Bugtraq: by date
RSS Feed
About List
All Lists
Previous period
271 messages
starting Aug 01 08 and
ending Aug 30 08
Date index |
Thread index |
Author index
Friday, 01 August
[ GLSA 200807-16 ] Python: Multiple vulnerabilities Robert Buchholz
CA ARCserve Backup for Laptops and Desktops Server LGServer Service Vulnerability Williams, James K
libxslt heap overflow chris
[CVE-2008-2370] Apache Tomcat information disclosure vulnerability Mark Thomas
[SECURITY] [DSA 1625-1] New cupsys packages fix arbitrary code execution Thijs Kinkhorst
[SECURITY] [DSA 1626-1] New httrack packages fix arbitrary code execution Thijs Kinkhorst
[CVE-2008-1232] Apache Tomcat XSS vulnerability Mark Thomas
[USN-634-1] OpenLDAP vulnerability Kees Cook
eVision 2.0 Sql Injection/Remote File Disclosure/Remote File Upload/IG r3d . w0rm
DNS Multiple Race Exploiting Tool AR
[USN-633-1] libxslt vulnerabilities Kees Cook
[USN-632-1] Python vulnerabilities Kees Cook
iDefense Security Advisory 07.31.08: Apple Mac OS X CoreGraphics PDF Type1 Font Integer Overflow Vulnerability iDefense Labs
n.runs-SA-2008.005 - Apple Inc. - CoreServices Framework’s CarbonCore Framework - Arbitrary Code Execution (remote) security () nruns com
Saturday, 02 August
Re: how to request a cve id? William A. Rowe, Jr.
Re: Windows Vista Power Management & Local Security Policy William A. Rowe, Jr.
[ MDVSA-2008:160 ] libxslt security
file upload exploit win32 . exe
iDefense Security Advisory 08.01.08: Ingres Database for Linux verifydb Insecure File Permissions Modification Vulnerability iDefense Labs
iDefense Security Advisory 08.01.08: Ingres Database for Linux libbecompat Stack Based Buffer Overflow Vulnerability iDefense Labs
iDefense Security Advisory 08.01.08: Ingres Database for Linux ingvalidpw Untrusted Library Path Vulnerability iDefense Labs
Pligg Auto-Voter Using XSS to Bypass CSRF Protection michaelbrooks
Homes 4 Sale Remote XSS Vulnerabilitiy Ghost hacker
Server termination in America's Army 2.8.3.1 Luigi Auriemma
Monday, 04 August
Keld: PHP-MySQL News Script 0.7.1 Remote SQL injection Vulnerability crimson . loyd
TGS CMS Remote Code Execution Exploit 0in . email
[SECURITY] [DSA 1627-1] New opensc packages fix smart card vulnerability Thijs Kinkhorst
UNAK-CMS Lfi r3d . w0rm
[USN-626-2] Devhelp, Epiphany, Midbrowser and Yelp update Jamie Strandboge
Team SHATTER Security Advisory: SQL Injection in Oracle Application Server (WWEXP_API_ENGINE) Team SHATTER
Team SHATTER Security Advisory: Cross-site scripting in Oracle Enterprise Manager (REFRESHCHOICE Parameter) Team SHATTER
Team SHATTER Security Advisory: SQL Injection in Oracle Database (DBMS_DEFER_SYS.DELETE_TRAN) Team SHATTER
CORE-2008-0716 - Sun xVM VirtualBox Privilege Escalation Vulnerability CORE Security Technologies Advisories
Xampp Linux 1.6.7 Multiple Cross Site Scripting Vulnerabilities irancrash
Tuesday, 05 August
8e6 Technologies R3000 Internet Filter Bypass with Host Decoy nnposter
Plogger <= 3.0 SQL Injection GulfTech Security Research
IGES CMS <=2.0 Multiple Vulnerabilities admin
Pluck 4.5.2 Multiple Cross Site Scripting Vulnerabilities irancrash
Wednesday, 06 August
[ GLSA 200808-01 ] xine-lib: User-assisted execution of arbitrary code Robert Buchholz
[ GLSA 200808-02 ] Net-SNMP: Multiple vulnerabilities Robert Buchholz
[ GLSA 200808-03 ] Mozilla products: Multiple vulnerabilities Robert Buchholz
[ GLSA 200808-04 ] Wireshark: Denial of Service Robert Buchholz
rPSA-2008-0245-1 cups rPath Update Announcements
rPSA-2008-0246-1 gaim rPath Update Announcements
