BugTraq@security-focus.com List Archive

• Date Index

• Multiple Bugs in Future Internet ( XSS & SQL Injection ), xx_hack_xx_2004
• Efkan Forum v1.0 SqL Inj. Vuln., ShaFuq31
• ZDI-06-054: Novell NetMail IMAP APPEND Buffer Overflow Vulnerability, zdi-disclosures
• ZDI-06-053: Novell NetMail IMAP Verb Literal Heap Overflow Vulnerability, zdi-disclosures
• ZDI-06-052: Novell NetMail NMAP STOR Buffer Overflow Vulnerability, zdi-disclosures
• Re: Multiple Remote Vulnerabilities in KISGB, 3APA3A
  • <Possible follow-ups>
  • Re: Multiple Remote Vulnerabilities in KISGB, str0ke
• SQID v0.2 - SQL Injection Digger., contact
• Re: Re: [Full-disclosure] Microsoft Windows XP/2003/Vista memory corruption 0day, Mike
• Re: [Full-disclosure] Oracle Portal 10g HTTP Response Splitting, putosoft softputo
• TSLSA-2006-0074 - multi, Trustix Security Advisor
• Oracle Applications/Portal 9i/10g Cross Site Scripting, putosoft softputo
• rPSA-2006-0234-1 firefox, rPath Update Announcements
• Xt-News 0.1 : SQL Injection Vulnerability & XSS, mr_kaliman
• PWDumpX updated (includes CacheDump functionality), Reed Arvin
• OpenSER 1.1.0 parse_config buffer overflow vulnerability, sapheal
• [OpenPKG-SA-2006.040] OpenPKG Security Advisory (ruby), OpenPKG GmbH
• Re: Vulnerability in MG2 php based Image Gallery - bypass security, view password protected images, matthieu . paineauSTOPSPAM
• [TOOL] untidy - XML Fuzzer, Andres Riancho
• SQID v0.1 - SQL Inhection Digger., contact
• Ixprim CMS 1.2 Remote Blind SQL Injection Exploit, gmdarkfig
• Re: Enforcing Java Security Manager in Restricted Windows Environments?, jim
  • RE: Enforcing Java Security Manager in Restricted Windows Environments?, Jan P. Monsch
• RE: [Full-disclosure] Fun with event logs (semi-offtopic), Michele Cicciotti
  • Re[2]: [Full-disclosure] Fun with event logs (semi-offtopic), 3APA3A
  • Message not available
    • RE: Re[2]: [Full-disclosure] Fun with event logs (semi-offtopic), Michele Cicciotti
• [ MDKSA-2006:234 ] - Updated mono packages fix vulnerability, security
• [SECURITY] [DSA-1240-1] New links2 packages fix arbitrary shell command execution, Steve Kemp
• Microsoft Windows XP/2003/Vista memory corruption 0day, 3APA3A
  • Re: [Full-disclosure] Microsoft Windows XP/2003/Vista memory corruption 0day, 3APA3A
    • Re: [Full-disclosure] Microsoft Windows XP/2003/Vista memory corruption 0day, Alexander Sotirov
      • Re: [Full-disclosure] Microsoft Windows XP/2003/Vista memory corruption 0day, Pukhraj Singh
      • Message not available
      • RE: [Full-disclosure] Microsoft Windows XP/2003/Vista memory corruption 0day, Michele Cicciotti
• Fun with event logs (semi-offtopic), 3APA3A
  • Re: [Full-disclosure] Fun with event logs (semi-offtopic), endrazine
• NOD32 Antivirus CAB parsing Arbitrary Code Execution Advisory, security
• [OpenPKG-SA-2006.041] OpenPKG Security Advisory (dbus), OpenPKG GmbH
• [CAID 34876]: CA CleverPath Portal Session Inheritance Vulnerability, Williams, James K
• [USN-397-1] mono vulnerability, Kees Cook
• critical Flaw in Firefox 2.0.0.1 allows to steal the user passwords with a videoclip, quincy
  • Re: critical Flaw in Firefox 2.0.0.1 allows to steal the user passwords with a videoclip, 3APA3A
  • <Possible follow-ups>
  • Re: critical Flaw in Firefox 2.0.0.1 allows to steal the user passwords with a videoclip, Juha-Matti Laurio
    • Re[2]: critical Flaw in Firefox 2.0.0.1 allows to steal the user passwords with a videoclip, Thierry Zoller
• [ GLSA 200612-21 ] Ruby: Denial of Service vulnerability, Raphael Marichez
• [ GLSA 200612-20 ] imlib2: Multiple vulnerabilities, Raphael Marichez
• [ GLSA 200612-19 ] pam_ldap: Authentication bypass vulnerability, Raphael Marichez
• [security bulletin] HPSBST02180 SSRT061288 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS06-072 Through MS06-078, security-alert
• [security bulletin] HPSBUX02174 SSRT061239 rev.2 HP-UX Running OpenSSL Denial of Service (DoS), Increase Privilege, security-alert
