Bugtraq: by date
RSS Feed
About List
All Lists
Previous period
699 messages
starting May 01 06 and
ending May 31 06
Date index |
Thread index |
Author index
Monday, 01 May
DMCounter Remote File Include beford
[ GLSA 200605-01 ] MPlayer: Heap-based buffer overflow Sune Kloppenborg Jeppesen
JMK's Picture Gallery admin login alp_eren
planetGallery admin login tugr
free-php.net Poll 1.0 admin login tugr
Secunia Research: WinHKI unacev2.dll Buffer Overflow Vulnerability Secunia Research
[SECURITY] [DSA 1048-1] New Asterisk packages fix arbitrary code execution Martin Schulze
Re: Apple Mac OS X Safari 2.0.3 Vulnerability buggy
[SECURITY] [DSA 1047-1] New resmgr packages fix unauthorised access Martin Schulze
Image file crashes Finder, Safari and other apps cmertes
Thyme 1.3 Cross Site Scripting outlaw
4images<-- 1.7.1 SQL Injection CrAzY . CrAcKeR
Invision Power Board v2.1.5 Remote SQL Injection o . y . 6
OpenBB 1.0.8 Full Path Disclosure o . y . 6
Poll: Emerging Threats Jon R. Kibler
RE: Poll: Emerging Threats H Alsaleh
I-RATER Platinum Remote File Inclusion exploit Cod3d by R@1D3N AminRayden
CoolMenus Event Remote File Inclusion exploit AminRayden
XINE format string bugs when handling non existen file king_purba
Blog Mod <= 0.2.x SQL Injection qex
Re: CoolMenus Event Remote File Inclusion exploit Steven M. Christey
RE: Oracle 10g 10.2.0.2.0 DBA exploit putosoft softputo
Tuesday, 02 May
FTP Fuzzer infocus
VHCS --- Virtual Hosting Control System Cross Site Scripting outlaw
[ MDKSA-2006:080 ] - Updated clamav packages fix vulnerability security
JSBoard XSS vulnerability Alexander Klink
Cisco Security Advisory: Cisco Unity Express Expired Password Reset Privilege Escalation Cisco Systems Product Security Incident Response Team
X7 Chat <=2.0 remote commands execution rgod
[SECURITY] [DSA 1049-1] New Ethereal packages fix several vulnerabilities Martin Schulze
zenphoto Multiple Path Disclosure and Cross Site Scripting Vulnerabilities raphael . huck
Ejabberd : Symlink vulnerability during installation process Julien L.
geoBlog Mutiple XSS Vulnerability admin
sBlog SQL Injection and Path Disclosure Vulnerability admin
Cmscout <= V1.10 multiple XSS attack vectors zerogue
SF-Users V1.0 XSS injection zerogue
FileProtection Express <= 1.0.1 authentification bypass zerogue
Russcom.net Loginphp multiple vulnerabilties zerogue
TyroCms beta V1.0 multiple XSS injections zerogue
Invision Gallery 2.0.6 ( SQL Injection ) o . y . 6
Oracle, where are the patches??? David Litchfield
MySQL Anonymous Login Handshake - Information Leakage. Stefano Di Paola
MySQL COM_TABLE_DUMP Information Leakage and Arbitrary command execution. Stefano Di Paola
[ GLSA 200605-02 ] X.Org: Buffer overflow in XRender extension Sune Kloppenborg Jeppesen
[ GLSA 200605-03 ] ClamAV: Buffer overflow in Freshclam Sune Kloppenborg Jeppesen
[ GLSA 200605-04 ] phpWebSite: Local file inclusion Sune Kloppenborg Jeppesen
RE: Oracle, where are the patches??? Kornbrust, Alexander
Wednesday, 03 May
[ MDKSA-2006:081 ] - Updated xorg-x11 packages fix vulnerability security
[USN-276-1] Thunderbird vulnerabilities Martin Pitt
Quagga RIPD unauthenticated route table broadcast Konstantin V. Gavrilenko
Re: Quagga RIPD unauthenticated route injection Paul Jakma
SUSE Security Announcement: xorg-x11-server (SUSE-SA:2006:023) Ludwig Nussel
Dynamic Evaluation Vulnerabilities in PHP applications Steven M. Christey
[SECURITY] [DSA 1050-1] New ClamAV packages fix denial of service or arbitrary code execution Martin Schulze
[USN-277-1] TIFF library vulnerabilities Martin Pitt
Re: FTP Fuzzer Alexey Biznya
Quagga RIPD unauthenticated route injection Konstantin V. Gavrilenko
[USN-278-1] gdm vulnerability Martin Pitt
Vulnerability in the way Ultr@VNC-1.0.1 handles MS-Logon Authentication. gdehanot
OpenVPN 2.0.7 and below: Remote OpenVPN Management Interface Flaw c0redump
BankTown's ActiveX Buffer Overflow Vulnerability Alex Park
[USN-279-1] libnasl/nessus vulnerability Martin Pitt
[ MDKSA-2006:082 ] - Updated libtiff packages fix vulnerabilities security
Re: OpenVPN 2.0.7 and below: Remote OpenVPN Management Interface Flaw David F. Skoll
Re: Ejabberd : Symlink vulnerability during installation process mickael . remond
Thursday, 04 May
[SECURITY] [DSA 1051-1] New Mozilla Thunderbird packages fix several vulnerabilities Martin Schulze
[security bulletin] HPSBUX02108 SSRT061133 rev.10 - HP-UX running Sendmail, Remote Execution of Arbitrary Code security-alert
ISA Server 2004 Log Manipulation beSIRT
Re: Invision Power Board v2.1.5 Remote SQL Injection mattmecham
[REWTERZ-20060504] - Sami FTP Server Remote Buffer Overflow Vulnerability rewterz
Re: Invision Gallery 2.0.6 ( SQL Injection ) mattmecham
CuteGuestbook XSS attack omnipresent
PunBB 1.2.11 Cross-Site Scripting o . y . 6
zawhttpd - Buffer Overflow Kamil Sienicki
[REWTERZ-20060503] XM Easy Personal FTP Server Remote Buffer Overflow Vulnerability rewterz
Fast Click SQL Lite <= 1.1.3 Remote File Inclusion Aminrayden
Fast Click <= 2.3.8 Remote File Inclusion Aminrayden
321soft PhP Gallery 0.9 - directory travel & XSS d4igoro
[USN-281-1] Linux kernel vulnerabilities Martin Pitt
[USN-280-1] X.org server vulnerability Martin Pitt
libero.it XSS vulnerability - HTML injection Davide Denicolo
Panda Antivirus Enterprise Secure, Norton Antivirus 2005 and the virus "I Love You" Joxean Koret
bigwebmaster guestbook multiply XSS Javor Ninov
Re: gcc 4.1 bug miscompiles pointer range checks, may place you at risk leonleon77
Re: [Full-disclosure] RE: Oracle, where are the patches??? Cesar
Re: Dynamic Evaluation Vulnerabilities in PHP applications Michael Schlenker
Re: OpenVPN 2.0.7 and below: Remote OpenVPN Management Interface Flaw Joachim Schipper