PHP-NUKE module Kleinanzeigen SQL injection (lid) lovebug
MyClan Sql Injection r3d . w0rm
Re: 8e6 Technologies R3000 Internet Filter Bypass with Host Decoy jyoung01
Interesting things at sec-consult.com, DNS-whitepaper available tomorrow Bernhard Mueller
CA Products That Embed Ingres Multiple Vulnerabilities Williams, James K
Google Notebook and Google Bookmarks Cross Site Scripting Vulnerabilities alfredo . melloni
Apache HTTP Server mod_proxy_ftp Wildcard Characters Cross-Site Scripting marc_bevand
[ GLSA 200808-05 ] ISC DHCP: Denial of Service Tobias Heinlein
[USN-635-1] xine-lib vulnerabilities Jamie Strandboge
[ GLSA 200808-06 ] libxslt: Execution of arbitrary code Tobias Heinlein
[security bulletin] HPSBUX02351 SSRT080058 rev.3 - HP-UX Running BIND, Remote DNS Cache Poisoning security-alert
[security bulletin] HPSBUX02355 SSRT080023 rev.1 - HP-UX Using libc, Remote Denial of Service (DoS) security-alert
Thursday, 07 August
OpenVMS fingerd remote stack overflow Shaun Colley
Re: [funsec] facebook messages worm Gadi Evron
Endless loop and resources consumption in Halo 1.0.7.0615 Luigi Auriemma
Re: [Full-disclosure] [funsec] facebook messages worm Juha-Matti Laurio
Re: [funsec] facebook messages worm Gadi Evron
facebook messages worm Gadi Evron
Whitepaper: DNS zone redelegation Bernhard Mueller
Re: [funsec] facebook messages worm Gadi Evron
[SE-2008-01] J2ME Security Vulnerabilities 2008 Security Explorations
Re: OpenVMS fingerd remote stack overflow Alexander Sotirov
Re: OpenVMS fingerd remote stack overflow Kevin Finisterre (lists)
e107 <= 0.7.11 Arbitrary Variable Overwriting GulfTech Security Research
Re: [SE-2008-01] J2ME Security Vulnerabilities 2008 0xjbrown41
[ MDVSA-2008:161 ] rxvt security
Re: OpenVMS fingerd remote stack overflow mlbugtraq
Friday, 08 August
[ MDVSA-2008:162 ] qemu security
[ MDVSA-2008:163 ] python security
[ MDVSA-2008:164 ] python security
re: [SE-2008-01] J2ME Security Vulnerabilities 2008 Security Explorations
Re: Re: [SE-2008-01] J2ME Security Vulnerabilities 2008 0xjbrown41
Re: [funsec] facebook messages worm Juha-Matti Laurio
OpenID/Debian PRNG/DNS Cache poisoning advisory Ben Laurie
[AJECT] NoticeWare IMAP Email Server 4.6.2 DoS vulnerability João Antunes
Re: [OpenID] OpenID/Debian PRNG/DNS Cache poisoning advisory Gerald Beuchelt
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Eric Rescorla
[AJECT] WinGate Email Server (IMAP) vulnerability João Antunes
Vim: Unfixed Vulnerabilities in Tar Plugin Version 20 Jan Minář
Re: [OpenID] OpenID/Debian PRNG/DNS Cache poisoning advisory Ben Laurie
RE: OpenID/Debian PRNG/DNS Cache poisoning advisory Dave Korn
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Eric Rescorla
[ GLSA 200808-07 ] ClamAV: Multiple Denials of Service Raphael Marichez
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Ben Laurie
[ GLSA 200808-08 ] stunnel: Security bypass Raphael Marichez
Re: [OpenID] OpenID/Debian PRNG/DNS Cache poisoning advisory Dick Hardt
[DSECRG-08-035] Local File Include Vulnerability in Gallery 1.5.7, 1.6-alpha3 Digital Security Research Group [DSecRG]
[ GLSA 200808-09 ] OpenLDAP: Denial of Service vulnerability Raphael Marichez
RE: OpenID/Debian PRNG/DNS Cache poisoning advisory Leichter, Jerry
RE: OpenID/Debian PRNG/DNS Cache poisoning advisory Dave Korn
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Peter Gutmann
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Dan Kaminsky
New paper: An Illustrated Guide to the Kaminsky DNS Vulnerability Steve Friedl
