Bugtraq: by author
RSS Feed
About List
All Lists
Previous period
400 messages
starting Mar 25 08 and
ending Mar 03 08
Date index |
Thread index |
Author index
0in . email
phpBB PJIRC mod LFI 0in . email (Mar 25)
Home FTP Server DoS 0in . email (Mar 17)
Livebox Router vulnerability to REMOTE BUFFER OVERFLOW DoS (FTPD)_ 0in . email (Mar 01)
Abel Cheung
Fedora, Ubuntu publish wrong advisories for CVE-2007-6318 Abel Cheung (Mar 22)
ACROS Security
ACROS Security: Session Fixation Vulnerability in WebLogic Administration Console (#2008-03-11-2) ACROS Security (Mar 11)
ACROS Security: HTML Injection in BEA WebLogic Server Console (ASPR #2008-03-11-1) ACROS Security (Mar 11)
admin
Airspan WiMAX ProST Authentication Bypass Vulnerability admin (Mar 14)
Alexandr Polyakov
[DSECRG-08-018] Ruby 1.8.6 (Webrick Httpd 1.3.1) Directory traversal file Download Vulnerability Alexandr Polyakov (Mar 06)
Amit Klein
Paper by Amit Klein (Trusteer): "PowerDNS Recursor DNS Cache Poisoning [pharming]" Amit Klein (Mar 31)
Update+Errata: Re: A paper by Amit Klein (Trusteer): "OpenBSD DNS Cache Poisoning and Multiple O/S Predictable IP ID Vulnerability" Amit Klein (Mar 13)
andre
Re: Logaholic Web Analytics Software andre (Mar 26)
Anonymous
MS08-014 Anonymous (Mar 21)
Ansgar -59cobalt- Wiechers
Re: [Full-disclosure] Firewire Attack on Windows Vista Ansgar -59cobalt- Wiechers (Mar 10)
app
Re: Re: VHCS <= 2.4.7.1 (vhcs2_daemon) Remote Root Exploit app (Mar 13)
arsalan1991
aeries browser interface(ABI) 3.8.3.14 Remote SQL Injection arsalan1991 (Mar 25)
Asterisk Security Team
AST-2008-003: Unauthenticated calls allowed from SIP channel driver Asterisk Security Team (Mar 19)
AST-2008-004: Format String Vulnerability in Logger and Manager Asterisk Security Team (Mar 19)
AST-2008-005: HTTP Manager ID is predictable Asterisk Security Team (Mar 19)
AST-2008-002: Two buffer overflows in RTP Codec Payload Handling Asterisk Security Team (Mar 19)
Ben Klang
Re: Horde Webmail file inclusion proof of concept & patch. Ben Klang (Mar 08)
Bernhard Mueller
Firewire Attack on Windows Vista Bernhard Mueller (Mar 05)
bzhbfzj3001
RE: Firewire Attack on Windows Vista bzhbfzj3001 (Mar 06)
Chris Evans
Sun JDK image parsing vulnerabilities Chris Evans (Mar 06)
Chris Porter
ircu/snircd remote crash vulnerability Chris Porter (Mar 24)
Christos Zoulas
Re: [securityreason] *BSD libc (strfmon) Multiple vulnerabilities Christos Zoulas (Mar 27)
Chris Withers
Re: hacking the mitsubishi GB-50A Chris Withers (Mar 25)
hacking the mitsubishi GB-50A Chris Withers (Mar 22)
Re: hacking the mitsubishi GB-50A Chris Withers (Mar 26)
Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: CiscoWorks Internetwork Performance Monitor Remote Command Execution Vulnerability Cisco Systems Product Security Incident Response Team (Mar 14)
Cisco Security Advisory: Cisco IOS User Datagram Protocol Delivery Issue For IPv4/IPv6 Dual-stack Routers Cisco Systems Product Security Incident Response Team (Mar 26)
Cisco Security Advisory: Vulnerability in Cisco IOS with OSPF, MPLS VPN, and Supervisor 32, Supervisor 720, or Route Switch Processor 720 Cisco Systems Product Security Incident Response Team (Mar 26)
Cisco Security Advisory: Cisco IOS Multicast Virtual Private Network (MVPN) Data Leak Cisco Systems Product Security Incident Response Team (Mar 26)
Cisco Security Advisory: Cisco Secure Access Control Server for Windows User-Changeable Password Vulnerabilities Cisco Systems Product Security Incident Response Team (Mar 12)
Cisco Security Advisory: Cisco IOS Virtual Private Dial-up Network Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Mar 26)
Cisco Security Advisory: Multiple DLSw Denial of Service Vulnerabilities in Cisco IOS Cisco Systems Product Security Incident Response Team (Mar 26)
cmzs
Re: Crafty Syntax Xss Vulnerability cmzs (Mar 04)
Collin R. Mulliner
raidsonic nas-4220 crypt disk key leak (stored in plain on unencrypted partition) Collin R. Mulliner (Mar 17)
Core Security Technologies Advisories
CORE-2008-0123: Leopard Server Remote Path Traversal Core Security Technologies Advisories (Mar 18)
CORE-2007-1212: SILC pkcs_decode buffer overflow Core Security Technologies Advisories (Mar 25)
CORE-2008-0124: Multiple vulnerabilities in Google's Android SDK Core Security Technologies Advisories (Mar 04)
CORE-2008-0204: Timbuktu Pro Remote Path Traversal and Log Injection Core Security Technologies Advisories (Mar 11)
cxib
{securityreason.com}PHP 5 *printf() - Integer Overflow cxib (Mar 21)
[securityreason] *BSD libc (strfmon) Multiple vulnerabilities cxib (Mar 27)
Daniel O'Connor
Re: Firewire Attack on Windows Vista Daniel O'Connor (Mar 06)
dann frazier
[SECURITY] [DSA 1503-2] New Linux kernel 2.4.27 packages fix several issues dann frazier (Mar 06)
david130490
