Bugtraq: by date
RSS Feed
About List
All Lists
Previous period
342 messages
starting Dec 01 05 and
ending Dec 31 05
Date index |
Thread index |
Author index
Thursday, 01 December
Re: DNS query spam fugi
Re: - Cisco IOS HTTP Server code injection/execution vulnerability- Florian Weimer
Re: What is wrong with these people? Steve Shockley
PhpX <= 3.5.9 SQL Injection -> login bypass -> remote command/code execution retrogod
Re: WebCalendar Multiple Vulnerabilities craig
Sunbelt set to acquire Kerio Personal Firewall Paul Laudanski
Re: DNS query spam Piotr Kamisiski
Re: Opera 8.50 DoS with simple java applet Yngve N. Pettersen (Developer Opera Software ASA)
[security bulletin] SSRT4787 Revised - HP Systems Insight Manager (SIM) for HP-UX Remote Denial of Service (DoS) security-alert
WebCalendar Multiple Vulnerabilities. lwang
Microsoft Windows CreateRemoteThread Exploit q7x
[SECURITY] [DSA 914-1] New horde2 packages fix cross-site scripting Martin Schulze
[DRUPAL-SA-2005-008] Drupal 4.6.4 / 4.5.6 fixes XSS and HTTP header injection issue Uwe Hermann
[DRUPAL-SA-2005-007] Drupal 4.6.4 / 4.5.6 fixes XSS issue Uwe Hermann
Edgewall Trac SQL Injection Vulnerability David Maciejak
[USN-220-1] w3c-libwww vulnerability Martin Pitt
Perl format string integer wrap vulnerability robert
[SECURITY] [DSA 913-1] New gdk-pixbuf packages fix several vulnerabilities Martin Schulze
[DRUPAL-SA-2005-009] Drupal 4.6.4 / 4.5.6 fixes minor access control issue Uwe Hermann
Friday, 02 December
[USN-221-1] racoon vulnerability Martin Pitt
Cisco Security Advisory: IOS HTTP Server Command Injection Vulnerability Cisco Systems Product Security Incident Response Team
phpMyChat Multiple XSS vulnerabilities. secresearch
[SECURITY] [DSA 915-1] New helix-player packages fix arbitrary code execution Martin Schulze
Re: Sunbelt set to acquire Kerio Personal Firewall Nick Boyce
Re: Microsoft Windows CreateRemoteThread Exploit Anton
RE: Microsoft Windows CreateRemoteThread Exploit Michael Wojcik
SEC Consult SA-20051202-1 :: GMX Webmail XSS Sec Consult Research
SEC Consult SA-20050212-1 :: A Word on Webmail Security and Browser related XSS Bugs Sec Consult Research
SEC Consult SA-XXXXXXXXXXX Bernhard Mueller
22nd CCC conference in Berlin Harry Behrens
Format String Vulnerabilities in Perl Programs Steven M. Christey
[xfocus-SD-051202]openMotif libUil Multiple vulnerability alert7 () xfocus org
[USN-222-1] Perl vulnerability Martin Pitt
WinEggDropShell Multiple Remote Stack Overflow Sowhat
Re: - Cisco IOS HTTP Server code injection/execution vulnerability- Mike Caudill
Saturday, 03 December
MDKSA-2005:223 - Updated webmin package fixes format string vulnerability Mandriva Security Team
[OpenPKG-SA-2005.026] OpenPKG Security Advisory (lynx) OpenPKG
MDKSA-2005:221 - Updated spamassassin packages fixes vulnerability Mandriva Security Team
Re: Re: Microsoft Windows CreateRemoteThread Exploit warl0ck
eXtreme Styles mod <= 2.2.1 Multiple Vulnerabilities tommie1
[OpenPKG-SA-2005.025] OpenPKG Security Advisory (perl) OpenPKG
Alisveristr E-Commerce Admin Login SQL İnjection B3g0k
Re: WebCalendar Louis Wang
MDKSA-2005:222 - Updated mailman packages fix various vulnerabilities Mandriva Security Team
[OpenPKG-SA-2005.027] OpenPKG Security Advisory (php) OpenPKG
