Bugtraq: by date

PreviousPrevious period
Next periodNext

400 messages starting Mar 01 08 and ending Mar 31 08
Date index | Thread index | Author index

Saturday, 01 March

Mambo com_Musica "id" Remote SQL Injection no-reply
Koobi CMS 4.3.0 - 4.2.3 (categ) Remote SQL Injection Vulnerability sys-project
h2desk helpdesk path disclosure vulnerability joseph . giron13
PHP-Nuke Copyright 2005 SQL turkish-warriorr
Livebox Router vulnerability to REMOTE BUFFER OVERFLOW DoS (FTPD)_ 0in . email
The Router Hacking Challenge is Over! Petko D. Petkov

Monday, 03 March

Dynamic photo gallery V1.02 SQL Injection no-reply
[ GLSA 200803-02 ] Firebird: Multiple vulnerabilities Pierre-Yves Rofes
kcwiki 1.0 multiple remote file inclusion vulnerabilities. muuratsalo experimental hack lab
XSS in XP Book version 3.0 xx_hack_xx_2004
[ GLSA 200803-01 ] Adobe Acrobat Reader: Multiple vulnerabilities Pierre-Yves Rofes
Squid Analysis Report Generator <= 2.2.3.1 buffer overflow L4teral
Recon 2008 - Call For Paper Recon
[ GLSA 200803-03 ] Audacity: Insecure temporary file creation Pierre-Yves Rofes
Re: Crafty Syntax Xss Vulnerability erics
[DSECRG-08-017] Flyspray 0.9.9.4 Multiple Security Vulnerabilities Digital Security Research Group
CSRF in joomla 1.0.11 stable version vivek_infosec
DDIVRT-2008-10 PacketTrap TFTP Directory Traversal Vulnerability vulnerabilityresearch
Re: CSRF in joomla 1.0.11 stable version zinho
Multiple integer overflows in Borland StarTeam server 10.0.0.57 Luigi Auriemma
Cross-site Scripting and CSRF in TorrentTrader Classic v1.08 Valery Marchuk
LayerOne 2008 Update Layer One
DDIVRT-2008-09 PacketTrap PT360 Tool Suite TFTP Denial of Service Vulnerability vulnerabilityresearch
[ GLSA 200803-05 ] SplitVT: Privilege escalation Pierre-Yves Rofes
[SECURITY] [DSA 1511-1] New libicu packages fix multiple problems Steve Kemp
[ GLSA 200803-06 ] SWORD: Shell command injection Pierre-Yves Rofes
[ GLSA 200803-07 ] Paramiko: Information disclosure Pierre-Yves Rofes
[ GLSA 200803-04 ] Mantis: Cross-Site Scripting Pierre-Yves Rofes
Airscanner Mobile Security Advisory #07122001: Eye-Fi Multiple Vulnerabilities Seth Fogie

Tuesday, 04 March

VMSA-2008-0004 Low: Updated e2fsprogs service console package VMware Security team
[ MDVSA-2008:057 ] - Updated wireshark packages fix denial of service vulnerabilities security
PHP-Nuke Module eGallery "pid" Remote SQL Injection no-reply
PHP-Nuke Module "seminar" Local FIle Inclusion no-reply
Re: Crafty Syntax Xss Vulnerability cmzs
SolpotCrew Advisory #16 - Mitra Informatika Solusindo cart Remote Sql Injection Exploit nyubicrew
[ GLSA 200803-08 ] Win32 binary codecs: Multiple vulnerabilities Pierre-Yves Rofes
[ GLSA 200803-09 ] Opera: Multiple vulnerabilities Pierre-Yves Rofes
Minigal 2 critical XSS jose
Dovecot mail_extra_groups setting is often used insecurely Timo Sirainen
CORE-2008-0124: Multiple vulnerabilities in Google's Android SDK Core Security Technologies Advisories
Arbitrary commands execution in Versant Object Database 7.0.1.3 Luigi Auriemma

Wednesday, 05 March

[SECURITY] [DSA 1512-1] New evolution packages fix arbitrary code execution Thijs Kinkhorst
Firewire Attack on Windows Vista Bernhard Mueller
Re: Firewire Attack on Windows Vista Thierry Zoller
Multiple vulnerabilities in Perforce Server 2007.3/143793 Luigi Auriemma
[ GLSA 200803-10 ] lighttpd: Multiple vulnerabilities Pierre-Yves Rofes
ERRATA: [ GLSA 200801-09 ] X.Org X server and Xfont library: Multiple vulnerabilities Robert Buchholz
[ MDVSA-2008:059 ] - Updated tcl packages fix vulnerability security
RE: Firewire Attack on Windows Vista Roger A. Grimes
[ MDVSA-2008:058 ] - Updated openldap packages fix multiple vulnerabilities security
[USN-583-1] Evolution vulnerability Kees Cook

