Mail Index

• Thread Index

• [ MDVSA-2008:159 ] licq
  • From: security
• [oCERT-2008-009] libxslt heap overflow
  • From: Andrea Barisani
• Secunia Research: Blue Coat K9 Web Protection "Referer" Header Buffer Overflow
  • From: Secunia Research
• [security bulletin] HPSBUX02286 SSRT071466 rev.1 - HP-UX Running System Administration Manager (SAM), Unintended Remote Access
  • From: security-alert
• Pligg <= 9.9.0 Multiple Vulnerabilities
  • From: GulfTech Security Research
• Secunia Research: Blue Coat K9 Web Protection Response Handling Buffer Overflows
  • From: Secunia Research
• [SECURITY] [DSA 1622-1] New newsx packages fix arbitrary code execution
  • From: Thijs Kinkhorst
• [~] Greetz : Me93fg & Mr.SaFa7
  • From: Ghost hacker
• iDefense Security Advisory 07.30.08: SAP MaxDB dbmsrv Untrusted Execution Path Vulnerability
  • From: iDefense Labs
• [ GLSA 200807-15 ] Pan: User-assisted execution of arbitrary code
  • From: Pierre-Yves Rofes
• [SECURITY] [DSA 1623-1] New dnsmasq packages fix cache poisoning
  • From: Moritz Muehlenhoff
• [ GLSA 200807-14 ] Linux Audit: Buffer overflow
  • From: Pierre-Yves Rofes
• [ GLSA 200807-13 ] VLC: Multiple vulnerabilities
  • From: Pierre-Yves Rofes
• [SECURITY] [DSA 1624-1] New libxslt packages fix arbitrary code execution
  • From: Moritz Muehlenhoff
• [ GLSA 200807-16 ] Python: Multiple vulnerabilities
  • From: Robert Buchholz
• CA ARCserve Backup for Laptops and Desktops Server LGServer Service Vulnerability
  • From: Williams, James K
• [CVE-2008-2370] Apache Tomcat information disclosure vulnerability
  • From: Mark Thomas
• libxslt heap overflow
  • From: chris
• [SECURITY] [DSA 1625-1] New cupsys packages fix arbitrary code execution
  • From: Thijs Kinkhorst
• [SECURITY] [DSA 1626-1] New httrack packages fix arbitrary code execution
  • From: Thijs Kinkhorst
• [CVE-2008-1232] Apache Tomcat XSS vulnerability
  • From: Mark Thomas
• [USN-634-1] OpenLDAP vulnerability
  • From: Kees Cook
• eVision 2.0 Sql Injection/Remote File Disclosure/Remote File Upload/IG
  • From: r3d . w0rm
• DNS Multiple Race Exploiting Tool
  • From: AR
• [USN-632-1] Python vulnerabilities
  • From: Kees Cook
• [USN-633-1] libxslt vulnerabilities
  • From: Kees Cook
• iDefense Security Advisory 07.31.08: Apple Mac OS X CoreGraphics PDF Type1 Font Integer Overflow Vulnerability
  • From: iDefense Labs
• n.runs-SA-2008.005 - Apple Inc. - CoreServices Framework’s CarbonCore Framework - Arbitrary Code Execution (remote)
  • From: security@xxxxxxxxx
• Re: how to request a cve id?
  • From: William A. Rowe, Jr.
• Re: Windows Vista Power Management & Local Security Policy
  • From: William A. Rowe, Jr.
