Bugtraq: by author
RSS Feed
About List
All Lists
Previous period
439 messages
starting Nov 30 07 and
ending Nov 22 07
Date index |
Thread index |
Author index
3APA3A
Re[2]: Microsoft FTP Client Multiple Bufferoverflow Vulnerability 3APA3A (Nov 30)
Re: Microsoft FTP Client Multiple Bufferoverflow Vulnerability 3APA3A (Nov 29)
[48bits] vulndev
[48Bits Advisory] QuickTime Panorama Sample Atom Heap Overflow [48bits] vulndev (Nov 12)
abc . seo
li-guestbook sql inj abc . seo (Nov 09)
Adam Laurie
Announce: RFIDIOt release RFIDIOt-0.1r, November 2007 Adam Laurie (Nov 27)
admin
Sciurus Hosting Panel Code İnjection admin (Nov 17)
Adrian P
Several persistent XSS and CSRF on Wireless-G ADSL Gateway with SpeedBooster (WAG54GS) Adrian P (Nov 20)
Advisory
Aria-Security.Net Research: Lotfian BROCHURE Management System Advisory (Nov 08)
Aria-Security.Net Research: Rapid Classified HotList Image Advisory (Nov 12)
Aria-Security.Net Research: Request For Travel Sql Injection Advisory (Nov 08)
aeroxteam-nospam
Re: IceBB 1.0rc6 <= Remote SQL Injection aeroxteam-nospam (Nov 19)
IceBB 1.0rc6 <= Remote SQL Injection aeroxteam-nospam (Nov 19)
Alexander Klimov
Re: Breaking RSA: Totient indirect factorization Alexander Klimov (Nov 15)
Alex Eckelberry
RE: mac trojan in-the-wild Alex Eckelberry (Nov 01)
RE: mac trojan in-the-wild Alex Eckelberry (Nov 01)
Alla Bezroutchko
Predictable DNS transaction IDs in Microsoft DNS Server Alla Bezroutchko (Nov 14)
Amit Klein
After 6 months - fix available for Microsoft DNS cache poisoning attack Amit Klein (Nov 13)
andrzej . targosz
CONFidence 2008 CfP andrzej . targosz (Nov 26)
angelo
RFID: Security Briefings angelo (Nov 12)
anuj tenani
Re: SMF .htaccess bypass anuj tenani (Nov 06)
Asterisk Security Team
AST-2007-025 - SQL Injection issue in res_config_pgsql Asterisk Security Team (Nov 29)
AST-2007-026 - SQL Injection issue in cdr_pgsql Asterisk Security Team (Nov 29)
atc08
ATC-08 Call for papers (repost) atc08 (Nov 13)
avivra
Using CSRF to Attack Mobile Phones avivra (Nov 22)
Bernardo Damele
[Tool] sqlmap: a blind SQL injection tool (release 0.5) Bernardo Damele (Nov 05)
Bernhard Mueller
SEC Consult SA-20071101-0 :: Multiple Vulnerabilities in SonicWALL SSL-VPN Client Bernhard Mueller (Nov 01)
BlackHawk
Re: MyBlog (MyCMS) Remote PHP Code execution / PHP Code injection .. BlackHawk (Nov 23)
bugtraq
TalkBack 2.2.7 Multiple Remote File Inclusion Vulnerabilities bugtraq (Nov 21)
Ucms <= 1.8 Backdoor Remote Command Execution Exploit bugtraq (Nov 21)
VigileCMS <= 1.8 Stealth Remote Command Execution Exploit bugtraq (Nov 22)
SkyPortal vRC6 Multiple Remote Vulnerabilities bugtraq (Nov 21)
DeluxeBB E-Mail Address Change Security Bypass bugtraq (Nov 26)
buzzy
Re: iDefense Security Advisory 11.07.07: Oracle 10g R2 PITRIG_DROPMETADATA Buffer Overflow Vulnerability buzzy (Nov 08)
CaseArmour.net Security Administrator
Re: Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability CaseArmour.net Security Administrator (Nov 17)
Cesar
[Argeniss] Data0: Next generation malware for stealing databases (Paper) Cesar (Nov 22)
Chris
Cypress BX script backdoored? Chris (Nov 06)
chris . rohlf
Ruby/Gnome2 0.16.0 Format String Vulnerability chris . rohlf (Nov 27)
Chris Withers
security contact for mitsubishi electric? Chris Withers (Nov 17)
Clifton Royston
Re: Breaking RSA: Totient indirect factorization Clifton Royston (Nov 15)
cocoruder
Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability cocoruder (Nov 16)
coolshot
Re: Aria-Security.net: CoolShot E-Lite POS 1.0 coolshot (Nov 30)
Core Security Technologies Advisories
CORE-2007-0821: Lotus Notes buffer overflow in the Lotus WorkSheet file processor Core Security Technologies Advisories (Nov 27)
cxib
PHP 5.2.4 mail.force_extra_parameters unsecure cxib (Nov 26)
cybermilitan
Mp3 ToolBox 1.0 beta 5 Remote File İnclude Vulnerability cybermilitan (Nov 23)
Amber Script 1.0 (show_content.php id) Local File Inclusion Vulnerability cybermilitan (Nov 24)
vBTube v1.1 - Beta ( Vbulletin Tube) Xss Vulnerable cybermilitan (Nov 24)
daniel . stirnimann
Alcatel OmniPCX Enterprise VoIP Vulnerability daniel . stirnimann (Nov 19)
David Litchfield
Oracle 11g/10g Installation Vulnerability David Litchfield (Nov 13)
djvincy
Skalinks <= 1_5 Cross Site Request Forgery Add Admin djvincy (Nov 05)
DoZ
GWExtranet Script Injections & Privilege Escalation Vulnerability DoZ (Nov 26)
MySpace Scripts - Poll Creator JavaScript Injection Vulnerability DoZ (Nov 22)
Dragos Ruiu
IM upgrade automated social engineering attack Dragos Ruiu (Nov 02)
Re: IM upgrade automated social engineering attack Dragos Ruiu (Nov 06)
CanSecWest 2008 CFP (deadline Nov 30, conf Mar 26-28) and PacSec Dojo's Dragos Ruiu (Nov 09)
drakomo
SQL injection bug found in TBSource. drakomo (Nov 10)
Duncan Simpson
