Bugtraq: by thread
RSS Feed
About List
All Lists
Previous period
393 messages
starting Oct 01 05 and
ending Oct 31 05
Date index |
Thread index |
Author index
- [SECURITY] [DSA 836-1] New cfengine2 packages fix arbitrary file overwriting Martin Schulze (Oct 01)
- MyBloggie 2.1.3beta null char + SQL Injection -> Login Bypass retrogod (Oct 01)
- [SECURITY] [DSA 835-1] New cfengine packages fix arbitrary file overwriting Martin Schulze (Oct 01)
- [Information Disclosure] NetForce v4.02 Sends NIS Password Maps with passwords hashes over sendmail bambenek (Oct 01)
- [SECURITY] [DSA 833-1] New mysql-dfsg-4.1 packages fix arbitrary code execution Martin Schulze (Oct 01)
- [SECURITY] [DSA 834-1] New prozilla packages fix arbitrary code execution Martin Schulze (Oct 01)
- Security Advisory for Bugzilla 2.18.3, 2.20rc2, and 2.21 mkanat (Oct 01)
- RE: Careless Law Enforcement Computer Forensics Lacking InfoSec Expertise Causes Suicides Lachniet, Mark (Oct 03)
- RE: Careless Law Enforcement Computer Forensics Lacking InfoSec Expertise Causes Suicides L. Adrian Griffis (Oct 03)
- <Possible follow-ups>
- Careless Law Enforcement Computer Forensics Lacking InfoSec Expertise Causes Suicides Jason Coombs (Oct 03)
- RE: Careless Law Enforcement Computer Forensics Lacking InfoSec Expertise Causes Suicides dave kleiman (Oct 04)
- Re: Careless Law Enforcement Computer Forensics Lacking InfoSec Expertise Causes Suicides Stefano Zanero (Oct 04)
- RE: Careless Law Enforcement Computer Forensics Lacking InfoSec Expertise Causes Suicides Neil Dickey (Oct 04)
- [SECURITY] [DSA 837-1] New Mozilla Firefox packages fix denial of service Martin Schulze (Oct 03)
- [SECURITY] [DSA 838-1] New mozilla-firefox packages fox multiple vulnerabilities Michael Stone (Oct 03)
- Re: Online Dating Software by AEwebworks - aeDating Script <= 4.0 Version Vulnerability security (Oct 03)
- Trillian remote crashable philipp (Oct 03)
- Kaspersky Antivirus Remote Heap Overflow list (Oct 03)
- MDKSA-2005:171 - Updated kernel packages fix multiple vulnerabilities Mandriva Security Team (Oct 03)
- [SECURITY] [DSA 840-1] New drupal packages fix remote command execution Martin Schulze (Oct 04)
- [SECURITY] [DSA 842-1] New egroupware packages fix arbitrary code execution Martin Schulze (Oct 04)
- Call for Papers - DIMVA 2006 Thomas Biege (Oct 04)
- [SECURITY] [DSA 839-1] New apachetop packages fix insecure temporary file Martin Schulze (Oct 04)
- Advisory: WZCS vulnerabilities donctl (Oct 04)
- RE: Advisory: WZCS vulnerabilities Brian J. Bartlett (Oct 05)
- [ GLSA 200510-01 ] gtkdiskfree: Insecure temporary file creation Thierry Carrez (Oct 04)
- [USN-155-3] Fixed mozilla locale packages Martin Pitt (Oct 04)
- [USN-193-1] dia vulnerability Martin Pitt (Oct 04)
- [ GLSA 200510-02 ] Berkeley MPEG Tools: Multiple insecure temporary files Thierry Carrez (Oct 04)
- [security bulletin] SSRT051041 rev.0 - HP-UX Mozilla Remote Unauthorized Execution of Privileged Code or Denial of Service (DoS) security-alert (Oct 04)
- [SECURITY] [DSA 833-2] New mysql-dfsg-4.1 package fixes arbitrary code execution Martin Schulze (Oct 04)
- [ GLSA 200510-03 ] Uim: Privilege escalation vulnerability Sune Kloppenborg Jeppesen (Oct 04)
- A common researcher diagnosis error: misreading error messages Steven M. Christey (Oct 04)
- [security bulletin] SSRT051040 rev.0 - HP-UX Mozilla Remote Unauthorized Execution of Privileged Code security-alert (Oct 04)
- [security bulletin] SSRT5940 rev.2 - HP-UX Mozilla remote, unauthorized user may execute privileged code security-alert (Oct 04)
- [security bulletin] SSRT051030 rev.1 - HP OpenView Event Correlation Services (OV ECS) Remote Unauthorized Privileged Access security-alert (Oct 04)
- [security bulletin] SSRT051023 rev.5 - HP OpenView Network Node Manager (OV NNM) Remote Unauthorized Privileged Access security-alert (Oct 04)
- [ GLSA 200510-04 ] Texinfo: Insecure temporary file creation Thierry Carrez (Oct 05)
- iDEFENSE Security Advisory 10.04.05: UW-IMAP Netmailbox Name Parsing Buffer Overflow Vulnerability iDEFENSE Labs (Oct 05)
- iDEFENSE Security Advisory 10.04.05: Symantec AntiVirus Scan Engine Web Service Buffer Overflow Vulnerability iDEFENSE Labs (Oct 05)
- <Possible follow-ups>
- RE: iDEFENSE Security Advisory 10.04.05: Symantec AntiVirus Scan Engine Web Service Buffer Overflow Vulnerability iDEFENSE Labs (Oct 05)
- [SECURITY] [DSA 843-1] New arc packages fix insecure temporary files Martin Schulze (Oct 05)
- Patches available for critical flaws in HP Openview NGSSoftware Insight Security Research (Oct 05)
