Bugtraq: by date
RSS Feed
About List
All Lists
Previous period
323 messages
starting Apr 01 08 and
ending Apr 30 08
Date index |
Thread index |
Author index
Tuesday, 01 April
iDefense Security Advisory 03.31.08: Macrovision InstallShield InstallScript One-Click Install Untrusted Library Loading Vulnerability iDefense Labs
EasyNews-40tr Multiple Remote Vulnerabilities (SQL Injection Exploit/XSS/LFI) irancrash
[SECURITY] [DSA 1536-1] New libxine packages fix several vulnerabilities Thijs Kinkhorst
CAU-2008-0001 - Slowly Closing Door Race Condition I)ruid
Terracotta Personal Edition Multiple vulnerabilities joseph . giron13
cevado technologies real estate CMS SQL injection joseph . giron13
[SECURITY] [DSA 1533-2] New exiftags packages fix several vulnerabilities Devin Carraway
TCP/IP security vulnerability disclosed J. Oquendo
[ GLSA 200804-01 ] CUPS: Multiple vulnerabilities Robert Buchholz
Re: Internet explorer 7.0 spoofing Razi Shaban
Re: Re: Internet explorer 7.0 spoofing w0lfd33m
Re: Hamachi Password Disclosure Vulnerability anonymous
Wednesday, 02 April
RE: Internet explorer 7.0 spoofing Darth Jedi
Re: Re: Re: Internet explorer 7.0 spoofing jplopezy
Writers Block SQL Injection Vulnerabilities nebelfrost23
HPSBMA02317 SSRT080026 rev.1 - HP Select Identity Software, Gain Unauthorized Access security-alert
Datalife Engine 6.7 XSRF irancrash
[USN-597-1] OpenSSH vulnerability Kees Cook
HPSBTU02325 SSRT080006 rev.1 - HP Internet Express for Tru64 UNIX running PostgreSQL, Arbitrary Code Execution, Privilege Elevation, or Denial of Service (DoS) security-alert
ANNOUNCE: Apache-SSL security release - apache_1.3.41+ssl_1.59 Adam Laurie
Directory traversal in LANDesk Management Suite 8.80.1.1 Luigi Auriemma
RE: Internet explorer 7.0 spoofing Mike Diaz
[ MDVSA-2008:081 ] - Updated CUPS packages fix multiple vulnerabilities security
Thursday, 03 April
[SECURITY] [DSA 1537-1] New xpdf packages fix multiple vulnerabilities Devin Carraway
[ GLSA 200804-02 ] bzip2: Denial of Service Pierre-Yves Rofes
Webwasher Denial of Service Vulnerability security
[USN-588-2] MySQL regression Jamie Strandboge
[USN-598-1] CUPS vulnerabilities Jamie Strandboge
Vulnerabilities in kses-based HTML filters lpilorz
Joomla Component com_lms SQL Injection no-reply
Recon 2008 CFP last call, early registration open Recon Conference
Parallels virtuozzo's VZPP multiple csrf vulnerabilities poplix
Cisco Security Advisory: Cisco Unified Communications Disaster Recovery Framework Command Execution Vulnerability Cisco Systems Product Security Incident Response Team
POC2008 call for papers pocadm
Friday, 04 April
ZDI-08-014: Apple Quicktime Multiple Opcode Memory Corruption Vulnerabilities zdi-disclosures
ZDI-08-018: Apple QuickTime Run Length Encoding Heap Overflow Vulnerability zdi-disclosures
Medium security hole affecting Festival on Debian unstable/testing and Ubuntu Hardy Heron Tim Brown
ZDI-08-016: Apple QuickTime MP4A Atom Parsing Heap Corruption Vulnerability zdi-disclosures
ZDI-08-015: Apple QuickTime Clipping Region Heap Overflow Vulnerability zdi-disclosures
ZDI-08-017: Apple QuickTime Kodak Encoding Heap Overflow Vulnerability zdi-disclosures
