Home page logo
/

573 messages starting Mar 01 07 and ending Apr 01 07
Date index | Thread index | Author index

Thursday, 01 March

Re: Stealing Browser History Without Using JavaScript Matthew Flaschen
[USN-416-2] nvidia-glx-config regression Martin Pitt
MPlayer DMO buffer overflow Moritz Jodeit
tcpdump: off-by-one heap overflow in 802.11 printer Moritz Jodeit
Serendipity unauthenticated SQL-Injection SaMuschie
Re: Stealing Browser History Without Using JavaScript Peter Besenbruch
Re: Angel LMS 7.1 - Remote SQL Injection don bailey
Comodo Bypassing settings protection using magic pipe Vulnerability Matousec - Transparent security Research

Friday, 02 March

Re: Angel LMS 7.1 - Remote SQL Injection don bailey
[ GLSA 200703-03 ] ClamAV: Denial of Service Raphael Marichez
[ GLSA 200703-01 ] Snort: Remote execution of arbitrary code Raphael Marichez
[ GLSA 200703-02 ] SpamAssassin: Long URI Denial of Service Raphael Marichez
Re: Angel LMS 7.1 - Remote SQL Injection str0ke
[USN-428-2] Firefox regression Kees Cook
Re: March 2nd Chicago 2600/DefCon 312 Meeting Information Dude VanWinkle
G.R.I.D.S. virus being spread by the Younger Woolwich Boyz Jaime Demetur
Knorr.de SQL Injection and XSS Vulnerabilities sbauer
Re: March 2nd Chicago 2600/DefCon 312 Meeting Information James Matthews
Re: Knorr.de SQL Injection and XSS Vulnerabilities Knud Erik Højgaard
Re: Knorr.de SQL Injection and XSS Vulnerabilities Sebastian Bauer
Re: Knorr.de SQL Injection and XSS Vulnerabilities Joe Hancock
Re: Knorr.de SQL Injection and XSS Vulnerabilities Michal Zalewski
MailEnable v2.37 APPEND exploit mu-b
ZDI-07-008: Apache Tomcat JK Web Server Connector Long URL Stack Overflow Vulnerability zdi-disclosures
Woltlab Burning Board (wbb) 2.3.6 CSRF/XSS - 0day SaMuschie
iDefense Security Advisory 03.02.07: Kaspersky AntiVirus UPX File Decompression DoS Vulnerability iDefense Labs
Re: MailEnable v2.37 APPEND exploit T Biehn
Re: March 2nd Chicago 2600/DefCon 312 Meeting Information Walt Williams
Limited format string in Netrek 2.12.0 Luigi Auriemma
[ MDKSA-2007:050-1 ] - Updated Firefox packages fix multiple vulnerabilities security
[ GLSA 200703-04 ] Mozilla Firefox: Multiple vulnerabilities Raphael Marichez

Saturday, 03 March

[ GLSA 200703-05 ] Mozilla Suite: Multiple vulnerabilities Raphael Marichez
rPSA-2007-0048-1 tcpdump rPath Update Announcements
March NorthernVirginia 2600/DefCon 571 Meeting Information Shyaam
Re: March 2nd Chicago 2600/DefCon 312 Meeting Information M . B . Jr .
Re: Woltlab Burning Board (wbb) 2.3.6 CSRF/XSS - 0day MC Iglo
Re: MailEnable v2.37 APPEND exploit poo
rPSA-2007-0040-3 firefox thunderbird rPath Update Announcements
Tyger Bug Tracking System Multiple Vulnerability corrado.liotta
PostScript security research Paul Sebastian Ziegler
ERRATA: [ GLSA 200703-01 ] Snort: Remote execution of arbitrary code Raphael Marichez
Re: PostScript security research Ulf Harnhammar

Sunday, 04 March

[ GLSA 200703-06 ] AMD64 x86 emulation Qt library: Integer overflow Raphael Marichez
Re: md5 is breaked with my new lib qbyte v2 Slythers Bro
md5 is breaked with my new lib qbyte v2 Slythers Bro
Re: Knorr.de SQL Injection and XSS Vulnerabilities Lolek of TK53
month of PHP bugs, secondary message? Gadi Evron
asterisk remote pre-auth denial of service Anonymous Person
Re: month of PHP bugs, secondary message? Marcus Meissner
Re: md5 is breaked with my new lib qbyte v2 Jason Miller
[SECURITY] [DSA 1262-1] New gnomemeeting packages fix arbitrary code execution Moritz Muehlenhoff
MOPB-08-2007 - dejavu of dejavu 3APA3A
Re: PostScript security research Valdis . Kletnieks
Re: MOPB-08-2007 - dejavu of dejavu Stefan Esser
Arbitrary file disclosure vulnerability in rrdbrowse <= 1.6 Sebastian Wolfgarten
Re: month of PHP bugs, secondary message? Tyop?
Extending JavaScript Portscanning to Include Banner Grabbing mark
Konqueror DoS Via JavaScript Read Of FTP Iframe mark

Monday, 05 March

HITBSecConf2007 - Malaysia: Call for Papers now Open Praburaajan
Hakin9 Magazine - Request for Article Shyaam
ePortfolio version 1.0 Java Multiple Input Validation Vulnerabilities Stefan Friedli
Re: Knorr.de SQL Injection and XSS Vulnerabilities poo
iDefense Security Advisory 03.05.07: Apple QuickTime Color Table ID Heap Corruption Vulnerability iDefense Labs

Tuesday, 06 March

Re: Extending JavaScript Portscanning to Include Banner Grabbing Robert Wesley McGrew
Apple QuickTime Player Remote Heap Overflow Piotr Bania
Apple QuickTime udta ATOM Integer Overflow Sowhat
Mercury/32 4.01b mu-b
Call for Participation Chaos Communication Camp 2007 fukami
silc-server 1.0.2 denial-of-service vulnerability Alexander Heidenreich
rPSA-2007-0050-1 kernel rPath Update Announcements
[ GLSA 200703-07 ] STLport: Possible remote execution of arbitrary code Matthias Geerdsen
[USN-429-1] tcpdump vulnerability Kees Cook
[USN-430-1] mod_python vulnerability Kees Cook
[SECURITY] [DSA 1263-1] New clamav packages fix denial of service Moritz Muehlenhoff
BackTrack v.2.0 Is out Mati Aharoni

