Bugtraq: by thread

Re: Xoops All Version -Articles- Print.PHP (ID) Blind SQL Injection Exploit And PoC vaughan.montgomery_at_gmail.com (Mar 31 2007)
2BGal 3.1.1 <= (admin/index.php) Remote File Include Vulnerability BorN To K!LL BorN To K!LL (Mar 31 2007)
MS announces out-of-band patch for ANI 0day Gadi Evron (Apr 01 2007)
[ GLSA 200703-27 ] Squid: Denial of Service Raphael Marichez (Mar 31 2007)
[SECURITY] [DSA 1274-1] New file packages fix arbitrary code execution Noah Meyerhans (Apr 02 2007)
[security bulletin] HPSBMA02198 SSRT061177 rev.1 - HP OpenView Network Node Manager (OV NNM) Remote Unauthorized Access security-alert_at_hp.com (Apr 02 2007)
[ GLSA 200703-28 ] CUPS: Denial of Service Raphael Marichez (Mar 31 2007)
Re: Drake CMS v0.3.2 < = RFi Vulnerabilities legolas558_at_users.sourceforge.net (Apr 02 2007)
DirectAdmin persistant XSS [takeover an Administrator`s account] Kanedaaa Bohater (Mar 31 2007)
Norton Multiple insufficient argument validation of hooked SSDT function Vulnerability Matousec - Transparent security Research (Apr 01 2007)
Re: Denial of Service Vulnerabilities in TrueCrypt 4.3 Linux (re. bid 23180) Pavel Kankovsky (Apr 01 2007)
- Re: Denial of Service Vulnerabilities in TrueCrypt 4.3 Linux (re. bid 23180) Marco Ivaldi (Apr 04 2007)
0day Oracle 10g exploit - dbms_aq.enqueue - become DBA Andrea \ (Apr 02 2007)
- Re: [Full-disclosure] [RECTIFY] Oracle 10g exploit - dbms_aq.enqueue - become DBA Andrea \ (Apr 03 2007)
- Re: 0day Oracle 10g exploit - dbms_aq.enqueue - become DBA Gadi Evron (Apr 02 2007)
  - Re: 0day Oracle 10g exploit - dbms_aq.enqueue - become DBA Andrea Purificato - bunker (Apr 02 2007)
Windows XP/Vista (.ANI) Remote Exploit (bypass eeye patch) jamikazu_at_gmail.com (Apr 01 2007)
Maplab <= 2.2.1 (gszAppPath) Remote File Inclusion Vulnerability mufti.rizal_at_gmail.com (Apr 02 2007)
- Re: Maplab <= 2.2.1 (gszAppPath) Remote File Inclusion Vulnerability jasus (Apr 02 2007)
  - Re: Maplab <= 2.2.1 (gszAppPath) Remote File Inclusion Vulnerability str0ke (Apr 02 2007)
iDefense Security Advisory 03.31.07: Multiple Vendor ImageMagick DCM and XWD Buffer Overflow Vulnerabilities iDefense Labs (Apr 02 2007)
More information on ZERT patch for ANI 0day Gadi Evron (Apr 01 2007)
- Re: More information on ZERT patch for ANI 0day Stefan Kelm (Apr 03 2007)
  - Re: [Full-disclosure] More information on ZERT patch for ANI 0day Matthew Murphy (Apr 03 2007)
  - Re: More information on ZERT patch for ANI 0day Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] (Apr 03 2007)
    - Re: More information on ZERT patch for ANI 0day Jason Frisvold (Apr 03 2007)
      - Re: More information on ZERT patch for ANI 0day Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] (Apr 03 2007)
      - Re: More information on ZERT patch for ANI 0day Jason Frisvold (Apr 03 2007)
WOVB #01: Bypassing Vista Firewall, Flying over obstructive line TWOVB Team (Apr 02 2007)
Re: AIX 4.3 lsmcode local root command execution Shiva Persaud (Apr 02 2007)
APOP vulnerability Gaëtan LEURENT (Apr 02 2007)
- Re: APOP vulnerability 3APA3A (Apr 03 2007)
  - Re: APOP vulnerability Gaëtan LEURENT (Apr 03 2007)
    - Re[2]: APOP vulnerability 3APA3A (Apr 03 2007)
iDefense Security Advisory 04.02.07: Hewlett-Packard Mercury Quality Center ActiveX Control ProgColor Buffer Overflow Vulnerability iDefense Labs (Apr 02 2007)
[CFP] VNSECON 07 - Call for Papers / HCMC - August 03-04, 2007 rd (Apr 02 2007)
[ GLSA 200704-01 ] Asterisk: Two SIP Denial of Service vulnerabilities Sune Kloppenborg Jeppesen (Apr 02 2007)
iDefense Security Advisory 03.31.07: IBM Tivoli Provisioning Manager for OS Deployment Multiple Vulnerabilities iDefense Labs (Apr 02 2007)
[SECURITY] [DSA 1275-1] New zope2.7 packages fix cross-site scripting flaw Noah Meyerhans (Apr 02 2007)
TWOVB][ The Week Of Vista Bugs: the truth is out there TWOVB Team (Apr 02 2007)
Re: Exploiting Microsoft dynamic Dns updates Denis Jedig (Apr 03 2007)
[MajorSecurity Advisory #37]HolaCMS - Cross Site Scripting Issue SecurityAudit_at_majorsecurity.de (Apr 03 2007)
MyBulletinBoard (MyBB) <= 1.2.3 Remote Code Execution Exploit gmdarkfig_at_gmail.com (Apr 03 2007)
Remote File Include In Script stat12 RaeD_at_BsdMail.Com (Apr 03 2007)
MITKRB5-SA-2007-002: KDC, kadmind stack overflow in krb5_klog_syslog [CVE-2007-0957] Tom Yu (Apr 03 2007)
MITKRB5-SA-2007-003: double-free vulnerability in kadmind (via GSS-API library) [CVE-2007-1216] Tom Yu (Apr 03 2007)
FLEA-2007-0006-2: ImageMagick Foresight Linux Essential Announcement Service (Apr 03 2007)
iDefense Security Advisory 04.03.07: Microsoft Windows WMF Triggerable Kernel Design Error DoS Vulnerability iDefense Labs (Apr 03 2007)
MITKRB5-SA-2007-001: telnetd allows login as arbitrary user [CVE-2007-0956] Tom Yu (Apr 03 2007)
Re: On-going Internet Emergency and Domain Names Bob Fiero (Apr 02 2007)
- Re: On-going Internet Emergency and Domain Names Alexander Klimov (Apr 07 2007)
iDefense Security Advisory 04.03.07: Multiple Vendor Kerberos kadmind Buffer Overflow Vulnerability iDefense Labs (Apr 03 2007)
FLEA-2007-0007-1: nas Foresight Linux Essential Announcement Service (Apr 03 2007)
ZDI-07-012: Yahoo! Messenger AudioConf ActiveX Control Buffer Overflow zdi-disclosures_at_3com.com (Apr 03 2007)
FLEA-2007-0006-1: ImageMagick Foresight Linux Essential Announcement Service (Apr 03 2007)
[SECURITY] [DSA 1276-1] New krb5 packages fix several vulnerabilities Moritz Muehlenhoff (Apr 03 2007)
[ GLSA 200704-02 ] MIT Kerberos 5: Arbitrary remote code execution Sune Kloppenborg Jeppesen (Apr 03 2007)
Nine Vista CVEs, including Microsoft inaccurate Teredo use case documentation Jim Hoagland (Apr 03 2007)
- Re: Nine Vista CVEs, including Microsoft inaccurate Teredo use case documentation Jim Hoagland (Apr 05 2007)
