BugTraq@security-focus.com List Archive

• Thread Index

• UPDATE: [ GLSA 200605-08 ] PHP: Multiple vulnerabilities, Sune Kloppenborg Jeppesen,
• Re: cpanel login problem, Scott Gemma,
• RE: cpanel login problem, Bugs,
• Re: Portail PHP v1.7 Remote File Include, x0r0n,
• Re: PHP ip2long() function circumvention, darylf,
• Re: cpanel login problem, usar_y_tirar,
• com_moskool (admin.moskool.php) Remote File Include Vulnerabilities, saudi . unix,
• ATutor <= 1.5.3.1 'links' blind SQL injection / admin credentials disclosure, rgod,
• PHPAuction 2.1 (maybe higher) with phpAdsNew 2.0.5 RFI, philipp . niedziela,
• SQL injection Seir Anphin v666 Community Management System, vulnerabilities,
• Re: Cisco VPN Concentrator IKE resource exhaustion DoS Advisory, Pavel Kankovsky,
• Re: Gdiplus.dll division by 0, Early Warning Team,
• Re: Check Point R55W Directory Traversal, Hugo van der Kooij,
• Oracle and Apache mod_rewrite Vulnerability, tigerblue,
• Corsaire Security Advisory - VMware ESX Server Password Cross Site Request Forgery issue, advisories,
• Corsaire Security Advisory - VMware ESX Server Password Disclosure in Log issue, advisories,
• Corsaire Security Advisory - VMware ESX Server Password Disclosure in Cookie issue, advisories,
• Re: [EEYEB-20060227] D-Link Router UPNP Stack Overflow, solutions_PHP,
• Multiple vulnerabilities in Open Cubic Player 2.6.0pre6 / 0.1.10_rc5, Luigi Auriemma,
• RE: cpanel login problem, Alan,
• MyNewsGroups <= 0.6b (myng_root) Remote Inclusion Vulnerability, philipp . niedziela,
• Re: Do world's famous companies take care of their security?, Steven M. Christey,
• Re: Xss in MttKe-php v2.6, Steven M. Christey,
• [ GLSA 200608-01 ] Apache: Off-by-one flaw in mod_rewrite, Matthias Geerdsen,
• NewsLetter v3.5 <= (NL_PATH) Remote File Inclusion Exploit, tr_zindan,
• [Kurdish Security # 16 ] newsReporter v1.0 Remote Command Execution, botan,
• [Kurdish Security # 17 ] GuestBook 3.5 Remote Command Execution, botan,
• [Kurdish Security # 18 ] FAQ Script Remote Command Execution, botan,
• [Kurdish Security # 19 ] FileManager Remote Command Execution, botan,
• [Kurdish Security # 20 ] Quickie Remote Command Execution, botan,
• [Kurdish Security # 21] ShoutBox v4.4 Remote Command Execution, botan,
• [SECURITY] [DSA 1130-1] New sitebar packages fix cross-site scripting, Martin Schulze,
• WoW Roster <= 1.5.x Remote File Include (hsList.php), AG Spider,
• Re: Gdiplus.dll division by 0, giacomo collini,
• [vuln.sg] Lhaplus LHA Extended Header Handling Buffer Overflow Vulnerability, vulnpost-remove,
• [ MDKSA-2006:135 ] - Updated freeciv packages fix DoS vulnerabilities, security,
• VMSA-2006-0004 Cross site scripting vulnerability and other fixes, VMware Security Team,
• [USN-327-2] firefox regression, Martin Pitt,
• TSEP 0.9.4.2 <= Remote File Inclusion, philipp . niedziela,
• ISS BlackICE PC Protection DLL faking of run-time linked libraries Vulnerability, David Matousek,
• WoW Roster <= 1.5.x Remote File Include (hsList.php), AG Spider,
• [SECURITY] [DSA 1132-1] New apache2 packages fix buffer overflow, Steve Kemp,
• [SECURITY] [DSA 1131-1] New apache package fix buffer overflow, Steve Kemp,