Wednesday, 07 March

Re: BackTrack v.2.0 Is out Jason Miller
[ MDKSA-2007:052 ] - Updated Thunderbird packages fix multiple vulnerabilities security
[USN-431-1] Thunderbird vulnerabilities Kees Cook
[ MDKSA-2007:053 ] - Updated util-linux packages address umount crash issue security
iDefense Security Advisory 03.07.07: Ipswitch IMail Server 2006 Multiple ActiveX Control Buffer Overflow Vulnerabilities iDefense Labs
ZDI-07-010: Apple Quicktime UDTA Parsing Heap Overflow Vulnerability zdi-disclosures
ZDI-07-009: Novell Netmail WebAdmin Buffer Overflow Vulnerability zdi-disclosures
[SECURITY] [DSA 1264-1] New php4 packages fix several vulnerabilities Moritz Muehlenhoff
Buffer-overflow in Conquest client 8.2a (svn 691) Luigi Auriemma

Thursday, 08 March

Black Hat USA CFP Now Open! Jeff Moss
[USN-432-1] GnuPG vulnerability Kees Cook
[USN-424-2] PHP regression Kees Cook
Ann: Backtrack 2.0 released Thierry Zoller
rPSA-2007-0051-1 mod_python rPath Update Announcements
rPSA-2007-0052-1 kdelibs rPath Update Announcements
[ MDKSA-2007:057 ] - Updated xine-lib packages to address buffer overflow vulnerability security
[MU-200703-01] Remote DOS in Asterisk SIP noreply
FLSA - foresight linux security announcements Jonathan Smith
[ MDKSA-2007:056 ] - Updated tcpdump packages address off-by-one overflow security
[ MDKSA-2007:055 ] - Updated mplayer packages to address buffer overflow vulnerability security
[ MDKSA-2007:054 ] - Updated kdelibs packages to address DoS issue in KDE Javascript security
YouTube email exploit being used by Casey Nunez AKA TheDramaTube AKA The Hurricane Jaime Demetur
Re: YouTube email exploit being used by Casey Nunez AKA TheDramaTube AKA The Hurricane Knud Erik Højgaard
Microsoft Windows Vista/2003/XP/2000 file management security issues 3APA3A
PHP import_request_variables() arbitrary variable overwrite Stefano Di Paola
PHP import_request_variables() vs extract() ascii

Friday, 09 March

List Charter John Cartwright
Good resources on Web 2.0 Justin Boem
Re: Good resources on Web 2.0 Michael Silk
[USN-433-1] Xine vulnerability Kees Cook
[CAID 35145]: CA eTrust Admin Privilege Escalation Vulnerability Williams, James K
[USN-434-1] Ekiga vulnerability Kees Cook
[ MDKSA-2007:058 ] - Updated ekiga packages fix string vulnerabilities. security
[ MDKSA-2007:059 ] - Updated gnupg packages provide enhanced forgery detection security
Re: Good resources on Web 2.0 crazy frog crazy frog
Buffer Overflow in Linux Drivers for Omnikey CardMan 4040 (CVE-2007-0005) Daniel Roethlisberger
Re: Microsoft Windows Vista/2003/XP/2000 file management security issues 3APA3A
Re: Microsoft Windows Vista/2003/XP/2000 file management security issues 3APA3A
Php Nuke POST XSS on steroids ascii
Re: Microsoft Windows Vista/2003/XP/2000 file management security issues KJKHyperion
SyScan'07 - Call for Paper - NEW UPDATES organiser () syscan org
Re: Microsoft Windows Vista/2003/XP/2000 file management security issues Roger A. Grimes
Re: [WEB SECURITY] Re: Good resources on Web 2.0 Dinis Cruz
Re: Microsoft Windows Vista/2003/XP/2000 file management security issues M. Burnett
Re: Microsoft Windows Vista/2003/XP/2000 file management security issues Roger A. Grimes
Re: Microsoft Windows Vista/2003/XP/2000 file management security issues Tim
hello! (just that) Santiago Marenssi
Re: Microsoft Windows Vista/2003/XP/2000 file management security issues 3APA3A
Re: Microsoft Windows Vista/2003/XP/2000 file management security issues Michele Cicciotti
Re: Microsoft Windows Vista/2003/XP/2000 file management security issues Tim
Re: Microsoft Windows Vista/2003/XP/2000 file management security issues Tim
SEC Consult SA-20070309-0 :: MySQL 5 Single Row Subselect Denial of Service research
Re: Microsoft Windows Vista/2003/XP/2000 file management security issues Roger A. Grimes
Re: Microsoft Windows Vista/2003/XP/2000 file management security issues M. Burnett
Re: Microsoft Windows Vista/2003/XP/2000 file management security issues Roger A. Grimes
Re: Microsoft Windows Vista/2003/XP/2000 file management security issues Roger A. Grimes
Re: Microsoft Windows Vista/2003/XP/2000 file management security issues Laundrup, Jens
firefox 2.0.0.2 crash Tõnu Samuel
Re: [WEB SECURITY] Re: Good resources on Web 2.0 Kasey Cross
Re: firefox 2.0.0.2 crash fire-eyes
Re: Microsoft Windows Vista/2003/XP/2000 file management security issues 3APA3A
Re: Microsoft Windows Vista/2003/XP/2000 file management security issues 3APA3A
Re: firefox 2.0.0.2 crash Valdis . Kletnieks
Re: Microsoft Windows Vista/2003/XP/2000 file management security issues steven
[ MDKSA-2007:060 ] - Updated kernel packages fix multiple vulnerabilities and bugs security
Re: firefox 2.0.0.2 crash M. Shirk
Re: firefox 2.0.0.2 crash moniker monikerd
Re: firefox 2.0.0.2 crash Valdis . Kletnieks
[ GLSA 200703-08 ] SeaMonkey: Multiple vulnerabilities Raphael Marichez
[ GLSA 200703-09 ] Smb4K: Multiple vulnerabilities Raphael Marichez

