Bugtraq: by thread

Re: [Full-disclosure] ZDI-06-043: Novell Netware Client Print Provider Buffer Overflow Vulnerability zdi-disclosures_at_3com.com (Nov 30 2006)
- Re: [Full-disclosure] ZDI-06-043: Novell Netware Client Print Provider Buffer Overflow Vulnerability Dude VanWinkle (Nov 30 2006)
Invision Gallery 2.0.7 SQL Injection Vulnerability infection_at_mail.kz (Dec 01 2006)
- Re: Invision Gallery 2.0.7 SQL Injection Vulnerability emin_at_hasanov.com (Dec 03 2006)
Re: Invision Community Blog Mod 1.2.4 .PHP SQL Injection Vulnerability emin_at_hasanov.com (Nov 30 2006)
[SECURITY] [DSA 1205-2] New thttpd packages fix insecure temporary file creation Steve Kemp (Dec 01 2006)
[ MDKSA-2006:220 ] - Updated libgsf packages fix heap buffer overflow vulnerability security_at_mandriva.com (Nov 30 2006)
[ MDKSA-2006:221 ] - Updated gnupg packages fix vulnerability security_at_mandriva.com (Nov 30 2006)
rPSA-2006-0221-1 openldap openldap-clients openldap-servers rPath Update Announcements (Nov 30 2006)
[Aria-Security.Net] Web Hosting Control Panel - cPanel 11 Multiple Cross-Site Scripting Vulnerabilites Advisory_at_Aria-Security.Net (Nov 30 2006)
deV!L`z Clanportal - Arbitrary File Upload [061124b] Tim Weber (Dec 01 2006)
deV!L`z Clanportal - SQL Injection [061124a] Tim Weber (Dec 01 2006)
Layered Defense Advisory: Novell Client 4.91 Format String Vulnerability dh_at_layereddefense.com (Dec 01 2006)
[SECURITY] [DSA 1223-1] New tar packages fix arbitrary file overwrite Noah Meyerhans (Dec 01 2006)
Outpost Bypassing Self-Protection via Advanced DLL injection with handle stealing Vulnerability Matousec - Transparent security Research (Dec 01 2006)
rPSA-2006-0220-1 dovecot rPath Update Announcements (Nov 30 2006)
Aspee Ziyareti Defteri (tr) Sql injection Vuln. ShaFuq31_at_HoTMaiL.CoM (Dec 01 2006)
iDefense Security Advisory 12.01.06: Novell ZENworks Asset Management Msg.dll Heap Overflow Vulnerability iDefense Labs (Dec 01 2006)
[SECURITY] [DSA 1222-2] New proftpd packages fix several vulnerabilities Moritz Muehlenhoff (Dec 01 2006)
iDefense Security Advisory 12.01.06: Novell ZENworks Asset Management Collection Client Heap Overflow Vulnerability iDefense Labs (Dec 01 2006)
rPSA-2006-0224-1 gnupg rPath Update Announcements (Nov 30 2006)
TSLSA-2006-0068 - multi Trustix Security Advisor (Dec 01 2006)
Re: safely concatenating strings in portable C (Re: GnuPG 1.4 and 2.0 buffer overflow) Simon Josefsson (Dec 01 2006)
rPSA-2006-0222-1 tar rPath Update Announcements (Nov 30 2006)
freeqboard <= 1.1 (qb_path) Remote File Include Vulnerability -= SHELL =- -= SHELL =- (Dec 01 2006)
[ MDKSA-2006:223 ] - Updated ImageMagick packages fixes vulnerability security_at_mandriva.com (Dec 01 2006)
[Aria-Security Team] DuWare DuNews SQL Injection Vuln Advisory_at_Aria-Security.Net (Dec 01 2006)
[Aria-Security Team] DuWare DuClassMate SQL Injection Vuln Advisory_at_Aria-Security.Net (Dec 01 2006)
[Aria-Security Team] DuWare DuPortal SQL Injection Vuln Advisory_at_Aria-Security.Net (Dec 01 2006)
PHPNews 1.3.0 XSS emulamex_at_hotmail.com (Dec 01 2006)
KhaledMuratList mdb blasterim_at_hotmail.com (Dec 02 2006)
[ MDKSA-2006:222 ] - Updated koffice packages fixes integer overflow vulnerability security_at_mandriva.com (Dec 01 2006)
[Aria-Security Team] DuWare DuDownloads SQL Injection Vuln Advisory_at_Aria-Security.Net (Dec 01 2006)
CuteNews 1.3.6 XSS emulamex_at_hotmail.com (Dec 01 2006)
[Aria-Security Team] DuWare DuForum SQL Injection Vuln Advisory_at_Aria-Security.Net (Dec 01 2006)
[Aria-Security Team] DuWare DuPaypal SQL Injection Vuln Advisory_at_Aria-Security.Net (Dec 01 2006)
[ISecAuditors Advisories] BlueSocket web administration is vulnerable to XSS ISecAuditors Security Advisories (Dec 02 2006)
listpics v5 blasterim_at_hotmail.com (Dec 02 2006)
[ISecAuditors Security Advisories] IMAP/SMTP Injection in Hastymail ISecAuditors Security Advisories (Dec 02 2006)
Metyus Okul Ynetim Sistemi V.1.0 (tr) Sql injection Vuln. ShaFuq31_at_HoTMaiL.CoM (Dec 02 2006)
[ISecAuditors Security Advisories] XSS vulnerability in error page of ISMail ISecAuditors Security Advisories (Dec 02 2006)
fl0p - passive L7 flow fingerprinting Michal Zalewski (Dec 02 2006)
Online BookMarks Multiple SQL Injection/XSS Vulnerabilities security_at_vigilon.com (Dec 03 2006)
[SECURITY] [DSA 1224-1] New Mozilla packages fix several vulnerabilities Martin Schulze (Dec 03 2006)
[SECURITY] [DSA 1225-1] New Mozilla Firefox packages fix several vulnerabilities Martin Schulze (Dec 03 2006)
SMF upload XSS vulnerability Jessica Hope (Dec 03 2006)
2[xss]Vulnerabilities in Script Mobile Ac4p.com gamr-14_at_hotmail.com (Dec 03 2006)
PhpMyAdmin 2.7.0-pl2 Path Disclosure | Multiple CRLF/Http Response Splitting ajannhwt_at_hotmail.com (Dec 03 2006)
MS Internet Explorer 6.0 (mshtml.dll) Denial of Service Exploit ajannhwt_at_hotmail.com (Dec 03 2006)
- Re: MS Internet Explorer 6.0 (mshtml.dll) Denial of Service Exploit 3APA3A (Dec 05 2006)
