Bugtraq: by author
603 messages
starting Apr 24 06 and
ending Apr 15 06
Date index |
Thread index |
Author index
Apple Mac OS X Safari 2.0.3 Vulnerability (Apr 24)
3APA3A
Re: Bypassing ISA Server 2004 with IPv6 3APA3A (Apr 04)
Re[3]: Bypassing ISA Server 2004 with IPv6 3APA3A (Apr 15)
Re[2]: Bypassing ISA Server 2004 with IPv6 3APA3A (Apr 10)
86400s
Exploiting out of memory crashes and null pointers [was: Re: function *() php/apache Crash PHP 4.4.2 and 5.1.2] 86400s (Apr 12)
Aaron Kaplan
manila.userland cross site scriptable Aaron Kaplan (Apr 15)
Aaron Phillips
Re: Apple Mac OS X Safari 2.0.3 Vulnerability Aaron Phillips (Apr 26)
adam
[SA-03] Example of Grsecurity protection avoid. adam (Apr 17)
addmimistrator
[KAPDA::#38] - MyBB 1.1.0~functions_post.php~XSS Attack addmimistrator (Apr 09)
[KAPDA]CopperminePhotoGallery1.4.4~ PluginInclusionSystem(index.php)~ RemoteFileInclusion attack addmimistrator (Apr 15)
[KAPDA]MyBB1.1.0~global.php~ParameterExtracting addmimistrator (Apr 15)
Aditya
XSS Bug in OpenGear Server Website Aditya (Apr 24)
admin
[MajorSecurity]ActualAnalyzer - Remote File Include Vulnerability admin (Apr 19)
[MajorSecurity] TotalCalendar 2.30 - Remote File Include Vulnerability admin (Apr 24)
[MajorSecurity] phpMyAgenda 3.0 Final - Remote File Include Vulnerability admin (Apr 24)
phpListPro <= 2.0 - Remote File Include Vulnerability admin (Apr 11)
advisory
Rapid7 Advisory R7-0023: Symantec Scan Engine File Disclosure Vulnerability advisory (Apr 21)
Land Down Under 802 and below version Path Disclosure Vulnerability Advisory (Apr 27)
Rapid7 Advisory R7-0019: Directory traversal vulnerability in SolarWinds TFTP Server for Windows advisory (Apr 21)
Rapid7 Advisory R7-0022: Symantec Scan Engine Known Immutable DSA Private Key advisory (Apr 21)
Rapid7 Advisory R7-0021: Symantec Scan Engine Authentication Fundamental Design Error advisory (Apr 21)
ak
SQL Injection in package SYS.DBMS_LOGMNR_SESSION ak (Apr 19)
Oracle read-only user can insert/update/delete data via specially crafted views ak (Apr 10)
alex
[eVuln] aWebNews Multiple XSS and SQL Injection Vulnerabilities alex (Apr 14)
[eVuln] newsletter - sourceworkshop SQL Injection Vulnerability alex (Apr 09)
[eVuln] VNews Multiple Vulnerabilities alex (Apr 11)
[eVuln] RedCMS Multiple XSS and SQL Injection Vulnerabilities alex (Apr 14)
[eVuln] phpNewsManager Multiple SQL Injections alex (Apr 09)
[eVuln] qliteNews SQL Injection Vulnerability alex (Apr 13)
[eVuln] aWebBB Multiple XSS and SQL Injection Vulnerabilities alex (Apr 15)
[eVuln] [V]Book Multiple Vulnerabilities alex (Apr 11)
[eVuln] N.T. Version 1.1.0 XSS and PHP Code Insertion Vulnerabilities alex (Apr 19)
[eVuln] MWGuest XSS Vulnerability alex (Apr 20)
[eVuln] Wire Plastik wpBlog SQL Injection Vulnerability alex (Apr 17)
[eVuln] VSNS Lemon Multiple Vulnerabilities alex (Apr 09)
[eVuln] warforge.NEWS SQL Injection and Multiple XSS Vulnerabilities alex (Apr 26)
[eVuln] RateIt SQL Injection Vulnerability alex (Apr 24)
[eVuln] vCounter - sourceworkshop SQL Injection Vulnerability alex (Apr 09)
[eVuln] Null news SQL Injection Vulnerability alex (Apr 09)
[eVuln] CzarNews XSS and Multiple SQL Injection Vulnerabilities alex (Apr 17)
[eVuln] QLnews XSS and PHP Code Insertion Vulnerabilities alex (Apr 12)
[eVuln] phpNewsManager Multiple SQL Injections alex (Apr 10)
[eVuln] MD News Authentication Bypass and SQL Injection Vulnerabilities alex (Apr 19)
[eVuln] MWNewsletter SQL Injection and XSS Vulnerabilities alex (Apr 21)
Alexander Klimov
Re: gcc 4.1 bug miscompiles pointer range checks, may place you at risk Alexander Klimov (Apr 18)
Alexey Dobriyan
Re: Format string in Doomsday 1.8.6 Alexey Dobriyan (Apr 10)
ali
linksubmit <= All version Html Tag Injector in index.php ali (Apr 01)
SiteMan <= All version SQL injection in admin_login.asp ali (Apr 01)
VWar <= ver 1.21 Remote Code Execution Exploit ali (Apr 22)
alireza hassani
[KAPDA::#41] - Mambo/Joomla rss component vulnerability alireza hassani (Apr 18)
A . L . M . Buxey
Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotaged hosts-file lookup A . L . M . Buxey (Apr 14)
almfnod
google xss almfnod (Apr 09)
Alvaro Olavarria
Dokeos 1.6.4 SQL Injection Vulnerability Alvaro Olavarria (Apr 14)
AminRayden
NextAge Shopping Cart Software XSS AminRayden (Apr 25)
Farsinews Cross-Site Scripting & Path disclosure vulnerability aminrayden (Apr 14)
Andreas Beck
Re: ADVISORY FOR IOPUS SECURE EMAIL ATTACHMENTS Andreas Beck (Apr 25)
Andy Meyers
RE: google xss Andy Meyers (Apr 10)
anonss
Re: Jupiter CMS <= 1.1.5 multiple XSS attack vectors. anonss (Apr 13)
Ansgar -59cobalt- Wiechers
Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup Ansgar -59cobalt- Wiechers (Apr 18)
Anton Ivanov
Re: recursive DNS servers DDoS as a growing DDoS problem Anton Ivanov (Apr 03)
Re: recursive DNS servers DDoS as a growing DDoS problem Anton Ivanov (Apr 09)
Re: recursive DNS servers DDoS as a growing DDoS problem Anton Ivanov (Apr 04)
Re: recursive DNS servers DDoS as a growing DDoS problem Anton Ivanov (Apr 04)
ArkanoiD
Re: On product vulnerability history and vulnerability complexity ArkanoiD (Apr 03)
arko . dhar
PhpWebFtp Cross Site Scripting Vulnerability arko . dhar (Apr 25)
Scry Gallery XSS Vulnerability arko . dhar (Apr 24)
VWar Path Disclosure arko . dhar (Apr 24)
PhpWebFTP 3.2 Login Script arko . dhar (Apr 17)
assurance.com.au
Multiple vulnerabilities in Linux based Cisco products assurance.com.au (Apr 19)
Bernhard Fischer
Re: DoS-ing sysklogd? Bernhard Fischer (Apr 04)
Bernhard Mueller
SEC Consult SA-20060314 :: Opera Browser CSS Attribute Integer Wrap / Buffer Overflow Bernhard Mueller (Apr 13)
Billy Bues
Re: Apple Mac OS X Safari 2.0.3 Vulnerability Billy Bues (Apr 25)
Blyth A J C (Comp)
2nd European Conference on Computer Network Defense (EC2ND) Blyth A J C (Comp) (Apr 11)
Bob Goodman
Re: Strengthen OpenSSH security? Bob Goodman (Apr 23)
BoNy-m
MySmartBB<---v 1.1.x SQL Injection/XSS BoNy-m (Apr 26)
botan
[Kurdish Security #3] CoolMenus Event Remote File Include Vulnerability (For PHP) botan (Apr 28)
[Kurdish Secure Advisory #1] I-RATER Platinum "Admin/configsettings.tpl.php" Remote File Include Vulnerability botan (Apr 28)
phpFaber TopSites Script Cross-Site Scripting botan (Apr 15)
phpLister v. 0.4.1 XSS Attacking botan (Apr 18)
Calendarix "yearcal.php" XSS Attacking botan (Apr 17)
QuickBlogger v1.4 Cross-Site Scripting botan (Apr 13)
FleXiBle Development Script Remote Command Exucetion And XSS Attacking botan (Apr 01)
ContentBoxx Login.php Cross-Site Scripting botan (Apr 19)
EasyGallery Cross-Site Scripting botan (Apr 19)
MyEvent Remote File Execution And XSS Attacking botan (Apr 17)
