Bugtraq
[Prev Page][Next Page]
- [SECURITY] [DSA 1579-1] New netpbm-free packages fix arbitrary code execution,
Devin Carraway
- Cpanel all version >> root access with a reseller account.,
a . jasbi
- StanWeb.CMS (default.asp id) Remote SQL Injection Exploit,
sys-project
- PHP-Nuke Module KuraniKerim [sid] SQL Injection,
lovebug
- [SECURITY] [DSA 1578-1] New php4 packages fix several vulnerabilities,
Thijs Kinkhorst
- CFP for HITBSecConf2008 - Malaysia now open,
Praburaajan
- IOS rootkits,
Gadi Evron
- [ MDVSA-2008:101 ] - Updated rdesktop packages fix vulnerabilities,
security
- [ MDVSA-2008:102 ] - Updated libvorbis packages fix vulnerabilities,
security
- [SECURITY] [DSA 1576-2] New openssh packages fix predictable randomness,
Noah Meyerhans
- Hack.lu 2008 CfP,
info
- ZDI-08-025: Symantec Altiris Deployment Solution Domain Credential Disclosure Vulnerability,
zdi-disclosures
- ZDI-08-024: Symantec Altiris Deployment Solution SQL Injection Vulnerability,
zdi-disclosures
- SunShop Version 3.5.1 Remote Blind Sql Injection,
irvian . info
- Aruba Mobility Controller TACACS User Authentication and Cross Site Scripting Vulnerabilities (Aruba Advisory ID: AID-051408),
Robbie (Rupinder) Gill
- Debian generated SSH-Keys working exploit,
mm
- Kostenloses Linkmanagementscript SQL Injection Vulnerabilities,
hadihadi_zedehal_2006
- [USN-612-6] OpenVPN regression,
Jamie Strandboge
- [ GLSA 200805-16 ] OpenOffice.org: Multiple vulnerabilities,
Robert Buchholz
- Correction to BID 29112 "Apache Server HTML Injection and UTF-7 XSS Vulnerability",
William A. Rowe, Jr.
- Cisco Security Advisory: Cisco Unified Presence Denial of Service Vulnerabilities,
Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco Content Switching Module Memory Leak Vulnerability,
Cisco Systems Product Security Incident Response Team
- [ GLSA 200805-15 ] libid3tag: Denial of Service,
Tobias Heinlein
- [USN-612-5] OpenSSH update,
Jamie Strandboge
- Cisco Security Advisory: Cisco Unified Communications Manager Denial of Service Vulnerabilities,
Cisco Systems Product Security Incident Response Team
- CFP: European Conference on Computer Network Defense,
Stefano Zanero
- [SECURITY] [DSA 1576-1] New openssh packages fix predictable randomness,
Florian Weimer
- [USN-612-4] ssl-cert vulnerability,
Kees Cook
- Malformed Acrobat Distiller 8 .joboptions,
Paul Craig
- Microsoft Office Publisher PUB File Parsing Remote Memory Corruption Vulnerability,
cocoruder
- [SECURITY] [DSA 1577-1] New gforge packages fix insecure temporary files,
Thijs Kinkhorst
- Cisco BBSM Captive Portal Cross-site Scripting,
brad . antoniewicz
- [ GLSA 200805-14 ] Common Data Format library: User-assisted execution of arbitrary code,
Pierre-Yves Rofes
- iDefense Security Advisory 05.13.08: Microsoft Word CSS Processing Memory Corruption Vulnerability,
iDefense Labs
- ZDI-08-023: Microsoft Office RTF Parsing Engine Memory Corruption Vulnerability,
zdi-disclosures
- TPTI-08-04: Microsoft Office Jet Database Engine Column Parsing Stack Overflow Vulnerability,
DVLabs
- [USN-612-2] OpenSSH vulnerability,
Jamie Strandboge
- [USN-612-1] OpenSSL vulnerability,
Jamie Strandboge
- [SECURITY] [DSA 1571-1] New openssl packages fix predictable random number generator,
Florian Weimer
- iDefense Security Advisory 05.12.08: Microsoft Windows I2O Filter Utility Driver (i2omgmt.sys) Local Privilege Escalation Vulnerability,
iDefense Labs
- [SECURITY] [DSA 1575-1] New Linux 2.6.18 packages fix denial of service,
dann frazier
- [MajorSecurity Advisory #52]ActualAnalyzer family - Cross Site Scripting Issues,
admin
- [ GLSA 200805-13 ] PTeX: Multiple vulnerabilities,
Pierre-Yves Rofes
- [ GLSA 200805-12 ] Blender: Multiple vulnerabilities,
Pierre-Yves Rofes
- [ GLSA 200805-11 ] Chicken: Multiple vulnerabilities,
Pierre-Yves Rofes
- [security bulletin] HPSBUX02334 SSRT071403 rev.1 - HP-UX Running ftp, Remote Denial of Service (DoS),
security-alert
- [SECURITY] [DSA 1574-1] New icedove packages fix several vulnerabilities,
Moritz Muehlenhoff
- [SECURITY] [DSA 1573-1] New php5 packages fix several vulnerabilities,
Thijs Kinkhorst
- Confirmed Program for SyScan'08 Hong Kong,
organiser@xxxxxxxxxx
- [ GLSA 200805-10 ] Pngcrush: User-assisted execution of arbitrary code,
Pierre-Yves Rofes
- [SECURITY] [DSA 1572-1] New php5 packages fix several vulnerabilities,
Thijs Kinkhorst
- Joomla Component xsstream-dm 0.01 Beta SQL Injection,
houssamix
- [ MDVSA-2008:100 ] - Updated perl packages fix denial of service vulnerability,
security
- [SECURITY] [DSA 1573-1] New rdesktop packages fix several vulnerabilities,
Thijs Kinkhorst
- [ GLSA 200805-09 ] MoinMoin: Privilege escalation,
Pierre-Yves Rofes
- OtherLogic[vocourse.php]SQL Injection Exploit,
Breeeeh
- SazCart <= 1.5.1 (prodid) Remote SQL Injection Exploit,
sys-project
- [ GLSA 200805-07 ] Linux Terminal Server Project: Multiple vulnerabilities,
Robert Buchholz
- [ MDVSA-2008:099 ] - Updated ImageMagick packages fix vulnerabilities,
security
- XSS and CSRF vulnerability on Cpanel 11,
Matteo Carli
- FInal EUSecWest 2008 Speakers,
Dragos Ruiu
- [ GLSA 200805-06 ] Firebird: Data disclosure,
Robert Buchholz
- Oracle Application Server 10G ORA_DAV Basic Authentication Bypass Vulnerability,
Deniz Cevik
- [ GLSA 200805-08 ] InspIRCd: Denial of Service,
Robert Buchholz
- Apache Server HTML Injection and UTF-7 XSS Vulnerability,
lament hero
- [USN-611-3] GStreamer Good Plugins vulnerability,
Jamie Strandboge
- [USN-611-2] vorbis-tools vulnerability,
Jamie Strandboge
- FLEA-2008-0008-1 firefox,
Foresight Linux Essential Announcement Service
- [USN-611-1] Speex vulnerability,
Jamie Strandboge
- ezContents CMS Version 2.0.0 SQL Injection Vulnerabilities,
hadihadi_zedehal_2006
- iDefense Security Advisory 05.07.08: Multiple Vendor rdesktop process_redirect_pdu() BSS Overflow Vulnerability,
iDefense Labs
- ZYWALL Referer Header XSS Vulnerability,
Deniz Cevik
- iDefense Security Advisory 05.07.08: Multiple Vendor rdesktop channel_process() Integer Signedness Vulnerability,
iDefense Labs
- [ GLSA 200805-04 ] eGroupWare: Multiple vulnerabilities,
Pierre-Yves Rofes
