Bugtraq: by thread

Bugtraq: by thread

272 messages starting Dec 01 08 and ending Dec 31 08
Date index | Thread index | Author index

[SECURITY] [DSA 1673-1] New wireshark packages fix several vulnerabilities Moritz Muehlenhoff (Dec 01)
[SECURITY] [DSA 1674-1] New jailer packages fix denial of service Moritz Muehlenhoff (Dec 01)
[SECURITY] [DSA 1675-1] New phpmyadmin packages fix cross site scripting Thijs Kinkhorst (Dec 01)
[TKADV2008-013] VLC media player RealMedia Processing Integer Overflow Vulnerability Tobias Klein (Dec 01)
/bin/login gives root to group utmp Paul Szabo (Dec 01)
- <Possible follow-ups>
- Re: /bin/login gives root to group utmp 0xjbrown41 (Dec 02)
Re: Re: Wrong report: BID 32287, Pi3Web ISAPI DoS vulnerability het_ebadi (Dec 01)
- <Possible follow-ups>
- Re: Re: Wrong report: BID 32287, Pi3Web ISAPI DoS vulnerability zimpel (Dec 01)
- Re: Re: Re: Wrong report: BID 32287, Pi3Web ISAPI DoS vulnerability zimpel (Dec 03)
[BMSA 2008-09] Two buffer overflow vulnerabilities in Rumpus v6.0 Nam Nguyen (Dec 01)
[USN-681-1] ImageMagick vulnerability Marc Deslauriers (Dec 01)
[USN-682-1] libvorbis vulnerabilities Marc Deslauriers (Dec 01)
[SECURITY] [DSA 1676-1] New flamethrower packages fix denial of service dann frazier (Dec 02)
Dates for SyScan'09 organiser () syscan org (Dec 02)
Cpanel fantastico Privilege Escalation "ModSec and PHP restriction Bypass" l1un (Dec 02)
[USN-683-1] Imlib2 vulnerability Marc Deslauriers (Dec 02)
[ GLSA 200812-01 ] OptiPNG: User-assisted execution of arbitrary code Robert Buchholz (Dec 02)
[ GLSA 200812-03 ] IPsec-Tools: racoon Denial of Service Robert Buchholz (Dec 02)
[ GLSA 200812-06 ] libxml2: Multiple vulnerabilities Robert Buchholz (Dec 02)
[ GLSA 200812-05 ] libsamplerate: User-assisted execution of arbitrary code Robert Buchholz (Dec 02)
[ GLSA 200812-04 ] lighttpd: Multiple vulnerabilities Robert Buchholz (Dec 02)
[ GLSA 200812-02 ] enscript: User-assisted execution of arbitrary code Robert Buchholz (Dec 02)
[ GLSA 200812-07 ] Mantis: Multiple vulnerabilities Robert Buchholz (Dec 02)
[SECURITY] [DSA 1677-1] New CUPS packages fix arbitrary code execution Martin Schulze (Dec 02)
[HACKATTACK Advisory 20081203]Pro Clan Manager 0.4.2 - Session Fixation office (Dec 03)
VMSA-2008-0019 VMware Hosted products and patches for ESX and ESXi resolve a critical security issue and update bzip2 VMware Security team (Dec 03)
- Re: VMSA-2008-0019 VMware Hosted products and patches for ESX and ESXi resolve a critical security issue and update bzip2 Steve Shockley (Dec 03)
[SECURITY] [DSA 1678-1] New perl packages fix privilege escalation Steffen Joeris (Dec 03)
[SECURITY] [DSA 1679-1] New awstats packages fix cross-site scripting Florian Weimer (Dec 03)
[USN-684-1] ClamAV vulnerability Kees Cook (Dec 03)
- <Possible follow-ups>
- Re: [USN-684-1] ClamAV vulnerability 0xjbrown41 (Dec 04)
[SVRT-06-08] MULTI SECURITY VULNERABILITIES IN MVNFORUM SVRT-Bkis (Dec 03)
