Bugtraq: by thread

Previous period

Next period

524 messages starting Oct 02 06 and ending Oct 31 06
Date index | Thread index | Author index

ZERT patch for setSlice() Gadi Evron (Oct 02)
Advisory 07/2006: phpMyAdmin Multiple CSRF Vulnerabilities Stefan Esser (Oct 02)
phpMyWebmin 1.0 <= (target) Remote File Include Vulnerability x0r0n (Oct 02)
[OpenPKG-SA-2006.022] OpenPKG Security Advisory (openssh) OpenPKG (Oct 02)
0day in Firefox from ToorCon '06 Thor Larholm (Oct 02)
zero-day flaws in Firefox: about 30 unpatched Firefox flaws ragan (Oct 02)
- Re: zero-day flaws in Firefox: about 30 unpatched Firefox flaws Mailinglists Address (Oct 07)
Layered Defense Advisory: TrendMicro OfficesScan Corporate Edition Format String Vulnerability dh (Oct 02)
EasyBannerFree (functions.php) Remote File Include Exploit las_kid (Oct 02)
IBM Informix Dynamic Server V10.0 File Clobbering during Install Larry Cashdollar (Oct 02)
Pebble 2.0.0 RC[1,2] XSS vulnerability Paolo Perego (Oct 02)
Kerio Multiple insufficient argument validation of hooked SSDT function Vulnerability David Matousek (Oct 02)
"POC 2006" by Korean hackers securityproof (Oct 02)
[security bulletin] HPSBUX02157 SSRT061220 rev.1 HP-UX Running Ignite-UX Server, Remote Unauthorized Access and Privilege Elevation security-alert (Oct 02)
Dayfox Blog v2.0 Remote file include dj_remix_20 (Oct 02)
IE UXSS (Universal XSS in IE, was Re: Microsoft Internet Information Services UTF-7 XSS Vulnerability [MS06-053]) Paul Szabo (Oct 02)
- Re: [Full-disclosure] IE UXSS (Universal XSS in IE, was Re: Microsoft Internet Information Services UTF-7 XSS Vulnerability [MS06-053]) Brian Eaton (Oct 02)
  - Re: [Full-disclosure] IE UXSS (Universal XSS in IE, was Re: Microsoft Internet Information Services UTF-7 XSS Vulnerability [MS06-053]) Paul Szabo (Oct 03)
[USN-355-1] openssh vulnerabilities Martin Pitt (Oct 02)
[USN-356-1] gdb vulnerability Martin Pitt (Oct 02)
digishop v 4.0.0 Xss Vuln. meto5757 (Oct 02)
[USN-354-1] Firefox vulnerabilities Martin Pitt (Oct 02)
Security contact for Myspace/Fox? E Mintz (Oct 02)
- <Possible follow-ups>
- Re: Security contact for Myspace/Fox? Juha-Matti Laurio (Oct 07)
Microsoft Internet Information Services UTF-7 XSS Vulnerability [MS06-053] Eiji James Yoshida (Oct 02)
Portable shell-exploit for buffer-overflow bugs Roman Medina-Heigl Hernandez (Oct 02)
Re: WebCalendar-1.0.3 reading of any files webcalendar (Oct 02)
Re: net2ftp: a web based FTP client :) <= Remote File Inclusion securfrog (Oct 02)
[security bulletin] HPSBUX02129 SSRT061149 rev.1 - HP-UX running SLP, Remote Unauthorized Access security-alert (Oct 02)
FreeBSD Security Advisory FreeBSD-SA-06:22.openssh FreeBSD Security Advisories (Oct 02)
[SECURITY] [DSA 1185-2] New openssl packages fix arbitrary code execution Noah Meyerhans (Oct 03)
[ MDKSA-2006:172-1 ] - Updated openssl packages fix vulnerabilities security (Oct 03)
[ MDKSA-2006:177 ] - Updated MySQL packages rebuilt against updated openssl. security (Oct 03)
[ MDKSA-2006:178 ] - Updated ntp packages rebuilt against updated openssl. security (Oct 03)
Re: WebspotBlogging => 3.0 Remote File Include Vulnerabilities Steven M. Christey (Oct 03)
Security flaw in IBM Client Security Password Manager Luís Miguel Silva (Oct 03)
Re: [Full-disclosure] IE UXSS (Universal XSS in IE, was Re: Microsoft Internet Information Services UTF-7 XSS Vulnerability [MS06-053]) Paul Szabo (Oct 03)
PacSec 2006 Papers announcement and EUSecWest Call For Papers Dragos Ruiu (Oct 03)
iDefense Security Advisory 10.02.06: Novell GroupWise Messenger nmma.exe DoS Vulnerability iDefense Labs (Oct 03)
phpMyProfiler remote file include mozi2weed (Oct 04)
[CAID 34661]: CA Unicenter WSDM File System Read Access Vulnerability Williams, James K (Oct 04)
Advisory 08/2006: PHP open_basedir Race Condition Vulnerability Stefan Esser (Oct 04)
[ MDKSA-2006:179 ] - Updated openssh packages fix DoS vulnerabilities security (Oct 04)
[SECURITY] [DSA 1188-1] New mailman packages fix several problems Martin Schulze (Oct 04)
Directory Traversal Vulnerability in Goop Gallery 2.0.2 security (Oct 04)
- <Possible follow-ups>
- Directory Traversal Vulnerability in Goop Gallery 2.0.2 security (Oct 11)
- Re: Directory Traversal Vulnerability in Goop Gallery 2.0.2 gene (Oct 17)
Yener Haber Script v2.0 SQL injection dj_remix_20 (Oct 04)
Technical Paper on the ZERT Patch and VML [was: Re: ZERT patch for setSlice()] Gadi Evron (Oct 04)
- Re: [funsec] Technical Paper on the ZERT Patch and VML [was: Re: ZERT patch for setSlice()] Alexander Sotirov (Oct 04)
  - Re: [funsec] Technical Paper on the ZERT Patch and VML [was: Re: ZERT patch for setSlice()] Gadi Evron (Oct 09)
[USN-358-1] ffmpeg, xine-lib vulnerabilities Martin Pitt (Oct 04)
[USN-353-2] OpenSSL vulnerability Martin Pitt (Oct 04)
[USN-357-1] Mono vulnerability Martin Pitt (Oct 04)
Invision Power Board Multiple Vulnerabilities Rapigator (Oct 04)
[ GLSA 200610-01 ] Mozilla Thunderbird: Multiple vulnerabilities Matthias Geerdsen (Oct 04)
[SECURITY] [DSA 1189-1] New openssh-krb5 packages fix denial of service and potential execution of arbitrary code Moritz Muehlenhoff (Oct 04)
[SECURITY] [DSA 1190-1] New maxdb-7.5.00 packages fix execution of arbitrary code Moritz Muehlenhoff (Oct 04)
[ GLSA 200610-02 ] Adobe Flash Player: Arbitrary code execution Matthias Geerdsen (Oct 04)
Vulnerability Type Distributions in CVE Steven M. Christey (Oct 05)
