Bugtraq: by author

3APA3A
- Internet Explorer wininet.dll URL parsing memory corruption technical details (Apr 14 2005)
Adam Back
- Re: [ GLSA 200503-12 ] Hashcash: Format string vulnerability (Apr 06 2005)
Adam Baldwin
- Neslo Desktop Rover Remote DoS Vulnerability (Apr 19 2005)
Adam n30n Simuntis
- artmedic_links5 remote file access exploit (Apr 23 2005)
admin_at_batznet.com
- WoltLab Burning Board <= 2.3.1 PL2 - XSS Vulnerability (24.04.05) (Apr 24 2005)
Alex Garrett
- APG Classmaster Workstation Windows SMB share access vulnerability (Apr 21 2005)
Alexander Kornbrust
- Cross Site Scripting in BEA Admin Console (Apr 28 2005)
- Cross Site Scripting in Oracle Webcache 9i Adminstrator Application (Apr 28 2005)
- File appending vulnerability in Oracle Webcache 9i (Apr 28 2005)
- Webcache Client Requests Bypass OHS mod_access Restrictions (Apr 28 2005)
Allen Parker
- Re: Capital One's website inadvertently assists phishing (Apr 19 2005)
Amit Klein (AKsecurity)
- Re: HTTP RESPONSE SPLITTING by Diabolic Crab (Apr 17 2005)
- Re: Http Response Splitting Vulnerability In PHP-NUKE 7.6 and below (Apr 17 2005)
Andreas Constantinides
- zOOM Media Gallery - Simple SQL Injection discovery (Apr 12 2005)
Andrew
- Microsoft Windows image rendering DoS vuln (Apr 11 2005)
Andrew Y Ng
- Apache hacks (./atac, d0s.txt) (Apr 29 2005)
Anthony Zboralski
- BCS Asia 2005 Slides and pictures (Apr 14 2005)
Antoine Martin
- Re: [HACKERS] Postgres: pg_hba.conf, md5, pg_shadow, encrypted (Apr 23 2005)
- Re: [HACKERS] Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords (Apr 22 2005)
Antonio Varni
- Re: Security Contact for NetApp ? (Apr 14 2005)
Arkoon Security Team
- Information leak in the Linux kernel ext2 implementation (Apr 01 2005)
Ayaz Ahmed Khan
- Announcing PAKCON II (2005)! (Apr 19 2005)
- PAKCON II: Call for Papers (CfP - 2005) (Apr 19 2005)
Bahaa Naamneh
- NetManage RUMBA 7.4 Profile Handling Multiple Buffer Overflow Vulnerabilities (Apr 13 2005)
- Buffer Overflow within the RUMBA product (Apr 01 2005)
Berend-Jan Wever
- Details and PoC for MS05-020 MSIE DHTML Object handling vulnerabilities (Apr 12 2005)
bert_at_adbas.net
- OSX - trojan apps can bypass authentication controls and gain root privilages (Apr 05 2005)
Boren, Rich (SSRT)
- [Security Bulletin] SSRT5958 rev.0 - HP OpenView Radia Mgmt. Portal (RMP) Radia Mgmt. Agent Remote unauthorized Privileged Access and (DoS) (Apr 28 2005)
- [security bulletin] SSRT5954 rev.0 HP-UX TCP/IP Remote Denial of Service (DoS) (Apr 25 2005)
Boyce, Nick
- RE: iDEFENSE Security Advisory 04.18.05: McAfee Internet Security Suite 2005 Insecure File Permission Vulnerability (Apr 20 2005)
Braden Thomas
- Re: Safari HTTPS Overflow (Apr 28 2005)
Brett Moore
- [WHITEPAPER] Bugger The Debugger (Apr 11 2005)
Bruce Momjian
- Re: [HACKERS] Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords (Apr 20 2005)
Bruno Wolff III
- Re: [HACKERS] Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords (Apr 21 2005)
byte_jump
- Re: Discovering and Stopping Phishing/Scam Attacks (Apr 26 2005)
c0d3r_at_ihsteam.com
- Golden FTP Server Pro remote stack BOF exploit (IHSTeam) (Apr 29 2005)
- PMsoftware mini http server remote stack overflow exploit (IHSTeam) (Apr 20 2005)
- Ecommerce-Carts SQL injection vulnerability ( IHSTeam ) (Apr 19 2005)
- ArGoSoft FTP Server is still vuln + PoC exploit code (IHSTeam) (Apr 03 2005)
CENSORED
- SQL-injections in koobi-cms (Apr 27 2005)
- SQL-injections in Invision Power Board v2.0.1 (Apr 25 2005)
Cesar
- - Argeniss - Oracle exploits and workarounds (Apr 18 2005)
Charles M. Hannum
- Security holes in the iTunes Music Store (Mar 30 2005)
chewkeong_at_security.org.sg
- [SIG^2 G-TEC] SurgeFTP LEAK Command Denial-Of-Service Vulnerability (Apr 07 2005)
CIRT.DK Advisory
- [CIRT.DK - Advisory] Novell Nsure Audit 1.0.1 Denial of Service (Apr 24 2005)
Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Vulnerabilities in Cisco IOS Secure Shell Server (Apr 06 2005)
- Cisco Security Advisory: Vulnerabilities in the Internet Key Exchange Xauth Implementation (Apr 06 2005)
Clad Strife
- Linux vsyscalls may be used as attack vectors (Apr 20 2005)
- Linux vsyscalls may be used as attack vectors (Apr 19 2005)
class101_at_HAT-SQUAD.com
- Microsoft Windows Internet Name Service (WINS) Remote Heap Overflow Exploit (Apr 04 2005)
Clorox
- Centra 7 XSS Exploit (Apr 12 2005)
Conectiva Updates
- [CLA-2005:948] Conectiva Security Announcement - squid (Apr 27 2005)
- [CLA-2005:949] Conectiva Security Announcement - gaim (Apr 27 2005)
- [CLA-2005:950] Conectiva Security Announcement - evolution (Apr 27 2005)
- [CLA-2005:947] Conectiva Security Announcement - MySQL (Apr 20 2005)
- [CLA-2005:946] Conectiva Security Announcement - MySQL (Apr 04 2005)
CorryL
- MailEnable HTTPS Buffer Overflow [x0n3-h4ck] (Apr 24 2005)
- Shoutbox SCRIPT <= 3.0.2 Administrative MD5 Username and Password Retrieval [x0n3-h4ck] (Apr 19 2005)
- TowerBlog <= 0.6 Admin Account View [x0n3-h4ck] (Apr 10 2005)
- MailEnable Smtpd remote Dos [x0n3-h4ck] (Apr 05 2005)
Crispin Cowan
- Re: Discovering and Stopping Phishing/Scam Attacks (Apr 26 2005)
cybertronic_at_gmx.net
- Snmppd SNMP proxy daemon format string exploit (Apr 29 2005)
