SecurityFocus Bugtraq
By Thread

360 messages sorted by: [ author ] [ date ] [ subject ] [ attachment ]

Starting: 05/02/05
Ending: 05/31/05

• 504T and now also 604T remote access. alessandro (05/28/05)
• Multiple vulnerabilities in MyBulletinBoard (MyBB) 1.00 RC4 Alberto Trivero (05/31/05)
• multiple vulnerability Calendarix Advanced DarkBicho (05/31/05)
• [Argeniss] MS05-012 Exploit Cesar (05/31/05)
• SyScAN'05 organiser_at_syscan.org (05/31/05)
• PowerDownload Remote File Inclusion SoulBlack Group (05/31/05)
• [XNUXER-SECURITY] Root Privilige Escalation in Sudo version 1.6.8p7 without Password, SuSE 9.3 Xnuxer Security (05/31/05)
  • Re: [security@suse.de] [XNUXER-SECURITY] Root Privilige Escalation in Sudo version 1.6.8p7 without Password, SuSE 9.3 Marcus Meissner (05/31/05)
    • Re: [security@suse.de] [XNUXER-SECURITY] Root Privilige Escalation in Sudo version 1.6.8p7 without Password, SuSE 9.3 Todd C. Miller (05/31/05)
    • Re: [security@suse.de] [XNUXER-SECURITY] Root Privilige Escalation in Sudo version 1.6.8p7 without Password, SuSE 9.3 Justin (05/31/05)
  • Re: [XNUXER-SECURITY] Root Privilige Escalation in Sudo version 1.6.8p7 without Password, SuSE 9.3 Ow Mun Heng (05/31/05)
• Nortel VPN Router Malformed Packet DoS Vulnerability Roy Hills (05/31/05)
• RE: Microsoft Internet Explorer - Crash on adding sites to restri cted zone (05/28/2005) Hohn, Joerg (05/31/05)
• TSL-2005-0025 - binutils Trustix Security Advisor (05/31/05)
• Spam exploiting MS05-016 Nick FitzGerald (05/29/05)
• TSL-2005-0026 - multi Trustix Security Advisor (05/31/05)
• MDKSA-2005:095 - Updated gdb packages fix vulnerabilities Mandriva Security Team (05/30/05)
• Multiple vulnerabilities in x-cart Gold CENSORED (05/31/05)
• MyBB 1.0 RC4 XSS Bug August Christopher (05/30/05)
• CYBSEC - PHPMailer Infinite Loop Denial of Service Mariano Nuñez Di Croce (05/30/05)
• Crash in Stronghold 2 1.2 Luigi Auriemma (05/30/05)
• Compuware Softice (DbgMsg driver) Local Denial Of Service Piotr Bania (05/29/05)
• Format String Vulnerability In Peercast 0.1211 And Earlier GulfTech Security Research (05/28/05)
• PicoWebServer Remote Unicode Stack Overflow Dennis Elser (05/28/05)
• Microsoft Internet Explorer - Crash on to many stack overflows (05/28/2005) Benjamin Tobias Franz (05/28/05)
• Microsoft Internet Explorer - Crash on processing embedded files with endless loop (05/28/2005) Benjamin Tobias Franz (05/28/05)
• Microsoft Internet Explorer - Crash on JavaScript "window()"-calling (05/28/2005) Benjamin Tobias Franz (05/28/05)
  • Re: Microsoft Internet Explorer - Crash on JavaScript "window()"-calling (05/28/2005) - k - (05/31/05)
  • Re: Microsoft Internet Explorer - Crash on JavaScript "window()"-calling (05/28/2005) Benton Lam (05/30/05)
• Microsoft Internet Explorer - Crash on adding sites to restricted zone (05/28/2005) Benjamin Tobias Franz (05/28/05)
• Wide-scale industrial espionage using Trojan horses in Israel Gadi Evron (05/29/05)
• SQL Injection Exploit for myBloggie 2.1.1 - 2.1.2 Alberto Trivero (05/27/05)
• [SECURITY] [DSA 730-1] New bzip2 packages fix file unauthorised permissions modification Martin Schulze (05/27/05)
• Citrix security contact Eyal Udassin (05/26/05)
  • Re: Citrix security contact security curmudgeon (05/27/05)
• DSL-504T (and maybe many other) remote access without password bug alessandro (05/26/05)
• [AppSecInc Advisory BEA05-V0101] BEA WebLogic Administration Console login page cross-site scripting vulnerability Team SHATTER (05/27/05)
• [AppSecInc Advisory BEA05-V0100] BEA WebLogic Administration Console error page cross-site scripting vulnerability Team SHATTER (05/27/05)
• User32.dll Icon Size Crash - k - (05/25/05)
  • Re: User32.dll Icon Size Crash Daniel Souza (05/27/05)
• [USN-136-2] Fixed packages for USN-136-1 Martin Pitt (05/27/05)
• [USN-136-1] binutils vulnerability Martin Pitt (05/27/05)
