Mail Thread Index

Date Index

phpMyConferences <= 8.0.2 Remote File Inclusion , mfp . c
- <Possible follow-ups>
- Re: phpMyConferences <= 8.0.2 Remote File Inclusion , Steven M. Christey
ActiveX security leaks in the TV owned web game platform , maxgipeh
Hawking Technology wireless router WR254-CA DNS issue , Nikolai Grigoriev
[ MDKSA-2006:193 ] - Updated ImageMagick packages fix vulnerabilities , security
[ MDKSA-2006:194 ] - Updated PostgreSQL packages fix vulnerabilities , security
SQL Injection Vulnerability in bfExplorer 0.0.6 , security
Sun java System Messenger Express XSS , handrix
New Flaw in Firefox 2.0: DoS and possible remote code execution , xxxx
- Re: New Flaw in Firefox 2.0: DoS and possible remote code execution , Josh Bressers
- Re: New Flaw in Firefox 2.0: DoS and possible remote code execution , Gouki
- Re: New Flaw in Firefox 2.0: DoS and possible remote code execution , Jan Heisterkamp
- <Possible follow-ups>
- Re: Re: New Flaw in Firefox 2.0: DoS and possible remote code execution , xxxx
  - Re: New Flaw in Firefox 2.0: DoS and possible remote code execution , Daniel Veditz
  - Re[3]: New Flaw in Firefox 2.0: DoS and possible remote code execution , 3APA3A
    - Re: New Flaw in Firefox 2.0: DoS and possible remote code execution , Jerome Athias
      - Re[2]: New Flaw in Firefox 2.0: DoS and possible remote code execution , 3APA3A
Re: freenews---> fileinclude , pokley
- <Possible follow-ups>
- Re: freenews---> fileinclude , pokley
Authentication bypass in BytesFall Explorer , RedTeam Pentesting
[SECURITY] [DSA 1201-1] New ethereal packages fix denial of service , Moritz Muehlenhoff
[SECURITY] [DSA 1202-1] New screen packages fix arbitrary code execution , Moritz Muehlenhoff
PHP-Nuke <= 7.9 Journal module (search.php) "forwhat" SQL Injection vulnerability , paisterist . nst
Cross Site Scripting (XSS) Vulnerability in iPlanet Messaging Server Messenger Express by "Sun" , LegendaryZion
Directory listing on B-FOCuS Wireless 802.11b/g ADSL2+ Router by "ECI Telecom LTD" , LegendaryZion
Cross Site Scripting (XSS) Vulnerability in Web Mail service by "Walla! Communications LTD" , LegendaryZion
iDefense Security Advisory 10.27.06: Novell eDirectory NMAS BerDecodeLoginDataRequeset DoS Vulnerability , iDefense Labs
iDefense Security Advisory 10.31.06: Novell iManager Tomcat DoS Vulnerability , iDefense Labs
iDefense Security Advisory 10.31.06: Sophos Anti-Virus Petite File Denial of Service Vulnerability , iDefense Labs
Multiple XSS Vulnerabilities in Zend Google Data Client Library Preview 0.2.0 , security
Re: Re: Simple Machines Forum (SMF) XSS issue , oldiesmann
[USN-370-1] screen vulnerability , Kees Cook
[USN-371-1] Ruby vulnerability , Kees Cook
Cross Site Scripting (XSS) Vulnerability in Netquery by "VIRtech" , LegendaryZion
- <Possible follow-ups>
- Re: Cross Site Scripting (XSS) Vulnerability in Netquery by "VIRtech" , rvirtue
Re: phpLedAds 2.0(dir) File Include , Stefano Zanero
Cisco Security Advisory: Cisco Security Agent Management Center LDAP Administrator Authentication Bypass , Cisco Systems Product Security Incident Response Team
[USN-373-1] mutt vulnerabilities , Kees Cook
Asterisk Local and Remote Denial of Service vulnerability , sil
tikiwiki 1.9.5 mysql password disclosure & xss , securfrog
- <Possible follow-ups>
- Re: tikiwiki 1.9.5 mysql password disclosure & xss , FBI
- Re: tikiwiki 1.9.5 mysql password disclosure & xss , drunken_chin
Outpost Insufficient validation of 'SandBox' driver input buffer , Matousec - Transparent security Research
rPSA-2006-0202-1 tshark wireshark , rPath Update Announcements
[security bulletin] HPSBUX02172 SSRT061269 rev.1 - HP-UX VirtualVault running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), and Unauthorized Access , security-alert
Re: PLS-Bannieres 1.21 (bannieres.php) File Include , Stefano Zanero
[security bulletin] HPSBUX02164 SSRT061265 rev.1 - HP-UX VirtualVault Running Apache 1.3.X Remote Denial of Service (DoS) and Arbitrary Code Execution , security-alert
[security bulletin] HPSBUX02165 SSRT061266 rev.1 - HP-UX VirtualVault Remote Unauthorized Access , security-alert
[USN-374-1] wvWare vulnerability , Kees Cook
[security bulletin] HPSBUX02091 SSRT061099 rev.2 - HP-UX Local Increased Privilege , security-alert
Internet Explorer 7 - Still Spyware Writers' Heaven , avivra
- RE: Internet Explorer 7 - Still Spyware Writers' Heaven , Roger A. Grimes
  - Re: Internet Explorer 7 - Still Spyware Writers' Heaven , Eliah Kagan
    - Re: Internet Explorer 7 - Still Spyware Writers' Heaven , Thierry Zoller
    - Message not available
      - Re: Internet Explorer 7 - Still Spyware Writers' Heaven , Eliah Kagan
    - RE: Internet Explorer 7 - Still Spyware Writers' Heaven , Roger A. Grimes
Multiple vulnerabilities in SAP Web Application Server 6.40 and 7.00 , Nicob
how to trick most of cms avatar upload filter [exemple for : RunCms (PoC)] , securfrog
- Re: how to trick most of cms avatar upload filter [exemple for : RunCms (PoC)] , Taneli Leppä
  - Re: how to trick most of cms avatar upload filter [exemple for : RunCms (PoC)] , Taneli Leppä
    - RE: how to trick most of cms avatar upload filter [exemple for : RunCms (PoC)] , Richard Stanway
- Re: how to trick most of cms avatar upload filter [exemple for : RunCms (PoC)] , Paul Laudanski
Advisory 12/2006: phpMyAdmin - error.php XSS Vulnerability , Stefan Esser
Firefox 1.5.0.7 Exploit , koenig
- Re: Firefox 1.5.0.7 Exploit , Robert McGrew
- Re: Firefox 1.5.0.7 Exploit , Bram Dumolin
- Re: Firefox 1.5.0.7 Exploit , Martin Pitt
- Re: Firefox 1.5.0.7 Exploit , Lubomir Kundrak
- <Possible follow-ups>
- Re: Firefox 1.5.0.7 Exploit , OOZIE
iodine client 0.3.2 buffer overflow , poplix