[Updated] [FLSA-2005:166943] Updated php packages fix security issues Marc Deslauriers
QNX 4.25 suided dhcp.client binary lms
DMA[2005-1202a] - 'sobexsrv - Scripting/Secure OBEX Server format string vulnerability' KF (lists)
PHP-Fusion v6.00.109 SQL Injection and Info. Disclosure xer0x . west
more MD5 colliding examples Gerardo Richarte
Zen-Cart <= 1.2.6d blind SQL injection / remote commands execution: retrogod
eXtreme Styles mod <= 2.2.1 Multiple Vulnerabilities tommie1
Monday, 05 December
[USN-223-1] Inkscape vulnerability Martin Pitt
[scip_Advisory] e107 v0.6 rate.php manipulation Marc Ruef
have you ever been BluePIMped? KF (lists)
[USN-180-2] MySQL 4.1 vulnerability Martin Pitt
[security bulletin] HPSBUX01059 SSRT4704 Revised - HP-UX Running wu-ftpd Local Unauthorized Access security-alert
Blog System v1.2 Multiple SQL Injection Vulnerabilities vipsta
Outpost24 Public Security Note: Linux/Elxbot David Jacoby
Buffer Overflow in MultiTech VoIP Implementations SecurityLab Research
Tuesday, 06 December
SUSE Security Announcement: kernel various security and bugfixes (SUSE-SA:2005:067) Marcus Meissner
Horde IMP Webmail Client XSS all versions Igor
iDefense Security Advisory 12.05.05: Multiple Vendor xpdf DCTStream Baseline Heap Overflow Vulnerability iDEFENSE Labs
iDefense Security Advisory 12.05.05: Multiple Vendor xpdf DCTStream Progressive Heap Overflow iDEFENSE Labs
iDefense Security Advisory 12.05.05: Multiple Vendor xpdf JPX Stream Reader Heap Overflow Vulnerability iDEFENSE Labs
iDefense Security Advisory 12.05.05: Multiple Vendor xpdf StreamPredictor Heap Overflow Vulnerability iDEFENSE Labs
[USN-224-1] Kerberos vulnerabilities Martin Pitt
[USN-225-1] Apache 2 vulnerability Martin Pitt
Wednesday, 07 December
Critical Myspace.com Vulnerabilites silentproducts
[KAPDA::#15] - ThWboard multiple vulnerabilities alireza hassani
SimpleBBS <= v1.1 remote commands execution in c by: unitedasia security crew unitedasia
SugarSuite Open Source <= 4.0beta Remote code execution retrogod
[SECURITY] [DSA 916-1] New Inkscape packages fix arbitrary code execution Martin Schulze
Advisory 25/2005: phpMyAdmin Variables Overwrite Vulnerability Stefan Esser
Advisory 24/2005: libcurl URL parsing vulnerability Stefan Esser
Mobile Antivirus Researchers Assoc. Call for White Papers contact . removethis
DRZES HMS XSS and SQL Injection Vulnerabilities vipsta
Journal of Computer Virology-Call for Papers Saeed Abu Nimeh
[security bulletin] SSRT4884 HP-UX TCP/IP Remote Denial of Service (DoS) security-alert
[KDE Security Advisory] multiple buffer overflows in kpdf/koffice Dirk Mueller
[ GLSA 200512-02 ] Webmin, Usermin: Format string vulnerability Sune Kloppenborg Jeppesen
[ GLSA 200512-01 ] Perl: Format string errors can lead to code execution Sune Kloppenborg Jeppesen
[security bulletin] SSRT5954 Revised - HP-UX TCP/IP Remote Denial of Service (DoS) security-alert
[security bulletin] SSRT051037 HP-UX Running IPSec Remote Unauthorized Access security-alert
Thursday, 08 December
iDefense Security Advisory 12.07.05: Dell TrueMobile 2300 Wireless Broadband Router Authentication Bypass Vulnerability labs-no-reply () idefense com
Airscanner Mobile Security Advisory: Remote Hard Reset Data Wipe and DoS of Pocket Controller v5.0 (#AS05080401) contact . removethis
