Bugtraq: by author
435 messages
starting May 25 07 and
ending May 16 07
Date index |
Thread index |
Author index
242th section
Pligg critical vulnerability 242th section (May 25)
3APA3A
Re: Retrieving "deleted" sms/mms from Nokia phone (Symbian S60) 3APA3A (May 16)
Re: Media Player Classic .MPA Div-By-Zero Denial of Service Vulnerability 3APA3A (May 16)
Re[2]: [Full-disclosure] Question Regarding IIS 6.0 / Is this a DoS??? 3APA3A (May 23)
Re[2]: Medium security hole affecting DSL-G624T 3APA3A (May 04)
Re: Medium security hole affecting DSL-G624T 3APA3A (May 03)
Re: [Full-disclosure] Question Regarding IIS 6.0 / Is this a DoS??? 3APA3A (May 23)
Re: Exim 4.66 in conjunction with spamd Overflow issues 3APA3A (May 15)
abbasi
Post Nuke v4bJournal Module Sql Inject abbasi (May 02)
absamu
fotolog xss absamu (May 11)
ACROS Security
ACROS Security: Session Fixation Vulnerability in HP SIM 5.0 ACROS Security (May 18)
Adam Laurie
ANNOUNCE: RFIDIOt version 0.1m released (May 16th 2007) Adam Laurie (May 16)
aditya kuppa
Defeating Citibank Virtual Keyboard protection using screenshot method aditya kuppa (May 17)
admin
[MajorSecurity Advisory #48]eggblog - Session fixation Issue admin (May 29)
[MajorSecurity Advisory #47]Simple Machines Forum (SMF) - Session fixation Issue admin (May 05)
aeroxteam_PLEASEDONTSPAMUS
Re: NPDS <= 5.10 - Multiple SQL injections aeroxteam_PLEASEDONTSPAMUS (May 05)
NPDS <= 5.10 - Multiple SQL injections aeroxteam_PLEASEDONTSPAMUS (May 04)
ALEMIN KRALI
W1L3D4 Philboard v0.2 sql injection ALEMIN KRALI (May 11)
Alexander Sotirov
Exchange Calendar MODPROPS Denial of Service (CVE-2007-0039) Alexander Sotirov (May 09)
announcements
WASC Announcement: Distributed Open Proxy Honeypot Project Data Released announcements (May 08)
Ansgar -59cobalt- Wiechers
Re: Defeating Citibank Virtual Keyboard protection using screenshot method Ansgar -59cobalt- Wiechers (May 10)
balazs . zolika
Re: RE: Defeating Citibank Virtual Keyboard protection using screenshot method balazs . zolika (May 10)
Re: Re: Defeating Citibank Virtual Keyboard protection using screenshot method balazs . zolika (May 18)
bendeniz_avci
Webspeed OpenEdge Dos exploit bendeniz_avci (May 12)
binagres
Computer Associates eTrust InoTask.exe Antivirus Buffer Overflow Vulnerability binagres (May 11)
BlackHawk
Inout Meta Searh engine Remote Code Execution BlackHawk (May 28)
Blazej Miga
Apache httpd vulenrabilities Blazej Miga (May 29)
Bojan Zdrnja
Re: Defeating Citibank Virtual Keyboard protection using screenshot method Bojan Zdrnja (May 17)
Re: Defeating Citibank Virtual Keyboard protection using screenshot method Bojan Zdrnja (May 16)
bugtraq
[tool] Etherbat - Ethernet topology discovery bugtraq (May 30)
c0ntexb
Re: Magic iso heap over flow <Help> c0ntexb (May 23)
calcite
Exim 4.66 in conjunction with spamd Overflow issues calcite (May 14)
chiweeman
Re: fx-APP Version 0.0.8.1 chiweeman (May 28)
ciri
OTRS <= 2.0.x XSS/XSRF ciri (May 07)
Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Vulnerability In Crypto Library Cisco Systems Product Security Incident Response Team (May 22)
Cisco Security Advisory: Multiple Vulnerabilities in the IOS FTP Server Cisco Systems Product Security Incident Response Team (May 09)
Cisco Security Advisory: LDAP and VPN Vulnerabilities in PIX and ASA Appliances Cisco Systems Product Security Incident Response Team (May 02)
Cisco Security Advisory: Multiple Vulnerabilities in Cisco IOS While Processing SSL Packets Cisco Systems Product Security Incident Response Team (May 22)
come2waraxe
[waraxe-2007-SA#051] - Sql Injection in 2z Project 0.9.5 come2waraxe (May 23)
[waraxe-2007-SA#050] - Sql Injection in WordPress 2.1.3 come2waraxe (May 22)
Cornelius Riemenschneider
SQL-Injection in IP-TRACKING Mod for phpBB2.0.x Cornelius Riemenschneider (May 22)
corrado . liotta
Mini Web Shop v.2 Vulnerable to XSS corrado . liotta (May 07)
GMTT Music Distro 1.2 XSS Exploit corrado . liotta (May 22)
crazy frog crazy frog
Re: Pligg critical vulnerability crazy frog crazy frog (May 26)
crossbower
I, Bot. Taking advantage of robots power (Article) crossbower (May 16)
Daniele Calore
Re: [security bulletin] HPSBTU02211 SSRT071326 rev.1 - HP Tru64 UNIX Running the dop command, Local Execution of Arbitrary Code with Privilege Elevation Daniele Calore (May 09)
Dann Frazier
[SECURITY] [DSA 1286-1] New Linux 2.6.18 packages fix several vulnerabilities Dann Frazier (May 02)
David Cantrell
Re: Apple Safari on MacOSX may reveal user's saved passwords David Cantrell (May 16)
Re: Apple Safari on MacOSX may reveal user's saved passwords David Cantrell (May 17)
Davide Del Vecchio
Re: Retrieving "deleted" sms/mms from Nokia phone (Symbian S60) Davide Del Vecchio (May 16)
Retrieving "deleted" sms/mms from Nokia phone (Symbian S60) Davide Del Vecchio (May 15)
David Gillett
RE: Defeating Citibank Virtual Keyboard protection using screenshot method David Gillett (May 10)
David Litchfield
Oracle Forensics Part 4: Live Response David Litchfield (May 22)
Debasis Mohanty
