Bugtraq: by author
RSS Feed
About List
All Lists
Previous period
599 messages
starting Nov 01 06 and
ending Nov 10 06
Date index |
Thread index |
Author index
3APA3A
Re[3]: New Flaw in Firefox 2.0: DoS and possible remote code execution 3APA3A (Nov 01)
Re[2]: New Flaw in Firefox 2.0: DoS and possible remote code execution 3APA3A (Nov 03)
Re: Big Flaw in Firefox 2: Password Manager Bug Exposes Passwords 3APA3A (Nov 23)
admin
MajorSecurity Advisory #31]Xenis.creator CMS - Multiple Cross Site Scripting and SQL Injection Issues admin (Nov 04)
Re: Re: Phpjobscheduler 3.0 - Multiple Remote File Include admin (Nov 21)
[MajorSecurity Advisory #30]admin.tool 3 CMS - Multiple Cross Site Scripting Issues admin (Nov 04)
[MajorSecurity Advisory #36]dev4u CMS - Multiple SQL Injection and Cross Site Scripting Issues admin (Nov 18)
MajorSecurity Advisory #32]phpComasy CMS - Multiple Cross Site Scripting Issues admin (Nov 06)
[MajorSecurity Advisory #33]ShopSystems - SQL Injection Issue admin (Nov 13)
[MajorSecurity Advisory #34]Plesk 8 - Multiple Cross Site Scripting Issues admin (Nov 16)
Re: *BSD banner INT overflow vulnerability admin (Nov 23)
[MajorSecurity Advisory #35]Travelsized CMS - Multiple Cross Site Scripting Issues admin (Nov 18)
advisories
LS-20061102 - Business Objects Crystal Reports Stack Overflow Vulnerability advisories (Nov 23)
LS-20061113 - CA BrightStor ARCserve Backup Remote Buffer Overflow Vulnerability advisories (Nov 21)
Advisory
[Aria-Security Team] MidiCart ASP Plus Shopping Cart SQL Injection Advisory (Nov 24)
ClickGallery Sql Injection Advisory (Nov 27)
BPG Content Management System SQL Injection Advisory (Nov 14)
WWWeb Cocepts SQL Injection Advisory (Nov 14)
[Aria-Security Team] General Shopping Cart SQL Injection Vulnerability Advisory (Nov 27)
i-Gallery 3.4 Cross Site Scripting Advisory (Nov 16)
[Aria-Security Team] iNews News Manager SQL Injection Advisory (Nov 24)
[Aria-Security Team] Ultimate Survey Pro SQL Injection Advisory (Nov 24)
[Aria-Security Team] Evolve shopping cart SQL Injection Vulnerability Advisory (Nov 27)
Clickblog Sql Injection Advisory (Nov 27)
[Aria-Security Team] FipsSHOP SQL Injection Advisory (Nov 29)
Ustore SQL Injection Advisory (Nov 14)
[Aria-Security's Research Team] Texas Rank'em SQL Injection Vulnerabilite Advisory (Nov 18)
CPanel Multiple Cross Site Scription Advisory (Nov 13)
eShopping SQL Injection Advisory (Nov 14)
[Aria-Security] CPanel Network Tools Cross Site Scripting [Advisory] Advisory (Nov 17)
Helm Cross Site Scripting Advisory (Nov 16)
ASPintranet SQL Injection Advisory (Nov 16)
Image gallery with Access Database SQL Injection Advisory (Nov 17)
DirectAdmin Multiple Cross Site Scription Advisory (Nov 13)
[Aria-Security Team] Fixit iDMS Pro Image Gallery SQL Injection Advisory (Nov 24)
CPanel 11 Multiple Cross-Site Scription Advisory (Nov 24)
ClickContact SQL Injection Advisory (Nov 27)
gNews Publisher SQL Injection Vulnerabilites Advisory (Nov 20)
Real Estate Listing System SQL Injection Advisory (Nov 14)
SiteXpress SQL Injection Advisory (Nov 14)
Engine Manager SQL Injection Advisory (Nov 14)
Xtreme ASP Photo Gallery Cross Site Scripting And SQL Injection Advisory (Nov 16)
Helm Cross-Site Scripting (XSS) Advisory (Nov 15)
WebHost Manager (WHM) Multiple Cross-Site Scripting Advisory (Nov 24)
A-Cart 2.0 SQL Injection Advisory (Nov 18)
ECommerce Store Shop Builder Advisory (Nov 14)
uPhotoGallery (v 1.1) SQL Injection Advisory (Nov 27)
ASPintranet SQL Injection Advisory (Nov 14)
[Aria-Security's Research Team] ActiveNews Manager SQL Injection Vulnerabilite Advisory (Nov 18)
A-Cart PRO SQL Injection Advisory (Nov 18)
[Aria-Security Team] ASP ListPics 5.0 SQL Injection Advisory (Nov 24)
[Aria-Security Team] MidiCart ASP Shopping Cart SQL Injection Advisory (Nov 24)
AG- Spider
Comdev One Admin Pro.v4.1 ( path[skin] ) Remote File include AG- Spider (Nov 16)
ajannhwt
AspPired2 Poll <= 1.0 (MoreInfo.asp) Remote SQL Injection Exploit ajannhwt (Nov 13)
UltraSite 1.0 (update.asp) Remote SQL Injection Vulnerability ajannhwt (Nov 13)
Asp Scripter Products (cpLogin.asp) Remote SQL ByPass Injection Vulnerability ajannhwt (Nov 13)
Seditio <= 1.10 (pollid) Remote SQL Injection Vulnerability ajannhwt (Nov 30)
Online Event Registration <= v2.0 (save_profile.asp) Remote User Pass Change Exploit ajannhwt (Nov 13)
NuCommunity 1.0 (cl_CatListing.asp) Remote SQL Injection Exploit ajannhwt (Nov 13)
LDU <= 8.x (polls.php) Remote SQL Injection Vulnerability ajannhwt (Nov 30)
Property Pro v1.0 (vir_Login.asp) Remote Login ByPass SQL Injection Vulnerability ajannhwt (Nov 13)
phpManta - Mdoc <= 1.0.2 (view-sourcecode.php) Local File Include Exploit ajannhwt (Nov 13)
UPublisher 1.0 (viewarticle.asp) Remote SQL Injection Vulnerability ajannhwt (Nov 13)
ASPNuke <= 0.80 (register.asp) Remote SQL Injection Vulnerability ajannhwt (Nov 20)
Ariadne <= 2.4.1 Multiple Remote File Include Vulnerabilities(New) ajannhwt (Nov 06)
PhpMyChat <= 0.14.5 Source Code Disclosure Vulnerability ajannhwt (Nov 08)
NuRems 1.0 Remote XSS/SQL Injection Exploit ajannhwt (Nov 13)
Estate Agent Manager <= v1.3 (default.asp) Remote Login ByPass SQL Injection Vulnerability ajannhwt (Nov 13)
ASPPortal <= 4.0.0 (default1.asp) Remote SQL Injection Exploit ajannhwt (Nov 13)
PhpMyChat Plus <= 1.9 Multiple Source Code Disclosure Vulnerabilities ajannhwt (Nov 08)
NuStore 1.0 (Products.asp) Remote SQL Injection Vulnerability ajannhwt (Nov 13)
UStore 1.0 (detail.asp) Remote SQL Injection Vulnerability ajannhwt (Nov 13)
NuSchool 1.0 (CampusNewsDetails.asp) Remote SQL Injection Exploit ajannhwt (Nov 13)
alireza hassani
[KAPDA]::Security analysis of cutenews 1.4.5 alireza hassani (Nov 21)
Amit Klein
Educational write-up by Amit Klein: "A Refreshing Look at Redirection" Amit Klein (Nov 02)
Andrew Christensen
Lotus Notes pre-login User.ID key leak Andrew Christensen (Nov 08)
andrzej . targosz
CONFidence 2007 CFP andrzej . targosz (Nov 22)
applesoup
Hotmail and Windows Live Mail XSS Vulnerabilities applesoup (Nov 06)
astralbabz
Re: DoS in Microsoft Windows Live Messenger <= 8.0 astralbabz (Nov 25)
Avert
Vulnerabilities in Client Service for NetWare Avert (Nov 16)
avivra
Internet Explorer 7 - Still Spyware Writers' Heaven avivra (Nov 02)
Bart Seresia
RE: VBulletin DoS Exploit [ all Versions ] Bart Seresia (Nov 16)
benjilenoob
MyStats <=1.0.8 [injection sql, multiples xss, array & full path disclosure] benjilenoob (Nov 13)
beSIRT
