Bugtraq: by subject

(tool announce) Orizon v0.50 announce
- Paolo Perego (Nov 01 2007)
2007-06 Sentinel Protection Server Directory Traversal
- VulnerabilityResearch_at_DigitalDefense.net (Nov 26 2007)
27Mhz based wireless security insecurities - Aka - "We know what you typed last summer"
- Jacob Appelbaum (Nov 30 2007)
- Max Moser (Nov 30 2007)
[ GLSA 200711-01 ] gFTP: Multiple vulnerabilities
- Pierre-Yves Rofes (Nov 01 2007)
[ GLSA 200711-02 ] OpenSSH: Security bypass
- Pierre-Yves Rofes (Nov 01 2007)
[ GLSA 200711-03 ] Gallery: Multiple vulnerabilities
- Pierre-Yves Rofes (Nov 01 2007)
[ GLSA 200711-04 ] Evolution: User-assisted remote execution of arbitrary code
- Pierre-Yves Rofes (Nov 06 2007)
[ GLSA 200711-05 ] SiteBar: Multiple issues
- Pierre-Yves Rofes (Nov 06 2007)
[ GLSA 200711-06 ] Apache: Multiple vulnerabilities
- Pierre-Yves Rofes (Nov 07 2007)
[ GLSA 200711-07 ] Python: User-assisted execution of arbitrary code
- Pierre-Yves Rofes (Nov 07 2007)
[ GLSA 200711-08 ] libpng: Multiple Denials of Service
- Pierre-Yves Rofes (Nov 07 2007)
[ GLSA 200711-09 ] MadWifi: Denial of Service
- Pierre-Yves Rofes (Nov 07 2007)
[ GLSA 200711-10 ] Mono: Buffer overflow
- Pierre-Yves Rofes (Nov 07 2007)
[ GLSA 200711-11 ] Nagios Plugins: Two buffer overflows
- Pierre-Yves Rofes (Nov 08 2007)
[ GLSA 200711-12 ] Tomboy: User-assisted execution of arbitrary code
- Pierre-Yves Rofes (Nov 08 2007)
[ GLSA 200711-13 ] 3proxy: Denial of Service
- Pierre-Yves Rofes (Nov 08 2007)
[ GLSA 200711-14 ] Mozilla Firefox, SeaMonkey, XULRunner: Multiple vulnerabilities
- Pierre-Yves Rofes (Nov 12 2007)
[ GLSA 200711-15 ] FLAC: Buffer overflow
- Pierre-Yves Rofes (Nov 12 2007)
[ GLSA 200711-16 ] CUPS: Memory corruption
- Pierre-Yves Rofes (Nov 12 2007)
[ GLSA 200711-17 ] Ruby on Rails: Multiple vulnerabilities
- Pierre-Yves Rofes (Nov 14 2007)
[ GLSA 200711-18 ] Cpio: Buffer overflow
- Pierre-Yves Rofes (Nov 14 2007)
[ GLSA 200711-19 ] TikiWiki: Multiple vulnerabilities
- Pierre-Yves Rofes (Nov 14 2007)
[ GLSA 200711-20 ] Pioneers: Denial of Service
- Pierre-Yves Rofes (Nov 14 2007)
[ GLSA 200711-21 ] Bochs: Multiple vulnerabilities
- Pierre-Yves Rofes (Nov 17 2007)
[ GLSA 200711-22 ] Poppler, KDE: User-assisted execution of arbitrary code
- Pierre-Yves Rofes (Nov 18 2007)
[ GLSA 200711-23 ] VMware Workstation and Player: Multiple vulnerabilities
- Pierre-Yves Rofes (Nov 18 2007)
[ GLSA 200711-24 ] Mozilla Thunderbird: Multiple vulnerabilities
- Pierre-Yves Rofes (Nov 18 2007)
[ GLSA 200711-25 ] MySQL: Denial of Service
- Pierre-Yves Rofes (Nov 18 2007)
[ GLSA 200711-26 ] teTeX: Multiple vulnerabilities
- Pierre-Yves Rofes (Nov 18 2007)
[ GLSA 200711-27 ] Link Grammar: User-assisted execution of arbitrary code
- Pierre-Yves Rofes (Nov 18 2007)
[ GLSA 200711-28 ] Perl: Buffer overflow
- Pierre-Yves Rofes (Nov 19 2007)
[ GLSA 200711-29 ] Samba: Execution of arbitrary code
- Pierre-Yves Rofes (Nov 20 2007)
[ GLSA 200711-31 ] Net-SNMP: Denial of Service
- Pierre-Yves Rofes (Nov 20 2007)
[ GLSA 200711-32 ] Feynmf: Insecure temporary file creation
- Pierre-Yves Rofes (Nov 20 2007)
[ GLSA 200711-33 ] nss_ldap: Information disclosure
- Pierre-Yves Rofes (Nov 25 2007)
[ GLSA 200711-34 ] CSTeX: Multiple vulnerabilities
- Pierre-Yves Rofes (Nov 25 2007)
[ MDKSA-2007:203 ] - Updated xen packages fix multiple vulnerabilities
- security_at_mandriva.com (Nov 01 2007)
[ MDKSA-2007:204 ] - Updated cups packages fix vulnerability
- security_at_mandriva.com (Nov 01 2007)
[ MDKSA-2007:204-1 ] - Updated cups packages fix vulnerability
- security_at_mandriva.com (Nov 12 2007)
[ MDKSA-2007:205 ] - Updated opal packages fix vulnerability
- security_at_mandriva.com (Nov 02 2007)
[ MDKSA-2007:206 ] - Updated pwlib packages fix vulnerability
- security_at_mandriva.com (Nov 02 2007)
[ MDKSA-2007:207 ] - Updated perl packages fix vulnerability
- security_at_mandriva.com (Nov 05 2007)
[ MDKSA-2007:208 ] - Updated ghostscript packages fix vulnerability
- security_at_mandriva.com (Nov 05 2007)
[ MDKSA-2007:209 ] - Updated netpbm packages fix vulnerability
- security_at_mandriva.com (Nov 05 2007)
[ MDKSA-2007:210 ] - Updated xfs package prevents arbitrary code execution vulnerabilities
- security_at_mandriva.com (Nov 06 2007)
[ MDKSA-2007:211 ] - Updated pcre packages fix vulnerability
- security_at_mandriva.com (Nov 08 2007)
[ MDKSA-2007:212 ] - Updated pcre packages fix vulnerability
- security_at_mandriva.com (Nov 08 2007)
