Bugtraq: by thread

Bugtraq: by thread

435 messages starting May 01 07 and ending May 31 07
Date index | Thread index | Author index

iDefense Security Advisory 04.30.07: Cerulean Studios Trillian Multiple IRC Vulnerabilities iDefense Labs (May 01)
- Re: iDefense Security Advisory 04.30.07: Cerulean Studios Trillian Multiple IRC Vulnerabilities Marvin Frick (May 04)
  - Re: iDefense Security Advisory 04.30.07: Cerulean Studios Trillian Multiple IRC Vulnerabilities Reversemode (May 04)
ZoneAlarm Insufficient validation of 'vsdatant' driver input buffer Vulnerability Matousec - Transparent security Research (May 01)
[SECURITY] [DSA 1284-1] New qemu packages fix several vulnerabilities Moritz Muehlenhoff (May 01)
[SECURITY] [DSA 1285-1] New wordpress packages fix multiple vulnerabilities Noah Meyerhans (May 01)
[ GLSA 200705-02 ] FreeType: User-assisted execution of arbitrary code Raphael Marichez (May 01)
Radware Security Advisory - Yate 1.1.0 Denial of Service Vulnerability no-reply (May 01)
[ GLSA 200705-01 ] Ktorrent: Multiple vulnerabilities Raphael Marichez (May 01)
[ GLSA 200705-03 ] Tomcat: Information disclosure Raphael Marichez (May 01)
ZDI-07-023: Apple QTJava toQTPointer() Pointer Arithmetic Memory Overwrite Vulnerability zdi-disclosures (May 01)
rPSA-2007-0084-1 kernel rPath Update Announcements (May 02)
[ GLSA 200705-05 ] Quagga: Denial of Service Sune Kloppenborg Jeppesen (May 02)
Wordpress All versions XSS jcarlos . norte (May 02)
[ECHO_ADV_82$2007] wordpress plugins wp-Table <= 1.43 (wpPATH) Remote File Inclusion Vulnerability erdc (May 02)
[ECHO_ADV_81$2007] wordpress plugins wordTube <= 1.43 (wpPATH) Remote File Inclusion Vulnerability erdc (May 02)
[ GLSA 200705-04 ] Apache mod_perl: Denial of Service Sune Kloppenborg Jeppesen (May 02)
[ MDKSA-2007:095 ] - Updated ktorrent packages fix vulnerability security (May 02)
[USN-456-1] net-snmp vulnerability Kees Cook (May 02)
Atomix Mp3 Buffer Overflow preth00nker (May 02)
Vulnerability in InterVations' MailCopa skillTube.com (May 02)
Disable website access for sites running Webspeed suresync (May 02)
response Progress: Denial of Service attack against WebSpeed possible suresync (May 02)
Cisco Security Advisory: LDAP and VPN Vulnerabilities in PIX and ASA Appliances Cisco Systems Product Security Incident Response Team (May 02)
Post Nuke v4bJournal Module Sql Inject abbasi (May 02)
iDefense Security Advisory 05.02.07: LiveData Protocol Server Heap Overflow Vulnerability iDefense Labs (May 02)
[SECURITY] [DSA 1286-1] New Linux 2.6.18 packages fix several vulnerabilities Dann Frazier (May 02)
[ MDKSA-2007:096 ] - Updated quagga packages fix DoS vulnerability security (May 02)
TPTI-07-06: Trillian Pro Rendezvous XMPP HTML Decoding Heap Corruption TSRT (May 02)
TPTI-07-05: IBM Tivoli Provisioning Manager for OS Deployment Multiple Stack Overflow Vulnerabilities TSRT (May 02)
12All File Upload Vulnerability John McGuire (May 03)
- <Possible follow-ups>
- Re: 12All File Upload Vulnerability info (May 07)
[security bulletin] HPSBPI02185 SSRT071290 rev.2 - HP Jetdirect Running ftp, Remote Denial of Service (DoS) security-alert (May 03)
Medium security hole affecting DSL-G624T Tim Brown (May 03)
- Re: Medium security hole affecting DSL-G624T 3APA3A (May 03)
  - Re: Medium security hole affecting DSL-G624T Tim Brown (May 04)
    - Re[2]: Medium security hole affecting DSL-G624T 3APA3A (May 04)
    - Re: Medium security hole affecting DSL-G624T Tim Brown (May 04)
[security bulletin] HPSBTU02179 SSRT061256 rev.1 - HP Tru64 UNIX Running the ps command, Local Disclosure of Sensitive Information security-alert (May 03)
Bradford CampusManager v3.1(6) Sensitive Data Disclosure john (May 03)
[ MDKSA-2007:097 ] - Updated xscreensaver packages fix vulnerability security (May 03)
Aardvark Topsites PHP Directory Disclosure Vulnerability DoZ (May 03)
SchoolBoard (admin.php) Remote Login Bypass SQL Injection Vulnerability ilkerkandemir (May 03)
[security bulletin] HPSBTU02116 SSRT061135 rev.3 - HP Tru64 UNIX and HP Internet Express for Tru64 UNIX Running sendmail, Remote Execution of Arbitrary Code or Denial of Service (DoS) security-alert (May 03)
[security bulletin] HPSBMI02210 SSRT071396 rev.1 - ProCurve Series 9300m Switches, Remote Denial of Service (DoS) security-alert (May 03)
[security bulletin] HPSBUX01137 SSRT5954 rev.10 - HP-UX Running TCP/IP (IPv4), Remote Unauthorized Denial of Service (DoS) security-alert (May 03)
rPSA-2007-0085-1 lftp rPath Update Announcements (May 03)
rPSA-2007-0090-1 gimp rPath Update Announcements (May 03)
rPSA-2007-0089-1 net-snmp net-snmp-utils rPath Update Announcements (May 03)
rPSA-2007-0088-1 xscreensaver rPath Update Announcements (May 03)
Multiple vendors ZOO file decompression infinite loop DoS Jean-Sébastien Guay-Leroux (May 04)
