Bugtraq: by author
323 messages
starting Apr 10 08 and
ending Apr 04 08
Date index |
Thread index |
Author index
3APA3A
Re: licq remote DoS? 3APA3A (Apr 10)
Adam Laurie
ANNOUNCE: Apache-SSL security release - apache_1.3.41+ssl_1.59 Adam Laurie (Apr 02)
ANNOUNCE: RFIDIOt-0.1s release (now available for Windows) Adam Laurie (Apr 18)
admin
Acidcat CMS Multiple Vulnerabilities admin (Apr 21)
Carbon Communities forum Multiple Vulnerabilities. admin (Apr 16)
BigAnt Server 2.2 PreAuth Remote SEH Overflow Exploit (0day) admin (Apr 16)
Adrian Pastor
Default key algorithm in Thomson and BT Home Hub routers Adrian Pastor (Apr 22)
ajax
KwsPHP (Upload) Remote Code Execution Exploit ajax (Apr 15)
ak
Oracle - SQL Injection Vulnerability in SDO_UTIL [DB05] ak (Apr 16)
Oracle - Hardcoded Password and Password Reset of OUTLN User [DB13] ak (Apr 16)
Oracle - SQL Injection in package SDO_IDX [DB07] ak (Apr 16)
Oracle - SQL Injection in package SDO_GEOM [DB06] ak (Apr 16)
Albert Sellarès
[CVE-2007-5301] alsaplayer PoC - exploit Albert Sellarès (Apr 09)
Amit Klein
Microsoft Windows DNS Stub Resolver Cache Poisoning (MS08-020) Amit Klein (Apr 08)
Microsoft SWI blog inaccuracies Amit Klein (Apr 28)
Andrea Barisani
project announcement - oCERT - Open Source CERT Andrea Barisani (Apr 14)
[oCERT-2008-003] libpng zero-length chunks incorrect handling Andrea Barisani (Apr 14)
[oCERT-2008-004] multiple speex implementations insufficient boundary checks Andrea Barisani (Apr 17)
anonymous
Re: Hamachi Password Disclosure Vulnerability anonymous (Apr 01)
ap
Re: Default key algorithm in Thomson and BT Home Hub routers ap (Apr 23)
ascii
WiKID wClient-PHP <= 3.0-2 Multiple XSS Vulnerabilities ascii (Apr 11)
a . westtermann
Re: Alkacon OpenCms sessions.jsp searchfilter XSS a . westtermann (Apr 10)
blacklight
Re: R.I.P. rgod blacklight (Apr 28)
brad . antoniewicz
Swiki 1.5 Multiple Cross-Site Scripting Vulnerabilities brad . antoniewicz (Apr 08)
bugtraq
OneSecurityDay 2008 - Web application auditing challenge bugtraq (Apr 14)
Cesar
Token Kidnapping (Microsoft Security Advisory 951306) presentation available Cesar (Apr 19)
Christian Kujau
Re: R.I.P. rgod Christian Kujau (Apr 30)
Re: R.I.P. rgod Christian Kujau (Apr 29)
Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco Unified Communications Disaster Recovery Framework Command Execution Vulnerability Cisco Systems Product Security Incident Response Team (Apr 03)
Cisco Security Advisory: Cisco Network Admission Control Shared Secret Vulnerability Cisco Systems Product Security Incident Response Team (Apr 16)
contact
Re: PHPSlideShow (toonchapter8.php) Cross-Site Scripting Vulnerability contact (Apr 16)
CORE Security Technologies Advisories
CORE-2008-0320 - Insufficient argument validation of hooked SSDT functions on multiple Antivirus and Firewalls CORE Security Technologies Advisories (Apr 28)
CORE-2008-0314 - Orbit Downloader "Download failed" buffer overflow CORE Security Technologies Advisories (Apr 04)
crazy_kinq
Xoops All Version -Articles- Article.PHP (ID) Blind SQL Injection ExpL0it crazy_kinq (Apr 21)
darkz . gsa
Wikepage Wiki v.2007-2 Cross-Site Scripting darkz . gsa (Apr 18)
LightNEasy v.1.2.2 flat Multiple Vulnerabilities darkz . gsa (Apr 18)
Darth Jedi
RE: Internet explorer 7.0 spoofing Darth Jedi (Apr 02)
david130490
Trillian 3.1.9.0 DTD File Buffer Overflow david130490 (Apr 11)
David Litchfield
A New Class of Vulnerability in Oracle: Lateral SQL Injection David Litchfield (Apr 24)
DeepSec Conference
Announcement - DeepSec Conference 2008, Nov 11-14 2008 DeepSec Conference (Apr 17)
Devin Carraway
[SECURITY] [DSA 1542-1] New libcairo packages fix arbitrary code execution Devin Carraway (Apr 09)
