Bugtraq: by thread

Mis-diagnosed XSS bugs hiding worse issues due to PHP feature Steven M. Christey (Apr 01 2006)
- Re: [Full-disclosure] Mis-diagnosed XSS bugs hiding worse issues due to PHP feature Siegfried (Apr 01 2006)
- Re: Mis-diagnosed XSS bugs hiding worse issues due to PHP feature Siegfried (Apr 01 2006)
- Re: Mis-diagnosed XSS bugs hiding worse issues due to PHP feature cxib_at_securityreason.com (Apr 02 2006)
linksubmit <= All version Html Tag Injector in index.php ali_at_hackerz.ir (Apr 01 2006)
Re: recursive DNS servers DDoS as a growing DDoS problem Gadi Evron (Mar 30 2006)
- Re: recursive DNS servers DDoS as a growing DDoS problem Paul Stepowski (Mar 30 2006)
- Re: recursive DNS servers DDoS as a growing DDoS problem Marco Ivaldi (Apr 03 2006)
SQuery <= 4.5 Remote File Inclusion Exploit uid0_at_exploitercode.com (Apr 01 2006)
RE: recursive DNS servers DDoS as a growing DDoS problem gboyce (Mar 31 2006)
- RE: recursive DNS servers DDoS as a growing DDoS problem Geo. (Mar 31 2006)
  - Re: recursive DNS servers DDoS as a growing DDoS problem Jim Pingle (Apr 03 2006)
    - RE: recursive DNS servers DDoS as a growing DDoS problem Geo. (Apr 04 2006)
      - Re: recursive DNS servers DDoS as a growing DDoS problem Jim Pingle (Apr 04 2006)
    - Re: recursive DNS servers DDoS as a growing DDoS problem Erwan David (Apr 04 2006)
- Re: recursive DNS servers DDoS as a growing DDoS problem Anton Ivanov (Apr 01 2006)
  - Re: recursive DNS servers DDoS as a growing DDoS problem Geo. (Apr 02 2006)
    - Re: recursive DNS servers DDoS as a growing DDoS problem Anton Ivanov (Apr 03 2006)
  - Re: recursive DNS servers DDoS as a growing DDoS problem Tim (Apr 03 2006)
    - Re: recursive DNS servers DDoS as a growing DDoS problem Anton Ivanov (Apr 03 2006)
      - Re: recursive DNS servers DDoS as a growing DDoS problem Tim (Apr 04 2006)
    - Re: recursive DNS servers DDoS as a growing DDoS problem Ross Wheeler (Apr 04 2006)
      - Re: recursive DNS servers DDoS as a growing DDoS problem Anton Ivanov (Apr 04 2006)
- RE: recursive DNS servers DDoS as a growing DDoS problem Måns Nilsson (Apr 02 2006)
- RE: recursive DNS servers DDoS as a growing DDoS problem Thomas Guyot-Sionnest (Apr 04 2006)
  - RE: recursive DNS servers DDoS as a growing DDoS problem Geo. (Apr 04 2006)
    - Re: recursive DNS servers DDoS as a growing DDoS problem Gadi Evron (Apr 04 2006)
      - Re: recursive DNS servers DDoS as a growing DDoS problem Geo. (Apr 04 2006)
- Re: recursive DNS servers DDoS as a growing DDoS problem Simon Boulet (Apr 03 2006)
- RE: recursive DNS servers DDoS as a growing DDoS problem Geo. (Apr 05 2006)
FleXiBle Development Script Remote Command Exucetion And XSS Attacking botan_at_linuxmail.org (Apr 01 2006)
- Re: FleXiBle Development Script Remote Command Exucetion And XSS Attacking Steven M. Christey (Apr 04 2006)
Re: Re: Re: phpBB 2.06 search.php SQL injection theguywhocouldwipeyourphpBB_at_hackersworlddomination.com (Mar 29 2006)
DoS-ing sysklogd? Milen Rangelov (Mar 31 2006)
- RE: DoS-ing sysklogd? Justin Shore (Apr 02 2006)
- Re: DoS-ing sysklogd? Bernhard Fischer (Apr 03 2006)
- Re: DoS-ing sysklogd? Christophe Garault (Apr 03 2006)
PHPNuke-Clan 3.0.1 Remote File Inclusion Exploit uid0_at_exploitercode.com (Apr 01 2006)
GeSWall 2.2 � Free Intrusion Prevention System for Windows GentleSecurity Team (Mar 29 2006)
SiteMan <= All version SQL injection in admin_login.asp ali_at_hackerz.ir (Apr 01 2006)
Phpwebgallery <= 1.4.1 SQL injection Vulnerability t4h4_at_linuxmail.org (Apr 03 2006)
Secunia Research: AN HTTPD Script Source Disclosure Vulnerability Secunia Research (Apr 03 2006)
Re: On product vulnerability history and vulnerability complexity Crispin Cowan (Apr 01 2006)
- Re: On product vulnerability history and vulnerability complexity Gadi Evron (Apr 03 2006)
  - Re: On product vulnerability history and vulnerability complexity Steven M. Christey (Apr 03 2006)
  - Re: On product vulnerability history and vulnerability complexity Javor Ninov (Apr 04 2006)
    - Re: On product vulnerability history and vulnerability complexity Steven M. Christey (Apr 04 2006)
- Re: On product vulnerability history and vulnerability complexity ArkanoiD (Apr 03 2006)
- Re: On product vulnerability history and vulnerability complexity Forrest J. Cavalier III (Apr 03 2006)
  - Re: On product vulnerability history and vulnerability complexity Gadi Evron (Apr 03 2006)
[USN-266-1] dia vulnerabilities Martin Pitt (Apr 03 2006)
[SECURITY] [DSA 1000-2] New Apache2::Request packages fix denial of service Martin Schulze (Apr 03 2006)
Another Internet Explorer Address Bar Spoofing Vulnerability hainamluke_at_yahoo.com (Apr 03 2006)
- Re: Another Internet Explorer Address Bar Spoofing Vulnerability franz_at_noemail.com (Apr 04 2006)
  - Re: Another Internet Explorer Address Bar Spoofing Vulnerability sh0rtie (Apr 05 2006)
    - Re: Re: Another Internet Explorer Address Bar Spoofing Vulnerability pc.tech2_at_comcast.net (Apr 06 2006)
Hosting Controller AccountActions.asp and saveuploadfiles.asp vulns (PoC) paolo.difebbo_at_gmail.com (Apr 02 2006)
Flaw in commonly used bash random seed method coderpunk (Apr 01 2006)
- Re: Flaw in commonly used bash random seed method Matthijs (Apr 03 2006)
  - Re: Flaw in commonly used bash random seed method Dave English (Apr 04 2006)
    - Re: Flaw in commonly used bash random seed method Matthijs (Apr 04 2006)
      - Re: Flaw in commonly used bash random seed method Matthijs (Apr 04 2006)
  - Re: Flaw in commonly used bash random seed method Dave Korn (Apr 04 2006)
    - Re: Flaw in commonly used bash random seed method Steve VanDevender (Apr 05 2006)
VWar <= 1.5.0 R12 Remote File Inclusion Exploit uid0_at_exploitercode.com (Apr 02 2006)
Multiple Vulnerabilities in LucidCMS crasher_at_kecoak.or.id (Apr 01 2006)
- Re: Multiple Vulnerabilities in LucidCMS zachofalltrades_at_sourceforge.net (Apr 18 2006)
MyBB 1.10 New CrossSiteScripting o.y.6_at_hotmail.com (Apr 02 2006)
SQL Injection in Softbiz Image Gallery xx_hack_xx_2004_at_hotmail.com (Mar 31 2006)
Re: WebVulnCrawl searching excluded directories for hackable web servers Dennis Brown (Mar 31 2006)
Re: Cantv/Movilnet's Web SMS vulnerability. raven (Mar 31 2006)
Re: On classifying attacks john mullee (Apr 01 2006)
[ MDKSA-2006:064 ] - Updated MySQL packages fix logging bypass vulnerability security_at_mandriva.com (Apr 03 2006)
[ MDKSA-2006:062 ] - Updated dia packages fix buffer overflow vulnerabilities security_at_mandriva.com (Apr 03 2006)
ReloadCMS <= 1.2.5stable Cross site scripting / remote command execution rgod_at_autistici.org (Apr 02 2006)
SYMSA-2006-002: McAfee WebShield SMTP Format String Vulnerability CS_Advisories Mailbox (Apr 03 2006)