-Exploiting Freelist[0] On Windows XP Service Pack 2- Brett Moore
[SECURITY] [DSA 917-1] New courier packages fix unauthorised access Martin Schulze
3com product security hole jaime . blasco
Website Baker <=2.6.0 SQL Injection -> Login bypass -> remote code execution retrogod
= 1.2.6d blind SQL injection / remote commands execution: retrogod
Friday, 09 December
[security bulletin] SSRT051069 - HP Tru64 Unix Secure Web Server (SWS 6.4.1 and earlier) PHP/XMLRPC Remote Unauthorized Execution of Arbitrary Code security-alert
[TKPN2005-12-001] Multiple critical vulnerabilities in MyBB tk
Re: 3com product security hole Juha-Matti Laurio
[KAPDA::#16] - SMF SQL Injection alireza hassani
Milliscript 1.4 Multiple Vulnerabilities NaPa
[USN-226-1] Courier vulnerability Martin Pitt
MDKSA-2005:224 - Updated curl package fixes format string vulnerability Mandriva Security Team
TSLSA-2005-0070 - multi Trustix Security Advisor
[SECURITY] [DSA 918-1] New osh packages fix privilege escalation Martin Schulze
iDefense Security Advisory 12.09.05: Ethereal OSPF Protocol Dissector Buffer Overflow Vulnerability labs-no-reply () idefense com
MDKSA-2005:225 - Updated perl package fixes format string vulnerability Mandriva Security Team
Motorola SB5100E Cable Modem DoS Алексей Синцов
PGP Wipe Free Space, Lyris ListManager Flaws, Windows Timestamps, Sam Juicer H D Moore
Re: 3com product security hole Nicob
Saturday, 10 December
Apani Network Response to ISAKMP cert-fi:7710 Alert mkuch
Re: [KAPDA::#16] - SMF SQL Injection grudge
Flatnuke 2.5.6 privilege escalation / remote commands execution exploit retrogod
MDKSA-2005:206-1 - Updated openvpn packages fix multiple vulnerabilities Mandriva Security Team
DEFCON London group - DC4420 - inaugural meeting and Christmas Drinks! Major Malfunction
Torrential 1.2 Directory Traversal Shell
Monday, 12 December
[SECURITY] [DSA 919-1] New curl packages fix potential security problem Martin Schulze
BTGrup Admin WebController Script SQL injection khc
IMOEL CMS Sql password discovery silversmith
[ GLSA 200512-03 ] phpMyAdmin: Multiple vulnerabilities Sune Kloppenborg Jeppesen
Guestserver guestbook system vulnerabilities jaakko
Re: [Full-disclosure] [scip_Advisory] NetGear RP114 Flooding Denial ofService Morning Wood
Re: Re: [KAPDA::#16] - SMF SQL Injection retrogod
oracle not only offeder - researchers NOT responsible? Gadi Evron
Re: Re: [KAPDA::#16] - SMF SQL Injection polnby
[USN-227-1] xpdf vulnerabilities Martin Pitt
SEC Consult SA-20051211-0 :: Several XSS issues in Horde Framework, Kronolith Calendar, Mnemo Notes, Nag Tasks and Turba Addressbook Johannes Greil
iDEFENSE Security Advisory 12.12.05: SCO Unixware Setuid 'uidadmin' Scheme Buffer Overflow Vulnerability labs-no-reply () idefense com
[ GLSA 200512-04 ] Openswan, IPsec-Tools: Vulnerabilities in ISAKMP Protocol implementation Thierry Carrez
Re: Re: [Full-disclosure] Kerio Personal Firewall and Kerio Server Firewall FWDRV driver Local Denial of Service JHannah01
Re: [DCG] DEFCON London group - DC4420 - inaugural meeting and Christmas Drinks! racerx
SEC Consult SA-20051211-0 :: Nortel SSL VPN Cross Site Scripting/Command Execution SEC Consult Research
