Bugtraq: by thread

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq: by thread

704 messages starting Jan 01 07 and ending Jan 31 07
Date index | Thread index | Author index

Spooky Login Multiple HTML Injection Vulnerability DoZ (Jan 01)
WinZip10.0 FileView ActiveX Controls CreateNewFolderFromName Method Buffer overflow 76693223 (Jan 01)
Re: PocketPC MMS - Remote Code Injection/Execution Vulnerability and Denial-of-Service Collin R. Mulliner (Jan 01)
Rediff Bol Downloader Allows Downloading and Spawning Arbitary Files gregory_panakkal (Jan 01)
WinZip FileView ActiveX controls CreateNewFolderFromName Method Buffer Overflow Vulnerability 76693223 (Jan 01)
PHPIrc_bot <= Remote File Include zooz_998 (Jan 01)
vBulletin vCard PRO XSS exexp (Jan 01)
Re: PlatinumFTP 1.0.18 remote DoS info (Jan 01)
[NGSEC] ngGame #3 - BrainStorming labs () NGSEC (Jan 01)
BattleBlog Database Download Vulnerability Advisory (Jan 01)
Kerio Fake 'iphlpapi' DLL injection Vulnerability Matousec - Transparent security Research (Jan 01)
golden book XSS sn0oPy . team (Jan 01)
rblog Database Download Vulnerability Advisory (Jan 01)
ATMEL Linux PCI PCMCIA USB Drivers arbitrary code execution sapheal (Jan 01)
Re: PHP as a secure language? PHP worms? [was: Re: new linux malware] Kevin Waterson (Jan 01)
- Re: PHP as a secure language? PHP worms? [was: Re: new linux malware] Bill Nash (Jan 01)
  - Re: PHP as a secure language? PHP worms? [was: Re: new linux malware] Tino Wildenhain (Jan 01)
    - RE: PHP as a secure language? PHP worms? [was: Re: new linux malware] Jim Harrison (Jan 01)
    - Re: PHP as a secure language? PHP worms? [was: Re: new linux malware] Dana Hudes (Jan 01)
    - RE: PHP as a secure language? PHP worms? [was: Re: new linux malware] Jim Harrison (Jan 01)
    - Re: PHP as a secure language? PHP worms? [was: Re: new linux malware] Darren Reed (Jan 02)
    - RE: PHP as a secure language? PHP worms? [was: Re: new linux malware] Jim Harrison (Jan 02)
    - Re: PHP as a secure language? PHP worms? [was: Re: new linux malware] Darren Reed (Jan 02)
    - RE: PHP as a secure language? PHP worms? [was: Re: new linux malware] Jim Harrison (Jan 04)
    - Re: PHP as a secure language? PHP worms? [was: Re: new linux malware] Bill Nash (Jan 04)
    - Re: PHP as a secure language? PHP worms? [was: Re: new linux malware] Ronald Chmara (Jan 04)
    - Re: PHP as a secure language? PHP worms? [was: Re: new linux malware] Jim Manico (Jan 08)
    - Re: PHP as a secure language? PHP worms? [was: Re: new linux malware] Dana Hudes (Jan 02)
    - Re: PHP as a secure language? PHP worms? [was: Re: new linux malware] Lawrence Paul MacIntyre (Jan 04)
    - Re: PHP as a secure language? PHP worms? Duncan Simpson (Jan 02)
    - RE: PHP as a secure language? PHP worms? Jim Harrison (Jan 02)
- <Possible follow-ups>
- Re: PHP as a secure language? PHP worms? [was: Re: new linux malware] Chad Maron (Jan 01)
  - Re: PHP as a secure language? PHP worms? [was: Re: new linux malware] Kevin Waterson (Jan 02)
AShop Shopping Cart Multiple XSS Vulnerabilities DoZ (Jan 01)
[OpenPKG-SA-2007.001] OpenPKG Security Advisory (cacti) OpenPKG GmbH (Jan 01)
Mozilla Firefox 2.0 denial of service vulnerability sapheal (Jan 01)
- Re: Mozilla Firefox 2.0 denial of service vulnerability Jeroen Massar (Jan 01)
- <Possible follow-ups>
- Re: Re: Mozilla Firefox 2.0 denial of service vulnerability sapheal (Jan 01)
Re: XSS with Vbulletin (new idea !) marco . van . herwaarden (Jan 01)
Dailymotion password reset vulnerability daftrix (Jan 01)
Welcome to Pwndertino... K F (lists) (Jan 01)
Re: [Full-disclosure] simplog 0.9.3.2 SQL injection str0ke (Jan 02)
- Re: [Full-disclosure] simplog 0.9.3.2 SQL injection Javor Ninov (Jan 02)
FreeRadius 1.1.3 SMB_Handle_Type SMB_Connect_Server arbitrary code execution sapheal (Jan 02)
- Re: FreeRadius 1.1.3 SMB_Handle_Type SMB_Connect_Server arbitrary code execution 3APA3A (Jan 03)
lblog Remote Password Disclosure Advisory (Jan 02)
Openforum Remote password Disclosure Advisory (Jan 02)
AspBB Remote Password Disclosure Advisory (Jan 02)
Windows Vista 64bits and unexported kernel symbols Matthieu Suiche (Jan 02)
- Re: Windows Vista 64bits and unexported kernel symbols Rik van Riel (Jan 03)
[ MDKSA-2007:001 ] - Update libmodplug packages fix buffer overflow vulnerabilities security (Jan 02)
Nuked Klan <= 1.7 Remote Cookie Disclosure Exploit kadaj-diabolik (Jan 02)
rPSA-2006-0234-2 firefox thunderbird rPath Update Announcements (Jan 02)
Windows NT Message Compiler 1.00.5239 arbitrary code execution sapheal (Jan 02)
- Re: Windows NT Message Compiler 1.00.5239 arbitrary code execution 3APA3A (Jan 03)
  - Re: Windows NT Message Compiler 1.00.5239 arbitrary code execution chinese soup (Jan 03)
[ MDKSA-2007:002 ] - Updated kernel packages fix multiple vulnerabilities and bugs security (Jan 02)
Re: SoftArtisans FileUp(TM) viewsrc.asp remote script source disclosure exploit wihl (Jan 02)
Whos Johny Pwnerseed? K F (Jan 03)
GuestBook v0.3a Remote Password Disclosure Advisory (Jan 03)
Universal XSS with PDF files: highly dangerous pdp (architect) (Jan 03)
- Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Amit Klein (Jan 03)
  - Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Amit Klein (Jan 03)
    - Message not available
    - Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous pdp (architect) (Jan 03)
    - Message not available
    - Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous RSnake (Jan 03)
    - Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Dave Ferguson (Jan 03)
    - Message not available
    - Message not available
    - Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Amit Klein (Jan 08)
    - Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous pdp (architect) (Jan 03)
    - Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Amit Klein (Jan 03)
    - Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous pdp (architect) (Jan 03)
    - Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous bugtraq (Jan 04)
    - RE: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Martin O'Neal (Jan 08)
    - Message not available
    - Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Amit Klein (Jan 08)
    - Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous RSnake (Jan 08)
    - Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Amit Klein (Jan 08)
    - Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous RSnake (Jan 08)
    - Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Amit Klein (Jan 08)
    - Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Brian Eaton (Jan 09)
    - RE: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Marvin Simkin (Jan 09)
    - Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Ralph Angenendt (Jan 10)
    - RE: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Guy Podjarny (Jan 08)
    - Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Amit Klein (Jan 08)
    - RE: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Tom Spector (Jan 09)
- Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous sven . vetsch (Jan 03)
  - Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous pdp (architect) (Jan 03)
  - Re: Universal XSS with PDF files: highly dangerous ascii (Jan 03)
    - Re: Universal XSS with PDF files: highly dangerous Thierry Zoller (Jan 04)
- Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Jean-Jacques Halans (Jan 03)
