Home page logo
/

564 messages starting Jul 01 06 and ending Jul 03 06
Date index | Thread index | Author index

3APA3A

Re: [Full-disclosure] Re[2]: Is Windows TCP/IP source routing PoC code available? 3APA3A (Jul 01)

3CO

Re: Browser bugs hit IE, Firefox today (SANS) 3CO (Jul 12)
Re: Write-up by Amit Klein: "Forging HTTP request headers with Flash" 3CO (Jul 27)

Aaron Newman

RE: WordPress 2.0.3 SQL Error and Full Path Disclosure Aaron Newman (Jul 13)

Abhisek Datta

Linux sys_prctl LKM based hotfix Abhisek Datta (Jul 15)

admin

[MajorSecurity #19] AutoRank <= 5.01 - Multiple XSS and cookie disclosure admin (Jul 03)
[MajorSecurity #20]SiteDepth CMS <= 3.01 - Remote File Include Vulnerability admin (Jul 20)
[MajorSecurity #21] phpFaber TopSites <=2.0.9 - SQL Injection Vulnerability admin (Jul 20)
[MajorSecurity #22] Top XL <=1.1 - XSS and cookie disclosure admin (Jul 20)
[MajorSecurity #25] Advanced Guestbook 2.4 for phpBB - Multiple XSS and SQL-Injection Vulnerabilities admin (Jul 22)
[MajorSecurity #24] Fire-Mouse TopList <=v1.1 - Cross Site Scripting admin (Jul 22)
[MajorSecurity #23] BLOG:CMS <= 4.0.0j - XSS and cookie disclosure admin (Jul 22)
Re: [MajorSecurity #22] Top XL <=1.1 - XSS and cookie disclosure admin (Jul 22)
[MajorSecurity #26] Woltlab Burning Board - Multiple Cookie manipulation and session fixation vulnerabilities admin (Jul 24)

advisories

Corsaire Security Advisory - VMware ESX Server Password Cross Site Request Forgery issue advisories (Jul 31)
Corsaire Security Advisory - VMware ESX Server Password Disclosure in Log issue advisories (Jul 31)
Corsaire Security Advisory - VMware ESX Server Password Disclosure in Cookie issue advisories (Jul 31)

AG Spider

MiniBB Forum <= 1.5a Remote File Include (search.php-whosOnline.php) AG Spider (Jul 22)
MiniBB Forum <= 1.5a Remote File Include (news.php) AG Spider (Jul 22)

ak

Oracle Database - SQL Injection in SYS.KUPW$WORKER [DB03] ak (Jul 18)
Oracle Database - SQL Injection in SYS.DBMS_CDC_IMPDP [DB01] ak (Jul 18)
Oracle Database - SQL Injection in SYS.DBMS_UPGRADE [DB22] ak (Jul 18)
Oracle Database - SQL Injection in SYS.DBMS_STATS [DB21] ak (Jul 19)
Bypassing Oracle dbms_assert ak (Jul 27)

Alan

RE: cpanel login problem Alan (Jul 31)

Alexander Hristov

Webmin / Usermin Arbitrary File Disclosure Vulnerability exploit Alexander Hristov (Jul 10)
Webmin / Usermin Arbitrary File Disclosure Vulnerability Perl Alexander Hristov (Jul 19)
Samba Internal Data Structures DOS Vulnerability Exploit Alexander Hristov (Jul 21)

Alexander Kornbrust

RE: Bypassing Oracle dbms_assert Alexander Kornbrust (Jul 28)

Alex Park

Touch arbitrary file execute vulnerability Alex Park (Jul 05)

Alex Potter

Re: Browser bugs hit IE, Firefox today (SANS) Alex Potter (Jul 01)

ali

cpanel login problem ali (Jul 28)

alireza hassani

[KAPDA::#46] - AjaxPortal Authentication Bypass alireza hassani (Jul 08)

alp_eren

phpPolls 1.0.3 Administration ByPass alp_eren (Jul 10)

Amelie

Re: # MHG Security Team --- PHPAskIt v2.0.1 Remote File Inc. Amelie (Jul 12)
Re: # MHG Security Team --- PHPAskIt v2.0.1 Remote File Inc. amelie (Jul 13)

Amit Klein (AKsecurity)

Write-up by Amit Klein: "Forging HTTP request headers with Flash" Amit Klein (AKsecurity) (Jul 24)
Re: Write-up by Amit Klein: "Forging HTTP request headers with Flash" Amit Klein (AKsecurity) (Jul 26)
Re: Write-up by Amit Klein: "Forging HTTP request headers with Flash" Amit Klein (AKsecurity) (Jul 27)

Andres Riancho

[CYBSEC] TippingPoint detection bypass Andres Riancho (Jul 24)

armin390

Local file inclusion in Farsinews3.0BETA1 armin390 (Jul 10)
SECURITY UPDATE::Farsinews release FarsiNewsPro3.0Stable1SecurityPath1 armin390 (Jul 21)

A-S-T2006

Coppermine Photo Gallery v1.2.2b-Nuke Remote File Inclusion Vulnerabilities A-S-T2006 (Jul 29)
Mambo Gallery Manager v095.r3 Remote File Inclusion Vulnerabilities A-S-T2006 (Jul 29)

Avert

SMB Information Disclosure Vulnerability Avert (Jul 12)
Apache mod_rewrite Buffer Overflow Vulnerability Avert (Jul 28)

Benjamin Tobias Franz

Microsoft Works - Buffer Overflows / Denial of Service (DoS)-Vulnerabilities Benjamin Tobias Franz (Jul 14)

binary . loc

osDate 1.1.7 multiple vulnerabilities binary . loc (Jul 19)
Re: osDate 1.1.7 multiple vulnerabilities binary . loc (Jul 19)

Bipin Gautam

Outpost Firewall Pro secrately fixing security flaws? Bipin Gautam (Jul 18)

black code

Sql injection in Diesel joke site script black code (Jul 01)
file include exploits in randshop v1.2 black code (Jul 04)

Bob Beck

Re: LAMP vs Microsoft Bob Beck (Jul 11)
Re: LAMP vs Microsoft Bob Beck (Jul 15)
Re: LAMP vs Microsoft Bob Beck (Jul 15)
Re: LAMP vs Microsoft Bob Beck (Jul 19)

BoNy-m

popup Vacation Rentals[calendar_year.php] SQL Injection BoNy-m (Jul 03)

botan

[Kurdish Security # 13] Savant2 Remote File Include Vulnerability [For Mambo, Joomla] botan (Jul 22)
[Kurdish Security # 14] MoSpray [base_dir] Remote Command Execution [ Mambo & Joomla] botan (Jul 24)

Breeeeh

Internet Crna Gora SQL Injection Breeeeh (Jul 01)
SmS Script SQL Injection Breeeeh (Jul 01)
Invision Power Board v1.3 Final SQL Injection Breeeeh (Jul 03)
saphp "add.php" forumid Parameter SQL Injection Breeeeh (Jul 15)
MyGallery "Room.php" SQL Injection Breeeeh (Jul 15)
VBZooM <=V1.11 " reply.php" SQL Injection Breeeeh (Jul 15)
VBZooM <=V1.11 " ignore-pm.php" SQL Injection Breeeeh (Jul 15)
VBZooM <=V1.11 "sub-join.php" SQL Injection Breeeeh (Jul 15)
VBZooM "sendmail.php" SQL Injection Breeeeh (Jul 15)

Brett Moore

ASP.DLL Include File Buffer Overflow Brett Moore (Jul 19)

Bugs

RE: cpanel login problem Bugs (Jul 31)

bug () securitynews ir

phpMyAdmin : Cross-Site Scripting Vulnerability bug () securitynews ir (Jul 01)
ATutor : Cross-Site Scripting Vulnerabilities bug () securitynews ir (Jul 07)

bugtraq

Re: phpbb 3.x sql injection (with global moderator rights) bugtraq (Jul 15)
Re: crashing firefox <= 1.5.0.4 bugtraq (Jul 19)

c0rrupt

AIM Triton 1.0.4 (SipXtapi) Remote Buffer Overflow Exploit (PoC) c0rrupt (Jul 27)

