Bugtraq: by thread

Previous period

Next period

564 messages starting Jul 01 06 and ending Jul 31 06
Date index | Thread index | Author index

NewsPHP 2006 PRO XSS SQL injection Vulnerability securityconnection (Jul 01)
News <= 5.2 XSS, SQL Injection, Full Path Disclosure gmdarkfig (Jul 01)
Re: [Full-disclosure] Re[2]: Is Windows TCP/IP source routing PoC code available? 3APA3A (Jul 01)
phpBB 2.0.21 Full Path Disclosure xzerox (Jul 01)
Re: PHP security (or the lack thereof) Kevin Waterson (Jul 01)
- <Possible follow-ups>
- Re: PHP security (or the lack thereof) Dan Falconer (Jul 05)
  - Re: PHP security (or the lack thereof) Darren Reed (Jul 10)
RE: [Full-disclosure] Browser bugs hit IE, Firefox today (SANS) Schmehl, Paul L (Jul 01)
Re: Browser bugs hit IE, Firefox today (SANS) Alex Potter (Jul 01)
- Re: Browser bugs hit IE, Firefox today (SANS) Thor Larholm (Jul 04)
  - Re: Browser bugs hit IE, Firefox today (SANS) Paul Szabo (Jul 05)
  - Re: Browser bugs hit IE, Firefox today (SANS) 3CO (Jul 12)
Re: Msie 7.0 beta Crash mike (Jul 01)
[security bulletin] HPSBUX02128 SSRT5996 - rev.1 HP-UX mkdir(1) Local Unauthorized Access security-alert (Jul 01)
[security bulletin] HPSBUX02103 SSRT5953 rev.3 - HP-UX passwd(1) Local Denial of Service (DoS) security-alert (Jul 01)
Buddy Zone Version 1.0.1 - XSS luny (Jul 01)
- <Possible follow-ups>
- Re: Buddy Zone Version 1.0.1 - XSS support (Jul 15)
mAds v1.0 lunY (Jul 01)
phpMyAdmin : Cross-Site Scripting Vulnerability bug () securitynews ir (Jul 01)
DEF CON 14: Speakers Selected and more. The Dark Tangent (Jul 01)
OPERA Web Browser 9 Denial OF Service y3dips (Jul 01)
Internet Crna Gora SQL Injection Breeeeh (Jul 01)
SmS Script SQL Injection Breeeeh (Jul 01)
Sql injection in Diesel joke site script black code (Jul 01)
SturGeoN Upload v1 Remote Command Execution Exploit gmdarkfig (Jul 01)
Whitepaper: IT (in)security implementation in a real world example Denis Jedig (Jul 03)
Php-Fusion (Xss) With Avatar Upload zeberus_ (Jul 03)
Glossaire<<--v1.7 Remote File Include CrAzY . CrAcKeR (Jul 03)
call for papers - IT Underground, Italy 2006 it_underground (Jul 03)
[MajorSecurity #19] AutoRank <= 5.01 - Multiple XSS and cookie disclosure admin (Jul 03)
WordPress 2.0.3 SQL Error and Full Path Disclosure xzerox (Jul 03)
- Re: WordPress 2.0.3 SQL Error and Full Path Disclosure James Davis (Jul 04)
- Re: WordPress 2.0.3 SQL Error and Full Path Disclosure Jaroslaw Sajko (Jul 04)
- <Possible follow-ups>
- Re: WordPress 2.0.3 SQL Error and Full Path Disclosure zck zck (Jul 12)
  - RE: WordPress 2.0.3 SQL Error and Full Path Disclosure Aaron Newman (Jul 13)
    - Re: WordPress 2.0.3 SQL Error and Full Path Disclosure nate (Jul 15)
- Re: WordPress 2.0.3 SQL Error and Full Path Disclosure jholguin (Jul 15)
plume-cms v1.0.4 Multiple Remote File include KARKOR23 (Jul 03)
Pearl Products Multiple Remote File Inclusion xzerox (Jul 03)
free QBoard v1.1 Multiple Remote File include KARKOR23 (Jul 03)
Re: [Full Disclosure] [Kil13r-SA-20060701-2] MoniWiki 1.1.1 Cross-Site Scripting Vulnerability mac68k (Jul 03)
Multiple vulnerabilities in TK8 Safe v.3.0.5 clappymonkey (Jul 03)
popup Vacation Rentals[calendar_year.php] SQL Injection BoNy-m (Jul 03)
QTOFileManager 1.0 securityconnection (Jul 03)
Invision Power Board v1.3 Final SQL Injection Breeeeh (Jul 03)
- <Possible follow-ups>
- Re: Invision Power Board v1.3 Final SQL Injection mattmecham (Jul 10)
Contact for nhl.com C. Hamby (Jul 03)
Excel 2000/XP/2003 Style 0day POC nanika (Jul 03)
5 php scripts remote database password disclosure gmdarkfig (Jul 03)
Call For Papers - No cON Name 2006 Edition Spain deese (Jul 03)
[ GLSA 200607-01 ] mpg123: Heap overflow Sune Kloppenborg Jeppesen (Jul 03)
ZoneAlarm Insufficient protection of registry key 'VETFDDNT\Enum' Vulnerability David Matousek (Jul 03)
imgsvr dos exploit by n00b co296 (Jul 03)
TBE 4.0 XSS securityconnection (Jul 03)
[scip_Advisory 2351] Kyberna AG ky2help various form fields SQL Injection Marc Ruef (Jul 04)
galleria <= 1.0 Remote File Inclusion Vulnerability ineal (Jul 04)
- <Possible follow-ups>
- Re: galleria <= 1.0 Remote File Inclusion Vulnerability counterpoint (Jul 10)
[scip_Advisory 2352] F5 FirePass 4100 prior 6.x multiple Cross Site Scripting Marc Ruef (Jul 04)
file include exploits in randshop v1.2 black code (Jul 04)
- Re: file include exploits in randshop v1.2 Rainer Duffner (Jul 04)
PhpWebGallery Cross Site Scripting Vulnerability iss4m . h (Jul 04)
[Bugtraq] Re: flock d0s exploit remote. beta 1 (v0.7) . myke lyons (Jul 04)
- <Possible follow-ups>
- Re: [Bugtraq] Re: flock d0s exploit remote. beta 1 (v0.7) flockoyd (Jul 08)
Invision Power Board "v1.X & 2.X" SQL Injection CrAzY . CrAcKeR (Jul 05)
- <Possible follow-ups>
- Re: Invision Power Board "v1.X & 2.X" SQL Injection mattmecham (Jul 10)
Shopping Cart V0.9 luny (Jul 05)
Windows Explorer URL File format overflow nanika (Jul 05)
- Re: Windows Explorer URL File format overflow naveed (Jul 10)
Touch arbitrary file execute vulnerability Alex Park (Jul 05)
sNews 1.3 XSS SQL securityconnection (Jul 05)
BLOG:CMS 4.1.0 SQL injection File Include Vulnerability securityconnection (Jul 05)
[ MDKSA-2006:116 ] - Updated kernel packages fixes multiple vulnerabilities security (Jul 05)
- Re: [ MDKSA-2006:116 ] - Updated kernel packages fixes multiple vulnerabilities Paul Starzetz (Jul 10)
vBulletin 3.5.4 (install_path) Exploit CarcaBotx (Jul 05)
- <Possible follow-ups>
- Re: vBulletin 3.5.4 (install_path) Exploit mikathebest2003 (Jul 06)
- Re: vBulletin 3.5.4 (install_path) Exploit scott (Jul 06)
- Re: Re: vBulletin 3.5.4 (install_path) Exploit mikathebest2003 (Jul 10)
