BugTraq@security-focus.com List Archive
- [ GLSA 200607-03 ] libTIFF: Multiple buffer overflows,
Sune Kloppenborg Jeppesen,
- Webvizyon Portal 2006 Version SQL Injection,
StorMBoY,
- Securing PHP or finding PHP alternatives (was: PHP security (or the lack thereof)),
Gezim Hoxha,
- Re: Invision Power Board "v1.X & 2.X" SQL Injection,
mattmecham,
- Graffiti Forums v1.0 SQL Injection Vulnerabilities,
paisterist . nst,
- Re: Mico crashes when contected with wrong IOR / DoS,
tuergeist,
- [ GLSA 200607-04 ] PostgreSQL: SQL injection,
Sune Kloppenborg Jeppesen,
- MT rmcek Toplist v2.2 Version Microsoft Access Driver ( MDB ) Download,
StorMBoY,
- Re: RE: Invision Vulnerabilities, including remote code execution,
mattmecham,
- LAMP vs Microsoft,
Darren Reed,
- Re: [KAPDA::#46] - AjaxPortal Authentication Bypass,
earthquake,
- ERNW Security Advisory 02/2006 - Buffer Overflow in sipXtapi (used in AOL Triton),
mozilla,
- [ECHO_ADV_37$2006] pc_cookbook Mambo/Joomla Component <= v0.3 Remote File Include Vulnerabilities,
matdhule,
- Re: rPSA-2006-0122-1 kernel,
Paul Starzetz,
- Re: [ MDKSA-2006:116 ] - Updated kernel packages fixes multiple vulnerabilities,
Paul Starzetz,
- [SECURITY] [DSA 1106-1] New ppp packages fix privilege escalation,
Martin Schulze,
- phpPolls 1.0.3 Administration ByPass,
alp_eren,
- Re: galleria <= 1.0 Remote File Inclusion Vulnerability,
counterpoint,
- Re: Invision Power Board v1.3 Final SQL Injection,
mattmecham,
- [USN-312-1] gimp vulnerability,
Martin Pitt,
- RE: MIMESweeper For Web 5.X Cross Site Scripting,
Erez Metula,
- CC announces new Rootkit help forum insync with Book,
Paul Laudanski,
- MS Word Unchecked Boundary Condition Vulnerability,
naveed,
- Re: Re: vBulletin 3.5.4 (install_path) Exploit,
mikathebest2003,
- RE: WebEx Downloader Plug-in Multiple Vulnerabilities + rant,
Web Ex,
- Digital Armaments Security Advisory 10.07.2006: Flexwath Authorization Bypassing and XSS Vulnerability,
info,
- Re: PHP security (or the lack thereof),
Darren Reed,
- Re: Mico crashes when contected with wrong IOR / DoS,
Karel Gardas,
- Old vulnerable sotwares collection,
Jerome Athias,
- Webmin / Usermin Arbitrary File Disclosure Vulnerability exploit,
Alexander Hristov,
- Re: Windows Explorer URL File format overflow,
naveed,
- Re: Mico crashes when contected with wrong IOR / DoS,
Karel Gardas,
- [ANNOUNCEMENT] Samba 3.0.1 - 3.0.22: memory exhaustion DoS against smbd,
Gerald (Jerry) Carter,
- [SECURITY] [DSA 1107-1] New GnuPG packages fix denial of service,
Martin Schulze,
- Re: Mico crashes when contected with wrong IOR / DoS,
tuergeist,
- Local file inclusion in Farsinews3.0BETA1,
armin390,
- randshop <= 1.1.x (index.php) Remote File Inclusion Vulnerability,
Saudi . Unix,
- Re: LAMP vs Microsoft,
Jarrod Frates,
- Juniper Networks DX Web Administration Persistent System Log XSS Vulnerability,
Darren Bounds,
- Re: LAMP vs Microsoft,