RE: Defeating Citibank Virtual Keyboard protection using screenshot method Debasis Mohanty (May 10)
diabol the japanophile
Re: Retrieving "deleted" sms/mms from Nokia phone (Symbian S60) diabol the japanophile (May 25)
DoZ
Aardvark Topsites PHP Directory Disclosure Vulnerability DoZ (May 03)
e1c4
Kayako eSupport v3.00.90 Cross Site Scripting (XSS) e1c4 (May 07)
Eduardo Tongson
Re: [Full-disclosure] Retrieving "deleted" sms/mms from Nokia phone (Symbian S60) Eduardo Tongson (May 22)
Eli Dart
Re: Defeating Citibank Virtual Keyboard protection using screenshot method Eli Dart (May 10)
erdc
[ECHO_ADV_82$2007] wordpress plugins wp-Table <= 1.43 (wpPATH) Remote File Inclusion Vulnerability erdc (May 02)
[ECHO_ADV_81$2007] wordpress plugins wordTube <= 1.43 (wpPATH) Remote File Inclusion Vulnerability erdc (May 02)
expw0rm
ifdate 2.* unauthorized administrative access bug expw0rm (May 14)
Fatih Ozavci
GS07-01 Full-Width and Half-Width Unicode Encoding IDS/IPS/WAF Bypass Vulnerability Fatih Ozavci (May 15)
Florian Weimer
Re: Defeating Citibank Virtual Keyboard protection using screenshot method Florian Weimer (May 10)
Foresight Linux Essential Announcement Service
FLEA-2007-0022-1: file Foresight Linux Essential Announcement Service (May 24)
FLEA-2007-0018-1: libpng Foresight Linux Essential Announcement Service (May 17)
FLEA-2007-0017-1: samba Foresight Linux Essential Announcement Service (May 15)
FLEA-2007-0020-1: freetype Foresight Linux Essential Announcement Service (May 24)
FLEA-2007-0019-1: python Foresight Linux Essential Announcement Service (May 22)
FLEA-2007-0023-1: firefox Foresight Linux Essential Announcement Service (May 31)
FLEA-2007-0016-1: kernel Foresight Linux Essential Announcement Service (May 08)
FLEA-2007-0021-1: madwifi Foresight Linux Essential Announcement Service (May 24)
FreeBSD Security Advisories
FreeBSD Security Advisory FreeBSD-SA-07:04.file FreeBSD Security Advisories (May 23)
g0rk3m-31
Zindizayn Okul Web Sistemi v1.0 Sql VulnZ. g0rk3m-31 (May 26)
Gadi Evron
Re: Broadband routers and botnets - being proactive Gadi Evron (May 15)
Re: Defeating Citibank Virtual Keyboard protection using screenshot method Gadi Evron (May 09)
Broadband routers and botnets - being proactive Gadi Evron (May 12)
RE: Defeating Citibank Virtual Keyboard protection using screenshot method Gadi Evron (May 09)
RE: Defeating Citibank Virtual Keyboard protection using screenshot method Gadi Evron (May 10)
Gerald (Jerry) Carter
[SAMBA-SECURITY] CVE-2007-2447: Remote Command Injection Vulnerability Gerald (Jerry) Carter (May 14)
[SAMBA-SECURITY] CVE-2007-2444: Local SID/Name Translation Failure Can Result in User Privilege Elevation Gerald (Jerry) Carter (May 14)
[SAMBA-SECURITY] CVE-2007-2446: Multiple Heap Overflows Allow Remote Code Execution Gerald (Jerry) Carter (May 14)
Glynn Clements
RE: Defeating Citibank Virtual Keyboard protection using screenshot method Glynn Clements (May 15)
gmdarkfig
Nuked-klaN 1.7.6 Remote Code Execution Exploit gmdarkfig (May 05)
gobbles_fo_evar
AP Newspower software <=4.0.1 allows remote data manipulation gobbles_fo_evar (May 08)
graham . coles
Re: Apple Safari on MacOSX may reveal user's saved passwords graham . coles (May 16)
Re: Apple Safari on MacOSX may reveal user's saved passwords graham . coles (May 17)
hack2prison
eSyndiCat Input Validation Error Vulnerability hack2prison (May 18)
Hugo van der Kooij
RE: Defeating Citibank Virtual Keyboard protection using screenshot method Hugo van der Kooij (May 12)
Ian Ward Comfort
Re: Apple Safari on MacOSX may reveal user's saved passwords Ian Ward Comfort (May 16)
iDefense Labs
iDefense Security Advisory 05.08.07: Microsoft Exchange Server 2000 IMAP Literal Processing DoS Vulnerability iDefense Labs (May 09)
iDefense Security Advisory 05.25.07: Sun Java System Web Proxy Multiple Buffer Overflow Vulnerabilities iDefense Labs (May 25)
iDefense Security Advisory 05.08.07: Microsoft Word RTF File Parsing Heap Corruption Vulnerability iDefense Labs (May 09)
iDefense Security Advisory 05.08.07: Microsoft Excel Filter Record Code Execution Vulnerability iDefense Labs (May 09)
iDefense Security Advisory 05.24.07: Apple Computer Mac OS X pppd Plugin Loading Privilege Escalation Vulnerability iDefense Labs (May 24)
iDefense Security Advisory 05.09.07: Symantec Norton Internet Security 2006 COM Object Security ByPass Vulnerability iDefense Labs (May 09)
iDefense Security Advisory 05.10.07: Novell NetMail NMDMC Buffer Overflow Vulnerability iDefense Labs (May 10)
iDefense Security Advisory 05.02.07: LiveData Protocol Server Heap Overflow Vulnerability iDefense Labs (May 02)
iDefense Security Advisory 05.07.07: Sun Microsystems Solaris ACE_SETACL Integer Signedness DoS Vulnerability iDefense Labs (May 07)
iDefense Security Advisory 05.23.07: Opera Software Opera Web Browser Transfer Item Pop-up Menu Stack Overflow Vulnerability iDefense Labs (May 23)
iDefense Security Advisory 04.30.07: Cerulean Studios Trillian Multiple IRC Vulnerabilities iDefense Labs (May 01)