CarcaBotx

vBulletin 3.5.4 (install_path) Exploit CarcaBotx (Jul 05)

Caveo Internet BV - Security

Linux Kernel 2.6.x PRCTL Core Dump Handling -- Simple workaround Caveo Internet BV - Security (Jul 14)

Cesar

MS06-034 lies? IIS 6 can still be owned? Cesar (Jul 26)

cfp

RUXCON 2006 Final Call For Papers cfp (Jul 18)

C. Hamby

Contact for nhl.com C. Hamby (Jul 03)

ChironeX . FleckeriX

SubberZ[Lite] - Remote File Include ChironeX . FleckeriX (Jul 15)

chris_hasibuan

PHP Event Calendar versi 1.4 (path_to_calendar) Remote File Inclusion chris_hasibuan (Jul 17)
SolpotCrew Advisory #2 - Advanced Poll ver 2.02 (base_path) Remote File Inclusion chris_hasibuan (Jul 21)

Cisco Systems Product Security Incident Response Team

Cisco Security Advisory: Multiple Cisco Unified CallManager Vulnerabilities Cisco Systems Product Security Incident Response Team (Jul 12)
Cisco Security Advisory: Cisco Router Web Setup Ships with Insecure Default IOS Configuration Cisco Systems Product Security Incident Response Team (Jul 12)
Cisco Security Advisory: Cisco Intrusion Prevention System Malformed Packet Denial of Service Cisco Systems Product Security Incident Response Team (Jul 12)
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Security Monitoring, Analysis and Response System (CS-MARS) Cisco Systems Product Security Incident Response Team (Jul 19)
Cisco Security Advisory: Windows VPN Client Local Privilege Escalation Vulnerability Cisco Systems Product Security Incident Response Team (Jul 28)

clappymonkey

Multiple vulnerabilities in TK8 Safe v.3.0.5 clappymonkey (Jul 03)

co296

imgsvr dos exploit by n00b co296 (Jul 03)

contact

Re: AFCommerce Shopping Cart contact (Jul 22)

counterpoint

Re: galleria <= 1.0 Remote File Inclusion Vulnerability counterpoint (Jul 10)

crack

about bid 17404 crack (Jul 22)

CrAzY . CrAcKeR

Glossaire<<--v1.7 Remote File Include CrAzY . CrAcKeR (Jul 03)
Invision Power Board "v1.X & 2.X" SQL Injection CrAzY . CrAcKeR (Jul 05)

Crispin Cowan

Re: Securing PHP or finding PHP alternatives Crispin Cowan (Jul 11)
Re: Securing PHP or finding PHP alternatives Crispin Cowan (Jul 18)
Re: Securing PHP or finding PHP alternatives Crispin Cowan (Jul 22)

Curt Purdy

RE: [lists] Re: PHP security (or the lack thereof) Curt Purdy (Jul 18)

cxib

Re: new shell bypass safe mode cxib (Jul 26)

Cyneox

Re: [ GLSA 200607-05 ] SHOUTcast server: Multiple vulnerabilities Cyneox (Jul 15)

d3nger

new shell bypass safe mode d3nger (Jul 22)

Dan Falconer

Re: PHP security (or the lack thereof) Dan Falconer (Jul 05)

darkz . gsa

TOPo v.2.2.178 Account Reset darkz . gsa (Jul 12)

Darren Bounds

Juniper Networks DX Web Administration Persistent System Log XSS Vulnerability Darren Bounds (Jul 11)

Darren Reed

LAMP vs Microsoft Darren Reed (Jul 10)
Re: PHP security (or the lack thereof) Darren Reed (Jul 10)
Re: LAMP vs Microsoft Darren Reed (Jul 15)
Re: LAMP vs Microsoft Darren Reed (Jul 15)
Re: LAMP vs Microsoft Darren Reed (Jul 18)
Re: LAMP vs Microsoft Darren Reed (Jul 22)

darylf

Re: PHP ip2long() function circumvention darylf (Jul 31)

dave_kwek

Re: Check Point R55W Directory Traversal dave_kwek (Jul 28)

David Litchfield

Re: Bypassing Oracle dbms_assert David Litchfield (Jul 28)
Re: Bypassing Oracle dbms_assert David Litchfield (Jul 28)

David Matousek

ZoneAlarm Insufficient protection of registry key 'VETFDDNT\Enum' Vulnerability David Matousek (Jul 03)
Norton Insufficient protection of Norton service registry keys David Matousek (Jul 15)
Kerio Terminating 'kpf4ss.exe' using internal runtime error Vulnerability David Matousek (Jul 15)

David Thomson

RE: XSS phpBB 2.0.21 in administration David Thomson (Jul 22)

deese

Call For Papers - No cON Name 2006 Edition Spain deese (Jul 03)

Denis Jedig

Whitepaper: IT (in)security implementation in a real world example Denis Jedig (Jul 03)

Desai, Deepen

RE: TSRT-06-04: eIQnetworks Enterprise Security Analyzer Topology Server Buffer Overflow Vulnerability Desai, Deepen (Jul 29)

dicomdk

Full Path Disclosure xGuestBook v1.02 dicomdk (Jul 26)

Dragos Ruiu

PacSec 2006 CALL FOR PAPERS (Deadline Aug. 4; Event Nov. 27-30) Dragos Ruiu (Jul 18)

Dr . Jr7

a6mambohelpdesk Mambo Component <= 18RC1 Remote Include Vulnerability Dr . Jr7 (Jul 27)
mambatstaff Mambo Component <= Remote Include Vulnerability Dr . Jr7 (Jul 29)
artlinks Mambo Component <= Remote Include Vulnerability Dr . Jr7 (Jul 29)

Early Warning Team

Re: Gdiplus.dll division by 0 Early Warning Team (Jul 31)

earthquake

Re: [KAPDA::#46] - AjaxPortal Authentication Bypass earthquake (Jul 10)

Edward Tripovich

RE: Bybass HTTP ( extension files ) in ISA 2004 Edward Tripovich (Jul 17)

eEye Advisories

EEYE: McAfee ePolicy Orchestrator Remote Compromise eEye Advisories (Jul 14)
[EEYEB-20060227] D-Link Router UPNP Stack Overflow eEye Advisories (Jul 17)

Eloy Paris

Re: Cisco VPN Concentrator IKE resource exhaustion DoS Advisory Eloy Paris (Jul 29)

endeneu

perForms <= 1.0 ([mosConfig_absolute_path]) Remote File Inclusion endeneu (Jul 13)

Erez Metula

RE: MIMESweeper For Web 5.X Cross Site Scripting Erez Metula (Jul 10)
RE: MIMESweeper For Web 5.X Cross Site Scripting Erez Metula (Jul 15)

ewt

About the latest three Powerpoint vulnerabilities: exploitable? ewt (Jul 18)

farhadkey

[KAPDA::#52] - PHP-Post 1.0 Cookie Modification Privilege Escalation Vulnerability farhadkey (Jul 18)

finde_schwachstelle

[SECURITY] Plain text password in Finjan Appliance 5100/8100 NG backup file finde_schwachstelle (Jul 15)

flockoyd

Re: [Bugtraq] Re: flock d0s exploit remote. beta 1 (v0.7) flockoyd (Jul 08)

Freeman, Michael

Opsware NAS 6.0 reveals MySQL 'root' password Freeman, Michael (Jul 24)

fukami

23rd Chaos Communication Congress 2006: Call for Participation fukami (Jul 18)

George Capehart

Re: LAMP vs Microsoft George Capehart (Jul 18)

