Bugtraq: by author
RSS Feed
About List
All Lists
Previous period
361 messages
starting May 27 05 and
ending May 25 05
Date index |
Thread index |
Author index
ACROS Security
RE: ACROS Security: HTML Injection in BEA WebLogic Server Console (2) ACROS Security (May 27)
ACROS Security: HTML Injection in BEA WebLogic Server Console (2) ACROS Security (May 24)
ACROS Security: HTML Injection in BEA WebLogic Server Console (1) ACROS Security (May 24)
admin
JGS-Portal 3.0.1 SQL-Injection admin (May 02)
albatross
NISCC Vulnerability Advisory IPSEC - 004033 albatross (May 09)
Alberto Trivero
Multiple vulnerabilities in MyBulletinBoard (MyBB) 1.00 RC4 Alberto Trivero (May 31)
SQL Injection Exploit for myBloggie 2.1.1 - 2.1.2 Alberto Trivero (May 27)
Multiple vulnerabilities in myBloggie 2.1.1 Alberto Trivero (May 05)
alert7
Linux kernel pktcdvd and rawdevice ioctl break user space limit vulnerability alert7 (May 17)
alessandro
DSL-504T (and maybe many other) remote access without password bug alessandro (May 27)
504T and now also 604T remote access. alessandro (May 31)
Alexander Kornbrust
Oracle 10g DBMS_SCHEDULER SESSION_USER issue Alexander Kornbrust (May 05)
Oracle 9i / 10g Fine Grained Auditing Issue Alexander Kornbrust (May 05)
ali reza AcTiOnSpIdEr
Mac OS X - Adobe Version Cue local root exploit [c version exploit] ali reza AcTiOnSpIdEr (May 16)
a.list.address () gmail com
Re: Apache hacks (./atac, d0s.txt) a.list.address () gmail com (May 02)
Alok Menghrajani - Ilion Security SA
TCP/IP implementations do not adequately validate ICMP error messages Alok Menghrajani - Ilion Security SA (May 10)
Andrew Griffiths
Re: Linux kernel ELF core dump privilege elevation (kernel module workaround) Andrew Griffiths (May 12)
antoine
Re: Linux kernel ELF core dump privilege elevation antoine (May 12)
Anton Ivanov
Re: ASP.NET __VIEWSTATE crypto validation prone to replay attacks Anton Ivanov (May 12)
Arne Vidström
Re: Commonly used disk imaging and wiping tools can be tricked to miss parts of a disk Arne Vidström (May 26)
Commonly used disk imaging and wiping tools can be tricked to miss parts of a disk Arne Vidström (May 11)
August Christopher
MyBB 1.0 RC4 XSS Bug August Christopher (May 30)
Auston J
Meteor FTP Server v1.5 Buffer Overflow Auston J (May 23)
Bahaa Naamneh
UNICODE BUFFER OVERFLOW IN MS-WORD Bahaa Naamneh (May 19)
[UPDATE] UNICODE BUFFER OVERFLOW IN MS-WORD Bahaa Naamneh (May 20)
Bakchodiya
Security issue in Microsoft Outlook Bakchodiya (May 18)
Benjamin Tobias Franz
Microsoft Internet Explorer - Crash on adding sites to restricted zone (05/28/2005) Benjamin Tobias Franz (May 30)
Microsoft Internet Explorer - Crash on processing embedded files with endless loop (05/28/2005) Benjamin Tobias Franz (May 30)
Microsoft Internet Explorer - Crash on to many stack overflows (05/28/2005) Benjamin Tobias Franz (May 30)
Microsoft Internet Explorer - Crash on JavaScript "window()"-calling (05/28/2005) Benjamin Tobias Franz (May 30)
Benton Lam
Re: Microsoft Internet Explorer - Crash on JavaScript "window()"-calling (05/28/2005) Benton Lam (May 31)
Bernhard Mitterer
Re: Windows image size crash Bernhard Mitterer (May 14)
Boren, Rich (SSRT)
[security bulletin] SSRT5899 rev.0 - HP-UX trusted system remote unauthorized access Boren, Rich (SSRT) (May 26)
[security bulletin] SSRT4884 rev.0 - HP-UX TCP/IP Remote Denial of Service (DoS) Boren, Rich (SSRT) (May 26)
[security bulletin] SSRT5954 rev.1 - HP-UX TCP/IP Remote Denial of Service (DoS) Boren, Rich (SSRT) (May 26)
Braden Thomas
4d WebSTAR 5.x Web Server Mac OS X Buffer Overflow Braden Thomas (May 06)
Bruno Lustosa
Re: Linux kernel ELF core dump privilege elevation Bruno Lustosa (May 11)
bugs
Linux kernel pktcdvd ioctl break user space limit vulnerability [corrected] bugs (May 18)
CENSORED
SQL injections in PortailPHP CENSORED (May 23)
Multiple vulnerabilities in x-cart Gold CENSORED (May 30)
Cesar
[Argeniss] MS05-012 Exploit Cesar (May 31)
chris