iDefense Security Advisory 05.08.07: McAfee Security Center IsOldAppInstalled ActiveX Buffer Overflow Vulnerability iDefense Labs (May 09)
iDefense Security Advisory 05.10.07: Apple Darwin Streaming Proxy Multiple Vulnerabilities iDefense Labs (May 11)
iDefense Security Advisory 05.10.07: Sun Microsystems Solaris SRS Proxy Core srsexec Arbitrary File Read Vulnerability iDefense Labs (May 10)
iDefense Security Advisory 05.14.07: Samba SAMR Change Password Remote Command Injection Vulnerability iDefense Labs (May 14)
iDefense Security Advisory 05.09.07: Computer Associates eTrust InoTask.exe Antivirus Buffer Overflow Vulnerability iDefense Labs (May 10)
ilkerkandemir
fipsCMS v2.1 Remote SQL injection Vulnerability ilkerkandemir (May 07)
pfa CMS v6.0 (index.php repinc) Remote File Include Vulnerability ilkerkandemir (May 07)
PHPHtmlLib <= 2.4.0 Remote File Include Exploit ilkerkandemir (May 07)
phpHoo3 (admin.php) Remote Login Bypass SQL Injection Vulnerability ilkerkandemir (May 07)
SchoolBoard (admin.php) Remote Login Bypass SQL Injection Vulnerability ilkerkandemir (May 03)
PHPSecurityAdmin Remote File Include Exploit ilkerkandemir (May 04)
imipak
Re: Defeating Citibank Virtual Keyboard protection using screenshot method imipak (May 15)
info
Re: UPDATED: CubeCart (v3.0.15) - CRLF Injection Vulnerability info (May 09)
Re: 12All File Upload Vulnerability info (May 07)
Digital Armaments May-June-2007 Hacking Challenge: VMware info (May 09)
ISecAuditors Security Advisories
[ISecAuditors Security Advisories] Microsoft IIS5 NTLM and Basic authentication bypass ISecAuditors Security Advisories (May 22)
Ismael Briones
NOD32 Antivirus Long Path Name Stack Overflow Vulnerabilities Ismael Briones (May 22)
Re: NOD32 Antivirus Long Path Name Stack Overflow Vulnerabilities Ismael Briones (May 24)
jadoba
Vulnerability - cpCommerce - XSS jadoba (May 25)
James C. Slora Jr.
RE: Defeating Citibank Virtual Keyboard protection using screenshot method James C. Slora Jr. (May 11)
James Youngman
GNU Findutils release 4.2.31 fixes CVE-2007-2452 (GNU locate heap buffer overrun) James Youngman (May 31)
Jan Heisterkamp
Re: Defeating Citibank Virtual Keyboard protection using screenshot method Jan Heisterkamp (May 11)
jcarlos . norte
Wordpress All versions XSS jcarlos . norte (May 02)
Jean-Sébastien Guay-Leroux
Multiple vendors ZOO file decompression infinite loop DoS Jean-Sébastien Guay-Leroux (May 04)
Jeremy Epstein
Updated: webMethods Security Advisory: Glue console directory traversal vulnerability Jeremy Epstein (May 07)
Jerome Athias
Re: notepad++[v4.1]: (win32) ruby file processing buffer overflow exploit. Jerome Athias (May 23)
Jim Harrison
RE: Defeating Citibank Virtual Keyboard protection using screenshot method Jim Harrison (May 09)
RE: Defeating Citibank Virtual Keyboard protection using screenshot method Jim Harrison (May 09)
RE: XSS in Microsoft SharePoint Jim Harrison (May 05)
RE: Defeating Citibank Virtual Keyboard protection using screenshot method Jim Harrison (May 09)
Johannes Greil
SEC Consult SA-20070509-0 :: Multiple vulnerabilites in Nokia Intellisync Mobile Suite & Wireless Email Express Johannes Greil (May 09)
john
RedLevel Advisory #020 - HLstats v1.35 Cross-Site Scripting Vulnerability #3 john (May 22)
VP-ASP Shopping Cart 6.50 - Cross-Site Scripting Vulnerability john (May 17)
ACP3 (v4.0b3) - Multiple Vulnerabilities john (May 05)
RedLevel Advisory #022 - ClonusWiki .5 Cross-Site Scripting Vulnerability john (May 22)
SunShop (v4) Multiple Vulnerabilities john (May 07)
UPDATED: CubeCart (v3.0.15) - CRLF Injection Vulnerability john (May 07)
RedLevel Advisory #017 - PsychoStats v3.0.6b Multiple Cross-Site Scripting Vulnerabilities john (May 22)
RedLevel Advisory #015 - Redoable 1.2 Cross-Site Scripting Vulnerability (patch included) john (May 17)
Bradford CampusManager v3.1(6) Sensitive Data Disclosure john (May 03)
Drake CMS (v0.4.0) - CRLF Injection Vulnerability john (May 07)
RedLevel Advisory #018 - RM EasyMail Plus - Cross-Site Scripting Vulnerability #2 john (May 22)
RedLevel Advisory #017 - HLstats v1.35 Cross-Site Scripting Vulnerability #2 john (May 19)
RedLevel Advisory #021 - CubeCart v3.0.16 SQL Injection Vulnerability john (May 22)
Podium CMS - Cookie Manipulation Exploit john (May 07)
RedLevel Advisory #23 - SalesCart Shopping Cart SQL Injection Vulnerability john (May 29)
RedLevel Advisory #016 - HLstats v1.35 Cross-Site Scripting Vulnerability john (May 19)
John McGuire
12All File Upload Vulnerability John McGuire (May 03)
Josh Zlatin-Amishav
Re: squirrelmail CSRF vulnerability Josh Zlatin-Amishav (May 10)
Re: squirrelmail CSRF vulnerability Josh Zlatin-Amishav (May 12)
KaCo678
Magic iso heap over flow <Help> KaCo678 (May 22)
Kees Cook
[USN-462-1] PHP vulnerabilities Kees Cook (May 23)
[USN-436-2] KTorrent vulnerability Kees Cook (May 18)
[USN-467-1] Gimp vulnerability Kees Cook (May 31)
[USN-465-1] PulseAudio vulnerability Kees Cook (May 26)
[USN-463-1] vim vulnerability Kees Cook (May 23)
