Bugtraq: by thread
298 messages
starting Jan 01 09 and
ending Jan 30 09
Date index |
Thread index |
Author index
- Linux Kernel 2.6.18/2.6.24/2.6.20/2.6.22/2.6.21 denial of service exploit i9p (Jan 01)
- Re: Linux Kernel 2.6.18/2.6.24/2.6.20/2.6.22/2.6.21 denial of service exploit Eugene Teo (Jan 05)
- Re: Linux Kernel 2.6.18/2.6.24/2.6.20/2.6.22/2.6.21 denial of service exploit Shaochun Wang (Jan 09)
- <Possible follow-ups>
- Re: Linux Kernel 2.6.18/2.6.24/2.6.20/2.6.22/2.6.21 denial of service exploit joris (Jan 03)
- Re: apache 1.x <=> 2.x suphp (suPHP_ConfigPath) bypass safe mode exploit‎ ms5ote (Jan 01)
- A tool to identify the MD5 certs on FF Memisyazici, Aras (Jan 02)
- [SECURITY] [DSA 1694-1] New xterm packages fix remote code execution Florian Weimer (Jan 03)
- [SECURITY] [DSA 1695-1] New Ruby packages fix denial of service Florian Weimer (Jan 03)
- Top 5-ish Threats to Watch for in 2009 Pete Herzog (Jan 05)
- PollPro 3.0 XSRF VuLn. b4DchiLd (Jan 05)
- Call for papers and trainers - SeacureIT 2009 Stefano Zanero (Jan 05)
- Google Chrome FTP PASV IP Malicious Port Scanning Vulnerability. Aditya K Sood (Jan 05)
- SolucionWeb (main.php?id_area) Remote SQL injection Vulnerability Ehsan_Hp200 (Jan 05)
- php 4.x php5.2.x all "show_source()" ,"highlight_file()" bypass‏ l1un (Jan 05)
- Re: php 4.x php5.2.x all "show_source()" ,"highlight_file()" bypass‏ Slack Traq (Jan 06)
- <Possible follow-ups>
- Re: php 4.x php5.2.x all "show_source()" ,"highlight_file()" bypass‏ a (Jan 05)
- Re: php 4.x php5.2.x all "show_source()" ,"highlight_file()" bypass‏ faze0r (Jan 05)
- Destiny Media Player 1.61 (.lst File) Local Stack Overflow Exploit crimson . loyd (Jan 05)
- ANNOUNCE: RFIDIOt ver 01.v released - Jan 2009 Adam Laurie (Jan 05)
- MSFXDC Metasploit eXploits Development Contest Jerome Athias (Jan 05)
- Walusoft TFTPServer2000 Version 3.6.1 Directory Traversal vuln_research (Jan 05)
- [USN-702-1] Samba vulnerability Marc Deslauriers (Jan 05)
- [Suspected Spam]"Security Assessment of the Internet Protocol" & the IETF Fernando Gont (Jan 06)
- Re: [Suspected Spam]"Security Assessment of the Internet Protocol" & the IETF Jerome Athias (Jan 08)
- [SECURITY] [DSA 1694-2] New xterm packages fix regression Florian Weimer (Jan 06)
- [USN-703-1] xterm vulnerability Kees Cook (Jan 06)
- New WHID web hacking incidents Ofer Shezaf (Jan 06)
- VUPLAYER BufferOver flow POC alphanix00 (Jan 06)
- Secunia Research: HP OpenView Network Node Manager Multiple Vulnerabilities Secunia Research (Jan 07)
- [oCERT-2008-016] Multiple OpenSSL signature verification API misuses Will Drewry (Jan 07)
- PHP-Fusion Mod Members Bewerb Sql Injection r3d . w0rm (Jan 07)
- Cisco Security Advisory: Cisco Global Site Selector Appliances DNS Vulnerability Cisco Systems Product Security Incident Response Team (Jan 07)
- Plunet BusinessManager failure in access controls and multiple stored cross site scripting Matteo Ignaccolo (Jan 07)
- Re: Plunet BusinessManager failure in access controls and multiple stored cross site scripting Stefano Zanero (Jan 09)
- <Possible follow-ups>