Re: [Full-disclosure] Standing Up Against German Laws - Project HayNeedle Duncan Simpson (Nov 13)
DVLabs
TPTI-07-20: Apple Quicktime Movie Stack Overflow Vulnerability DVLabs (Nov 14)
eEye Advisories
EEYE: BitDefender Online Scanner 8 Double Decode Heap Overflow eEye Advisories (Nov 20)
EEYE: Multiple Vulnerabilities In .FLAC File Format and Various Media Applications eEye Advisories (Nov 15)
Elliot Kendall
Directory Traversal in SafeNet Sentinel Protection Server and Keys Server Elliot Kendall (Nov 26)
emacs25
Re: Gadu-Gadu Local/Remote Buffer Overflow vulnerability emacs25 (Nov 23)
Re: Re: Gadu-Gadu Local/Remote Buffer Overflow vulnerability emacs25 (Nov 23)
erdc
[ECHO_ADV_84$2007] ProfileCMS <= 1.0 Remote SQL Injection Vulnerability erdc (Nov 19)
[ECHO_ADV_85$2007] alstrasoft E-Friends <= 4.98 (seid) Multiple Remote SQL Injection Vulnerabilities erdc (Nov 22)
Erick Galinkin
Re: Breaking RSA: Totient indirect factorization Erick Galinkin (Nov 16)
Ernesto Alvarez
two bytehoard 2.1 bugs Ernesto Alvarez (Nov 26)
fabio
Alice - dns spoofer fabio (Nov 12)
Florian Echtler
Re: Standing Up Against German Laws - Project HayNeedle Florian Echtler (Nov 13)
Florian Weimer
[SECURITY] [DSA 1400-1] New perl packages fix arbitrary code execution Florian Weimer (Nov 06)
[SECURITY] [DSA 1399-1] New pcre3 packages fix arbitrary code execution Florian Weimer (Nov 05)
Foresight Linux Essential Announcement Service
FLEA-2007-0066-1 ImageMagick Foresight Linux Essential Announcement Service (Nov 12)
FLEA-2007-0069-1 perl Foresight Linux Essential Announcement Service (Nov 12)
FLEA-2007-0068-1 ruby Foresight Linux Essential Announcement Service (Nov 12)
FLEA-2007-0064-1 pcre Foresight Linux Essential Announcement Service (Nov 12)
FLEA-2007-0067-1 pidgin Foresight Linux Essential Announcement Service (Nov 12)
FLEA-2007-0065-1 libpng Foresight Linux Essential Announcement Service (Nov 12)
FLEA-2007-0063-1 perl Foresight Linux Essential Announcement Service (Nov 12)
Frank Guthausen
Re: Standing Up Against German Laws - Project HayNeedle Frank Guthausen (Nov 14)
FreeBSD Security Advisories
FreeBSD Security Advisory FreeBSD-SA-07:09.random FreeBSD Security Advisories (Nov 29)
FreeBSD Security Advisory FreeBSD-SA-07:10.gtar FreeBSD Security Advisories (Nov 29)
Gadi Evron
RE: mac trojan in-the-wild Gadi Evron (Nov 02)
Re: [botnets] re MAC trojan (fwd) Gadi Evron (Nov 02)
the heart of the problem [was: RE: mac trojan in-the-wild] Gadi Evron (Nov 02)
Re: [Full-disclosure] Warning: Hackers hijacking unused IP Addresses inside Trusted domains [POC] Gadi Evron (Nov 21)
mac trojan in-the-wild Gadi Evron (Nov 01)
gandlf
Re: Breaking RSA: Totient indirect factorization gandlf (Nov 15)
Breaking RSA: Totient indirect factorization gandlf (Nov 14)
garys
APC Management Vulnerability garys (Nov 29)
Gerald (Jerry) Carter
[SAMBA] CVE-2007-5398 - Remote Code Execution in Samba's nmbd Gerald (Jerry) Carter (Nov 15)
[SAMBA] CVE-2007-4572 - GETDC mailslot processing buffer overrun in nmbd Gerald (Jerry) Carter (Nov 15)
gg_vuln
Re: Gadu-Gadu Local/Remote Buffer Overflow vulnerability gg_vuln (Nov 22)
Giuseppe Gottardi
SiteMinder Agent: Cross Site Scripting Giuseppe Gottardi (Nov 07)
gmdarkfig
JBC Explorer <= V7.20 RC 1 Remote Code Execution Exploit gmdarkfig (Nov 05)
Graeme Fowler
Re: Certificate spoofing issue with Mozilla, Konqueror, Safari 2 Graeme Fowler (Nov 19)
Guns
PhpNuke (add-on) MS TopSites Edit Exploit And Html Injection Guns (Nov 06)
PHP-Nuke Module Advertising Blind SQL Injection Guns (Nov 12)
IDMOS v1.0 Alpha Multiple RFI Vulnerability Guns (Nov 06)
sBlog 0.7.3 Beta Cross Site Request Forgery Guns (Nov 01)
gynvael
Re: Re: Re: Re: Re: Gadu-Gadu Local/Remote Buffer Overflow vulnerability gynvael (Nov 23)
Re: Re: Re: Gadu-Gadu Local/Remote Buffer Overflow vulnerability gynvael (Nov 23)
h3llcode
SMF .htaccess bypass h3llcode (Nov 06)
Simple Machine Forum - Private section/posts/info disclosure h3llcode (Nov 08)
Hanno Böck
CVE-2007-3694: Cross site scripting (XSS) in broadcast machine Hanno Böck (Nov 12)
Henrik Langos
Re: Comments re ISC's announcement on bind9 security Henrik Langos (Nov 01)
iDefense Labs
iDefense Security Advisory 11.14.07: Apple Mac OS X AppleTalk ASP Message Kernel Heap Overflow Vulnerability iDefense Labs (Nov 15)
iDefense Security Advisory 11.06.07: Microsoft DebugView Privilege Escalation Vulnerability iDefense Labs (Nov 06)
iDefense Security Advisory 11.14.07: Apple Mac OS X AppleTalk Socket IOCTL Kernel Stack Buffer Overflow Vulnerability iDefense Labs (Nov 15)
iDefense Security Advisory 11.12.07: Novell NetWare Client Local Privilege Escalation Vulnerability iDefense Labs (Nov 13)
iDefense Security Advisory 11.14.07: Apple Mac OS X Mach Port Inheritance Privilege Escalation Vulnerability iDefense Labs (Nov 15)
iDefense Security Advisory 11.05.07: Apple QuickTime Panorama Sample Atom Heap Buffer Overflow Vulnerability iDefense Labs (Nov 05)