[USN-460-2] Samba regression Kees Cook (May 22)
[USN-457-1] elinks vulnerability Kees Cook (May 07)
[USN-460-1] Samba vulnerabilities Kees Cook (May 16)
[USN-459-2] pptpd regression Kees Cook (May 22)
[USN-461-1] Quagga vulnerability Kees Cook (May 18)
[USN-466-1] freetype vulnerability Kees Cook (May 31)
[USN-458-1] MoinMoin vulnerabilities Kees Cook (May 08)
[USN-459-1] pptpd vulnerability Kees Cook (May 15)
[USN-456-1] net-snmp vulnerability Kees Cook (May 02)
kepledehlah
american cart 3.* (abs_path) remote file include kepledehlah (May 07)
Kevin Finisterre (lists)
Re: Apple Safari on MacOSX may reveal user's saved passwords Kevin Finisterre (lists) (May 18)
kimhm682000
Re: notepad++[v4.1]: (win32) ruby file processing buffer overflow exploit. kimhm682000 (May 22)
kingcope
RE: [Full-disclosure] Question Regarding IIS 6.0 / Is this a DoS??? kingcope (May 23)
lagged2hell
Re: sunshop v4 >> RFI lagged2hell (May 04)
laurent . gaffie
cpcommerce < v1.1.0 [sql injection] laurent . gaffie (May 29)
vbulletin < 3.6.6 [permanent xss] laurent . gaffie (May 16)
Re: DGNews version 2.1 SQL Injection Vulnerability laurent . gaffie (May 29)
PHP JackKnife [multiple vulnerabilities] laurent . gaffie (May 31)
Re: Jetbox CMS version 2.1 E-Mail Injection Vulnerability laurent . gaffie (May 15)
lists
Re: Mac OS X vpnd local format string lists (May 29)
ls
MyBloggie 2.1.6 SQL Injection ls (May 31)
Practicle Gallery 1.0.1 XSS ls (May 30)
Particle Blogger 1.2.1 SQL Injection ls (May 30)
Lucas, Mark J.
RE: Apple Safari on MacOSX may reveal user's saved passwords Lucas, Mark J. (May 14)
mailbox () martinelli com
Re: RFI In Script FlashChat_v479 mailbox () martinelli com (May 30)
Re: Defeating Citibank Virtual Keyboard protection using screenshot method mailbox () martinelli com (May 17)
RE: Apple Safari on MacOSX may reveal user's saved passwords mailbox () martinelli com (May 14)
Mark-David McLaughlin (marmclau)
RE: Cisco CallManager 4.1 Input Validation Vulnerability Mark-David McLaughlin (marmclau) (May 23)
Mark Senior
Re: Apple Safari on MacOSX may reveal user's saved passwords Mark Senior (May 17)
Mark Thomas
[CVE-2007-1355] Tomcat documentation XSS vulnerabilities Mark Thomas (May 19)
Martin Schulze
[SECURITY] [DSA 1293-1] New quagga packages fix denial of service Martin Schulze (May 17)
Marvin Frick
Re: iDefense Security Advisory 04.30.07: Cerulean Studios Trillian Multiple IRC Vulnerabilities Marvin Frick (May 04)
Matousec - Transparent security Research
ZoneAlarm Insufficient validation of 'vsdatant' driver input buffer Vulnerability Matousec - Transparent security Research (May 01)
Bypassing PFW/HIPS open process control with uncommon identifier Matousec - Transparent security Research (May 15)
matrix
NASA Site Bug ( Check URI Input ) matrix (May 19)
Matthew Leeds
Re[2]: Retrieving "deleted" sms/mms from Nokia phone (Symbian S60) Matthew Leeds (May 16)
M. Burnett
RE: RDP TLS downgrade M. Burnett (May 09)
Michael Domberg
Cross-Site Scripting in Adobe RoboHelp 6, Server 6 and X5 Michael Domberg (May 11)
Design Flaw in Deutsche Telekom Speedport w700v broadband router Michael Domberg (May 11)
Michal Bucko (hackpl)
Multiple vulnerabilities Michal Bucko (hackpl) (May 09)
Media Player Classic .MPA Div-By-Zero Denial of Service Vulnerability Michal Bucko (hackpl) (May 15)
Re: Media Player Classic .MPA Div-By-Zero Denial of Service Vulnerability Michal Bucko (hackpl) (May 16)
michele dallachiesa
rtpBreak - detects, reconstructs and analyzes any RTP session michele dallachiesa (May 25)
Moritz Muehlenhoff
[SECURITY] [DSA 1297-1] New gforge-plugin-scmcvs packages fix arbitrary shell command execution Moritz Muehlenhoff (May 24)
[SECURITY] [DSA 1295-1] New php5 packages fix several vulnerabilities Moritz Muehlenhoff (May 19)
[SECURITY] [DSA 1296-1] New php4 packages fix privilege escalation Moritz Muehlenhoff (May 22)
[SECURITY] [DSA 1284-1] New qemu packages fix several vulnerabilities Moritz Muehlenhoff (May 01)
[SECURITY] [DSA 1289-1] New Linux 2.6.18 packages fix several vulnerabilities Moritz Muehlenhoff (May 14)
[SECURITY] [DSA 1290-1] New squirrelmail packages fix cross-site scripting Moritz Muehlenhoff (May 14)
[SECURITY] [DSA 1291-3] New samba packages fix regression Moritz Muehlenhoff (May 22)
[SECURITY] [DSA 1298-1] New otrs2 packages fix cross-site scripting Moritz Muehlenhoff (May 28)
[SECURITY] [DSA 1288-1] New pptpd packages fix denial of service Moritz Muehlenhoff (May 08)
Morning Wood
Re: [Full-disclosure] Vulnerabilities Hashes DB needed Morning Wood (May 09)
myucebox
Vulnerability in Credant Mobile Guardian Shield for Windows myucebox (May 24)
newbinaryfile
BoastMachine index.php Cross Site Scripting Vulnerability newbinaryfile (May 25)
NGSSoftware Insight Security Research
Mac OS X vpnd local format string NGSSoftware Insight Security Research (May 29)
Nick FitzGerald
RE: Defeating Citibank Virtual Keyboard protection using screenshot method Nick FitzGerald (May 10)
RE: Defeating Citibank Virtual Keyboard protection using screenshot method Nick FitzGerald (May 11)