- Novell Client <= 4.91 SP4 Local Stack overflow / B.S.O.D (unauthentificated user),
laurent . gaffie
- iDefense Security Advisory 05.07.08: Multiple Vendor rdesktop iso_recv_msg() Integer Underflow Vulnerability,
iDefense Labs
- Exploiting Google MX servers as Open SMTP Relays,
pablo . ximenes
- Vulnerability in Multiple Web Application,
linux0day
- VBZooM <=V1.11 "reply.php" SQL Injection Vulnerability,
Cr4zY . CrAcKeR
- Multiple XSS In TuxCMS All Version,
hadikiamarsi
- [ GLSA 200805-03 ] Multiple X11 terminals: Local privilege escalation,
Tobias Heinlein
- [USN-610-1] LTSP vulnerability,
Kees Cook
- [USN-609-1] OpenOffice.org vulnerabilities,
Kees Cook
- rPSA-2008-0162-1 kernel,
rPath Update Announcements
- Adobe Acrobat Professional Javascript For PDF Security Feature Bypass and Memory Corruption Vulnerabilities,
cocoruder
- [Advisory Update]Adobe Reader/Acrobat Remote PDF Print Silently Vulnerability,
cocoruder
- [ MDVSA-2008:098 ] - Updated openssh packages fix vulnerability,
security
- [ MDVSA-2008:096 ] - Updated emacs packages fix vulnerability in vcdiff,
security
- [ MDVSA-2008:097 ] - Updated kdelibs packages fix vulnerability in start_kdeinit,
security
- mvnForum 1.1 Cross Site Scripting,
decoder-bugtraq
- Sphider 1.3.4 Cross Site Scripting,
decoder-bugtraq
- [SECURITY] [DSA 1570-1] New kazehakase packages fix execution of arbitrary code,
Steve Kemp
- [USN-605-1] Thunderbird vulnerabilities,
Jamie Strandboge
- Power Editor LOCAL FILE INCLUSION Vulnerbility,
hadihadi_zedehal_2006
- [USN-607-1] Emacs vulnerabilities,
Jamie Strandboge
- QTOFileManager V 1.0<== Remote File Upload Vulnerability,
Cr4zY . CrAcKeR
- Invitation - OWASP AppSec Europe May 19-22 2008 - Belgium,
Sebastien Deleersnyder
- [USN-608-1] KDE vulnerability,
Jamie Strandboge
- [security bulletin] HPSBMA02331 SSRT080000 rev.2 - HP-UX running WBEM Services, Remote Execution of Arbitrary Code, Gain Extended Privileges,
security-alert
- HPSBUX02332 SSRT080056 rev.1 - HP-UX running Apache with PHP, Remote Denial of Service (DoS), Gain Extended Privileges,
security-alert
- HPSBUX02324 SSRT080034 rev.1 - HP-UX Running Netscape Directory Server (NDS), Local Gain Extended Privileges,
security-alert
- [tool announcement] tmin - a handy fuzzing test case optimizer,
Michal Zalewski
- [SECURITY] [DSA 1554-2] New roundup packages fix regression,
Thijs Kinkhorst
- Advisory SE-2008-03: PHP Multibyte Shell Command Escaping Bypass Vulnerability,
Stefan Esser
- [SECURITY] [DSA 1569-2] New cacti packages fix regression,
Thijs Kinkhorst
- [ GLSA 200805-02 ] phpMyAdmin: Information disclosure,
Pierre-Yves Rofes
- Advisory SE-2008-02: PHP GENERATE_SEED() Weak Random Number Seed Vulnerability,
Stefan Esser
- Security Advisory for Bugzilla 3.0.3, 3.1.3, 2.22.3, and 2.20.5,
mkanat
- [ GLSA 200805-01 ] Horde Application Framework: Multiple vulnerabilities,
Pierre-Yves Rofes
- CORE-2008-0129 - Wonderware SuiteLink Denial of Service vulnerability,
CORE Security Technologies Advisories
- Novell eDirectory unauthenticated access to SOAP interface,
Nicob
- Novell eDirectory DoS via HTTP headers,
Nicob
- [SECURITY] [DSA 1569-1] New cacti packages fix multiple vulnerabilities,
Thijs Kinkhorst
- [ECHO_ADV_93$2008] Kmita Tellfriend <= 2.0 (file) Remote File Inclusion Vulnerability,
erdc
- [ECHO_ADV_94$2008] Kmita Mail <= 3.0 (file) Remote File Inclusion Vulnerability,
erdc
- Scout Portal Toolkit <= 1.4.0 (ParentId) Remote SQL Injection Exploit,
sys-project
- [ECHO_ADV_92$2008] Anserv Auction XL (viewfaqs.php cat) Blind Sql Injection Vulnerability,
erdc
- [ECHO_ADV_90$2008] PostNuke Module pnEncyclopedia <= 0.2.0 (id) Blind Sql Injection Vulnerability,
erdc
- [ECHO_ADV_95$2008] BackLinkSpider (cat_id) Blind Sql Injection Vulnerability,
erdc
- [SECURITY] [DSA 1568-1] New b2evolution packages fix cross site scripting,
Thijs Kinkhorst
- [SECURITY] [DSA 1567-1] New blender packages fix arbitrary code execution,
Devin Carraway
- [ECHO_ADV_91$2008] Online Rental Property Script <= 4.5 (pid) Blind Sql Injection Vulnerability,
erdc
- [USN-606-1] CUPS vulnerability,
Jamie Strandboge
- LifeType 1.2.8,
irancrash
- Maian Uploader v4.0 XSS Vulnerabilities,
irancrash
- Microsot DID DISCLOSE potential Backdoor,
J. Oquendo
- Maian Links v3.1 XSS Vulnerabilities,
irancrash
- Maian Music v1.1 Multiple Vulnerabilities (Xss/SQL Injection),
irancrash
- Maian Recipe v1.2 Xss Vulnerabilities,
irancrash
- Multiple vulnerabilities in WebMod 0.48,
Luigi Auriemma
- Maian Support v1.3 Xss Vulnerabilities,
irancrash
- Maian Greeting v2.1 Multiple Vulnerabilities (XSS/SQL INJECTION),
irancrash
- Maian Weblog v4.0 XSS Vulnerabilities,
irancrash
- Maian Guestbook v3.2 XSS Vulnerabilities,
irancrash
- Maian Search v1.1 Multiple Vulnerabilities (XSS/SQL INJECTION),
irancrash
- Maian Cart v1.1 XSS Vulnerabilities,
irancrash
- Maian Gallery v2.0 XSS Vulnerability,
irancrash
- Photos and Presentation Materials from HITBSecConf2008 - Dubai Released,
Praburaajan
- SiteXS CMS Remote File Upload Vulnerability,
hadikiamarsi
- [TOOL] SSL Capable NetCat (and more),
GomoR
- Fixed: LiveCart SQL injection vulnerability fixed since version 1.1.2,
LiveCart
- blur6ex-0.3.462 LOCAL FILE INCLUSION Vulnerbility,
hadihadi_zedehal_2006
- rPSA-2008-0157-1 kernel,
rPath Update Announcements
- Denial of Service in Call of Duty 4 1.5,
Luigi Auriemma
- chicomas.2.0.4,
hadikiamarsi
- [ MDVSA-2008:095 ] - Updated OpenOffice.org packages fix vulnerabilities,
security
- Zomplog 3.8.2 XSS Vulnerability,
irancrash
- project alumni v1.0.9 (info.php) SQL Injection Vulnerability,
hadihadi_zedehal_2006
- Lifetype 1.2.7 XSS Vulnerability,
irancrash
- BlackBook v1.0 Multiple XSS Vulnerabilities,
irancrash
- [SECURITY] [DSA 1566-1] New cpio packages fix denial of service,
Steve Kemp
- php-addressbook v2.0 Multiple Remote Vulnerabilities (LFI/XSS),
irancrash
- [SECURITY] [DSA 1565-1] New Linux 2.6.18 packages fix several vulnerabilities,
dann frazier
- Team SHATTER Security Advisory: Oracle Database Buffer Overflow in SYS.KUPF$FILE_INT.GET_FULL_FILENAME (DB11),
Team SHATTER
- Team SHATTER Security Advisory: Oracle Database SQL Injection in SYS.DBMS_CDC_UTILITY.LOCK_CHANGE_SET (DB02),
