Bugtraq: by date
RSS Feed
About List
All Lists
Previous period
376 messages
starting Nov 01 05 and
ending Nov 30 05
Date index |
Thread index |
Author index
Tuesday, 01 November
[tool] multispoof - parallel spoofing for throughput increase Pawel Pokrywka
VUBB XSS & path disclosure Vulnerabilities alireza hassani
HYSA-2005-009 Elite Forum 1.0.0.0 XSS Vulnerability h4cky0u . org
Cisco Security Advisory: Cisco IPS MC Malformed Configuration Download Vulnerability Cisco Systems Product Security Incident Response Team
Wednesday, 02 November
Cisco Security Advisory: Cisco Airespace Wireless LAN Controllers Allow Unencrypted Network Access Cisco Systems Product Security Incident Response Team
Simple PHP Blog: Multiple XSS Vulnerabilities enji
[SECURITY] [DSA 880-1] New phpmyadmin packages fix several vulnerabilities Martin Schulze
[security bulletin] SSRT051029 rev.0 - HP OpenVMS Local Denial of Service (DoS) security-alter
[Full-disclosure] Advisory 17/2005: phpBB Multiple Vulnerabilities Stefan Esser
MDKSA-2005:203 - Updated gda2.0 packages fix string format vulnerability Mandriva Security Team
Cisco Security Advisory: IOS Heap-based Overflow Vulnerability in System Timers Cisco Systems Product Security Incident Response Team
MDKSA-2005:202 - Updated squirrelmail packages fix vulnerability Mandriva Security Team
MDKSA-2005:204 - Updated wget packages fix vulnerability Mandriva Security Team
[SECURITY] [DSA 879-1] New gallery packages fix privilege escalation Martin Schulze
[OpenPKG-SA-2005.023] OpenPKG Security Advisory (openvpn) OpenPKG
Thursday, 03 November
Black Hat Federal and Europe CFP and Registration now open Jeff Moss
CuteNews 1.4.1 remote code execution retrogod
Stack Overflow Basics [a-t]
Socket termination in Battle Carry .005 Luigi Auriemma
Buffer-overflow and crash in FlatFrag 0.3 Luigi Auriemma
[ TZO-012005 ] F-Prot/Frisk Anti Virus bypass - ZIP Version Header Thierry Zoller
Buffer-overflow in Glider collect'n kill 1.0.0.0 Luigi Auriemma
Buffer-overflow and directory traversal in Asus Video Security 3.5.0.0 Luigi Auriemma
Limited directory traversal in NeroNET 1.2.0.2 Luigi Auriemma
Multiple vulnerabilities in Scorched 3D 39.1 Luigi Auriemma
Norton Unerase - Need Contact alex cottle
Re: [Full-disclosure] On Interpretation Conflict Vulnerabilities Florian Weimer
Mambo Open Source, Path disclosure alireza hassani
Buffer-overflow in GO-Global for Windows 3.1.0.3270 Luigi Auriemma
Re: [Full-disclosure] Advisory 18/2005: PHP Cross Site Scripting(XSS)XVulnerability in phpinfo() phole
On Interpretation Conflict Vulnerabilities Steven M. Christey
Friday, 04 November
Remotely DoSing JBoss 4.0.2 with serialized java objects Marc Schoenefeld
Advisory: Apple QuickTime Player Remote Integer Overflow (2) Piotr Bania
Advisory: Apple QuickTime Player Remote Integer Overflow (1) Piotr Bania
Advisory: Apple QuickTime PICT Remote Memory Overwrite Piotr Bania
Advisory: Apple QuickTime Player Remote Denial Of Service Piotr Bania
[SECURITY] [DSA 881-1] New OpenSSL 0.9.6 packages fix cryptographic weakness Martin Schulze
[SECURITY] [DSA 883-1] New thttpd packages fix insecure temporary file Martin Schulze
Secunia Research: cPanel Entropy Chat Script Insertion Vulnerability Secunia Research
[SECURITY] [DSA 882-1] New OpenSSL packages fix cryptographic weakness Martin Schulze