• [ GLSA 200505-20 ] Mailutils: Multiple vulnerabilities in imap4d and mail Thierry Carrez (05/27/05)
• [USN-135-1] gdb vulnerabilities Martin Pitt (05/27/05)
• [USN-114-2] Fixed packages for USN-114-1 Martin Pitt (05/27/05)
• PostNuke Critical SQL Injection and XSS 0.750=>x sp3x (05/28/05)
• PHP Stat Administrative User Authentication Bypass SoulBlack Group (05/27/05)
• Buffer-overflow in C'Nedra 0.4.0 Luigi Auriemma (05/26/05)
• Buffer-overflow and crash in Terminator 3: War of the Machines 1.16 Luigi Auriemma (05/26/05)
• Re: [Full-disclosure] iDEFENSE Security Advisory 05.24.05: Ipswitch IMail Web Calendaring Arbitrary File Read Vulnerability jamesbug_at_gmx.net (05/25/05)
• [security bulletin] SSRT5899 rev.0 - HP-UX trusted system remote unauthorized access Boren, Rich (SSRT) (05/26/05)
• Meteor FTP Server: PoC Exploit Dim K0r0l (05/24/05)
• Re: Multiple Sql injection and XSS vulnerabilities in phpBB Plus v.1.52 and below and some of its modules. security curmudgeon (05/22/05)
• [security bulletin] SSRT5954 rev.1 - HP-UX TCP/IP Remote Denial of Service (DoS) Boren, Rich (SSRT) (05/26/05)
• [security bulletin] SSRT4884 rev.0 - HP-UX TCP/IP Remote Denial of Service (DoS) Boren, Rich (SSRT) (05/26/05)
• Re: PowerLink WAN Aggregator - Vunerability preasoner_at_astrocorp.com (05/24/05)
• [USN-134-1] Firefox vulnerabilities Martin Pitt (05/26/05)
• [USN-133-1] Apache utility vulnerability Martin Pitt (05/26/05)
• [ GLSA 200505-19 ] gxine: Format string vulnerability Thierry Carrez (05/26/05)
• Invision Power Board 1.* and 2.* Exploit (BID 13529) Petey Beege (05/26/05)
• Alwil Software Avast Antivirus Device Driver Memory Overwrite Vulnerability Piotr Bania (05/26/05)
• [SECURITY] [DSA 729-1] New PHP4 packages fix denial of service Martin Schulze (05/26/05)
  • Re: [SECURITY] [DSA 729-1] New PHP4 packages fix denial of service John GALLET (05/27/05)
• [SECURITY] [DSA 728-2] New qpopper packages fix arbitrary file overwriting Martin Schulze (05/26/05)
• davfs2 does not honour Unix permissions martin f krafft (05/25/05)
• Zone Labs ZoneAlarm Vet anti-virus engine OLE processing vulnerability Zone Labs Product Security (05/25/05)
• OpenServer 5.0.6 OpenServer 5.0.7 : nwprint privilege escalation please_reply_to_security_at_sco.com (05/25/05)
• High Risk Vulnerability in L-Soft's LISTSERV Server NGSSoftware Insight Security Research (05/25/05)
• shtool insecure temporary file creation ZATAZ.net (05/25/05)
• PHP Injection in PHP Poll Creator rash ilusion (05/25/05)
  • Re: PHP Injection in PHP Poll Creator Michael Cordover (05/26/05)
• iDEFENSE Security Advisory 05.25.05: GNU Mailutils 0.6 imap4d FETCH Command Resource Consumption DoS Vulnerability iDEFENSE Labs (05/25/05)
• iDEFENSE Security Advisory 05.25.05: GNU Mailutils 0.6 imap4d fetch_io Heap overflow Vulnerability iDEFENSE Labs (05/25/05)
• iDEFENSE Security Advisory 05.25.05: GNU Mailutils 0.6 mail header_get_field_name() Buffer Overflow Vulnerability iDEFENSE Labs (05/25/05)
• iDEFENSE Security Advisory 05.25.05: GNU Mailutils 0.6 imap4d Format String Vulnerability iDEFENSE Labs (05/25/05)
• exim 4.40 exploit plugger (05/24/05)
• [SECURITY] [DSA 728-1] New qpopper packages fix arbitrary file overwriting Martin Schulze (05/25/05)
• [USN-132-1] ImageMagick vulnerabilities Martin Pitt (05/23/05)
• [USN-131-1] Linux kernel vulnerabilities Martin Pitt (05/23/05)
• [ GLSA 200505-16 ] ImageMagick, GraphicsMagick: Denial of Service vulnerability Thierry Carrez (05/21/05)
• Javamail Multiple Information Disclosure Vulnerabilities Ricky Latt (05/25/05)
• iDEFENSE Security Advisory 05.24.05: Ipswitch IMail IMAP SELECT Command DoS Vulnerability iDEFENSE Labs (05/24/05)
• iDEFENSE Security Advisory 05.24.05: Ipswitch IMail Web Calendaring Arbitrary File Read Vulnerability iDEFENSE Labs (05/24/05)