[SECURITY] [DSA 1533-2] New exiftags packages fix several vulnerabilities Devin Carraway (Apr 01)
[SECURITY] [DSA 1543-1] New vlc packages fix several vulnerabilities Devin Carraway (Apr 09)
[SECURITY] [DSA 1539-1] New mapserver packages fix multiple vulnerabilities Devin Carraway (Apr 04)
[SECURITY] [DSA 1546-1] New gnumeric packages fix arbitrary code execution Devin Carraway (Apr 11)
[SECURITY] [DSA 1538-1] New alsaplayer packages fix arbitrary code execution Devin Carraway (Apr 04)
[SECURITY] [DSA 1548-1] New xpdf packages fix arbitrary code exitution Devin Carraway (Apr 17)
[SECURITY] [DSA 1537-1] New xpdf packages fix multiple vulnerabilities Devin Carraway (Apr 03)
douchbag
Re: Re: Smf 1.1.4 Remote File Inclusion Vulnerabilities douchbag (Apr 21)
Dragos Ruiu
EUSecWest CFP Closes April 14th (conf May 21/22 2008) Dragos Ruiu (Apr 10)
Enno Rey
Troopers08 Security Conference, April 23/24 (Munich/Germany) Enno Rey (Apr 15)
erdc
[ECHO_ADV_89$2008] Softbiz Web Host Directory Script (search_result.php host_id) Blind Sql Injection Vulnerability erdc (Apr 28)
[ECHO_ADV_88$2008] Prozilla Hosting Index (directory.php cat_id) Blind Sql Injection Vulnerability erdc (Apr 28)
evilcry
TheGreenBowVPN, Login Credentials Disclosure evilcry (Apr 05)
Florian Weimer
[SECURITY] [DSA 1556-1] New perl packages fix denial of service Florian Weimer (Apr 24)
[SECURITY] [DSA 1553-1] New ikiwiki packages fix cross-site request forgery Florian Weimer (Apr 21)
[SECURITY] [DSA 1556-2] New perl packages fix denial of service Florian Weimer (Apr 28)
[SECURITY] [DSA 1544-1] New pdns-recursor packages fix cache poisoning vulnerability Florian Weimer (Apr 09)
FreeBSD Security Advisories
FreeBSD Security Advisory FreeBSD-SA-08:05.openssh FreeBSD Security Advisories (Apr 17)
Gianluca Borello
Re: Firefox 3.0 beta 5 crash Gianluca Borello (Apr 22)
Guido Landi
Re: xine-lib NES Sound Format Demuxer Buffer Overflow Guido Landi (Apr 24)
hadihadi_zedehal_2006
Blogator-script 0.95 SQL Injection Vulnerbility hadihadi_zedehal_2006 (Apr 05)
Blogator-script 0.95 Change User Password Vulnerbility hadihadi_zedehal_2006 (Apr 05)
hadikiamarsi
XSS Attack hadikiamarsi (Apr 29)
bug report hadikiamarsi (Apr 28)
Hanno Böck
Cross site scripting issues in s9y (CVE-2008-1386, CVE-2008-1387) Hanno Böck (Apr 22)
Correcting CVEs (was Re: [Full-disclosure] Cross site scripting issues in s9y (CVE-2008-1386, CVE-2008-1387)) Hanno Böck (Apr 22)
clamav: Endless loop / hang with crafter arj, CVE-2008-1387 Hanno Böck (Apr 15)
houssamix
BosNews 2002-2006 Remote add user admin houssamix (Apr 15)
BosNews v4.0 Remote add user admin houssamix (Apr 15)
hsx
KwsPHP Module ConcoursPhoto XSS hsx (Apr 04)
iDefense Labs
iDefense Security Advisory 04.15.08: Oracle Application Express Privilege Escalation Vulnerability iDefense Labs (Apr 16)
iDefense Security Advisory 04.09.08: EMC DiskXtender MediaStor Format String Vulnerability iDefense Labs (Apr 11)
iDefense Security Advisory 04.09.08: IBM DB2 Universal Database Administration Server File Creation Vulnerability iDefense Labs (Apr 16)
iDefense Security Advisory 04.09.08: IBM DB2 Universal Database db2dasStartStopFMDaemon Buffer Overflow Vulnerability iDefense Labs (Apr 16)
iDefense Security Advisory 04.09.08: EMC DiskXtender File System Manager Stack Buffer Overflow Vulnerability iDefense Labs (Apr 11)
iDefense Security Advisory 04.08.08: Microsoft Windows Graphics Rendering Engine Integer Overflow Vulnerability iDefense Labs (Apr 09)
iDefense Security Advisory 04.17.08: Multiple Vendor OpenOffice EMF EMR_BITBLT Record Integer Overflow Vulnerability iDefense Labs (Apr 18)
iDefense Security Advisory 04.17.08: Multiple Vendor OpenOffice OLE DocumentSummaryInformation Heap Overflow Vulnerability iDefense Labs (Apr 18)
