Bugtraq: by author

[ISR] - Infobyte Security Research
- Tool release: [evilgrade] - Using DNS cache poisoning to exploit poor update implementations (Jul 28 2008)
- Novell GroupWise Messenger Client (GWIM) Remote Stack Overflow (Jul 04 2008)
a.polyakov_at_dsec.ru
- Re: Lateral SQL Injection Revisited - No Special Privs Required (Jul 18 2008)
Abe Getchell
- RE: Windows Vista Power Management & Local Security Policy (Jul 22 2008)
- RE: Windows Vista Power Management & Local Security Policy (Jul 20 2008)
- RE: Windows Vista Power Management & Local Security Policy (Jul 20 2008)
- RE: Windows Vista Power Management & Local Security Policy (Jul 19 2008)
- Windows Vista Power Management & Local Security Policy (Jul 17 2008)
admin_at_bugreport.ir
- MyBlog <=0.9.8 Multiple Vulnerabilities (Jul 20 2008)
- Pluck Local File inclusion (Jul 13 2008)
Adrian Pastor
- Re: E-Mail header Injection in HiFriend (Jul 29 2008)
adv_at_e-rdc.org
- [ECHO_ADV_100$2008] Comdev Web Blogger <= 4.1.3 (arcmonth) Sql Injection Vulnerability (Jul 16 2008)
advisories_at_host.security-objectives.com
- SECOBJADV-2008-02: Cygwin Installation and Update Process can be Subverted Vulnerability (Jul 25 2008)
Alberto Trivero
- [White Paper] Abusing HTML 5 Structured Client-side Storage (Jul 20 2008)
Alexander Klink
- Re: Unauthorized reading confirmation from Outlook (Jul 09 2008)
Alexander Sotirov
- Pwnie Awards 2008 (Jul 08 2008)
Alexandr Polyakov
- [DSECRG-08-028] File read in Velocity web-server (Jul 16 2008)
alien
- London DEFCON July meet - DC4420 - Thursday 10th July (today!) (Jul 10 2008)
Andrea Barisani
- [oCERT-2008-009] libxslt heap overflow (Jul 31 2008)
- [oCERT-2008-007] libpoppler uninitialized pointer (Jul 07 2008)
Andrea Purificato
- Oracle Portal XSS fixed by CPU July 2008 (Jul 16 2008)
Andy Davis
- Cisco IOS shellcode explanation - additional (Jul 30 2008)
- Cisco IOS shellcode explanation (Jul 30 2008)
- Remote Cisco IOS FTP exploit (Jul 29 2008)
Asterisk Security Team
- AST-2008-011: Traffic amplification in IAX2 firmware provisioning system (Jul 22 2008)
- AST-2008-010: Asterisk IAX 'POKE' resource exhaustion (Jul 22 2008)
Augusto Paes de Barros
- Unauthorized reading confirmation from Outlook (Jul 03 2008)
azzcoder_at_hotmail.com
- XRMS 1.99.2 (RFI/XSS/IG) Multiple Remote Vulnerabilities (Jul 25 2008)
Bboyhacks_at_gmail.com
- Security Bypass Vulnerabilities AXESSTEL (Jul 27 2008)
Brett Moore
- Insomnia : ISVA-080709.1 - Microsoft SQL Server - Corrupt Backup File Heap Overflow (Jul 08 2008)
Cesar
- Re: [Full-disclosure] iDefense Security Advisory 07.08.08: Microsoft SQL Server Restore Integer Underflow Vulnerability (Jul 08 2008)
Chandrashekhar B
- Nessus plugins for recent MS Bulletins (Jul 10 2008)
Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Multiple Cisco Products Vulnerable to DNS Cache Poisoning Attacks (Jul 08 2008)
ClubHack
- CFP now open for ClubHack2008 - India (Jul 15 2008)
cocoruder
- RealNetworks RealPlayer ActiveX Illegal Resource Reference Vulnerability (Jul 29 2008)
Context IS - Disclosure
- Context IS Advisory - MS08-39 OWA XSS (Jul 10 2008)
