Bugtraq: by thread

Previous period

Next period

342 messages starting Dec 01 05 and ending Dec 31 05
Date index | Thread index | Author index

Re: DNS query spam fugi (Dec 01)
- Re: DNS query spam Piotr Kamisiski (Dec 01)
Re: - Cisco IOS HTTP Server code injection/execution vulnerability- Florian Weimer (Dec 01)
- <Possible follow-ups>
- Re: - Cisco IOS HTTP Server code injection/execution vulnerability- Mike Caudill (Dec 02)
Re: What is wrong with these people? Steve Shockley (Dec 01)
PhpX <= 3.5.9 SQL Injection -> login bypass -> remote command/code execution retrogod (Dec 01)
Re: WebCalendar Multiple Vulnerabilities craig (Dec 01)
Sunbelt set to acquire Kerio Personal Firewall Paul Laudanski (Dec 01)
- Re: Sunbelt set to acquire Kerio Personal Firewall Nick Boyce (Dec 02)
Re: Opera 8.50 DoS with simple java applet Yngve N. Pettersen (Developer Opera Software ASA) (Dec 01)
[security bulletin] SSRT4787 Revised - HP Systems Insight Manager (SIM) for HP-UX Remote Denial of Service (DoS) security-alert (Dec 01)
WebCalendar Multiple Vulnerabilities. lwang (Dec 01)
Microsoft Windows CreateRemoteThread Exploit q7x (Dec 01)
- Re: Microsoft Windows CreateRemoteThread Exploit Anton (Dec 02)
- <Possible follow-ups>
- RE: Microsoft Windows CreateRemoteThread Exploit Michael Wojcik (Dec 02)
- Re: Re: Microsoft Windows CreateRemoteThread Exploit warl0ck (Dec 03)
[SECURITY] [DSA 914-1] New horde2 packages fix cross-site scripting Martin Schulze (Dec 01)
[DRUPAL-SA-2005-008] Drupal 4.6.4 / 4.5.6 fixes XSS and HTTP header injection issue Uwe Hermann (Dec 01)
[DRUPAL-SA-2005-007] Drupal 4.6.4 / 4.5.6 fixes XSS issue Uwe Hermann (Dec 01)
Edgewall Trac SQL Injection Vulnerability David Maciejak (Dec 01)
[USN-220-1] w3c-libwww vulnerability Martin Pitt (Dec 01)
Perl format string integer wrap vulnerability robert (Dec 01)
[SECURITY] [DSA 913-1] New gdk-pixbuf packages fix several vulnerabilities Martin Schulze (Dec 01)
[DRUPAL-SA-2005-009] Drupal 4.6.4 / 4.5.6 fixes minor access control issue Uwe Hermann (Dec 01)
[USN-221-1] racoon vulnerability Martin Pitt (Dec 02)
Cisco Security Advisory: IOS HTTP Server Command Injection Vulnerability Cisco Systems Product Security Incident Response Team (Dec 02)
phpMyChat Multiple XSS vulnerabilities. secresearch (Dec 02)
[SECURITY] [DSA 915-1] New helix-player packages fix arbitrary code execution Martin Schulze (Dec 02)
SEC Consult SA-20051202-1 :: GMX Webmail XSS Sec Consult Research (Dec 02)
SEC Consult SA-20050212-1 :: A Word on Webmail Security and Browser related XSS Bugs Sec Consult Research (Dec 02)
SEC Consult SA-XXXXXXXXXXX Bernhard Mueller (Dec 02)
- 22nd CCC conference in Berlin Harry Behrens (Dec 02)
Format String Vulnerabilities in Perl Programs Steven M. Christey (Dec 02)
[xfocus-SD-051202]openMotif libUil Multiple vulnerability alert7 () xfocus org (Dec 02)
[USN-222-1] Perl vulnerability Martin Pitt (Dec 02)
WinEggDropShell Multiple Remote Stack Overflow Sowhat (Dec 02)
MDKSA-2005:223 - Updated webmin package fixes format string vulnerability Mandriva Security Team (Dec 03)
[OpenPKG-SA-2005.026] OpenPKG Security Advisory (lynx) OpenPKG (Dec 03)
MDKSA-2005:221 - Updated spamassassin packages fixes vulnerability Mandriva Security Team (Dec 03)
eXtreme Styles mod <= 2.2.1 Multiple Vulnerabilities tommie1 (Dec 03)
- <Possible follow-ups>
- eXtreme Styles mod <= 2.2.1 Multiple Vulnerabilities tommie1 (Dec 03)
[OpenPKG-SA-2005.025] OpenPKG Security Advisory (perl) OpenPKG (Dec 03)
Alisveristr E-Commerce Admin Login SQL İnjection B3g0k (Dec 03)
Re: WebCalendar Louis Wang (Dec 03)
MDKSA-2005:222 - Updated mailman packages fix various vulnerabilities Mandriva Security Team (Dec 03)
