Bugtraq: by author

242th section
- Pligg critical vulnerability (May 25 2007)
3APA3A
- Re[2]: [Full-disclosure] Question Regarding IIS 6.0 / Is this a DoS??? (May 23 2007)
- Re: [Full-disclosure] Question Regarding IIS 6.0 / Is this a DoS??? (May 23 2007)
- Re: Retrieving "deleted" sms/mms from Nokia phone (Symbian S60) (May 16 2007)
- Re: Media Player Classic .MPA Div-By-Zero Denial of Service Vulnerability (May 16 2007)
- Re: Exim 4.66 in conjunction with spamd Overflow issues (May 15 2007)
- Re[2]: Medium security hole affecting DSL-G624T (May 03 2007)
- Re: Medium security hole affecting DSL-G624T (May 03 2007)
abbasi_at_ustmb.ac.ir
- Post Nuke v4bJournal Module Sql Inject (May 02 2007)
absamu_at_gmail.com
- fotolog xss (May 10 2007)
ACROS Security
- ACROS Security: Session Fixation Vulnerability in HP SIM 5.0 (May 18 2007)
Adam Laurie
- ANNOUNCE: RFIDIOt version 0.1m released (May 16th 2007) (May 16 2007)
aditya kuppa
- Defeating Citibank Virtual Keyboard protection using screenshot method (May 17 2007)
admin_at_majorsecurity.de
- [MajorSecurity Advisory #48]eggblog - Session fixation Issue (May 29 2007)
- [MajorSecurity Advisory #47]Simple Machines Forum (SMF) - Session fixation Issue (May 05 2007)
aeroxteam_PLEASEDONTSPAMUS_at_gmail.com
- Re: NPDS <= 5.10 - Multiple SQL injections (May 04 2007)
- NPDS <= 5.10 - Multiple SQL injections (May 04 2007)
ALEMIN KRALI
- W1L3D4 Philboard v0.2 sql injection (May 11 2007)
Alexander Sotirov
- Exchange Calendar MODPROPS Denial of Service (CVE-2007-0039) (May 08 2007)
announcements_at_webappsec.org
- WASC Announcement: Distributed Open Proxy Honeypot Project Data Released (May 07 2007)
Ansgar -59cobalt- Wiechers
- Re: Defeating Citibank Virtual Keyboard protection using screenshot method (May 10 2007)
balazs.zolika_at_gmail.com
- Re: Re: Defeating Citibank Virtual Keyboard protection using screenshot method (May 18 2007)
- Re: RE: Defeating Citibank Virtual Keyboard protection using screenshot method (May 09 2007)
bendeniz_avci_at_hotmail.com
- Webspeed OpenEdge Dos exploit (May 12 2007)
binagres_at_gmail.com
- Computer Associates eTrust InoTask.exe Antivirus Buffer Overflow Vulnerability (May 10 2007)
BlackHawk
- Inout Meta Searh engine Remote Code Execution (May 28 2007)
Blazej Miga
- Apache httpd vulenrabilities (May 29 2007)
Bojan Zdrnja
- Re: Defeating Citibank Virtual Keyboard protection using screenshot method (May 17 2007)
- Re: Defeating Citibank Virtual Keyboard protection using screenshot method (May 16 2007)
bugtraq_at_cryptonix.org
- [tool] Etherbat - Ethernet topology discovery (May 30 2007)
c0ntexb_at_gmail.com
- Re: Magic iso heap over flow <Help> (May 23 2007)
calcite_at_setec.org
- Exim 4.66 in conjunction with spamd Overflow issues (May 12 2007)
chiweeman_at_gmail.com
- Re: fx-APP Version 0.0.8.1 (May 28 2007)
ciri_at_virtuax.be
- OTRS <= 2.0.x XSS/XSRF (May 07 2007)
Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Vulnerability In Crypto Library (May 22 2007)
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco IOS While Processing SSL Packets (May 22 2007)
- Cisco Security Advisory: Multiple Vulnerabilities in the IOS FTP Server (May 09 2007)
- Cisco Security Advisory: LDAP and VPN Vulnerabilities in PIX and ASA Appliances (May 02 2007)
come2waraxe_at_yahoo.com
- [waraxe-2007-SA#051] - Sql Injection in 2z Project 0.9.5 (May 23 2007)
- [waraxe-2007-SA#050] - Sql Injection in WordPress 2.1.3 (May 21 2007)
Cornelius Riemenschneider
- SQL-Injection in IP-TRACKING Mod for phpBB2.0.x (May 20 2007)
corrado.liotta_at_alice.it
- GMTT Music Distro 1.2 XSS Exploit (May 22 2007)
- Mini Web Shop v.2 Vulnerable to XSS (May 06 2007)
crazy frog crazy frog
- Re: Pligg critical vulnerability (May 25 2007)
crossbower_at_katamail.com
- I, Bot. Taking advantage of robots power (Article) (May 16 2007)
Daniele Calore
- Re: [security bulletin] HPSBTU02211 SSRT071326 rev.1 - HP Tru64 UNIX Running the dop command, Local Execution of Arbitrary Code with Privilege Elevation (May 09 2007)
Dann Frazier
- [SECURITY] [DSA 1286-1] New Linux 2.6.18 packages fix several vulnerabilities (May 02 2007)
David Cantrell
- Re: Apple Safari on MacOSX may reveal user's saved passwords (May 17 2007)
- Re: Apple Safari on MacOSX may reveal user's saved passwords (May 15 2007)
David Gillett
- RE: Defeating Citibank Virtual Keyboard protection using screenshot method (May 10 2007)
David Litchfield
- Oracle Forensics Part 4: Live Response (May 19 2007)
Davide Del Vecchio
- Re: Retrieving "deleted" sms/mms from Nokia phone (Symbian S60) (May 16 2007)
- Retrieving "deleted" sms/mms from Nokia phone (Symbian S60) (May 15 2007)
Debasis Mohanty
- RE: Defeating Citibank Virtual Keyboard protection using screenshot method (May 09 2007)
