Bugtraq: by author
RSS Feed
About List
All Lists
Previous period
524 messages
starting Oct 16 06 and
ending Oct 19 06
Date index |
Thread index |
Author index
3APA3A
:ShAnKaR: WoltLab Burning Book <=1.1.2 multiple vulnerabilities 3APA3A (Oct 16)
3cab7cc7
TorrentFlux action Script Insertion 3cab7cc7 (Oct 17)
TorrentFlux user_id Script Insertion 3cab7cc7 (Oct 17)
TorrentFlux file Script Insertion 3cab7cc7 (Oct 17)
566d9bfe
TorrentFlux startpop.php torrent Script Insertion 566d9bfe (Oct 13)
abel . andrade
Re: iDefense Security Advisory 10.19.06: Kaspersky Labs Anti-Virus IOCTL Local Privilege Escalation Vulnerability abel . andrade (Oct 20)
Adam Boileau
Security-Assessment.com Advisory: Asterisk remote heap overflow Adam Boileau (Oct 18)
Adam Laurie
RFID enabled e-passport skimming proof of concept code released (RFIDIOt) Adam Laurie (Oct 27)
admin
[MajorSecurity Advisory #29]foresite CMS - Cross Site Scripting Issue admin (Oct 30)
advisories
LS-20060220 - CA BrightStor ARCserve Backup Remote Buffer Overflow Vulnerability advisories (Oct 07)
LS-20060330 - CA BrightStor ARCserve Backup Remote Buffer Overflow Vulnerability advisories (Oct 07)
LS-20060313 - CA BrightStor ARCserve Backup Remote Buffer Overflow Vulnerability advisories (Oct 07)
advisory
Rapid7 Advisory R7-0026: HTTP Header Injection Vulnerabilities in the Flash Player Plugin advisory (Oct 17)
Rapid7 Advisory R7-0025: Buffer Overflow in NVIDIA Binary Graphics Driver For Linux advisory (Oct 16)
aeroxteam
Vulnerability in Btitracker aeroxteam (Oct 07)
ajannhwt
PHPEasyData Pro 2.2.1 (index.php) Remote SQL Injection Vulnerability ajannhwt (Oct 30)
PHPEasyData Pro 1.4.1 (index.php) Remote SQL Injection Vulnerability ajannhwt (Oct 30)
ak
http://www.red-database-security.com/advisory/oracle_apex_css_notification_msg.html ak (Oct 23)
Modify Data via Inline Views ak (Oct 23)
Various Cross-Site-Scripting Vulnerabilities in Oracle Reports ak (Oct 23)
SQL Injection in package SYS.DBMS_CDC_IMPDP ak (Oct 23)
Cross-Site-Scripting Vulnerability in Oracle APEX WWV_FLOW_ITEM_HELP ak (Oct 23)
SQL Injection Vulnerability in Oracle WWV_FLOW_UTILITIES ak (Oct 23)
SQL Injection in package XDB.DBMS_XDBZ0 ak (Oct 23)
SQL Injection in Oracle package MDSYS.SDO_LRS ak (Oct 23)
SQL Injection in package SYS.DBMS_SQLTUNE_INTERNAL ak (Oct 23)
Alexander Hristov
Google Earth (kml & kmz files) buffer overflow Alexander Hristov (Oct 13)
Mcafee Network Agent (mcnasvc.exe) Remote DoS Alexander Hristov (Oct 13)
Alexander Sotirov
Re: [funsec] Technical Paper on the ZERT Patch and VML [was: Re: ZERT patch for setSlice()] Alexander Sotirov (Oct 04)
alguidy
Advanced Poll v2.02 :) <= Remote File Inclusion alguidy (Oct 09)
alireza hassani
[KAPDA::#60] Mambo V4.6.x vulnerabilities alireza hassani (Oct 20)
almaster
SQL in WebWizForum by almaster hacker almaster (Oct 30)
arab_anaconda
PHPLibrary-1.5.3(Description.php) Remote File Include arab_anaconda (Oct 20)
Aras "Russ" Memisyazici
RE: Flaw in Firefox 2.0 RC2 Aras "Russ" Memisyazici (Oct 19)
Arian J. Evans
RE: Informing Companies about security vulnerabilities... Arian J. Evans (Oct 07)
arny
Re: Flaw in Firefox 2.0 RC2 arny (Oct 18)
auto113922
who needs a server ... auto113922 (Oct 24)
Avert
MS06-060 Microsoft Word Memmove Code Execution Avert (Oct 12)
avivra
VoMM: Taking browser exploits to the next level avivra (Oct 16)
Bernhard Mueller
Re: PHP "exec", "system", "popen" (+small POC) Bernhard Mueller (Oct 20)
Bithedz
TextPattern <=1.19 Remote File Inclusion Vulnerability Bithedz (Oct 27)
ArticleBeach Script <= 2.0 Remote File Inclusion Vulnerability Bithedz (Oct 27)
boomboom999
Utimaco Safeguard Easy vulnerability boomboom999 (Oct 13)
B Potter
ShmooCon 2006 CFP Announcement B Potter (Oct 11)
Brian Eaton
Re: [Full-disclosure] IE UXSS (Universal XSS in IE, was Re: Microsoft Internet Information Services UTF-7 XSS Vulnerability [MS06-053]) Brian Eaton (Oct 02)
bugtraq
RE: Informing Companies about security vulnerabilities... bugtraq (Oct 07)
By_KorsaN_Son
Download-Engine Remote File İnclude By_KorsaN_Son (Oct 13)
PHPht Topsites Remote File İnclude By_KorsaN_Son (Oct 13)
Bloq 0.5.4 Remote File İnclude By_KorsaN_Son (Oct 13)
Phpbb insert mod Remote file include By_KorsaN_Son (Oct 13)
CarcaBotx
PHPRecipeBook <= 2.35 ((g_rb_basedir)) Remote File Include Exploit CarcaBotx (Oct 18)
C. Hamby
About.com contact C. Hamby (Oct 17)
Christian Kalkhoff
Re: Mozilla Firefox JavaScript Handler Race Condition Memory Corruption Vulnerability Christian Kalkhoff (Oct 27)
Christopher
Directory Traversal in TorrentFlux 2.1 Christopher (Oct 27)
Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco Security Agent for Linux Port Scan Denial of Service Cisco Systems Product Security Incident Response Team (Oct 25)
Cisco Security Advisory: Limitations in Cisco Secure Desktop Cisco Systems Product Security Incident Response Team (Oct 09)
Cisco Security Advisory: Default Password in Wireless Location Appliance Cisco Systems Product Security Incident Response Team (Oct 12)
CORE FORCE Team
CORE FORCE R0.95 released! CORE FORCE Team (Oct 30)
corrado . liotta
{x0n3-h4ck} DEV Web Manager System <= 1.5 XSS Exploit corrado . liotta (Oct 18)
crackers_child
phpWebSite 0.10.2 Remote File Include Vulnerabilities crackers_child (Oct 10)
WHM 10.8.0 cPanel 10.9.0 R50 CentOS 4.4 i686 WHM X v3.1.0 Xss Vulnerability crackers_child (Oct 23)
Smarty-2.6.1 Remote File Include Vulnerabilities crackers_child (Oct 23)
MysqlDumper Version 1.21 b6 Xss Vulnerability crackers_child (Oct 11)
INCA IM-204 Dsl several vulnerabilities crackers_child (Oct 23)
CSLH2.9.9 Remote File Include Vulnerabilities crackers_child (Oct 24)