Team SHATTER
- vlBook 1.21 (ALL VERSION),
irancrash
- mjguest 6.7 (ALL VERSION) Xss & Redirection Vuln,
irancrash
- Team SHATTER Security Advisory: Oracle Database Buffer Overflow in SYS.DBMS_AQJMS_INTERNAL (DB15),
Team SHATTER
- [SECURITY] [DSA 1564-1] New wordpress packages fix several vulnerabilities,
Thijs Kinkhorst
- iDefense Security Advisory 04.30.08: Akamai Download Manager Arbitrary Program Execution Vulnerability,
iDefense Labs
- XSS in AstroCam,
Steffen Wendzel
- [SECURITY] [DSA 1563-1] New asterisk packages fix denial of service,
Moritz Muehlenhoff
- heanet.dl.sourceforge.net hacked?,
Michael Scheidell
- Critical Vulnerability in SNMPc,
NGSSoftware Insight Security Research
- [security bulletin] HPSBMA02331 SSRT080000 rev.1 - HP-UX running WBEM Services, Remote Execution of Arbitrary Code, Gain Extended Privileges,
security-alert
- [ MDVSA-2008:093 ] - Updated vorbis-tools packages fix vulnerabilities,
security
- [ MDVSA-2008:092 ] - Updated gstreamer-plugins-good packages fix vulnerabilities,
security
- XSS Attack,
hadikiamarsi
- rPSA-2008-0151-1 libpng,
rPath Update Announcements
- SugarCRM Community Edition Local File Disclosure Vulnerability,
roberto . suggi
- [ GLSA 200804-30 ] KDE start_kdeinit: Multiple vulnerabilities,
Matthias Geerdsen
- CORE-2008-0320 - Insufficient argument validation of hooked SSDT functions on multiple Antivirus and Firewalls,
CORE Security Technologies Advisories
- [ECHO_ADV_89$2008] Softbiz Web Host Directory Script (search_result.php host_id) Blind Sql Injection Vulnerability,
erdc
- [ECHO_ADV_88$2008] Prozilla Hosting Index (directory.php cat_id) Blind Sql Injection Vulnerability,
erdc
- [SECURITY] [DSA 1562-1] New iceape packages fix arbitrary code execution,
Moritz Muehlenhoff
- Microsoft SWI blog inaccuracies,
Amit Klein
- Minibb 2.2a XSS Vulnerability,
irancrash
- [SECURITY] [DSA 1561-1] New ldm packages fix information disclosure,
Thijs Kinkhorst
- bug report,
hadikiamarsi
- London DEFCON meet - Thursday 1st May - DC4420,
Major Malfunction
- GroupWise 7.0 mailto: scheme buffer overflow,
jplopezy
- [SECURITY] [DSA 1560-1] New kronolith2 packages fix cross site scripting,
Thijs Kinkhorst
- [SECURITY] [DSA 1556-2] New perl packages fix denial of service,
Florian Weimer
- rPSA-2008-0149-1 idle python,
rPath Update Announcements
- IMF 2008 - 2nd Call for Papers,
Oliver Goebel
- Wordpress 2.5 Cookie Integrity Protection Vulnerability,
Steven J. Murdoch
- GroupWise 7 attached bugs,
jplopezy
- Curious vulnerability in Excel 2007,
jplopezy
- [ GLSA 200804-29 ] Comix: Multiple vulnerabilities,
Pierre-Yves Rofes
- R.I.P. rgod,
ipsdix
- Lotus expeditor rcplauncher uri handler vulnerability,
Thomas Pollet
- [ MDVSA-2008:091 ] - Updated wireshark packages fix denial of service vulnerabilities,
security
- [SECURITY] [DSA 1558-1] New xulrunner packages fix arbitrary code execution,
Moritz Muehlenhoff
- [SECURITY] [DSA 1534-2] New iceape packages fix regression,
Moritz Muehlenhoff
- [SECURITY] [DSA 1556-1] New perl packages fix denial of service,
Florian Weimer
- [SECURITY] [DSA 1557-1] New phpmyadmin packages fix several vulnerabilities,
Thijs Kinkhorst
- HPSBGN02333 SSRT080031 rev.1 - HP Software Update HPeDiag Running on Windows, Remote Disclosure of Information and Execution of Arbitrary Code,
security-alert
- A New Class of Vulnerability in Oracle: Lateral SQL Injection,
David Litchfield
- [ GLSA 200804-27 ] SILC: Multiple vulnerabilities,
Tobias Heinlein
- DDIVRT-2008-11 BadBlue uninst.exe DoS,
vulnerabilityresearch
- Trillian 3.1 basic nick crash,
jplopezy
- [ GLSA 200804-28 ] JRockit: Multiple vulnerabilities,
Tobias Heinlein
- xine-lib NES Sound Format Demuxer Buffer Overflow,
laurent . gaffie
- [W01-0408] Realtek HD Audio Codec Drivers (Vista) - Local Privilege Escalation,
vulns
- PR07-44: XSS on RSA Authentication Agent login page,
ProCheckUp Research
- PR07-43: Cross-domain redirect on RSA Authentication Agent,
ProCheckUp Research
- [ GLSA 200804-26 ] Openfire: Denial of Service,
Robert Buchholz
- [ GLSA 200804-25 ] VLC: User-assisted execution of arbitrary code,
Robert Buchholz
- [SECURITY] [DSA 1555-1] New iceweasel packages fix arbitrary code execution,
Moritz Muehlenhoff
- Zune software - arbitrary file overwrite,
info
- NetClassifieds Sql Injection,
noreply
- LayerOne 2008 - Final Pre-Con Update,
Layer One
- Horde Webmail XSS [Aria-Security],
noreply
- AST-2008-006 - 3-way handshake in IAX2 incomplete,
Security Officer
- Default key algorithm in Thomson and BT Home Hub routers,
Adrian Pastor
- [SECURITY] [DSA 1554-1] New roundup packages fix cross-site scripting vulnerability,
Noah Meyerhans
- Firefox 3.0 beta 5 crash,
jplopezy
- Safari 3.1.1 Multiple Vulnerabilities for windows,
jplopezy
- Cross site scripting issues in s9y (CVE-2008-1386, CVE-2008-1387),
Hanno Böck
- [USN-604-1] Gnumeric vulnerability,
Kees Cook
- [USN-602-1] Firefox vulnerabilities,
Jamie Strandboge
- [ GLSA 200804-24 ] DBmail: Data disclosure,
Matthias Geerdsen
- Xoops All Version -Articles- Article.PHP (ID) Blind SQL Injection ExpL0it,
crazy_kinq
- [ GLSA 200804-23 ] CUPS: Integer overflow vulnerability,
Matthias Geerdsen
- ANNOUNCE: Security Implications of Windows Access Tokens Whitepaper,
luke . jennings
- Sea-Surfing on the Motorola Surfboard,
th3 . r00k . nospam
- Powered by gCards v1.46 SQL,
turkish-warriorr
- IRM Security Advisory : RedDot CMS SQL injection vulnerability,
Mark Crowther
- [SECURITY] [DSA 1553-1] New ikiwiki packages fix cross-site request forgery,
Florian Weimer
- Acidcat CMS Multiple Vulnerabilities,
admin
- [ MDVSA-2008:090 ] - Updated OpenOffice.org packages fix vulnerabilities,
security
- Deciphering the PHP-Nuke Capthca,
Michael . Brooks . SPAM
- SyScan'08 Singapore - Call for Paper,
organiser@xxxxxxxxxx
- Deciphering the Simple Machines Forum audio Captcha,
Michael . Brooks . SPAM
- Token Kidnapping (Microsoft Security Advisory 951306) presentation available,
Cesar
- [SECURITY] [DSA 1552-1] New mplayer packages fix arbitrary code execution,
Moritz Muehlenhoff
- [SECURITY] [DSA 1551-1] New python2.4 packages fix several vulnerabilities,
Moritz Muehlenhoff
