271 messages
starting Aug 01 08 and
ending Aug 30 08
Date index |
Thread index |
Author index
CORE-2008-0716 - Sun xVM VirtualBox Privilege Escalation Vulnerability CORE Security Technologies Advisories (Aug 04)
Xampp Linux 1.6.7 Multiple Cross Site Scripting Vulnerabilities irancrash (Aug 04)
8e6 Technologies R3000 Internet Filter Bypass with Host Decoy nnposter (Aug 05)
Plogger <= 3.0 SQL Injection GulfTech Security Research (Aug 05)
IGES CMS <=2.0 Multiple Vulnerabilities admin (Aug 05)
Pluck 4.5.2 Multiple Cross Site Scripting Vulnerabilities irancrash (Aug 05)
[ GLSA 200808-01 ] xine-lib: User-assisted execution of arbitrary code Robert Buchholz (Aug 06)
[ GLSA 200808-02 ] Net-SNMP: Multiple vulnerabilities Robert Buchholz (Aug 06)
[ GLSA 200808-03 ] Mozilla products: Multiple vulnerabilities Robert Buchholz (Aug 06)
[ GLSA 200808-04 ] Wireshark: Denial of Service Robert Buchholz (Aug 06)
rPSA-2008-0245-1 cups rPath Update Announcements (Aug 06)
rPSA-2008-0246-1 gaim rPath Update Announcements (Aug 06)
PHP-NUKE module Kleinanzeigen SQL injection (lid) lovebug (Aug 06)
MyClan Sql Injection r3d . w0rm (Aug 06)
Interesting things at sec-consult.com, DNS-whitepaper available tomorrow Bernhard Mueller (Aug 06)
CA Products That Embed Ingres Multiple Vulnerabilities Williams, James K (Aug 06)
Google Notebook and Google Bookmarks Cross Site Scripting Vulnerabilities alfredo . melloni (Aug 06)
Apache HTTP Server mod_proxy_ftp Wildcard Characters Cross-Site Scripting marc_bevand (Aug 06)
[ GLSA 200808-05 ] ISC DHCP: Denial of Service Tobias Heinlein (Aug 06)
[USN-635-1] xine-lib vulnerabilities Jamie Strandboge (Aug 06)
[ GLSA 200808-06 ] libxslt: Execution of arbitrary code Tobias Heinlein (Aug 06)
[security bulletin] HPSBUX02351 SSRT080058 rev.3 - HP-UX Running BIND, Remote DNS Cache Poisoning security-alert (Aug 06)
[security bulletin] HPSBUX02355 SSRT080023 rev.1 - HP-UX Using libc, Remote Denial of Service (DoS) security-alert (Aug 06)
OpenVMS fingerd remote stack overflow Shaun Colley (Aug 07)
Endless loop and resources consumption in Halo 1.0.7.0615 Luigi Auriemma (Aug 07)
Re: [Full-disclosure] [funsec] facebook messages worm Juha-Matti Laurio (Aug 07)
facebook messages worm Gadi Evron (Aug 07)
Whitepaper: DNS zone redelegation Bernhard Mueller (Aug 07)
[SE-2008-01] J2ME Security Vulnerabilities 2008 Security Explorations (Aug 07)
e107 <= 0.7.11 Arbitrary Variable Overwriting GulfTech Security Research (Aug 07)
[ MDVSA-2008:161 ] rxvt security (Aug 07)
[ MDVSA-2008:162 ] qemu security (Aug 08)
[ MDVSA-2008:163 ] python security (Aug 08)
[ MDVSA-2008:164 ] python security (Aug 08)
Re: [funsec] facebook messages worm Juha-Matti Laurio (Aug 08)
OpenID/Debian PRNG/DNS Cache poisoning advisory Ben Laurie (Aug 08)
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory "Hal Finney" (Aug 12)
[AJECT] NoticeWare IMAP Email Server 4.6.2 DoS vulnerability João Antunes (Aug 08)
Re: [OpenID] OpenID/Debian PRNG/DNS Cache poisoning advisory Gerald Beuchelt (Aug 08)
[AJECT] WinGate Email Server (IMAP) vulnerability João Antunes (Aug 08)
Vim: Unfixed Vulnerabilities in Tar Plugin Version 20 Jan Minář (Aug 08)
[ GLSA 200808-07 ] ClamAV: Multiple Denials of Service Raphael Marichez (Aug 08)