• [ MDVSA-2008:160 ] libxslt
  • From: security
• file upload exploit
  • From: win32 . exe
• iDefense Security Advisory 08.01.08: Ingres Database for Linux verifydb Insecure File Permissions Modification Vulnerability
  • From: iDefense Labs
• iDefense Security Advisory 08.01.08: Ingres Database for Linux libbecompat Stack Based Buffer Overflow Vulnerability
  • From: iDefense Labs
• iDefense Security Advisory 08.01.08: Ingres Database for Linux ingvalidpw Untrusted Library Path Vulnerability
  • From: iDefense Labs
• Pligg Auto-Voter Using XSS to Bypass CSRF Protection
  • From: michaelbrooks
• Homes 4 Sale Remote XSS Vulnerabilitiy
  • From: Ghost hacker
• Server termination in America's Army 2.8.3.1
  • From: Luigi Auriemma
• Keld: PHP-MySQL News Script 0.7.1 Remote SQL injection Vulnerability
  • From: crimson . loyd
• TGS CMS Remote Code Execution Exploit
  • From: 0in . email
• [SECURITY] [DSA 1627-1] New opensc packages fix smart card vulnerability
  • From: Thijs Kinkhorst
• UNAK-CMS Lfi
  • From: r3d . w0rm
• [USN-626-2] Devhelp, Epiphany, Midbrowser and Yelp update
  • From: Jamie Strandboge
• Team SHATTER Security Advisory: SQL Injection in Oracle Application Server (WWEXP_API_ENGINE)
  • From: Team SHATTER
• Team SHATTER Security Advisory: Cross-site scripting in Oracle Enterprise Manager (REFRESHCHOICE Parameter)
  • From: Team SHATTER
• Team SHATTER Security Advisory: SQL Injection in Oracle Database (DBMS_DEFER_SYS.DELETE_TRAN)
  • From: Team SHATTER
• CORE-2008-0716 - Sun xVM VirtualBox Privilege Escalation Vulnerability
  • From: CORE Security Technologies Advisories
• Xampp Linux 1.6.7 Multiple Cross Site Scripting Vulnerabilities
  • From: irancrash
• 8e6 Technologies R3000 Internet Filter Bypass with Host Decoy
  • From: nnposter
• Plogger <= 3.0 SQL Injection
  • From: GulfTech Security Research
• IGES CMS <=2.0 Multiple Vulnerabilities
  • From: admin
• Pluck 4.5.2 Multiple Cross Site Scripting Vulnerabilities
  • From: irancrash
• [ GLSA 200808-01 ] xine-lib: User-assisted execution of arbitrary code
  • From: Robert Buchholz
• [ GLSA 200808-02 ] Net-SNMP: Multiple vulnerabilities
  • From: Robert Buchholz
• [ GLSA 200808-03 ] Mozilla products: Multiple vulnerabilities
  • From: Robert Buchholz
• [ GLSA 200808-04 ] Wireshark: Denial of Service
  • From: Robert Buchholz
• rPSA-2008-0245-1 cups
  • From: rPath Update Announcements
• rPSA-2008-0246-1 gaim
  • From: rPath Update Announcements
• PHP-NUKE module Kleinanzeigen SQL injection (lid)
  • From: lovebug
• MyClan Sql Injection
  • From: r3d . w0rm
• Re: 8e6 Technologies R3000 Internet Filter Bypass with Host Decoy
  • From: jyoung01
• Interesting things at sec-consult.com, DNS-whitepaper available tomorrow
  • From: Bernhard Mueller
• CA Products That Embed Ingres Multiple Vulnerabilities
  • From: Williams, James K
• Google Notebook and Google Bookmarks Cross Site Scripting Vulnerabilities
  • From: alfredo . melloni
• Apache HTTP Server mod_proxy_ftp Wildcard Characters Cross-Site Scripting
  • From: marc_bevand
• [ GLSA 200808-05 ] ISC DHCP: Denial of Service
  • From: Tobias Heinlein
• [USN-635-1] xine-lib vulnerabilities
  • From: Jamie Strandboge
• [ GLSA 200808-06 ] libxslt: Execution of arbitrary code