  - RE: Re: vBulletin 3.5.4 (install_path) Exploit Robert Marquardt (Jul 15)
TigerTom Scripts luny (Jul 05)
[SECURITY] [DSA 1104-2] New OpenOffice.org packages fix arbitrary code execution Martin Schulze (Jul 06)
Public Advisory: Horde 3.1.1, 3.0.10 Multiple Security Issues Moritz Naumann (Jul 06)
[USN-308-1] shadow vulnerability Martin Pitt (Jul 06)
[USN-309-1] libmms vulnerability Martin Pitt (Jul 06)
[USN-310-1] ppp vulnerability Martin Pitt (Jul 06)
Major updates to Excel 0-day Vulnerability FAQ at SecuriTeam Blogs Juha-Matti Laurio (Jul 07)
Various heap and stack overflow bugs in AdPlug library 2.0 (CVS 04 Jul 2006) Luigi Auriemma (Jul 07)
McAfee VirusScan Enterprise 8.0.0 Buffer Overflow johndoe1529 (Jul 07)
Mico crashes when contected with wrong IOR / DoS tuergeist (Jul 07)
- <Possible follow-ups>
- Re: Mico crashes when contected with wrong IOR / DoS Karel Gardas (Jul 10)
  - Re: Mico crashes when contected with wrong IOR / DoS tuergeist (Jul 10)
    - Re: Mico crashes when contected with wrong IOR / DoS Karel Gardas (Jul 10)
    - Gracenote buffer overflow MNV (Jul 15)
- Re: Mico crashes when contected with wrong IOR / DoS tuergeist (Jul 10)
TSLSA-2006-0040 - kernel Trustix Security Advisor (Jul 07)
WebEx Downloader Plug-in Multiple Vulnerabilities + rant Mark Litchfield (Jul 07)
- Re: WebEx Downloader Plug-in Multiple Vulnerabilities + rant Mark Rowe (Jul 14)
  - Re: WebEx Downloader Plug-in Multiple Vulnerabilities + rant Mark Litchfield (Jul 18)
- <Possible follow-ups>
- RE: WebEx Downloader Plug-in Multiple Vulnerabilities + rant Web Ex (Jul 10)
PHP-Blogger Multiple Cross Site Scripting Vulnerabilities OS2A BTO (Jul 07)
[ECHO_ADV_36$2006] ExtCalendar <== v2.0 Remote File Include Vulnerabilities matdhule (Jul 07)
ATutor : Cross-Site Scripting Vulnerabilities bug () securitynews ir (Jul 07)
Possible code execution in Kaillera 0.86 Luigi Auriemma (Jul 07)
rPSA-2006-0122-1 kernel Justin M. Forbes (Jul 07)
- Re: rPSA-2006-0122-1 kernel Paul Starzetz (Jul 10)
PBL Guestbook <= 1.32 XSS & SQL Querys Vulnerabilities paisterist . nst (Jul 07)
Format string bug in Sparklet 0.9.4try3 Luigi Auriemma (Jul 07)
[ MDKSA-2006:117 ] - Updated libmms packages fix buffer overflow vulnerability security (Jul 07)
HostingController: An attacker can gain reseller privileges and after that can gain admin privileges Irsdl (Jul 07)
Sport-slo.net Guestbook v1.0 luny (Jul 07)
IBM AIX Security contact? Joxean Koret (Jul 07)
- Re: IBM AIX Security contact? Troy Bollinger (Jul 07)
Pivot <=1.30rc2 privilege escalation / remote commands execution rgod (Jul 07)
[SECURITY] [DSA 1105-1] New xine-lib packages fix denial of service Martin Schulze (Jul 07)
lintah_|adv|_01@2006>=========<[Aura-CMS v1.62]<===>[XSS vulnerable]&[bug] k07iX (Jul 07)
ZDI-06-021: WebEx Downloader Plug-in Code Execution Vulnerability zdi-disclosures (Jul 07)
[ MDKSA-2006:118 ] - Updated OpenOffice.org packages fix various vulnerabilities security (Jul 08)
PAPOO <=3RC3 sql injection / admin credentials disclosure rgod (Jul 08)
[KAPDA::#46] - AjaxPortal Authentication Bypass alireza hassani (Jul 08)
- <Possible follow-ups>
- Re: [KAPDA::#46] - AjaxPortal Authentication Bypass earthquake (Jul 10)
ATutor 1.5.3 Cross Site Scripting securityconnection (Jul 08)
- <Possible follow-ups>
- Re: ATutor 1.5.3 Cross Site Scripting info (Jul 12)
- Re: ATutor 1.5.3 Cross Site Scripting Steven M. Christey (Jul 22)
RW::Download stats.php Remote File Inc. StorMBoY (Jul 08)
[ GLSA 200607-03 ] libTIFF: Multiple buffer overflows Sune Kloppenborg Jeppesen (Jul 10)
Webvizyon Portal 2006 Version SQL Injection StorMBoY (Jul 10)
Securing PHP or finding PHP alternatives (was: PHP security (or the lack thereof)) Gezim Hoxha (Jul 10)
- Re: Securing PHP or finding PHP alternatives Crispin Cowan (Jul 10)
  - Re: Securing PHP or finding PHP alternatives SkyFlash (Jul 15)
    - Re: Securing PHP or finding PHP alternatives Crispin Cowan (Jul 18)
  - Re: Securing PHP or finding PHP alternatives Sheryl Coppenger (Jul 15)
    - Re: Securing PHP or finding PHP alternatives Crispin Cowan (Jul 22)
    - Re: Securing PHP or finding PHP alternatives Michael Cordover (Jul 22)
- Re: Securing PHP or finding PHP alternatives Michael Shigorin (Jul 15)
- Re: Securing PHP or finding PHP alternatives (was: PHP security (or the lack thereof)) Matthias Kestenholz (Jul 15)
- Re: Securing PHP or finding PHP alternatives (was: PHP security (or the lack thereof)) Meet Myself on the Internet (Jul 15)
Graffiti Forums v1.0 SQL Injection Vulnerabilities paisterist . nst (Jul 10)
[ GLSA 200607-04 ] PostgreSQL: SQL injection Sune Kloppenborg Jeppesen (Jul 10)
MT rmcek Toplist v2.2 Version Microsoft Access Driver ( MDB ) Download StorMBoY (Jul 10)
LAMP vs Microsoft Darren Reed (Jul 10)
- Re: LAMP vs Microsoft Jarrod Frates (Jul 10)
- Re: LAMP vs Microsoft Bob Beck (Jul 10)
  - Re: LAMP vs Microsoft Darren Reed (Jul 15)
    - Re: LAMP vs Microsoft Bob Beck (Jul 15)
    - Re: LAMP vs Microsoft Darren Reed (Jul 15)
    - Re: LAMP vs Microsoft Bob Beck (Jul 15)
    - Re: LAMP vs Microsoft Bob Beck (Jul 18)
    - Re: LAMP vs Microsoft Darren Reed (Jul 22)
    - Re: LAMP vs Microsoft George Capehart (Jul 18)
    - Re: LAMP vs Microsoft Darren Reed (Jul 18)
    - Re: LAMP vs Microsoft Hugo van der Kooij (Jul 18)
  - Re: LAMP vs Microsoft Joel Maslak (Jul 15)
- <Possible follow-ups>
- Re: LAMP vs Microsoft Steven M. Christey (Jul 12)
Re: RE: Invision Vulnerabilities, including remote code execution mattmecham (Jul 10)
ERNW Security Advisory 02/2006 - Buffer Overflow in sipXtapi (used in AOL Triton) mozilla (Jul 10)
- Message not available