Gerald (Jerry) Carter

[ANNOUNCEMENT] Samba 3.0.1 - 3.0.22: memory exhaustion DoS against smbd Gerald (Jerry) Carter (Jul 10)
Re: [ANNOUNCEMENT] Samba 3.0.1 - 3.0.22: memory exhaustion DoS against smbd Gerald (Jerry) Carter (Jul 12)
Re: Samba Internal Data Structures DOS Vulnerability Exploit Gerald (Jerry) Carter (Jul 22)

Gezim Hoxha

Securing PHP or finding PHP alternatives (was: PHP security (or the lack thereof)) Gezim Hoxha (Jul 10)

gmdarkfig

News <= 5.2 XSS, SQL Injection, Full Path Disclosure gmdarkfig (Jul 01)
SturGeoN Upload v1 Remote Command Execution Exploit gmdarkfig (Jul 01)
5 php scripts remote database password disclosure gmdarkfig (Jul 03)
boastMachine <= 3.1 SQL Injection Exploit gmdarkfig (Jul 18)

h1kari () toorcon org

ToorCon 2006 Call for Papers h1kari () toorcon org (Jul 18)

hack2prison

EzUpload multi file vulnerabilities hack2prison (Jul 26)

Hans Wolters

Mercury Messenger Hans Wolters (Jul 17)

harbl

Blackboard Academic Suite 6.2.23 +/-: Persistent cross-site scripting vulnerability harbl (Jul 22)

Hugo van der Kooij

Re: Linux Kernel 2.6.x PRCTL Core Dump Handling -- Simple workaround Hugo van der Kooij (Jul 14)
Re: LAMP vs Microsoft Hugo van der Kooij (Jul 19)
Re: Check Point R55W Directory Traversal Hugo van der Kooij (Jul 31)

ineal

galleria <= 1.0 Remote File Inclusion Vulnerability ineal (Jul 04)

info

Digital Armaments Security Advisory 10.07.2006: Flexwath Authorization Bypassing and XSS Vulnerability info (Jul 10)
Re: ATutor 1.5.3 Cross Site Scripting info (Jul 12)
Re: imageVue16.1 upload vulnerability info (Jul 19)
Digital Armaments Security Advisory 24.07.2006: Siemens Speedstream Wireless/Router Denial of Service Vulnerability info (Jul 24)

Irsdl

HostingController: An attacker can gain reseller privileges and after that can gain admin privileges Irsdl (Jul 07)

iss4m . h

PhpWebGallery Cross Site Scripting Vulnerability iss4m . h (Jul 04)

it_underground

call for papers - IT Underground, Italy 2006 it_underground (Jul 03)

James Davis

Re: WordPress 2.0.3 SQL Error and Full Path Disclosure James Davis (Jul 04)

James M. Blackburn

Security point-of-contact for Ameritrade? James M. Blackburn (Jul 19)

Jaroslaw Sajko

Re: WordPress 2.0.3 SQL Error and Full Path Disclosure Jaroslaw Sajko (Jul 04)

Jarrod Frates

Re: LAMP vs Microsoft Jarrod Frates (Jul 11)

Jerome Athias

Old vulnerable sotwares collection Jerome Athias (Jul 10)

Jessica Hope

DeluxeBB mutiple vulnerabilities Jessica Hope (Jul 18)
Re: XSS phpBB 2.0.21 in administration Jessica Hope (Jul 19)
Re: XSS phpBB 2.0.21 in administration Jessica Hope (Jul 22)
Re: XSS phpBB 2.0.21 in administration Jessica Hope (Jul 22)

jholguin

Re: WordPress 2.0.3 SQL Error and Full Path Disclosure jholguin (Jul 15)

Joel Maslak

Re: LAMP vs Microsoft Joel Maslak (Jul 16)

johndoe1529

McAfee VirusScan Enterprise 8.0.0 Buffer Overflow johndoe1529 (Jul 07)

John Rigali

RE: Old vulnerable sotwares collection John Rigali (Jul 12)

jonasschaub

IE <= 6 DoS vulnerability jonasschaub (Jul 14)

Jon Hart

Re: [Full-disclosure] Re: Linux Kernel 2.6.x PRCTL Core Dump Handling - Local r00t Exploit ( BID 18874 / CVE-2006-2451 ) Jon Hart (Jul 16)
Cisco MARS < 4.2.1 remote compromise Jon Hart (Jul 20)

J. Oquendo

Windows XP/NT/SMB2003/2000 Denial of Service attack J. Oquendo (Jul 24)

jose . palanco

Zyxel Prestige 660H-61 Cross-Site Scripting jose . palanco (Jul 26)

José Parrella

Re: Webmin / Usermin Arbitrary File Disclosure Vulnerability exploit José Parrella (Jul 15)

Joxean Koret

IBM AIX Security contact? Joxean Koret (Jul 07)
Re: [ECHO_ADV_38$2006] Multiple Mambo/Joomla Component Remote File Include Vulnerabilities Joxean Koret (Jul 13)

Juha-Matti Laurio

Major updates to Excel 0-day Vulnerability FAQ at SecuriTeam Blogs Juha-Matti Laurio (Jul 07)
New CVE number states Excel Style handling as a separate issue Juha-Matti Laurio (Jul 12)
Microsoft PowerPoint 0-day Vulnerability FAQ document written Juha-Matti Laurio (Jul 15)
Several updates in MS PowerPoint 0-day Vulnerability FAQ at SecuriTeam Blogs Juha-Matti Laurio (Jul 17)
New PowerPoint Trojan installs itself as LSP Juha-Matti Laurio (Jul 19)
New CVE identifiers for separate PowerPoint 0-day issues assigned Juha-Matti Laurio (Jul 22)
Re: [Full-disclosure] Re: New PowerPoint Trojan installs itself as LSP Juha-Matti Laurio (Jul 22)

Justin M. Forbes

rPSA-2006-0122-1 kernel Justin M. Forbes (Jul 07)
rPSA-2006-0128-1 samba samba-swat Justin M. Forbes (Jul 12)
rPSA-2006-0122-2 kernel Justin M. Forbes (Jul 13)
rPSA-2006-0130-1 kernel Justin M. Forbes (Jul 17)
rPSA-2006-0132-1 tshark wireshark Justin M. Forbes (Jul 19)
rPSA-2006-0133-1 libpng Justin M. Forbes (Jul 19)
rPSA-2006-0134-1 sendmail sendmail-cf Justin M. Forbes (Jul 21)
rPSA-2006-0135-1 gimp Justin M. Forbes (Jul 24)
rPSA-2006-0137-1 firefox Justin M. Forbes (Jul 27)
rPSA-2006-0139-1 httpd mod_ssl Justin M. Forbes (Jul 29)

k07iX

lintah_|adv|_01 () 2006>=========<[Aura-CMS v1.62]<===>[XSS vulnerable]&[bug] k07iX (Jul 08)

kala_z

Re: [EEYEB-20060227] D-Link Router UPNP Stack Overflow kala_z (Jul 22)

Karel Gardas

Re: Mico crashes when contected with wrong IOR / DoS Karel Gardas (Jul 10)
Re: Mico crashes when contected with wrong IOR / DoS Karel Gardas (Jul 10)

KARKOR23

plume-cms v1.0.4 Multiple Remote File include KARKOR23 (Jul 03)
free QBoard v1.1 Multiple Remote File include KARKOR23 (Jul 03)

Kevin Waterson

Re: PHP security (or the lack thereof) Kevin Waterson (Jul 01)

kicktd

Unidomedia Chameleon LE/Pro Directory Traversal kicktd (Jul 21)

krischan

Re: Low security hole affecting IPCalc's CGI wrapper krischan (Jul 27)

l2odon

wwwThreads XSS l2odon (Jul 26)
PHP-Auction SQL injection l2odon (Jul 26)
PHP-Nuke INP XSS l2odon (Jul 28)

labs

S21Sec-032-en: Vulnerability in Fatwire Content Server labs (Jul 12)

labs-no-reply

iDefense Security Advisory 07.20.06: Sun Microsystems Solaris sysinfo() Kernel Memory Disclosure Vulnerability labs-no-reply (Jul 22)

