BugTraq@security-focus.com List Archive

• Thread Index

• [ GLSA 200610-14 ] PHP: Integer overflow, Raphael Marichez,
• [SECURITY] [DSA 1200-1] New Qt packages fix integer overflow, Noah Meyerhans,
• [OpenPKG-SA-2006.027] OpenPKG Security Advisory (wordpress), OpenPKG,
• Re: [Full-disclosure] ZDI-06-035: Novell eDirectory NDS Server Host Header Buffer Overflow Vulnerability, Matt Richard,
• CentiPaid <= 1.4.2 [$class_pwd] Remote File Include, firewall1954,
• Exporia => 0.3.0 Remote File Include Vulnerability Exploit, h4ck3riran,
• bbsNew => 2.0.1 Remote File Include Vulnerability Exploit, h4ck3riran,
• Back-end => 0.4.5 Remote File Include Vulnerability Exploit, h4ck3riran,
• SQL in WebWizForum by almaster hacker, almaster,
• Re: vulnerability in Symantec products, jay.tomas,
• Re: phpAdsNew-2.0.8 <= (adlayer.php) Remote File Include, simo,
• freenews---> fileinclude, MoHaNdKo ,
• easy notes manager sql injection and authentication bypass, poplix,
• [MajorSecurity Advisory #29]foresite CMS - Cross Site Scripting Issue, admin,
• Re: imageVue16.1 upload vulnerability, mjau,
• Simple Website Software v0.99 (common.php) Remote File Include, cw . cybersecurity,
• PHPEasyData Pro 1.4.1 (index.php) Remote SQL Injection Vulnerability, ajannhwt,
• PHPEasyData Pro 2.2.1 (index.php) Remote SQL Injection Vulnerability, ajannhwt,
• Nucleus Core v3.23 - Remote File Include, firewall1954,
• Punbb <= 1.2.13 Multiple Vulnerabilities, Nms,
• [ECHO_ADV_53$2006] QnECMS <= 2.5.6 (adminfolderpath) Remote File Inclusion Vulnerability, erdc,
• opendocman <= 1.2p3 Bypass admin/user Login, k1tk4t,
• Metasploit Framework 2.7 Released, H D Moore,
• [ GLSA 200610-15 ] Asterisk: Multiple vulnerabilities, Raphael Marichez,
• CORE FORCE R0.95 released!, CORE FORCE Team,
• Multiple Remote File Include, firewall1954,
• Re: CentiPaid <= 1.4.2 [$class_pwd] Remote File Include, Francesco Laurita,
• unreliable vulnerability reports en-masee [was:Re: vulnerability in Symantec products], Gadi Evron,
• [security bulletin] HPSBMA02138 SSRT061184 rev.2 - HP OpenView Storage Data Protector, Remote Unauthorized Arbitrary Command Execution, security-alert,
• [security bulletin] HPSBMA02121 SSRT061157 rev.3 - HP OpenView Storage Data Protector Remote Unauthorized Arbitrary Command Execution, security-alert,
• [security bulletin] HPSBTU02168 SSRT061237 rev.1 - HP Tru64 UNIX Running gzip, gunzip, and gzcat, Remote Unauthorized Arbitrary Code Execution or Denial of Service (DoS), security-alert,
• Re: CentiPaid <= 1.4.2 [$class_pwd] Remote File Include, Tamriel,
• Re: freenews---> fileinclude, Tamriel,
• Re: Nucleus Core v3.23 - Remote File Include, Francesco Laurita,
• Re: Free Rainbow Tables.com, Jerome Athias,
• ModSecurity 2.0, A Core Rule Set and Console now available, Ofer Shezaf,
• phpMyConferences <= 8.0.2 Remote File Inclusion, mfp . c,
• ActiveX security leaks in the TV owned web game platform, maxgipeh,
• Hawking Technology wireless router WR254-CA DNS issue, Nikolai Grigoriev,
• [ MDKSA-2006:193 ] - Updated ImageMagick packages fix vulnerabilities, security,
• [ MDKSA-2006:194 ] - Updated PostgreSQL packages fix vulnerabilities, security,
• SQL Injection Vulnerability in bfExplorer 0.0.6, security,
• Sun java System Messenger Express XSS, handrix,
• New Flaw in Firefox 2.0: DoS and possible remote code execution, xxxx,
• Re: freenews---> fileinclude, pokley,