• iDEFENSE Security Advisory 05.24.05: Ipswitch IMail IMAP LOGIN Remote Buffer Overflow Vulnerabilities iDEFENSE Labs (05/24/05)
• iDEFENSE Security Advisory 05.24.05: Ipswitch IMail IMAP LSUB DoS Vulnerability iDEFENSE Labs (05/24/05)
• iDEFENSE Security Advisory 05.24.05: Ipswitch IMail IMAP STATUS Remote Buffer Overflow Vulnerability iDEFENSE Labs (05/24/05)
• Endless loop in Halo 1.06 Luigi Auriemma (05/24/05)
• ACROS Security: HTML Injection in BEA WebLogic Server Console (1) ACROS Security (05/24/05)
• ACROS Security: HTML Injection in BEA WebLogic Server Console (2) ACROS Security (05/24/05)
  • Re: ACROS Security: HTML Injection in BEA WebLogic Server Console (2) Will Schroeder (05/25/05)
    • RE: ACROS Security: HTML Injection in BEA WebLogic Server Console (2) ACROS Security (05/27/05)
• Gforge - viewFile.php security flaw Filippo Spike Morelli (05/24/05)
• Blue Coat Reporter multiple remote vulnerabilities Oliver Karow (05/24/05)
• CAID 32896 - Computer Associates Vet Antivirus engine heap overflow vulnerability Williams, James K (05/24/05)
  • RE: CAID 32896 - Computer Associates Vet Antivirus engine heap overflow vulnerability Williams, James K (05/27/05)
• [ GLSA 200505-18 ] Net-SNMP: fixproc insecure temporary file creation Sune Kloppenborg Jeppesen (05/23/05)
• [ GLSA 200505-17 ] Qpopper: Multiple Vulnerabilities Sune Kloppenborg Jeppesen (05/23/05)
• Meteor FTP Server v1.5 Buffer Overflow Auston J (05/23/05)
• Format string and crash in Warrior Kings 1.3 and Battles 1.23 Luigi Auriemma (05/23/05)
• Cookie Cart Default Installation Multiple Vulnerabilities SoulBlack Group (05/22/05)
• SQL injections in PortailPHP CENSORED (05/22/05)
• Computer Associates Vet Antivirus Library Remote Heap Overflow list_at_rem0te.com (05/23/05)
• [SECURITYREASON.COM] PostNuke SQL Injection 0.750=>x Maksymilian Arciemowicz (05/21/05)
• pst.advisory 2005-21: gxine remote exploitable . opensource is god .lol windows yan feng (05/22/05)
• [SECURITYREASON.COM] PostNuke Non Critical SQL Injection and Include 0.760-RC3=>x Maksymilian Arciemowicz (05/21/05)
• [SECURITYREASON.COM] PostNuke XSS and Full path disclosure 0.760RC3=>x Maksymilian Arciemowicz (05/21/05)
• [SECURITYREASON.COM] PostNuke XSS 0.760{RC2,RC3} Maksymilian Arciemowicz (05/21/05)
• [UPDATE] UNICODE BUFFER OVERFLOW IN MS-WORD Bahaa Naamneh (05/21/05)
• [BuHa Security] Wordpress SQL-Injection Thomas Waldegger (05/20/05)
• Security contact for Trillian Suramya Tomar (05/20/05)
• episodex guestbook security bypass & html injection farhad koosha (05/20/05)
• worm "postcard" e-mail issue M. Perri (05/19/05)
• picasm error handling stack overflow vulnerability Shaun Colley (05/20/05)
• [SECURITY] [DSA 727-1] New libconvert-uulib-perl packages fix arbitrary code execution Martin Schulze (05/20/05)
• pst.advisory: gedit fun. opensource is god .lol windows yan feng (05/20/05)
• [ GLSA 200505-15 ] gdb: Multiple vulnerabilities Sune Kloppenborg Jeppesen (05/20/05)
• ERRATA: [ GLSA 200505-13 ] FreeRADIUS: SQL injection and Denial of Service vulnerability Sune Kloppenborg Jeppesen (05/20/05)
• UPDATE: [ GLSA 200504-23 ] Kommander: Insecure remote script execution Sune Kloppenborg Jeppesen (05/20/05)
• [SECURITY] [DSA 726-1] New oops packages fix format string vulnerability Martin Schulze (05/20/05)
• [USN-130-1] TIFF library vulnerability Martin Pitt (05/19/05)
• [FLSA-2005:152815] Updated libtiff packages fix security issues Marc Deslauriers (05/18/05)
• phpATM arbitrary PHP code inclusion Ingvar Gilbert (05/19/05)
• UNICODE BUFFER OVERFLOW IN MS-WORD Bahaa Naamneh (05/20/05)
• JavaMail Information Disclosure (msgno) Ricky Latt (05/19/05)
• [ GLSA 200505-14 ] Cheetah: Untrusted module search path Sune Kloppenborg Jeppesen (05/19/05)
• [SECURITY] [DSA 725-1] New ppxp packages fix local root exploit Martin Schulze (05/19/05)
• D-Link DSL routers authentication bypass Francesco Orro (05/19/05)