[Kurdish Security #2] Artmedic Event Remote File Include Vulnerability botan (Apr 28)
Brandon S. Allbery KF8NH
Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotaged hosts-file lookup Brandon S. Allbery KF8NH (Apr 14)
Breeeeh
DCForumLite V 3.0<--XSS/SQL Injection Breeeeh (Apr 25)
Brett Glass
Strengthen OpenSSH security? Brett Glass (Apr 19)
bugtraq
[BuHa-Security] Stack Based Buffer Overflow Vulnerability in Amaya 9.4 bugtraq (Apr 13)
[BuHa-Security] Multiple Vulnerabilities in MS IE 6.0 SP2 bugtraq (Apr 13)
[BuHa-Security] DoS Vulnerability in Firefox 1.5.0.1 bugtraq (Apr 13)
[BuHa-Security] Stack Based Buffer Overflow Vulnerability in Amaya 9.4 #2 bugtraq (Apr 13)
c0ntexb
Remote Xine Format String Vulnerability c0ntexb (Apr 18)
Windows Help Heap Overflow c0ntexb (Apr 13)
c0redump
Re: Strengthen OpenSSH security? c0redump (Apr 20)
Carson Gaspar
Re: Strengthen OpenSSH security? Carson Gaspar (Apr 20)
Cesar
Re: Recent Oracle exploit is _actually_ an 0day with no patch Cesar (Apr 28)
[Argeniss] Alert - Yahoo! Webmail XSS Cesar (Apr 17)
[Argeniss] Oracle Database 10gR1 Buffer overflow in VERIFY_LOG procedure Cesar (Apr 20)
[Argeniss] Alert - Yahoo! Mail XSS vulnerability Cesar (Apr 28)
cfp
RUXCON 2006 Call for Papers cfp (Apr 04)
Cheng Peng Su
Yahoo! Mail XSS Vulnerability Cheng Peng Su (Apr 23)
chris
Firefox Remote Code Execution and DoS 1.5.0.2 chris (Apr 24)
Re: phpMyForum Cross Site Scripting & CRLF injection chris (Apr 30)
Christine Kronberg
Re: Re[2]: Bypassing ISA Server 2004 with IPv6 Christine Kronberg (Apr 19)
Re[2]: Bypassing ISA Server 2004 with IPv6 Christine Kronberg (Apr 14)
Re: Bypassing ISA Server 2004 with IPv6 Christine Kronberg (Apr 09)
Re[3]: Bypassing ISA Server 2004 with IPv6 Christine Kronberg (Apr 19)
Christophe Garault
Re: DoS-ing sysklogd? Christophe Garault (Apr 04)
Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco VPN 3000 Concentrator Vulnerable to Crafted HTTP Attack Cisco Systems Product Security Incident Response Team (Apr 26)
Cisco Security Advisory: Cisco IOS XR MPLS Vulnerabilities Cisco Systems Product Security Incident Response Team (Apr 19)
Cisco Security Advisory: Multiple Vulnerabilities in the WLSE Appliance Cisco Systems Product Security Incident Response Team (Apr 19)
Cisco Security Advisory: Cisco 11500 Content Services Switch HTTP Request Vulnerability Cisco Systems Product Security Incident Response Team (Apr 09)
Cisco Security Advisory: Cisco Optical Networking System 15000 series and Cisco Transport Controller Vulnerabilities Cisco Systems Product Security Incident Response Team (Apr 10)
coderpunk
Flaw in commonly used bash random seed method coderpunk (Apr 03)
codexploder
Autonomous LAN party File iNclusion codexploder (Apr 09)
Colin Keigher
Re: Apple Mac OS X Safari 2.0.3 Vulnerability Colin Keigher (Apr 24)
crasher
Multiple vulnerabilities in Blur6ex crasher (Apr 11)
Vulnerabilities in MODx crasher (Apr 14)
Vulnerabilities in lifetype crasher (Apr 14)
Multiple Vulnerabilities in LucidCMS crasher (Apr 03)
Vulnerabilities in SPIP crasher (Apr 10)
Vulnerabilities in Papoo crasher (Apr 14)
CrAzY . CrAcKeR
BK Forum <<--V.4.0 SQL Injection CrAzY . CrAcKeR (Apr 21)
vbulletin<--3.0.x SQL Injection CrAzY . CrAcKeR (Apr 24)
poll.pl<--remote commands execution exploit CrAzY . CrAcKeR (Apr 30)
axoverzicht.cgi<==Remote File Inclusion CrAzY . CrAcKeR (Apr 20)
ThWboard 3 Beta 2.84 Cross Site Scripting CrAzY . CrAcKeR (Apr 20)
Mini-NUKE v2.3<<--- SQL Injection CrAzY . CrAcKeR (Apr 20)
Crispin Cowan
Re: On product vulnerability history and vulnerability complexity Crispin Cowan (Apr 03)
CS_Advisories Mailbox
SYMSA-2006-002: McAfee WebShield SMTP Format String Vulnerability CS_Advisories Mailbox (Apr 03)
cxib
copy() Safe Mode Bypass PHP 4.4.2 and 5.1.2 cxib (Apr 10)
phpinfo() Cross Site Scripting PHP 5.1.2 and 4.4.2 cxib (Apr 10)
tempnam() open_basedir bypass PHP 4.4.2 and 5.1.2 cxib (Apr 10)
function *() php/apache Crash PHP 4.4.2 and 5.1.2 cxib (Apr 10)
Re: Mis-diagnosed XSS bugs hiding worse issues due to PHP feature cxib (Apr 03)
d4igoro
planetSearch+ - XSS Vulnerabilities d4igoro (Apr 14)
Manila <= 9.5 - XSS Vulnerabilities d4igoro (Apr 11)
PowerClan 1.14 - SQL Injection d4igoro (Apr 14)
Tritanium Bulletin Board 1.2.3 - XSS d4igoro (Apr 11)
Linpha 1.1.0 - XSS Vulnerabilities d4igoro (Apr 18)
Damian Put
[Overflow.pl] Clam AntiVirus Win32-UPX Heap Overflow (not default configuration) Damian Put (Apr 10)
Damien Miller
Re: Strengthen OpenSSH security? Damien Miller (Apr 20)
daniel
Re: evoBlog Remote Name tag Script injection daniel (Apr 24)
Dariusz Kolasinski
Re: [KAPDA]CopperminePhotoGallery1.4.4~ PluginInclusionSystem(index.php)~ RemoteFileInclusion attack Dariusz Kolasinski (Apr 17)
darmawan_salihun
Re: Bios Information Leakage darmawan_salihun (Apr 10)
dave . de
Re: phpBB Admin command execution dave . de (Apr 19)
Dave English
Re: Flaw in commonly used bash random seed method Dave English (Apr 04)
Dave Korn
[Full-disclosure] Microsoft DNS resolver: deliberately sabotaged hosts-file lookup Dave Korn (Apr 14)
Re: Flaw in commonly used bash random seed method Dave Korn (Apr 05)
David Litchfield
Recent Oracle exploit is _actually_ an 0day with no patch David Litchfield (Apr 26)
Re: Recent Oracle exploit is _actually_ an 0day with no patch David Litchfield (Apr 28)
Re: Recent Oracle exploit is _actually_ an 0day with no patch David Litchfield (Apr 30)
Debasis Mohanty
Google Reader "preview" and "lens" script improper feed validation Debasis Mohanty (Apr 10)
defa
Confixx SQL Injection exploit (confixx_exploit.pl) defa (Apr 19)
dennis
SMART Technologies SynchronEyes Remote Denial of Services dennis (Apr 04)
Dennis Brown
Re: WebVulnCrawl searching excluded directories for hackable web servers Dennis Brown (Apr 03)
Derek Soeder
RE: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup Derek Soeder (Apr 14)
Dirk Mueller
[Kaffeine Security Advisory] Heap based buffer overflow in http_peek() Dirk Mueller (Apr 09)
dr . jr7
SQL Injection in Chipmunk Guestbook dr . jr7 (Apr 09)
Remote File Inclusion in VBulletin ImpEx dr . jr7 (Apr 13)
Dr-Jr7
photokorn 1.53 , 1.542 << Sql Dr-Jr7 (Apr 25)
dumdidumdideldey
Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotaged hosts-file lookup dumdidumdideldey (Apr 14)
Duncan Simpson
Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotaged hosts-file lookup Duncan Simpson (Apr 25)
easy . mask
BetaBoard Cross Site Scripting vulnerability easy . mask (Apr 17)
eEye Advisories
[EEYEB-20060227] Juniper Networks SSL-VPN Client Buffer Overflow eEye Advisories (Apr 26)
Eliah Kagan
Re: Firefox 1.5.0.1 Password Manager Arbtirary User Browsing History Disclosure Eliah Kagan (Apr 15)