- Yager <= 5.24 Remote Buffer Overflow Exploit (Apr 25 2005)
- RE: ERNW Security Advisory 01/2005 [ EXPLOIT ] (Apr 19 2005)
D.C. van Moolenbroek
- Re: index.cgi script XSS + file show (Apr 25 2005)
Damian Put
- [Overflow.pl] ImageMagick ReadPNMImage() Heap Overflow (Apr 24 2005)
Darren
- Re: cPanel/WHM demo account problems (Mar 31 2005)
Darren Reed
- Re: Solaris 10 Containers / Zones Security Flaw (Apr 04 2005)
Dave Aitel
- Re: [Full-disclosure] [VulnDiscuss] Re: -==phpBB 2.0.14 Multiple Vulnerabilities==-[Scanned] (Apr 24 2005)
Dave Armstrong
- Borland Security Contact (Apr 28 2005)
David F. Russell
- Re: AW: PayPal "security" measures (Apr 04 2005)
David F. Skoll
- Re: [HACKERS] Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords (Apr 20 2005)
- Re: Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords (Apr 20 2005)
David Malone
- Re: crontab from vixie-cron allows read other users crontabs (Apr 06 2005)
David Remahl
- [DR001] AppleWebKit XMLHttpRequest arbitrary file disclosure vulnerability (Apr 15 2005)
David Riley
- Re: Safari HTTPS Overflow (Apr 28 2005)
dcrab
- Multiple Sql injections in phpCoin v1.2.2 and below (Apr 28 2005)
- Multiple SQL Injections in MetaBid Auctions (Apr 26 2005)
- MetaCart2 for PayFlow Multiple Sql Injection Vulnerabilities (Apr 26 2005)
- Multiple SQL Injections in MetaCart2 for SQL Server Special Edition U.K (Apr 26 2005)
- Multiple SQL Injections in MetaCart2 for PayPal (Apr 26 2005)
- Multiple SQL Injections in MetaCart e-Shop V-8 (Apr 26 2005)
- Multiple SQL Injections in StorePortal 2.63 (Apr 24 2005)
- Multiple Sql injection and XSS in CartWIZ ASP Cart (Apr 23 2005)
- Multiple Sql injection vulnerabilities in BK Forum v.4 (Apr 23 2005)
- Multiple Sql injection and XSS in Asp Nuke 0.80 (Working exploits included) (Apr 21 2005)
- DUportal Pro 3.4 has MANY Sql injection and Sql Errors. (Apr 20 2005)
- Require many large corporate emails for contact regarding vulnerability. (Apr 16 2005)
- Http Response Splitting Vulnerability In PHP-NUKE 7.6 and below (Apr 15 2005)
- Multiple multiple sql injection/errors and xss vulnerabilities in OneWorldStore (Apr 14 2005)
- Multiple Sql injection and XSS vulnerabilities in phpBB Plus v.1.52 and below and some of its modules. (Apr 13 2005)
- HTTP RESPONSE SPLITTING by Diabolic Crab (Apr 13 2005)
- Directory transversal, sql injection and xss vulnerabilities in RadBids Gold v2 (Apr 09 2005)
- Sql injection, xss and path disclosure vulnerabilities in PostNuke 0.760-RC3 (Apr 07 2005)
- LiteCommerce Sql injection and reveling errors vulnerability (Apr 06 2005)
- Active Auction House has multiple Sql injection, error and XSS vulnerabilities (Apr 05 2005)
- Authenticaion bypass, Directory transversal and XSS vulnerabilities in PayProCart 3.0 - Profitcode Software (Apr 04 2005)
- AlstraSoft EPay Pro v2.0 has file include and multiple xss vulnerabilities (Apr 01 2005)
deluxe_at_security-project.org
- [SePro Bugtraq] WBB - WoltLab Burning Board <= 2.3.1 - XSS Vulnerability (22.04.05) (Apr 22 2005)
- phpBB - Knowledge Base MOD - SQL-Injection and Full Path Disclosure (Apr 18 2005)
Denis Jedig
- Re: [HV-HIGH] Microsoft Jet DB engine vulnerabilities (Apr 02 2005)
Derek Martin
- Re: gzip TOCTOU file-permissions vulnerability (Apr 13 2005)
- Re: gzip TOCTOU file-permissions vulnerability (Apr 14 2005)
- Re: gzip TOCTOU file-permissions vulnerability (Apr 13 2005)
Des Ward
- Re: Microsoft Explorer Denial of Service (Apr 06 2005)
devnull_at_Rodents.Montreal.QC.CA
- Re: gzip TOCTOU file-permissions vulnerability (Apr 14 2005)
dila
- OpenText FirstClass 8.0 Client Arbitrary File Execution (Apr 07 2005)
Dionysios G. Synodinos
- Re: Sql injection, xss and path disclosure vulnerabilities in PostNuke 0.760-RC3 (Apr 08 2005)
Dirk Mueller
- [KDE Security Advisory]: Kommander untrusted code execution (Apr 21 2005)
- [KDE Security Advisory]: kimgio input validation errors (Apr 21 2005)
Dmitry Yu. Bolkhovityanov
- Re: gzip TOCTOU file-permissions vulnerability (Apr 16 2005)
Donato Ferrante
- directory traversal in Yawcam 0.2.5 (Apr 21 2005)
dong-hun you
- [INetCop Security Advisory] Snmppd potentially format string vulnerability. (Apr 24 2005)
- GLD (Greylisting daemon for Postfix) multiple vulnerabilities. (Apr 11 2005)
echo staff
- [ECHO_ADV_12$2005] Vulnerabilities in sphpblog (Apr 14 2005)
- Vulnerabilities in sphpblog (Apr 15 2005)
Eiji James Yoshida
- RE: Microsoft Windows Server 2003 "Shell Folders" Directory Traversal Vulnerability (Apr 02 2005)
Emanuele \
- E-Cart E-Commerce Software EXPLOIT (Apr 26 2005)
- E-Cart v1.1 Remote Command Execution Vulnerability (Apr 23 2005)
Erich Klaus
- Sql Injection in Confixx 3.06 & 3.08 & 3.?? ? (Apr 25 2005)
Evgeny Pinchuk
- MS05-021 Microsoft Exchange X-LINK2STATE Heap Overflow PoC (Apr 19 2005)
exploits_at_nopiracy.de
- PunBB <= 1.2.4 - change email to become admin exploit (Apr 08 2005)
Fabrice Marie
- Security Contact for NetApp ? (Apr 13 2005)
farhad koosha
- ACSblog bug (Apr 23 2005)
fireboy fireboy
- remote command execution in ad.cgi script (Apr 24 2005)
- remote command execution in forum.pl script (Apr 24 2005)
- index.cgi script XSS + file show (Apr 24 2005)
- remote command execution in text.cgi script (Apr 24 2005)
