Bugtraq: by author
RSS Feed
About List
All Lists
Previous period
341 messages
starting May 19 08 and
ending May 20 08
Date index |
Thread index |
Author index
0in . email
Smeego CMS vulnerability 0in . email (May 19)
16 . her0
Flash Blog Sql Injection 16 . her0 (May 29)
admin
PCPIN Chat 6: potential XSS vulnerability in URL redirection script admin (May 24)
Dot Net Nuke (DNN) <= 4.8.3 XSS Vulnerability Admin (May 30)
[MajorSecurity Advisory #52]ActualAnalyzer family - Cross Site Scripting Issues admin (May 13)
Adrian Pastor
Re: MDAP ANTs PWNAGE: dumping the admin password of the BT Home Hub Adrian Pastor (May 27)
MDAP ANTs PWNAGE: dumping the admin password of the BT Home Hub Adrian Pastor (May 22)
a . jasbi
Cpanel all version >> root access with a reseller account. a . jasbi (May 19)
abledating 2.4 >> Sql injection and cross site scripting on search_results.php a . jasbi (May 22)
dzoic handshakes sql injection >> index.php on $fname a . jasbi (May 24)
Vbulletin 3.7.0 Gold >> Sql injection on faq.php a . jasbi (May 20)
Ablespace 1.0 'cat_id' Parameter SQL Injection Vulnerability a . jasbi (May 26)
alighieri_m
Re: mjguest 6.7 (ALL VERSION) Xss & Redirection Vuln alighieri_m (May 21)
Alireza Hassani
LokiCMS Multiple Vulnerabilities through Authorization weakness Alireza Hassani (May 31)
Amit Klein
Re: After 6 months - fix available for Microsoft DNS cache poisoning attack Amit Klein (May 08)
andy . huang
Re: Re: Vbulletin 3.7.0 Gold >> Sql injection on faq.php andy . huang (May 23)
Arshan Dabirsiaghi
Bypassing URL Authentication and Authorization with HTTP Verb Tampering Arshan Dabirsiaghi (May 28)
ascii
Mantis Bug Tracker 1.1.1 Multiple Vulnerabilities ascii (May 20)
Asterisk Security Team
/home/putnopvut/asa/AST-2008-007/AST-2008-007: AST-2008-007 Cryptographic keys generated by OpenSSL on Debian-based systems compromised Asterisk Security Team (May 22)
Aviram Jenik
Advisory - Rsyncrypto maybe affected from Debian OpenSSL reduced entropy problem Aviram Jenik (May 26)
Bojan Zdrnja
Re: Exploiting Google MX servers as Open SMTP Relays Bojan Zdrnja (May 12)
brad . antoniewicz
Cisco BBSM Captive Portal Cross-site Scripting brad . antoniewicz (May 13)
Breeeeh
OtherLogic[vocourse.php]SQL Injection Exploit Breeeeh (May 10)
Brett Moore
Insomnia : ISVA-080516.1 - Altiris Deployment Solution - SQL Injection Brett Moore (May 19)
Insomnia : ISVA-080516.2 - Altiris Deployment Solution - Domain Account Disclosure Brett Moore (May 19)
bugtraq
VisualSentinel 0.7 Cross Agent Scripting Vulnerability bugtraq (May 31)
catalina . danila
Re: [ECHO_ADV_91$2008] Online Rental Property Script <= 4.5 (pid) Blind Sql Injection Vulnerability catalina . danila (May 08)
Charles Morris
Re: function sleep() in all versions of PHP Charles Morris (May 27)
Charles Vaughn
SQL Injection leading to authorization bypass in Torrent Trader Classic v1.08 and earlier Charles Vaughn (May 31)
Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco Voice Portal Privilege Escalation Vulnerability Cisco Systems Product Security Incident Response Team (May 21)
Cisco Security Advisory: Cisco Unified Communications Manager Denial of Service Vulnerabilities Cisco Systems Product Security Incident Response Team (May 14)
Cisco Security Advisory: Cisco Unified Presence Denial of Service Vulnerabilities Cisco Systems Product Security Incident Response Team (May 14)
Cisco Security Advisory: Cisco Content Switching Module Memory Leak Vulnerability Cisco Systems Product Security Incident Response Team (May 14)
Cisco Security Advisory: CiscoWorks Common Services Arbitrary Code Execution Vulnerability Cisco Systems Product Security Incident Response Team (May 28)
Cisco Security Advisory: Cisco IOS Secure Shell Denial of Service Cisco Systems Product Security Incident Response Team (May 21)
Clifton Royston
Re: Exploiting Google MX servers as Open SMTP Relays Clifton Royston (May 12)
cocoruder
Microsoft Office Publisher PUB File Parsing Remote Memory Corruption Vulnerability cocoruder (May 14)
Adobe Acrobat Professional Javascript For PDF Security Feature Bypass and Memory Corruption Vulnerabilities cocoruder (May 07)
