Bugtraq: by thread
323 messages
starting Apr 01 08 and
ending Apr 30 08
Date index |
Thread index |
Author index
- iDefense Security Advisory 03.31.08: Macrovision InstallShield InstallScript One-Click Install Untrusted Library Loading Vulnerability iDefense Labs (Apr 01)
- EasyNews-40tr Multiple Remote Vulnerabilities (SQL Injection Exploit/XSS/LFI) irancrash (Apr 01)
- [SECURITY] [DSA 1536-1] New libxine packages fix several vulnerabilities Thijs Kinkhorst (Apr 01)
- CAU-2008-0001 - Slowly Closing Door Race Condition I)ruid (Apr 01)
- Terracotta Personal Edition Multiple vulnerabilities joseph . giron13 (Apr 01)
- cevado technologies real estate CMS SQL injection joseph . giron13 (Apr 01)
- [SECURITY] [DSA 1533-2] New exiftags packages fix several vulnerabilities Devin Carraway (Apr 01)
- TCP/IP security vulnerability disclosed J. Oquendo (Apr 01)
- [ GLSA 200804-01 ] CUPS: Multiple vulnerabilities Robert Buchholz (Apr 01)
- Re: Internet explorer 7.0 spoofing Razi Shaban (Apr 01)
- <Possible follow-ups>
- Re: Re: Internet explorer 7.0 spoofing w0lfd33m (Apr 01)
- RE: Internet explorer 7.0 spoofing Darth Jedi (Apr 02)
- Re: Re: Re: Internet explorer 7.0 spoofing jplopezy (Apr 02)
- RE: Internet explorer 7.0 spoofing Mike Diaz (Apr 02)
- Re: Hamachi Password Disclosure Vulnerability anonymous (Apr 01)
- Writers Block SQL Injection Vulnerabilities nebelfrost23 (Apr 02)
- HPSBMA02317 SSRT080026 rev.1 - HP Select Identity Software, Gain Unauthorized Access security-alert (Apr 02)
- Datalife Engine 6.7 XSRF irancrash (Apr 02)
- [USN-597-1] OpenSSH vulnerability Kees Cook (Apr 02)
- HPSBTU02325 SSRT080006 rev.1 - HP Internet Express for Tru64 UNIX running PostgreSQL, Arbitrary Code Execution, Privilege Elevation, or Denial of Service (DoS) security-alert (Apr 02)
- ANNOUNCE: Apache-SSL security release - apache_1.3.41+ssl_1.59 Adam Laurie (Apr 02)
- Directory traversal in LANDesk Management Suite 8.80.1.1 Luigi Auriemma (Apr 02)
- [ MDVSA-2008:081 ] - Updated CUPS packages fix multiple vulnerabilities security (Apr 02)
- [SECURITY] [DSA 1537-1] New xpdf packages fix multiple vulnerabilities Devin Carraway (Apr 03)
- [ GLSA 200804-02 ] bzip2: Denial of Service Pierre-Yves Rofes (Apr 03)
- Webwasher Denial of Service Vulnerability security (Apr 03)
- [USN-588-2] MySQL regression Jamie Strandboge (Apr 03)
- [USN-598-1] CUPS vulnerabilities Jamie Strandboge (Apr 03)
- Vulnerabilities in kses-based HTML filters lpilorz (Apr 03)
- Joomla Component com_lms SQL Injection no-reply (Apr 03)
- Recon 2008 CFP last call, early registration open Recon Conference (Apr 03)
- Parallels virtuozzo's VZPP multiple csrf vulnerabilities poplix (Apr 03)
- Cisco Security Advisory: Cisco Unified Communications Disaster Recovery Framework Command Execution Vulnerability Cisco Systems Product Security Incident Response Team (Apr 03)
- POC2008 call for papers pocadm (Apr 03)
- ZDI-08-014: Apple Quicktime Multiple Opcode Memory Corruption Vulnerabilities zdi-disclosures (Apr 04)
- ZDI-08-018: Apple QuickTime Run Length Encoding Heap Overflow Vulnerability zdi-disclosures (Apr 04)
- Medium security hole affecting Festival on Debian unstable/testing and Ubuntu Hardy Heron Tim Brown (Apr 04)