Re: Website Baker <=2.6.0 SQL Injection -> Login bypass -> remote code execution ryan
Arab Portal v2 Beta2 SQL Injections stranger-killer
Re: [KAPDA::#16] - SMF SQL Injection ascii
[PHP-CHECKER] 99 potential SQL injection vulnerabilities php-checker
[USN-228-1] curl library vulnerability Martin Pitt
[scip_Advisory] NetGear RP114 Flooding Denial of Service Marc Ruef
Status on PGP NTFS File Wipe issue, 11 Dec 2005 Jon Callas
[OpenPKG-SA-2005.028] OpenPKG Security Advisory (curl) OpenPKG
Re: Re: [KAPDA::#16] - SMF SQL Injection Steven M. Christey
[USN-222-2] Perl vulnerability Martin Pitt
Tuesday, 13 December
[USN-229-1] Zope vulnerability Martin Pitt
[SECURITY] [DSA 920-1] New ethereal packages fix arbitrary code execution Martin Schulze
[EEYEB-20050523] Windows Kernel APC Data-Free Local Privilege Escalation Vulnerability Advisories
phpCOIN 1.2.2 multiple vulnerabilities retrogod
MDKSA-2005:226 - Updated mozilla-thunderbird package fix vulnerability in enigmail Mandriva Security Team
Re: [ GLSA 200512-04 ] Openswan, IPsec-Tools: Vulnerabilities in ISAK MP Protocol implementation Paul Wouters
Secunia Research: Internet Explorer Suppressed "Download Dialog" Vulnerability Secunia Research
ADP Forum 2.0,ADP Forum 2.0.1,ADP Forum 2.0.2,ADP Forum 2.0.3 versiyon user md5 hash bug liz0
Wednesday, 14 December
RE: [Full-disclosure] [EEYEB-20050523] Windows Kernel APC Data-FreeLocal Privilege Escalation Vulnerability Marc Maiffret
LIMBO CMS <= v1.0.4.2 _SERVER[] array overwrite / remote code execution retrogod
Re: [Full-disclosure] Re: [EEYEB-20050523] Windows Kernel APC Data-FreeLocal Privilege Escalation Vulnerability Tom Ferris
iDefense Security Advisory 12.14.05: Trend Micro ServerProtect isaNVWRequest.dll Chunked Overflow labs-no-reply () idefense com
Re: [Full-disclosure] [EEYEB-20050523] Windows Kernel APC Data-Free Local Privilege Escalation Vulnerability Joshua Russel
iDefense Security Advisory 12.14.05: Trend Micro ServerProtect relay.dll Chunked Overflow Vulnerability labs-no-reply () idefense com
Re: [scip_Advisory] NetGear RP114 Flooding Denial of Service Thierry Zoller
iDefense Security Advisory 12.14.05: Trend Micro ServerProtect EarthAgent Remote DoS Vulnerability labs-no-reply () idefense com
[PHP-CHECKER] 99 potential SQL injection vulnerabilities Yichen Xie
[OpenPKG-SA-2005.029] OpenPKG Security Advisory (apache) OpenPKG
Re: [PHP-CHECKER] 99 potential SQL injection vulnerabilities Andy Lindeman
Countering Trusting Trust through Diverse Double-Compiling David A. Wheeler
Disclosure timelines from vendors - a promising practice? Steven M. Christey
Bypass XSS filter in PHPNUKE 7.9=>x max
iDefense Security Advisory 12.14.05: Trend Micro ServerProtect Crystal Reports ReportServer File Disclosure labs-no-reply () idefense com
DIMVA 2006 - 2nd Call for Papers Thomas Biege
Re: IMOEL CMS Sql password discovery Steven M. Christey
SUSE Security Announcement: php4, php5 (SUSE-SA:2005:069) Ludwig Nussel
[SECURITY] [DSA 921-1] New Linux 2.4.27 packages fix several vulnerabilities Martin Schulze
[ GLSA 200512-05 ] Xmail: Privilege escalation through sendmail Thierry Carrez
Re: [ GLSA 200512-04 ] Openswan, IPsec-Tools: Vulnerabilities in ISAK MP Protocol implementation VANHULLEBUS Yvan
Business Objects WebIntelligence 6.5x Account Lockout and System DoS mkemp4
