Bugtraq: by author
RSS Feed
About List
All Lists
Previous period
704 messages
starting Jan 17 07 and
ending Jan 03 07
Date index |
Thread index |
Author index
3APA3A
Re: Windows logoff bug possible security vulnerability and exploit. 3APA3A (Jan 17)
Re: Ipswitch WS_FTP 2007 Professional "wsftpurl" access violation vulnerability 3APA3A (Jan 15)
Re: Multiple OS kernel insecure handling of stdio file descriptor 3APA3A (Jan 18)
Re: Windows NT Message Compiler 1.00.5239 arbitrary code execution 3APA3A (Jan 03)
Re: FreeRadius 1.1.3 SMB_Handle_Type SMB_Connect_Server arbitrary code execution 3APA3A (Jan 03)
3B.Security Researcher
Re: Cross-site Scripting with Local Privilege Vulnerability in Yahoo Messenger 3B.Security Researcher (Jan 29)
76693223
WinZip10.0 FileView ActiveX Controls CreateNewFolderFromName Method Buffer overflow 76693223 (Jan 01)
WinZip FileView ActiveX controls CreateNewFolderFromName Method Buffer Overflow Vulnerability 76693223 (Jan 01)
Adam Laurie
RFID open source library - RFIDIOt code release - version 0.1k Adam Laurie (Jan 08)
adexior
MDPro 1.0.76 - Multiple Remote Vulnerabilities adexior (Jan 29)
advisories
Computer Terrorism (UK) :: Incident Response Centre - Microsoft Outlook Vulnerability advisories (Jan 11)
LS-20061102 - Business Objects Crystal Reports XI Professional Stack Overflow Vulnerability advisories (Jan 04)
Corsaire Security Advisory: ChainKey Java Code Protection Bypass issue advisories (Jan 12)
LS-20061002 - Computer Associates BrightStor ARCserve Backup Remote Code Execution Vulnerability advisories (Jan 11)
Advisory
Openforum Remote password Disclosure Advisory (Jan 02)
rblog Database Download Vulnerability Advisory (Jan 01)
AspBB Remote Password Disclosure Advisory (Jan 02)
WineGlass "data.mdb" Remote Password Disclosure Advisory (Jan 03)
lblog Remote Password Disclosure Advisory (Jan 02)
BattleBlog Database Download Vulnerability Advisory (Jan 01)
ohhASP Remote Password Disclosure Advisory (Jan 06)
XMB "U2U Instant Messenger" Cross-Site Scripting Advisory (Jan 22)
Intranet Open Source Remote Password Disclosure "intranet.mdb" Advisory (Jan 05)
GuestBook v0.3a Remote Password Disclosure Advisory (Jan 03)
SMF "index.php?action=pm" Cross Site-Scripting Advisory (Jan 20)
[Aria-Security Team] MyBB Cross-Site Scripting Advisory (Jan 24)
WineGlass "data.mdb" Remote Password Disclosure Advisory (Jan 03)
advisory07
Virginity Security Advisory 2007-001 : T-Com Speedport 500V Login bypass advisory07 (Jan 19)
ahmed_labib_hilmy
CS-Cart 1.3.3 (install.php) Remote File Include Vulnerability ahmed_labib_hilmy (Jan 10)
Ahmed Sheipani
RE: Cross-site Scripting with Local Privilege Vulnerability in Yahoo Messenger Ahmed Sheipani (Jan 27)
ajannhwt
ASP EDGE <= V1.2b (user.asp) Remote SQL Injection Vulnerability ajannhwt (Jan 25)
FdScript <= v1.3.2 Remote File Disclosure Vulnerability ajannhwt (Jan 26)
ASP NEWS <= V3 (news_detail.asp) Remote SQL Injection Vulnerability ajannhwt (Jan 25)
GPS 1.2 Content Managing System (print.asp) Remote SQL Injection Vulnerability ajannhwt (Jan 25)
makit news/blog poster <=v3(news_page.asp) Remote SQL Injection Vulnerability ajannhwt (Jan 25)
uniForum <= v4 (wbsearch.aspx) Remote SQL Injection Vulnerability ajannhwt (Jan 25)
Alessandro Dellavedova
Re: [Full-disclosure] 0trace - traceroute on established connections Alessandro Dellavedova (Jan 09)
Alexander Klimov
Re: Defeating CAPTCHAs via Averaging Alexander Klimov (Jan 30)
Alexander Sotirov
WMF CreateBrushIndirect vulnerability (DoS) Alexander Sotirov (Jan 11)
Internet Explorer 7 ActiveX bgColor property NULL pointer dereference (DoS) Alexander Sotirov (Jan 29)
alexbove
Re: Re: SMF "index.php?action=pm" Cross Site-Scripting alexbove (Jan 22)
alfa
Re: xss in phpmyadmin <= 2.8.1 alfa (Jan 12)
xss in phpmyadmin <= 2.8.1 alfa (Jan 12)
Amit Klein
Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Amit Klein (Jan 08)
Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Amit Klein (Jan 08)
Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Amit Klein (Jan 03)
Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Amit Klein (Jan 03)
Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Amit Klein (Jan 03)
Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Amit Klein (Jan 08)
Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Amit Klein (Jan 08)
Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Amit Klein (Jan 08)
anon
high5 Review script Security Risk anon (Jan 25)
anonym
Re: ZixForum <= 1.14 (Zixforum.mdb) Remote Password Disclosure Vulnerability anonym (Jan 25)
Ansgar -59cobalt- Wiechers
Re: SAP Security Contact Ansgar -59cobalt- Wiechers (Jan 08)
Anurag Agarwal
xss filter to protect from xss attacks Anurag Agarwal (Jan 23)
Armin Hornung
Bluetooth DoS by obex push Armin Hornung (Jan 23)
ascii
Re: Universal XSS with PDF files: highly dangerous ascii (Jan 03)
asdfj38
IG Calendar SQL Injection asdfj38 (Jan 05)
IG Shop remote code execution asdfj38 (Jan 05)
A. Shaw
Re: Remove all admin->root authorization prompts from OSX A. Shaw (Jan 25)
b2wang
Re: Sun java System Messenger Express XSS b2wang (Jan 08)
Baptiste Malguy
Re: Remove all admin->root authorization prompts from OSX Baptiste Malguy (Jan 26)
Bart ....
Re: Windows logoff bug possible security vulnerability and exploit. Bart .... (Jan 23)
beks
EMembersPro 1.0 Remote Password Disclosure Vulnerability beks (Jan 08)
Uguestbook Remote Password Disclosure Vulnerability beks (Jan 08)
MitiSoft Remote Password Disclosure Vulnerability beks (Jan 08)
Webulas Remote Password Disclosure Vulnerability beks (Jan 08)
M-Core Remote Password Disclosure Vulnerability beks (Jan 08)
AJLogin v3.5 Remote Password Disclosure Vulnerability beks (Jan 08)
HarikaOnline v2.0 Remote Password Disclosure Vulnerability beks (Jan 08)
Toxiclab Shoutbox Password Disclosure Vulnerability beks (Jan 24)
Maxtricity Tagger Password Disclosure Vulnerability beks (Jan 24)
Ben Bucksch
Perforce client: security hole by design Ben Bucksch (Jan 04)
Re: Vendor guidelines regarding security contacts Ben Bucksch (Jan 12)
Re: Remove all admin->root authorization prompts from OSX Ben Bucksch (Jan 26)
Ben Wheeler
Re: slocate leaks filenames of protected directories Ben Wheeler (Jan 12)
Re: slocate leaks filenames of protected directories Ben Wheeler (Jan 11)
Bill Nash
Re: PHP as a secure language? PHP worms? [was: Re: new linux malware] Bill Nash (Jan 01)
Re: PHP as a secure language? PHP worms? [was: Re: new linux malware] Bill Nash (Jan 04)
Blue Boar
Re: [Full-disclosure] iDefense Q-1 2007 Challenge Blue Boar (Jan 17)
Re: [Full-disclosure] iDefense Q-1 2007 Challenge Blue Boar (Jan 16)
bmatheny
Re: Jax Petition Book (languagepack) Remote File Include Vulnerabilities bmatheny (Jan 15)
DoS against Telligent Community Server bmatheny (Jan 24)
Multiple Remote Vulnerabilities in Wordpress bmatheny (Jan 24)
Weaknesses in Pingback Design bmatheny (Jan 24)
bogdan
Re: SMS handling OpenSER remote code executing bogdan (Jan 04)
Re: OpenSER OSP Module remote code execution bogdan (Jan 04)
bounce
Re: AToZed Software Intraweb Component for Borland Delphi and Kylix DoS vulnerability bounce (Jan 25)
brian
Re: Phorum HTML Injection Vulnerability brian (Jan 29)
Brian Eaton
Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Brian Eaton (Jan 09)
bugtraq
Re: Circumventing CSFR Form Token Defense bugtraq (Jan 10)
Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous bugtraq (Jan 04)
Re: a cheesy Apache / IIS DoS vuln (+a question) bugtraq (Jan 10)
QASEC Announcement: Writing Software Security Test Cases bugtraq (Jan 08)
Announcement: The Cross-site Request Forgery FAQ bugtraq (Jan 16)
Re: [Full-disclosure] Web Honeynet Project: announcement, bugtraq (Jan 12)