iDefense Security Advisory 04.17.08: Multiple Vendor OpenOffice QPRO File Parsing Integer Underflow Vulnerability iDefense Labs (Apr 18)
iDefense Security Advisory 04.03.08: SCO UnixWare pkgadd Directory Traversal Vulnerability iDefense Labs (Apr 04)
iDefense Security Advisory 04.02.08: Symantec Internet Security 2008 ActiveDataInfo.LaunchProcess Design Error Vulnerability iDefense Labs (Apr 04)
iDefense Security Advisory 03.31.08: Macrovision InstallShield InstallScript One-Click Install Untrusted Library Loading Vulnerability iDefense Labs (Apr 01)
iDefense Security Advisory 04.08.08: Microsoft HxTocCtrl ActiveX Control Invalid Param Heap Corruption Vulnerability iDefense Labs (Apr 09)
iDefense Security Advisory 04.14.08: ClamAV libclamav PE WWPack Heap Overflow Vulnerability iDefense Labs (Apr 15)
iDefense Security Advisory 04.17.08: Multiple Vendor OpenOffice QPRO Multiple Heap Overflow Vulnerabilities iDefense Labs (Apr 18)
iDefense Security Advisory 04.03.08: Computer Associates Alert Notification Service Multiple RPC Buffer Overflow Vulnerabilities iDefense Labs (Apr 04)
iDefense Security Advisory 04.09.08: EMC DiskXtender Authentication Bypass Vulnerability iDefense Labs (Apr 11)
iDefense Security Advisory 04.02.08: Symantec Norton Internet Security 2008 ActiveX Control Buffer Overflow Vulnerability iDefense Labs (Apr 04)
info
Zune software - arbitrary file overwrite info (Apr 23)
infocus
[INFIGO-2008-04-08]: ICQ 6 remote buffer overflow vulnerability infocus (Apr 16)
ipsdix
R.I.P. rgod ipsdix (Apr 25)
irancrash
Minibb 2.2a XSS Vulnerability irancrash (Apr 28)
Datalife Engine 6.7 XSRF irancrash (Apr 02)
EasyNews-40tr Multiple Remote Vulnerabilities (SQL Injection Exploit/XSS/LFI) irancrash (Apr 01)
I)ruid
CAU-2008-0001 - Slowly Closing Door Race Condition I)ruid (Apr 01)
CAU-2008-0002: Microsoft Windows SharePoint Services Picture Source XSS I)ruid (Apr 09)
jaime . blasco
SAP Netweaver 6.40-7.0 Cross-Site-Scripting jaime . blasco (Apr 09)
New tool released : Syslog Fuzzer jaime . blasco (Apr 08)
Jamie Strandboge
[USN-599-1] Ghostscript vulnerability Jamie Strandboge (Apr 09)
[USN-601-1] Squid vulnerability Jamie Strandboge (Apr 14)
[USN-588-2] MySQL regression Jamie Strandboge (Apr 03)
[USN-602-1] Firefox vulnerabilities Jamie Strandboge (Apr 22)
[USN-598-1] CUPS vulnerabilities Jamie Strandboge (Apr 03)
J. Carlos Nieto
WordPress 2.5 - Salt cracking vulnerability J. Carlos Nieto (Apr 15)
Jeff Williams
Attack Technique: File Download Injection Jeff Williams (Apr 07)
Jessica Hope
WoltLab(R) Community Framework XSS and Full Path Disclosure Vulnerability Jessica Hope (Apr 08)
john
Re: h2desk helpdesk path disclosure vulnerability john (Apr 29)
J. Oquendo
TCP/IP security vulnerability disclosed J. Oquendo (Apr 01)
jose
openMosix userspace library stack-based buffer overflow jose (Apr 07)
joseph . giron13
cevado technologies real estate CMS SQL injection joseph . giron13 (Apr 01)
Terracotta Personal Edition Multiple vulnerabilities joseph . giron13 (Apr 01)
jplopezy
Curious vulnerability in Excel 2007 jplopezy (Apr 26)
Re: Re: Re: Internet explorer 7.0 spoofing jplopezy (Apr 02)
Trillian 3.1 basic nick crash jplopezy (Apr 24)
GroupWise 7 attached bugs jplopezy (Apr 26)
Re: Curious vulnerability in Excel 2007 jplopezy (Apr 26)
GroupWise 7.0 mailto: scheme buffer overflow jplopezy (Apr 28)
Safari 3.1.1 Multiple Vulnerabilities for windows jplopezy (Apr 22)
Firefox 3.0 beta 5 crash jplopezy (Apr 22)
Juha-Matti Laurio
Re: [Full-disclosure] Secunia Research: Lotus Notes Folio Flat File Parsing Buffer Overflows Juha-Matti Laurio (Apr 17)
Justin Ferguson