- remote command execution in includer.cgi script (Apr 24 2005)
- remote command execution in citat.pl script (Apr 24 2005)
- hyper.cgi script file show bug (Apr 24 2005)
- remote command execution in include.cgi script (Apr 24 2005)
- remote command execution in inserter.cgi script (Apr 24 2005)
Francisco Alisson
- Mafia Blog (Apr 15 2005)
- myBloggie 2.1.1 (Apr 15 2005)
- All4WWW-Homepagecreator Remote Command Execution (Apr 13 2005)
FreeBSD Security Advisories
- FreeBSD Security Advisory FreeBSD-SA-05:05.cvs (Apr 22 2005)
- FreeBSD Security Advisory FreeBSD-SA-05:04.ifconf (Apr 14 2005)
- FreeBSD Security Advisory FreeBSD-SA-05:03.amd64 (Apr 05 2005)
- FreeBSD Security Advisory FreeBSD-SA-05:02.sendfile (Apr 04 2005)
Gadi Evron
- Re: crontab from vixie-cron allows read other users crontabs (Apr 06 2005)
- drone armies C&C report - March/2005 (Apr 06 2005)
Gandalf The White
- New auto download / install / exploit URL? (Apr 22 2005)
Geoff Vass
- RE: New auto download / install / exploit URL? (Apr 23 2005)
Gerald Quakenbush
- eGroupWare Leaks Files (Apr 12 2005)
GHC team
- Vulnerability in Coppermine Photo Gallery 1.3.* (Apr 18 2005)
gilbert nzeka
- The first open source spyware (Apr 18 2005)
Gilbert Verdian
- Safari HTTPS Overflow (Apr 28 2005)
GomoR
- MS05-019 Windows IP options DoS exploit (Apr 24 2005)
Greg Roelofs
- XV multiple buffer overflows (update) (Apr 11 2005)
GreyMagic Security
- File Selection May Lead to Command Execution (GM#015-IE) (Apr 19 2005)
GulfTech Security Research
- phpBB Notes Mod SQL Injection Vulnerability (Apr 27 2005)
- Multiple Security Issues Found In AZBB (Apr 19 2005)
- Multiple eGroupware Vulnerabilities (Apr 19 2005)
- RE: Portcullis Security Advisory 05-012 Ebay Session Riding Vulnerability (Apr 19 2005)
- Multiple ModernBill 4.3.0 And Earlier Vulnerabilities (Apr 10 2005)
Gunter Ollmann (NGS)
- New Whitepaper: Stopping Automated Attack Tools (Apr 26 2005)
G�ran Sandahl
- Re: RealNetworks RealPlayer/RealOne Player/Helix Player Remote Heap Overflow (Apr 21 2005)
HaCkZaTaN
- -==phpBB 2.0.14 Multiple Vulnerabilities==- (Apr 23 2005)
Hat-Squad Security Team
- [Hat-Squad Advisory] Bakbone NetVault Heap overflow Vulnerabilities (Apr 01 2005)
Hermann Arens
- Re: New auto download / install / exploit URL? (Apr 27 2005)
Hillel Himovich
- UBB Thread printthread.php SQL Injection (Apr 19 2005)
houseofdabus HOD
- ICMP attacks against TCP (Proof-of-Concept code) (MS05-019, CISCO:20050412) (Apr 20 2005)
Hyperdose Security
- Local file detection found through Adobe Reader ActiveX control (Apr 23 2005)
- Arbitrary file overwrite possible by Musicmatch ActiveX control (Apr 15 2005)
- Improper log file storage in Musicmatch software (Apr 15 2005)
- Trusted Site Cross Site Scripting Elevation of Privilege in Musicmatch (Apr 14 2005)
- Trojan file issue in Musicmatch software (Apr 14 2005)
I)ruid
- CAU - New Tool: hcraft - HTTP Vuln Request Crafter (Apr 18 2005)
iDEFENSE Labs
- iDEFENSE Labs Releases dltrace (Apr 27 2005)
- iDEFENSE Security Advisory 04.25.05: MySQL MaxDB Webtool Remote Lock-Token Stack Overflow Vulnerability (Apr 25 2005)
- iDEFENSE Security Advisory 04.25.05: MySQL MaxDB Webtool Remote Stack Overflow Vulnerability (Apr 25 2005)
- iDEFENSE Security Advisory 04.26.05: MySQL MaxDB Webtool Remote 'If' Stack Overflow Vulnerability (Apr 26 2005)
- iDEFENSE Security Advisory 04.26.05: Citrix Program Neighborhood Agent Arbitrary Shortcut Creation Vulnerability (Apr 26 2005)
- iDEFENSE Security Advisory 04.26.05: Citrix Program Neighborhood Agent Buffer Overflow (Apr 26 2005)
- iDEFENSE Security Advisory 04.18.05: McAfee Internet Security Suite 2005 Insecure File Permission Vulnerability (Apr 18 2005)
- iDEFENSE Security Advisory 04.12.05: Microsoft Internet Explorer DHTML Engine Race Condition Vulnerability (Apr 12 2005)
- iDEFENSE Security Advisory 04.12.05: Microsoft Windows Internet Explorer Long Hostname Heap Corruption Vulnerability (Apr 12 2005)
- iDEFENSE Security Advisory 04.12.05: Microsoft MSHTA Script Execution Vulnerability (Apr 12 2005)
- iDEFENSE Security Advisory 04.12.05: Microsoft Windows CSRSS.EXE Stack Overflow Vulnerability (Apr 12 2005)
- iDEFENSE Security Advisory 04.08.05: Microsoft Multiple E-Mail Client Address Spoofing Vulnerability (Apr 08 2005)
- iDEFENSE Security Advisory 04.07.05: SGI IRIX gr_osview File Overwrite Vulnerability (Apr 07 2005)
- iDEFENSE Security Advisory 04.07.05: SGI IRIX gr_osview Information Disclosure Vulnerability (Apr 07 2005)
- iDEFENSE Security Advisory 04.06.05: IBM Lotus Domino Server Web Service DoS Vulnerability (Apr 06 2005)
- iDEFENSE Security Advisory 04.05.05: Computer Associates eTrust Intrusion Detection System CPImportKey DoS (Apr 05 2005)
- iDEFENSE Labs Releases OllyDbg Breakpoint Manager (Apr 05 2005)
- iDEFENSE Security Advisory 03.31.05: PHP getimagesize() Multiple Denial of Service Vulnerabilities (Mar 31 2005)
Imran Ghory
- cpio directory traversal vulnerability (Apr 20 2005)
- gzip directory traversal vulnerability (Apr 20 2005)
- cpio TOCTOU file-permissions vulnerability (Apr 13 2005)
- rpdump TOCTOU file-permissions vulnerability (Apr 09 2005)