Re (3): Circumventing CSFR Form Token Defense bugtraq (Jan 12)
Re: a cheesy Apache / IIS DoS vuln (+a question) bugtraq (Jan 08)
bzhbfzj3001
Fake: Open Conference Systems = 2.8.2 Remote File Inclusion bzhbfzj3001 (Jan 29)
Re: Fake: Open Conference Systems = 2.8.2 Remote File Inclusion bzhbfzj3001 (Jan 30)
C0r3 1mp4ct
Re: AToZed Software Intraweb Component for Borland Delphi and Kylix DoS vulnerability C0r3 1mp4ct (Jan 25)
AToZed Software Intraweb Component for Borland Delphi and Kylix DoS vulnerability C0r3 1mp4ct (Jan 23)
Calyptix Advisories
Calyptix Security Advisory CX-2007-001 - Snort 2.6.1.2 Integer Underflow Vulnerability Calyptix Advisories (Jan 11)
Carson Gaspar
Re: Multiple OS kernel insecure handling of stdio file descriptor Carson Gaspar (Jan 22)
Casey Marshall
Re: Atsphp 5.0.1 [Top Sites] [index.php] - Remote File Include Casey Marshall (Jan 31)
Chad Maron
Re: PHP as a secure language? PHP worms? [was: Re: new linux malware] Chad Maron (Jan 01)
chinese soup
Re: Windows NT Message Compiler 1.00.5239 arbitrary code execution chinese soup (Jan 03)
Chris Kelly
Re: Gallery <= 1.4.4-pl4 (phpbb_root_path) Remote File Include Vulnerability Chris Kelly (Jan 16)
Chris Travers
Arbitrary Code Execution in SQL-Ledger and LedgerSMB through redirects Chris Travers (Jan 29)
Full Disclosure: Arbitrary Code Execution in LedgerSMB CVE-2006-5872 Chris Travers (Jan 27)
Chris Wysopal
Re: Vendor guidelines regarding security contacts Chris Wysopal (Jan 10)
Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: DLSw Vulnerability Cisco Systems Product Security Incident Response Team (Jan 10)
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Clean Access Cisco Systems Product Security Incident Response Team (Jan 03)
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Secure Access Control Server Cisco Systems Product Security Incident Response Team (Jan 06)
Cisco Security Advisory: Cisco Unified Contact Center and IP Contact Center JTapi Gateway Vulnerability Cisco Systems Product Security Incident Response Team (Jan 10)
Cisco Security Advisory: SSL/TLS Certificate and SSH Public Key Validation Vulnerability Cisco Systems Product Security Incident Response Team (Jan 18)
Cisco Security Advisory: Crafted IP Option Vulnerability Cisco Systems Product Security Incident Response Team (Jan 24)
Cisco Security Advisory: SIP Packet Reloads IOS Devices Not Configured for SIP Cisco Systems Product Security Incident Response Team (Jan 31)
Cisco Security Advisory: Crafted TCP Packet Can Cause Denial of Service Cisco Systems Product Security Incident Response Team (Jan 24)
Cisco Security Advisory: IPv6 Routing Header Vulnerability Cisco Systems Product Security Incident Response Team (Jan 24)
Clay Seaman-Kossmeyer
Re: [Full-disclosure] S21sec-034-en: Cisco VTP DoS vulnerability Clay Seaman-Kossmeyer (Jan 30)
collin
DoS against AVM Fritz!Box 7050 (and others) collin (Jan 19)
Collin R. Mulliner
Re: PocketPC MMS - Remote Code Injection/Execution Vulnerability and Denial-of-Service Collin R. Mulliner (Jan 01)
coloss7
AIOCP Login Bypass Vulnerability coloss7 (Jan 12)
AIOCP SQL Injection Vulnerability coloss7 (Jan 12)
contributor
iDefense Q-1 2007 Challenge contributor (Jan 10)
corrado . liotta
[x0n3-h4ck] Siteman 2.0.x2 Remote Md5 Hash Disclosure Vulnerability corrado . liotta (Jan 25)
[x0n3-h4ck] SmE FileMailer 1.21 Remote Sql Injextion Exploit corrado . liotta (Jan 16)
[x0n3-h4ck] Siteman 1.1.11 Remote Md5 Hash Disclosure Vulnerability corrado . liotta (Jan 25)
[x0n3-h4ck] bitweaver 1.3.1 XSS Exploit corrado . liotta (Jan 22)
[x0n3-h4ck] myBloggie 2.1.5 XSS exploit corrado . liotta (Jan 17)
[x0n3-h4ck] sabros.us 1.7 XSS Exploit corrado . liotta (Jan 18)
Flog 1.1.2 Remote Admin Password Disclosure corrado . liotta (Jan 05)
Coseinc
COSEINC Alert: Microsoft Agent Heap Overflow Vulnerability Technical Details (Patched) Coseinc (Jan 30)
Crispin Cowan
Re: Perforce client: security hole by design Crispin Cowan (Jan 11)
CYBSEC Advisories
CYBSEC - Security Advisory: SAP Internet Graphics Service (IGS) Remote Buffer Overflow CYBSEC Advisories (Jan 18)
daftrix
Dailymotion password reset vulnerability daftrix (Jan 01)
Dana Hudes
Re: PHP as a secure language? PHP worms? [was: Re: new linux malware] Dana Hudes (Jan 01)
Re: PHP as a secure language? PHP worms? [was: Re: new linux malware] Dana Hudes (Jan 02)
Darren Bounds
Re: [Full-disclosure] Universal PDF XSS After Party(posible solution) Darren Bounds (Jan 04)
Darren Reed
Re: PHP as a secure language? PHP worms? [was: Re: new linux malware] Darren Reed (Jan 02)
Re: PHP as a secure language? PHP worms? [was: Re: new linux malware] Darren Reed (Jan 02)
Dave Ferguson
Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Dave Ferguson (Jan 03)
Dave Moore
Re: slocate leaks filenames of protected directories Dave Moore (Jan 12)
Dave "No, not that one" Korn
Re: A Major design Bug in Steganography 1.7.x, 1.8 (latest) (Updated Version) Dave "No, not that one" Korn (Jan 11)
Davide Del Vecchio
Re: Remedy Action Request System 5.01.02 - User Enumeration Davide Del Vecchio (Jan 16)
Remedy Action Request System 5.01.02 - User Enumeration Davide Del Vecchio (Jan 15)
David Litchfield
Re: [VulnWatch] High Risk Vulnerability in the OpenOffice and StarOffice Suites David Litchfield (Jan 04)
Oracle - Indirect Privilege Escalation and Defeating Virtual Private Databases David Litchfield (Jan 29)
Dennis Jackson
Re: slocate leaks filenames of protected directories Dennis Jackson (Jan 10)
dh
Layered Defense Research Advisory: BitDefender Client 8.02 Format String Vulnerability dh (Jan 19)
Dirk Mueller
[KDE Security Advisory] ksirc Denial of Service vulnerability Dirk Mueller (Jan 09)
[KDE Security Advisory] kpdf/kword/xpdf denial of service vulnerability Dirk Mueller (Jan 16)
DoZ
PHP Membership Manager Cross-Site Scripting Vulnerability DoZ (Jan 26)
Omniture SiteCatalyst Multiple Cross-Site Scripting Vulnerabilities DoZ (Jan 25)
Phorum HTML Injection Vulnerability DoZ (Jan 29)
AShop Shopping Cart Multiple XSS Vulnerabilities DoZ (Jan 01)
Login Manager Multiple HTML Injections DoZ (Jan 20)
EzDatabase Multiple Cross-Site Scripting Vulnerability DoZ (Jan 25)
MyShoutBox Multiple Cross-Site Scripting Vulnerability DoZ (Jan 19)
Paypal Subscription Manager Multiple HTML Injections DoZ (Jan 20)
Spooky Login Multiple HTML Injection Vulnerability DoZ (Jan 01)
InstantForum.NET Multiple Cross-Site Scripting Vulnerability DoZ (Jan 15)
Dragos Ruiu
EUSecWest 2007 Papers Dragos Ruiu (Jan 19)
dr . t3rr0r1st
jgbbs dr . t3rr0r1st (Jan 03)
Duncan Simpson
Re: PHP as a secure language? PHP worms? Duncan Simpson (Jan 02)
Eliah Kagan
Re: Ipswitch WS_FTP 2007 Professional "wsftpurl" access violation vulnerability Eliah Kagan (Jan 16)
Elliot Kendall
Directory Traversal in ArsDigita Community System Elliot Kendall (Jan 18)
emel_gw_ini
createauction (cats.asp) Remote SQL Injection Vulnerability emel_gw_ini (Jan 08)
magic photo storage website Multiple Remote File Inclusion emel_gw_ini (Jan 09)
ppc engine Multiple file inclusion emel_gw_ini (Jan 09)
sazcart v1.5 (cart.php) Remote File include emel_gw_ini (Jan 10)
shopstorenow (orange.asp) sql injection emel_gw_ini (Jan 06)
edit-x ecommerce (include_dir) Remote File include emel_gw_ini (Jan 09)
Eric Hodel
RubyGems 0.9.0 and earlier installation exploit Eric Hodel (Jan 25)
eugeny gladkih
Re: Multiple OS kernel insecure handling of stdio file descriptor eugeny gladkih (Jan 23)
exe_crack
openmedia local read file exe_crack (Jan 03)
exexp
vBulletin vCard PRO XSS exexp (Jan 01)
Felix Lindner
Re: [Full-disclosure] Check Point Connectra End Point security bypass Felix Lindner (Jan 22)
Florian Weimer