PHPSecurityAdmin Remote File Include Exploit ilkerkandemir (May 04)
Remote File Include In Script impex RaeD (May 04)
RunCms <= 1.5.2 debug_show.php sql injection retrog (May 04)
Re: sunshop v4 >> RFI lagged2hell (May 04)
safari's saved password at risk poplix (May 04)
NPDS <= 5.10 - Multiple SQL injections aeroxteam_PLEASEDONTSPAMUS (May 04)
- <Possible follow-ups>
- Re: NPDS <= 5.10 - Multiple SQL injections aeroxteam_PLEASEDONTSPAMUS (May 05)
Re: WebScarab <= 20060621-0003 cross site scripting Rogan Dawes (May 05)
XSS in Microsoft SharePoint ville . solarius (May 05)
- RE: XSS in Microsoft SharePoint Jim Harrison (May 05)
  - Re: XSS in Microsoft SharePoint Solarius (May 14)
ACP3 (v4.0b3) - Multiple Vulnerabilities john (May 05)
[MajorSecurity Advisory #47]Simple Machines Forum (SMF) - Session fixation Issue admin (May 05)
Nuked-klaN 1.7.6 Remote Code Execution Exploit gmdarkfig (May 05)
Taltech Tal Bar Code ActiveX Control Memory Corruption Vulnerability(-ies) sapheal-hack.pl (May 07)
Podium CMS - Cookie Manipulation Exploit john (May 07)
- <Possible follow-ups>
- Re: Podium CMS - Cookie Manipulation Exploit Steven M. Christey (May 09)
SunShop (v4) Multiple Vulnerabilities john (May 07)
[ GLSA 200705-06 ] X.Org X11 library: Multiple integer overflows Raphael Marichez (May 07)
UPDATED: CubeCart (v3.0.15) - CRLF Injection Vulnerability john (May 07)
- <Possible follow-ups>
- Re: UPDATED: CubeCart (v3.0.15) - CRLF Injection Vulnerability info (May 09)
Drake CMS (v0.4.0) - CRLF Injection Vulnerability john (May 07)
Re: nucleus 3.22 >> RFI security curmudgeon (May 07)
Mini Web Shop v.2 Vulnerable to XSS corrado . liotta (May 07)
Kayako eSupport v3.00.90 Cross Site Scripting (XSS) e1c4 (May 07)
[SECURITY] [DSA 1287-1] New ldap-account-manager packages fix multiple vulnerabilities Noah Meyerhans (May 07)
[USN-457-1] elinks vulnerability Kees Cook (May 07)
[Reversemode Advisory] VMware Products - GPF Denial of Service Reversemode (May 07)
pfa CMS v6.0 (index.php repinc) Remote File Include Vulnerability ilkerkandemir (May 07)
fipsCMS v2.1 Remote SQL injection Vulnerability ilkerkandemir (May 07)
phpHoo3 (admin.php) Remote Login Bypass SQL Injection Vulnerability ilkerkandemir (May 07)
PHPHtmlLib <= 2.4.0 Remote File Include Exploit ilkerkandemir (May 07)
american cart 3.* (abs_path) remote file include kepledehlah (May 07)
Re: NukeSentinel Bypass SQL Injection & Nuke Evolution <= 2.0.3 SQL Injections technocrat (May 07)
iDefense Security Advisory 05.07.07: Sun Microsystems Solaris ACE_SETACL Integer Signedness DoS Vulnerability iDefense Labs (May 07)
OTRS <= 2.0.x XSS/XSRF ciri (May 07)
Updated: webMethods Security Advisory: Glue console directory traversal vulnerability Jeremy Epstein (May 07)
[ GLSA 200705-07 ] Lighttpd: Two Denials of Service Raphael Marichez (May 07)
[ GLSA 200705-08 ] GIMP: Buffer overflow Raphael Marichez (May 07)
WASC Announcement: Distributed Open Proxy Honeypot Project Data Released announcements (May 08)
VMSA-2007-0004 Multiple Denial-of-Service issues fixed VMware Security team (May 08)
ZDI-07-025: Trend Micro ServerProtect AgRpcCln.dll Stack Overflow Vulnerability zdi-disclosures (May 08)
Advanced Guestbook version 2.4.2 Multiple Error Information Leak Vulnerabilities securityresearch (May 08)
rPSA-2007-0092-1 tetex tetex-afm tetex-dvips tetex-fonts tetex-latex tetex-xdvi rPath Update Announcements (May 08)
FLEA-2007-0016-1: kernel Foresight Linux Essential Announcement Service (May 08)
[ GLSA 200705-09 ] IPsec-Tools: Denial of Service Raphael Marichez (May 08)
AP Newspower software <=4.0.1 allows remote data manipulation gobbles_fo_evar (May 08)
Advanced Guestbook version 2.4.2 Directory Traversal Vulnerability securityresearch (May 08)
[ GLSA 200705-11 ] MySQL: Two Denial of Service vulnerabilities Raphael Marichez (May 08)
ZDI-07-024: Trend Micro ServerProtect EarthAgent Stack Overflow Vulnerability zdi-disclosures (May 08)
[ GLSA 200705-10 ] LibXfont, TightVNC: Multiple vulnerabilities Raphael Marichez (May 08)
Advanced Guestbook version 2.4.2 Multiple XSS Attack Vulnerabilities securityresearch (May 08)
rPSA-2007-0094-1 cpio rPath Update Announcements (May 08)
[USN-458-1] MoinMoin vulnerabilities Kees Cook (May 08)
ZDI-07-027: Microsoft Internet Explorer Table Column Deletion Memory Corruption Vulnerability zdi-disclosures (May 08)
ZDI-07-026: Microsoft Excel BIFF File Format Named Graph Record Parsing Stack Overflow Vulnerability zdi-disclosures (May 08)
[security bulletin] HPSBMA02138 SSRT061184 rev.3 - HP OpenView Storage Data Protector, Remote Unauthorized Arbitrary Command Execution security-alert (May 08)
[security bulletin] HPSBTU02211 SSRT071326 rev.1 - HP Tru64 UNIX Running the dop command, Local Execution of Arbitrary Code with Privilege Elevation security-alert (May 08)