CA Alert Notification Server Multiple Vulnerabilities Williams, James K
iDefense Security Advisory 04.02.08: Symantec Internet Security 2008 ActiveDataInfo.LaunchProcess Design Error Vulnerability iDefense Labs
ZDI-08-019: Apple QuickTime Malformed VR obji Atom Parsing Memory Corruption Vulnerability zdi-disclosures
CA ARCserve Backup for Laptops and Desktops Server and CA Desktop Management Suite Multiple Vulnerabilities Williams, James K
KwsPHP Module ConcoursPhoto XSS hsx
[security bulletin] HPSBMA02323 SSRT080032 rev.1 - HP USB Floppy Drive Key (Option) for ProLiant Servers, Local Virus Infection security-alert
CORE-2008-0314 - Orbit Downloader "Download failed" buffer overflow CORE Security Technologies Advisories
iDefense Security Advisory 04.03.08: SCO UnixWare pkgadd Directory Traversal Vulnerability iDefense Labs
iDefense Security Advisory 04.02.08: Symantec Norton Internet Security 2008 ActiveX Control Buffer Overflow Vulnerability iDefense Labs
iDefense Security Advisory 04.03.08: Computer Associates Alert Notification Service Multiple RPC Buffer Overflow Vulnerabilities iDefense Labs
[SECURITY] [DSA 1539-1] New mapserver packages fix multiple vulnerabilities Devin Carraway
[SECURITY] [DSA 1538-1] New alsaplayer packages fix arbitrary code execution Devin Carraway
rPSA-2008-0136-1 cups rPath Update Announcements
rPSA-2008-0138-1 tshark wireshark rPath Update Announcements
rPSA-2008-0139-1 gnome-ssh-askpass openssh openssh-client openssh-server rPath Update Announcements
Saturday, 05 April
F5 BIG-IP Management Interface Perl Injection nnposter
TheGreenBowVPN, Login Credentials Disclosure evilcry
Blogator-script 0.95 Change User Password Vulnerbility hadihadi_zedehal_2006
[ GLSA 200804-03 ] OpenSSH: Privilege escalation Robert Buchholz
Alkacon OpenCms sessions.jsp searchfilter XSS nnposter
Blogator-script 0.95 SQL Injection Vulnerbility hadihadi_zedehal_2006
Monday, 07 April
[ GLSA 200804-05 ] NX: User-assisted execution of arbitrary code Robert Buchholz
openMosix userspace library stack-based buffer overflow jose
Tumbleweed SecureTransport FileTransfer ActiveX Control Buffer Overflow Patrick Webster
Wikepage Opus 13 2007.2 Directory Traversal Vulnerbility virangar_nml
CDNetworks Nefficient Download(NeffyLauncher.dll) Vulnerabilities Simon Ryeo
[SECURITY] [DSA 1540-1] New lighttpd packages fix denial of service Steve Kemp
[ GLSA 200804-06 ] UnZip: User-assisted execution of arbitrary code Robert Buchholz
[ GLSA 200804-04 ] MySQL: Multiple vulnerabilities Robert Buchholz
Attack Technique: File Download Injection Jeff Williams
Multiple vulnerabilities in HP OpenView NNM 7.53 Luigi Auriemma
Tuesday, 08 April
Swiki 1.5 Multiple Cross-Site Scripting Vulnerabilities brad . antoniewicz
Re: Wikepage Opus 13 2007.2 Directory Traversal Vulnerbility yeppy
[security bulletin] HPSBMA02327 SSRT071455 rev.1 - HP Integrity Servers iLO-2 Management Processors (iLO-2 MP), Denial of Service (DoS) security-alert
WoltLab(R) Community Framework XSS and Full Path Disclosure Vulnerability Jessica Hope
licq remote DoS? Milen Rangelov
Wayport Public Access PC Authentication Bypass Weakness Pascal Cretain