Thursday, 06 March

[ GLSA 200803-12 ] Evolution: Format string vulnerability Pierre-Yves Rofes
[ MDVSA-2008:060 ] - Updated Joomla! packages fix multiple vulnerabilities security
[USN-584-1] OpenLDAP vulnerabilities Jamie Strandboge
[ GLSA 200803-11 ] Vobcopy: Insecure temporary file creation Pierre-Yves Rofes
[SECURITY] [DSA 1503-2] New Linux kernel 2.4.27 packages fix several issues dann frazier
[DSECRG-08-018] Ruby 1.8.6 (Webrick Httpd 1.3.1) Directory traversal file Download Vulnerability Alexandr Polyakov
Re: Firewire Attack on Windows Vista Peter Watkins
Re: Firewire Attack on Windows Vista Daniel O'Connor
Checkpoint VPN-1 UTM Edge cross-site scripting Henri Lindberg - Smilehouse Oy
Sun JDK image parsing vulnerabilities Chris Evans
Re: Firewire Attack on Windows Vista Tonnerre Lombard
PHP-Nuke KutubiSitte "kid" SQL Injection lovebug
Re: [DSECRG-08-018] Ruby 1.8.6 (Webrick Httpd 1.3.1) Directory traversal file Download Vulnerability H D Moore
RE: Firewire Attack on Windows Vista bzhbfzj3001
RE: Firewire Attack on Windows Vista Larry Seltzer
Directory traversal in MicroWorld eScan Server 9.0.742.98 Luigi Auriemma
[SECURITY] [DSA 1513-1] New lighttpd packages fix CGI source disclosure Steve Kemp
[ MDVSA-2008:061 ] - Updated mailman packages fix multiple XSS vulnerabilities security
Re: Multiple vulnerabilities in Double-Take 5.0.0.2865 Steve Shockley
[USN-582-2] Thunderbird vulnerabilities Jamie Strandboge

Friday, 07 March

[ MDVSA-2008:062 ] - Updated Thunderbird packages fix multiple vulnerabilities security
WordPress Multiple Cross-Site Scripting Vulnerabilities DoZ
[ MDVSA-2008:063 ] - Updated Evolution packages fix critical vulnerability security
Horde Webmail file inclusion proof of concept & patch. ppelanne
Re: [Full-disclosure] Firewire Attack on Windows Vista Tim
Re: [Full-disclosure] Firewire Attack on Windows Vista Tim
RE: [Full-disclosure] Firewire Attack on Windows Vista Larry Seltzer
RE: [Full-disclosure] Firewire Attack on Windows Vista Larry Seltzer
RE: [Full-disclosure] Firewire Attack on Windows Vista Glenn.Everhart
PHP-Nuke KutubiSitte "kid" SQL Injection exploit code adding r080cy90r
Re: [Full-disclosure] Firewire Attack on Windows Vista Tim
RE: Firewire Attack on Windows Vista Thor (Hammer of God)
RE: [Full-disclosure] Firewire Attack on Windows Vista Thor (Hammer of God)
Re: [Full-disclosure] Firewire Attack on Windows Vista Tim
Re: Firewire Attack on Windows Vista Tonnerre Lombard
Re: Firewire Attack on Windows Vista Nathanael Hoyle
Multiple vulnerabilities in MailEnable Professional/Enterprise 3.13 Luigi Auriemma
RE: [Full-disclosure] Firewire Attack on Windows Vista Larry Seltzer
RE: [Full-disclosure] Firewire Attack on Windows Vista Thor (Hammer of God)
RE: [Full-disclosure] Firewire Attack on Windows Vista Thor (Hammer of God)
RE: [Full-disclosure] Firewire Attack on Windows Vista Larry Seltzer
rPSA-2008-0099-1 dbus dbus-glib dbus-qt dbus-x11 rPath Update Announcements
[ MDVSA-2008:064 ] - Updated tomboy packages fix improper LD_LIBRARY_PATH handling security
XSS in Neptune Web Server nima_501
[ GLSA 200803-13 ] VLC: Multiple vulnerabilities Pierre-Yves Rofes

Saturday, 08 March

[ GLSA 200803-14 ] Ghostscript: Buffer overflow Pierre-Yves Rofes
Re: Horde Webmail file inclusion proof of concept & patch. Ben Klang
F5 BIG-IP Web Management Console XSS nnposter
Alkacon OpenCms logfileViewSettings.jsp XSS, file disclosure nnposter
[TKADV2008-001] Panda Internet Security/Antivirus+Firewall 2008 cpoint.sys Kernel Driver Memory Corruption Vulnerability Tobias Klein
WoltLab Burning Board Lite 2 Beta 1 Thread Delete CSRF Vulnerability nbbn
RE: [Full-disclosure] Firewire Attack on Windows Vista Larry Seltzer
RE: [Full-disclosure] Firewire Attack on Windows Vista Larry Seltzer
Re: [Full-disclosure] Firewire Attack on Windows Vista Tim

