BugTraq@security-focus.com List Archive

• Thread Index

• [SECURITY] [DSA 1237-1] New Linux 2.4.27 packages fix several vulnerabilities, Dann Frazier,
• [SECURITY] [DSA 1238-1] New clamav packages fix several vulnerabilities, Moritz Muehlenhoff,
• [SECURITY] [DSA 1239-1] New sql-ledger packages fix arbitrary code execution, Moritz Muehlenhoff,
• Re: The (in)security of Xorg and DRI, Darren Reed,
• Cisco not honoring update promises?, Michael Scheidell,
• HyperVM Cross-Site Scripting, Advisory,
• Re: The (in)security of Xorg and DRI, Darren Reed,
• RateMe <= all versions => ( main.inc.php ) Remote File Include Vulnerability, saudi,
• SYMSA-2006-013: Multiple Vulnerabilities in Mandiant First Response, research,
• Secunia Research: MailEnable POP Service "PASS" Command Buffer Overflow, Secunia Research,
• Checkpoint NG3 ICMP Flood, bdmoraes,
• Re: Flaw in OpenOffice.org 2.1: OpenOffice 2.1 is vulnerable to MS Word 0 day vulnerability!!!, p . kerr,
• Re: Flaw in OpenOffice.org 2.1: OpenOffice 2.1 is vulnerable to MS Word 0 day vulnerability!!!, Kamchybek Jusupov,
• Re: Flaw in OpenOffice.org 2.1: OpenOffice 2.1 is vulnerable to MS Word 0 day vulnerability!!!, Marcus Meissner,
• [ GLSA 200612-18 ] ClamAV: Denial of Service, Sune Kloppenborg Jeppesen,
• Re: Cisco not honoring update promises?, rsmoak,
• Re: Checkpoint NG3 ICMP Flood, Michael Schwartzkopff,
• Re: Checkpoint NG3 ICMP Flood, Hugo van der Kooij,
• [security bulletin] HPSBUX02178 SSRT061267 rev.2 - HP-UX Secure Shell Remote Unauthorized Denial of Service (DoS), security-alert,
• [ MDKSA-2006:232 ] - Updated proftpd packages fix mod_ctrls vulnerability, security,
• [ MDKSA-2006:233 ] - Updated dbus packages fix vulnerability, security,
• HITBSecConf2007 - Dubai - Call for Papers now open!, Praburaajan,
• WebCalendar >=1.0 Cross-Site Scripting Vulnerabilities, 7all7,
• Multiple XSS vulnerabiliteies in Inetmedia's information service - cityinfo., filip . palian,
• New Skype Worm, Christopher Mosby,
• HP Printers FTP Server Denial Of Service, Joxean Koret,
• RE: [BULK] - New Skype Worm, Hubbard, Dan,
• Trend Micro's Vista "0day exploit auction" claim, Ryan Meyer,
• xss in Support Cards v1 ( oSTicket ), l . d . 0,
• Burak Yilmaz Download Portal Sql Injection Vuln., ShaFuq31,
• Oracle <= 9i / 10g (extproc) Local/Remote Command Execution Exploit, none,
• Oracle <= 9i / 10g File System Access via utl_file Exploit, none,
• Multiple Bugs in MINI WEB SHOP, xx_hack_xx_2004,
• MkPortal Urlobox Cross Site Request Forgery, info,
• RE: Cisco not honoring update promises?, Michael Scheidell,
• ZDI-06-051: Mozilla Firefox SVG Processing Remote Code Execution Vulnerability, zdi-disclosures,
• SEC Consult SA-20061220-0 :: Typo3 Command Execution Vulnerability, SEC Consult Research,
• Oracle Portal 10g HTTP Response Splitting, putosoft softputo,
• NOD32 Antivirus DOC parsing Arbitrary Code Execution Advisory, security,
• Mono XSP ASP.NET Server sourcecode disclosure vulnerability, jose . palanco,
• Re: Oracle <= 9i / 10g File System Access via utl_file Exploit, sumit kumar soni,
• Re: [Full-disclosure] Oracle Portal 10g HTTP Response Splitting, Brian Eaton,
• [security bulletin] HPSBUX02174 SSRT061239 rev.2 HP-UX Running OpenSSL Denial of Service (DoS), Increase Privilege, security-alert,
• [security bulletin] HPSBST02180 SSRT061288 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS06-072 Through MS06-078, security-alert,
• [ GLSA 200612-19 ] pam_ldap: Authentication bypass vulnerability, Raphael Marichez,
• [ GLSA 200612-20 ] imlib2: Multiple vulnerabilities, Raphael Marichez,
• [ GLSA 200612-21 ] Ruby: Denial of Service vulnerability, Raphael Marichez,
• RE: Trend Micro's Vista "0day exploit auction" claim, Roger A. Grimes,
• critical Flaw in Firefox 2.0.0.1 allows to steal the user passwords with a videoclip, quincy,