Luigi Auriemma

Various heap and stack overflow bugs in AdPlug library 2.0 (CVS 04 Jul 2006) Luigi Auriemma (Jul 07)
Possible code execution in Kaillera 0.86 Luigi Auriemma (Jul 07)
Format string bug in Sparklet 0.9.4try3 Luigi Auriemma (Jul 07)
Multiple vulnerabilities in UFO2000 svn 1057 Luigi Auriemma (Jul 18)
Buffer-overflow in the XM loader of Cheese Tracker 0.9.9 Luigi Auriemma (Jul 24)
Heap overflow in the GT2 loader of libmikmod 3.2.2 Luigi Auriemma (Jul 24)
Buffer-overflow in recvTextMessage and NETrecvFile in Warzone Resurrection 2.0.3 (SVN 127) Luigi Auriemma (Jul 25)
Two crash vulnerabilities in Freeciv 2.1.0-beta1 (SVN 15 Jul 2006) Luigi Auriemma (Jul 25)
Multiple vulnerabilities in Open Cubic Player 2.6.0pre6 / 0.1.10_rc5 Luigi Auriemma (Jul 31)

Lukasz Trabinski

Re: Linux Kernel 2.6.x PRCTL Core Dump Handling -- Simple workaround Lukasz Trabinski (Jul 16)

luny

Buddy Zone Version 1.0.1 - XSS luny (Jul 01)
mAds v1.0 lunY (Jul 01)
Shopping Cart V0.9 luny (Jul 05)
TigerTom Scripts luny (Jul 05)
Sport-slo.net Guestbook v1.0 luny (Jul 07)
Photocycle v1.0 - XSS luny (Jul 13)
Orbitmatrix PHP Script v1.0 luny (Jul 13)

m

RE: [EEYEB-20060227] D-Link Router UPNP Stack Overflow m (Jul 22)

mac68k

Re: [Full Disclosure] [Kil13r-SA-20060701-2] MoniWiki 1.1.1 Cross-Site Scripting Vulnerability mac68k (Jul 03)

mail

SolpotCrew Advisory #3 - com_trade Remote File Inclusion (mosConfig_absolute_path) mail (Jul 22)
Com Multibanners Remote File Inclusion (mosConfig_absolute_path) mail (Jul 22)

Mailinglists

Re: [Full-disclosure] ERNW Security Advisory 02/2006 - Buffer Overflow in sipXtapi (used in AOL Triton) Mailinglists (Jul 15)

Marc Deslauriers

[FLSA-2006:175040] Updated php packages fix security issues Marc Deslauriers (Jul 28)

Marc Ruef

[scip_Advisory 2351] Kyberna AG ky2help various form fields SQL Injection Marc Ruef (Jul 04)
[scip_Advisory 2352] F5 FirePass 4100 prior 6.x multiple Cross Site Scripting Marc Ruef (Jul 04)

Mariano Nuñez Di Croce

CYBSEC - Security Pre-Advisory: Microsoft Windows DHCP Client Service Remote Buffer Overflow Mariano Nuñez Di Croce (Jul 11)

Mark Litchfield

WebEx Downloader Plug-in Multiple Vulnerabilities + rant Mark Litchfield (Jul 07)
Re: WebEx Downloader Plug-in Multiple Vulnerabilities + rant Mark Litchfield (Jul 18)

Mark Rowe

Re: WebEx Downloader Plug-in Multiple Vulnerabilities + rant Mark Rowe (Jul 14)

Martin Pitt

[USN-308-1] shadow vulnerability Martin Pitt (Jul 06)
[USN-309-1] libmms vulnerability Martin Pitt (Jul 06)
[USN-310-1] ppp vulnerability Martin Pitt (Jul 06)
[USN-312-1] gimp vulnerability Martin Pitt (Jul 10)
[USN-313-1] OpenOffice.org vulnerabilities Martin Pitt (Jul 12)
[USN-316-1] installer vulnerability Martin Pitt (Jul 12)
[USN-315-1] libmms, xine-lib vulnerabilities Martin Pitt (Jul 12)
[USN-314-1] samba vulnerability Martin Pitt (Jul 12)
[USN-317-1] zope2.8 vulnerability Martin Pitt (Jul 13)
[USN-318-1] libtunepimp vulnerability Martin Pitt (Jul 13)
[USN-319-1] Linux kernel vulnerability Martin Pitt (Jul 18)
[USN-320-1] PHP vulnerabilities Martin Pitt (Jul 19)
[USN-319-2] Linux kernel vulnerability Martin Pitt (Jul 19)
[USN-313-2] OpenOffice.org vulnerabilities Martin Pitt (Jul 19)
[USN-321-1] mysql-dfsg-4.1 vulnerability Martin Pitt (Jul 21)
[USN-322-1] Konqueror vulnerability Martin Pitt (Jul 24)
[USN-296-2] Firefox vulnerabilities Martin Pitt (Jul 25)
[USN-297-3] Thunderbird vulnerabilities Martin Pitt (Jul 26)
[USN-320-2] php4 regression Martin Pitt (Jul 26)
[USN-323-1] mozilla vulnerabilities Martin Pitt (Jul 26)
[USN-324-1] freetype vulnerability Martin Pitt (Jul 27)
[USN-325-1] ruby1.8 vulnerability Martin Pitt (Jul 27)
[USN-326-1] heartbeat vulnerability Martin Pitt (Jul 27)
[USN-327-1] firefox vulnerabilities Martin Pitt (Jul 28)
[USN-328-1] Apache vulnerability Martin Pitt (Jul 28)
[USN-329-1] Thunderbird vulnerabilities Martin Pitt (Jul 29)

Martin Schulze

[SECURITY] [DSA 1104-2] New OpenOffice.org packages fix arbitrary code execution Martin Schulze (Jul 06)
[SECURITY] [DSA 1105-1] New xine-lib packages fix denial of service Martin Schulze (Jul 08)
[SECURITY] [DSA 1106-1] New ppp packages fix privilege escalation Martin Schulze (Jul 10)
[SECURITY] [DSA 1107-1] New GnuPG packages fix denial of service Martin Schulze (Jul 10)
[SECURITY] [DSA 1115-1] New GnuPG2 packages fix denial of service Martin Schulze (Jul 21)
[SECURITY] [DSA 1114-1] New hashcash packages fix arbitrary code execution Martin Schulze (Jul 21)
[SECURITY] [DSA 1118-1] New Mozilla packages fix several vulnerabilities Martin Schulze (Jul 22)
[SECURITY] [DSA 1119-1] New hiki packages fix denial of service Martin Schulze (Jul 22)
[SECURITY] [DSA 1120-1] New Mozilla Firefox packages fix several vulnerabilities Martin Schulze (Jul 24)
[SECURITY] [DSA 1121-1] New postgrey packages fix denial of service Martin Schulze (Jul 24)
[SECURITY] [DSA 1122-1] New Net::Server packages fix denial of service Martin Schulze (Jul 25)
[SECURITY] [DSA 1126-1] New Asterisk packages fix denial of service Martin Schulze (Jul 27)
[SECURITY] [DSA 1128-1] New heartbeat packages fix local denial of service Martin Schulze (Jul 28)
[SECURITY] [DSA 1129-1] New osiris packages fix arbitrary code execution Martin Schulze (Jul 28)

matdhule

[ECHO_ADV_36$2006] ExtCalendar <== v2.0 Remote File Include Vulnerabilities matdhule (Jul 07)
[ECHO_ADV_37$2006] pc_cookbook Mambo/Joomla Component <= v0.3 Remote File Include Vulnerabilities matdhule (Jul 10)
[ECHO_ADV_38$2006] Multiple Mambo/Joomla Component Remote File Include Vulnerabilities matdhule (Jul 13)
MiniBB Forum <= 1.5a Remote File Include Vulnerabilities matdhule (Jul 15)
Calendar Module <= 1.5.7 Remote File Include Vulnerabilities matdhule (Jul 17)
New Article Mambo Component <= 1.0 (com_articles.php) Remote File Include Vulnerabilities matdhule (Jul 18)
Calendar Mambo Module <= 1.5.7 Remote File Include Vulnerabilities matdhule (Jul 18)
[ECHO_ADV_40$2006] iManage CMS <= 4.0.12 (absolute_path) Remote File Inclusion matdhule (Jul 20)
Re: ExtCalendar Mambo Module <= v2( extcalendar.php ) Remote File Include Vulnerabilities matdhule (Jul 22)
Guestbook Mambo Module <== v1.3.0 Multiple Remote File Include Vulnerabilities matdhule (Jul 28)