Monday, 10 March

[SECURITY] [DSA 1514-1] New moin packages fix several vulnerabilities Moritz Muehlenhoff
[ GLSA 200803-15 ] phpMyAdmin: SQL injection vulnerability Pierre-Yves Rofes
[security bulletin] HPSBUX02306 SSRT071463 rev.2 - HP-UX Running ARPA Transport, Remote Denial of Service (DoS) security-alert
VHCS <= 2.4.7.1 (vhcs2_daemon) Remote Root Exploit gmdarkfig
[ MDVSA-2008:065 ] - Updated pulseaudio packages fix denial of service vulnerabilities security
Re: [Full-disclosure] Firewire Attack on Windows Vista Tim
Re: [Full-disclosure] Firewire Attack on Windows Vista Jacob Appelbaum
RE: [Full-disclosure] Firewire Attack on Windows Vista Larry Seltzer
Re: Firewire Attack on Windows Vista Stefan Kanthak
PHP-Nuke SQL injection Module "Hadith" [cat] lovebug
Firebird remote BOF POC underwater
Re: [Full-disclosure] Firewire Attack on Windows Vista Stefan Kanthak
Summer Camp 2008 - La Garrotxa Gerardo García Peña
RE: [Full-disclosure] Firewire Attack on Windows Vista Larry Seltzer
Re: [Full-disclosure] Firewire Attack on Windows Vista Ansgar -59cobalt- Wiechers
[ GLSA 200803-16 ] MPlayer: Multiple buffer overflows Pierre-Yves Rofes
Invalid memory access in Acronis True Image Group Server 1.5.19.191 Luigi Auriemma
[ GLSA 200803-17 ] PDFlib: Multiple buffer overflows Pierre-Yves Rofes
Denial of Service in PacketTrap TFTP server 2.0.3901.0 Luigi Auriemma
NULL pointer in Remotely Anywhere 8.0.668 Luigi Auriemma
Directory traversal and NULL pointer in Acronis PXE Server 2.0.0.1076 Luigi Auriemma
iDefense Security Advisory 03.10.08: SAP MaxDB Signedness Error Heap Corruption Vulnerability iDefense Labs
Vulnerabilities in Timbuktu Pro 8.6.5 Luigi Auriemma
Multiple vulnerabilities in ASG-Sentry 7.0.0 Luigi Auriemma
iDefense Security Advisory 03.10.08: SAP MaxDB sdbstarter Privilege Escalation Vulnerability iDefense Labs
NULL pointer in Acronis True Image Windows Agent 1.0.0.54 Luigi Auriemma
Directory traversal in Argon Client Management Services 1.31 Luigi Auriemma
[ GLSA 200803-18 ] Cacti: Multiple vulnerabilities Pierre-Yves Rofes

Tuesday, 11 March

[security bulletin] HPSBUX02316 SSRT071495 rev.1 - HP-UX running HP CIFS Server (Samba), Remote Execution of Arbitrary Code security-alert
[USN-585-1] Python vulnerabilities Kees Cook
Re: [Full-disclosure] Firewire Attack on Windows Vista Jacob Appelbaum
Re: [Full-disclosure] Vulnerabilities in Timbuktu Pro 8.6.5 titon
Advisory: SQL-Injections in Mapbender RedTeam Pentesting GmbH
Re: Firewire Attack on Windows Vista Steve Shockley
Mambo Components ensenanzas "id" Remote SQL Injection no-reply
Re: [Full-disclosure] Vulnerabilities in Timbuktu Pro 8.6.5 Luigi Auriemma
PHP-Nuke Module NukeC30 sql injection houssamix
[security bulletin] HPSBUX02313 SSRT080015 rev.2 - HP-UX Running Apache, Remote Cross Site Scripting (XSS) security-alert
Re: Remotely Anywhere 'Accept-Charset' Parameter NULL Pointer patrick
ACROS Security: Session Fixation Vulnerability in WebLogic Administration Console (#2008-03-11-2) ACROS Security
ACROS Security: HTML Injection in BEA WebLogic Server Console (ASPR #2008-03-11-1) ACROS Security
Re: [Full-disclosure] Firewire Attack on Windows Vista FD
CORE-2008-0204: Timbuktu Pro Remote Path Traversal and Log Injection Core Security Technologies Advisories
ZDI-08-008: Microsoft Excel BIFF File Format Cell Record Parsing Memory Corruption Vulnerability zdi-disclosures
Advisory Adobe LiveCycle Workflow XSS Vulnerability Liquidmatrix Security Digest
PHP-Nuke Module ZClassifieds [cat] SQL Injection lovebug
[ GLSA 200803-19 ] Apache: Multiple vulnerabilities Pierre-Yves Rofes
[ GLSA 200803-20 ] International Components for Unicode: Multiple vulnerabilities Pierre-Yves Rofes
TPTI-08-03: Microsoft Excel Rich Text Memory Corruption Vulnerability DVLabs