- ANNOUNCE: RFIDIOt-0.1s release (now available for Windows),
Adam Laurie
- Team SHATTER Security Advisory: IBM DB2 UDB Arbitrary code execution in ADMIN_SP_C/ADMIN_SP_C2 procedures,
Team SHATTER
- [ GLSA 200804-22 ] PowerDNS Recursor: DNS Cache Poisoning,
Robert Buchholz
- Team SHATTER Security Advisory: IBM DB2 UDB Arbitrary file overwrite in SYSPROC.NNSTAT procedure,
Team SHATTER
- Team SHATTER Security Advisory: Multiple DoS in JAR files manipulation procedures,
Team SHATTER
- Wikepage Wiki v.2007-2 Cross-Site Scripting,
darkz . gsa
- [ GLSA 200804-21 ] Adobe Flash Player: Multiple vulnerabilities,
Robert Buchholz
- LightNEasy v.1.2.2 flat Multiple Vulnerabilities,
darkz . gsa
- 5th avenue Shopping Cart SQL Injection,
noreply
- [ GLSA 200804-20 ] Sun JDK/JRE: Multiple vulnerabilities,
Robert Buchholz
- BitTorrent Clients and CSRF,
th3 . r00k . nospam
- [ MDVSA-2008:089 ] - Updated poppler packages fix vulnerability,
security
- [ MDVSA-2008:088 ] - Updated clamav packages fix multiple vulnerabilities,
security
- [ GLSA 200804-19 ] PHP Toolkit: Data disclosure and Denial of Service,
Robert Buchholz
- iDefense Security Advisory 04.17.08: Multiple Vendor OpenOffice QPRO File Parsing Integer Underflow Vulnerability,
iDefense Labs
- iDefense Security Advisory 04.17.08: Multiple Vendor OpenOffice QPRO Multiple Heap Overflow Vulnerabilities,
iDefense Labs
- iDefense Security Advisory 04.17.08: Multiple Vendor OpenOffice EMF EMR_BITBLT Record Integer Overflow Vulnerability,
iDefense Labs
- iDefense Security Advisory 04.17.08: Multiple Vendor OpenOffice OLE DocumentSummaryInformation Heap Overflow Vulnerability,
iDefense Labs
- [SECURITY] [DSA 1550-1] New suphp packages fix local privilege escalation,
Moritz Muehlenhoff
- Re: [Full-disclosure] Secunia Research: Lotus Notes Folio Flat File Parsing Buffer Overflows,
Juha-Matti Laurio
- [SECURITY] [DSA 1549-1] New clamav packages fix several vulnerabilities,
Moritz Muehlenhoff
- [USN-603-2] KOffice vulnerability,
Kees Cook
- [USN-603-1] poppler vulnerability,
Kees Cook
- [SECURITY] [DSA 1548-1] New xpdf packages fix arbitrary code exitution,
Devin Carraway
- Announcement - DeepSec Conference 2008, Nov 11-14 2008,
DeepSec Conference
- Microsoft Works 7 WkImgSrv.dll crash POC,
wsn1983
- [security bulletin] HPSBMA02328 SSRT071293 rev.2 - HP OpenView Network Node Manager (OV NNM) Running Apache, Remote Cross Site Scripting (XSS), Denial of Service (DoS), Execute Arbitrary Code,
security-alert
- [security bulletin] HPSBST02329 SSRT080048 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-018 to MS08-025,
security-alert
- [security bulletin] HPSBMA02133 SSRT061201 rev.8 - HP Oracle for OpenView (OfO) Critical Patch Update,
security-alert
- [ GLSA 200804-18 ] Poppler: User-assisted execution of arbitrary code,
Robert Buchholz
- [ GLSA 200804-17 ] Speex: User-assisted execution of arbitrary code,
Robert Buchholz
- [ GLSA 200804-16 ] rsync: Execution of arbitrary code,
Robert Buchholz
- [SECURITY] [DSA 1547-1] New OpenOffice.org packages fix arbitrary code execution,
Martin Schulze
- [oCERT-2008-004] multiple speex implementations insufficient boundary checks,
Andrea Barisani
- [ MDVSA-2008:087 ] - Updated policykit package fixes format string vulnerability,
security
- FreeBSD Security Advisory FreeBSD-SA-08:05.openssh,
FreeBSD Security Advisories
- ZDI-08-022: Apple Safari WebKit PCRE Handling Integer Overflow Vulnerability,
zdi-disclosures
- Classifieds Caffe (index.php cat_id) Remote SQL Injection,
sys-project
- iDefense Security Advisory 04.15.08: Oracle Application Express Privilege Escalation Vulnerability,
iDefense Labs
- iDefense Security Advisory 04.09.08: IBM DB2 Universal Database db2dasStartStopFMDaemon Buffer Overflow Vulnerability,
iDefense Labs
- iDefense Security Advisory 04.09.08: IBM DB2 Universal Database Administration Server File Creation Vulnerability,
iDefense Labs
- Cisco Security Advisory: Cisco Network Admission Control Shared Secret Vulnerability,
Cisco Systems Product Security Incident Response Team
- CA DSM gui_cm_ctrls ActiveX Control Vulnerability,
Williams, James K
- Oracle - Hardcoded Password and Password Reset of OUTLN User [DB13],
ak
- [INFIGO-2008-04-08]: ICQ 6 remote buffer overflow vulnerability,
infocus
- Oracle - SQL Injection Vulnerability in SDO_UTIL [DB05],
ak
- Oracle - SQL Injection in package SDO_IDX [DB07],
ak
- BigAnt Server 2.2 PreAuth Remote SEH Overflow Exploit (0day),
admin
- VMSA-2008-0007 Moderate Updated Service Console packages pcre, net-snmp, and OpenPegasus,
VMware Security team
- Carbon Communities forum Multiple Vulnerabilities.,
admin
- Oracle - SQL Injection in package SDO_GEOM [DB06],
ak
- DIVX Player <= 6.7.0 Buffer Overflow PoC ( .SRT ),
securfrog
- iDefense Security Advisory 04.14.08: ClamAV libclamav PE WWPack Heap Overflow Vulnerability,
iDefense Labs
- remote file include,
win32 . exe
- Koobi Pro 6.25 poll Remote SQL Injection Vulnerability,
Sabun
- WordPress 2.5 - Salt cracking vulnerability,
J. Carlos Nieto
- Koobi CMS 4.2.4/4.2.5/4.3.0 Multiple Remote SQL Injection Vulnerabilities,
sys-project
- [SECURITY] [DSA 1540-2] New lighttpd packages fix denial of service,
Steve Kemp
- [ MDVSA-2008:086 ] - Updated kernel packages fix vulnerability,
security
- Re: Secunia Research: Lotus Notes Folio Flat File Parsing Buffer Overflows,
Luigi Auriemma
- BosNews 2002-2006 Remote add user admin,
houssamix
- clamav: Endless loop / hang with crafter arj, CVE-2008-1387,
Hanno Böck
- BosNews v4.0 Remote add user admin,
houssamix
- [ MDVSA-2008:085 ] - Updated python packages fix arbitrary code execution vulnerability,
security
- Dotclear 'ecrire/images.php' Arbitrary File Upload Vulnerability,
Morgan ARMAND
- [ GLSA 200804-13 ] Asterisk: Multiple vulnerabilities,
Robert Buchholz
- [ GLSA 200804-15 ] libpng: Execution of arbitrary code,
Robert Buchholz
- KwsPHP (Upload) Remote Code Execution Exploit,
ajax
- [ GLSA 200804-14 ] Opera: Multiple vulnerabilities,
Robert Buchholz
- [USN-601-1] Squid vulnerability,
Jamie Strandboge
- Fones Clinic Mart SQL,
turkish-warriorr
- S21SEC-043-en:Cezanne SW Blind SQL Injection,
S21sec labs