- Re: [security bulletin] HPSBTU02211 SSRT071326 rev.1 - HP Tru64 UNIX Running the dop command, Local Execution of Arbitrary Code with Privilege Elevation Daniele Calore (May 09)
[SECURITY] [DSA 1288-1] New pptpd packages fix denial of service Moritz Muehlenhoff (May 08)
[ MDKSA-2007:099 ] - Updated python packages fix vulnerabilities security (May 09)
[ MDKSA-2007:098 ] - Updated clamav packages fix vulnerabilities security (May 09)
RDP TLS downgrade software (May 09)
- RE: RDP TLS downgrade M. Burnett (May 09)
- RE: RDP TLS downgrade Roger A. Grimes (May 10)
SEC Consult SA-20070509-0 :: Multiple vulnerabilites in Nokia Intellisync Mobile Suite & Wireless Email Express Johannes Greil (May 09)
Exchange Calendar MODPROPS Denial of Service (CVE-2007-0039) Alexander Sotirov (May 09)
iDefense Security Advisory 05.08.07: McAfee Security Center IsOldAppInstalled ActiveX Buffer Overflow Vulnerability iDefense Labs (May 09)
Cisco Security Advisory: Multiple Vulnerabilities in the IOS FTP Server Cisco Systems Product Security Incident Response Team (May 09)
Digital Armaments May-June-2007 Hacking Challenge: VMware info (May 09)
Re: [Full-disclosure] Vulnerabilities Hashes DB needed Morning Wood (May 09)
Multiple vulnerabilities Michal Bucko (hackpl) (May 09)
Re: [Dailydave] Vulnerabilities Hashes DB needed shadown (May 09)
Defeating Citibank Virtual Keyboard protection using screenshot method yashks (May 09)
- Re: Defeating Citibank Virtual Keyboard protection using screenshot method Reversemode (May 09)
- Re: Defeating Citibank Virtual Keyboard protection using screenshot method Gadi Evron (May 09)
- RE: Defeating Citibank Virtual Keyboard protection using screenshot method Jim Harrison (May 09)
  - Message not available
    - RE: Defeating Citibank Virtual Keyboard protection using screenshot method Jim Harrison (May 09)
    - RE: Defeating Citibank Virtual Keyboard protection using screenshot method Gadi Evron (May 09)
    - RE: Defeating Citibank Virtual Keyboard protection using screenshot method Jim Harrison (May 09)
    - RE: Defeating Citibank Virtual Keyboard protection using screenshot method Gadi Evron (May 10)
    - RE: Defeating Citibank Virtual Keyboard protection using screenshot method David Gillett (May 10)
    - Re: Defeating Citibank Virtual Keyboard protection using screenshot method Florian Weimer (May 10)
    - Re: Defeating Citibank Virtual Keyboard protection using screenshot method Ansgar -59cobalt- Wiechers (May 10)
    - RE: Defeating Citibank Virtual Keyboard protection using screenshot method James C. Slora Jr. (May 11)
    - RE: Defeating Citibank Virtual Keyboard protection using screenshot method Debasis Mohanty (May 10)
  - RE: Defeating Citibank Virtual Keyboard protection using screenshot method Nick FitzGerald (May 10)
    - Re: Defeating Citibank Virtual Keyboard protection using screenshot method Eli Dart (May 10)
- Re: Defeating Citibank Virtual Keyboard protection using screenshot method Jan Heisterkamp (May 11)
- <Possible follow-ups>
- Re: Re: Defeating Citibank Virtual Keyboard protection using screenshot method yashks (May 09)
- Re: RE: Defeating Citibank Virtual Keyboard protection using screenshot method balazs . zolika (May 10)
- RE: Defeating Citibank Virtual Keyboard protection using screenshot method Rogier Mulhuijzen (May 10)
  - RE: Defeating Citibank Virtual Keyboard protection using screenshot method Nick FitzGerald (May 11)
    - RE: Defeating Citibank Virtual Keyboard protection using screenshot method Omar A. Herrera (May 11)
    - RE: Defeating Citibank Virtual Keyboard protection using screenshot method Hugo van der Kooij (May 12)
    - Re: Defeating Citibank Virtual Keyboard protection using screenshot method Seth (May 15)
    - RE: Defeating Citibank Virtual Keyboard protection using screenshot method Glynn Clements (May 15)
    - Re: Defeating Citibank Virtual Keyboard protection using screenshot method Bojan Zdrnja (May 16)
- Re: Defeating Citibank Virtual Keyboard protection using screenshot method Reversemode (May 11)
- Re: Defeating Citibank Virtual Keyboard protection using screenshot method Paul Foote (May 14)
- Re: Defeating Citibank Virtual Keyboard protection using screenshot method imipak (May 15)
- RE: Defeating Citibank Virtual Keyboard protection using screenshot method Rogier Mulhuijzen (May 16)
- Re: Defeating Citibank Virtual Keyboard protection using screenshot method sethb (May 17)
- Re: Defeating Citibank Virtual Keyboard protection using screenshot method mailbox () martinelli com (May 17)
  - Message not available
    - Defeating Citibank Virtual Keyboard protection using screenshot method aditya kuppa (May 17)
    - Re: Defeating Citibank Virtual Keyboard protection using screenshot method Bojan Zdrnja (May 17)
