Bugtraq: by thread

[ GLSA 200807-16 ] Python: Multiple vulnerabilities Robert Buchholz (Jul 31 2008)
CA ARCserve Backup for Laptops and Desktops Server LGServer Service Vulnerability Williams, James K (Aug 01 2008)
libxslt heap overflow chris_at_scary.beasts.org (Jul 31 2008)
[CVE-2008-2370] Apache Tomcat information disclosure vulnerability Mark Thomas (Aug 01 2008)
[SECURITY] [DSA 1625-1] New cupsys packages fix arbitrary code execution Thijs Kinkhorst (Aug 01 2008)
[SECURITY] [DSA 1626-1] New httrack packages fix arbitrary code execution Thijs Kinkhorst (Aug 01 2008)
[CVE-2008-1232] Apache Tomcat XSS vulnerability Mark Thomas (Aug 01 2008)
[USN-634-1] OpenLDAP vulnerability Kees Cook (Aug 01 2008)
eVision 2.0 Sql Injection/Remote File Disclosure/Remote File Upload/IG r3d.w0rm_at_yahoo.com (Aug 01 2008)
DNS Multiple Race Exploiting Tool AR (Aug 01 2008)
[USN-633-1] libxslt vulnerabilities Kees Cook (Aug 01 2008)
[USN-632-1] Python vulnerabilities Kees Cook (Aug 01 2008)
iDefense Security Advisory 07.31.08: Apple Mac OS X CoreGraphics PDF Type1 Font Integer Overflow Vulnerability iDefense Labs (Aug 01 2008)
n.runs-SA-2008.005 - Apple Inc. - CoreServices Framework’s CarbonCore Framework - Arbitrary Code Execution (remote) security_at_nruns.com (Aug 01 2008)
Re: how to request a cve id? William A. Rowe, Jr. (Aug 01 2008)
Re: Windows Vista Power Management & Local Security Policy William A. Rowe, Jr. (Aug 01 2008)
[ MDVSA-2008:160 ] libxslt security_at_mandriva.com (Aug 01 2008)
file upload exploit win32.exe_at_w.cn (Aug 01 2008)
iDefense Security Advisory 08.01.08: Ingres Database for Linux verifydb Insecure File Permissions Modification Vulnerability iDefense Labs (Aug 01 2008)
iDefense Security Advisory 08.01.08: Ingres Database for Linux libbecompat Stack Based Buffer Overflow Vulnerability iDefense Labs (Aug 01 2008)
iDefense Security Advisory 08.01.08: Ingres Database for Linux ingvalidpw Untrusted Library Path Vulnerability iDefense Labs (Aug 01 2008)
Pligg Auto-Voter Using XSS to Bypass CSRF Protection michaelbrooks_at_rooksecurity.com (Aug 01 2008)
Homes 4 Sale Remote XSS Vulnerabilitiy Ghost hacker (Aug 02 2008)
Server termination in America's Army 2.8.3.1 Luigi Auriemma (Aug 02 2008)
Keld: PHP-MySQL News Script 0.7.1 Remote SQL injection Vulnerability crimson.loyd_at_gmail.com (Aug 03 2008)
TGS CMS Remote Code Execution Exploit 0in.email_at_gmail.com (Aug 03 2008)
- Re: TGS CMS Remote Code Execution Exploit lcat (Aug 11 2008)
[SECURITY] [DSA 1627-1] New opensc packages fix smart card vulnerability Thijs Kinkhorst (Aug 04 2008)
UNAK-CMS Lfi r3d.w0rm_at_yahoo.com (Aug 03 2008)
[USN-626-2] Devhelp, Epiphany, Midbrowser and Yelp update Jamie Strandboge (Aug 04 2008)
Team SHATTER Security Advisory: SQL Injection in Oracle Application Server (WWEXP_API_ENGINE) Team SHATTER (Aug 04 2008)
Team SHATTER Security Advisory: Cross-site scripting in Oracle Enterprise Manager (REFRESHCHOICE Parameter) Team SHATTER (Aug 04 2008)
Team SHATTER Security Advisory: SQL Injection in Oracle Database (DBMS_DEFER_SYS.DELETE_TRAN) Team SHATTER (Aug 04 2008)
- Re: Team SHATTER Security Advisory: SQL Injection in Oracle Database (DBMS_DEFER_SYS.DELETE_TRAN) Team SHATTER (Aug 11 2008)