Re: Circumventing CSFR Form Token Defense Florian Weimer (Jan 10)
Re: [VulnWatch] High Risk Vulnerability in the OpenOffice and StarOffice Suites Florian Weimer (Jan 04)
Francesco Laurita
Re: gnopaste <= 0.5.3 (index.php) Remote File Include Vulnerability Francesco Laurita (Jan 30)
Fred Leeflang
Re: Defeating CAPTCHAs via Averaging Fred Leeflang (Jan 31)
FreeBSD Security Advisories
FreeBSD Security Advisory FreeBSD-SA-07:01.jail FreeBSD Security Advisories (Jan 11)
Fritz . Bauspiess
Re: SAP Security Contact Fritz . Bauspiess (Jan 05)
Gadi Evron
Re: local Calendar System v1.1 (lcStdLib.inc) Remote File Include Gadi Evron (Jan 29)
Web Honeynet Project: announcement, exploit URLs this Wednesday Gadi Evron (Jan 12)
Re: a cheesy Apache / IIS DoS vuln (+a question) Gadi Evron (Jan 08)
Re: [Full-disclosure] Web Honeynet Project: announcement, Gadi Evron (Jan 12)
Re: local Calendar System v1.1 (lcStdLib.inc) Remote File Include Gadi Evron (Jan 31)
gamr-14
vulnerability script indexu all versions gamr-14 (Jan 16)
gmdarkfig
Aztek Forum 4.1 Multiple Vulnerabilities Exploit gmdarkfig (Jan 25)
Coppermine Photo Gallery <= 1.4.10 SQL Injection Exploit gmdarkfig (Jan 05)
Simple Web Content Management System SQL Injection Exploit gmdarkfig (Jan 03)
Re: Aztek Forum 4.1 Multiple Vulnerabilities Exploit gmdarkfig (Jan 25)
@lex Guestbook <= 4.0.2 Remote Command Execution Exploit gmdarkfig (Jan 08)
gregory_panakkal
Rediff Bol Downloader Allows Downloading and Spawning Arbitary Files gregory_panakkal (Jan 01)
Guy Podjarny
RE: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Guy Podjarny (Jan 08)
h4cked . eg
Xt-Stats v.2.4.0.b3 - Remote File Include Vulnerabilities h4cked . eg (Jan 29)
hackerbinhphuoc
easy-content filemanager hackerbinhphuoc (Jan 11)
HACKPL - bugtraq/sapheal
Re: Ipswitch WS_FTP 2007 Professional "wsftpurl" access violation vulnerability HACKPL - bugtraq/sapheal (Jan 16)
hainamluke
Cross-site Scripting with Local Privilege Vulnerability in Yahoo Messenger hainamluke (Jan 26)
HASEGAWA Yosuke
Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous HASEGAWA Yosuke (Jan 04)
H D Moore
Uninformed Journal Release Announcement: Volume 6 H D Moore (Jan 15)
hlangos-bugtraq
Re: A Major design Bug in Steganography 1.7.x, 1.8 (latest) (Updated Version) hlangos-bugtraq (Jan 11)
hornung
Re: Bluetooth DoS by obex push [readable] hornung (Jan 23)
Bluetooth DoS by obex push hornung (Jan 23)
hotturk
Ovidentia 5.6x Series Remote File İnclude hotturk (Jan 15)
iamtheevil1
Wiki-how path disclosure iamtheevil1 (Jan 22)
iDefense Labs
iDefense Security Advisory 01.05.07: Opera Software Opera Web Browser createSVGTransformFromMatrix Object Typecasting Vulnerability iDefense Labs (Jan 05)
iDefense Security Advisory 01.09.07: Adobe Macromedia ColdFusion Source Code Disclosure Vulnerability iDefense Labs (Jan 10)
iDefense Security Advisory 01.09.07: Microsoft Excel Long Palette Heap Overflow Vulnerability iDefense Labs (Jan 09)
iDefense Security Advisory 01.09.07: Multiple Vendor X Server Render Extension ProcRenderAddGlyphs Memory Corruption Vulnerability iDefense Labs (Jan 09)
iDefense Security Advisory 01.09.07: Multiple Vendor X Server DBE Extension ProcDbeGetVisualInfo Memory Corruption Vulnerability iDefense Labs (Jan 09)
iDefense Security Advisory 01.09.07: Multiple Microsoft Products VML 'recolorinfo' Element Integer Overflow Vulnerability iDefense Labs (Jan 09)
iDefense Security Advisory 01.05.07: Opera Software Opera Web Browser JPG Image DHT Marker Heap Corruption Vulnerability iDefense Labs (Jan 05)
iDefense Security Advisory 01.09.07: Multiple Vendor X Server DBE Extension ProcDbeSwapBuffers Memory Corruption Vulnerability iDefense Labs (Jan 09)
iDefense Security Advisory 01.26.07: Multiple Vendor libchm Page Block Length Memory Corruption Vulnerability iDefense Labs (Jan 26)
iDefense Security Advisory 01.09.07: Microsoft Excel Invalid Column Heap Corruption Vulnerability iDefense Labs (Jan 09)
iDefense Security Advisory 01.05.07: Kaspersky Antivirus Scan Engine PE File Denial of Service Vulnerability iDefense Labs (Jan 06)
ilkerkandemir
Jax Petition Book (languagepack) Remote File Include Vulnerabilities ilkerkandemir (Jan 15)
wcSimple Poll (password.txt) Remote Password Disclosure Vulnerablity ilkerkandemir (Jan 15)
Okul Web Otomasyon Sistemi (etkinlikbak.asp) SQL Injection Vulnerability ilkerkandemir (Jan 15)
LunarPoll (PollDir) Remote File Include Vulnerabilities ilkerKandemir (Jan 12)
Trevorchan <= v0.7 Remote File Include Vulnerability ilkerkandemir (Jan 13)
Micro CMS <= 3.5 Remote File Include Exploit ilkerKandemir (Jan 12)
info
MKPortal Full Path Disclosure info (Jan 08)
phpBB (privmsg.php) XSS Exploit info (Jan 11)
Re: PlatinumFTP 1.0.18 remote DoS info (Jan 01)
Digital Armaments Security Pre-Advisory 11.01.2007: Grsecurity Kernel PaX - Local root vulnerability info (Jan 11)
MkPortal "All Guests are Admin" Exploit info (Jan 04)
Ezboxx multiple vulnerabilities. Info (Jan 12)
Digital Armaments Security Advisory 20.01.2007: Grsecurity Kernel PaX Vulnerability info (Jan 20)
MkPortal Admin XSS info (Jan 05)
irvian
Jshop Server 1.3 irvian (Jan 11)
ISecAuditors Security Advisories
[ISecAuditors Security Advisories] Oracle Reports Web Cartridge (RWCGI60) vulnerable to XSS ISecAuditors Security Advisories (Jan 17)
James C. Slora Jr.
RE: Circumventing CSFR Form Token Defense James C. Slora Jr. (Jan 11)
Javor Ninov
Re: [Full-disclosure] simplog 0.9.3.2 SQL injection Javor Ninov (Jan 02)
Jean-Jacques Halans
Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Jean-Jacques Halans (Jan 03)
Jeff Moss
Black Hat New Years Updates (Free Stuff, too!) Jeff Moss (Jan 03)
Jeffrey Horton
CFP for RAID 2007 Jeffrey Horton (Jan 04)
Jeff Williams
Re: Universal XSS with PDF files: highly dangerous Jeff Williams (Jan 08)
Jeimy Cano
VII National Computer and Information Security Conference ACIS 2007 - COLOMBIA Jeimy Cano (Jan 29)
Jeroen Massar
Re: Mozilla Firefox 2.0 denial of service vulnerability Jeroen Massar (Jan 01)
jesper . jurcenoks
dt_guestbook version 1.0f XSS vulnerability jesper . jurcenoks (Jan 16)
jgraef
Re: OpenPinboard <= Remote File Include jgraef (Jan 08)
Jim Harrison
RE: PHP as a secure language? PHP worms? Jim Harrison (Jan 02)
RE: PHP as a secure language? PHP worms? [was: Re: new linux malware] Jim Harrison (Jan 01)
RE: PHP as a secure language? PHP worms? [was: Re: new linux malware] Jim Harrison (Jan 02)
RE: PHP as a secure language? PHP worms? [was: Re: new linux malware] Jim Harrison (Jan 01)
RE: PHP as a secure language? PHP worms? [was: Re: new linux malware] Jim Harrison (Jan 04)
Jim Manico
Re: [Full-disclosure] iDefense Q-1 2007 Challenge -I WILL BUY FOR MORE Jim Manico (Jan 17)
Re: [Full-disclosure] [WEB SECURITY] Universal XSS with PDF files: highly dangerous Jim Manico (Jan 09)
Circumventing CSFR Form Token Defense Jim Manico (Jan 09)
Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Jim Manico (Jan 04)
Re: PHP as a secure language? PHP worms? [was: Re: new linux malware] Jim Manico (Jan 08)
Re: Corsaire Security Advisory: ChainKey Java Code Protection Bypass issue Jim Manico (Jan 12)
jn
Re: Virginity Security Advisory 2007-001 : T-Com Speedport 500V Login bypass jn (Jan 22)
John McGuire
Re: Jax Petition Book (languagepack) Remote File Include Vulnerabilities John McGuire (Jan 16)
John Smith
Re: Remove all admin->root authorization prompts from OSX John Smith (Jan 26)
Jon Oberheide
Re: [Full-disclosure] 0trace - traceroute on established connections Jon Oberheide (Jan 25)
Re: [Full-disclosure] 0trace - traceroute on established connections Jon Oberheide (Jan 10)
Jose Avila III
Safari Improperly Parses HTML Documents & BlogSpot XSS vulnerability Jose Avila III (Jan 23)
