Bugtraq: by thread

NewsPHP 2006 PRO XSS SQL injection Vulnerability securityconnection_at_gmail.com (Jun 29 2006)
News <= 5.2 XSS, SQL Injection, Full Path Disclosure gmdarkfig_at_gmail.com (Jun 29 2006)
Re: [Full-disclosure] Re[2]: Is Windows TCP/IP source routing PoC code available? 3APA3A (Jun 29 2006)
phpBB 2.0.21 Full Path Disclosure xzerox_at_linuxmail.org (Jun 29 2006)
Re: PHP security (or the lack thereof) Kevin Waterson (Jun 28 2006)
- Re: PHP security (or the lack thereof) Dan Falconer (Jul 05 2006)
  - Re: PHP security (or the lack thereof) Darren Reed (Jul 05 2006)
RE: [Full-disclosure] Browser bugs hit IE, Firefox today (SANS) Schmehl, Paul L (Jun 30 2006)
Re: Browser bugs hit IE, Firefox today (SANS) Alex Potter (Jun 30 2006)
- Re: Browser bugs hit IE, Firefox today (SANS) Thor Larholm (Jul 04 2006)
  - Re: Browser bugs hit IE, Firefox today (SANS) Paul Szabo (Jul 04 2006)
  - Re: Browser bugs hit IE, Firefox today (SANS) 3CO (Jul 12 2006)
Re: Msie 7.0 beta Crash mike_at_gmail.com (Jun 30 2006)
[security bulletin] HPSBUX02128 SSRT5996 - rev.1 HP-UX mkdir(1) Local Unauthorized Access security-alert_at_hp.com (Jun 30 2006)
[security bulletin] HPSBUX02103 SSRT5953 rev.3 - HP-UX passwd(1) Local Denial of Service (DoS) security-alert_at_hp.com (Jun 30 2006)
Buddy Zone Version 1.0.1 - XSS luny_at_youfucktard.com (Jun 30 2006)
- Re: Buddy Zone Version 1.0.1 - XSS support_at_vastal.com (Jul 15 2006)
mAds v1.0 lunY_at_youfucktard.com (Jun 30 2006)
phpMyAdmin : Cross-Site Scripting Vulnerability bug_at_securitynews.ir (Jun 30 2006)
DEF CON 14: Speakers Selected and more. The Dark Tangent (Jun 30 2006)
OPERA Web Browser 9 Denial OF Service y3dips_at_echo.or.id (Jul 01 2006)
Internet Crna Gora SQL Injection Breeeeh_at_hotmail.com (Jul 01 2006)
SmS Script SQL Injection Breeeeh_at_hotmail.com (Jul 01 2006)
Sql injection in Diesel joke site script black code (Jul 01 2006)
SturGeoN Upload v1 Remote Command Execution Exploit gmdarkfig_at_gmail.com (Jul 01 2006)
Whitepaper: IT (in)security implementation in a real world example Denis Jedig (Jun 30 2006)
Php-Fusion (Xss) With Avatar Upload zeberus__at_hotmail.com (Jul 01 2006)
Glossaire<<--v1.7 Remote File Include CrAzY.CrAcKeR_at_hotmail.com (Jul 01 2006)
call for papers - IT Underground, Italy 2006 it_underground_at_gazeta.pl (Jul 01 2006)
[MajorSecurity #19] AutoRank <= 5.01 - Multiple XSS and cookie disclosure admin_at_majorsecurity.de (Jul 02 2006)
WordPress 2.0.3 SQL Error and Full Path Disclosure xzerox_at_linuxmail.org (Jul 02 2006)
- Re: WordPress 2.0.3 SQL Error and Full Path Disclosure James Davis (Jul 04 2006)
- Re: WordPress 2.0.3 SQL Error and Full Path Disclosure Jaroslaw Sajko (Jul 04 2006)
- Re: WordPress 2.0.3 SQL Error and Full Path Disclosure zck zck (Jul 12 2006)
  - RE: WordPress 2.0.3 SQL Error and Full Path Disclosure Aaron Newman (Jul 12 2006)
    - Re: WordPress 2.0.3 SQL Error and Full Path Disclosure nate (Jul 13 2006)
- Re: WordPress 2.0.3 SQL Error and Full Path Disclosure jholguin_at_gmail.com (Jul 13 2006)
plume-cms v1.0.4 Multiple Remote File include KARKOR23_at_hotmail.com (Jul 02 2006)
Pearl Products Multiple Remote File Inclusion xzerox_at_linuxmail.org (Jul 02 2006)
free QBoard v1.1 Multiple Remote File include KARKOR23_at_hotmail.com (Jul 02 2006)
Re: [Full Disclosure] [Kil13r-SA-20060701-2] MoniWiki 1.1.1 Cross-Site Scripting Vulnerability mac68k_at_gmail.com (Jul 02 2006)
Multiple vulnerabilities in TK8 Safe v.3.0.5 clappymonkey_at_gmail.com (Jul 02 2006)
popup Vacation Rentals[calendar_year.php] SQL Injection BoNy-m_at_hotmail.com (Jul 02 2006)
QTOFileManager 1.0 securityconnection_at_gmail.com (Jul 02 2006)
Invision Power Board v1.3 Final SQL Injection Breeeeh_at_hotmail.com (Jul 02 2006)
- Re: Invision Power Board v1.3 Final SQL Injection mattmecham_at_gmail.com (Jul 10 2006)
Contact for nhl.com C. Hamby (Jul 02 2006)
Excel 2000/XP/2003 Style 0day POC nanika_at_chroot.org (Jul 03 2006)
5 php scripts remote database password disclosure gmdarkfig_at_gmail.com (Jul 03 2006)
Call For Papers - No cON Name 2006 Edition Spain deese_at_spezialk.net (Jul 03 2006)
[ GLSA 200607-01 ] mpg123: Heap overflow Sune Kloppenborg Jeppesen (Jul 03 2006)
ZoneAlarm Insufficient protection of registry key 'VETFDDNT\Enum' Vulnerability David Matousek (Jul 03 2006)
imgsvr dos exploit by n00b co296_at_aol.com (Jul 03 2006)
TBE 4.0 XSS securityconnection_at_gmail.com (Jul 03 2006)
[scip_Advisory 2351] Kyberna AG ky2help various form fields SQL Injection Marc Ruef (Jul 03 2006)
galleria <= 1.0 Remote File Inclusion Vulnerability ineal_at_gmail.com (Jul 03 2006)
- Re: galleria <= 1.0 Remote File Inclusion Vulnerability counterpoint_at_mamboguru.com (Jul 10 2006)
[scip_Advisory 2352] F5 FirePass 4100 prior 6.x multiple Cross Site Scripting Marc Ruef (Jul 04 2006)
file include exploits in randshop v1.2 black code (Jul 04 2006)
- Re: file include exploits in randshop v1.2 Rainer Duffner (Jul 04 2006)
PhpWebGallery Cross Site Scripting Vulnerability iss4m.h_at_gmail.com (Jul 03 2006)
[Bugtraq] Re: flock d0s exploit remote. beta 1 (v0.7) .myke lyons (Jul 04 2006)
- Re: [Bugtraq] Re: flock d0s exploit remote. beta 1 (v0.7) flockoyd_at_gmail.com (Jul 07 2006)
Invision Power Board "v1.X & 2.X" SQL Injection CrAzY.CrAcKeR_at_hotmail.com (Jul 04 2006)
- Re: Invision Power Board "v1.X & 2.X" SQL Injection mattmecham_at_gmail.com (Jul 10 2006)
Shopping Cart V0.9 luny_at_youfu**ktard.com (Jul 04 2006)
Windows Explorer URL File format overflow nanika_at_chroot.org (Jul 04 2006)
- Re: Windows Explorer URL File format overflow naveed (Jul 06 2006)
Touch arbitrary file execute vulnerability Alex Park (Jul 05 2006)
sNews 1.3 XSS SQL securityconnection_at_gmail.com (Jul 05 2006)
BLOG:CMS 4.1.0 SQL injection File Include Vulnerability securityconnection_at_gmail.com (Jul 05 2006)
[ MDKSA-2006:116 ] - Updated kernel packages fixes multiple vulnerabilities security_at_mandriva.com (Jul 05 2006)
- Re: [ MDKSA-2006:116 ] - Updated kernel packages fixes multiple vulnerabilities Paul Starzetz (Jul 06 2006)
vBulletin 3.5.4 (install_path) Exploit CarcaBotx_at_yahoo.com (Jul 05 2006)
- Re: vBulletin 3.5.4 (install_path) Exploit mikathebest2003_at_yahoo.de (Jul 05 2006)
- Re: vBulletin 3.5.4 (install_path) Exploit scott_at_vbulletin.com (Jul 05 2006)