[ MDKSA-2007:213 ] - Updated pcre packages fix vulnerability
- security_at_mandriva.com (Nov 08 2007)
[ MDKSA-2007:214 ] - Updated flac packages fix vulnerability
- security_at_mandriva.com (Nov 08 2007)
[ MDKSA-2007:215 ] - Updated openldap packages fix vulnerability
- security_at_mandriva.com (Nov 08 2007)
[ MDKSA-2007:216 ] - Updated kernel packages fix multiple vulnerabilities and bugs
- security_at_mandriva.com (Nov 13 2007)
[ MDKSA-2007:217 ] - Updated libpng packages fix multiple vulnerabilities
- security_at_mandriva.com (Nov 13 2007)
[ MDKSA-2007:218 ] - Updated mono packages fix arbitrary code execution vulnerability
- security_at_mandriva.com (Nov 14 2007)
[ MDKSA-2007:219 ] - Updated xpdf packages fix vulnerabilities
- security_at_mandriva.com (Nov 15 2007)
[ MDKSA-2007:220 ] - Updated gpdf packages fix vulnerabilities
- security_at_mandriva.com (Nov 15 2007)
[ MDKSA-2007:221 ] - Updated kdegraphics packages fix vulnerabilities in kpdf
- security_at_mandriva.com (Nov 15 2007)
[ MDKSA-2007:222 ] - Updated koffice packages fix vulnerabilities
- security_at_mandriva.com (Nov 17 2007)
[ MDKSA-2007:223 ] - Updated pdftohtml packages fix vulnerabilities
- security_at_mandriva.com (Nov 17 2007)
[ MDKSA-2007:224 ] - Updated samba packages fix vulnerabilities
- security_at_mandriva.com (Nov 17 2007)
[ MDKSA-2007:224-1 ] - Updated samba packages fix vulnerabilities
- security_at_mandriva.com (Nov 21 2007)
[ MDKSA-2007:224-2 ] - Updated samba packages fix vulnerabilities
- security_at_mandriva.com (Nov 23 2007)
[ MDKSA-2007:224-3 ] - Updated samba packages fix regressions
- security_at_mandriva.com (Nov 29 2007)
[ MDKSA-2007:225 ] - Updated net-snmp packages fix remote denial of service vulnerability
- security_at_mandriva.com (Nov 19 2007)
[ MDKSA-2007:226 ] - Updated kernel packages fix multiple vulnerabilities and bugs
- security_at_mandriva.com (Nov 19 2007)
[ MDKSA-2007:227 ] - Updated poppler packages fix vulnerabilities
- security_at_mandriva.com (Nov 19 2007)
[ MDKSA-2007:228 ] - Updated cups packages fix vulnerabilities
- security_at_mandriva.com (Nov 19 2007)
[ MDKSA-2007:229 ] - Updated phpMyAdmin packages fix multiple vulnerabilities
- security_at_mandriva.com (Nov 20 2007)
[ MDKSA-2007:230 ] - Updated tetex packages fix vulnerabilities
- security_at_mandriva.com (Nov 20 2007)
[ MDKSA-2007:231 ] - Updated cacti packages fix SQL injection vulnerability
- security_at_mandriva.com (Nov 22 2007)
[ MDKSA-2007:232 ] - Updated kernel packages fix multiple vulnerabilities and bugs
- security_at_mandriva.com (Nov 28 2007)
[ MDKSA-2007:233 ] - Updated cpio package fixes buffer overflow and directory traversal vulnerabilities
- security_at_mandriva.com (Nov 28 2007)
- security_at_mandriva.com (Nov 28 2007)
[0day Remote Command Execution] VigileCMS <= 1.8 Stealth
- wegotyourbox_at_gmail.com (Nov 23 2007)
[48Bits Advisory] QuickTime Panorama Sample Atom Heap Overflow
- [48bits] vulndev (Nov 10 2007)
[Argeniss] Data0: Next generation malware for stealing databases (Paper)
- Cesar (Nov 22 2007)
[Aria-Security.Net] VU Case Manager "Username/Password" SQL Injection
- no-reply_at_Aria-Security.net (Nov 20 2007)
[Aria-Secutiy Net] Click&BaneX SQL Injection
- no-reply_at_Aria-Security.net (Nov 18 2007)
[botnets] re MAC trojan (fwd)
- Gadi Evron (Nov 01 2007)
[CVE-2007-5741] Plone: statusmessages and linkintegrity unsafe network data hotfix
- mj_at_jarn.com (Nov 06 2007)
[ECHO_ADV_84$2007] ProfileCMS <= 1.0 Remote SQL Injection Vulnerability
- erdc_at_echo.or.id (Nov 17 2007)
[ECHO_ADV_85$2007] alstrasoft E-Friends <= 4.98 (seid) Multiple Remote SQL Injection Vulnerabilities
- erdc_at_echo.or.id (Nov 22 2007)
[Full-disclosure] Creating Backdoors in Cisco IOS using Tcl
- Nicolas FISCHBACH (Nov 27 2007)
[Full-disclosure] mac trojan in-the-wild
- Peter Besenbruch (Nov 01 2007)
- Paul Schmehl (Nov 01 2007)
- Peter Besenbruch (Nov 01 2007)
[Full-disclosure] Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability
- jf (Nov 18 2007)
[Full-disclosure] Standing Up Against German Laws - Project HayNeedle
- johan beisser (Nov 13 2007)
- Duncan Simpson (Nov 11 2007)
- Peter Conrad (Nov 13 2007)
- Jan Newger (Nov 10 2007)
[Full-disclosure] Warning: Hackers hijacking unused IP Addresses inside Trusted domains [POC]
- Gadi Evron (Nov 21 2007)
- Paul Schmehl (Nov 21 2007)
[ISecAuditors Security Advisories] Cygwin buffer overflow due incorrect filename length check
- ISecAuditors Security Advisories (Nov 24 2007)
