Home page logo
/

361 messages starting May 02 05 and ending May 31 05
Date index | Thread index | Author index

Monday, 02 May

DMA[2005-0501a] - 'ARPUS/Ce setuid buffer overflow and file overwrite' KF (lists)
Multiple Vulnerabilities in Video Cam Server 1.0.0 Donato Ferrante
[ GLSA 200505-01 ] Horde Framework: Multiple XSS vulnerabilities Luke Macken
Clients format string and server crash in Mtp-Target 1.2.2 Luigi Auriemma
Insecure pty permissions in OS X < 10.4 Matt Johnston
Re: Apache hacks (./atac, d0s.txt) a.list.address () gmail com
Microsoft WINS Vulnerability + OS/SP Scanner class
Defcon Capture the Flag registration is open Kenshoto
[ GLSA 200504-30 ] phpMyAdmin: Insecure SQL script installation Sune Kloppenborg Jeppesen
Golden FTP Server Pro Remote Buffer Overflow Exploit mohamed amhemed
JGS-Portal 3.0.1 SQL-Injection admin
Re: Apache hacks (./atac, d0s.txt) Chris Umphress
Re: Apache hacks (./atac, d0s.txt) Sagiko
Re: Apache hacks (./atac, d0s.txt) Daniel Cid
Regions bank phishing scam Ryan S
Can't trust COMODO Gunter Ollmann (NGS)
Re: Apache hacks (./atac, d0s.txt) Luiz Henrique
Re: Apache hacks (./atac, d0s.txt) Skip Carter
Re: Apache hacks (./atac, d0s.txt) Robert Zilbauer
Re: Privilege escalation in BulletProof FTP Server v2.4.0.31 [PoC] Jerome ATHIAS
Re: Apache hacks (./atac, d0s.txt) KF (lists)
Re: Apache hacks (./atac, d0s.txt) Jay D. Dyson
Re: Apache hacks (./atac, d0s.txt) Steve Kemp
Directory Traversal Vuln - RaidenFTPD 2.4 < Build 2241 Lachlan. H
[CLA-2005:952] Conectiva Security Announcement - kernel Conectiva Updates
tHorK FrameWork Beta v0.1::: another exploit framework gilbert nzeka
Re: Apache hacks (./atac, d0s.txt) Nick Bright

Tuesday, 03 May

ASP.NET __VIEWSTATE crypto validation prone to replay attacks Michal Zalewski

Thursday, 05 May

[SECURITY] [DSA 720-1] New smartlist packages fix unauthorised un/subscription Martin Schulze
[HSC Security Group] ASP Inline Corporate Calendar SQL injection Zinho
Advisories for 4 vulnerabilities addressed by Apple SU 2005-005 David Remahl
Multiple SQL injections and XSS in FishCart 3.1 dcrab
Golden Ftp Server Pro - Directory Traversal Vuln Lachlan. H
Authentication bypass, sql injections and xss in ArticleLive 2005 dcrab
iDEFENSE Security Advisory 05.03.05: Mac OS X Server NeST -target Buffer Overflow Vulnerability iDEFENSE Labs
Multiple vulnerabilities in Merak Mail Server 8.0.3 with Icewarp Web Mail 5.4.2 ShineShadow
Gossamer Threads Links SQL login XSS Vulnerability Nathan House
leafnode security announcement leafnode-SA-2005-01 Matthias Andree
Local file detection bug found through Adobe SVG Viewer Hyperdose Security
iDEFENSE Security Advisory 05.04.05: Apple Mac OS X vpnd Server_id Buffer Overflow Vulnerability iDEFENSE Labs
directory traversal in SimpleCam 1.2 Donato Ferrante
MRO Maximo v4 & v5 Felix
MegaBook V2.0 - Cross Site Scripting Exploit Spy Hat
Oracle 9i / 10g Fine Grained Auditing Issue Alexander Kornbrust
Oracle 10g DBMS_SCHEDULER SESSION_USER issue Alexander Kornbrust
dSMTP - SMTP Mail Server 3.1b Linux Remote Root Format String Exploit cybertronic
RE: ASP.NET __VIEWSTATE crypto validation prone to replay attacks Tim Farley
Multiple vulnerabilities in myBloggie 2.1.1 Alberto Trivero
[USN-113-1] libnet-ssleay-perl vulnerability Martin Pitt
Multiple Vulnerabilities In SitePanel2 GulfTech Security Research
Multiple Vulnerabilities In osTicket GulfTech Security Research
Local root vuln in VPN daemon on MacOS X Pieter de Boer
Re: AWStats <= 6.4 Multiple vulnerabilities Laurent Destailleur
[USN-116-1] gzip vulnerabilities Martin Pitt
[USN-118-1] PostgreSQL vulnerabilities Martin Pitt
DMA[2005-0502a] - 'Apple OSX multiple Bluetooth vulnerabilities' Kevin Finisterre
Re: ASP.NET __VIEWSTATE crypto validation prone to replay attacks Michal Zalewski
[hackgen-2005-#004] - Multiple bugs in MidiCart PHP Shopping Cart Exoduks
Re: ASP.NET __VIEWSTATE crypto validation prone to replay attacks H D Moore
[USN-114-1] kimgio vulnerability Martin Pitt
[USN-117-1] cvs vulnerability Martin Pitt
[USN-115-1] Kommander vulnerability Martin Pitt

