Bugtraq: by thread
302 messages
starting May 01 09 and
ending May 29 09
Date index |
Thread index |
Author index
- CA20090429-01: CA ARCserve Backup Apache HTTP Server Multiple Vulnerabilities Williams, James K (May 01)
- BLIND SQL INJECTION--Leap CMS 0.1.4--> y3nh4ck3r (May 01)
- [ MDVSA-2009:104 ] udev security (May 01)
- Addonics NAS Adapter FTP Remote Denial of Service mcyr2 (May 01)
- [SECURITY] [DSA 1785-1] New wireshark packages fix several vulnerabilities Moritz Muehlenhoff (May 01)
- [ MDVSA-2009:102 ] apache security (May 01)
- [ MDVSA-2009:103 ] udev security (May 01)
- multiple vendor - PF NULL pointer dereference rembrandt (May 01)
- MULTIPLE SQL INJECTION VULNERABILITIES --MiniTwitter v0.2-Beta--> y3nh4ck3r (May 01)
- Re: Symantec Fax Viewer Control v10 (DCCFAXVW.DLL) remote buffer overflow exploit Nick FitzGerald (May 01)
- USER OPTIONS CHANGER EXPLOIT --MiniTwitter v0.2-Beta+-> y3nh4ck3r (May 01)
- Re: Security tools list: First Version Ulises2k (May 01)
- Durzosploit v0.1 alpha Benjilenoob (May 01)
- New WebApp security paper: Anti-fraud Image Solutions WebAppSec (May 01)
- BH USA CFP closing next Tuesday jmoss (May 01)
- [SECURITY] [DSA 1784-1] New freetype packages fix arbitrary code execution Nico Golde (May 01)
- [TZO-18-2009] Mcafee multiple evasions/bypasses (RAR, ZIP) Thierry Zoller (May 01)
- about inactive account hijacking innate (May 02)
- [SECURITY] [DSA 1786-1] New acpid packages fix denial of service Steffen Joeris (May 02)
- [ GLSA 200905-01 ] Asterisk: Multiple vulnerabilities Robert Buchholz (May 04)
- Coppermine Photo Gallery 1.4.21 Cross-Site Scripting darkz . gsa (May 04)
- [SECURITY] [DSA 1787-1] New Linux 2.6.24 packages fix several vulnerabilities dann frazier (May 04)
- Call for Papers Hack.lu 2009 hack.lu 2009 info (May 04)
- “Cross-Site Scripting” vulnerability in MyBB 1.4.5 Jacques Copeau (May 04)
- Secunia Research: IBM Tivoli Storage Manager Remote Agent Service Buffer Overflows Secunia Research (May 04)
- [SecNiche WhitePaper ] - PDF Silent HTTP Form Repurposing Attacks Aditya K Sood (May 04)
- Grabit <= 1.7.2 beta 3 NZB file parsing stack overflow Niels Teusink (May 04)
- [ MDVSA-2009:105 ] memcached security (May 04)
- [USN-769-1] libwmf vulnerability Marc Deslauriers (May 04)
- MULTPLE REMOTE VULNERABILITIES --ProjectCMS v-1.1 Beta--> y3nh4ck3r (May 04)
- [security bulletin] HPSBMA02425 SSRT080091 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code security-alert (May 04)
- [security bulletin] HPSBMA02374 SSRT080046 rev.2 - HP OpenView Network Node Manager (OV NNM), Remote Denial of Service (DoS) security-alert (May 04)
- LayerOne 2009 - Final Announcement LayerOne Call For Papers (May 04)
- [SECURITY] [DSA 1787-1] New quagga packages fix denial of service Florian Weimer (May 04)
- [SECURITY] [DSA 1789-1] New php5 packages fix several vulnerabilities Thijs Kinkhorst (May 04)
- [RT-SA-2009-001] IceWarp WebMail Server: Cross Site Scripting in Email View RedTeam Pentesting GmbH (May 05)
- [RT-SA-2009-004] IceWarp WebMail Server: Client-Side Specification of "Forgot Password" eMail Content RedTeam Pentesting GmbH (May 05)
- [RT-SA-2009-002] IceWarp WebMail Server: User-assisted Cross Site Scripting in RSS Feed Reader RedTeam Pentesting GmbH (May 05)
- [USN-770-1] ClamAV vulnerability Jamie Strandboge (May 05)
- [RT-SA-2009-003] IceWarp WebMail Server: SQL Injection in Groupware Component RedTeam Pentesting GmbH (May 05)