Team Evil - Incident #2 beSIRT (Nov 16)
blueshisha
Woltlab Burning Board 2.3.X XSS Vulnerability (0-Day) FIXED VERSION blueshisha (Nov 30)
bluespy . ok
PhpBB Module Dimension Remote File Include bluespy . ok (Nov 20)
PhpBB Module Dimension Remote File Include bluespy . ok (Nov 18)
Blyth A J C (AT)
2nd European Conference on Computer Network Defense (EC2ND) Blyth A J C (AT) (Nov 27)
Bob Beck
Re: *BSD banner INT overflow vulnerability Bob Beck (Nov 22)
Bram Dumolin
Re: Firefox 1.5.0.7 Exploit Bram Dumolin (Nov 02)
broken-proxy
Advanced Guestbook 2.3.1 (Admin.php) Remote File Include broken-proxy (Nov 06)
bugtraq
Re: [WEB SECURITY] The state of JavaScript Hacking bugtraq (Nov 29)
Challenges faced by automated web application security assessment tools bugtraq (Nov 13)
c2report
Drone Armies C&C Report - 17 Nov 2006 c2report (Nov 18)
capt . nem0
contentserv 4.x capt . nem0 (Nov 30)
Casper . Dik
Re: Lack of environment sanitization in the FreeBSD, OpenBSD, NetBSD dynamic loaders. Casper . Dik (Nov 23)
Cesar
The Week of Oracle Database Bugs Cesar (Nov 20)
Chris Gianelloni
Re: [ GLSA 200611-11 ] TikiWiki: Multiple vulnerabilities Chris Gianelloni (Nov 21)
Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Secure Desktop Cisco Systems Product Security Incident Response Team (Nov 08)
Cisco Security Advisory: Cisco Security Agent Management Center LDAP Administrator Authentication Bypass Cisco Systems Product Security Incident Response Team (Nov 01)
ckuan
Re: Airmagnet management interfaces multiple vulnerabilities ckuan (Nov 17)
clappymonkey
Potentially OT: AJAX article clappymonkey (Nov 29)
corrado . liotta
[x0n3-h4ck]Drake CMS v 0.2 XSS exploit corrado . liotta (Nov 10)
[x0n3-h4ck]Essentia Web Server v.2.15 Buffer Overflow corrado . liotta (Nov 10)
crackers_child
MosReporter Joomla Component Remote File Inclusion Exploi crackers_child (Nov 17)
PHP-Nuke Mermaid Module V1.2 (formdisp.php) Remote File Include Exploit crackers_child (Nov 24)
shambo2 Component For Mambo 4.5 Remote File Inclusion Exploit crackers_child (Nov 13)
darkz . gsa
Mail Drives Security Considerations darkz . gsa (Nov 06)
David Eisenstein
[FLSA-2006:211760] Updated gzip package fixes security issues David Eisenstein (Nov 13)
David Litchfield
Re: "Which is more secure? Oracle vs. Microsoft" (is it a fair comparison?) David Litchfield (Nov 22)
Cursor snarfing - a new class of vulnerability and attack in Oracle David Litchfield (Nov 27)
Re: Re: "Which is more secure? Oracle vs. Microsoft" (is it a fair comparison?) David Litchfield (Nov 29)
Re: Re: "Which is more secure? Oracle vs. Microsoft" (is it a fair comparison?) David Litchfield (Nov 28)
Which is more secure? Oracle vs. Microsoft David Litchfield (Nov 21)
Re: Re: "Which is more secure? Oracle vs. Microsoft" (is it a fair comparison?) David Litchfield (Nov 27)
dean
Re: Etomite CMS 0.6.1.2 Multiple Vulnerabilities ( Sql Injection + Local file inclusion ) dean (Nov 17)
dragonjar
DoS in Microsoft Windows Live Messenger <= 8.0 dragonjar (Nov 24)
Dragos Ruiu
EUSecWest/London CFP extended to Nov. 7 Dragos Ruiu (Nov 03)
drunken_chin
Re: tikiwiki 1.9.5 mysql password disclosure & xss drunken_chin (Nov 25)
Dude VanWinkle
Re: [Full-disclosure] ZDI-06-043: Novell Netware Client Print Provider Buffer Overflow Vulnerability Dude VanWinkle (Nov 30)
eEye Advisories
EEYE: Workstation Service NetpManageIPCConnect Buffer Overflow eEye Advisories (Nov 14)
Eliah Kagan
Re: Internet Explorer 7 - Still Spyware Writers' Heaven Eliah Kagan (Nov 06)
Re: Internet Explorer 7 - Still Spyware Writers' Heaven Eliah Kagan (Nov 04)
emc3
Re: Wordpress File Inclusion emc3 (Nov 13)
erdc
[ECHO_ADV_59_2006]Agora 1.4 RC1 "$_SESSION[PATH_COMPOSANT]" Remote File Inclusion Vulnerability erdc (Nov 06)
[ECHO_ADV_61_2006] a-ConMan <= v3.2beta Remote File Inclusion erdc (Nov 23)
[ECHO_ADV_57_2006]Soholaunch Pro <=4.9 r36 Multiple Remote File Inclusion Vulnerability erdc (Nov 06)
[ECHO_ADV_60_2006] OpenEMR <=2.8.1 Multiple Remote File Inclusion Vulnerability erdc (Nov 06)
[ECHO_ADV_58_2006]Cyberfolio <=2.0 RC1 $av Remote File Inclusion Vulnerability erdc (Nov 06)
Evgeny Legerov
VulnDisco Pack for Metasploit Evgeny Legerov (Nov 06)
evilrabbi
Re: Re: *BSD banner INT overflow vulnerability evilrabbi (Nov 22)
Expanders
Re: Wordpress File Inclusion Expanders (Nov 13)
fash1on
Big Flaw in Firefox 2: Password Manager Bug Exposes Passwords fash1on (Nov 22)
FBI
Re: tikiwiki 1.9.5 mysql password disclosure & xss FBI (Nov 23)
fcollyer
Digipass Go3 Token Dumper (at least for 2006) fcollyer (Nov 13)
Re: Re: Digipass Go3 Token Dumper (at least for 2006) fcollyer (Nov 25)
firewall1954
Exophpdesk V1.2 - Remote File Include firewall1954 (Nov 13)
Phpdebug 1.1.0 - Remote File Include by Firewall Firewall1954 (Nov 13)
encapscms 0.3.6 - Remote File Include by Firewall firewall1954 (Nov 13)
Phpjobscheduler 3.0 - Multiple Remote File Include Firewall1954 (Nov 13)
Francesco Laurita
Re: CuteNews v1.4.5 (search.php) Remote file include vulnerability Francesco Laurita (Nov 27)
FreeBSD Security Advisories
FreeBSD Security Advisory FreeBSD-SA-06:24.libarchive FreeBSD Security Advisories (Nov 08)
fryxar fryxar
AIDE problem handling symlinks fryxar fryxar (Nov 27)
gamr-14
XSS in scriptat support InverseFlow Help Desk v2.31 gamr-14 (Nov 22)
Gary Golomb
Free tool for pattern identification (for researchers) Gary Golomb (Nov 25)
Ginsu Rabbit
linksys wrt54g v5 authentication bypass fixed Ginsu Rabbit (Nov 18)
Glynn Clements
Re: [ GLSA 200611-03 ] NVIDIA binary graphics driver: Privilege escalation vulnerability Glynn Clements (Nov 14)
gmdarkfig
Oxygen <= 1.1.3 (O2PHP Bulletin Board) SQL Injection gmdarkfig (Nov 18)
Cahier de texte V2.0 SQL Code Execution Exploit gmdarkfig (Nov 24)
Re: A-Cart PRO SQL Injection gmdarkfig (Nov 18)
Re: [Aria-Security's Research Team] ActiveNews Manager SQL Injection Vulnerabilite gmdarkfig (Nov 18)
GomoR
SinFP 2.04 release, works under Windows GomoR (Nov 13)
Gruzicki Wlodek
*BSD banner INT overflow vulnerability Gruzicki Wlodek (Nov 22)
h4ck3riran
knowledgeBuilder v.2.2.php.NuLL-WDYL=> Remote File Include Vulnerability h4ck3riran (Nov 08)
phpsatk => Remote File Include Vulnerability EXploit h4ck3riran (Nov 08)
hack2prison
Hot Links download backup authorized vulnerabilities (re-post with some edit) hack2prison (Nov 16)
Web Directory Pro bypass Vulnerabilities hack2prison (Nov 04)
Hot Links download backup authorized vulnerabilities hack2prison (Nov 16)