Cru3l.b0y_at_gmail.com
- Flip V3.0 final (Jul 21 2008)
dan_at_langille.org
- Re: [ GLSA 200807-10 ] Bacula: Information disclosure (Jul 21 2008)
davee1_at_sbcglobal.net
- Re: Microsoft DNS patch KB951748 incompatible with Zonealarm FIXED (Jul 09 2008)
David Bryan
- Minneapolis DC612 Meeting July 10th, 2008@6pm (Jul 08 2008)
David Litchfield
- Re: Pwnie Awards 2008 (Jul 21 2008)
- RE: Lateral SQL Injection Revisited - No Special Privs Required (Jul 18 2008)
- Lateral SQL Injection Revisited - No Special Privs Required (Jul 18 2008)
- Oracle Application Server PLSQL injection flaw (Jul 15 2008)
DeepSec 2008
- Deepsec Talks 2007 are online - registration for 2008 is open (Jul 01 2008)
DeepSec Conference Vienna
- DeepSec 2008 - Last call for submissions (Jul 14 2008)
Devin Carraway
- [SECURITY] [DSA 1619-1] New python-dns packages fix DNS response spoofing (Jul 27 2008)
- [SECURITY] [DSA 1616-2] New clamav packages fix denial of service (Jul 25 2008)
- [SECURITY] [DSA 1617-1] New refpolicy packages fix incompatible policy (Jul 24 2008)
- [SECURITY] [DSA 1616-1] new clamav packages fix denial of service (Jul 24 2008)
- [SECURITY] [DSA 1613-1] new libgd2 packages fix multiple vulnerabilities (Jul 22 2008)
- [SECURITY] [DSA 1608-1] New mysql-dfsg-5.0 packages fix authorization bypass (Jul 12 2008)
Digital Security Research Group
- [DSECRG-08-029] Local File Include in Dokeos E-Learning System 1.8.5 (Jul 16 2008)
Digital Security Research Group [DSecRG]
- [DSECRG-08-034] Local File Include Vulnerability in Minishowcase v09b136 (Jul 29 2008)
- [DSECRG-08-033] Local File Include Vulnerability in Pixelpost 1.7.1 (Jul 28 2008)
- [DSECRG-08-032] Claroline 1.8.10 Multiple XSS Vulnerabilities (Jul 22 2008)
- [DSECRG-08-031] Local File Include Vulnerability in Interact 2.4.1 (Jul 21 2008)
- [DSECRG-08-030] Claroline 1.8.9 Multiple Security Vulnerabilities (Jul 18 2008)
- [DSECRG-08-027] Multiple RFI-LFI in 1024 CMS 1.4.3, 1.4.4 RFC (Jul 04 2008)
dwg5901_at_fhda.edu
- Re: Re: Microsoft DNS patch KB951748 incompatible with Zonealarm (Jul 15 2008)
ekoparty
- ekoparty security trainings (2008) announcement (Jul 16 2008)
Fabian Fingerle
- Cross Site Scripting (XSS) in Owl <=0.95, CVE-2008-3100 (Jul 28 2008)
Fernando Gont
- IETF Internet-Draft on TCP Port randomization (Jul 16 2008)
Florian Weimer
- [SECURITY] [DSA 1544-2] New pdns-recursor packages fix predictable randomness (Jul 16 2008)
- [SECURITY] [DSA 1605-1] DNS vulnerability impact on the libc stub resolver (Jul 08 2008)
- [SECURITY] [DSA 1604-1] BIND 8 deprecation notice (Jul 08 2008)
- [SECURITY] [DSA 1603-1] New bind9 packages fix cache poisoning (Jul 08 2008)
- [SECURITY] [DSA 1602-1] New pcre3 packages fix arbitrary code execution (Jul 05 2008)
FreeBSD Security Advisories
- FreeBSD Security Advisory FreeBSD-SA-08:06.bind (Jul 13 2008)
fukami
- CFP 25C3 - The 25th Chaos Communication Congress 2008 (Jul 01 2008)
galia_at_wefi.com
- Re: Local vulnerability in WeFi Client v3.2.1.4.1(Update) (Jul 08 2008)
Ganbold
- Re: [Full-disclosure] CAU-EX-2008-0002: Kaminsky DNS Cache Poisoning Flaw Exploit (Jul 24 2008)