[Advisory Update]Adobe Reader/Acrobat Remote PDF Print Silently Vulnerability cocoruder (May 07)
CORE Security Technologies
CORE-2008-0415: Borland Interbase 2007 Integer Overflow CORE Security Technologies (May 20)
Core Security Technologies Advisories
CORE-2008-0126: Multiple vulnerabilities in iCal Core Security Technologies Advisories (May 21)
CORE-2008-0129 - Wonderware SuiteLink Denial of Service vulnerability CORE Security Technologies Advisories (May 05)
Cr4zY . CrAcKeR
VBZooM <=V1.11 "reply.php" SQL Injection Vulnerability Cr4zY . CrAcKeR (May 07)
Re: QTOFileManager V 1.0<== Remote File Upload Vulnerability Cr4zY . CrAcKeR (May 07)
QTOFileManager V 1.0<== Remote File Upload Vulnerability Cr4zY . CrAcKeR (May 06)
cxib
Re: Apache Server HTML Injection and UTF-7 XSS Vulnerability cxib (May 10)
Re: Re: Re: Apache Server HTML Injection and UTF-7 XSS Vulnerability cxib (May 12)
Re: function sleep() in all versions of PHP cxib (May 27)
dann frazier
[SECURITY] [DSA 1575-1] New Linux 2.6.18 packages fix denial of service dann frazier (May 13)
[SECURITY] [DSA 1565-1] New Linux 2.6.18 packages fix several vulnerabilities dann frazier (May 01)
[SECURITY] [DSA 1588-2] New Linux 2.6.18 packages fix several vulnerabilities dann frazier (May 31)
[SECURITY] [DSA 1588-1] New Linux 2.6.18 packages fix several vulnerabilities dann frazier (May 27)
dave
Re: Cpanel all version >> root access with a reseller account. dave (May 20)
decoder-bugtraq
mvnForum 1.1 Cross Site Scripting decoder-bugtraq (May 06)
Sphider 1.3.4 Cross Site Scripting decoder-bugtraq (May 06)
xt:Commerce possible DoS decoder-bugtraq (May 23)
Deniz Cevik
ZYWALL Referer Header XSS Vulnerability Deniz Cevik (May 08)
Oracle Application Server 10G ORA_DAV Basic Authentication Bypass Vulnerability Deniz Cevik (May 09)
Devin Carraway
[SECURITY] [DSA 1579-1] New netpbm-free packages fix arbitrary code execution Devin Carraway (May 19)
[SECURITY] [DSA 1586-1] New xine-lib packages fix several vulnerabilities Devin Carraway (May 22)
[SECURITY] [DSA 1567-1] New blender packages fix arbitrary code execution Devin Carraway (May 05)
Digital Security Research Group
[DSECRG-08-020] Alcatel OmniPCX Office Remote Comand Execution Digital Security Research Group (May 21)
[DSECRG-08-025] Local File Include in OneCMS 2.5 Digital Security Research Group (May 23)
[DSECRG-08-023] SAP Web Application Server XSS Security Vulnerability Digital Security Research Group (May 21)
[DSECRG-08-024] Multiple Security Vulnerabilities (RFI,LFI,XSS) in QuateCMS Digital Security Research Group (May 23)
DoZ
XEROX DocuShare URL XSS Injection Vulnerabilities DoZ (May 29)
Dragos Ruiu
FInal EUSecWest 2008 Speakers Dragos Ruiu (May 09)
DVLabs
TPTI-08-04: Microsoft Office Jet Database Engine Column Parsing Stack Overflow Vulnerability DVLabs (May 13)
Eloy Paris
Re: Cisco BBSM Captive Portal Cross-site Scripting Eloy Paris (May 14)
erdc
[ECHO_ADV_92$2008] Anserv Auction XL (viewfaqs.php cat) Blind Sql Injection Vulnerability erdc (May 05)
[ECHO_ADV_94$2008] Kmita Mail <= 3.0 (file) Remote File Inclusion Vulnerability erdc (May 05)
[ECHO_ADV_90$2008] PostNuke Module pnEncyclopedia <= 0.2.0 (id) Blind Sql Injection Vulnerability erdc (May 05)
[ECHO_ADV_91$2008] Online Rental Property Script <= 4.5 (pid) Blind Sql Injection Vulnerability erdc (May 05)
[ECHO_ADV_95$2008] BackLinkSpider (cat_id) Blind Sql Injection Vulnerability erdc (May 05)
[ECHO_ADV_93$2008] Kmita Tellfriend <= 2.0 (file) Remote File Inclusion Vulnerability erdc (May 05)
Felix 'FX' Lindner
Re: IOS Rookit: the sky isn't falling (yet) Felix 'FX' Lindner (May 27)
Ferruh Mavituna
DoS attacks using SQL Wildcards - White Paper Ferruh Mavituna (May 19)
Florian Weimer
[SECURITY] [DSA 1571-1] New openssl packages fix predictable random number generator Florian Weimer (May 13)
Re: /home/putnopvut/asa/AST-2008-007/AST-2008-007: AST-2008-007 Cryptographic keys generated by OpenSSL on Debian-based systems compromised Florian Weimer (May 22)
[SECURITY] [DSA 1576-1] New openssh packages fix predictable randomness Florian Weimer (May 14)