- Plunet BusinessManager failure in access controls and multiple stored cross site scripting Matteo Ignaccolo (Jan 07)
- CFP: COLSEC 2009 Patrice CLEMENTE (Jan 07)
- Secunia Research: TSC2 Help Desk CTab ActiveX Control Buffer Overflow Secunia Research (Jan 07)
- [USN-701-2] Thunderbird vulnerabilities Jamie Strandboge (Jan 07)
- PHP-Fusion Mod E-Cart Sql Injection r3d . w0rm (Jan 07)
- [USN-701-1] Thunderbird vulnerabilities Jamie Strandboge (Jan 07)
- [SECURITY] [DSA 1696-1] New icedove packages fix several vulnerabilities Steffen Joeris (Jan 07)
- [SECURITY] [DSA 1697-1] New iceape packages fix several vulnerabilities Steffen Joeris (Jan 07)
- FreeBSD Security Advisory FreeBSD-SA-09:02.openssl FreeBSD Security Advisories (Jan 07)
- FreeBSD Security Advisory FreeBSD-SA-09:01.lukemftpd FreeBSD Security Advisories (Jan 07)
- CA20090107-01: CA Service Metric Analysis and CA Service Level Management smmsnmpd Arbitrary Command Execution Vulnerability Williams, James K (Jan 07)
- [USN-704-1] OpenSSL vulnerability Jamie Strandboge (Jan 08)
- PHP-Fusion Mod vArcade 1.8 Sql Injection Vulnerability irancrash (Jan 08)
- [IBM Datapower XS40] Denial of Service erik (Jan 08)
- <Possible follow-ups>
- Re: [IBM Datapower XS40] Denial of Service terrordactylspam (Jan 08)
- CORE-2008-1128: Openfire multiple vulnerabilities CORE Security Technologies Advisories (Jan 08)
- LayerOne 2009 Call for Papers LayerOne Call For Papers (Jan 08)
- AST-2009-001: Information leak in IAX2 authentication Asterisk Security Team (Jan 08)
- [USN-705-1] NTP vulnerability Jamie Strandboge (Jan 08)
- [USN-706-1] Bind vulnerability Jamie Strandboge (Jan 09)
- [SECURITY] [DSA 1698-1] New gforge packages fix SQL injection Thijs Kinkhorst (Jan 09)
- ShakaCon 2009 Call for Papers and Trainers Shakacon (Jan 09)
- Leak of SNMP write password via SNMP read community in NETGEAR WG102 - Prosafe 802.11g Access Point mad-vaittes (Jan 09)
- Java Runtime UTF-8 Decoder Smuggling Vector William A. Rowe, Jr. (Jan 09)
- [ MDVSA-2009:003 ] python security (Jan 10)
- [ MDVSA-2009:004 ] pam_mount security (Jan 10)
- [ MDVSA-2009:002 ] bind security (Jan 10)
- Re: Team SHATTER Security Advisory: Oracle Database Buffer Overflow in SYS.KUPF$FILE_INT.GET_FULL_FILENAME (DB11) security curmudgeon (Jan 10)
- [ GLSA 200901-01 ] NDISwrapper: Arbitrary remote code execution Robert Buchholz (Jan 12)
- [ GLSA 200901-02 ] JHead: Multiple vulnerabilities Robert Buchholz (Jan 12)
- Comersus Shopping Cart <= v6 Remote User Pass Exploit ajannhwt (Jan 12)
- [ GLSA 200901-03 ] pdnsd: Denial of Service and cache poisoning Robert Buchholz (Jan 12)
- [ GLSA 200901-04 ] D-Bus: Denial of Service Robert Buchholz (Jan 12)
- Hack Aethra SV 1042 Adsl/Voip Router SmoKe (Jan 12)
- [SECURITY] [DSA 1699-1] New zaptel packages fix privilege escalation Florian Weimer (Jan 12)
- PHP Buffer Overflow(popen) ew1zz (Jan 12)
- [ GLSA 200901-05 ] Streamripper: Multiple vulnerabilities Pierre-Yves Rofes (Jan 12)
- [BMSA-2009-01] Authentication bypass in Interspire Shopping Cart v4.0.1 and below Nam Nguyen (Jan 12)
- [TKADV2009-001] Sun Solaris aio_suspend() Kernel Integer Overflow Vulnerability Tobias Klein (Jan 12)