- S21SEC-042-en:Cezanne SW Cross-Site Scripting (login required),
S21sec labs
- S21SEC-041-en:Cezanne SW Cross-Site Scripting,
S21sec labs
- Secunia Research: Internet Explorer Data Stream Handling Vulnerability,
Secunia Research
- Secunia Research: Autonomy Keyview Applix Graphics Parsing Vulnerabilities,
Secunia Research
- Secunia Research: activePDF DocConverter Applix Graphics Parsing Vulnerabilities,
Secunia Research
- Secunia Research: Symantec Mail Security Applix Graphics Parsing Vulnerabilities,
Secunia Research
- Secunia Research: Autonomy Keyview EML Reader Buffer Overflows,
Secunia Research
- Secunia Research: HP OpenView Network Node Manager OpenView5.exe Directory Traversal,
Secunia Research
- Secunia Research: Lotus Notes EML Reader Buffer Overflows,
Secunia Research
- Secunia Research: Autonomy Keyview Folio Flat File Parsing Buffer Overflows,
Secunia Research
- Secunia Research: Lotus Notes Folio Flat File Parsing Buffer Overflows,
Secunia Research
- DOINGSOFT-2008-03-10-001 - XSS issue in BOXiR2,
Sebastien gioria
- Secunia Research: Lotus Notes Applix Graphics Parsing Vulnerabilities,
Secunia Research
- Secunia Research: Symantec Mail Security Folio Flat File Parsing Buffer Overflows,
Secunia Research
- Secunia Research: Adobe Flash Player "Declare Function (V7)" Heap Overflow,
Secunia Research
- Secunia Research: Lotus Notes htmsr.dll Buffer Overflows,
Secunia Research
- OneSecurityDay 2008 - Web application auditing challenge,
bugtraq
- Secunia Research: activePDF DocConverter Folio Flat File Parsing Buffer Overflows,
Secunia Research
- Secunia Research: Lotus Notes kvdocve.dll Path Processing Buffer Overflow,
Secunia Research
- project announcement - oCERT - Open Source CERT,
Andrea Barisani
- [oCERT-2008-003] libpng zero-length chunks incorrect handling,
Andrea Barisani
- [ MDVSA-2008:084 ] - Updated rsync packages fix vulnerability,
security
- Re: WoltLab(R) Community Framework WCF 1.0.6,
marc . deroche
- DEF CON 16 Retro Announcement! Back to Bang!,
The Dark Tangent
- IOActive Security Advisory: Incorrect input validation in PyString_FromStringAndSize() leads to multiple buffer overflows,
Justin Ferguson
- Trillian 3.1.9.0 DTD File Buffer Overflow,
david130490
- Directory traversal and multiple Denials of Service in HP OpenView NNM 7.53,
Luigi Auriemma
- [ GLSA 200804-11 ] policyd-weight: Insecure temporary file creation,
Robert Buchholz
- [ GLSA 200804-12 ] gnome-screensaver: Privilege escalation,
Raphael Marichez
- WiKID wClient-PHP <= 3.0-2 Multiple XSS Vulnerabilities,
ascii
- [USN-600-1] rsync vulnerability,
Kees Cook
- iDefense Security Advisory 04.09.08: EMC DiskXtender Authentication Bypass Vulnerability,
iDefense Labs
- iDefense Security Advisory 04.09.08: EMC DiskXtender MediaStor Format String Vulnerability,
iDefense Labs
- [SECURITY] [DSA 1546-1] New gnumeric packages fix arbitrary code execution,
Devin Carraway
- Borland InterBase 2007 "ibserver.exe" Buffer Overflow Vulnerability POC,
Liu Zhen Hua
- iDefense Security Advisory 04.09.08: EMC DiskXtender File System Manager Stack Buffer Overflow Vulnerability,
iDefense Labs
- w2b.ru multiple products SQL Injection,
noreply
- [ GLSA 200804-10 ] Tomcat: Multiple vulnerabilities,
Pierre-Yves Rofes
- [ GLSA 200804-09 ] am-utils: Insecure temporary file creation,
Pierre-Yves Rofes
- [SECURITY] [DSA 1545-1] New rsync packages fix arbitrary code execution,
Moritz Muehlenhoff
- EUSecWest CFP Closes April 14th (conf May 21/22 2008),
Dragos Ruiu
- [ GLSA 200804-08 ] lighttpd: Multiple vulnerabilities,
Tobias Heinlein
- [ MDVSA-2008:083 ] - Updated audit packages fix vulnerability,
security
- paFileDB 3.1 Remote SQL Injection,
noreply
- [USN-599-1] Ghostscript vulnerability,
Jamie Strandboge
- IOActive Security Advisory: Buffer overflow in Python zlib extension module,
Justin Ferguson
- [SECURITY] [DSA 1543-1] New vlc packages fix several vulnerabilities,
Devin Carraway
- [SECURITY] [DSA 1544-1] New pdns-recursor packages fix cache poisoning vulnerability,
Florian Weimer
- [ MDVSA-2008:082 ] - Updated php-apc packages fix vulnerability,
security
- [SECURITY] [DSA 1542-1] New libcairo packages fix arbitrary code execution,
Devin Carraway
- [CVE-2007-5301] alsaplayer PoC - exploit,
Albert Sellarès
- iDefense Security Advisory 04.08.08: Microsoft HxTocCtrl ActiveX Control Invalid Param Heap Corruption Vulnerability,
iDefense Labs
- iDefense Security Advisory 04.08.08: Microsoft Windows Graphics Rendering Engine Integer Overflow Vulnerability,
iDefense Labs
- [ GLSA 200804-07 ] PECL APC: Buffer Overflow,
Robert Buchholz
- Pu Arcade component for Joomla - SQL injection,
netmantis . com
- SAP Netweaver 6.40-7.0 Cross-Site-Scripting,
jaime . blasco
- CAU-2008-0002: Microsoft Windows SharePoint Services Picture Source XSS,
I)ruid
- [SECURITY] [DSA 1541-1] New openldap2.3 packages fix denial of service,
Moritz Muehlenhoff
- ZDI-08-021: Adobe Flash Player DeclareFunction2 Invalid Object Use Vulnerability,
zdi-disclosures
- ZDI-08-020: Microsoft GDI WMF Parsing Heap Overflow Vulnerability,
zdi-disclosures
- [security bulletin] HPSBMA02242 SSRT061260 rev.3 - HP OpenView Network Node Manager (OV NNM) Running Shared Trace Service, Remote Arbitrary Code Execution,
security-alert
- [security bulletin] [security bulletin] HPSBST02318 SSRT080018 rev.1 - HP Storage Essentials Software, Remote Unauthorized Access to Data,
security-alert
- Microsoft Windows DNS Stub Resolver Cache Poisoning (MS08-020),
Amit Klein
- New tool released : Syslog Fuzzer,
jaime . blasco
- [security bulletin] HPSBMA02327 SSRT071455 rev.1 - HP Integrity Servers iLO-2 Management Processors (iLO-2 MP), Denial of Service (DoS),
security-alert
- Wayport Public Access PC Authentication Bypass Weakness,
Pascal Cretain
- licq remote DoS?,
Milen Rangelov
- WoltLab(R) Community Framework XSS and Full Path Disclosure Vulnerability,
Jessica Hope
- Swiki 1.5 Multiple Cross-Site Scripting Vulnerabilities,
brad . antoniewicz
- Multiple vulnerabilities in HP OpenView NNM 7.53,
Luigi Auriemma
- Wikepage Opus 13 2007.2 Directory Traversal Vulnerbility,
virangar_nml
- Attack Technique: File Download Injection,