- [DSECRG-09-034] Sun Glassfish Enterprise Server - Multiple Linked XSS vulnerabilies Digital Security Research Group [DSecRG] (May 05)
- [DSECRG-09-038] Sun Glassfish Woodstock Project - Linked XSS Vulnerability Digital Security Research Group [DSecRG] (May 05)
- CONFidence 2009 trainings andrzej . targosz (May 05)
- MULTIPLE REMOTE VULNERABILITIES--TemaTres 1.0.3--> y3nh4ck3r (May 05)
- BLIND SQL INJECTION EXPLOIT--TemaTres 1.0.3--> y3nh4ck3r (May 05)
- [SECURITY] [DSA 1790-1] New xpdf packages fix multiple vulnerabilities Noah Meyerhans (May 05)
- [security bulletin] HPSBMA02419 SSRT090060 rev.1 - Insight Control Suite For Linux (ICE-LX) Multiple Remote Vulnerabilities In Nagios security-alert (May 05)
- New Browser Security Paper: Why Silent Updates Boost Security Stefan Frei (May 06)
- [ MDVSA-2009:106 ] libwmf security (May 06)
- [SECURITY] [DSA 1791-1] New moin packages fix cross-site scripting Steffen Joeris (May 06)
- [SECURITY] [DSA 1792-1] New drupal6 packages fix multiple vulnerabilities Noah Meyerhans (May 06)
- [SECURITY] [DSA 1793-1] New kdegraphics packages fix multiple vulnerabilities Noah Meyerhans (May 06)
- Persistent XSS in Kayako Support Suite pen-test (May 06)
- EUSecWest 2009 (May27/28) London Agenda and PacSec 2009 (Nov 4/5) Tokyo CFP deadline: June 1 2009 Dragos Ruiu (May 06)
- [SECURITY] [DSA 1794-1] New Linux 2.6.18 packages fix several vulnerabilities dann frazier (May 07)
- [SECURITY] [DSA 1795-1] New ldns packages fix arbitrary code execution Devin Carraway (May 07)
- Secunia Research: Garmin Communicator Plug-In Domain Locking Security Bypass Secunia Research (May 07)
- Update: [TZO-15-2009] Aladdin eSafe generic bypass - Forced release Thierry Zoller (May 07)
- [ MDVSA-2009:107 ] acpid security (May 07)
- SQL INJECTION VULNERABILITIES--ST-Gallery version 0.1 alpha--> y3nh4ck3r (May 07)
- [ MDVSA-2009:108 ] zsh security (May 07)
- [oCERT-2009-001] Pango integer overflow in heap allocation size calculations Will Drewry (May 07)
- [USN-771-1] libmodplug vulnerabilities Marc Deslauriers (May 07)
- [USN-772-1] MPFR vulnerability Marc Deslauriers (May 07)
- [USN-773-1] Pango vulnerability Marc Deslauriers (May 07)
- [SECURITY] [DSA 1796-1] New libwmf packages fix denial of service Nico Golde (May 07)
- [TOOL] moth - vulnerable web application vmware Andres Riancho (May 07)
- Claroline v.1.8.11 Cross-Site Scripting darkz . gsa (May 08)
- [security bulletin] HPSBUX02366 SSRT080120 rev.2 - HPUX Running useradd(1M), Local Unauthorized Access security-alert (May 08)
- BLIND SQL INJECTION exploit (GET var 'AlbumID')--RTWebalbum 1.0.462--> y3nh4ck3r (May 08)
- Vpopmail/QmailAdmin User's Quota Multiple Integer Overflows Jacobo Avariento Gimeno (May 08)
- [TZO-20-2009] AVG ZIP evasion / bypass Thierry Zoller (May 09)
- Universal XSS in all Google Services Inferno (May 09)
- Re: Universal XSS in all Google Services Nam Nguyen (May 12)
- speaker Bill Blunden on Rootkits... Alex Keller (May 09)
- [SECURITY] [DSA 1797-1] New xulrunner packages fix several vulnerabilities Moritz Muehlenhoff (May 09)
- Changes : [TZO-17-2009]Trendmicro multiple bypass/evasions Thierry Zoller (May 09)
- [TZO-21-2009] Fprot CAB bypass / evasion Thierry Zoller (May 09)
- TinyWebGallery <= 1.7.6 LFI / Remote Code Execution Exploit travesti (May 11)
- <Possible follow-ups>
- Re: TinyWebGallery <= 1.7.6 LFI / Remote Code Execution Exploit michael (May 11)