  - Re: Re: vBulletin 3.5.4 (install_path) Exploit mikathebest2003_at_yahoo.de (Jul 08 2006)
    - RE: Re: vBulletin 3.5.4 (install_path) Exploit Robert Marquardt (Jul 10 2006)
TigerTom Scripts luny_at_youf**ktard.com (Jul 05 2006)
[SECURITY] [DSA 1104-2] New OpenOffice.org packages fix arbitrary code execution Martin Schulze (Jul 06 2006)
Public Advisory: Horde 3.1.1, 3.0.10 Multiple Security Issues Moritz Naumann (Jul 05 2006)
[USN-308-1] shadow vulnerability Martin Pitt (Jul 05 2006)
[USN-309-1] libmms vulnerability Martin Pitt (Jul 05 2006)
[USN-310-1] ppp vulnerability Martin Pitt (Jul 05 2006)
Major updates to Excel 0-day Vulnerability FAQ at SecuriTeam Blogs Juha-Matti Laurio (Jul 06 2006)
Various heap and stack overflow bugs in AdPlug library 2.0 (CVS 04 Jul 2006) Luigi Auriemma (Jul 06 2006)
McAfee VirusScan Enterprise 8.0.0 Buffer Overflow johndoe1529_at_yahoo.com (Jul 06 2006)
Mico crashes when contected with wrong IOR / DoS tuergeist (Jul 06 2006)
- Re: Mico crashes when contected with wrong IOR / DoS Karel Gardas (Jul 10 2006)
  - Re: Mico crashes when contected with wrong IOR / DoS tuergeist (Jul 10 2006)
    - Re: Mico crashes when contected with wrong IOR / DoS Karel Gardas (Jul 10 2006)
      - Gracenote buffer overflow MNV (Jul 10 2006)
- Re: Mico crashes when contected with wrong IOR / DoS tuergeist (Jul 09 2006)
TSLSA-2006-0040 - kernel Trustix Security Advisor (Jul 07 2006)
WebEx Downloader Plug-in Multiple Vulnerabilities + rant Mark Litchfield (Jul 07 2006)
- RE: WebEx Downloader Plug-in Multiple Vulnerabilities + rant Web Ex (Jul 08 2006)
- Re: WebEx Downloader Plug-in Multiple Vulnerabilities + rant Mark Rowe (Jul 14 2006)
  - Re: WebEx Downloader Plug-in Multiple Vulnerabilities + rant Mark Litchfield (Jul 17 2006)
PHP-Blogger Multiple Cross Site Scripting Vulnerabilities OS2A BTO (Jul 06 2006)
[ECHO_ADV_36$2006] ExtCalendar <== v2.0 Remote File Include Vulnerabilities matdhule_at_gmail.com (Jul 07 2006)
ATutor : Cross-Site Scripting Vulnerabilities bug_at_securitynews.ir (Jul 07 2006)
Possible code execution in Kaillera 0.86 Luigi Auriemma (Jul 06 2006)
rPSA-2006-0122-1 kernel Justin M. Forbes (Jul 07 2006)
- Re: rPSA-2006-0122-1 kernel Paul Starzetz (Jul 10 2006)
PBL Guestbook <= 1.32 XSS & SQL Querys Vulnerabilities paisterist.nst_at_gmail.com (Jul 07 2006)
Format string bug in Sparklet 0.9.4try3 Luigi Auriemma (Jul 06 2006)
[ MDKSA-2006:117 ] - Updated libmms packages fix buffer overflow vulnerability security_at_mandriva.com (Jul 06 2006)
HostingController: An attacker can gain reseller privileges and after that can gain admin privileges Irsdl_at_yahoo.com (Jul 07 2006)
Sport-slo.net Guestbook v1.0 luny_at_youfucktard.com (Jul 06 2006)
IBM AIX Security contact? Joxean Koret (Jul 06 2006)
- Re: IBM AIX Security contact? Troy Bollinger (Jul 06 2006)
Pivot <=1.30rc2 privilege escalation / remote commands execution rgod_at_autistici.org (Jul 07 2006)
[SECURITY] [DSA 1105-1] New xine-lib packages fix denial of service Martin Schulze (Jul 06 2006)
lintah_|adv|_01@2006>=========<[Aura-CMS v1.62]<===>[XSS vulnerable]&[bug] k07iX (Jul 06 2006)
ZDI-06-021: WebEx Downloader Plug-in Code Execution Vulnerability zdi-disclosures_at_3com.com (Jul 06 2006)
[ MDKSA-2006:118 ] - Updated OpenOffice.org packages fix various vulnerabilities security_at_mandriva.com (Jul 07 2006)
PAPOO <=3RC3 sql injection / admin credentials disclosure rgod_at_autistici.org (Jul 07 2006)
[KAPDA::#46] - AjaxPortal Authentication Bypass alireza hassani (Jul 08 2006)
- Re: [KAPDA::#46] - AjaxPortal Authentication Bypass earthquake_at_freemail.hu (Jul 09 2006)
ATutor 1.5.3 Cross Site Scripting securityconnection_at_gmail.com (Jul 08 2006)
- Re: ATutor 1.5.3 Cross Site Scripting info_at_atutor.ca (Jul 11 2006)
- Re: ATutor 1.5.3 Cross Site Scripting Steven M. Christey (Jul 21 2006)
RW::Download stats.php Remote File Inc. StorMBoY_at_BsdMaiL.Org (Jul 08 2006)
[ GLSA 200607-03 ] libTIFF: Multiple buffer overflows Sune Kloppenborg Jeppesen (Jul 09 2006)
Webvizyon Portal 2006 Version SQL Injection StorMBoY_at_BsdMail.Org (Jul 08 2006)
Securing PHP or finding PHP alternatives (was: PHP security (or the lack thereof)) Gezim Hoxha (Jul 07 2006)
- Re: Securing PHP or finding PHP alternatives Crispin Cowan (Jul 10 2006)
  - Re: Securing PHP or finding PHP alternatives SkyFlash (Jul 11 2006)
    - Re: Securing PHP or finding PHP alternatives Crispin Cowan (Jul 17 2006)
  - Re: Securing PHP or finding PHP alternatives Sheryl Coppenger (Jul 11 2006)
    - Re: Securing PHP or finding PHP alternatives Crispin Cowan (Jul 21 2006)
    - Re: Securing PHP or finding PHP alternatives Michael Cordover (Jul 18 2006)
- Re: Securing PHP or finding PHP alternatives Michael Shigorin (Jul 10 2006)
- Re: Securing PHP or finding PHP alternatives (was: PHP security (or the lack thereof)) Matthias Kestenholz (Jul 10 2006)
- Re: Securing PHP or finding PHP alternatives (was: PHP security (or the lack thereof)) Meet Myself on the Internet (Jul 10 2006)
Graffiti Forums v1.0 SQL Injection Vulnerabilities paisterist.nst_at_gmail.com (Jul 08 2006)
[ GLSA 200607-04 ] PostgreSQL: SQL injection Sune Kloppenborg Jeppesen (Jul 09 2006)
MT rmcek Toplist v2.2 Version Microsoft Access Driver ( MDB ) Download StorMBoY_at_BsdMaiL.Org (Jul 09 2006)
LAMP vs Microsoft Darren Reed (Jul 09 2006)
- Re: LAMP vs Microsoft Jarrod Frates (Jul 10 2006)
- Re: LAMP vs Microsoft Bob Beck (Jul 10 2006)
  - Re: LAMP vs Microsoft Darren Reed (Jul 11 2006)
    - Re: LAMP vs Microsoft Bob Beck (Jul 11 2006)
      - Re: LAMP vs Microsoft Darren Reed (Jul 11 2006)
      - Re: LAMP vs Microsoft Bob Beck (Jul 12 2006)
      - Re: LAMP vs Microsoft Bob Beck (Jul 15 2006)
      - Re: LAMP vs Microsoft Darren Reed (Jul 19 2006)
      - Re: LAMP vs Microsoft George Capehart (Jul 15 2006)
      - Re: LAMP vs Microsoft Darren Reed (Jul 16 2006)
      - Re: LAMP vs Microsoft Hugo van der Kooij (Jul 16 2006)
  - Re: LAMP vs Microsoft Joel Maslak (Jul 10 2006)
- Re: LAMP vs Microsoft Steven M. Christey (Jul 11 2006)
Re: RE: Invision Vulnerabilities, including remote code execution mattmecham_at_gmail.com (Jul 10 2006)
ERNW Security Advisory 02/2006 - Buffer Overflow in sipXtapi (used in AOL Triton) mozilla_at_ids-guide.de (Jul 09 2006)
[ECHO_ADV_37$2006] pc_cookbook Mambo/Joomla Component <= v0.3 Remote File Include Vulnerabilities matdhule_at_gmail.com (Jul 09 2006)