[ISecAuditors Security Advisories] VTLS.web.gateway cgi is vulnerable to XSS
- ISecAuditors Security Advisories (Nov 13 2007)
[OpenPKG-SA-2007.023] OpenPKG Security Advisory (perl)
- OpenPKG GmbH (Nov 07 2007)
[RISE-2007004] Apple Mac OS X 10.4.x Kernel i386_set_ldt() Integer Overflow Vulnerability
- RISE Security (Nov 15 2007)
[SAMBA] CVE-2007-4572 - GETDC mailslot processing buffer overrun in nmbd
- Gerald (Jerry) Carter (Nov 15 2007)
[SAMBA] CVE-2007-5398 - Remote Code Execution in Samba's nmbd
- Gerald (Jerry) Carter (Nov 15 2007)
[security bulletin] HPSBMA02283 SSRT071319 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Cross Site Scripting (XSS)
- security-alert_at_hp.com (Nov 29 2007)
[security bulletin] HPSBMA02288 SSRT071465 rev.1 - HP OpenView Operations (OVO) Running on HP-UX and Solaris, Remote Unauthorized Access, Denial of Service (DoS)
- security-alert_at_hp.com (Nov 14 2007)
[security bulletin] HPSBUX02251 SSRT071449 rev.3 - HP-UX Running BIND, Remote DNS Cache Poisoning
- security-alert_at_hp.com (Nov 27 2007)
[security bulletin] HPSBUX02284 SSRT071483 rev.2 - HP-UX Running Java JRE and JDK, Remote Unauthorized Access
- security-alert_at_hp.com (Nov 15 2007)
[security bulletin] HPSBUX02285 SSRT071484 rev.1 - HP-UX Running Aries PA Emulator, Local Unauthorized Access
- security-alert_at_hp.com (Nov 08 2007)
[security bulletin] HPSBUX02289 SSRT071461 rev.1 - HP-UX Running BIND 8, Remote DNS Cache Poisoning
- security-alert_at_hp.com (Nov 20 2007)
[security bulletin] HPSBUX02292 SSRT071499 rev.1 - HP-UX Running Apache, Remote Execution of Arbitrary Code
- security-alert_at_hp.com (Nov 29 2007)
[SECURITY] [DSA 1397-1] New mono packages fix integer overflow
- Moritz Muehlenhoff (Nov 03 2007)
[SECURITY] [DSA 1398-1] New perdition packages fix arbitrary code execution
- Noah Meyerhans (Nov 05 2007)
[SECURITY] [DSA 1399-1] New pcre3 packages fix arbitrary code execution
- Florian Weimer (Nov 05 2007)
[SECURITY] [DSA 1400-1] New perl packages fix arbitrary code execution
- Florian Weimer (Nov 06 2007)
[SECURITY] [DSA 1401-1] New iceape packages fix several vulnerabilities
- Moritz Muehlenhoff (Nov 05 2007)
[SECURITY] [DSA 1402-1] New gforge packages fix several vulnerabilities
- Steve Kemp (Nov 07 2007)
[SECURITY] [DSA 1403-1] New phpmyadmin packages fix cross-site scripting
- Thijs Kinkhorst (Nov 08 2007)
[SECURITY] [DSA 1404-1] New gallery2 packages fix privilege escalation
- Thijs Kinkhorst (Nov 08 2007)
[SECURITY] [DSA 1405-1] New zope-cmfplone packages fix arbitrary code execution
- Thijs Kinkhorst (Nov 09 2007)
[SECURITY] [DSA 1405-2] New zope-cmfplone packages fix regression
- Thijs Kinkhorst (Nov 11 2007)
[SECURITY] [DSA 1406-1] New horde3 packages fix several vulnerabilities
- Thijs Kinkhorst (Nov 09 2007)
[SECURITY] [DSA 1407-1] New cupsys packages fix arbitrary code execution
- Moritz Muehlenhoff (Nov 18 2007)
[SECURITY] [DSA 1408-1] New kdegraphics packages fix arbitrary code execution
- Moritz Muehlenhoff (Nov 21 2007)
[SECURITY] [DSA 1409-1] New samba packages fix several vulnerabilities
- Steve Kemp (Nov 22 2007)
[SECURITY] [DSA 1409-2] New samba packages fix several vulnerabilities
- Steve Kemp (Nov 26 2007)
[SECURITY] [DSA 1409-3] New samba packages fix several vulnerabilities
- Steve Kemp (Nov 29 2007)
[SECURITY] [DSA 1410-1] New ruby1.8 packages fix insecure SSL certificate validation
- Moritz Muehlenhoff (Nov 25 2007)
[SECURITY] [DSA 1411-1] New libopenssl-ruby packages fix insecure SSL certificate validation
- Moritz Muehlenhoff (Nov 25 2007)
[SECURITY] [DSA 1412-1] New ruby1.9 packages fix insecure SSL certificate validation
- Moritz Muehlenhoff (Nov 25 2007)
[SECURITY] [DSA 1413-1] New mysql packages fix multiple vulnerabilities
- Noah Meyerhans (Nov 26 2007)
[SECURITY] [DSA 1414-1] New wireshark packages fix several vulnerabilities
- Moritz Muehlenhoff (Nov 26 2007)
[SECURITY] [DSA 1415-1] New tk8.4 packages fix arbitrary code execution
- Moritz Muehlenhoff (Nov 27 2007)
[SECURITY] [DSA 1416-1] New tk8.3 packages fix arbitrary code execution
- Moritz Muehlenhoff (Nov 27 2007)
[TKADV2007-001] Mac OS X TIOCSETD IOCTL Kernel Memory Corruption Vulnerability
- Tobias Klein (Nov 15 2007)
[Tool] sqlmap: a blind SQL injection tool (release 0.5)
- Bernardo Damele (Nov 04 2007)
[UPH-07-01] Firefly Media Server DoS
- nnp (Nov 02 2007)
- nnp (Nov 02 2007)
[UPH-07-02] Firefly Media Server DoS
- nnp (Nov 02 2007)
[UPH-07-03] Firefly Media Server remote format string vulnerability