Re: Linux kernel ELF core dump privilege elevation (kernel module workaround) chris (May 13)
Christophe Lucas
Re: Firefox Crash?? Christophe Lucas (May 11)
Chris Umphress
Re: Apache hacks (./atac, d0s.txt) Chris Umphress (May 02)
Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: FWSM URL Filtering Solution TCP ACL Bypass Vulnerability Cisco Systems Product Security Incident Response Team (May 11)
class
BakBone NetVault last warning class (May 11)
Microsoft WINS Vulnerability + OS/SP Scanner class (May 02)
Claus R. F. Overbeck
Pico Server (pServ) Information Disclosure Of CGI Sources Claus R. F. Overbeck (May 16)
Pico Server (pServ) Local Information Disclosure Claus R. F. Overbeck (May 16)
Pico Server (pServ) Remote Command Injection Claus R. F. Overbeck (May 16)
cmthemc
Re: Windows image size crash cmthemc (May 18)
codeQ
Re: Linux kernel ELF core dump privilege elevation codeQ (May 13)
Conectiva Updates
[CLA-2005:952] Conectiva Security Announcement - kernel Conectiva Updates (May 02)
[CLA-2005:953] Conectiva Security Announcement - kde Conectiva Updates (May 17)
contact
Announcement: The Web Security Mailing List contact (May 09)
cybertronic
dSMTP - SMTP Mail Server 3.1b Linux Remote Root Format String Exploit cybertronic (May 05)
Daniel Cid
Re: Apache hacks (./atac, d0s.txt) Daniel Cid (May 02)
Daniel Souza
Re: User32.dll Icon Size Crash Daniel Souza (May 27)
DarkBicho
multiple vulnerability Calendarix Advanced DarkBicho (May 31)
David Nichols
Re: SPAM-HIGH: TCP/IP implementations do not adequately validate ICMP error messages David Nichols (May 11)
David Remahl
[DR018] Quartz Composer / QuickTime 7 information leakage David Remahl (May 12)
Advisories for 4 vulnerabilities addressed by Apple SU 2005-005 David Remahl (May 05)
David Schwartz
RE: TCP/IP implementations do not adequately validate ICMP error messages David Schwartz (May 11)
dcrab
Authentication bypass, sql injections and xss in ArticleLive 2005 dcrab (May 05)
Multiple SQL injections and XSS in FishCart 3.1 dcrab (May 05)
dedi dwianto
Multiple Vulnerabilities in MetaCart e-Shop dedi dwianto (May 16)
deluxe
Re: [SePro Bugtraq] WBB Portal - JGS-Portal <= 3.0.2 - Multiple Vulnerabilities (09.05.05) deluxe (May 19)
[SePro Bugtraq] WBB Portal - JGS-Portal <= 3.0.2 - Multiple Vulnerabilities (09.05.05) deluxe (May 16)
Dennis Elser
PicoWebServer Remote Unicode Stack Overflow Dennis Elser (May 30)
Dim K0r0l
Meteor FTP Server: PoC Exploit Dim K0r0l (May 26)
Donato Ferrante
directory traversal in SimpleCam 1.2 Donato Ferrante (May 05)
Multiple Vulnerabilities in Video Cam Server 1.0.0 Donato Ferrante (May 02)
Ejovi Nuwere
[SecurityLab] Ethereal 0.10.10 SIP Dissector Overflow Ejovi Nuwere (May 09)
Exoduks
[hackgen-2005-#004] - Multiple bugs in MidiCart PHP Shopping Cart Exoduks (May 05)
Eyal Udassin
Citrix security contact Eyal Udassin (May 27)
farhad koosha
episodex guestbook security bypass & html injection farhad koosha (May 20)
Felix
MRO Maximo v4 & v5 Felix (May 05)
Filippo Spike Morelli
Gforge - viewFile.php security flaw Filippo Spike Morelli (May 24)
Francesco Orro
D-Link DSL routers authentication bypass Francesco Orro (May 19)
FreeBSD Security Advisories
FreeBSD Security Advisory FreeBSD-SA-05:09.htt [REVISED] FreeBSD Security Advisories (May 13)
FreeBSD Security Advisory FreeBSD-SA-05:06.iir FreeBSD Security Advisories (May 06)
FreeBSD Security Advisory FreeBSD-SA-05:08.kmem FreeBSD Security Advisories (May 06)
FreeBSD Security Advisory FreeBSD-SA-05:07.ldt FreeBSD Security Advisories (May 06)
Gadi Evron
Wide-scale industrial espionage using Trojan horses in Israel Gadi Evron (May 31)
Gary O'leary-Steele
[SEC-1 LTD] RSA SecurID Web Agent Heap Overflow Gary O'leary-Steele (May 06)
gilbert nzeka
tHorK FrameWork Beta v0.1::: another exploit framework gilbert nzeka (May 02)
Giuseppe `lan` Marocchio
Re: Windows image size crash Giuseppe `lan` Marocchio (May 13)
Greg KH
Re: Linux kernel ELF core dump privilege elevation Greg KH (May 11)
