Bugtraq: by thread

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq: by thread

492 messages starting Apr 02 07 and ending Apr 30 07
Date index | Thread index | Author index

Re: Xoops All Version -Articles- Print.PHP (ID) Blind SQL Injection Exploit And PoC vaughan . montgomery (Apr 02)
2BGal 3.1.1 <= (admin/index.php) Remote File Include Vulnerability BorN To K!LL BorN To K!LL (Apr 02)
MS announces out-of-band patch for ANI 0day Gadi Evron (Apr 02)
[ GLSA 200703-27 ] Squid: Denial of Service Raphael Marichez (Apr 02)
[SECURITY] [DSA 1274-1] New file packages fix arbitrary code execution Noah Meyerhans (Apr 02)
[security bulletin] HPSBMA02198 SSRT061177 rev.1 - HP OpenView Network Node Manager (OV NNM) Remote Unauthorized Access security-alert (Apr 02)
[ GLSA 200703-28 ] CUPS: Denial of Service Raphael Marichez (Apr 02)
Re: Drake CMS v0.3.2 < = RFi Vulnerabilities legolas558 (Apr 02)
DirectAdmin persistant XSS [takeover an Administrator`s account] Kanedaaa Bohater (Apr 02)
Norton Multiple insufficient argument validation of hooked SSDT function Vulnerability Matousec - Transparent security Research (Apr 02)
Re: Denial of Service Vulnerabilities in TrueCrypt 4.3 Linux (re. bid 23180) Pavel Kankovsky (Apr 02)
- <Possible follow-ups>
- Re: Denial of Service Vulnerabilities in TrueCrypt 4.3 Linux (re. bid 23180) Marco Ivaldi (Apr 04)
0day Oracle 10g exploit - dbms_aq.enqueue - become DBA Andrea \"bunker\" Purificato (Apr 02)
- Re: [Full-disclosure] [RECTIFY] Oracle 10g exploit - dbms_aq.enqueue - become DBA Andrea \"bunker\" Purificato (Apr 03)
- Re: 0day Oracle 10g exploit - dbms_aq.enqueue - become DBA Gadi Evron (Apr 03)
  - Re: 0day Oracle 10g exploit - dbms_aq.enqueue - become DBA Andrea Purificato - bunker (Apr 03)
Windows XP/Vista (.ANI) Remote Exploit (bypass eeye patch) jamikazu (Apr 02)
Maplab <= 2.2.1 (gszAppPath) Remote File Inclusion Vulnerability mufti . rizal (Apr 02)
- Re: Maplab <= 2.2.1 (gszAppPath) Remote File Inclusion Vulnerability jasus (Apr 02)
  - Re: Maplab <= 2.2.1 (gszAppPath) Remote File Inclusion Vulnerability str0ke (Apr 02)
iDefense Security Advisory 03.31.07: Multiple Vendor ImageMagick DCM and XWD Buffer Overflow Vulnerabilities iDefense Labs (Apr 02)
More information on ZERT patch for ANI 0day Gadi Evron (Apr 02)
- Re: More information on ZERT patch for ANI 0day Stefan Kelm (Apr 03)
  - Re: [Full-disclosure] More information on ZERT patch for ANI 0day Matthew Murphy (Apr 03)
  - Re: More information on ZERT patch for ANI 0day Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] (Apr 03)
    - Re: More information on ZERT patch for ANI 0day Jason Frisvold (Apr 04)
    - Re: More information on ZERT patch for ANI 0day Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] (Apr 04)
    - Re: More information on ZERT patch for ANI 0day Jason Frisvold (Apr 04)
WOVB #01: Bypassing Vista Firewall, Flying over obstructive line TWOVB Team (Apr 02)
Re: AIX 4.3 lsmcode local root command execution Shiva Persaud (Apr 02)
APOP vulnerability Gaëtan LEURENT (Apr 02)
- Re: APOP vulnerability 3APA3A (Apr 03)
  - Re: APOP vulnerability Gaëtan LEURENT (Apr 03)
    - Re[2]: APOP vulnerability 3APA3A (Apr 03)
iDefense Security Advisory 04.02.07: Hewlett-Packard Mercury Quality Center ActiveX Control ProgColor Buffer Overflow Vulnerability iDefense Labs (Apr 02)
[CFP] VNSECON 07 - Call for Papers / HCMC - August 03-04, 2007 rd (Apr 02)
[ GLSA 200704-01 ] Asterisk: Two SIP Denial of Service vulnerabilities Sune Kloppenborg Jeppesen (Apr 02)
iDefense Security Advisory 03.31.07: IBM Tivoli Provisioning Manager for OS Deployment Multiple Vulnerabilities iDefense Labs (Apr 02)
[SECURITY] [DSA 1275-1] New zope2.7 packages fix cross-site scripting flaw Noah Meyerhans (Apr 03)
TWOVB][ The Week Of Vista Bugs: the truth is out there TWOVB Team (Apr 03)
Re: Exploiting Microsoft dynamic Dns updates Denis Jedig (Apr 03)
[MajorSecurity Advisory #37]HolaCMS - Cross Site Scripting Issue SecurityAudit (Apr 03)
MyBulletinBoard (MyBB) <= 1.2.3 Remote Code Execution Exploit gmdarkfig (Apr 03)
Remote File Include In Script stat12 RaeD (Apr 03)
MITKRB5-SA-2007-002: KDC, kadmind stack overflow in krb5_klog_syslog [CVE-2007-0957] Tom Yu (Apr 03)
MITKRB5-SA-2007-003: double-free vulnerability in kadmind (via GSS-API library) [CVE-2007-1216] Tom Yu (Apr 03)
FLEA-2007-0006-2: ImageMagick Foresight Linux Essential Announcement Service (Apr 03)
iDefense Security Advisory 04.03.07: Microsoft Windows WMF Triggerable Kernel Design Error DoS Vulnerability iDefense Labs (Apr 03)
MITKRB5-SA-2007-001: telnetd allows login as arbitrary user [CVE-2007-0956] Tom Yu (Apr 03)
Re: On-going Internet Emergency and Domain Names Bob Fiero (Apr 03)
- Re: On-going Internet Emergency and Domain Names Alexander Klimov (Apr 11)
iDefense Security Advisory 04.03.07: Multiple Vendor Kerberos kadmind Buffer Overflow Vulnerability iDefense Labs (Apr 03)
FLEA-2007-0007-1: nas Foresight Linux Essential Announcement Service (Apr 03)
ZDI-07-012: Yahoo! Messenger AudioConf ActiveX Control Buffer Overflow zdi-disclosures (Apr 03)