• Re: freenews---> fileinclude, pokley,
• Authentication bypass in BytesFall Explorer, RedTeam Pentesting,
• Re: New Flaw in Firefox 2.0: DoS and possible remote code execution, Gouki,
• Re: New Flaw in Firefox 2.0: DoS and possible remote code execution, Josh Bressers,
• Re: Re: New Flaw in Firefox 2.0: DoS and possible remote code execution, xxxx,
• [SECURITY] [DSA 1201-1] New ethereal packages fix denial of service, Moritz Muehlenhoff,
• [SECURITY] [DSA 1202-1] New screen packages fix arbitrary code execution, Moritz Muehlenhoff,
• PHP-Nuke <= 7.9 Journal module (search.php) "forwhat" SQL Injection vulnerability, paisterist . nst,
• Cross Site Scripting (XSS) Vulnerability in iPlanet Messaging Server Messenger Express by "Sun", LegendaryZion,
• Directory listing on B-FOCuS Wireless 802.11b/g ADSL2+ Router by "ECI Telecom LTD", LegendaryZion,
• Cross Site Scripting (XSS) Vulnerability in Web Mail service by "Walla! Communications LTD", LegendaryZion,
• Re: New Flaw in Firefox 2.0: DoS and possible remote code execution, Daniel Veditz,
• iDefense Security Advisory 10.27.06: Novell eDirectory NMAS BerDecodeLoginDataRequeset DoS Vulnerability, iDefense Labs,
• iDefense Security Advisory 10.31.06: Novell iManager Tomcat DoS Vulnerability, iDefense Labs,
• iDefense Security Advisory 10.31.06: Sophos Anti-Virus Petite File Denial of Service Vulnerability, iDefense Labs,
• Multiple XSS Vulnerabilities in Zend Google Data Client Library Preview 0.2.0, security,
• Re: Re: Simple Machines Forum (SMF) XSS issue, oldiesmann,
• Re[3]: New Flaw in Firefox 2.0: DoS and possible remote code execution, 3APA3A,
• [USN-370-1] screen vulnerability, Kees Cook,
• [USN-371-1] Ruby vulnerability, Kees Cook,
• Cross Site Scripting (XSS) Vulnerability in Netquery by "VIRtech", LegendaryZion,
• Re: phpLedAds 2.0(dir) File Include, Stefano Zanero,
• Cisco Security Advisory: Cisco Security Agent Management Center LDAP Administrator Authentication Bypass, Cisco Systems Product Security Incident Response Team,
• [USN-373-1] mutt vulnerabilities, Kees Cook,
• Asterisk Local and Remote Denial of Service vulnerability, sil,
• tikiwiki 1.9.5 mysql password disclosure & xss, securfrog,
• Outpost Insufficient validation of 'SandBox' driver input buffer, Matousec - Transparent security Research,
• rPSA-2006-0202-1 tshark wireshark, rPath Update Announcements,
• [security bulletin] HPSBUX02172 SSRT061269 rev.1 - HP-UX VirtualVault running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), and Unauthorized Access, security-alert,
• Re: PLS-Bannieres 1.21 (bannieres.php) File Include, Stefano Zanero,
• [security bulletin] HPSBUX02164 SSRT061265 rev.1 - HP-UX VirtualVault Running Apache 1.3.X Remote Denial of Service (DoS) and Arbitrary Code Execution, security-alert,
• [security bulletin] HPSBUX02165 SSRT061266 rev.1 - HP-UX VirtualVault Remote Unauthorized Access, security-alert,
• [USN-374-1] wvWare vulnerability, Kees Cook,
• [security bulletin] HPSBUX02091 SSRT061099 rev.2 - HP-UX Local Increased Privilege, security-alert,
• Internet Explorer 7 - Still Spyware Writers' Heaven, avivra,
• Multiple vulnerabilities in SAP Web Application Server 6.40 and 7.00, Nicob,
• how to trick most of cms avatar upload filter [exemple for : RunCms (PoC)], securfrog,
• Advisory 12/2006: phpMyAdmin - error.php XSS Vulnerability, Stefan Esser,