[SECURITY] [DSA 1106-1] New ppp packages fix privilege escalation Martin Schulze (Jul 09 2006)
phpPolls 1.0.3 Administration ByPass alp_eren_at_ayyildiz.org (Jul 10 2006)
[USN-312-1] gimp vulnerability Martin Pitt (Jul 10 2006)
RE: MIMESweeper For Web 5.X Cross Site Scripting Erez Metula (Jul 10 2006)
- RE: MIMESweeper For Web 5.X Cross Site Scripting Erez Metula (Jul 11 2006)
CC announces new Rootkit help forum insync with Book Paul Laudanski (Jul 06 2006)
MS Word Unchecked Boundary Condition Vulnerability naveed (Jul 10 2006)
Digital Armaments Security Advisory 10.07.2006: Flexwath Authorization Bypassing and XSS Vulnerability info_at_digitalarmaments.com (Jul 10 2006)
- Re: Digital Armaments Security Advisory 10.07.2006: Flexwath Authorization Bypassing and XSS Vulnerability sales_at_flexwatch.com (Jul 20 2006)
Webmin / Usermin Arbitrary File Disclosure Vulnerability exploit Alexander Hristov (Jul 09 2006)
- Re: Webmin / Usermin Arbitrary File Disclosure Vulnerability exploit Jos� Parrella (Jul 10 2006)
  - Re: Webmin / Usermin Arbitrary File Disclosure Vulnerability exploit str0ke (Jul 15 2006)
Local file inclusion in Farsinews3.0BETA1 armin390_at_9mail.com (Jul 10 2006)
Old vulnerable sotwares collection Jerome Athias (Jul 10 2006)
- RE: Old vulnerable sotwares collection John Rigali (Jul 10 2006)
[ANNOUNCEMENT] Samba 3.0.1 - 3.0.22: memory exhaustion DoS against smbd Gerald (Jerry) Carter (Jul 10 2006)
- Re: [ANNOUNCEMENT] Samba 3.0.1 - 3.0.22: memory exhaustion DoS against smbd Gerald (Jerry) Carter (Jul 10 2006)
[SECURITY] [DSA 1107-1] New GnuPG packages fix denial of service Martin Schulze (Jul 10 2006)
randshop <= 1.1.x (index.php) Remote File Inclusion Vulnerability Saudi.Unix_at_Hotmail.com (Jul 05 2006)
Juniper Networks DX Web Administration Persistent System Log XSS Vulnerability Darren Bounds (Jul 10 2006)
[ GLSA 200607-02 ] FreeType: Multiple integer overflows Sune Kloppenborg Jeppesen (Jul 09 2006)
[ GLSA 200607-05 ] SHOUTcast server: Multiple vulnerabilities Sune Kloppenborg Jeppesen (Jul 09 2006)
- Re: [ GLSA 200607-05 ] SHOUTcast server: Multiple vulnerabilities Cyneox (Jul 11 2006)
SYMSA-2006-007: Microsoft Office Malformed String Parsing Vulnerability research_at_symantec.com (Jul 10 2006)
CYBSEC - Security Pre-Advisory: Microsoft Windows DHCP Client Service Remote Buffer Overflow Mariano Nu�ez Di Croce (Jul 11 2006)
TSRT-06-02: Microsoft SRV.SYS Mailslot Ring0 Memory Corruption Vulnerability Tippingpoint Security Research Team (Jul 11 2006)
ZDI-06-022: Microsoft Office Excel File Rebuilding Code Execution Vulnerability zdi-disclosures_at_3com.com (Jul 11 2006)
[USN-313-1] OpenOffice.org vulnerabilities Martin Pitt (Jul 12 2006)
[USN-316-1] installer vulnerability Martin Pitt (Jul 12 2006)
[USN-315-1] libmms, xine-lib vulnerabilities Martin Pitt (Jul 12 2006)
Cisco Security Advisory: Multiple Cisco Unified CallManager Vulnerabilities Cisco Systems Product Security Incident Response Team (Jul 12 2006)
Cisco Security Advisory: Cisco Router Web Setup Ships with Insecure Default IOS Configuration Cisco Systems Product Security Incident Response Team (Jul 12 2006)
[ MDKA-2006:119 ] - Updated ppp packages fix plugin vulnerability security_at_mandriva.com (Jul 10 2006)
SQuery <= 4.5(libpath) Remote File Inclusion Exploit SHiKaA-_at_hotmail.com (Jul 10 2006)
[USN-314-1] samba vulnerability Martin Pitt (Jul 12 2006)
Cisco Security Advisory: Cisco Intrusion Prevention System Malformed Packet Denial of Service Cisco Systems Product Security Incident Response Team (Jul 12 2006)
rPSA-2006-0128-1 samba samba-swat Justin M. Forbes (Jul 11 2006)
Fuzzing Microsoft Office naveed (Jul 11 2006)
SMB Information Disclosure Vulnerability Avert_at_avertlabs.com (Jul 11 2006)
[SECURITY] [DSA 1108-1] New mutt packages fix arbitrary code execution Moritz Muehlenhoff (Jul 10 2006)
Microsoft Excel Array Index Error Remote Code Execution Sowhat (Jul 11 2006)
Linux Kernel 2.6.x PRCTL Core Dump Handling - Local r00t Exploit ( BID 18874 / CVE-2006-2451 ) Roman Medina-Heigl Hernandez (Jul 11 2006)
[ MDKSA-2006:117-1 ] - Updated libmms packages fix buffer overflow vulnerability security_at_mandriva.com (Jul 12 2006)
NSFOCUS SA2006-04 : Microsoft Office GIF Filter Buffer Overflow Vulnerability NSFOCUS Security Team (Jul 12 2006)
TOPo v.2.2.178 Account Reset darkz.gsa_at_gmail.com (Jul 12 2006)
S21Sec-032-en: Vulnerability in Fatwire Content Server labs_at_s21sec.com (Jul 12 2006)
Lazarus Guestbook Cross Site Scripting Vulnerabilities simo64_at_gmail.com (Jul 11 2006)
[ MDKSA-2006:120 ] - Updated samba packages fix DoS vulnerability security_at_mandriva.com (Jul 10 2006)
NSFOCUS SA2006-06 : Microsoft Excel COLINFO Record Buffer Overflow Vulnerability NSFOCUS Security Team (Jul 12 2006)
New CVE number states Excel Style handling as a separate issue Juha-Matti Laurio (Jul 10 2006)
Re: # MHG Security Team --- PHPAskIt v2.0.1 Remote File Inc. Amelie (Jul 12 2006)
- Re: # MHG Security Team --- PHPAskIt v2.0.1 Remote File Inc. amelie_at_not-noticeably.net (Jul 11 2006)
NSFOCUS SA2006-05 : Microsoft Excel SELECTION Record Memory Corruption Vulnerability NSFOCUS Security Team (Jul 12 2006)
FLV Players Multiple Input Validation Vulnerabilities xzerox_at_linuxmail.org (Jul 12 2006)
[ MDKSA-2006:121 ] - Updated xine-lib packages fix buffer overflow vulnerability security_at_mandriva.com (Jul 12 2006)
[ECHO_ADV_38$2006] Multiple Mambo/Joomla Component Remote File Include Vulnerabilities matdhule_at_gmail.com (Jul 12 2006)
- Re: [ECHO_ADV_38$2006] Multiple Mambo/Joomla Component Remote File Include Vulnerabilities Joxean Koret (Jul 13 2006)
SYMSA-2006-004 (Full Details): Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution research_at_symantec.com (Jul 12 2006)
[USN-317-1] zope2.8 vulnerability Martin Pitt (Jul 13 2006)
Photocycle v1.0 - XSS luny_at_youfucktard.com (Jul 13 2006)
- Re: Photocycle v1.0 - XSS securityfocus_at_adambrown.info (Jul 14 2006)
ScozNews Final-Php <=1.1 Remote File Inclusion Vulnerability x0r0n_at_hotmail.com (Jul 13 2006)
Orbitmatrix PHP Script v1.0 luny_at_youfucktard.com (Jul 13 2006)
Flipper Poll <= 1.1.0 Remote File Inclusion Vulnerability x0r0n_at_hotmail.com (Jul 13 2006)
[USN-318-1] libtunepimp vulnerability Martin Pitt (Jul 13 2006)
[ MDKSA-2006:122 ] - Updated php packages fix multiple vulnerabilities security_at_mandriva.com (Jul 13 2006)