FLEA-2007-0006-1: ImageMagick Foresight Linux Essential Announcement Service (Apr 03)
[SECURITY] [DSA 1276-1] New krb5 packages fix several vulnerabilities Moritz Muehlenhoff (Apr 03)
[ GLSA 200704-02 ] MIT Kerberos 5: Arbitrary remote code execution Sune Kloppenborg Jeppesen (Apr 03)
Nine Vista CVEs, including Microsoft inaccurate Teredo use case documentation Jim Hoagland (Apr 03)
- Re: Nine Vista CVEs, including Microsoft inaccurate Teredo use case documentation Jim Hoagland (Apr 06)
- Re: Nine Vista CVEs, including Microsoft inaccurate Teredo use case documentation GomoR (Apr 07)
[ GLSA 200704-05 ] zziplib: Buffer Overflow Raphael Marichez (Apr 04)
[ MDKSA-2007:075 ] - Updated qt4 packages to address utf8 decoder bug security (Apr 04)
iDefense Security Advisory 04.03.07: Multiple Vendor X Server fonts.dir File Parsing Integer Overflow Vulnerability iDefense Labs (Apr 04)
[ GLSA 200704-03 ] OpenAFS: Privilege escalation Raphael Marichez (Apr 04)
Three New Papers on Oracle Forensics David Litchfield (Apr 04)
rPSA-2007-0063-1 krb5 krb5-server krb5-services krb5-test krb5-workstation rPath Update Announcements (Apr 04)
CYBSEC Pre-Advisory: SAP TRUSTED_SYSTEM_SECURITY RFC Function Information Disclosure CYBSEC Advisories (Apr 04)
iDefense Security Advisory 04.03.07: Multiple Vendor X Server XC-MISC Extension Memory Corruption Vulnerability iDefense Labs (Apr 04)
CYBSEC Security Pre-Advisory: SAP RFC_START_PROGRAM RFC Function Multiple Vulnerabilities CYBSEC Advisories (Apr 04)
CYBSEC Security Pre-Advisory: SAP RFC_START_GUI RFC Function Buffer Overflow CYBSEC Advisories (Apr 04)
lite-cms-0.2.1 Remote File Include Vulnerabilities the_3dit0r (Apr 04)
CYBSEC Security Pre-Advisory: SAP SYSTEM_CREATE_INSTANCE RFC Function Buffer Overflow CYBSEC Advisories (Apr 04)
[USN-449-1] krb5 vulnerabilities Kees Cook (Apr 04)
CYBSEC Security Pre-Advisory: SAP RFC_SET_REG_SERVER_PROPERTY RFC Function Denial Of Service CYBSEC Advisories (Apr 04)
CYBSEC Release: SAP Security - Paper & Tool release Mariano Nuñez Di Croce (Apr 04)
rPSA-2007-0064-1 ImageMagick rPath Update Announcements (Apr 04)
[MajorSecurity Advisory #38]eXV2 CMS - Session fixation and Cross-Site-Scripting Issues Securityaudit (Apr 04)
[ MDKSA-2007:074 ] - Updated qt3 packages to address utf8 decoder bug security (Apr 04)
Remot File Include In phpexplorator_2_0 RaeD (Apr 04)
[USN-448-1] X.org vulnerabilities Kees Cook (Apr 04)
iXon_CMS 0.30 Remote File Include Vulnerabilities the_3dit0r (Apr 04)
rPSA-2007-0067-1 nas rPath Update Announcements (Apr 04)
K-CMS v1.0 Remote File Include Vulnerabilities the_3dit0r (Apr 04)
rPSA-2007-0066-1 kdelibs qt-x11-free rPath Update Announcements (Apr 04)
Monkey CMS v0.0.3 Remote File Include Vulnerabilitiy the_3dit0r (Apr 04)
phpechocms v.2 Cross-Site Scripting Vulnerabilitiy the_3dit0r (Apr 04)
iDefense Security Advisory 04.03.07: Multiple Vendor X Server BDF Font Parsing Integer Overflow Vulnerability iDefense Labs (Apr 04)
phpechocms2 Remote File Include Vulnerabilities the_3dit0r (Apr 04)
rPSA-2007-0065-1 freetype xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs rPath Update Announcements (Apr 04)
MyBlog: PHP and MySQL Blog/CMS software Cross-Site Scripting Vulnerabilitiy the_3dit0r (Apr 04)
MyBlog: PHP and MySQL Blog/CMS software Remote File Include Vulnerabilitiy the_3dit0r (Apr 04)
[ MDKSA-2007:076 ] - Updated kdelibs packages to address UTF8 issue in KJS security (Apr 04)
Mozilla Firefox Insecure Element Stealth Injection Vulnerability Michal Majchrowicz (Apr 04)
rPSA-2007-0062-1 firefox rPath Update Announcements (Apr 04)
High Risk Vulnerability in OpenOffice NGSSoftware Insight Security Research (Apr 04)
Several Windows image viewers vulnerabilities Ivan Fratric (Apr 04)
[SECURITY] [DSA 1277-1] New XMMS packages fix arbitrary code execution Noah Meyerhans (Apr 04)
Gazi Okul Sitesi 2007(tr)(fotokategori.asp) Remote SQL Injection r00t-balance (Apr 04)
[ MDKSA-2007:077 ] - Updated krb5 packages fix vulnerabilities security (Apr 04)
Firefox extensions go Evil - Critical Vulnerabilities in Firefox/Firebug pdp (architect) (Apr 04)
- Re: [WEB SECURITY] Firefox extensions go Evil - Critical Vulnerabilities in Firefox/Firebug Daniel Veditz (Apr 05)
- Re: Firefox extensions go Evil - Critical Vulnerabilities in Firefox/Firebug Thor Larholm (Apr 06)
VMSA-2007-0003 VMware ESX 3.0.1 and 3.0.0 server security updates VMware Security team (Apr 04)
[ MDKSA-2007:078 ] - Updated kernel packages fix multiple vulnerabilities and bugs security (Apr 04)
[ MDKSA-2007:079 ] - Updated xorg-x11/XFree86 packages fix integer overflow vulnerabilities security (Apr 05)
LedgerSMB 1.2.0 finally released, fixes CVE-2006-5589 Chris Travers (Apr 05)
[ MDKSA-2007:080 ] - Updated tightvnc packages fix integer overflow vulnerabilities security (Apr 05)
[ MDKSA-2007:081 ] - Updated freetype2 packages fix vulnerability security (Apr 05)
iDefense Security Advisory 04.04.07: Kaspersky AntiVirus SysInfo ActiveX Control Information Disclosure Vulnerability iDefense Labs (Apr 05)
iDefense Security Advisory 04.04.07: Kaspersky Internet Security Suite klif.sys Heap Overflow Vulnerability iDefense Labs (Apr 05)