New tool released : Syslog Fuzzer jaime . blasco
Microsoft Windows DNS Stub Resolver Cache Poisoning (MS08-020) Amit Klein
[security bulletin] [security bulletin] HPSBST02318 SSRT080018 rev.1 - HP Storage Essentials Software, Remote Unauthorized Access to Data security-alert
[security bulletin] HPSBMA02242 SSRT061260 rev.3 - HP OpenView Network Node Manager (OV NNM) Running Shared Trace Service, Remote Arbitrary Code Execution security-alert
Re: Multiple vulnerabilities in HP OpenView NNM 7.53 Luigi Auriemma
ZDI-08-020: Microsoft GDI WMF Parsing Heap Overflow Vulnerability zdi-disclosures
Wednesday, 09 April
iDefense Security Advisory 04.08.08: Microsoft HxTocCtrl ActiveX Control Invalid Param Heap Corruption Vulnerability iDefense Labs
[SECURITY] [DSA 1541-1] New openldap2.3 packages fix denial of service Moritz Muehlenhoff
ZDI-08-021: Adobe Flash Player DeclareFunction2 Invalid Object Use Vulnerability zdi-disclosures
CAU-2008-0002: Microsoft Windows SharePoint Services Picture Source XSS I)ruid
SAP Netweaver 6.40-7.0 Cross-Site-Scripting jaime . blasco
Pu Arcade component for Joomla - SQL injection netmantis . com
[ GLSA 200804-07 ] PECL APC: Buffer Overflow Robert Buchholz
iDefense Security Advisory 04.08.08: Microsoft Windows Graphics Rendering Engine Integer Overflow Vulnerability iDefense Labs
[SECURITY] [DSA 1542-1] New libcairo packages fix arbitrary code execution Devin Carraway
[CVE-2007-5301] alsaplayer PoC - exploit Albert Sellarès
[SECURITY] [DSA 1543-1] New vlc packages fix several vulnerabilities Devin Carraway
[ MDVSA-2008:082 ] - Updated php-apc packages fix vulnerability security
[USN-599-1] Ghostscript vulnerability Jamie Strandboge
[SECURITY] [DSA 1544-1] New pdns-recursor packages fix cache poisoning vulnerability Florian Weimer
IOActive Security Advisory: Buffer overflow in Python zlib extension module Justin Ferguson
Thursday, 10 April
Re: Alkacon OpenCms sessions.jsp searchfilter XSS a . westtermann
paFileDB 3.1 Remote SQL Injection noreply
Re: licq remote DoS? 3APA3A
[ MDVSA-2008:083 ] - Updated audit packages fix vulnerability security
[ GLSA 200804-08 ] lighttpd: Multiple vulnerabilities Tobias Heinlein
Re: openMosix userspace library stack-based buffer overflow nixpanic
Re: Re: licq remote DoS? mrangelov
EUSecWest CFP Closes April 14th (conf May 21/22 2008) Dragos Ruiu
[ GLSA 200804-10 ] Tomcat: Multiple vulnerabilities Pierre-Yves Rofes
[SECURITY] [DSA 1545-1] New rsync packages fix arbitrary code execution Moritz Muehlenhoff
[ GLSA 200804-09 ] am-utils: Insecure temporary file creation Pierre-Yves Rofes
Friday, 11 April
w2b.ru multiple products SQL Injection noreply
[USN-600-1] rsync vulnerability Kees Cook
iDefense Security Advisory 04.09.08: EMC DiskXtender File System Manager Stack Buffer Overflow Vulnerability iDefense Labs
[SECURITY] [DSA 1546-1] New gnumeric packages fix arbitrary code execution Devin Carraway
Borland InterBase 2007 "ibserver.exe" Buffer Overflow Vulnerability POC Liu Zhen Hua
iDefense Security Advisory 04.09.08: EMC DiskXtender MediaStor Format String Vulnerability iDefense Labs
iDefense Security Advisory 04.09.08: EMC DiskXtender Authentication Bypass Vulnerability iDefense Labs