WikyBlog <= v1.4 (WN_BASEDIR) Remote File Inclusion Exploit xp1o (Oct 05)
- <Possible follow-ups>
- Re: WikyBlog <= v1.4 (WN_BASEDIR) Remote File Inclusion Exploit Steven M. Christey (Oct 06)
Re: Concurrency-related vulnerabilities in browsers - expect problems Mike (Oct 05)
- Re: Concurrency-related vulnerabilities in browsers - expect problems Nick Boyce (Oct 06)
- Re: Concurrency-related vulnerabilities in browsers - expect problems Josh Bressers (Oct 06)
[SECURITY] [DSA 1191-1] New Mozilla Thunderbird packages fix several vulnerabilities Martin Schulze (Oct 05)
iDefense Security Advisory 10.05.06: Symantec AntiVirus IOCTL Kernel Privilege Escalation Vulnerability iDefense Labs (Oct 06)
[ MDKSA-2006:180 ] - Updated php packages fix integer overflow vulnerability security (Oct 06)
Vulnerable function in newest PowerPoint case (MS Advisory #925984) Juha-Matti Laurio (Oct 06)
Hazir Site v2.0 Admin SQL Injection dj_remix_20 (Oct 06)
SUSE Security Summary Report SUSE-SR:2006:024 Thomas Biege (Oct 06)
[SECURITY] [DSA 1192-1] New Mozilla packages fix several vulnerabilities Martin Schulze (Oct 06)
TSLSA-2006-0055 - multi Trustix Security Advisor (Oct 06)
TorrentFlux User-Agent XSS Vulnerability sec (Oct 06)
[USN-359-1] Python vulnerability Martin Pitt (Oct 06)
phpMyTeam v2.0 <= (smileys_dir) Remote File Include Vulnerability x0r0n (Oct 06)
ackerTodo 4.2 SQL Injection Vulnerability Francesco Laurita (Oct 06)
ZDI-06-030: CA Multiple Product Discovery Service Remote Buffer Overflow Vulnerability zdi-disclosures (Oct 06)
ZDI-06-031: CA Multiple Product Message Engine RPC Server Code Execution Vulnerability zdi-disclosures (Oct 06)
[Reversemode Advisory] Symantec Antivirus Engine Privilege Escalation Reversemode (Oct 06)
[CAID 34693, 34694]: CA BrightStor ARCserve Backup Multiple Buffer Overflow Vulnerabilities Williams, James K (Oct 06)
TSRT-06-12: CA BrightStor Discovery Service Mailslot Buffer Overflow Vulnerability TSRT (Oct 06)
rPSA-2006-0183-1 nss_ldap rPath Update Announcements (Oct 06)
rPSA-2006-0185-1 gnome-ssh-askpass openssh openssh-client openssh-server rPath Update Announcements (Oct 06)
TSRT-06-11: CA Multiple Product DBASVR RPC Server Multiple Buffer Overflow Vulnerabilities TSRT (Oct 06)
rPSA-2006-0182-1 php php-mysql php-pgsql rPath Update Announcements (Oct 06)
FreeWPS File Upload Command Execution security (Oct 06)
Details of Lotus Notes Java Applet vulnerabilities Jouko Pynnonen (Oct 06)
Emek Portal v2.1 SQL Injection dj_remix_20 (Oct 06)
phponline <= (LangFile) Remote File Inclusion Exploit xp1o (Oct 06)
[ GLSA 200610-03 ] ncompress: Buffer Underflow Raphael Marichez (Oct 06)
Re: net2ftp Remote File Inclusion - bogus report david (Oct 06)
LS-20060330 - CA BrightStor ARCserve Backup Remote Buffer Overflow Vulnerability advisories (Oct 07)
Vulnerability in Btitracker aeroxteam (Oct 07)
LS-20060220 - CA BrightStor ARCserve Backup Remote Buffer Overflow Vulnerability advisories (Oct 07)
FreeForum 0.9.7 (fpath) Remote File Include Vulnerability x0r0n (Oct 07)
LS-20060313 - CA BrightStor ARCserve Backup Remote Buffer Overflow Vulnerability advisories (Oct 07)
- Re: Invision Power Board Multiple Vulnerabilities Rapigator (Oct 07)
phpBB User Viewed Posts Tracker Version <= 1.0 [phpbb_root_path] File Include Vulnerability x0r0n (Oct 07)
Cahier de textes 2.0 Remote SQL injection Exploit sami (Oct 07)
Sorry....My Message With Out Live Site.... Dr . Ninux (Oct 07)
Observations on Mandatory Integrity Control (MIC) in Windows Vista Enno Rey (Oct 07)
RE: Informing Companies about security vulnerabilities... bugtraq (Oct 07)
- RE: Informing Companies about security vulnerabilities... Wolf Halton (Oct 07)
- <Possible follow-ups>
- RE: Informing Companies about security vulnerabilities... Arian J. Evans (Oct 07)
PHP Live! <= 3.1 help.php Remote File Inclusion vulnerability paisterist . nst (Oct 07)
JavaScript Spider (code that can traverse the web) pdp (architect) (Oct 07)
The latest version of iSearch is V2.16 <= (index.php) Remote File Inclusion Exploit xp1o (Oct 09)
- Re: The latest version of iSearch is V2.16 <= (index.php) Remote File Inclusion Exploit str0ke (Oct 10)
[ECHO_ADV_49$2006]OpenDock Easy Doc <=1.4 (doc_directory) Multiple Remote File Inclusion Vulnerability erdc (Oct 09)
Advanced Poll v2.02 :) <= Remote File Inclusion alguidy (Oct 09)
[ECHO_ADV_50$2006]OpenDock Easy Blog <=1.4 (doc_directory) Multiple Remote File Inclusion Vulnerability erdc (Oct 09)
[ECHO_ADV_51$2006] docmint <= 2.0 (MY_ENV[BASE_ENGINE_LOC]) Remote File Inclusion Vulnerability erdc (Oct 09)
PHPMyNews 1.4 <= (cfg_include_dir) Remote File Include Vulnerability xorontr (Oct 09)
Advisory 09/2006: PHP unserialize() Array Creation Integer Overflow Stefan Esser (Oct 09)
[ECHO_ADV_48$2006] WebYep <= 1.1.9 (webyep_sIncludePath) Multiple Remote File Inclusion Vulnerability erdc (Oct 09)
XSS IN paFileDB 3.1 zarloule04 (Oct 09)
Freenews v1.1 <= (chemin) Remote File Include Vulnerability xorontr (Oct 09)
PHP open_basedir with symlink() function Race Condition PoC exploit paisterist . nst (Oct 09)
SQL injection - 4images disfigure (Oct 09)
SQL injection - moodle disfigure (Oct 09)
- Re: [Full-disclosure] SQL injection - moodle scsantos@unigranrio com br (Oct 09)
HITBSecConf2006 CTF Source code and daemons Praburaajan (Oct 09)
SUSE Security Announcement: php4,php5 (SUSE-SA:2006:059) Ludwig Nussel (Oct 09)