- Re: Nine Vista CVEs, including Microsoft inaccurate Teredo use case documentation GomoR (Apr 07 2007)
[ GLSA 200704-05 ] zziplib: Buffer Overflow Raphael Marichez (Apr 03 2007)
[ MDKSA-2007:075 ] - Updated qt4 packages to address utf8 decoder bug security_at_mandriva.com (Apr 03 2007)
iDefense Security Advisory 04.03.07: Multiple Vendor X Server fonts.dir File Parsing Integer Overflow Vulnerability iDefense Labs (Apr 03 2007)
[ GLSA 200704-03 ] OpenAFS: Privilege escalation Raphael Marichez (Apr 03 2007)
Three New Papers on Oracle Forensics David Litchfield (Apr 04 2007)
rPSA-2007-0063-1 krb5 krb5-server krb5-services krb5-test krb5-workstation rPath Update Announcements (Apr 04 2007)
CYBSEC Pre-Advisory: SAP TRUSTED_SYSTEM_SECURITY RFC Function Information Disclosure CYBSEC Advisories (Apr 04 2007)
iDefense Security Advisory 04.03.07: Multiple Vendor X Server XC-MISC Extension Memory Corruption Vulnerability iDefense Labs (Apr 03 2007)
CYBSEC Security Pre-Advisory: SAP RFC_START_PROGRAM RFC Function Multiple Vulnerabilities CYBSEC Advisories (Apr 04 2007)
CYBSEC Security Pre-Advisory: SAP RFC_START_GUI RFC Function Buffer Overflow CYBSEC Advisories (Apr 04 2007)
lite-cms-0.2.1 Remote File Include Vulnerabilities the_3dit0r_at_yahoo.com (Apr 04 2007)
CYBSEC Security Pre-Advisory: SAP SYSTEM_CREATE_INSTANCE RFC Function Buffer Overflow CYBSEC Advisories (Apr 04 2007)
[USN-449-1] krb5 vulnerabilities Kees Cook (Apr 03 2007)
CYBSEC Security Pre-Advisory: SAP RFC_SET_REG_SERVER_PROPERTY RFC Function Denial Of Service CYBSEC Advisories (Apr 04 2007)
CYBSEC Release: SAP Security - Paper & Tool release Mariano Nuñez Di Croce (Apr 04 2007)
rPSA-2007-0064-1 ImageMagick rPath Update Announcements (Apr 04 2007)
[MajorSecurity Advisory #38]eXV2 CMS - Session fixation and Cross-Site-Scripting Issues Securityaudit_at_majorsecurity.de (Apr 04 2007)
[ MDKSA-2007:074 ] - Updated qt3 packages to address utf8 decoder bug security_at_mandriva.com (Apr 03 2007)
Remot File Include In phpexplorator_2_0 RaeD_at_BsdMail.Com (Apr 04 2007)
[USN-448-1] X.org vulnerabilities Kees Cook (Apr 03 2007)
iXon_CMS 0.30 Remote File Include Vulnerabilities the_3dit0r_at_yahoo.com (Apr 04 2007)
rPSA-2007-0067-1 nas rPath Update Announcements (Apr 04 2007)
K-CMS v1.0 Remote File Include Vulnerabilities the_3dit0r_at_yahoo.com (Apr 04 2007)
rPSA-2007-0066-1 kdelibs qt-x11-free rPath Update Announcements (Apr 04 2007)
Monkey CMS v0.0.3 Remote File Include Vulnerabilitiy the_3dit0r_at_yahoo.com (Apr 04 2007)
phpechocms v.2 Cross-Site Scripting Vulnerabilitiy the_3dit0r_at_yahoo.com (Apr 04 2007)
iDefense Security Advisory 04.03.07: Multiple Vendor X Server BDF Font Parsing Integer Overflow Vulnerability iDefense Labs (Apr 03 2007)
phpechocms2 Remote File Include Vulnerabilities the_3dit0r_at_yahoo.com (Apr 04 2007)
rPSA-2007-0065-1 freetype xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs rPath Update Announcements (Apr 04 2007)
MyBlog: PHP and MySQL Blog/CMS software Cross-Site Scripting Vulnerabilitiy the_3dit0r_at_yahoo.com (Apr 04 2007)
MyBlog: PHP and MySQL Blog/CMS software Remote File Include Vulnerabilitiy the_3dit0r_at_yahoo.com (Apr 04 2007)
[ MDKSA-2007:076 ] - Updated kdelibs packages to address UTF8 issue in KJS security_at_mandriva.com (Apr 03 2007)
Mozilla Firefox Insecure Element Stealth Injection Vulnerability Michal Majchrowicz (Apr 04 2007)
rPSA-2007-0062-1 firefox rPath Update Announcements (Apr 04 2007)
High Risk Vulnerability in OpenOffice NGSSoftware Insight Security Research (Apr 04 2007)
Several Windows image viewers vulnerabilities Ivan Fratric (Apr 04 2007)
[SECURITY] [DSA 1277-1] New XMMS packages fix arbitrary code execution Noah Meyerhans (Apr 04 2007)
Gazi Okul Sitesi 2007(tr)(fotokategori.asp) Remote SQL Injection r00t-balance_at_hotmail.com (Apr 04 2007)
[ MDKSA-2007:077 ] - Updated krb5 packages fix vulnerabilities security_at_mandriva.com (Apr 04 2007)
Firefox extensions go Evil - Critical Vulnerabilities in Firefox/Firebug pdp (architect) (Apr 04 2007)
- Re: [WEB SECURITY] Firefox extensions go Evil - Critical Vulnerabilities in Firefox/Firebug Daniel Veditz (Apr 04 2007)
- Re: Firefox extensions go Evil - Critical Vulnerabilities in Firefox/Firebug Thor Larholm (Apr 05 2007)
VMSA-2007-0003 VMware ESX 3.0.1 and 3.0.0 server security updates VMware Security team (Apr 04 2007)
[ MDKSA-2007:078 ] - Updated kernel packages fix multiple vulnerabilities and bugs security_at_mandriva.com (Apr 04 2007)
[ MDKSA-2007:079 ] - Updated xorg-x11/XFree86 packages fix integer overflow vulnerabilities security_at_mandriva.com (Apr 04 2007)
LedgerSMB 1.2.0 finally released, fixes CVE-2006-5589 Chris Travers (Apr 04 2007)
[ MDKSA-2007:080 ] - Updated tightvnc packages fix integer overflow vulnerabilities security_at_mandriva.com (Apr 04 2007)
[ MDKSA-2007:081 ] - Updated freetype2 packages fix vulnerability security_at_mandriva.com (Apr 04 2007)
iDefense Security Advisory 04.04.07: Kaspersky AntiVirus SysInfo ActiveX Control Information Disclosure Vulnerability iDefense Labs (Apr 04 2007)
iDefense Security Advisory 04.04.07: Kaspersky Internet Security Suite klif.sys Heap Overflow Vulnerability iDefense Labs (Apr 04 2007)
Microsoft .NET request filtering bypass vulnerability (BID 20753) research_at_procheckup.com (Apr 05 2007)
iDefense Security Advisory 04.04.07: ESRI ArcSDE Buffer Overflow Vulnerability iDefense Labs (Apr 04 2007)
FLEA-2007-0008-1: krb5 Foresight Linux Essential Announcement Service (Apr 05 2007)
FLEA-2007-0009-1: xorg-x11 freetype Foresight Linux Essential Announcement Service (Apr 05 2007)
Wserve HTTP Server 4.6 Version (Long Directory Name) Buffer Overflow - Denial Of Service UniquE_at_UniquE-Key.Org (Apr 05 2007)