iDefense Security Advisory 11.02.07: Sun Microsystems Solaris srsexec Format String Vulnerability iDefense Labs (Nov 05)
iDefense Security Advisory 11.12.07: WinPcap NPF.SYS bpf_filter_init Arbitrary Array Indexing Vulnerability iDefense Labs (Nov 12)
iDefense Security Advisory 11.07.07: Oracle 10g R2 PITRIG_DROPMETADATA Buffer Overflow Vulnerability iDefense Labs (Nov 07)
iDefense Security Advisory 11.09.07: AOL AmpX ActiveX Control Multiple Buffer Overflow Vulnerabilities iDefense Labs (Nov 10)
iDefense Security Advisory 11.09.07: IBM Informix Dynamic Server DBLANG Directory Traversal Vulnerability iDefense Labs (Nov 10)
iDefense Security Advisory 11.14.07: Apple Mac OS X AppleTalk mbuf Kernel Heap Overflow Vulnerability iDefense Labs (Nov 15)
imipak
Re: Standing Up Against German Laws - Project HayNeedle imipak (Nov 14)
info
VigileCMS 1.4 Multiple Remote Vulnerabilities info (Nov 19)
Digital Armaments November-December Hacking Challenge: Diffuse Client Application (10.000$ extra) info (Nov 29)
IRM Research
IRM025: TIBCO Rendezvous RVD Daemon Remote Memory Leak DoS IRM Research (Nov 29)
Six Remote Memory Corruption Vulnerabilities in IBM WebSphere MQ 6.0 IRM Research (Nov 14)
Creating Backdoors in Cisco IOS using Tcl IRM Research (Nov 27)
ISecAuditors Security Advisories
[ISecAuditors Security Advisories] VTLS.web.gateway cgi is vulnerable to XSS ISecAuditors Security Advisories (Nov 13)
[ISecAuditors Security Advisories] Cygwin buffer overflow due incorrect filename length check ISecAuditors Security Advisories (Nov 24)
j00ru . vx
Re: Re: Gadu-Gadu Local/Remote Buffer Overflow vulnerability j00ru . vx (Nov 23)
Gadu-Gadu Local/Remote Buffer Overflow vulnerability j00ru . vx (Nov 22)
Jacob Appelbaum
Re: 27Mhz based wireless security insecurities - Aka - "We know what you typed last summer" Jacob Appelbaum (Nov 30)
Jamie Strandboge
[USN-542-2] KOffice vulnerabilities Jamie Strandboge (Nov 15)
[USN-544-1] Samba vulnerabilities Jamie Strandboge (Nov 16)
[USN-544-2] Samba regression Jamie Strandboge (Nov 17)
Jan Münther
Re: Win2K3 Priv Escalation Jan Münther (Nov 28)
Jan Newger
Re: [Full-disclosure] Standing Up Against German Laws - Project HayNeedle Jan Newger (Nov 12)
Jason Muskat de VE3TSJ - GCFA, GCUX, CEI, CEH
Re: Banks (Wellsfargo.com) using CDNs to deliver Javascript: enables password theft by anyone compromising or controlling the CDN Jason Muskat de VE3TSJ - GCFA, GCUX, CEI, CEH (Nov 21)
J. Carlos Nieto
Re: Gekko <=0.8.2 (temp directory) Path Disclosure J. Carlos Nieto (Nov 28)
Jeimy Cano
National Computer and Information Security Conferences ACIS 2008 - COLOMBIA Jeimy Cano (Nov 27)
jf
Re: [Full-disclosure] Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability jf (Nov 19)
Jim Harrison
RE: mac trojan in-the-wild Jim Harrison (Nov 02)
Jindrich Kubec
Re: Simple Machine Forum - Private section/posts/info disclosure Jindrich Kubec (Nov 09)
joel
Banks (Wellsfargo.com) using CDNs to deliver Javascript: enables password theft by anyone compromising or controlling the CDN joel (Nov 20)
johan beisser
Re: Standing Up Against German Laws - Project HayNeedle johan beisser (Nov 12)
Re: [Full-disclosure] Standing Up Against German Laws - Project HayNeedle johan beisser (Nov 13)
Re: Standing Up Against German Laws - Project HayNeedle johan beisser (Nov 12)
Re: Standing Up Against German Laws - Project HayNeedle johan beisser (Nov 13)
Joseph . giron13
ExoPHPdesk user profile XSS / profile SQL injection Joseph . giron13 (Nov 13)
GWextranet Multiple Vulnerabilites Joseph . giron13 (Nov 21)
E-vanced Solutions Multiple Vulnerabilites Joseph . giron13 (Nov 21)
phphelpdesk Multiple vulnerabilities Joseph . giron13 (Nov 03)
jplopezy
Bitcomet Resource Browser v1.1 XSS jplopezy (Nov 24)
Juergen Schmidt
Leopard's firewall damages Skype and WoW Juergen Schmidt (Nov 05)
Juha-Matti Laurio
Cryptome: NSA has access to Windows Mobile smartphones Juha-Matti Laurio (Nov 01)
Re: Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability Juha-Matti Laurio (Nov 19)
justin
Win2K3 Priv Escalation justin (Nov 27)
Justin@ESC
Re: Win2K3 Priv Escalation Justin@ESC (Nov 28)
Kapetanakis Giannis
Re: Certificate spoofing issue with Mozilla, Konqueror, Safari 2 Kapetanakis Giannis (Nov 20)
Re: Certificate spoofing issue with Mozilla, Konqueror, Safari 2 Kapetanakis Giannis (Nov 19)
Kees Cook
[USN-549-1] PHP vulnerabilities Kees Cook (Nov 29)
[USN-543-1] VMWare vulnerabilities Kees Cook (Nov 15)
[USN-546-1] Firefox vulnerabilities Kees Cook (Nov 27)
[USN-540-1] flac vulnerability Kees Cook (Nov 13)
[USN-545-1] link-grammar vulnerability Kees Cook (Nov 27)
[USN-548-1] Pidgin vulnerability Kees Cook (Nov 28)
[USN-539-1] CUPS vulnerability Kees Cook (Nov 06)
[USN-537-2] Compiz vulnerability Kees Cook (Nov 02)