[SECURITY] [DSA 1203-1] New libpam-ldap packages fix access control bypass , Moritz Muehlenhoff
[security bulletin] HPSBMA02159 SSRT061238 rev.1 - HP System Management Homepage (SMH), Remote Bypassing of Security Features or Cross Site Scripting or Denial of Service (DoS) , security-alert
[USN-375-1] PHP vulnerability , Martin Pitt
Educational write-up by Amit Klein: "A Refreshing Look at Redirection" , Amit Klein
Advisory 13/2006: PHP HTML Entity Encoder Heap Overflow Vulnerability , Stefan Esser
EUSecWest/London CFP extended to Nov. 7 , Dragos Ruiu
[ MDKSA-2006:196 ] - Updated php packages to address buffer overflow issue , security
[ MDKSA-2006:195 ] - Updated wireshark packages fix multiple vulnerabilities , security
Re: Digital Armaments Security Advisory 10.07.2006: Flexwath Authorization Bypassing and XSS Vulnerability , sales
Re: Multiple vulnerabilities in SAP Web Application Server 6.40 and7.00 , harrisonholland
- Re: Multiple vulnerabilities in SAP Web Application Server 6.40 and7.00 , Nicob
  - Re: Multiple vulnerabilities in SAP Web Application Server 6.40 and7.00 , Nicob
[ GLSA 200611-01 ] Screen: UTF-8 character handling vulnerability , Matthias Geerdsen
[SECURITY] [DSA-1205-1] New thttpd packages fix insecure temporary file creation , Steve Kemp
SIMPLOG 0.9.3 injection sql & multiple xss , saps . audit
[ MDKSA-2006:197 ] - Updated kernel packages fix multiple vulnerabilities and bugs , security
XSS in script Mobile , m-0-t
ZDI-06-036: Novell Netmail User Authentication Buffer Overflow Vulnerability , zdi-disclosures
[USN-376-1] imlib2 vulnerabilities , Kees Cook
[OpenPKG-SA-2006.030] OpenPKG Security Advisory (ruby) , OpenPKG
MajorSecurity Advisory #31]Xenis.creator CMS - Multiple Cross Site Scripting and SQL Injection Issues , admin
- <Possible follow-ups>
- Re: MajorSecurity Advisory #31]Xenis.creator CMS - Multiple Cross Site Scripting and SQL Injection Issues , saps . audit
[OpenPKG-SA-2006.028] OpenPKG Security Advisory (php) , OpenPKG
Web Directory Pro bypass Vulnerabilities , hack2prison
[OpenPKG-SA-2006.029] OpenPKG Security Advisory (bind) , OpenPKG
[USN-378-1] RPM vulnerability , Kees Cook
[MajorSecurity Advisory #30]admin.tool 3 CMS - Multiple Cross Site Scripting Issues , admin
[USN-377-1] NVIDIA vulnerability , Kees Cook
IF-CMS multiples XSS vunerabilities , saps . audit
@cid stats v2.3 File Include , mahmood ali
- Re: @cid stats v2.3 File Include , Heiko Wundram
Article Script v1.*and v1.6.3 Sql injection , liz0
Stanford university SCARF user editing , navairum
PHP Rapid Kill All Version File Injection , null_hack
[ECHO_ADV_57_2006]Soholaunch Pro <=4.9 r36 Multiple Remote File Inclusion Vulnerability , erdc
Mail Drives Security Considerations , darkz . gsa
[ECHO_ADV_58_2006]Cyberfolio <=2.0 RC1 $av Remote File Inclusion Vulnerability , erdc
[ECHO_ADV_59_2006]Agora 1.4 RC1 "$_SESSION[PATH_COMPOSANT]" Remote File Inclusion Vulnerability , erdc
[ECHO_ADV_60_2006] OpenEMR <=2.8.1 Multiple Remote File Inclusion Vulnerability , erdc
AIOCP <=1.3.007 multiples vulnerabilities [sql , remote file include , xss] , saps . audit
Joomla 1.0.11 Remote File Include , root
- Antwort: Joomla 1.0.11 Remote File Include , srunschke
MWChat pro V 7.0 <= (CONFIG[MWCHAT_Libs]) Remote File Include Vulnerability , -= SHELL =- -= SHELL =-
Cross Site Scripting (XSS) Vulnerability in IBM WebSphere Application Server , ProCheckUp Research
TSLSA-2006-0061 - multi , Trustix Security Advisor
[ GLSA 200611-02 ] Qt: Integer overflow , Matthias Geerdsen
Ariadne <= 2.4.1 Multiple Remote File Include Vulnerabilities(New) , ajannhwt
MajorSecurity Advisory #32]phpComasy CMS - Multiple Cross Site Scripting Issues , admin
[SECURITY] [DSA 1204-1] New ingo1 packages fix arbitrary shell command execution , Moritz Muehlenhoff
[SECURITY] [DSA 1206-1] New php4 packages fix several vulnerabilities , Moritz Muehlenhoff
XSS Vulnerability in Zend Framework Preview 0.2.0 , security
Hotmail and Windows Live Mail XSS Vulnerabilities , applesoup
- Message not available
  - Re: Hotmail and Windows Live Mail XSS Vulnerabilities , HASEGAWA Yosuke
Advanced Guestbook 2.3.1 (Admin.php) Remote File Include , broken-proxy
- <Possible follow-ups>
- Re: Advanced Guestbook 2.3.1 (Admin.php) Remote File Include , simo64
VulnDisco Pack for Metasploit , Evgeny Legerov
ZDI-06-037: America Online ICQ ActiveX Control Code Execution Vulnerability , zdi-disclosures
IE7 website security certificate discrediting exploit , inge_eivind . henriksen
- <Possible follow-ups>
- Re: IE7 website security certificate discrediting exploit , inge_eivind . henriksen
GreenBeast CMS <= 1.3 PHP Arbitrary File Upload Vulnerability , skulmatic
[USN-376-2] imlib2 regression fix , Kees Cook
[ MDKSA-2006:199 ] - Updated libx11 packages fix file descriptor leak vulnerability , security
[ MDKSA-2006:198 ] - Updated imlib2 packages fix several vulnerabilities , security
News publication system remote File include , navairum
DigiOz Guestbook version 1.7 Path Disclosure Vulnerability in list.php , jesper . jurcenoks
- <Possible follow-ups>
- DigiOz Guestbook version 1.7 Path Disclosure Vulnerability in list.php , Jesper Jurcenoks
[ MDKSA-2006:200 ] - Updated rpm packages fix vulnerability , security
Minimizing error cascades in vulnerability information management , Steven M. Christey
WarFTPd 1.82.00-RC11 Remote Denial Of Service , Joxean Koret
XSS in Kayako SupportSuite v3.00.32 , hacker hackers
[ GLSA 200611-03 ] NVIDIA binary graphics driver: Privilege escalation vulnerability , Raphael Marichez
- Re: [ GLSA 200611-03 ] NVIDIA binary graphics driver: Privilege escalation vulnerability , Nick Boyce
