BugTraq@security-focus.com List Archive

• Thread Index

• [Aria-Security Team] Evolve shopping cart SQL Injection Vulnerability, Advisory,
• [Aria-Security Team] General Shopping Cart SQL Injection Vulnerability, Advisory,
• [SECURITY] [DSA 1220-1] New pstotext packages fix arbitrary shell command execution, Moritz Muehlenhoff,
• Re: Re: "Which is more secure? Oracle vs. Microsoft" (is it a fair comparison?), Tim Newsham,
• Clickblog Sql Injection, Advisory,
• ClickGallery Sql Injection, Advisory,
• iDefense Security Advisory 11.26.06: Qbik WinGate Compressed Name Pointer Denial of Service Vulnerability, iDefense Labs,
• TFTP Server AT-TFTP Server v 1.9 Buffer Overflow Vulnerability (Long filename), liuqx,
• VMware 5.5.1 Local Buffer Overflow (HTML Exploit), NormandiaN_MailID,
• [SECURITY] [DSA 1219-1] New texinfo packages fix multiple vulnerabilities, Noah Meyerhans,
• CuteNews v1.4.5 (search.php) Remote file include vulnerability, philip anselmo,
• rPSA-2006-0218-1 ImageMagick, rPath Update Announcements,
• TFTP Server 3CTftpSvc Buffer Overflow Vulnerability (Long transporting mode), liuqx,
• Re: Re: "Which is more secure? Oracle vs. Microsoft" (is it a fair comparison?), David Litchfield,
• rPSA-2006-0219-1 info install-info texinfo, rPath Update Announcements,
• Re: VMware 5.5.1 Local Buffer Overflow (HTML Exploit), str0ke,
• PhpGedView 4.0.2 (DOCUMENT_ROOT) File inclusion Vulnerablity, x___ . _,
• Re: CuteNews v1.4.5 (search.php) Remote file include vulnerability, Francesco Laurita,
• MHL-2006-003 Public Advisory: "mboard" file creation issue, Mayhemic Labs Security,
• iDefense Security Advisory 11.26.06: GNU Radius Format String Vulnerability, iDefense Labs,
• [ GLSA 200611-21 ] Kile: Incorrect backup file permission, Sune Kloppenborg Jeppesen,
• Re: New Flaw in Firefox 2.0: DoS and possible remote code execution, sflist,
• RE: Cracking String Encryption in Java Obfuscated Bytecode, Jeremy Epstein,
• 2nd European Conference on Computer Network Defense (EC2ND), Blyth A J C (AT),
• Cursor snarfing - a new class of vulnerability and attack in Oracle, David Litchfield,
• AIDE problem handling symlinks, fryxar fryxar,
• ClickContact SQL Injection, Advisory,
• CVE-2006-5815: remote code execution in ProFTPD, John Morrissey,
• SYMSA-2006-011: JBoss Java Class DeploymentFileRepository Directory Traversal, research,
• GnuPG 1.4 and 2.0 buffer overflow, Werner Koch,
• [ GLSA 200611-22 ] Ingo H3: Folder name shell command injection, Sune Kloppenborg Jeppesen,
• uPhotoGallery (v 1.1) SQL Injection, Advisory,
• Re: SYMSA-2006-011: JBoss Java Class DeploymentFileRepository Directory Traversal, Jon Hart,
• Re: Re: "Which is more secure? Oracle vs. Microsoft" (is it a fair comparison?), Steven M. Christey,
• [USN-386-1] ImageMagick vulnerability, Kees Cook,
• Re: Re: "Which is more secure? Oracle vs. Microsoft" (is it a fair comparison?), David Litchfield,
• evince buffer overflow exploit (gv), kspecial,
• TSLSA-2006-0066 - multi, Trustix Security Advisor,
• ProFTPD mod_tls pre-authentication buffer overflow, research,
• Re: PhpGedView 4.0.2 (DOCUMENT_ROOT) File inclusion Vulnerablity, Mefisto,
• b2evolution XSS Vulnerabilities, tarkus,
• [USN-387-1] Dovecot vulnerability, Kees Cook,
• [ GLSA 200611-23 ] Mono: Insecure temporary file creation, Raphael Marichez,