  • From: Tobias Heinlein
• [security bulletin] HPSBUX02351 SSRT080058 rev.3 - HP-UX Running BIND, Remote DNS Cache Poisoning
  • From: security-alert
• [security bulletin] HPSBUX02355 SSRT080023 rev.1 - HP-UX Using libc, Remote Denial of Service (DoS)
  • From: security-alert
• OpenVMS fingerd remote stack overflow
  • From: Shaun Colley
• Endless loop and resources consumption in Halo 1.0.7.0615
  • From: Luigi Auriemma
• Re: [Full-disclosure] [funsec] facebook messages worm
  • From: Juha-Matti Laurio
• Re: [funsec] facebook messages worm
  • From: Gadi Evron
• facebook messages worm
  • From: Gadi Evron
• Whitepaper: DNS zone redelegation
  • From: Bernhard Mueller
• Re: [funsec] facebook messages worm
  • From: Gadi Evron
• Re: [funsec] facebook messages worm
  • From: Gadi Evron
• [SE-2008-01] J2ME Security Vulnerabilities 2008
  • From: Security Explorations
• [ MDVSA-2008:161 ] rxvt
  • From: security
• Re: OpenVMS fingerd remote stack overflow
  • From: Kevin Finisterre (lists)
• e107 <= 0.7.11 Arbitrary Variable Overwriting
  • From: GulfTech Security Research
• Re: [SE-2008-01] J2ME Security Vulnerabilities 2008
  • From: 0xjbrown41
• Re: OpenVMS fingerd remote stack overflow
  • From: mlbugtraq
• Re: OpenVMS fingerd remote stack overflow
  • From: Alexander Sotirov
• [ MDVSA-2008:162 ] qemu
  • From: security
• [ MDVSA-2008:163 ] python
  • From: security
• re: [SE-2008-01] J2ME Security Vulnerabilities 2008
  • From: Security Explorations
• [ MDVSA-2008:164 ] python
  • From: security
• Re: Re: [SE-2008-01] J2ME Security Vulnerabilities 2008
  • From: 0xjbrown41
• Re: [funsec] facebook messages worm
  • From: Juha-Matti Laurio
• OpenID/Debian PRNG/DNS Cache poisoning advisory
  • From: Ben Laurie
• [AJECT] NoticeWare IMAP Email Server 4.6.2 DoS vulnerability
  • From: João Antunes
• Re: [OpenID] OpenID/Debian PRNG/DNS Cache poisoning advisory
  • From: Gerald Beuchelt
• Re: OpenID/Debian PRNG/DNS Cache poisoning advisory
  • From: Eric Rescorla
• [AJECT] WinGate Email Server (IMAP) vulnerability
  • From: João Antunes
• Re: [OpenID] OpenID/Debian PRNG/DNS Cache poisoning advisory
  • From: Ben Laurie
• Vim: Unfixed Vulnerabilities in Tar Plugin Version 20
  • From: Jan Minář
• RE: OpenID/Debian PRNG/DNS Cache poisoning advisory
  • From: Dave Korn
• Re: OpenID/Debian PRNG/DNS Cache poisoning advisory
  • From: Eric Rescorla
• [ GLSA 200808-07 ] ClamAV: Multiple Denials of Service
  • From: Raphael Marichez
• Re: OpenID/Debian PRNG/DNS Cache poisoning advisory
  • From: Ben Laurie
• [ GLSA 200808-08 ] stunnel: Security bypass
  • From: Raphael Marichez
• Re: [OpenID] OpenID/Debian PRNG/DNS Cache poisoning advisory
  • From: Dick Hardt
• [DSECRG-08-035] Local File Include Vulnerability in Gallery 1.5.7, 1.6-alpha3
  • From: Digital Security Research Group [DSecRG]
• [ GLSA 200808-09 ] OpenLDAP: Denial of Service vulnerability
  • From: Raphael Marichez
• RE: OpenID/Debian PRNG/DNS Cache poisoning advisory
  • From: Leichter, Jerry
• RE: OpenID/Debian PRNG/DNS Cache poisoning advisory
  • From: Dave Korn
• Re: OpenID/Debian PRNG/DNS Cache poisoning advisory
  • From: Peter Gutmann
• Re: OpenID/Debian PRNG/DNS Cache poisoning advisory
  • From: Dan Kaminsky