[security bulletin] HPSBUX02389 SSRT080141 rev.1 - HP-UX, Local Denial of Service (DoS) security-alert (Dec 03)
Re: [HACKATTACK Advisory 20081127]Social Impress CMS 1.1 - Session Fixation rene . sato (Dec 03)
[USN-685-1] Net-SNMP vulnerabilities Kees Cook (Dec 03)
[USN-686-1] AWStats vulnerability Kees Cook (Dec 04)
[ MDVSA-2008:236 ] vim security (Dec 04)
Advisory 06/2008: PHP ZipArchive::extractTo() Directory Traversal Vulnerability Stefan Esser (Dec 04)
Joomla Component GameQ r3d . w0rm (Dec 04)
- Re: Joomla Component GameQ packet (Dec 04)
DDIVRT-2008-18 Orb Denial of Service DDI . VulnerabilityAlert (Dec 04)
[SECURITY] [DSA 1680-1] New clamav packages fix potential code execution Florian Weimer (Dec 04)
CVE-2008-2086: Java Web Start File Inclusion via System Properties Override VSR Advisories (Dec 04)
[UPRSN] Ubuntu Privacy Remix 8.04r1 fixes security issues Ubuntu Privacy Remix Team (Dec 04)
Re: XSS in Internet Explorer 6 and 7 MustLive (Dec 04)
[SECURITY] [DSA 1681-1] New Linux 2.6.24 packages fix several vulnerabilities dann frazier (Dec 04)
iDefense Security Advisory 12.04.08: Sun Java JRE TrueType Font Parsing Heap Overflow Vulnerability iDefense Labs (Dec 04)
Joomla Component mydyngallery r3d . w0rm (Dec 04)
iDefense Security Advisory 12.04.08: Sun Java Web Start GIF Decoding Memory Corruption Vulnerability iDefense Labs (Dec 04)
iDefense Security Advisory 12.04.08: Sun Java JRE Pack200 Decompression Integer Overflow Vulnerability iDefense Labs (Dec 04)
[ MDVSA-2008:237 ] apache2 security (Dec 04)
[USN-687-1] nfs-utils vulnerability Marc Deslauriers (Dec 04)
iDefense Security Advisory 12.04.08: Sun Java JRE TrueType Font Parsing Integer Overflow Vulnerability iDefense Labs (Dec 04)
ZDI-08-077: Trillian AIM IMG Tag Parsing Stack Overflow Vulnerability zdi-disclosures (Dec 05)
ZDI-08-078: Trillian IMG SRC ID Memory Corruption Vulnerability zdi-disclosures (Dec 05)
ZDI-08-079: Trillian AIM Plugin Malformed XML Tag Heap Overflow Vulnerability zdi-disclosures (Dec 05)
ZDI-08-080: Sun Java AWT Library Sandbox Violation Vulnerability zdi-disclosures (Dec 05)
ZDI-08-081: Sun Java Web Start and Applet Multiple Sandbox Bypass Vulnerabilities zdi-disclosures (Dec 05)
[ MDVSA-2008:238 ] libsamplerate security (Dec 05)
CVE-2008-5079: multiple listen()s on same socket corrupts the vcc table Hugo Dias (Dec 05)
RE: DDIVRT-DDIVRT-2008-15 iPhone Configuration Web Utility 1.0 for Windows Directory Traversal VulnerabilityAlert (Dec 05)
Re: SecurityReason : PHP 5.2.6 dba_replace() destroying file Eygene Ryabinkin (Dec 06)
- Re: SecurityReason : PHP 5.2.6 dba_replace() destroying file Ilia Alshanetsky (Dec 06)
  - Re: SecurityReason : PHP 5.2.6 dba_replace() destroying file Eygene Ryabinkin (Dec 06)
[ MDVSA-2008:239 ] clamav security (Dec 06)
[ GLSA 200812-08 ] Mgetty: Insecure temporary file usage Pierre-Yves Rofes (Dec 06)
SecurityReason: PHP 5.2.6 SAPI php_getuid() overload cxib (Dec 06)