• [ GLSA 200611-25 ] OpenLDAP: Denial of Service vulnerability, Raphael Marichez,
• [ GLSA 200611-24 ] LHa: Multiple vulnerabilities, Raphael Marichez,
• Re: PhpGedView 4.0.2 (DOCUMENT_ROOT) File inclusion Vulnerablity, yalnifj,
• [USN-385-1] tar vulnerability, Kees Cook,
• New report on Teredo security, Jim Hoagland,
• Multiple Vulnerabilities in AlternC version 0.9.5, Vincent A . Menard,
• Re: [Full-disclosure] New report on Teredo security, Jeroen Massar,
• b2evolution Remote File inclusion Vulnerability, tarkus,
• Re: CuteNews v1.4.5 (search.php) Remote file include vulnerability, raven,
• Re: [WEB SECURITY] The state of JavaScript Hacking, bugtraq,
• PHP Event Calendar 1.5.1 (index.php) Remote File Include Vulnerability, philip anselmo,
• Re: ProFTPD mod_tls pre-authentication buffer overflow, Mark Wadham,
• ZDI-06-043: Novell Netware Client Print Provider Buffer Overflow Vulnerability, zdi-disclosures,
• iDefense Security Advisory 11.29.06: Horde Kronolith Arbitrary Local File Inclusion Vulnerability, iDefense Labs,
• Re: Re: "Which is more secure? Oracle vs. Microsoft" (is it a fair comparison?), David Litchfield,
• REMLAB Web Mech Designer 2.0.5 Path Disclosure Vulnerability, jesper . jurcenoks,
• [ MDKSA-2006:219 ] - Updated tar packages fix vulnerability, security,
• Secunia Research: Borland Products idsql32.dll Buffer Overflow Vulnerability, Secunia Research,
• SYM06-023, Symantec NetBackup PureDisk: PHP update to Address Reported Security Vulnerability, Mike Prosser,
• OWASP JBroFuzz 0.3 Fuzzer Released!, subere,
• RE: Re: "Which is more secure? Oracle vs. Microsoft" (is it a fair comparison?), Shawn Fitzgerald,
• New Windows tool - PWDumpX v1.0, Reed Arvin,
• Monkey Boards version 0.3.5 Multiple Path Disclosure Vulnerabilities, jesper . jurcenoks,
• [Aria-Security Team] FipsSHOP SQL Injection, Advisory,
• Re: PHP Event Calendar 1.5.1 (index.php) Remote File Include Vulnerability, Stuart Moore,
• [USN-388-1] KOffice vulnerability, Kees Cook,
• Potentially OT: AJAX article, clappymonkey,
• [USN-389-1] GnuPG vulnerability, Kees Cook,
• [SECURITY] [DSA 1221-1] New libgsf packages fix arbitrary code execution, Martin Schulze,
• [SECURITY] [DSA 1222-1] New proftpd packages fix several vulnerabilities, Moritz Muehlenhoff,
• [ MDKSA-2006:217-1 ] - Updated proftpd packages fix vulnerabilities, security,
• Secunia Research: MailEnable IMAP Service Two Vulnerabilities, Secunia Research,
• [security bulletin] HPSBUX02153 SSRT061181 rev.2 - HP-UX Running Firefox, Remote Unauthorized Access or Elevation of Privileges or Denial of Service (DoS), security-alert,
• [USN-390-1] evince vulnerability, Kees Cook,
• Woltlab Burning Board 2.3.X XSS Vulnerability (0-Day) FIXED VERSION, blueshisha,
• @lex Guestbook 4.0.1 : Full Path Disclosure & XSS, mr_kaliman,
• Seditio <= 1.10 (pollid) Remote SQL Injection Vulnerability, ajannhwt,
• Invision Community Blog Mod 1.2.4 .PHP SQL Injection Vulnerability, infection,
• [ GLSA 200611-26 ] ProFTPD: Remote execution of arbitrary code, Raphael Marichez,
• Re: [Full-disclosure] ZDI-06-043: Novell Netware Client Print Provider Buffer Overflow Vulnerability, Dude VanWinkle,
• safely concatenating strings in portable C (Re: GnuPG 1.4 and 2.0 buffer overflow), Solar Designer,