  - Re: [ GLSA 200611-03 ] NVIDIA binary graphics driver: Privilege escalation vulnerability , Raphael Marichez
    - Re: [ GLSA 200611-03 ] NVIDIA binary graphics driver: Privilege escalation vulnerability , Nick FitzGerald
  - Re: [ GLSA 200611-03 ] NVIDIA binary graphics driver: Privilege escalation vulnerability , Glynn Clements
WFTPD Pro Server 3.23 Buffer Overflow , Joxean Koret
[ MDKSA-2006:201 ] - Updated pam_ldap packages fix PasswordPolicyReponse coding error , security
[OpenPKG-SA-2006.032] OpenPKG Security Advisory (openssh) , OpenPKG
Call for papers: ARES 2007 submission deadline approaches in 2 weeks: 19-11-2006 , Manh Tho
[ MDKSA-2006:198-1 ] - Updated imlib2 packages fix several vulnerabilities , security
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Secure Desktop , Cisco Systems Product Security Incident Response Team
Y.A.N.S sql injection , navairum
PhpMyChat Plus <= 1.9 Multiple Source Code Disclosure Vulnerabilities , ajannhwt
PhpMyChat <= 0.14.5 Source Code Disclosure Vulnerability , ajannhwt
[ MDKSA-2006:203 ] - Updated texinfo packages fix vulnerability , security
Lotus Notes pre-login User.ID key leak , Andrew Christensen
iDefense Security Advisory 11.08.06: IBM Lotus Domino 7 tunekrnl Multiple Vulnerabilities , iDefense Labs Security Advisories
Portix-PHP [login bypass & xss (post)] , saps . audit
phpsatk => Remote File Include Vulnerability EXploit , h4ck3riran
TSRT-06-13: HP OpenView Client Configuration Manager Device Code Execution Vulnerability , TSRT
Abarcar Realty Portal [injection sql] , saps . audit
iDefense Security Advisory 11.08.06: Cisco Secure Desktop Privilege Escalation Vulnerability , iDefense Labs
knowledgeBuilder v.2.2.php.NuLL-WDYL=> Remote File Include Vulnerability , h4ck3riran
Speedwiki 2.0 Arbitrary File Upload Vulnerability , saps . audit
[ MDKSA-2006:202 ] - Updated wv packages fix vulnerabilities , security
Immediacy .NET CMS possibly vulnerable to Cross Site Scripting through a malformed cookie , ProCheckUp Research
FreeWebshop <=2.2.2 [local file include & xss] , saps . audit
FreeBSD Security Advisory FreeBSD-SA-06:24.libarchive , FreeBSD Security Advisories
omnistar article manager [multiples injection sql] , saps . audit
[ MDKSA-2006:204 ] - Updated openssh packages fix vulnerability , security
bitweaver <=1.3.1 [injection sql (post) & xss (post)] , saps . audit
GNU gv Stack Overflow Vulnerability , Renaud Lifchitz
- Re: GNU gv Stack Overflow Vulnerability , Noam Rathaus
[SECURITY] [DSA 1207-1] New phpmyadmin packages fix several vulnerabilities , Moritz Muehlenhoff
LandShop Real Estate [multiple injection sql & xss] , saps . audit
[USN-379-1] texinfo vulnerability , Kees Cook
Wheatblog [multiple xss (post) & full path disclosure] , saps . audit
[security bulletin] HPSBMA02167 SSRT061262 rev.2 - HP OpenView Client Configuration Manager (CCM), Remote Unauthorized Arbitrary Code Execution or Denial of Service (DoS) , security-alert
[ GLSA 200611-04 ] Bugzilla: Multiple Vulnerabilities , Matthias Geerdsen
rPSA-2006-0204-1 kernel , rPath Update Announcements
rPSA-2006-0205-1 php php-mysql php-pgsql , rPath Update Announcements
rPSA-2006-0206-1 firefox thunderbird , rPath Update Announcements
rPSA-2006-0207-1 openssh openssh-client openssh-server , rPath Update Announcements
[ MDKSA-2006:205 ] - Updated Firefox packages fix multiple vulnerabilities , security
[ MDKSA-2006:206 ] - Updated Thunderbird packages fix multiple vulnerabilities , security
[OpenPKG-SA-2006.033] OpenPKG Security Advisory (openldap) , OpenPKG
[ GLSA 200611-05 ] Netkit FTP Server: Privilege escalation , Raphael Marichez
[x0n3-h4ck]Essentia Web Server v.2.15 Buffer Overflow , corrado . liotta
- Re: [x0n3-h4ck]Essentia Web Server v.2.15 Buffer Overflow , Noam Rathaus
[x0n3-h4ck]Drake CMS v 0.2 XSS exploit , corrado . liotta
ZDI-06-039: Marshal MailMarshal ARJ Extraction Directory Traversal Vulnerability , zdi-disclosures
encapscms 0.3.6 - Remote File Include by Firewall , firewall1954
Estate Agent Manager <= v1.3 (default.asp) Remote Login ByPass SQL Injection Vulnerability , ajannhwt
Mega Mall [ multiples injection sql & full path disclosure ] , saps . audit
MyStats <=1.0.8 [injection sql, multiples xss, array & full path disclosure] , benjilenoob
TOPSTORY BASIC Version 1.0 => Remote File Include Vulnerability , stormhacker
PHPKit 1.6.1 RC2 (faq/faq.php) Remote SQL Injection Exploit , philipp . niedziela
[SECURITY] [DSA 1209-1] New trac packages fix cross-site request forgery , Moritz Muehlenhoff
UStore 1.0 (detail.asp) Remote SQL Injection Vulnerability , ajannhwt
Exophpdesk V1.2 - Remote File Include , firewall1954
Wordpress File Inclusion , vannovax
- Re: Wordpress File Inclusion , Expanders
- <Possible follow-ups>
- Re: Wordpress File Inclusion , emc3
[MajorSecurity Advisory #33]ShopSystems - SQL Injection Issue , admin
phpManta - Mdoc <= 1.0.2 (view-sourcecode.php) Local File Include Exploit , ajannhwt
AspPired2 Poll <= 1.0 (MoreInfo.asp) Remote SQL Injection Exploit , ajannhwt
NuCommunity 1.0 (cl_CatListing.asp) Remote SQL Injection Exploit , ajannhwt
Re: feedsplitter considered harmful , wmodes
NuRems 1.0 Remote XSS/SQL Injection Exploit , ajannhwt
NuStore 1.0 (Products.asp) Remote SQL Injection Vulnerability , ajannhwt
NuSchool 1.0 (CampusNewsDetails.asp) Remote SQL Injection Exploit , ajannhwt
[SECURITY] [DSA 1208-1] New bugzilla packages fix several vulnerabilities , Moritz Muehlenhoff
XSS in Email Signature Script , miladkaleh
infinicart [ multiples injection sql & xss (post) ] , saps . audit
shambo2 Component For Mambo 4.5 Remote File Inclusion Exploit , crackers_child
VBulletin DoS Exploit [ all Versions ] , root
- RE: VBulletin DoS Exploit [ all Versions ] , Bart Seresia
Web Interface remote file inclusion , navairum