foreseeing (cough) critical problems futile? (was: Oracle, where are the patches???) Michael Shigorin
Friday, 05 May
WebCalendar User Account Enumeration Weakness David Maciejak
modules name(Sections)SQL Injection Exploit Mster-X
modules name(Downloads)SQL Injection Exploit Mster-X
CuteNews 1.4.1 Multiple vulnerabilities k4p0k4p0
Re: OpenVPN 2.0.7 and below: Remote OpenVPN Management Interface Flaw Kurt Seifried
[ MDKSA-2006:081-1 ] - Updated xorg-x11 packages fix vulnerability security
Re: ISA Server 2004 Log Manipulation Steven M. Christey
SaPHPLesson 3.0 Multbugs o . y . 6
Re: ISA Server 2004 Log Manipulation beSIRT
Invision Community Blog .. Bugs o . y . 6
Re: WebCalendar User Account Enumeration Weakness David Maciejak
Cryptomathic ActiveX Buffer Overflow (TDC Digital signature) CIRT.DK Advisory
TSLSA-2006-0024 - multi Trustix Security Advisor
Saturday, 06 May
[ GLSA 200605-05 ] rsync: Potential integer overflow Sune Kloppenborg Jeppesen
OpenFAQ - HTML injection and XSS (Cross Site Scripting) Kamil Sienicki
JetBox CMS Remote File Include beford
ChipmunkBlogger improper input sanitizing zerogue
ChipmunkBoard Multiple Attack vectors zerogue
FlexCustomer <= 0.0.4 sql injection zerogue
myBloggie <= 2.1.3 XSS zerogue
PassMasterFlex (and PassMasterFlex+) XSS injection zerogue
[ GLSA 200605-06 ] Mozilla Firefox: Potential remote code execution Thierry Carrez
VisionSource CMS <= 0.6 XSS vectors zerogue
WebsiteBaker CMS lack of sanitizing zerogue
X7Chat <= 2.0.2 avatar XSS injection zerogue
Re: DB_eSession deleteSession() SQL injection interact
Alexadex.com players.py XSS Exploit skinnypuppy
Re: gcc 4.1 bug miscompiles pointer range checks, may place you at risk Tonnerre Lombard
Intel wireless service s24evmon.exe confidential information disclosure. ruben
Re: Re: Invision Gallery 2.0.6 ( SQL Injection ) an0n
phpBB 2.0.20 Full Path Disclosure and SQL Errors cxib
Firefox 1.5.0.3 code execution exploit yesn
Re: ISA Server 2004 Log Manipulation Shaun Colley
Idle scan rediscovered!!! Joel Jose
URL Bug On 1ASPHost and DomainDLX Hosting Services spymeta
Re: OpenVPN 2.0.7 and below: Remote OpenVPN Management Interface Flaw c0redump
Re: ISA Server 2004 Log Manipulation Thor (Hammer of God)
Monday, 08 May
X-POLL admin By-Pass alp_eren
Limbo CMS (option=weblinks) SQL injection exploit SnoBMSN
Phil's Bookmark script admin By-pass alp_eren
OpenEngine (PHP CMS) ck
[KAPDA] MyBB1.1.1~Email Verification in User Activation ~SQL Injection Attack addmimistrator
[ GLSA 200605-07 ] Nagios: Buffer overflow Sune Kloppenborg Jeppesen
AngelineCMS Multiple Vulnerabilities admin
Re: BankTown's ActiveX Buffer Overflow Vulnerability lkh1348
[SECURITY] [DSA 1052-1] New cgiirc packages fix arbitrary code execution Martin Schulze
CAID 34013 - CA Common Services CAIRIM on z/OS LMP SVC vulnerability Williams, James K
Dokeos Learning Management System 1.6.4 Remote File Include beford
Multiple Vulnerabilities In IdealBB ASP Bulletin Board CodeScan Labs
Claroline Open Source e-Learning 1.7.5 Remote File Include beford
singapore v0.9.7 XSS Vulnerabilities alp_eren
INFIGO-2006-05-03: Multiple FTP Servers vulnerabilities infocus
[Kurdish Security # 4] phpRaid Remote File Include Vulnerability (PHPBB) botan
[Kurdish Security # 5] phpRaid Remote File Include [SMF] botan
Re: Invision Community Blog .. Bugs mattmecham
[USN-282-1] Nagios vulnerability Martin Pitt
[USN-283-1] MySQL vulnerabilities Martin Pitt
Secunia Research: TZipBuilder ZIP File Handling Buffer Overflow Vulnerability Secunia Research
Secunia Research: Anti-Trojan unacev2.dll Buffer Overflow Vulnerability Secunia Research
[ GLSA 200605-08 ] PHP: Multiple vulnerabilities Thierry Carrez
[ GLSA 200605-09 ] Mozilla Thunderbird: Multiple vulnerabilities Thierry Carrez
VSR Advisory: WebSense content filter bypass when deployed in conjunction with Cisco filtering devices VSR Advisories
ZDI-06-012: Sophos Anti-Virus CAB Unpacking Code Execution Vulnerability zdi-disclosures
Unfiltered Header Injection in Apache 1.3.34/2.0.57/2.2.1 Zaninotti, Thiago
PHPFusion <= v6.00.306 avatar mod_mime arbitrary file upload & local inclusion vulnerabilities rgod
[MajorSecurity] phpListPro <= 2.01 - Multiple Remote File Include Vulnerability admin
SYMSA-2006-003: Cisco Secure ACS for Windows - Administrator Password Disclosure research
VSR Advisory: WebSense content filter bypass when deployed in conjunction with Cisco filtering devices Matthew Cerha
Re: SYMSA-2006-003: Cisco Secure ACS for Windows - Administrator Password Disclosure Matthew Cerha
Tuesday, 09 May
Re: ISA Server 2004 Log Manipulation Steven M. Christey
Secunia Research: Where Is It unacev2.dll Buffer Overflow Vulnerability Secunia Research
tseekdir.cgi<--Local File Include BoNy-m
[SECURITY] [DSA 1053-1] New Mozilla packages fix arbitrary code execution Martin Schulze
ICQ Client Cross-Application Scripting (XAS) 3APA3A
# MHG Security Team --- OzzyWork Gallery SQL Injection Dj_ReMix_20
plaNetStat Admin ByPass alp_eren
Re: INFIGO-2006-05-03: Multiple FTP Servers vulnerabilities Andrea Rimicci
# MHG Security Team --- DuGallery V2.x SQL Injection Dj_ReMix_20
[EEYEB20051011B] - Microsoft Distributed Transaction Coordinator Denial of Service eEye Advisories
[EEYEB20051011A] - Microsoft Distributed Transaction Coordinator Heap Overflow eEye Advisories
ZDI-06-013: 3Com TippingPoint SMS Server Information Disclosure Vulnerability zdi-disclosures
IGNORING SSH CONNECTION USES ARP CACHE POISSONING king_purba
Two independent vulnerabilities (client and server side) in Quake3 engine and many derived games Thilo Schulz
[Reversemode] Microsoft Infotech Storage library Heap Corruption Reversemode
Re: Phil's Bookmark script admin By-pass Steven M. Christey
[SECURITY] [DSA 1054-1] New TIFF packages fix denial of service and arbitrary code execution Martin Schulze