CORE-2008-0716 - Sun xVM VirtualBox Privilege Escalation Vulnerability CORE Security Technologies Advisories (Aug 04 2008)
Xampp Linux 1.6.7 Multiple Cross Site Scripting Vulnerabilities irancrash_at_gmail.com (Aug 04 2008)
8e6 Technologies R3000 Internet Filter Bypass with Host Decoy nnposter_at_disclosed.not (Aug 05 2008)
- Re: 8e6 Technologies R3000 Internet Filter Bypass with Host Decoy jyoung01_at_americafirst.com (Aug 05 2008)
Plogger <= 3.0 SQL Injection GulfTech Security Research (Aug 05 2008)
IGES CMS <=2.0 Multiple Vulnerabilities admin_at_bugreport.ir (Aug 05 2008)
Pluck 4.5.2 Multiple Cross Site Scripting Vulnerabilities irancrash_at_gmail.com (Aug 04 2008)
[ GLSA 200808-01 ] xine-lib: User-assisted execution of arbitrary code Robert Buchholz (Aug 05 2008)
[ GLSA 200808-02 ] Net-SNMP: Multiple vulnerabilities Robert Buchholz (Aug 05 2008)
[ GLSA 200808-03 ] Mozilla products: Multiple vulnerabilities Robert Buchholz (Aug 05 2008)
[ GLSA 200808-04 ] Wireshark: Denial of Service Robert Buchholz (Aug 05 2008)
rPSA-2008-0245-1 cups rPath Update Announcements (Aug 05 2008)
rPSA-2008-0246-1 gaim rPath Update Announcements (Aug 05 2008)
PHP-NUKE module Kleinanzeigen SQL injection (lid) lovebug_at_hotmail.it (Aug 05 2008)
MyClan Sql Injection r3d.w0rm_at_yahoo.com (Aug 05 2008)
Interesting things at sec-consult.com, DNS-whitepaper available tomorrow Bernhard Mueller (Aug 05 2008)
CA Products That Embed Ingres Multiple Vulnerabilities Williams, James K (Aug 06 2008)
Google Notebook and Google Bookmarks Cross Site Scripting Vulnerabilities alfredo.melloni_at_gmail.com (Aug 06 2008)
Apache HTTP Server mod_proxy_ftp Wildcard Characters Cross-Site Scripting marc_bevand_at_rapid7.com (Aug 06 2008)
[ GLSA 200808-05 ] ISC DHCP: Denial of Service Tobias Heinlein (Aug 06 2008)
[USN-635-1] xine-lib vulnerabilities Jamie Strandboge (Aug 06 2008)
[ GLSA 200808-06 ] libxslt: Execution of arbitrary code Tobias Heinlein (Aug 06 2008)
[security bulletin] HPSBUX02351 SSRT080058 rev.3 - HP-UX Running BIND, Remote DNS Cache Poisoning security-alert_at_hp.com (Aug 06 2008)
[security bulletin] HPSBUX02355 SSRT080023 rev.1 - HP-UX Using libc, Remote Denial of Service (DoS) security-alert_at_hp.com (Aug 06 2008)
OpenVMS fingerd remote stack overflow Shaun Colley (Aug 06 2008)
- Re: OpenVMS fingerd remote stack overflow Alexander Sotirov (Aug 07 2008)
  - Re: OpenVMS fingerd remote stack overflow Tim Newsham (Aug 08 2008)
- Re: OpenVMS fingerd remote stack overflow Kevin Finisterre (lists) (Aug 07 2008)
- Re: OpenVMS fingerd remote stack overflow mlbugtraq_at_noci.xs4all.nl (Aug 07 2008)
Endless loop and resources consumption in Halo 1.0.7.0615 Luigi Auriemma (Aug 06 2008)
Re: [Full-disclosure] [funsec] facebook messages worm Juha-Matti Laurio (Aug 06 2008)
- Re: [funsec] facebook messages worm Gadi Evron (Aug 06 2008)
facebook messages worm Gadi Evron (Aug 06 2008)
- Re: [funsec] facebook messages worm Gadi Evron (Aug 06 2008)
  - Re: [funsec] facebook messages worm Juha-Matti Laurio (Aug 08 2008)
- Re: [funsec] facebook messages worm Gadi Evron (Aug 06 2008)
Whitepaper: DNS zone redelegation Bernhard Mueller (Aug 07 2008)