Re: Rosoft Media Player 4.1.8 RML Stack Based Buffer Overflow david130490 (Mar 17)
Pizco vulnerable to buffer overflow in activex david130490 (Mar 20)
David Morton
Re: Horde Webmail file inclusion proof of concept & patch. David Morton (Mar 21)
dcastro
Re: Potential SQL injection vulnerability in Apache::AuthCAS dcastro (Mar 24)
Desai, Ashish
RE: hacking the mitsubishi GB-50A Desai, Ashish (Mar 24)
Devin Carraway
[SECURITY] [DSA 1533-1] New exiftags packages fix several vulnerabilities Devin Carraway (Mar 28)
Digital Security Research Group
[DSECRG-08-021] Multiple LFI in PowerPHPBoard 1.00b Digital Security Research Group (Mar 24)
[DSECRG-08-017] Flyspray 0.9.9.4 Multiple Security Vulnerabilities Digital Security Research Group (Mar 03)
[DSECRG-08-019] LFI in PowerBook 1.21 Digital Security Research Group (Mar 24)
[DSECRG-08-020] RFI-LFI in PowerClan 1.14a Digital Security Research Group (Mar 24)
[DSECRG-08-022] Multiple Security Vulnerabilities in Bolinos 4.6.1 Digital Security Research Group (Mar 25)
dj_remix_20
Efestech Video v5,0 (id) Remote Sql Injection dj_remix_20 (Mar 31)
EfesTech E-Kontr (id) Remote SQL INJECTION dj_remix_20 (Mar 24)
DoZ
WordPress Multiple Cross-Site Scripting Vulnerabilities DoZ (Mar 07)
Dragos Ruiu
CanSecWest 2008 PWN2OWN - Mar 26-28 Dragos Ruiu (Mar 21)
DVLabs
TPTI-08-03: Microsoft Excel Rich Text Memory Corruption Vulnerability DVLabs (Mar 11)
Enno Rey
Troopers08 Security Conference, April 23/24 (Munich/Germany) Enno Rey (Mar 15)
erics
Re: Crafty Syntax Xss Vulnerability erics (Mar 03)
evilcry
XChat 2.8.4-1 - Multiple Vulnerabilities evilcry (Mar 28)
Hamachi Password Disclosure Vulnerability evilcry (Mar 24)
fabio
Re: XChat 2.8.4-1 - Multiple Vulnerabilities fabio (Mar 28)
fake
Re: Smf 1.1.4 Remote File Inclusion Vulnerabilities fake (Mar 28)
FD
Re: [Full-disclosure] Firewire Attack on Windows Vista FD (Mar 11)
Felix 'FX' Lindner
Cisco ACS UCP Remote Pre-Authentication Buffer Overflows Felix 'FX' Lindner (Mar 12)
Florian Weimer
[SECURITY] [DSA 1522-1] New unzip packages fix potential code execution Florian Weimer (Mar 18)
[SECURITY] [DSA 1516-1] New dovecot packages fix privilege escalation Florian Weimer (Mar 15)
[SECURITY] [DSA 1515-1] New libnet-dns-perl packages fix several vulnerabilities Florian Weimer (Mar 12)
[SECURITY] [DSA 1523-1] New ikiwiki packages fix cross-site scripting Florian Weimer (Mar 18)
Gadi Evron
hacking a pacemaker Gadi Evron (Mar 12)
Gerardo García Peña
Summer Camp 2008 - La Garrotxa Gerardo García Peña (Mar 10)
Glenn.Everhart
RE: [Full-disclosure] Firewire Attack on Windows Vista Glenn.Everhart (Mar 07)
gmdarkfig
VHCS <= 2.4.7.1 (vhcs2_daemon) Remote Root Exploit gmdarkfig (Mar 10)
greentea-lemon
Re: Format string in McAfee Framework 3.6.0.569 (ePolicy Orchestrator 4.0) greentea-lemon (Mar 17)
Guns
phpAddressBook v2.11 Multiple Local File Inclusion Vulnerabilities Guns (Mar 22)
hadihadi_zedehal_2006
CuteFlow Version 1.5.0 Multiple Remote Vulnerabilities hadihadi_zedehal_2006 (Mar 29)
php-addressbook v2.0 SQL Injection Vulnerbility hadihadi_zedehal_2006 (Mar 26)
Hanno Böck
Cross Site Scripting (XSS) in phpstats 0.1_alpha, CVE-2008-0125 Hanno Böck (Mar 18)
H D Moore
Re: [DSECRG-08-018] Ruby 1.8.6 (Webrick Httpd 1.3.1) Directory traversal file Download Vulnerability H D Moore (Mar 06)
Henri Lindberg - Smilehouse Oy
Checkpoint VPN-1 UTM Edge cross-site scripting Henri Lindberg - Smilehouse Oy (Mar 06)
houssamix
PHP-Nuke Module NukeC30 sql injection houssamix (Mar 11)
iDefense Labs
iDefense Security Advisory 03.10.08: SAP MaxDB Signedness Error Heap Corruption Vulnerability iDefense Labs (Mar 10)
iDefense Security Advisory 03.11.08: Microsoft Excel DVAL Heap Corruption Vulnerability iDefense Labs (Mar 12)
iDefense Security Advisory 03.18.08: Multiple Vendor CUPS CGI Heap Overflow Vulnerability iDefense Labs (Mar 18)
iDefense Security Advisory 03.10.08: SAP MaxDB sdbstarter Privilege Escalation Vulnerability iDefense Labs (Mar 10)
iDefense Security Advisory 03.11.08: Microsoft Excel 2003 Malformed Formula Memory Corruption Vulnerability iDefense Labs (Mar 12)
iDefense Security Advisory 03.11.08: Microsoft Outlook mailto Command Line Switch Injection iDefense Labs (Mar 12)
info
Easy-Clanpage 2.2 (id) Remote SQL Injection Vulnerability info (Mar 20)
Digital Armaments March-April Hacking Challenge: 5,000$ Prize - Client Vulnerabilities and Exploit info (Mar 18)
infocus
[INFIGO-2008-03-07]: Surgemail 38k4 IMAP server remote stack overflow infocus (Mar 21)
Jacob Appelbaum
Re: [Full-disclosure] Firewire Attack on Windows Vista Jacob Appelbaum (Mar 10)
Re: [Full-disclosure] Firewire Attack on Windows Vista Jacob Appelbaum (Mar 11)
James Connery
Question on CERT-FI and CPNI Joint Vulnerability Advisory on Archive Formats? James Connery (Mar 19)
James C. Slora Jr.