adobe php sdk Remote File Include Vulnerabilities crackers_child (Oct 24)
Joomla extended_registration mod Remote File Include Vulnerabilities crackers_child (Oct 27)
CvIr . System
CMS contenido Remote File Inclusion CvIr . System (Oct 13)
CMS contenido Path Disclosure CvIr . System (Oct 13)
cw . cybersecurity
Simple Website Software v0.99 (common.php) Remote File Include cw . cybersecurity (Oct 30)
Daniel Veditz
Re: New Flaw in Firefox 2.0: DoS and possible remote code execution Daniel Veditz (Oct 31)
dansoftaus
Re: DanPHPSupport => 0.5 Cross Site Scripting Vulnerabilities dansoftaus (Oct 14)
david
Re: net2ftp Remote File Inclusion - bogus report david (Oct 06)
David Litchfield
Analysis of the Oracle October 2006 Critical Patch Update David Litchfield (Oct 18)
David Matousek
Kerio Multiple insufficient argument validation of hooked SSDT function Vulnerability David Matousek (Oct 02)
Debasis Mohanty
Multiple HTTP response splitting vulnerabilities in SHOP-SCRIPT Debasis Mohanty (Oct 23)
dh
Layered Defense Advisory: TrendMicro OfficesScan Corporate Edition Format String Vulnerability dh (Oct 02)
disfigure
Boonex Dolphin 5.2 Remote File Inclusion disfigure (Oct 18)
Comdev One Admin 4.1 Remote File Inclusion disfigure (Oct 18)
SQL injection - moodle disfigure (Oct 09)
Simplog 0.9.3.1 SQL Injection disfigure (Oct 18)
SQL injection - 4images disfigure (Oct 09)
dj_remix_20
Emek Portal v2.1 SQL Injection dj_remix_20 (Oct 06)
Jax LinkLists Remote File include dj_remix_20 (Oct 13)
Dayfox Blog v2.0 Remote file include dj_remix_20 (Oct 02)
Yener Haber Script v2.0 SQL injection dj_remix_20 (Oct 04)
Hazir Site v2.0 Admin SQL Injection dj_remix_20 (Oct 06)
Jax Newspage Remote File include dj_remix_20 (Oct 13)
[dot]
vbulletin Exploit Tool Box [dot] (Oct 16)
Dragos Ruiu
PacSec Hype Security Team: CGI.pm param injection Dragos Ruiu (Oct 13)
pacsec hype security team: 7 words of warning about Macromedia Flash Player 9+ Dragos Ruiu (Oct 10)
PacSec 2006 Papers announcement and EUSecWest Call For Papers Dragos Ruiu (Oct 03)
Dr . Ninux
Sorry....My Message With Out Live Site.... Dr . Ninux (Oct 07)
D-virus
gcards (languagefile) <= Remote File Include D-virus (Oct 11)
edubp2002
Re: Secunia Research: Microsoft Windows Object Packager Dialog Spoofing edubp2002 (Oct 14)
Eiji James Yoshida
Microsoft Internet Information Services UTF-7 XSS Vulnerability [MS06-053] Eiji James Yoshida (Oct 02)
Eliah Kagan
Re: Flaw in Firefox 2.0 RC2 Eliah Kagan (Oct 18)
E Mintz
Security contact for Myspace/Fox? E Mintz (Oct 02)
emme0032
Re: phpAdsNew-2.0.8 <= (adlayer.php) Remote File Include emme0032 (Oct 28)
Enno Rey
Observations on Mandatory Integrity Control (MIC) in Windows Vista Enno Rey (Oct 07)
Enrico Scholz
[Fedora] libtool-ltdl uses relative paths to resolve and load libraries Enrico Scholz (Oct 10)
erdc
[ECHO_ADV_54$2006]vtiger CRM <=4.2 (calpath) Multiple Remote File Inclusion Vulnerability erdc (Oct 10)
[ECHO_ADV_51$2006] docmint <= 2.0 (MY_ENV[BASE_ENGINE_LOC]) Remote File Inclusion Vulnerability erdc (Oct 09)
[ECHO_ADV_55$2006]Phpmybibli <=2.1 Multiple Remote File Inclusion Vulnerability erdc (Oct 17)
[ECHO_ADV_53$2006] QnECMS <= 2.5.6 (adminfolderpath) Remote File Inclusion Vulnerability erdc (Oct 30)
[ECHO_ADV_48$2006] WebYep <= 1.1.9 (webyep_sIncludePath) Multiple Remote File Inclusion Vulnerability erdc (Oct 09)
[ECHO_ADV_49$2006]OpenDock Easy Doc <=1.4 (doc_directory) Multiple Remote File Inclusion Vulnerability erdc (Oct 09)
[ECHO_ADV_52$2006]OpenDock Easy Gallery <=1.4 (doc_directory) Multiple Remote File Inclusion Vulnerability erdc (Oct 09)
[ECHO_ADV_46$2006] P-Book <= 1.17 (pb_lang) Remote File Inclusion erdc (Oct 18)
[ECHO_ADV_50$2006]OpenDock Easy Blog <=1.4 (doc_directory) Multiple Remote File Inclusion Vulnerability erdc (Oct 09)
erne
Jinzora 2.6 - Remote File Include Vulnerabilities erne (Oct 14)
WebYep-1.1.9 - Remote File Include Vulnerabilities erne (Oct 16)
MOStlyCEV454 - Remote File Include Vulnerabilities erne (Oct 16)
patchlodel-0.7.3 - Remote File Include Vulnerabilities erne (Oct 16)
maintain-3.0.0-RC2 - Remote File Include Vulnerabilities erne (Oct 16)
erreale
Mozilla Firefox JavaScript Handler Race Condition Memory Corruption Vulnerability erreale (Oct 25)
farhadkey
[KAPDA::#61] - PacPoll <= 4.0 Multiple Vulnerabilities farhadkey (Oct 25)
fireboy2006
UltraCMS 0.9 sql injection fireboy2006 (Oct 19)
KICS CMS sql injection fireboy2006 (Oct 19)
UNISOR CMS sql injection fireboy2006 (Oct 27)
firewall1954
Nucleus Core v3.23 - Remote File Include firewall1954 (Oct 30)
Multiple Remote File Include firewall1954 (Oct 30)
CentiPaid <= 1.4.2 [$class_pwd] Remote File Include firewall1954 (Oct 30)
Francesco Laurita
Re: CentiPaid <= 1.4.2 [$class_pwd] Remote File Include Francesco Laurita (Oct 30)
ackerTodo 4.2 SQL Injection Vulnerability Francesco Laurita (Oct 06)
Re: Ban v0.1 (bannieres.php) File Include Francesco Laurita (Oct 28)
Re: Nucleus Core v3.23 - Remote File Include Francesco Laurita (Oct 30)
FREAK_PR
RMSOFT Cross Site Scripting FREAK_PR (Oct 23)
FreeBSD Security Advisories
FreeBSD Security Advisory FreeBSD-SA-06:22.openssh FreeBSD Security Advisories (Oct 02)
Gadi Evron
Technical Paper on the ZERT Patch and VML [was: Re: ZERT patch for setSlice()] Gadi Evron (Oct 04)
[funsec] Haxdoor: UK Police Count 8, 500 Victims in Data Theft (So Far) (fwd) Gadi Evron (Oct 27)
Re: Yahoo! Messenger Service 18 Remote Buffer Overflow Vulnerability Gadi Evron (Oct 25)
ISOI II - a DA Workshop (announcement and CFP) Gadi Evron (Oct 13)
ZERT patch for setSlice() Gadi Evron (Oct 02)
unreliable vulnerability reports en-masee [was:Re: vulnerability in Symantec products] Gadi Evron (Oct 30)