Bypassing ISA Server 2004 with IPv6 Romain.Le.Guen_at_romainl.com (Apr 03 2006)
- Re: Bypassing ISA Server 2004 with IPv6 3APA3A (Apr 04 2006)
  - Re: Bypassing ISA Server 2004 with IPv6 Christine Kronberg (Apr 05 2006)
    - Re[2]: Bypassing ISA Server 2004 with IPv6 3APA3A (Apr 10 2006)
      - Re[2]: Bypassing ISA Server 2004 with IPv6 Christine Kronberg (Apr 10 2006)
      - Re[3]: Bypassing ISA Server 2004 with IPv6 3APA3A (Apr 15 2006)
      - Re[3]: Bypassing ISA Server 2004 with IPv6 Christine Kronberg (Apr 15 2006)
      - Re: Re[3]: Bypassing ISA Server 2004 with IPv6 Thor (Hammer of God) (Apr 19 2006)
      - Re: Re[3]: Bypassing ISA Server 2004 with IPv6 offtopic (Apr 19 2006)
      - Re: Re[2]: Bypassing ISA Server 2004 with IPv6 Thor (Hammer of God) (Apr 15 2006)
      - Re: Re[2]: Bypassing ISA Server 2004 with IPv6 Christine Kronberg (Apr 16 2006)
    - Re: Bypassing ISA Server 2004 with IPv6 Thor (Hammer of God) (Apr 09 2006)
  - Re: Bypassing ISA Server 2004 with IPv6 offtopic (Apr 04 2006)
- Re: Bypassing ISA Server 2004 with IPv6 noreply_at_romainl.com (Apr 10 2006)
  - Re: Re: Bypassing ISA Server 2004 with IPv6 Romain.Le-Guen_at_hsc.fr (Apr 05 2006)
    - Re: Bypassing ISA Server 2004 with IPv6 Thor (Hammer of God) (Apr 09 2006)
RUXCON 2006 Call for Papers cfp_at_ruxcon.org.au (Apr 04 2006)
SMART Technologies SynchronEyes Remote Denial of Services dennis_at_backtrace.de (Apr 03 2006)
Format string in Doomsday 1.8.6 Luigi Auriemma (Apr 03 2006)
- Re: Format string in Doomsday 1.8.6 Alexey Dobriyan (Apr 07 2006)
[USN-267-1] mailman vulnerability Martin Pitt (Apr 03 2006)
[ GLSA 200604-01 ] MediaWiki: Cross-site scripting vulnerability Stefan Cornelius (Apr 04 2006)
Barracuda LHA archiver security bug leads to remote compromise Jean-S�bastien Guay-Leroux (Apr 03 2006)
Barracuda ZOO archiver security bug leads to remote compromise Jean-S�bastien Guay-Leroux (Apr 03 2006)
[security bulletin] HPSBPI2109 SSRT061141 rev.1 - HP Color LaserJet 2500 and 4600 Toolbox Running on Microsoft Windows Remote Unauthorized Disclosure of Information security-alert_at_hp.com (Apr 04 2006)
[ GLSA 200604-02 ] Horde Application Framework: Remote code execution Stefan Cornelius (Apr 04 2006)
[ GLSA 200604-03 ] FreeRADIUS: Authentication bypass in EAP-MSCHAPv2 module Matthias Geerdsen (Apr 04 2006)
Buffer-overflow in Ultr@VNC 1.0.1 viewer and server Luigi Auriemma (Apr 04 2006)
- Re: Buffer-overflow in Ultr@VNC 1.0.1 viewer and server jalvare7_at_cajastur.es (Apr 05 2006)
  - Re: Buffer-overflow in Ultr@VNC 1.0.1 viewer and server Luigi Auriemma (Apr 05 2006)
Re: [Full-disclosure] Critical PHP bug - act ASAP if you are running web with sensitive data Moriyoshi Koizumi (Apr 03 2006)
- Re: [Full-disclosure] Critical PHP bug - act ASAP if you are running web with sensitive data Jasper Bryant-Greene (Apr 03 2006)
  - Re: [Full-disclosure] Critical PHP bug - act ASAP if you are running web with sensitive data Jasper Bryant-Greene (Apr 03 2006)
    - Re: [Full-disclosure] Critical PHP bug - act ASAP if you are running web with sensitive data John Bond (Apr 04 2006)
- Re: [Full-disclosure] Critical PHP bug - act ASAP if you are running web with sensitive data Moriyoshi Koizumi (Apr 05 2006)
ArabPortal 2.0.1 Stable [ 9 CrossSiteScripting & 1 SQL Injection ] MultBugz o.y.6_at_hotmail.com (Apr 04 2006)
NOD32 local privilege escalation vulnerability visitbipin_at_hotmail.com (Apr 04 2006)
Another way to spoof Internet Explorer Address Bar hainamluke_at_yahoo.com (Apr 04 2006)
- RE: Another way to spoof Internet Explorer Address Bar Memisyazici, Aras (Apr 04 2006)
Re: [Full-disclosure] Critical PHP bug - act ASAP if you are runningweb with sen mailinglist mailinglist (Apr 03 2006)
Re: Limbo CMS code execution gergero_at_securityfocus.com (Apr 04 2006)
Black Hat Call for Papers and Registration now open Jeff Moss (Apr 03 2006)
[Full-disclosure] PIRANA exploitation framework and SMTP contentfilter security Jean-S�bastien Guay-Leroux (Apr 03 2006)
[SECURITY] [DSA 1022-1] New storebackup packages fix several vulnerabilities Moritz Muehlenhoff (Apr 03 2006)
[ECHO_ADV_27$2006] AngelineCMS 0.8.1 Installpath Remote File Inclusion eufrato_at_gmail.com (Apr 04 2006)
[SEC-1 LTD] HP Colour LaserJet 2500 and 4600 Toolbox Directory Traversal Vulnerability Richard Horsman (Apr 04 2006)
[ECHO_ADV_27$2006] AngelineCMS 0.8.1 Installpath Remote File Inclusion eufrato_at_gmail.com (Apr 04 2006)
Linux Kernel Local DoS vulnerability. fingerout (Apr 04 2006)
[FLSA-2006:152873] Updated xine package fixes security issues Marc Deslauriers (Apr 04 2006)
[SECURITY] [DSA 1024-1] New clamav packages fix several vulnerabilities Moritz Muehlenhoff (Apr 05 2006)
Cisco Security Advisory: Cisco 11500 Content Services Switch HTTP Request Vulnerability Cisco Systems Product Security Incident Response Team (Apr 05 2006)
[FLSA-2006:152896] Updated mod_python package fixes a security issue Marc Deslauriers (Apr 04 2006)
[ MDKSA-2006:066 ] - Updated FreeRADIUS packages fix off-by-one overflow vulnerabilty security_at_mandriva.com (Apr 05 2006)
Autonomous LAN party File iNclusion codexploder_at_linuxmail.org (Apr 08 2006)
[FLSA-2006:156139] Updated tcpdump packages fix security issues Marc Deslauriers (Apr 04 2006)
Xss In SaphpLesson3.0 w3.__at_hotmail.com (Apr 07 2006)
[FLSA-2006:156290] Updated cyrus-imapd packages fix security issues Marc Deslauriers (Apr 04 2006)
[FLSA-2006:170411] Updated imap packages fix security issue Marc Deslauriers (Apr 04 2006)
[FLSA-2006:183571-1] Updated tar package fixes security issue Marc Deslauriers (Apr 04 2006)
[FLSA-2006:183571-2] Updated tar package fixes security issue Marc Deslauriers (Apr 04 2006)
[FLSA-2006:180159] Updated unzip package fixes security issue Marc Deslauriers (Apr 04 2006)
[eVuln] Null news SQL Injection Vulnerability alex_at_evuln.com (Apr 08 2006)
[FLSA-2006:184074] Updated pine package fixes security issue Marc Deslauriers (Apr 04 2006)
[FLSA-2006:184098] Updated libc-client packages fixes security issue Marc Deslauriers (Apr 04 2006)
[Updated] [FLSA-2006:186277] Updated sendmail packages fix security issue Marc Deslauriers (Apr 04 2006)
[eVuln] phpNewsManager Multiple SQL Injections alex_at_evuln.com (Apr 08 2006)
SQL Injection in Chipmunk Guestbook dr.jr7_at_hotmail.com (Apr 07 2006)
Sire 2.0 Nws Remote File inclusion & Arbitary Files Upload simo64_at_gmail.com (Apr 07 2006)
[Kaffeine Security Advisory] Heap based buffer overflow in http_peek() Dirk Mueller (Apr 04 2006)
Welcome to XCon2006 in China! xcon_at_xfocus.org (Apr 05 2006)
[SECURITY] [DSA 1031-1] New cacti packages fix several vulnerabilities Martin Schulze (Apr 08 2006)
