BugTraq@security-focus.com List Archive

• Thread Index

• [SECURITY] [DSA 1120-1] New Mozilla Firefox packages fix several vulnerabilities, Martin Schulze,
• [Kurdish Security # 14] MoSpray [base_dir] Remote Command Execution [ Mambo & Joomla], botan,
• Vanilla CMS <= 1.0.1 (RootDirectory) Remote file inclusion Vuln., mfoxhacker,
• [ GLSA 200607-08 ] GIMP: Buffer overflow, Sune Kloppenborg Jeppesen,
• [CYBSEC] TippingPoint detection bypass, Andres Riancho,
• Buffer-overflow in the XM loader of Cheese Tracker 0.9.9, Luigi Auriemma,
• [SECURITY] [DSA 1121-1] New postgrey packages fix denial of service, Martin Schulze,
• PHP Live! v3.2 (header.php) Remote File Include Vulnerabilities, saudi . unix,
• Re: Re: [Full-disclosure] iDefense Security Advisory 07.20.06: Sun Microsystems Solaris sysinfo() Kernel Memory Disclosure Vulnerability, Micheal Turner,
• Re: [ GLSA 200607-08 ] GIMP: Buffer overflow, Michael Shigorin,
• Check Point R55W Directory Traversal, Sec-Tec Lists,
• [USN-322-1] Konqueror vulnerability, Martin Pitt,
• MusicBox <= 2.3.4 XSS SQL injection Vulnerability, securityconnection,
• [SECURITY] [DSA 1124-1] New fbi packages fix potential deletion of user data, Moritz Muehlenhoff,
• Windows XP/NT/SMB2003/2000 Denial of Service attack, J. Oquendo,
• ERRATA: [ GLSA 200607-08 ] GIMP: Buffer overflow, Sune Kloppenborg Jeppesen,
• [MajorSecurity #26] Woltlab Burning Board - Multiple Cookie manipulation and session fixation vulnerabilities, admin,
• Write-up by Amit Klein: "Forging HTTP request headers with Flash", Amit Klein (AKsecurity),
• SQuery v.x (devi.php) (armygame.php) Remote File Inclusion, saudi . unix,
• [SECURITY] [DSA 1123-1] New libdumb packages fix arbitrary code execution, Moritz Muehlenhoff,
• Heap overflow in the GT2 loader of libmikmod 3.2.2, Luigi Auriemma,
• rPSA-2006-0135-1 gimp, Justin M. Forbes,
• Digital Armaments Security Advisory 24.07.2006: Siemens Speedstream Wireless/Router Denial of Service Vulnerability, info,
• Opsware NAS 6.0 reveals MySQL 'root' password, Freeman, Michael,
• SYMSA-2006-008:Password Safe - Lock Password Database Configuration Not Enforced, research,
• Buffer-overflow in recvTextMessage and NETrecvFile in Warzone Resurrection 2.0.3 (SVN 127), Luigi Auriemma,
• [SECURITY] [DSA 1122-1] New Net::Server packages fix denial of service, Martin Schulze,
• Two crash vulnerabilities in Freeciv 2.1.0-beta1 (SVN 15 Jul 2006), Luigi Auriemma,
• [ GLSA 200607-09 ] Wireshark: Multiple vulnerabilities, Sune Kloppenborg Jeppesen,
• [USN-296-2] Firefox vulnerabilities, Martin Pitt,
• Advisory: VMware Possible Incorrect Permissions On SSL Key Files, Nick Breese,
• [vuln.sg] DynaZip DZIP32.DLL/DZIPS32.DLL Buffer Overflow Vulnerabilities, vulnpost-remove,
• [vuln.sg] TurboZIP ZIP Repair Buffer Overflow Vulnerability, vulnpost-remove,
• [vuln.sg] AGEphone "sipd.dll" SIP Packet Handling Buffer Overflow, vulnpost-remove,
• LinksCaffe 3.0 SQL injection/Command Execution Vulnerabilties, simo64,
• [ GLSA 200607-10 ] Samba: Denial of Service vulnerability, Sune Kloppenborg Jeppesen,
• [security bulletin] HPSBUX02087 SSRT4728 rev.2 - HP-UX running TCP/IP Remote Denial of Service (DoS), security-alert,
• Re: Ashop Search Module SQL injection, security curmudgeon,
• [ MDKSA-2006:131 ] - Updated perl-Net-Server packages fix format string vulnerability, security,
• Full Path Disclosure xGuestBook v1.02, dicomdk,
• MS06-034 lies? IIS 6 can still be owned?, Cesar,
