Bugtraq: by author
RSS Feed
About List
All Lists
Previous period
271 messages
starting Aug 04 08 and
ending Aug 13 08
Date index |
Thread index |
Author index
0in . email
TGS CMS Remote Code Execution Exploit 0in . email (Aug 04)
0xjbrown41
Re: [SE-2008-01] J2ME Security Vulnerabilities 2008 0xjbrown41 (Aug 07)
Re: Re: [SE-2008-01] J2ME Security Vulnerabilities 2008 0xjbrown41 (Aug 08)
admin
IGES CMS <=2.0 Multiple Vulnerabilities admin (Aug 05)
Alexander Sotirov
Re: OpenVMS fingerd remote stack overflow Alexander Sotirov (Aug 07)
Alex Eden
RE: TimeTrex Time and Attendance Cookie Theft Alex Eden (Aug 22)
alfredo . melloni
Google Notebook and Google Bookmarks Cross Site Scripting Vulnerabilities alfredo . melloni (Aug 06)
AR
DNS Multiple Race Exploiting Tool AR (Aug 01)
beenudel1986
Null Byte Local file Inclusion in FAR - PHP Project version:1.0 beenudel1986 (Aug 21)
Ben Laurie
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Ben Laurie (Aug 08)
OpenID/Debian PRNG/DNS Cache poisoning advisory Ben Laurie (Aug 08)
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Ben Laurie (Aug 12)
Re: [OpenID] OpenID/Debian PRNG/DNS Cache poisoning advisory Ben Laurie (Aug 08)
Re: [OpenID] OpenID/Debian PRNG/DNS Cache poisoning advisory Ben Laurie (Aug 08)
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Ben Laurie (Aug 12)
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Ben Laurie (Aug 12)
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Ben Laurie (Aug 08)
Bernhard Mueller
Whitepaper: DNS zone redelegation Bernhard Mueller (Aug 07)
Interesting things at sec-consult.com, DNS-whitepaper available tomorrow Bernhard Mueller (Aug 06)
bgtrq . tryfixingit
Apple OSX Leopard (10.5+), inadequate ACL insight can create vuln bgtrq . tryfixingit (Aug 22)
byccc
Mini-NUKE v2.3 Freehost (tr) Multiple Remote SQL Injection Vulnerabilities byccc (Aug 26)
cfp
Call For Papers - Hackers 2 Hackers Conference 5th Edition - Brazil cfp (Aug 22)
chris
libxslt heap overflow chris (Aug 01)
Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Vulnerability in Cisco WebEx Meeting Manager ActiveX Control Cisco Systems Product Security Incident Response Team (Aug 15)
Clausen, Martin (DK - Copenhagen)
RE: OpenID/Debian PRNG/DNS Cache poisoning advisory Clausen, Martin (DK - Copenhagen) (Aug 12)
cocoruder
Microsoft Windows Messenger Remote Illegal Access Vulnerability cocoruder (Aug 14)
Collin R. Mulliner
Nokia 6131 NFC URI/URL Spoofing and DoS Advisory Collin R. Mulliner (Aug 18)
CORE Security Technologies Advisories
CORE-2008-0813 - vBulletin Cross Site Scripting Vulnerability CORE Security Technologies Advisories (Aug 21)
CORE-2008-0716 - Sun xVM VirtualBox Privilege Escalation Vulnerability CORE Security Technologies Advisories (Aug 04)
CORE-2008-0624: Anzio Web Print Object Buffer Overflow CORE Security Technologies Advisories (Aug 21)
CORE-2008-0103: Internet Explorer Zone Elevation Restrictions Bypass and Security Zone Restrictions Bypass CORE Security Technologies Advisories (Aug 13)
crimson . loyd
OneNews Beta 2 Multiple Vulnerabilities crimson . loyd (Aug 23)