- nnp (Nov 02 2007)
- nnp (Nov 02 2007)
[USN-537-2] Compiz vulnerability
- Kees Cook (Nov 02 2007)
[USN-539-1] CUPS vulnerability
- Kees Cook (Nov 05 2007)
[USN-540-1] flac vulnerability
- Kees Cook (Nov 13 2007)
[USN-541-1] Emacs vulnerability
- Kees Cook (Nov 13 2007)
[USN-542-1] poppler vulnerabilities
- Kees Cook (Nov 13 2007)
[USN-542-2] KOffice vulnerabilities
- Jamie Strandboge (Nov 15 2007)
[USN-543-1] VMWare vulnerabilities
- Kees Cook (Nov 15 2007)
[USN-544-1] Samba vulnerabilities
- Jamie Strandboge (Nov 15 2007)
[USN-544-2] Samba regression
- Jamie Strandboge (Nov 17 2007)
[USN-545-1] link-grammar vulnerability
- Kees Cook (Nov 26 2007)
[USN-546-1] Firefox vulnerabilities
- Kees Cook (Nov 26 2007)
[USN-547-1] PCRE vulnerabilities
- Kees Cook (Nov 26 2007)
[USN-548-1] Pidgin vulnerability
- Kees Cook (Nov 28 2007)
[USN-549-1] PHP vulnerabilities
- Kees Cook (Nov 29 2007)
After 6 months - fix available for Microsoft DNS cache poisoning attack
- Amit Klein (Nov 13 2007)
AhnLab AntiVirus Remote Kernel Memory Corruption
- Sowhat (Nov 16 2007)
Aida-Web Information Exposure
- MC Iglo (Nov 15 2007)
Airkiosk/formlib application is XSS vuln
- skien (Nov 01 2007)
- Raymond Pete (Nov 01 2007)
Alcatel OmniPCX Enterprise VoIP Vulnerability
- daniel.stirnimann_at_csnc.ch (Nov 18 2007)
Alice - dns spoofer
- fabio (Nov 11 2007)
Amber Script 1.0 (show_content.php id) Local File Inclusion Vulnerability
- cybermilitan_at_hotmail.com (Nov 24 2007)
Announce: RFIDIOt release RFIDIOt-0.1r, November 2007
- Adam Laurie (Nov 27 2007)
APC Management Vulnerability
- garys_at_totalserversolutions.com (Nov 29 2007)
Aria-Security.Net Research: Lotfian BROCHURE Management System
- Advisory_at_aria-security.net (Nov 08 2007)
Aria-Security.Net Research: Rapid Classified HotList Image
- Advisory_at_aria-security.net (Nov 10 2007)
Aria-Security.Net Research: Request For Travel Sql Injection
- Advisory_at_aria-security.net (Nov 07 2007)
Aria-Security.net: CoolShot E-Lite POS 1.0
- coolshot_at__nospam_coolshot.net (Nov 30 2007)
- no-reply_at_Aria-Security.net (Nov 24 2007)
Aria-Security.Net: Gouae DWD Realty SQL Injection
- noreply_at_aria-security.net (Nov 25 2007)
Aria-Security.net: Irola My-Time v3.5 SQL Injection
- no-reply_at_Aria-Security.net (Nov 23 2007)
Aria-Security.Net: MetaCart SQL Injection
- No-Reply_at_Aria-Security.net (Nov 13 2007)
Aria-Security.net: NetAuctionHelp SQL Injection
- no-reply_at_Aria-Security.net (Nov 24 2007)
- support_at_netauctionhelp.com (Nov 24 2007)
- no-reply_at_Aria-Security.net (Nov 21 2007)
Aria-Security.Net: VU Mailer (Mass Mail) "Password" SQL Injection
- no-reply_at_Aria-Security.net (Nov 20 2007)
AST-2007-024 - Fallacious security advisory spread on the Internet involving buffer overflow in Zaptel's sethdlc application
- The Asterisk Development Team (Nov 08 2007)
AST-2007-025 - SQL Injection issue in res_config_pgsql
- Asterisk Security Team (Nov 29 2007)
AST-2007-026 - SQL Injection issue in cdr_pgsql
- Asterisk Security Team (Nov 29 2007)
ATC-08 Call for papers (repost)
- atc08_at_atilf.no (Nov 13 2007)
AutoIndex <= 2.2.2 Cross Site Scripting and Denial of Service
- L4teral (Nov 12 2007)
Banks (Wellsfargo.com) using CDNs to deliver Javascript: enables password theft by anyone compromising or controlling the CDN
- Jason Muskat de VE3TSJ - GCFA, GCUX, CEI, CEH (Nov 20 2007)
- joel_at_peshkin.net (Nov 19 2007)
Belkin Wireless G Router DoS
- r00t_at_bl4ckh0l3.com (Nov 17 2007)
Bitcomet Resource Browser v1.1 XSS
- jplopezy_at_gmail.com (Nov 23 2007)
Black Lily 2007 (products.php class) Remote SQL Injection Vulnerability
- verys-secret_at_hotmail.com (Nov 17 2007)
Bosdev Multiple vulnerabilities
- sales_at_bosdev.com (Nov 12 2007)
Breaking RSA: Totient indirect factorization
- Erick Galinkin (Nov 15 2007)
- Watson Ladd (Nov 14 2007)
- gandlf (Nov 15 2007)
- Clifton Royston (Nov 15 2007)
- Alexander Klimov (Nov 15 2007)
- gandlf (Nov 14 2007)
Calendar Proverbs <=1.1 (caladmin.php) Remote SQL Injection
- sys-project_at_hotmail.com (Nov 26 2007)
CanSecWest 2008 CFP (deadline Nov 30, conf Mar 26-28) and PacSec Dojo's
- Dragos Ruiu (Nov 08 2007)
Certificate spoofing issue with Mozilla, Konqueror, Safari 2
- Kapetanakis Giannis (Nov 20 2007)
- Nils Toedtmann (Nov 19 2007)
- Michal Zalewski (Nov 19 2007)
- Graeme Fowler (Nov 19 2007)
- Kapetanakis Giannis (Nov 19 2007)
- Nils Toedtmann (Nov 18 2007)
CFP: International workshop on Secure Software Engineering - Deadline extended!