• MDKSA-2005:092 - Updated gzip packages fix several vulnerabilities Mandriva Security Team (05/19/05)
• MDKSA-2005:091 - Updated bzip2 packages fix multiple vulnerabilities Mandriva Security Team (05/19/05)
• MDKSA-2005:090 - Updated nasm packages fix vulnerability Mandriva Security Team (05/19/05)
• MDKSA-2005:089 - Updated cdrdao packages fix local root vulnerability Mandriva Security Team (05/19/05)
• UnixWare 7.1.4 : Updated mozilla fixes many security issues please_reply_to_security_at_sco.com (05/18/05)
• Security issue in Microsoft Outlook Bakchodiya (05/18/05)
  • RE: Security issue in Microsoft Outlook Scovetta, Michael V (05/19/05)
• [FLSA-2005:152771] Updated pam packages fix security issue Marc Deslauriers (05/18/05)
• [FLSA-2005:152883] Updated mozilla packages fix security issues Marc Deslauriers (05/18/05)
• NOVELL ZENWORKS MULTIPLE REMØTE STACK & HEAP OVERFLOWS list_at_rem0te.com (05/18/05)
• Re: Yahoo! Messenger may be storing all session data 'Unencoded' on the local machine Torseq Tech. (05/19/05)
• [USN-129-1] Squid vulnerability Martin Pitt (05/18/05)
• Windows (XP, 2k3, Longhorn) is vulnerable to IpV6 Land attack. Konrad Malewski (05/17/05)
• [USN-128-1] nasm vulnerability Martin Pitt (05/17/05)
• [USN-127-1] bzip2 vulnerabilities Martin Pitt (05/17/05)
• [SECURITY] [DSA 724-1] New phpsysinfo packages fix cross site scripting Martin Schulze (05/18/05)
• Help Center Live Vulnerabilities GulfTech Security Research (05/17/05)
• Yahoo! Messenger may be storing all session data 'Unencoded' on the local machine Torseq Tech. (05/18/05)
• Linux kernel pktcdvd ioctl break user space limit vulnerability [corrected] bugs (05/18/05)
• MDKSA-2005:088-1 - Updated mozilla-firefox packages re-enable extensions Mandriva Security Team (05/17/05)
• OpenServer 5.0.6 OpenServer 5.0.7 : telnet client multiple issues please_reply_to_security_at_sco.com (05/17/05)
• [ GLSA 200505-13 ] FreeRADIUS: Buffer overflow and SQL injection vulnerability Sune Kloppenborg Jeppesen (05/17/05)
• [CLA-2005:953] Conectiva Security Announcement - kde Conectiva Updates (05/17/05)
• Linux kernel pktcdvd and rawdevice ioctl break user space limit vulnerability alert7 (05/17/05)
• cdrdao exploit for mandrake 10.2 ( Mandriva 2005) newbug Tseng (05/16/05)
• [SePro Bugtraq] WBB Portal - JGS-Portal <= 3.0.2 - Multiple Vulnerabilities (09.05.05) deluxe_at_security-project.org (05/16/05)
  • Re: [SePro Bugtraq] WBB Portal - JGS-Portal <= 3.0.2 - Multiple Vulnerabilities (09.05.05) Steven M. Christey (05/17/05)
  • Re: [SePro Bugtraq] WBB Portal - JGS-Portal <= 3.0.2 - Multiple Vulnerabilities (09.05.05) deluxe_at_security-project.org (05/19/05)
• Mac OS X - Adobe Version Cue local root exploit [c version exploit] ali reza AcTiOnSpIdEr (05/16/05)
  • Re: Mac OS X - Adobe Version Cue local root exploit [c version exploit] Vade 79 (05/18/05)
• Woltlab Burning Board SQL Injection Vulnerability GulfTech Security Research (05/16/05)
• DotNetNuke (Multiple XSS) Mark Woan (05/16/05)
• Postnuke 0.750 - 0.760rc4 local file inclusion pokley (05/16/05)
• Multiple Vulnerabilities in MetaCart e-Shop dedi dwianto (05/16/05)
• [ GLSA 200505-12 ] PostgreSQL: Multiple vulnerabilities Sune Kloppenborg Jeppesen (05/15/05)
• [ GLSA 200505-11 ] Mozilla Suite, Mozilla Firefox: Remote compromise Sune Kloppenborg Jeppesen (05/15/05)
• Pico Server (pServ) Local Information Disclosure Claus R. F. Overbeck (05/16/05)
• Pico Server (pServ) Information Disclosure Of CGI Sources Claus R. F. Overbeck (05/16/05)
• Pico Server (pServ) Remote Command Injection Claus R. F. Overbeck (05/16/05)
• [FLSA-2005:152871] Updated nfs-utils package fixes security issue Marc Deslauriers (05/13/05)
• [FLSA-2005:152912] Updated imap packages fix security issues Marc Deslauriers (05/13/05)
• [FLSA-2005:152856] Updated sudo packages fix security issue Marc Deslauriers (05/13/05)
