Home page logo
/

453 messages starting Oct 04 07 and ending Oct 11 07
Date index | Thread index | Author index

3APA3A

Re[2]: 0day: mIRC pwns Windows 3APA3A (Oct 04)
Re: iDefense Security Advisory 10.02.07: Sun Microsystems Solaris FIFO FS Information Disclosure Vulnerability 3APA3A (Oct 04)
Re[3]: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape,Miranda, Skype 3APA3A (Oct 09)
Vulnerabilities digest 3APA3A (Oct 10)
Re: Tikiwiki 1.9.8 exploit ITW 3APA3A (Oct 12)
3proxy 0.5.3j released (bugfix) 3APA3A (Oct 23)

Adam Laurie

RFIDIOt release - version 0.1q Adam Laurie (Oct 30)

Adrian P

BT Home Flub: Pwnin the BT Home Hub Adrian P (Oct 09)

advisories

Corsaire Security Advisory - Citrix Access Gateway session ID disclosure issue advisories (Oct 22)

Alex Everett

RE: [Full-disclosure] Remote Desktop Command Fixation Attacks Alex Everett (Oct 15)

alkomandoz-hacker

teatro 1.6 ( basePath ) Remote File Include Vulnerability alkomandoz-hacker (Oct 29)

Amit Klein

Re: BIND 8 EOL and BIND 8 DNS Cache Poisoning (Amit Klein, Trusteer) Amit Klein (Oct 06)

Andreas Lindenblatt

Re: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype Andreas Lindenblatt (Oct 09)
Re: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype Andreas Lindenblatt (Oct 09)

Andres Riancho

[TOOL] w3af - Web Application Attack and Audit Framework Andres Riancho (Oct 22)

Andy Davis

IRM Advisory: Cisco IOS LPD Remote Stack Overflow Andy Davis (Oct 11)
RE: Cisco PSIRT response on IRM Demonstrates Multiple Cisco IOS Exploitation Techniques Andy Davis (Oct 11)
RE: Cisco PSIRT response on IRM Demonstrates Multiple Cisco IOS Exploitation Techniques Andy Davis (Oct 11)
IRM Vendor Alerts: Six critical remote vulnerabilities in TIBCO SmartPGM FX Andy Davis (Oct 16)
RE: Cisco PSIRT response on IRM Demonstrates Multiple Cisco IOS Exploitation Techniques Andy Davis (Oct 16)
IRM Discover More Vulnerabilities in Cisco IOS Andy Davis (Oct 25)

angelo

Security Briefings angelo (Oct 29)

ascii

Original Photo Gallery Remote Command Execution ascii (Oct 02)

Asterisk Security Team

AST-2007-023 - SQL Injection Vulnerabilty in cdr_addon_mysql Asterisk Security Team (Oct 17)

avivra

RE: feedreader3 has XSS vulnerability avivra (Oct 01)
RE: playing for fun with <=IE7 avivra (Oct 16)

Ben Laurie

OpenSSL Security Advisory Ben Laurie (Oct 12)

Bernhard Mueller

SEC Consult SA-20071012-0 :: Madwifi xrates element remote DOS Bernhard Mueller (Oct 12)
SEC Consult SA-20071031-0 :: Perdition IMAP Proxy Format String Vulnerability Bernhard Mueller (Oct 31)

Brandon S. Allbery KF8NH

Re: Holes in the firewall of Mac OS X Leopard Brandon S. Allbery KF8NH (Oct 29)

Brett Moore

RE: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype Brett Moore (Oct 09)

bugtraq

CVE-2007-4600 - Mathcad Protect Worksheet Vulnerability bugtraq (Oct 16)

chase

CFP C H A S E - 2 0 0 7 Lahore Pakistan chase (Oct 18)

Chris Travers

LedgerSMB < 1.2.8, SQL-Ledger 2.x Multiple SQL Injection Issues Chris Travers (Oct 09)

Cisco Systems Product Security Incident Response Team

Cisco Security Advisory: Cisco Wireless Control System Conversion Utility Adds Default Password Cisco Systems Product Security Incident Response Team (Oct 10)
Cisco Security Advisory: Cisco Unified Communications Web-based Management Vulnerability Cisco Systems Product Security Incident Response Team (Oct 17)
Cisco Security Advisory: Multiple Vulnerabilities in Firewall Services Module Cisco Systems Product Security Incident Response Team (Oct 17)
Cisco Security Advisory: Multiple Vulnerabilities in Cisco PIX and ASA Appliances Cisco Systems Product Security Incident Response Team (Oct 17)

`ClubHack `

ClubHack - CFP closing by 15th October 2007 `ClubHack ` (Oct 01)

Collin R. Mulliner

simple dns rebinding protection with dnsmasq Collin R. Mulliner (Oct 22)

come2waraxe

[waraxe-2007-SA#059] - XSS in WordPress 2.3 come2waraxe (Oct 29)

Core Security Technologies Advisories

CORE-2007-0928: Stack-based buffer overfl ow vulnerability in OpenBSD’s DHCP server Core Security Technologies Advisories (Oct 11)

cyber-crime

wmtrssreader joomla component 1.0 Remote File Include Vulnerability cyber-crime (Oct 10)

Damir Rajnovic

Cisco PSIRT response on IRM Demonstrates Multiple Cisco IOS Exploitation Techniques Damir Rajnovic (Oct 10)

daniel . stirniman

Nortel IP Phone Flooding Denial of Service daniel . stirniman (Oct 18)

daniel . stirnimann

Nortel UNIStim IP Softphone Buffer-Overflow daniel . stirnimann (Oct 18)
Nortel IP Phone Surveillance Mode daniel . stirnimann (Oct 18)
Nortel IP Phone forced re-authentication daniel . stirnimann (Oct 18)
Nortel Telephony Server Denial of Service daniel . stirnimann (Oct 18)

dann frazier

[SECURITY] [DSA 1365-3] New id3lib3.8.3 packages fix denial of service dann frazier (Oct 02)
[SECURITY] [DSA 1381-1] New Linux 2.6.18 packages fix several vulnerabilities dann frazier (Oct 03)
[SECURITY] [DSA 1381-2] New Linux 2.6.18 packages fix several vulnerabilities dann frazier (Oct 13)

David Litchfield

SQL Injection Flaw in Oracle Workspace Manager David Litchfield (Oct 17)

deme

Multiple CSRF in SimplePHPBlog deme (Oct 17)
Hackish XSS in shoutbox/blocco.php deme (Oct 22)

digineo Advisories

Directory traversal flaw in shttp digineo Advisories (Oct 25)

