BugTraq@security-focus.com List Archive

Date Index

[ GLSA 200609-11 ] BIND: Denial of Service, Raphael Marichez
easypage.org >> v7 sql injection, ali
rPSA-2006-0169-1 firefox thunderbird, rPath Update Announcements
Limbo - Lite Mambo CMS Multiple Vulnerabilities, security
Roller Weblogger XSS vulnerability, p3rlhax
[Reversemode Advisory] Apple Quicktime FLIC File Heap Overflow, Reversemode
BolinOS v.4.5.5 <= (gBRootPath) Remote File Include Vulnerability, x0r0n
phpQuiz sensitive file (install.php), sn_0py
Symantec Norton Insufficient validation of 'SymEvent' driver input buffer, David Matousek
Google Search API Worms, pdp (architect)
Mambo com_serverstat Component <=0.4.4 Remote File Include Vulnerability, x0r0n
@System Security Meeting in Pisa, Giorgio Zoppi
SolpotCrew Advisory #10 - phpBB XS (phpbb_root_path) Remote File Include, jong_amq
SolpotCrew Advisory #11 - ReviewPost 2.5 (RP_PATH) Remote File Inclusion, bius
ppalCart V(2.5 EE) Remote File Inclusion, l0x3
Signkorn Guestbook <= v1.3 Multiple Remote File Include Vulnerabilities, x17
MyBB Full path and Cross site scripting vulnerabilities, security
Jupiter CMS Multiple injections, security
Complain Center v1(loginprocess.asp) Admin ByPASS SQL Injection, ajannhwt
mcLinksCounter v1.1 - Remote File Include Vulnerabilities, erne
ClickBlog! <= v2.0 (default.asp) Admin ByPASS SQL Injection, ajannhwt
[SECURITY] [DSA 1177-1] New usermin packages fix denial of service, Martin Schulze
[SECURITY] [DSA 1160-2] New Mozilla packages fix several vulnerabilities, Martin Schulze
PhotoPost => 4.6 (PP_PATH) Remote File Inclusion Exploit, Saudi . unix
Fwd: IE ActiveX 0day?, Tyop Tyip
- Re: Fwd: IE ActiveX 0day?, H D Moore
- <Possible follow-ups>
- RE: IE ActiveX 0day?, Hayes, Bill
- Re: Fwd: IE ActiveX 0day?, Juha-Matti Laurio
Hackers to Hackers Conference III - Call for Papers, Rodrigo Rubira Branco (BSDaemon)
PhotoPost =>4.6 (PP_PATH) Remote File Inclusion Exploit, saudi . unix
[security bulletin] HPSBUX02126 SSRT051019 rev.1 - HP-UX running X.25 Local Denial of Service (Dos), security-alert
Layered Defense Advisory :Symantec AntiVirus Corporate Edition Format String Vulnerability, dh
SolpotCrew Advisory #9 - phpQuiz v0.01 design and coding byJule Slootbeek (pagename) Remote File Inclusion, chris_hasibuan
Fullpath disclosure in Blue Magic Board 5.5, hack2prison
SIP over TLS: X.509 peer authentication vulnerability in Ingate products, Per Cederqvist
Magic News Pro => 1.0.3 (script_path) Remote File Inclusion Exploit, saudi . unix
[USN-346-2] Fixed linux-restricted-modules-2.6.15 for previous Linux kernel update, Martin Pitt
Secunia Research: Tagger LE PHP "eval()" Injection Vulnerabilities, Secunia Research
XSS vulnerability in Blojsom, p3rlhax
[ GLSA 200609-10 ] DokuWiki: Arbitrary command execution, Sune Kloppenborg Jeppesen
DCP-Portal SE 6.0 multiple injections, security
ADOdb Date Library Full path Bugs, security
ToorCon Pre-Registration Closing Friday!, suppressed
[ MDKSA-2006:164 ] - Updated xorg-x11/XFree86 packages fix integer overflow vulnerabilities, security
Mailman 2.1.8 Multiple Security Issues, Moritz Naumann
PAKCON III: Call for Papers (CfP 2006), Ayaz Ahmed Khan
[SECURITY] [DSA 1176-1] New zope2.7 packages fix information disclosure, Moritz Muehlenhoff
PAKCON III: Announce (2006), Ayaz Ahmed Khan
[ GLSA 200609-08 ] xine-lib: Buffer overflows, Sune Kloppenborg Jeppesen