Microsoft .NET request filtering bypass vulnerability (BID 20753) research (Apr 05)
iDefense Security Advisory 04.04.07: ESRI ArcSDE Buffer Overflow Vulnerability iDefense Labs (Apr 05)
FLEA-2007-0008-1: krb5 Foresight Linux Essential Announcement Service (Apr 05)
FLEA-2007-0009-1: xorg-x11 freetype Foresight Linux Essential Announcement Service (Apr 05)
Wserve HTTP Server 4.6 Version (Long Directory Name) Buffer Overflow - Denial Of Service UniquE (Apr 05)
FLEA-2007-0010-1: evolution Foresight Linux Essential Announcement Service (Apr 05)
[security bulletin] HPSBUX02204 SSRT071341 rev.1 - HP-UX Running CIFS Server (Samba), Remote Denial of Service (DoS) security-alert (Apr 05)
ACLS ineffective in SQL-Ledger and LedgerSMB Chris Travers (Apr 06)
ZDI-07-014: Kaspersky Anti-Virus ActiveX Control Unsafe Method Exposure Vulnerablity zdi-disclosures (Apr 06)
phpContact Multiple Remote File Inclusion Vulnerabilities rko . thelegendkiller (Apr 06)
[MajorSecurity Advisory #39]onelook onebyone CMS - Session fixation Issue Securityaudit (Apr 06)
ZDI-07-013: Kaspersky AntiVirus Engine ARJ Archive Parsing Heap Overflow Vulnerability zdi-disclosures (Apr 06)
[MajorSecurity Advisory #40]onelook oboShop - Session fixation Issue Securityaudit (Apr 06)
[MajorSecurity Advisory #41]onelook courts online - Session fixation Issue Securityaudit (Apr 06)
livor 2.5 Cross-Site Scripting Vulnerability rko . thelegendkiller (Apr 06)
AOL Nullsoft Winamp LIBSNDFILE.DLL Remote Memory Corruption (Off By Zero) Piotr Bania (Apr 06)
AOL Nullsoft Winamp S3M Module "IN_MOD.DLL" Remote Heap Memory Corruption Piotr Bania (Apr 06)
AOL Nullsoft Winamp IT Module "IN_MOD.DLL" Remote Heap Memory Corruption Piotr Bania (Apr 06)
[SECURITY] [DSA 1278-1] New man-db packages fix arbitrary code execution Noah Meyerhans (Apr 06)
LayerOne 2007 - Speaker Line up Announced Layer One (Apr 06)
[ GLSA 200704-06 ] Evince: Stack overflow in included gv code Raphael Marichez (Apr 07)
[ GLSA 200704-07 ] libwpd: Multiple vulnerabilities Raphael Marichez (Apr 07)
PHP <= 5.2.1 wbmp file handling integer overflow Ivan Fratric (Apr 07)
[MajorSecurity Advisory #42]webblizzard CMS - Cross Site Scripting and Session fixation Issues Securityaudit (Apr 07)
CmailServer WebMail <= V.5.3.4 (signup) Remote XSS Exploit ajannhwt (Apr 07)
witshare 0.9 Remote File Include Vulnerabilitiy the_3dit0r (Apr 07)
UBB.threads (<= 6.1.1) SQL Injection Vulnerability john (Apr 09)
Scorp Book <== v1.0 (smilies.php) Remote File Include Exploit k4rtal (Apr 09)
Take Control In Script Jeebles Directory RaeD (Apr 09)
Gsylvain35 Portail Web Remote File Include Vulnerabilities the_3dit0r (Apr 09)
phpMyAdmin 2.6.1 Local Cross Site Scripting the_3dit0r (Apr 09)
Remot File Include In Script Lore v1 RaeD (Apr 09)
DeskPRO v2.0.1 - Cross-Site Scripting Vulnerability john (Apr 09)
Request It : Song Request System 1.0b - remote file inclusion mail (Apr 09)
QuizShock 1.6.1 - Cross-Site Scripting Vulnerability john (Apr 09)
Mybb Hot Editor Plugin Local File Inclusion liz0 (Apr 09)
- Re: Mybb Hot Editor Plugin Local File Inclusion Kevin Finisterre (lists) (Apr 09)
- <Possible follow-ups>
- Re: Re: Mybb Hot Editor Plugin Local File Inclusion liz0 (Apr 09)
Hot Editor v4.0 Local File Inclusion liz0 (Apr 09)
xodagallery Remote Code Execution Vulnerability the_3dit0r (Apr 09)
rPSA-2007-0070-1 openoffice.org rPath Update Announcements (Apr 09)
iDefense Security Advisory 04.09.07: AOL AIM and ICQ File Transfer Path-Traversal Vulnerability iDefense Labs (Apr 09)
[USN-450-1] ipsec-tools vulnerability Kees Cook (Apr 10)
phpGalleryScript 1.0 - File Inclusion Vulnerabilities z12xxa (Apr 10)
DEF CON One Five CfP in effect! The Dark Tangent (Apr 10)
EEYE: Windows VDM Zero Page Race Condition Privilege Escalation eEye Advisories (Apr 10)
EEYE: Windows Vista CSRSS Dangling Process Pointer Privilege Escalation eEye Advisories (Apr 10)
PhpOpenChat <= 3.0.1 (poc.php) Multiple Remote File Include Vulnerabilities seko (Apr 10)
Secunia Research: Microsoft Agent URL Parsing Memory Corruption Vulnerability Secunia Research (Apr 10)
iDefense Security Advisory 04.10.07: Microsoft Windows Universal Plug and Play Memory Corruption Vulnerability iDefense Labs (Apr 10)
[ MDKSA-2007:077-1 ] - Updated krb5 packages fix vulnerabilities security (Apr 10)
Re: vbulletin admincp sql injection rjmjr69 (Apr 10)
[ MDKSA-2007:081-1 ] - Updated freetype2 packages fix vulnerability security (Apr 10)
[USN-451-1] Linux kernel vulnerabilities Kees Cook (Apr 11)
webMethods Glue Management Console Directory Traversal Patrick Webster (Apr 11)
[ MDKSA-2007:080-1 ] - Updated tightvnc packages fix integer overflow vulnerabilities security (Apr 11)
nEw Bug :D asdasd asdsadas (Apr 11)
pL-PHP beta 0.9 - Multiple Vulnerabilities omnipresent (Apr 11)
New bug :) asdasd asdsadas (Apr 11)
[MajorSecurity Advisory #43]Calacode ATMail 5.0 - Cross Site Scripting and Cookie Manipulation Issue admin (Apr 11)
CodeBreak (codebreak.php process_method) - Remote File Inclusion Vulnerability john (Apr 11)
Cosign SSO Authentication Bypass Jon Oberheide (Apr 11)
Re: Latinchat Denial Of Service d4rksoft (Apr 11)