Cisco Security Advisory: Limitations in Cisco Secure Desktop Cisco Systems Product Security Incident Response Team (Oct 09)
[ECHO_ADV_52$2006]OpenDock Easy Gallery <=1.4 (doc_directory) Multiple Remote File Inclusion Vulnerability erdc (Oct 09)
yet another OpenSSH timing leak? Marco Ivaldi (Oct 09)
- Re: yet another OpenSSH timing leak? Gianluca Varisco (Oct 10)
- <Possible follow-ups>
- Re: yet another OpenSSH timing leak? Marco Ivaldi (Oct 10)
- Re: yet another OpenSSH timing leak? Marco Ivaldi (Oct 14)
[SECURITY] [DSA 1194-1] New libwmf packages fix arbitrary code execution Moritz Muehlenhoff (Oct 09)
Re: net2ftp: a web based FTP client :) <= Remote File Inclusion Steven M. Christey (Oct 09)
[USN-361-1] Mozilla vulnerabilities Martin Pitt (Oct 10)
[USN-360-1] awstats vulnerabilities Martin Pitt (Oct 10)
7 php scripts File Inclusion / Source disclosure Vuln gmdarkfig (Oct 10)
[ECHO_ADV_54$2006]vtiger CRM <=4.2 (calpath) Multiple Remote File Inclusion Vulnerability erdc (Oct 10)
MS Windows DRM software Memory Corruption Joxean Koret (Oct 10)
phpWebSite 0.10.2 Remote File Include Vulnerabilities crackers_child (Oct 10)
- <Possible follow-ups>
- Re: phpWebSite 0.10.2 Remote File Include Vulnerabilities kevin (Oct 11)
MHL-2006-001 Public Advisory: "Eazy Cart" Multiple Security Issues Mayhemic Labs Security (Oct 10)
eXpBlog <= 0.3.5 Cross Site Scripting Vulnerabilities Tamriel (Oct 10)
[security bulletin] HPSBUX02087 SSRT4728 rev.4 - HP-UX running TCP/IP Remote Denial of Service (DoS) security-alert (Oct 10)
ZDI-06-033: Microsoft Office Excel File Format DATETIME Record Parsing Vulnerability zdi-disclosures (Oct 10)
ZDI-06-032: Microsoft Office PowerPoint Malformed Slide Notes Rebuilding Vulnerability zdi-disclosures (Oct 10)
ZDI-06-034: Microsoft Office Word Malformed Chart Code Execution Vulnerability zdi-disclosures (Oct 10)
[USN-362-1] PHP vulnerabilities Martin Pitt (Oct 10)
[Fedora] libtool-ltdl uses relative paths to resolve and load libraries Enrico Scholz (Oct 10)
[SECURITY] [DSA 1195-1] new openssl096 packages fix denial of service Noah Meyerhans (Oct 10)
PHPLibrary <= 1.5.3 Remote File Inclusion k1tk4t (Oct 10)
tagit2b -- Remote File Inclusion k1tk4t (Oct 10)
claroline <= 180rc1 Remote File Inclusion k1tk4t (Oct 10)
blueshoes <= 4.6_public Remote File Inclusion k1tk4t (Oct 10)
pacsec hype security team: 7 words of warning about Macromedia Flash Player 9+ Dragos Ruiu (Oct 10)
iDefense Security Advisory 10.10.06: FreeBSD ptrace PT_LWPINFO Denial of Service Vulnerability iDefense Labs (Oct 10)
[ MDKSA-2006:181 ] - Updated python packages fix vulnerability security (Oct 10)
Re: The latest version of iSearch is V2.16 <= (index.php) Remote File Inclusion Exploit Steven M. Christey (Oct 11)
rPSA-2006-0187-1 idle python rPath Update Announcements (Oct 11)
ShmooCon 2006 CFP Announcement B Potter (Oct 11)
Microsoft Office Malformed Record Memory Corruption Vulnerability Sowhat (Oct 11)
MysqlDumper Version 1.21 b6 Xss Vulnerability crackers_child (Oct 11)
Secunia Research: Microsoft Windows Object Packager Dialog Spoofing Secunia Research (Oct 11)
- <Possible follow-ups>
- Re: Secunia Research: Microsoft Windows Object Packager Dialog Spoofing edubp2002 (Oct 14)
[USN-363-1] libmusicbrainz vulnerability Kees Cook (Oct 11)
Jinzora <= 2.1 Remote File Inclusion k1tk4t (Oct 11)
AlberT-EasySite <= 1.0.a5 Remote File Inclusion k1tk4t (Oct 11)
gcards (languagefile) <= Remote File Include D-virus (Oct 11)
- Re: gcards (languagefile) <= Remote File Include str0ke (Oct 11)
Noah's Classifieds Cross Site Scripting Vulnerability raphael . huck (Oct 11)
New tool release today - "wyd" - password profiling Max Moser (Oct 11)
CommunityPortals <= 1.0 Remote File Include Vulnerability nima . salehi (Oct 11)
[ MDKSA-2006:182 ] - Updated kernel packages fix multiple vulnerabilities and bugs security (Oct 11)
zenphoto Multiple Path Disclosure and Cross Site Scripting Vulnerabilities raphael . huck (Oct 12)
iDefense Security Advisory 10.11.06: AOL YGPPDownload SetAlbumName ActiveX Control Buffer Overflow Vulnerability iDefense Labs (Oct 12)
new version of phplist fix XSS vulnerability info (Oct 12)
iDefense Security Advisory 10.11.06: Sun Microsystems Solaris NSPR Library Arbitrary File Creation Vulnerability iDefense Labs (Oct 12)
MS06-060 Microsoft Word Memmove Code Execution Avert (Oct 12)
SecureWorks Research Client Advisory: Multiple Vendor Bluetooth Memory Stack Corruption Vulnerability Research (Oct 12)
MHL-2006-002 Public Advisory: "Call-Center-Software" Multiple Security Issues Mayhemic Labs Security (Oct 12)
XeoPort <= 0.81 SQL Injection Vulnerability Tamriel (Oct 12)
Xeobook <= 0.93 Multiple SQL Injection Vulnerabilities Tamriel (Oct 12)
[security bulletin] HPSBMA02158 SSRT061251 rev.1 - HP Version Control Agent, Remote Unauthorized Access and Possible Elevation of Privilege security-alert (Oct 12)
ExtCalThai_Component <= 0.9.1 Remote File Inclusion k1tk4t (Oct 12)
Cisco Security Advisory: Default Password in Wireless Location Appliance Cisco Systems Product Security Incident Response Team (Oct 12)
Journals System <= 1.0.2 [RC2] Remote File Include Vulnerability nima . salehi (Oct 12)
Admin User Viewed Posts Tracker Remote File Include Vulnerability nima . salehi (Oct 12)
Iono all version fullpath disclosure hack2prison (Oct 12)
Security Suite IP Logger Remote File Inclusion ReeM_HaCk (Oct 12)
Download-Engine Remote File Include v1per-hacker (Oct 12)