jose . palanco
GForge Cross Site Scripting vulnerability jose . palanco (Jan 08)
Jos Kirps
Dexia website security alert Jos Kirps (Jan 26)
Juha-Matti Laurio
Re: [Full-disclosure] Universal XSS with PDF files: highly dangerous Juha-Matti Laurio (Jan 04)
Re: Vendor guidelines regarding security contacts Juha-Matti Laurio (Jan 11)
Re: RE: [Full-disclosure] Universal XSS with PDF files: highly dangerous Juha-Matti Laurio (Jan 04)
jussi . vuokko
PHP Link Directory XSS Vulnerability version <= 3.0.6 jussi . vuokko (Jan 22)
k1tk4t
magic photo storage website Remote File Inclusion k1tk4t (Jan 08)
kadaj-diabolik
Nuked Klan <= 1.7 Remote Cookie Disclosure Exploit kadaj-diabolik (Jan 02)
Wordpress <= 2.x dictionnary & Bruteforce attack kadaj-diabolik (Jan 04)
Kees Cook
[USN-405-1] fetchmail vulnerability Kees Cook (Jan 11)
[USN-402-1] Avahi vulnerability Kees Cook (Jan 05)
[USN-406-1] OpenOffice.org vulnerability Kees Cook (Jan 12)
[USN-398-4] Firefox regression Kees Cook (Jan 27)
[USN-398-2] Firefox vulnerabilities Kees Cook (Jan 03)
[USN-403-1] X.org vulnerabilities Kees Cook (Jan 09)
[USN-398-1] Firefox vulnerabilities Kees Cook (Jan 03)
[USN-401-1] D-Bus vulnerability Kees Cook (Jan 05)
[USN-398-3] Firefox theme regression Kees Cook (Jan 04)
[USN-412-1] GeoIP vulnerability Kees Cook (Jan 24)
[USN-410-2] teTeX vulnerability Kees Cook (Jan 26)
[USN-414-1] Squid vulnerabilities Kees Cook (Jan 25)
[USN-399-1] w3m vulnerabilities Kees Cook (Jan 03)
[USN-413-1] BlueZ vulnerability Kees Cook (Jan 24)
[USN-411-1] libsoup vulnerability Kees Cook (Jan 23)
[USN-400-1] Thunderbird vulnerabilities Kees Cook (Jan 05)
[USN-404-1] MadWifi vulnerability Kees Cook (Jan 09)
Kevin Waterson
Re: PHP as a secure language? PHP worms? [was: Re: new linux malware] Kevin Waterson (Jan 01)
Re: PHP as a secure language? PHP worms? [was: Re: new linux malware] Kevin Waterson (Jan 02)
K F
Whos Johny Pwnerseed? K F (Jan 03)
K F (lists)
DMA[2007-0107a] OmniWeb Javascript Alert Format String Vulnerabiity and DMA[2007-0109a] Apple Finder Disk Image Volume Label Overflow / DoS K F (lists) (Jan 11)
Welcome to Pwndertino... K F (lists) (Jan 01)
Re: [Full-disclosure] iDefense Q-1 2007 Challenge K F (lists) (Jan 16)
Re: [Full-disclosure] iDefense Q-1 2007 Challenge K F (lists) (Jan 16)
Remove all admin->root authorization prompts from OSX K F (lists) (Jan 25)
DMA[2007-0104a] - 'iLife iPhoto Photocasing Format String Vulnerability' K F (lists) (Jan 04)
kian . mohageri
Packeteer PacketWise CLI overflow DoS kian . mohageri (Jan 08)
krasza
Re: Gallery <= 1.4.4-pl4 (phpbb_root_path) Remote File Include Vulnerability krasza (Jan 16)
labs@NGSEC
[NGSEC] ngGame #3 - BrainStorming labs@NGSEC (Jan 01)
Lance James
Re: [DCC SPAM] 0trace - traceroute on established connections Lance James (Jan 09)
Larry Seltzer
RE: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Larry Seltzer (Jan 03)
RE: [Full-disclosure] Universal XSS with PDF files: highly dangerous Larry Seltzer (Jan 04)
RE: [Full-disclosure] Concurrency strikes MSIE (potentially exploitablemsxml3 flaws) Larry Seltzer (Jan 04)
Lawrence Paul MacIntyre
Re: PHP as a secure language? PHP worms? [was: Re: new linux malware] Lawrence Paul MacIntyre (Jan 04)
Layer One
LayerOne 2007 CFP Announced Layer One (Jan 11)
l . d . 0
Re: phpAdsNew 2.0.7 Remote File Include l . d . 0 (Jan 23)
Lebbeous Weekley
BIND remote exploit (low severity) [Fwd: Internet Systems Consortium Security Advisory.] Lebbeous Weekley (Jan 25)
l . friedrichs
FON Router allows anonymous web access l . friedrichs (Jan 06)
lfx4sodas
Re: SMF "index.php?action=pm" Cross Site-Scripting lfx4sodas (Jan 22)
lifeasageek
Re: MS07-004 VML Integer Overflow Exploit lifeasageek (Jan 17)
MS07-004 VML Integer Overflow Exploit LifeAsaGeek (Jan 16)
Lise Moorveld
Re: SMF "index.php?action=pm" Cross Site-Scripting Lise Moorveld (Jan 26)
Lolek of TK53
TK53 Advisory #1: CenterICQ remote DoS buffer overflow in LiveJournal handling Lolek of TK53 (Jan 08)
Lou Katz
Re: Defeating CAPTCHAs via Averaging Lou Katz (Jan 31)
Lubomir Kundrak
Lies? [Was: Re: Digital Armaments Security Pre-Advisory 11.01.2007: Grsecurity Kernel PaX - Local root vulnerability] Lubomir Kundrak (Jan 12)
lunY
Nwom topsites v3.0 lunY (Jan 11)
Fix & Chips CMS v1.0 luny (Jan 06)
Yet Another Link Directory v1.0 lunY (Jan 06)
luoluonet
Sun Microsystems Java GIF File Parsing Memory Corruption Vulnerability Prove Of Concept Exploit luoluonet (Jan 22)
Re: AToZed Software Intraweb Component for Borland Delphi and Kylix DoS vulnerability mail (Jan 24)
Mailinglists Address
Re: Fantastic News <=- (news.php) Remote File Include Vulnerability <- bogus... again Mailinglists Address (Jan 23)
Re: BOGUS: Atsphp 5.0.1 [Top Sites] [index.php] - Remote File Include Mailinglists Address (Jan 30)
Major Malfunction
London DC4420 meet - Wednesday 17th January, 2007 Major Malfunction (Jan 15)
marco . van . herwaarden
Re: XSS with Vbulletin (new idea !) marco . van . herwaarden (Jan 01)
Mark Litchfield
SAP Security Contact Mark Litchfield (Jan 04)
SAP Security Mark Litchfield (Jan 04)
Martin O'Neal
RE: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Martin O'Neal (Jan 04)
RE: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Martin O'Neal (Jan 08)
RE: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Martin O'Neal (Jan 08)
Martin Pitt
[USN-408-1] krb5 vulnerability Martin Pitt (Jan 15)
[USN-409-1] ksirc vulnerability Martin Pitt (Jan 15)
[USN-407-1] libgtop2 vulnerability Martin Pitt (Jan 15)
[USN-410-1] poppler vulnerability Martin Pitt (Jan 18)
Martin Schulze
[SECURITY] [DSA 1246-1] New OpenOffice.org packages fix arbitrary code execution Martin Schulze (Jan 08)
[SECURITY] [DSA 1252-1] New vlc packages fix arbitrary code execution Martin Schulze (Jan 27)
[SECURITY] [DSA 1253-1] New Mozilla Firefox packages fix several vulnerabilities Martin Schulze (Jan 27)
Marvin Simkin
RE: Remove all admin->root authorization prompts from OSX Marvin Simkin (Jan 25)
RE: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Marvin Simkin (Jan 09)
Matousec - Transparent security Research
Kerio Fake 'iphlpapi' DLL injection Vulnerability Matousec - Transparent security Research (Jan 01)
Outpost Bypassing Self-Protection using file links Vulnerability Matousec - Transparent security Research (Jan 15)
matteo
Re: phpAdsNew 2.0.7 Remote File Include matteo (Jan 24)
Matteo Beccati
[OPENADS-SA-2007-002] Max Media Manager v0.1.29 and v0.3.30 vulnerability fixed Matteo Beccati (Jan 26)
Re: [OPENADS-SA-2007-002] Max Media Manager v0.1.29 and v0.3.30 vulnerability fixed Matteo Beccati (Jan 27)
[OPENADS-SA-2007-001] phpAdsNew and phpPgAds 2.0.9-pr1 vulnerability fixed Matteo Beccati (Jan 24)
Matthias Andree
fetchmail security announcement 2006-03 (CVE-2006-5974) Matthias Andree (Jan 06)
fetchmail security announcement 2006-02 (CVE-2006-5867) Matthias Andree (Jan 06)
Matthias Geerdsen
[ GLSA 200701-25 ] X.Org X server: Multiple vulnerabilities Matthias Geerdsen (Jan 29)
[ GLSA 200701-23 ] Cacti: Command execution and SQL injection Matthias Geerdsen (Jan 26)
[ GLSA 200701-13 ] Fetchmail: Denial of Service and password disclosure Matthias Geerdsen (Jan 22)
[ GLSA 200701-21 ] MIT Kerberos 5: Arbitrary Remote Code Execution Matthias Geerdsen (Jan 24)
[ GLSA 200701-24 ] VLC media player: Format string vulnerability Matthias Geerdsen (Jan 26)
[ GLSA 200701-17 ] libgtop: Privilege escalation Matthias Geerdsen (Jan 23)
[ GLSA 200701-22 ] Squid: Multiple Denial of Service vulnerabilities Matthias Geerdsen (Jan 25)
Matthias Wenzel
Re: DoS against AVM Fritz!Box 7050 (and others) Matthias Wenzel (Jan 23)
Matthieu Suiche