diabol the japanophile
- Re: Retrieving "deleted" sms/mms from Nokia phone (Symbian S60) (May 25 2007)
DoZ_at_HackersCenter.com
- Aardvark Topsites PHP Directory Disclosure Vulnerability (May 02 2007)
e1c4_at_hotmail.com
- Kayako eSupport v3.00.90 Cross Site Scripting (XSS) (May 07 2007)
Eduardo Tongson
- Re: [Full-disclosure] Retrieving "deleted" sms/mms from Nokia phone (Symbian S60) (May 20 2007)
Eli Dart
- Re: Defeating Citibank Virtual Keyboard protection using screenshot method (May 10 2007)
erdc_at_echo.or.id
- [ECHO_ADV_81$2007] wordpress plugins wordTube <= 1.43 (wpPATH) Remote File Inclusion Vulnerability (May 02 2007)
- [ECHO_ADV_82$2007] wordpress plugins wp-Table <= 1.43 (wpPATH) Remote File Inclusion Vulnerability (May 02 2007)
expw0rm_at_gmail.com
- ifdate 2.* unauthorized administrative access bug (May 13 2007)
Fatih Ozavci
- GS07-01 Full-Width and Half-Width Unicode Encoding IDS/IPS/WAF Bypass Vulnerability (May 14 2007)
Florian Weimer
- Re: Defeating Citibank Virtual Keyboard protection using screenshot method (May 10 2007)
Foresight Linux Essential Announcement Service
- FLEA-2007-0023-1: firefox (May 31 2007)
- FLEA-2007-0022-1: file (May 24 2007)
- FLEA-2007-0021-1: madwifi (May 24 2007)
- FLEA-2007-0020-1: freetype (May 23 2007)
- FLEA-2007-0019-1: python (May 21 2007)
- FLEA-2007-0018-1: libpng (May 17 2007)
- FLEA-2007-0017-1: samba (May 15 2007)
- FLEA-2007-0016-1: kernel (May 08 2007)
FreeBSD Security Advisories
- FreeBSD Security Advisory FreeBSD-SA-07:04.file (May 23 2007)
g0rk3m-31_at_hotmail.com
- Zindizayn Okul Web Sistemi v1.0 Sql VulnZ. (May 26 2007)
Gadi Evron
- Re: Broadband routers and botnets - being proactive (May 12 2007)
- Broadband routers and botnets - being proactive (May 11 2007)
- RE: Defeating Citibank Virtual Keyboard protection using screenshot method (May 09 2007)
- RE: Defeating Citibank Virtual Keyboard protection using screenshot method (May 09 2007)
- Re: Defeating Citibank Virtual Keyboard protection using screenshot method (May 09 2007)
Gerald (Jerry) Carter
- [SAMBA-SECURITY] CVE-2007-2447: Remote Command Injection Vulnerability (May 13 2007)
- [SAMBA-SECURITY] CVE-2007-2444: Local SID/Name Translation Failure Can Result in User Privilege Elevation (May 13 2007)
- [SAMBA-SECURITY] CVE-2007-2446: Multiple Heap Overflows Allow Remote Code Execution (May 13 2007)
Glynn Clements
- RE: Defeating Citibank Virtual Keyboard protection using screenshot method (May 12 2007)
gmdarkfig_at_gmail.com
- Nuked-klaN 1.7.6 Remote Code Execution Exploit (May 05 2007)
gobbles_fo_evar_at_hushmail.com
- AP Newspower software <=4.0.1 allows remote data manipulation (May 08 2007)
graham.coles_at_the-logic-group.com
- Re: Apple Safari on MacOSX may reveal user's saved passwords (May 17 2007)
- Re: Apple Safari on MacOSX may reveal user's saved passwords (May 16 2007)
hack2prison_at_yahoo.com
- eSyndiCat Input Validation Error Vulnerability (May 17 2007)
Hugo van der Kooij
- RE: Defeating Citibank Virtual Keyboard protection using screenshot method (May 11 2007)
Ian Ward Comfort
- Re: Apple Safari on MacOSX may reveal user's saved passwords (May 16 2007)
iDefense Labs
- iDefense Security Advisory 05.25.07: Sun Java System Web Proxy Multiple Buffer Overflow Vulnerabilities (May 25 2007)
- iDefense Security Advisory 05.24.07: Apple Computer Mac OS X pppd Plugin Loading Privilege Escalation Vulnerability (May 24 2007)
- iDefense Security Advisory 05.23.07: Opera Software Opera Web Browser Transfer Item Pop-up Menu Stack Overflow Vulnerability (May 23 2007)
- iDefense Security Advisory 05.14.07: Samba SAMR Change Password Remote Command Injection Vulnerability (May 14 2007)
- iDefense Security Advisory 05.10.07: Apple Darwin Streaming Proxy Multiple Vulnerabilities (May 10 2007)
- iDefense Security Advisory 05.10.07: Novell NetMail NMDMC Buffer Overflow Vulnerability (May 10 2007)
- iDefense Security Advisory 05.10.07: Sun Microsystems Solaris SRS Proxy Core srsexec Arbitrary File Read Vulnerability (May 10 2007)
- iDefense Security Advisory 05.09.07: Computer Associates eTrust InoTask.exe Antivirus Buffer Overflow Vulnerability (May 10 2007)
- iDefense Security Advisory 05.08.07: Microsoft Word RTF File Parsing Heap Corruption Vulnerability (May 09 2007)
- iDefense Security Advisory 05.08.07: Microsoft Excel Filter Record Code Execution Vulnerability (May 09 2007)
- iDefense Security Advisory 05.08.07: Microsoft Exchange Server 2000 IMAP Literal Processing DoS Vulnerability (May 09 2007)
- iDefense Security Advisory 05.09.07: Symantec Norton Internet Security 2006 COM Object Security ByPass Vulnerability (May 09 2007)