Re: IGNORING SSH CONNECTION USES ARP CACHE POISSONING Thierry Zoller
IBM Websphere Application Server Multiple Vulnerabilities SnoBmsn
# MHG Security Team --- OzzyWork Gallery Upload Vulnerabilities Dj_ReMix_20
Wednesday, 10 May
[ GLSA 200605-11 ] Ruby: Denial of Service Sune Kloppenborg Jeppesen
[ GLSA 200605-10 ] pdnsd: Denial of Service and potential arbitrary code execution Sune Kloppenborg Jeppesen
[ GLSA 200605-12 ] Quake 3 engine based games: Buffer Overflow Sune Kloppenborg Jeppesen
Multiple SQL Injection Vulnerabilities in Dreamweaver Generated Code Brian Gallagher
[ MDKSA-2006:083 ] - Updated gdm package fixes symlink attack vulnerability security
Hackmaster Group DMCounter Remote File Include c-w-m
Oracle - the last word David Litchfield
Re: Firefox 1.5.0.3 code execution exploit James_gmail-ij
Re: tseekdir.cgi<--Local File Include Steven M. Christey
Re: Firefox 1.5.0.3 code execution exploit Juha-Matti Laurio
Re: Firefox 1.5.0.3 code execution exploit Flavio Visentin
Re: Milliscript 1.4 Multiple Vulnerabilities webmaster
Re: phpBB 2.0.20 Full Path Disclosure and SQL Errors Maksymilian Arciemowicz
Re: Firefox 1.5.0.3 code execution exploit Daniel Veditz
UBlog Remote XSS Exploit SnoBMSN
Re: OpenVPN 2.0.7 and below: Remote OpenVPN Management Interface Flaw Giancarlo Razzolini
[ MDKSA-2006:084 ] - Updated MySQL packages fix several vulnerabilities security
Re: IGNORING SSH CONNECTION USES ARP CACHE POISSONING Hugo van der Kooij
Firefox 1.5.0.3 - DoS p4 . werterxyz
mybb v1.1.1(showthread.php) SQL Injection Exploit Breeeeh
[TZO-042006] Insecure Auto-Update and File execution Thierry Zoller
Re: Firefox 1.5.0.3 - DoS Chris Horry
PhpListPro 2.01 Remote File Include Vulnerability SnoBMSN
Re: Firefox 1.5.0.3 code execution exploit Ismail Donmez
Re: modules name(Downloads)SQL Injection Exploit Paul Laudanski
vbulletin security Alert aura
[48Bits.com Advisory] Path conversion design flaw in Microsoft NTDLL 48Bits.com [I+D Team]
Kerio WinRoute Firewall Protocol Inspection Denial SnoBMSN
ZDI-06-014: Verisign I-Nav ActiveX Control Code Execution Vulnerability zdi-disclosures
Re: phpBB 2.0.20 Full Path Disclosure and SQL Errors Paul Laudanski
Re: SYMSA-2006-003: Cisco Secure ACS for Windows - AdministratorPassword Disclosure Greg owens
Cisco Security Advisory: AVS TCP Relay Vulnerability Cisco Systems Product Security Incident Response Team
Thursday, 11 May
RE: SYMSA-2006-003: Cisco Secure ACS for Windows - AdministratorPassword Disclosure John Stuppi (jstuppi)
Re: vbulletin security Alert scott
[ MDKSA-2006:085 ] - Updated xine-ui packages fix format string vulnerabilities security
Re: Oracle - the last word Steven M. Christey
Unclassified NewsBoard <= 1.6.1 patch 1 ABBC[Config][smileset] arbitrary local inclusion rgod
[TZO-042006] Insecure Auto-Update and File execution (2) Thierry Zoller
[SECURITY] [DSA 1055-1] New Mozilla Firefox packages fix arbitrary code execution Martin Schulze
Microsoft MSDTC NdrAllocate Validation Vulnerability avert
Secunia Research: UltimateZip unacev2.dll Buffer Overflow Vulnerability Secunia Research
Verizon Voicewing and Linksys PAP2-VN securityfocus
phpBB "charts.php" XSS and SQL-Injection sn4k3 . 23
[ GLSA 200605-13 ] MySQL: Information leakage Sune Kloppenborg Jeppesen
Friday, 12 May
Ipswitch WhatsUp Professional multiple flaws David Maciejak
Apple QuickTime udta ATOM Heap Overflow Sowhat
Re: Secunia Research: Where Is It unacev2.dll Buffer OverflowVulnerability jason . gerfen
Re: Firefox 1.5.0.3 - DoS RSnake
yet more XSS in older versions of ColdFusion zuxncwaruio
How secure is software X? David Litchfield
[Kurdish Security # 7] Foing Remote File Include Vulnerability [PHPBB] botan
Apple QuickDraw/QuickTime Multiple Vulnerabilities Avert
Re: [Reversemode] Microsoft Infotech Storage library Heap Corruption marco . correnti
TSLSA-2006-0026 - kernel Trustix Security Advisor
Re: [Full-disclosure] How secure is software X? David Litchfield
[EEYEB-20060307] Apple QuickTime FPX Integer Overflow eEye Advisories
Re: How secure is software X? Adam Shostack
RE: Oracle - the last word Lee Kelly
Re: How secure is software X? Tim Newsham
Re: [Reversemode] Microsoft Infotech Storage library Heap Corruption Reversemode
Re: phpBB "charts.php" XSS and SQL-Injection g30rg3x
PHPBB 2.0.20 persistent issues with avatars rgod
Dokeos LDAP hole fixed thomas . depraetere
Re: IGNORING SSH CONNECTION USES ARP CACHE POISSONING king_purba
Re: Re: Phil's Bookmark script admin By-pass theproffx
Re: [Full-disclosure] How secure is software X? Michael Silk
SEC Consult SA-20060512-0 :: Symantec Enterprise Firewall NAT/HTTP Proxy Private IP Exposure Bernhard Mueller
Dovecot IMAP: Mailbox names list disclosure with mboxes Timo Sirainen
Re: Firefox 1.5.0.3 - DoS Flavio Visentin
Several flaws in e-business designer (eBD) Pedro Andújar
Re: phpBB 2.0.20 Full Path Disclosure and SQL Errors Paul Laudanski
PHP Live Helper ASP(chat.php) XSS mster-X
# MHG Security Team --- Gallery Upload Vulnerabilities Dj_ReMix_20
Re: Oracle - the last word Stefano Di Paola
Re: modules name(Downloads)SQL Injection Exploit znx
ZDI-06-015: Apple QuickTime H.264 Parsing Heap Overflow Vulnerability zdi-disclosures
Re: IGNORING SSH CONNECTION USES ARP CACHE POISSONING Felipe openglx
Re: Firefox 1.5.0.3 - DoS marrob
Saturday, 13 May
[FLSA-2006:152898] Updated emacs packages fix a security issue Marc Deslauriers
Buffer-overflow and NULL pointer crash in Genecys 0.2 Luigi Auriemma
[FLSA-2006:152868] Updated tetex packages fix security issues Marc Deslauriers
Multiple vulnerabilities in Outgun 1.0.3 bot 2 Luigi Auriemma
Multiple vulnerabilities in Raydium rev 309 Luigi Auriemma
[FLSA-2006:185355] Updated gnupg package fixes security issues Marc Deslauriers