FLEA-2007-0010-1: evolution Foresight Linux Essential Announcement Service (Apr 05 2007)
[security bulletin] HPSBUX02204 SSRT071341 rev.1 - HP-UX Running CIFS Server (Samba), Remote Denial of Service (DoS) security-alert_at_hp.com (Apr 05 2007)
ACLS ineffective in SQL-Ledger and LedgerSMB Chris Travers (Apr 05 2007)
ZDI-07-014: Kaspersky Anti-Virus ActiveX Control Unsafe Method Exposure Vulnerablity zdi-disclosures_at_3com.com (Apr 05 2007)
phpContact Multiple Remote File Inclusion Vulnerabilities rko.thelegendkiller_at_gmail.com (Apr 06 2007)
[MajorSecurity Advisory #39]onelook onebyone CMS - Session fixation Issue Securityaudit_at_majorsecurity.de (Apr 06 2007)
ZDI-07-013: Kaspersky AntiVirus Engine ARJ Archive Parsing Heap Overflow Vulnerability zdi-disclosures_at_3com.com (Apr 05 2007)
[MajorSecurity Advisory #40]onelook oboShop - Session fixation Issue Securityaudit_at_majorsecurity.de (Apr 06 2007)
[MajorSecurity Advisory #41]onelook courts online - Session fixation Issue Securityaudit_at_majorsecurity.de (Apr 06 2007)
livor 2.5 Cross-Site Scripting Vulnerability rko.thelegendkiller_at_gmail.com (Apr 06 2007)
AOL Nullsoft Winamp LIBSNDFILE.DLL Remote Memory Corruption (Off By Zero) Piotr Bania (Apr 06 2007)
AOL Nullsoft Winamp S3M Module "IN_MOD.DLL" Remote Heap Memory Corruption Piotr Bania (Apr 06 2007)
AOL Nullsoft Winamp IT Module "IN_MOD.DLL" Remote Heap Memory Corruption Piotr Bania (Apr 06 2007)
[SECURITY] [DSA 1278-1] New man-db packages fix arbitrary code execution Noah Meyerhans (Apr 06 2007)
LayerOne 2007 - Speaker Line up Announced Layer One (Apr 06 2007)
[ GLSA 200704-06 ] Evince: Stack overflow in included gv code Raphael Marichez (Apr 06 2007)
[ GLSA 200704-07 ] libwpd: Multiple vulnerabilities Raphael Marichez (Apr 06 2007)
PHP <= 5.2.1 wbmp file handling integer overflow Ivan Fratric (Apr 07 2007)
[MajorSecurity Advisory #42]webblizzard CMS - Cross Site Scripting and Session fixation Issues Securityaudit_at_majorsecurity.de (Apr 07 2007)
CmailServer WebMail <= V.5.3.4 (signup) Remote XSS Exploit ajannhwt_at_hotmail.com (Apr 07 2007)
witshare 0.9 Remote File Include Vulnerabilitiy the_3dit0r_at_yahoo.com (Apr 06 2007)
UBB.threads (<= 6.1.1) SQL Injection Vulnerability john_at_martinelli.com (Apr 07 2007)
Scorp Book <== v1.0 (smilies.php) Remote File Include Exploit k4rtal_at_gmail.com (Apr 08 2007)
Take Control In Script Jeebles Directory RaeD_at_BsdMail.Com (Apr 08 2007)
Gsylvain35 Portail Web Remote File Include Vulnerabilities the_3dit0r_at_yahoo.com (Apr 08 2007)
phpMyAdmin 2.6.1 Local Cross Site Scripting the_3dit0r_at_yahoo.com (Apr 08 2007)
Remot File Include In Script Lore v1 RaeD_at_BsdMail.Com (Apr 08 2007)
DeskPRO v2.0.1 - Cross-Site Scripting Vulnerability john_at_martinelli.com (Apr 08 2007)
Request It : Song Request System 1.0b - remote file inclusion mail_at_hackberry.ath.cx (Apr 09 2007)
QuizShock 1.6.1 - Cross-Site Scripting Vulnerability john_at_martinelli.com (Apr 07 2007)
Mybb Hot Editor Plugin Local File Inclusion liz0_at_expw0rm.com (Apr 09 2007)
- Re: Mybb Hot Editor Plugin Local File Inclusion Kevin Finisterre (lists) (Apr 09 2007)
  - Re: Re: Mybb Hot Editor Plugin Local File Inclusion liz0_at_expw0rm.com (Apr 09 2007)
Hot Editor v4.0 Local File Inclusion liz0_at_expw0rm.com (Apr 09 2007)
xodagallery Remote Code Execution Vulnerability the_3dit0r_at_yahoo.com (Apr 08 2007)
rPSA-2007-0070-1 openoffice.org rPath Update Announcements (Apr 09 2007)
iDefense Security Advisory 04.09.07: AOL AIM and ICQ File Transfer Path-Traversal Vulnerability iDefense Labs (Apr 09 2007)
[USN-450-1] ipsec-tools vulnerability Kees Cook (Apr 09 2007)
phpGalleryScript 1.0 - File Inclusion Vulnerabilities z12xxa_at_gmail.com (Apr 09 2007)
DEF CON One Five CfP in effect! The Dark Tangent (Apr 09 2007)
EEYE: Windows VDM Zero Page Race Condition Privilege Escalation eEye Advisories (Apr 10 2007)
EEYE: Windows Vista CSRSS Dangling Process Pointer Privilege Escalation eEye Advisories (Apr 10 2007)
PhpOpenChat <= 3.0.1 (poc.php) Multiple Remote File Include Vulnerabilities seko_at_se-ko.info (Apr 10 2007)
Secunia Research: Microsoft Agent URL Parsing Memory Corruption Vulnerability Secunia Research (Apr 10 2007)
iDefense Security Advisory 04.10.07: Microsoft Windows Universal Plug and Play Memory Corruption Vulnerability iDefense Labs (Apr 10 2007)
[ MDKSA-2007:077-1 ] - Updated krb5 packages fix vulnerabilities security_at_mandriva.com (Apr 10 2007)
Re: vbulletin admincp sql injection rjmjr69_at_aol.com (Apr 09 2007)
[ MDKSA-2007:081-1 ] - Updated freetype2 packages fix vulnerability security_at_mandriva.com (Apr 10 2007)
[USN-451-1] Linux kernel vulnerabilities Kees Cook (Apr 10 2007)
webMethods Glue Management Console Directory Traversal Patrick Webster (Apr 11 2007)
[ MDKSA-2007:080-1 ] - Updated tightvnc packages fix integer overflow vulnerabilities security_at_mandriva.com (Apr 10 2007)
nEw Bug :D asdasd asdsadas (Apr 11 2007)
pL-PHP beta 0.9 - Multiple Vulnerabilities omnipresent_at_email.it (Apr 11 2007)
New bug :) asdasd asdsadas (Apr 11 2007)
[MajorSecurity Advisory #43]Calacode ATMail 5.0 - Cross Site Scripting and Cookie Manipulation Issue admin_at_majorsecurity.de (Apr 11 2007)
CodeBreak (codebreak.php process_method) - Remote File Inclusion Vulnerability john_at_martinelli.com (Apr 11 2007)
Cosign SSO Authentication Bypass Jon Oberheide (Apr 11 2007)
Re: Latinchat Denial Of Service d4rksoft_at_hotmail.com (Apr 08 2007)
PunBB <= 1.2.14 Multiple Vulnerabilities (Advisory) gmdarkfig_at_gmail.com (Apr 11 2007)
PunBB <= 1.2.14 Remote Code Execution (Exploit) gmdarkfig_at_gmail.com (Apr 11 2007)
Steganos Encrypted Safe NOT so safe frankrizzo604_at_gmail.com (Apr 11 2007)
- Re: Steganos Encrypted Safe NOT so safe Andreas Beck (Apr 13 2007)
- Re: Steganos Encrypted Safe NOT so safe support_at_steganos.com (Apr 26 2007)