Re: Linux kernel ELF core dump privilege elevation Greg KH (May 11)
GulfTech Security Research
Yappa-NG Multiple Vulnerabilities GulfTech Security Research (May 11)
Help Center Live Vulnerabilities GulfTech Security Research (May 18)
Multiple Vulnerabilities In Invision Power Board GulfTech Security Research (May 06)
Multiple Vulnerabilities In SitePanel2 GulfTech Security Research (May 05)
Woltlab Burning Board SQL Injection Vulnerability GulfTech Security Research (May 16)
Multiple Vulnerabilities In osTicket GulfTech Security Research (May 05)
Format String Vulnerability In Peercast 0.1211 And Earlier GulfTech Security Research (May 30)
Gunter Ollmann
Re: Can't trust COMODO - An Update Gunter Ollmann (May 09)
Gunter Ollmann (NGS)
Can't trust COMODO Gunter Ollmann (NGS) (May 02)
H D Moore
Re: ASP.NET __VIEWSTATE crypto validation prone to replay attacks H D Moore (May 05)
Metasploit Framework v2.4 H D Moore (May 11)
hennoj
Multiple vulnearabilities in e107 cms hennoj (May 06)
Hohn, Joerg
RE: Microsoft Internet Explorer - Crash on adding sites to restri cted zone (05/28/2005) Hohn, Joerg (May 31)
Hyperdose Security
Local file detection bug found through Adobe SVG Viewer Hyperdose Security (May 05)
iDEFENSE Labs
iDEFENSE Security Advisory 05.24.05: Ipswitch IMail Web Calendaring Arbitrary File Read Vulnerability iDEFENSE Labs (May 24)
iDEFENSE Security Advisory 05.25.05: GNU Mailutils 0.6 imap4d FETCH Command Resource Consumption DoS Vulnerability iDEFENSE Labs (May 25)
iDEFENSE Security Advisory 05.24.05: Ipswitch IMail IMAP SELECT Command DoS Vulnerability iDEFENSE Labs (May 24)
iDEFENSE Security Advisory 05.25.05: GNU Mailutils 0.6 imap4d Format String Vulnerability iDEFENSE Labs (May 25)
iDEFENSE Security Advisory 05.25.05: GNU Mailutils 0.6 mail header_get_field_name() Buffer Overflow Vulnerability iDEFENSE Labs (May 25)
iDEFENSE Security Advisory 05.24.05: Ipswitch IMail IMAP LSUB DoS Vulnerability iDEFENSE Labs (May 24)
iDEFENSE Security Advisory 05.24.05: Ipswitch IMail IMAP LOGIN Remote Buffer Overflow Vulnerabilities iDEFENSE Labs (May 24)
iDEFENSE Security Advisory 05.24.05: Ipswitch IMail IMAP STATUS Remote Buffer Overflow Vulnerability iDEFENSE Labs (May 24)
iDEFENSE Security Advisory 05.25.05: GNU Mailutils 0.6 imap4d fetch_io Heap overflow Vulnerability iDEFENSE Labs (May 25)
iDEFENSE Security Advisory 05.03.05: Mac OS X Server NeST -target Buffer Overflow Vulnerability iDEFENSE Labs (May 05)
iDEFENSE Security Advisory 05.04.05: Apple Mac OS X vpnd Server_id Buffer Overflow Vulnerability iDEFENSE Labs (May 05)
Ingvar Gilbert
phpATM arbitrary PHP code inclusion Ingvar Gilbert (May 19)
jamesbug
Re: [Full-disclosure] iDEFENSE Security Advisory 05.24.05: Ipswitch IMail Web Calendaring Arbitrary File Read Vulnerability jamesbug (May 26)
Jay D. Dyson
Re: Apache hacks (./atac, d0s.txt) Jay D. Dyson (May 02)
Jeremy Kelley
Re: Firefox Crash?? Jeremy Kelley (May 11)
Jerome ATHIAS
Re: Privilege escalation in BulletProof FTP Server v2.4.0.31 [PoC] Jerome ATHIAS (May 02)
John GALLET
Re: [SECURITY] [DSA 729-1] New PHP4 packages fix denial of service John GALLET (May 27)
john smith
firefox 1.0.3 spoof+auto dl john smith (May 07)
Joxean Koret
Re: Firefox Crash?? Joxean Koret (May 11)
Justin
Re: [security () suse de] [XNUXER-SECURITY] Root Privilige Escalation in Sudo version 1.6.8p7 without Password, SuSE 9.3 Justin (May 31)
- k -
User32.dll Icon Size Crash - k - (May 27)
Re: Microsoft Internet Explorer - Crash on JavaScript "window()"-calling (05/28/2005) - k - (May 31)
Kenshoto
Defcon Capture the Flag registration is open Kenshoto (May 02)
Kevin Finisterre
DMA[2005-0502a] - 'Apple OSX multiple Bluetooth vulnerabilities' Kevin Finisterre (May 05)
KF (lists)
Re: Apache hacks (./atac, d0s.txt) KF (lists) (May 02)
DMA[2005-0501a] - 'ARPUS/Ce setuid buffer overflow and file overwrite' KF (lists) (May 02)
Kold
Sql Injection in CJ Ultra Plus v1.0.3-1.0.4 Kold (May 06)
Konrad Malewski