nnposter
Predictable TCP ISN in Packeteer PacketShaper nnposter (May 18)
Noah Meyerhans
[SECURITY] [DSA 1281-2] New clamav packages fix denial of service vulnerability Noah Meyerhans (May 22)
[SECURITY] [DSA 1285-1] New wordpress packages fix multiple vulnerabilities Noah Meyerhans (May 01)
[SECURITY] [DSA 1291-2] New samba packages fix multiple vulnerabilities Noah Meyerhans (May 17)
[SECURITY] [DSA 1287-1] New ldap-account-manager packages fix multiple vulnerabilities Noah Meyerhans (May 07)
[SECURITY] [DSA 1292-1] New qt4-x11 packages fix cross-site scripting vulnerability Noah Meyerhans (May 16)
[SECURITY] [DSA 1291-1] New samba packages fix multiple vulnerabilities Noah Meyerhans (May 15)
no-reply
Radware Security Advisory - Yate 1.1.0 Denial of Service Vulnerability no-reply (May 01)
Ofer Shezaf
2nd OWASP Israel mini conference at the Interdisciplinary Center Herzliya (IDC), Monday, May 21st, 13:30 Ofer Shezaf (May 09)
Oliver Goebel
IMF 2007 - Deadline Extension Oliver Goebel (May 14)
Omar A. Herrera
RE: Defeating Citibank Virtual Keyboard protection using screenshot method Omar A. Herrera (May 11)
OpenPKG GmbH
[OpenPKG-SA-2007.012] OpenPKG Security Advisory (samba) OpenPKG GmbH (May 17)
[OpenPKG-SA-2007.017] OpenPKG Security Advisory (ratbox) OpenPKG GmbH (May 18)
[OpenPKG-SA-2007.015] OpenPKG Security Advisory (quagga) OpenPKG GmbH (May 18)
[OpenPKG-SA-2007.013] OpenPKG Security Advisory (png) OpenPKG GmbH (May 17)
[OpenPKG-SA-2007.019] OpenPKG Security Advisory (php) OpenPKG GmbH (May 25)
[OpenPKG-SA-2007.018] OpenPKG Security Advisory (freetype) OpenPKG GmbH (May 24)
organiser () syscan org
Training Classes in SyScan'07 organiser () syscan org (May 09)
p3rlhax
squirrelmail CSRF vulnerability p3rlhax (May 10)
Paul Böhm
FINAL Call For Papers: Chaos Communication Camp 2007, Berlin Paul Böhm (May 22)
Paul Foote
Re: Defeating Citibank Virtual Keyboard protection using screenshot method Paul Foote (May 14)
Pavel Kankovsky
Re: squirrelmail CSRF vulnerability Pavel Kankovsky (May 14)
Piotr Bania
POC CODE - TI89 Titanium Resident EPO Calculator Virus (T89.GAARA) Piotr Bania (May 22)
pito pito
Web Directory / Search Engine v2.0 Authentication Bypass/Database Download Vulne pito pito (May 25)
poplix
safari's saved password at risk poplix (May 04)
Apple Safari on MacOSX may reveal user's saved passwords poplix (May 14)
Re: Apple Safari on MacOSX may reveal user's saved passwords poplix (May 18)
RE: Apple Safari on MacOSX may reveal user's saved passwords poplix (May 16)
Re: Apple Safari on MacOSX may reveal user's saved passwords poplix (May 19)
Re: RE: Apple Safari on MacOSX may reveal user's saved passwords poplix (May 15)
preth00nker
Atomix Mp3 Buffer Overflow preth00nker (May 02)
RaeD
Remote File Include In Script impex RaeD (May 04)
RFI In Script FlashChat_v479 Raed (May 28)
Raphael Marichez
[ GLSA 200705-21 ] MPlayer: Two buffer overflows Raphael Marichez (May 30)
[ GLSA 200705-02 ] FreeType: User-assisted execution of arbitrary code Raphael Marichez (May 01)
[ GLSA 200705-17 ] Apache mod_security: Rule bypass Raphael Marichez (May 17)
[ GLSA 200705-06 ] X.Org X11 library: Multiple integer overflows Raphael Marichez (May 07)
[ GLSA 200705-22 ] FreeType: Buffer overflow Raphael Marichez (May 30)
[ GLSA 200705-01 ] Ktorrent: Multiple vulnerabilities Raphael Marichez (May 01)
[ GLSA 200705-08 ] GIMP: Buffer overflow Raphael Marichez (May 07)
[ GLSA 200705-10 ] LibXfont, TightVNC: Multiple vulnerabilities Raphael Marichez (May 08)
[ GLSA 200705-07 ] Lighttpd: Two Denials of Service Raphael Marichez (May 07)
[ GLSA 200705-25 ] file: Integer overflow Raphael Marichez (May 31)
[ GLSA 200705-20 ] Blackdown Java: Applet privilege escalation Raphael Marichez (May 26)
[ GLSA 200705-09 ] IPsec-Tools: Denial of Service Raphael Marichez (May 08)
[ GLSA 200705-24 ] libpng: Denial of Service Raphael Marichez (May 31)
[ GLSA 200705-11 ] MySQL: Two Denial of Service vulnerabilities Raphael Marichez (May 08)
[ GLSA 200705-23 ] Sun JDK/JRE: Multiple vulnerabilities Raphael Marichez (May 31)
[ GLSA 200705-16 ] PhpWiki: Remote execution of arbitrary code Raphael Marichez (May 17)
[ GLSA 200705-19 ] PHP: Multiple vulnerabilities Raphael Marichez (May 26)
[ GLSA 200705-14 ] XScreenSaver: Privilege escalation Raphael Marichez (May 14)
[ GLSA 200705-03 ] Tomcat: Information disclosure Raphael Marichez (May 01)
rd
Remider: VNSECON 07 Call for Papers ends on June 08 rd (May 22)
retrog
IE 6 / Dart Communications PowerTCP ZIP Compression Control (DartZip.dll 1.8.5.3) remote buffer overflow retrog (May 25)
Dart Communications PowerTCP Service Control (DartService.dll 3.1.3.3) remote buffer overflow retrog (May 24)
RunCms <= 1.5.2 debug_show.php sql injection retrog (May 04)
Reversemode
[Reversemode Advisory] VMware Products - GPF Denial of Service Reversemode (May 07)
Re: Defeating Citibank Virtual Keyboard protection using screenshot method Reversemode (May 11)