Erwan David
Re: recursive DNS servers DDoS as a growing DDoS problem Erwan David (Apr 09)
Esteban Martinez Fayo
Vulnerability in Microsoft FrontPage Server Extensions Could Allow Cross-Site Scripting Esteban Martinez Fayo (Apr 12)
eufrato
[ECHO_ADV_27$2006] AngelineCMS 0.8.1 Installpath Remote File Inclusion eufrato (Apr 04)
[ECHO_ADV_28$2006] Clever Copy <= 3.0 Connect.inc Critical Information Disclosure eufrato (Apr 09)
[ECHO_ADV_27$2006] AngelineCMS 0.8.1 Installpath Remote File Inclusion eufrato (Apr 04)
Evans, Arian
RE: (addendum) redirection vuln crawlers breed & security through obscurity Evans, Arian (Apr 20)
RE: redirection vuln crawlers breed & security through obscurity Evans, Arian (Apr 19)
fabio
Re: ADVISORY FOR IOPUS SECURE EMAIL ATTACHMENTS fabio (Apr 25)
Felix von Leitner
gcc 4.1 bug miscompiles pointer range checks, may place you at risk Felix von Leitner (Apr 17)
fingerout
Linux Kernel Local DoS vulnerability. fingerout (Apr 09)
Florian Weimer
Re: gcc 4.1 bug miscompiles pointer range checks, may place you at risk Florian Weimer (Apr 18)
Forrest J. Cavalier III
Re: gcc 4.1 bug miscompiles pointer range checks, may place you at risk Forrest J. Cavalier III (Apr 18)
Re: On product vulnerability history and vulnerability complexity Forrest J. Cavalier III (Apr 03)
François Harvey
[SecuriWeb 2006.1] directory traversal in Asterisk@Home and ARI François Harvey (Apr 21)
franz
Re: Another Internet Explorer Address Bar Spoofing Vulnerability franz (Apr 04)
Firefox 1.5.0.1 Password Manager Arbtirary User Browsing History Disclosure franz (Apr 14)
FreeBSD Security Advisories
FreeBSD Security Advisory FreeBSD-SA-06:14.fpu FreeBSD Security Advisories (Apr 19)
Gabor Gombas
Re: gcc 4.1 bug miscompiles pointer range checks, may place you at risk Gabor Gombas (Apr 18)
Gadi Evron
Re: recursive DNS servers DDoS as a growing DDoS problem Gadi Evron (Apr 01)
Re: On product vulnerability history and vulnerability complexity Gadi Evron (Apr 03)
Re: recursive DNS servers DDoS as a growing DDoS problem Gadi Evron (Apr 09)
Re: On product vulnerability history and vulnerability complexity Gadi Evron (Apr 04)
gboyce
RE: recursive DNS servers DDoS as a growing DDoS problem gboyce (Apr 01)
GentleSecurity Team
GeSWall 2.2 – Free Intrusion Prevention System for Windows GentleSecurity Team (Apr 01)
Geo.
RE: recursive DNS servers DDoS as a growing DDoS problem Geo. (Apr 04)
Re: recursive DNS servers DDoS as a growing DDoS problem Geo. (Apr 09)
RE: recursive DNS servers DDoS as a growing DDoS problem Geo. (Apr 10)
RE: recursive DNS servers DDoS as a growing DDoS problem Geo. (Apr 03)
Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup Geo. (Apr 23)
Re: recursive DNS servers DDoS as a growing DDoS problem Geo. (Apr 03)
Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup Geo. (Apr 19)
RE: recursive DNS servers DDoS as a growing DDoS problem Geo. (Apr 04)
gergero
Re: Limbo CMS code execution gergero (Apr 04)
hainamluke
Another way to spoof Internet Explorer Address Bar hainamluke (Apr 04)
Another Internet Explorer Address Bar Spoofing Vulnerability hainamluke (Apr 03)
H D Moore
Re: IE6 Crash H D Moore (Apr 10)
h e
TUGZip Archive Extraction Directory traversal h e (Apr 10)
blur6ex Local File Inclusion and SQL injection . h e (Apr 18)
hessam
Tiny PHP forum - vulns hessam (Apr 17)
Hubbard, Dan
RE: [BULK] - Websense Filter Bypass Hubbard, Dan (Apr 21)
Ian MacPhedran
Re: Apple Mac OS X Safari 2.0.3 Vulnerability Ian MacPhedran (Apr 30)
Ilker Temir
Re: Multiple vulnerabilities in Linux based Cisco products Ilker Temir (Apr 19)
info
RechnungsZentrale V2 - SQL injection and Remote PHP inclusion vulnerabilities info (Apr 19)
infocus
Multiple PHP4/PHP5 vulnerabilities infocus (Apr 24)
inge . henriksen
Multiple browsers Windows mailto protocol Office 2003 file attachment exploit inge . henriksen (Apr 25)
iovdin
Re: Confixx 3.1.2 <= SQL Injection iovdin (Apr 13)
Re: Sql Injection in Confixx 3.06 & 3.08 & 3.?? ? iovdin (Apr 14)
it_underground
IT Underground, London 2006 - call for papers it_underground (Apr 11)
Ivan Sergio Borgonovo
redirection vuln crawlers breed & security through obscurity Ivan Sergio Borgonovo (Apr 19)
izimask
Camino Browser HTML Parsing Null Pointer Dereference Denial of Service Vulnerability izimask (Apr 14)
jalvare7
Re: Buffer-overflow in Ultr@VNC 1.0.1 viewer and server jalvare7 (Apr 10)
Jamie Riden
Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotaged hosts-file lookup Jamie Riden (Apr 19)
Jasper Bryant-Greene
Re: [Full-disclosure] Critical PHP bug - act ASAP if you are running web with sensitive data Jasper Bryant-Greene (Apr 05)
Re: [Full-disclosure] Critical PHP bug - act ASAP if you are running web with sensitive data Jasper Bryant-Greene (Apr 04)
jat-public01
Re: gcc 4.1 bug miscompiles pointer range checks, may place you at risk jat-public01 (Apr 18)
Javier Olascoaga
Invision Power Board 2.1.5 POC Javier Olascoaga (Apr 30)
Javor Ninov
Re: On product vulnerability history and vulnerability complexity Javor Ninov (Apr 04)
Jean-Sébastien Guay-Leroux
[Full-disclosure] PIRANA exploitation framework and SMTP contentfilter security Jean-Sébastien Guay-Leroux (Apr 04)
Barracuda LHA archiver security bug leads to remote compromise Jean-Sébastien Guay-Leroux (Apr 04)
Barracuda ZOO archiver security bug leads to remote compromise Jean-Sébastien Guay-Leroux (Apr 04)
Jeff Moss
Black Hat Call for Papers and Registration now open Jeff Moss (Apr 04)
jens
Re: Apple Mac OS X Safari 2.0.3 Vulnerability jens (Apr 26)
Jeremy Ashcraft
Re: Simplog <=0.9.2 multiple vulnerabilities Jeremy Ashcraft (Apr 14)
JiM / aEGIS
Re: - PHPGraphy <= 0.9.11 "editwelcome" unauthorized access / cross site scripting - JiM / aEGIS (Apr 18)
Jim Ley
Re: google xss Jim Ley (Apr 11)
Jim Pingle
Re: recursive DNS servers DDoS as a growing DDoS problem Jim Pingle (Apr 09)
Re: recursive DNS servers DDoS as a growing DDoS problem Jim Pingle (Apr 04)
Joachim Schipper
Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotaged hosts-file lookup Joachim Schipper (Apr 14)
john
Re: RE: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup john (Apr 19)
John Biederstedt
Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup John Biederstedt (Apr 23)
Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup John Biederstedt (Apr 23)
John Bond
Re: [Full-disclosure] Critical PHP bug - act ASAP if you are running web with sensitive data John Bond (Apr 04)
John E. Fleming
RE: [BULK] - Websense Filter Bypass John E. Fleming (Apr 24)
john mullee
Re: On classifying attacks john mullee (Apr 03)
Juha-Matti Laurio
Re: RE: IBM Juha-Matti Laurio (Apr 14)
Julien L.