DoZ

eGov Content Manager Cross Site Scripting Vulrnability DoZ (Oct 01)
DNewsWeb Softwares Cross Site Scripting Vulrnability DoZ (Oct 09)
Smart-Shop Shopping Cart Cross-Site Scripting Vulrnability DoZ (Oct 29)
Omnistar Live Software Cross-Site Scripting Vulrnability DoZ (Oct 29)

Dragos Ruiu

PacSec 2007 Agenda (Tokyo 11-29/30) Dragos Ruiu (Oct 22)
In Memoriam: Jun-ichiro Hagino Dragos Ruiu (Oct 30)

eEye Advisories

EEYE: CA BrightStor ArcServe Backup Server Arbitrary Pointer Dereference eEye Advisories (Oct 11)

ejc

Re: OpenSSL SSL_get_shared_ciphers() off-by-one buffer overflow ejc (Oct 04)

farion42

Re: Windows binary of "GSview 4.8" contain vulnerable zlib (CAN-2005-2096) farion42 (Oct 20)

Fatih Ozavci

[GS07-02] RSA Keon Multiple Cross-Site Scripting Vulnerabilities Fatih Ozavci (Oct 24)

Felix 'FX' Lindner

Re: [Full-disclosure] The Death of Defence in Depth ? - An invitation to Hack.lu Felix 'FX' Lindner (Oct 11)

Florian Weimer

Re: Cisco PSIRT response on IRM Demonstrates Multiple Cisco IOS Exploitation Techniques Florian Weimer (Oct 11)
Re: URI handling as the harbinger of interaction errors Florian Weimer (Oct 11)
[SECURITY] [DSA 1387-1] New librpcsecgss packages fix arbitrary code execution Florian Weimer (Oct 15)

Foresight Linux Essential Announcement Service

FLEA-2007-0057-1 pidgin Foresight Linux Essential Announcement Service (Oct 03)
FLEA-2007-0058-1 openssl openssl-scripts Foresight Linux Essential Announcement Service (Oct 04)
FLEA-2007-0059-1 qt qt-tools Foresight Linux Essential Announcement Service (Oct 04)
FLEA-2007-0060-1 initscripts Foresight Linux Essential Announcement Service (Oct 26)
FLEA-2007-0061-1 sun-jre sun-jdk Foresight Linux Essential Announcement Service (Oct 29)
FLEA-2007-0062-1 firefox Foresight Linux Essential Announcement Service (Oct 29)

Fred Elliot

Re: 0day: mIRC pwns Windows Fred Elliot (Oct 04)

FreeBSD Security Advisories

FreeBSD Security Advisory FreeBSD-SA-07:08.openssl FreeBSD Security Advisories (Oct 03)

fwadmin

Re: RE: CheckPoint Secure Platform Multiple Buffer Overflows fwadmin (Oct 11)

Gavin Hanover

Re: 0day: mIRC pwns Windows Gavin Hanover (Oct 03)
Re: Re[2]: 0day: mIRC pwns Windows Gavin Hanover (Oct 04)

Gayathri Swaminathan

Re: SSH attacks - anyone else seen these? Gayathri Swaminathan (Oct 16)

gboyce

Re: [Full-disclosure] Remote Desktop Command Fixation Attacks gboyce (Oct 11)

Geo.

Re: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape,Miranda, Skype Geo. (Oct 06)
Re: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape,Miranda, Skype Geo. (Oct 09)
Re: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape,Miranda, Skype Geo. (Oct 09)
Re: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape,Miranda, Skype Geo. (Oct 09)

gjgowey

Re: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape,Miranda, Skype gjgowey (Oct 09)
Re: [Full-disclosure] Remote Desktop Command Fixation Attacks gjgowey (Oct 11)

Glynn Clements

Re: Re[2]: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape,Miranda, Skype Glynn Clements (Oct 09)

gmdarkfig

Simple PHP Blog (sphpblog) <= 0.5.1 Multiple Vulnerabilities gmdarkfig (Oct 22)

gokhankaya

DRBGuestbook Remote XSS Vulnerability gokhankaya (Oct 03)

Gregory Rubin

Re: 0day: mIRC pwns Windows Gregory Rubin (Oct 03)

Greg Rubin

Re: 0day: mIRC pwns Windows Greg Rubin (Oct 04)

Guns

Joomla! swMenuFree 4.6 Component Remote File Include Guns (Oct 11)
Micro Login System v1.0 (userpwd.txt) Password Disclosure Vulnerability Guns (Oct 26)
AGTC-Membership system v1.1a (adduser) Remote Add Admin Exploit Guns (Oct 29)

Guy Mizrahi

3Com WIFI router remote administration vulnerability. Guy Mizrahi (Oct 10)

h3llcode

phpBB Mod OpenID 0.2.0 BBStore.php Remote File Inclusion h3llcode (Oct 01)

hack2prison

Affiliate Network Pro Multiple Input Validation and Local file inclusion hack2prison (Oct 01)
Folder Access bypass hack2prison (Oct 22)
Jeebles Directory Local File Inclusion hack2prison (Oct 22)

hackerbinhphuoc

i-Gallery 3.4 bug crack password! hackerbinhphuoc (Oct 25)

Halvar Flake

Re: Cisco PSIRT response on IRM Demonstrates Multiple Cisco IOS Exploitation Techniques Halvar Flake (Oct 10)
Re: Cisco PSIRT response on IRM Demonstrates Multiple Cisco IOS Exploitation Techniques Halvar Flake (Oct 11)
Re: Cisco PSIRT response on IRM Demonstrates Multiple Cisco IOS Exploitation Techniques Halvar Flake (Oct 11)

Hanno Böck

Re: Multiple CSRF in SimplePHPBlog Hanno Böck (Oct 18)

H D Moore

Cracking the iPhone (5 article series) H D Moore (Oct 22)

Hernan Ochoa

WifiZoo v1.2 release Hernan Ochoa (Oct 02)

hfli

CA BrightStor ARCServe BackUp Message Engine Remote Stack Overflow Vulnerability hfli (Oct 11)