[SECURITY] [DSA 1225-2] New Mozilla Firefox packages fix several vulnerabilities Martin Schulze (Dec 03 2006)
[SECURITY] [DSA 1226-1] New links packages fix arbitrary shell command execution Moritz Muehlenhoff (Dec 03 2006)
Vt-Forum Lite System V.1.3 Xss Vuln. starext_at_msn.com (Dec 03 2006)
Re: UPublisher Exploit - Superfreaker me_at_overhere.cc (Dec 03 2006)
[Aria-Security Team] uGestBook SQL Injection Vuln Advisory_at_Aria-Security.Net (Dec 03 2006)
- Re: [Aria-Security Team] uGestBook SQL Injection Vuln Stuart Moore (Dec 05 2006)
  - Re: Re: [Aria-Security Team] uGestBook SQL Injection Vuln saps.audit_at_gmail.com (Dec 05 2006)
[SECURITY] [DSA 1227-1] New Mozilla Thunderbird packages fix several vulnerabilities Martin Schulze (Dec 04 2006)
Multiple bugs in TFT-Gallery nj_at_hackerz.ir (Dec 04 2006)
- Re: Multiple bugs in TFT-Gallery simo64_at_morx.org (Dec 04 2006)
[USN-392-1] xine-lib vulnerability Kees Cook (Dec 04 2006)
F-Prot Antivirus for Unix: heap overflow and Denial of Service research_at_gleg.net (Dec 04 2006)
Re: aBitWhizzy [local file include] john.goodman_at_unverse.net (Dec 04 2006)
[USN-391-1] libgsf vulnerability Kees Cook (Dec 04 2006)
[ MDKSA-2006:214-1 ] - Updated gv packages fix buffer overflow vulnerability security_at_mandriva.com (Dec 04 2006)
Symantec LiveState Agent for Windows vulnerability - Local Privilege Escalation ss_team (Dec 04 2006)
- RE: Symantec LiveState Agent for Windows vulnerability - Local Privilege Escalation Michael Scheidell (Dec 05 2006)
  - Re: Symantec LiveState Agent for Windows vulnerability - Local Privilege Escalation eugeny gladkih (Dec 05 2006)
    - Re: Symantec LiveState Agent for Windows vulnerability - Local Privilege Escalation Steve Shockley (Dec 05 2006)
    - Re: Symantec LiveState Agent for Windows vulnerability - Local Privilege Escalation Ansgar -59cobalt- Wiechers (Dec 05 2006)
- Re: Symantec LiveState Agent for Windows vulnerability - Local Privilege Escalation Thor (Hammer of God) (Dec 05 2006)
- RE: Symantec LiveState Agent for Windows vulnerability - Local Privilege Escalation Michael Scheidell (Dec 06 2006)
XSS in JAB Guest Book nj_at_hackerz.ir (Dec 04 2006)
- Re: XSS in JAB Guest Book Steven M. Christey (Dec 07 2006)
- Re: XSS in JAB Guest Book Barnz_at_hotmail.co.uk (Dec 08 2006)
rPSA-2006-0211-2 doxygen libpng rPath Update Announcements (Dec 04 2006)
new xss in modbb forum h angel (Dec 04 2006)
TSRT-06-14: IBM Tivoli Storage Manager Mutiple Buffer Overflow Vulnerabilities TSRT_at_3com.com (Dec 04 2006)
SNORT Covered channels detector patch fryxar fryxar (Dec 05 2006)
[KOffice security advisory] KOffice OLEfilter integer overflow Dirk Mueller (Dec 05 2006)
Re: GnuPG 1.4 and 2.0 buffer overflow Damien Miller (Dec 05 2006)
Re: Evolve Merchant[ injection sql ] tony_at_lynxinternet.com (Dec 05 2006)
URL Rdirecction Bug Yahoo matrix_at_hackerz.ir (Dec 05 2006)
CYBSEC - Security Pre-Advisory: SAP Internet Graphics Service (IGS) Undocumented Features Mariano Nu�ez Di Croce (Dec 05 2006)
CYBSEC - Security Pre-Advisory: SAP Internet Graphics Service (IGS) Remote Arbitrary File Removal Mariano Nu�ez Di Croce (Dec 05 2006)
DistrRTgen 1.0 launched! Martin J�rgensen (Dec 05 2006)
[SECURITY] [DSA 1228-1] New elinks packages fix arbitrary shell command execution Moritz Muehlenhoff (Dec 05 2006)
EasyPage Portal ( all ver )SQL Injection matrix_at_hackerz.ir (Dec 05 2006)
- Re: EasyPage Portal ( all ver )SQL Injection saps.audit_at_gmail.com (Dec 05 2006)
Re: Symantec LiveState Agent for Windows vulnerabi Damjan (Dec 05 2006)
- Re: Symantec LiveState Agent for Windows vulnerabi eugeny gladkih (Dec 05 2006)
eEye's Zero-Day Tracker Launch chinese soup (Dec 05 2006)
[security bulletin] HPSBUX02145 SSRT061202 rev.2 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), and Unauthorized Access security-alert_at_hp.com (Dec 05 2006)
HPSBUX02178 SSRT061267 rev.1 - HP-UX Secure Shell Remote Denial of Service (DoS) security-alert_at_hp.com (Dec 05 2006)
EEYE: Adobe Download Manager AOM Stack Buffer Overflow Vulnerability eEye Advisories (Dec 05 2006)
[ MDKSA-2006:224 ] - Updated xine-lib packages fix buffer overflow vulnerability security_at_mandriva.com (Dec 05 2006)
[USN-390-2] evince vulnerability Kees Cook (Dec 05 2006)
Barracuda Convert-UUlib library buffer overflow leads to remote compromise Jean-S�bastien Guay-Leroux (Dec 05 2006)
Internet Explorer 6. CSS Expression Denial of Service (P.o.C.) Jos� Carlos Nieto Jarqu�n (Dec 05 2006)
Re: Internet Explorer 6 CSS "expression" Denial of Service Exploit (P.o.C.) Jos� Carlos Nieto Jarqu�n (Dec 05 2006)
- Re: Internet Explorer 6 CSS "expression" Denial of Service Exploit (P.o.C.) Andrius Paurys (Dec 07 2006)
  - Re: Internet Explorer 6 CSS "expression" Denial of Service Exploit (P.o.C.) chinese soup (Dec 08 2006)
    - Re: Internet Explorer 6 CSS "expression" Denial of Service Exploit (P.o.C.) chinese soup (Dec 09 2006)
Uploadscript Vulnerabilities: Text file Hash password hack2prison_at_yahoo.com (Dec 06 2006)
FreeBSD Security Advisory FreeBSD-SA-06:25.kmem FreeBSD Security Advisories (Dec 06 2006)