- iDefense Security Advisory 05.08.07: McAfee Security Center IsOldAppInstalled ActiveX Buffer Overflow Vulnerability (May 08 2007)
- iDefense Security Advisory 05.07.07: Sun Microsystems Solaris ACE_SETACL Integer Signedness DoS Vulnerability (May 07 2007)
- iDefense Security Advisory 05.02.07: LiveData Protocol Server Heap Overflow Vulnerability (May 02 2007)
- iDefense Security Advisory 04.30.07: Cerulean Studios Trillian Multiple IRC Vulnerabilities (May 01 2007)
ilkerkandemir_at_mynet.com
- PHPHtmlLib <= 2.4.0 Remote File Include Exploit (May 07 2007)
- phpHoo3 (admin.php) Remote Login Bypass SQL Injection Vulnerability (May 06 2007)
- fipsCMS v2.1 Remote SQL injection Vulnerability (May 06 2007)
- pfa CMS v6.0 (index.php repinc) Remote File Include Vulnerability (May 06 2007)
- PHPSecurityAdmin Remote File Include Exploit (May 03 2007)
- SchoolBoard (admin.php) Remote Login Bypass SQL Injection Vulnerability (May 03 2007)
imipak
- Re: Defeating Citibank Virtual Keyboard protection using screenshot method (May 14 2007)
info_at_activecampaign.com
- Re: 12All File Upload Vulnerability (May 07 2007)
info_at_devellion.com
- Re: UPDATED: CubeCart (v3.0.15) - CRLF Injection Vulnerability (May 09 2007)
info_at_digitalarmaments.com
- Digital Armaments May-June-2007 Hacking Challenge: VMware (May 09 2007)
ISecAuditors Security Advisories
- [ISecAuditors Security Advisories] Microsoft IIS5 NTLM and Basic authentication bypass (May 22 2007)
Ismael Briones
- Re: NOD32 Antivirus Long Path Name Stack Overflow Vulnerabilities (May 23 2007)
- NOD32 Antivirus Long Path Name Stack Overflow Vulnerabilities (May 20 2007)
jadoba_at_jadoba.net
- Vulnerability - cpCommerce - XSS (May 25 2007)
James C. Slora Jr.
- RE: Defeating Citibank Virtual Keyboard protection using screenshot method (May 11 2007)
James Youngman
- GNU Findutils release 4.2.31 fixes CVE-2007-2452 (GNU locate heap buffer overrun) (May 30 2007)
Jan Heisterkamp
- Re: Defeating Citibank Virtual Keyboard protection using screenshot method (May 10 2007)
jcarlos.norte_at_gmail.com
- Wordpress All versions XSS (May 01 2007)
Jean-S�bastien Guay-Leroux
- Multiple vendors ZOO file decompression infinite loop DoS (May 04 2007)
Jeremy Epstein
- Updated: webMethods Security Advisory: Glue console directory traversal vulnerability (May 07 2007)
Jerome Athias
- Re: notepad++[v4.1]: (win32) ruby file processing buffer overflow exploit. (May 23 2007)
Jim Harrison
- RE: Defeating Citibank Virtual Keyboard protection using screenshot method (May 09 2007)
- RE: Defeating Citibank Virtual Keyboard protection using screenshot method (May 09 2007)
- RE: Defeating Citibank Virtual Keyboard protection using screenshot method (May 09 2007)
- RE: XSS in Microsoft SharePoint (May 05 2007)
Johannes Greil
- SEC Consult SA-20070509-0 :: Multiple vulnerabilites in Nokia Intellisync Mobile Suite & Wireless Email Express (May 09 2007)
John McGuire
- 12All File Upload Vulnerability (May 02 2007)
john_at_martinelli.com
- RedLevel Advisory #23 - SalesCart Shopping Cart SQL Injection Vulnerability (May 29 2007)
- RedLevel Advisory #021 - CubeCart v3.0.16 SQL Injection Vulnerability (May 21 2007)
- RedLevel Advisory #020 - HLstats v1.35 Cross-Site Scripting Vulnerability #3 (May 21 2007)
- RedLevel Advisory #018 - RM EasyMail Plus - Cross-Site Scripting Vulnerability #2 (May 19 2007)
- RedLevel Advisory #017 - PsychoStats v3.0.6b Multiple Cross-Site Scripting Vulnerabilities (May 19 2007)
- RedLevel Advisory #022 - ClonusWiki .5 Cross-Site Scripting Vulnerability (May 22 2007)
- RedLevel Advisory #016 - HLstats v1.35 Cross-Site Scripting Vulnerability (May 19 2007)
- RedLevel Advisory #017 - HLstats v1.35 Cross-Site Scripting Vulnerability #2 (May 19 2007)
- RedLevel Advisory #015 - Redoable 1.2 Cross-Site Scripting Vulnerability (patch included) (May 17 2007)
- VP-ASP Shopping Cart 6.50 - Cross-Site Scripting Vulnerability (May 17 2007)
- Drake CMS (v0.4.0) - CRLF Injection Vulnerability (May 05 2007)
- UPDATED: CubeCart (v3.0.15) - CRLF Injection Vulnerability (May 05 2007)
- SunShop (v4) Multiple Vulnerabilities (May 05 2007)
- Podium CMS - Cookie Manipulation Exploit (May 05 2007)
- ACP3 (v4.0b3) - Multiple Vulnerabilities (May 05 2007)
- Bradford CampusManager v3.1(6) Sensitive Data Disclosure (May 02 2007)
Josh Zlatin-Amishav
- Re: squirrelmail CSRF vulnerability (May 12 2007)
- Re: squirrelmail CSRF vulnerability (May 10 2007)
KaCo678_at_aol.com
- Magic iso heap over flow <Help> (May 22 2007)
Kees Cook
- [USN-467-1] Gimp vulnerability (May 31 2007)
- [USN-466-1] freetype vulnerability (May 30 2007)
- [USN-465-1] PulseAudio vulnerability (May 25 2007)
- [USN-463-1] vim vulnerability (May 22 2007)
- [USN-462-1] PHP vulnerabilities (May 22 2007)