• MDKSA-2005:088 - Updated mozilla packages fix multiple vulnerabilities Mandriva Security Team (05/14/05)
• [FLSA-2005:152804] Updated openmotif packages fix image vulnerability Marc Deslauriers (05/13/05)
• Skull-Splitter's Guestbook Multiple XXS/HTML injection Morinex Eneco (05/14/05)
• [FLSA-2005:152768] Updated ruby package fixes security issues Marc Deslauriers (05/13/05)
• [USN-126-1] GNU TLS library vulnerability Martin Pitt (05/13/05)
• [FLSA-2005:152763] Updated qt packages fixes security issues Marc Deslauriers (05/13/05)
• Gaim 1.2.1 -- PoC Stack Overflow Ron (05/14/05)
• [ GLSA 200505-10 ] phpBB: Cross-Site Scripting Vulnerability Sune Kloppenborg Jeppesen (05/14/05)
• Yahoo! Chat Add Buddy Without Consent Privacy Issue Torseq Tech. (05/14/05)
• PHPHeaven PHPMyChat Cross-site Scripting Vulnerablitiy Megasky (05/14/05)
• Yahoo! Messenger URL Handler Remote DoS Vulnerability Torseq Tech. (05/14/05)
• OpenBB SQL Injection & Cross-site Scripting Vulnerability Megasky (05/13/05)
• cross-domain cookie theft: who's to blame? Tim Tompkins (05/13/05)
• Windows image size crash RSnake (05/13/05)
  • Re: Windows image size crash Giuseppe `lan` Marocchio (05/13/05)
  • Re: Windows image size crash Oliver J. Morais (05/13/05)
  • Re: Windows image size crash Bernhard Mitterer (05/14/05)
  • Re: Windows image size crash cmthemc_at_yahoo.com (05/18/05)
• Willings WebCam - Password Disclosure Issue SecuBox fRoGGz (05/13/05)
• [FLSA-2005:154988] Updated openoffice.org packages fix security issues Marc Deslauriers (05/13/05)
• [FLSA-2005:155508] Updated cvs package fixes security issues Marc Deslauriers (05/13/05)
• Netvault Remote Heap Overflow (another one) nolimit bugtraq (05/12/05)
• OpenServer 5.0.7 UnixWare 7.1.4 UnixWare 7.1.3 : Hyper-Threading information leakage please_reply_to_security_at_sco.com (05/13/05)
• Ultimate PHP Board (UPB) Security Advisory Morinex Eneco (05/13/05)
• 32-bit qmail fun (qmail-pop3d) (fwd) Lars Olsson (05/12/05)
• ITU 2005 Call For Papers Michal Szymanski (05/13/05)
• OllyDbg "INT3 AT" Format String Vulnerability Piotr Bania (05/13/05)
• FreeBSD Security Advisory FreeBSD-SA-05:09.htt [REVISED] FreeBSD Security Advisories (05/13/05)
• [USN-124-2] Fixed packages for USN-124-1 Martin Pitt (05/12/05)
• [USN-124-1] Mozilla and Firefox vulnerabilities Martin Pitt (05/11/05)
• [USN-125-1] Gaim vulnerabilities Martin Pitt (05/12/05)
• htdigest exploit code [bid 13537] K sPecial (05/12/05)
• [ GLSA 200505-09 ] Gaim: Denial of Service and buffer overflow vulnerabilties Sune Kloppenborg Jeppesen (05/12/05)
• MDKSA-2005:084 - Updated gnutls packages fix vulnerabilities Mandriva Security Team (05/12/05)
• MDKSA-2005:085 - Updated kdelibs packages fix vulnerabilities Mandriva Security Team (05/12/05)
• MDKSA-2005:086 - Updated gaim packages fix multiple vulnerabilities Mandriva Security Team (05/12/05)
• MDKSA-2005:087 - Updated tcpdump packages fix multiple vulnerabilities Mandriva Security Team (05/12/05)
• Acrowave AAP-3100AR authetication bypass Martin Tornwall (05/12/05)
• Directtopics Multiple Vulnerabilities (Security Advisory) Morinex Eneco (05/12/05)
• Security Advisory for Bugzilla 2.18, 2.19.2, and 2.16.8 Max Kanat-Alexander (05/12/05)
• Firefox 1.0.4 released. Several vulnerabilities fixed Paul (05/12/05)
• [DR018] Quartz Composer / QuickTime 7 information leakage David Remahl (05/12/05)
• Yappa-NG Multiple Vulnerabilities GulfTech Security Research (05/11/05)
• OpenServer 5.0.6 OpenServer 5.0.7 : chroot A known exploit can break a chroot prison. please_reply_to_security_at_sco.com (05/11/05)
• BakBone NetVault last warning class (05/11/05)
• Ethereal <= 0.10.10 SIP dissector stack overflow DoS exploit Shaun Colley (05/11/05)
• Guesbook Pro XSS & HTML Injection SoulBlack Group (05/11/05)
• Commonly used disk imaging and wiping tools can be tricked to miss parts of a disk Arne Vidström (05/11/05)