  - RE: [WEB SECURITY] Universal XSS with PDF files: hi ghly dangerous Larry Seltzer (Jan 03)
  - Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Jim Manico (Jan 04)
    - Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous RSnake (Jan 04)
    - Message not available
    - Re: [Full-disclosure] [WEB SECURITY] Universal XSS with PDF files: highly dangerous Jim Manico (Jan 09)
- Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous HASEGAWA Yosuke (Jan 04)
- Re: Universal XSS with PDF files: highly dangerous The Anarcat (Jan 09)
- <Possible follow-ups>
- Re: Universal XSS with PDF files: highly dangerous Jeff Williams (Jan 08)
openmedia local read file exe_crack (Jan 03)
[USN-399-1] w3m vulnerabilities Kees Cook (Jan 03)
Hacking AJAX DWR Applications shulman (Jan 03)
Adobe Acrobat Reader Plugin - Multiple Vulnerabilities Stefano Di Paola (Jan 03)
WineGlass "data.mdb" Remote Password Disclosure Advisory (Jan 03)
- <Possible follow-ups>
- WineGlass "data.mdb" Remote Password Disclosure Advisory (Jan 03)
OpenPinboard <= Remote File Include zooz_998 (Jan 03)
- Re: OpenPinboard <= Remote File Include Stefano Zanero (Jan 03)
- <Possible follow-ups>
- Re: OpenPinboard <= Remote File Include jgraef (Jan 08)
- Re: OpenPinboard <= Remote File Include Steven M. Christey (Jan 09)
Black Hat New Years Updates (Free Stuff, too!) Jeff Moss (Jan 03)
[USN-398-1] Firefox vulnerabilities Kees Cook (Jan 03)
- Re: [USN-398-1] Firefox vulnerabilities Scott (Jan 03)
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Clean Access Cisco Systems Product Security Incident Response Team (Jan 03)
Simple Web Content Management System SQL Injection Exploit gmdarkfig (Jan 03)
[USN-398-2] Firefox vulnerabilities Kees Cook (Jan 03)
jgbbs dr . t3rr0r1st (Jan 03)
a cheesy Apache / IIS DoS vuln (+a question) Michal Zalewski (Jan 03)
- Re: a cheesy Apache / IIS DoS vuln (+a question) William A. Rowe, Jr. (Jan 04)
  - Re: a cheesy Apache / IIS DoS vuln (+a question) Michal Zalewski (Jan 04)
    - Re: a cheesy Apache / IIS DoS vuln (+a question) William A. Rowe, Jr. (Jan 04)
    - Re: a cheesy Apache / IIS DoS vuln (+a question) Michal Zalewski (Jan 04)
    - Re: a cheesy Apache / IIS DoS vuln (+a question) Michal Zalewski (Jan 04)
  - Re: a cheesy Apache / IIS DoS vuln (+a question) Gadi Evron (Jan 08)
- Re: a cheesy Apache / IIS DoS vuln (+a question) Pieter de Boer (Jan 04)
  - Re: a cheesy Apache / IIS DoS vuln (+a question) Rob Sherwood (Jan 04)
- Re: a cheesy Apache / IIS DoS vuln (+a question) Siim Põder (Jan 04)
- Re: a cheesy Apache / IIS DoS vuln (+a question) bugtraq (Jan 08)
  - Re: a cheesy Apache / IIS DoS vuln (+a question) William A. Rowe, Jr. (Jan 09)
    - Re: a cheesy Apache / IIS DoS vuln (+a question) bugtraq (Jan 10)
CFP for RAID 2007 Jeffrey Horton (Jan 04)
Re: [Full-disclosure] Universal XSS with PDF files: highly dangerous Juha-Matti Laurio (Jan 04)
- RE: [Full-disclosure] Universal XSS with PDF files: highly dangerous Larry Seltzer (Jan 04)
  - Re: [WEB SECURITY] RE: [Full-disclosure] Universal XSS with PDF files: highly dangerous RSnake (Jan 04)
- <Possible follow-ups>
- Re: RE: [Full-disclosure] Universal XSS with PDF files: highly dangerous Juha-Matti Laurio (Jan 04)
  - Message not available
    - Re: [Full-disclosure] Universal XSS with PDF files: highly dangerous pdp (architect) (Jan 08)
Re: OpenSER OSP Module remote code execution bogdan (Jan 04)
Re: SMS handling OpenSER remote code executing bogdan (Jan 04)
23C3 - Bluetooth hacking revisted [Summary and Code] Thierry Zoller (Jan 04)
MkPortal "All Guests are Admin" Exploit info (Jan 04)
LS-20061102 - Business Objects Crystal Reports XI Professional Stack Overflow Vulnerability advisories (Jan 04)
Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous pdp (architect) (Jan 04)
- <Possible follow-ups>
- Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Rude Yak (Jan 04)
- RE: [WEB SECURITY] Universal XSS with PDF files: highly dangerous RSnake (Jan 04)
- RE: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Martin O'Neal (Jan 04)
- Re: Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous rudeyak (Jan 04)
- RE: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Martin O'Neal (Jan 08)
- Re: Re: Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous rudeyak (Jan 08)
- Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous pdp (architect) (Jan 08)
- RE: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Tom Stripling (Jan 09)
[vuln.sg] PowerArchiver PAISO.DLL Buffer Overflow Vulnerability vulnpost-remove (Jan 04)
Universal PDF XSS After Party pdp (architect) (Jan 04)
- RE: Universal PDF XSS After Party(posible solution) Noe Espinoza M. (Jan 04)
  - Re: [Full-disclosure] Universal PDF XSS After Party(posible solution) Darren Bounds (Jan 04)
  - Re: [WEB SECURITY] RE: Universal PDF XSS After Party(posible solution) RSnake (Jan 04)
SAP Security Contact Mark Litchfield (Jan 04)
- <Possible follow-ups>
- Re: SAP Security Contact Fritz . Bauspiess (Jan 05)
- Re: SAP Security Contact Thor (Hammer of God) (Jan 06)
  - Re: SAP Security Contact Ansgar -59cobalt- Wiechers (Jan 08)
  - Re: SAP Security Contact Nicob (Jan 08)
    - Re: SAP Security Contact Stan Bubrouski (Jan 09)
    - Re: SAP Security Contact Nick Boyce (Jan 10)
    - Re: SAP Security Contact Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] (Jan 11)
- Re: SAP Security Contact Thor (Hammer of God) (Jan 10)
[ GLSA 200701-01 ] DenyHosts: Denial of Service Raphael Marichez (Jan 04)
Wordpress <= 2.x dictionnary & Bruteforce attack kadaj-diabolik (Jan 04)
[ GLSA 200701-02 ] Mozilla Firefox: Multiple vulnerabilities Raphael Marichez (Jan 04)
Correction (High Risk Vulnerability in the OpenOffice and StarOffice Suites) NGSSoftware Insight Security Research (Jan 04)
[ GLSA 200701-03 ] Mozilla Thunderbird: Multiple vulnerabilities Raphael Marichez (Jan 04)
High Risk Vulnerability in the OpenOffice and StarOffice Suites NGSSoftware Insight Security Research (Jan 04)
- Re: [VulnWatch] High Risk Vulnerability in the OpenOffice and StarOffice Suites Florian Weimer (Jan 04)
  - Re: [VulnWatch] High Risk Vulnerability in the OpenOffice and StarOffice Suites David Litchfield (Jan 04)
    - Re: [VulnWatch] High Risk Vulnerability in the OpenOffice and StarOffice Suites Pete Connolly (Jan 04)
Concurrency strikes MSIE (potentially exploitable msxml3 flaws) Michal Zalewski (Jan 04)
- RE: [Full-disclosure] Concurrency strikes MSIE (p otentially exploitablemsxml3 flaws) Larry Seltzer (Jan 04)
  - RE: [Full-disclosure] Concurrency strikes MSIE (p otentially exploitablemsxml3 flaws) Michal Zalewski (Jan 04)
DMA[2007-0104a] - 'iLife iPhoto Photocasing Format String Vulnerability' K F (lists) (Jan 04)
[USN-398-3] Firefox theme regression Kees Cook (Jan 04)
Perforce client: security hole by design Ben Bucksch (Jan 04)
- Re: Perforce client: security hole by design The Fungi (Jan 08)
- Re: Perforce client: security hole by design Crispin Cowan (Jan 11)
SAP Security Mark Litchfield (Jan 04)
CMS Made Simple non-permanent XSS nanoymaster (Jan 04)
- <Possible follow-ups>
- Re: CMS Made Simple non-permanent XSS ted (Jan 19)
[USN-401-1] D-Bus vulnerability Kees Cook (Jan 05)
[USN-400-1] Thunderbird vulnerabilities Kees Cook (Jan 05)
MkPortal Admin XSS info (Jan 05)
IG Shop remote code execution asdfj38 (Jan 05)
IG Calendar SQL Injection asdfj38 (Jan 05)