FreeBSD Security Advisory FreeBSD-SA-06:26.gtar FreeBSD Security Advisories (Dec 06 2006)
[SECURITY] [DSA 1229-1] New Asterisk packages fix arbitrary code execution Martin Schulze (Dec 06 2006)
Oracle PL/SQL Fuzzing Tool Joxean Koret (Dec 06 2006)
BTSaveMySql 1.2 (acces to config files) sn0oPy.team_at_gmail.com (Dec 06 2006)
Multiple Vendor Unusual MIME Encoding Content Filter Bypass Hendrik Weimer (Dec 06 2006)
- Re: Multiple Vendor Unusual MIME Encoding Content Filter Bypass Tomasz Kojm (Dec 07 2006)
  - Re: Multiple Vendor Unusual MIME Encoding Content Filter Bypass Luke Borg (Dec 07 2006)
  - Re: Multiple Vendor Unusual MIME Encoding Content Filter Bypass michele.sandrelli_at_katamail.com (Dec 07 2006)
  - Re[2]: Multiple Vendor Unusual MIME Encoding Content Filter Bypass 3APA3A (Dec 07 2006)
    - Re: Multiple Vendor Unusual MIME Encoding Content Filter Bypass Tomasz Kojm (Dec 07 2006)
- Re: Multiple Vendor Unusual MIME Encoding Content Filter Bypass Gadi Evron (Dec 07 2006)
SYMSA-2006-012: 2X ThinClientServer Create Admin Account Replay Vulnerability research_at_symantec.com (Dec 06 2006)
GnuPG: remotely controllable function pointer [CVE-2006-6235] Werner Koch (Dec 06 2006)
rPSA-2006-0226-1 kernel rPath Update Announcements (Dec 06 2006)
[ MDKSA-2006:225 ] - Updated ruby packages fix DoS vulnerability security_at_mandriva.com (Dec 06 2006)
rPSA-2006-0227-1 gnupg rPath Update Announcements (Dec 06 2006)
Microsoft 0-day word vulnerability - Secunia - Extremely critical Ryan Buena (Dec 06 2006)
- Re: Microsoft 0-day word vulnerability - Secunia - Extremely critical Andrew Simmons (Dec 07 2006)
- Re: Microsoft 0-day word vulnerability - Secunia - Extremely critical Juha-Matti Laurio (Dec 07 2006)
- Re: Microsoft 0-day word vulnerability - Secunia - Extremely critical schafer_jeffrey_at_hotmail.com (Dec 13 2006)
  - Re: Re: Microsoft 0-day word vulnerability - Secunia - Extremely critical schafer_jeffrey_at_hotmail.com (Dec 14 2006)
New MySpace worm could be on its way pdp (architect) (Dec 06 2006)
ZDI-06-044: Adobe Download Manager AOM Parsing Buffer Overflow Vulnerability zdi-disclosures_at_3com.com (Dec 06 2006)
[ GLSA 200612-01 ] wv library: Multiple integer overflows Sune Kloppenborg Jeppesen (Dec 07 2006)
Linksys WIP 330 VoIP wireless phone crash from Nmap scan Shawn Merdinger (Dec 06 2006)
Digital Armaments Security Advisory 07.12.2006: Yahoo multiple services authentication bypass Vulnerability info_at_digitalarmaments.com (Dec 07 2006)
TSRT-06-15: Citrix Presentation Server Client ActiveX Heap Overflow Vulnerability TSRT_at_3com.com (Dec 06 2006)
Some Thoughts about Office Open XML and Malware Detection Jan P. Monsch (Dec 07 2006)
[USN-393-1] GnuPG vulnerability Kees Cook (Dec 06 2006)
Re: The Week of Oracle Database Bugs Tony Jambu (Dec 07 2006)
phpbb 2.0.x [xss] saps.audit_at_gmail.com (Dec 07 2006)
[USN-390-3] evince-gtk vulnerability Kees Cook (Dec 06 2006)
phpAdsNew-2.0.4-pr2 Remote File Inclusion Exploit crackers_child_at_sibersavascilar.com (Dec 07 2006)
[USN-393-2] GnuPG2 vulnerabilities Kees Cook (Dec 07 2006)
DUdirectory Admin Panel SQL Injection Meftun_at_MeftunNet.com (Dec 07 2006)
[OpenPKG-SA-2006.037] OpenPKG Security Advisory (gnupg) OpenPKG GmbH (Dec 07 2006)
EEYE: Intel Network Adapter Driver Local Privilege Escalation eEye Advisories (Dec 07 2006)
[Aria-Security Team] CentOS 4.2 i686 - WHM X v3.1.0 Cross-Site Scripting Advisory_at_Aria-Security.Net (Dec 07 2006)
[Aria-Security Team] cPanel 11 pops.html Cross-Site Scripting Advisory_at_Aria-Security.Net (Dec 07 2006)
[Aria-Security Team] cPanel BoxTrapper Cross Site Scripting Advisory_at_Aria-Security.Net (Dec 07 2006)
TSLSA-2006-0070 - multi Trustix Security Advisor (Dec 08 2006)
[OpenPKG-SA-2006.038] OpenPKG Security Advisory (tar) OpenPKG GmbH (Dec 08 2006)
[SECURITY] [DSA-1230-1] new l2tpns packages fix buffer overflow Steve Kemp (Dec 08 2006)
Microsoft Word 0-day Vulnerability FAQ (CVE-2006-5994) written Juha-Matti Laurio (Dec 07 2006)
Midicart vulerable ifx_at_cupu.us (Dec 08 2006)
[CAID 34846]: CA BrightStor ARCserve Backup Discovery Service Buffer Overflow Vulnerability Williams, James K (Dec 08 2006)
[USN-394-1] Ruby vulnerability Kees Cook (Dec 07 2006)
LS-20060908 - Computer Associates BrightStor ARCserve Backup v11.5 Remote Buffer Overflow Vulnerability advisories_at_lssec.com (Dec 08 2006)
LS-20061001 - Computer Associates BrightStor ARCserve Backup v11.5 Remote Buffer Overflow Vulnerability advisories_at_lssec.com (Dec 08 2006)
Animated Smiley Generator File Include Vul. starext_at_msn.com (Dec 08 2006)
PHP 5.2.0 session.save_path safe_mode and open_basedir bypass cxib_at_securityreason.com (Dec 08 2006)
- Re: PHP 5.2.0 session.save_path safe_mode and open_basedir bypass Ismail Donmez (Dec 09 2006)
PhpBB Toplist 1.3.7 Xss Vuln. starext_at_msn.com (Dec 08 2006)
ASX Playlists and Jumping to Conclusions S�nnet Beskerming (Dec 07 2006)
Enforcing Java Security Manager in Restricted Windows Environments? Jan P. Monsch (Dec 08 2006)