RE: hacking the mitsubishi GB-50A James C. Slora Jr. (Mar 24)
Jamie Strandboge
[USN-591-1] libicu vulnerabilities Jamie Strandboge (Mar 24)
[USN-588-1] MySQL vulnerabilities Jamie Strandboge (Mar 20)
[USN-582-2] Thunderbird vulnerabilities Jamie Strandboge (Mar 06)
[USN-592-1] Firefox vulnerabilities Jamie Strandboge (Mar 26)
[USN-584-1] OpenLDAP vulnerabilities Jamie Strandboge (Mar 06)
Jerome Athias
e107 My_Gallery Plugin Arbitrary File Download Vulnerability Jerome Athias (Mar 25)
Jindrich Kubec
Re: Smf 1.1.4 Remote File Inclusion Vulnerabilities Jindrich Kubec (Mar 28)
jkouns
Google SoC 2008: Security Projects jkouns (Mar 22)
jmoss
Black Hat Announcements: New CFP system and Japan '08 confirmed jmoss (Mar 15)
Joe
Re: [BUGTRAQ] RE: hacking the mitsubishi GB-50A Joe (Mar 25)
J. Oquendo
Re: Linksys phone adapter denial of service J. Oquendo (Mar 24)
Re: Linksys phone adapter denial of service J. Oquendo (Mar 24)
jose
Minigal 2 critical XSS jose (Mar 04)
joseph . giron13
h2desk helpdesk path disclosure vulnerability joseph . giron13 (Mar 01)
jplopezy
Safari 3.1 for windows download bug jplopezy (Mar 22)
Internet Explorer 7.0 crash jplopezy (Mar 18)
Internet explorer 7.0 spoofing jplopezy (Mar 28)
Safari browser 3.1 (525.13) spoofing jplopezy (Mar 22)
jsavill
Re: Heap overflow in Sybase MobiLink 10.0.1.3629 jsavill (Mar 28)
Kees Cook
[USN-595-1] SDL_image vulnerabilities Kees Cook (Mar 27)
[USN-589-1] unzip vulnerability Kees Cook (Mar 20)
[USN-593-1] Dovecot vulnerabilities Kees Cook (Mar 27)
[USN-596-1] Ruby vulnerabilities Kees Cook (Mar 27)
[USN-590-1] bzip2 vulnerability Kees Cook (Mar 24)
[USN-594-1] libnet-dns-perl vulnerability Kees Cook (Mar 27)
[USN-585-1] Python vulnerabilities Kees Cook (Mar 11)
[USN-586-1] mailman vulnerability Kees Cook (Mar 15)
[USN-583-1] Evolution vulnerability Kees Cook (Mar 05)
[USN-587-1] Kerberos vulnerabilities Kees Cook (Mar 19)
knight4vn
Blackboard Academic Suite Multiple XSS Vulnerabilities knight4vn (Mar 26)
kralor
Rapid7 Advisory R7-0032: Microsoft Internet Explorer FTP Command Injection Vulnerability kralor (Mar 13)
L4teral
Squid Analysis Report Generator <= 2.2.3.1 buffer overflow L4teral (Mar 03)
labs
DotNetNuke Default Machine Key Exposure labs (Mar 21)
Larry Seltzer
RE: [Full-disclosure] Firewire Attack on Windows Vista Larry Seltzer (Mar 07)
RE: [Full-disclosure] Firewire Attack on Windows Vista Larry Seltzer (Mar 07)
RE: [Full-disclosure] Firewire Attack on Windows Vista Larry Seltzer (Mar 08)
RE: [Full-disclosure] Firewire Attack on Windows Vista Larry Seltzer (Mar 07)
RE: [Full-disclosure] Firewire Attack on Windows Vista Larry Seltzer (Mar 10)
RE: [Full-disclosure] Firewire Attack on Windows Vista Larry Seltzer (Mar 10)
RE: [Full-disclosure] Firewire Attack on Windows Vista Larry Seltzer (Mar 07)
RE: [Full-disclosure] Firewire Attack on Windows Vista Larry Seltzer (Mar 08)
RE: Firewire Attack on Windows Vista Larry Seltzer (Mar 06)
Layer One
LayerOne 2008 Update Layer One (Mar 03)
Liquidmatrix Security Digest
Advisory Adobe LiveCycle Workflow XSS Vulnerability Liquidmatrix Security Digest (Mar 11)
lovebug
PHP-Nuke KutubiSitte "kid" SQL Injection lovebug (Mar 06)
PHP-Nuke SQL injection Module "Hadith" [cat] lovebug (Mar 10)
PHP-Nuke Module ZClassifieds [cat] SQL Injection lovebug (Mar 11)
Luigi Auriemma
Multiple heap overflows in xine-lib 1.1.11 Luigi Auriemma (Mar 20)
Vulnerabilities in Timbuktu Pro 8.6.5 Luigi Auriemma (Mar 10)
Multiple vulnerabilities in Net Inspector 6.5.0.828 Luigi Auriemma (Mar 17)
Directory traversal in 2X ThinClientServer v5.0_sp1-r3497 Luigi Auriemma (Mar 31)
Denial of Service in PacketTrap TFTP server 2.0.3901.0 Luigi Auriemma (Mar 10)
Multiple integer overflows in Borland StarTeam server 10.0.0.57 Luigi Auriemma (Mar 03)
NULL pointer in Acronis True Image Windows Agent 1.0.0.54 Luigi Auriemma (Mar 10)
Multiple vulnerabilities in ASG-Sentry 7.0.0 Luigi Auriemma (Mar 10)
Directory traversal and NULL pointer in Acronis PXE Server 2.0.0.1076 Luigi Auriemma (Mar 10)
Directory traversal in MicroWorld eScan Server 9.0.742.98 Luigi Auriemma (Mar 06)
VLC highlander bug Luigi Auriemma (Mar 17)
NULL pointer in Remotely Anywhere 8.0.668 Luigi Auriemma (Mar 10)