[USN-541-1] Emacs vulnerability Kees Cook (Nov 13)
[USN-547-1] PCRE vulnerabilities Kees Cook (Nov 27)
[USN-542-1] poppler vulnerabilities Kees Cook (Nov 14)
kingoftheworld92
Eurologon CMS Db credentials disclosure / files download kingoftheworld92 (Nov 27)
Synergiser <= 1.2 RC1 Local File Inclusion & Full path disclosure kingoftheworld92 (Nov 01)
Tilde CMS <= v. 4.x "aarstal" parameter of "yeardetail" SQL Injection kingoftheworld92 (Nov 26)
PBLang <= 4.99.17.q Remote File Rewriting / Remote Command Execution kingoftheworld92 (Nov 24)
Scribe <= 2.0 Remote PHP Code Execution kingoftheworld92 (Nov 02)
Re: PHP-Nuke NSN Script Depository module <= 1.0.3 Remote Source / DB Credentials Disclosure kingoftheworld92 (Nov 26)
Eurologon CMS Multiple SQL Injection kingoftheworld92 (Nov 27)
PHP-Nuke NSN Script Depository module <= 1.0.3 Remote Source / DB Credentials Disclosure kingoftheworld92 (Nov 26)
klynn . securityfocus
Re: Simple Machine Forum - Private section/posts/info disclosure klynn . securityfocus (Nov 09)
Kurt Dillard
RE: Cryptome: NSA has access to Windows Mobile smartphones Kurt Dillard (Nov 01)
L4teral
AutoIndex <= 2.2.2 Cross Site Scripting and Denial of Service L4teral (Nov 12)
laurent . gaffie
Konqueror Remote Denial Of Service laurent . gaffie (Nov 14)
PHP <= 5.2.5 Gettext Lib Multiple Denial of service laurent . gaffie (Nov 13)
PHP <= 5.2.5 stream_wrapper_register() denial of service laurent . gaffie (Nov 13)
Luigi Auriemma
Crash in LIVE555 Media Server 2007.11.01 Luigi Auriemma (Nov 19)
Skype DoS mail (Nov 26)
Matt Ausmus
RE: Win2K3 Priv Escalation Matt Ausmus (Nov 28)
Matt D. Harris
Re: SMF .htaccess bypass Matt D. Harris (Nov 06)
Re: Standing Up Against German Laws - Project HayNeedle Matt D. Harris (Nov 12)
Matthew Leeds
Re[2]: Microsoft FTP Client Multiple Bufferoverflow Vulnerability Matthew Leeds (Nov 30)
Re: mac trojan in-the-wild Matthew Leeds (Nov 01)
Max Moser
27Mhz based wireless security insecurities - Aka - "We know what you typed last summer" Max Moser (Nov 30)
MC Iglo
Aida-Web Information Exposure MC Iglo (Nov 15)
Memisyazici, Aras
RE: mac trojan in-the-wild Memisyazici, Aras (Nov 02)
mesut
Eggblog v3.1.0 XSS Vulnerability mesut (Nov 12)
michael
Re: Creating Backdoors in Cisco IOS using Tcl michael (Nov 27)
Michal Zalewski
Re: Certificate spoofing issue with Mozilla, Konqueror, Safari 2 Michal Zalewski (Nov 19)
mj
[CVE-2007-5741] Plone: statusmessages and linkintegrity unsafe network data hotfix mj (Nov 06)
morin . josh
PHPSlideShow XSS Update morin . josh (Nov 27)
Liferay Enterprise Portal multiple XSS morin . josh (Nov 27)
Moritz Muehlenhoff
[SECURITY] [DSA 1411-1] New libopenssl-ruby packages fix insecure SSL certificate validation Moritz Muehlenhoff (Nov 26)
[SECURITY] [DSA 1408-1] New kdegraphics packages fix arbitrary code execution Moritz Muehlenhoff (Nov 21)
[SECURITY] [DSA 1416-1] New tk8.3 packages fix arbitrary code execution Moritz Muehlenhoff (Nov 27)
[SECURITY] [DSA 1414-1] New wireshark packages fix several vulnerabilities Moritz Muehlenhoff (Nov 27)
[SECURITY] [DSA 1397-1] New mono packages fix integer overflow Moritz Muehlenhoff (Nov 03)
[SECURITY] [DSA 1412-1] New ruby1.9 packages fix insecure SSL certificate validation Moritz Muehlenhoff (Nov 26)
[SECURITY] [DSA 1410-1] New ruby1.8 packages fix insecure SSL certificate validation Moritz Muehlenhoff (Nov 26)
[SECURITY] [DSA 1401-1] New iceape packages fix several vulnerabilities Moritz Muehlenhoff (Nov 06)
[SECURITY] [DSA 1415-1] New tk8.4 packages fix arbitrary code execution Moritz Muehlenhoff (Nov 27)
[SECURITY] [DSA 1407-1] New cupsys packages fix arbitrary code execution Moritz Muehlenhoff (Nov 19)
Network Protocol Security
Re: Comments re ISC's announcement on bind9 security Network Protocol Security (Nov 01)
Nick Boyce
Re: HPSBUX02287 SSRT071485 rev.1 - HP-UX Running HP Secure Shell, Remotely Gain Extended Privileges Nick Boyce (Nov 15)
Nick FitzGerald
Re: mac trojan in-the-wild Nick FitzGerald (Nov 02)
Nicolas FISCHBACH
Re: [Full-disclosure] Creating Backdoors in Cisco IOS using Tcl Nicolas FISCHBACH (Nov 27)
Nils Toedtmann
Certificate spoofing issue with Mozilla, Konqueror, Safari 2 Nils Toedtmann (Nov 19)
Re: Certificate spoofing issue with Mozilla, Konqueror, Safari 2 Nils Toedtmann (Nov 20)
nnp
Re: mac trojan in-the-wild nnp (Nov 02)
Re: [UPH-07-03] Firefly Media Server remote format string vulnerability nnp (Nov 02)
Re: [UPH-07-01] Firefly Media Server DoS nnp (Nov 02)
[UPH-07-01] Firefly Media Server DoS nnp (Nov 02)
[UPH-07-02] Firefly Media Server DoS nnp (Nov 02)
[UPH-07-03] Firefly Media Server remote format string vulnerability nnp (Nov 02)
nnposter
Citrix NetScaler Web Management XSS nnposter (Nov 19)
Citrix NetScaler Web Management Cookie Weakness nnposter (Nov 26)
Noah Meyerhans