hacker hackers
XSS in Kayako SupportSuite v3.00.32 hacker hackers (Nov 07)
harrisonholland
Re: Multiple vulnerabilities in SAP Web Application Server 6.40 and7.00 harrisonholland (Nov 03)
HASEGAWA Yosuke
Re: Hotmail and Windows Live Mail XSS Vulnerabilities HASEGAWA Yosuke (Nov 08)
Heiko Wundram
Re: @cid stats v2.3 File Include Heiko Wundram (Nov 06)
Hugo van der Kooij
Re: Digipass Go3 Token Dumper (at least for 2006) Hugo van der Kooij (Nov 24)
iDefense Labs
iDefense Security Advisory 11.30.06: Multiple Vendor libgsf Heap Overflow Vulnerability iDefense Labs (Nov 30)
iDefense Security Advisory 11.09.06: Citrix Presentation Server 4.0 IMA Service Invalid Name Length DoS Vulnerability iDefense Labs (Nov 13)
iDefense Security Advisory 10.31.06: Novell iManager Tomcat DoS Vulnerability iDefense Labs (Nov 01)
iDefense Security Advisory 10.27.06: Novell eDirectory NMAS BerDecodeLoginDataRequeset DoS Vulnerability iDefense Labs (Nov 01)
iDefense Security Advisory 11.26.06: Qbik WinGate Compressed Name Pointer Denial of Service Vulnerability iDefense Labs (Nov 27)
iDefense Security Advisory 11.08.06: Cisco Secure Desktop Privilege Escalation Vulnerability iDefense Labs (Nov 08)
iDefense Security Advisory 10.31.06: Sophos Anti-Virus Petite File Denial of Service Vulnerability iDefense Labs (Nov 01)
iDefense Security Advisory 11.29.06: Horde Kronolith Arbitrary Local File Inclusion Vulnerability iDefense Labs (Nov 29)
iDefense Security Advisory 11.26.06: GNU Radius Format String Vulnerability iDefense Labs (Nov 27)
iDefense Labs Security Advisories
iDefense Security Advisory 11.08.06: IBM Lotus Domino 7 tunekrnl Multiple Vulnerabilities iDefense Labs Security Advisories (Nov 08)
Iko Riyadi
Perl proxy checker using samair.ru Iko Riyadi (Nov 22)
In Cognito
Lack of environment sanitization in the FreeBSD, OpenBSD, NetBSD dynamic loaders. In Cognito (Nov 22)
Lack of environment sanitization in the FreeBSD, OpenBSD, NetBSD dynamic loaders. In Cognito (Nov 22)
infection
Invision Community Blog Mod 1.2.4 .PHP SQL Injection Vulnerability infection (Nov 30)
info
Digital Armaments November-Decemberr Hacking Challenge: KERNEL info (Nov 20)
igital Armaments November-Decemberr Hacking Challenge: KERNEL Remote info (Nov 17)
inge_eivind . henriksen
IE7 website security certificate discrediting exploit inge_eivind . henriksen (Nov 06)
Re: IE7 website security certificate discrediting exploit inge_eivind . henriksen (Nov 07)
insanity
XSS vBulletin 3.6.X Admin Control Painel insanity (Nov 17)
Jan Heisterkamp
Re: New Flaw in Firefox 2.0: DoS and possible remote code execution Jan Heisterkamp (Nov 06)
jbh_cg
Apple Safari "match" Buffer Overflow Vulnerability jbh_cg (Nov 14)
Jeimy Cano
CFP - VII National Computer and Information Security Conference Jeimy Cano (Nov 23)
Jeremy Epstein
RE: Cracking String Encryption in Java Obfuscated Bytecode Jeremy Epstein (Nov 27)
Jeroen Massar
Re: [Full-disclosure] New report on Teredo security Jeroen Massar (Nov 29)
Jerome Athias
Re: New Flaw in Firefox 2.0: DoS and possible remote code execution Jerome Athias (Nov 06)
jesper . jurcenoks
LifeType version 1.1.2 Multiple Path Disclosure Vulnerabilities jesper . jurcenoks (Nov 30)
REMLAB Web Mech Designer 2.0.5 Path Disclosure Vulnerability jesper . jurcenoks (Nov 29)
Monkey Boards version 0.3.5 Multiple Path Disclosure Vulnerabilities jesper . jurcenoks (Nov 29)
DigiOz Guestbook version 1.7 Path Disclosure Vulnerability in list.php jesper . jurcenoks (Nov 07)
Jesper Jurcenoks
DigiOz Guestbook version 1.7 Path Disclosure Vulnerability in list.php Jesper Jurcenoks (Nov 07)
jim
Re: [ECHO_ADV_53$2006] QnECMS <= 2.5.6 (adminfolderpath) Remote File Inclusion Vulnerability jim (Nov 22)
Jim Hoagland
New report on Teredo security Jim Hoagland (Nov 29)
Jim Manico
Re: Cracking String Encryption in Java Obfuscated Bytecode Jim Manico (Nov 24)
John GALLET
Re: Cracking String Encryption in Java Obfuscated Bytecode John GALLET (Nov 24)
John Heasman
Whitepaper: Implementing and Detecting a PCI Rootkit John Heasman (Nov 16)
John Morrissey
CVE-2006-5815: remote code execution in ProFTPD John Morrissey (Nov 27)
Jon Hart
Re: SYMSA-2006-011: JBoss Java Class DeploymentFileRepository Directory Traversal Jon Hart (Nov 28)
J. Oquendo
Re: Apple Safari "match" Buffer Overflow Vulnerability J. Oquendo (Nov 16)
Joxean Koret
WarFTPd 1.82.00-RC11 Remote Denial Of Service Joxean Koret (Nov 07)
WFTPD Pro Server 3.23 Buffer Overflow Joxean Koret (Nov 07)
Juha-Matti Laurio
Re: Password Flaw also in Firefox 1.5.08. Was: Big Flaw in Firefox 2: Password Manager Bug Exposes Passwords Juha-Matti Laurio (Nov 23)
katatafish
BLOG:CMS <= 4.1.3 XSS katatafish (Nov 18)
Kees Cook
[USN-371-1] Ruby vulnerability Kees Cook (Nov 01)
[USN-370-1] screen vulnerability Kees Cook (Nov 01)
[USN-376-2] imlib2 regression fix Kees Cook (Nov 07)
[USN-373-1] mutt vulnerabilities Kees Cook (Nov 01)
[USN-389-1] GnuPG vulnerability Kees Cook (Nov 29)
[USN-390-1] evince vulnerability Kees Cook (Nov 30)
[USN-379-1] texinfo vulnerability Kees Cook (Nov 09)
[USN-382-1] Thunderbird vulnerabilities Kees Cook (Nov 21)
[USN-377-1] NVIDIA vulnerability Kees Cook (Nov 04)
[USN-383-1] libpng vulnerability Kees Cook (Nov 17)
[USN-378-1] RPM vulnerability Kees Cook (Nov 04)
[USN-386-1] ImageMagick vulnerability Kees Cook (Nov 28)
[USN-384-1] OpenLDAP vulnerability Kees Cook (Nov 21)
[USN-374-1] wvWare vulnerability Kees Cook (Nov 01)
[USN-376-1] imlib2 vulnerabilities Kees Cook (Nov 04)
[USN-385-1] tar vulnerability Kees Cook (Nov 28)
[USN-387-1] Dovecot vulnerability Kees Cook (Nov 28)
[USN-381-1] Firefox vulnerabilities Kees Cook (Nov 21)
[USN-388-1] KOffice vulnerability Kees Cook (Nov 29)
K F (lists)
[Fwd: OpenBase SQL multiple vulnerabilities Part Deux] K F (lists) (Nov 14)
Kerio WebSTAR local privilege escalation K F (lists) (Nov 16)
[Fwd: DMA[2006-1031a] - 'Intego VirusBarrier X4 definition bypass exploit'] K F (lists) (Nov 14)
koenig
Firefox 1.5.0.7 Exploit koenig (Nov 02)
kspecial
evince buffer overflow exploit (gv) kspecial (Nov 28)
LegendaryZion
Cross Site Scripting (XSS) Vulnerability in Netquery by "VIRtech" LegendaryZion (Nov 01)
liuqx
TFTP Server 3CTftpSvc Buffer Overflow Vulnerability (Long transporting mode) liuqx (Nov 27)
TFTPD32 v3.01 TFTP Server Long File Name Buffer Overflow Vulnerability liuqx (Nov 17)
TFTP Server AT-TFTP Server v 1.9 Buffer Overflow Vulnerability (Long filename) liuqx (Nov 27)
liz0