- [USN-707-1] CUPS vulnerabilities Marc Deslauriers (Jan 12)
- [SECURITY] [DSA 1700-1] New lasso packages fix validation bypass Moritz Muehlenhoff (Jan 12)
- [TKADV2009-002] Amarok Integer Overflow and Unchecked Allocation Vulnerabilities Tobias Klein (Jan 12)
- [ GLSA 200901-06 ] Tremulous: User-assisted execution of arbitrary code Pierre-Yves Rofes (Jan 12)
- [ MDVSA-2009:005 ] xterm security (Jan 12)
- SyScan'09 Call For Paper - Shanghai, Hong Kong, Singapore, Taipei organiser () syscan org (Jan 12)
- Visuplay CMS SQL injection vulnerability joseph . giron13 (Jan 12)
- [security bulletin] HPSBMA02392 SSRT071481 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Denial of Service (DoS) security-alert (Jan 12)
- [SECURITY] [DSA 1701-1] New OpenSSL packages fix cryptographic weakness Florian Weimer (Jan 12)
- [ GLSA 200901-07 ] MPlayer: Multiple vulnerabilities Tobias Heinlein (Jan 12)
- [SECURITY] [DSA 1702-1] New ntp packages fix cryptographic weakness Florian Weimer (Jan 12)
- [SECURITY] [DSA 1703-1] New bind9 packages fix cryptographic weakness Florian Weimer (Jan 12)
- Secunia Research: DevIL "iGetHdrHeader()" Buffer Overflow Vulnerabilities Secunia Research (Jan 13)
- PDFBuilderX 2.2 Arbitrary File Overwrite fakeperson7 (Jan 13)
- [ GLSA 200901-09 ] Adobe Reader: User-assisted execution of arbitrary code Robert Buchholz (Jan 13)
- [ GLSA 200901-08 ] Online-Bookmarks: Multiple vulnerabilities Pierre-Yves Rofes (Jan 13)
- [ MDVSA-2009:006 ] openoffice.org security (Jan 13)
- ANNOUNCE: DEFCON London - DC4420 - January meet - Thursday 15th Jan 2009 Major Malfunction (Jan 13)
- rPSA-2009-0006-1 samba samba-client samba-server samba-swat rPath Update Announcements (Jan 13)
- iDefense Security Advisory 01.13.09: RIM BlackBerry Enterprise Server Attachment Service PDF Distiller 'symWidths' Heap Overflow Vulnerability iDefense Labs (Jan 13)
- ZDI-09-001: Microsoft SMB NT Trans Request Parsing Remote Code Execution Vulnerability zdi-disclosures (Jan 13)
- ZDI-09-002: Microsoft SMB NT Trans2 Request Parsing Remote Code Execution Vulnerability zdi-disclosures (Jan 13)
- rPSA-2009-0005-1 git gitweb rPath Update Announcements (Jan 13)
- rPSA-2009-0007-1 pam_krb5 rPath Update Announcements (Jan 13)
- [USN-708-1] HPLIP vulnerability Marc Deslauriers (Jan 13)
- iDefense Security Advisory 01.13.09: RIM BlackBerry Enterprise Server Attachment Service PDF Distiller 'bitmaps' Heap Overflow Vulnerability iDefense Labs (Jan 13)
- iDefense Security Advisory 01.13.09: RIM BlackBerry Enterprise Server Attachment Service PDF Distiller Uninitialized Memory Vulnerability iDefense Labs (Jan 13)
- FreeBSD Security Advisory FreeBSD-SA-09:04.bind FreeBSD Security Advisories (Jan 14)
- iDefense Security Advisory 01.13.09: Oracle Database 10g R2 Summary Advisor Arbitrary File Rewrite Vulnerability iDefense Labs (Jan 14)
- Cisco Unified IP Phone 7960G and 7940G (SIP) RTP Header Vulnerability Laurent Butti (Jan 14)
- phpList <= 2.10.8 Local File inclusion admin (Jan 14)
- iDefense Security Advisory 01.13.09: Oracle Secure Backup Administration Server login.php Command Injection Vulnerability iDefense Labs (Jan 14)