Saturday, 10 March

[Argeniss] Practical 10 minutes security audit: Oracle Case (Paper) Cesar
Re: Microsoft Windows Vista/2003/XP/2000 file management security issues Brent Stackhouse
Re: firefox 2.0.0.2 crash Mihai Dontu
Pre-open files attack agains locked file 3APA3A
Re: PHP import_request_variables() arbitrary variable overwrite Stefan Esser
Re: PHP import_request_variables() arbitrary variable overwrite ascii
Re: PHP import_request_variables() arbitrary variable overwrite Stefano Di Paola
[ GLSA 200703-10 ] KHTML: Cross-site scripting (XSS) vulnerability Raphael Marichez
Re: PHP import_request_variables() arbitrary variable overwrite Stefan Esser
[SECURITY] [DSA 1265-1] New Mozilla packages fix several vulnerabilities Martin Schulze
Re: Microsoft Windows Vista/2003/XP/2000 file management security issues Roger A. Grimes
Is OWASP vulnerable ?? Scarlet Pimpernel
Re: Is OWASP vulnerable ?? jf
Re: Is OWASP vulnerable ?? Paul Schmehl
Re: Microsoft Windows Vista/2003/XP/2000 file management security issues 3APA3A
Re: Is OWASP vulnerable ?? Andrew Farmer
Re: Is OWASP vulnerable ?? Valdis . Kletnieks
Re: Is OWASP vulnerable ?? Paul Schmehl

Sunday, 11 March

Re: Microsoft Windows Vista/2003/XP/2000 file management security issues KJKHyperion
Re: Is OWASP vulnerable ?? Scarlet Pimpernel
Re: Is OWASP vulnerable ?? jf
Exploit selling service up and running kingcope
Re: Exploit selling service up and running James Matthews
Re: Is OWASP vulnerable ?? Valdis . Kletnieks
Re: Is OWASP vulnerable ?? Paul Schmehl
Re: Is OWASP vulnerable ?? jf
Firefox: about:blank is phisher's best friend Michal Zalewski
Re: [WEB SECURITY] Re: Good resources on Web 2.0 bugtraq
Re: [WEB SECURITY] Re: Good resources on Web 2.0 czino2
Re: Is OWASP vulnerable ?? czino2
Re: Exploit selling service up and running czino2
Re: Is OWASP vulnerable ?? czino2
Re: Microsoft Windows Vista/2003/XP/2000 file management security issues czino2
etom 7.0 paper. Ozan Ozkara
Re: is scarlet pimpernel a dork? [was] Is OWASP vulnerable ?? Knud Erik Højgaard
Re: firefox 2.0.0.2 crash endrazine
Re: Is OWASP vulnerable ?? Michael Silk
Re: Php Nuke POST XSS on steroids ascii
Re: Php Nuke POST XSS on steroids Paul Laudanski

Monday, 12 March

XSS and SQL Injection in Election Commision of India website (now fixed) Ajay Pal Singh Atwal
Re: firefox 2.0.0.2 crash Rik Bobbaers
Re: firefox 2.0.0.2 crash Sam Hocevar
A small phishing operation phpninja
R: A small phishing operation bunker
TinyMCE_exp Remote File Include Vulnerability 0o_zeus_o0 elitemexico.org
a heeeee he announcement heeeee he
a heeeee he announcement heeeee he
a heeee he announcement heeeee he
Iframe-Cash/Iframe-Dollars Adware bundle...oooh... my ....god.. Thierry Zoller
RIM BlackBerry Pearl 8100 Browser DoS mike kemp
Re: firefox 2.0.0.2 crash Kristian Hermansen \(khermans\)
Call for Papers: DeepSec IDSC 2007 Europe/Vienna: 20-23 Nov 2007 Paul Böhm
Re: firefox 2.0.0.2 crash Jason Areff
XSS on eplus.de, german mobile telephony provider Hanno Böck
Re: Is OWASP vulnerable ?? Steven M. Christey
Re: PHP import_request_variables() arbitrary variable overwrite Steven M. Christey
[USN-435-1] Xine vulnerability Kees Cook

Tuesday, 13 March

new AttackAPI pdp (architect)
[USN-436-1] KTorrent vulnerabilities Kees Cook
XSS on eplus.de, german mobile telephony provider security
XSS at Aon.at, Austrian ISP Florian Stinglmayr
Re: firefox 2.0.0.2 crash Troy Cregger
[USN-432-2] GnuPG2, GPGME vulnerability Kees Cook
heeee he heeeee he
heeeee he heeeee he
Re: firefox 2.0.0.2 crash Kristian Hermansen \(khermans\)
Re: heeeee he Thierry Zoller
Unrarlib 0.4.0 (urarlib_get) Local buffer overflow starcadi
[ MDKSA-2007:062 ] - Updated xine-lib packages to address buffer overflow vulnerability security
vbulletin admincp sql injection disfigure
[ MDKSA-2007:061 ] - Updated mplayer packages to address buffer overflow vulnerability security
Re: Iframe-Cash/Iframe-Dollars Adware bundle...oooh... my ....god.. Net Tech
Re: Iframe-Cash/Iframe-Dollars Adware bundle...oooh... my ....god.. Thierry Zoller
CarolinaCon presentation drafts Vic Vandal
New report on Windows Vista network attack surface Jim Hoagland
[ GLSA 200703-11 ] Amarok: User-assisted remote execution of arbitrary code Raphael Marichez