- [SECURITY] [DSA 1798-1] New pango1.0 packages fix arbitrary code execution Steffen Joeris (May 11)
- Insufficient Authentication vulnerability in Acer notebooks MustLive (May 11)
- RE: Insufficient Authentication vulnerability in Acer notebooks David Sánchez Martín (May 11)
- Re: Insufficient Authentication vulnerability in Acer notebooks dpo5003 (May 12)
- Re: Insufficient Authentication vulnerability in Acer notebooks Garrett M. Groff (May 12)
- Re: Insufficient Authentication vulnerability in Acer notebooks Øystein Larsen (May 12)
- Re: Insufficient Authentication vulnerability in Acer notebooks dpo5003 (May 12)
- <Possible follow-ups>
- Re: Insufficient Authentication vulnerability in Acer notebooks MustLive (May 19)
- Re: Insufficient Authentication vulnerability in Acer notebooks Susan Bradley (May 20)
- Re: Insufficient Authentication vulnerability in Acer notebooks MustLive (May 28)
- Re: Insufficient Authentication vulnerability in Acer notebooks Susan Bradley (May 28)
- Re: Insufficient Authentication vulnerability in Acer notebooks Susan Bradley (May 20)
- RE: Insufficient Authentication vulnerability in Acer notebooks David Sánchez Martín (May 11)
- [ MDVSA-2009:109 ] quagga security (May 11)
- [Bkis-08-2009] Microchip MPLAB IDE Buffer Overflow Vulnerability Bkis (May 11)
- Five days left to find the oldest data loss incident Juha-Matti Laurio (May 11)
- Re: Five days left to find the oldest data loss incident Dragos Ruiu (May 11)
- <Possible follow-ups>
- Re: Five days left to find the oldest data loss incident Elazar Broad (May 12)
- Advisory - Gmail/Google Doc PDF Repurposing Integrated Attacks - Cookie Hijacking / Stealing Aditya K Sood (May 11)
- [USN-774-1] MoinMoin vulnerability Marc Deslauriers (May 11)
- [oCERT-2009-004] AjaxTerm session id collision Andrea Barisani (May 11)
- (POST var 'rating') BLIND SQL INJECTION--microTopic v1 Initial Release--> y3nh4ck3r (May 11)
- [security bulletin] HPSBMA02349 SSRT080043 rev.3 - HP OpenView Network Node Manager (OV NNM), Remote Unauthorized Access to Data security-alert (May 11)
- [security bulletin] HPSBMA02348 SSRT080033 rev.2 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code, Denial of Service (DoS) security-alert (May 11)
- [SECURITY] [DSA 1799-1] New qemu packages fix several vulnerabilities Moritz Muehlenhoff (May 11)
- Bitweaver <= 2.6 /boards/boards_rss.php / saveFeed() remote code execution exploit nospam (May 12)
- xcon2009 is coming bugdigger (May 12)
- Security Advisory: Banks in Australia militan . c7 (May 12)
- Syhunt: A-A-S (Application Access Server) Multiple Security Vulnerabilities Felipe M. Aragon (May 12)
- Exploiting IE8 UTF-7 XSS Vulnerability using Local Redirection Inferno (May 12)
- The security tools list, new version with more than 200 new tools! Ying (May 12)
- Re: The security tools list, new version with more than 200 new tools! Stephen Mullins (May 12)
- Sun IDM Arbitrary Commands Execution Vulnerability abb () scanit be (May 12)
- FormMail 1.92 Multiple Vulnerabilities ascii (May 12)
- Re: FormMail 1.92 Multiple Vulnerabilities David Cantrell (May 13)
- Re: FormMail 1.92 Multiple Vulnerabilities ascii (May 13)
- Re: FormMail 1.92 Multiple Vulnerabilities David Cantrell (May 13)
- CA20090126-01: CA Anti-Virus Engine Detection Evasion Multiple Vulnerabilities [Updated] Williams, James K (May 12)
- User options changer (SQLi) EXPLOIT --Bigace CMS -stable release- 2.5--> y3nh4ck3r (May 12)