PunBB <= 1.2.14 Multiple Vulnerabilities (Advisory) gmdarkfig (Apr 11)
PunBB <= 1.2.14 Remote Code Execution (Exploit) gmdarkfig (Apr 11)
Steganos Encrypted Safe NOT so safe frankrizzo604 (Apr 11)
- Re: Steganos Encrypted Safe NOT so safe Andreas Beck (Apr 14)
- <Possible follow-ups>
- Re: Steganos Encrypted Safe NOT so safe support (Apr 26)
[ MDKSA-2007:079-1 ] - Updated xorg-x11/XFree86 packages fix integer overflow vulnerabilities security (Apr 11)
[ MDKSA-2007:083 ] - Updated apache-mod_perl packages fix DoS vulnerability security (Apr 11)
[ MDKSA-2007:075-1 ] - Updated qt4 packages to address utf8 decoder bug security (Apr 11)
iDefense Security Advisory 04.11.07: Apache HTTPD suEXEC Multiple Vulnerabilities iDefense Labs (Apr 11)
[ MDKSA-2007:082 ] - Updated madwifi-source, wpa_supplicant packages fix vulnerabilities security (Apr 11)
E107 - (v0.7.8) Access Escalation Vulnerbility - PoC jd2k2000 (Apr 12)
HPSBUX02205 SSRT061120 rev.1 - HP-UX Running ARPA Transport, Local Denial of Service (DoS) security-alert (Apr 12)
CVE-2007-1871: Cross site scripting in chcounter 3.1.3 Hanno Böck (Apr 12)
INFIGO-2007-04-05: Enterprise Security Analyzer server remote buffer overflows infocus (Apr 12)
CVE-2007-1872: Cross site scripting in toendaCMS 1.5.3 Hanno Böck (Apr 12)
Critical phpwiki c99shell exploit rurban (Apr 12)
- Re: Critical phpwiki c99shell exploit Gadi Evron (Apr 12)
  - RE: Critical phpwiki c99shell exploit Ryan Neufeld (Apr 12)
  - Re: Critical phpwiki c99shell exploit Taneli Leppä (Apr 16)
- Re: Critical phpwiki c99shell exploit Jamie Riden (Apr 12)
[security bulletin] HPSBST02206 SSRT071354 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS07-014 security-alert (Apr 12)
[security bulletin] HPSBUX01137 SSRT5954 rev.9 - HP-UX Running TCP/IP (IPv4), Remote Denial of Service (DoS) security-alert (Apr 12)
[ GLSA 200704-08 ] DokuWiki: Cross-site scripting vulnerability Matthias Geerdsen (Apr 12)
[security bulletin] HPSBGN02199 SSRT071312 rev.1 - Mercury Quality Center ActiveX, Remote Unauthorized Arbitrary Code Execution security-alert (Apr 12)
Cisco Security Advisory: Multiple Vulnerabilities in the Cisco Wireless LAN Controller and Cisco Lightweight Access Points Cisco Systems Product Security Incident Response Team (Apr 12)
Cisco Security Advisory: Multiple Vulnerabilities in the Cisco Wireless Control System Cisco Systems Product Security Incident Response Team (Apr 12)
Cross site scripting in mephisto 0.7.3 Hanno Böck (Apr 12)
- <Possible follow-ups>
- Re: Cross site scripting in mephisto 0.7.3 encytemedia (Apr 12)
[security bulletin] HPSBUX02203 SSRT071339 rev.1 - HP-UX Running Portable File System (PFS), Remote Increase in Privilege security-alert (Apr 12)
TuMusika Evolution 1.6 Cross Site Scripting Vulnerabilitiy the_3dit0r (Apr 12)
phpwebnews v.1 Multiple Cross Site Scripting Vulnerabilites the_3dit0r (Apr 12)
Chatness <= 2.5.3 - Arbitrary Code Execution jd2k2000 (Apr 12)
FAC GuestBook v2.0 remote database disclosure vulnerability the_3dit0r (Apr 12)
Aircrack-ng (airodump-ng) remote buffer overflow vulnerability jonny (Apr 12)
iDefense Security Advisory 04.12.07: Hewlett Packard HP-UX Remote pfs_mountd.rpc Buffer Overflow Vulnerability iDefense Labs (Apr 12)
[USN-452-1] KDE library vulnerability Kees Cook (Apr 12)
[Argeniss] Hacking Databases for owning your data (paper) Cesar (Apr 13)
[OPENADS-SA-2007-003] Openads 2.0.11 vulnerability fixed Matteo Beccati (Apr 13)
[OPENADS-SA-2007-004] Max Media Manager v0.1.29-rc and v0.3.31-alpha-pr2 vulnerability fixed Matteo Beccati (Apr 13)
[MajorSecurity Advisory #44]MailBee WebMail Pro - Cross Site Scripting Issue admin (Apr 13)
[waraxe-2007-SA#048] - Multiple vulnerabilities in Virtual War 1.5 module for PhpNuke come2waraxe (Apr 13)
TSRT-07-04: LANDesk Management Suite Alert Service Stack Overflow Vulnerability TSRT (Apr 13)
Vbulletin 3.6.5 Sql Injection ! [misc.php] seko (Apr 13)
- <Possible follow-ups>
- Re: Vbulletin 3.6.5 Sql Injection ! [misc.php] scott-REMOVE (Apr 14)
bloofoxCMS 0.2.2 Cross Site Scripting the_3dit0r (Apr 14)
VCDGear <= 3.56 Build 050213 (FILE) Local Code Execution Exploit meftun (Apr 14)
- Re: VCDGear <= 3.56 Build 050213 (FILE) Local Code Execution Exploit str0ke (Apr 16)
Back-End CMS Database Tables v0.4.7 Cross Site Scripting the_3dit0r (Apr 14)
MobilePublisherphp v1.1.2 Remote File Include Vulnerabilities the_3dit0r (Apr 14)
Maian Search v1.1 k4rtal (Apr 14)
- <Possible follow-ups>
- Re: Maian Search v1.1 support (Apr 16)
FloweRS v2.0 Cross Site Scripting the_3dit0r (Apr 14)
Maian Gallery v1.0 k4rtal (Apr 14)
- <Possible follow-ups>
- Re: Maian Gallery v1.0 support (Apr 16)
B2evolution 1.6 RFi k4rtal (Apr 14)
MySpeach v1.9 k4rtal (Apr 14)
Back-End CMS Database Tables v0.4.7 Remote File Include Vulnerabilities the_3dit0r (Apr 14)
Flip-search-add-on 2.0 k4rtal (Apr 14)
Maian Weblog v3.1 k4rtal (Apr 14)
bloofoxCMS 0.2.2 Remote File Include Vulnerabilitiy the_3dit0r (Apr 14)
- <Possible follow-ups>
- Re: bloofoxCMS 0.2.2 Remote File Include Vulnerabilitiy info (Apr 17)
phpMyChat-0.14.5 k4rtal (Apr 14)
- <Possible follow-ups>