Re: iDefense Security Advisory 04.30.07: Cerulean Studios Trillian Multiple IRC Vulnerabilities Reversemode (May 04)
Re: Defeating Citibank Virtual Keyboard protection using screenshot method Reversemode (May 09)
rewterz security team
REWTERZ-20070518 - Authentication Bypass in Rational Soft's Hidden Administrator rewterz security team (May 18)
Richard Moore
Re: [Full-disclosure] Question Regarding IIS 6.0 / Is this a DoS??? Richard Moore (May 23)
Robin Sommer
[Call for Participation] DIMVA 2007 Robin Sommer (May 22)
robpaveza
Windows Vista: Non-privileged code can redirect shortcuts to intercept privilege elevation requests robpaveza (May 14)
Rogan Dawes
Re: WebScarab <= 20060621-0003 cross site scripting Rogan Dawes (May 05)
Roger A. Grimes
RE: RDP TLS downgrade Roger A. Grimes (May 10)
Rogier Mulhuijzen
RE: Defeating Citibank Virtual Keyboard protection using screenshot method Rogier Mulhuijzen (May 10)
RE: Defeating Citibank Virtual Keyboard protection using screenshot method Rogier Mulhuijzen (May 16)
rPath Update Announcements
rPSA-2007-0096-1 shadow rPath Update Announcements (May 11)
rPSA-2007-0112-1 firefox thunderbird rPath Update Announcements (May 31)
rPSA-2007-0102-1 libpng rPath Update Announcements (May 17)
rPSA-2007-0094-1 cpio rPath Update Announcements (May 08)
rPSA-2007-0084-1 kernel rPath Update Announcements (May 02)
rPSA-2007-0108-1 freetype rPath Update Announcements (May 24)
rPSA-2007-0098-1 samba samba-swat rPath Update Announcements (May 15)
rPSA-2007-0092-1 tetex tetex-afm tetex-dvips tetex-fonts tetex-latex tetex-xdvi rPath Update Announcements (May 08)
rPSA-2007-0090-1 gimp rPath Update Announcements (May 03)
rPSA-2007-0088-1 xscreensaver rPath Update Announcements (May 03)
rPSA-2007-0109-1 file rPath Update Announcements (May 24)
rPSA-2007-0085-1 lftp rPath Update Announcements (May 03)
rPSA-2007-0107-1 mysql mysql-bench mysql-server rPath Update Announcements (May 23)
rPSA-2007-0089-1 net-snmp net-snmp-utils rPath Update Announcements (May 03)
rPSA-2007-0104-1 idle python rPath Update Announcements (May 18)
samelinux
RE: Apple Safari on MacOSX may reveal user's saved passwords samelinux (May 15)
sapheal-hack.pl
Taltech Tal Bar Code ActiveX Control Memory Corruption Vulnerability(-ies) sapheal-hack.pl (May 07)
sauge
Re: Progress Webspeed exploit for all releases sauge (May 31)
Secunia Research
Secunia Research: Internet Explorer HTML Objects Memory Corruption Vulnerability Secunia Research (May 10)
Secunia Research: BearShare NCTAudioFile2 ActiveX Control Buffer Overflow Secunia Research (May 10)
Secunia Research: eScan Products Agent Service Command Decryption Buffer Overflow Secunia Research (May 23)
secure
Symantec Product Security: Norton Personal Firewall 2004 ActiveX Control vulnerability secure (May 16)
security
[ MDKSA-2007:102 ] - Updated php packages fix multiple vulnerabilities security (May 11)
[ MDKSA-2007:104 ] - Updated samba packages fix multiple vulnerabilities security (May 15)
n.runs-SA-2007.012 - Avira Antivir Antivirus TAR Denial of Service security (May 30)
[ MDKSA-2007:096 ] - Updated quagga packages fix DoS vulnerability security (May 02)
[ MDKSA-2007:106 ] - Updated squirrelmailpackages fix vulnerabilities security (May 19)
[ MDKSA-2007:098 ] - Updated clamav packages fix vulnerabilities security (May 09)
[ MDKSA-2007:108 ] - Updated gimp packages fix stack overflow in sunras plugin security (May 23)
n.runs-SA-2007.008 - Avast! Antivirus CAB parsing Arbitrary Code Execution Advisory security (May 24)
[ MDKSA-2007:104-1 ] - Updated samba packages fix multiple vulnerabilities security (May 24)
n.runs-SA-2007.009 - Avast! Antivirus SIS parsing Arbitrary Code Execution Advisory security (May 25)
[ MDKSA-2007:109 ] - Updated tetex packages fix vulnerabilities security (May 24)
n.runs-SA-2007.010 - Avira Antivir Antivirus LZH parsing Arbitrary Code Execution Advisory security (May 28)
[ MDKSA-2007:097 ] - Updated xscreensaver packages fix vulnerability security (May 03)
[ MDKSA-2007:099 ] - Updated python packages fix vulnerabilities security (May 09)
[ MDKSA-2007:100 ] - Updated bind packages fix vulnerability security (May 09)
[ MDKSA-2007:101 ] - Updated bind packages fix vulnerability security (May 10)
n.runs-SA-2007.011 - Avira Antivir Antivirus UPX parsing Divide by Zero Advisory security (May 29)
[ MDKSA-2007:105 ] - Updated fetchmail packages fix potential APOP vulnerabilities security (May 17)
[ MDKSA-2007:095 ] - Updated ktorrent packages fix vulnerability security (May 02)
[ MDKSA-2007:103 ] - Updated php packages fix multiple vulnerabilities security (May 11)
[ MDKSA-2007:107 ] - Updated evolution packages fix APOP weakness security (May 22)
security-alert
[security bulletin] HPSBTU02179 SSRT061256 rev.1 - HP Tru64 UNIX Running the ps command, Local Disclosure of Sensitive Information security-alert (May 03)
[security bulletin] HPSBGN02189 SSRT071297 rev.3 - ServiceGuard for Linux, Remote Unauthorized Access security-alert (May 14)