Uber Uploader 4.2 Arbitrary File Upload Vulnerability null_hack (Jan 05)
- <Possible follow-ups>
- Re: Uber Uploader 4.2 Arbitrary File Upload Vulnerability recklessb (Jan 09)
- Re: Re: Uber Uploader 4.2 Arbitrary File Upload Vulnerability null_hack (Jan 10)
- Re: Re: Re: Uber Uploader 4.2 Arbitrary File Upload Vulnerability recklessb (Jan 15)
Intranet Open Source Remote Password Disclosure "intranet.mdb" Advisory (Jan 05)
Advisory 02/2007: WordPress Trackback Charset Decoding SQL Injection Vulnerability Stefan Esser (Jan 05)
Coppermine Photo Gallery <= 1.4.10 SQL Injection Exploit gmdarkfig (Jan 05)
iDefense Security Advisory 01.05.07: Opera Software Opera Web Browser createSVGTransformFromMatrix Object Typecasting Vulnerability iDefense Labs (Jan 05)
[DRUPAL-SA-2007-001] Drupal 4.6.11 / 4.7.5 fixes XSS issue Uwe Hermann (Jan 05)
[DRUPAL-SA-2007-002] Drupal 4.6.11 / 4.7.5 fixes DoS issue Uwe Hermann (Jan 05)
RI Blog 1.3 XSS Vuln. ShaFuq31 (Jan 05)
Advisory 01/2007: WordPress CSRF Protection XSS Vulnerability Stefan Esser (Jan 05)
Multiple bugs in EditTag nj (Jan 05)
[USN-402-1] Avahi vulnerability Kees Cook (Jan 05)
Flog 1.1.2 Remote Admin Password Disclosure corrado . liotta (Jan 05)
iDefense Security Advisory 01.05.07: Opera Software Opera Web Browser JPG Image DHT Marker Heap Corruption Vulnerability iDefense Labs (Jan 05)
Kolayindir Download (Yenionline) (tr) SqL Injection Vuln. ShaFuq31 (Jan 05)
[OpenPKG-SA-2007.002] OpenPKG Security Advisory (bzip2) OpenPKG GmbH (Jan 05)
ZDI-07-001: QUALCOMM Eudora WorldMail Remote Management Heap Overflow Vulnerability zdi-disclosures (Jan 05)
iDefense Security Advisory 01.05.07: Kaspersky Antivirus Scan Engine PE File Denial of Service Vulnerability iDefense Labs (Jan 06)
[OpenPKG-SA-2007.003] OpenPKG Security Advisory (drupal) OpenPKG GmbH (Jan 06)
fetchmail security announcement 2006-03 (CVE-2006-5974) Matthias Andree (Jan 06)
fetchmail security announcement 2006-02 (CVE-2006-5867) Matthias Andree (Jan 06)
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Secure Access Control Server Cisco Systems Product Security Incident Response Team (Jan 06)
ohhASP Remote Password Disclosure Advisory (Jan 06)
Yet Another Link Directory v1.0 lunY (Jan 06)
[OpenPKG-SA-2007.004] OpenPKG Security Advisory (fetchmail) OpenPKG GmbH (Jan 06)
Fix & Chips CMS v1.0 luny (Jan 06)
shopstorenow (orange.asp) sql injection emel_gw_ini (Jan 06)
FON Router allows anonymous web access l . friedrichs (Jan 06)
- Re: FON Router allows anonymous web access Thierry Zoller (Jan 08)
[OpenPKG-SA-2007.005] OpenPKG Security Advisory (wordpress) OpenPKG GmbH (Jan 06)
0trace - traceroute on established connections Michal Zalewski (Jan 08)
- Re: [Full-disclosure] 0trace - traceroute on established connections Michal Zalewski (Jan 08)
- Re: [Full-disclosure] 0trace - traceroute on established connections Alessandro Dellavedova (Jan 09)
  - Re: [Full-disclosure] 0trace - traceroute on established connections Michal Zalewski (Jan 09)
  - Re: [Full-disclosure] 0trace - traceroute on established connections Jon Oberheide (Jan 10)
- Re: [DCC SPAM] 0trace - traceroute on established connections Lance James (Jan 09)
- Re: [Full-disclosure] 0trace - traceroute on established connections Robert Święcki (Jan 15)
  - Re: [Full-disclosure] 0trace - traceroute on established connections Jon Oberheide (Jan 25)
@lex Guestbook <= 4.0.2 Remote Command Execution Exploit gmdarkfig (Jan 08)
AJLogin v3.5 Remote Password Disclosure Vulnerability beks (Jan 08)
EMembersPro 1.0 Remote Password Disclosure Vulnerability beks (Jan 08)
MitiSoft Remote Password Disclosure Vulnerability beks (Jan 08)
M-Core Remote Password Disclosure Vulnerability beks (Jan 08)
HarikaOnline v2.0 Remote Password Disclosure Vulnerability beks (Jan 08)
Webulas Remote Password Disclosure Vulnerability beks (Jan 08)
Uguestbook Remote Password Disclosure Vulnerability beks (Jan 08)
NUNE News Script (custom_admin_path) Remote File Include Vulnerablity xorontr (Jan 08)
[SECURITY] [DSA 1245-1] New proftpd packages fix denial of service Moritz Muehlenhoff (Jan 08)
Dayfox Blog Remote File Include Vuln. ShaFuq31 (Jan 08)
GeoBB Georgian Bulletin Board Remote File Include Vuln. ShaFuq31 (Jan 08)
TK53 Advisory #1: CenterICQ remote DoS buffer overflow in LiveJournal handling Lolek of TK53 (Jan 08)
MKPortal Full Path Disclosure info (Jan 08)
HP Multiple Products PML Driver Local Privilege Escalation Sowhat (Jan 08)
magic photo storage website Remote File Inclusion k1tk4t (Jan 08)
QASEC Announcement: Writing Software Security Test Cases bugtraq (Jan 08)
Packeteer PacketWise CLI overflow DoS kian . mohageri (Jan 08)
[SECURITY] [DSA 1246-1] New OpenOffice.org packages fix arbitrary code execution Martin Schulze (Jan 08)
rPSA-2007-0001-1 openoffice.org rPath Update Announcements (Jan 08)
[SECURITY] [DSA 1247-1] New libapache-mod-auth-kerb packages fix remote denial of service Noah Meyerhans (Jan 08)
Re: Sun java System Messenger Express XSS b2wang (Jan 08)
cisco nac bypass vulnerability - cisco trust agent thorben schroeder (Jan 08)
- Re: cisco nac bypass vulnerability - cisco trust agent Stefano Zanero (Jan 08)
Vendor guidelines regarding security contacts Steven M. Christey (Jan 08)
- Re: Vendor guidelines regarding security contacts security curmudgeon (Jan 08)
- Re: Vendor guidelines regarding security contacts Chris Wysopal (Jan 10)
- Re: Vendor guidelines regarding security contacts Ben Bucksch (Jan 12)
  - Re: Vendor guidelines regarding security contacts Steven M. Christey (Jan 12)
- <Possible follow-ups>
- Re: Vendor guidelines regarding security contacts Juha-Matti Laurio (Jan 11)
createauction (cats.asp) Remote SQL Injection Vulnerability emel_gw_ini (Jan 08)
GForge Cross Site Scripting vulnerability jose . palanco (Jan 08)
[ MDKSA-2007:003 ] - Updated avahi packages fix DoS vulnerability security (Jan 08)
RFID open source library - RFIDIOt code release - version 0.1k Adam Laurie (Jan 08)
Cracking Steganography Application in less than ONE minute thesinoda (Jan 08)
- Re: Cracking Steganography Application in less than ONE minute Michal Spadlinski (Jan 09)
Re: RE: [Full-disclosure] Concurrency strikes MSIE (potentially exploitablemsxml3 flaws) socket69 (Jan 08)
[ MDKSA-2007:004 ] - Updated geoip packages fix geoipupdate vulnerability security (Jan 09)
[KDE Security Advisory] ksirc Denial of Service vulnerability Dirk Mueller (Jan 09)
Re: PHPKit 1.6.1 RC2 (faq/faq.php) Remote SQL Injection Exploit yorn (Jan 09)
ppc engine Multiple file inclusion emel_gw_ini (Jan 09)
Sina UC ActiveX Multiple Remote Stack Overflow Sowhat (Jan 09)
magic photo storage website Multiple Remote File Inclusion emel_gw_ini (Jan 09)
rPSA-2007-0003-1 fetchmail rPath Update Announcements (Jan 09)
[USN-403-1] X.org vulnerabilities Kees Cook (Jan 09)
MITKRB5-SA-2006-002: kadmind (via RPC lib) calls uninitialized function pointer Tom Yu (Jan 09)
MITKRB5-SA-2006-003: kadmind (via GSS-API lib) frees uninitialized pointers Tom Yu (Jan 09)
iDefense Security Advisory 01.09.07: Multiple Microsoft Products VML 'recolorinfo' Element Integer Overflow Vulnerability iDefense Labs (Jan 09)
iDefense Security Advisory 01.09.07: Microsoft Excel Long Palette Heap Overflow Vulnerability iDefense Labs (Jan 09)
iDefense Security Advisory 01.09.07: Microsoft Excel Invalid Column Heap Corruption Vulnerability iDefense Labs (Jan 09)
[USN-404-1] MadWifi vulnerability Kees Cook (Jan 09)
