BugTraq@security-focus.com List Archive

• Date Index

• ZDI-06-039: Marshal MailMarshal ARJ Extraction Directory Traversal Vulnerability, zdi-disclosures
• [x0n3-h4ck]Drake CMS v 0.2 XSS exploit, corrado . liotta
• [x0n3-h4ck]Essentia Web Server v.2.15 Buffer Overflow, corrado . liotta
• [ GLSA 200611-05 ] Netkit FTP Server: Privilege escalation, Raphael Marichez
• [OpenPKG-SA-2006.033] OpenPKG Security Advisory (openldap), OpenPKG
• [ MDKSA-2006:206 ] - Updated Thunderbird packages fix multiple vulnerabilities, security
• [ MDKSA-2006:205 ] - Updated Firefox packages fix multiple vulnerabilities, security
• rPSA-2006-0207-1 openssh openssh-client openssh-server, rPath Update Announcements
• rPSA-2006-0206-1 firefox thunderbird, rPath Update Announcements
• rPSA-2006-0205-1 php php-mysql php-pgsql, rPath Update Announcements
• rPSA-2006-0204-1 kernel, rPath Update Announcements
• [ GLSA 200611-04 ] Bugzilla: Multiple Vulnerabilities, Matthias Geerdsen
• [security bulletin] HPSBMA02167 SSRT061262 rev.2 - HP OpenView Client Configuration Manager (CCM), Remote Unauthorized Arbitrary Code Execution or Denial of Service (DoS), security-alert
• Wheatblog [multiple xss (post) & full path disclosure], saps . audit
• [USN-379-1] texinfo vulnerability, Kees Cook
• LandShop Real Estate [multiple injection sql & xss], saps . audit
• [SECURITY] [DSA 1207-1] New phpmyadmin packages fix several vulnerabilities, Moritz Muehlenhoff
• GNU gv Stack Overflow Vulnerability, Renaud Lifchitz
• bitweaver <=1.3.1 [injection sql (post) & xss (post)], saps . audit
• [ MDKSA-2006:204 ] - Updated openssh packages fix vulnerability, security
• omnistar article manager [multiples injection sql], saps . audit
• FreeBSD Security Advisory FreeBSD-SA-06:24.libarchive, FreeBSD Security Advisories
• FreeWebshop <=2.2.2 [local file include & xss], saps . audit
• Immediacy .NET CMS possibly vulnerable to Cross Site Scripting through a malformed cookie, ProCheckUp Research
• [ MDKSA-2006:202 ] - Updated wv packages fix vulnerabilities, security
• Speedwiki 2.0 Arbitrary File Upload Vulnerability, saps . audit
• knowledgeBuilder v.2.2.php.NuLL-WDYL=> Remote File Include Vulnerability, h4ck3riran
• iDefense Security Advisory 11.08.06: Cisco Secure Desktop Privilege Escalation Vulnerability, iDefense Labs
• Abarcar Realty Portal [injection sql], saps . audit
• TSRT-06-13: HP OpenView Client Configuration Manager Device Code Execution Vulnerability, TSRT
• phpsatk => Remote File Include Vulnerability EXploit, h4ck3riran
• Portix-PHP [login bypass & xss (post)], saps . audit
• iDefense Security Advisory 11.08.06: IBM Lotus Domino 7 tunekrnl Multiple Vulnerabilities, iDefense Labs Security Advisories
• Lotus Notes pre-login User.ID key leak, Andrew Christensen
• [ MDKSA-2006:203 ] - Updated texinfo packages fix vulnerability, security
• PhpMyChat <= 0.14.5 Source Code Disclosure Vulnerability, ajannhwt
• PhpMyChat Plus <= 1.9 Multiple Source Code Disclosure Vulnerabilities, ajannhwt
• Y.A.N.S sql injection, navairum
• Cisco Security Advisory: Multiple Vulnerabilities in Cisco Secure Desktop, Cisco Systems Product Security Incident Response Team
• [ MDKSA-2006:198-1 ] - Updated imlib2 packages fix several vulnerabilities, security
• Call for papers: ARES 2007 submission deadline approaches in 2 weeks: 19-11-2006, Manh Tho
• [OpenPKG-SA-2006.032] OpenPKG Security Advisory (openssh), OpenPKG
• [ MDKSA-2006:201 ] - Updated pam_ldap packages fix PasswordPolicyReponse coding error, security
• WFTPD Pro Server 3.23 Buffer Overflow, Joxean Koret
• [ GLSA 200611-03 ] NVIDIA binary graphics driver: Privilege escalation vulnerability, Raphael Marichez
• XSS in Kayako SupportSuite v3.00.32, hacker hackers
• WarFTPd 1.82.00-RC11 Remote Denial Of Service, Joxean Koret