Matthew Leeds

Map MS Security Bulletins to MS KB numbers Matthew Leeds (Jul 22)

Matthias Geerdsen

[ GLSA 200607-13 ] Audacious: Multiple heap and buffer overflows Matthias Geerdsen (Jul 29)

Matthias Kestenholz

Re: Securing PHP or finding PHP alternatives (was: PHP security (or the lack thereof)) Matthias Kestenholz (Jul 15)

mattmecham

Re: Invision Power Board "v1.X & 2.X" SQL Injection mattmecham (Jul 10)
Re: RE: Invision Vulnerabilities, including remote code execution mattmecham (Jul 10)
Re: Invision Power Board v1.3 Final SQL Injection mattmecham (Jul 10)
Re: Invision Power Board 2.1 <= 2.1.6 sql injection mattmecham (Jul 18)

Maurice Makaay

Phorum 5.1.15 security release (fixes "PHORUM 5 arbitrary local inclusion") Maurice Makaay (Jul 14)
Re: Phorum 5.1.14 XSS SQL injection Vulnerability Maurice Makaay (Jul 17)

Meder Kydyraliev

Multiple vulnerabilities in OpenCMS Meder Kydyraliev (Jul 26)

medozero

Bybass HTTP ( extension files ) in ISA 2004 medozero (Jul 15)
Re: Bybass HTTP ( extension files ) in ISA 2004 medozero (Jul 18)
Re: Bybass HTTP ( extension files ) in ISA 2004 medozero (Jul 18)

Meet Myself on the Internet

Re: Securing PHP or finding PHP alternatives (was: PHP security (or the lack thereof)) Meet Myself on the Internet (Jul 16)

Meftun

Cross-Site Scripting and Local File Inclusion in Phorum Meftun (Jul 27)
Buffer Overflow Vulnerability in Winlpd Meftun (Jul 27)
Portail PHP v1.7 Remote File Include Meftun (Jul 28)

mfoxhacker

Vanilla CMS <= 1.0.1 (RootDirectory) Remote file inclusion Vuln. mfoxhacker (Jul 24)

Michael Cordover

Re: Securing PHP or finding PHP alternatives Michael Cordover (Jul 22)

Michael Scheidell

RE: $100 plus several of my books if you can crack my Windows password hashes. Michael Scheidell (Jul 22)

Michael Shigorin

Re: Securing PHP or finding PHP alternatives Michael Shigorin (Jul 15)
Re: Linux Kernel 2.6.x PRCTL Core Dump Handling -- Simple workaround Michael Shigorin (Jul 16)
Re: [ GLSA 200607-08 ] GIMP: Buffer overflow Michael Shigorin (Jul 24)

Michal Zalewski

Re: Linux Kernel 2.6.x PRCTL Core Dump Handling -- Simple workaround Michal Zalewski (Jul 18)

Micheal Turner

Re: [Full-disclosure] iDefense Security Advisory 07.20.06: Sun Microsystems Solaris sysinfo() Kernel Memory Disclosure Vulnerability Micheal Turner (Jul 22)
Re: Re: [Full-disclosure] iDefense Security Advisory 07.20.06: Sun Microsystems Solaris sysinfo() Kernel Memory Disclosure Vulnerability Micheal Turner (Jul 24)

mikathebest2003

Re: vBulletin 3.5.4 (install_path) Exploit mikathebest2003 (Jul 06)
Re: Re: vBulletin 3.5.4 (install_path) Exploit mikathebest2003 (Jul 10)

mike

Re: Msie 7.0 beta Crash mike (Jul 01)
Lan-Aces Office Logic Mike (Jul 28)

Mike Healan

Re: New PowerPoint Trojan installs itself as LSP Mike Healan (Jul 22)

MNV

Gracenote buffer overflow MNV (Jul 16)

Moritz Muehlenhoff

[SECURITY] [DSA 1108-1] New mutt packages fix arbitrary code execution Moritz Muehlenhoff (Jul 12)
[SECURITY] [DSA 1109-1] New rssh packages fix privilege escalation Moritz Muehlenhoff (Jul 17)
[SECURITY] [DSA 1110-1] New samba packages fix denial of service Moritz Muehlenhoff (Jul 18)
[SECURITY] [DSA 1111-1] New Linux kernel 2.6.8 packages fix privilege escalation Moritz Muehlenhoff (Jul 18)
[SECURITY] [DSA 1112-1] New mysql-dfsg-4.1 packages fix denial of service Moritz Muehlenhoff (Jul 18)
[SECURITY] [DSA 1113-1] New zope2.7 packages fix information disclosure Moritz Muehlenhoff (Jul 18)
[SECURITY] [DSA 1117-1] New libgd2 packages fix denial of service Moritz Muehlenhoff (Jul 21)
[SECURITY] [DSA 1116-1] New gimp packages fix arbitrary code execution Moritz Muehlenhoff (Jul 21)
[SECURITY] [DSA 1124-1] New fbi packages fix potential deletion of user data Moritz Muehlenhoff (Jul 24)
[SECURITY] [DSA 1123-1] New libdumb packages fix arbitrary code execution Moritz Muehlenhoff (Jul 24)
[SECURITY] [DSA 1111-2] New Linux kernel 2.6.8 packages fix privilege escalation Moritz Muehlenhoff (Jul 26)
[SECURITY] [DSA 1125-1] New drupal packages fix execution of arbitrary web script code Moritz Muehlenhoff (Jul 26)
[SECURITY] [DSA 1125-2] New drupal packages fix execution of arbitrary web script code (revised packages) Moritz Muehlenhoff (Jul 27)
[SECURITY] [DSA 1127-1] New ethereal packages fix several vulnerabilities Moritz Muehlenhoff (Jul 28)

Moritz Naumann

Public Advisory: Horde 3.1.1, 3.0.10 Multiple Security Issues Moritz Naumann (Jul 06)

mozilla

ERNW Security Advisory 02/2006 - Buffer Overflow in sipXtapi (used in AOL Triton) mozilla (Jul 10)

Mr . Niega

Gdiplus.dll division by 0 Mr . Niega (Jul 29)

mullware

Escalation of privileges in Outpost and Lavasoft Firewalls -Unusual ShellExecute behavior mullware (Jul 19)

. myke lyons

[Bugtraq] Re: flock d0s exploit remote. beta 1 (v0.7) . myke lyons (Jul 04)

nanika

Excel 2000/XP/2003 Style 0day POC nanika (Jul 03)
Windows Explorer URL File format overflow nanika (Jul 05)

nate

Re: WordPress 2.0.3 SQL Error and Full Path Disclosure nate (Jul 15)
Re: cpanel login problem nate (Jul 29)

naveed

MS Word Unchecked Boundary Condition Vulnerability naveed (Jul 10)
Re: Windows Explorer URL File format overflow naveed (Jul 10)
Fuzzing Microsoft Office naveed (Jul 12)
MS Power Point Multiple Vulnerabilities (powerpnt.exe)- POC naveed (Jul 15)
MS Power Point Multiple Vulnerabilities - (mso.dll) POC naveed (Jul 15)
MS Power Point Multiple Vulnerabilities - (memory corruption) POC naveed (Jul 15)

newbinaryfile

XSS vulnerability on AWBS newbinaryfile (Jul 29)