[ MDKSA-2007:079-1 ] - Updated xorg-x11/XFree86 packages fix integer overflow vulnerabilities security_at_mandriva.com (Apr 11 2007)
[ MDKSA-2007:083 ] - Updated apache-mod_perl packages fix DoS vulnerability security_at_mandriva.com (Apr 11 2007)
[ MDKSA-2007:075-1 ] - Updated qt4 packages to address utf8 decoder bug security_at_mandriva.com (Apr 10 2007)
iDefense Security Advisory 04.11.07: Apache HTTPD suEXEC Multiple Vulnerabilities iDefense Labs (Apr 11 2007)
[ MDKSA-2007:082 ] - Updated madwifi-source, wpa_supplicant packages fix vulnerabilities security_at_mandriva.com (Apr 11 2007)
E107 - (v0.7.8) Access Escalation Vulnerbility - PoC jd2k2000_at_hotmail.com (Apr 11 2007)
HPSBUX02205 SSRT061120 rev.1 - HP-UX Running ARPA Transport, Local Denial of Service (DoS) security-alert_at_hp.com (Apr 12 2007)
CVE-2007-1871: Cross site scripting in chcounter 3.1.3 Hanno BÃ¶ck (Apr 11 2007)
INFIGO-2007-04-05: Enterprise Security Analyzer server remote buffer overflows infocus_at_infigo.hr (Apr 12 2007)
CVE-2007-1872: Cross site scripting in toendaCMS 1.5.3 Hanno BÃ¶ck (Apr 11 2007)
Critical phpwiki c99shell exploit rurban_at_x-ray.at (Apr 12 2007)
- Re: Critical phpwiki c99shell exploit Gadi Evron (Apr 12 2007)
  - RE: Critical phpwiki c99shell exploit Ryan Neufeld (Apr 12 2007)
  - Re: Critical phpwiki c99shell exploit Taneli Leppä (Apr 16 2007)
- Re: Critical phpwiki c99shell exploit Jamie Riden (Apr 12 2007)
[security bulletin] HPSBST02206 SSRT071354 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS07-014 security-alert_at_hp.com (Apr 12 2007)
[security bulletin] HPSBUX01137 SSRT5954 rev.9 - HP-UX Running TCP/IP (IPv4), Remote Denial of Service (DoS) security-alert_at_hp.com (Apr 12 2007)
[ GLSA 200704-08 ] DokuWiki: Cross-site scripting vulnerability Matthias Geerdsen (Apr 12 2007)
[security bulletin] HPSBGN02199 SSRT071312 rev.1 - Mercury Quality Center ActiveX, Remote Unauthorized Arbitrary Code Execution security-alert_at_hp.com (Apr 12 2007)
Cisco Security Advisory: Multiple Vulnerabilities in the Cisco Wireless LAN Controller and Cisco Lightweight Access Points Cisco Systems Product Security Incident Response Team (Apr 12 2007)
Cisco Security Advisory: Multiple Vulnerabilities in the Cisco Wireless Control System Cisco Systems Product Security Incident Response Team (Apr 12 2007)
Cross site scripting in mephisto 0.7.3 Hanno BÃ¶ck (Apr 11 2007)
- Re: Cross site scripting in mephisto 0.7.3 encytemedia_at_gmail.com (Apr 12 2007)
[security bulletin] HPSBUX02203 SSRT071339 rev.1 - HP-UX Running Portable File System (PFS), Remote Increase in Privilege security-alert_at_hp.com (Apr 12 2007)
TuMusika Evolution 1.6 Cross Site Scripting Vulnerabilitiy the_3dit0r_at_yahoo.com (Apr 11 2007)
phpwebnews v.1 Multiple Cross Site Scripting Vulnerabilites the_3dit0r_at_yahoo.com (Apr 11 2007)
Chatness <= 2.5.3 - Arbitrary Code Execution jd2k2000_at_hotmail.com (Apr 12 2007)
FAC GuestBook v2.0 remote database disclosure vulnerability the_3dit0r_at_yahoo.com (Apr 11 2007)
Aircrack-ng (airodump-ng) remote buffer overflow vulnerability jonny_at_nop-art.net (Apr 12 2007)
iDefense Security Advisory 04.12.07: Hewlett Packard HP-UX Remote pfs_mountd.rpc Buffer Overflow Vulnerability iDefense Labs (Apr 12 2007)
[USN-452-1] KDE library vulnerability Kees Cook (Apr 11 2007)
[Argeniss] Hacking Databases for owning your data (paper) Cesar (Apr 12 2007)
[OPENADS-SA-2007-003] Openads 2.0.11 vulnerability fixed Matteo Beccati (Apr 13 2007)
[OPENADS-SA-2007-004] Max Media Manager v0.1.29-rc and v0.3.31-alpha-pr2 vulnerability fixed Matteo Beccati (Apr 13 2007)
[MajorSecurity Advisory #44]MailBee WebMail Pro - Cross Site Scripting Issue admin_at_majorsecurity.de (Apr 13 2007)
[waraxe-2007-SA#048] - Multiple vulnerabilities in Virtual War 1.5 module for PhpNuke come2waraxe_at_yahoo.com (Apr 13 2007)
TSRT-07-04: LANDesk Management Suite Alert Service Stack Overflow Vulnerability TSRT_at_3com.com (Apr 13 2007)
Vbulletin 3.6.5 Sql Injection ! [misc.php] seko_at_se-ko.info (Apr 13 2007)
- Re: Vbulletin 3.6.5 Sql Injection ! [misc.php] scott-REMOVE_at_vbulletin.com (Apr 14 2007)
bloofoxCMS 0.2.2 Cross Site Scripting the_3dit0r_at_yahoo.com (Apr 13 2007)
VCDGear <= 3.56 Build 050213 (FILE) Local Code Execution Exploit meftun_at_meftunnet.com (Apr 14 2007)
- Re: VCDGear <= 3.56 Build 050213 (FILE) Local Code Execution Exploit str0ke (Apr 14 2007)
Back-End CMS Database Tables v0.4.7 Cross Site Scripting the_3dit0r_at_yahoo.com (Apr 13 2007)
MobilePublisherphp v1.1.2 Remote File Include Vulnerabilities the_3dit0r_at_yahoo.com (Apr 13 2007)
Maian Search v1.1 k4rtal_at_gmail.com (Apr 14 2007)
- Re: Maian Search v1.1 support_at_maianscriptworld.co.uk (Apr 14 2007)
FloweRS v2.0 Cross Site Scripting the_3dit0r_at_yahoo.com (Apr 13 2007)
Maian Gallery v1.0 k4rtal_at_gmail.com (Apr 14 2007)
- Re: Maian Gallery v1.0 support_at_maianscriptworld.co.uk (Apr 14 2007)
B2evolution 1.6 RFi k4rtal_at_gmail.com (Apr 14 2007)
MySpeach v1.9 k4rtal_at_gmail.com (Apr 14 2007)
Back-End CMS Database Tables v0.4.7 Remote File Include Vulnerabilities the_3dit0r_at_yahoo.com (Apr 13 2007)
Flip-search-add-on 2.0 k4rtal_at_gmail.com (Apr 14 2007)
Maian Weblog v3.1 k4rtal_at_gmail.com (Apr 14 2007)
bloofoxCMS 0.2.2 Remote File Include Vulnerabilitiy the_3dit0r_at_yahoo.com (Apr 13 2007)
- Re: bloofoxCMS 0.2.2 Remote File Include Vulnerabilitiy info_at_bloofox.com (Apr 17 2007)
phpMyChat-0.14.5 k4rtal_at_gmail.com (Apr 14 2007)
- Re: phpMyChat-0.14.5 stuart_smith_at_gmail.remove.com (Apr 15 2007)
Pixaria Gallery 1.0 (class.Smarty.php) Remote File Include Vulnerability irvian_yoe_at_yahoo.com (Apr 14 2007)
Re: sitex multiple vulnerabilities Lostmon_at_gmail.com (Apr 14 2007)