Avast Linux Home Edition (vulnerability on a temporary folder creation) Julien L. (Apr 14)
Justin Shore
RE: DoS-ing sysklogd? Justin Shore (Apr 03)
Kaveh Razavi
Fenice - Open Media Streaming Server remote BOF exploit Kaveh Razavi (Apr 25)
Quick 'n Easy FTP Server pro/lite Logging unicode stack overflow Kaveh Razavi (Apr 24)
Kd
Re: Strengthen OpenSSH security? Kd (Apr 20)
Kevin Waterson
Re: phpMyAdmin 2.7.0-pl1 Kevin Waterson (Apr 14)
Kevin Wilcox
Re: phpWebSite 0.10.? (topics.php) Remote SQL Injection Exploit Kevin Wilcox (Apr 14)
kim
Allied Telesyn Switch UDP Data Flood Management Denial Of Service Vulnerability kim (Apr 20)
king_purba
MAXDEV CMS Multiple vulnerabilities king_purba (Apr 09)
Multiple vulnerability in jupiter CMS king_purba (Apr 10)
Vegadns blind sql injection and cross site scripting king_purba (Apr 10)
koper
Tlen.PL e-mail XSS vulnerability. koper (Apr 19)
Kornbrust, Alexander
RE: Recent Oracle exploit is _actually_ an 0day with no patch Kornbrust, Alexander (Apr 28)
kr4ch
FlexBB v0.5.5 BETA [SQL Inj] [XSS] [Login bypass] kr4ch (Apr 17)
phpMyAdmin 2.7.0-pl1 kr4ch (Apr 13)
kvea
Re: XV multiple buffer overflows (update) kvea (Apr 26)
Lance James
PowerPoint Phishing Trojan Lance James (Apr 25)
Layer One
LayerOne 2006 - Finalized Speaker Line-Up Announced Layer One (Apr 09)
liz0
Shadowed Portal Cross Site Scripting liz0 (Apr 09)
Matt Wright Guestbook Xss Script İnjection liz0 (Apr 09)
Virtual War File İnclusion liz0 (Apr 10)
Luigi Auriemma
Denial of service bugs in OpenTTD 0.4.7 Luigi Auriemma (Apr 24)
Buffer-overflow and crash in Fenice OMS 1.10 Luigi Auriemma (Apr 24)
Format string in Doomsday 1.8.6 Luigi Auriemma (Apr 04)
Format string bug in Skulltag 0.96f Luigi Auriemma (Apr 24)
Buffer-overflow in Ultr@VNC 1.0.1 viewer and server Luigi Auriemma (Apr 04)
Re: Buffer-overflow in Ultr@VNC 1.0.1 viewer and server Luigi Auriemma (Apr 09)
MaddHatter
Re: Strengthen OpenSSH security? MaddHatter (Apr 20)
mailinglist mailinglist
Re: [Full-disclosure] Critical PHP bug - act ASAP if you are runningweb with sen mailinglist mailinglist (Apr 04)
Måns Nilsson
RE: recursive DNS servers DDoS as a growing DDoS problem Måns Nilsson (Apr 04)
Marc Deslauriers
[FLSA-2006:156290] Updated cyrus-imapd packages fix security issues Marc Deslauriers (Apr 09)
[FLSA-2006:183571-1] Updated tar package fixes security issue Marc Deslauriers (Apr 09)
[FLSA-2006:183571-2] Updated tar package fixes security issue Marc Deslauriers (Apr 09)
[FLSA-2006:152896] Updated mod_python package fixes a security issue Marc Deslauriers (Apr 09)
[FLSA-2006:184074] Updated pine package fixes security issue Marc Deslauriers (Apr 09)
[FLSA-2006:184098] Updated libc-client packages fixes security issue Marc Deslauriers (Apr 09)
[FLSA-2006:152873] Updated xine package fixes security issues Marc Deslauriers (Apr 09)
[FLSA-2006:170411] Updated imap packages fix security issue Marc Deslauriers (Apr 09)
[Updated] [FLSA-2006:186277] Updated sendmail packages fix security issue Marc Deslauriers (Apr 09)
[FLSA-2006:180159] Updated unzip package fixes security issue Marc Deslauriers (Apr 09)
[FLSA-2006:156139] Updated tcpdump packages fix security issues Marc Deslauriers (Apr 09)
Marco Ivaldi
Re: recursive DNS servers DDoS as a growing DDoS problem Marco Ivaldi (Apr 04)
Mario Contestabile
RE: [Full-disclosure] Microsoft DNS resolver: deliberately sabotaged hosts-file lookup Mario Contestabile (Apr 20)
Martin Pitt
[USN-273-1] Ruby vulnerability Martin Pitt (Apr 24)
[USN-268-1] Kaffeine vulnerability Martin Pitt (Apr 09)
[USN-271-1] Firefox vulnerabilities Martin Pitt (Apr 19)
[USN-269-1] xscreensaver vulnerability Martin Pitt (Apr 11)
[USN-275-1] Mozilla vulnerabilities Martin Pitt (Apr 27)
[USN-274-1] MySQL vulnerability Martin Pitt (Apr 27)
[USN-267-1] mailman vulnerability Martin Pitt (Apr 04)
[USN-266-1] dia vulnerabilities Martin Pitt (Apr 03)
[USN-272-1] cyrus-sasl2 vulnerability Martin Pitt (Apr 24)
[USN-270-1] xpdf vulnerabilities Martin Pitt (Apr 13)
Martin Schulze
[SECURITY] [DSA 1039-1] New blender packages fix several vulnerabilities Martin Schulze (Apr 24)
[SECURITY] [DSA 1037-1] New zgv packages fix arbitrary code execution Martin Schulze (Apr 21)
[SECURITY] [DSA 1028-1] New libimager-perl packages fix denial of service Martin Schulze (Apr 09)
[SECURITY] [DSA 1023-1] New kaffeine packages fix arbitrary code execution Martin Schulze (Apr 10)
[SECURITY] [DSA 1025-1] New dia packages fix arbitrary code execution Martin Schulze (Apr 10)
[SECURITY] [DSA 1029-1] New libphp-adodb packages fix several vulnerabilities Martin Schulze (Apr 10)
[SECURITY] [DSA 1044-1] New Mozilla Firefox packages fix several vulnerabilities Martin Schulze (Apr 26)
[SECURITY] [DSA 1041-1] New abc2ps packages fix arbitrary code execution Martin Schulze (Apr 25)
[SECURITY] [DSA 1031-1] New cacti packages fix several vulnerabilities Martin Schulze (Apr 09)
[SECURITY] [DSA 1000-2] New Apache2::Request packages fix denial of service Martin Schulze (Apr 03)
[SECURITY] [DSA 1045-1] New OpenVPN packages fix arbitrary code execution Martin Schulze (Apr 27)
[SECURITY] [DSA 946-2] New sudo packages fix privilege escalation Martin Schulze (Apr 09)
[SECURITY] [DSA 1030-1] New moodle packages fix several vulnerabilities Martin Schulze (Apr 10)
[SECURITY] [DSA 1027-1] New mailman packages fix denial of service Martin Schulze (Apr 09)
[SECURITY] [DSA 1043-1] New abcmidi packages fix arbitrary code execution Martin Schulze (Apr 26)
[SECURITY] [DSA 1044-1] New Mozilla Firefox packages fix several vulnerabilities Martin Schulze (Apr 26)
[SECURITY] [DSA 1046-1] New Mozilla packages fix several vulnerabilities Martin Schulze (Apr 27)
[SECURITY] [DSA 1038-1] New xzgv packages fix arbitrary code execution Martin Schulze (Apr 22)
[SECURITY] [DSA 1040-1] New gdm packages fix local root exploit Martin Schulze (Apr 24)
[SECURITY] [DSA 1042-1] New Cyrus SASL packages fix denial of service Martin Schulze (Apr 25)
Matthias Geerdsen