  • Re: Commonly used disk imaging and wiping tools can be tricked to miss parts of a disk Thor Arne Johansen (05/12/05)
  • Re: Commonly used disk imaging and wiping tools can be tricked to miss parts of a disk Arne Vidström (05/26/05)
• [Scan Associates Advisory] Neteyes Nexusway multiple vulnerability pokley (05/11/05)
• [HSC Security Group] MaxWebPortal - Multiple SQL injection/XSS Zinho (05/12/05)
• Cisco Security Advisory: FWSM URL Filtering Solution TCP ACL Bypass Vulnerability Cisco Systems Product Security Incident Response Team (05/11/05)
• Metasploit Framework v2.4 H D Moore (05/11/05)
• MDKSA-2005:083 - Updated ethereal packages fix multiple vulnerabilities Mandriva Security Team (05/11/05)
• Linux kernel ELF core dump privilege elevation Paul Starzetz (05/11/05)
  • Re: Linux kernel ELF core dump privilege elevation Bruno Lustosa (05/11/05)
    • Re: Linux kernel ELF core dump privilege elevation codeQ (05/12/05)
  • Re: Linux kernel ELF core dump privilege elevation Greg KH (05/11/05)
    • Re: Linux kernel ELF core dump privilege elevation Greg KH (05/11/05)
    • Re: Linux kernel ELF core dump privilege elevation Paul Starzetz (05/11/05)
  • Re: Linux kernel ELF core dump privilege elevation (kernel module workaround) Andrew Griffiths (05/12/05)
    • Re: Linux kernel ELF core dump privilege elevation (kernel module workaround) chris (05/13/05)
  • Re: Linux kernel ELF core dump privilege elevation antoine (05/12/05)
    • Re: Linux kernel ELF core dump privilege elevation Pedro Venda (05/13/05)
• WowBB view_user.php SQL Injection Vulnerability Megasky (05/10/05)
• remote root security bug in ethereal 0.9.13 >= and <= 0.10.10 suresec advisories (05/09/05)
• [ GLSA 200505-07 ] libTIFF: Buffer overflow Sune Kloppenborg Jeppesen (05/10/05)
• CAIF 1.2 released Oliver Goebel (05/10/05)
• Gamespy cd-key validation system: "Cd-key in use" DoS versus many games Luigi Auriemma (05/11/05)
• [ GLSA 200505-08 ] HT Editor: Multiple buffer overflows Sune Kloppenborg Jeppesen (05/10/05)
• Firefox Crash?? orebla Orebla (05/10/05)
  • Re: Firefox Crash?? Joxean Koret (05/10/05)
  • Re: Firefox Crash?? Christophe Lucas (05/11/05)
  • Re: Firefox Crash?? Jeremy Kelley (05/11/05)
• TCP/IP implementations do not adequately validate ICMP error messages Alok Menghrajani - Ilion Security SA (05/10/05)
  • Re: TCP/IP implementations do not adequately validate ICMP error messages Peter Keel (05/11/05)
  • Re: TCP/IP implementations do not adequately validate ICMP error messages Maciej Soltysiak (05/11/05)
  • Re: SPAM-HIGH: TCP/IP implementations do not adequately validate ICMP error messages David Nichols (05/11/05)
  • RE: TCP/IP implementations do not adequately validate ICMP error messages David Schwartz (05/10/05)
• TSLSA-2005-0021 - squid Trustix Security Advisor (05/10/05)
• New Macromedia Security Zone Bulletin Posted Macromedia Security Zone (05/10/05)
• Crash in Zoidcom 1.0 beta 4 Luigi Auriemma (05/10/05)
• Esqo advisory: GeoVision Digital Video Surveillance System - Multiple authentication issues Tirath Rai (05/10/05)
• [ GLSA 200505-06 ] TCPDump: Decoding routines Denial of Service vulnerability Sune Kloppenborg Jeppesen (05/09/05)
• [ GLSA 200505-05 ] gzip: Multiple vulnerabilities Sune Kloppenborg Jeppesen (05/09/05)
• Viruses can evade Sophos Anti-Virus xerces8 (05/09/05)
• Easy Message Board Directory Traversal and Remote Command SoulBlack Group (05/08/05)
• Advanced Guestbook 2.3.1 Spy Hat (05/08/05)
• phpbb 2.0.15 released - patches high critical vuln Paul Laudanski (05/08/05)
  • Re: phpbb 2.0.15 released - patches high critical vuln Paul Laudanski (05/13/05)
• [SecurityLab] Ethereal 0.10.10 SIP Dissector Overflow Ejovi Nuwere (05/08/05)
• Re: Can't trust COMODO - An Update Gunter Ollmann (05/09/05)
• Announcement: The Web Security Mailing List contact_at_webappsec.org (05/09/05)