[OpenPKG-SA-2005.027] OpenPKG Security Advisory (php) OpenPKG (Dec 03)
[Updated] [FLSA-2005:166943] Updated php packages fix security issues Marc Deslauriers (Dec 03)
QNX 4.25 suided dhcp.client binary lms (Dec 03)
DMA[2005-1202a] - 'sobexsrv - Scripting/Secure OBEX Server format string vulnerability' KF (lists) (Dec 03)
PHP-Fusion v6.00.109 SQL Injection and Info. Disclosure xer0x . west (Dec 03)
more MD5 colliding examples Gerardo Richarte (Dec 03)
Zen-Cart <= 1.2.6d blind SQL injection / remote commands execution: retrogod (Dec 03)
[USN-223-1] Inkscape vulnerability Martin Pitt (Dec 05)
[scip_Advisory] e107 v0.6 rate.php manipulation Marc Ruef (Dec 05)
have you ever been BluePIMped? KF (lists) (Dec 05)
[USN-180-2] MySQL 4.1 vulnerability Martin Pitt (Dec 05)
[security bulletin] HPSBUX01059 SSRT4704 Revised - HP-UX Running wu-ftpd Local Unauthorized Access security-alert (Dec 05)
Blog System v1.2 Multiple SQL Injection Vulnerabilities vipsta (Dec 05)
Outpost24 Public Security Note: Linux/Elxbot David Jacoby (Dec 05)
Buffer Overflow in MultiTech VoIP Implementations SecurityLab Research (Dec 05)
SUSE Security Announcement: kernel various security and bugfixes (SUSE-SA:2005:067) Marcus Meissner (Dec 06)
Horde IMP Webmail Client XSS all versions Igor (Dec 06)
iDefense Security Advisory 12.05.05: Multiple Vendor xpdf DCTStream Baseline Heap Overflow Vulnerability iDEFENSE Labs (Dec 06)
iDefense Security Advisory 12.05.05: Multiple Vendor xpdf DCTStream Progressive Heap Overflow iDEFENSE Labs (Dec 06)
iDefense Security Advisory 12.05.05: Multiple Vendor xpdf JPX Stream Reader Heap Overflow Vulnerability iDEFENSE Labs (Dec 06)
iDefense Security Advisory 12.05.05: Multiple Vendor xpdf StreamPredictor Heap Overflow Vulnerability iDEFENSE Labs (Dec 06)
[USN-224-1] Kerberos vulnerabilities Martin Pitt (Dec 06)
[USN-225-1] Apache 2 vulnerability Martin Pitt (Dec 06)
Critical Myspace.com Vulnerabilites silentproducts (Dec 07)
[KAPDA::#15] - ThWboard multiple vulnerabilities alireza hassani (Dec 07)
SimpleBBS <= v1.1 remote commands execution in c by: unitedasia security crew unitedasia (Dec 07)
SugarSuite Open Source <= 4.0beta Remote code execution retrogod (Dec 07)
[SECURITY] [DSA 916-1] New Inkscape packages fix arbitrary code execution Martin Schulze (Dec 07)
Advisory 25/2005: phpMyAdmin Variables Overwrite Vulnerability Stefan Esser (Dec 07)
Advisory 24/2005: libcurl URL parsing vulnerability Stefan Esser (Dec 07)
Mobile Antivirus Researchers Assoc. Call for White Papers contact . removethis (Dec 07)
DRZES HMS XSS and SQL Injection Vulnerabilities vipsta (Dec 07)
Journal of Computer Virology-Call for Papers Saeed Abu Nimeh (Dec 07)
[security bulletin] SSRT4884 HP-UX TCP/IP Remote Denial of Service (DoS) security-alert (Dec 07)
[KDE Security Advisory] multiple buffer overflows in kpdf/koffice Dirk Mueller (Dec 07)
[ GLSA 200512-02 ] Webmin, Usermin: Format string vulnerability Sune Kloppenborg Jeppesen (Dec 07)
[ GLSA 200512-01 ] Perl: Format string errors can lead to code execution Sune Kloppenborg Jeppesen (Dec 07)
[security bulletin] SSRT5954 Revised - HP-UX TCP/IP Remote Denial of Service (DoS) security-alert (Dec 07)
[security bulletin] SSRT051037 HP-UX Running IPSec Remote Unauthorized Access security-alert (Dec 07)
iDefense Security Advisory 12.07.05: Dell TrueMobile 2300 Wireless Broadband Router Authentication Bypass Vulnerability labs-no-reply () idefense com (Dec 08)
Airscanner Mobile Security Advisory: Remote Hard Reset Data Wipe and DoS of Pocket Controller v5.0 (#AS05080401) contact . removethis (Dec 08)
-Exploiting Freelist[0] On Windows XP Service Pack 2- Brett Moore (Dec 08)