Article Script v1.*and v1.6.3 Sql injection liz0 (Nov 06)
Lubomir Kundrak
Re: Firefox 1.5.0.7 Exploit Lubomir Kundrak (Nov 06)
Lucas Holt
Re: FreeBSD all versions FireWire IOCTL kernel integer overflow information disclousure Lucas Holt (Nov 16)
m-0-t
XSS in script Mobile m-0-t (Nov 03)
mahmood ali
@cid stats v2.3 File Include mahmood ali (Nov 06)
Manchester 2600
UK Security Convention - Continuity 2006 Manchester 2600 (Nov 16)
Manh Tho
Call for papers: ARES 2007 submission deadline approaches in 2 weeks: 19-11-2006 Manh Tho (Nov 08)
Marcello Barnaba
Re: Advisory 14/2006: Dotdeb PHP Email Header Injection Vulnerability Marcello Barnaba (Nov 16)
Mark Wadham
Re: ProFTPD mod_tls pre-authentication buffer overflow Mark Wadham (Nov 29)
Martin Pitt
[USN-375-1] PHP vulnerability Martin Pitt (Nov 02)
Re: Firefox 1.5.0.7 Exploit Martin Pitt (Nov 03)
Martin Schulze
[SECURITY] [DSA 1210-1] New Mozilla Firefox packages fix several vulnerabilities Martin Schulze (Nov 14)
[SECURITY] [DSA 1221-1] New libgsf packages fix arbitrary code execution Martin Schulze (Nov 30)
Matousec - Transparent security Research
Outpost Multiple insufficient argument validation of hooked SSDT function Vulnerability Matousec - Transparent security Research (Nov 15)
Outpost Insufficient validation of 'SandBox' driver input buffer Matousec - Transparent security Research (Nov 01)
Matthew Conover
"Which is more secure? Oracle vs. Microsoft" (is it a fair comparison?) Matthew Conover (Nov 22)
Matthias Geerdsen
[ GLSA 200611-01 ] Screen: UTF-8 character handling vulnerability Matthias Geerdsen (Nov 03)
[ GLSA 200611-04 ] Bugzilla: Multiple Vulnerabilities Matthias Geerdsen (Nov 09)
[ GLSA 200611-17 ] fvwm: fvwm-menu-directory fvwm command injection Matthias Geerdsen (Nov 23)
[ GLSA 200611-02 ] Qt: Integer overflow Matthias Geerdsen (Nov 06)
Mayhemic Labs Security
MHL-2006-003 Public Advisory: "mboard" file creation issue Mayhemic Labs Security (Nov 27)
Mefisto
Re: PhpGedView 4.0.2 (DOCUMENT_ROOT) File inclusion Vulnerablity Mefisto (Nov 28)
Re: Active PHP Bookmarks (apb.php) Remote file include Mefisto (Nov 24)
Michael Scheidell
Password Flaw also in Firefox 1.5.08. Was: Big Flaw in Firefox 2: Password Manager Bug Exposes Passwords Michael Scheidell (Nov 23)
Micheal Turner
Re: [Full-disclosure] ZDI-06-040: WinZip FileView ActiveX Control Unsafe Method Exposure Vulnerability Micheal Turner (Nov 14)
Mike Prosser
SYM06-023, Symantec NetBackup PureDisk: PHP update to Address Reported Security Vulnerability Mike Prosser (Nov 29)
miladkaleh
XSS in Email Signature Script miladkaleh (Nov 13)
Moritz Muehlenhoff
[SECURITY] [DSA 1220-1] New pstotext packages fix arbitrary shell command execution Moritz Muehlenhoff (Nov 27)
[SECURITY] [DSA 1206-1] New php4 packages fix several vulnerabilities Moritz Muehlenhoff (Nov 06)
[SECURITY] [DSA 1214-1] New gv packages fix arbitrary code execution Moritz Muehlenhoff (Nov 20)
[SECURITY] [DSA 1211-1] New pdns packages fix arbitrary code execution Moritz Muehlenhoff (Nov 15)
[SECURITY] [DSA 1218-1] New proftpd packages fix denial of service Moritz Muehlenhoff (Nov 21)
[SECURITY] [DSA 1217-1] New linux-ftpd packages fix access control bypass Moritz Muehlenhoff (Nov 20)
[SECURITY] [DSA 1215-1] New xine-lib packages fix execution of arbitrary code Moritz Muehlenhoff (Nov 20)
[SECURITY] [DSA 1208-1] New bugzilla packages fix several vulnerabilities Moritz Muehlenhoff (Nov 13)
[SECURITY] [DSA 1213-1] New imagemagick packages fix several vulnerabilities Moritz Muehlenhoff (Nov 20)
[SECURITY] [DSA 1222-1] New proftpd packages fix several vulnerabilities Moritz Muehlenhoff (Nov 30)
[SECURITY] [DSA 1209-2] New trac packages fix cross-site request forgery Moritz Muehlenhoff (Nov 13)
[SECURITY] [DSA 1209-1] New trac packages fix cross-site request forgery Moritz Muehlenhoff (Nov 13)
[SECURITY] [DSA 1207-2] New phpmyadmin packages fix regression Moritz Muehlenhoff (Nov 20)
[SECURITY] [DSA 1207-1] New phpmyadmin packages fix several vulnerabilities Moritz Muehlenhoff (Nov 09)
[SECURITY] [DSA 1203-1] New libpam-ldap packages fix access control bypass Moritz Muehlenhoff (Nov 02)
[SECURITY] [DSA 1216-1] New flexbackup packages fix denial of service Moritz Muehlenhoff (Nov 20)
[SECURITY] [DSA 1204-1] New ingo1 packages fix arbitrary shell command execution Moritz Muehlenhoff (Nov 06)
mr_kaliman
@lex Guestbook 4.0.1 : Full Path Disclosure & XSS mr_kaliman (Nov 30)
Mustafa Can Bjorn IPEKCI
Advisory: Seditio <= 1.10 Remote SQL Injection Vulnerability. Mustafa Can Bjorn IPEKCI (Nov 21)
Advisory: LDU <= 8.x Remote SQL Injection Vulnerability. Mustafa Can Bjorn IPEKCI (Nov 21)
nagazakig74
Wisi Portal [Sql Injection By Jesus Tovar] nagazakig74 (Nov 25)
Siap Cms Sql Injection (login.asp) nagazakig74 (Nov 25)
navairum
Stanford university SCARF user editing navairum (Nov 06)
News publication system remote File include navairum (Nov 07)
Y.A.N.S sql injection navairum (Nov 08)
Web Interface remote file inclusion navairum (Nov 13)
Re: New Bug MiniBB Forum <= 2 Remote File Include (index.php) navairum (Nov 14)
Nick Boyce
Re: [ GLSA 200611-03 ] NVIDIA binary graphics driver: Privilege escalation vulnerability Nick Boyce (Nov 13)
Nick FitzGerald
Re: [ GLSA 200611-03 ] NVIDIA binary graphics driver: Privilege escalation vulnerability Nick FitzGerald (Nov 14)
Nicob
Multiple vulnerabilities in SAP Web Application Server 6.40 and 7.00 Nicob (Nov 02)
Old SAP exploits Nicob (Nov 13)
Re: Multiple vulnerabilities in SAP Web Application Server 6.40 and7.00 Nicob (Nov 09)
Re: Multiple vulnerabilities in SAP Web Application Server 6.40 and7.00 Nicob (Nov 07)
Noah Meyerhans
[SECURITY] [DSA 1212-1] New openssh packages fix denial of service Noah Meyerhans (Nov 15)
[SECURITY] [DSA 1219-1] New texinfo packages fix multiple vulnerabilities Noah Meyerhans (Nov 27)
Noam Rathaus
Re: GNU gv Stack Overflow Vulnerability Noam Rathaus (Nov 13)
Re: [x0n3-h4ck]Essentia Web Server v.2.15 Buffer Overflow Noam Rathaus (Nov 13)
no-reply
NVIDIA nView (keystone) local Denial Of service no-reply (Nov 23)
NormandiaN_MailID
VMware 5.5.1 Local Buffer Overflow (HTML Exploit) NormandiaN_MailID (Nov 27)
null_hack
PHP Rapid Kill All Version File Injection null_hack (Nov 06)
oldiesmann
Re: Re: Simple Machines Forum (SMF) XSS issue oldiesmann (Nov 01)
Omirjan Batyrbaev
Serious crypto problem fixed by envelope HMAC method insteadof currently used prefix Omirjan Batyrbaev (Nov 20)