[SE-2008-01] J2ME Security Vulnerabilities 2008 Security Explorations (Aug 07 2008)
- Re: [SE-2008-01] J2ME Security Vulnerabilities 2008 0xjbrown41_at_gmail.com (Aug 07 2008)
  - Re: Re: [SE-2008-01] J2ME Security Vulnerabilities 2008 0xjbrown41_at_gmail.com (Aug 07 2008)
- re: [SE-2008-01] J2ME Security Vulnerabilities 2008 Security Explorations (Aug 07 2008)
e107 <= 0.7.11 Arbitrary Variable Overwriting GulfTech Security Research (Aug 07 2008)
[ MDVSA-2008:161 ] rxvt security_at_mandriva.com (Aug 07 2008)
[ MDVSA-2008:162 ] qemu security_at_mandriva.com (Aug 07 2008)
[ MDVSA-2008:163 ] python security_at_mandriva.com (Aug 07 2008)
[ MDVSA-2008:164 ] python security_at_mandriva.com (Aug 07 2008)
OpenID/Debian PRNG/DNS Cache poisoning advisory Ben Laurie (Aug 08 2008)
- Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Eric Rescorla (Aug 08 2008)
  - RE: OpenID/Debian PRNG/DNS Cache poisoning advisory Dave Korn (Aug 08 2008)
    - Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Eric Rescorla (Aug 08 2008)
      - Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Ben Laurie (Aug 08 2008)
      - Re: [OpenID] OpenID/Debian PRNG/DNS Cache poisoning advisory Dick Hardt (Aug 08 2008)
      - Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Perry E. Metzger (Aug 08 2008)
      - Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Nicolas Williams (Aug 08 2008)
      - Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Paul Hoffman (Aug 08 2008)
      - Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Nicolas Williams (Aug 08 2008)
      - RE: OpenID/Debian PRNG/DNS Cache poisoning advisory Dave Korn (Aug 08 2008)
      - Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Peter Gutmann (Aug 08 2008)
      - Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Dan Kaminsky (Aug 08 2008)
      - Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Eric Rescorla (Aug 08 2008)
      - Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Nicolas Williams (Aug 08 2008)
      - Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Leichter, Jerry (Aug 08 2008)
      - Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Eric Rescorla (Aug 08 2008)
      - Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Forrest J. Cavalier III (Aug 08 2008)
      - Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Leichter, Jerry (Aug 08 2008)
      - key blacklisting & file size (was: OpenID/Debian PRNG/DNS Cache poisoning advisory) Solar Designer (Aug 08 2008)
      - Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Florian Weimer (Aug 08 2008)
      - Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Stefan Kanthak (Aug 08 2008)
      - Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Tim Dierks (Aug 08 2008)
    - RE: OpenID/Debian PRNG/DNS Cache poisoning advisory Leichter, Jerry (Aug 08 2008)
  - RE: OpenID/Debian PRNG/DNS Cache poisoning advisory Clausen, Martin (DK - Copenhagen) (Aug 12 2008)
    - Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Ben Laurie (Aug 12 2008)
    - Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Ben Laurie (Aug 12 2008)
- Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Ben Laurie (Aug 08 2008)