Directory traversal in Argon Client Management Services 1.31 Luigi Auriemma (Mar 10)
Multiple vulnerabilities in Perforce Server 2007.3/143793 Luigi Auriemma (Mar 05)
Arbitrary commands execution in Versant Object Database 7.0.1.3 Luigi Auriemma (Mar 04)
Invalid memory access in Acronis True Image Group Server 1.5.19.191 Luigi Auriemma (Mar 10)
Multiple vulnerabilities in MailEnable Professional/Enterprise 3.13 Luigi Auriemma (Mar 07)
Buffer-overflow in ASUS Remote Console 2.0.0.24 Luigi Auriemma (Mar 22)
Format string in McAfee Framework 3.6.0.569 (ePolicy Orchestrator 4.0) Luigi Auriemma (Mar 12)
Buffer-overflow in BootManage TFTPD 1.99 Luigi Auriemma (Mar 17)
Multiple vulnerabilities in solidDB 06.00.1018 Luigi Auriemma (Mar 26)
Re: [Full-disclosure] Vulnerabilities in Timbuktu Pro 8.6.5 Luigi Auriemma (Mar 11)
Major Malfunction
London DEFCON meet - DC4420 - New Venue - Wednesday 2nd April, 2008 Major Malfunction (Mar 31)
Maximiliano Müller
Re: VHCS <= 2.4.7.1 (vhcs2_daemon) Remote Root Exploit Maximiliano Müller (Mar 12)
Michael VERGOZ
Re: Linksys phone adapter denial of service Michael VERGOZ (Mar 25)
Mike Duncan
Re: Smf 1.1.4 Remote File Inclusion Vulnerabilities Mike Duncan (Mar 28)
Milen Rangelov
Zabbix (zabbix_agentd) denial of service Milen Rangelov (Mar 13)
Minded Security Research Labs
[MSA01240108] IE7 Transfer-Encoding: chunked allows Request Splitting/Smuggling. Minded Security Research Labs (Mar 21)
[MSA02240108] IE7 allows overwriting of several headers leading to Http request Splitting and smuggling. Minded Security Research Labs (Mar 21)
morin . josh
Re: XSS in cPanel 11.x morin . josh (Mar 24)
Moritz Muehlenhoff
[SECURITY] [DSA 1535-1] New iceweasel packages fix several vulnerabilities Moritz Muehlenhoff (Mar 31)
[SECURITY] [DSA 1506-2] New iceape packages fix regression Moritz Muehlenhoff (Mar 20)
[SECURITY] [DSA 1532-1] New xulrunner packages fix several vulnerabilities Moritz Muehlenhoff (Mar 28)
[SECURITY] [DSA 1514-1] New moin packages fix several vulnerabilities Moritz Muehlenhoff (Mar 10)
[SECURITY] [DSA 1485-2] New icedove packages fix regression Moritz Muehlenhoff (Mar 18)
[SECURITY] [DSA 1525-1] New asterisk packages fix several vulnerabilities Moritz Muehlenhoff (Mar 20)
[SECURITY] [DSA 1534-1] New iceape packages fix several vulnerabilities Moritz Muehlenhoff (Mar 28)
[SECURITY] [DSA 1529-1] New Firebird packages fix several vulnerabilities Moritz Muehlenhoff (Mar 27)
mouss
Re: Internet explorer 7.0 spoofing mouss (Mar 31)
muuratsalo experimental hack lab
uberghey cms 0.3.1 multiple local file inclusion vulnerabilities muuratsalo experimental hack lab (Mar 12)
kcwiki 1.0 multiple remote file inclusion vulnerabilities. muuratsalo experimental hack lab (Mar 03)
travelsized cms 0.4.1 multiple local file inclusion vulnerabilities muuratsalo experimental hack lab (Mar 12)
my_msn_my_msn_my
Re: PHP-Nuke Module NukeC30 sql injection my_msn_my_msn_my (Mar 13)
Nathanael Hoyle
Re: Firewire Attack on Windows Vista Nathanael Hoyle (Mar 07)
nbbn
WoltLab Burning Board Lite 2 Beta 1 Thread Delete CSRF Vulnerability nbbn (Mar 08)
nbbn () gmx net
phpBB 2.0.23 Session Hijacking Vulnerability nbbn () gmx net (Mar 19)
nebelfrost23
Proviso SiteKiosk File Download Vulnerability nebelfrost23 (Mar 31)
neodwija
Re: Format string in McAfee Framework 3.6.0.569 (ePolicy Orchestrator 4.0) neodwija (Mar 17)
Nicolas Waisman
Immunity Debugger 1.5 Nicolas Waisman (Mar 28)
nima_501
XSS in PHP-Nuke (eWeather module) nima_501 (Mar 13)
XSS in Neptune Web Server nima_501 (Mar 07)
nnposter
F5 BIG-IP Web Management Audit Log XSS nnposter (Mar 24)
Alkacon OpenCms users_list.jsp searchfilter XSS nnposter (Mar 24)
F5 BIG-IP Web Management Console XSS nnposter (Mar 08)
Alkacon OpenCms logfileViewSettings.jsp XSS, file disclosure nnposter (Mar 08)
Noah Meyerhans
[SECURITY] [DSA 1524-1] New krb5 packages fix multiple vulnerabilities Noah Meyerhans (Mar 18)
[SECURITY] [DSA 1530-1] New cupsys packages fix multiple vulnerabilities Noah Meyerhans (Mar 25)
no-reply
Office XP Remote SQL Injection no-reply (Mar 13)
PHP-Nuke Module "seminar" Local FIle Inclusion no-reply (Mar 04)
Mambo Components ensenanzas "id" Remote SQL Injection no-reply (Mar 11)
Dynamic photo gallery V1.02 SQL Injection no-reply (Mar 03)