- Secunia Research: Microsoft PowerPoint Atom Parsing Buffer Overflows Secunia Research (May 12)
- ZDI-09-019: Microsoft Office PowerPoint OutlineTextRefAtom Parsing Memory Corruption Vulnerability ZDI Disclosures (May 12)
- ZDI-09-020: Microsoft Office PowerPoint Notes Container Heap Overflow Vulnerability ZDI Disclosures (May 12)
- iDefense Security Advisory 05.12.09: Microsoft PowerPoint 4.2 Conversion Filter Stack Buffer Overflow Vulnerability iDefense Labs (May 12)
- iDefense Security Advisory 05.12.09: Microsoft PowerPoint 4.2 Conversion Filter Heap Corruption Vulnerability iDefense Labs (May 12)
- iDefense Security Advisory 05.12.09: Microsoft PowerPoint PPT 4.0 Importer Multiple Stack Buffer Overflow Vulnerabilities iDefense Labs (May 12)
- iDefense Security Advisory 05.12.09: Microsoft PowerPoint PPT95 Import Multiple Stack Buffer Overflow Vulnerabilities iDefense Labs (May 12)
- <Possible follow-ups>
- iDefense Security Advisory 05.12.09: Microsoft PowerPoint PPT95 Import Multiple Stack Buffer Overflow Vulnerabilities iDefense Labs (May 12)
- iDefense Security Advisory 05.12.09: Microsoft PowerPoint 4.2 Conversion Filter Stack Overflow iDefense Labs (May 12)
- [USN-775-1] Quagga vulnerability Kees Cook (May 12)
- [USN-776-1] KVM vulnerabilities Kees Cook (May 12)
- [ MDVSA-2009:111 ] firefox security (May 13)
- iDefense Security Advisory 05.12.09: Microsoft PowerPoint Integer Overflow Vulnerability iDefense Labs (May 13)
- [ MDVSA-2009:111-1 ] firefox security (May 13)
- iDefense Security Advisory 05.12.09: Microsoft PowerPoint Build List Memory Corruption Vulnerability iDefense Labs (May 13)
- [ MDVSA-2009:110 ] squirrelmail security (May 13)
- [USN-776-2] KVM regression Marc Deslauriers (May 13)
- iDefense Security Advisory 05.12.09: Microsoft PowerPoint Notes Container Heap Corruption Vulnerability iDefense Labs (May 13)
- Re: The security tools list, new version with more than 200 new tools! Ying (May 13)
- maxcms2.0 creat new admin exploit info (May 13)
- Pinnacle Studio 12 "Hollywood FX Compressed Archive" (.hfz) directory traversal vulnerability poc ipsdix (May 13)
- (GET var 'member') BLIND SQL INJECTION EXPLOIT --FAMILY CONNECTIONS <= v1.9 --> y3nh4ck3r (May 13)
- [ MDVSA-2009:112 ] ipsec-tools security (May 13)
- Insufficient Authentication vulnerability in Asus notebook MustLive (May 14)
- Re: Insufficient Authentication vulnerability in Asus notebook Jeremy Brown (May 14)
- Re: Insufficient Authentication vulnerability in Asus notebook Mike Vasquez (May 14)
- Re: Insufficient Authentication vulnerability in Asus notebook Susan Bradley (May 14)
- Re: Insufficient Authentication vulnerability in Asus notebook nameless (May 14)
- Re: Insufficient Authentication vulnerability in Asus notebook Ansgar Wiechers (May 14)
- Re: Insufficient Authentication vulnerability in Asus notebook Susan Bradley (May 14)
- RE: Insufficient Authentication vulnerability in Asus notebook Mike Wilson (May 14)
- RE: Insufficient Authentication vulnerability in Asus notebook Steve Quan (May 14)
- Re: Insufficient Authentication vulnerability in Asus notebook nameless (May 14)
- Re: Insufficient Authentication vulnerability in Asus notebook Ansgar Wiechers (May 19)
- RE: Insufficient Authentication vulnerability in Asus notebook Jim Harrison (May 19)
- Re: Insufficient Authentication vulnerability in Asus notebook Daniel Hazelton (May 14)