Keld: PHP-MySQL News Script 0.7.1 Remote SQL injection Vulnerability crimson . loyd (Aug 04)
Dan Kaminsky
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Dan Kaminsky (Aug 08)
dann frazier
[SECURITY] [DSA 1630-1] New Linux 2.6.18 packages fix several vulnerabilities dann frazier (Aug 21)
Dave Korn
RE: OpenID/Debian PRNG/DNS Cache poisoning advisory Dave Korn (Aug 08)
RE: OpenID/Debian PRNG/DNS Cache poisoning advisory Dave Korn (Aug 08)
David Hulton
ToorCon 10 Call For Papers David Hulton (Aug 20)
ToorCon X CFP Closing and Workshops and Seminars discounted until Friday! David Hulton (Aug 26)
Derek Callaway
Tool: PorkBind v1.3 Nameserver Security Scanner (New Version) Derek Callaway (Aug 18)
Devin Carraway
[SECURITY] [DSA-1597-2] New mt-daapd package fix regression Devin Carraway (Aug 30)
dh
Layered Defense Research Advisory: Alcatel-Lucent OmniSwitch products, Stack Buffer Overflow dh (Aug 12)
Dick Hardt
Re: [OpenID] OpenID/Debian PRNG/DNS Cache poisoning advisory Dick Hardt (Aug 08)
Digital Security Research Group [DSecRG]
[DSECRG-08-037] Multiple Local File Include Vulnerabilities in Pluck CMS 4.5.2 Digital Security Research Group [DSecRG] (Aug 25)
[DSECRG-08-035] Local File Include Vulnerability in Gallery 1.5.7, 1.6-alpha3 Digital Security Research Group [DSecRG] (Aug 08)
[DSECRG-08-036] Multiple Security Vulnerabilities in Freeway eCommerce 1.4.1.171 Digital Security Research Group [DSecRG] (Aug 18)
[DSECRG-08-038] Multiple Local File Include Vulnerabilities in ezContents CMS 2.0.3 Digital Security Research Group [DSecRG] (Aug 25)
DoZ
TimeTrex Time and Attendance Cookie Theft DoZ (Aug 21)
Dragos Ruiu
Re: Fedora confirms: Our servers were breached Dragos Ruiu (Aug 22)
PacSec 2008 CFP (Deadline Sept. 1, Conference Nov. 12/13) and BA-Con 2008 Speakers (Sept .30/ Oct. 1) Dragos Ruiu (Aug 26)
Eder Wentz
Re: ManageEngine Firewall Analyzer arbitrary file disclosure to authorized user Eder Wentz (Aug 18)
Elliot Kendall
Multiple Vulnerabilities in AWStats Totals Elliot Kendall (Aug 26)
emericboit
Apache Tomcat <= 6.0.18 UTF8 Directory Traversal Vulnerability emericboit (Aug 11)
Eric Rescorla
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Eric Rescorla (Aug 08)
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Eric Rescorla (Aug 08)
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Eric Rescorla (Aug 08)
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Eric Rescorla (Aug 08)
Fernando Gont
Security Assessment of the Internet Protocol Fernando Gont (Aug 14)
filip . palian
ZoneMinder Multiple Vulnerabilities filip . palian (Aug 26)
Florian Weimer
[SECURITY] [DSA 1627-1] New PowerDNS packages reduce DNS spoofing risk Florian Weimer (Aug 11)
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Florian Weimer (Aug 12)
Forrest J. Cavalier III
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Forrest J. Cavalier III (Aug 12)
Gadi Evron
Internet attacks against Georgian web sites Gadi Evron (Aug 12)
Re: [funsec] facebook messages worm Gadi Evron (Aug 07)
reviving the botnets@ mailing list: a new statregy in fighting cyber crime Gadi Evron (Aug 28)