Easy Banner Pro Version 2.8 <= Remote File Inclusion stormhacker (Jan 09)
CA BrightStor ARCserve Backup Tape Engine Exploit Security Notice Williams, James K (Jan 09)
Circumventing CSFR Form Token Defense Jim Manico (Jan 09)
- Re: Circumventing CSFR Form Token Defense Florian Weimer (Jan 10)
- Re: Circumventing CSFR Form Token Defense Peter Watkins (Jan 10)
- <Possible follow-ups>
- Re: Circumventing CSFR Form Token Defense bugtraq (Jan 10)
  - RE: Circumventing CSFR Form Token Defense James C. Slora Jr. (Jan 11)
rPSA-2007-0004-1 bzip2 rPath Update Announcements (Jan 09)
rPSA-2007-0005-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs rPath Update Announcements (Jan 09)
iDefense Security Advisory 01.09.07: Multiple Vendor X Server Render Extension ProcRenderAddGlyphs Memory Corruption Vulnerability iDefense Labs (Jan 09)
[ MDKSA-2007-005 ] - Updated xorg-x11/XFree86 packages fix integer overflow vulnerabilities security (Jan 09)
iDefense Security Advisory 01.09.07: Multiple Vendor X Server DBE Extension ProcDbeGetVisualInfo Memory Corruption Vulnerability iDefense Labs (Jan 09)
iDefense Security Advisory 01.09.07: Multiple Vendor X Server DBE Extension ProcDbeSwapBuffers Memory Corruption Vulnerability iDefense Labs (Jan 09)
edit-x ecommerce (include_dir) Remote File include emel_gw_ini (Jan 09)
iDefense Security Advisory 01.09.07: Adobe Macromedia ColdFusion Source Code Disclosure Vulnerability iDefense Labs (Jan 10)
slocate leaks filenames of protected directories steven (Jan 10)
- <Possible follow-ups>
- Re: slocate leaks filenames of protected directories Dennis Jackson (Jan 10)
  - Re: slocate leaks filenames of protected directories Ben Wheeler (Jan 11)
    - Re: slocate leaks filenames of protected directories Dave Moore (Jan 12)
    - Re: slocate leaks filenames of protected directories Ben Wheeler (Jan 12)
Adobe Reader Remote Heap Memory Corruption - Subroutine Pointer Overwrite Piotr Bania (Jan 10)
[OpenPKG-SA-2007.006] OpenPKG Security Advisory (kerberos) OpenPKG GmbH (Jan 10)
Cisco Security Advisory: Cisco Unified Contact Center and IP Contact Center JTapi Gateway Vulnerability Cisco Systems Product Security Incident Response Team (Jan 10)
Cisco Security Advisory: DLSw Vulnerability Cisco Systems Product Security Incident Response Team (Jan 10)
iDefense Q-1 2007 Challenge contributor (Jan 10)
- Re: [Full-disclosure] iDefense Q-1 2007 Challenge Simon Smith (Jan 16)
  - Re: [Full-disclosure] iDefense Q-1 2007 Challenge K F (lists) (Jan 16)
    - Re: [Full-disclosure] iDefense Q-1 2007 Challenge -I WILL BUY FOR MORE Simon Smith (Jan 16)
    - Re: [Full-disclosure] iDefense Q-1 2007 Challenge -I WILL BUY FOR MORE Jim Manico (Jan 17)
    - Re: [Full-disclosure] iDefense Q-1 2007 Challenge -I WILL BUY FOR MORE Roman Medina-Heigl Hernandez (Jan 18)
    - Re: [Full-disclosure] iDefense Q-1 2007 Challenge -I WILL BUY FOR MORE Simon Smith (Jan 18)
    - Re: [Full-disclosure] iDefense Q-1 2007 Challenge -I WILL BUY FOR MORE Simon Smith (Jan 18)
    - Re: [Full-disclosure] iDefense Q-1 2007 Challenge -I WILL BUY FOR MORE Simon Smith (Jan 18)
    - Re: [Full-disclosure] iDefense Q-1 2007 Challenge Blue Boar (Jan 16)
    - Re: [Full-disclosure] iDefense Q-1 2007 Challenge K F (lists) (Jan 16)
    - Re: [Full-disclosure] iDefense Q-1 2007 Challenge Simon Smith (Jan 17)
    - Re: [Full-disclosure] iDefense Q-1 2007 Challenge Blue Boar (Jan 17)
    - Re: [Full-disclosure] iDefense Q-1 2007 Challenge Simon Smith (Jan 17)
    - Re: [Full-disclosure] iDefense Q-1 2007 Challenge Tim Newsham (Jan 17)
    - Re: [_SUSPEKT] - Re: [Full-disclosure] iDefense Q-1 2007 Challenge - Bayesian Filter detected spam Simon Smith (Jan 18)
[ MDKSA-2007:006 ] - Updated OpenOffice.org packages fix WMF vulnerability security (Jan 10)
A Major design Bug in Steganography 1.7.x, 1.8 (latest) (Updated Version) thesinoda (Jan 10)
- Re: A Major design Bug in Steganography 1.7.x, 1.8 (latest) (Updated Version) Dave \"No, not that one\" Korn (Jan 11)
- Re: A Major design Bug in Steganography 1.7.x, 1.8 (latest) (Updated Version) hlangos-bugtraq (Jan 11)
VLC Format String Vulnerability also in XINE Sven . Czaja (Jan 10)
[ GLSA 200701-04 ] SeaMonkey: Multiple vulnerabilities Raphael Marichez (Jan 10)
CS-Cart 1.3.3 (install.php) Remote File Include Vulnerability ahmed_labib_hilmy (Jan 10)
A Major design Bug in Camouflage 1.2.1 (latest) thesinoda (Jan 10)
sazcart v1.5 (cart.php) Remote File include emel_gw_ini (Jan 10)
VMware ESX server security updates VMware Security team (Jan 10)
DMA[2007-0107a] OmniWeb Javascript Alert Format String Vulnerabiity and DMA[2007-0109a] Apple Finder Disk Image Volume Label Overflow / DoS K F (lists) (Jan 11)
[ MDKSA-2007:007 ] - Updated nvidia driver packages fix vulnerability security (Jan 11)
[ MDKSA-2007:009 ] - Updated kdenetwork packages fix ksirc vulnerability security (Jan 11)
[ MDKSA-2007:008 ] - Updated kerberos packages fix vulnerability security (Jan 11)
Computer Terrorism (UK) :: Incident Response Centre - Microsoft Outlook Vulnerability advisories (Jan 11)
WMF CreateBrushIndirect vulnerability (DoS) Alexander Sotirov (Jan 11)
- Re: WMF CreateBrushIndirect vulnerability (DoS) temp0_123 (Jan 16)
Xine-ui format string Vulnerabilties. saik0pod (Jan 11)
Jshop Server 1.3 irvian (Jan 11)
phpBB (privmsg.php) XSS Exploit info (Jan 11)
- <Possible follow-ups>
- Re: phpBB (privmsg.php) XSS Exploit neothermic (Jan 12)
- Re: phpBB (privmsg.php) XSS Exploit neothermic (Jan 13)
Calyptix Security Advisory CX-2007-001 - Snort 2.6.1.2 Integer Underflow Vulnerability Calyptix Advisories (Jan 11)
FreeBSD Security Advisory FreeBSD-SA-07:01.jail FreeBSD Security Advisories (Jan 11)
rPSA-2007-0006-1 krb5 krb5-server krb5-services krb5-test krb5-workstation rPath Update Announcements (Jan 11)
ZDI-07-002: CA BrightStor ARCserve Backup Tape Engine Code Execution Vulnerability zdi-disclosures (Jan 11)
ZDI-07-004: CA BrightStor ARCserve Backup Tape Engine Buffer Overflow Vulnerability zdi-disclosures (Jan 11)
[security bulletin] HPSBMA02175 SSRT061174 rev.1 - HP OpenView Network Node Manager (OV NNM) Remote Unauthorized Read Access to Files security-alert (Jan 11)
LayerOne 2007 CFP Announced Layer One (Jan 11)
ZDI-07-003: CA BrightStor ARCserve Backup Message Engine Buffer Overflow Vulnerability zdi-disclosures (Jan 11)
easy-content filemanager hackerbinhphuoc (Jan 11)
[USN-405-1] fetchmail vulnerability Kees Cook (Jan 11)
Digital Armaments Security Pre-Advisory 11.01.2007: Grsecurity Kernel PaX - Local root vulnerability info (Jan 11)
- Lies? [Was: Re: Digital Armaments Security Pre-Advisory 11.01.2007: Grsecurity Kernel PaX - Local root vulnerability] Lubomir Kundrak (Jan 12)
[ MDKSA-2007:010 ] - Updated Firefox packages fix multiple vulnerabilities security (Jan 11)
[security bulletin] HPSBMA02176 SSRT051035 rev.1 - HP OpenView Network Node Manager (OV NNM) Remote Unauthorized Execution of Arbitrary Code security-alert (Jan 11)
LS-20061002 - Computer Associates BrightStor ARCserve Backup Remote Code Execution Vulnerability advisories (Jan 11)
Nwom topsites v3.0 lunY (Jan 11)
LunarPoll (PollDir) Remote File Include Vulnerabilities ilkerKandemir (Jan 12)
Ezboxx multiple vulnerabilities. Info (Jan 12)
xss in phpmyadmin <= 2.8.1 alfa (Jan 12)
- <Possible follow-ups>
- Re: xss in phpmyadmin <= 2.8.1 alfa (Jan 12)
[ MDKSA-2007:011 ] - Updated Thunderbird packages fix multiple vulnerabilities security (Jan 12)
