Bugtraq: by author
492 messages
starting Apr 16 07 and
ending Apr 18 07
Date index |
Thread index |
Author index
?? ???? ??????
Sitebar 3.3.5 (index.php writerFile)Remote File Include Vulnerabilities ?? ???? ?????? (Apr 16)
1one1
Sphider Version 1.2.x (include_dir) file include 1one1 (Apr 28)
3APA3A
Re: APOP vulnerability 3APA3A (Apr 03)
Re[2]: APOP vulnerability 3APA3A (Apr 03)
Re[2]: Windows DNS Cache Poisoning by Forwarder DNS Spoofing 3APA3A (Apr 17)
admin
[MajorSecurity Advisory #46]Plogger - Session fixation Issue admin (Apr 24)
[MajorSecurity Advisory #44]MailBee WebMail Pro - Cross Site Scripting Issue admin (Apr 13)
[MajorSecurity Advisory #45]oe2edit CMS - Cross Site Scripting and Cookie Manipulation Issue admin (Apr 16)
[MajorSecurity Advisory #43]Calacode ATMail 5.0 - Cross Site Scripting and Cookie Manipulation Issue admin (Apr 11)
ajannhwt
CmailServer WebMail <= V.5.3.4 (signup) Remote XSS Exploit ajannhwt (Apr 07)
ak
Advisory: SQL Injection in package SYS.DBMS_AQADM_SYS ak (Apr 18)
Advisory: SQL Injection in package SYS.DBMS_UPGRADE_INTERNAL ak (Apr 18)
Advisory: Shutdown unprotected Oracle TNS Listener via Oracle Discoverer Servlet [AS01] ak (Apr 18)
Advisory: XSS Vulnerability in Oracle Secure Enterprise Search [SES01] ak (Apr 18)
Advisory: Bypass Oracle Logon Trigger ak (Apr 18)
Akamai Security Team
Akamai Technologies Security Advisory 2007-0001 Akamai Security Team (Apr 16)
Alexander Klimov
Re: On-going Internet Emergency and Domain Names Alexander Klimov (Apr 11)
alijsb
Searchactivity >> RFI alijsb (Apr 25)
HYIP Manager Pro Script >> Remote file Include alijsb (Apr 25)
Built2Go_PHP_Link_Portal_v1.79 >> RFI alijsb (Apr 25)
HTMLeditbox & 2.2 >> RFI alijsb (Apr 25)
phpMYTGP v v1.4b >> RFI alijsb (Apr 25)
:doruk100net >> RFI alijsb (Apr 25)
netbingo v 2000 >> RFI alijsb (Apr 25)
download engine V1.4.1 >> RFI (local) alijsb (Apr 25)
Shop-Script v 2.0 >> RFI alijsb (Apr 25)
comus 2.0 Final >> RFI alijsb (Apr 25)
nucleus 3.22 >> RFI alijsb (Apr 25)
B2 Weblog and News Publishing Tool v0.6.1 >> RFI alijsb (Apr 25)
adrevenue script (CyKuH.com)>> RFI alijsb (Apr 25)
MyNewsGroups >> RFI in include.php alijsb (Apr 25)
DynaTracker &v151>> RFI alijsb (Apr 25)
Andrea "bunker" Purificato
Re: [Full-disclosure] [RECTIFY] Oracle 10g exploit - dbms_aq.enqueue - become DBA Andrea "bunker" Purificato (Apr 03)
0day Oracle 10g exploit - dbms_aq.enqueue - become DBA Andrea "bunker" Purificato (Apr 02)
Andrea Purificato - bunker
Re: 0day Oracle 10g exploit - dbms_aq.enqueue - become DBA Andrea Purificato - bunker (Apr 03)
Andreas Beck
Re: Steganos Encrypted Safe NOT so safe Andreas Beck (Apr 14)
announcements
WASC-Articles: 'The business case for security frameworks' announcements (Apr 23)
ascii
Re: [Full-disclosure] Cross Domain XMLHttpRequest ascii (Apr 17)
asdasd asdsadas
New bug :) asdasd asdsadas (Apr 11)
Allfaclassfieds (level2.php dir) remote file inclusion asdasd asdsadas (Apr 23)
nEw Bug :D asdasd asdsadas (Apr 11)
BlackHawk
MyBlog <= 0.9.8 Remote Command Execution Exploit BlackHawk (Apr 16)
Re: claroline <= Multiple Remote File Include Vulnerablitiy BlackHawk (Apr 24)
Blue Boar
Re: [Full-disclosure] [WEB SECURITY] Persistent CSRF and The Hotlink Hell Blue Boar (Apr 17)
Bob Fiero
Re: On-going Internet Emergency and Domain Names Bob Fiero (Apr 03)
Bojan Zdrnja
Re: Windows DNS Cache Poisoning by Forwarder DNS Spoofing Bojan Zdrnja (Apr 18)
BorN To K!LL BorN To K!LL
Gizzar <= (basePath) Remote File Include Vulnerability BorN To K!LL BorN To K!LL (Apr 17)
2BGal 3.1.1 <= (admin/index.php) Remote File Include Vulnerability BorN To K!LL BorN To K!LL (Apr 02)
C. Bergström
Re: Internet Explorer Crash C. Bergström (Apr 19)
Cesar
[Argeniss] Hacking Databases for owning your data (paper) Cesar (Apr 13)
Chris Kelly
Re: gallery >> 1.5.6 Remote File Inclusion Chris Kelly (Apr 24)
Chris Travers
LedgerSMB 1.2.0 finally released, fixes CVE-2006-5589 Chris Travers (Apr 05)
ACLS ineffective in SQL-Ledger and LedgerSMB Chris Travers (Apr 06)
Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Multiple Vulnerabilities in the Cisco Wireless LAN Controller and Cisco Lightweight Access Points Cisco Systems Product Security Incident Response Team (Apr 12)
Cisco Security Advisory: Default Passwords in NetFlow Collection Engine Cisco Systems Product Security Incident Response Team (Apr 25)
Cisco Security Advisory: Multiple Vulnerabilities in the Cisco Wireless Control System Cisco Systems Product Security Incident Response Team (Apr 12)
come2waraxe
[waraxe-2007-SA#048] - Multiple vulnerabilities in Virtual War 1.5 module for PhpNuke come2waraxe (Apr 13)
[waraxe-2007-SA#049] - Multiple vulnerabilities in Phorum 5.1.20 come2waraxe (Apr 19)
contact
WASC-Articles: 'The Importance of Application Classification in Secure Application Development' contact (Apr 17)
crazy_king
GHH Portal 1.1 (passwd.txt) Remote Password Disclosure Vulnerability crazy_king (Apr 30)
Joomla/Mambo Jambook v1.0 beta7 Rfi Vuln. crazy_king (Apr 16)
CYBSEC Advisories
CYBSEC Security Pre-Advisory: SAP SYSTEM_CREATE_INSTANCE RFC Function Buffer Overflow CYBSEC Advisories (Apr 04)
CYBSEC Security Pre-Advisory: SAP RFC_START_PROGRAM RFC Function Multiple Vulnerabilities CYBSEC Advisories (Apr 04)
CYBSEC Security Pre-Advisory: SAP RFC_SET_REG_SERVER_PROPERTY RFC Function Denial Of Service CYBSEC Advisories (Apr 04)