IOActive Security Advisory: Incorrect input validation in PyString_FromStringAndSize() leads to multiple buffer overflows Justin Ferguson (Apr 11)
IOActive Security Advisory: Buffer overflow in Python zlib extension module Justin Ferguson (Apr 09)
Kees Cook
[USN-604-1] Gnumeric vulnerability Kees Cook (Apr 22)
[USN-603-2] KOffice vulnerability Kees Cook (Apr 17)
[USN-603-1] poppler vulnerability Kees Cook (Apr 17)
[USN-597-1] OpenSSH vulnerability Kees Cook (Apr 02)
[USN-600-1] rsync vulnerability Kees Cook (Apr 11)
laurent . gaffie
Re: NetClassifieds Sql Injection laurent . gaffie (Apr 23)
xine-lib NES Sound Format Demuxer Buffer Overflow laurent . gaffie (Apr 23)
Layer One
LayerOne 2008 - Final Pre-Con Update Layer One (Apr 23)
Liran Cohen
Re: rPSA-2008-0151-1 libpng Liran Cohen (Apr 30)
Liu Zhen Hua
Borland InterBase 2007 "ibserver.exe" Buffer Overflow Vulnerability POC Liu Zhen Hua (Apr 11)
lpilorz
Vulnerabilities in kses-based HTML filters lpilorz (Apr 03)
Luigi Auriemma
Multiple vulnerabilities in HP OpenView NNM 7.53 Luigi Auriemma (Apr 07)
Directory traversal in LANDesk Management Suite 8.80.1.1 Luigi Auriemma (Apr 02)
Re: Multiple vulnerabilities in HP OpenView NNM 7.53 Luigi Auriemma (Apr 08)
Directory traversal and multiple Denials of Service in HP OpenView NNM 7.53 Luigi Auriemma (Apr 11)
Re: Secunia Research: Lotus Notes Folio Flat File Parsing Buffer Overflows Luigi Auriemma (Apr 15)
luke . jennings
ANNOUNCE: Security Implications of Windows Access Tokens Whitepaper luke . jennings (Apr 21)
Major Malfunction
London DEFCON meet - Thursday 1st May - DC4420 Major Malfunction (Apr 28)
marc . deroche
Re: WoltLab(R) Community Framework WCF 1.0.6 marc . deroche (Apr 12)
Mark Crowther
IRM Security Advisory : RedDot CMS SQL injection vulnerability Mark Crowther (Apr 21)
Marshall Eubanks
Re: heanet.dl.sourceforge.net hacked? Marshall Eubanks (Apr 30)
Martin Schulze
[SECURITY] [DSA 1547-1] New OpenOffice.org packages fix arbitrary code execution Martin Schulze (Apr 17)
Matthias Geerdsen
[ GLSA 200804-24 ] DBmail: Data disclosure Matthias Geerdsen (Apr 21)
[ GLSA 200804-30 ] KDE start_kdeinit: Multiple vulnerabilities Matthias Geerdsen (Apr 29)
[ GLSA 200804-23 ] CUPS: Integer overflow vulnerability Matthias Geerdsen (Apr 21)
Mauro Faccenda
Re: Firefox 3.0 beta 5 crash Mauro Faccenda (Apr 26)
Michael . Brooks . SPAM
Deciphering the PHP-Nuke Capthca Michael . Brooks . SPAM (Apr 21)
Deciphering the Simple Machines Forum audio Captcha Michael . Brooks . SPAM (Apr 21)
Michael Scheidell
heanet.dl.sourceforge.net hacked? Michael Scheidell (Apr 30)
Mike Diaz
RE: Internet explorer 7.0 spoofing Mike Diaz (Apr 02)
Milen Rangelov
licq remote DoS? Milen Rangelov (Apr 08)
mirrors
Re: heanet.dl.sourceforge.net hacked? mirrors (Apr 30)
m . memelli
Re: BigAnt Server 2.2 PreAuth Remote SEH Overflow Exploit (0day) m . memelli (Apr 17)
Morgan ARMAND
Dotclear 'ecrire/images.php' Arbitrary File Upload Vulnerability Morgan ARMAND (Apr 15)
Moritz Muehlenhoff
[SECURITY] [DSA 1545-1] New rsync packages fix arbitrary code execution Moritz Muehlenhoff (Apr 10)
[SECURITY] [DSA 1550-1] New suphp packages fix local privilege escalation Moritz Muehlenhoff (Apr 17)
[SECURITY] [DSA 1534-2] New iceape packages fix regression Moritz Muehlenhoff (Apr 24)
[SECURITY] [DSA 1562-1] New iceape packages fix arbitrary code execution Moritz Muehlenhoff (Apr 28)
[SECURITY] [DSA 1552-1] New mplayer packages fix arbitrary code execution Moritz Muehlenhoff (Apr 19)
[SECURITY] [DSA 1563-1] New asterisk packages fix denial of service Moritz Muehlenhoff (Apr 30)
[SECURITY] [DSA 1558-1] New xulrunner packages fix arbitrary code execution Moritz Muehlenhoff (Apr 25)