- ZDI-08-016: Apple QuickTime MP4A Atom Parsing Heap Corruption Vulnerability zdi-disclosures (Apr 04)
- ZDI-08-015: Apple QuickTime Clipping Region Heap Overflow Vulnerability zdi-disclosures (Apr 04)
- ZDI-08-017: Apple QuickTime Kodak Encoding Heap Overflow Vulnerability zdi-disclosures (Apr 04)
- CA Alert Notification Server Multiple Vulnerabilities Williams, James K (Apr 04)
- iDefense Security Advisory 04.02.08: Symantec Internet Security 2008 ActiveDataInfo.LaunchProcess Design Error Vulnerability iDefense Labs (Apr 04)
- ZDI-08-019: Apple QuickTime Malformed VR obji Atom Parsing Memory Corruption Vulnerability zdi-disclosures (Apr 04)
- CA ARCserve Backup for Laptops and Desktops Server and CA Desktop Management Suite Multiple Vulnerabilities Williams, James K (Apr 04)
- KwsPHP Module ConcoursPhoto XSS hsx (Apr 04)
- [security bulletin] HPSBMA02323 SSRT080032 rev.1 - HP USB Floppy Drive Key (Option) for ProLiant Servers, Local Virus Infection security-alert (Apr 04)
- CORE-2008-0314 - Orbit Downloader "Download failed" buffer overflow CORE Security Technologies Advisories (Apr 04)
- iDefense Security Advisory 04.03.08: SCO UnixWare pkgadd Directory Traversal Vulnerability iDefense Labs (Apr 04)
- iDefense Security Advisory 04.02.08: Symantec Norton Internet Security 2008 ActiveX Control Buffer Overflow Vulnerability iDefense Labs (Apr 04)
- iDefense Security Advisory 04.03.08: Computer Associates Alert Notification Service Multiple RPC Buffer Overflow Vulnerabilities iDefense Labs (Apr 04)
- [SECURITY] [DSA 1539-1] New mapserver packages fix multiple vulnerabilities Devin Carraway (Apr 04)
- [SECURITY] [DSA 1538-1] New alsaplayer packages fix arbitrary code execution Devin Carraway (Apr 04)
- rPSA-2008-0136-1 cups rPath Update Announcements (Apr 04)
- rPSA-2008-0138-1 tshark wireshark rPath Update Announcements (Apr 04)
- rPSA-2008-0139-1 gnome-ssh-askpass openssh openssh-client openssh-server rPath Update Announcements (Apr 04)
- F5 BIG-IP Management Interface Perl Injection nnposter (Apr 05)
- TheGreenBowVPN, Login Credentials Disclosure evilcry (Apr 05)
- Blogator-script 0.95 Change User Password Vulnerbility hadihadi_zedehal_2006 (Apr 05)
- [ GLSA 200804-03 ] OpenSSH: Privilege escalation Robert Buchholz (Apr 05)
- Alkacon OpenCms sessions.jsp searchfilter XSS nnposter (Apr 05)
- <Possible follow-ups>
- Re: Alkacon OpenCms sessions.jsp searchfilter XSS a . westtermann (Apr 10)
- Blogator-script 0.95 SQL Injection Vulnerbility hadihadi_zedehal_2006 (Apr 05)
- [ GLSA 200804-05 ] NX: User-assisted execution of arbitrary code Robert Buchholz (Apr 07)
- openMosix userspace library stack-based buffer overflow jose (Apr 07)
- <Possible follow-ups>
- Re: openMosix userspace library stack-based buffer overflow nixpanic (Apr 10)
- Tumbleweed SecureTransport FileTransfer ActiveX Control Buffer Overflow Patrick Webster (Apr 07)
- Wikepage Opus 13 2007.2 Directory Traversal Vulnerbility virangar_nml (Apr 07)
- <Possible follow-ups>
- Re: Wikepage Opus 13 2007.2 Directory Traversal Vulnerbility yeppy (Apr 08)
- CDNetworks Nefficient Download(NeffyLauncher.dll) Vulnerabilities Simon Ryeo (Apr 07)
- [SECURITY] [DSA 1540-1] New lighttpd packages fix denial of service Steve Kemp (Apr 07)