RE: How secure is software X? Ferguson, Justin (IARC)
Socket unreachable in GNUnet rev 2780 Luigi Auriemma
Gphotos Directory Traversal and Cross Site Scripting doz
[FLSA-2006:152904] Updated ncpfs package fixes security issues Marc Deslauriers
[FLSA-2006:152923] Updated xloadimage package fixes security issues Marc Deslauriers
Server crash in Empire 4.3.2 Luigi Auriemma
Re: How secure is software X? David Litchfield
[FLSA-2006:164512] Updated fetchmail packages fix security issues Marc Deslauriers
SQL-Injection in e107 allows attacker to become a site admininstrator socsam
Monday, 15 May
Re: How secure is software X? Paul B. Saitta
Re: Re: Firefox 1.5.0.3 - DoS Ronald
Re: How secure is software X? Fabian Becker
PhpBB <= 2.0.20 Admin/Restore Database remote cmmnds xctn (works with admin sid) rgod
Re: Firefox 1.5.0.3 - DoS Ronald van den Blink
RE: Oracle - the last word Iggy E
[SECURITY] [DSA 1057-1] New phpLDAPadmin packages fix cross-site scripting Martin Schulze
[USN-274-2] MySQL vulnerability Martin Pitt
Is MS06-018 a DoS or a system compromise ? Nick Boyce
JDK 1.4.2_11, 1.5.0_06, unsigned applets consuming all free harddisk space Marc Schoenefeld
Re: PHPBB 2.0.20 persistent issues with avatars Paul Laudanski
90% of programs made in PHP5 and prior Full Path Disclosure vuln. sirdarckcat
XSS in FreeTextBox and FCKEditor Basic Toolbar Selection bonsite
POC exploit for freeSSHd version 1.0.9 Tauqeer Ahmad
[SECURITY] [DSA 1056-1] New webcalendar packages fix information leak Martin Schulze
DMA[2006-0514a] - 'ClamAV freshclam incorrect privilege drop' KF (lists)
RealVNC 4.1.1 Remote Compromise James Evans
Sugar Suite Open Source <= 4.2 "OptimisticLock!" arbitrary remote inclusion exploit rgod
Azboard <= 1.0 Multiple Sql Injections geinblues
tyree[at]users.sourceforge.net tyree
Secunia Research: FilZip unacev2.dll Buffer Overflow Vulnerability Secunia Research
CYBSEC - Security Advisory: Phishing Vector in SAP BC (Business Connector) Leandro Meiners
CYBSEC - Security Advisory: Arbitrary File Read/Delete in SAP BC (Business Connector) Leandro Meiners
Re: [Full-disclosure] RealVNC 4.1.1 Remote Compromise Juha-Matti Laurio
Re: How secure is software X? Matt . Carpenter
Novell NDPS Remote Vulnerability (Server & Client) Ryan Smith
Secunia Research: Abakt ZIP File Handling Buffer Overflow Vulnerability Secunia Research
[USN-284-1] Quagga vulnerabilities Martin Pitt
Confixx 3.1.2 <= Code Injection Snake_23
YapBB <= 1.2 Beta2 'find.php' SQL Injection Vulnerability geinblues
RE: Is MS06-018 a DoS or a system compromise ? Hayes, Bill
DeluxeBB 1.06 Remote SQL Injection Exploit kingofska
Re: [Full-disclosure] POC exploit for freeSSHd version 1.0.9 David Maciejak
RE: Is MS06-018 a DoS or a system compromise ? Maxime Ducharme
Tuesday, 16 May
re: RealVNC 4.1.1 Remote Compromise plato
PhpRemoteView Multiple Xss Vulnerabilities Soothackers
Sphider Multiple Xss Vulnerabilities Soothackers
IceWarp Cross-Site Scripting(XSS) LiNuX_rOOt1
Newsportal: code injection vulnerability newsportal
ScanAlert Security Advisory Joseph Pierini
Checkpoint SYN DoS Vulnerability sanjay naik
Caucho Resin Windows Directory Traversal Vulnerability advisory
The Weakness of Windows Impersonation Model Brian L. Walche
vulnerability details Arnold Grossmann
Re: Checkpoint SYN DoS Vulnerability Pawel Worach
Re: Checkpoint SYN DoS Vulnerability sanjay naik
UPDATE: [ GLSA 200605-13 ] MySQL: Information leakage Sune Kloppenborg Jeppesen
DeluxeBB <= v1.06 attachment mod_mime exploit rgod
Re: Checkpoint SYN DoS Vulnerability Chris Brenton
ERRATA: [ GLSA 200605-07 ] Nagios: Buffer overflow Sune Kloppenborg Jeppesen
PHP-Fusion <= 6.00.306 "srch_where" SQL injection / admin credentials disclosure rgod
Wednesday, 17 May
Advisory: Quezza BB <= 1.0 File Inclusion Vulnerability. Mustafa Can Bjorn IPEKCI
Maksymilian Arciemowicz cxib
Re: Checkpoint SYN DoS Vulnerability sanjay naik
Secunia Research: IZArc unacev2.dll Buffer Overflow Vulnerability Secunia Research
iDefense Q2 2006 Vulnerability Challenge labs-no-reply () idefense com
Newsportal <= 0.36 Remote File Inclusion Vulnerability philipp . niedziela
Re: Zen Cart login.php SQL Injection Vulnerability noreply
Re: Checkpoint SYN DoS Vulnerability Bojan Zdrnja
VNC_bypauth: vnc scanner multithreaded linux & windows ad () heapoverflow com
Re[2]: The Weakness of Windows Impersonation Model Brian L. Walche
What's Up Professional Spoofing Authentication Bypass Kenneth F. Belva
Firefox (with IETab Plugin) Null Pointer Dereferences Bug Debasis Mohanty
DIMVA 2006 - Call For Participation Thomas Biege
Re[2]: The Weakness of Windows Impersonation Model Brian L. Walche
Two heap overflow in libextractor 0.5.13 (rev 2832) Luigi Auriemma
Secunia Research: Eazel unacev2.dll Buffer Overflow Vulnerability Secunia Research
Mobotix IP Network Cameras Multiple XSS jaime . blasco
Boastmachine Cross Site Scripting Vulnerability mail
OpenWiki<--v0.78 Cross-Site Scripting LiNuX_rOOt1
HYSA-2006-008 myBloggie 2.1.3 CRLF & SQL Injection h4cky0u . org
Re: The Weakness of Windows Impersonation Model David Litchfield
RadLance Local Inclusion Exploit Hussain Salim
Wargamming Network.. Dusty
Gawab.com Register Xss Bugtraq rootter
Thursday, 18 May
Re: Maksymilian Arciemowicz frantisek holop
CodeScan Advisory: Avatar MOD v1.3 for Snitz Forums v3.4 - Arbitrary File Upload CodeScan Labs
Multiple Vulns in Bitrix CMS Gogi The Georgian
[cosmoshop again] sql injection + view all files as admin user innate
[Info Disclosure] Diesel PHP Job Site Latest Version Matt Gibson
AspBB Forum "profile.asp & default.asp" XSS Vulnerability TeufeL Online
Gmail/Gtalk web client DoS dan
[SECURITY] [DSA 1058-1] New awstats packages fix arbitrary command execution Martin Schulze