  - Re: [Full-disclosure] ERNW Security Advisory 02/2006 - Buffer Overflow in sipXtapi (used in AOL Triton) Mailinglists (Jul 15)
[ECHO_ADV_37$2006] pc_cookbook Mambo/Joomla Component <= v0.3 Remote File Include Vulnerabilities matdhule (Jul 10)
[SECURITY] [DSA 1106-1] New ppp packages fix privilege escalation Martin Schulze (Jul 10)
phpPolls 1.0.3 Administration ByPass alp_eren (Jul 10)
[USN-312-1] gimp vulnerability Martin Pitt (Jul 10)
RE: MIMESweeper For Web 5.X Cross Site Scripting Erez Metula (Jul 10)
- <Possible follow-ups>
- RE: MIMESweeper For Web 5.X Cross Site Scripting Erez Metula (Jul 15)
CC announces new Rootkit help forum insync with Book Paul Laudanski (Jul 10)
MS Word Unchecked Boundary Condition Vulnerability naveed (Jul 10)
Digital Armaments Security Advisory 10.07.2006: Flexwath Authorization Bypassing and XSS Vulnerability info (Jul 10)
- <Possible follow-ups>
- Re: Digital Armaments Security Advisory 10.07.2006: Flexwath Authorization Bypassing and XSS Vulnerability sales (Jul 22)
Webmin / Usermin Arbitrary File Disclosure Vulnerability exploit Alexander Hristov (Jul 10)
- Re: Webmin / Usermin Arbitrary File Disclosure Vulnerability exploit José Parrella (Jul 15)
  - Re: Webmin / Usermin Arbitrary File Disclosure Vulnerability exploit str0ke (Jul 18)
Local file inclusion in Farsinews3.0BETA1 armin390 (Jul 10)
Old vulnerable sotwares collection Jerome Athias (Jul 10)
- <Possible follow-ups>
- RE: Old vulnerable sotwares collection John Rigali (Jul 12)
[ANNOUNCEMENT] Samba 3.0.1 - 3.0.22: memory exhaustion DoS against smbd Gerald (Jerry) Carter (Jul 10)
- Re: [ANNOUNCEMENT] Samba 3.0.1 - 3.0.22: memory exhaustion DoS against smbd Gerald (Jerry) Carter (Jul 12)
[SECURITY] [DSA 1107-1] New GnuPG packages fix denial of service Martin Schulze (Jul 10)
randshop <= 1.1.x (index.php) Remote File Inclusion Vulnerability Saudi . Unix (Jul 10)
Juniper Networks DX Web Administration Persistent System Log XSS Vulnerability Darren Bounds (Jul 10)
[ GLSA 200607-02 ] FreeType: Multiple integer overflows Sune Kloppenborg Jeppesen (Jul 10)
[ GLSA 200607-05 ] SHOUTcast server: Multiple vulnerabilities Sune Kloppenborg Jeppesen (Jul 10)
- Re: [ GLSA 200607-05 ] SHOUTcast server: Multiple vulnerabilities Cyneox (Jul 15)
SYMSA-2006-007: Microsoft Office Malformed String Parsing Vulnerability research (Jul 11)
CYBSEC - Security Pre-Advisory: Microsoft Windows DHCP Client Service Remote Buffer Overflow Mariano Nuñez Di Croce (Jul 11)
TSRT-06-02: Microsoft SRV.SYS Mailslot Ring0 Memory Corruption Vulnerability Tippingpoint Security Research Team (Jul 11)
ZDI-06-022: Microsoft Office Excel File Rebuilding Code Execution Vulnerability zdi-disclosures (Jul 11)
[USN-313-1] OpenOffice.org vulnerabilities Martin Pitt (Jul 12)
[USN-316-1] installer vulnerability Martin Pitt (Jul 12)
[USN-315-1] libmms, xine-lib vulnerabilities Martin Pitt (Jul 12)
Cisco Security Advisory: Multiple Cisco Unified CallManager Vulnerabilities Cisco Systems Product Security Incident Response Team (Jul 12)
Cisco Security Advisory: Cisco Router Web Setup Ships with Insecure Default IOS Configuration Cisco Systems Product Security Incident Response Team (Jul 12)
[ MDKA-2006:119 ] - Updated ppp packages fix plugin vulnerability security (Jul 12)
SQuery <= 4.5(libpath) Remote File Inclusion Exploit SHiKaA- (Jul 12)
[USN-314-1] samba vulnerability Martin Pitt (Jul 12)
Cisco Security Advisory: Cisco Intrusion Prevention System Malformed Packet Denial of Service Cisco Systems Product Security Incident Response Team (Jul 12)
rPSA-2006-0128-1 samba samba-swat Justin M. Forbes (Jul 12)
Fuzzing Microsoft Office naveed (Jul 12)
SMB Information Disclosure Vulnerability Avert (Jul 12)
[SECURITY] [DSA 1108-1] New mutt packages fix arbitrary code execution Moritz Muehlenhoff (Jul 12)
Microsoft Excel Array Index Error Remote Code Execution Sowhat (Jul 12)
Linux Kernel 2.6.x PRCTL Core Dump Handling - Local r00t Exploit ( BID 18874 / CVE-2006-2451 ) Roman Medina-Heigl Hernandez (Jul 12)
- Message not available
  - Re: [Full-disclosure] Re: Linux Kernel 2.6.x PRCTL Core Dump Handling - Local r00t Exploit ( BID 18874 / CVE-2006-2451 ) Jon Hart (Jul 15)
[ MDKSA-2006:117-1 ] - Updated libmms packages fix buffer overflow vulnerability security (Jul 12)
NSFOCUS SA2006-04 : Microsoft Office GIF Filter Buffer Overflow Vulnerability NSFOCUS Security Team (Jul 12)
TOPo v.2.2.178 Account Reset darkz . gsa (Jul 12)
S21Sec-032-en: Vulnerability in Fatwire Content Server labs (Jul 12)
Lazarus Guestbook Cross Site Scripting Vulnerabilities simo64 (Jul 12)
[ MDKSA-2006:120 ] - Updated samba packages fix DoS vulnerability security (Jul 12)
NSFOCUS SA2006-06 : Microsoft Excel COLINFO Record Buffer Overflow Vulnerability NSFOCUS Security Team (Jul 12)
New CVE number states Excel Style handling as a separate issue Juha-Matti Laurio (Jul 12)
Re: # MHG Security Team --- PHPAskIt v2.0.1 Remote File Inc. Amelie (Jul 12)
- <Possible follow-ups>
- Re: # MHG Security Team --- PHPAskIt v2.0.1 Remote File Inc. amelie (Jul 12)
NSFOCUS SA2006-05 : Microsoft Excel SELECTION Record Memory Corruption Vulnerability NSFOCUS Security Team (Jul 12)
FLV Players Multiple Input Validation Vulnerabilities xzerox (Jul 12)
[ MDKSA-2006:121 ] - Updated xine-lib packages fix buffer overflow vulnerability security (Jul 12)
[ECHO_ADV_38$2006] Multiple Mambo/Joomla Component Remote File Include Vulnerabilities matdhule (Jul 13)
- Re: [ECHO_ADV_38$2006] Multiple Mambo/Joomla Component Remote File Include Vulnerabilities Joxean Koret (Jul 13)
SYMSA-2006-004 (Full Details): Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution research (Jul 13)
[USN-317-1] zope2.8 vulnerability Martin Pitt (Jul 13)
