Mail Index
- 2008 OpenVAS Contest
- Universal Website Hijacking by Exploiting Firewall Content Filtering Features + SonicWALL firewalls 0day
- spitfirephoto Pro pages.php Sql Injection
- phpWebSite links.php Sql Injection
- U-Mail Webmail 'edit.php' Arbitrary File Write Vulnerability
- VMSA-2008-0017 Updated ESX packages for libxml2, ucd-snmp, libtiff
- From: VMware Security Team
- Cpanel 11.x Local File Inclusion & Cross Site Scripting - Discovered By Khashayar Fereidani
- Re: Universal Website Hijacking by Exploiting Firewall Content Filtering Features + SonicWALL firewalls 0day
- Secunia Research: Interact SQL Injection and Cross-Site Request Forgery
- Re: Universal Website Hijacking by Exploiting Firewall Content Filtering Features + SonicWALL firewalls 0day
- iDefense Security Advisory 10.31.08: Oracle WebLogic Apache Connector
- [Paper] Reflective Dll Injection
- Typo <= 5.1.3 Multiple Vulnerabilities
- iDefense Security Advisory 10.31.08: OpenOffice EMF Record Parsing Multiple Integer Overflow Vulnerabilities
- Re: Java Web start vulnerability
- [ MDVSA-2008:121-1 ] freetype2
- RE: Universal Website Hijacking by Exploiting Firewall Content Filtering Features + SonicWALL firewalls 0day
- Final notification about "POC2008" Conference
- [ MDVSA-2008:223 ] kernel
- sharedlog CMS Remote File Includes
- Re: [Full-disclosure] Windows RPC worm (MS08-067) in the wild
- Re: Universal Website Hijacking by Exploiting Firewall Content Filtering Features + SonicWALL firewalls 0day
- Re: [Full-disclosure] Universal Website Hijacking by Exploiting Firewall Content Filtering Features + SonicWALL firewalls 0day
- Windows RPC worm (MS08-067) in the wild
- DriveCMS article.php remote sql injection
- Re: [Full-disclosure] Universal Website Hijacking by Exploiting Firewall Content Filtering Features + SonicWALL firewalls 0day
- Re: iDefense Security Advisory 10.30.08: Adobe PageMaker Key Strings Stack Buffer Overflow
- From: Vladimir '3APA3A' Dubrovin
- Re: [Full-disclosure] Universal Website Hijacking by Exploiting Firewall Content Filtering Features + SonicWALL firewalls 0day
- A-Link WL54AP3 and WL54AP2 CSRF+XSS vulnerability
- From: Henri Lindberg - Smilehouse Oy
- Bitsec Security Advisory: UW/Panda IMAP [dt]mail buffer overflow
- [ GLSA 200811-01 ] Opera: Multiple vulnerabilities
- iDefense Security Advisory 11.03.08: Multiple Vendor CUPS texttops Integer Overflow Vulnerability
- iDefense Security Advisory 11.03.08: Multiple Vendor CUPS SGI imagetops Heap Overflow Vulnerability
- [USN-660-1] enscript vulnerability
- [security bulletin] HPSBMA02380 SSRT080121 rev.1 - HP System Management Homepage (SMH) for HP-UX, Local Unauthorized Access
- Secunia Research: Adobe Acrobat/Reader "util.printf()" Buffer Overflow
- CORE-2008-0526: Adobe Reader Javascript Printf Buffer Overflow
- From: CORE Security Technologies Advisories
- Aruba Mobility Controller SNMP Community String Disclosure
- rPSA-2008-0311-1 postfix
- From: rPath Update Announcements
- [Tool] sqlmap 0.6.2 released
- From: Bernardo Damele A. G.