Friday, 06 May

Re: ASP.NET __VIEWSTATE crypto validation prone to replay attacks Michal Zalewski
Gamespy cd-key validation system: Cd-key never in use Luigi Auriemma
Mac OS 10.4: new-account-wizzard in Mail 2.0 sends clear-text passwords Markus Wörle
Multiple vulnearabilities in e107 cms hennoj
[ GLSA 200505-02 ] Oops!: Remote code execution Luke Macken
Sql Injection in CJ Ultra Plus v1.0.3-1.0.4 Kold
MDKSA-2005:082 - Updated OpenOffice.org packages fix heap overflow vulnerability Mandriva Security Team
Re: MegaBook V2.0 - Cross Site Scripting Exploit Morning Wood
Multiple Vulnerabilities In Invision Power Board GulfTech Security Research
MDKSA-2005:081 - Updated XFree86/XOrg packages fix libXpm vulnerabilities Mandriva Security Team
FreeBSD Security Advisory FreeBSD-SA-05:06.iir FreeBSD Security Advisories
FreeBSD Security Advisory FreeBSD-SA-05:07.ldt FreeBSD Security Advisories
FreeBSD Security Advisory FreeBSD-SA-05:08.kmem FreeBSD Security Advisories
PHP Advanced Transfer Manager v1.21 tjomi4
[SEC-1 LTD] RSA SecurID Web Agent Heap Overflow Gary O'leary-Steele
[SECURITY] [DSA 721-1] New squid packages fix ACL bypass Martin Schulze
[USN-119-1] tcpdump vulnerabilities Martin Pitt
[USN-122-1] Squid vulnerability Martin Pitt
[USN-121-1] OpenOffice.org vulnerability Martin Pitt
[USN-120-1] Apache 2 vulnerability Martin Pitt
Secure Science Corporation Advisory CSA-056 SSC Advisory Notice
[USN-123-1] Xine library vulnerabilities Martin Pitt
[ GLSA 200505-03 ] Ethereal: Numerous vulnerabilities Sune Kloppenborg Jeppesen
4d WebSTAR 5.x Web Server Mac OS X Buffer Overflow Braden Thomas

Saturday, 07 May

firefox 1.0.3 spoof+auto dl john smith

Monday, 09 May

PwsPHP v1.2.2 Final - Multiples vulnerabilities SecuBox fRoGGz
[ GLSA 200505-04 ] GnuTLS: Denial of Service vulnerability Matthias Geerdsen
Re: MegaBook V2.0 - Cross Site Scripting Exploit Spy Hat
[SECURITY] [DSA 723-1] New XFree86 packages fix arbitrary code execution Martin Schulze
Firefox Remote Compromise Leaked Paul
Re: firefox 1.0.3 spoof+auto dl Paul
Firefox Remote Compromise Technical Details Paul
[SECURITY] [DSA 722-1] New smail packages fix arbitrary code execution Martin Schulze
NISCC Vulnerability Advisory IPSEC - 004033 albatross
Announcement: The Web Security Mailing List contact
[SecurityLab] Ethereal 0.10.10 SIP Dissector Overflow Ejovi Nuwere
phpbb 2.0.15 released - patches high critical vuln Paul Laudanski
Re: Can't trust COMODO - An Update Gunter Ollmann
Advanced Guestbook 2.3.1 Spy Hat
Easy Message Board Directory Traversal and Remote Command SoulBlack Group
Viruses can evade Sophos Anti-Virus xerces8