- Re: Re: Defeating Citibank Virtual Keyboard protection using screenshot method balazs . zolika (May 18)
Training Classes in SyScan'07 organiser () syscan org (May 09)
[ MDKSA-2007:100 ] - Updated bind packages fix vulnerability security (May 09)
iDefense Security Advisory 05.09.07: Symantec Norton Internet Security 2006 COM Object Security ByPass Vulnerability iDefense Labs (May 09)
iDefense Security Advisory 05.08.07: Microsoft Exchange Server 2000 IMAP Literal Processing DoS Vulnerability iDefense Labs (May 09)
iDefense Security Advisory 05.08.07: Microsoft Excel Filter Record Code Execution Vulnerability iDefense Labs (May 09)
iDefense Security Advisory 05.08.07: Microsoft Word RTF File Parsing Heap Corruption Vulnerability iDefense Labs (May 09)
2nd OWASP Israel mini conference at the Interdisciplinary Center Herzliya (IDC), Monday, May 21st, 13:30 Ofer Shezaf (May 09)
[ MDKSA-2007:101 ] - Updated bind packages fix vulnerability security (May 10)
- Re: [ MDKSA-2007:101 ] - Updated bind packages fix vulnerability Stefano (May 10)
Secunia Research: BearShare NCTAudioFile2 ActiveX Control Buffer Overflow Secunia Research (May 10)
Secunia Research: Internet Explorer HTML Objects Memory Corruption Vulnerability Secunia Research (May 10)
squirrelmail CSRF vulnerability p3rlhax (May 10)
- Re: squirrelmail CSRF vulnerability Josh Zlatin-Amishav (May 10)
  - Re: squirrelmail CSRF vulnerability Tim Newsham (May 11)
    - Re: squirrelmail CSRF vulnerability Josh Zlatin-Amishav (May 12)
    - Re: squirrelmail CSRF vulnerability Pavel Kankovsky (May 14)
iDefense Security Advisory 05.09.07: Computer Associates eTrust InoTask.exe Antivirus Buffer Overflow Vulnerability iDefense Labs (May 10)
iDefense Security Advisory 05.10.07: Sun Microsystems Solaris SRS Proxy Core srsexec Arbitrary File Read Vulnerability iDefense Labs (May 10)
[ GLSA 200705-12 ] PostgreSQL: Privilege escalation Sune Kloppenborg Jeppesen (May 10)
[ GLSA 200705-13 ] ImageMagick: Multiple buffer overflows Sune Kloppenborg Jeppesen (May 10)
iDefense Security Advisory 05.10.07: Novell NetMail NMDMC Buffer Overflow Vulnerability iDefense Labs (May 10)
phpMUR Cross Site Scripting the_3dit0r (May 10)
iDefense Security Advisory 05.10.07: Apple Darwin Streaming Proxy Multiple Vulnerabilities iDefense Labs (May 11)
Computer Associates eTrust InoTask.exe Antivirus Buffer Overflow Vulnerability binagres (May 11)
[ MDKSA-2007:103 ] - Updated php packages fix multiple vulnerabilities security (May 11)
eFileCabinet Authentication Bypass VulnerabilityResearch (May 11)
[ MDKSA-2007:102 ] - Updated php packages fix multiple vulnerabilities security (May 11)
fotolog xss absamu (May 11)
TFTPdWin 0.4.2 Server Directory Traversal Vulnerability VulnerabilityResearch (May 11)
TPTI-07-07: Apple QuickTime STSD Parsing Heap Overflow Vulnerability TSRT (May 11)
rPSA-2007-0096-1 shadow rPath Update Announcements (May 11)
ZDI-07-028: CA eTrust AntiVirus Server inoweb Buffer Overflow Vulnerability zdi-disclosures (May 11)
[CAID 35330, 35331]: CA Anti-Virus, CA Threat Manager, and CA Anti-Spyware Console Login and File Mapping Vulnerabilities Williams, James K (May 11)
Multiple Denial of Service attacks possible for Webspeed OpenEdge suresync (May 11)
W1L3D4 Philboard v0.2 sql injection ALEMIN KRALI (May 11)
Cross-Site Scripting in Adobe RoboHelp 6, Server 6 and X5 Michael Domberg (May 11)
Design Flaw in Deutsche Telekom Speedport w700v broadband router Michael Domberg (May 11)
[vuln.sg] yEnc32 Decoder Long Filename Buffer Overflow Vulnerability vulnpost-remove (May 12)
Webspeed OpenEdge Dos exploit bendeniz_avci (May 12)
Broadband routers and botnets - being proactive Gadi Evron (May 12)
- <Possible follow-ups>
- Re: Broadband routers and botnets - being proactive Gadi Evron (May 15)
notepad++[v4.1]: (win32) ruby file processing buffer overflow exploit. v9 (May 14)
- <Possible follow-ups>
- Re: notepad++[v4.1]: (win32) ruby file processing buffer overflow exploit. kimhm682000 (May 23)
  - Re: notepad++[v4.1]: (win32) ruby file processing buffer overflow exploit. Jerome Athias (May 23)
Exim 4.66 in conjunction with spamd Overflow issues calcite (May 14)
- Re: Exim 4.66 in conjunction with spamd Overflow issues 3APA3A (May 15)
[SECURITY] [DSA 1289-1] New Linux 2.6.18 packages fix several vulnerabilities Moritz Muehlenhoff (May 14)
SonicBB version 1.0 XSS Attack Vulnerabilities securityresearch (May 14)
[SECURITY] [DSA 1290-1] New squirrelmail packages fix cross-site scripting Moritz Muehlenhoff (May 14)
Uninformed Journal Release Announcement: Volume 7 sflist (May 14)
[security bulletin] HPSBMI02210 SSRT071396 rev.2 - ProCurve Series 9300m Switches, Remote Denial of Service (DoS) security-alert (May 14)