Re: [funsec] Technical Paper on the ZERT Patch and VML [was: Re: ZERT patch for setSlice()] Gadi Evron (Oct 09)
gene
Re: Directory Traversal Vulnerability in Goop Gallery 2.0.2 gene (Oct 17)
Gianluca Varisco
Re: yet another OpenSSH timing leak? Gianluca Varisco (Oct 10)
gmdarkfig
7 php scripts File Inclusion / Source disclosure Vuln gmdarkfig (Oct 10)
Gouki
Re: New Flaw in Firefox 2.0: DoS and possible remote code execution Gouki (Oct 31)
h4ck3riran
bbsNew ( File Include Vulnerability Exploit ) h4ck3riran (Oct 16)
Back-end => 0.4.5 Remote File Include Vulnerability Exploit h4ck3riran (Oct 30)
bbsNew => 2.0.1 Remote File Include Vulnerability Exploit h4ck3riran (Oct 30)
Back-end ( File Include Vulnerability Exploit ) h4ck3riran (Oct 16)
Exporia => 0.3.0 Remote File Include Vulnerability Exploit h4ck3riran (Oct 30)
hack2prison
Iono all version fullpath disclosure hack2prison (Oct 12)
handrix
Sun java System Messenger Express XSS handrix (Oct 31)
HASEGAWA Yosuke
Re: [Full-disclosure] IE7 is a Source of Problem - Secunia IE7 Release Incident of October 2006 HASEGAWA Yosuke (Oct 27)
H D Moore
Metasploit Framework 2.7 Released H D Moore (Oct 30)
iDefense Labs
iDefense Security Advisory 10.21.06: Novell eDirectory evtFilteredMonitorEventsRequest Invalid Free Vulnerability iDefense Labs (Oct 23)
iDefense Security Advisory 10.10.06: FreeBSD ptrace PT_LWPINFO Denial of Service Vulnerability iDefense Labs (Oct 10)
iDefense Security Advisory 10.19.06: Kaspersky Labs Anti-Virus IOCTL Local Privilege Escalation Vulnerability iDefense Labs (Oct 19)
iDefense Security Advisory 10.21.06: Novell eDirectory NCP over IP length Heap Overflow Vulnerability iDefense Labs (Oct 23)
iDefense Security Advisory 10.15.06: Clam AntiVirus ClamAV CHM Chunk Name Length DoS Vulnerability iDefense Labs (Oct 16)
iDefense Security Advisory 10.25.06: AOL YGPPDownload downloadFileDirectory ActiveX Control Heap Corruption Vulnerability iDefense Labs (Oct 25)
iDefense Security Advisory 10.15.06: Clam AntiVirus ClamAV rebuildpe Heap Overflow Vulnerability iDefense Labs (Oct 16)
iDefense Security Advisory 10.25.06: AOL Nullsoft Winamp Ultravox 'ultravox-max-msg' Header Heap Overflow Vulnerability iDefense Labs (Oct 25)
iDefense Security Advisory 10.11.06: AOL YGPPDownload SetAlbumName ActiveX Control Buffer Overflow Vulnerability iDefense Labs (Oct 12)
iDefense Security Advisory 10.17.06: Opera Software Opera Web Browser URL Parsing Heap Overflow Vulnerability iDefense Labs (Oct 17)
iDefense Security Advisory 10.21.06: Novell eDirectory evtFilteredMonitorEventsRequest Heap Overflow Vulnerability iDefense Labs (Oct 23)
iDefense Security Advisory 10.26.06: Multiple Vendor wvWare LFO Count Integer Overflow Vulnerability iDefense Labs (Oct 27)
iDefense Security Advisory 10.26.06: Multiple Vendor wvWare LVL Count Integer Overflow Vulnerability iDefense Labs (Oct 27)
iDefense Security Advisory 10.11.06: Sun Microsystems Solaris NSPR Library Arbitrary File Creation Vulnerability iDefense Labs (Oct 12)
iDefense Security Advisory 10.25.06: AOL Nullsoft Winamp Ultravox Lyrics3 v2.00 tags Heap Overflow Vulnerability iDefense Labs (Oct 25)
iDefense Security Advisory 10.25.06: AOL YGPPDownload AddPictureNoAlbum ActiveX Control Heap Corruption Vulnerability iDefense Labs (Oct 25)
iDefense Security Advisory 10.05.06: Symantec AntiVirus IOCTL Kernel Privilege Escalation Vulnerability iDefense Labs (Oct 06)
iDefense Security Advisory 10.13.06: Apache HTTP Server mod_tcl set_var Format String Vulnerability iDefense Labs (Oct 14)
iDefense Security Advisory 10.02.06: Novell GroupWise Messenger nmma.exe DoS Vulnerability iDefense Labs (Oct 03)
info
new version of phplist fix XSS vulnerability info (Oct 12)
ip . 123 . 456 . 78 . 90
GestArt <= vbeta 1 Remote File Include Vulnerabilities ip . 123 . 456 . 78 . 90 (Oct 27)
jay.tomas
Re: vulnerability in Symantec products jay.tomas (Oct 30)
J. Carlos Nieto
Re: Smarty-2.6.1 Remote File Include Vulnerabilities J. Carlos Nieto (Oct 24)
Jeff Moss
Black Hat CFP, Registration, and Announcements for October Jeff Moss (Oct 13)
Jerome Athias
Re: Free Rainbow Tables.com Jerome Athias (Oct 30)
jm
Re: Flaw in Firefox 2.0 RC2 jm (Oct 18)
josecarlos . norte
SMF fgets off-by-one issue and filter size evasion josecarlos . norte (Oct 27)
Simple Machines Forum (SMF) XSS issue josecarlos . norte (Oct 20)
Jose Nazario
Re: Flaw in Firefox 2.0 RC2 Jose Nazario (Oct 17)
jose . palanco
D-Link DSL-G624T several vulnerabilities jose . palanco (Oct 23)
Josh Bressers
Re: Concurrency-related vulnerabilities in browsers - expect problems Josh Bressers (Oct 06)
Re: New Flaw in Firefox 2.0: DoS and possible remote code execution Josh Bressers (Oct 31)
Jouko Pynnonen
Details of Lotus Notes Java Applet vulnerabilities Jouko Pynnonen (Oct 06)
Joxean Koret
MS Windows DRM software Memory Corruption Joxean Koret (Oct 10)
Juha-Matti Laurio
Vulnerable function in newest PowerPoint case (MS Advisory #925984) Juha-Matti Laurio (Oct 06)
Re: Security contact for Myspace/Fox? Juha-Matti Laurio (Oct 07)
Re: Utimaco Safeguard Easy vulnerability Juha-Matti Laurio (Oct 18)
Jure Pečar
Re: Flaw in Firefox 2.0 RC2 Jure Pečar (Oct 20)
k1tk4t
phpMyConferences <= 8.0.2 Remote File Inclusion k1tk4t (Oct 13)
trawler <= 1.8.1 Remote File Inclusion k1tk4t (Oct 23)
PHPLibrary <= 1.5.3 Remote File Inclusion k1tk4t (Oct 10)
speedberg <= 1.2beta1 Remote File Inclusion k1tk4t (Oct 23)
tagit2b -- Remote File Inclusion k1tk4t (Oct 10)
ExtCalThai_Component <= 0.9.1 Remote File Inclusion k1tk4t (Oct 12)
Open Conference Systems <= 1.1.3 Remote File Inclusion k1tk4t (Oct 13)
AlberT-EasySite <= 1.0.a5 Remote File Inclusion k1tk4t (Oct 11)
claroline <= 180rc1 Remote File Inclusion k1tk4t (Oct 10)