Windows (XP, 2k3, Longhorn) is vulnerable to IpV6 Land attack. Konrad Malewski (May 18)
K sPecial
htdigest exploit code [bid 13537] K sPecial (May 12)
Lachlan. H
Golden Ftp Server Pro - Directory Traversal Vuln Lachlan. H (May 05)
Directory Traversal Vuln - RaidenFTPD 2.4 < Build 2241 Lachlan. H (May 02)
Lars Olsson
32-bit qmail fun (qmail-pop3d) (fwd) Lars Olsson (May 13)
Laurent Destailleur
Re: AWStats <= 6.4 Multiple vulnerabilities Laurent Destailleur (May 05)
list
Computer Associates Vet Antivirus Library Remote Heap Overflow list (May 23)
NOVELL ZENWORKS MULTIPLE REMØTE STACK & HEAP OVERFLOWS list (May 18)
Luigi Auriemma
Gamespy cd-key validation system: "Cd-key in use" DoS versus many games Luigi Auriemma (May 10)
Crash in Stronghold 2 1.2 Luigi Auriemma (May 30)
Buffer-overflow in C'Nedra 0.4.0 Luigi Auriemma (May 26)
Gamespy cd-key validation system: Cd-key never in use Luigi Auriemma (May 06)
Clients format string and server crash in Mtp-Target 1.2.2 Luigi Auriemma (May 02)
Crash in Zoidcom 1.0 beta 4 Luigi Auriemma (May 10)
Buffer-overflow and crash in Terminator 3: War of the Machines 1.16 Luigi Auriemma (May 26)
Format string and crash in Warrior Kings 1.3 and Battles 1.23 Luigi Auriemma (May 23)
Endless loop in Halo 1.06 Luigi Auriemma (May 24)
Luiz Henrique
Re: Apache hacks (./atac, d0s.txt) Luiz Henrique (May 02)
Luke Macken
[ GLSA 200505-02 ] Oops!: Remote code execution Luke Macken (May 06)
[ GLSA 200505-01 ] Horde Framework: Multiple XSS vulnerabilities Luke Macken (May 02)
Maciej Soltysiak
Re: TCP/IP implementations do not adequately validate ICMP error messages Maciej Soltysiak (May 11)
Macromedia Security Zone
New Macromedia Security Zone Bulletin Posted Macromedia Security Zone (May 10)
Maksymilian Arciemowicz
[SECURITYREASON.COM] PostNuke XSS 0.760{RC2,RC3} Maksymilian Arciemowicz (May 21)
[SECURITYREASON.COM] PostNuke XSS and Full path disclosure 0.760RC3=>x Maksymilian Arciemowicz (May 21)
[SECURITYREASON.COM] PostNuke Non Critical SQL Injection and Include 0.760-RC3=>x Maksymilian Arciemowicz (May 21)
[SECURITYREASON.COM] PostNuke SQL Injection 0.750=>x Maksymilian Arciemowicz (May 21)
Mandriva Security Team
MDKSA-2005:087 - Updated tcpdump packages fix multiple vulnerabilities Mandriva Security Team (May 12)
MDKSA-2005:086 - Updated gaim packages fix multiple vulnerabilities Mandriva Security Team (May 12)
MDKSA-2005:082 - Updated OpenOffice.org packages fix heap overflow vulnerability Mandriva Security Team (May 06)
MDKSA-2005:085 - Updated kdelibs packages fix vulnerabilities Mandriva Security Team (May 12)
MDKSA-2005:088 - Updated mozilla packages fix multiple vulnerabilities Mandriva Security Team (May 14)
MDKSA-2005:084 - Updated gnutls packages fix vulnerabilities Mandriva Security Team (May 12)
MDKSA-2005:089 - Updated cdrdao packages fix local root vulnerability Mandriva Security Team (May 19)
MDKSA-2005:092 - Updated gzip packages fix several vulnerabilities Mandriva Security Team (May 19)
MDKSA-2005:081 - Updated XFree86/XOrg packages fix libXpm vulnerabilities Mandriva Security Team (May 06)
MDKSA-2005:091 - Updated bzip2 packages fix multiple vulnerabilities Mandriva Security Team (May 19)
MDKSA-2005:095 - Updated gdb packages fix vulnerabilities Mandriva Security Team (May 30)
MDKSA-2005:090 - Updated nasm packages fix vulnerability Mandriva Security Team (May 19)
MDKSA-2005:083 - Updated ethereal packages fix multiple vulnerabilities Mandriva Security Team (May 11)
MDKSA-2005:088-1 - Updated mozilla-firefox packages re-enable extensions Mandriva Security Team (May 17)
Marc Deslauriers
[FLSA-2005:152768] Updated ruby package fixes security issues Marc Deslauriers (May 14)
[FLSA-2005:155508] Updated cvs package fixes security issues Marc Deslauriers (May 13)
[FLSA-2005:152771] Updated pam packages fix security issue Marc Deslauriers (May 18)
[FLSA-2005:152883] Updated mozilla packages fix security issues Marc Deslauriers (May 18)
