Mail Thread Index
- 2008 OpenVAS Contest,
The OpenVAS Team
- Universal Website Hijacking by Exploiting Firewall Content Filtering Features + SonicWALL firewalls 0day,
Adrian P
- spitfirephoto Pro pages.php Sql Injection,
beenudel1986
- phpWebSite links.php Sql Injection,
beenudel1986
- U-Mail Webmail 'edit.php' Arbitrary File Write Vulnerability,
WSN1983
- VMSA-2008-0017 Updated ESX packages for libxml2, ucd-snmp, libtiff,
VMware Security Team
- Cpanel 11.x Local File Inclusion & Cross Site Scripting - Discovered By Khashayar Fereidani,
irancrash
- Secunia Research: Interact SQL Injection and Cross-Site Request Forgery,
Secunia Research
- iDefense Security Advisory 10.31.08: Oracle WebLogic Apache Connector,
iDefense Labs
- [Paper] Reflective Dll Injection,
stephen_fewer
- Typo <= 5.1.3 Multiple Vulnerabilities,
L4teral
- iDefense Security Advisory 10.31.08: OpenOffice EMF Record Parsing Multiple Integer Overflow Vulnerabilities,
iDefense Labs
- Re: Java Web start vulnerability,
varun . srivastav
- [ MDVSA-2008:121-1 ] freetype2,
security
- Final notification about "POC2008" Conference,
pocadm
- [ MDVSA-2008:223 ] kernel,
security
- sharedlog CMS Remote File Includes,
joseph . giron13
- Re: [Full-disclosure] Windows RPC worm (MS08-067) in the wild,
Juha-Matti Laurio
- Windows RPC worm (MS08-067) in the wild,
Juha-Matti Laurio
- DriveCMS article.php remote sql injection,
beenudel1986
- Re: iDefense Security Advisory 10.30.08: Adobe PageMaker Key Strings Stack Buffer Overflow,
Vladimir '3APA3A' Dubrovin
- A-Link WL54AP3 and WL54AP2 CSRF+XSS vulnerability,
Henri Lindberg - Smilehouse Oy
- Bitsec Security Advisory: UW/Panda IMAP [dt]mail buffer overflow,
Bitsec Labs
- [ GLSA 200811-01 ] Opera: Multiple vulnerabilities,
Tobias Heinlein
- iDefense Security Advisory 11.03.08: Multiple Vendor CUPS texttops Integer Overflow Vulnerability,
iDefense Labs
- iDefense Security Advisory 11.03.08: Multiple Vendor CUPS SGI imagetops Heap Overflow Vulnerability,
iDefense Labs
- [USN-660-1] enscript vulnerability,
Kees Cook
- [security bulletin] HPSBMA02380 SSRT080121 rev.1 - HP System Management Homepage (SMH) for HP-UX, Local Unauthorized Access,
security-alert
- Secunia Research: Adobe Acrobat/Reader "util.printf()" Buffer Overflow,
Secunia Research
- CORE-2008-0526: Adobe Reader Javascript Printf Buffer Overflow,
CORE Security Technologies Advisories
- Aruba Mobility Controller SNMP Community String Disclosure,
nnposter
- rPSA-2008-0311-1 postfix,
rPath Update Announcements
- [Tool] sqlmap 0.6.2 released,
Bernardo Damele A. G.
- Re: [Full-disclosure] Universal Website Hijacking by Exploiting Firewall Content Filtering Features + SonicWALL firewalls 0day,
Steven M. Christey
- [security bulletin] HPSBUX02381 SSRT080083 rev.1 - HP-UX Running Xserver, Remote Execution of Arbitrary Code,
security-alert
- FirmChannel Digital Signage 3.24 Cross-site scripting,
brad . antoniewicz
- iDefense Security Advisory 11.04.08: Multiple Vendor NOS Microsystems getPlus Downloader Stack Buffer Overflow Vulnerability,
iDefense Labs
- ZDI-08-072: Adobe Acrobat PDF Javascript printf Stack Overflow Vulnerability,
zdi-disclosures
- ZDI-08-073: Adobe Acrobat Reader Malformed PDF Code Execution Vulnerability,
zdi-disclosures
- ZDI-08-074: Adobe Acrobat PDF Javascript getCosObj Memory Corruption Vulnerability,
zdi-disclosures
- iDefense Security Advisory 11.04.08: Adobe Reader Embedded Font Handling Out of Bounds Array Indexing Vulnerability,
iDefense Labs
- iDefense Security Advisory 11.04.08: Adobe Acrobat And Reader AcroJS Heap Corruption Vulnerability,
iDefense Labs
- [ MDVSA-2008:224 ] kernel,
security