Re: [funsec] facebook messages worm Gadi Evron (Aug 07)
Re: [funsec] facebook messages worm Gadi Evron (Aug 07)
facebook messages worm Gadi Evron (Aug 07)
Gerald Beuchelt
Re: [OpenID] OpenID/Debian PRNG/DNS Cache poisoning advisory Gerald Beuchelt (Aug 08)
Ghost hacker
Homes 4 Sale Remote XSS Vulnerabilitiy Ghost hacker (Aug 02)
glafkos
Folder Lock <= 5.9.5 Local Password Information Disclosure glafkos (Aug 20)
gmdarkfig
Re: [Exploit] Invision Power Board <= 2.3.5 Multiple Vulnerabilities gmdarkfig (Aug 29)
Re: [Advisory] Invision Power Board <= 2.3.5 Multiple Vulnerabilities and Security Bypass gmdarkfig (Aug 30)
[Exploit] Invision Power Board <= 2.3.5 Multiple Vulnerabilities gmdarkfig (Aug 29)
[Advisory] Invision Power Board <= 2.3.5 Multiple Vulnerabilities and Security Bypass gmdarkfig (Aug 29)
GulfTech Security Research
Plogger <= 3.0 SQL Injection GulfTech Security Research (Aug 05)
SunShop <= 4.1.4 SQL Injection GulfTech Security Research (Aug 19)
e107 <= 0.7.11 Arbitrary Variable Overwriting GulfTech Security Research (Aug 07)
Kayako SupportSuite < 3.30.00 Multiple Vulnerabilities GulfTech Security Research (Aug 11)
Crafty Syntax Live Help <= 2.14.6 SQL Injection GulfTech Security Research (Aug 25)
PHP Live Helper <= 2.0.1 Multiple Vulnerabilities GulfTech Security Research (Aug 18)
Vanilla <= 1.1.4 Script Injection/ XSS GulfTech Security Research (Aug 19)
hadihadi_zedehal_2006
K-Links Directory Blind SQL Injection Exploit hadihadi_zedehal_2006 (Aug 11)
"Hal Finney"
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory "Hal Finney" (Aug 12)
hi
Re: RE: TimeTrex Time and Attendance Cookie Theft hi (Aug 22)
iDefense Labs
iDefense Security Advisory 08.04.08: Solaris snoop SMB Decoding Multiple Format String Vulnerabilities iDefense Labs (Aug 12)
iDefense Security Advisory 07.31.08: Apple Mac OS X CoreGraphics PDF Type1 Font Integer Overflow Vulnerability iDefense Labs (Aug 01)
iDefense Security Advisory 08.12.08: Microsoft Office BMP Input Filter Heap Overflow Vulnerability iDefense Labs (Aug 13)
iDefense Security Advisory 08.01.08: Ingres Database for Linux ingvalidpw Untrusted Library Path Vulnerability iDefense Labs (Aug 02)
iDefense Security Advisory 08.12.08: Microsoft Excel Chart AxesSet Invalid Array Index Vulnerability iDefense Labs (Aug 13)
iDefense Security Advisory 08.12.08: Microsoft Office WPG Image File Heap Buffer Overflow Vulnerability iDefense Labs (Aug 13)
iDefense Security Advisory 08.04.08: Solaris snoop SMB Decoding Multiple Stack Buffer Overflow Vulnerabilities iDefense Labs (Aug 12)
iDefense Security Advisory 08.01.08: Ingres Database for Linux libbecompat Stack Based Buffer Overflow Vulnerability iDefense Labs (Aug 02)
iDefense Security Advisory 08.12.08: Microsoft PowerPoint Viewer 2003 Out of Bounds Array Index Vulnerability iDefense Labs (Aug 13)
iDefense Security Advisory 08.12.08: Microsoft Windows Color Management Module Heap Buffer Overflow Vulnerability iDefense Labs (Aug 13)
iDefense Security Advisory 08.12.08: Microsoft PowerPoint Viewer 2003 Cstring Integer Overflow Vulnerability iDefense Labs (Aug 13)
