BugTraq@security-focus.com List Archive
- Spooky Login Multiple HTML Injection Vulnerability,
DoZ,
- WinZip10.0 FileView ActiveX Controls CreateNewFolderFromName Method Buffer overflow,
76693223,
- Re: PocketPC MMS - Remote Code Injection/Execution Vulnerability and Denial-of-Service,
Collin R. Mulliner,
- Rediff Bol Downloader Allows Downloading and Spawning Arbitary Files,
gregory_panakkal,
- WinZip FileView ActiveX controls CreateNewFolderFromName Method Buffer Overflow Vulnerability,
76693223,
- PHPIrc_bot <= Remote File Include,
zooz_998,
- vBulletin vCard PRO XSS,
exexp,
- Re: PlatinumFTP 1.0.18 remote DoS,
info,
- [NGSEC] ngGame #3 - BrainStorming,
suppressed,
- BattleBlog Database Download Vulnerability,
Advisory,
- Kerio Fake 'iphlpapi' DLL injection Vulnerability,
Matousec - Transparent security Research,
- Re: PHP as a secure language? PHP worms? [was: Re: new linux malware],
Bill Nash,
- golden book XSS,
sn0oPy . team,
- rblog Database Download Vulnerability,
Advisory,
- ATMEL Linux PCI PCMCIA USB Drivers arbitrary code execution,
sapheal,
- Re: PHP as a secure language? PHP worms? [was: Re: new linux malware],
Kevin Waterson,
- [OpenPKG-SA-2007.001] OpenPKG Security Advisory (cacti),
OpenPKG GmbH,
- AShop Shopping Cart Multiple XSS Vulnerabilities,
DoZ,
- Mozilla Firefox 2.0 denial of service vulnerability,
sapheal,
- Re: Mozilla Firefox 2.0 denial of service vulnerability,
Jeroen Massar,
- Re: PHP as a secure language? PHP worms? [was: Re: new linux malware],
Tino Wildenhain,
- Re: Re: Mozilla Firefox 2.0 denial of service vulnerability,
sapheal,
- Re: XSS with Vbulletin (new idea !),
marco . van . herwaarden,
- RE: PHP as a secure language? PHP worms? [was: Re: new linux malware],
Jim Harrison,
- Re: PHP as a secure language? PHP worms? [was: Re: new linux malware],
Dana Hudes,
- Re: PHP as a secure language? PHP worms? [was: Re: new linux malware],
Chad Maron,
- RE: PHP as a secure language? PHP worms? [was: Re: new linux malware],
Jim Harrison,
- Dailymotion password reset vulnerability,
daftrix,
- Welcome to Pwndertino...,
K F (lists),
- Re: [Full-disclosure] simplog 0.9.3.2 SQL injection,
str0ke,
- Re: [Full-disclosure] simplog 0.9.3.2 SQL injection,
Javor Ninov,
- FreeRadius 1.1.3 SMB_Handle_Type SMB_Connect_Server arbitrary code execution,
sapheal,
- lblog Remote Password Disclosure,
Advisory,
- Re: PHP as a secure language? PHP worms? [was: Re: new linux malware],
Kevin Waterson,
- Openforum Remote password Disclosure,
Advisory,
- Re: PHP as a secure language? PHP worms? [was: Re: new linux malware],
Darren Reed,
- Re: PHP as a secure language? PHP worms?,
Duncan Simpson,
- AspBB Remote Password Disclosure,
Advisory,
- RE: PHP as a secure language? PHP worms? [was: Re: new linux malware],
Jim Harrison,
- RE: PHP as a secure language? PHP worms?,
Jim Harrison,
- Re: PHP as a secure language? PHP worms? [was: Re: new linux malware],
Dana Hudes,
- Windows Vista 64bits and unexported kernel symbols,
Matthieu Suiche,
- [ MDKSA-2007:001 ] - Update libmodplug packages fix buffer overflow vulnerabilities,
security,
- Nuked Klan <= 1.7 Remote Cookie Disclosure Exploit,
kadaj-diabolik,
- rPSA-2006-0234-2 firefox thunderbird,