[SECURITY] [DSA 946-2] New sudo packages fix privilege escalation Martin Schulze (Apr 08 2006)
google xss almfnod_at_gawab.com (Apr 04 2006)
- RE: google xss Andy Meyers (Apr 09 2006)
  - Re: google xss Jim Ley (Apr 10 2006)
  - Re: google xss pagvac (Apr 10 2006)
    - Re: google xss Vladimir Levijev (Apr 12 2006)
[security bulletin] HPSBUX02108 SSRT061133 rev.3 - HP-UX running Sendmail, Remote Execution of Arbitrary Code security-alert_at_hp.com (Apr 06 2006)
[ MDKSA-2006:068 ] - Updated mplayer packages fix integer overflow vulnerabilities security_at_mandriva.com (Apr 07 2006)
[KAPDA::#38] - MyBB 1.1.0~functions_post.php~XSS Attack addmimistrator_at_gmail.com (Apr 07 2006)
[eVuln] VSNS Lemon Multiple Vulnerabilities alex_at_evuln.com (Apr 06 2006)
PHPMyChat 0.15.0dev "SYS enter" remote commands xctn (not properly patched from previous versions) rgod_at_autistici.org (Apr 06 2006)
[ MDKSA-2006:065 ] - Updated kaffeine packages fix remote buffer overflow vulnerability security_at_mandriva.com (Apr 05 2006)
Matt Wright Guestbook Xss Script İnjection liz0_at_bsdmail.com (Apr 08 2006)
[eVuln] vCounter - sourceworkshop SQL Injection Vulnerability alex_at_evuln.com (Apr 07 2006)
[USN-268-1] Kaffeine vulnerability Martin Pitt (Apr 06 2006)
LayerOne 2006 - Finalized Speaker Line-Up Announced Layer One (Apr 06 2006)
PHPMyChat <= 0.14.5 remote commands execution rgod_at_autistici.org (Apr 05 2006)
Re: SQL injection in Invision Power Board v2.1.5 optix_prorat100_at_yahoo.com (Apr 05 2006)
[SECURITY] [DSA 1028-1] New libimager-perl packages fix denial of service Martin Schulze (Apr 07 2006)
[ECHO_ADV_28$2006] Clever Copy <= 3.0 Connect.inc Critical Information Disclosure eufrato_at_gmail.com (Apr 06 2006)
[ MDKSA-2006:067 ] - Updated clamav packages fix vulnerabilities security_at_mandriva.com (Apr 07 2006)
[ GLSA 200604-05 ] Doomsday: Format string vulnerability Stefan Cornelius (Apr 05 2006)
MAXDEV CMS Multiple vulnerabilities king_purba_at_yahoo.co.uk (Apr 06 2006)
[SECURITY] [DSA 1018-2] New Linux kernel 2.4.27 packages fix several vulnerabilities Moritz Muehlenhoff (Apr 05 2006)
[eVuln] newsletter - sourceworkshop SQL Injection Vulnerability alex_at_evuln.com (Apr 07 2006)
[ GLSA 200604-04 ] Kaffeine: Buffer overflow Sune Kloppenborg Jeppesen (Apr 05 2006)
Shadowed Portal Cross Site Scripting liz0_at_bsdmail.com (Apr 08 2006)
[SECURITY] [DSA 1027-1] New mailman packages fix denial of service Martin Schulze (Apr 06 2006)
XSS Bug in Cherokee Webserver rubengarrote_at_idominiun.com (Apr 06 2006)
[SECURITY] [DSA 1029-1] New libphp-adodb packages fix several vulnerabilities Martin Schulze (Apr 08 2006)
Google Reader "preview" and "lens" script improper feed validation Debasis Mohanty (Apr 05 2006)
Virtual War File İnclusion liz0_at_bsdmail.com (Apr 08 2006)
Cisco Security Advisory: Cisco Optical Networking System 15000 series and Cisco Transport Controller Vulnerabilities Cisco Systems Product Security Incident Response Team (Apr 05 2006)
[SECURITY] [DSA 1030-1] New moodle packages fix several vulnerabilities Martin Schulze (Apr 08 2006)
Multiple vulnerability in jupiter CMS king_purba_at_yahoo.co.uk (Apr 06 2006)
[SECURITY] [DSA 1026-1] New sash packages fix potential arbitrary code execution Moritz Muehlenhoff (Apr 06 2006)
[ GLSA 200604-06 ] ClamAV: Multiple vulnerabilities Sune Kloppenborg Jeppesen (Apr 07 2006)
[SECURITY] [DSA 1023-1] New kaffeine packages fix arbitrary code execution Martin Schulze (Apr 05 2006)
Re: Bios Information Leakage darmawan_salihun_at_students.itb.ac.id (Apr 05 2006)
[security bulletin] HPSBUX02110 SSRT061110 rev.1 - HP-UX Running wu-ftpd Remote Denial of Service (DoS) security-alert_at_hp.com (Apr 06 2006)
[security bulletin] HPSBUX02111 SSRT061132 rev.1 - HP-UX su(1) Local Unauthorized Access security-alert_at_hp.com (Apr 06 2006)
[SECURITY] [DSA 1025-1] New dia packages fix arbitrary code execution Martin Schulze (Apr 06 2006)
IE6 Crash tel_at_weirdtech.org (Apr 07 2006)
- Re: IE6 Crash H D Moore (Apr 10 2006)
[Overflow.pl] Clam AntiVirus Win32-UPX Heap Overflow (not default configuration) Damian Put (Apr 06 2006)
XMB Forum 1.9.5-Final XSS r0xes.ratm_at_gmail.com (Apr 08 2006)
Oracle read-only user can insert/update/delete data via specially crafted views ak_at_red-database-security.com (Apr 10 2006)
TUGZip Archive Extraction Directory traversal h e (Apr 10 2006)
Vulnerabilities in SPIP crasher_at_kecoak.or.id (Apr 09 2006)
PhpOpenChat 3.0.x ADODB Server.php "sql" SQL injection rgod_at_autistici.org (Apr 09 2006)
phpinfo() Cross Site Scripting PHP 5.1.2 and 4.4.2 cxib_at_securityreason.com (Apr 09 2006)
function *() php/apache Crash PHP 4.4.2 and 5.1.2 cxib_at_securityreason.com (Apr 09 2006)
- Re: function *() php/apache Crash PHP 4.4.2 and 5.1.2 Michal Zalewski (Apr 10 2006)
- Re: function *() php/apache Crash PHP 4.4.2 and 5.1.2 Steven M. Christey (Apr 11 2006)
  - Exploiting out of memory crashes and null pointers [was: Re: function *() php/apache Crash PHP 4.4.2 and 5.1.2] 86400s_at_nerim.net (Apr 12 2006)
  - Re: function *() php/apache Crash PHP 4.4.2 and 5.1.2 Michal Zalewski (Apr 13 2006)
    - Re: Re: function *() php/apache Crash PHP 4.4.2 and 5.1.2 sp3x_at_securityreason.com (Apr 14 2006)
tempnam() open_basedir bypass PHP 4.4.2 and 5.1.2 cxib_at_securityreason.com (Apr 09 2006)
copy() Safe Mode Bypass PHP 4.4.2 and 5.1.2 cxib_at_securityreason.com (Apr 09 2006)
MyBB 1.10 'newthread.php' < CrossSiteScripting > o.y.6_at_hotmail.com (Apr 09 2006)
Myspace.com - Intricate Script Injection silentproducts_at_gmail.com (Apr 09 2006)
Vegadns blind sql injection and cross site scripting king_purba_at_yahoo.co.uk (Apr 09 2006)
PHPList <= 2.10.2 remote commands execution rgod_at_autistici.org (Apr 10 2006)
- Re: PHPList <= 2.10.2 remote commands execution secfoc_at_tincan.co.uk (Apr 11 2006)
  - Re: Re: PHPList <= 2.10.2 remote commands execution rg.viza_at_gmail.com (Apr 11 2006)
[eVuln] phpNewsManager Multiple SQL Injections alex_at_evuln.com (Apr 10 2006)
Jbook Cross Site Scripting root___at_linuxmail.org (Apr 10 2006)
phpMyForum Cross Site Scripting & CRLF injection root___at_linuxmail.org (Apr 10 2006)
- Re: phpMyForum Cross Site Scripting & CRLF injection chris_at_phpmyforum.de (Apr 25 2006)
PHPWebGallery Multiple Cross Site Scripting Vulnerabilities root___at_linuxmail.org (Apr 10 2006)
[USN-269-1] xscreensaver vulnerability Martin Pitt (Apr 11 2006)
Confixx 3.1.2 <= Cross Site Scripting Vuln sn4k3.23_at_gmail.com (Apr 10 2006)
INDEXU <= 5.0.1 (theme_path)and (base_path) Remote File Inclusion Exploit selfar2002_at_hotmail.com (Apr 10 2006)
[ MDKSA-2006:069 ] - Updated openvpn packages fix vulnerability security_at_mandriva.com (Apr 10 2006)
Multiple vulnerabilities in Blur6ex crasher_at_kecoak.or.id (Apr 11 2006)