- Re: [Full-disclosure] Universal Website Hijacking by Exploiting Firewall Content Filtering Features + SonicWALL firewalls 0day
- [security bulletin] HPSBUX02381 SSRT080083 rev.1 - HP-UX Running Xserver, Remote Execution of Arbitrary Code
- FirmChannel Digital Signage 3.24 Cross-site scripting
- Re: Re: [Full-disclosure] Universal Website Hijacking by Exploiting Firewall Content Filtering Features + SonicWALL firewalls 0day
- iDefense Security Advisory 11.04.08: Multiple Vendor NOS Microsystems getPlus Downloader Stack Buffer Overflow Vulnerability
- ZDI-08-072: Adobe Acrobat PDF Javascript printf Stack Overflow Vulnerability
- ZDI-08-073: Adobe Acrobat Reader Malformed PDF Code Execution Vulnerability
- ZDI-08-074: Adobe Acrobat PDF Javascript getCosObj Memory Corruption Vulnerability
- iDefense Security Advisory 11.04.08: Adobe Reader Embedded Font Handling Out of Bounds Array Indexing Vulnerability
- iDefense Security Advisory 11.04.08: Adobe Acrobat And Reader AcroJS Heap Corruption Vulnerability
- [ MDVSA-2008:224 ] kernel
- Re: Re: Re: [Full-disclosure] Universal Website Hijacking by Exploiting Firewall Content Filtering Features + SonicWALL firewalls 0day
- From: unknown . pentester
- Re: Re: Re: [Full-disclosure] Universal Website Hijacking by Exploiting Firewall Content Filtering Features + SonicWALL firewalls 0day
- From: unknown . pentester
- [USN-662-1] Linux kernel vulnerabilities
- Applications can open up remote root access on G1 Phone
- [USN-663-1] system-tools-backends regression
- DFLabs PTK Forensic Local Command Execution Vulnerability
- [ MDVSA-2008:225 ] net-snmp
- [SECURITY] [DSA 1662-1] New mysql-dfsg-5.0 packages fix authorization bypass
- Remote access vulnerability using BigDump ver. 0.29b
- Arab Portal v2.1 Remote File Disclosure (Win32)
- Re: phpWebSite links.php Sql Injection
- hMAilServer 4.4.2 (PHPWebAdmin) local & remote file inclusion
- Re: Applications can open up remote root access on G1 Phone
- [TKADV2008-012] VLC media player cue Processing Stack Overflow Vulnerability
- [USN-664-1] Tk vulnerability
- [TKADV2008-011] VLC media player RealText Processing Stack Overflow Vulnerability
- [security bulletin] HPSBTU02383 SSRT080098 rev.1 - HP Tru64 UNIX running AdvFS "showfile" command, Local Gain Extended Privileges
- [USN-665-1] Netpbm vulnerability
- [ MDVSA-2008:226 ] ruby
- [USN-662-2] Ubuntu kernel modules vulnerability
- VMSA-2008-0018 VMware Hosted products and patches for ESX and ESXi resolve two security issues
- From: VMware Security Team
- Re: [WEB SECURITY] countermeasure against attacks through HTML shared files
- countermeasure against attacks through HTML shared files
- [ MDVSA-2008:224-1 ] kernel
- Re: [WEB SECURITY] countermeasure against attacks through HTML shared files
- VMware Emulation Flaw x64 Guest Privilege Escalation (2/2)
- [USN-666-1] Dovecot vulnerability
- Re: countermeasure against attacks through HTML shared files
- Re: countermeasure against attacks through HTML shared files
- Enthusiast 3 Remote Code Execution
- [AK-ADV2008-001] Openfire Jabber-Server: Multiple Vulnerabilities (Authentication Bypass, SQL injection, ...)
- Re: [WEB SECURITY] countermeasure against attacks through HTML shared files
- Re: [WEB SECURITY] countermeasure against attacks through HTML shared files
- BSOD in Win'2k3, Vista x86 and x64 by nonpriviledged user
- Multiple remote vulnerabilities MoinMoin v1.80
- [SECURITY] [DSA 1663-1] New net-snmp packages fix several vulnerabilities
- Metrica Service Assurance Multiple Cross Site Scripting
- ClamAV get_unicode_name() off-by-one buffer overflow
- [ GLSA 200811-02 ] Gallery: Multiple vulnerabilities
- [ GLSA 200811-03 ] FAAD2: User-assisted execution of arbitrary code
- [ GLSA 200811-04 ] Graphviz: User-assisted execution of arbitrary code
- Collabtive 0.4.8 Multiple Vulnerabilities
- Re: Default key algorithm in Thomson and BT Home Hub routers
- [SECURITY] [DSA 1664-1] New ekg packages fix denial of service
- Google Chrome Break
- Joomla Component JooBlog 0.1.1 (PostID) SQL Injection Vuln.