• Secunia Research: AutoVue SolidModel Professional Buffer Overflow Vulnerability, Secunia Research,
• [USN-297-3] Thunderbird vulnerabilities, Martin Pitt,
• [USN-320-2] php4 regression, Martin Pitt,
• EzUpload multi file vulnerabilities, hack2prison,
• Multiple vulnerabilities in OpenCMS, Meder Kydyraliev,
• [SECURITY] [DSA 1111-2] New Linux kernel 2.6.8 packages fix privilege escalation, Moritz Muehlenhoff,
• Re: Write-up by Amit Klein: "Forging HTTP request headers with Flash", Amit Klein (AKsecurity),
• wwwThreads XSS, l2odon,
• Professional Home Page Tools Login Script Cross Site Scripting Vulnerabilities, tamriel,
• PHP-Auction SQL injection, l2odon,
• Zyxel Prestige 660H-61 Cross-Site Scripting, jose . palanco,
• TP-Book <= 1.00 Cross Site Scripting Vulnerabilities, tamriel,
• ZDI-06-024: eIQNetworks Enterprise Security Analyzer License Manager Buffer Overflow Vulnerability, zdi-disclosures,
• ZDI-06-023: eIQNetworks Enterprise Security Analyzer Syslog Server Buffer Overflow Vulnerability, zdi-disclosures,
• TSRT-06-04: eIQnetworks Enterprise Security Analyzer Topology Server Buffer Overflow Vulnerability, TSRT,
• TSRT-06-03: eIQnetworks Enterprise Security Analyzer Syslog Server Buffer Overflow Vulnerabilities, TSRT,
• [SECURITY] [DSA 1125-1] New drupal packages fix execution of arbitrary web script code, Moritz Muehlenhoff,
• Cisco VPN Concentrator IKE resource exhaustion DoS Advisory, Roy Hills,
• Etomite CMS <= 0.6.1 'rfiles.php' remote command execution, rgod,
• [USN-323-1] mozilla vulnerabilities, Martin Pitt,
• [ECHO_ADV_41$2006] BufferOverflow in Midirecord2, the_day,
• [vuln.sg] PowerArchiver DZIPS32.DLL Buffer Overflow Vulnerability, vulnpost-remove,
• [OpenPKG-SA-2006.014] OpenPKG Security Advisory (shiela), OpenPKG,
• Secunia Research: FileCOPA Directory Argument Handling Buffer Overflow, Secunia Research,
• Phpprobid <= 5.24 XSS SQL injection Vulnerability, securityconnection,
• Re: new shell bypass safe mode, cxib,
• Re: Write-up by Amit Klein: "Forging HTTP request headers with Flash", 3CO,
• NSFOCUS SA2006-07 : ISS RealSecure/BlackICE MailSlot Heap Overflow Detection Remote DoS Vulnerability, NSFOCUS Security Team,
• a6mambohelpdesk Mambo Component <= 18RC1 Remote Include Vulnerability, Dr . Jr7,
• Re: Write-up by Amit Klein: "Forging HTTP request headers with Flash", Amit Klein (AKsecurity),
• GeoClassifieds Enterprise <= 2.0.5.2 Cross Site Scripting, securityconnection,
• Re: Opsware NAS 6.0 reveals MySQL 'root' password, security-alert,
• [SECURITY] [DSA 1126-1] New Asterisk packages fix denial of service, Martin Schulze,
• Cross-Site Scripting and Local File Inclusion in Phorum, Meftun,
• Buffer Overflow Vulnerability in Winlpd, Meftun,
• Re: Low security hole affecting IPCalc's CGI wrapper, krischan,
• [USN-324-1] freetype vulnerability, Martin Pitt,
• [USN-325-1] ruby1.8 vulnerability, Martin Pitt,
• [USN-326-1] heartbeat vulnerability, Martin Pitt,
• [SECURITY] [DSA 1125-2] New drupal packages fix execution of arbitrary web script code (revised packages), Moritz Muehlenhoff,
• Secunia Research: Mozilla Firefox XPCOM Event Handling Memory Corruption, Secunia Research,
• Bypassing Oracle dbms_assert, ak,
• ZDI-06-025: Mozilla Firefox Javascript navigator Object Vulnerability, zdi-disclosures,
• rPSA-2006-0137-1 firefox, Justin M. Forbes,
• Xss in MttKe-php v2.6, R0t-K33Y,
• AIM Triton 1.0.4 (SipXtapi) Remote Buffer Overflow Exploit (PoC), c0rrupt,