Sitebar 3.3.5 (index.php writerFile)Remote File Include Vulnerabilities ?? ???? ?????? (Apr 14 2007)
[ GLSA 200704-09 ] xine-lib: Heap-based buffer overflow Raphael Marichez (Apr 14 2007)
Re: [exploits] RPC vuln in DNS Server (fwd) Gadi Evron (Apr 14 2007)
LS simple guestbook - arbitrary code execution jd2k2000_at_hotmail.com (Apr 14 2007)
Joomla/Mambo Jambook v1.0 beta7 Rfi Vuln. crazy_king_at_eno7.org (Apr 15 2007)
[MajorSecurity Advisory #45]oe2edit CMS - Cross Site Scripting and Cookie Manipulation Issue admin_at_majorsecurity.de (Apr 15 2007)
ZoneAlarm Multiple insufficient argument validation of hooked SSDT function Vulnerability Matousec - Transparent security Research (Apr 15 2007)
ActionPoll Script (actionpoll.php) Remote File Include // starhack.org seko_at_se-ko.info (Apr 15 2007)
MyBlog <= 0.9.8 Remote Command Execution Exploit BlackHawk (Apr 15 2007)
Microsoft DNS Server Remote Code execution: Analysis and exploit mballano_at_gmail.com (Apr 15 2007)
Windows DNS Cache Poisoning by Forwarder DNS Spoofing Makoto Shiotsuki (Apr 15 2007)
- RE: Windows DNS Cache Poisoning by Forwarder DNS Spoofing Roger A. Grimes (Apr 17 2007)
  - Re: Windows DNS Cache Poisoning by Forwarder DNS Spoofing Tim (Apr 17 2007)
    - Re: Windows DNS Cache Poisoning by Forwarder DNS Spoofing Makoto Shiotsuki (Apr 17 2007)
      - Re: Windows DNS Cache Poisoning by Forwarder DNS Spoofing Tim (Apr 18 2007)
    - RE: Windows DNS Cache Poisoning by Forwarder DNS Spoofing Roger A. Grimes (Apr 17 2007)
      - Re: Windows DNS Cache Poisoning by Forwarder DNS Spoofing Tim (Apr 17 2007)
  - Re: Windows DNS Cache Poisoning by Forwarder DNS Spoofing Makoto Shiotsuki (Apr 17 2007)
    - RE: Windows DNS Cache Poisoning by Forwarder DNS Spoofing Roger A. Grimes (Apr 17 2007)
      - Re[2]: Windows DNS Cache Poisoning by Forwarder DNS Spoofing 3APA3A (Apr 17 2007)
      - RE: Re[2]: Windows DNS Cache Poisoning by Forwarder DNS Spoofing Roger A. Grimes (Apr 17 2007)
      - RE: Re[2]: Windows DNS Cache Poisoning by Forwarder DNS Spoofing Oliver Friedrichs (Apr 18 2007)
      - Re: Windows DNS Cache Poisoning by Forwarder DNS Spoofing Bojan Zdrnja (Apr 18 2007)
      - Re: Windows DNS Cache Poisoning by Forwarder DNS Spoofing Matthew Dixon Cowles (Apr 18 2007)
[ GLSA 200704-10 ] Inkscape: Two format string vulnerabilities Matthias Geerdsen (Apr 16 2007)
Persistent CSRF and The Hotlink Hell pdp (architect) (Apr 16 2007)
- Re: [WEB SECURITY] Persistent CSRF and The Hotlink Hell Ryan Barnett (Apr 16 2007)
  - Re: [Full-disclosure] [WEB SECURITY] Persistent CSRF and The Hotlink Hell Blue Boar (Apr 16 2007)
iDefense Security Advisory 04.16.07: ClamAV CAB File Unstore Buffer Overflow Vulnerability iDefense Labs (Apr 16 2007)
Ivan Gallery Script V.0.1 (index.php) Remote File Include Exploit seko_at_se-ko.info (Apr 16 2007)
[ GLSA 200704-11 ] Vixie Cron: Denial of Service Matthias Geerdsen (Apr 16 2007)
rPSA-2007-0071-1 kernel rPath Update Announcements (Apr 16 2007)
Akamai Technologies Security Advisory 2007-0001 Akamai Security Team (Apr 16 2007)
[ MDKSA-2007:086 ] - Updated cups packages fix DoS vulnerability security_at_mandriva.com (Apr 16 2007)
[ MDKSA-2007:084 ] - Updated ipsec-tools packages fix DoS vulnerability security_at_mandriva.com (Apr 16 2007)
[ MDKSA-2007:085 ] - Updated freeradius packages fix DoS vulnerability security_at_mandriva.com (Apr 16 2007)
[ GLSA 200704-12 ] OpenOffice.org: Multiple vulnerabilities Raphael Marichez (Apr 16 2007)
iDefense Security Advisory 04.16.07: Akamai Download Manager ActiveX Stack Buffer Overflow Vulnerability iDefense Labs (Apr 16 2007)
Netsprint Toolbar 1.1 arbitrary remote code vulnerability Michal Bucko (Apr 17 2007)
- Re: Netsprint Toolbar 1.1 arbitrary remote code vulnerability Michal Zalewski (Apr 17 2007)
PHP Nuke <= 8.0.0.3.3b SQL Injections and Bypass SQL Injection Protection vulnerabilities programmer_at_serbiansite.com (Apr 17 2007)
- Re: PHP Nuke <= 8.0.0.3.3b SQL Injections and Bypass SQL Injection Protection vulnerabilities Paul Laudanski (Apr 18 2007)
Remot File Include In Script phphd_downloads RaeD_at_BsdMail.Com (Apr 17 2007)
Remot File Include download_engine_V1.4.3 RaeD_at_BsdMail.Com (Apr 17 2007)
Wabbit PHP Gallery v0.9 Cross Site Scripting the_3dit0r_at_yahoo.com (Apr 16 2007)
my little weblog Cross Site Scripting the_3dit0r_at_yahoo.com (Apr 16 2007)
my little forum 1.7 Remote File Include Vulnerabilitiy the_3dit0r_at_yahoo.com (Apr 16 2007)
webMethods Security Advisory: Glue console directory traversal vu lnerability Jeremy Epstein (Apr 17 2007)
Internet Explorer Crash J. Oquendo (Apr 17 2007)
- Re: Internet Explorer Crash The Anarcat (Apr 17 2007)
  - Re: Internet Explorer Crash Mike Ely (Apr 17 2007)
  - Re: Internet Explorer Crash simone colombo (Apr 19 2007)
- Re: Internet Explorer Crash Thor (Hammer of God) (Apr 17 2007)
  - Re: Internet Explorer Crash Tom Gregory (Apr 18 2007)
    - Re: Internet Explorer Crash Rob Bartlett (Apr 18 2007)
      - Re: Internet Explorer Crash Kevin Finisterre (lists) (Apr 18 2007)
      - Re: Internet Explorer Crash Dave Walker (Apr 19 2007)
      - Re: Internet Explorer Crash C. Bergström (Apr 19 2007)
- Re: Internet Explorer Crash elflord91_at_hotmail.com (Apr 18 2007)
- Re: Internet Explorer Crash Thor (Hammer of God) (Apr 18 2007)
[security bulletin] HPSBTU02207 SSRT061213, SSRT061239, SSRT071304 rev.1 - HP Tru64 UNIX SSL and BIND Remote Arbitrary Code Execution or Denial of Service (DoS) security-alert_at_hp.com (Apr 17 2007)
Multiple Ask IE Toolbar denial of service vulnerabilities Michal Bucko (Apr 17 2007)
Gizzar <= (basePath) Remote File Include Vulnerability BorN To K!LL BorN To K!LL (Apr 16 2007)
BlueArc Firmware 4.2.944b FTP bounce Tim Rupp (Apr 17 2007)