- secse08_at_gmail.com (Nov 01 2007)
Cisco IOS Shellcode
- Research (Nov 12 2007)
Citrix NetScaler Web Management Cookie Weakness
- nnposter_at_disclosed.not (Nov 25 2007)
Citrix NetScaler Web Management XSS
- nnposter_at_disclosed.not (Nov 19 2007)
Comments re ISC's announcement on bind9 security
- Tim (Nov 02 2007)
- Shane Kerr (Nov 02 2007)
- Tim (Nov 02 2007)
- Shane Kerr (Nov 02 2007)
- Tim (Nov 01 2007)
- Theo de Raadt (Nov 01 2007)
- ntn_at_networkontap.com (Nov 01 2007)
- Network Protocol Security (Oct 31 2007)
- Henrik Langos (Nov 01 2007)
CONFidence 2008 CfP
- andrzej.targosz_at_proidea.org.pl (Nov 26 2007)
CORE-2007-0821: Lotus Notes buffer overflow in the Lotus WorkSheet file processor
- Core Security Technologies Advisories (Nov 27 2007)
Crash in LIVE555 Media Server 2007.11.01
- Luigi Auriemma (Nov 18 2007)
Creating Backdoors in Cisco IOS using Tcl
- michael_at_cleverly.com (Nov 27 2007)
- IRM Research (Nov 27 2007)
Cryptome: NSA has access to Windows Mobile smartphones
- Kurt Dillard (Nov 01 2007)
- Juha-Matti Laurio (Nov 01 2007)
CVE-2007-3694: Cross site scripting (XSS) in broadcast machine
- Hanno Böck (Nov 12 2007)
Cypress BX script backdoored?
- Chris (Nov 06 2007)
DeluxeBB E-Mail Address Change Security Bypass
- bugtraq_at_opencosmo.com (Nov 26 2007)
Digital Armaments November-December Hacking Challenge: Diffuse Client Application (10.000$ extra)
- info_at_digitalarmaments.com (Nov 29 2007)
Directory Traversal in SafeNet Sentinel Protection Server and Keys Server
- Elliot Kendall (Nov 26 2007)
DocuSafe "Search" SQL Injection
- No-Reply_at_Aria-Security.net (Nov 13 2007)
DoS Exploit for DHCPd bug (Bugtraq ID 25984 ; CVE-2007-5365)
- Roman Medina-Heigl Hernandez (Nov 02 2007)
DOS in Realplayer 11 ActiveX on Win Vista and Win XP SP2
- thesinoda_at_hotmail.com (Nov 29 2007)
E-vanced Solutions Multiple Vulnerabilites
- Joseph.giron13_at_gmail.com (Nov 21 2007)
EEYE: BitDefender Online Scanner 8 Double Decode Heap Overflow
- eEye Advisories (Nov 20 2007)
EEYE: Multiple Vulnerabilities In .FLAC File Format and Various Media Applications
- eEye Advisories (Nov 15 2007)
Eggblog v3.1.0 XSS Vulnerability
- mesut_at_h-labs.org (Nov 11 2007)
ERRATA: [ GLSA 200711-20 ] Pioneers: Multiple Denials of Service
- Pierre-Yves Rofes (Nov 29 2007)
Eurologon CMS Db credentials disclosure / files download
- kingoftheworld92_at_fastwebnet.it (Nov 27 2007)
Eurologon CMS Multiple SQL Injection
- kingoftheworld92_at_fastwebnet.it (Nov 27 2007)
ExoPHPdesk user profile XSS / profile SQL injection
- Joseph.giron13_at_gmail.com (Nov 13 2007)
FIGIS (FILogin.do) Bypass SQL Injection Vulnerability
- sys-project_at_hotmail.com (Nov 26 2007)
FLEA-2007-0063-1 perl
- Foresight Linux Essential Announcement Service (Nov 09 2007)
FLEA-2007-0064-1 pcre
- Foresight Linux Essential Announcement Service (Nov 11 2007)
FLEA-2007-0065-1 libpng
- Foresight Linux Essential Announcement Service (Nov 11 2007)
FLEA-2007-0066-1 ImageMagick
- Foresight Linux Essential Announcement Service (Nov 11 2007)
FLEA-2007-0067-1 pidgin
- Foresight Linux Essential Announcement Service (Nov 11 2007)
FLEA-2007-0068-1 ruby
- Foresight Linux Essential Announcement Service (Nov 11 2007)
FLEA-2007-0069-1 perl
- Foresight Linux Essential Announcement Service (Nov 11 2007)
FMDeluxe (index.php) Cross-Site Scripting Vulnerability
- sys-project_at_hotmail.com (Nov 26 2007)
Free Forums "search" Sql Injection
- No-Reply_at_Aria-Security.net (Nov 13 2007)
FreeBSD Security Advisory FreeBSD-SA-07:09.random
- FreeBSD Security Advisories (Nov 29 2007)
FreeBSD Security Advisory FreeBSD-SA-07:10.gtar
- FreeBSD Security Advisories (Nov 29 2007)
Gadu-Gadu Local/Remote Buffer Overflow vulnerability
- gynvael_at_vexillium.org (Nov 23 2007)
- emacs25_at_gmail.com (Nov 23 2007)
- sdfkjsomcoismwevoiweo_at_o2.pl (Nov 23 2007)
- gynvael_at_vexillium.org (Nov 23 2007)
- j00ru.vx_at_gmail.com (Nov 23 2007)
- emacs25_at_gmail.com (Nov 22 2007)
- gg_vuln_at_yahoo.com (Nov 22 2007)
- j00ru.vx_at_gmail.com (Nov 22 2007)
Gekko <=0.8.2 (temp directory) Path Disclosure
- J. Carlos Nieto (Nov 28 2007)
- sys-project_at_hotmail.com (Nov 28 2007)
GetBlog local File inclusion ..