Digipass Go3 Token Dumper (at least for 2006) , fcollyer
- Re: Digipass Go3 Token Dumper (at least for 2006) , Hugo van der Kooij
- <Possible follow-ups>
- Re: Re: Digipass Go3 Token Dumper (at least for 2006) , fcollyer
ZDI-06-038: Citrix MetaFrame IMA Management Module Remote Heap Overflow , zdi-disclosures
Phpjobscheduler 3.0 - Multiple Remote File Include , Firewall1954
- Re: Phpjobscheduler 3.0 - Multiple Remote File Include , Stefano Zanero
  - Re: Phpjobscheduler 3.0 - Multiple Remote File Include , str0ke
Phpdebug 1.1.0 - Remote File Include by Firewall , Firewall1954
ELOG Web Logbook Remote Denial of Service Vulnerability , OS2A BTO
UltraSite 1.0 (update.asp) Remote SQL Injection Vulnerability , ajannhwt
Asp Scripter Products (cpLogin.asp) Remote SQL ByPass Injection Vulnerability , ajannhwt
CPanel Multiple Cross Site Scription , Advisory
Old SAP exploits , Nicob
Property Pro v1.0 (vir_Login.asp) Remote Login ByPass SQL Injection Vulnerability , ajannhwt
ASPPortal <= 4.0.0 (default1.asp) Remote SQL Injection Exploit , ajannhwt
UPublisher 1.0 (viewarticle.asp) Remote SQL Injection Vulnerability , ajannhwt
[FLSA-2006:211760] Updated gzip package fixes security issues , David Eisenstein
[SECURITY] [DSA 1209-2] New trac packages fix cross-site request forgery , Moritz Muehlenhoff
DirectAdmin Multiple Cross Site Scription , Advisory
Challenges faced by automated web application security assessment tools , bugtraq
VMSA-2006-0006 - VMware ESX Server 2.5.3 Upgrade Patch 4 , VMware Security team
iDefense Security Advisory 11.09.06: Citrix Presentation Server 4.0 IMA Service Invalid Name Length DoS Vulnerability , iDefense Labs
SinFP 2.04 release, works under Windows , GomoR
[ GLSA 200611-06 ] OpenSSH: Multiple Denial of Service vulnerabilities , Raphael Marichez
[ GLSA 200611-08 ] RPM: Buffer overflow , Raphael Marichez
New Bug MiniBB Forum <= 2 Remote File Include (index.php) , philip anselmo
- <Possible follow-ups>
- Re: New Bug MiniBB Forum <= 2 Remote File Include (index.php) , navairum
VMSA-2006-0007 - VMware ESX Server 2.1.3 Upgrade Patch 2 , VMware Security team
VMSA-2006-0005 - VMware ESX Server 2.5.4 Upgrade Patch 1 , VMware Security team
Online Event Registration <= v2.0 (save_profile.asp) Remote User Pass Change Exploit , ajannhwt
VMSA-2006-0009 - VMware ESX Server 3.0.0 AMD fxsave/restore issue , VMware Security team
VMSA-2006-0008 - VMware ESX Server 2.0.2 Upgrade Patch 2 , VMware Security team
[ GLSA 200611-07 ] GraphicsMagick: PALM and DCM buffer overflows , Raphael Marichez
[SECURITY] [DSA 1210-1] New Mozilla Firefox packages fix several vulnerabilities , Martin Schulze
Real Estate Listing System SQL Injection , Advisory
ASPintranet SQL Injection , Advisory
- <Possible follow-ups>
- ASPintranet SQL Injection , Advisory
SiteXpress SQL Injection , Advisory
WWWeb Cocepts SQL Injection , Advisory
Ustore SQL Injection , Advisory
eShopping SQL Injection , Advisory
Advisory 14/2006: Dotdeb PHP Email Header Injection Vulnerability , Stefan Esser
- Re: Advisory 14/2006: Dotdeb PHP Email Header Injection Vulnerability , Marcello Barnaba
ECommerce Store Shop Builder , Advisory
Engine Manager SQL Injection , Advisory
BPG Content Management System SQL Injection , Advisory
Apple Safari "match" Buffer Overflow Vulnerability , jbh_cg
- Re: Apple Safari "match" Buffer Overflow Vulnerability , J. Oquendo
Evolve Merchant[ injection sql ] , saps . audit
Inventory Manager [injection sql & xss (get)] , saps . audit
Car Site Manager [injection sql & xss (get)] , saps . audit
FunkyASP Glossary v1.0 [injection sql] , saps . audit
Blogme v3 [admin login bypass & xss (post)] , saps . audit
Property Site Manager [login bypass ,multiples injection sql & xss (get)] , saps . audit
[Fwd: DMA[2006-1031a] - 'Intego VirusBarrier X4 definition bypass exploit'] , K F (lists)
[Fwd: OpenBase SQL multiple vulnerabilities Part Deux] , K F (lists)
EEYE: Workstation Service NetpManageIPCConnect Buffer Overflow , eEye Advisories
- Re: EEYE: Workstation Service NetpManageIPCConnect Buffer Overflow , security-list
ZDI-06-040: WinZip FileView ActiveX Control Unsafe Method Exposure Vulnerability , zdi-disclosures
- Re: [Full-disclosure] ZDI-06-040: WinZip FileView ActiveX Control Unsafe Method Exposure Vulnerability , Micheal Turner
ZDI-06-041: Microsoft Internet Explorer CSS Float Property Memory Corruption Vulnerability , zdi-disclosures
A+ Store E-Commerce[ injection sql & xss (post) ] , saps . audit
A-Cart pro[ injection sql (post&get)] , saps . audit
hpecs shopping cart[login bypass & injection sql (post)] , saps . audit
Dragon calendar [ login bypass & injection sql ] , saps . audit
[SECURITY] [DSA 1211-1] New pdns packages fix arbitrary code execution , Moritz Muehlenhoff
MultiCalendars [ multiples injection sql ] , saps . audit
NetBSD all versions FireWire IOCTL kernel integer overflow information disclousure , Rodrigo Rubira Branco (BSDaemon)
[OpenPKG-SA-2006.034] OpenPKG Security Advisory (texinfo) , OpenPKG
DragonFlyBSD all versions FireWire IOCTL kernel integer overflow information disclousure , Rodrigo Rubira Branco (BSDaemon)
TrustedBSD* all versions FireWire IOCTL kernel integer overflow information disclousure , Rodrigo Rubira Branco (BSDaemon)
TSLSA-2006-0063 - multi , Trustix Security Advisor
[ MDKSA-2006:207 ] - Updated bind packages fixes RSA signature verification vulnerability , security
[SECURITY] [DSA 1212-1] New openssh packages fix denial of service , Noah Meyerhans
Outpost Multiple insufficient argument validation of hooked SSDT function Vulnerability , Matousec - Transparent security Research
E-Calendar Pro 3.0 [ login bypass & injection sql (post)] , saps . audit