- [ GLSA 200804-06 ] UnZip: User-assisted execution of arbitrary code Robert Buchholz (Apr 07)
- [ GLSA 200804-04 ] MySQL: Multiple vulnerabilities Robert Buchholz (Apr 07)
- Attack Technique: File Download Injection Jeff Williams (Apr 07)
- Multiple vulnerabilities in HP OpenView NNM 7.53 Luigi Auriemma (Apr 07)
- <Possible follow-ups>
- Re: Multiple vulnerabilities in HP OpenView NNM 7.53 Luigi Auriemma (Apr 08)
- Swiki 1.5 Multiple Cross-Site Scripting Vulnerabilities brad . antoniewicz (Apr 08)
- [security bulletin] HPSBMA02327 SSRT071455 rev.1 - HP Integrity Servers iLO-2 Management Processors (iLO-2 MP), Denial of Service (DoS) security-alert (Apr 08)
- WoltLab(R) Community Framework XSS and Full Path Disclosure Vulnerability Jessica Hope (Apr 08)
- licq remote DoS? Milen Rangelov (Apr 08)
- Re: licq remote DoS? 3APA3A (Apr 10)
- <Possible follow-ups>
- Re: Re: licq remote DoS? mrangelov (Apr 10)
- Wayport Public Access PC Authentication Bypass Weakness Pascal Cretain (Apr 08)
- New tool released : Syslog Fuzzer jaime . blasco (Apr 08)
- Microsoft Windows DNS Stub Resolver Cache Poisoning (MS08-020) Amit Klein (Apr 08)
- [security bulletin] [security bulletin] HPSBST02318 SSRT080018 rev.1 - HP Storage Essentials Software, Remote Unauthorized Access to Data security-alert (Apr 08)
- [security bulletin] HPSBMA02242 SSRT061260 rev.3 - HP OpenView Network Node Manager (OV NNM) Running Shared Trace Service, Remote Arbitrary Code Execution security-alert (Apr 08)
- ZDI-08-020: Microsoft GDI WMF Parsing Heap Overflow Vulnerability zdi-disclosures (Apr 08)
- iDefense Security Advisory 04.08.08: Microsoft HxTocCtrl ActiveX Control Invalid Param Heap Corruption Vulnerability iDefense Labs (Apr 09)
- [SECURITY] [DSA 1541-1] New openldap2.3 packages fix denial of service Moritz Muehlenhoff (Apr 09)
- ZDI-08-021: Adobe Flash Player DeclareFunction2 Invalid Object Use Vulnerability zdi-disclosures (Apr 09)
- CAU-2008-0002: Microsoft Windows SharePoint Services Picture Source XSS I)ruid (Apr 09)
- SAP Netweaver 6.40-7.0 Cross-Site-Scripting jaime . blasco (Apr 09)
- Pu Arcade component for Joomla - SQL injection netmantis . com (Apr 09)
- [ GLSA 200804-07 ] PECL APC: Buffer Overflow Robert Buchholz (Apr 09)
- iDefense Security Advisory 04.08.08: Microsoft Windows Graphics Rendering Engine Integer Overflow Vulnerability iDefense Labs (Apr 09)
- [SECURITY] [DSA 1542-1] New libcairo packages fix arbitrary code execution Devin Carraway (Apr 09)
- [CVE-2007-5301] alsaplayer PoC - exploit Albert Sellarès (Apr 09)
- [SECURITY] [DSA 1543-1] New vlc packages fix several vulnerabilities Devin Carraway (Apr 09)
- [ MDVSA-2008:082 ] - Updated php-apc packages fix vulnerability security (Apr 09)
- [USN-599-1] Ghostscript vulnerability Jamie Strandboge (Apr 09)
- [SECURITY] [DSA 1544-1] New pdns-recursor packages fix cache poisoning vulnerability Florian Weimer (Apr 09)
- IOActive Security Advisory: Buffer overflow in Python zlib extension module Justin Ferguson (Apr 09)
- paFileDB 3.1 Remote SQL Injection noreply (Apr 10)
- [ MDVSA-2008:083 ] - Updated audit packages fix vulnerability security (Apr 10)
- [ GLSA 200804-08 ] lighttpd: Multiple vulnerabilities Tobias Heinlein (Apr 10)
- EUSecWest CFP Closes April 14th (conf May 21/22 2008) Dragos Ruiu (Apr 10)
