Bugtraq: by thread

Spooky Login Multiple HTML Injection Vulnerability DoZ_at_HackersCenter.com (Dec 29 2006)
WinZip10.0 FileView ActiveX Controls CreateNewFolderFromName Method Buffer overflow 76693223_at_163.com (Dec 30 2006)
Re: PocketPC MMS - Remote Code Injection/Execution Vulnerability and Denial-of-Service Collin R. Mulliner (Dec 31 2006)
Rediff Bol Downloader Allows Downloading and Spawning Arbitary Files gregory_panakkal (Dec 30 2006)
WinZip FileView ActiveX controls CreateNewFolderFromName Method Buffer Overflow Vulnerability 76693223_at_163.com (Dec 30 2006)
PHPIrc_bot <= Remote File Include zooz_998_at_hotmail.com (Dec 31 2006)
vBulletin vCard PRO XSS exexp_at_hotmail.com (Jan 01 2007)
Re: PlatinumFTP 1.0.18 remote DoS info_at_platinumftp.com (Jan 01 2007)
[NGSEC] ngGame #3 - BrainStorming labs_at_NGSEC (Dec 31 2006)
BattleBlog Database Download Vulnerability Advisory_at_Aria-Security.net (Dec 31 2006)
Kerio Fake 'iphlpapi' DLL injection Vulnerability Matousec - Transparent security Research (Jan 01 2007)
golden book XSS sn0oPy.team_at_gmail.com (Dec 31 2006)
rblog Database Download Vulnerability Advisory_at_Aria-Security.net (Dec 31 2006)
ATMEL Linux PCI PCMCIA USB Drivers arbitrary code execution sapheal_at_hack.pl (Dec 31 2006)
AShop Shopping Cart Multiple XSS Vulnerabilities DoZ_at_HackersCenter.com (Dec 31 2006)
[OpenPKG-SA-2007.001] OpenPKG Security Advisory (cacti) OpenPKG GmbH (Jan 01 2007)
Mozilla Firefox 2.0 denial of service vulnerability sapheal_at_hack.pl (Jan 01 2007)
- Re: Mozilla Firefox 2.0 denial of service vulnerability Jeroen Massar (Jan 01 2007)
  - Re: Re: Mozilla Firefox 2.0 denial of service vulnerability sapheal_at_hack.pl (Jan 01 2007)
Re: XSS with Vbulletin (new idea !) marco.van.herwaarden_at_vbulletin.com (Jan 01 2007)
Dailymotion password reset vulnerability daftrix_at_gmail.com (Jan 01 2007)
Welcome to Pwndertino... K F (lists) (Jan 01 2007)
Re: [Full-disclosure] simplog 0.9.3.2 SQL injection str0ke (Jan 01 2007)
- Re: [Full-disclosure] simplog 0.9.3.2 SQL injection Javor Ninov (Jan 02 2007)
FreeRadius 1.1.3 SMB_Handle_Type SMB_Connect_Server arbitrary code execution sapheal_at_hack.pl (Jan 02 2007)
- Re: FreeRadius 1.1.3 SMB_Handle_Type SMB_Connect_Server arbitrary code execution 3APA3A (Jan 03 2007)
lblog Remote Password Disclosure Advisory_at_aria-security.net (Jan 01 2007)
Openforum Remote password Disclosure Advisory_at_aria-security.net (Jan 01 2007)
AspBB Remote Password Disclosure Advisory_at_aria-security.net (Jan 01 2007)
Windows Vista 64bits and unexported kernel symbols Matthieu Suiche (Jan 02 2007)
- Re: Windows Vista 64bits and unexported kernel symbols Rik van Riel (Jan 02 2007)
[ MDKSA-2007:001 ] - Update libmodplug packages fix buffer overflow vulnerabilities security_at_mandriva.com (Jan 02 2007)
Nuked Klan <= 1.7 Remote Cookie Disclosure Exploit kadaj-diabolik_at_hotmail.fr (Jan 02 2007)
rPSA-2006-0234-2 firefox thunderbird rPath Update Announcements (Jan 02 2007)
Windows NT Message Compiler 1.00.5239 arbitrary code execution sapheal_at_hack.pl (Jan 02 2007)
- Re: Windows NT Message Compiler 1.00.5239 arbitrary code execution 3APA3A (Jan 03 2007)
  - Re: Windows NT Message Compiler 1.00.5239 arbitrary code execution chinese soup (Jan 03 2007)
[ MDKSA-2007:002 ] - Updated kernel packages fix multiple vulnerabilities and bugs security_at_mandriva.com (Jan 02 2007)
Re: SoftArtisans FileUp(TM) viewsrc.asp remote script source disclosure exploit wihl_at_softartisans.com (Jan 02 2007)
Whos Johny Pwnerseed? K F (Jan 02 2007)
GuestBook v0.3a Remote Password Disclosure Advisory_at_aria-security.net (Jan 03 2007)
Universal XSS with PDF files: highly dangerous pdp (architect) (Jan 02 2007)
- Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Amit Klein (Jan 02 2007)
  - Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Amit Klein (Jan 03 2007)
    - Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous pdp (architect) (Jan 03 2007)
      - Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Amit Klein (Jan 03 2007)
      - Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous pdp (architect) (Jan 03 2007)
      - Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous bugtraq_at_cgisecurity.net (Jan 03 2007)
      - RE: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Martin O'Neal (Jan 04 2007)
  - Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous pdp (architect) (Jan 03 2007)
  - Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous RSnake (Jan 03 2007)
    - Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Dave Ferguson (Jan 03 2007)
  - Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous pdp (architect) (Jan 04 2007)
  - Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Rude Yak (Jan 04 2007)
  - Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Amit Klein (Jan 04 2007)
  - Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous pdp (architect) (Jan 04 2007)
  - Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Amit Klein (Jan 04 2007)
    - Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous RSnake (Jan 05 2007)
      - Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Amit Klein (Jan 05 2007)
      - Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous RSnake (Jan 08 2007)
      - Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Amit Klein (Jan 08 2007)
      - Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Brian Eaton (Jan 08 2007)
      - RE: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Marvin Simkin (Jan 09 2007)
      - Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Ralph Angenendt (Jan 10 2007)
      - Re: Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous rudeyak_at_yahoo.com (Jan 04 2007)
      - Re: Re: Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous rudeyak_at_yahoo.com (Jan 08 2007)
    - RE: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Guy Podjarny (Jan 04 2007)
      - Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Amit Klein (Jan 04 2007)
    - RE: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Tom Spector (Jan 09 2007)
- Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous sven.vetsch_at_disenchant.ch (Jan 03 2007)
  - Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous pdp (architect) (Jan 03 2007)
  - Re: Universal XSS with PDF files: highly dangerous ascii (Jan 03 2007)
    - Re: Universal XSS with PDF files: highly dangerous Thierry Zoller (Jan 04 2007)
- Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Jean-Jacques Halans (Jan 03 2007)
  - RE: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Larry Seltzer (Jan 03 2007)
    - RE: [WEB SECURITY] Universal XSS with PDF files: highly dangerous RSnake (Jan 04 2007)
    - RE: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Martin O'Neal (Jan 04 2007)
    - RE: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Martin O'Neal (Jan 04 2007)
    - RE: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Tom Stripling (Jan 08 2007)
  - Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Jim Manico (Jan 03 2007)
    - Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous RSnake (Jan 03 2007)
- Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous HASEGAWA Yosuke (Jan 04 2007)
- Re: Universal XSS with PDF files: highly dangerous Jeff Williams (Jan 04 2007)
- Re: Universal XSS with PDF files: highly dangerous The Anarcat (Jan 08 2007)
openmedia local read file exe_crack_at_hotmail.com (Jan 02 2007)
[USN-399-1] w3m vulnerabilities Kees Cook (Jan 02 2007)
Hacking AJAX DWR Applications shulman_at_imperva.com (Jan 03 2007)
Adobe Acrobat Reader Plugin - Multiple Vulnerabilities Stefano Di Paola (Jan 03 2007)
WineGlass "data.mdb" Remote Password Disclosure Advisory_at_aria-security.net (Jan 03 2007)
OpenPinboard <= Remote File Include zooz_998_at_hotmail.com (Jan 02 2007)
- Re: OpenPinboard <= Remote File Include Stefano Zanero (Jan 03 2007)
- Re: OpenPinboard <= Remote File Include jgraef_at_users.sf.net (Jan 06 2007)