Tuesday, 10 May

[ GLSA 200505-05 ] gzip: Multiple vulnerabilities Sune Kloppenborg Jeppesen
[ GLSA 200505-06 ] TCPDump: Decoding routines Denial of Service vulnerability Sune Kloppenborg Jeppesen
Esqo advisory: GeoVision Digital Video Surveillance System - Multiple authentication issues Tirath Rai
Crash in Zoidcom 1.0 beta 4 Luigi Auriemma
New Macromedia Security Zone Bulletin Posted Macromedia Security Zone
TSLSA-2005-0021 - squid Trustix Security Advisor
TCP/IP implementations do not adequately validate ICMP error messages Alok Menghrajani - Ilion Security SA
Firefox Crash?? orebla Orebla
[ GLSA 200505-08 ] HT Editor: Multiple buffer overflows Sune Kloppenborg Jeppesen
CAIF 1.2 released Oliver Goebel
WowBB view_user.php SQL Injection Vulnerability Megasky
Gamespy cd-key validation system: "Cd-key in use" DoS versus many games Luigi Auriemma
[ GLSA 200505-07 ] libTIFF: Buffer overflow Sune Kloppenborg Jeppesen
remote root security bug in ethereal 0.9.13 >= and <= 0.10.10 suresec advisories

Wednesday, 11 May

Linux kernel ELF core dump privilege elevation Paul Starzetz
MDKSA-2005:083 - Updated ethereal packages fix multiple vulnerabilities Mandriva Security Team
Metasploit Framework v2.4 H D Moore
Cisco Security Advisory: FWSM URL Filtering Solution TCP ACL Bypass Vulnerability Cisco Systems Product Security Incident Response Team
[HSC Security Group] MaxWebPortal - Multiple SQL injection/XSS Zinho
Re: TCP/IP implementations do not adequately validate ICMP error messages Peter Keel
Re: Linux kernel ELF core dump privilege elevation Greg KH
[Scan Associates Advisory] Neteyes Nexusway multiple vulnerability pokley
Commonly used disk imaging and wiping tools can be tricked to miss parts of a disk Arne Vidström
Re: TCP/IP implementations do not adequately validate ICMP error messages Maciej Soltysiak
Guesbook Pro XSS & HTML Injection SoulBlack Group
Ethereal <= 0.10.10 SIP dissector stack overflow DoS exploit Shaun Colley
Re: Linux kernel ELF core dump privilege elevation Bruno Lustosa
Re: Authentication bypass, sql injections and xss in ArticleLive 2005 Steven M. Christey
Re: Linux kernel ELF core dump privilege elevation Greg KH