Re: JDK 1.4.2_11, 1.5.0_06, unsigned applets consuming all free harddisk space William Starling
XSS in orkut.com Rohin Koul
Re: [Full-disclosure] RealVNC 4.1.1 Remote Compromise Joachim Schipper
FrontRange iHeat Vulnerability mcdanielar
POC exploit for freeFTPd 1.0.10 Tauqeer Ahmad
Re: Is MS06-018 a DoS or a system compromise ? Nick Boyce
Re: Re: Checkpoint SYN DoS Vulnerability jrh57
RE: Checkpoint SYN DoS Vulnerability Sterling, Chuck
Re: Checkpoint SYN DoS Vulnerability sanjay naik
Re:POC exploit for freeFTPd 1.0.10 Tauqeer Ahmad
Re: MediaSlash Gallery 'rub' variable Remote File inlcusion Vulnerability gyzmo77
Re: Checkpoint SYN DoS Vulnerability Erick Mechler
Myspace Friend Train v2.8 luny
Code Injection via Hidden Form Field Manipulation mtoren
Re: PHPBB 2.0.20 persistent issues with avatars s89df987 s9f87s987f
Sun single-CPU DOS Doug Hughes
Re: JDK 1.4.2_11, 1.5.0_06, unsigned applets consuming all free harddisk space Leif Erik Andersen (at Seven)
Re: [Full-disclosure] What's Up Professional Spoofing Authentication Bypass David Maciejak
Re: Checkpoint SYN DoS Vulnerability sanjay naik
Re: phpBB "charts.php" XSS and SQL-Injection phpbb
Friday, 19 May
RE: [Full-disclosure] RealVNC 4.1.1 Remote Compromise Krpata, Tyler
Re: Firefox (with IETab Plugin) Null Pointer Dereferences Bug Roman Daszczyszak
[ MDKSA-2006:086 ] - Updated kernel packages fix multiple vulnerabilities security
Secunia Research: CAM UnZip ZIP File Handling Buffer Overflow Vulnerability Secunia Research
[security bulletin] HPSBUX02108 SSRT061133 rev.11 - HP-UX Running Sendmail, Remote Execution of Arbitrary Code security-alert
[security bulletin] HPSBUX02117 SSRT2400 rev.1 - HP-UX Running BINDv4 Domain Name Server (DNS) Remote Unauthorized Access, Denial of Service (DoS) security-alert
[security bulletin] HPSBTU02118 SSRT061145 rev.1 - HP Tru64 UNIX Running Firefox or Mozilla Application Suite, Remote Execution of Arbitrary Code or Denial of Service (DoS) security-alert
[SECURITY] [DSA 1059-1] New quagga packages fix several vulnerabilities Martin Schulze
Yourfreeworld Styleish Text Ads Script luny
[SECURITY] [DSA 1062-1] New kphone packages fix information disclosure Moritz Muehlenhoff
Yourfreeworld.com Short Url & Url Tracker Script luny
[SECURITY] [DSA 1060-1] New kernel-patch-vserver packages fix privilege escalation Moritz Muehlenhoff
[SECURITY] [DSA 1061-1] New popfile packages fix denial of service Moritz Muehlenhoff
Jemscripts Download Control v1.0 luny
CYBSEC - Security Pre-Advisory: Local Privilege Escalation in SAP sapdba Command Leandro Meiners
[SECURITY] [DSA 1063-1] New phpgroupware packages fix execution of arbitrary web script code Moritz Muehlenhoff
Saturday, 20 May
[SECURITY] [DSA 1066-1] New phpbb2 packages fix execution of arbitrary web script code Moritz Muehlenhoff
phpBazar <= 2.1.0 Multiple vulnerabilites i6d
Re: [Full-disclosure] RealVNC 4.1.1 Remote Compromise Matt Venzke
Re: NSA Group Security Advisory NSAG-195-23.02.2006 Vulnerability FCKeditor 2.0 FC fredck
[SECURITY] [DSA 1065-1] New hostapd packages fix denial of service Moritz Muehlenhoff
ActualAnalyzer Server <=8.23 - Remote File Include Vulnerability i6d
Interlink "news_information.php" XSS Mster-X
RaceEventManagement <--v0.7.6 SQL injection & XSS Mster-X
Xtremescripts Topsites v1.1 luny
[SECURITY] [DSA 1067-1] New Linux kernel 2.4.16 packages fix several vulnerabilities Moritz Muehlenhoff
Re: NSA Group Security Advisory NSAG-196-23.02.2006 Vulnerability FCKeditor 2.2 fredck
[SECURITY] [DSA 1064-1] New cscope packages fix arbitrary code execution Moritz Muehlenhoff
Re: PHPBB 2.0.20 persistent issues with avatars Paul Laudanski
cPanel OpenBaseDir Bypass i6d
Zix Forum <= 1.12 (layid) SQL Injection Vulnerability i6d
Re: XSS in orkut.com Google Security Team
[SECURITY] [DSA 1068-1] New fbi packages fix denial of service Moritz Muehlenhoff
Monday, 22 May
Re: Zix Forum <= 1.12 (layid) SQL Injection Vulnerability farhadkey
Hiox Guestbook 3.1 luny
[SECURITY] [DSA 1069-1] New Linux kernel 2.4.18 packages fix several vulnerabilities Moritz Muehlenhoff
PunBB 1.2.11 Cross site scripting k4p0k4p0
Destiney Rated Images Script v0.5.0 - XSS Vulnv luny
Destiney Links Script v2.1.2 luny
[SECURITY] [DSA 1070-1] New Linux kernel 2.4.19 packages fix several vulnerabilities Moritz Muehlenhoff
Captivate 1.0 - XSS Vuln luny
PHP Easy Galerie Index.PHP Remote File Include Vulnerability craziest
Firefox 1.5.0.3 Flaw - Page can obtain path to Mozilla installation or profile by examining JavaScript exceptions milw0rm
XOOPS <= 2.0.13.2 'xoopsOption[nocommon]' exploit rgod
[TZO-072006]-Xampp - Multiple Priviledge Escalation (SYSTEM) and Rogue Autostart Thierry Zoller
[ GLSA 200605-14 ] libextractor: Two heap-based buffer overflows Stefan Cornelius
[ GLSA 200605-15 ] Quagga Routing Suite: Multiple vulnerabilities Stefan Cornelius
[SECURITY] [DSA 1069-1] New Linux kernel 2.4.18 packages fix several vulnerabilities Moritz Muehlenhoff
Novell Client login form enables reading and writing from and to the clipboard of the logged-in user EitanCaspi () yahoo com
Generic Browser Crash with Java 1.4.2_11, Java 1.5.0_06 Marc Schoenefeld
[KAPDA::#43] - phpwcms multiple vulnerabilities alireza hassani
Skype - URI Handler Command Switch Parsing Brett Moore
Re: modules name(Sections)SQL Injection Exploit security curmudgeon
Re: tseekdir.cgi<--Local File Include security curmudgeon
[SECURITY] [DSA 1071-1] New MySQL 3.23 packages fix several vulnerabilities Martin Schulze
Perlpodder Remote Arbitrary Command Execution RedTeam Pentesting
Prodder Remote Arbitrary Command Execution RedTeam Pentesting
BitZipper Archive Extraction Directory traversal h e
Re: WebsiteBaker CMS lack of sanitizing ryan