ZDI-05-002: Clam Antivirus Remote Code Execution zdi-disclosures
Parosproxy 3.2.6: Local Exploitation, Command injection vulnerability Marc Schoenefeld
SUSE Security Announcement: pwdutils, shadow (SUSE-SA:2005:064) Ludwig Nussel
Saturday, 05 November
readdir_r considered harmful Ben Hutchings
Re: readdir_r considered harmful Ben Hutchings
[ GLSA 200511-01 ] libgda: Format string vulnerabilities Thierry Carrez
[ GLSA 200511-02 ] QDBM, ImageMagick, GDAL: RUNPATH issues Thierry Carrez
[ GLSA 200511-03 ] giflib: Multiple vulnerabilities Thierry Carrez
DMA[2005-1104a] - 'GpsDrive friendsd2 format string vulnerability' kfinisterre
[EEYEB-20050627B] Macromedia Flash Player Improper Memory Access Vulnerability Advisories
iDEFENSE Security Advisory 11.04.05: Clam AntiVirus Cabinet-file handling Denial of Service Vulnerability iDEFENSE Labs
iDEFENSE Security Advisory 11.04.05: Clam AntiVirus tnef_attachment() DoS Vulnerability iDEFENSE Labs
Sql injection in ibProArcade bhfh01
Re: readdir_r considered harmful Casper . Dik
Re: Mambo Open Source, Path disclosure Vasiliy
Zoomblog <IMG> BBCode Tag JavaScript Injection Vulnerability sikikmail
XSS & SQL injection in phpWebThing xx_hack_xx_2004
I-Saudi.Com First K-S-A WarGamE S3ude
Apache Tomcat 5.5.x remote Denial Of Service David Maciejak
Invision Power Board Privilege Esaclation (2.0.1 + more) Anti Matter
Xss - Html injection in XMB s2b
Failles dans Invision Power Board 2.1 [xss] benjilenoob
[waraxe-2005-SA#043] - Sql injection in Phorum 5.0.20 and earlier come2waraxe
Re: OpenVPN[v2.0.x]: foreign_option() formart string vulnerability. v9
Zoomblog HTML Injection Vulnerability sikikmail
Zoomblog HTML Injection Vulnerability sikikmail
Gallery_v2.4 SQL Injection abducter_minds
Monday, 07 November
EUSecWest/London Call for Papers and PacSec/Tokyo announcements Dragos Ruiu
[ GLSA 200511-04 ] ClamAV: Multiple vulnerabilities Sune Kloppenborg Jeppesen
[ GLSA 200511-05 ] GNUMP3d: Directory traversal and XSS vulnerabilities Sune Kloppenborg Jeppesen
Re: Zoomblog HTML Injection Vulnerability RBA
[SECURITY] [DSA 888-1] New OpenSSL packages fix cryptographic weakness Martin Schulze
[SECURITY] [DSA 886-1] New chmlib packages fix several vulnerabilities Martin Schulze
[SECURITY] [DSA 885-1] New OpenVPN packages fix several vulnerabilities Martin Schulze
[SECURITY] [DSA 809-3] New squid packages fix regression Martin Schulze
Work in Progress: FileZilla Server Terminal V0.9.4d Buffer Overflow inge . henriksen
Path disclosure in CuteNews <= 1.4.0 poizon
SEC Consult SA-20051107-1 :: Macromedia Flash Player ActionDefineFunction Memory Corruption Bernhard Mueller
SEC Consult SA-20051107-0 :: toendaCMS multiple vulnerabilites Bernhard Mueller
[SECURITY] [DSA 884-1] New Horde3 packages fix insecure default installation Martin Schulze
XSS vulnerability in names.co.uk framed hosting reuben . 31
Re: [Full-disclosure] Re: readdir_r considered harmful Andrew Farmer
[ GLSA 200511-07 ] OpenVPN: Multiple vulnerabilities Thierry Carrez
upload phpshell in PHPFM [at]
[ GLSA 200511-06 ] fetchmail: Password exposure in fetchmailconf Thierry Carrez
Invision Power Board 2.1 : Multiple XSS Vulnerabilities Jerome Athias
TWiki 20030201 VIEW string remote command execution [at]
Asterisk vmail.cgi vulnerability advisories+asterisk
Advanced Guestbook 2.2 ( SQL Injection Exploit ) bhs_team