Thursday, 12 May

BakBone NetVault last warning class
Re: Firefox Crash?? Joxean Koret
Re: Firefox Crash?? Christophe Lucas
OpenServer 5.0.6 OpenServer 5.0.7 : chroot A known exploit can break a chroot prison. please_reply_to_security
Re: SPAM-HIGH: TCP/IP implementations do not adequately validate ICMP error messages David Nichols
Re: Linux kernel ELF core dump privilege elevation Paul Starzetz
Re: Firefox Crash?? Jeremy Kelley
Yappa-NG Multiple Vulnerabilities GulfTech Security Research
RE: TCP/IP implementations do not adequately validate ICMP error messages David Schwartz
[DR018] Quartz Composer / QuickTime 7 information leakage David Remahl
Firefox 1.0.4 released. Several vulnerabilities fixed Paul
Security Advisory for Bugzilla 2.18, 2.19.2, and 2.16.8 Max Kanat-Alexander
Re: ASP.NET __VIEWSTATE crypto validation prone to replay attacks Anton Ivanov
Re: Commonly used disk imaging and wiping tools can be tricked to miss parts of a disk Thor Arne Johansen
Directtopics Multiple Vulnerabilities (Security Advisory) Morinex Eneco
Acrowave AAP-3100AR authetication bypass Martin Tornwall
MDKSA-2005:087 - Updated tcpdump packages fix multiple vulnerabilities Mandriva Security Team
MDKSA-2005:086 - Updated gaim packages fix multiple vulnerabilities Mandriva Security Team
MDKSA-2005:085 - Updated kdelibs packages fix vulnerabilities Mandriva Security Team
MDKSA-2005:084 - Updated gnutls packages fix vulnerabilities Mandriva Security Team
[ GLSA 200505-09 ] Gaim: Denial of Service and buffer overflow vulnerabilties Sune Kloppenborg Jeppesen
[USN-125-1] Gaim vulnerabilities Martin Pitt
htdigest exploit code [bid 13537] K sPecial
Re: Linux kernel ELF core dump privilege elevation (kernel module workaround) Andrew Griffiths
Re: Linux kernel ELF core dump privilege elevation antoine
[USN-124-1] Mozilla and Firefox vulnerabilities Martin Pitt
[USN-124-2] Fixed packages for USN-124-1 Martin Pitt

Friday, 13 May

FreeBSD Security Advisory FreeBSD-SA-05:09.htt [REVISED] FreeBSD Security Advisories
OllyDbg "INT3 AT" Format String Vulnerability Piotr Bania
Re: Linux kernel ELF core dump privilege elevation Pedro Venda
ITU 2005 Call For Papers Michal Szymanski
32-bit qmail fun (qmail-pop3d) (fwd) Lars Olsson
Ultimate PHP Board (UPB) Security Advisory Morinex Eneco
OpenServer 5.0.7 UnixWare 7.1.4 UnixWare 7.1.3 : Hyper-Threading information leakage please_reply_to_security
Netvault Remote Heap Overflow (another one) nolimit bugtraq
[FLSA-2005:155508] Updated cvs package fixes security issues Marc Deslauriers
[FLSA-2005:154988] Updated openoffice.org packages fix security issues Marc Deslauriers
Willings WebCam - Password Disclosure Issue SecuBox fRoGGz
Windows image size crash RSnake
cross-domain cookie theft: who's to blame? Tim Tompkins
Re: phpbb 2.0.15 released - patches high critical vuln Paul Laudanski
Re: Linux kernel ELF core dump privilege elevation (kernel module workaround) chris
OpenBB SQL Injection & Cross-site Scripting Vulnerability Megasky
Re: Linux kernel ELF core dump privilege elevation codeQ
Yahoo! Messenger URL Handler Remote DoS Vulnerability Torseq Tech .
Re: Windows image size crash Giuseppe `lan` Marocchio
Re: Windows image size crash Oliver J. Morais
PHPHeaven PHPMyChat Cross-site Scripting Vulnerablitiy Megasky
Yahoo! Chat Add Buddy Without Consent Privacy Issue Torseq Tech .

Saturday, 14 May

[ GLSA 200505-10 ] phpBB: Cross-Site Scripting Vulnerability Sune Kloppenborg Jeppesen
Gaim 1.2.1 -- PoC Stack Overflow Ron
[FLSA-2005:152763] Updated qt packages fixes security issues Marc Deslauriers
Re: Windows image size crash Bernhard Mitterer
[USN-126-1] GNU TLS library vulnerability Martin Pitt
[FLSA-2005:152768] Updated ruby package fixes security issues Marc Deslauriers
Skull-Splitter's Guestbook Multiple XXS/HTML injection Morinex Eneco
[FLSA-2005:152804] Updated openmotif packages fix image vulnerability Marc Deslauriers
MDKSA-2005:088 - Updated mozilla packages fix multiple vulnerabilities Mandriva Security Team
[FLSA-2005:152856] Updated sudo packages fix security issue Marc Deslauriers
[FLSA-2005:152912] Updated imap packages fix security issues Marc Deslauriers
[FLSA-2005:152871] Updated nfs-utils package fixes security issue Marc Deslauriers