Wednesday, 14 March

Re: Php Nuke POST XSS on steroids Paul Laudanski
Re: Php Nuke POST XSS on steroids Paul Laudanski
[SECURITY] [DSA 1266-1] New gnupg packages fix signature forgery Moritz Muehlenhoff
[Advisory]McAfee ePolicy Orchestrator Multiple Remote Buffer Overflow Vulnerabilities hfli
n.runs-SA-2007.006 - PHProjekt 5.2.0 - Privilege escalation security
n.runs-SA-2007.004 - PHProjekt 5.2.0 - Cross Site Scripting and Filter Evasion security
n.runs-SA-2007.003 - PHProjekt 5.2.0 - SQL Injection security
n.runs-SA-2007.005 - PHProjekt 5.2.0 - Cross Site Request Forgery security
[ GLSA 200703-12 ] SILC Server: Denial of Service Matthias Geerdsen
SEC Consult SA-20070314-0 :: Apache HTTP Server / Tomcat directory traversal David Matscheko
Python 2.5 (Modules/zlib) minigzip local buffer overflow vulnerability starcadi starcadi
XSS on RIS of the Austrian Government Florian Stinglmayr
iDefense Security Advisory 03.14.07: Trend Micro Antivirus UPX Parsing Kernel Divide by Zero Vulnerability iDefense Labs
bindtty.c can not use in RHEL4 box modversion
GMail Contact Information Disclosure PoC beNi
Phishing using IE7 local resource vulnerability avivra
heee he heeeee he
Re: Phishing using IE7 local resource vulnerability pdp (architect)
[ GLSA 200703-13 ] SSH Communications Security's Secure Shell Server: SFTP privilege escalation Raphael Marichez

Thursday, 15 March

Horde IMP Webmail Client version H3 (4.1.4) fixes multiple XSS issues Moritz Naumann
Horde 3.1.4 (RC1) fixes XSS issue Moritz Naumann
Re: Python 2.5 (Modules/zlib) minigzip local buffer overflow vulnerability James Matthews
Woltab Burning Board SQL Injection usergroups.php x666
Re: Python 2.5 (Modules/zlib) minigzip local buffer overflow vulnerability Ismail Dönmez
Norton Insufficient validation of 'SymTDI' driver input buffer Matousec - Transparent security Research
Re: Python 2.5 (Modules/zlib) minigzip local buffer overflow vulnerability Marcus Meissner
Re: Python 2.5 (Modules/zlib) minigzip local buffer overflow vulnerability Ismail Dönmez
Re: Python 2.5 (Modules/zlib) minigzip local buffer overflow vulnerability Ismail Dönmez
Re: Python 2.5 (Modules/zlib) minigzip local buffer overflow vulnerability Valdis . Kletnieks
iDefense Security Advisory 03.15.07: Horde Project Cleanup Script Arbitrary File Deletion Vulnerability iDefense Labs
tinyurl.com - Local Clipboard jay.tomas
Re: tinyurl.com - Local Clipboard Shaun
Re: tinyurl.com - Local Clipboard jay.tomas
QFTP (LIBFtp 3.1-1) (command line) sprintf() local buffer overflow starcadi starcadi
Re: tinyurl.com - Local Clipboard Debasis Mohanty
Re: tinyurl.com - Local Clipboard Rod Trent
LIBFtp 5.0 (sprintf(), strcpy()) Multiple local buffer overflow starcadi starcadi
Re: Phishing using IE7 local resource vulnerability avivra
Re: QFTP (LIBFtp 3.1-1) (command line) sprintf() local buffer overflow Knud Erik Højgaard
Re: Phishing using IE7 local resource vulnerability avivra
Re: Woltab Burning Board SQL Injection usergroups.php Bastian Ahrens
Re: Python 2.5 (Modules/zlib) minigzip local buffer overflow vulnerability Ulf Harnhammar
[SECURITY] [DSA 1267-1] New webcalendar packages fix remote file inclusion Moritz Muehlenhoff

Friday, 16 March

Re: Python 2.5 (Modules/zlib) minigzip local buffer overflow vulnerability Ismail Dönmez
[CAID 34817, 35058, 35158, 35159]: CA BrightStor ARCserve Backup Tape Engine and Portmapper Vulnerabilities Williams, James K
Re: tinyurl.com - Local Clipboard Debasis Mohanty
Re: Python 2.5 (Modules/zlib) minigzip local buffer overflow vulnerability Alejandro Barrera
Re: QFTP (LIBFtp 3.1-1) (command line) sprintf() local buffer overflow Valdis . Kletnieks
Re: Phishing using IE7 local resource vulnerability Matthew Murphy
heeeee he heeeee he
Tel Aviv University Security Forum - 18th of March Gadi Evron
April, 2007 is the "Month of Myspace Bugs" Mondo Armando
Re: Tel Aviv University Security Forum - 18th of March Hakuna Matata
Re: QFTP (LIBFtp 3.1-1) (command line) sprintf() local buffer overflow starcadi starcadi
Re: Tel Aviv University Security Forum - 18th of March James Matthews
TOOL: LLTD implementation in Perl GomoR
Re: Python 2.5 (Modules/zlib) minigzip local buffer overflow vulnerability Brian Eaton
OWASP Spring of Code 2007 Dinis Cruz