- security_at_soqor.net (Nov 22 2007)
GWextranet Multiple Vulnerabilites
- Joseph.giron13_at_gmail.com (Nov 21 2007)
GWExtranet Script Injections & Privilege Escalation Vulnerability
- DoZ_at_HackersCenter.com (Nov 25 2007)
HPSBST02291 SSRT071498 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS07-061 and MS07-062
- security-alert_at_hp.com (Nov 26 2007)
HPSBUX02287 SSRT071485 rev.1 - HP-UX Running HP Secure Shell, Remotely Gain Extended Privileges
- Nick Boyce (Nov 15 2007)
- security-alert_at_hp.com (Nov 12 2007)
IceBB 1.0rc6 <= Remote SQL Injection
- aeroxteam-nospam_at_gmail.com (Nov 19 2007)
- aeroxteam-nospam_at_gmail.com (Nov 18 2007)
iDefense Security Advisory 11.02.07: Sun Microsystems Solaris srsexec Format String Vulnerability
- iDefense Labs (Nov 05 2007)
iDefense Security Advisory 11.05.07: Apple QuickTime Panorama Sample Atom Heap Buffer Overflow Vulnerability
- iDefense Labs (Nov 05 2007)
iDefense Security Advisory 11.06.07: Microsoft DebugView Privilege Escalation Vulnerability
- iDefense Labs (Nov 06 2007)
iDefense Security Advisory 11.07.07: Oracle 10g R2 PITRIG_DROPMETADATA Buffer Overflow Vulnerability
- buzzy_at_poczta.fm (Nov 08 2007)
- iDefense Labs (Nov 07 2007)
iDefense Security Advisory 11.09.07: AOL AmpX ActiveX Control Multiple Buffer Overflow Vulnerabilities
- iDefense Labs (Nov 09 2007)
iDefense Security Advisory 11.09.07: IBM Informix Dynamic Server DBLANG Directory Traversal Vulnerability
- iDefense Labs (Nov 09 2007)
iDefense Security Advisory 11.12.07: Novell NetWare Client Local Privilege Escalation Vulnerability
- iDefense Labs (Nov 13 2007)
iDefense Security Advisory 11.12.07: WinPcap NPF.SYS bpf_filter_init Arbitrary Array Indexing Vulnerability
- iDefense Labs (Nov 12 2007)
iDefense Security Advisory 11.14.07: Apple Mac OS X AppleTalk ASP Message Kernel Heap Overflow Vulnerability
- iDefense Labs (Nov 14 2007)
iDefense Security Advisory 11.14.07: Apple Mac OS X AppleTalk mbuf Kernel Heap Overflow Vulnerability
- iDefense Labs (Nov 14 2007)
iDefense Security Advisory 11.14.07: Apple Mac OS X AppleTalk Socket IOCTL Kernel Stack Buffer Overflow Vulnerability
- iDefense Labs (Nov 14 2007)
iDefense Security Advisory 11.14.07: Apple Mac OS X Mach Port Inheritance Privilege Escalation Vulnerability
- iDefense Labs (Nov 14 2007)
IDMOS v1.0 Alpha Multiple RFI Vulnerability
- Guns_at_0x90.com.ar (Nov 06 2007)
IM upgrade automated social engineering attack
- Dragos Ruiu (Nov 06 2007)
- Roman Shirokov (Nov 06 2007)
- Dragos Ruiu (Nov 01 2007)
IRM025: TIBCO Rendezvous RVD Daemon Remote Memory Leak DoS
- IRM Research (Nov 29 2007)
Javamail login username and password same email problem
- thetaung_at_gmail.com (Nov 16 2007)
JBC Explorer <= V7.20 RC 1 Remote Code Execution Exploit
- gmdarkfig_at_gmail.com (Nov 04 2007)
JiRos Upload Manager SQL Injection
- no-reply_at_aria-security.net (Nov 16 2007)
JLMForo System (modificarPerfil.php) Cross-Site Scripting Vulnerability
- sys-project_at_hotmail.com (Nov 26 2007)
Konqueror Remote Denial Of Service
- laurent.gaffie_at_gmail.com (Nov 14 2007)
Leopard's firewall damages Skype and WoW
- Juergen Schmidt (Nov 05 2007)
li-guestbook sql inj
- abc.seo_at_gmail.com (Nov 09 2007)
Liferay Enterprise Portal multiple XSS
- morin.josh_at_gmail.com (Nov 27 2007)
mac trojan in-the-wild
- Gadi Evron (Nov 01 2007)
- Jim Harrison (Nov 01 2007)
- Thor (Hammer of God) (Nov 01 2007)
- Roger A. Grimes (Nov 01 2007)
- Robert McArdle (Nov 02 2007)
- Roger A. Grimes (Nov 02 2007)
- Memisyazici, Aras (Nov 01 2007)
- nnp (Nov 01 2007)
- Nick FitzGerald (Nov 01 2007)
- Alex Eckelberry (Nov 01 2007)
- Alex Eckelberry (Nov 01 2007)
- Thor (Hammer of God) (Nov 01 2007)
- Matthew Leeds (Nov 01 2007)
- Gadi Evron (Oct 31 2007)
mac trojan in-the-wild]
- Gadi Evron (Nov 01 2007)
Microsoft FTP Client Multiple Bufferoverflow Vulnerability
- 3APA3A (Nov 30 2007)
- Vincent Archer (Nov 30 2007)
- Matthew Leeds (Nov 29 2007)
- Steve Shockley (Nov 29 2007)
- Valdis.Kletnieks_at_vt.edu (Nov 29 2007)
- 3APA3A (Nov 29 2007)
- Rajesh Sethumadhavan (Nov 27 2007)
Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability
- Juha-Matti Laurio (Nov 17 2007)
- CaseArmour.net Security Administrator (Nov 16 2007)
- cocoruder (Nov 16 2007)
Mp3 ToolBox 1.0 beta 5 Remote File İnclude Vulnerability
- cybermilitan_at_hotmail.com (Nov 23 2007)
Multiple vulnerabilities
- Pierre-Yves Rofes (Nov 20 2007)
MyBlog (MyCMS) Remote PHP Code execution / PHP Code injection ..