- Re: Enforcing Java Security Manager in Restricted Windows Environments? jim_at_manico.net (Dec 21 2006)
  - RE: Enforcing Java Security Manager in Restricted Windows Environments? Jan P. Monsch (Dec 21 2006)
iDefense Security Advisory 12.08.06: Multiple Vendor Antivirus RAR File Denial of Service Vulnerability iDefense Labs (Dec 08 2006)
iDefense Security Advisory 12.08.06: Sophos Antivirus CHM Chunk Name Length Memory Corruption Vulnerability iDefense Labs (Dec 08 2006)
iDefense Security Advisory 12.08.06: Sophos Antivirus CHM File Heap Overflow Vulnerability iDefense Labs (Dec 08 2006)
Call For Papers: SecurityOPUS 2007 Sharkey (Dec 08 2006)
[ GLSA 200612-02 ] xine-lib: Buffer overflow Sune Kloppenborg Jeppesen (Dec 08 2006)
KDPics Multiple Vulnerabities mr_kaliman_at_msn.com (Dec 09 2006)
ProNews V1.5 XSS & SQL Injection mr_kaliman_at_msn.com (Dec 09 2006)
Messageriescripthp V2.0 XSS & SQL Injection mr_kaliman_at_msn.com (Dec 09 2006)
AnnonceScriptHP V2.0 Multiple Vulnerabilities mr_kaliman_at_msn.com (Dec 09 2006)
[SECURITY] [DSA 1231-1] New gnupg packages fix arbitrary code execution Moritz Muehlenhoff (Dec 09 2006)
[SECURITY] [DSA 1232-1] New clamav packages fix denial of service Moritz Muehlenhoff (Dec 09 2006)
[ GLSA 200612-04 ] ModPlug: Multiple buffer overflows Raphael Marichez (Dec 10 2006)
[SECURITY] [DSA 1233-1] New Linux 2.6.8 packages fix several vulnerabilities Dann Frazier (Dec 10 2006)
WASC-Announcement: MX Injection - Capturing and Exploiting Hidden Mail Servers By Vicente Aguilera Diaz robert_at_webappsec.org (Dec 11 2006)
D-LINK DWL-2000AP+ remote DoS poplix_at_papuasia.org (Dec 11 2006)
[ GLSA 200612-09 ] MadWifi: Kernel driver buffer overflow Raphael Marichez (Dec 10 2006)
[SBDA] - ColdFusion MX7 - Multiple Vulnerabilities Brett Moore (Dec 10 2006)
Unauthenticated access to IBM Host On-Demand administration pages Ferguson, David (Kansas City) (Dec 11 2006)
[ MDKSA-2006:226 ] - Updated squirrelmail packages fix vulnerabilities security_at_mandriva.com (Dec 11 2006)
RFIDIOt release - version 0.1i Adam Laurie (Dec 10 2006)
Firefox 2.0 security bug: Extensions can hide themself azurIt (Dec 10 2006)
ERRATA: [ GLSA 200612-03 ] GnuPG: Multiple vulnerabilities Raphael Marichez (Dec 11 2006)
Multiple vulnerabilities in Winamp Web Interface 7.5.13 Luigi Auriemma (Dec 10 2006)
[ GLSA 200612-08 ] SeaMonkey: Multiple vulnerabilities Raphael Marichez (Dec 10 2006)
Several updates in Microsoft Word 0-day (CVE-2006-5994) FAQ document Juha-Matti Laurio (Dec 10 2006)
Another, different MS Word 0-day vulnerability reported Juha-Matti Laurio (Dec 10 2006)
- Re: Another, different MS Word 0-day vulnerability reported Juha-Matti Laurio (Dec 10 2006)
looking for security community input Gadi Evron (Dec 10 2006)
shopsite advisory DoZ_at_hackerscenter.com (Dec 10 2006)
- Re: shopsite advisory bugtraq_at_stunkworks.com (Dec 12 2006)
[ GLSA 200612-06 ] Mozilla Thunderbird: Multiple vulnerabilities Raphael Marichez (Dec 10 2006)
Secunia Research: MailEnable IMAP Service Buffer Overflow Vulnerability Secunia Research (Dec 11 2006)
Re: LS-20061001 - Computer Associates BrightStor ARCserve Backup Williams, James K (Dec 11 2006)
[ GLSA 200612-10 ] Tar: Directory traversal vulnerability Matthias Geerdsen (Dec 11 2006)
The newest Word flaw is due to malformed data structure handling Juha-Matti Laurio (Dec 11 2006)
- Re: The newest Word flaw is due to malformed data structure handling Alexander Sotirov (Dec 11 2006)
- Re: The newest Word flaw is due to malformed data structure handling Dave \ (Dec 12 2006)
- Re: The newest Word flaw is due to malformed data structure handling Steven M. Christey (Dec 13 2006)
- Re: The newest Word flaw is due to malformed data structure handling Juha-Matti Laurio (Dec 14 2006)
  - Re: Re: The newest Word flaw is due to malformed data structure handling test_at_test.pl (Dec 12 2006)
Re: LS-20060908 - Computer Associates BrightStor ARCserve Backup Williams, James K (Dec 11 2006)
[ GLSA 200612-03 ] GnuPG: Multiple vulnerabilities Raphael Marichez (Dec 10 2006)
RFID access control tokens widely open to cloning Adam Laurie (Dec 11 2006)
[ GLSA 200612-07 ] Mozilla Firefox: Multiple vulnerabilities Raphael Marichez (Dec 10 2006)
Secunia Research: AOL CDDBControl ActiveX Control "SetClientInfo()" Buffer Overflow Secunia Research (Dec 11 2006)
[ GLSA 200612-05 ] KOffice shared libraries: Heap corruption Sune Kloppenborg Jeppesen (Dec 10 2006)
[ MDKSA-2006:227 ] - Updated kdegraphics packages fix EXIF vulnerability security_at_mandriva.com (Dec 11 2006)
[ GLSA 200612-09 ] MadWifi: Kernel driver buffer overflow Raphael Marichez (Dec 11 2006)
[ MDKSA-2006:228 ] - Updated gnupg packages fix vulnerability security_at_mandriva.com (Dec 11 2006)
OpenLDAP kbind authentication buffer overflow Solar Eclipse (Dec 12 2006)
[SBDA] SiteKiosk - FileSystem Access Brett Moore (Dec 11 2006)
Web Apps- Rad Upload Version 3.02 Remote File Include Vulnerability rko.thelegendkiller_at_gmail.com (Dec 12 2006)