[SECURITY] [DSA 1590-1] New samba packages fix arbitrary code execution Florian Weimer (May 30)
[SECURITY] [DSA 1581-1] New gnutls13 packages fix potential code execution Florian Weimer (May 20)
Foresight Linux Essential Announcement Service
FLEA-2008-0008-1 firefox Foresight Linux Essential Announcement Service (May 08)
Gadi Evron
RE: An account of the Estonian Internet War Gadi Evron (May 20)
IOS rootkits Gadi Evron (May 17)
An account of the Estonian Internet War Gadi Evron (May 20)
Re: Exploiting Google MX servers as Open SMTP Relays Gadi Evron (May 10)
Re: IOS rootkits (fwd) Gadi Evron (May 26)
Gerald (Jerry) Carter
[SAMBA] CVE-2008-1105 - Boundary failure when parsing SMB responses Gerald (Jerry) Carter (May 28)
Glynn Clements
Re: function sleep() in all versions of PHP Glynn Clements (May 28)
gogulas
function sleep() in all versions of PHP gogulas (May 26)
GomoR
[TOOL] SSL Capable NetCat (and more) GomoR (May 03)
hackerb
dvbbs8.2(access/sql)version login.asp remote sql injection hackerb (May 29)
hadihadi_zedehal_2006
eCMS-v0.4.2 (SQL/PB) Multiple Remote Vulnerabilities hadihadi_zedehal_2006 (May 20)
e107 Plugin BLOG Engine v2.2 (macgurublog.php/uid) Blind SQL Injection Vulnerability hadihadi_zedehal_2006 (May 23)
RoomPHPlanning 1.5 (weekview.php) SQL Injection Vulnerability hadihadi_zedehal_2006 (May 27)
Kostenloses Linkmanagementscript SQL Injection Vulnerabilities hadihadi_zedehal_2006 (May 15)
blur6ex-0.3.462 LOCAL FILE INCLUSION Vulnerbility hadihadi_zedehal_2006 (May 02)
project alumni v1.0.9 (info.php) SQL Injection Vulnerability hadihadi_zedehal_2006 (May 02)
ezContents CMS Version 2.0.0 SQL Injection Vulnerabilities hadihadi_zedehal_2006 (May 08)
Power Editor LOCAL FILE INCLUSION Vulnerbility hadihadi_zedehal_2006 (May 06)
hadikiamarsi
chicomas.2.0.4 hadikiamarsi (May 02)
Multiple XSS In TuxCMS All Version hadikiamarsi (May 07)
SiteXS CMS Remote File Upload Vulnerability hadikiamarsi (May 03)
hollebcons
Re: GroupWise 7.0 mailto: scheme buffer overflow hollebcons (May 03)
houssamix
Joomla Component xsstream-dm 0.01 Beta SQL Injection houssamix (May 12)
iDefense Labs
iDefense Security Advisory 05.13.08: Microsoft Word CSS Processing Memory Corruption Vulnerability iDefense Labs (May 13)
iDefense Security Advisory 05.12.08: Microsoft Windows I2O Filter Utility Driver (i2omgmt.sys) Local Privilege Escalation Vulnerability iDefense Labs (May 13)
iDefense Security Advisory 05.07.08: Multiple Vendor rdesktop process_redirect_pdu() BSS Overflow Vulnerability iDefense Labs (May 08)
iDefense Security Advisory 05.21.08: Multiple Vendor Snort IP Fragment TTL Evasion Vulnerability iDefense Labs (May 21)
iDefense Security Advisory 04.30.08: Akamai Download Manager Arbitrary Program Execution Vulnerability iDefense Labs (May 01)
iDefense Security Advisory 05.07.08: Multiple Vendor rdesktop iso_recv_msg() Integer Underflow Vulnerability iDefense Labs (May 08)
iDefense Security Advisory 05.07.08: Multiple Vendor rdesktop channel_process() Integer Signedness Vulnerability iDefense Labs (May 08)
iDefense Security Advisory 05.27.08: EMC AlphaStor Server Agent Multiple Stack Buffer Overflow Vulnerabilities iDefense Labs (May 27)
iDefense Security Advisory 05.27.08: EMC AlphaStor Library Manager Arbitrary Command Execution Vulnerability iDefense Labs (May 27)
info
Hack.lu 2008 CfP info (May 16)
ipsdix
[NSG_28-5-08] CA Internet Security Suite 2008 (UmxEventCli.dll/SaveToFile()) remote file corruption poc ipsdix (May 28)
irancrash
php-addressbook v2.0 Multiple Remote Vulnerabilities (LFI/XSS) irancrash (May 01)
Zina 1.0rc3 Remote Directory Traversal Vulnerability & XSS Vulnerability irancrash (May 26)
Maian Guestbook v3.2 XSS Vulnerabilities irancrash (May 03)
Maian Weblog v4.0 XSS Vulnerabilities irancrash (May 03)
Maian Cart v1.1 XSS Vulnerabilities irancrash (May 03)
Maian Search v1.1 Multiple Vulnerabilities (XSS/SQL INJECTION) irancrash (May 03)
Maian Recipe v1.2 Xss Vulnerabilities irancrash (May 03)
Lifetype 1.2.7 XSS Vulnerability irancrash (May 02)
Maian Uploader v4.0 XSS Vulnerabilities irancrash (May 05)