Photocycle v1.0 - XSS luny (Jul 13)
- <Possible follow-ups>
- Re: Photocycle v1.0 - XSS securityfocus (Jul 14)
ScozNews Final-Php <=1.1 Remote File Inclusion Vulnerability x0r0n (Jul 13)
Orbitmatrix PHP Script v1.0 luny (Jul 13)
Flipper Poll <= 1.1.0 Remote File Inclusion Vulnerability x0r0n (Jul 13)
[USN-318-1] libtunepimp vulnerability Martin Pitt (Jul 13)
[ MDKSA-2006:122 ] - Updated php packages fix multiple vulnerabilities security (Jul 13)
flatnuke <= 2.5.7 arbitrary php file upload rgod (Jul 13)
PHORUM 5 arbitrary local inclusion rgod (Jul 13)
phpbb 3.x sql injection (with global moderator rights) rgod (Jul 13)
- <Possible follow-ups>
- Re: phpbb 3.x sql injection (with global moderator rights) bugtraq (Jul 15)
[ MDKSA-2006:123 ] - Updated kernel packages fixes multiple vulnerabilities security (Jul 13)
perForms <= 1.0 ([mosConfig_absolute_path]) Remote File Inclusion endeneu (Jul 13)
[security bulletin] HPSBUX02120 SSRT051057 rev.2 - HP-UX Local Denial of Service (DoS) security-alert (Jul 13)
rPSA-2006-0122-2 kernel Justin M. Forbes (Jul 13)
- Linux Kernel 2.6.x PRCTL Core Dump Handling -- Simple workaround Caveo Internet BV - Security (Jul 14)
  - Re: Linux Kernel 2.6.x PRCTL Core Dump Handling -- Simple workaround Hugo van der Kooij (Jul 14)
  - Re: Linux Kernel 2.6.x PRCTL Core Dump Handling -- Simple workaround Michael Shigorin (Jul 15)
  - Re: Linux Kernel 2.6.x PRCTL Core Dump Handling -- Simple workaround Lukasz Trabinski (Jul 15)
    - Re: Linux Kernel 2.6.x PRCTL Core Dump Handling -- Simple workaround Michal Zalewski (Jul 18)
IE <= 6 DoS vulnerability jonasschaub (Jul 14)
Phorum 5.1.15 security release (fixes "PHORUM 5 arbitrary local inclusion") Maurice Makaay (Jul 14)
Microsoft Works - Buffer Overflows / Denial of Service (DoS)-Vulnerabilities Benjamin Tobias Franz (Jul 14)
EEYE: McAfee ePolicy Orchestrator Remote Compromise eEye Advisories (Jul 14)
Bybass HTTP ( extension files ) in ISA 2004 medozero (Jul 15)
- Re: Bybass HTTP ( extension files ) in ISA 2004 Thor (Hammer of God) (Jul 17)
- <Possible follow-ups>
- RE: Bybass HTTP ( extension files ) in ISA 2004 Edward Tripovich (Jul 17)
- Re: Bybass HTTP ( extension files ) in ISA 2004 medozero (Jul 18)
  - Re: Bybass HTTP ( extension files ) in ISA 2004 Thor (Hammer of God) (Jul 19)
- Re: Bybass HTTP ( extension files ) in ISA 2004 medozero (Jul 18)
MS Power Point Multiple Vulnerabilities (powerpnt.exe)- POC naveed (Jul 15)
MS Power Point Multiple Vulnerabilities - (mso.dll) POC naveed (Jul 15)
MS Power Point Multiple Vulnerabilities - (memory corruption) POC naveed (Jul 15)
Norton Insufficient protection of Norton service registry keys David Matousek (Jul 15)
Kerio Terminating 'kpf4ss.exe' using internal runtime error Vulnerability David Matousek (Jul 15)
Linux sys_prctl LKM based hotfix Abhisek Datta (Jul 15)
crashing firefox <= 1.5.0.4 reywen (Jul 15)
- <Possible follow-ups>
- Re: crashing firefox <= 1.5.0.4 bugtraq (Jul 18)
saphp "add.php" forumid Parameter SQL Injection Breeeeh (Jul 15)
XSS phpBB 2.0.21 in administration renatrix (Jul 15)
- Re: XSS phpBB 2.0.21 in administration Jessica Hope (Jul 18)
  - RE: XSS phpBB 2.0.21 in administration David Thomson (Jul 22)
    - Re: XSS phpBB 2.0.21 in administration Jessica Hope (Jul 22)
  - Message not available
    - Re: XSS phpBB 2.0.21 in administration Jessica Hope (Jul 22)
MyGallery "Room.php" SQL Injection Breeeeh (Jul 15)
Rocks Clusters <=4.1 local root Xavier (Jul 15)
[SECURITY] Plain text password in Finjan Appliance 5100/8100 NG backup file finde_schwachstelle (Jul 15)
Phorum 5.1.14 XSS SQL injection Vulnerability securityconnection (Jul 15)
- Re: Phorum 5.1.14 XSS SQL injection Vulnerability Maurice Makaay (Jul 17)
MiniBB Forum <= 1.5a Remote File Include Vulnerabilities matdhule (Jul 15)
SubberZ[Lite] - Remote File Include ChironeX . FleckeriX (Jul 15)
- <Possible follow-ups>
- Re: SubberZ[Lite] - Remote File Include the . jalal (Jul 22)
VBZooM <=V1.11 " reply.php" SQL Injection Breeeeh (Jul 15)
VBZooM <=V1.11 " ignore-pm.php" SQL Injection Breeeeh (Jul 15)
Microsoft PowerPoint 0-day Vulnerability FAQ document written Juha-Matti Laurio (Jul 15)
Crtical Shockwave Embeded XSS Execution spammeanddie (Jul 15)
VBZooM <=V1.11 "sub-join.php" SQL Injection Breeeeh (Jul 15)
[OpenPKG-SA-2006.013] OpenPKG Security Advisory (mutt) OpenPKG (Jul 15)
Fantastic Guestbook v2.0.1 Advisory omnipresent (Jul 15)
VBZooM "sendmail.php" SQL Injection Breeeeh (Jul 15)
Invision Power Board 2.1 <= 2.1.6 sql injection rst (Jul 15)
- Re: Invision Power Board 2.1 <= 2.1.6 sql injection paul dansing (Jul 18)
  - Re: Invision Power Board 2.1 <= 2.1.6 sql injection str0ke (Jul 18)
- <Possible follow-ups>
- Re: Invision Power Board 2.1 <= 2.1.6 sql injection mattmecham (Jul 18)
- Re: Re: Invision Power Board 2.1 <= 2.1.6 sql injection paul14075 (Jul 18)
MyBulletinBoard (MyBB) 1.1.5 'CLIENT-IP' sql injection rgod (Jul 15)
Mercury Messenger Hans Wolters (Jul 17)
Several updates in MS PowerPoint 0-day Vulnerability FAQ at SecuriTeam Blogs Juha-Matti Laurio (Jul 17)
PHP Event Calendar versi 1.4 (path_to_calendar) Remote File Inclusion chris_hasibuan (Jul 17)
Calendar Module <= 1.5.7 Remote File Include Vulnerabilities matdhule (Jul 17)
Plesk Control Panel <= 8.0.0 XSS vulnerability vuln . invent (Jul 17)
Secunia Research: IceWarp Web Mail Two File Inclusion Vulnerabilities Secunia Research (Jul 17)
[SECURITY] [DSA 1109-1] New rssh packages fix privilege escalation Moritz Muehlenhoff (Jul 17)
rPSA-2006-0130-1 kernel Justin M. Forbes (Jul 17)
[EEYEB-20060227] D-Link Router UPNP Stack Overflow eEye Advisories (Jul 17)