iDefense Security Advisory 08.01.08: Ingres Database for Linux verifydb Insecure File Permissions Modification Vulnerability iDefense Labs (Aug 02)
iDefense Security Advisory 08.12.08: Microsoft Excel FORMAT Record Invalid Array Index Vulnerability iDefense Labs (Aug 13)
irancrash
Mambo 4.6.2 Full Version - Multiple Cross Site Scripting - By Khashayar Fereidani irancrash (Aug 15)
FlexCMS <= 2.5 Cross Site Scripting Vulnerability irancrash (Aug 15)
Pluck 4.5.2 Multiple Cross Site Scripting Vulnerabilities irancrash (Aug 05)
Xampp Linux 1.6.7 Multiple Cross Site Scripting Vulnerabilities irancrash (Aug 04)
iViZ Security Advisories
[IVIZ-08-008] LILO Security Model bypass exploiting wrong BIOS API usage iViZ Security Advisories (Aug 28)
[IVIZ-08-003] TrueCrypt Security Model bypass exploiting wrong BIOS API usage iViZ Security Advisories (Aug 28)
[IVIZ-08-006] DiskCryptor Security Model bypass exploiting wrong BIOS API usage iViZ Security Advisories (Aug 25)
[IVIZ-08-005] IBM Lenovo BIOS Plain Text Password Disclosure iViZ Security Advisories (Aug 28)
[IVIZ-08-007] DriveCrypt Security Model bypass exploiting wrong BIOS API usage iViZ Security Advisories (Aug 28)
[IVIZ-08-004] Intel BIOS Plain Text Password Disclosure iViZ Security Advisories (Aug 28)
[IVIZ-08-009] Grub Legacy Security Model bypass exploiting wrong BIOS API usage iViZ Security Advisories (Aug 25)
[IVIZ-08-002] Hewlett-Packard BIOS Plain Text Password Disclosure iViZ Security Advisories (Aug 28)
Jamie Strandboge
[USN-635-1] xine-lib vulnerabilities Jamie Strandboge (Aug 06)
[USN-626-2] Devhelp, Epiphany, Midbrowser and Yelp update Jamie Strandboge (Aug 04)
Jan Minář
Vim 7.2c.002 Fixes Arbitrary Command Execution when Handling Tar Archives Jan Minář (Aug 13)
Vim: Arbitrary Code Execution in Commands: K, Control-], g] Jan Minář (Aug 22)
Vim: Unfixed Vulnerabilities in Tar Plugin Version 20 Jan Minář (Aug 08)
Vim: Netrw: FTP User Name and Password Disclosure Jan Minář (Aug 13)
João Antunes
[AJECT] WinGate Email Server (IMAP) vulnerability João Antunes (Aug 08)
[AJECT] hMailServer 4.4.1 DoS vulnerability João Antunes (Aug 12)
[AJECT] NoticeWare IMAP Email Server 4.6.2 DoS vulnerability João Antunes (Aug 08)
Juha-Matti Laurio
Re: [Full-disclosure] [funsec] facebook messages worm Juha-Matti Laurio (Aug 07)
Fedora confirms: Our servers were breached Juha-Matti Laurio (Aug 22)
Re: [funsec] facebook messages worm Juha-Matti Laurio (Aug 08)
jyoung01
Re: 8e6 Technologies R3000 Internet Filter Bypass with Host Decoy jyoung01 (Aug 06)
Kees Cook
[USN-638-1] Yelp vulnerability Kees Cook (Aug 28)
[USN-633-1] libxslt vulnerabilities Kees Cook (Aug 01)
[USN-632-1] Python vulnerabilities Kees Cook (Aug 01)
[USN-634-1] OpenLDAP vulnerability Kees Cook (Aug 01)
[USN-636-1] Postfix vulnerability Kees Cook (Aug 20)
Kevin Finisterre (lists)
Re: OpenVMS fingerd remote stack overflow Kevin Finisterre (lists) (Aug 07)
lcat
Re: TGS CMS Remote Code Execution Exploit lcat (Aug 12)
Leichter, Jerry
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Leichter, Jerry (Aug 12)