• SUSE Security Announcement: freetype2 (SUSE-SA:2006:045), Thomas Biege,
• SUSE Security Announcement: libtiff (SUSE-SA:2006:044), Thomas Biege,
• [ MDKSA-2006:136 ] - Updated kdegraphics packages fix multiple libtiff vulnerabilities, security,
• SYM06-013 Symantec On-Demand Protection Encrypted Data Exposure, secure,
• Barracuda Vulnerability: Hardcoded Password [NNL-20060801-01], gssincla,
• Barracuda Vulnerability: Arbitrary File Disclosure [NNL-20060801-02], gssincla,
• DMA[2006-0801a] - 'Apple OSX fetchmail buffer overflow', K F (lists),
• Re: Gdiplus.dll division by 0, Dennis Lubert,
• [ MDKSA-2006:137 ] - Updated libtiff packages fix multiple vulnerabilities, security,
• [SECURITY] [DSA 1133-1] New mantis packages fix execution of arbitrary web script code, Moritz Muehlenhoff,
• JavaScript port scanning, pdp (architect),
• rPSA-2006-0142-1 libtiff, Justin M. Forbes,
• EEYE: research.eeye.com, Marc Maiffret,
• [SECURITY] [DSA 1134-1] New Mozilla Thunderbird packages fix several vulnerabilities, Martin Schulze,
• Secunia Research: Jetbox Multiple Vulnerabilities, Secunia Research,
• Re: Cisco VPN Concentrator IKE resource exhaustion DoS Advisory, Roy Hills,
• Re: SYM06-013 Symantec On-Demand Protection Encrypted Data Exposure, Chris Wysopal,
• SaveWeb Portal 3.4 <- (SITE_Path) Remote File Inclusion Vulnerability, x0r0n,
• Content Management Framework "G3" - XSS Vulnerability in Search Function, Stefan Friedli,
• rPSA-2006-0143-1 gnupg, Justin M. Forbes,
• [USN-330-1] tiff vulnerabilities, Martin Pitt,
• [eVuln] MyBB 'Avatar URL' XSS Vulnerability, alex,
• Re: Barracuda Vulnerability: Hardcoded Password [NNL-20060801-01], pingywon,
• [security bulletin] HPSBUX02108 SSRT061133 rev.13 - HP-UX Running Sendmail, Remote Execution of Arbitrary Code, security-alert,
• [SECURITY] [DSA 1136-1] New gpdf packages fix denial of service, Martin Schulze,
• [security bulletin] HPSBUX02124 SSRT061159 rev.1 - HP-UX Sendmail MIME Remote Denial of Service (DoS), security-alert,
• OZJournal v1.5 - XSS, luny,
• [SECURITY] [DSA 1137-1] New tiff packages fix several vulnerabilities, Martin Schulze,
• [security bulletin] HPSBGN02136 SSRT061173 rev.1 - ProCurve Series 3500yl, 6200yl, and 5400zl Switches Running Software Prior to K.11.33 Remote Denial of Service (DoS), security-alert,
• Hobbit monitor security bugfix release - 4.1.2p2, Henrik Stoerner,
• [SECURITY] [DSA 1138-1] New cfs packages fix denial of service, Moritz Muehlenhoff,
• [SECURITY] [DSA 1135-1] New libtunepimp packages fix arbitrary code execution, Martin Schulze,
• [security bulletin] HPSBUX02087 SSRT4728 rev.3 - HP-UX running TCP/IP Remote Denial of Service (DoS), security-alert,
• Simpliciti Locked Browser Jail Breakout Vulnerability, EvilPacket,
• RE: Barracuda Vulnerability: Hardcoded Password [NNL-20060801-01], Roger A. Grimes,
• TSEP <= 0.942 Remote File Include, beford,
• Vwar v1.5.0 <= Sql Injection and XSS vuln., mfoxhacker,
• Secunia Research: PC Tools AntiVirus Insecure Default Directory Permissions, Secunia Research,
• CMSimple Cross Site Scripting, Outlaw,
• [USN-331-1] Linux kernel vulnerabilities, Martin Pitt,
• [USN-332-1] gnupg vulnerability, Martin Pitt,