RLA ("Remote LanD Attack") Synister Syntax
SUSE Security Announcement: kernel various security and bugfixes (SUSE-SA:2005:068) Marcus Meissner
CodeCon submission deadline reminder Len Sassaman
[USN-230-1] ffmpeg vulnerability Martin Pitt
Secunia Research: Microsoft Internet Explorer Keyboard Shortcut Processing Vulnerability Secunia Research
Re: Re: Re: [KAPDA::#16] - SMF SQL Injection grudge
Thursday, 15 December
Re: [ GLSA 200512-04 ] Openswan, IPsec-Tools: Vulnerabilities in ISAKMP Protocol implementation Thierry Carrez
[ GLSA 200512-06 ] Ethereal: Buffer overflow in OSPF protocol dissector Thierry Carrez
iDefense Security Advisory 12.14.05: Trend Micro PC-Cillin Internet Security Insecure File Permission Vulnerability labs-no-reply () idefense com
Re: Countering Trusting Trust through Diverse Double-Compiling Mike Lisanke
[SECURITY] [DSA 922-1] New Linux 2.6.8 packages fix several vulnerabilities Martin Schulze
MDKSA-2005:227 - Updated ethereal packages fix vulnerability Mandriva Security Team
Re: Countering Trusting Trust through Diverse Double-Compiling David A. Wheeler
MDKSA-2005:228 - Updated xine-lib packages fix buffer overflow vulnerability Mandriva Security Team
MDKSA-2005:229 - Updated xmovie packages fix buffer overflow vulnerability Mandriva Security Team
MDKSA-2005:230 - Updated mplayer packages fix buffer overflow vulnerability Mandriva Security Team
MDKSA-2005:232 - Updated gstreamer-ffmpeg packages fix buffer overflow vulnerability Mandriva Security Team
MDKSA-2005:231 - Updated ffmpeg packages fix buffer overflow vulnerability Mandriva Security Team
Patches available for IBM AIX flaws NGSSoftware Insight Security Research
Notacon Call for Proposals open Paul Schneider
Metasploit Framework v3.0 Alpha Release 1 H D Moore
CYBSEC - Security Advisory: Watchfire AppScan QA Remote Code Execution Mariano Nuñez Di Croce
MarmaraWeb E-commerce Remote Command Exucetion B3g0k
MarmaraWeb E-commerce Script Cross Site Scripting B3g0k
Re: RLA ("Remote LanD Attack") Synister Syntax
Re: RLA ("Remote LanD Attack") Synister Syntax
[security bulletin] SSRT4728 rev.1 - HP-UX running TCP/IP Remote Denial of Service (DoS) security-alert
AIX Heap Overflow paper David Litchfield
RE: RLA ("Remote LanD Attack") Roger A. Grimes
Bug in HC hackeriri
Re: [Full-disclosure] [EEYEB-20050523] Windows Kernel APC Data-Free Local Privilege Escalation Vulnerability Ron
Re: [Full-disclosure] iDEFENSE Security Advisory 12.06.05: Ipswitch Collaboration Suite SMTP Format String Vulnerability Owen Dhu
Friday, 16 December
Bios Information Leakage Jonathan Brossard
[ GLSA 200512-09 ] cURL: Off-by-one errors in URL handling Sune Kloppenborg Jeppesen
[ GLSA 200512-08 ] Xpdf, GPdf, CUPS, Poppler: Multiple vulnerabilities Sune Kloppenborg Jeppesen
Re: Patches available for IBM AIX flaws Shiva Persaud
[ GLSA 200512-07 ] OpenLDAP, Gauche: RUNPATH issues Thierry Carrez
phpCOIN-1.2.2-Full-2005 SQL Injection stranger-killer
ZRCSA-200505: libremail - "pop.c" Format String Vulnerability deepfear
[USN-230-2] ffmpeg/xine-lib vulnerability Martin Pitt
Re: Patches available for IBM AIX flaws David Litchfield
DMA[2005-1214a] - 'Widcomm BTW - Bluetooth for Windows Remote Audio Eavesdropping' Kevin Finisterre