CYBSEC Pre-Advisory: SAP TRUSTED_SYSTEM_SECURITY RFC Function Information Disclosure CYBSEC Advisories (Apr 04)
CYBSEC Security Pre-Advisory: SAP RFC_START_GUI RFC Function Buffer Overflow CYBSEC Advisories (Apr 04)
d4rksoft
Re: Latinchat Denial Of Service d4rksoft (Apr 11)
Daniel Veditz
Re: [WEB SECURITY] Firefox extensions go Evil - Critical Vulnerabilities in Firefox/Firebug Daniel Veditz (Apr 05)
Dave Walker
Re: Internet Explorer Crash Dave Walker (Apr 19)
David Litchfield
Three New Papers on Oracle Forensics David Litchfield (Apr 04)
Analysis of the Oracle April 2007 Critical Patch Update David Litchfield (Apr 18)
dean
NeatUpload vulnerability and fix dean (Apr 20)
Denis Jedig
Re: Exploiting Microsoft dynamic Dns updates Denis Jedig (Apr 03)
dharmeshmm
Security Concerns in Web 2.0 dharmeshmm (Apr 27)
dj_remix_20
Burak Yılmaz Blog (tr) v1.0 SQL injection vulnerability dj_remix_20 (Apr 26)
Dr . Ninux
ImageProcessing ... Local (Denial of Service Exploit) Dr . Ninux (Apr 24)
eEye Advisories
EEYE: Windows Vista CSRSS Dangling Process Pointer Privilege Escalation eEye Advisories (Apr 10)
EEYE: Windows VDM Zero Page Race Condition Privilege Escalation eEye Advisories (Apr 10)
elflord91
Re: Internet Explorer Crash elflord91 (Apr 18)
encytemedia
Re: Cross site scripting in mephisto 0.7.3 encytemedia (Apr 12)
Fergie
Re: [funsec] Re: [Full-disclosure] A Botted Fortune 500 a Day Fergie (Apr 18)
Foresight Linux Essential Announcement Service
FLEA-2007-0006-2: ImageMagick Foresight Linux Essential Announcement Service (Apr 03)
FLEA-2007-0015-1: gimp Foresight Linux Essential Announcement Service (Apr 30)
FLEA-2007-0011-1: lighttpd Foresight Linux Essential Announcement Service (Apr 20)
FLEA-2007-0014-1: vim Foresight Linux Essential Announcement Service (Apr 30)
FLEA-2007-0010-1: evolution Foresight Linux Essential Announcement Service (Apr 05)
FLEA-2007-0012-1: madwifi Foresight Linux Essential Announcement Service (Apr 23)
FLEA-2007-0013-1: xine-lib Foresight Linux Essential Announcement Service (Apr 23)
FLEA-2007-0008-1: krb5 Foresight Linux Essential Announcement Service (Apr 05)
FLEA-2007-0009-1: xorg-x11 freetype Foresight Linux Essential Announcement Service (Apr 05)
FLEA-2007-0007-1: nas Foresight Linux Essential Announcement Service (Apr 03)
FLEA-2007-0006-1: ImageMagick Foresight Linux Essential Announcement Service (Apr 03)
frankrizzo604
Steganos Encrypted Safe NOT so safe frankrizzo604 (Apr 11)
FreeBSD Security Advisories
FreeBSD Security Advisory FreeBSD-SA-07:03.ipv6 FreeBSD Security Advisories (Apr 27)
Gadi Evron
More information on ZERT patch for ANI 0day Gadi Evron (Apr 02)
Re: Critical phpwiki c99shell exploit Gadi Evron (Apr 12)
Re: 0day Oracle 10g exploit - dbms_aq.enqueue - become DBA Gadi Evron (Apr 03)
MS announces out-of-band patch for ANI 0day Gadi Evron (Apr 02)
Re: [exploits] RPC vuln in DNS Server (fwd) Gadi Evron (Apr 16)
Gaëtan LEURENT
Re: APOP vulnerability Gaëtan LEURENT (Apr 03)
APOP vulnerability Gaëtan LEURENT (Apr 02)
gmdarkfig
PunBB <= 1.2.14 Multiple Vulnerabilities (Advisory) gmdarkfig (Apr 11)
PunBB <= 1.2.14 Remote Code Execution (Exploit) gmdarkfig (Apr 11)
MyBulletinBoard (MyBB) <= 1.2.3 Remote Code Execution Exploit gmdarkfig (Apr 03)
GomoR
Re: Nine Vista CVEs, including Microsoft inaccurate Teredo use case documentation GomoR (Apr 07)
Greg Merideth
RE: Yet another SQL injection framework Greg Merideth (Apr 23)
Guillermo Marro
Yet another SQL injection framework Guillermo Marro (Apr 19)
Re: Yet another SQL injection framework (file corruption) Guillermo Marro (Apr 20)
Hanno Böck
Cross site scripting in mephisto 0.7.3 Hanno Böck (Apr 12)
CVE-2007-1872: Cross site scripting in toendaCMS 1.5.3 Hanno Böck (Apr 12)
CVE-2007-1871: Cross site scripting in chcounter 3.1.3 Hanno Böck (Apr 12)
iDefense Labs
iDefense Security Advisory 04.26.07: Novell eDirectory NCP Fragment Denial of Service Vulnerability iDefense Labs (Apr 26)
iDefense Security Advisory 04.11.07: Apache HTTPD suEXEC Multiple Vulnerabilities iDefense Labs (Apr 11)
iDefense Security Advisory 04.10.07: Microsoft Windows Universal Plug and Play Memory Corruption Vulnerability iDefense Labs (Apr 10)
iDefense Security Advisory 04.12.07: Hewlett Packard HP-UX Remote pfs_mountd.rpc Buffer Overflow Vulnerability iDefense Labs (Apr 12)
iDefense Security Advisory 04.27.07: VMware Workstation Shared Folders Directory Traversal Vulnerability iDefense Labs (Apr 30)
iDefense Security Advisory 04.16.07: ClamAV CAB File Unstore Buffer Overflow Vulnerability iDefense Labs (Apr 16)
iDefense Security Advisory 04.20.07: Check Point Zone Labs SRESCAN IOCTL Local Privilege Escalation Vulnerability iDefense Labs (Apr 20)
iDefense Security Advisory 03.31.07: IBM Tivoli Provisioning Manager for OS Deployment Multiple Vulnerabilities iDefense Labs (Apr 02)
iDefense Security Advisory 04.03.07: Multiple Vendor X Server XC-MISC Extension Memory Corruption Vulnerability iDefense Labs (Apr 04)
iDefense Security Advisory 04.04.07: Kaspersky Internet Security Suite klif.sys Heap Overflow Vulnerability iDefense Labs (Apr 05)
iDefense Security Advisory 04.17.07: McAfee VirusScan On-Access Scanner Long Unicode File Name Buffer Overflow iDefense Labs (Apr 18)
iDefense Security Advisory 04.03.07: Multiple Vendor Kerberos kadmind Buffer Overflow Vulnerability iDefense Labs (Apr 03)