- BlackHawk (Nov 23 2007)
- security_at_soqor.net (Nov 22 2007)
Myspace Clone Script (index.php) Remote File Inclusion Vulnerability
- verys-secret_at_hotmail.com (Nov 17 2007)
MySpace Scripts - Poll Creator JavaScript Injection Vulnerability
- DoZ_at_HackersCenter.com (Nov 22 2007)
MyWebFTP Password Disclosure
- Advisory_at_Aria-Security.net, (Nov 05 2007)
National Computer and Information Security Conferences ACIS 2008 - COLOMBIA
- Jeimy Cano (Nov 27 2007)
net-finity (links.php) Remote SQL Injection Vulnerability
- verys-secret_at_hotmail.com (Nov 17 2007)
NetAuctionHelp Classified Ads v1.0 SQL Injection
- no-reply_at_Aria-Security.net (Nov 24 2007)
Oracle 0-day to get SYSDBA access
- pete_at_petefinnigan.com (Nov 12 2007)
Oracle 11g/10g Installation Vulnerability
- David Litchfield (Nov 13 2007)
OWASP Israel Conference 2007, Dec 3rd 2007
- Ofer Shezaf (Nov 27 2007)
PBLang <= 4.99.17.q Remote File Rewriting / Remote Command Execution
- kingoftheworld92_at_fastwebnet.it (Nov 24 2007)
PeopleAggregatory security advisory - re CVE-2007-5631
- phil_at_broadbandmechanics.com (Nov 11 2007)
PHP 5.2.4 mail.force_extra_parameters unsecure
- cxib_at_securityreason.com (Nov 25 2007)
PHP <= 5.2.5 Gettext Lib Multiple Denial of service
- laurent.gaffie_at_gmail.com (Nov 13 2007)
PHP <= 5.2.5 stream_wrapper_register() denial of service
- laurent.gaffie_at_gmail.com (Nov 13 2007)
PHP-Nuke Module Advertising Blind SQL Injection
- Guns_at_0x90.com.ar (Nov 10 2007)
PHP-Nuke NSN Script Depository module <= 1.0.3 Remote Source / DB Credentials Disclosure
- kingoftheworld92_at_fastwebnet.it (Nov 26 2007)
- kingoftheworld92_at_fastwebnet.it (Nov 26 2007)
phphelpdesk Multiple vulnerabilities
- Joseph.giron13_at_gmail.com (Nov 02 2007)
PHPkit 1.6.1 (include.php?path=) Remote File Inclusion
- sys-project_at_hotmail.com (Nov 27 2007)
PhpNuke (add-on) MS TopSites Edit Exploit And Html Injection
- Guns_at_0x90.com.ar (Nov 06 2007)
PHPSlideShow (toonchapter8.php) Cross-Site Scripting Vulnerability
- sys-project_at_hotmail.com (Nov 26 2007)
PHPSlideShow XSS Update
- morin.josh_at_gmail.com (Nov 27 2007)
PR07-02: XSS on Liferay Portal Enterprise 4.1.1 login page ('login' parameter)
- research_at_procheckup.com (Nov 15 2007)
PR07-13: Cross-site Scripting / HTML injection on F5 FirePass 4100 SSL VPN 'download_plugin.php3' server-side script
- research_at_procheckup.com (Nov 12 2007)
PR07-14: Cross-site Scripting (XSS) / HTML injection on F5 FirePass 4100 SSL VPN 'my.activation.php3' server-side script
- research_at_procheckup.com (Nov 30 2007)
PR07-15: Cross-site Scripting (XSS) / HTML injection on F5 FirePass 4100 SSL VPN 'my.logon.php3' server-side script
- research_at_procheckup.com (Nov 30 2007)
PR07-26: Persistent XSS on Aruba 800 Mobility Controller's login page
- research_at_procheckup.com (Nov 15 2007)
PR07-37: XSS on Apache HTTP Server 413 error pages via malformed HTTP method
- research_at_procheckup.com (Nov 30 2007)
Predictable DNS transaction IDs in Microsoft DNS Server
- Alla Bezroutchko (Nov 14 2007)
QEMU code_gen_buffer overflow POC
- TeLeMan (Nov 30 2007)
Remote Shell Command Execution in "KB-Bestellsystem" (amensa-soft.de)
- zero-x_at_linuxmail.org (Nov 22 2007)
RFID: Security Briefings
- angelo_at_rosiello.org (Nov 12 2007)
rPSA-2007-0231-1 pcre
- rPath Update Announcements (Nov 06 2007)
rPSA-2007-0232-1 perl
- rPath Update Announcements (Nov 06 2007)
rPSA-2007-0241-1 samba samba-swat
- rPath Update Announcements (Nov 16 2007)
rPSA-2007-0242-1 php5 php5-cgi php5-mysql php5-pear php5-pgsql php5-soap php5-xsl
- rPath Update Announcements (Nov 19 2007)
rPSA-2007-0243-1 flac
- rPath Update Announcements (Nov 21 2007)
rPSA-2007-0245-1 kernel
- rPath Update Announcements (Nov 21 2007)
rPSA-2007-0245-2 kernel
- rPath Update Announcements (Nov 21 2007)
rPSA-2007-0252-1 cups poppler tetex tetex-afm tetex-dvips tetex-fonts tetex-latex tetex-xdvi
- rPath Update Announcements (Nov 28 2007)
rPSA-2007-0254-1 idle python
- rPath Update Announcements (Nov 30 2007)
Ruby/Gnome2 0.16.0 Format String Vulnerability
- chris.rohlf_at_gmail.com (Nov 27 2007)
sBlog 0.7.3 Beta Cross Site Request Forgery
- Guns_at_0x90.com.ar (Nov 01 2007)
SCARE metrics and tool release
- Pete Herzog (Nov 30 2007)
Sciurus Hosting Panel Code İnjection
- admin_at_biyofrm.com (Nov 16 2007)
Scribe <= 2.0 Remote PHP Code Execution
- kingoftheworld92_at_fastwebnet.it (Nov 01 2007)
SEC Consult SA-20071101-0 :: Multiple Vulnerabilities in SonicWALL SSL-VPN Client
- Bernhard Mueller (Nov 01 2007)
Secunia Research: AbiWord Link Grammar "separate_sentence()" Buffer Overflow
- Secunia Research (Nov 07 2007)
Secunia Research: ACDSee Products Image and Archive Plug-ins Buffer Overflows
- Secunia Research (Nov 02 2007)
Secunia Research: Link Grammar "separate_sentence()" Buffer Overflow
- Secunia Research (Nov 07 2007)
Secunia Research: Samba "reply_netbios_packet()" Buffer Overflow Vulnerability
- Secunia Research (Nov 15 2007)
Secunia Research: Symantec Backup Exec Job Engine Denial of Service
- Secunia Research (Nov 28 2007)
Secunia Research: Xpdf "Stream.cc" Multiple Vulnerabilities
- Secunia Research (Nov 07 2007)
security contact for mitsubishi electric?
- Chris Withers (Nov 17 2007)
Several persistent XSS and CSRF on Wireless-G ADSL Gateway with SpeedBooster (WAG54GS)
- Adrian P (Nov 20 2007)
Simple Machine Forum - Private section/posts/info disclosure
- rx_at_h4cky0u.org (Nov 11 2007)
- Jindrich Kubec (Nov 08 2007)
- klynn.securityfocus_at_kevinlynn.com (Nov 09 2007)
- h3llcode_at_hotmail.it (Nov 08 2007)
Simple Machines Forum multiple sql injection flaws with exploit code.