[USN-406-1] OpenOffice.org vulnerability Kees Cook (Jan 12)
Re (3): Circumventing CSFR Form Token Defense bugtraq (Jan 12)
Corsaire Security Advisory: ChainKey Java Code Protection Bypass issue advisories (Jan 12)
- Re: Corsaire Security Advisory: ChainKey Java Code Protection Bypass issue Jim Manico (Jan 12)
Web Honeynet Project: announcement, exploit URLs this Wednesday Gadi Evron (Jan 12)
- Re: [Full-disclosure] Web Honeynet Project: announcement, bugtraq (Jan 12)
  - Re: [Full-disclosure] Web Honeynet Project: announcement, Gadi Evron (Jan 12)
Micro CMS <= 3.5 Remote File Include Exploit ilkerKandemir (Jan 12)
[CAID 34955, 34956, 34957, 34958, 34959, 34817]: CA BrightStor ARCserve Backup Multiple Overflow Vulnerabilities Williams, James K (Jan 12)
Wordpress disclosure of Table Prefix Weakness process (Jan 12)
seeking comments on disclosure articles smcalearney (Jan 12)
- <Possible follow-ups>
- RE: seeking comments on disclosure articles Michael Scheidell (Jan 13)
[ MDKSA-2007:012 ] - Updated kernel packages fix multiple vulnerabilities and bugs security (Jan 12)
AIOCP SQL Injection Vulnerability coloss7 (Jan 12)
AIOCP Login Bypass Vulnerability coloss7 (Jan 12)
Naig <= 0.5.2 (this_path) Remote File Include Vulnerability me you (Jan 12)
- <Possible follow-ups>
- Re: Naig <= 0.5.2 (this_path) Remote File Include Vulnerability maxpost (Jan 13)
[ GLSA 200701-05 ] KDE kfile JPEG info plugin: Denial of Service Raphael Marichez (Jan 12)
[ GLSA 200701-06 ] w3m: Format string vulnerability Raphael Marichez (Jan 12)
[ GLSA 200701-07 ] OpenOffice.org: EMF/WMF file handling vulnerabilities Raphael Marichez (Jan 12)
[ GLSA 200701-08 ] Opera: Two remote code execution vulnerabilities Raphael Marichez (Jan 12)
[SECURITY] [DSA 1248-1] New libsoup packages fix denial of service Moritz Muehlenhoff (Jan 12)
[ MDKSA-2007:013 ] - Updated libneon0.26 packages fix vulnerability security (Jan 12)
Ipswitch WS_FTP 2007 Professional "wsftpurl" access violation vulnerability sapheal (Jan 12)
- Re: Ipswitch WS_FTP 2007 Professional "wsftpurl" access violation vulnerability 3APA3A (Jan 15)
  - Re: Ipswitch WS_FTP 2007 Professional "wsftpurl" access violation vulnerability Eliah Kagan (Jan 16)
    - Re: Ipswitch WS_FTP 2007 Professional "wsftpurl" access violation vulnerability HACKPL - bugtraq/sapheal (Jan 16)
PHP-Nuke <= 7.9 Old-Articles Block "cat" SQL Injection vulnerability paisterist (Jan 13)
Trevorchan <= v0.7 Remote File Include Vulnerability ilkerkandemir (Jan 13)
- Re: Trevorchan <= v0.7 Remote File Include Vulnerability Stefano Zanero (Jan 16)
Ovidentia 5.6x Series Remote File İnclude hotturk (Jan 15)
London DC4420 meet - Wednesday 17th January, 2007 Major Malfunction (Jan 15)
[USN-407-1] libgtop2 vulnerability Martin Pitt (Jan 15)
Okul Web Otomasyon Sistemi (etkinlikbak.asp) SQL Injection Vulnerability ilkerkandemir (Jan 15)
Oracle Passwords and OraBrute paulw (Jan 15)
Remedy Action Request System 5.01.02 - User Enumeration Davide Del Vecchio (Jan 15)
- Message not available
  - Re: Remedy Action Request System 5.01.02 - User Enumeration Davide Del Vecchio (Jan 16)
[USN-408-1] krb5 vulnerability Martin Pitt (Jan 15)
Outpost Bypassing Self-Protection using file links Vulnerability Matousec - Transparent security Research (Jan 15)
Jax Petition Book (languagepack) Remote File Include Vulnerabilities ilkerkandemir (Jan 15)
- Re: Jax Petition Book (languagepack) Remote File Include Vulnerabilities bmatheny (Jan 15)
  - Re: Jax Petition Book (languagepack) Remote File Include Vulnerabilities John McGuire (Jan 16)
wcSimple Poll (password.txt) Remote Password Disclosure Vulnerablity ilkerkandemir (Jan 15)
InstantForum.NET Multiple Cross-Site Scripting Vulnerability DoZ (Jan 15)
Uninformed Journal Release Announcement: Volume 6 H D Moore (Jan 15)
[USN-409-1] ksirc vulnerability Martin Pitt (Jan 15)
liens_dynamiques xss and admin authentification sn0oPy . team (Jan 15)
[ GLSA 200701-10 ] WordPress: Multiple vulnerabilities Raphael Marichez (Jan 16)
Gallery <= 1.4.4-pl4 (phpbb_root_path) Remote File Include Vulnerability me you (Jan 16)
- Re: Gallery <= 1.4.4-pl4 (phpbb_root_path) Remote File Include Vulnerability Chris Kelly (Jan 16)
- <Possible follow-ups>
- Re: Gallery <= 1.4.4-pl4 (phpbb_root_path) Remote File Include Vulnerability krasza (Jan 16)
PHPATM Remote Password Disclosure Vulnerablity nightmare (Jan 16)
MS07-004 VML Integer Overflow Exploit LifeAsaGeek (Jan 16)
- <Possible follow-ups>
- Re: MS07-004 VML Integer Overflow Exploit lifeasageek (Jan 17)
[ MDKSA-2007:017 ] - Updated wget packages fix ftp vulnerability security (Jan 16)
[ MDKSA-2007:015 ] - Updated cacti packages SQL injection vulnerability security (Jan 16)
[KDE Security Advisory] kpdf/kword/xpdf denial of service vulnerability Dirk Mueller (Jan 16)
[ MDKSA-2007:016 ] - Updated fetchmail packages fix vulnerability security (Jan 16)
dt_guestbook version 1.0f XSS vulnerability jesper . jurcenoks (Jan 16)
rPSA-2007-0007-1 kdenetwork rPath Update Announcements (Jan 16)
[x0n3-h4ck] SmE FileMailer 1.21 Remote Sql Injextion Exploit corrado . liotta (Jan 16)
Announcement: The Cross-site Request Forgery FAQ bugtraq (Jan 16)
[ GLSA 200701-09 ] oftpd: Denial of Service Raphael Marichez (Jan 16)
vulnerability script indexu all versions gamr-14 (Jan 16)
rPSA-2007-0008-1 gd rPath Update Announcements (Jan 16)
[ MDKSA-2007:014 ] - Updated bluez-utils packages fix hidd vulnerability security (Jan 16)
[ GLSA 200701-11 ] Kronolith: Local file inclusion Raphael Marichez (Jan 16)
[ GLSA 200701-12 ] Mono: Information disclosure Raphael Marichez (Jan 16)
SYMSA-2007-001: Oracle Application Server 10g - Directory Traversal research (Jan 16)
ZDI-07-005: Sun Microsystems Java GIF File Parsing Memory Corruption Vulnerability zdi-disclosures (Jan 17)
Windows logoff bug possible security vulnerability and exploit. Rage Coder (Jan 17)
- Re: Windows logoff bug possible security vulnerability and exploit. 3APA3A (Jan 17)
  - Re: Windows logoff bug possible security vulnerability and exploit. Rage Coder (Jan 18)
- <Possible follow-ups>
- Re: Windows logoff bug possible security vulnerability and exploit. Bart .... (Jan 23)
  - Re: Windows logoff bug possible security vulnerability and exploit. Rage Coder (Jan 29)
[SECURITY] [DSA 1250-1] New cacti packages fix arbitrary code execution Moritz Muehlenhoff (Jan 17)
[ISecAuditors Security Advisories] Oracle Reports Web Cartridge (RWCGI60) vulnerable to XSS ISecAuditors Security Advisories (Jan 17)
[x0n3-h4ck] myBloggie 2.1.5 XSS exploit corrado . liotta (Jan 17)
Microsoft Help Workshop .CNT contents files buffer overflow vulnerability porkythepig (Jan 17)
[security bulletin] HPSBUX02181 SSRT061289 rev.1 - HP-UX Running IPFilter, Remote Unauthorized Denial of Service (DoS) security-alert (Jan 18)
[security bulletin] HPSBST02184 SSRT071296 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS07-001 Through MS07-004 security-alert (Jan 18)
Multiple OS kernel insecure handling of stdio file descriptor XFOCUS Security Team (Jan 18)
- Re: Multiple OS kernel insecure handling of stdio file descriptor 3APA3A (Jan 18)
- Re: Multiple OS kernel insecure handling of stdio file descriptor Peter Jeremy (Jan 18)
  - Re: Multiple OS kernel insecure handling of stdio file descriptor Carson Gaspar (Jan 22)
- Re: Multiple OS kernel insecure handling of stdio file descriptor Shiva Persaud (Jan 20)