- ================================ GNU Core Utilities race condition file-permissions vulnerability ================================ Software: mkdir, mknod, mkfifo Version: Part of GNU Core Utilities 5.2.1 Software URL: <http://www.gnu.org/software/cor (Apr 06 2005)
- gzip TOCTOU file-permissions vulnerability (Apr 04 2005)
IRM Advisories
- IRM 011: Sygate,Security Agent (Sygate Secure Enterprise) Fail Open DoS (Apr 12 2005)
J B
- RE: AW: PayPal "security" measures (Apr 04 2005)
jaguar
- Annuaire Netref v4.2 [ fwrite php ] vulnerability (Apr 19 2005)
Janek Vind
- [waraxe-2005-SA#042] - Multiple vulnerabilities in Coppermine Photo Gallery 1.3.2 (Apr 20 2005)
- [waraxe-2005-SA#041] - Critical Sql Injection in PhpNuke 6.x-7.6 Top module (Apr 06 2005)
Jason Coombs
- DHS Security Contact (Apr 28 2005)
Jason Dodson
- Re: Vulnerability kali's tagboard (Apr 21 2005)
Jason V. Miller
- Re: bzip2 TOCTOU file-permissions vulnerability (Apr 02 2005)
Jean-Yves Lefort
- multiple remote denial of service vulnerabilities in Gaim (Apr 01 2005)
Jeff Moss
- Black Hat USA 2005 Reminder CFP closing soon! (Apr 26 2005)
JeiAr
- Re: Http Response Splitting Vulnerability In PHP-NUKE 7.6 and below (Apr 15 2005)
- Double Choco Latte Remote Code Execution (Apr 08 2005)
Jeremy Rasmussen
- PayPal "security" measures (Apr 01 2005)
Jesse Morgan
- Re: Microsoft Windows image rendering DoS vuln (Apr 21 2005)
Jesus
- Re: Vulnerability kali's tagboard (Apr 28 2005)
jim allan
- Re: Solaris 10 Containers / Zones Security Flaw (Apr 03 2005)
- Solaris 10 Containers / Zones Security Flaw (Mar 31 2005)
Jim C. Nasby
- Re: [HACKERS] Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords (Apr 20 2005)
- Re: [HACKERS] Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords (Apr 20 2005)
Jim Knoble
- Re: [HACKERS] Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords (Apr 21 2005)
- Re: [HACKERS] Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords (Apr 20 2005)
Joey Hess
- Re: gzip TOCTOU file-permissions vulnerability (Apr 13 2005)
John Cobb
- RE: [NOBYTES.COM: #6] CubeCart 2.0.6 - Information Disclosure (Feb 06 2005)
- [NOBYTES.COM: #6] CubeCart 2.0.6 - Information Disclosure (Feb 06 2005)
joke0
- Re: New auto download / install / exploit URL? (Apr 25 2005)
Jonathan Katz
- Re: Solaris 10 Containers / Zones Security Flaw (Apr 01 2005)
Jordi Corrales
- Dameware NT Utilities and MiniRemote Control <= 4.9 vulnerability (Apr 15 2005)
Joseph Barillari
- Re: Capital One's website inadvertently assists phishing (Apr 19 2005)
- Capital One's website inadvertently assists phishing (Apr 19 2005)
Josh Berkus
- Re: Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords (Apr 20 2005)
Joshua D. Drake
- Re: [HACKERS] Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords (Apr 21 2005)
Joxean Koret
- Security contact at sourceforge? (Apr 27 2005)
Karol Wi�sek
- crontab from vixie-cron allows read other users crontabs (Apr 06 2005)
KF (lists)
- Re: Borland Security Contact (Apr 28 2005)
- DMA[2005-0423a] - 'Nokia Affix Bluetooth Integer Underflow' (Apr 24 2005)
- 'Widcomm BTW (Microsoft Windows BT stack) Directory Transversal' (Apr 13 2005)
- Re: OSX - trojan apps can bypass authentication controls and gain root privilages (Apr 06 2005)
- DMA[2005-0401a] - 'IVT BlueSoleil Directory Transversal' (Mar 31 2005)
Kold
- GrayCMS php code injection (Apr 26 2005)
Kozan
- Miranda IM and Miranda Installer Let Local Users Execute Arbitrary Code (Apr 08 2005)
kreon
- serendipity SQL Injection vulnerability (Apr 13 2005)
- DoKuWiki file-upload vulnerabilities (Apr 12 2005)
lacertosum_at_yahoo.com
- WebCT 4.1 vulnerable to XSS attacks (Apr 11 2005)
Lance James
- Re: [HACKERS] Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords (Apr 21 2005)
Larry Seltzer
- RE: iDEFENSE Security Advisory 04.08.05: Microsoft Multiple E-Mail Client Address Spoofing Vulnerability (Apr 09 2005)
- RE: Microsoft Explorer Denial of Service (Apr 06 2005)
lee xiaojun
- OpenOffice DOC document Heap Overflow (Apr 11 2005)
liquid_at_cyberspace.org
- QuickTime for Windows malformed GIF DoS (Apr 12 2005)
Luca Ercoli
- LG U8120 Mobile Phone Denial of Service (Apr 13 2005)
- Re: Microsoft Explorer Denial of Service (Apr 07 2005)
- Microsoft Explorer Denial of Service (Apr 05 2005)
Luigi Auriemma
- Multiple vulnerabilities in Yager 5.24 (Apr 14 2005)
- In-game server crash in Call of Duty 1.5b and United Offensive 1.51b (Apr 02 2005)
- In-game server buffer-overflow in Jedi Academy 1.011 (Apr 02 2005)
- In-game players kicking in the Quake 3 engine (Apr 02 2005)
Luis Alberto Cortes Zavala
- Microsoft Windows image rendering DoS vuln (Apr 21 2005)
Luis Fernando
- Multiples Full Path Disclosure in php-nuke 7.6 (and below) (Apr 29 2005)
Luke Macken
- [ GLSA 200504-06 ] sharutils: Insecure temporary file creation (Apr 06 2005)
- [ GLSA 200504-05 ] Gaim: Denial of Service issues (Apr 06 2005)
Macromedia Security Zone
- Macromedia Security Bulletin - ColdFusion MX 6.1 (Apr 07 2005)
Mailinglists
- ERNW Security Advisory 01/2005 (Apr 18 2005)
Maksymilian Arciemowicz
- Re: Sql injection, xss and path disclosure vulnerabilities in PostNuke 0.760-RC3 (Apr 08 2005)
- [SECURITYREASON.COM] phpnuke 7.6 Multiple vulnerabilities in Web_Links Module cXIb8O3.14 (Apr 07 2005)