Helm Cross-Site Scripting (XSS) , Advisory
FreeBSD all versions FireWire IOCTL kernel integer overflow information disclousure , Rodrigo Rubira Branco (BSDaemon)
- Re: FreeBSD all versions FireWire IOCTL kernel integer overflow information disclousure , Lucas Holt
- <Possible follow-ups>
- RE: FreeBSD all versions FireWire IOCTL kernel integer overflow information disclousure , Rogier Mulhuijzen
[ MDKSA-2006:208 ] - Updated openldap packages fixes Bind vulnerability , security
Bloo => 1.00 Cross Site Scripting , the_3dit0r
E-commerce Kit 1 PayPal Edition [ injection sql ] , saps . audit
MetaCart e-Shop [multiples injection sql (get & post)] , saps . audit
Xtreme ASP Photo Gallery Cross Site Scripting And SQL Injection , Advisory
discloser => 0.0.4 Remote File Include Vulnerabilities , the_3dit0r
Hot Links download backup authorized vulnerabilities , hack2prison
PhpMyAdmin all version [multiples vulnerability] , saps . audit
[MajorSecurity Advisory #34]Plesk 8 - Multiple Cross Site Scripting Issues , admin
OdysseusBlog => 1.0.0 Cross Site Scripting , the_3dit0r
Bloo => 1.00 Remote File Include Vulnerability , the_3dit0r
Team Evil - Incident #2 , beSIRT
Chetcpasswd 2.x: multiple vulnerabilities , riclem
Secunia Research: MDaemon Insecure Default Directory Permissions , Secunia Research
dev_wms => 1.5 Remote File Include Vulnerabilities , the_3dit0r
- Re: dev_wms => 1.5 Remote File Include Vulnerabilities , Stefano Zanero
discloser => 0.0.4 Remote File Include Vulnerability Exploit , the_3dit0r
Etomite CMS 0.6.1.2 Multiple Vulnerabilities ( Sql Injection + Local file inclusion ) , revenge
- <Possible follow-ups>
- Re: Etomite CMS 0.6.1.2 Multiple Vulnerabilities ( Sql Injection + Local file inclusion ) , dean
eShopping Cart [injection sql] , saps . audit
Whitepaper: Implementing and Detecting a PCI Rootkit , John Heasman
Vulnerabilities in Client Service for NetWare , Avert
CandyPress Store[ multiples injection sql ] , saps . audit
BaalAsp forum [login bypass ,injections sql(post), xss(post)] , saps . audit
ZDI-06-042: Verity Ultraseek Request Proxying Vulnerability , zdi-disclosures
Helm Cross Site Scripting , Advisory
Myphotos => Remote File Include Vulnerability Exploit , the_3dit0r
i-Gallery 3.4 Cross Site Scripting , Advisory
Sphpblog => 0.8 Cross Site Scripting , the_3dit0r
BlogTorrent-preview => 0.92 Cross Site Scripting , the_3dit0r
Comdev One Admin Pro.v4.1 ( path[skin] ) Remote File include , AG- Spider
ASP Cart [multiples injection sql (post & get)] , saps . audit
worksystem => Remote File Include Vulnerability Exploit , the_3dit0r
Hot Links download backup authorized vulnerabilities (re-post with some edit) , hack2prison
eggblog=> 3.1.0 Cross Site Scripting , the_3dit0r
Secunia Research: Panda ActiveScan Multiple Vulnerabilities , Secunia Research
UK Security Convention - Continuity 2006 , Manchester 2600
Links smbclient command execution , Teemu Salmela
rPSA-2006-0211-1 libpng , rPath Update Announcements
Image gallery with Access Database SQL Injection , Advisory
My-BIC => 0.6.5 Remote File Include Vulnerability Exploit , the_3dit0r
blogcms => 4.0.0 Remote File Include , the_3dit0r
- Re: blogcms => 4.0.0 Remote File Include , Stefano Zanero
RED Blog => Remote File Include Vulnerability Exploit , the_3dit0r
Storystream => 4.0 Remote File Include Vulnerability Exploit , the_3dit0r
Pilot Cart V.7.2 [ injection sql (post) ] , saps . audit
[ MDKSA-2006:209 ] - Updated libpng packages fix vulnerabilities , security
Kerio WebSTAR local privilege escalation , K F (lists)
[ MDKSA-2006:211 ] - Updated pxelinux packages to fix embedded libpng vulnerabilities , security
[ MDKSA-2006:210 ] - Updated syslinux packages to fix embedded libpng vulnerabilities , security
[OpenPKG-SA-2006.035] OpenPKG Security Advisory (proftpd) , OpenPKG
Active News Manager [ injection sql (post&get)] , saps . audit
[ MDKSA-2006:212 ] - Updated doxygen packages to fix embedded libpng vulnerabilities , security
[ MDKSA-2006:213 ] - Updated chromium packages to fix embedded libpng vulnerabilities , security
[OpenPKG-SA-2006.036] OpenPKG Security Advisory (png) , OpenPKG
[USN-383-1] libpng vulnerability , Kees Cook
[security bulletin] HPSBMA02088 SSRT051026 rev. 2 - HP-UX running WBEM Services Denial of Service (DoS) , security-alert
[ GLSA 200611-09 ] libpng: Denial of Service , Sune Kloppenborg Jeppesen
TSLSA-2006-0065 - libpng , Trustix Security Advisor
[ GLSA 200611-10 ] WordPress: Multiple vulnerabilities , Sune Kloppenborg Jeppesen
[Aria-Security] CPanel Network Tools Cross Site Scripting [Advisory] , Advisory
20/20 auto gallery [ multiples injection sql ] , saps . audit
20/20 real estate [ multiples injection sql ] , saps . audit
TFTPD32 v3.01 TFTP Server Long File Name Buffer Overflow Vulnerability , liuqx
[Reversemode advisory] Computer Associates HIPS Drivers - multiple local privilege escalation vulnerabilities. , Reversemode
- RE: [Reversemode advisory] Computer Associates HIPS Drivers - multiple local privilege escalation vulnerabilities. , Williams, James K
Sphpblog => 0.8 Remote File Include Vulnerabilities , the_3dit0r
Aspmforum [ multiples injection sql (get&post)] , saps . audit
igital Armaments November-Decemberr Hacking Challenge: KERNEL Remote , info
XSS vBulletin 3.6.X Admin Control Painel , insanity
Dating Site [ login bypass & xss] , saps . audit
MosReporter Joomla Component Remote File Inclusion Exploi , crackers_child
20/20 datashed [ multiples injection sql ] , saps . audit
Re: Airmagnet management interfaces multiple vulnerabilities , ckuan
Infinitytechs Restaurants CM , saps . audit
[ MDKSA-2006:214 ] - Updated gv packages fix buffer overflow vulnerability , security
A-Cart PRO SQL Injection , Advisory