WiKID wClient-PHP <= 3.0-2 Multiple XSS Vulnerabilities ascii
[ GLSA 200804-12 ] gnome-screensaver: Privilege escalation Raphael Marichez
[ GLSA 200804-11 ] policyd-weight: Insecure temporary file creation Robert Buchholz
Directory traversal and multiple Denials of Service in HP OpenView NNM 7.53 Luigi Auriemma
Trillian 3.1.9.0 DTD File Buffer Overflow david130490
IOActive Security Advisory: Incorrect input validation in PyString_FromStringAndSize() leads to multiple buffer overflows Justin Ferguson
Saturday, 12 April
[ MDVSA-2008:084 ] - Updated rsync packages fix vulnerability security
DEF CON 16 Retro Announcement! Back to Bang! The Dark Tangent
Re: WoltLab(R) Community Framework WCF 1.0.6 marc . deroche
Monday, 14 April
DEF CON 16 Retro Announcement! Back to Bang! The Dark Tangent
project announcement - oCERT - Open Source CERT Andrea Barisani
[oCERT-2008-003] libpng zero-length chunks incorrect handling Andrea Barisani
Secunia Research: Adobe Flash Player "Declare Function (V7)" Heap Overflow Secunia Research
Secunia Research: Lotus Notes kvdocve.dll Path Processing Buffer Overflow Secunia Research
OneSecurityDay 2008 - Web application auditing challenge bugtraq
Secunia Research: activePDF DocConverter Folio Flat File Parsing Buffer Overflows Secunia Research
Secunia Research: Lotus Notes htmsr.dll Buffer Overflows Secunia Research
Secunia Research: Autonomy Keyview Folio Flat File Parsing Buffer Overflows Secunia Research
Secunia Research: Symantec Mail Security Folio Flat File Parsing Buffer Overflows Secunia Research
Secunia Research: Lotus Notes Applix Graphics Parsing Vulnerabilities Secunia Research
DOINGSOFT-2008-03-10-001 - XSS issue in BOXiR2 Sebastien gioria
Secunia Research: Lotus Notes Folio Flat File Parsing Buffer Overflows Secunia Research
Secunia Research: Lotus Notes EML Reader Buffer Overflows Secunia Research
Secunia Research: HP OpenView Network Node Manager OpenView5.exe Directory Traversal Secunia Research
Secunia Research: Autonomy Keyview Applix Graphics Parsing Vulnerabilities Secunia Research
Secunia Research: Autonomy Keyview EML Reader Buffer Overflows Secunia Research
Secunia Research: Symantec Mail Security Applix Graphics Parsing Vulnerabilities Secunia Research
Secunia Research: activePDF DocConverter Applix Graphics Parsing Vulnerabilities Secunia Research
Secunia Research: Internet Explorer Data Stream Handling Vulnerability Secunia Research
S21SEC-041-en:Cezanne SW Cross-Site Scripting S21sec labs
S21SEC-042-en:Cezanne SW Cross-Site Scripting (login required) S21sec labs
S21SEC-043-en:Cezanne SW Blind SQL Injection S21sec labs
Fones Clinic Mart SQL turkish-warriorr
[USN-601-1] Squid vulnerability Jamie Strandboge
Tuesday, 15 April
Troopers08 Security Conference, April 23/24 (Munich/Germany) Enno Rey
[ GLSA 200804-15 ] libpng: Execution of arbitrary code Robert Buchholz
[ GLSA 200804-14 ] Opera: Multiple vulnerabilities Robert Buchholz
KwsPHP (Upload) Remote Code Execution Exploit ajax
[ GLSA 200804-13 ] Asterisk: Multiple vulnerabilities Robert Buchholz
Dotclear 'ecrire/images.php' Arbitrary File Upload Vulnerability Morgan ARMAND