• New paper: An Illustrated Guide to the Kaminsky DNS Vulnerability
  • From: Steve Friedl
• Re: OpenID/Debian PRNG/DNS Cache poisoning advisory
  • From: Perry E. Metzger
• Re: OpenID/Debian PRNG/DNS Cache poisoning advisory
  • From: Eric Rescorla
• Re: OpenVMS fingerd remote stack overflow
  • From: Tim Newsham
• Re: OpenID/Debian PRNG/DNS Cache poisoning advisory
  • From: Ben Laurie
• Re: OpenID/Debian PRNG/DNS Cache poisoning advisory
  • From: Nicolas Williams
• Re: [OpenID] OpenID/Debian PRNG/DNS Cache poisoning advisory
  • From: Ben Laurie
• Re: OpenID/Debian PRNG/DNS Cache poisoning advisory
  • From: Nicolas Williams
• Re: OpenID/Debian PRNG/DNS Cache poisoning advisory
  • From: Leichter, Jerry
• Re: OpenID/Debian PRNG/DNS Cache poisoning advisory
  • From: Nicolas Williams
• Re: OpenID/Debian PRNG/DNS Cache poisoning advisory
  • From: Paul Hoffman
• key blacklisting & file size (was: OpenID/Debian PRNG/DNS Cache poisoning advisory)
  • From: Solar Designer
• Re: OpenID/Debian PRNG/DNS Cache poisoning advisory
  • From: Eric Rescorla
• [security bulletin] HPSBUX02351 SSRT080058 rev.4 - HP-UX Running BIND, Remote DNS Cache Poisoning
  • From: security-alert
• Kayako SupportSuite < 3.30.00 Multiple Vulnerabilities
  • From: GulfTech Security Research
• [ GLSA 200808-10 ] Adobe Reader: User-assisted execution of arbitrary code
  • From: Robert Buchholz
• Ovidentia Sql Injection
  • From: r3d . w0rm
• [SECURITY] [DSA 1627-1] New PowerDNS packages reduce DNS spoofing risk
  • From: Florian Weimer
• Re: [DSECRG-08-035] Local File Include Vulnerability in Gallery 1.5.7, 1.6-alpha3
  • From: o_0 . iahumeil
• K-Links Directory Blind SQL Injection Exploit
  • From: hadihadi_zedehal_2006
• rPSA-2008-0249-1 openldap openldap-clients openldap-servers
  • From: rPath Update Announcements
• rPSA-2008-0247-1 gvim vim vim-minimal
  • From: rPath Update Announcements
• [ GLSA 200808-11 ] UUDeview: Insecure temporary file creation
  • From: Pierre-Yves Rofes
• Apache Tomcat <= 6.0.18 UTF8 Directory Traversal Vulnerability
  • From: emericboit
• Re: Team SHATTER Security Advisory: SQL Injection in Oracle Database (DBMS_DEFER_SYS.DELETE_TRAN)
  • From: Team SHATTER
• Layered Defense Research Advisory: Alcatel-Lucent OmniSwitch products, Stack Buffer Overflow
  • From: dh
• RE: OpenID/Debian PRNG/DNS Cache poisoning advisory
  • From: Clausen, Martin (DK - Copenhagen)
• Re: OpenID/Debian PRNG/DNS Cache poisoning advisory
  • From: Ben Laurie
• Re: OpenID/Debian PRNG/DNS Cache poisoning advisory
  • From: Ben Laurie
• Re: TGS CMS Remote Code Execution Exploit
  • From: lcat
• iDefense Security Advisory 08.04.08: Solaris snoop SMB Decoding Multiple Format String Vulnerabilities
  • From: iDefense Labs
• [AJECT] hMailServer 4.4.1 DoS vulnerability
  • From: João Antunes
• iDefense Security Advisory 08.04.08: Solaris snoop SMB Decoding Multiple Stack Buffer Overflow Vulnerabilities
  • From: iDefense Labs
• Re: OpenID/Debian PRNG/DNS Cache poisoning advisory
  • From: Stefan Kanthak
• Re: OpenID/Debian PRNG/DNS Cache poisoning advisory
  • From: Forrest J. Cavalier III
• Internet attacks against Georgian web sites
  • From: Gadi Evron
• VMSA-2008-0012 Updated VirtualCenter addresses User Account Disclosure Vulnerability