- Announcement : Core Banking Application Security List Lila Buchalski (Oct 06)
- [SECURITY] [DSA 844-1] New mod-auth-shadow packages fix authentication bypass Martin Schulze (Oct 05)
- Some new whitepapers ... David Litchfield (Oct 05)
- RE: Some new whitepapers ... Lila Buchalski (Oct 06)
- Re: Some new whitepapers ... Jerome Athias (Oct 06)
- Secunia Research: ALZip Multiple Archive Handling Buffer Overflow Secunia Research (Oct 05)
- PAKCON II: Call for Paper (CfP), Final Call! Ayaz Ahmed Khan (Oct 05)
- Planet Technology Corp FGSW2402RS switch default password / "backdoor" lms (Oct 06)
- [security bulletin] SSRT4743, SSRT4884 rev.1 - HP Tru64 UNIX TCP/IP remote Denial of Service (DoS) security-alert (Oct 06)
- Secunia Research: PHP-Fusion Two SQL Injection Vulnerabilities Secunia Research (Oct 06)
- Secunia Research: Webroot Desktop Firewall Two Vulnerabilities Secunia Research (Oct 06)
- WASC Threat Classification in 4 languages contact (Oct 06)
- [security bulletin] SSRT051004 rev.1 - HP-UX Java Runtime Environment (JRE) Untrusted Applet Elevates Privilege security-alert (Oct 06)
- aspReady FAQ - open for SQL-injections preben (Oct 06)
- Opinion: Complete failure of Oracle security response and utter neglect of their responsibility to their customers David Litchfield (Oct 06)
- Re: Opinion: Complete failure of Oracle security response and utter neglect of their responsibility to their customers Rainer Duffner (Oct 06)
- Re: Opinion: Complete failure of Oracle security response and utter neglect of their responsibility to their customers David Litchfield (Oct 06)
- Re: Opinion: Complete failure of Oracle security response and utter neglect of their responsibility to their customers Rainer Duffner (Oct 06)
- Re: Opinion: Complete failure of Oracle security response and utter neglect of t Silent / Saracoth (Oct 11)
- Re: Opinion: Complete failure of Oracle security response and utter neglect of their responsibility to their customers Radoslav Dejanović (Oct 07)
- Re: Opinion: Complete failure of Oracle security response and utter neglect of their responsibility to their customers David Litchfield (Oct 06)
- Re: Opinion: Complete failure of Oracle security response and utter neglect of their responsibility to their customers Cesar (Oct 06)
- Re: Opinion: Complete failure of Oracle security response and utter neglect of their responsibility to their customers Gadi Evron (Oct 07)
- Re: Opinion: Complete failure of Oracle security response and utter neglect of their responsibility to their customers David Litchfield (Oct 07)
- Re: Opinion: Complete failure of Oracle security response and utter neglect of their responsibility to their customers Gadi Evron (Oct 07)
- Re: Opinion: Complete failure of Oracle security response and utter neglect of their responsibility to their customers David Litchfield (Oct 07)
- Re: Opinion: Complete failure of Oracle security response and utter neglect of their responsibility to their customers Kurt Seifried (Oct 08)
- Re: Opinion: Complete failure of Oracle security response and utter neglect of their responsibility to their customers Tony Jambu (Oct 08)
- Re: Opinion: Complete failure of Oracle security response and utter neglect of their responsibility to their customers David Litchfield (Oct 07)
- Re: Opinion: Complete failure of Oracle security response and utter neglect of their responsibility to their customers Ivan . (Oct 07)
- <Possible follow-ups>
- Re: Re: Opinion: Complete failure of Oracle security response and utter neglect of their responsibility to their customers ak (Oct 07)
- Re: Opinion: Complete failure of Oracle security response and utter neglect of their responsibility to their customers Rainer Duffner (Oct 06)
- [ GLSA 200510-06 ] Dia: Arbitrary code execution through SVG import Sune Kloppenborg Jeppesen (Oct 06)
- High Risk Vulnerability in Sun Directory Server NGSSoftware Insight Security Research (Oct 06)
- [SECURITY] [DSA 845-1] New mason packages fix missing init script Martin Schulze (Oct 06)
- [ GLSA 200510-05 ] Ruby: Security bypass vulnerability Sune Kloppenborg Jeppesen (Oct 06)
- [USN-194-1] texinfo vulnerability Martin Pitt (Oct 06)
- xloadimage buffer overflow. Ariel Berkman (Oct 06)
- [SECURITY] [DSA 846-1] New cpio packages fix several vulnerabilities Martin Schulze (Oct 07)
- [security bulletin] SSRT051043 rev.0 - Apache Remote Unauthorized access security-alert (Oct 07)
- [security bulletin] SSRT051003 rev.1 - HP-UX Java Web Start remote unauthorized privileged access security-alert (Oct 07)