[ MDVSA-2008:085 ] - Updated python packages fix arbitrary code execution vulnerability security
BosNews v4.0 Remote add user admin houssamix
clamav: Endless loop / hang with crafter arj, CVE-2008-1387 Hanno Böck
BosNews 2002-2006 Remote add user admin houssamix
Re: Secunia Research: Lotus Notes Folio Flat File Parsing Buffer Overflows Luigi Auriemma
[ MDVSA-2008:086 ] - Updated kernel packages fix vulnerability security
[SECURITY] [DSA 1540-2] New lighttpd packages fix denial of service Steve Kemp
Koobi CMS 4.2.4/4.2.5/4.3.0 Multiple Remote SQL Injection Vulnerabilities sys-project
WordPress 2.5 - Salt cracking vulnerability J. Carlos Nieto
Koobi Pro 6.25 poll Remote SQL Injection Vulnerability Sabun
remote file include win32 . exe
iDefense Security Advisory 04.14.08: ClamAV libclamav PE WWPack Heap Overflow Vulnerability iDefense Labs
remote file include win32 . exe
DIVX Player <= 6.7.0 Buffer Overflow PoC ( .SRT ) securfrog
[ MDVSA-2008:086 ] - Updated kernel packages fix vulnerability security
Wednesday, 16 April
Oracle - SQL Injection in package SDO_GEOM [DB06] ak
Carbon Communities forum Multiple Vulnerabilities. admin
BigAnt Server 2.2 PreAuth Remote SEH Overflow Exploit (0day) admin
VMSA-2008-0007 Moderate Updated Service Console packages pcre, net-snmp, and OpenPegasus VMware Security team
Oracle - SQL Injection in package SDO_IDX [DB07] ak
Oracle - SQL Injection Vulnerability in SDO_UTIL [DB05] ak
[INFIGO-2008-04-08]: ICQ 6 remote buffer overflow vulnerability infocus
Oracle - Hardcoded Password and Password Reset of OUTLN User [DB13] ak
Cisco Security Advisory: Cisco Network Admission Control Shared Secret Vulnerability Cisco Systems Product Security Incident Response Team
CA DSM gui_cm_ctrls ActiveX Control Vulnerability Williams, James K
iDefense Security Advisory 04.09.08: IBM DB2 Universal Database Administration Server File Creation Vulnerability iDefense Labs
iDefense Security Advisory 04.09.08: IBM DB2 Universal Database db2dasStartStopFMDaemon Buffer Overflow Vulnerability iDefense Labs
iDefense Security Advisory 04.15.08: Oracle Application Express Privilege Escalation Vulnerability iDefense Labs
Re: PHPSlideShow (toonchapter8.php) Cross-Site Scripting Vulnerability contact
Classifieds Caffe (index.php cat_id) Remote SQL Injection sys-project
ZDI-08-022: Apple Safari WebKit PCRE Handling Integer Overflow Vulnerability zdi-disclosures
Thursday, 17 April
FreeBSD Security Advisory FreeBSD-SA-08:05.openssh FreeBSD Security Advisories
[ MDVSA-2008:087 ] - Updated policykit package fixes format string vulnerability security
[oCERT-2008-004] multiple speex implementations insufficient boundary checks Andrea Barisani
[SECURITY] [DSA 1547-1] New OpenOffice.org packages fix arbitrary code execution Martin Schulze
[ GLSA 200804-16 ] rsync: Execution of arbitrary code Robert Buchholz
[ GLSA 200804-17 ] Speex: User-assisted execution of arbitrary code Robert Buchholz
[ GLSA 200804-18 ] Poppler: User-assisted execution of arbitrary code Robert Buchholz
[security bulletin] HPSBMA02133 SSRT061201 rev.8 - HP Oracle for OpenView (OfO) Critical Patch Update security-alert