- Re: Insufficient Authentication vulnerability in Asus notebook Michael Scheidell (May 14)
- Re: Insufficient Authentication vulnerability in Asus notebook KF (lists) (May 14)
- Re: Insufficient Authentication vulnerability in Asus notebook nameless (May 14)
- <Possible follow-ups>
- Re: Insufficient Authentication vulnerability in Asus notebook Bob Fiero (May 14)
- RE: Insufficient Authentication vulnerability in Asus notebook Mike Wilson (May 14)
- Re: Insufficient Authentication vulnerability in Asus notebook Susan Bradley (May 14)
- Re: Insufficient Authentication vulnerability in Asus notebook Bob Fiero (May 19)
- Re: Insufficient Authentication vulnerability in Asus notebook Susan Bradley (May 19)
- Re: Insufficient Authentication vulnerability in Asus notebook Just1n T1mberlake (May 19)
- Re: Insufficient Authentication vulnerability in Asus notebook Jeremy Brown (May 14)
- Re: MULTIPLE REMOTE SQL INJECTION VULNERABILITIES---MIM:InfiniX v1.2.003---> robi (May 14)
- Re: MULTIPLE REMOTE SQL INJECTION VULNERABILITIES---MIM:InfiniX v1.2.003---> Tomas Kuliavas (May 14)
- <Possible follow-ups>
- Re: Re: MULTIPLE REMOTE SQL INJECTION VULNERABILITIES---MIM:InfiniX v1.2.003---> y3nh4ck3r (May 14)
- [security bulletin] HPSBMA02417 SSRT090031 rev.1 - HP Data Protector Express and HP Data Protector Express Single Server Edition (SSE), Local Denial of Service (DoS), Execution of Arbitrary Code security-alert (May 14)
- iDefense Security Advisory 05.14.09: Apple Mac OS X xnu Kernel workqueue_additem/workqueue_removeitem Index Validation Vulnerability iDefense Labs (May 14)
- MULTIPLE CODE INJECTION VULNERABILITIES --TUENTI--SPAIN--> y3nh4ck3r (May 14)
- MULTIPLE SQL INJECTION VULNERABILITIES --Shutter v-0.1.1--> y3nh4ck3r (May 14)
- eggdrop/windrop remote crash vulnerability Thomas Sader (May 19)
- (GET var 'id') BLIND SQL INJECTION EXPLOIT --Dog Pedigree Online Database v1.0.1-Beta --> y3nh4ck3r (May 19)
- INSECURE COOKIE HANDLING VULNERABILITIES --Dog Pedigree Online Database v1.0.1-Beta--> y3nh4ck3r (May 19)
- [SECURITY] [DSA 1801-1] New ntp packages fix several vulnerabilities Thijs Kinkhorst (May 19)
- [ MDVSA-2009:117 ] ntp security (May 19)
- [SECURITY] [DSA 1802-1] New squirrelmail packages fix several vulnerabilities Thijs Kinkhorst (May 19)
- HTTP Parameter Pollution Luca.carettoni (May 19)
- Re: POC & exploit for Apache mod_rewrite off-by-one arulvadivel1 (May 19)
- Namad Cms Remote File Download info (May 19)
- [security bulletin] HPSBMA02428 SSRT090048 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Cross Site Scripting (XSS) security-alert (May 19)
- [TZO-23-2009] Avira antivir generic evasion of heuristics (for PDF) Thierry Zoller (May 19)
- [ MDVSA-2009:118 ] kernel security (May 19)
- [TZO-22-2009] Bitdefender generic evasion of heuristics (for PDF) Thierry Zoller (May 19)
- [ MDVSA-2009:116 ] gnutls security (May 19)
- rPSA-2009-0086-1 postgresql postgresql-contrib postgresql-server rPath Update Announcements (May 19)
- ZDI-09-023: Apple OS X ATSServer Compact Font Format Parsing Memory Corruption Vulnerability ZDI Disclosures (May 19)
- [ MDVSA-2009:115 ] phpMyAdmin security (May 19)
- [ MDVSA-2009:114 ] ipsec-tools security (May 19)
- ZDI-09-022: Apple Safari Malformed SVGList Parsing Code Execution Vulnerability ZDI Disclosures (May 19)
- Conference on Cyber Warfare: registration open! kgconference (May 19)
