Bugtraq: by thread

[ GLSA 200508-01 ] Compress::Zlib: Buffer overflow Sune Kloppenborg Jeppesen (Jul 31 2005)
[SVadvisory] - SQL injection in OpenBook 1.2.2 svt_at_svt.nukleon.us (Jul 30 2005)
The Java applet sandbox and stateful firewalls Florian Weimer (Jul 30 2005)
- Re: [VulnWatch] The Java applet sandbox and stateful firewalls Dinis Cruz (Aug 01 2005)
  - Re: [VulnWatch] The Java applet sandbox and stateful firewalls Florian Weimer (Aug 01 2005)
PHPList Vunerability ziot_at_whataboutpp.com (Jul 31 2005)
Buffer overflow in BusinessMail email server system 4.60.00 Reed Arvin (Jul 31 2005)
[SECURITY] [DSA 771-1] New pdns packages fix denial of service Martin Schulze (Aug 01 2005)
ChurchInfo Multiple Vulnerabilities thegreatone2176_at_yahoo.com (Aug 01 2005)
TSLSA-2005-0038 - multi Trustix Security Advisor (Aug 01 2005)
Vulnerability in Trendmicro Officescan sylvain.roger_at_solucom.fr (Jul 28 2005)
ICMP attacks against TCP: Conclusions Fernando Gont (Jul 28 2005)
- Re: ICMP attacks against TCP: Conclusions Dan Yefimov (Aug 30 2005)
  - Re: ICMP attacks against TCP: Conclusions Damien Miller (Aug 30 2005)
RE: uguestbook exploit Earnhart, Benjamin J (Jul 28 2005)
Re: [BugTraq] Peter Gutmann data deletion theaory? Richard Clayton (Jul 28 2005)
[USN-157-1] Mozilla Thunderbird vulnerabilities Martin Pitt (Aug 01 2005)
MySQL Eventum Multiple Vulnerabilities GulfTech Security Research (Jul 31 2005)
[USN-158-1] gzip utility vulnerability Martin Pitt (Aug 01 2005)
Re: Peter Gutmann data deletion theaory? Michael Sierchio (Jul 27 2005)
[ GLSA 200507-28 ] AMD64 x86 emulation base libraries: Buffer overflow Thierry Carrez (Jul 30 2005)
RE: On classifying attacks Forte Systems - Iosif Peterfi (Jul 29 2005)
- RE: On classifying attacks Tim Nelson (Aug 01 2005)
  - RE: On classifying attacks Forte Systems - Iosif Peterfi (Aug 01 2005)
- Re: On classifying attacks Thierry Carrez (Aug 02 2005)
[USN-159-1] unzip vulnerability Martin Pitt (Aug 01 2005)
Re: LSS Security Advisory: Winamp remote buffer overflow vulnerability ljuranic_at_lss.hr (Jul 29 2005)
[security bulletin] SSRT5931 rev.1 Apache on HP-UX Remote Denial of Service and client restriction bypass security-alert_at_hp.com (Aug 01 2005)
Re: On classifying attacks Daniel Weber (Jul 28 2005)
- Re: On classifying attacks Crispin Cowan (Aug 03 2005)
- Re: On classifying attacks Shwaine (Aug 02 2005)
- Re: On classifying attacks Duncan Simpson (Jul 23 2005)
[ GLSA 200508-02 ] ProFTPD: Format string vulnerabilities Sune Kloppenborg Jeppesen (Aug 01 2005)
unzip TOCTOU file-permissions vulnerability Imran Ghory (Aug 01 2005)
Re: Trillian Ver 3.1 saves password's in plain Text security curmudgeon (Aug 02 2005)
- Re: Trillian Ver 3.1 saves password's in plain Text Suramya Tomar (Aug 01 2005)
- RE: Trillian Ver 3.1 saves password's in plain Text Darren Pilgrim (Aug 02 2005)
- Re: Trillian Ver 3.1 saves password's in plain Text Technica Forensis (Aug 03 2005)
  - Re: Trillian Ver 3.1 saves password's in plain Text Technica Forensis (Aug 03 2005)
Arab Portal ABDUCTER_MINDS_at_YAHOO.COM (Aug 01 2005)
HACK IN THE BOX SECURITY CONFERENCE 2005 alphademon (Aug 01 2005)
Quick 'n Easy FTP Server 3.0 pro / lite (buffer overflow vulnerabilities) matiteman_at_securityfocus.com, (Aug 02 2005)
- Re: Quick 'n Easy FTP Server 3.0 pro / lite (buffer overflow vulnerabilities) brom0815_at_gmx.de (Aug 02 2005)
  - Re: Re: Quick 'n Easy FTP Server 3.0 pro / lite (buffer overflow vulnerabilities) asierillo_at_gmail.com (Aug 03 2005)
VBZoom Cross Site Scripting Vulnerabilities almaster_at_hotmail.com (Jul 29 2005)
Re: Re : [Firefox Bug 302187] New: Shared section vulnerability when opening microsoft office document resulting in DoS Cesar (Jul 30 2005)
[ GLSA 200508-03 ] nbSMTP: Format string vulnerability Thierry Carrez (Aug 02 2005)
CAID 33239 - Computer Associates BrightStor ARCserve/Enterprise Backup Agents buffer overflow vulnerability Williams, James K (Aug 02 2005)
- Re: CAID 33239 - Computer Associates BrightStor ARCserve/Enterprise Backup Agents buffer overflow vulnerability cybertronic_at_gmx.net (Aug 03 2005)
- RE: CAID 33239 - Computer Associates BrightStor ARCserve/Enterprise Backup Agents buffer overflow vulnerability Williams, James K (Aug 05 2005)
[NOBYTES.COM: #8] Naxtor Shopping Cart 1.0 - Information Disclosure & Possible SQL Injection John Cobb (Aug 02 2005)
- Re: [NOBYTES.COM: #8] Naxtor Shopping Cart 1.0 - Information Disclosure & Possible SQL Injection Patrick Morris (Aug 02 2005)
  - Re: [NOBYTES.COM: #8] Naxtor Shopping Cart 1.0 - Information Disclosure & Possible SQL Injection ICool (Aug 08 2005)
- Re: [NOBYTES.COM: #8] Naxtor Shopping Cart 1.0 - Information Disclosure & Possible SQL Injection devfreedom_at_gmail.com (Aug 25 2005)
[security bulletin] SSRT5998 Rev.0 HP System Management Homepage (v2.0.x) Denial of Service (DoS) & XSS security-alert_at_hp.com (Aug 03 2005)
Zip 2,31 bad default file-permissions vulnerability Imran Ghory (Aug 02 2005)
- Re: Zip 2,31 bad default file-permissions vulnerability Lupe Christoph (Aug 04 2005)