Bob Beck,
- [ GLSA 200607-02 ] FreeType: Multiple integer overflows,
Sune Kloppenborg Jeppesen,
- [ GLSA 200607-05 ] SHOUTcast server: Multiple vulnerabilities,
Sune Kloppenborg Jeppesen,
- Re: Securing PHP or finding PHP alternatives,
Crispin Cowan,
- SYMSA-2006-007: Microsoft Office Malformed String Parsing Vulnerability,
research,
- CYBSEC - Security Pre-Advisory: Microsoft Windows DHCP Client Service Remote Buffer Overflow,
Mariano Nuñez Di Croce,
- TSRT-06-02: Microsoft SRV.SYS Mailslot Ring0 Memory Corruption Vulnerability,
Tippingpoint Security Research Team,
- ZDI-06-022: Microsoft Office Excel File Rebuilding Code Execution Vulnerability,
zdi-disclosures,
- Re: LAMP vs Microsoft,
Steven M. Christey,
- [USN-313-1] OpenOffice.org vulnerabilities,
Martin Pitt,
- [USN-316-1] installer vulnerability,
Martin Pitt,
- [USN-315-1] libmms, xine-lib vulnerabilities,
Martin Pitt,
- Cisco Security Advisory: Multiple Cisco Unified CallManager Vulnerabilities,
Cisco Systems Product Security Incident Response Team,
- [ MDKA-2006:119 ] - Updated ppp packages fix plugin vulnerability,
security,
- Re: ATutor 1.5.3 Cross Site Scripting,
info,
- SQuery <= 4.5(libpath) Remote File Inclusion Exploit,
SHiKaA-,
- Cisco Security Advisory: Cisco Router Web Setup Ships with Insecure Default IOS Configuration,
Cisco Systems Product Security Incident Response Team,
- Re: [ANNOUNCEMENT] Samba 3.0.1 - 3.0.22: memory exhaustion DoS against smbd,
Gerald (Jerry) Carter,
- [USN-314-1] samba vulnerability,
Martin Pitt,
- Cisco Security Advisory: Cisco Intrusion Prevention System Malformed Packet Denial of Service,
Cisco Systems Product Security Incident Response Team,
- rPSA-2006-0128-1 samba samba-swat,
Justin M. Forbes,
- Fuzzing Microsoft Office,
naveed,
- SMB Information Disclosure Vulnerability,
Avert,
- [SECURITY] [DSA 1108-1] New mutt packages fix arbitrary code execution,
Moritz Muehlenhoff,
- Microsoft Excel Array Index Error Remote Code Execution,
Sowhat,
- [ MDKSA-2006:117-1 ] - Updated libmms packages fix buffer overflow vulnerability,
security,
- NSFOCUS SA2006-04 : Microsoft Office GIF Filter Buffer Overflow Vulnerability,
NSFOCUS Security Team,
- Linux Kernel 2.6.x PRCTL Core Dump Handling - Local r00t Exploit ( BID 18874 / CVE-2006-2451 ),
Roman Medina-Heigl Hernandez,
- TOPo v.2.2.178 Account Reset,
darkz . gsa,
- S21Sec-032-en: Vulnerability in Fatwire Content Server,
labs,
- RE: Old vulnerable sotwares collection,
John Rigali,
- Re: Browser bugs hit IE, Firefox today (SANS),
3CO,
- Lazarus Guestbook Cross Site Scripting Vulnerabilities,
simo64,
- [ MDKSA-2006:120 ] - Updated samba packages fix DoS vulnerability,
security,
- NSFOCUS SA2006-06 : Microsoft Excel COLINFO Record Buffer Overflow Vulnerability,
NSFOCUS Security Team,
- New CVE number states Excel Style handling as a separate issue,
Juha-Matti Laurio,
- Re: WordPress 2.0.3 SQL Error and Full Path Disclosure,