[SECURITY] [DSA 917-1] New courier packages fix unauthorised access Martin Schulze (Dec 08)
3com product security hole jaime . blasco (Dec 08)
- Re: 3com product security hole Nicob (Dec 09)
- <Possible follow-ups>
- Re: 3com product security hole Juha-Matti Laurio (Dec 09)
Website Baker <=2.6.0 SQL Injection -> Login bypass -> remote code execution retrogod (Dec 08)
- <Possible follow-ups>
- Re: Website Baker <=2.6.0 SQL Injection -> Login bypass -> remote code execution ryan (Dec 12)
= 1.2.6d blind SQL injection / remote commands execution: retrogod (Dec 08)
[security bulletin] SSRT051069 - HP Tru64 Unix Secure Web Server (SWS 6.4.1 and earlier) PHP/XMLRPC Remote Unauthorized Execution of Arbitrary Code security-alert (Dec 09)
[TKPN2005-12-001] Multiple critical vulnerabilities in MyBB tk (Dec 09)
[KAPDA::#16] - SMF SQL Injection alireza hassani (Dec 09)
- <Possible follow-ups>
- Re: [KAPDA::#16] - SMF SQL Injection grudge (Dec 10)
  - Re: [KAPDA::#16] - SMF SQL Injection ascii (Dec 12)
- Re: Re: [KAPDA::#16] - SMF SQL Injection retrogod (Dec 12)
- Re: Re: [KAPDA::#16] - SMF SQL Injection polnby (Dec 12)
- Re: Re: [KAPDA::#16] - SMF SQL Injection Steven M. Christey (Dec 12)
- Re: Re: Re: [KAPDA::#16] - SMF SQL Injection grudge (Dec 14)
Milliscript 1.4 Multiple Vulnerabilities NaPa (Dec 09)
[USN-226-1] Courier vulnerability Martin Pitt (Dec 09)
MDKSA-2005:224 - Updated curl package fixes format string vulnerability Mandriva Security Team (Dec 09)
TSLSA-2005-0070 - multi Trustix Security Advisor (Dec 09)
[SECURITY] [DSA 918-1] New osh packages fix privilege escalation Martin Schulze (Dec 09)
iDefense Security Advisory 12.09.05: Ethereal OSPF Protocol Dissector Buffer Overflow Vulnerability labs-no-reply () idefense com (Dec 09)
MDKSA-2005:225 - Updated perl package fixes format string vulnerability Mandriva Security Team (Dec 09)
Motorola SB5100E Cable Modem DoS Алексей Синцов (Dec 09)
PGP Wipe Free Space, Lyris ListManager Flaws, Windows Timestamps, Sam Juicer H D Moore (Dec 09)
Apani Network Response to ISAKMP cert-fi:7710 Alert mkuch (Dec 10)
Flatnuke 2.5.6 privilege escalation / remote commands execution exploit retrogod (Dec 10)
MDKSA-2005:206-1 - Updated openvpn packages fix multiple vulnerabilities Mandriva Security Team (Dec 10)
DEFCON London group - DC4420 - inaugural meeting and Christmas Drinks! Major Malfunction (Dec 10)
- Re: [DCG] DEFCON London group - DC4420 - inaugural meeting and Christmas Drinks! racerx (Dec 12)
Torrential 1.2 Directory Traversal Shell (Dec 10)
[SECURITY] [DSA 919-1] New curl packages fix potential security problem Martin Schulze (Dec 12)
BTGrup Admin WebController Script SQL injection khc (Dec 12)
IMOEL CMS Sql password discovery silversmith (Dec 12)
- <Possible follow-ups>
- Re: IMOEL CMS Sql password discovery Steven M. Christey (Dec 14)
[ GLSA 200512-03 ] phpMyAdmin: Multiple vulnerabilities Sune Kloppenborg Jeppesen (Dec 12)
Guestserver guestbook system vulnerabilities jaakko (Dec 12)
oracle not only offeder - researchers NOT responsible? Gadi Evron (Dec 12)
[USN-227-1] xpdf vulnerabilities Martin Pitt (Dec 12)
SEC Consult SA-20051211-0 :: Several XSS issues in Horde Framework, Kronolith Calendar, Mnemo Notes, Nag Tasks and Turba Addressbook Johannes Greil (Dec 12)
iDEFENSE Security Advisory 12.12.05: SCO Unixware Setuid 'uidadmin' Scheme Buffer Overflow Vulnerability labs-no-reply () idefense com (Dec 12)
[ GLSA 200512-04 ] Openswan, IPsec-Tools: Vulnerabilities in ISAKMP Protocol implementation Thierry Carrez (Dec 12)
- Re: [ GLSA 200512-04 ] Openswan, IPsec-Tools: Vulnerabilities in ISAK MP Protocol implementation Paul Wouters (Dec 13)