Saturday, 17 March

Re: Tel Aviv University Security Forum - 18th of March Gadi Evron
Call For Papers - IT Underground Dublin Marcin Tkaczyk
iDefense Security Advisory 03.16.07: Multiple Vendor libwpd Multiple Buffer Overflow Vulnerabilities iDefense Labs
Double Trap XSS Injection : An Analysis Aditya K Sood
[ MDKSA-2007:063 ] - Updated libwpd packages to address heap overflow vulnerabilities security
[ MDKSA-2007:064 ] - Updated openoffice.org packages to address libwpd heap overflow vulnerabilities security
[NETRAGARD-20070316 SECURITY ADVISORY][FrontBase Database <= 4.2.7 ALL PLATFORMS][REMOTE BUFFER OVERFLOW CONDITION][LEVEL: EASY][RISK:MEDIUM] Netragard Security Advisories
[ GLSA 200703-14 ] Asterisk: SIP Denial of Service Raphael Marichez
Re: tinyurl.com - Local Clipboard gabriel rosenkoetter
[ GLSA 200703-15 ] PostgreSQL: Multiple vulnerabilities Raphael Marichez
[ GLSA 200703-16 ] Apache JK Tomcat Connector: Remote execution of arbitrary code Raphael Marichez
rPSA-2007-0056-1 gnupg rPath Update Announcements
rPSA-2007-0057-1 libwpd rPath Update Announcements
ANNOUNCE: Apache-SSL release, version 1.3.37+ssl_1.57 Adam Laurie
Rhapsody IRC 0.28b (NICK) Multiple fs and bof vulnerability starcadi
[SECURITY] [DSA 1268-1] New libwpd packages fix arbitrary code execution Martin Schulze
Xbox live accounts are being stolen Kevin Finisterre (lists)

Sunday, 18 March

Re: Xbox live accounts are being stolen Jason Miller
fabios ultra vulnerability extravaganza fabiodancedjsupreme
Re: Xbox live accounts are being stolen Peter Dawson
Re: Xbox live accounts are being stolen Andrew Redman
Re: Xbox live accounts are being stolen Kevin Finisterre (lists)
Re: Xbox live accounts are being stolen Kevin Finisterre (lists)
Re: Xbox live accounts are being stolen Kevin Finisterre (lists)
Re: Xbox live accounts are being stolen php0t
Web Security and Bookmarklet Exploits pdp (architect)
[SECURITY] [DSA 1269-1] New lookup-el packages fix insecure temporary file Martin Schulze
nac-gaf spam attacks Steve Cooperman
[ GLSA 200703-17 ] ulogd: Remote execution of arbitrary code Raphael Marichez
[ GLSA 200703-18 ] Mozilla Thunderbird: Multiple vulnerabilities Raphael Marichez
[ GLSA 200703-19 ] LTSP: Authentication bypass in included LibVNCServer code Raphael Marichez
[ GLSA 200703-20 ] LSAT: Insecure temporary file creation Raphael Marichez

Monday, 19 March

Re: [WEB SECURITY] GMail Contact Information Disclosure PoC chris
Layered Defense Research Advisory: F-Secure Anti-Virus Client Security 6.02 Format String Vulnerability Deral Heiland
unsubscribe Tucker Jeff
Re: [WEB SECURITY] GMail Contact Information Disclosure PoC Dror Shalev
Asterisk SDP DOS vulnerability Radu State
w-agora version 4.2.1 Multiple Path Disclosure Vulnerabilities Jesper Jurcenoks
w-agora version 4.2.1 Information Disclosure Vulnerability Jesper Jurcenoks
A new apache 1.x 0day x666
dkftpbench 0.45 (Platoon:init) Local buffer overflow vulnerability starcadi
Re: A new apache 1.x 0day Thierry Zoller
Re: A new apache 1.x 0day don bailey
cftp 0.12 (readrc) Local buffer overflow vulnerability starcadi
Re: A new apache 1.x 0day Knud Erik Højgaard
[USN-437-1] libwpd vulnerability Kees Cook
ZynOS v3.40 One packet killer Joxean Koret

Tuesday, 20 March

Re: Xbox live accounts are being stolen (update) Kevin Finisterre (lists)
heeee he heeeee he
Microsoft coverup ? Stolen Xbox live accounts list of known victims - Please Help Kevin Finisterre (lists)
Re: Sexy, spankable 22 year old girl looking for a wild time rgolodner
Re: Sexy, spankable 22 year old girl looking for a wild time Ken Swain
Re: Sexy, spankable 22 year old girl looking for a wild time cocoruder .
CISCO Phone 7940 DOS vulnerability Radu State
Phishing site fabio
Re: Sexy, spankable 22 year old girl looking for a wild time C. Hamby
Re: cftp 0.12 (readrc) Local buffer overflow vulnerability 3APA3A
Re: dkftpbench 0.45 (Platoon:init) Local buffer overflow vulnerability 3APA3A
Re: Sexy, spankable 22 year old girl looking for a wild time Raj Mathur
Re: CISCO Phone 7940 DOS vulnerability Matthew Cerha
Advisory - Redirection Vulnerability in wp-login.php. Metaeye SG
Re: dkftpbench 0.45 (Platoon:init) Local buffer overflow vulnerability starcadi
Mercur SP4 IMAPD mu-b
Re: Sexy, spankable 22 year old girl looking for a wild time Stack Smasher
Microsoft Internet Explorer Multiple Vulnerabilities(mshtml.dll) saied hackeriran
Re: Sexy, spankable 22 year old girl looking for a wild time Troy Cregger
[SECURITY] [DSA 1270-1] New OpenOffice.org packages fix several vulnerabilities Martin Schulze
Re: [SECURITY] [DSA 1270-1] New OpenOffice.org packages fix several vulnerabilities Peter Besenbruch
[ GLSA 200703-21 ] PHP: Multiple vulnerabilities Raphael Marichez
Re: CISCO Phone 7940 DOS vulnerability Shawn Merdinger
[ GLSA 200703-22 ] Mozilla Network Security Service: Remote execution of arbitrary code Raphael Marichez
[ GLSA 200703-23 ] WordPress: Multiple vulnerabilities Raphael Marichez