TualBLOG v 1.0 multiple sql injection, dj_remix_20
[eVuln] NX5Linkx Multiple Vulnerabilities, Alex
[eVuln] CJ Tag Board XSS Vulnerability, Alex
[ GLSA 200609-09 ] FFmpeg: Buffer overflows, Sune Kloppenborg Jeppesen
[eVuln] Links Manager Multiple XSS and SQL Injection Vulnerabilities, Alex
[eVuln] indexcity SQL Injection and XSS Vulnerabilities, Alex
[eVuln] Doika guestbook 'page' XSS Vulnerability, Alex
Snitz Forums 2000 v3.4.06, ajannhwt
- <Possible follow-ups>
- Re: Snitz Forums 2000 v3.4.06, bob
[0day] daxctle2.c - Internet Explorer COM Object Heap Overflow Download Exec Exploit, nop
Cisco IOS VTP issues, FX
- <Possible follow-ups>
- Re: Cisco IOS VTP issues, psirt
[SECURITY] [DSA 1161-2] New Mozilla Firefox packages fix several vulnerabilities, Martin Schulze
[security bulletin] HPSBMA02149 SSRT050968 rev.1 - HP OpenView Operations, Remote Unauthorized Access and Denial of Service (DoS), security-alert
[USN-345-1] mailman vulnerabilities, Martin Pitt
[security bulletin] HPSBUX02151 SSRT051021 rev.1 - HP-UX Running ARPA Transport Software, Local Denial of Service (DoS), security-alert
Re: SECURITY.NNOV: Panda Platinum Internet Security privilege escalation / bayesian filter control security vulnerabilities, lolfischer
Multiple Vulnerabilities in Apple QuickTime, avert
[ GLSA 200609-07 ] LibXfont, monolithic X.org: Multiple integer overflows, Sune Kloppenborg Jeppesen
NetPerformer FRAD ACT Multiple Vulnerabilities, arif . jatmoko
PHP Event Calendar Multiple Parameter Cross Site Scripting Vulnerability, OS2A BTO
# ForumJBC v4 < = Cross-Site Scripting - XSS Exploit ;, x17
[SECURITY] [DSA 1175-1] New isakmpd packages fix replay protection bypass, Martin Schulze
[EEYEB-20080824] Internet Explorer Compressed Content URL Heap Overflow Vulnerability #2, eEye Advisories
iDefense Security Advisory 09.12.06: Multiple Vendor X Server CID-keyed Fonts 'CIDAFM()' Integer Overflow, iDefense Labs
iDefense Security Advisory 09.12.06: Multiple Vendor X Server CID-keyed Fonts 'scan_cidfont()' Integer Overflow Vulnerability, iDefense Labs
iDefense Security Advisory 09.12.06: Apple QuickTime FLIC File Heap Overflow Vulnerability, iDefense Labs
Apple QuickTime H.264 Integer Overflow Vulnerability, Sowhat
[USN-344-1] X.org vulnerabilities, Martin Pitt
Computer Terrorism (UK) :: Incident Response Centre - Adobe/Macromedia Flash Player Vulnerability, irc
Computer Terrorism (UK) :: Incident Response Centre - Microsoft Publisher Font Parsing Vulnerability, irc
Apple QuickTime Player H.264 Codec Remote Integer Overflow, Piotr Bania
ERRATA: [ GLSA 200609-05 ] OpenSSL, AMD64 x86 emulation base libraries: RSA signature forgery, Sune Kloppenborg Jeppesen
Session Token Remains Valid After Logout in IBM Lotus Domino Web Access, dave . ferguson
NETGEAR Rotuer DG834GT Firmware V1.01.28 (DoS), nullflag
Newsscript version 0.5 (print.php) Local File Inclusion Vulnerability, daftrix
rPSA-2006-0167-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs, rPath Update Announcements
LedgerSMB 1.0.0 and SQL-Ledger 2.6.18 and earler arbitrary code execution, Chris Travers
AzzCoder => phpBB XS 0.58 Remote File Include, azzcoder
WTools v0.0.1-ALPH - Remote File Include Vulnerabilities, erne
Sql injection in Tikiwiki, Omid
CMS.R. the Content Management System admin authentication baypass, security
ShAnKaR: multiple PHP application poison NULL byte vulnerability, 3APA3A