Re: Re: Mambo Open Source, Path disclosure trueend5
Re: [Full-disclosure] Re: readdir_r considered harmful Ulrich Drepper
Zone Labs Products Advance Program Control and OS Firewall (Behavioral Based) Technology Bypass Vulnerability Debasis Mohanty
[USN-214-1] libungif vulnerabilities Martin Pitt
Re: [Full-disclosure] Re: readdir_r considered harmful Casper . Dik
Re: [Full-disclosure] Re: readdir_r considered harmful Ulrich Drepper
Re: [Full-disclosure] Re: readdir_r considered harmful Casper . Dik
e107 Games System exploit willey_wonka
LayerOne 2006 CFP Released Layer One
[TKADV2005-11-001] Multiple vulnerabilities in PHPlist tk
Hidden accounts on sony vaio laptops yash . kadakia
OSTE v1.0 Remote Command Exucetion khc
Tuesday, 08 November
Oracle October 2005 CPU Problems NGSSoftware Insight Security Research
Oracle DBMS_ASSERT and the October 2005 CPU NGSSoftware Insight Security Research
Re: [Full-disclosure] Re: readdir_r considered harmful Andrew Miller
Re: [Full-disclosure] Re: readdir_r considered harmful Casper . Dik
Call For Papers first-2006papers
MDKSA-2005:205 - Updated clamav packages fix multiple vulnerabilities Mandriva Security Team
[SECURITY] [DSA 889-1] New enigmail packages fix information disclosure Martin Schulze
Re: Hidden accounts on sony vaio laptops Williams, James K
Advisory 21/2005: Multiple vulnerabilities in PHPKIT Christopher Kunz
Wednesday, 09 November
MDKSA-2005:206 - Updated openvpn packages fix multiple vulnerabilities Mandriva Security Team
[SECURITY] [DSA 891-1] New gpsdrive packages fix arbitrary code execution Martin Schulze
[EEYEB-20050329] Windows Metafile Multiple Heap Overflows Advisories
[SECURITY] [DSA 890-1] New libungif4 packages fix several vulnerabilities Martin Schulze
CYBSEC - Security Advisory: HTTP Response Splitting in SAP WAS Leandro Meiners
[EEYEB-20050901] Windows Metafile SetPalette Entries Heap OVerflow Vulnerability (Graphics Rendering Engine Vulnerability) Advisories
CYBSEC - Security Advisory: Phishing Vector in SAP WAS Leandro Meiners
CYBSEC - Security Advisory: Multiple XSS in SAP WAS Leandro Meiners
Multiple security issues in TikiWiki 1.9.x Moritz Naumann
Antville 1.1 Cross Site Scripting Moritz Naumann
New Bug KESM in GoogleTalk natalylopez380
ASPKnowledgebase vulnerable to SQL-inject preben
ASPKnowledgebase vulnerable to XSS injection. preben
[USN-151-4] rpm vulnerability Martin Pitt
Thursday, 10 November
[security bulletin] SSRT051041 Revised - HP-UX Mozilla Remote Unauthorized Execution of Privileged Code or Denial of Service (DoS) security-alert
[security bulletin] SSRT051064 Revised - HP-UX ftpd Remote Unauthorized Data Access security-alert
[security bulletin] SSRT051014 - HP-UX Trusted Mode remshd Remote Unauthorized Access security-alert
[security bulletin] SSRT051012 - HP-UX envd Local Execution of Privileged Code security-alert
MDKSA-2005:207 - Updated libungif packages fix various vulnerabilities Mandriva Security Team
MDKSA-2005:208 - Updated emacs packages fix Lisp vulnerability Mandriva Security Team
MDKSA-2005:209 - Updated fetchmail packages fixes fetchmailconf vulnerability Mandriva Security Team
MDKSA-2005:210 - Updated w3c-libwww packages fixes DoS vulnerability. Mandriva Security Team
Re: New Bug KESM in GoogleTalk crowdat
[SECURITY] [DSA 892-1] New awstats packages fix arbitrary command execution Martin Schulze