- Re: Multiple vulnerabilities in Blur6ex Steven M. Christey (Apr 12 2006)
phpListPro <= 2.0 - Remote File Include Vulnerability admin_at_majorsecurity.de (Apr 11 2006)
Realplayer .SWF Multiple Remote Memory Corruption Vulnerabilities Sowhat (Apr 11 2006)
[eVuln] [V]Book Multiple Vulnerabilities alex_at_evuln.com (Apr 11 2006)
ZDI-06-007: Microsoft Windows Address Book (WAB) File Format Parsing Vulnerability zdi-disclosures_at_3com.com (Apr 11 2006)
Manila <= 9.5 - XSS Vulnerabilities d4igoro_at_gmail.com (Apr 11 2006)
Confixx 3.1.2 <= SQL Injection sn4k3.23_at_gmail.com (Apr 11 2006)
- Re: Confixx 3.1.2 <= SQL Injection iovdin_at_swsoft.com (Apr 13 2006)
Tritanium Bulletin Board 1.2.3 - XSS d4igoro_at_gmail.com (Apr 11 2006)
IBM ptt_at_btinternet.com (Apr 10 2006)
- RE: IBM Michael Scheidell (Apr 11 2006)
  - Re: RE: IBM Juha-Matti Laurio (Apr 13 2006)
- Re: IBM stend_at_us.ibm.com (Apr 11 2006)
[eVuln] VNews Multiple Vulnerabilities alex_at_evuln.com (Apr 11 2006)
[SRC-Telindus advisory] - HP System Management Homepage Remote Unauthorized Access SRC Telindus (Apr 11 2006)
AzDGVote File inclusion selfar2002_at_hotmail.com (Apr 11 2006)
[ MDKSA-2006:071 ] - Updated xscreensaver packages fix clear-text password vulnerability security_at_mandriva.com (Apr 11 2006)
[ MDKSA-2006:070 ] - Updated openvpn packages fix vulnerability security_at_mandriva.com (Apr 10 2006)
IMF 2006 - Submission Deadline Extension Oliver Goebel (Apr 11 2006)
IT Underground, London 2006 - call for papers it_underground_at_gazeta.pl (Apr 11 2006)
SAXoPRESS - directory traversal securiteam_at_datasec.no (Apr 11 2006)
2nd European Conference on Computer Network Defense (EC2ND) Blyth A J C (Comp) (Apr 11 2006)
Microsoft Internet Explorer DBCS Remote Memory Corruption Vulnerability Sowhat (Apr 11 2006)
Re: Buffer-overflow in Ultr@VNC 1.0.1 viewer POC phaas_at_redspin.com (Apr 11 2006)
[SECURITY] [DSA 1032-1] New zope-cmfplone packages fix unprivileged data manipulation Moritz Muehlenhoff (Apr 12 2006)
[eVuln] QLnews XSS and PHP Code Insertion Vulnerabilities alex_at_evuln.com (Apr 12 2006)
Simplog <=0.9.2 multiple vulnerabilities rgod_at_autistici.org (Apr 11 2006)
- Re: Simplog <=0.9.2 multiple vulnerabilities Jeremy Ashcraft (Apr 13 2006)
[SECURITY] [DSA 1033-1] New horde3 packages fix several vulnerabilities Moritz Muehlenhoff (Apr 12 2006)
Vulnerability in Microsoft FrontPage Server Extensions Could Allow Cross-Site Scripting Esteban Martinez Fayo (Apr 12 2006)
[security bulletin] HPSBUX02108 SSRT061133 rev.6 - HP-UX running Sendmail, Remote Execution of Arbitrary Code security-alert_at_hp.com (Apr 13 2006)
[USN-270-1] xpdf vulnerabilities Martin Pitt (Apr 13 2006)
Clansys Multiple Xss Vulnerabilities Soothackers_at_gmail.com (Apr 12 2006)
Re: phpWebsite <= SQL Injection (friend.php) & (article.php) shaun_at_aegisdesign.co.uk (Apr 13 2006)
PatroNet CMS Xss Vuln Soothackers_at_gmail.com (Apr 12 2006)
Windows Help Heap Overflow c0ntexb_at_gmail.com (Apr 13 2006)
SimpleBBS v1.1(posts.php) remote command execution stormhacker_at_hotmail.com (Apr 12 2006)
[BuHa-Security] DoS Vulnerability in Firefox 1.5.0.1 bugtraq_at_morph3us.org (Apr 12 2006)
[eVuln] qliteNews SQL Injection Vulnerability alex_at_evuln.com (Apr 13 2006)
[BuHa-Security] Stack Based Buffer Overflow Vulnerability in Amaya 9.4 #2 bugtraq_at_morph3us.org (Apr 12 2006)
Remote File Inclusion in VBulletin ImpEx dr.jr7_at_hotmail.com (Apr 12 2006)
[BuHa-Security] Multiple Vulnerabilities in MS IE 6.0 SP2 bugtraq_at_morph3us.org (Apr 12 2006)
phpWebSite 0.10.? (topics.php) Remote SQL Injection Exploit selfar2002_at_hotmail.com (Apr 12 2006)
- Re: phpWebSite 0.10.? (topics.php) Remote SQL Injection Exploit Kevin Wilcox (Apr 13 2006)
RevoBoard [email] tag XSS r0xes.ratm_at_gmail.com (Apr 12 2006)
Recon 2006: speaker lineup announcement Recon (Apr 12 2006)
MyBB 1.10 New XSS ' member.php ' o.y.6_at_hotmail.com (Apr 12 2006)
QuickBlogger v1.4 Cross-Site Scripting botan_at_linuxmail.org (Apr 12 2006)
- Re: QuickBlogger v1.4 Cross-Site Scripting Steven M. Christey (Apr 14 2006)
phpMyAdmin 2.7.0-pl1 kr4ch_at_web.de (Apr 12 2006)
- Re: phpMyAdmin 2.7.0-pl1 Kevin Waterson (Apr 13 2006)
Re: Jupiter CMS <= 1.1.5 multiple XSS attack vectors. anonss_at_anonaa.com (Apr 12 2006)
MyBB 1.10 New CrossSiteScripting ' member.php ' o.y.6_at_hotmail.com (Apr 12 2006)
SaphpLesson 2.0 (forumid) Remote SQL Injection Exploit selfar2002_at_hotmail.com (Apr 12 2006)
Secunia Research: Adobe Document Server for Reader Extensions Multiple Vulnerabilities Secunia Research (Apr 13 2006)
SEC Consult SA-20060314 :: Opera Browser CSS Attribute Integer Wrap / Buffer Overflow Bernhard Mueller (Apr 13 2006)
- Re: [Full-disclosure] SEC Consult SA-20060314 :: Opera Browser CSS Attribute Integer Wrap / Buffer Overflow Thierry Zoller (Apr 13 2006)
ZDI-06-008: Novell GroupWise Messenger Accept-Language Buffer Overflow zdi-disclosures_at_3com.com (Apr 13 2006)
TalentSoft Web+Shop Path Disclosure revnic_at_gmail.com (Apr 13 2006)
[BuHa-Security] Stack Based Buffer Overflow Vulnerability in Amaya 9.4 bugtraq_at_morph3us.org (Apr 12 2006)
[eVuln] RedCMS Multiple XSS and SQL Injection Vulnerabilities alex_at_evuln.com (Apr 13 2006)
Camino Browser HTML Parsing Null Pointer Dereference Denial of Service Vulnerability izimask_at_thehackademy.net (Apr 13 2006)
PowerClan 1.14 - SQL Injection d4igoro_at_gmail.com (Apr 13 2006)
[eVuln] aWebNews Multiple XSS and SQL Injection Vulnerabilities alex_at_evuln.com (Apr 14 2006)
Vulnerabilities in lifetype crasher_at_kecoak.or.id (Apr 13 2006)
Vulnerabilities in Papoo crasher_at_kecoak.or.id (Apr 13 2006)
Vulnerabilities in MODx crasher_at_kecoak.or.id (Apr 13 2006)
- Re: Vulnerabilities in MOD Victor Brilon (Apr 15 2006)
Farsinews Cross-Site Scripting & Path disclosure vulnerability aminrayden_at_yahoo.com (Apr 14 2006)
osCommerce "extras/" information/source code disclosure rgod_at_autistici.org (Apr 14 2006)
- RE: osCommerce "extras/" information/source code disclosure Michael Scheidell (Apr 15 2006)
Encyclopedia <= 3.0 (login.php) CrossSite Scripting - XSS n0m3rcy_at_bsdmail.org (Apr 14 2006)
phpBB Admin command execution noch22_at_gmail.com (Apr 14 2006)
- Re: phpBB Admin command execution dave.de_at_siol.net (Apr 18 2006)
Serendipity Blog vuln moep (Apr 14 2004)
[SECURITY] [DSA 1034-1] New horde2 packages fix several vulnerabilities Moritz Muehlenhoff (Apr 14 2006)
phpBB template file code execution noch22_at_gmail.com (Apr 14 2006)
Avast Linux Home Edition (vulnerability on a temporary folder creation) Julien L. (Apr 14 2006)
[ GLSA 200604-07 ] Cacti: Multiple vulnerabilities in included ADOdb Thierry Carrez (Apr 14 2006)
