Bugtraq: by thread
342 messages
starting Dec 01 05 and
ending Dec 31 05
Date index |
Thread index |
Author index
- Re: DNS query spam fugi (Dec 01)
- Re: DNS query spam Piotr Kamisiski (Dec 01)
- Re: - Cisco IOS HTTP Server code injection/execution vulnerability- Florian Weimer (Dec 01)
- <Possible follow-ups>
- Re: - Cisco IOS HTTP Server code injection/execution vulnerability- Mike Caudill (Dec 02)
- Re: What is wrong with these people? Steve Shockley (Dec 01)
- PhpX <= 3.5.9 SQL Injection -> login bypass -> remote command/code execution retrogod (Dec 01)
- Re: WebCalendar Multiple Vulnerabilities craig (Dec 01)
- Sunbelt set to acquire Kerio Personal Firewall Paul Laudanski (Dec 01)
- Re: Sunbelt set to acquire Kerio Personal Firewall Nick Boyce (Dec 02)
- Re: Opera 8.50 DoS with simple java applet Yngve N. Pettersen (Developer Opera Software ASA) (Dec 01)
- [security bulletin] SSRT4787 Revised - HP Systems Insight Manager (SIM) for HP-UX Remote Denial of Service (DoS) security-alert (Dec 01)
- WebCalendar Multiple Vulnerabilities. lwang (Dec 01)
- Microsoft Windows CreateRemoteThread Exploit q7x (Dec 01)
- Re: Microsoft Windows CreateRemoteThread Exploit Anton (Dec 02)
- <Possible follow-ups>
- RE: Microsoft Windows CreateRemoteThread Exploit Michael Wojcik (Dec 02)
- Re: Re: Microsoft Windows CreateRemoteThread Exploit warl0ck (Dec 03)
- [SECURITY] [DSA 914-1] New horde2 packages fix cross-site scripting Martin Schulze (Dec 01)
- [DRUPAL-SA-2005-008] Drupal 4.6.4 / 4.5.6 fixes XSS and HTTP header injection issue Uwe Hermann (Dec 01)
- [DRUPAL-SA-2005-007] Drupal 4.6.4 / 4.5.6 fixes XSS issue Uwe Hermann (Dec 01)
- Edgewall Trac SQL Injection Vulnerability David Maciejak (Dec 01)
- [USN-220-1] w3c-libwww vulnerability Martin Pitt (Dec 01)
- Perl format string integer wrap vulnerability robert (Dec 01)
- [SECURITY] [DSA 913-1] New gdk-pixbuf packages fix several vulnerabilities Martin Schulze (Dec 01)
- [DRUPAL-SA-2005-009] Drupal 4.6.4 / 4.5.6 fixes minor access control issue Uwe Hermann (Dec 01)
- [USN-221-1] racoon vulnerability Martin Pitt (Dec 02)
- Cisco Security Advisory: IOS HTTP Server Command Injection Vulnerability Cisco Systems Product Security Incident Response Team (Dec 02)
- phpMyChat Multiple XSS vulnerabilities. secresearch (Dec 02)
- [SECURITY] [DSA 915-1] New helix-player packages fix arbitrary code execution Martin Schulze (Dec 02)
- SEC Consult SA-20051202-1 :: GMX Webmail XSS Sec Consult Research (Dec 02)
- SEC Consult SA-20050212-1 :: A Word on Webmail Security and Browser related XSS Bugs Sec Consult Research (Dec 02)
- SEC Consult SA-XXXXXXXXXXX Bernhard Mueller (Dec 02)
- 22nd CCC conference in Berlin Harry Behrens (Dec 02)
- Format String Vulnerabilities in Perl Programs Steven M. Christey (Dec 02)
- [xfocus-SD-051202]openMotif libUil Multiple vulnerability alert7 () xfocus org (Dec 02)
- [USN-222-1] Perl vulnerability Martin Pitt (Dec 02)
- WinEggDropShell Multiple Remote Stack Overflow Sowhat (Dec 02)
- MDKSA-2005:223 - Updated webmin package fixes format string vulnerability Mandriva Security Team (Dec 03)