Black Hat CFP, Registration, and Announcements for October Jeff Moss (Oct 13)
Phpbb insert mod Remote file include By_KorsaN_Son (Oct 13)
Google Earth (kml & kmz files) buffer overflow Alexander Hristov (Oct 13)
Mcafee Network Agent (mcnasvc.exe) Remote DoS Alexander Hristov (Oct 13)
Open Conference Systems <= 1.1.3 Remote File Inclusion k1tk4t (Oct 13)
CMS contenido Remote File Inclusion CvIr . System (Oct 13)
[security bulletin] HPSBST02160 SSRT061254 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS06-055 security-alert (Oct 13)
[security bulletin] HPSBST02134 SSRT061187 rev.2 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS06-052, MS06-053 and MS06-054 security-alert (Oct 13)
RamaCMS (adodb.inc.php) Remote File Inclue Vulnerability Le . CoPrA (Oct 13)
CMS contenido Path Disclosure CvIr . System (Oct 13)
PacSec Hype Security Team: CGI.pm param injection Dragos Ruiu (Oct 13)
Morcego CMS <= 0.9.6 Remote File Inclue Vulnerability Le . CoPrA (Oct 13)
SpamBlockerMODv <= 1.0.2 Remote File Include Vulnerability nima . salehi (Oct 13)
Download-Engine Remote File İnclude By_KorsaN_Son (Oct 13)
ISOI II - a DA Workshop (announcement and CFP) Gadi Evron (Oct 13)
PHP Cards <= 1.3 Remote File Inclue Vulnerability Le . CoPrA (Oct 13)
Utimaco Safeguard Easy vulnerability boomboom999 (Oct 13)
- <Possible follow-ups>
- Re: Utimaco Safeguard Easy vulnerability Juha-Matti Laurio (Oct 18)
Bloq 0.5.4 Remote File İnclude By_KorsaN_Son (Oct 13)
phpBB Security <= 1.0.1 Remote File Include Vulnerability nima . salehi (Oct 13)
PHPht Topsites Remote File İnclude By_KorsaN_Son (Oct 13)
news7 <= (news.php) Remote File Inclusion Exploit xp1o (Oct 13)
Jax Newspage Remote File include dj_remix_20 (Oct 13)
TorrentFlux startpop.php torrent Script Insertion 566d9bfe (Oct 13)
[SECURITY] [DSA 1166-2] New cheesetraceker packages fix buffer overflow Steve Kemp (Oct 13)
pbpbb archive for search engines Remote File Include Vulnerability nima . salehi (Oct 13)
Jax LinkLists Remote File include dj_remix_20 (Oct 13)
- <Possible follow-ups>
- Re: Jax LinkLists Remote File include xorontr (Oct 14)
MNews <= 2.0 (noticias.php) Remote File Inclue Vulnerability Le . CoPrA (Oct 13)
phpMyConferences <= 8.0.2 Remote File Inclusion k1tk4t (Oct 13)
- <Possible follow-ups>
- phpMyConferences <= 8.0.2 Remote File Inclusion mfp . c (Oct 31)
phpBB Add Name Remote File Include Vulnerability nima . salehi (Oct 13)
SpamOborona PHPBB Plugin Remote File Include Vulnerability nima . salehi (Oct 13)
maluinfo version 206.2.38l Remote File Include Vulnerability nima . salehi (Oct 13)
AMAZONIA MOD Remote File Include Vulnerability nima . salehi (Oct 13)
phpBB PlusXL 2.x <= biuld 272 Remote File Include Vulnerability nima . salehi (Oct 13)
news defilante horizontale <= 4.1.1 Remote File Include Vulnerability nima . salehi (Oct 13)
phpBB lat2cyr <= 1.0.1 Remote File Include Vulnerability nima . salehi (Oct 13)
RPG Events 1.0.0 Remote File Include Vulnerability nima . salehi (Oct 13)
PhpBB Prillian French Remote File Include Vulnerability nima . salehi (Oct 13)
PHP Top webs (config.php) Remote File Inclue Vulnerability Le . CoPrA (Oct 13)
Buzlas <= v2006-1 Full Remote File Include Vulnerability nima . salehi (Oct 13)
iDefense Security Advisory 10.13.06: Apache HTTP Server mod_tcl set_var Format String Vulnerability iDefense Labs (Oct 14)
@lex Guestbook <=(ModeliXe.php) Remote File Inclusion Exploit xp1o (Oct 14)
- <Possible follow-ups>
- Re: @lex Guestbook <=(ModeliXe.php) Remote File Inclusion Exploit ptitgal (Oct 16)
EXlor 1.0 (/fonctions/template.php) Remote File Include Vulnerability mahmood ali (Oct 14)
Re: iDefense Security Advisory 10.11.06: Sun Microsystems Solaris NSPR Library Arbitrary File Creation Vulnerability Marco Ivaldi (Oct 14)
Multiple XSS Vulnerability in Gcontact security (Oct 14)
Re: DanPHPSupport => 0.5 Cross Site Scripting Vulnerabilities dansoftaus (Oct 14)
WDT:- osTicket File Include all V stormhacker (Oct 14)
Re: Multiple XSS Vulnerabilities in Zen Cart 1.3.5 security (Oct 14)
Jinzora 2.6 - Remote File Include Vulnerabilities erne (Oct 14)
Spoofing security dialog in object packager - 2 seejay . 11 (Oct 14)
ISS BlackICE PC Protection Filelock protection bypass Vulnerability Matousec - Transparent security Research (Oct 16)
Re: [Full-disclosure] Kmail <= 1.9.1 (table/frameset) DOS Vidar Løkken (Oct 16)
Kmail <= 1.9.1 (table/frameset) DOS nnp (Oct 16)
Security Advisory for Bugzilla 2.18.5, 2.20.2, 2.22, and 2.23.2 mkanat (Oct 16)
vbulletin Exploit Tool Box [dot] (Oct 16)
- <Possible follow-ups>
- Re: vbulletin Exploit Tool Box scottREMOVE (Oct 17)
bbsNew ( File Include Vulnerability Exploit ) h4ck3riran (Oct 16)
SYMSA-2006-010: Directory Traversal in IronWebMail research (Oct 16)
Back-end ( File Include Vulnerability Exploit ) h4ck3riran (Oct 16)
maintain-3.0.0-RC2 - Remote File Include Vulnerabilities erne (Oct 16)
Full Path Disclosure in PHP-Wyana xx_hack_xx_2004 (Oct 16)
:ShAnKaR: WoltLab Burning Book <=1.1.2 multiple vulnerabilities 3APA3A (Oct 16)
MOStlyCEV454 - Remote File Include Vulnerabilities erne (Oct 16)
VoMM: Taking browser exploits to the next level avivra (Oct 16)
WebYep-1.1.9 - Remote File Include Vulnerabilities erne (Oct 16)
[USN-364-1] Xsession vulnerability Kees Cook (Oct 16)
[ GLSA 200610-04 ] Seamonkey: Multiple vulnerabilities Raphael Marichez (Oct 16)
osprey 1.0 (ListRecords.php) Remote File Include Vulnerability KaBaRa . HaCk . eGy (Oct 16)