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Perry E. Metzger
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Eric Rescorla
Re: OpenVMS fingerd remote stack overflow Tim Newsham
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Ben Laurie
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Nicolas Williams
Re: [OpenID] OpenID/Debian PRNG/DNS Cache poisoning advisory Ben Laurie
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Paul Hoffman
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Nicolas Williams
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Leichter, Jerry
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Eric Rescorla
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Nicolas Williams
key blacklisting & file size (was: OpenID/Debian PRNG/DNS Cache poisoning advisory) Solar Designer
Saturday, 09 August
[security bulletin] HPSBUX02351 SSRT080058 rev.4 - HP-UX Running BIND, Remote DNS Cache Poisoning security-alert
Monday, 11 August
Kayako SupportSuite < 3.30.00 Multiple Vulnerabilities GulfTech Security Research
[ GLSA 200808-10 ] Adobe Reader: User-assisted execution of arbitrary code Robert Buchholz
Ovidentia Sql Injection r3d . w0rm
[SECURITY] [DSA 1627-1] New PowerDNS packages reduce DNS spoofing risk Florian Weimer
Re: [DSECRG-08-035] Local File Include Vulnerability in Gallery 1.5.7, 1.6-alpha3 o_0 . iahumeil
K-Links Directory Blind SQL Injection Exploit hadihadi_zedehal_2006
rPSA-2008-0249-1 openldap openldap-clients openldap-servers rPath Update Announcements
[ GLSA 200808-11 ] UUDeview: Insecure temporary file creation Pierre-Yves Rofes
rPSA-2008-0247-1 gvim vim vim-minimal rPath Update Announcements
Apache Tomcat <= 6.0.18 UTF8 Directory Traversal Vulnerability emericboit
Tuesday, 12 August
Re: Team SHATTER Security Advisory: SQL Injection in Oracle Database (DBMS_DEFER_SYS.DELETE_TRAN) Team SHATTER
Layered Defense Research Advisory: Alcatel-Lucent OmniSwitch products, Stack Buffer Overflow dh
RE: OpenID/Debian PRNG/DNS Cache poisoning advisory Clausen, Martin (DK - Copenhagen)
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Ben Laurie
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Ben Laurie
Re: TGS CMS Remote Code Execution Exploit lcat
iDefense Security Advisory 08.04.08: Solaris snoop SMB Decoding Multiple Format String Vulnerabilities iDefense Labs
[AJECT] hMailServer 4.4.1 DoS vulnerability João Antunes
iDefense Security Advisory 08.04.08: Solaris snoop SMB Decoding Multiple Stack Buffer Overflow Vulnerabilities iDefense Labs
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Stefan Kanthak
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Florian Weimer
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Forrest J. Cavalier III
Internet attacks against Georgian web sites Gadi Evron
VMSA-2008-0013 Updated ESX packages for OpenSSL, net-snmp, perl VMware Security Team
VMSA-2008-0012 Updated VirtualCenter addresses User Account Disclosure Vulnerability VMware Security Team
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Leichter, Jerry
rPSA-2008-0253-1 git gitweb rPath Update Announcements
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory "Hal Finney"
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Tim Dierks
CA Host-Based Intrusion Prevention System SDK kmxfw.sys Multiple Vulnerabilities Williams, James K
Re: [funsec] Internet attacks against Georgian web sites Paul Ferguson
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Ben Laurie