- Re [WEB SECURITY] countermeasure against attacks through HTML shared files
- Re: [WEB SECURITY] countermeasure against attacks through HTML shared files
- ooVoo 1.7.1.35 (URL Protocol) remote unicode buffer overflow poc
- [security bulletin] HPSBMA02380 SSRT080121 rev.2 - HP System Management Homepage (SMH) for HP-UX, Local Unauthorized Access
- [USN-669-1] gnome-screensaver vulnerabilities
- [security bulletin] HPSBMA02385 SSRT080161 rev.1 - HP Service Manager (HPSM), Gain Extended Privileges
- rPSA-2008-0315-1 net-snmp net-snmp-client net-snmp-server net-snmp-utils
- From: rPath Update Announcements
- Re: Re: MS OWA 2003 Redirection Vulnerability - [MSRC 7368br]
- [SECURITY] [DSA 1665-1] New libcdaudio packages fix arbitrary code execution
- rPSA-2008-0318-1 initscripts
- From: rPath Update Announcements
- rPSA-2008-0316-1 kernel
- From: rPath Update Announcements
- Team SHATTER Security Advisory: Oracle Database SQL Injection in SYS.DBMS_CDC_IPUBLISH.ALTER_HOTLOG_INTERNAL_CSOURCE
- Team SHATTER Security Advisory: Oracle Database SQL Injection in SYS.DBMS_CDC_PUBLISH.ALTER_AUTOLOG_CHANGE_SOURCE
- Team SHATTER Security Advisory: Oracle Database multiple SQL Injection vulnerabilities in Workspace Manager
- [ MDVSA-2008:227 ] gnutls
- Team SHATTER Security Advisory: Oracle Database Multiple SQL Injection vulnerabilities in LTADM
- Digital Armaments October-November Hacking Challenge: Linux Local Kernel Exploit (5,000$)
- New Whitepaper - .NET Framework Rootkits: Backdoors inside your Framework
- Re: A-Link WL54AP3 and WL54AP2 CSRF+XSS vulnerability
- [USN-670-1] VMBuilder vulnerability
- [ MDVSA-2008:228 ] mozilla-firefox
- [ MDVSA-2008:229 ] clamav
- Re: [Full-disclosure] MS OWA 2003 Redirection Vulnerability - [MSRC 7368br]
- ANNOUNCE: RFIDIOt release RFIDIOt-0.1u
- Microsoft Windows Server Service (MS08-067) Exploit
- [waraxe-2008-SA#068] - Sql Injection in vBulletin 3.7.3.pl1
- Re: MS OWA 2003 Redirection Vulnerability - [MSRC 7368br]
- [ GLSA 200811-05 ] PHP: Multiple vulnerabilities
- rPSA-2008-0321-1 enscript
- From: rPath Update Announcements
- RE: MS OWA 2003 Redirection Vulnerability - [MSRC 7368br]
- From: Castigliola, Angelo
- Opera 9.6x file:// overflow
- Exodus v0.10 uri handler arbitrary parameter injection
- [waraxe-2008-SA#069] - Multiple Sql Injection in vBulletin 3.7.4
- [USN-671-1] MySQL vulnerabilities
- Kimson cms cross site scripting vulnerability
- From: md . r00t . defacer
- rPSA-2008-0322-1 gnutls
- From: rPath Update Announcements
- Re: Opera 9.6x file:// overflow
- [ MDVSA-2008:227-1 ] gnutls
- [USN-667-1] Firefox and xulrunner vulnerabilities
- [USN-672-1] ClamAV vulnerability
- [SECURITY] [DSA 1666-1] New libxml2 packages fix several vulnerabilities
- [ MDVSA-2008:230 ] firefox
- [DSECRG-08-039] Local File Include Vulnerability in Pluck CMS 4.5.3
- From: Digital Security Research Group
- Outdated and vulnerable OpenSource libraries used in "Deutsche Telekom" home banking software
- [security bulletin] HPSBST02386 SSRT080164 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-067 to MS08-069
- Re: Re: Opera 9.6x file:// overflow
- Re: Re: Re: Opera 9.6x file:// overflow
- Black Hat November News: CFPS Now Open, Webinar 5 and Japan on-line.