Jeff Williams
- [ GLSA 200804-04 ] MySQL: Multiple vulnerabilities,
Robert Buchholz
- openMosix userspace library stack-based buffer overflow,
jose
- [ GLSA 200804-06 ] UnZip: User-assisted execution of arbitrary code,
Robert Buchholz
- [SECURITY] [DSA 1540-1] New lighttpd packages fix denial of service,
Steve Kemp
- CDNetworks Nefficient Download(NeffyLauncher.dll) Vulnerabilities,
Simon Ryeo
- Tumbleweed SecureTransport FileTransfer ActiveX Control Buffer Overflow,
Patrick Webster
- [ GLSA 200804-05 ] NX: User-assisted execution of arbitrary code,
Robert Buchholz
- [ GLSA 200804-03 ] OpenSSH: Privilege escalation,
Robert Buchholz
- Blogator-script 0.95 SQL Injection Vulnerbility,
hadihadi_zedehal_2006
- Alkacon OpenCms sessions.jsp searchfilter XSS,
nnposter
- Blogator-script 0.95 Change User Password Vulnerbility,
hadihadi_zedehal_2006
- TheGreenBowVPN, Login Credentials Disclosure,
evilcry
- F5 BIG-IP Management Interface Perl Injection,
nnposter
- rPSA-2008-0139-1 gnome-ssh-askpass openssh openssh-client openssh-server,
rPath Update Announcements
- rPSA-2008-0138-1 tshark wireshark,
rPath Update Announcements
- rPSA-2008-0136-1 cups,
rPath Update Announcements
- [SECURITY] [DSA 1538-1] New alsaplayer packages fix arbitrary code execution,
Devin Carraway
- [SECURITY] [DSA 1539-1] New mapserver packages fix multiple vulnerabilities,
Devin Carraway
- iDefense Security Advisory 04.03.08: Computer Associates Alert Notification Service Multiple RPC Buffer Overflow Vulnerabilities,
iDefense Labs
- iDefense Security Advisory 04.02.08: Symantec Norton Internet Security 2008 ActiveX Control Buffer Overflow Vulnerability,
iDefense Labs
- iDefense Security Advisory 04.03.08: SCO UnixWare pkgadd Directory Traversal Vulnerability,
iDefense Labs
- ZDI-08-017: Apple QuickTime Kodak Encoding Heap Overflow Vulnerability,
zdi-disclosures
- CORE-2008-0314 - Orbit Downloader "Download failed" buffer overflow,
CORE Security Technologies Advisories
- [security bulletin] HPSBMA02323 SSRT080032 rev.1 - HP USB Floppy Drive Key (Option) for ProLiant Servers, Local Virus Infection,
security-alert
- KwsPHP Module ConcoursPhoto XSS,
hsx
- CA ARCserve Backup for Laptops and Desktops Server and CA Desktop Management Suite Multiple Vulnerabilities,
Williams, James K
- ZDI-08-019: Apple QuickTime Malformed VR obji Atom Parsing Memory Corruption Vulnerability,
zdi-disclosures
- iDefense Security Advisory 04.02.08: Symantec Internet Security 2008 ActiveDataInfo.LaunchProcess Design Error Vulnerability,
iDefense Labs
- CA Alert Notification Server Multiple Vulnerabilities,
Williams, James K
- ZDI-08-015: Apple QuickTime Clipping Region Heap Overflow Vulnerability,
zdi-disclosures
- ZDI-08-016: Apple QuickTime MP4A Atom Parsing Heap Corruption Vulnerability,
zdi-disclosures
- Medium security hole affecting Festival on Debian unstable/testing and Ubuntu Hardy Heron,
Tim Brown
- ZDI-08-018: Apple QuickTime Run Length Encoding Heap Overflow Vulnerability,
zdi-disclosures
- ZDI-08-014: Apple Quicktime Multiple Opcode Memory Corruption Vulnerabilities,
zdi-disclosures
- POC2008 call for papers,
pocadm
- Cisco Security Advisory: Cisco Unified Communications Disaster Recovery Framework Command Execution Vulnerability,
Cisco Systems Product Security Incident Response Team
- Recon 2008 CFP last call, early registration open,
Recon Conference
- [USN-588-2] MySQL regression,
Jamie Strandboge
- Parallels virtuozzo's VZPP multiple csrf vulnerabilities,
poplix
- Joomla Component com_lms SQL Injection,
no-reply
- Vulnerabilities in kses-based HTML filters,
lpilorz
- [USN-598-1] CUPS vulnerabilities,
Jamie Strandboge
- Webwasher Denial of Service Vulnerability,
security
- [ GLSA 200804-02 ] bzip2: Denial of Service,
Pierre-Yves Rofes
- [SECURITY] [DSA 1537-1] New xpdf packages fix multiple vulnerabilities,
Devin Carraway
- [ MDVSA-2008:081 ] - Updated CUPS packages fix multiple vulnerabilities,
security
- Directory traversal in LANDesk Management Suite 8.80.1.1,
Luigi Auriemma
- ANNOUNCE: Apache-SSL security release - apache_1.3.41+ssl_1.59,
Adam Laurie
- HPSBTU02325 SSRT080006 rev.1 - HP Internet Express for Tru64 UNIX running PostgreSQL, Arbitrary Code Execution, Privilege Elevation, or Denial of Service (DoS),
security-alert
- [USN-597-1] OpenSSH vulnerability,
Kees Cook
- Datalife Engine 6.7 XSRF,
irancrash
- HPSBMA02317 SSRT080026 rev.1 - HP Select Identity Software, Gain Unauthorized Access,
security-alert
- Writers Block SQL Injection Vulnerabilities,
nebelfrost23
- [ GLSA 200804-01 ] CUPS: Multiple vulnerabilities,
Robert Buchholz
- TCP/IP security vulnerability disclosed,
J. Oquendo
- [SECURITY] [DSA 1533-2] New exiftags packages fix several vulnerabilities,
Devin Carraway
- cevado technologies real estate CMS SQL injection,
joseph . giron13
- Terracotta Personal Edition Multiple vulnerabilities,
joseph . giron13
- CAU-2008-0001 - Slowly Closing Door Race Condition,
I)ruid
- [SECURITY] [DSA 1536-1] New libxine packages fix several vulnerabilities,
Thijs Kinkhorst
- EasyNews-40tr Multiple Remote Vulnerabilities (SQL Injection Exploit/XSS/LFI),
irancrash
- iDefense Security Advisory 03.31.08: Macrovision InstallShield InstallScript One-Click Install Untrusted Library Loading Vulnerability,
iDefense Labs
- Paper by Amit Klein (Trusteer): "PowerDNS Recursor DNS Cache Poisoning [pharming]",
Amit Klein
- [SECURITY] [DSA 1535-1] New iceweasel packages fix several vulnerabilities,
Moritz Muehlenhoff
- Directory traversal in 2X ThinClientServer v5.0_sp1-r3497,
Luigi Auriemma
- rPSA-2008-0132-1 lighttpd,
rPath Update Announcements
- [TKADV2008-002] avast! 4.7 aavmker4.sys Kernel Memory Corruption,
Tobias Klein
- London DEFCON meet - DC4420 - New Venue - Wednesday 2nd April, 2008,
Major Malfunction
- PacketTrap Networks pt360 2.0.39 TFTPD Remote DoS Exploit,
r57blg
- [SECURITY] [DSA 1531-2] New policyd-weight packages fix insecure temporary files,
Thijs Kinkhorst
- Efestech Video v5,0 (id) Remote Sql Injection,
dj_remix_20
- Proviso SiteKiosk File Download Vulnerability,
nebelfrost23
- CuteFlow Version 1.5.0 Multiple Remote Vulnerabilities,
hadihadi_zedehal_2006