Joomla components com_guide "category" Remote SQL Injection [Aria-Security] no-reply (Mar 17)
Mambo com_Musica "id" Remote SQL Injection no-reply (Mar 01)
PHP-Nuke Module eGallery "pid" Remote SQL Injection no-reply (Mar 04)
Mambo/joomla com_intellect "page" LFI [Aria-Security] no-reply (Mar 19)
nyubicrew
SolpotCrew Advisory #16 - Mitra Informatika Solusindo cart Remote Sql Injection Exploit nyubicrew (Mar 04)
omnipresent
eForum 0.4 XSS omnipresent (Mar 18)
Re: Re: XChat 2.8.4-1 - Multiple Vulnerabilities omnipresent (Mar 31)
opexoc
Re: Re: Rosoft Media Player 4.1.8 RML Stack Based Buffer Overflow opexoc (Mar 18)
Re: Re: Rosoft Media Player 4.1.8 RML Stack Based Buffer Overflow opexoc (Mar 18)
Rosoft Media Player 4.1.8 RML Stack Based Buffer Overflow opexoc (Mar 15)
orsino
Re: Linksys phone adapter denial of service orsino (Mar 24)
paraw
Re: Local persistent DoS in Windows XP SP2 Taskmgr paraw (Mar 17)
patrick
Re: Remotely Anywhere 'Accept-Charset' Parameter NULL Pointer patrick (Mar 11)
Peter Watkins
Re: Firewire Attack on Windows Vista Peter Watkins (Mar 06)
Petko D. Petkov
The Router Hacking Challenge is Over! Petko D. Petkov (Mar 01)
Agile Hacking Petko D. Petkov (Mar 17)
ph
Re: Directory traversal and DoS in WinIPDS G52-33-021 ph (Mar 13)
Pierre-Yves Rofes
[ GLSA 200803-17 ] PDFlib: Multiple buffer overflows Pierre-Yves Rofes (Mar 10)
[ GLSA 200803-04 ] Mantis: Cross-Site Scripting Pierre-Yves Rofes (Mar 03)
[ GLSA 200803-19 ] Apache: Multiple vulnerabilities Pierre-Yves Rofes (Mar 11)
[ GLSA 200803-05 ] SplitVT: Privilege escalation Pierre-Yves Rofes (Mar 03)
[ GLSA 200803-10 ] lighttpd: Multiple vulnerabilities Pierre-Yves Rofes (Mar 05)
[ GLSA 200803-07 ] Paramiko: Information disclosure Pierre-Yves Rofes (Mar 03)
[ GLSA 200803-13 ] VLC: Multiple vulnerabilities Pierre-Yves Rofes (Mar 07)
[ GLSA 200803-20 ] International Components for Unicode: Multiple vulnerabilities Pierre-Yves Rofes (Mar 11)
[ GLSA 200803-14 ] Ghostscript: Buffer overflow Pierre-Yves Rofes (Mar 08)
[ GLSA 200803-18 ] Cacti: Multiple vulnerabilities Pierre-Yves Rofes (Mar 10)
[ GLSA 200803-32 ] Wireshark: Denial of Service Pierre-Yves Rofes (Mar 24)
[ GLSA 200803-15 ] phpMyAdmin: SQL injection vulnerability Pierre-Yves Rofes (Mar 10)
[ GLSA 200803-06 ] SWORD: Shell command injection Pierre-Yves Rofes (Mar 03)
[ GLSA 200803-11 ] Vobcopy: Insecure temporary file creation Pierre-Yves Rofes (Mar 06)
[ GLSA 200803-01 ] Adobe Acrobat Reader: Multiple vulnerabilities Pierre-Yves Rofes (Mar 03)
[ GLSA 200803-03 ] Audacity: Insecure temporary file creation Pierre-Yves Rofes (Mar 03)
[ GLSA 200803-27 ] MoinMoin: Multiple vulnerabilities Pierre-Yves Rofes (Mar 19)
[ GLSA 200803-09 ] Opera: Multiple vulnerabilities Pierre-Yves Rofes (Mar 04)
[ GLSA 200803-02 ] Firebird: Multiple vulnerabilities Pierre-Yves Rofes (Mar 03)
[ GLSA 200803-22 ] LIVE555 Media Server: Denial of Service Pierre-Yves Rofes (Mar 14)
[ GLSA 200803-16 ] MPlayer: Multiple buffer overflows Pierre-Yves Rofes (Mar 10)
[ GLSA 200803-28 ] OpenLDAP: Denial of Service vulnerabilities Pierre-Yves Rofes (Mar 20)
[ GLSA 200803-23 ] Website META Language: Insecure temporary file usage Pierre-Yves Rofes (Mar 17)
[ GLSA 200803-08 ] Win32 binary codecs: Multiple vulnerabilities Pierre-Yves Rofes (Mar 04)
[ GLSA 200803-12 ] Evolution: Format string vulnerability Pierre-Yves Rofes (Mar 06)
ppelanne
Horde Webmail file inclusion proof of concept & patch. ppelanne (Mar 07)
ProCheckUp Research
PR08-02: Plone CMS Security Research - the Art of Plowning ProCheckUp Research (Mar 13)
quentin . berdugo
Security Advisory on RSA Web ID (XSS) quentin . berdugo (Mar 17)
r080cy90r
PHP-Nuke KutubiSitte "kid" SQL Injection exploit code adding r080cy90r (Mar 07)
r57blg
JAF-CMS 4.0 RC2 Multiple Remote File Inclusion Vulnerabilities r57blg (Mar 27)
Cuteflow Bin v1.5.0 Local File Inclusion Vuln r57blg (Mar 25)
TopperMod 2.0 Remote SQL Injection Vulnerability r57blg (Mar 27)
PacketTrap Networks pt360 2.0.39 TFTPD Remote DoS Exploit r57blg (Mar 31)
raeburn
MITKRB5-SA-2008-001: double-free, uninitialized data vulnerabilities in krb5kdc raeburn (Mar 18)
MITKRB5-SA-2008-001: double-free, uninitialized data vulnerabilities in krb5kdc raeburn (Mar 18)