[security bulletin] HPSBUX02119 SSRT4848 rev.1 - HP-UX Running Motif Applications Remote Arbitrary Code Execution, Denial of Service (DoS) security-alert
[security bulletin] HPSBUX02120 SSRT051057 rev.1 - HP-UX Local Denial of Service (DoS) security-alert
ZDI-06-016: Novell eDirectory 8.8 NDS Server Buffer Overflow Vulnerability zdi-disclosures
[SECURITY] [DSA 1073-1] New MySQL 4.1 packages fix several vulnerabilities Martin Schulze
Re: Novell Client login form enables reading and writing from and to the clipboard of the logged-in user Roman Drahtmueller
ACROS Security: Buffer Overflow In EMC (previously Dantz) Retroclient Service ACROS Security
[SECURITY] [DSA 1072-1] New Nagios packages fix arbitrary code execution Martin Schulze
Re: Checkpoint SYN DoS Vulnerability Jim Clausing
mybb v1.1.1(rss.php) SQL Injection Exploit Breeeeh
Re: Unfiltered Header Injection in Apache 1.3.34/2.0.57/2.2.1 Amit Klein (AKsecurity)
CANews Multiple Vulnerabilities omnipresent
Re: 90% of programs made in PHP5 and prior Full Path Disclosure vuln. sirdarckcat
Re: Checkpoint SYN DoS Vulnerability Bojan Zdrnja
SOE's implementation of Lithium Forums Software allows users to log on as each other. john
Beoped Portal XSS outlaw
Re: Sun single-CPU DOS Mike O'Connor
phpRaid "view.php" XSS Vulnerability TeufeL Online
TSLSA-2006-0028 - multi Trustix Security Advisor
Remote Code Execution in artmedic Newsletter 4.1 [log.php] c . j . schmitz
Re: POC exploit for freeFTPd 1.0.10 Sanjay Rawat
Re: POC exploit for freeFTPd 1.0.10 Tauqeer Ahmad
Re: 90% of programs made in PHP5 and prior Full Path Disclosure vuln. Kamil Sienicki
Microsoft Internet Explorer - Crash on mouse button click mac68k
Hackernetwork.Com Mail XSS Vulnerability TeufeL Online
Circumventing quarantine control in Windows 2003 and ISA 2004 Memet Anwar
Tuesday, 23 May
Chatty improper input sanitizing zerogue
Re: Circumventing quarantine control in Windows 2003 and ISA 2004 3APA3A
DSChat <= 1.0 XSS zerogue
IpLogger <= 1.7 XSS zerogue
QBv14 XSS zerogue
Russcom PHPImages lack of validation zerogue
Russcom Ping Remote code execution zerogue
SkyeShoutbox <= v.1.2.0 XSS zerogue
Kaspersky antivirus 6: HTTP monitor bypassing john
[OpenPKG-SA-2006.008] OpenPKG Security Advisory (openldap) OpenPKG
Non eXecutable Stack Lovin on OSX86 KF (lists)
Nucleus CMS <= 3.22 arbitrary remote inclusion rgod
[security bulletin] HPSBUX02114 SSRT061115 rev.1 - HP-UX Running Software Distributor Local Elevation of Privilege security-alert
phpMyDirectory <= 10.4.4 Multiple Remote File Include(new!) ajannhwt
AlstraSoft E-Friends - XSS luny
Alstrasoft Article Manager Pro v1.6 luny
[security bulletin] HPSBUX02075 SSRT051074 rev.5 - HP-UX Running xterm Local Unauthorized Access security-alert
Re: Sun single-CPU DOS Doug Hughes
RE: Circumventing quarantine control in Windows 2003 and ISA 2004 Roger A. Grimes
Re: How secure is software X? Crispin Cowan
DGbook v1.0 - XSS luny
[USN-285-1] awstats vulnerability Martin Pitt
[security bulletin] HPSBMA02121 SSRT061157 rev.1 - HP OpenView Storage Data Protector Remote Arbitrary Command Execution security-alert
[security bulletin] HPSBMA02098 SSRT5911 rev.1 - HP OpenView Network Node Manager (OV NNM) Remote Unauthorized Privileged Access, Arbitrary Command Execution, Arbitrary File Creation security-alert
Wednesday, 24 May
Re: Microsoft Internet Explorer - Crash on mouse button click unknown user
Re: Circumventing quarantine control in Windows 2003 and ISA 2004 Mark Senior
Server termination in netPanzer 0.8 (rev 952) Luigi Auriemma
Buffer-overflow in the WebTool service of PunkBuster for servers (minor than v1.229) Luigi Auriemma
Re: Sun single-CPU DOS Mike O'Connor
Re: Destiney Rated Images Script v0.5.0 - XSS Vulnv webmaster
AlstraSoft Web Host Directory v1.2 luny
Re: Checkpoint SYN DoS Vulnerability Niranjan S Patil
Publicist v0.95 - XSS And Full Path Errors luny
Re: Circumventing quarantine control in Windows 2003 and ISA 2004 Andreas Beck
Mambo <= 4.6. RC1 xss rgod
YLZH(right.php)Cross Site Scripting Breeeeh
Default Screen Saver Vulnerability in Microsoft Windows susam . pal
Vodafone.de XSS Vulnerability try_og
NETGEAR WGR614 v6 Wireless DSL router information disclosure vulnerability info
Re: How secure is software X? Duncan Simpson
Diesel Joke Site SQL INJECTION a_linuxer
Write-up by Amit Klein: "IE + some popular forward proxy servers = XSS, defacement (browser cache poisoning)" Amit Klein (AKsecurity)
OpenCms version 6.0.x Xml Content Demo search engine Cross site scripting jaime . blasco
[SECURITY] [DSA 1074-1] New mpg123 packages fix arbitrary code execution Martin Schulze
Cisco Security Advisory: Windows VPN Client Local Privilege Escalation Vulnerability Cisco Systems Product Security Incident Response Team
[ MDKSA-2006:087 ] - Updated kernel packages fixes netfilter SNMP NAT memory corruption security
[ MDKSA-2006:088 ] - Updated hostapd package to address DoS vulnerability security
[ MDKSA-2006:089 ] - Updated kphone packages fixes permissions issue with .qt/kphonerc security
Re: Default Screen Saver Vulnerability in Microsoft Windows Eliah Kagan
Re: Default Screen Saver Vulnerability in Microsoft Windows Ansgar -59cobalt- Wiechers
[ MDKSA-2006:090 ] - Updated shadow-utils packages fix mailbox creation vulnerability security
Thursday, 25 May
[ MDKSA-2006:091 ] - Updated php packages fix vulnerabilities security
VSR Advisory: PDF Tools AG - PDF Form Filling and Flattening Tool Buffer Overflow advisories
Re: Default Screen Saver Vulnerability in Microsoft Windows Jason V. Miller
[CLOSED] SOE's implementation of Lithium Forums Software allows users to log on as each other. support
Re: mybb v1.1.1(rss.php) SQL Injection Exploit Steven M. Christey
Kaspersky antivirus 6: POP3 state machine error bug . registrator
phpFoX All Version Login Exploit mx