• contentserv 4.x, capt . nem0,
• LDU <= 8.x (polls.php) Remote SQL Injection Vulnerability, ajannhwt,
• iDefense Security Advisory 11.30.06: Multiple Vendor libgsf Heap Overflow Vulnerability, iDefense Labs,
• LifeType version 1.1.2 Multiple Path Disclosure Vulnerabilities, jesper . jurcenoks,
• Re: [Full-disclosure] ZDI-06-043: Novell Netware Client Print Provider Buffer Overflow Vulnerability, zdi-disclosures,
• Invision Gallery 2.0.7 SQL Injection Vulnerability, infection,
• Re: Invision Community Blog Mod 1.2.4 .PHP SQL Injection Vulnerability, emin,
• [SECURITY] [DSA 1205-2] New thttpd packages fix insecure temporary file creation, Steve Kemp,
• [ MDKSA-2006:220 ] - Updated libgsf packages fix heap buffer overflow vulnerability, security,
• [ MDKSA-2006:221 ] - Updated gnupg packages fix vulnerability, security,
• rPSA-2006-0221-1 openldap openldap-clients openldap-servers, rPath Update Announcements,
• [Aria-Security.Net] Web Hosting Control Panel - cPanel 11 Multiple Cross-Site Scripting Vulnerabilites, Advisory,
• deV!L`z Clanportal - Arbitrary File Upload [061124b], Tim Weber,
• Layered Defense Advisory: Novell Client 4.91 Format String Vulnerability, dh,
• [SECURITY] [DSA 1223-1] New tar packages fix arbitrary file overwrite, Noah Meyerhans,
• Outpost Bypassing Self-Protection via Advanced DLL injection with handle stealing Vulnerability, Matousec - Transparent security Research,
• deV!L`z Clanportal - SQL Injection [061124a], Tim Weber,
• rPSA-2006-0220-1 dovecot, rPath Update Announcements,
• Aspee Ziyareti Defteri (tr) Sql injection Vuln., ShaFuq31,
• [SECURITY] [DSA 1222-2] New proftpd packages fix several vulnerabilities, Moritz Muehlenhoff,
• iDefense Security Advisory 12.01.06: Novell ZENworks Asset Management Collection Client Heap Overflow Vulnerability, iDefense Labs,
• iDefense Security Advisory 12.01.06: Novell ZENworks Asset Management Msg.dll Heap Overflow Vulnerability, iDefense Labs,
• Re: [Full-disclosure] ZDI-06-043: Novell Netware Client Print Provider Buffer Overflow Vulnerability, Dude VanWinkle,
• rPSA-2006-0224-1 gnupg, rPath Update Announcements,
• TSLSA-2006-0068 - multi, Trustix Security Advisor,
• Re: safely concatenating strings in portable C (Re: GnuPG 1.4 and 2.0 buffer overflow), Simon Josefsson,
• rPSA-2006-0222-1 tar, rPath Update Announcements,
• freeqboard <= 1.1 (qb_path) Remote File Include Vulnerability, -= SHELL =- -= SHELL =-,
• [ MDKSA-2006:223 ] - Updated ImageMagick packages fixes vulnerability, security,
• [Aria-Security Team] DuWare DuNews SQL Injection Vuln, Advisory,
• [Aria-Security Team] DuWare DuClassMate SQL Injection Vuln, Advisory,
• [Aria-Security Team] DuWare DuPortal SQL Injection Vuln, Advisory,
• PHPNews 1.3.0 XSS, emulamex,
• KhaledMuratList mdb, blasterim,
• [ MDKSA-2006:222 ] - Updated koffice packages fixes integer overflow vulnerability, security,
• [Aria-Security Team] DuWare DuDownloads SQL Injection Vuln, Advisory,
• CuteNews 1.3.6 XSS, emulamex,
• [Aria-Security Team] DuWare DuForum SQL Injection Vuln, Advisory,
• [Aria-Security Team] DuWare DuPaypal SQL Injection Vuln, Advisory,

This archive provided courtesy of JSW4.NET, Internet Hosting Services for Small Business.
The main JSW4.NET technical listserv archive and search page.
The main archive page for this list.