SYMSA-2007-003 Macrovision InstallAnywhere Password and Serial Number Bypass research_at_symantec.com (Apr 16 2007)
ShoutPro 1.5.2 - arbitrary code execution jd2k2000_at_hotmail.com (Apr 17 2007)
WASC-Articles: 'The Importance of Application Classification in Secure Application Development' contact_at_webappsec.org (Apr 15 2007)
Re: [Full-disclosure] A Botted Fortune 500 a Day Steven Adair (Apr 13 2007)
- Re: [Full-disclosure] A Botted Fortune 500 a Day Jamie Riden (Apr 13 2007)
  - Re: [Full-disclosure] A Botted Fortune 500 a Day Steven Adair (Apr 13 2007)
    - Re: [Full-disclosure] A Botted Fortune 500 a Day Jamie Riden (Apr 13 2007)
      - Re: [Full-disclosure] A Botted Fortune 500 a Day Simon Smith (Apr 13 2007)
- Re: [Full-disclosure] A Botted Fortune 500 a Day Nick FitzGerald (Apr 17 2007)
n.runs-SA-2007.007 - Sun Solaris 10 - Format string vulnerability security_at_nruns.com (Apr 17 2007)
Mambo/Joomla Component New Article Component RFI meftun_at_meftunnet.com (Apr 15 2007)
Cross Domain XMLHttpRequest Michal Majchrowicz (Apr 15 2007)
- Re: [Full-disclosure] Cross Domain XMLHttpRequest ascii (Apr 15 2007)
[ GLSA 200704-14 ] FreeRADIUS: Denial of Service Raphael Marichez (Apr 17 2007)
NukeSentinel Bypass SQL Injection & Nuke Evolution <= 2.0.3 SQL Injections programmer_at_serbiansite.com (Apr 17 2007)
Advisory: Bypass Oracle Logon Trigger ak_at_red-database-security.com (Apr 18 2007)
iDefense Security Advisory 04.17.07: McAfee VirusScan On-Access Scanner Long Unicode File Name Buffer Overflow iDefense Labs (Apr 17 2007)
Advisory: SQL Injection in package SYS.DBMS_UPGRADE_INTERNAL ak_at_red-database-security.com (Apr 18 2007)
Advisory: XSS Vulnerability in Oracle Secure Enterprise Search [SES01] ak_at_red-database-security.com (Apr 18 2007)
Reminder: HITBSecConf2007 - Malaysia: Call for Papers closing in 2 weeks Praburaajan (Apr 18 2007)
Advisory: Shutdown unprotected Oracle TNS Listener via Oracle Discoverer Servlet [AS01] ak_at_red-database-security.com (Apr 18 2007)
iDefense Security Advisory 04.17.07: McAfee E-Business Admin Server Invalid Data Length DoS Vulnerability iDefense Labs (Apr 17 2007)
[ GLSA 200704-13 ] File: Denial of Service Raphael Marichez (Apr 17 2007)
Analysis of the Oracle April 2007 Critical Patch Update David Litchfield (Apr 18 2007)
rPSA-2007-0072-1 lighttpd rPath Update Announcements (Apr 18 2007)
rPSA-2007-0073-1 php php-mysql php-pgsql rPath Update Announcements (Apr 18 2007)
[ GLSA 200704-15 ] MadWifi: Multiple vulnerabilities Raphael Marichez (Apr 17 2007)
rPSA-2007-0074-1 dovecot rPath Update Announcements (Apr 18 2007)
MediaBeez Sql query Execution .. Wear isn't ?? :) security_at_soqor.net (Apr 18 2007)
Oracle Database Buffer overflow vulnerabilities in package DBMS_SNAP_INTERNAL Team SHATTER (Apr 18 2007)
FullyModdedphpBB2 Remote File Inclusion security_at_soqor.net (Apr 18 2007)
Extreme PHPBB2 Remote File Inclusion security_at_soqor.net (Apr 18 2007)
EclipseBB Remote File Inclusion security_at_soqor.net (Apr 18 2007)
Re: Linksys WAG200G - Information disclosure no-mail_at_yahoo.fr (Apr 18 2007)
[security bulletin] HPSBST02206 SSRT071354 rev.2 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS07-017 security-alert_at_hp.com (Apr 18 2007)
Re: [funsec] Re: [Full-disclosure] A Botted Fortune 500 a Day Fergie (Apr 17 2007)
NuclearBB Alpha 1 - Multiple Blind SQL/XPath Injection Vulnerabilities john_at_martinelli.com (Apr 18 2007)
ZDI-07-015: Novell Groupwise WebAccess Base64 Decoding Stack Overflow Vulnerability zdi-disclosures_at_3com.com (Apr 18 2007)
ZDI-07-016: Oracle E-Business Suite Arbitrary Node Deletion Vulnerability zdi-disclosures_at_3com.com (Apr 18 2007)
ZDI-07-017: Oracle E-Business Suite Arbitrary Document Download Vulnerability zdi-disclosures_at_3com.com (Apr 18 2007)
ZDI-07-018: IBM Tivoli Monitoring Express Universal Agent Heap Overflow Vunlerability zdi-disclosures_at_3com.com (Apr 18 2007)
ZDI-07-019: BMC Patrol PerformAgent bgs_sdservice Memory Corruption Vulnerability zdi-disclosures_at_3com.com (Apr 18 2007)
ZDI-07-020: BMC Performance Manager SNMP Command Execution Vulnerability zdi-disclosures_at_3com.com (Apr 18 2007)
- Re: ZDI-07-020: BMC Performance Manager SNMP Command Execution Vulnerability rashbi_at_hushmail.com (Apr 19 2007)
Advisory: SQL Injection in package SYS.DBMS_AQADM_SYS ak_at_red-database-security.com (Apr 18 2007)
[USN-453-1] X.org vulnerability Kees Cook (Apr 18 2007)
[ MDKSA-2007:087 ] - Updated php packages fix multiple vulnerabilities security_at_mandriva.com (Apr 18 2007)
[ MDKSA-2007:088 ] - Updated php packages fix multiple vulnerabilities security_at_mandriva.com (Apr 18 2007)
[ MDKSA-2007:089 ] - Updated php packages fix multiple vulnerabilities security_at_mandriva.com (Apr 18 2007)
CfP Hack.lu 2007 info (Apr 19 2007)
IPB (Invision Power Board) Full Path Disclusure security_at_soqor.net (Apr 19 2007)
[waraxe-2007-SA#049] - Multiple vulnerabilities in Phorum 5.1.20 come2waraxe_at_yahoo.com (Apr 19 2007)
Winamp <= (WMV) 5.3 Buffer Overflow DOS Exploit (0-DAY) UniquE_at_UniquE-Key.ORG (Apr 19 2007)
RaidenFTPd IXceedCompression multiple denial of service vulnerabilities Michal Bucko (Apr 19 2007)
Yet another SQL injection framework Guillermo Marro (Apr 19 2007)
- Re: Yet another SQL injection framework (file corruption) Guillermo Marro (Apr 20 2007)
- Re: Yet another SQL injection framework Nick Boyce (Apr 20 2007)
  - RE: Yet another SQL injection framework Greg Merideth (Apr 23 2007)
[security bulletin] HPSBMA02133 SSRT061201 rev.4 - HP Oracle for OpenView (OfO) Critical Patch Update security-alert_at_hp.com (Apr 19 2007)
[ MDKSA-2007:090 ] - Updated php packages fix multiple vulnerabilities security_at_mandriva.com (Apr 18 2007)
[ MDKSA-2007:091 ] - Updated sqlite packages fix vulnerability security_at_mandriva.com (Apr 18 2007)