SonicBB version 1.0 Multiple Path Disclosure Vulnerabilities securityresearch (May 14)
SonicBB version 1.0 Multiple SQL Injection Vulnerabilities securityresearch (May 14)
ifdate 2.* unauthorized administrative access bug expw0rm (May 14)
[SAMBA-SECURITY] CVE-2007-2446: Multiple Heap Overflows Allow Remote Code Execution Gerald (Jerry) Carter (May 14)
[ GLSA 200705-14 ] XScreenSaver: Privilege escalation Raphael Marichez (May 14)
[SAMBA-SECURITY] CVE-2007-2444: Local SID/Name Translation Failure Can Result in User Privilege Elevation Gerald (Jerry) Carter (May 14)
MyBB version 1.2.4 Multiple Path Disclosure Vulnerabilities securityresearch (May 14)
BTCrack 1.1 Heisec Release Thierry Zoller (May 14)
[SAMBA-SECURITY] CVE-2007-2447: Remote Command Injection Vulnerability Gerald (Jerry) Carter (May 14)
Windows Vista: Non-privileged code can redirect shortcuts to intercept privilege elevation requests robpaveza (May 14)
[security bulletin] HPSBGN02189 SSRT071297 rev.3 - ServiceGuard for Linux, Remote Unauthorized Access security-alert (May 14)
IMF 2007 - Deadline Extension Oliver Goebel (May 14)
iDefense Security Advisory 05.14.07: Samba SAMR Change Password Remote Command Injection Vulnerability iDefense Labs (May 14)
Apple Safari on MacOSX may reveal user's saved passwords poplix (May 14)
- RE: Apple Safari on MacOSX may reveal user's saved passwords Lucas, Mark J. (May 14)
  - Re: Apple Safari on MacOSX may reveal user's saved passwords stephen joseph butler (May 16)
- <Possible follow-ups>
- RE: Apple Safari on MacOSX may reveal user's saved passwords mailbox () martinelli com (May 14)
  - RE: Apple Safari on MacOSX may reveal user's saved passwords samelinux (May 15)
- Re: RE: Apple Safari on MacOSX may reveal user's saved passwords poplix (May 15)
  - Re: Apple Safari on MacOSX may reveal user's saved passwords David Cantrell (May 16)
    - Re: Apple Safari on MacOSX may reveal user's saved passwords graham . coles (May 16)
    - Re: Apple Safari on MacOSX may reveal user's saved passwords Ian Ward Comfort (May 16)
    - Re: Apple Safari on MacOSX may reveal user's saved passwords David Cantrell (May 17)
    - Re: Apple Safari on MacOSX may reveal user's saved passwords graham . coles (May 17)
    - Re: Apple Safari on MacOSX may reveal user's saved passwords poplix (May 18)
    - Re: Apple Safari on MacOSX may reveal user's saved passwords Kevin Finisterre (lists) (May 18)
    - Re: Apple Safari on MacOSX may reveal user's saved passwords poplix (May 19)
    - Re: Apple Safari on MacOSX may reveal user's saved passwords Mark Senior (May 17)
- RE: Apple Safari on MacOSX may reveal user's saved passwords poplix (May 16)
ImI image file inclusion in script upload spriteversus (May 15)
Media Player Classic .MPA Div-By-Zero Denial of Service Vulnerability Michal Bucko (hackpl) (May 15)
- Re: Media Player Classic .MPA Div-By-Zero Denial of Service Vulnerability 3APA3A (May 16)
  - Re: Media Player Classic .MPA Div-By-Zero Denial of Service Vulnerability Michal Bucko (hackpl) (May 16)
[USN-459-1] pptpd vulnerability Kees Cook (May 15)
[ MDKSA-2007:104 ] - Updated samba packages fix multiple vulnerabilities security (May 15)
rPSA-2007-0098-1 samba samba-swat rPath Update Announcements (May 15)
GS07-01 Full-Width and Half-Width Unicode Encoding IDS/IPS/WAF Bypass Vulnerability Fatih Ozavci (May 15)
[ GLSA 200705-15 ] Samba: Multiple vulnerabilities Sune Kloppenborg Jeppesen (May 15)
Bypassing PFW/HIPS open process control with uncommon identifier Matousec - Transparent security Research (May 15)
Jetbox CMS version 2.1 E-Mail Injection Vulnerability securityresearch (May 15)
- <Possible follow-ups>
- Re: Jetbox CMS version 2.1 E-Mail Injection Vulnerability laurent . gaffie (May 15)
Retrieving "deleted" sms/mms from Nokia phone (Symbian S60) Davide Del Vecchio (May 15)
- RE: Retrieving "deleted" sms/mms from Nokia phone (Symbian S60) Zhihao (May 16)
- Re: Retrieving "deleted" sms/mms from Nokia phone (Symbian S60) 3APA3A (May 16)
  - Re[2]: Retrieving "deleted" sms/mms from Nokia phone (Symbian S60) Matthew Leeds (May 16)
  - Re: Retrieving "deleted" sms/mms from Nokia phone (Symbian S60) Davide Del Vecchio (May 16)
- Re: [Full-disclosure] Retrieving "deleted" sms/mms from Nokia phone (Symbian S60) Eduardo Tongson (May 22)
- Re: Retrieving "deleted" sms/mms from Nokia phone (Symbian S60) diabol the japanophile (May 25)
[SECURITY] [DSA 1291-1] New samba packages fix multiple vulnerabilities Noah Meyerhans (May 15)
FLEA-2007-0017-1: samba Foresight Linux Essential Announcement Service (May 15)
ZDI-07-031: Samba smb_io_notify_option_type_data Heap Overflow Vulnerability zdi-disclosures (May 15)
ZDI-07-029: Samba lsa_io_privilege_set Heap Overflow Vulnerability zdi-disclosures (May 15)
ZDI-07-030: Samba netdfs_io_dfs_EnumInfo_d Heap Overflow Vulnerability zdi-disclosures (May 15)