iDefense Security Advisory 04.04.07: ESRI ArcSDE Buffer Overflow Vulnerability iDefense Labs (Apr 05)
iDefense Security Advisory 04.03.07: Multiple Vendor X Server fonts.dir File Parsing Integer Overflow Vulnerability iDefense Labs (Apr 04)
iDefense Security Advisory 04.02.07: Hewlett-Packard Mercury Quality Center ActiveX Control ProgColor Buffer Overflow Vulnerability iDefense Labs (Apr 02)
iDefense Security Advisory 04.16.07: Akamai Download Manager ActiveX Stack Buffer Overflow Vulnerability iDefense Labs (Apr 17)
iDefense Security Advisory 03.31.07: Multiple Vendor ImageMagick DCM and XWD Buffer Overflow Vulnerabilities iDefense Labs (Apr 02)
iDefense Security Advisory 04.04.07: Kaspersky AntiVirus SysInfo ActiveX Control Information Disclosure Vulnerability iDefense Labs (Apr 05)
iDefense Security Advisory 04.17.07: McAfee E-Business Admin Server Invalid Data Length DoS Vulnerability iDefense Labs (Apr 18)
iDefense Security Advisory 04.03.07: Microsoft Windows WMF Triggerable Kernel Design Error DoS Vulnerability iDefense Labs (Apr 03)
iDefense Security Advisory 04.26.07: Symantec Norton Ghost 10 Service Manager Buffer Overflow Vulnerability iDefense Labs (Apr 27)
iDefense Security Advisory 04.09.07: AOL AIM and ICQ File Transfer Path-Traversal Vulnerability iDefense Labs (Apr 09)
iDefense Security Advisory 04.03.07: Multiple Vendor X Server BDF Font Parsing Integer Overflow Vulnerability iDefense Labs (Apr 04)
iDefense Security Advisory 04.26.07: Symantec Norton Ghost 10 Recovery Points Insecure Password Storage Vulnerability iDefense Labs (Apr 27)
ijoo . keren
Re: Sphider Version 1.2.x (include_dir) file include ijoo . keren (Apr 30)
ilkerkandemir
EsForum <= 3.0 SQL Injection Vulnerability ilkerkandemir (Apr 23)
E-Annu (home.php) Remote SQL Injection Vulnerability ilkerkandemir (Apr 30)
Seir Anphin (file.php a[filepath]) Remote File Disclosure Vulnerability ilkerkandemir (Apr 28)
info
blogsystem 1.4 >> local & remote = -rfi & lfi & -xss info (Apr 25)
Re: bloofoxCMS 0.2.2 Remote File Include Vulnerabilitiy info (Apr 17)
CfP Hack.lu 2007 info (Apr 19)
sunshop v4 >> RFI info (Apr 25)
infocus
INFIGO-2007-04-05: Enterprise Security Analyzer server remote buffer overflows infocus (Apr 12)
InyeXion
bibtex mase Remote File Inclusion InyeXion (Apr 23)
Post Revolution Remote File Inclusion InyeXion (Apr 23)
File117 Remote File Inclusion InyeXion (Apr 23)
lms 1.5.3 Remote File Inclusion InyeXion (Apr 23)
Irene Abezgauz
Security Advisory: CA CleverPath SQL Injection Irene Abezgauz (Apr 24)
irvian_yoe
Pixaria Gallery 1.0 (class.Smarty.php) Remote File Include Vulnerability irvian_yoe (Apr 16)
Ivan Fratric
Several Windows image viewers vulnerabilities Ivan Fratric (Apr 04)
PHP <= 5.2.1 wbmp file handling integer overflow Ivan Fratric (Apr 07)
Jamie Riden
Re: Critical phpwiki c99shell exploit Jamie Riden (Apr 12)
Re: [Full-disclosure] A Botted Fortune 500 a Day Jamie Riden (Apr 17)
Re: [Full-disclosure] A Botted Fortune 500 a Day Jamie Riden (Apr 17)
Re: GHH Portal 1.1 (passwd.txt) Remote Password Disclosure Vulnerability Jamie Riden (Apr 30)
jamikazu
Windows XP/Vista (.ANI) Remote Exploit (bypass eeye patch) jamikazu (Apr 02)
Jason Frisvold
Re: More information on ZERT patch for ANI 0day Jason Frisvold (Apr 04)
Re: More information on ZERT patch for ANI 0day Jason Frisvold (Apr 04)
jasus
Re: Maplab <= 2.2.1 (gszAppPath) Remote File Inclusion Vulnerability jasus (Apr 02)
jd2k2000
E107 - (v0.7.8) Access Escalation Vulnerbility - PoC jd2k2000 (Apr 12)
Chatness <= 2.5.3 - Arbitrary Code Execution jd2k2000 (Apr 12)
LS simple guestbook - arbitrary code execution jd2k2000 (Apr 16)
ShoutPro 1.5.2 - arbitrary code execution jd2k2000 (Apr 17)
Jeremy Epstein
webMethods Security Advisory: Glue console directory traversal vu lnerability Jeremy Epstein (Apr 17)
Jim Hoagland
Re: Nine Vista CVEs, including Microsoft inaccurate Teredo use case documentation Jim Hoagland (Apr 06)
Nine Vista CVEs, including Microsoft inaccurate Teredo use case documentation Jim Hoagland (Apr 03)
john
QuizShock 1.6.1 - Cross-Site Scripting Vulnerability john (Apr 09)
CodeBreak (codebreak.php process_method) - Remote File Inclusion Vulnerability john (Apr 11)
DeskPRO v2.0.1 - Cross-Site Scripting Vulnerability john (Apr 09)
NuclearBB Alpha 1 - Multiple Blind SQL/XPath Injection Vulnerabilities john (Apr 18)
UBB.threads (<= 6.1.1) SQL Injection Vulnerability john (Apr 09)
Ripe Website Manager (<= 0.8.4) - SQL Injection Vulnerability and Cross-Site Scripting Exploit john (Apr 23)
phpMySpace Gold (v8.10) - Blind SQL/XPath Injection Exploit john (Apr 23)
jonny
Aircrack-ng (airodump-ng) remote buffer overflow vulnerability jonny (Apr 12)
Jon Oberheide
Cosign SSO Authentication Bypass Jon Oberheide (Apr 11)
J. Oquendo
Internet Explorer Crash J. Oquendo (Apr 17)
k4rtal
Scorp Book <== v1.0 (smilies.php) Remote File Include Exploit k4rtal (Apr 09)
Maian Search v1.1 k4rtal (Apr 14)
MySpeach v1.9 k4rtal (Apr 14)
Maian Weblog v3.1 k4rtal (Apr 14)
B2evolution 1.6 RFi k4rtal (Apr 14)
Maian Gallery v1.0 k4rtal (Apr 14)
phpMyChat-0.14.5 k4rtal (Apr 14)
Flip-search-add-on 2.0 k4rtal (Apr 14)
Kanedaaa Bohater
DirectAdmin persistant XSS [takeover an Administrator`s account] Kanedaaa Bohater (Apr 02)
Kees Cook
[USN-449-1] krb5 vulnerabilities Kees Cook (Apr 04)
