BugTraq@security-focus.com List Archive

• Thread Index

• The latest version of iSearch is V2.16 <= (index.php) Remote File Inclusion Exploit, xp1o,
• Re: [funsec] Technical Paper on the ZERT Patch and VML [was: Re: ZERT patch for setSlice()], Gadi Evron,
• [ECHO_ADV_49$2006]OpenDock Easy Doc <=1.4 (doc_directory) Multiple Remote File Inclusion Vulnerability, erdc,
• [ECHO_ADV_50$2006]OpenDock Easy Blog <=1.4 (doc_directory) Multiple Remote File Inclusion Vulnerability, erdc,
• [ECHO_ADV_51$2006] docmint <= 2.0 (MY_ENV[BASE_ENGINE_LOC]) Remote File Inclusion Vulnerability, erdc,
• Advisory 09/2006: PHP unserialize() Array Creation Integer Overflow, Stefan Esser,
• [ECHO_ADV_48$2006] WebYep <= 1.1.9 (webyep_sIncludePath) Multiple Remote File Inclusion Vulnerability, erdc,
• PHPMyNews 1.4 <= (cfg_include_dir) Remote File Include Vulnerability, xorontr,
• XSS IN paFileDB 3.1, zarloule04,
• PHP open_basedir with symlink() function Race Condition PoC exploit, paisterist . nst,
• Freenews v1.1 <= (chemin) Remote File Include Vulnerability, xorontr,
• SQL injection - 4images, disfigure,
• Re: [Full-disclosure] SQL injection - moodle, suppressed com br,
• SQL injection - moodle, disfigure,
• HITBSecConf2006 CTF Source code and daemons, Praburaajan,
• Advanced Poll v2.02 :) <= Remote File Inclusion, alguidy,
• SUSE Security Announcement: php4,php5 (SUSE-SA:2006:059), Ludwig Nussel,
• Cisco Security Advisory: Limitations in Cisco Secure Desktop, Cisco Systems Product Security Incident Response Team,
• [ECHO_ADV_52$2006]OpenDock Easy Gallery <=1.4 (doc_directory) Multiple Remote File Inclusion Vulnerability, erdc,
• yet another OpenSSH timing leak?, Marco Ivaldi,
• [SECURITY] [DSA 1194-1] New libwmf packages fix arbitrary code execution, Moritz Muehlenhoff,
• Re: net2ftp: a web based FTP client :) <= Remote File Inclusion, Steven M. Christey,
• [USN-361-1] Mozilla vulnerabilities, Martin Pitt,
• [USN-360-1] awstats vulnerabilities, Martin Pitt,
• 7 php scripts File Inclusion / Source disclosure Vuln, gmdarkfig,
• [ECHO_ADV_54$2006]vtiger CRM <=4.2 (calpath) Multiple Remote File Inclusion Vulnerability, erdc,
• MS Windows DRM software Memory Corruption, Joxean Koret,
• phpWebSite 0.10.2 Remote File Include Vulnerabilities, crackers_child,
• MHL-2006-001 Public Advisory: "Eazy Cart" Multiple Security Issues, Mayhemic Labs Security,
• Re: The latest version of iSearch is V2.16 <= (index.php) Remote File Inclusion Exploit, str0ke,
• eXpBlog <= 0.3.5 Cross Site Scripting Vulnerabilities, Tamriel,
• Re: yet another OpenSSH timing leak?, Gianluca Varisco,
• [security bulletin] HPSBUX02087 SSRT4728 rev.4 - HP-UX running TCP/IP Remote Denial of Service (DoS), security-alert,
• ZDI-06-033: Microsoft Office Excel File Format DATETIME Record Parsing Vulnerability, zdi-disclosures,
• ZDI-06-032: Microsoft Office PowerPoint Malformed Slide Notes Rebuilding Vulnerability, zdi-disclosures,
• ZDI-06-034: Microsoft Office Word Malformed Chart Code Execution Vulnerability, zdi-disclosures,
• [USN-362-1] PHP vulnerabilities, Martin Pitt,
• [Fedora] libtool-ltdl uses relative paths to resolve and load libraries, Enrico Scholz,
• Re: yet another OpenSSH timing leak?, Marco Ivaldi,
• [SECURITY] [DSA 1195-1] new openssl096 packages fix denial of service, Noah Meyerhans,
• PHPLibrary <= 1.5.3 Remote File Inclusion, k1tk4t,
• tagit2b -- Remote File Inclusion, k1tk4t,
• claroline <= 180rc1 Remote File Inclusion, k1tk4t,