- [ GLSA 200804-10 ] Tomcat: Multiple vulnerabilities Pierre-Yves Rofes (Apr 10)
- [SECURITY] [DSA 1545-1] New rsync packages fix arbitrary code execution Moritz Muehlenhoff (Apr 10)
- [ GLSA 200804-09 ] am-utils: Insecure temporary file creation Pierre-Yves Rofes (Apr 10)
- w2b.ru multiple products SQL Injection noreply (Apr 11)
- [USN-600-1] rsync vulnerability Kees Cook (Apr 11)
- iDefense Security Advisory 04.09.08: EMC DiskXtender File System Manager Stack Buffer Overflow Vulnerability iDefense Labs (Apr 11)
- [SECURITY] [DSA 1546-1] New gnumeric packages fix arbitrary code execution Devin Carraway (Apr 11)
- Borland InterBase 2007 "ibserver.exe" Buffer Overflow Vulnerability POC Liu Zhen Hua (Apr 11)
- iDefense Security Advisory 04.09.08: EMC DiskXtender MediaStor Format String Vulnerability iDefense Labs (Apr 11)
- iDefense Security Advisory 04.09.08: EMC DiskXtender Authentication Bypass Vulnerability iDefense Labs (Apr 11)
- WiKID wClient-PHP <= 3.0-2 Multiple XSS Vulnerabilities ascii (Apr 11)
- [ GLSA 200804-12 ] gnome-screensaver: Privilege escalation Raphael Marichez (Apr 11)
- [ GLSA 200804-11 ] policyd-weight: Insecure temporary file creation Robert Buchholz (Apr 11)
- Directory traversal and multiple Denials of Service in HP OpenView NNM 7.53 Luigi Auriemma (Apr 11)
- Trillian 3.1.9.0 DTD File Buffer Overflow david130490 (Apr 11)
- IOActive Security Advisory: Incorrect input validation in PyString_FromStringAndSize() leads to multiple buffer overflows Justin Ferguson (Apr 11)
- [ MDVSA-2008:084 ] - Updated rsync packages fix vulnerability security (Apr 12)
- DEF CON 16 Retro Announcement! Back to Bang! The Dark Tangent (Apr 12)
- <Possible follow-ups>
- DEF CON 16 Retro Announcement! Back to Bang! The Dark Tangent (Apr 14)
- Re: WoltLab(R) Community Framework WCF 1.0.6 marc . deroche (Apr 12)
- project announcement - oCERT - Open Source CERT Andrea Barisani (Apr 14)
- [oCERT-2008-003] libpng zero-length chunks incorrect handling Andrea Barisani (Apr 14)
- Secunia Research: Adobe Flash Player "Declare Function (V7)" Heap Overflow Secunia Research (Apr 14)
- Secunia Research: Lotus Notes kvdocve.dll Path Processing Buffer Overflow Secunia Research (Apr 14)
- OneSecurityDay 2008 - Web application auditing challenge bugtraq (Apr 14)
- Secunia Research: activePDF DocConverter Folio Flat File Parsing Buffer Overflows Secunia Research (Apr 14)
- Secunia Research: Lotus Notes htmsr.dll Buffer Overflows Secunia Research (Apr 14)
- Secunia Research: Autonomy Keyview Folio Flat File Parsing Buffer Overflows Secunia Research (Apr 14)
- Secunia Research: Symantec Mail Security Folio Flat File Parsing Buffer Overflows Secunia Research (Apr 14)
- Secunia Research: Lotus Notes Applix Graphics Parsing Vulnerabilities Secunia Research (Apr 14)
- DOINGSOFT-2008-03-10-001 - XSS issue in BOXiR2 Sebastien gioria (Apr 14)
- Secunia Research: Lotus Notes Folio Flat File Parsing Buffer Overflows Secunia Research (Apr 14)
- Secunia Research: Lotus Notes EML Reader Buffer Overflows Secunia Research (Apr 14)
- Secunia Research: HP OpenView Network Node Manager OpenView5.exe Directory Traversal Secunia Research (Apr 14)
- Secunia Research: Autonomy Keyview Applix Graphics Parsing Vulnerabilities Secunia Research (Apr 14)