[USN-452-1] KDE library vulnerability Kees Cook (Apr 12)
[USN-453-1] X.org vulnerability Kees Cook (Apr 19)
[USN-450-1] ipsec-tools vulnerability Kees Cook (Apr 10)
[USN-451-1] Linux kernel vulnerabilities Kees Cook (Apr 11)
[USN-448-1] X.org vulnerabilities Kees Cook (Apr 04)
Kevin Finisterre (lists)
Re: Mybb Hot Editor Plugin Local File Inclusion Kevin Finisterre (lists) (Apr 09)
Re: Internet Explorer Crash Kevin Finisterre (lists) (Apr 19)
Kevin P. Fleming
ASA-2007-010: Two stack buffer overflows in SIP channel's T.38 SDP parsing code Kevin P. Fleming (Apr 25)
ASA-2007-011: Multiple problems in SIP channel parser handling response codes Kevin P. Fleming (Apr 25)
ASA-2007-012: Remote Crash Vulnerability in Manager Interface Kevin P. Fleming (Apr 25)
Layer One
LayerOne 2007 - Speaker Line up Announced Layer One (Apr 06)
legolas558
Re: Drake CMS v0.3.2 < = RFi Vulnerabilities legolas558 (Apr 02)
liz0
Re: Re: Mybb Hot Editor Plugin Local File Inclusion liz0 (Apr 09)
Mybb Hot Editor Plugin Local File Inclusion liz0 (Apr 09)
Hot Editor v4.0 Local File Inclusion liz0 (Apr 09)
Lostmon
Re: sitex multiple vulnerabilities Lostmon (Apr 16)
Request It : Song Request System 1.0b - remote file inclusion mail (Apr 09)
Makoto Shiotsuki
Re: Windows DNS Cache Poisoning by Forwarder DNS Spoofing Makoto Shiotsuki (Apr 17)
Windows DNS Cache Poisoning by Forwarder DNS Spoofing Makoto Shiotsuki (Apr 16)
Re: Windows DNS Cache Poisoning by Forwarder DNS Spoofing Makoto Shiotsuki (Apr 18)
Marco Ivaldi
Re: Denial of Service Vulnerabilities in TrueCrypt 4.3 Linux (re. bid 23180) Marco Ivaldi (Apr 04)
Mariano Nuñez Di Croce
CYBSEC Release: SAP Security - Paper & Tool release Mariano Nuñez Di Croce (Apr 04)
Martin Pitt
[USN-453-2] rdesktop regression Martin Pitt (Apr 26)
[USN-455-1] PHP vulnerabilities Martin Pitt (Apr 27)
[USN-454-1] PostgreSQL vulnerability Martin Pitt (Apr 27)
Matousec - Transparent security Research
ZoneAlarm Multiple insufficient argument validation of hooked SSDT function Vulnerability Matousec - Transparent security Research (Apr 16)
Norton Multiple insufficient argument validation of hooked SSDT function Vulnerability Matousec - Transparent security Research (Apr 02)
Matteo Beccati
[OPENADS-SA-2007-004] Max Media Manager v0.1.29-rc and v0.3.31-alpha-pr2 vulnerability fixed Matteo Beccati (Apr 13)
[OPENADS-SA-2007-003] Openads 2.0.11 vulnerability fixed Matteo Beccati (Apr 13)
Matthew Dixon Cowles
Re: Windows DNS Cache Poisoning by Forwarder DNS Spoofing Matthew Dixon Cowles (Apr 18)
Matthew Murphy
Re: [Full-disclosure] More information on ZERT patch for ANI 0day Matthew Murphy (Apr 03)
Matthias Geerdsen
[ GLSA 200704-08 ] DokuWiki: Cross-site scripting vulnerability Matthias Geerdsen (Apr 12)
[ GLSA 200704-11 ] Vixie Cron: Denial of Service Matthias Geerdsen (Apr 16)
[ GLSA 200704-21 ] ClamAV: Multiple vulnerabilities Matthias Geerdsen (Apr 24)
[ GLSA 200704-10 ] Inkscape: Two format string vulnerabilities Matthias Geerdsen (Apr 16)
mballano
Microsoft DNS Server Remote Code execution: Analysis and exploit mballano (Apr 16)
meftun
Mambo/Joomla Component New Article Component RFI meftun (Apr 17)
VCDGear <= 3.56 Build 050213 (FILE) Local Code Execution Exploit meftun (Apr 14)
Michal Bucko
Multiple Ask IE Toolbar denial of service vulnerabilities Michal Bucko (Apr 17)
Netsprint Toolbar 1.1 arbitrary remote code vulnerability Michal Bucko (Apr 17)
RaidenFTPd IXceedCompression multiple denial of service vulnerabilities Michal Bucko (Apr 19)
WS_FTP Home 2007 NetscapeFTPHandler denial of service Michal Bucko (Apr 21)
Michal Majchrowicz
Cross Domain XMLHttpRequest Michal Majchrowicz (Apr 17)
Mozilla Firefox Insecure Element Stealth Injection Vulnerability Michal Majchrowicz (Apr 04)
Michal Zalewski
Re: Netsprint Toolbar 1.1 arbitrary remote code vulnerability Michal Zalewski (Apr 17)
mike20061005
3Com's TippingPoint Denial of Service mike20061005 (Apr 24)
Mike Ely
Re: Internet Explorer Crash Mike Ely (Apr 18)
Mohandko
PHPMyBibli <= Multiple Remote File Include Mohandko (Apr 23)
c-arbre <= Multiple Remote File Include Vulnerablitiy Mohandko (Apr 23)
claroline <= Multiple Remote File Include Vulnerablitiy Mohandko (Apr 23)
acvsws_php5_v1.0 <= Multiple Remote File Include Vulnerablitiy Mohandko (Apr 23)
Moritz Muehlenhoff
[SECURITY] [DSA 1276-1] New krb5 packages fix several vulnerabilities Moritz Muehlenhoff (Apr 03)
[SECURITY] [DSA 1282-1] New php4 packages fix several vulnerabilities Moritz Muehlenhoff (Apr 26)
[SECURITY] [DSA 1281-1] New clamav packages fix several vulnerabilities Moritz Muehlenhoff (Apr 25)
[SECURITY] [DSA 1283-1] New php5 packages fix several vulnerabilities Moritz Muehlenhoff (Apr 30)
[SECURITY] [DSA 1280-1] New aircrack-ng packages fix arbitrary code execution Moritz Muehlenhoff (Apr 24)
[SECURITY] [DSA 1279-1] New webcalendar packages fix cross-site scripting Moritz Muehlenhoff (Apr 23)
mufti . rizal
Maplab <= 2.2.1 (gszAppPath) Remote File Inclusion Vulnerability mufti . rizal (Apr 02)
nexus
SineCMS nexus (Apr 26)
NGSSoftware Insight Security Research
High Risk Vulnerability in OpenOffice NGSSoftware Insight Security Research (Apr 04)
Nick Boyce
Re: Yet another SQL injection framework Nick Boyce (Apr 20)
Nick FitzGerald
Re: [Full-disclosure] A Botted Fortune 500 a Day Nick FitzGerald (Apr 18)