RE: OpenID/Debian PRNG/DNS Cache poisoning advisory Leichter, Jerry (Aug 08)
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Leichter, Jerry (Aug 08)
lists
Surf Jack - HTTPS will not save you lists (Aug 12)
lovebug
PHP-NUKE module Kleinanzeigen SQL injection (lid) lovebug (Aug 06)
Luca.carettoni
Hopeless comments regarding the pointless "HP System Management Homepage (SMH) Unspecified XSS" Luca.carettoni (Aug 26)
Luigi Auriemma
Server termination in America's Army 2.8.3.1 Luigi Auriemma (Aug 02)
Endless loop and resources consumption in Halo 1.0.7.0615 Luigi Auriemma (Aug 07)
NULL pointer in Ventrilo 3.0.2 Luigi Auriemma (Aug 13)
marc_bevand
Apache HTTP Server mod_proxy_ftp Wildcard Characters Cross-Site Scripting marc_bevand (Aug 06)
Marc Ruef
[scip_Advisory 3807] Dreambox DM500 webserver long URL request denial of service Marc Ruef (Aug 29)
Mark Thomas
[CVE-2008-1232] Apache Tomcat XSS vulnerability Mark Thomas (Aug 01)
[CVE-2008-2370] Apache Tomcat information disclosure vulnerability Mark Thomas (Aug 01)
michaelbrooks
Pligg Auto-Voter Using XSS to Bypass CSRF Protection michaelbrooks (Aug 02)
Michael Wiegand
Contest: Best Advances for OpenVAS Network Vulnerability Tests Michael Wiegand (Aug 22)
Michael Wojcik
RE: Arbitrary Code Execution in Commands: K, Control-], g] Michael Wojcik (Aug 25)
Mike
Re: TimeTrex Time and Attendance Cookie Theft Mike (Aug 23)
Mike Prosser
SYM08-015_SFW_SecurityUpdateBypass Mike Prosser (Aug 14)
mlbugtraq
Re: OpenVMS fingerd remote stack overflow mlbugtraq (Aug 07)
mostafa_ragab
Ovidentia 6.6.5 XSS (index.php)‏ mostafa_ragab (Aug 18)
Nicolas Williams
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Nicolas Williams (Aug 08)
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Nicolas Williams (Aug 08)
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Nicolas Williams (Aug 08)
nnposter
8e6 Technologies R3000 Internet Filter Bypass with Host Decoy nnposter (Aug 05)
o_0 . iahumeil
Re: [DSECRG-08-035] Local File Include Vulnerability in Gallery 1.5.7, 1.6-alpha3 o_0 . iahumeil (Aug 11)
Oliver Goebel
IMF 2008 - Call for Participation Oliver Goebel (Aug 21)
oliver karow
Re: MicroWorld MailScan - Multiple Vulnerabilities within Admin-Webinterface oliver karow (Aug 15)
Paul Ferguson
Re: [funsec] Internet attacks against Georgian web sites Paul Ferguson (Aug 12)
Re: [funsec] Internet attacks against Georgian web sites Paul Ferguson (Aug 12)
Paul Hoffman
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Paul Hoffman (Aug 08)
Perry E. Metzger
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Perry E. Metzger (Aug 08)
Peter Gutmann
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Peter Gutmann (Aug 08)
Pierre-Yves Rofes
[ GLSA 200808-11 ] UUDeview: Insecure temporary file creation Pierre-Yves Rofes (Aug 11)
ProCheckUp Research
PR08-20: Bypassing ASP .NET "ValidateRequest" for Script Injection Attacks ProCheckUp Research (Aug 22)
r3d . w0rm
eVision 2.0 Sql Injection/Remote File Disclosure/Remote File Upload/IG r3d . w0rm (Aug 01)
Ovidentia Sql Injection r3d . w0rm (Aug 11)