- Re: [EEYEB-20060227] D-Link Router UPNP Stack Overflow scott (Jul 22)
- Re: [EEYEB-20060227] D-Link Router UPNP Stack Overflow solutions_PHP (Jul 31)
- <Possible follow-ups>
- Re: [EEYEB-20060227] D-Link Router UPNP Stack Overflow kala_z (Jul 22)
  - RE: [EEYEB-20060227] D-Link Router UPNP Stack Overflow m (Jul 22)
Secunia Research: VisNetic Mail Server Two File Inclusion Vulnerabilities Secunia Research (Jul 17)
[SECURITY] [DSA 1110-1] New samba packages fix denial of service Moritz Muehlenhoff (Jul 17)
Secunia Research: BitZipper unacev2.dll Buffer Overflow Vulnerability Secunia Research (Jul 17)
PacSec 2006 CALL FOR PAPERS (Deadline Aug. 4; Event Nov. 27-30) Dragos Ruiu (Jul 17)
boastMachine <= 3.1 SQL Injection Exploit gmdarkfig (Jul 17)
ListMessenger v0.9.3 Remote File Inclusion Vulnerability x0r0n (Jul 17)
Multiple vulnerabilities in UFO2000 svn 1057 Luigi Auriemma (Jul 17)
[SECURITY] [DSA 1111-1] New Linux kernel 2.6.8 packages fix privilege escalation Moritz Muehlenhoff (Jul 17)
About the latest three Powerpoint vulnerabilities: exploitable? ewt (Jul 18)
[SECURITY] [DSA 1112-1] New mysql-dfsg-4.1 packages fix denial of service Moritz Muehlenhoff (Jul 18)
ToorCon 2006 Call for Papers h1kari () toorcon org (Jul 18)
RUXCON 2006 Final Call For Papers cfp (Jul 18)
[USN-319-1] Linux kernel vulnerability Martin Pitt (Jul 18)
New Article Mambo Component <= 1.0 (com_articles.php) Remote File Include Vulnerabilities matdhule (Jul 18)
Unauthenticated access to BT Voyager config file and PPP credentials embedded in HTML form pagvacito (Jul 18)
23rd Chaos Communication Congress 2006: Call for Participation fukami (Jul 18)
Calendar Mambo Module <= 1.5.7 Remote File Include Vulnerabilities matdhule (Jul 18)
Cross Site Scripting Vulnerability in Zoho Virtual Office ss_team (Jul 18)
[KAPDA::#52] - PHP-Post 1.0 Cookie Modification Privilege Escalation Vulnerability farhadkey (Jul 18)
Professional PHP Tools Guestbook Multiple Vulnerabilities tamriel (Jul 18)
[ MDKSA-2006:124 ] - Updated kernel packages fix privilege escalation vulnerability security (Jul 18)
ToendaCMS <= 1.0.0 arbitrary file upload rgod (Jul 18)
Keyif Portal v2.0 - Microsoft Access Driver ( MDB ) Download x0r0n (Jul 18)
Outpost Firewall Pro secrately fixing security flaws? Bipin Gautam (Jul 18)
DeluxeBB mutiple vulnerabilities Jessica Hope (Jul 18)
$100 plus several of my books if you can crack my Windows password hashes. Roger A. Grimes (Jul 18)
- <Possible follow-ups>
- RE: $100 plus several of my books if you can crack my Windows password hashes. Roger A. Grimes (Jul 22)
- RE: $100 plus several of my books if you can crack my Windows password hashes. Michael Scheidell (Jul 22)
  - RE: $100 plus several of my books if you can crack my Windows password hashes. Roger A. Grimes (Jul 22)
Oracle Database - SQL Injection in SYS.KUPW$WORKER [DB03] ak (Jul 18)
Oracle Database - SQL Injection in SYS.DBMS_CDC_IMPDP [DB01] ak (Jul 18)
WebScarab <= 20060621-0003 cross site scripting security (Jul 18)
RE: [lists] Re: PHP security (or the lack thereof) Curt Purdy (Jul 18)
[SECURITY] [DSA 1113-1] New zope2.7 packages fix information disclosure Moritz Muehlenhoff (Jul 18)
PcAnywhere > 12 Local Privilege Escalation root (Jul 18)
Consumers of Broadband Providers (ISP) may be open to hijack attacks peter_philipp (Jul 18)
ExtCalendar Mambo Module <= v2( extcalendar.php ) Remote File Include Vulnerabilities saudi . unix (Jul 18)
- <Possible follow-ups>
- Re: ExtCalendar Mambo Module <= v2( extcalendar.php ) Remote File Include Vulnerabilities matdhule (Jul 22)
Oracle Database - SQL Injection in SYS.DBMS_UPGRADE [DB22] ak (Jul 18)
Invision Power Board v2.1 <= 2.1.6 sql injection exploit paul14075 (Jul 18)
Oracle Database - SQL Injection in SYS.DBMS_STATS [DB21] ak (Jul 18)
[security bulletin] HPSBTU02132 SSRT061154 rev.1 - HP Tru64 UNIX running NIS ypserv, Remote Denial of Service (DoS) security-alert (Jul 18)
hdweGUEST <= 2.1.1 Cross Site Scripting Vulnerabilities tamriel (Jul 18)
ASP.DLL Include File Buffer Overflow Brett Moore (Jul 18)
Escalation of privileges in Outpost and Lavasoft Firewalls -Unusual ShellExecute behavior mullware (Jul 18)
osDate 1.1.7 multiple vulnerabilities binary . loc (Jul 18)
- <Possible follow-ups>
- Re: osDate 1.1.7 multiple vulnerabilities binary . loc (Jul 19)
Webmin / Usermin Arbitrary File Disclosure Vulnerability Perl Alexander Hristov (Jul 18)
New PowerPoint Trojan installs itself as LSP Juha-Matti Laurio (Jul 19)
- Re: New PowerPoint Trojan installs itself as LSP Mike Healan (Jul 22)
[USN-320-1] PHP vulnerabilities Martin Pitt (Jul 19)
[ MDKSA-2006:125 ] - Updated webmin packages fix arbitray file read vulnerability. security (Jul 19)
[ MDKSA-2006:127 ] - Updated gimp packages fix buffer overflow vulnerability. security (Jul 19)
[ MDKSA-2006:126 ] - Updated libtunepimp packages fixes buffer overflow vulnerabilities. security (Jul 19)
[ MDKSA-2006:128 ] - Updated wireshark packages fix numerous vulnerabilities security (Jul 19)
rPSA-2006-0132-1 tshark wireshark Justin M. Forbes (Jul 19)
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Security Monitoring, Analysis and Response System (CS-MARS) Cisco Systems Product Security Incident Response Team (Jul 19)
VMSA-2006-0003 VMware possible incorrect permissions on SSL key files VMware Security Team (Jul 19)
[ GLSA 200607-06 ] libpng: Buffer overflow Thierry Carrez (Jul 19)
[USN-319-2] Linux kernel vulnerability Martin Pitt (Jul 19)
[USN-313-2] OpenOffice.org vulnerabilities Martin Pitt (Jul 19)
Re: imageVue16.1 upload vulnerability info (Jul 19)
AFCommerce Shopping Cart sledge (Jul 19)
- <Possible follow-ups>
- Re: AFCommerce Shopping Cart contact (Jul 22)