Wednesday, 21 March

[ MDKSA-2007:065 ] - Updated nas packages address multiple vulnerabilities security
[ MDKSA-2007:066 ] - Updated OpenAFS packages address vulnerability security
Helix Server heap overflow research
kill -9 coz it's my time to shine Gadi Evron
[USN-438-1] Inkscape vulnerability Kees Cook
Newest hacks wangkaig
Re: Newest hacks Jim Popovitch
Re: Newest hacks Saeed Abu Nimeh
Re: Newest hacks Sebastian Krahmer
Chinese Professor Cracks Fifth Data Security Algorithm (SHA-1) Michael Silk
Grandstream Budge Tone-200 denial of service vulnerability Radu State
Re: Chinese Professor Cracks Fifth Data Security Algorithm (SHA-1) 3APA3A
Re: Sexy, spankable 22 year old girl looking for a wild time Michael Silk
Re: Chinese Professor Cracks Fifth Data Security Algorithm (SHA-1) Tim
Re: Newest hacks Nick Eoannidis
Re: kill -9 coz it's my time to shine Tremaine Lea
Re: Chinese Professor Cracks Fifth Data Security Algorithm (SHA-1) Blue Boar
Re: Sexy, spankable 22 year old girl looking for a wild time crazy frog crazy frog
Re: Sexy, spankable 22 year old girl looking for a wild time Valdis . Kletnieks
Re: Chinese Professor Cracks Fifth Data Security Algorithm (SHA-1) 3APA3A
Re: Chinese Professor Cracks Fifth Data Security Algorithm (SHA-1) Blue Boar
Re: Newest hacks Jason Miller
Re: Sexy, spankable 22 year old girl looking for a wild time Nick FitzGerald
Re: Chinese Professor Cracks Fifth Data Security Algorithm (SHA-1) 3APA3A
Re: Newest hacks Jason Miller
Re: Chinese Professor Cracks Fifth Data Security Algorithm (SHA-1) 3APA3A
Re: Chinese Professor Cracks Fifth Data Security Algorithm (SHA-1) Blue Boar
Re: Chinese Professor Cracks Fifth Data Security Algorithm (SHA-1) 3APA3A

Thursday, 22 March

I did not have sexual relations with that woman (xbox live pretexting) Kevin Finisterre (lists)
[USN-440-1] MySQL vulnerability Kees Cook
[USN-439-1] file vulnerability Kees Cook
[SECURITY] [DSA 1271-1] New openafs packages fix remote privilege escalation bug Noah Meyerhans
Secunia Research: InterActual Player / CinePlayer IASystemInfo.dll ActiveX Control Buffer Overflow Secunia Research
Secunia Research: Evolution Shared Memo Categories Format String Vulnerability Secunia Research
Secunia Research: XMMS Integer Overflow and Underflow Vulnerabilities Secunia Research
Re: Chinese Professor Cracks Fifth Data Security Algorithm (SHA-1) Valdis . Kletnieks
Re: Newest hacks scott
Re: Sexy, spankable 22 year old girl looking for a wild time evilrabbi
Re: Sexy, spankable 22 year old girl looking for a wild time scott
Re: kill -9 coz it's my time to shine scott
FLEA-2007-0001-1: firefox Foresight Linux Essential Announcement Service
Re: Sexy, spankable 22 year old girl looking for a wild time Michael Silk
Re: kill -9 coz it's my time to shine scott
ZombieMap - GEO Zombie Mapper pdp (architect)
rPSA-2007-0059-1 file rPath Update Announcements
Exploiting Microsoft dynamic Dns updates Andres Tarasco
IntraProgrammed Search Engines Are XSS Driven Aditya K Sood
Re: Sexy, spankable 22 year old girl looking for a wild time str0ke
Re: Chinese Professor Cracks Fifth Data SecurityAlgorithm (SHA-1) Dave \"No, not that one\" Korn
[ MDKSA-2007:067 ] - Updated file packages fix heap-based buffer overflow vulnerability security
[ MDKSA-2007:068 ] - Updated squid packages fix DoS vulnerability security
[SECURITY] [DSA 1272-1] New tcpdump packages fix denial of service Moritz Muehlenhoff

Friday, 23 March

[ MDKSA-2007:069 ] - Updated inkscape packages to format string vulnerability security
Re: Sexy, spankable 22 year old girl looking for a wild time evilrabbi
Microsoft Windows Vista - Windows Mail Client Side Code Execution Vulnerability Kingcope
Re: Microsoft Windows Vista - Windows Mail Client Side Code Execution Vulnerability Joxean Koret
Re: Microsoft Windows Vista - Windows Mail Client Side Code Execution Vulnerability Kingcope
dproxy - arbitrary code execution through stack buffer overflow vulnerability Alexander Klink
XBOX ID's being Jacked richfa1
Re: XBOX ID's being Jacked Kevin Finisterre (lists)
Re: Sexy, spankable 22 year old girl looking for a wild time Dude VanWinkle
Re: dproxy - arbitrary code execution through stack buffer overflow vulnerability mu-b
Re: dproxy - arbitrary code execution through stack buffer overflow vulnerability Alexander Klink
Fuzzled - Perl fuzzing framework Tim Brown
iDefense Security Advisory 03.23.07: DataRescue IDA Pro Remote Debugger Server Authentication Bypass Vulnerability iDefense Labs
iDefense Security Advisory 03.23.07: Sun Java System Directory Server 5.2 Uninitialized Pointer Cleanup Design Error Vulnerability iDefense Labs
Fix Update: Disable Google Desktop Link Integration with IE & FireFox Debasis Mohanty

Saturday, 24 March

Re: Chinese Professor Cracks Fifth Data SecurityAlgorithm (SHA-1) Michael Silk
POC: for Asterisk SIP INVITE remote DOS Radu State
Re: Sexy, spankable 22 year old girl looking for a wild time rob musial
Re: Chinese Professor Cracks Fifth Data SecurityAlgorithm (SHA-1) Dude VanWinkle
FLEA-2007-0002-1: inkscape Foresight Linux Essential Announcement Service
Re: [fuzzing] Fuzzled - Perl fuzzing framework Jared DeMott
Re: Sexy, spankable 22 year old girl looking for a wild time Knud Erik Højgaard
Re: Chinese Professor Cracks Fifth Data Security Algorithm (SHA-1) wac
Fizzle : Firefox Extension Vulnerability CrYpTiC MauleR
Fizzle : Firefox Extension Vulnerability CrYpTiC MauleR
hi5 Antiphishing Departement beNi
Re: XBOX ID's being Jacked Jason Miller