  - Re: Zip 2,31 bad default file-permissions vulnerability Imran Ghory (Aug 04 2005)
    - Re: Zip 2,31 bad default file-permissions vulnerability Lupe Christoph (Aug 04 2005)
    - Re: Zip 2,31 bad default file-permissions vulnerability Stephen C Woods (Aug 04 2005)
      - Re: Zip 2,31 bad default file-permissions vulnerability Lupe Christoph (Aug 04 2005)
- Re: Zip 2,31 bad default file-permissions vulnerability Imran Ghory (Aug 05 2005)
iDEFENSE Security Advisory 08.02.05: CA BrightStor ARCserve Backup Agent for MS SQL Server Buffer Overflow iDEFENSE Labs (Aug 02 2005)
[SECURITY] [DSA 772-1] New apt-cacher package fixes arbitrary command execution Martin Schulze (Aug 02 2005)
MDKSA-2005:128 - Updated mozilla packages fix multiple vulnerabilities Mandriva Security Team (Aug 02 2005)
Coldfusion Fusebox V4.1.0 Vulnerability N.N.P (Aug 03 2005)
- Re: Coldfusion Fusebox V4.1.0 Vulnerability Ian Mitchell (Aug 03 2005)
- Re: Coldfusion Fusebox V4.1.0 Vulnerability steven_at_lovebug.org (Aug 03 2005)
Silvernews 2.0.3 (possibly previous versions ) SQL Injection / Login Bypass / Remote commands execution / cross site scripting retrogod_at_aliceposta.it (Aug 03 2005)
[security bulletin] SSRT4682 rev.0 - Oracle for Openview (OfO) Critical Patch Update July 2005 security-alert_at_hp.com (Aug 03 2005)
Re: ClamAV Multiple Rem0te Buffer Overflows Steven M. Christey (Aug 03 2005)
- Re: ClamAV Multiple Rem0te Buffer Overflows list_at_rem0te.com (Aug 03 2005)
Zone Alarm Security Contact David Cross (Aug 02 2005)
- Re: Zone Alarm Security Contact security curmudgeon (Aug 03 2005)
Microsoft ActiveSync information leak and spoofing 3APA3A (Aug 02 2005)
SUSE Security Announcement: several kernel security problems (SUSE-SA:2005:044) Ludwig Nussel (Aug 04 2005)
Scanning Software Bugs Dan.Creed_at_thecreeds.net (Aug 02 2005)
- Re: Scanning Software Bugs KF (lists) (Aug 04 2005)
- Re: Scanning Software Bugs Hugo van der Kooij (Aug 04 2005)
[USN-160-1] Apache 2 vulnerabilities Martin Pitt (Aug 04 2005)
[ GLSA 200507-29 ] pstotext: Remote execution of arbitrary code Stefan Cornelius (Jul 31 2005)
SQL IN PortailPHP ABDUCTER_MINDS_at_YAHOO.COM (Aug 04 2005)
- Re: SQL IN PortailPHP Steven M. Christey (Aug 07 2005)
RE: Trillian Ver 3.1 saves password's in plain Text Keith Phillips (Aug 02 2005)
- Re: Trillian Ver 3.1 saves password's in plain Text patrick (Aug 04 2005)
  - Re: Trillian Ver 3.1 saves password's in plain Text Suramya Tomar (Aug 05 2005)
FINAL Phrack Magazine release #63 is OUT phrackstaff_at_phrack.org (Aug 02 2005)
[USN-161-1] bzip2 utility vulnerability Martin Pitt (Aug 04 2005)
MDKSA-2005:129 - Updated apache2 packages fix vulnerabilities Mandriva Security Team (Aug 03 2005)
MDKSA-2005:130 - Updated apache packages fix vulnerabilities Mandriva Security Team (Aug 03 2005)
Cisco IOS Shellcode - McAfee IPS Protection planz 235 (Aug 04 2005)
- Re: Cisco IOS Shellcode - McAfee IPS Protection Darren Reed (Aug 05 2005)
Remote Password Compromise of Microsoft Active Sync 3.7.1 nospam_at_airscanner.com (Aug 03 2005)
MDKSA-2005:131 - Updated ethereal packages fix multiple vulnerabilities Mandriva Security Team (Aug 04 2005)
FlatNuke 2.5.5 (possibly prior versions) remote commands execution / cross site scripting / path disclosure (by rgod) retrogod_at_aliceposta.it (Aug 04 2005)
Re: uguestbook exploit security curmudgeon (Aug 05 2005)
Silvernews 2.0.3 remote command execution exploit, proxy server support! tsl_at_securityfocus.com, (Aug 05 2005)
[HSC Security Group] Multiple XSS in phpopenchat 3.0.2 zinho_at_hackerscenter.com (Aug 05 2005)
TSLSA-2005-0040 - multi Trustix Security Advisor (Aug 05 2005)
tar preserves setuid bit Imran Ghory (Aug 04 2005)
- Re: tar preserves setuid bit Neil McKellar (Aug 05 2005)
  - Re: tar preserves setuid bit Imran Ghory (Aug 05 2005)
    - Re: tar preserves setuid bit Jeremy C. Reed (Aug 09 2005)
- Re: tar preserves setuid bit Sean Comeau (Aug 05 2005)
- Re: GNU tar and the setuid bit David Watson (Aug 06 2005)
  - Re: GNU tar and the setuid bit David Watson (Aug 06 2005)
Comdev eCommerce config.php Vulnerability none_at_none.com (Aug 04 2005)
ipb Css bug(now public) virusishacker_at_gmail.com (Aug 04 2005)
- Re: ipb Css bug(now public) mattmecham_at_gmail.com (Aug 08 2005)
  - Re: ipb Css bug(now public) Nicolas Gregoire (Aug 08 2005)
Defeating Citi-Bank Virtual Keyboard Protection Debasis Mohanty (Aug 05 2005)
- Re: Defeating Citi-Bank Virtual Keyboard Protection Daniel Bonekeeper (Aug 05 2005)
- Re: [DCC SPAM] Defeating Citi-Bank Virtual Keyboard Protection Secure Science Corporation Bugtraq (Aug 07 2005)
- Re: Defeating Citi-Bank Virtual Keyboard Protection AsTriXs (Aug 05 2005)
Comdev eCommerce wce.download.php Download Vulnerability none_at_none.com (Aug 04 2005)
Root exploits in Lantonix Secure Console Server c0ntex_at_open-security.org (Aug 05 2005)
Vulnerability in ePing and eTrace plugins of e107 os2a.bto_at_gmail.com (Aug 05 2005)
[ GLSA 200508-04 ] Netpbm: Arbitrary code execution in pstopnm Thierry Carrez (Aug 05 2005)