[FLSA-2005:154988] Updated openoffice.org packages fix security issues Marc Deslauriers (May 13)
[FLSA-2005:152856] Updated sudo packages fix security issue Marc Deslauriers (May 14)
[FLSA-2005:152804] Updated openmotif packages fix image vulnerability Marc Deslauriers (May 14)
[FLSA-2005:152763] Updated qt packages fixes security issues Marc Deslauriers (May 14)
[FLSA-2005:152815] Updated libtiff packages fix security issues Marc Deslauriers (May 19)
[FLSA-2005:152912] Updated imap packages fix security issues Marc Deslauriers (May 14)
[FLSA-2005:152871] Updated nfs-utils package fixes security issue Marc Deslauriers (May 14)
Marcus Meissner
Re: [security () suse de] [XNUXER-SECURITY] Root Privilige Escalation in Sudo version 1.6.8p7 without Password, SuSE 9.3 Marcus Meissner (May 31)
Mariano Nuñez Di Croce
CYBSEC - PHPMailer Infinite Loop Denial of Service Mariano Nuñez Di Croce (May 30)
Markus Wörle
Mac OS 10.4: new-account-wizzard in Mail 2.0 sends clear-text passwords Markus Wörle (May 06)
Mark Woan
DotNetNuke (Multiple XSS) Mark Woan (May 16)
martin f krafft
davfs2 does not honour Unix permissions martin f krafft (May 25)
Martin Pitt
[USN-135-1] gdb vulnerabilities Martin Pitt (May 27)
[USN-117-1] cvs vulnerability Martin Pitt (May 05)
[USN-121-1] OpenOffice.org vulnerability Martin Pitt (May 06)
[USN-128-1] nasm vulnerability Martin Pitt (May 18)
[USN-124-1] Mozilla and Firefox vulnerabilities Martin Pitt (May 12)
[USN-113-1] libnet-ssleay-perl vulnerability Martin Pitt (May 05)
[USN-124-2] Fixed packages for USN-124-1 Martin Pitt (May 12)
[USN-129-1] Squid vulnerability Martin Pitt (May 18)
[USN-116-1] gzip vulnerabilities Martin Pitt (May 05)
[USN-115-1] Kommander vulnerability Martin Pitt (May 05)
[USN-127-1] bzip2 vulnerabilities Martin Pitt (May 18)
[USN-136-2] Fixed packages for USN-136-1 Martin Pitt (May 27)
[USN-114-2] Fixed packages for USN-114-1 Martin Pitt (May 27)
[USN-120-1] Apache 2 vulnerability Martin Pitt (May 06)
[USN-131-1] Linux kernel vulnerabilities Martin Pitt (May 24)
[USN-114-1] kimgio vulnerability Martin Pitt (May 05)
[USN-118-1] PostgreSQL vulnerabilities Martin Pitt (May 05)
[USN-132-1] ImageMagick vulnerabilities Martin Pitt (May 24)
[USN-133-1] Apache utility vulnerability Martin Pitt (May 26)
[USN-119-1] tcpdump vulnerabilities Martin Pitt (May 06)
[USN-125-1] Gaim vulnerabilities Martin Pitt (May 12)
[USN-130-1] TIFF library vulnerability Martin Pitt (May 19)
[USN-122-1] Squid vulnerability Martin Pitt (May 06)
[USN-123-1] Xine library vulnerabilities Martin Pitt (May 06)
[USN-134-1] Firefox vulnerabilities Martin Pitt (May 26)
[USN-126-1] GNU TLS library vulnerability Martin Pitt (May 14)
[USN-136-1] binutils vulnerability Martin Pitt (May 27)
Martin Schulze
[SECURITY] [DSA 730-1] New bzip2 packages fix file unauthorised permissions modification Martin Schulze (May 27)
[SECURITY] [DSA 723-1] New XFree86 packages fix arbitrary code execution Martin Schulze (May 09)
[SECURITY] [DSA 726-1] New oops packages fix format string vulnerability Martin Schulze (May 20)
[SECURITY] [DSA 728-2] New qpopper packages fix arbitrary file overwriting Martin Schulze (May 26)
[SECURITY] [DSA 727-1] New libconvert-uulib-perl packages fix arbitrary code execution Martin Schulze (May 20)
[SECURITY] [DSA 728-1] New qpopper packages fix arbitrary file overwriting Martin Schulze (May 25)
[SECURITY] [DSA 725-1] New ppxp packages fix local root exploit Martin Schulze (May 19)
[SECURITY] [DSA 722-1] New smail packages fix arbitrary code execution Martin Schulze (May 09)
[SECURITY] [DSA 721-1] New squid packages fix ACL bypass Martin Schulze (May 06)
[SECURITY] [DSA 724-1] New phpsysinfo packages fix cross site scripting Martin Schulze (May 18)
[SECURITY] [DSA 729-1] New PHP4 packages fix denial of service Martin Schulze (May 26)
[SECURITY] [DSA 720-1] New smartlist packages fix unauthorised un/subscription Martin Schulze (May 05)
Martin Tornwall
Acrowave AAP-3100AR authetication bypass Martin Tornwall (May 12)