[FS-05-01] Multiple vulnerabilities in phpAdsNew Toni Koivunen
Folder Guard exe files protection bypass ShadowBeast
[SECURITY] [DSA 804-2] New kdelibs packages fix backup file information leak Martin Schulze
[FLSA-2005:166941] Updated httpd and mod_ssl packages fix two security issues Marc Deslauriers
[USN-215-1] fetchmailconf vulnerability Martin Pitt
Moodle <=1.6dev blind SQL Injection retrogod
[EEYEB-20050510] - RealPlayer Data Packet Stack Overflow Advisories
[EEYEB-20050701] - RealPlayer Zipped Skin File Buffer Overflow II Advisories
Saturday, 12 November
High Risk Flaw in RealPlayer NGSSoftware Insight Security Research
Monday, 14 November
SQL injection in phpWebThing 1.4.4 A . 1 . M
MDKSA-2005:211 - Updated lynx packages fix critical vulnerability Mandriva Security Team
Multiple Bugs in MyBB 1.0 PR2 Rev 686(Updated Nov 1, 2005) syini666
ZRCSA-200502 - phpAdsNew SQL Injection Vulnerabilities Siegfried
[ GLSA 200511-08 ] PHP: Multiple vulnerabilities Thierry Carrez
PHPCalendar (and some more codegrrl.com products) arbitrary code execution r . verton
[ GLSA 200511-09 ] Lynx: Arbitrary command execution Thierry Carrez
PollVote Remote File Inclusion stormhacker
XOOPS 2.2.3 Final arbitrary local inclusion / XOOPS WF-Downloads module v 2.05 SQL Injection retrogod
[ GLSA 200511-10 ] RAR: Format string and buffer overflow vulnerabilities Thierry Carrez
[ GLSA 200511-11 ] linux-ftpd-ssl: Remote buffer overflow Thierry Carrez
[FLSA-2005:152848] Updated glibc packages fix security issues Marc Deslauriers
DMA[2005-1112a] - 'Veritas Storage Foundation VCSI18N_LANG buffer overflow' Kevin Finisterre
[SECURITY] [DSA 895-1] New uim packages fix privilege escalation Martin Schulze
fipsCMS light - vulnerable to script injection. preben
[SECURITY] [DSA 893-1] New acidlab packages fix SQL injection Martin Schulze
Advisory 22/2005: Multiple vulnerabilities in phpSysInfo Christopher Kunz
[ADVISORY] CISCO ASA Failover DoS Vulnerability Amin Tora
iDefense Security Advisory 11.11.05: Multiple Vendor Lynx Command Injection Vulnerability labs-no-reply () idefense com
[KAPDA::#12] - ekinboard XSS and HTML Injection alireza hassani
[security bulletin] HPSBUX02075 SSRT051074 - HP-UX Running xterm Local Unauthorized Access security-alert
Beta product testing Bill Stout
MD4 and MD5 collision generators sflist
List of Security-oriented Fairs/Events/Conferences? Rainer Duffner
GAO report on e-voting Atom Smasher
phpBB 2.0.18 SQL Query problem max
Malware Removal and Prevention Procedure Paul Laudanski
Re: New Bug KESM in GoogleTalk Cory Altheide
Cisco Security Advisory: Multiple Vulnerabilities Found by PROTOS IPSec Test Suite Cisco Systems Product Security Incident Response Team
Midicart sql injection crazy frog crazy frog
1-2-All Broadcast E-mail Software vulnerable to a classic SQL admin bhs_team
Cyphor (Release: 0.19) Sql injection s2b
Walla TeleSite Multiple Vulnerabilities sinneR
Multible Sql injections in Wizz Forum s2b
[SECURITY] [DSA 894-1] New AbiWord packages fix arbitrary code execution Martin Schulze
RE: [ADVISORY] CISCO ASA Failover DoS Vulnerability Randy Ivener (rivener)
Tuesday, 15 November
Re: List of Security-oriented Fairs/Events/Conferences? Saeed Abu Nimeh
RE: List of Security-oriented Fairs/Events/Conferences? Jeremy Epstein
PHPWCMS - Directory traversal vulnerability,CSS attack Stefan Lochbihler
