BugTraq@security-focus.com List Archive

• Thread Index

• ZERT patch for setSlice(), Gadi Evron,
• Advisory 07/2006: phpMyAdmin Multiple CSRF Vulnerabilities, Stefan Esser,
• zero-day flaws in Firefox: about 30 unpatched Firefox flaws, ragan,
• phpMyWebmin 1.0 <= (target) Remote File Include Vulnerability, x0r0n,
• [OpenPKG-SA-2006.022] OpenPKG Security Advisory (openssh), OpenPKG,
• 0day in Firefox from ToorCon '06, Thor Larholm,
• Layered Defense Advisory: TrendMicro OfficesScan Corporate Edition Format String Vulnerability, dh,
• EasyBannerFree (functions.php) Remote File Include Exploit, las_kid,
• IBM Informix Dynamic Server V10.0 File Clobbering during Install, Larry Cashdollar,
• Kerio Multiple insufficient argument validation of hooked SSDT function Vulnerability, David Matousek,
• Pebble 2.0.0 RC[1,2] XSS vulnerability, Paolo Perego,
• "POC 2006" by Korean hackers, securityproof,
• Dayfox Blog v2.0 Remote file include, dj_remix_20,
• [security bulletin] HPSBUX02157 SSRT061220 rev.1 HP-UX Running Ignite-UX Server, Remote Unauthorized Access and Privilege Elevation, security-alert,
• IE UXSS (Universal XSS in IE, was Re: Microsoft Internet Information Services UTF-7 XSS Vulnerability [MS06-053]), Paul Szabo,
• [USN-355-1] openssh vulnerabilities, Martin Pitt,
• [USN-356-1] gdb vulnerability, Martin Pitt,
• digishop v 4.0.0 Xss Vuln., meto5757,
• Re: [Full-disclosure] IE UXSS (Universal XSS in IE, was Re: Microsoft Internet Information Services UTF-7 XSS Vulnerability [MS06-053]), Brian Eaton,
• [USN-354-1] Firefox vulnerabilities, Martin Pitt,
• Microsoft Internet Information Services UTF-7 XSS Vulnerability [MS06-053], Eiji James Yoshida,
• Security contact for Myspace/Fox?, E Mintz,
• Portable shell-exploit for buffer-overflow bugs, Roman Medina-Heigl Hernandez,
• Re: WebCalendar-1.0.3 reading of any files, webcalendar,
• Re: net2ftp: a web based FTP client :) <= Remote File Inclusion, securfrog,
• FreeBSD Security Advisory FreeBSD-SA-06:22.openssh, FreeBSD Security Advisories,
• [security bulletin] HPSBUX02129 SSRT061149 rev.1 - HP-UX running SLP, Remote Unauthorized Access, security-alert,
• [SECURITY] [DSA 1185-2] New openssl packages fix arbitrary code execution, Noah Meyerhans,
• [ MDKSA-2006:172-1 ] - Updated openssl packages fix vulnerabilities, security,
• [ MDKSA-2006:177 ] - Updated MySQL packages rebuilt against updated openssl., security,
• Re: [Full-disclosure] IE UXSS (Universal XSS in IE, was Re: Microsoft Internet Information Services UTF-7 XSS Vulnerability [MS06-053]), Paul Szabo,
• [ MDKSA-2006:178 ] - Updated ntp packages rebuilt against updated openssl., security,
• Re: WebspotBlogging => 3.0 Remote File Include Vulnerabilities, Steven M. Christey,
• Security flaw in IBM Client Security Password Manager, Luís Miguel Silva,
• Re: [Full-disclosure] IE UXSS (Universal XSS in IE, was Re: Microsoft Internet Information Services UTF-7 XSS Vulnerability [MS06-053]), Paul Szabo,
• PacSec 2006 Papers announcement and EUSecWest Call For Papers, Dragos Ruiu,
• iDefense Security Advisory 10.02.06: Novell GroupWise Messenger nmma.exe DoS Vulnerability, iDefense Labs,
• phpMyProfiler remote file include, mozi2weed,
• [CAID 34661]: CA Unicenter WSDM File System Read Access Vulnerability, Williams, James K,
• Advisory 08/2006: PHP open_basedir Race Condition Vulnerability, Stefan Esser,
• [ MDKSA-2006:179 ] - Updated openssh packages fix DoS vulnerabilities, security,
• [SECURITY] [DSA 1188-1] New mailman packages fix several problems, Martin Schulze,
• Directory Traversal Vulnerability in Goop Gallery 2.0.2, security,
• Yener Haber Script v2.0 SQL injection, dj_remix_20,
• Technical Paper on the ZERT Patch and VML [was: Re: ZERT patch for setSlice()], Gadi Evron,
• Re: [funsec] Technical Paper on the ZERT Patch and VML [was: Re: ZERT patch for setSlice()], Alexander Sotirov,
• [USN-358-1] ffmpeg, xine-lib vulnerabilities, Martin Pitt,
• [USN-353-2] OpenSSL vulnerability, Martin Pitt,
• [USN-357-1] Mono vulnerability, Martin Pitt,
• Invision Power Board Multiple Vulnerabilities, Rapigator,
• [ GLSA 200610-01 ] Mozilla Thunderbird: Multiple vulnerabilities, Matthias Geerdsen,
• [SECURITY] [DSA 1189-1] New openssh-krb5 packages fix denial of service and potential execution of arbitrary code, Moritz Muehlenhoff,
