BugTraq@security-focus.com List Archive

Date Index

IF-CMS multiples XSS vunerabilities, saps . audit
[USN-377-1] NVIDIA vulnerability, Kees Cook
[MajorSecurity Advisory #30]admin.tool 3 CMS - Multiple Cross Site Scripting Issues, admin
[USN-378-1] RPM vulnerability, Kees Cook
[OpenPKG-SA-2006.029] OpenPKG Security Advisory (bind), OpenPKG
Web Directory Pro bypass Vulnerabilities, hack2prison
[OpenPKG-SA-2006.028] OpenPKG Security Advisory (php), OpenPKG
MajorSecurity Advisory #31]Xenis.creator CMS - Multiple Cross Site Scripting and SQL Injection Issues, admin
- <Possible follow-ups>
- Re: MajorSecurity Advisory #31]Xenis.creator CMS - Multiple Cross Site Scripting and SQL Injection Issues, saps . audit
[OpenPKG-SA-2006.030] OpenPKG Security Advisory (ruby), OpenPKG
[USN-376-1] imlib2 vulnerabilities, Kees Cook
ZDI-06-036: Novell Netmail User Authentication Buffer Overflow Vulnerability, zdi-disclosures
XSS in script Mobile, m-0-t
[ MDKSA-2006:197 ] - Updated kernel packages fix multiple vulnerabilities and bugs, security
SIMPLOG 0.9.3 injection sql & multiple xss, saps . audit
[SECURITY] [DSA-1205-1] New thttpd packages fix insecure temporary file creation, Steve Kemp
[ GLSA 200611-01 ] Screen: UTF-8 character handling vulnerability, Matthias Geerdsen
Re: Multiple vulnerabilities in SAP Web Application Server 6.40 and7.00, harrisonholland
Re: Digital Armaments Security Advisory 10.07.2006: Flexwath Authorization Bypassing and XSS Vulnerability, sales
[ MDKSA-2006:195 ] - Updated wireshark packages fix multiple vulnerabilities, security
[ MDKSA-2006:196 ] - Updated php packages to address buffer overflow issue, security
EUSecWest/London CFP extended to Nov. 7, Dragos Ruiu
Advisory 13/2006: PHP HTML Entity Encoder Heap Overflow Vulnerability, Stefan Esser
Educational write-up by Amit Klein: "A Refreshing Look at Redirection", Amit Klein
[USN-375-1] PHP vulnerability, Martin Pitt
[security bulletin] HPSBMA02159 SSRT061238 rev.1 - HP System Management Homepage (SMH), Remote Bypassing of Security Features or Cross Site Scripting or Denial of Service (DoS), security-alert
[SECURITY] [DSA 1203-1] New libpam-ldap packages fix access control bypass, Moritz Muehlenhoff
iodine client 0.3.2 buffer overflow, poplix
Firefox 1.5.0.7 Exploit, koenig
- Re: Firefox 1.5.0.7 Exploit, Robert McGrew
- Re: Firefox 1.5.0.7 Exploit, Bram Dumolin
- Re: Firefox 1.5.0.7 Exploit, Martin Pitt
Advisory 12/2006: phpMyAdmin - error.php XSS Vulnerability, Stefan Esser
how to trick most of cms avatar upload filter [exemple for : RunCms (PoC)], securfrog
- Re: how to trick most of cms avatar upload filter [exemple for : RunCms (PoC)], Taneli Leppä
  - Re: how to trick most of cms avatar upload filter [exemple for : RunCms (PoC)], Taneli Leppä
    - RE: how to trick most of cms avatar upload filter [exemple for : RunCms (PoC)], Richard Stanway
- Re: how to trick most of cms avatar upload filter [exemple for : RunCms (PoC)], Paul Laudanski
Multiple vulnerabilities in SAP Web Application Server 6.40 and 7.00, Nicob
Internet Explorer 7 - Still Spyware Writers' Heaven, avivra
- RE: Internet Explorer 7 - Still Spyware Writers' Heaven, Roger A. Grimes
  - Re: Internet Explorer 7 - Still Spyware Writers' Heaven, Eliah Kagan
    - Re: Internet Explorer 7 - Still Spyware Writers' Heaven, Thierry Zoller