- Re: OpenID/Debian PRNG/DNS Cache poisoning advisory \ (Aug 08 2008)
  - Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Ben Laurie (Aug 09 2008)
[AJECT] NoticeWare IMAP Email Server 4.6.2 DoS vulnerability Jo�o Antunes (Aug 08 2008)
Re: [OpenID] OpenID/Debian PRNG/DNS Cache poisoning advisory Gerald Beuchelt (Aug 08 2008)
- Re: [OpenID] OpenID/Debian PRNG/DNS Cache poisoning advisory Ben Laurie (Aug 08 2008)
- Re: [OpenID] OpenID/Debian PRNG/DNS Cache poisoning advisory Ben Laurie (Aug 08 2008)
[AJECT] WinGate Email Server (IMAP) vulnerability Jo�o Antunes (Aug 08 2008)
Vim: Unfixed Vulnerabilities in Tar Plugin Version 20 Jan Minář (Aug 08 2008)
[ GLSA 200808-07 ] ClamAV: Multiple Denials of Service Raphael Marichez (Aug 08 2008)
[ GLSA 200808-08 ] stunnel: Security bypass Raphael Marichez (Aug 08 2008)
[DSECRG-08-035] Local File Include Vulnerability in Gallery 1.5.7, 1.6-alpha3 Digital Security Research Group [DSecRG] (Aug 08 2008)
- Re: [DSECRG-08-035] Local File Include Vulnerability in Gallery 1.5.7, 1.6-alpha3 o_0.iahumeil_at_yahoo.com (Aug 10 2008)
[ GLSA 200808-09 ] OpenLDAP: Denial of Service vulnerability Raphael Marichez (Aug 08 2008)
New paper: An Illustrated Guide to the Kaminsky DNS Vulnerability Steve Friedl (Aug 08 2008)
[security bulletin] HPSBUX02351 SSRT080058 rev.4 - HP-UX Running BIND, Remote DNS Cache Poisoning security-alert_at_hp.com (Aug 09 2008)
Kayako SupportSuite < 3.30.00 Multiple Vulnerabilities GulfTech Security Research (Aug 09 2008)
[ GLSA 200808-10 ] Adobe Reader: User-assisted execution of arbitrary code Robert Buchholz (Aug 09 2008)
Ovidentia Sql Injection r3d.w0rm_at_yahoo.com (Aug 09 2008)
[SECURITY] [DSA 1627-1] New PowerDNS packages reduce DNS spoofing risk Florian Weimer (Aug 10 2008)
K-Links Directory Blind SQL Injection Exploit hadihadi_zedehal_2006_at_yahoo.com (Aug 10 2008)
rPSA-2008-0249-1 openldap openldap-clients openldap-servers rPath Update Announcements (Aug 11 2008)
[ GLSA 200808-11 ] UUDeview: Insecure temporary file creation Pierre-Yves Rofes (Aug 11 2008)
rPSA-2008-0247-1 gvim vim vim-minimal rPath Update Announcements (Aug 11 2008)
Apache Tomcat <= 6.0.18 UTF8 Directory Traversal Vulnerability emericboit_at_yahoo.fr (Aug 11 2008)
Layered Defense Research Advisory: Alcatel-Lucent OmniSwitch products, Stack Buffer Overflow dh_at_layereddefense.com (Aug 11 2008)
iDefense Security Advisory 08.04.08: Solaris snoop SMB Decoding Multiple Format String Vulnerabilities iDefense Labs (Aug 12 2008)
[AJECT] hMailServer 4.4.1 DoS vulnerability Jo�o Antunes (Aug 12 2008)
iDefense Security Advisory 08.04.08: Solaris snoop SMB Decoding Multiple Stack Buffer Overflow Vulnerabilities iDefense Labs (Aug 12 2008)
Internet attacks against Georgian web sites Gadi Evron (Aug 10 2008)
VMSA-2008-0013 Updated ESX packages for OpenSSL, net-snmp, perl VMware Security Team (Aug 12 2008)
VMSA-2008-0012 Updated VirtualCenter addresses User Account Disclosure Vulnerability VMware Security Team (Aug 12 2008)
rPSA-2008-0253-1 git gitweb rPath Update Announcements (Aug 12 2008)
CA Host-Based Intrusion Prevention System SDK kmxfw.sys Multiple Vulnerabilities Williams, James K (Aug 12 2008)
Re: [funsec] Internet attacks against Georgian web sites Paul Ferguson (Aug 10 2008)