MITKRB5-SA-2008-002: array overrun in RPC library used by kadmin (resend, corrected subject) raeburn (Mar 18)
Raphael Marichez
[ GLSA 200803-21 ] Sarg: Remote execution of arbitrary code Raphael Marichez (Mar 12)
Recon
Recon 2008 - Call For Paper Recon (Mar 03)
RedTeam Pentesting GmbH
Advisory: SQL-Injections in Mapbender RedTeam Pentesting GmbH (Mar 11)
Robert Buchholz
ERRATA: [ GLSA 200801-09 ] X.Org X server and Xfont library: Multiple vulnerabilities Robert Buchholz (Mar 05)
[ GLSA 200803-25 ] Dovecot: Multiple vulnerabilities Robert Buchholz (Mar 18)
[ GLSA 200803-31 ] MIT Kerberos 5: Multiple vulnerabilities Robert Buchholz (Mar 24)
[ GLSA 200803-26 ] Adobe Acrobat Reader: Insecure temporary file creation Robert Buchholz (Mar 18)
[ GLSA 200803-30 ] ssl-cert eclass: Certificate disclosure Robert Buchholz (Mar 20)
Roger A. Grimes
RE: Firewire Attack on Windows Vista Roger A. Grimes (Mar 05)
rPath Update Announcements
rPSA-2008-0099-1 dbus dbus-glib dbus-qt dbus-x11 rPath Update Announcements (Mar 07)
rPSA-2008-0116-1 unzip rPath Update Announcements (Mar 22)
rPSA-2008-0106-1 lighttpd rPath Update Announcements (Mar 12)
rPSA-2008-0132-1 lighttpd rPath Update Announcements (Mar 31)
rPSA-2008-0118-1 bzip2 rPath Update Announcements (Mar 22)
rPSA-2008-0120-1 gnome-ssh-askpass openssh openssh-client openssh-server rPath Update Announcements (Mar 25)
rPSA-2008-0108-1 dovecot rPath Update Announcements (Mar 12)
rPSA-2008-0112-1 krb5 krb5-server krb5-services krb5-test krb5-workstation rPath Update Announcements (Mar 20)
rPSA-2008-0128-1 firefox rPath Update Announcements (Mar 27)
rPSA-2008-0123-1 ruby rPath Update Announcements (Mar 25)
sad_wabi_user
Re: Re: Re: VHCS <= 2.4.7.1 (vhcs2_daemon) Remote Root Exploit sad_wabi_user (Mar 13)
security
[ MDVSA-2008:071 ] - Updated Kerberos packages fix multiple vulnerabilities security (Mar 20)
[ MDVSA-2008:075 ] - Updated bzip2 packages fix denial of service vulnerability security (Mar 24)
[ MDVSA-2008:059 ] - Updated tcl packages fix vulnerability security (Mar 05)
[ MDVSA-2008:066 ] - Updated gcc packages fix directory traversal vulnerability in fastjar security (Mar 13)
[ MDVSA-2008:076 ] - Updated wml packages fix symlink vulnerabilities security (Mar 26)
[ MDVSA-2008:068 ] - Updated unzip packages vulnerability security (Mar 19)
[ MDVSA-2008:062 ] - Updated Thunderbird packages fix multiple vulnerabilities security (Mar 07)
[ MDVSA-2008:073 ] - Updated perl-Net-DNS packages fix DoS vulnerability security (Mar 20)
[ MDVSA-2008:063 ] - Updated Evolution packages fix critical vulnerability security (Mar 07)
[ MDVSA-2008:080 ] - Updated Firefox packages fix multiple vulnerabilities security (Mar 29)
[ MDVSA-2008:079 ] - Updated sarg packages fix multiple vulnerabilities security (Mar 28)
[ MDVSA-2008:074 ] - Updated audacity package fixes insecure temporary directory creation security (Mar 21)
[ MDVSA-2008:069 ] - Updated Kerberos packages fix multiple vulnerabilities security (Mar 20)
[ MDVSA-2008:057 ] - Updated wireshark packages fix denial of service vulnerabilities security (Mar 04)
[ MDVSA-2008:065 ] - Updated pulseaudio packages fix denial of service vulnerabilities security (Mar 10)
[ MDVSA-2008:064 ] - Updated tomboy packages fix improper LD_LIBRARY_PATH handling security (Mar 07)
[ MDVSA-2008:058 ] - Updated openldap packages fix multiple vulnerabilities security (Mar 05)
[ MDVSA-2008:067 ] - Updated nagios packages fix multiple vulnerabilities security (Mar 18)
[ MDVSA-2008:060 ] - Updated Joomla! packages fix multiple vulnerabilities security (Mar 06)
[ MDVSA-2008:072 ] - Updated kernel packages fix vulnerability security (Mar 20)
[ MDVSA-2008:061 ] - Updated mailman packages fix multiple XSS vulnerabilities security (Mar 06)
[ MDVSA-2008:070 ] - Updated Kerberos packages fix multiple vulnerabilities security (Mar 20)
[ MDVSA-2008:078 ] - Updated openssh packages fix X connection hijacking security (Mar 27)
[ MDVSA-2008:077 ] - Updated perl-Tk packages fix GIF processing vulnerability security (Mar 27)
security-alert
[security bulletin] HPSBUX02313 SSRT080015 rev.2 - HP-UX Running Apache, Remote Cross Site Scripting (XSS) security-alert (Mar 11)