- [USN-460-2] Samba regression (May 22 2007)
- [USN-459-2] pptpd regression (May 21 2007)
- [USN-436-2] KTorrent vulnerability (May 18 2007)
- [USN-461-1] Quagga vulnerability (May 17 2007)
- [USN-460-1] Samba vulnerabilities (May 15 2007)
- [USN-459-1] pptpd vulnerability (May 14 2007)
- [USN-458-1] MoinMoin vulnerabilities (May 08 2007)
- [USN-457-1] elinks vulnerability (May 07 2007)
- [USN-456-1] net-snmp vulnerability (May 02 2007)
kepledehlah_at_eluwini.co.uk
- american cart 3.* (abs_path) remote file include (May 06 2007)
Kevin Finisterre (lists)
- Re: Apple Safari on MacOSX may reveal user's saved passwords (May 18 2007)
kimhm682000_at_yahoo.com
- Re: notepad++[v4.1]: (win32) ruby file processing buffer overflow exploit. (May 22 2007)
kingcope
- RE: [Full-disclosure] Question Regarding IIS 6.0 / Is this a DoS??? (May 23 2007)
lagged2hell_at_gmail.com
- Re: sunshop v4 >> RFI (May 03 2007)
laurent.gaffie_at_g.securityfocus.com
- Re: Jetbox CMS version 2.1 E-Mail Injection Vulnerability (May 15 2007)
laurent.gaffie_at_gmail.com
- PHP JackKnife [multiple vulnerabilities] (May 30 2007)
- cpcommerce < v1.1.0 [sql injection] (May 29 2007)
- Re: DGNews version 2.1 SQL Injection Vulnerability (May 28 2007)
laurent.gaffie_at_none.com
- vbulletin < 3.6.6 [permanent xss] (May 16 2007)
lists
- Re: Mac OS X vpnd local format string (May 29 2007)
ls_at_calima.serapis.net
- MyBloggie 2.1.6 SQL Injection (May 31 2007)
- Practicle Gallery 1.0.1 XSS (May 30 2007)
- Particle Blogger 1.2.1 SQL Injection (May 30 2007)
Lucas, Mark J.
- RE: Apple Safari on MacOSX may reveal user's saved passwords (May 14 2007)
M. Burnett
- RE: RDP TLS downgrade (May 09 2007)
mailbox_at_martinelli.com
- Re: RFI In Script FlashChat_v479 (May 28 2007)
- Re: Defeating Citibank Virtual Keyboard protection using screenshot method (May 17 2007)
- RE: Apple Safari on MacOSX may reveal user's saved passwords (May 14 2007)
Mark Senior
- Re: Apple Safari on MacOSX may reveal user's saved passwords (May 17 2007)
Mark Thomas
- [CVE-2007-1355] Tomcat documentation XSS vulnerabilities (May 19 2007)
Mark-David McLaughlin (marmclau)
- RE: Cisco CallManager 4.1 Input Validation Vulnerability (May 23 2007)
Martin Schulze
- [SECURITY] [DSA 1293-1] New quagga packages fix denial of service (May 17 2007)
Marvin Frick
- Re: iDefense Security Advisory 04.30.07: Cerulean Studios Trillian Multiple IRC Vulnerabilities (May 03 2007)
Matousec - Transparent security Research
- Bypassing PFW/HIPS open process control with uncommon identifier (May 15 2007)
- ZoneAlarm Insufficient validation of 'vsdatant' driver input buffer Vulnerability (May 01 2007)
matrix_at_hackerz.ir
- NASA Site Bug ( Check URI Input ) (May 18 2007)
Matthew Leeds
- Re[2]: Retrieving "deleted" sms/mms from Nokia phone (Symbian S60) (May 16 2007)
Michael Domberg
- Design Flaw in Deutsche Telekom Speedport w700v broadband router (May 11 2007)
- Cross-Site Scripting in Adobe RoboHelp 6, Server 6 and X5 (May 11 2007)
Michal Bucko (hackpl)
- Re: Media Player Classic .MPA Div-By-Zero Denial of Service Vulnerability (May 16 2007)
- Media Player Classic .MPA Div-By-Zero Denial of Service Vulnerability (May 14 2007)
- Multiple vulnerabilities (May 09 2007)
michele dallachiesa
- rtpBreak - detects, reconstructs and analyzes any RTP session (May 25 2007)
Moritz Muehlenhoff
- [SECURITY] [DSA 1298-1] New otrs2 packages fix cross-site scripting (May 28 2007)
- [SECURITY] [DSA 1297-1] New gforge-plugin-scmcvs packages fix arbitrary shell command execution (May 24 2007)
- [SECURITY] [DSA 1291-3] New samba packages fix regression (May 21 2007)
- [SECURITY] [DSA 1296-1] New php4 packages fix privilege escalation (May 21 2007)
- [SECURITY] [DSA 1295-1] New php5 packages fix several vulnerabilities (May 19 2007)
- [SECURITY] [DSA 1290-1] New squirrelmail packages fix cross-site scripting (May 13 2007)
- [SECURITY] [DSA 1289-1] New Linux 2.6.18 packages fix several vulnerabilities (May 13 2007)
- [SECURITY] [DSA 1288-1] New pptpd packages fix denial of service (May 08 2007)
- [SECURITY] [DSA 1284-1] New qemu packages fix several vulnerabilities (May 01 2007)
Morning Wood
- Re: [Full-disclosure] Vulnerabilities Hashes DB needed (May 06 2007)
myucebox_at_yahoo.com
- Vulnerability in Credant Mobile Guardian Shield for Windows (May 24 2007)
newbinaryfile_at_gmail.com
- BoastMachine index.php Cross Site Scripting Vulnerability (May 25 2007)
NGSSoftware Insight Security Research
- Mac OS X vpnd local format string (May 29 2007)
Nick FitzGerald
- RE: Defeating Citibank Virtual Keyboard protection using screenshot method (May 11 2007)
- RE: Defeating Citibank Virtual Keyboard protection using screenshot method (May 09 2007)
nnposter_at_disclosed.not