NewsHOWLER 1.03 Beta Cookie Handling Via Sql injection r3d . w0rm (Aug 18)
UNAK-CMS Lfi r3d . w0rm (Aug 04)
munky-bliki lfi r3d . w0rm (Aug 15)
MyClan Sql Injection r3d . w0rm (Aug 06)
Raphael Marichez
[ GLSA 200808-07 ] ClamAV: Multiple Denials of Service Raphael Marichez (Aug 08)
[ GLSA 200808-08 ] stunnel: Security bypass Raphael Marichez (Aug 08)
[ GLSA 200808-09 ] OpenLDAP: Denial of Service vulnerability Raphael Marichez (Aug 08)
[ GLSA 200808-12 ] Postfix: Local privilege escalation vulnerability Raphael Marichez (Aug 15)
Robert Buchholz
[ GLSA 200808-10 ] Adobe Reader: User-assisted execution of arbitrary code Robert Buchholz (Aug 11)
[ GLSA 200808-02 ] Net-SNMP: Multiple vulnerabilities Robert Buchholz (Aug 06)
[ GLSA 200808-03 ] Mozilla products: Multiple vulnerabilities Robert Buchholz (Aug 06)
[ GLSA 200808-01 ] xine-lib: User-assisted execution of arbitrary code Robert Buchholz (Aug 06)
[ GLSA 200808-04 ] Wireshark: Denial of Service Robert Buchholz (Aug 06)
UPDATE: [ GLSA 200804-22 ] PowerDNS Recursor: DNS Cache Poisoning Robert Buchholz (Aug 21)
[ GLSA 200807-16 ] Python: Multiple vulnerabilities Robert Buchholz (Aug 01)
rPath Update Announcements
rPSA-2008-0247-1 gvim vim vim-minimal rPath Update Announcements (Aug 11)
rPSA-2008-0255-1 freetype rPath Update Announcements (Aug 15)
rPSA-2008-0245-1 cups rPath Update Announcements (Aug 06)
rPSA-2008-0259-1 postfix rPath Update Announcements (Aug 21)
rPSA-2008-0249-1 openldap openldap-clients openldap-servers rPath Update Announcements (Aug 11)
rPSA-2008-0246-1 gaim rPath Update Announcements (Aug 06)
rPSA-2008-0243-1 idle python rPath Update Announcements (Aug 13)
rPSA-2008-0253-1 git gitweb rPath Update Announcements (Aug 12)
Secunia Research
Secunia Research: Calendarix Basic Two SQL Injection Vulnerabilities Secunia Research (Aug 25)
Secunia Research: Novell iPrint Client ActiveX Control "GetFileList()" Information Disclosure Secunia Research (Aug 25)
Secunia Research: Novell iPrint Client ActiveX Control Multiple Buffer Overflows Secunia Research (Aug 25)
Secunia Research: Trend Micro Products Web Management Authentication Bypass Secunia Research (Aug 22)
security
[ MDVSA-2008:169 ] hplip security (Aug 14)
[ MDVSA-2008:175 ] yelp security (Aug 21)
[ MDVSA-2008:173 ] kdegraphics security (Aug 19)
[ MDVSA-2008:180 ] libxml2 security (Aug 22)
[ MDVSA-2008:160 ] libxslt security (Aug 02)
[ MDVSA-2008:166 ] clamav security (Aug 13)
[ MDVSA-2008:162 ] qemu security (Aug 08)
[ MDVSA-2008:179 ] metisse security (Aug 22)
[ MDVSA-2008:168 ] stunnel security (Aug 14)
[ MDVSA-2008:161 ] rxvt security (Aug 07)
[ MDVSA-2008:172 ] amarok security (Aug 18)
[ MDVSA-2008:163 ] python security (Aug 08)
[ MDVSA-2008:181 ] ipsec-tools security (Aug 29)
[ MDVSA-2008:167 ] kernel security (Aug 13)
[ MDVSA-2008:178 ] xine-lib security (Aug 21)
[ MDVSA-2008:174 ] kernel security (Aug 20)
[ MDVSA-2008:164 ] python security (Aug 08)
[ MDVSA-2008:180-1 ] libxml2 security (Aug 26)
[ MDVSA-2008:171 ] postfix security (Aug 18)
[ MDVSA-2008:177 ] xine-lib security (Aug 21)
[ MDVSA-2008:176 ] mtr security (Aug 21)