  • From: VMware Security Team
• Re: OpenID/Debian PRNG/DNS Cache poisoning advisory
  • From: Leichter, Jerry
• rPSA-2008-0253-1 git gitweb
  • From: rPath Update Announcements
• Re: OpenID/Debian PRNG/DNS Cache poisoning advisory
  • From: \"Hal Finney\"
• Re: OpenID/Debian PRNG/DNS Cache poisoning advisory
  • From: Tim Dierks
• CA Host-Based Intrusion Prevention System SDK kmxfw.sys Multiple Vulnerabilities
  • From: Williams, James K
• VMSA-2008-0013 Updated ESX packages for OpenSSL, net-snmp, perl
  • From: VMware Security Team
• Re: OpenID/Debian PRNG/DNS Cache poisoning advisory
  • From: Ben Laurie
• Surf Jack - HTTPS will not save you
  • From: lists
• Re: OpenID/Debian PRNG/DNS Cache poisoning advisory
  • From: Florian Weimer
• Re: [funsec] Internet attacks against Georgian web sites
  • From: Paul Ferguson
• Re: [funsec] Internet attacks against Georgian web sites
  • From: Paul Ferguson
• [security bulletin] HPSBUX02356 SSRT080051 rev.1 - HP-UX Running ftpd, Remote Privileged Access
  • From: security-alert
• ZDI-08-048: Microsoft Excel COUNTRY Record Memory Corruption Vulnerability
  • From: zdi-disclosures
• ZDI-08-051: Microsoft Internet Explorer Table Layout Memory Corruption Vulnerability
  • From: zdi-disclosures
• ZDI-08-049: Microsoft Windows Graphics Rendering Engine PICT Heap Corruption
  • From: zdi-disclosures
• iDefense Security Advisory 08.12.08: Microsoft Office BMP Input Filter Heap Overflow Vulnerability
  • From: iDefense Labs
• Re: Vim: Netrw: FTP User Name and Password Disclosure
  • From: Tony Mechelynck
• [ MDVSA-2008:167 ] kernel
  • From: security
• ZDI-08-050: Microsoft Internet Explorer XHTML Rendering Memory Corruption Vulnerability
  • From: zdi-disclosures
• [ MDVSA-2008:166 ] clamav
  • From: security
• Vim: Netrw: FTP User Name and Password Disclosure
  • From: Jan Minář
• iDefense Security Advisory 08.12.08: Microsoft Office WPG Image File Heap Buffer Overflow Vulnerability
  • From: iDefense Labs
• [TKADV2008-006] CA HIPS KmxFw.sys Kernel Memory Corruption
  • From: Tobias Klein
• iDefense Security Advisory 08.12.08: Microsoft PowerPoint Viewer 2003 Out of Bounds Array Index Vulnerability
  • From: iDefense Labs
• iDefense Security Advisory 08.12.08: Microsoft PowerPoint Viewer 2003 Cstring Integer Overflow Vulnerability
  • From: iDefense Labs
• iDefense Security Advisory 08.12.08: Microsoft Excel Chart AxesSet Invalid Array Index Vulnerability
  • From: iDefense Labs
• iDefense Security Advisory 08.12.08: Microsoft Excel FORMAT Record Invalid Array Index Vulnerability
  • From: iDefense Labs
• iDefense Security Advisory 08.12.08: Microsoft Windows Color Management Module Heap Buffer Overflow Vulnerability
  • From: iDefense Labs
• rPSA-2008-0243-1 idle python
  • From: rPath Update Announcements
• Vim 7.2c.002 Fixes Arbitrary Command Execution when Handling Tar Archives
  • From: Jan Minář
• NULL pointer in Ventrilo 3.0.2
  • From: Luigi Auriemma
• [security bulletin] HPSBTU02358 SSRT080058 rev.1 - HP Tru64 UNIX running BIND, Remote DNS Cache Poisoning
  • From: security-alert
• CORE-2008-0103: Internet Explorer Zone Elevation Restrictions Bypass and Security Zone Restrictions Bypass
  • From: CORE Security Technologies Advisories