  - Re: [ GLSA 200512-04 ] Openswan, IPsec-Tools: Vulnerabilities in ISAK MP Protocol implementation VANHULLEBUS Yvan (Dec 14)
- <Possible follow-ups>
- Re: [ GLSA 200512-04 ] Openswan, IPsec-Tools: Vulnerabilities in ISAKMP Protocol implementation Thierry Carrez (Dec 15)
Re: Re: [Full-disclosure] Kerio Personal Firewall and Kerio Server Firewall FWDRV driver Local Denial of Service JHannah01 (Dec 12)
SEC Consult SA-20051211-0 :: Nortel SSL VPN Cross Site Scripting/Command Execution SEC Consult Research (Dec 12)
Arab Portal v2 Beta2 SQL Injections stranger-killer (Dec 12)
[PHP-CHECKER] 99 potential SQL injection vulnerabilities php-checker (Dec 12)
- Re: [PHP-CHECKER] 99 potential SQL injection vulnerabilities Andy Lindeman (Dec 14)
- <Possible follow-ups>
- [PHP-CHECKER] 99 potential SQL injection vulnerabilities Yichen Xie (Dec 14)
[USN-228-1] curl library vulnerability Martin Pitt (Dec 12)
[scip_Advisory] NetGear RP114 Flooding Denial of Service Marc Ruef (Dec 12)
- Re: [Full-disclosure] [scip_Advisory] NetGear RP114 Flooding Denial ofService Morning Wood (Dec 12)
- Re: [scip_Advisory] NetGear RP114 Flooding Denial of Service Thierry Zoller (Dec 14)
Status on PGP NTFS File Wipe issue, 11 Dec 2005 Jon Callas (Dec 12)
[OpenPKG-SA-2005.028] OpenPKG Security Advisory (curl) OpenPKG (Dec 12)
[USN-222-2] Perl vulnerability Martin Pitt (Dec 12)
[USN-229-1] Zope vulnerability Martin Pitt (Dec 13)
[SECURITY] [DSA 920-1] New ethereal packages fix arbitrary code execution Martin Schulze (Dec 13)
[EEYEB-20050523] Windows Kernel APC Data-Free Local Privilege Escalation Vulnerability Advisories (Dec 13)
- Re: [Full-disclosure] [EEYEB-20050523] Windows Kernel APC Data-Free Local Privilege Escalation Vulnerability Joshua Russel (Dec 14)
  - Message not available
    - Re: [Full-disclosure] Re: [EEYEB-20050523] Windows Kernel APC Data-FreeLocal Privilege Escalation Vulnerability Tom Ferris (Dec 14)
  - Re: [Full-disclosure] [EEYEB-20050523] Windows Kernel APC Data-Free Local Privilege Escalation Vulnerability Ron (Dec 15)
phpCOIN 1.2.2 multiple vulnerabilities retrogod (Dec 13)
MDKSA-2005:226 - Updated mozilla-thunderbird package fix vulnerability in enigmail Mandriva Security Team (Dec 13)
Secunia Research: Internet Explorer Suppressed "Download Dialog" Vulnerability Secunia Research (Dec 13)
ADP Forum 2.0,ADP Forum 2.0.1,ADP Forum 2.0.2,ADP Forum 2.0.3 versiyon user md5 hash bug liz0 (Dec 13)
RE: [Full-disclosure] [EEYEB-20050523] Windows Kernel APC Data-FreeLocal Privilege Escalation Vulnerability Marc Maiffret (Dec 14)
LIMBO CMS <= v1.0.4.2 _SERVER[] array overwrite / remote code execution retrogod (Dec 14)
iDefense Security Advisory 12.14.05: Trend Micro ServerProtect isaNVWRequest.dll Chunked Overflow labs-no-reply () idefense com (Dec 14)
iDefense Security Advisory 12.14.05: Trend Micro ServerProtect relay.dll Chunked Overflow Vulnerability labs-no-reply () idefense com (Dec 14)
iDefense Security Advisory 12.14.05: Trend Micro ServerProtect EarthAgent Remote DoS Vulnerability labs-no-reply () idefense com (Dec 14)
[OpenPKG-SA-2005.029] OpenPKG Security Advisory (apache) OpenPKG (Dec 14)
Countering Trusting Trust through Diverse Double-Compiling David A. Wheeler (Dec 14)
- Re: Countering Trusting Trust through Diverse Double-Compiling Mike Lisanke (Dec 15)
  - Re: Countering Trusting Trust through Diverse Double-Compiling David A. Wheeler (Dec 15)
Disclosure timelines from vendors - a promising practice? Steven M. Christey (Dec 14)
Bypass XSS filter in PHPNUKE 7.9=>x max (Dec 14)
- Re: Bypass XSS filter in PHPNUKE 7.9=>x Paul Laudanski (Dec 17)