[security bulletin] HPSBUX02091 SSRT061099 rev.2 - HP-UX Local Increased Privilege, security-alert
[USN-374-1] wvWare vulnerability, Kees Cook
[security bulletin] HPSBUX02165 SSRT061266 rev.1 - HP-UX VirtualVault Remote Unauthorized Access, security-alert
[security bulletin] HPSBUX02164 SSRT061265 rev.1 - HP-UX VirtualVault Running Apache 1.3.X Remote Denial of Service (DoS) and Arbitrary Code Execution, security-alert
Re: PLS-Bannieres 1.21 (bannieres.php) File Include, Stefano Zanero
[security bulletin] HPSBUX02172 SSRT061269 rev.1 - HP-UX VirtualVault running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), and Unauthorized Access, security-alert
rPSA-2006-0202-1 tshark wireshark, rPath Update Announcements
Outpost Insufficient validation of 'SandBox' driver input buffer, Matousec - Transparent security Research
tikiwiki 1.9.5 mysql password disclosure & xss, securfrog
Asterisk Local and Remote Denial of Service vulnerability, sil
[USN-373-1] mutt vulnerabilities, Kees Cook
Cisco Security Advisory: Cisco Security Agent Management Center LDAP Administrator Authentication Bypass, Cisco Systems Product Security Incident Response Team
Re: phpLedAds 2.0(dir) File Include, Stefano Zanero
Cross Site Scripting (XSS) Vulnerability in Netquery by "VIRtech", LegendaryZion
[USN-371-1] Ruby vulnerability, Kees Cook
[USN-370-1] screen vulnerability, Kees Cook
Re: Re: Simple Machines Forum (SMF) XSS issue, oldiesmann
Multiple XSS Vulnerabilities in Zend Google Data Client Library Preview 0.2.0, security
iDefense Security Advisory 10.31.06: Sophos Anti-Virus Petite File Denial of Service Vulnerability, iDefense Labs
iDefense Security Advisory 10.31.06: Novell iManager Tomcat DoS Vulnerability, iDefense Labs
iDefense Security Advisory 10.27.06: Novell eDirectory NMAS BerDecodeLoginDataRequeset DoS Vulnerability, iDefense Labs
Cross Site Scripting (XSS) Vulnerability in Web Mail service by "Walla! Communications LTD", LegendaryZion
Directory listing on B-FOCuS Wireless 802.11b/g ADSL2+ Router by "ECI Telecom LTD", LegendaryZion
Cross Site Scripting (XSS) Vulnerability in iPlanet Messaging Server Messenger Express by "Sun", LegendaryZion
PHP-Nuke <= 7.9 Journal module (search.php) "forwhat" SQL Injection vulnerability, paisterist . nst
[SECURITY] [DSA 1202-1] New screen packages fix arbitrary code execution, Moritz Muehlenhoff
[SECURITY] [DSA 1201-1] New ethereal packages fix denial of service, Moritz Muehlenhoff
Authentication bypass in BytesFall Explorer, RedTeam Pentesting
New Flaw in Firefox 2.0: DoS and possible remote code execution, xxxx
- Re: New Flaw in Firefox 2.0: DoS and possible remote code execution, Gouki
- Re: New Flaw in Firefox 2.0: DoS and possible remote code execution, Josh Bressers
- <Possible follow-ups>
- Re: Re: New Flaw in Firefox 2.0: DoS and possible remote code execution, xxxx
  - Re: New Flaw in Firefox 2.0: DoS and possible remote code execution, Daniel Veditz
  - Re[3]: New Flaw in Firefox 2.0: DoS and possible remote code execution, 3APA3A
    - Message not available
    - Re[2]: New Flaw in Firefox 2.0: DoS and possible remote code execution, 3APA3A
Sun java System Messenger Express XSS, handrix
SQL Injection Vulnerability in bfExplorer 0.0.6, security
[ MDKSA-2006:194 ] - Updated PostgreSQL packages fix vulnerabilities, security