• Oracle 10g R2 and, probably, all previous versions, putosoft softputo,
• Re: HYSA-2006-008 myBloggie 2.1.3 CRLF & SQL Injection, Steven M. Christey,
• [USN-327-1] firefox vulnerabilities, Martin Pitt,
• Cisco Security Advisory: Windows VPN Client Local Privilege Escalation Vulnerability, Cisco Systems Product Security Incident Response Team,
• [USN-328-1] Apache vulnerability, Martin Pitt,
• [FLSA-2006:175040] Updated php packages fix security issues, Marc Deslauriers,
• Re: Bypassing Oracle dbms_assert, David Litchfield,
• [SECURITY] [DSA 1127-1] New ethereal packages fix several vulnerabilities, Moritz Muehlenhoff,
• [OpenPKG-SA-2006.015] OpenPKG Security Advisory (apache), OpenPKG,
• [SECURITY] [DSA 1128-1] New heartbeat packages fix local denial of service, Martin Schulze,
• Portail PHP v1.7 Remote File Include, Meftun,
• [ MDKSA-2006:132 ] - Updated libwmf packages fixes integer overflow vulnerability, security,
• [OpenPKG-SA-2006.016] OpenPKG Security Advisory (ruby), OpenPKG,
• [OpenPKG-SA-2006.017] OpenPKG Security Advisory (freetype), OpenPKG,
• Remote Include Vulnerability ====> in Dr.Jr7 Gallery 3.2 RC1, R0t-K33Y,
• RE: Bypassing Oracle dbms_assert, Alexander Kornbrust,
• Oracle 10g R2 and, probably, all previous versions, Russell Lowenthal,
• [Announcement] Apache HTTP Server 2.2.3 (2.0.59, 1.3.37) Released, William A. Rowe, Jr.,
• Apache mod_rewrite Buffer Overflow Vulnerability, Avert,
• [SECURITY] [DSA 1129-1] New osiris packages fix arbitrary code execution, Martin Schulze,
• PHP-Nuke INP XSS, l2odon,
• Guestbook Mambo Module <== v1.3.0 Multiple Remote File Include Vulnerabilities, matdhule,
• Re: Fusion Polls (xtrphome) Remote File Inclusion, security curmudgeon,
• Lan-Aces Office Logic, Mike,
• Re: Check Point R55W Directory Traversal, dave_kwek,
• cpanel login problem, ali,
• Hustle -- Tumbleweed Email Firewall Remote Vulnerability, Ryan Smith,
• PrinceClan Chess Mambo Com <= 0.8 Remote Inclusion Vulnerability, tr_zindan,
• Re: Bypassing Oracle dbms_assert, David Litchfield,
• rPSA-2006-0139-1 httpd mod_ssl, Justin M. Forbes,
• [USN-329-1] Thunderbird vulnerabilities, Martin Pitt,
• PHP ip2long() function circumvention, rgod,
• Coppermine Photo Gallery v1.2.2b-Nuke Remote File Inclusion Vulnerabilities, A-S-T2006,
• XSS vulnerability on AWBS, newbinaryfile,
• RE: TSRT-06-04: eIQnetworks Enterprise Security Analyzer Topology Server Buffer Overflow Vulnerability, Desai, Deepen,
• Re: Cisco VPN Concentrator IKE resource exhaustion DoS Advisory, Eloy Paris,
• [KAPDA::#53] MYBB XSS and Dir Traversal in usercp.php, roozbeh_afrasiabi,
• [ MDKSA-2006:133 ] - Updated apache packages fix mod_rewrite vulnerability, security,
• Mambo Gallery Manager v095.r3 Remote File Inclusion Vulnerabilities, A-S-T2006,
• mambatstaff Mambo Component <= Remote Include Vulnerability, Dr . Jr7,
• artlinks Mambo Component <= Remote Include Vulnerability, Dr . Jr7,
• [ GLSA 200607-12 ] OpenOffice.org: Multiple vulnerabilities, Stefan Cornelius,
• [ MDKSA-2006:134 ] - Updated ruby packages fix safe-level vulnerabilities, security,
• Gdiplus.dll division by 0, Mr . Niega,
• Re: cpanel login problem, nate,
• [ GLSA 200607-13 ] Audacious: Multiple heap and buffer overflows, Matthias Geerdsen,
• [ GLSA 200607-11 ] TunePimp: Buffer overflow, Stefan Cornelius,

This archive provided courtesy of JSW4.NET, Internet Hosting Services for Small Business.
The main JSW4.NET technical listserv archive and search page.
The main archive page for this list.