zck zck,
- Re: # MHG Security Team --- PHPAskIt v2.0.1 Remote File Inc.,
Amelie,
- NSFOCUS SA2006-05 : Microsoft Excel SELECTION Record Memory Corruption Vulnerability,
NSFOCUS Security Team,
- FLV Players Multiple Input Validation Vulnerabilities,
xzerox,
- [ MDKSA-2006:121 ] - Updated xine-lib packages fix buffer overflow vulnerability,
security,
- Re: # MHG Security Team --- PHPAskIt v2.0.1 Remote File Inc.,
amelie,
- [ECHO_ADV_38$2006] Multiple Mambo/Joomla Component Remote File Include Vulnerabilities,
matdhule,
- RE: WordPress 2.0.3 SQL Error and Full Path Disclosure,
Aaron Newman,
- SYMSA-2006-004 (Full Details): Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution,
research,
- [USN-317-1] zope2.8 vulnerability,
Martin Pitt,
- Photocycle v1.0 - XSS,
luny,
- ScozNews Final-Php <=1.1 Remote File Inclusion Vulnerability,
x0r0n,
- Orbitmatrix PHP Script v1.0,
luny,
- Flipper Poll <= 1.1.0 Remote File Inclusion Vulnerability,
x0r0n,
- [USN-318-1] libtunepimp vulnerability,
Martin Pitt,
- [ MDKSA-2006:122 ] - Updated php packages fix multiple vulnerabilities,
security,
- flatnuke <= 2.5.7 arbitrary php file upload,
rgod,
- PHORUM 5 arbitrary local inclusion,
rgod,
- phpbb 3.x sql injection (with global moderator rights),
rgod,
- [ MDKSA-2006:123 ] - Updated kernel packages fixes multiple vulnerabilities,
security,
- Re: [ECHO_ADV_38$2006] Multiple Mambo/Joomla Component Remote File Include Vulnerabilities,
Joxean Koret,
- perForms <= 1.0 ([mosConfig_absolute_path]) Remote File Inclusion,
endeneu,
- [security bulletin] HPSBUX02120 SSRT051057 rev.2 - HP-UX Local Denial of Service (DoS),
security-alert,
- rPSA-2006-0122-2 kernel,
Justin M. Forbes,
- Re: WebEx Downloader Plug-in Multiple Vulnerabilities + rant,
Mark Rowe,
- IE <= 6 DoS vulnerability,
jonasschaub,
- Phorum 5.1.15 security release (fixes "PHORUM 5 arbitrary local inclusion"),
Maurice Makaay,
- Microsoft Works - Buffer Overflows / Denial of Service (DoS)-Vulnerabilities,
Benjamin Tobias Franz,
- Linux Kernel 2.6.x PRCTL Core Dump Handling -- Simple workaround,
Caveo Internet BV - Security,
- EEYE: McAfee ePolicy Orchestrator Remote Compromise,
eEye Advisories,
- Re: Photocycle v1.0 - XSS,
securityfocus,
- Re: Linux Kernel 2.6.x PRCTL Core Dump Handling -- Simple workaround,
Hugo van der Kooij,
- Bybass HTTP ( extension files ) in ISA 2004,
medozero,
- MS Power Point Multiple Vulnerabilities (powerpnt.exe)- POC,
naveed,
- MS Power Point Multiple Vulnerabilities - (mso.dll) POC,
naveed,
- MS Power Point Multiple Vulnerabilities - (memory corruption) POC,
naveed,
- Norton Insufficient protection of Norton service registry keys,
David Matousek,
- Kerio Terminating 'kpf4ss.exe' using internal runtime error Vulnerability,
David Matousek,
- Re: Securing PHP or finding PHP alternatives,
Michael Shigorin,
- Re: Securing PHP or finding PHP alternatives,
SkyFlash,