Maian Gallery v2.0 XSS Vulnerability irancrash (May 03)
LifeType 1.2.8 irancrash (May 05)
Zomplog 3.8.2 XSS Vulnerability irancrash (May 02)
Maian Greeting v2.1 Multiple Vulnerabilities (XSS/SQL INJECTION) irancrash (May 03)
BlackBook v1.0 Multiple XSS Vulnerabilities irancrash (May 02)
mjguest 6.7 (ALL VERSION) Xss & Redirection Vuln irancrash (May 01)
Maian Links v3.1 XSS Vulnerabilities irancrash (May 03)
vlBook 1.21 (ALL VERSION) irancrash (May 01)
Maian Support v1.3 Xss Vulnerabilities irancrash (May 03)
Maian Music v1.1 Multiple Vulnerabilities (Xss/SQL Injection) irancrash (May 03)
irvian . info
SunShop Version 3.5.1 Remote Blind Sql Injection irvian . info (May 15)
Jamie Strandboge
[USN-612-6] OpenVPN regression Jamie Strandboge (May 14)
[USN-607-1] Emacs vulnerabilities Jamie Strandboge (May 06)
[USN-611-1] Speex vulnerability Jamie Strandboge (May 08)
[USN-612-8] openssl-blacklist update Jamie Strandboge (May 21)
[USN-606-1] CUPS vulnerability Jamie Strandboge (May 05)
[USN-611-3] GStreamer Good Plugins vulnerability Jamie Strandboge (May 09)
[USN-612-2] OpenSSH vulnerability Jamie Strandboge (May 13)
[USN-611-2] vorbis-tools vulnerability Jamie Strandboge (May 08)
[USN-605-1] Thunderbird vulnerabilities Jamie Strandboge (May 06)
[USN-612-5] OpenSSH update Jamie Strandboge (May 14)
[USN-612-1] OpenSSL vulnerability Jamie Strandboge (May 13)
[USN-608-1] KDE vulnerability Jamie Strandboge (May 06)
Jim Harrison
RE: Bypassing URL Authentication and Authorization with HTTP Verb Tampering Jim Harrison (May 29)
Jon Ribbens
Re: Re: Re: Apache Server HTML Injection and UTF-7 XSS Vulnerability Jon Ribbens (May 16)
J. Oquendo
Re: Microsot DID DISCLOSE potential Backdoor J. Oquendo (May 07)
Re: Microsot DID DISCLOSE potential Backdoor J. Oquendo (May 07)
Microsot DID DISCLOSE potential Backdoor J. Oquendo (May 05)
josh
Vulnerability Advisory on GnuTLS josh (May 20)
Vulnerability Advisory on OpenSSL josh (May 28)
Josh Bressers
Security, Open Source Style Josh Bressers (May 27)
jplopezy
Re: Re: GroupWise 7.0 mailto: scheme buffer overflow jplopezy (May 05)
Microsoft word javascript execution jplopezy (May 19)
Juan Miguel - Prisma Virtual -
Re: function sleep() in all versions of PHP Juan Miguel - Prisma Virtual - (May 27)
Kees Cook
[USN-610-1] LTSP vulnerability Kees Cook (May 07)
[USN-612-7] OpenSSH update Kees Cook (May 20)
[USN-609-1] OpenOffice.org vulnerabilities Kees Cook (May 07)
[USN-613-1] GnuTLS vulnerabilities Kees Cook (May 21)
[USN-612-4] ssl-cert vulnerability Kees Cook (May 14)
Ken Schaefer
RE: Microsot DID DISCLOSE potential Backdoor Ken Schaefer (May 07)
RE: Microsot DID DISCLOSE potential Backdoor Ken Schaefer (May 06)
lament hero
Re: Re: Re: Apache Server HTML Injection and UTF-7 XSS Vulnerability lament hero (May 15)
Apache Server HTML Injection and UTF-7 XSS Vulnerability lament hero (May 09)
Lamont Granquist
Re: Exploiting Google MX servers as Open SMTP Relays Lamont Granquist (May 12)
laurent . gaffie
Novell Client <= 4.91 SP4 Local Stack overflow / B.S.O.D (unauthentificated user) laurent . gaffie (May 08)
linux0day
Vulnerability in Multiple Web Application linux0day (May 07)
LiveCart
Fixed: LiveCart SQL injection vulnerability fixed since version 1.1.2 LiveCart (May 03)
lovebug
PHP-Nuke Module KuraniKerim [sid] SQL Injection lovebug (May 17)
Luigi Auriemma
Denial of Service in Call of Duty 4 1.5 Luigi Auriemma (May 02)
Multiple vulnerabilities in WebMod 0.48 Luigi Auriemma (May 03)
luiswang
Re: netOffice Dwins 1.3 Remote code execution. luiswang (May 02)
Mark Crowther
IRM Security Advisory : Barracuda Networks Spam Firewall Cross-Site Scripting Vulnerability Mark Crowther (May 22)
Mark Sanders
Re: function sleep() in all versions of PHP Mark Sanders (May 26)
martin . meredith
Re: Vbulletin 3.7.0 Gold >> Sql injection on faq.php martin . meredith (May 21)
Marvin Simkin
Calcium web calendar: Reflected XSS Marvin Simkin (May 28)
Matias Blanco
Re: Vbulletin 3.7.0 Gold >> Sql injection on faq.php Matias Blanco (May 21)
Matteo Carli
XSS and CSRF vulnerability on Cpanel 11 Matteo Carli (May 09)