flatnuke <= 2.5.7 arbitrary php file upload rgod_at_autistici.org (Jul 13 2006)
PHORUM 5 arbitrary local inclusion rgod_at_autistici.org (Jul 13 2006)
phpbb 3.x sql injection (with global moderator rights) rgod_at_autistici.org (Jul 13 2006)
- Re: phpbb 3.x sql injection (with global moderator rights) bugtraq_at_neothermic.com (Jul 14 2006)
[ MDKSA-2006:123 ] - Updated kernel packages fixes multiple vulnerabilities security_at_mandriva.com (Jul 13 2006)
perForms <= 1.0 ([mosConfig_absolute_path]) Remote File Inclusion endeneu_at_linuxmail.com (Jul 13 2006)
[security bulletin] HPSBUX02120 SSRT051057 rev.2 - HP-UX Local Denial of Service (DoS) security-alert_at_hp.com (Jul 13 2006)
rPSA-2006-0122-2 kernel Justin M. Forbes (Jul 13 2006)
- Linux Kernel 2.6.x PRCTL Core Dump Handling -- Simple workaround Caveo Internet BV - Security (Jul 14 2006)
  - Re: Linux Kernel 2.6.x PRCTL Core Dump Handling -- Simple workaround Hugo van der Kooij (Jul 14 2006)
  - Re: Linux Kernel 2.6.x PRCTL Core Dump Handling -- Simple workaround Michael Shigorin (Jul 14 2006)
  - Re: Linux Kernel 2.6.x PRCTL Core Dump Handling -- Simple workaround Lukasz Trabinski (Jul 14 2006)
    - Re: Linux Kernel 2.6.x PRCTL Core Dump Handling -- Simple workaround Michal Zalewski (Jul 16 2006)
IE <= 6 DoS vulnerability jonasschaub_at_gmail.com (Jul 13 2006)
Phorum 5.1.15 security release (fixes "PHORUM 5 arbitrary local inclusion") Maurice Makaay (Jul 13 2006)
Microsoft Works - Buffer Overflows / Denial of Service (DoS)-Vulnerabilities Benjamin Tobias Franz (Jul 14 2006)
EEYE: McAfee ePolicy Orchestrator Remote Compromise eEye Advisories (Jul 14 2006)
Bybass HTTP ( extension files ) in ISA 2004 medozero_at_yahoo.com (Jul 15 2006)
- Re: Bybass HTTP ( extension files ) in ISA 2004 Thor (Hammer of God) (Jul 15 2006)
- RE: Bybass HTTP ( extension files ) in ISA 2004 Edward Tripovich (Jul 17 2006)
- Re: Bybass HTTP ( extension files ) in ISA 2004 medozero_at_yahoo.com (Jul 16 2006)
  - Re: Bybass HTTP ( extension files ) in ISA 2004 Thor (Hammer of God) (Jul 18 2006)
- Re: Bybass HTTP ( extension files ) in ISA 2004 medozero_at_yahoo.com (Jul 16 2006)
MS Power Point Multiple Vulnerabilities (powerpnt.exe)- POC naveed (Jul 15 2006)
MS Power Point Multiple Vulnerabilities - (mso.dll) POC naveed (Jul 15 2006)
MS Power Point Multiple Vulnerabilities - (memory corruption) POC naveed (Jul 15 2006)
Norton Insufficient protection of Norton service registry keys David Matousek (Jul 15 2006)
Kerio Terminating 'kpf4ss.exe' using internal runtime error Vulnerability David Matousek (Jul 15 2006)
Linux sys_prctl LKM based hotfix Abhisek Datta (Jul 12 2006)
crashing firefox <= 1.5.0.4 reywen_at_gmail.com (Jul 11 2006)
- Re: crashing firefox <= 1.5.0.4 bugtraq_at_radev.net (Jul 15 2006)
saphp "add.php" forumid Parameter SQL Injection Breeeeh_at_hotmail.com (Jul 11 2006)
XSS phpBB 2.0.21 in administration renatrix_at_gmail.com (Jul 11 2006)
- Re: XSS phpBB 2.0.21 in administration Jessica Hope (Jul 15 2006)
  - RE: XSS phpBB 2.0.21 in administration David Thomson (Jul 18 2006)
    - Re: XSS phpBB 2.0.21 in administration Jessica Hope (Jul 19 2006)
- Re: XSS phpBB 2.0.21 in administration Jessica Hope (Jul 19 2006)
MyGallery "Room.php" SQL Injection Breeeeh_at_hotmail.com (Jul 11 2006)
Rocks Clusters <=4.1 local root Xavier (Jul 14 2006)
[SECURITY] Plain text password in Finjan Appliance 5100/8100 NG backup file finde_schwachstelle_at_gmx.net (Jul 11 2006)
Phorum 5.1.14 XSS SQL injection Vulnerability securityconnection_at_gmail.com (Jul 11 2006)
- Re: Phorum 5.1.14 XSS SQL injection Vulnerability Maurice Makaay (Jul 16 2006)
MiniBB Forum <= 1.5a Remote File Include Vulnerabilities matdhule_at_gmail.com (Jul 15 2006)
Re: [Full-disclosure] ERNW Security Advisory 02/2006 - Buffer Overflow in sipXtapi (used in AOL Triton) Mailinglists (Jul 11 2006)
SubberZ[Lite] - Remote File Include ChironeX.FleckeriX_at_Gmail.Com (Jul 14 2006)
- Re: SubberZ[Lite] - Remote File Include the.jalal_at_gmail.com (Jul 17 2006)
VBZooM <=V1.11 " reply.php" SQL Injection Breeeeh_at_hotmail.com (Jul 11 2006)
VBZooM <=V1.11 " ignore-pm.php" SQL Injection Breeeeh_at_hotmail.com (Jul 11 2006)
Microsoft PowerPoint 0-day Vulnerability FAQ document written Juha-Matti Laurio (Jul 14 2006)
Crtical Shockwave Embeded XSS Execution spammeanddie_at_msn.com (Jul 13 2006)
VBZooM <=V1.11 "sub-join.php" SQL Injection Breeeeh_at_hotmail.com (Jul 11 2006)
[OpenPKG-SA-2006.013] OpenPKG Security Advisory (mutt) OpenPKG (Jul 15 2006)
Fantastic Guestbook v2.0.1 Advisory omnipresent_at_email.it (Jul 11 2006)
VBZooM "sendmail.php" SQL Injection Breeeeh_at_hotmail.com (Jul 11 2006)
Invision Power Board 2.1 <= 2.1.6 sql injection rst_at_ghc.ru (Jul 14 2006)
- Re: Invision Power Board 2.1 <= 2.1.6 sql injection paul dansing (Jul 16 2006)
  - Re: Invision Power Board 2.1 <= 2.1.6 sql injection str0ke (Jul 18 2006)
- Re: Invision Power Board 2.1 <= 2.1.6 sql injection mattmecham_at_gmail.com (Jul 17 2006)
  - Re: Re: Invision Power Board 2.1 <= 2.1.6 sql injection paul14075_at_gmail.com (Jul 18 2006)
Re: [Full-disclosure] Re: Linux Kernel 2.6.x PRCTL Core Dump Handling - Local r00t Exploit ( BID 18874 / CVE-2006-2451 ) Jon Hart (Jul 12 2006)
MyBulletinBoard (MyBB) 1.1.5 'CLIENT-IP' sql injection rgod_at_autistici.org (Jul 14 2006)
Mercury Messenger Hans Wolters (Jul 15 2006)
Several updates in MS PowerPoint 0-day Vulnerability FAQ at SecuriTeam Blogs Juha-Matti Laurio (Jul 15 2006)
PHP Event Calendar versi 1.4 (path_to_calendar) Remote File Inclusion chris_hasibuan_at_yahoo.com (Jul 15 2006)
Calendar Module <= 1.5.7 Remote File Include Vulnerabilities matdhule_at_gmail.com (Jul 15 2006)
Plesk Control Panel <= 8.0.0 XSS vulnerability vuln.invent_at_gmail.com (Jul 15 2006)
Secunia Research: IceWarp Web Mail Two File Inclusion Vulnerabilities Secunia Research (Jul 17 2006)
[SECURITY] [DSA 1109-1] New rssh packages fix privilege escalation Moritz Muehlenhoff (Jul 16 2006)
rPSA-2006-0130-1 kernel Justin M. Forbes (Jul 17 2006)
[EEYEB-20060227] D-Link Router UPNP Stack Overflow eEye Advisories (Jul 17 2006)
- Re: [EEYEB-20060227] D-Link Router UPNP Stack Overflow kala_z_at_hotmail.com (Jul 21 2006)
  - RE: [EEYEB-20060227] D-Link Router UPNP Stack Overflow m (Jul 22 2006)