[ GLSA 200508-05 ] Heartbeat: Insecure temporary file creation Sune Kloppenborg Jeppesen (Aug 06 2005)
Gravity Board X v1.1 multiple vulnerabilities retrogod_at_aliceposta.it (Aug 07 2005)
SQL IN Open Bulletin Board ABDUCTER_MINDS_at_YAHOO.COM (Aug 08 2005)
- Re: SQL IN Open Bulletin Board security curmudgeon (Aug 09 2005)
E107 + IPB XSS Exploit edward11_at_postmaster.co.uk (Aug 08 2005)
iDEFENSE Security Advisory 08.05.05: EMC Navisphere Manager Directory Traversal Vulnerability iDEFENSE Labs (Aug 05 2005)
XSS in forums CFBB v1.1.0 stormhacker_at_hotmail.com (Aug 05 2005)
Advisory 13/2005: Remote code execution in SysCP Christopher Kunz (Aug 08 2005)
[SVadvisory#13] - SQL injection in MYFAQ 1.0 svt_at_svt.nukleon.us (Aug 06 2005)
[AppSecInc Advisory MYSQL05-V0002] Buffer Overflow in MySQL User Defined Functions Team SHATTER (Aug 08 2005)
Re: Kent's Guestbook database exploit security curmudgeon (Aug 05 2005)
[USN-162-1] ekg and Gadu library vulnerabilities Martin Pitt (Aug 08 2005)
Creating a secret web site on IIS 5.x using Alternative Data Streams inge_eivind.henriksen_at_chello.no (Aug 04 2005)
- RE: Creating a secret web site on IIS 5.x using Alternative Data Streams James C Slora Jr (Aug 09 2005)
Nate User Password Disclosed By Anonymous saintlinu_at_null2root.org (Aug 04 2005)
nbSMTP v0.99 remote format string exploit coki_at_nosystem.com.ar (Aug 05 2005)
[AppSecInc Advisory MYSQL05-V0001] Improper Filtering of Directory Traversal Characters in MySQL User Defined Functions Team SHATTER (Aug 08 2005)
FunkBoard V0.66CF (possibly prior versions) cross site scripting, possible database username/password disclosure & board takeover,possible remote code execution retrogod_at_aliceposta.it (Aug 08 2005)
[AppSecInc Advisory MYSQL05-V0003] Multiple Issues with MySQL User Defined Functions Team SHATTER (Aug 08 2005)
[USN-163-1] xpdf vulnerability Martin Pitt (Aug 09 2005)
Apple Safari & Javascript - KERN_INVALID_ADDRESS (0x0001) Patrick Webster (Aug 09 2005)
Sql injection and global variables poisoning in XMB Forum 1.9.1 heintz_at_hotmail.com (Aug 09 2005)
Bugtraq ID: 14460 : Coldfusion Fusebox V4.1.0 Vulnerability Adrocknaphobia (Aug 09 2005)
iDEFENSE Security Advisory 08.09.05: AWStats ShowInfoURL Remote Command Execution Vulnerability iDEFENSE Labs (Aug 09 2005)
Mozilla Firefox up to 1.0.6 and Mozilla Thunderbird up to 1.0 url string obfuscation Marc Ruef (Aug 09 2005)
[security bulletin] SSRT5940 rev.1 - HP-UX Mozilla remote, unauthorized user may execute privileged code security-alert_at_hp.com (Aug 09 2005)
BID 14355, VERITAS NetBackup 5.1 Time Stamp Vulnerability secure_at_symantec.com (Aug 09 2005)
Design Flaw at Microsoft's AntiSpyware manolisgavriil_at_hotmail.com (Aug 05 2005)
[security bulletin] SSRT051005 rev.0 - HP ProLiant DL585 Servers Unauthorized Remote Access security-alert_at_hp.com (Aug 10 2005)
[security bulletin] SSRT5957 rev.0 - HP Tru64 UNIX IPSEC Tunnel ESP Mode Remote Unauthorized Disclosure of Encrypted Data Security Alert (Aug 10 2005)
[security bulletin] SSRT5998 rev.1 - HP System Management Homepage (v2.0.x) Denial of Service (DoS) and XSS security-alert_at_hp.com (Aug 10 2005)
NSFOCUS SA2005-02 : Microsoft IE Devenum.dll COM Instantiation Remote Code Execution Vulnerability NSFOCUS Security Team (Aug 09 2005)
[KDE Security Advisory] kpdf temp file writing DoS vulnerability Dirk Mueller (Aug 09 2005)
Help put a stop to incompetent computer forensics Jason Coombs (Aug 09 2005)
- RE: [Full-disclosure] Help put a stop to incompetent computer forensics Christopher Day (Aug 09 2005)
Full path disclosure in CaLogic 1.22 and possible in older versions. gb.network_at_gmail.com (Aug 09 2005)
CoolWebSearch found in massive spyware ring Paul Laudanski (Aug 09 2005)
MDKSA-2005:132 - Updated heartbeat packages fix temporary file vulnerabilities Mandriva Security Team (Aug 10 2005)
MDKSA-2005:133 - Updated netpbm packages fix temporary file vulnerabilities Mandriva Security Team (Aug 10 2005)
Evolution multiple remote format string bugs sitic_at_pts.se (Aug 10 2005)
Privilege escalation in Nortel Contivity VPN Client V05_01.030 Jeff Peadro (Aug 10 2005)
ms05038 exploit poc (down&execute) zwell_at_sohu.com (Aug 11 2005)
ISS vs. Cisco: Chapter 2 FX (Aug 11 2005)
- Re: ISS vs. Cisco: Chapter 2 Florian Weimer (Aug 11 2005)
High Risk Vulnerability in Novell eDirectory Server NGSSoftware Insight Security Research (Aug 11 2005)
[USN-166-1] Evolution vulnerabilities Martin Pitt (Aug 11 2005)
Re: Compromising pictures of Microsoft Internet Explorer! Michal Zalewski (Aug 11 2005)
[USN-164-1] netpbm vulnerability Martin Pitt (Aug 11 2005)
[USN-165-1] heartbeat vulnerability Martin Pitt (Aug 11 2005)
SUSE Security Announcement: Mozilla various security problems (SUSE-SA:2005:045) Marcus Meissner (Aug 11 2005)
[SECURITY] [DSA 773-1] New amd64 packages fix several bugs Martin Schulze (Aug 11 2005)
Privilege escalation in Network Associates ePolicy Orchestrator Agent 3.5.0 (patch 3) Reed Arvin (Aug 11 2005)
MDKSA-2005:138 - Updated cups packages fix vulnerability Mandriva Security Team (Aug 11 2005)