Hugo van der Kooij

RE: CheckPoint Secure Platform Multiple Buffer Overflows Hugo van der Kooij (Oct 03)

hvazquez

CheckPoint Secure Platform Multiple Buffer Overflows hvazquez (Oct 01)
Re: CheckPoint Secure Platform Multiple Buffer Overflows hvazquez (Oct 02)
Re: RE: CheckPoint Secure Platform Multiple Buffer Overflows hvazquez (Oct 17)

hvdkooij

Re: Remote Desktop Command Fixation Attacks hvdkooij (Oct 12)

iDefense Labs

iDefense Security Advisory 10.02.07: Multiple Vendor X Font Server Multiple Vulnerabilities iDefense Labs (Oct 03)
iDefense Security Advisory 10.02.07: Sun Microsystems Solaris FIFO FS Information Disclosure Vulnerability iDefense Labs (Oct 03)
Re: iDefense Security Advisory 10.02.07: Sun Microsystems Solaris FIFO FS Information Disclosure Vulnerability iDefense Labs (Oct 04)
iDefense Security Advisory 10.09.07: Microsoft Windows Mail and Outlook Express NNTP Protocol Heap Overflow iDefense Labs (Oct 09)
iDefense Security Advisory 10.10.07: Kaspersky Web Scanner ActiveX Format String Vulnerability iDefense Labs (Oct 10)
iDefense Security Advisory 10.11.07: Multiple Vendor FLAC Library Multiple Integer Overflow Vulnerabilities iDefense Labs (Oct 11)
iDefense Security Advisory 10.23.07: IBM Lotus Domino IMAP Buffer Overflow Vulnerability iDefense Labs (Oct 24)
iDefense Security Advisory 10.23.07: IBM Lotus Notes Client TagAttributeListCopy Buffer Overflow Vulnerability iDefense Labs (Oct 24)
iDefense Security Advisory 10.25.07: Trend Micro Tmxpflt.sys IOCTL 0xa0284403 Buffer Overflow Vulnerability iDefense Labs (Oct 25)
iDefense Security Advisory 10.30.07: IBM AIX swcons Local Arbitrary File Access Vulnerability iDefense Labs (Oct 30)
iDefense Security Advisory 10.30.07: IBM AIX 5.2 crontab BSS Buffer Overflow Vulnerability iDefense Labs (Oct 30)
iDefense Security Advisory 10.30.07: IBM AIX dig dns_name_fromtext Integer Underflow Vulnerability iDefense Labs (Oct 30)
iDefense Security Advisory 10.30.07: IBM AIX lqueryvg Stack Buffer Overflow Vulnerability iDefense Labs (Oct 30)
iDefense Security Advisory 10.30.07: IBM AIX lquerypv Stack Buffer Overflow Vulnerability iDefense Labs (Oct 30)
iDefense Security Advisory 10.30.07: IBM AIX ftp domacro Parameter Buffer Overflow Vulnerability iDefense Labs (Oct 30)
iDefense Security Advisory 10.30.07: IBM AIX bellmail Stack Buffer Overflow Vulnerability iDefense Labs (Oct 30)
iDefense Security Advisory 10.31.07: Macrovision InstallShield Update Service ActiveX Unsafe Method Vulnerability iDefense Labs (Oct 31)
iDefense Security Advisory 10.31.07: Symantec Altiris Deployment Solution TFTP/MTFTP Service Directory Traversal Vulnerability iDefense Labs (Oct 31)

info

new vuln in snewscms.net.ru in lang file info (Oct 08)

ivan . sanchez

Reporting Vulnerable Public Web mail ivan . sanchez (Oct 05)

james

Re: dvddb-0.6 media sql-inj. vuln. james (Oct 02)

James C. Slora Jr.

RE: playing for fun with <=IE7 James C. Slora Jr. (Oct 15)

James Lay

Re: SSH attacks - anyone else seen these? James Lay (Oct 17)

Jan Heisterkamp

Re: Firefox / IE6 crash on javascript nested loops Jan Heisterkamp (Oct 30)

jason . gerfen

Re: RE: playing for fun with <=IE7 jason . gerfen (Oct 15)

J. Carlos Nieto

Django 0.96 (stable) Admin Panel CSRF J. Carlos Nieto (Oct 30)

Jeff Moss

Black Hat Tokyo + DC and Europe CfPs now open. Jeff Moss (Oct 09)
Black Hat Tokyo + DC and Europe CfPs now open. Jeff Moss (Oct 11)

Jerry Illikainen

smbftpd 0.96 format string vulnerability Jerry Illikainen (Oct 01)

Jim Harrison

RE: Remote Desktop Command Fixation Attacks Jim Harrison (Oct 11)

Jim Slora

RE: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype Jim Slora (Oct 09)

jinc4fareijj

0day: mIRC pwns Windows jinc4fareijj (Oct 03)

Jonathan Katz

Siebel Security Basics Jonathan Katz (Oct 30)

jose luis góngora fernández

InnovaShop™® (mgs.jps) Cross Siting Script ing jose luis góngora fernández (Oct 15)
Stringbeans (Portal) - Lang Parameter Cross-Site Scripting Vulnerability jose luis góngora fernández (Oct 15)
Xcomputer - Lang Parameter Cross-Site Scripting Vulnerability jose luis góngora fernández (Oct 15)
WWWISIS <= 7.1 (IsisScript) Multiple Vulnerabilities jose luis góngora fernández (Oct 16)

Jose Nazario

Re: SSH attacks - anyone else seen these? Jose Nazario (Oct 16)

joseph . giron13

ASP Product catalog SQL injection vulnerability joseph . giron13 (Oct 01)
ASP-CMS version 1 default password location. joseph . giron13 (Oct 01)
Aleris Software Systems Web Publisher Calendar SQL injection Joseph . giron13 (Oct 24)
Bosdev Multiple vulnerabilities Joseph . giron13 (Oct 24)
usd250 helpdesk XSS vulnerabily. Joseph . giron13 (Oct 25)

Joxean Koret

How to subvert Oracle Database Vault Joxean Koret (Oct 29)

Juergen Schmidt

URI handling woes in Acrobat Reader, Netscape, Miranda, Skype Juergen Schmidt (Oct 05)
RE: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype Juergen Schmidt (Oct 06)
Holes in the firewall of Mac OS X Leopard Juergen Schmidt (Oct 29)
Re: Holes in the firewall of Mac OS X Leopard Juergen Schmidt (Oct 30)

Juha-Matti Laurio

Camino release 1.5.2 fixes several vulnerabilities Juha-Matti Laurio (Oct 22)

kcghost

HTML Injection Vuln in nssboard kcghost (Oct 15)