- Predictable TCP ISN in Packeteer PacketShaper (May 18 2007)
no-reply_at_radware.com
- Radware Security Advisory - Yate 1.1.0 Denial of Service Vulnerability (May 01 2007)
Noah Meyerhans
- [SECURITY] [DSA 1281-2] New clamav packages fix denial of service vulnerability (May 21 2007)
- [SECURITY] [DSA 1291-2] New samba packages fix multiple vulnerabilities (May 17 2007)
- [SECURITY] [DSA 1292-1] New qt4-x11 packages fix cross-site scripting vulnerability (May 15 2007)
- [SECURITY] [DSA 1291-1] New samba packages fix multiple vulnerabilities (May 15 2007)
- [SECURITY] [DSA 1287-1] New ldap-account-manager packages fix multiple vulnerabilities (May 07 2007)
- [SECURITY] [DSA 1285-1] New wordpress packages fix multiple vulnerabilities (May 01 2007)
Ofer Shezaf
- 2nd OWASP Israel mini conference at the Interdisciplinary Center Herzliya (IDC), Monday, May 21st, 13:30 (May 09 2007)
Oliver Goebel
- IMF 2007 - Deadline Extension (May 14 2007)
Omar A. Herrera
- RE: Defeating Citibank Virtual Keyboard protection using screenshot method (May 11 2007)
OpenPKG GmbH
- [OpenPKG-SA-2007.019] OpenPKG Security Advisory (php) (May 25 2007)
- [OpenPKG-SA-2007.018] OpenPKG Security Advisory (freetype) (May 24 2007)
- [OpenPKG-SA-2007.017] OpenPKG Security Advisory (ratbox) (May 18 2007)
- [OpenPKG-SA-2007.015] OpenPKG Security Advisory (quagga) (May 17 2007)
- [OpenPKG-SA-2007.013] OpenPKG Security Advisory (png) (May 17 2007)
- [OpenPKG-SA-2007.012] OpenPKG Security Advisory (samba) (May 17 2007)
organiser_at_syscan.org
- Training Classes in SyScan'07 (May 09 2007)
p3rlhax_at_gmail.com
- squirrelmail CSRF vulnerability (May 10 2007)
Paul B�hm
- FINAL Call For Papers: Chaos Communication Camp 2007, Berlin (May 22 2007)
Paul Foote
- Re: Defeating Citibank Virtual Keyboard protection using screenshot method (May 13 2007)
Pavel Kankovsky
- Re: squirrelmail CSRF vulnerability (May 13 2007)
Piotr Bania
- POC CODE - TI89 Titanium Resident EPO Calculator Virus (T89.GAARA) (May 20 2007)
pito pito
- Web Directory / Search Engine v2.0 Authentication Bypass/Database Download Vulne (May 25 2007)
poplix
- Re: Apple Safari on MacOSX may reveal user's saved passwords (May 18 2007)
- Re: Apple Safari on MacOSX may reveal user's saved passwords (May 18 2007)
poplix_at_papuasia.org
- RE: Apple Safari on MacOSX may reveal user's saved passwords (May 16 2007)
- Re: RE: Apple Safari on MacOSX may reveal user's saved passwords (May 14 2007)
- safari's saved password at risk (May 04 2007)
poplix_at_papusia.org
- Apple Safari on MacOSX may reveal user's saved passwords (May 14 2007)
preth00nker_at_gmail.com
- Atomix Mp3 Buffer Overflow (May 01 2007)
Raed_at_BsdMail.Com
- RFI In Script FlashChat_v479 (May 28 2007)
- Remote File Include In Script impex (May 04 2007)
Raphael Marichez
- [ GLSA 200705-25 ] file: Integer overflow (May 31 2007)
- [ GLSA 200705-24 ] libpng: Denial of Service (May 31 2007)
- [ GLSA 200705-23 ] Sun JDK/JRE: Multiple vulnerabilities (May 31 2007)
- [ GLSA 200705-22 ] FreeType: Buffer overflow (May 30 2007)
- [ GLSA 200705-21 ] MPlayer: Two buffer overflows (May 30 2007)
- [ GLSA 200705-20 ] Blackdown Java: Applet privilege escalation (May 26 2007)
- [ GLSA 200705-19 ] PHP: Multiple vulnerabilities (May 26 2007)
- [ GLSA 200705-17 ] Apache mod_security: Rule bypass (May 17 2007)
- [ GLSA 200705-16 ] PhpWiki: Remote execution of arbitrary code (May 17 2007)
- [ GLSA 200705-14 ] XScreenSaver: Privilege escalation (May 13 2007)
- [ GLSA 200705-10 ] LibXfont, TightVNC: Multiple vulnerabilities (May 08 2007)
- [ GLSA 200705-11 ] MySQL: Two Denial of Service vulnerabilities (May 08 2007)
- [ GLSA 200705-09 ] IPsec-Tools: Denial of Service (May 08 2007)
- [ GLSA 200705-08 ] GIMP: Buffer overflow (May 07 2007)
- [ GLSA 200705-07 ] Lighttpd: Two Denials of Service (May 07 2007)
- [ GLSA 200705-06 ] X.Org X11 library: Multiple integer overflows (May 05 2007)
- [ GLSA 200705-03 ] Tomcat: Information disclosure (May 01 2007)
- [ GLSA 200705-01 ] Ktorrent: Multiple vulnerabilities (May 01 2007)
- [ GLSA 200705-02 ] FreeType: User-assisted execution of arbitrary code (May 01 2007)
rd
- Remider: VNSECON 07 Call for Papers ends on June 08 (May 20 2007)
retrog_at_alice.it
- IE 6 / Dart Communications PowerTCP ZIP Compression Control (DartZip.dll 1.8.5.3) remote buffer overflow (May 25 2007)
- Dart Communications PowerTCP Service Control (DartService.dll 3.1.3.3) remote buffer overflow (May 24 2007)
- RunCms <= 1.5.2 debug_show.php sql injection (May 04 2007)
Reversemode
- Re: Defeating Citibank Virtual Keyboard protection using screenshot method (May 11 2007)
- Re: Defeating Citibank Virtual Keyboard protection using screenshot method (May 09 2007)