rPath Update Announcements,
- Windows NT Message Compiler 1.00.5239 arbitrary code execution,
sapheal,
- Re: PHP as a secure language? PHP worms? [was: Re: new linux malware],
Darren Reed,
- [ MDKSA-2007:002 ] - Updated kernel packages fix multiple vulnerabilities and bugs,
security,
- Re: SoftArtisans FileUp(TM) viewsrc.asp remote script source disclosure exploit,
wihl,
- Whos Johny Pwnerseed?,
K F,
- Re: [USN-398-1] Firefox vulnerabilities,
Scott,
- Re: Windows Vista 64bits and unexported kernel symbols,
Rik van Riel,
- GuestBook v0.3a Remote Password Disclosure,
Advisory,
- Re: Windows NT Message Compiler 1.00.5239 arbitrary code execution,
3APA3A,
- Universal XSS with PDF files: highly dangerous,
pdp (architect),
- openmedia local read file,
exe_crack,
- Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous,
Amit Klein,
- Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous,
sven . vetsch,
- [USN-399-1] w3m vulnerabilities,
Kees Cook,
- Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous,
pdp (architect),
- Adobe Acrobat Reader Plugin - Multiple Vulnerabilities,
Stefano Di Paola,
- Hacking AJAX DWR Applications,
shulman,
- Re: Universal XSS with PDF files: highly dangerous,
ascii,
- WineGlass "data.mdb" Remote Password Disclosure,
Advisory,
- OpenPinboard <= Remote File Include,
zooz_998,
- Black Hat New Years Updates (Free Stuff, too!),
Jeff Moss,
- WineGlass "data.mdb" Remote Password Disclosure,
Advisory,
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco Clean Access,
Cisco Systems Product Security Incident Response Team,
- [USN-398-1] Firefox vulnerabilities,
Kees Cook,
- Re: FreeRadius 1.1.3 SMB_Handle_Type SMB_Connect_Server arbitrary code execution,
3APA3A,
- Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous,
Amit Klein,
- Re: Windows NT Message Compiler 1.00.5239 arbitrary code execution,
chinese soup,
- Simple Web Content Management System SQL Injection Exploit,
gmdarkfig,
- [USN-398-2] Firefox vulnerabilities,
Kees Cook,
- Re: OpenPinboard <= Remote File Include,
Stefano Zanero,
- Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous,
pdp (architect),
- Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous,
RSnake,
- Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous,
Dave Ferguson,
- Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous,
pdp (architect),
- Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous,
Amit Klein,
- Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous,
pdp (architect),
- Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous,
Jean-Jacques Halans,
- jgbbs,
dr . t3rr0r1st,
- a cheesy Apache / IIS DoS vuln (+a question),
Michal Zalewski,
- RE: [WEB SECURITY] Universal XSS with PDF files: highly dangerous,
Larry Seltzer,
- Re: a cheesy Apache / IIS DoS vuln (+a question),
William A. Rowe, Jr.,
- Re: a cheesy Apache / IIS DoS vuln (+a question),
Michal Zalewski,
- Re: [Full-disclosure] Universal XSS with PDF files: highly dangerous,
Juha-Matti Laurio,
- CFP for RAID 2007,
Jeffrey Horton,
- Re: a cheesy Apache / IIS DoS vuln (+a question),
William A. Rowe, Jr.,
- Re: a cheesy Apache / IIS DoS vuln (+a question),
Michal Zalewski,
- Re: OpenSER OSP Module remote code execution,