iDefense Security Advisory 12.14.05: Trend Micro ServerProtect Crystal Reports ReportServer File Disclosure labs-no-reply () idefense com (Dec 14)
DIMVA 2006 - 2nd Call for Papers Thomas Biege (Dec 14)
SUSE Security Announcement: php4, php5 (SUSE-SA:2005:069) Ludwig Nussel (Dec 14)
[SECURITY] [DSA 921-1] New Linux 2.4.27 packages fix several vulnerabilities Martin Schulze (Dec 14)
[ GLSA 200512-05 ] Xmail: Privilege escalation through sendmail Thierry Carrez (Dec 14)
Business Objects WebIntelligence 6.5x Account Lockout and System DoS mkemp4 (Dec 14)
RLA ("Remote LanD Attack") Synister Syntax (Dec 14)
- Message not available
  - Re: RLA ("Remote LanD Attack") Synister Syntax (Dec 15)
    - Message not available
    - Message not available
    - Re: RLA ("Remote LanD Attack") Synister Syntax (Dec 15)
- <Possible follow-ups>
- RE: RLA ("Remote LanD Attack") Roger A. Grimes (Dec 15)
- RE: RLA ("Remote LanD Attack") Patrick Galligan (Dec 16)
SUSE Security Announcement: kernel various security and bugfixes (SUSE-SA:2005:068) Marcus Meissner (Dec 14)
CodeCon submission deadline reminder Len Sassaman (Dec 14)
[USN-230-1] ffmpeg vulnerability Martin Pitt (Dec 14)
Secunia Research: Microsoft Internet Explorer Keyboard Shortcut Processing Vulnerability Secunia Research (Dec 14)
[ GLSA 200512-06 ] Ethereal: Buffer overflow in OSPF protocol dissector Thierry Carrez (Dec 15)
iDefense Security Advisory 12.14.05: Trend Micro PC-Cillin Internet Security Insecure File Permission Vulnerability labs-no-reply () idefense com (Dec 15)
[SECURITY] [DSA 922-1] New Linux 2.6.8 packages fix several vulnerabilities Martin Schulze (Dec 15)
MDKSA-2005:227 - Updated ethereal packages fix vulnerability Mandriva Security Team (Dec 15)
MDKSA-2005:228 - Updated xine-lib packages fix buffer overflow vulnerability Mandriva Security Team (Dec 15)
MDKSA-2005:229 - Updated xmovie packages fix buffer overflow vulnerability Mandriva Security Team (Dec 15)
MDKSA-2005:230 - Updated mplayer packages fix buffer overflow vulnerability Mandriva Security Team (Dec 15)
MDKSA-2005:232 - Updated gstreamer-ffmpeg packages fix buffer overflow vulnerability Mandriva Security Team (Dec 15)
MDKSA-2005:231 - Updated ffmpeg packages fix buffer overflow vulnerability Mandriva Security Team (Dec 15)
Patches available for IBM AIX flaws NGSSoftware Insight Security Research (Dec 15)
- Re: Patches available for IBM AIX flaws David Litchfield (Dec 16)
- <Possible follow-ups>
- Re: Patches available for IBM AIX flaws Shiva Persaud (Dec 16)
Notacon Call for Proposals open Paul Schneider (Dec 15)
Metasploit Framework v3.0 Alpha Release 1 H D Moore (Dec 15)
CYBSEC - Security Advisory: Watchfire AppScan QA Remote Code Execution Mariano Nuñez Di Croce (Dec 15)
MarmaraWeb E-commerce Remote Command Exucetion B3g0k (Dec 15)
MarmaraWeb E-commerce Script Cross Site Scripting B3g0k (Dec 15)
[security bulletin] SSRT4728 rev.1 - HP-UX running TCP/IP Remote Denial of Service (DoS) security-alert (Dec 15)
AIX Heap Overflow paper David Litchfield (Dec 15)
Bug in HC hackeriri (Dec 15)
Re: [Full-disclosure] iDEFENSE Security Advisory 12.06.05: Ipswitch Collaboration Suite SMTP Format String Vulnerability Owen Dhu (Dec 15)
Bios Information Leakage Jonathan Brossard (Dec 16)
- Re: Bios Information Leakage Ron van Daal (Dec 16)
[ GLSA 200512-09 ] cURL: Off-by-one errors in URL handling Sune Kloppenborg Jeppesen (Dec 16)
[ GLSA 200512-08 ] Xpdf, GPdf, CUPS, Poppler: Multiple vulnerabilities Sune Kloppenborg Jeppesen (Dec 16)
[ GLSA 200512-07 ] OpenLDAP, Gauche: RUNPATH issues Thierry Carrez (Dec 16)
phpCOIN-1.2.2-Full-2005 SQL Injection stranger-killer (Dec 16)
ZRCSA-200505: libremail - "pop.c" Format String Vulnerability deepfear (Dec 16)