- <Possible follow-ups>
- Re: A-Cart PRO SQL Injection , gmdarkfig
[MajorSecurity Advisory #36]dev4u CMS - Multiple SQL Injection and Cross Site Scripting Issues , admin
Sage cross-context scripting -> LOCAL-CONTEXT SCRIPTING , pagvac
PhpBB Module Dimension Remote File Include , bluespy . ok
- <Possible follow-ups>
- PhpBB Module Dimension Remote File Include , bluespy . ok
[ MDKSA-2006:164-1 ] - Updated xorg-x11/XFree86 packages fix integer overflow vulnerabilities , security
Oxygen <= 1.1.3 (O2PHP Bulletin Board) SQL Injection , gmdarkfig
[Aria-Security's Research Team] Texas Rank'em SQL Injection Vulnerabilite , Advisory
Drone Armies C&C Report - 17 Nov 2006 , c2report
Vikingboard (0.1.2) [ multiples vulnerability ] , saps . audit
BLOG:CMS <= 4.1.3 XSS , katatafish
[Aria-Security's Research Team] ActiveNews Manager SQL Injection Vulnerabilite , Advisory
- <Possible follow-ups>
- Re: [Aria-Security's Research Team] ActiveNews Manager SQL Injection Vulnerabilite , gmdarkfig
[MajorSecurity Advisory #35]Travelsized CMS - Multiple Cross Site Scripting Issues , admin
linksys wrt54g v5 authentication bypass fixed , Ginsu Rabbit
A-Cart 2.0 SQL Injection , Advisory
GPhotos 1.5 Multiple vulnerabilities , tux025
- Re: GPhotos 1.5 Multiple vulnerabilities , packet
[Full-disclosure] Regarding the heap spray. , . Solo
Dovecot IMAP/POP3 server: Off-by-one buffer overflow , Timo Sirainen
LoudMouth => 2.4 Remote File Include Vulnerabilities , the_3dit0r
Telaen <= 1.1.0 Remote File Include Exploit , the_3dit0r
Ixprim CMS 1.2 Remote File Include Vulnerability , vitux . manis
Rapid Classified v3.1 [multiple xss (get) & injection sql] , saps . audit
Digital Armaments November-Decemberr Hacking Challenge: KERNEL , info
[SECURITY] [DSA 1213-1] New imagemagick packages fix several vulnerabilities , Moritz Muehlenhoff
PhpQuickGallery <= 1.9 Remote File Inclusion Exploit , the_3dit0r
ASPNuke <= 0.80 (register.asp) Remote SQL Injection Vulnerability , ajannhwt
ehomes [multiples injections sql] , saps . audit
PHPOLL => 0.96 Cross Site Scripting , the_3dit0r
Serious crypto problem fixed by envelope HMAC method insteadof currently used prefix , Omirjan Batyrbaev
- Re: Serious crypto problem fixed by envelope HMAC method insteadof currently used prefix , Omirjan Batyrbaev
- Correction: Re: Serious crypto problem fixed by envelope HMAC method insteadof currently used prefix , Omirjan Batyrbaev
  - Re: Correction: Re: Serious crypto problem fixed by envelope HMAC method insteadof currently used prefix , Steve Friedl
eClassifieds [injection sql] , saps . audit
Rialto 1.6[admin login bypass & multiples injections sql] , saps . audit
gNews Publisher SQL Injection Vulnerabilites , Advisory
Shopping_Catalog Remote File Include exploit , the_3dit0r
dicshunary 0.1 alpha Remote File Inclusion Exploit , the_3dit0r
enomphp => 4.0 Remote Traversal Directory , the_3dit0r
DodosMail <= 2.0.1(dodosmail.php) Remote File Inclusion Exploit , the_3dit0r
klf-realty [injection sql] , saps . audit
iPrimal Forums (index.php) Remote File Include Exploit , the_3dit0r
mg.applanix <= 1.3.1 Remote File Include Exploit , the_3dit0r
mxBB calsnails module 1.06 Remote File Inclusion Exploit , the_3dit0r
Telaen => 1.1.0 Remote File Include Vulnerability , the_3dit0r
[SECURITY] [DSA 1214-1] New gv packages fix arbitrary code execution , Moritz Muehlenhoff
[ MDKSA-2006:217 ] - Updated proftpd packages fix vulnerabilities , security
- Re: [ MDKSA-2006:217 ] - Updated proftpd packages fix vulnerabilities , research
The Week of Oracle Database Bugs , Cesar
[ GLSA 200611-13 ] Avahi: "netlink" message vulnerability , Sune Kloppenborg Jeppesen
[SECURITY] [DSA 1217-1] New linux-ftpd packages fix access control bypass , Moritz Muehlenhoff
MyAlbum <= 3.02 (langs_dir) Remote File Inclusion Exploit , the_3dit0r
[ GLSA 200611-12 ] Ruby: Denial of Service vulnerability , Sune Kloppenborg Jeppesen
[ GLSA 200611-14 ] TORQUE: Insecure temproary file creation , Sune Kloppenborg Jeppesen
[SECURITY] [DSA 1216-1] New flexbackup packages fix denial of service , Moritz Muehlenhoff
[ MDKSA-2006:215 ] - Updated avahi packages fix netlink vulnerability , security
BirdBlog => v1.4.0 Cross Site Scripting , the_3dit0r
Wabbit PHP Gallery => 0.9 Remote Traversal Directory , the_3dit0r
[SECURITY] [DSA 1215-1] New xine-lib packages fix execution of arbitrary code , Moritz Muehlenhoff
mAlbum v0.3 Multiple vulnerabilitizzz , tux025
my little weblog => Cross Site Scripting , the_3dit0r
[ GLSA 200611-11 ] TikiWiki: Multiple vulnerabilities , Sune Kloppenborg Jeppesen
- <Possible follow-ups>
- Re: [ GLSA 200611-11 ] TikiWiki: Multiple vulnerabilities , saps . audit
  - Re: [ GLSA 200611-11 ] TikiWiki: Multiple vulnerabilities , Chris Gianelloni
Classified System [injection sql] , saps . audit
ltwCalendar => 4.2.1 Remote File Include Vulnerabilities , the_3dit0r
[SECURITY] [DSA 1207-2] New phpmyadmin packages fix regression , Moritz Muehlenhoff
[ MDKSA-2006:216 ] - Updated links packages fix smb vulnerability , security
The Classified Ad System [multiple xss & injection sql] , saps . audit
[USN-384-1] OpenLDAP vulnerability , Kees Cook
Which is more secure? Oracle vs. Microsoft , David Litchfield
- "Which is more secure? Oracle vs. Microsoft" (is it a fair comparison?) , Matthew Conover
  - Re: "Which is more secure? Oracle vs. Microsoft" (is it a fair comparison?) , David Litchfield
LS-20061113 - CA BrightStor ARCserve Backup Remote Buffer Overflow Vulnerability , advisories
- RE: LS-20061113 - CA BrightStor ARCserve Backup Remote Buffer Overflow Vulnerability , Williams, James K
[KAPDA]::Security analysis of cutenews 1.4.5 , alireza hassani