Kees Cook

[USN-523-1] ImageMagick vulnerabilities Kees Cook (Oct 04)
[USN-524-1] OpenOffice.org vulnerability Kees Cook (Oct 05)
[USN-525-1] libsndfile vulnerability Kees Cook (Oct 05)
[USN-526-1] debian-goodies vulnerability Kees Cook (Oct 05)
[USN-527-1] xen-3.0 vulnerability Kees Cook (Oct 09)
[USN-528-1] MySQL vulnerabilities Kees Cook (Oct 11)
[USN-529-1] Tk vulnerability Kees Cook (Oct 11)
[USN-530-1] hplip vulnerability Kees Cook (Oct 12)
[USN-532-1] nagios-plugins vulnerability Kees Cook (Oct 22)
[USN-534-1] OpenSSL vulnerability Kees Cook (Oct 22)
[USN-533-1] util-linux vulnerability Kees Cook (Oct 22)
[USN-531-1] dhcp vulnerability Kees Cook (Oct 22)
[USN-501-2] Ghostscript vulnerability Kees Cook (Oct 22)
[USN-535-1] Firefox vulnerabilities Kees Cook (Oct 23)
[USN-531-2] dhcp vulnerability Kees Cook (Oct 23)
[USN-536-1] Thunderbird vulnerabilities Kees Cook (Oct 23)
[USN-537-1] gnome-screensaver vulnerability Kees Cook (Oct 23)
[USN-538-1] libpng vulnerabilities Kees Cook (Oct 25)

kingoftheworld92

Flatnuke3 Remote Cookie Manipoulation / Privilege Escalation kingoftheworld92 (Oct 25)
Multi Host Forum Pro phpbb & ipb Multiple Sql Injection kingoftheworld92 (Oct 25)
[Trick] VigileCMS All Versions DataMining Remote Hash Disclosure kingoftheworld92 (Oct 25)

KJK::Hyperion

Re: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype KJK::Hyperion (Oct 09)
Re: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype KJK::Hyperion (Oct 09)
Third-party patch for CVE-2007-3896 (Internet Explorer 7 invalid URI handling) available KJK::Hyperion (Oct 15)
Re: Third-party patch for CVE-2007-3896, UPDATE NOW KJK::Hyperion (Oct 17)

komarov

Webroot Desktop Firewall <=5.5.10.20 DNS recursion komarov (Oct 29)

Kurt Dillard

Re: Re[2]: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape,Miranda, Skype Kurt Dillard (Oct 06)

L4teral

TikiWiki <= 1.9.8.1 Cross Site Scripting / Local File Inclusion L4teral (Oct 25)
ILIAS <= 3.8.3 Cross Site Scripting L4teral (Oct 30)

Lars Eilebrecht

Final Call for Papers for Security Track at ApacheCon Europe 2008 Lars Eilebrecht (Oct 29)

laurent . gaffie

playing for fun with <=IE7 laurent . gaffie (Oct 13)
Re: A-Cart SQL Injection And Cross-Site Scripting laurent . gaffie (Oct 25)
Re: Re: RE: playing for fun with <=IE7 laurent . gaffie (Oct 25)

Luigi Auriemma

Two buffer-overflow in FSD V2.052 d9 and FSFDT V3.000 d9 Luigi Auriemma (Oct 01)
Unexploitable buffer-overflow in America's Army 2.8.2 through PB Luigi Auriemma (Oct 01)
Format string in the Doom 3 engine through PB Luigi Auriemma (Oct 01)
Format string in F.E.A.R. 1.08 through PB Luigi Auriemma (Oct 01)
Multiple vulnerabilities in Dropteam 1.3.3 Luigi Auriemma (Oct 05)
Format string in The Dawn of Time 1.69s beta4 Luigi Auriemma (Oct 05)
NULL pointer crash in World in Conflict 1.000 Luigi Auriemma (Oct 09)
Clients buffer-overflow in Live for Speed 0.5X10 Luigi Auriemma (Oct 15)

m2x

New Advisory: X-script GuestBook m2x (Oct 01)

Marc Delisle

about phpMyAdmin setup.php XSS vulnerability Marc Delisle (Oct 16)

Mark R. Bowyer

Re: SSH attacks - anyone else seen these? Mark R. Bowyer (Oct 16)

Mark Senior

Re: Cisco PSIRT response on IRM Demonstrates Multiple Cisco IOS Exploitation Techniques Mark Senior (Oct 12)

Martin Schulze

[SECURITY] [DSA 1386-2] New wesnoth packages fix denial of service Martin Schulze (Oct 15)
[SECURITY] [DSA 1386-1] New wesnoth packages fix denial of service Martin Schulze (Oct 15)

M. Burnett

RE: Remote Desktop Command Fixation Attacks M. Burnett (Oct 11)

mehrad1989

Content Builder 0.7.5 RFI Bug mehrad1989 (Oct 03)

Memisyazici, Aras

M$ will fix URI? Memisyazici, Aras (Oct 11)

merigoth

Fwd: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape,Miranda, Skype merigoth (Oct 11)

Michal Bucko

[ELEYTT] 10PAZDZIERNIK2007 Michal Bucko (Oct 10)
[ELEYTT] Public Advisory 20-10-2007 Michal Bucko (Oct 22)

Michal Zalewski

(tool announcement) bunny the fuzzer Michal Zalewski (Oct 31)

morin . josh

Novell OpenSUSE SWAMP multiple XSS morin . josh (Oct 24)

Moritz Muehlenhoff

[SECURITY] [DSA 1389-1] New zoph packages fix SQL injection Moritz Muehlenhoff (Oct 18)
[SECURITY] [DSA 1391-1] New icedove packages fix several vulnerabilities Moritz Muehlenhoff (Oct 19)
[SECURITY] [DSA 1392-1] New xulrunner packages fix several vulnerabilities Moritz Muehlenhoff (Oct 20)
[SECURITY] [DSA 1396-1] New iceweasel packages fix several vulnerabilities Moritz Muehlenhoff (Oct 27)

Moritz Naumann

Tikiwiki 1.9.8 exploit ITW Moritz Naumann (Oct 11)

Morning Wood

Re: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape,Miranda, Skype Morning Wood (Oct 09)

mu-b

eXtremail(ly easy) remote roots mu-b (Oct 15)

NetGear

Re: Netgear FVG318 is vunerable to DOS attack NetGear (Oct 17)

Network Protocol Security

Comments re ISC's announcement on bind9 security Network Protocol Security (Oct 29)

NGSSoftware Insight Security Research

Oracle TNS Listener DoS and/or remote memory inspection NGSSoftware Insight Security Research (Oct 17)
Multiple SQL Injection Flaws in Oracle CTX_DOC package NGSSoftware Insight Security Research (Oct 17)
Oracle RDBMS TNS Data packet DoS NGSSoftware Insight Security Research (Oct 17)
Oracle audit issue with XMLDB ftp service NGSSoftware Insight Security Research (Oct 17)
Heap overflow in RealPlayer ID3 tag parser NGSSoftware Insight Security Research (Oct 29)
Untrusted Java applet can connect to localhost NGSSoftware Insight Security Research (Oct 29)
Memory overwrites in JVM via malformed TrueType font NGSSoftware Insight Security Research (Oct 29)