[SECURITY] [DSA 1398-1] New perdition packages fix arbitrary code execution Noah Meyerhans (Nov 05)
[SECURITY] [DSA 1413-1] New mysql packages fix multiple vulnerabilities Noah Meyerhans (Nov 26)
[NO-REPLY]
MyWebFTP Password Disclosure [NO-REPLY] (Nov 06)
no-reply
Aria-Security.net: Irola My-Time v3.5 SQL Injection no-reply (Nov 23)
Aria-Security.net: NetAuctionHelp SQL Injection no-reply (Nov 22)
NetAuctionHelp Classified Ads v1.0 SQL Injection no-reply (Nov 24)
DocuSafe "Search" SQL Injection No-Reply (Nov 14)
JiRos Upload Manager SQL Injection no-reply (Nov 17)
Aria-Security.Net: MetaCart SQL Injection No-Reply (Nov 14)
Aria-Security.Net: VU Mailer (Mass Mail) "Password" SQL Injection no-reply (Nov 21)
[Aria-Security.Net] VU Case Manager "Username/Password" SQL Injection no-reply (Nov 21)
Aria-Security.net: CoolShot E-Lite POS 1.0 no-reply (Nov 24)
[Aria-Secutiy Net] Click&BaneX SQL Injection no-reply (Nov 19)
Free Forums "search" Sql Injection No-Reply (Nov 14)
Re: Re: Aria-Security.net: NetAuctionHelp SQL Injection no-reply (Nov 24)
noreply
Aria-Security.Net: Gouae DWD Realty SQL Injection noreply (Nov 26)
ntn
Re: Re: Comments re ISC's announcement on bind9 security ntn (Nov 01)
Ofer Shezaf
OWASP Israel Conference 2007, Dec 3rd 2007 Ofer Shezaf (Nov 27)
OpenPKG GmbH
[OpenPKG-SA-2007.023] OpenPKG Security Advisory (perl) OpenPKG GmbH (Nov 08)
overet
Re: Re: SiteMinder Agent: Cross Site Scripting overet (Nov 09)
Paolo Perego
(tool announce) Orizon v0.50 announce Paolo Perego (Nov 01)
Paul Schmehl
Re: [Full-disclosure] Warning: Hackers hijacking unused IP Addresses inside Trusted domains [POC] Paul Schmehl (Nov 21)
Re: [Full-disclosure] mac trojan in-the-wild Paul Schmehl (Nov 02)
Paul Sebastian Ziegler
Standing Up Against German Laws - Project HayNeedle Paul Sebastian Ziegler (Nov 12)
Paul Wouters
Re: Standing Up Against German Laws - Project HayNeedle Paul Wouters (Nov 13)
pete
Oracle 0-day to get SYSDBA access pete (Nov 12)
Pete Herzog
SCARE metrics and tool release Pete Herzog (Nov 30)
Peter Besenbruch
Re: [Full-disclosure] mac trojan in-the-wild Peter Besenbruch (Nov 02)
Re: [Full-disclosure] mac trojan in-the-wild Peter Besenbruch (Nov 02)
Peter Conrad
Re: [Full-disclosure] Standing Up Against German Laws - Project HayNeedle Peter Conrad (Nov 13)
phil
PeopleAggregatory security advisory - re CVE-2007-5631 phil (Nov 12)
Pierre-Yves Rofes
[ GLSA 200711-30 ] PCRE: Multiple vulnerabilities Pierre-Yves Rofes (Nov 20)
[ GLSA 200711-20 ] Pioneers: Denial of Service Pierre-Yves Rofes (Nov 14)
[ GLSA 200711-21 ] Bochs: Multiple vulnerabilities Pierre-Yves Rofes (Nov 19)
[ GLSA 200711-22 ] Poppler, KDE: User-assisted execution of arbitrary code Pierre-Yves Rofes (Nov 19)
[ GLSA 200711-18 ] Cpio: Buffer overflow Pierre-Yves Rofes (Nov 14)
[ GLSA 200711-31 ] Net-SNMP: Denial of Service Pierre-Yves Rofes (Nov 20)
[ GLSA 200711-02 ] OpenSSH: Security bypass Pierre-Yves Rofes (Nov 02)
[ GLSA 200711-34 ] CSTeX: Multiple vulnerabilities Pierre-Yves Rofes (Nov 26)
[ GLSA 200711-03 ] Gallery: Multiple vulnerabilities Pierre-Yves Rofes (Nov 02)
[ GLSA 200711-14 ] Mozilla Firefox, SeaMonkey, XULRunner: Multiple vulnerabilities Pierre-Yves Rofes (Nov 12)
[ GLSA 200711-19 ] TikiWiki: Multiple vulnerabilities Pierre-Yves Rofes (Nov 14)
[ GLSA 200711-05 ] SiteBar: Multiple issues Pierre-Yves Rofes (Nov 06)
[ GLSA 200711-04 ] Evolution: User-assisted remote execution of arbitrary code Pierre-Yves Rofes (Nov 06)
[ GLSA 200711-23 ] VMware Workstation and Player: Multiple vulnerabilities Pierre-Yves Rofes (Nov 19)
ERRATA: [ GLSA 200711-20 ] Pioneers: Multiple Denials of Service Pierre-Yves Rofes (Nov 29)
[ GLSA 200711-01 ] gFTP: Multiple vulnerabilities Pierre-Yves Rofes (Nov 02)
[ GLSA 200711-29 ] Samba: Execution of arbitrary code Pierre-Yves Rofes (Nov 20)
[ GLSA 200711-33 ] nss_ldap: Information disclosure Pierre-Yves Rofes (Nov 26)
[ GLSA 200711-13 ] 3proxy: Denial of Service Pierre-Yves Rofes (Nov 08)
[ GLSA 200711-12 ] Tomboy: User-assisted execution of arbitrary code Pierre-Yves Rofes (Nov 08)
[ GLSA 200711-17 ] Ruby on Rails: Multiple vulnerabilities Pierre-Yves Rofes (Nov 14)
[ GLSA 200711-08 ] libpng: Multiple Denials of Service Pierre-Yves Rofes (Nov 07)
[ GLSA 200711-10 ] Mono: Buffer overflow Pierre-Yves Rofes (Nov 07)
[ GLSA 200711-24 ] Mozilla Thunderbird: Multiple vulnerabilities Pierre-Yves Rofes (Nov 19)
[ GLSA 200711-09 ] MadWifi: Denial of Service Pierre-Yves Rofes (Nov 07)
[ GLSA 200711-15 ] FLAC: Buffer overflow Pierre-Yves Rofes (Nov 12)
[ GLSA 200711-06 ] Apache: Multiple vulnerabilities Pierre-Yves Rofes (Nov 07)
[ GLSA 200711-25 ] MySQL: Denial of Service Pierre-Yves Rofes (Nov 19)
[ GLSA 200711-16 ] CUPS: Memory corruption Pierre-Yves Rofes (Nov 12)
[ GLSA 200711-27 ] Link Grammar: User-assisted execution of arbitrary code Pierre-Yves Rofes (Nov 19)