- Secunia Research: Autonomy Keyview EML Reader Buffer Overflows Secunia Research (Apr 14)
- Secunia Research: Symantec Mail Security Applix Graphics Parsing Vulnerabilities Secunia Research (Apr 14)
- Secunia Research: activePDF DocConverter Applix Graphics Parsing Vulnerabilities Secunia Research (Apr 14)
- Secunia Research: Internet Explorer Data Stream Handling Vulnerability Secunia Research (Apr 14)
- S21SEC-041-en:Cezanne SW Cross-Site Scripting S21sec labs (Apr 14)
- S21SEC-042-en:Cezanne SW Cross-Site Scripting (login required) S21sec labs (Apr 14)
- S21SEC-043-en:Cezanne SW Blind SQL Injection S21sec labs (Apr 14)
- Fones Clinic Mart SQL turkish-warriorr (Apr 14)
- [USN-601-1] Squid vulnerability Jamie Strandboge (Apr 14)
- Troopers08 Security Conference, April 23/24 (Munich/Germany) Enno Rey (Apr 15)
- [ GLSA 200804-15 ] libpng: Execution of arbitrary code Robert Buchholz (Apr 15)
- [ GLSA 200804-14 ] Opera: Multiple vulnerabilities Robert Buchholz (Apr 15)
- KwsPHP (Upload) Remote Code Execution Exploit ajax (Apr 15)
- [ GLSA 200804-13 ] Asterisk: Multiple vulnerabilities Robert Buchholz (Apr 15)
- Dotclear 'ecrire/images.php' Arbitrary File Upload Vulnerability Morgan ARMAND (Apr 15)
- [ MDVSA-2008:085 ] - Updated python packages fix arbitrary code execution vulnerability security (Apr 15)
- BosNews v4.0 Remote add user admin houssamix (Apr 15)
- clamav: Endless loop / hang with crafter arj, CVE-2008-1387 Hanno Böck (Apr 15)
- BosNews 2002-2006 Remote add user admin houssamix (Apr 15)
- Re: Secunia Research: Lotus Notes Folio Flat File Parsing Buffer Overflows Luigi Auriemma (Apr 15)
- [ MDVSA-2008:086 ] - Updated kernel packages fix vulnerability security (Apr 15)
- <Possible follow-ups>
- [ MDVSA-2008:086 ] - Updated kernel packages fix vulnerability security (Apr 15)
- [SECURITY] [DSA 1540-2] New lighttpd packages fix denial of service Steve Kemp (Apr 15)
- Koobi CMS 4.2.4/4.2.5/4.3.0 Multiple Remote SQL Injection Vulnerabilities sys-project (Apr 15)
- WordPress 2.5 - Salt cracking vulnerability J. Carlos Nieto (Apr 15)
- Koobi Pro 6.25 poll Remote SQL Injection Vulnerability Sabun (Apr 15)
- remote file include win32 . exe (Apr 15)
- <Possible follow-ups>
- remote file include win32 . exe (Apr 15)
- iDefense Security Advisory 04.14.08: ClamAV libclamav PE WWPack Heap Overflow Vulnerability iDefense Labs (Apr 15)
- DIVX Player <= 6.7.0 Buffer Overflow PoC ( .SRT ) securfrog (Apr 15)
- Oracle - SQL Injection in package SDO_GEOM [DB06] ak (Apr 16)
- Carbon Communities forum Multiple Vulnerabilities. admin (Apr 16)
- BigAnt Server 2.2 PreAuth Remote SEH Overflow Exploit (0day) admin (Apr 16)
- <Possible follow-ups>
- Re: BigAnt Server 2.2 PreAuth Remote SEH Overflow Exploit (0day) m . memelli (Apr 17)
- VMSA-2008-0007 Moderate Updated Service Console packages pcre, net-snmp, and OpenPegasus VMware Security team (Apr 16)
- Oracle - SQL Injection in package SDO_IDX [DB07] ak (Apr 16)
- Oracle - SQL Injection Vulnerability in SDO_UTIL [DB05] ak (Apr 16)
- [INFIGO-2008-04-08]: ICQ 6 remote buffer overflow vulnerability infocus (Apr 16)
- Oracle - Hardcoded Password and Password Reset of OUTLN User [DB13] ak (Apr 16)