Windows Vista and unexported kernel symbols (Part II, 32bits version) Matthieu Suiche (Jan 31)
Windows Vista 64bits and unexported kernel symbols Matthieu Suiche (Jan 02)
maxpost
Re: Naig <= 0.5.2 (this_path) Remote File Include Vulnerability maxpost (Jan 13)
me you
FreeForum 0.9.0 <=- (index.php fpath) Remote File Include Vulnerability me you (Jan 22)
UploadScript <=- v1.02 (password.txt) Remote Password Disclosure Vulnerability me you (Jan 22)
phpCOIN <= RC-1 (modules/mail/index.php) Remote File Include Vulnerability me you (Jan 25)
Uploader <= (userdata/user_1.txt) Password Disclosure Vulnerability me you (Jan 22)
Fantastic News <=- (news.php) Remote File Include Vulnerability me you (Jan 22)
ZixForum <= 1.14 (Zixforum.mdb) Remote Password Disclosure Vulnerability me you (Jan 24)
Gallery <= 1.4.4-pl4 (phpbb_root_path) Remote File Include Vulnerability me you (Jan 16)
Advanced Guestbook <=- 2.4.2 (include_path) Remote File Include Vulnerability me you (Jan 23)
Naig <= 0.5.2 (this_path) Remote File Include Vulnerability me you (Jan 12)
michael
Re: Multiple SQL injections and XSS in FishCart 3.1 michael (Jan 23)
Michael Brennen
Re: FishCart [injection sql] Michael Brennen (Jan 22)
Michael Scheidell
RE: seeking comments on disclosure articles Michael Scheidell (Jan 13)
Michal Bucko
WS_FTP 2007 Professional SCP handling format string vulnerability Michal Bucko (Jan 27)
Michał Melewski
Re: Fake: Open Conference Systems = 2.8.2 Remote File Inclusion Michał Melewski (Jan 29)
Re: Open Conference Systems = 2.8.2 Remote File Inclusion Michał Melewski (Jan 29)
Re: Fake: Open Conference Systems = 2.8.2 Remote File Inclusion Michał Melewski (Jan 29)
Michal Spadlinski
Re: Cracking Steganography Application in less than ONE minute Michal Spadlinski (Jan 09)
Michal Zalewski
Re: [Full-disclosure] 0trace - traceroute on established connections Michal Zalewski (Jan 09)
Re: [Full-disclosure] 0trace - traceroute on established connections Michal Zalewski (Jan 08)
Re: stompy the session stomper - tool availability Michal Zalewski (Jan 29)
Re: a cheesy Apache / IIS DoS vuln (+a question) Michal Zalewski (Jan 04)
RE: [Full-disclosure] Concurrency strikes MSIE (potentially exploitablemsxml3 flaws) Michal Zalewski (Jan 04)
0trace - traceroute on established connections Michal Zalewski (Jan 08)
stompy the session stomper - tool availability Michal Zalewski (Jan 27)
a cheesy Apache / IIS DoS vuln (+a question) Michal Zalewski (Jan 03)
Re: stompy the session stomper - tool availability Michal Zalewski (Jan 31)
Re: a cheesy Apache / IIS DoS vuln (+a question) Michal Zalewski (Jan 04)
Re: a cheesy Apache / IIS DoS vuln (+a question) Michal Zalewski (Jan 04)
Concurrency strikes MSIE (potentially exploitable msxml3 flaws) Michal Zalewski (Jan 04)
Moritz Muehlenhoff
[SECURITY] [DSA 1250-1] New cacti packages fix arbitrary code execution Moritz Muehlenhoff (Jan 17)
[SECURITY] [DSA 1248-1] New libsoup packages fix denial of service Moritz Muehlenhoff (Jan 12)
[SECURITY] [DSA 1254-1] New bind9 packages fix denial of service Moritz Muehlenhoff (Jan 29)
[SECURITY] [DSA 1255-1] New libgtop2 packages fix arbitrary code execution Moritz Muehlenhoff (Jan 31)
[SECURITY] [DSA 1256-1] New gtk+2.0 packages fix denial of service Moritz Muehlenhoff (Jan 31)
[SECURITY] [DSA 1245-1] New proftpd packages fix denial of service Moritz Muehlenhoff (Jan 08)
mr alkomandoz
phpAdsNew 2.0.7 Remote File Include mr alkomandoz (Jan 22)
cmsimple 2.7 Remote File Include mr alkomandoz (Jan 22)
nanoymaster
CMS Made Simple non-permanent XSS nanoymaster (Jan 04)
neothermic
Re: phpBB (privmsg.php) XSS Exploit neothermic (Jan 13)
Re: phpBB (privmsg.php) XSS Exploit neothermic (Jan 12)
Netragard Security Advisories
[NETRAGARD-20061218 SECURITY ADVISORY] [@Mail WebMail Cross Site Request Forgery] Netragard Security Advisories (Jan 25)
NGS Software Insight Security Research
Oracle 10g R2 Enterprise Manager Directory Traversal NGS Software Insight Security Research (Jan 31)
Remote Unauthenticated Resource Exhaustion CA Mobile BackupService NGS Software Insight Security Research (Jan 31)
Remote DOS BrightStor ARCserve Backup for Laptops & Desktops NGS Software Insight Security Research (Jan 31)
Remote Unauthenticated Code Execution II CA BrightStor ARCserve Backup for Laptops & Desktops NGS Software Insight Security Research (Jan 31)
Remote Unauthenticated Code Execution CA BrightStor ARCserve Backup NGS Software Insight Security Research (Jan 31)
NGSSoftware Insight Security Research
Correction (High Risk Vulnerability in the OpenOffice and StarOffice Suites) NGSSoftware Insight Security Research (Jan 04)
Medium Risk Vulnerability in PGP Desktop NGSSoftware Insight Security Research (Jan 25)
High Risk Vulnerability in the OpenOffice and StarOffice Suites NGSSoftware Insight Security Research (Jan 04)
Nick Boyce
Re: SAP Security Contact Nick Boyce (Jan 10)
Nicob
Re: SAP Security Contact Nicob (Jan 08)
nightmare
PHPATM Remote Password Disclosure Vulnerablity nightmare (Jan 16)
nj
Multiple bugs in EditTag nj (Jan 05)
Noah Meyerhans
[SECURITY] [DSA 1247-1] New libapache-mod-auth-kerb packages fix remote denial of service Noah Meyerhans (Jan 08)
Noe Espinoza M.
RE: Universal PDF XSS After Party(posible solution) Noe Espinoza M. (Jan 04)
noreply9871234
Defeating CAPTCHAs via Averaging noreply9871234 (Jan 29)
nospam
Re: Digital Armaments Security Advisory 20.01.2007: Grsecurity Kernel PaX Vulnerability nospam (Jan 23)
null_hack
Uber Uploader 4.2 Arbitrary File Upload Vulnerability null_hack (Jan 05)
Re: Re: Uber Uploader 4.2 Arbitrary File Upload Vulnerability null_hack (Jan 10)
OpenPKG GmbH
[OpenPKG-SA-2007.002] OpenPKG Security Advisory (bzip2) OpenPKG GmbH (Jan 05)
[OpenPKG-SA-2007.003] OpenPKG Security Advisory (drupal) OpenPKG GmbH (Jan 06)
[OpenPKG-SA-2007.004] OpenPKG Security Advisory (fetchmail) OpenPKG GmbH (Jan 06)
[OpenPKG-SA-2007.007] OpenPKG Security Advisory (bind) OpenPKG GmbH (Jan 29)
[OpenPKG-SA-2007.005] OpenPKG Security Advisory (wordpress) OpenPKG GmbH (Jan 06)
[OpenPKG-SA-2007.001] OpenPKG Security Advisory (cacti) OpenPKG GmbH (Jan 01)
[OpenPKG-SA-2007.008] OpenPKG Security Advisory (cvstrac) OpenPKG GmbH (Jan 29)
[OpenPKG-SA-2007.006] OpenPKG Security Advisory (kerberos) OpenPKG GmbH (Jan 10)
Outlaw
Re: Cross-site Scripting with Local Privilege Vulnerability in Yahoo Messenger Outlaw (Jan 27)
Re: Re: Re: SMF "index.php?action=pm" Cross Site-Scripting Outlaw (Jan 23)
paisterist
PHP-Nuke <= 7.9 Old-Articles Block "cat" SQL Injection vulnerability paisterist (Jan 13)
paulw
Oracle Passwords and OraBrute paulw (Jan 15)
pdp (architect)
Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous pdp (architect) (Jan 03)
Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous pdp (architect) (Jan 03)
Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous pdp (architect) (Jan 08)
Technika - Attack Scripting Environment pdp (architect) (Jan 31)
Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous pdp (architect) (Jan 03)
Re: [Full-disclosure] Universal XSS with PDF files: highly dangerous pdp (architect) (Jan 08)
Universal PDF XSS After Party pdp (architect) (Jan 04)
Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous pdp (architect) (Jan 03)
Universal XSS with PDF files: highly dangerous pdp (architect) (Jan 03)
Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous pdp (architect) (Jan 04)
pete
BBED - Oracle Block Browser and Editor pete (Jan 31)
Pete Connolly
Re: [VulnWatch] High Risk Vulnerability in the OpenOffice and StarOffice Suites Pete Connolly (Jan 04)
Peter Jeremy
Re: Multiple OS kernel insecure handling of stdio file descriptor Peter Jeremy (Jan 18)
Peter Watkins