[security bulletin] HPSBST02329 SSRT080048 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-018 to MS08-025 security-alert
[security bulletin] HPSBMA02328 SSRT071293 rev.2 - HP OpenView Network Node Manager (OV NNM) Running Apache, Remote Cross Site Scripting (XSS), Denial of Service (DoS), Execute Arbitrary Code security-alert
Microsoft Works 7 WkImgSrv.dll crash POC wsn1983
Announcement - DeepSec Conference 2008, Nov 11-14 2008 DeepSec Conference
[SECURITY] [DSA 1548-1] New xpdf packages fix arbitrary code exitution Devin Carraway
[USN-603-1] poppler vulnerability Kees Cook
[USN-603-2] KOffice vulnerability Kees Cook
Re: BigAnt Server 2.2 PreAuth Remote SEH Overflow Exploit (0day) m . memelli
[SECURITY] [DSA 1549-1] New clamav packages fix several vulnerabilities Moritz Muehlenhoff
Re: [Full-disclosure] Secunia Research: Lotus Notes Folio Flat File Parsing Buffer Overflows Juha-Matti Laurio
[SECURITY] [DSA 1550-1] New suphp packages fix local privilege escalation Moritz Muehlenhoff
Friday, 18 April
iDefense Security Advisory 04.17.08: Multiple Vendor OpenOffice OLE DocumentSummaryInformation Heap Overflow Vulnerability iDefense Labs
iDefense Security Advisory 04.17.08: Multiple Vendor OpenOffice EMF EMR_BITBLT Record Integer Overflow Vulnerability iDefense Labs
iDefense Security Advisory 04.17.08: Multiple Vendor OpenOffice QPRO Multiple Heap Overflow Vulnerabilities iDefense Labs
iDefense Security Advisory 04.17.08: Multiple Vendor OpenOffice QPRO File Parsing Integer Underflow Vulnerability iDefense Labs
[ GLSA 200804-19 ] PHP Toolkit: Data disclosure and Denial of Service Robert Buchholz
[ MDVSA-2008:088 ] - Updated clamav packages fix multiple vulnerabilities security
[ MDVSA-2008:089 ] - Updated poppler packages fix vulnerability security
BitTorrent Clients and CSRF th3 . r00k . nospam
[ GLSA 200804-20 ] Sun JDK/JRE: Multiple vulnerabilities Robert Buchholz
5th avenue Shopping Cart SQL Injection noreply
LightNEasy v.1.2.2 flat Multiple Vulnerabilities darkz . gsa
[ GLSA 200804-21 ] Adobe Flash Player: Multiple vulnerabilities Robert Buchholz
Wikepage Wiki v.2007-2 Cross-Site Scripting darkz . gsa
Team SHATTER Security Advisory: Multiple DoS in JAR files manipulation procedures Team SHATTER
Team SHATTER Security Advisory: IBM DB2 UDB Arbitrary file overwrite in SYSPROC.NNSTAT procedure Team SHATTER
[ GLSA 200804-22 ] PowerDNS Recursor: DNS Cache Poisoning Robert Buchholz
Team SHATTER Security Advisory: IBM DB2 UDB Arbitrary code execution in ADMIN_SP_C/ADMIN_SP_C2 procedures Team SHATTER
ANNOUNCE: RFIDIOt-0.1s release (now available for Windows) Adam Laurie
Saturday, 19 April
[SECURITY] [DSA 1551-1] New python2.4 packages fix several vulnerabilities Moritz Muehlenhoff
[SECURITY] [DSA 1552-1] New mplayer packages fix arbitrary code execution Moritz Muehlenhoff
Token Kidnapping (Microsoft Security Advisory 951306) presentation available Cesar
Monday, 21 April
Deciphering the Simple Machines Forum audio Captcha Michael . Brooks . SPAM
Acidcat CMS Multiple Vulnerabilities admin
SyScan'08 Singapore - Call for Paper organiser () syscan org
[ MDVSA-2008:090 ] - Updated OpenOffice.org packages fix vulnerabilities security