- Re: [funsec] Internet attacks against Georgian web sites Paul Ferguson (Aug 11 2008)
Surf Jack - HTTPS will not save you lists_at_enablesecurity.com (Aug 11 2008)
[security bulletin] HPSBUX02356 SSRT080051 rev.1 - HP-UX Running ftpd, Remote Privileged Access security-alert_at_hp.com (Aug 12 2008)
ZDI-08-048: Microsoft Excel COUNTRY Record Memory Corruption Vulnerability zdi-disclosures_at_3com.com (Aug 12 2008)
ZDI-08-051: Microsoft Internet Explorer Table Layout Memory Corruption Vulnerability zdi-disclosures_at_3COM.COM (Aug 12 2008)
ZDI-08-049: Microsoft Windows Graphics Rendering Engine PICT Heap Corruption zdi-disclosures_at_3com.com (Aug 12 2008)
iDefense Security Advisory 08.12.08: Microsoft Office BMP Input Filter Heap Overflow Vulnerability iDefense Labs (Aug 12 2008)
[ MDVSA-2008:167 ] kernel security_at_mandriva.com (Aug 12 2008)
ZDI-08-050: Microsoft Internet Explorer XHTML Rendering Memory Corruption Vulnerability zdi-disclosures_at_3Com.com (Aug 12 2008)
[ MDVSA-2008:166 ] clamav security_at_mandriva.com (Aug 12 2008)
Vim: Netrw: FTP User Name and Password Disclosure Jan Minář (Aug 12 2008)
- Re: Vim: Netrw: FTP User Name and Password Disclosure Tony Mechelynck (Aug 12 2008)
iDefense Security Advisory 08.12.08: Microsoft Office WPG Image File Heap Buffer Overflow Vulnerability iDefense Labs (Aug 12 2008)
[TKADV2008-006] CA HIPS KmxFw.sys Kernel Memory Corruption Tobias Klein (Aug 12 2008)
iDefense Security Advisory 08.12.08: Microsoft PowerPoint Viewer 2003 Out of Bounds Array Index Vulnerability iDefense Labs (Aug 12 2008)
iDefense Security Advisory 08.12.08: Microsoft PowerPoint Viewer 2003 Cstring Integer Overflow Vulnerability iDefense Labs (Aug 12 2008)
iDefense Security Advisory 08.12.08: Microsoft Excel Chart AxesSet Invalid Array Index Vulnerability iDefense Labs (Aug 12 2008)
iDefense Security Advisory 08.12.08: Microsoft Excel FORMAT Record Invalid Array Index Vulnerability iDefense Labs (Aug 12 2008)
iDefense Security Advisory 08.12.08: Microsoft Windows Color Management Module Heap Buffer Overflow Vulnerability iDefense Labs (Aug 12 2008)
rPSA-2008-0243-1 idle python rPath Update Announcements (Aug 13 2008)
Vim 7.2c.002 Fixes Arbitrary Command Execution when Handling Tar Archives Jan Minář (Aug 13 2008)
NULL pointer in Ventrilo 3.0.2 Luigi Auriemma (Aug 13 2008)
[security bulletin] HPSBTU02358 SSRT080058 rev.1 - HP Tru64 UNIX running BIND, Remote DNS Cache Poisoning security-alert_at_hp.com (Aug 13 2008)
CORE-2008-0103: Internet Explorer Zone Elevation Restrictions Bypass and Security Zone Restrictions Bypass CORE Security Technologies Advisories (Aug 13 2008)
[ MDVSA-2008:170 ] cups security_at_mandriva.com (Aug 13 2008)
Microsoft Windows Messenger Remote Illegal Access Vulnerability cocoruder (Aug 13 2008)
[ MDVSA-2008:168 ] stunnel security_at_mandriva.com (Aug 13 2008)
[security bulletin] HPSBOV02357 SSRT080058 rev.1 - HP OpenVMS TCP/IP Services running BIND, Remote DNS Cache Poisoning security-alert_at_hp.com (Aug 14 2008)
[ MDVSA-2008:169 ] hplip security_at_mandriva.com (Aug 13 2008)
Postfix local privilege escalation via hardlinked symlinks Wietse Venema (Aug 14 2008)