- Re: OpenPinboard <= Remote File Include Steven M. Christey (Jan 08 2007)
Black Hat New Years Updates (Free Stuff, too!) Jeff Moss (Jan 02 2007)
[USN-398-1] Firefox vulnerabilities Kees Cook (Jan 02 2007)
- Re: [USN-398-1] Firefox vulnerabilities Scott (Jan 02 2007)
WineGlass "data.mdb" Remote Password Disclosure Advisory_at_aria-security.net (Jan 03 2007)
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Clean Access Cisco Systems Product Security Incident Response Team (Jan 03 2007)
Simple Web Content Management System SQL Injection Exploit gmdarkfig_at_gmail.com (Jan 03 2007)
[USN-398-2] Firefox vulnerabilities Kees Cook (Jan 03 2007)
jgbbs dr.t3rr0r1st_at_yahoo.com (Jan 03 2007)
a cheesy Apache / IIS DoS vuln (+a question) Michal Zalewski (Jan 03 2007)
- Re: a cheesy Apache / IIS DoS vuln (+a question) William A. Rowe, Jr. (Jan 03 2007)
  - Re: a cheesy Apache / IIS DoS vuln (+a question) Michal Zalewski (Jan 04 2007)
    - Re: a cheesy Apache / IIS DoS vuln (+a question) William A. Rowe, Jr. (Jan 04 2007)
      - Re: a cheesy Apache / IIS DoS vuln (+a question) Michal Zalewski (Jan 04 2007)
      - Re: a cheesy Apache / IIS DoS vuln (+a question) Michal Zalewski (Jan 04 2007)
  - Re: a cheesy Apache / IIS DoS vuln (+a question) Gadi Evron (Jan 04 2007)
- Re: a cheesy Apache / IIS DoS vuln (+a question) Pieter de Boer (Jan 04 2007)
  - Re: a cheesy Apache / IIS DoS vuln (+a question) Rob Sherwood (Jan 04 2007)
- Re: a cheesy Apache / IIS DoS vuln (+a question) Siim P�der (Jan 04 2007)
- Re: a cheesy Apache / IIS DoS vuln (+a question) bugtraq (Jan 05 2007)
  - Re: a cheesy Apache / IIS DoS vuln (+a question) William A. Rowe, Jr. (Jan 08 2007)
    - Re: a cheesy Apache / IIS DoS vuln (+a question) bugtraq (Jan 10 2007)
CFP for RAID 2007 Jeffrey Horton (Jan 03 2007)
Re: [Full-disclosure] Universal XSS with PDF files: highly dangerous Juha-Matti Laurio (Jan 04 2007)
- RE: [Full-disclosure] Universal XSS with PDF files: highly dangerous Larry Seltzer (Jan 04 2007)
  - Re: RE: [Full-disclosure] Universal XSS with PDF files: highly dangerous Juha-Matti Laurio (Jan 04 2007)
  - Re: [WEB SECURITY] RE: [Full-disclosure] Universal XSS with PDF files: highly dangerous RSnake (Jan 04 2007)
- Re: [Full-disclosure] Universal XSS with PDF files: highly dangerous pdp (architect) (Jan 04 2007)
Re: OpenSER OSP Module remote code execution bogdan_at_voice-system.ro (Jan 04 2007)
Re: SMS handling OpenSER remote code executing bogdan_at_voice-system.ro (Jan 04 2007)
23C3 - Bluetooth hacking revisted [Summary and Code] Thierry Zoller (Jan 04 2007)
MkPortal "All Guests are Admin" Exploit info_at_burnhead.it (Jan 03 2007)
LS-20061102 - Business Objects Crystal Reports XI Professional Stack Overflow Vulnerability advisories_at_lssec.com (Jan 04 2007)
[vuln.sg] PowerArchiver PAISO.DLL Buffer Overflow Vulnerability vulnpost-remove_at_vuln.sg (Jan 04 2007)
Universal PDF XSS After Party pdp (architect) (Jan 04 2007)
- RE: Universal PDF XSS After Party(posible solution) Noe Espinoza M. (Jan 04 2007)
  - Re: [Full-disclosure] Universal PDF XSS After Party(posible solution) Darren Bounds (Jan 04 2007)
  - Re: [WEB SECURITY] RE: Universal PDF XSS After Party(posible solution) RSnake (Jan 04 2007)
SAP Security Contact Mark Litchfield (Jan 04 2007)
- Re: SAP Security Contact Fritz.Bauspiess_at_sap.com (Jan 05 2007)
- Re: SAP Security Contact Thor (Hammer of God) (Jan 05 2007)
  - Re: SAP Security Contact Ansgar -59cobalt- Wiechers (Jan 06 2007)
  - Re: SAP Security Contact Nicob (Jan 06 2007)
    - Re: SAP Security Contact Stan Bubrouski (Jan 08 2007)
    - Re: SAP Security Contact Nick Boyce (Jan 09 2007)
      - Re: SAP Security Contact Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] (Jan 10 2007)
- Re: SAP Security Contact Thor (Hammer of God) (Jan 09 2007)
[ GLSA 200701-01 ] DenyHosts: Denial of Service Raphael Marichez (Jan 03 2007)
Wordpress <= 2.x dictionnary & Bruteforce attack kadaj-diabolik_at_hotmail.fr (Jan 03 2007)
[ GLSA 200701-02 ] Mozilla Firefox: Multiple vulnerabilities Raphael Marichez (Jan 04 2007)
Correction (High Risk Vulnerability in the OpenOffice and StarOffice Suites) NGSSoftware Insight Security Research (Jan 04 2007)
[ GLSA 200701-03 ] Mozilla Thunderbird: Multiple vulnerabilities Raphael Marichez (Jan 04 2007)
High Risk Vulnerability in the OpenOffice and StarOffice Suites NGSSoftware Insight Security Research (Jan 04 2007)
- Re: [VulnWatch] High Risk Vulnerability in the OpenOffice and StarOffice Suites Florian Weimer (Jan 04 2007)
  - Re: [VulnWatch] High Risk Vulnerability in the OpenOffice and StarOffice Suites David Litchfield (Jan 04 2007)
    - Re: [VulnWatch] High Risk Vulnerability in the OpenOffice and StarOffice Suites Pete Connolly (Jan 04 2007)
Concurrency strikes MSIE (potentially exploitable msxml3 flaws) Michal Zalewski (Jan 04 2007)
- RE: [Full-disclosure] Concurrency strikes MSIE (potentially exploitablemsxml3 flaws) Larry Seltzer (Jan 04 2007)
  - RE: [Full-disclosure] Concurrency strikes MSIE (potentially exploitablemsxml3 flaws) Michal Zalewski (Jan 04 2007)
    - Re: RE: [Full-disclosure] Concurrency strikes MSIE (potentially exploitablemsxml3 flaws) socket69_at_hotmail.com (Jan 04 2007)
DMA[2007-0104a] - 'iLife iPhoto Photocasing Format String Vulnerability' K F (lists) (Jan 04 2007)
[USN-398-3] Firefox theme regression Kees Cook (Jan 04 2007)
Perforce client: security hole by design Ben Bucksch (Jan 04 2007)
- Re: Perforce client: security hole by design The Fungi (Jan 05 2007)
- Re: Perforce client: security hole by design Crispin Cowan (Jan 11 2007)
SAP Security Mark Litchfield (Jan 04 2007)
CMS Made Simple non-permanent XSS nanoymaster_at_gmail.com (Jan 04 2007)
- Re: CMS Made Simple non-permanent XSS ted_at_cmsmadesimple.org (Jan 18 2007)
[USN-401-1] D-Bus vulnerability Kees Cook (Jan 04 2007)
[USN-400-1] Thunderbird vulnerabilities Kees Cook (Jan 04 2007)
MkPortal Admin XSS info_at_burnhead.it (Jan 04 2007)
IG Shop remote code execution asdfj38_at_yahoo.com (Jan 04 2007)
IG Calendar SQL Injection asdfj38_at_yahoo.com (Jan 04 2007)
Uber Uploader 4.2 Arbitrary File Upload Vulnerability null_hack_at_yahoo.com (Jan 04 2007)
- Re: Uber Uploader 4.2 Arbitrary File Upload Vulnerability recklessb_at_users.sourceforge.net (Jan 08 2007)
  - Re: Re: Uber Uploader 4.2 Arbitrary File Upload Vulnerability null_hack_at_yahoo.com (Jan 10 2007)
    - Re: Re: Re: Uber Uploader 4.2 Arbitrary File Upload Vulnerability recklessb_at_users.sourceforge.net (Jan 14 2007)
Intranet Open Source Remote Password Disclosure "intranet.mdb" Advisory_at_aria-security.net (Jan 05 2007)
Advisory 02/2007: WordPress Trackback Charset Decoding SQL Injection Vulnerability Stefan Esser (Jan 05 2007)
Coppermine Photo Gallery <= 1.4.10 SQL Injection Exploit gmdarkfig_at_gmail.com (Jan 05 2007)
iDefense Security Advisory 01.05.07: Opera Software Opera Web Browser createSVGTransformFromMatrix Object Typecasting Vulnerability iDefense Labs (Jan 05 2007)
[DRUPAL-SA-2007-001] Drupal 4.6.11 / 4.7.5 fixes XSS issue Uwe Hermann (Jan 05 2007)
[DRUPAL-SA-2007-002] Drupal 4.6.11 / 4.7.5 fixes DoS issue Uwe Hermann (Jan 05 2007)
RI Blog 1.3 XSS Vuln. ShaFuq31_at_HoTMaiL.CoM (Jan 05 2007)
Advisory 01/2007: WordPress CSRF Protection XSS Vulnerability Stefan Esser (Jan 05 2007)
Multiple bugs in EditTag nj_at_hackerz.ir (Jan 05 2007)
[USN-402-1] Avahi vulnerability Kees Cook (Jan 05 2007)
Flog 1.1.2 Remote Admin Password Disclosure corrado.liotta_at_alice.it (Jan 05 2007)
iDefense Security Advisory 01.05.07: Opera Software Opera Web Browser JPG Image DHT Marker Heap Corruption Vulnerability iDefense Labs (Jan 05 2007)
Kolayindir Download (Yenionline) (tr) SqL Injection Vuln. ShaFuq31_at_HoTMaiL.CoM (Jan 05 2007)
[OpenPKG-SA-2007.002] OpenPKG Security Advisory (bzip2) OpenPKG GmbH (Jan 05 2007)
ZDI-07-001: QUALCOMM Eudora WorldMail Remote Management Heap Overflow Vulnerability zdi-disclosures_at_3Com.Com (Jan 05 2007)