- [USN-662-1] Linux kernel vulnerabilities,
Kees Cook
- Applications can open up remote root access on G1 Phone,
Jim Paris
- [USN-663-1] system-tools-backends regression,
Kees Cook
- DFLabs PTK Forensic Local Command Execution Vulnerability,
luca . carettoni
- [ MDVSA-2008:225 ] net-snmp,
security
- [SECURITY] [DSA 1662-1] New mysql-dfsg-5.0 packages fix authorization bypass,
Devin Carraway
- Remote access vulnerability using BigDump ver. 0.29b,
XiaShing
- Arab Portal v2.1 Remote File Disclosure (Win32),
r3d . w0rm
- hMAilServer 4.4.2 (PHPWebAdmin) local & remote file inclusion,
nospam
- [TKADV2008-012] VLC media player cue Processing Stack Overflow Vulnerability,
Tobias Klein
- [USN-664-1] Tk vulnerability,
Marc Deslauriers
- [TKADV2008-011] VLC media player RealText Processing Stack Overflow Vulnerability,
Tobias Klein
- [security bulletin] HPSBTU02383 SSRT080098 rev.1 - HP Tru64 UNIX running AdvFS "showfile" command, Local Gain Extended Privileges,
security-alert
- [USN-665-1] Netpbm vulnerability,
Marc Deslauriers
- [ MDVSA-2008:226 ] ruby,
security
- [USN-662-2] Ubuntu kernel modules vulnerability,
Kees Cook
- VMSA-2008-0018 VMware Hosted products and patches for ESX and ESXi resolve two security issues,
VMware Security Team
- countermeasure against attacks through HTML shared files,
fcorella
- [ MDVSA-2008:224-1 ] kernel,
security
- Re: [WEB SECURITY] countermeasure against attacks through HTML shared files,
fcorella
- VMware Emulation Flaw x64 Guest Privilege Escalation (2/2),
ds . adv . pub
- [USN-666-1] Dovecot vulnerability,
Kees Cook
- Enthusiast 3 Remote Code Execution,
admin
- [AK-ADV2008-001] Openfire Jabber-Server: Multiple Vulnerabilities (Authentication Bypass, SQL injection, ...),
Andreas Kurtz
- BSOD in Win'2k3, Vista x86 and x64 by nonpriviledged user,
support
- Multiple remote vulnerabilities MoinMoin v1.80,
XiaShing
- [SECURITY] [DSA 1663-1] New net-snmp packages fix several vulnerabilities,
Thijs Kinkhorst
- Metrica Service Assurance Multiple Cross Site Scripting,
f . bianchino
- ClamAV get_unicode_name() off-by-one buffer overflow,
Moritz Jodeit
- [ GLSA 200811-02 ] Gallery: Multiple vulnerabilities,
Tobias Heinlein
- [ GLSA 200811-03 ] FAAD2: User-assisted execution of arbitrary code,
Tobias Heinlein
- [ GLSA 200811-04 ] Graphviz: User-assisted execution of arbitrary code,
Tobias Heinlein
- Collabtive 0.4.8 Multiple Vulnerabilities,
ascii
- Re: Default key algorithm in Thomson and BT Home Hub routers,
securityfocus
- [SECURITY] [DSA 1664-1] New ekg packages fix denial of service,
Moritz Muehlenhoff
- Google Chrome Break,
Liu Die Yu
- Joomla Component JooBlog 0.1.1 (PostID) SQL Injection Vuln.,
Stephen Argent
- Re [WEB SECURITY] countermeasure against attacks through HTML shared files,
fcorella
- ooVoo 1.7.1.35 (URL Protocol) remote unicode buffer overflow poc,
Pyrokinesis
- [security bulletin] HPSBMA02380 SSRT080121 rev.2 - HP System Management Homepage (SMH) for HP-UX, Local Unauthorized Access,
security-alert
- [USN-669-1] gnome-screensaver vulnerabilities,
Marc Deslauriers
- [security bulletin] HPSBMA02385 SSRT080161 rev.1 - HP Service Manager (HPSM), Gain Extended Privileges,
security-alert
- rPSA-2008-0315-1 net-snmp net-snmp-client net-snmp-server net-snmp-utils,
rPath Update Announcements
- Re: Re: MS OWA 2003 Redirection Vulnerability - [MSRC 7368br],
Giuseppe Gottardi
- [SECURITY] [DSA 1665-1] New libcdaudio packages fix arbitrary code execution,
Moritz Muehlenhoff
- rPSA-2008-0318-1 initscripts,
rPath Update Announcements
- rPSA-2008-0316-1 kernel,
rPath Update Announcements
- Team SHATTER Security Advisory: Oracle Database SQL Injection in SYS.DBMS_CDC_IPUBLISH.ALTER_HOTLOG_INTERNAL_CSOURCE,