remote DOS on Wyse thin client 1125SE Josh Zlatin-Amishav (Aug 10 2005)
MDKSA-2005:137 - Updated ucd-snmp packages fix a DoS vulnerability Mandriva Security Team (Aug 11 2005)
MDKSA-2005:135 - Updated kdegraphics packages fix vulnerability Mandriva Security Team (Aug 11 2005)
[FLSA-2005:129284] Updated spamassassin package fixes security issue Marc Deslauriers (Aug 10 2005)
[FLSA-2005:152889] Updated mc packages fix security issues Marc Deslauriers (Aug 10 2005)
[FLSA-2005:157696] Updated gzip package fixes security issues Marc Deslauriers (Aug 10 2005)
[FLSA-2005:157701] Updated Apache httpd packages fix security issues Marc Deslauriers (Aug 10 2005)
MDKSA-2005:136 - Updated gpdf packages fix vulnerability Mandriva Security Team (Aug 11 2005)
MDKSA-2005:134 - Updated xpdf packages fix vulnerability Mandriva Security Team (Aug 11 2005)
Xoops 2.2.1 Full Path Disclosure none_at_none.com (Aug 12 2005)
- Re: Xoops 2.2.1 Full Path Disclosure kato (Aug 12 2005)
[SECURITY] [DSA 774-1] New fetchmail packages fix arbitrary code execution Martin Schulze (Aug 12 2005)
(MS05-039) Microsoft Windows Plug-and-Play Service Remote Overflow (Universal Exploit + no crash shellcode) houseofdabus (Aug 12 2005)
FW: Updated Version & Exploit - Privilege escalation in Nortel Contivity VPN Client V05_01.030 Jeff Peadro (Aug 12 2005)
My Bulletin Board RC 4 Vulnerabilities phuket (Aug 12 2005)
Insecure directory permissions of default installation of Kaspersky Anti-Virus for Unix/Linux File Servers will lead to local root exploit Dr. Peter Bieringer (Aug 12 2005)
Windows 2000 universal exploit for MS05-039 sl0ppy_at_hush.ai (Aug 11 2005)
Privilege escalation in Linksys WLAN Monitor v2.0 Reed Arvin (Aug 12 2005)
Bluetooth: Theft of Link Keys for Fun and Profit? KF (lists) (Aug 11 2005)
Grandstream Budge Tone 101/102 DoS Vulnerability Kroma Pierre (Aug 12 2005)
[USN-168-1] Gaim vulnerabilities Martin Pitt (Aug 12 2005)
Low security hole affecting Mentor's ADSLFR4II router Tim Brown (Aug 13 2005)
JaguarControl Activex Buffer Overflow Tacettin Karadeniz (Aug 13 2005)
SQL in PHPTB Topic Boards 2.0 almaster_at_hotmail.com (Aug 13 2005)
[DRUPAL-SA-2005-004] Drupal 4.6.3 / 4.5.5 fixes critical XML-RPC issue Uwe Hermann (Aug 14 2005)
Advisory 15/2005: PHPXMLRPC Remote PHP Code Injection Vulnerability Stefan Esser (Aug 15 2005)
Advisory 14/2005: PEAR XML_RPC Remote PHP Code Injection Vulnerability Stefan Esser (Aug 15 2005)
Vulnerability found in CPAINT Ajax Toolkit wiley14_at_gmail.com (Aug 15 2005)
- RE: Vulnerability found in CPAINT Ajax Toolkit Thor Larholm (Aug 16 2005)
[SECURITY] [DSA 761-2] New heartbeat packages fix insecure temporary files Martin Schulze (Aug 15 2005)
drone armies C&C report - July/2005 Gadi Evron (Aug 15 2005)
[SECURITY] [DSA 775-1] New Mozilla packages fix frame injection spoofing vulnerability Martin Schulze (Aug 15 2005)
[ GLSA 200508-06 ] Gaim: Remote execution of arbitrary code Sune Kloppenborg Jeppesen (Aug 14 2005)
Technical Note by Amit Klein: Detecting and Preventing HTTP Response Splitting and HTTP Request Smuggling Attacks at the TCP Le Amit Klein (AKsecurity) (Aug 15 2005)
Serious flaw in Linksys wireless AP password security Steve Scherf (Aug 15 2005)
Re: FunkBoard V0.66CF (possibly prior versions) cross site scripting, possible database username/password disclosure & board takeover,possible remote code execution colin_at_funkboard.co.uk (Aug 13 2005)
Serious flaw in Linksys wireless AP password security Steve Scherf (Aug 14 2005)
- RE: Serious flaw in Linksys wireless AP password security Robert Thompson Jr. (Aug 15 2005)
  - Re: Serious flaw in Linksys wireless AP password security Steve Scherf (Aug 16 2005)
- RE: Serious flaw in Linksys wireless AP password security Robert Thompson Jr. (Aug 16 2005)
MDKSA-2005:139 - Updated gaim packages fix yet more vulnerabilities Mandriva Security Team (Aug 15 2005)
Corsaire Security Advisory: HP Ignite-UX passwd file disclosure issue advisories (Aug 16 2005)
MDKSA-2005:140 - Updated proftpd packages fix format string vulnerabilities Mandriva Security Team (Aug 15 2005)
249bytes reverse shellcode with "nooil tricks methods" msuiche_at_gmail.com (Aug 14 2005)
Corsaire Security Advisory: HP Ignite-UX filesystem permissions issue advisories (Aug 16 2005)
[SECURITY] [DSA 776-1] New clamav packages fix several problems Martin Schulze (Aug 16 2005)
SUSE Security Announcement: apache, apache2 request smuggling problem (SUSE-SA:2005:046) Marcus Meissner (Aug 16 2005)
[NOBYTES.COM: #9] ECW Shop 6.0.2 - Multiple Vulnerabilities John Cobb (Aug 15 2005)
[ GLSA 200508-07 ] AWStats: Arbitrary code execution using malicious Referrer information Sune Kloppenborg Jeppesen (Aug 15 2005)
[ GLSA 200508-08 ] Xpdf, Kpdf, GPdf: Denial of Service vulnerability Sune Kloppenborg Jeppesen (Aug 15 2005)
SQL injection in Persianblog alireza hassani (Aug 16 2005)
- Re: SQL injection in Persianblog nummish (Aug 16 2005)
Hummingbird FTP Weak Password Encryption nnposter_at_users.sourceforge.net (Aug 14 2005)