iDefense Security Advisory 01.05.07: Kaspersky Antivirus Scan Engine PE File Denial of Service Vulnerability iDefense Labs (Jan 05 2007)
[OpenPKG-SA-2007.003] OpenPKG Security Advisory (drupal) OpenPKG GmbH (Jan 05 2007)
fetchmail security announcement 2006-03 (CVE-2006-5974) Matthias Andree (Jan 05 2007)
fetchmail security announcement 2006-02 (CVE-2006-5867) Matthias Andree (Jan 05 2007)
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Secure Access Control Server Cisco Systems Product Security Incident Response Team (Jan 05 2007)
ohhASP Remote Password Disclosure Advisory_at_aria-security.net (Jan 06 2007)
Yet Another Link Directory v1.0 lunY_at_youfucktard.com (Jan 06 2007)
[OpenPKG-SA-2007.004] OpenPKG Security Advisory (fetchmail) OpenPKG GmbH (Jan 06 2007)
Fix & Chips CMS v1.0 luny_at_youfucktard.com (Jan 06 2007)
shopstorenow (orange.asp) sql injection emel_gw_ini_at_yahoo.com (Jan 06 2007)
FON Router allows anonymous web access l.friedrichs_at_gbs.nitag.de (Jan 06 2007)
- Re: FON Router allows anonymous web access Thierry Zoller (Jan 06 2007)
[OpenPKG-SA-2007.005] OpenPKG Security Advisory (wordpress) OpenPKG GmbH (Jan 06 2007)
0trace - traceroute on established connections Michal Zalewski (Jan 06 2007)
- Re: [Full-disclosure] 0trace - traceroute on established connections Michal Zalewski (Jan 06 2007)
- Re: [Full-disclosure] 0trace - traceroute on established connections Alessandro Dellavedova (Jan 09 2007)
  - Re: [Full-disclosure] 0trace - traceroute on established connections Michal Zalewski (Jan 09 2007)
  - Re: [Full-disclosure] 0trace - traceroute on established connections Jon Oberheide (Jan 09 2007)
- Re: [DCC SPAM] 0trace - traceroute on established connections Lance James (Jan 08 2007)
- Re: [Full-disclosure] 0trace - traceroute on established connections Robert Święcki (Jan 13 2007)
  - Re: [Full-disclosure] 0trace - traceroute on established connections Jon Oberheide (Jan 24 2007)
@lex Guestbook <= 4.0.2 Remote Command Execution Exploit gmdarkfig_at_gmail.com (Jan 07 2007)
AJLogin v3.5 Remote Password Disclosure Vulnerability beks_at_bsdmail.org (Jan 07 2007)
EMembersPro 1.0 Remote Password Disclosure Vulnerability beks_at_bsdmail.org (Jan 07 2007)
MitiSoft Remote Password Disclosure Vulnerability beks_at_bsdmail.org (Jan 07 2007)
M-Core Remote Password Disclosure Vulnerability beks_at_bsdmail.org (Jan 07 2007)
HarikaOnline v2.0 Remote Password Disclosure Vulnerability beks_at_bsdmail.org (Jan 07 2007)
Webulas Remote Password Disclosure Vulnerability beks_at_bsdmail.org (Jan 07 2007)
Uguestbook Remote Password Disclosure Vulnerability beks_at_bsdmail.org (Jan 07 2007)
NUNE News Script (custom_admin_path) Remote File Include Vulnerablity xorontr_at_gmail.com (Jan 07 2007)
[SECURITY] [DSA 1245-1] New proftpd packages fix denial of service Moritz Muehlenhoff (Jan 07 2007)
Dayfox Blog Remote File Include Vuln. ShaFuq31_at_HoTMaiL.CoM (Jan 07 2007)
GeoBB Georgian Bulletin Board Remote File Include Vuln. ShaFuq31_at_HoTMaiL.CoM (Jan 07 2007)
TK53 Advisory #1: CenterICQ remote DoS buffer overflow in LiveJournal handling Lolek of TK53 (Jan 07 2007)
MKPortal Full Path Disclosure info_at_burnhead.it (Jan 07 2007)
HP Multiple Products PML Driver Local Privilege Escalation Sowhat (Jan 08 2007)
magic photo storage website Remote File Inclusion k1tk4t_at_newhack.org (Jan 08 2007)
QASEC Announcement: Writing Software Security Test Cases bugtraq_at_cgisecurity.net (Jan 07 2007)
Packeteer PacketWise CLI overflow DoS kian.mohageri_at_gmail.com (Jan 08 2007)
[SECURITY] [DSA 1246-1] New OpenOffice.org packages fix arbitrary code execution Martin Schulze (Jan 08 2007)
rPSA-2007-0001-1 openoffice.org rPath Update Announcements (Jan 08 2007)
[SECURITY] [DSA 1247-1] New libapache-mod-auth-kerb packages fix remote denial of service Noah Meyerhans (Jan 08 2007)
Re: Sun java System Messenger Express XSS b2wang_at_yahoo.com (Jan 04 2007)
cisco nac bypass vulnerability - cisco trust agent thorben schroeder (Jan 08 2007)
- Re: cisco nac bypass vulnerability - cisco trust agent Stefano Zanero (Jan 08 2007)
Vendor guidelines regarding security contacts Steven M. Christey (Jan 08 2007)
- Re: Vendor guidelines regarding security contacts security curmudgeon (Jan 08 2007)
- Re: Vendor guidelines regarding security contacts Chris Wysopal (Jan 09 2007)
- Re: Vendor guidelines regarding security contacts Juha-Matti Laurio (Jan 11 2007)
- Re: Vendor guidelines regarding security contacts Ben Bucksch (Jan 11 2007)
  - Re: Vendor guidelines regarding security contacts Steven M. Christey (Jan 12 2007)
createauction (cats.asp) Remote SQL Injection Vulnerability emel_gw_ini_at_yahoo.com (Jan 06 2007)
GForge Cross Site Scripting vulnerability jose.palanco_at_eazel.es (Jan 08 2007)
[ MDKSA-2007:003 ] - Updated avahi packages fix DoS vulnerability security_at_mandriva.com (Jan 08 2007)
RFID open source library - RFIDIOt code release - version 0.1k Adam Laurie (Jan 07 2007)
Cracking Steganography Application in less than ONE minute thesinoda_at_hotmail.com (Jan 06 2007)
- Re: Cracking Steganography Application in less than ONE minute Michal Spadlinski (Jan 09 2007)
[ MDKSA-2007:004 ] - Updated geoip packages fix geoipupdate vulnerability security_at_mandriva.com (Jan 08 2007)
[KDE Security Advisory] ksirc Denial of Service vulnerability Dirk Mueller (Jan 09 2007)
Re: PHPKit 1.6.1 RC2 (faq/faq.php) Remote SQL Injection Exploit yorn_at_everymail.net (Jan 08 2007)
ppc engine Multiple file inclusion emel_gw_ini_at_yahoo.com (Jan 08 2007)
Sina UC ActiveX Multiple Remote Stack Overflow Sowhat (Jan 08 2007)
magic photo storage website Multiple Remote File Inclusion emel_gw_ini_at_yahoo.com (Jan 08 2007)
rPSA-2007-0003-1 fetchmail rPath Update Announcements (Jan 09 2007)
Re: [Full-disclosure] [WEB SECURITY] Universal XSS with PDF files: highly dangerous Jim Manico (Jan 08 2007)
[USN-403-1] X.org vulnerabilities Kees Cook (Jan 09 2007)
MITKRB5-SA-2006-002: kadmind (via RPC lib) calls uninitialized function pointer Tom Yu (Jan 09 2007)
MITKRB5-SA-2006-003: kadmind (via GSS-API lib) frees uninitialized pointers Tom Yu (Jan 09 2007)
iDefense Security Advisory 01.09.07: Multiple Microsoft Products VML 'recolorinfo' Element Integer Overflow Vulnerability iDefense Labs (Jan 09 2007)
iDefense Security Advisory 01.09.07: Microsoft Excel Long Palette Heap Overflow Vulnerability iDefense Labs (Jan 09 2007)
iDefense Security Advisory 01.09.07: Microsoft Excel Invalid Column Heap Corruption Vulnerability iDefense Labs (Jan 09 2007)
[USN-404-1] MadWifi vulnerability Kees Cook (Jan 09 2007)
Easy Banner Pro Version 2.8 <= Remote File Inclusion stormhacker_at_hotmail.com (Jan 08 2007)
CA BrightStor ARCserve Backup Tape Engine Exploit Security Notice Williams, James K (Jan 09 2007)
Circumventing CSFR Form Token Defense Jim Manico (Jan 08 2007)
- Re: Circumventing CSFR Form Token Defense Florian Weimer (Jan 09 2007)
- Re: Circumventing CSFR Form Token Defense bugtraq_at_phihag.de (Jan 09 2007)
  - RE: Circumventing CSFR Form Token Defense James C. Slora Jr. (Jan 11 2007)
- Re: Circumventing CSFR Form Token Defense Peter Watkins (Jan 09 2007)
rPSA-2007-0004-1 bzip2 rPath Update Announcements (Jan 09 2007)
rPSA-2007-0005-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs rPath Update Announcements (Jan 09 2007)
iDefense Security Advisory 01.09.07: Multiple Vendor X Server Render Extension ProcRenderAddGlyphs Memory Corruption Vulnerability iDefense Labs (Jan 09 2007)
[ MDKSA-2007-005 ] - Updated xorg-x11/XFree86 packages fix integer overflow vulnerabilities security_at_mandriva.com (Jan 09 2007)
iDefense Security Advisory 01.09.07: Multiple Vendor X Server DBE Extension ProcDbeGetVisualInfo Memory Corruption Vulnerability iDefense Labs (Jan 09 2007)
iDefense Security Advisory 01.09.07: Multiple Vendor X Server DBE Extension ProcDbeSwapBuffers Memory Corruption Vulnerability iDefense Labs (Jan 09 2007)
edit-x ecommerce (include_dir) Remote File include emel_gw_ini_at_yahoo.com (Jan 09 2007)