- Cisco Security Advisory: Cisco Network Admission Control Shared Secret Vulnerability Cisco Systems Product Security Incident Response Team (Apr 16)
- CA DSM gui_cm_ctrls ActiveX Control Vulnerability Williams, James K (Apr 16)
- iDefense Security Advisory 04.09.08: IBM DB2 Universal Database Administration Server File Creation Vulnerability iDefense Labs (Apr 16)
- iDefense Security Advisory 04.09.08: IBM DB2 Universal Database db2dasStartStopFMDaemon Buffer Overflow Vulnerability iDefense Labs (Apr 16)
- iDefense Security Advisory 04.15.08: Oracle Application Express Privilege Escalation Vulnerability iDefense Labs (Apr 16)
- Re: PHPSlideShow (toonchapter8.php) Cross-Site Scripting Vulnerability contact (Apr 16)
- Classifieds Caffe (index.php cat_id) Remote SQL Injection sys-project (Apr 16)
- ZDI-08-022: Apple Safari WebKit PCRE Handling Integer Overflow Vulnerability zdi-disclosures (Apr 16)
- FreeBSD Security Advisory FreeBSD-SA-08:05.openssh FreeBSD Security Advisories (Apr 17)
- [ MDVSA-2008:087 ] - Updated policykit package fixes format string vulnerability security (Apr 17)
- [oCERT-2008-004] multiple speex implementations insufficient boundary checks Andrea Barisani (Apr 17)
- [SECURITY] [DSA 1547-1] New OpenOffice.org packages fix arbitrary code execution Martin Schulze (Apr 17)
- [ GLSA 200804-16 ] rsync: Execution of arbitrary code Robert Buchholz (Apr 17)
- [ GLSA 200804-17 ] Speex: User-assisted execution of arbitrary code Robert Buchholz (Apr 17)
- [ GLSA 200804-18 ] Poppler: User-assisted execution of arbitrary code Robert Buchholz (Apr 17)
- [security bulletin] HPSBMA02133 SSRT061201 rev.8 - HP Oracle for OpenView (OfO) Critical Patch Update security-alert (Apr 17)
- [security bulletin] HPSBST02329 SSRT080048 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-018 to MS08-025 security-alert (Apr 17)
- [security bulletin] HPSBMA02328 SSRT071293 rev.2 - HP OpenView Network Node Manager (OV NNM) Running Apache, Remote Cross Site Scripting (XSS), Denial of Service (DoS), Execute Arbitrary Code security-alert (Apr 17)
- Microsoft Works 7 WkImgSrv.dll crash POC wsn1983 (Apr 17)
- Announcement - DeepSec Conference 2008, Nov 11-14 2008 DeepSec Conference (Apr 17)
- [SECURITY] [DSA 1548-1] New xpdf packages fix arbitrary code exitution Devin Carraway (Apr 17)
- [USN-603-1] poppler vulnerability Kees Cook (Apr 17)
- [USN-603-2] KOffice vulnerability Kees Cook (Apr 17)
- [SECURITY] [DSA 1549-1] New clamav packages fix several vulnerabilities Moritz Muehlenhoff (Apr 17)
- Re: [Full-disclosure] Secunia Research: Lotus Notes Folio Flat File Parsing Buffer Overflows Juha-Matti Laurio (Apr 17)
- [SECURITY] [DSA 1550-1] New suphp packages fix local privilege escalation Moritz Muehlenhoff (Apr 17)
- iDefense Security Advisory 04.17.08: Multiple Vendor OpenOffice OLE DocumentSummaryInformation Heap Overflow Vulnerability iDefense Labs (Apr 18)
- iDefense Security Advisory 04.17.08: Multiple Vendor OpenOffice EMF EMR_BITBLT Record Integer Overflow Vulnerability iDefense Labs (Apr 18)
- iDefense Security Advisory 04.17.08: Multiple Vendor OpenOffice QPRO Multiple Heap Overflow Vulnerabilities iDefense Labs (Apr 18)
- iDefense Security Advisory 04.17.08: Multiple Vendor OpenOffice QPRO File Parsing Integer Underflow Vulnerability iDefense Labs (Apr 18)