- [USN-673-1] libxml2 vulnerabilities
- Firefox cross-domain image theft (CESA-2008-009)
- Microsoft VISTA TCP/IP stack buffer overflow
- From: Thomas Unterleitner
- PR07-11: Cross-site Request Forgery (CSRF) on Sun Java System Identity Manager
- From: ProCheckUp Research
- Metasploit Framework 3.2 Released
- Re: Opera 9.6x file:// overflow
- Secunia Research: Streamripper Multiple Buffer Overflows
- PR08-09: Unauthenticated File Retrieval on Sun Java System Identity Manager "ext" parameter
- From: ProCheckUp Research
- [ MDVSA-2008:231 ] libxml2
- PR07-40: Authentication Bypass, Passwords Leakage and SNMP Injection on 3Com AP 8760
- From: ProCheckUp Research
- [SECURITY] [DSA 1667-1] New python2.4 packages fix several vulnerabilities
- rPSA-2008-0325-1 libxml2
- From: rPath Update Announcements
- Re: [ MDVSA-2008:231 ] libxml2
- [ MDVSA-2008:232 ] dovecot
- [USN-674-1] HPLIP vulnerabilities
- Re: Re: Re: Re: Opera 9.6x file:// overflow
- Re: [ MDVSA-2008:232 ] dovecot
- Re: Re: Re: Re: Opera 9.6x file:// overflow
- [ MDVSA-2008:220-1 ] kernel
- Re: Re: Re: Re: Re: Opera 9.6x file:// overflow
- Re: Cpanel 11.x Local File Inclusion & Cross Site Scripting - Discovered By Khashayar Fereidani
- boastMachine v3.1 Remote Sql Injection
- [security bulletin] HPSBMA02388 SSRT080059 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Cross Site Scripting (XSS)
- Social Engine 2.7 CRLF Injection + SQL injection
- SecurityReason : PHP 5.2.6 (error_log) safe_mode bypass
- Re: Re: Cpanel 11.x Local File Inclusion & Cross Site Scripting - Discovered By Khashayar Fereidani
- Re: Cpanel 11.x Local File Inclusion & Cross Site Scripting - Discovered By Khashayar Fereidani
- Re: Re: Re: Re: Re: Opera 9.6x file:// overflow
- Re: Re: Re: Re: Re: Re: Opera 9.6x file:// overflow
- [ MDVSA-2008:233 ] libcdaudio
- ZDI-08-075: EMC Control Center SAN Manager Master SST_CTGTRANS Overflow Vulnerability
- ZDI-08-076: EMC Control Center SAN Manager SST_SENDFILE Remote File Retrieval Vulnerability
- KVIrc 3.4.2 Shiny (uri handler) remote command execution exploit
- OpenSSH security advisory: cbc.adv
- DDIVRT-2008-15 iPhone Configuration Web Utility 1.0 for Windows Directory Traversal
- From: vulnerabilityresearch
- [ MDVSA-2008:234 ] kernel
- Adobe Flash Multiple Vulnerabilities
- [SVRT-04-08] Vulnerability in WireShark 1.0.4 for DoS Attack
- Re: Re: MS Internet Explorer 7 Denial Of Service Exploit
- [SECURITY] [DSA 1668-1] New hf packages fix execution of arbitrary code
- rPSA-2008-0324-1 gvim vim vim-minimal
- From: rPath Update Announcements
- rPSA-2008-0327-1 httpd mod_ssl
- From: rPath Update Announcements
- rPSA-2008-0328-1 httpd mod_ssl
- From: rPath Update Announcements
- Wrong report: BID 32287, Pi3Web ISAPI DoS vulnerability
- Re: Wrong report: BID 32287, Pi3Web ISAPI DoS vulnerability
- Re: OpenSSH security advisory: cbc.adv
- [SECURITY] [DSA 1669-1] New xulrunner packages fix several vulnerabilities
- Re: Re: Re: MS Internet Explorer 7 Denial Of Service Exploit
- Re: MS Internet Explorer 7 Denial Of Service Exploit