iDefense Security Advisory 01.09.07: Adobe Macromedia ColdFusion Source Code Disclosure Vulnerability iDefense Labs (Jan 09 2007)
slocate leaks filenames of protected directories steven_at_masterwebnet.com (Jan 09 2007)
- Re: slocate leaks filenames of protected directories Dennis Jackson (Jan 10 2007)
  - Re: slocate leaks filenames of protected directories Ben Wheeler (Jan 11 2007)
    - Re: slocate leaks filenames of protected directories Dave Moore (Jan 11 2007)
      - Re: slocate leaks filenames of protected directories Ben Wheeler (Jan 12 2007)
Adobe Reader Remote Heap Memory Corruption - Subroutine Pointer Overwrite Piotr Bania (Jan 09 2007)
[OpenPKG-SA-2007.006] OpenPKG Security Advisory (kerberos) OpenPKG GmbH (Jan 10 2007)
Cisco Security Advisory: Cisco Unified Contact Center and IP Contact Center JTapi Gateway Vulnerability Cisco Systems Product Security Incident Response Team (Jan 10 2007)
Cisco Security Advisory: DLSw Vulnerability Cisco Systems Product Security Incident Response Team (Jan 10 2007)
iDefense Q-1 2007 Challenge contributor (Jan 10 2007)
- Re: [Full-disclosure] iDefense Q-1 2007 Challenge Simon Smith (Jan 16 2007)
  - Re: [Full-disclosure] iDefense Q-1 2007 Challenge K F (lists) (Jan 16 2007)
    - Re: [Full-disclosure] iDefense Q-1 2007 Challenge -I WILL BUY FOR MORE Simon Smith (Jan 16 2007)
      - Re: [Full-disclosure] iDefense Q-1 2007 Challenge -I WILL BUY FOR MORE Jim Manico (Jan 16 2007)
      - Re: [Full-disclosure] iDefense Q-1 2007 Challenge -I WILL BUY FOR MORE Roman Medina-Heigl Hernandez (Jan 18 2007)
      - Re: [Full-disclosure] iDefense Q-1 2007 Challenge -I WILL BUY FOR MORE Simon Smith (Jan 18 2007)
      - Re: [Full-disclosure] iDefense Q-1 2007 Challenge -I WILL BUY FOR MORE Simon Smith (Jan 18 2007)
      - Re: [Full-disclosure] iDefense Q-1 2007 Challenge -I WILL BUY FOR MORE Simon Smith (Jan 18 2007)
    - Re: [Full-disclosure] iDefense Q-1 2007 Challenge Blue Boar (Jan 16 2007)
      - Re: [Full-disclosure] iDefense Q-1 2007 Challenge K F (lists) (Jan 16 2007)
      - Re: [Full-disclosure] iDefense Q-1 2007 Challenge Simon Smith (Jan 16 2007)
      - Re: [Full-disclosure] iDefense Q-1 2007 Challenge Blue Boar (Jan 16 2007)
      - Re: [Full-disclosure] iDefense Q-1 2007 Challenge Simon Smith (Jan 16 2007)
      - Re: [Full-disclosure] iDefense Q-1 2007 Challenge Tim Newsham (Jan 17 2007)
      - Re: [_SUSPEKT] - Re: [Full-disclosure] iDefense Q-1 2007 Challenge - Bayesian Filter detected spam Simon Smith (Jan 18 2007)
[ MDKSA-2007:006 ] - Updated OpenOffice.org packages fix WMF vulnerability security_at_mandriva.com (Jan 10 2007)
A Major design Bug in Steganography 1.7.x, 1.8 (latest) (Updated Version) thesinoda_at_hotmail.com (Jan 07 2007)
- Re: A Major design Bug in Steganography 1.7.x, 1.8 (latest) (Updated Version) Dave \ (Jan 10 2007)
- Re: A Major design Bug in Steganography 1.7.x, 1.8 (latest) (Updated Version) hlangos-bugtraq_at_innominate.com (Jan 11 2007)
VLC Format String Vulnerability also in XINE Sven.Czaja_at_gmx.de (Jan 10 2007)
[ GLSA 200701-04 ] SeaMonkey: Multiple vulnerabilities Raphael Marichez (Jan 10 2007)
CS-Cart 1.3.3 (install.php) Remote File Include Vulnerability ahmed_labib_hilmy_at_yahoo.com (Jan 09 2007)
A Major design Bug in Camouflage 1.2.1 (latest) thesinoda_at_hotmail.com (Jan 07 2007)
sazcart v1.5 (cart.php) Remote File include emel_gw_ini_at_yahoo.com (Jan 09 2007)
VMware ESX server security updates VMware Security team (Jan 09 2007)
DMA[2007-0107a] OmniWeb Javascript Alert Format String Vulnerabiity and DMA[2007-0109a] Apple Finder Disk Image Volume Label Overflow / DoS K F (lists) (Jan 10 2007)
[ MDKSA-2007:007 ] - Updated nvidia driver packages fix vulnerability security_at_mandriva.com (Jan 10 2007)
[ MDKSA-2007:009 ] - Updated kdenetwork packages fix ksirc vulnerability security_at_mandriva.com (Jan 10 2007)
[ MDKSA-2007:008 ] - Updated kerberos packages fix vulnerability security_at_mandriva.com (Jan 10 2007)
Computer Terrorism (UK) :: Incident Response Centre - Microsoft Outlook Vulnerability advisories_at_computerterrorism.com (Jan 11 2007)
WMF CreateBrushIndirect vulnerability (DoS) Alexander Sotirov (Jan 10 2007)
- Re: WMF CreateBrushIndirect vulnerability (DoS) temp0_123_at_mail.ru (Jan 13 2007)
Xine-ui format string Vulnerabilties. saik0pod_at_yahoo.com (Jan 11 2007)
Jshop Server 1.3 irvian_at_presiden.com (Jan 10 2007)
phpBB (privmsg.php) XSS Exploit info_at_burnhead.it (Jan 10 2007)
- Re: phpBB (privmsg.php) XSS Exploit neothermic_at_phpbb.com (Jan 11 2007)
- Re: phpBB (privmsg.php) XSS Exploit neothermic_at_phpbb.com (Jan 12 2007)
Calyptix Security Advisory CX-2007-001 - Snort 2.6.1.2 Integer Underflow Vulnerability Calyptix Advisories (Jan 11 2007)
FreeBSD Security Advisory FreeBSD-SA-07:01.jail FreeBSD Security Advisories (Jan 11 2007)
rPSA-2007-0006-1 krb5 krb5-server krb5-services krb5-test krb5-workstation rPath Update Announcements (Jan 11 2007)
ZDI-07-002: CA BrightStor ARCserve Backup Tape Engine Code Execution Vulnerability zdi-disclosures_at_3com.com (Jan 11 2007)
ZDI-07-004: CA BrightStor ARCserve Backup Tape Engine Buffer Overflow Vulnerability zdi-disclosures_at_3com.com (Jan 11 2007)
[security bulletin] HPSBMA02175 SSRT061174 rev.1 - HP OpenView Network Node Manager (OV NNM) Remote Unauthorized Read Access to Files security-alert_at_hp.com (Jan 11 2007)
LayerOne 2007 CFP Announced Layer One (Jan 11 2007)
ZDI-07-003: CA BrightStor ARCserve Backup Message Engine Buffer Overflow Vulnerability zdi-disclosures_at_3com.com (Jan 11 2007)
easy-content filemanager hackerbinhphuoc_at_yahoo.com (Jan 11 2007)
[USN-405-1] fetchmail vulnerability Kees Cook (Jan 11 2007)
Digital Armaments Security Pre-Advisory 11.01.2007: Grsecurity Kernel PaX - Local root vulnerability info_at_digitalarmaments.com (Jan 11 2007)
- Lies? [Was: Re: Digital Armaments Security Pre-Advisory 11.01.2007: Grsecurity Kernel PaX - Local root vulnerability] Lubomir Kundrak (Jan 12 2007)
[ MDKSA-2007:010 ] - Updated Firefox packages fix multiple vulnerabilities security_at_mandriva.com (Jan 11 2007)
[security bulletin] HPSBMA02176 SSRT051035 rev.1 - HP OpenView Network Node Manager (OV NNM) Remote Unauthorized Execution of Arbitrary Code security-alert_at_hp.com (Jan 11 2007)
LS-20061002 - Computer Associates BrightStor ARCserve Backup Remote Code Execution Vulnerability advisories_at_lssec.com (Jan 11 2007)
Nwom topsites v3.0 lunY_at_youfucktard.com (Jan 11 2007)
LunarPoll (PollDir) Remote File Include Vulnerabilities ilkerKandemir_at_mynet.com (Jan 12 2007)
Ezboxx multiple vulnerabilities. Info_at_BugSec.com (Jan 11 2007)
xss in phpmyadmin <= 2.8.1 alfa_at_virtuax.be (Jan 12 2007)
- Re: xss in phpmyadmin <= 2.8.1 alfa_at_virtuax.be (Jan 12 2007)
[ MDKSA-2007:011 ] - Updated Thunderbird packages fix multiple vulnerabilities security_at_mandriva.com (Jan 11 2007)
[USN-406-1] OpenOffice.org vulnerability Kees Cook (Jan 11 2007)
Re (3): Circumventing CSFR Form Token Defense bugtraq_at_phihag.de (Jan 11 2007)
Corsaire Security Advisory: ChainKey Java Code Protection Bypass issue advisories (Jan 12 2007)
- Re: Corsaire Security Advisory: ChainKey Java Code Protection Bypass issue Jim Manico (Jan 12 2007)
Web Honeynet Project: announcement, exploit URLs this Wednesday Gadi Evron (Jan 11 2007)
- Re: [Full-disclosure] Web Honeynet Project: announcement, bugtraq_at_cgisecurity.net (Jan 12 2007)
  - Re: [Full-disclosure] Web Honeynet Project: announcement, Gadi Evron (Jan 12 2007)
Micro CMS <= 3.5 Remote File Include Exploit ilkerKandemir_at_mynet.com (Jan 12 2007)
[CAID 34955, 34956, 34957, 34958, 34959, 34817]: CA BrightStor ARCserve Backup Multiple Overflow Vulnerabilities Williams, James K (Jan 11 2007)
Wordpress disclosure of Table Prefix Weakness process_at_cnbct.org (Jan 11 2007)
seeking comments on disclosure articles smcalearney_at_cxo.com (Jan 12 2007)
- RE: seeking comments on disclosure articles Michael Scheidell (Jan 13 2007)