[USN-230-2] ffmpeg/xine-lib vulnerability Martin Pitt (Dec 16)
DMA[2005-1214a] - 'Widcomm BTW - Bluetooth for Windows Remote Audio Eavesdropping' Kevin Finisterre (Dec 16)
DoS in Cisco Clean Access alex (Dec 16)
iDefense Security Advisory 12.16.05: Citrix Program Neighborhood Name Heap Corruption Vulnerability labs-no-reply () idefense com (Dec 16)
Advisory: XSS in WebCal (v1.11-v3.04) Stan Bubrouski (Dec 16)
exploit (html) for Advanced Guestbook 2.2 irc0d3r (Dec 16)
Update on the PGP NTFS File Wipe Issue, 16 Dec 2005 Jon Callas (Dec 16)
Microsoft IIS Remote Denial of Service (DoS) .DLL Url exploit inge . henriksen (Dec 17)
Fullpath disclosure in roundcube webmail king_purba (Dec 17)
- <Possible follow-ups>
- Re: Fullpath disclosure in roundcube webmail Steven M. Christey (Dec 17)
phpMyAdmin server_privileges.php SQL Injection Vulnerabilities. Alice Bryson (Dec 17)
- <Possible follow-ups>
- Re: phpMyAdmin server_privileges.php SQL Injection Vulnerabilities. michal (Dec 19)
[SECURITY] [DSA 923-1] New dropbear packages fix arbitrary code execution Martin Schulze (Dec 19)
[FLSA-2005:152787] Updated redhat-config-nfs package fixes security issue Marc Deslauriers (Dec 19)
[FLSA-2005:152832] Updated lynx package fixes security issues Marc Deslauriers (Dec 19)
[FLSA-2005:152870] Updated a2ps package fixes security issue Marc Deslauriers (Dec 19)
[FLSA-2005:152892] Updated enscript package fixes security issues Marc Deslauriers (Dec 19)
[FLSA-2005:155510] Updated gtk2 packages fixes security issues Marc Deslauriers (Dec 19)
[FLSA-2005:166939] Updated openssl packages fix security issues Marc Deslauriers (Dec 19)
[FLSA-2005:168326] Updated util-linux and mount packages fix security issue Marc Deslauriers (Dec 19)
[ GLSA 200512-10 ] Opera: Command-line URL shell command injection Thierry Carrez (Dec 19)
Authenticated EIGRP DoS / Information leak Andrew A. Vladimirov (Dec 19)
Making unidirectional VLAN and PVLAN jumping bidirectional Andrew A. Vladimirov (Dec 19)
- <Possible follow-ups>
- Re: Making unidirectional VLAN and PVLAN jumping bidirectional Clayton Kossmeyer (Dec 19)
about phpMyAdmin's server_privileges.php announced vulnerability Marc Delisle (Dec 19)
[security bulletin] SSRT051026 rev. 1 - HP-UX running WBEM Services Denial of Service (DoS) security-alert (Dec 19)
MDKSA-2005:233 - Updated apache2 packages fix vulnerability in worker MPM Mandriva Security Team (Dec 19)
Symantec Antivirus Library Remote Heap Overflows list (Dec 20)
- <Possible follow-ups>
- Re: Symantec Antivirus Library Remote Heap Overflows ltr (Dec 21)
iDefense Security Advisory 12.20.05: Qualcomm WorldMail IMAP Server String Literal Processing Overflow Vulnerability labs-no-reply () idefense com (Dec 20)
Enterprise Connector v.1.02 Multiple SQL Vulnerabilities and Login Bypass darkz . gsa (Dec 20)
iDefense Security Advisory 12.20.05: McAfee Security Center MCINSCTL.DLL ActiveX Control File Overwrite labs-no-reply () idefense com (Dec 20)
[security bulletin] SSRT5983 rev.1 - HP-UX Running Software Distributor (SD) Remote Unauthorized Access security-alert (Dec 20)
Re: Unauthenticated EIGRP DoS Paul Oxman (poxman) (Dec 20)
[ GLSA 200512-11 ] CenterICQ: Multiple vulnerabilities Thierry Carrez (Dec 20)
Digital Armaments Security Advisory 12.20.2005: WEBsweeper/MIMEsweeper Executable File Content Check bypass Vulnerability info (Dec 20)
Acidcat ASP CMS Multiple Vulnerabilities h e (Dec 20)
PHPGedView <= 3.3.7 remote code execution retrogod (Dec 20)
[Overflow.pl] Blender BlenLoader Integer Overflow Damian Put (Dec 20)
Secunia Research: Pegasus Mail Buffer Overflow and Off-by-One Vulnerabilities Secunia Research (Dec 20)