[ GLSA 200808-08 ] stunnel: Security bypass Raphael Marichez (Aug 08)
[DSECRG-08-035] Local File Include Vulnerability in Gallery 1.5.7, 1.6-alpha3 Digital Security Research Group [DSecRG] (Aug 08)
[ GLSA 200808-09 ] OpenLDAP: Denial of Service vulnerability Raphael Marichez (Aug 08)
New paper: An Illustrated Guide to the Kaminsky DNS Vulnerability Steve Friedl (Aug 08)
[security bulletin] HPSBUX02351 SSRT080058 rev.4 - HP-UX Running BIND, Remote DNS Cache Poisoning security-alert (Aug 09)
Kayako SupportSuite < 3.30.00 Multiple Vulnerabilities GulfTech Security Research (Aug 11)
[ GLSA 200808-10 ] Adobe Reader: User-assisted execution of arbitrary code Robert Buchholz (Aug 11)
Ovidentia Sql Injection r3d . w0rm (Aug 11)
[SECURITY] [DSA 1627-1] New PowerDNS packages reduce DNS spoofing risk Florian Weimer (Aug 11)
K-Links Directory Blind SQL Injection Exploit hadihadi_zedehal_2006 (Aug 11)
rPSA-2008-0249-1 openldap openldap-clients openldap-servers rPath Update Announcements (Aug 11)
[ GLSA 200808-11 ] UUDeview: Insecure temporary file creation Pierre-Yves Rofes (Aug 11)
rPSA-2008-0247-1 gvim vim vim-minimal rPath Update Announcements (Aug 11)
Apache Tomcat <= 6.0.18 UTF8 Directory Traversal Vulnerability emericboit (Aug 11)
Layered Defense Research Advisory: Alcatel-Lucent OmniSwitch products, Stack Buffer Overflow dh (Aug 12)
iDefense Security Advisory 08.04.08: Solaris snoop SMB Decoding Multiple Format String Vulnerabilities iDefense Labs (Aug 12)
[AJECT] hMailServer 4.4.1 DoS vulnerability João Antunes (Aug 12)
iDefense Security Advisory 08.04.08: Solaris snoop SMB Decoding Multiple Stack Buffer Overflow Vulnerabilities iDefense Labs (Aug 12)
Internet attacks against Georgian web sites Gadi Evron (Aug 12)
VMSA-2008-0013 Updated ESX packages for OpenSSL, net-snmp, perl VMware Security Team (Aug 12)
VMSA-2008-0012 Updated VirtualCenter addresses User Account Disclosure Vulnerability VMware Security Team (Aug 12)
rPSA-2008-0253-1 git gitweb rPath Update Announcements (Aug 12)
CA Host-Based Intrusion Prevention System SDK kmxfw.sys Multiple Vulnerabilities Williams, James K (Aug 12)
Re: [funsec] Internet attacks against Georgian web sites Paul Ferguson (Aug 12)
Surf Jack - HTTPS will not save you lists (Aug 12)
[security bulletin] HPSBUX02356 SSRT080051 rev.1 - HP-UX Running ftpd, Remote Privileged Access security-alert (Aug 12)
ZDI-08-048: Microsoft Excel COUNTRY Record Memory Corruption Vulnerability zdi-disclosures (Aug 13)
ZDI-08-051: Microsoft Internet Explorer Table Layout Memory Corruption Vulnerability zdi-disclosures (Aug 13)
ZDI-08-049: Microsoft Windows Graphics Rendering Engine PICT Heap Corruption zdi-disclosures (Aug 13)
iDefense Security Advisory 08.12.08: Microsoft Office BMP Input Filter Heap Overflow Vulnerability iDefense Labs (Aug 13)
[ MDVSA-2008:167 ] kernel security (Aug 13)
ZDI-08-050: Microsoft Internet Explorer XHTML Rendering Memory Corruption Vulnerability zdi-disclosures (Aug 13)
[ MDVSA-2008:166 ] clamav security (Aug 13)
Vim: Netrw: FTP User Name and Password Disclosure Jan Minář (Aug 13)
iDefense Security Advisory 08.12.08: Microsoft Office WPG Image File Heap Buffer Overflow Vulnerability iDefense Labs (Aug 13)
