BugTraq@security-focus.com List Archive

• Date Index

• rPSA-2007-0029-1 ImageMagick, rPath Update Announcements
• rPSA-2007-0028-1 gd, rPath Update Announcements
• ZDI-07-007: HP Mercury LoadRunner Agent Stack Overflow Vulnerability, zdi-disclosures
• TFTP directory traversal in Kiwi CatTools, Nicob
• Multiple vulnerabilities in SAP WebAS 6.40 and 7.00 (technical details), Nicob
• [security bulletin] HPSBMA02190 SSRT071300 rev.1 - HP OpenView Storage Data Protector, Local Execution of Arbitrary Code, security-alert
• [security bulletin] HPSBGN02187 SSRT061280 rev.1 - Mercury LoadRunner, Performance Center, Monitor over Firewall, Remote Unauthenticated Arbitrary Code Execution, security-alert
• rPSA-2007-0025-2 postgresql postgresql-server, rPath Update Announcements
• Re: Defeating CAPTCHAs via Averaging, noreply9871234
• remote file include in whm (all version), ali
  • Re: remote file include in whm (all version), Mailinglists Address
• Ability to inject and execute any code as root in SysCP, flo
• [ MDKSA-2007:039 ] - Updated gtk+2.0 packages address DoS, LSB issues, several bugs, security
• iDefense Security Advisory 02.07.07: Trend Micro AntiVirus UPX Parsing Kernel Buffer Overflow Vulnerability, iDefense Labs
• iDefense Security Advisory 02.07.07: RARLabs Unrar Password Prompt Buffer Overflow Vulnerability, iDefense Labs
• [ MDKSA-2007:040 ] - Updated kernel packages fix multiple vulnerabilities and bugs, security
• iDefense Security Advisory 02.07.07: Trend Micro TmComm Local Privilege Escalation Vulnerability, iDefense Labs
• XLNC1 Radio Classical Music Nuke Portal Remote File Inc. Vuln., gokhankaya
• rPSA-2007-0026-1 samba samba-swat, rPath Update Announcements
• [SECURITY] [DSA 1258-1] New Mozilla Firefox packages fix several vulnerabilities, Martin Schulze
• [ MDKSA-2007:038 ] - Updated php packages to address multiple issues, security
• [ MDKSA-2007:037 ] - Updated postgresql packages address multiple vulnerabilities, security
• [ MDKSA-2007:036 ] - Updated libwmf packages fix embedded gd DoS vulnerability., security
• [ MDKSA-2007:035 ] - Updated gd packages fix DoS vulnerability., security
• Medium level security hole in FreeProxy, Tim Brown
• MySQLNewsEngine (affichearticles.php3) Remote File Inc. Vuln., gokhankaya
• [USN-417-2] PostgreSQL 8.1 regression, Martin Pitt
• VBulletin AdminCP Index.PHP Multiple Cross-Site Scripting Vulnerability, DoZ
  • <Possible follow-ups>
  • Re: VBulletin AdminCP Index.PHP Multiple Cross-Site Scripting Vulnerability, kier
• [USN-419-1] Samba vulnerabilities, Kees Cook
• [USN-420-1] KDE library vulnerability, Kees Cook
• [security bulletin] HPSBUX02181 SSRT061289 rev.2 - HP-UX Running IPFilter, Remote Unauthorized Denial of Service (DoS), security-alert
• rPSA-2007-0025-1 postgresql postgresql-server, rPath Update Announcements
• PS Information Leak on HP True64 Alpha OSF1 v5.1 1885, Andrea \"bunker\" Purificato
  • Re: [Full-disclosure] PS Information Leak on HP Tru64 Alpha OSF1 v5.1 1885, Andrea \"bunker\" Purificato
• [USN-418-1] Bind vulnerabilities, Kees Cook
• Unofficial SQL-Ledger patch for CVE-2007-0667, Chris Travers
• Firefox 2.0.0.1 and Opera 9.10 Anty Fraud/Phishing Protection bypass., Kanedaaa Bohater
• Sql injection bugs in Joomla and Mambo, Omid
• Sql injection bugs in Virtuemart and Letterman, Omid
• Firefox + popup blocker + XMLHttpRequest + srand() = oops, Michal Zalewski
  • Re: [Full-disclosure] Firefox + popup blocker + XMLHttpRequest + srand() = oops, pdp (architect)
    • Re: [Full-disclosure] Firefox + popup blocker + XMLHttpRequest + srand() = oops, Michal Zalewski
• iDefense Security Advisory 02.02.07: Blue Coat Systems WinProxy CONNECT Method Heap Overflow Vulnerability, iDefense Labs
• [USN-417-1] PostgreSQL vulnerabilities, Martin Pitt
• Uphotogallery Multiple Cross-Site Scripting Vulnerability, DoZ
• [ MDKSA-2007:034 ] - Updated samba packages address multiple vulnerabilities, security
• Mina Ajans Script Remote File Inclusion Vuln., canberx
• rPSA-2007-0023-1 tshark wireshark, rPath Update Announcements
• Les News v2.2 [Admin news without password], sn0oPy . team
• [SECURITY] [DSA 1257-1] New samba packages fix several vulnerabilities, Moritz Muehlenhoff
• Sql injection bugs in PHP-Nuke, Omid
• Re: Web 2.0 backdoors made easy with MSIE & XMLHttpRequest, Amit Klein
• [SAMBA-SECURITY] CVE-2007-0454: Format string bug in afsacl.so VFS plugin, Gerald (Jerry) Carter
• Cold Fusion Web Server XSS 0 day, digi7al64
• Re: local Calendar System v1.1 (lcStdLib.inc) Remote File Include, Steven M. Christey
• dvddb-0.6 media remote file include vuln., gokhankaya
• [SAMBA-SECURITY] CVE-2007-0453: Buffer overrun in nss_winbind.so.1 on Solaris, Gerald (Jerry) Carter
• [SAMBA-SECURITY] CVE-2007-0452: Potential DoS against smbd in Samba 3.0.6 - 3.0.23d, Gerald (Jerry) Carter
• TSLSA-2007-0005 - multi, Trustix Security Advisor
• Jetty Session ID Prediction, NGSSoftware Insight Security Research
  • Re: Jetty Session ID Prediction, Amit Klein
  • Re: Jetty Session ID Prediction, Michal Zalewski
    • Re: Jetty Session ID Prediction, Amit Klein
      • Re: Jetty Session ID Prediction, Michal Zalewski
  • <Possible follow-ups>
  • Re: Jetty Session ID Prediction, Chris Anley
    • Re: Jetty Session ID Prediction, Amit Klein
      • Re: Jetty Session ID Prediction, Chris Anley
    • Re: Jetty Session ID Prediction, Michal Zalewski
• flashChat 4.7.8 Cross Site Scripting Vulnerability, binaryloc
• Wap Portal Serve 1.* <= Remote File Inclusion, stormhacker
• dvddb-0.6 media sql-inj. vuln., gokhankaya
  • Re: dvddb-0.6 media sql-inj. vuln., str0ke
• Sql injection bugs in Xoops 2.0.16 + Weblinks module, Omid
• Adrenalin's ASP Chat XSS, sn0oPy . team
• MysearchEngine XSS, sn0oPy . team
• Vmare workstation guest isolation weaknesses (clipboard transfer), suppressed

This archive provided courtesy of JSW4.NET, Internet Hosting Services for Small Business.
The main JSW4.NET technical listserv archive and search page.
The main archive page for this list.