Noah Meyerhans
[SECURITY] [DSA 1277-1] New XMMS packages fix arbitrary code execution Noah Meyerhans (Apr 04)
[SECURITY] [DSA 1275-1] New zope2.7 packages fix cross-site scripting flaw Noah Meyerhans (Apr 03)
[SECURITY] [DSA 1278-1] New man-db packages fix arbitrary code execution Noah Meyerhans (Apr 06)
[SECURITY] [DSA 1274-1] New file packages fix arbitrary code execution Noah Meyerhans (Apr 02)
no-mail
Re: Linksys WAG200G - Information disclosure no-mail (Apr 18)
Oliver Friedrichs
RE: Re[2]: Windows DNS Cache Poisoning by Forwarder DNS Spoofing Oliver Friedrichs (Apr 19)
Omid
Remote file inclusion in Joomla 1.5.0 Beta Omid (Apr 23)
omnipresent
pL-PHP beta 0.9 - Multiple Vulnerabilities omnipresent (Apr 11)
turbolence core 0.0.1 alpha Remote File Inclusion omnipresent (Apr 21)
YA Book 0.98 Persistent XSS omnipresent (Apr 24)
otto
Re: WordPress v2.1.3 >> remote file include~ otto (Apr 26)
Patrick Webster
webMethods Glue Management Console Directory Traversal Patrick Webster (Apr 11)
Paul Laudanski
Re: PHP Nuke <= 8.0.0.3.3b SQL Injections and Bypass SQL Injection Protection vulnerabilities Paul Laudanski (Apr 18)
Pavel Kankovsky
Re: Denial of Service Vulnerabilities in TrueCrypt 4.3 Linux (re. bid 23180) Pavel Kankovsky (Apr 02)
pdp (architect)
Firefox extensions go Evil - Critical Vulnerabilities in Firefox/Firebug pdp (architect) (Apr 04)
Persistent CSRF and The Hotlink Hell pdp (architect) (Apr 16)
Piotr Bania
AOL Nullsoft Winamp IT Module "IN_MOD.DLL" Remote Heap Memory Corruption Piotr Bania (Apr 06)
AOL Nullsoft Winamp S3M Module "IN_MOD.DLL" Remote Heap Memory Corruption Piotr Bania (Apr 06)
AOL Nullsoft Winamp LIBSNDFILE.DLL Remote Memory Corruption (Off By Zero) Piotr Bania (Apr 06)
Praburaajan
Reminder: HITBSecConf2007 - Malaysia: Call for Papers closing in 2 weeks Praburaajan (Apr 18)
programmer
NukeSentinel Bypass SQL Injection & Nuke Evolution <= 2.0.3 SQL Injections programmer (Apr 18)
PHP Nuke <= 8.0.0.3.3b SQL Injections and Bypass SQL Injection Protection vulnerabilities programmer (Apr 17)
r00t-balance
Gazi Okul Sitesi 2007(tr)(fotokategori.asp) Remote SQL Injection r00t-balance (Apr 04)
RaeD
Remot File Include download_engine_V1.4.3 RaeD (Apr 17)
Remot File Include In phpexplorator_2_0 RaeD (Apr 04)
Remote File Include In Script stat12 RaeD (Apr 03)
Remot File Include In Script Lore v1 RaeD (Apr 09)
Remot File Include In Script phphd_downloads RaeD (Apr 17)
Take Control In Script Jeebles Directory RaeD (Apr 09)
Raphael Marichez
[ GLSA 200703-28 ] CUPS: Denial of Service Raphael Marichez (Apr 02)
[ GLSA 200703-27 ] Squid: Denial of Service Raphael Marichez (Apr 02)
[ GLSA 200704-23 ] capi4k-utils: Buffer overflow Raphael Marichez (Apr 27)
[ GLSA 200704-12 ] OpenOffice.org: Multiple vulnerabilities Raphael Marichez (Apr 16)
[ GLSA 200704-20 ] NAS: Multiple vulnerabilities Raphael Marichez (Apr 23)
[ GLSA 200704-19 ] Blender: User-assisted remote execution of arbitrary code Raphael Marichez (Apr 23)
[ GLSA 200704-16 ] Aircrack-ng: Remote execution of arbitrary code Raphael Marichez (Apr 23)
[ GLSA 200704-14 ] FreeRADIUS: Denial of Service Raphael Marichez (Apr 18)
[ GLSA 200704-05 ] zziplib: Buffer Overflow Raphael Marichez (Apr 04)
[ GLSA 200704-03 ] OpenAFS: Privilege escalation Raphael Marichez (Apr 04)
[ GLSA 200704-06 ] Evince: Stack overflow in included gv code Raphael Marichez (Apr 07)
[ GLSA 200704-07 ] libwpd: Multiple vulnerabilities Raphael Marichez (Apr 07)
[ GLSA 200704-17 ] 3proxy: Buffer overflow Raphael Marichez (Apr 23)
[ GLSA 200704-13 ] File: Denial of Service Raphael Marichez (Apr 18)
[ GLSA 200704-22 ] BEAST: Denial of Service Raphael Marichez (Apr 27)
[ GLSA 200704-15 ] MadWifi: Multiple vulnerabilities Raphael Marichez (Apr 18)
[ GLSA 200704-09 ] xine-lib: Heap-based buffer overflow Raphael Marichez (Apr 16)
[ GLSA 200704-18 ] Courier-IMAP: Remote execution of arbitrary code Raphael Marichez (Apr 23)
rashbi
Re: ZDI-07-020: BMC Performance Manager SNMP Command Execution Vulnerability rashbi (Apr 19)
rd
[CFP] VNSECON 07 - Call for Papers / HCMC - August 03-04, 2007 rd (Apr 02)
research
SYMSA-2007-003 Macrovision InstallAnywhere Password and Serial Number Bypass research (Apr 17)
Microsoft .NET request filtering bypass vulnerability (BID 20753) research (Apr 05)
Reversemode
[Reversemode advisory] CheckPoint Zonelabs - ZoneAlarm SRESCAN driver local privilege escalation Reversemode (Apr 23)
rjmjr69
Re: vbulletin admincp sql injection rjmjr69 (Apr 10)
rko . thelegendkiller
phpContact Multiple Remote File Inclusion Vulnerabilities rko . thelegendkiller (Apr 06)
livor 2.5 Cross-Site Scripting Vulnerability rko . thelegendkiller (Apr 06)
Rob Bartlett
Re: Internet Explorer Crash Rob Bartlett (Apr 18)
Roger A. Grimes
RE: Windows DNS Cache Poisoning by Forwarder DNS Spoofing Roger A. Grimes (Apr 17)
RE: Windows DNS Cache Poisoning by Forwarder DNS Spoofing Roger A. Grimes (Apr 18)
RE: Windows DNS Cache Poisoning by Forwarder DNS Spoofing Roger A. Grimes (Apr 17)
RE: Re[2]: Windows DNS Cache Poisoning by Forwarder DNS Spoofing Roger A. Grimes (Apr 18)
rPath Update Announcements
rPSA-2007-0071-1 kernel rPath Update Announcements (Apr 16)
rPSA-2007-0065-1 freetype xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs rPath Update Announcements (Apr 04)
rPSA-2007-0081-1 postgresql postgresql-server rPath Update Announcements (Apr 24)
