnerability,
Jamie Strandboge
- TPTI-08-04: Microsoft Office Jet Database Engine Column Parsing Stack Overflow Vulnerability,
DVLabs
- ZDI-08-023: Microsoft Office RTF Parsing Engine Memory Corruption Vulnerability,
zdi-disclosures
- iDefense Security Advisory 05.13.08: Microsoft Word CSS Processing Memory Corruption Vulnerability,
iDefense Labs
- [ GLSA 200805-14 ] Common Data Format library: User-assisted execution of arbitrary code,
Pierre-Yves Rofes
- Cisco BBSM Captive Portal Cross-site Scripting,
brad . antoniewicz
- [SECURITY] [DSA 1577-1] New gforge packages fix insecure temporary files,
Thijs Kinkhorst
- Microsoft Office Publisher PUB File Parsing Remote Memory Corruption Vulnerability,
cocoruder
- Malformed Acrobat Distiller 8 .joboptions,
Paul Craig
- [USN-612-4] ssl-cert vulnerability,
Kees Cook
- [SECURITY] [DSA 1576-1] New openssh packages fix predictable randomness,
Florian Weimer
- CFP: European Conference on Computer Network Defense,
Stefano Zanero
- Cisco Security Advisory: Cisco Unified Communications Manager Denial of Service Vulnerabilities,
Cisco Systems Product Security Incident Response Team
- [USN-612-5] OpenSSH update,
Jamie Strandboge
- [ GLSA 200805-15 ] libid3tag: Denial of Service,
Tobias Heinlein
- Cisco Security Advisory: Cisco Content Switching Module Memory Leak Vulnerability,
Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco Unified Presence Denial of Service Vulnerabilities,
Cisco Systems Product Security Incident Response Team
- Correction to BID 29112 "Apache Server HTML Injection and UTF-7 XSS Vulnerability",
William A. Rowe, Jr.
- [ GLSA 200805-16 ] OpenOffice.org: Multiple vulnerabilities,
Robert Buchholz
- [USN-612-6] OpenVPN regression,
Jamie Strandboge
- Kostenloses Linkmanagementscript SQL Injection Vulnerabilities,
hadihadi_zedehal_2006
- Debian generated SSH-Keys working exploit,
mm
- Aruba Mobility Controller TACACS User Authentication and Cross Site Scripting Vulnerabilities (Aruba Advisory ID: AID-051408),
Robbie (Rupinder) Gill
- SunShop Version 3.5.1 Remote Blind Sql Injection,
irvian . info
- ZDI-08-024: Symantec Altiris Deployment Solution SQL Injection Vulnerability,
zdi-disclosures
- ZDI-08-025: Symantec Altiris Deployment Solution Domain Credential Disclosure Vulnerability,
zdi-disclosures
- Hack.lu 2008 CfP,
info
- [SECURITY] [DSA 1576-2] New openssh packages fix predictable randomness,
Noah Meyerhans
- [ MDVSA-2008:102 ] - Updated libvorbis packages fix vulnerabilities,
security
- [ MDVSA-2008:101 ] - Updated rdesktop packages fix vulnerabilities,
security
- IOS rootkits,
Gadi Evron
- CFP for HITBSecConf2008 - Malaysia now open,
Praburaajan
- [SECURITY] [DSA 1578-1] New php4 packages fix several vulnerabilities,
Thijs Kinkhorst
- PHP-Nuke Module KuraniKerim [sid] SQL Injection,
lovebug
- StanWeb.CMS (default.asp id) Remote SQL Injection Exploit,
sys-project
- Cpanel all version >> root access with a reseller account.,
a . jasbi
- Re: Apple iPhone 1.1.3 remote DoS exploit,
sohotguy
- Smeego CMS vulnerability,
0in . email
- Insomnia : ISVA-080516.2 - Altiris Deployment Solution - Domain Account Disclosure,
Brett Moore
- Wordpress Malicious File Execution Vulnerability,
tan_prathan