• [ MDVSA-2008:170 ] cups
  • From: security
• Microsoft Windows Messenger Remote Illegal Access Vulnerability
  • From: cocoruder
• [ MDVSA-2008:168 ] stunnel
  • From: security
• [ MDVSA-2008:169 ] hplip
  • From: security
• [security bulletin] HPSBOV02357 SSRT080058 rev.1 - HP OpenVMS TCP/IP Services running BIND, Remote DNS Cache Poisoning
  • From: security-alert
• Postfix local privilege escalation via hardlinked symlinks
  • From: Wietse Venema
• SYM08-015_SFW_SecurityUpdateBypass
  • From: Mike Prosser
• ZDI-08-053: Symantec Veritas Storage Foundation Scheduler Service NULL Session Authentication Bypass Vulnerability
  • From: zdi-disclosures
• Security Assessment of the Internet Protocol
  • From: Fernando Gont
• rPSA-2008-0255-1 freetype
  • From: rPath Update Announcements
• [ GLSA 200808-12 ] Postfix: Local privilege escalation vulnerability
  • From: Raphael Marichez
• Cisco Security Advisory: Vulnerability in Cisco WebEx Meeting Manager ActiveX Control
  • From: Cisco Systems Product Security Incident Response Team
• Re: MicroWorld MailScan - Multiple Vulnerabilities within Admin-Webinterface
  • From: oliver karow
• munky-bliki lfi
  • From: r3d . w0rm
• Mambo 4.6.2 Full Version - Multiple Cross Site Scripting - By Khashayar Fereidani
  • From: irancrash
• FlexCMS <= 2.5 Cross Site Scripting Vulnerability
  • From: irancrash
• [ MDVSA-2008:171 ] postfix
  • From: security
• [ MDVSA-2008:172 ] amarok
  • From: security
• PHP Live Helper <= 2.0.1 Multiple Vulnerabilities
  • From: GulfTech Security Research
• Nokia 6131 NFC URI/URL Spoofing and DoS Advisory
  • From: Collin R. Mulliner
• Re: ManageEngine Firewall Analyzer arbitrary file disclosure to authorized user
  • From: Eder Wentz
• NewsHOWLER 1.03 Beta Cookie Handling Via Sql injection
  • From: r3d . w0rm
• [DSECRG-08-036] Multiple Security Vulnerabilities in Freeway eCommerce 1.4.1.171
  • From: Digital Security Research Group [DSecRG]
• Tool: PorkBind v1.3 Nameserver Security Scanner (New Version)
  • From: Derek Callaway
• Ovidentia 6.6.5 XSS (index.php)&#8207;
  • From: mostafa_ragab
• [security bulletin] HPSBMA02345 SSRT080039 rev.2 - HP System Management Homepage (SMH) for Linux and Windows, Remote Cross Site Scripting (XSS)
  • From: security-alert
• [SECURITY] [DSA 1629-1] New postfix packages fix privilege escalation
  • From: Thijs Kinkhorst
• [SECURITY] [DSA 1629-2] New postfix packages fix installability problem on i386
  • From: Thijs Kinkhorst
• [security bulletin] HPSBST02360 SSRT080117 rev.2 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-041 to MS08-051
  • From: security-alert
• SunShop <= 4.1.4 SQL Injection
  • From: GulfTech Security Research
• Vanilla <= 1.1.4 Script Injection/ XSS
  • From: GulfTech Security Research
• [ MDVSA-2008:173 ] kdegraphics
  • From: security
• [ MDVSA-2008:174 ] kernel
  • From: security
• [USN-636-1] Postfix vulnerability
  • From: Kees Cook
• ToorCon 10 Call For Papers
  • From: David Hulton
• Folder Lock <= 5.9.5 Local Password Information Disclosure
  • From: glafkos
• [ MDVSA-2008:175 ] yelp
  • From: security
• IMF 2008 - Call for Participation
  • From: Oliver Goebel
• [ MDVSA-2008:176 ] mtr
  • From: security