rPSA-2007-0074-1 dovecot rPath Update Announcements (Apr 18)
rPSA-2007-0064-1 ImageMagick rPath Update Announcements (Apr 04)
rPSA-2007-0067-1 nas rPath Update Announcements (Apr 04)
rPSA-2007-0066-1 kdelibs qt-x11-free rPath Update Announcements (Apr 04)
rPSA-2007-0072-1 lighttpd rPath Update Announcements (Apr 18)
rPSA-2007-0063-1 krb5 krb5-server krb5-services krb5-test krb5-workstation rPath Update Announcements (Apr 04)
rPSA-2007-0070-1 openoffice.org rPath Update Announcements (Apr 09)
rPSA-2007-0073-1 php php-mysql php-pgsql rPath Update Announcements (Apr 18)
rPSA-2007-0062-1 firefox rPath Update Announcements (Apr 04)
rurban
Critical phpwiki c99shell exploit rurban (Apr 12)
Ryan Barnett
Re: [WEB SECURITY] Persistent CSRF and The Hotlink Hell Ryan Barnett (Apr 17)
Ryan Neufeld
RE: Critical phpwiki c99shell exploit Ryan Neufeld (Apr 12)
s433d_only_linux
modbuild >> 4.1 Remote File Inclusion s433d_only_linux (Apr 26)
Remote File Inclusion s433d_only_linux (Apr 25)
gallery >> 1.5.6 Remote File Inclusion s433d_only_linux (Apr 24)
dcp-portal v611 >> RFi s433d_only_linux (Apr 24)
VirtuaNews.Pro.v1.0.3.Retail.+All.Plugins Remote file Include s433d_only_linux (Apr 25)
WordPress v2.1.3 >> remote file include~ s433d_only_linux (Apr 25)
sapheal
Re: WS_FTP Home 2007 NetscapeFTPHandler denial of service sapheal (Apr 23)
scott-REMOVE
Re: Vbulletin 3.6.5 Sql Injection ! [misc.php] scott-REMOVE (Apr 14)
Secunia Research
Secunia Research: Microsoft Agent URL Parsing Memory Corruption Vulnerability Secunia Research (Apr 10)
Secure
Re: 3Com's TippingPoint Denial of Service Secure (Apr 25)
security
n.runs-SA-2007.007 - Sun Solaris 10 - Format string vulnerability security (Apr 17)
[ MDKSA-2007:076 ] - Updated kdelibs packages to address UTF8 issue in KJS security (Apr 04)
[ MDKSA-2007:092 ] - Updated freeradius packages fix vulnerability security (Apr 23)
FullyModdedphpBB2 Remote File Inclusion security (Apr 18)
[ MDKSA-2007:089 ] - Updated php packages fix multiple vulnerabilities security (Apr 19)
[ MDKSA-2007:081 ] - Updated freetype2 packages fix vulnerability security (Apr 05)
[ MDKSA-2007:088 ] - Updated php packages fix multiple vulnerabilities security (Apr 19)
IPB (Invision Power Board) Full Path Disclusure security (Apr 19)
[ MDKSA-2007:080 ] - Updated tightvnc packages fix integer overflow vulnerabilities security (Apr 05)
[ MDKSA-2007:081-1 ] - Updated freetype2 packages fix vulnerability security (Apr 10)
[ MDKSA-2007:080-1 ] - Updated tightvnc packages fix integer overflow vulnerabilities security (Apr 11)
EclipseBB Remote File Inclusion security (Apr 18)
[ MDKSA-2007:082 ] - Updated madwifi-source, wpa_supplicant packages fix vulnerabilities security (Apr 11)
[ MDKSA-2007:084 ] - Updated ipsec-tools packages fix DoS vulnerability security (Apr 16)
[ MDKSA-2007:090 ] - Updated php packages fix multiple vulnerabilities security (Apr 19)
[ MDKSA-2007:075 ] - Updated qt4 packages to address utf8 decoder bug security (Apr 04)
[ MDKSA-2007:077-1 ] - Updated krb5 packages fix vulnerabilities security (Apr 10)
[ MDKSA-2007:074 ] - Updated qt3 packages to address utf8 decoder bug security (Apr 04)
[ MDKSA-2007:086 ] - Updated cups packages fix DoS vulnerability security (Apr 16)
[ MDKSA-2007:075-1 ] - Updated qt4 packages to address utf8 decoder bug security (Apr 11)
[ MDKSA-2007:079-1 ] - Updated xorg-x11/XFree86 packages fix integer overflow vulnerabilities security (Apr 11)
[ MDKSA-2007:083 ] - Updated apache-mod_perl packages fix DoS vulnerability security (Apr 11)
[ MDKSA-2007:093 ] - Updated zziplib packages fix vulnerability security (Apr 23)
[ MDKSA-2007:091 ] - Updated sqlite packages fix vulnerability security (Apr 19)
MediaBeez Sql query Execution .. Wear isn't ?? :) security (Apr 18)
[ MDKSA-2007:085 ] - Updated freeradius packages fix DoS vulnerability security (Apr 16)
[ MDKSA-2007:077 ] - Updated krb5 packages fix vulnerabilities security (Apr 04)
[ MDKSA-2007:087 ] - Updated php packages fix multiple vulnerabilities security (Apr 19)
DmCMS Shell Uploading security (Apr 23)
[ MDKSA-2007:079 ] - Updated xorg-x11/XFree86 packages fix integer overflow vulnerabilities security (Apr 05)
[ MDKSA-2007:078 ] - Updated kernel packages fix multiple vulnerabilities and bugs security (Apr 04)
[ MDKSA-2007:094 ] - Updated postgresql packages fix vulnerability security (Apr 26)
Extreme PHPBB2 Remote File Inclusion security (Apr 18)
security-alert
HPSBUX02205 SSRT061120 rev.1 - HP-UX Running ARPA Transport, Local Denial of Service (DoS) security-alert (Apr 12)
[security bulletin] HPSBMA02198 SSRT061177 rev.1 - HP OpenView Network Node Manager (OV NNM) Remote Unauthorized Access security-alert (Apr 02)
[security bulletin] HPSBUX02203 SSRT071339 rev.1 - HP-UX Running Portable File System (PFS), Remote Increase in Privilege security-alert (Apr 12)
[security bulletin] HPSBMA02133 SSRT061201 rev.4 - HP Oracle for OpenView (OfO) Critical Patch Update security-alert (Apr 19)
[security bulletin] HPSBST02208 SSRT071365 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS07-018 to MS07-022 security-alert (Apr 19)
[security bulletin] HPSBST02206 SSRT071354 rev.2 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS07-017 security-alert (Apr 18)