opendocman <= 1.2p3 Bypass admin/user Login k1tk4t (Oct 30)
blueshoes <= 4.6_public Remote File Inclusion k1tk4t (Oct 10)
Jinzora <= 2.1 Remote File Inclusion k1tk4t (Oct 11)
KaBaRa . HaCk . eGy
osprey 1.0 (ListRecords.php) Remote File Include Vulnerability KaBaRa . HaCk . eGy (Oct 16)
Kees Cook
[USN-367-1] Pike vulnerability Kees Cook (Oct 19)
[USN-364-1] Xsession vulnerability Kees Cook (Oct 16)
[USN-363-1] libmusicbrainz vulnerability Kees Cook (Oct 11)
[USN-365-1] libksba vulnerability Kees Cook (Oct 17)
[USN-366-1] binutils vulnerability Kees Cook (Oct 18)
kevin
Re: phpWebSite 0.10.2 Remote File Include Vulnerabilities kevin (Oct 11)
K F (lists)
hack.lu Bluetooth demo K F (lists) (Oct 23)
Larry Cashdollar
IBM Informix Dynamic Server V10.0 File Clobbering during Install Larry Cashdollar (Oct 02)
las_kid
EasyBannerFree (functions.php) Remote File Include Exploit las_kid (Oct 02)
Le . CoPrA
PHP Top webs (config.php) Remote File Inclue Vulnerability Le . CoPrA (Oct 13)
MNews <= 2.0 (noticias.php) Remote File Inclue Vulnerability Le . CoPrA (Oct 13)
PHP Classifieds 7.1 - Remote File Include Vulnerability Le . CoPrA (Oct 20)
RamaCMS (adodb.inc.php) Remote File Inclue Vulnerability Le . CoPrA (Oct 13)
PHP Cards <= 1.3 Remote File Inclue Vulnerability Le . CoPrA (Oct 13)
Morcego CMS <= 0.9.6 Remote File Inclue Vulnerability Le . CoPrA (Oct 13)
LegendaryZion
Cross Site Scripting (XSS) Vulnerability in Web Mail service by "Walla! Communications LTD" LegendaryZion (Oct 31)
Cross Site Scripting (XSS) Vulnerability in iPlanet Messaging Server Messenger Express by "Sun" LegendaryZion (Oct 31)
Directory listing on B-FOCuS Wireless 802.11b/g ADSL2+ Router by "ECI Telecom LTD" LegendaryZion (Oct 31)
Lillian Røstad
Call for Papers - First International Workshop on Secure Software Engineering (SecSE 2007) Lillian Røstad (Oct 18)
LIUDIEYU dot COM
IE7 is a Source of Problem - Secunia IE7 Release Incident of October 2006 LIUDIEYU dot COM (Oct 27)
L . M . H .
Month of Kernel Bugs and fsfuzzer release (0.6) L . M . H . (Oct 24)
loveha
Thepeak File Upload v1.3 : Read file vulneability loveha (Oct 27)
Lubomir Kundrak
Re: Flaw in Firefox 2.0 RC2 Lubomir Kundrak (Oct 19)
Ludwig Nussel
SUSE Security Announcement: php4,php5 (SUSE-SA:2006:059) Ludwig Nussel (Oct 09)
Luís Miguel Silva
Security flaw in IBM Client Security Password Manager Luís Miguel Silva (Oct 03)
TORQUE Spool Job Race condition (torque <= 2.0.0p8) Luís Miguel Silva (Oct 19)
mahmood ali
PHP Poll Creator 1.04 (poll_vote.php)File Include mahmood ali (Oct 20)
phpLedAds 2.0(dir) File Include mahmood ali (Oct 27)
PLS-Bannieres 1.21 (bannieres.php) File Include mahmood ali (Oct 27)
PHP Forge 3b2 (/inc/inc.php) Remote File Include Vulnerability mahmood ali (Oct 16)
Ban v0.1 (bannieres.php) File Include mahmood ali (Oct 27)
PhpBB<=2.0.10 (groupcp.php) Remote File Include Vulnerability mahmood ali (Oct 18)
DigitalHive 2.0 RC2 (base_include.php)File Include mahmood ali (Oct 19)
CS-Forum 0.82 (ajouter.php) Remote File Include Vulnerability mahmood ali (Oct 18)
EXlor 1.0 (/fonctions/template.php) Remote File Include Vulnerability mahmood ali (Oct 14)
Mailinglists Address
Re: adobe php sdk Remote File Include Vulnerabilities Mailinglists Address (Oct 24)
Re: zero-day flaws in Firefox: about 30 unpatched Firefox flaws Mailinglists Address (Oct 07)
Marco Ivaldi
Re: yet another OpenSSH timing leak? Marco Ivaldi (Oct 10)
Re: yet another OpenSSH timing leak? Marco Ivaldi (Oct 14)
yet another OpenSSH timing leak? Marco Ivaldi (Oct 09)
Re: iDefense Security Advisory 10.11.06: Sun Microsystems Solaris NSPR Library Arbitrary File Creation Vulnerability Marco Ivaldi (Oct 14)
Mark A Basil
Re: Flaw in Firefox 2.0 RC2 Mark A Basil (Oct 19)
Martin Pitt
[USN-368-1] Qt vulnerability Martin Pitt (Oct 23)
[USN-362-1] PHP vulnerabilities Martin Pitt (Oct 10)
[USN-357-1] Mono vulnerability Martin Pitt (Oct 04)
[USN-358-1] ffmpeg, xine-lib vulnerabilities Martin Pitt (Oct 04)
[USN-359-1] Python vulnerability Martin Pitt (Oct 06)
[USN-360-1] awstats vulnerabilities Martin Pitt (Oct 10)
[USN-355-1] openssh vulnerabilities Martin Pitt (Oct 02)
[USN-361-1] Mozilla vulnerabilities Martin Pitt (Oct 10)
[USN-356-1] gdb vulnerability Martin Pitt (Oct 02)
[USN-353-2] OpenSSL vulnerability Martin Pitt (Oct 04)
[USN-354-1] Firefox vulnerabilities Martin Pitt (Oct 02)
Martin Schulze
[SECURITY] [DSA 1188-1] New mailman packages fix several problems Martin Schulze (Oct 04)
[SECURITY] [DSA 1192-1] New Mozilla packages fix several vulnerabilities Martin Schulze (Oct 06)
[SECURITY] [DSA 1191-1] New Mozilla Thunderbird packages fix several vulnerabilities Martin Schulze (Oct 05)
Matousec - Transparent security Research
ISS BlackICE PC Protection Filelock protection bypass Vulnerability Matousec - Transparent security Research (Oct 16)
matteo
Re: phpAdsNew include bug! matteo (Oct 19)
Matteo Beccati
[PHPADSNEW-SA-2006-002] phpAdsNew and phpPgAds 2.0.8-pr1 fix XSS vulnerability Matteo Beccati (Oct 23)
Matthias Geerdsen
[ GLSA 200610-09 ] libmusicbrainz: Multiple buffer overflows Matthias Geerdsen (Oct 23)
[ GLSA 200610-02 ] Adobe Flash Player: Arbitrary code execution Matthias Geerdsen (Oct 04)
[ GLSA 200610-01 ] Mozilla Thunderbird: Multiple vulnerabilities Matthias Geerdsen (Oct 04)
Matt Richard
Re: [Full-disclosure] ZDI-06-035: Novell eDirectory NDS Server Host Header Buffer Overflow Vulnerability Matt Richard (Oct 30)
maxgipeh
ActiveX security leaks in the TV owned web game platform maxgipeh (Oct 31)
Max Moser
New tool release today - "wyd" - password profiling Max Moser (Oct 11)
Mayhemic Labs Security