Re: Re: [SECURITYREASON.COM] PhpNuke 7.6=>x Multiple vulnerabilities cXIb8O3.12 phpnuke
AZ Photo Album Script Pro luny
RE: Microsoft Internet Explorer - Crash on mouse button click Jain, Siddhartha
Re: IpLogger <= 1.7 XSS thrasher . basher
ChatPat v1.0 luny
A Nasty Security Bug that affect PGP Virtual Disks & PGP SDA , PGP 8.x & 9.x and Truecrypt. thesinoda
sql injection in phpWebSite 0.8.3 help-users
iFdate v1.2 luny
Realty Pro One Property Listing Script luny
Bulletin Board Elite-Board v.1.1 luny
[USN-286-1] Dia vulnerabilities Martin Pitt
GuestbookXL 1.3 luny
Re: Circumventing quarantine control in Windows 2003 and ISA 2004 Memet Anwar
CMS Mundo V1.0 luny
Pre Shopping Mall v1.0 luny
[KAPDA::#44] - NewsCMSLite Login ByPass by Cookie farhadkey
Pre News Manager v1.0 luny
Drupal <= 4.7 attachment/mod_mime remote code execution rgod
PostgreSQL security releases 8.1.4, 8.0.8, 7.4.13, 7.3.15 PostgreSQL Security
RE: modules name(Sections)SQL Injection Exploit Evans, Arian
rPSA-2006-0082-1 vixie-cron Justin M. Forbes
iFlance v1.1 luny
Hackernetwork Mail Xss[Search] Vulnerability ajannhwt
Wordpress <=2.0.2 'cache' shell injection rgod
Friday, 26 May
Addendum ennead () truecrypt org
RE: A Nasty Security Bug that affect PGP Virtual Disks & PGP SDA , PGP 8.x & 9.x and Truecrypt. ennead () truecrypt org
TSLSA-2006-0030 - multi Trustix Security Advisor
[SECURITY] [DSA 1076-1] New lynx packages fix denial of service Martin Schulze
[SECURITY] [DSA 1077-1] New lynx-ssl packages fix denial of service Martin Schulze
Re: Destiney Rated Images Script v0.5.0 - XSS Vulnv Steven M. Christey
V-Webmail 1.6.4 Remote File Include beford
[BuHa-Security] DoS Vulnerability in MS IE 6 SP2 bugtraq
[BuHa-Security] MS06-013: HTML Tag Memory Corruption Vulnerability in MS IE 6 SP2 bugtraq
ASLR now built into Vista David Litchfield
Re: [Full-disclosure] ASLR now built into Vista c0ntex
[SECURITY] [DSA 1075-1] New awstats packages fix arbitrary command execution Martin Schulze
Re: Kaspersky antivirus 6: POP3 state machine error denisov_vit
Re: Sun single-CPU DOS Mike O'Connor
Re: Sun single-CPU DOS Mike O'Connor
XSS in Omegasoft's Insel MC Iglo
Docebo LMS 2.05 Remote File Include beford
Re: A Nasty Security Bug that affect PGP Virtual Disks & PGP SDA , PGP 8.x & 9.x and Truecrypt. 3APA3A
XSS in Monster Top List | MTL 1.4 V8f3
Easy-Content Forums 1.0 Multiple SQL/XSS Vulnerabilities ajannhwt
Toasts Forums 1.6.44 in Xss ajannhwt
phpjobboard Authecnical admin byPass alp_eren
qjForum(member.asp) SQL Injection Vulnerability ajannhwt
[MajorSecurity #6]Socketmail <= 2.2.6 - Remote File Include Vulnerability admin
Tamber Forum <= 1.9.13 Multiple SQL Injection Vulnerabilities ajannhwt
my Web Server << v-1.0 Denial of Service Exploit s3rv3r_hack3r
Multiple XSS Vulnerabilities in Tikiwiki 1.9.x blwood
RE: Realty Pro One Property Listing Script Krpata, Tyler
Re: [BuHa-Security] DoS Vulnerability in MS IE 6 SP2 ad () heapoverflow com
Plume CMS Remote File Include beford
PHPResidence <= 0.6 XSS zerogue
PHP AGTC-Membership system <= v1.1a XSS zerogue
ByteHoard <= 2.1 multiple vulnerabilities zerogue
Assetman <= 2.4a XSS zerogue
Easy-Content Forums 1.0 Multiple [SQL/XSS] Vulnerabilities ajannhwt
Re: Kaspersky antivirus 6: HTTP monitor bypassing denisov_vit
Re: PhpListPro 2.01 Remote File Include Vulnerability not
Seditio Cross Site Scripting Vulnerability mail
Re: Sun single-CPU DOS Doug Hughes
Re: Microsoft Internet Explorer - Crash on mouse button click unknown user
XSS Vulnerability on www.my6d.com Connection Work System spymeta
[OpenPKG-SA-2006.009] OpenPKG Security Advisory (binutils) OpenPKG
On the Recent PGP and Truecrypt Posting jon
Re: Microsoft Internet Explorer - Crash on mouse button click unknown user
Re: Kaspersky antivirus 6: HTTP monitor bypassing dmitryp . spm
rPSA-2006-0080-1 postgresql postgresql-server Justin M. Forbes
XSS Vulnerability on Vodafone try_og
iBoutique.MALL - Directory Traversal luny
PHPSimple Choose v0.3 luny
Super Link Exchange Script v1.0 luny
Vacation Retal Script v1.0 luny
Re: Microsoft Internet Explorer - Crash on mouse button click unknown user
Re: Microsoft Internet Explorer - Crash on mouse button click mac68k
MyYearBook.com - XSS luny
Pretty Guestbook v1 luny
Smile Guestbook v1 luny
Morris Guestbook v1 luny
Re: Wordpress <=2.0.2 'cache' shell injection pokley
Re: A Nasty Security Bug that affect PGP Virtual Disks & PGP SDA , PGP 8.x & 9.x and Truecrypt. Alexander Klimov
Re: RE: A Nasty Security Bug that affect PGP Virtual Disks & PGP SDA , PGP 8.x & 9.x and Truecrypt. ahariri
[ MDKSA-2006:092 ] - Updated mpg123 packages fix DoS vulnerability. security
LM hashes in a hot-desking environment feedb4ck
Re: Sun single-CPU DOS Doug Hughes
Re: my Web Server << v-1.0 Denial of Service Exploit str0ke
Re[2]: [Full-disclosure] ASLR now built into Vista 3APA3A
Saturday, 27 May
cURL Safe Mode Bypass PHP 4.4.2 and 5.1.4 cxib
rPSA-2006-0084-1 fetchmail Justin M. Forbes
Wavecon Advisory: Open-Xchange <= 0.8.2 defaultuser with /bin/bash and default password Cemil Degirmenci
rPSA-2006-0083-1 enscript Justin M. Forbes
Symantec antivirus software exposes computers Michael Scheidell
InternerExplorer error: ECMAScript interpreter stack overflow sehato
Critical sql injection in saphplesson 2.0 black-cod3
Re: LM hashes in a hot-desking environment 3APA3A
Re: LM hashes in a hot-desking environment Ansgar -59cobalt- Wiechers
Xss exploit in Chipmunk guestbook black-cod3
Multiple Xss exploits in ar-blog v 5.2 black-cod3
sql injection in PHPcafe.net Tutorial Manager black-cod3
RE: LM hashes in a hot-desking environment Roger A. Grimes
Speedy ASP Forum(profileupdate.asp) User Pass Change Exploit ajannhwt
[SECURITY] [DSA 1078-1] New tiff packages fix denial of service Martin Schulze