Re: Circumventing CSFR Form Token Defense Peter Watkins (Jan 10)
Pieter de Boer
Re: a cheesy Apache / IIS DoS vuln (+a question) Pieter de Boer (Jan 04)
Piotr Bania
Adobe Reader Remote Heap Memory Corruption - Subroutine Pointer Overwrite Piotr Bania (Jan 10)
porkythepig
Microsoft Visual C++ (.RC) resource files buffer overflow vulnerability porkythepig (Jan 22)
Microsoft Help Workshop .CNT contents files buffer overflow vulnerability porkythepig (Jan 17)
Help project files (.HPJ) buffer overflow vulnerability in Microsoft Help Workshop porkythepig (Jan 19)
process
Wordpress disclosure of Table Prefix Weakness process (Jan 12)
ProCheckUp Research
PR06-14: IP Phones based on Centrality Communications/Aredfox PA168 chipset weak session management vulnerability ProCheckUp Research (Jan 23)
Rage Coder
Re: Windows logoff bug possible security vulnerability and exploit. Rage Coder (Jan 18)
Re: Windows logoff bug possible security vulnerability and exploit. Rage Coder (Jan 29)
Windows logoff bug possible security vulnerability and exploit. Rage Coder (Jan 17)
Ralf S. Engelschall
CVSTrac 2.0.0 Denial of Service (DoS) vulnerability Ralf S. Engelschall (Jan 29)
Ralph Angenendt
Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Ralph Angenendt (Jan 10)
Raphael Marichez
[ GLSA 200701-20 ] Centericq: Remote buffer overflow in LiveJournal handling Raphael Marichez (Jan 24)
[ GLSA 200701-16 ] Adobe Acrobat Reader: Multiple vulnerabilities Raphael Marichez (Jan 23)
[ GLSA 200701-12 ] Mono: Information disclosure Raphael Marichez (Jan 16)
[ GLSA 200701-15 ] Sun JDK/JRE: Multiple vulnerabilities Raphael Marichez (Jan 22)
[ GLSA 200701-26 ] KSirc: Denial of Service vulnerability Raphael Marichez (Jan 31)
[ GLSA 200701-27 ] ELinks: Arbitrary Samba command execution Raphael Marichez (Jan 31)
[ GLSA 200701-01 ] DenyHosts: Denial of Service Raphael Marichez (Jan 04)
[ GLSA 200701-03 ] Mozilla Thunderbird: Multiple vulnerabilities Raphael Marichez (Jan 04)
[ GLSA 200701-08 ] Opera: Two remote code execution vulnerabilities Raphael Marichez (Jan 12)
[ GLSA 200701-05 ] KDE kfile JPEG info plugin: Denial of Service Raphael Marichez (Jan 12)
[ GLSA 200701-18 ] xine-ui: Format string vulnerabilities Raphael Marichez (Jan 23)
[ GLSA 200701-19 ] OpenLDAP: Insecure usage of /tmp during installation Raphael Marichez (Jan 23)
[ GLSA 200701-14 ] Mod_auth_kerb: Denial of Service Raphael Marichez (Jan 22)
[ GLSA 200701-10 ] WordPress: Multiple vulnerabilities Raphael Marichez (Jan 16)
[ GLSA 200701-28 ] thttpd: Unauthenticated remote file access Raphael Marichez (Jan 31)
[ GLSA 200701-07 ] OpenOffice.org: EMF/WMF file handling vulnerabilities Raphael Marichez (Jan 12)
[ GLSA 200701-02 ] Mozilla Firefox: Multiple vulnerabilities Raphael Marichez (Jan 04)
[ GLSA 200701-04 ] SeaMonkey: Multiple vulnerabilities Raphael Marichez (Jan 10)
[ GLSA 200701-09 ] oftpd: Denial of Service Raphael Marichez (Jan 16)
[ GLSA 200701-06 ] w3m: Format string vulnerability Raphael Marichez (Jan 12)
[ GLSA 200701-11 ] Kronolith: Local file inclusion Raphael Marichez (Jan 16)
recklessb
Re: Re: Re: Uber Uploader 4.2 Arbitrary File Upload Vulnerability recklessb (Jan 15)
Re: Uber Uploader 4.2 Arbitrary File Upload Vulnerability recklessb (Jan 09)
research
SYMSA-2007-001: Oracle Application Server 10g - Directory Traversal research (Jan 16)
Rik van Riel
Re: Windows Vista 64bits and unexported kernel symbols Rik van Riel (Jan 03)
RISE Security
[RISE-2007001] Apple Mac OS X 10.4.x kernel shared_region_map_file_np() memory corruption vulnerability RISE Security (Jan 19)
Robert Święcki
Re: [Full-disclosure] 0trace - traceroute on established connections Robert Święcki (Jan 15)
Robert Tasarz
Re: Safari Improperly Parses HTML Documents & BlogSpot XSS vulnerability Robert Tasarz (Jan 24)
Robin Sommer
DIMVA 2007: Final Call for Papers Robin Sommer (Jan 19)
Rob Sherwood
Re: a cheesy Apache / IIS DoS vuln (+a question) Rob Sherwood (Jan 04)
Rogan Dawes
Re: stompy the session stomper - tool availability Rogan Dawes (Jan 29)
Rolf Huisman
SQL Injection by using Cookie Poisoning for Website Baker Version 2.6.5 and before Rolf Huisman (Jan 22)
Roman Medina-Heigl Hernandez
Re: [Full-disclosure] iDefense Q-1 2007 Challenge -I WILL BUY FOR MORE Roman Medina-Heigl Hernandez (Jan 18)
Ronald Chmara
Re: PHP as a secure language? PHP worms? [was: Re: new linux malware] Ronald Chmara (Jan 04)
Ron DuFresne
Re: [Full-disclosure] rPSA-2007-0011-1 wget Ron DuFresne (Jan 25)
Roni Bachar
Check Point Connectra End Point security bypass Roni Bachar (Jan 22)
rPath Update Announcements
rPSA-2007-0020-1 rmake rPath Update Announcements (Jan 26)
rPSA-2007-0020-2 rmake rPath Update Announcements (Jan 30)
rPSA-2007-0014-1 libgtop rPath Update Announcements (Jan 23)
rPSA-2007-0007-1 kdenetwork rPath Update Announcements (Jan 16)
rPSA-2007-0015-1 libsoup rPath Update Announcements (Jan 23)
rPSA-2006-0234-2 firefox thunderbird rPath Update Announcements (Jan 02)
rPSA-2007-0012-1 ed rPath Update Announcements (Jan 23)
rPSA-2007-0013-1 poppler tetex tetex-afm tetex-dvips tetex-fonts tetex-latex tetex-xdvi rPath Update Announcements (Jan 23)
rPSA-2007-0008-1 gd rPath Update Announcements (Jan 16)
rPSA-2007-0019-1 gtk rPath Update Announcements (Jan 25)
rPSA-2007-0021-1 bind bind-utils rPath Update Announcements (Jan 26)
rPSA-2007-0006-1 krb5 krb5-server krb5-services krb5-test krb5-workstation rPath Update Announcements (Jan 11)
rPSA-2007-0004-1 bzip2 rPath Update Announcements (Jan 09)
rPSA-2007-0011-1 wget rPath Update Announcements (Jan 23)
rPSA-2007-0005-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs rPath Update Announcements (Jan 09)
rPSA-2007-0001-1 openoffice.org rPath Update Announcements (Jan 08)
rPSA-2007-0003-1 fetchmail rPath Update Announcements (Jan 09)
RSnake
RE: [WEB SECURITY] Universal XSS with PDF files: highly dangerous RSnake (Jan 04)
Re: [WEB SECURITY] RE: Universal PDF XSS After Party(posible solution) RSnake (Jan 04)
Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous RSnake (Jan 08)
Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous RSnake (Jan 08)
Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous RSnake (Jan 04)
Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous RSnake (Jan 03)
Re: [WEB SECURITY] RE: [Full-disclosure] Universal XSS with PDF files: highly dangerous RSnake (Jan 04)
Rude Yak
Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Rude Yak (Jan 04)
rudeyak
Re: Re: Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous rudeyak (Jan 08)
Re: Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous rudeyak (Jan 04)
S21sec Labs
WzdFTPD < 8.1 Denial of service S21sec Labs (Jan 19)
S21sec-034-en: Cisco VTP DoS vulnerability S21sec Labs (Jan 26)
saik0pod
Xine-ui format string Vulnerabilties. saik0pod (Jan 11)
sapheal
ATMEL Linux PCI PCMCIA USB Drivers arbitrary code execution sapheal (Jan 01)
Re: Re: Mozilla Firefox 2.0 denial of service vulnerability sapheal (Jan 01)
Windows NT Message Compiler 1.00.5239 arbitrary code execution sapheal (Jan 02)
FreeRadius 1.1.3 SMB_Handle_Type SMB_Connect_Server arbitrary code execution sapheal (Jan 02)
Ipswitch WS_FTP 2007 Professional "wsftpurl" access violation vulnerability sapheal (Jan 12)
Mozilla Firefox 2.0 denial of service vulnerability sapheal (Jan 01)
saps . audit
FishCart [injection sql] saps . audit (Jan 22)
Scott
Re: [USN-398-1] Firefox vulnerabilities Scott (Jan 03)
Sebastian Wolfgarten
Buffer overflow in VSAPI library of Trend Micro VirusWall 3.81 for Linux Sebastian Wolfgarten (Jan 25)
Secunia Research
Secunia Research: NCTsoft Products NCTAudioFile2 ActiveX Control Buffer Overflow Secunia Research (Jan 24)