- Re: SecurityReason: PHP 5.2.6 SAPI php_getuid() overload Eygene Ryabinkin (Dec 08)
  - Re: SecurityReason: PHP 5.2.6 SAPI php_getuid() overload Maksymilian Arciemowicz (Dec 08)
    - Re: SecurityReason: PHP 5.2.6 SAPI php_getuid() overload Eygene Ryabinkin (Dec 08)
[SECURITY] [DSA 1682-1] New squirrelmail packages fix cross site scripting Thijs Kinkhorst (Dec 08)
Two XSS Flaws in PrestaShop 1.1.0.3 th3 . r00k . ieatpork (Dec 08)
XSS in PHPepperShop v 1.4 th3 . r00k . ieatpork (Dec 08)
RadAsm <=2.2.1.5 Local Command Execution xhakerman2006 (Dec 08)
- Re: RadAsm <=2.2.1.5 Local Command Execution Li Gen (Dec 08)
Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass xhakerman2006 (Dec 08)
[DSECRG-08-040] Multiple Local File Include Vulnerabilities in Xoops 2.3.x Digital Security Research Group [DSecRG] (Dec 08)
[DSECRG-08-041] Stored XSS Vulnerability in Xoops 2.3.x Digital Security Research Group [DSecRG] (Dec 08)
[SVRT-07-08] Vulnerability in Face Recognition Authentication Mechanism of Lenovo-Asus-Toshiba Laptops SVRT-Bkis (Dec 08)
[security bulletin] HPSBMA02391 SSRT071481 rev.1 - HP OpenView Reporter and HP Reporter Running on Windows, Remote Denial of Service (DoS) security-alert (Dec 08)
ZDI-08-082: BMC PatrolAgent Version Logging Format String Vulnerability zdi-disclosures (Dec 08)
Neostrada Livebox Remote Network Down PoC Exploit 0in . email (Dec 08)
DoS Vulnerability in Aruba Mobility Controller Caused by Malformed EAP Frame (Aruba Advisory ID: AID-12808) Robbie (Rupinder) Gill (Dec 08)
[SECURITY] [DSA 1683-1] New streamripper packages fix potential code execution Florian Weimer (Dec 08)
[security bulletin] HPSBMA02390 SSRT071481 rev.1 - HP OpenView Performance Agent, HP Performance Agent, Remote Denial of Service (DoS) security-alert (Dec 08)
Multiple XSRF in DD-WRT (Remote Root Command Execution) th3 . r00k . ieatpork (Dec 08)
- <Possible follow-ups>
- Re: Multiple XSRF in DD-WRT (Remote Root Command Execution) s . gottschall (Dec 10)
  - Re: Multiple XSRF in DD-WRT (Remote Root Command Execution) Hanno Böck (Dec 11)
  - Re: Multiple XSRF in DD-WRT (Remote Root Command Execution) David E. Thiel (Dec 11)
  - Re[2]: Multiple XSRF in DD-WRT (Remote Root Command Execution) Vladimir '3APA3A' Dubrovin (Dec 11)
- Re: Multiple XSRF in DD-WRT (Remote Root Command Execution) pUm (Dec 11)
  - Re: Multiple XSRF in DD-WRT (Remote Root Command Execution) Sebastian Gottschall (DD-WRT) (Dec 11)
  - Re: Multiple XSRF in DD-WRT (Remote Root Command Execution) Sebastian Gottschall (DD-WRT) (Dec 11)
    - Re: Multiple XSRF in DD-WRT (Remote Root Command Execution) David E. Thiel (Dec 11)
- Re: Multiple XSRF in DD-WRT (Remote Root Command Execution) dan . crowley (Dec 11)
- Re: Re: Multiple XSRF in DD-WRT (Remote Root Command Execution) dan . crowley (Dec 11)
- Re: Re: Multiple XSRF in DD-WRT (Remote Root Command Execution) 0xjbrown41 (Dec 15)