Security point-of-contact for Ameritrade? James M. Blackburn (Jul 19)
rPSA-2006-0133-1 libpng Justin M. Forbes (Jul 19)
Cisco MARS < 4.2.1 remote compromise Jon Hart (Jul 20)
[ECHO_ADV_40$2006] iManage CMS <= 4.0.12 (absolute_path) Remote File Inclusion matdhule (Jul 20)
Advisory: Remote command execution in planetGallery RedTeam Pentesting (Jul 20)
[MajorSecurity #20]SiteDepth CMS <= 3.01 - Remote File Include Vulnerability admin (Jul 20)
[MajorSecurity #21] phpFaber TopSites <=2.0.9 - SQL Injection Vulnerability admin (Jul 20)
[MajorSecurity #22] Top XL <=1.1 - XSS and cookie disclosure admin (Jul 20)
- <Possible follow-ups>
- Re: [MajorSecurity #22] Top XL <=1.1 - XSS and cookie disclosure admin (Jul 22)
[ MDKSA-2006:129 ] - Updated freetype2 packages fixes overflow vulnerability. security (Jul 20)
[security bulletin] HPSBUX02108 SSRT061133 rev.12 - HP-UX Running Sendmail, Remote Execution of Arbitrary Code security-alert (Jul 20)
rPSA-2006-0134-1 sendmail sendmail-cf Justin M. Forbes (Jul 21)
[USN-321-1] mysql-dfsg-4.1 vulnerability Martin Pitt (Jul 21)
[SECURITY] [DSA 1117-1] New libgd2 packages fix denial of service Moritz Muehlenhoff (Jul 21)
[security bulletin] HPSBMA02133 SSRT061201 rev.1 - HP Oracle for OpenView (OfO) Critical Patch Update July 2006 security-alert (Jul 21)
SECURITY UPDATE::Farsinews release FarsiNewsPro3.0Stable1SecurityPath1 armin390 (Jul 21)
[ GLSA 200607-07 ] xine-lib: Buffer overflow Thierry Carrez (Jul 21)
[SECURITY] [DSA 1115-1] New GnuPG2 packages fix denial of service Martin Schulze (Jul 21)
LoudBlog <=0.5 Sql injection rgod (Jul 21)
Unidomedia Chameleon LE/Pro Directory Traversal kicktd (Jul 21)
TSLSA-2006-0042 - multi Trustix Security Advisor (Jul 21)
Samba Internal Data Structures DOS Vulnerability Exploit Alexander Hristov (Jul 21)
- Re: Samba Internal Data Structures DOS Vulnerability Exploit Gerald (Jerry) Carter (Jul 22)
[ MDKSA-2006:130 ] - Updated kdelibs packages fix konqueror crash vulnerability. security (Jul 21)
[SECURITY] [DSA 1114-1] New hashcash packages fix arbitrary code execution Martin Schulze (Jul 21)
SolpotCrew Advisory #2 - Advanced Poll ver 2.02 (base_path) Remote File Inclusion chris_hasibuan (Jul 21)
[SECURITY] [DSA 1116-1] New gimp packages fix arbitrary code execution Moritz Muehlenhoff (Jul 21)
MiniBB Forum <= 1.5a Remote File Include (search.php-whosOnline.php) AG Spider (Jul 22)
iDefense Security Advisory 07.20.06: Sun Microsystems Solaris sysinfo() Kernel Memory Disclosure Vulnerability labs-no-reply (Jul 22)
- Re: [Full-disclosure] iDefense Security Advisory 07.20.06: Sun Microsystems Solaris sysinfo() Kernel Memory Disclosure Vulnerability Micheal Turner (Jul 22)
  - Re: Re: [Full-disclosure] iDefense Security Advisory 07.20.06: Sun Microsystems Solaris sysinfo() Kernel Memory Disclosure Vulnerability Micheal Turner (Jul 24)
[Kurdish Security # 13] Savant2 Remote File Include Vulnerability [For Mambo, Joomla] botan (Jul 22)
Microsoft Internet Explorer DOS Vulnerability SnoBmsn (Jul 22)
MicroGuestBook Remote XSS Attack omnipresent (Jul 22)
[MajorSecurity #25] Advanced Guestbook 2.4 for phpBB - Multiple XSS and SQL-Injection Vulnerabilities admin (Jul 22)
[MajorSecurity #24] Fire-Mouse TopList <=v1.1 - Cross Site Scripting admin (Jul 22)
Low security hole affecting IPCalc's CGI wrapper Tim Brown (Jul 22)
- <Possible follow-ups>
- Re: Low security hole affecting IPCalc's CGI wrapper krischan (Jul 27)
[SECURITY] [DSA 1118-1] New Mozilla packages fix several vulnerabilities Martin Schulze (Jul 22)
about bid 17404 crack (Jul 22)
[SECURITY] [DSA 1119-1] New hiki packages fix denial of service Martin Schulze (Jul 22)
New CVE identifiers for separate PowerPoint 0-day issues assigned Juha-Matti Laurio (Jul 22)
new shell bypass safe mode d3nger (Jul 22)
- <Possible follow-ups>
- Re: new shell bypass safe mode cxib (Jul 26)
SolpotCrew Advisory #3 - com_trade Remote File Inclusion (mosConfig_absolute_path) mail (Jul 22)
MiniBB Forum <= 1.5a Remote File Include (news.php) AG Spider (Jul 22)
Com Multibanners Remote File Inclusion (mosConfig_absolute_path) mail (Jul 22)
[MajorSecurity #23] BLOG:CMS <= 4.0.0j - XSS and cookie disclosure admin (Jul 22)
Blackboard Academic Suite 6.2.23 +/-: Persistent cross-site scripting vulnerability harbl (Jul 22)
Re: [Full-disclosure] Re: New PowerPoint Trojan installs itself as LSP Juha-Matti Laurio (Jul 22)
Map MS Security Bulletins to MS KB numbers Matthew Leeds (Jul 22)
DotClear : Multiples Full Path Disclosure Silitix (Jul 22)
[SECURITY] [DSA 1120-1] New Mozilla Firefox packages fix several vulnerabilities Martin Schulze (Jul 24)
[Kurdish Security # 14] MoSpray [base_dir] Remote Command Execution [ Mambo & Joomla] botan (Jul 24)
Vanilla CMS <= 1.0.1 (RootDirectory) Remote file inclusion Vuln. mfoxhacker (Jul 24)
[ GLSA 200607-08 ] GIMP: Buffer overflow Sune Kloppenborg Jeppesen (Jul 24)
- Re: [ GLSA 200607-08 ] GIMP: Buffer overflow Michael Shigorin (Jul 24)
[CYBSEC] TippingPoint detection bypass Andres Riancho (Jul 24)
Buffer-overflow in the XM loader of Cheese Tracker 0.9.9 Luigi Auriemma (Jul 24)
[SECURITY] [DSA 1121-1] New postgrey packages fix denial of service Martin Schulze (Jul 24)
PHP Live! v3.2 (header.php) Remote File Include Vulnerabilities saudi . unix (Jul 24)
[USN-322-1] Konqueror vulnerability Martin Pitt (Jul 24)
Check Point R55W Directory Traversal Sec-Tec Lists (Jul 24)
- Re: Check Point R55W Directory Traversal Hugo van der Kooij (Jul 31)
- <Possible follow-ups>
- Re: Check Point R55W Directory Traversal dave_kwek (Jul 28)
MusicBox <= 2.3.4 XSS SQL injection Vulnerability securityconnection (Jul 24)
