BugTraq@security-focus.com List Archive

• Date Index

• Re: Web 2.0 backdoors made easy with MSIE & XMLHttpRequest, Michal Zalewski
• Ublog Reload Admin Panel Multiple HTML Injections, DoZ
• [ MDKSA-2007:033 ] - Updated wireshark packages fix multiple vulnerabilities, security
• Security Advisory for Bugzilla 2.20.3, 2.22.1, and 2.23.3, mkanat
• [ MDKSA-2007:032 ] - Updated mpg123 packages fix DoS vulnerability., security
• [ MDKSA-2007:031 ] - Updated kdelibs packages fix KHTML vulnerability, security
• Re: Ipswitch WS_FTP Server 5.04 multiple arbitrary code execution vulnerabilities, Steven M. Christey
  • Re[2]: Ipswitch WS_FTP Server 5.04 multiple arbitrary code execution vulnerabilities, 3APA3A
  • <Possible follow-ups>
  • Re: Re: Ipswitch WS_FTP Server 5.04 multiple arbitrary code execution vulnerabilities, michal . bucko
• Chicken of the VNC 2.0 remote DoS, poplix
• Re: SMF "index.php?action=pm" Cross Site-Scripting, grudge
• Phishing Evolution Report Released, Carl Jongsma
• Cerulean Portal System (phpbb_root_path) Remote File Include Exploit, xorontr
• Omegaboard v1.0b4 (phpbb_root_path) Remote File Include Exploit, xorontr
• [USN-415-1] GTK vulnerability, Kees Cook
• php web portail [remote file include & local file include], saps . audit
• strange behavior on Cisco 2801, Marcin
  • Re: strange behavior on Cisco 2801, Neil Anderson
    • Sourceforge compromized?, Michael Scheidell
      • Re: Sourceforge compromized?, Eliah Kagan
      • Re: Sourceforge compromized?, Serguei A. Mokhov
      • Re: Sourceforge compromized?, Tim
      • Re: Sourceforge compromized?, Karl Schlitt
  • Re: strange behavior on Cisco 2801, Eloy Paris
• Comodo Multiple insufficient argument validation of hooked SSDT function Vulnerability, Matousec - Transparent security Research
• Ipswitch WS_FTP Server 5.04 multiple arbitrary code execution vulnerabilities, Michal Bucko
• Technika - Attack Scripting Environment, pdp (architect)
• [SECURITY] [DSA 1256-1] New gtk+2.0 packages fix denial of service, Moritz Muehlenhoff
• [ GLSA 200701-26 ] KSirc: Denial of Service vulnerability, Raphael Marichez
• BBED - Oracle Block Browser and Editor, pete
• [ GLSA 200701-28 ] thttpd: Unauthenticated remote file access, Raphael Marichez
• [ GLSA 200701-27 ] ELinks: Arbitrary Samba command execution, Raphael Marichez
• Windows Vista and unexported kernel symbols (Part II, 32bits version), Matthieu Suiche
• [SECURITY] [DSA 1255-1] New libgtop2 packages fix arbitrary code execution, Moritz Muehlenhoff
• [ECHO_ADV_63$2007] Cadre remote file inclusion, y3dips
• Cisco Security Advisory: SIP Packet Reloads IOS Devices Not Configured for SIP, Cisco Systems Product Security Incident Response Team
• 2007 Security OPUS CFP: Closed (Agenda included), Sharkey
• Oracle 10g R2 Enterprise Manager Directory Traversal, NGS Software Insight Security Research
• Remote Unauthenticated Resource Exhaustion CA Mobile BackupService, NGS Software Insight Security Research
• Remote DOS BrightStor ARCserve Backup for Laptops & Desktops, NGS Software Insight Security Research
• OWASP JBroFuzz 0.4 Fuzzer Released!, subere
• Remote Unauthenticated Code Execution II CA BrightStor ARCserve Backup for Laptops & Desktops, NGS Software Insight Security Research
• Remote Unauthenticated Code Execution CA BrightStor ARCserve Backup, NGS Software Insight Security Research
• [ MDKSA-2007:030 ] - Updated bind packages fix DoS vulnerabilities, security
• Atsphp 5.0.1 [Top Sites] [index.php] - Remote File Include, trzindan
  • Re: BOGUS: Atsphp 5.0.1 [Top Sites] [index.php] - Remote File Include, Mailinglists Address
  • Re: Atsphp 5.0.1 [Top Sites] [index.php] - Remote File Include, Casey Marshall
• EncapsCMS 0.3.6 (common_foot.php) Remote File Include, trzindan