[security bulletin] HPSBTU02209 SSRT071323 rev.1 - HP Tru64 UNIX Running Secure Shell (SSH), Remote Unauthorized Identification of Valid Users security-alert (May 17)
[security bulletin] HPSBST02214 SSRT071422 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS07-023 to MS07-029 security-alert (May 17)
[security bulletin] HPSBTU02116 SSRT061135 rev.3 - HP Tru64 UNIX and HP Internet Express for Tru64 UNIX Running sendmail, Remote Execution of Arbitrary Code or Denial of Service (DoS) security-alert (May 03)
[security bulletin] HPSBUX02087 SSRT4728 rev.5 - HP-UX running TCP/IP Remote Denial of Service (DoS) security-alert (May 29)
[security bulletin] HPSBTU02211 SSRT071326 rev.1 - HP Tru64 UNIX Running the dop command, Local Execution of Arbitrary Code with Privilege Elevation security-alert (May 08)
[security bulletin] HPSBMA02138 SSRT061184 rev.3 - HP OpenView Storage Data Protector, Remote Unauthorized Arbitrary Command Execution security-alert (May 08)
[security bulletin] HPSBUX01137 SSRT5954 rev.10 - HP-UX Running TCP/IP (IPv4), Remote Unauthorized Denial of Service (DoS) security-alert (May 03)
[security bulletin] HPSBMI02210 SSRT071396 rev.2 - ProCurve Series 9300m Switches, Remote Denial of Service (DoS) security-alert (May 14)
[security bulletin] HPSBMA02213 SSRT061214 rev.1 - HP Systems Insight Manager (SIM) for Windows, Remote Privileged Access and Arbitrary Code Execution security-alert (May 17)
[security bulletin] HPSBUX02217 SSRT071337 rev.1 - HP-UX running Kerberos, Remote Arbitrary Code Execution security-alert (May 22)
[security bulletin] HPSBMI02210 SSRT071396 rev.1 - ProCurve Series 9300m Switches, Remote Denial of Service (DoS) security-alert (May 03)
[security bulletin] HPSBPI02185 SSRT071290 rev.2 - HP Jetdirect Running ftp, Remote Denial of Service (DoS) security-alert (May 03)
security curmudgeon
Re: nucleus 3.22 >> RFI security curmudgeon (May 07)
securityresearch
Advanced Guestbook version 2.4.2 Multiple XSS Attack Vulnerabilities securityresearch (May 08)
SonicBB version 1.0 Multiple SQL Injection Vulnerabilities securityresearch (May 14)
SonicBB version 1.0 Multiple Path Disclosure Vulnerabilities securityresearch (May 14)
MyBB version 1.2.4 Multiple Path Disclosure Vulnerabilities securityresearch (May 14)
Jetbox CMS version 2.1 XSS Attack Vulnerability securityresearch (May 22)
DGNews version 2.1 XSS Attack Vulnerability securityresearch (May 28)
Advanced Guestbook version 2.4.2 Directory Traversal Vulnerability securityresearch (May 08)
Jetbox CMS version 2.1 E-Mail Injection Vulnerability securityresearch (May 15)
myEvent version 1.6 Multiple Path Disclosure Vulnerabilities securityresearch (May 28)
Jetbox CMS version 2.1 Multiple SQL Injection Vulnerabilities securityresearch (May 22)
DGNews version 2.1 Path Disclosure Vulnerability securityresearch (May 28)
DGNews version 2.1 SQL Injection Vulnerability securityresearch (May 28)
SonicBB version 1.0 XSS Attack Vulnerabilities securityresearch (May 14)
Jetbox CMS version 2.1 Multiple Path Disclosure Vulnerabilities securityresearch (May 22)
Advanced Guestbook version 2.4.2 Multiple Error Information Leak Vulnerabilities securityresearch (May 08)
Seth
Re: Defeating Citibank Virtual Keyboard protection using screenshot method Seth (May 15)
sethb
Re: Defeating Citibank Virtual Keyboard protection using screenshot method sethb (May 17)
sflist
Uninformed Journal Release Announcement: Volume 7 sflist (May 14)
shadown
Re: [Dailydave] Vulnerabilities Hashes DB needed shadown (May 09)
skillTube.com
Vulnerability in InterVations' MailCopa skillTube.com (May 02)
software
RDP TLS downgrade software (May 09)
Solarius
Re: XSS in Microsoft SharePoint Solarius (May 14)
spriteversus
ImI image file inclusion in script upload spriteversus (May 15)
Stefan Friedli
Cisco CallManager 4.1 Input Validation Vulnerability Stefan Friedli (May 23)
Stefano
Re: [ MDKSA-2007:101 ] - Updated bind packages fix vulnerability Stefano (May 10)
stephen joseph butler
Re: Apple Safari on MacOSX may reveal user's saved passwords stephen joseph butler (May 16)
Steven M. Christey
Re: Podium CMS - Cookie Manipulation Exploit Steven M. Christey (May 09)
Sune Kloppenborg Jeppesen
[ GLSA 200705-15 ] Samba: Multiple vulnerabilities Sune Kloppenborg Jeppesen (May 15)
[ GLSA 200705-13 ] ImageMagick: Multiple buffer overflows Sune Kloppenborg Jeppesen (May 10)
[ GLSA 200705-04 ] Apache mod_perl: Denial of Service Sune Kloppenborg Jeppesen (May 02)
[ GLSA 200705-12 ] PostgreSQL: Privilege escalation Sune Kloppenborg Jeppesen (May 10)
[ GLSA 200705-18 ] PPTPD: Denial of Service attack Sune Kloppenborg Jeppesen (May 22)
[ GLSA 200705-05 ] Quagga: Denial of Service Sune Kloppenborg Jeppesen (May 02)
suresync
response Progress: Denial of Service attack against WebSpeed possible suresync (May 02)
Disable website access for sites running Webspeed suresync (May 02)
Multiple Denial of Service attacks possible for Webspeed OpenEdge suresync (May 11)
tchouamou
Remedy for: Remot File Include In phpexplorator_2_0 tchouamou (May 22)
technocrat