Firefox 1.5.0.1 Password Manager Arbtirary User Browsing History Disclosure franz_at_noemail.com (Apr 13 2006)
- Re: Firefox 1.5.0.1 Password Manager Arbtirary User Browsing History Disclosure Eliah Kagan (Apr 14 2006)
Re: Re: NETGEAR WGT624 Wireless DSL router default user name/password vulnerability tranceformer_at_crimsonguard.net (Apr 13 2006)
[Full-disclosure] Microsoft DNS resolver: deliberately sabotaged hosts-file lookup Dave Korn (Apr 13 2006)
- Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotaged hosts-file lookup Brandon S. Allbery KF8NH (Apr 13 2006)
  - Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotaged hosts-file lookup Stan Bubrouski (Apr 13 2006)
  - Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotaged hosts-file lookup Jamie Riden (Apr 15 2006)
    - Re: Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotaged hosts-file lookup somerandomaddress99_at_mailinator.com (Apr 16 2006)
- Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotaged hosts-file lookup A.L.M.Buxey_at_lboro.ac.uk (Apr 13 2006)
  - Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotaged hosts-file lookup dumdidumdideldey (Apr 12 2006)
- Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotaged hosts-file lookup Joachim Schipper (Apr 13 2006)
  - RE: [Full-disclosure] Microsoft DNS resolver: deliberately sabotaged hosts-file lookup Mario Contestabile (Apr 19 2006)
    - RE: Microsoft DNS resolver: deliberately sabotaged hosts-file lookup Nick FitzGerald (Apr 20 2006)
    - Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotaged hosts-file lookup Duncan Simpson (Jan 03 2006)
PAJAX Remote Code Injection and File Inclusion Vulnerability RedTeam Pentesting (Apr 13 2006)
Xss In ar-blog v 5.2 W3.__at_hotmail.com (Apr 13 2006)
RE: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup Derek Soeder (Apr 13 2006)
- Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup Thor (Hammer of God) (Apr 15 2006)
  - Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup Ansgar -59cobalt- Wiechers (Apr 17 2006)
  - Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup Paul Wouters (Apr 17 2006)
  - Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup no.spam_at_my.house (Apr 16 2006)
  - Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup Geo. (Apr 17 2006)
    - Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup Thor (Hammer of God) (Apr 19 2006)
      - Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup Geo. (Apr 20 2006)
      - Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup Thor (Hammer of God) (Apr 24 2006)
  - Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup robsekeris_at_hotmail.com (Apr 17 2006)
- RE: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup Sean Scott (Apr 24 2006)
  - Re: RE: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup john_at_johnsdomain.org (Apr 17 2006)
    - Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup Thor (Hammer of God) (Apr 19 2006)
  - Re: RE: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup somebody_at_rtr.ca (Apr 16 2006)
    - Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup Thor (Hammer of God) (Apr 19 2006)
planetSearch+ - XSS Vulnerabilities d4igoro_at_gmail.com (Apr 13 2006)
Re: [ECHO_ADV_27$2006] Indexu <= 5.0.1 Remote File Inclusion robert_at_blurstorm.com (Apr 13 2006)
Re: SAXoPRESS - directory traversal aka Saxotech Online securiteam_at_datasec.no (Apr 12 2006)
Re: Sql Injection in Confixx 3.06 & 3.08 & 3.?? ? iovdin_at_swsoft.com (Apr 12 2006)
a Yahoo Vulnerability r57shell_at_gmail.com (Apr 12 2006)
Dokeos 1.6.4 SQL Injection Vulnerability Alvaro Olavarria (Apr 10 2006)
manila.userland cross site scriptable Aaron Kaplan (Apr 14 2006)
ZDI-06-010: Mozilla Firefox CSS Letter-Spacing Heap Overflow Vulnerability zdi-disclosures_at_3com.com (Apr 14 2006)
[KAPDA]MyBB1.1.0~global.php~ParameterExtracting addmimistrator_at_gmail.com (Apr 14 2006)
[KAPDA]CopperminePhotoGallery1.4.4~ PluginInclusionSystem(index.php)~ RemoteFileInclusion attack addmimistrator_at_gmail.com (Apr 14 2006)
- Re: [KAPDA]CopperminePhotoGallery1.4.4~ PluginInclusionSystem(index.php)~ RemoteFileInclusion attack Dariusz Kolasinski (Apr 16 2006)
[eVuln] aWebBB Multiple XSS and SQL Injection Vulnerabilities alex_at_evuln.com (Apr 14 2006)
[SECURITY] [DSA 1035-1] New fcheck packages fix insecure temporary file creation Moritz Muehlenhoff (Apr 15 2006)
PHP Album <= 0.3.2.3 remote commnads execution rgod_at_autistici.org (Apr 15 2006)
Tiny Web Gallery <= 1.4 XSS qex_at_bsdmail.org (Apr 15 2006)
PhpGuestbook <= 1.0 XSS qex_at_bsdmail.org (Apr 15 2006)
FlexBB <= 0.5.7 BETA XSS qex_at_bsdmail.org (Apr 15 2006)
Boardsolution <= 1.12 XSS qex_at_bsdmail.org (Apr 15 2006)
phpFaber TopSites Script Cross-Site Scripting botan_at_linuxmail.org (Apr 15 2006)
Snipe Gallery <= 3.1.4 Multiple XSS qex_at_bsdmail.org (Apr 15 2006)
- Re: Snipe Gallery <= 3.1.4 Multiple XSS nobody_at_nowhere.com (Apr 16 2006)
DbbS<=2.0-alpha Multiple Vulnerabilities yamcho_at_mail.it (Apr 15 2006)
Xss In bMachine 2٫7 W3.__at_hotmail.com (Apr 16 2006)
FlexBB v0.5.5 BETA [SQL Inj] [XSS] [Login bypass] kr4ch_at_web.de (Apr 16 2006)
Calendarix "yearcal.php" XSS Attacking botan_at_linuxmail.org (Apr 16 2006)
MyEvent Remote File Execution And XSS Attacking botan_at_linuxmail.org (Apr 16 2006)
BetaBoard Cross Site Scripting vulnerability easy.mask_at_gmail.com (Apr 16 2006)
PhpWebFTP 3.2 Login Script arko.dhar_at_gmail.com (Apr 16 2006)
[SECURITY] [DSA 1036-1] New bsdgames packages fix local privilege escalation Moritz Muehlenhoff (Apr 17 2006)
- PHPGraphy <= 0.9.11 "editwelcome" unauthorized access / cross site scripting - rgod_at_autistici.org (Apr 17 2006)
- Re: - PHPGraphy <= 0.9.11 "editwelcome" unauthorized access / cross site scripting - JiM / aEGIS (Apr 18 2006)
ShoutBOOK <= 1.1 XSS qex_at_bsdmail.org (Apr 17 2006)
Neuron Blog <= 1.1 XSS qex_at_bsdmail.org (Apr 17 2006)
[eVuln] CzarNews XSS and Multiple SQL Injection Vulnerabilities alex_at_evuln.com (Apr 17 2006)
Tiny PHP forum - vulns hessam_at_hessamx.net (Apr 17 2006)
AnimeGenesis <= XSS qex_at_bsdmail.org (Apr 17 2006)
ZDI-06-009: Mozilla Firefox Tag Parsing Code Execution Vulnerability zdi-disclosures_at_3com.com (Apr 17 2006)
[ GLSA 200604-08 ] libapreq2: Denial of Service vulnerability Thierry Carrez (Apr 17 2006)
FlexBB 0.5.5 Bypass Exploit o.y.6_at_hotmail.com (Apr 17 2006)
Neon Responder (Dos,Exploit) Stefan Lochbihler (Apr 17 2006)
[Argeniss] Alert - Yahoo! Webmail XSS Cesar (Apr 17 2006)
- Re: [Full-disclosure] [Argeniss] Alert - Yahoo! Webmail XSS Morning Wood (Apr 17 2006)
- Re: [Full-disclosure] [Argeniss] Alert - Yahoo! Webmail XSS Morning Wood (Apr 17 2006)
gcc 4.1 bug miscompiles pointer range checks, may place you at risk Felix von Leitner (Apr 17 2006)