Monday, 16 May

[ GLSA 200505-11 ] Mozilla Suite, Mozilla Firefox: Remote compromise Sune Kloppenborg Jeppesen
[ GLSA 200505-12 ] PostgreSQL: Multiple vulnerabilities Sune Kloppenborg Jeppesen
Multiple Vulnerabilities in MetaCart e-Shop dedi dwianto
Postnuke 0.750 - 0.760rc4 local file inclusion pokley
DotNetNuke (Multiple XSS) Mark Woan
Woltlab Burning Board SQL Injection Vulnerability GulfTech Security Research
Pico Server (pServ) Local Information Disclosure Claus R. F. Overbeck
Pico Server (pServ) Information Disclosure Of CGI Sources Claus R. F. Overbeck
Pico Server (pServ) Remote Command Injection Claus R. F. Overbeck
Mac OS X - Adobe Version Cue local root exploit [c version exploit] ali reza AcTiOnSpIdEr
[SePro Bugtraq] WBB Portal - JGS-Portal <= 3.0.2 - Multiple Vulnerabilities (09.05.05) deluxe
cdrdao exploit for mandrake 10.2 ( Mandriva 2005) newbug Tseng

Tuesday, 17 May

Linux kernel pktcdvd and rawdevice ioctl break user space limit vulnerability alert7
[CLA-2005:953] Conectiva Security Announcement - kde Conectiva Updates
[ GLSA 200505-13 ] FreeRADIUS: Buffer overflow and SQL injection vulnerability Sune Kloppenborg Jeppesen
OpenServer 5.0.6 OpenServer 5.0.7 : telnet client multiple issues please_reply_to_security
MDKSA-2005:088-1 - Updated mozilla-firefox packages re-enable extensions Mandriva Security Team

Wednesday, 18 May

Re: Windows image size crash cmthemc
Linux kernel pktcdvd ioctl break user space limit vulnerability [corrected] bugs
Yahoo! Messenger may be storing all session data 'Unencoded' on the local machine Torseq Tech .
Help Center Live Vulnerabilities GulfTech Security Research
[SECURITY] [DSA 724-1] New phpsysinfo packages fix cross site scripting Martin Schulze
[USN-127-1] bzip2 vulnerabilities Martin Pitt
[USN-128-1] nasm vulnerability Martin Pitt
Windows (XP, 2k3, Longhorn) is vulnerable to IpV6 Land attack. Konrad Malewski
[USN-129-1] Squid vulnerability Martin Pitt
Re: [SePro Bugtraq] WBB Portal - JGS-Portal <= 3.0.2 - Multiple Vulnerabilities (09.05.05) Steven M. Christey
Re: Yahoo! Messenger may be storing all session data 'Unencoded' on the local machine Torseq Tech .
Re: Mac OS X - Adobe Version Cue local root exploit [c version exploit] Vade 79
NOVELL ZENWORKS MULTIPLE REMØTE STACK & HEAP OVERFLOWS list
[FLSA-2005:152883] Updated mozilla packages fix security issues Marc Deslauriers
[FLSA-2005:152771] Updated pam packages fix security issue Marc Deslauriers
Security issue in Microsoft Outlook Bakchodiya
UnixWare 7.1.4 : Updated mozilla fixes many security issues please_reply_to_security

Thursday, 19 May

MDKSA-2005:089 - Updated cdrdao packages fix local root vulnerability Mandriva Security Team
MDKSA-2005:090 - Updated nasm packages fix vulnerability Mandriva Security Team
MDKSA-2005:091 - Updated bzip2 packages fix multiple vulnerabilities Mandriva Security Team
MDKSA-2005:092 - Updated gzip packages fix several vulnerabilities Mandriva Security Team
D-Link DSL routers authentication bypass Francesco Orro
[SECURITY] [DSA 725-1] New ppxp packages fix local root exploit Martin Schulze
[ GLSA 200505-14 ] Cheetah: Untrusted module search path Sune Kloppenborg Jeppesen
Re: [SePro Bugtraq] WBB Portal - JGS-Portal <= 3.0.2 - Multiple Vulnerabilities (09.05.05) deluxe
JavaMail Information Disclosure (msgno) Ricky Latt
UNICODE BUFFER OVERFLOW IN MS-WORD Bahaa Naamneh
phpATM arbitrary PHP code inclusion Ingvar Gilbert
[FLSA-2005:152815] Updated libtiff packages fix security issues Marc Deslauriers
[USN-130-1] TIFF library vulnerability Martin Pitt

