BugTraq@security-focus.com List Archive
- phpBB XS <= 0.58 (phpbb_root_path) Remote File Include Vulnerability(2),
x0r0n
- Yblog => Cross Site Scripting,
h4ck3riran
- [SECURITY] [DSA 1186-1] New cscope packages fix arbitrary code execution,
Moritz Muehlenhoff
- [SECURITY] [DSA 1187-1] New migrationtools packages fix denial of service,
Moritz Muehlenhoff
- setSlice exploited in the wild - massively,
Gadi Evron
- OlateDownload 3.4.0 Multiple Vulnerabilities,
no-reply
- Mercury SiteScope 8.2 (8.1.2.0) Cross Site Scripting (XSS) Vulnerability,
ozkan . aziz
- rPSA-2006-0176-1 openldap openldap-clients openldap-servers,
rPath Update Announcements
- Matasano Advisory: MacOS X Mach Exception Server Privilege Escalation,
Matasano Advisories
- rPSA-2006-0175-2 openssl openssl-scripts,
rPath Update Announcements
- Determina zero-day fix for CVE-2006-3730 (WebViewFolderIcon setSlice Integer Overflow),
Alexander Sotirov
- [ MDKSA-2006:176 ] - Updated xine-lib packages fix buffer overflow vulnerabilities,
security
- [ MDKSA-2006:175 ] - Updated mplayer packages fix buffer overflow vulnerabilities,
security
- [ MDKSA-2006:174 ] - Update gstreamer-ffmpeg packages fix buffer overflow vulnerabilities,
security
- [ MDKSA-2006:173 ] - Updated ffmpeg packages fix buffer overflow vulnerabilities,
security
- Sql injection in PostNuke [Admin section],
Omid
- Advisory 06/2006: PHProjekt (Remote) Include Vulnerabilities,
Stefan Esser
- UBB.threads Multiple input validation error,
security
- [MajorSecurity Advisory #28]ConPresso CMS - Multiple Cross Site Scripting and SQL Injection Issues,
admin
- FreeBSD Security Advisory FreeBSD-SA-06:23.openssl [REVISED],
FreeBSD Security Advisories
- Secunia Research: Joomla BSQ Sitestats Component Multiple Vulnerabilities,
Secunia Research
- TSLSA-2006-0054 - multi,
Trustix Security Advisor
- Re: ssLinks <=v1.22 Multiple SQL Injection Vulnerabilities,
rip
- rPSA-2006-0175-1 openssl openssl-scripts,
rPath Update Announcements
- [ MDKSA-2006:172 ] - Updated openssl packages fix vulnerabilities,
security
- MkPortal UrloBox Increment Zize Desfiguration,
vannovax
- [ MDKSA-2006:171 ] - Updated openldap packages fixes ACL vulnerability,
security
- [ GLSA 200609-19 ] Mozilla Firefox: Multiple vulnerabilities,
Matthias Geerdsen
- Re: xxs in MKPortal M1.1,
security
- [ MDKSA-2006:157-1 ] - Updated musicbrainz packages fix buffer overflow vulnerabilities,
security
- [ GLSA 200609-20 ] DokuWiki: Shell command injection and Denial of Service,
Matthias Geerdsen
- An analysis of Microsoft Windows Vista’s ASLR,
Renaud Lifchitz
- SolpotCrew Advisory #14 - phpBB XS 2 spain version (phpbb_root_path) Remote File Inclusion,
chris_hasibuan
- [SECURITY] [DSA 1185-1] New openssl packages fix denial of service,
Moritz Muehlenhoff
- RE: Canon ImageRunner reveals SMB, IPX, and FTP username/passwords,
Jill George
- Multiple XSS Vulnerabilities in Zen Cart 1.3.5,
security
- [USN-353-1] openssl vulnerabilities,
Martin Pitt
- [ MDKSA-2006:170-1 ] - Updated webmin packages fix XSS vulnerability,
security
- ERRATA: [ GLSA 200609-17 ] OpenSSH: Denial of Service,
Sune Kloppenborg Jeppesen