MHL-2006-002 Public Advisory: "Call-Center-Software" Multiple Security Issues Mayhemic Labs Security (Oct 12)
MHL-2006-001 Public Advisory: "Eazy Cart" Multiple Security Issues Mayhemic Labs Security (Oct 10)
MHL-2006-003 Public Advisory: "ezOnlineGallery" Multiple Security Issues Mayhemic Labs Security (Oct 27)
MC Iglo
XSS in Zwahlen Online Shop MC Iglo (Oct 23)
meto5757
digishop v 4.0.0 Xss Vuln. meto5757 (Oct 02)
mfp . c
phpMyConferences <= 8.0.2 Remote File Inclusion mfp . c (Oct 31)
Mike
Flaw in Firefox 2.0 RC2 Mike (Oct 17)
Flaw in Firefox 2.0 Final mike (Oct 23)
Re: Concurrency-related vulnerabilities in browsers - expect problems Mike (Oct 05)
Mike Klingler
Advisory for Oneorzero helpdesk Mike Klingler (Oct 20)
mjau
Re: imageVue16.1 upload vulnerability mjau (Oct 30)
mkanat
Security Advisory for Bugzilla 2.18.5, 2.20.2, 2.22, and 2.23.2 mkanat (Oct 16)
MoHaNdKo
freenews---> fileinclude MoHaNdKo (Oct 30)
zorum_3_5 <=(dbproperty.php) Remote File Inclusion Exploit MoHaNdKo (Oct 18)
Moritz Muehlenhoff
[SECURITY] [DSA 1190-1] New maxdb-7.5.00 packages fix execution of arbitrary code Moritz Muehlenhoff (Oct 04)
[SECURITY] [DSA 1202-1] New screen packages fix arbitrary code execution Moritz Muehlenhoff (Oct 31)
[SECURITY] [DSA 1189-1] New openssh-krb5 packages fix denial of service and potential execution of arbitrary code Moritz Muehlenhoff (Oct 04)
[SECURITY] [DSA 1201-1] New ethereal packages fix denial of service Moritz Muehlenhoff (Oct 31)
[SECURITY] [DSA 1198-1] New python2.3 packages fix arbitrary code execution Moritz Muehlenhoff (Oct 23)
[SECURITY] [DSA 1194-1] New libwmf packages fix arbitrary code execution Moritz Muehlenhoff (Oct 09)
[SECURITY] [DSA 1197-1] New python2.4 packages fix arbitrary code execution Moritz Muehlenhoff (Oct 23)
[SECURITY] [DSA 1196-1] New clamav packages fix arbitrary code execution Moritz Muehlenhoff (Oct 19)
Moritz Naumann
IE7 status: 8 days after release, 3 unfixed issues Moritz Naumann (Oct 27)
mozi2weed
phpMyProfiler remote file include mozi2weed (Oct 04)
mrapples
Re: Simple Machines Forum (SMF) XSS issue mrapples (Oct 21)
navairum
SQL Injection simplog navairum (Oct 19)
IPEER Remote file inclusion navairum (Oct 23)
neothermic
Re: PhpBB<=2.0.10 (groupcp.php) Remote File Include Vulnerability neothermic (Oct 19)
Nick Boyce
Re: Concurrency-related vulnerabilities in browsers - expect problems Nick Boyce (Oct 06)
nicolascamino
Re: Application orders Linux in WebAPP v0.9.9.2.1 nicolascamino (Oct 24)
Nikolai Grigoriev
Hawking Technology wireless router WR254-CA DNS issue Nikolai Grigoriev (Oct 31)
nima . salehi
PhpBB Prillian French Remote File Include Vulnerability nima . salehi (Oct 13)
phpBB Add Name Remote File Include Vulnerability nima . salehi (Oct 13)
news defilante horizontale <= 4.1.1 Remote File Include Vulnerability nima . salehi (Oct 13)
maluinfo version 206.2.38l Remote File Include Vulnerability nima . salehi (Oct 13)
RPG Events 1.0.0 Remote File Include Vulnerability nima . salehi (Oct 13)
SpamOborona PHPBB Plugin Remote File Include Vulnerability nima . salehi (Oct 13)
phpBB PlusXL 2.x <= biuld 272 Remote File Include Vulnerability nima . salehi (Oct 13)
SpamBlockerMODv <= 1.0.2 Remote File Include Vulnerability nima . salehi (Oct 13)
Admin User Viewed Posts Tracker Remote File Include Vulnerability nima . salehi (Oct 12)
pbpbb archive for search engines Remote File Include Vulnerability nima . salehi (Oct 13)
phpBB Security <= 1.0.1 Remote File Include Vulnerability nima . salehi (Oct 13)
AMAZONIA MOD Remote File Include Vulnerability nima . salehi (Oct 13)
Buzlas <= v2006-1 Full Remote File Include Vulnerability nima . salehi (Oct 13)
phpBB lat2cyr <= 1.0.1 Remote File Include Vulnerability nima . salehi (Oct 13)
CommunityPortals <= 1.0 Remote File Include Vulnerability nima . salehi (Oct 11)
Journals System <= 1.0.2 [RC2] Remote File Include Vulnerability nima . salehi (Oct 12)
Nms
Punbb <= 1.2.13 Multiple Vulnerabilities Nms (Oct 30)
nnp
Kmail <= 1.9.1 (table/frameset) DOS nnp (Oct 16)
nnposter
Insecure storage of passwords in Axalto Protiva nnposter (Oct 27)
Noah Meyerhans
[SECURITY] [DSA 1199-1] New webmin packages fix input validation problems Noah Meyerhans (Oct 24)
[SECURITY] [DSA 1195-1] new openssl096 packages fix denial of service Noah Meyerhans (Oct 10)
[SECURITY] [DSA 1185-2] New openssl packages fix arbitrary code execution Noah Meyerhans (Oct 03)
[SECURITY] [DSA 1200-1] New Qt packages fix integer overflow Noah Meyerhans (Oct 30)
noislet . nospam
AROUNDMe 0.6.9 remonte file inclusion noislet . nospam (Oct 23)
noreply
Multiple vulnerabilities in Highwall Enterprise and Highwall Endpoint management interface noreply (Oct 18)
Airmagnet management interfaces multiple vulnerabilities noreply (Oct 18)
Web-style Wireless IDS attacks noreply (Oct 25)
Ofer Shezaf
ModSecurity 2.0, A Core Rule Set and Console now available Ofer Shezaf (Oct 30)
OpenPKG
[OpenPKG-SA-2006.024] OpenPKG Security Advisory (asterisk) OpenPKG (Oct 19)
[OpenPKG-SA-2006.025] OpenPKG Security Advisory (drupal) OpenPKG (Oct 20)
[OpenPKG-SA-2006.022] OpenPKG Security Advisory (openssh) OpenPKG (Oct 02)
[OpenPKG-SA-2006.027] OpenPKG Security Advisory (wordpress) OpenPKG (Oct 30)
[OpenPKG-SA-2006.023] OpenPKG Security Advisory (php) OpenPKG (Oct 17)
[OpenPKG-SA-2006.026] OpenPKG Security Advisory (screen) OpenPKG (Oct 26)
Outlaw
phpMyConferences_8.0.2 Remote File Inclusion Outlaw (Oct 25)
paisterist . nst
PHP-Nuke <= 7.9 Journal module (search.php) "forwhat" SQL Injection vulnerability paisterist . nst (Oct 31)
PHP-Nuke <= 7.9 Search module "author" SQL Injection vulnerability paisterist . nst (Oct 27)
-==PHP Nuke <= 7.9 SQL Injection and Bypass SQL Injection Protection vulnerabilities==- paisterist . nst (Oct 23)