- [SECURITYREASON.COM] phpnuke 7.6 Multiple vulnerabilities in Downloads Module cXIb8O3.13 (Apr 07 2005)
- [SECURITYREASON.COM] PhpNuke 7.6=>x Multiple vulnerabilities cXIb8O3.12 (Apr 04 2005)
Mandrakelinux Security Team
- MDKSA-2005:070 - Updated MySQL packages fix vulnerability (Apr 12 2005)
- MDKSA-2005:069 - Updated gdk-pixbuf packages fix vulnerability (Apr 07 2005)
- MDKSA-2005:068 - Updated gtk+2.0 packages fix vulnerability (Apr 07 2005)
- MDKSA-2005:067 - Updated sharutils packages fix multiple vulnerabilities (Apr 07 2005)
- MDKSA-2005:065 - Updated ImageMagick packages fix multiple vulnerabilities (Apr 01 2005)
- MDKSA-2005:066 - Updated grip packages fix vulnerability (Apr 01 2005)
Mandriva Security Team
- MDKSA-2005:078 - Updated squid packages fix vulnerability (Apr 29 2005)
- MDKSA-2005:079 - Updated perl packages to fix rmtree vulnerability (Apr 29 2005)
- MDKSA-2005:080 - Updated libxpm4 packages fix libXpm vulnerabilities (Apr 29 2005)
- MDKSA-2005:077 - Updated cdrecord packages fix vulnerability (Apr 21 2005)
- MDKSA-2005:075 - Updated libcdaudio1 packages fix vulnerability (Apr 21 2005)
- MDKSA-2005:073 - Updated cvs packages fix vulnerability (Apr 20 2005)
- MDKSA-2005:074 - Updated gnome-vfs2 packages fix vulnerability (Apr 21 2005)
- MDKSA-2005:076 - Updated xli packages fix multiple vulnerabilities (Apr 21 2005)
- MDKSA-2005:072 - Updated php packages fix multiple vulnerabilities (Apr 18 2005)
- MDKSA-2005:071 - Updated gaim packages fix multiple vulnerabilities (Apr 13 2005)
Marc Schoenefeld
- MacOSX Java Runtime Environment Remote Denial-of-Service (DoS) Vulnerability (Apr 07 2005)
Marcin \
- Sql injection in jPortal version 2.3.1 (module banner) (Apr 12 2005)
- Sql injection in jPortal version 2.3.1 (module banner) (Apr 11 2005)
Marcus Meissner
- SUSE Security Announcement: Mozilla Firefox, Mozilla various security problems (SUSE-SA:2005:028) (Apr 27 2005)
- SUSE Security Announcement: RealPlayer buffer overflow in RAM file handling (SUSE-SA:2005:026) (Apr 20 2005)
- SUSE Security Announcement: PostgreSQL buffer overflow problems (SUSE-SA-2005:027) (Apr 20 2005)
- SUSE Security Announcement: various KDE security problems (SUSE-SA:2005:022) (Apr 11 2005)
- SUSE Security Announcement: kernel local privilege escalation (SUSE-SA:2005:021) (Apr 04 2005)
Mark Senior
- RE: [HACKERS] Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords (Apr 21 2005)
- RE: gzip TOCTOU file-permissions vulnerability (Apr 14 2005)
Markus Stenzel
- Re: [bugtraq] Re: Borland Security Contact (Apr 29 2005)
Martin Pitt
- [USN-112-1] PHP4 vulnerabilities (Apr 14 2005)
- [USN-111-1] Squid vulnerability (Apr 14 2005)
- Re: gzip TOCTOU file-permissions vulnerability (Apr 12 2005)
- [USN-110-1] Linux kernel vulnerabilities (Apr 11 2005)
- [USN-108-1] GDK vulnerability (Apr 05 2005)
- [USN-109-1] MySQL vulnerability (Apr 06 2005)
- [USN-107-1] racoon vulnerability (Apr 05 2005)
- [USN-106-1] Gaim vulnerabilities (Apr 05 2005)
- [USN-105-1] PHP4 vulnerabilities (Apr 05 2005)
- [USN-104-1] unshar vulnerability (Apr 04 2005)
- [USN-103-1] Linux kernel vulnerabilities (Apr 01 2005)
Martin Schulze
- [SECURITY] [DSA 719-1] New prozilla packages fix arbitrary code execution (Apr 28 2005)
- [SECURITY] [DSA 718-1] New ethereal packages fix buffer overflow (Apr 28 2005)
- [SECURITY] [DSA 718-2] New ethereal packages fix buffer overflow (Apr 28 2005)
- [SECURITY] [DSA 716-1] New gaim packages fix denial of service (Apr 27 2005)
- [SECURITY] [DSA 717-1] New lsh packages fix several vulnerabilities (Apr 27 2005)
- [SECURITY] [DSA 715-1] New cvs packages fix unauthorised repository access (Apr 26 2005)
- [SECURITY] [DSA 714-1] New kdelibs packages fix arbitrary code execution (Apr 26 2005)
- [SECURITY] [DSA 713-1] New junkbuster packages fix several vulnerabilities (Apr 21 2005)
- [SECURITY] [DSA 701-2] New samba packages fix correct sporadic crash (Apr 21 2005)
- [SECURITY] [DSA 661-2] New f2c packages fix insecure temporary files (Apr 20 2005)
- [SECURITY] [DSA 712-1] New geneweb packages fix insecure file operations (Apr 19 2005)
- [SECURITY] [DSA 711-1] New info2www packages fix cross-site scripting vulnerability (Apr 19 2005)
- [SECURITY] [DSA 710-1] New gtkhtml packages fix denial of service (Apr 18 2005)
- [SECURITY] [DSA 708-1] New PHP3 packages fix denial of service (Apr 15 2005)
- [SECURITY] [DSA 709-1] New libexif packages fix arbitrary code execution (Apr 15 2005)
- [SECURITY] [DSA 706-1] New axel packages fix arbitrary code execution (Apr 13 2005)
- [SECURITY] [DSA 707-1] New mysql packages fix several vulnerabilities (Apr 13 2005)
- [SECURITY] [DSA 704-1] New remstats packages fix several vulnerabilities (Apr 04 2005)
- [SECURITY] [DSA 705-1] New wu-ftpd packages fix denial of service (Apr 04 2005)
- [SECURITY] [DSA 702-1] New ImageMagick packages fix several vulnerabilities (Apr 01 2005)
- [SECURITY] [DSA 703-1] New krb5 packages fix arbitrary code execution (Apr 01 2005)
Matthias Geerdsen
- [ GLSA 200504-24 ] eGroupWare: XSS and SQL injection vulnerabilities (Apr 25 2005)
- [ GLSA 200504-19 ] MPlayer: Two heap overflow vulnerabilities (Apr 20 2005)
maty siman
- Yet Another Forum.net XSS vulnerabilities (Apr 02 2005)
Max Cerny