- [OpenPKG-SA-2005.026] OpenPKG Security Advisory (lynx) OpenPKG (Dec 03)
- MDKSA-2005:221 - Updated spamassassin packages fixes vulnerability Mandriva Security Team (Dec 03)
- eXtreme Styles mod <= 2.2.1 Multiple Vulnerabilities tommie1 (Dec 03)
- <Possible follow-ups>
- eXtreme Styles mod <= 2.2.1 Multiple Vulnerabilities tommie1 (Dec 03)
- [OpenPKG-SA-2005.025] OpenPKG Security Advisory (perl) OpenPKG (Dec 03)
- Alisveristr E-Commerce Admin Login SQL İnjection B3g0k (Dec 03)
- Re: WebCalendar Louis Wang (Dec 03)
- MDKSA-2005:222 - Updated mailman packages fix various vulnerabilities Mandriva Security Team (Dec 03)
- [OpenPKG-SA-2005.027] OpenPKG Security Advisory (php) OpenPKG (Dec 03)
- [Updated] [FLSA-2005:166943] Updated php packages fix security issues Marc Deslauriers (Dec 03)
- QNX 4.25 suided dhcp.client binary lms (Dec 03)
- DMA[2005-1202a] - 'sobexsrv - Scripting/Secure OBEX Server format string vulnerability' KF (lists) (Dec 03)
- PHP-Fusion v6.00.109 SQL Injection and Info. Disclosure xer0x . west (Dec 03)
- more MD5 colliding examples Gerardo Richarte (Dec 03)
- Zen-Cart <= 1.2.6d blind SQL injection / remote commands execution: retrogod (Dec 03)
- [USN-223-1] Inkscape vulnerability Martin Pitt (Dec 05)
- [scip_Advisory] e107 v0.6 rate.php manipulation Marc Ruef (Dec 05)
- have you ever been BluePIMped? KF (lists) (Dec 05)
- [USN-180-2] MySQL 4.1 vulnerability Martin Pitt (Dec 05)
- [security bulletin] HPSBUX01059 SSRT4704 Revised - HP-UX Running wu-ftpd Local Unauthorized Access security-alert (Dec 05)
- Blog System v1.2 Multiple SQL Injection Vulnerabilities vipsta (Dec 05)
- Outpost24 Public Security Note: Linux/Elxbot David Jacoby (Dec 05)
- Buffer Overflow in MultiTech VoIP Implementations SecurityLab Research (Dec 05)
- SUSE Security Announcement: kernel various security and bugfixes (SUSE-SA:2005:067) Marcus Meissner (Dec 06)
- Horde IMP Webmail Client XSS all versions Igor (Dec 06)
- iDefense Security Advisory 12.05.05: Multiple Vendor xpdf DCTStream Baseline Heap Overflow Vulnerability iDEFENSE Labs (Dec 06)
- iDefense Security Advisory 12.05.05: Multiple Vendor xpdf DCTStream Progressive Heap Overflow iDEFENSE Labs (Dec 06)
- iDefense Security Advisory 12.05.05: Multiple Vendor xpdf JPX Stream Reader Heap Overflow Vulnerability iDEFENSE Labs (Dec 06)
- iDefense Security Advisory 12.05.05: Multiple Vendor xpdf StreamPredictor Heap Overflow Vulnerability iDEFENSE Labs (Dec 06)
- [USN-224-1] Kerberos vulnerabilities Martin Pitt (Dec 06)
- [USN-225-1] Apache 2 vulnerability Martin Pitt (Dec 06)
- Critical Myspace.com Vulnerabilites silentproducts (Dec 07)
- [KAPDA::#15] - ThWboard multiple vulnerabilities alireza hassani (Dec 07)
- SimpleBBS <= v1.1 remote commands execution in c by: unitedasia security crew unitedasia (Dec 07)
- SugarSuite Open Source <= 4.0beta Remote code execution retrogod (Dec 07)
- [SECURITY] [DSA 916-1] New Inkscape packages fix arbitrary code execution Martin Schulze (Dec 07)
- Advisory 25/2005: phpMyAdmin Variables Overwrite Vulnerability Stefan Esser (Dec 07)