ZDI-07-032: Samba sec_io_acl Heap Overflow Vulnerability zdi-disclosures (May 15)
ZDI-07-033: Samba lsa_io_trans_names Heap Overflow Vulnerability zdi-disclosures (May 15)
[SECURITY] [DSA 1292-1] New qt4-x11 packages fix cross-site scripting vulnerability Noah Meyerhans (May 16)
[USN-460-1] Samba vulnerabilities Kees Cook (May 16)
I, Bot. Taking advantage of robots power (Article) crossbower (May 16)
vbulletin < 3.6.6 [permanent xss] laurent . gaffie (May 16)
ANNOUNCE: RFIDIOt version 0.1m released (May 16th 2007) Adam Laurie (May 16)
Symantec Product Security: Norton Personal Firewall 2004 ActiveX Control vulnerability secure (May 16)
CA BrightStor ARCserve Backup Mediasvr.exe and caloggerd.exe Vulnerabilities Williams, James K (May 16)
rPSA-2007-0102-1 libpng rPath Update Announcements (May 17)
XSS vulnerability on various german online banking sites (sparkasse) Ulrich Keil (May 17)
- Re: XSS vulnerability on various german online banking sites (sparkasse) - CORRECTION Ulrich Keil (May 18)
VP-ASP Shopping Cart 6.50 - Cross-Site Scripting Vulnerability john (May 17)
TSLSA-2007-0017 - multi Trustix Security Advisor (May 17)
[SECURITY] [DSA 1293-1] New quagga packages fix denial of service Martin Schulze (May 17)
XCon2007 Call For Paper XFOCUS Security Team (May 17)
[SECURITY] [DSA 1291-2] New samba packages fix multiple vulnerabilities Noah Meyerhans (May 17)
[ GLSA 200705-16 ] PhpWiki: Remote execution of arbitrary code Raphael Marichez (May 17)
[ GLSA 200705-17 ] Apache mod_security: Rule bypass Raphael Marichez (May 17)
[security bulletin] HPSBTU02209 SSRT071323 rev.1 - HP Tru64 UNIX Running Secure Shell (SSH), Remote Unauthorized Identification of Valid Users security-alert (May 17)
[security bulletin] HPSBMA02213 SSRT061214 rev.1 - HP Systems Insight Manager (SIM) for Windows, Remote Privileged Access and Arbitrary Code Execution security-alert (May 17)
[OpenPKG-SA-2007.012] OpenPKG Security Advisory (samba) OpenPKG GmbH (May 17)
[security bulletin] HPSBST02214 SSRT071422 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS07-023 to MS07-029 security-alert (May 17)
[OpenPKG-SA-2007.013] OpenPKG Security Advisory (png) OpenPKG GmbH (May 17)
RedLevel Advisory #015 - Redoable 1.2 Cross-Site Scripting Vulnerability (patch included) john (May 17)
[ MDKSA-2007:105 ] - Updated fetchmail packages fix potential APOP vulnerabilities security (May 17)
FLEA-2007-0018-1: libpng Foresight Linux Essential Announcement Service (May 17)
[USN-461-1] Quagga vulnerability Kees Cook (May 18)
rPSA-2007-0104-1 idle python rPath Update Announcements (May 18)
eSyndiCat Input Validation Error Vulnerability hack2prison (May 18)
[OpenPKG-SA-2007.015] OpenPKG Security Advisory (quagga) OpenPKG GmbH (May 18)
[OpenPKG-SA-2007.017] OpenPKG Security Advisory (ratbox) OpenPKG GmbH (May 18)
Predictable TCP ISN in Packeteer PacketShaper nnposter (May 18)
ACROS Security: Session Fixation Vulnerability in HP SIM 5.0 ACROS Security (May 18)
REWTERZ-20070518 - Authentication Bypass in Rational Soft's Hidden Administrator rewterz security team (May 18)
VMSA-2007-0004.1 Updated: Multiple Denial-of-Service issues fixed and directory traversal vulnerability VMware Security team (May 18)
[USN-436-2] KTorrent vulnerability Kees Cook (May 18)
NASA Site Bug ( Check URI Input ) matrix (May 19)
[SECURITY] [DSA 1295-1] New php5 packages fix several vulnerabilities Moritz Muehlenhoff (May 19)
[CVE-2007-1355] Tomcat documentation XSS vulnerabilities Mark Thomas (May 19)
RedLevel Advisory #017 - HLstats v1.35 Cross-Site Scripting Vulnerability #2 john (May 19)
RedLevel Advisory #016 - HLstats v1.35 Cross-Site Scripting Vulnerability john (May 19)
[ MDKSA-2007:106 ] - Updated squirrelmailpackages fix vulnerabilities security (May 19)
[ MDKSA-2007:107 ] - Updated evolution packages fix APOP weakness security (May 22)
SimpGB v1.46.0 Remote File Include Exploit the_3dit0r (May 22)
Simple Accessible XHTML Online News v4.6 Remote File Include Exploit the_3dit0r (May 22)
Re: Re: [Bogus] Lazarus Guestbook (admin.php)Remote File Include Expliot - webmaster (May 22)
Jetbox CMS version 2.1 Multiple SQL Injection Vulnerabilities securityresearch (May 22)
- RE: DDOS abuse contacts test (May 22)
[USN-459-2] pptpd regression Kees Cook (May 22)
Remedy for: Remot File Include In phpexplorator_2_0 tchouamou (May 22)
[SECURITY] [DSA 1281-2] New clamav packages fix denial of service vulnerability Noah Meyerhans (May 22)
[ISecAuditors Security Advisories] Microsoft IIS5 NTLM and Basic authentication bypass ISecAuditors Security Advisories (May 22)
RedLevel Advisory #022 - ClonusWiki .5 Cross-Site Scripting Vulnerability john (May 22)
Jetbox CMS version 2.1 XSS Attack Vulnerability securityresearch (May 22)
Security Videos thejus_mb (May 22)