- Cross-Site-Scripting Vulnerabilities in Oracle HTMLDB ak (Oct 07)
- Plaintext Password Vulnerabilitiy during Installation of Oracle HTMLDB ak (Oct 07)
- Cross-Site-Scripting Vulnerability in Oracle iSQL*Plus ak (Oct 07)
- Cross-Site-Scripting Vulnerability in Oracle XMLDB ak (Oct 07)
- Shutdown TNS Listener via Oracle iSQL*Plus ak (Oct 07)
- Shutdown TNS Listener via Oracle Forms Servlet ak (Oct 07)
- MDKSA-2005:172 - Updated openssh packages fix GSSAPI credentials vulnerability Mandriva Security Team (Oct 07)
- MDKSA-2005:173 - Updated mozilla-firefox packages fix vulnerabilities Mandriva Security Team (Oct 07)
- MDKSA-2005:174 - Updated mozilla-thunderbird packages fix multiple vulnerabilities Mandriva Security Team (Oct 07)
- MDKSA-2005:175 - Updated texinfo packages fix temporary file vulnerability Mandriva Security Team (Oct 07)
- Aenovo Multiple Vulnerabilities advisory (Oct 07)
- [ GLSA 200510-07 ] RealPlayer, Helix Player: Format string vulnerability Thierry Carrez (Oct 07)
- Re: [Dailydave] Security contact for ... security curmudgeon (Oct 07)
- MailEnable W3C Logging Remote Buffer Overflow Proof of Concept advisory (Oct 07)
- Utopia News Pro 1.1.3 SQL Injection / cross site scripting retrogod (Oct 07)
- Re: Security contact for ... Williams, James K (Oct 07)
- [ GLSA 200510-09 ] Weex: Format string vulnerability Sune Kloppenborg Jeppesen (Oct 08)
- [ GLSA 200510-08 ] xine-lib: Format string vulnerability Sune Kloppenborg Jeppesen (Oct 08)
- [SECURITY] [DSA 849-1] New shorewall packages fix firewall bypass Martin Schulze (Oct 08)
- [SECURITY] [DSA 848-1] New masqmail packages fix several vulnerabilities Martin Schulze (Oct 08)
- [SECURITY] [DSA 847-1] New dia packages fix arbitrary code execution Martin Schulze (Oct 08)
- Cyphor 0.19 SQL Injection / Board takeover / cross site scripting retrogod (Oct 08)
- MDKSA-2005:177 - Updated hylafax packages fix temporary file vulnerability Mandriva Security Team (Oct 08)
- MDKSA-2005:176 - Updated webmin package fixes authentication bypass vulnerability Mandriva Security Team (Oct 08)
- gnome-pty-helper writes arbitrary utmp records Paul Szabo (Oct 08)
- Antivirus detection bypass by special crafted archive. unsecure (Oct 08)
- <Possible follow-ups>
- Re: Antivirus detection bypass by special crafted archive. Williams, James K (Oct 14)
- [USN-196-1] Xine library vulnerability Martin Pitt (Oct 10)
- [USN-198-1] cfengine vulnerabilities Martin Pitt (Oct 10)
- [USN-197-1] Shorewall vulnerability Martin Pitt (Oct 10)
- [USN-199-1] Linux kernel vulnerabilities Martin Pitt (Oct 10)
- [USN-195-1] Ruby vulnerability Martin Pitt (Oct 10)
- CodeCon 2006 Call For Papers Len Sassaman (Oct 11)
- [EEYEB20050803] - Windows UMPNPMGR wsprintfW Stack Buffer Overflow Vulnerability Advisories (Oct 11)
- [EEYEB20050915] - MDT2DD.DLL COM Object Uninitialized Heap Memory Vulnerability Advisories (Oct 11)
- [EEYEB20050708] Microsoft Distributed Transaction Coordinator Memory Modification Vulnerability Advisories (Oct 11)
- [EEYEB20050510] - Microsoft DirectShow Remote Code Vulnerability Advisories (Oct 11)
- iDEFENSE Security Advisory 10.11.05: Microsoft Distributed Transaction Controller TIP DoS Vulnerability iDEFENSE Labs (Oct 11)
- iDEFENSE Security Advisory 10.11.05: Microsoft Distributed Transaction Controller Packet Relay DoS Vulnerability iDEFENSE Labs (Oct 11)
- The Malloc Maleficarum Phantasmal Phantasmagoria (Oct 11)
- Secunia Research: WinRAR Format String and Buffer Overflow Vulnerabilities Secunia Research (Oct 11)
- [KDE Security Advisory] KOffice/KWord RTF import buffer overflow Dirk Mueller (Oct 11)
- XSS vulnerability in Zeroblog alireza hassani (Oct 11)
- FreeBSD Security Advisory FreeBSD-SA-05:21.openssl FreeBSD Security Advisories (Oct 11)
- [SECURITY] [DSA 862-1] New Ruby 1.6 packages fix safety bypass Martin Schulze (Oct 11)
- [SECURITY] [DSA 861-1] New uw-imap packages fix arbitrary code execution Martin Schulze (Oct 11)
- [SECURITY] [DSA 860-1] New Ruby packages fix safety bypass Martin Schulze (Oct 11)
- versatileBulletinBoard V1.0.0 RC2 (possibly prior versions) multiple SQL injection vulnerabilities / login bypass / board takeover rgod (Oct 11)
- iDEFENSE Security Advisory 10.10.05: Kaspersky Anti-Virus Engine CHM File Parser Buffer Overflow Vulnerability iDEFENSE Labs (Oct 11)
- iDEFENSE Security Advisory 10.10.05: SGI IRIX runpriv Design Error Vulnerability iDEFENSE Labs (Oct 11)
- [SECURITY] [DSA 859-1] New xli packages fix arbitrary code execution Martin Schulze (Oct 11)
- [SECURITY] [DSA 858-1] New xloadimage packages fix arbitrary code execution Martin Schulze (Oct 11)