[ MDKSA-2007:012 ] - Updated kernel packages fix multiple vulnerabilities and bugs security_at_mandriva.com (Jan 12 2007)
AIOCP SQL Injection Vulnerability coloss7_at_gmail.com (Jan 12 2007)
AIOCP Login Bypass Vulnerability coloss7_at_gmail.com (Jan 12 2007)
Naig <= 0.5.2 (this_path) Remote File Include Vulnerability me you (Jan 12 2007)
- Re: Naig <= 0.5.2 (this_path) Remote File Include Vulnerability maxpost_at_bk.ru (Jan 12 2007)
[ GLSA 200701-05 ] KDE kfile JPEG info plugin: Denial of Service Raphael Marichez (Jan 12 2007)
[ GLSA 200701-06 ] w3m: Format string vulnerability Raphael Marichez (Jan 12 2007)
[ GLSA 200701-07 ] OpenOffice.org: EMF/WMF file handling vulnerabilities Raphael Marichez (Jan 12 2007)
[ GLSA 200701-08 ] Opera: Two remote code execution vulnerabilities Raphael Marichez (Jan 12 2007)
[SECURITY] [DSA 1248-1] New libsoup packages fix denial of service Moritz Muehlenhoff (Jan 12 2007)
[ MDKSA-2007:013 ] - Updated libneon0.26 packages fix vulnerability security_at_mandriva.com (Jan 12 2007)
Ipswitch WS_FTP 2007 Professional "wsftpurl" access violation vulnerability sapheal_at_hack.pl (Jan 12 2007)
- Re: Ipswitch WS_FTP 2007 Professional "wsftpurl" access violation vulnerability 3APA3A (Jan 14 2007)
  - Re: Ipswitch WS_FTP 2007 Professional "wsftpurl" access violation vulnerability Eliah Kagan (Jan 16 2007)
    - Re: Ipswitch WS_FTP 2007 Professional "wsftpurl" access violation vulnerability HACKPL - bugtraq/sapheal (Jan 16 2007)
PHP-Nuke <= 7.9 Old-Articles Block "cat" SQL Injection vulnerability paisterist_at_neosecurityteam.net (Jan 13 2007)
Trevorchan <= v0.7 Remote File Include Vulnerability ilkerkandemir_at_mynet.com (Jan 13 2007)
- Re: Trevorchan <= v0.7 Remote File Include Vulnerability Stefano Zanero (Jan 16 2007)
Ovidentia 5.6x Series Remote File İnclude hotturk_at_mynet.com (Jan 14 2007)
London DC4420 meet - Wednesday 17th January, 2007 Major Malfunction (Jan 14 2007)
[USN-407-1] libgtop2 vulnerability Martin Pitt (Jan 15 2007)
Okul Web Otomasyon Sistemi (etkinlikbak.asp) SQL Injection Vulnerability ilkerkandemir_at_mynet.com (Jan 15 2007)
Oracle Passwords and OraBrute paulw_at_ngssoftware.com (Jan 15 2007)
Remedy Action Request System 5.01.02 - User Enumeration Davide Del Vecchio (Jan 15 2007)
- Re: Remedy Action Request System 5.01.02 - User Enumeration Davide Del Vecchio (Jan 16 2007)
[USN-408-1] krb5 vulnerability Martin Pitt (Jan 15 2007)
Outpost Bypassing Self-Protection using file links Vulnerability Matousec - Transparent security Research (Jan 15 2007)
Jax Petition Book (languagepack) Remote File Include Vulnerabilities ilkerkandemir_at_mynet.com (Jan 14 2007)
- Re: Jax Petition Book (languagepack) Remote File Include Vulnerabilities bmatheny_at_mobocracy.net (Jan 15 2007)
  - Re: Jax Petition Book (languagepack) Remote File Include Vulnerabilities John McGuire (Jan 16 2007)
wcSimple Poll (password.txt) Remote Password Disclosure Vulnerablity ilkerkandemir_at_mynet.com (Jan 14 2007)
InstantForum.NET Multiple Cross-Site Scripting Vulnerability DoZ_at_HackersCenter.com (Jan 14 2007)
Uninformed Journal Release Announcement: Volume 6 H D Moore (Jan 15 2007)
[USN-409-1] ksirc vulnerability Martin Pitt (Jan 15 2007)
liens_dynamiques xss and admin authentification sn0oPy.team_at_gmail.com (Jan 14 2007)
[ GLSA 200701-10 ] WordPress: Multiple vulnerabilities Raphael Marichez (Jan 15 2007)
Gallery <= 1.4.4-pl4 (phpbb_root_path) Remote File Include Vulnerability me you (Jan 16 2007)
- Re: Gallery <= 1.4.4-pl4 (phpbb_root_path) Remote File Include Vulnerability Chris Kelly (Jan 16 2007)
- Re: Gallery <= 1.4.4-pl4 (phpbb_root_path) Remote File Include Vulnerability krasza_at_gmail.com (Jan 16 2007)
PHPATM Remote Password Disclosure Vulnerablity nightmare_at_onhackerline.ir (Jan 16 2007)
MS07-004 VML Integer Overflow Exploit LifeAsaGeek_at_gmail.com (Jan 15 2007)
- Re: MS07-004 VML Integer Overflow Exploit lifeasageek_at_gmail.com (Jan 17 2007)
[ MDKSA-2007:017 ] - Updated wget packages fix ftp vulnerability security_at_mandriva.com (Jan 15 2007)
[ MDKSA-2007:015 ] - Updated cacti packages SQL injection vulnerability security_at_mandriva.com (Jan 15 2007)
[KDE Security Advisory] kpdf/kword/xpdf denial of service vulnerability Dirk Mueller (Jan 16 2007)
[ MDKSA-2007:016 ] - Updated fetchmail packages fix vulnerability security_at_mandriva.com (Jan 15 2007)
dt_guestbook version 1.0f XSS vulnerability jesper.jurcenoks_at_netvigilance.com (Jan 15 2007)
rPSA-2007-0007-1 kdenetwork rPath Update Announcements (Jan 15 2007)
[x0n3-h4ck] SmE FileMailer 1.21 Remote Sql Injextion Exploit corrado.liotta_at_alice.it (Jan 16 2007)
Announcement: The Cross-site Request Forgery FAQ bugtraq_at_cgisecurity.net (Jan 16 2007)
[ GLSA 200701-09 ] oftpd: Denial of Service Raphael Marichez (Jan 15 2007)
vulnerability script indexu all versions gamr-14_at_hotmail.com (Jan 16 2007)
rPSA-2007-0008-1 gd rPath Update Announcements (Jan 15 2007)
[ MDKSA-2007:014 ] - Updated bluez-utils packages fix hidd vulnerability security_at_mandriva.com (Jan 15 2007)
[ GLSA 200701-11 ] Kronolith: Local file inclusion Raphael Marichez (Jan 16 2007)
[ GLSA 200701-12 ] Mono: Information disclosure Raphael Marichez (Jan 16 2007)
SYMSA-2007-001: Oracle Application Server 10g - Directory Traversal research_at_symantec.com (Jan 15 2007)
ZDI-07-005: Sun Microsystems Java GIF File Parsing Memory Corruption Vulnerability zdi-disclosures_at_3com.com (Jan 16 2007)
Windows logoff bug possible security vulnerability and exploit. Rage Coder (Jan 17 2007)
- Re: Windows logoff bug possible security vulnerability and exploit. 3APA3A (Jan 17 2007)
  - Re: Windows logoff bug possible security vulnerability and exploit. Rage Coder (Jan 18 2007)
- Re: Windows logoff bug possible security vulnerability and exploit. Bart .... (Jan 23 2007)
  - Re: Windows logoff bug possible security vulnerability and exploit. Rage Coder (Jan 27 2007)
[SECURITY] [DSA 1250-1] New cacti packages fix arbitrary code execution Moritz Muehlenhoff (Jan 17 2007)
[ISecAuditors Security Advisories] Oracle Reports Web Cartridge (RWCGI60) vulnerable to XSS ISecAuditors Security Advisories (Jan 17 2007)
[x0n3-h4ck] myBloggie 2.1.5 XSS exploit corrado.liotta_at_alice.it (Jan 17 2007)
Microsoft Help Workshop .CNT contents files buffer overflow vulnerability porkythepig_at_anspi.pl (Jan 17 2007)
[security bulletin] HPSBUX02181 SSRT061289 rev.1 - HP-UX Running IPFilter, Remote Unauthorized Denial of Service (DoS) security-alert_at_hp.com (Jan 18 2007)
[security bulletin] HPSBST02184 SSRT071296 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS07-001 Through MS07-004 security-alert_at_hp.com (Jan 18 2007)
Multiple OS kernel insecure handling of stdio file descriptor XFOCUS Security Team (Jan 18 2007)
- Re: Multiple OS kernel insecure handling of stdio file descriptor 3APA3A (Jan 18 2007)
- Re: Multiple OS kernel insecure handling of stdio file descriptor Peter Jeremy (Jan 18 2007)
  - Re: Multiple OS kernel insecure handling of stdio file descriptor Carson Gaspar (Jan 20 2007)
- Re: Multiple OS kernel insecure handling of stdio file descriptor Shiva Persaud (Jan 19 2007)
  - Re: Multiple OS kernel insecure handling of stdio file descriptor eugeny gladkih (Jan 20 2007)
    - Re: [Full-disclosure] Multiple OS kernel insecure handling of stdio file descriptor Troy Bollinger (Jan 20 2007)
FW: [cacti-announce] Cacti 0.8.6j Released Warner Moore (Jan 18 2007)
- Re: FW: [cacti-announce] Cacti 0.8.6j Released Steve Friedl (Jan 18 2007)
CYBSEC - Security Advisory: SAP Internet Graphics Service (IGS) Remote Buffer Overflow CYBSEC Advisories (Jan 18 2007)
[USN-410-1] poppler vulnerability Martin Pitt (Jan 18 2007)
Cisco Security Advisory: SSL/TLS Certificate and SSH Public Key Validation Vulnerability Cisco Systems Product Security Incident Response Team (Jan 18 2007)
[security bulletin] HPSBPI02185 SSRT071290 rev.1 - HP Jetdirect Running ftp, Remote Denial of Service (DoS) security-alert_at_hp.com (Jan 18 2007)