- [exploits] phpMyVisites 1.3 local file retrieval (Apr 26 2005)
Max Moser
- Sanboxed browsing and authentication credentials (Apr 05 2005)
McAllister, Andrew
- RE: PayPal "security" measures (Apr 06 2005)
- RE: PayPal "security" measures (Apr 04 2005)
Michael Roitzsch
- xine security announcement: multiple heap overflows in MMS and Real RTSP streaming clients (Apr 21 2005)
Michael Rueve
- AW: PayPal "security" measures (Apr 03 2005)
Michael Samuel
- Re: [HACKERS] Postgres: pg_hba.conf, md5, pg_shadow, encrypted (Apr 21 2005)
Microsoft Security Response Center
- How to Report a Security Vulnerability to Microsoft (Apr 08 2005)
Mike Fratto
- RE: [HACKERS] Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords (Apr 21 2005)
- RE: [HACKERS] Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords (Apr 21 2005)
- RE: [HACKERS] Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords (Apr 21 2005)
mike_at_genxweb.net
- Re: AW: PayPal 'security' measures (Apr 04 2005)
mikx
- Firesearching 1 + 2 [Firefox 1.0.2] (Apr 18 2005)
- Firelinking [Firefox 1.0.2] (Apr 18 2005)
Mohit Muthanna
- OT: Two Factor Authentication on Linux / Mac / Windows (Apr 28 2005)
msdarkflyer_at_linuxmail.org
- Directoy Traversal Attack in apexec.pl (.%00./-Bug) (Apr 19 2005)
Next Generation Insight Security Research (NGS Software)
- Remote Buffer Overflow in Lotus Domino (Apr 12 2005)
NGSSoftware Insight Security Research
- High risk flaw in HP OpenView Radia Management Agent (Apr 28 2005)
- Windows kernel overflow fixed (Apr 13 2005)
- Multiple High Risk flaws fixed in Oracle (Apr 12 2005)
- Multiple medium risk flaws fixed in new version of PHP (late advisory) (Apr 12 2005)
- Patch available for critical Veritas i3 Server vulnerability (Apr 12 2005)
- Sybase ASE Multiple Security Issues (#NISR05042005) (Apr 05 2005)
nibbler999_at_users.sf.net
- Re: Vulnerability in Coppermine Photo Gallery 1.3.* (Apr 20 2005)
Nicob
- Re: New auto download / install / exploit URL? (Apr 28 2005)
Nicolas Montoza
- Possible XSS in User-Agent (Apr 24 2005)
- E-Cart v1.1 Remote Command Execution (Apr 23 2005)
- WordPress XSS and HTML injection (Apr 11 2005)
Oliver Karow
- SonicWALL SOHO/10 - XSS vulnerability (Apr 04 2005)
OpenPKG
- [OpenPKG-SA-2005.006] OpenPKG Security Advisory (mysql) (Apr 20 2005)
- [OpenPKG-SA-2005.005] OpenPKG Security Advisory (imapd) (Apr 05 2005)
Oriol Torrent Santiago
- phpMyAdmin Cross-site Scripting Vulnerability (Apr 04 2005)
Overflow.pl
- [Overflow.pl] Libsafe - Safety Check Bypass Vulnerability (Apr 15 2005)
- [Overflow.pl] GOCR - Multiple vulnerabilities (Apr 15 2005)
Ovidiu Constantin
- Re: BitDefender 8 - Race condition vulnerability (Apr 25 2005)
pak_ml
- RE: Netflix Site may assist Phishing (Apr 28 2005)
pasquale minervini
- possible privilege escalation on Sco OpenServer 5.0.7 (Apr 03 2005)
patr0n_at_nm.ru
- Local buffer overflow on Aeon<=0.2a (Apr 04 2005)
patrick
- Re: Microsoft Windows image rendering DoS vuln (Apr 21 2005)
- Re: Microsoft Windows image rendering DoS vuln (Apr 20 2005)
Paul J Docherty
- Portcullis Security Advisory 05-012 Ebay Session Riding Vulnerability (Apr 19 2005)
Paul Laudanski
- NY sues Spyware Intermix, funded by Tiaa-Cref (Apr 28 2005)
- Re: -==phpBB 2.0.14 Multiple Vulnerabilities==- (Apr 23 2005)
- Re: Http Response Splitting Vulnerability In PHP-NUKE 7.6 and below (Apr 15 2005)
- Re: [SECURITYREASON.COM] PhpNuke 7.6=>x Multiple vulnerabilities cXIb8O3.12 (Apr 08 2005)
Pavel Kankovsky
- Re: ================================ GNU Core Utilities race condition file-permissions vulnerability ================================ Software: mkdir, mknod, mkfifo Version: Part of GNU Core Utilities 5. (Apr 16 2005)
Peachtree Linux Security Team
- [PLSN-0005] new cvs package available (Apr 25 2005)
- [PLSN-0006] new libexif package available (Apr 25 2005)
- [PLSN-0007] new libcdaudio package available (Apr 25 2005)
- [PLSN-0003] - Remote exploits in MPlayer (Apr 21 2005)
- [PLSN-0001] - Multiple vulnerabilities in Gaim (Apr 21 2005)
- [PLSN-0002] - Multiple vulnerabilities in Gaim (Apr 21 2005)
- [PLSN-0003] - Remote exploits in mplayer (Apr 22 2005)
- [PLSN-0002] - Multiple vulnerabilities in Gaim (Apr 21 2005)
- [PLSN-0001] - Multiple PHP vulnerabilities (Apr 21 2005)
- [PLSN-0004] - Buffer overflow in PostgreSQL (Apr 21 2005)
Peter J. Holzer
- Re: gzip TOCTOU file-permissions vulnerability (Apr 15 2005)
- Re: gzip TOCTOU file-permissions vulnerability (Apr 13 2005)
Philippe Oechslin
- windux-linux-gui-rainbow-lanman-cracker released (Apr 15 2005)
piker piker
- Vulnerability kali's tagboard (Apr 21 2005)
Piotr Bania
- RealNetworks RealPlayer/RealOne Player/Helix Player Remote Heap Overflow (Apr 19 2005)
- (PAPER) "Vision of danger: The Firefox Greasemonkey" (Mar 31 2005)
please_reply_to_security_at_sco.com
- UnixWare 7.1.4 UnixWare 7.1.3 UnixWare 7.1.1 : telnet client multiple issues (Apr 08 2005)
- OpenServer 5.0.6 OpenServer 5.0.7 : cscope local attacker can remove arbitrary files (Apr 07 2005)
- UnixWare 7.1.4 : cdrecord local root exploit (Apr 07 2005)
- UnixWare 7.1.4 : libtiff Multiple vulnerabilities (Apr 07 2005)
- UnixWare 7.1.4 UnixWare 7.1.3 UnixWare 7.1.1 : CDE dtlogin unspecified double free (Apr 07 2005)