Nick Breese

Advisory: VMware Possible Incorrect Permissions On SSL Key Files Nick Breese (Jul 25)

NSFOCUS Security Team

NSFOCUS SA2006-04 : Microsoft Office GIF Filter Buffer Overflow Vulnerability NSFOCUS Security Team (Jul 12)
NSFOCUS SA2006-06 : Microsoft Excel COLINFO Record Buffer Overflow Vulnerability NSFOCUS Security Team (Jul 12)
NSFOCUS SA2006-05 : Microsoft Excel SELECTION Record Memory Corruption Vulnerability NSFOCUS Security Team (Jul 12)
NSFOCUS SA2006-07 : ISS RealSecure/BlackICE MailSlot Heap Overflow Detection Remote DoS Vulnerability NSFOCUS Security Team (Jul 27)

omnipresent

Fantastic Guestbook v2.0.1 Advisory omnipresent (Jul 15)
MicroGuestBook Remote XSS Attack omnipresent (Jul 22)

OpenPKG

[OpenPKG-SA-2006.013] OpenPKG Security Advisory (mutt) OpenPKG (Jul 15)
[OpenPKG-SA-2006.014] OpenPKG Security Advisory (shiela) OpenPKG (Jul 26)
[OpenPKG-SA-2006.015] OpenPKG Security Advisory (apache) OpenPKG (Jul 28)
[OpenPKG-SA-2006.016] OpenPKG Security Advisory (ruby) OpenPKG (Jul 28)
[OpenPKG-SA-2006.017] OpenPKG Security Advisory (freetype) OpenPKG (Jul 28)

OS2A BTO

PHP-Blogger Multiple Cross Site Scripting Vulnerabilities OS2A BTO (Jul 07)

pagvacito

Unauthenticated access to BT Voyager config file and PPP credentials embedded in HTML form pagvacito (Jul 18)

paisterist . nst

PBL Guestbook <= 1.32 XSS & SQL Querys Vulnerabilities paisterist . nst (Jul 07)
Graffiti Forums v1.0 SQL Injection Vulnerabilities paisterist . nst (Jul 10)

paul14075

Invision Power Board v2.1 <= 2.1.6 sql injection exploit paul14075 (Jul 18)
Re: Re: Invision Power Board 2.1 <= 2.1.6 sql injection paul14075 (Jul 19)

paul dansing

Re: Invision Power Board 2.1 <= 2.1.6 sql injection paul dansing (Jul 18)

Paul Laudanski

CC announces new Rootkit help forum insync with Book Paul Laudanski (Jul 10)

Paul Starzetz

Re: rPSA-2006-0122-1 kernel Paul Starzetz (Jul 10)
Re: [ MDKSA-2006:116 ] - Updated kernel packages fixes multiple vulnerabilities Paul Starzetz (Jul 10)

Paul Szabo

Re: Browser bugs hit IE, Firefox today (SANS) Paul Szabo (Jul 05)

Pavel Kankovsky

Re: Cisco VPN Concentrator IKE resource exhaustion DoS Advisory Pavel Kankovsky (Jul 31)

peter_philipp

Consumers of Broadband Providers (ISP) may be open to hijack attacks peter_philipp (Jul 18)

philipp . niedziela

PHPAuction 2.1 (maybe higher) with phpAdsNew 2.0.5 RFI philipp . niedziela (Jul 31)
MyNewsGroups <= 0.6b (myng_root) Remote Inclusion Vulnerability philipp . niedziela (Jul 31)

putosoft softputo

Oracle 10g R2 and, probably, all previous versions putosoft softputo (Jul 27)

R0t-K33Y

Xss in MttKe-php v2.6 R0t-K33Y (Jul 27)
Remote Include Vulnerability ====> in Dr.Jr7 Gallery 3.2 RC1 R0t-K33Y (Jul 28)

Rainer Duffner

Re: file include exploits in randshop v1.2 Rainer Duffner (Jul 04)

RedTeam Pentesting

Advisory: Remote command execution in planetGallery RedTeam Pentesting (Jul 20)

renatrix

XSS phpBB 2.0.21 in administration renatrix (Jul 15)

research

SYMSA-2006-007: Microsoft Office Malformed String Parsing Vulnerability research (Jul 11)
SYMSA-2006-004 (Full Details): Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution research (Jul 13)
SYMSA-2006-008:Password Safe - Lock Password Database Configuration Not Enforced research (Jul 24)

reywen

crashing firefox <= 1.5.0.4 reywen (Jul 15)

rgod

Pivot <=1.30rc2 privilege escalation / remote commands execution rgod (Jul 07)
PAPOO <=3RC3 sql injection / admin credentials disclosure rgod (Jul 08)
flatnuke <= 2.5.7 arbitrary php file upload rgod (Jul 13)
PHORUM 5 arbitrary local inclusion rgod (Jul 13)
phpbb 3.x sql injection (with global moderator rights) rgod (Jul 13)
MyBulletinBoard (MyBB) 1.1.5 'CLIENT-IP' sql injection rgod (Jul 16)
ToendaCMS <= 1.0.0 arbitrary file upload rgod (Jul 18)
LoudBlog <=0.5 Sql injection rgod (Jul 21)
Etomite CMS <= 0.6.1 'rfiles.php' remote command execution rgod (Jul 26)
PHP ip2long() function circumvention rgod (Jul 29)
ATutor <= 1.5.3.1 'links' blind SQL injection / admin credentials disclosure rgod (Jul 31)

Robert Marquardt

RE: Re: vBulletin 3.5.4 (install_path) Exploit Robert Marquardt (Jul 15)

Roger A. Grimes

$100 plus several of my books if you can crack my Windows password hashes. Roger A. Grimes (Jul 18)
RE: $100 plus several of my books if you can crack my Windows password hashes. Roger A. Grimes (Jul 22)
RE: $100 plus several of my books if you can crack my Windows password hashes. Roger A. Grimes (Jul 22)

Roman Medina-Heigl Hernandez

Linux Kernel 2.6.x PRCTL Core Dump Handling - Local r00t Exploit ( BID 18874 / CVE-2006-2451 ) Roman Medina-Heigl Hernandez (Jul 12)

root

PcAnywhere > 12 Local Privilege Escalation root (Jul 18)

roozbeh_afrasiabi

[KAPDA::#53] MYBB XSS and Dir Traversal in usercp.php roozbeh_afrasiabi (Jul 29)

Roy Hills

Cisco VPN Concentrator IKE resource exhaustion DoS Advisory Roy Hills (Jul 26)

rst

Invision Power Board 2.1 <= 2.1.6 sql injection rst (Jul 16)

Russell Lowenthal

Oracle 10g R2 and, probably, all previous versions Russell Lowenthal (Jul 28)

Ryan Smith

Hustle -- Tumbleweed Email Firewall Remote Vulnerability Ryan Smith (Jul 28)

sales

Re: Digital Armaments Security Advisory 10.07.2006: Flexwath Authorization Bypassing and XSS Vulnerability sales (Jul 22)

Saudi . Unix

randshop <= 1.1.x (index.php) Remote File Inclusion Vulnerability Saudi . Unix (Jul 11)
ExtCalendar Mambo Module <= v2( extcalendar.php ) Remote File Include Vulnerabilities saudi . unix (Jul 18)
PHP Live! v3.2 (header.php) Remote File Include Vulnerabilities saudi . unix (Jul 24)
SQuery v.x (devi.php) (armygame.php) Remote File Inclusion saudi . unix (Jul 24)
com_moskool (admin.moskool.php) Remote File Include Vulnerabilities saudi . unix (Jul 31)

Schmehl, Paul L

RE: [Full-disclosure] Browser bugs hit IE, Firefox today (SANS) Schmehl, Paul L (Jul 01)

scott

Re: vBulletin 3.5.4 (install_path) Exploit scott (Jul 06)
Re: [EEYEB-20060227] D-Link Router UPNP Stack Overflow scott (Jul 22)