Re: DMA[2005-1112a] - 'Veritas Storage Foundation VCSI18N_LANG buffer overflow' Dana Hudes
[xfocus-AD-051115]Multiple antivirus failed to scan malicous filename bypass vulnerability alert7 () xfocus org
[FLSA-2005:152794] Updated rp-pppoe package fixes security issue Marc Deslauriers
[SECURITY] [DSA 896-1] New ftpd-ssl packages fix arbitrary code execution Martin Schulze
[ GLSA 200511-12 ] Scorched 3D: Multiple vulnerabilities Thierry Carrez
[FLSA-2005:158801] Updated bzip2 packages fix security issues Marc Deslauriers
Re: phpBB 2.0.18 SQL Query problem Ron van Daal
[PHPADSNEW-SA-2005-002] phpAdsNew and phpPgAds 2.0.7 fix multiple vulnerabilities Matteo Beccati
[SECURITY] [DSA 897-1] New phpsysinfo packages fix several vulnerabilities Martin Schulze
[FS-05-02] Multiple vulnerabilities in phpMyAdmin Toni Koivunen
Three years and ten months without a patch David Litchfield
[FLSA-2005:123013] Updated xchat package fixes security issue Marc Deslauriers
Affiliate Network Pro v7.2 SQL Injections, Arbitrary code execution, XSS r . verton
Re: [FLSA-2005:152794] Updated rp-pppoe package fixes security issue David F. Skoll
Re: Midicart sql injection [at]
Template Seller Pro 3.25 r . verton
Re: [xfocus-AD-051115]Multiple antivirus failed to scan malicous filename bypass vulnerability Thierry Zoller
RE: List of Security-oriented Fairs/Events/Conferences? dave kleiman
[securityzone () macromedia com: Macromedia Security Bulletins] noreply
Authentication vulnerability in Belkin wireless devices Andrei Mikhailovsky
iDEFENSE Security Advisory 11.15.05: Multiple Vendor GTK+ gdk-pixbuf XPM Loader Heap Overflow Vulnerability labs-no-reply () idefense com
Re: phpBB 2.0.18 SQL Query problem max
iDEFENSE Security Advisory 11.15.05: Multiple Vendor Insecure Call to CreateProcess() Vulnerability labs-no-reply () idefense com
Critical SQL Injection PHPNuke <= 7.8 sp3x
APPLE-SA-2005-11-15 iTunes 6 for Windows noreply
[ GLSA 200511-13 ] Sylpheed, Sylpheed-Claws: Buffer overflow in LDIF importer Thierry Carrez
Wednesday, 16 November
RE: List of Security-oriented Fairs/Events/Conferences? Juha-Matti Laurio
In response to ISAKMP 'vulnerabilities' sigint
Schneier's PasswordSafe password validation flaw info
SUSE Security Announcement: gdk-pixbuf, gtk2 (SUSE-SA:2005:065) Thomas Biege
Database servers on XP and the curious flaw David Litchfield
Buffer Overrun in FTGate4 Groupware Mail server io
Cisco Security Advisory: Fixed SNMP Communities and Open UDP Port in Cisco 7920 Wireless IP Phone Cisco Systems Product Security Incident Response Team
Buffer OverFlow For Php 4.3.10 and other ?? Local papipsycho
[USN-216-1] GDK vulnerabilities Martin Pitt
Re: Authentication vulnerability in Belkin wireless devices Andrei Mikhailovsky
[security bulletin] SSRT051251 - Apache-based Web Server on HP-UX mod_ssl, proxy_http, Remote Execution of Arbitrary Code, Denial of Service (DoS), and Unauthorized Access security-alert
Re: List of Security-oriented Fairs/Events/Conferences? Luca Sambucci
[security bulletin] SSRT5979 - HP Jetdirect 635n IPv6/IPsec Print Server (J7961A) Remote Denial of Service (DoS) Security Alert
MDKSA-2005:212 - Updated egroupware packages to address phpldapadmin, phpsysinfo vulnerabilities Mandriva Security Team
[ GLSA 200511-14 ] GTK+ 2, GdkPixbuf: Multiple XPM decoding vulnerabilities Thierry Carrez