• Firefox 1.5.0.7 Exploit, koenig,
• iodine client 0.3.2 buffer overflow, poplix,
• [SECURITY] [DSA 1203-1] New libpam-ldap packages fix access control bypass, Moritz Muehlenhoff,
• [security bulletin] HPSBMA02159 SSRT061238 rev.1 - HP System Management Homepage (SMH), Remote Bypassing of Security Features or Cross Site Scripting or Denial of Service (DoS), security-alert,
• [USN-375-1] PHP vulnerability, Martin Pitt,
• Educational write-up by Amit Klein: "A Refreshing Look at Redirection", Amit Klein,
• Re: how to trick most of cms avatar upload filter [exemple for : RunCms (PoC)], Taneli Leppä,
• Re: how to trick most of cms avatar upload filter [exemple for : RunCms (PoC)], Taneli Leppä,
• RE: how to trick most of cms avatar upload filter [exemple for : RunCms (PoC)], Richard Stanway,
• Re: Firefox 1.5.0.7 Exploit, Robert McGrew,
• RE: Internet Explorer 7 - Still Spyware Writers' Heaven, Roger A. Grimes,
• Re: Firefox 1.5.0.7 Exploit, Bram Dumolin,
• Advisory 13/2006: PHP HTML Entity Encoder Heap Overflow Vulnerability, Stefan Esser,
• EUSecWest/London CFP extended to Nov. 7, Dragos Ruiu,
• Re: phpMyConferences <= 8.0.2 Remote File Inclusion, Steven M. Christey,
• [ MDKSA-2006:196 ] - Updated php packages to address buffer overflow issue, security,
• [ MDKSA-2006:195 ] - Updated wireshark packages fix multiple vulnerabilities, security,
• Re: Firefox 1.5.0.7 Exploit, Martin Pitt,
• Re[2]: New Flaw in Firefox 2.0: DoS and possible remote code execution, 3APA3A,
• Re: Digital Armaments Security Advisory 10.07.2006: Flexwath Authorization Bypassing and XSS Vulnerability, sales,
• Re: Multiple vulnerabilities in SAP Web Application Server 6.40 and7.00, harrisonholland,
• [ GLSA 200611-01 ] Screen: UTF-8 character handling vulnerability, Matthias Geerdsen,
• [SECURITY] [DSA-1205-1] New thttpd packages fix insecure temporary file creation, Steve Kemp,
• SIMPLOG 0.9.3 injection sql & multiple xss, saps . audit,
• [ MDKSA-2006:197 ] - Updated kernel packages fix multiple vulnerabilities and bugs, security,
• XSS in script Mobile, m-0-t,
• ZDI-06-036: Novell Netmail User Authentication Buffer Overflow Vulnerability, zdi-disclosures,
• [USN-376-1] imlib2 vulnerabilities, Kees Cook,
• [OpenPKG-SA-2006.030] OpenPKG Security Advisory (ruby), OpenPKG,
• Re: Internet Explorer 7 - Still Spyware Writers' Heaven, Eliah Kagan,
• MajorSecurity Advisory #31]Xenis.creator CMS - Multiple Cross Site Scripting and SQL Injection Issues, admin,
• Re: how to trick most of cms avatar upload filter [exemple for : RunCms (PoC)], Paul Laudanski,
• [OpenPKG-SA-2006.028] OpenPKG Security Advisory (php), OpenPKG,
• Web Directory Pro bypass Vulnerabilities, hack2prison,
• [OpenPKG-SA-2006.029] OpenPKG Security Advisory (bind), OpenPKG,
• [USN-378-1] RPM vulnerability, Kees Cook,
• [MajorSecurity Advisory #30]admin.tool 3 CMS - Multiple Cross Site Scripting Issues, admin,
• [USN-377-1] NVIDIA vulnerability, Kees Cook,
• Re: MajorSecurity Advisory #31]Xenis.creator CMS - Multiple Cross Site Scripting and SQL Injection Issues, saps . audit,
• IF-CMS multiples XSS vunerabilities, saps . audit,
• Re: Internet Explorer 7 - Still Spyware Writers' Heaven, Thierry Zoller,

This archive provided courtesy of JSW4.NET, Internet Hosting Services for Small Business.
The main JSW4.NET technical listserv archive and search page.
The main archive page for this list.