[security bulletin] HPSBGN02305 SSRT080004 rev.1 - HP Compaq Business Notebook PC BIOS, Local Denial of Service (DoS) security-alert (Mar 28)
HPSBST02321 SSRT080029 rev.1 - HP StorageWorks Library and Tape Tools (LTT) Running on HP-UX, Local Unauthorized Access security-alert (Mar 19)
[security bulletin] HPSBST02320 SSRT080028 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-014 to MS08-017 security-alert (Mar 18)
[security bulletin] HPSBOV02278 SSRT071479 rev.1 - HP OpenVMS SSH Using TCP/IP Services for OpenVMS, Remote Unauthorized Access security-alert (Mar 28)
[security bulletin] HPSBTU02322 SSRT080011 rev.1 - HP Tru64 UNIX running SSH/SFTP Server, Remote Execution of Arbitrary Code or Denial of Service (DoS) security-alert (Mar 26)
[security bulletin] HPSBGN02319 SSRT080027 rev.1 - HP Compaq Notebook PC BIOS, Local Unauthorized Access security-alert (Mar 28)
[security bulletin] HPSBUX02316 SSRT071495 rev.1 - HP-UX running HP CIFS Server (Samba), Remote Execution of Arbitrary Code security-alert (Mar 11)
[security bulletin] HPSBUX02306 SSRT071463 rev.2 - HP-UX Running ARPA Transport, Remote Denial of Service (DoS) security-alert (Mar 10)
Seth Fogie
Airscanner Mobile Security Advisory #07122001: Eye-Fi Multiple Vulnerabilities Seth Fogie (Mar 03)
shaheemirza
Invision Power Board <=2.3.x iFrame Vuln shaheemirza (Mar 26)
sibertrwolf
Smf 1.1.4 Remote File Inclusion Vulnerabilities sibertrwolf (Mar 28)
sipherr
Aztech ADSL2/2+ 4 Port remote root sipherr (Mar 26)
Re: Re: Linksys phone adapter denial of service sipherr (Mar 24)
Linksys phone adapter denial of service sipherr (Mar 24)
SkyOut
Local persistent DoS in Windows XP SP2 Taskmgr SkyOut (Mar 15)
Stefan Kanthak
Re: Firewire Attack on Windows Vista Stefan Kanthak (Mar 10)
Re: [Full-disclosure] Firewire Attack on Windows Vista Stefan Kanthak (Mar 10)
Re: Firewire Attack on Windows Vista Stefan Kanthak (Mar 13)
Steve Kemp
[SECURITY] [DSA 1513-1] New lighttpd packages fix CGI source disclosure Steve Kemp (Mar 06)
[SECURITY] [DSA 1521-1] New lighttpd packages fix arbitrary file disclosure Steve Kemp (Mar 17)
[SECURITY] [DSA 1511-1] New libicu packages fix multiple problems Steve Kemp (Mar 03)
[SECURITY] [DSA 1522-1] New xwine packages fix several vulnerabilities Steve Kemp (Mar 20)
Steven M. Christey
Re: hacking the mitsubishi GB-50A Steven M. Christey (Mar 26)
Steve Shockley
Re: Multiple vulnerabilities in Double-Take 5.0.0.2865 Steve Shockley (Mar 06)
Re: Office XP Remote SQL Injection Steve Shockley (Mar 14)
Re: Firewire Attack on Windows Vista Steve Shockley (Mar 11)
str0ke
Re: JAF-CMS 4.0 RC2 Multiple Remote File Inclusion Vulnerabilities str0ke (Mar 27)
swhite
IBM Rational ClearQuest Web Multiple XSS Vulnerabilities swhite (Mar 19)
CS-Cart XSS swhite (Mar 19)
Sylvain
XNview 1.92.1 Long Filename Overflow Sylvain (Mar 15)
sys-project
Koobi CMS 4.3.0 - 4.2.3 (categ) Remote SQL Injection Vulnerability sys-project (Mar 01)
KAPhotoservice (album.asp) Remote SQL Injection Exploit sys-project (Mar 20)
EasyCalendar <= 4.0tr - Multiple Remote Vulnerabilities sys-project (Mar 17)
Mutiple Timesheets <= 5.0 - Multiple Remote Vulnerabilities sys-project (Mar 17)
EasyGallery <= 5.0tr - Multiple Remote Vulnerabilities sys-project (Mar 14)
Thierry Zoller
Re: Firewire Attack on Windows Vista Thierry Zoller (Mar 05)
Thijs Kinkhorst
[SECURITY] [DSA 1531-2] New policyd-weight packages fix insecure temporary files Thijs Kinkhorst (Mar 31)
[SECURITY] [DSA 1517-1] New ldapscripts packages fix information disclosure Thijs Kinkhorst (Mar 17)
[SECURITY] [DSA 1527-1] New debian-goodies packages fix privilege escalation Thijs Kinkhorst (Mar 24)
[SECURITY] [DSA 1531-1] New policyd-weight packages fix insecure temporary files Thijs Kinkhorst (Mar 27)
[SECURITY] [DSA 1518-1] New backup-manager packages fix information disclosure Thijs Kinkhorst (Mar 17)
[SECURITY] [DSA 1512-1] New evolution packages fix arbitrary code execution Thijs Kinkhorst (Mar 05)
[SECURITY] [DSA 1520-1] New smarty packages fix arbitrary code execution Thijs Kinkhorst (Mar 17)
[SECURITY] [DSA 1528-1] New serendipity packages fix cross site scripting Thijs Kinkhorst (Mar 24)
[SECURITY] [DSA 1519-1] New horde3 packages fix information disclosure Thijs Kinkhorst (Mar 17)