- Advisory 24/2005: libcurl URL parsing vulnerability Stefan Esser (Dec 07)
- Mobile Antivirus Researchers Assoc. Call for White Papers contact . removethis (Dec 07)
- DRZES HMS XSS and SQL Injection Vulnerabilities vipsta (Dec 07)
- Journal of Computer Virology-Call for Papers Saeed Abu Nimeh (Dec 07)
- [security bulletin] SSRT4884 HP-UX TCP/IP Remote Denial of Service (DoS) security-alert (Dec 07)
- [KDE Security Advisory] multiple buffer overflows in kpdf/koffice Dirk Mueller (Dec 07)
- [ GLSA 200512-02 ] Webmin, Usermin: Format string vulnerability Sune Kloppenborg Jeppesen (Dec 07)
- [ GLSA 200512-01 ] Perl: Format string errors can lead to code execution Sune Kloppenborg Jeppesen (Dec 07)
- [security bulletin] SSRT5954 Revised - HP-UX TCP/IP Remote Denial of Service (DoS) security-alert (Dec 07)
- [security bulletin] SSRT051037 HP-UX Running IPSec Remote Unauthorized Access security-alert (Dec 07)
- iDefense Security Advisory 12.07.05: Dell TrueMobile 2300 Wireless Broadband Router Authentication Bypass Vulnerability labs-no-reply () idefense com (Dec 08)
- Airscanner Mobile Security Advisory: Remote Hard Reset Data Wipe and DoS of Pocket Controller v5.0 (#AS05080401) contact . removethis (Dec 08)
- -Exploiting Freelist[0] On Windows XP Service Pack 2- Brett Moore (Dec 08)
- [SECURITY] [DSA 917-1] New courier packages fix unauthorised access Martin Schulze (Dec 08)
- 3com product security hole jaime . blasco (Dec 08)
- Re: 3com product security hole Nicob (Dec 09)
- <Possible follow-ups>
- Re: 3com product security hole Juha-Matti Laurio (Dec 09)
- Website Baker <=2.6.0 SQL Injection -> Login bypass -> remote code execution retrogod (Dec 08)
- <Possible follow-ups>
- Re: Website Baker <=2.6.0 SQL Injection -> Login bypass -> remote code execution ryan (Dec 12)
- = 1.2.6d blind SQL injection / remote commands execution: retrogod (Dec 08)
- [security bulletin] SSRT051069 - HP Tru64 Unix Secure Web Server (SWS 6.4.1 and earlier) PHP/XMLRPC Remote Unauthorized Execution of Arbitrary Code security-alert (Dec 09)
- [TKPN2005-12-001] Multiple critical vulnerabilities in MyBB tk (Dec 09)
- [KAPDA::#16] - SMF SQL Injection alireza hassani (Dec 09)
- <Possible follow-ups>
- Re: [KAPDA::#16] - SMF SQL Injection grudge (Dec 10)
- Re: [KAPDA::#16] - SMF SQL Injection ascii (Dec 12)
- Re: Re: [KAPDA::#16] - SMF SQL Injection retrogod (Dec 12)
- Re: Re: [KAPDA::#16] - SMF SQL Injection polnby (Dec 12)
- Re: Re: [KAPDA::#16] - SMF SQL Injection Steven M. Christey (Dec 12)
- Re: Re: Re: [KAPDA::#16] - SMF SQL Injection grudge (Dec 14)
- Milliscript 1.4 Multiple Vulnerabilities NaPa (Dec 09)
- [USN-226-1] Courier vulnerability Martin Pitt (Dec 09)
- MDKSA-2005:224 - Updated curl package fixes format string vulnerability Mandriva Security Team (Dec 09)
- TSLSA-2005-0070 - multi Trustix Security Advisor (Dec 09)
- [SECURITY] [DSA 918-1] New osh packages fix privilege escalation Martin Schulze (Dec 09)
- iDefense Security Advisory 12.09.05: Ethereal OSPF Protocol Dissector Buffer Overflow Vulnerability labs-no-reply () idefense com (Dec 09)