• [SECURITY] [DSA 1190-1] New maxdb-7.5.00 packages fix execution of arbitrary code, Moritz Muehlenhoff,
• [ GLSA 200610-02 ] Adobe Flash Player: Arbitrary code execution, Matthias Geerdsen,
• Vulnerability Type Distributions in CVE, Steven M. Christey,
• WikyBlog <= v1.4 (WN_BASEDIR) Remote File Inclusion Exploit, xp1o,
• Re: Concurrency-related vulnerabilities in browsers - expect problems, Mike,
• [SECURITY] [DSA 1191-1] New Mozilla Thunderbird packages fix several vulnerabilities, Martin Schulze,
• iDefense Security Advisory 10.05.06: Symantec AntiVirus IOCTL Kernel Privilege Escalation Vulnerability, iDefense Labs,
• [ MDKSA-2006:180 ] - Updated php packages fix integer overflow vulnerability, security,
• Vulnerable function in newest PowerPoint case (MS Advisory #925984), Juha-Matti Laurio,
• Hazir Site v2.0 Admin SQL Injection, dj_remix_20,
• SUSE Security Summary Report SUSE-SR:2006:024, Thomas Biege,
• [SECURITY] [DSA 1192-1] New Mozilla packages fix several vulnerabilities, Martin Schulze,
• TSLSA-2006-0055 - multi, Trustix Security Advisor,
• TorrentFlux User-Agent XSS Vulnerability, sec,
• Re: Concurrency-related vulnerabilities in browsers - expect problems, Nick Boyce,
• [USN-359-1] Python vulnerability, Martin Pitt,
• Re: Concurrency-related vulnerabilities in browsers - expect problems, Josh Bressers,
• phpMyTeam v2.0 <= (smileys_dir) Remote File Include Vulnerability, x0r0n,
• ackerTodo 4.2 SQL Injection Vulnerability, Francesco Laurita,
• ZDI-06-030: CA Multiple Product Discovery Service Remote Buffer Overflow Vulnerability, zdi-disclosures,
• ZDI-06-031: CA Multiple Product Message Engine RPC Server Code Execution Vulnerability, zdi-disclosures,
• [Reversemode Advisory] Symantec Antivirus Engine Privilege Escalation, Reversemode,
• [CAID 34693, 34694]: CA BrightStor ARCserve Backup Multiple Buffer Overflow Vulnerabilities, Williams, James K,
• TSRT-06-12: CA BrightStor Discovery Service Mailslot Buffer Overflow Vulnerability, TSRT,
• rPSA-2006-0183-1 nss_ldap, rPath Update Announcements,
• rPSA-2006-0185-1 gnome-ssh-askpass openssh openssh-client openssh-server, rPath Update Announcements,
• TSRT-06-11: CA Multiple Product DBASVR RPC Server Multiple Buffer Overflow Vulnerabilities, TSRT,
• rPSA-2006-0182-1 php php-mysql php-pgsql, rPath Update Announcements,
• FreeWPS File Upload Command Execution, security,
• Details of Lotus Notes Java Applet vulnerabilities, Jouko Pynnonen,
• Re: WikyBlog <= v1.4 (WN_BASEDIR) Remote File Inclusion Exploit, Steven M. Christey,
• Emek Portal v2.1 SQL Injection, dj_remix_20,
• phponline <= (LangFile) Remote File Inclusion Exploit, xp1o,
• [ GLSA 200610-03 ] ncompress: Buffer Underflow, Raphael Marichez,
• Re: net2ftp Remote File Inclusion - bogus report, david,
• LS-20060330 - CA BrightStor ARCserve Backup Remote Buffer Overflow Vulnerability, advisories,
• Vulnerability in Btitracker, aeroxteam,
• LS-20060220 - CA BrightStor ARCserve Backup Remote Buffer Overflow Vulnerability, advisories,
• FreeForum 0.9.7 (fpath) Remote File Include Vulnerability, x0r0n,
• phpBB User Viewed Posts Tracker Version <= 1.0 [phpbb_root_path] File Include Vulnerability, x0r0n,
• LS-20060313 - CA BrightStor ARCserve Backup Remote Buffer Overflow Vulnerability, advisories,
• Cahier de textes 2.0 Remote SQL injection Exploit, sami,
• Sorry....My Message With Out Live Site...., Dr . Ninux,
• Re: Invision Power Board Multiple Vulnerabilities, Rapigator,
• Observations on Mandatory Integrity Control (MIC) in Windows Vista, Enno Rey,
• Re: Security contact for Myspace/Fox?, Juha-Matti Laurio,
• RE: Informing Companies about security vulnerabilities..., bugtraq,
• PHP Live! <= 3.1 help.php Remote File Inclusion vulnerability, paisterist . nst,
• RE: Informing Companies about security vulnerabilities..., Arian J. Evans,
• Re: zero-day flaws in Firefox: about 30 unpatched Firefox flaws, Mailinglists Address,
• RE: Informing Companies about security vulnerabilities..., Wolf Halton,
• JavaScript Spider (code that can traverse the web), pdp (architect),

This archive provided courtesy of JSW4.NET, Internet Hosting Services for Small Business.
The main JSW4.NET technical listserv archive and search page.
The main archive page for this list.