Correction: Re: Serious crypto problem fixed by envelope HMAC method insteadof currently used prefix Omirjan Batyrbaev (Nov 20)
Re: Serious crypto problem fixed by envelope HMAC method insteadof currently used prefix Omirjan Batyrbaev (Nov 20)
New Correction: Re: Serious crypto problem fixed by envelope HMAC method instead of currently used prefix Omirjan Batyrbaev (Nov 21)
OOZIE
Re: Firefox 1.5.0.7 Exploit OOZIE (Nov 06)
OpenPKG
[OpenPKG-SA-2006.034] OpenPKG Security Advisory (texinfo) OpenPKG (Nov 15)
[OpenPKG-SA-2006.035] OpenPKG Security Advisory (proftpd) OpenPKG (Nov 16)
[OpenPKG-SA-2006.030] OpenPKG Security Advisory (ruby) OpenPKG (Nov 04)
[OpenPKG-SA-2006.033] OpenPKG Security Advisory (openldap) OpenPKG (Nov 10)
[OpenPKG-SA-2006.032] OpenPKG Security Advisory (openssh) OpenPKG (Nov 08)
[OpenPKG-SA-2006.036] OpenPKG Security Advisory (png) OpenPKG (Nov 17)
[OpenPKG-SA-2006.029] OpenPKG Security Advisory (bind) OpenPKG (Nov 04)
[OpenPKG-SA-2006.028] OpenPKG Security Advisory (php) OpenPKG (Nov 04)
OS2A BTO
ELOG Web Logbook Remote Denial of Service Vulnerability OS2A BTO (Nov 13)
packet
Re: GPhotos 1.5 Multiple vulnerabilities packet (Nov 20)
pagvac
Sage cross-context scripting -> LOCAL-CONTEXT SCRIPTING pagvac (Nov 18)
paisterist . nst
PHP-Nuke <= 7.9 News module "sid" SQL Injection vulnerabilities paisterist . nst (Nov 24)
Paul Laudanski
Re: how to trick most of cms avatar upload filter [exemple for : RunCms (PoC)] Paul Laudanski (Nov 04)
Pavel Kankovsky
Re: Clarifying integer overflows vs. signedness errors Pavel Kankovsky (Nov 25)
pdp (architect)
AttackAPI 2.0 alpha pdp (architect) (Nov 25)
philip anselmo
CuteNews v1.4.5 (search.php) Remote file include vulnerability philip anselmo (Nov 27)
Active PHP Bookmarks (apb.php) Remote file include philip anselmo (Nov 23)
PHP Event Calendar 1.5.1 (index.php) Remote File Include Vulnerability philip anselmo (Nov 29)
New Bug MiniBB Forum <= 2 Remote File Include (index.php) philip anselmo (Nov 13)
philipp . niedziela
PHPKit 1.6.1 RC2 (faq/faq.php) Remote SQL Injection Exploit philipp . niedziela (Nov 13)
poplix
iodine client 0.3.2 buffer overflow poplix (Nov 02)
ProCheckUp Research
Cross Site Scripting (XSS) Vulnerability in IBM WebSphere Application Server ProCheckUp Research (Nov 06)
Immediacy .NET CMS possibly vulnerable to Cross Site Scripting through a malformed cookie ProCheckUp Research (Nov 08)
Raphael Marichez
[ GLSA 200611-03 ] NVIDIA binary graphics driver: Privilege escalation vulnerability Raphael Marichez (Nov 07)
[ GLSA 200611-06 ] OpenSSH: Multiple Denial of Service vulnerabilities Raphael Marichez (Nov 13)
[ GLSA 200611-23 ] Mono: Insecure temporary file creation Raphael Marichez (Nov 28)
[ GLSA 200611-07 ] GraphicsMagick: PALM and DCM buffer overflows Raphael Marichez (Nov 13)
[ GLSA 200611-08 ] RPM: Buffer overflow Raphael Marichez (Nov 13)
[ GLSA 200611-05 ] Netkit FTP Server: Privilege escalation Raphael Marichez (Nov 10)
Re: [ GLSA 200611-03 ] NVIDIA binary graphics driver: Privilege escalation vulnerability Raphael Marichez (Nov 13)
[ GLSA 200611-26 ] ProFTPD: Remote execution of arbitrary code Raphael Marichez (Nov 30)
[ GLSA 200611-24 ] LHa: Multiple vulnerabilities Raphael Marichez (Nov 28)
[ GLSA 200611-25 ] OpenLDAP: Denial of Service vulnerability Raphael Marichez (Nov 28)
raven
Re: CuteNews v1.4.5 (search.php) Remote file include vulnerability raven (Nov 29)
Reed Arvin
New Windows tool - PWDumpX v1.0 Reed Arvin (Nov 29)
New Windows tool - NBTEnum 3.3 Reed Arvin (Nov 24)
Renaud Lifchitz
GNU gv Stack Overflow Vulnerability Renaud Lifchitz (Nov 09)
research
SYMSA-2006-011: JBoss Java Class DeploymentFileRepository Directory Traversal research (Nov 27)
Re: [ MDKSA-2006:217 ] - Updated proftpd packages fix vulnerabilities research (Nov 21)
ProFTPD mod_tls pre-authentication buffer overflow research (Nov 28)
retrog
Wolflab Burning Board Lite 1.0.2 two sql injections retrog (Nov 24)
revenge
ContentNow CMS 1.39 Sql Injection + Path Disclosure Vulnerabilities revenge (Nov 21)
Etomite CMS 0.6.1.2 Multiple Vulnerabilities ( Sql Injection + Local file inclusion ) revenge (Nov 16)
Reversemode
[Reversemode advisory] Computer Associates HIPS Drivers - multiple local privilege escalation vulnerabilities. Reversemode (Nov 17)
Richard Stanway
RE: how to trick most of cms avatar upload filter [exemple for : RunCms (PoC)] Richard Stanway (Nov 02)
riclem
Chetcpasswd 2.x: multiple vulnerabilities riclem (Nov 16)
Robert McGrew
Re: Firefox 1.5.0.7 Exploit Robert McGrew (Nov 02)
Rodrigo Rubira Branco (BSDaemon)
NetBSD all versions FireWire IOCTL kernel integer overflow information disclousure Rodrigo Rubira Branco (BSDaemon) (Nov 15)
TrustedBSD* all versions FireWire IOCTL kernel integer overflow information disclousure Rodrigo Rubira Branco (BSDaemon) (Nov 15)
DragonFlyBSD all versions FireWire IOCTL kernel integer overflow information disclousure Rodrigo Rubira Branco (BSDaemon) (Nov 15)
FreeBSD all versions FireWire IOCTL kernel integer overflow information disclousure Rodrigo Rubira Branco (BSDaemon) (Nov 15)
Roger A. Grimes
RE: Internet Explorer 7 - Still Spyware Writers' Heaven Roger A. Grimes (Nov 02)
RE: Internet Explorer 7 - Still Spyware Writers' Heaven Roger A. Grimes (Nov 06)
Rogier Mulhuijzen
RE: FreeBSD all versions FireWire IOCTL kernel integer overflow information disclousure Rogier Mulhuijzen (Nov 20)
root
Joomla 1.0.11 Remote File Include root (Nov 06)
VBulletin DoS Exploit [ all Versions ] root (Nov 13)
rPath Update Announcements
rPSA-2006-0204-1 kernel rPath Update Announcements (Nov 10)
rPSA-2006-0219-1 info install-info texinfo rPath Update Announcements (Nov 27)
rPSA-2006-0218-1 ImageMagick rPath Update Announcements (Nov 27)
rPSA-2006-0202-1 tshark wireshark rPath Update Announcements (Nov 01)
rPSA-2006-0206-1 firefox thunderbird rPath Update Announcements (Nov 10)
rPSA-2006-0211-1 libpng rPath Update Announcements (Nov 16)
rPSA-2006-0205-1 php php-mysql php-pgsql rPath Update Announcements (Nov 10)
rPSA-2006-0207-1 openssh openssh-client openssh-server rPath Update Announcements (Nov 10)
rvirtue
Re: Cross Site Scripting (XSS) Vulnerability in Netquery by "VIRtech" rvirtue (Nov 13)
sales
Re: Digital Armaments Security Advisory 10.07.2006: Flexwath Authorization Bypassing and XSS Vulnerability sales (Nov 03)
saps . audit
CandyPress Store[ multiples injection sql ] saps . audit (Nov 16)
Dating Site [ login bypass & xss] saps . audit (Nov 17)