Re: [Full-disclosure] Privilege escalation in Network Associates ePolicy Orchestrator Agent 3.5.0 (patch 3) NoBrain NoPain (Aug 15 2005)
- Re: [Full-disclosure] Privilege escalation in Network Associates ePolicy Orchestrator Agent 3.5.0 (patch 3) Reed Arvin (Aug 15 2005)
  - Re: [Full-disclosure] Privilege escalation in Network Associates ePolicy Orchestrator Agent 3.5.0 (patch 3) sec-list_at_nolog.org (Aug 15 2005)
Win32 Port of Nessusd Tom Stracener (Aug 16 2005)
- Re: Win32 Port of Nessusd Michael Boman (Aug 17 2005)
[security bulletin] SSRT4874 rev.0 - HP-UX Ignite-UX Remote Unauthorized Access Boren, Rich (HP SSRT) (Aug 16 2005)
Cisco Security Advisory: Cisco Clean Access Unauthenticated API Access Cisco Systems Product Security Incident Response Team (Aug 17 2005)
NOVL-2005010098073 GroupWise Password Caching Ed Reed (Aug 17 2005)
[SECURITYREASON.COM] phpAdsNew/phpPgAds 2.0.5 Local file inclusion cXIb8O3.16 max_at_jestsuper.pl (Aug 17 2005)
Buffer-overflow in Chris Moneymaker's World Poker Championship 1.0 Luigi Auriemma (Aug 17 2005)
SQL injection in mediabox404 v1.2 cedric_at_securityfocus.com (Aug 16 2005)
[SECURITY] [DSA 777-1] New Mozilla packages fix frame injection spoofing vulnerability Martin Schulze (Aug 17 2005)
- Re: [SECURITY] [DSA 777-1] New Mozilla packages fix frame injection spoofing vulnerability Douglas Duckworth (Aug 18 2005)
PHPTB Topic Board <= 20: Multiple PHP injection vulnerabilities goszynskif_at_gmail.com (Aug 17 2005)
Unicode Buffer Overflow in WinFtp Server 1.6.8 Donato Ferrante (Aug 17 2005)
- Bypassing the new /GS protection in VC++ 7.1 D K (Aug 17 2005)
[PHPADSNEW-SA-2005-001] phpAdsNew and phpPgAds 2.0.6 fix multiple vulnerabilities Matteo Beccati (Aug 17 2005)
[ GLSA 200508-09 ] bluez-utils: Bluetooth device name validation vulnerability Sune Kloppenborg Jeppesen (Aug 17 2005)
MSN Messenger Password Decrypter for WinXP/2003 ViPeR (Aug 17 2005)
Internet Explorer 6 Meta Refresh Parsing Weakness Moritz Naumann (Aug 17 2005)
Juniper Netscreen VPN Username Enumeration Vulnerability Roy Hills (Aug 18 2005)
mutt buffer overflow Peter Valchev (Aug 18 2005)
- Re: [Full-disclosure] mutt buffer overflow Frank Denis (Jedi/Sector One) (Aug 18 2005)
Zorum 3.5 remote code execution poc exploit retrogod_at_aliceposta.it (Aug 18 2005)
Password Disclosure in Whisper32 Alexey Agapov (Aug 18 2005)
Sensitive Information Disclosure Vulnerability in Kinetics Kiosk Product Jason Coombs (Aug 18 2005)
- Re: Sensitive Information Disclosure Vulnerability in Kinetics Kiosk Product Jay D. Dyson (Aug 18 2005)
  - Re: Sensitive Information Disclosure Vulnerability in Kinetics Kiosk Product Zow (Aug 18 2005)
Bluez hcid popen() explained. KF (lists) (Aug 17 2005)
BBCaffe 2.0 cross site scripting poc retrogod_at_liceposta.it (Aug 18 2005)
MDKSA-2005:143 - Updated kdegraphics packages fix kfax vulnerability Mandriva Security Team (Aug 17 2005)
MDKSA-2005:142 - Updated libtiff packages fixes vulnerability Mandriva Security Team (Aug 17 2005)
MDKSA-2005:141 - Updated evolution packages fixes format string vulnerabilities Mandriva Security Team (Aug 17 2005)
runcms highlight.php hole Security Lists (Aug 17 2005)
PHPFreeNews V1.40 and prior Multiple Vulnerabilities h4cky0u_at_gmail.com (Aug 17 2005)
DevC++ V.4.9.9.2 NULL BYTE INSERTION / OBFUSCATION FLAW (by rgod) retrogod_at_aliceposta.it (Aug 18 2005)
MDKSA-2005:144 - Updated wxPythonGTK packages several vulnerabilities Mandriva Security Team (Aug 18 2005)
UnixWare 7.1.4 UnixWare 7.1.3 : cpio race condition and directory traversal issues fixed. please_reply_to_security_at_sco.com (Aug 18 2005)
w-agora 4.2.0 and prior Remote Directory Travel Vulnerability h4cky0u_at_gmail.com (Aug 18 2005)
ATutor 1.5.1 and prior multiple XSS Vulnerabilities h4cky0u_at_gmail.com (Aug 18 2005)
WinAce Temporary File Parsing Buffer Overflow Vulnerability atmaca_at_icqmail.com (Aug 19 2005)
[SECURITY] [DSA 778-1] New mantis packages fix several vulnerabilities Martin Schulze (Aug 19 2005)
Cisco Clean Access Agent (Perfigo) bypass llhansen-bugtraq_at_adams.edu (Aug 19 2005)
- RE: Cisco Clean Access Agent (Perfigo) bypass Dario Ciccarone (dciccaro) (Aug 22 2005)
- RE: Cisco Clean Access Agent (Perfigo) bypass Dario Ciccarone (dciccaro) (Aug 21 2005)
  - Re: RE: Cisco Clean Access Agent (Perfigo) bypass cdmiller-bugtraq_at_adams.edu (Aug 22 2005)
[USN-170-1] gnupg vulnerability Martin Pitt (Aug 19 2005)
[ GLSA 200508-10 ] Kismet: Multiple vulnerabilities Sune Kloppenborg Jeppesen (Aug 18 2005)
Secunia Research: HAURI Anti-Virus Compressed Archive Directory Traversal Secunia Research (Aug 19 2005)
[USN-169-1] Linux kernel vulnerabilities Martin Pitt (Aug 19 2005)
Fwd: Tor security advisory: DH handshake flaw Chris Palmer (Aug 18 2005)
[ GLSA 200508-11 ] Adobe Reader: Buffer Overflow Thierry Carrez (Aug 19 2005)
Vul in MyBB s2b_at_hotmail.com (Aug 19 2005)
IBM Lotus Notes multiple disclosures of password hashes Shalom Carmel (Aug 19 2005)
Woltlab Burning Board <= 2.2.2/2.3.3 modcp.php SQL injection admin_at_batznet.com (Aug 20 2005)
[USN-171-1] PHP4 vulnerabilities Martin Pitt (Aug 20 2005)