Friday, 20 May

[SECURITY] [DSA 726-1] New oops packages fix format string vulnerability Martin Schulze
UPDATE: [ GLSA 200504-23 ] Kommander: Insecure remote script execution Sune Kloppenborg Jeppesen
ERRATA: [ GLSA 200505-13 ] FreeRADIUS: SQL injection and Denial of Service vulnerability Sune Kloppenborg Jeppesen
[ GLSA 200505-15 ] gdb: Multiple vulnerabilities Sune Kloppenborg Jeppesen
pst.advisory: gedit fun. opensource is god .lol windows yan feng
[SECURITY] [DSA 727-1] New libconvert-uulib-perl packages fix arbitrary code execution Martin Schulze
picasm error handling stack overflow vulnerability Shaun Colley
worm "postcard" e-mail issue M. Perri
episodex guestbook security bypass & html injection farhad koosha
Security contact for Trillian Suramya Tomar
[BuHa Security] Wordpress SQL-Injection Thomas Waldegger
RE: Security issue in Microsoft Outlook Scovetta, Michael V
[UPDATE] UNICODE BUFFER OVERFLOW IN MS-WORD Bahaa Naamneh

Saturday, 21 May

[SECURITYREASON.COM] PostNuke XSS 0.760{RC2,RC3} Maksymilian Arciemowicz
[SECURITYREASON.COM] PostNuke XSS and Full path disclosure 0.760RC3=>x Maksymilian Arciemowicz
[SECURITYREASON.COM] PostNuke Non Critical SQL Injection and Include 0.760-RC3=>x Maksymilian Arciemowicz
pst.advisory 2005-21: gxine remote exploitable . opensource is god .lol windows yan feng
[SECURITYREASON.COM] PostNuke SQL Injection 0.750=>x Maksymilian Arciemowicz

Monday, 23 May

Computer Associates Vet Antivirus Library Remote Heap Overflow list
SQL injections in PortailPHP CENSORED
Cookie Cart Default Installation Multiple Vulnerabilities SoulBlack Group
Format string and crash in Warrior Kings 1.3 and Battles 1.23 Luigi Auriemma
Meteor FTP Server v1.5 Buffer Overflow Auston J

Tuesday, 24 May

[ GLSA 200505-17 ] Qpopper: Multiple Vulnerabilities Sune Kloppenborg Jeppesen
[ GLSA 200505-18 ] Net-SNMP: fixproc insecure temporary file creation Sune Kloppenborg Jeppesen
CAID 32896 - Computer Associates Vet Antivirus engine heap overflow vulnerability Williams, James K
Blue Coat Reporter multiple remote vulnerabilities Oliver Karow
Gforge - viewFile.php security flaw Filippo Spike Morelli
ACROS Security: HTML Injection in BEA WebLogic Server Console (2) ACROS Security
ACROS Security: HTML Injection in BEA WebLogic Server Console (1) ACROS Security
Endless loop in Halo 1.06 Luigi Auriemma
iDEFENSE Security Advisory 05.24.05: Ipswitch IMail IMAP STATUS Remote Buffer Overflow Vulnerability iDEFENSE Labs
iDEFENSE Security Advisory 05.24.05: Ipswitch IMail IMAP LSUB DoS Vulnerability iDEFENSE Labs
iDEFENSE Security Advisory 05.24.05: Ipswitch IMail IMAP LOGIN Remote Buffer Overflow Vulnerabilities iDEFENSE Labs
iDEFENSE Security Advisory 05.24.05: Ipswitch IMail Web Calendaring Arbitrary File Read Vulnerability iDEFENSE Labs
iDEFENSE Security Advisory 05.24.05: Ipswitch IMail IMAP SELECT Command DoS Vulnerability iDEFENSE Labs
Javamail Multiple Information Disclosure Vulnerabilities Ricky Latt
[ GLSA 200505-16 ] ImageMagick, GraphicsMagick: Denial of Service vulnerability Thierry Carrez
[USN-131-1] Linux kernel vulnerabilities Martin Pitt
[USN-132-1] ImageMagick vulnerabilities Martin Pitt