- Re: phpMyChat-0.14.5 stuart_smith (Apr 16)
Pixaria Gallery 1.0 (class.Smarty.php) Remote File Include Vulnerability irvian_yoe (Apr 16)
Re: sitex multiple vulnerabilities Lostmon (Apr 16)
Sitebar 3.3.5 (index.php writerFile)Remote File Include Vulnerabilities ?? ???? ?????? (Apr 16)
[ GLSA 200704-09 ] xine-lib: Heap-based buffer overflow Raphael Marichez (Apr 16)
Re: [exploits] RPC vuln in DNS Server (fwd) Gadi Evron (Apr 16)
LS simple guestbook - arbitrary code execution jd2k2000 (Apr 16)
Joomla/Mambo Jambook v1.0 beta7 Rfi Vuln. crazy_king (Apr 16)
[MajorSecurity Advisory #45]oe2edit CMS - Cross Site Scripting and Cookie Manipulation Issue admin (Apr 16)
ZoneAlarm Multiple insufficient argument validation of hooked SSDT function Vulnerability Matousec - Transparent security Research (Apr 16)
ActionPoll Script (actionpoll.php) Remote File Include // starhack.org seko (Apr 16)
MyBlog <= 0.9.8 Remote Command Execution Exploit BlackHawk (Apr 16)
Microsoft DNS Server Remote Code execution: Analysis and exploit mballano (Apr 16)
Windows DNS Cache Poisoning by Forwarder DNS Spoofing Makoto Shiotsuki (Apr 16)
- RE: Windows DNS Cache Poisoning by Forwarder DNS Spoofing Roger A. Grimes (Apr 17)
  - Re: Windows DNS Cache Poisoning by Forwarder DNS Spoofing Tim (Apr 17)
    - Re: Windows DNS Cache Poisoning by Forwarder DNS Spoofing Makoto Shiotsuki (Apr 18)
    - Re: Windows DNS Cache Poisoning by Forwarder DNS Spoofing Tim (Apr 18)
    - RE: Windows DNS Cache Poisoning by Forwarder DNS Spoofing Roger A. Grimes (Apr 18)
    - Re: Windows DNS Cache Poisoning by Forwarder DNS Spoofing Tim (Apr 18)
  - Re: Windows DNS Cache Poisoning by Forwarder DNS Spoofing Makoto Shiotsuki (Apr 17)
    - RE: Windows DNS Cache Poisoning by Forwarder DNS Spoofing Roger A. Grimes (Apr 17)
    - Re[2]: Windows DNS Cache Poisoning by Forwarder DNS Spoofing 3APA3A (Apr 17)
    - RE: Re[2]: Windows DNS Cache Poisoning by Forwarder DNS Spoofing Roger A. Grimes (Apr 18)
    - RE: Re[2]: Windows DNS Cache Poisoning by Forwarder DNS Spoofing Oliver Friedrichs (Apr 19)
    - Re: Windows DNS Cache Poisoning by Forwarder DNS Spoofing Bojan Zdrnja (Apr 18)
    - Re: Windows DNS Cache Poisoning by Forwarder DNS Spoofing Matthew Dixon Cowles (Apr 18)
[ GLSA 200704-10 ] Inkscape: Two format string vulnerabilities Matthias Geerdsen (Apr 16)
Persistent CSRF and The Hotlink Hell pdp (architect) (Apr 16)
- Re: [WEB SECURITY] Persistent CSRF and The Hotlink Hell Ryan Barnett (Apr 17)
  - Re: [Full-disclosure] [WEB SECURITY] Persistent CSRF and The Hotlink Hell Blue Boar (Apr 17)
iDefense Security Advisory 04.16.07: ClamAV CAB File Unstore Buffer Overflow Vulnerability iDefense Labs (Apr 16)
Ivan Gallery Script V.0.1 (index.php) Remote File Include Exploit seko (Apr 16)
[ GLSA 200704-11 ] Vixie Cron: Denial of Service Matthias Geerdsen (Apr 16)
rPSA-2007-0071-1 kernel rPath Update Announcements (Apr 16)
Akamai Technologies Security Advisory 2007-0001 Akamai Security Team (Apr 16)
[ MDKSA-2007:086 ] - Updated cups packages fix DoS vulnerability security (Apr 16)
[ MDKSA-2007:084 ] - Updated ipsec-tools packages fix DoS vulnerability security (Apr 16)
[ MDKSA-2007:085 ] - Updated freeradius packages fix DoS vulnerability security (Apr 16)
[ GLSA 200704-12 ] OpenOffice.org: Multiple vulnerabilities Raphael Marichez (Apr 16)
iDefense Security Advisory 04.16.07: Akamai Download Manager ActiveX Stack Buffer Overflow Vulnerability iDefense Labs (Apr 17)
Netsprint Toolbar 1.1 arbitrary remote code vulnerability Michal Bucko (Apr 17)
- Re: Netsprint Toolbar 1.1 arbitrary remote code vulnerability Michal Zalewski (Apr 17)
PHP Nuke <= 8.0.0.3.3b SQL Injections and Bypass SQL Injection Protection vulnerabilities programmer (Apr 17)
- Re: PHP Nuke <= 8.0.0.3.3b SQL Injections and Bypass SQL Injection Protection vulnerabilities Paul Laudanski (Apr 18)
Remot File Include In Script phphd_downloads RaeD (Apr 17)
Remot File Include download_engine_V1.4.3 RaeD (Apr 17)
Wabbit PHP Gallery v0.9 Cross Site Scripting the_3dit0r (Apr 17)
my little weblog Cross Site Scripting the_3dit0r (Apr 17)
my little forum 1.7 Remote File Include Vulnerabilitiy the_3dit0r (Apr 17)
webMethods Security Advisory: Glue console directory traversal vu lnerability Jeremy Epstein (Apr 17)
Internet Explorer Crash J. Oquendo (Apr 17)
- Re: Internet Explorer Crash The Anarcat (Apr 17)
  - Re: Internet Explorer Crash Mike Ely (Apr 18)
  - Re: Internet Explorer Crash simone colombo (Apr 19)
- <Possible follow-ups>
- Re: Internet Explorer Crash Thor (Hammer of God) (Apr 17)
  - Re: Internet Explorer Crash Tom Gregory (Apr 18)
    - Re: Internet Explorer Crash Rob Bartlett (Apr 18)
    - Re: Internet Explorer Crash Kevin Finisterre (lists) (Apr 19)
    - Re: Internet Explorer Crash Dave Walker (Apr 19)
    - Re: Internet Explorer Crash C. Bergström (Apr 19)
  - Message not available
    - Re: Internet Explorer Crash Thor (Hammer of God) (Apr 18)
- Re: Internet Explorer Crash elflord91 (Apr 18)
[security bulletin] HPSBTU02207 SSRT061213, SSRT061239, SSRT071304 rev.1 - HP Tru64 UNIX SSL and BIND Remote Arbitrary Code Execution or Denial of Service (DoS) security-alert (Apr 17)