Matthias Andree
leafnode security announcement leafnode-SA-2005-01 Matthias Andree (May 05)
Matthias Geerdsen
[ GLSA 200505-04 ] GnuTLS: Denial of Service vulnerability Matthias Geerdsen (May 09)
Matt Johnston
Insecure pty permissions in OS X < 10.4 Matt Johnston (May 02)
Max Kanat-Alexander
Security Advisory for Bugzilla 2.18, 2.19.2, and 2.16.8 Max Kanat-Alexander (May 12)
Megasky
OpenBB SQL Injection & Cross-site Scripting Vulnerability Megasky (May 13)
WowBB view_user.php SQL Injection Vulnerability Megasky (May 10)
PHPHeaven PHPMyChat Cross-site Scripting Vulnerablitiy Megasky (May 13)
Michael Cordover
Re: PHP Injection in PHP Poll Creator Michael Cordover (May 26)
Michal Szymanski
ITU 2005 Call For Papers Michal Szymanski (May 13)
Michal Zalewski
Re: ASP.NET __VIEWSTATE crypto validation prone to replay attacks Michal Zalewski (May 06)
Re: ASP.NET __VIEWSTATE crypto validation prone to replay attacks Michal Zalewski (May 05)
ASP.NET __VIEWSTATE crypto validation prone to replay attacks Michal Zalewski (May 03)
mohamed amhemed
Golden FTP Server Pro Remote Buffer Overflow Exploit mohamed amhemed (May 02)
Morinex Eneco
Skull-Splitter's Guestbook Multiple XXS/HTML injection Morinex Eneco (May 14)
Directtopics Multiple Vulnerabilities (Security Advisory) Morinex Eneco (May 12)
Ultimate PHP Board (UPB) Security Advisory Morinex Eneco (May 13)
Morning Wood
Re: MegaBook V2.0 - Cross Site Scripting Exploit Morning Wood (May 06)
M. Perri
worm "postcard" e-mail issue M. Perri (May 20)
Nathan House
Gossamer Threads Links SQL login XSS Vulnerability Nathan House (May 05)
newbug Tseng
cdrdao exploit for mandrake 10.2 ( Mandriva 2005) newbug Tseng (May 16)
NGSSoftware Insight Security Research
High Risk Vulnerability in L-Soft's LISTSERV Server NGSSoftware Insight Security Research (May 25)
Nick Bright
Re: Apache hacks (./atac, d0s.txt) Nick Bright (May 02)
Nick FitzGerald
Spam exploiting MS05-016 Nick FitzGerald (May 31)
nolimit bugtraq
Netvault Remote Heap Overflow (another one) nolimit bugtraq (May 13)
Oliver Goebel
CAIF 1.2 released Oliver Goebel (May 10)
Oliver J. Morais
Re: Windows image size crash Oliver J. Morais (May 13)
Oliver Karow
Blue Coat Reporter multiple remote vulnerabilities Oliver Karow (May 24)
orebla Orebla
Firefox Crash?? orebla Orebla (May 10)
organiser () syscan org
SyScAN'05 organiser () syscan org (May 31)
Ow Mun Heng
Re: [XNUXER-SECURITY] Root Privilige Escalation in Sudo version 1.6.8p7 without Password, SuSE 9.3 Ow Mun Heng (May 31)
Paul
Firefox 1.0.4 released. Several vulnerabilities fixed Paul (May 12)
Firefox Remote Compromise Technical Details Paul (May 09)
Re: firefox 1.0.3 spoof+auto dl Paul (May 09)
Firefox Remote Compromise Leaked Paul (May 09)
Paul Laudanski
phpbb 2.0.15 released - patches high critical vuln Paul Laudanski (May 09)
Re: phpbb 2.0.15 released - patches high critical vuln Paul Laudanski (May 13)
Paul Starzetz
Linux kernel ELF core dump privilege elevation Paul Starzetz (May 11)
Re: Linux kernel ELF core dump privilege elevation Paul Starzetz (May 11)
Pedro Venda
Re: Linux kernel ELF core dump privilege elevation Pedro Venda (May 13)
Peter Keel
Re: TCP/IP implementations do not adequately validate ICMP error messages Peter Keel (May 11)
Petey Beege
Invision Power Board 1.* and 2.* Exploit (BID 13529) Petey Beege (May 26)
Pieter de Boer
Local root vuln in VPN daemon on MacOS X Pieter de Boer (May 05)
Piotr Bania
OllyDbg "INT3 AT" Format String Vulnerability Piotr Bania (May 13)
Alwil Software Avast Antivirus Device Driver Memory Overwrite Vulnerability Piotr Bania (May 26)
Compuware Softice (DbgMsg driver) Local Denial Of Service Piotr Bania (May 30)
please_reply_to_security
OpenServer 5.0.6 OpenServer 5.0.7 : telnet client multiple issues please_reply_to_security (May 17)
OpenServer 5.0.6 OpenServer 5.0.7 : nwprint privilege escalation please_reply_to_security (May 25)