Re: NukeSentinel Bypass SQL Injection & Nuke Evolution <= 2.0.3 SQL Injections technocrat (May 07)
test
RE: DDOS abuse contacts test (May 22)
the_3dit0r
Simple Accessible XHTML Online News v4.6 Remote File Include Exploit the_3dit0r (May 22)
SimpGB v1.46.0 Remote File Include Exploit the_3dit0r (May 22)
webCMS_1.00 Database Disclosure Vulnerabilitiy the_3dit0r (May 25)
ABC Excel Parser Pro v4.0 Remote File Include Exploit the_3dit0r (May 22)
phpMUR Cross Site Scripting the_3dit0r (May 10)
RMForum Database Disclosure Vulnerabilitiy the_3dit0r (May 26)
phpPgAdmin-4.1.1 Remote File Include & Url Redirecting Vulnerabilitiy the_3dit0r (May 22)
thejus_mb
Security Videos thejus_mb (May 22)
the . tiger100
Re: RFI In Script FlashChat_v479 the . tiger100 (May 28)
Thierry Zoller
BTCrack 1.1 Heisec Release Thierry Zoller (May 14)
Tim Brown
Medium security hole affecting DSL-G624T Tim Brown (May 03)
Re: Medium security hole affecting DSL-G624T Tim Brown (May 04)
Re: Medium security hole affecting DSL-G624T Tim Brown (May 04)
Tim Newsham
Re: squirrelmail CSRF vulnerability Tim Newsham (May 11)
Tom Stracener
Q1 2007 Application Security Trends Report (Corrected Link) Tom Stracener (May 23)
Q1 2007 Application Security Trends Report Tom Stracener (May 22)
Trustix Security Advisor
TSLSA-2007-0019 - multi Trustix Security Advisor (May 25)
TSLSA-2007-0017 - multi Trustix Security Advisor (May 17)
TSRT
TPTI-07-05: IBM Tivoli Provisioning Manager for OS Deployment Multiple Stack Overflow Vulnerabilities TSRT (May 02)
TPTI-07-07: Apple QuickTime STSD Parsing Heap Overflow Vulnerability TSRT (May 11)
TPTI-07-06: Trillian Pro Rendezvous XMPP HTML Decoding Heap Corruption TSRT (May 02)
Ulrich Keil
XSS vulnerability on various german online banking sites (sparkasse) Ulrich Keil (May 17)
Re: XSS vulnerability on various german online banking sites (sparkasse) - CORRECTION Ulrich Keil (May 18)
v9
notepad++[v4.1]: (win32) ruby file processing buffer overflow exploit. v9 (May 14)
Re: Magic iso heap over flow <Help> v9 (May 23)
Re: NOD32 Antivirus Long Path Name Stack Overflow Vulnerabilities v9 (May 23)
vagrant - e-hack.org
GTP 3G © Gnuturk Portal System year=**&month= Cross-Site Scripting Vulnerability vagrant - e-hack.org (May 25)
WIYS v1.0 Cross-Site Scripting Vulnerability - (05.24.2007) (NEW) vagrant - e-hack.org (May 24)
vagrant Pest
BoastMachine v3.0 platinum - Session İd Hacking vagrant Pest (May 22)
ville . solarius
XSS in Microsoft SharePoint ville . solarius (May 05)
VMware Security team
VMSA-2007-0004.1 Updated: Multiple Denial-of-Service issues fixed and directory traversal vulnerability VMware Security team (May 18)
VMSA-2007-0004 Multiple Denial-of-Service issues fixed VMware Security team (May 08)
VulnerabilityResearch
TFTPdWin 0.4.2 Server Directory Traversal Vulnerability VulnerabilityResearch (May 11)
eFileCabinet Authentication Bypass VulnerabilityResearch (May 11)
vulnpost-remove
[vuln.sg] yEnc32 Decoder Long Filename Buffer Overflow Vulnerability vulnpost-remove (May 12)
webmaster
Re: Re: [Bogus] Lazarus Guestbook (admin.php)Remote File Include Expliot - webmaster (May 22)
Williams, James K
CA BrightStor ARCserve Backup Mediasvr.exe and caloggerd.exe Vulnerabilities Williams, James K (May 16)
[CAID 35330, 35331]: CA Anti-Virus, CA Threat Manager, and CA Anti-Spyware Console Login and File Mapping Vulnerabilities Williams, James K (May 11)
XFOCUS Security Team
XCon2007 Call For Paper XFOCUS Security Team (May 17)
xx_hack_xx_2004
Full Path Disclosure in Almnzm xx_hack_xx_2004 (May 29)
Multiple XSS in Digirez xx_hack_xx_2004 (May 25)
yashks
Defeating Citibank Virtual Keyboard protection using screenshot method yashks (May 09)
Re: Re: Defeating Citibank Virtual Keyboard protection using screenshot method yashks (May 09)
zdi-disclosures
ZDI-07-033: Samba lsa_io_trans_names Heap Overflow Vulnerability zdi-disclosures (May 15)
ZDI-07-031: Samba smb_io_notify_option_type_data Heap Overflow Vulnerability zdi-disclosures (May 15)
ZDI-07-024: Trend Micro ServerProtect EarthAgent Stack Overflow Vulnerability zdi-disclosures (May 08)
ZDI-07-029: Samba lsa_io_privilege_set Heap Overflow Vulnerability zdi-disclosures (May 15)
ZDI-07-027: Microsoft Internet Explorer Table Column Deletion Memory Corruption Vulnerability zdi-disclosures (May 08)
ZDI-07-032: Samba sec_io_acl Heap Overflow Vulnerability zdi-disclosures (May 15)
ZDI-07-025: Trend Micro ServerProtect AgRpcCln.dll Stack Overflow Vulnerability zdi-disclosures (May 08)
ZDI-07-026: Microsoft Excel BIFF File Format Named Graph Record Parsing Stack Overflow Vulnerability zdi-disclosures (May 08)
ZDI-07-028: CA eTrust AntiVirus Server inoweb Buffer Overflow Vulnerability zdi-disclosures (May 11)
ZDI-07-023: Apple QTJava toQTPointer() Pointer Arithmetic Memory Overwrite Vulnerability zdi-disclosures (May 01)
ZDI-07-030: Samba netdfs_io_dfs_EnumInfo_d Heap Overflow Vulnerability zdi-disclosures (May 15)
Zhihao
RE: Retrieving "deleted" sms/mms from Nokia phone (Symbian S60) Zhihao (May 16)