[security bulletin] HPSBST02206 SSRT071354 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS07-014 security-alert (Apr 12)
[security bulletin] HPSBTU02207 SSRT061213, SSRT061239, SSRT071304 rev.1 - HP Tru64 UNIX SSL and BIND Remote Arbitrary Code Execution or Denial of Service (DoS) security-alert (Apr 17)
[security bulletin] HPSBUX02183 SSRT061243 rev.1 - HP-UX sendmail, Remote Denial of Service (DoS) security-alert (Apr 23)
[security bulletin] HPSBST02200 SSRT071330 rev.1 - HP StorageWorks Command View Advanced Edition for XP, Local Unauthorized Access security-alert (Apr 24)
[security bulletin] HPSBUX02204 SSRT071341 rev.1 - HP-UX Running CIFS Server (Samba), Remote Denial of Service (DoS) security-alert (Apr 05)
[security bulletin] HPSBGN02199 SSRT071312 rev.1 - Mercury Quality Center ActiveX, Remote Unauthorized Arbitrary Code Execution security-alert (Apr 12)
[security bulletin] HPSBUX01137 SSRT5954 rev.9 - HP-UX Running TCP/IP (IPv4), Remote Denial of Service (DoS) security-alert (Apr 12)
[security bulletin] HPSBMA02197 SSRT061285 rev.1 - HP-UX Running HP Power Manager Remote Agent (RA), Local Execution of Arbitrary Code with Root Privileges security-alert (Apr 30)
Securityaudit
[MajorSecurity Advisory #42]webblizzard CMS - Cross Site Scripting and Session fixation Issues Securityaudit (Apr 07)
[MajorSecurity Advisory #41]onelook courts online - Session fixation Issue Securityaudit (Apr 06)
[MajorSecurity Advisory #40]onelook oboShop - Session fixation Issue Securityaudit (Apr 06)
[MajorSecurity Advisory #39]onelook onebyone CMS - Session fixation Issue Securityaudit (Apr 06)
[MajorSecurity Advisory #38]eXV2 CMS - Session fixation and Cross-Site-Scripting Issues Securityaudit (Apr 04)
[MajorSecurity Advisory #37]HolaCMS - Cross Site Scripting Issue SecurityAudit (Apr 03)
securityresearch
UseBB Version 1.0.4 Path Disclosure Vulnerability securityresearch (Apr 20)
seko
Eba News Version : v1.1 <= (webpages.php) Remote File Include // starhack.org seko (Apr 20)
Vbulletin 3.6.5 Sql Injection ! [misc.php] seko (Apr 13)
PhpOpenChat <= 3.0.1 (poc.php) Multiple Remote File Include Vulnerabilities seko (Apr 10)
Big Blue Guestbook HTML Injection Vulnerabilities seko (Apr 23)
Top Auction 1.0 (viewcat.php) Remote Blind SQL Injection // starhack.org seko (Apr 21)
ActionPoll Script (actionpoll.php) Remote File Include // starhack.org seko (Apr 16)
Ivan Gallery Script V.0.1 (index.php) Remote File Include Exploit seko (Apr 16)
Shiva Persaud
Re: AIX 4.3 lsmcode local root command execution Shiva Persaud (Apr 02)
simone colombo
Re: Internet Explorer Crash simone colombo (Apr 19)
Simon Smith
Re: [Full-disclosure] A Botted Fortune 500 a Day Simon Smith (Apr 17)
Simple Nomad
Re: 3Com's TippingPoint Denial of Service Simple Nomad (Apr 24)
Simson Garfinkel
please retract CVE-2007-2056 "Time-of-Check-Time-of-Use File Race in AFFLIB" Simson Garfinkel (Apr 30)
Stefan Kelm
Re: More information on ZERT patch for ANI 0day Stefan Kelm (Apr 03)
Stefano Di Paola
IE 7 and Firefox Browsers Digest Authentication Request Splitting Stefano Di Paola (Apr 25)
Stefano Zanero
CFP: 3rd European Conference on Computer Network Defense (EC2ND) Stefano Zanero (Apr 25)
Steven Adair
Re: [Full-disclosure] A Botted Fortune 500 a Day Steven Adair (Apr 17)
Re: [Full-disclosure] A Botted Fortune 500 a Day Steven Adair (Apr 17)
Steven M. Christey
Re: 3Com's TippingPoint Denial of Service Steven M. Christey (Apr 25)
str0ke
Re: Top Auction 1.0 (viewcat.php) Remote Blind SQL Injection // starhack.org str0ke (Apr 21)
Re: VCDGear <= 3.56 Build 050213 (FILE) Local Code Execution Exploit str0ke (Apr 16)
Re: Maplab <= 2.2.1 (gszAppPath) Remote File Inclusion Vulnerability str0ke (Apr 02)
stuart_smith
Re: phpMyChat-0.14.5 stuart_smith (Apr 16)
Sune Kloppenborg Jeppesen
[ GLSA 200704-01 ] Asterisk: Two SIP Denial of Service vulnerabilities Sune Kloppenborg Jeppesen (Apr 02)
[ GLSA 200704-02 ] MIT Kerberos 5: Arbitrary remote code execution Sune Kloppenborg Jeppesen (Apr 03)
support
Re: Maian Gallery v1.0 support (Apr 16)
Re: Steganos Encrypted Safe NOT so safe support (Apr 26)
Re: Maian Search v1.1 support (Apr 16)
Re: Chicken of the VNC 2.0 remote DoS support (Apr 26)
suresync
Flaw in about.r OS and Progress version disclosure suresync (Apr 30)
Progress Webspeed exploit for all releases suresync (Apr 24)
Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]
Re: More information on ZERT patch for ANI 0day Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] (Apr 03)
Re: More information on ZERT patch for ANI 0day Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] (Apr 04)
Taneli Leppä
Re: Critical phpwiki c99shell exploit Taneli Leppä (Apr 16)
Team SHATTER
Oracle Database Buffer overflow vulnerabilities in package DBMS_SNAP_INTERNAL Team SHATTER (Apr 18)
the_3dit0r
phpMyAdmin 2.6.1 Local Cross Site Scripting the_3dit0r (Apr 09)
MobilePublisherphp v1.1.2 Remote File Include Vulnerabilities the_3dit0r (Apr 14)
phpwebnews v.1 Multiple Cross Site Scripting Vulnerabilites the_3dit0r (Apr 12)
bloofoxCMS 0.2.2 Cross Site Scripting the_3dit0r (Apr 14)
MyBlog: PHP and MySQL Blog/CMS software Remote File Include Vulnerabilitiy the_3dit0r (Apr 04)
TuMusika Evolution 1.6 Cross Site Scripting Vulnerabilitiy the_3dit0r (Apr 12)
phpechocms2 Remote File Include Vulnerabilities the_3dit0r (Apr 04)
phpechocms v.2 Cross-Site Scripting Vulnerabilitiy the_3dit0r (Apr 04)