omnistar article manager [multiples injection sql] saps . audit (Nov 09)
Speedwiki 2.0 Arbitrary File Upload Vulnerability saps . audit (Nov 08)
Evolve Merchant[ injection sql ] saps . audit (Nov 14)
Wheatblog [multiple xss (post) & full path disclosure] saps . audit (Nov 09)
MetaCart e-Shop [multiples injection sql (get & post)] saps . audit (Nov 16)
20/20 auto gallery [ multiples injection sql ] saps . audit (Nov 17)
Car Site Manager [injection sql & xss (get)] saps . audit (Nov 14)
eShopping Cart [injection sql] saps . audit (Nov 16)
Blogme v3 [admin login bypass & xss (post)] saps . audit (Nov 14)
MultiCalendars [ multiples injection sql ] saps . audit (Nov 15)
E-Calendar Pro 3.0 [ login bypass & injection sql (post)] saps . audit (Nov 15)
creadirectory [injection sql & xss] saps . audit (Nov 21)
klf-realty [injection sql] saps . audit (Nov 20)
ASP Cart [multiples injection sql (post & get)] saps . audit (Nov 16)
Dragon calendar [ login bypass & injection sql ] saps . audit (Nov 15)
20/20 datashed [ multiples injection sql ] saps . audit (Nov 17)
Portix-PHP [login bypass & xss (post)] saps . audit (Nov 08)
Vikingboard (0.1.2) [ multiples vulnerability ] saps . audit (Nov 18)
Property Site Manager [login bypass ,multiples injection sql & xss (get)] saps . audit (Nov 14)
FreeWebshop <=2.2.2 [local file include & xss] saps . audit (Nov 08)
BaalAsp forum [login bypass ,injections sql(post), xss(post)] saps . audit (Nov 16)
Link Exchange Lite [injection sql] saps . audit (Nov 21)
20/20 real estate [ multiples injection sql ] saps . audit (Nov 17)
AIOCP <=1.3.007 multiples vulnerabilities [sql , remote file include , xss] saps . audit (Nov 06)
Infinitytechs Restaurants CM saps . audit (Nov 17)
ehomes [multiples injections sql] saps . audit (Nov 20)
aBitWhizzy [local file include] saps . audit (Nov 21)
bitweaver <=1.3.1 [injection sql (post) & xss (post)] saps . audit (Nov 09)
Active News Manager [ injection sql (post&get)] saps . audit (Nov 16)
Mega Mall [ multiples injection sql & full path disclosure ] saps . audit (Nov 13)
The Classified Ad System [multiple xss & injection sql] saps . audit (Nov 21)
Aspmforum [ multiples injection sql (get&post)] saps . audit (Nov 17)
IF-CMS multiples XSS vunerabilities saps . audit (Nov 04)
Re: [ GLSA 200611-11 ] TikiWiki: Multiple vulnerabilities saps . audit (Nov 21)
Pilot Cart V.7.2 [ injection sql (post) ] saps . audit (Nov 16)
eClassifieds [injection sql] saps . audit (Nov 20)
Re: MajorSecurity Advisory #31]Xenis.creator CMS - Multiple Cross Site Scripting and SQL Injection Issues saps . audit (Nov 04)
A-Cart pro[ injection sql (post&get)] saps . audit (Nov 14)
JiRos Links Manager[injection sql & xss permanent] saps . audit (Nov 21)
Rialto 1.6[admin login bypass & multiples injections sql] saps . audit (Nov 20)
A+ Store E-Commerce[ injection sql & xss (post) ] saps . audit (Nov 14)
PhpMyAdmin all version [multiples vulnerability] saps . audit (Nov 16)
Abarcar Realty Portal [injection sql] saps . audit (Nov 08)
hpecs shopping cart[login bypass & injection sql (post)] saps . audit (Nov 15)
LandShop Real Estate [multiple injection sql & xss] saps . audit (Nov 09)
E-commerce Kit 1 PayPal Edition [ injection sql ] saps . audit (Nov 16)
Classified System [injection sql] saps . audit (Nov 20)
Inventory Manager [injection sql & xss (get)] saps . audit (Nov 14)
SIMPLOG 0.9.3 injection sql & multiple xss saps . audit (Nov 03)
FunkyASP Glossary v1.0 [injection sql] saps . audit (Nov 14)
infinicart [ multiples injection sql & xss (post) ] saps . audit (Nov 13)
Rapid Classified v3.1 [multiple xss (get) & injection sql] saps . audit (Nov 20)
saudi
mmgallery Multiple vulnerabilities saudi (Nov 24)
Cross site scripting & fullpath disclosure saudi (Nov 24)
Secunia Research
Secunia Research: MDaemon Insecure Default Directory Permissions Secunia Research (Nov 16)
Secunia Research: Panda ActiveScan Multiple Vulnerabilities Secunia Research (Nov 16)
Secunia Research: PassGo SSO Plus Insecure Default Directory Permissions Secunia Research (Nov 22)
Secunia Research: Borland Products idsql32.dll Buffer Overflow Vulnerability Secunia Research (Nov 29)
Secunia Research: My Firewall Plus Privilege Escalation Vulnerability Secunia Research (Nov 21)
Secunia Research: MailEnable IMAP Service Two Vulnerabilities Secunia Research (Nov 30)
securfrog
how to trick most of cms avatar upload filter [exemple for : RunCms (PoC)] securfrog (Nov 02)
tikiwiki 1.9.5 mysql password disclosure & xss securfrog (Nov 01)
security
[ MDKSA-2006:213 ] - Updated chromium packages to fix embedded libpng vulnerabilities security (Nov 17)
[ MDKSA-2006:196 ] - Updated php packages to address buffer overflow issue security (Nov 03)
[ MDKSA-2006:208-1 ] - Updated openldap packages fixes Bind vulnerability security (Nov 22)
[ MDKSA-2006:164-1 ] - Updated xorg-x11/XFree86 packages fix integer overflow vulnerabilities security (Nov 18)
[ MDKSA-2006:198 ] - Updated imlib2 packages fix several vulnerabilities security (Nov 07)
[ MDKSA-2006:206 ] - Updated Thunderbird packages fix multiple vulnerabilities security (Nov 10)
[ MDKSA-2006:195 ] - Updated wireshark packages fix multiple vulnerabilities security (Nov 03)
[ MDKSA-2006:210 ] - Updated syslinux packages to fix embedded libpng vulnerabilities security (Nov 16)
[ MDKSA-2006:207 ] - Updated bind packages fixes RSA signature verification vulnerability security (Nov 15)
[ MDKSA-2006:197 ] - Updated kernel packages fix multiple vulnerabilities and bugs security (Nov 03)
[ MDKSA-2006:205 ] - Updated Firefox packages fix multiple vulnerabilities security (Nov 10)
[ MDKSA-2006:218 ] - Updated apache-mod_auth_kerb packages fixes DoS vulnerability security (Nov 23)
[ MDKSA-2006:209 ] - Updated libpng packages fix vulnerabilities security (Nov 16)
[ MDKSA-2006:208 ] - Updated openldap packages fixes Bind vulnerability security (Nov 15)
[ MDKSA-2006:211 ] - Updated pxelinux packages to fix embedded libpng vulnerabilities security (Nov 16)
[ MDKSA-2006:214 ] - Updated gv packages fix buffer overflow vulnerability security (Nov 17)
[ MDKSA-2006:204 ] - Updated openssh packages fix vulnerability security (Nov 09)
[ MDKSA-2006:201 ] - Updated pam_ldap packages fix PasswordPolicyReponse coding error security (Nov 08)
[ MDKSA-2006:219 ] - Updated tar packages fix vulnerability security (Nov 29)
[ MDKSA-2006:203 ] - Updated texinfo packages fix vulnerability security (Nov 08)
[ MDKSA-2006:217-1 ] - Updated proftpd packages fix vulnerabilities security (Nov 30)