• blueshoes <= 4.6_public Remote File Inclusion, k1tk4t,
• pacsec hype security team: 7 words of warning about Macromedia Flash Player 9+, Dragos Ruiu,
• iDefense Security Advisory 10.10.06: FreeBSD ptrace PT_LWPINFO Denial of Service Vulnerability, iDefense Labs,
• [ MDKSA-2006:181 ] - Updated python packages fix vulnerability, security,
• Re: The latest version of iSearch is V2.16 <= (index.php) Remote File Inclusion Exploit, Steven M. Christey,
• rPSA-2006-0187-1 idle python, rPath Update Announcements,
• Directory Traversal Vulnerability in Goop Gallery 2.0.2, security,
• ShmooCon 2006 CFP Announcement, B Potter,
• Microsoft Office Malformed Record Memory Corruption Vulnerability, Sowhat,
• MysqlDumper Version 1.21 b6 Xss Vulnerability, crackers_child,
• [USN-363-1] libmusicbrainz vulnerability, Kees Cook,
• Jinzora <= 2.1 Remote File Inclusion, k1tk4t,
• gcards (languagefile) <= Remote File Include, D-virus,
• Noah's Classifieds Cross Site Scripting Vulnerability, raphael . huck,
• New tool release today - "wyd" - password profiling, Max Moser,
• Re: gcards (languagefile) <= Remote File Include, str0ke,
• Re: phpWebSite 0.10.2 Remote File Include Vulnerabilities, kevin,
• Secunia Research: Microsoft Windows Object Packager Dialog Spoofing, Secunia Research,
• CommunityPortals <= 1.0 Remote File Include Vulnerability, nima . salehi,
• AlberT-EasySite <= 1.0.a5 Remote File Inclusion, k1tk4t,
• [ MDKSA-2006:182 ] - Updated kernel packages fix multiple vulnerabilities and bugs, security,
• zenphoto Multiple Path Disclosure and Cross Site Scripting Vulnerabilities, raphael . huck,
• iDefense Security Advisory 10.11.06: AOL YGPPDownload SetAlbumName ActiveX Control Buffer Overflow Vulnerability, iDefense Labs,
• new version of phplist fix XSS vulnerability, info,
• iDefense Security Advisory 10.11.06: Sun Microsystems Solaris NSPR Library Arbitrary File Creation Vulnerability, iDefense Labs,
• MS06-060 Microsoft Word Memmove Code Execution, Avert,
• SecureWorks Research Client Advisory: Multiple Vendor Bluetooth Memory Stack Corruption Vulnerability, Research,
• MHL-2006-002 Public Advisory: "Call-Center-Software" Multiple Security Issues, Mayhemic Labs Security,
• XeoPort <= 0.81 SQL Injection Vulnerability, Tamriel,
• Xeobook <= 0.93 Multiple SQL Injection Vulnerabilities, Tamriel,
• [security bulletin] HPSBMA02158 SSRT061251 rev.1 - HP Version Control Agent, Remote Unauthorized Access and Possible Elevation of Privilege, security-alert,
• ExtCalThai_Component <= 0.9.1 Remote File Inclusion, k1tk4t,
• Cisco Security Advisory: Default Password in Wireless Location Appliance, Cisco Systems Product Security Incident Response Team,
• Journals System <= 1.0.2 [RC2] Remote File Include Vulnerability, nima . salehi,
• Admin User Viewed Posts Tracker Remote File Include Vulnerability, nima . salehi,
• Iono all version fullpath disclosure, hack2prison,
• Security Suite IP Logger Remote File Inclusion, ReeM_HaCk,
• Download-Engine Remote File Include, v1per-hacker,
• Black Hat CFP, Registration, and Announcements for October, Jeff Moss,
• Phpbb insert mod Remote file include, By_KorsaN_Son,
• Google Earth (kml & kmz files) buffer overflow, Alexander Hristov,
• Open Conference Systems <= 1.1.3 Remote File Inclusion, k1tk4t,
• Mcafee Network Agent (mcnasvc.exe) Remote DoS, Alexander Hristov,
• CMS contenido Remote File Inclusion, CvIr . System,
• [security bulletin] HPSBST02160 SSRT061254 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS06-055, security-alert,