Full Path Disclosure in PHP-Wyana (2) xx_hack_xx_2004 (Oct 16)
iDefense Security Advisory 10.15.06: Clam AntiVirus ClamAV CHM Chunk Name Length DoS Vulnerability iDefense Labs (Oct 16)
iDefense Security Advisory 10.15.06: Clam AntiVirus ClamAV rebuildpe Heap Overflow Vulnerability iDefense Labs (Oct 16)
patchlodel-0.7.3 - Remote File Include Vulnerabilities erne (Oct 16)
Rapid7 Advisory R7-0025: Buffer Overflow in NVIDIA Binary Graphics Driver For Linux advisory (Oct 16)
PHP Forge 3b2 (/inc/inc.php) Remote File Include Vulnerability mahmood ali (Oct 16)
Advisory 10/2006: ViewVC Undefined Charset UTF-7 XSS Vulnerability Stefan Esser (Oct 16)
About.com contact C. Hamby (Oct 17)
[Xss] IN phplist v 2.10.2, the-free_kernel (Oct 17)
[USN-365-1] libksba vulnerability Kees Cook (Oct 17)
PR06-03b: F5 Firepass 1000 SSL VPN version 5.5 vulnerable to Cross-Site Scripting research (Oct 17)
TorrentFlux action Script Insertion 3cab7cc7 (Oct 17)
TorrentFlux file Script Insertion 3cab7cc7 (Oct 17)
TorrentFlux user_id Script Insertion 3cab7cc7 (Oct 17)
[OpenPKG-SA-2006.023] OpenPKG Security Advisory (php) OpenPKG (Oct 17)
[ECHO_ADV_55$2006]Phpmybibli <=2.1 Multiple Remote File Inclusion Vulnerability erdc (Oct 17)
Flaw in Firefox 2.0 RC2 Mike (Oct 17)
- Re: Flaw in Firefox 2.0 RC2 Jose Nazario (Oct 17)
  - Re: Flaw in Firefox 2.0 RC2 Eliah Kagan (Oct 18)
    - Re: Flaw in Firefox 2.0 RC2 Paul Schmehl (Oct 18)
    - Re: Flaw in Firefox 2.0 RC2 arny (Oct 18)
- Re: Flaw in Firefox 2.0 RC2 jm (Oct 18)
  - Re: Flaw in Firefox 2.0 RC2 Mark A Basil (Oct 19)
    - Re: Flaw in Firefox 2.0 RC2 Jure Pečar (Oct 20)
  - RE: Flaw in Firefox 2.0 RC2 Aras "Russ" Memisyazici (Oct 19)
- Re: Flaw in Firefox 2.0 RC2 Shane Lahey (Oct 18)
- Re: Flaw in Firefox 2.0 RC2 Lubomir Kundrak (Oct 19)
- RE: Flaw in Firefox 2.0 RC2 Sean Warnock (Oct 19)
[security bulletin] HPSBUX02155 SSRT061235 rev.2 HP-UX CIFS Server (Samba) Local Unauthorized Access, Elevated Privileges security-alert (Oct 17)
[ GLSA 200610-05 ] CAPI4Hylafax fax receiver: Execution of arbitrary code Raphael Marichez (Oct 17)
[ GLSA 200610-06 ] Mozilla Network Security Service (NSS): RSA signature forgery Raphael Marichez (Oct 17)
phpAdsNew include bug! wacky (Oct 17)
- Re: phpAdsNew include bug! Wim Godden (Oct 18)
- <Possible follow-ups>
- Re: phpAdsNew include bug! matteo (Oct 19)
rPSA-2006-0194-1 kernel rPath Update Announcements (Oct 17)
[ GLSA 200610-07 ] Python: Buffer Overflow Raphael Marichez (Oct 17)
Rapid7 Advisory R7-0026: HTTP Header Injection Vulnerabilities in the Flash Player Plugin advisory (Oct 17)
iDefense Security Advisory 10.17.06: Opera Software Opera Web Browser URL Parsing Heap Overflow Vulnerability iDefense Labs (Oct 17)
[ MDKSA-2006:183 ] - Updated libksba packages correct DoS vulnerability security (Oct 17)
[ MDKSA-2006:184 ] - Updated clamav packages fix vulnerabilities security (Oct 18)
[ MDKSA-2006:185 ] - Updated php packages to address multiple vulnerabilities security (Oct 18)
Comdev One Admin 4.1 Remote File Inclusion disfigure (Oct 18)
Boonex Dolphin 5.2 Remote File Inclusion disfigure (Oct 18)
Simplog 0.9.3.1 SQL Injection disfigure (Oct 18)
zorum_3_5 <=(dbproperty.php) Remote File Inclusion Exploit MoHaNdKo (Oct 18)
[ECHO_ADV_46$2006] P-Book <= 1.17 (pb_lang) Remote File Inclusion erdc (Oct 18)
Analysis of the Oracle October 2006 Critical Patch Update David Litchfield (Oct 18)
TSLSA-2006-0057 - multi Trustix Security Advisor (Oct 18)
CS-Forum 0.82 (ajouter.php) Remote File Include Vulnerability mahmood ali (Oct 18)
PhpBB<=2.0.10 (groupcp.php) Remote File Include Vulnerability mahmood ali (Oct 18)
- <Possible follow-ups>
- Re: PhpBB<=2.0.10 (groupcp.php) Remote File Include Vulnerability neothermic (Oct 19)
PHPRecipeBook <= 2.35 ((g_rb_basedir)) Remote File Include Exploit CarcaBotx (Oct 18)
- Re: PHPRecipeBook <= 2.35 ((g_rb_basedir)) Remote File Include Exploit str0ke (Oct 18)
- <Possible follow-ups>
- Re: PHPRecipeBook <= 2.35 ((g_rb_basedir)) Remote File Include Exploit theif (Oct 19)
Call for Papers - First International Workshop on Secure Software Engineering (SecSE 2007) Lillian Røstad (Oct 18)
Multiple vulnerabilities in Highwall Enterprise and Highwall Endpoint management interface noreply (Oct 18)
Airmagnet management interfaces multiple vulnerabilities noreply (Oct 18)
{x0n3-h4ck} DEV Web Manager System <= 1.5 XSS Exploit corrado . liotta (Oct 18)
Secunia Research: Joomla BSQ Sitestats Script Insertion and SQL Injection Secunia Research (Oct 18)
Secunia Research: IBM Lotus Notes Insecure Default Folder Permissions Secunia Research (Oct 18)
Static fmat exploits with random va root (Oct 18)
Security-Assessment.com Advisory: Asterisk remote heap overflow Adam Boileau (Oct 18)
[USN-366-1] binutils vulnerability Kees Cook (Oct 18)
rPSA-2006-0195-1 kdelibs rPath Update Announcements (Oct 19)
[USN-367-1] Pike vulnerability Kees Cook (Oct 19)
[security bulletin] HPSBST02161 SSRT061264 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS06-056 Through MS06-065 security-alert (Oct 19)
[SECURITY] [DSA 1196-1] New clamav packages fix arbitrary code execution Moritz Muehlenhoff (Oct 19)
[OpenPKG-SA-2006.024] OpenPKG Security Advisory (asterisk) OpenPKG (Oct 19)
Advisory 11/2006: Serendipity Weblog XSS Vulnerabilities Stefan Esser (Oct 19)
[DRUPAL-SA-2006-024] Drupal 4.6.10 / 4.7.4 fixes multiple XSS issues Uwe Hermann (Oct 19)