[ MDKSA-2006:199 ] - Updated libx11 packages fix file descriptor leak vulnerability security (Nov 07)
XSS Vulnerability in Zend Framework Preview 0.2.0 security (Nov 06)
Multiple XSS Vulnerabilities in Zend Google Data Client Library Preview 0.2.0 security (Nov 01)
[ MDKSA-2006:198-1 ] - Updated imlib2 packages fix several vulnerabilities security (Nov 08)
[ MDKSA-2006:217 ] - Updated proftpd packages fix vulnerabilities security (Nov 20)
[ MDKSA-2006:212 ] - Updated doxygen packages to fix embedded libpng vulnerabilities security (Nov 16)
[ MDKSA-2006:216 ] - Updated links packages fix smb vulnerability security (Nov 21)
[ MDKSA-2006:200 ] - Updated rpm packages fix vulnerability security (Nov 07)
[ MDKSA-2006:215 ] - Updated avahi packages fix netlink vulnerability security (Nov 20)
[ MDKSA-2006:202 ] - Updated wv packages fix vulnerabilities security (Nov 08)
security-alert
[security bulletin] HPSBMA02088 SSRT051026 rev. 2 - HP-UX running WBEM Services Denial of Service (DoS) security-alert (Nov 17)
[security bulletin] HPSBUX02091 SSRT061099 rev.2 - HP-UX Local Increased Privilege security-alert (Nov 01)
[security bulletin] HPSBUX02172 SSRT061269 rev.1 - HP-UX VirtualVault running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), and Unauthorized Access security-alert (Nov 01)
[security bulletin] HPSBMA02159 SSRT061238 rev.1 - HP System Management Homepage (SMH), Remote Bypassing of Security Features or Cross Site Scripting or Denial of Service (DoS) security-alert (Nov 02)
[security bulletin] HPSBUX02165 SSRT061266 rev.1 - HP-UX VirtualVault Remote Unauthorized Access security-alert (Nov 01)
[security bulletin] HPSBUX02164 SSRT061265 rev.1 - HP-UX VirtualVault Running Apache 1.3.X Remote Denial of Service (DoS) and Arbitrary Code Execution security-alert (Nov 01)
[security bulletin] HPSBUX02153 SSRT061181 rev.2 - HP-UX Running Firefox, Remote Unauthorized Access or Elevation of Privileges or Denial of Service (DoS) security-alert (Nov 30)
[security bulletin] HPSBMA02167 SSRT061262 rev.2 - HP OpenView Client Configuration Manager (CCM), Remote Unauthorized Arbitrary Code Execution or Denial of Service (DoS) security-alert (Nov 09)
security-list
Re: EEYE: Workstation Service NetpManageIPCConnect Buffer Overflow security-list (Nov 18)
sehato
Windows Media ASX PlayList File Denial Of Service Vulnerability sehato (Nov 22)
sflist
Re: New Flaw in Firefox 2.0: DoS and possible remote code execution sflist (Nov 27)
Shawn Fitzgerald
RE: Re: "Which is more secure? Oracle vs. Microsoft" (is it a fair comparison?) Shawn Fitzgerald (Nov 29)
-= SHELL =- -= SHELL =-
MWChat pro V 7.0 <= (CONFIG[MWCHAT_Libs]) Remote File Include Vulnerability -= SHELL =- -= SHELL =- (Nov 06)
sil
Asterisk Local and Remote Denial of Service vulnerability sil (Nov 01)
simo64
Re: Advanced Guestbook 2.3.1 (Admin.php) Remote File Include simo64 (Nov 07)
skulmatic
GreenBeast CMS <= 1.3 PHP Arbitrary File Upload Vulnerability skulmatic (Nov 07)
sni-labs
Vulnerability in PostNuke sni-labs (Nov 21)
Solar Designer
safely concatenating strings in portable C (Re: GnuPG 1.4 and 2.0 buffer overflow) Solar Designer (Nov 30)
srunschke
Antwort: Joomla 1.0.11 Remote File Include srunschke (Nov 08)
Stefan Esser
Advisory 12/2006: phpMyAdmin - error.php XSS Vulnerability Stefan Esser (Nov 02)
Advisory 13/2006: PHP HTML Entity Encoder Heap Overflow Vulnerability Stefan Esser (Nov 02)
Advisory 14/2006: Dotdeb PHP Email Header Injection Vulnerability Stefan Esser (Nov 14)
Stefano Zanero
Re: blogcms => 4.0.0 Remote File Include Stefano Zanero (Nov 17)
Re: phpLedAds 2.0(dir) File Include Stefano Zanero (Nov 01)
Re: dev_wms => 1.5 Remote File Include Vulnerabilities Stefano Zanero (Nov 17)
Re: PLS-Bannieres 1.21 (bannieres.php) File Include Stefano Zanero (Nov 01)
Re: Phpjobscheduler 3.0 - Multiple Remote File Include Stefano Zanero (Nov 18)
Steve Friedl
Re: Re: "Which is more secure? Oracle vs. Microsoft" (is it a fair comparison?) Steve Friedl (Nov 25)
Re: Correction: Re: Serious crypto problem fixed by envelope HMAC method insteadof currently used prefix Steve Friedl (Nov 21)
Steve Kemp
[SECURITY] [DSA-1205-1] New thttpd packages fix insecure temporary file creation Steve Kemp (Nov 03)
Steven M. Christey
Minimizing error cascades in vulnerability information management Steven M. Christey (Nov 07)
Re: Re: "Which is more secure? Oracle vs. Microsoft" (is it a fair comparison?) Steven M. Christey (Nov 28)
Clarifying integer overflows vs. signedness errors Steven M. Christey (Nov 21)
Re: phpMyConferences <= 8.0.2 Remote File Inclusion Steven M. Christey (Nov 03)
Steve Shockley
Re: *BSD banner INT overflow vulnerability Steve Shockley (Nov 22)
stopmakingnoise
Re: Re: "Which is more secure? Oracle vs. Microsoft" (is it a fair comparison?) stopmakingnoise (Nov 24)
stormhacker
TOPSTORY BASIC Version 1.0 => Remote File Include Vulnerability stormhacker (Nov 13)
str0ke
Re: Phpjobscheduler 3.0 - Multiple Remote File Include str0ke (Nov 18)
Re: VMware 5.5.1 Local Buffer Overflow (HTML Exploit) str0ke (Nov 27)
Stuart Moore
Re: PHP Event Calendar 1.5.1 (index.php) Remote File Include Vulnerability Stuart Moore (Nov 29)
subere
Cracking String Encryption in Java Obfuscated Bytecode subere (Nov 23)
OWASP JBroFuzz 0.3 Fuzzer Released! subere (Nov 29)
Sune Kloppenborg Jeppesen
[ GLSA 200611-13 ] Avahi: "netlink" message vulnerability Sune Kloppenborg Jeppesen (Nov 20)
[ GLSA 200611-11 ] TikiWiki: Multiple vulnerabilities Sune Kloppenborg Jeppesen (Nov 20)
[ GLSA 200611-22 ] Ingo H3: Folder name shell command injection Sune Kloppenborg Jeppesen (Nov 27)
[ GLSA 200611-20 ] GNU gv: Stack overflow Sune Kloppenborg Jeppesen (Nov 24)
[ GLSA 200611-21 ] Kile: Incorrect backup file permission Sune Kloppenborg Jeppesen (Nov 27)
[ GLSA 200611-14 ] TORQUE: Insecure temproary file creation Sune Kloppenborg Jeppesen (Nov 20)
[ GLSA 200611-12 ] Ruby: Denial of Service vulnerability Sune Kloppenborg Jeppesen (Nov 20)
[ GLSA 200611-09 ] libpng: Denial of Service Sune Kloppenborg Jeppesen (Nov 17)
[ GLSA 200611-18 ] TIN: Multiple buffer overflows Sune Kloppenborg Jeppesen (Nov 24)
[ GLSA 200611-19 ] ImageMagick: PALM and DCM buffer overflows Sune Kloppenborg Jeppesen (Nov 24)
[ GLSA 200611-15 ] qmailAdmin: Buffer overflow Sune Kloppenborg Jeppesen (Nov 21)
[ GLSA 200611-10 ] WordPress: Multiple vulnerabilities Sune Kloppenborg Jeppesen (Nov 17)