[TKADV2008-006] CA HIPS KmxFw.sys Kernel Memory Corruption Tobias Klein (Aug 13)
iDefense Security Advisory 08.12.08: Microsoft PowerPoint Viewer 2003 Out of Bounds Array Index Vulnerability iDefense Labs (Aug 13)
iDefense Security Advisory 08.12.08: Microsoft PowerPoint Viewer 2003 Cstring Integer Overflow Vulnerability iDefense Labs (Aug 13)
iDefense Security Advisory 08.12.08: Microsoft Excel Chart AxesSet Invalid Array Index Vulnerability iDefense Labs (Aug 13)
iDefense Security Advisory 08.12.08: Microsoft Excel FORMAT Record Invalid Array Index Vulnerability iDefense Labs (Aug 13)
iDefense Security Advisory 08.12.08: Microsoft Windows Color Management Module Heap Buffer Overflow Vulnerability iDefense Labs (Aug 13)
rPSA-2008-0243-1 idle python rPath Update Announcements (Aug 13)
Vim 7.2c.002 Fixes Arbitrary Command Execution when Handling Tar Archives Jan Minář (Aug 13)
NULL pointer in Ventrilo 3.0.2 Luigi Auriemma (Aug 13)
[security bulletin] HPSBTU02358 SSRT080058 rev.1 - HP Tru64 UNIX running BIND, Remote DNS Cache Poisoning security-alert (Aug 13)
CORE-2008-0103: Internet Explorer Zone Elevation Restrictions Bypass and Security Zone Restrictions Bypass CORE Security Technologies Advisories (Aug 13)
[ MDVSA-2008:170 ] cups security (Aug 14)
Microsoft Windows Messenger Remote Illegal Access Vulnerability cocoruder (Aug 14)
[ MDVSA-2008:168 ] stunnel security (Aug 14)
[security bulletin] HPSBOV02357 SSRT080058 rev.1 - HP OpenVMS TCP/IP Services running BIND, Remote DNS Cache Poisoning security-alert (Aug 14)
[ MDVSA-2008:169 ] hplip security (Aug 14)
Postfix local privilege escalation via hardlinked symlinks Wietse Venema (Aug 14)
SYM08-015_SFW_SecurityUpdateBypass Mike Prosser (Aug 14)
ZDI-08-053: Symantec Veritas Storage Foundation Scheduler Service NULL Session Authentication Bypass Vulnerability zdi-disclosures (Aug 14)
Security Assessment of the Internet Protocol Fernando Gont (Aug 14)
rPSA-2008-0255-1 freetype rPath Update Announcements (Aug 15)
[ GLSA 200808-12 ] Postfix: Local privilege escalation vulnerability Raphael Marichez (Aug 15)
Cisco Security Advisory: Vulnerability in Cisco WebEx Meeting Manager ActiveX Control Cisco Systems Product Security Incident Response Team (Aug 15)
Re: MicroWorld MailScan - Multiple Vulnerabilities within Admin-Webinterface oliver karow (Aug 15)
munky-bliki lfi r3d . w0rm (Aug 15)
Mambo 4.6.2 Full Version - Multiple Cross Site Scripting - By Khashayar Fereidani irancrash (Aug 15)
FlexCMS <= 2.5 Cross Site Scripting Vulnerability irancrash (Aug 15)
[ MDVSA-2008:171 ] postfix security (Aug 18)
[ MDVSA-2008:172 ] amarok security (Aug 18)
PHP Live Helper <= 2.0.1 Multiple Vulnerabilities GulfTech Security Research (Aug 18)
Tool: PorkBind v1.3 Nameserver Security Scanner (New Version) Derek Callaway (Aug 18)
Nokia 6131 NFC URI/URL Spoofing and DoS Advisory Collin R. Mulliner (Aug 18)
Re: ManageEngine Firewall Analyzer arbitrary file disclosure to authorized user Eder Wentz (Aug 18)
NewsHOWLER 1.03 Beta Cookie Handling Via Sql injection r3d . w0rm (Aug 18)
[DSECRG-08-036] Multiple Security Vulnerabilities in Freeway eCommerce 1.4.1.171 Digital Security Research Group [DSecRG] (Aug 18)