- PAPER: Dynamic Data Flow Analysis via Virtual Code Integration (aka The SpiderPig case) Piotr Bania (May 19)
- [ MDVSA-2009:113 ] cyrus-sasl security (May 19)
- BugCON '09 has swine influenza!! Carlos Augusto (May 19)
- NetDecision TFTP Server 4.2 TFTP Directory Traversal vuln_research (May 19)
- [TKADV2009-006] libsndfile/Winamp VOC Processing Heap Buffer Overflow Tobias Klein (May 19)
- WinAppDbg module v1.1 is out! Mario Alejandro Vilas Jerez (May 19)
- rPSA-2009-0084-1 kernel rPath Update Announcements (May 19)
- Fwd: [Full-disclosure] IIS6 + webdav and unicode rides again in 2009 Thierry Zoller (May 19)
- n.runs-SA-2009.001 - OS X CFNetwork advisory security (May 19)
- [security bulletin] HPSBMA02426 SSRT090053 rev.1 - HP System Management Homepage (SMH) for Linux and Windows Running PHP and OpenSSL, Remote Cross Site Scripting (XSS), Unauthorized Access security-alert (May 19)
- [security bulletin] HPSBMA02427 SSRT090069 rev.1 - HP Remote Graphics Software (RGS) Sender Running Easy Login, Remote Unauthorized Access security-alert (May 19)
- MULTIPLE REMOTE VULNERABILITIES --my-colex 1.4.2--> y3nh4ck3r (May 19)
- MULTIPLE REMOTE VULNERABILITIES --my-Gesuad 0.9.14--> y3nh4ck3r (May 19)
- [SECURITY] [DSA 1800-1] New Linux 2.6.26 packages fix several vulnerabilities dann frazier (May 19)
- iDefense Security Advisory 05.14.09: Multiple Vendor Outside In Multiple Integer Overflow Vulnerabilities iDefense Labs (May 19)
- iDefense Security Advisory 05.14.09: Multiple Vendor Outside In Spreadsheet Integer Overflow Vulnerability iDefense Labs (May 19)
- iDefense Security Advisory 05.14.09: Multiple Vendor Outside In Spreadsheet Buffer Overflow Vulnerability iDefense Labs (May 19)
- iDefense Security Advisory 05.14.09: Multiple Vendor Outside In Multiple Spreadsheet Buffer Overflow Vulnerabilities iDefense Labs (May 19)
- [ MDVSA-2009:119 ] kernel security (May 19)
- Cisco Security Advisory: CiscoWorks TFTP Directory Traversal Vulnerability Cisco Systems Product Security Incident Response Team (May 20)
- [SECURITY] [DSA 1803-1] New nsd packages fix denial of service Thijs Kinkhorst (May 20)
- Shakacon Security Conference - Trainers and Speakers Finalized Shakacon (May 20)
- [SECURITY] [DSA 1804-1] New ipsec-tools packages fix denial of service Nico Golde (May 20)
- [USN-777-1] Ntp vulnerabilities Jamie Strandboge (May 20)
- DMXReady Registration Manager Arbitrary File Upload Vulnerability info (May 20)
- Armorlogic Profense Web Application Firewall 2.4 multiple vulnerabilities. publists (May 20)
- CORE-2009-0109 - Multiple XSS in Sun Communications Express CORE Security Technologies Advisories (May 20)
- [security bulletin] HPSBPI02398 SSRT080166 rev.3 - Certain HP LaserJet Printers, HP Color LaserJet Printers, and HP Digital Senders, Remote Unauthorized Access to Files security-alert (May 20)
- (GET vars 'x' & 'y') ADMIN FUNCTION EXECUTION--Jorp v-1.3.05.09--> y3nh4ck3r (May 20)
- iDefense Security Advisory 05.20.09: IBM AIX libc MALLOCDEBUG File Overwrite Vulnerability iDefense Labs (May 20)
- DDIVRT-2009-25 IPsession SQL Injection Vulnerability ddvulnalert (May 21)
- Novell GroupWise Web Access Multiple XSS swhite (May 21)
- MULTIPLE SQL INJECTION VULNERABILITIES --Flash Quiz Beta 2--> y3nh4ck3r (May 21)
- [ MDVSA-2009:120 ] openssl security (May 21)
- [ MDVSA-2009:121 ] lcms security (May 22)
- DotNetNuke ErrorPage.aspx Cross-Site Scripting Vulnerability Ben Hawkes (May 22)