[ MDKSA-2006:193 ] - Updated ImageMagick packages fix vulnerabilities, security
Hawking Technology wireless router WR254-CA DNS issue, Nikolai Grigoriev
ActiveX security leaks in the TV owned web game platform, maxgipeh
phpMyConferences <= 8.0.2 Remote File Inclusion, mfp . c
- <Possible follow-ups>
- Re: phpMyConferences <= 8.0.2 Remote File Inclusion, Steven M. Christey
ModSecurity 2.0, A Core Rule Set and Console now available, Ofer Shezaf
Re: Free Rainbow Tables.com, Jerome Athias
[security bulletin] HPSBTU02168 SSRT061237 rev.1 - HP Tru64 UNIX Running gzip, gunzip, and gzcat, Remote Unauthorized Arbitrary Code Execution or Denial of Service (DoS), security-alert
[security bulletin] HPSBMA02121 SSRT061157 rev.3 - HP OpenView Storage Data Protector Remote Unauthorized Arbitrary Command Execution, security-alert
[security bulletin] HPSBMA02138 SSRT061184 rev.2 - HP OpenView Storage Data Protector, Remote Unauthorized Arbitrary Command Execution, security-alert
Multiple Remote File Include, firewall1954
CORE FORCE R0.95 released!, CORE FORCE Team
[ GLSA 200610-15 ] Asterisk: Multiple vulnerabilities, Raphael Marichez
Metasploit Framework 2.7 Released, H D Moore
opendocman <= 1.2p3 Bypass admin/user Login, k1tk4t
[ECHO_ADV_53$2006] QnECMS <= 2.5.6 (adminfolderpath) Remote File Inclusion Vulnerability, erdc
Punbb <= 1.2.13 Multiple Vulnerabilities, Nms
Nucleus Core v3.23 - Remote File Include, firewall1954
- Re: Nucleus Core v3.23 - Remote File Include, Francesco Laurita
PHPEasyData Pro 2.2.1 (index.php) Remote SQL Injection Vulnerability, ajannhwt
PHPEasyData Pro 1.4.1 (index.php) Remote SQL Injection Vulnerability, ajannhwt
Simple Website Software v0.99 (common.php) Remote File Include, cw . cybersecurity
Re: imageVue16.1 upload vulnerability, mjau
[MajorSecurity Advisory #29]foresite CMS - Cross Site Scripting Issue, admin
easy notes manager sql injection and authentication bypass, poplix
freenews---> fileinclude, MoHaNdKo
- Re: freenews---> fileinclude, Tamriel
  - Re: freenews---> fileinclude, pokley
  - Message not available
    - Re: freenews---> fileinclude, pokley
Re: phpAdsNew-2.0.8 <= (adlayer.php) Remote File Include, simo
Re: vulnerability in Symantec products, jay.tomas
- unreliable vulnerability reports en-masee [was:Re: vulnerability in Symantec products], Gadi Evron
SQL in WebWizForum by almaster hacker, almaster
Back-end => 0.4.5 Remote File Include Vulnerability Exploit, h4ck3riran
bbsNew => 2.0.1 Remote File Include Vulnerability Exploit, h4ck3riran
Exporia => 0.3.0 Remote File Include Vulnerability Exploit, h4ck3riran
CentiPaid <= 1.4.2 [$class_pwd] Remote File Include, firewall1954
- Re: CentiPaid <= 1.4.2 [$class_pwd] Remote File Include, Francesco Laurita
- Re: CentiPaid <= 1.4.2 [$class_pwd] Remote File Include, Tamriel
Re: [Full-disclosure] ZDI-06-035: Novell eDirectory NDS Server Host Header Buffer Overflow Vulnerability, Matt Richard
[OpenPKG-SA-2006.027] OpenPKG Security Advisory (wordpress), OpenPKG
[SECURITY] [DSA 1200-1] New Qt packages fix integer overflow, Noah Meyerhans
[ GLSA 200610-14 ] PHP: Integer overflow, Raphael Marichez

Mail converted by MHonArc

This archive provided courtesy of JSW4.NET, Internet Hosting Services for Small Business.
The main JSW4.NET technical listserv archive and search page.
The main archive page for this list.