Multiple Ask IE Toolbar denial of service vulnerabilities Michal Bucko (Apr 17)
Gizzar <= (basePath) Remote File Include Vulnerability BorN To K!LL BorN To K!LL (Apr 17)
BlueArc Firmware 4.2.944b FTP bounce Tim Rupp (Apr 17)
SYMSA-2007-003 Macrovision InstallAnywhere Password and Serial Number Bypass research (Apr 17)
ShoutPro 1.5.2 - arbitrary code execution jd2k2000 (Apr 17)
WASC-Articles: 'The Importance of Application Classification in Secure Application Development' contact (Apr 17)
Re: [Full-disclosure] A Botted Fortune 500 a Day Steven Adair (Apr 17)
- Re: [Full-disclosure] A Botted Fortune 500 a Day Jamie Riden (Apr 17)
  - Re: [Full-disclosure] A Botted Fortune 500 a Day Steven Adair (Apr 17)
    - Re: [Full-disclosure] A Botted Fortune 500 a Day Jamie Riden (Apr 17)
    - Re: [Full-disclosure] A Botted Fortune 500 a Day Simon Smith (Apr 17)
- Re: [Full-disclosure] A Botted Fortune 500 a Day Nick FitzGerald (Apr 18)
n.runs-SA-2007.007 - Sun Solaris 10 - Format string vulnerability security (Apr 17)
Mambo/Joomla Component New Article Component RFI meftun (Apr 17)
Cross Domain XMLHttpRequest Michal Majchrowicz (Apr 17)
- Re: [Full-disclosure] Cross Domain XMLHttpRequest ascii (Apr 17)
[ GLSA 200704-14 ] FreeRADIUS: Denial of Service Raphael Marichez (Apr 18)
NukeSentinel Bypass SQL Injection & Nuke Evolution <= 2.0.3 SQL Injections programmer (Apr 18)
Advisory: Bypass Oracle Logon Trigger ak (Apr 18)
iDefense Security Advisory 04.17.07: McAfee VirusScan On-Access Scanner Long Unicode File Name Buffer Overflow iDefense Labs (Apr 18)
Advisory: SQL Injection in package SYS.DBMS_UPGRADE_INTERNAL ak (Apr 18)
Advisory: XSS Vulnerability in Oracle Secure Enterprise Search [SES01] ak (Apr 18)
Reminder: HITBSecConf2007 - Malaysia: Call for Papers closing in 2 weeks Praburaajan (Apr 18)
Advisory: Shutdown unprotected Oracle TNS Listener via Oracle Discoverer Servlet [AS01] ak (Apr 18)
iDefense Security Advisory 04.17.07: McAfee E-Business Admin Server Invalid Data Length DoS Vulnerability iDefense Labs (Apr 18)
[ GLSA 200704-13 ] File: Denial of Service Raphael Marichez (Apr 18)
Analysis of the Oracle April 2007 Critical Patch Update David Litchfield (Apr 18)
rPSA-2007-0072-1 lighttpd rPath Update Announcements (Apr 18)
rPSA-2007-0073-1 php php-mysql php-pgsql rPath Update Announcements (Apr 18)
[ GLSA 200704-15 ] MadWifi: Multiple vulnerabilities Raphael Marichez (Apr 18)
rPSA-2007-0074-1 dovecot rPath Update Announcements (Apr 18)
MediaBeez Sql query Execution .. Wear isn't ?? :) security (Apr 18)
Oracle Database Buffer overflow vulnerabilities in package DBMS_SNAP_INTERNAL Team SHATTER (Apr 18)
FullyModdedphpBB2 Remote File Inclusion security (Apr 18)
Extreme PHPBB2 Remote File Inclusion security (Apr 18)
EclipseBB Remote File Inclusion security (Apr 18)
Re: Linksys WAG200G - Information disclosure no-mail (Apr 18)
[security bulletin] HPSBST02206 SSRT071354 rev.2 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS07-017 security-alert (Apr 18)
Re: [funsec] Re: [Full-disclosure] A Botted Fortune 500 a Day Fergie (Apr 18)
NuclearBB Alpha 1 - Multiple Blind SQL/XPath Injection Vulnerabilities john (Apr 18)
ZDI-07-015: Novell Groupwise WebAccess Base64 Decoding Stack Overflow Vulnerability zdi-disclosures (Apr 18)
ZDI-07-016: Oracle E-Business Suite Arbitrary Node Deletion Vulnerability zdi-disclosures (Apr 18)
ZDI-07-017: Oracle E-Business Suite Arbitrary Document Download Vulnerability zdi-disclosures (Apr 18)
ZDI-07-018: IBM Tivoli Monitoring Express Universal Agent Heap Overflow Vunlerability zdi-disclosures (Apr 18)
ZDI-07-019: BMC Patrol PerformAgent bgs_sdservice Memory Corruption Vulnerability zdi-disclosures (Apr 18)
ZDI-07-020: BMC Performance Manager SNMP Command Execution Vulnerability zdi-disclosures (Apr 18)
- <Possible follow-ups>
- Re: ZDI-07-020: BMC Performance Manager SNMP Command Execution Vulnerability rashbi (Apr 19)
Advisory: SQL Injection in package SYS.DBMS_AQADM_SYS ak (Apr 18)
[USN-453-1] X.org vulnerability Kees Cook (Apr 19)
[ MDKSA-2007:087 ] - Updated php packages fix multiple vulnerabilities security (Apr 19)
[ MDKSA-2007:088 ] - Updated php packages fix multiple vulnerabilities security (Apr 19)
[ MDKSA-2007:089 ] - Updated php packages fix multiple vulnerabilities security (Apr 19)
CfP Hack.lu 2007 info (Apr 19)
IPB (Invision Power Board) Full Path Disclusure security (Apr 19)
[waraxe-2007-SA#049] - Multiple vulnerabilities in Phorum 5.1.20 come2waraxe (Apr 19)
Winamp <= (WMV) 5.3 Buffer Overflow DOS Exploit (0-DAY) UniquE (Apr 19)
RaidenFTPd IXceedCompression multiple denial of service vulnerabilities Michal Bucko (Apr 19)
Yet another SQL injection framework Guillermo Marro (Apr 19)
- Re: Yet another SQL injection framework (file corruption) Guillermo Marro (Apr 20)
- Re: Yet another SQL injection framework Nick Boyce (Apr 20)
  - RE: Yet another SQL injection framework Greg Merideth (Apr 23)
[security bulletin] HPSBMA02133 SSRT061201 rev.4 - HP Oracle for OpenView (OfO) Critical Patch Update security-alert (Apr 19)