SYM08-015_SFW_SecurityUpdateBypass Mike Prosser (Aug 14 2008)
ZDI-08-053: Symantec Veritas Storage Foundation Scheduler Service NULL Session Authentication Bypass Vulnerability zdi-disclosures_at_3com.com (Aug 14 2008)
Security Assessment of the Internet Protocol Fernando Gont (Aug 14 2008)
rPSA-2008-0255-1 freetype rPath Update Announcements (Aug 14 2008)
[ GLSA 200808-12 ] Postfix: Local privilege escalation vulnerability Raphael Marichez (Aug 14 2008)
Cisco Security Advisory: Vulnerability in Cisco WebEx Meeting Manager ActiveX Control Cisco Systems Product Security Incident Response Team (Aug 14 2008)
Re: MicroWorld MailScan - Multiple Vulnerabilities within Admin-Webinterface oliver karow (Aug 15 2008)
munky-bliki lfi r3d.w0rm_at_yahoo.com (Aug 15 2008)
Mambo 4.6.2 Full Version - Multiple Cross Site Scripting - By Khashayar Fereidani irancrash_at_gmail.com (Aug 15 2008)
FlexCMS <= 2.5 Cross Site Scripting Vulnerability irancrash_at_gmail.com (Aug 15 2008)
[ MDVSA-2008:171 ] postfix security_at_mandriva.com (Aug 15 2008)
[ MDVSA-2008:172 ] amarok security_at_mandriva.com (Aug 15 2008)
PHP Live Helper <= 2.0.1 Multiple Vulnerabilities GulfTech Security Research (Aug 16 2008)
Tool: PorkBind v1.3 Nameserver Security Scanner (New Version) Derek Callaway (Aug 15 2008)
Nokia 6131 NFC URI/URL Spoofing and DoS Advisory Collin R. Mulliner (Aug 16 2008)
Re: ManageEngine Firewall Analyzer arbitrary file disclosure to authorized user Eder Wentz (Aug 16 2008)
NewsHOWLER 1.03 Beta Cookie Handling Via Sql injection r3d.w0rm_at_yahoo.com (Aug 17 2008)
[DSECRG-08-036] Multiple Security Vulnerabilities in Freeway eCommerce 1.4.1.171 Digital Security Research Group [DSecRG] (Aug 18 2008)
Ovidentia 6.6.5 XSS (index.php)‏ mostafa_ragab_at_msn.com (Aug 18 2008)
[security bulletin] HPSBMA02345 SSRT080039 rev.2 - HP System Management Homepage (SMH) for Linux and Windows, Remote Cross Site Scripting (XSS) security-alert_at_hp.com (Aug 18 2008)
[SECURITY] [DSA 1629-1] New postfix packages fix privilege escalation Thijs Kinkhorst (Aug 18 2008)
[SECURITY] [DSA 1629-2] New postfix packages fix installability problem on i386 Thijs Kinkhorst (Aug 19 2008)
[security bulletin] HPSBST02360 SSRT080117 rev.2 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-041 to MS08-051 security-alert_at_hp.com (Aug 19 2008)
Vanilla <= 1.1.4 Script Injection/ XSS GulfTech Security Research (Aug 19 2008)
SunShop <= 4.1.4 SQL Injection GulfTech Security Research (Aug 18 2008)
[ MDVSA-2008:173 ] kdegraphics security_at_mandriva.com (Aug 19 2008)
[USN-636-1] Postfix vulnerability Kees Cook (Aug 19 2008)
[ MDVSA-2008:174 ] kernel security_at_mandriva.com (Aug 19 2008)
ToorCon 10 Call For Papers David Hulton (Aug 20 2008)
Folder Lock <= 5.9.5 Local Password Information Disclosure glafkos_at_infosec.org.uk (Aug 19 2008)
[ MDVSA-2008:175 ] yelp security_at_mandriva.com (Aug 20 2008)
[ MDVSA-2008:176 ] mtr security_at_mandriva.com (Aug 20 2008)
IMF 2008 - Call for Participation Oliver Goebel (Aug 19 2008)
CORE-2008-0624: Anzio Web Print Object Buffer Overflow CORE Security Technologies Advisories (Aug 20 2008)
Null Byte Local file Inclusion in FAR - PHP Project version:1.0 beenudel1986_at_gmail.com (Aug 20 2008)