Deciphering the PHP-Nuke Capthca Michael . Brooks . SPAM
[SECURITY] [DSA 1553-1] New ikiwiki packages fix cross-site request forgery Florian Weimer
IRM Security Advisory : RedDot CMS SQL injection vulnerability Mark Crowther
Powered by gCards v1.46 SQL turkish-warriorr
[ GLSA 200804-23 ] CUPS: Integer overflow vulnerability Matthias Geerdsen
Re: Re: Smf 1.1.4 Remote File Inclusion Vulnerabilities douchbag
[ GLSA 200804-24 ] DBmail: Data disclosure Matthias Geerdsen
Sea-Surfing on the Motorola Surfboard th3 . r00k . nospam
ANNOUNCE: Security Implications of Windows Access Tokens Whitepaper luke . jennings
Xoops All Version -Articles- Article.PHP (ID) Blind SQL Injection ExpL0it crazy_kinq
Re: Powered by gCards v1.46 SQL packet
Tuesday, 22 April
[USN-602-1] Firefox vulnerabilities Jamie Strandboge
Correcting CVEs (was Re: [Full-disclosure] Cross site scripting issues in s9y (CVE-2008-1386, CVE-2008-1387)) Hanno Böck
[USN-604-1] Gnumeric vulnerability Kees Cook
Cross site scripting issues in s9y (CVE-2008-1386, CVE-2008-1387) Hanno Böck
Safari 3.1.1 Multiple Vulnerabilities for windows jplopezy
Firefox 3.0 beta 5 crash jplopezy
Re: Firefox 3.0 beta 5 crash Gianluca Borello
[SECURITY] [DSA 1554-1] New roundup packages fix cross-site scripting vulnerability Noah Meyerhans
Default key algorithm in Thomson and BT Home Hub routers Adrian Pastor
Wednesday, 23 April
Re: Default key algorithm in Thomson and BT Home Hub routers ap
AST-2008-006 - 3-way handshake in IAX2 incomplete Security Officer
LayerOne 2008 - Final Pre-Con Update Layer One
Horde Webmail XSS [Aria-Security] noreply
NetClassifieds Sql Injection noreply
Zune software - arbitrary file overwrite info
[ GLSA 200804-25 ] VLC: User-assisted execution of arbitrary code Robert Buchholz
[SECURITY] [DSA 1555-1] New iceweasel packages fix arbitrary code execution Moritz Muehlenhoff
[ GLSA 200804-26 ] Openfire: Denial of Service Robert Buchholz
Re: NetClassifieds Sql Injection laurent . gaffie
PR07-43: Cross-domain redirect on RSA Authentication Agent ProCheckUp Research
PR07-44: XSS on RSA Authentication Agent login page ProCheckUp Research
[W01-0408] Realtek HD Audio Codec Drivers (Vista) - Local Privilege Escalation vulns
xine-lib NES Sound Format Demuxer Buffer Overflow laurent . gaffie
Thursday, 24 April
Re: xine-lib NES Sound Format Demuxer Buffer Overflow Guido Landi
[ GLSA 200804-28 ] JRockit: Multiple vulnerabilities Tobias Heinlein
DDIVRT-2008-11 BadBlue uninst.exe DoS vulnerabilityresearch
Trillian 3.1 basic nick crash jplopezy
[ GLSA 200804-27 ] SILC: Multiple vulnerabilities Tobias Heinlein
A New Class of Vulnerability in Oracle: Lateral SQL Injection David Litchfield
HPSBGN02333 SSRT080031 rev.1 - HP Software Update HPeDiag Running on Windows, Remote Disclosure of Information and Execution of Arbitrary Code security-alert
[SECURITY] [DSA 1557-1] New phpmyadmin packages fix several vulnerabilities Thijs Kinkhorst
[SECURITY] [DSA 1556-1] New perl packages fix denial of service Florian Weimer
[SECURITY] [DSA 1534-2] New iceape packages fix regression Moritz Muehlenhoff
Friday, 25 April