Nick FitzGerald

Re: iDefense Security Advisory 10.09.07: Microsoft Windows Mail and Outlook Express NNTP Protocol Heap Overflow Nick FitzGerald (Oct 10)

Nicolas Waisman

Immunity Debugger v1.2 Release Nicolas Waisman (Oct 01)

Noah Meyerhans

[SECURITY] [DSA 1379-1] New openssl packages fix arbitrary code execution Noah Meyerhans (Oct 02)
[SECURITY] [DSA 1379-2] New openssl packages fix arbitrary code execution Noah Meyerhans (Oct 10)
[SECURITY] [DSA 1390-1] New t1lib packages fix arbitrary code execution Noah Meyerhans (Oct 19)
[SECURITY] [DSA 1388-3] New dhcp packages fix arbitrary code execution Noah Meyerhans (Oct 29)

[ NO REPLY ]

[Aria-Security] Stuffed Tracker Multiple Cross-Site Scripting VULN [ NO REPLY ] (Oct 04)
[Aria-Security] Stuffed Tracker Multiple Cross-Site Scripting VULN [ NO REPLY ] (Oct 06)
Viart Shopping Cart Directory Transversal Vuln [ NO REPLY ] (Oct 09)
A-Cart SQL Injection And Cross-Site Scripting [ NO REPLY ] (Oct 19)
[Aria-Security.Net] SearchSimon Lite Cross-Site Scripting Vuln. [ NO REPLY ] (Oct 20)
Aria-Security.Net [Web based alpha tabbed address book SQL Injection] [ NO REPLY ] (Oct 24)
[Aria-Security.Net] CodeWidgets.Com Online Event Registration Multiple login SQL Injection [ NO REPLY ] (Oct 24)
OSI CODES - PHP Live! Remote File Inclusion [ NO REPLY ] (Oct 24)

[No Reply]

[Aria-Security.Net] dmcms.0.7.0 SQL Injection [No Reply] (Oct 22)

Ofer Shezaf

Latest web hacking incidents Ofer Shezaf (Oct 18)
First ever ModSecurity public training at OWASP/WASC conf in SJ Ofer Shezaf (Oct 25)

Oliver Friedrichs

Research: Cybercrime and the Electoral System Oliver Friedrichs (Oct 09)

Omid

Several vulnerabilities in CMS Made Simple 1.1.3.1 Omid (Oct 10)

pand0ra

Re: SSH attacks - anyone else seen these? pand0ra (Oct 17)

Paul Craig

Cart32 Arbitrary File Download Vulnerability Paul Craig (Oct 04)

Paul Melson

RE: [Full-disclosure] Remote Desktop Command Fixation Attacks Paul Melson (Oct 11)

pdp (architect)

Remote Desktop Command Fixation Attacks pdp (architect) (Oct 10)
0day: Hacking secured CITRIX from outside pdp (architect) (Oct 10)
Re: [Full-disclosure] Remote Desktop Command Fixation Attacks pdp (architect) (Oct 11)
Re: Remote Desktop Command Fixation Attacks pdp (architect) (Oct 11)
Re: Remote Desktop Command Fixation Attacks pdp (architect) (Oct 11)
Re: Remote Desktop Command Fixation Attacks pdp (architect) (Oct 15)
Re: [Full-disclosure] Remote Desktop Command Fixation Attacks pdp (architect) (Oct 15)

pete . houston . 17187

[Vulz] Seeblick 1.0 Beta File Upload Vulz pete . houston . 17187 (Oct 23)
[Vulz] Japanese PHP Gallery Hosting File Upload Vulz pete . houston . 17187 (Oct 23)
[Vulz] eLouai's Download Script Remote File Download Vulnerability pete . houston . 17187 (Oct 23)
[Vulz] eFileMan 7.x Multiple Vulnerabilities by Xcross87 pete . houston . 17187 (Oct 23)
[Vulz] PHP Basic Multiple Vulnerabilities by Xcross87 & Alucar pete . houston . 17187 (Oct 23)
Korean GHBoard Multiple Vulnerabilities by Xcross87 pete . houston . 17187 (Oct 23)

pete.houston.17187

[Vulz] PHP Basic Multiple Vulnerabilities by Xcross87 & Alucar pete.houston.17187 (Oct 23)

Pete Simpson

RE: [Full-disclosure] Remote Desktop Command Fixation Attacks Pete Simpson (Oct 12)

Pierre-Yves Rofes

[ GLSA 200710-01 ] RPCSEC_GSS library: Buffer overflow Pierre-Yves Rofes (Oct 04)
[ GLSA 200710-06 ] OpenSSL: Multiple vulnerabilities Pierre-Yves Rofes (Oct 08)
[ GLSA 200710-05 ] QGit: Insecure temporary file creation Pierre-Yves Rofes (Oct 08)
[ GLSA 200710-09 ] NX 2.1: User-assisted execution of arbitrary code Pierre-Yves Rofes (Oct 09)
[ GLSA 200710-08 ] KOffice, KWord, KPDF, KDE Graphics Libraries: Stack-based buffer overflow Pierre-Yves Rofes (Oct 09)
[ GLSA 200710-11 ] X Font Server: Multiple Vulnerabilities Pierre-Yves Rofes (Oct 13)
[ GLSA 200710-13 ] Ampache: Multiple vulnerabilities Pierre-Yves Rofes (Oct 13)
[ GLSA 200710-14 ] DenyHosts: Denial of Service Pierre-Yves Rofes (Oct 13)
[ GLSA 200710-12 ] T1Lib: Buffer overflow Pierre-Yves Rofes (Oct 13)
[ GLSA 200710-16 ] X.Org X server: Composite local privilege escalation Pierre-Yves Rofes (Oct 15)
[ GLSA 200710-15 ] KDM: Local privilege escalation Pierre-Yves Rofes (Oct 15)
[ GLSA 200710-30 ] OpenSSL: Remote execution of arbitrary code Pierre-Yves Rofes (Oct 30)

Piotr Bania

RealNetworks RealPlayer/RealOne Player/Helix Player Remote Heap Corruption Piotr Bania (Oct 26)
RealNetworks RealPlayer/RealOne Player/Helix Player Remote Memory Corruption Piotr Bania (Oct 26)

poc2007

International Hacking & Security Conference "POC200" poc2007 (Oct 03)

Praburaajan

CFP for HITBSecConf2008 - Dubai now open Praburaajan (Oct 23)