rPSA-2006-0230-1 evince rPath Update Announcements (Dec 12 2006)
rPSA-2006-0231-1 squirrelmail rPath Update Announcements (Dec 12 2006)
ZDI-06-045: Sophos Anti-Virus CPIO Archive Parsing Buffer Overflow Vulnerability zdi-disclosures_at_3com.com (Dec 12 2006)
Re: [fuzzing] OWASP Fuzzing page Joxean Koret (Dec 12 2006)
- NOT a 0day! Re: [fuzzing] [Full-disclosure] OWASP Fuzzing page Gadi Evron (Dec 14 2006)
  - Re: [fuzzing] NOT a 0day! Re: [Full-disclosure] OWASP Fuzzing page Jerome Athias (Dec 14 2006)
    - Re: [fuzzing] NOT a 0day! Re: [Full-disclosure] OWASP Fuzzing page Juha-Matti Laurio (Dec 14 2006)
    - Re: [fuzzing] NOT a 0day! Re: [Full-disclosure] OWASP Fuzzing page Gadi Evron (Dec 14 2006)
ZDI-06-047: Microsoft Visual Studio WmiScriptUtils.dll Cross-Zone Scripting Vulnerability zdi-disclosures_at_3com.com (Dec 12 2006)
BLOG:CMS Remote file include Vulnerability security_at_soqor.net (Dec 10 2006)
Secunia Research: Internet Explorer Script Error Handling Memory Corruption Secunia Research (Dec 12 2006)
[ GLSA 200612-12 ] F-PROT Antivirus: Multiple vulnerabilities Sune Kloppenborg Jeppesen (Dec 12 2006)
ZDI-06-048: Microsoft Internet Explorer normalize() Function Memory Corruption Vulnerability zdi-disclosures_at_3com.com (Dec 12 2006)
[ GLSA 200612-13 ] libgsf: Buffer overflow Sune Kloppenborg Jeppesen (Dec 12 2006)
[ GLSA 200612-14 ] Trac: Cross-site request forgery Sune Kloppenborg Jeppesen (Dec 12 2006)
ZDI-06-046: Sophos Anti-Virus SIT Archive Parsing Buffer Overflow Vulnerability zdi-disclosures_at_3com.com (Dec 12 2006)
iDefense Security Advisory 12.12.06: Sun Microsystems Solaris ld.so 'doprf()' Buffer Overflow Vulnerability iDefense Labs (Dec 12 2006)
iDefense Security Advisory 12.12.06: Sun Microsystems Solaris ld.so Directory Traversal Vulnerability iDefense Labs (Dec 12 2006)
[SECURITY] [DSA-1234-1] New ruby1.6 package fix denial of service Steve Kemp (Dec 13 2006)
Re: worksystem => Remote File Include Vulnerability Exploit Laurent.van_den_reysen_at_tiscali.fr (Dec 13 2006)
[SECURITY] [DSA-1235-1] New ruby1.8 package fix denial of service Steve Kemp (Dec 13 2006)
[SECURITY] [DSA-1236-1] New enemies-of-carlotta package fix missing sanity checks Steve Kemp (Dec 13 2006)
ASP Cmd Shell On IIS 5.1 Brett Moore (Dec 12 2006)
IBM DB2 Remote DoS during CONNECT processing Team SHATTER (Dec 13 2006)
ZDI-06-050: Symantec Veritas NetBackup CONNECT_OPTIONS Buffer Overflow Vulnerability zdi-disclosures_at_3com.com (Dec 13 2006)
ZDI-06-049: Symantec Veritas NetBackup Long Request Buffer Overflow Vulnerability zdi-disclosures_at_3com.com (Dec 13 2006)
CORE-2006-1127: ProFTPD Controls Buffer Overflow CORE Security Technologies Advisories (Dec 13 2006)
Call for papers and presenters - Dec. 15th deadline Mike Allgeier (Dec 13 2006)
The (in)security of Xorg and DRI Darren Reed (Dec 13 2006)
- Re: The (in)security of Xorg and DRI Nicolas RUFF (Dec 15 2006)
  - Re: The (in)security of Xorg and DRI Darren Reed (Dec 17 2006)
  - Re: The (in)security of Xorg and DRI Darren Reed (Dec 17 2006)
- Re: The (in)security of Xorg and DRI Pavel Kankovsky (Dec 26 2006)
[ GLSA 200612-16 ] Links: Arbitrary Samba command execution Raphael Marichez (Dec 14 2006)
GenesisTrader v1.0 - Multiple Vulnerabilities mr_kaliman_at_msn.com (Dec 13 2006)
HyperAccess - Multiple Vulnerabilities Brett Moore (Dec 13 2006)
[USN-380-2] avahi regression Martin Pitt (Dec 14 2006)
rPSA-2006-0232-1 libgsf rPath Update Announcements (Dec 14 2006)
[ MDKSA-2006:229 ] - Updated evince packages fix buffer overflow vulnerability security_at_mandriva.com (Dec 13 2006)
[ MDKSA-2006:230 ] - Updated clamav packages fix vulnerability security_at_mandriva.com (Dec 13 2006)
[CAID 34870]: CA Anti-Virus vetfddnt.sys, vetmonnt.sys Local Denial of Service Vulnerabilities Williams, James K (Dec 14 2006)
[ MDKSA-2006:164-2 ] - Updated xorg-x11/XFree86 packages fix integer overflow vulnerabilities security_at_mandriva.com (Dec 14 2006)
iDefense Security Advisory 12.14.06: GNOME Foundation Display Manager gdmchooser Format String Vulnerability iDefense Labs (Dec 14 2006)
- Re: iDefense Security Advisory 12.14.06: GNOME Foundation Display Manager gdmchooser Format String Vulnerability iDefense Labs (Dec 14 2006)
[ GLSA 200612-17 ] GNU Radius: Format string vulnerability Raphael Marichez (Dec 14 2006)
Kerio MailServer < 6.3.1 remote Denial of Service research_at_gleg.net (Dec 14 2006)
[ GLSA 200612-15 ] McAfee VirusScan: Insecure DT_RPATH Sune Kloppenborg Jeppesen (Dec 13 2006)
CanSecWest 2007 (April 18-20) Call For Papers (Deadline January 7th) Dragos Ruiu (Dec 13 2006)
Top 10 Real Computer Crimes for 2007 Pete Herzog (Dec 14 2006)
[ MDKSA-2006:231 ] - Updated gdm packages fix string vulnerability security_at_mandriva.com (Dec 14 2006)
BitDefender AV Packed PE File Parsing Engine Heap Overflow security_at_nruns.com (Dec 15 2006)
TSLSA-2006-0072 - clamav Trustix Security Advisor (Dec 15 2006)