Sunday, 25 March

Fizzle : Firefox Extension Vulnerability CrYpTiC MauleR
Re: Chinese Professor Cracks Fifth Data Security Algorithm (SHA-1) Valdis . Kletnieks
Re: XSS at Aon.at, Austrian ISP Nikolay Kichukov
Re: Local user to root escalation in apache 1.3.34 (Debian only) Nikolay Kichukov
Re: Chinese Professor Cracks Fifth Data Security Algorithm (SHA-1) wac
Redirection vulnerability in oracle entreprise manager handrix cobra
Phishing vulnerability in oracle entreprise manager handrix cobra
Re: hi5 Antiphishing Departement wac
Phishtank.com Gone? Michael Ward
I'm not the only one who can't resolve phishtank.com, but some can.. Michael Ward
Re: Phishtank.com Gone? Larry Seltzer
Re: Phishtank.com Gone? adam lamarre
Re: I'm not the only one who can't resolve phishtank.com, but some can.. Tremaine Lea
FLEA-2007-0003-1: cups Foresight Linux Essential Announcement Service
Re: Phishtank.com Gone? Tremaine Lea
Re: Phishtank.com Gone? Anshuman G
Re: I'm not the only one who can't resolve phishtank.com, but some can.. Tim
I'm not the only one who can't resolve phishtank.com, but some can.. Michael Ward
Re: I'm not the only one who can't resolve phishtank.com, but some can.. Kradorex Xeron
Re: I'm not the only one who can't resolve phishtank.com, but some can.. Michael Ward
Re: I'm not the only one who can't resolve phishtank.com, but some can.. Tim
Re: Phishtank.com Gone? Kradorex Xeron
Re: Phishtank.com Gone? Mike N
Re: Phishtank.com Gone? Kradorex Xeron

Monday, 26 March

Re: Local user to root escalation in apache 1.3.34 (Debian only) James Matthews
Re: I'm not the only one who can't resolve phishtank.com, but some can.. Florian Weimer
Libero.it (italian ISP) XSS vulnerability Rosario Valotta
Re: Libero.it (italian ISP) XSS vulnerability Florian Stinglmayr
Xbox live account stolen. David Vernaci
Re: Phishtank.com Gone? Pieter de Boer
Re: Xbox live account stolen. Kevin Finisterre (lists)
RainbowCrack-Online T Biehn
Rootkit.com : Prone To Redirection and Looping Attacks Aditya K Sood
Re: RainbowCrack-Online T Biehn
Re: Xbox live account stolen. Morning Wood
[USN-441-1] Squid vulnerability Kees Cook
[USN-442-1] Evolution vulnerability Kees Cook
[ GLSA 200703-24 ] mgv: Stack overflow in included gv code Raphael Marichez

Tuesday, 27 March

Re: RainbowCrack-Online Tõnu Samuel
Re: RainbowCrack-Online James Matthews
SignKorea's ActiveX Buffer Overflow Vulnerability Alex Park
Metasploit Framework 3.0 RELEASED! H D Moore
Linux Kernel DCCP Memory Disclosure Vulnerability Robert Święcki
[ MDKSA-2007:070 ] - Updated evolution packages to address vulnerability security
Re: RainbowCrack-Online poo
RainbowCrack-Online Drama T Biehn
Buffer Overflow in InterVetions' NaviCopa HTTP server 2.01 skillTube.com
Remote DOS HP JetDirect Print Servers handrix cobra
Rootkit.com Redirection Looping Attack Analysis Aditya K Sood
[USN-443-1] Firefox vulnerability Kees Cook
Re: Linux Kernel DCCP Memory Disclosure Vulnerability Robert Święcki
[USN-444-1] OpenOffice.org vulnerabilities Kees Cook
[USN-445-1] XMMS vulnerabilities Kees Cook

Wednesday, 28 March

[SECURITY] [DSA 1273-1] New nas packages fix multiple remote vulnerabilities Noah Meyerhans
[USN-446-1] NAS vulnerabilities Kees Cook
Corel Wordperfect X3 Stack Overflow jonnyboi
iDefense Security Advisory 03.28.07: IBM Lotus Domino Web Access Cross Site Scripting Vulnerability iDefense Labs
iDefense Security Advisory 03.28.07: IBM Lotus Domino Server LDAP Request Invalid DN Message Heap Overflow Vulnerability iDefense Labs
Cisco Security Advisory: Multiple Cisco Unified CallManager and Presence Server Denial of Service Vulnerabilities Cisco Systems Product Security Incident Response Team
Another XSS vulnerability in Italian provider Libero.it LK
Re: SecurityVulns.com: Microsoft Visual C++ 8.0 standard library time functions invalid assertion DoS (Problem 3000). William A. Rowe, Jr.
Another XSS vulnerability in Italian provider Libero.it Matteo G.P. Flora
ZDI-07-011: IBM Lotus Domino IMAP Server CRAM-MD5 Authentication Buffer Overflow Vulnerability zdi-disclosures
Update: ViewCVS and ViewVC 'checkout view' content type fixation issue Moritz Naumann
[Full-Disclosure] Another XSS vulnerability in italian Libero.it Matteo G.P. Flora
NewOrder.box.sk Inherits Severe Redirection Vulnerability Aditya K Sood
[SECURITY] [DSA 1270-2] New OpenOffice.org packages fix several vulnerabilities Martin Schulze
Another XSS vulnerability in Italian provider Libero.it Matteo G.P. Flora
Re: [viewvc-users] Update: ViewCVS and ViewVC 'checkout view' content type fixation issue C. Michael Pilato
Re: RainbowCrack-Online Drama Asaf Rafaely
Re: RainbowCrack-Online Drama Kradorex Xeron
Re: RainbowCrack-Online Drama James Matthews