Raphael Marichez

[ GLSA 200709-18 ] Bugzilla: Multiple vulnerabilities Raphael Marichez (Oct 01)
[ GLSA 200710-02 ] PHP: Multiple vulnerabilities Raphael Marichez (Oct 08)
[ GLSA 200710-04 ] libsndfile: Buffer overflow Raphael Marichez (Oct 08)
[ GLSA 200710-07 ] Tk: Buffer overflow Raphael Marichez (Oct 08)
[ GLSA 200710-03 ] libvorbis: Multiple vulnerabilities Raphael Marichez (Oct 08)
[ GLSA 200710-10 ] SKK Tools: Insecure temporary file creation Raphael Marichez (Oct 13)
[ GLSA 200710-17 ] Balsa: Buffer overflow Raphael Marichez (Oct 17)
[ GLSA 200710-18 ] util-linux: Local privilege escalation Raphael Marichez (Oct 18)
[ GLSA 200710-19 ] The Sleuth Kit: Integer underflow Raphael Marichez (Oct 18)
[ GLSA 200710-20 ] PDFKit, ImageKits: Buffer overflow Raphael Marichez (Oct 19)
[ GLSA 200710-21 ] TikiWiki: Arbitrary command execution Raphael Marichez (Oct 22)
[ GLSA 200710-22 ] TRAMP: Insecure temporary file creation Raphael Marichez (Oct 22)
[ GLSA 200710-23 ] Star: Directory traversal vulnerability Raphael Marichez (Oct 22)
[ GLSA 200710-24 ] OpenOffice.org: Heap-based buffer overflow Raphael Marichez (Oct 23)
[ GLSA 200710-25 ] MLDonkey: Privilege escalation Raphael Marichez (Oct 24)
[ GLSA 200710-26 ] HPLIP: Privilege escalation Raphael Marichez (Oct 25)
[ GLSA 200710-27 ] ImageMagick: Multiple vulnerabilities Raphael Marichez (Oct 25)
[ GLSA 200710-29 ] Sylpheed, Claws Mail: User-assisted remote execution of arbitrary code Raphael Marichez (Oct 25)
[ GLSA 200710-28 ] Qt: Buffer overflow Raphael Marichez (Oct 25)
[ GLSA 200710-31 ] Opera: Multiple vulnerabilities Raphael Marichez (Oct 30)

research

SYMSA-2007-010: Microsoft ActiveSync 4.x Weak Password Obfuscation research (Oct 16)
SYMSA-2007-011: Microsoft WM5 PocketPC Phone Ed SMS Handler Issue research (Oct 17)
SYMSA-2007-012: Microsoft Windows CE IGMP Denial of Service research (Oct 23)
SYMSA-2007-013: Lotus Notes Memory Mapped Files Vulnerability research (Oct 23)

Reversemode

Microsoft Windows XP/2003 Macrovision SecDrv.sys privilege escalation (0day) Reversemode (Oct 18)
[CORRECTED] Microsoft Windows XP SP2/2003 - Macrovision SecDrv.sys privilege escalation (0day) Reversemode (Oct 18)

RISE Security

[RISE-2007003] Firebird Relational Database Multiple Buffer Overflow Vulnerabilities RISE Security (Oct 04)
[RISE-2007002] Borland InterBase Multiple Buffer Overflow Vulnerabilities RISE Security (Oct 04)

Roger A. Grimes

RE: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype Roger A. Grimes (Oct 05)
RE: Re[2]: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype Roger A. Grimes (Oct 09)
RE: playing for fun with <=IE7 Roger A. Grimes (Oct 15)

Roman Medina-Heigl Hernandez

Re: Cisco PSIRT response on IRM Demonstrates Multiple Cisco IOS Exploitation Techniques Roman Medina-Heigl Hernandez (Oct 12)

rPath Update Announcements

rPSA-2007-0203-1 rmake rmake-proxy rmake-repos rPath Update Announcements (Oct 03)
rPSA-2007-0204-1 qt-x11-free rPath Update Announcements (Oct 03)
rPSA-2007-0205-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs rPath Update Announcements (Oct 03)
rPSA-2007-0206-1 openssl openssl-scripts rPath Update Announcements (Oct 03)
rPSA-2007-0209-1 elinks rPath Update Announcements (Oct 05)
rPSA-2007-0210-1 xen rPath Update Announcements (Oct 09)
rPSA-2007-0212-1 util-linux rPath Update Announcements (Oct 09)
rPSA-2007-0214-1 initscripts rPath Update Announcements (Oct 11)
rPSA-2007-0219-1 libpng rPath Update Announcements (Oct 18)
rPSA-2007-0220-1 ImageMagick rPath Update Announcements (Oct 19)
rPSA-2007-0222-1 cpio tar rPath Update Announcements (Oct 24)
rPSA-2007-0221-1 php php-mysql php-pgsql rPath Update Announcements (Oct 25)
rPSA-2007-0225-1 firefox rPath Update Announcements (Oct 26)
rPSA-2007-0225-2 firefox thunderbird rPath Update Announcements (Oct 29)
rPSA-2007-0227-1 cups rPath Update Announcements (Oct 31)

S21sec Labs

S21SEC-037-en: OPAL SIP Protocol Remote Denial of Service S21sec Labs (Oct 11)
S21SEC-038-en: Alcatel Omnivista 4760 Cross-Site Scripting S21sec Labs (Oct 18)

sathyakrishnadas

Re: BIND 8 EOL and BIND 8 DNS Cache Poisoning (Amit Klein, Trusteer) sathyakrishnadas (Oct 03)

saw_xyz

VImpX ActiveX (VImpX.ocx v. 4.7.3.0) Remote saw_xyz (Oct 13)

sean

Re: Joomla! swMenuFree 4.6 Component Remote File Include sean (Oct 12)