- Re: Null Byte Local file Inclusion in FAR - PHP Project version:1.0 William McAfee (Aug 21 2008)
CORE-2008-0813 - vBulletin Cross Site Scripting Vulnerability CORE Security Technologies Advisories (Aug 20 2008)
rPSA-2008-0259-1 postfix rPath Update Announcements (Aug 20 2008)
[ MDVSA-2008:177 ] xine-lib security_at_mandriva.com (Aug 20 2008)
[ MDVSA-2008:178 ] xine-lib security_at_mandriva.com (Aug 20 2008)
UPDATE: [ GLSA 200804-22 ] PowerDNS Recursor: DNS Cache Poisoning Robert Buchholz (Aug 21 2008)
[SECURITY] [DSA 1630-1] New Linux 2.6.18 packages fix several vulnerabilities dann frazier (Aug 21 2008)
TimeTrex Time and Attendance Cookie Theft DoZ_at_HackersCenter.com (Aug 21 2008)
- RE: TimeTrex Time and Attendance Cookie Theft Alex Eden (Aug 21 2008)
  - Re: RE: TimeTrex Time and Attendance Cookie Theft hi_at_hi.com (Aug 22 2008)
- Re: TimeTrex Time and Attendance Cookie Theft Mike (Aug 22 2008)
Contest: Best Advances for OpenVAS Network Vulnerability Tests Michael Wiegand (Aug 22 2008)
PR08-20: Bypassing ASP .NET "ValidateRequest" for Script Injection Attacks ProCheckUp Research (Aug 21 2008)
Call For Papers - Hackers 2 Hackers Conference 5th Edition - Brazil cfp_at_h2hc.com.br (Aug 21 2008)
[ MDVSA-2008:179 ] metisse security_at_mandriva.com (Aug 21 2008)
Vim: Arbitrary Code Execution in Commands: K, Control-], g] Jan Minář (Aug 22 2008)
- RE: Arbitrary Code Execution in Commands: K, Control-], g] Michael Wojcik (Aug 25 2008)
[ MDVSA-2008:180 ] libxml2 security_at_mandriva.com (Aug 21 2008)
Secunia Research: Trend Micro Products Web Management Authentication Bypass Secunia Research (Aug 22 2008)
Fedora confirms: Our servers were breached Juha-Matti Laurio (Aug 22 2008)
- Re: Fedora confirms: Our servers were breached Dragos Ruiu (Aug 22 2008)
Apple OSX Leopard (10.5+), inadequate ACL insight can create vuln bgtrq.tryfixingit_at_antichef.net (Aug 19 2008)
[oCERT-2008-008] multiple heap overflows in xine-lib Will Drewry (Aug 22 2008)
[SECURITY] [DSA 1631-1] New libxml2 packages fix denial of service Steve Kemp (Aug 22 2008)
- [SECURITY] [DSA 1631-1] New libxml2 packages fix denial of service Steve Kemp (Aug 26 2008)
OneNews Beta 2 Multiple Vulnerabilities crimson.loyd_at_gmail.com (Aug 22 2008)
Secunia Research: Novell iPrint Client ActiveX Control "GetFileList()" Information Disclosure Secunia Research (Aug 25 2008)
[DSECRG-08-038] Multiple Local File Include Vulnerabilities in ezContents CMS 2.0.3 Digital Security Research Group [DSecRG] (Aug 25 2008)
Secunia Research: Calendarix Basic Two SQL Injection Vulnerabilities Secunia Research (Aug 25 2008)
Secunia Research: Novell iPrint Client ActiveX Control Multiple Buffer Overflows Secunia Research (Aug 25 2008)
[DSECRG-08-037] Multiple Local File Include Vulnerabilities in Pluck CMS 4.5.2 Digital Security Research Group [DSecRG] (Aug 25 2008)
SECOBJADV-2008-03.2: PartyGaming PartyPoker Malicious Update Vulnerability Security Objectives Corporation (Aug 24 2008)
[IVIZ-08-009] Grub Legacy Security Model bypass exploiting wrong BIOS API usage iViZ Security Advisories (Aug 25 2008)
Crafty Syntax Live Help <= 2.14.6 SQL Injection GulfTech Security Research (Aug 25 2008)