[ MDKSA-2007:090 ] - Updated php packages fix multiple vulnerabilities security (Apr 19)
[ MDKSA-2007:091 ] - Updated sqlite packages fix vulnerability security (Apr 19)
[security bulletin] HPSBST02208 SSRT071365 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS07-018 to MS07-022 security-alert (Apr 19)
NeatUpload vulnerability and fix dean (Apr 20)
ZDI-07-021: GraceNote CDDBControl ActiveX Buffer Overflow Vulnerability zdi-disclosures (Apr 20)
Eba News Version : v1.1 <= (webpages.php) Remote File Include // starhack.org seko (Apr 20)
TSLSA-2007-0013 - multi Trustix Security Advisor (Apr 20)
iDefense Security Advisory 04.20.07: Check Point Zone Labs SRESCAN IOCTL Local Privilege Escalation Vulnerability iDefense Labs (Apr 20)
FLEA-2007-0011-1: lighttpd Foresight Linux Essential Announcement Service (Apr 20)
UseBB Version 1.0.4 Path Disclosure Vulnerability securityresearch (Apr 20)
Top Auction 1.0 (viewcat.php) Remote Blind SQL Injection // starhack.org seko (Apr 21)
- Re: Top Auction 1.0 (viewcat.php) Remote Blind SQL Injection // starhack.org str0ke (Apr 21)
turbolence core 0.0.1 alpha Remote File Inclusion omnipresent (Apr 21)
WS_FTP Home 2007 NetscapeFTPHandler denial of service Michal Bucko (Apr 21)
- <Possible follow-ups>
- Re: WS_FTP Home 2007 NetscapeFTPHandler denial of service sapheal (Apr 23)
Allfaclassfieds (level2.php dir) remote file inclusion asdasd asdsadas (Apr 23)
[ GLSA 200704-17 ] 3proxy: Buffer overflow Raphael Marichez (Apr 23)
[Reversemode advisory] CheckPoint Zonelabs - ZoneAlarm SRESCAN driver local privilege escalation Reversemode (Apr 23)
claroline <= Multiple Remote File Include Vulnerablitiy Mohandko (Apr 23)
- Re: claroline <= Multiple Remote File Include Vulnerablitiy BlackHawk (Apr 24)
lms 1.5.3 Remote File Inclusion InyeXion (Apr 23)
EsForum <= 3.0 SQL Injection Vulnerability ilkerkandemir (Apr 23)
PHPMyBibli <= Multiple Remote File Include Mohandko (Apr 23)
[ GLSA 200704-16 ] Aircrack-ng: Remote execution of arbitrary code Raphael Marichez (Apr 23)
File117 Remote File Inclusion InyeXion (Apr 23)
Ripe Website Manager (<= 0.8.4) - SQL Injection Vulnerability and Cross-Site Scripting Exploit john (Apr 23)
[SECURITY] [DSA 1279-1] New webcalendar packages fix cross-site scripting Moritz Muehlenhoff (Apr 23)
c-arbre <= Multiple Remote File Include Vulnerablitiy Mohandko (Apr 23)
[ GLSA 200704-18 ] Courier-IMAP: Remote execution of arbitrary code Raphael Marichez (Apr 23)
Remote file inclusion in Joomla 1.5.0 Beta Omid (Apr 23)
FLEA-2007-0013-1: xine-lib Foresight Linux Essential Announcement Service (Apr 23)
bibtex mase Remote File Inclusion InyeXion (Apr 23)
FLEA-2007-0012-1: madwifi Foresight Linux Essential Announcement Service (Apr 23)
WASC-Articles: 'The business case for security frameworks' announcements (Apr 23)
Big Blue Guestbook HTML Injection Vulnerabilities seko (Apr 23)
3proxy 0.5.3i bugfix release Vladimir Dubrovin (Apr 23)
TJSChat Version 0.95 Cross Site Scripting the_3dit0r (Apr 23)
[ MDKSA-2007:092 ] - Updated freeradius packages fix vulnerability security (Apr 23)
[ GLSA 200704-19 ] Blender: User-assisted remote execution of arbitrary code Raphael Marichez (Apr 23)
[security bulletin] HPSBUX02183 SSRT061243 rev.1 - HP-UX sendmail, Remote Denial of Service (DoS) security-alert (Apr 23)
[ MDKSA-2007:093 ] - Updated zziplib packages fix vulnerability security (Apr 23)
[ GLSA 200704-20 ] NAS: Multiple vulnerabilities Raphael Marichez (Apr 23)
acvsws_php5_v1.0 <= Multiple Remote File Include Vulnerablitiy Mohandko (Apr 23)
DmCMS Shell Uploading security (Apr 23)
phpMySpace Gold (v8.10) - Blind SQL/XPath Injection Exploit john (Apr 23)
Post Revolution Remote File Inclusion InyeXion (Apr 23)
rPSA-2007-0081-1 postgresql postgresql-server rPath Update Announcements (Apr 24)
[ GLSA 200704-21 ] ClamAV: Multiple vulnerabilities Matthias Geerdsen (Apr 24)
YA Book 0.98 Persistent XSS omnipresent (Apr 24)
gallery >> 1.5.6 Remote File Inclusion s433d_only_linux (Apr 24)
- Re: gallery >> 1.5.6 Remote File Inclusion Chris Kelly (Apr 24)
- <Possible follow-ups>
- Re: gallery >> 1.5.6 Remote File Inclusion the . tiger100 (Apr 24)
ImageProcessing ... Local (Denial of Service Exploit) Dr . Ninux (Apr 24)
- Re: ImageProcessing ... Local (Denial of Service Exploit) Tim Newsham (Apr 24)
Security Advisory: CA CleverPath SQL Injection Irene Abezgauz (Apr 24)
[security bulletin] HPSBST02200 SSRT071330 rev.1 - HP StorageWorks Command View Advanced Edition for XP, Local Unauthorized Access security-alert (Apr 24)
Progress Webspeed exploit for all releases suresync (Apr 24)
[MajorSecurity Advisory #46]Plogger - Session fixation Issue admin (Apr 24)
[SECURITY] [DSA 1280-1] New aircrack-ng packages fix arbitrary code execution Moritz Muehlenhoff (Apr 24)
3Com's TippingPoint Denial of Service mike20061005 (Apr 24)
- Re: 3Com's TippingPoint Denial of Service Simple Nomad (Apr 24)
- Re: 3Com's TippingPoint Denial of Service Secure (Apr 25)
- <Possible follow-ups>
- Re: 3Com's TippingPoint Denial of Service Steven M. Christey (Apr 25)
dcp-portal v611 >> RFi s433d_only_linux (Apr 24)