DoS in Cisco Clean Access alex
iDefense Security Advisory 12.16.05: Citrix Program Neighborhood Name Heap Corruption Vulnerability labs-no-reply () idefense com
Advisory: XSS in WebCal (v1.11-v3.04) Stan Bubrouski
Re: Bios Information Leakage Ron van Daal
exploit (html) for Advanced Guestbook 2.2 irc0d3r
RE: RLA ("Remote LanD Attack") Patrick Galligan
Update on the PGP NTFS File Wipe Issue, 16 Dec 2005 Jon Callas
Saturday, 17 December
Microsoft IIS Remote Denial of Service (DoS) .DLL Url exploit inge . henriksen
Fullpath disclosure in roundcube webmail king_purba
Re: Bypass XSS filter in PHPNUKE 7.9=>x Paul Laudanski
Re: Fullpath disclosure in roundcube webmail Steven M. Christey
phpMyAdmin server_privileges.php SQL Injection Vulnerabilities. Alice Bryson
Monday, 19 December
[SECURITY] [DSA 923-1] New dropbear packages fix arbitrary code execution Martin Schulze
[FLSA-2005:152787] Updated redhat-config-nfs package fixes security issue Marc Deslauriers
[FLSA-2005:152832] Updated lynx package fixes security issues Marc Deslauriers
[FLSA-2005:152870] Updated a2ps package fixes security issue Marc Deslauriers
[FLSA-2005:152892] Updated enscript package fixes security issues Marc Deslauriers
[FLSA-2005:155510] Updated gtk2 packages fixes security issues Marc Deslauriers
[FLSA-2005:166939] Updated openssl packages fix security issues Marc Deslauriers
[FLSA-2005:168326] Updated util-linux and mount packages fix security issue Marc Deslauriers
[ GLSA 200512-10 ] Opera: Command-line URL shell command injection Thierry Carrez
Re: phpMyAdmin server_privileges.php SQL Injection Vulnerabilities. michal
Authenticated EIGRP DoS / Information leak Andrew A. Vladimirov
Making unidirectional VLAN and PVLAN jumping bidirectional Andrew A. Vladimirov
about phpMyAdmin's server_privileges.php announced vulnerability Marc Delisle
[security bulletin] SSRT051026 rev. 1 - HP-UX running WBEM Services Denial of Service (DoS) security-alert
Re: Making unidirectional VLAN and PVLAN jumping bidirectional Clayton Kossmeyer
MDKSA-2005:233 - Updated apache2 packages fix vulnerability in worker MPM Mandriva Security Team
Tuesday, 20 December
Symantec Antivirus Library Remote Heap Overflows list
iDefense Security Advisory 12.20.05: Qualcomm WorldMail IMAP Server String Literal Processing Overflow Vulnerability labs-no-reply () idefense com
Enterprise Connector v.1.02 Multiple SQL Vulnerabilities and Login Bypass darkz . gsa
iDefense Security Advisory 12.20.05: McAfee Security Center MCINSCTL.DLL ActiveX Control File Overwrite labs-no-reply () idefense com
[security bulletin] SSRT5983 rev.1 - HP-UX Running Software Distributor (SD) Remote Unauthorized Access security-alert
Re: Unauthenticated EIGRP DoS Paul Oxman (poxman)
[ GLSA 200512-11 ] CenterICQ: Multiple vulnerabilities Thierry Carrez
Digital Armaments Security Advisory 12.20.2005: WEBsweeper/MIMEsweeper Executable File Content Check bypass Vulnerability info
Acidcat ASP CMS Multiple Vulnerabilities h e
PHPGedView <= 3.3.7 remote code execution retrogod
[Overflow.pl] Blender BlenLoader Integer Overflow Damian Put
Secunia Research: Pegasus Mail Buffer Overflow and Off-by-One Vulnerabilities Secunia Research
IRM 014: Sygate Protection Agent 5.0 vulnerability - A low privileged user can disable the security agent Advisories