- OpenServer 5.0.6 OpenServer 5.0.7 : termsh atcronsh auditsh environment buffer overflows (Apr 07 2005)
Pluf
- 7a69Adv#23 - Jar tool directory transversal vulnerability (Apr 11 2005)
pokley
- runcms/e-xoops 1.1A and below file upload vulnerability (Apr 05 2005)
psz_at_maths.usyd.edu.au
- Re: gzip TOCTOU file-permissions vulnerability (Apr 13 2005)
Rafael San Miguel Carrasco
- JavaMail allows directory traversal in attachments (Apr 12 2005)
Rager, Anton (Anton)
- RE: Capital One's website inadvertently assists phishing (Apr 27 2005)
Rainer Duffner
- Re: AW: PayPal "security" measures (Apr 04 2005)
Randy
- Re: Microsoft Windows image rendering DoS vuln (Apr 21 2005)
Ravish Ahuja
- RE: [NOBYTES.COM: #6] CubeCart 2.0.6 - Information Disclosure (Apr 06 2005)
Reed Arvin
- Buffer overflow in KMiNT21 Software Golden FTP Server Pro v2.52 (10.04.2005) (Apr 27 2005)
- Privilege escalation in BulletProof FTP Server v2.4.0.31 (Apr 27 2005)
- Privilege escalation in BakBone NetVault 7.1 (Apr 27 2005)
Richard Moore
- Re: crontab from vixie-cron allows read other users crontabs (Apr 06 2005)
Richard Stanway
- RE: Miranda IM and Miranda Installer Let Local Users Execute Arbitrary Code (Apr 11 2005)
Robert Escue
- Re: Solaris 10 Containers / Zones Security Flaw (Apr 02 2005)
rock master
- SQL INJECTION in DLMan Pro. PHPBB Mod. (Apr 04 2005)
- SQL INJECTION in LinksLinks Pro. PHPBB Mod. (Apr 04 2005)
Rod Taylor
- Re: [HACKERS] Postgres: pg_hba.conf, md5, pg_shadow, encrypted (Apr 21 2005)
Romain Francoise
- Re: tcpdump[v3.8.x/v3.9.1]: ISIS, BGP, and LDP infinite loop DOS exploits. (Apr 27 2005)
- Re: tcpdump(/ethereal)[]: (RSVP) rsvp_print() infinite loop DOS. (Apr 27 2005)
Rom�n Ram�rez
- Logics Software BS2000 Host to Web Client ALL PLATFORMS (Apr 05 2005)
Salim Gasmi
- Gld 1.5 released (security fix) (Apr 13 2005)
Sara Togian
- Netflix Site may assist Phishing (Apr 28 2005)
Scott Gifford
- Re: gzip TOCTOU file-permissions vulnerability (Apr 14 2005)
Scott Grayban
- Re: Security contact at sourceforge? (Apr 28 2005)
- insecure user account lam-runtime-7.0.6-2mdk rpm (Apr 28 2005)
Scovetta, Michael V
- RE: Possible XSS in User-Agent (Apr 25 2005)
Sebastian Krahmer
- SUSE Security Announcement: cvs (SUSE-SA:2005:024) (Apr 18 2005)
sebastian_at_nohn.net
- Re: serendipity SQL Injection vulnerability (Apr 14 2005)
SecuBox fRoGGz
- dBpowerAMP Auxiliary - Abnormal execution (Apr 25 2005)
- BitDefender 8 - Race condition vulnerability (Apr 22 2005)
Secure Computer Group
- [CAN-2005-1062] Administration protocol abuse allows local/remote password cracking (Apr 29 2005)
- [CAN-2005-1063] Administration protocol abuse leads to Service and System Denial of Service (Apr 29 2005)
security curmudgeon
- Re: Vulnerability kali's tagboard (Apr 28 2005)
security_at_rsnapshot.org
- rsnapshot Security Advisory 001 (Apr 10 2005)
SecurityReason
- Full path disclosure and XSS in PHPNuke (Apr 03 2005)
sh0rtie
- Re: PayPal "security" measures (Apr 06 2005)
shadown
- ADV: NetTerm's NetFtpd 4.2.2 Buffer Overflow + PoC Exploit (Apr 26 2005)
Shalom Carmel
- Canonicalization and directory traversal in iSeries FTP security products (Apr 20 2005)
- Enumeration of AS/400 users and their status via POP3 (Apr 14 2005)
- Disclosure of AS/400 user accounts via the FTP server (Apr 04 2005)
- Reverse shell using netcat on AS/400 (Mar 31 2005)
ShineShadow
- Multiple vulnerabilities in Argosoft Mail Server 1.8.7.6 (Apr 22 2005)
Sieg Fried
- ZRCSA-200501 - Multiple vulnerabilities in Claroline (Apr 27 2005)
snsadv
- [SNS Advisory No.80] nProtect:Netizen Arbitrary File Download Vulnerability (Apr 25 2005)
Son SonOfLilit
- Re: [HV-HIGH] Microsoft Jet DB engine vulnerabilities (Apr 04 2005)
sonderling
- Mac OS X Cocktail 3.5.4 admin password disclosure (Apr 29 2005)
sp3x
- [SECURITYREASON.COM] Full path disclosure and XSS in PHPNuke part 3 (Apr 05 2005)
SPI Labs
- IBM WebSphere Widespread configuration JSP disclosure (Apr 13 2005)
SSC Advisory Notice
- Secure Science Corporation Application Software Advisory 055 (Apr 20 2005)
Status-x
- phpBB Upload Script "up.php" Arbitrary File Upload (Apr 07 2005)
Stephen Frost
- Re: [HACKERS] Postgres: pg_hba.conf, md5, pg_shadow, encrypted (Apr 23 2005)
- Re: [HACKERS] Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords (Apr 21 2005)
- Re: [HACKERS] Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords (Apr 21 2005)
- Re: [HACKERS] Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords (Apr 21 2005)
- Re: [HACKERS] Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords (Apr 20 2005)
- Re: [HACKERS] Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords (Apr 21 2005)
- Re: Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords (Apr 20 2005)
- Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords (Apr 20 2005)
Steve G
- Re: cpio TOCTOU file-permissions vulnerability (Apr 19 2005)
Steve Grubb
- Re: bzip2 TOCTOU file-permissions vulnerability (Apr 14 2005)
- Re: gzip TOCTOU file-permissions vulnerability (Apr 14 2005)
- Re: bzip2 TOCTOU file-permissions vulnerability (Apr 02 2005)
Steve Shockley
- Re: [HV-HIGH] Microsoft Jet DB engine vulnerabilities (Apr 03 2005)
Steven M. Christey
- Re: SQL-injections in Invision Power Board v2.0.1 (Apr 26 2005)