ZDI-07-022: CA BrightStor ArcServe Media Server Multiple Buffer Overflow Vulnerabilities zdi-disclosures (Apr 24)
Cisco Security Advisory: Default Passwords in NetFlow Collection Engine Cisco Systems Product Security Incident Response Team (Apr 25)
MyNewsGroups >> RFI in include.php alijsb (Apr 25)
HYIP Manager Pro Script >> Remote file Include alijsb (Apr 25)
WordPress v2.1.3 >> remote file include~ s433d_only_linux (Apr 25)
- <Possible follow-ups>
- Re: WordPress v2.1.3 >> remote file include~ otto (Apr 26)
HTMLeditbox & 2.2 >> RFI alijsb (Apr 25)
netbingo v 2000 >> RFI alijsb (Apr 25)
DynaTracker &v151>> RFI alijsb (Apr 25)
phpMYTGP v v1.4b >> RFI alijsb (Apr 25)
[SECURITY] [DSA 1281-1] New clamav packages fix several vulnerabilities Moritz Muehlenhoff (Apr 25)
sunshop v4 >> RFI info (Apr 25)
Shop-Script v 2.0 >> RFI alijsb (Apr 25)
adrevenue script (CyKuH.com)>> RFI alijsb (Apr 25)
B2 Weblog and News Publishing Tool v0.6.1 >> RFI alijsb (Apr 25)
Searchactivity >> RFI alijsb (Apr 25)
Built2Go_PHP_Link_Portal_v1.79 >> RFI alijsb (Apr 25)
comus 2.0 Final >> RFI alijsb (Apr 25)
blogsystem 1.4 >> local & remote = -rfi & lfi & -xss info (Apr 25)
ASA-2007-010: Two stack buffer overflows in SIP channel's T.38 SDP parsing code Kevin P. Fleming (Apr 25)
nucleus 3.22 >> RFI alijsb (Apr 25)
ASA-2007-011: Multiple problems in SIP channel parser handling response codes Kevin P. Fleming (Apr 25)
download engine V1.4.1 >> RFI (local) alijsb (Apr 25)
CFP: 3rd European Conference on Computer Network Defense (EC2ND) Stefano Zanero (Apr 25)
Remote File Inclusion s433d_only_linux (Apr 25)
VirtuaNews.Pro.v1.0.3.Retail.+All.Plugins Remote file Include s433d_only_linux (Apr 25)
IE 7 and Firefox Browsers Digest Authentication Request Splitting Stefano Di Paola (Apr 25)
ASA-2007-012: Remote Crash Vulnerability in Manager Interface Kevin P. Fleming (Apr 25)
:doruk100net >> RFI alijsb (Apr 25)
[CAID 35277]: CA CleverPath Portal SQL Injection Vulnerability Williams, James K (Apr 26)
[USN-453-2] rdesktop regression Martin Pitt (Apr 26)
[ MDKSA-2007:094 ] - Updated postgresql packages fix vulnerability security (Apr 26)
[CAID 35198, 35276]: CA BrightStor ARCserve Backup Media Server Vulnerabilities Williams, James K (Apr 26)
modbuild >> 4.1 Remote File Inclusion s433d_only_linux (Apr 26)
SineCMS nexus (Apr 26)
Re: Chicken of the VNC 2.0 remote DoS support (Apr 26)
Burak Yılmaz Blog (tr) v1.0 SQL injection vulnerability dj_remix_20 (Apr 26)
[SECURITY] [DSA 1282-1] New php4 packages fix several vulnerabilities Moritz Muehlenhoff (Apr 26)
iDefense Security Advisory 04.26.07: Novell eDirectory NCP Fragment Denial of Service Vulnerability iDefense Labs (Apr 26)
TSLSA-2007-0015 - postgresql Trustix Security Advisor (Apr 27)
FreeBSD Security Advisory FreeBSD-SA-07:03.ipv6 FreeBSD Security Advisories (Apr 27)
[USN-455-1] PHP vulnerabilities Martin Pitt (Apr 27)
[USN-454-1] PostgreSQL vulnerability Martin Pitt (Apr 27)
iDefense Security Advisory 04.26.07: Symantec Norton Ghost 10 Service Manager Buffer Overflow Vulnerability iDefense Labs (Apr 27)
iDefense Security Advisory 04.26.07: Symantec Norton Ghost 10 Recovery Points Insecure Password Storage Vulnerability iDefense Labs (Apr 27)
Security Concerns in Web 2.0 dharmeshmm (Apr 27)
AFFLIB(TM): Time-of-Check-Time-of-Use File Race VSR Advisories (Apr 27)
AFFLIB(TM): Multiple Buffer Overflows VSR Advisories (Apr 27)
AFFLIB(TM): Multiple Format String Injections VSR Advisories (Apr 27)
AFFLIB(TM): Multiple Shell Metacharacter Injections VSR Advisories (Apr 27)
[ GLSA 200704-23 ] capi4k-utils: Buffer overflow Raphael Marichez (Apr 27)
[ GLSA 200704-22 ] BEAST: Denial of Service Raphael Marichez (Apr 27)
Sphider Version 1.2.x (include_dir) file include 1one1 (Apr 28)
- <Possible follow-ups>
- Re: Sphider Version 1.2.x (include_dir) file include ijoo . keren (Apr 30)
Seir Anphin (file.php a[filepath]) Remote File Disclosure Vulnerability ilkerkandemir (Apr 28)
Flaw in about.r OS and Progress version disclosure suresync (Apr 30)
please retract CVE-2007-2056 "Time-of-Check-Time-of-Use File Race in AFFLIB" Simson Garfinkel (Apr 30)
- Re: please retract CVE-2007-2056 "Time-of-Check-Time-of-Use File Race in AFFLIB" Tim (Apr 30)
[SECURITY] [DSA 1283-1] New php5 packages fix several vulnerabilities Moritz Muehlenhoff (Apr 30)
GHH Portal 1.1 (passwd.txt) Remote Password Disclosure Vulnerability crazy_king (Apr 30)
- Re: GHH Portal 1.1 (passwd.txt) Remote Password Disclosure Vulnerability Jamie Riden (Apr 30)
[security bulletin] HPSBMA02197 SSRT061285 rev.1 - HP-UX Running HP Power Manager Remote Agent (RA), Local Execution of Arbitrary Code with Root Privileges security-alert (Apr 30)
3proxy[v0.5.3g]: (linux/win32 service) remote buffer overflow exploits. v9 (Apr 30)
iDefense Security Advisory 04.27.07: VMware Workstation Shared Folders Directory Traversal Vulnerability iDefense Labs (Apr 30)
FLEA-2007-0014-1: vim Foresight Linux Essential Announcement Service (Apr 30)
FLEA-2007-0015-1: gimp Foresight Linux Essential Announcement Service (Apr 30)
E-Annu (home.php) Remote SQL Injection Vulnerability ilkerkandemir (Apr 30)

Previous period

Next period