Windows Explorer WMV File Denial Of Service Vulnerability sehato_at_yandex.ru (Dec 15 2006)
- RE: Windows Explorer WMV File Denial Of Service Vulnerability Ulises Cu�� (Dec 15 2006)
[USN-396-1] gdm vulnerability Kees Cook (Dec 14 2006)
Windows Media MID File Denial Of Service Vulnerability sehato_at_yandex.ru (Dec 15 2006)
[security bulletin] HPSBMA02173 SSRT061230 rev. 1 - HP Integrated Lights Out (iLO & iLO 2) Running SSH Key Based Authentication Remote Unauthorized Access security-alert_at_hp.com (Dec 15 2006)
Project Server 2003 - Credential Disclosure Brett Moore (Dec 14 2006)
Flaw in OpenOffice.org 2.1: OpenOffice 2.1 is vulnerable to MS Word 0 day vulnerability!!! gplit_at_gsplit.com (Dec 15 2006)
- Re: Flaw in OpenOffice.org 2.1: OpenOffice 2.1 is vulnerable to MS Word 0 day vulnerability!!! Bruno Lustosa (Dec 15 2006)
- Re: Flaw in OpenOffice.org 2.1: OpenOffice 2.1 is vulnerable to MS Word 0 day vulnerability!!! Josh Bressers (Dec 15 2006)
- Re: Flaw in OpenOffice.org 2.1: OpenOffice 2.1 is vulnerable to MS Word 0 day vulnerability!!! p.kerr_at_auckland.ac.nz (Dec 16 2006)
Bypassing process identification of several personal firewalls and HIPS Matousec - Transparent security Research (Dec 15 2006)
[ MDKSA-2006:206 ] - Updated Thunderbird packages fix multiple vulnerabilities security_at_mandriva.com (Dec 15 2006)
[OpenPKG-SA-2006.039] OpenPKG Security Advisory (proftpd) OpenPKG GmbH (Dec 15 2006)
Drone Armies C&C Report - 15 Dec 2006 c2report_at_isotf.org (Dec 15 2006)
XSS in gmial google gamr-14_at_hotmail.com (Dec 16 2006)
Doğantepe Ziyareti Defteri (tr) Sql Injection Vuln. ShaFuq31_at_HoTMaiL.CoM (Dec 16 2006)
Odysseus 2.0 / Telemachus 1.0 (Beta) Dave (Dec 16 2006)
Contra Haber Sistemi v1.0 SqL Injection Vuln. ShaFuq31_at_HoTMaiL.CoM (Dec 16 2006)
[HSC Security Group] SiteCatalyst Web Login Cross Site Vulrnabilities DoZ_at_HackersCenter.com (Dec 16 2006)
Allied Telesis AT-9000/24 Ethernet switch management can be accessed from all VLANs. Pasi Sjoholm (Dec 16 2006)
[SECURITY] [DSA 1237-1] New Linux 2.4.27 packages fix several vulnerabilities Dann Frazier (Dec 17 2006)
[SECURITY] [DSA 1238-1] New clamav packages fix several vulnerabilities Moritz Muehlenhoff (Dec 17 2006)
[SECURITY] [DSA 1239-1] New sql-ledger packages fix arbitrary code execution Moritz Muehlenhoff (Dec 17 2006)
Cisco not honoring update promises? Michael Scheidell (Dec 17 2006)
- Re: Cisco not honoring update promises? rsmoak_at_cisco.com (Dec 18 2006)
- RE: Cisco not honoring update promises? Michael Scheidell (Dec 19 2006)
HyperVM Cross-Site Scripting Advisory_at_Aria-Security.Net (Dec 17 2006)
RateMe <= all versions => ( main.inc.php ) Remote File Include Vulnerability saudi_at_hotmail.fr (Dec 18 2006)
SYMSA-2006-013: Multiple Vulnerabilities in Mandiant First Response research_at_symantec.com (Dec 18 2006)
Secunia Research: MailEnable POP Service "PASS" Command Buffer Overflow Secunia Research (Dec 18 2006)
Checkpoint NG3 ICMP Flood bdmoraes_at_bol.com.br (Dec 18 2006)
- Re: Checkpoint NG3 ICMP Flood Michael Schwartzkopff (Dec 18 2006)
- Re: Checkpoint NG3 ICMP Flood Hugo van der Kooij (Dec 18 2006)
[ GLSA 200612-18 ] ClamAV: Denial of Service Sune Kloppenborg Jeppesen (Dec 18 2006)
[security bulletin] HPSBUX02178 SSRT061267 rev.2 - HP-UX Secure Shell Remote Unauthorized Denial of Service (DoS) security-alert_at_hp.com (Dec 18 2006)
[ MDKSA-2006:232 ] - Updated proftpd packages fix mod_ctrls vulnerability security_at_mandriva.com (Dec 18 2006)
[ MDKSA-2006:233 ] - Updated dbus packages fix vulnerability security_at_mandriva.com (Dec 18 2006)
HITBSecConf2007 - Dubai - Call for Papers now open! Praburaajan (Dec 18 2006)
WebCalendar >=1.0 Cross-Site Scripting Vulnerabilities 7all7_at_163.com (Dec 19 2006)
Multiple XSS vulnerabiliteies in Inetmedia's information service - cityinfo. filip.palian_at_pjwstk.edu.pl (Dec 19 2006)
New Skype Worm Christopher Mosby (Dec 19 2006)
- RE: [BULK] - New Skype Worm Hubbard, Dan (Dec 19 2006)
HP Printers FTP Server Denial Of Service Joxean Koret (Dec 19 2006)
Trend Micro's Vista "0day exploit auction" claim Ryan Meyer (Dec 19 2006)
- RE: Trend Micro's Vista "0day exploit auction" claim Roger A. Grimes (Dec 19 2006)
  - RE: Trend Micro's Vista "0day exploit auction" claim Simple Nomad (Dec 20 2006)
    - Re: RE: Trend Micro's Vista "0day exploit auction" claim agoodhez1_at_yahoo.co.uk (Dec 21 2006)
- Re: Trend Micro's Vista "0day exploit auction" claim Simple Nomad (Dec 20 2006)
xss in Support Cards v1 ( oSTicket ) l.d.0_at_hotmail.com (Dec 19 2006)
Burak Yilmaz Download Portal Sql Injection Vuln. ShaFuq31_at_HoTMaiL.CoM (Dec 19 2006)
Oracle <= 9i / 10g (extproc) Local/Remote Command Execution Exploit none_at_none.com (Dec 19 2006)
Oracle <= 9i / 10g File System Access via utl_file Exploit none_at_none.com (Dec 19 2006)
- Re: Oracle <= 9i / 10g File System Access via utl_file Exploit sumit kumar soni (Dec 20 2006)
- Re: Oracle <= 9i / 10g File System Access via utl_file Exploit Marco Ivaldi (Dec 21 2006)