IRM 014: Sygate Protection Agent 5.0 vulnerability - A low privileged user can disable the security agent Advisories (Dec 20)
IRM 013: Ultraapps Issue Manager is vulnerable to Privilege Escalation Advisories (Dec 20)
IRM 012: Portfolio Netpublish Server 7 is vulnerable to a Directory Traversal Attack Advisories (Dec 20)
MDKSA-2005:234 - Updated sudo packages fix vulnerability Mandriva Security Team (Dec 20)
[Hat-Squad] Remote Heap Corruption Vulnerability in Interaction SIP Proxy service (Dec 21)
Call for Paper - VI National Computer and Information Security Conference - COLOMBIA Jeimy José Cano Martínez (Dec 21)
Workshop "Dependability Aspects in DWH and Mining applications"Deadline:15-01-06 Manh Tho (Dec 21)
[ECHO_ADV_24$2005] Full path disclosure on WordPress < 1.5.2 the_day (Dec 21)
- <Possible follow-ups>
- [ECHO_ADV_24$2005] Full path disclosure on WordPress < 1.5.2 the_day () echo or id (Dec 21)
Tolva PHP website system Remote File Include beford (Dec 21)
security patch for Linux Kernel 2.6 breno (Dec 21)
[KAPDA::#17] - beehiveforum Script Injection alireza hassani (Dec 21)
[Security-Advisories () acs-inc com: [Full-disclosure] [ACSSEC-2005-11-25-0x1] VMWare Workstation 5.5.0 <= build-18007 G SX Server Variants And Others] Andrew Griffiths (Dec 21)
mIRC buffer overflow Crowdat Kurobudetsu (Dec 21)
Vulnerability in Metadot portal server allows users to gain administrative privileges Gerry Chng (Dec 21)
Re: XSS bypass in PHPNuke - FIX ? Paul Laudanski (Dec 21)
[SECURITY] [DSA 924-1] New nbd packages fix potential arbitrary code execution Martin Schulze (Dec 21)
Cisco Security Response: DoS in Cisco Clean Access Clayton Kossmeyer (Dec 21)
WinRAR - Processing Filename Incorrectly Vulnerability agoanywhere (Dec 21)
XSS vulnerabilities in Google.com Watchfire Research (Dec 21)
VMware vulnerability in NAT networking vmware-security-alert (Dec 21)
Cisco PIX / CS ACS: Downloadable RADIUS ACLs vulnerability ovt (Dec 21)
- Re: Cisco PIX / CS ACS: Downloadable RADIUS ACLs vulnerability 3APA3A (Dec 22)
iDefense Security Advisory 12.21.05: Macromedia JRun 4 Web Server URL Parsing Buffer Overflow Vulnerability labs-no-reply () idefense com (Dec 21)
MDKSA-2005:235 - Updated kernel packages fix numerous vulnerabilities Mandriva Security Team (Dec 22)
fetchmail security announcement fetchmail-SA-2005-03 (CVE-2005-4348) ma+bt (Dec 22)
[SECURITY] [DSA 925-1] New phpbb2 packages fix several vulnerabilities Martin Schulze (Dec 22)
CYBSEC - Security Advisory: httprint Multiple Vulnerabilities Mariano Nuñez Di Croce (Dec 22)
Privilege escalation in McAfee VirusScan Enterprise 8.0i (patch 11) and CMA 3.5 (patch 5) Reed Arvin (Dec 22)
iDefense Security Advisory 12.22.05: Linux Kernel Socket Buffer Memory Exhaustion DoS Vulnerability labs-no-reply () idefense com (Dec 22)
[USN-231-1] Linux kernel vulnerabilities Martin Pitt (Dec 22)
Webwasher CSM Appliance Script Security Restriction Bypass d0t v0rt3x (Dec 22)
- <Possible follow-ups>
- RE: Webwasher CSM Appliance Script Security Restriction Bypass Frank Berzau (Dec 23)
XSS&Sql injection attack in PHP-Fusion 6.00.3 Released krasza (Dec 22)
[ GLSA 200512-12 ] Mantis: Multiple vulnerabilities Stefan Cornelius (Dec 22)
[TKADV2005-12-001] Multiple SQL Injection vulnerabilities in MyBB tk (Dec 23)
[SECURITY] [DSA 926-2] New ketm packages fix privilege escalation Martin Schulze (Dec 23)
Multiple Network-related Vulnerabilities in Electric Sheep MichaelAiello (Dec 23)
Electric Sheep window-id stack overflow MichaelAiello (Dec 23)
MDKSA-2005:236 - Updated fetchmail packages fix vulnerability Mandriva Security Team (Dec 27)
MDKSA-2005:237 - Updated cpio packages fix buffer overflow on x86_64 Mandriva Security Team (Dec 27)