[ MDVSA-2008:170 ] cups security (Aug 14)
security-alert
[security bulletin] HPSBTU02358 SSRT080058 rev.1 - HP Tru64 UNIX running BIND, Remote DNS Cache Poisoning security-alert (Aug 13)
[security bulletin] HPSBUX02365 SSRT080118 rev.1 - HP-UX Running Apache, Remote Cross Site Scripting (XSS) or Denial of Service (DoS) security-alert (Aug 28)
[security bulletin] HPSBUX02351 SSRT080058 rev.3 - HP-UX Running BIND, Remote DNS Cache Poisoning security-alert (Aug 06)
[security bulletin] HPSBUX02351 SSRT080058 rev.4 - HP-UX Running BIND, Remote DNS Cache Poisoning security-alert (Aug 09)
[security bulletin] HPSBUX02356 SSRT080051 rev.1 - HP-UX Running ftpd, Remote Privileged Access security-alert (Aug 12)
[security bulletin] HPSBST02360 SSRT080117 rev.2 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-041 to MS08-051 security-alert (Aug 19)
[security bulletin] HPSBMA02345 SSRT080039 rev.2 - HP System Management Homepage (SMH) for Linux and Windows, Remote Cross Site Scripting (XSS) security-alert (Aug 18)
[security bulletin] HPSBOV02357 SSRT080058 rev.1 - HP OpenVMS TCP/IP Services running BIND, Remote DNS Cache Poisoning security-alert (Aug 14)
[security bulletin] HPSBMA02363 SSRT080106 rev.1 - HP Enterprise Discovery Running on Windows, Remote Authorized User, Gain Extended Privileges security-alert (Aug 27)
[security bulletin] HPSBUX02355 SSRT080023 rev.1 - HP-UX Using libc, Remote Denial of Service (DoS) security-alert (Aug 06)
Security Explorations
[SE-2008-01] J2ME Security Vulnerabilities 2008 Security Explorations (Aug 07)
re: [SE-2008-01] J2ME Security Vulnerabilities 2008 Security Explorations (Aug 08)
security () nruns com
n.runs-SA-2008.005 - Apple Inc. - CoreServices Framework’s CarbonCore Framework - Arbitrary Code Execution (remote) security () nruns com (Aug 01)
Security Objectives Corporation
SECOBJADV-2008-03.2: PartyGaming PartyPoker Malicious Update Vulnerability Security Objectives Corporation (Aug 25)
Seth Fogie
White Wolf Labs #080826-1: Kyocera Mita Scanner File Utility (Multiple) Seth Fogie (Aug 26)
Shaun Colley
OpenVMS fingerd remote stack overflow Shaun Colley (Aug 07)
Solar Designer
key blacklisting & file size (was: OpenID/Debian PRNG/DNS Cache poisoning advisory) Solar Designer (Aug 08)
Stefan Kanthak
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Stefan Kanthak (Aug 12)
Steve Friedl
New paper: An Illustrated Guide to the Kaminsky DNS Vulnerability Steve Friedl (Aug 08)
Steve Kemp
[SECURITY] [DSA 1631-1] New libxml2 packages fix denial of service Steve Kemp (Aug 22)
[SECURITY] [DSA 1631-1] New libxml2 packages fix denial of service Steve Kemp (Aug 26)
Team SHATTER
Team SHATTER Security Advisory: SQL Injection in Oracle Database (DBMS_DEFER_SYS.DELETE_TRAN) Team SHATTER (Aug 04)
Re: Team SHATTER Security Advisory: SQL Injection in Oracle Database (DBMS_DEFER_SYS.DELETE_TRAN) Team SHATTER (Aug 12)
Team SHATTER Security Advisory: SQL Injection in Oracle Application Server (WWEXP_API_ENGINE) Team SHATTER (Aug 04)
Team SHATTER Security Advisory: Cross-site scripting in Oracle Enterprise Manager (REFRESHCHOICE Parameter) Team SHATTER (Aug 04)
