Bugtraq: by author
269 messages
starting Oct 08 08 and
ending Oct 28 08
Date index |
Thread index |
Author index
Adam Laurie
ANNOUNCE - RFIDIOt version 0.1t released Adam Laurie (Oct 08)
Aditya K Sood
Google Chrome OnbeforeUload and OnUnload Null Check Vulnerability. Aditya K Sood (Oct 21)
admin
Re: HostAdmin 3.* Remote File Include Vulnerabilities admin (Oct 08)
Re: [MajorSecurity Advisory #53]BLUEPAGE CMS - Cross Site Scripting and Session Fixation Issues admin (Oct 02)
HostAdmin 3.* Remote File Include Vulnerabilities admin (Oct 07)
HostAdmin Cross-Site Scripting Vulnerabilities admin (Oct 02)
CMME Multiple Information disclosure vulnerabilities admin (Oct 06)
Adrian P
Universal Website Hijacking by Exploiting Firewall Content Filtering Features + SonicWALL firewalls 0day Adrian P (Oct 31)
alighieri_m
Re: MJGuest 6.8 GT Cross Site Scripting Vulnerability alighieri_m (Oct 23)
Amit Klein
Writeup by Amit Klein (Trusteer): Address Bar Spoofing for IE6 Amit Klein (Oct 27)
Re: Writeup by Amit Klein (Trusteer): Address Bar Spoofing for IE6 Amit Klein (Oct 27)
angel
Webscene eCommerce (level) Remote Sql Injection angel (Oct 14)
artful38
Re: Motorola Timbuktu's Internet Locator Service real-time data exposed to public. artful38 (Oct 07)
atomo64
phpMyID can act as a redirector and as headers injector atomo64 (Oct 01)
beenudel1986
phpWebSite links.php Sql Injection beenudel1986 (Oct 31)
spitfirephoto Pro pages.php Sql Injection beenudel1986 (Oct 31)
harlandscripts Mypage.php Sql Injection beenudel1986 (Oct 30)
Berend-Jan Wever
Re: Advanced application-level OS fingerprinting Berend-Jan Wever (Oct 30)
Bernardo Damele A. G.
[Tool] sqlmap 0.6.1 released Bernardo Damele A. G. (Oct 20)
Bernhard Mueller
SEC Consult SA-20081016-0 :: Remote command execution in Instant Expert Analysis Bernhard Mueller (Oct 16)
blapost
[tool] crapto1 released blapost (Oct 21)
brad . antoniewicz
MetaGauge 1.0.0.17 Directory Traversal brad . antoniewicz (Oct 06)
Brett Moore
Insomnia : ISVA-081020.1 - Altiris Deployment Server Agent - Privilege Escalation Brett Moore (Oct 21)
Cesar
Token Kidnapping Windows 2003 PoC exploit Cesar (Oct 08)
ch0p83
flashchat severe bug ch0p83 (Oct 17)
Chip Panarchy
MS08-067 - Where can I find an exploit for this? Chip Panarchy (Oct 24)
Chris Clark
iSEC Partners Security Advisory - 2008-002-lenovornr - Lenovo Rescue and Recovery 4.20 Chris Clark (Oct 13)
Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Authentication Bypass in Cisco Unity Cisco Systems Product Security Incident Response Team (Oct 08)
Cisco Security Advisory: Multiple Vulnerabilities in Cisco PIX and Cisco ASA Cisco Systems Product Security Incident Response Team (Oct 22)
ClubHack
ClubHack2008 [India] - CFP Closing Soon ClubHack (Oct 27)
cocoruder
CA BrightStor ARCServe BackUp Message Engine Remote Command Injection Vulnerability cocoruder (Oct 13)
CORE Security Technologies Advisories
CORE-2008-1010: VLC media player XSPF Memory Corruption CORE Security Technologies Advisories (Oct 15)
crimson . loyd
FastStone Image Viewer v3.6 (malformed bmp image) DoS Exploit crimson . loyd (Oct 06)
DebugDiag (CrashHangExt.dll 1.0) NULL Pointer Dereference crimson . loyd (Oct 30)
AyeView v2.20 (malformed gif image) DoS Exploit crimson . loyd (Oct 06)
Cru3l.b0y
bcoos 1.0.13 Remote File Include Vulnerability Cru3l.b0y (Oct 27)
dan . crowley
Advanced application-level OS fingerprinting dan . crowley (Oct 29)
Application-level OS fingerprinting research - pre-release hashes dan . crowley (Oct 17)
dann frazier
[SECURITY] [DSA 1655-1] New Linux 2.6.24 packages fix several vulnerabilities dann frazier (Oct 17)
[SECURITY] [DSA 1653-1] New Linux 2.6.18 packages fix several vulnerabilities dann frazier (Oct 13)
Davide Dante Del Vecchio
Re: MS OWA 2003 Redirection Vulnerability - [MSRC7368br] Davide Dante Del Vecchio (Oct 20)
Davide Del Vecchio
Re: MS OWA 2003 Redirection Vulnerability - [MSRC 7368br] Davide Del Vecchio (Oct 17)
DeepSec Conference Vienna
Last Call for DeepSec IDSC 2008 in Vienna DeepSec Conference Vienna (Oct 20)
Devin Carraway
[SECURITY] [DSA-1646-1] New squid packages fix array bounds check Devin Carraway (Oct 07)
[SECURITY] [DSA-1644-1] New mplayer packages fix integer overflows Devin Carraway (Oct 06)
[SECURITY] [DSA 1646-2] New squid packages fix array bounds check Devin Carraway (Oct 13)
dh
Layered Defense Research Advisory: Juniper Netscreen Firewall Cross-Site-Scripting (XSS) event log injection dh (Oct 02)
djmomo
Vivid Ads Shopping Cart (cid) Remote SQL Injection djmomo (Oct 15)
drpepppperone
Telecom Italia Alice Pirelli routers backdoor discoverd to activate telnet/ftp/tftp from internal LAN/WLAN. drpepppperone (Oct 14)
ds . adv . pub
VMware Emulation Flaw x64 Guest Privilege Escalation (1/2) ds . adv . pub (Oct 06)
dvlabs
TPTI-08-07: Microsoft Windows Message Queuing Service Heap Overflow and Memory Disclosure Vulnerability dvlabs (Oct 15)
Ehsan_Hp200
IranMC ( detail.php?Kala ) Remote SQL injection Vulnerability Ehsan_Hp200 (Oct 30)
PHP-Nuke Module BookCatalog (category&catid) Remote SQL injection Vulnerability Ehsan_Hp200 (Oct 30)
PHP-Nuke Module League (team&tid) XSS Vulnerability Ehsan_Hp200 (Oct 28)
PHP-Nuke Module Sectionsnew (printpage&artid) Remote SQL injection Vulnerability Ehsan_Hp200 (Oct 30)
PHP-Nuke Module Current_Issue (summary&id) Remote SQL injection Vulnerability Ehsan_Hp200 (Oct 30)
Eygene Ryabinkin
Re: "Exploit creation - The random approach" or "Playing with random to build exploits" Eygene Ryabinkin (Oct 03)
Fabian Fingerle
Cross Site Scripting (XSS) Vulnerabilitiy in cpcommerce, CVE-2008-4121 Fabian Fingerle (Oct 20)
fabio
KVIrc version 3.4.0 Virgo remote format string proof of concept exploit. fabio (Oct 29)
faghani
BotNet on the Rise faghani (Oct 27)
Florian Weimer
[SECURITY] [DSA 1659-1] New libspf2 packages fix potential remote code execution Florian Weimer (Oct 23)
[SECURITY] [DSA 1660-1] New clamav packages fix denial of service Florian Weimer (Oct 27)
FreeBSD Security Advisories
FreeBSD Security Advisory FreeBSD-SA-08:10.nd6 FreeBSD Security Advisories (Oct 02)
g30rg3_x
Re: Doubt in MySQL Quick Admin <= 1.5.5 (COOKIE) Local File Inclusion Vulnerability POC posted on milworm g30rg3_x (Oct 17)
WP Comment Remix 1.4.3 Multiple Vulnerabilities g30rg3_x (Oct 14)
Gadi Evron
[funsec] ICANN Terminates EstDomains' Registrar Accreditation (fwd) Gadi Evron (Oct 30)
Ghost hacker
Website Directory - XSS Exploit Ghost hacker (Oct 03)
iPei cross site scripting Vulnerablity Ghost hacker (Oct 24)
News Manager Remote SQL Injection Vulnerability Ghost hacker (Oct 09)
groovydude
Re: Token Kidnapping Windows 2003 PoC exploit groovydude (Oct 09)
hadikiamarsi
XSS in phpMyadmin hadikiamarsi (Oct 27)
ideaburner
Re: Re: Token Kidnapping Windows 2003 PoC exploit ideaburner (Oct 13)
iDefense Labs
iDefense Security Advisory 10.31.08: OpenOffice EMF Record Parsing Multiple Integer Overflow Vulnerabilities iDefense Labs (Oct 31)
iDefense Security Advisory 10.14.08: Microsoft Host Integration Server 2006 Command Execution Vulnerability iDefense Labs (Oct 14)
iDefense Security Advisory 10.30.08: Adobe PageMaker Key Strings Stack Buffer Overflow iDefense Labs (Oct 30)
iDefense Security Advisory 10.31.08: Oracle WebLogic Apache Connector iDefense Labs (Oct 31)
illumina7i
Re: MS08-067 - Where can I find an exploit for this? illumina7i (Oct 30)
ipsdix
Blaze Media Pro 8.02 SE vulnerability ipsdix (Oct 27)
irancrash
Cpanel 11.x Local File Inclusion & Cross Site Scripting - Discovered By Khashayar Fereidani irancrash (Oct 31)
Isaias Calderon
Re: MS08-067 - Where can I find an exploit for this? Isaias Calderon (Oct 30)
Ivan Fratric
Internet Explorer 6 componentFromPoint() remote memory disclosure and remote code execution Ivan Fratric (Oct 15)
Jamie Strandboge
[USN-650-1] cpio vulnerability Jamie Strandboge (Oct 03)
[USN-657-1] Amarok vulnerability Jamie Strandboge (Oct 21)
[USN-651-1] Ruby vulnerabilities Jamie Strandboge (Oct 10)
[USN-661-1] Linux kernel regression Jamie Strandboge (Oct 30)
[USN-656-1] CUPS vulnerabilities Jamie Strandboge (Oct 15)
Jerome Athias
[Off-Topic] How I was busted. Story of a poor lonesome hacker Jerome Athias (Oct 20)
MSF eXploit Builder v2 Alpha Sources Released Jerome Athias (Oct 27)
HTTPBruteForcer released Jerome Athias (Oct 25)
Jim Harrison
RE: Universal Website Hijacking by Exploiting Firewall Content Filtering Features + SonicWALL firewalls 0day Jim Harrison (Oct 31)
Joanna Rutkowska
Paper: Adventures with a certain Xen vulnerability Joanna Rutkowska (Oct 15)
Jose Luis
Re: vshop - Axcoto cart <= 0.1alpha / Local File Inclusion Vulnerability Jose Luis (Oct 23)
Juha-Matti Laurio
Windows RPC MS08-067 FAQ document updated Juha-Matti Laurio (Oct 27)
Windows RPC MS08-067 FAQ document released Juha-Matti Laurio (Oct 27)
Re: Motorola Timbuktu's Internet Locator Service real-time data exposed to public. Juha-Matti Laurio (Oct 08)
Re: [Full-disclosure] [funsec] ICANN Terminates EstDomains' Registrar Accreditation (fwd) Juha-Matti Laurio (Oct 30)
Lee has posted more detailed response to Fyodor's TCP/IP DoS post Juha-Matti Laurio (Oct 20)
kadfrox
Remote and Local File Inclusion Vulnerability <= 1.1 Rportal kadfrox (Oct 01)
Kees Cook
[USN-653-1] D-Bus vulnerabilities Kees Cook (Oct 14)
[USN-655-1] exiv2 vulnerabilities Kees Cook (Oct 15)
[USN-654-1] libexif vulnerabilities Kees Cook (Oct 15)
[USN-649-1] OpenSSH vulnerabilities Kees Cook (Oct 02)
[USN-658-1] Moodle vulnerability Kees Cook (Oct 24)
[USN-652-1] LittleCMS vulnerability Kees Cook (Oct 14)
krzysztof . kozlowski
Re: MyBB 1.4.2: Multiple Vulnerabilties krzysztof . kozlowski (Oct 27)
L4teral
Typo <= 5.1.3 Multiple Vulnerabilities L4teral (Oct 31)
labs-no-reply () idefense com
iDefense Security Advisory 10.14.08: Sun Java Web Proxy Server FTP Resource Handling Heap-Based Buffer Overflow labs-no-reply () idefense com (Oct 15)
iDefense Security Advisory 10.30.08: Novell eDirectory NCP Get Extension Information Request Memory Corruption Vulnerability labs-no-reply () idefense com (Oct 30)
iDefense Security Advisory 10.14.08: Microsoft Visual Basic for Applications - Multiple Vulnerabilities labs-no-reply () idefense com (Oct 15)
Laurent Butti
Marvell Driver Malformed Association Request Vulnerability Laurent Butti (Oct 13)
lee . e . rian
Re: PR08-24: Proxim Tsunami MP.11 2411 vulnerable to SNMP Injection lee . e . rian (Oct 09)
Liu Die Yu
Firefox Privacy Broken If Used to Open Web Page File Liu Die Yu (Oct 07)
Lostmon
Re: iFoto, CSS-based GD2 photo gallery <= 1.0: Remote File Disclosure Vulnerability Lostmon (Oct 07)
luca . carettoni
[LC-2008-04] Nokia Browser Array Sort Denial Of Service Vulnerability luca . carettoni (Oct 10)
Major Malfunction
London DEFCON meet - DC4420 - Thursday October 23rd Major Malfunction (Oct 20)
Mark Thomas
[SECURITY] CVE-2008-3271 - Apache Tomcat information disclosure Mark Thomas (Oct 10)
Martin Schulze
[SECURITY] [DSA 1661-1] New OpenOffice.org packages fix several vulnerabilities Martin Schulze (Oct 29)
martin . suess
Re: Re: MS OWA 2003 Redirection Vulnerability martin . suess (Oct 16)
Martin Suess
MS OWA 2003 Redirection Vulnerability Martin Suess (Oct 15)
Matteo Beccati
[OPENX-SA-2008-002] OpenX 2.4.9 and 2.6.2 fix SQL injection vulnerability Matteo Beccati (Oct 07)
Matthew Dempsky
Adobe Flash Player plug-in null pointer dereference and browser crash Matthew Dempsky (Oct 02)
MC Iglo
Windows Mobile 6 insecure password handling and too short WLAN-password MC Iglo (Oct 08)
Michael Scheidell
Re: Verizon FIOS (and DSL?) wireless access point insecure default WEP key Michael Scheidell (Oct 07)
Re: MySQL command-line client HTML injection vulnerability Michael Scheidell (Oct 08)
Micheal Cottingham
MyBB 1.4.2: Multiple Vulnerabilties Micheal Cottingham (Oct 27)
Mike Benham
FireGPG Passphrase And Cleartext Vulnerability Mike Benham (Oct 20)
Moritz Muehlenhoff
[SECURITY] [DSA 1643-1] New feta packages fix denial of service Moritz Muehlenhoff (Oct 06)
[SECURITY] [DSA 1656-1] New cupsys packages fix several vulnerabilities Moritz Muehlenhoff (Oct 20)
[SECURITY] [DSA 1651-1] New ruby1.8 packages fix several vulnerabilities Moritz Muehlenhoff (Oct 13)
[SECURITY] [DSA 1649-1] New iceweasel packages fix several vulnerabilities Moritz Muehlenhoff (Oct 08)
[SECURITY] [DSA 1650-1] New openldap2.3 packags fix denial of service Moritz Muehlenhoff (Oct 13)
[SECURITY] [DSA 1652-1] New ruby1.9 packages fix several vulnerabilities Moritz Muehlenhoff (Oct 13)
Morning Wood
Re: [Full-disclosure] MS OWA 2003 Redirection Vulnerability - [MSRC7368br] Morning Wood (Oct 18)
mrry . dmlo
Re: RE: MySQL command-line client HTML injection vulnerability mrry . dmlo (Oct 03)
Nelson Brito
Re: "Exploit creation - The random approach" or "Playing with random to build exploits" Nelson Brito (Oct 03)
nnp
Tool update: VoIPER v0.07 nnp (Oct 30)
noreply-secresearch
FGA-2008-23:EMC NetWorker Denial of Service Vulnerability noreply-secresearch (Oct 22)
office
HACKATTACK Advisory 20081016]WEB//NEWS SQL Injection and Cookie Manipulation office (Oct 16)
okuno
Re: MySQL command-line client HTML injection vulnerability okuno (Oct 29)
ozdemirtravel
İltaweb Alışveriş Sistemi (tr) Sql inj ozdemirtravel (Oct 13)
packet
Re: News Manager Remote SQL Injection Vulnerability packet (Oct 10)
Paul Craig
Multiple Flash Authoring Heap Overflows - Malformed SWF Files Paul Craig (Oct 15)
paul . wright
CREATE ANY DIRECTORY to SYSDBA paul . wright (Oct 13)
Pepelux
FOSS Gallery Admin Version <= 1.0 / Remote Arbitrary Upload Vulnerability Pepelux (Oct 06)
Printlog <= 0.4: Remote File Edition Vulnerability Pepelux (Oct 01)
txtshop - beta 1.0 / Local File Inclusion Vulnerability Pepelux (Oct 23)
PHPWebExplorer <= 0.09b: Local File Inclusion Vulnerability Pepelux (Oct 06)
FOSS Gallery Public Version <= 1.0 / Arbitrary file upload Vulnerabilities Pepelux (Oct 06)
iFoto, CSS-based GD2 photo gallery <= 1.0: Remote File Disclosure Vulnerability Pepelux (Oct 06)
Yerba SACphp <= 6.3 / Local File Inclusion Exploit Pepelux (Oct 07)
vshop - Axcoto cart <= 0.1alpha / Local File Inclusion Vulnerability Pepelux (Oct 23)
phpcrs <= 2.06 / Local File Inclusion Vulnerability (this is the correct :) Pepelux (Oct 23)
NewLife Blogger <= v3.0 / Insecure Cookie Handling & SQL Injection Vulnerability Pepelux (Oct 13)
pete
Oracle Password Cracker written in PL/SQL pete (Oct 01)
Pete Finnigan
Advisory for Oracle CPU October 2008 - APEX Flows excessive privileges Pete Finnigan (Oct 22)
pocadm
Final notification about "POC2008" Conference pocadm (Oct 31)
Praburaajan
HITBSecConf2008 - Malaysia: Online registration closes on 24th Oct Praburaajan (Oct 20)
ProCheckUp Research
SNMP Injection: Achieving Persistent HTML Injection via SNMP on Embedded Devices ProCheckUp Research (Oct 22)
Re: PR08-24: Proxim Tsunami MP.11 2411 vulnerable to SNMP Injection ProCheckUp Research (Oct 10)
PR07-31: Unauthenticated SQL Injection, XSS on Login Page and Username Enumeration on DPSnet Case Progress ProCheckUp Research (Oct 09)
PR08-24: Proxim Tsunami MP.11 2411 vulnerable to SNMP Injection ProCheckUp Research (Oct 09)
Pruett, Mike
Re: MS Internet Explorer 7 Denial Of Service Exploit Pruett, Mike (Oct 02)
publists
[ENABLESECURITY] Apple's Mail.app stores your S/MIME encrypted emails in clear text publists (Oct 06)
Quark IT - Hilton Travis
RE: MySQL command-line client HTML injection vulnerability Quark IT - Hilton Travis (Oct 01)
RE: RE: MySQL command-line client HTML injection vulnerability Quark IT - Hilton Travis (Oct 06)
Raphael Geissert
XSS vulnerability in phpMyID Raphael Geissert (Oct 02)
raven
Re: HTTPBruteForcer released raven (Oct 25)
Reversemode
Exploit for MS08-066 - AFD.sys kernel memory overwrite. Reversemode (Oct 15)
RISE Security
[RISE-2008001] Sun Solstice AdminSuite sadmind adm_build_path() Buffer Overflow Vulnerability RISE Security (Oct 14)
Robert Buchholz
[ GLSA 200810-03 ] libspf2: DNS response buffer overflow Robert Buchholz (Oct 30)
[ GLSA 200810-02 ] Portage: Untrusted search path local root vulnerability Robert Buchholz (Oct 09)
Roberto Suggi
Opera Stored Cross Site Scripting Vulnerability Roberto Suggi (Oct 22)
roeeh
Advisory: Graphviz Buffer Overflow Code Execution roeeh (Oct 08)
rPath Update Announcements
rPSA-2008-0308-1 samba samba-client samba-server samba-swat rPath Update Announcements (Oct 30)
rPSA-2008-0295-1 rails rPath Update Announcements (Oct 16)
rPSA-2008-0309-1 lighttpd rPath Update Announcements (Oct 30)
rPSA-2008-0306-1 libxslt rPath Update Announcements (Oct 27)
rPSA-2008-0307-1 nfs-client nfs-server nfs-utils rPath Update Announcements (Oct 30)
rPSA-2008-0294-1 postfix rPath Update Announcements (Oct 16)
rPSA-2008-0305-1 pcre rPath Update Announcements (Oct 27)
Salvador III Manaois
Re: MS08-067 - Where can I find an exploit for this? Salvador III Manaois (Oct 24)
Re: MS08-067 - Where can I find an exploit for this? Salvador III Manaois (Oct 24)
Secunia Research
Secunia Research: GNU Enscript "setfilename" Special Escape Buffer Overflow Secunia Research (Oct 22)
Secunia Research: Interact SQL Injection and Cross-Site Request Forgery Secunia Research (Oct 31)
Secunia Research: Trend Micro OfficeScan CGI Parsing Buffer Overflows Secunia Research (Oct 22)
Secunia Research: HP SiteScope SNMP Trap Script Insertion Vulnerability Secunia Research (Oct 20)
Secunia Research: HP OpenView Products Shared Trace Service Denial of Service Secunia Research (Oct 22)
Secunia Research: Trend Micro OfficeScan Directory Traversal Vulnerability Secunia Research (Oct 03)
Secunia Research: Adobe PageMaker PMD File Processing Buffer Overflows Secunia Research (Oct 29)
security
[ MDVSA-2008:219 ] mplayer security (Oct 30)
[ MDVSA-2008:215 ] wireshark security (Oct 27)
[ MDVSA-2008:217 ] lynx security (Oct 28)
[ MDVSA-2008:121-1 ] freetype2 security (Oct 31)
[ MDVSA-2008:220 ] kernel security (Oct 30)
[ MDVSA-2008:211 ] cups security (Oct 13)
[ MDVSA-2008:210 ] mono security (Oct 06)
[ MDVSA-2008:214 ] mon security (Oct 16)
[ MDVSA-2008:208-1 ] pam_mount security (Oct 20)
[ MDVSA-2008:218 ] lynx security (Oct 28)
[ MDVSA-2008:222 ] Eterm security (Oct 30)
[ MDVSA-2008:210-1 ] mono security (Oct 13)
[ MDVSA-2008:212 ] libxml2 security (Oct 15)
[ MDVSA-2008:213 ] dbus security (Oct 15)
[ MDVSA-2008:221 ] aterm security (Oct 30)
[ MDVSA-2008:209 ] pam_krb5 security (Oct 06)
[ MDVSA-2008:216 ] emacs security (Oct 28)
Security_Alert
Re: FGA-2008-23:EMC NetWorker Denial of Service Vulnerability Security_Alert (Oct 22)
security-alert
[security bulletin] HPSBMA02373 SSRT071467 rev.2 - HP Insight Diagnostics Running on Linux and Windows, Remote Unauthorized Access to Files security-alert (Oct 27)
[security bulletin] HPSBMA02362 SSRT080044, SSRT080045, SSRT080042 rev.2 - HP OpenView Network Node Manager (OV NNM), Remote Denial of Service (DoS), Execute Arbitrary Code security-alert (Oct 09)
[security bulletin] HPSBMA02349 SSRT080043 rev.2 - HP OpenView Network Node Manager (OV NNM), Remote Unauthorized Access to Data security-alert (Oct 15)
[security bulletin] HPSBMA02376 SSRT080099 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Cross Site Scripting (XSS) security-alert (Oct 09)
[security bulletin] HPSBUX02375 SSRT080122 rev.1 - HP-UX Running NFS/ONCplus, Remote Denial of Service (DoS) security-alert (Oct 07)
[security bulletin] HPSBMA02374 SSRT080046 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Denial of Service (DoS) security-alert (Oct 09)
[security bulletin] HPSBST02379 SSRT080143 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-056 to MS08-066 security-alert (Oct 23)
security () nruns com
n.runs-SA-2008.008 - Internet Explorer HTML Object Memory Corruption and Remote Code Execution security () nruns com (Oct 21)
n.runs-SA-2008.009 - Eaton MGE OPS Network Shutdown Module - authentication bypass vulnerability and remote code execution security () nruns com (Oct 27)
Security Objectives Corporation
SECOBJADV-2008-05: Symantec Veritas Storage Foundation Arbitrary File Read Vulnerability Security Objectives Corporation (Oct 22)
SECOBJADV-2008-04: Symantec Veritas Storage Foundation Memory Disclosure Vulnerability Security Objectives Corporation (Oct 21)
sflist
Uninformed Journal Release Announcement: Volume 10 sflist (Oct 13)
shulman
CVE-2008-4000: Oracle PeopleTools – Authentication Weakness shulman (Oct 20)
CVE-2008-2625: Oracle DBMS – Proxy Authentication Vulnerability shulman (Oct 20)
sipherr
Re: Universal Website Hijacking by Exploiting Firewall Content Filtering Features + SonicWALL firewalls 0day sipherr (Oct 31)
Re: Universal Website Hijacking by Exploiting Firewall Content Filtering Features + SonicWALL firewalls 0day sipherr (Oct 31)
Stefano Di Paola
Re: MS OWA 2003 Redirection Vulnerability Stefano Di Paola (Oct 15)
stephen_fewer
[Paper] Reflective Dll Injection stephen_fewer (Oct 31)
Steve Kemp
[SECURITY] [DSA 1657-1] New qemu packages fix denial of service Steve Kemp (Oct 20)
[SECURITY] [DSA-1645-1] New lighttpd packages fix various problems Steve Kemp (Oct 06)
[SECURITY] [DSA 1654-1] New libxml2 packages fix execution of arbitrary code Steve Kemp (Oct 14)
The-0utl4w
Aria-Security.com: Saba 2.0 Cross Site Scripting [PASSIVE] The-0utl4w (Oct 29)
The Anarcat
Re: HTTPBruteForcer released The Anarcat (Oct 25)
The OpenVAS Team
2008 OpenVAS Contest The OpenVAS Team (Oct 31)
therese . vanryne
Re: Motorola Timbuktu's Internet Locator Service real-time data exposed to public. therese . vanryne (Oct 09)
Thijs Kinkhorst
[SECURITY] [DSA 1648-1] New mon packages fix insecure temporary files Thijs Kinkhorst (Oct 08)
[SECURITY] [DSA 1658-1] New dbus packages fix denial of service Thijs Kinkhorst (Oct 22)
[SECURITY] [DSA 1647-1] New php5 packages fix several vulnerabilities Thijs Kinkhorst (Oct 07)
Thomas Dickey
Re: [ MDVSA-2008:217 ] lynx Thomas Dickey (Oct 29)
Tobias Heinlein
[ GLSA 200810-01 ] WordNet: Execution of arbitrary code Tobias Heinlein (Oct 07)
Tobias Klein
[TKADV2008-010] VLC media player TiVo ty Processing Stack Overflow Vulnerability Tobias Klein (Oct 20)
Tom Kelly
Re: Blue Coat xss Tom Kelly (Oct 02)
Trancer
OpenNMS Multiple Vulnerabilities Trancer (Oct 06)
varun . srivastav
Java Web start vulnerability varun . srivastav (Oct 25)
Re: Java Web start vulnerability varun . srivastav (Oct 31)
vinodsharma . mimit
Doubt in MySQL Quick Admin <= 1.5.5 (COOKIE) Local File Inclusion Vulnerability POC posted on milworm vinodsharma . mimit (Oct 17)
Vladimir '3APA3A' Dubrovin
Re: PR08-24: Proxim Tsunami MP.11 2411 vulnerable to SNMP Injection Vladimir '3APA3A' Dubrovin (Oct 09)
Re: AyeView v2.20 (malformed gif image) DoS Exploit Vladimir '3APA3A' Dubrovin (Oct 06)
Re[2]: PR08-24: Proxim Tsunami MP.11 2411 vulnerable to SNMP Injection Vladimir '3APA3A' Dubrovin (Oct 10)
Re: White Wolf Labs #080922-1: Exploitation Through ActiveSync 4.x Vladimir '3APA3A' Dubrovin (Oct 02)
VMware Security Team
VMSA-2008-0017 Updated ESX packages for libxml2, ucd-snmp, libtiff VMware Security Team (Oct 31)
VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and patches for ESX and ESXi resolve multiple security issues VMware Security team (Oct 06)
vulns
[W02-1008] GearSoftware Powered Products Local Privilege Escalation (Microsoft Windows Kernel IopfCompleteRequest Integer Overflow) vulns (Oct 08)
Motorola Timbuktu's Internet Locator Service real-time data exposed to public. vulns (Oct 06)
Williams, James K
CA ARCserve Backup Multiple Vulnerabilities Williams, James K (Oct 10)
Wouter Coekaerts
Quassel IRC: connection hijacking Wouter Coekaerts (Oct 29)
Re: Quassel IRC: connection hijacking Wouter Coekaerts (Oct 29)
writ3r
freeSSHd (stf - rename) Buffer Overflow Vulnerability writ3r (Oct 23)
GoodTech SSH Remote Buffer Overflow Exploit writ3r (Oct 23)
WSN1983
U-Mail Webmail 'edit.php' Arbitrary File Write Vulnerability WSN1983 (Oct 31)
xsp
FC2 BLOG Cross-Site Scripting Vulnerabilities xsp (Oct 09)
xuanmumu
SiteEngine 5.x Multiple Remote Vulnerabilities xuanmumu (Oct 23)
zdi-disclosures
ZDI-08-068: Microsoft Office Excel BIFF File Format Parsing Stack Overflow Vulnerability zdi-disclosures (Oct 15)
ZDI-08-066: Novell eDirectory Core Protocol Opcode 0x24 Heap Overflow Vulnerability zdi-disclosures (Oct 08)
ZDI-08-070: SonicWALL Content-Filtering Universal Script Injection Vulnerability zdi-disclosures (Oct 30)
ZDI-08-067: Apple CUPS 1.3.7 (HP-GL/2 filter) Remote Code Execution Vulnerability zdi-disclosures (Oct 10)
ZDI-08-065: Novell eDirectory Core Protocol Opcode 0x0F Heap Overflow Vulnerability zdi-disclosures (Oct 08)
ZDI-08-071: IBM Tivoli Storage Manager Express for Microsoft SQL Heap Overflow Vulnerability zdi-disclosures (Oct 30)
ZDI-08-063: Novell eDirectory dhost.exe Content-Length Header Heap Overflow Vulnerability zdi-disclosures (Oct 08)
ZDI-08-064: Novell eDirectory dhost.exe Accept Language Header Heap Overflow Vulnerability zdi-disclosures (Oct 08)
ZDI-08-069: Microsoft Internet Explorer componentFromPoint Memory Corruption Vulnerability zdi-disclosures (Oct 15)
zibree
A video can crash ANY iphone/ipod and a few libraries. zibree (Oct 28)