IRM 013: Ultraapps Issue Manager is vulnerable to Privilege Escalation Advisories
IRM 012: Portfolio Netpublish Server 7 is vulnerable to a Directory Traversal Attack Advisories
MDKSA-2005:234 - Updated sudo packages fix vulnerability Mandriva Security Team
Wednesday, 21 December
[Hat-Squad] Remote Heap Corruption Vulnerability in Interaction SIP Proxy service
Call for Paper - VI National Computer and Information Security Conference - COLOMBIA Jeimy José Cano Martínez
Workshop "Dependability Aspects in DWH and Mining applications"Deadline:15-01-06 Manh Tho
[ECHO_ADV_24$2005] Full path disclosure on WordPress < 1.5.2 the_day
Tolva PHP website system Remote File Include beford
security patch for Linux Kernel 2.6 breno
[KAPDA::#17] - beehiveforum Script Injection alireza hassani
[Security-Advisories () acs-inc com: [Full-disclosure] [ACSSEC-2005-11-25-0x1] VMWare Workstation 5.5.0 <= build-18007 G SX Server Variants And Others] Andrew Griffiths
Re: Symantec Antivirus Library Remote Heap Overflows ltr
[ECHO_ADV_24$2005] Full path disclosure on WordPress < 1.5.2 the_day () echo or id
mIRC buffer overflow Crowdat Kurobudetsu
Vulnerability in Metadot portal server allows users to gain administrative privileges Gerry Chng
Re: XSS bypass in PHPNuke - FIX ? Paul Laudanski
[SECURITY] [DSA 924-1] New nbd packages fix potential arbitrary code execution Martin Schulze
Cisco Security Response: DoS in Cisco Clean Access Clayton Kossmeyer
WinRAR - Processing Filename Incorrectly Vulnerability agoanywhere
XSS vulnerabilities in Google.com Watchfire Research
VMware vulnerability in NAT networking vmware-security-alert
Cisco PIX / CS ACS: Downloadable RADIUS ACLs vulnerability ovt
iDefense Security Advisory 12.21.05: Macromedia JRun 4 Web Server URL Parsing Buffer Overflow Vulnerability labs-no-reply () idefense com
Thursday, 22 December
MDKSA-2005:235 - Updated kernel packages fix numerous vulnerabilities Mandriva Security Team
fetchmail security announcement fetchmail-SA-2005-03 (CVE-2005-4348) ma+bt
[SECURITY] [DSA 925-1] New phpbb2 packages fix several vulnerabilities Martin Schulze
CYBSEC - Security Advisory: httprint Multiple Vulnerabilities Mariano Nuñez Di Croce
Re: Cisco PIX / CS ACS: Downloadable RADIUS ACLs vulnerability 3APA3A
Privilege escalation in McAfee VirusScan Enterprise 8.0i (patch 11) and CMA 3.5 (patch 5) Reed Arvin
iDefense Security Advisory 12.22.05: Linux Kernel Socket Buffer Memory Exhaustion DoS Vulnerability labs-no-reply () idefense com
[USN-231-1] Linux kernel vulnerabilities Martin Pitt
Webwasher CSM Appliance Script Security Restriction Bypass d0t v0rt3x
XSS&Sql injection attack in PHP-Fusion 6.00.3 Released krasza
[ GLSA 200512-12 ] Mantis: Multiple vulnerabilities Stefan Cornelius
Friday, 23 December
RE: Webwasher CSM Appliance Script Security Restriction Bypass Frank Berzau
[TKADV2005-12-001] Multiple SQL Injection vulnerabilities in MyBB tk
[SECURITY] [DSA 926-2] New ketm packages fix privilege escalation Martin Schulze
Multiple Network-related Vulnerabilities in Electric Sheep MichaelAiello
Electric Sheep window-id stack overflow MichaelAiello
Tuesday, 27 December
MDKSA-2005:236 - Updated fetchmail packages fix vulnerability Mandriva Security Team