Thijs Kinkhorst
[SECURITY] [DSA 1625-1] New cupsys packages fix arbitrary code execution Thijs Kinkhorst (Aug 01)
[SECURITY] [DSA 1627-1] New opensc packages fix smart card vulnerability Thijs Kinkhorst (Aug 04)
[SECURITY] [DSA 1626-1] New httrack packages fix arbitrary code execution Thijs Kinkhorst (Aug 01)
[SECURITY] [DSA 1632-1] New tiff packages fix arbitrary code execution Thijs Kinkhorst (Aug 26)
[SECURITY] [DSA 1629-1] New postfix packages fix privilege escalation Thijs Kinkhorst (Aug 18)
[SECURITY] [DSA 1629-2] New postfix packages fix installability problem on i386 Thijs Kinkhorst (Aug 19)
Tim Dierks
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Tim Dierks (Aug 12)
Tim Newsham
Re: OpenVMS fingerd remote stack overflow Tim Newsham (Aug 08)
Tobias Heinlein
[ GLSA 200808-06 ] libxslt: Execution of arbitrary code Tobias Heinlein (Aug 06)
[ GLSA 200808-05 ] ISC DHCP: Denial of Service Tobias Heinlein (Aug 06)
Tobias Klein
[TKADV2008-006] CA HIPS KmxFw.sys Kernel Memory Corruption Tobias Klein (Aug 13)
Tony Mechelynck
Re: Vim: Netrw: FTP User Name and Password Disclosure Tony Mechelynck (Aug 13)
vaibhav aher
XSS and Data Manipulation attacks found in CMS PHPCart. vaibhav aher (Aug 28)
VMware Security Team
VMSA-2008-0013 Updated ESX packages for OpenSSL, net-snmp, perl VMware Security Team (Aug 12)
VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues. VMware Security team (Aug 30)
VMSA-2008-0012 Updated VirtualCenter addresses User Account Disclosure Vulnerability VMware Security Team (Aug 12)
Wietse Venema
Postfix local privilege escalation via hardlinked symlinks Wietse Venema (Aug 14)
Will Drewry
[oCERT-2008-008] multiple heap overflows in xine-lib Will Drewry (Aug 22)
William A. Rowe, Jr.
Re: Windows Vista Power Management & Local Security Policy William A. Rowe, Jr. (Aug 02)
Re: how to request a cve id? William A. Rowe, Jr. (Aug 02)
William McAfee
Re: Null Byte Local file Inclusion in FAR - PHP Project version:1.0 William McAfee (Aug 22)
Williams, James K
CA Host-Based Intrusion Prevention System SDK kmxfw.sys Multiple Vulnerabilities Williams, James K (Aug 12)
CA ARCserve Backup for Laptops and Desktops Server LGServer Service Vulnerability Williams, James K (Aug 01)
CA Products That Embed Ingres Multiple Vulnerabilities Williams, James K (Aug 06)
win32 . exe
file upload exploit win32 . exe (Aug 02)
zdi-disclosures
ZDI-08-051: Microsoft Internet Explorer Table Layout Memory Corruption Vulnerability zdi-disclosures (Aug 13)
ZDI-08-053: Symantec Veritas Storage Foundation Scheduler Service NULL Session Authentication Bypass Vulnerability zdi-disclosures (Aug 14)
ZDI-08-048: Microsoft Excel COUNTRY Record Memory Corruption Vulnerability zdi-disclosures (Aug 13)
ZDI-08-049: Microsoft Windows Graphics Rendering Engine PICT Heap Corruption zdi-disclosures (Aug 13)
ZDI-08-054: Multiple Vendor libpurple MSN Protocol SLP Message Heap Overflow Vulnerability zdi-disclosures (Aug 28)
ZDI-08-050: Microsoft Internet Explorer XHTML Rendering Memory Corruption Vulnerability zdi-disclosures (Aug 13)