[SECURITY] [DSA 1558-1] New xulrunner packages fix arbitrary code execution Moritz Muehlenhoff
[ MDVSA-2008:091 ] - Updated wireshark packages fix denial of service vulnerabilities security
Lotus expeditor rcplauncher uri handler vulnerability Thomas Pollet
R.I.P. rgod ipsdix
Saturday, 26 April
[ GLSA 200804-29 ] Comix: Multiple vulnerabilities Pierre-Yves Rofes
Curious vulnerability in Excel 2007 jplopezy
Re: Firefox 3.0 beta 5 crash Mauro Faccenda
Wordpress 2.5 Cookie Integrity Protection Vulnerability Steven J. Murdoch
GroupWise 7 attached bugs jplopezy
Re: Curious vulnerability in Excel 2007 jplopezy
Re: Firefox 3.0 beta 5 crash (Slightly unrelated) Skratz0r
IMF 2008 - 2nd Call for Papers Oliver Goebel
rPSA-2008-0149-1 idle python rPath Update Announcements
Re: Simple Machines Forum "SMF Shoutbox" Mod Persistent XSS pobore
Monday, 28 April
Re: R.I.P. rgod blacklight
[SECURITY] [DSA 1556-2] New perl packages fix denial of service Florian Weimer
[SECURITY] [DSA 1560-1] New kronolith2 packages fix cross site scripting Thijs Kinkhorst
GroupWise 7.0 mailto: scheme buffer overflow jplopezy
London DEFCON meet - Thursday 1st May - DC4420 Major Malfunction
bug report hadikiamarsi
[SECURITY] [DSA 1561-1] New ldm packages fix information disclosure Thijs Kinkhorst
Minibb 2.2a XSS Vulnerability irancrash
Microsoft SWI blog inaccuracies Amit Klein
[SECURITY] [DSA 1562-1] New iceape packages fix arbitrary code execution Moritz Muehlenhoff
[ECHO_ADV_88$2008] Prozilla Hosting Index (directory.php cat_id) Blind Sql Injection Vulnerability erdc
[ECHO_ADV_89$2008] Softbiz Web Host Directory Script (search_result.php host_id) Blind Sql Injection Vulnerability erdc
CORE-2008-0320 - Insufficient argument validation of hooked SSDT functions on multiple Antivirus and Firewalls CORE Security Technologies Advisories
Tuesday, 29 April
Re: h2desk helpdesk path disclosure vulnerability john
[ GLSA 200804-30 ] KDE start_kdeinit: Multiple vulnerabilities Matthias Geerdsen
SugarCRM Community Edition Local File Disclosure Vulnerability roberto . suggi
rPSA-2008-0151-1 libpng rPath Update Announcements
Re: Yourfreeworld Styleish Text Ads Script rohit
XSS Attack hadikiamarsi
Re: R.I.P. rgod Christian Kujau
[ MDVSA-2008:092 ] - Updated gstreamer-plugins-good packages fix vulnerabilities security
[ MDVSA-2008:093 ] - Updated vorbis-tools packages fix vulnerabilities security
Wednesday, 30 April
[security bulletin] HPSBMA02331 SSRT080000 rev.1 - HP-UX running WBEM Services, Remote Execution of Arbitrary Code, Gain Extended Privileges security-alert
Re: rPSA-2008-0151-1 libpng Liran Cohen
Critical Vulnerability in SNMPc NGSSoftware Insight Security Research
CFP: Workshop on Open Source Software for Computer and Network Forensics Stefano Zanero
heanet.dl.sourceforge.net hacked? Michael Scheidell
Re: heanet.dl.sourceforge.net hacked? Pieter de Boer
Re: heanet.dl.sourceforge.net hacked? mirrors
Re: heanet.dl.sourceforge.net hacked? Rainer Duffner
[SECURITY] [DSA 1563-1] New asterisk packages fix denial of service Moritz Muehlenhoff
Re: heanet.dl.sourceforge.net hacked? Marshall Eubanks
Re: Re: heanet.dl.sourceforge.net hacked? securityfocus . com
Re: R.I.P. rgod Christian Kujau