• RE: Trend Micro's Vista "0day exploit auction" claim, Simple Nomad,
• [USN-397-1] mono vulnerability, Kees Cook,
• [CAID 34876]: CA CleverPath Portal Session Inheritance Vulnerability, Williams, James K,
• [OpenPKG-SA-2006.041] OpenPKG Security Advisory (dbus), OpenPKG GmbH,
• NOD32 Antivirus CAB parsing Arbitrary Code Execution Advisory, security,
• Re: Oracle <= 9i / 10g File System Access via utl_file Exploit, Marco Ivaldi,
• Fun with event logs (semi-offtopic), 3APA3A,
• Microsoft Windows XP/2003/Vista memory corruption 0day, 3APA3A,
• [SECURITY] [DSA-1240-1] New links2 packages fix arbitrary shell command execution, Steve Kemp,
• Re[2]: [Full-disclosure] Fun with event logs (semi-offtopic), 3APA3A,
• Re: [Full-disclosure] Microsoft Windows XP/2003/Vista memory corruption 0day, 3APA3A,
• [ MDKSA-2006:234 ] - Updated mono packages fix vulnerability, security,
• RE: [Full-disclosure] Fun with event logs (semi-offtopic), Michele Cicciotti,
• Re: Enforcing Java Security Manager in Restricted Windows Environments?, jim,
• Re: [Full-disclosure] Fun with event logs (semi-offtopic), endrazine,
• Ixprim CMS 1.2 Remote Blind SQL Injection Exploit, gmdarkfig,
• RE: Re[2]: [Full-disclosure] Fun with event logs (semi-offtopic), Michele Cicciotti,
• Re: [Full-disclosure] Microsoft Windows XP/2003/Vista memory corruption 0day, Alexander Sotirov,
• Re: critical Flaw in Firefox 2.0.0.1 allows to steal the user passwords with a videoclip, 3APA3A,
• SQID v0.1 - SQL Inhection Digger., contact,
• [TOOL] untidy - XML Fuzzer, Andres Riancho,
• Re: Vulnerability in MG2 php based Image Gallery - bypass security, view password protected images, matthieu . paineauSTOPSPAM,
• Re: RE: Trend Micro's Vista "0day exploit auction" claim, agoodhez1,
• Re: Trend Micro's Vista "0day exploit auction" claim, Simple Nomad,
• Re: MkPortal Urlobox Cross Site Request Forgery, securityfocus,
• Re: MkPortal Urlobox Cross Site Request Forgery, securityfocus,
• [OpenPKG-SA-2006.040] OpenPKG Security Advisory (ruby), OpenPKG GmbH,
• OpenSER 1.1.0 parse_config buffer overflow vulnerability, sapheal,
• PWDumpX updated (includes CacheDump functionality), Reed Arvin,
• Re: [Full-disclosure] Microsoft Windows XP/2003/Vista memory corruption 0day, Pukhraj Singh,
• Re: Oracle Portal 10g HTTP Response Splitting, majororacle,
• RE: Enforcing Java Security Manager in Restricted Windows Environments?, Jan P. Monsch,
• Re: critical Flaw in Firefox 2.0.0.1 allows to steal the user passwords with a videoclip, Juha-Matti Laurio,
• RE: [Full-disclosure] Microsoft Windows XP/2003/Vista memory corruption 0day, Michele Cicciotti,
• Xt-News 0.1 : SQL Injection Vulnerability & XSS, mr_kaliman,
• rPSA-2006-0234-1 firefox, rPath Update Announcements,
• Oracle Applications/Portal 9i/10g Cross Site Scripting, putosoft softputo,
• Re[2]: critical Flaw in Firefox 2.0.0.1 allows to steal the user passwords with a videoclip, Thierry Zoller,
• TSLSA-2006-0074 - multi, Trustix Security Advisor,
• Re: [Full-disclosure] Oracle Portal 10g HTTP Response Splitting, putosoft softputo,
• Re: Re: [Full-disclosure] Microsoft Windows XP/2003/Vista memory corruption 0day, Mike,
• SQID v0.2 - SQL Injection Digger., contact,
• Re: Multiple Remote Vulnerabilities in KISGB, 3APA3A,
• Re: Multiple Remote Vulnerabilities in KISGB, str0ke,
• ZDI-06-052: Novell NetMail NMAP STOR Buffer Overflow Vulnerability, zdi-disclosures,
• ZDI-06-053: Novell NetMail IMAP Verb Literal Heap Overflow Vulnerability, zdi-disclosures,
• ZDI-06-054: Novell NetMail IMAP APPEND Buffer Overflow Vulnerability, zdi-disclosures,
• Efkan Forum v1.0 SqL Inj. Vuln., ShaFuq31,
• Multiple Bugs in Future Internet ( XSS & SQL Injection ), xx_hack_xx_2004,

This archive provided courtesy of JSW4.NET, Internet Hosting Services for Small Business.
The main JSW4.NET technical listserv archive and search page.
The main archive page for this list.