[ GLSA 200604-03 ] FreeRADIUS: Authentication bypass in EAP-MSCHAPv2 module Matthias Geerdsen (Apr 04)
Matthijs
Re: Flaw in commonly used bash random seed method Matthijs (Apr 04)
Re: Flaw in commonly used bash random seed method Matthijs (Apr 04)
Re: Flaw in commonly used bash random seed method Matthijs (Apr 03)
mattmecham
Re: Invision Vulnerabilities, including remote code execution mattmecham (Apr 27)
Memisyazici, Aras
RE: Another way to spoof Internet Explorer Address Bar Memisyazici, Aras (Apr 09)
mfoxhacker
TopList <= 1.3.8 (PHPBB Hack) Remote File Inclusion Vulnerability mfoxhacker (Apr 30)
Michael Chamberlain
Re: gcc 4.1 bug miscompiles pointer range checks, may place you at risk Michael Chamberlain (Apr 18)
Michael Scheidell
RE: IBM Michael Scheidell (Apr 13)
RE: osCommerce "extras/" information/source code disclosure Michael Scheidell (Apr 15)
Michael Wojcik
RE: gcc 4.1 bug miscompiles pointer range checks, may place you at risk Michael Wojcik (Apr 18)
Michal Zalewski
Re: function *() php/apache Crash PHP 4.4.2 and 5.1.2 Michal Zalewski (Apr 13)
MSIE (mshtml.dll) OBJECT tag vulnerability Michal Zalewski (Apr 23)
Re: function *() php/apache Crash PHP 4.4.2 and 5.1.2 Michal Zalewski (Apr 11)
Mike Hoskins
Re: Strengthen OpenSSH security? Mike Hoskins (Apr 20)
Mike Weller
RE: Invision Vulnerabilities, including remote code execution Mike Weller (Apr 30)
miky
Another flaw in Firefox 1.5.0.2: to open files from remote miky (Apr 18)
Milen Rangelov
DoS-ing sysklogd? Milen Rangelov (Apr 01)
moep
Serendipity Blog vuln moep (Apr 14)
Moonen, Ralph
Multiple vulnerabilities in IP3 Networks 'NetAccess' NA75 appliance Moonen, Ralph (Apr 25)
Moritz Muehlenhoff
[SECURITY] [DSA 1034-1] New horde2 packages fix several vulnerabilities Moritz Muehlenhoff (Apr 14)
[SECURITY] [DSA 1035-1] New fcheck packages fix insecure temporary file creation Moritz Muehlenhoff (Apr 15)
[SECURITY] [DSA 1022-1] New storebackup packages fix several vulnerabilities Moritz Muehlenhoff (Apr 04)
[SECURITY] [DSA 1026-1] New sash packages fix potential arbitrary code execution Moritz Muehlenhoff (Apr 10)
[SECURITY] [DSA 1036-1] New bsdgames packages fix local privilege escalation Moritz Muehlenhoff (Apr 17)
[SECURITY] [DSA 1033-1] New horde3 packages fix several vulnerabilities Moritz Muehlenhoff (Apr 12)
[SECURITY] [DSA 1032-1] New zope-cmfplone packages fix unprivileged data manipulation Moritz Muehlenhoff (Apr 12)
[SECURITY] [DSA 1018-2] New Linux kernel 2.4.27 packages fix several vulnerabilities Moritz Muehlenhoff (Apr 09)
[SECURITY] [DSA 1024-1] New clamav packages fix several vulnerabilities Moritz Muehlenhoff (Apr 09)
Moriyoshi Koizumi
Re: [Full-disclosure] Critical PHP bug - act ASAP if you are running web with sensitive data Moriyoshi Koizumi (Apr 09)
Re: [Full-disclosure] Critical PHP bug - act ASAP if you are running web with sensitive data Moriyoshi Koizumi (Apr 04)
Morning Wood
Re: [Full-disclosure] [Argeniss] Alert - Yahoo! Webmail XSS Morning Wood (Apr 18)
Re: [Full-disclosure] [Argeniss] Alert - Yahoo! Webmail XSS Morning Wood (Apr 18)
Mustafa Can Bjorn IPEKCI
Advisory: My Gaming Ladder Combo System <= 7.0 Remote File Inclusion Vulnerability. Mustafa Can Bjorn IPEKCI (Apr 24)
vBulletin <= 3.5.4 with MKPortal 1.1 Remote SQL Injection Vulnerability. Mustafa Can Bjorn IPEKCI (Apr 22)
Advisory: Simplog <= 0.93 Multiple Remote Vulnerabilities. Mustafa Can Bjorn IPEKCI (Apr 22)
ASPSitem <= 1.83 Remote SQL Injection Vulnerability Mustafa Can Bjorn IPEKCI (Apr 19)
dForum <= 1.5 Multiple Remote File Inclusion Vulnerabilities. Mustafa Can Bjorn IPEKCI (Apr 22)
Advisory: Clansys <= 1.1 PHP Code Insertion Vulnerability. Mustafa Can Bjorn IPEKCI (Apr 24)
Advisory: CoreNews <= 2.0.1 Multiple Remote Vulnerabilities. Mustafa Can Bjorn IPEKCI (Apr 22)
n0m3rcy
FileLodge Bolt (showonlineusers.php) Cross-Site Scripting Vulnerbility n0m3rcy (Apr 24)
Encyclopedia <= 3.0 (login.php) CrossSite Scripting - XSS n0m3rcy (Apr 14)
BK Forum <= 4.0 Remote SQL Injection n0m3rcy (Apr 24)
Shbablek Mail Vulnerablitiy - Cross-Site Scripting n0m3rcy (Apr 19)
Nate Eldredge
Re: gcc 4.1 bug miscompiles pointer range checks, may place you at risk Nate Eldredge (Apr 19)
newslist () security-briefings com
New site about security conferences : www.security-briefings.com newslist () security-briefings com (Apr 20)
NGSSoftware Insight Security Research
Multiple critical and high risk issues in Oracle's database server NGSSoftware Insight Security Research (Apr 18)
Nick FitzGerald
RE: Microsoft DNS resolver: deliberately sabotaged hosts-file lookup Nick FitzGerald (Apr 20)
nobody
Re: Snipe Gallery <= 3.1.4 Multiple XSS nobody (Apr 17)
noch22
phpBB Admin command execution noch22 (Apr 14)
phpBB template file code execution noch22 (Apr 14)
noreply
Re: Bypassing ISA Server 2004 with IPv6 noreply (Apr 11)
no . spam
Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup no . spam (Apr 19)
NSFOCUS Security Team
NSFOCUS SA2006-03 : IBM AIX rm_mlcache_file Local Race Condition Vulnerability NSFOCUS Security Team (Apr 24)
NSFOCUS SA2006-02 : IBM AIX mklvcopy Local Privilege Escalation Vulnerability NSFOCUS Security Team (Apr 24)
ntwak0
ADVISORY FOR IOPUS SECURE EMAIL ATTACHMENTS ntwak0 (Apr 24)
nukedx
Re: Advisory: Clansys <= 1.1 PHP Code Insertion Vulnerability. nukedx (Apr 25)
Re: Mini-NUKE v2.3<<--- SQL Injection nukedx (Apr 21)
office
Re: Path Disclosure and Arbitrary File Read Vulnerability in SLAB5000 office (Apr 19)
offtopic
Re: Re[3]: Bypassing ISA Server 2004 with IPv6 offtopic (Apr 20)
Re: Bypassing ISA Server 2004 with IPv6 offtopic (Apr 09)
Oliver Goebel
IMF 2006 - Submission Deadline Extension Oliver Goebel (Apr 11)
omnipresent
bloggage Remote SQL Injection omnipresent (Apr 21)
RIblog Remote SQL Injection Exploit omnipresent (Apr 24)
optix_prorat100
Re: SQL injection in Invision Power Board v2.1.5 optix_prorat100 (Apr 09)
OS2A BTO
NASL 'Split' function Buffer overflow Vulnerability OS2A BTO (Apr 25)