Re: Secunia Research: NCTsoft Products NCTAudioFile2 ActiveX Control Buffer Overflow Secunia Research (Jan 24)
Secunia Research: Sienzo Digital Music Mentor NCTAudioFile2 ActiveX Control Buffer Overflow Secunia Research (Jan 24)
security
[ MDKSA-2007:024 ] - Updated kdegraphics packages fix crafted pdf file vulnerability security (Jan 23)
[ MDKSA-2007:022 ] - Updated tetex packages fix crafted pdf file vulnerability security (Jan 18)
[ MDKSA-2007:004 ] - Updated geoip packages fix geoipupdate vulnerability security (Jan 09)
[ MDKSA-2007:030 ] - Updated bind packages fix DoS vulnerabilities security (Jan 30)
[ MDKSA-2007:002 ] - Updated kernel packages fix multiple vulnerabilities and bugs security (Jan 02)
[ MDKSA-2007:013 ] - Updated libneon0.26 packages fix vulnerability security (Jan 12)
[ MDKSA-2007:001 ] - Update libmodplug packages fix buffer overflow vulnerabilities security (Jan 02)
[ MDKSA-2007:006 ] - Updated OpenOffice.org packages fix WMF vulnerability security (Jan 10)
[ MDKSA-2007:026 ] - Updated squid packages fix vulnerabilities security (Jan 24)
[ MDKSA-2006:217-2 ] - Updated proftpd packages fix vulnerabilities security (Jan 23)
[ MDKSA-2007:007 ] - Updated nvidia driver packages fix vulnerability security (Jan 11)
[ MDKSA-2007:019 ] - Updated pdftohtml packages fix crafted pdf file vulnerability security (Jan 18)
[ MDKSA-2007:003 ] - Updated avahi packages fix DoS vulnerability security (Jan 08)
[ MDKSA-2007:020 ] - Updated poppler packages fix crafted pdf file vulnerability security (Jan 18)
[ MDKSA-2007:008 ] - Updated kerberos packages fix vulnerability security (Jan 11)
[ MDKSA-2007:025 ] - Updated kernel packages fix multiple vulnerabilities and bugs security (Jan 23)
[ MDKSA-2007:016 ] - Updated fetchmail packages fix vulnerability security (Jan 16)
[ MDKSA-2007:015 ] - Updated cacti packages SQL injection vulnerability security (Jan 16)
[ MDKSA-2007:010 ] - Updated Firefox packages fix multiple vulnerabilities security (Jan 11)
[ MDKSA-2007:028 ] - Updated ulogd packaged to address buffer overflow vulnerability security (Jan 27)
[ MDKSA-2007:027 ] - Updated xine-ui packages fix vulnerabilities security (Jan 26)
[ MDKSA-2007:009 ] - Updated kdenetwork packages fix ksirc vulnerability security (Jan 11)
[ MDKSA-2007:014 ] - Updated bluez-utils packages fix hidd vulnerability security (Jan 16)
[ MDKSA-2007:011 ] - Updated Thunderbird packages fix multiple vulnerabilities security (Jan 12)
[ MDKSA-2007:018 ] - Updated koffice packages fix crafted pdf file vulnerability security (Jan 18)
[ MDKSA-2007:023 ] - Updated libgtop2 packages fix buffer overflow vulnerability security (Jan 18)
[ MDKSA-2007-005 ] - Updated xorg-x11/XFree86 packages fix integer overflow vulnerabilities security (Jan 09)
[ MDKSA-2007:017 ] - Updated wget packages fix ftp vulnerability security (Jan 16)
[ MDKSA-2007:021 ] - Updated xpdf packages fix crafted pdf file vulnerability security (Jan 18)
[ MDKSA-2007:012 ] - Updated kernel packages fix multiple vulnerabilities and bugs security (Jan 12)
[ MDKSA-2007:029 ] - Updated libsoup packages fix DoS vulnerability security (Jan 27)
security-alert
[security bulletin] HPSBST02184 SSRT071296 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS07-001 Through MS07-004 security-alert (Jan 18)
[security bulletin] HPSBPI02185 SSRT071290 rev.1 - HP Jetdirect Running ftp, Remote Denial of Service (DoS) security-alert (Jan 18)
[security bulletin] HPSBMA02175 SSRT061174 rev.1 - HP OpenView Network Node Manager (OV NNM) Remote Unauthorized Read Access to Files security-alert (Jan 11)
[security bulletin] HPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access security-alert (Jan 24)
[security bulletin] HPSBMA02176 SSRT051035 rev.1 - HP OpenView Network Node Manager (OV NNM) Remote Unauthorized Execution of Arbitrary Code security-alert (Jan 11)
[security bulletin] HPSBUX02181 SSRT061289 rev.1 - HP-UX Running IPFilter, Remote Unauthorized Denial of Service (DoS) security-alert (Jan 18)
security curmudgeon
Re: Vendor guidelines regarding security contacts security curmudgeon (Jan 08)
security () yospot de
Re: Virginity Security Advisory 2007-001 : T-Com Speedport 500V Login bypass security () yospot de (Jan 22)
ShaFuq31
Kolayindir Download (Yenionline) (tr) SqL Injection Vuln. ShaFuq31 (Jan 05)
RI Blog 1.3 XSS Vuln. ShaFuq31 (Jan 05)
GeoBB Georgian Bulletin Board Remote File Include Vuln. ShaFuq31 (Jan 08)
Dayfox Blog Remote File Include Vuln. ShaFuq31 (Jan 08)
Sharkey
2007 Security OPUS CFP: Closed (Agenda included) Sharkey (Jan 31)
shatter
Re: Re: Oracle Buffer Overflows in DBMS_CAPTURE_ADM_INTERNAL shatter (Jan 29)
Shawna McAlearney
Vulnerability disclosure comments Shawna McAlearney (Jan 25)
Shiva Persaud
Re: Multiple OS kernel insecure handling of stdio file descriptor Shiva Persaud (Jan 20)
shulman
Hacking AJAX DWR Applications shulman (Jan 03)
Siim Põder
Re: a cheesy Apache / IIS DoS vuln (+a question) Siim Põder (Jan 04)
Simon Smith
Re: [Full-disclosure] iDefense Q-1 2007 Challenge -I WILL BUY FOR MORE Simon Smith (Jan 16)
Re: [Full-disclosure] iDefense Q-1 2007 Challenge -I WILL BUY FOR MORE Simon Smith (Jan 18)
Re: [_SUSPEKT] - Re: [Full-disclosure] iDefense Q-1 2007 Challenge - Bayesian Filter detected spam Simon Smith (Jan 18)
Re: [Full-disclosure] iDefense Q-1 2007 Challenge Simon Smith (Jan 17)
Re: [Full-disclosure] iDefense Q-1 2007 Challenge Simon Smith (Jan 16)
Re: [Full-disclosure] iDefense Q-1 2007 Challenge Simon Smith (Jan 17)
Re: [Full-disclosure] iDefense Q-1 2007 Challenge -I WILL BUY FOR MORE Simon Smith (Jan 18)
Re: [Full-disclosure] iDefense Q-1 2007 Challenge -I WILL BUY FOR MORE Simon Smith (Jan 18)
Simple Nomad
Re: local Calendar System v1.1 (lcStdLib.inc) Remote File Include Simple Nomad (Jan 29)
sirdarckcat
Re: Re: Re: Re: SMF "index.php?action=pm" Cross Site-Scripting sirdarckcat (Jan 26)
smcalearney
seeking comments on disclosure articles smcalearney (Jan 12)
sn0oPy
a-forum xss sn0oPy (Jan 20)
sn0oPy . team
RBL - ASP (scripts with db) SQL injection sn0oPy . team (Jan 29)
liens_dynamiques xss and admin authentification sn0oPy . team (Jan 15)
AdMentor (banners) admin SQL injection sn0oPy . team (Jan 29)
RBL - ASP (scripts with db) SQL injection sn0oPy . team (Jan 30)
AdMentor (banners) admin SQL injection sn0oPy . team (Jan 27)
golden book XSS sn0oPy . team (Jan 01)
socket69
Re: RE: [Full-disclosure] Concurrency strikes MSIE (potentially exploitablemsxml3 flaws) socket69 (Jan 08)
Sowhat
HP Multiple Products PML Driver Local Privilege Escalation Sowhat (Jan 08)
Sina UC ActiveX Multiple Remote Stack Overflow Sowhat (Jan 09)
Stan Bubrouski
Re: SAP Security Contact Stan Bubrouski (Jan 09)
Stefan Esser
Advisory 02/2007: WordPress Trackback Charset Decoding SQL Injection Vulnerability Stefan Esser (Jan 05)
Advisory 01/2007: WordPress CSRF Protection XSS Vulnerability Stefan Esser (Jan 05)
Stefano Di Paola
Adobe Acrobat Reader Plugin - Multiple Vulnerabilities Stefano Di Paola (Jan 03)
Stefano Zanero
Re: FreeForum 0.9.0 <=- (index.php fpath) Remote File Include Vulnerability Stefano Zanero (Jan 24)
Re: Open Conference Systems = 2.8.2 Remote File Inclusion Stefano Zanero (Jan 29)
Re: local Calendar System v1.1 (lcStdLib.inc) Remote File Include Stefano Zanero (Jan 29)
Re: Trevorchan <= v0.7 Remote File Include Vulnerability Stefano Zanero (Jan 16)
Re: cisco nac bypass vulnerability - cisco trust agent Stefano Zanero (Jan 08)
Re: Advanced Guestbook <=- 2.4.2 (include_path) Remote File Include Vulnerability Stefano Zanero (Jan 24)
Re: OpenPinboard <= Remote File Include Stefano Zanero (Jan 03)
Re: local Calendar System v1.1 (lcStdLib.inc) Remote File Include Stefano Zanero (Jan 29)
Steve Friedl