Oracle Forensics Part 4: Live Response David Litchfield (May 22)
[waraxe-2007-SA#050] - Sql Injection in WordPress 2.1.3 come2waraxe (May 22)
Remider: VNSECON 07 Call for Papers ends on June 08 rd (May 22)
Cisco Security Advisory: Multiple Vulnerabilities in Cisco IOS While Processing SSL Packets Cisco Systems Product Security Incident Response Team (May 22)
RedLevel Advisory #017 - PsychoStats v3.0.6b Multiple Cross-Site Scripting Vulnerabilities john (May 22)
Jetbox CMS version 2.1 Multiple Path Disclosure Vulnerabilities securityresearch (May 22)
[SECURITY] [DSA 1296-1] New php4 packages fix privilege escalation Moritz Muehlenhoff (May 22)
GMTT Music Distro 1.2 XSS Exploit corrado . liotta (May 22)
[security bulletin] HPSBUX02217 SSRT071337 rev.1 - HP-UX running Kerberos, Remote Arbitrary Code Execution security-alert (May 22)
Q1 2007 Application Security Trends Report Tom Stracener (May 22)
Cisco Security Advisory: Vulnerability In Crypto Library Cisco Systems Product Security Incident Response Team (May 22)
[USN-460-2] Samba regression Kees Cook (May 22)
[ GLSA 200705-18 ] PPTPD: Denial of Service attack Sune Kloppenborg Jeppesen (May 22)
[Call for Participation] DIMVA 2007 Robin Sommer (May 22)
RedLevel Advisory #018 - RM EasyMail Plus - Cross-Site Scripting Vulnerability #2 john (May 22)
[SECURITY] [DSA 1291-3] New samba packages fix regression Moritz Muehlenhoff (May 22)
FINAL Call For Papers: Chaos Communication Camp 2007, Berlin Paul Böhm (May 22)
RedLevel Advisory #020 - HLstats v1.35 Cross-Site Scripting Vulnerability #3 john (May 22)
FLEA-2007-0019-1: python Foresight Linux Essential Announcement Service (May 22)
phpPgAdmin-4.1.1 Remote File Include & Url Redirecting Vulnerabilitiy the_3dit0r (May 22)
SQL-Injection in IP-TRACKING Mod for phpBB2.0.x Cornelius Riemenschneider (May 22)
RedLevel Advisory #021 - CubeCart v3.0.16 SQL Injection Vulnerability john (May 22)
Magic iso heap over flow <Help> KaCo678 (May 22)
- <Possible follow-ups>
- Re: Magic iso heap over flow <Help> v9 (May 23)
- Re: Magic iso heap over flow <Help> c0ntexb (May 23)
BoastMachine v3.0 platinum - Session İd Ha cking vagrant Pest (May 23)
NOD32 Antivirus Long Path Name Stack Overflow Vulnerabilities Ismael Briones (May 23)
- <Possible follow-ups>
- Re: NOD32 Antivirus Long Path Name Stack Overflow Vulnerabilities v9 (May 23)
  - Re: NOD32 Antivirus Long Path Name Stack Overflow Vulnerabilities Ismael Briones (May 24)
ABC Excel Parser Pro v4.0 Remote File Include Exploit the_3dit0r (May 23)
POC CODE - TI89 Titanium Resident EPO Calculator Virus (T89.GAARA) Piotr Bania (May 23)
[USN-462-1] PHP vulnerabilities Kees Cook (May 23)
[ MDKSA-2007:108 ] - Updated gimp packages fix stack overflow in sunras plugin security (May 23)
[USN-463-1] vim vulnerability Kees Cook (May 23)
Q1 2007 Application Security Trends Report (Corrected Link) Tom Stracener (May 23)
Secunia Research: eScan Products Agent Service Command Decryption Buffer Overflow Secunia Research (May 23)
Cisco CallManager 4.1 Input Validation Vulnerability Stefan Friedli (May 23)
- RE: Cisco CallManager 4.1 Input Validation Vulnerability Mark-David McLaughlin (marmclau) (May 23)
[waraxe-2007-SA#051] - Sql Injection in 2z Project 0.9.5 come2waraxe (May 23)
FreeBSD Security Advisory FreeBSD-SA-07:04.file FreeBSD Security Advisories (May 23)
iDefense Security Advisory 05.23.07: Opera Software Opera Web Browser Transfer Item Pop-up Menu Stack Overflow Vulnerability iDefense Labs (May 23)
rPSA-2007-0107-1 mysql mysql-bench mysql-server rPath Update Announcements (May 23)
Re: [Full-disclosure] Question Regarding IIS 6.0 / Is this a DoS??? 3APA3A (May 23)
- RE: [Full-disclosure] Question Regarding IIS 6.0 / Is this a DoS??? kingcope (May 23)
- Message not available
  - Message not available
    - Re: [Full-disclosure] Question Regarding IIS 6.0 / Is this a DoS??? Richard Moore (May 23)
- Message not available
  - Re[2]: [Full-disclosure] Question Regarding IIS 6.0 / Is this a DoS??? 3APA3A (May 23)
rPSA-2007-0108-1 freetype rPath Update Announcements (May 24)
FLEA-2007-0020-1: freetype Foresight Linux Essential Announcement Service (May 24)
[ MDKSA-2007:109 ] - Updated tetex packages fix vulnerabilities security (May 24)
[ MDKSA-2007:104-1 ] - Updated samba packages fix multiple vulnerabilities security (May 24)
[SECURITY] [DSA 1297-1] New gforge-plugin-scmcvs packages fix arbitrary shell command execution Moritz Muehlenhoff (May 24)
[OpenPKG-SA-2007.018] OpenPKG Security Advisory (freetype) OpenPKG GmbH (May 24)
n.runs-SA-2007.008 - Avast! Antivirus CAB parsing Arbitrary Code Execution Advisory security (May 24)
Vulnerability in Credant Mobile Guardian Shield for Windows myucebox (May 24)
WIYS v1.0 Cross-Site Scripting Vulnerability - (05.24.2007) (NEW) vagrant - e-hack.org (May 24)