- Re: gcc 4.1 bug miscompiles pointer range checks, may place you at risk Michael Chamberlain (Apr 17 2006)
- Re: gcc 4.1 bug miscompiles pointer range checks, may place you at risk Forrest J. Cavalier III (Apr 17 2006)
- RE: gcc 4.1 bug miscompiles pointer range checks, may place you at risk Michael Wojcik (Apr 17 2006)
- Re: gcc 4.1 bug miscompiles pointer range checks, may place you at risk Alexander Klimov (Apr 18 2006)
- Re: gcc 4.1 bug miscompiles pointer range checks, may place you at risk jat-public01_at_jaet.org (Apr 18 2006)
- Re: gcc 4.1 bug miscompiles pointer range checks, may place you at risk Florian Weimer (Apr 18 2006)
- Re: gcc 4.1 bug miscompiles pointer range checks, may place you at risk Gabor Gombas (Apr 18 2006)
- Re: gcc 4.1 bug miscompiles pointer range checks, may place you at risk Nate Eldredge (Apr 17 2006)
[eVuln] Wire Plastik wpBlog SQL Injection Vulnerability alex_at_evuln.com (Apr 17 2006)
[SA-03] Example of Grsecurity protection avoid. adam_at_pinkhat.org (Apr 17 2006)
Linpha 1.1.0 - XSS Vulnerabilities d4igoro_at_gmail.com (Apr 17 2006)
Remote Xine Format String Vulnerability c0ntexb_at_gmail.com (Apr 18 2006)
Another flaw in Firefox 1.5.0.2: to open files from remote miky_at_gmail.com (Apr 18 2006)
axoverzicht.cgi <= XSS qex_at_bsdmail.org (Apr 18 2006)
blur6ex Local File Inclusion and SQL injection . h e (Apr 17 2006)
[ MDKSA-2006:072 ] - Updated kernel packages fix multiple vulnerabilities security_at_mandriva.com (Apr 17 2006)
phpLister v. 0.4.1 XSS Attacking botan_at_linuxmail.org (Apr 18 2006)
[KAPDA::#41] - Mambo/Joomla rss component vulnerability alireza hassani (Apr 18 2006)
- Re: [KAPDA::#41] - Mambo/Joomla rss component vulnerability rey.gigataras_at_joomla.org (Apr 19 2006)
Multiple critical and high risk issues in Oracle's database server NGSSoftware Insight Security Research (Apr 18 2006)
[Symantec Security Advisory] LiveUpdate for Macintosh Local Privilege Escalation Secure_at_symantec.com (Apr 18 2006)
CuteNews 1.4.1 <= Cross Site Scripting sn4k3.23_at_gmail.com (Apr 18 2006)
- Re: CuteNews 1.4.1 <= Cross Site Scripting Steven M. Christey (Apr 20 2006)
SQL Injection in package SYS.DBMS_LOGMNR_SESSION ak_at_red-database-security.com (Apr 18 2006)
FreeBSD Security Advisory FreeBSD-SA-06:14.fpu FreeBSD Security Advisories (Apr 19 2006)
[MajorSecurity]ActualAnalyzer - Remote File Include Vulnerability admin_at_majorsecurity.de (Apr 19 2006)
Oracle 10g 10.2.0.2.0 DBA exploit putosoft softputo (Apr 19 2006)
XSS Vulnerability in Guest-book script powered by Community Architect susam.pal_at_gmail.com (Apr 19 2006)
Cisco Security Advisory: Cisco IOS XR MPLS Vulnerabilities Cisco Systems Product Security Incident Response Team (Apr 19 2006)
Re: Path Disclosure and Arbitrary File Read Vulnerability in SLAB5000 office_at_slabmedia.com (Apr 18 2006)
[security bulletin] HPSBUX02108 SSRT061133 rev.7 - HP-UX running Sendmail, Remote Execution of Arbitrary Code security-alert_at_hp.com (Apr 19 2006)
Multiple vulnerabilities in Linux based Cisco products assurance.com.au (Apr 19 2006)
- Re: Multiple vulnerabilities in Linux based Cisco products Ilker Temir (Apr 19 2006)
RechnungsZentrale V2 - SQL injection and Remote PHP inclusion vulnerabilities info_at_g-0.org (Apr 19 2006)
ThWboard <= 3 Beta 2.84 SQL Injection Qex_at_bsdmail.org (Apr 19 2006)
Cisco Security Advisory: Multiple Vulnerabilities in the WLSE Appliance Cisco Systems Product Security Incident Response Team (Apr 19 2006)
redirection vuln crawlers breed & security through obscurity Ivan Sergio Borgonovo (Apr 15 2006)
- RE: redirection vuln crawlers breed & security through obscurity Evans, Arian (Apr 19 2006)
- Re: redirection vuln crawlers breed & security through obscurity Thomas Hochstein (Apr 21 2006)
Shbablek Mail Vulnerablitiy - Cross-Site Scripting n0m3rcy_at_bsdmail.org (Apr 18 2006)
WWWThread RC 3 MultBugs o.y.6_at_hotmail.com (Apr 19 2006)
ContentBoxx Login.php Cross-Site Scripting botan_at_linuxmail.org (Apr 19 2006)
Fortinet28 box does not resist has small synflood! testx444_at_hushmail.com (Apr 16 2006)
Tlen.PL e-mail XSS vulnerability. koper_at_pass.pl (Apr 15 2006)
Confixx SQL Injection exploit (confixx_exploit.pl) defa (Apr 19 2006)
EasyGallery Cross-Site Scripting botan_at_linuxmail.org (Apr 19 2006)
[eVuln] MD News Authentication Bypass and SQL Injection Vulnerabilities alex_at_evuln.com (Apr 18 2006)
SQL Injection in incredibleindia.org susam_pal_at_yahoo.co.in (Apr 16 2006)
[eVuln] N.T. Version 1.1.0 XSS and PHP Code Insertion Vulnerabilities alex_at_evuln.com (Apr 19 2006)
PCPIN Chat <= 5.0.4 "login/language" remote cmmnds xctn rgod_at_autistici.org (Apr 19 2006)
[USN-271-1] Firefox vulnerabilities Martin Pitt (Apr 19 2006)
Strengthen OpenSSH security? Brett Glass (Apr 17 2006)
- Re: Strengthen OpenSSH security? Mike Hoskins (Apr 19 2006)
- Re: Strengthen OpenSSH security? Carson Gaspar (Apr 19 2006)
  - Re: Strengthen OpenSSH security? Theo de Raadt (Apr 20 2006)
- Re: Strengthen OpenSSH security? Kd (Apr 19 2006)
- Re: Strengthen OpenSSH security? MaddHatter (Apr 19 2006)
- Re: Strengthen OpenSSH security? Damien Miller (Apr 19 2006)
- Re: Strengthen OpenSSH security? c0redump_at_ackers.org.uk (Apr 20 2006)
- Re: Strengthen OpenSSH security? Bob Goodman (Apr 20 2006)
ASPSitem <= 1.83 Remote SQL Injection Vulnerability Mustafa Can Bjorn IPEKCI (Apr 19 2006)
[eVuln] MWGuest XSS Vulnerability alex_at_evuln.com (Apr 20 2006)
PHPSurveyor <= 0.995 'save.php/surveyid' remote cmmnds xctn rgod_at_autistici.org (Apr 20 2006)
ThWboard 3 Beta 2.84 Cross Site Scripting CrAzY.CrAcKeR_at_hotmail.com (Apr 20 2006)
axoverzicht.cgi<==Remote File Inclusion CrAzY.CrAcKeR_at_hotmail.com (Apr 20 2006)
[security bulletin] HPSBTU02095 SSRT051007 rev.3 - HP Tru64 UNIX Running DNS BIND4/BIND8 as Forwarders: Remote Unauthorized Privileged Access security-alert_at_hp.com (Apr 20 2006)
[security bulletin] HPSBST02112 SSRT061129 rev.1 - HP StorageWorks Secure Path for Windows Remote Denial of Service (DoS) security-alert_at_hp.com (Apr 20 2006)
Ad-Aware Revisited Roy.Batty_at_phreaker.net (Apr 18 2006)
New site about security conferences : www.security-briefings.com newslist_at_security-briefings.com (Apr 19 2006)
Allied Telesyn Switch UDP Data Flood Management Denial Of Service Vulnerability kim_at_webdeal.no (Apr 19 2006)
RE: (addendum) redirection vuln crawlers breed & security through obscurity Evans, Arian (Apr 19 2006)
[Argeniss] Oracle Database 10gR1 Buffer overflow in VERIFY_LOG procedure Cesar (Apr 19 2006)
4images <= 1.7 XSS qex_at_bsdmail.org (Apr 20 2006)
Websense Filter Bypass qex_at_bsdmail.org (Apr 20 2006)
Mini-NUKE v2.3<<--- SQL Injection CrAzY.CrAcKeR_at_hotmail.com (Apr 20 2006)