[security bulletin] SSRT5979 - HP-UX Running IPSec Remote Denial of Service (DoS) security-alert
Thursday, 17 November
ShmooCon 2006 - Washington DC B Potter
MDKSA-2005:213 - Updated php packages fix multiple vulnerabilities Mandriva Security Team
[KAPDA::#13] - XMB HTML Injection & Path Disclosure. alireza hassani
[SECURITY] [DSA 898-1] New phpgroupware packages fix several vulnerabilities Martin Schulze
[SECURITY] [DSA 899-1] New egroupware packages fix several vulnerabilities Martin Schulze
iDEFENSE Security Advisory 11.17.05: Qualcomm WorldMail IMAP Server Directory Traversal Vulnerability labs-no-reply () idefense com
Friday, 18 November
[SECURITY] [DSA 900-1] New fetchmail packages fix potential information leak Martin Schulze
Snagging Security Tokens to Elevate Privileges David Litchfield
PHP-Fusion <= 6.00.206 Multiple Vulnerabilities r . verton
Re: New Bug KESM in GoogleTalk kahrny
Secunia Research: MailEnable Buffer Overflow and Directory Traversal Vulnerabilities Secunia Research
Google Base Petko Petkov
Secunia Research: Winmail Server Multiple Vulnerabilities Secunia Research
Saturday, 19 November
Re: PHP-Fusion <= 6.00.206 Multiple Vulnerabilities sheldon
Mambo 0day Exploit out in the wild - mambo/skype hacked rebarz99
MDKSA-2005:214 - Updated gdk-pixbuf/gtk+2.0 packages fix vulnerability Mandriva Security Team
[SECURITY] [DSA 901-1] New gnump3d packages fix several vulnerabilities Martin Schulze
[ GLSA 200511-15 ] Smb4k: Local unauthorized file access Sune Kloppenborg Jeppesen
[security - exponentcms] Hans Wolters
[TKADV2005-11-004] Multiple Cross Site Scripting vulnerabilities in phpMyFAQ tk
Monday, 21 November
Security Advisory: Struts Error Message Cross Site Scripting Irene Abezgauz
APBoard v [all] ---> [SQL injection] ksa_ksa82
cracking safes with thermal imaging Michal Zalewski
Your One-Stop Site For Sony Lawsuit Info Larry Seltzer
[SECURITY] [DSA 902-1] New xmail packages fix arbitrary code execution Martin Schulze
[SECURITY] [DSA 811-2] New common-lisp-controller packages fix arbitrary code injection Martin Schulze
Re: Work in Progress: FileZilla Server Terminal V0.9.4d Buffer Overflow inge . henriksen
Metro Olografix Crypto Meeting 2006 CFP Angelo Dell'Aera
Google Search Appliance proxystylesheet Flaws H D Moore
Re: Cisco Clean Access Agent (Perfigo) bypass fakemeail
[SECURITY] [DSA 903-1] New unzip packages fix unauthorised permissions modification Martin Schulze
[SECURITY] [DSA 900-2] New fetchmail packages fix potential information leak Martin Schulze
[SECURITY] [DSA 904-1] New netpbm packages fix arbitrary code execution Martin Schulze
Computer Terrorism Security Advisory (Reclassification) - Microsoft Internet Explorer JavaScript Window() Vulnerability securityadvisory
Gadu-Gadu several vulnerabilities (version <= 7.20) Jaroslaw Sajko
IE BUG, Mozilla DOS? admin
Tuesday, 22 November
[SECURITY] [DSA 905-1] New mantis packages fix several vulnerabilities Martin Schulze
[SECURITY] [DSA 906-1] New sylpheed packages fix arbitrary code execution Martin Schulze
[ GLSA 200511-16 ] GNUMP3d: Directory traversal and insecure temporary file creation Thierry Carrez
[USN-217-1] Inkscape vulnerability Martin Pitt
[USN-190-2] ucs-snmp vulnerability Martin Pitt
PmWiki 2.0.12 Cross Site Scripting Moritz Naumann
[KAPDA::#14] - PHPPost XSS and HTML Injection alireza hassani