Scott Gemma

Re: cpanel login problem Scott Gemma (Jul 31)

Sec-Tec Lists

Check Point R55W Directory Traversal Sec-Tec Lists (Jul 24)

Secunia Research

Secunia Research: IceWarp Web Mail Two File Inclusion Vulnerabilities Secunia Research (Jul 17)
Secunia Research: VisNetic Mail Server Two File Inclusion Vulnerabilities Secunia Research (Jul 18)
Secunia Research: BitZipper unacev2.dll Buffer Overflow Vulnerability Secunia Research (Jul 18)
Secunia Research: AutoVue SolidModel Professional Buffer Overflow Vulnerability Secunia Research (Jul 26)
Secunia Research: FileCOPA Directory Argument Handling Buffer Overflow Secunia Research (Jul 26)
Secunia Research: Mozilla Firefox XPCOM Event Handling Memory Corruption Secunia Research (Jul 27)

security

[ MDKSA-2006:116 ] - Updated kernel packages fixes multiple vulnerabilities security (Jul 05)
[ MDKSA-2006:117 ] - Updated libmms packages fix buffer overflow vulnerability security (Jul 07)
[ MDKSA-2006:118 ] - Updated OpenOffice.org packages fix various vulnerabilities security (Jul 08)
[ MDKA-2006:119 ] - Updated ppp packages fix plugin vulnerability security (Jul 12)
[ MDKSA-2006:117-1 ] - Updated libmms packages fix buffer overflow vulnerability security (Jul 12)
[ MDKSA-2006:120 ] - Updated samba packages fix DoS vulnerability security (Jul 12)
[ MDKSA-2006:121 ] - Updated xine-lib packages fix buffer overflow vulnerability security (Jul 13)
[ MDKSA-2006:122 ] - Updated php packages fix multiple vulnerabilities security (Jul 13)
[ MDKSA-2006:123 ] - Updated kernel packages fixes multiple vulnerabilities security (Jul 13)
[ MDKSA-2006:124 ] - Updated kernel packages fix privilege escalation vulnerability security (Jul 18)
WebScarab <= 20060621-0003 cross site scripting security (Jul 18)
[ MDKSA-2006:125 ] - Updated webmin packages fix arbitray file read vulnerability. security (Jul 19)
[ MDKSA-2006:127 ] - Updated gimp packages fix buffer overflow vulnerability. security (Jul 19)
[ MDKSA-2006:126 ] - Updated libtunepimp packages fixes buffer overflow vulnerabilities. security (Jul 19)
[ MDKSA-2006:128 ] - Updated wireshark packages fix numerous vulnerabilities security (Jul 19)
[ MDKSA-2006:129 ] - Updated freetype2 packages fixes overflow vulnerability. security (Jul 20)
[ MDKSA-2006:130 ] - Updated kdelibs packages fix konqueror crash vulnerability. security (Jul 21)
[ MDKSA-2006:131 ] - Updated perl-Net-Server packages fix format string vulnerability security (Jul 26)
[ MDKSA-2006:132 ] - Updated libwmf packages fixes integer overflow vulnerability security (Jul 28)
[ MDKSA-2006:133 ] - Updated apache packages fix mod_rewrite vulnerability security (Jul 29)
[ MDKSA-2006:134 ] - Updated ruby packages fix safe-level vulnerabilities security (Jul 29)

security-alert

[security bulletin] HPSBUX02128 SSRT5996 - rev.1 HP-UX mkdir(1) Local Unauthorized Access security-alert (Jul 01)
[security bulletin] HPSBUX02103 SSRT5953 rev.3 - HP-UX passwd(1) Local Denial of Service (DoS) security-alert (Jul 01)
[security bulletin] HPSBUX02120 SSRT051057 rev.2 - HP-UX Local Denial of Service (DoS) security-alert (Jul 13)
[security bulletin] HPSBTU02132 SSRT061154 rev.1 - HP Tru64 UNIX running NIS ypserv, Remote Denial of Service (DoS) security-alert (Jul 19)
[security bulletin] HPSBUX02108 SSRT061133 rev.12 - HP-UX Running Sendmail, Remote Execution of Arbitrary Code security-alert (Jul 20)
[security bulletin] HPSBMA02133 SSRT061201 rev.1 - HP Oracle for OpenView (OfO) Critical Patch Update July 2006 security-alert (Jul 21)
[security bulletin] HPSBUX02087 SSRT4728 rev.2 - HP-UX running TCP/IP Remote Denial of Service (DoS) security-alert (Jul 25)
Re: Opsware NAS 6.0 reveals MySQL 'root' password security-alert (Jul 27)

securityconnection

NewsPHP 2006 PRO XSS SQL injection Vulnerability securityconnection (Jul 01)
QTOFileManager 1.0 securityconnection (Jul 03)
TBE 4.0 XSS securityconnection (Jul 03)
sNews 1.3 XSS SQL securityconnection (Jul 05)
BLOG:CMS 4.1.0 SQL injection File Include Vulnerability securityconnection (Jul 05)
ATutor 1.5.3 Cross Site Scripting securityconnection (Jul 08)
Phorum 5.1.14 XSS SQL injection Vulnerability securityconnection (Jul 15)
MusicBox <= 2.3.4 XSS SQL injection Vulnerability securityconnection (Jul 24)
Phpprobid <= 5.24 XSS SQL injection Vulnerability securityconnection (Jul 26)
GeoClassifieds Enterprise <= 2.0.5.2 Cross Site Scripting securityconnection (Jul 27)

security curmudgeon

Re: Ashop Search Module SQL injection security curmudgeon (Jul 26)
Re: Fusion Polls (xtrphome) Remote File Inclusion security curmudgeon (Jul 28)

securityfocus

Re: Photocycle v1.0 - XSS securityfocus (Jul 14)

Sheryl Coppenger

Re: Securing PHP or finding PHP alternatives Sheryl Coppenger (Jul 15)

SHiKaA-

SQuery <= 4.5(libpath) Remote File Inclusion Exploit SHiKaA- (Jul 12)

Silitix

DotClear : Multiples Full Path Disclosure Silitix (Jul 22)

simo64

Lazarus Guestbook Cross Site Scripting Vulnerabilities simo64 (Jul 12)
LinksCaffe 3.0 SQL injection/Command Execution Vulnerabilties simo64 (Jul 25)

SkyFlash

Re: Securing PHP or finding PHP alternatives SkyFlash (Jul 15)

sledge

AFCommerce Shopping Cart sledge (Jul 19)

SnoBmsn

Microsoft Internet Explorer DOS Vulnerability SnoBmsn (Jul 22)

solutions_PHP

Re: [EEYEB-20060227] D-Link Router UPNP Stack Overflow solutions_PHP (Jul 31)

Sowhat

Microsoft Excel Array Index Error Remote Code Execution Sowhat (Jul 12)

spammeanddie

Crtical Shockwave Embeded XSS Execution spammeanddie (Jul 15)

ss_team

Cross Site Scripting Vulnerability in Zoho Virtual Office ss_team (Jul 18)

Stefan Cornelius

[ GLSA 200607-12 ] OpenOffice.org: Multiple vulnerabilities Stefan Cornelius (Jul 29)
[ GLSA 200607-11 ] TunePimp: Buffer overflow Stefan Cornelius (Jul 29)

Steven M. Christey

Re: LAMP vs Microsoft Steven M. Christey (Jul 12)
Re: ATutor 1.5.3 Cross Site Scripting Steven M. Christey (Jul 22)
Re: HYSA-2006-008 myBloggie 2.1.3 CRLF & SQL Injection Steven M. Christey (Jul 27)
Re: Xss in MttKe-php v2.6 Steven M. Christey (Jul 31)
Re: Do world's famous companies take care of their security? Steven M. Christey (Jul 31)