- [OpenPKG-SA-2006.021] OpenPKG Security Advisory (openssl),
OpenPKG
- FreeBSD Security Advisory FreeBSD-SA-06:23.openssl,
FreeBSD Security Advisories
- Newswriter SW v1.4.2 Remote File Include Exploit,
x0r0n
- SAP Internet Transaction Server XSS vulnerability,
info
- Multitple XSS Vulnerabilities in Red Mombin 0.7,
security
- [ GLSA 200609-18 ] Opera: RSA signature forgery,
Matthias Geerdsen
- Comdev Events Calendar 3.1 :) <= Remote File Inclusion,
stormhacker
- PHPSelect Web Development Division <= Remote File Inclusion,
stormhacker
- Comdev Newsletter 3.1 :) <= Remote File Inclusion,
stormhacker
- Comdev FAQ Support 3.1 :) <= Remote File Inclusion,
stormhacker
- Comdev Guestbook 3.1 :) <= Remote File Inclusion,
stormhacker
- Comdev CSV Importer 3.1 :) <= Remote File Inclusion,
stormhacker
- Comdev eCommerce 3.1 :) <= Remote File Inclusion,
stormhacker
- MkPortal Cross Site Scripting (All versions) xSS,
vannovax
- Comdev Web Blogger 3.1 :) <= Remote File Inclusion,
stormhacker
- Comdev News Publisher 3.1 :) <= Remote File Inclusion,
stormhacker
- Comdev Contact Form 3.1 :) <= Remote File Inclusion,
stormhacker
- Comdev Customer Helpdesk 3.1 :) <= Remote File Inclusion,
stormhacker
- Comdev Photo Gallery 3.1 :) <= Remote File Inclusion,
stormhacker
- Comdev Vote Caster 3.1 :) <= Remote File Inclusion,
stormhacker
- Comdev Links Directory 3.1 :) <= Remote File Inclusion,
stormhacker
- [ GLSA 200609-17 ] OpenSSH: Denial of Service,
Sune Kloppenborg Jeppesen
- bug com_madeira,
ifx
- Exploit module available for WebViewFolderIcon setSlice 0-day,
Chris Byrd
- Digital Armaments September-October Hacking Challenge: Explorer and Mozilla,
info
- VirtueMart Joomla eCommerce Edition CMS Multiple XSS Vulnerabilities,
Base64
- Blog Pixel Motion V2.1.1 PHP Code Execution / Create Admin Exploit,
gmdarkfig
- rPSA-2006-0174-1 gnome-ssh-askpass openssh openssh-client openssh-server,
rPath Update Announcements
- net2ftp: a web based FTP client :) <= Remote File Inclusion,
stormhacker
- Re: XSS in AckerTodo v4.0,
hensleyrob
- JAF CMS 4.0 RC1 multiple vulnerabilities,
nanoymaster
- Free Rainbow Tables.com,
Jerome Athias
- ZDI-06-029: Ipswitch WS_FTP Server Checksum Command Parsing Buffer Overflow Vulnerabilities,
zdi-disclosures
- Windows VML security update MS06-055 released,
Juha-Matti Laurio
- Re: Re: Apple Remote Desktop root vulneravility,
securityfocus
- rPSA-2006-0173-1 openoffice.org,
rPath Update Announcements
- WD25:- Deparcq Pieter project File Include Vulnerability,
stormhacker
- VML Exploit vs. AV/IPS/IDS signatures,
avivra
SUSE Security Announcement: gzip (SUSE-SA:2006:056),
Thomas Biege
[Whitepaper] - Access over Ethernet: Insecurities in AoE,
Morgan Marquis-Boire
PHP Invoice 2.2 (Billing and client Management) home.php Xss vuln.,
meto5757
[SECURITY] [DSA 1184-2] New Linux 2.6.8 packages fix several vulnerabilities,
Martin Schulze
SolpotCrew Advisory #13 - phpMyChat 0.1 (ChatPath) Remote File Inclusion,
chris_hasibuan
[ GLSA 200609-16 ] Tikiwiki: Arbitrary command execution,
Sune Kloppenborg Jeppesen
Vbulletin 2.X sql injection,
security
CubeCart Multiple input Validation vulnerabilities,