[SECURITY] [DSA 1551-1] New python2.4 packages fix several vulnerabilities Moritz Muehlenhoff (Apr 19)
[SECURITY] [DSA 1541-1] New openldap2.3 packages fix denial of service Moritz Muehlenhoff (Apr 09)
[SECURITY] [DSA 1549-1] New clamav packages fix several vulnerabilities Moritz Muehlenhoff (Apr 17)
[SECURITY] [DSA 1555-1] New iceweasel packages fix arbitrary code execution Moritz Muehlenhoff (Apr 23)
mrangelov
Re: Re: licq remote DoS? mrangelov (Apr 10)
nebelfrost23
Writers Block SQL Injection Vulnerabilities nebelfrost23 (Apr 02)
netmantis . com
Pu Arcade component for Joomla - SQL injection netmantis . com (Apr 09)
NGSSoftware Insight Security Research
Critical Vulnerability in SNMPc NGSSoftware Insight Security Research (Apr 30)
nixpanic
Re: openMosix userspace library stack-based buffer overflow nixpanic (Apr 10)
nnposter
Alkacon OpenCms sessions.jsp searchfilter XSS nnposter (Apr 05)
F5 BIG-IP Management Interface Perl Injection nnposter (Apr 05)
Noah Meyerhans
[SECURITY] [DSA 1554-1] New roundup packages fix cross-site scripting vulnerability Noah Meyerhans (Apr 22)
no-reply
Joomla Component com_lms SQL Injection no-reply (Apr 03)
noreply
NetClassifieds Sql Injection noreply (Apr 23)
w2b.ru multiple products SQL Injection noreply (Apr 11)
paFileDB 3.1 Remote SQL Injection noreply (Apr 10)
5th avenue Shopping Cart SQL Injection noreply (Apr 18)
Horde Webmail XSS [Aria-Security] noreply (Apr 23)
Oliver Goebel
IMF 2008 - 2nd Call for Papers Oliver Goebel (Apr 26)
organiser () syscan org
SyScan'08 Singapore - Call for Paper organiser () syscan org (Apr 21)
packet
Re: Powered by gCards v1.46 SQL packet (Apr 21)
Pascal Cretain
Wayport Public Access PC Authentication Bypass Weakness Pascal Cretain (Apr 08)
Patrick Webster
Tumbleweed SecureTransport FileTransfer ActiveX Control Buffer Overflow Patrick Webster (Apr 07)
Pierre-Yves Rofes
[ GLSA 200804-02 ] bzip2: Denial of Service Pierre-Yves Rofes (Apr 03)
[ GLSA 200804-10 ] Tomcat: Multiple vulnerabilities Pierre-Yves Rofes (Apr 10)
[ GLSA 200804-29 ] Comix: Multiple vulnerabilities Pierre-Yves Rofes (Apr 26)
[ GLSA 200804-09 ] am-utils: Insecure temporary file creation Pierre-Yves Rofes (Apr 10)
Pieter de Boer
Re: heanet.dl.sourceforge.net hacked? Pieter de Boer (Apr 30)
pobore
Re: Simple Machines Forum "SMF Shoutbox" Mod Persistent XSS pobore (Apr 26)
pocadm
POC2008 call for papers pocadm (Apr 03)
poplix
Parallels virtuozzo's VZPP multiple csrf vulnerabilities poplix (Apr 03)
ProCheckUp Research
PR07-44: XSS on RSA Authentication Agent login page ProCheckUp Research (Apr 23)
PR07-43: Cross-domain redirect on RSA Authentication Agent ProCheckUp Research (Apr 23)
Rainer Duffner
Re: heanet.dl.sourceforge.net hacked? Rainer Duffner (Apr 30)
Raphael Marichez
[ GLSA 200804-12 ] gnome-screensaver: Privilege escalation Raphael Marichez (Apr 11)
Razi Shaban
Re: Internet explorer 7.0 spoofing Razi Shaban (Apr 01)
Recon Conference
Recon 2008 CFP last call, early registration open Recon Conference (Apr 03)
Robert Buchholz
[ GLSA 200804-15 ] libpng: Execution of arbitrary code Robert Buchholz (Apr 15)
[ GLSA 200804-06 ] UnZip: User-assisted execution of arbitrary code Robert Buchholz (Apr 07)
[ GLSA 200804-21 ] Adobe Flash Player: Multiple vulnerabilities Robert Buchholz (Apr 18)
[ GLSA 200804-19 ] PHP Toolkit: Data disclosure and Denial of Service Robert Buchholz (Apr 18)
[ GLSA 200804-04 ] MySQL: Multiple vulnerabilities Robert Buchholz (Apr 07)
[ GLSA 200804-26 ] Openfire: Denial of Service Robert Buchholz (Apr 23)
[ GLSA 200804-18 ] Poppler: User-assisted execution of arbitrary code Robert Buchholz (Apr 17)
[ GLSA 200804-14 ] Opera: Multiple vulnerabilities Robert Buchholz (Apr 15)