New Correction: Re: Serious crypto problem fixed by envelope HMAC method instead of currently used prefix , Omirjan Batyrbaev
[ GLSA 200611-15 ] qmailAdmin: Buffer overflow , Sune Kloppenborg Jeppesen
[ GLSA 200611-16 ] Texinfo: Buffer overflow , Sune Kloppenborg Jeppesen
Secunia Research: My Firewall Plus Privilege Escalation Vulnerability , Secunia Research
[SECURITY] [DSA 1218-1] New proftpd packages fix denial of service , Moritz Muehlenhoff
aBitWhizzy [local file include] , saps . audit
ContentNow CMS 1.39 Sql Injection + Path Disclosure Vulnerabilities , revenge
[USN-382-1] Thunderbird vulnerabilities , Kees Cook
Re: Re: Phpjobscheduler 3.0 - Multiple Remote File Include , admin
Link Exchange Lite [injection sql] , saps . audit
creadirectory [injection sql & xss] , saps . audit
JiRos Links Manager[injection sql & xss permanent] , saps . audit
Advisory: LDU <= 8.x Remote SQL Injection Vulnerability. , Mustafa Can Bjorn IPEKCI
Clarifying integer overflows vs. signedness errors , Steven M. Christey
- Re: Clarifying integer overflows vs. signedness errors , Thiago Zaninotti
- Re: Clarifying integer overflows vs. signedness errors , Pavel Kankovsky
VMSA-2006-0010 - SSL sessions not authenticated by VC Clients , VMware Security team
Vulnerability in PostNuke , sni-labs
Advisory: Seditio <= 1.10 Remote SQL Injection Vulnerability. , Mustafa Can Bjorn IPEKCI
[USN-381-1] Firefox vulnerabilities , Kees Cook
*BSD banner INT overflow vulnerability , Gruzicki Wlodek
- Re: *BSD banner INT overflow vulnerability , Steve Shockley
  - Re: *BSD banner INT overflow vulnerability , admin
- <Possible follow-ups>
- Re: Re: *BSD banner INT overflow vulnerability , evilrabbi
  - Re: *BSD banner INT overflow vulnerability , Bob Beck
Secunia Research: PassGo SSO Plus Insecure Default Directory Permissions , Secunia Research
Re: [ECHO_ADV_532006ドル] QnECMS <= 2.5.6 (adminfolderpath) Remote File Inclusion Vulnerability , jim
Windows Media ASX PlayList File Denial Of Service Vulnerability , sehato
[ MDKSA-2006:208-1 ] - Updated openldap packages fixes Bind vulnerability , security
Lack of environment sanitization in the FreeBSD, OpenBSD, NetBSD dynamic loaders. , In Cognito
- Re: Lack of environment sanitization in the FreeBSD, OpenBSD, NetBSD dynamic loaders. , Casper . Dik
- <Possible follow-ups>
- Lack of environment sanitization in the FreeBSD, OpenBSD, NetBSD dynamic loaders. , In Cognito
CONFidence 2007 CFP , andrzej . targosz
Perl proxy checker using samair.ru , Iko Riyadi
XSS in scriptat support InverseFlow Help Desk v2.31 , gamr-14
Big Flaw in Firefox 2: Password Manager Bug Exposes Passwords , fash1on
- Re: Big Flaw in Firefox 2: Password Manager Bug Exposes Passwords , 3APA3A
[ECHO_ADV_61_2006] a-ConMan <= v3.2beta Remote File Inclusion , erdc
NVIDIA nView (keystone) local Denial Of service , no-reply
CFP - VII National Computer and Information Security Conference , Jeimy Cano
Password Flaw also in Firefox 1.5.08. Was: Big Flaw in Firefox 2: Password Manager Bug Exposes Passwords , Michael Scheidell
- <Possible follow-ups>
- Re: Password Flaw also in Firefox 1.5.08. Was: Big Flaw in Firefox 2: Password Manager Bug Exposes Passwords , Juha-Matti Laurio
[ MDKSA-2006:218 ] - Updated apache-mod_auth_kerb packages fixes DoS vulnerability , security
Re: SolpotCrew Advisory #10 - phpBB XS (phpbb_root_path) Remote File Include , webmaster
LS-20061102 - Business Objects Crystal Reports Stack Overflow Vulnerability , advisories
[ GLSA 200611-17 ] fvwm: fvwm-menu-directory fvwm command injection , Matthias Geerdsen
Active PHP Bookmarks (apb.php) Remote file include , philip anselmo
- <Possible follow-ups>
- Re: Active PHP Bookmarks (apb.php) Remote file include , Mefisto
Cracking String Encryption in Java Obfuscated Bytecode , subere
- Re: Cracking String Encryption in Java Obfuscated Bytecode , Jim Manico
  - Re: Cracking String Encryption in Java Obfuscated Bytecode , John GALLET
- <Possible follow-ups>
- RE: Cracking String Encryption in Java Obfuscated Bytecode , Jeremy Epstein
[Aria-Security Team] Ultimate Survey Pro SQL Injection , Advisory
Cross site scripting & fullpath disclosure , saudi
[ GLSA 200611-18 ] TIN: Multiple buffer overflows , Sune Kloppenborg Jeppesen
[Aria-Security Team] MidiCart ASP Plus Shopping Cart SQL Injection , Advisory
PHP-Nuke <= 7.9 News module "sid" SQL Injection vulnerabilities , paisterist . nst
mmgallery Multiple vulnerabilities , saudi
Wolflab Burning Board Lite 1.0.2 two sql injections , retrog
[Aria-Security Team] Fixit iDMS Pro Image Gallery SQL Injection , Advisory
[Aria-Security Team] ASP ListPics 5.0 SQL Injection , Advisory
[Aria-Security Team] MidiCart ASP Shopping Cart SQL Injection , Advisory
[Aria-Security Team] iNews News Manager SQL Injection , Advisory
[ GLSA 200611-19 ] ImageMagick: PALM and DCM buffer overflows , Sune Kloppenborg Jeppesen
Cahier de texte V2.0 SQL Code Execution Exploit , gmdarkfig
PHP-Nuke Mermaid Module V1.2 (formdisp.php) Remote File Include Exploit , crackers_child
CPanel 11 Multiple Cross-Site Scription , Advisory
[ GLSA 200611-20 ] GNU gv: Stack overflow , Sune Kloppenborg Jeppesen
WebHost Manager (WHM) Multiple Cross-Site Scripting , Advisory
DoS in Microsoft Windows Live Messenger <= 8.0 , dragonjar
- <Possible follow-ups>
- Re: DoS in Microsoft Windows Live Messenger <= 8.0 , astralbabz
New Windows tool - NBTEnum 3.3 , Reed Arvin
Re: Re: "Which is more secure? Oracle vs. Microsoft" (is it a fair comparison?) , stopmakingnoise
- Re: Re: "Which is more secure? Oracle vs. Microsoft" (is it a fair comparison?) , Steve Friedl
  - Re: Re: "Which is more secure? Oracle vs. Microsoft" (is it a fair comparison?) , Tim Newsham
    - Re: Re: "Which is more secure? Oracle vs. Microsoft" (is it a fair comparison?) , David Litchfield