- [SECURITYREASON.COM] phpMyAdmin Local file inclusion 2.6.4-pl1 max (Oct 11)
- Re: [SECURITYREASON.COM] phpMyAdmin Local file inclusion 2.6.4-pl1 Andreas Zeidler (Oct 12)
- PullThePlug Contest: Call For Papers announcements (Oct 11)
- [SECURITY] [DSA 857-1] New graphviz packages fix insecure temporary file Martin Schulze (Oct 11)
- [SECURITY] [DSA 856-1] New py2play packages fix arbitrary code execution Martin Schulze (Oct 11)
- [SECURITY] [DSA 855-1] New weex packages fix arbitrary code execution Martin Schulze (Oct 11)
- Announcement: The Web Application Firewall Evaluation Criteria v1 contact (Oct 11)
- [SECURITY] [DSA 854-1] New tcpdump packages fix denial of service Martin Schulze (Oct 11)
- [SECURITY] [DSA 853-1] New ethereal packages fix several vulnerabilities Martin Schulze (Oct 11)
- [SECURITY] [DSA 852-1] New up-imapproxy packages fix arbitrary code execution Martin Schulze (Oct 11)
- [SECURITY] [DSA 851-1] New openvpn packages fix denial of service Martin Schulze (Oct 11)
- [SECURITY] [DSA 850-1] New tcpdump packages fix denial of service Martin Schulze (Oct 11)
- [USN-200-1] Thunderbird vulnerabilities Martin Pitt (Oct 11)
- [ GLSA 200510-10 ] uw-imap: Remote buffer overflow Thierry Carrez (Oct 12)
- using php local file include vulnerabilities for command execution Andreas Zeidler (Oct 12)
- Re: using php local file include vulnerabilities for command execution Andreas Zeidler (Oct 12)
- MDKSA-2005:180 - Updated xine-lib packages fixes cddb vulnerability Mandriva Security Team (Oct 12)
- MDKSA-2005:178 - Updated squirrelmail packages fixes XSS vulberability Mandriva Security Team (Oct 12)
- MDKSA-2005:179 - Updated openssl packages fix vulnerabilities Mandriva Security Team (Oct 12)
- [USN-202-1] KOffice vulnerability Martin Pitt (Oct 12)
- [SECURITY] [DSA 863-1] New xine-lib packages fix arbitrary code execution Martin Schulze (Oct 12)
- [ GLSA 200510-11 ] OpenSSL: SSL 2.0 protocol rollback Thierry Carrez (Oct 12)
- [SEC-1 Advisory] GFI MailSecurity 8.1 Web Module Buffer Overflow Gary Oleary-Steele (Oct 12)
- [USN-201-1] SqWebmail vulnerabilities Martin Pitt (Oct 12)
- MDKSA-2005:181 - Updated squid packages fix vulnerabilities Mandriva Security Team (Oct 12)
- Linux Orinoco drivers information leakage Meder Kydyraliev (Oct 12)
- Research for network security news article lgreenem (Oct 12)
- [SEC-1 Advisory] Collaboration Data Objects Buffer Overflow Vulnerability Gary Oleary-Steele (Oct 12)
- VERITAS NetBackup: Java User-Interface, format string vulnerability secure (Oct 12)
- Re: VoIP-Phones: Weakness in proccessing SIP-Notify-Messages Tobias Glemser (Oct 12)
- ZDI-05-001: VERITAS NetBackup Remote Code Execution zdi-disclosures (Oct 12)
- Secunia Research: Novell NetMail NMAP Agent "USER" Buffer Overflow Vulnerability Secunia Research (Oct 12)
- [SECURITY] [DSA 865-1] New hylafax packages fix insecure temporary files Martin Schulze (Oct 13)
- [SECURITY] [DSA 864-1] New Ruby 1.8 packages fix safety bypass Martin Schulze (Oct 13)
- Kerio Personal Firewall and Kerio Server Firewall FWDRV driver Local Denial of Service Piotr Bania (Oct 13)
- Yapig: XSS / Code Injection Vulnerability enji (Oct 13)
- [USN-203-1] Abiword vulnerabilities Martin Pitt (Oct 13)
- Secunia Research: AhnLab V3 Antivirus ALZ/UUE/XXE Archive Handling Buffer Overflow Secunia Research (Oct 13)
- [security bulletin] SSRT051041 rev.1 - HP-UX Mozilla Remote Unauthorized Execution of Privileged Code or Denial of Service (DoS) security-alert (Oct 13)
- [security bulletin] SSRT5975 HP-UX Running on Itanium Platforms Local Denial of Service (DoS) Security Alert (Oct 13)
- iDEFENSE Security Advisory 10.13.05: Multiple Vendor XMail 'sendmail' Recipient Buffer Overflow Vulnerability iDEFENSE Labs (Oct 13)
- iDEFENSE Security Advisory 10.13.05: Multiple Vendor wget/curl NTLM Username Buffer Overflow Vulnerability iDEFENSE Labs (Oct 13)
- [USN-205-1] Curl and wget vulnerabilities Martin Pitt (Oct 14)
- RTasarim WebAdmin modul SQL injection khc (Oct 14)
- Google Talk cleartext proxy credentials vulnerability m123303 (Oct 14)
- Re: Google Talk cleartext proxy credentials vulnerability 3APA3A (Oct 15)
- MDKSA-2005:182 - Updated curl packages fix NTLM authentication vulnerability Mandriva Security Team (Oct 14)
- Airscanner Mobile Security Advisory #05101001: iTunes Shared Music Denial of Service/Spoofing/Flooding/Abuse Seth Fogie (Oct 14)
- MDKSA-2005:183 - Updated wget packages fix NTLM authentication vulnerability Mandriva Security Team (Oct 14)