- Novell GroupWise Internet Agent Remote Buffer Overflow Vulnerabilities VUPEN Security Research (May 22)
- [SECURITY] [DSA 1802-2] New squirrelmail packages correct incomplete fix Thijs Kinkhorst (May 22)
- Serena Dimensions CM Desktop Client does not validate the server SSL certificate roland . gruber . extern (May 22)
- LxBlog info (May 22)
- [TZO-24-2009] Panda generic evasion (CAB) Thierry Zoller (May 22)
- [TZO-25-2009] Panda generic evasion (TAR) Thierry Zoller (May 22)
- [SECURITY] [DSA 1805-1] New pidgin packages fix several vulnerabilities Moritz Muehlenhoff (May 22)
- Secunia Research: Sun Solaris "sadmind" Integer Overflow Vulnerability Secunia Research (May 25)
- MULTIPLE REMOTE VULNERABILITIES --MiniTwitter<=v0.3-Beta--> y3nh4ck3r (May 25)
- ChinaGames (CGAgent.dll) ActiveX Remote Code Execution Exploit info (May 25)
- [InterN0T] AMember 3.1.7 - Multiple Vulnerabilities security (May 25)
- <Possible follow-ups>
- Re: [InterN0T] AMember 3.1.7 - Multiple Vulnerabilities TK147 (May 28)
- Re: Re: [InterN0T] AMember 3.1.7 - Multiple Vulnerabilities security (May 29)
- [ GLSA 200905-06 ] acpid: Denial of Service Pierre-Yves Rofes (May 25)
- [ GLSA 200905-03 ] IPSec Tools: Denial of Service Alex Legler (May 25)
- [ GLSA 200905-02 ] Cscope: User-assisted execution of arbitrary code Pierre-Yves Rofes (May 25)
- [oCERT-2009-006] Android improper package verification when using shared uids Will Drewry (May 25)
- [ GLSA 200905-04 ] GnuTLS: Multiple vulnerabilities Alex Legler (May 25)
- [ MDVSA-2009:122 ] squirrelmail security (May 25)
- MULTIPLE SQL INJECTION VULNERABILITIES --Joomla Component 'Boy Scout Advancement' <= v-0.3 (com_bsadv)--> y3nh4ck3r (May 25)
- [SECURITY] [DSA 1806-1] New cscope packages fix arbitrary code execution Moritz Muehlenhoff (May 25)
- Re: FUD Forum < 2.7.1 PHP code injection vurnelability naudefj (May 25)
- Secunia Research: Sun Solaris "sadmind" Buffer Overflow Vulnerability Secunia Research (May 25)
- [ GLSA 200905-05 ] FreeType: Multiple vulnerabilities Alex Legler (May 25)
- Hardening OSX against CVE-2008-5353 Marc Schoenefeld (May 25)
- PAPER: Generic Unpacking of Self-modifying, Aggressive, Packed Binary Programs Piotr Bania (May 25)
- Arcade Trade Script XSS SmOk3 (May 25)
- Backdoor in com_rsgallery2 gallery extension for joomla Jan van Niekerk (May 26)
- Re: Backdoor in com_rsgallery2 gallery extension for joomla Jonah Braun (May 27)
- [TZO-26-2009] Firefox (all?) Denial of Service through unclamped loop (SVG) Thierry Zoller (May 26)
- Re: [Full-disclosure] [TZO-26-2009] Firefox (all?) Denial of Service through unclamped loop (SVG) Michal Zalewski (May 27)
- Multiple vulnerabilities in several ATEN IP KVM Switches Jakob Lell (May 26)
- SEC Consult SA-20090525-0 :: Nortel Contact Center Manager Server Authentication Bypass Vulnerability Bernhard Mueller (May 26)
- [ GLSA 200905-07 ] Pidgin: Multiple vulnerabilities Alex Legler (May 26)
- COWON America jetCast 2.0.4.1109 (.mp3) local heap buffer overlow exploit nospam (May 26)
- SEC Consult SA-20090525-1 :: Nortel Contact Center Manager Server Password Disclosure Vulnerability Bernhard Mueller (May 26)
- SEC Consult SA-20090525-2 :: SonicWALL Global Security Client Local Privilege Escalation Vulnerability Bernhard Mueller (May 26)
- SEC Consult SA-20090525-3 :: SonicWALL Global VPN Client Local Privilege Escalation Vulnerability Bernhard Mueller (May 26)