- Re: iDefense Security Advisory 01.13.09: Oracle Secure Backup Administration Server login.php Command Injection Vulnerability security curmudgeon (Jan 15)
- <Possible follow-ups>
- iDefense Security Advisory 01.13.09: Oracle Secure Backup Administration Server login.php Command Injection Vulnerability iDefense Labs (Jan 14)
- Trigger Abuse of MDSYS.SDO_TOPO_DROP_FTBL in Oracle 10g R1 and R2 David Litchfield (Jan 14)
- [ MDVSA-2009:007 ] ntp security (Jan 14)
- WowWee Rovio - Insufficient Access Controls - Covert Audio/Video Snooping Possible Brian Dowling (Jan 14)
- RE: DoS code for Cisco VLAN Trunking Protocol Vulnerability Paul Oxman (poxman) (Jan 14)
- <Possible follow-ups>
- DoS code for Cisco VLAN Trunking Protocol Vulnerability showrun . lee (Jan 14)
- Oracle CPU Jan 2009 Advisories. Alexandr Polyakov (Jan 14)
- PR08-19: XSS on Cisco IOS HTTP Server ProCheckUp Research (Jan 14)
- Cisco Security Advisory: Cisco ONS Platform Crafted Packet Vulnerability Cisco Systems Product Security Incident Response Team (Jan 14)
- [ MDVSA-2009:008 ] qemu security (Jan 14)
- Cisco Security Response: Cisco IOS Cross-Site Scripting Vulnerabilities Cisco Systems Product Security Incident Response Team (Jan 14)
- [ MDVSA-2009:009 ] kvm security (Jan 14)
- [ MDVSA-2009:010 ] qemu security (Jan 14)
- Call for Papers: Cyber Warfare kgconference (Jan 14)
- Cisco Security Advisory: IronPort Encryption Appliance / PostX and PXE Encryption Vulnerabilities Cisco Systems Product Security Incident Response Team (Jan 14)
- OTSTurntables 1.00.027 (.ofl) Local Stack Overflow Exploit crimson . loyd (Jan 14)
- [TZO-2009-1] Avira Antivir - RAR - Division by Zero & Null Pointer Dereference Thierry Zoller (Jan 14)
- [SECURITY] [DSA 1704-1] New xulrunner packages fix several vulnerabilities Steffen Joeris (Jan 14)
- ZDI-09-003: Oracle Secure Backup exec_qr() Command Injection Vulnerability zdi-disclosures (Jan 14)
- ZDI-09-004: Oracle TimesTen evtdump Remote Format String Vulnerability zdi-disclosures (Jan 14)
- Oracle Secure Backup 10g Remote Code Execution Joxean Koret (Jan 14)
- Oracle TimesTen Remote Format String Joxean Koret (Jan 14)
- [ GLSA 200901-10 ] GnuTLS: Certificate validation error Pierre-Yves Rofes (Jan 15)
- [ GLSA 200901-11 ] Avahi: Denial of Service Pierre-Yves Rofes (Jan 15)
- TFTPUtil GUI TFTP Directory Traversal vuln_research (Jan 15)
- TFTPUtil GUI TFTP Server Denial of Service Vulnerability vuln_research (Jan 15)
- Windows NTP Time Server Syslog Monitor 1.0.000 Denial of Service Vulnerability vuln_research (Jan 15)
- Re: Assurent VR - Oracle BEA WebLogic Server Apache Connector Buffer Overflow security curmudgeon (Jan 15)
- [ MDVSA-2009:011 ] virtualbox security (Jan 15)
- Oracle Secure Backup Multiple Denial Of Service vulnerabilities noreply-secresearch () fortinet com (Jan 15)
- Oracle Secure Backup's observiced.exe Denial Of Service vulnerability noreply-secresearch () fortinet com (Jan 15)
- Oracle Secure Backup NDMP_CONECT_CLIENT_AUTH Command Buffer Overflow Vulnerability noreply-secresearch () fortinet com (Jan 15)
- ANNOUNCE: apache_1.3.41+ssl_1.60 released Adam Laurie (Jan 15)