bogdan,
- Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous,
bugtraq,
- Re: SMS handling OpenSER remote code executing,
bogdan,
- Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous,
Jim Manico,
- 23C3 - Bluetooth hacking revisted [Summary and Code],
Thierry Zoller,
- Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous,
RSnake,
- LS-20061102 - Business Objects Crystal Reports XI Professional Stack Overflow Vulnerability,
advisories,
- MkPortal "All Guests are Admin" Exploit,
info,
- Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous,
pdp (architect),
- [vuln.sg] PowerArchiver PAISO.DLL Buffer Overflow Vulnerability,
vulnpost-remove,
- Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous,
HASEGAWA Yosuke ,
- Re: a cheesy Apache / IIS DoS vuln (+a question),
Siim Põder,
- Re: a cheesy Apache / IIS DoS vuln (+a question),
Pieter de Boer,
- Universal PDF XSS After Party,
pdp (architect),
- RE: [Full-disclosure] Universal XSS with PDF files: highly dangerous,
Larry Seltzer,
- Re: Universal XSS with PDF files: highly dangerous,
Thierry Zoller,
- Re: RE: [Full-disclosure] Universal XSS with PDF files: highly dangerous,
Juha-Matti Laurio,
- Re: PHP as a secure language? PHP worms? [was: Re: new linux malware],
Lawrence Paul MacIntyre,
- RE: PHP as a secure language? PHP worms? [was: Re: new linux malware],
Jim Harrison,
- Re: [Full-disclosure] Universal PDF XSS After Party(posible solution),
Darren Bounds,
- Re: PHP as a secure language? PHP worms? [was: Re: new linux malware],
Bill Nash,
- SAP Security Contact,
Mark Litchfield,
- Re: PHP as a secure language? PHP worms? [was: Re: new linux malware],
Ronald Chmara,
- [ GLSA 200701-01 ] DenyHosts: Denial of Service,
Raphael Marichez,
- Re: [WEB SECURITY] RE: Universal PDF XSS After Party(posible solution),
RSnake,
- Wordpress <= 2.x dictionnary & Bruteforce attack,
kadaj-diabolik,
- Re: [WEB SECURITY] RE: [Full-disclosure] Universal XSS with PDF files: highly dangerous,
RSnake,
- Re: a cheesy Apache / IIS DoS vuln (+a question),
Rob Sherwood,
- [ GLSA 200701-02 ] Mozilla Firefox: Multiple vulnerabilities,
Raphael Marichez,
- Correction (High Risk Vulnerability in the OpenOffice and StarOffice Suites),
NGSSoftware Insight Security Research,
- [ GLSA 200701-03 ] Mozilla Thunderbird: Multiple vulnerabilities,
Raphael Marichez,
- Re: [VulnWatch] High Risk Vulnerability in the OpenOffice and StarOffice Suites,
Florian Weimer,
- Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous,
Rude Yak,
- Re: [VulnWatch] High Risk Vulnerability in the OpenOffice and StarOffice Suites,
David Litchfield,
- RE: [WEB SECURITY] Universal XSS with PDF files: highly dangerous,
RSnake,
- High Risk Vulnerability in the OpenOffice and StarOffice Suites,
NGSSoftware Insight Security Research,
- RE: [WEB SECURITY] Universal XSS with PDF files: highly dangerous,
Martin O'Neal,
- Concurrency strikes MSIE (potentially exploitable msxml3 flaws),
Michal Zalewski,
- DMA[2007-0104a] - 'iLife iPhoto Photocasing Format String Vulnerability',
K F (lists),
- Re: a cheesy Apache / IIS DoS vuln (+a question),
Michal Zalewski,
- RE: Universal PDF XSS After Party(posible solution),
Noe Espinoza M.,