- SEC Consult SA-20090525-4 :: SonicOS Format String Vulnerability Bernhard Mueller (May 26)
- [ GLSA 200905-08 ] NTP: Remote execution of arbitrary code Alex Legler (May 26)
- Addendum : [TZO-26-2009] Firefox (all?) Denial of Service through unclamped loop (SVG) Thierry Zoller (May 27)
- Re: Addendum : [TZO-26-2009] Firefox (all?) Denial of Service through unclamped loop (SVG) Jim Parkhurst (May 27)
- Re[2]: [Full-disclosure] Addendum : [TZO-26-2009] Firefox (all?) Denial of Service through unclamped loop (SVG) Thierry Zoller (May 27)
- Re[2]: Addendum : [TZO-26-2009] Firefox (all?) Denial of Service through unclamped loop (SVG) Vladimir '3APA3A' Dubrovin (May 27)
- Re: Addendum : [TZO-26-2009] Firefox (all?) Denial of Service through unclamped loop (SVG) Jim Parkhurst (May 27)
- [IMF 2009] 3rd Call - Deadline Extended Oliver Goebel (May 27)
- W3af ninja training class in NYC Michelangelo Sidagni (May 27)
- PHP Nuke v.8.0 (referer) SQL Injection darkz . gsa (May 27)
- <Possible follow-ups>
- Re: PHP Nuke v.8.0 (referer) SQL Injection a (May 29)
- Vanilla v.1.1.7 Cross-Site Scripting darkz . gsa (May 27)
- [security bulletin] HPSBUX02429 SSRT090058 rev.1 - HP-UX Running Java, Remote Execution of Arbitrary Code and Other Vulnerabilities security-alert (May 27)
- [ GLSA 200905-09 ] libsndfile: User-assisted execution of arbitrary code Alex Legler (May 27)
- [ MDVSA-2009:123 ] opensc security (May 27)
- [InterN0T] AdPeeps 8.5d1 - XSS and HTML Injection Vulnerabilities security (May 27)
- <Possible follow-ups>
- Re: [InterN0T] AdPeeps 8.5d1 - XSS and HTML Injection Vulnerabilities support (May 29)
- New paper: Understanding Microsoft's KB971492 IIS WebDAV Vuln Steve Friedl (May 27)
- MULTIPLE REMOTE VULNERABILITIES --Small Pirates v-2.1--> y3nh4ck3r (May 28)
- rPSA-2009-0092-1 ntp ntp-utils rPath Update Announcements (May 28)
- rPSA-2009-0095-1 tshark wireshark rPath Update Announcements (May 28)
- [Bkis-09-2009] XSS vulnerability in 'Monitor_Bandwidth' - PRTG Traffic Grapher Bkis (May 28)
- rPSA-2009-0091-1 cyrus-sasl cyrus-sasl-server rPath Update Announcements (May 28)
- Survey: "MIME/Content-Type-Sniffing" Issues in Image Uploads in Forum Scripts Jacques Copeau (May 28)
- ecshop 2.6.2 info (May 28)
- [TZO-27-2009] Firefox Denial of Service (Keygen) Thierry Zoller (May 28)
- Re: [TZO-27-2009] Firefox Denial of Service (Keygen) Tavis Ormandy (May 28)
- Re[2]: [TZO-27-2009] Firefox Denial of Service (Keygen) Thierry Zoller (May 28)
- Re: [TZO-27-2009] Firefox Denial of Service (Keygen) Tavis Ormandy (May 28)
- ZDI-09-021: Apple QuickTime PICT Unspecified Tag Heap Overflow Vulnerability ZDI Disclosures (May 28)
- Call For Papers – ACM CCS 2009 Workshops Christopher Kruegel (May 28)
- CORE-2009-0401 - StoneTrip S3DPlayers remote command injection CORE Security Technologies Advisories (May 28)
- [InterN0T] Achievo 1.3.4 - XSS Vulnerability security (May 28)
- <Possible follow-ups>
- Re: [InterN0T] Achievo 1.3.4 - XSS Vulnerability security (May 29)
- Novell Groupwise fails to properly sanitize emails. c3rb3r (May 28)
- [TZO-28-2009] - Avira Antivir generic RAR,CAB,ZIP Thierry Zoller (May 29)
- (whitepaper) Microsoft WPAD Technology Weaknesses [PTResearch Team] srublev (May 29)
- VMSA-2009-0007 VMware Hosted products and ESX and ESXi patches resolve security issues VMware Security team (May 29)
- SonicWALL SSL-VPN Appliance Format String Vulnerability Patrick Webster (May 29)
- Whitepaper Jared DeMott (May 29)