[DRUPAL-SA-2006-025] Drupal 4.6.10 / 4.7.4 fixes CRF issue Uwe Hermann (Oct 19)
[DRUPAL-SA-2006-026] Drupal 4.6.10 / 4.7.4 fixes HTML attribute injection issue Uwe Hermann (Oct 19)
DigitalHive 2.0 RC2 (base_include.php)File Include mahmood ali (Oct 19)
UltraCMS 0.9 sql injection fireboy2006 (Oct 19)
KICS CMS sql injection fireboy2006 (Oct 19)
SQL Injection simplog navairum (Oct 19)
Multiple XSS Vulnerabilities in KnowledgeBank 1.01 security (Oct 19)
PHP "exec", "system", "popen" problem Дмитрий Borgir (Oct 19)
- Re: PHP "exec", "system", "popen" (+small POC) Bernhard Mueller (Oct 20)
ERRATA: [ GLSA 200610-07 ] Python: Buffer Overflow Raphael Marichez (Oct 19)
ATutor 1.5.3.2=> Remote File Include Vulnerability subzero . 0000 (Oct 19)
[Xss] IN SMF 1.1 RC2 the_free_kernel (Oct 19)
[ MDKSA-2006:186 ] - Updated kdelibs packages fix KHTML vulnerability security (Oct 19)
TORQUE Spool Job Race condition (torque <= 2.0.0p8) Luís Miguel Silva (Oct 19)
iDefense Security Advisory 10.19.06: Kaspersky Labs Anti-Virus IOCTL Local Privilege Escalation Vulnerability iDefense Labs (Oct 19)
- <Possible follow-ups>
- Re: iDefense Security Advisory 10.19.06: Kaspersky Labs Anti-Virus IOCTL Local Privilege Escalation Vulnerability abel . andrade (Oct 20)
- Re: iDefense Security Advisory 10.19.06: Kaspersky Labs Anti-Virus IOCTL Local Privilege Escalation Vulnerability Steven M. Christey (Oct 21)
[CAID 34693, 34694]: CA BrightStor ARCserve Backup Multiple Buffer Overflow Vulnerabilities (UPDATED) Williams, James K (Oct 20)
[KAPDA::#60] Mambo V4.6.x vulnerabilities alireza hassani (Oct 20)
HPSBUX02162 SSRT061223 rev.1 - HP-UX Running dtmail, Local Execution of Arbitrary Code security-alert (Oct 20)
Simple Machines Forum (SMF) XSS issue josecarlos . norte (Oct 20)
- <Possible follow-ups>
- Re: Simple Machines Forum (SMF) XSS issue mrapples (Oct 21)
  - Re: Simple Machines Forum (SMF) XSS issue RSnake (Oct 23)
PHP Classifieds 7.1 - Remote File Include Vulnerability Le . CoPrA (Oct 20)
[ GLSA 200610-08 ] Cscope: Multiple buffer overflows Raphael Marichez (Oct 20)
[security bulletin] HPSBTU02163 SSRT061223 rev.1 - HP Tru64 UNIX Running dtmail, Local Execution of Arbitrary Code security-alert (Oct 20)
PHP Poll Creator 1.04 (poll_vote.php)File Include mahmood ali (Oct 20)
[Reversemode Advisory] Kaspersky Anti-Virus Privilege Escalation Reversemode (Oct 20)
Advisory for Oneorzero helpdesk Mike Klingler (Oct 20)
PHPLibrary-1.5.3(Description.php) Remote File Include arab_anaconda (Oct 20)
[OpenPKG-SA-2006.025] OpenPKG Security Advisory (drupal) OpenPKG (Oct 20)
Open Meetings Filing Application (PROJECT_ROOT) Remote File Include Vulnerability xorontr (Oct 21)
Hustle Labs & MNIN eDirectory Vulnerability Ryan Smith (Oct 21)
Virtual Law Office (phpc_root_path) Remote File Include Vulnerability xorontr (Oct 21)
[USN-368-1] Qt vulnerability Martin Pitt (Oct 23)
[ GLSA 200610-09 ] libmusicbrainz: Multiple buffer overflows Matthias Geerdsen (Oct 23)
RMSOFT Cross Site Scripting FREAK_PR (Oct 23)
trawler <= 1.8.1 Remote File Inclusion k1tk4t (Oct 23)
IPEER Remote file inclusion navairum (Oct 23)
iDefense Security Advisory 10.21.06: Novell eDirectory evtFilteredMonitorEventsRequest Heap Overflow Vulnerability iDefense Labs (Oct 23)
iDefense Security Advisory 10.21.06: Novell eDirectory NCP over IP length Heap Overflow Vulnerability iDefense Labs (Oct 23)
iDefense Security Advisory 10.21.06: Novell eDirectory evtFilteredMonitorEventsRequest Invalid Free Vulnerability iDefense Labs (Oct 23)
XSS in Zwahlen Online Shop MC Iglo (Oct 23)
speedberg <= 1.2beta1 Remote File Inclusion k1tk4t (Oct 23)
WHM 10.8.0 cPanel 10.9.0 R50 CentOS 4.4 i686 WHM X v3.1.0 Xss Vulnerability crackers_child (Oct 23)
PHP Generator of Object SQL Database (path) Remote File Include Vulnerability xorontr (Oct 23)
AROUNDMe 0.6.9 remonte file inclusion noislet . nospam (Oct 23)
[SECURITY] [DSA 1197-1] New python2.4 packages fix arbitrary code execution Moritz Muehlenhoff (Oct 23)
-==PHP Nuke <= 7.9 SQL Injection and Bypass SQL Injection Protection vulnerabilities==- paisterist . nst (Oct 23)
[PHPADSNEW-SA-2006-002] phpAdsNew and phpPgAds 2.0.8-pr1 fix XSS vulnerability Matteo Beccati (Oct 23)
D-Link DSL-G624T several vulnerabilities jose . palanco (Oct 23)
Flaw in Firefox 2.0 Final mike (Oct 23)
Smarty-2.6.1 Remote File Include Vulnerabilities crackers_child (Oct 23)
- Re: Smarty-2.6.1 Remote File Include Vulnerabilities J. Carlos Nieto (Oct 24)
SQL Injection Vulnerability in Oracle WWV_FLOW_UTILITIES ak (Oct 23)
Cross-Site-Scripting Vulnerability in Oracle APEX WWV_FLOW_ITEM_HELP ak (Oct 23)
http://www.red-database-security.com/advisory/oracle_apex_css_notification_msg.html ak (Oct 23)
Various Cross-Site-Scripting Vulnerabilities in Oracle Reports ak (Oct 23)
hack.lu Bluetooth demo K F (lists) (Oct 23)
- Re: [Full-disclosure] hack.lu Bluetooth demo Thierry Zoller (Oct 23)
Modify Data via Inline Views ak (Oct 23)
SQL Injection in package SYS.DBMS_SQLTUNE_INTERNAL ak (Oct 23)
SQL Injection in package XDB.DBMS_XDBZ0 ak (Oct 23)
INCA IM-204 Dsl several vulnerabilities crackers_child (Oct 23)
SQL Injection in package SYS.DBMS_CDC_IMPDP ak (Oct 23)
SQL Injection in Oracle package MDSYS.SDO_LRS ak (Oct 23)
Multiple HTTP response splitting vulnerabilities in SHOP-SCRIPT Debasis Mohanty (Oct 23)
Application orders Linux in WebAPP v0.9.9.2.1 the_free_kernel (Oct 23)
- <Possible follow-ups>
- Re: Application orders Linux in WebAPP v0.9.9.2.1 nicolascamino (Oct 24)
WikiNi Multiple Cross Site Scripting Vulnerabilities raphael . huck (Oct 23)
[SECURITY] [DSA 1198-1] New python2.3 packages fix arbitrary code execution Moritz Muehlenhoff (Oct 23)
Symantec Product Security: Symantec Device Driver Elevation of Privileg secure (Oct 23)
[ GLSA 200610-10 ] ClamAV: Multiple Vulnerabilities Raphael Marichez (Oct 24)
[ GLSA 200610-11 ] OpenSSL: Multiple vulnerabilities Raphael Marichez (Oct 24)
Month of Kernel Bugs and fsfuzzer release (0.6) L . M . H . (Oct 24)
[SECURITY] [DSA 1199-1] New webmin packages fix input validation problems Noah Meyerhans (Oct 24)
ProgSys verion 0.151 XSS vulnerability security (Oct 24)
[vuln.sg] CruiseWorks Directory Traversal and Buffer Overflow Vulnerabilities vulnpost-remove (Oct 24)
who needs a server ... auto113922 (Oct 24)
CSLH2.9.9 Remote File Include Vulnerabilities crackers_child (Oct 24)
adobe php sdk Remote File Include Vulnerabilities crackers_child (Oct 24)
- Re: adobe php sdk Remote File Include Vulnerabilities Mailinglists Address (Oct 24)
InteliEditor (sys_path) Remote File Include Vulnerability xorontr (Oct 24)
[ GLSA 200610-12 ] Apache mod_tcl: Format string vulnerability Raphael Marichez (Oct 24)
Cisco Security Advisory: Cisco Security Agent for Linux Port Scan Denial of Service Cisco Systems Product Security Incident Response Team (Oct 25)
Re: Yahoo! Messenger Service 18 Remote Buffer Overflow Vulnerability Gadi Evron (Oct 25)
[KAPDA::#61] - PacPoll <= 4.0 Multiple Vulnerabilities farhadkey (Oct 25)
phpMyConferences_8.0.2 Remote File Inclusion Outlaw (Oct 25)
- Re: phpMyConferences_8.0.2 Remote File Inclusion Tamriel (Oct 25)
[ MDKSA-2006:187 ] - Updated Qt packages fix vulnerability security (Oct 25)
iDefense Security Advisory 10.25.06: AOL Nullsoft Winamp Ultravox 'ultravox-max-msg' Header Heap Overflow Vulnerability iDefense Labs (Oct 25)
Mozilla Firefox JavaScript Handler Race Condition Memory Corruption Vulnerability erreale (Oct 25)
- Re: Mozilla Firefox JavaScript Handler Race Condition Memory Corruption Vulnerability Christian Kalkhoff (Oct 27)
iDefense Security Advisory 10.25.06: AOL YGPPDownload downloadFileDirectory ActiveX Control Heap Corruption Vulnerability iDefense Labs (Oct 25)
iDefense Security Advisory 10.25.06: AOL YGPPDownload AddPictureNoAlbum ActiveX Control Heap Corruption Vulnerability iDefense Labs (Oct 25)
iDefense Security Advisory 10.25.06: AOL Nullsoft Winamp Ultravox Lyrics3 v2.00 tags Heap Overflow Vulnerability iDefense Labs (Oct 25)
Web-style Wireless IDS attacks noreply (Oct 25)
[security bulletin] HPSBMA02133 SSRT061201 rev.2 - HP Oracle for OpenView (OfO) Critical Patch Update security-alert (Oct 25)
[OpenPKG-SA-2006.026] OpenPKG Security Advisory (screen) OpenPKG (Oct 26)
rPSA-2006-0195-2 kdelibs qt-x11-free rPath Update Announcements (Oct 26)
rPSA-2006-0198-1 screen rPath Update Announcements (Oct 26)
IE7 is a Source of Problem - Secunia IE7 Release Incident of October 2006 LIUDIEYU dot COM (Oct 27)
- Re: IE7 is a Source of Problem - Secunia IE7 Release Incident of October 2006 Reversemode (Oct 27)
- Re: [Full-disclosure] IE7 is a Source of Problem - Secunia IE7 Release Incident of October 2006 HASEGAWA Yosuke (Oct 27)
TSLSA-2006-0059 - postgresql Trustix Security Advisor (Oct 27)
MHL-2006-003 Public Advisory: "ezOnlineGallery" Multiple Security Issues Mayhemic Labs Security (Oct 27)
MiniBILL v2006-10-10 (config[page_dir] Remote File Include Vulnerability xorontr (Oct 27)
Insecure storage of passwords in Axalto Protiva nnposter (Oct 27)
Joomla extended_registration mod Remote File Include Vulnerabilities crackers_child (Oct 27)
Directory Traversal in TorrentFlux 2.1 Christopher (Oct 27)
phpFaber CMS Cross Site Scripting security (Oct 27)
iDefense Security Advisory 10.26.06: Multiple Vendor wvWare LVL Count Integer Overflow Vulnerability iDefense Labs (Oct 27)
iDefense Security Advisory 10.26.06: Multiple Vendor wvWare LFO Count Integer Overflow Vulnerability iDefense Labs (Oct 27)
ZDI-06-035: Novell eDirectory NDS Server Host Header Buffer Overflow Vulnerability zdi-disclosures (Oct 27)
[ GLSA 200610-13 ] Cheese Tracker: Buffer Overflow Raphael Marichez (Oct 27)
vulnerability in Symantec products security (Oct 27)
- <Possible follow-ups>
- Re: vulnerability in Symantec products jay.tomas (Oct 30)
  - unreliable vulnerability reports en-masee [was:Re: vulnerability in Symantec products] Gadi Evron (Oct 30)
Ban v0.1 (bannieres.php) File Include mahmood ali (Oct 27)
- Re: Ban v0.1 (bannieres.php) File Include Francesco Laurita (Oct 28)
TextPattern <=1.19 Remote File Inclusion Vulnerability Bithedz (Oct 27)
SMF fgets off-by-one issue and filter size evasion josecarlos . norte (Oct 27)
IE7 status: 8 days after release, 3 unfixed issues Moritz Naumann (Oct 27)
UNISOR CMS sql injection fireboy2006 (Oct 27)
PHP-Nuke <= 7.9 Search module "author" SQL Injection vulnerability paisterist . nst (Oct 27)
ArticleBeach Script <= 2.0 Remote File Inclusion Vulnerability Bithedz (Oct 27)
GestArt <= vbeta 1 Remote File Include Vulnerabilities ip . 123 . 456 . 78 . 90 (Oct 27)
RFID enabled e-passport skimming proof of concept code released (RFIDIOt) Adam Laurie (Oct 27)
PLS-Bannieres 1.21 (bannieres.php) File Include mahmood ali (Oct 27)
phpLedAds 2.0(dir) File Include mahmood ali (Oct 27)
[funsec] Haxdoor: UK Police Count 8, 500 Victims in Data Theft (So Far) (fwd) Gadi Evron (Oct 27)
phpAdsNew-2.0.8 <= (adlayer.php) Remote File Include zooz_998 (Oct 27)
- <Possible follow-ups>
- Re: phpAdsNew-2.0.8 <= (adlayer.php) Remote File Include emme0032 (Oct 28)
- Re: phpAdsNew-2.0.8 <= (adlayer.php) Remote File Include simo (Oct 30)
Thepeak File Upload v1.3 : Read file vulneability loveha (Oct 27)
Hosting Controller 6.1 Hotfix <= 3.2 Vulnerability playpacific . emulacaid (Oct 27)
Microsoft .NET request filtering bypass vulnerability research (Oct 27)
[ MDKSA-2006:189 ] - Updated xsupplicant fixes possible remote root stack smash vulnerability security (Oct 28)
[ MDKSA-2006:188 ] - Updated mono packages fix vulnerability security (Oct 28)
[ MDKSA-2006:190 ] - Updated mutt packages fix multiple vulnerabilities security (Oct 28)
[ MDKSA-2006:192 ] - Updated ruby packages fix DoS vulnerability security (Oct 28)
[ MDKSA-2006:191 ] - Updated screen packages fix vulnerability security (Oct 28)
[ GLSA 200610-14 ] PHP: Integer overflow Raphael Marichez (Oct 30)
[SECURITY] [DSA 1200-1] New Qt packages fix integer overflow Noah Meyerhans (Oct 30)
[OpenPKG-SA-2006.027] OpenPKG Security Advisory (wordpress) OpenPKG (Oct 30)
Re: [Full-disclosure] ZDI-06-035: Novell eDirectory NDS Server Host Header Buffer Overflow Vulnerability Matt Richard (Oct 30)
CentiPaid <= 1.4.2 [$class_pwd] Remote File Include firewall1954 (Oct 30)
- Re: CentiPaid <= 1.4.2 [$class_pwd] Remote File Include Francesco Laurita (Oct 30)
- Re: CentiPaid <= 1.4.2 [$class_pwd] Remote File Include Tamriel (Oct 30)
Exporia => 0.3.0 Remote File Include Vulnerability Exploit h4ck3riran (Oct 30)
bbsNew => 2.0.1 Remote File Include Vulnerability Exploit h4ck3riran (Oct 30)
Back-end => 0.4.5 Remote File Include Vulnerability Exploit h4ck3riran (Oct 30)
SQL in WebWizForum by almaster hacker almaster (Oct 30)
freenews---> fileinclude MoHaNdKo (Oct 30)
- Re: freenews---> fileinclude Tamriel (Oct 30)
  - Re: freenews---> fileinclude pokley (Oct 31)
  - Message not available
    - Re: freenews---> fileinclude pokley (Oct 31)
easy notes manager sql injection and authentication bypass poplix (Oct 30)
[MajorSecurity Advisory #29]foresite CMS - Cross Site Scripting Issue admin (Oct 30)
Re: imageVue16.1 upload vulnerability mjau (Oct 30)
Simple Website Software v0.99 (common.php) Remote File Include cw . cybersecurity (Oct 30)
PHPEasyData Pro 1.4.1 (index.php) Remote SQL Injection Vulnerability ajannhwt (Oct 30)
PHPEasyData Pro 2.2.1 (index.php) Remote SQL Injection Vulnerability ajannhwt (Oct 30)
Nucleus Core v3.23 - Remote File Include firewall1954 (Oct 30)
- Re: Nucleus Core v3.23 - Remote File Include Francesco Laurita (Oct 30)
Punbb <= 1.2.13 Multiple Vulnerabilities Nms (Oct 30)
[ECHO_ADV_53$2006] QnECMS <= 2.5.6 (adminfolderpath) Remote File Inclusion Vulnerability erdc (Oct 30)
opendocman <= 1.2p3 Bypass admin/user Login k1tk4t (Oct 30)
Metasploit Framework 2.7 Released H D Moore (Oct 30)
[ GLSA 200610-15 ] Asterisk: Multiple vulnerabilities Raphael Marichez (Oct 30)
CORE FORCE R0.95 released! CORE FORCE Team (Oct 30)
Multiple Remote File Include firewall1954 (Oct 30)
[security bulletin] HPSBMA02138 SSRT061184 rev.2 - HP OpenView Storage Data Protector, Remote Unauthorized Arbitrary Command Execution security-alert (Oct 30)
[security bulletin] HPSBMA02121 SSRT061157 rev.3 - HP OpenView Storage Data Protector Remote Unauthorized Arbitrary Command Execution security-alert (Oct 30)
[security bulletin] HPSBTU02168 SSRT061237 rev.1 - HP Tru64 UNIX Running gzip, gunzip, and gzcat, Remote Unauthorized Arbitrary Code Execution or Denial of Service (DoS) security-alert (Oct 30)
Re: Free Rainbow Tables.com Jerome Athias (Oct 30)
ModSecurity 2.0, A Core Rule Set and Console now available Ofer Shezaf (Oct 30)
ActiveX security leaks in the TV owned web game platform maxgipeh (Oct 31)
Hawking Technology wireless router WR254-CA DNS issue Nikolai Grigoriev (Oct 31)
[ MDKSA-2006:193 ] - Updated ImageMagick packages fix vulnerabilities security (Oct 31)
[ MDKSA-2006:194 ] - Updated PostgreSQL packages fix vulnerabilities security (Oct 31)
SQL Injection Vulnerability in bfExplorer 0.0.6 security (Oct 31)
Sun java System Messenger Express XSS handrix (Oct 31)
New Flaw in Firefox 2.0: DoS and possible remote code execution xxxx (Oct 31)
- Re: New Flaw in Firefox 2.0: DoS and possible remote code execution Gouki (Oct 31)
- Re: New Flaw in Firefox 2.0: DoS and possible remote code execution Josh Bressers (Oct 31)
- <Possible follow-ups>
- Re: Re: New Flaw in Firefox 2.0: DoS and possible remote code execution xxxx (Oct 31)
  - Re: New Flaw in Firefox 2.0: DoS and possible remote code execution Daniel Veditz (Oct 31)
Authentication bypass in BytesFall Explorer RedTeam Pentesting (Oct 31)
[SECURITY] [DSA 1201-1] New ethereal packages fix denial of service Moritz Muehlenhoff (Oct 31)
[SECURITY] [DSA 1202-1] New screen packages fix arbitrary code execution Moritz Muehlenhoff (Oct 31)
PHP-Nuke <= 7.9 Journal module (search.php) "forwhat" SQL Injection vulnerability paisterist . nst (Oct 31)
Cross Site Scripting (XSS) Vulnerability in iPlanet Messaging Server Messenger Express by "Sun" LegendaryZion (Oct 31)
Directory listing on B-FOCuS Wireless 802.11b/g ADSL2+ Router by "ECI Telecom LTD" LegendaryZion (Oct 31)
Cross Site Scripting (XSS) Vulnerability in Web Mail service by "Walla! Communications LTD" LegendaryZion (Oct 31)

Previous period

Next period