[SECURITY] [DSA 779-1] New Mozilla Firefox packages fix several vulnerabilities Martin Schulze (Aug 20 2005)
Bugs Land Down Under v800 bl2k_at_shabgard.org (Aug 20 2005)
ToorCon 7 Lineup Finalized & Pre-Registration Ending h1kari_at_toorcon.org (Aug 20 2005)
Nephp Publisher Enterprise 3.04 Cross Site Scripting bl2k_at_shabgard.org (Aug 21 2005)
SUSE Security Announcement: Adobe Reader Plugin buffer overflow (SUSE-SA:2005:047) Marcus Meissner (Aug 22 2005)
ELM < 2.5.8 Remote Exploit POC c0ntexb_at_gmail.com (Aug 22 2005)
- Re: ELM < 2.5.8 Remote Exploit POC skulls_phantoms_1_at_securityfocus.com (Aug 22 2005)
Cisco Security Advisory: SSL Certificate Validation Vulnerability in IDS Management Software Cisco Systems Product Security Incident Response Team (Aug 22 2005)
DMA[2005-0818a] - 'Apple OSX dsidentity privilege abuse' KF (lists) (Aug 22 2005)
Cisco Security Advisory: Cisco Intrusion Prevention System Vulnerable to Privilege Escalation Cisco Systems Product Security Incident Response Team (Aug 22 2005)
SQL Injection and PHP Code Injection Vulnerabilities in PHPKit 1.6.1 phuket (Aug 22 2005)
[SECURITYREASON.COM] Multiple vulnerabilities in PostNuke 0.760-RC4b=>x cXIb8O3.15 max_at_jestsuper.pl (Aug 22 2005)
Remote IIS 5.x and IIS 6.0 Server Name Spoof inge_eivind.henriksen_at_chello.no (Aug 22 2005)
- Re: Remote IIS 5.x and IIS 6.0 Server Name Spoof 3APA3A (Aug 23 2005)
- RE: Remote IIS 5.x and IIS 6.0 Server Name Spoof Sacha Faust (Aug 23 2005)
[ Suresec Advisories ] - Several MacOS X vulnerabilities Suresec Advisories (Aug 22 2005)
32919 - Computer Associates Message Queuing (CAM/CAFT) multiple vulnerabilities Williams, James K (Aug 22 2005)
MDKSA-2005:145 - Updated openvpn packages fix several vulnerabilities Mandriva Security Team (Aug 22 2005)
[SECURITY] [DSA 781-1] New Mozilla Thunderbird packages fix several vulnerabilities Martin Schulze (Aug 23 2005)
[SECURITY] [DSA 782-1] New bluez-utils packages fix arbitrary command execution Martin Schulze (Aug 23 2005)
MDKSA-2005:146 - Updated php-pear packages fix more PEAR XML-RPC vulnerabilities Mandriva Security Team (Aug 22 2005)
MDKSA-2005:148 - Updated vim packages fix vulnerability Mandriva Security Team (Aug 22 2005)
Oracle Password Checker ak_at_red-database-security.com (Aug 23 2005)
[ GLSA 200508-12 ] Evolution: Format string vulnerabilities Stefan Cornelius (Aug 26 2005)
Server crash in Ventrilo 2.3.0 Luigi Auriemma (Aug 23 2005)
Mercora IMRadio 4.0.0.0 Discloses Passwords to Local Users kozan_at_spyinstructors.com (Aug 23 2005)
- Re: Mercora IMRadio 4.0.0.0 Discloses Passwords to Local Users 3APA3A (Aug 24 2005)
[USN-172-1] lm-sensors vulnerability Martin Pitt (Aug 23 2005)
[USN-173-1] PCRE vulnerability Martin Pitt (Aug 23 2005)
Re: Interspire ArticleLive 2005 (php version) is vulnerable to XSS eddie_at_interspire.com (Aug 22 2005)
ZipTorrent 1.3.7.3 Discloses Proxy Passwords to Local Users kozan_at_spyinstructors.com (Aug 23 2005)
- Re: ZipTorrent 1.3.7.3 Discloses Proxy Passwords to Local Users Allen Parker (Aug 23 2005)
  - Re: ZipTorrent 1.3.7.3 Discloses Proxy Passwords to Local Users Nick Boyce (Aug 25 2005)
    - Re: ZipTorrent 1.3.7.3 Discloses Proxy Passwords to Local Users Nicholas Knight (Aug 26 2005)
MDKSA-2005:147 - Updated slocate packages fix vulnerability Mandriva Security Team (Aug 22 2005)
[RLSA_01-2005] QNX inputtrap arbitrary file read vulnerability julio_at_rfdslabs.com.br (Aug 24 2005)
New Whitepaper - The Pharming Guide NGSSoftware Insight Security Research (Aug 24 2005)
Multiple Vulnerabilities in Home Ftp Server 1.0.7 Donato Ferrante (Aug 24 2005)
Cross-site scripting vulnerability in BEA WebLogic administration console GomoR (Aug 24 2005)
Secunia Research: SqWebMail Attached File Script Insertion Vulnerability Secunia Research (Aug 24 2005)
PaFileDB 3.1 - SQL-Injection astovidatu_at_security-project.org (Aug 24 2005)
Secunia Research: HAURI Anti-Virus ACE Archive Handling Buffer Overflow Secunia Research (Aug 24 2005)
Re: Beehive Forum Multiple Vulnerabilities wibble_at_wobble.securityfocus.com (Aug 24 2005)
[SECURITY] [DSA 783-1] New mysql packages fix insecure temporary file Martin Schulze (Aug 23 2005)
LeapFTP .lsq Buffer Overflow Vulnerability Sowhat . (Aug 24 2005)
- Re: LeapFTP .lsq Buffer Overflow Vulnerability Kaveh Razavi (Aug 24 2005)
  - Re: LeapFTP .lsq Buffer Overflow Vulnerability Damien Palmer (Aug 24 2005)
    - Re: LeapFTP .lsq Buffer Overflow Vulnerability Kaveh Razavi (Aug 25 2005)
Foojan PHP Weblog Information Disclosure - Refferer Html Injection ali202_at_fastermail.com (Aug 24 2005)
unload event in ie/mozilla/opera Tobias Boonstoppel (Aug 23 2005)
- RE: unload event in ie/mozilla/opera David Gillett (Aug 24 2005)
  - Re: unload event in ie/mozilla/opera Drew Haven (Aug 25 2005)
    - Re: unload event in ie/mozilla/opera Tobias Boonstoppel (Aug 25 2005)
  - Re: unload event in ie/mozilla/opera Niels Bakker (Aug 24 2005)
    - Re: unload event in ie/mozilla/opera Godwin Stewart (Aug 26 2005)
    - Re: unload event in ie/mozilla/opera Michael Shigorin (Aug 26 2005)