- [Reversemode Advisory] VMware Products - GPF Denial of Service (May 07 2007)
- Re: iDefense Security Advisory 04.30.07: Cerulean Studios Trillian Multiple IRC Vulnerabilities (May 04 2007)
rewterz security team
- REWTERZ-20070518 - Authentication Bypass in Rational Soft's Hidden Administrator (May 18 2007)
Richard Moore
- Re: [Full-disclosure] Question Regarding IIS 6.0 / Is this a DoS??? (May 23 2007)
Robin Sommer
- [Call for Participation] DIMVA 2007 (May 22 2007)
robpaveza_at_gmail.com
- Windows Vista: Non-privileged code can redirect shortcuts to intercept privilege elevation requests (May 13 2007)
Rogan Dawes
- Re: WebScarab <= 20060621-0003 cross site scripting (May 04 2007)
Roger A. Grimes
- RE: RDP TLS downgrade (May 09 2007)
Rogier Mulhuijzen
- RE: Defeating Citibank Virtual Keyboard protection using screenshot method (May 16 2007)
- RE: Defeating Citibank Virtual Keyboard protection using screenshot method (May 10 2007)
rPath Update Announcements
- rPSA-2007-0112-1 firefox thunderbird (May 31 2007)
- rPSA-2007-0109-1 file (May 24 2007)
- rPSA-2007-0108-1 freetype (May 23 2007)
- rPSA-2007-0107-1 mysql mysql-bench mysql-server (May 23 2007)
- rPSA-2007-0104-1 idle python (May 17 2007)
- rPSA-2007-0102-1 libpng (May 16 2007)
- rPSA-2007-0098-1 samba samba-swat (May 14 2007)
- rPSA-2007-0096-1 shadow (May 11 2007)
- rPSA-2007-0094-1 cpio (May 07 2007)
- rPSA-2007-0092-1 tetex tetex-afm tetex-dvips tetex-fonts tetex-latex tetex-xdvi (May 07 2007)
- rPSA-2007-0088-1 xscreensaver (May 03 2007)
- rPSA-2007-0089-1 net-snmp net-snmp-utils (May 03 2007)
- rPSA-2007-0090-1 gimp (May 03 2007)
- rPSA-2007-0085-1 lftp (May 03 2007)
- rPSA-2007-0084-1 kernel (May 01 2007)
samelinux_at_gmail.com
- RE: Apple Safari on MacOSX may reveal user's saved passwords (May 14 2007)
sapheal-hack.pl
- Taltech Tal Bar Code ActiveX Control Memory Corruption Vulnerability(-ies) (May 05 2007)
sauge_at_amduus.com
- Re: Progress Webspeed exploit for all releases (May 31 2007)
Secunia Research
- Secunia Research: eScan Products Agent Service Command Decryption Buffer Overflow (May 23 2007)
- Secunia Research: Internet Explorer HTML Objects Memory Corruption Vulnerability (May 09 2007)
- Secunia Research: BearShare NCTAudioFile2 ActiveX Control Buffer Overflow (May 09 2007)
secure_at_symantec.com
- Symantec Product Security: Norton Personal Firewall 2004 ActiveX Control vulnerability (May 16 2007)
security curmudgeon
- Re: nucleus 3.22 >> RFI (May 05 2007)
security-alert_at_hp.com
- [security bulletin] HPSBUX02087 SSRT4728 rev.5 - HP-UX running TCP/IP Remote Denial of Service (DoS) (May 29 2007)
- [security bulletin] HPSBUX02217 SSRT071337 rev.1 - HP-UX running Kerberos, Remote Arbitrary Code Execution (May 22 2007)
- [security bulletin] HPSBST02214 SSRT071422 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS07-023 to MS07-029 (May 17 2007)
- [security bulletin] HPSBMA02213 SSRT061214 rev.1 - HP Systems Insight Manager (SIM) for Windows, Remote Privileged Access and Arbitrary Code Execution (May 17 2007)
- [security bulletin] HPSBTU02209 SSRT071323 rev.1 - HP Tru64 UNIX Running Secure Shell (SSH), Remote Unauthorized Identification of Valid Users (May 17 2007)
- [security bulletin] HPSBGN02189 SSRT071297 rev.3 - ServiceGuard for Linux, Remote Unauthorized Access (May 14 2007)
- [security bulletin] HPSBMI02210 SSRT071396 rev.2 - ProCurve Series 9300m Switches, Remote Denial of Service (DoS) (May 14 2007)
- [security bulletin] HPSBTU02211 SSRT071326 rev.1 - HP Tru64 UNIX Running the dop command, Local Execution of Arbitrary Code with Privilege Elevation (May 08 2007)
- [security bulletin] HPSBMA02138 SSRT061184 rev.3 - HP OpenView Storage Data Protector, Remote Unauthorized Arbitrary Command Execution (May 08 2007)
- [security bulletin] HPSBUX01137 SSRT5954 rev.10 - HP-UX Running TCP/IP (IPv4), Remote Unauthorized Denial of Service (DoS) (May 03 2007)
- [security bulletin] HPSBMI02210 SSRT071396 rev.1 - ProCurve Series 9300m Switches, Remote Denial of Service (DoS) (May 03 2007)
- [security bulletin] HPSBTU02116 SSRT061135 rev.3 - HP Tru64 UNIX and HP Internet Express for Tru64 UNIX Running sendmail, Remote Execution of Arbitrary Code or Denial of Service (DoS) (May 03 2007)
- [security bulletin] HPSBTU02179 SSRT061256 rev.1 - HP Tru64 UNIX Running the ps command, Local Disclosure of Sensitive Information (May 03 2007)
- [security bulletin] HPSBPI02185 SSRT071290 rev.2 - HP Jetdirect Running ftp, Remote Denial of Service (DoS) (May 03 2007)
security_at_mandriva.com
- [ MDKSA-2007:104-1 ] - Updated samba packages fix multiple vulnerabilities (May 23 2007)
- [ MDKSA-2007:109 ] - Updated tetex packages fix vulnerabilities (May 23 2007)