- Errata: [TZO-2009-1] Avira Antivir - RAR - Division by Zero & Null Pointer Dereference Thierry Zoller (Jan 15)
- [TZO-2009-2] Avira Antivir - Priviledge escalation Thierry Zoller (Jan 15)
- [waraxe-2009-SA#070] - Multiple Vulnerabilities in MKPortal <= 1.2.1 come2waraxe (Jan 15)
- [SECURITY] [DSA 1705-1] New netatalk packages fix arbitrary code execution Nico Golde (Jan 15)
- [USN-709-1] tar vulnerability Jamie Strandboge (Jan 15)
- [SECURITY] [DSA 1707-1] New iceweasel packages fix several vulnerabilities Steffen Joeris (Jan 15)
- [ MDVSA-2009:012 ] mozilla-thunderbird security (Jan 15)
- [SECURITY] [DSA 1706-1] New amarok packages fix arbitrary code execution Moritz Muehlenhoff (Jan 15)
- [USN-700-2] Perl regression Kees Cook (Jan 15)
- Syslserve 1.058 Denial of Service Vulnerability vuln_research (Jan 16)
- [ MDVSA-2009:014 ] mplayer security (Jan 16)
- [ MDVSA-2009:013 ] mplayer security (Jan 16)
- [ MDVSA-2009:015 ] ffmpeg security (Jan 16)
- DMXReady Blog Manager (SQL/XSS) pouya . s3rver (Jan 16)
- Active Bids pouya . s3rver (Jan 16)
- Announce: RSBAC 1.4.0 released Amon Ott (Jan 16)
- [ MDVSA-2009:016 ] xen security (Jan 16)
- [ MDVSA-2009:017 ] kdebase security (Jan 16)
- Excel Viewer OCX 3.1/3.2 Denial of Service PoC alphanix00 (Jan 16)
- Sagem router f@st 2404 remote reset poc alphanix00 (Jan 16)
- FBI XSS Vulnerability sohrab_behroozian (Jan 17)
- [ MDVSA-2009:018 ] tomcat5 security (Jan 17)
- 53KF Web IM 2009 Cross-Site Scripting Vulnerabilities Heart (Jan 19)
- Ralinktech wireless cards drivers vulnerability springsec (Jan 19)
- [Wintercore Research ] Fujitsu SystemcastWizard Lite PXEService Remote Buffer Overflow. vulns (Jan 19)
- [ GLSA 200901-12 ] noip-updater: Execution of arbitrary code Pierre-Yves Rofes (Jan 19)
- Advisory: Oracle EBusiness Suite Sensitive Information Disclosure Vulnerability Aditya K Sood (Jan 19)
- Web Hacking Incidents update for Jan 19th Ofer Shezaf (Jan 19)
- [ MDVSA-2009:019 ] imlib2 security (Jan 19)
- [SECURITY] [DSA 1708-1] New Git packages fix remote code execution Florian Weimer (Jan 19)
- Secunia Research: EasyHDR Pro Radiance RGBE Buffer Overflow Secunia Research (Jan 20)
- Cybershade CMS Remote File include vulnerability security (Jan 20)
- [ANNOUNCE] Apache Jackrabbit 1.5.2 released Jukka Zitting (Jan 20)
- Microsoft Bluetooth Stack OBEX Directory Traversal alberto . morenot (Jan 20)
- Oracle Containers For Java Directory Traversal (OC4J) Oracle Application Server 10g (10.1.3.1.0) Oracle HTTP Server Eduardo Vela (Jan 20)
- Message not available
- Re: Remote Cisco IOS FTP exploit Russell L. Smoak (Jan 20)
- Re: ZDI-09-007: Apple QuickTime Cinepak Codec MDAT Heap Corruption Vulnerability security curmudgeon (Jan 26)
- <Possible follow-ups>
- Re: Oblog XSS valnerability dan . crowley (Jan 26)
- <Possible follow-ups>
- Re: Secunia Research: OpenX Multiple Vulnerabilities scott . switzer (Jan 29)
- <Possible follow-ups>
- Re: Internet explorer 7.0 stack overflow jplopezy (Jan 29)
- Re[2]: Internet explorer 7.0 stack overflow Vladimir '3APA3A' Dubrovin (Jan 30)
- Re: Advisory: Google Chrome 1.0.154.43 ClickJacking Vulnerability. Michal Zalewski (Jan 29)