• PhP Generic library & framework (include_path) Remote File Include Exploit, umutc4n
• rPSA-2007-0020-2 rmake, rPath Update Announcements
• Re: [Full-disclosure] S21sec-034-en: Cisco VTP DoS vulnerability, Clay Seaman-Kossmeyer
• RBL - ASP (scripts with db) SQL injection, sn0oPy . team
• COSEINC Alert: Microsoft Agent Heap Overflow Vulnerability Technical Details (Patched), Coseinc
• [DRUPAL-SA-2007-005] Drupal 4.7.6 / 5.1 fixes arbitrary code execution issue, Uwe Hermann
• Oracle - Indirect Privilege Escalation and Defeating Virtual Private Databases, David Litchfield
• RBL - ASP (scripts with db) SQL injection, sn0oPy . team
• VII National Computer and Information Security Conference ACIS 2007 - COLOMBIA, Jeimy Cano
• Re: Cross-site Scripting with Local Privilege Vulnerability in Yahoo Messenger, 3B.Security Researcher
• Re: Re: Oracle Buffer Overflows in DBMS_CAPTURE_ADM_INTERNAL, shatter
• [ GLSA 200701-25 ] X.Org X server: Multiple vulnerabilities, Matthias Geerdsen
• Arbitrary Code Execution in SQL-Ledger and LedgerSMB through redirects, Chris Travers
• Re: Windows logoff bug possible security vulnerability and exploit., Rage Coder
• Re: stompy the session stomper - tool availability, Rogan Dawes
  • Re: stompy the session stomper - tool availability, Michal Zalewski
  • <Possible follow-ups>
  • Re: stompy the session stomper - tool availability, Michal Zalewski
• AdMentor (banners) admin SQL injection, sn0oPy . team
• gnopaste <= 0.5.3 (index.php) Remote File Include Vulnerability, trzindan
  • Re: gnopaste <= 0.5.3 (index.php) Remote File Include Vulnerability, Francesco Laurita
• Phorum HTML Injection Vulnerability, DoZ
  • <Possible follow-ups>
  • Re: Phorum HTML Injection Vulnerability, brian
• Defeating CAPTCHAs via Averaging, noreply9871234
  • Re: Defeating CAPTCHAs via Averaging, Alexander Klimov
    • Re: Defeating CAPTCHAs via Averaging, Fred Leeflang
      • Re: Defeating CAPTCHAs via Averaging, Lou Katz
      • Re: Defeating CAPTCHAs via Averaging, Andreas Beck
• CVSTrac 2.0.0 Denial of Service (DoS) vulnerability, Ralf S. Engelschall
• [OpenPKG-SA-2007.008] OpenPKG Security Advisory (cvstrac), OpenPKG GmbH
• Re: local Calendar System v1.1 (lcStdLib.inc) Remote File Include, Stefano Zanero
  • Re: local Calendar System v1.1 (lcStdLib.inc) Remote File Include, Gadi Evron
    • Re: local Calendar System v1.1 (lcStdLib.inc) Remote File Include, Stefano Zanero
    • Re: local Calendar System v1.1 (lcStdLib.inc) Remote File Include, Simple Nomad
      • Re: local Calendar System v1.1 (lcStdLib.inc) Remote File Include, Gadi Evron
• Fake: Open Conference Systems = 2.8.2 Remote File Inclusion, bzhbfzj3001
  • Re: Fake: Open Conference Systems = 2.8.2 Remote File Inclusion, Michał Melewski
    • Re: Fake: Open Conference Systems = 2.8.2 Remote File Inclusion, Michał Melewski
    • Re: Fake: Open Conference Systems = 2.8.2 Remote File Inclusion, bzhbfzj3001
• Re: Dexia website security alert, Thierry Zoller
• Xt-Stats v.2.4.0.b3 - Remote File Include Vulnerabilities, h4cked . eg
• Internet Explorer 7 ActiveX bgColor property NULL pointer dereference (DoS), Alexander Sotirov
• MDPro 1.0.76 - Multiple Remote Vulnerabilities, adexior
• [SECURITY] [DSA 1254-1] New bind9 packages fix denial of service, Moritz Muehlenhoff
• [OpenPKG-SA-2007.007] OpenPKG Security Advisory (bind), OpenPKG GmbH
• Re: Open Conference Systems = 2.8.2 Remote File Inclusion, Michał Melewski
  • <Possible follow-ups>
  • Re: Open Conference Systems = 2.8.2 Remote File Inclusion, Stefano Zanero

This archive provided courtesy of JSW4.NET, Internet Hosting Services for Small Business.
The main JSW4.NET technical listserv archive and search page.
The main archive page for this list.