Ghost hacker
- [~] Greetz : Me93fg & Mr.SaFa7 (Jul 31 2008)
- HIOX Browser Statistics 2.0 Remote File Inclusion Vulnerability (Jul 30 2008)
- HIOX Random Ad 1.3 (hioxRandomAd.php hm) RFI Vulnerability (Jul 30 2008)
- HIOX Star Rating System 1.0 Remote File Inclusion Vulnerability (Jul 30 2008)
- shoutbox Remote Database Dawnload Exploit (Jul 30 2008)
- plugin Rss Remote File Inclusion Vulnerability (Jul 28 2008)
- PhpJobScheduler 3.1 Remote File Inclusion Vulnerability (Jul 28 2008)
- EZWebAlbum (dlfilename) Remote File Disclosure Vulnerability (Jul 20 2008)
- openPro 1.3.1 (LIBPATH) Remote RFI Vulnerability (Jul 16 2008)
- phpuserbase 1.3 (menu) Remote File Inclusion Vulnerability (Jul 10 2008)
- gapicms v9.0.2 (dirDepth) Remote File Inclusion Vulnerability (Jul 10 2008)
Good Securitypractice
- RE: Windows Vista Power Management & Local Security Policy (Jul 23 2008)
Greg
- RE: Windows Vista Power Management & Local Security Policy (Jul 27 2008)
GulfTech Security Research
- Pligg <= 9.9.0 Multiple Vulnerabilities (Jul 30 2008)
- Gregarius <= 0.5.4 SQL Injection (Jul 29 2008)
- ViArt <= 3.5 SQL Injection (Jul 28 2008)
- JamRoom <= 3.3.8 Authentication Bypass (Jul 28 2008)
Hernan Ochoa
- Release of Pass-The-Hash Toolkit v1.4 (Jul 02 2008)
I)ruid
- CAU-EX-2008-0002: Kaminsky DNS Cache Poisoning Flaw Exploit (Jul 23 2008)
iDefense Labs
- iDefense Security Advisory 07.30.08: SAP MaxDB dbmsrv Untrusted Execution Path Vulnerability (Jul 31 2008)
- iDefense Security Advisory 07.28.08: Hewlett-Packard OVIS Probe Builder Arbitrary Process Termination Vulnerability (Jul 28 2008)
- iDefense Security Advisory 07.15.08: Oracle Database Local Untrusted Library Path Vulnerability (Jul 15 2008)
- iDefense Security Advisory 07.15.08: Oracle Database DBMS_AQELM Package Buffer Overflow Vulnerability (Jul 15 2008)
- iDefense Security Advisory 07.15.08: Oracle Internet Directory Pre-Authentication LDAP DoS Vulnerability (Jul 15 2008)
- iDefense Security Advisory 07.09.08: Novell eDirectory LDAP Search Request Heap Corruption Vulnerability (Jul 10 2008)
- iDefense Security Advisory 07.08.08: Microsoft SQL Server Restore Integer Underflow Vulnerability (Jul 08 2008)
irancrash_at_gmail.com
- DEV WMS Multiple Vulnerabilities (Jul 30 2008)
- MJGuest 6.8 GT Cross Site Scripting Vulnerability (Jul 29 2008)
- Easydynamicpages 30tr Multipe Vulerabilities ( Xss / Sql Injection Exploit / File Disclosure Exploit ) (Jul 19 2008)
- Maran PHP Blog Xss By Khashayar Fereidani (Jul 19 2008)
- Easyecards 310a Multipe Vulerabilities ( Xss / Sql Injection Exploit / File Disclosure Exploit ) By Khashayar Fereidani (Jul 19 2008)
- EasyPublish 3.0tr Multiple Vulnerabilities ( Xss / Sql Injection Exploit / File Disclosure Exploit ) (Jul 19 2008)
- Easybookmarker 40tr Xss Vulnerability By Khashayar Fereidani (Jul 19 2008)
isec_at_boannews.com
- ISEC 2008(Information Security Conference) Guide (Jul 02 2008)
ISecAuditors Security Advisories
- [ISecAuditors Security Advisories] SmbClientParser Perl module allows remote command execution (Jul 18 2008)
James C. Slora Jr.