VHCS 2.x HTTP Error Cross Site Scripting Moritz Naumann
Exploiting the Stack (Part I-IV) [at]
Horde MIME Viewer vulnerability daniel . schreckling
[ GLSA 200511-17 ] FUSE: mtab corruption through fusermount Thierry Carrez
[SECURITY] [DSA 900-3] New fetchmail-ssl packages fix potential information leak Martin Schulze
Secunia Research: Opera Command Line URL Shell Command Injection Secunia Research
[USN-219-1] Linux kernel vulnerabilities Martin Pitt
OTRS 1.x/2.x Multiple Security Issues Moritz Naumann
[USN-218-1] netpbm vulnerabilities Martin Pitt
Cisco PIX TCP Connection Prevention Konstantin V. Gavrilenko
Wednesday, 23 November
[security bulletin] SSRT051074 Revised - HP-UX Running xterm Local Unauthorized Access security-alert
[SECURITY] [DSA 909-1] New horde3 packages fix cross-site scripting Martin Schulze
GeSWall Intrusion Prevention System 2.1 Released (Freeware) GentleSecurity Team
[SECURITY] [DSA 908-1] New sylpheed-claws packages fix arbitrary code execution Martin Schulze
Re: IE BUG, Mozilla DOS? Kyle Wheeler
[SECURITY] [DSA 907-1] New ipmenu packages fix insecure temporary file creation Martin Schulze
Google Talk Denial of Service - BenjiBug James Evans
[ GLSA 200511-20 ] Horde Application Framework: XSS vulnerability Sune Kloppenborg Jeppesen
[ GLSA 200511-19 ] eix: Insecure temporary file creation Sune Kloppenborg Jeppesen
[ GLSA 200511-18 ] phpSysInfo: Multiple vulnerabilities Sune Kloppenborg Jeppesen
XSS on Yahoo Mail Richard Fuchshuber
MDKSA-2005:215 - Updated binutils packages fix vulnerabilities Mandriva Security Team
Thursday, 24 November
Secunia Research: SpeedProject Products ZIP/UUE File Extraction Buffer Overflow Secunia Research
MailEnable IMAP DOS Josh Zlatin
Advisory 23/2005: vTiger multiple vulnerabilities Christopher Kunz
[SECURITY] [DSA 910-1] New zope2.7 packages fix arbitrary file inclusion Martin Schulze
RE: XSS on Yahoo Mail Will Wesley
freeFTPd 1.0.10 (Dos,Exploit) Stefan Lochbihler
2nd CFP: Workshops at the 1st Int. Conf. on Availability, Reliability & Security Manh Tho
Re: VHCS 2.x HTTP Error Cross Site Scripting Moritz Naumann
Friday, 25 November
MDKSA-2005:216 - Updated fuse packages fix vulnerability Mandriva Security Team
SEC Consult SA-20051125-0 :: More Vulnerabilities in vTiger CRM SEC Consult Research
Mandriva Security [at]
Re: Advisory 23/2005: vTiger multiple vulnerabilities Christopher Kunz
Advisory 23/2005: vTiger multiple vulnerabilities Christopher Kunz
eFiction <= 2.0 multiple vulnerabilities retrogod
Saturday, 26 November
[ GLSA 200511-21 ] Macromedia Flash Player: Remote arbitrary code execution Thierry Carrez
XSS in PBLang 4.65 Profile.php/UCP.php r0xes
Re: XSS on Yahoo Mail Steven Champeon
Re: XSS on Yahoo Mail Will Wesley
Re: XSS on Yahoo Mail Jim Ley
Re: XSS on Yahoo Mail Personal Account
Re: XSS on Yahoo Mail little . hacker
RE: Advisory 23/2005: vTiger multiple vulnerabilities Bug Traq Lists
Re: Mandriva Security Vincent Danen
RE: XSS on Yahoo Mail Richard Fuchshuber
Webistanbul Control Panel Sql Injection khc
Re: XSS on Yahoo Mail alireza hassani
Re: XSS on Yahoo Mail Matan Peled
Remote file include in Athena gb . network
Remote file include in Q-News gb . network
Remote file include in phpgreetz gb . network
Monday, 28 November
[ GLSA 200511-23 ] chmlib, KchmViewer: Stack-based buffer overflow Thierry Carrez