outlaw
SQL Injection On DUportal outlaw (Apr 26)
XSS Attack On DirectAdmin Hosting Managment outlaw (Apr 30)
XXS Attack On FarsiNews outlaw (Apr 26)
Cireos Portal Cross Site Scripting outlaw (Apr 28)
Neomail.pl Local Cross Site Scripting outlaw (Apr 28)
Local XXS Attack On CuteNews outlaw (Apr 26)
o . y . 6
FlexBB 0.5.5 Bypass Exploit o . y . 6 (Apr 17)
MyBB 1.10 'newthread.php' < CrossSiteScripting > o . y . 6 (Apr 10)
WWWThread RC 3 MultBugs o . y . 6 (Apr 19)
MyBB 1.10 New XSS ' member.php ' o . y . 6 (Apr 13)
MyBB 1.10 New CrossSiteScripting o . y . 6 (Apr 03)
ArabPortal 2.0.1 Stable [ 9 CrossSiteScripting & 1 SQL Injection ] MultBugz o . y . 6 (Apr 04)
MyBB 1.10 New CrossSiteScripting ' member.php ' o . y . 6 (Apr 13)
MyBB 1.1.1 Local SQL Injections o . y . 6 (Apr 27)
FlexBB 0.5.5 Exploit [ function/showprofile.php ] Remote SQL Injection o . y . 6 (Apr 23)
pagvac
Re: google xss pagvac (Apr 11)
paolo . difebbo
Hosting Controller AccountActions.asp and saveuploadfiles.asp vulns (PoC) paolo . difebbo (Apr 03)
Paul Stepowski
Re: recursive DNS servers DDoS as a growing DDoS problem Paul Stepowski (Apr 01)
Paul Wouters
Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup Paul Wouters (Apr 19)
pc . tech2
Re: Re: Another Internet Explorer Address Bar Spoofing Vulnerability pc . tech2 (Apr 09)
phaas
Re: Buffer-overflow in Ultr@VNC 1.0.1 viewer POC phaas (Apr 11)
ptt
IBM ptt (Apr 11)
putosoft softputo
Oracle 10g 10.2.0.2.0 DBA exploit putosoft softputo (Apr 19)
qex
FlexBB <= 0.5.7 BETA XSS qex (Apr 15)
4images <= 1.7 XSS qex (Apr 20)
Neuron Blog <= 1.1 XSS qex (Apr 17)
ShoutBOOK <= 1.1 XSS qex (Apr 17)
axoverzicht.cgi <= XSS qex (Apr 18)
Snipe Gallery <= 3.1.4 Multiple XSS qex (Apr 15)
Instant Photo Gallery <= Multiple XSS qex (Apr 25)
Instant Photo Gallery <= Multiple XSS qex (Apr 25)
Boardsolution <= 1.12 XSS qex (Apr 15)
Open Bulletin Board < Multiple Vulnerability qex (Apr 26)
AnimeGenesis <= XSS qex (Apr 17)
Websense Filter Bypass qex (Apr 20)
DevBB <= 1.0.0 XSS qex (Apr 26)
Tiny Web Gallery <= 1.4 XSS qex (Apr 15)
ThWboard <= 3 Beta 2.84 SQL Injection Qex (Apr 19)
PhpGuestbook <= 1.0 XSS qex (Apr 15)
r57shell.php <= 1.3 XSS qex (Apr 21)
r0xes . ratm
RevoBoard [email] tag XSS r0xes . ratm (Apr 13)
W-Agora 4.20 XSS r0xes . ratm (Apr 30)
TextFileBB 1.0.16 Multiple XSS r0xes . ratm (Apr 30)
XMB Forum 1.9.5-Final XSS r0xes . ratm (Apr 10)
r57shell
a Yahoo Vulnerability r57shell (Apr 14)
raven
Re: Cantv/Movilnet's Web SMS vulnerability. raven (Apr 03)
Recon
Recon 2006: speaker lineup announcement Recon (Apr 13)
RedTeam Pentesting
PAJAX Remote Code Injection and File Inclusion Vulnerability RedTeam Pentesting (Apr 14)
Renaud Deraison
Re: NASL 'Split' function Buffer overflow Vulnerability Renaud Deraison (Apr 25)
Re: NASL 'Split' function Buffer overflow Vulnerability Renaud Deraison (Apr 25)
revnic
TalentSoft Web+Shop Path Disclosure revnic (Apr 13)
rey . gigataras
Re: [KAPDA::#41] - Mambo/Joomla rss component vulnerability rey . gigataras (Apr 19)
rgod
PHP Album <= 0.3.2.3 remote commnads execution rgod (Apr 15)
Simplog <=0.9.2 multiple vulnerabilities rgod (Apr 12)
PCPIN Chat <= 5.0.4 "login/language" remote cmmnds xctn rgod (Apr 19)
PhpOpenChat 3.0.x ADODB Server.php "sql" SQL injection rgod (Apr 10)
- PHPGraphy <= 0.9.11 "editwelcome" unauthorized access / cross site scripting - rgod (Apr 17)
PHPMyChat 0.15.0dev "SYS enter" remote commands xctn (not properly patched from previous versions) rgod (Apr 09)
PHPMyChat <= 0.14.5 remote commands execution rgod (Apr 09)
PHPList <= 2.10.2 remote commands execution rgod (Apr 10)
PHPSurveyor <= 0.995 'save.php/surveyid' remote cmmnds xctn rgod (Apr 20)
osCommerce "extras/" information/source code disclosure rgod (Apr 14)
ReloadCMS <= 1.2.5stable Cross site scripting / remote command execution rgod (Apr 03)
rg . viza
Re: Re: PHPList <= 2.10.2 remote commands execution rg . viza (Apr 11)
Richard Horsman
[SEC-1 LTD] HP Colour LaserJet 2500 and 4600 Toolbox Directory Traversal Vulnerability Richard Horsman (Apr 04)
robert
Re: [ECHO_ADV_27$2006] Indexu <= 5.0.1 Remote File Inclusion robert (Apr 14)
robsekeris
Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup robsekeris (Apr 19)
Romain . Le . Guen
Bypassing ISA Server 2004 with IPv6 Romain . Le . Guen (Apr 03)
Romain . Le-Guen
Re: Re: Bypassing ISA Server 2004 with IPv6 Romain . Le-Guen (Apr 09)
root__
Jbook Cross Site Scripting root__ (Apr 10)
phpMyForum Cross Site Scripting & CRLF injection root__ (Apr 10)
PHPWebGallery Multiple Cross Site Scripting Vulnerabilities root__ (Apr 10)
Ross Wheeler
Re: recursive DNS servers DDoS as a growing DDoS problem Ross Wheeler (Apr 09)
Roy . Batty
Ad-Aware Revisited Roy . Batty (Apr 20)
rubengarrote
XSS Bug in Cherokee Webserver rubengarrote (Apr 10)
satanchild123
SQL injection exploit IPB <= 2.1.4 satanchild123 (Apr 27)
scott
Re: vbulletin<--3.0.x SQL Injection scott (Apr 24)
Sean Scott
RE: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup Sean Scott (Apr 25)
secfoc
Re: PHPList <= 2.10.2 remote commands execution secfoc (Apr 11)
Secunia Research
Secunia Research: AN HTTPD Script Source Disclosure Vulnerability Secunia Research (Apr 03)
Secunia Research: Servant Salamander unacev2.dll Buffer Overflow Vulnerability Secunia Research (Apr 28)
Secunia Research: SpeedProject Products ACE Archive Handling Buffer Overflow Secunia Research (Apr 26)
Secunia Research: Adobe Document Server for Reader Extensions Multiple Vulnerabilities Secunia Research (Apr 13)
secure
[Symantec Security Advisor] Symantec Scan Engine Multiple Vulnerabilities secure (Apr 21)
[Symantec Security Advisory] LiveUpdate for Macintosh Local Privilege Escalation Secure (Apr 18)
securiteam
SAXoPRESS - directory traversal securiteam (Apr 11)
Re: SAXoPRESS - directory traversal aka Saxotech Online securiteam (Apr 14)
security
[ MDKSA-2006:065 ] - Updated kaffeine packages fix remote buffer overflow vulnerability security (Apr 09)