Wednesday, 12 March

iDefense Security Advisory 03.11.08: Microsoft Excel DVAL Heap Corruption Vulnerability iDefense Labs
uberghey cms 0.3.1 multiple local file inclusion vulnerabilities muuratsalo experimental hack lab
[SECURITY] [DSA 1515-1] New libnet-dns-perl packages fix several vulnerabilities Florian Weimer
travelsized cms 0.4.1 multiple local file inclusion vulnerabilities muuratsalo experimental hack lab
iDefense Security Advisory 03.11.08: Microsoft Excel 2003 Malformed Formula Memory Corruption Vulnerability iDefense Labs
iDefense Security Advisory 03.11.08: Microsoft Outlook mailto Command Line Switch Injection iDefense Labs
Re: VHCS <= 2.4.7.1 (vhcs2_daemon) Remote Root Exploit Maximiliano Müller
Cisco Security Advisory: Cisco Secure Access Control Server for Windows User-Changeable Password Vulnerabilities Cisco Systems Product Security Incident Response Team
hacking a pacemaker Gadi Evron
Cisco ACS UCP Remote Pre-Authentication Buffer Overflows Felix 'FX' Lindner
rPSA-2008-0106-1 lighttpd rPath Update Announcements
ZDI-08-010: Java Web Start encoding Stack Buffer Overflow zdi-disclosures
ZDI-08-009: Java Web Start tempbuff Stack Buffer Overflow zdi-disclosures
Powered by phpBB 2001, 2006 (SQL) turkish-warriorr
[ GLSA 200803-21 ] Sarg: Remote execution of arbitrary code Raphael Marichez
Format string in McAfee Framework 3.6.0.569 (ePolicy Orchestrator 4.0) Luigi Auriemma
rPSA-2008-0108-1 dovecot rPath Update Announcements

Thursday, 13 March

Re: Directory traversal and DoS in WinIPDS G52-33-021 ph
Re: PHP-Nuke Module NukeC30 sql injection my_msn_my_msn_my
XSS in PHP-Nuke (eWeather module) nima_501
Directory traversal in EdiorCMS V3.0 wsn1983
Re: Re: VHCS <= 2.4.7.1 (vhcs2_daemon) Remote Root Exploit app
Zabbix (zabbix_agentd) denial of service Milen Rangelov
Rise of the spammers vulns
Re: Firewire Attack on Windows Vista Stefan Kanthak
Rapid7 Advisory R7-0032: Microsoft Internet Explorer FTP Command Injection Vulnerability kralor
Update+Errata: Re: A paper by Amit Klein (Trusteer): "OpenBSD DNS Cache Poisoning and Multiple O/S Predictable IP ID Vulnerability" Amit Klein
Re: Re: Re: VHCS <= 2.4.7.1 (vhcs2_daemon) Remote Root Exploit sad_wabi_user
PR08-02: Plone CMS Security Research - the Art of Plowning ProCheckUp Research
Office XP Remote SQL Injection no-reply
[ MDVSA-2008:066 ] - Updated gcc packages fix directory traversal vulnerability in fastjar security
ZDI-08-011: IBM Informix Dynamic Server DBPATH Buffer Overflow Vulnerability zdi-disclosures
ZDI-08-012: IBM Informix Dynamic Server Authentication Password Stack Overflow Vulnerability zdi-disclosures

Friday, 14 March

Cisco Security Advisory: CiscoWorks Internetwork Performance Monitor Remote Command Execution Vulnerability Cisco Systems Product Security Incident Response Team
[ GLSA 200803-22 ] LIVE555 Media Server: Denial of Service Pierre-Yves Rofes
Airspan WiMAX ProST Authentication Bypass Vulnerability admin
Re: Office XP Remote SQL Injection Steve Shockley
EasyGallery <= 5.0tr - Multiple Remote Vulnerabilities sys-project