mefisto
FlashBlog Remote File Upload Vulnerability mefisto (May 29)
Michael G. Reed
Re: function sleep() in all versions of PHP Michael G. Reed (May 27)
Michael Scheidell
Re: Exploiting Google MX servers as Open SMTP Relays Michael Scheidell (May 10)
Michael Wojcik
RE: function sleep() in all versions of PHP Michael Wojcik (May 28)
Michal Zalewski
[tool announcement] tmin - a handy fuzzing test case optimizer Michal Zalewski (May 06)
mkanat
Security Advisory for Bugzilla 3.0.3, 3.1.3, 2.22.3, and 2.20.5 mkanat (May 06)
mm
Debian generated SSH-Keys working exploit mm (May 15)
m . morcote
Re: VisualSentinel 0.7 Cross Agent Scripting Vulnerability m . morcote (May 31)
Moritz Muehlenhoff
[SECURITY] [DSA 1574-1] New icedove packages fix several vulnerabilities Moritz Muehlenhoff (May 12)
my
vuln in WordPress plugin Upload File(UP) my (May 24)
narita.hiroo
rPSA-2008-0157-1 kernel narita.hiroo (May 07)
Nicob
Novell eDirectory DoS via HTTP headers Nicob (May 05)
Novell eDirectory unauthenticated access to SOAP interface Nicob (May 05)
Nicolas FISCHBACH
IOS Rookit: the sky isn't falling (yet) Nicolas FISCHBACH (May 27)
Noah Meyerhans
[SECURITY] [DSA 1576-2] New openssh packages fix predictable randomness Noah Meyerhans (May 16)
none
Re: vuln in WordPress plugin Upload File(UP) none (May 26)
organiser () syscan org
Confirmed Program for SyScan'08 Hong Kong organiser () syscan org (May 12)
output
www file share pro 5.30 insecure multiple output (May 21)
pablo . ximenes
Re: Re: Re: Exploiting Google MX servers as Open SMTP Relays pablo . ximenes (May 21)
Re: Re: Exploiting Google MX servers as Open SMTP Relays pablo . ximenes (May 12)
Exploiting Google MX servers as Open SMTP Relays pablo . ximenes (May 07)
Paul Craig
Malformed Acrobat Distiller 8 .joboptions Paul Craig (May 14)
Paul Szabo
Re: Re: Re: Re: Apache Server HTML Injection and UTF-7 XSS Vulnerability Paul Szabo (May 19)
pi3
Mtr - remote and local stack overflow - uncomment situation in libresolv. pi3 (May 20)
Pierre-Yves Rofes
[ GLSA 200805-09 ] MoinMoin: Privilege escalation Pierre-Yves Rofes (May 12)
[ GLSA 200805-11 ] Chicken: Multiple vulnerabilities Pierre-Yves Rofes (May 13)
[ GLSA 200805-04 ] eGroupWare: Multiple vulnerabilities Pierre-Yves Rofes (May 08)
[ GLSA 200805-10 ] Pngcrush: User-assisted execution of arbitrary code Pierre-Yves Rofes (May 12)
[ GLSA 200805-14 ] Common Data Format library: User-assisted execution of arbitrary code Pierre-Yves Rofes (May 13)
[ GLSA 200805-02 ] phpMyAdmin: Information disclosure Pierre-Yves Rofes (May 06)
[ GLSA 200805-12 ] Blender: Multiple vulnerabilities Pierre-Yves Rofes (May 13)
[ GLSA 200805-01 ] Horde Application Framework: Multiple vulnerabilities Pierre-Yves Rofes (May 06)
[ GLSA 200805-13 ] PTeX: Multiple vulnerabilities Pierre-Yves Rofes (May 13)
Praburaajan
CFP for HITBSecConf2008 - Malaysia now open Praburaajan (May 17)
Photos and Presentation Materials from HITBSecConf2008 - Dubai Released Praburaajan (May 03)
Ricardo Martins - Chief Security Officers
PR07-15: Cross-site Scripting (XSS) / HTML injection on F5 FirePass 4100 SSL VPN 'my.logon.php3' server-side script Ricardo Martins - Chief Security Officers (May 23)
rick . a . cook
Re: After 6 months - fix available for Microsoft DNS cache poisoning attack rick . a . cook (May 08)
Robbie (Rupinder) Gill
Aruba Mobility Controller TACACS User Authentication and Cross Site Scripting Vulnerabilities (Aruba Advisory ID: AID-051408) Robbie (Rupinder) Gill (May 15)
Robert Buchholz
[ GLSA 200805-07 ] Linux Terminal Server Project: Multiple vulnerabilities Robert Buchholz (May 09)
[ GLSA 200805-19 ] ClamAV: Multiple vulnerabilities Robert Buchholz (May 20)
[ GLSA 200805-18 ] Mozilla products: Multiple vulnerabilities Robert Buchholz (May 20)
[ GLSA 200805-08 ] InspIRCd: Denial of Service Robert Buchholz (May 09)
[ GLSA 200805-06 ] Firebird: Data disclosure Robert Buchholz (May 09)
[ GLSA 200805-16 ] OpenOffice.org: Multiple vulnerabilities Robert Buchholz (May 14)
[ GLSA 200805-20 ] GnuTLS: Execution of arbitrary code Robert Buchholz (May 22)
rPath Update Announcements