- Gallery 2.x Remote File Access Vulnerability Bharat Mediratta (Oct 14)
- CAID 33485 - Computer Associates iGateway debug mode HTTP GET request buffer overflow vulnerability Williams, James K (Oct 14)
- <Possible follow-ups>
- RE: CAID 33485 - Computer Associates iGateway debug mode HTTP GET request buffer overflow vulnerability Williams, James K (Oct 20)
- Trusted Digital, Trusted Mobility Suite Authorization Bypass Vulnerability none (Oct 14)
- [ GLSA 200510-12 ] KOffice, KWord: RTF import buffer overflow Sune Kloppenborg Jeppesen (Oct 14)
- [USN-204-1] SSL library vulnerability Martin Pitt (Oct 14)
- MDKSA-2005:184 - Updated cfengine packages fix temporary file vulnerabilities Mandriva Security Team (Oct 14)
- [KAPDA::#6] Punbb SQL Injection Vulnerability advisory (Oct 15)
- <Possible follow-ups>
- Re: [KAPDA::#6] Punbb SQL Injection Vulnerability arpen (Oct 18)
- Re: [KAPDA::#6] Punbb SQL Injection Vulnerability alireza hassani (Oct 19)
- Security Contacr for Mycall Fixer (Oct 15)
- [ GLSA 200510-13 ] SPE: Insecure file permissions Thierry Carrez (Oct 15)
- MDKSA-2005:185 - Updated koffice packages fix KWord RTF import overflow vulnerability Mandriva Security Team (Oct 15)
- [ GLSA 200510-14 ] Perl, Qt-UnixODBC, CMake: RUNPATH issues Thierry Carrez (Oct 17)
- [USN-206-1] Lynx vulnerability Martin Pitt (Oct 17)
- [USN-208-1] SSH server vulnerability Martin Pitt (Oct 17)
- Re: [Full-disclosure] [USN-208-1] SSH server vulnerability Martin Pitt (Oct 18)
- [USN-207-1] PHP vulnerability Martin Pitt (Oct 17)
- [USN-208-1] graphviz vulnerability Martin Pitt (Oct 17)
- Exploiting Windows Device Drivers Whitepaper Piotr Bania (Oct 17)
- Ciscos VPN-Client-Passwords can be decrypted Thierry Zoller (Oct 17)
- Re: [Full-disclosure] Ciscos VPN-Client-Passwords can be decrypted Clayton Kossmeyer (Oct 18)
- Yahoo RSS XSS Vulnerability (Correction) alljer (Oct 17)
- SUSE Security Announcement: OpenWBEM (SUSE-SA:2005:060) Sebastian Krahmer (Oct 17)
- ie7 will have more mechanisms liudieyu (Oct 17)
- flexbackup default config insecure temporary file creation ZATAZ Audits (Oct 17)
- [OpenPKG-SA-2005.022] OpenPKG Security Advisory (openssl) OpenPKG (Oct 17)
- Lynx Remote Buffer Overflow Ulf Harnhammar (Oct 17)
- Yahoo RSS XSS Vulnerability alljer (Oct 17)
- PHP local safedir restriction bypass slythers (Oct 17)
- [ GLSA 200510-15 ] Lynx: Buffer overflow in NNTP processing Sune Kloppenborg Jeppesen (Oct 17)
- [ GLSA 200510-16 ] phpMyAdmin: Local file inclusion vulnerability Sune Kloppenborg Jeppesen (Oct 17)
- Re: Aenovo Multiple Vulnerabilities (Patch) ali202 (Oct 17)
- winrar 3.50 Exploit edward11 (Oct 17)
- [USN-210-1] netpbm vulnerability Martin Pitt (Oct 18)
- Secunia Research: MySource Cross-Site Scripting and File Inclusion Vulnerabilities Secunia Research (Oct 18)
- SECURECon 2006 Call for papers! Will Belcher (Oct 18)
- MDKSA-2005:186 - Updated lynx packages fix remote buffer overflow Mandriva Security Team (Oct 18)
- e107 remote commands execution retrogod (Oct 18)
- NetFlow Analyzer 4 XSS Vulnerability why (Oct 18)
- Windows host based firewall tester Tim (Oct 18)
- Re: Windows host based firewall tester Morten Torstensen (Oct 19)
- Linksys WRT54G/S Directory Traversal Shell (Oct 18)
- Re: Require many large corporate emails for contact regarding vulnerability. dcrab (Oct 18)
- Multiple Critical and High Vulnerabilities in Oracle Database Server NGSSoftware Insight Security Research (Oct 18)
- Revision: Multiple Critical and High Vulnerabilities in Oracle Database Server David Litchfield (Oct 19)
- Metasploit Framework v2.5 H D Moore (Oct 19)
- SUSE Security Announcement: openSSL protocol downgrade attack (SUSE-SA:2005:061) Marcus Meissner (Oct 19)
- SecurityAlert SA025 : PHPNuke Remote Directory Traversal sp3x (Oct 19)
- cacam_logsecurity_win32 exploit published on 20051018 by Metasploit Williams, James K (Oct 19)
- Cisco Security Advisory:Cisco 11500 Content Services Switch SSL Malformed Client Certificate Vulnerability Cisco Systems Product Security Incident Response Team (Oct 19)
- [security bulletin] SSRT051052 rev.0 - HP OpenView Operations and OpenView VantagePoint Java Runtime Environment (JRE) Remote Privileged Access security-alert (Oct 20)
- [SECURITY] [DSA 868-1] New Mozilla Thunderbird packages fix several vulnerabilities Martin Schulze (Oct 20)
- XSS & Path Disclosure in Chipmunk's products alireza hassani (Oct 20)
- Oracle 10g - emagent.exe Stack-Based Overflow SPI Labs (Oct 20)
- [SECURITY] [DSA 866-1] New Mozilla packages fix several vulnerabilities Martin Schulze (Oct 20)