[ GLSA 200711-07 ] Python: User-assisted execution of arbitrary code Pierre-Yves Rofes (Nov 07)
[ GLSA 200711-11 ] Nagios Plugins: Two buffer overflows Pierre-Yves Rofes (Nov 08)
[ GLSA 200711-32 ] Feynmf: Insecure temporary file creation Pierre-Yves Rofes (Nov 20)
[ GLSA 200711-28 ] Perl: Buffer overflow Pierre-Yves Rofes (Nov 19)
[ GLSA 200711-26 ] teTeX: Multiple vulnerabilities Pierre-Yves Rofes (Nov 19)
poc2007
Some Data of POC2007 poc2007 (Nov 28)
Quark IT - Hilton Travis
RE: Standing Up Against German Laws - Project HayNeedle Quark IT - Hilton Travis (Nov 17)
r00t
Belkin Wireless G Router DoS r00t (Nov 19)
Rajesh Sethumadhavan
Microsoft FTP Client Multiple Bufferoverflow Vulnerability Rajesh Sethumadhavan (Nov 28)
Raj Mathur
Re: Standing Up Against German Laws - Project HayNeedle Raj Mathur (Nov 14)
Raymond Pete
Re: Airkiosk/formlib application is XSS vuln Raymond Pete (Nov 01)
research
PR07-02: XSS on Liferay Portal Enterprise 4.1.1 login page ('login' parameter) research (Nov 15)
PR07-13: Cross-site Scripting / HTML injection on F5 FirePass 4100 SSL VPN 'download_plugin.php3' server-side script research (Nov 12)
Two XSS on Blue Coat ProxySG Management Console research (Nov 01)
Cisco IOS Shellcode Research (Nov 12)
PR07-15: Cross-site Scripting (XSS) / HTML injection on F5 FirePass 4100 SSL VPN 'my.logon.php3' server-side script research (Nov 30)
PR07-14: Cross-site Scripting (XSS) / HTML injection on F5 FirePass 4100 SSL VPN 'my.activation.php3' server-side script research (Nov 30)
PR07-37: XSS on Apache HTTP Server 413 error pages via malformed HTTP method research (Nov 30)
PR07-26: Persistent XSS on Aruba 800 Mobility Controller's login page research (Nov 15)
RISE Security
[RISE-2007004] Apple Mac OS X 10.4.x Kernel i386_set_ldt() Integer Overflow Vulnerability RISE Security (Nov 16)
Robert McArdle
Re: mac trojan in-the-wild Robert McArdle (Nov 02)
Roger A. Grimes
RE: mac trojan in-the-wild Roger A. Grimes (Nov 02)
RE: mac trojan in-the-wild Roger A. Grimes (Nov 02)
Roman Medina-Heigl Hernandez
DoS Exploit for DHCPd bug (Bugtraq ID 25984 ; CVE-2007-5365) Roman Medina-Heigl Hernandez (Nov 02)
Roman Shirokov
Re: IM upgrade automated social engineering attack Roman Shirokov (Nov 06)
root
Re: Simple Machines Forum multiple sql injection flaws with exploit code. root (Nov 22)
xoops mylinks module - sql injection root (Nov 09)
rPath Update Announcements
rPSA-2007-0245-2 kernel rPath Update Announcements (Nov 21)
rPSA-2007-0252-1 cups poppler tetex tetex-afm tetex-dvips tetex-fonts tetex-latex tetex-xdvi rPath Update Announcements (Nov 28)
rPSA-2007-0254-1 idle python rPath Update Announcements (Nov 30)
rPSA-2007-0242-1 php5 php5-cgi php5-mysql php5-pear php5-pgsql php5-soap php5-xsl rPath Update Announcements (Nov 19)
rPSA-2007-0241-1 samba samba-swat rPath Update Announcements (Nov 17)
rPSA-2007-0231-1 pcre rPath Update Announcements (Nov 06)
rPSA-2007-0245-1 kernel rPath Update Announcements (Nov 21)
rPSA-2007-0243-1 flac rPath Update Announcements (Nov 21)
rPSA-2007-0232-1 perl rPath Update Announcements (Nov 06)
rx
Re: Re: Simple Machine Forum - Private section/posts/info disclosure rx (Nov 12)
sales
Re: Bosdev Multiple vulnerabilities sales (Nov 13)
sdfkjsomcoismwevoiweo
Re: Re: Re: Re: Gadu-Gadu Local/Remote Buffer Overflow vulnerability sdfkjsomcoismwevoiweo (Nov 23)
secse08
CFP: International workshop on Secure Software Engineering - Deadline extended! secse08 (Nov 01)
Secunia Research
Secunia Research: AbiWord Link Grammar "separate_sentence()" Buffer Overflow Secunia Research (Nov 07)
Secunia Research: Xpdf "Stream.cc" Multiple Vulnerabilities Secunia Research (Nov 07)
Secunia Research: Samba "reply_netbios_packet()" Buffer Overflow Vulnerability Secunia Research (Nov 15)
Secunia Research: Symantec Backup Exec Job Engine Denial of Service Secunia Research (Nov 28)
Secunia Research: ACDSee Products Image and Archive Plug-ins Buffer Overflows Secunia Research (Nov 02)
Secunia Research: Link Grammar "separate_sentence()" Buffer Overflow Secunia Research (Nov 07)
Secure
SYM07-029 Symantec BEWS Multiple DoS in Job Engine Secure (Nov 28)
security
[ MDKSA-2007:214 ] - Updated flac packages fix vulnerability security (Nov 09)
Wheatblog (wB) Remote File inclusion .. security (Nov 22)
[ MDKSA-2007:233 ] - Updated cpio package fixes buffer overflow and directory traversal vulnerabilities security (Nov 28)
[ MDKSA-2007:224-3 ] - Updated samba packages fix regressions security (Nov 30)
[ MDKSA-2007:217 ] - Updated libpng packages fix multiple vulnerabilities security (Nov 13)
[ MDKSA-2007:204-1 ] - Updated cups packages fix vulnerability security (Nov 12)
[ MDKSA-2007:224 ] - Updated samba packages fix vulnerabilities security (Nov 17)
[ MDKSA-2007:204 ] - Updated cups packages fix vulnerability security (Nov 01)