OpenServer 5.0.6 OpenServer 5.0.7 : chroot A known exploit can break a chroot prison. please_reply_to_security (May 11)
UnixWare 7.1.4 : Updated mozilla fixes many security issues please_reply_to_security (May 18)
OpenServer 5.0.7 UnixWare 7.1.4 UnixWare 7.1.3 : Hyper-Threading information leakage please_reply_to_security (May 13)
plugger
exim 4.40 exploit plugger (May 25)
pokley
[Scan Associates Advisory] Neteyes Nexusway multiple vulnerability pokley (May 11)
Postnuke 0.750 - 0.760rc4 local file inclusion pokley (May 16)
preasoner
Re: PowerLink WAN Aggregator - Vunerability preasoner (May 26)
rash ilusion
PHP Injection in PHP Poll Creator rash ilusion (May 25)
Ricky Latt
JavaMail Information Disclosure (msgno) Ricky Latt (May 19)
Javamail Multiple Information Disclosure Vulnerabilities Ricky Latt (May 24)
Robert Zilbauer
Re: Apache hacks (./atac, d0s.txt) Robert Zilbauer (May 02)
Ron
Gaim 1.2.1 -- PoC Stack Overflow Ron (May 14)
Roy Hills
Nortel VPN Router Malformed Packet DoS Vulnerability Roy Hills (May 31)
RSnake
Windows image size crash RSnake (May 13)
Ryan S
Regions bank phishing scam Ryan S (May 02)
Sagiko
Re: Apache hacks (./atac, d0s.txt) Sagiko (May 02)
Scovetta, Michael V
RE: Security issue in Microsoft Outlook Scovetta, Michael V (May 20)
SecuBox fRoGGz
PwsPHP v1.2.2 Final - Multiples vulnerabilities SecuBox fRoGGz (May 09)
Willings WebCam - Password Disclosure Issue SecuBox fRoGGz (May 13)
security curmudgeon
Re: Citrix security contact security curmudgeon (May 31)
Re: Multiple Sql injection and XSS vulnerabilities in phpBB Plus v.1.52 and below and some of its modules. security curmudgeon (May 26)
Shaun Colley
Ethereal <= 0.10.10 SIP dissector stack overflow DoS exploit Shaun Colley (May 11)
picasm error handling stack overflow vulnerability Shaun Colley (May 20)
ShineShadow
Multiple vulnerabilities in Merak Mail Server 8.0.3 with Icewarp Web Mail 5.4.2 ShineShadow (May 05)
Skip Carter
Re: Apache hacks (./atac, d0s.txt) Skip Carter (May 02)
SoulBlack Group
Cookie Cart Default Installation Multiple Vulnerabilities SoulBlack Group (May 23)
Guesbook Pro XSS & HTML Injection SoulBlack Group (May 11)
PHP Stat Administrative User Authentication Bypass SoulBlack Group (May 27)
PowerDownload Remote File Inclusion SoulBlack Group (May 31)
Easy Message Board Directory Traversal and Remote Command SoulBlack Group (May 09)
sp3x
PostNuke Critical SQL Injection and XSS 0.750=>x sp3x (May 27)
Spy Hat
Advanced Guestbook 2.3.1 Spy Hat (May 09)
MegaBook V2.0 - Cross Site Scripting Exploit Spy Hat (May 05)
Re: MegaBook V2.0 - Cross Site Scripting Exploit Spy Hat (May 09)
SSC Advisory Notice
Secure Science Corporation Advisory CSA-056 SSC Advisory Notice (May 06)
Steve Kemp
Re: Apache hacks (./atac, d0s.txt) Steve Kemp (May 02)
Steven M. Christey
Re: [SePro Bugtraq] WBB Portal - JGS-Portal <= 3.0.2 - Multiple Vulnerabilities (09.05.05) Steven M. Christey (May 18)
Re: Authentication bypass, sql injections and xss in ArticleLive 2005 Steven M. Christey (May 11)
Sune Kloppenborg Jeppesen
[ GLSA 200505-06 ] TCPDump: Decoding routines Denial of Service vulnerability Sune Kloppenborg Jeppesen (May 10)
ERRATA: [ GLSA 200505-13 ] FreeRADIUS: SQL injection and Denial of Service vulnerability Sune Kloppenborg Jeppesen (May 20)
[ GLSA 200505-08 ] HT Editor: Multiple buffer overflows Sune Kloppenborg Jeppesen (May 10)
[ GLSA 200505-18 ] Net-SNMP: fixproc insecure temporary file creation Sune Kloppenborg Jeppesen (May 24)
[ GLSA 200505-10 ] phpBB: Cross-Site Scripting Vulnerability Sune Kloppenborg Jeppesen (May 14)
[ GLSA 200505-07 ] libTIFF: Buffer overflow Sune Kloppenborg Jeppesen (May 10)
[ GLSA 200505-13 ] FreeRADIUS: Buffer overflow and SQL injection vulnerability Sune Kloppenborg Jeppesen (May 17)
[ GLSA 200505-03 ] Ethereal: Numerous vulnerabilities Sune Kloppenborg Jeppesen (May 06)
[ GLSA 200505-12 ] PostgreSQL: Multiple vulnerabilities Sune Kloppenborg Jeppesen (May 16)
UPDATE: [ GLSA 200504-23 ] Kommander: Insecure remote script execution Sune Kloppenborg Jeppesen (May 20)