  - Re: Multiple OS kernel insecure handling of stdio file descriptor eugeny gladkih (Jan 23)
    - Re: [Full-disclosure] Multiple OS kernel insecure handling of stdio file descriptor Troy Bollinger (Jan 22)
FW: [cacti-announce] Cacti 0.8.6j Released Warner Moore (Jan 18)
- Re: FW: [cacti-announce] Cacti 0.8.6j Released Steve Friedl (Jan 18)
CYBSEC - Security Advisory: SAP Internet Graphics Service (IGS) Remote Buffer Overflow CYBSEC Advisories (Jan 18)
[USN-410-1] poppler vulnerability Martin Pitt (Jan 18)
Cisco Security Advisory: SSL/TLS Certificate and SSH Public Key Validation Vulnerability Cisco Systems Product Security Incident Response Team (Jan 18)
[security bulletin] HPSBPI02185 SSRT071290 rev.1 - HP Jetdirect Running ftp, Remote Denial of Service (DoS) security-alert (Jan 18)
Directory Traversal in ArsDigita Community System Elliot Kendall (Jan 18)
[ MDKSA-2007:018 ] - Updated koffice packages fix crafted pdf file vulnerability security (Jan 18)
[ MDKSA-2007:019 ] - Updated pdftohtml packages fix crafted pdf file vulnerability security (Jan 18)
[ MDKSA-2007:020 ] - Updated poppler packages fix crafted pdf file vulnerability security (Jan 18)
[ MDKSA-2007:021 ] - Updated xpdf packages fix crafted pdf file vulnerability security (Jan 18)
[ MDKSA-2007:022 ] - Updated tetex packages fix crafted pdf file vulnerability security (Jan 18)
[x0n3-h4ck] sabros.us 1.7 XSS Exploit corrado . liotta (Jan 18)
[ MDKSA-2007:023 ] - Updated libgtop2 packages fix buffer overflow vulnerability security (Jan 18)
EUSecWest 2007 Papers Dragos Ruiu (Jan 19)
MyShoutBox Multiple Cross-Site Scripting Vulnerability DoZ (Jan 19)
Layered Defense Research Advisory: BitDefender Client 8.02 Format String Vulnerability dh (Jan 19)
TSLSA-2007-0003 - multi Trustix Security Advisor (Jan 19)
DoS against AVM Fritz!Box 7050 (and others) collin (Jan 19)
- Re: DoS against AVM Fritz!Box 7050 (and others) Matthias Wenzel (Jan 23)
Help project files (.HPJ) buffer overflow vulnerability in Microsoft Help Workshop porkythepig (Jan 19)
Virginity Security Advisory 2007-001 : T-Com Speedport 500V Login bypass advisory07 (Jan 19)
- Re: Virginity Security Advisory 2007-001 : T-Com Speedport 500V Login bypass security () yospot de (Jan 22)
- <Possible follow-ups>
- Re: Virginity Security Advisory 2007-001 : T-Com Speedport 500V Login bypass jn (Jan 22)
WzdFTPD < 8.1 Denial of service S21sec Labs (Jan 19)
DIMVA 2007: Final Call for Papers Robin Sommer (Jan 19)
[RISE-2007001] Apple Mac OS X 10.4.x kernel shared_region_map_file_np() memory corruption vulnerability RISE Security (Jan 19)
a-forum xss sn0oPy (Jan 20)
Login Manager Multiple HTML Injections DoZ (Jan 20)
Paypal Subscription Manager Multiple HTML Injections DoZ (Jan 20)
SMF "index.php?action=pm" Cross Site-Scripting Advisory (Jan 20)
- Re: SMF "index.php?action=pm" Cross Site-Scripting Lise Moorveld (Jan 26)
- <Possible follow-ups>
- Re: SMF "index.php?action=pm" Cross Site-Scripting lfx4sodas (Jan 22)
- Re: Re: SMF "index.php?action=pm" Cross Site-Scripting alexbove (Jan 22)
- Re: Re: Re: SMF "index.php?action=pm" Cross Site-Scripting Outlaw (Jan 23)
- Re: Re: Re: Re: SMF "index.php?action=pm" Cross Site-Scripting sirdarckcat (Jan 26)
Digital Armaments Security Advisory 20.01.2007: Grsecurity Kernel PaX Vulnerability info (Jan 20)
- <Possible follow-ups>
- Re: Digital Armaments Security Advisory 20.01.2007: Grsecurity Kernel PaX Vulnerability nospam (Jan 23)
XSS in 212cafeBoard ( Verision 0.08 & 6.30 Beta ) xx_hack_xx_2004 (Jan 22)
Sun Microsystems Java GIF File Parsing Memory Corruption Vulnerability Prove Of Concept Exploit luoluonet (Jan 22)
Wiki-how path disclosure iamtheevil1 (Jan 22)
FishCart [injection sql] saps . audit (Jan 22)
- Re: FishCart [injection sql] Michael Brennen (Jan 22)
FreeForum 0.9.0 <=- (index.php fpath) Remote File Include Vulnerability me you (Jan 22)
- Re: FreeForum 0.9.0 <=- (index.php fpath) Remote File Include Vulnerability Stefano Zanero (Jan 24)
[SECURITY] [DSA 1251-1] New netrik packages fix arbitary shell command execution Steve Kemp (Jan 22)
XMB "U2U Instant Messenger" Cross-Site Scripting Advisory (Jan 22)
XSS in Guestbook ( v.4.00 beta ) xx_hack_xx_2004 (Jan 22)
SQL Injection in Unique Ads ( UDS ) xx_hack_xx_2004 (Jan 22)
cmsimple 2.7 Remote File Include mr alkomandoz (Jan 22)
Microsoft Visual C++ (.RC) resource files buffer overflow vulnerability porkythepig (Jan 22)
phpAdsNew 2.0.7 Remote File Include mr alkomandoz (Jan 22)
- <Possible follow-ups>
- Re: phpAdsNew 2.0.7 Remote File Include l . d . 0 (Jan 23)
- Re: phpAdsNew 2.0.7 Remote File Include matteo (Jan 24)
PHP Link Directory XSS Vulnerability version <= 3.0.6 jussi . vuokko (Jan 22)
Full Path Disclosure in Open-Realty ( v2.3.4 ) xx_hack_xx_2004 (Jan 22)
Fantastic News <=- (news.php) Remote File Include Vulnerability me you (Jan 22)
- Re: Fantastic News <=- (news.php) Remote File Include Vulnerability <- bogus... again Mailinglists Address (Jan 23)
Check Point Connectra End Point security bypass Roni Bachar (Jan 22)
- Re: [Full-disclosure] Check Point Connectra End Point security bypass Felix Lindner (Jan 22)
[x0n3-h4ck] bitweaver 1.3.1 XSS Exploit corrado . liotta (Jan 22)
UploadScript <=- v1.02 (password.txt) Remote Password Disclosure Vulnerability me you (Jan 22)
Uploader <= (userdata/user_1.txt) Password Disclosure Vulnerability me you (Jan 22)
[ GLSA 200701-13 ] Fetchmail: Denial of Service and password disclosure Matthias Geerdsen (Jan 22)
SQL Injection by using Cookie Poisoning for Website Baker Version 2.6.5 and before Rolf Huisman (Jan 22)
[ GLSA 200701-14 ] Mod_auth_kerb: Denial of Service Raphael Marichez (Jan 22)
[ GLSA 200701-15 ] Sun JDK/JRE: Multiple vulnerabilities Raphael Marichez (Jan 22)
[ GLSA 200701-16 ] Adobe Acrobat Reader: Multiple vulnerabilities Raphael Marichez (Jan 23)
rPSA-2007-0011-1 wget rPath Update Announcements (Jan 23)
- Re: [Full-disclosure] rPSA-2007-0011-1 wget Ron DuFresne (Jan 25)
Safari Improperly Parses HTML Documents & BlogSpot XSS vulnerability Jose Avila III (Jan 23)
- Re: Safari Improperly Parses HTML Documents & BlogSpot XSS vulnerability Robert Tasarz (Jan 24)
[ MDKSA-2007:024 ] - Updated kdegraphics packages fix crafted pdf file vulnerability security (Jan 23)
AToZed Software Intraweb Component for Borland Delphi and Kylix DoS vulnerability C0r3 1mp4ct (Jan 23)
- Re: AToZed Software Intraweb Component for Borland Delphi and Kylix DoS vulnerability C0r3 1mp4ct (Jan 25)
- <Possible follow-ups>
- Re: AToZed Software Intraweb Component for Borland Delphi and Kylix DoS vulnerability mail (Jan 24)
- Re: AToZed Software Intraweb Component for Borland Delphi and Kylix DoS vulnerability bounce (Jan 25)
Bluetooth DoS by obex push hornung (Jan 23)
- <Possible follow-ups>
- Bluetooth DoS by obex push Armin Hornung (Jan 23)
rPSA-2007-0012-1 ed rPath Update Announcements (Jan 23)
xss filter to protect from xss attacks Anurag Agarwal (Jan 23)
Re: Bluetooth DoS by obex push [readable] hornung (Jan 23)
Adobe ColdFusion Information Disclosure zck zck (Jan 23)
[ GLSA 200701-17 ] libgtop: Privilege escalation Matthias Geerdsen (Jan 23)
rPSA-2007-0015-1 libsoup rPath Update Announcements (Jan 23)
[ECHO_ADV_62$2007] Upload Service 1.0 remote file inclusion y3dips (Jan 23)
rPSA-2007-0014-1 libgtop rPath Update Announcements (Jan 23)
[ MDKSA-2007:025 ] - Updated kernel packages fix multiple vulnerabilities and bugs security (Jan 23)