Ovidentia 6.6.5 XSS (index.php)‏ mostafa_ragab (Aug 18)
[security bulletin] HPSBMA02345 SSRT080039 rev.2 - HP System Management Homepage (SMH) for Linux and Windows, Remote Cross Site Scripting (XSS) security-alert (Aug 18)
[SECURITY] [DSA 1629-1] New postfix packages fix privilege escalation Thijs Kinkhorst (Aug 18)
[SECURITY] [DSA 1629-2] New postfix packages fix installability problem on i386 Thijs Kinkhorst (Aug 19)
[security bulletin] HPSBST02360 SSRT080117 rev.2 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-041 to MS08-051 security-alert (Aug 19)
Vanilla <= 1.1.4 Script Injection/ XSS GulfTech Security Research (Aug 19)
SunShop <= 4.1.4 SQL Injection GulfTech Security Research (Aug 19)
[ MDVSA-2008:173 ] kdegraphics security (Aug 19)
[USN-636-1] Postfix vulnerability Kees Cook (Aug 20)
[ MDVSA-2008:174 ] kernel security (Aug 20)
ToorCon 10 Call For Papers David Hulton (Aug 20)
Folder Lock <= 5.9.5 Local Password Information Disclosure glafkos (Aug 20)
[ MDVSA-2008:175 ] yelp security (Aug 21)
[ MDVSA-2008:176 ] mtr security (Aug 21)
IMF 2008 - Call for Participation Oliver Goebel (Aug 21)
CORE-2008-0624: Anzio Web Print Object Buffer Overflow CORE Security Technologies Advisories (Aug 21)
Null Byte Local file Inclusion in FAR - PHP Project version:1.0 beenudel1986 (Aug 21)
CORE-2008-0813 - vBulletin Cross Site Scripting Vulnerability CORE Security Technologies Advisories (Aug 21)
rPSA-2008-0259-1 postfix rPath Update Announcements (Aug 21)
[ MDVSA-2008:177 ] xine-lib security (Aug 21)
[ MDVSA-2008:178 ] xine-lib security (Aug 21)
UPDATE: [ GLSA 200804-22 ] PowerDNS Recursor: DNS Cache Poisoning Robert Buchholz (Aug 21)
[SECURITY] [DSA 1630-1] New Linux 2.6.18 packages fix several vulnerabilities dann frazier (Aug 21)
TimeTrex Time and Attendance Cookie Theft DoZ (Aug 21)
Contest: Best Advances for OpenVAS Network Vulnerability Tests Michael Wiegand (Aug 22)
PR08-20: Bypassing ASP .NET "ValidateRequest" for Script Injection Attacks ProCheckUp Research (Aug 22)
Call For Papers - Hackers 2 Hackers Conference 5th Edition - Brazil cfp (Aug 22)
[ MDVSA-2008:179 ] metisse security (Aug 22)
Vim: Arbitrary Code Execution in Commands: K, Control-], g] Jan Minář (Aug 22)
[ MDVSA-2008:180 ] libxml2 security (Aug 22)
Secunia Research: Trend Micro Products Web Management Authentication Bypass Secunia Research (Aug 22)
Fedora confirms: Our servers were breached Juha-Matti Laurio (Aug 22)
Apple OSX Leopard (10.5+), inadequate ACL insight can create vuln bgtrq . tryfixingit (Aug 22)
[oCERT-2008-008] multiple heap overflows in xine-lib Will Drewry (Aug 22)
[SECURITY] [DSA 1631-1] New libxml2 packages fix denial of service Steve Kemp (Aug 22)
OneNews Beta 2 Multiple Vulnerabilities crimson . loyd (Aug 23)
Secunia Research: Novell iPrint Client ActiveX Control "GetFileList()" Information Disclosure Secunia Research (Aug 25)
[DSECRG-08-038] Multiple Local File Include Vulnerabilities in ezContents CMS 2.0.3 Digital Security Research Group [DSecRG] (Aug 25)
Secunia Research: Calendarix Basic Two SQL Injection Vulnerabilities Secunia Research (Aug 25)