- [ MDKSA-2007:108 ] - Updated gimp packages fix stack overflow in sunras plugin (May 22 2007)
- [ MDKSA-2007:107 ] - Updated evolution packages fix APOP weakness (May 19 2007)
- [ MDKSA-2007:106 ] - Updated squirrelmailpackages fix vulnerabilities (May 19 2007)
- [ MDKSA-2007:105 ] - Updated fetchmail packages fix potential APOP vulnerabilities (May 17 2007)
- [ MDKSA-2007:104 ] - Updated samba packages fix multiple vulnerabilities (May 14 2007)
- [ MDKSA-2007:102 ] - Updated php packages fix multiple vulnerabilities (May 10 2007)
- [ MDKSA-2007:103 ] - Updated php packages fix multiple vulnerabilities (May 10 2007)
- [ MDKSA-2007:101 ] - Updated bind packages fix vulnerability (May 09 2007)
- [ MDKSA-2007:100 ] - Updated bind packages fix vulnerability (May 09 2007)
- [ MDKSA-2007:098 ] - Updated clamav packages fix vulnerabilities (May 08 2007)
- [ MDKSA-2007:099 ] - Updated python packages fix vulnerabilities (May 08 2007)
- [ MDKSA-2007:097 ] - Updated xscreensaver packages fix vulnerability (May 02 2007)
- [ MDKSA-2007:096 ] - Updated quagga packages fix DoS vulnerability (May 02 2007)
- [ MDKSA-2007:095 ] - Updated ktorrent packages fix vulnerability (May 01 2007)
security_at_nruns.com
- n.runs-SA-2007.012 - Avira Antivir Antivirus TAR Denial of Service (May 30 2007)
- n.runs-SA-2007.011 - Avira Antivir Antivirus UPX parsing Divide by Zero Advisory (May 28 2007)
- n.runs-SA-2007.010 - Avira Antivir Antivirus LZH parsing Arbitrary Code Execution Advisory (May 28 2007)
- n.runs-SA-2007.009 - Avast! Antivirus SIS parsing Arbitrary Code Execution Advisory (May 25 2007)
- n.runs-SA-2007.008 - Avast! Antivirus CAB parsing Arbitrary Code Execution Advisory (May 24 2007)
securityresearch_at_netvigilance.com
- DGNews version 2.1 XSS Attack Vulnerability (May 28 2007)
- myEvent version 1.6 Multiple Path Disclosure Vulnerabilities (May 28 2007)
- DGNews version 2.1 SQL Injection Vulnerability (May 28 2007)
- DGNews version 2.1 Path Disclosure Vulnerability (May 28 2007)
- Jetbox CMS version 2.1 Multiple Path Disclosure Vulnerabilities (May 21 2007)
- Jetbox CMS version 2.1 XSS Attack Vulnerability (May 22 2007)
- Jetbox CMS version 2.1 Multiple SQL Injection Vulnerabilities (May 21 2007)
- Jetbox CMS version 2.1 E-Mail Injection Vulnerability (May 15 2007)
- MyBB version 1.2.4 Multiple Path Disclosure Vulnerabilities (May 13 2007)
- SonicBB version 1.0 Multiple SQL Injection Vulnerabilities (May 14 2007)
- SonicBB version 1.0 Multiple Path Disclosure Vulnerabilities (May 14 2007)
- SonicBB version 1.0 XSS Attack Vulnerabilities (May 14 2007)
- Advanced Guestbook version 2.4.2 Multiple XSS Attack Vulnerabilities (May 07 2007)
- Advanced Guestbook version 2.4.2 Directory Traversal Vulnerability (May 07 2007)
- Advanced Guestbook version 2.4.2 Multiple Error Information Leak Vulnerabilities (May 07 2007)
Seth
- Re: Defeating Citibank Virtual Keyboard protection using screenshot method (May 12 2007)
sethb_at_panix.com
- Re: Defeating Citibank Virtual Keyboard protection using screenshot method (May 16 2007)
sflist_at_digitaloffense.net
- Uninformed Journal Release Announcement: Volume 7 (May 13 2007)
shadown
- Re: [Dailydave] Vulnerabilities Hashes DB needed (May 06 2007)
skillTube.com
- Vulnerability in InterVations' MailCopa (May 02 2007)
software_at_da.ks.gov
- RDP TLS downgrade (May 09 2007)
Solarius
- Re: XSS in Microsoft SharePoint (May 13 2007)
spriteversus_at_hotmail.com
- ImI image file inclusion in script upload (May 14 2007)
Stefan Friedli
- Cisco CallManager 4.1 Input Validation Vulnerability (May 23 2007)
Stefano
- Re: [ MDKSA-2007:101 ] - Updated bind packages fix vulnerability (May 10 2007)
stephen joseph butler
- Re: Apple Safari on MacOSX may reveal user's saved passwords (May 16 2007)
Steven M. Christey
- Re: Podium CMS - Cookie Manipulation Exploit (May 09 2007)
Sune Kloppenborg Jeppesen
- [ GLSA 200705-18 ] PPTPD: Denial of Service attack (May 20 2007)
- [ GLSA 200705-15 ] Samba: Multiple vulnerabilities (May 15 2007)
- [ GLSA 200705-13 ] ImageMagick: Multiple buffer overflows (May 10 2007)
- [ GLSA 200705-12 ] PostgreSQL: Privilege escalation (May 10 2007)
- [ GLSA 200705-04 ] Apache mod_perl: Denial of Service (May 02 2007)
- [ GLSA 200705-05 ] Quagga: Denial of Service (May 02 2007)
suresync_at_gmail.com
- Multiple Denial of Service attacks possible for Webspeed OpenEdge (May 11 2007)
- response Progress: Denial of Service attack against WebSpeed possible (May 02 2007)
- Disable website access for sites running Webspeed (May 01 2007)
tchouamou_at_gmail.com
- Remedy for: Remot File Include In phpexplorator_2_0 (May 22 2007)
technocrat_at_nuke-evolution.com
- Re: NukeSentinel Bypass SQL Injection & Nuke Evolution <= 2.0.3 SQL Injections (May 07 2007)