Re: [Full-disclosure] MS OWA 2003 Redirection Vulnerability - [MSRC 7368br] Peter Watkins (Dec 08)
DoS attacks on MIME-capable software via complex MIME emails bruhns (Dec 09)
- Re: DoS attacks on MIME-capable software via complex MIME emails Vladimir '3APA3A' Dubrovin (Dec 09)
[ MDVSA-2008:236-1 ] vim security (Dec 09)
PHP safe_mode can be bypassed via proc_open() and custom environment. gat3way (Dec 09)
SEC Consult SA-20081109-0 :: Microsoft SQL Server 2000 sp_replwritetovarbin limited memory overwrite vulnerability Bernhard Mueller (Dec 09)
rPSA-2008-0332-1 kernel rPath Update Announcements (Dec 09)
Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass -Update- xhakerman2006 (Dec 09)
Secunia Research: Microsoft Word RTF Polyline/Polygon Integer Overflow Secunia Research (Dec 09)
Secunia Research: Microsoft Excel NAME Record Array Indexing Vulnerability Secunia Research (Dec 09)
CORE-2008-1127 - Vinagre show_error() format string vulnerability CORE Security Technologies Advisories (Dec 09)
Secunia Research: Microsoft Hierarchical FlexGrid Control Integer Overflows Secunia Research (Dec 09)
iDefense Security Advisory 12.09.08: Microsoft Internet Explorer 5.01 EMBED tag Long File Name Extension Stack Buffer Overflow Vulnerability (iDefense Exclusive) iDefense Labs (Dec 09)
iDefense Security Advisory 12.09.08: Microsoft Windows Graphics Device Interface Integer Overflow Vulnerability iDefense Labs (Dec 09)
ZDI-08-083: Microsoft Animation ActiveX Control Malformed AVI Parsing Code Execution Vulnerability zdi-disclosures (Dec 09)
ZDI-08-084: Microsoft Office RTF Consecutive Drawing Object Parsing Heap Corruption Vulnerability zdi-disclosures (Dec 09)
ZDI-08-085: Microsoft Office RTF Drawing Object Heap Overflow Vulnerability zdi-disclosures (Dec 09)
ZDI-08-086: Microsoft Office Word Document Table Property Stack Overflow Vulnerability zdi-disclosures (Dec 09)
ZDI-08-087: Microsoft Internet Explorer Webdav Request Parsing Heap Corruption Vulnerability zdi-disclosures (Dec 09)
Insomnia : ISVA-081209.1 - IE Webdav Request Parsing Heap Corruption Vulnerability Brett Moore (Dec 10)
ISOI 6, Dallas, TX - January 29, 30 Gadi Evron (Dec 10)
[USN-689-1] Vinagre vulnerability Kees Cook (Dec 10)
[USN-678-2] GnuTLS regression Jamie Strandboge (Dec 10)
[SECURITY] [DSA 1684-1] New lcms packages fix multiple vulnerabilities Devin Carraway (Dec 10)
[IVIZ-08-011] ClamAV lzh unpacking segmentation fault iViZ Security Advisories (Dec 10)
[IVIZ-08-012] Bitdefender antivirus for Linux multiple vulnerabilities iViZ Security Advisories (Dec 10)
[IVIZ-08-013] Avast antivirus for Linux multiple vulnerabilities iViZ Security Advisories (Dec 10)
[IVIZ-08-014] AVG antivirus for Linux vulnerability iViZ Security Advisories (Dec 10)
[IVIZ-08-015] Sophos Antivirus for Linux vulnerability iViZ Security Advisories (Dec 10)
[IVIZ-08-016] F-Secure f-prot Antivirus for Linux corrupted ELF header Security Bypass iViZ Security Advisories (Dec 10)