Re: Multiple SQL injections and XSS in FishCart 3.1 michael (Jan 23)
SUSE Security Announcement: squid (SUSE-SA:2007:012) Thomas Biege (Jan 23)
RANDOM PHP QUOTE 1.0 (pwd.txt) Remote Password Disclosur the . tiger100 (Jan 23)
[ GLSA 200701-18 ] xine-ui: Format string vulnerabilities Raphael Marichez (Jan 23)
[ MDKSA-2006:217-2 ] - Updated proftpd packages fix vulnerabilities security (Jan 23)
[ GLSA 200701-19 ] OpenLDAP: Insecure usage of /tmp during installation Raphael Marichez (Jan 23)
subscribe (pwd.txt) Remote Password Disclosur the . tiger100 (Jan 23)
rPSA-2007-0013-1 poppler tetex tetex-afm tetex-dvips tetex-fonts tetex-latex tetex-xdvi rPath Update Announcements (Jan 23)
[USN-411-1] libsoup vulnerability Kees Cook (Jan 23)
PR06-14: IP Phones based on Centrality Communications/Aredfox PA168 chipset weak session management vulnerability ProCheckUp Research (Jan 23)
Advanced Guestbook <=- 2.4.2 (include_path) Remote File Include Vulnerability me you (Jan 23)
- Re: Advanced Guestbook <=- 2.4.2 (include_path) Remote File Include Vulnerability Stefano Zanero (Jan 24)
SUSE Security Announcement: xine (SUSE-SA:2007:013) Thomas Biege (Jan 23)
[ MDKSA-2007:026 ] - Updated squid packages fix vulnerabilities security (Jan 24)
[ GLSA 200701-20 ] Centericq: Remote buffer overflow in LiveJournal handling Raphael Marichez (Jan 24)
[USN-412-1] GeoIP vulnerability Kees Cook (Jan 24)
[USN-413-1] BlueZ vulnerability Kees Cook (Jan 24)
[Aria-Security Team] MyBB Cross-Site Scripting Advisory (Jan 24)
Toxiclab Shoutbox Password Disclosure Vulnerability beks (Jan 24)
Secunia Research: NCTsoft Products NCTAudioFile2 ActiveX Control Buffer Overflow Secunia Research (Jan 24)
- Re: Secunia Research: NCTsoft Products NCTAudioFile2 ActiveX Control Buffer Overflow Secunia Research (Jan 24)
Secunia Research: Sienzo Digital Music Mentor NCTAudioFile2 ActiveX Control Buffer Overflow Secunia Research (Jan 24)
[CAID 34993]: CA BrightStor ARCserve Backup for Laptops and Desktops Multiple Overflow Vulnerabilities Williams, James K (Jan 24)
ZixForum <= 1.14 (Zixforum.mdb) Remote Password Disclosure Vulnerability me you (Jan 24)
- <Possible follow-ups>
- Re: ZixForum <= 1.14 (Zixforum.mdb) Remote Password Disclosure Vulnerability anonym (Jan 25)
Maxtricity Tagger Password Disclosure Vulnerability beks (Jan 24)
Cisco Security Advisory: Crafted TCP Packet Can Cause Denial of Service Cisco Systems Product Security Incident Response Team (Jan 24)
Cisco Security Advisory: IPv6 Routing Header Vulnerability Cisco Systems Product Security Incident Response Team (Jan 24)
Cisco Security Advisory: Crafted IP Option Vulnerability Cisco Systems Product Security Incident Response Team (Jan 24)
[OPENADS-SA-2007-001] phpAdsNew and phpPgAds 2.0.9-pr1 vulnerability fixed Matteo Beccati (Jan 24)
Weaknesses in Pingback Design bmatheny (Jan 24)
[ GLSA 200701-21 ] MIT Kerberos 5: Arbitrary Remote Code Execution Matthias Geerdsen (Jan 24)
DoS against Telligent Community Server bmatheny (Jan 24)
[security bulletin] HPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access security-alert (Jan 24)
ZDI-07-006: Citrix Metaframe Presentation Server Print Provider Buffer Overflow Vulnerability zdi-disclosures (Jan 24)
Multiple Remote Vulnerabilities in Wordpress bmatheny (Jan 24)
Oracle Buffer Overflow in DBMS_REPCAT_UNTRUSTED.UNREGISTER_SNAPSHOT Team SHATTER (Jan 24)
Oracle Buffer Overflow in DBMS_LOGMNR.ADD_LOGFILE Team SHATTER (Jan 24)
Oracle Buffer Overflow in DBMS_LOGREP_UTIL.GET_OBJECT_NAME Team SHATTER (Jan 25)
- <Possible follow-ups>
- Re: Oracle Buffer Overflow in DBMS_LOGREP_UTIL.GET_OBJECT_NAME Steven M. Christey (Jan 25)
Oracle Buffer Overflow in DBMS_DRS.GET_PROPERTY Team SHATTER (Jan 25)
Oracle Multiple Buffer Overflows and DoS attacks in public procedures of MDSYS.MD Team SHATTER (Jan 25)
[CAID 34818]: CA Personal Firewall Multiple Privilege Escalation Vulnerabilities Williams, James K (Jan 25)
Oracle Buffer Overflows in DBMS_CAPTURE_ADM_INTERNAL Team SHATTER (Jan 25)
- <Possible follow-ups>
- Re: Oracle Buffer Overflows in DBMS_CAPTURE_ADM_INTERNAL Steven M. Christey (Jan 25)
- Re: Re: Oracle Buffer Overflows in DBMS_CAPTURE_ADM_INTERNAL shatter (Jan 29)
[USN-414-1] Squid vulnerabilities Kees Cook (Jan 25)
Remove all admin->root authorization prompts from OSX K F (lists) (Jan 25)
- RE: Remove all admin->root authorization prompts from OSX Marvin Simkin (Jan 25)
  - Re: Remove all admin->root authorization prompts from OSX Baptiste Malguy (Jan 26)
  - Re: Remove all admin->root authorization prompts from OSX Ben Bucksch (Jan 26)
  - Re: Remove all admin->root authorization prompts from OSX John Smith (Jan 26)
- Re: Remove all admin->root authorization prompts from OSX A. Shaw (Jan 25)
rPSA-2007-0019-1 gtk rPath Update Announcements (Jan 25)
ASP NEWS <= V3 (news_detail.asp) Remote SQL Injection Vulnerability ajannhwt (Jan 25)
Xero Portal v1.2 (phpbb_root_path) Remote File Include Vulnerablity xorontr (Jan 25)
uniForum <= v4 (wbsearch.aspx) Remote SQL Injection Vulnerability ajannhwt (Jan 25)
EzDatabase Multiple Cross-Site Scripting Vulnerability DoZ (Jan 25)
ASP EDGE <= V1.2b (user.asp) Remote SQL Injection Vulnerability ajannhwt (Jan 25)
makit news/blog poster <=v3(news_page.asp) Remote SQL Injection Vulnerability ajannhwt (Jan 25)
BIND remote exploit (low severity) [Fwd: Internet Systems Consortium Security Advisory.] Lebbeous Weekley (Jan 25)
Aztek Forum 4.1 Multiple Vulnerabilities Exploit gmdarkfig (Jan 25)
- <Possible follow-ups>
- Re: Aztek Forum 4.1 Multiple Vulnerabilities Exploit gmdarkfig (Jan 25)
phpCOIN <= RC-1 (modules/mail/index.php) Remote File Include Vulnerability me you (Jan 25)
- Re: phpCOIN <= RC-1 (modules/mail/index.php) Remote File Include Vulnerability str0ke (Jan 25)
[x0n3-h4ck] Siteman 2.0.x2 Remote Md5 Hash Disclosure Vulnerability corrado . liotta (Jan 25)
[x0n3-h4ck] Siteman 1.1.11 Remote Md5 Hash Disclosure Vulnerability corrado . liotta (Jan 25)
GPS 1.2 Content Managing System (print.asp) Remote SQL Injection Vulnerability ajannhwt (Jan 25)
[NETRAGARD-20061218 SECURITY ADVISORY] [ () Mail WebMail Cross Site Request Forgery] Netragard Security Advisories (Jan 25)
[ GLSA 200701-22 ] Squid: Multiple Denial of Service vulnerabilities Matthias Geerdsen (Jan 25)
The certification password of Internet Explorer 7 and operation of auto complete support (Jan 25)
Buffer overflow in VSAPI library of Trend Micro VirusWall 3.81 for Linux Sebastian Wolfgarten (Jan 25)
high5 Review script Security Risk anon (Jan 25)
Vulnerability disclosure comments Shawna McAlearney (Jan 25)
Omniture SiteCatalyst Multiple Cross-Site Scripting Vulnerabilities DoZ (Jan 25)
RubyGems 0.9.0 and earlier installation exploit Eric Hodel (Jan 25)
Medium Risk Vulnerability in PGP Desktop NGSSoftware Insight Security Research (Jan 25)
[USN-410-2] teTeX vulnerability Kees Cook (Jan 26)
[ GLSA 200701-24 ] VLC media player: Format string vulnerability Matthias Geerdsen (Jan 26)
[OPENADS-SA-2007-002] Max Media Manager v0.1.29 and v0.3.30 vulnerability fixed Matteo Beccati (Jan 26)
- Re: [OPENADS-SA-2007-002] Max Media Manager v0.1.29 and v0.3.30 vulnerability fixed Matteo Beccati (Jan 27)
Movable Type <= 3.33 XSS Exploit teracci2002 (Jan 26)
[ MDKSA-2007:027 ] - Updated xine-ui packages fix vulnerabilities security (Jan 26)
[ GLSA 200701-23 ] Cacti: Command execution and SQL injection Matthias Geerdsen (Jan 26)