- Linux sys_prctl LKM based hotfix,
Abhisek Datta,
- crashing firefox <= 1.5.0.4,
reywen,
- saphp "add.php" forumid Parameter SQL Injection,
Breeeeh,
- RE: Re: vBulletin 3.5.4 (install_path) Exploit,
Robert Marquardt,
- XSS phpBB 2.0.21 in administration,
renatrix,
- MyGallery "Room.php" SQL Injection,
Breeeeh,
- Rocks Clusters <=4.1 local root,
Xavier,
- Re: WordPress 2.0.3 SQL Error and Full Path Disclosure,
jholguin,
- [SECURITY] Plain text password in Finjan Appliance 5100/8100 NG backup file,
finde_schwachstelle,
- Re: Webmin / Usermin Arbitrary File Disclosure Vulnerability exploit,
José Parrella,
- Phorum 5.1.14 XSS SQL injection Vulnerability,
securityconnection,
- Re: WordPress 2.0.3 SQL Error and Full Path Disclosure,
nate,
- MiniBB Forum <= 1.5a Remote File Include Vulnerabilities,
matdhule,
- VBZooM "sendmail.php" SQL Injection,
Breeeeh,
- Re: [Full-disclosure] ERNW Security Advisory 02/2006 - Buffer Overflow in sipXtapi (used in AOL Triton),
Mailinglists,
- Re: LAMP vs Microsoft,
Darren Reed,
- SubberZ[Lite] - Remote File Include,
ChironeX . FleckeriX,
- RE: MIMESweeper For Web 5.X Cross Site Scripting,
Erez Metula,
- VBZooM <=V1.11 " reply.php" SQL Injection,
Breeeeh,
- VBZooM <=V1.11 " ignore-pm.php" SQL Injection,
Breeeeh,
- Microsoft PowerPoint 0-day Vulnerability FAQ document written,
Juha-Matti Laurio,
- Re: [ GLSA 200607-05 ] SHOUTcast server: Multiple vulnerabilities,
Cyneox,
- Re: Securing PHP or finding PHP alternatives,
Sheryl Coppenger,
- Re: phpbb 3.x sql injection (with global moderator rights),
bugtraq,
- Crtical Shockwave Embeded XSS Execution,
spammeanddie,
- Re: Securing PHP or finding PHP alternatives (was: PHP security (or the lack thereof)),
Matthias Kestenholz,
- VBZooM <=V1.11 "sub-join.php" SQL Injection,
Breeeeh,
- [OpenPKG-SA-2006.013] OpenPKG Security Advisory (mutt),
OpenPKG,
- Re: LAMP vs Microsoft,
Bob Beck,
- Fantastic Guestbook v2.0.1 Advisory,
omnipresent,
- Re: LAMP vs Microsoft,
Darren Reed,
- Re: Buddy Zone Version 1.0.1 - XSS,
support,
- Re: LAMP vs Microsoft,
Joel Maslak,
- Re: LAMP vs Microsoft,
Bob Beck,
- Re: Linux Kernel 2.6.x PRCTL Core Dump Handling -- Simple workaround,
Michael Shigorin,
- Invision Power Board 2.1 <= 2.1.6 sql injection,
rst,
- Re: Securing PHP or finding PHP alternatives (was: PHP security (or the lack thereof)),
Meet Myself on the Internet,
- Re: Linux Kernel 2.6.x PRCTL Core Dump Handling -- Simple workaround,
Lukasz Trabinski,
- Re: [Full-disclosure] Re: Linux Kernel 2.6.x PRCTL Core Dump Handling - Local r00t Exploit ( BID 18874 / CVE-2006-2451 ),
Jon Hart,
- Gracenote buffer overflow,
MNV,
- MyBulletinBoard (MyBB) 1.1.5 'CLIENT-IP' sql injection,
rgod,
Mail converted by MHonArc
This archive provided courtesy of JSW4.NET, Internet Hosting Services for Small Business.
The main JSW4.NET technical listserv archive and search page.
The main archive page for this list.