- RE: unload event in ie/mozilla/opera Early, Clint (Aug 25 2005)
- Re: unload event in ie/mozilla/opera Stefan Kelm (Aug 25 2005)
- Re: unload event in ie/mozilla/opera gegegz_at_aol.com (Aug 28 2005)
[ GLSA 200508-13 ] PEAR XML-RPC, phpxmlrpc: New PHP script injection vulnerability Thierry Carrez (Aug 24 2005)
[USN-173-2] PCRE vulnerability Martin Pitt (Aug 24 2005)
[ GLSA 200508-14 ] TikiWiki, eGroupWare: Arbitrary command execution through XML-RPC Thierry Carrez (Aug 24 2005)
- Re: [ GLSA 200508-14 ] TikiWiki, eGroupWare: Arbitrary command execution through XML-RPC Cangrejito Playero (Aug 26 2005)
Advisory: iTAN not as secure as claimed release_at_redteam-pentesting.de (Aug 25 2005)
[ GLSA 200508-15 ] Apache 2.0: Denial of Service vulnerability Sune Kloppenborg Jeppesen (Aug 24 2005)
[SECURITY] [DSA 784-1] New courier packages fix denial of service Martin Schulze (Aug 25 2005)
Portcullis Security Advisory 05-014 HP Openview Remote Command Execution Vulnerability Paul J Docherty (Aug 25 2005)
- Re: Portcullis Security Advisory 05-014 HP Openview Remote Command Execution Vulnerability David Litchfield (Aug 25 2005)
[SECURITY] [DSA 785-1] New libpam-ldap packages fix authentication bypass Martin Schulze (Aug 25 2005)
MS05_039 Exploitation (different languages) Roman Medina-Heigl Hernandez (Aug 25 2005)
- Re: [Full-disclosure] MS05_039 Exploitation (different languages) ad_at_class101.org (Aug 25 2005)
- Re: MS05_039 Exploitation (different languages) Fabrice MOURRON (Aug 25 2005)
[ GLSA 200508-17 ] libpcre: Heap integer overflow Stefan Cornelius (Aug 25 2005)
[security bulletin] SSRT4702 rev.0 - HP-UX running Veritas 3.3/3.5 unauthorized data access Boren, Rich (HP SSRT) (Aug 25 2005)
Tool for Identifying Rogue Linksys Routers Martin Mkrtchian (Aug 25 2005)
- Re: Tool for Identifying Rogue Linksys Routers Mike Frantzen (Aug 26 2005)
- RE: Tool for Identifying Rogue Linksys Routers Thomas Guyot-Sionnest (Aug 25 2005)
- Re: Tool for Identifying Rogue Linksys Routers Joshua Wright (Aug 25 2005)
- Re: Tool for Identifying Rogue Linksys Routers Graham Wilson (Aug 26 2005)
  - Re: Tool for Identifying Rogue Linksys Routers Volker Tanger (Aug 27 2005)
  - Re: Tool for Identifying Rogue Linksys Routers Mike Kershaw (Aug 26 2005)
- RE: Tool for Identifying Rogue Linksys Routers Matt Mercer (Aug 25 2005)
  - Re: Tool for Identifying Rogue Linksys Routers Paul Halliday (Aug 26 2005)
- Re: Tool for Identifying Rogue Linksys Routers Dave Hull (Aug 26 2005)
- Re: Tool for Identifying Rogue Linksys Routers Tony Rall (Aug 26 2005)
Quake 2 Lithium Mod V 1.24 Macro Expansion Vuln? nukemmeister_at_gmail.com (Aug 25 2005)
An Illustrated Guide to IPSec Steve Friedl (Aug 25 2005)
[ GLSA 200508-16 ] Tor: Information disclosure Sune Kloppenborg Jeppesen (Aug 24 2005)
ssl-login-checkbox faked in Lycos webmail-frontend Fischer, Andreas (Aug 25 2005)
Tool Announcement: AIRT -- the Advanced Incident Response Tool 0.4.2 released madsys (Aug 25 2005)
Astaro Security Linux 6.0 - HTTP CONNECT Access Localhost Weakness oliver karow (Aug 25 2005)
CORRECTION: Remote IIS 5.x and IIS 6.0 Server Name Spoof Mark Burnett (Aug 25 2005)
[USN-174-1] courier vulnerability Martin Pitt (Aug 26 2005)
22nd Chaos Communication Congress 2005: Call for Papers fukami (Aug 26 2005)
[SECURITY] [DSA 787-1] New backup-manager package fixes several vulnerabilities Martin Schulze (Aug 26 2005)
MDKSA-2005:152 - Updated php packages fix integer overflow vulnerability Mandriva Security Team (Aug 25 2005)
AWstats Path Disclosure Vulnerability fournaux_at_khmerdev.com (Aug 25 2005)
[security bulletin] SSRT051023 rev.0 - HP Openview Network Node Manager (OV NNM) Remote Unauthorized Access Boren, Rich (HP SSRT) (Aug 26 2005)
MDKSA-2005:150 - Updated bluez-utils packages fix vulnerability Mandriva Security Team (Aug 25 2005)
[ GLSA 200508-18 ] PhpWiki: Arbitrary command execution through XML-RPC Thierry Carrez (Aug 26 2005)
MDKSA-2005:151 - Updated pcre packages fix integer overflow vulnerability Mandriva Security Team (Aug 25 2005)
Multiple PHP Images Galleries EXIF Metadata XSS Vulnerabilities Cedric Cochin (Aug 25 2005)
Simple PHP Blog File Upload and User Credentials Exposure Vulnerabilities Scott Dewey (Aug 25 2005)
[SECURITY] [DSA 786-1] New simpleproxy packages fix arbitrary code execution Martin Schulze (Aug 25 2005)
DMA[2005-0826a] - 'Nokia Affix Bluetooth btsrv poor use of popen()' KF (lists) (Aug 26 2005)
MDKSA-2005:149 - Updated lm_sensors packages fix temporary file vulnerability Mandriva Security Team (Aug 25 2005)
Sophos Antivirus Library Remote Heap Overflow list_at_rem0te.com (Aug 26 2005)
- RE: Sophos Antivirus Library Remote Heap Overflow Dowling, Gabrielle (Aug 26 2005)
Looking Glass v20040427 arbitrary commands execution / cross site scripting retrogod_at_aliceposta.it (Aug 27 2005)
MDKSA-2005:154 - Updated python packages fix integer overflow vulnerability Mandriva Security Team (Aug 26 2005)
MDKSA-2005:153 - Updated gnumeric packages fix integer overflow vulnerability Mandriva Security Team (Aug 26 2005)