steven_at_lovebug.org
- Discovering and Stopping Phishing/Scam Attacks (Apr 26 2005)
Stuart Pearson
- Microsoft Jet (msjet40.dll) Exploit (Apr 11 2005)
Sumy
- How to write remote exploits ( V. 1.1) (Apr 01 2005)
- (Paper) Programming: The Heart of Web Security (Mar 31 2005)
Sune Kloppenborg Jeppesen
- [ GLSA 200504-28 ] Heimdal: Buffer overflow vulnerabilities (Apr 28 2005)
- [ GLSA 200504-26 ] Convert-UUlib: Buffer overflow (Apr 26 2005)
- [ GLSA 200504-25 ] Rootkit Hunter: Insecure temporary file creation (Apr 26 2005)
- [ GLSA 200504-23 ] Kommander: Insecure remote script execution (Apr 22 2005)
- [ GLSA 200504-22 ] KDE kimgio: PCX handling buffer overflow (Apr 22 2005)
- UPDATE: [ GLSA 200410-10 ] gettext: Insecure temporary file handling (Apr 22 2005)
- UPDATE: [ GLSA 200504-16 ] CVS: Multiple vulnerabilities (Apr 22 2005)
- [ GLSA 200504-17 ] XV: Multiple vulnerabilities (Apr 18 2005)
- [ GLSA 200504-16 ] CVS: Multiple vulnerabilities (Apr 18 2005)
- [ GLSA 200504-14 ] monkeyd: Multiple vulnerabilities (Apr 15 2005)
- [ GLSA 200504-13 ] OpenOffice.Org: DOC document Heap Overflow (Apr 15 2005)
- [ GLSA 200504-11 ] JunkBuster: Multiple vulnerabilities (Apr 13 2005)
- [ GLSA 200504-10 ] Gld: Remote execution of arbitrary code (Apr 13 2005)
Team SHATTER
- [AppSecInc Team SHATTER Security Advisory] SQL Injection in ALTER_MANUALLOG_CHANGE_SOURCE procedure (Apr 18 2005)
- [AppSecInc Team SHATTER Security Advisory] Multiple SQL Injection vulnerabilities in DBMS_METADATA package (Apr 18 2005)
- [AppSecInc Team SHATTER Security Advisory] Denial of Service in Oracle interMedia (Apr 18 2005)
- [AppSecInc Team SHATTER Security Advisory] SQL Injection in CREATE_SCN_CHANGE_SET procedure (Apr 18 2005)
- [AppSecInc Team SHATTER Security Advisory] Multiple SQL Injection vulnerabilities in DBMS_CDC_SUBSCRIBE and DBMS_CDC_ISUBSCRIBE packages (Apr 18 2005)
Terencentanio Enache
- myPHP Forum v3 (possible v1 & 2 also) Identification 'spoof' (Apr 26 2005)
The Dark Tangent
- DEF CON - New CTF Organizers chosen! (Apr 28 2005)
Theodor Milkov
- Re: gzip TOCTOU file-permissions vulnerability (Apr 13 2005)
Thierry Carrez
- [ GLSA 200504-27 ] xine-lib: Two heap overflow vulnerabilities (Apr 26 2005)
- [ GLSA 200504-21 ] RealPlayer, Helix Player: Buffer overflow vulnerability (Apr 22 2005)
- [ GLSA 200504-20 ] openMosixview: Insecure temporary file creation (Apr 21 2005)
- [ GLSA 200504-18 ] Mozilla Firefox, Mozilla Suite: Multiple vulnerabilities (Apr 19 2005)
- [ GLSA 200504-15 ] PHP: Multiple vulnerabilities (Apr 18 2005)
- [ GLSA 200504-12 ] rsnapshot: Local privilege escalation (Apr 13 2005)
- UPDATE: [ GLSA 200503-35 ] Smarty: Template vulnerability (Apr 10 2005)
- [ GLSA 200504-07 ] GnomeVFS, libcdaudio: CDDB response overflow (Apr 08 2005)
- [ GLSA 200504-04 ] mit-krb5: Multiple buffer overflows in telnet client (Apr 06 2005)
- [ GLSA 200504-03 ] Dnsmasq: Poisoning and Denial of Service vulnerabilities (Apr 04 2005)
- [ GLSA 200504-02 ] Sylpheed, Sylpheed-claws: Buffer overflow on message display (Apr 02 2005)
- [ GLSA 200504-01 ] telnet-bsd: Multiple buffer overflows (Apr 01 2005)
Thor (Hammer of God)
- Re: [HV-HIGH] Microsoft Jet DB engine vulnerabilities (Apr 03 2005)
- Re: [HV-HIGH] Microsoft Jet DB engine vulnerabilities (Mar 31 2005)
Tino Wildenhain
- Re: [HACKERS] Postgres: pg_hba.conf, md5, pg_shadow, encrypted (Apr 21 2005)
- Re: [HACKERS] Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords (Apr 21 2005)
tom cruise
- phpBB datenbank mod has XSS/SQL Injection in the id variable (Apr 16 2005)
- Pafiledb ACTION Parameter XSS (Apr 08 2005)
Tom Lane
- Re: [HACKERS] Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords (Apr 20 2005)
- Re: [HACKERS] Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords (Apr 20 2005)
- Re: [HACKERS] Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords (Apr 20 2005)
Trustix Security Advisor
- TSLSA-2005-0015 - postgresql (Apr 25 2005)
- TSLSA-2005-0013 - cvs (Apr 21 2005)
- TSLSA-2005-0011 - kernel (Apr 05 2005)
Vade 79
- tcpdump[v3.8.x/v3.9.1]: ISIS, BGP, and LDP infinite loop DOS exploits. (Apr 26 2005)
- tcpdump(/ethereal)[]: (RSVP) rsvp_print() infinite loop DOS. (Apr 26 2005)
- sumus[v0.2.2]: (httpd) remote buffer overflow exploit. (Apr 13 2005)
ViPeR
- RE: IE - cross site click detection? (Apr 27 2005)
- IE - cross site click detection? (Apr 26 2005)
vorlon_at_gentoo.org
- [ GLSA 200504-09 ] Axel: Vulnerability in HTTP redirection handling (Apr 12 2005)
vuln_at_hexview.com
- [HV-HIGH] Microsoft Jet DB engine vulnerabilities (Mar 31 2005)
WBG Links
- Window Washer 6.0: False Sense of Security (Apr 11 2005)
Williams, James K
- Computer Associates BrightStor ARCserve Backup and BrightStor Enterprise Backup UniversalAgent buffer overflow vulnerability (Apr 14 2005)
Yuri Gushin
- [ECL] Windows IP Options DoS POC [ECL] (Apr 17 2005)
Zinho
- [HSC Security Group] Ocean12 Mailing List Manager Pro SQL injection (Apr 28 2005)
- [HSC Security Group] Comersus v6 Script injection (Apr 26 2005)
- [Hackers Center Security Group] Sqwebmail Http Splitting Vulnerability (Apr 25 2005)
- [HSC Security Group] Ocean12 Calendar manager 1.01 SQL injection (Apr 20 2005)
zwell zwell
- ms05016 POC (Apr 13 2005)