- Re: [EEYEB-20060227] D-Link Router UPNP Stack Overflow scott (Jul 17 2006)
- Re: [EEYEB-20060227] D-Link Router UPNP Stack Overflow solutions_PHP (Jul 31 2006)
Secunia Research: VisNetic Mail Server Two File Inclusion Vulnerabilities Secunia Research (Jul 17 2006)
[SECURITY] [DSA 1110-1] New samba packages fix denial of service Moritz Muehlenhoff (Jul 16 2006)
Secunia Research: BitZipper unacev2.dll Buffer Overflow Vulnerability Secunia Research (Jul 17 2006)
PacSec 2006 CALL FOR PAPERS (Deadline Aug. 4; Event Nov. 27-30) Dragos Ruiu (Jul 17 2006)
boastMachine <= 3.1 SQL Injection Exploit gmdarkfig_at_gmail.com (Jul 16 2006)
ListMessenger v0.9.3 Remote File Inclusion Vulnerability x0r0n_at_hotmail.com (Jul 15 2006)
Multiple vulnerabilities in UFO2000 svn 1057 Luigi Auriemma (Jul 16 2006)
[SECURITY] [DSA 1111-1] New Linux kernel 2.6.8 packages fix privilege escalation Moritz Muehlenhoff (Jul 16 2006)
About the latest three Powerpoint vulnerabilities: exploitable? ewt_at_telecomitalia.it (Jul 18 2006)
[SECURITY] [DSA 1112-1] New mysql-dfsg-4.1 packages fix denial of service Moritz Muehlenhoff (Jul 17 2006)
ToorCon 2006 Call for Papers h1kari_at_toorcon.org (Jul 17 2006)
RUXCON 2006 Final Call For Papers cfp_at_ruxcon.org.au (Jul 17 2006)
[USN-319-1] Linux kernel vulnerability Martin Pitt (Jul 18 2006)
New Article Mambo Component <= 1.0 (com_articles.php) Remote File Include Vulnerabilities matdhule_at_gmail.com (Jul 16 2006)
Unauthenticated access to BT Voyager config file and PPP credentials embedded in HTML form pagvacito (Jul 16 2006)
23rd Chaos Communication Congress 2006: Call for Participation fukami (Jul 16 2006)
Calendar Mambo Module <= 1.5.7 Remote File Include Vulnerabilities matdhule_at_gmail.com (Jul 16 2006)
Cross Site Scripting Vulnerability in Zoho Virtual Office ss_team (Jul 17 2006)
[KAPDA::#52] - PHP-Post 1.0 Cookie Modification Privilege Escalation Vulnerability farhadkey_at_kapda.ir (Jul 18 2006)
Professional PHP Tools Guestbook Multiple Vulnerabilities tamriel_at_gmx.net (Jul 17 2006)
[ MDKSA-2006:124 ] - Updated kernel packages fix privilege escalation vulnerability security_at_mandriva.com (Jul 18 2006)
ToendaCMS <= 1.0.0 arbitrary file upload rgod_at_autistici.org (Jul 17 2006)
Keyif Portal v2.0 - Microsoft Access Driver ( MDB ) Download x0r0n_at_hotmail.com (Jul 15 2006)
Outpost Firewall Pro secrately fixing security flaws? Bipin Gautam (Jul 17 2006)
DeluxeBB mutiple vulnerabilities Jessica Hope (Jul 17 2006)
$100 plus several of my books if you can crack my Windows password hashes. Roger A. Grimes (Jul 17 2006)
- RE: $100 plus several of my books if you can crack my Windows password hashes. Roger A. Grimes (Jul 18 2006)
- RE: $100 plus several of my books if you can crack my Windows password hashes. Michael Scheidell (Jul 18 2006)
  - RE: $100 plus several of my books if you can crack my Windows password hashes. Roger A. Grimes (Jul 18 2006)
Oracle Database - SQL Injection in SYS.KUPW$WORKER [DB03] ak_at_red-database-security.com (Jul 18 2006)
Oracle Database - SQL Injection in SYS.DBMS_CDC_IMPDP [DB01] ak_at_red-database-security.com (Jul 18 2006)
WebScarab <= 20060621-0003 cross site scripting security_at_moritz-naumann.com (Jul 18 2006)
RE: [lists] Re: PHP security (or the lack thereof) Curt Purdy (Jul 16 2006)
[SECURITY] [DSA 1113-1] New zope2.7 packages fix information disclosure Moritz Muehlenhoff (Jul 18 2006)
PcAnywhere > 12 Local Privilege Escalation root_at_digitalbullets.org (Jul 18 2006)
Consumers of Broadband Providers (ISP) may be open to hijack attacks peter_philipp_at_freenet.de (Jul 15 2006)
ExtCalendar Mambo Module <= v2( extcalendar.php ) Remote File Include Vulnerabilities saudi.unix_at_hotmail.com (Jul 17 2006)
- Re: ExtCalendar Mambo Module <= v2( extcalendar.php ) Remote File Include Vulnerabilities matdhule_at_gmail.com (Jul 18 2006)
Oracle Database - SQL Injection in SYS.DBMS_UPGRADE [DB22] ak_at_red-database-security.com (Jul 18 2006)
Invision Power Board v2.1 <= 2.1.6 sql injection exploit paul14075_at_gmail.com (Jul 17 2006)
Oracle Database - SQL Injection in SYS.DBMS_STATS [DB21] ak_at_red-database-security.com (Jul 18 2006)
[security bulletin] HPSBTU02132 SSRT061154 rev.1 - HP Tru64 UNIX running NIS ypserv, Remote Denial of Service (DoS) security-alert_at_hp.com (Jul 18 2006)
hdweGUEST <= 2.1.1 Cross Site Scripting Vulnerabilities tamriel_at_gmx.net (Jul 18 2006)
ASP.DLL Include File Buffer Overflow Brett Moore (Jul 18 2006)
Escalation of privileges in Outpost and Lavasoft Firewalls -Unusual ShellExecute behavior mullware_at_gmail.com (Jul 16 2006)
osDate 1.1.7 multiple vulnerabilities binary.loc_at_gmail.com (Jul 17 2006)
- Re: osDate 1.1.7 multiple vulnerabilities binary.loc_at_gmail.com (Jul 19 2006)
Webmin / Usermin Arbitrary File Disclosure Vulnerability Perl Alexander Hristov (Jul 14 2006)
New PowerPoint Trojan installs itself as LSP Juha-Matti Laurio (Jul 18 2006)
- Re: New PowerPoint Trojan installs itself as LSP Mike Healan (Jul 20 2006)
[USN-320-1] PHP vulnerabilities Martin Pitt (Jul 19 2006)
[ MDKSA-2006:125 ] - Updated webmin packages fix arbitray file read vulnerability. security_at_mandriva.com (Jul 18 2006)
[ MDKSA-2006:127 ] - Updated gimp packages fix buffer overflow vulnerability. security_at_mandriva.com (Jul 18 2006)
[ MDKSA-2006:126 ] - Updated libtunepimp packages fixes buffer overflow vulnerabilities. security_at_mandriva.com (Jul 18 2006)
[ MDKSA-2006:128 ] - Updated wireshark packages fix numerous vulnerabilities security_at_mandriva.com (Jul 18 2006)
rPSA-2006-0132-1 tshark wireshark Justin M. Forbes (Jul 19 2006)
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Security Monitoring, Analysis and Response System (CS-MARS) Cisco Systems Product Security Incident Response Team (Jul 19 2006)
VMSA-2006-0003 VMware possible incorrect permissions on SSL key files VMware Security Team (Jul 18 2006)
[ GLSA 200607-06 ] libpng: Buffer overflow Thierry Carrez (Jul 19 2006)
[USN-319-2] Linux kernel vulnerability Martin Pitt (Jul 19 2006)
[USN-313-2] OpenOffice.org vulnerabilities Martin Pitt (Jul 19 2006)
Re: imageVue16.1 upload vulnerability info_at_imagevuex.com (Jul 19 2006)
AFCommerce Shopping Cart sledge_at_paradise.net.nz (Jul 19 2006)
- Re: AFCommerce Shopping Cart contact_at_afcommerce.com (Jul 19 2006)
Security point-of-contact for Ameritrade? James M. Blackburn (Jul 19 2006)