• Minimizing error cascades in vulnerability information management, Steven M. Christey
• [ MDKSA-2006:200 ] - Updated rpm packages fix vulnerability, security
• DigiOz Guestbook version 1.7 Path Disclosure Vulnerability in list.php, jesper . jurcenoks
  • <Possible follow-ups>
  • DigiOz Guestbook version 1.7 Path Disclosure Vulnerability in list.php, Jesper Jurcenoks
• News publication system remote File include, navairum
• [ MDKSA-2006:198 ] - Updated imlib2 packages fix several vulnerabilities, security
• [ MDKSA-2006:199 ] - Updated libx11 packages fix file descriptor leak vulnerability, security
• [USN-376-2] imlib2 regression fix, Kees Cook
• GreenBeast CMS <= 1.3 PHP Arbitrary File Upload Vulnerability, skulmatic
• Re: Multiple vulnerabilities in SAP Web Application Server 6.40 and7.00, Nicob
  • Re: Multiple vulnerabilities in SAP Web Application Server 6.40 and7.00, Nicob
• IE7 website security certificate discrediting exploit, inge_eivind . henriksen
  • <Possible follow-ups>
  • Re: IE7 website security certificate discrediting exploit, inge_eivind . henriksen
• ZDI-06-037: America Online ICQ ActiveX Control Code Execution Vulnerability, zdi-disclosures
• VulnDisco Pack for Metasploit, Evgeny Legerov
• Re: Firefox 1.5.0.7 Exploit, Lubomir Kundrak
  • <Possible follow-ups>
  • Re: Firefox 1.5.0.7 Exploit, OOZIE
• Advanced Guestbook 2.3.1 (Admin.php) Remote File Include, broken-proxy
  • <Possible follow-ups>
  • Re: Advanced Guestbook 2.3.1 (Admin.php) Remote File Include, simo64
• [SECURITY] [DSA 1206-1] New php4 packages fix several vulnerabilities, Moritz Muehlenhoff
• XSS Vulnerability in Zend Framework Preview 0.2.0, security
• Hotmail and Windows Live Mail XSS Vulnerabilities, applesoup
  • Message not available
    • Re: Hotmail and Windows Live Mail XSS Vulnerabilities, HASEGAWA Yosuke
• [SECURITY] [DSA 1204-1] New ingo1 packages fix arbitrary shell command execution, Moritz Muehlenhoff
• Re: Internet Explorer 7 - Still Spyware Writers' Heaven, Eliah Kagan
  • <Possible follow-ups>
  • RE: Internet Explorer 7 - Still Spyware Writers' Heaven, Roger A. Grimes
• MajorSecurity Advisory #32]phpComasy CMS - Multiple Cross Site Scripting Issues, admin
• Ariadne <= 2.4.1 Multiple Remote File Include Vulnerabilities(New), ajannhwt
• [ GLSA 200611-02 ] Qt: Integer overflow, Matthias Geerdsen
• TSLSA-2006-0061 - multi, Trustix Security Advisor
• Cross Site Scripting (XSS) Vulnerability in IBM WebSphere Application Server, ProCheckUp Research
• Joomla 1.0.11 Remote File Include, root
  • Antwort: Joomla 1.0.11 Remote File Include, srunschke
• MWChat pro V 7.0 <= (CONFIG[MWCHAT_Libs]) Remote File Include Vulnerability, -= SHELL =- -= SHELL =-
• AIOCP <=1.3.007 multiples vulnerabilities [sql , remote file include , xss], saps . audit
• [ECHO_ADV_60_2006] OpenEMR <=2.8.1 Multiple Remote File Inclusion Vulnerability, erdc
• [ECHO_ADV_59_2006]Agora 1.4 RC1 "$_SESSION[PATH_COMPOSANT]" Remote File Inclusion Vulnerability, erdc
• [ECHO_ADV_58_2006]Cyberfolio <=2.0 RC1 $av Remote File Inclusion Vulnerability, erdc
• [ECHO_ADV_57_2006]Soholaunch Pro <=4.9 r36 Multiple Remote File Inclusion Vulnerability, erdc
• PHP Rapid Kill All Version File Injection, null_hack
• Re: New Flaw in Firefox 2.0: DoS and possible remote code execution, Jan Heisterkamp
  • <Possible follow-ups>
  • Re: New Flaw in Firefox 2.0: DoS and possible remote code execution, Jerome Athias
• Mail Drives Security Considerations, darkz . gsa
• Stanford university SCARF user editing, navairum
• Article Script v1.*and v1.6.3 Sql injection, liz0
• @cid stats v2.3 File Include, mahmood ali
  • Re: @cid stats v2.3 File Include, Heiko Wundram

This archive provided courtesy of JSW4.NET, Internet Hosting Services for Small Business.
The main JSW4.NET technical listserv archive and search page.
The main archive page for this list.