rPSA-2008-0105-1 evolution rPath Update Announcements (May 28)
rPSA-2008-0157-1 kernel rPath Update Announcements (May 02)
rPSA-2008-0177-1 emacs emacs-leim rPath Update Announcements (May 27)
rPSA-2008-0176-1 php php-cgi php-imap php-mcrypt php-mysql php-mysqli php-pgsql php-soap php-xsl php5 php5-cgi php5-imap php5-mcrypt php5-mysql php5-mysqli php5-pear php5-pgsql php5-soap php5-xsl rPath Update Announcements (May 23)
rPSA-2008-0174-1 gnutls rPath Update Announcements (May 22)
rPSA-2008-0178-1 php php-mysql php-pgsql rPath Update Announcements (May 28)
rPSA-2008-0162-1 kernel rPath Update Announcements (May 07)
rwann
Re: [HV-INFO] Enova hardware encryption: false sense of security rwann (May 29)
Re: [HV-INFO] Enova hardware encryption: false sense of security rwann (May 29)
sales
Re: BosNews v4.0 Remote add user admin sales (May 24)
Sebastien Deleersnyder
Invitation - OWASP AppSec Europe May 19-22 2008 - Belgium Sebastien Deleersnyder (May 06)
Secunia Research
Secunia Research: Foxit Reader "util.printf()" Buffer Overflow Secunia Research (May 20)
Secunia Research: Samba "receive_smb_raw()" Buffer Overflow Vulnerability Secunia Research (May 29)
Secunia Research: imlib2 PNM and XPM Buffer Overflow Secunia Research (May 29)
security
[ MDVSA-2008:096 ] - Updated emacs packages fix vulnerability in vcdiff security (May 07)
[ MDVSA-2008:095 ] - Updated OpenOffice.org packages fix vulnerabilities security (May 02)
[ MDVSA-2008:107 ] - Updated openssl package fixes denial of service vulnerabilities security (May 28)
[ MDVSA-2008:098 ] - Updated openssh packages fix vulnerability security (May 07)
[ MDVSA-2008:101 ] - Updated rdesktop packages fix vulnerabilities security (May 16)
[ MDVSA-2008:099 ] - Updated ImageMagick packages fix vulnerabilities security (May 09)
[ MDVSA-2008:108 ] - Updated samba packages fix arbitrary code execution vulnerability security (May 29)
[ MDVSA-2008:102 ] - Updated libvorbis packages fix vulnerabilities security (May 16)
[ MDVSA-2008:103 ] - Updated libid3tag packages fix denial of service vulnerability security (May 20)
[ MDVSA-2008:100 ] - Updated perl packages fix denial of service vulnerability security (May 12)
[ MDVSA-2008:097 ] - Updated kdelibs packages fix vulnerability in start_kdeinit security (May 07)
[ MDVSA-2008:106 ] - Updated gnutls packages fix denial of service vulnerabilities security (May 24)
[ MDVSA-2008:105 ] - Updated kernel packages fix vulnerabilities security (May 21)
security-alert
[security bulletin] HPSBUX02337 SSRT080072 rev.1 - HP-UX Running HP-UX Secure Shell, Local Unauthorized Access and Denial of Service (DoS) security-alert (May 22)
HPSBUX02324 SSRT080034 rev.1 - HP-UX Running Netscape Directory Server (NDS), Local Gain Extended Privileges security-alert (May 06)
[security bulletin] HPSBST02336 SSRT080071 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-026 to MS08-029 security-alert (May 20)
[security bulletin] HPSBUX02335 SSRT071454 rev.1 - HP-UX Running useradd(1M), Local Unauthorized Access security-alert (May 20)
HPSBUX02332 SSRT080056 rev.1 - HP-UX running Apache with PHP, Remote Denial of Service (DoS), Gain Extended Privileges security-alert (May 06)
[security bulletin] HPSBUX02334 SSRT071403 rev.2 - HP-UX Running ftp, Remote Denial of Service (DoS) security-alert (May 28)
[security bulletin] HPSBUX02332 SSRT080056 rev.2 - HP-UX Running Apache With PHP, Remote Denial of Service (DoS), Gain Extended Privileges security-alert (May 20)
[security bulletin] HPSBUX02335 SSRT071454 rev.2 - HP-UX Running useradd(1M), Local Unauthorized Access security-alert (May 27)
[security bulletin] HPSBMA02331 SSRT080000 rev.2 - HP-UX running WBEM Services, Remote Execution of Arbitrary Code, Gain Extended Privileges security-alert (May 06)
[security bulletin] HPSBUX02334 SSRT071403 rev.1 - HP-UX Running ftp, Remote Denial of Service (DoS) security-alert (May 12)
security curmudgeon
Re: CORE-2008-0126: Multiple vulnerabilities in iCal security curmudgeon (May 27)
securityfocus
Re: Lifetype 1.2.7 XSS Vulnerability securityfocus (May 05)
Security Objectives, Inc.