- [ GLSA 200804-19 ] PHP Toolkit: Data disclosure and Denial of Service Robert Buchholz (Apr 18)
- [ MDVSA-2008:088 ] - Updated clamav packages fix multiple vulnerabilities security (Apr 18)
- [ MDVSA-2008:089 ] - Updated poppler packages fix vulnerability security (Apr 18)
- BitTorrent Clients and CSRF th3 . r00k . nospam (Apr 18)
- [ GLSA 200804-20 ] Sun JDK/JRE: Multiple vulnerabilities Robert Buchholz (Apr 18)
- 5th avenue Shopping Cart SQL Injection noreply (Apr 18)
- LightNEasy v.1.2.2 flat Multiple Vulnerabilities darkz . gsa (Apr 18)
- [ GLSA 200804-21 ] Adobe Flash Player: Multiple vulnerabilities Robert Buchholz (Apr 18)
- Wikepage Wiki v.2007-2 Cross-Site Scripting darkz . gsa (Apr 18)
- Team SHATTER Security Advisory: Multiple DoS in JAR files manipulation procedures Team SHATTER (Apr 18)
- Team SHATTER Security Advisory: IBM DB2 UDB Arbitrary file overwrite in SYSPROC.NNSTAT procedure Team SHATTER (Apr 18)
- [ GLSA 200804-22 ] PowerDNS Recursor: DNS Cache Poisoning Robert Buchholz (Apr 18)
- Team SHATTER Security Advisory: IBM DB2 UDB Arbitrary code execution in ADMIN_SP_C/ADMIN_SP_C2 procedures Team SHATTER (Apr 18)
- ANNOUNCE: RFIDIOt-0.1s release (now available for Windows) Adam Laurie (Apr 18)
- [SECURITY] [DSA 1551-1] New python2.4 packages fix several vulnerabilities Moritz Muehlenhoff (Apr 19)
- [SECURITY] [DSA 1552-1] New mplayer packages fix arbitrary code execution Moritz Muehlenhoff (Apr 19)
- Token Kidnapping (Microsoft Security Advisory 951306) presentation available Cesar (Apr 19)
- Deciphering the Simple Machines Forum audio Captcha Michael . Brooks . SPAM (Apr 21)
- Acidcat CMS Multiple Vulnerabilities admin (Apr 21)
- SyScan'08 Singapore - Call for Paper organiser () syscan org (Apr 21)
- [ MDVSA-2008:090 ] - Updated OpenOffice.org packages fix vulnerabilities security (Apr 21)
- Deciphering the PHP-Nuke Capthca Michael . Brooks . SPAM (Apr 21)
- [SECURITY] [DSA 1553-1] New ikiwiki packages fix cross-site request forgery Florian Weimer (Apr 21)
- IRM Security Advisory : RedDot CMS SQL injection vulnerability Mark Crowther (Apr 21)
- Powered by gCards v1.46 SQL turkish-warriorr (Apr 21)
- Re: Powered by gCards v1.46 SQL packet (Apr 21)
- [ GLSA 200804-23 ] CUPS: Integer overflow vulnerability Matthias Geerdsen (Apr 21)
- Re: Re: Smf 1.1.4 Remote File Inclusion Vulnerabilities douchbag (Apr 21)
- [ GLSA 200804-24 ] DBmail: Data disclosure Matthias Geerdsen (Apr 21)
- Sea-Surfing on the Motorola Surfboard th3 . r00k . nospam (Apr 21)
- ANNOUNCE: Security Implications of Windows Access Tokens Whitepaper luke . jennings (Apr 21)
- Xoops All Version -Articles- Article.PHP (ID) Blind SQL Injection ExpL0it crazy_kinq (Apr 21)
- [USN-602-1] Firefox vulnerabilities Jamie Strandboge (Apr 22)
- [USN-604-1] Gnumeric vulnerability Kees Cook (Apr 22)
- Cross site scripting issues in s9y (CVE-2008-1386, CVE-2008-1387) Hanno Böck (Apr 22)
- Safari 3.1.1 Multiple Vulnerabilities for windows jplopezy (Apr 22)
- Firefox 3.0 beta 5 crash jplopezy (Apr 22)
- Re: Firefox 3.0 beta 5 crash Gianluca Borello (Apr 22)
- Re: Firefox 3.0 beta 5 crash Mauro Faccenda (Apr 26)
- Re: Firefox 3.0 beta 5 crash (Slightly unrelated) Skratz0r (Apr 26)