Secunia Research

Secunia Research: IrfanView Palette File Importing Buffer Overflow Vulnerability Secunia Research (Oct 16)
Secunia Research: IBM Tivoli Storage Manager Client CAD Service Script Insertion Secunia Research (Oct 29)
Secunia Research: IPSwitch IMail Server IMail Client Buffer Overflow Secunia Research (Oct 30)
Secunia Research: CUPS IPP Tags Memory Corruption Vulnerability Secunia Research (Oct 31)
Secunia Research: McAfee E-Business Server Auth Packet Handling Buffer Overflow Secunia Research (Oct 31)

security

[ MDKSA-2007:191 ] - Updated libsndfile packages fix vulnerability security (Oct 01)
[ MDKSA-2007:192 ] - Updated mplayer packages fix vulnerability security (Oct 02)
[ MDKSA-2007:193 ] - Updated openssl packages fix vulnerabilities security (Oct 05)
CMS Creamotion - Remote File inclusion security (Oct 06)
idmos-phoenix cms Remote File inclusion security (Oct 06)
Else If cms Multiple Remote vulnerabilities security (Oct 06)
TorrentTrader Classic Mutiple Remote vulnerabilities security (Oct 08)
[ MDKSA-2007:194 ] - Updated libvorbis packages fix vulnerabilities security (Oct 11)
[ MDKSA-2007:198 ] - Updated util-linux packages fix vulnerability security (Oct 16)
[ MDKSA-2007:196 ] - Updated kernel packages fix multiple vulnerabilities and bugs security (Oct 16)
[ MDKSA-2007:197 ] - Updated tar packages prevent buffer overflow security (Oct 16)
[ MDKSA-2007:195 ] - Updated kernel packages fix multiple vulnerabilities and bugs security (Oct 16)
[ MDKSA-2007:199 ] - Updated phpMyAdmin packages fix multiple vulnerabilities security (Oct 17)
[ MDKSA-2007:200 ] - Updated tk packages fix vulnerabilities security (Oct 18)
[ MDKSA-2007:201 ] - Updated hplip packages fix vulnerabilities security (Oct 23)
[ MDKSA-2007:202 ] - Updated Firefox packages fix multiple vulnerabilities security (Oct 23)

security-alert

[security bulletin] HPSBUX02262 SSRT071447 rev. 1 - HP-UX running Apache, Remote Arbitrary Code Execution, Cross Site Scripting (XSS) security-alert (Oct 09)
[security bulletin] HPSBUX01137 SSRT5954 rev.11 - HP-UX Running TCP/IP (IPv4), Remote Denial of Service (DoS) security-alert (Oct 09)
[security bulletin] HPSBUX02181 SSRT061289 rev.3 - HP-UX Running IPFilter, Remote Denial of Service (DoS) security-alert (Oct 09)
[security bulletin] HPSBMA02274 SSRT071445 rev.1 - HP System Management Homepage (SMH) for HP-UX, Remote Cross Site Scripting (XSS) security-alert (Oct 09)
[security bulletin] HPSBMA02275 SSRT071445 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Cross Site Scripting (XSS) security-alert (Oct 09)
[security bulletin] HPSBUX02273 SSRT071476 rev. 1 - HP-UX running Apache, Remote Unauthorized Denial of Service (DoS) security-alert (Oct 11)
[security bulletin] HPSBMA02230 SSRT071436 rev.1 - HP Select Identity, Remote Unauthorized Access security-alert (Oct 11)
[security bulletin] HPSBMA02230 SSRT071436 rev.2 - HP Select Identity, Remote Unauthorized Access security-alert (Oct 16)
[security bulletin] HPSBST02280 SSRT071480 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS07-055 to MS07-060 security-alert (Oct 16)
[security bulletin] HPSBTU02276 SSRT071472 rev.1 - HP Tru64 UNIX Running Apache Tomcat, Remote Unauthorized Access, Remote Denial of Service (DoS) security-alert (Oct 16)
[security bulletin] HPSBUX02277 SSRT071453 rev.1 - HP-UX Running OpenSSL, Local Denial of Service (DoS) security-alert (Oct 16)
[security bulletin] HPSBUX02273 SSRT071476 rev.2 - HP-UX Running Apache, Remote Unauthorized Denial of Service (DoS) security-alert (Oct 18)
[security bulletin] HPSBMA02274 SSRT071445 rev.2 - HP System Management Homepage (SMH) for HP-UX, Remote Cross Site Scripting (XSS) security-alert (Oct 18)
HPSBMA02279 SSRT071298 rev.1 - HP OpenView Configuration Management (CM) Infrastructure (Radia) and Client Configuration Manager (CCM) Running httpd.tkd, Remote Unauthorized Access to Data security-alert (Oct 24)
HPSBMA02133 SSRT061201 rev.6 - HP Oracle for OpenView (OfO) Critical Patch Update security-alert (Oct 25)
[security bulletin] HPSBMA02236 SSRT061260 rev.2 - HP OpenView Performance Manager (OVPM) Running Shared Trace Service on HP-UX, Solaris, and Windows, Remote Arbitrary Code Execution security-alert (Oct 31)
[security bulletin] HPSBMA02237 SSRT061260 rev.2 - HP OpenView Performance Agent (OVPA) Running Shared Trace Service, Remote Arbitrary Code Execution security-alert (Oct 31)
[security bulletin] HPSBMA02238 SSRT061260 rev.2 - HP OpenView Reporter Running Shared Trace Service, Remote Arbitrary Code Execution security-alert (Oct 31)

securityresearch

SAXON version 5.4 Multiple Path Disclosure Vulnerabilities securityresearch (Oct 29)
SAXON version 5.4 XSS Attack Vulnerability securityresearch (Oct 29)
SAXON version 5.4 SQL Injection Vulnerability securityresearch (Oct 29)

sekuru

ReloadCMS Vulnerable sekuru (Oct 20)

Seth Fogie

Airscanner Mobile Security Advisory #07101401: Mobile-spy Victim/User Phone/SMS/URL Log Spoofing and Persistent XSS Injection Seth Fogie (Oct 23)

Shadow

[PoC] DNS Recursion bandwidth amplification Shadow (Oct 25)

Shane Kerr

Re: Comments re ISC's announcement on bind9 security Shane Kerr (Oct 31)

skienlab

Airkiosk/formlib application is XSS vuln skienlab (Oct 30)

snagg

Re: OpenSSL SSL_get_shared_ciphers() off-by-one buffer overflow snagg (Oct 01)

sottwell

Re: Vulnerabilities sottwell (Oct 11)

Stefan Esser

Advisory SE-2007-01: TikiWiki Remote PHP Code Evaluation Vulnerability Stefan Esser (Oct 29)

Stefan Kanthak

Windows binary of "GSview 4.8" contain vulnerable zlib (CAN-2005-2096) Stefan Kanthak (Oct 18)
Softwin's anti-virus BitDefender contains vulnerable zlib (CA-2007-07) Stefan Kanthak (Oct 18)
Official Windows binaries of "curl" contain vulnerable zlib 1.2.2 (CAN-2005-2096) Stefan Kanthak (Oct 18)
Re: Windows binary of "GSview 4.8" contain vulnerable zlib (CAN-2005-2096) Stefan Kanthak (Oct 22)
Windows binary of "Virtual Floppy Drive 2.1" contains vulnerable zlib (CAN-2005-2096) Stefan Kanthak (Oct 29)
Re: Windows binary of "GSview 4.8" contain vulnerable zlib (CAN-2005-2096) Stefan Kanthak (Oct 29)