[ GLSA 200804-20 ] Sun JDK/JRE: Multiple vulnerabilities Robert Buchholz (Apr 18)
[ GLSA 200804-13 ] Asterisk: Multiple vulnerabilities Robert Buchholz (Apr 15)
[ GLSA 200804-25 ] VLC: User-assisted execution of arbitrary code Robert Buchholz (Apr 23)
[ GLSA 200804-22 ] PowerDNS Recursor: DNS Cache Poisoning Robert Buchholz (Apr 18)
[ GLSA 200804-11 ] policyd-weight: Insecure temporary file creation Robert Buchholz (Apr 11)
[ GLSA 200804-17 ] Speex: User-assisted execution of arbitrary code Robert Buchholz (Apr 17)
[ GLSA 200804-07 ] PECL APC: Buffer Overflow Robert Buchholz (Apr 09)
[ GLSA 200804-01 ] CUPS: Multiple vulnerabilities Robert Buchholz (Apr 01)
[ GLSA 200804-05 ] NX: User-assisted execution of arbitrary code Robert Buchholz (Apr 07)
[ GLSA 200804-03 ] OpenSSH: Privilege escalation Robert Buchholz (Apr 05)
[ GLSA 200804-16 ] rsync: Execution of arbitrary code Robert Buchholz (Apr 17)
roberto . suggi
SugarCRM Community Edition Local File Disclosure Vulnerability roberto . suggi (Apr 29)
rohit
Re: Yourfreeworld Styleish Text Ads Script rohit (Apr 29)
rPath Update Announcements
rPSA-2008-0149-1 idle python rPath Update Announcements (Apr 26)
rPSA-2008-0138-1 tshark wireshark rPath Update Announcements (Apr 04)
rPSA-2008-0136-1 cups rPath Update Announcements (Apr 04)
rPSA-2008-0139-1 gnome-ssh-askpass openssh openssh-client openssh-server rPath Update Announcements (Apr 04)
rPSA-2008-0151-1 libpng rPath Update Announcements (Apr 29)
S21sec labs
S21SEC-043-en:Cezanne SW Blind SQL Injection S21sec labs (Apr 14)
S21SEC-042-en:Cezanne SW Cross-Site Scripting (login required) S21sec labs (Apr 14)
S21SEC-041-en:Cezanne SW Cross-Site Scripting S21sec labs (Apr 14)
Sabun
Koobi Pro 6.25 poll Remote SQL Injection Vulnerability Sabun (Apr 15)
Sebastien gioria
DOINGSOFT-2008-03-10-001 - XSS issue in BOXiR2 Sebastien gioria (Apr 14)
Secunia Research
Secunia Research: Autonomy Keyview Applix Graphics Parsing Vulnerabilities Secunia Research (Apr 14)
Secunia Research: Symantec Mail Security Folio Flat File Parsing Buffer Overflows Secunia Research (Apr 14)
Secunia Research: activePDF DocConverter Folio Flat File Parsing Buffer Overflows Secunia Research (Apr 14)
Secunia Research: Symantec Mail Security Applix Graphics Parsing Vulnerabilities Secunia Research (Apr 14)
Secunia Research: Lotus Notes Folio Flat File Parsing Buffer Overflows Secunia Research (Apr 14)
Secunia Research: activePDF DocConverter Applix Graphics Parsing Vulnerabilities Secunia Research (Apr 14)
Secunia Research: HP OpenView Network Node Manager OpenView5.exe Directory Traversal Secunia Research (Apr 14)
Secunia Research: Lotus Notes Applix Graphics Parsing Vulnerabilities Secunia Research (Apr 14)
Secunia Research: Autonomy Keyview Folio Flat File Parsing Buffer Overflows Secunia Research (Apr 14)
Secunia Research: Lotus Notes EML Reader Buffer Overflows Secunia Research (Apr 14)
Secunia Research: Autonomy Keyview EML Reader Buffer Overflows Secunia Research (Apr 14)
Secunia Research: Lotus Notes kvdocve.dll Path Processing Buffer Overflow Secunia Research (Apr 14)
Secunia Research: Internet Explorer Data Stream Handling Vulnerability Secunia Research (Apr 14)
Secunia Research: Adobe Flash Player "Declare Function (V7)" Heap Overflow Secunia Research (Apr 14)
Secunia Research: Lotus Notes htmsr.dll Buffer Overflows Secunia Research (Apr 14)
securfrog
DIVX Player <= 6.7.0 Buffer Overflow PoC ( .SRT ) securfrog (Apr 15)
security
[ MDVSA-2008:089 ] - Updated poppler packages fix vulnerability security (Apr 18)
[ MDVSA-2008:086 ] - Updated kernel packages fix vulnerability security (Apr 15)
[ MDVSA-2008:084 ] - Updated rsync packages fix vulnerability security (Apr 12)