- <Possible follow-ups>
- Re: [IVIZ-08-016] F-Secure f-prot Antivirus for Linux corrupted ELF header Security Bypass frisk (Dec 16)
- Re: [IVIZ-08-016] F-Secure f-prot Antivirus for Linux corrupted ELF header Security Bypass mikael . albrecht (Dec 22)
Microsoft SQL Server 2005 sp_replwritetovarbin memory overwrite (update to SEC Consult SA-20081209) Bernhard Mueller (Dec 10)
CORE-2008-0228: Microsoft Word Malformed FIB Arbitrary Free Vulnerability CORE Security Technologies Advisories (Dec 10)
[security bulletin] HPSBUX02393 SSRT080057 rev.1 - HP-UX Running DCE, Remote Denial of Service (DoS) security-alert (Dec 10)
[ GLSA 200812-09 ] OpenSC: Insufficient protection of smart card PIN Robert Buchholz (Dec 10)
[ GLSA 200812-10 ] Archive::Tar: Directory traversal vulnerability Robert Buchholz (Dec 10)
Max's Guestbook (XSS) Remote Vulnerability 08253 (Dec 10)
iDefense Security Advisory 12.10.08: Microsoft Excel Malformed Object Memoy Corruption Vulnerability iDefense Labs (Dec 10)
[ MDVSA-2008:240 ] vinagre security (Dec 10)
CA ARCserve Backup LDBserver Vulnerability Williams, James K (Dec 10)
[ GLSA 200812-11 ] CUPS: Multiple vulnerabilities Pierre-Yves Rofes (Dec 11)
Browser Security Handbook Michal Zalewski (Dec 11)
AST-2008-012: Remote crash vulnerability in IAX2 Asterisk Security Team (Dec 11)
Black Hat: New Webinar, Japan audio now on-line. jmoss (Dec 11)
aspProductCatalog Sql Injection r3d . w0rm (Dec 11)
Meta Cart Free Database Disclosure r3d . w0rm (Dec 11)
facto Database Disclosure r3d . w0rm (Dec 11)
Secunia Research: CA ARCserve Backup RPC "handle_t" Argument Vulnerability Secunia Research (Dec 11)
Aspect9: Internet Explorer 8.0 Beta 2 Anti-XSS Filter Vulnerabilities Rafel Ivgi (Dec 11)
ASP-CMS v.1.0 Sql Injection/Database Disclosure r3d . w0rm (Dec 12)
rPSA-2008-0336-1 tshark wireshark rPath Update Announcements (Dec 12)
Nokia N70/N73 Bluetooth Stack OBEX Implementation Denial of Service yangdn (Dec 12)
[SECURITY] [DSA 1685-1] New uw-imap packages fix multiple vulnerabilities Steffen Joeris (Dec 12)
Moodle 1.9.3 Remote Code Execution ascii (Dec 12)
- <Possible follow-ups>
- Re: Moodle 1.9.3 Remote Code Execution lent (Dec 15)
  - Re: Moodle 1.9.3 Remote Code Execution Jamie Riden (Dec 15)
- Re: Re: Moodle 1.9.3 Remote Code Execution martin (Dec 16)
- Re: Moodle 1.9.3 Remote Code Execution hackeriri (Dec 16)
[ GLSA 200812-12 ] Honeyd: Insecure temporary file creation Tobias Heinlein (Dec 12)
[ GLSA 200812-13 ] OpenOffice.org: Multiple vulnerabilities Pierre-Yves Rofes (Dec 15)
[ GLSA 200812-14 ] aview: Insecure temporary file usage Tobias Heinlein (Dec 15)
[SECURITY] [DSA 1686-1] New no-ip packages fix arbitrary code execution Moritz Muehlenhoff (Dec 15)
[ GLSA 200812-15 ] POV-Ray: User-assisted execution of arbitrary code Pierre-Yves Rofes (Dec 15)
[ GLSA 200812-16 ] Dovecot: Multiple vulnerabilities Tobias Heinlein (Dec 15)