• NISCC Vulnerability Advisory IPSEC - 004033 albatross_at_tim.it (05/10/05)
• [SECURITY] [DSA 722-1] New smail packages fix arbitrary code execution Martin Schulze (05/09/05)
• Firefox Remote Compromise Technical Details Paul (05/08/05)
• Firefox Remote Compromise Leaked Paul (05/08/05)
• PwsPHP v1.2.2 Final - Multiples vulnerabilities SecuBox fRoGGz (05/07/05)
• [SECURITY] [DSA 723-1] New XFree86 packages fix arbitrary code execution Martin Schulze (05/09/05)
• [ GLSA 200505-04 ] GnuTLS: Denial of Service vulnerability Matthias Geerdsen (05/09/05)
• firefox 1.0.3 spoof+auto dl john smith (05/07/05)
  • Re: firefox 1.0.3 spoof+auto dl Paul (05/08/05)
• 4d WebSTAR 5.x Web Server Mac OS X Buffer Overflow Braden Thomas (05/06/05)
• [ GLSA 200505-03 ] Ethereal: Numerous vulnerabilities Sune Kloppenborg Jeppesen (05/06/05)
• [USN-123-1] Xine library vulnerabilities Martin Pitt (05/06/05)
• Secure Science Corporation Advisory CSA-056 SSC Advisory Notice (05/03/05)
• [USN-120-1] Apache 2 vulnerability Martin Pitt (05/06/05)
• [USN-121-1] OpenOffice.org vulnerability Martin Pitt (05/06/05)
• [USN-122-1] Squid vulnerability Martin Pitt (05/06/05)
• [USN-119-1] tcpdump vulnerabilities Martin Pitt (05/06/05)
• [SECURITY] [DSA 721-1] New squid packages fix ACL bypass Martin Schulze (05/06/05)
• [SEC-1 LTD] RSA SecurID Web Agent Heap Overflow Gary O'leary-Steele (05/06/05)
• PHP Advanced Transfer Manager v1.21 tjomi4_at_gmail.com (05/06/05)
• FreeBSD Security Advisory FreeBSD-SA-05:08.kmem FreeBSD Security Advisories (05/06/05)
• FreeBSD Security Advisory FreeBSD-SA-05:07.ldt FreeBSD Security Advisories (05/06/05)
• FreeBSD Security Advisory FreeBSD-SA-05:06.iir FreeBSD Security Advisories (05/06/05)
• MDKSA-2005:081 - Updated XFree86/XOrg packages fix libXpm vulnerabilities Mandriva Security Team (05/06/05)
• Multiple Vulnerabilities In Invision Power Board GulfTech Security Research (05/06/05)
• MDKSA-2005:082 - Updated OpenOffice.org packages fix heap overflow vulnerability Mandriva Security Team (05/06/05)
• Sql Injection in CJ Ultra Plus v1.0.3-1.0.4 Kold (05/06/05)
• [ GLSA 200505-02 ] Oops!: Remote code execution Luke Macken (05/06/05)
• Mac OS 10.4: new-account-wizzard in Mail 2.0 sends clear-text passwords Markus Wörle (05/04/05)
• Gamespy cd-key validation system: Cd-key never in use Luigi Auriemma (05/04/05)
• Multiple vulnearabilities in e107 cms hennoj_at_gmail.com (05/03/05)
• [USN-115-1] Kommander vulnerability Martin Pitt (05/03/05)
• [USN-117-1] cvs vulnerability Martin Pitt (05/04/05)
• [USN-114-1] kimgio vulnerability Martin Pitt (05/03/05)
• [hackgen-2005-#004] - Multiple bugs in MidiCart PHP Shopping Cart Exoduks (05/05/05)
• DMA[2005-0502a] - 'Apple OSX multiple Bluetooth vulnerabilities' Kevin Finisterre (05/04/05)
• [USN-118-1] PostgreSQL vulnerabilities Martin Pitt (05/04/05)
• [USN-116-1] gzip vulnerabilities Martin Pitt (05/04/05)
• Local root vuln in VPN daemon on MacOS X Pieter de Boer (05/04/05)
• Re: AWStats <= 6.4 Multiple vulnerabilities Laurent Destailleur (05/04/05)
• Multiple Vulnerabilities In osTicket GulfTech Security Research (05/03/05)
• Multiple Vulnerabilities In SitePanel2 GulfTech Security Research (05/03/05)
• Multiple vulnerabilities in myBloggie 2.1.1 Alberto Trivero (05/05/05)
• [USN-113-1] libnet-ssleay-perl vulnerability Martin Pitt (05/03/05)
• dSMTP - SMTP Mail Server 3.1b Linux Remote Root Format String Exploit cybertronic_at_gmx.net (05/05/05)
• Oracle 10g DBMS_SCHEDULER SESSION_USER issue Alexander Kornbrust (05/05/05)
• Oracle 9i / 10g Fine Grained Auditing Issue Alexander Kornbrust (05/05/05)
• MegaBook V2.0 - Cross Site Scripting Exploit Spy Hat (05/05/05)
  • Re: MegaBook V2.0 - Cross Site Scripting Exploit Morning Wood (05/06/05)
  • Re: MegaBook V2.0 - Cross Site Scripting Exploit Spy Hat (05/08/05)
• MRO Maximo v4 & v5 Felix (05/05/05)