Directory Traversal in ArsDigita Community System Elliot Kendall (Jan 18 2007)
[ MDKSA-2007:018 ] - Updated koffice packages fix crafted pdf file vulnerability security_at_mandriva.com (Jan 18 2007)
[ MDKSA-2007:019 ] - Updated pdftohtml packages fix crafted pdf file vulnerability security_at_mandriva.com (Jan 18 2007)
[ MDKSA-2007:020 ] - Updated poppler packages fix crafted pdf file vulnerability security_at_mandriva.com (Jan 18 2007)
[ MDKSA-2007:021 ] - Updated xpdf packages fix crafted pdf file vulnerability security_at_mandriva.com (Jan 18 2007)
[ MDKSA-2007:022 ] - Updated tetex packages fix crafted pdf file vulnerability security_at_mandriva.com (Jan 18 2007)
[x0n3-h4ck] sabros.us 1.7 XSS Exploit corrado.liotta_at_alice.it (Jan 18 2007)
[ MDKSA-2007:023 ] - Updated libgtop2 packages fix buffer overflow vulnerability security_at_mandriva.com (Jan 18 2007)
EUSecWest 2007 Papers Dragos Ruiu (Jan 18 2007)
MyShoutBox Multiple Cross-Site Scripting Vulnerability DoZ_at_HackersCenter.com (Jan 18 2007)
Layered Defense Research Advisory: BitDefender Client 8.02 Format String Vulnerability dh_at_layereddefense.com (Jan 18 2007)
TSLSA-2007-0003 - multi Trustix Security Advisor (Jan 19 2007)
DoS against AVM Fritz!Box 7050 (and others) collin_at_betaversion.net (Jan 19 2007)
- Re: DoS against AVM Fritz!Box 7050 (and others) Matthias Wenzel (Jan 23 2007)
Help project files (.HPJ) buffer overflow vulnerability in Microsoft Help Workshop porkythepig_at_anspi.pl (Jan 19 2007)
Virginity Security Advisory 2007-001 : T-Com Speedport 500V Login bypass advisory07_at_smtp.ru (Jan 19 2007)
- Re: Virginity Security Advisory 2007-001 : T-Com Speedport 500V Login bypass jn_at_hz6.de (Jan 21 2007)
- Re: Virginity Security Advisory 2007-001 : T-Com Speedport 500V Login bypass security_at_yospot.de (Jan 22 2007)
WzdFTPD < 8.1 Denial of service S21sec Labs (Jan 19 2007)
DIMVA 2007: Final Call for Papers Robin Sommer (Jan 18 2007)
[RISE-2007001] Apple Mac OS X 10.4.x kernel shared_region_map_file_np() memory corruption vulnerability RISE Security (Jan 19 2007)
a-forum xss sn0oPy_at_avenir-geopolitique.net (Jan 19 2007)
Login Manager Multiple HTML Injections DoZ_at_HackersCenter.com (Jan 19 2007)
Paypal Subscription Manager Multiple HTML Injections DoZ_at_HackersCenter.com (Jan 19 2007)
SMF "index.php?action=pm" Cross Site-Scripting Advisory_at_aria-security.net (Jan 20 2007)
- Re: SMF "index.php?action=pm" Cross Site-Scripting lfx4sodas_at_gmail.com (Jan 21 2007)
- Re: SMF "index.php?action=pm" Cross Site-Scripting Lise Moorveld (Jan 26 2007)
  - Re: Re: SMF "index.php?action=pm" Cross Site-Scripting alexbove_at_gmail.com (Jan 22 2007)
    - Re: Re: Re: SMF "index.php?action=pm" Cross Site-Scripting Outlaw_at_aria-security.net (Jan 22 2007)
      - Re: Re: Re: Re: SMF "index.php?action=pm" Cross Site-Scripting sirdarckcat_at_gmail.com (Jan 25 2007)
Digital Armaments Security Advisory 20.01.2007: Grsecurity Kernel PaX Vulnerability info_at_digitalarmaments.com (Jan 20 2007)
- Re: Digital Armaments Security Advisory 20.01.2007: Grsecurity Kernel PaX Vulnerability nospam_at_marek.kroemeke.eu (Jan 22 2007)
XSS in 212cafeBoard ( Verision 0.08 & 6.30 Beta ) xx_hack_xx_2004_at_hotmail.com (Jan 20 2007)
Sun Microsystems Java GIF File Parsing Memory Corruption Vulnerability Prove Of Concept Exploit luoluonet_at_126.com (Jan 21 2007)
Wiki-how path disclosure iamtheevil1_at_gmail.com (Jan 20 2007)
FishCart [injection sql] saps.audit_at_gmail.com (Jan 21 2007)
- Re: FishCart [injection sql] Michael Brennen (Jan 22 2007)
FreeForum 0.9.0 <=- (index.php fpath) Remote File Include Vulnerability me you (Jan 21 2007)
- Re: FreeForum 0.9.0 <=- (index.php fpath) Remote File Include Vulnerability Stefano Zanero (Jan 24 2007)
[SECURITY] [DSA 1251-1] New netrik packages fix arbitary shell command execution Steve Kemp (Jan 21 2007)
XMB "U2U Instant Messenger" Cross-Site Scripting Advisory_at_aria-security.net (Jan 20 2007)
XSS in Guestbook ( v.4.00 beta ) xx_hack_xx_2004_at_hotmail.com (Jan 20 2007)
SQL Injection in Unique Ads ( UDS ) xx_hack_xx_2004_at_hotmail.com (Jan 20 2007)
cmsimple 2.7 Remote File Include mr alkomandoz (Jan 20 2007)
Microsoft Visual C++ (.RC) resource files buffer overflow vulnerability porkythepig_at_anspi.pl (Jan 22 2007)
phpAdsNew 2.0.7 Remote File Include mr alkomandoz (Jan 20 2007)
- Re: phpAdsNew 2.0.7 Remote File Include l.d.0_at_hotmail.com (Jan 22 2007)
- Re: phpAdsNew 2.0.7 Remote File Include matteo_at_beccati.com (Jan 24 2007)
PHP Link Directory XSS Vulnerability version <= 3.0.6 jussi.vuokko_at_smilehouse.com (Jan 21 2007)
Full Path Disclosure in Open-Realty ( v2.3.4 ) xx_hack_xx_2004_at_hotmail.com (Jan 21 2007)
Fantastic News <=- (news.php) Remote File Include Vulnerability me you (Jan 21 2007)
- Re: Fantastic News <=- (news.php) Remote File Include Vulnerability <- bogus... again Mailinglists Address (Jan 22 2007)
Check Point Connectra End Point security bypass Roni Bachar (Jan 21 2007)
- Re: [Full-disclosure] Check Point Connectra End Point security bypass Felix Lindner (Jan 22 2007)
[x0n3-h4ck] bitweaver 1.3.1 XSS Exploit corrado.liotta_at_alice.it (Jan 22 2007)
UploadScript <=- v1.02 (password.txt) Remote Password Disclosure Vulnerability me you (Jan 22 2007)
Uploader <= (userdata/user_1.txt) Password Disclosure Vulnerability me you (Jan 22 2007)
[ GLSA 200701-13 ] Fetchmail: Denial of Service and password disclosure Matthias Geerdsen (Jan 22 2007)
SQL Injection by using Cookie Poisoning for Website Baker Version 2.6.5 and before Rolf Huisman (Jan 22 2007)
[ GLSA 200701-14 ] Mod_auth_kerb: Denial of Service Raphael Marichez (Jan 22 2007)
[ GLSA 200701-15 ] Sun JDK/JRE: Multiple vulnerabilities Raphael Marichez (Jan 22 2007)
[ GLSA 200701-16 ] Adobe Acrobat Reader: Multiple vulnerabilities Raphael Marichez (Jan 22 2007)
rPSA-2007-0011-1 wget rPath Update Announcements (Jan 23 2007)
- Re: [Full-disclosure] rPSA-2007-0011-1 wget Ron DuFresne (Jan 25 2007)
Safari Improperly Parses HTML Documents & BlogSpot XSS vulnerability Jose Avila III (Jan 22 2007)
- Re: Safari Improperly Parses HTML Documents & BlogSpot XSS vulnerability Robert Tasarz (Jan 23 2007)
[ MDKSA-2007:024 ] - Updated kdegraphics packages fix crafted pdf file vulnerability security_at_mandriva.com (Jan 22 2007)
AToZed Software Intraweb Component for Borland Delphi and Kylix DoS vulnerability C0r3 1mp4ct (Jan 23 2007)
- Re: AToZed Software Intraweb Component for Borland Delphi and Kylix DoS vulnerability mail_at_hadihariri.com (Jan 23 2007)
- Re: AToZed Software Intraweb Component for Borland Delphi and Kylix DoS vulnerability bounce_at_hadihariri.com (Jan 24 2007)
- Re: AToZed Software Intraweb Component for Borland Delphi and Kylix DoS vulnerability C0r3 1mp4ct (Jan 24 2007)
Bluetooth DoS by obex push hornung_at_cs.washington.edu (Jan 22 2007)
Bluetooth DoS by obex push Armin Hornung (Jan 22 2007)
rPSA-2007-0012-1 ed rPath Update Announcements (Jan 23 2007)
xss filter to protect from xss attacks Anurag Agarwal (Jan 22 2007)
Re: Bluetooth DoS by obex push [readable] hornung_at_cs.washington.edu (Jan 23 2007)
Adobe ColdFusion Information Disclosure zck zck (Jan 21 2007)
[ GLSA 200701-17 ] libgtop: Privilege escalation Matthias Geerdsen (Jan 23 2007)
rPSA-2007-0015-1 libsoup rPath Update Announcements (Jan 23 2007)
[ECHO_ADV_62$2007] Upload Service 1.0 remote file inclusion y3dips_at_gmail.com (Jan 23 2007)
rPSA-2007-0014-1 libgtop rPath Update Announcements (Jan 23 2007)
[ MDKSA-2007:025 ] - Updated kernel packages fix multiple vulnerabilities and bugs security_at_mandriva.com (Jan 23 2007)
Re: Multiple SQL injections and XSS in FishCart 3.1 michael_at_fishnet.us (Jan 22 2007)
SUSE Security Announcement: squid (SUSE-SA:2007:012) Thomas Biege (Jan 23 2007)
RANDOM PHP QUOTE 1.0 (pwd.txt) Remote Password Disclosur the.tiger100_at_gmail.com (Jan 23 2007)
[ GLSA 200701-18 ] xine-ui: Format string vulnerabilities Raphael Marichez (Jan 23 2007)