CFAGCMS Remote File Inclusion admin (Dec 15)
[TKADV2008-014] MPlayer TwinVQ Processing Stack Buffer Overflow Vulnerability Tobias Klein (Dec 15)
Multiple XSS Vulnerabilities in World Recipe 2.11 security (Dec 15)
phpList vulnerability phplist (Dec 15)
TmaxSoft JEUS Alternate Data Streams Vulnerability Simon Ryeo (Dec 15)
- Fwd: TmaxSoft JEUS Alternate Data Streams Vulnerability Simon Ryeo (Dec 15)
[ MDVSA-2008:242 ] wireshark security (Dec 15)
[SECURITY] [DSA 1687-1] New Linux 2.6.18 packages fix several vulnerabilities dann frazier (Dec 15)
[ MDVSA-2008:243 ] enscript security (Dec 16)
[USN-691-1] Ruby vulnerability Marc Deslauriers (Dec 16)
Re: ooVoo 1.7.1.35 (URL Protocol) remote unicode buffer overflow poc philip . robertson (Dec 16)
[ GLSA 200812-17 ] Ruby: Multiple vulnerabilities Tobias Heinlein (Dec 16)
ZDI-08-088: Oracle E-Business Suite Business Intelligence SQL Injection Vulnerability zdi-disclosures (Dec 16)
- RE: [Full-disclosure] ZDI-08-088: Oracle E-Business Suite Self-Service Web Applications SQL Injection Vulnerability Integrigy Security (Dec 17)
CVE-2008-1094 - Barracuda Span Firewall SQL Injection Vulnerability marian . ventuneac (Dec 16)
CVE-2008-0971 - Barracuda Networks products Multiple Cross-Site Scripting Vulnerabilities marian . ventuneac (Dec 16)
Joomla: Session hijacking vulnerability, CVE-2008-4122 Hanno Böck (Dec 16)
- <Possible follow-ups>
- Re: Joomla: Session hijacking vulnerability, CVE-2008-4122 darkz . gsa (Dec 18)
[ GLSA 200812-18 ] JasPer: User-assisted execution of arbitrary code Robert Buchholz (Dec 16)
Network Security Scanner OpenVAS 2.0.0 Released Michael Wiegand (Dec 17)
n.runs-SA-2008.010 - Opera HTML parsing Code Execution security (Dec 17)
[ MDVSA-2008:244 ] mozilla-firefox security (Dec 17)
[USN-690-1] Firefox and xulrunner vulnerabilities Jamie Strandboge (Dec 18)
[TKADV2008-015] Sun Solaris SIOCGTUNPARAM IOCTL Kernel NULL pointer dereference Tobias Klein (Dec 18)
Firefox cross-domain text theft (CESA-2008-011) Chris Evans (Dec 18)
[USN-692-1] Gadu vulnerability Kees Cook (Dec 18)
[USN-693-1] LittleCMS vulnerability Kees Cook (Dec 18)
[USN-690-2] Firefox vulnerabilities Jamie Strandboge (Dec 18)
[USN-690-3] Firefox vulnerabilities Jamie Strandboge (Dec 18)
[SECURITY] CVE-2008-2938 - Apache Tomcat information disclosure vulnerability - Update 2 Mark Thomas (Dec 18)
[USN-694-1] libvirt vulnerability Jamie Strandboge (Dec 18)
[USN-695-1] shadow vulnerability Kees Cook (Dec 18)
php python extension safe_mode bypass amir (Dec 18)
EasySiteNetwork (joke.php?id) Remote SQL injection Vulnerability Ehsan_Hp200 (Dec 18)
[ MDVSA-2008:245 ] firefox security (Dec 18)
CONFidence 2009, CFP Andrzej Targosz (Dec 18)
- Re: CONFidence 2009, CFP Dominik 'Rathann' Mierzejewski (Dec 19)
[USN-696-1] Avahi vulnerabilities Jamie Strandboge (Dec 18)
SEC Consult SA-20081219-0 :: Fujitsu-Siemens WebTransactions remote command injection vulnerability Bernhard Mueller (Dec 19)