• CORE-2008-0624: Anzio Web Print Object Buffer Overflow
  • From: CORE Security Technologies Advisories
• Null Byte Local file Inclusion in FAR - PHP Project version:1.0
  • From: beenudel1986
• CORE-2008-0813 - vBulletin Cross Site Scripting Vulnerability
  • From: CORE Security Technologies Advisories
• rPSA-2008-0259-1 postfix
  • From: rPath Update Announcements
• [ MDVSA-2008:177 ] xine-lib
  • From: security
• [ MDVSA-2008:178 ] xine-lib
  • From: security
• UPDATE: [ GLSA 200804-22 ] PowerDNS Recursor: DNS Cache Poisoning
  • From: Robert Buchholz
• [SECURITY] [DSA 1630-1] New Linux 2.6.18 packages fix several vulnerabilities
  • From: dann frazier
• TimeTrex Time and Attendance Cookie Theft
  • From: DoZ
• Contest: Best Advances for OpenVAS Network Vulnerability Tests
  • From: Michael Wiegand
• Call For Papers - Hackers 2 Hackers Conference 5th Edition - Brazil
  • From: cfp
• PR08-20: Bypassing ASP .NET "ValidateRequest" for Script Injection Attacks
  • From: ProCheckUp Research
• Vim: Arbitrary Code Execution in Commands: K, Control-], g]
  • From: Jan Minář
• RE: TimeTrex Time and Attendance Cookie Theft
  • From: Alex Eden
• [ MDVSA-2008:179 ] metisse
  • From: security
• [ MDVSA-2008:180 ] libxml2
  • From: security
• Secunia Research: Trend Micro Products Web Management Authentication Bypass
  • From: Secunia Research
• Fedora confirms: Our servers were breached
  • From: Juha-Matti Laurio
• Apple OSX Leopard (10.5+), inadequate ACL insight can create vuln
  • From: bgtrq . tryfixingit
• Re: Null Byte Local file Inclusion in FAR - PHP Project version:1.0
  • From: William McAfee
• [SECURITY] [DSA 1631-1] New libxml2 packages fix denial of service
  • From: Steve Kemp
• [oCERT-2008-008] multiple heap overflows in xine-lib
  • From: Will Drewry
• Re: RE: TimeTrex Time and Attendance Cookie Theft
  • From: hi
• Re: Fedora confirms: Our servers were breached
  • From: Dragos Ruiu
• OneNews Beta 2 Multiple Vulnerabilities
  • From: crimson . loyd
• Re: TimeTrex Time and Attendance Cookie Theft
  • From: Mike
• Secunia Research: Novell iPrint Client ActiveX Control "GetFileList()" Information Disclosure
  • From: Secunia Research
• RE: Arbitrary Code Execution in Commands: K, Control-], g]
  • From: Michael Wojcik
• [DSECRG-08-038] Multiple Local File Include Vulnerabilities in ezContents CMS 2.0.3
  • From: Digital Security Research Group [DSecRG]
• Secunia Research: Calendarix Basic Two SQL Injection Vulnerabilities
  • From: Secunia Research
• Secunia Research: Novell iPrint Client ActiveX Control Multiple Buffer Overflows
  • From: Secunia Research
• [DSECRG-08-037] Multiple Local File Include Vulnerabilities in Pluck CMS 4.5.2
  • From: Digital Security Research Group [DSecRG]
• SECOBJADV-2008-03.2: PartyGaming PartyPoker Malicious Update Vulnerability
  • From: Security Objectives Corporation
• [IVIZ-08-009] Grub Legacy Security Model bypass exploiting wrong BIOS API usage
  • From: iViZ Security Advisories
• [IVIZ-08-006] DiskCryptor Security Model bypass exploiting wrong BIOS API usage
  • From: iViZ Security Advisories
• Crafty Syntax Live Help <= 2.14.6 SQL Injection
  • From: GulfTech Security Research
• ToorCon X CFP Closing and Workshops and Seminars discounted until Friday!