- VMSA-2008-0006 Updated libxml2 service console package,
VMware Security team
- [ MDVSA-2008:080 ] - Updated Firefox packages fix multiple vulnerabilities,
security
- Internet explorer 7.0 spoofing,
jplopezy
- Immunity Debugger 1.5,
Nicolas Waisman
- [SECURITY] [DSA 1534-1] New iceape packages fix several vulnerabilities,
Moritz Muehlenhoff
- XChat 2.8.4-1 - Multiple Vulnerabilities,
evilcry
- CA Multiple Products DSM ListCtrl ActiveX Control Buffer Overflow Vulnerability,
Williams, James K
- [security bulletin] HPSBOV02278 SSRT071479 rev.1 - HP OpenVMS SSH Using TCP/IP Services for OpenVMS, Remote Unauthorized Access,
security-alert
- [security bulletin] HPSBGN02319 SSRT080027 rev.1 - HP Compaq Notebook PC BIOS, Local Unauthorized Access,
security-alert
- [security bulletin] HPSBGN02305 SSRT080004 rev.1 - HP Compaq Business Notebook PC BIOS, Local Denial of Service (DoS),
security-alert
- Smf 1.1.4 Remote File Inclusion Vulnerabilities,
sibertrwolf
- [SECURITY] [DSA 1533-1] New exiftags packages fix several vulnerabilities,
Devin Carraway
- [ MDVSA-2008:079 ] - Updated sarg packages fix multiple vulnerabilities,
security
- [SECURITY] [DSA 1532-1] New xulrunner packages fix several vulnerabilities,
Moritz Muehlenhoff
- rPSA-2008-0128-1 firefox,
rPath Update Announcements
- [SECURITY] [DSA 1531-1] New policyd-weight packages fix insecure temporary files,
Thijs Kinkhorst
- JAF-CMS 4.0 RC2 Multiple Remote File Inclusion Vulnerabilities,
r57blg
- [USN-595-1] SDL_image vulnerabilities,
Kees Cook
- [USN-593-1] Dovecot vulnerabilities,
Kees Cook
- [securityreason] *BSD libc (strfmon) Multiple vulnerabilities,
cxib
- [USN-596-1] Ruby vulnerabilities,
Kees Cook
- [ MDVSA-2008:078 ] - Updated openssh packages fix X connection hijacking,
security
- TopperMod 2.0 Remote SQL Injection Vulnerability,
r57blg
- [USN-594-1] libnet-dns-perl vulnerability,
Kees Cook
- [SECURITY] [DSA 1529-1] New Firebird packages fix several vulnerabilities,
Moritz Muehlenhoff
- [ MDVSA-2008:077 ] - Updated perl-Tk packages fix GIF processing vulnerability,
security
- Multiple XSS in DigiDomain,
xx_hack_xx_2004
- [ MDVSA-2008:076 ] - Updated wml packages fix symlink vulnerabilities,
security
- Multiple vulnerabilities in solidDB 06.00.1018,
Luigi Auriemma
- Invision Power Board <=2.3.x iFrame Vuln,
shaheemirza
- ZDI-08-013: Novell eDirectory for Linux Stack Overflow,
zdi-disclosures
- Cisco Security Advisory: Cisco IOS Multicast Virtual Private Network (MVPN) Data Leak,
Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco IOS Virtual Private Dial-up Network Denial of Service Vulnerability,
Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Vulnerability in Cisco IOS with OSPF, MPLS VPN, and Supervisor 32, Supervisor 720, or Route Switch Processor 720,
Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco IOS User Datagram Protocol Delivery Issue For IPv4/IPv6 Dual-stack Routers,
Cisco Systems Product Security Incident Response Team
- [USN-592-1] Firefox vulnerabilities,
Jamie Strandboge
- Cisco Security Advisory: Multiple DLSw Denial of Service Vulnerabilities in Cisco IOS,
Cisco Systems Product Security Incident Response Team
- php-addressbook v2.0 SQL Injection Vulnerbility,
hadihadi_zedehal_2006
- Aztech ADSL2/2+ 4 Port remote root,
sipherr
- [security bulletin] HPSBTU02322 SSRT080011 rev.1 - HP Tru64 UNIX running SSH/SFTP Server, Remote Execution of Arbitrary Code or Denial of Service (DoS),
security-alert
- Blackboard Academic Suite Multiple XSS Vulnerabilities,
knight4vn
- phpBB PJIRC mod LFI,
0in . email
- CORE-2007-1212: SILC pkcs_decode buffer overflow,
Core Security Technologies Advisories
- [DSECRG-08-022] Multiple Security Vulnerabilities in Bolinos 4.6.1,
Digital Security Research Group
- rPSA-2008-0123-1 ruby,
rPath Update Announcements
- Cuteflow Bin v1.5.0 Local File Inclusion Vuln,
r57blg
- rPSA-2008-0120-1 gnome-ssh-askpass openssh openssh-client openssh-server,
rPath Update Announcements
- e107 My_Gallery Plugin Arbitrary File Download Vulnerability,
Jerome Athias
- [SECURITY] [DSA 1530-1] New cupsys packages fix multiple vulnerabilities,
Noah Meyerhans
- aeries browser interface(ABI) 3.8.3.14 Remote SQL Injection,
arsalan1991
- [ GLSA 200803-32 ] Wireshark: Denial of Service,
Pierre-Yves Rofes
- [USN-590-1] bzip2 vulnerability,
Kees Cook
- [ GLSA 200803-31 ] MIT Kerberos 5: Multiple vulnerabilities,
Robert Buchholz
- [USN-591-1] libicu vulnerabilities,
Jamie Strandboge
- [SECURITY] [DSA 1528-1] New serendipity packages fix cross site scripting,
Thijs Kinkhorst
- HIS-webshop is vulnerable against Directory-Traversal (www.shoppark.de),
zero-x
- Hamachi Password Disclosure Vulnerability,
evilcry
- [DSECRG-08-021] Multiple LFI in PowerPHPBoard 1.00b,
Digital Security Research Group
- [DSECRG-08-020] RFI-LFI in PowerClan 1.14a,
Digital Security Research Group
- [DSECRG-08-019] LFI in PowerBook 1.21,
Digital Security Research Group
- [SECURITY] [DSA 1527-1] New debian-goodies packages fix privilege escalation,
Thijs Kinkhorst
- ircu/snircd remote crash vulnerability,
Chris Porter
- EfesTech E-Kontr (id) Remote SQL INJECTION,
dj_remix_20
- Alkacon OpenCms users_list.jsp searchfilter XSS,
nnposter
- Linksys phone adapter denial of service,
sipherr
- [ MDVSA-2008:075 ] - Updated bzip2 packages fix denial of service vulnerability,
security
- F5 BIG-IP Web Management Audit Log XSS,
nnposter
- Safari browser 3.1 (525.13) spoofing,
jplopezy
- Google SoC 2008: Security Projects,
jkouns
- phpAddressBook v2.11 Multiple Local File Inclusion Vulnerabilities,
Guns
- hacking the mitsubishi GB-50A,
Chris Withers
- Fedora, Ubuntu publish wrong advisories for CVE-2007-6318,
Abel Cheung
- rPSA-2008-0118-1 bzip2,
rPath Update Announcements
- rPSA-2008-0116-1 unzip,
rPath Update Announcements
- Buffer-overflow in ASUS Remote Console 2.0.0.24,
Luigi Auriemma
- Safari 3.1 for windows download bug,
jplopezy
- XSS in cPanel 11.x,
xx_hack_xx_2004
- {securityreason.com}PHP 5 *printf() - Integer Overflow,
cxib
- webutil.pl is still vulnerable against Remote Command Execution.,
zero-x
- [ MDVSA-2008:074 ] - Updated audacity package fixes insecure temporary directory creation,