[security bulletin] HPSBST02394 SSRT080183 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-070 to MS08-077 security-alert (Dec 19)
HTC Touch vCard over IP Denial of Service Mobile Security Lab (Dec 19)
PHP APC vulnerable to local attacks Moritz Naumann (Dec 19)
rPSA-2008-0338-1 cups rPath Update Announcements (Dec 19)
[ GLSA 200812-19 ] PowerDNS: Multiple vulnerabilities Pierre-Yves Rofes (Dec 19)
[SECURITY] [DSA 1688-1] New courier-authlib packages fix SQL injection Steffen Joeris (Dec 20)
chicomas <=2.0.4 Multiple Vulnerabilities admin (Dec 20)
- Re: chicomas <=2.0.4 Multiple Vulnerabilities security curmudgeon (Dec 20)
[SECURITY] [DSA 1678-2] New perl packages fix regression Florian Weimer (Dec 22)
[USN-699-1] Blender vulnerabilities Marc Deslauriers (Dec 22)
[USN-698-1] Nagios vulnerability Marc Deslauriers (Dec 22)
Secunia Research: Trend Micro HouseCall "notifyOnLoadNative()" Vulnerability Secunia Research (Dec 22)
[USN-698-2] Nagios3 vulnerabilities Marc Deslauriers (Dec 22)
POC for CVE-2008-5619 (roundcubemail PHP arbitrary code injection) Jacobo Avariento Gimeno (Dec 22)
[UPRSN] Ubuntu Privacy Remix 8.04r2 introduces "noexec"-mounting by default Ubuntu Privacy Remix Team (Dec 22)
[SECURITY] [DSA 1691-1] New moodle packages fix several vulnerabilities Thijs Kinkhorst (Dec 22)
FreeSSHd Multiple Remote Stack Overflow Vulnerabilities writ3r-dont-want-bugtraq-spam- (Dec 22)
Secunia Research: Trend Micro HouseCall ActiveX Control Arbitrary Code Execution Secunia Research (Dec 22)
CoolPlayer 2.19 (Skin File) Local Buffer Overflow Exploit writ3r-dont-want-bugtraq-spam- (Dec 22)
[USN-697-1] Imlib2 vulnerability Marc Deslauriers (Dec 22)
[ GLSA 200812-20 ] phpCollab: Multiple vulnerabilities Pierre-Yves Rofes (Dec 22)
CORE-2008-1210: Qemu and KVM VNC server remote DoS CORE Security Technologies Advisories (Dec 22)
[SECURITY] [DSA 1689-1] New proftpd-dfsg packages fix Cross-Site Request Forgery Martin Schulze (Dec 22)
[ISecAuditors Security Advisories] Wordpress is vulnerable to an unauthorized upgrade and XSS ISecAuditors Security Advisories (Dec 22)
[SECURITY] [DSA 1690-1] New avahi packages fix denial of service Florian Weimer (Dec 22)
[ISecAuditors Security Advisories] Multiple vulnerabilities in WiFi router COMTREND CT-536/HG-536+ ISecAuditors Security Advisories (Dec 22)
rPSA-2008-0341-1 dovecot rPath Update Announcements (Dec 22)
- <Possible follow-ups>
- Re: rPSA-2008-0341-1 dovecot olga (Dec 24)
[ MDVA-2008:241 ] mailscanner security (Dec 22)
[security bulletin] HPSBST02397 SSRT080187 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-078 security-alert (Dec 24)
[USN-677-2] OpenOffice.org Internationalization update Jamie Strandboge (Dec 24)
[ISecAuditors Security Advisories] PSI remote integer overflow DoS ISecAuditors Security Advisories (Dec 24)
FreeBSD Security Advisory FreeBSD-SA-08:13.protosw FreeBSD Security Advisories (Dec 24)