[SECURITY] [DSA 1124-1] New fbi packages fix potential deletion of user data Moritz Muehlenhoff (Jul 24)
Windows XP/NT/SMB2003/2000 Denial of Service attack J. Oquendo (Jul 24)
ERRATA: [ GLSA 200607-08 ] GIMP: Buffer overflow Sune Kloppenborg Jeppesen (Jul 24)
Write-up by Amit Klein: "Forging HTTP request headers with Flash" Amit Klein (AKsecurity) (Jul 24)
- Re: Write-up by Amit Klein: "Forging HTTP request headers with Flash" Amit Klein (AKsecurity) (Jul 26)
  - Re: Write-up by Amit Klein: "Forging HTTP request headers with Flash" 3CO (Jul 27)
    - Re: Write-up by Amit Klein: "Forging HTTP request headers with Flash" Amit Klein (AKsecurity) (Jul 27)
[MajorSecurity #26] Woltlab Burning Board - Multiple Cookie manipulation and session fixation vulnerabilities admin (Jul 24)
SQuery v.x (devi.php) (armygame.php) Remote File Inclusion saudi . unix (Jul 24)
Heap overflow in the GT2 loader of libmikmod 3.2.2 Luigi Auriemma (Jul 24)
[SECURITY] [DSA 1123-1] New libdumb packages fix arbitrary code execution Moritz Muehlenhoff (Jul 24)
Opsware NAS 6.0 reveals MySQL 'root' password Freeman, Michael (Jul 24)
- <Possible follow-ups>
- Re: Opsware NAS 6.0 reveals MySQL 'root' password security-alert (Jul 27)
rPSA-2006-0135-1 gimp Justin M. Forbes (Jul 24)
Digital Armaments Security Advisory 24.07.2006: Siemens Speedstream Wireless/Router Denial of Service Vulnerability info (Jul 24)
SYMSA-2006-008:Password Safe - Lock Password Database Configuration Not Enforced research (Jul 24)
Buffer-overflow in recvTextMessage and NETrecvFile in Warzone Resurrection 2.0.3 (SVN 127) Luigi Auriemma (Jul 24)
[SECURITY] [DSA 1122-1] New Net::Server packages fix denial of service Martin Schulze (Jul 24)
Two crash vulnerabilities in Freeciv 2.1.0-beta1 (SVN 15 Jul 2006) Luigi Auriemma (Jul 24)
[ GLSA 200607-09 ] Wireshark: Multiple vulnerabilities Sune Kloppenborg Jeppesen (Jul 25)
[USN-296-2] Firefox vulnerabilities Martin Pitt (Jul 25)
Advisory: VMware Possible Incorrect Permissions On SSL Key Files Nick Breese (Jul 25)
[vuln.sg] DynaZip DZIP32.DLL/DZIPS32.DLL Buffer Overflow Vulnerabilities vulnpost-remove (Jul 25)
[vuln.sg] TurboZIP ZIP Repair Buffer Overflow Vulnerability vulnpost-remove (Jul 25)
[vuln.sg] AGEphone "sipd.dll" SIP Packet Handling Buffer Overflow vulnpost-remove (Jul 25)
LinksCaffe 3.0 SQL injection/Command Execution Vulnerabilties simo64 (Jul 25)
[ GLSA 200607-10 ] Samba: Denial of Service vulnerability Sune Kloppenborg Jeppesen (Jul 25)
[security bulletin] HPSBUX02087 SSRT4728 rev.2 - HP-UX running TCP/IP Remote Denial of Service (DoS) security-alert (Jul 25)
Re: Ashop Search Module SQL injection security curmudgeon (Jul 26)
[ MDKSA-2006:131 ] - Updated perl-Net-Server packages fix format string vulnerability security (Jul 26)
Full Path Disclosure xGuestBook v1.02 dicomdk (Jul 26)
MS06-034 lies? IIS 6 can still be owned? Cesar (Jul 26)
Secunia Research: AutoVue SolidModel Professional Buffer Overflow Vulnerability Secunia Research (Jul 26)
[USN-297-3] Thunderbird vulnerabilities Martin Pitt (Jul 26)
[USN-320-2] php4 regression Martin Pitt (Jul 26)
EzUpload multi file vulnerabilities hack2prison (Jul 26)
Multiple vulnerabilities in OpenCMS Meder Kydyraliev (Jul 26)
[SECURITY] [DSA 1111-2] New Linux kernel 2.6.8 packages fix privilege escalation Moritz Muehlenhoff (Jul 26)
wwwThreads XSS l2odon (Jul 26)
Zyxel Prestige 660H-61 Cross-Site Scripting jose . palanco (Jul 26)
Professional Home Page Tools Login Script Cross Site Scripting Vulnerabilities tamriel (Jul 26)
PHP-Auction SQL injection l2odon (Jul 26)
ZDI-06-024: eIQNetworks Enterprise Security Analyzer License Manager Buffer Overflow Vulnerability zdi-disclosures (Jul 26)
TP-Book <= 1.00 Cross Site Scripting Vulnerabilities tamriel (Jul 26)
ZDI-06-023: eIQNetworks Enterprise Security Analyzer Syslog Server Buffer Overflow Vulnerability zdi-disclosures (Jul 26)
TSRT-06-04: eIQnetworks Enterprise Security Analyzer Topology Server Buffer Overflow Vulnerability TSRT (Jul 26)
- RE: TSRT-06-04: eIQnetworks Enterprise Security Analyzer Topology Server Buffer Overflow Vulnerability Desai, Deepen (Jul 29)
TSRT-06-03: eIQnetworks Enterprise Security Analyzer Syslog Server Buffer Overflow Vulnerabilities TSRT (Jul 26)
[SECURITY] [DSA 1125-1] New drupal packages fix execution of arbitrary web script code Moritz Muehlenhoff (Jul 26)
Cisco VPN Concentrator IKE resource exhaustion DoS Advisory Roy Hills (Jul 26)
- Re: Cisco VPN Concentrator IKE resource exhaustion DoS Advisory Eloy Paris (Jul 29)
  - Re: Cisco VPN Concentrator IKE resource exhaustion DoS Advisory Pavel Kankovsky (Jul 31)
Etomite CMS <= 0.6.1 'rfiles.php' remote command execution rgod (Jul 26)
[USN-323-1] mozilla vulnerabilities Martin Pitt (Jul 26)
[ECHO_ADV_41$2006] BufferOverflow in Midirecord2 the_day (Jul 26)
[vuln.sg] PowerArchiver DZIPS32.DLL Buffer Overflow Vulnerability vulnpost-remove (Jul 26)
[OpenPKG-SA-2006.014] OpenPKG Security Advisory (shiela) OpenPKG (Jul 26)
Secunia Research: FileCOPA Directory Argument Handling Buffer Overflow Secunia Research (Jul 26)
Phpprobid <= 5.24 XSS SQL injection Vulnerability securityconnection (Jul 26)
NSFOCUS SA2006-07 : ISS RealSecure/BlackICE MailSlot Heap Overflow Detection Remote DoS Vulnerability NSFOCUS Security Team (Jul 27)
a6mambohelpdesk Mambo Component <= 18RC1 Remote Include Vulnerability Dr . Jr7 (Jul 27)
GeoClassifieds Enterprise <= 2.0.5.2 Cross Site Scripting securityconnection (Jul 27)
[SECURITY] [DSA 1126-1] New Asterisk packages fix denial of service Martin Schulze (Jul 27)
Cross-Site Scripting and Local File Inclusion in Phorum Meftun (Jul 27)
Buffer Overflow Vulnerability in Winlpd Meftun (Jul 27)