- RE: Windows Vista Power Management & Local Security Policy (Jul 22 2008)
Jamie Strandboge
- [USN-626-1] Firefox and xulrunner vulnerabilities (Jul 28 2008)
- [USN-629-1] Thunderbird vulnerabilities (Jul 24 2008)
- [USN-628-1] PHP vulnerabilities (Jul 23 2008)
- [USN-627-1] Dnsmasq vulnerability (Jul 22 2008)
- [USN-623-1] Firefox vulnerabilities (Jul 17 2008)
- [USN-619-1] Firefox vulnerabilities (Jul 02 2008)
- [USN-617-2] Samba regression (Jun 30 2008)
Jan Minář
- Re: [Full-disclosure] Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution (Jul 26 2008)
- Re: [Full-disclosure] Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution (Jul 24 2008)
- Vim: Flawed Fix of Arbitrary Code Execution Vulnerability in filetype.vim (Jul 23 2008)
- Vim: Improper Implementation of shellescape()/Arbitrary Code Execution (Jul 21 2008)
- Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution (Jul 17 2008)
- Arbitrary code execution in Netrw version 127, Vim 7.2b (Jul 16 2008)
- Re: Collection of Vulnerabilities in Fully Patched Vim 7.1 (Jul 01 2008)
Jeff Martin
- RE: New Paper: More than 600 million users surf at high risk (Jul 11 2008)
Jessica Hope
- XSS in admin logs - vBulletin 3.7.2 and lower, vBulletin 3.6.10 PL2 and lower (Jul 08 2008)
jgable_at_zonelabs.com
- Re: Microsoft DNS patch KB951748 incompatible with Zonealarm (Jul 11 2008)
Jim Harrison
- RE: Windows Vista Power Management & Local Security Policy (Jul 22 2008)
- RE: Windows Vista Power Management & Local Security Policy (Jul 20 2008)
- RE: Windows Vista Power Management & Local Security Policy (Jul 18 2008)
jmpascual
- Re: Oracle Database Local Untrusted Library Path Vulnerability (Jul 19 2008)
Joxean Koret
- Oracle Database Local Untrusted Library Path Vulnerability (Jul 19 2008)
jplopezy_at_gmail.com
- Outpost Security Suite Pro ver. 2009 Multiple vulnerabilities (Jul 22 2008)
Juha-Matti Laurio
- Re: Multiple vulnerabilities in TietoEnator's Procapita school administration system, at least version (Jul 06 2008)
Julien Thomas
- Vulnerability CVE-2008-3671 - MyReview's vulnerability in the access control system (Jul 19 2008)
Kees Cook
- [USN-630-1] ffmpeg vulnerability (Jul 28 2008)
- [USN-631-1] poppler vulnerability (Jul 28 2008)
- [USN-624-1] PCRE vulnerability (Jul 14 2008)
- [USN-622-1] Bind vulnerability (Jul 08 2008)
Larry Seltzer
- RE: New Paper: More than 600 million users surf at high risk (Jul 01 2008)
- RE: New Paper: More than 600 million users surf at high risk (Jul 01 2008)
lovebug_at_hotmail.it
- PHP-NUKE SQL Module's Name 4ndvddb (Jul 07 2008)
Luigi Auriemma
- NULL pointer in Unreal Tournament 2004 v3369 (Jul 29 2008)
- Memory corruption and NULL pointer in Unreal Tournament III 1.2 (Jul 29 2008)
- NULL pointer in ZDaemon 1.08.07 (Jul 21 2008)
- Endless loop in Soldner 33724 (Jun 30 2008)
Matthias Geerdsen
- [ GLSA 200807-08 ] BIND: Cache poisoning (Jul 11 2008)
- [ GLSA 200807-04 ] Poppler: User-assisted execution of arbitrary code (Jul 08 2008)
mcalautt_at_gmail.com
- Re: PR07-37: XSS on Apache HTTP Server 413 error pages via malformed HTTP method (Jul 10 2008)
Meitsec2008 Conference
- Call for Papers for the MEITSEC 2008 is now open. (Jul 08 2008)
Michal Zalewski
- [tool] ratproxy - passive web application security assessment tool (Jul 01 2008)
Moritz Muehlenhoff
- [SECURITY] [DSA 1624-1] New libxslt packages fix arbitrary code execution (Jul 31 2008)