[security bulletin] HPSBST02208 SSRT071365 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS07-018 to MS07-022 security-alert_at_hp.com (Apr 19 2007)
NeatUpload vulnerability and fix dean_at_brettle.com (Apr 19 2007)
ZDI-07-021: GraceNote CDDBControl ActiveX Buffer Overflow Vulnerability zdi-disclosures_at_3com.com (Apr 19 2007)
Eba News Version : v1.1 <= (webpages.php) Remote File Include // starhack.org seko_at_se-ko.info (Apr 20 2007)
TSLSA-2007-0013 - multi Trustix Security Advisor (Apr 20 2007)
iDefense Security Advisory 04.20.07: Check Point Zone Labs SRESCAN IOCTL Local Privilege Escalation Vulnerability iDefense Labs (Apr 20 2007)
FLEA-2007-0011-1: lighttpd Foresight Linux Essential Announcement Service (Apr 20 2007)
UseBB Version 1.0.4 Path Disclosure Vulnerability securityresearch_at_netvigilance.com (Apr 20 2007)
Top Auction 1.0 (viewcat.php) Remote Blind SQL Injection // starhack.org seko_at_se-ko.info (Apr 21 2007)
- Re: Top Auction 1.0 (viewcat.php) Remote Blind SQL Injection // starhack.org str0ke (Apr 21 2007)
turbolence core 0.0.1 alpha Remote File Inclusion omnipresent_at_email.it (Apr 21 2007)
WS_FTP Home 2007 NetscapeFTPHandler denial of service Michal Bucko (Apr 21 2007)
- Re: WS_FTP Home 2007 NetscapeFTPHandler denial of service sapheal_at_hack.pl (Apr 21 2007)
Allfaclassfieds (level2.php dir) remote file inclusion asdasd asdsadas (Apr 22 2007)
[ GLSA 200704-17 ] 3proxy: Buffer overflow Raphael Marichez (Apr 22 2007)
[Reversemode advisory] CheckPoint Zonelabs - ZoneAlarm SRESCAN driver local privilege escalation Reversemode (Apr 23 2007)
claroline <= Multiple Remote File Include Vulnerablitiy Mohandko_at_Gmail.com (Apr 22 2007)
- Re: claroline <= Multiple Remote File Include Vulnerablitiy BlackHawk (Apr 23 2007)
lms 1.5.3 Remote File Inclusion InyeXion_at_gmail.com (Apr 22 2007)
EsForum <= 3.0 SQL Injection Vulnerability ilkerkandemir_at_mynet.com (Apr 22 2007)
PHPMyBibli <= Multiple Remote File Include Mohandko_at_Gmail.com (Apr 22 2007)
[ GLSA 200704-16 ] Aircrack-ng: Remote execution of arbitrary code Raphael Marichez (Apr 22 2007)
File117 Remote File Inclusion InyeXion_at_gmail.com (Apr 22 2007)
Ripe Website Manager (<= 0.8.4) - SQL Injection Vulnerability and Cross-Site Scripting Exploit john_at_martinelli.com (Apr 22 2007)
[SECURITY] [DSA 1279-1] New webcalendar packages fix cross-site scripting Moritz Muehlenhoff (Apr 22 2007)
c-arbre <= Multiple Remote File Include Vulnerablitiy Mohandko_at_Gmail.com (Apr 22 2007)
[ GLSA 200704-18 ] Courier-IMAP: Remote execution of arbitrary code Raphael Marichez (Apr 22 2007)
Remote file inclusion in Joomla 1.5.0 Beta Omid (Apr 23 2007)
FLEA-2007-0013-1: xine-lib Foresight Linux Essential Announcement Service (Apr 23 2007)
bibtex mase Remote File Inclusion InyeXion_at_gmail.com (Apr 22 2007)
FLEA-2007-0012-1: madwifi Foresight Linux Essential Announcement Service (Apr 22 2007)
WASC-Articles: 'The business case for security frameworks' announcements_at_webappsec.org (Apr 22 2007)
Big Blue Guestbook HTML Injection Vulnerabilities seko_at_se-ko.info (Apr 23 2007)
3proxy 0.5.3i bugfix release Vladimir Dubrovin (Apr 23 2007)
TJSChat Version 0.95 Cross Site Scripting the_3dit0r_at_yahoo.com (Apr 22 2007)
[ MDKSA-2007:092 ] - Updated freeradius packages fix vulnerability security_at_mandriva.com (Apr 23 2007)
[ GLSA 200704-19 ] Blender: User-assisted remote execution of arbitrary code Raphael Marichez (Apr 23 2007)
[security bulletin] HPSBUX02183 SSRT061243 rev.1 - HP-UX sendmail, Remote Denial of Service (DoS) security-alert_at_hp.com (Apr 23 2007)
[ MDKSA-2007:093 ] - Updated zziplib packages fix vulnerability security_at_mandriva.com (Apr 23 2007)
[ GLSA 200704-20 ] NAS: Multiple vulnerabilities Raphael Marichez (Apr 23 2007)
acvsws_php5_v1.0 <= Multiple Remote File Include Vulnerablitiy Mohandko_at_Gmail.com (Apr 22 2007)
DmCMS Shell Uploading security_at_soqor.net (Apr 23 2007)
phpMySpace Gold (v8.10) - Blind SQL/XPath Injection Exploit john_at_martinelli.com (Apr 22 2007)
Post Revolution Remote File Inclusion InyeXion_at_gmail.com (Apr 22 2007)
rPSA-2007-0081-1 postgresql postgresql-server rPath Update Announcements (Apr 23 2007)
[ GLSA 200704-21 ] ClamAV: Multiple vulnerabilities Matthias Geerdsen (Apr 24 2007)
YA Book 0.98 Persistent XSS omnipresent_at_email.it (Apr 24 2007)
gallery >> 1.5.6 Remote File Inclusion s433d_only_linux_at_yahoo.de (Apr 24 2007)
- Re: gallery >> 1.5.6 Remote File Inclusion the.tiger100_at_gmail.com (Apr 24 2007)
- Re: gallery >> 1.5.6 Remote File Inclusion Chris Kelly (Apr 24 2007)
ImageProcessing ... Local (Denial of Service Exploit) Dr.Ninux_at_bsdmail.org (Apr 24 2007)
- Re: ImageProcessing ... Local (Denial of Service Exploit) Tim Newsham (Apr 24 2007)
Security Advisory: CA CleverPath SQL Injection Irene Abezgauz (Apr 24 2007)
[security bulletin] HPSBST02200 SSRT071330 rev.1 - HP StorageWorks Command View Advanced Edition for XP, Local Unauthorized Access security-alert_at_hp.com (Apr 24 2007)
Progress Webspeed exploit for all releases suresync_at_gmail.com (Apr 24 2007)
[MajorSecurity Advisory #46]Plogger - Session fixation Issue admin_at_majorsecurity.de (Apr 24 2007)
[SECURITY] [DSA 1280-1] New aircrack-ng packages fix arbitrary code execution Moritz Muehlenhoff (Apr 24 2007)
3Com's TippingPoint Denial of Service mike20061005_at_webmail.co.za (Apr 24 2007)
- Re: 3Com's TippingPoint Denial of Service Simple Nomad (Apr 24 2007)
- Re: 3Com's TippingPoint Denial of Service Steven M. Christey (Apr 25 2007)
- Re: 3Com's TippingPoint Denial of Service Secure_at_3com.com (Apr 25 2007)
dcp-portal v611 >> RFi s433d_only_linux_at_yahoo.de (Apr 24 2007)
ZDI-07-022: CA BrightStor ArcServe Media Server Multiple Buffer Overflow Vulnerabilities zdi-disclosures_at_3com.com (Apr 24 2007)