[ MDKSA-2006:073 ] - Updated cyrus-sasl packages addresses vulnerability security (Apr 25)
[ MDKSA-2006:064 ] - Updated MySQL packages fix logging bypass vulnerability security (Apr 03)
[ MDKSA-2006:074 ] - Updated php packages address multiple vulnerabilities. security (Apr 25)
[ MDKSA-2006:075 ] - Updated mozilla-firefox packages fix numerous vulnerabilities security (Apr 25)
[ MDKSA-2006:067 ] - Updated clamav packages fix vulnerabilities security (Apr 09)
[ MDKSA-2006:062 ] - Updated dia packages fix buffer overflow vulnerabilities security (Apr 03)
[ MDKSA-2006:069 ] - Updated openvpn packages fix vulnerability security (Apr 11)
[ MDKSA-2006:066 ] - Updated FreeRADIUS packages fix off-by-one overflow vulnerabilty security (Apr 09)
[ MDKSA-2006:078 ] - Updated mozilla-thunderbird packages fix numerous vulnerabilities security (Apr 26)
[ MDKSA-2006:072 ] - Updated kernel packages fix multiple vulnerabilities security (Apr 18)
[ MDKSA-2006:076 ] - Updated mozilla packages fix numerous vulnerabilities security (Apr 26)
[ MDKSA-2006:079 ] - Updated ruby packages fix vulnerability security (Apr 26)
[ MDKSA-2006:070 ] - Updated openvpn packages fix vulnerability security (Apr 11)
[ MDKSA-2006:068 ] - Updated mplayer packages fix integer overflow vulnerabilities security (Apr 09)
[ MDKSA-2006:077 ] - Updated ethereal packages fix numerous vulnerabilities security (Apr 26)
[ MDKSA-2006:071 ] - Updated xscreensaver packages fix clear-text password vulnerability security (Apr 11)
security-alert
[security bulletin] HPSBMA02113 SSRT061148 rev.1 - HP Oracle for OpenView (OfO) Critical Patch Update April 2006 security-alert (Apr 27)
[security bulletin] HPSBUX02108 SSRT061133 rev.7 - HP-UX running Sendmail, Remote Execution of Arbitrary Code security-alert (Apr 19)
[security bulletin] HPSBUX02110 SSRT061110 rev.1 - HP-UX Running wu-ftpd Remote Denial of Service (DoS) security-alert (Apr 10)
[security bulletin] HPSBST02112 SSRT061129 rev.1 - HP StorageWorks Secure Path for Windows Remote Denial of Service (DoS) security-alert (Apr 20)
[security bulletin] HPSBUX02111 SSRT061132 rev.1 - HP-UX su(1) Local Unauthorized Access security-alert (Apr 10)
[security bulletin] HPSBUX02108 SSRT061133 rev.6 - HP-UX running Sendmail, Remote Execution of Arbitrary Code security-alert (Apr 13)
[security bulletin] HPSBUX02108 SSRT061133 rev.3 - HP-UX running Sendmail, Remote Execution of Arbitrary Code security-alert (Apr 09)
[security bulletin] HPSBPI2109 SSRT061141 rev.1 - HP Color LaserJet 2500 and 4600 Toolbox Running on Microsoft Windows Remote Unauthorized Disclosure of Information security-alert (Apr 04)
[security bulletin] HPSBUX02075 SSRT051074 rev.4 - HP-UX Running xterm Local Unauthorized Access security-alert (Apr 27)
[security bulletin] HPSBTU02095 SSRT051007 rev.3 - HP Tru64 UNIX Running DNS BIND4/BIND8 as Forwarders: Remote Unauthorized Privileged Access security-alert (Apr 20)
[security bulletin] HPSBUX02108 SSRT061133 rev.9 - HP-UX running Sendmail, Remote Execution of Arbitrary Code security-alert (Apr 27)
security curmudgeon
Re: Instant Photo Gallery <= Multiple XSS security curmudgeon (Apr 27)
selfar2002
AzDGVote File inclusion selfar2002 (Apr 11)
SaphpLesson 2.0 (forumid) Remote SQL Injection Exploit selfar2002 (Apr 13)
INDEXU <= 5.0.1 (theme_path)and (base_path) Remote File Inclusion Exploit selfar2002 (Apr 11)
phpWebSite 0.10.? (topics.php) Remote SQL Injection Exploit selfar2002 (Apr 13)
sh0rtie
Re: Another Internet Explorer Address Bar Spoofing Vulnerability sh0rtie (Apr 09)
shaun
Re: phpWebsite <= SQL Injection (friend.php) & (article.php) shaun (Apr 13)
Siegfried
Re: Mis-diagnosed XSS bugs hiding worse issues due to PHP feature Siegfried (Apr 01)
Re: [Full-disclosure] Mis-diagnosed XSS bugs hiding worse issues due to PHP feature Siegfried (Apr 01)
silentproducts
Myspace.com - Intricate Script Injection silentproducts (Apr 10)
simo64
Sire 2.0 Nws Remote File inclusion & Arbitary Files Upload simo64 (Apr 09)
Scry Gallery Directory Traversal & Full Path Disclosure Vulnerabilites simo64 (Apr 21)
Simon Boulet
Re: recursive DNS servers DDoS as a growing DDoS problem Simon Boulet (Apr 04)
sn4k3 . 23
CuteNews 1.4.1 <= Cross Site Scripting sn4k3 . 23 (Apr 19)
Confixx 3.1.2 <= SQL Injection sn4k3 . 23 (Apr 11)
Confixx 3.1.2 <= Cross Site Scripting Vuln sn4k3 . 23 (Apr 11)
somebody
Re: RE: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup somebody (Apr 19)
somerandomaddress99
Re: Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotaged hosts-file lookup somerandomaddress99 (Apr 19)
Soothackers
PatroNet CMS Xss Vuln Soothackers (Apr 13)
Clansys Multiple Xss Vulnerabilities Soothackers (Apr 13)
Sowhat
Realplayer .SWF Multiple Remote Memory Corruption Vulnerabilities Sowhat (Apr 11)
WinISO/UltraISO/MagicISO/PowerISO Directory Traversal Vulnerability Sowhat (Apr 28)
Microsoft Internet Explorer DBCS Remote Memory Corruption Vulnerability Sowhat (Apr 11)
sp3x
Re: Re: function *() php/apache Crash PHP 4.4.2 and 5.1.2 sp3x (Apr 14)
spam
Invision Vulnerabilities, including remote code execution spam (Apr 25)
spic
Re: VWar Path Disclosure spic (Apr 30)
SRC Telindus
[SRC-Telindus advisory] - HP System Management Homepage Remote Unauthorized Access SRC Telindus (Apr 11)
Stan Bubrouski
Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotaged hosts-file lookup Stan Bubrouski (Apr 14)
Stefan Cornelius
[ GLSA 200604-05 ] Doomsday: Format string vulnerability Stefan Cornelius (Apr 09)
[ GLSA 200604-02 ] Horde Application Framework: Remote code execution Stefan Cornelius (Apr 04)
[ GLSA 200604-01 ] MediaWiki: Cross-site scripting vulnerability Stefan Cornelius (Apr 04)
Stefan Lochbihler
Neon Responder (Dos,Exploit) Stefan Lochbihler (Apr 17)
stend
Re: IBM stend (Apr 13)
Steven M. Christey
Re: Recent Oracle exploit is _actually_ an 0day with no patch Steven M. Christey (Apr 28)
Re: Instant Photo Gallery <= Multiple XSS Steven M. Christey (Apr 27)