- Re: ShAnKaR: multiple PHP application poison NULL byte vulnerability, Jerome Athias
SolpotCrew Advisory #8 - Mcgallerypro (path_to_folder) Remote File Inclusion, chris_hasibuan
C-News v 1.0.1 < = Multiple Remote File Include Vulnerabilities, the . leo . 008
Microsoft visual basic 6. overflow, mallahzadeh
[SECURITY] [DSA 1173-1] New openssl packages fix RSA signature forgery cryptographic weakness, Moritz Muehlenhoff
PhpLinkExchange v1.0 RFI + RC + Xss [RC-exploit], ali
SIPS v 0.2.2 < = Remote File Include Vulnerability, the . leo . 008
HotPlug CMS Config File Include Vulnerability, security
PayProCart <= 1146078425 Multiple Remote File Include Vulnerabilities, l0x3
text ads xss attack, ali
Open Bulletin Board <= 1.0.8 (root_path) File Include Vulnerability, l0x3
PUMA 1.0 RC 2 (config.php) Remote File Inclusion, philipp . niedziela
PHP Advanced Transfer Manager v1.20 ; Multiple Remote File Include Vulnerabilities, l0x3
- Re: PHP Advanced Transfer Manager v1.20 ; Multiple Remote File Include Vulnerabilities, Carsten Eilers
- <Possible follow-ups>
- Re: PHP Advanced Transfer Manager v1.20 ; Multiple Remote File Include Vulnerabilities, Carsten Eilers
  - Re: PHP Advanced Transfer Manager v1.20 ; Multiple Remote File Include Vulnerabilities, eddy BAck0o
- Re: PHP Advanced Transfer Manager v1.20 ; Multiple Remote File Include Vulnerabilities, Steven M. Christey
Re: Linux kernel source archive vulnerable, Gerald (Jerry) Carter
[SECURITY] [DSA 1174-1] New openssl096 packages fix RSA signature forgery cryptographic weakness, Moritz Muehlenhoff
Vikingboard 0.1b Multiple Vulnerabilities, no-replay
R: Linux kernel source archive vulnerable, Perego Paolo Franco
Re: WDT :-phpopenchat-3.0.* ($sourcedir) Remote File Inclusion Exploit, Carsten Eilers
MagpieRSS (a simple RSS integration tool) Full path vul, security
Re: [Full-disclosure] Linux kernel source archive vulnerable, Christine Kronberg
XHP CMS v0.5.1 Vuls Xss and Full path vuls, security
Web Server Creator v0.1 (l) Remote Include Vulnerability, x0r0n
[SECURITY] [DSA 1159-2] New Mozilla Thunderbird packages fix several problems, Martin Schulze
SimpleBoard Mambo Component 1.1.0 Remote File Include, stormhacker
ConSec Symposium - Sept 20-22 in Austin, TX, Michael Allgeier
Re: Re: Sql Injection and Path Disclosoure Wordpress v2.0.5, Paul Robertson
Re: RSA SecurID SID800 Token vulnerable by design, Bojan Zdrnja
- Re[2]: RSA SecurID SID800 Token vulnerable by design, 3APA3A
- RE: [Full-disclosure] Re: RSA SecurID SID800 Token vulnerable by design, Lyal Collins
  - Re: [Full-disclosure] Re: RSA SecurID SID800 Token vulnerable by design, Brian Eaton
- <Possible follow-ups>
- Re: RSA SecurID SID800 Token vulnerable by design, Bojan Zdrnja
- Re[3]: RSA SecurID SID800 Token vulnerable by design, 3APA3A
  - Re: Re[3]: RSA SecurID SID800 Token vulnerable by design, Brian Eaton
    - Re[5]: RSA SecurID SID800 Token vulnerable by design, 3APA3A
- Re: RSA SecurID SID800 Token vulnerable by design, vin
Re: PHP 5.1.6 / 4.4.4 Critical php_admin* bypass by ini_restore(), İsmail Dönmez
- Re: PHP 5.1.6 / 4.4.4 Critical php_admin* bypass by ini_restore(), Ryan Buena

Mail converted by MHonArc

This archive provided courtesy of JSW4.NET, Internet Hosting Services for Small Business.
The main JSW4.NET technical listserv archive and search page.
The main archive page for this list.