[IVIZ-08-006] DiskCryptor Security Model bypass exploiting wrong BIOS API usage iViZ Security Advisories (Aug 25 2008)
ToorCon X CFP Closing and Workshops and Seminars discounted until Friday! David Hulton (Aug 25 2008)
Mini-NUKE v2.3 Freehost (tr) Multiple Remote SQL Injection Vulnerabilities byccc_at_live.com (Aug 25 2008)
ZoneMinder Multiple Vulnerabilities filip.palian_at_pjwstk.edu.pl (Aug 26 2008)
Hopeless comments regarding the pointless "HP System Management Homepage (SMH) Unspecified XSS" Luca.carettoni (Aug 26 2008)
[SECURITY] [DSA 1632-1] New tiff packages fix arbitrary code execution Thijs Kinkhorst (Aug 26 2008)
Multiple Vulnerabilities in AWStats Totals Elliot Kendall (Aug 26 2008)
White Wolf Labs #080826-1: Kyocera Mita Scanner File Utility (Multiple) Seth Fogie (Aug 26 2008)
PacSec 2008 CFP (Deadline Sept. 1, Conference Nov. 12/13) and BA-Con 2008 Speakers (Sept .30/ Oct. 1) Dragos Ruiu (Aug 26 2008)
[ MDVSA-2008:180-1 ] libxml2 security_at_mandriva.com (Aug 26 2008)
[security bulletin] HPSBMA02363 SSRT080106 rev.1 - HP Enterprise Discovery Running on Windows, Remote Authorized User, Gain Extended Privileges security-alert_at_hp.com (Aug 27 2008)
[IVIZ-08-008] LILO Security Model bypass exploiting wrong BIOS API usage iViZ Security Advisories (Aug 25 2008)
[IVIZ-08-007] DriveCrypt Security Model bypass exploiting wrong BIOS API usage iViZ Security Advisories (Aug 25 2008)
[IVIZ-08-003] TrueCrypt Security Model bypass exploiting wrong BIOS API usage iViZ Security Advisories (Aug 25 2008)
[USN-638-1] Yelp vulnerability Kees Cook (Aug 27 2008)
[IVIZ-08-004] Intel BIOS Plain Text Password Disclosure iViZ Security Advisories (Aug 25 2008)
XSS and Data Manipulation attacks found in CMS PHPCart. vaibhav aher (Aug 27 2008)
[IVIZ-08-002] Hewlett-Packard BIOS Plain Text Password Disclosure iViZ Security Advisories (Aug 25 2008)
[IVIZ-08-005] IBM Lenovo BIOS Plain Text Password Disclosure iViZ Security Advisories (Aug 25 2008)
[security bulletin] HPSBUX02365 SSRT080118 rev.1 - HP-UX Running Apache, Remote Cross Site Scripting (XSS) or Denial of Service (DoS) security-alert_at_hp.com (Aug 28 2008)
reviving the botnets@ mailing list: a new statregy in fighting cyber crime Gadi Evron (Aug 28 2008)
ZDI-08-054: Multiple Vendor libpurple MSN Protocol SLP Message Heap Overflow Vulnerability zdi-disclosures_at_3com.com (Aug 28 2008)
[scip_Advisory 3807] Dreambox DM500 webserver long URL request denial of service Marc Ruef (Aug 29 2008)
[Advisory] Invision Power Board <= 2.3.5 Multiple Vulnerabilities and Security Bypass gmdarkfig_at_gmail.com (Aug 29 2008)
- Re: [Advisory] Invision Power Board <= 2.3.5 Multiple Vulnerabilities and Security Bypass gmdarkfig_at_gmail.com (Aug 30 2008)
[ MDVSA-2008:181 ] ipsec-tools security_at_mandriva.com (Aug 28 2008)
[Exploit] Invision Power Board <= 2.3.5 Multiple Vulnerabilities gmdarkfig_at_gmail.com (Aug 29 2008)
- Re: [Exploit] Invision Power Board <= 2.3.5 Multiple Vulnerabilities gmdarkfig_at_gmail.com (Aug 29 2008)
VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues. VMware Security team (Aug 29 2008)
[SECURITY] [DSA-1597-2] New mt-daapd package fix regression Devin Carraway (Aug 30 2008)