Re: FleXiBle Development Script Remote Command Exucetion And XSS Attacking Steven M. Christey (Apr 09)
Mis-diagnosed XSS bugs hiding worse issues due to PHP feature Steven M. Christey (Apr 01)
Re: On product vulnerability history and vulnerability complexity Steven M. Christey (Apr 04)
Re: function *() php/apache Crash PHP 4.4.2 and 5.1.2 Steven M. Christey (Apr 12)
Re: Invision Vulnerabilities, including remote code execution Steven M. Christey (Apr 26)
Re: On product vulnerability history and vulnerability complexity Steven M. Christey (Apr 03)
Re: CuteNews 1.4.1 <= Cross Site Scripting Steven M. Christey (Apr 20)
Re: Multiple vulnerabilities in Blur6ex Steven M. Christey (Apr 13)
Re: QuickBlogger v1.4 Cross-Site Scripting Steven M. Christey (Apr 15)
Steve VanDevender
Re: Flaw in commonly used bash random seed method Steve VanDevender (Apr 10)
stormhacker
SimpleBBS v1.1(posts.php) remote command execution stormhacker (Apr 13)
Sune Kloppenborg Jeppesen
[ GLSA 200604-13 ] fbida: Insecure temporary file creation Sune Kloppenborg Jeppesen (Apr 24)
[ GLSA 200604-10 ] zgv, xzgv: Heap overflow Sune Kloppenborg Jeppesen (Apr 21)
[ GLSA 200604-06 ] ClamAV: Multiple vulnerabilities Sune Kloppenborg Jeppesen (Apr 10)
[ GLSA 200604-17 ] Ethereal: Multiple vulnerabilities in protocol dissectors Sune Kloppenborg Jeppesen (Apr 27)
[ GLSA 200604-15 ] xine-ui: Format string vulnerabilities Sune Kloppenborg Jeppesen (Apr 26)
[ GLSA 200604-04 ] Kaffeine: Buffer overflow Sune Kloppenborg Jeppesen (Apr 09)
[ GLSA 200604-09 ] Cyrus-SASL: DIGEST-MD5 Pre-Authentication Denial of Service Sune Kloppenborg Jeppesen (Apr 21)
[ GLSA 200604-14 ] Dia: Arbitrary code execution through XFig import Sune Kloppenborg Jeppesen (Apr 24)
[ GLSA 200604-16 ] xine-lib: Buffer overflow vulnerability Sune Kloppenborg Jeppesen (Apr 26)
susam . pal
XSS Vulnerability in Guest-book script powered by Community Architect susam . pal (Apr 19)
susam_pal
SQL Injection in incredibleindia.org susam_pal (Apr 19)
t4h4
Phpwebgallery <= 1.4.1 SQL injection Vulnerability t4h4 (Apr 03)
tel
IE6 Crash tel (Apr 10)
testx444
Fortinet28 box does not resist has small synflood! testx444 (Apr 19)
the_day
[ECHO_ADV_31$2006] Sws Web Server 0.1.7 Strcpy() & Syslog() Format String Vulnerability the_day (Apr 28)
BL4's SMTP server BufferOverflow Vulnerable the_day (Apr 27)
theguywhocouldwipeyourphpBB
Re: Re: Re: phpBB 2.06 search.php SQL injection theguywhocouldwipeyourphpBB (Apr 01)
Theo de Raadt
Re: Strengthen OpenSSH security? Theo de Raadt (Apr 21)
Thierry Carrez
[ GLSA 200604-18 ] Mozilla Suite: Multiple vulnerabilities Thierry Carrez (Apr 28)
[ GLSA 200604-08 ] libapreq2: Denial of Service vulnerability Thierry Carrez (Apr 17)
[ GLSA 200604-11 ] Crossfire server: Denial of Service and potential arbitrary code execution Thierry Carrez (Apr 22)
[ GLSA 200604-07 ] Cacti: Multiple vulnerabilities in included ADOdb Thierry Carrez (Apr 14)
[ GLSA 200604-12 ] Mozilla Firefox: Multiple vulnerabilities Thierry Carrez (Apr 24)
Thierry Zoller
Re: [Full-disclosure] SEC Consult SA-20060314 :: Opera Browser CSS Attribute Integer Wrap / Buffer Overflow Thierry Zoller (Apr 14)
Thomas Guyot-Sionnest
RE: recursive DNS servers DDoS as a growing DDoS problem Thomas Guyot-Sionnest (Apr 04)
Thomas Hochstein
Re: redirection vuln crawlers breed & security through obscurity Thomas Hochstein (Apr 23)
Thor (Hammer of God)
Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup Thor (Hammer of God) (Apr 23)
Re: Bypassing ISA Server 2004 with IPv6 Thor (Hammer of God) (Apr 10)
Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup Thor (Hammer of God) (Apr 23)
Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup Thor (Hammer of God) (Apr 23)
Re: Re[3]: Bypassing ISA Server 2004 with IPv6 Thor (Hammer of God) (Apr 20)
Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup Thor (Hammer of God) (Apr 23)
Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup Thor (Hammer of God) (Apr 23)
Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup Thor (Hammer of God) (Apr 17)
Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup Thor (Hammer of God) (Apr 25)
Re: Re[2]: Bypassing ISA Server 2004 with IPv6 Thor (Hammer of God) (Apr 19)
Re: Bypassing ISA Server 2004 with IPv6 Thor (Hammer of God) (Apr 10)
Tim
Re: recursive DNS servers DDoS as a growing DDoS problem Tim (Apr 04)
Re: recursive DNS servers DDoS as a growing DDoS problem Tim (Apr 04)
Tom Ferris
Re: Apple Mac OS X Safari 2.0.3 Vulnerability Tom Ferris (Apr 25)
tranceformer
Re: Re: NETGEAR WGT624 Wireless DSL router default user name/password vulnerability tranceformer (Apr 14)
uid0
SQuery <= 4.5 Remote File Inclusion Exploit uid0 (Apr 01)
VWar <= 1.5.0 R12 Remote File Inclusion Exploit uid0 (Apr 03)
PHPNuke-Clan 3.0.1 Remote File Inclusion Exploit uid0 (Apr 01)
Victor Brilon
Re: Vulnerabilities in MOD Victor Brilon (Apr 15)
visitbipin
NOD32 local privilege escalation vulnerability visitbipin (Apr 04)
Vladimir Levijev
Re: google xss Vladimir Levijev (Apr 13)
W3 . _
Xss In bMachine 2٫7 W3 . _ (Apr 17)
Xss In SaphpLesson3.0 w3 . _ (Apr 09)
Xss In ar-blog v 5.2 W3 . _ (Apr 14)
xcon
Welcome to XCon2006 in China! xcon (Apr 09)
xx_hack_xx_2004
SQL Injection in Softbiz Image Gallery xx_hack_xx_2004 (Apr 03)
yamcho
DbbS<=2.0-alpha Multiple Vulnerabilities yamcho (Apr 17)
Yannick von Arx
[no subject] Yannick von Arx (Apr 27)
zachofalltrades
Re: Multiple Vulnerabilities in LucidCMS zachofalltrades (Apr 19)
zdi-disclosures
ZDI-06-008: Novell GroupWise Messenger Accept-Language Buffer Overflow zdi-disclosures (Apr 13)
ZDI-06-007: Microsoft Windows Address Book (WAB) File Format Parsing Vulnerability zdi-disclosures (Apr 11)
ZDI-06-011: Mozilla Firefox Table Rebuilding Code Execution Vulnerability zdi-disclosures (Apr 26)
ZDI-06-009: Mozilla Firefox Tag Parsing Code Execution Vulnerability zdi-disclosures (Apr 17)
ZDI-06-010: Mozilla Firefox CSS Letter-Spacing Heap Overflow Vulnerability zdi-disclosures (Apr 15)