- [SECURITY] [DSA 1623-1] New dnsmasq packages fix cache poisoning (Jul 31 2008)
- [SECURITY] [DSA 1621-1] New icedove packages fix several vulnerabilities (Jul 27 2008)
- [SECURITY] [DSA 1620-1] New python2.5 packages fix several vulnerabilities (Jul 27 2008)
- [SECURITY] [DSA 1618-1] New ruby1.9 packages fix several vulnerabilities (Jul 26 2008)
- [SECURITY] [DSA 1615-1] New xulrunner packages fix several vulnerabilities (Jul 23 2008)
- [SECURITY] [DSA 1614-1] New iceweasel packages fix several vulnerabilities (Jul 23 2008)
- [SECURITY] [DSA 1612-1] New ruby1.8 packages fix several vulnerabilities (Jul 21 2008)
- [SECURITY] [DSA 1607-1] New iceweasel packages fix several vulnerabilities (Jul 11 2008)
n3tr00t3r_at_yahoo.com
- communitycms-0.1 Remote File Includion (Jul 17 2008)
Nahuel C. Riva
- [Full-disclosure] [tool] SDT Cleaner 1.0 (Jul 23 2008)
nelsrob_at_mts.net
- Re: Re: Microsoft DNS patch KB951748 incompatible with Zonealarm (Jul 12 2008)
Netragard Security Advisories
- [NETRAGARD SECURITY ADVISORY][Apple Core Image Fun House <= 2.0 OS X -- Arbitrary Code Execution][NETRAGARD-20080711] (Jul 11 2008)
Nick FitzGerald
- RE: New Paper: More than 600 million users surf at high risk (Jul 01 2008)
Nikolai Weibull
- Re: Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution (Jul 18 2008)
nnposter_at_disclosed.not
- F5 FirePass 1200 SNMP daemon DoS (Jul 03 2008)
otto_at_ottodestruct.com
- Re: Wordpress Malicious File Execution Vulnerability (Jul 23 2008)
Pages-Web.com - Services internet
- Microsoft DNS patch KB951748 incompatible with Zonealarm (Jul 09 2008)
Paul Oxman (poxman)
- RE: Remote Cisco IOS FTP exploit (Jul 29 2008)
Paul Schmehl
- RE: New Paper: More than 600 million users surf at high risk (Jul 01 2008)
Pete Herzog
- Security Vacation Guide (Jul 17 2008)
Peter Wiesen
- E-Mail header Injection in HiFriend (Jul 21 2008)
Pierre-Yves Rofes
- [ GLSA 200807-14 ] Linux Audit: Buffer overflow (Jul 31 2008)
- [ GLSA 200807-15 ] Pan: User-assisted execution of arbitrary code (Jul 31 2008)
- [ GLSA 200807-13 ] VLC: Multiple vulnerabilities (Jul 31 2008)
- [ GLSA 200807-12 ] BitchX: Multiple vulnerabilities (Jul 21 2008)
- [ GLSA 200807-11 ] PeerCast: Buffer overflow (Jul 21 2008)
- [ GLSA 200807-10 ] Bacula: Information disclosure (Jul 21 2008)
- [ GLSA 200807-05 ] OpenOffice.org: User-assisted execution of arbitrary code (Jul 09 2008)
ProCheckUp Research
- PR08-16: CSRF (Cross-site Request Forgery) on Moodle edit profile page (Jul 22 2008)
- PR08-15: Several Webroot Disclosures on Moodle (Jul 22 2008)
- PR08-13: Persistent Cross-site Scripting (XSS) on Moodle via blog entry title (Jul 22 2008)
- Re: PR07-37: XSS on Apache HTTP Server 413 error pages via malformed HTTP method (Jul 14 2008)
Rainer Duffner
- Re: New Paper: More than 600 million users surf at high risk (Jul 02 2008)
RM-x_at_msn.com
- Yuhhu Pubs Black Cat Remote SQL Injection Exploit (Jul 14 2008)
Rob Thompson
- Re: New Paper: More than 600 million users surf at high risk (Jul 12 2008)
- Re: New Paper: More than 600 million users surf at high risk (Jul 01 2008)
Robert Buchholz
- Re: [Full-disclosure] Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution (Jul 25 2008)
- Re: [Full-disclosure] Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution (Jul 24 2008)
- [ GLSA 200807-06 ] Apache: Denial of Service (Jul 09 2008)
- [ GLSA 200807-07 ] NX: User-assisted execution of arbitrary code (Jul 09 2008)