Secunia Research: Novell iPrint Client ActiveX Control Multiple Buffer Overflows Secunia Research (Aug 25)
[DSECRG-08-037] Multiple Local File Include Vulnerabilities in Pluck CMS 4.5.2 Digital Security Research Group [DSecRG] (Aug 25)
SECOBJADV-2008-03.2: PartyGaming PartyPoker Malicious Update Vulnerability Security Objectives Corporation (Aug 25)
[IVIZ-08-009] Grub Legacy Security Model bypass exploiting wrong BIOS API usage iViZ Security Advisories (Aug 25)
Crafty Syntax Live Help <= 2.14.6 SQL Injection GulfTech Security Research (Aug 25)
[IVIZ-08-006] DiskCryptor Security Model bypass exploiting wrong BIOS API usage iViZ Security Advisories (Aug 25)
ToorCon X CFP Closing and Workshops and Seminars discounted until Friday! David Hulton (Aug 26)
Mini-NUKE v2.3 Freehost (tr) Multiple Remote SQL Injection Vulnerabilities byccc (Aug 26)
ZoneMinder Multiple Vulnerabilities filip . palian (Aug 26)
Hopeless comments regarding the pointless "HP System Management Homepage (SMH) Unspecified XSS" Luca.carettoni (Aug 26)
[SECURITY] [DSA 1632-1] New tiff packages fix arbitrary code execution Thijs Kinkhorst (Aug 26)
Multiple Vulnerabilities in AWStats Totals Elliot Kendall (Aug 26)
White Wolf Labs #080826-1: Kyocera Mita Scanner File Utility (Multiple) Seth Fogie (Aug 26)
PacSec 2008 CFP (Deadline Sept. 1, Conference Nov. 12/13) and BA-Con 2008 Speakers (Sept .30/ Oct. 1) Dragos Ruiu (Aug 26)
[ MDVSA-2008:180-1 ] libxml2 security (Aug 26)
[security bulletin] HPSBMA02363 SSRT080106 rev.1 - HP Enterprise Discovery Running on Windows, Remote Authorized User, Gain Extended Privileges security-alert (Aug 27)
[IVIZ-08-008] LILO Security Model bypass exploiting wrong BIOS API usage iViZ Security Advisories (Aug 28)
[IVIZ-08-007] DriveCrypt Security Model bypass exploiting wrong BIOS API usage iViZ Security Advisories (Aug 28)
[IVIZ-08-003] TrueCrypt Security Model bypass exploiting wrong BIOS API usage iViZ Security Advisories (Aug 28)
[USN-638-1] Yelp vulnerability Kees Cook (Aug 28)
[IVIZ-08-004] Intel BIOS Plain Text Password Disclosure iViZ Security Advisories (Aug 28)
XSS and Data Manipulation attacks found in CMS PHPCart. vaibhav aher (Aug 28)
[IVIZ-08-002] Hewlett-Packard BIOS Plain Text Password Disclosure iViZ Security Advisories (Aug 28)
[IVIZ-08-005] IBM Lenovo BIOS Plain Text Password Disclosure iViZ Security Advisories (Aug 28)
[security bulletin] HPSBUX02365 SSRT080118 rev.1 - HP-UX Running Apache, Remote Cross Site Scripting (XSS) or Denial of Service (DoS) security-alert (Aug 28)
reviving the botnets@ mailing list: a new statregy in fighting cyber crime Gadi Evron (Aug 28)
ZDI-08-054: Multiple Vendor libpurple MSN Protocol SLP Message Heap Overflow Vulnerability zdi-disclosures (Aug 28)
[scip_Advisory 3807] Dreambox DM500 webserver long URL request denial of service Marc Ruef (Aug 29)
[Advisory] Invision Power Board <= 2.3.5 Multiple Vulnerabilities and Security Bypass gmdarkfig (Aug 29)
[ MDVSA-2008:181 ] ipsec-tools security (Aug 29)
[Exploit] Invision Power Board <= 2.3.5 Multiple Vulnerabilities gmdarkfig (Aug 29)
VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues. VMware Security team (Aug 30)
[SECURITY] [DSA-1597-2] New mt-daapd package fix regression Devin Carraway (Aug 30)