[ MDKSA-2007:205 ] - Updated opal packages fix vulnerability security (Nov 02)
[ MDKSA-2007:232 ] - Updated kernel packages fix multiple vulnerabilities and bugs security (Nov 28)
[ MDKSA-2007:225 ] - Updated net-snmp packages fix remote denial of service vulnerability security (Nov 19)
[ MDKSA-2007:213 ] - Updated pcre packages fix vulnerability security (Nov 08)
[ MDKSA-2007:222 ] - Updated koffice packages fix vulnerabilities security (Nov 17)
[ MDKSA-2007:208 ] - Updated ghostscript packages fix vulnerability security (Nov 06)
[ MDKSA-2007:224-2 ] - Updated samba packages fix vulnerabilities security (Nov 23)
GetBlog local File inclusion .. security (Nov 22)
[ MDKSA-2007:209 ] - Updated netpbm packages fix vulnerability security (Nov 06)
[ MDKSA-2007:226 ] - Updated kernel packages fix multiple vulnerabilities and bugs security (Nov 19)
[ MDKSA-2007:224-1 ] - Updated samba packages fix vulnerabilities security (Nov 22)
[ MDKSA-2007:229 ] - Updated phpMyAdmin packages fix multiple vulnerabilities security (Nov 20)
[ MDKSA-2007:206 ] - Updated pwlib packages fix vulnerability security (Nov 03)
[ MDKSA-2007:221 ] - Updated kdegraphics packages fix vulnerabilities in kpdf security (Nov 16)
[ MDKSA-2007:203 ] - Updated xen packages fix multiple vulnerabilities security (Nov 01)
[ MDKSA-2007:215 ] - Updated openldap packages fix vulnerability security (Nov 09)
[ MDKSA-2007:228 ] - Updated cups packages fix vulnerabilities security (Nov 20)
[ MDKSA-2007:219 ] - Updated xpdf packages fix vulnerabilities security (Nov 15)
[ MDKSA-2007:220 ] - Updated gpdf packages fix vulnerabilities security (Nov 15)
[ MDKSA-2007:231 ] - Updated cacti packages fix SQL injection vulnerability security (Nov 22)
MyBlog (MyCMS) Remote PHP Code execution / PHP Code injection .. security (Nov 22)
[ MDKSA-2007:230 ] - Updated tetex packages fix vulnerabilities security (Nov 21)
[ MDKSA-2007:207 ] - Updated perl packages fix vulnerability security (Nov 06)
[ MDKSA-2007:216 ] - Updated kernel packages fix multiple vulnerabilities and bugs security (Nov 13)
[ MDKSA-2007:233 ] - Updated cpio package fixes buffer overflow and directory traversal vulnerabilities security (Nov 28)
[ MDKSA-2007:212 ] - Updated pcre packages fix vulnerability security (Nov 08)
[ MDKSA-2007:218 ] - Updated mono packages fix arbitrary code execution vulnerability security (Nov 14)
[ MDKSA-2007:227 ] - Updated poppler packages fix vulnerabilities security (Nov 20)
[ MDKSA-2007:211 ] - Updated pcre packages fix vulnerability security (Nov 08)
[ MDKSA-2007:223 ] - Updated pdftohtml packages fix vulnerabilities security (Nov 17)
[ MDKSA-2007:210 ] - Updated xfs package prevents arbitrary code execution vulnerabilities security (Nov 06)
security-alert
[security bulletin] HPSBUX02284 SSRT071483 rev.2 - HP-UX Running Java JRE and JDK, Remote Unauthorized Access security-alert (Nov 15)
HPSBUX02287 SSRT071485 rev.1 - HP-UX Running HP Secure Shell, Remotely Gain Extended Privileges security-alert (Nov 12)
[security bulletin] HPSBMA02288 SSRT071465 rev.1 - HP OpenView Operations (OVO) Running on HP-UX and Solaris, Remote Unauthorized Access, Denial of Service (DoS) security-alert (Nov 14)
[security bulletin] HPSBUX02251 SSRT071449 rev.3 - HP-UX Running BIND, Remote DNS Cache Poisoning security-alert (Nov 27)
[security bulletin] HPSBUX02289 SSRT071461 rev.1 - HP-UX Running BIND 8, Remote DNS Cache Poisoning security-alert (Nov 20)
[security bulletin] HPSBUX02292 SSRT071499 rev.1 - HP-UX Running Apache, Remote Execution of Arbitrary Code security-alert (Nov 29)
HPSBST02291 SSRT071498 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS07-061 and MS07-062 security-alert (Nov 26)
[security bulletin] HPSBMA02283 SSRT071319 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Cross Site Scripting (XSS) security-alert (Nov 29)
[security bulletin] HPSBUX02285 SSRT071484 rev.1 - HP-UX Running Aries PA Emulator, Local Unauthorized Access security-alert (Nov 08)
securityfocus
Re: SiteMinder Agent: Cross Site Scripting securityfocus (Nov 08)
shadown
Some hashes for the record shadown (Nov 15)
Shane Kerr
Re: Comments re ISC's announcement on bind9 security Shane Kerr (Nov 02)
Re: Comments re ISC's announcement on bind9 security Shane Kerr (Nov 02)
skien
Re: Airkiosk/formlib application is XSS vuln skien (Nov 01)
Sowhat
Vulnerability Hash Database - Maillist Sowhat (Nov 19)
AhnLab AntiVirus Remote Kernel Memory Corruption Sowhat (Nov 16)
Stefano Zanero
Re: Standing Up Against German Laws - Project HayNeedle Stefano Zanero (Nov 13)
Steve Kemp
[SECURITY] [DSA 1409-3] New samba packages fix several vulnerabilities Steve Kemp (Nov 29)
[SECURITY] [DSA 1402-1] New gforge packages fix several vulnerabilities Steve Kemp (Nov 07)
[SECURITY] [DSA 1409-2] New samba packages fix several vulnerabilities Steve Kemp (Nov 26)