[ MDVSA-2008:091 ] - Updated wireshark packages fix denial of service vulnerabilities security (Apr 25)
[ MDVSA-2008:086 ] - Updated kernel packages fix vulnerability security (Apr 15)
[ MDVSA-2008:085 ] - Updated python packages fix arbitrary code execution vulnerability security (Apr 15)
[ MDVSA-2008:087 ] - Updated policykit package fixes format string vulnerability security (Apr 17)
[ MDVSA-2008:090 ] - Updated OpenOffice.org packages fix vulnerabilities security (Apr 21)
Webwasher Denial of Service Vulnerability security (Apr 03)
[ MDVSA-2008:093 ] - Updated vorbis-tools packages fix vulnerabilities security (Apr 29)
[ MDVSA-2008:092 ] - Updated gstreamer-plugins-good packages fix vulnerabilities security (Apr 29)
[ MDVSA-2008:081 ] - Updated CUPS packages fix multiple vulnerabilities security (Apr 02)
[ MDVSA-2008:083 ] - Updated audit packages fix vulnerability security (Apr 10)
[ MDVSA-2008:082 ] - Updated php-apc packages fix vulnerability security (Apr 09)
[ MDVSA-2008:088 ] - Updated clamav packages fix multiple vulnerabilities security (Apr 18)
security-alert
[security bulletin] HPSBMA02331 SSRT080000 rev.1 - HP-UX running WBEM Services, Remote Execution of Arbitrary Code, Gain Extended Privileges security-alert (Apr 30)
[security bulletin] HPSBMA02328 SSRT071293 rev.2 - HP OpenView Network Node Manager (OV NNM) Running Apache, Remote Cross Site Scripting (XSS), Denial of Service (DoS), Execute Arbitrary Code security-alert (Apr 17)
[security bulletin] HPSBST02329 SSRT080048 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-018 to MS08-025 security-alert (Apr 17)
HPSBTU02325 SSRT080006 rev.1 - HP Internet Express for Tru64 UNIX running PostgreSQL, Arbitrary Code Execution, Privilege Elevation, or Denial of Service (DoS) security-alert (Apr 02)
[security bulletin] HPSBMA02242 SSRT061260 rev.3 - HP OpenView Network Node Manager (OV NNM) Running Shared Trace Service, Remote Arbitrary Code Execution security-alert (Apr 08)
HPSBGN02333 SSRT080031 rev.1 - HP Software Update HPeDiag Running on Windows, Remote Disclosure of Information and Execution of Arbitrary Code security-alert (Apr 24)
[security bulletin] [security bulletin] HPSBST02318 SSRT080018 rev.1 - HP Storage Essentials Software, Remote Unauthorized Access to Data security-alert (Apr 08)
[security bulletin] HPSBMA02327 SSRT071455 rev.1 - HP Integrity Servers iLO-2 Management Processors (iLO-2 MP), Denial of Service (DoS) security-alert (Apr 08)
[security bulletin] HPSBMA02323 SSRT080032 rev.1 - HP USB Floppy Drive Key (Option) for ProLiant Servers, Local Virus Infection security-alert (Apr 04)
HPSBMA02317 SSRT080026 rev.1 - HP Select Identity Software, Gain Unauthorized Access security-alert (Apr 02)
[security bulletin] HPSBMA02133 SSRT061201 rev.8 - HP Oracle for OpenView (OfO) Critical Patch Update security-alert (Apr 17)
securityfocus . com
Re: Re: heanet.dl.sourceforge.net hacked? securityfocus . com (Apr 30)
Security Officer
AST-2008-006 - 3-way handshake in IAX2 incomplete Security Officer (Apr 23)
Simon Ryeo
CDNetworks Nefficient Download(NeffyLauncher.dll) Vulnerabilities Simon Ryeo (Apr 07)
Skratz0r
Re: Firefox 3.0 beta 5 crash (Slightly unrelated) Skratz0r (Apr 26)
Stefano Zanero
CFP: Workshop on Open Source Software for Computer and Network Forensics Stefano Zanero (Apr 30)
Steve Kemp
[SECURITY] [DSA 1540-2] New lighttpd packages fix denial of service Steve Kemp (Apr 15)
[SECURITY] [DSA 1540-1] New lighttpd packages fix denial of service Steve Kemp (Apr 07)
Steven J. Murdoch
Wordpress 2.5 Cookie Integrity Protection Vulnerability Steven J. Murdoch (Apr 26)
sys-project
Koobi CMS 4.2.4/4.2.5/4.3.0 Multiple Remote SQL Injection Vulnerabilities sys-project (Apr 15)