- [SECURITY] [DSA 1579-1] New netpbm-free packages fix arbitrary code execution,
Devin Carraway
- DoS attacks using SQL Wildcards - White Paper,
Ferruh Mavituna
- Microsoft word javascript execution,
jplopezy
- Insomnia : ISVA-080516.1 - Altiris Deployment Solution - SQL Injection,
Brett Moore
- [ MDVSA-2008:103 ] - Updated libid3tag packages fix denial of service vulnerability,
security
- [security bulletin] HPSBST02336 SSRT080071 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-026 to MS08-029,
security-alert
- Mtr - remote and local stack overflow - uncomment situation in libresolv.,
pi3
- ZDI-08-027: CA BrightStor ARCserve Backup Arbitrary File Writing Vulnerability,
zdi-disclosures
- AppServ Open Project < = 2.5.10 Remote XSS Vulnerability,
tan_prathan
- An account of the Estonian Internet War,
Gadi Evron
- CA ARCserve Backup caloggerd and xdr Functions Vulnerabilities,
Williams, James K
- [USN-612-7] OpenSSH update,
Kees Cook
- Vulnerability Advisory on GnuTLS,
josh
- eCMS-v0.4.2 (SQL/PB) Multiple Remote Vulnerabilities,
hadihadi_zedehal_2006
- Vbulletin 3.7.0 Gold >> Sql injection on faq.php,
a . jasbi
- Secunia Research: Foxit Reader "util.printf()" Buffer Overflow,
Secunia Research
- [SECURITY] [DSA 1580-1] New phpgedview packages fix privilege escalation,
Thijs Kinkhorst
- ZDI-08-026: CA BrightStor ARCserve Backup Remote Buffer Overflow,
zdi-disclosures
- Starsgames Control Panel <= 4.6.2 Remote XSS Vulnerability,
tan_prathan
- [security bulletin] HPSBUX02335 SSRT071454 rev.1 - HP-UX Running useradd(1M), Local Unauthorized Access,
security-alert
- [security bulletin] HPSBUX02332 SSRT080056 rev.2 - HP-UX Running Apache With PHP, Remote Denial of Service (DoS), Gain Extended Privileges,
security-alert
- [SECURITY] [DSA 1581-1] New gnutls13 packages fix potential code execution,
Florian Weimer
- Mantis Bug Tracker 1.1.1 Multiple Vulnerabilities,
ascii
- [SECURITY] [DSA 1582-1] New peercast packages fix arbitrary code execution,
Thijs Kinkhorst
- [SECURITY] [DSA 1583-1] New gnome-peercast packages fix several vulnerabilities,
Thijs Kinkhorst
- [ GLSA 200805-17 ] Perl: Execution of arbitrary code,
Tobias Heinlein
- [ GLSA 200805-19 ] ClamAV: Multiple vulnerabilities,
Robert Buchholz
- [ GLSA 200805-18 ] Mozilla products: Multiple vulnerabilities,
Robert Buchholz
- CORE-2008-0415: Borland Interbase 2007 Integer Overflow,
CORE Security Technologies
- [ MDVSA-2008:105 ] - Updated kernel packages fix vulnerabilities,
security
- [DSECRG-08-023] SAP Web Application Server XSS Security Vulnerability,
Digital Security Research Group
- [DSECRG-08-020] Alcatel OmniPCX Office Remote Comand Execution,
Digital Security Research Group
- [USN-613-1] GnuTLS vulnerabilities,
Kees Cook
- Cisco Security Advisory: Cisco IOS Secure Shell Denial of Service,
Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco Voice Portal Privilege Escalation Vulnerability,
Cisco Systems Product Security Incident Response Team
- [USN-612-8] openssl-blacklist update,
Jamie Strandboge
- [SECURITY] [DSA 1584-1] New libfissound packages fix execution of arbitrary code,
Steve Kemp
- CORE-2008-0126: Multiple vulnerabilities in iCal,
Core Security Technologies Advisories
- iDefense Security Advisory 05.21.08: Multiple Vendor Snort IP Fragment TTL Evasion Vulnerability,