- Oracle Workflow CSS Vulnerability wf_monitor ak (Oct 20)
- [SECURITY] [DSA 867-1] New module-assistant package fixes insecure temporary file Martin Schulze (Oct 20)
- Oracle Workflow CSS Vulnerability wf_route ak (Oct 20)
- Vulnerabilities in Oracle E-Business Suite 11i - Critical Patch Update October 2005 Integrigy Security (Oct 20)
- [ GLSA 200510-17 ] AbiWord: New RTF import buffer overflows Thierry Carrez (Oct 20)
- [ GLSA 200510-18 ] Netpbm: Buffer overflow in pnmtopng Thierry Carrez (Oct 20)
- [USN-211-1] Enigmail vulnerability Martin Pitt (Oct 20)
- iDEFENSE Security Advisory 10.20.05: Multiple Vendor Ethereal srvloc Buffer Overflow Vulnerability iDEFENSE Labs (Oct 21)
- iDEFENSE Security Advisory 10.20.05: Symantec Norton AntiVirus LiveUpdate Local Privilege Escalation iDEFENSE Labs (Oct 21)
- iDEFENSE Security Advisory 10.20.05: Symantec Norton AntiVirus DiskMountNotify Local Privilege Escalation iDEFENSE Labs (Oct 21)
- [Argeniss] Story of a dumb patch (Paper advisoryabout CSRSS and Windows Explorer vulnerabilities) Cesar (Oct 21)
- UnixWare 7.1.4 UnixWare 7.1.3 : ppp buffer overflow please_reply_to_security (Oct 21)
- OpenServer 5.0.7 : authsh and backupsh buffer overflow please_reply_to_security (Oct 21)
- F.E.A.R. 1.01 likes lithsock Luigi Auriemma (Oct 21)
- [SECURITY] [DSA 869-1] New eric packages fix arbitrary code execution Martin Schulze (Oct 21)
- Nuked klan 1.7: XSS vulnerability papipsycho (Oct 21)
- MDKSA-2005:187 - Updated dia packages fix python SVG import vulnerability. Mandriva Security Team (Oct 21)
- MDKSA-2005:188 - Updated graphviz packages fix temporary file vulnerability. Mandriva Security Team (Oct 21)
- MDKSA-2005:189 - Updated imap packages fix buffer overflow vulnerabilities. Mandriva Security Team (Oct 21)
- MDKSA-2005:190 - Updated nss_ldap/pam_ldap packages fix privilege vulnerabilities. Mandriva Security Team (Oct 21)
- MDKSA-2005:191 - Updated ruby packages fix safe level and taint flag protections vulnerability Mandriva Security Team (Oct 21)
- MDKSA-2005:192 - Updated xli packages fix buffer overflow vulnerabilities. Mandriva Security Team (Oct 21)
- [SNS Advisory No.84] Oracle Application Server HTTP Response Splitting Vulnerability snsadv (Oct 21)
- Secunia Research: ZipGenius Multiple Archive Handling Buffer Overflow Secunia Research (Oct 21)
- SEC-CONSULT-SA-20051021-0: Yahoo/MSIE XSS Bernhard Mueller (Oct 21)
- [security bulletin] SSRT051052 rev.1 - HP OpenView Operations and OpenView VantagePoint Java Runtime Environment (JRE) Remote Privileged Access security-alert (Oct 21)
- Windows UMPNPMGR wsprintfW Stack Buffer Overflow Vulnerability PoC ppwd25 (Oct 21)
- phpBB 2.0.17 (and other BB systems as well) Cookie disclosure exploit. alphakgen (Oct 24)
- <Possible follow-ups>
- phpBB 2.0.17 (and other BB systems as well) Cookie disclosure exploit. Paul Laudanski (Oct 26)
- Message not available
- Re: phpBB 2.0.17 (and other BB systems as well) Cookie disclosure exploit. Paul Laudanski (Oct 29)
- PhpNuke 7.8 with all security fixes/patches "Your_Account", "Downloads", "Web Links" SQL Injection / Remote commans execution retrogod (Oct 24)
- DBoardGear SQL Injection almaster (Oct 24)
- SUSE Security Announcement: permissions (SUSE-SA:2005:062) Ludwig Nussel (Oct 24)
- DCP - portal XSS & SQL attacks alex (Oct 24)
- Remote File Inclusion in forum PunBB rod hedor (Oct 24)
- <Possible follow-ups>
- Re: Remote File Inclusion in forum PunBB arpen (Oct 29)
- Advisory 16/2005: phpMyAdmin Local File Inclusion Vulnerability Stefan Esser (Oct 24)
- TSLSA-2005-0059 - multi Trustix Security Advisor (Oct 24)
- Insecure Temporary Files in BMC/Control-M Agent Scott Cromar (Oct 24)
- Nuked klan 1.7: Bypassed level admin on forum(corrected) papipsycho (Oct 24)
- [security bulletin] SSRT051055 rev.0 - HP Oracle for OpenView (OfO) Critical Patch Update October 2005 security-alert (Oct 24)
- Revised draft on ICMP attacks Fernando Gont (Oct 24)
- Possible Bug in PHP-Fusion 6.0.204 peanut (Oct 24)
- RE: Possible Bug in PHP-Fusion 6.0.204 Paul (Oct 25)
- aRCHILLES Newsworld < 1.5.0-rc1 Multiple Vulnerabilities chburchert (Oct 24)
- [KAPDA::#8] Domain Manager Pro Vulnerability advisory (Oct 24)
- SQL saphp Lesson almaster (Oct 24)
- File Including In FLAT NUKE abducter_minds (Oct 24)
- Zomplog Script Injection Vulnerability =>3.4 (all versions vulnerable) sikikmail (Oct 24)
- php < 4.4.1 htaccess apache dos Eric Romang / ZATAZ.com (Oct 24)
- Nuked klan 1.7: Remote Exploit papipsycho (Oct 24)
- Nuked klan 1.7: SQL vulnerability papipsycho (Oct 24)
- Flat Nuke Cross Site Scripting alex (Oct 24)