Stefano Zanero

DeepSec 2007 Registration: hurry up, seats are filling fast Stefano Zanero (Oct 30)

Steffan Baron

Re: [gentoo-announce] [ GLSA 200710-30 ] OpenSSL: Remote execution of arbitrary code Steffan Baron (Oct 31)

Steve Kemp

[SECURITY] [DSA 1380-1] New elinks packages fix information disclosure Steve Kemp (Oct 03)
[SECURITY] [DSA 1379-1] New quagga packages fix denial of service Steve Kemp (Oct 03)
[SECURITY] [DSA 1384-1] New xen-utils packages fix several vulnerabilities Steve Kemp (Oct 05)
[SECURITY] [DSA 1362-2] New lighttpd packages fix buffer overflow Steve Kemp (Oct 08)
[SECURITY] [DSA 1388-1] New dhcp packages fix arbitrary code execution Steve Kemp (Oct 18)
[SECURITY] [DSA 1393-1] New xfce4-terminal packages fix arbitrary command execution Steve Kemp (Oct 23)
[SECURITY] [DSA 1372-2] New ktorrent packages fix directory traversal Steve Kemp (Oct 23)
[SECURITY] [DSA 1395-1] New xen-utils packages fix file truncation Steve Kemp (Oct 25)

Steven M. Christey

URI handling as the harbinger of interaction errors Steven M. Christey (Oct 11)

Steve Shockley

Re: Remote Desktop Command Fixation Attacks Steve Shockley (Oct 10)

str0ke

Re: phpBB Mod OpenID 0.2.0 BBStore.php Remote File Inclusion str0ke (Oct 01)

support

Regarding vulnerability in ViArt Shop support (Oct 10)

Taylor, Gord

FW: [Dailydave] Canada's Response to Black Hat - SecTor 2007 Taylor, Gord (Oct 16)

Team SHATTER

Team SHATTER Alert: Oracle Database Buffer overflow vulnerability in function MDSYS.SDO_CS.TRANSFORM Team SHATTER (Oct 29)
Team SHATTER Alert: Oracle Database Buffer overflow vulnerability in procedure DBMS_AQADM_SYS.DBLINK_INFO Team SHATTER (Oct 29)

test

Re: Novell OpenSUSE SWAMP multiple XSS test (Oct 26)

th3 . r00k . spammenot

Simple Machines Forum multiple sql injection flaws with exploit code. th3 . r00k . spammenot (Oct 20)

thabob

Firefox / IE6 crash on javascript nested loops thabob (Oct 30)

The Asterisk Development Team

AST-2007-022: Buffer overflows in voicemail when using IMAP storage The Asterisk Development Team (Oct 10)

Thierry Zoller

Re[2]: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype Thierry Zoller (Oct 06)
Re[2]: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype Thierry Zoller (Oct 06)
Re[2]: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape,Miranda, Skype Thierry Zoller (Oct 06)
Re[2]: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype Thierry Zoller (Oct 09)
The Death of Defence in Depth ? - An invitation to Hack.lu Thierry Zoller (Oct 09)
Re[2]: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype Thierry Zoller (Oct 11)
Re: URI handling woes in Acrobat Reader, Netscape,Miranda, Skype Thierry Zoller (Oct 11)
Re[2]: [Full-disclosure] The Death of Defence in Depth ? - An invitation to Hack.lu Thierry Zoller (Oct 18)

Thijs Kinkhorst

[SECURITY] [DSA 1383-1] New gforge packages fix cross-site scripting Thijs Kinkhorst (Oct 05)
[SECURITY] [DSA 1394-1] New reprepro packages fix authentication bypass Thijs Kinkhorst (Oct 23)
[SECURITY] [DSA 1389-2] New zoph packages fix SQL injection Thijs Kinkhorst (Oct 25)

Thomas

Re: Ruby Net::HTTPS library does not validate server certificate CN Thomas (Oct 03)

Thor (Hammer of God)

RE: Remote Desktop Command Fixation Attacks Thor (Hammer of God) (Oct 10)
RE: Remote Desktop Command Fixation Attacks Thor (Hammer of God) (Oct 12)

Tim

SSH attacks - anyone else seen these? Tim (Oct 16)
Re: SSH attacks - anyone else seen these? Tim (Oct 18)

Tim Brown

SSHatter 0.6 Tim Brown (Oct 06)
Serious holes affecting SiteBar 3.3.8 Tim Brown (Oct 18)

Todd Manning

October Microsoft Tuesday Todd Manning (Oct 11)

Tony Reusser

RE: CheckPoint Secure Platform Multiple Buffer Overflows Tony Reusser (Oct 03)

TSRT

TPTI-07-16: CA BrightStor Hierarchical Storage Manager Buffer Overflow Vulnerabilities TSRT (Oct 02)
TPTI-07-17: CA BrightStor Hierarchical Storage Manager SQL Injection Vulnerabilities TSRT (Oct 02)
TPTI-07-18: EMC RepliStor Server Heap Overflow Vulnerability TSRT (Oct 10)

Valdis . Kletnieks

Re: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype Valdis . Kletnieks (Oct 09)

Victor Brilon

Re: Vulnerabilities Victor Brilon (Oct 11)

vinodsharma . mimit

Re: Re: file upload vulnerability in joomla media component vinodsharma . mimit (Oct 05)

vulnerabilityresearch

DDIVRT-2007-05 NetSupport Manager Client Buffer Overflow vulnerabilityresearch (Oct 04)

vulnpost-remove

[vuln.sg] IBM Lotus Notes Attachment Viewer Buffer Overflow Vulnerabilities vulnpost-remove (Oct 23)

weak

Re: Two buffer-overflow in FSD V2.052 d9 and FSFDT V3.000 d9[EXPLOIT] weak (Oct 04)

Williams, James K

[CAID 35724, 35725, 35726]: CA BrightStor ARCserve Backup Multiple Vulnerabilities Williams, James K (Oct 11)
[CAID 35754]: CA Host-Based Intrusion Prevention System (CA HIPS) Server Vulnerability Williams, James K (Oct 19)

xoxland

Vulnerabilities xoxland (Oct 09)

zdi-disclosures

ZDI-07-055: Microsoft Windows DCERPC Authentication Denial of Service Vulnerability zdi-disclosures (Oct 10)
ZDI-07-056: IBM DB2 DB2JDS Multiple Vulnerabilities zdi-disclosures (Oct 10)
ZDI-07-057: Firebird process_packet() Remote Stack Overflow Vulnerability zdi-disclosures (Oct 11)
Previous period Next period
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]