[ GLSA 200611-16 ] Texinfo: Buffer overflow Sune Kloppenborg Jeppesen (Nov 21)
Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]
Re: "Which is more secure? Oracle vs. Microsoft" (is it a fair comparison?) Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] (Nov 25)
Taneli Leppä
Re: how to trick most of cms avatar upload filter [exemple for : RunCms (PoC)] Taneli Leppä (Nov 02)
Re: how to trick most of cms avatar upload filter [exemple for : RunCms (PoC)] Taneli Leppä (Nov 02)
tarkus
b2evolution Remote File inclusion Vulnerability tarkus (Nov 29)
b2evolution XSS Vulnerabilities tarkus (Nov 28)
Teemu Salmela
Links smbclient command execution Teemu Salmela (Nov 16)
the_3dit0r
ltwCalendar => 4.2.1 Remote File Include Vulnerabilities the_3dit0r (Nov 20)
PhpQuickGallery <= 1.9 Remote File Inclusion Exploit the_3dit0r (Nov 20)
DodosMail <= 2.0.1(dodosmail.php) Remote File Inclusion Exploit the_3dit0r (Nov 20)
dicshunary 0.1 alpha Remote File Inclusion Exploit the_3dit0r (Nov 20)
mg.applanix <= 1.3.1 Remote File Include Exploit the_3dit0r (Nov 20)
Storystream => 4.0 Remote File Include Vulnerability Exploit the_3dit0r (Nov 16)
Telaen => 1.1.0 Remote File Include Vulnerability the_3dit0r (Nov 20)
discloser => 0.0.4 Remote File Include Vulnerabilities the_3dit0r (Nov 16)
Myphotos => Remote File Include Vulnerability Exploit the_3dit0r (Nov 16)
Sphpblog => 0.8 Remote File Include Vulnerabilities the_3dit0r (Nov 17)
discloser => 0.0.4 Remote File Include Vulnerability Exploit the_3dit0r (Nov 16)
OdysseusBlog => 1.0.0 Cross Site Scripting the_3dit0r (Nov 16)
mxBB calsnails module 1.06 Remote File Inclusion Exploit the_3dit0r (Nov 20)
LoudMouth => 2.4 Remote File Include Vulnerabilities the_3dit0r (Nov 20)
worksystem => Remote File Include Vulnerability Exploit the_3dit0r (Nov 16)
RED Blog => Remote File Include Vulnerability Exploit the_3dit0r (Nov 16)
PHPOLL => 0.96 Cross Site Scripting the_3dit0r (Nov 20)
dev_wms => 1.5 Remote File Include Vulnerabilities the_3dit0r (Nov 16)
Bloo => 1.00 Remote File Include Vulnerability the_3dit0r (Nov 16)
Bloo => 1.00 Cross Site Scripting the_3dit0r (Nov 16)
enomphp => 4.0 Remote Traversal Directory the_3dit0r (Nov 20)
MyAlbum <= 3.02 (langs_dir) Remote File Inclusion Exploit the_3dit0r (Nov 20)
blogcms => 4.0.0 Remote File Include the_3dit0r (Nov 16)
Telaen <= 1.1.0 Remote File Include Exploit the_3dit0r (Nov 20)
my little weblog => Cross Site Scripting the_3dit0r (Nov 20)
Wabbit PHP Gallery => 0.9 Remote Traversal Directory the_3dit0r (Nov 20)
Shopping_Catalog Remote File Include exploit the_3dit0r (Nov 20)
Sphpblog => 0.8 Cross Site Scripting the_3dit0r (Nov 16)
BlogTorrent-preview => 0.92 Cross Site Scripting the_3dit0r (Nov 16)
My-BIC => 0.6.5 Remote File Include Vulnerability Exploit the_3dit0r (Nov 16)
eggblog=> 3.1.0 Cross Site Scripting the_3dit0r (Nov 16)
BirdBlog => v1.4.0 Cross Site Scripting the_3dit0r (Nov 20)
iPrimal Forums (index.php) Remote File Include Exploit the_3dit0r (Nov 20)
Thiago Zaninotti
Re: Clarifying integer overflows vs. signedness errors Thiago Zaninotti (Nov 22)
Thierry Zoller
Re: Internet Explorer 7 - Still Spyware Writers' Heaven Thierry Zoller (Nov 04)
Thor (Hammer of God)
Re: "Which is more secure? Oracle vs. Microsoft" (is it a fair comparison?) Thor (Hammer of God) (Nov 25)
Re: "Which is more secure? Oracle vs. Microsoft" (is it a fair comparison?) Thor (Hammer of God) (Nov 25)
Tim Newsham
Re: Re: "Which is more secure? Oracle vs. Microsoft" (is it a fair comparison?) Tim Newsham (Nov 27)
Timo Sirainen
Dovecot IMAP/POP3 server: Off-by-one buffer overflow Timo Sirainen (Nov 20)
Trustix Security Advisor
TSLSA-2006-0066 - multi Trustix Security Advisor (Nov 28)
TSLSA-2006-0063 - multi Trustix Security Advisor (Nov 15)
TSLSA-2006-0061 - multi Trustix Security Advisor (Nov 06)
TSLSA-2006-0065 - libpng Trustix Security Advisor (Nov 17)
TSRT
TSRT-06-13: HP OpenView Client Configuration Manager Device Code Execution Vulnerability TSRT (Nov 08)
tux025
mAlbum v0.3 local file inclusion tux025 (Nov 25)
GPhotos 1.5 Multiple vulnerabilities tux025 (Nov 18)
mAlbum v0.3 Multiple vulnerabilitizzz tux025 (Nov 20)
vannovax
Wordpress File Inclusion vannovax (Nov 13)
Vincent A . Menard
Multiple Vulnerabilities in AlternC version 0.9.5 Vincent A . Menard (Nov 29)
vitux . manis
Ixprim CMS 1.2 Remote File Include Vulnerability vitux . manis (Nov 20)
VMware Security team
VMSA-2006-0008 - VMware ESX Server 2.0.2 Upgrade Patch 2 VMware Security team (Nov 13)
VMSA-2006-0005 - VMware ESX Server 2.5.4 Upgrade Patch 1 VMware Security team (Nov 13)
VMSA-2006-0007 - VMware ESX Server 2.1.3 Upgrade Patch 2 VMware Security team (Nov 13)
VMSA-2006-0010 - SSL sessions not authenticated by VC Clients VMware Security team (Nov 21)
VMSA-2006-0009 - VMware ESX Server 3.0.0 AMD fxsave/restore issue VMware Security team (Nov 13)
VMSA-2006-0006 - VMware ESX Server 2.5.3 Upgrade Patch 4 VMware Security team (Nov 13)
webmaster
Re: SolpotCrew Advisory #10 - phpBB XS (phpbb_root_path) Remote File Include webmaster (Nov 23)
Werner Koch
GnuPG 1.4 and 2.0 buffer overflow Werner Koch (Nov 27)
Williams, James K
RE: LS-20061113 - CA BrightStor ARCserve Backup Remote Buffer Overflow Vulnerability Williams, James K (Nov 22)
RE: [Reversemode advisory] Computer Associates HIPS Drivers - multiple local privilege escalation vulnerabilities. Williams, James K (Nov 21)
wmodes
Re: feedsplitter considered harmful wmodes (Nov 13)
x___ . _
PhpGedView 4.0.2 (DOCUMENT_ROOT) File inclusion Vulnerablity x___ . _ (Nov 27)
yalnifj
Re: PhpGedView 4.0.2 (DOCUMENT_ROOT) File inclusion Vulnerablity yalnifj (Nov 28)
zdi-disclosures
ZDI-06-038: Citrix MetaFrame IMA Management Module Remote Heap Overflow zdi-disclosures (Nov 13)
ZDI-06-041: Microsoft Internet Explorer CSS Float Property Memory Corruption Vulnerability zdi-disclosures (Nov 14)
ZDI-06-037: America Online ICQ ActiveX Control Code Execution Vulnerability zdi-disclosures (Nov 06)
ZDI-06-036: Novell Netmail User Authentication Buffer Overflow Vulnerability zdi-disclosures (Nov 03)
ZDI-06-043: Novell Netware Client Print Provider Buffer Overflow Vulnerability zdi-disclosures (Nov 29)
ZDI-06-040: WinZip FileView ActiveX Control Unsafe Method Exposure Vulnerability zdi-disclosures (Nov 14)
ZDI-06-042: Verity Ultraseek Request Proxying Vulnerability zdi-disclosures (Nov 16)
ZDI-06-039: Marshal MailMarshal ARJ Extraction Directory Traversal Vulnerability zdi-disclosures (Nov 10)