BugTraq@security-focus.com List Archive

• Date Index

• Mambo/Joomla com_comprofiler Components <== v1.0 RC 2 Multiple Remote File Include Vulnerabilities, matdhule
• Cisco NAC Appliance Agent Installation Bypass Vulnerability, Andreas Gal
• Suggested Fix for CVE-2006-4299, Michael Jennings
• Jetbox CMS search_function.php Remote File, D3nGeR
• Jupiter CMS 1.1.5 index.php Remote File Include, D3nGeR
• Sql injection in Xoops, Omid
• Sql injection in Mambo & Joomla, Omid
• Bigace 1.8.2 (GLOBALS) Remote File Inclusion, vampire_chiristof
• [ GLSA 200608-24 ] AlsaPlayer: Multiple buffer overflows, Raphael Marichez
• AlstraSoft Video Share Enterprise Remote File Include Vulnerability, night_warrior-
• MyBB Html Injection ( XSS ), Redworm
• [ MDKSA-2006:152 ] - Updated wireshark packages fix multiple vulnerabilities, security
• CuteNews 1.3.* Remote File Include Vulnerability, stormhacker
• [ MDKSA-2006:151 ] - Updated kernel packages fix multiple vulnerabilities, security
• [ MDKSA-2006:150 ] - Updated kernel packages fix multiple vulnerabilities, security
• YaPiG thanks_comment.php Cross-Site Scripting Vulnerability, Kuon_at_Armorize_dot_com
• Indiana University Security Advisory: Fuji Xerox Printing Systems (FXPS) print engine vulnerabilities, Krulewitch, Sean V
• FreeBSD Security Advisory FreeBSD-SA-06:18.ppp [REVISED], FreeBSD Security Advisories
• rPSA-2006-0157-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs, Justin M. Forbes
• TSLSA-2006-0048 - multi, Trustix Security Advisor
• rPSA-2006-0158-1 tshark wireshark, Justin M. Forbes
• NSFOCUS SA2006-08 : Microsoft IE6 urlmon.dll Long URL Buffer Overflow Vulnerability, NSFOCUS Security Team
• Multiple Vulnerabilities in Asterisk 1.2.10 (Fixed in 1.2.11), Matt Riddell (IT)
• Re: [eVuln] B-net Software Multiple XSS Vulnerabilities, anon
• Re: contentpublisher Mambo Component Remote File Include Vulnerabilities, Carsten Eilers
• Advisory 05/2006: Zend Platform Multiple Remote Vulnerabilities, Stefan Esser
• pSlash v0.7 (lvc_include_dir) Remote Include Vulnerability, x0r0n
• [ MDKSA-2006:148 ] - Updated xorg-x11 packages fix vulnerabilities, security
• [ MDKSA-2006:149 ] - Updated MySQL packages fix user privilege vulnerabilities, security
• EEYE: Internet Explorer Compressed Content URL Heap Overflow Vulnerability, Marc Maiffret
• [SECURITY] [DSA 1155-2] New sendmail packages fix denial of service, Martin Schulze
• [ GLSA 200608-23 ] Heartbeat: Denial of Service, Sune Kloppenborg Jeppesen
• Re: Directory Traversal vulnerability in IPCheck Monitor Server, support
• [SECURITY] [DSA 1155-1] New sendmail packages fix denial of service, Martin Schulze
• Re: Opsware NAS 6.0 reveals MySQL 'root' password, danil9470
• Re: Joomla RF&#304; ( ERNE ), Carsten Eilers
• FreeBSD Security Advisory FreeBSD-SA-06:18.ppp, FreeBSD Security Advisories
• Re: Modification For OpenSEF Remote file Inclusion, Carsten Eilers
• Advisory: Integramod Portal <= 2.x File Inclusion Vulnerability, Mustafa Can Bjorn IPEKCI
• Advisory: VistaBB <= 2.x Multiple File Inclusion Vulnerabilities, Mustafa Can Bjorn IPEKCI
• [ GLSA 200608-22 ] fbida: Arbitrary command execution, Raphael Marichez
• [ GLSA 200608-21 ] Heimdal: Multiple local privilege escalation vulnerabilities, Raphael Marichez
• New malware names and updates to PowerPoint FAQ document, Juha-Matti Laurio
• Bugtraq ID: 18402, The Cute Group
• Cisco Security Advisory: Unintentional Password Modification in Cisco Firewall Products, Cisco Systems Product Security Incident Response Team
• Cisco Security Advisory: Cisco VPN 3000 Concentrator FTP Management Vulnerabilities, Cisco Systems Product Security Incident Response Team
• Symantec Gateway Security DNS exploit, Gianstefano Monni
  • AW: Symantec Gateway Security DNS exploit, Andre Braun
  • RE: Symantec Gateway Security DNS exploit, Pretorius, Wynand (ZA - Johannesburg)
  • <Possible follow-ups>
  • Re: Symantec Gateway Security DNS exploit, axel
• faille include in "VeriTECH" isreal, king-hacker