rPSA-2006-0133-1 libpng Justin M. Forbes (Jul 19 2006)
Cisco MARS < 4.2.1 remote compromise Jon Hart (Jul 19 2006)
[ECHO_ADV_40$2006] iManage CMS <= 4.0.12 (absolute_path) Remote File Inclusion matdhule_at_gmail.com (Jul 20 2006)
Advisory: Remote command execution in planetGallery RedTeam Pentesting (Jul 20 2006)
[MajorSecurity #20]SiteDepth CMS <= 3.01 - Remote File Include Vulnerability admin_at_majorsecurity.de (Jul 20 2006)
[MajorSecurity #21] phpFaber TopSites <=2.0.9 - SQL Injection Vulnerability admin_at_majorsecurity.de (Jul 20 2006)
[MajorSecurity #22] Top XL <=1.1 - XSS and cookie disclosure admin_at_majorsecurity.de (Jul 20 2006)
- Re: [MajorSecurity #22] Top XL <=1.1 - XSS and cookie disclosure admin_at_majorsecurity.de (Jul 20 2006)
[ MDKSA-2006:129 ] - Updated freetype2 packages fixes overflow vulnerability. security_at_mandriva.com (Jul 20 2006)
[security bulletin] HPSBUX02108 SSRT061133 rev.12 - HP-UX Running Sendmail, Remote Execution of Arbitrary Code security-alert_at_hp.com (Jul 20 2006)
rPSA-2006-0134-1 sendmail sendmail-cf Justin M. Forbes (Jul 21 2006)
[USN-321-1] mysql-dfsg-4.1 vulnerability Martin Pitt (Jul 21 2006)
[SECURITY] [DSA 1117-1] New libgd2 packages fix denial of service Moritz Muehlenhoff (Jul 21 2006)
[security bulletin] HPSBMA02133 SSRT061201 rev.1 - HP Oracle for OpenView (OfO) Critical Patch Update July 2006 security-alert_at_hp.com (Jul 20 2006)
SECURITY UPDATE::Farsinews release FarsiNewsPro3.0Stable1SecurityPath1 armin390_at_gmail.com (Jul 21 2006)
[ GLSA 200607-07 ] xine-lib: Buffer overflow Thierry Carrez (Jul 20 2006)
[SECURITY] [DSA 1115-1] New GnuPG2 packages fix denial of service Martin Schulze (Jul 21 2006)
LoudBlog <=0.5 Sql injection rgod_at_autistici.org (Jul 20 2006)
Unidomedia Chameleon LE/Pro Directory Traversal kicktd_at_hotmail.com (Jul 20 2006)
TSLSA-2006-0042 - multi Trustix Security Advisor (Jul 21 2006)
Samba Internal Data Structures DOS Vulnerability Exploit Alexander Hristov (Jul 20 2006)
- Re: Samba Internal Data Structures DOS Vulnerability Exploit Gerald (Jerry) Carter (Jul 21 2006)
[ MDKSA-2006:130 ] - Updated kdelibs packages fix konqueror crash vulnerability. security_at_mandriva.com (Jul 20 2006)
[SECURITY] [DSA 1114-1] New hashcash packages fix arbitrary code execution Martin Schulze (Jul 20 2006)
SolpotCrew Advisory #2 - Advanced Poll ver 2.02 (base_path) Remote File Inclusion chris_hasibuan_at_yahoo.com (Jul 21 2006)
[SECURITY] [DSA 1116-1] New gimp packages fix arbitrary code execution Moritz Muehlenhoff (Jul 21 2006)
MiniBB Forum <= 1.5a Remote File Include (search.php-whosOnline.php) AG Spider (Jul 21 2006)
iDefense Security Advisory 07.20.06: Sun Microsystems Solaris sysinfo() Kernel Memory Disclosure Vulnerability labs-no-reply (Jul 21 2006)
- Re: [Full-disclosure] iDefense Security Advisory 07.20.06: Sun Microsystems Solaris sysinfo() Kernel Memory Disclosure Vulnerability Micheal Turner (Jul 21 2006)
  - Re: Re: [Full-disclosure] iDefense Security Advisory 07.20.06: Sun Microsystems Solaris sysinfo() Kernel Memory Disclosure Vulnerability Micheal Turner (Jul 24 2006)
[Kurdish Security # 13] Savant2 Remote File Include Vulnerability [For Mambo, Joomla] botan_at_linuxmail.org (Jul 21 2006)
Microsoft Internet Explorer DOS Vulnerability SnoBmsn_at_Hotmail.de (Jul 22 2006)
MicroGuestBook Remote XSS Attack omnipresent_at_email.it (Jul 21 2006)
[MajorSecurity #25] Advanced Guestbook 2.4 for phpBB - Multiple XSS and SQL-Injection Vulnerabilities admin_at_majorsecurity.de (Jul 22 2006)
[MajorSecurity #24] Fire-Mouse TopList <=v1.1 - Cross Site Scripting admin_at_majorsecurity.de (Jul 22 2006)
Low security hole affecting IPCalc's CGI wrapper Tim Brown (Jul 22 2006)
- Re: Low security hole affecting IPCalc's CGI wrapper krischan_at_jodies.de (Jul 27 2006)
[SECURITY] [DSA 1118-1] New Mozilla packages fix several vulnerabilities Martin Schulze (Jul 22 2006)
about bid 17404 crack_at_rome.com (Jul 21 2006)
[SECURITY] [DSA 1119-1] New hiki packages fix denial of service Martin Schulze (Jul 22 2006)
New CVE identifiers for separate PowerPoint 0-day issues assigned Juha-Matti Laurio (Jul 17 2006)
new shell bypass safe mode d3nger_at_hotmail.com (Jul 18 2006)
- Re: new shell bypass safe mode cxib_at_securityreason.com (Jul 23 2006)
SolpotCrew Advisory #3 - com_trade Remote File Inclusion (mosConfig_absolute_path) mail_at_sipplah.com (Jul 21 2006)
MiniBB Forum <= 1.5a Remote File Include (news.php) AG Spider (Jul 20 2006)
Com Multibanners Remote File Inclusion (mosConfig_absolute_path) mail_at_blue-spy.net (Jul 20 2006)
[MajorSecurity #23] BLOG:CMS <= 4.0.0j - XSS and cookie disclosure admin_at_majorsecurity.de (Jul 21 2006)
Blackboard Academic Suite 6.2.23 +/-: Persistent cross-site scripting vulnerability harbl_at_hushmail.com (Jul 20 2006)
Re: [Full-disclosure] Re: New PowerPoint Trojan installs itself as LSP Juha-Matti Laurio (Jul 20 2006)
Map MS Security Bulletins to MS KB numbers Matthew Leeds (Jul 20 2006)
DotClear : Multiples Full Path Disclosure Silitix_at_gmail.com (Jul 21 2006)
[SECURITY] [DSA 1120-1] New Mozilla Firefox packages fix several vulnerabilities Martin Schulze (Jul 22 2006)
[Kurdish Security # 14] MoSpray [base_dir] Remote Command Execution [ Mambo & Joomla] botan_at_linuxmail.org (Jul 23 2006)
Vanilla CMS <= 1.0.1 (RootDirectory) Remote file inclusion Vuln. mfoxhacker_at_gmail.com (Jul 23 2006)
[ GLSA 200607-08 ] GIMP: Buffer overflow Sune Kloppenborg Jeppesen (Jul 23 2006)
- Re: [ GLSA 200607-08 ] GIMP: Buffer overflow Michael Shigorin (Jul 24 2006)
[CYBSEC] TippingPoint detection bypass Andres Riancho (Jul 24 2006)
Buffer-overflow in the XM loader of Cheese Tracker 0.9.9 Luigi Auriemma (Jul 23 2006)
[SECURITY] [DSA 1121-1] New postgrey packages fix denial of service Martin Schulze (Jul 24 2006)
PHP Live! v3.2 (header.php) Remote File Include Vulnerabilities saudi.unix_at_hotmail.com (Jul 24 2006)
[USN-322-1] Konqueror vulnerability Martin Pitt (Jul 24 2006)
Check Point R55W Directory Traversal Sec-Tec Lists (Jul 24 2006)
- Re: Check Point R55W Directory Traversal dave_kwek_at_ida.gov.sg (Jul 25 2006)
- Re: Check Point R55W Directory Traversal Hugo van der Kooij (Jul 31 2006)
MusicBox <= 2.3.4 XSS SQL injection Vulnerability securityconnection_at_gmail.com (Jul 24 2006)