Wednesday, 25 May

[SECURITY] [DSA 728-1] New qpopper packages fix arbitrary file overwriting Martin Schulze
exim 4.40 exploit plugger
iDEFENSE Security Advisory 05.25.05: GNU Mailutils 0.6 imap4d Format String Vulnerability iDEFENSE Labs
iDEFENSE Security Advisory 05.25.05: GNU Mailutils 0.6 mail header_get_field_name() Buffer Overflow Vulnerability iDEFENSE Labs
iDEFENSE Security Advisory 05.25.05: GNU Mailutils 0.6 imap4d fetch_io Heap overflow Vulnerability iDEFENSE Labs
iDEFENSE Security Advisory 05.25.05: GNU Mailutils 0.6 imap4d FETCH Command Resource Consumption DoS Vulnerability iDEFENSE Labs
PHP Injection in PHP Poll Creator rash ilusion
shtool insecure temporary file creation ZATAZ.net
High Risk Vulnerability in L-Soft's LISTSERV Server NGSSoftware Insight Security Research
OpenServer 5.0.6 OpenServer 5.0.7 : nwprint privilege escalation please_reply_to_security
Zone Labs ZoneAlarm Vet anti-virus engine OLE processing vulnerability Zone Labs Product Security
davfs2 does not honour Unix permissions martin f krafft

Thursday, 26 May

[SECURITY] [DSA 728-2] New qpopper packages fix arbitrary file overwriting Martin Schulze
[SECURITY] [DSA 729-1] New PHP4 packages fix denial of service Martin Schulze
Alwil Software Avast Antivirus Device Driver Memory Overwrite Vulnerability Piotr Bania
Re: PHP Injection in PHP Poll Creator Michael Cordover
Invision Power Board 1.* and 2.* Exploit (BID 13529) Petey Beege
[ GLSA 200505-19 ] gxine: Format string vulnerability Thierry Carrez
[USN-133-1] Apache utility vulnerability Martin Pitt
[USN-134-1] Firefox vulnerabilities Martin Pitt
Re: PowerLink WAN Aggregator - Vunerability preasoner
[security bulletin] SSRT4884 rev.0 - HP-UX TCP/IP Remote Denial of Service (DoS) Boren, Rich (SSRT)
[security bulletin] SSRT5954 rev.1 - HP-UX TCP/IP Remote Denial of Service (DoS) Boren, Rich (SSRT)
Re: Multiple Sql injection and XSS vulnerabilities in phpBB Plus v.1.52 and below and some of its modules. security curmudgeon
Meteor FTP Server: PoC Exploit Dim K0r0l
Re: [Full-disclosure] iDEFENSE Security Advisory 05.24.05: Ipswitch IMail Web Calendaring Arbitrary File Read Vulnerability jamesbug
Re: ACROS Security: HTML Injection in BEA WebLogic Server Console (2) Will Schroeder
[security bulletin] SSRT5899 rev.0 - HP-UX trusted system remote unauthorized access Boren, Rich (SSRT)
Re: Commonly used disk imaging and wiping tools can be tricked to miss parts of a disk Arne Vidström
Buffer-overflow and crash in Terminator 3: War of the Machines 1.16 Luigi Auriemma
Buffer-overflow in C'Nedra 0.4.0 Luigi Auriemma