DDIVRT-2008-16 Citrix Broadcast Server 6.0 login.asp SQL Injection --- Update for BID 32832 VulnerabilityResearch (Dec 24)
[USN-700-1] Perl vulnerabilities Kees Cook (Dec 24)
[SECURITY] [DSA 1688-2] New courier-authlib packages fix regression Florian Weimer (Dec 24)
[USN-698-3] Nagios vulnerabilities Marc Deslauriers (Dec 24)
[ GLSA 200812-23 ] Imlib2: User-assisted execution of arbitrary code Pierre-Yves Rofes (Dec 24)
FRHACK Registration open (Christmas offer) Jerome Athias (Dec 24)
Personal Sticky Threads v1.0.3c vbulletin Add-on problem xl4nothing (Dec 24)
[ GLSA 200812-22 ] Ampache: Insecure temporary file usage Pierre-Yves Rofes (Dec 24)
FreeBSD Security Advisory FreeBSD-SA-08:12.ftpd FreeBSD Security Advisories (Dec 24)
[ GLSA 200812-24 ] VLC: Multiple vulnerabilities Tobias Heinlein (Dec 24)
[ GLSA 200812-21 ] ClamAV: Multiple vulnerabilities Pierre-Yves Rofes (Dec 24)
PGP Desktop 9.0.6 Denial Of Service - ZeroDay contact . fingers (Dec 24)
Google Chrome Browser (ChromeHTML://) remote parameter injection POC nospam (Dec 24)
- <Possible follow-ups>
- Re: Google Chrome Browser (ChromeHTML://) remote parameter injection POC Already-sended-information-to-security-focus (Dec 25)
- Re: Re: Google Chrome Browser (ChromeHTML://) remote parameter injection POC nospam (Dec 29)
MS Windows Media Player * (.WAV) Remote Integrer Overflow Laurent . gaffie (Dec 25)
joomla com_lowcosthotels sql injection lovebug (Dec 25)
Castlecops security site closed for good Michael Scheidell (Dec 25)
PHP-Fusion Mod TI - Blog System Sql Injection r3d . w0rm (Dec 25)
ClubHack2008 presentations are now online ClubHack (Dec 29)
Joomla Component mdigg 2.2.8 Blind SQL Injection Exploit hadihadi_zedehal_2006 (Dec 29)
[SECURITY] [DSA 1692-1] New php-xajax packages fix cross-site scripting Steffen Joeris (Dec 29)
hm? new vulnerabilities? wav windows media anonymous (Dec 29)
MSN messenger sends IP addresses Public and Private Carmelo Brancato (Dec 29)
ViArt Shopping Cart v3.5 Multiple Remote Vulnerabilities XiaShing (Dec 29)
Madrese-Portal Sql Injection r3d . w0rm (Dec 29)
MagpieRSS XSS 0day admin (Dec 29)
- Re: MagpieRSS XSS 0day Antone Roundy (Dec 30)
[SECURITY] [DSA 1693-1] New phppgadmin packages fix several vulnerabilities Thijs Kinkhorst (Dec 29)
[ MDVSA-2008:246 ] kernel security (Dec 29)
Mavi Emlak Sql Injection r3d . w0rm (Dec 29)
Megacubo 5.0.7 (mega://) remote eval() injection exploit pyro (Dec 30)
reliable IOS exploitation Gadi Evron (Dec 30)
php-nuke 8.0 module sections artid blind sql inj vuln. the . dumenci (Dec 30)
- Re: php-nuke 8.0 module sections artid blind sql inj vuln. John Haywood (Dec 31)
MD5 Considered Harmful Today: Creating a rogue CA certificate Alexander Sotirov (Dec 31)
apache 1.x <=> 2.x suphp (suPHP_ConfigPath) bypass safe mode exploit‎ v8i (Dec 31)
CFP uCon Security Conference 2009 - Recife, Brazil uCon Security Conference (Dec 31)

Previous period

Next period