• [security bulletin] HPSBST02134 SSRT061187 rev.2 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS06-052, MS06-053 and MS06-054, security-alert,
• RamaCMS (adodb.inc.php) Remote File Inclue Vulnerability, Le . CoPrA,
• CMS contenido Path Disclosure, CvIr . System,
• PacSec Hype Security Team: CGI.pm param injection, Dragos Ruiu,
• Morcego CMS <= 0.9.6 Remote File Inclue Vulnerability, Le . CoPrA,
• SpamBlockerMODv <= 1.0.2 Remote File Include Vulnerability, nima . salehi,
• ISOI II - a DA Workshop (announcement and CFP), Gadi Evron,
• Download-Engine Remote File &#304;nclude, By_KorsaN_Son,
• phpBB PlusXL 2.x <= biuld 272 Remote File Include Vulnerability, nima . salehi,
• PHP Cards <= 1.3 Remote File Inclue Vulnerability, Le . CoPrA,
• Utimaco Safeguard Easy vulnerability, boomboom999,
• Bloq 0.5.4 Remote File &#304;nclude, By_KorsaN_Son,
• phpBB Security <= 1.0.1 Remote File Include Vulnerability, nima . salehi,
• PHPht Topsites Remote File &#304;nclude, By_KorsaN_Son,
• news7 <= (news.php) Remote File Inclusion Exploit, xp1o,
• Jax Newspage Remote File include, dj_remix_20,
• [SECURITY] [DSA 1166-2] New cheesetraceker packages fix buffer overflow, Steve Kemp,
• TorrentFlux startpop.php torrent Script Insertion, 566d9bfe,
• pbpbb archive for search engines Remote File Include Vulnerability, nima . salehi,
• Jax LinkLists Remote File include, dj_remix_20,
• MNews <= 2.0 (noticias.php) Remote File Inclue Vulnerability, Le . CoPrA,
• phpMyConferences <= 8.0.2 Remote File Inclusion, k1tk4t,
• phpBB Add Name Remote File Include Vulnerability, nima . salehi,
• SpamOborona PHPBB Plugin Remote File Include Vulnerability, nima . salehi,
• maluinfo version 206.2.38l Remote File Include Vulnerability, nima . salehi,
• news defilante horizontale <= 4.1.1 Remote File Include Vulnerability, nima . salehi,
• AMAZONIA MOD Remote File Include Vulnerability, nima . salehi,
• phpBB lat2cyr <= 1.0.1 Remote File Include Vulnerability, nima . salehi,
• RPG Events 1.0.0 Remote File Include Vulnerability, nima . salehi,
• PhpBB Prillian French Remote File Include Vulnerability, nima . salehi,
• PHP Top webs (config.php) Remote File Inclue Vulnerability, Le . CoPrA,
• Buzlas <= v2006-1 Full Remote File Include Vulnerability, nima . salehi,
• iDefense Security Advisory 10.13.06: Apache HTTP Server mod_tcl set_var Format String Vulnerability, iDefense Labs,
• @lex Guestbook <=(ModeliXe.php) Remote File Inclusion Exploit, xp1o,
• EXlor 1.0 (/fonctions/template.php) Remote File Include Vulnerability, mahmood ali,
• Multiple XSS Vulnerability in Gcontact, security,
• Re: iDefense Security Advisory 10.11.06: Sun Microsystems Solaris NSPR Library Arbitrary File Creation Vulnerability, Marco Ivaldi,
• Re: DanPHPSupport => 0.5 Cross Site Scripting Vulnerabilities, dansoftaus,
• Re: Secunia Research: Microsoft Windows Object Packager Dialog Spoofing, edubp2002,
• Re: Jax LinkLists Remote File include, xorontr,
• WDT:- osTicket File Include all V, stormhacker,
• Re: Multiple XSS Vulnerabilities in Zen Cart 1.3.5, security,
• Jinzora 2.6 - Remote File Include Vulnerabilities, erne,
• Spoofing security dialog in object packager - 2, seejay . 11,
• Re: yet another OpenSSH timing leak?, Marco Ivaldi,

This archive provided courtesy of JSW4.NET, Internet Hosting Services for Small Business.
The main JSW4.NET technical listserv archive and search page.
The main archive page for this list.