[SECURITY] [DSA 1493-2] New sdl-image1.2 packages fix arbitrary code execution Thijs Kinkhorst (Mar 17)
Thor (Hammer of God)
RE: [Full-disclosure] Firewire Attack on Windows Vista Thor (Hammer of God) (Mar 07)
RE: [Full-disclosure] Firewire Attack on Windows Vista Thor (Hammer of God) (Mar 07)
RE: Local persistent DoS in Windows XP SP2 Taskmgr Thor (Hammer of God) (Mar 17)
RE: [Full-disclosure] Firewire Attack on Windows Vista Thor (Hammer of God) (Mar 07)
RE: Firewire Attack on Windows Vista Thor (Hammer of God) (Mar 07)
Tim
Re: [Full-disclosure] Firewire Attack on Windows Vista Tim (Mar 08)
Re: [Full-disclosure] Firewire Attack on Windows Vista Tim (Mar 07)
Re: [Full-disclosure] Firewire Attack on Windows Vista Tim (Mar 07)
Re: [Full-disclosure] Firewire Attack on Windows Vista Tim (Mar 07)
Re: [Full-disclosure] Firewire Attack on Windows Vista Tim (Mar 10)
Re: [Full-disclosure] Firewire Attack on Windows Vista Tim (Mar 07)
Timo Sirainen
Dovecot mail_extra_groups setting is often used insecurely Timo Sirainen (Mar 04)
titon
Re: [Full-disclosure] Vulnerabilities in Timbuktu Pro 8.6.5 titon (Mar 11)
Tobias Heinlein
[ GLSA 200803-29 ] ViewVC: Multiple vulnerabilities Tobias Heinlein (Mar 20)
[ GLSA 200803-24 ] PCRE: Buffer overflow Tobias Heinlein (Mar 18)
Tobias Klein
[TKADV2008-002] avast! 4.7 aavmker4.sys Kernel Memory Corruption Tobias Klein (Mar 31)
[TKADV2008-001] Panda Internet Security/Antivirus+Firewall 2008 cpoint.sys Kernel Driver Memory Corruption Vulnerability Tobias Klein (Mar 08)
Tonnerre Lombard
Re: Firewire Attack on Windows Vista Tonnerre Lombard (Mar 07)
Re: Firewire Attack on Windows Vista Tonnerre Lombard (Mar 06)
turkish-warriorr
PHP-Nuke Copyright 2005 SQL turkish-warriorr (Mar 01)
Powered by phpBB 2001, 2006 (SQL) turkish-warriorr (Mar 12)
underwater
Firebird remote BOF POC underwater (Mar 10)
Valery Marchuk
Cross-site Scripting and CSRF in TorrentTrader Classic v1.08 Valery Marchuk (Mar 03)
vermsky
Re: Simple Machines Forum "SMF Shoutbox" Mod Persistent XSS vermsky (Mar 22)
Vincent Archer
Re: hacking the mitsubishi GB-50A Vincent Archer (Mar 25)
vivek_infosec
CSRF in joomla 1.0.11 stable version vivek_infosec (Mar 03)
VMware Security team
VMSA-2008-0004 Low: Updated e2fsprogs service console package VMware Security team (Mar 04)
VMSA-2008-0006 Updated libxml2 service console package VMware Security team (Mar 29)
VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues VMware Security team (Mar 18)
vulnerabilityresearch
DDIVRT-2008-09 PacketTrap PT360 Tool Suite TFTP Denial of Service Vulnerability vulnerabilityresearch (Mar 03)
DDIVRT-2008-10 PacketTrap TFTP Directory Traversal Vulnerability vulnerabilityresearch (Mar 03)
vulns
Rise of the spammers vulns (Mar 13)
w0lfd33m
Re: Internet explorer 7.0 spoofing w0lfd33m (Mar 29)
Williams, James K
CA Multiple Products DSM ListCtrl ActiveX Control Buffer Overflow Vulnerability Williams, James K (Mar 28)
Note about recently publicized CA BrightStor ActiveX exploit code Williams, James K (Mar 20)
wsn1983
Directory traversal in EdiorCMS V3.0 wsn1983 (Mar 13)
www . yo . by
vuln in snewscms Rus v 2.3 www . yo . by (Mar 17)
xx_hack_xx_2004
XSS in XP Book version 3.0 xx_hack_xx_2004 (Mar 03)
cPanel 11.x => List Directories and Folders xx_hack_xx_2004 (Mar 18)
XSS in cPanel 11.x xx_hack_xx_2004 (Mar 22)
Multiple XSS in DigiDomain xx_hack_xx_2004 (Mar 27)
zdi-disclosures
ZDI-08-010: Java Web Start encoding Stack Buffer Overflow zdi-disclosures (Mar 12)
ZDI-08-011: IBM Informix Dynamic Server DBPATH Buffer Overflow Vulnerability zdi-disclosures (Mar 13)
ZDI-08-008: Microsoft Excel BIFF File Format Cell Record Parsing Memory Corruption Vulnerability zdi-disclosures (Mar 11)
ZDI-08-013: Novell eDirectory for Linux Stack Overflow zdi-disclosures (Mar 26)
ZDI-08-009: Java Web Start tempbuff Stack Buffer Overflow zdi-disclosures (Mar 12)
ZDI-08-012: IBM Informix Dynamic Server Authentication Password Stack Overflow Vulnerability zdi-disclosures (Mar 13)
zero-x
HIS-webshop is vulnerable against Directory-Traversal (www.shoppark.de) zero-x (Mar 24)
webutil.pl is still vulnerable against Remote Command Execution. zero-x (Mar 21)
zinho
Re: CSRF in joomla 1.0.11 stable version zinho (Mar 03)