[ MDKSA-2006:217-2 ] - Updated proftpd packages fix vulnerabilities security_at_mandriva.com (Jan 23 2007)
[ GLSA 200701-19 ] OpenLDAP: Insecure usage of /tmp during installation Raphael Marichez (Jan 23 2007)
subscribe (pwd.txt) Remote Password Disclosur the.tiger100_at_gmail.com (Jan 23 2007)
rPSA-2007-0013-1 poppler tetex tetex-afm tetex-dvips tetex-fonts tetex-latex tetex-xdvi rPath Update Announcements (Jan 23 2007)
[USN-411-1] libsoup vulnerability Kees Cook (Jan 23 2007)
PR06-14: IP Phones based on Centrality Communications/Aredfox PA168 chipset weak session management vulnerability ProCheckUp Research (Jan 23 2007)
Advanced Guestbook <=- 2.4.2 (include_path) Remote File Include Vulnerability me you (Jan 23 2007)
- Re: Advanced Guestbook <=- 2.4.2 (include_path) Remote File Include Vulnerability Stefano Zanero (Jan 24 2007)
SUSE Security Announcement: xine (SUSE-SA:2007:013) Thomas Biege (Jan 23 2007)
[ MDKSA-2007:026 ] - Updated squid packages fix vulnerabilities security_at_mandriva.com (Jan 23 2007)
[ GLSA 200701-20 ] Centericq: Remote buffer overflow in LiveJournal handling Raphael Marichez (Jan 23 2007)
[USN-412-1] GeoIP vulnerability Kees Cook (Jan 23 2007)
[USN-413-1] BlueZ vulnerability Kees Cook (Jan 23 2007)
[Aria-Security Team] MyBB Cross-Site Scripting Advisory_at_Aria-Security.Net (Jan 23 2007)
Toxiclab Shoutbox Password Disclosure Vulnerability beks_at_bsdmail.org (Jan 24 2007)
Secunia Research: NCTsoft Products NCTAudioFile2 ActiveX Control Buffer Overflow Secunia Research (Jan 24 2007)
- Re: Secunia Research: NCTsoft Products NCTAudioFile2 ActiveX Control Buffer Overflow Secunia Research (Jan 24 2007)
Secunia Research: Sienzo Digital Music Mentor NCTAudioFile2 ActiveX Control Buffer Overflow Secunia Research (Jan 24 2007)
[CAID 34993]: CA BrightStor ARCserve Backup for Laptops and Desktops Multiple Overflow Vulnerabilities Williams, James K (Jan 24 2007)
ZixForum <= 1.14 (Zixforum.mdb) Remote Password Disclosure Vulnerability me you (Jan 24 2007)
- Re: ZixForum <= 1.14 (Zixforum.mdb) Remote Password Disclosure Vulnerability anonym_at_anonym.com (Jan 24 2007)
Maxtricity Tagger Password Disclosure Vulnerability beks_at_bsdmail.org (Jan 24 2007)
Cisco Security Advisory: Crafted TCP Packet Can Cause Denial of Service Cisco Systems Product Security Incident Response Team (Jan 24 2007)
Cisco Security Advisory: IPv6 Routing Header Vulnerability Cisco Systems Product Security Incident Response Team (Jan 24 2007)
Cisco Security Advisory: Crafted IP Option Vulnerability Cisco Systems Product Security Incident Response Team (Jan 24 2007)
[OPENADS-SA-2007-001] phpAdsNew and phpPgAds 2.0.9-pr1 vulnerability fixed Matteo Beccati (Jan 24 2007)
Weaknesses in Pingback Design bmatheny_at_mobocracy.net (Jan 24 2007)
[ GLSA 200701-21 ] MIT Kerberos 5: Arbitrary Remote Code Execution Matthias Geerdsen (Jan 24 2007)
DoS against Telligent Community Server bmatheny_at_mobocracy.net (Jan 24 2007)
[security bulletin] HPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access security-alert_at_hp.com (Jan 24 2007)
ZDI-07-006: Citrix Metaframe Presentation Server Print Provider Buffer Overflow Vulnerability zdi-disclosures_at_3com.com (Jan 24 2007)
Multiple Remote Vulnerabilities in Wordpress bmatheny_at_mobocracy.net (Jan 24 2007)
Oracle Buffer Overflow in DBMS_REPCAT_UNTRUSTED.UNREGISTER_SNAPSHOT Team SHATTER (Jan 24 2007)
Oracle Buffer Overflow in DBMS_LOGMNR.ADD_LOGFILE Team SHATTER (Jan 24 2007)
Oracle Buffer Overflow in DBMS_LOGREP_UTIL.GET_OBJECT_NAME Team SHATTER (Jan 24 2007)
- Re: Oracle Buffer Overflow in DBMS_LOGREP_UTIL.GET_OBJECT_NAME Steven M. Christey (Jan 25 2007)
Oracle Buffer Overflow in DBMS_DRS.GET_PROPERTY Team SHATTER (Jan 24 2007)
Oracle Multiple Buffer Overflows and DoS attacks in public procedures of MDSYS.MD Team SHATTER (Jan 24 2007)
[CAID 34818]: CA Personal Firewall Multiple Privilege Escalation Vulnerabilities Williams, James K (Jan 24 2007)
Oracle Buffer Overflows in DBMS_CAPTURE_ADM_INTERNAL Team SHATTER (Jan 24 2007)
- Re: Oracle Buffer Overflows in DBMS_CAPTURE_ADM_INTERNAL Steven M. Christey (Jan 25 2007)
  - Re: Re: Oracle Buffer Overflows in DBMS_CAPTURE_ADM_INTERNAL shatter_at_appsecinc.com (Jan 29 2007)
[USN-414-1] Squid vulnerabilities Kees Cook (Jan 24 2007)
Remove all admin->root authorization prompts from OSX K F (lists) (Jan 24 2007)
- RE: Remove all admin->root authorization prompts from OSX Marvin Simkin (Jan 25 2007)
  - Re: Remove all admin->root authorization prompts from OSX Baptiste Malguy (Jan 26 2007)
  - Re: Remove all admin->root authorization prompts from OSX Ben Bucksch (Jan 25 2007)
  - Re: Remove all admin->root authorization prompts from OSX John Smith (Jan 25 2007)
- Re: Remove all admin->root authorization prompts from OSX A. Shaw (Jan 25 2007)
rPSA-2007-0019-1 gtk rPath Update Announcements (Jan 25 2007)
ASP NEWS <= V3 (news_detail.asp) Remote SQL Injection Vulnerability ajannhwt_at_hotmail.com (Jan 25 2007)
Xero Portal v1.2 (phpbb_root_path) Remote File Include Vulnerablity xorontr_at_gmail.com (Jan 25 2007)
uniForum <= v4 (wbsearch.aspx) Remote SQL Injection Vulnerability ajannhwt_at_hotmail.com (Jan 25 2007)
EzDatabase Multiple Cross-Site Scripting Vulnerability DoZ_at_HackersCenter.com (Jan 25 2007)
ASP EDGE <= V1.2b (user.asp) Remote SQL Injection Vulnerability ajannhwt_at_hotmail.com (Jan 25 2007)
makit news/blog poster <=v3(news_page.asp) Remote SQL Injection Vulnerability ajannhwt_at_hotmail.com (Jan 25 2007)
BIND remote exploit (low severity) [Fwd: Internet Systems Consortium Security Advisory.] Lebbeous Weekley (Jan 25 2007)
Aztek Forum 4.1 Multiple Vulnerabilities Exploit gmdarkfig_at_gmail.com (Jan 25 2007)
- Re: Aztek Forum 4.1 Multiple Vulnerabilities Exploit gmdarkfig_at_gmail.com (Jan 25 2007)
phpCOIN <= RC-1 (modules/mail/index.php) Remote File Include Vulnerability me you (Jan 25 2007)
- Re: phpCOIN <= RC-1 (modules/mail/index.php) Remote File Include Vulnerability str0ke (Jan 25 2007)
[x0n3-h4ck] Siteman 2.0.x2 Remote Md5 Hash Disclosure Vulnerability corrado.liotta_at_alice.it (Jan 25 2007)
[x0n3-h4ck] Siteman 1.1.11 Remote Md5 Hash Disclosure Vulnerability corrado.liotta_at_alice.it (Jan 25 2007)
GPS 1.2 Content Managing System (print.asp) Remote SQL Injection Vulnerability ajannhwt_at_hotmail.com (Jan 25 2007)
[NETRAGARD-20061218 SECURITY ADVISORY] [@Mail WebMail Cross Site Request Forgery] Netragard Security Advisories (Jan 25 2007)
[ GLSA 200701-22 ] Squid: Multiple Denial of Service vulnerabilities Matthias Geerdsen (Jan 25 2007)
The certification password of Internet Explorer 7 and operation of auto complete support_at_sapporoworks.ne.jp (Jan 24 2007)
Buffer overflow in VSAPI library of Trend Micro VirusWall 3.81 for Linux Sebastian Wolfgarten (Jan 25 2007)
high5 Review script Security Risk anon_at_anon.com (Jan 25 2007)
Vulnerability disclosure comments Shawna McAlearney (Jan 23 2007)
Omniture SiteCatalyst Multiple Cross-Site Scripting Vulnerabilities DoZ_at_HackersCenter.com (Jan 23 2007)
RubyGems 0.9.0 and earlier installation exploit Eric Hodel (Jan 21 2007)
Medium Risk Vulnerability in PGP Desktop NGSSoftware Insight Security Research (Jan 25 2007)
[USN-410-2] teTeX vulnerability Kees Cook (Jan 25 2007)
[ GLSA 200701-24 ] VLC media player: Format string vulnerability Matthias Geerdsen (Jan 26 2007)
[OPENADS-SA-2007-002] Max Media Manager v0.1.29 and v0.3.30 vulnerability fixed Matteo Beccati (Jan 26 2007)
- Re: [OPENADS-SA-2007-002] Max Media Manager v0.1.29 and v0.3.30 vulnerability fixed Matteo Beccati (Jan 26 2007)
Movable Type <= 3.33 XSS Exploit teracci2002_at_yahoo.co.jp (Jan 26 2007)
[ MDKSA-2007:027 ] - Updated xine-ui packages fix vulnerabilities security_at_mandriva.com (Jan 26 2007)
[ GLSA 200701-23 ] Cacti: Command execution and SQL injection Matthias Geerdsen (Jan 26 2007)
Cross-site Scripting with Local Privilege Vulnerability in Yahoo Messenger hainamluke_at_yahoo.com (Jan 26 2007)