lite-cms-0.2.1 Remote File Include Vulnerabilities the_3dit0r (Apr 04)
iXon_CMS 0.30 Remote File Include Vulnerabilities the_3dit0r (Apr 04)
Back-End CMS Database Tables v0.4.7 Remote File Include Vulnerabilities the_3dit0r (Apr 14)
witshare 0.9 Remote File Include Vulnerabilitiy the_3dit0r (Apr 07)
Monkey CMS v0.0.3 Remote File Include Vulnerabilitiy the_3dit0r (Apr 04)
Back-End CMS Database Tables v0.4.7 Cross Site Scripting the_3dit0r (Apr 14)
MyBlog: PHP and MySQL Blog/CMS software Cross-Site Scripting Vulnerabilitiy the_3dit0r (Apr 04)
FAC GuestBook v2.0 remote database disclosure vulnerability the_3dit0r (Apr 12)
my little weblog Cross Site Scripting the_3dit0r (Apr 17)
bloofoxCMS 0.2.2 Remote File Include Vulnerabilitiy the_3dit0r (Apr 14)
K-CMS v1.0 Remote File Include Vulnerabilities the_3dit0r (Apr 04)
Wabbit PHP Gallery v0.9 Cross Site Scripting the_3dit0r (Apr 17)
xodagallery Remote Code Execution Vulnerability the_3dit0r (Apr 09)
Gsylvain35 Portail Web Remote File Include Vulnerabilities the_3dit0r (Apr 09)
FloweRS v2.0 Cross Site Scripting the_3dit0r (Apr 14)
TJSChat Version 0.95 Cross Site Scripting the_3dit0r (Apr 23)
my little forum 1.7 Remote File Include Vulnerabilitiy the_3dit0r (Apr 17)
The Anarcat
Re: Internet Explorer Crash The Anarcat (Apr 17)
The Dark Tangent
DEF CON One Five CfP in effect! The Dark Tangent (Apr 10)
the . tiger100
Re: gallery >> 1.5.6 Remote File Inclusion the . tiger100 (Apr 24)
Thor (Hammer of God)
Re: Internet Explorer Crash Thor (Hammer of God) (Apr 18)
Re: Internet Explorer Crash Thor (Hammer of God) (Apr 17)
Thor Larholm
Re: Firefox extensions go Evil - Critical Vulnerabilities in Firefox/Firebug Thor Larholm (Apr 06)
Tim
Re: Windows DNS Cache Poisoning by Forwarder DNS Spoofing Tim (Apr 17)
Re: Windows DNS Cache Poisoning by Forwarder DNS Spoofing Tim (Apr 18)
Re: Windows DNS Cache Poisoning by Forwarder DNS Spoofing Tim (Apr 18)
Re: please retract CVE-2007-2056 "Time-of-Check-Time-of-Use File Race in AFFLIB" Tim (Apr 30)
Tim Newsham
Re: ImageProcessing ... Local (Denial of Service Exploit) Tim Newsham (Apr 24)
Tim Rupp
BlueArc Firmware 4.2.944b FTP bounce Tim Rupp (Apr 17)
Tom Gregory
Re: Internet Explorer Crash Tom Gregory (Apr 18)
Tom Yu
MITKRB5-SA-2007-002: KDC, kadmind stack overflow in krb5_klog_syslog [CVE-2007-0957] Tom Yu (Apr 03)
MITKRB5-SA-2007-001: telnetd allows login as arbitrary user [CVE-2007-0956] Tom Yu (Apr 03)
MITKRB5-SA-2007-003: double-free vulnerability in kadmind (via GSS-API library) [CVE-2007-1216] Tom Yu (Apr 03)
Trustix Security Advisor
TSLSA-2007-0013 - multi Trustix Security Advisor (Apr 20)
TSLSA-2007-0015 - postgresql Trustix Security Advisor (Apr 27)
TSRT
TSRT-07-04: LANDesk Management Suite Alert Service Stack Overflow Vulnerability TSRT (Apr 13)
TWOVB Team
TWOVB][ The Week Of Vista Bugs: the truth is out there TWOVB Team (Apr 03)
WOVB #01: Bypassing Vista Firewall, Flying over obstructive line TWOVB Team (Apr 02)
UniquE
Winamp <= (WMV) 5.3 Buffer Overflow DOS Exploit (0-DAY) UniquE (Apr 19)
Wserve HTTP Server 4.6 Version (Long Directory Name) Buffer Overflow - Denial Of Service UniquE (Apr 05)
v9
3proxy[v0.5.3g]: (linux/win32 service) remote buffer overflow exploits. v9 (Apr 30)
vaughan . montgomery
Re: Xoops All Version -Articles- Print.PHP (ID) Blind SQL Injection Exploit And PoC vaughan . montgomery (Apr 02)
Vladimir Dubrovin
3proxy 0.5.3i bugfix release Vladimir Dubrovin (Apr 23)
VMware Security team
VMSA-2007-0003 VMware ESX 3.0.1 and 3.0.0 server security updates VMware Security team (Apr 04)
VSR Advisories
AFFLIB(TM): Time-of-Check-Time-of-Use File Race VSR Advisories (Apr 27)
AFFLIB(TM): Multiple Buffer Overflows VSR Advisories (Apr 27)
AFFLIB(TM): Multiple Shell Metacharacter Injections VSR Advisories (Apr 27)
AFFLIB(TM): Multiple Format String Injections VSR Advisories (Apr 27)
Williams, James K
[CAID 35277]: CA CleverPath Portal SQL Injection Vulnerability Williams, James K (Apr 26)
[CAID 35198, 35276]: CA BrightStor ARCserve Backup Media Server Vulnerabilities Williams, James K (Apr 26)
z12xxa
phpGalleryScript 1.0 - File Inclusion Vulnerabilities z12xxa (Apr 10)
zdi-disclosures
ZDI-07-016: Oracle E-Business Suite Arbitrary Node Deletion Vulnerability zdi-disclosures (Apr 18)
ZDI-07-019: BMC Patrol PerformAgent bgs_sdservice Memory Corruption Vulnerability zdi-disclosures (Apr 18)
ZDI-07-017: Oracle E-Business Suite Arbitrary Document Download Vulnerability zdi-disclosures (Apr 18)
ZDI-07-012: Yahoo! Messenger AudioConf ActiveX Control Buffer Overflow zdi-disclosures (Apr 03)
ZDI-07-022: CA BrightStor ArcServe Media Server Multiple Buffer Overflow Vulnerabilities zdi-disclosures (Apr 24)
ZDI-07-013: Kaspersky AntiVirus Engine ARJ Archive Parsing Heap Overflow Vulnerability zdi-disclosures (Apr 06)
ZDI-07-014: Kaspersky Anti-Virus ActiveX Control Unsafe Method Exposure Vulnerablity zdi-disclosures (Apr 06)
ZDI-07-020: BMC Performance Manager SNMP Command Execution Vulnerability zdi-disclosures (Apr 18)
ZDI-07-021: GraceNote CDDBControl ActiveX Buffer Overflow Vulnerability zdi-disclosures (Apr 20)
ZDI-07-018: IBM Tivoli Monitoring Express Universal Agent Heap Overflow Vunlerability zdi-disclosures (Apr 18)
ZDI-07-015: Novell Groupwise WebAccess Base64 Decoding Stack Overflow Vulnerability zdi-disclosures (Apr 18)