StorMBoY

RW::Download stats.php Remote File Inc. StorMBoY (Jul 08)
Webvizyon Portal 2006 Version SQL Injection StorMBoY (Jul 10)
MT rmcek Toplist v2.2 Version Microsoft Access Driver ( MDB ) Download StorMBoY (Jul 10)

str0ke

Re: Invision Power Board 2.1 <= 2.1.6 sql injection str0ke (Jul 18)
Re: Webmin / Usermin Arbitrary File Disclosure Vulnerability exploit str0ke (Jul 19)

Sune Kloppenborg Jeppesen

[ GLSA 200607-01 ] mpg123: Heap overflow Sune Kloppenborg Jeppesen (Jul 03)
[ GLSA 200607-03 ] libTIFF: Multiple buffer overflows Sune Kloppenborg Jeppesen (Jul 10)
[ GLSA 200607-04 ] PostgreSQL: SQL injection Sune Kloppenborg Jeppesen (Jul 10)
[ GLSA 200607-02 ] FreeType: Multiple integer overflows Sune Kloppenborg Jeppesen (Jul 11)
[ GLSA 200607-05 ] SHOUTcast server: Multiple vulnerabilities Sune Kloppenborg Jeppesen (Jul 11)
[ GLSA 200607-08 ] GIMP: Buffer overflow Sune Kloppenborg Jeppesen (Jul 24)
ERRATA: [ GLSA 200607-08 ] GIMP: Buffer overflow Sune Kloppenborg Jeppesen (Jul 24)
[ GLSA 200607-09 ] Wireshark: Multiple vulnerabilities Sune Kloppenborg Jeppesen (Jul 25)
[ GLSA 200607-10 ] Samba: Denial of Service vulnerability Sune Kloppenborg Jeppesen (Jul 25)
UPDATE: [ GLSA 200605-08 ] PHP: Multiple vulnerabilities Sune Kloppenborg Jeppesen (Jul 31)

support

Re: Buddy Zone Version 1.0.1 - XSS support (Jul 15)

tamriel

Professional PHP Tools Guestbook Multiple Vulnerabilities tamriel (Jul 18)
hdweGUEST <= 2.1.1 Cross Site Scripting Vulnerabilities tamriel (Jul 19)
Professional Home Page Tools Login Script Cross Site Scripting Vulnerabilities tamriel (Jul 26)
TP-Book <= 1.00 Cross Site Scripting Vulnerabilities tamriel (Jul 26)

The Dark Tangent

DEF CON 14: Speakers Selected and more. The Dark Tangent (Jul 01)

the_day

[ECHO_ADV_41$2006] BufferOverflow in Midirecord2 the_day (Jul 26)

the . jalal

Re: SubberZ[Lite] - Remote File Include the . jalal (Jul 22)

Thierry Carrez

[ GLSA 200607-06 ] libpng: Buffer overflow Thierry Carrez (Jul 19)
[ GLSA 200607-07 ] xine-lib: Buffer overflow Thierry Carrez (Jul 21)

Thor (Hammer of God)

Re: Bybass HTTP ( extension files ) in ISA 2004 Thor (Hammer of God) (Jul 17)
Re: Bybass HTTP ( extension files ) in ISA 2004 Thor (Hammer of God) (Jul 19)

Thor Larholm

Re: Browser bugs hit IE, Firefox today (SANS) Thor Larholm (Jul 04)

tigerblue

Oracle and Apache mod_rewrite Vulnerability tigerblue (Jul 31)

Tim Brown

Low security hole affecting IPCalc's CGI wrapper Tim Brown (Jul 22)

Tippingpoint Security Research Team

TSRT-06-02: Microsoft SRV.SYS Mailslot Ring0 Memory Corruption Vulnerability Tippingpoint Security Research Team (Jul 11)

Troy Bollinger

Re: IBM AIX Security contact? Troy Bollinger (Jul 07)

Trustix Security Advisor

TSLSA-2006-0040 - kernel Trustix Security Advisor (Jul 07)
TSLSA-2006-0042 - multi Trustix Security Advisor (Jul 21)

tr_zindan

PrinceClan Chess Mambo Com <= 0.8 Remote Inclusion Vulnerability tr_zindan (Jul 28)

TSRT

TSRT-06-04: eIQnetworks Enterprise Security Analyzer Topology Server Buffer Overflow Vulnerability TSRT (Jul 26)
TSRT-06-03: eIQnetworks Enterprise Security Analyzer Syslog Server Buffer Overflow Vulnerabilities TSRT (Jul 26)

tuergeist

Mico crashes when contected with wrong IOR / DoS tuergeist (Jul 07)
Re: Mico crashes when contected with wrong IOR / DoS tuergeist (Jul 10)
Re: Mico crashes when contected with wrong IOR / DoS tuergeist (Jul 10)

usar_y_tirar

Re: cpanel login problem usar_y_tirar (Jul 31)

VMware Security Team

VMSA-2006-0003 VMware possible incorrect permissions on SSL key files VMware Security Team (Jul 19)

vulnerabilities

SQL injection Seir Anphin v666 Community Management System vulnerabilities (Jul 31)

vuln . invent

Plesk Control Panel <= 8.0.0 XSS vulnerability vuln . invent (Jul 17)

vulnpost-remove

[vuln.sg] DynaZip DZIP32.DLL/DZIPS32.DLL Buffer Overflow Vulnerabilities vulnpost-remove (Jul 25)
[vuln.sg] TurboZIP ZIP Repair Buffer Overflow Vulnerability vulnpost-remove (Jul 25)
[vuln.sg] AGEphone "sipd.dll" SIP Packet Handling Buffer Overflow vulnpost-remove (Jul 25)
[vuln.sg] PowerArchiver DZIPS32.DLL Buffer Overflow Vulnerability vulnpost-remove (Jul 26)

Web Ex

RE: WebEx Downloader Plug-in Multiple Vulnerabilities + rant Web Ex (Jul 10)

William A. Rowe, Jr.

[Announcement] Apache HTTP Server 2.2.3 (2.0.59, 1.3.37) Released William A. Rowe, Jr. (Jul 28)

x0r0n

ScozNews Final-Php <=1.1 Remote File Inclusion Vulnerability x0r0n (Jul 13)
Flipper Poll <= 1.1.0 Remote File Inclusion Vulnerability x0r0n (Jul 13)
ListMessenger v0.9.3 Remote File Inclusion Vulnerability x0r0n (Jul 18)
Keyif Portal v2.0 - Microsoft Access Driver ( MDB ) Download x0r0n (Jul 18)
Re: Portail PHP v1.7 Remote File Include x0r0n (Jul 31)

Xavier

Rocks Clusters <=4.1 local root Xavier (Jul 15)

xzerox

phpBB 2.0.21 Full Path Disclosure xzerox (Jul 01)
WordPress 2.0.3 SQL Error and Full Path Disclosure xzerox (Jul 03)
Pearl Products Multiple Remote File Inclusion xzerox (Jul 03)
FLV Players Multiple Input Validation Vulnerabilities xzerox (Jul 13)

y3dips

OPERA Web Browser 9 Denial OF Service y3dips (Jul 01)

zck zck

Re: WordPress 2.0.3 SQL Error and Full Path Disclosure zck zck (Jul 12)

zdi-disclosures

ZDI-06-021: WebEx Downloader Plug-in Code Execution Vulnerability zdi-disclosures (Jul 08)
ZDI-06-022: Microsoft Office Excel File Rebuilding Code Execution Vulnerability zdi-disclosures (Jul 11)
ZDI-06-024: eIQNetworks Enterprise Security Analyzer License Manager Buffer Overflow Vulnerability zdi-disclosures (Jul 26)
ZDI-06-023: eIQNetworks Enterprise Security Analyzer Syslog Server Buffer Overflow Vulnerability zdi-disclosures (Jul 26)
ZDI-06-025: Mozilla Firefox Javascript navigator Object Vulnerability zdi-disclosures (Jul 27)

zeberus_

Php-Fusion (Xss) With Avatar Upload zeberus_ (Jul 03)
Previous period Next period
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault