Bugtraq: by thread
269 messages
starting Oct 01 08 and
ending Oct 31 08
Date index |
Thread index |
Author index
- Printlog <= 0.4: Remote File Edition Vulnerability Pepelux (Oct 01)
- Oracle Password Cracker written in PL/SQL pete (Oct 01)
- RE: MySQL command-line client HTML injection vulnerability Quark IT - Hilton Travis (Oct 01)
- Re: MySQL command-line client HTML injection vulnerability Michael Scheidell (Oct 08)
- <Possible follow-ups>
- Re: RE: MySQL command-line client HTML injection vulnerability mrry . dmlo (Oct 03)
- RE: RE: MySQL command-line client HTML injection vulnerability Quark IT - Hilton Travis (Oct 06)
- Re: MySQL command-line client HTML injection vulnerability okuno (Oct 29)
- Remote and Local File Inclusion Vulnerability <= 1.1 Rportal kadfrox (Oct 01)
- phpMyID can act as a redirector and as headers injector atomo64 (Oct 01)
- Re: MS Internet Explorer 7 Denial Of Service Exploit Pruett, Mike (Oct 02)
- [USN-649-1] OpenSSH vulnerabilities Kees Cook (Oct 02)
- FreeBSD Security Advisory FreeBSD-SA-08:10.nd6 FreeBSD Security Advisories (Oct 02)
- Adobe Flash Player plug-in null pointer dereference and browser crash Matthew Dempsky (Oct 02)
- XSS vulnerability in phpMyID Raphael Geissert (Oct 02)
- Layered Defense Research Advisory: Juniper Netscreen Firewall Cross-Site-Scripting (XSS) event log injection dh (Oct 02)
- Re: [MajorSecurity Advisory #53]BLUEPAGE CMS - Cross Site Scripting and Session Fixation Issues admin (Oct 02)
- HostAdmin Cross-Site Scripting Vulnerabilities admin (Oct 02)
- Re: White Wolf Labs #080922-1: Exploitation Through ActiveSync 4.x Vladimir '3APA3A' Dubrovin (Oct 02)
- Re: Blue Coat xss Tom Kelly (Oct 02)
- Re: "Exploit creation - The random approach" or "Playing with random to build exploits" Nelson Brito (Oct 03)
- Re: "Exploit creation - The random approach" or "Playing with random to build exploits" Eygene Ryabinkin (Oct 03)
- [USN-650-1] cpio vulnerability Jamie Strandboge (Oct 03)
- Website Directory - XSS Exploit Ghost hacker (Oct 03)
- Secunia Research: Trend Micro OfficeScan Directory Traversal Vulnerability Secunia Research (Oct 03)
- [SECURITY] [DSA 1643-1] New feta packages fix denial of service Moritz Muehlenhoff (Oct 06)
- [ MDVSA-2008:210 ] mono security (Oct 06)
- FOSS Gallery Public Version <= 1.0 / Arbitrary file upload Vulnerabilities Pepelux (Oct 06)
- AyeView v2.20 (malformed gif image) DoS Exploit crimson . loyd (Oct 06)
- Re: AyeView v2.20 (malformed gif image) DoS Exploit Vladimir '3APA3A' Dubrovin (Oct 06)
- iFoto, CSS-based GD2 photo gallery <= 1.0: Remote File Disclosure Vulnerability Pepelux (Oct 06)
- <Possible follow-ups>
- Re: iFoto, CSS-based GD2 photo gallery <= 1.0: Remote File Disclosure Vulnerability Lostmon (Oct 07)
- [ MDVSA-2008:209 ] pam_krb5 security (Oct 06)
- VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and patches for ESX and ESXi resolve multiple security issues VMware Security team (Oct 06)
- CMME Multiple Information disclosure vulnerabilities admin (Oct 06)
- MetaGauge 1.0.0.17 Directory Traversal brad . antoniewicz (Oct 06)
- PHPWebExplorer <= 0.09b: Local File Inclusion Vulnerability Pepelux (Oct 06)
- VMware Emulation Flaw x64 Guest Privilege Escalation (1/2) ds . adv . pub (Oct 06)
- FOSS Gallery Admin Version <= 1.0 / Remote Arbitrary Upload Vulnerability Pepelux (Oct 06)
- [ENABLESECURITY] Apple's Mail.app stores your S/MIME encrypted emails in clear text publists (Oct 06)
- [SECURITY] [DSA-1645-1] New lighttpd packages fix various problems Steve Kemp (Oct 06)
- FastStone Image Viewer v3.6 (malformed bmp image) DoS Exploit crimson . loyd (Oct 06)
- [SECURITY] [DSA-1644-1] New mplayer packages fix integer overflows Devin Carraway (Oct 06)
- OpenNMS Multiple Vulnerabilities Trancer (Oct 06)
- Motorola Timbuktu's Internet Locator Service real-time data exposed to public. vulns (Oct 06)
- <Possible follow-ups>
- Re: Motorola Timbuktu's Internet Locator Service real-time data exposed to public. artful38 (Oct 07)
- Re: Motorola Timbuktu's Internet Locator Service real-time data exposed to public. Juha-Matti Laurio (Oct 08)
- Re: Motorola Timbuktu's Internet Locator Service real-time data exposed to public. therese . vanryne (Oct 09)
- [SECURITY] [DSA 1647-1] New php5 packages fix several vulnerabilities Thijs Kinkhorst (Oct 07)
- Firefox Privacy Broken If Used to Open Web Page File Liu Die Yu (Oct 07)
- HostAdmin 3.* Remote File Include Vulnerabilities admin (Oct 07)
- <Possible follow-ups>
- Re: HostAdmin 3.* Remote File Include Vulnerabilities admin (Oct 08)
- [SECURITY] [DSA-1646-1] New squid packages fix array bounds check Devin Carraway (Oct 07)
- Yerba SACphp <= 6.3 / Local File Inclusion Exploit Pepelux (Oct 07)
- Re: Verizon FIOS (and DSL?) wireless access point insecure default WEP key Michael Scheidell (Oct 07)
- [security bulletin] HPSBUX02375 SSRT080122 rev.1 - HP-UX Running NFS/ONCplus, Remote Denial of Service (DoS) security-alert (Oct 07)
- [OPENX-SA-2008-002] OpenX 2.4.9 and 2.6.2 fix SQL injection vulnerability Matteo Beccati (Oct 07)
- [ GLSA 200810-01 ] WordNet: Execution of arbitrary code Tobias Heinlein (Oct 07)
- ANNOUNCE - RFIDIOt version 0.1t released Adam Laurie (Oct 08)
- [W02-1008] GearSoftware Powered Products Local Privilege Escalation (Microsoft Windows Kernel IopfCompleteRequest Integer Overflow) vulns (Oct 08)
- Cisco Security Advisory: Authentication Bypass in Cisco Unity Cisco Systems Product Security Incident Response Team (Oct 08)
- Windows Mobile 6 insecure password handling and too short WLAN-password MC Iglo (Oct 08)
- Advisory: Graphviz Buffer Overflow Code Execution roeeh (Oct 08)
- [SECURITY] [DSA 1648-1] New mon packages fix insecure temporary files Thijs Kinkhorst (Oct 08)
- [SECURITY] [DSA 1649-1] New iceweasel packages fix several vulnerabilities Moritz Muehlenhoff (Oct 08)
- ZDI-08-063: Novell eDirectory dhost.exe Content-Length Header Heap Overflow Vulnerability zdi-disclosures (Oct 08)
- ZDI-08-064: Novell eDirectory dhost.exe Accept Language Header Heap Overflow Vulnerability zdi-disclosures (Oct 08)
- ZDI-08-065: Novell eDirectory Core Protocol Opcode 0x0F Heap Overflow Vulnerability zdi-disclosures (Oct 08)
- Token Kidnapping Windows 2003 PoC exploit Cesar (Oct 08)
- <Possible follow-ups>
- Re: Token Kidnapping Windows 2003 PoC exploit groovydude (Oct 09)
- Re: Re: Token Kidnapping Windows 2003 PoC exploit ideaburner (Oct 13)
- ZDI-08-066: Novell eDirectory Core Protocol Opcode 0x24 Heap Overflow Vulnerability zdi-disclosures (Oct 08)
- FC2 BLOG Cross-Site Scripting Vulnerabilities xsp (Oct 09)
- [security bulletin] HPSBMA02376 SSRT080099 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Cross Site Scripting (XSS) security-alert (Oct 09)
- PR08-24: Proxim Tsunami MP.11 2411 vulnerable to SNMP Injection ProCheckUp Research (Oct 09)
- Re: PR08-24: Proxim Tsunami MP.11 2411 vulnerable to SNMP Injection Vladimir '3APA3A' Dubrovin (Oct 09)
- Re: PR08-24: Proxim Tsunami MP.11 2411 vulnerable to SNMP Injection lee . e . rian (Oct 09)
- Re[2]: PR08-24: Proxim Tsunami MP.11 2411 vulnerable to SNMP Injection Vladimir '3APA3A' Dubrovin (Oct 10)
- Re: PR08-24: Proxim Tsunami MP.11 2411 vulnerable to SNMP Injection ProCheckUp Research (Oct 10)
- Re: PR08-24: Proxim Tsunami MP.11 2411 vulnerable to SNMP Injection lee . e . rian (Oct 09)
- Re: PR08-24: Proxim Tsunami MP.11 2411 vulnerable to SNMP Injection Vladimir '3APA3A' Dubrovin (Oct 09)
- [security bulletin] HPSBMA02362 SSRT080044, SSRT080045, SSRT080042 rev.2 - HP OpenView Network Node Manager (OV NNM), Remote Denial of Service (DoS), Execute Arbitrary Code security-alert (Oct 09)
- News Manager Remote SQL Injection Vulnerability Ghost hacker (Oct 09)
- Re: News Manager Remote SQL Injection Vulnerability packet (Oct 10)
- PR07-31: Unauthenticated SQL Injection, XSS on Login Page and Username Enumeration on DPSnet Case Progress ProCheckUp Research (Oct 09)
- [security bulletin] HPSBMA02374 SSRT080046 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Denial of Service (DoS) security-alert (Oct 09)
- [ GLSA 200810-02 ] Portage: Untrusted search path local root vulnerability Robert Buchholz (Oct 09)
- CA ARCserve Backup Multiple Vulnerabilities Williams, James K (Oct 10)
- [SECURITY] CVE-2008-3271 - Apache Tomcat information disclosure Mark Thomas (Oct 10)
- ZDI-08-067: Apple CUPS 1.3.7 (HP-GL/2 filter) Remote Code Execution Vulnerability zdi-disclosures (Oct 10)
- [USN-651-1] Ruby vulnerabilities Jamie Strandboge (Oct 10)
- [LC-2008-04] Nokia Browser Array Sort Denial Of Service Vulnerability luca . carettoni (Oct 10)
- iSEC Partners Security Advisory - 2008-002-lenovornr - Lenovo Rescue and Recovery 4.20 Chris Clark (Oct 13)
- CA BrightStor ARCServe BackUp Message Engine Remote Command Injection Vulnerability cocoruder (Oct 13)
- [ MDVSA-2008:210-1 ] mono security (Oct 13)
- NewLife Blogger <= v3.0 / Insecure Cookie Handling & SQL Injection Vulnerability Pepelux (Oct 13)
- Uninformed Journal Release Announcement: Volume 10 sflist (Oct 13)
- [SECURITY] [DSA 1646-2] New squid packages fix array bounds check Devin Carraway (Oct 13)
- Marvell Driver Malformed Association Request Vulnerability Laurent Butti (Oct 13)
- CREATE ANY DIRECTORY to SYSDBA paul . wright (Oct 13)
- İltaweb Alışveriş Sistemi (tr) Sql inj ozdemirtravel (Oct 13)
- [SECURITY] [DSA 1650-1] New openldap2.3 packags fix denial of service Moritz Muehlenhoff (Oct 13)
- [SECURITY] [DSA 1651-1] New ruby1.8 packages fix several vulnerabilities Moritz Muehlenhoff (Oct 13)
- [ MDVSA-2008:211 ] cups security (Oct 13)
- [SECURITY] [DSA 1652-1] New ruby1.9 packages fix several vulnerabilities Moritz Muehlenhoff (Oct 13)
- [SECURITY] [DSA 1653-1] New Linux 2.6.18 packages fix several vulnerabilities dann frazier (Oct 13)
- [RISE-2008001] Sun Solstice AdminSuite sadmind adm_build_path() Buffer Overflow Vulnerability RISE Security (Oct 14)
- WP Comment Remix 1.4.3 Multiple Vulnerabilities g30rg3_x (Oct 14)
- Telecom Italia Alice Pirelli routers backdoor discoverd to activate telnet/ftp/tftp from internal LAN/WLAN. drpepppperone (Oct 14)
- [USN-653-1] D-Bus vulnerabilities Kees Cook (Oct 14)
- [SECURITY] [DSA 1654-1] New libxml2 packages fix execution of arbitrary code Steve Kemp (Oct 14)
- Webscene eCommerce (level) Remote Sql Injection angel (Oct 14)
- [USN-652-1] LittleCMS vulnerability Kees Cook (Oct 14)
- iDefense Security Advisory 10.14.08: Microsoft Host Integration Server 2006 Command Execution Vulnerability iDefense Labs (Oct 14)
- CORE-2008-1010: VLC media player XSPF Memory Corruption CORE Security Technologies Advisories (Oct 15)
- ZDI-08-068: Microsoft Office Excel BIFF File Format Parsing Stack Overflow Vulnerability zdi-disclosures (Oct 15)
- ZDI-08-069: Microsoft Internet Explorer componentFromPoint Memory Corruption Vulnerability zdi-disclosures (Oct 15)
- TPTI-08-07: Microsoft Windows Message Queuing Service Heap Overflow and Memory Disclosure Vulnerability dvlabs (Oct 15)
- iDefense Security Advisory 10.14.08: Microsoft Visual Basic for Applications - Multiple Vulnerabilities labs-no-reply () idefense com (Oct 15)
- [USN-654-1] libexif vulnerabilities Kees Cook (Oct 15)
- iDefense Security Advisory 10.14.08: Sun Java Web Proxy Server FTP Resource Handling Heap-Based Buffer Overflow labs-no-reply () idefense com (Oct 15)
- [USN-655-1] exiv2 vulnerabilities Kees Cook (Oct 15)
- Vivid Ads Shopping Cart (cid) Remote SQL Injection djmomo (Oct 15)
- MS OWA 2003 Redirection Vulnerability Martin Suess (Oct 15)
- Re: MS OWA 2003 Redirection Vulnerability Stefano Di Paola (Oct 15)
- Re: MS OWA 2003 Redirection Vulnerability - [MSRC 7368br] Davide Del Vecchio (Oct 17)
- Re: [Full-disclosure] MS OWA 2003 Redirection Vulnerability - [MSRC7368br] Morning Wood (Oct 18)
- Re: MS OWA 2003 Redirection Vulnerability - [MSRC7368br] Davide Dante Del Vecchio (Oct 20)
- Re: [Full-disclosure] MS OWA 2003 Redirection Vulnerability - [MSRC7368br] Morning Wood (Oct 18)
- <Possible follow-ups>
- Re: Re: MS OWA 2003 Redirection Vulnerability martin . suess (Oct 16)
- Exploit for MS08-066 - AFD.sys kernel memory overwrite. Reversemode (Oct 15)
- Paper: Adventures with a certain Xen vulnerability Joanna Rutkowska (Oct 15)
- Internet Explorer 6 componentFromPoint() remote memory disclosure and remote code execution Ivan Fratric (Oct 15)
- [ MDVSA-2008:212 ] libxml2 security (Oct 15)
- [security bulletin] HPSBMA02349 SSRT080043 rev.2 - HP OpenView Network Node Manager (OV NNM), Remote Unauthorized Access to Data security-alert (Oct 15)
- Multiple Flash Authoring Heap Overflows - Malformed SWF Files Paul Craig (Oct 15)
- [USN-656-1] CUPS vulnerabilities Jamie Strandboge (Oct 15)
- [ MDVSA-2008:213 ] dbus security (Oct 15)
- SEC Consult SA-20081016-0 :: Remote command execution in Instant Expert Analysis Bernhard Mueller (Oct 16)
- HACKATTACK Advisory 20081016]WEB//NEWS SQL Injection and Cookie Manipulation office (Oct 16)
- rPSA-2008-0295-1 rails rPath Update Announcements (Oct 16)
- rPSA-2008-0294-1 postfix rPath Update Announcements (Oct 16)
- [ MDVSA-2008:214 ] mon security (Oct 16)
- [SECURITY] [DSA 1655-1] New Linux 2.6.24 packages fix several vulnerabilities dann frazier (Oct 17)
- Doubt in MySQL Quick Admin <= 1.5.5 (COOKIE) Local File Inclusion Vulnerability POC posted on milworm vinodsharma . mimit (Oct 17)
- Message not available
- <Possible follow-ups>
- Re: FGA-2008-23:EMC NetWorker Denial of Service Vulnerability Security_Alert (Oct 22)
- Re: vshop - Axcoto cart <= 0.1alpha / Local File Inclusion Vulnerability Jose Luis (Oct 23)
- Re: MS08-067 - Where can I find an exploit for this? Salvador III Manaois (Oct 24)
- Re: MS08-067 - Where can I find an exploit for this? Salvador III Manaois (Oct 24)
- Re: MS08-067 - Where can I find an exploit for this? illumina7i (Oct 30)
- Re: MS08-067 - Where can I find an exploit for this? Isaias Calderon (Oct 30)
- Re: MS08-067 - Where can I find an exploit for this? Salvador III Manaois (Oct 24)
- <Possible follow-ups>
- Re: Java Web start vulnerability varun . srivastav (Oct 31)
- Re: HTTPBruteForcer released raven (Oct 25)
- Re: HTTPBruteForcer released The Anarcat (Oct 25)
- <Possible follow-ups>
- Re: MyBB 1.4.2: Multiple Vulnerabilties krzysztof . kozlowski (Oct 27)
- Re: Writeup by Amit Klein (Trusteer): Address Bar Spoofing for IE6 Amit Klein (Oct 27)
- Re: [ MDVSA-2008:217 ] lynx Thomas Dickey (Oct 29)
- Re: Quassel IRC: connection hijacking Wouter Coekaerts (Oct 29)
- Message not available
- Re: Advanced application-level OS fingerprinting Berend-Jan Wever (Oct 30)
- RE: Universal Website Hijacking by Exploiting Firewall Content Filtering Features + SonicWALL firewalls 0day Jim Harrison (Oct 31)
- <Possible follow-ups>
- Re: Universal Website Hijacking by Exploiting Firewall Content Filtering Features + SonicWALL firewalls 0day sipherr (Oct 31)
- Re: Universal Website Hijacking by Exploiting Firewall Content Filtering Features + SonicWALL firewalls 0day sipherr (Oct 31)