- Re: Firefox 3.0 beta 5 crash Gianluca Borello (Apr 22)
- [SECURITY] [DSA 1554-1] New roundup packages fix cross-site scripting vulnerability Noah Meyerhans (Apr 22)
- Default key algorithm in Thomson and BT Home Hub routers Adrian Pastor (Apr 22)
- <Possible follow-ups>
- Re: Default key algorithm in Thomson and BT Home Hub routers ap (Apr 23)
- AST-2008-006 - 3-way handshake in IAX2 incomplete Security Officer (Apr 23)
- LayerOne 2008 - Final Pre-Con Update Layer One (Apr 23)
- Horde Webmail XSS [Aria-Security] noreply (Apr 23)
- NetClassifieds Sql Injection noreply (Apr 23)
- <Possible follow-ups>
- Re: NetClassifieds Sql Injection laurent . gaffie (Apr 23)
- Zune software - arbitrary file overwrite info (Apr 23)
- [ GLSA 200804-25 ] VLC: User-assisted execution of arbitrary code Robert Buchholz (Apr 23)
- [SECURITY] [DSA 1555-1] New iceweasel packages fix arbitrary code execution Moritz Muehlenhoff (Apr 23)
- [ GLSA 200804-26 ] Openfire: Denial of Service Robert Buchholz (Apr 23)
- PR07-43: Cross-domain redirect on RSA Authentication Agent ProCheckUp Research (Apr 23)
- PR07-44: XSS on RSA Authentication Agent login page ProCheckUp Research (Apr 23)
- [W01-0408] Realtek HD Audio Codec Drivers (Vista) - Local Privilege Escalation vulns (Apr 23)
- xine-lib NES Sound Format Demuxer Buffer Overflow laurent . gaffie (Apr 23)
- Re: xine-lib NES Sound Format Demuxer Buffer Overflow Guido Landi (Apr 24)
- [ GLSA 200804-28 ] JRockit: Multiple vulnerabilities Tobias Heinlein (Apr 24)
- DDIVRT-2008-11 BadBlue uninst.exe DoS vulnerabilityresearch (Apr 24)
- Trillian 3.1 basic nick crash jplopezy (Apr 24)
- [ GLSA 200804-27 ] SILC: Multiple vulnerabilities Tobias Heinlein (Apr 24)
- A New Class of Vulnerability in Oracle: Lateral SQL Injection David Litchfield (Apr 24)
- HPSBGN02333 SSRT080031 rev.1 - HP Software Update HPeDiag Running on Windows, Remote Disclosure of Information and Execution of Arbitrary Code security-alert (Apr 24)
- [SECURITY] [DSA 1557-1] New phpmyadmin packages fix several vulnerabilities Thijs Kinkhorst (Apr 24)
- [SECURITY] [DSA 1556-1] New perl packages fix denial of service Florian Weimer (Apr 24)
- [SECURITY] [DSA 1534-2] New iceape packages fix regression Moritz Muehlenhoff (Apr 24)
- [SECURITY] [DSA 1558-1] New xulrunner packages fix arbitrary code execution Moritz Muehlenhoff (Apr 25)
- [ MDVSA-2008:091 ] - Updated wireshark packages fix denial of service vulnerabilities security (Apr 25)
- Lotus expeditor rcplauncher uri handler vulnerability Thomas Pollet (Apr 25)
- R.I.P. rgod ipsdix (Apr 25)
- <Possible follow-ups>
- Re: R.I.P. rgod blacklight (Apr 28)
- Re: R.I.P. rgod Christian Kujau (Apr 29)
- Message not available
- Re: R.I.P. rgod Christian Kujau (Apr 30)
- Re: R.I.P. rgod Christian Kujau (Apr 29)
- <Possible follow-ups>
- Re: Curious vulnerability in Excel 2007 jplopezy (Apr 26)
- Re: rPSA-2008-0151-1 libpng Liran Cohen (Apr 30)
- Re: heanet.dl.sourceforge.net hacked? Pieter de Boer (Apr 30)
- Re: heanet.dl.sourceforge.net hacked? Rainer Duffner (Apr 30)
- Re: heanet.dl.sourceforge.net hacked? Marshall Eubanks (Apr 30)
- <Possible follow-ups>
- Re: heanet.dl.sourceforge.net hacked? mirrors (Apr 30)
- Re: Re: heanet.dl.sourceforge.net hacked? securityfocus . com (Apr 30)