MDKSA-2005:237 - Updated cpio packages fix buffer overflow on x86_64 Mandriva Security Team
Dev web management system <= 1.5 SQL injection / cross site scripting retrogod
CFP - IT Underground 2006, Prague, Czech Republic Piotr Sobolewski
Found new bug hackeriri
Airscanner Mobile Security Advisory #0508310 Spb Kiosk Engine Administrator Password & Information Disclosure contact . removethis
[ GLSA 200512-13 ] Dropbear: Privilege escalation Stefan Cornelius
[SECURITY] [DSA 928-1] New dhis-tools-dns packages fix insecure temporary file creation Martin Schulze
[BuHa-Security] DoS Vulnerability in M$ IE 6 SP2 #1 bugtraq
[BuHa-Security] DoS Vulnerability in M$ IE 6 SP2 #2 bugtraq
[BuHa-Security] DoS Vulnerability in M$ IE 6 SP2 #3 bugtraq
Multiple Translation websites Cross Site Scripting vulnerability: Google, Altavista, IBM, freetranslation, worldlingo, etc simo
Obsidis n1 released! angelo
Cerberus Helpdesk multiple vulnerabilities. A. Ramos
[SECURITY] [DSA 927-1] New tkdiff packages fix insecure temporary file creation Martin Schulze
Secunia Research: IceWarp Web Mail Multiple File Inclusion Vulnerabilities Secunia Research
[ GLSA 200512-15 ] rssh: Privilege escalation Stefan Cornelius
dtSearch DUNZIP32.dll Buffer Overflow Vulnerability Juha-Matti Laurio
Malware sample site mvalsmith
Is this a new exploit? noemailpls
Wednesday, 28 December
MDKSA-2005:238 - Updated php/php-mbstring packages fix mail injection vulnerability Mandriva Security Team
Exploitation of Windows WMF on the web Daniel Bonekeeper
Re: Is this a new exploit? H D Moore
[BUGZILLA] Security advisory for Bugzilla < 2.16.11 David Miller
RE: [Full-disclosure] Someone wasted a nice bug on spyware... Paul
Re: Is this a new exploit? redxii1234
Re: Is this a new exploit? Andreas Marx
RE: Is this a new exploit? Portz, Jon
[ GLSA 200512-16 ] OpenMotif, AMD64 x86 emulation X libraries: Buffer overflows in libUil library Thierry Carrez
WMF Exploit davidribyrne
WMF Exploit davidribyrne
Thursday, 29 December
PhpDocumentor <= 1.3.0 rc4 Arbitrary remote/local inclusion retrogod
[SECURITY] [DSA 927-2] New tkdiff packages fix insecure temporary file creation Martin Schulze
RE: WMF Exploit Hayes, Bill
RE: [Full-disclosure] Someone wasted a nice bug on spyware... Jim Serino
WMF exploit ninjapicook
Airscanner Mobile Security Advisory #05083102 Spb Kiosk Engine Program Bypass contact . removethis
Black Hat Federal and Europe Call for Papers Jeff Moss
[ GLSA 200512-17 ] scponly: Multiple privilege escalation issues Thierry Carrez
Friday, 30 December
rssh: root privilege escalation flaw Derek Martin
phpbb2.0.19 fixes security issues Paul Laudanski
Secunia Research: TUGZip ARJ Archive Handling Buffer Overflow Vulnerability Secunia Research
Advisory 26/2005: TinyMCE Compressor Vulnerabilities Stefan Esser
Re: Exploitation of Windows WMF on the web psgw
WTF?? veil_of_darkness
RE: WMF Exploit Derick Anderson
Yahoo mail Cross Site Scripting vulnerability simo
WMF browser-ish exploit vectors Evans, Arian
RE: WMF Exploit Bill Busby
[KAPDA::#18] - WebWiz Products SQL Injection advisory
Re: WMF Exploit Paul Laudanski
Saturday, 31 December
MyBB XSS cross-site scripting addmimistrator
MyBB 1.0 SQL injection in uploading file addmimistrator