- MDKSA-2005:225 - Updated perl package fixes format string vulnerability Mandriva Security Team (Dec 09)
- Motorola SB5100E Cable Modem DoS Алексей Синцов (Dec 09)
- PGP Wipe Free Space, Lyris ListManager Flaws, Windows Timestamps, Sam Juicer H D Moore (Dec 09)
- Apani Network Response to ISAKMP cert-fi:7710 Alert mkuch (Dec 10)
- Flatnuke 2.5.6 privilege escalation / remote commands execution exploit retrogod (Dec 10)
- MDKSA-2005:206-1 - Updated openvpn packages fix multiple vulnerabilities Mandriva Security Team (Dec 10)
- DEFCON London group - DC4420 - inaugural meeting and Christmas Drinks! Major Malfunction (Dec 10)
- Torrential 1.2 Directory Traversal Shell (Dec 10)
- [SECURITY] [DSA 919-1] New curl packages fix potential security problem Martin Schulze (Dec 12)
- BTGrup Admin WebController Script SQL injection khc (Dec 12)
- IMOEL CMS Sql password discovery silversmith (Dec 12)
- <Possible follow-ups>
- Re: IMOEL CMS Sql password discovery Steven M. Christey (Dec 14)
- [ GLSA 200512-03 ] phpMyAdmin: Multiple vulnerabilities Sune Kloppenborg Jeppesen (Dec 12)
- Guestserver guestbook system vulnerabilities jaakko (Dec 12)
- oracle not only offeder - researchers NOT responsible? Gadi Evron (Dec 12)
- [USN-227-1] xpdf vulnerabilities Martin Pitt (Dec 12)
- SEC Consult SA-20051211-0 :: Several XSS issues in Horde Framework, Kronolith Calendar, Mnemo Notes, Nag Tasks and Turba Addressbook Johannes Greil (Dec 12)
- iDEFENSE Security Advisory 12.12.05: SCO Unixware Setuid 'uidadmin' Scheme Buffer Overflow Vulnerability labs-no-reply () idefense com (Dec 12)
- [ GLSA 200512-04 ] Openswan, IPsec-Tools: Vulnerabilities in ISAKMP Protocol implementation Thierry Carrez (Dec 12)
- Re: [ GLSA 200512-04 ] Openswan, IPsec-Tools: Vulnerabilities in ISAK MP Protocol implementation Paul Wouters (Dec 13)
- Re: [ GLSA 200512-04 ] Openswan, IPsec-Tools: Vulnerabilities in ISAK MP Protocol implementation VANHULLEBUS Yvan (Dec 14)
- <Possible follow-ups>
- Re: [ GLSA 200512-04 ] Openswan, IPsec-Tools: Vulnerabilities in ISAKMP Protocol implementation Thierry Carrez (Dec 15)
- Re: [ GLSA 200512-04 ] Openswan, IPsec-Tools: Vulnerabilities in ISAK MP Protocol implementation Paul Wouters (Dec 13)
- Re: Re: [Full-disclosure] Kerio Personal Firewall and Kerio Server Firewall FWDRV driver Local Denial of Service JHannah01 (Dec 12)
- SEC Consult SA-20051211-0 :: Nortel SSL VPN Cross Site Scripting/Command Execution SEC Consult Research (Dec 12)
- Arab Portal v2 Beta2 SQL Injections stranger-killer (Dec 12)
- [PHP-CHECKER] 99 potential SQL injection vulnerabilities php-checker (Dec 12)
- Re: [PHP-CHECKER] 99 potential SQL injection vulnerabilities Andy Lindeman (Dec 14)
- <Possible follow-ups>
- [PHP-CHECKER] 99 potential SQL injection vulnerabilities Yichen Xie (Dec 14)
- [USN-228-1] curl library vulnerability Martin Pitt (Dec 12)
- [scip_Advisory] NetGear RP114 Flooding Denial of Service Marc Ruef (Dec 12)
- Re: [Full-disclosure] [scip_Advisory] NetGear RP114 Flooding Denial ofService Morning Wood (Dec 12)