Saturday, 15 March

Black Hat Announcements: New CFP system and Japan '08 confirmed jmoss
Local persistent DoS in Windows XP SP2 Taskmgr SkyOut
[SECURITY] [DSA 1516-1] New dovecot packages fix privilege escalation Florian Weimer
Troopers08 Security Conference, April 23/24 (Munich/Germany) Enno Rey
[USN-586-1] mailman vulnerability Kees Cook
Rosoft Media Player 4.1.8 RML Stack Based Buffer Overflow opexoc
XNview 1.92.1 Long Filename Overflow Sylvain

Monday, 17 March

[SECURITY] [DSA 1517-1] New ldapscripts packages fix information disclosure Thijs Kinkhorst
[SECURITY] [DSA 1518-1] New backup-manager packages fix information disclosure Thijs Kinkhorst
[SECURITY] [DSA 1519-1] New horde3 packages fix information disclosure Thijs Kinkhorst
Joomla components com_guide "category" Remote SQL Injection [Aria-Security] no-reply
Re: Local persistent DoS in Windows XP SP2 Taskmgr paraw
[SECURITY] [DSA 1520-1] New smarty packages fix arbitrary code execution Thijs Kinkhorst
Re: Format string in McAfee Framework 3.6.0.569 (ePolicy Orchestrator 4.0) neodwija
[ GLSA 200803-23 ] Website META Language: Insecure temporary file usage Pierre-Yves Rofes
RE: Local persistent DoS in Windows XP SP2 Taskmgr Thor (Hammer of God)
[SECURITY] [DSA 1521-1] New lighttpd packages fix arbitrary file disclosure Steve Kemp
vuln in snewscms Rus v 2.3 www . yo . by
EasyCalendar <= 4.0tr - Multiple Remote Vulnerabilities sys-project
Mutiple Timesheets <= 5.0 - Multiple Remote Vulnerabilities sys-project
Security Advisory on RSA Web ID (XSS) quentin . berdugo
raidsonic nas-4220 crypt disk key leak (stored in plain on unencrypted partition) Collin R. Mulliner
[SECURITY] [DSA 1493-2] New sdl-image1.2 packages fix arbitrary code execution Thijs Kinkhorst
Re: Rosoft Media Player 4.1.8 RML Stack Based Buffer Overflow david130490
Re: Format string in McAfee Framework 3.6.0.569 (ePolicy Orchestrator 4.0) greentea-lemon
VLC highlander bug Luigi Auriemma
Multiple vulnerabilities in Net Inspector 6.5.0.828 Luigi Auriemma
Buffer-overflow in BootManage TFTPD 1.99 Luigi Auriemma
Home FTP Server DoS 0in . email
Agile Hacking Petko D. Petkov

Tuesday, 18 March

[SECURITY] [DSA 1485-2] New icedove packages fix regression Moritz Muehlenhoff
Cross Site Scripting (XSS) in phpstats 0.1_alpha, CVE-2008-0125 Hanno Böck
Re: Re: Rosoft Media Player 4.1.8 RML Stack Based Buffer Overflow opexoc
Re: Re: Rosoft Media Player 4.1.8 RML Stack Based Buffer Overflow opexoc
[SECURITY] [DSA 1522-1] New unzip packages fix potential code execution Florian Weimer
[SECURITY] [DSA 1523-1] New ikiwiki packages fix cross-site scripting Florian Weimer
eForum 0.4 XSS omnipresent
VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues VMware Security team
[ GLSA 200803-25 ] Dovecot: Multiple vulnerabilities Robert Buchholz
Internet Explorer 7.0 crash jplopezy
[security bulletin] HPSBST02320 SSRT080028 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-014 to MS08-017 security-alert
cPanel 11.x => List Directories and Folders xx_hack_xx_2004
[ GLSA 200803-24 ] PCRE: Buffer overflow Tobias Heinlein
MITKRB5-SA-2008-001: double-free, uninitialized data vulnerabilities in krb5kdc raeburn
[ GLSA 200803-26 ] Adobe Acrobat Reader: Insecure temporary file creation Robert Buchholz
Digital Armaments March-April Hacking Challenge: 5,000$ Prize - Client Vulnerabilities and Exploit info
MITKRB5-SA-2008-001: double-free, uninitialized data vulnerabilities in krb5kdc raeburn
MITKRB5-SA-2008-002: array overrun in RPC library used by kadmin (resend, corrected subject) raeburn
CORE-2008-0123: Leopard Server Remote Path Traversal Core Security Technologies Advisories
[SECURITY] [DSA 1524-1] New krb5 packages fix multiple vulnerabilities Noah Meyerhans
iDefense Security Advisory 03.18.08: Multiple Vendor CUPS CGI Heap Overflow Vulnerability iDefense Labs
[ MDVSA-2008:067 ] - Updated nagios packages fix multiple vulnerabilities security

Wednesday, 19 March

[ GLSA 200803-27 ] MoinMoin: Multiple vulnerabilities Pierre-Yves Rofes
AST-2008-005: HTTP Manager ID is predictable Asterisk Security Team
phpBB 2.0.23 Session Hijacking Vulnerability nbbn () gmx net
[USN-587-1] Kerberos vulnerabilities Kees Cook
Mambo/joomla com_intellect "page" LFI [Aria-Security] no-reply
AST-2008-004: Format String Vulnerability in Logger and Manager Asterisk Security Team
AST-2008-003: Unauthenticated calls allowed from SIP channel driver Asterisk Security Team
[ MDVSA-2008:068 ] - Updated unzip packages vulnerability security
AST-2008-002: Two buffer overflows in RTP Codec Payload Handling Asterisk Security Team
Question on CERT-FI and CPNI Joint Vulnerability Advisory on Archive Formats? James Connery
HPSBST02321 SSRT080029 rev.1 - HP StorageWorks Library and Tape Tools (LTT) Running on HP-UX, Local Unauthorized Access security-alert
CS-Cart XSS swhite
IBM Rational ClearQuest Web Multiple XSS Vulnerabilities swhite

Thursday, 20 March

[ GLSA 200803-28 ] OpenLDAP: Denial of Service vulnerabilities Pierre-Yves Rofes
[ MDVSA-2008:069 ] - Updated Kerberos packages fix multiple vulnerabilities security
[ MDVSA-2008:070 ] - Updated Kerberos packages fix multiple vulnerabilities security
[ MDVSA-2008:071 ] - Updated Kerberos packages fix multiple vulnerabilities security
rPSA-2008-0112-1 krb5 krb5-server krb5-services krb5-test krb5-workstation rPath Update Announcements
[ GLSA 200803-30 ] ssl-cert eclass: Certificate disclosure Robert Buchholz
[SECURITY] [DSA 1506-2] New iceape packages fix regression Moritz Muehlenhoff
Pizco vulnerable to buffer overflow in activex david130490
Easy-Clanpage 2.2 (id) Remote SQL Injection Vulnerability info
[ GLSA 200803-29 ] ViewVC: Multiple vulnerabilities Tobias Heinlein
[SECURITY] [DSA 1525-1] New asterisk packages fix several vulnerabilities Moritz Muehlenhoff
[USN-588-1] MySQL vulnerabilities Jamie Strandboge
KAPhotoservice (album.asp) Remote SQL Injection Exploit sys-project
[SECURITY] [DSA 1522-1] New xwine packages fix several vulnerabilities Steve Kemp
Note about recently publicized CA BrightStor ActiveX exploit code Williams, James K
[ MDVSA-2008:072 ] - Updated kernel packages fix vulnerability security
Multiple heap overflows in xine-lib 1.1.11 Luigi Auriemma
[USN-589-1] unzip vulnerability Kees Cook
[ MDVSA-2008:073 ] - Updated perl-Net-DNS packages fix DoS vulnerability security

Friday, 21 March

[ MDVSA-2008:074 ] - Updated audacity package fixes insecure temporary directory creation security
CanSecWest 2008 PWN2OWN - Mar 26-28 Dragos Ruiu
[MSA02240108] IE7 allows overwriting of several headers leading to Http request Splitting and smuggling. Minded Security Research Labs
[INFIGO-2008-03-07]: Surgemail 38k4 IMAP server remote stack overflow infocus
Re: Horde Webmail file inclusion proof of concept & patch. David Morton
MS08-014 Anonymous
[MSA01240108] IE7 Transfer-Encoding: chunked allows Request Splitting/Smuggling. Minded Security Research Labs
DotNetNuke Default Machine Key Exposure labs
webutil.pl is still vulnerable against Remote Command Execution. zero-x
{securityreason.com}PHP 5 *printf() - Integer Overflow cxib

Saturday, 22 March

XSS in cPanel 11.x xx_hack_xx_2004
Re: Simple Machines Forum "SMF Shoutbox" Mod Persistent XSS vermsky
Safari 3.1 for windows download bug jplopezy
Buffer-overflow in ASUS Remote Console 2.0.0.24 Luigi Auriemma
rPSA-2008-0116-1 unzip rPath Update Announcements
rPSA-2008-0118-1 bzip2 rPath Update Announcements
Fedora, Ubuntu publish wrong advisories for CVE-2007-6318 Abel Cheung
hacking the mitsubishi GB-50A Chris Withers
phpAddressBook v2.11 Multiple Local File Inclusion Vulnerabilities Guns
Google SoC 2008: Security Projects jkouns
Safari browser 3.1 (525.13) spoofing jplopezy

Monday, 24 March

EfesTech E-Kontr (id) Remote SQL INJECTION dj_remix_20
F5 BIG-IP Web Management Audit Log XSS nnposter
Re: Potential SQL injection vulnerability in Apache::AuthCAS dcastro
[ MDVSA-2008:075 ] - Updated bzip2 packages fix denial of service vulnerability security
Linksys phone adapter denial of service sipherr
Alkacon OpenCms users_list.jsp searchfilter XSS nnposter
ircu/snircd remote crash vulnerability Chris Porter
RE: hacking the mitsubishi GB-50A Desai, Ashish
Re: Linksys phone adapter denial of service J. Oquendo
Re: XSS in cPanel 11.x morin . josh
[SECURITY] [DSA 1527-1] New debian-goodies packages fix privilege escalation Thijs Kinkhorst
[DSECRG-08-019] LFI in PowerBook 1.21 Digital Security Research Group
[DSECRG-08-020] RFI-LFI in PowerClan 1.14a Digital Security Research Group
[DSECRG-08-021] Multiple LFI in PowerPHPBoard 1.00b Digital Security Research Group
Hamachi Password Disclosure Vulnerability evilcry
Re: Re: Linksys phone adapter denial of service sipherr
Re: Linksys phone adapter denial of service orsino
Re: Linksys phone adapter denial of service J. Oquendo
RE: hacking the mitsubishi GB-50A James C. Slora Jr.
HIS-webshop is vulnerable against Directory-Traversal (www.shoppark.de) zero-x
[SECURITY] [DSA 1528-1] New serendipity packages fix cross site scripting Thijs Kinkhorst
[USN-591-1] libicu vulnerabilities Jamie Strandboge
[USN-590-1] bzip2 vulnerability Kees Cook
[ GLSA 200803-31 ] MIT Kerberos 5: Multiple vulnerabilities Robert Buchholz
[ GLSA 200803-32 ] Wireshark: Denial of Service Pierre-Yves Rofes

Tuesday, 25 March

Re: Linksys phone adapter denial of service Michael VERGOZ
aeries browser interface(ABI) 3.8.3.14 Remote SQL Injection arsalan1991
Re: hacking the mitsubishi GB-50A Vincent Archer
Re: hacking the mitsubishi GB-50A Chris Withers
Re: [BUGTRAQ] RE: hacking the mitsubishi GB-50A Joe
[SECURITY] [DSA 1530-1] New cupsys packages fix multiple vulnerabilities Noah Meyerhans
e107 My_Gallery Plugin Arbitrary File Download Vulnerability Jerome Athias
rPSA-2008-0120-1 gnome-ssh-askpass openssh openssh-client openssh-server rPath Update Announcements
Cuteflow Bin v1.5.0 Local File Inclusion Vuln r57blg
rPSA-2008-0123-1 ruby rPath Update Announcements
[DSECRG-08-022] Multiple Security Vulnerabilities in Bolinos 4.6.1 Digital Security Research Group
CORE-2007-1212: SILC pkcs_decode buffer overflow Core Security Technologies Advisories
phpBB PJIRC mod LFI 0in . email

Wednesday, 26 March

Blackboard Academic Suite Multiple XSS Vulnerabilities knight4vn
[security bulletin] HPSBTU02322 SSRT080011 rev.1 - HP Tru64 UNIX running SSH/SFTP Server, Remote Execution of Arbitrary Code or Denial of Service (DoS) security-alert
Aztech ADSL2/2+ 4 Port remote root sipherr
Re: hacking the mitsubishi GB-50A Steven M. Christey
php-addressbook v2.0 SQL Injection Vulnerbility hadihadi_zedehal_2006
Re: Logaholic Web Analytics Software andre
Cisco Security Advisory: Multiple DLSw Denial of Service Vulnerabilities in Cisco IOS Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco IOS Multicast Virtual Private Network (MVPN) Data Leak Cisco Systems Product Security Incident Response Team
[USN-592-1] Firefox vulnerabilities Jamie Strandboge
Cisco Security Advisory: Cisco IOS User Datagram Protocol Delivery Issue For IPv4/IPv6 Dual-stack Routers Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Vulnerability in Cisco IOS with OSPF, MPLS VPN, and Supervisor 32, Supervisor 720, or Route Switch Processor 720 Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco IOS Virtual Private Dial-up Network Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team
ZDI-08-013: Novell eDirectory for Linux Stack Overflow zdi-disclosures
Invision Power Board <=2.3.x iFrame Vuln shaheemirza
Re: hacking the mitsubishi GB-50A Chris Withers
Multiple vulnerabilities in solidDB 06.00.1018 Luigi Auriemma
[ MDVSA-2008:076 ] - Updated wml packages fix symlink vulnerabilities security

Thursday, 27 March

[USN-593-1] Dovecot vulnerabilities Kees Cook
Multiple XSS in DigiDomain xx_hack_xx_2004
[ MDVSA-2008:077 ] - Updated perl-Tk packages fix GIF processing vulnerability security
[SECURITY] [DSA 1529-1] New Firebird packages fix several vulnerabilities Moritz Muehlenhoff
[USN-596-1] Ruby vulnerabilities Kees Cook
[USN-594-1] libnet-dns-perl vulnerability Kees Cook
TopperMod 2.0 Remote SQL Injection Vulnerability r57blg
[ MDVSA-2008:078 ] - Updated openssh packages fix X connection hijacking security
[securityreason] *BSD libc (strfmon) Multiple vulnerabilities cxib
[USN-595-1] SDL_image vulnerabilities Kees Cook
JAF-CMS 4.0 RC2 Multiple Remote File Inclusion Vulnerabilities r57blg
[SECURITY] [DSA 1531-1] New policyd-weight packages fix insecure temporary files Thijs Kinkhorst
Re: JAF-CMS 4.0 RC2 Multiple Remote File Inclusion Vulnerabilities str0ke
Re: [securityreason] *BSD libc (strfmon) Multiple vulnerabilities Christos Zoulas
rPSA-2008-0128-1 firefox rPath Update Announcements

Friday, 28 March

[SECURITY] [DSA 1532-1] New xulrunner packages fix several vulnerabilities Moritz Muehlenhoff
[ MDVSA-2008:079 ] - Updated sarg packages fix multiple vulnerabilities security
[SECURITY] [DSA 1533-1] New exiftags packages fix several vulnerabilities Devin Carraway
Smf 1.1.4 Remote File Inclusion Vulnerabilities sibertrwolf
Re: Heap overflow in Sybase MobiLink 10.0.1.3629 jsavill
[security bulletin] HPSBGN02305 SSRT080004 rev.1 - HP Compaq Business Notebook PC BIOS, Local Denial of Service (DoS) security-alert
[security bulletin] HPSBGN02319 SSRT080027 rev.1 - HP Compaq Notebook PC BIOS, Local Unauthorized Access security-alert
[security bulletin] HPSBOV02278 SSRT071479 rev.1 - HP OpenVMS SSH Using TCP/IP Services for OpenVMS, Remote Unauthorized Access security-alert
CA Multiple Products DSM ListCtrl ActiveX Control Buffer Overflow Vulnerability Williams, James K
XChat 2.8.4-1 - Multiple Vulnerabilities evilcry
Re: Smf 1.1.4 Remote File Inclusion Vulnerabilities fake
[SECURITY] [DSA 1534-1] New iceape packages fix several vulnerabilities Moritz Muehlenhoff
Re: Smf 1.1.4 Remote File Inclusion Vulnerabilities Jindrich Kubec
Immunity Debugger 1.5 Nicolas Waisman
Re: XChat 2.8.4-1 - Multiple Vulnerabilities fabio
Re: Smf 1.1.4 Remote File Inclusion Vulnerabilities Mike Duncan
Internet explorer 7.0 spoofing jplopezy

Saturday, 29 March

[ MDVSA-2008:080 ] - Updated Firefox packages fix multiple vulnerabilities security
VMSA-2008-0006 Updated libxml2 service console package VMware Security team
Re: Internet explorer 7.0 spoofing w0lfd33m
CuteFlow Version 1.5.0 Multiple Remote Vulnerabilities hadihadi_zedehal_2006

Monday, 31 March

Re: Internet explorer 7.0 spoofing mouss
Re: Re: XChat 2.8.4-1 - Multiple Vulnerabilities omnipresent
Proviso SiteKiosk File Download Vulnerability nebelfrost23
Efestech Video v5,0 (id) Remote Sql Injection dj_remix_20
[SECURITY] [DSA 1531-2] New policyd-weight packages fix insecure temporary files Thijs Kinkhorst
PacketTrap Networks pt360 2.0.39 TFTPD Remote DoS Exploit r57blg
London DEFCON meet - DC4420 - New Venue - Wednesday 2nd April, 2008 Major Malfunction
[TKADV2008-002] avast! 4.7 aavmker4.sys Kernel Memory Corruption Tobias Klein
rPSA-2008-0132-1 lighttpd rPath Update Announcements
Directory traversal in 2X ThinClientServer v5.0_sp1-r3497 Luigi Auriemma
[SECURITY] [DSA 1535-1] New iceweasel packages fix several vulnerabilities Moritz Muehlenhoff
Paper by Amit Klein (Trusteer): "PowerDNS Recursor DNS Cache Poisoning [pharming]" Amit Klein
PreviousPrevious period
Next periodNext