[SECURITY] [DSA 1124-1] New fbi packages fix potential deletion of user data Moritz Muehlenhoff (Jul 24 2006)
Windows XP/NT/SMB2003/2000 Denial of Service attack J. Oquendo (Jul 24 2006)
ERRATA: [ GLSA 200607-08 ] GIMP: Buffer overflow Sune Kloppenborg Jeppesen (Jul 24 2006)
Write-up by Amit Klein: "Forging HTTP request headers with Flash" Amit Klein (AKsecurity) (Jul 24 2006)
- Re: Write-up by Amit Klein: "Forging HTTP request headers with Flash" Amit Klein (AKsecurity) (Jul 26 2006)
  - Re: Write-up by Amit Klein: "Forging HTTP request headers with Flash" 3CO (Jul 26 2006)
    - Re: Write-up by Amit Klein: "Forging HTTP request headers with Flash" Amit Klein (AKsecurity) (Jul 26 2006)
[MajorSecurity #26] Woltlab Burning Board - Multiple Cookie manipulation and session fixation vulnerabilities admin_at_majorsecurity.de (Jul 23 2006)
SQuery v.x (devi.php) (armygame.php) Remote File Inclusion saudi.unix_at_hotmail.com (Jul 24 2006)
Heap overflow in the GT2 loader of libmikmod 3.2.2 Luigi Auriemma (Jul 24 2006)
[SECURITY] [DSA 1123-1] New libdumb packages fix arbitrary code execution Moritz Muehlenhoff (Jul 24 2006)
Opsware NAS 6.0 reveals MySQL 'root' password Freeman, Michael (Jul 24 2006)
- Re: Opsware NAS 6.0 reveals MySQL 'root' password security-alert_at_opsware.com (Jul 26 2006)
rPSA-2006-0135-1 gimp Justin M. Forbes (Jul 24 2006)
Digital Armaments Security Advisory 24.07.2006: Siemens Speedstream Wireless/Router Denial of Service Vulnerability info_at_digitalarmaments.com (Jul 24 2006)
SYMSA-2006-008:Password Safe - Lock Password Database Configuration Not Enforced research_at_symantec.com (Jul 21 2006)
Buffer-overflow in recvTextMessage and NETrecvFile in Warzone Resurrection 2.0.3 (SVN 127) Luigi Auriemma (Jul 23 2006)
[SECURITY] [DSA 1122-1] New Net::Server packages fix denial of service Martin Schulze (Jul 24 2006)
Two crash vulnerabilities in Freeciv 2.1.0-beta1 (SVN 15 Jul 2006) Luigi Auriemma (Jul 23 2006)
[ GLSA 200607-09 ] Wireshark: Multiple vulnerabilities Sune Kloppenborg Jeppesen (Jul 25 2006)
[USN-296-2] Firefox vulnerabilities Martin Pitt (Jul 25 2006)
Advisory: VMware Possible Incorrect Permissions On SSL Key Files Nick Breese (Jul 24 2006)
[vuln.sg] DynaZip DZIP32.DLL/DZIPS32.DLL Buffer Overflow Vulnerabilities vulnpost-remove_at_vuln.sg (Jul 24 2006)
[vuln.sg] TurboZIP ZIP Repair Buffer Overflow Vulnerability vulnpost-remove_at_vuln.sg (Jul 24 2006)
[vuln.sg] AGEphone "sipd.dll" SIP Packet Handling Buffer Overflow vulnpost-remove_at_vuln.sg (Jul 24 2006)
LinksCaffe 3.0 SQL injection/Command Execution Vulnerabilties simo64_at_gmail.com (Jul 24 2006)
[ GLSA 200607-10 ] Samba: Denial of Service vulnerability Sune Kloppenborg Jeppesen (Jul 25 2006)
[security bulletin] HPSBUX02087 SSRT4728 rev.2 - HP-UX running TCP/IP Remote Denial of Service (DoS) security-alert_at_hp.com (Jul 25 2006)
Re: Ashop Search Module SQL injection security curmudgeon (Jul 25 2006)
[ MDKSA-2006:131 ] - Updated perl-Net-Server packages fix format string vulnerability security_at_mandriva.com (Jul 25 2006)
Full Path Disclosure xGuestBook v1.02 dicomdk_at_gmail.com (Jul 25 2006)
MS06-034 lies? IIS 6 can still be owned? Cesar (Jul 25 2006)
Secunia Research: AutoVue SolidModel Professional Buffer Overflow Vulnerability Secunia Research (Jul 26 2006)
[USN-297-3] Thunderbird vulnerabilities Martin Pitt (Jul 26 2006)
[USN-320-2] php4 regression Martin Pitt (Jul 26 2006)
EzUpload multi file vulnerabilities hack2prison_at_yahoo.com (Jul 26 2006)
Multiple vulnerabilities in OpenCMS Meder Kydyraliev (Jul 26 2006)
[SECURITY] [DSA 1111-2] New Linux kernel 2.6.8 packages fix privilege escalation Moritz Muehlenhoff (Jul 26 2006)
wwwThreads XSS l2odon_at_yahoo.com (Jul 25 2006)
Zyxel Prestige 660H-61 Cross-Site Scripting jose.palanco_at_eazel.es (Jul 26 2006)
Professional Home Page Tools Login Script Cross Site Scripting Vulnerabilities tamriel_at_gmx.net (Jul 25 2006)
PHP-Auction SQL injection l2odon_at_yahoo.com (Jul 25 2006)
ZDI-06-024: eIQNetworks Enterprise Security Analyzer License Manager Buffer Overflow Vulnerability zdi-disclosures_at_3com.com (Jul 25 2006)
TP-Book <= 1.00 Cross Site Scripting Vulnerabilities tamriel_at_gmx.net (Jul 25 2006)
ZDI-06-023: eIQNetworks Enterprise Security Analyzer Syslog Server Buffer Overflow Vulnerability zdi-disclosures_at_3com.com (Jul 25 2006)
TSRT-06-04: eIQnetworks Enterprise Security Analyzer Topology Server Buffer Overflow Vulnerability TSRT_at_3com.com (Jul 25 2006)
- RE: TSRT-06-04: eIQnetworks Enterprise Security Analyzer Topology Server Buffer Overflow Vulnerability Desai, Deepen (Jul 28 2006)
TSRT-06-03: eIQnetworks Enterprise Security Analyzer Syslog Server Buffer Overflow Vulnerabilities TSRT_at_3com.com (Jul 25 2006)
[SECURITY] [DSA 1125-1] New drupal packages fix execution of arbitrary web script code Moritz Muehlenhoff (Jul 26 2006)
Cisco VPN Concentrator IKE resource exhaustion DoS Advisory Roy Hills (Jul 26 2006)
- Re: Cisco VPN Concentrator IKE resource exhaustion DoS Advisory Eloy Paris (Jul 28 2006)
  - Re: Cisco VPN Concentrator IKE resource exhaustion DoS Advisory Pavel Kankovsky (Jul 30 2006)
Etomite CMS <= 0.6.1 'rfiles.php' remote command execution rgod_at_autistici.org (Jul 25 2006)
[USN-323-1] mozilla vulnerabilities Martin Pitt (Jul 25 2006)
[ECHO_ADV_41$2006] BufferOverflow in Midirecord2 the_day_at_echo.or.id (Jul 25 2006)
[vuln.sg] PowerArchiver DZIPS32.DLL Buffer Overflow Vulnerability vulnpost-remove_at_vuln.sg (Jul 25 2006)
[OpenPKG-SA-2006.014] OpenPKG Security Advisory (shiela) OpenPKG (Jul 25 2006)
Secunia Research: FileCOPA Directory Argument Handling Buffer Overflow Secunia Research (Jul 25 2006)
Phpprobid <= 5.24 XSS SQL injection Vulnerability securityconnection_at_gmail.com (Jul 25 2006)
NSFOCUS SA2006-07 : ISS RealSecure/BlackICE MailSlot Heap Overflow Detection Remote DoS Vulnerability NSFOCUS Security Team (Jul 26 2006)
a6mambohelpdesk Mambo Component <= 18RC1 Remote Include Vulnerability Dr.Jr7_at_hotmail.com (Jul 26 2006)
GeoClassifieds Enterprise <= 2.0.5.2 Cross Site Scripting securityconnection_at_gmail.com (Jul 26 2006)
[SECURITY] [DSA 1126-1] New Asterisk packages fix denial of service Martin Schulze (Jul 26 2006)
Cross-Site Scripting and Local File Inclusion in Phorum Meftun_at_MeftunNet.Com (Jul 27 2006)
Buffer Overflow Vulnerability in Winlpd Meftun_at_MeftunNet.Com (Jul 27 2006)