SECOBJADV-2008-01: Lenovo SystemUpdate SSL Certificate Issuer Spoofing Vulnerability Security Objectives, Inc. (May 26)
skyline
Re: Vbulletin 3.7.0 Gold >> Sql injection on faq.php skyline (May 27)
sohotguy
Re: Apple iPhone 1.1.3 remote DoS exploit sohotguy (May 19)
Stefan Esser
Advisory SE-2008-03: PHP Multibyte Shell Command Escaping Bypass Vulnerability Stefan Esser (May 06)
Advisory SE-2008-02: PHP GENERATE_SEED() Weak Random Number Seed Vulnerability Stefan Esser (May 06)
Stefano Zanero
CFP: European Conference on Computer Network Defense Stefano Zanero (May 14)
Steffen Wendzel
XSS in AstroCam Steffen Wendzel (May 01)
Steve Kemp
[SECURITY] [DSA 1570-1] New kazehakase packages fix execution of arbitrary code Steve Kemp (May 06)
[SECURITY] [DSA 1566-1] New cpio packages fix denial of service Steve Kemp (May 02)
[SECURITY] [DSA 1587-1] New mtr packages fix execution of arbitrary code Steve Kemp (May 26)
[SECURITY] [DSA 1584-1] New libfissound packages fix execution of arbitrary code Steve Kemp (May 21)
Steven M. Christey
Re: CORE-2008-0126: Multiple vulnerabilities in iCal Steven M. Christey (May 28)
sys-project
SazCart <= 1.5.1 (prodid) Remote SQL Injection Exploit sys-project (May 09)
Scout Portal Toolkit <= 1.4.0 (ParentId) Remote SQL Injection Exploit sys-project (May 05)
StanWeb.CMS (default.asp id) Remote SQL Injection Exploit sys-project (May 17)
tan_prathan
Exteen Blog XSS Remote Cookie Disclosure Exploit tan_prathan (May 22)
PHPFreeForum <= 1.0 RC2 Remote XSS Vulnerability tan_prathan (May 22)
phpSQLiteCMS Multiple Remote XSS Vulnerability tan_prathan (May 22)
Starsgames Control Panel <= 4.6.2 Remote XSS Vulnerability tan_prathan (May 20)
Wordpress Malicious File Execution Vulnerability tan_prathan (May 19)
Mini-CWB <= 2.1.1 Remote XSS Vulnerability tan_prathan (May 26)
AppServ Open Project < = 2.5.10 Remote XSS Vulnerability tan_prathan (May 20)
BMForum Remote 5.6 Miltiple XSS Vulnerability tan_prathan (May 22)
Team SHATTER
Team SHATTER Security Advisory: Oracle Database Buffer Overflow in SYS.DBMS_AQJMS_INTERNAL (DB15) Team SHATTER (May 01)
Team SHATTER Security Advisory: Oracle Database SQL Injection in SYS.DBMS_CDC_UTILITY.LOCK_CHANGE_SET (DB02) Team SHATTER (May 01)
Team SHATTER Security Advisory: Oracle Database Buffer Overflow in SYS.KUPF$FILE_INT.GET_FULL_FILENAME (DB11) Team SHATTER (May 01)
Thijs Kinkhorst
[SECURITY] [DSA 1569-1] New cacti packages fix multiple vulnerabilities Thijs Kinkhorst (May 05)
[SECURITY] [DSA 1573-1] New php5 packages fix several vulnerabilities Thijs Kinkhorst (May 12)
[SECURITY] [DSA 1572-1] New php5 packages fix several vulnerabilities Thijs Kinkhorst (May 12)
[SECURITY] [DSA 1580-1] New phpgedview packages fix privilege escalation Thijs Kinkhorst (May 20)
[SECURITY] [DSA 1569-2] New cacti packages fix regression Thijs Kinkhorst (May 06)
[SECURITY] [DSA 1582-1] New peercast packages fix arbitrary code execution Thijs Kinkhorst (May 20)
[SECURITY] [DSA 1568-1] New b2evolution packages fix cross site scripting Thijs Kinkhorst (May 05)
[SECURITY] [DSA 1564-1] New wordpress packages fix several vulnerabilities Thijs Kinkhorst (May 01)
[SECURITY] [DSA 1577-1] New gforge packages fix insecure temporary files Thijs Kinkhorst (May 14)
[SECURITY] [DSA 1554-2] New roundup packages fix regression Thijs Kinkhorst (May 06)
[SECURITY] [DSA 1583-1] New gnome-peercast packages fix several vulnerabilities Thijs Kinkhorst (May 20)
[SECURITY] [DSA 1578-1] New php4 packages fix several vulnerabilities Thijs Kinkhorst (May 17)