- [ GLSA 200807-03 ] PCRE: Buffer overflow (Jul 07 2008)
Rotem-BugSec
- Simple DNS Plus 5.0/4.1 < remote Denial of Service exploit (Jul 13 2008)
rPath Update Announcements
- rPSA-2008-0235-1 fetchmail fetchmailconf (Jul 28 2008)
- rPSA-2008-0237-1 tshark wireshark (Jul 28 2008)
- rPSA-2008-0238-1 firefox (Jul 28 2008)
- rPSA-2008-0236-1 httpd mod_ssl (Jul 28 2008)
- rPSA-2008-0231-1 bind bind-utils (Jul 19 2008)
- rPSA-2008-0035-1 httpd mod_ssl (Jul 16 2008)
- rPSA-2008-0223-1 poppler (Jul 09 2008)
- rPSA-2008-0218-1 ruby (Jul 08 2008)
- rPSA-2008-0217-1 vsftpd (Jul 08 2008)
- rPSA-2008-0216-1 firefox (Jul 08 2008)
- rPSA-2008-0212-1 tshark wireshark (Jul 03 2008)
- rPSA-2008-0211-1 mercurial mercurial-hgk (Jul 03 2008)
Scanit Labs
- [SCANIT-2008-001] QNX phgrafx Privilege Escalation Vulnerability (Jun 30 2008)
- [SCANIT-2008-003] Wordtrans-web Remote Command Execution Vulnerability (Jun 30 2008)
- [SCANIT-2008-002] Wordtrans-web Remote Command Execution Vulnerability (Jun 30 2008)
Secunia Research
- Secunia Research: Blue Coat K9 Web Protection Response Handling Buffer Overflows (Jul 31 2008)
- Secunia Research: Blue Coat K9 Web Protection "Referer" Header Buffer Overflow (Jul 31 2008)
- Secunia Research: RealPlayer SWF Frame Handling Buffer Overflow (Jul 25 2008)
- Secunia Research: VLC Media Player WAV Processing Integer Overflow (Jul 02 2008)
security-alert_at_hp.com
- [security bulletin] HPSBUX02286 SSRT071466 rev.1 - HP-UX Running System Administration Manager (SAM), Unintended Remote Access (Jul 31 2008)
- [security bulletin] HPSBMA02353 SSRT080066 rev.1 - HP OpenView Internet Services Running Probe Builder, Remote Denial of Service (DoS) (Jul 28 2008)
- [security bulletin] HPSBMA02346 SSRT080097 rev.3 - HP OpenView Select Identity Active Directory Bidirectional LDAP Connector, Remote Unauthorized Access (Jul 22 2008)
- [security bulletin] HPSBUX02351 SSRT080058 rev.2 - HP-UX Running BIND, Remote DNS Cache Poisoning (Jul 19 2008)
- HPSBMA02346 SSRT080097 rev.2 - HP Select Identity Active Directory Bidirectional LDAP Connector, Remote Unauthorized Access (Jul 17 2008)
- [security bulletin] HPSBUX02351 SSRT080058 rev.1 - HP-UX Running BIND, Remote DNS Cache Poisoning (Jul 16 2008)
- [security bulletin] HPSBMA02133 SSRT061201 rev.9 - HP Oracle for OpenView (OfO) Critical Patch Update (Jul 16 2008)
- [security bulletin] HPSBMA02346 SSRT080097 rev.1 - HP Select Identity Active Directory Bidirectional LDAP Connector, Remote Unauthorized Access (Jul 16 2008)
- HPSBST02350 SSRT080102 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-037 to MS08-040 (Jul 15 2008)
- [security bulletin] HPSBMA02349 SSRT080043 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Unauthorized Access to Data (Jul 08 2008)
- [security bulletin] HPSBMA02348 SSRT080033 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code, Denial of Service (DoS) (Jul 08 2008)
- [security bulletin] HPSBMA02345 SSRT080039 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Cross Site Scripting (XSS) (Jul 01 2008)
security_at_mandriva.com
- [ MDVSA-2008:159 ] licq (Jul 30 2008)
- [ MDVSA-2008:158 ] silc-toolkit (Jul 30 2008)
- [ MDVSA-2008:157 ] - ffmpeg (Jul 29 2008)
- [ MDVSA-2008:156 ] - Updated libpng packages fix vulnerability (Jul 28 2008)
- [ MDVSA-2008:155-1 ] - Updated Thunderbird packages fix multiple vulnerabilities (Jul 27 2008)