Cross-site Scripting with Local Privilege Vulnerability in Yahoo Messenger hainamluke (Jan 26)
- RE: Cross-site Scripting with Local Privilege Vulnerability in Yahoo Messenger Ahmed Sheipani (Jan 27)
  - Re: Cross-site Scripting with Local Privilege Vulnerability in Yahoo Messenger 3B.Security Researcher (Jan 29)
- <Possible follow-ups>
- Re: Cross-site Scripting with Local Privilege Vulnerability in Yahoo Messenger Outlaw (Jan 27)
PHP Membership Manager Cross-Site Scripting Vulnerability DoZ (Jan 26)
FdScript <= v1.3.2 Remote File Disclosure Vulnerability ajannhwt (Jan 26)
S21sec-034-en: Cisco VTP DoS vulnerability S21sec Labs (Jan 26)
- Re: [Full-disclosure] S21sec-034-en: Cisco VTP DoS vulnerability Clay Seaman-Kossmeyer (Jan 30)
iDefense Security Advisory 01.26.07: Multiple Vendor libchm Page Block Length Memory Corruption Vulnerability iDefense Labs (Jan 26)
rPSA-2007-0021-1 bind bind-utils rPath Update Announcements (Jan 26)
rPSA-2007-0020-1 rmake rPath Update Announcements (Jan 26)
Dexia website security alert Jos Kirps (Jan 26)
- Re: Dexia website security alert Thierry Zoller (Jan 29)
WS_FTP 2007 Professional SCP handling format string vulnerability Michal Bucko (Jan 27)
[ MDKSA-2007:029 ] - Updated libsoup packages fix DoS vulnerability security (Jan 27)
stompy the session stomper - tool availability Michal Zalewski (Jan 27)
- Re: stompy the session stomper - tool availability Rogan Dawes (Jan 29)
  - Re: stompy the session stomper - tool availability Michal Zalewski (Jan 29)
- Re: stompy the session stomper - tool availability Michal Zalewski (Jan 31)
Full Disclosure: Arbitrary Code Execution in LedgerSMB CVE-2006-5872 Chris Travers (Jan 27)
[USN-398-4] Firefox regression Kees Cook (Jan 27)
Open Conference Systems = 2.8.2 Remote File Inclusion trzindan (Jan 27)
- Re: Open Conference Systems = 2.8.2 Remote File Inclusion Michał Melewski (Jan 29)
- Fake: Open Conference Systems = 2.8.2 Remote File Inclusion bzhbfzj3001 (Jan 29)
  - Re: Fake: Open Conference Systems = 2.8.2 Remote File Inclusion Michał Melewski (Jan 29)
    - Re: Fake: Open Conference Systems = 2.8.2 Remote File Inclusion Michał Melewski (Jan 29)
    - Re: Fake: Open Conference Systems = 2.8.2 Remote File Inclusion bzhbfzj3001 (Jan 30)
- Re: Open Conference Systems = 2.8.2 Remote File Inclusion Stefano Zanero (Jan 29)
[ MDKSA-2007:028 ] - Updated ulogd packaged to address buffer overflow vulnerability security (Jan 27)
AdMentor (banners) admin SQL injection sn0oPy . team (Jan 27)
- <Possible follow-ups>
- AdMentor (banners) admin SQL injection sn0oPy . team (Jan 29)
local Calendar System v1.1 (lcStdLib.inc) Remote File Include trzindan (Jan 27)
- Re: local Calendar System v1.1 (lcStdLib.inc) Remote File Include Stefano Zanero (Jan 29)
  - Re: local Calendar System v1.1 (lcStdLib.inc) Remote File Include Gadi Evron (Jan 29)
    - Re: local Calendar System v1.1 (lcStdLib.inc) Remote File Include Stefano Zanero (Jan 29)
    - Re: local Calendar System v1.1 (lcStdLib.inc) Remote File Include Simple Nomad (Jan 29)
    - Re: local Calendar System v1.1 (lcStdLib.inc) Remote File Include Gadi Evron (Jan 31)
[SECURITY] [DSA 1252-1] New vlc packages fix arbitrary code execution Martin Schulze (Jan 27)
[SECURITY] [DSA 1253-1] New Mozilla Firefox packages fix several vulnerabilities Martin Schulze (Jan 27)
[OpenPKG-SA-2007.007] OpenPKG Security Advisory (bind) OpenPKG GmbH (Jan 29)
[SECURITY] [DSA 1254-1] New bind9 packages fix denial of service Moritz Muehlenhoff (Jan 29)
MDPro 1.0.76 - Multiple Remote Vulnerabilities adexior (Jan 29)
Internet Explorer 7 ActiveX bgColor property NULL pointer dereference (DoS) Alexander Sotirov (Jan 29)
[OpenPKG-SA-2007.008] OpenPKG Security Advisory (cvstrac) OpenPKG GmbH (Jan 29)
Xt-Stats v.2.4.0.b3 - Remote File Include Vulnerabilities h4cked . eg (Jan 29)
CVSTrac 2.0.0 Denial of Service (DoS) vulnerability Ralf S. Engelschall (Jan 29)
Defeating CAPTCHAs via Averaging noreply9871234 (Jan 29)
- Re: Defeating CAPTCHAs via Averaging Alexander Klimov (Jan 30)
  - Re: Defeating CAPTCHAs via Averaging Fred Leeflang (Jan 31)
    - Re: Defeating CAPTCHAs via Averaging Lou Katz (Jan 31)
Phorum HTML Injection Vulnerability DoZ (Jan 29)
- <Possible follow-ups>
- Re: Phorum HTML Injection Vulnerability brian (Jan 29)
gnopaste <= 0.5.3 (index.php) Remote File Include Vulnerability trzindan (Jan 29)
- Re: gnopaste <= 0.5.3 (index.php) Remote File Include Vulnerability Francesco Laurita (Jan 30)
Arbitrary Code Execution in SQL-Ledger and LedgerSMB through redirects Chris Travers (Jan 29)
[ GLSA 200701-25 ] X.Org X server: Multiple vulnerabilities Matthias Geerdsen (Jan 29)
VII National Computer and Information Security Conference ACIS 2007 - COLOMBIA Jeimy Cano (Jan 29)
RBL - ASP (scripts with db) SQL injection sn0oPy . team (Jan 29)
Oracle - Indirect Privilege Escalation and Defeating Virtual Private Databases David Litchfield (Jan 29)
[DRUPAL-SA-2007-005] Drupal 4.7.6 / 5.1 fixes arbitrary code execution issue Uwe Hermann (Jan 30)
rPSA-2007-0020-2 rmake rPath Update Announcements (Jan 30)
COSEINC Alert: Microsoft Agent Heap Overflow Vulnerability Technical Details (Patched) Coseinc (Jan 30)
RBL - ASP (scripts with db) SQL injection sn0oPy . team (Jan 30)
PhP Generic library & framework (include_path) Remote File Include Exploit umutc4n (Jan 30)
EncapsCMS 0.3.6 (common_foot.php) Remote File Include trzindan (Jan 30)
Atsphp 5.0.1 [Top Sites] [index.php] - Remote File Include trzindan (Jan 30)
- Re: BOGUS: Atsphp 5.0.1 [Top Sites] [index.php] - Remote File Include Mailinglists Address (Jan 30)
- Re: Atsphp 5.0.1 [Top Sites] [index.php] - Remote File Include Casey Marshall (Jan 31)
[ MDKSA-2007:030 ] - Updated bind packages fix DoS vulnerabilities security (Jan 30)
Remote Unauthenticated Code Execution CA BrightStor ARCserve Backup NGS Software Insight Security Research (Jan 31)
Remote Unauthenticated Code Execution II CA BrightStor ARCserve Backup for Laptops & Desktops NGS Software Insight Security Research (Jan 31)
OWASP JBroFuzz 0.4 Fuzzer Released! subere (Jan 31)
Remote DOS BrightStor ARCserve Backup for Laptops & Desktops NGS Software Insight Security Research (Jan 31)
Remote Unauthenticated Resource Exhaustion CA Mobile BackupService NGS Software Insight Security Research (Jan 31)
Oracle 10g R2 Enterprise Manager Directory Traversal NGS Software Insight Security Research (Jan 31)
2007 Security OPUS CFP: Closed (Agenda included) Sharkey (Jan 31)
Cisco Security Advisory: SIP Packet Reloads IOS Devices Not Configured for SIP Cisco Systems Product Security Incident Response Team (Jan 31)
[ECHO_ADV_63$2007] Cadre remote file inclusion y3dips (Jan 31)
[SECURITY] [DSA 1255-1] New libgtop2 packages fix arbitrary code execution Moritz Muehlenhoff (Jan 31)
Windows Vista and unexported kernel symbols (Part II, 32bits version) Matthieu Suiche (Jan 31)
[ GLSA 200701-27 ] ELinks: Arbitrary Samba command execution Raphael Marichez (Jan 31)
[ GLSA 200701-28 ] thttpd: Unauthenticated remote file access Raphael Marichez (Jan 31)
BBED - Oracle Block Browser and Editor pete (Jan 31)
[ GLSA 200701-26 ] KSirc: Denial of Service vulnerability Raphael Marichez (Jan 31)
[SECURITY] [DSA 1256-1] New gtk+2.0 packages fix denial of service Moritz Muehlenhoff (Jan 31)
Technika - Attack Scripting Environment pdp (architect) (Jan 31)

Previous period

Next period