PHP open_basedir with symlink() function Race Condition PoC exploit paisterist . nst (Oct 09)
PHP Live! <= 3.1 help.php Remote File Inclusion vulnerability paisterist . nst (Oct 07)
Paolo Perego
Pebble 2.0.0 RC[1,2] XSS vulnerability Paolo Perego (Oct 02)
Paul Schmehl
Re: Flaw in Firefox 2.0 RC2 Paul Schmehl (Oct 18)
Paul Szabo
IE UXSS (Universal XSS in IE, was Re: Microsoft Internet Information Services UTF-7 XSS Vulnerability [MS06-053]) Paul Szabo (Oct 02)
Re: [Full-disclosure] IE UXSS (Universal XSS in IE, was Re: Microsoft Internet Information Services UTF-7 XSS Vulnerability [MS06-053]) Paul Szabo (Oct 03)
Re: [Full-disclosure] IE UXSS (Universal XSS in IE, was Re: Microsoft Internet Information Services UTF-7 XSS Vulnerability [MS06-053]) Paul Szabo (Oct 03)
pdp (architect)
JavaScript Spider (code that can traverse the web) pdp (architect) (Oct 07)
playpacific . emulacaid
Hosting Controller 6.1 Hotfix <= 3.2 Vulnerability playpacific . emulacaid (Oct 27)
pokley
Re: freenews---> fileinclude pokley (Oct 31)
Re: freenews---> fileinclude pokley (Oct 31)
poplix
easy notes manager sql injection and authentication bypass poplix (Oct 30)
Praburaajan
HITBSecConf2006 CTF Source code and daemons Praburaajan (Oct 09)
ptitgal
Re: @lex Guestbook <=(ModeliXe.php) Remote File Inclusion Exploit ptitgal (Oct 16)
ragan
zero-day flaws in Firefox: about 30 unpatched Firefox flaws ragan (Oct 02)
raphael . huck
WikiNi Multiple Cross Site Scripting Vulnerabilities raphael . huck (Oct 23)
zenphoto Multiple Path Disclosure and Cross Site Scripting Vulnerabilities raphael . huck (Oct 12)
Noah's Classifieds Cross Site Scripting Vulnerability raphael . huck (Oct 11)
Raphael Marichez
[ GLSA 200610-12 ] Apache mod_tcl: Format string vulnerability Raphael Marichez (Oct 24)
[ GLSA 200610-14 ] PHP: Integer overflow Raphael Marichez (Oct 30)
[ GLSA 200610-15 ] Asterisk: Multiple vulnerabilities Raphael Marichez (Oct 30)
[ GLSA 200610-04 ] Seamonkey: Multiple vulnerabilities Raphael Marichez (Oct 16)
[ GLSA 200610-10 ] ClamAV: Multiple Vulnerabilities Raphael Marichez (Oct 24)
[ GLSA 200610-13 ] Cheese Tracker: Buffer Overflow Raphael Marichez (Oct 27)
[ GLSA 200610-03 ] ncompress: Buffer Underflow Raphael Marichez (Oct 06)
[ GLSA 200610-06 ] Mozilla Network Security Service (NSS): RSA signature forgery Raphael Marichez (Oct 17)
[ GLSA 200610-07 ] Python: Buffer Overflow Raphael Marichez (Oct 17)
[ GLSA 200610-05 ] CAPI4Hylafax fax receiver: Execution of arbitrary code Raphael Marichez (Oct 17)
[ GLSA 200610-08 ] Cscope: Multiple buffer overflows Raphael Marichez (Oct 20)
ERRATA: [ GLSA 200610-07 ] Python: Buffer Overflow Raphael Marichez (Oct 19)
[ GLSA 200610-11 ] OpenSSL: Multiple vulnerabilities Raphael Marichez (Oct 24)
Rapigator
Invision Power Board Multiple Vulnerabilities Rapigator (Oct 04)
Re: Invision Power Board Multiple Vulnerabilities Rapigator (Oct 07)
RedTeam Pentesting
Authentication bypass in BytesFall Explorer RedTeam Pentesting (Oct 31)
ReeM_HaCk
Security Suite IP Logger Remote File Inclusion ReeM_HaCk (Oct 12)
research
SYMSA-2006-010: Directory Traversal in IronWebMail research (Oct 16)
SecureWorks Research Client Advisory: Multiple Vendor Bluetooth Memory Stack Corruption Vulnerability Research (Oct 12)
Microsoft .NET request filtering bypass vulnerability research (Oct 27)
PR06-03b: F5 Firepass 1000 SSL VPN version 5.5 vulnerable to Cross-Site Scripting research (Oct 17)
Reversemode
[Reversemode Advisory] Kaspersky Anti-Virus Privilege Escalation Reversemode (Oct 20)
Re: IE7 is a Source of Problem - Secunia IE7 Release Incident of October 2006 Reversemode (Oct 27)
[Reversemode Advisory] Symantec Antivirus Engine Privilege Escalation Reversemode (Oct 06)
Roman Medina-Heigl Hernandez
Portable shell-exploit for buffer-overflow bugs Roman Medina-Heigl Hernandez (Oct 02)
root
Static fmat exploits with random va root (Oct 18)
rPath Update Announcements
rPSA-2006-0194-1 kernel rPath Update Announcements (Oct 17)
rPSA-2006-0182-1 php php-mysql php-pgsql rPath Update Announcements (Oct 06)
rPSA-2006-0195-2 kdelibs qt-x11-free rPath Update Announcements (Oct 26)
rPSA-2006-0198-1 screen rPath Update Announcements (Oct 26)
rPSA-2006-0185-1 gnome-ssh-askpass openssh openssh-client openssh-server rPath Update Announcements (Oct 06)
rPSA-2006-0195-1 kdelibs rPath Update Announcements (Oct 19)
rPSA-2006-0187-1 idle python rPath Update Announcements (Oct 11)
rPSA-2006-0183-1 nss_ldap rPath Update Announcements (Oct 06)
RSnake
Re: Simple Machines Forum (SMF) XSS issue RSnake (Oct 23)
Ryan Smith
Hustle Labs & MNIN eDirectory Vulnerability Ryan Smith (Oct 21)
sami
Cahier de textes 2.0 Remote SQL injection Exploit sami (Oct 07)
scottREMOVE
Re: vbulletin Exploit Tool Box scottREMOVE (Oct 17)
scsantos@unigranrio com br
Re: [Full-disclosure] SQL injection - moodle scsantos@unigranrio com br (Oct 09)
Sean Warnock
RE: Flaw in Firefox 2.0 RC2 Sean Warnock (Oct 19)
sec
TorrentFlux User-Agent XSS Vulnerability sec (Oct 06)
Secunia Research
Secunia Research: Microsoft Windows Object Packager Dialog Spoofing Secunia Research (Oct 11)
Secunia Research: IBM Lotus Notes Insecure Default Folder Permissions Secunia Research (Oct 18)
Secunia Research: Joomla BSQ Sitestats Script Insertion and SQL Injection Secunia Research (Oct 18)
secure
Symantec Product Security: Symantec Device Driver Elevation of Privileg secure (Oct 23)
securfrog
Re: net2ftp: a web based FTP client :) <= Remote File Inclusion securfrog (Oct 02)
security
Re: Multiple XSS Vulnerabilities in Zen Cart 1.3.5 security (Oct 14)
[ MDKSA-2006:184 ] - Updated clamav packages fix vulnerabilities security (Oct 18)