[ GLSA 200505-15 ] gdb: Multiple vulnerabilities Sune Kloppenborg Jeppesen (May 20)
[ GLSA 200504-30 ] phpMyAdmin: Insecure SQL script installation Sune Kloppenborg Jeppesen (May 02)
[ GLSA 200505-11 ] Mozilla Suite, Mozilla Firefox: Remote compromise Sune Kloppenborg Jeppesen (May 16)
[ GLSA 200505-09 ] Gaim: Denial of Service and buffer overflow vulnerabilties Sune Kloppenborg Jeppesen (May 12)
[ GLSA 200505-14 ] Cheetah: Untrusted module search path Sune Kloppenborg Jeppesen (May 19)
[ GLSA 200505-17 ] Qpopper: Multiple Vulnerabilities Sune Kloppenborg Jeppesen (May 24)
[ GLSA 200505-05 ] gzip: Multiple vulnerabilities Sune Kloppenborg Jeppesen (May 10)
Suramya Tomar
Security contact for Trillian Suramya Tomar (May 20)
suresec advisories
remote root security bug in ethereal 0.9.13 >= and <= 0.10.10 suresec advisories (May 10)
Team SHATTER
[AppSecInc Advisory BEA05-V0100] BEA WebLogic Administration Console error page cross-site scripting vulnerability Team SHATTER (May 27)
[AppSecInc Advisory BEA05-V0101] BEA WebLogic Administration Console login page cross-site scripting vulnerability Team SHATTER (May 27)
Thierry Carrez
[ GLSA 200505-20 ] Mailutils: Multiple vulnerabilities in imap4d and mail Thierry Carrez (May 27)
[ GLSA 200505-19 ] gxine: Format string vulnerability Thierry Carrez (May 26)
[ GLSA 200505-16 ] ImageMagick, GraphicsMagick: Denial of Service vulnerability Thierry Carrez (May 24)
Thomas Waldegger
[BuHa Security] Wordpress SQL-Injection Thomas Waldegger (May 20)
Thor Arne Johansen
Re: Commonly used disk imaging and wiping tools can be tricked to miss parts of a disk Thor Arne Johansen (May 12)
Tim Farley
RE: ASP.NET __VIEWSTATE crypto validation prone to replay attacks Tim Farley (May 05)
Tim Tompkins
cross-domain cookie theft: who's to blame? Tim Tompkins (May 13)
Tirath Rai
Esqo advisory: GeoVision Digital Video Surveillance System - Multiple authentication issues Tirath Rai (May 10)
tjomi4
PHP Advanced Transfer Manager v1.21 tjomi4 (May 06)
Todd C. Miller
Re: [security () suse de] [XNUXER-SECURITY] Root Privilige Escalation in Sudo version 1.6.8p7 without Password, SuSE 9.3 Todd C. Miller (May 31)
Torseq Tech .
Yahoo! Messenger URL Handler Remote DoS Vulnerability Torseq Tech . (May 13)
Yahoo! Messenger may be storing all session data 'Unencoded' on the local machine Torseq Tech . (May 18)
Yahoo! Chat Add Buddy Without Consent Privacy Issue Torseq Tech . (May 13)
Re: Yahoo! Messenger may be storing all session data 'Unencoded' on the local machine Torseq Tech . (May 18)
Trustix Security Advisor
TSL-2005-0025 - binutils Trustix Security Advisor (May 31)
TSL-2005-0026 - multi Trustix Security Advisor (May 31)
TSLSA-2005-0021 - squid Trustix Security Advisor (May 10)
Vade 79
Re: Mac OS X - Adobe Version Cue local root exploit [c version exploit] Vade 79 (May 18)
Williams, James K
RE: CAID 32896 - Computer Associates Vet Antivirus engine heap overflow vulnerability Williams, James K (May 27)
CAID 32896 - Computer Associates Vet Antivirus engine heap overflow vulnerability Williams, James K (May 24)
Will Schroeder
Re: ACROS Security: HTML Injection in BEA WebLogic Server Console (2) Will Schroeder (May 26)
xerces8
Viruses can evade Sophos Anti-Virus xerces8 (May 09)
Xnuxer Security
[XNUXER-SECURITY] Root Privilige Escalation in Sudo version 1.6.8p7 without Password, SuSE 9.3 Xnuxer Security (May 31)
yan feng
pst.advisory: gedit fun. opensource is god .lol windows yan feng (May 20)
pst.advisory 2005-21: gxine remote exploitable . opensource is god .lol windows yan feng (May 21)
ZATAZ.net
shtool insecure temporary file creation ZATAZ.net (May 25)
Zinho
[HSC Security Group] MaxWebPortal - Multiple SQL injection/XSS Zinho (May 11)
[HSC Security Group] ASP Inline Corporate Calendar SQL injection Zinho (May 05)
Zone Labs Product Security
Zone Labs ZoneAlarm Vet anti-virus engine OLE processing vulnerability Zone Labs Product Security (May 25)