[ GLSA 200511-22 ] Inkscape: Buffer overflow Thierry Carrez
ANN: Free endpoint security software released (Core FORCE 070.105) Core FORCE team
Guppy <= 4.5.9 Remote code execution retrogod
WebCalendar Multiple Vulnerabilities ascii
Php Web Statistik Multiple Vulnerabilities ascii
Free Web Stat Multiple XSS Vulnerabilities ascii
APC Security Advisory - PowerChute Network Shutdown's Web Interface Only Supports HTTP Security . advisory
Re: XSS on Yahoo Mail Lance James
ZRCSA-200503 - ktools Buffer Overflow Vulnerability siegfried
Re: phpBB Code EXEC (v2.0.10) deane10
DNS query spam Piotr Kamisiski
Re: Multiple security issues in TikiWiki 1.9.x mose
Randshop all versiyon Sql İnjection liz0
- Cisco IOS HTTP Server code injection/execution vulnerability- picardos
Kadu remote DoS michal
Google Talk cleartext credentials in process memory unknown . pentester
What is wrong with these people? Paul Schmehl
Re: - Cisco IOS HTTP Server code injection/execution vulnerability- Florian Weimer
Flaw in Syn Attack Protection on non-updated Microsoft OSes can lead to DoS Luigi Mori
Re: phpBB Code EXEC (v2.0.10) Ron van Daal
Core FORCE and OpenBSD PF's Ivan Arce
Tuesday, 29 November
Cisco Security Advisory: Cisco Security Agent Vulnerable to Privilege Escalation Cisco Systems Product Security Incident Response Team
[SECURITY] [DSA 911-1] New gtk+2.0 packages fix several vulnerabilities Martin Schulze
[Full-disclosure] [ GLSA 200511-23 ] chmlib, KchmViewer: Stack-based buffer overflow koon
[FLSA-2005:166943] Updated php packages fix security issues Marc Deslauriers
Re: Re: - Cisco IOS HTTP Server code injection/execution vulnerability- limfung
Xaraya <= 1.0.0 RC4 D.O.S / file corruption retrogod
ASP-Rider Default.asp SQL Injection info
Webmin miniserv.pl format string vulnerability advisory
Re: DNS query spam Josep Ma Castells
Panda Remote Heap Overflow list
Re: DNS query spam Antone Roundy
APPLE-SA-2005-11-29 Security Update 2005-009 noreply
Re: DNS query spam Alexander Lourier
N-13 News Remote SQL/PHP Shell injection contropotere
RE: - Cisco IOS HTTP Server code injection/execution vulnerability- Evans, Arian
possible privilege escalation on QNX Neutrino 6.3.0 pasquale minervini
Re: DNS query spam Piotr Kamisiski
Re: Re: - Cisco IOS HTTP Server code injection/execution vulnerability- picardos
Re: DNS query spam Florian Weimer
Wednesday, 30 November
Re: Xaraya <= 1.0.0 RC4 D.O.S / file corruption Paul Laudanski
Re: WebCalendar Multiple Vulnerabilities ascii
Re: DNS query spam Florian Weimer
Re: DNS query spam Jim Pingle
[SECURITY] [DSA 912-1] New centericq packages fix denial of service Martin Schulze
Re: DNS query spam Stephen Stuart
Gallery 2.x Security Advisory Bharat Mediratta
Opera 8.50 DoS with simple java applet Marc Schoenefeld
Re: WebCalendar Multiple Vulnerabilities Paul Laudanski
Re: DNS query spam Joe
MDKSA-2005:219 - Updated kernel packages fix numerous vulnerabilities Mandriva Security Team
MDKSA-2005:218 - Updated kernel packages fix numerous vulnerabilities Mandriva Security Team
Re: Opera 8.50 DoS with simple java applet Edward D Wiget
MDKSA-2005:217 - Updated netpbm packages fix pnmtopng vulnerabilities Mandriva Security Team
Re: Re: Xaraya <= 1.0.0 RC4 D.O.S / file corruption retrogod
MDKSA-2005:220 - Updated kernel packages fix numerous vulnerabilities Mandriva Security Team