[SECURITY] [DSA 1573-1] New rdesktop packages fix several vulnerabilities Thijs Kinkhorst (May 12)
Tim
Re: Re: Re: Re: Apache Server HTML Injection and UTF-7 XSS Vulnerability Tim (May 19)
Tobias Heinlein
[ GLSA 200805-03 ] Multiple X11 terminals: Local privilege escalation Tobias Heinlein (May 07)
[ GLSA 200805-21 ] Roundup: Permission bypass Tobias Heinlein (May 27)
[ GLSA 200805-15 ] libid3tag: Denial of Service Tobias Heinlein (May 14)
[ GLSA 200805-17 ] Perl: Execution of arbitrary code Tobias Heinlein (May 20)
[ GLSA 200805-23 ] Samba: Heap-based buffer overflow Tobias Heinlein (May 29)
[ GLSA 200805-22 ] MPlayer: User-assisted execution of arbitrary code Tobias Heinlein (May 29)
Todd T. Fries
Re: Exploiting Google MX servers as Open SMTP Relays Todd T. Fries (May 10)
Re: Exploiting Google MX servers as Open SMTP Relays Todd T. Fries (May 10)
Tom . Donovan
Re: Re: Re: Apache Server HTML Injection and UTF-7 XSS Vulnerability Tom . Donovan (May 15)
Re: Re: Re: Re: Re: Apache Server HTML Injection and UTF-7 XSS Vulnerability Tom . Donovan (May 19)
Tomi Tuominen
T2'08: Call for Papers 2008 (Helsinki / Finland) Tomi Tuominen (May 26)
unohope
Campus Bulletin Board v3.4 Multiple Remote Vulnerabilities unohope (May 26)
Excuse Online (pwd) SQL Injection Vulnerability unohope (May 26)
Class System v2.3 Multiple Remote Vulnerabilities unohope (May 26)
Repair Online v1.2 (sentout) Create Admin Vulnerability unohope (May 26)
phpFix v2 Multiple SQL Injection Vulnerability unohope (May 26)
Viktor Larionov
RE: An account of the Estonian Internet War Viktor Larionov (May 20)
VMware Security team
VMSA-2008-0008 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion resolve critical security issues VMware Security team (May 30)
Walker, Theresa A CIV DISA CSD
RE: Cisco Security Advisory: Cisco Unified Presence Denial of Service Vulnerabilities (UNCLASSIFIED) Walker, Theresa A CIV DISA CSD (May 15)
William A. Rowe, Jr.
Correction to BID 29112 "Apache Server HTML Injection and UTF-7 XSS Vulnerability" William A. Rowe, Jr. (May 14)
Re: Apache Server HTML Injection and UTF-7 XSS Vulnerability William A. Rowe, Jr. (May 19)
Williams, James K
CA ARCserve Backup caloggerd and xdr Functions Vulnerabilities Williams, James K (May 20)
yos20053
Re: Re: Re: Re: Apache Server HTML Injection and UTF-7 XSS Vulnerability yos20053 (May 17)
Re: Re: Apache Server HTML Injection and UTF-7 XSS Vulnerability yos20053 (May 12)
zdi-disclosures
ZDI-08-023: Microsoft Office RTF Parsing Engine Memory Corruption Vulnerability zdi-disclosures (May 13)
ZDI-08-033: Motorola RAZR JPG Processing Stack Overflow Vulnerability zdi-disclosures (May 27)
ZDI-08-024: Symantec Altiris Deployment Solution SQL Injection Vulnerability zdi-disclosures (May 15)
ZDI-08-028: IBM Lotus Sametime Community Services Multiplexer Stack Overflow Vulnerability zdi-disclosures (May 22)
ZDI-08-027: CA BrightStor ARCserve Backup Arbitrary File Writing Vulnerability zdi-disclosures (May 20)
ZDI-08-030: Trillian Multiple Protocol XML Parsing Memory Corruption Vulnerability zdi-disclosures (May 22)
ZDI-08-025: Symantec Altiris Deployment Solution Domain Credential Disclosure Vulnerability zdi-disclosures (May 15)
ZDI-08-031: Trillian MSN MIME Header Stack-Based Overflow Vulnerability zdi-disclosures (May 22)
ZDI-08-029: Trillian AIM.DLL Long HTML Font Parameter Stack Overflow Vulnerability zdi-disclosures (May 22)
ZDI-08-026: CA BrightStor ARCserve Backup Remote Buffer Overflow zdi-disclosures (May 20)