- Re: Cross-site Scripting with Local Privilege Vulnerability in Yahoo Messenger Outlaw_at_aria-security.net (Jan 26 2007)
- RE: Cross-site Scripting with Local Privilege Vulnerability in Yahoo Messenger Ahmed Sheipani (Jan 27 2007)
  - Re: Cross-site Scripting with Local Privilege Vulnerability in Yahoo Messenger 3B.Security Researcher (Jan 27 2007)
PHP Membership Manager Cross-Site Scripting Vulnerability DoZ_at_HackersCenter.com (Jan 26 2007)
FdScript <= v1.3.2 Remote File Disclosure Vulnerability ajannhwt_at_hotmail.com (Jan 26 2007)
S21sec-034-en: Cisco VTP DoS vulnerability S21sec Labs (Jan 26 2007)
- Re: [Full-disclosure] S21sec-034-en: Cisco VTP DoS vulnerability Clay Seaman-Kossmeyer (Jan 29 2007)
iDefense Security Advisory 01.26.07: Multiple Vendor libchm Page Block Length Memory Corruption Vulnerability iDefense Labs (Jan 26 2007)
rPSA-2007-0021-1 bind bind-utils rPath Update Announcements (Jan 25 2007)
rPSA-2007-0020-1 rmake rPath Update Announcements (Jan 25 2007)
Dexia website security alert Jos Kirps (Jan 25 2007)
- Re: Dexia website security alert Thierry Zoller (Jan 27 2007)
WS_FTP 2007 Professional SCP handling format string vulnerability Michal Bucko (Jan 26 2007)
[ MDKSA-2007:029 ] - Updated libsoup packages fix DoS vulnerability security_at_mandriva.com (Jan 26 2007)
stompy the session stomper - tool availability Michal Zalewski (Jan 27 2007)
- Re: stompy the session stomper - tool availability Rogan Dawes (Jan 27 2007)
  - Re: stompy the session stomper - tool availability Michal Zalewski (Jan 28 2007)
- Re: stompy the session stomper - tool availability Michal Zalewski (Jan 31 2007)
Full Disclosure: Arbitrary Code Execution in LedgerSMB CVE-2006-5872 Chris Travers (Jan 26 2007)
[USN-398-4] Firefox regression Kees Cook (Jan 26 2007)
Open Conference Systems = 2.8.2 Remote File Inclusion trzindan_at_hotmail.com (Jan 27 2007)
- Re: Open Conference Systems = 2.8.2 Remote File Inclusion Michał Melewski (Jan 27 2007)
- Fake: Open Conference Systems = 2.8.2 Remote File Inclusion bzhbfzj3001_at_sneakemail.com (Jan 29 2007)
  - Re: Fake: Open Conference Systems = 2.8.2 Remote File Inclusion Michał Melewski (Jan 29 2007)
    - Re: Fake: Open Conference Systems = 2.8.2 Remote File Inclusion Michał Melewski (Jan 29 2007)
    - Re: Fake: Open Conference Systems = 2.8.2 Remote File Inclusion bzhbfzj3001_at_sneakemail.com (Jan 30 2007)
- Re: Open Conference Systems = 2.8.2 Remote File Inclusion Stefano Zanero (Jan 28 2007)
[ MDKSA-2007:028 ] - Updated ulogd packaged to address buffer overflow vulnerability security_at_mandriva.com (Jan 26 2007)
AdMentor (banners) admin SQL injection sn0oPy.team_at_gmail.com (Jan 27 2007)
local Calendar System v1.1 (lcStdLib.inc) Remote File Include trzindan_at_hotmail.fr (Jan 27 2007)
- Re: local Calendar System v1.1 (lcStdLib.inc) Remote File Include Stefano Zanero (Jan 28 2007)
  - Re: local Calendar System v1.1 (lcStdLib.inc) Remote File Include Gadi Evron (Jan 29 2007)
    - Re: local Calendar System v1.1 (lcStdLib.inc) Remote File Include Stefano Zanero (Jan 29 2007)
    - Re: local Calendar System v1.1 (lcStdLib.inc) Remote File Include Simple Nomad (Jan 29 2007)
      - Re: local Calendar System v1.1 (lcStdLib.inc) Remote File Include Gadi Evron (Jan 30 2007)
[SECURITY] [DSA 1252-1] New vlc packages fix arbitrary code execution Martin Schulze (Jan 27 2007)
[SECURITY] [DSA 1253-1] New Mozilla Firefox packages fix several vulnerabilities Martin Schulze (Jan 27 2007)
[OpenPKG-SA-2007.007] OpenPKG Security Advisory (bind) OpenPKG GmbH (Jan 28 2007)
[SECURITY] [DSA 1254-1] New bind9 packages fix denial of service Moritz Muehlenhoff (Jan 28 2007)
MDPro 1.0.76 - Multiple Remote Vulnerabilities adexior_at_gmail.com (Jan 29 2007)
Internet Explorer 7 ActiveX bgColor property NULL pointer dereference (DoS) Alexander Sotirov (Jan 28 2007)
[OpenPKG-SA-2007.008] OpenPKG Security Advisory (cvstrac) OpenPKG GmbH (Jan 29 2007)
Xt-Stats v.2.4.0.b3 - Remote File Include Vulnerabilities h4cked.eg_at_hotmail.com (Jan 27 2007)
CVSTrac 2.0.0 Denial of Service (DoS) vulnerability Ralf S. Engelschall (Jan 29 2007)
Defeating CAPTCHAs via Averaging noreply9871234_at_ich-habe-fertig.com (Jan 26 2007)
- Re: Defeating CAPTCHAs via Averaging Alexander Klimov (Jan 30 2007)
  - Re: Defeating CAPTCHAs via Averaging Fred Leeflang (Jan 30 2007)
    - Re: Defeating CAPTCHAs via Averaging Lou Katz (Jan 31 2007)
Phorum HTML Injection Vulnerability DoZ_at_HackersCenter.com (Jan 28 2007)
- Re: Phorum HTML Injection Vulnerability brian_at_phorum.org (Jan 29 2007)
gnopaste <= 0.5.3 (index.php) Remote File Include Vulnerability trzindan_at_hotmail.fr (Jan 29 2007)
- Re: gnopaste <= 0.5.3 (index.php) Remote File Include Vulnerability Francesco Laurita (Jan 29 2007)
AdMentor (banners) admin SQL injection sn0oPy.team_at_gmail.com (Jan 27 2007)
Arbitrary Code Execution in SQL-Ledger and LedgerSMB through redirects Chris Travers (Jan 27 2007)
[ GLSA 200701-25 ] X.Org X server: Multiple vulnerabilities Matthias Geerdsen (Jan 27 2007)
VII National Computer and Information Security Conference ACIS 2007 - COLOMBIA Jeimy Cano (Jan 28 2007)
RBL - ASP (scripts with db) SQL injection sn0oPy.team_at_gmail.com (Jan 27 2007)
Oracle - Indirect Privilege Escalation and Defeating Virtual Private Databases David Litchfield (Jan 29 2007)
[DRUPAL-SA-2007-005] Drupal 4.7.6 / 5.1 fixes arbitrary code execution issue Uwe Hermann (Jan 29 2007)
rPSA-2007-0020-2 rmake rPath Update Announcements (Jan 29 2007)
COSEINC Alert: Microsoft Agent Heap Overflow Vulnerability Technical Details (Patched) Coseinc (Jan 29 2007)
RBL - ASP (scripts with db) SQL injection sn0oPy.team_at_gmail.com (Jan 29 2007)
PhP Generic library & framework (include_path) Remote File Include Exploit umutc4n_at_hotmail.com (Jan 29 2007)
EncapsCMS 0.3.6 (common_foot.php) Remote File Include trzindan_at_hotmail.fr (Jan 30 2007)
Atsphp 5.0.1 [Top Sites] [index.php] - Remote File Include trzindan_at_hotmail.fr (Jan 30 2007)
- Re: BOGUS: Atsphp 5.0.1 [Top Sites] [index.php] - Remote File Include Mailinglists Address (Jan 30 2007)
- Re: Atsphp 5.0.1 [Top Sites] [index.php] - Remote File Include Casey Marshall (Jan 30 2007)
[ MDKSA-2007:030 ] - Updated bind packages fix DoS vulnerabilities security_at_mandriva.com (Jan 30 2007)
Remote Unauthenticated Code Execution CA BrightStor ARCserve Backup NGS Software Insight Security Research (Jan 30 2007)
Remote Unauthenticated Code Execution II CA BrightStor ARCserve Backup for Laptops & Desktops NGS Software Insight Security Research (Jan 30 2007)
OWASP JBroFuzz 0.4 Fuzzer Released! subere_at_uncon.org (Jan 31 2007)
Remote DOS BrightStor ARCserve Backup for Laptops & Desktops NGS Software Insight Security Research (Jan 30 2007)
Remote Unauthenticated Resource Exhaustion CA Mobile BackupService NGS Software Insight Security Research (Jan 30 2007)
Oracle 10g R2 Enterprise Manager Directory Traversal NGS Software Insight Security Research (Jan 30 2007)
2007 Security OPUS CFP: Closed (Agenda included) Sharkey (Jan 30 2007)
Cisco Security Advisory: SIP Packet Reloads IOS Devices Not Configured for SIP Cisco Systems Product Security Incident Response Team (Jan 31 2007)
[ECHO_ADV_63$2007] Cadre remote file inclusion y3dips_at_gmail.com (Jan 31 2007)
[SECURITY] [DSA 1255-1] New libgtop2 packages fix arbitrary code execution Moritz Muehlenhoff (Jan 31 2007)
Windows Vista and unexported kernel symbols (Part II, 32bits version) Matthieu Suiche (Jan 31 2007)
[ GLSA 200701-27 ] ELinks: Arbitrary Samba command execution Raphael Marichez (Jan 31 2007)
[ GLSA 200701-28 ] thttpd: Unauthenticated remote file access Raphael Marichez (Jan 31 2007)
BBED - Oracle Block Browser and Editor pete_at_petefinnigan.com (Jan 31 2007)
[ GLSA 200701-26 ] KSirc: Denial of Service vulnerability Raphael Marichez (Jan 31 2007)
[SECURITY] [DSA 1256-1] New gtk+2.0 packages fix denial of service Moritz Muehlenhoff (Jan 31 2007)
Technika - Attack Scripting Environment pdp (architect) (Jan 31 2007)