- iDEFENSE Security Advisory 10.24.05: SCO Openserver backupsh 'Home' Buffer Overflow Vulnerability iDEFENSE Labs (Oct 25)
- PHP iCalendar CSS ascii (Oct 25)
- [SECURITY] [DSA 871-1] New libgda2 packages fix arbitrary code execution Martin Schulze (Oct 25)
- DboardGear - uncorrect import themes (SQL-inject) poizon (Oct 25)
- Multiple Vendor Anti-Virus Software Detection Evasion Vulnerability through Andrey Bayora (Oct 25)
- Re: Multiple Vendor Anti-Virus Software Detection Evasion Vulnerability through Dave English (Oct 29)
- <Possible follow-ups>
- Re: Multiple Vendor Anti-Virus Software Detection Evasion Vulnerability through Andreas Marx (Oct 26)
- Re: Multiple Vendor Anti-Virus Software Detection Evasion Vulnerability through Andrey Bayora (Oct 26)
- Re: Multiple Vendor Anti-Virus Software Detection Evasion Vulnerability through mgotts (Oct 29)
- Re: Multiple Vendor Anti-Virus Software Detection Evasion Vulnerability through Andrey Bayora (Oct 29)
- Skype security advisory . EADS CCR DCR/STI/C (Oct 25)
- [ GLSA 200510-19 ] cURL: NTLM username stack overflow Thierry Carrez (Oct 25)
- [ GLSA 200510-20 ] Zope: File inclusion through RestructuredText Thierry Carrez (Oct 25)
- [ GLSA 200510-21 ] phpMyAdmin: Local file inclusion and XSS vulnerabilities Thierry Carrez (Oct 25)
- [SNS Advisory No.85] XOOPS Multiple Cross-site Scripting Vulnerabilities snsadv (Oct 25)
- [SECURITY] [DSA 870-1] New sudo packages fix arbitrary command execution Martin Schulze (Oct 25)
- iDEFENSE Security Advisory 10.24.05: SCO Unixware Setuid ppp prompt Buffer Overflow Vulnerability iDEFENSE Labs (Oct 25)
- Mozilla Thunderbird SMTP down-negotiation weakness Thomas Henlich (Oct 25)
- Re: Mozilla Thunderbird SMTP down-negotiation weakness Jason Haar (Oct 26)
- Re: Mozilla Thunderbird SMTP down-negotiation weakness Tony Finch (Oct 26)
- Re: Mozilla Thunderbird SMTP down-negotiation weakness Bob Beck (Oct 29)
- Re: Mozilla Thunderbird SMTP down-negotiation weakness Jason Haar (Oct 29)
- Re: Mozilla Thunderbird SMTP down-negotiation weakness Tony Finch (Oct 26)
- Re: Mozilla Thunderbird SMTP down-negotiation weakness Jason Haar (Oct 26)
- Network Appliance iSCSI Authentication Bypass advisories (Oct 25)
- Re: Network Appliance iSCSI Authentication Bypass Steve Shockley (Oct 29)
- Re: Network Appliance iSCSI Authentication Bypass steve . shockley (Oct 29)
- Re: Network Appliance iSCSI Authentication Bypass Steve Shockley (Oct 29)
- [SECURITY] [DSA 871-2] New libgda2 packages fix arbitrary code execution Martin Schulze (Oct 25)
- SEC-Consult SA 20051025-0 :: Snoopy Remote Code Execution Vulnerability Bernhard Mueller (Oct 25)
- Re: [Full-disclosure] SEC-Consult SA 20051025-0 :: Snoopy Remote Code Execution Vulnerability Florian Weimer (Oct 29)
- Re: [Full-disclosure] SEC-Consult SA 20051025-0 :: Snoopy Remote Code Execution Vulnerability SEC Consult Research (Oct 29)
- Re: [Full-disclosure] SEC-Consult SA 20051025-0 :: Snoopy Remote Code Execution Vulnerability Florian Weimer (Oct 29)
- SEC-Consult SA 20051025-1 :: RSA ACE Web Agent XSS Bernhard Mueller (Oct 25)
- iDEFENSE Security Advisory 10.24.05: SCO Openserver authsh 'Home' Buffer Overflow Vulnerability iDEFENSE Labs (Oct 25)
- SparkleBlog Journal.php HTML Injection Vulnerability =>v2.1 (all versions vulnerable) sikikmail (Oct 25)
- Looking for security contacts at Sony and Lenovo (FKA IBM) Richard M. Smith (Oct 26)
- [SECURITY] [DSA 548-2] New imlib packages fix arbitrary code execution Martin Schulze (Oct 26)
- MDKSA-2005:193 - Updated ethereal packages fix multiple vulnerabilities Mandriva Security Team (Oct 26)
- Looking for a security contact at Macrovision/InstallShield Richard M. Smith (Oct 26)
- Secunia Research: Mantis "t_core_path" File Inclusion Vulnerability Secunia Research (Oct 26)
- Woltlab Burning Board info_db.php multiple SQL injection admin (Oct 26)
- SQL-Injection in MyBulletinBoard allows attacker to become a board admin. Animal (Oct 26)
- [SECURITY] [DSA 873-1] New net-snmp packages fix denial of service Martin Schulze (Oct 26)
- [KAPDA::#9] Techno Dreams Scripts Vulnerabilities advisory (Oct 26)
- Re: [Full-disclosure] Multiple Vendor Anti-Virus Software DetectionEvasion Vulnerability through forged magic byte Andrey Bayora (Oct 26)
- Re: [Full-disclosure] Multiple Vendor Anti-Virus Software DetectionEvasion Vulnerability through forged magic byte Bipin Gautam (Oct 29)
- <Possible follow-ups>
- RE: [Full-disclosure] Multiple Vendor Anti-Virus Software DetectionEvasion Vulnerability through forged magic byte Debasis Mohanty (Oct 26)