test
- RE: DDOS abuse contacts (May 22 2007)
the.tiger100_at_gmail.com
- Re: RFI In Script FlashChat_v479 (May 28 2007)
the_3dit0r_at_yahoo.com
- RMForum Database Disclosure Vulnerabilitiy (May 26 2007)
- webCMS_1.00 Database Disclosure Vulnerabilitiy (May 25 2007)
- ABC Excel Parser Pro v4.0 Remote File Include Exploit (May 20 2007)
- phpPgAdmin-4.1.1 Remote File Include & Url Redirecting Vulnerabilitiy (May 20 2007)
- Simple Accessible XHTML Online News v4.6 Remote File Include Exploit (May 20 2007)
- SimpGB v1.46.0 Remote File Include Exploit (May 20 2007)
- phpMUR Cross Site Scripting (May 10 2007)
thejus_mb_at_yahoo.com
- Security Videos (May 22 2007)
Thierry Zoller
- BTCrack 1.1 Heisec Release (May 13 2007)
Tim Brown
- Re: Medium security hole affecting DSL-G624T (May 03 2007)
- Re: Medium security hole affecting DSL-G624T (May 03 2007)
- Medium security hole affecting DSL-G624T (May 02 2007)
Tim Newsham
- Re: squirrelmail CSRF vulnerability (May 11 2007)
Tom Stracener
- Q1 2007 Application Security Trends Report (Corrected Link) (May 23 2007)
- Q1 2007 Application Security Trends Report (May 22 2007)
Trustix Security Advisor
- TSLSA-2007-0019 - multi (May 25 2007)
- TSLSA-2007-0017 - multi (May 16 2007)
TSRT_at_3com.com
- TPTI-07-07: Apple QuickTime STSD Parsing Heap Overflow Vulnerability (May 10 2007)
- TPTI-07-05: IBM Tivoli Provisioning Manager for OS Deployment Multiple Stack Overflow Vulnerabilities (May 02 2007)
- TPTI-07-06: Trillian Pro Rendezvous XMPP HTML Decoding Heap Corruption (May 02 2007)
Ulrich Keil
- Re: XSS vulnerability on various german online banking sites (sparkasse) - CORRECTION (May 18 2007)
- XSS vulnerability on various german online banking sites (sparkasse) (May 16 2007)
v9
- notepad++[v4.1]: (win32) ruby file processing buffer overflow exploit. (May 12 2007)
v9_at_fakehalo.us
- Re: Magic iso heap over flow <Help> (May 22 2007)
- Re: NOD32 Antivirus Long Path Name Stack Overflow Vulnerabilities (May 22 2007)
vagrant - e-hack.org
- GTP 3G � Gnuturk Portal System year=**&month= Cross-Site Scripting Vulnerability (May 24 2007)
- WIYS v1.0 Cross-Site Scripting Vulnerability - (05.24.2007) (NEW) (May 24 2007)
vagrant Pest
- BoastMachine v3.0 platinum - Session �d Hacking (May 22 2007)
ville.solarius_at_gmail.com
- XSS in Microsoft SharePoint (May 04 2007)
VMware Security team
- VMSA-2007-0004.1 Updated: Multiple Denial-of-Service issues fixed and directory traversal vulnerability (May 18 2007)
- VMSA-2007-0004 Multiple Denial-of-Service issues fixed (May 07 2007)
VulnerabilityResearch_at_digitaldefense.net
- TFTPdWin 0.4.2 Server Directory Traversal Vulnerability (May 11 2007)
- eFileCabinet Authentication Bypass (May 11 2007)
vulnpost-remove_at_vuln.sg
- [vuln.sg] yEnc32 Decoder Long Filename Buffer Overflow Vulnerability (May 11 2007)
webmaster_at_carbonize.co.uk
- Re: Re: [Bogus] Lazarus Guestbook (admin.php)Remote File Include Expliot - (May 20 2007)
Williams, James K
- CA BrightStor ARCserve Backup Mediasvr.exe and caloggerd.exe Vulnerabilities (May 16 2007)
- [CAID 35330, 35331]: CA Anti-Virus, CA Threat Manager, and CA Anti-Spyware Console Login and File Mapping Vulnerabilities (May 10 2007)
XFOCUS Security Team
- XCon2007 Call For Paper (May 17 2007)
xx_hack_xx_2004_at_hotmail.com
- Full Path Disclosure in Almnzm (May 29 2007)
- Multiple XSS in Digirez (May 25 2007)
yashks_at_gmail.com
- Re: Re: Defeating Citibank Virtual Keyboard protection using screenshot method (May 09 2007)
- Defeating Citibank Virtual Keyboard protection using screenshot method (May 07 2007)
zdi-disclosures_at_3com.com
- ZDI-07-033: Samba lsa_io_trans_names Heap Overflow Vulnerability (May 15 2007)
- ZDI-07-032: Samba sec_io_acl Heap Overflow Vulnerability (May 15 2007)
- ZDI-07-030: Samba netdfs_io_dfs_EnumInfo_d Heap Overflow Vulnerability (May 15 2007)
- ZDI-07-029: Samba lsa_io_privilege_set Heap Overflow Vulnerability (May 15 2007)
- ZDI-07-031: Samba smb_io_notify_option_type_data Heap Overflow Vulnerability (May 15 2007)
- ZDI-07-028: CA eTrust AntiVirus Server inoweb Buffer Overflow Vulnerability (May 10 2007)
- ZDI-07-026: Microsoft Excel BIFF File Format Named Graph Record Parsing Stack Overflow Vulnerability (May 08 2007)
- ZDI-07-027: Microsoft Internet Explorer Table Column Deletion Memory Corruption Vulnerability (May 08 2007)
- ZDI-07-024: Trend Micro ServerProtect EarthAgent Stack Overflow Vulnerability (May 07 2007)
- ZDI-07-025: Trend Micro ServerProtect AgRpcCln.dll Stack Overflow Vulnerability (May 07 2007)
- ZDI-07-023: Apple QTJava toQTPointer() Pointer Arithmetic Memory Overwrite Vulnerability (May 01 2007)
Zhihao
- RE: Retrieving "deleted" sms/mms from Nokia phone (Symbian S60) (May 16 2007)