- root_at_fuck.com (Nov 21 2007)
SimpleGallery v0.1.3 (index.php) Cross-Site Scripting Vulnerability
- sys-project_at_hotmail.com (Nov 26 2007)
SiteMinder Agent: Cross Site Scripting
- Williams, James K (Nov 09 2007)
- overet_at_securitydate.it (Nov 09 2007)
- securityfocus_at_netdevice.com (Nov 08 2007)
- Giuseppe Gottardi (Nov 06 2007)
Six Remote Memory Corruption Vulnerabilities in IBM WebSphere MQ 6.0
- IRM Research (Nov 14 2007)
Skalinks <= 1_5 Cross Site Request Forgery Add Admin
- djvincy_at_hotmail.it (Nov 03 2007)
Skype DoS
- mail_at_me.not (Nov 25 2007)
SkyPortal vRC6 Multiple Remote Vulnerabilities
- bugtraq_at_opencosmo.com (Nov 21 2007)
SMF .htaccess bypass
- anuj tenani (Nov 06 2007)
- Matt D. Harris (Nov 06 2007)
- h3llcode_at_hotmail.it (Nov 06 2007)
Some Data of POC2007
- poc2007_at_gmail.com (Nov 28 2007)
Some hashes for the record
- shadown (Nov 14 2007)
SQL injection bug found in TBSource.
- drakomo_at_gmail.com (Nov 09 2007)
Standing Up Against German Laws - Project HayNeedle
- Quark IT - Hilton Travis (Nov 16 2007)
- Frank Guthausen (Nov 14 2007)
- imipak (Nov 14 2007)
- Raj Mathur (Nov 13 2007)
- Stefano Zanero (Nov 13 2007)
- Valdis.Kletnieks_at_vt.edu (Nov 13 2007)
- johan beisser (Nov 13 2007)
- Paul Wouters (Nov 13 2007)
- Florian Echtler (Nov 13 2007)
- johan beisser (Nov 12 2007)
- Matt D. Harris (Nov 12 2007)
- johan beisser (Nov 12 2007)
- Paul Sebastian Ziegler (Nov 10 2007)
SYM07-029 Symantec BEWS Multiple DoS in Job Engine
- Secure (Nov 28 2007)
Synergiser <= 1.2 RC1 Local File Inclusion & Full path disclosure
- kingoftheworld92_at_fastwebnet.it (Nov 01 2007)
TalkBack 2.2.7 Multiple Remote File Inclusion Vulnerabilities
- bugtraq_at_opencosmo.com (Nov 21 2007)
Tilde CMS <= v. 4.x "aarstal" parameter of "yeardetail" SQL Injection
- kingoftheworld92_at_fastwebnet.it (Nov 26 2007)
TPTI-07-20: Apple Quicktime Movie Stack Overflow Vulnerability
- DVLabs (Nov 14 2007)
two bytehoard 2.1 bugs
- Ernesto Alvarez (Nov 26 2007)
Two XSS on Blue Coat ProxySG Management Console
- research_at_procheckup.com (Nov 01 2007)
Ucms <= 1.8 Backdoor Remote Command Execution Exploit
- bugtraq_at_opencosmo.com (Nov 21 2007)
Using CSRF to Attack Mobile Phones
- avivra (Nov 22 2007)
vBTube v1.1 - Beta ( Vbulletin Tube) Xss Vulnerable
- cybermilitan_at_hotmail.com (Nov 24 2007)
VigileCMS 1.4 Multiple Remote Vulnerabilities
- info_at_opencosmo.com (Nov 18 2007)
VigileCMS <= 1.8 Stealth Remote Command Execution Exploit
- bugtraq_at_opencosmo.com (Nov 22 2007)
Vulnerability Hash Database - Maillist
- Sowhat (Nov 17 2007)
Wheatblog (wB) Remote File inclusion ..
- security_at_soqor.net (Nov 22 2007)
Win2K3 Priv Escalation
- Thor (Hammer of God) (Nov 28 2007)
- Justin_at_ESC (Nov 28 2007)
- Jan M�nther (Nov 28 2007)
- Matt Ausmus (Nov 27 2007)
- justin_at_escracing.com (Nov 27 2007)
Wordpress Cookie Authentication Vulnerability
- Steven J. Murdoch (Nov 19 2007)
xoops mylinks module - sql injection
- root_at_hanicker.it (Nov 09 2007)
ZDI-07-058: Oracle E-Business Suite SQL Injection Vulnerability
- zdi-disclosures_at_3com.com (Oct 31 2007)
ZDI-07-059: Verity KeyView SDK Multiple File Format Parsing Vulnerabilities
- zdi-disclosures_at_3com.com (Oct 31 2007)
ZDI-07-060: HP OpenView Radia Integration Server File System Exposure Vulnerability
- zdi-disclosures_at_3com.com (Oct 31 2007)
ZDI-07-061: RealNetworks RealPlayer SWF Processing Remote Code Execution Vulnerability
- zdi-disclosures_at_3com.com (Oct 31 2007)
ZDI-07-062: RealNetworks RealPlayer PLS File Memory Corruption Vulnerability
- zdi-disclosures_at_3com.com (Oct 31 2007)
ZDI-07-063: RealPlayer RA Field Size File Processing Heap Oveflow Vulnerability
- zdi-disclosures_at_3com.com (Oct 31 2007)
ZDI-07-064: Novell Client Trust Heap Overflow Vulnerability
- zdi-disclosures_at_3com.com (Oct 31 2007)
ZDI-07-065: Apple QuickTime Color Table RGB Parsing Heap Corruption Vulnerability
- zdi-disclosures_at_3com.com (Nov 05 2007)
ZDI-07-066: Apple Quicktime PICT File PackBitsRgn Parsing Heap Corruption Vulnerability
- zdi-disclosures_at_3com.com (Nov 05 2007)
ZDI-07-067: Apple QuickTime PICT File Poly Opcodes Heap Corruption Vulnerability
- zdi-disclosures_at_3com.com (Nov 05 2007)
ZDI-07-068: Apple QuickTime Uncompressedfile Opcode Stack Overflow Vulnerability
- zdi-disclosures_at_3com.com (Nov 05 2007)
ZDI-07-069: CA BrightStor ARCserve Backup Message Engine Insecure Method Exposure Vulnerability
- zdi-disclosures_at_3com.com (Nov 26 2007)