- [ MDVSA-2008:235 ] mozilla-thunderbird
- Revised: OpenSSH security advisory: cbc.adv
- Re: Re: MS Internet Explorer 7 Denial Of Service Exploit
- Amaya (URL Bar) Remote Stack Overflow Vulnerability
- Amaya (id) Remote Stack Overflow Vulnerability
- [SVRT-05-08] Critical BoF vulnerability found in ffdshow affecting all internet browsers (SVRT-Bkis)
- Google Chrome MetaCharacter URI Obfuscation Vulnerability
- [USN-675-1] Pidgin vulnerabilities
- Re: OpenSSH security advisory: cbc.adv
- [USN-676-1] WebKit vulnerability
- FreeBSD Security Advisory FreeBSD-SA-08:11.arc4random
- From: FreeBSD Security Advisories
- [USN-675-2] Gaim vulnerability
- Re: Re: OpenSSH security advisory: cbc.adv
- [USN-674-2] HPLIP vulnerabilities
- [SECURITY] [DSA 1670-1] New enscript packages fix arbitrary code execution
- WebStudio CMS 'pageid' Blind SQL Injection
- Siemens C450IP/C475IP DoS
- [SECURITY] [DSA 1671-1] New iceweasel packages fix several vulnerabilities
- Re: Re: Wrong report: BID 32287, Pi3Web ISAPI DoS vulnerability
- Re: Re: OpenSSH security advisory: cbc.adv
- Re: OpenSSH security advisory: cbc.adv
- Re: OpenSSH security advisory: cbc.adv
- CanSecWest 2009 CFP (March 18-20 2009, Deadline December 8 2008)
- Re: [SVRT-05-08] Critical BoF vulnerability found in ffdshow affecting all internet browsers (SVRT-Bkis)
- Re: [SVRT-05-08] Critical BoF vulnerability found in ffdshow affecting all internet browsers (SVRT-Bkis)
- Re: OpenSSH security advisory: cbc.adv
- MyBB 1.4.3 my_post_key Disclosure Vulnerability
- [USN-677-1] OpenOffice.org vulnerabilities
- New tool and paper for Oracle forensics...
- Re: OpenSSH security advisory: cbc.adv
- [security bulletin] HPSBTU02382 SSRT080132 rev.1 - HP Secure Web Server for Tru64 UNIX or Internet Express for Tru64 UNIX running PHP, Remote Denial of Service (DoS) or Arbitrary Code Execution
- Re: Microsoft VISTA TCP/IP stack buffer overflow
- RSA EnVision Remote Password Disclosure
- WordPress XSS vulnerability in RSS Feed Generator
- Re: Microsoft VISTA TCP/IP stack buffer overflow
- [CFP] FRHACK 01 Call For Papers (save the dates!)
- [USN-678-1] GnuTLS vulnerability
- Re: [SVRT-05-08] Critical BoF vulnerability found in ffdshow affecting all internet browsers (SVRT-Bkis)
- [USN-668-1] Thunderbird vulnerabilities
- Updated: Google Chrome 0.4.154.25 URI Meta Character URL Obfuscation
- XSS in Internet Explorer 6 and 7
- Re: XSS in Internet Explorer 6 and 7
- WHMCS V3.7.1 Sensible Information Disclosure
- Re: WHMCS V3.7.1 Sensible Information Disclosure
- FreeRainbowTables.com has changed generation platform
- [HACKATTACK Advisory 20081127]Social Impress CMS 1.1 - Session Fixation
- [USN-680-1] Samba vulnerability
- AssoCIateD 1.4.4 Remote Cross Site Scripting Vulnerability
- DC4420 - DEFCON London - Christmas meeting - Tuesday 2nd December 2008
- SecurityReason : PHP 5.2.6 dba_replace() destroying file
- [tool] Exomind v0.2 is out!
- [SECURITY] [DSA 1672-1] New imlib2 packages fix arbitrary code execution
Mail converted by MHonArc