- Re: Mini-NUKE v2.3<<--- SQL Injection nukedx_at_nukedx.com (Apr 21 2006)
[ GLSA 200604-09 ] Cyrus-SASL: DIGEST-MD5 Pre-Authentication Denial of Service Sune Kloppenborg Jeppesen (Apr 20 2006)
[ GLSA 200604-10 ] zgv, xzgv: Heap overflow Sune Kloppenborg Jeppesen (Apr 20 2006)
[SecuriWeb 2006.1] directory traversal in Asterisk@Home and ARI Fran�ois Harvey (Apr 20 2006)
BK Forum <<--V.4.0 SQL Injection CrAzY.CrAcKeR_at_hotmail.com (Apr 20 2006)
[eVuln] MWNewsletter SQL Injection and XSS Vulnerabilities alex_at_evuln.com (Apr 21 2006)
r57shell.php <= 1.3 XSS qex_at_bsdmail.org (Apr 21 2006)
bloggage Remote SQL Injection omnipresent_at_email.it (Apr 21 2006)
[SECURITY] [DSA 1037-1] New zgv packages fix arbitrary code execution Martin Schulze (Apr 21 2006)
RE: [BULK] - Websense Filter Bypass Hubbard, Dan (Apr 21 2006)
- RE: [BULK] - Websense Filter Bypass John E. Fleming (Apr 21 2006)
Scry Gallery Directory Traversal & Full Path Disclosure Vulnerabilites simo64_at_gmail.com (Apr 21 2006)
Rapid7 Advisory R7-0021: Symantec Scan Engine Authentication Fundamental Design Error advisory_at_rapid7.com (Apr 21 2006)
Rapid7 Advisory R7-0022: Symantec Scan Engine Known Immutable DSA Private Key advisory_at_rapid7.com (Apr 21 2006)
Rapid7 Advisory R7-0023: Symantec Scan Engine File Disclosure Vulnerability advisory_at_rapid7.com (Apr 21 2006)
Rapid7 Advisory R7-0019: Directory traversal vulnerability in SolarWinds TFTP Server for Windows advisory_at_rapid7.com (Apr 21 2006)
[Symantec Security Advisor] Symantec Scan Engine Multiple Vulnerabilities secure_at_symantec.com (Apr 21 2006)
[SECURITY] [DSA 1038-1] New xzgv packages fix arbitrary code execution Martin Schulze (Apr 22 2006)
VWar <= ver 1.21 Remote Code Execution Exploit ali_at_hackerz.ir (Apr 22 2006)
dForum <= 1.5 Multiple Remote File Inclusion Vulnerabilities. Mustafa Can Bjorn IPEKCI (Apr 21 2006)
vBulletin <= 3.5.4 with MKPortal 1.1 Remote SQL Injection Vulnerability. Mustafa Can Bjorn IPEKCI (Apr 21 2006)
Advisory: Simplog <= 0.93 Multiple Remote Vulnerabilities. Mustafa Can Bjorn IPEKCI (Apr 21 2006)
Advisory: CoreNews <= 2.0.1 Multiple Remote Vulnerabilities. Mustafa Can Bjorn IPEKCI (Apr 21 2006)
[ GLSA 200604-11 ] Crossfire server: Denial of Service and potential arbitrary code execution Thierry Carrez (Apr 22 2006)
FlexBB 0.5.5 Exploit [ function/showprofile.php ] Remote SQL Injection o.y.6_at_hotmail.com (Apr 21 2006)
Yahoo! Mail XSS Vulnerability Cheng Peng Su (Apr 21 2006)
MSIE (mshtml.dll) OBJECT tag vulnerability Michal Zalewski (Apr 22 2006)
[USN-272-1] cyrus-sasl2 vulnerability Martin Pitt (Apr 24 2006)
NSFOCUS SA2006-03 : IBM AIX rm_mlcache_file Local Race Condition Vulnerability NSFOCUS Security Team (Apr 24 2006)
NSFOCUS SA2006-02 : IBM AIX mklvcopy Local Privilege Escalation Vulnerability NSFOCUS Security Team (Apr 24 2006)
[SECURITY] [DSA 1040-1] New gdm packages fix local root exploit Martin Schulze (Apr 24 2006)
[SECURITY] [DSA 1039-1] New blender packages fix several vulnerabilities Martin Schulze (Apr 23 2006)
Scry Gallery XSS Vulnerability arko.dhar_at_gmail.com (Apr 23 2006)
[ GLSA 200604-14 ] Dia: Arbitrary code execution through XFig import Sune Kloppenborg Jeppesen (Apr 23 2006)
[ GLSA 200604-13 ] fbida: Insecure temporary file creation Sune Kloppenborg Jeppesen (Apr 23 2006)
[ GLSA 200604-12 ] Mozilla Firefox: Multiple vulnerabilities Thierry Carrez (Apr 23 2006)
[eVuln] RateIt SQL Injection Vulnerability alex_at_evuln.com (Apr 24 2006)
FileLodge Bolt (showonlineusers.php) Cross-Site Scripting Vulnerbility n0m3rcy_at_bsdmail.org (Apr 23 2006)
XSS Bug in OpenGear Server Website Aditya_at_Metaeye.Org (Apr 24 2006)
BK Forum <= 4.0 Remote SQL Injection n0m3rcy_at_bsdmail.org (Apr 23 2006)
[MajorSecurity] TotalCalendar 2.30 - Remote File Include Vulnerability admin_at_majorsecurity.de (Apr 23 2006)
[USN-273-1] Ruby vulnerability Martin Pitt (Apr 24 2006)
RIblog Remote SQL Injection Exploit omnipresent_at_email.it (Apr 23 2006)
Re: evoBlog Remote Name tag Script injection daniel_at_evo-dev.com (Apr 23 2006)
Buffer-overflow and crash in Fenice OMS 1.10 Luigi Auriemma (Apr 23 2006)
Denial of service bugs in OpenTTD 0.4.7 Luigi Auriemma (Apr 23 2006)
Multiple PHP4/PHP5 vulnerabilities infocus (Nov 12 2005)
Format string bug in Skulltag 0.96f Luigi Auriemma (Apr 23 2006)
Advisory: Clansys <= 1.1 PHP Code Insertion Vulnerability. Mustafa Can Bjorn IPEKCI (Apr 23 2006)
- Re: Advisory: Clansys <= 1.1 PHP Code Insertion Vulnerability. nukedx_at_nukedx.com (Apr 24 2006)
Apple Mac OS X Safari 2.0.3 Vulnerability security_at_slashdot.ch (Apr 24 2006)
- Re: Apple Mac OS X Safari 2.0.3 Vulnerability Colin Keigher (Apr 24 2006)
  - Re: Apple Mac OS X Safari 2.0.3 Vulnerability Tom Ferris (Apr 25 2006)
    - Re: Apple Mac OS X Safari 2.0.3 Vulnerability Billy Bues (Apr 25 2006)
- Re: Apple Mac OS X Safari 2.0.3 Vulnerability jens_at_mac.com (Apr 26 2006)
  - Re: Apple Mac OS X Safari 2.0.3 Vulnerability Aaron Phillips (Apr 26 2006)
    - Re: Apple Mac OS X Safari 2.0.3 Vulnerability Ian MacPhedran (Apr 26 2006)
Firefox Remote Code Execution and DoS 1.5.0.2 chris_at_splices.org (Apr 23 2006)
[MajorSecurity] phpMyAgenda 3.0 Final - Remote File Include Vulnerability admin_at_majorsecurity.de (Apr 24 2006)
VWar Path Disclosure arko.dhar_at_gmail.com (Apr 23 2006)
- Re: VWar Path Disclosure spic_at_g00ns.net (Apr 26 2006)
vbulletin<--3.0.x SQL Injection CrAzY.CrAcKeR_at_hotmail.com (Apr 23 2006)
- Re: vbulletin<--3.0.x SQL Injection scott_at_vbulletin.com (Apr 24 2006)
Advisory: My Gaming Ladder Combo System <= 7.0 Remote File Inclusion Vulnerability. Mustafa Can Bjorn IPEKCI (Apr 22 2006)
ADVISORY FOR IOPUS SECURE EMAIL ATTACHMENTS ntwak0_at_safehack.com (Apr 22 2006)
- Re: ADVISORY FOR IOPUS SECURE EMAIL ATTACHMENTS fabio (Apr 25 2006)
- Re: ADVISORY FOR IOPUS SECURE EMAIL ATTACHMENTS Andreas Beck (Apr 24 2006)
Quick 'n Easy FTP Server pro/lite Logging unicode stack overflow Kaveh Razavi (Apr 24 2006)
[ MDKSA-2006:074 ] - Updated php packages address multiple vulnerabilities. security_at_mandriva.com (Apr 24 2006)
[ MDKSA-2006:073 ] - Updated cyrus-sasl packages addresses vulnerability security_at_mandriva.com (Apr 24 2006)
photokorn 1.53 , 1.542 << Sql Dr-Jr7_at_hotmail.com (Apr 24 2006)
NextAge Shopping Cart Software XSS AminRayden_at_yahoo.com (Apr 24 2006)
[ MDKSA-2006:075 ] - Updated mozilla-firefox packages fix numerous vulnerabilities security_at_mandriva.com (Apr 24 2006)
PhpWebFtp Cross Site Scripting Vulnerability arko.dhar_at_gmail.com (Apr 24 2006)
[SECURITY] [DSA 1041-1] New abc2ps packages fix arbitrary code execution Martin Schulze (Apr 25 2006)
NASL 'Split' function Buffer overflow Vulnerability OS2A BTO (Apr 25 2006)