XSS security hole in phpwebnotes. nf2 (Aug 27 2005)
Multiple CMS/Forum Vulnablilties pacifico\ (Aug 27 2005)
Xcon2005 papers released alert7 (Aug 28 2005)
PHP-Fusion <= v6.00.107 XSS exploit slacker4ever_1_at_juno.com (Aug 28 2005)
FUD Forum < 2.7.1 PHP code injection vurnelability riklaunim_at_gmail.com (Aug 28 2005)
Land Down Under bendeniz_avci_at_hotmail.com (Aug 28 2005)
Secunia Research: SqWebMail HTML Emails Script Insertion Vulnerability Secunia Research (Aug 29 2005)
Multiple vulnerabilities in BFCommand & Control for Battlefield 1942 and Vietnam Luigi Auriemma (Aug 29 2005)
[cosmoshop <= 8.10.78] be the shopadmin in one step innate_at_gmx.de (Aug 28 2005)
SimplePHPBlog Arbitrary File Deletion and Sample Exploit 'ken'_at_FTU (Aug 29 2005)
[SECURITY] [DSA 788-1] New kismet packages fix arbitrary code execution Martin Schulze (Aug 29 2005)
Land Down Under 801 And Prior Multiple SQL Injection Vulnerabilities h4cky0u.org_at_gmail.com (Aug 29 2005)
Vulnerability in Helpdesk software Hesk 0.92 s2b_at_hotmail.com (Aug 29 2005)
- Re: Vulnerability in Helpdesk software Hesk 0.92 not_at_given.com (Aug 30 2005)
- Re: Vulnerability in Helpdesk software Hesk 0.92 Thomas Kr�ger (Aug 30 2005)
WASC-Articles: 'Preventing Log Evasion in IIS' contact_at_webappsec.org (Aug 28 2005)
PunBB BBCode IMG Tag Script Injection Vulnerability y3dips_at_echo.or.id (Aug 29 2005)
- Re: PunBB BBCode IMG Tag Script Injection Vulnerability Aaron Horst (Aug 29 2005)
Member.php SQL Injection in MyBB W7ED_at_HOTMAIL.COM (Aug 27 2005)
[SECURITY] [DSA 789-1] New PHP 4 packages fix several vulnerabilities Martin Schulze (Aug 29 2005)
Re: Sophos Antivirus Library Remote Heap Overflow list_at_rem0te.com (Aug 28 2005)
AutoLinks Pro 2.1 none_at_none.com (Aug 28 2005)
SUSE Security Announcement: php4/php5 Pear::XML_RPC code injection and PCRE integer overflow problems (SUSE-SA:2005:049) Marcus Meissner (Aug 30 2005)
BNBT EasyTracker Remote Denial of Service Vulnerability Sowhat . (Aug 30 2005)
SUSE Security Announcement: pcre integer overflows (SUSE-SA:2005:048) Marcus Meissner (Aug 30 2005)
iDEFENSE Security Advisory 08.29.05: Adobe Version Cue VCNative Arbitrary Library Loading Vulnerability iDEFENSE Labs (Aug 29 2005)
iDEFENSE Security Advisory 08.29.05: Adobe Version Cue VCNative Arbitrary File Overwrite Vulnerability iDEFENSE Labs (Aug 29 2005)
iDEFENSE Security Advisory 08.29.05: Symantec AntiVirus 9 Corporate Edition Local Privilege Escalation Vulnerability iDEFENSE Labs (Aug 29 2005)
phpLDAPadmin 0.9.6 - 0.9.7/alpha5 (possibly prior versions) system disclosure, retrogod_at_aliceposta.it (Aug 29 2005)
[ GLSA 200508-20 ] phpGroupWare: Multiple vulnerabilities Thierry Carrez (Aug 30 2005)
[USN-173-3] Fixed apache2 packages for USN-173-2 Martin Pitt (Aug 30 2005)
[ GLSA 200508-19 ] lm_sensors: Insecure temporary file creation Thierry Carrez (Aug 30 2005)
e107 0.6 forum_post.php create new topics in non-existing forums Marc Ruef (Aug 30 2005)
[UNTRUE] Gadu-Gadu supposedly fixed the invisible detection vulnerability? Maciej Soltysiak (Aug 30 2005)
[SECURITY] [DSA 790-1] New phpldapadmin packages fix unauthorised access Martin Schulze (Aug 29 2005)
Fetchmail 6.2.5 exploit for Bugtraq ID: 14349 bannedit_at_frontiernet.net (Aug 30 2005)
MS05-042 Security Update Problems Andrew McCullough (Aug 30 2005)
[SECURITY] [DSA 791-1] New maildrop packages fix arbitrary group mail command execution Martin Schulze (Aug 29 2005)
Call for new mailing lists @ SecurityFocus Alfred Huger (Aug 31 2005)
secure client-side platform liudieyu_at_umbrella.name (Aug 31 2005)
[security bulletin] SSRT051004 rev.0 - HP-UX Java Runtime Environment (JRE) Untrusted Applet Elevates Privilege security-alert_at_hp.com (Aug 30 2005)
[ GLSA 200508-22 ] pam_ldap: Authentication bypass vulnerability Sune Kloppenborg Jeppesen (Aug 31 2005)
Indiatimes Messenger 6.0 Buffer Overflow (Remote) ViPeR (Aug 31 2005)
[ GLSA 200508-21 ] phpWebSite: Arbitrary command execution through XML-RPC and SQL injection Sune Kloppenborg Jeppesen (Aug 31 2005)
[security bulletin] SSRT051003 rev.0 - HP-UX Java Web Start remote unauthorized privileged access security-alert_at_hp.com (Aug 30 2005)
[SECURITY] [DSA 792-1] New pstotext packages fix arbitrary command execution Martin Schulze (Aug 31 2005)
XSS in GreyMatter blog poizon_at_securityinfo.ru (Aug 31 2005)
Obsidis #1 Call for Papers angelo_at_rosiello.org (Aug 31 2005)
Simple Machine Forum 1-0-5 (possibly prior versions) user IP address / information disclosure retrogod_at_aliceposta.it (Aug 31 2005)
Flatnuke 2.5.6 (possibly prior versions) Underlying system information disclosure / Administrative & users credentials disclosure retrogod_at_aliceposta.it (Aug 30 2005)
RE: secure client-side platform Beauford, Jason (Aug 31 2005)
CMS Made Simple <= 0.10 - PHP injection groszynskif_at_gmail.com (Aug 31 2005)
Vulnerability in Symantec Anti Virus Corporate Edition v9.x golovast_at_gmail.com (Aug 31 2005)
Ariba password exposure vulnerability gerald626_at_gmail.com (Aug 31 2005)