- [ MDVSA-2008:155 ] - Updated Thunderbird packages fix multiple vulnerabilities (Jul 25 2008)
- [ MDVSA-2008:154 ] - Updated xemacs packages fix vulnerability (Jul 23 2008)
- [ MDVSA-2008:153 ] - Updated emacs packages fix vulnerability (Jul 23 2008)
- [ MDVSA-2008:152 ] - Updated wireshark packages fix denial of service vulnerability (Jul 22 2008)
- [ MDVSA-2008:151 ] - Updated libxslt packages fix buffer overflow vulnerability (Jul 21 2008)
- [ MDVSA-2008:150 ] - Updated mysql packages fix vulnerabilities (Jul 19 2008)
- [ MDVSA-2008:149 ] - Updated mysql packages fix vulnerabilities (Jul 19 2008)
- [ MDVSA-2008:148 ] - Updated Firefox packages fix vulnerabilities (Jul 17 2008)
- [ MDVSA-2008:147 ] - Updated pcre packages fix vulnerability (Jul 15 2008)
- [ MDVSA-2008:146 ] - Updated poppler packages fix arbitrary code execution vulnerability (Jul 15 2008)
- [ MDVSA-2008:145 ] - Updated bluez/bluez-utils packages fix SDP packet parsing vulnerability (Jul 14 2008)
- [ MDVSA-2008:144 ] - Updated openldap packages fix slapd DoS vulnerability (Jul 11 2008)
- [ MDVSA-2008:138-1 ] - Updated OpenOffice.org packages fix vulnerability (Jul 11 2008)
- [ MDVSA-2008:143 ] - Updated pidgin packages fix MSN protocol handler vulnerability (Jul 10 2008)
- [ MDVSA-2008:140 ] - Updated ruby packages fix vulnerabilities (Jul 09 2008)
- [ MDVSA-2008:141 ] - Updated ruby packages fix vulnerabilities (Jul 09 2008)
- [ MDVSA-2008:142 ] - Updated ruby packages fix vulnerabilities (Jul 09 2008)
- [ MDVSA-2008:139 ] - Updated BIND packages fix critical DNS vulnerability (Jul 09 2008)
- [ MDVSA-2008:138 ] - Updated OpenOffice.org packages fix vulnerability (Jul 08 2008)
- [ MDVSA-2008:137 ] - Updated OpenOffice.org fix vulnerability, and a few other bugs (Jul 08 2008)
- [ MDVSA-2008:136 ] - Updated Firefox packages fix vulnerabilities (Jul 08 2008)
- [ MDVSA-2008:135 ] - Updated gnome-screensaver packages fix authentication vulnerability (Jul 04 2008)
- [ MDVSA-2008:134 ] - Updated squid packages fix DoS vulnerability (Jul 04 2008)
- [ MDVSA-2008:133 ] - Updated sympa packages fix DoS vulnerability (Jul 04 2008)
- [ MDVSA-2008:132 ] - Updated gnome-screensaver packages fix authentication vulnerability (Jul 04 2008)
- [ MDVSA-2008:131 ] - Updated phpMyAdmin packages fix multiple vulnerabilities (Jul 04 2008)
- [ MDVSA-2008:129 ] - Updated PHP packages fix multiple vulnerabilities (Jul 03 2008)
- [ MDVSA-2008:130 ] - Updated PHP packages fix multiple vulnerabilities (Jul 03 2008)
- [ MDVSA-2008:128 ] - Updated PHP packages fix multiple vulnerabilities (Jul 03 2008)
- [ MDVSA-2008:127 ] - Updated PHP packages fix multiple vulnerabilities (Jul 03 2008)
- [ MDVSA-2008:126 ] - Updated PHP packages fix multiple vulnerabilities (Jul 03 2008)
- [ MDVSA-2008:125 ] - Updated PHP packages fix multiple vulnerabilities (Jul 03 2008)
security_at_nruns.com
- n.runs-SA-2008.004 - AVG Anti-Virus Divide by Zero - DoS (remote) (Jul 29 2008)
- n.runs-SA-2008.002 - F-Prot Out-of-Bound Memory Access DoS (remote) (Jul 16 2008)
security_at_soqor.net
- ezContents CMS Renote File inclusion (Jul 25 2008)
snagg_at_securenetwork.it
- Vuln name: Ruby rb_ary_fill() DOS (Jun 30 2008)
Stefan Frei
- New Paper: More than 600 million users surf at high risk (Jul 01 2008)
Steve Kemp
- [SECURITY] [DSA 1610-1] New gaim packages fix execution of arbitrary code (Jul 15 2008)
- [SECURITY] [DSA 1609-1] New lighttpd packages fix multiple DOS issues (Jul 15 2008)