Cisco Security Advisory: Default Passwords in NetFlow Collection Engine Cisco Systems Product Security Incident Response Team (Apr 25 2007)
MyNewsGroups >> RFI in include.php alijsb_at_yahoo.com (Apr 24 2007)
HYIP Manager Pro Script >> Remote file Include alijsb_at_yahoo.com (Apr 25 2007)
WordPress v2.1.3 >> remote file include~ s433d_only_linux_at_yahoo.de (Apr 25 2007)
- Re: WordPress v2.1.3 >> remote file include~ otto_at_ottodestruct.com (Apr 26 2007)
HTMLeditbox & 2.2 >> RFI alijsb_at_yahoo.com (Apr 25 2007)
netbingo v 2000 >> RFI alijsb_at_yahoo.com (Apr 25 2007)
DynaTracker &v151>> RFI alijsb_at_yahoo.com (Apr 25 2007)
phpMYTGP v v1.4b >> RFI alijsb_at_yahoo.com (Apr 25 2007)
[SECURITY] [DSA 1281-1] New clamav packages fix several vulnerabilities Moritz Muehlenhoff (Apr 25 2007)
sunshop v4 >> RFI info_at_hackerz.ir (Apr 25 2007)
Shop-Script v 2.0 >> RFI alijsb_at_yahoo.com (Apr 25 2007)
adrevenue script (CyKuH.com)>> RFI alijsb_at_yahoo.com (Apr 25 2007)
B2 Weblog and News Publishing Tool v0.6.1 >> RFI alijsb_at_yahoo.com (Apr 25 2007)
Searchactivity >> RFI alijsb_at_yahoo.com (Apr 25 2007)
Built2Go_PHP_Link_Portal_v1.79 >> RFI alijsb_at_yahoo.com (Apr 25 2007)
comus 2.0 Final >> RFI alijsb_at_yahoo.com (Apr 25 2007)
blogsystem 1.4 >> local & remote = -rfi & lfi & -xss info_at_hackerz.ir (Apr 25 2007)
ASA-2007-010: Two stack buffer overflows in SIP channel's T.38 SDP parsing code Kevin P. Fleming (Apr 25 2007)
nucleus 3.22 >> RFI alijsb_at_yahoo.com (Apr 25 2007)
ASA-2007-011: Multiple problems in SIP channel parser handling response codes Kevin P. Fleming (Apr 25 2007)
download engine V1.4.1 >> RFI (local) alijsb_at_yahoo.com (Apr 25 2007)
CFP: 3rd European Conference on Computer Network Defense (EC2ND) Stefano Zanero (Apr 25 2007)
Remote File Inclusion s433d_only_linux_at_yahoo.de (Apr 25 2007)
VirtuaNews.Pro.v1.0.3.Retail.+All.Plugins Remote file Include s433d_only_linux_at_yahoo.de (Apr 25 2007)
IE 7 and Firefox Browsers Digest Authentication Request Splitting Stefano Di Paola (Apr 25 2007)
ASA-2007-012: Remote Crash Vulnerability in Manager Interface Kevin P. Fleming (Apr 25 2007)
:doruk100net >> RFI alijsb_at_yahoo.com (Apr 25 2007)
[CAID 35277]: CA CleverPath Portal SQL Injection Vulnerability Williams, James K (Apr 25 2007)
[USN-453-2] rdesktop regression Martin Pitt (Apr 26 2007)
[ MDKSA-2007:094 ] - Updated postgresql packages fix vulnerability security_at_mandriva.com (Apr 25 2007)
[CAID 35198, 35276]: CA BrightStor ARCserve Backup Media Server Vulnerabilities Williams, James K (Apr 25 2007)
modbuild >> 4.1 Remote File Inclusion s433d_only_linux_at_yahoo.de (Apr 25 2007)
SineCMS nexus_at_playhack.net (Apr 26 2007)
Re: Chicken of the VNC 2.0 remote DoS support_at_geekspiff.com (Apr 26 2007)
Burak Yılmaz Blog (tr) v1.0 SQL injection vulnerability dj_remix_20_at_hotmail.com (Apr 26 2007)
[SECURITY] [DSA 1282-1] New php4 packages fix several vulnerabilities Moritz Muehlenhoff (Apr 26 2007)
iDefense Security Advisory 04.26.07: Novell eDirectory NCP Fragment Denial of Service Vulnerability iDefense Labs (Apr 26 2007)
TSLSA-2007-0015 - postgresql Trustix Security Advisor (Apr 27 2007)
FreeBSD Security Advisory FreeBSD-SA-07:03.ipv6 FreeBSD Security Advisories (Apr 26 2007)
[USN-455-1] PHP vulnerabilities Martin Pitt (Apr 27 2007)
[USN-454-1] PostgreSQL vulnerability Martin Pitt (Apr 27 2007)
iDefense Security Advisory 04.26.07: Symantec Norton Ghost 10 Service Manager Buffer Overflow Vulnerability iDefense Labs (Apr 27 2007)
iDefense Security Advisory 04.26.07: Symantec Norton Ghost 10 Recovery Points Insecure Password Storage Vulnerability iDefense Labs (Apr 27 2007)
Security Concerns in Web 2.0 dharmeshmm_at_gmail.com (Apr 27 2007)
AFFLIB(TM): Time-of-Check-Time-of-Use File Race VSR Advisories (Apr 27 2007)
AFFLIB(TM): Multiple Buffer Overflows VSR Advisories (Apr 27 2007)
AFFLIB(TM): Multiple Format String Injections VSR Advisories (Apr 27 2007)
AFFLIB(TM): Multiple Shell Metacharacter Injections VSR Advisories (Apr 27 2007)
[ GLSA 200704-23 ] capi4k-utils: Buffer overflow Raphael Marichez (Apr 27 2007)
[ GLSA 200704-22 ] BEAST: Denial of Service Raphael Marichez (Apr 27 2007)
Sphider Version 1.2.x (include_dir) file include 1one1_at_lifeisbeginer.org (Apr 28 2007)
- Re: Sphider Version 1.2.x (include_dir) file include ijoo.keren_at_gmail.com (Apr 30 2007)
Seir Anphin (file.php a[filepath]) Remote File Disclosure Vulnerability ilkerkandemir_at_mynet.com (Apr 28 2007)
Flaw in about.r OS and Progress version disclosure suresync_at_gmail.com (Apr 29 2007)
please retract CVE-2007-2056 "Time-of-Check-Time-of-Use File Race in AFFLIB" Simson Garfinkel (Apr 28 2007)
- Re: please retract CVE-2007-2056 "Time-of-Check-Time-of-Use File Race in AFFLIB" Tim (Apr 29 2007)
[SECURITY] [DSA 1283-1] New php5 packages fix several vulnerabilities Moritz Muehlenhoff (Apr 29 2007)
GHH Portal 1.1 (passwd.txt) Remote Password Disclosure Vulnerability crazy_king_at_eno7.org (Apr 30 2007)
- Re: GHH Portal 1.1 (passwd.txt) Remote Password Disclosure Vulnerability Jamie Riden (Apr 30 2007)
[security bulletin] HPSBMA02197 SSRT061285 rev.1 - HP-UX Running HP Power Manager Remote Agent (RA), Local Execution of Arbitrary Code with Root Privileges security-alert_at_hp.com (Apr 30 2007)
3proxy[v0.5.3g]: (linux/win32 service) remote buffer overflow exploits. v9 (Apr 29 2007)
iDefense Security Advisory 04.27.07: VMware Workstation Shared Folders Directory Traversal Vulnerability iDefense Labs (Apr 30 2007)
FLEA-2007-0014-1: vim Foresight Linux Essential Announcement Service (Apr 30 2007)
FLEA-2007-0015-1: gimp Foresight Linux Essential Announcement Service (Apr 30 2007)
E-Annu (home.php) Remote SQL Injection Vulnerability ilkerkandemir_at_mynet.com (Apr 30 2007)