- RE: [Full-disclosure] Concurrency strikes MSIE (potentially exploitablemsxml3 flaws),
Larry Seltzer,
- [USN-398-3] Firefox theme regression,
Kees Cook,
- Perforce client: security hole by design,
Ben Bucksch,
- SAP Security,
Mark Litchfield,
- Re: Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous,
rudeyak,
- CMS Made Simple non-permanent XSS,
nanoymaster,
- RE: [Full-disclosure] Concurrency strikes MSIE (potentially exploitablemsxml3 flaws),
Michal Zalewski,
- Re: [VulnWatch] High Risk Vulnerability in the OpenOffice and StarOffice Suites,
Pete Connolly,
- [USN-401-1] D-Bus vulnerability,
Kees Cook,
- [USN-400-1] Thunderbird vulnerabilities,
Kees Cook,
- MkPortal Admin XSS,
info,
- IG Shop remote code execution,
asdfj38,
- IG Calendar SQL Injection,
asdfj38,
- Uber Uploader 4.2 Arbitrary File Upload Vulnerability,
null_hack,
- Intranet Open Source Remote Password Disclosure "intranet.mdb",
Advisory,
- Advisory 02/2007: WordPress Trackback Charset Decoding SQL Injection Vulnerability,
Stefan Esser,
- Coppermine Photo Gallery <= 1.4.10 SQL Injection Exploit,
gmdarkfig,
- iDefense Security Advisory 01.05.07: Opera Software Opera Web Browser createSVGTransformFromMatrix Object Typecasting Vulnerability,
iDefense Labs,
- [DRUPAL-SA-2007-001] Drupal 4.6.11 / 4.7.5 fixes XSS issue,
Uwe Hermann,
- RI Blog 1.3 XSS Vuln.,
ShaFuq31,
- [DRUPAL-SA-2007-002] Drupal 4.6.11 / 4.7.5 fixes DoS issue,
Uwe Hermann,
- Re: SAP Security Contact,
Fritz . Bauspiess,
- Advisory 01/2007: WordPress CSRF Protection XSS Vulnerability,
Stefan Esser,
- Multiple bugs in EditTag,
nj,
- [USN-402-1] Avahi vulnerability,
Kees Cook,
- Flog 1.1.2 Remote Admin Password Disclosure,
corrado . liotta,
- iDefense Security Advisory 01.05.07: Opera Software Opera Web Browser JPG Image DHT Marker Heap Corruption Vulnerability,
iDefense Labs,
- Kolayindir Download (Yenionline) (tr) SqL Injection Vuln.,
ShaFuq31,
- [OpenPKG-SA-2007.002] OpenPKG Security Advisory (bzip2),
OpenPKG GmbH,
- ZDI-07-001: QUALCOMM Eudora WorldMail Remote Management Heap Overflow Vulnerability,
zdi-disclosures,
- iDefense Security Advisory 01.05.07: Kaspersky Antivirus Scan Engine PE File Denial of Service Vulnerability,
iDefense Labs,
- Re: SAP Security Contact,
Thor (Hammer of God),
- fetchmail security announcement 2006-03 (CVE-2006-5974),
Matthias Andree,
- fetchmail security announcement 2006-02 (CVE-2006-5867),
Matthias Andree,
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco Secure Access Control Server,
Cisco Systems Product Security Incident Response Team,
- ohhASP Remote Password Disclosure,
Advisory,
- Yet Another Link Directory v1.0,
lunY,
- [OpenPKG-SA-2007.003] OpenPKG Security Advisory (drupal),
OpenPKG GmbH,
- [OpenPKG-SA-2007.004] OpenPKG Security Advisory (fetchmail),
OpenPKG GmbH,
- Fix & Chips CMS v1.0,
luny,
- shopstorenow (orange.asp) sql injection,
emel_gw_ini,
- FON Router allows anonymous web access,
l . friedrichs,
- [OpenPKG-SA-2007.005] OpenPKG Security Advisory (wordpress),
OpenPKG GmbH,
Mail converted by MHonArc
This archive provided courtesy of JSW4.NET, Internet Hosting Services for Small Business.
The main JSW4.NET technical listserv archive and search page.
The main archive page for this list.