security
webnews <= v1.4 (WN_BASEDIR) Remote File Inclusion Exploit,
the-wolf-ksa
Back-end => 0.4.5 Remote File Include Vulnerabilities,
h4ck3riran
php_news => 2.0 Remote File Include Vulnerabilities,
h4ck3riran
QB ( QuickBlogger ) =>1.4 Remote File Include Vulnerabilities,
h4ck3riran
DanPHPSupport => 0.5 Cross Site Scripting Vulnerabilities,
h4ck3riran
WebspotBlogging => 3.0 Remote File Include Vulnerabilities,
h4ck3riran
Ruxcon 2006,
cfp
[ GLSA 200609-14 ] ImageMagick: Multiple Vulnerabilities,
Sune Kloppenborg Jeppesen
[ GLSA 200609-15 ] GnuTLS: RSA Signature Forgery,
Sune Kloppenborg Jeppesen
Uninformed Journal Release Announcement: Volume 5,
H D Moore
iDefense Security Advisory 09.23.06: FreeBSD i386_set_ldt Integer Signedness Vulnerability,
iDefense Labs
iDefense Security Advisory 09.23.06: FreeBSD i386_set_ldt Integer Overflow Vulnerability,
iDefense Labs
[security bulletin] HPSBUX02155 SSRT061235 rev.1 HP-UX CIFS Server (Samba) Local Unauthorized Access, Elevated Privileges,
security-alert
[security bulletin] HPSBUX02152 SSRT5973 rev.1 - HP-UX Kerberos Client Remote Unauthenticated Execution of Arbitrary Code,
security-alert
Local File Inclusion : Kietu,
cdg393
Re: Woltlab Burning Board 2.3.X SQL Injection Vulnerability,
Bastian Ahrens
RE: [Full-disclosure] Yet another 0day for IE,
Bill Stout
Re: More Vulnerable ATM Models,
Jacob Appelbaum
Re: [Full-disclosure] Self-contained XSS Attacks (the new generation of XSS),
Tim
tech support being flooded due to IE 0day,
Gadi Evron
PNews v1.1.0 (nbs) Remote File Inclusion,
CvIr . System
[ MDKSA-2006:169 ] - Updated Thunderbird packages fix multiple vulnerabilities,
security
wwwthreads <= 5.4.2 croos site script vulnerbilities,
h4ck3riran
[ MDKSA-2006:170 ] - Updated webmin packages fix XSS vulnerability,
security
PhotoStore Multiple Cross-Site Scripting Vulnerabilities,
meto5757
MyPhotos<= Remote File Include Vulnerability,
h4ck3riran
Opial Audio/Video Download Management - Version 1.0 index.php Xss vulns.,
meto5757
[SECURITY] [DSA 1184-1] New Linux 2.6.8 packages fix several vulnerabilities,
Martin Schulze
[ GLSA 200609-13 ] gzip: Multiple vulnerabilities,
Sune Kloppenborg Jeppesen
[USN-352-1] Thunderbird vulnerabilities,
Martin Pitt
RSA Keyon Log verification bypass vulnerability,
Andrei Mikhailovsky
Typo3 v4.x: XSS in extension "Indexed Search" v2.9.0,
Moritz Naumann
[SECURITY] [DSA 1183-1] New Linux 2.4.27 packages fix several vulnerabilities,
Martin Schulze
phpstak <= Remote File Include Vulnerability,
h4ck3riran
Windows VML Vulnerability FAQ (CVE-2006-4868) written,
Juha-Matti Laurio
ZERT patch [was: 0day for IE (Disabling Javascript no longer a fix)],
Gadi Evron
Jamroom Media Content Management System Login.php Xss Vuln.,
meto5757
Re: "Buffer overflow" term considered overloaded,
Dave \"No, not that one\" Korn
[RISE-2006002] FreeBSD 5.x kernel i386_set_ldt() integer overflow vulnerability,
advisories
Mail converted by MHonArc
This archive provided courtesy of JSW4.NET, Internet Hosting Services for Small Business.
The main JSW4.NET technical listserv archive and search page.
The main archive page for this list.