D-Link DSA-3100 Cross-Site Scripting jaime . blasco
Re: On the Recent PGP and Truecrypt Posting John Pettitt
Proof of concept that PGP AUTHENTICATION CAN BE BYPASSED WITHOUT PATCHING thesinoda
RE: A Nasty Security Bug that affect PGP Virtual Disks & PGP SDA , PGP 8.x & 9.x and Truecrypt. thesinoda
RE: [security] A Nasty Security Bug that affect PGP Virtual Disks & PGP SDA , PGP 8.x & 9.x and Truecrypt. phugo
Re: Re: A Nasty Security Bug that affect PGP Virtual Disks & PGP SDA , PGP 8.x & 9.x and Truecrypt. visitbipin
html Guest Gear pieisgdvgd
Monday, 29 May
[SECURITY] [DSA 1079-1] New MySQL 4.0 packages fix several vulnerabilities Martin Schulze
[SECURITY] [DSA 1080-1] New dovecot packages fix directory traversal Steve Kemp
[SECURITY] [DSA 1081-1] New libextractor packages fix arbitrary code execution Martin Schulze
[USN-287-1] Nagios vulnerability Martin Pitt
[USN-288-1] PostgreSQL server/client vulnerabilities Martin Pitt
Buffer overflow in QuickTime 7.0.4? John Richard Moser
Re: On the Recent PGP and Truecrypt Posting Jon Callas
multiple file include exploits in EzUpload Pro v2.10 black-cod3
JAMES 2.2.0 <-- Denial Of Service y3dips
Advisory: MiniNuke v2.x Multiple Remote Vulnerabilities Mustafa Can Bjorn IPEKCI
Advisory: ASPBB <= 0.52 (perform_search.asp) XSS vulnerability Mustafa Can Bjorn IPEKCI
Advisory: tinyBB <= 0.3 Multiple Remote Vulnerabilities. Mustafa Can Bjorn IPEKCI
Advisory: Enigma Haber <= 4.3 Multiple Remote SQL Injection Vulnerabilities Mustafa Can Bjorn IPEKCI
Advisory: F@cile Interactive Web <= 0.8x Multiple Remote Vulnerabilities. Mustafa Can Bjorn IPEKCI
Advisory: Eggblog <= 3.x Multiple Remote Vulnerabilities Mustafa Can Bjorn IPEKCI
Advisory: phpBB 2.x (admin/admin_hacks_list.php) Local Inclusion Vulnerability. Mustafa Can Bjorn IPEKCI
Advisory: phpBB 2.x (Activity MOD Plus) File Inclusion Vulnerability. Mustafa Can Bjorn IPEKCI
Advisory: ASPSitem <= 2.0 Multiple Vulnerabilities. Mustafa Can Bjorn IPEKCI
Advisory: UBBThreads 5.x,6.x Multiple File Inclusion Vulnerabilities. Mustafa Can Bjorn IPEKCI
Advisory: Blend Portal <= 1.2.0 for phpBB 2.x (blend_data/blend_common.php) File Inclusion Vulnerability Mustafa Can Bjorn IPEKCI
VARIOMAT(advanced cms tool)SQL injection/XSS CrAzY . CrAcKeR
Xss exploit in Photoalbum B&W v1.3 black-cod3
[KAPDA::#45] - geeklog multiple vulnerabilities alireza hassani
UBBThreads 5.x,6.x md5 hash disclosure chris
RE: Advisory: Blend Portal <= 1.2.0 for phpBB 2.x(blend_data/blend_common.php) File Inclusion Vulnerability austin best
RE: Advisory: Eggblog <= 3.x Multiple Remote Vulnerabilities Egg
Re: Proof of concept that PGP AUTHENTICATION CAN BE BYPASSED WITHOUT PATCHING Andreas Beck
Foing Remote File Include Vulnerability [PHPBB] s3rv3r_hack3r
New SMB and DCERPC features on Impacket released with doc Gerardo Richarte
WikiNi Persistent Cross Site Scripting Vulnerability raphael . huck
[SECURITY] [DSA 1082-1] New Linux kernel 2.4.17 packages fix several vulnerabilities Moritz Muehlenhoff
Multiple Xss exploits in Chipmunk Board black code
RE: Multiple Xss exploits in coolphp magazine black code
multiple Xss exploits in : vCard 2.9 black code
[KAPDA::#46] - Nukedit Unauthorized Admin Add farhadkey
Re: LM hashes in a hot-desking environment The Little Prince
Tuesday, 30 May
Jiwa Financials - Reporting allows execution of arbitrary reports as SQL user with full permissions. Robert
4nNukeWare<--V 0.91 SQL Injection exploits CrAzY . CrAcKeR
Re: On the Recent PGP and Truecrypt Posting Jon Callas
phpMyDesktop|arcade 1.0 FINAL Code Execution darkgod . xsf
Bratpack Cross Site Scripting Vulnerability CrAzY . CrAcKeR
NorthStudio Cross Site Scripting Vulnerability CrAzY . CrAcKeR
WBB<--v2.3.4"misc.php" SQL injection Vulnerability CrAzY . CrAcKeR
Re: On the Recent PGP and Truecrypt Posting Andreas Beck
OaBoard 1.0 Remote File inclusion hessamx
Backdoor in RelevantKnowledge adware (What are we fighting for?) 3APA3A
Fire fox dos exploit co296
[ GLSA 200605-16 ] CherryPy: Directory traversal vulnerability Stefan Cornelius
[ MDKSA-2006:093 ] - Updated dia packages fix string format vulnerabilities. security
[ GLSA 200605-17 ] libTIFF: Multiple vulnerabilities Stefan Cornelius
WebCalendar-1.0.3 reading of any files socsam
Open Searchable Image Catalogue: XSS and SQL Injection Vulnerabilities enji
Re: [Info Disclosure] Diesel PHP Job Site Latest Version support
Re: V-Webmail 1.6.4 Remote File Include Ventsislav Genchev
Xss exploit in Chipmunk directory black code
Wednesday, 31 May
Re: Re[2]: The Weakness of Windows Impersonation Model Cesar
pppBlog <= 0.3.8 administrative credentials/system disclosure rgod
# MHG Security Team --- PHP NUKE All version Remote File Inc. erne
Re: [Info Disclosure] Diesel PHP Job Site Latest Version GulfTech Security Research
QontentOneCMS v1.0 luny
[SECURITY] [DSA 1083-1] New motor packages fix arbitrary code execution Martin Schulze
Re: Fire fox dos exploit Josh Zlatin-Amishav
toendaCMS 0.7.0 Cross Site Scripting kubasx
file include exploit in Support Cards v1 black code
Secunia Research: Eserv/3 IMAP and HTTP Server Multiple Vulnerabilities Secunia Research
Secunia Research: ZipCentral ZIP File Handling Buffer Overflow Vulnerability Secunia Research
New SecurityFocus mailing list: Focus-Apple Marc Fossi
Re: New SecurityFocus mailing list: Focus-Apple Marc Fossi
Re: Fire fox dos exploit anoni . mouse
Internet explorer Vulnerbility Mr . Niega
[SECURITY] [DSA 1084-1] New typespeed packages fix arbitrary code execution Steve Kemp
rPSA-2006-0087-1 kernel Justin M. Forbes
SUSE Security Announcement: rug (SUSE-SA:2006:029) Thomas Biege
[security bulletin] HPSBUX02122 SSRT061158 rev.1 - HP-UX Mozilla Remote Execution of Arbitrary Code, Denial of Service (DoS) security-alert