Re: [funsec] Internet attacks against Georgian web sites Paul Ferguson
Surf Jack - HTTPS will not save you lists
[security bulletin] HPSBUX02356 SSRT080051 rev.1 - HP-UX Running ftpd, Remote Privileged Access security-alert
Wednesday, 13 August
ZDI-08-048: Microsoft Excel COUNTRY Record Memory Corruption Vulnerability zdi-disclosures
ZDI-08-051: Microsoft Internet Explorer Table Layout Memory Corruption Vulnerability zdi-disclosures
ZDI-08-049: Microsoft Windows Graphics Rendering Engine PICT Heap Corruption zdi-disclosures
iDefense Security Advisory 08.12.08: Microsoft Office BMP Input Filter Heap Overflow Vulnerability iDefense Labs
Re: Vim: Netrw: FTP User Name and Password Disclosure Tony Mechelynck
[ MDVSA-2008:167 ] kernel security
ZDI-08-050: Microsoft Internet Explorer XHTML Rendering Memory Corruption Vulnerability zdi-disclosures
[ MDVSA-2008:166 ] clamav security
Vim: Netrw: FTP User Name and Password Disclosure Jan Minář
iDefense Security Advisory 08.12.08: Microsoft Office WPG Image File Heap Buffer Overflow Vulnerability iDefense Labs
[TKADV2008-006] CA HIPS KmxFw.sys Kernel Memory Corruption Tobias Klein
iDefense Security Advisory 08.12.08: Microsoft PowerPoint Viewer 2003 Out of Bounds Array Index Vulnerability iDefense Labs
iDefense Security Advisory 08.12.08: Microsoft PowerPoint Viewer 2003 Cstring Integer Overflow Vulnerability iDefense Labs
iDefense Security Advisory 08.12.08: Microsoft Excel Chart AxesSet Invalid Array Index Vulnerability iDefense Labs
iDefense Security Advisory 08.12.08: Microsoft Excel FORMAT Record Invalid Array Index Vulnerability iDefense Labs
iDefense Security Advisory 08.12.08: Microsoft Windows Color Management Module Heap Buffer Overflow Vulnerability iDefense Labs
rPSA-2008-0243-1 idle python rPath Update Announcements
Vim 7.2c.002 Fixes Arbitrary Command Execution when Handling Tar Archives Jan Minář
NULL pointer in Ventrilo 3.0.2 Luigi Auriemma
[security bulletin] HPSBTU02358 SSRT080058 rev.1 - HP Tru64 UNIX running BIND, Remote DNS Cache Poisoning security-alert
CORE-2008-0103: Internet Explorer Zone Elevation Restrictions Bypass and Security Zone Restrictions Bypass CORE Security Technologies Advisories
Thursday, 14 August
[ MDVSA-2008:170 ] cups security
Microsoft Windows Messenger Remote Illegal Access Vulnerability cocoruder
[ MDVSA-2008:168 ] stunnel security
[security bulletin] HPSBOV02357 SSRT080058 rev.1 - HP OpenVMS TCP/IP Services running BIND, Remote DNS Cache Poisoning security-alert
[ MDVSA-2008:169 ] hplip security
Postfix local privilege escalation via hardlinked symlinks Wietse Venema
SYM08-015_SFW_SecurityUpdateBypass Mike Prosser
ZDI-08-053: Symantec Veritas Storage Foundation Scheduler Service NULL Session Authentication Bypass Vulnerability zdi-disclosures
Security Assessment of the Internet Protocol Fernando Gont
Friday, 15 August
rPSA-2008-0255-1 freetype rPath Update Announcements
[ GLSA 200808-12 ] Postfix: Local privilege escalation vulnerability Raphael Marichez
Cisco Security Advisory: Vulnerability in Cisco WebEx Meeting Manager ActiveX Control Cisco Systems Product Security Incident Response Team
Re: MicroWorld MailScan - Multiple Vulnerabilities within Admin-Webinterface oliver karow
munky-bliki lfi r3d . w0rm
Mambo 4.6.2 Full Version - Multiple Cross Site Scripting - By Khashayar Fereidani irancrash
FlexCMS <= 2.5 Cross Site Scripting Vulnerability irancrash
Monday, 18 August
[ MDVSA-2008:171 ] postfix security
[ MDVSA-2008:172 ] amarok security