- Update for the magic byte bug Andrey Bayora (Oct 26)
- MDKSA-2005:197 - Updated unzip packages fix suid, permissions vulnerabilities. Mandriva Security Team (Oct 26)
- MDKSA-2005:193-1 - Updated ethereal packages fix multiple vulnerabilities Mandriva Security Team (Oct 26)
- MDKSA-2005:198 - Updated uim packages fix suid linking vulnerabilities. Mandriva Security Team (Oct 26)
- MDKSA-2005:195 - Updated squid packages fix vulnerabilities Mandriva Security Team (Oct 26)
- MDKSA-2005:186-1 - Updated lynx packages fix remote buffer overflow Mandriva Security Team (Oct 26)
- MDKSA-2005:194 - Updated php-imap packages fix buffer overflow vulnerabilities. Mandriva Security Team (Oct 26)
- MDKSA-2005:196 - Updated perl-Compress-Zlib packages fix vulnerabilities Mandriva Security Team (Oct 26)
- [SECURITY] [DSA 872-1] New koffice packages fix arbitrary code execution Martin Schulze (Oct 26)
- PHP-Nuke Cross-Site Scripting Vulnerability bhfh01 (Oct 26)
- MDKSA-2005:199 - Updated netpbm packages fix pnmtopng vulnerabilities Mandriva Security Team (Oct 26)
- [SECURITY] [DSA 874-1] New lynx packages fix arbitrary code execution Martin Schulze (Oct 27)
- fetchmail security announcement 2005-02 (CVE-2005-3088) ma+nomail (Oct 27)
- [SECURITY] [DSA 875-1] New OpenSSL packages fix cryptographic weakness Martin Schulze (Oct 27)
- [SECURITY] [DSA 876-1] New lynx-ssl packages fix arbitrary code execution Martin Schulze (Oct 27)
- Secunia Research: ATutor Multiple Vulnerabilities Secunia Research (Oct 27)
- [CIRT.DK] - Novell ZENworks Patch Management Server 6.0.0.52 - SQL injection CIRT.DK Advisory (Oct 27)
- [SECURITY] [DSA 878-1] New netpbm-free packages fix arbitrary code execution Martin Schulze (Oct 28)
- [ GLSA 200510-23 ] TikiWiki: XSS vulnerability Thierry Carrez (Oct 28)
- Re: [ GLSA 200510-23 ] TikiWiki: XSS vulnerability dave canuck (Oct 28)
- Re: [ GLSA 200510-23 ] TikiWiki: XSS vulnerability Thierry Carrez (Oct 28)
- Re: [ GLSA 200510-23 ] TikiWiki: XSS vulnerability dave canuck (Oct 28)
- MDKSA-2005:201 - Updated sudo packages fix vulnerability Mandriva Security Team (Oct 28)
- [ GLSA 200510-22 ] SELinux PAM: Local password guessing attack Thierry Carrez (Oct 28)
- [SECURITY] [DSA 877-1] New gnump3d packages fix several vulnerabilities Martin Schulze (Oct 28)
- MDKSA-2005:200 - Updated apache-mod_auth_shadow packages fix security restriction bypass issues. Mandriva Security Team (Oct 28)
- [ GLSA 200510-24 ] Mantis: Multiple vulnerabilities Thierry Carrez (Oct 28)
- iDefense Security Advisory 10.28.05: Multiple Vendor chmlib CHM File Handling Buffer Overflow Vulnerability iDEFENSE Labs (Oct 28)
- File Including In PBLang abducter_minds (Oct 28)
- Multiple vulnerabilities within RockLiffe MailSite Express WebMail Paul Craig (Oct 28)
- Remote File Inclusion in vCard :) [AT] (Oct 29)
- Remote MySQL User on Cpanel Default installation with blank password sup3r_linux (Oct 29)
- Re: Multiple Vendor Anti-Virus Software Detection Evasion Vulnerability through forged magic byte Williams, James K (Oct 29)
- Vulnerability in MG2 php based Image Gallery - bypass security, view password protected images preben (Oct 29)
- Mirabilis ICQ 2003a Buffer Overflow Download Shellcoded Exploit atmaca (Oct 29)
- uplod phpshell in PHP Advanced Transfer Manager sQl (Oct 29)
- Re: uplod phpshell in PHP Advanced Transfer Manager D_BuG (Oct 31)
- Trend Micro's Response to the Magic Byte Bug Auri Rahimzadeh (Oct 29)
- [USN-206-2] Fixed lynx packages for USN-206-1 Martin Pitt (Oct 31)
- [USN-213-1] sudo vulnerability Martin Pitt (Oct 31)
- [USN-151-3] zlib vulnerabilities Martin Pitt (Oct 31)
- [USN-212-1] libgda2 vulnerability Martin Pitt (Oct 31)
- New List David Ahmad (Oct 31)
- Advisory 20/2005: PHP File-Upload $GLOBALS Overwrite Vulnerability Stefan Esser (Oct 31)
- Advisory 19/2005: PHP register_globals Activation Vulnerability in parse_str() Stefan Esser (Oct 31)
- Advisory 18/2005: PHP Cross Site Scripting (XSS) Vulnerability in phpinfo() Stefan Esser (Oct 31)
- OpenVPN[v2.0.x]: foreign_option() formart string vulnerability. v9 (Oct 31)
- Advisory 17/2005: phpBB Multiple Vulnerabilities Stefan Esser (Oct 31)
- [ GLSA 200510-26 ] XLI, Xloadimage: Buffer overflow Sune Kloppenborg Jeppesen (Oct 31)
- [ GLSA 200510-25 ] Ethereal: Multiple vulnerabilities in protocol dissectors Sune Kloppenborg Jeppesen (Oct 31)
- SQL In Invision Gallery 2.0.3 almaster (Oct 31)
- mwcollect v3.0.0 Release Georg Wicherski (Oct 31)
- SQL IN FORUM.PHP ABDUCTER_MINDS (Oct 31)
- APPLE-SA-2005-10-31 Mac OS X v10.4.3 noreply (Oct 31)