Multiple XSS Vulnerabilities in KnowledgeBank 1.01 security (Oct 19)
FreeWPS File Upload Command Execution security (Oct 06)
ProgSys verion 0.151 XSS vulnerability security (Oct 24)
[ MDKSA-2006:183 ] - Updated libksba packages correct DoS vulnerability security (Oct 17)
[ MDKSA-2006:185 ] - Updated php packages to address multiple vulnerabilities security (Oct 18)
Multiple XSS Vulnerability in Gcontact security (Oct 14)
[ MDKSA-2006:191 ] - Updated screen packages fix vulnerability security (Oct 28)
[ MDKSA-2006:172-1 ] - Updated openssl packages fix vulnerabilities security (Oct 03)
[ MDKSA-2006:180 ] - Updated php packages fix integer overflow vulnerability security (Oct 06)
[ MDKSA-2006:186 ] - Updated kdelibs packages fix KHTML vulnerability security (Oct 19)
[ MDKSA-2006:182 ] - Updated kernel packages fix multiple vulnerabilities and bugs security (Oct 11)
[ MDKSA-2006:181 ] - Updated python packages fix vulnerability security (Oct 10)
[ MDKSA-2006:190 ] - Updated mutt packages fix multiple vulnerabilities security (Oct 28)
SQL Injection Vulnerability in bfExplorer 0.0.6 security (Oct 31)
Directory Traversal Vulnerability in Goop Gallery 2.0.2 security (Oct 04)
Directory Traversal Vulnerability in Goop Gallery 2.0.2 security (Oct 11)
[ MDKSA-2006:188 ] - Updated mono packages fix vulnerability security (Oct 28)
[ MDKSA-2006:189 ] - Updated xsupplicant fixes possible remote root stack smash vulnerability security (Oct 28)
[ MDKSA-2006:194 ] - Updated PostgreSQL packages fix vulnerabilities security (Oct 31)
[ MDKSA-2006:179 ] - Updated openssh packages fix DoS vulnerabilities security (Oct 04)
[ MDKSA-2006:178 ] - Updated ntp packages rebuilt against updated openssl. security (Oct 03)
[ MDKSA-2006:192 ] - Updated ruby packages fix DoS vulnerability security (Oct 28)
vulnerability in Symantec products security (Oct 27)
[ MDKSA-2006:187 ] - Updated Qt packages fix vulnerability security (Oct 25)
[ MDKSA-2006:177 ] - Updated MySQL packages rebuilt against updated openssl. security (Oct 03)
phpFaber CMS Cross Site Scripting security (Oct 27)
[ MDKSA-2006:193 ] - Updated ImageMagick packages fix vulnerabilities security (Oct 31)
security-alert
[security bulletin] HPSBUX02087 SSRT4728 rev.4 - HP-UX running TCP/IP Remote Denial of Service (DoS) security-alert (Oct 10)
[security bulletin] HPSBUX02157 SSRT061220 rev.1 HP-UX Running Ignite-UX Server, Remote Unauthorized Access and Privilege Elevation security-alert (Oct 02)
HPSBUX02162 SSRT061223 rev.1 - HP-UX Running dtmail, Local Execution of Arbitrary Code security-alert (Oct 20)
[security bulletin] HPSBMA02133 SSRT061201 rev.2 - HP Oracle for OpenView (OfO) Critical Patch Update security-alert (Oct 25)
[security bulletin] HPSBST02160 SSRT061254 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS06-055 security-alert (Oct 13)
[security bulletin] HPSBMA02121 SSRT061157 rev.3 - HP OpenView Storage Data Protector Remote Unauthorized Arbitrary Command Execution security-alert (Oct 30)
[security bulletin] HPSBMA02138 SSRT061184 rev.2 - HP OpenView Storage Data Protector, Remote Unauthorized Arbitrary Command Execution security-alert (Oct 30)
[security bulletin] HPSBST02161 SSRT061264 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS06-056 Through MS06-065 security-alert (Oct 19)
[security bulletin] HPSBTU02163 SSRT061223 rev.1 - HP Tru64 UNIX Running dtmail, Local Execution of Arbitrary Code security-alert (Oct 20)
[security bulletin] HPSBUX02129 SSRT061149 rev.1 - HP-UX running SLP, Remote Unauthorized Access security-alert (Oct 02)
[security bulletin] HPSBUX02155 SSRT061235 rev.2 HP-UX CIFS Server (Samba) Local Unauthorized Access, Elevated Privileges security-alert (Oct 17)
[security bulletin] HPSBST02134 SSRT061187 rev.2 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS06-052, MS06-053 and MS06-054 security-alert (Oct 13)
[security bulletin] HPSBMA02158 SSRT061251 rev.1 - HP Version Control Agent, Remote Unauthorized Access and Possible Elevation of Privilege security-alert (Oct 12)
[security bulletin] HPSBTU02168 SSRT061237 rev.1 - HP Tru64 UNIX Running gzip, gunzip, and gzcat, Remote Unauthorized Arbitrary Code Execution or Denial of Service (DoS) security-alert (Oct 30)
securityproof
"POC 2006" by Korean hackers securityproof (Oct 02)
seejay . 11
Spoofing security dialog in object packager - 2 seejay . 11 (Oct 14)
Shane Lahey
Re: Flaw in Firefox 2.0 RC2 Shane Lahey (Oct 18)
simo
Re: phpAdsNew-2.0.8 <= (adlayer.php) Remote File Include simo (Oct 30)
Sowhat
Microsoft Office Malformed Record Memory Corruption Vulnerability Sowhat (Oct 11)
Stefan Esser
Advisory 09/2006: PHP unserialize() Array Creation Integer Overflow Stefan Esser (Oct 09)
Advisory 10/2006: ViewVC Undefined Charset UTF-7 XSS Vulnerability Stefan Esser (Oct 16)
Advisory 07/2006: phpMyAdmin Multiple CSRF Vulnerabilities Stefan Esser (Oct 02)
Advisory 11/2006: Serendipity Weblog XSS Vulnerabilities Stefan Esser (Oct 19)
Advisory 08/2006: PHP open_basedir Race Condition Vulnerability Stefan Esser (Oct 04)
Steve Kemp
[SECURITY] [DSA 1166-2] New cheesetraceker packages fix buffer overflow Steve Kemp (Oct 13)
Steven M. Christey
Re: The latest version of iSearch is V2.16 <= (index.php) Remote File Inclusion Exploit Steven M. Christey (Oct 11)
Re: iDefense Security Advisory 10.19.06: Kaspersky Labs Anti-Virus IOCTL Local Privilege Escalation Vulnerability Steven M. Christey (Oct 21)
Re: WebspotBlogging => 3.0 Remote File Include Vulnerabilities Steven M. Christey (Oct 03)
Vulnerability Type Distributions in CVE Steven M. Christey (Oct 05)
Re: WikyBlog <= v1.4 (WN_BASEDIR) Remote File Inclusion Exploit Steven M. Christey (Oct 06)