iDefense Labs
- www file share pro 5.30 insecure multiple,
output
- MDAP ANTs PWNAGE: dumping the admin password of the BT Home Hub,
Adrian Pastor
- [ GLSA 200805-20 ] GnuTLS: Execution of arbitrary code,
Robert Buchholz
- ZDI-08-028: IBM Lotus Sametime Community Services Multiplexer Stack Overflow Vulnerability,
zdi-disclosures
- ZDI-08-029: Trillian AIM.DLL Long HTML Font Parameter Stack Overflow Vulnerability,
zdi-disclosures
- ZDI-08-030: Trillian Multiple Protocol XML Parsing Memory Corruption Vulnerability,
zdi-disclosures
- ZDI-08-031: Trillian MSN MIME Header Stack-Based Overflow Vulnerability,
zdi-disclosures
- PHPFreeForum <= 1.0 RC2 Remote XSS Vulnerability,
tan_prathan
- phpSQLiteCMS Multiple Remote XSS Vulnerability,
tan_prathan
- [security bulletin] HPSBUX02337 SSRT080072 rev.1 - HP-UX Running HP-UX Secure Shell, Local Unauthorized Access and Denial of Service (DoS),
security-alert
- Exteen Blog XSS Remote Cookie Disclosure Exploit,
tan_prathan
- BMForum Remote 5.6 Miltiple XSS Vulnerability,
tan_prathan
- /home/putnopvut/asa/AST-2008-007/AST-2008-007: AST-2008-007 Cryptographic keys generated by OpenSSL on Debian-based systems compromised,
Asterisk Security Team
- rPSA-2008-0174-1 gnutls,
rPath Update Announcements
- IRM Security Advisory : Barracuda Networks Spam Firewall Cross-Site Scripting Vulnerability,
Mark Crowther
- abledating 2.4 >> Sql injection and cross site scripting on search_results.php,
a . jasbi
- [SECURITY] [DSA 1586-1] New xine-lib packages fix several vulnerabilities,
Devin Carraway
- [DSECRG-08-024] Multiple Security Vulnerabilities (RFI,LFI,XSS) in QuateCMS,
Digital Security Research Group
- e107 Plugin BLOG Engine v2.2 (macgurublog.php/uid) Blind SQL Injection Vulnerability,
hadihadi_zedehal_2006
- PR07-15: Cross-site Scripting (XSS) / HTML injection on F5 FirePass 4100 SSL VPN 'my.logon.php3' server-side script,
Ricardo Martins - Chief Security Officers
- [DSECRG-08-025] Local File Include in OneCMS 2.5,
Digital Security Research Group
- rPSA-2008-0176-1 php php-cgi php-imap php-mcrypt php-mysql php-mysqli php-pgsql php-soap php-xsl php5 php5-cgi php5-imap php5-mcrypt php5-mysql php5-mysqli php5-pear php5-pgsql php5-soap php5-xsl,
rPath Update Announcements
- xt:Commerce possible DoS,
decoder-bugtraq
- [ MDVSA-2008:106 ] - Updated gnutls packages fix denial of service vulnerabilities,
security
- dzoic handshakes sql injection >> index.php on $fname,
a . jasbi
- Re: BosNews v4.0 Remote add user admin,
sales
- vuln in WordPress plugin Upload File(UP),
my
- PCPIN Chat 6: potential XSS vulnerability in URL redirection script,
admin
- Re: IOS rootkits (fwd),
Gadi Evron
- Excuse Online (pwd) SQL Injection Vulnerability,
unohope
- phpFix v2 Multiple SQL Injection Vulnerability,
unohope
- function sleep() in all versions of PHP,
gogulas
- Mini-CWB <= 2.1.1 Remote XSS Vulnerability,
tan_prathan
- Class System v2.3 Multiple Remote Vulnerabilities,
unohope
- Ablespace 1.0 'cat_id' Parameter SQL Injection Vulnerability,
a . jasbi
- Campus Bulletin Board v3.4 Multiple Remote Vulnerabilities,
unohope
- SECOBJADV-2008-01: Lenovo SystemUpdate SSL Certificate Issuer Spoofing Vulnerability,
Security Objectives, Inc.