Multiple Bugs in MINI WEB SHOP xx_hack_xx_2004_at_hotmail.com (Dec 19 2006)
MkPortal Urlobox Cross Site Request Forgery info_at_burnhead.it (Dec 19 2006)
- Re: MkPortal Urlobox Cross Site Request Forgery securityfocus_at_visiblesoul.com (Dec 20 2006)
- Re: MkPortal Urlobox Cross Site Request Forgery securityfocus_at_visiblesoul.net (Dec 20 2006)
ZDI-06-051: Mozilla Firefox SVG Processing Remote Code Execution Vulnerability zdi-disclosures_at_3com.com (Dec 19 2006)
SEC Consult SA-20061220-0 :: Typo3 Command Execution Vulnerability SEC Consult Research (Dec 20 2006)
Oracle Portal 10g HTTP Response Splitting putosoft softputo (Dec 20 2006)
- Re: [Full-disclosure] Oracle Portal 10g HTTP Response Splitting Brian Eaton (Dec 20 2006)
  - Re: [Full-disclosure] Oracle Portal 10g HTTP Response Splitting putosoft softputo (Dec 22 2006)
- Re: Oracle Portal 10g HTTP Response Splitting majororacle_at_gmail.com (Dec 21 2006)
NOD32 Antivirus DOC parsing Arbitrary Code Execution Advisory security_at_nruns.com (Dec 20 2006)
Mono XSP ASP.NET Server sourcecode disclosure vulnerability jose.palanco_at_eazel.es (Dec 20 2006)
[security bulletin] HPSBUX02174 SSRT061239 rev.2 HP-UX Running OpenSSL Denial of Service (DoS), Increase Privilege security-alert_at_hp.com (Dec 20 2006)
[security bulletin] HPSBST02180 SSRT061288 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS06-072 Through MS06-078 security-alert_at_hp.com (Dec 20 2006)
[ GLSA 200612-19 ] pam_ldap: Authentication bypass vulnerability Raphael Marichez (Dec 20 2006)
[ GLSA 200612-20 ] imlib2: Multiple vulnerabilities Raphael Marichez (Dec 20 2006)
[ GLSA 200612-21 ] Ruby: Denial of Service vulnerability Raphael Marichez (Dec 20 2006)
critical Flaw in Firefox 2.0.0.1 allows to steal the user passwords with a videoclip quincy_at_gmail.com (Dec 20 2006)
- Re: critical Flaw in Firefox 2.0.0.1 allows to steal the user passwords with a videoclip 3APA3A (Dec 21 2006)
- Re: critical Flaw in Firefox 2.0.0.1 allows to steal the user passwords with a videoclip Juha-Matti Laurio (Dec 21 2006)
  - Re[2]: critical Flaw in Firefox 2.0.0.1 allows to steal the user passwords with a videoclip Thierry Zoller (Dec 22 2006)
[USN-397-1] mono vulnerability Kees Cook (Dec 20 2006)
[CAID 34876]: CA CleverPath Portal Session Inheritance Vulnerability Williams, James K (Dec 20 2006)
[OpenPKG-SA-2006.041] OpenPKG Security Advisory (dbus) OpenPKG GmbH (Dec 21 2006)
NOD32 Antivirus CAB parsing Arbitrary Code Execution Advisory security_at_nruns.com (Dec 21 2006)
Fun with event logs (semi-offtopic) 3APA3A (Dec 21 2006)
- Re: [Full-disclosure] Fun with event logs (semi-offtopic) endrazine (Dec 21 2006)
Microsoft Windows XP/2003/Vista memory corruption 0day 3APA3A (Dec 21 2006)
- Re: [Full-disclosure] Microsoft Windows XP/2003/Vista memory corruption 0day 3APA3A (Dec 21 2006)
  - Re: [Full-disclosure] Microsoft Windows XP/2003/Vista memory corruption 0day Alexander Sotirov (Dec 21 2006)
    - Re: [Full-disclosure] Microsoft Windows XP/2003/Vista memory corruption 0day Pukhraj Singh (Dec 21 2006)
      - Re: Re: [Full-disclosure] Microsoft Windows XP/2003/Vista memory corruption 0day Mike_at_mikerosoftware.com (Dec 21 2006)
[SECURITY] [DSA-1240-1] New links2 packages fix arbitrary shell command execution Steve Kemp (Dec 21 2006)
[ MDKSA-2006:234 ] - Updated mono packages fix vulnerability security_at_mandriva.com (Dec 20 2006)
RE: [Full-disclosure] Fun with event logs (semi-offtopic) Michele Cicciotti (Dec 21 2006)
- Re[2]: [Full-disclosure] Fun with event logs (semi-offtopic) 3APA3A (Dec 21 2006)
  - RE: Re[2]: [Full-disclosure] Fun with event logs (semi-offtopic) Michele Cicciotti (Dec 21 2006)
Ixprim CMS 1.2 Remote Blind SQL Injection Exploit gmdarkfig_at_gmail.com (Dec 21 2006)
SQID v0.1 - SQL Inhection Digger. contact_at_metaeye.org (Dec 21 2006)
Re: Vulnerability in MG2 php based Image Gallery - bypass security, view password protected images matthieu.paineauSTOPSPAM_at_wanadoo.fr (Dec 21 2006)
[TOOL] untidy - XML Fuzzer Andres Riancho (Dec 21 2006)
[OpenPKG-SA-2006.040] OpenPKG Security Advisory (ruby) OpenPKG GmbH (Dec 21 2006)
OpenSER 1.1.0 parse_config buffer overflow vulnerability sapheal_at_hack.pl (Dec 20 2006)
PWDumpX updated (includes CacheDump functionality) Reed Arvin (Dec 21 2006)
RE: [Full-disclosure] Microsoft Windows XP/2003/Vista memory corruption 0day Michele Cicciotti (Dec 21 2006)
Xt-News 0.1 : SQL Injection Vulnerability & XSS mr_kaliman_at_msn.com (Dec 21 2006)
rPSA-2006-0234-1 firefox rPath Update Announcements (Dec 21 2006)
Oracle Applications/Portal 9i/10g Cross Site Scripting putosoft softputo (Dec 22 2006)
TSLSA-2006-0074 - multi Trustix Security Advisor (Dec 22 2006)
SQID v0.2 - SQL Injection Digger. contact_at_metaeye.org (Dec 22 2006)
Re: Multiple Remote Vulnerabilities in KISGB 3APA3A (Dec 22 2006)
- Re: Multiple Remote Vulnerabilities in KISGB str0ke (Dec 22 2006)
ZDI-06-052: Novell NetMail NMAP STOR Buffer Overflow Vulnerability zdi-disclosures_at_3com.com (Dec 22 2006)