[SECURITY] [DSA 1409-1] New samba packages fix several vulnerabilities Steve Kemp (Nov 22)
Steven J. Murdoch
Wordpress Cookie Authentication Vulnerability Steven J. Murdoch (Nov 19)
Steve Shockley
Re: Microsoft FTP Client Multiple Bufferoverflow Vulnerability Steve Shockley (Nov 29)
support
Re: Aria-Security.net: NetAuctionHelp SQL Injection support (Nov 24)
sys-project
PHPSlideShow (toonchapter8.php) Cross-Site Scripting Vulnerability sys-project (Nov 26)
PHPkit 1.6.1 (include.php?path=) Remote File Inclusion sys-project (Nov 27)
SimpleGallery v0.1.3 (index.php) Cross-Site Scripting Vulnerability sys-project (Nov 26)
FMDeluxe (index.php) Cross-Site Scripting Vulnerability sys-project (Nov 26)
FIGIS (FILogin.do) Bypass SQL Injection Vulnerability sys-project (Nov 26)
Gekko <=0.8.2 (temp directory) Path Disclosure sys-project (Nov 28)
Calendar Proverbs <=1.1 (caladmin.php) Remote SQL Injection sys-project (Nov 26)
JLMForo System (modificarPerfil.php) Cross-Site Scripting Vulnerability sys-project (Nov 26)
TeLeMan
QEMU code_gen_buffer overflow POC TeLeMan (Nov 30)
The Asterisk Development Team
AST-2007-024 - Fallacious security advisory spread on the Internet involving buffer overflow in Zaptel's sethdlc application The Asterisk Development Team (Nov 08)
Theo de Raadt
Re: Comments re ISC's announcement on bind9 security Theo de Raadt (Nov 01)
thesinoda
DOS in Realplayer 11 ActiveX on Win Vista and Win XP SP2 thesinoda (Nov 30)
thetaung
Javamail login username and password same email problem thetaung (Nov 16)
Thijs Kinkhorst
[SECURITY] [DSA 1405-1] New zope-cmfplone packages fix arbitrary code execution Thijs Kinkhorst (Nov 10)
[SECURITY] [DSA 1404-1] New gallery2 packages fix privilege escalation Thijs Kinkhorst (Nov 08)
[SECURITY] [DSA 1405-2] New zope-cmfplone packages fix regression Thijs Kinkhorst (Nov 12)
[SECURITY] [DSA 1403-1] New phpmyadmin packages fix cross-site scripting Thijs Kinkhorst (Nov 08)
[SECURITY] [DSA 1406-1] New horde3 packages fix several vulnerabilities Thijs Kinkhorst (Nov 10)
Thor (Hammer of God)
RE: mac trojan in-the-wild Thor (Hammer of God) (Nov 02)
RE: mac trojan in-the-wild Thor (Hammer of God) (Nov 01)
RE: Win2K3 Priv Escalation Thor (Hammer of God) (Nov 28)
Tim
Re: Comments re ISC's announcement on bind9 security Tim (Nov 02)
Re: Comments re ISC's announcement on bind9 security Tim (Nov 01)
Re: Comments re ISC's announcement on bind9 security Tim (Nov 05)
Tobias Klein
[TKADV2007-001] Mac OS X TIOCSETD IOCTL Kernel Memory Corruption Vulnerability Tobias Klein (Nov 15)
Valdis . Kletnieks
Re: Standing Up Against German Laws - Project HayNeedle Valdis . Kletnieks (Nov 13)
Re: Microsoft FTP Client Multiple Bufferoverflow Vulnerability Valdis . Kletnieks (Nov 29)
verys-secret
net-finity (links.php) Remote SQL Injection Vulnerability verys-secret (Nov 17)
Myspace Clone Script (index.php) Remote File Inclusion Vulnerability verys-secret (Nov 17)
Black Lily 2007 (products.php class) Remote SQL Injection Vulnerability verys-secret (Nov 17)
Vincent Archer
Re: Microsoft FTP Client Multiple Bufferoverflow Vulnerability Vincent Archer (Nov 30)
VulnerabilityResearch
2007-06 Sentinel Protection Server Directory Traversal VulnerabilityResearch (Nov 26)
Watson Ladd
Re: Breaking RSA: Totient indirect factorization Watson Ladd (Nov 16)
wegotyourbox
[0day Remote Command Execution] VigileCMS <= 1.8 Stealth wegotyourbox (Nov 23)
Williams, James K
Re: SiteMinder Agent: Cross Site Scripting Williams, James K (Nov 09)
zdi-disclosures
ZDI-07-062: RealNetworks RealPlayer PLS File Memory Corruption Vulnerability zdi-disclosures (Nov 01)
ZDI-07-063: RealPlayer RA Field Size File Processing Heap Oveflow Vulnerability zdi-disclosures (Nov 01)
ZDI-07-058: Oracle E-Business Suite SQL Injection Vulnerability zdi-disclosures (Nov 01)
ZDI-07-060: HP OpenView Radia Integration Server File System Exposure Vulnerability zdi-disclosures (Nov 01)
ZDI-07-065: Apple QuickTime Color Table RGB Parsing Heap Corruption Vulnerability zdi-disclosures (Nov 05)
ZDI-07-059: Verity KeyView SDK Multiple File Format Parsing Vulnerabilities zdi-disclosures (Nov 01)
ZDI-07-068: Apple QuickTime Uncompressedfile Opcode Stack Overflow Vulnerability zdi-disclosures (Nov 05)
ZDI-07-067: Apple QuickTime PICT File Poly Opcodes Heap Corruption Vulnerability zdi-disclosures (Nov 05)
ZDI-07-061: RealNetworks RealPlayer SWF Processing Remote Code Execution Vulnerability zdi-disclosures (Nov 01)
ZDI-07-064: Novell Client Trust Heap Overflow Vulnerability zdi-disclosures (Nov 01)
ZDI-07-066: Apple Quicktime PICT File PackBitsRgn Parsing Heap Corruption Vulnerability zdi-disclosures (Nov 05)
ZDI-07-069: CA BrightStor ARCserve Backup Message Engine Insecure Method Exposure Vulnerability zdi-disclosures (Nov 26)
zero-x
Remote Shell Command Execution in "KB-Bestellsystem" (amensa-soft.de) zero-x (Nov 22)