• Mono XSP ASP.NET Server sourcecode disclosure vulnerability, jose . palanco
• NOD32 Antivirus DOC parsing Arbitrary Code Execution Advisory, security
• Oracle Portal 10g HTTP Response Splitting, putosoft softputo
  • Re: [Full-disclosure] Oracle Portal 10g HTTP Response Splitting, Brian Eaton
  • <Possible follow-ups>
  • Re: Oracle Portal 10g HTTP Response Splitting, majororacle
• SEC Consult SA-20061220-0 :: Typo3 Command Execution Vulnerability, SEC Consult Research
• ZDI-06-051: Mozilla Firefox SVG Processing Remote Code Execution Vulnerability, zdi-disclosures
• MkPortal Urlobox Cross Site Request Forgery, info
  • <Possible follow-ups>
  • Re: MkPortal Urlobox Cross Site Request Forgery, securityfocus
  • Re: MkPortal Urlobox Cross Site Request Forgery, securityfocus
• Multiple Bugs in MINI WEB SHOP, xx_hack_xx_2004
• Oracle <= 9i / 10g File System Access via utl_file Exploit, none
  • Re: Oracle <= 9i / 10g File System Access via utl_file Exploit, sumit kumar soni
  • <Possible follow-ups>
  • Re: Oracle <= 9i / 10g File System Access via utl_file Exploit, Marco Ivaldi
• Oracle <= 9i / 10g (extproc) Local/Remote Command Execution Exploit, none
• Burak Yilmaz Download Portal Sql Injection Vuln., ShaFuq31
• xss in Support Cards v1 ( oSTicket ), l . d . 0
• Trend Micro's Vista "0day exploit auction" claim, Ryan Meyer
  • RE: Trend Micro's Vista "0day exploit auction" claim, Roger A. Grimes
    • RE: Trend Micro's Vista "0day exploit auction" claim, Simple Nomad
      • Message not available
      • Re: Trend Micro's Vista "0day exploit auction" claim, Simple Nomad
  • <Possible follow-ups>
  • Re: RE: Trend Micro's Vista "0day exploit auction" claim, agoodhez1
• HP Printers FTP Server Denial Of Service, Joxean Koret
• New Skype Worm, Christopher Mosby
  • RE: [BULK] - New Skype Worm, Hubbard, Dan
• Multiple XSS vulnerabiliteies in Inetmedia's information service - cityinfo., filip . palian
• WebCalendar >=1.0 Cross-Site Scripting Vulnerabilities, 7all7
• HITBSecConf2007 - Dubai - Call for Papers now open!, Praburaajan
• [ MDKSA-2006:233 ] - Updated dbus packages fix vulnerability, security
• [ MDKSA-2006:232 ] - Updated proftpd packages fix mod_ctrls vulnerability, security
• [security bulletin] HPSBUX02178 SSRT061267 rev.2 - HP-UX Secure Shell Remote Unauthorized Denial of Service (DoS), security-alert
• [ GLSA 200612-18 ] ClamAV: Denial of Service, Sune Kloppenborg Jeppesen
• Re: Flaw in OpenOffice.org 2.1: OpenOffice 2.1 is vulnerable to MS Word 0 day vulnerability!!!, p . kerr
  • <Possible follow-ups>
  • Re: Flaw in OpenOffice.org 2.1: OpenOffice 2.1 is vulnerable to MS Word 0 day vulnerability!!!, Kamchybek Jusupov
    • Re: Flaw in OpenOffice.org 2.1: OpenOffice 2.1 is vulnerable to MS Word 0 day vulnerability!!!, Marcus Meissner
• Checkpoint NG3 ICMP Flood, bdmoraes
  • Re: Checkpoint NG3 ICMP Flood, Michael Schwartzkopff
  • Re: Checkpoint NG3 ICMP Flood, Hugo van der Kooij
• Secunia Research: MailEnable POP Service "PASS" Command Buffer Overflow, Secunia Research
• SYMSA-2006-013: Multiple Vulnerabilities in Mandiant First Response, research
• RateMe <= all versions => ( main.inc.php ) Remote File Include Vulnerability, saudi
• HyperVM Cross-Site Scripting, Advisory
• Cisco not honoring update promises?, Michael Scheidell
  • <Possible follow-ups>
  • Re: Cisco not honoring update promises?, rsmoak
  • RE: Cisco not honoring update promises?, Michael Scheidell
• Re: The (in)security of Xorg and DRI, Darren Reed
  • <Possible follow-ups>
  • Re: The (in)security of Xorg and DRI, Darren Reed
• [SECURITY] [DSA 1239-1] New sql-ledger packages fix arbitrary code execution, Moritz Muehlenhoff
• [SECURITY] [DSA 1238-1] New clamav packages fix several vulnerabilities, Moritz Muehlenhoff
• [SECURITY] [DSA 1237-1] New Linux 2.4.27 packages fix several vulnerabilities, Dann Frazier

This archive provided courtesy of JSW4.NET, Internet Hosting Services for Small Business.
The main JSW4.NET technical listserv archive and search page.
The main archive page for this list.