Dart Communications PowerTCP Service Control (DartService.dll 3.1.3.3) remote buffer overflow retrog (May 24)
FLEA-2007-0021-1: madwifi Foresight Linux Essential Announcement Service (May 24)
FLEA-2007-0022-1: file Foresight Linux Essential Announcement Service (May 24)
iDefense Security Advisory 05.24.07: Apple Computer Mac OS X pppd Plugin Loading Privilege Escalation Vulnerability iDefense Labs (May 24)
rPSA-2007-0109-1 file rPath Update Announcements (May 24)
n.runs-SA-2007.009 - Avast! Antivirus SIS parsing Arbitrary Code Execution Advisory security (May 25)
GTP 3G © Gnuturk Portal System year=**&mon th= Cross-Site Scripting Vulnerability vagrant - e-hack.org (May 25)
Multiple XSS in Digirez xx_hack_xx_2004 (May 25)
Pligg critical vulnerability 242th section (May 25)
- Re: Pligg critical vulnerability crazy frog crazy frog (May 26)
BoastMachine index.php Cross Site Scripting Vulnerability newbinaryfile (May 25)
IE 6 / Dart Communications PowerTCP ZIP Compression Control (DartZip.dll 1.8.5.3) remote buffer overflow retrog (May 25)
Web Directory / Search Engine v2.0 Authentication Bypass/Database Download Vulne pito pito (May 25)
Vulnerability - cpCommerce - XSS jadoba (May 25)
TSLSA-2007-0019 - multi Trustix Security Advisor (May 25)
iDefense Security Advisory 05.25.07: Sun Java System Web Proxy Multiple Buffer Overflow Vulnerabilities iDefense Labs (May 25)
rtpBreak - detects, reconstructs and analyzes any RTP session michele dallachiesa (May 25)
[OpenPKG-SA-2007.019] OpenPKG Security Advisory (php) OpenPKG GmbH (May 25)
webCMS_1.00 Database Disclosure Vulnerabilitiy the_3dit0r (May 25)
[USN-465-1] PulseAudio vulnerability Kees Cook (May 26)
Zindizayn Okul Web Sistemi v1.0 Sql VulnZ. g0rk3m-31 (May 26)
[ GLSA 200705-19 ] PHP: Multiple vulnerabilities Raphael Marichez (May 26)
RMForum Database Disclosure Vulnerabilitiy the_3dit0r (May 26)
[ GLSA 200705-20 ] Blackdown Java: Applet privilege escalation Raphael Marichez (May 26)
n.runs-SA-2007.010 - Avira Antivir Antivirus LZH parsing Arbitrary Code Execution Advisory security (May 28)
[SECURITY] [DSA 1298-1] New otrs2 packages fix cross-site scripting Moritz Muehlenhoff (May 28)
Inout Meta Searh engine Remote Code Execution BlackHawk (May 28)
RFI In Script FlashChat_v479 Raed (May 28)
- <Possible follow-ups>
- Re: RFI In Script FlashChat_v479 the . tiger100 (May 28)
- Re: RFI In Script FlashChat_v479 mailbox () martinelli com (May 30)
DGNews version 2.1 Path Disclosure Vulnerability securityresearch (May 28)
DGNews version 2.1 SQL Injection Vulnerability securityresearch (May 28)
- <Possible follow-ups>
- Re: DGNews version 2.1 SQL Injection Vulnerability laurent . gaffie (May 29)
myEvent version 1.6 Multiple Path Disclosure Vulnerabilities securityresearch (May 28)
Re: fx-APP Version 0.0.8.1 chiweeman (May 28)
DGNews version 2.1 XSS Attack Vulnerability securityresearch (May 28)
Mac OS X vpnd local format string NGSSoftware Insight Security Research (May 29)
- Re: Mac OS X vpnd local format string lists (May 29)
[MajorSecurity Advisory #48]eggblog - Session fixation Issue admin (May 29)
n.runs-SA-2007.011 - Avira Antivir Antivirus UPX parsing Divide by Zero Advisory security (May 29)
Apache httpd vulenrabilities Blazej Miga (May 29)
RedLevel Advisory #23 - SalesCart Shopping Cart SQL Injection Vulnerability john (May 29)
[security bulletin] HPSBUX02087 SSRT4728 rev.5 - HP-UX running TCP/IP Remote Denial of Service (DoS) security-alert (May 29)
cpcommerce < v1.1.0 [sql injection] laurent . gaffie (May 29)
Full Path Disclosure in Almnzm xx_hack_xx_2004 (May 29)
Particle Blogger 1.2.1 SQL Injection ls (May 30)
Practicle Gallery 1.0.1 XSS ls (May 30)
[ GLSA 200705-21 ] MPlayer: Two buffer overflows Raphael Marichez (May 30)
[tool] Etherbat - Ethernet topology discovery bugtraq (May 30)
[ GLSA 200705-22 ] FreeType: Buffer overflow Raphael Marichez (May 30)
n.runs-SA-2007.012 - Avira Antivir Antivirus TAR Denial of Service security (May 30)
[USN-466-1] freetype vulnerability Kees Cook (May 31)
MyBloggie 2.1.6 SQL Injection ls (May 31)
GNU Findutils release 4.2.31 fixes CVE-2007-2452 (GNU locate heap buffer overrun) James Youngman (May 31)
PHP JackKnife [multiple vulnerabilities] laurent . gaffie (May 31)
[ GLSA 200705-23 ] Sun JDK/JRE: Multiple vulnerabilities Raphael Marichez (May 31)
[ GLSA 200705-24 ] libpng: Denial of Service Raphael Marichez (May 31)
[ GLSA 200705-25 ] file: Integer overflow Raphael Marichez (May 31)
FLEA-2007-0023-1: firefox Foresight Linux Essential Announcement Service (May 31)
Re: Progress Webspeed exploit for all releases sauge (May 31)
[USN-467-1] Gimp vulnerability Kees Cook (May 31)
rPSA-2007-0112-1 firefox thunderbird rPath Update Announcements (May 31)

Previous period

Next period