• Re: [Announcement] Apache HTTP Server 2.2.3 (2.0.59, 1.3.37) Released, Philip M. Gollucci,
• [SECURITY] [DSA 1139-1] New ruby1.6 packages fix privilege escalation, Moritz Muehlenhoff,
• Re: [Announcement] Apache HTTP Server 2.2.3 (2.0.59, 1.3.37) Released, William A. Rowe, Jr.,
• Javascript software authentication brute force attack, Gianstefano Monni,
• [MajorSecurity Advisory #27]ToendaCMS - Cross Site Scripting Issue, admin,
• [SECURITY] [DSA 1140-1] New GnuPG packages fix denial of service, Martin Schulze,
• SendCard <= 3.4.0 unauthorized administrative access / remote commands execution, rgod,
• [ GLSA 200608-02 ] Mozilla SeaMonkey: Multiple vulnerabilities, Stefan Cornelius,
• SolpotCrew Advisory #5 - modernbill ver 1.6 (DIR) Remote File Inclusion, chris_hasibuan,
• [DRUPAL-SA-2006-011] Drupal 4.7.3 / 4.6.9 fixes XSS issue, Uwe Hermann,
• Re: Barracuda Vulnerability: Arbitrary File Disclosure [NNL-20060801-02], Matthew Hall,
• [ GLSA 200608-03 ] Mozilla Firefox: Multiple vulnerabilities, Thierry Carrez,
• vbulletin 3.5.4 IE exploit xss, stefan,
• ME Download System 1.3 Remote File Inclusion, philipp . niedziela,
• [ GLSA 200608-04 ] Mozilla Thunderbird: Multiple vulnerabilities, Thierry Carrez,
• ZoneX 1.0.3 - Publishers Gold Edition Remote File Inclusion Vulnerability, x0r0n,
• [security bulletin] HPSBUX02137 SSRT051024 rev.1 - HP-UX Running Xserver Local Execution of Arbitrary Code, Privilege Elevation, security-alert,
• GaesteChaos <= 0.2 Multiple Vulnerabilities, Tamriel,
• CounterChaos <= 0.48c SQL Injection Vulnerability, Tamriel,
• GeheimChaos <= 0.5 Multiple SQL Injection Vulnerabilities, Tamriel,
• XSS in Vbulletin 3.6.0 in IE 0nly, Stefan,
• [SECURITY] [DSA 1141-1] New GnuPG2 packages fix denial of service, Martin Schulze,
• [ GLSA 200608-05 ] LibVNCServer: Authentication bypass, Sune Kloppenborg Jeppesen,
• [ GLSA 200608-06 ] Courier MTA: Denial of Service vulnerability, Sune Kloppenborg Jeppesen,
• [ECHO_ADV_42$2006] BufferOverflow in Eremove Client, erdc,
• [SECURITY] [DSA 1142-1] New freeciv packages fix arbitrary code execution, Martin Schulze,
• [ECHO_ADV_42$2006] PHP Live Helper <= 2.0 (abs_path) Remote File Inclusion, matdhule,
• [SECURITY] [DSA 1143-1] New dhcp packages fix denial of service, Martin Schulze,
• TSLSA-2006-0044 - multi, Trustix Security Advisor,
• CAID 34509 - CA eTrust Antivirus WebScan vulnerabilities, Williams, James K,
• phpAutoMembersArea 3.2.5 ($installed_config_file) Remote File Inclusion, philipp . niedziela,
• Barracuda Spam Firewall: Administrator Level Remote Command Execution [ID-20060804-01], Matthew Hall,
• [ GLSA 200608-07 ] libTIFF: Multiple vulnerabilities, Sune Kloppenborg Jeppesen,
• vBulletin 3.0.14 ~ init.php~ registerring global arbitary variable~ XSS exploit, addmimistrator,
• Tinyportal Shoutbox, exploitex,
• [ GLSA 200608-08 ] GnuPG: Integer overflow vulnerability, Sune Kloppenborg Jeppesen,
• MyBloggie <= 2.1.4 trackback.php SQL injection / admin credentials disclosure, rgod,

This archive provided courtesy of JSW4.NET, Internet Hosting Services for Small Business.
The main JSW4.NET technical listserv archive and search page.
The main archive page for this list.