- [SECURITY] [DSA 1606-1] poppler packages fix execution of arbitrary code (Jul 09 2008)
- [SECURITY] [DSA 1560-1] New sympa packages fix denial of service (Jul 01 2008)
Steve Shockley
- Re: Microsoft DNS patch KB951748 incompatible with Zonealarm (Jul 12 2008)
Steven M. Christey
- Re: how to request a cve id? (Jul 26 2008)
- Re: [Full-disclosure] Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution (Jul 25 2008)
super_at_innu.org
- Tool: PorkBind Nameserver Security Scanner (Jul 30 2008)
supportrup_at_gmail.com
- Multiple Cross-Site Scripting Vulnerabilities in Web Wiz Rich Text Editor version 4.02 (Jul 27 2008)
tan_prathan_at_hotmail.com
- Def_Blog 1.0.3 Multiple Remote SQL Injection Vulnerabilities (Jul 17 2008)
Tester_at_yahoo.com
- Re: SchoolCenter URL Handling Cross Site Scripting Vulnerability (Jul 19 2008)
Thijs Kinkhorst
- [SECURITY] [DSA 1622-1] New newsx packages fix arbitrary code execution (Jul 31 2008)
- [SECURITY] [DSA 1540-3] New lighttpd packages fix regression (Jul 23 2008)
- [SECURITY] [DSA 1611-1] New afuse packages fix privilege escalation (Jul 16 2008)
- [SECURITY] [DSA 1569-3] New cacti packages fix regression (Jul 15 2008)
- [SECURITY] [DSA 1601-1] New wordpress packages fix several vulnerabilities (Jul 04 2008)
Thor (Hammer of God)
- RE: Windows Vista Power Management & Local Security Policy (Jul 19 2008)
Tim Loshak
- Vulnerability: SocialEngine (SocialEngine.net) high risk security flaw (Jul 22 2008)
Tobias Heinlein
- [ GLSA 200807-09 ] Mercurial: Directory traversal (Jul 15 2008)
- [ GLSA 200807-02 ] Motion: Execution of arbitrary code (Jul 01 2008)
- [ GLSA 200807-01 ] Python: Multiple integer overflows (Jul 01 2008)
Tuc at T-B-O-H.NET
- Re: [bugtraq] Re: [Full-disclosure] CAU-EX-2008-0002: Kaminsky DNS Cache Poisoning (Jul 25 2008)
VMware Security team
- VMSA-2008-00011 Updated ESX service console packages for Samba and vmnix (Jul 28 2008)
wargame89_at_yahoo.it
- Re: Rhythmbox Vulnerability (Jun 30 2008)
Wendel Guglielmetti Henrique
- Citrix MetaFrame Privilege Escalation (Jul 30 2008)
XiaShing_at_Gmail.Com
- Local information disclosure in WeFi Client v3.3.3.0 (Jul 09 2008)
- Local vulnerability in WeFi Client v3.2.1.4.1(Update) (Jul 03 2008)
xpzhang
- how to request a cve id? (Jul 24 2008)
zdi-disclosures_at_3com.com
- ZDI-08-047: RealNetworks RealPlayer rmoc3260 ActiveX Control Memory Corruption Vulnerability (Jul 25 2008)
- http://www.zerodayinitiative.com/advisories/ZDI-08-046 (Jul 25 2008)
- ZDI-08-045: Apple Safari StyleSheet ownerNode Heap Corruption Vulnerability (Jul 25 2008)
- ZDI-08-042: Sun Java Web Start Sandbox Bypass Vulnerability (Jul 17 2008)
- ZDI-08-043: Sun Java Web Start vm args Stack Buffer Overflow (Jul 17 2008)
- ZDI-08-044: Mozilla Firefox CSSValue Array Memory Corruption Vulnerability (Jul 17 2008)
- ZDI-08-041: Novell eDirectory dhost Integer Overflow Code Execution Vulnerability (Jul 10 2008)
zhliu_at_fortinet.com
- FGA-2008-16: EMC Dantz Retrospect 7 backup Server Authentication Module Weak Password Hash Arithmetic Vulnerability (Jul 21 2008)
- FGA-2008-16: EMC Dantz Retrospect 7 backup Client 7.5.116 NULL-Pointer reference Denial of Service Vulnerability (Jul 21 2008)
- FGA-2008-16: EMC Dantz Retrospect 7 backup Client 7.5.116 Remote Memory corruption Vulnerability (Jul 21 2008)
- EMC Dantz Retrospect 7 backup Client PlainText Password Hash Disclosure Vulnerability (Jul 21 2008)