security
- DotNetNuke Default Machine Key Exposure,
labs
- [MSA01240108] IE7 Transfer-Encoding: chunked allows Request Splitting/Smuggling.,
Minded Security Research Labs
- MS08-014,
Anonymous
- [INFIGO-2008-03-07]: Surgemail 38k4 IMAP server remote stack overflow,
infocus
- [MSA02240108] IE7 allows overwriting of several headers leading to Http request Splitting and smuggling.,
Minded Security Research Labs
- CanSecWest 2008 PWN2OWN - Mar 26-28,
Dragos Ruiu
- [ MDVSA-2008:073 ] - Updated perl-Net-DNS packages fix DoS vulnerability,
security
- [USN-589-1] unzip vulnerability,
Kees Cook
- Multiple heap overflows in xine-lib 1.1.11,
Luigi Auriemma
- [ MDVSA-2008:072 ] - Updated kernel packages fix vulnerability,
security
- Note about recently publicized CA BrightStor ActiveX exploit code,
Williams, James K
- [SECURITY] [DSA 1522-1] New xwine packages fix several vulnerabilities,
Steve Kemp
- KAPhotoservice (album.asp) Remote SQL Injection Exploit,
sys-project
- [USN-588-1] MySQL vulnerabilities,
Jamie Strandboge
- [SECURITY] [DSA 1525-1] New asterisk packages fix several vulnerabilities,
Moritz Muehlenhoff
- Easy-Clanpage 2.2 (id) Remote SQL Injection Vulnerability,
info
- Pizco vulnerable to buffer overflow in activex,
david130490
- [SECURITY] [DSA 1506-2] New iceape packages fix regression,
Moritz Muehlenhoff
- [ GLSA 200803-30 ] ssl-cert eclass: Certificate disclosure,
Robert Buchholz
- rPSA-2008-0112-1 krb5 krb5-server krb5-services krb5-test krb5-workstation,
rPath Update Announcements
- [ MDVSA-2008:071 ] - Updated Kerberos packages fix multiple vulnerabilities,
security
- [ GLSA 200803-29 ] ViewVC: Multiple vulnerabilities,
Tobias Heinlein
- [ MDVSA-2008:070 ] - Updated Kerberos packages fix multiple vulnerabilities,
security
- [ MDVSA-2008:069 ] - Updated Kerberos packages fix multiple vulnerabilities,
security
- [ GLSA 200803-28 ] OpenLDAP: Denial of Service vulnerabilities,
Pierre-Yves Rofes
- IBM Rational ClearQuest Web Multiple XSS Vulnerabilities,
swhite
- CS-Cart XSS,
swhite
- Question on CERT-FI and CPNI Joint Vulnerability Advisory on Archive Formats?,
James Connery
- HPSBST02321 SSRT080029 rev.1 - HP StorageWorks Library and Tape Tools (LTT) Running on HP-UX, Local Unauthorized Access,
security-alert
- AST-2008-004: Format String Vulnerability in Logger and Manager,
Asterisk Security Team
- [USN-587-1] Kerberos vulnerabilities,
Kees Cook
- AST-2008-002: Two buffer overflows in RTP Codec Payload Handling,
Asterisk Security Team
- [ MDVSA-2008:068 ] - Updated unzip packages vulnerability,
security
- AST-2008-003: Unauthenticated calls allowed from SIP channel driver,
Asterisk Security Team
- Mambo/joomla com_intellect "page" LFI [Aria-Security],
no-reply
- phpBB 2.0.23 Session Hijacking Vulnerability,
nbbn@xxxxxxx
- AST-2008-005: HTTP Manager ID is predictable,
Asterisk Security Team
- [ GLSA 200803-27 ] MoinMoin: Multiple vulnerabilities,
Pierre-Yves Rofes
- [ MDVSA-2008:067 ] - Updated nagios packages fix multiple vulnerabilities,
security
- iDefense Security Advisory 03.18.08: Multiple Vendor CUPS CGI Heap Overflow Vulnerability,
iDefense Labs
- [SECURITY] [DSA 1524-1] New krb5 packages fix multiple vulnerabilities,
Noah Meyerhans
- CORE-2008-0123: Leopard Server Remote Path Traversal,
Core Security Technologies Advisories
- MITKRB5-SA-2008-002: array overrun in RPC library used by kadmin (resend, corrected subject),
raeburn
- MITKRB5-SA-2008-001: double-free, uninitialized data vulnerabilities in krb5kdc,
raeburn
- Digital Armaments March-April Hacking Challenge: 5,000$ Prize - Client Vulnerabilities and Exploit,
info
- [ GLSA 200803-26 ] Adobe Acrobat Reader: Insecure temporary file creation,
Robert Buchholz
- [ GLSA 200803-24 ] PCRE: Buffer overflow,
Tobias Heinlein
- cPanel 11.x => List Directories and Folders,
xx_hack_xx_2004
- [security bulletin] HPSBST02320 SSRT080028 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-014 to MS08-017,
security-alert
- Internet Explorer 7.0 crash,
jplopezy
- [ GLSA 200803-25 ] Dovecot: Multiple vulnerabilities,
Robert Buchholz
- VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues,
VMware Security team
- eForum 0.4 XSS,
omnipresent
- [SECURITY] [DSA 1523-1] New ikiwiki packages fix cross-site scripting,
Florian Weimer
- [SECURITY] [DSA 1522-1] New unzip packages fix potential code execution,
Florian Weimer
- Cross Site Scripting (XSS) in phpstats 0.1_alpha, CVE-2008-0125,
Hanno Böck
- [SECURITY] [DSA 1485-2] New icedove packages fix regression,
Moritz Muehlenhoff
- Agile Hacking,
Petko D. Petkov
- Home FTP Server DoS,
0in . email
- Buffer-overflow in BootManage TFTPD 1.99,
Luigi Auriemma
- Multiple vulnerabilities in Net Inspector 6.5.0.828,
Luigi Auriemma
- VLC highlander bug,
Luigi Auriemma
- Re: Format string in McAfee Framework 3.6.0.569 (ePolicy Orchestrator 4.0),
greentea-lemon
- [SECURITY] [DSA 1493-2] New sdl-image1.2 packages fix arbitrary code execution,
Thijs Kinkhorst
- raidsonic nas-4220 crypt disk key leak (stored in plain on unencrypted partition),
Collin R. Mulliner
- Security Advisory on RSA Web ID (XSS),
quentin . berdugo
- Mutiple Timesheets <= 5.0 - Multiple Remote Vulnerabilities,
sys-project
- EasyCalendar <= 4.0tr - Multiple Remote Vulnerabilities,
sys-project
- vuln in snewscms Rus v 2.3,
www . yo . by
- [SECURITY] [DSA 1521-1] New lighttpd packages fix arbitrary file disclosure,
Steve Kemp
- [ GLSA 200803-23 ] Website META Language: Insecure temporary file usage,
Pierre-Yves Rofes
- [SECURITY] [DSA 1520-1] New smarty packages fix arbitrary code execution,
Thijs Kinkhorst
- Joomla components com_guide "category" Remote SQL Injection [Aria-Security],
no-reply
- [SECURITY] [DSA 1519-1] New horde3 packages fix information disclosure,
Thijs Kinkhorst
- [SECURITY] [DSA 1518-1] New backup-manager packages fix information disclosure,
Thijs Kinkhorst
- [SECURITY] [DSA 1517-1] New ldapscripts packages fix information disclosure,
Thijs Kinkhorst
- XNview 1.92.1 Long Filename Overflow,
Sylvain
- Rosoft Media Player 4.1.8 RML Stack Based Buffer Overflow,
opexoc
[Home]
[Netfilter]
[Linux Security]
[Linux]
[Kernel]
[Photo]