Friday, 27 May

PHP Stat Administrative User Authentication Bypass SoulBlack Group
PostNuke Critical SQL Injection and XSS 0.750=>x sp3x
[USN-114-2] Fixed packages for USN-114-1 Martin Pitt
[USN-135-1] gdb vulnerabilities Martin Pitt
[ GLSA 200505-20 ] Mailutils: Multiple vulnerabilities in imap4d and mail Thierry Carrez
[USN-136-1] binutils vulnerability Martin Pitt
[USN-136-2] Fixed packages for USN-136-1 Martin Pitt
User32.dll Icon Size Crash - k -
[AppSecInc Advisory BEA05-V0100] BEA WebLogic Administration Console error page cross-site scripting vulnerability Team SHATTER
[AppSecInc Advisory BEA05-V0101] BEA WebLogic Administration Console login page cross-site scripting vulnerability Team SHATTER
RE: CAID 32896 - Computer Associates Vet Antivirus engine heap overflow vulnerability Williams, James K
DSL-504T (and maybe many other) remote access without password bug alessandro
Citrix security contact Eyal Udassin
Re: [SECURITY] [DSA 729-1] New PHP4 packages fix denial of service John GALLET
RE: ACROS Security: HTML Injection in BEA WebLogic Server Console (2) ACROS Security
[SECURITY] [DSA 730-1] New bzip2 packages fix file unauthorised permissions modification Martin Schulze
Re: User32.dll Icon Size Crash Daniel Souza
SQL Injection Exploit for myBloggie 2.1.1 - 2.1.2 Alberto Trivero

Monday, 30 May

Microsoft Internet Explorer - Crash on adding sites to restricted zone (05/28/2005) Benjamin Tobias Franz
Microsoft Internet Explorer - Crash on JavaScript "window()"-calling (05/28/2005) Benjamin Tobias Franz
Microsoft Internet Explorer - Crash on processing embedded files with endless loop (05/28/2005) Benjamin Tobias Franz
Microsoft Internet Explorer - Crash on to many stack overflows (05/28/2005) Benjamin Tobias Franz
PicoWebServer Remote Unicode Stack Overflow Dennis Elser
Format String Vulnerability In Peercast 0.1211 And Earlier GulfTech Security Research
Compuware Softice (DbgMsg driver) Local Denial Of Service Piotr Bania
Crash in Stronghold 2 1.2 Luigi Auriemma
CYBSEC - PHPMailer Infinite Loop Denial of Service Mariano Nuñez Di Croce
MyBB 1.0 RC4 XSS Bug August Christopher
Multiple vulnerabilities in x-cart Gold CENSORED
MDKSA-2005:095 - Updated gdb packages fix vulnerabilities Mandriva Security Team

Tuesday, 31 May

Re: Microsoft Internet Explorer - Crash on JavaScript "window()"-calling (05/28/2005) - k -
TSL-2005-0026 - multi Trustix Security Advisor
Spam exploiting MS05-016 Nick FitzGerald
TSL-2005-0025 - binutils Trustix Security Advisor
RE: Microsoft Internet Explorer - Crash on adding sites to restri cted zone (05/28/2005) Hohn, Joerg
Nortel VPN Router Malformed Packet DoS Vulnerability Roy Hills
Re: Microsoft Internet Explorer - Crash on JavaScript "window()"-calling (05/28/2005) Benton Lam
Re: [security () suse de] [XNUXER-SECURITY] Root Privilige Escalation in Sudo version 1.6.8p7 without Password, SuSE 9.3 Marcus Meissner
[XNUXER-SECURITY] Root Privilige Escalation in Sudo version 1.6.8p7 without Password, SuSE 9.3 Xnuxer Security
PowerDownload Remote File Inclusion SoulBlack Group
SyScAN'05 organiser () syscan org
[Argeniss] MS05-012 Exploit Cesar
Wide-scale industrial espionage using Trojan horses in Israel Gadi Evron
Re: [XNUXER-SECURITY] Root Privilige Escalation in Sudo version 1.6.8p7 without Password, SuSE 9.3 Ow Mun Heng
multiple vulnerability Calendarix Advanced DarkBicho
Multiple vulnerabilities in MyBulletinBoard (MyBB) 1.00 RC4 Alberto Trivero
504T and now also 604T remote access. alessandro
Re: [security () suse de] [XNUXER-SECURITY] Root Privilige Escalation in Sudo version 1.6.8p7 without Password, SuSE 9.3 Todd C. Miller
Re: [security () suse de] [XNUXER-SECURITY] Root Privilige Escalation in Sudo version 1.6.8p7 without Password, SuSE 9.3 Justin
Re: Citrix security contact security curmudgeon
Previous period Next period
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]