Classifieds Caffe (index.php cat_id) Remote SQL Injection sys-project (Apr 16)
Team SHATTER
Team SHATTER Security Advisory: Multiple DoS in JAR files manipulation procedures Team SHATTER (Apr 18)
Team SHATTER Security Advisory: IBM DB2 UDB Arbitrary code execution in ADMIN_SP_C/ADMIN_SP_C2 procedures Team SHATTER (Apr 18)
Team SHATTER Security Advisory: IBM DB2 UDB Arbitrary file overwrite in SYSPROC.NNSTAT procedure Team SHATTER (Apr 18)
th3 . r00k . nospam
Sea-Surfing on the Motorola Surfboard th3 . r00k . nospam (Apr 21)
BitTorrent Clients and CSRF th3 . r00k . nospam (Apr 18)
The Dark Tangent
DEF CON 16 Retro Announcement! Back to Bang! The Dark Tangent (Apr 14)
DEF CON 16 Retro Announcement! Back to Bang! The Dark Tangent (Apr 12)
Thijs Kinkhorst
[SECURITY] [DSA 1557-1] New phpmyadmin packages fix several vulnerabilities Thijs Kinkhorst (Apr 24)
[SECURITY] [DSA 1561-1] New ldm packages fix information disclosure Thijs Kinkhorst (Apr 28)
[SECURITY] [DSA 1536-1] New libxine packages fix several vulnerabilities Thijs Kinkhorst (Apr 01)
[SECURITY] [DSA 1560-1] New kronolith2 packages fix cross site scripting Thijs Kinkhorst (Apr 28)
Thomas Pollet
Lotus expeditor rcplauncher uri handler vulnerability Thomas Pollet (Apr 25)
Tim Brown
Medium security hole affecting Festival on Debian unstable/testing and Ubuntu Hardy Heron Tim Brown (Apr 04)
Tobias Heinlein
[ GLSA 200804-27 ] SILC: Multiple vulnerabilities Tobias Heinlein (Apr 24)
[ GLSA 200804-08 ] lighttpd: Multiple vulnerabilities Tobias Heinlein (Apr 10)
[ GLSA 200804-28 ] JRockit: Multiple vulnerabilities Tobias Heinlein (Apr 24)
turkish-warriorr
Powered by gCards v1.46 SQL turkish-warriorr (Apr 21)
Fones Clinic Mart SQL turkish-warriorr (Apr 14)
virangar_nml
Wikepage Opus 13 2007.2 Directory Traversal Vulnerbility virangar_nml (Apr 07)
VMware Security team
VMSA-2008-0007 Moderate Updated Service Console packages pcre, net-snmp, and OpenPegasus VMware Security team (Apr 16)
vulnerabilityresearch
DDIVRT-2008-11 BadBlue uninst.exe DoS vulnerabilityresearch (Apr 24)
vulns
[W01-0408] Realtek HD Audio Codec Drivers (Vista) - Local Privilege Escalation vulns (Apr 23)
w0lfd33m
Re: Re: Internet explorer 7.0 spoofing w0lfd33m (Apr 01)
Williams, James K
CA DSM gui_cm_ctrls ActiveX Control Vulnerability Williams, James K (Apr 16)
CA Alert Notification Server Multiple Vulnerabilities Williams, James K (Apr 04)
CA ARCserve Backup for Laptops and Desktops Server and CA Desktop Management Suite Multiple Vulnerabilities Williams, James K (Apr 04)
win32 . exe
remote file include win32 . exe (Apr 15)
remote file include win32 . exe (Apr 15)
wsn1983
Microsoft Works 7 WkImgSrv.dll crash POC wsn1983 (Apr 17)
yeppy
Re: Wikepage Opus 13 2007.2 Directory Traversal Vulnerbility yeppy (Apr 08)
zdi-disclosures
ZDI-08-020: Microsoft GDI WMF Parsing Heap Overflow Vulnerability zdi-disclosures (Apr 08)
ZDI-08-022: Apple Safari WebKit PCRE Handling Integer Overflow Vulnerability zdi-disclosures (Apr 16)
ZDI-08-018: Apple QuickTime Run Length Encoding Heap Overflow Vulnerability zdi-disclosures (Apr 04)
ZDI-08-019: Apple QuickTime Malformed VR obji Atom Parsing Memory Corruption Vulnerability zdi-disclosures (Apr 04)
ZDI-08-021: Adobe Flash Player DeclareFunction2 Invalid Object Use Vulnerability zdi-disclosures (Apr 09)
ZDI-08-015: Apple QuickTime Clipping Region Heap Overflow Vulnerability zdi-disclosures (Apr 04)
ZDI-08-014: Apple Quicktime Multiple Opcode Memory Corruption Vulnerabilities zdi-disclosures (Apr 04)
ZDI-08-016: Apple QuickTime MP4A Atom Parsing Heap Corruption Vulnerability zdi-disclosures (Apr 04)
ZDI-08-017: Apple QuickTime Kodak Encoding Heap Overflow Vulnerability zdi-disclosures (Apr 04)