- Re: NASL 'Split' function Buffer overflow Vulnerability Renaud Deraison (Apr 25 2006)
  - Re: NASL 'Split' function Buffer overflow Vulnerability Renaud Deraison (Apr 25 2006)
Invision Vulnerabilities, including remote code execution spam_at_we11er.co.uk (Apr 25 2006)
- Re: Invision Vulnerabilities, including remote code execution Steven M. Christey (Apr 26 2006)
  - RE: Invision Vulnerabilities, including remote code execution Mike Weller (Apr 26 2006)
- Re: Invision Vulnerabilities, including remote code execution mattmecham_at_gmail.com (Apr 27 2006)
[SECURITY] [DSA 1042-1] New Cyrus SASL packages fix denial of service Martin Schulze (Apr 25 2006)
Fenice - Open Media Streaming Server remote BOF exploit Kaveh Razavi (Apr 25 2006)
PowerPoint Phishing Trojan Lance James (Apr 22 2006)
Multiple vulnerabilities in IP3 Networks 'NetAccess' NA75 appliance Moonen, Ralph (Apr 24 2006)
Multiple browsers Windows mailto protocol Office 2003 file attachment exploit inge.henriksen_at_booleansoft.com (Apr 24 2006)
Instant Photo Gallery <= Multiple XSS qex_at_bsdmail.org (Apr 25 2006)
- Re: Instant Photo Gallery <= Multiple XSS security curmudgeon (Apr 26 2006)
Instant Photo Gallery <= Multiple XSS qex_at_bsdmail.org (Apr 25 2006)
- Re: Instant Photo Gallery <= Multiple XSS Steven M. Christey (Apr 27 2006)
DCForumLite V 3.0<--XSS/SQL Injection Breeeeh_at_hotmail.com (Apr 25 2006)
Recent Oracle exploit is _actually_ an 0day with no patch David Litchfield (Apr 26 2006)
- Re: Recent Oracle exploit is _actually_ an 0day with no patch Steven M. Christey (Apr 27 2006)
  - Re: Recent Oracle exploit is _actually_ an 0day with no patch David Litchfield (Apr 27 2006)
    - Re: Recent Oracle exploit is _actually_ an 0day with no patch Cesar (Apr 28 2006)
- RE: Recent Oracle exploit is _actually_ an 0day with no patch Kornbrust, Alexander (Apr 28 2006)
  - Re: Recent Oracle exploit is _actually_ an 0day with no patch David Litchfield (Apr 28 2006)
[ MDKSA-2006:076 ] - Updated mozilla packages fix numerous vulnerabilities security_at_mandriva.com (Apr 25 2006)
[ MDKSA-2006:077 ] - Updated ethereal packages fix numerous vulnerabilities security_at_mandriva.com (Apr 25 2006)
[ MDKSA-2006:078 ] - Updated mozilla-thunderbird packages fix numerous vulnerabilities security_at_mandriva.com (Apr 25 2006)
[ MDKSA-2006:079 ] - Updated ruby packages fix vulnerability security_at_mandriva.com (Apr 25 2006)
Cisco Security Advisory: Cisco VPN 3000 Concentrator Vulnerable to Crafted HTTP Attack Cisco Systems Product Security Incident Response Team (Apr 26 2006)
[SECURITY] [DSA 1044-1] New Mozilla Firefox packages fix several vulnerabilities Martin Schulze (Apr 26 2006)
MySmartBB<---v 1.1.x SQL Injection/XSS BoNy-m_at_hotmail.com (Apr 26 2006)
DevBB <= 1.0.0 XSS qex_at_bsdmail.com (Apr 26 2006)
[SECURITY] [DSA 1044-1] New Mozilla Firefox packages fix several vulnerabilities Martin Schulze (Apr 26 2006)
Secunia Research: SpeedProject Products ACE Archive Handling Buffer Overflow Secunia Research (Apr 26 2006)
[ GLSA 200604-15 ] xine-ui: Format string vulnerabilities Sune Kloppenborg Jeppesen (Apr 26 2006)
[SECURITY] [DSA 1043-1] New abcmidi packages fix arbitrary code execution Martin Schulze (Apr 26 2006)
[ GLSA 200604-16 ] xine-lib: Buffer overflow vulnerability Sune Kloppenborg Jeppesen (Apr 26 2006)
[eVuln] warforge.NEWS SQL Injection and Multiple XSS Vulnerabilities alex_at_evuln.com (Apr 25 2006)
SQL Injection On DUportal outlaw_at_aria-security.net (Apr 25 2006)
ZDI-06-011: Mozilla Firefox Table Rebuilding Code Execution Vulnerability zdi-disclosures_at_3com.com (Apr 25 2006)
XXS Attack On FarsiNews outlaw_at_aria-security.net (Apr 25 2006)
Open Bulletin Board < Multiple Vulnerability qex_at_bsdmail.org (Apr 26 2006)
Local XXS Attack On CuteNews outlaw_at_aria-security.net (Apr 25 2006)
Re: XV multiple buffer overflows (update) kvea_at_loc.gov (Apr 26 2006)
[EEYEB-20060227] Juniper Networks SSL-VPN Client Buffer Overflow eEye Advisories (Apr 26 2006)
MyBB 1.1.1 Local SQL Injections o.y.6_at_hotmail.com (Apr 27 2006)
(no subject) Yannick von Arx (Apr 27 2006)
[USN-274-1] MySQL vulnerability Martin Pitt (Apr 27 2006)
Land Down Under 802 and below version Path Disclosure Vulnerability Advisory_at_Aria-Security.net (Apr 26 2006)
[security bulletin] HPSBUX02108 SSRT061133 rev.9 - HP-UX running Sendmail, Remote Execution of Arbitrary Code security-alert_at_hp.com (Apr 27 2006)
[security bulletin] HPSBUX02075 SSRT051074 rev.4 - HP-UX Running xterm Local Unauthorized Access security-alert_at_hp.com (Apr 27 2006)
[ GLSA 200604-17 ] Ethereal: Multiple vulnerabilities in protocol dissectors Sune Kloppenborg Jeppesen (Apr 26 2006)
[security bulletin] HPSBMA02113 SSRT061148 rev.1 - HP Oracle for OpenView (OfO) Critical Patch Update April 2006 security-alert_at_hp.com (Apr 27 2006)
SQL injection exploit IPB <= 2.1.4 satanchild123_at_hotmail.com (Apr 27 2006)
[USN-275-1] Mozilla vulnerabilities Martin Pitt (Apr 27 2006)
[SECURITY] [DSA 1045-1] New OpenVPN packages fix arbitrary code execution Martin Schulze (Apr 26 2006)
[SECURITY] [DSA 1046-1] New Mozilla packages fix several vulnerabilities Martin Schulze (Apr 27 2006)
BL4's SMTP server BufferOverflow Vulnerable the_day_at_echo.or.id (Apr 27 2006)
Secunia Research: Servant Salamander unacev2.dll Buffer Overflow Vulnerability Secunia Research (Apr 28 2006)
[ECHO_ADV_31$2006] Sws Web Server 0.1.7 Strcpy() & Syslog() Format String Vulnerability the_day_at_echo.or.id (Apr 28 2006)
WinISO/UltraISO/MagicISO/PowerISO Directory Traversal Vulnerability Sowhat (Apr 27 2006)
Cireos Portal Cross Site Scripting outlaw_at_aria-security.net (Apr 27 2006)
[Argeniss] Alert - Yahoo! Mail XSS vulnerability Cesar (Apr 28 2006)
[Kurdish Security #3] CoolMenus Event Remote File Include Vulnerability (For PHP) botan_at_linuxmail.org (Apr 28 2006)
[ GLSA 200604-18 ] Mozilla Suite: Multiple vulnerabilities Thierry Carrez (Apr 28 2006)
[Kurdish Security #2] Artmedic Event Remote File Include Vulnerability botan_at_linuxmail.org (Apr 28 2006)
Neomail.pl Local Cross Site Scripting outlaw_at_aria-security.net (Apr 27 2006)
[Kurdish Secure Advisory #1] I-RATER Platinum "Admin/configsettings.tpl.php" Remote File Include Vulnerability botan_at_linuxmail.org (Apr 28 2006)
Invision Power Board 2.1.5 POC Javier Olascoaga (Apr 27 2006)
W-Agora 4.20 XSS r0xes.ratm_at_gmail.com (Apr 29 2006)
TopList <= 1.3.8 (PHPBB Hack) Remote File Inclusion Vulnerability mfoxhacker_at_gmail.com (Apr 27 2006)
TextFileBB 1.0.16 Multiple XSS r0xes.ratm_at_gmail.com (Apr 29 2006)
poll.pl<--remote commands execution exploit CrAzY.CrAcKeR_at_hotmail.com (Apr 25 2006)
XSS Attack On DirectAdmin Hosting Managment outlaw_at_aria-security.net (Apr 26 2006)