PHP Live Helper <= 2.0.1 Multiple Vulnerabilities GulfTech Security Research
Tool: PorkBind v1.3 Nameserver Security Scanner (New Version) Derek Callaway
Nokia 6131 NFC URI/URL Spoofing and DoS Advisory Collin R. Mulliner
Re: ManageEngine Firewall Analyzer arbitrary file disclosure to authorized user Eder Wentz
NewsHOWLER 1.03 Beta Cookie Handling Via Sql injection r3d . w0rm
[DSECRG-08-036] Multiple Security Vulnerabilities in Freeway eCommerce 1.4.1.171 Digital Security Research Group [DSecRG]
Ovidentia 6.6.5 XSS (index.php)‏ mostafa_ragab
[security bulletin] HPSBMA02345 SSRT080039 rev.2 - HP System Management Homepage (SMH) for Linux and Windows, Remote Cross Site Scripting (XSS) security-alert
[SECURITY] [DSA 1629-1] New postfix packages fix privilege escalation Thijs Kinkhorst
Tuesday, 19 August
[SECURITY] [DSA 1629-2] New postfix packages fix installability problem on i386 Thijs Kinkhorst
[security bulletin] HPSBST02360 SSRT080117 rev.2 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-041 to MS08-051 security-alert
Vanilla <= 1.1.4 Script Injection/ XSS GulfTech Security Research
SunShop <= 4.1.4 SQL Injection GulfTech Security Research
[ MDVSA-2008:173 ] kdegraphics security
Wednesday, 20 August
[USN-636-1] Postfix vulnerability Kees Cook
[ MDVSA-2008:174 ] kernel security
ToorCon 10 Call For Papers David Hulton
Folder Lock <= 5.9.5 Local Password Information Disclosure glafkos
Thursday, 21 August
[ MDVSA-2008:175 ] yelp security
[ MDVSA-2008:176 ] mtr security
IMF 2008 - Call for Participation Oliver Goebel
CORE-2008-0624: Anzio Web Print Object Buffer Overflow CORE Security Technologies Advisories
Null Byte Local file Inclusion in FAR - PHP Project version:1.0 beenudel1986
CORE-2008-0813 - vBulletin Cross Site Scripting Vulnerability CORE Security Technologies Advisories
rPSA-2008-0259-1 postfix rPath Update Announcements
[ MDVSA-2008:177 ] xine-lib security
[ MDVSA-2008:178 ] xine-lib security
UPDATE: [ GLSA 200804-22 ] PowerDNS Recursor: DNS Cache Poisoning Robert Buchholz
[SECURITY] [DSA 1630-1] New Linux 2.6.18 packages fix several vulnerabilities dann frazier
TimeTrex Time and Attendance Cookie Theft DoZ
Friday, 22 August
Contest: Best Advances for OpenVAS Network Vulnerability Tests Michael Wiegand
PR08-20: Bypassing ASP .NET "ValidateRequest" for Script Injection Attacks ProCheckUp Research
Call For Papers - Hackers 2 Hackers Conference 5th Edition - Brazil cfp
[ MDVSA-2008:179 ] metisse security
RE: TimeTrex Time and Attendance Cookie Theft Alex Eden
Vim: Arbitrary Code Execution in Commands: K, Control-], g] Jan Minář
[ MDVSA-2008:180 ] libxml2 security
Secunia Research: Trend Micro Products Web Management Authentication Bypass Secunia Research
Fedora confirms: Our servers were breached Juha-Matti Laurio
Apple OSX Leopard (10.5+), inadequate ACL insight can create vuln bgtrq . tryfixingit
Re: Null Byte Local file Inclusion in FAR - PHP Project version:1.0 William McAfee
[oCERT-2008-008] multiple heap overflows in xine-lib Will Drewry
Re: RE: TimeTrex Time and Attendance Cookie Theft hi
[SECURITY] [DSA 1631-1] New libxml2 packages fix denial of service Steve Kemp
Re: Fedora confirms: Our servers were breached Dragos Ruiu
Saturday, 23 August
OneNews Beta 2 Multiple Vulnerabilities crimson . loyd
Re: TimeTrex Time and Attendance Cookie Theft Mike
Monday, 25 August
Secunia Research: Novell iPrint Client ActiveX Control "GetFileList()" Information Disclosure Secunia Research
RE: Arbitrary Code Execution in Commands: K, Control-], g] Michael Wojcik