Re: net2ftp: a web based FTP client :) <= Remote File Inclusion Steven M. Christey (Oct 09)
stormhacker
WDT:- osTicket File Include all V stormhacker (Oct 14)
str0ke
Re: PHPRecipeBook <= 2.35 ((g_rb_basedir)) Remote File Include Exploit str0ke (Oct 18)
Re: gcards (languagefile) <= Remote File Include str0ke (Oct 11)
Re: The latest version of iSearch is V2.16 <= (index.php) Remote File Inclusion Exploit str0ke (Oct 10)
subzero . 0000
ATutor 1.5.3.2=> Remote File Include Vulnerability subzero . 0000 (Oct 19)
Tamriel
Re: freenews---> fileinclude Tamriel (Oct 30)
eXpBlog <= 0.3.5 Cross Site Scripting Vulnerabilities Tamriel (Oct 10)
Re: CentiPaid <= 1.4.2 [$class_pwd] Remote File Include Tamriel (Oct 30)
XeoPort <= 0.81 SQL Injection Vulnerability Tamriel (Oct 12)
Xeobook <= 0.93 Multiple SQL Injection Vulnerabilities Tamriel (Oct 12)
Re: phpMyConferences_8.0.2 Remote File Inclusion Tamriel (Oct 25)
the_free_kernel
Application orders Linux in WebAPP v0.9.9.2.1 the_free_kernel (Oct 23)
[Xss] IN SMF 1.1 RC2 the_free_kernel (Oct 19)
the-free_kernel
[Xss] IN phplist v 2.10.2, the-free_kernel (Oct 17)
theif
Re: PHPRecipeBook <= 2.35 ((g_rb_basedir)) Remote File Include Exploit theif (Oct 19)
Thierry Zoller
Re: [Full-disclosure] hack.lu Bluetooth demo Thierry Zoller (Oct 23)
Thomas Biege
SUSE Security Summary Report SUSE-SR:2006:024 Thomas Biege (Oct 06)
Thor Larholm
0day in Firefox from ToorCon '06 Thor Larholm (Oct 02)
Trustix Security Advisor
TSLSA-2006-0055 - multi Trustix Security Advisor (Oct 06)
TSLSA-2006-0057 - multi Trustix Security Advisor (Oct 18)
TSLSA-2006-0059 - postgresql Trustix Security Advisor (Oct 27)
TSRT
TSRT-06-11: CA Multiple Product DBASVR RPC Server Multiple Buffer Overflow Vulnerabilities TSRT (Oct 06)
TSRT-06-12: CA BrightStor Discovery Service Mailslot Buffer Overflow Vulnerability TSRT (Oct 06)
Uwe Hermann
[DRUPAL-SA-2006-026] Drupal 4.6.10 / 4.7.4 fixes HTML attribute injection issue Uwe Hermann (Oct 19)
[DRUPAL-SA-2006-025] Drupal 4.6.10 / 4.7.4 fixes CRF issue Uwe Hermann (Oct 19)
[DRUPAL-SA-2006-024] Drupal 4.6.10 / 4.7.4 fixes multiple XSS issues Uwe Hermann (Oct 19)
v1per-hacker
Download-Engine Remote File Include v1per-hacker (Oct 12)
Vidar Løkken
Re: [Full-disclosure] Kmail <= 1.9.1 (table/frameset) DOS Vidar Løkken (Oct 16)
vulnpost-remove
[vuln.sg] CruiseWorks Directory Traversal and Buffer Overflow Vulnerabilities vulnpost-remove (Oct 24)
wacky
phpAdsNew include bug! wacky (Oct 17)
webcalendar
Re: WebCalendar-1.0.3 reading of any files webcalendar (Oct 02)
Williams, James K
[CAID 34693, 34694]: CA BrightStor ARCserve Backup Multiple Buffer Overflow Vulnerabilities (UPDATED) Williams, James K (Oct 20)
[CAID 34661]: CA Unicenter WSDM File System Read Access Vulnerability Williams, James K (Oct 04)
[CAID 34693, 34694]: CA BrightStor ARCserve Backup Multiple Buffer Overflow Vulnerabilities Williams, James K (Oct 06)
Wim Godden
Re: phpAdsNew include bug! Wim Godden (Oct 18)
Wolf Halton
RE: Informing Companies about security vulnerabilities... Wolf Halton (Oct 07)
x0r0n
phpMyWebmin 1.0 <= (target) Remote File Include Vulnerability x0r0n (Oct 02)
phpMyTeam v2.0 <= (smileys_dir) Remote File Include Vulnerability x0r0n (Oct 06)
FreeForum 0.9.7 (fpath) Remote File Include Vulnerability x0r0n (Oct 07)
phpBB User Viewed Posts Tracker Version <= 1.0 [phpbb_root_path] File Include Vulnerability x0r0n (Oct 07)
xorontr
PHP Generator of Object SQL Database (path) Remote File Include Vulnerability xorontr (Oct 23)
InteliEditor (sys_path) Remote File Include Vulnerability xorontr (Oct 24)
Freenews v1.1 <= (chemin) Remote File Include Vulnerability xorontr (Oct 09)
PHPMyNews 1.4 <= (cfg_include_dir) Remote File Include Vulnerability xorontr (Oct 09)
Open Meetings Filing Application (PROJECT_ROOT) Remote File Include Vulnerability xorontr (Oct 21)
Re: Jax LinkLists Remote File include xorontr (Oct 14)
MiniBILL v2006-10-10 (config[page_dir] Remote File Include Vulnerability xorontr (Oct 27)
Virtual Law Office (phpc_root_path) Remote File Include Vulnerability xorontr (Oct 21)
xp1o
@lex Guestbook <=(ModeliXe.php) Remote File Inclusion Exploit xp1o (Oct 14)
news7 <= (news.php) Remote File Inclusion Exploit xp1o (Oct 13)
WikyBlog <= v1.4 (WN_BASEDIR) Remote File Inclusion Exploit xp1o (Oct 05)
phponline <= (LangFile) Remote File Inclusion Exploit xp1o (Oct 06)
The latest version of iSearch is V2.16 <= (index.php) Remote File Inclusion Exploit xp1o (Oct 09)
xx_hack_xx_2004
Full Path Disclosure in PHP-Wyana (2) xx_hack_xx_2004 (Oct 16)
Full Path Disclosure in PHP-Wyana xx_hack_xx_2004 (Oct 16)
xxxx
New Flaw in Firefox 2.0: DoS and possible remote code execution xxxx (Oct 31)
Re: Re: New Flaw in Firefox 2.0: DoS and possible remote code execution xxxx (Oct 31)
zarloule04
XSS IN paFileDB 3.1 zarloule04 (Oct 09)
zdi-disclosures
ZDI-06-035: Novell eDirectory NDS Server Host Header Buffer Overflow Vulnerability zdi-disclosures (Oct 27)
ZDI-06-034: Microsoft Office Word Malformed Chart Code Execution Vulnerability zdi-disclosures (Oct 10)
ZDI-06-033: Microsoft Office Excel File Format DATETIME Record Parsing Vulnerability zdi-disclosures (Oct 10)
ZDI-06-032: Microsoft Office PowerPoint Malformed Slide Notes Rebuilding Vulnerability zdi-disclosures (Oct 10)
ZDI-06-030: CA Multiple Product Discovery Service Remote Buffer Overflow Vulnerability zdi-disclosures (Oct 06)
ZDI-06-031: CA Multiple Product Message Engine RPC Server Code Execution Vulnerability zdi-disclosures (Oct 06)
zooz_998
phpAdsNew-2.0.8 <= (adlayer.php) Remote File Include zooz_998 (Oct 27)
Дмитрий Borgir
PHP "exec", "system", "popen" problem Дмитрий Borgir (Oct 19)