- <Possible follow-ups>
- Re: "Which is more secure? Oracle vs. Microsoft" (is it a fair comparison?) , Thor (Hammer of God)
  - Re: "Which is more secure? Oracle vs. Microsoft" (is it a fair comparison?) , Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]
- Re: "Which is more secure? Oracle vs. Microsoft" (is it a fair comparison?) , Thor (Hammer of God)
- Re: Re: "Which is more secure? Oracle vs. Microsoft" (is it a fair comparison?) , Steven M. Christey
  - Re: Re: "Which is more secure? Oracle vs. Microsoft" (is it a fair comparison?) , David Litchfield
- Re: Re: "Which is more secure? Oracle vs. Microsoft" (is it a fair comparison?) , David Litchfield
- RE: Re: "Which is more secure? Oracle vs. Microsoft" (is it a fair comparison?) , Shawn Fitzgerald
Siap Cms Sql Injection (login.asp) , nagazakig74
Wisi Portal [Sql Injection By Jesus Tovar] , nagazakig74
AttackAPI 2.0 alpha , pdp (architect)
Free tool for pattern identification (for researchers) , Gary Golomb
mAlbum v0.3 local file inclusion , tux025
[Aria-Security Team] Evolve shopping cart SQL Injection Vulnerability , Advisory
[Aria-Security Team] General Shopping Cart SQL Injection Vulnerability , Advisory
[SECURITY] [DSA 1220-1] New pstotext packages fix arbitrary shell command execution , Moritz Muehlenhoff
Clickblog Sql Injection , Advisory
ClickGallery Sql Injection , Advisory
iDefense Security Advisory 11.26.06: Qbik WinGate Compressed Name Pointer Denial of Service Vulnerability , iDefense Labs
TFTP Server AT-TFTP Server v 1.9 Buffer Overflow Vulnerability (Long filename) , liuqx
VMware 5.5.1 Local Buffer Overflow (HTML Exploit) , NormandiaN_MailID
- Re: VMware 5.5.1 Local Buffer Overflow (HTML Exploit) , str0ke
[SECURITY] [DSA 1219-1] New texinfo packages fix multiple vulnerabilities , Noah Meyerhans
CuteNews v1.4.5 (search.php) Remote file include vulnerability , philip anselmo
- Re: CuteNews v1.4.5 (search.php) Remote file include vulnerability , Francesco Laurita
- Re: CuteNews v1.4.5 (search.php) Remote file include vulnerability , raven
rPSA-2006-0218-1 ImageMagick , rPath Update Announcements
TFTP Server 3CTftpSvc Buffer Overflow Vulnerability (Long transporting mode) , liuqx
rPSA-2006-0219-1 info install-info texinfo , rPath Update Announcements
PhpGedView 4.0.2 (DOCUMENT_ROOT) File inclusion Vulnerablity , x___ . _
- <Possible follow-ups>
- Re: PhpGedView 4.0.2 (DOCUMENT_ROOT) File inclusion Vulnerablity , Mefisto
- Re: PhpGedView 4.0.2 (DOCUMENT_ROOT) File inclusion Vulnerablity , yalnifj
MHL-2006-003 Public Advisory: "mboard" file creation issue , Mayhemic Labs Security
iDefense Security Advisory 11.26.06: GNU Radius Format String Vulnerability , iDefense Labs
[ GLSA 200611-21 ] Kile: Incorrect backup file permission , Sune Kloppenborg Jeppesen
Re: New Flaw in Firefox 2.0: DoS and possible remote code execution , sflist
2nd European Conference on Computer Network Defense (EC2ND) , Blyth A J C (AT)
Cursor snarfing - a new class of vulnerability and attack in Oracle , David Litchfield
AIDE problem handling symlinks , fryxar fryxar
ClickContact SQL Injection , Advisory
SYMSA-2006-011: JBoss Java Class DeploymentFileRepository Directory Traversal , research
- Re: SYMSA-2006-011: JBoss Java Class DeploymentFileRepository Directory Traversal , Jon Hart
GnuPG 1.4 and 2.0 buffer overflow , Werner Koch
CVE-2006-5815: remote code execution in ProFTPD , John Morrissey
[ GLSA 200611-22 ] Ingo H3: Folder name shell command injection , Sune Kloppenborg Jeppesen
uPhotoGallery (v 1.1) SQL Injection , Advisory
[USN-386-1] ImageMagick vulnerability , Kees Cook
evince buffer overflow exploit (gv) , kspecial
TSLSA-2006-0066 - multi , Trustix Security Advisor
ProFTPD mod_tls pre-authentication buffer overflow , research
- Re: ProFTPD mod_tls pre-authentication buffer overflow , Mark Wadham
b2evolution XSS Vulnerabilities , tarkus
[USN-387-1] Dovecot vulnerability , Kees Cook
[ GLSA 200611-23 ] Mono: Insecure temporary file creation , Raphael Marichez
[ GLSA 200611-25 ] OpenLDAP: Denial of Service vulnerability , Raphael Marichez
[ GLSA 200611-24 ] LHa: Multiple vulnerabilities , Raphael Marichez
[USN-385-1] tar vulnerability , Kees Cook
New report on Teredo security , Jim Hoagland
- Re: [Full-disclosure] New report on Teredo security , Jeroen Massar
Multiple Vulnerabilities in AlternC version 0.9.5 , Vincent A.Menard
b2evolution Remote File inclusion Vulnerability , tarkus
Re: [WEB SECURITY] The state of JavaScript Hacking , bugtraq
PHP Event Calendar 1.5.1 (index.php) Remote File Include Vulnerability , philip anselmo
- <Possible follow-ups>
- Re: PHP Event Calendar 1.5.1 (index.php) Remote File Include Vulnerability , Stuart Moore
ZDI-06-043: Novell Netware Client Print Provider Buffer Overflow Vulnerability , zdi-disclosures
iDefense Security Advisory 11.29.06: Horde Kronolith Arbitrary Local File Inclusion Vulnerability , iDefense Labs
REMLAB Web Mech Designer 2.0.5 Path Disclosure Vulnerability , jesper . jurcenoks
[ MDKSA-2006:219 ] - Updated tar packages fix vulnerability , security
Secunia Research: Borland Products idsql32.dll Buffer Overflow Vulnerability , Secunia Research
SYM06-023, Symantec NetBackup PureDisk: PHP update to Address Reported Security Vulnerability , Mike Prosser
OWASP JBroFuzz 0.3 Fuzzer Released! , subere
New Windows tool - PWDumpX v1.0 , Reed Arvin
Monkey Boards version 0.3.5 Multiple Path Disclosure Vulnerabilities , jesper . jurcenoks
[Aria-Security Team] FipsSHOP SQL Injection , Advisory
Potentially OT: AJAX article , clappymonkey
[USN-388-1] KOffice vulnerability , Kees Cook
[USN-389-1] GnuPG vulnerability , Kees Cook

Mail converted by MHonArc