Shatter
- Team SHATTER Security Advisory: Oracle Database SQL Injection in SYS.DBMS_CDC_PUBLISH.ALTER_AUTOLOG_CHANGE_SOURCE,
Shatter
- Team SHATTER Security Advisory: Oracle Database multiple SQL Injection vulnerabilities in Workspace Manager,
Shatter
- [ MDVSA-2008:227 ] gnutls,
security
- Team SHATTER Security Advisory: Oracle Database Multiple SQL Injection vulnerabilities in LTADM,
Shatter
- Digital Armaments October-November Hacking Challenge: Linux Local Kernel Exploit (5,000$),
info
- New Whitepaper - .NET Framework Rootkits: Backdoors inside your Framework,
Erez Metula
- [USN-670-1] VMBuilder vulnerability,
Jamie Strandboge
- [ MDVSA-2008:228 ] mozilla-firefox,
security
- [ MDVSA-2008:229 ] clamav,
security
- ANNOUNCE: RFIDIOt release RFIDIOt-0.1u,
Adam Laurie
- Microsoft Windows Server Service (MS08-067) Exploit,
Debasis Mohanty
- [waraxe-2008-SA#068] - Sql Injection in vBulletin 3.7.3.pl1,
come2waraxe
- [ GLSA 200811-05 ] PHP: Multiple vulnerabilities,
Tobias Heinlein
- rPSA-2008-0321-1 enscript,
rPath Update Announcements
- Opera 9.6x file:// overflow,
send9
- Exodus v0.10 uri handler arbitrary parameter injection,
Pyrokinesis
- [waraxe-2008-SA#069] - Multiple Sql Injection in vBulletin 3.7.4,
come2waraxe
- [USN-671-1] MySQL vulnerabilities,
Marc Deslauriers
- Kimson cms cross site scripting vulnerability,
md . r00t . defacer
- rPSA-2008-0322-1 gnutls,
rPath Update Announcements
- [ MDVSA-2008:227-1 ] gnutls,
security
- [USN-667-1] Firefox and xulrunner vulnerabilities,
Jamie Strandboge
- [USN-672-1] ClamAV vulnerability,
Kees Cook
- [SECURITY] [DSA 1666-1] New libxml2 packages fix several vulnerabilities,
Moritz Muehlenhoff
- [ MDVSA-2008:230 ] firefox,
security
- [DSECRG-08-039] Local File Include Vulnerability in Pluck CMS 4.5.3,
Digital Security Research Group
- Outdated and vulnerable OpenSource libraries used in "Deutsche Telekom" home banking software,
Stefan Kanthak
- [security bulletin] HPSBST02386 SSRT080164 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-067 to MS08-069,
security-alert
- Black Hat November News: CFPS Now Open, Webinar 5 and Japan on-line.,
jmoss
- [USN-673-1] libxml2 vulnerabilities,
Kees Cook
- Firefox cross-domain image theft (CESA-2008-009),
Chris Evans
- Microsoft VISTA TCP/IP stack buffer overflow,
Thomas Unterleitner
- PR07-11: Cross-site Request Forgery (CSRF) on Sun Java System Identity Manager,
ProCheckUp Research
- Metasploit Framework 3.2 Released,
H D Moore
- Secunia Research: Streamripper Multiple Buffer Overflows,
Secunia Research
- PR08-09: Unauthenticated File Retrieval on Sun Java System Identity Manager "ext" parameter,
ProCheckUp Research
- [ MDVSA-2008:231 ] libxml2,
security
- PR07-40: Authentication Bypass, Passwords Leakage and SNMP Injection on 3Com AP 8760,
ProCheckUp Research
- [SECURITY] [DSA 1667-1] New python2.4 packages fix several vulnerabilities,
Moritz Muehlenhoff
- rPSA-2008-0325-1 libxml2,
rPath Update Announcements
- [ MDVSA-2008:232 ] dovecot,
security
- [USN-674-1] HPLIP vulnerabilities,
Marc Deslauriers
- [ MDVSA-2008:220-1 ] kernel,
security
- boastMachine v3.1 Remote Sql Injection,
r3d . w0rm
- [security bulletin] HPSBMA02388 SSRT080059 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Cross Site Scripting (XSS),
security-alert
- Social Engine 2.7 CRLF Injection + SQL injection,
office
- SecurityReason : PHP 5.2.6 (error_log) safe_mode bypass,
cxib
- [ MDVSA-2008:233 ] libcdaudio,
security
- ZDI-08-075: EMC Control Center SAN Manager Master SST_CTGTRANS Overflow Vulnerability,
zdi-disclosures