[USN-324-1] freetype vulnerability Martin Pitt (Jul 27)
[USN-325-1] ruby1.8 vulnerability Martin Pitt (Jul 27)
[USN-326-1] heartbeat vulnerability Martin Pitt (Jul 27)
[SECURITY] [DSA 1125-2] New drupal packages fix execution of arbitrary web script code (revised packages) Moritz Muehlenhoff (Jul 27)
Secunia Research: Mozilla Firefox XPCOM Event Handling Memory Corruption Secunia Research (Jul 27)
Bypassing Oracle dbms_assert ak (Jul 27)
- Re: Bypassing Oracle dbms_assert David Litchfield (Jul 28)
  - RE: Bypassing Oracle dbms_assert Alexander Kornbrust (Jul 28)
    - Re: Bypassing Oracle dbms_assert David Litchfield (Jul 28)
ZDI-06-025: Mozilla Firefox Javascript navigator Object Vulnerability zdi-disclosures (Jul 27)
rPSA-2006-0137-1 firefox Justin M. Forbes (Jul 27)
Xss in MttKe-php v2.6 R0t-K33Y (Jul 27)
- <Possible follow-ups>
- Re: Xss in MttKe-php v2.6 Steven M. Christey (Jul 31)
AIM Triton 1.0.4 (SipXtapi) Remote Buffer Overflow Exploit (PoC) c0rrupt (Jul 27)
Oracle 10g R2 and, probably, all previous versions putosoft softputo (Jul 27)
- <Possible follow-ups>
- Oracle 10g R2 and, probably, all previous versions Russell Lowenthal (Jul 28)
Re: HYSA-2006-008 myBloggie 2.1.3 CRLF & SQL Injection Steven M. Christey (Jul 27)
[USN-327-1] firefox vulnerabilities Martin Pitt (Jul 28)
Cisco Security Advisory: Windows VPN Client Local Privilege Escalation Vulnerability Cisco Systems Product Security Incident Response Team (Jul 28)
[USN-328-1] Apache vulnerability Martin Pitt (Jul 28)
[FLSA-2006:175040] Updated php packages fix security issues Marc Deslauriers (Jul 28)
[SECURITY] [DSA 1127-1] New ethereal packages fix several vulnerabilities Moritz Muehlenhoff (Jul 28)
[OpenPKG-SA-2006.015] OpenPKG Security Advisory (apache) OpenPKG (Jul 28)
[SECURITY] [DSA 1128-1] New heartbeat packages fix local denial of service Martin Schulze (Jul 28)
Portail PHP v1.7 Remote File Include Meftun (Jul 28)
- <Possible follow-ups>
- Re: Portail PHP v1.7 Remote File Include x0r0n (Jul 31)
[OpenPKG-SA-2006.016] OpenPKG Security Advisory (ruby) OpenPKG (Jul 28)
[ MDKSA-2006:132 ] - Updated libwmf packages fixes integer overflow vulnerability security (Jul 28)
[OpenPKG-SA-2006.017] OpenPKG Security Advisory (freetype) OpenPKG (Jul 28)
Remote Include Vulnerability ====> in Dr.Jr7 Gallery 3.2 RC1 R0t-K33Y (Jul 28)
[Announcement] Apache HTTP Server 2.2.3 (2.0.59, 1.3.37) Released William A. Rowe, Jr. (Jul 28)
Apache mod_rewrite Buffer Overflow Vulnerability Avert (Jul 28)
[SECURITY] [DSA 1129-1] New osiris packages fix arbitrary code execution Martin Schulze (Jul 28)
PHP-Nuke INP XSS l2odon (Jul 28)
Guestbook Mambo Module <== v1.3.0 Multiple Remote File Include Vulnerabilities matdhule (Jul 28)
Re: Fusion Polls (xtrphome) Remote File Inclusion security curmudgeon (Jul 28)
Lan-Aces Office Logic Mike (Jul 28)
cpanel login problem ali (Jul 28)
- Re: cpanel login problem nate (Jul 29)
  - Re: cpanel login problem Scott Gemma (Jul 31)
    - RE: cpanel login problem Alan (Jul 31)
  - RE: cpanel login problem Bugs (Jul 31)
- <Possible follow-ups>
- Re: cpanel login problem usar_y_tirar (Jul 31)
Hustle -- Tumbleweed Email Firewall Remote Vulnerability Ryan Smith (Jul 28)
PrinceClan Chess Mambo Com <= 0.8 Remote Inclusion Vulnerability tr_zindan (Jul 28)
rPSA-2006-0139-1 httpd mod_ssl Justin M. Forbes (Jul 29)
[USN-329-1] Thunderbird vulnerabilities Martin Pitt (Jul 29)
PHP ip2long() function circumvention rgod (Jul 29)
- <Possible follow-ups>
- Re: PHP ip2long() function circumvention darylf (Jul 31)
Coppermine Photo Gallery v1.2.2b-Nuke Remote File Inclusion Vulnerabilities A-S-T2006 (Jul 29)
XSS vulnerability on AWBS newbinaryfile (Jul 29)
Mambo Gallery Manager v095.r3 Remote File Inclusion Vulnerabilities A-S-T2006 (Jul 29)
[KAPDA::#53] MYBB XSS and Dir Traversal in usercp.php roozbeh_afrasiabi (Jul 29)
[ MDKSA-2006:133 ] - Updated apache packages fix mod_rewrite vulnerability security (Jul 29)
mambatstaff Mambo Component <= Remote Include Vulnerability Dr . Jr7 (Jul 29)
[ GLSA 200607-12 ] OpenOffice.org: Multiple vulnerabilities Stefan Cornelius (Jul 29)
artlinks Mambo Component <= Remote Include Vulnerability Dr . Jr7 (Jul 29)
[ MDKSA-2006:134 ] - Updated ruby packages fix safe-level vulnerabilities security (Jul 29)
Gdiplus.dll division by 0 Mr . Niega (Jul 29)
- <Possible follow-ups>
- Re: Gdiplus.dll division by 0 Early Warning Team (Jul 31)
[ GLSA 200607-13 ] Audacious: Multiple heap and buffer overflows Matthias Geerdsen (Jul 29)
[ GLSA 200607-11 ] TunePimp: Buffer overflow Stefan Cornelius (Jul 29)
UPDATE: [ GLSA 200605-08 ] PHP: Multiple vulnerabilities Sune Kloppenborg Jeppesen (Jul 31)
com_moskool (admin.moskool.php) Remote File Include Vulnerabilities saudi . unix (Jul 31)
ATutor <= 1.5.3.1 'links' blind SQL injection / admin credentials disclosure rgod (Jul 31)
PHPAuction 2.1 (maybe higher) with phpAdsNew 2.0.5 RFI philipp . niedziela (Jul 31)
SQL injection Seir Anphin v666 Community Management System vulnerabilities (Jul 31)
Oracle and Apache mod_rewrite Vulnerability tigerblue (Jul 31)
Corsaire Security Advisory - VMware ESX Server Password Cross Site Request Forgery issue advisories (Jul 31)
Corsaire Security Advisory - VMware ESX Server Password Disclosure in Log issue advisories (Jul 31)
Corsaire Security Advisory - VMware ESX Server Password Disclosure in Cookie issue advisories (Jul 31)
Multiple vulnerabilities in Open Cubic Player 2.6.0pre6 / 0.1.10_rc5 Luigi Auriemma (Jul 31)
MyNewsGroups <= 0.6b (myng_root) Remote Inclusion Vulnerability philipp . niedziela (Jul 31)
Re: Do world's famous companies take care of their security? Steven M. Christey (Jul 31)

Previous period

Next period