- Re: [scip_Advisory] NetGear RP114 Flooding Denial of Service Thierry Zoller (Dec 14)
- Status on PGP NTFS File Wipe issue, 11 Dec 2005 Jon Callas (Dec 12)
- [OpenPKG-SA-2005.028] OpenPKG Security Advisory (curl) OpenPKG (Dec 12)
- [USN-222-2] Perl vulnerability Martin Pitt (Dec 12)
- [USN-229-1] Zope vulnerability Martin Pitt (Dec 13)
- [SECURITY] [DSA 920-1] New ethereal packages fix arbitrary code execution Martin Schulze (Dec 13)
- [EEYEB-20050523] Windows Kernel APC Data-Free Local Privilege Escalation Vulnerability Advisories (Dec 13)
- Re: [Full-disclosure] [EEYEB-20050523] Windows Kernel APC Data-Free Local Privilege Escalation Vulnerability Joshua Russel (Dec 14)
- Message not available
- Re: [Full-disclosure] [EEYEB-20050523] Windows Kernel APC Data-Free Local Privilege Escalation Vulnerability Ron (Dec 15)
- Re: [Full-disclosure] [EEYEB-20050523] Windows Kernel APC Data-Free Local Privilege Escalation Vulnerability Joshua Russel (Dec 14)
- Re: Countering Trusting Trust through Diverse Double-Compiling Mike Lisanke (Dec 15)
- Re: Countering Trusting Trust through Diverse Double-Compiling David A. Wheeler (Dec 15)
- Re: Bypass XSS filter in PHPNUKE 7.9=>x Paul Laudanski (Dec 17)
- Message not available
- Re: RLA ("Remote LanD Attack") Synister Syntax (Dec 15)
- Message not available
- Message not available
- Re: RLA ("Remote LanD Attack") Synister Syntax (Dec 15)
- Re: RLA ("Remote LanD Attack") Synister Syntax (Dec 15)
- Re: Patches available for IBM AIX flaws David Litchfield (Dec 16)
- <Possible follow-ups>
- Re: Patches available for IBM AIX flaws Shiva Persaud (Dec 16)
- Re: Bios Information Leakage Ron van Daal (Dec 16)
- <Possible follow-ups>
- Re: Fullpath disclosure in roundcube webmail Steven M. Christey (Dec 17)
- <Possible follow-ups>
- Re: phpMyAdmin server_privileges.php SQL Injection Vulnerabilities. michal (Dec 19)
- <Possible follow-ups>
- Re: Making unidirectional VLAN and PVLAN jumping bidirectional Clayton Kossmeyer (Dec 19)
- <Possible follow-ups>
- Re: Symantec Antivirus Library Remote Heap Overflows ltr (Dec 21)
- <Possible follow-ups>
- [ECHO_ADV_24$2005] Full path disclosure on WordPress < 1.5.2 the_day () echo or id (Dec 21)
- Re: Cisco PIX / CS ACS: Downloadable RADIUS ACLs vulnerability 3APA3A (Dec 22)
- <Possible follow-ups>
- RE: Webwasher CSM Appliance Script Security Restriction Bypass Frank Berzau (Dec 23)
- Re: Is this a new exploit? H D Moore (Dec 28)
- <Possible follow-ups>
- Re: Is this a new exploit? redxii1234 (Dec 28)
- Re: Is this a new exploit? Andreas Marx (Dec 28)
- RE: Is this a new exploit? Portz, Jon (Dec 28)
- <Possible follow-ups>
- Re: Exploitation of Windows WMF on the web psgw (Dec 30)
- RE: [Full-disclosure] Someone wasted a nice bug on spyware... Jim Serino (Dec 29)
- <Possible follow-ups>
- WMF Exploit davidribyrne (Dec 28)
- RE: WMF Exploit Hayes, Bill (Dec 29)
- RE: WMF Exploit Bill Busby (Dec 30)
- Re: WMF Exploit Paul Laudanski (Dec 30)
- RE: WMF Exploit Bill Busby (Dec 30)
- WMF exploit ninjapicook (Dec 29)
- RE: WMF Exploit Derick Anderson (Dec 30)