  • From: David Hulton
• Mini-NUKE v2.3 Freehost (tr) Multiple Remote SQL Injection Vulnerabilities
  • From: byccc
• ZoneMinder Multiple Vulnerabilities
  • From: filip . palian
• Hopeless comments regarding the pointless "HP System Management Homepage (SMH) Unspecified XSS"
  • From: Luca.carettoni
• [SECURITY] [DSA 1632-1] New tiff packages fix arbitrary code execution
  • From: Thijs Kinkhorst
• Multiple Vulnerabilities in AWStats Totals
  • From: Elliot Kendall
• [SECURITY] [DSA 1631-1] New libxml2 packages fix denial of service
  • From: Steve Kemp
• White Wolf Labs #080826-1: Kyocera Mita Scanner File Utility (Multiple)
  • From: Seth Fogie
• PacSec 2008 CFP (Deadline Sept. 1, Conference Nov. 12/13) and BA-Con 2008 Speakers (Sept .30/ Oct. 1)
  • From: Dragos Ruiu
• [ MDVSA-2008:180-1 ] libxml2
  • From: security
• [security bulletin] HPSBMA02363 SSRT080106 rev.1 - HP Enterprise Discovery Running on Windows, Remote Authorized User, Gain Extended Privileges
  • From: security-alert
• [IVIZ-08-008] LILO Security Model bypass exploiting wrong BIOS API usage
  • From: iViZ Security Advisories
• [IVIZ-08-007] DriveCrypt Security Model bypass exploiting wrong BIOS API usage
  • From: iViZ Security Advisories
• [IVIZ-08-003] TrueCrypt Security Model bypass exploiting wrong BIOS API usage
  • From: iViZ Security Advisories
• [USN-638-1] Yelp vulnerability
  • From: Kees Cook
• [IVIZ-08-004] Intel BIOS Plain Text Password Disclosure
  • From: iViZ Security Advisories
• XSS and Data Manipulation attacks found in CMS PHPCart.
  • From: vaibhav aher
• [IVIZ-08-002] Hewlett-Packard BIOS Plain Text Password Disclosure
  • From: iViZ Security Advisories
• [IVIZ-08-005] IBM Lenovo BIOS Plain Text Password Disclosure
  • From: iViZ Security Advisories
• [security bulletin] HPSBUX02365 SSRT080118 rev.1 - HP-UX Running Apache, Remote Cross Site Scripting (XSS) or Denial of Service (DoS)
  • From: security-alert
• reviving the botnets@ mailing list: a new statregy in fighting cyber crime
  • From: Gadi Evron
• ZDI-08-054: Multiple Vendor libpurple MSN Protocol SLP Message Heap Overflow Vulnerability
  • From: zdi-disclosures
• [scip_Advisory 3807] Dreambox DM500 webserver long URL request denial of service
  • From: Marc Ruef
• [Advisory] Invision Power Board <= 2.3.5 Multiple Vulnerabilities and Security Bypass
  • From: gmdarkfig
• [ MDVSA-2008:181 ] ipsec-tools
  • From: security
• [Exploit] Invision Power Board <= 2.3.5 Multiple Vulnerabilities
  • From: gmdarkfig
• Re: [Exploit] Invision Power Board <= 2.3.5 Multiple Vulnerabilities
  • From: gmdarkfig
• VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.
  • From: VMware Security team
• Re: [Advisory] Invision Power Board <= 2.3.5 Multiple Vulnerabilities and Security Bypass
  • From: gmdarkfig
• [SECURITY] [DSA-1597-2] New mt-daapd package fix regression
  • From: Devin Carraway