- Advisory - Rsyncrypto maybe affected from Debian OpenSSL reduced entropy problem,
Aviram Jenik
- Zina 1.0rc3 Remote Directory Traversal Vulnerability & XSS Vulnerability,
irancrash
- Repair Online v1.2 (sentout) Create Admin Vulnerability,
unohope
- [SECURITY] [DSA 1587-1] New mtr packages fix execution of arbitrary code,
Steve Kemp
- T2'08: Call for Papers 2008 (Helsinki / Finland),
Tomi Tuominen
- [security bulletin] HPSBUX02335 SSRT071454 rev.2 - HP-UX Running useradd(1M), Local Unauthorized Access,
security-alert
- RoomPHPlanning 1.5 (weekview.php) SQL Injection Vulnerability,
hadihadi_zedehal_2006
- IOS Rookit: the sky isn't falling (yet),
Nicolas FISCHBACH
- Security, Open Source Style,
Josh Bressers
- [SECURITY] [DSA 1588-1] New Linux 2.6.18 packages fix several vulnerabilities,
dann frazier
- rPSA-2008-0177-1 emacs emacs-leim,
rPath Update Announcements
- [ GLSA 200805-21 ] Roundup: Permission bypass,
Tobias Heinlein
- iDefense Security Advisory 05.27.08: EMC AlphaStor Library Manager Arbitrary Command Execution Vulnerability,
iDefense Labs
- ZDI-08-033: Motorola RAZR JPG Processing Stack Overflow Vulnerability,
zdi-disclosures
- iDefense Security Advisory 05.27.08: EMC AlphaStor Server Agent Multiple Stack Buffer Overflow Vulnerabilities,
iDefense Labs
- rPSA-2008-0178-1 php php-mysql php-pgsql,
rPath Update Announcements
- [NSG_28-5-08] CA Internet Security Suite 2008 (UmxEventCli.dll/SaveToFile()) remote file corruption poc,
ipsdix
- rPSA-2008-0105-1 evolution,
rPath Update Announcements
- Cisco Security Advisory: CiscoWorks Common Services Arbitrary Code Execution Vulnerability,
Cisco Systems Product Security Incident Response Team
- [SAMBA] CVE-2008-1105 - Boundary failure when parsing SMB responses,
Gerald (Jerry) Carter
- [security bulletin] HPSBUX02334 SSRT071403 rev.2 - HP-UX Running ftp, Remote Denial of Service (DoS),
security-alert
- [ MDVSA-2008:107 ] - Updated openssl package fixes denial of service vulnerabilities,
security
- Vulnerability Advisory on OpenSSL,
josh
- Bypassing URL Authentication and Authorization with HTTP Verb Tampering,
Arshan Dabirsiaghi
- Secunia Research: Samba "receive_smb_raw()" Buffer Overflow Vulnerability,
Secunia Research
- Secunia Research: imlib2 PNM and XPM Buffer Overflow,
Secunia Research
- FlashBlog Remote File Upload Vulnerability,
mefisto
- [ GLSA 200805-23 ] Samba: Heap-based buffer overflow,
Tobias Heinlein
- Re: [HV-INFO] Enova hardware encryption: false sense of security,
rwann
- [ GLSA 200805-22 ] MPlayer: User-assisted execution of arbitrary code,
Tobias Heinlein
- Flash Blog Sql Injection,
16 . her0
- [ MDVSA-2008:108 ] - Updated samba packages fix arbitrary code execution vulnerability,
security
- dvbbs8.2(access/sql)version login.asp remote sql injection,
hackerb
- XEROX DocuShare URL XSS Injection Vulnerabilities,
DoZ
- Dot Net Nuke (DNN) <= 4.8.3 XSS Vulnerability,
Admin
- VMSA-2008-0008 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion resolve critical security issues,
VMware Security team
- [SECURITY] [DSA 1590-1] New samba packages fix arbitrary code execution,
Florian Weimer
Mail converted by MHonArc