• [ MDKSA-2006:147 ] - Updated squirrelmail packages fix vulnerabilities, security
• Re: anjel Mambo Component Remote File Include, Carsten Eilers
• PHlyMail Lite [PM_[path][lib]=] Remote File Include Vulnerability, D3nGeR
  • Re: PHlyMail Lite [PM_[path][lib]=] Remote File Include Vulnerability, Carsten Eilers
• Re: discloser 0.0.4 Remote File Inclusion (with Exploit), Carsten Eilers
• PHProjekt v0.6.1 Remote File Inclusion Vulnerability (2), D3nGeR
  • Re: PHProjekt v0.6.1 Remote File Inclusion Vulnerability (2), Carsten Eilers
• BlackBoard Multiple Vulnerabilities (XSS), Pr070n
  • Re: BlackBoard Multiple Vulnerabilities (XSS), C. Hamby
  • <Possible follow-ups>
  • Re: BlackBoard Multiple Vulnerabilities (XSS), pr0t0n
• Symantec Enterprise Security Manager Denial-of-Service Vulnerability, Avert
• Re: mambo-phphop Product Scroller Module R.F.I, Carsten Eilers
• Tons of SQL-injections and XSS in Eichhorn Portal and vendor page, MC Iglo
• Linux Kernel SCTP Privilege Elevation Vulnerability, Avert
• (exploit) firefox 1.5.0.6 linux DoS, tomas
• Re: mtg_myhomepage Component For Mambo R.F.I, Carsten Eilers
• unauthorized VNC access in AK-Systems Windows Terminals, Victor Sudakov
• Re: Joomla Rssxt <= 1.0 Remote File Include Vulnerability, Carsten Eilers
• Re: Joomla x-shop <= 1.7 Remote File Include Vulnerability, Carsten Eilers
• Simple Machines Forum <=1.1RC2 unset() vulnerabilities, rgod
• Major updates in PowerPoint FAQ document - not a 0-day issue, Juha-Matti Laurio
• EEYE:ALERT: MS06-042 Related Internet Explorer 'Crash' is Exploitable, Marc Maiffret
• Simpliciti Locked Browser Jail Breakout Vulnerability, dc
• Vendor Statement: fixed Mobotix IP Network Cameras Multiple XSS bug, dkabs
• TTG0601 - Alt-N WebAdmin Multiple Vulnerabilities, TTG
• [ MDKSA-2006:146 ] - Updated Thunderbird packages fix multiple vulnerabilities, security
• MDaemon POP3 server remote buffer overflow (preauth), infocus
• [ MDKSA-2006:145 ] - Updated Firefox packages fix multiple vulnerabilities, security
• [ MDKSA-2006:144 ] - Updated php packages fix vulnerability, security
• DieselPay &#304;ndex.php Cross-Site Scripting Vulnerability, night_warrior-
• Smart Traffic Remote File Include Vulnerability, night_warrior-
• Diesel Paid Mail getad.php Cross-Site Scripting Vulnerability, night_warrior-
• Diesel Job Site forgot.php Cross-Site Scripting, night_warrior-
• SimpleBlog 2.0 <= "comments.asp" SQL Injection Exploit, ChironeX . FleckeriX
• Re: Startpage <= 1.0 (cfgLanguage) Remote File Inclusion Vulnerability, securityfocus
• ToendaCMS <= 1.0.3 -(tcms_administer_site) Remote File Include, h4ck3riran
  • Re: ToendaCMS <= 1.0.3 -(tcms_administer_site) Remote File Include, Carsten Eilers
• Mambo Component - EstateAgent Remote File Inclusion, Outlaw
  • Re: Mambo Component - EstateAgent Remote File Inclusion, Carsten Eilers
• [XSec-06-09]: Internet Explorer Multiple COM Objects Color Property DoS Vulnerability, nop
• DoS 2wire Gateway, preth00nker
• Mambo Component - Display MOSBot Manager Remote File Inclusion Vuln, Outlaw
  • Re: Mambo Component - Display MOSBot Manager Remote File Inclusion Vuln, Jan de Groot
  • <Possible follow-ups>
  • Mambo Component - Display MOSBot Manager Remote File Inclusion Vuln, Outlaw
• [XSec-06-08]: Windows 2000 Multiple COM Object Instantiation Vulnerability, nop
• Re: [SECURITY] [DSA 1150-1] New shadow packages fix privilege escalation, Henry Jensen
• New PowerPoint 0-day and Trojan - FAQ document ready, Juha-Matti Laurio
• [SECURITY] [DSA 1154-1] New squirrelmail packages fix information disclosure, Moritz Muehlenhoff
• WoltLab Burning Board 2.3.5(WBB) in XSS, ZeberuS
• LBlog <= "comments.asp" SQL Injection Exploit, ChironeX . FleckeriX
• POC & exploit for Apache mod_rewrite off-by-one, Jacobo Avariento

This archive provided courtesy of JSW4.NET, Internet Hosting Services for Small Business.
The main JSW4.NET technical listserv archive and search page.
The main archive page for this list.