• directory traversal in SimpleCam 1.2 Donato Ferrante (05/04/05)
• iDEFENSE Security Advisory 05.04.05: Apple Mac OS X vpnd Server_id Buffer Overflow Vulnerability iDEFENSE Labs (05/04/05)
• leafnode security announcement leafnode-SA-2005-01 Matthias Andree (05/04/05)
• Gossamer Threads Links SQL login XSS Vulnerability Nathan House (05/04/05)
• iDEFENSE Security Advisory 05.03.05: Mac OS X Server NeST -target Buffer Overflow Vulnerability iDEFENSE Labs (05/03/05)
• Authentication bypass, sql injections and xss in ArticleLive 2005 dcrab (05/03/05)
  • Re: Authentication bypass, sql injections and xss in ArticleLive 2005 Steven M. Christey (05/11/05)
• Golden Ftp Server Pro - Directory Traversal Vuln Lachlan. H (05/04/05)
• Multiple SQL injections and XSS in FishCart 3.1 dcrab (05/04/05)
• Advisories for 4 vulnerabilities addressed by Apple SU 2005-005 David Remahl (05/03/05)
• Multiple vulnerabilities in Merak Mail Server 8.0.3 with Icewarp Web Mail 5.4.2 ShineShadow (05/04/05)
• [HSC Security Group] ASP Inline Corporate Calendar SQL injection Zinho (05/03/05)
• [SECURITY] [DSA 720-1] New smartlist packages fix unauthorised un/subscription Martin Schulze (05/03/05)
• Local file detection bug found through Adobe SVG Viewer Hyperdose Security (05/04/05)
• ASP.NET __VIEWSTATE crypto validation prone to replay attacks Michal Zalewski (05/03/05)
  • RE: ASP.NET __VIEWSTATE crypto validation prone to replay attacks Tim Farley (05/03/05)
  • Re: ASP.NET __VIEWSTATE crypto validation prone to replay attacks Michal Zalewski (05/05/05)
    • Re: ASP.NET __VIEWSTATE crypto validation prone to replay attacks Michal Zalewski (05/05/05)
      • Re: ASP.NET __VIEWSTATE crypto validation prone to replay attacks Anton Ivanov (05/12/05)
  • Re: ASP.NET __VIEWSTATE crypto validation prone to replay attacks H D Moore (05/03/05)
• tHorK FrameWork Beta v0.1::: another exploit framework gilbert nzeka (05/02/05)
• [CLA-2005:952] Conectiva Security Announcement - kernel Conectiva Updates (05/02/05)
• Directory Traversal Vuln - RaidenFTPD 2.4 < Build 2241 Lachlan. H (05/02/05)
• Re: Privilege escalation in BulletProof FTP Server v2.4.0.31 [PoC] Jerome ATHIAS (04/29/05)
• Regions bank phishing scam Ryan S (04/30/05)
• Can't trust COMODO Gunter Ollmann (NGS) (05/02/05)
• JGS-Portal 3.0.1 SQL-Injection admin_at_batznet.com (04/30/05)
• Golden FTP Server Pro Remote Buffer Overflow Exploit mohamed amhemed (04/30/05)
• [ GLSA 200504-30 ] phpMyAdmin: Insecure SQL script installation Sune Kloppenborg Jeppesen (04/30/05)
• Defcon Capture the Flag registration is open Kenshoto (04/30/05)
• Microsoft WINS Vulnerability + OS/SP Scanner class (04/30/05)
• Re: Apache hacks (./atac, d0s.txt) a.list.address_at_gmail.com (05/01/05)
  • Re: Apache hacks (./atac, d0s.txt) Chris Umphress (04/30/05)
  • Re: Apache hacks (./atac, d0s.txt) Sagiko (04/30/05)
  • Re: Apache hacks (./atac, d0s.txt) Daniel Cid (04/30/05)
  • Re: Apache hacks (./atac, d0s.txt) Luiz Henrique (04/30/05)
  • Re: Apache hacks (./atac, d0s.txt) Skip Carter (04/30/05)
  • Re: Apache hacks (./atac, d0s.txt) KF (lists) (04/29/05)
  • Re: Apache hacks (./atac, d0s.txt) Jay D. Dyson (04/29/05)
  • Re: Apache hacks (./atac, d0s.txt) Steve Kemp (04/29/05)
  • Re: Apache hacks (./atac, d0s.txt) Nick Bright (05/02/05)
• Insecure pty permissions in OS X < 10.4 Matt Johnston (05/01/05)
• Clients format string and server crash in Mtp-Target 1.2.2 Luigi Auriemma (05/01/05)
• [ GLSA 200505-01 ] Horde Framework: Multiple XSS vulnerabilities Luke Macken (05/01/05)
• Multiple Vulnerabilities in Video Cam Server 1.0.0 Donato Ferrante (05/02/05)
• DMA[2005-0501a] - 'ARPUS/Ce setuid buffer overflow and file overwrite' KF (lists) (05/01/05)

Last message date: 05/31/05
Archived on: 05/31/05 CEST

360 messages sorted by: [ author ] [ date ] [ subject ] [ attachment ]

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint