Bugtraq: by thread
492 messages
starting Apr 02 07 and
ending Apr 30 07
Date index |
Thread index |
Author index
- Re: Xoops All Version -Articles- Print.PHP (ID) Blind SQL Injection Exploit And PoC vaughan . montgomery (Apr 02)
- 2BGal 3.1.1 <= (admin/index.php) Remote File Include Vulnerability BorN To K!LL BorN To K!LL (Apr 02)
- MS announces out-of-band patch for ANI 0day Gadi Evron (Apr 02)
- [ GLSA 200703-27 ] Squid: Denial of Service Raphael Marichez (Apr 02)
- [SECURITY] [DSA 1274-1] New file packages fix arbitrary code execution Noah Meyerhans (Apr 02)
- [security bulletin] HPSBMA02198 SSRT061177 rev.1 - HP OpenView Network Node Manager (OV NNM) Remote Unauthorized Access security-alert (Apr 02)
- [ GLSA 200703-28 ] CUPS: Denial of Service Raphael Marichez (Apr 02)
- Re: Drake CMS v0.3.2 < = RFi Vulnerabilities legolas558 (Apr 02)
- DirectAdmin persistant XSS [takeover an Administrator`s account] Kanedaaa Bohater (Apr 02)
- Norton Multiple insufficient argument validation of hooked SSDT function Vulnerability Matousec - Transparent security Research (Apr 02)
- Re: Denial of Service Vulnerabilities in TrueCrypt 4.3 Linux (re. bid 23180) Pavel Kankovsky (Apr 02)
- <Possible follow-ups>
- Re: Denial of Service Vulnerabilities in TrueCrypt 4.3 Linux (re. bid 23180) Marco Ivaldi (Apr 04)
- 0day Oracle 10g exploit - dbms_aq.enqueue - become DBA Andrea "bunker" Purificato (Apr 02)
- Re: [Full-disclosure] [RECTIFY] Oracle 10g exploit - dbms_aq.enqueue - become DBA Andrea "bunker" Purificato (Apr 03)
- Re: 0day Oracle 10g exploit - dbms_aq.enqueue - become DBA Gadi Evron (Apr 03)
- Re: 0day Oracle 10g exploit - dbms_aq.enqueue - become DBA Andrea Purificato - bunker (Apr 03)
- Windows XP/Vista (.ANI) Remote Exploit (bypass eeye patch) jamikazu (Apr 02)
- Maplab <= 2.2.1 (gszAppPath) Remote File Inclusion Vulnerability mufti . rizal (Apr 02)
- iDefense Security Advisory 03.31.07: Multiple Vendor ImageMagick DCM and XWD Buffer Overflow Vulnerabilities iDefense Labs (Apr 02)
- More information on ZERT patch for ANI 0day Gadi Evron (Apr 02)
- Re: More information on ZERT patch for ANI 0day Stefan Kelm (Apr 03)
- Re: [Full-disclosure] More information on ZERT patch for ANI 0day Matthew Murphy (Apr 03)
- Re: More information on ZERT patch for ANI 0day Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] (Apr 03)
- Re: More information on ZERT patch for ANI 0day Jason Frisvold (Apr 04)
- Re: More information on ZERT patch for ANI 0day Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] (Apr 04)
- Re: More information on ZERT patch for ANI 0day Jason Frisvold (Apr 04)
- Re: More information on ZERT patch for ANI 0day Stefan Kelm (Apr 03)
- WOVB #01: Bypassing Vista Firewall, Flying over obstructive line TWOVB Team (Apr 02)
- Re: AIX 4.3 lsmcode local root command execution Shiva Persaud (Apr 02)
- APOP vulnerability Gaëtan LEURENT (Apr 02)
- Re: APOP vulnerability 3APA3A (Apr 03)
- Re: APOP vulnerability Gaëtan LEURENT (Apr 03)
- Re[2]: APOP vulnerability 3APA3A (Apr 03)
- Re: APOP vulnerability Gaëtan LEURENT (Apr 03)
- Re: APOP vulnerability 3APA3A (Apr 03)
- iDefense Security Advisory 04.02.07: Hewlett-Packard Mercury Quality Center ActiveX Control ProgColor Buffer Overflow Vulnerability iDefense Labs (Apr 02)
- [CFP] VNSECON 07 - Call for Papers / HCMC - August 03-04, 2007 rd (Apr 02)
- [ GLSA 200704-01 ] Asterisk: Two SIP Denial of Service vulnerabilities Sune Kloppenborg Jeppesen (Apr 02)
- iDefense Security Advisory 03.31.07: IBM Tivoli Provisioning Manager for OS Deployment Multiple Vulnerabilities iDefense Labs (Apr 02)
- [SECURITY] [DSA 1275-1] New zope2.7 packages fix cross-site scripting flaw Noah Meyerhans (Apr 03)
- TWOVB][ The Week Of Vista Bugs: the truth is out there TWOVB Team (Apr 03)
- Re: Exploiting Microsoft dynamic Dns updates Denis Jedig (Apr 03)
- [MajorSecurity Advisory #37]HolaCMS - Cross Site Scripting Issue SecurityAudit (Apr 03)
- MyBulletinBoard (MyBB) <= 1.2.3 Remote Code Execution Exploit gmdarkfig (Apr 03)
- Remote File Include In Script stat12 RaeD (Apr 03)
- MITKRB5-SA-2007-002: KDC, kadmind stack overflow in krb5_klog_syslog [CVE-2007-0957] Tom Yu (Apr 03)
- MITKRB5-SA-2007-003: double-free vulnerability in kadmind (via GSS-API library) [CVE-2007-1216] Tom Yu (Apr 03)
- FLEA-2007-0006-2: ImageMagick Foresight Linux Essential Announcement Service (Apr 03)
- iDefense Security Advisory 04.03.07: Microsoft Windows WMF Triggerable Kernel Design Error DoS Vulnerability iDefense Labs (Apr 03)
- MITKRB5-SA-2007-001: telnetd allows login as arbitrary user [CVE-2007-0956] Tom Yu (Apr 03)
- Re: On-going Internet Emergency and Domain Names Bob Fiero (Apr 03)
- Re: On-going Internet Emergency and Domain Names Alexander Klimov (Apr 11)
- iDefense Security Advisory 04.03.07: Multiple Vendor Kerberos kadmind Buffer Overflow Vulnerability iDefense Labs (Apr 03)
- FLEA-2007-0007-1: nas Foresight Linux Essential Announcement Service (Apr 03)
- ZDI-07-012: Yahoo! Messenger AudioConf ActiveX Control Buffer Overflow zdi-disclosures (Apr 03)
- FLEA-2007-0006-1: ImageMagick Foresight Linux Essential Announcement Service (Apr 03)
- [SECURITY] [DSA 1276-1] New krb5 packages fix several vulnerabilities Moritz Muehlenhoff (Apr 03)
- [ GLSA 200704-02 ] MIT Kerberos 5: Arbitrary remote code execution Sune Kloppenborg Jeppesen (Apr 03)
- Nine Vista CVEs, including Microsoft inaccurate Teredo use case documentation Jim Hoagland (Apr 03)
- [ GLSA 200704-05 ] zziplib: Buffer Overflow Raphael Marichez (Apr 04)
- [ MDKSA-2007:075 ] - Updated qt4 packages to address utf8 decoder bug security (Apr 04)
- iDefense Security Advisory 04.03.07: Multiple Vendor X Server fonts.dir File Parsing Integer Overflow Vulnerability iDefense Labs (Apr 04)
- [ GLSA 200704-03 ] OpenAFS: Privilege escalation Raphael Marichez (Apr 04)
- Three New Papers on Oracle Forensics David Litchfield (Apr 04)
- rPSA-2007-0063-1 krb5 krb5-server krb5-services krb5-test krb5-workstation rPath Update Announcements (Apr 04)
- CYBSEC Pre-Advisory: SAP TRUSTED_SYSTEM_SECURITY RFC Function Information Disclosure CYBSEC Advisories (Apr 04)
- iDefense Security Advisory 04.03.07: Multiple Vendor X Server XC-MISC Extension Memory Corruption Vulnerability iDefense Labs (Apr 04)
- CYBSEC Security Pre-Advisory: SAP RFC_START_PROGRAM RFC Function Multiple Vulnerabilities CYBSEC Advisories (Apr 04)
- CYBSEC Security Pre-Advisory: SAP RFC_START_GUI RFC Function Buffer Overflow CYBSEC Advisories (Apr 04)
- lite-cms-0.2.1 Remote File Include Vulnerabilities the_3dit0r (Apr 04)
- CYBSEC Security Pre-Advisory: SAP SYSTEM_CREATE_INSTANCE RFC Function Buffer Overflow CYBSEC Advisories (Apr 04)
- [USN-449-1] krb5 vulnerabilities Kees Cook (Apr 04)
- CYBSEC Security Pre-Advisory: SAP RFC_SET_REG_SERVER_PROPERTY RFC Function Denial Of Service CYBSEC Advisories (Apr 04)
- CYBSEC Release: SAP Security - Paper & Tool release Mariano Nuñez Di Croce (Apr 04)
- rPSA-2007-0064-1 ImageMagick rPath Update Announcements (Apr 04)
- [MajorSecurity Advisory #38]eXV2 CMS - Session fixation and Cross-Site-Scripting Issues Securityaudit (Apr 04)
- [ MDKSA-2007:074 ] - Updated qt3 packages to address utf8 decoder bug security (Apr 04)
- Remot File Include In phpexplorator_2_0 RaeD (Apr 04)
- [USN-448-1] X.org vulnerabilities Kees Cook (Apr 04)
- iXon_CMS 0.30 Remote File Include Vulnerabilities the_3dit0r (Apr 04)
- rPSA-2007-0067-1 nas rPath Update Announcements (Apr 04)
- K-CMS v1.0 Remote File Include Vulnerabilities the_3dit0r (Apr 04)
- rPSA-2007-0066-1 kdelibs qt-x11-free rPath Update Announcements (Apr 04)
- Monkey CMS v0.0.3 Remote File Include Vulnerabilitiy the_3dit0r (Apr 04)
- phpechocms v.2 Cross-Site Scripting Vulnerabilitiy the_3dit0r (Apr 04)
- iDefense Security Advisory 04.03.07: Multiple Vendor X Server BDF Font Parsing Integer Overflow Vulnerability iDefense Labs (Apr 04)
- phpechocms2 Remote File Include Vulnerabilities the_3dit0r (Apr 04)
- rPSA-2007-0065-1 freetype xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs rPath Update Announcements (Apr 04)
- MyBlog: PHP and MySQL Blog/CMS software Cross-Site Scripting Vulnerabilitiy the_3dit0r (Apr 04)
- MyBlog: PHP and MySQL Blog/CMS software Remote File Include Vulnerabilitiy the_3dit0r (Apr 04)
- [ MDKSA-2007:076 ] - Updated kdelibs packages to address UTF8 issue in KJS security (Apr 04)
- Mozilla Firefox Insecure Element Stealth Injection Vulnerability Michal Majchrowicz (Apr 04)
- rPSA-2007-0062-1 firefox rPath Update Announcements (Apr 04)
- High Risk Vulnerability in OpenOffice NGSSoftware Insight Security Research (Apr 04)
- Several Windows image viewers vulnerabilities Ivan Fratric (Apr 04)
- [SECURITY] [DSA 1277-1] New XMMS packages fix arbitrary code execution Noah Meyerhans (Apr 04)
- Gazi Okul Sitesi 2007(tr)(fotokategori.asp) Remote SQL Injection r00t-balance (Apr 04)
- [ MDKSA-2007:077 ] - Updated krb5 packages fix vulnerabilities security (Apr 04)
- Firefox extensions go Evil - Critical Vulnerabilities in Firefox/Firebug pdp (architect) (Apr 04)
- Re: [WEB SECURITY] Firefox extensions go Evil - Critical Vulnerabilities in Firefox/Firebug Daniel Veditz (Apr 05)
- Re: Firefox extensions go Evil - Critical Vulnerabilities in Firefox/Firebug Thor Larholm (Apr 06)
- VMSA-2007-0003 VMware ESX 3.0.1 and 3.0.0 server security updates VMware Security team (Apr 04)
- [ MDKSA-2007:078 ] - Updated kernel packages fix multiple vulnerabilities and bugs security (Apr 04)
- [ MDKSA-2007:079 ] - Updated xorg-x11/XFree86 packages fix integer overflow vulnerabilities security (Apr 05)
- LedgerSMB 1.2.0 finally released, fixes CVE-2006-5589 Chris Travers (Apr 05)
- [ MDKSA-2007:080 ] - Updated tightvnc packages fix integer overflow vulnerabilities security (Apr 05)
- [ MDKSA-2007:081 ] - Updated freetype2 packages fix vulnerability security (Apr 05)
- iDefense Security Advisory 04.04.07: Kaspersky AntiVirus SysInfo ActiveX Control Information Disclosure Vulnerability iDefense Labs (Apr 05)
- iDefense Security Advisory 04.04.07: Kaspersky Internet Security Suite klif.sys Heap Overflow Vulnerability iDefense Labs (Apr 05)
- Microsoft .NET request filtering bypass vulnerability (BID 20753) research (Apr 05)
- iDefense Security Advisory 04.04.07: ESRI ArcSDE Buffer Overflow Vulnerability iDefense Labs (Apr 05)
- FLEA-2007-0008-1: krb5 Foresight Linux Essential Announcement Service (Apr 05)
- FLEA-2007-0009-1: xorg-x11 freetype Foresight Linux Essential Announcement Service (Apr 05)
- Wserve HTTP Server 4.6 Version (Long Directory Name) Buffer Overflow - Denial Of Service UniquE (Apr 05)
- FLEA-2007-0010-1: evolution Foresight Linux Essential Announcement Service (Apr 05)
- [security bulletin] HPSBUX02204 SSRT071341 rev.1 - HP-UX Running CIFS Server (Samba), Remote Denial of Service (DoS) security-alert (Apr 05)
- ACLS ineffective in SQL-Ledger and LedgerSMB Chris Travers (Apr 06)
- ZDI-07-014: Kaspersky Anti-Virus ActiveX Control Unsafe Method Exposure Vulnerablity zdi-disclosures (Apr 06)
- phpContact Multiple Remote File Inclusion Vulnerabilities rko . thelegendkiller (Apr 06)
- [MajorSecurity Advisory #39]onelook onebyone CMS - Session fixation Issue Securityaudit (Apr 06)
- ZDI-07-013: Kaspersky AntiVirus Engine ARJ Archive Parsing Heap Overflow Vulnerability zdi-disclosures (Apr 06)
- [MajorSecurity Advisory #40]onelook oboShop - Session fixation Issue Securityaudit (Apr 06)
- [MajorSecurity Advisory #41]onelook courts online - Session fixation Issue Securityaudit (Apr 06)
- livor 2.5 Cross-Site Scripting Vulnerability rko . thelegendkiller (Apr 06)
- AOL Nullsoft Winamp LIBSNDFILE.DLL Remote Memory Corruption (Off By Zero) Piotr Bania (Apr 06)
- AOL Nullsoft Winamp S3M Module "IN_MOD.DLL" Remote Heap Memory Corruption Piotr Bania (Apr 06)
- AOL Nullsoft Winamp IT Module "IN_MOD.DLL" Remote Heap Memory Corruption Piotr Bania (Apr 06)
- [SECURITY] [DSA 1278-1] New man-db packages fix arbitrary code execution Noah Meyerhans (Apr 06)
- LayerOne 2007 - Speaker Line up Announced Layer One (Apr 06)
- [ GLSA 200704-06 ] Evince: Stack overflow in included gv code Raphael Marichez (Apr 07)
- [ GLSA 200704-07 ] libwpd: Multiple vulnerabilities Raphael Marichez (Apr 07)
- PHP <= 5.2.1 wbmp file handling integer overflow Ivan Fratric (Apr 07)
- [MajorSecurity Advisory #42]webblizzard CMS - Cross Site Scripting and Session fixation Issues Securityaudit (Apr 07)
- CmailServer WebMail <= V.5.3.4 (signup) Remote XSS Exploit ajannhwt (Apr 07)
- witshare 0.9 Remote File Include Vulnerabilitiy the_3dit0r (Apr 07)
- UBB.threads (<= 6.1.1) SQL Injection Vulnerability john (Apr 09)
- Scorp Book <== v1.0 (smilies.php) Remote File Include Exploit k4rtal (Apr 09)
- Take Control In Script Jeebles Directory RaeD (Apr 09)
- Gsylvain35 Portail Web Remote File Include Vulnerabilities the_3dit0r (Apr 09)
- phpMyAdmin 2.6.1 Local Cross Site Scripting the_3dit0r (Apr 09)
- Remot File Include In Script Lore v1 RaeD (Apr 09)
- DeskPRO v2.0.1 - Cross-Site Scripting Vulnerability john (Apr 09)
- Request It : Song Request System 1.0b - remote file inclusion mail (Apr 09)
- QuizShock 1.6.1 - Cross-Site Scripting Vulnerability john (Apr 09)
- Mybb Hot Editor Plugin Local File Inclusion liz0 (Apr 09)
- Re: Mybb Hot Editor Plugin Local File Inclusion Kevin Finisterre (lists) (Apr 09)
- <Possible follow-ups>
- Re: Re: Mybb Hot Editor Plugin Local File Inclusion liz0 (Apr 09)
- Hot Editor v4.0 Local File Inclusion liz0 (Apr 09)
- xodagallery Remote Code Execution Vulnerability the_3dit0r (Apr 09)
- rPSA-2007-0070-1 openoffice.org rPath Update Announcements (Apr 09)
- iDefense Security Advisory 04.09.07: AOL AIM and ICQ File Transfer Path-Traversal Vulnerability iDefense Labs (Apr 09)
- [USN-450-1] ipsec-tools vulnerability Kees Cook (Apr 10)
- phpGalleryScript 1.0 - File Inclusion Vulnerabilities z12xxa (Apr 10)
- DEF CON One Five CfP in effect! The Dark Tangent (Apr 10)
- EEYE: Windows VDM Zero Page Race Condition Privilege Escalation eEye Advisories (Apr 10)
- EEYE: Windows Vista CSRSS Dangling Process Pointer Privilege Escalation eEye Advisories (Apr 10)
- PhpOpenChat <= 3.0.1 (poc.php) Multiple Remote File Include Vulnerabilities seko (Apr 10)
- Secunia Research: Microsoft Agent URL Parsing Memory Corruption Vulnerability Secunia Research (Apr 10)
- iDefense Security Advisory 04.10.07: Microsoft Windows Universal Plug and Play Memory Corruption Vulnerability iDefense Labs (Apr 10)
- [ MDKSA-2007:077-1 ] - Updated krb5 packages fix vulnerabilities security (Apr 10)
- Re: vbulletin admincp sql injection rjmjr69 (Apr 10)
- [ MDKSA-2007:081-1 ] - Updated freetype2 packages fix vulnerability security (Apr 10)
- [USN-451-1] Linux kernel vulnerabilities Kees Cook (Apr 11)
- webMethods Glue Management Console Directory Traversal Patrick Webster (Apr 11)
- [ MDKSA-2007:080-1 ] - Updated tightvnc packages fix integer overflow vulnerabilities security (Apr 11)
- nEw Bug :D asdasd asdsadas (Apr 11)
- pL-PHP beta 0.9 - Multiple Vulnerabilities omnipresent (Apr 11)
- New bug :) asdasd asdsadas (Apr 11)
- [MajorSecurity Advisory #43]Calacode ATMail 5.0 - Cross Site Scripting and Cookie Manipulation Issue admin (Apr 11)
- CodeBreak (codebreak.php process_method) - Remote File Inclusion Vulnerability john (Apr 11)
- Cosign SSO Authentication Bypass Jon Oberheide (Apr 11)
- Re: Latinchat Denial Of Service d4rksoft (Apr 11)
- PunBB <= 1.2.14 Multiple Vulnerabilities (Advisory) gmdarkfig (Apr 11)
- PunBB <= 1.2.14 Remote Code Execution (Exploit) gmdarkfig (Apr 11)
- Steganos Encrypted Safe NOT so safe frankrizzo604 (Apr 11)
- Re: Steganos Encrypted Safe NOT so safe Andreas Beck (Apr 14)
- <Possible follow-ups>
- Re: Steganos Encrypted Safe NOT so safe support (Apr 26)
- [ MDKSA-2007:079-1 ] - Updated xorg-x11/XFree86 packages fix integer overflow vulnerabilities security (Apr 11)
- [ MDKSA-2007:083 ] - Updated apache-mod_perl packages fix DoS vulnerability security (Apr 11)
- [ MDKSA-2007:075-1 ] - Updated qt4 packages to address utf8 decoder bug security (Apr 11)
- iDefense Security Advisory 04.11.07: Apache HTTPD suEXEC Multiple Vulnerabilities iDefense Labs (Apr 11)
- [ MDKSA-2007:082 ] - Updated madwifi-source, wpa_supplicant packages fix vulnerabilities security (Apr 11)
- E107 - (v0.7.8) Access Escalation Vulnerbility - PoC jd2k2000 (Apr 12)
- HPSBUX02205 SSRT061120 rev.1 - HP-UX Running ARPA Transport, Local Denial of Service (DoS) security-alert (Apr 12)
- CVE-2007-1871: Cross site scripting in chcounter 3.1.3 Hanno Böck (Apr 12)
- INFIGO-2007-04-05: Enterprise Security Analyzer server remote buffer overflows infocus (Apr 12)
- CVE-2007-1872: Cross site scripting in toendaCMS 1.5.3 Hanno Böck (Apr 12)
- Critical phpwiki c99shell exploit rurban (Apr 12)
- Re: Critical phpwiki c99shell exploit Gadi Evron (Apr 12)
- RE: Critical phpwiki c99shell exploit Ryan Neufeld (Apr 12)
- Re: Critical phpwiki c99shell exploit Taneli Leppä (Apr 16)
- Re: Critical phpwiki c99shell exploit Jamie Riden (Apr 12)
- Re: Critical phpwiki c99shell exploit Gadi Evron (Apr 12)
- [security bulletin] HPSBST02206 SSRT071354 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS07-014 security-alert (Apr 12)
- [security bulletin] HPSBUX01137 SSRT5954 rev.9 - HP-UX Running TCP/IP (IPv4), Remote Denial of Service (DoS) security-alert (Apr 12)
- [ GLSA 200704-08 ] DokuWiki: Cross-site scripting vulnerability Matthias Geerdsen (Apr 12)
- [security bulletin] HPSBGN02199 SSRT071312 rev.1 - Mercury Quality Center ActiveX, Remote Unauthorized Arbitrary Code Execution security-alert (Apr 12)
- Cisco Security Advisory: Multiple Vulnerabilities in the Cisco Wireless LAN Controller and Cisco Lightweight Access Points Cisco Systems Product Security Incident Response Team (Apr 12)
- Cisco Security Advisory: Multiple Vulnerabilities in the Cisco Wireless Control System Cisco Systems Product Security Incident Response Team (Apr 12)
- Cross site scripting in mephisto 0.7.3 Hanno Böck (Apr 12)
- <Possible follow-ups>
- Re: Cross site scripting in mephisto 0.7.3 encytemedia (Apr 12)
- [security bulletin] HPSBUX02203 SSRT071339 rev.1 - HP-UX Running Portable File System (PFS), Remote Increase in Privilege security-alert (Apr 12)
- TuMusika Evolution 1.6 Cross Site Scripting Vulnerabilitiy the_3dit0r (Apr 12)
- phpwebnews v.1 Multiple Cross Site Scripting Vulnerabilites the_3dit0r (Apr 12)
- Chatness <= 2.5.3 - Arbitrary Code Execution jd2k2000 (Apr 12)
- FAC GuestBook v2.0 remote database disclosure vulnerability the_3dit0r (Apr 12)
- Aircrack-ng (airodump-ng) remote buffer overflow vulnerability jonny (Apr 12)
- iDefense Security Advisory 04.12.07: Hewlett Packard HP-UX Remote pfs_mountd.rpc Buffer Overflow Vulnerability iDefense Labs (Apr 12)
- [USN-452-1] KDE library vulnerability Kees Cook (Apr 12)
- [Argeniss] Hacking Databases for owning your data (paper) Cesar (Apr 13)
- [OPENADS-SA-2007-003] Openads 2.0.11 vulnerability fixed Matteo Beccati (Apr 13)
- [OPENADS-SA-2007-004] Max Media Manager v0.1.29-rc and v0.3.31-alpha-pr2 vulnerability fixed Matteo Beccati (Apr 13)
- [MajorSecurity Advisory #44]MailBee WebMail Pro - Cross Site Scripting Issue admin (Apr 13)
- [waraxe-2007-SA#048] - Multiple vulnerabilities in Virtual War 1.5 module for PhpNuke come2waraxe (Apr 13)
- TSRT-07-04: LANDesk Management Suite Alert Service Stack Overflow Vulnerability TSRT (Apr 13)
- Vbulletin 3.6.5 Sql Injection ! [misc.php] seko (Apr 13)
- <Possible follow-ups>
- Re: Vbulletin 3.6.5 Sql Injection ! [misc.php] scott-REMOVE (Apr 14)
- bloofoxCMS 0.2.2 Cross Site Scripting the_3dit0r (Apr 14)
- VCDGear <= 3.56 Build 050213 (FILE) Local Code Execution Exploit meftun (Apr 14)
- Back-End CMS Database Tables v0.4.7 Cross Site Scripting the_3dit0r (Apr 14)
- MobilePublisherphp v1.1.2 Remote File Include Vulnerabilities the_3dit0r (Apr 14)
- Maian Search v1.1 k4rtal (Apr 14)
- <Possible follow-ups>
- Re: Maian Search v1.1 support (Apr 16)
- FloweRS v2.0 Cross Site Scripting the_3dit0r (Apr 14)
- Maian Gallery v1.0 k4rtal (Apr 14)
- <Possible follow-ups>
- Re: Maian Gallery v1.0 support (Apr 16)
- B2evolution 1.6 RFi k4rtal (Apr 14)
- MySpeach v1.9 k4rtal (Apr 14)
- Back-End CMS Database Tables v0.4.7 Remote File Include Vulnerabilities the_3dit0r (Apr 14)
- Flip-search-add-on 2.0 k4rtal (Apr 14)
- Maian Weblog v3.1 k4rtal (Apr 14)
- bloofoxCMS 0.2.2 Remote File Include Vulnerabilitiy the_3dit0r (Apr 14)
- <Possible follow-ups>
- Re: bloofoxCMS 0.2.2 Remote File Include Vulnerabilitiy info (Apr 17)
- phpMyChat-0.14.5 k4rtal (Apr 14)
- <Possible follow-ups>
- Re: phpMyChat-0.14.5 stuart_smith (Apr 16)
- Pixaria Gallery 1.0 (class.Smarty.php) Remote File Include Vulnerability irvian_yoe (Apr 16)
- Re: sitex multiple vulnerabilities Lostmon (Apr 16)
- Sitebar 3.3.5 (index.php writerFile)Remote File Include Vulnerabilities ?? ???? ?????? (Apr 16)
- [ GLSA 200704-09 ] xine-lib: Heap-based buffer overflow Raphael Marichez (Apr 16)
- Re: [exploits] RPC vuln in DNS Server (fwd) Gadi Evron (Apr 16)
- LS simple guestbook - arbitrary code execution jd2k2000 (Apr 16)
- Joomla/Mambo Jambook v1.0 beta7 Rfi Vuln. crazy_king (Apr 16)
- [MajorSecurity Advisory #45]oe2edit CMS - Cross Site Scripting and Cookie Manipulation Issue admin (Apr 16)
- ZoneAlarm Multiple insufficient argument validation of hooked SSDT function Vulnerability Matousec - Transparent security Research (Apr 16)
- ActionPoll Script (actionpoll.php) Remote File Include // starhack.org seko (Apr 16)
- MyBlog <= 0.9.8 Remote Command Execution Exploit BlackHawk (Apr 16)
- Microsoft DNS Server Remote Code execution: Analysis and exploit mballano (Apr 16)
- Windows DNS Cache Poisoning by Forwarder DNS Spoofing Makoto Shiotsuki (Apr 16)
- RE: Windows DNS Cache Poisoning by Forwarder DNS Spoofing Roger A. Grimes (Apr 17)
- Re: Windows DNS Cache Poisoning by Forwarder DNS Spoofing Tim (Apr 17)
- Re: Windows DNS Cache Poisoning by Forwarder DNS Spoofing Makoto Shiotsuki (Apr 18)
- Re: Windows DNS Cache Poisoning by Forwarder DNS Spoofing Tim (Apr 18)
- RE: Windows DNS Cache Poisoning by Forwarder DNS Spoofing Roger A. Grimes (Apr 18)
- Re: Windows DNS Cache Poisoning by Forwarder DNS Spoofing Tim (Apr 18)
- Re: Windows DNS Cache Poisoning by Forwarder DNS Spoofing Makoto Shiotsuki (Apr 17)
- RE: Windows DNS Cache Poisoning by Forwarder DNS Spoofing Roger A. Grimes (Apr 17)
- Re[2]: Windows DNS Cache Poisoning by Forwarder DNS Spoofing 3APA3A (Apr 17)
- RE: Re[2]: Windows DNS Cache Poisoning by Forwarder DNS Spoofing Roger A. Grimes (Apr 18)
- RE: Re[2]: Windows DNS Cache Poisoning by Forwarder DNS Spoofing Oliver Friedrichs (Apr 19)
- Re: Windows DNS Cache Poisoning by Forwarder DNS Spoofing Bojan Zdrnja (Apr 18)
- Re: Windows DNS Cache Poisoning by Forwarder DNS Spoofing Matthew Dixon Cowles (Apr 18)
- Re: Windows DNS Cache Poisoning by Forwarder DNS Spoofing Tim (Apr 17)
- RE: Windows DNS Cache Poisoning by Forwarder DNS Spoofing Roger A. Grimes (Apr 17)
- [ GLSA 200704-10 ] Inkscape: Two format string vulnerabilities Matthias Geerdsen (Apr 16)
- Persistent CSRF and The Hotlink Hell pdp (architect) (Apr 16)
- Re: [WEB SECURITY] Persistent CSRF and The Hotlink Hell Ryan Barnett (Apr 17)
- Re: [Full-disclosure] [WEB SECURITY] Persistent CSRF and The Hotlink Hell Blue Boar (Apr 17)
- Re: [WEB SECURITY] Persistent CSRF and The Hotlink Hell Ryan Barnett (Apr 17)
- iDefense Security Advisory 04.16.07: ClamAV CAB File Unstore Buffer Overflow Vulnerability iDefense Labs (Apr 16)
- Ivan Gallery Script V.0.1 (index.php) Remote File Include Exploit seko (Apr 16)
- [ GLSA 200704-11 ] Vixie Cron: Denial of Service Matthias Geerdsen (Apr 16)
- rPSA-2007-0071-1 kernel rPath Update Announcements (Apr 16)
- Akamai Technologies Security Advisory 2007-0001 Akamai Security Team (Apr 16)
- [ MDKSA-2007:086 ] - Updated cups packages fix DoS vulnerability security (Apr 16)
- [ MDKSA-2007:084 ] - Updated ipsec-tools packages fix DoS vulnerability security (Apr 16)
- [ MDKSA-2007:085 ] - Updated freeradius packages fix DoS vulnerability security (Apr 16)
- [ GLSA 200704-12 ] OpenOffice.org: Multiple vulnerabilities Raphael Marichez (Apr 16)
- iDefense Security Advisory 04.16.07: Akamai Download Manager ActiveX Stack Buffer Overflow Vulnerability iDefense Labs (Apr 17)
- Netsprint Toolbar 1.1 arbitrary remote code vulnerability Michal Bucko (Apr 17)
- Re: Netsprint Toolbar 1.1 arbitrary remote code vulnerability Michal Zalewski (Apr 17)
- PHP Nuke <= 8.0.0.3.3b SQL Injections and Bypass SQL Injection Protection vulnerabilities programmer (Apr 17)
- Re: PHP Nuke <= 8.0.0.3.3b SQL Injections and Bypass SQL Injection Protection vulnerabilities Paul Laudanski (Apr 18)
- Remot File Include In Script phphd_downloads RaeD (Apr 17)
- Remot File Include download_engine_V1.4.3 RaeD (Apr 17)
- Wabbit PHP Gallery v0.9 Cross Site Scripting the_3dit0r (Apr 17)
- my little weblog Cross Site Scripting the_3dit0r (Apr 17)
- my little forum 1.7 Remote File Include Vulnerabilitiy the_3dit0r (Apr 17)
- webMethods Security Advisory: Glue console directory traversal vu lnerability Jeremy Epstein (Apr 17)
- Internet Explorer Crash J. Oquendo (Apr 17)
- Re: Internet Explorer Crash The Anarcat (Apr 17)
- Re: Internet Explorer Crash Mike Ely (Apr 18)
- Re: Internet Explorer Crash simone colombo (Apr 19)
- <Possible follow-ups>
- Re: Internet Explorer Crash Thor (Hammer of God) (Apr 17)
- Re: Internet Explorer Crash Tom Gregory (Apr 18)
- Re: Internet Explorer Crash Rob Bartlett (Apr 18)
- Re: Internet Explorer Crash Kevin Finisterre (lists) (Apr 19)
- Re: Internet Explorer Crash Dave Walker (Apr 19)
- Re: Internet Explorer Crash C. Bergström (Apr 19)
- Message not available
- Re: Internet Explorer Crash Thor (Hammer of God) (Apr 18)
- Re: Internet Explorer Crash Tom Gregory (Apr 18)
- Re: Internet Explorer Crash The Anarcat (Apr 17)
- Re: Internet Explorer Crash elflord91 (Apr 18)
- Re: [Full-disclosure] A Botted Fortune 500 a Day Jamie Riden (Apr 17)
- Re: [Full-disclosure] A Botted Fortune 500 a Day Steven Adair (Apr 17)
- Re: [Full-disclosure] A Botted Fortune 500 a Day Jamie Riden (Apr 17)
- Re: [Full-disclosure] A Botted Fortune 500 a Day Simon Smith (Apr 17)
- Re: [Full-disclosure] A Botted Fortune 500 a Day Steven Adair (Apr 17)
- Re: [Full-disclosure] A Botted Fortune 500 a Day Nick FitzGerald (Apr 18)
- Re: [Full-disclosure] Cross Domain XMLHttpRequest ascii (Apr 17)
- <Possible follow-ups>
- Re: ZDI-07-020: BMC Performance Manager SNMP Command Execution Vulnerability rashbi (Apr 19)
- Re: Yet another SQL injection framework (file corruption) Guillermo Marro (Apr 20)
- Re: Yet another SQL injection framework Nick Boyce (Apr 20)
- RE: Yet another SQL injection framework Greg Merideth (Apr 23)
- <Possible follow-ups>
- Re: WS_FTP Home 2007 NetscapeFTPHandler denial of service sapheal (Apr 23)
- Re: claroline <= Multiple Remote File Include Vulnerablitiy BlackHawk (Apr 24)
- Re: gallery >> 1.5.6 Remote File Inclusion Chris Kelly (Apr 24)
- <Possible follow-ups>
- Re: gallery >> 1.5.6 Remote File Inclusion the . tiger100 (Apr 24)
- Re: ImageProcessing ... Local (Denial of Service Exploit) Tim Newsham (Apr 24)
- Re: 3Com's TippingPoint Denial of Service Simple Nomad (Apr 24)
- Re: 3Com's TippingPoint Denial of Service Secure (Apr 25)
- <Possible follow-ups>
- Re: 3Com's TippingPoint Denial of Service Steven M. Christey (Apr 25)
- <Possible follow-ups>
- Re: WordPress v2.1.3 >> remote file include~ otto (Apr 26)
- <Possible follow-ups>
- Re: Sphider Version 1.2.x (include_dir) file include ijoo . keren (Apr 30)
- Re: GHH Portal 1.1 (passwd.txt) Remote Password Disclosure Vulnerability Jamie Riden (Apr 30)