[USN-324-1] freetype vulnerability Martin Pitt (Jul 27 2006)
[USN-325-1] ruby1.8 vulnerability Martin Pitt (Jul 27 2006)
[USN-326-1] heartbeat vulnerability Martin Pitt (Jul 27 2006)
[SECURITY] [DSA 1125-2] New drupal packages fix execution of arbitrary web script code (revised packages) Moritz Muehlenhoff (Jul 27 2006)
Secunia Research: Mozilla Firefox XPCOM Event Handling Memory Corruption Secunia Research (Jul 27 2006)
Bypassing Oracle dbms_assert ak_at_red-database-security.com (Jul 27 2006)
- Re: Bypassing Oracle dbms_assert David Litchfield (Jul 27 2006)
  - RE: Bypassing Oracle dbms_assert Alexander Kornbrust (Jul 28 2006)
    - Re: Bypassing Oracle dbms_assert David Litchfield (Jul 28 2006)
ZDI-06-025: Mozilla Firefox Javascript navigator Object Vulnerability zdi-disclosures_at_3com.com (Jul 26 2006)
rPSA-2006-0137-1 firefox Justin M. Forbes (Jul 26 2006)
Xss in MttKe-php v2.6 R0t-K33Y_at_hotmail.com (Jul 26 2006)
- Re: Xss in MttKe-php v2.6 Steven M. Christey (Jul 31 2006)
AIM Triton 1.0.4 (SipXtapi) Remote Buffer Overflow Exploit (PoC) c0rrupt_at_f34r.us (Jul 26 2006)
Oracle 10g R2 and, probably, all previous versions putosoft softputo (Jul 27 2006)
Re: HYSA-2006-008 myBloggie 2.1.3 CRLF & SQL Injection Steven M. Christey (Jul 27 2006)
[USN-327-1] firefox vulnerabilities Martin Pitt (Jul 27 2006)
Cisco Security Advisory: Windows VPN Client Local Privilege Escalation Vulnerability Cisco Systems Product Security Incident Response Team (Jul 27 2006)
[USN-328-1] Apache vulnerability Martin Pitt (Jul 27 2006)
[FLSA-2006:175040] Updated php packages fix security issues Marc Deslauriers (Jul 27 2006)
[SECURITY] [DSA 1127-1] New ethereal packages fix several vulnerabilities Moritz Muehlenhoff (Jul 27 2006)
[OpenPKG-SA-2006.015] OpenPKG Security Advisory (apache) OpenPKG (Jul 27 2006)
[SECURITY] [DSA 1128-1] New heartbeat packages fix local denial of service Martin Schulze (Jul 28 2006)
Portail PHP v1.7 Remote File Include Meftun_at_MeftunNet.Com (Jul 28 2006)
- Re: Portail PHP v1.7 Remote File Include x0r0n_at_hotmail.com (Jul 29 2006)
[OpenPKG-SA-2006.016] OpenPKG Security Advisory (ruby) OpenPKG (Jul 28 2006)
[ MDKSA-2006:132 ] - Updated libwmf packages fixes integer overflow vulnerability security_at_mandriva.com (Jul 28 2006)
[OpenPKG-SA-2006.017] OpenPKG Security Advisory (freetype) OpenPKG (Jul 28 2006)
Remote Include Vulnerability ====> in Dr.Jr7 Gallery 3.2 RC1 R0t-K33Y_at_hotmail.com (Jul 28 2006)
[Announcement] Apache HTTP Server 2.2.3 (2.0.59, 1.3.37) Released William A. Rowe, Jr. (Jul 28 2006)
Oracle 10g R2 and, probably, all previous versions Russell Lowenthal (Jul 28 2006)
Apache mod_rewrite Buffer Overflow Vulnerability Avert_at_avertlabs.com (Jul 28 2006)
[SECURITY] [DSA 1129-1] New osiris packages fix arbitrary code execution Martin Schulze (Jul 28 2006)
PHP-Nuke INP XSS l2odon_at_yahoo.com (Jul 27 2006)
Guestbook Mambo Module <== v1.3.0 Multiple Remote File Include Vulnerabilities matdhule_at_gmail.com (Jul 27 2006)
Re: Fusion Polls (xtrphome) Remote File Inclusion security curmudgeon (Jul 24 2006)
Lan-Aces Office Logic Mike_at_chtechnology.com (Jul 25 2006)
cpanel login problem ali_at_hackerz.ir (Jul 26 2006)
- Re: cpanel login problem nate (Jul 28 2006)
  - Re: cpanel login problem Scott Gemma (Jul 31 2006)
    - RE: cpanel login problem Alan (Jul 31 2006)
  - RE: cpanel login problem Bugs (Jul 31 2006)
- Re: cpanel login problem usar_y_tirar_at_hushmail.com (Jul 31 2006)
Hustle -- Tumbleweed Email Firewall Remote Vulnerability Ryan Smith (Jul 24 2006)
PrinceClan Chess Mambo Com <= 0.8 Remote Inclusion Vulnerability tr_zindan_at_wolfsecurity.org (Jul 24 2006)
rPSA-2006-0139-1 httpd mod_ssl Justin M. Forbes (Jul 28 2006)
[USN-329-1] Thunderbird vulnerabilities Martin Pitt (Jul 28 2006)
PHP ip2long() function circumvention rgod_at_autistici.org (Jul 29 2006)
- Re: PHP ip2long() function circumvention darylf_at_charter.net (Jul 29 2006)
Coppermine Photo Gallery v1.2.2b-Nuke Remote File Inclusion Vulnerabilities A-S-T2006_at_hotmail.com (Jul 28 2006)
XSS vulnerability on AWBS newbinaryfile_at_gmail.com (Jul 29 2006)
Mambo Gallery Manager v095.r3 Remote File Inclusion Vulnerabilities A-S-T2006_at_hotmail.com (Jul 28 2006)
[KAPDA::#53] MYBB XSS and Dir Traversal in usercp.php roozbeh_afrasiabi_at_yahoo.com (Jul 28 2006)
[ MDKSA-2006:133 ] - Updated apache packages fix mod_rewrite vulnerability security_at_mandriva.com (Jul 28 2006)
mambatstaff Mambo Component <= Remote Include Vulnerability Dr.Jr7_at_hotmail.com (Jul 29 2006)
[ GLSA 200607-12 ] OpenOffice.org: Multiple vulnerabilities Stefan Cornelius (Jul 28 2006)
artlinks Mambo Component <= Remote Include Vulnerability Dr.Jr7_at_hotmail.com (Jul 29 2006)
[ MDKSA-2006:134 ] - Updated ruby packages fix safe-level vulnerabilities security_at_mandriva.com (Jul 28 2006)
Gdiplus.dll division by 0 Mr.Niega_at_gmail.com (Jul 28 2006)
- Re: Gdiplus.dll division by 0 Early Warning Team (Jul 31 2006)
[ GLSA 200607-13 ] Audacious: Multiple heap and buffer overflows Matthias Geerdsen (Jul 29 2006)
[ GLSA 200607-11 ] TunePimp: Buffer overflow Stefan Cornelius (Jul 28 2006)
UPDATE: [ GLSA 200605-08 ] PHP: Multiple vulnerabilities Sune Kloppenborg Jeppesen (Jul 30 2006)
com_moskool (admin.moskool.php) Remote File Include Vulnerabilities saudi.unix_at_hotmail.com (Jul 29 2006)
ATutor <= 1.5.3.1 'links' blind SQL injection / admin credentials disclosure rgod_at_autistici.org (Jul 30 2006)
PHPAuction 2.1 (maybe higher) with phpAdsNew 2.0.5 RFI philipp.niedziela_at_gmx.de (Jul 30 2006)
SQL injection Seir Anphin v666 Community Management System vulnerabilities_at_mail.ru (Jul 30 2006)
Oracle and Apache mod_rewrite Vulnerability tigerblue_at_puzzleapuma.de (Jul 31 2006)
Corsaire Security Advisory - VMware ESX Server Password Cross Site Request Forgery issue advisories (Jul 31 2006)
Corsaire Security Advisory - VMware ESX Server Password Disclosure in Log issue advisories (Jul 31 2006)
Corsaire Security Advisory - VMware ESX Server Password Disclosure in Cookie issue advisories (Jul 31 2006)
Multiple vulnerabilities in Open Cubic Player 2.6.0pre6 / 0.1.10_rc5 Luigi Auriemma (Jul 31 2006)
MyNewsGroups <= 0.6b (myng_root) Remote Inclusion Vulnerability philipp.niedziela_at_gmx.de (Jul 31 2006)
Re: Do world's famous companies take care of their security? Steven M. Christey (Jul 31 2006)