ZDI-06-053: Novell NetMail IMAP Verb Literal Heap Overflow Vulnerability zdi-disclosures_at_3com.com (Dec 22 2006)
ZDI-06-054: Novell NetMail IMAP APPEND Buffer Overflow Vulnerability zdi-disclosures_at_3com.com (Dec 22 2006)
Efkan Forum v1.0 SqL Inj. Vuln. ShaFuq31_at_HoTMaiL.CoM (Dec 22 2006)
Multiple Bugs in Future Internet ( XSS & SQL Injection ) xx_hack_xx_2004_at_hotmail.com (Dec 23 2006)
iDefense Security Advisory 12.23.06: Novell NetMail IMAPD subscribe Buffer Overflow Vulnerability iDefense Labs (Dec 23 2006)
iDefense Security Advisory 12.23.06: Novell Netmail IMAP append Denial of Service Vulnerability iDefense Labs (Dec 23 2006)
Okul Merkezi Portal v1.0 Remote File IncLude Vuln. ShaFuq31_at_HoTMaiL.CoM (Dec 23 2006)
Chatwm V1.0 SqL Injection Vuln. ShaFuq31_at_HoTMaiL.CoM (Dec 24 2006)
Fishyshoop Security Vulnerability James Gray (Dec 24 2006)
TimberWolf 1.2.2 vulnerable to XSS corrado.liotta_at_alice.it (Dec 24 2006)
Forum AnyBoard - Sql Inyection By Firewall Firewall1954_at_hotmail.com (Dec 25 2006)
ERRATA (Re: "Host header cannot be trusted as an anti anti DNS-pinning measure") Amit Klein (Dec 25 2006)
- Re: ERRATA (Re: "Host header cannot be trusted as an anti anti DNS-pinning measure") Martin Johns (Dec 26 2006)
XSS with Vbulletin (new idea !) ashraf1984_at_hotmail.com (Dec 24 2006)
- Re: XSS with Vbulletin (new idea !) bas_at_vbulletin.com (Dec 27 2006)
- Re: XSS with Vbulletin (new idea !) l.d.0_at_hotmail.com (Dec 27 2006)
- Re: XSS with Vbulletin (new idea !) micmast_at_gmail.com (Dec 27 2006)
[SECURITY] [DSA 1241-1] New squirrelmail packages fix cross-site scripting Moritz Muehlenhoff (Dec 25 2006)
PHP Live! 3.2.2 Multiple Cross-Site Scripting Vulnerabilities DoZ_at_HackersCenter.com (Dec 25 2006)
Cahier de texte V2.2 Bypass general access protection exploit gmdarkfig_at_gmail.com (Dec 24 2006)
phpcms <=- 1.1.7 Remote File Inclusion Zarloule04_at_gmail.com (Dec 24 2006)
- Re: phpcms <=- 1.1.7 Remote File Inclusion Stuart Moore (Dec 26 2006)
- Re: phpcms <=- 1.1.7 Remote File Inclusion Hugo van der Kooij (Dec 26 2006)
PhpbbXtra v2.0 (phpbb_root_path) Remote File Include Vulnerability xorontr_at_gmail.com (Dec 25 2006)
LuckyBot v3 Remote File Include i-k-t_at_hotmail.com (Dec 26 2006)
- Re: LuckyBot v3 Remote File Include Stuart Moore (Dec 26 2006)
HLStats Remote SQL Injection Exploit nospam_at_google.com (Dec 25 2006)
XSS - CMS Made Simple v1.0.2 Curtis Zimmerman (Dec 25 2006)
- Re: XSS - CMS Made Simple v1.0.2 nanoymaster_at_gmail.com (Dec 28 2006)
logahead UNU edition 1.0 Remote File Upload & code execution corrado.liotta_at_alice.it (Dec 25 2006)
[OpenPKG-SA-2006.042] OpenPKG Security Advisory (openser) OpenPKG GmbH (Dec 26 2006)
[OpenPKG-SA-2006.043] OpenPKG Security Advisory (links) OpenPKG GmbH (Dec 26 2006)
Host directory full disclosure and input error hack2prison_at_yahoo.com (Dec 27 2006)
Secure Login Manager Multiple Input Validation Vulnerabilities DoZ_at_HackersCenter.com (Dec 27 2006)
Re: Cross site scripting & fullpath disclosure james.brown_at_bldesign.com (Dec 27 2006)
NtRaiseHardError Csrss.exe memory Disclosure exploit Reversemode (Dec 27 2006)
ShmooCon Announcement B Potter (Dec 27 2006)
[SECURITY] [DSA 1242-1] New elog packages fix arbitrary code execution Moritz Muehlenhoff (Dec 27 2006)
Limbo CMS event module (lm_absolute_path) Remote File Include Vulnerabilities xorontr_at_gmail.com (Dec 27 2006)
[SECURITY] [DSA 1243-1] New evince packages fix arbitrary code execution Moritz Muehlenhoff (Dec 27 2006)
OpenSER OSP Module remote code execution sapheal_at_hack.pl (Dec 28 2006)
SMS handling OpenSER remote code executing sapheal_at_hack.pl (Dec 28 2006)
[OpenPKG-SA-2006.044] OpenPKG Security Advisory (w3m) OpenPKG GmbH (Dec 27 2006)
[SECURITY] [DSA 1214-2] Updated gv packages fix arbitrary code execution Moritz Muehlenhoff (Dec 27 2006)
[SECURITY] [DSA 1244-1] New xine-lib packages fix arbitrary code execution Moritz Muehlenhoff (Dec 28 2006)
XSS in script Mobilelib GOLD v2 gamr-14_at_hotmail.com (Dec 28 2006)
- Re: XSS in script Mobilelib GOLD v2 gamr-14_at_hotmail.com (Dec 29 2006)
XSS with default page parameter in Oracle Portal 10g duchaikhtn_at_gmail.com (Dec 28 2006)
QuickCam linux device driver allows arbitrary code execution sapheal_at_hack.pl (Dec 29 2006)
LDU <= 8.x (journal.php) SQL Injection Vulnerability starext_at_msn.com (Dec 29 2006)
DoceboLMS Xss Vuln. starext_at_msn.com (Dec 29 2006)
csrss.exe double-free vulnerability - arbitrary DWORD overwrite exploit Reversemode (Dec 29 2006)
MythControl (MythTV remote control) arbitrary code execution sapheal_at_hack.pl (Dec 30 2006)
SoftArtisans FileUp(TM) viewsrc.asp remote script source disclosure exploit inge_eivind.henriksen_at_chello.no (Dec 30 2006)
[vuln.sg] iso_wincmd Plugin for Total Commander Buffer Overflow Vulnerability vulnpost-remove_at_vuln.sg (Dec 29 2006)
Enigma Coppermine Bridge (boarddir) Remote File Include xorontr_at_gmail.com (Dec 30 2006)
Enigma WordPress Bridge (boarddir) Remote File Include xorontr_at_gmail.com (Dec 30 2006)