Thursday, 29 March

[USN-447-1] KDE library vulnerabilities Kees Cook
rPSA-2007-0061-1 inkscape rPath Update Announcements
Widespread vulnerabilities in Libero.it/Infostrada.it web portals Rosario Valotta
Re: Another XSS vulnerability in Italian provider Libero.it Kradorex Xeron
Re: Another XSS vulnerability in Italian providerLibero.it paura
Re: Another XSS vulnerability in Italian providerLibero.it Edmond Dantes
Re: NewOrder.box.sk Inherits Severe RedirectionVulnerability Nikolay Kichukov
Re: NewOrder.box.sk Inherits Severe RedirectionVulnerability Aditya K Sood
[ MDKSA-2007:071 ] - Updated xmms packages to address integer vulnerabilities security
Re: NewOrder.box.sk Inherits Severe RedirectionVulnerability Nikolay Kichukov
Re: NewOrder.box.sk Inherits Severe Aditya K Sood
iDefense Security Advisory 03.29.07: IBM Lotus Sametime JNILoader Arbitrary DLL Load Vulnerability iDefense Labs
Buy 0day vulnerability opportunity2007
Re: Buy 0day vulnerability Michael Bann
Re: Buy 0day vulnerability don bailey
FLEA-2007-0004-1: openoffice.org Foresight Linux Essential Announcement Service
[ MDKSA-2007:072 ] - Updated kdelibs packages to address FTP PASV issue in konqueror security
[ GLSA 200703-25 ] Ekiga: Format string vulnerability Raphael Marichez
[ MDKSA-2007:073 ] - Updated openoffice.org packages to address vulnerabilities security
FLEA-2007-0005-1: slocate Foresight Linux Essential Announcement Service
Re: Buy 0day vulnerability James Matthews

Friday, 30 March

CA Brightstor Backup Mediasvr.exe Remote Code Vulnerability M. Shirk
Re: Another XSS vulnerability in Italian providerLibero.it MailLists Listas
VMSA-2007-0002 VMware ESX security updates VMware Security team
0-day ANI vulnerability in Microsoft Windows (CVE-2007-0038) Alexander Sotirov
Re: NewOrder.box.sk Inherits Severe bugtraq
ANI Zeroday, Third Party Patch Marc Maiffret
Re: 0-day ANI vulnerability in Microsoft Windows (CVE-2007-0038) James Rankin
secure listserv config imipak
Preventing Cross-site Request Forgeries pdp (architect)
Re: Buy 0day vulnerability Guasconi Vincent
Re: Buy 0day vulnerability Peter Dawson
Re: Buy 0day vulnerability Guasconi Vincent
Microsoft Windows Vista Slideshow Unspecified Blue Screen Of Death Vulnerability Michal Majchrowicz
MADYNES voip fuzzer Juan Perez
Re: [VulnWatch] Microsoft Windows Vista Slideshow Unspecified Blue Screen Of Death Vulnerability 3APA3A
A lot of XSS Hanno Böck
Re: Buy 0day vulnerability Maxime Ducharme
Re: 0-day ANI vulnerability in Microsoft Windows (CVE-2007-0038) James Matthews
Re: [VulnWatch] Microsoft Windows Vista Slideshow Unspecified Blue Screen Of Death Vulnerability James Matthews
[ GLSA 200703-26 ] file: Integer underflow Raphael Marichez
Re: [VulnWatch] Microsoft Windows Vista Slideshow Unspecified Blue Screen Of Death Vulnerability Jim Popovitch
TSRT-07-03: America Online SuperBuddy ActiveX Control Code Execution Vulnerability TSRT
Re: [VulnWatch] Microsoft Windows Vista Slideshow Unspecified Blue Screen Of Death Vulnerability Guasconi Vincent

Saturday, 31 March

dproxy-nexgen remote mu-b
Re: 0-day ANI vulnerability in Microsoft Windows (CVE-2007-0038) Alexander Sotirov
CA BrightStor ARCserve Backup Mediasvr.exe vulnerability Williams, James K
Re: 0-day ANI vulnerability in Microsoft Windows(CVE-2007-0038) Eric Sites
Re: CA BrightStor ARCserve Backup Mediasvr.exevulnerability Morning Wood
Re: [WEB SECURITY] Preventing Cross-site Request Forgeries [ASP.NET crowd] Chris Weber
Re: [WEB SECURITY] Preventing Cross-site Request Forgeries [ASP.NET crowd] Michael Sutton
On-going Internet Emergency and Domain Names Gadi Evron
Re: 0-day ANI vulnerability in Microsoft Windows (CVE-2007-0038) Jan Wrobel
n3td3v calls for immediate halt to the month of Myspace bugs n3td3v
Re: [WEB SECURITY] Preventing Cross-site Request Forgeries [ASP.NET crowd] Chris Weber
Windows .ANI LoadAniIcon Stack Overflow dev code
Re: A lot of XSS Nikolay Kichukov
Re: dproxy-nexgen remote Alexander Klink
Re: 0-day ANI vulnerability in Microsoft Windows (CVE-2007-0038) Alexander Sotirov
Re: Windows .ANI LoadAniIcon Stack Overflow wac
Global Space Exploitation In PHP Based Web Applications Aditya K Sood
Re: Windows .ANI LoadAniIcon Stack Overflow dev code
[ GLSA 200703-27 ] Squid: Denial of Service Raphael Marichez
[ GLSA 200703-28 ] CUPS: Denial of Service Raphael Marichez
Re: [WEB SECURITY] Re: Global Space Exploitation In PHP Based Web Applications Aditya K Sood

Sunday, 01 April

Digg Delicious Technorati & Netscape XSS (worm?) mybeni websecurity
Cisco IP Phone vulnerability J. Oquendo
Re: Windows .ANI LoadAniIcon Stack Overflow James Matthews
Re: Cisco IP Phone vulnerability alessandro salvatori
ISP in the UK Terminates Account after Full Disclosure Aviram Jenik
CAU-2007-0001: Window Transparency Information Disclosure I)ruid
Previous period Next period
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]