[DSECRG-08-038] Multiple Local File Include Vulnerabilities in ezContents CMS 2.0.3 Digital Security Research Group [DSecRG]
Secunia Research: Calendarix Basic Two SQL Injection Vulnerabilities Secunia Research
Secunia Research: Novell iPrint Client ActiveX Control Multiple Buffer Overflows Secunia Research
[DSECRG-08-037] Multiple Local File Include Vulnerabilities in Pluck CMS 4.5.2 Digital Security Research Group [DSecRG]
SECOBJADV-2008-03.2: PartyGaming PartyPoker Malicious Update Vulnerability Security Objectives Corporation
[IVIZ-08-009] Grub Legacy Security Model bypass exploiting wrong BIOS API usage iViZ Security Advisories
Crafty Syntax Live Help <= 2.14.6 SQL Injection GulfTech Security Research
[IVIZ-08-006] DiskCryptor Security Model bypass exploiting wrong BIOS API usage iViZ Security Advisories
Tuesday, 26 August
ToorCon X CFP Closing and Workshops and Seminars discounted until Friday! David Hulton
Mini-NUKE v2.3 Freehost (tr) Multiple Remote SQL Injection Vulnerabilities byccc
ZoneMinder Multiple Vulnerabilities filip . palian
Hopeless comments regarding the pointless "HP System Management Homepage (SMH) Unspecified XSS" Luca.carettoni
[SECURITY] [DSA 1632-1] New tiff packages fix arbitrary code execution Thijs Kinkhorst
Multiple Vulnerabilities in AWStats Totals Elliot Kendall
[SECURITY] [DSA 1631-1] New libxml2 packages fix denial of service Steve Kemp
White Wolf Labs #080826-1: Kyocera Mita Scanner File Utility (Multiple) Seth Fogie
PacSec 2008 CFP (Deadline Sept. 1, Conference Nov. 12/13) and BA-Con 2008 Speakers (Sept .30/ Oct. 1) Dragos Ruiu
[ MDVSA-2008:180-1 ] libxml2 security
Wednesday, 27 August
[security bulletin] HPSBMA02363 SSRT080106 rev.1 - HP Enterprise Discovery Running on Windows, Remote Authorized User, Gain Extended Privileges security-alert
Thursday, 28 August
[IVIZ-08-008] LILO Security Model bypass exploiting wrong BIOS API usage iViZ Security Advisories
[IVIZ-08-007] DriveCrypt Security Model bypass exploiting wrong BIOS API usage iViZ Security Advisories
[IVIZ-08-003] TrueCrypt Security Model bypass exploiting wrong BIOS API usage iViZ Security Advisories
[USN-638-1] Yelp vulnerability Kees Cook
[IVIZ-08-004] Intel BIOS Plain Text Password Disclosure iViZ Security Advisories
XSS and Data Manipulation attacks found in CMS PHPCart. vaibhav aher
[IVIZ-08-002] Hewlett-Packard BIOS Plain Text Password Disclosure iViZ Security Advisories
[IVIZ-08-005] IBM Lenovo BIOS Plain Text Password Disclosure iViZ Security Advisories
[security bulletin] HPSBUX02365 SSRT080118 rev.1 - HP-UX Running Apache, Remote Cross Site Scripting (XSS) or Denial of Service (DoS) security-alert
reviving the botnets@ mailing list: a new statregy in fighting cyber crime Gadi Evron
ZDI-08-054: Multiple Vendor libpurple MSN Protocol SLP Message Heap Overflow Vulnerability zdi-disclosures
Friday, 29 August
[scip_Advisory 3807] Dreambox DM500 webserver long URL request denial of service Marc Ruef
[Advisory] Invision Power Board <= 2.3.5 Multiple Vulnerabilities and Security Bypass gmdarkfig
[ MDVSA-2008:181 ] ipsec-tools security
[Exploit] Invision Power Board <= 2.3.5 Multiple Vulnerabilities gmdarkfig
Re: [Exploit] Invision Power Board <= 2.3.5 Multiple Vulnerabilities gmdarkfig
Saturday, 30 August
VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues. VMware Security team
Re: [Advisory] Invision Power Board <= 2.3.5 Multiple Vulnerabilities and Security Bypass gmdarkfig
[SECURITY] [DSA-1597-2] New mt-daapd package fix regression Devin Carraway