Re: FW: [cacti-announce] Cacti 0.8.6j Released Steve Friedl (Jan 18)
Steve Kemp
[SECURITY] [DSA 1251-1] New netrik packages fix arbitary shell command execution Steve Kemp (Jan 22)
steven
slocate leaks filenames of protected directories steven (Jan 10)
Steven M. Christey
Vendor guidelines regarding security contacts Steven M. Christey (Jan 08)
Re: Vendor guidelines regarding security contacts Steven M. Christey (Jan 12)
Re: Oracle Buffer Overflows in DBMS_CAPTURE_ADM_INTERNAL Steven M. Christey (Jan 25)
Re: OpenPinboard <= Remote File Include Steven M. Christey (Jan 09)
Re: Oracle Buffer Overflow in DBMS_LOGREP_UTIL.GET_OBJECT_NAME Steven M. Christey (Jan 25)
stormhacker
Easy Banner Pro Version 2.8 <= Remote File Inclusion stormhacker (Jan 09)
str0ke
Re: [Full-disclosure] simplog 0.9.3.2 SQL injection str0ke (Jan 02)
Re: phpCOIN <= RC-1 (modules/mail/index.php) Remote File Include Vulnerability str0ke (Jan 25)
subere
OWASP JBroFuzz 0.4 Fuzzer Released! subere (Jan 31)
support
The certification password of Internet Explorer 7 and operation of auto complete support (Jan 25)
Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]
Re: SAP Security Contact Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] (Jan 11)
Sven . Czaja
VLC Format String Vulnerability also in XINE Sven . Czaja (Jan 10)
sven . vetsch
Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous sven . vetsch (Jan 03)
Team SHATTER
Oracle Buffer Overflows in DBMS_CAPTURE_ADM_INTERNAL Team SHATTER (Jan 25)
Oracle Multiple Buffer Overflows and DoS attacks in public procedures of MDSYS.MD Team SHATTER (Jan 25)
Oracle Buffer Overflow in DBMS_DRS.GET_PROPERTY Team SHATTER (Jan 25)
Oracle Buffer Overflow in DBMS_LOGREP_UTIL.GET_OBJECT_NAME Team SHATTER (Jan 25)
Oracle Buffer Overflow in DBMS_LOGMNR.ADD_LOGFILE Team SHATTER (Jan 24)
Oracle Buffer Overflow in DBMS_REPCAT_UNTRUSTED.UNREGISTER_SNAPSHOT Team SHATTER (Jan 24)
ted
Re: CMS Made Simple non-permanent XSS ted (Jan 19)
temp0_123
Re: WMF CreateBrushIndirect vulnerability (DoS) temp0_123 (Jan 16)
teracci2002
Movable Type <= 3.33 XSS Exploit teracci2002 (Jan 26)
The Anarcat
Re: Universal XSS with PDF files: highly dangerous The Anarcat (Jan 09)
The Fungi
Re: Perforce client: security hole by design The Fungi (Jan 08)
thesinoda
A Major design Bug in Camouflage 1.2.1 (latest) thesinoda (Jan 10)
Cracking Steganography Application in less than ONE minute thesinoda (Jan 08)
A Major design Bug in Steganography 1.7.x, 1.8 (latest) (Updated Version) thesinoda (Jan 10)
the . tiger100
RANDOM PHP QUOTE 1.0 (pwd.txt) Remote Password Disclosur the . tiger100 (Jan 23)
subscribe (pwd.txt) Remote Password Disclosur the . tiger100 (Jan 23)
Thierry Zoller
Re: Dexia website security alert Thierry Zoller (Jan 29)
Re: Universal XSS with PDF files: highly dangerous Thierry Zoller (Jan 04)
23C3 - Bluetooth hacking revisted [Summary and Code] Thierry Zoller (Jan 04)
Re: FON Router allows anonymous web access Thierry Zoller (Jan 08)
Thomas Biege
SUSE Security Announcement: xine (SUSE-SA:2007:013) Thomas Biege (Jan 23)
SUSE Security Announcement: squid (SUSE-SA:2007:012) Thomas Biege (Jan 23)
thorben schroeder
cisco nac bypass vulnerability - cisco trust agent thorben schroeder (Jan 08)
Thor (Hammer of God)
Re: SAP Security Contact Thor (Hammer of God) (Jan 10)
Re: SAP Security Contact Thor (Hammer of God) (Jan 06)
Tim Newsham
Re: [Full-disclosure] iDefense Q-1 2007 Challenge Tim Newsham (Jan 17)
Tino Wildenhain
Re: PHP as a secure language? PHP worms? [was: Re: new linux malware] Tino Wildenhain (Jan 01)
Tom Spector
RE: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Tom Spector (Jan 09)
Tom Stripling
RE: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Tom Stripling (Jan 09)
Tom Yu
MITKRB5-SA-2006-002: kadmind (via RPC lib) calls uninitialized function pointer Tom Yu (Jan 09)
MITKRB5-SA-2006-003: kadmind (via GSS-API lib) frees uninitialized pointers Tom Yu (Jan 09)
Troy Bollinger
Re: [Full-disclosure] Multiple OS kernel insecure handling of stdio file descriptor Troy Bollinger (Jan 22)
Trustix Security Advisor
TSLSA-2007-0003 - multi Trustix Security Advisor (Jan 19)
trzindan
gnopaste <= 0.5.3 (index.php) Remote File Include Vulnerability trzindan (Jan 29)
Atsphp 5.0.1 [Top Sites] [index.php] - Remote File Include trzindan (Jan 30)
Open Conference Systems = 2.8.2 Remote File Inclusion trzindan (Jan 27)
EncapsCMS 0.3.6 (common_foot.php) Remote File Include trzindan (Jan 30)
local Calendar System v1.1 (lcStdLib.inc) Remote File Include trzindan (Jan 27)
umutc4n
PhP Generic library & framework (include_path) Remote File Include Exploit umutc4n (Jan 30)
Uwe Hermann
[DRUPAL-SA-2007-002] Drupal 4.6.11 / 4.7.5 fixes DoS issue Uwe Hermann (Jan 05)
[DRUPAL-SA-2007-001] Drupal 4.6.11 / 4.7.5 fixes XSS issue Uwe Hermann (Jan 05)
[DRUPAL-SA-2007-005] Drupal 4.7.6 / 5.1 fixes arbitrary code execution issue Uwe Hermann (Jan 30)
VMware Security team
VMware ESX server security updates VMware Security team (Jan 10)
vulnpost-remove
[vuln.sg] PowerArchiver PAISO.DLL Buffer Overflow Vulnerability vulnpost-remove (Jan 04)
Warner Moore
FW: [cacti-announce] Cacti 0.8.6j Released Warner Moore (Jan 18)
wihl
Re: SoftArtisans FileUp(TM) viewsrc.asp remote script source disclosure exploit wihl (Jan 02)
William A. Rowe, Jr.
Re: a cheesy Apache / IIS DoS vuln (+a question) William A. Rowe, Jr. (Jan 04)
Re: a cheesy Apache / IIS DoS vuln (+a question) William A. Rowe, Jr. (Jan 09)
Re: a cheesy Apache / IIS DoS vuln (+a question) William A. Rowe, Jr. (Jan 04)
Williams, James K
[CAID 34955, 34956, 34957, 34958, 34959, 34817]: CA BrightStor ARCserve Backup Multiple Overflow Vulnerabilities Williams, James K (Jan 12)
[CAID 34818]: CA Personal Firewall Multiple Privilege Escalation Vulnerabilities Williams, James K (Jan 25)
[CAID 34993]: CA BrightStor ARCserve Backup for Laptops and Desktops Multiple Overflow Vulnerabilities Williams, James K (Jan 24)
CA BrightStor ARCserve Backup Tape Engine Exploit Security Notice Williams, James K (Jan 09)
XFOCUS Security Team
Multiple OS kernel insecure handling of stdio file descriptor XFOCUS Security Team (Jan 18)
xorontr
NUNE News Script (custom_admin_path) Remote File Include Vulnerablity xorontr (Jan 08)
Xero Portal v1.2 (phpbb_root_path) Remote File Include Vulnerablity xorontr (Jan 25)
xx_hack_xx_2004
XSS in Guestbook ( v.4.00 beta ) xx_hack_xx_2004 (Jan 22)
Full Path Disclosure in Open-Realty ( v2.3.4 ) xx_hack_xx_2004 (Jan 22)
SQL Injection in Unique Ads ( UDS ) xx_hack_xx_2004 (Jan 22)
XSS in 212cafeBoard ( Verision 0.08 & 6.30 Beta ) xx_hack_xx_2004 (Jan 22)
y3dips
[ECHO_ADV_62$2007] Upload Service 1.0 remote file inclusion y3dips (Jan 23)
[ECHO_ADV_63$2007] Cadre remote file inclusion y3dips (Jan 31)
yorn
Re: PHPKit 1.6.1 RC2 (faq/faq.php) Remote SQL Injection Exploit yorn (Jan 09)
zck zck
Adobe ColdFusion Information Disclosure zck zck (Jan 23)
zdi-disclosures
ZDI-07-001: QUALCOMM Eudora WorldMail Remote Management Heap Overflow Vulnerability zdi-disclosures (Jan 05)
ZDI-07-005: Sun Microsystems Java GIF File Parsing Memory Corruption Vulnerability zdi-disclosures (Jan 17)
ZDI-07-004: CA BrightStor ARCserve Backup Tape Engine Buffer Overflow Vulnerability zdi-disclosures (Jan 11)
ZDI-07-002: CA BrightStor ARCserve Backup Tape Engine Code Execution Vulnerability zdi-disclosures (Jan 11)
ZDI-07-003: CA BrightStor ARCserve Backup Message Engine Buffer Overflow Vulnerability zdi-disclosures (Jan 11)
ZDI-07-006: Citrix Metaframe Presentation Server Print Provider Buffer Overflow Vulnerability zdi-disclosures (Jan 24)
zooz_998
PHPIrc_bot <= Remote File Include zooz_998 (Jan 01)
OpenPinboard <= Remote File Include zooz_998 (Jan 03)