- ZDI-08-076: EMC Control Center SAN Manager SST_SENDFILE Remote File Retrieval Vulnerability,
zdi-disclosures
- KVIrc 3.4.2 Shiny (uri handler) remote command execution exploit,
Pyrokinesis
- OpenSSH security advisory: cbc.adv,
Damien Miller
- DDIVRT-2008-15 iPhone Configuration Web Utility 1.0 for Windows Directory Traversal,
vulnerabilityresearch
- [ MDVSA-2008:234 ] kernel,
security
- Adobe Flash Multiple Vulnerabilities,
iSEC Partners
- [SVRT-04-08] Vulnerability in WireShark 1.0.4 for DoS Attack,
svrt
- Re: Re: MS Internet Explorer 7 Denial Of Service Exploit,
craig
- [SECURITY] [DSA 1668-1] New hf packages fix execution of arbitrary code,
Steve Kemp
- rPSA-2008-0324-1 gvim vim vim-minimal,
rPath Update Announcements
- rPSA-2008-0327-1 httpd mod_ssl,
rPath Update Announcements
- rPSA-2008-0328-1 httpd mod_ssl,
rPath Update Announcements
- Wrong report: BID 32287, Pi3Web ISAPI DoS vulnerability,
zimpel
- [SECURITY] [DSA 1669-1] New xulrunner packages fix several vulnerabilities,
Moritz Muehlenhoff
- [ MDVSA-2008:235 ] mozilla-thunderbird,
security
- Revised: OpenSSH security advisory: cbc.adv,
Damien Miller
- Amaya (URL Bar) Remote Stack Overflow Vulnerability,
writ3r
- Amaya (id) Remote Stack Overflow Vulnerability,
writ3r
- [SVRT-05-08] Critical BoF vulnerability found in ffdshow affecting all internet browsers (SVRT-Bkis),
svrt
- Google Chrome MetaCharacter URI Obfuscation Vulnerability,
Aditya K Sood
- [USN-675-1] Pidgin vulnerabilities,
Marc Deslauriers
- [USN-676-1] WebKit vulnerability,
Marc Deslauriers
- FreeBSD Security Advisory FreeBSD-SA-08:11.arc4random,
FreeBSD Security Advisories
- [USN-675-2] Gaim vulnerability,
Marc Deslauriers
- [USN-674-2] HPLIP vulnerabilities,
Marc Deslauriers
- [SECURITY] [DSA 1670-1] New enscript packages fix arbitrary code execution,
Moritz Muehlenhoff
- WebStudio CMS 'pageid' Blind SQL Injection,
glafkos
- Siemens C450IP/C475IP DoS,
Martin Kluge
- [SECURITY] [DSA 1671-1] New iceweasel packages fix several vulnerabilities,
Moritz Muehlenhoff
- Re: Re: OpenSSH security advisory: cbc.adv,
"dennis jackson"
- CanSecWest 2009 CFP (March 18-20 2009, Deadline December 8 2008),
Dragos Ruiu
- MyBB 1.4.3 my_post_key Disclosure Vulnerability,
nbbn@xxxxxxx
- [USN-677-1] OpenOffice.org vulnerabilities,
Jamie Strandboge
- New tool and paper for Oracle forensics...,
David Litchfield
- [security bulletin] HPSBTU02382 SSRT080132 rev.1 - HP Secure Web Server for Tru64 UNIX or Internet Express for Tru64 UNIX running PHP, Remote Denial of Service (DoS) or Arbitrary Code Execution,
security-alert
- RSA EnVision Remote Password Disclosure,
nicolas . viot
- WordPress XSS vulnerability in RSS Feed Generator,
Jeremias Reith
- [CFP] FRHACK 01 Call For Papers (save the dates!),
Jerome Athias
- [USN-678-1] GnuTLS vulnerability,
Jamie Strandboge
- [USN-668-1] Thunderbird vulnerabilities,
Jamie Strandboge
- Updated: Google Chrome 0.4.154.25 URI Meta Character URL Obfuscation,
Aditya K Sood
- XSS in Internet Explorer 6 and 7,
MustLive
- WHMCS V3.7.1 Sensible Information Disclosure,
julianrdz91
- FreeRainbowTables.com has changed generation platform,
Jerome Athias
- [HACKATTACK Advisory 20081127]Social Impress CMS 1.1 - Session Fixation,
office
- [USN-680-1] Samba vulnerability,
Marc Deslauriers
- AssoCIateD 1.4.4 Remote Cross Site Scripting Vulnerability,
tan_prathan
- DC4420 - DEFCON London - Christmas meeting - Tuesday 2nd December 2008,
Major Malfunction
- SecurityReason : PHP 5.2.6 dba_replace() destroying file,
cxib
- [tool] Exomind v0.2 is out!,
Jose Orlicki
- [SECURITY] [DSA 1672-1] New imlib2 packages fix arbitrary code execution,
Moritz Muehlenhoff
Mail converted by MHonArc