Dev web management system <= 1.5 SQL injection / cross site scripting retrogod (Dec 27)
CFP - IT Underground 2006, Prague, Czech Republic Piotr Sobolewski (Dec 27)
Found new bug hackeriri (Dec 27)
Airscanner Mobile Security Advisory #0508310 Spb Kiosk Engine Administrator Password & Information Disclosure contact . removethis (Dec 27)
[ GLSA 200512-13 ] Dropbear: Privilege escalation Stefan Cornelius (Dec 27)
[SECURITY] [DSA 928-1] New dhis-tools-dns packages fix insecure temporary file creation Martin Schulze (Dec 27)
[BuHa-Security] DoS Vulnerability in M$ IE 6 SP2 #1 bugtraq (Dec 27)
[BuHa-Security] DoS Vulnerability in M$ IE 6 SP2 #2 bugtraq (Dec 27)
[BuHa-Security] DoS Vulnerability in M$ IE 6 SP2 #3 bugtraq (Dec 27)
Multiple Translation websites Cross Site Scripting vulnerability: Google, Altavista, IBM, freetranslation, worldlingo, etc simo (Dec 27)
Obsidis n1 released! angelo (Dec 27)
Cerberus Helpdesk multiple vulnerabilities. A. Ramos (Dec 27)
[SECURITY] [DSA 927-1] New tkdiff packages fix insecure temporary file creation Martin Schulze (Dec 27)
Secunia Research: IceWarp Web Mail Multiple File Inclusion Vulnerabilities Secunia Research (Dec 27)
[ GLSA 200512-15 ] rssh: Privilege escalation Stefan Cornelius (Dec 27)
dtSearch DUNZIP32.dll Buffer Overflow Vulnerability Juha-Matti Laurio (Dec 27)
Malware sample site mvalsmith (Dec 27)
Is this a new exploit? noemailpls (Dec 27)
- Re: Is this a new exploit? H D Moore (Dec 28)
- <Possible follow-ups>
- Re: Is this a new exploit? redxii1234 (Dec 28)
- Re: Is this a new exploit? Andreas Marx (Dec 28)
- RE: Is this a new exploit? Portz, Jon (Dec 28)
MDKSA-2005:238 - Updated php/php-mbstring packages fix mail injection vulnerability Mandriva Security Team (Dec 28)
Exploitation of Windows WMF on the web Daniel Bonekeeper (Dec 28)
- <Possible follow-ups>
- Re: Exploitation of Windows WMF on the web psgw (Dec 30)
[BUGZILLA] Security advisory for Bugzilla < 2.16.11 David Miller (Dec 28)
RE: [Full-disclosure] Someone wasted a nice bug on spyware... Paul (Dec 28)
- RE: [Full-disclosure] Someone wasted a nice bug on spyware... Jim Serino (Dec 29)
[ GLSA 200512-16 ] OpenMotif, AMD64 x86 emulation X libraries: Buffer overflows in libUil library Thierry Carrez (Dec 28)
WMF Exploit davidribyrne (Dec 28)
- <Possible follow-ups>
- WMF Exploit davidribyrne (Dec 28)
- RE: WMF Exploit Hayes, Bill (Dec 29)
  - RE: WMF Exploit Bill Busby (Dec 30)
    - Re: WMF Exploit Paul Laudanski (Dec 30)
- WMF exploit ninjapicook (Dec 29)
- RE: WMF Exploit Derick Anderson (Dec 30)
PhpDocumentor <= 1.3.0 rc4 Arbitrary remote/local inclusion retrogod (Dec 29)
[SECURITY] [DSA 927-2] New tkdiff packages fix insecure temporary file creation Martin Schulze (Dec 29)
Airscanner Mobile Security Advisory #05083102 Spb Kiosk Engine Program Bypass contact . removethis (Dec 29)
Black Hat Federal and Europe Call for Papers Jeff Moss (Dec 29)
[ GLSA 200512-17 ] scponly: Multiple privilege escalation issues Thierry Carrez (Dec 29)
rssh: root privilege escalation flaw Derek Martin (Dec 30)
phpbb2.0.19 fixes security issues Paul Laudanski (Dec 30)
Secunia Research: TUGZip ARJ Archive Handling Buffer Overflow Vulnerability Secunia Research (Dec 30)
Advisory 26/2005: TinyMCE Compressor Vulnerabilities Stefan Esser (Dec 30)
WTF?? veil_of_darkness (Dec 30)
Yahoo mail Cross Site Scripting vulnerability simo (Dec 30)
WMF browser-ish exploit vectors Evans, Arian (Dec 30)
[KAPDA::#18] - WebWiz Products SQL Injection advisory (Dec 30)
MyBB XSS cross-site scripting addmimistrator (Dec 31)
MyBB 1.0 SQL injection in uploading file addmimistrator (Dec 31)

Previous period

Next period