SecurityFocus Bugtraq
By Author

444 messages sorted by: [ date ] [ thread ] [ subject ] [ attachment ]

Starting: 01/01/70
Ending: 08/31/05

'ken'_at_FTU
- SimplePHPBlog Arbitrary File Deletion and Sample Exploit (08/29/05)
3APA3A
- Re: Mercora IMRadio 4.0.0.0 Discloses Passwords to Local Users (08/24/05)
- Re: Remote IIS 5.x and IIS 6.0 Server Name Spoof (08/23/05)
- Microsoft ActiveSync information leak and spoofing (08/02/05)
Aaron Horst
- Re: PunBB BBCode IMG Tag Script Injection Vulnerability (08/30/05)
ABDUCTER_MINDS_at_YAHOO.COM
- SQL IN Open Bulletin Board (08/08/05)
- SQL IN PortailPHP (08/04/05)
- Arab Portal (08/01/05)
ad_at_class101.org
- Re: [Full-disclosure] MS05_039 Exploitation (different languages) (08/25/05)
admin_at_batznet.com
- Woltlab Burning Board <= 2.2.2/2.3.3 modcp.php SQL injection (08/20/05)
Adrocknaphobia
- Bugtraq ID: 14460 : Coldfusion Fusebox V4.1.0 Vulnerability (08/09/05)
advisories
- Corsaire Security Advisory: HP Ignite-UX filesystem permissions issue (08/16/05)
- Corsaire Security Advisory: HP Ignite-UX passwd file disclosure issue (08/16/05)
ak_at_red-database-security.com
- Oracle Password Checker (08/23/05)
alert7
- Xcon2005 papers released (08/29/05)
Alexey Agapov
- Password Disclosure in Whisper32 (08/18/05)
Alfred Huger
- Call for new mailing lists @ SecurityFocus (08/31/05)
ali202_at_fastermail.com
- Foojan PHP Weblog Information Disclosure - Refferer Html Injection (08/24/05)
alireza hassani
- SQL injection in Persianblog (08/16/05)
Allen Parker
- Re: ZipTorrent 1.3.7.3 Discloses Proxy Passwords to Local Users (08/24/05)
almaster_at_hotmail.com
- SQL in PHPTB Topic Boards 2.0 (08/13/05)
- VBZoom Cross Site Scripting Vulnerabilities (07/29/05)
alphademon
- HACK IN THE BOX SECURITY CONFERENCE 2005 (08/01/05)
Amit Klein (AKsecurity)
- Technical Note by Amit Klein: Detecting and Preventing HTTP Response Splitting and HTTP Request Smuggling Attacks at the TCP Le (08/15/05)
Andrew McCullough
- MS05-042 Security Update Problems (08/30/05)
angelo_at_rosiello.org
- Obsidis #1 Call for Papers (08/31/05)
asierillo_at_gmail.com
- Re: Re: Quick 'n Easy FTP Server 3.0 pro / lite (buffer overflow vulnerabilities) (08/03/05)
astovidatu_at_security-project.org
- PaFileDB 3.1 - SQL-Injection (08/24/05)
AsTriXs
- Re: Defeating Citi-Bank Virtual Keyboard Protection (08/06/05)
atmaca_at_icqmail.com
- WinAce Temporary File Parsing Buffer Overflow Vulnerability (08/19/05)
bannedit_at_frontiernet.net
- Fetchmail 6.2.5 exploit for Bugtraq ID: 14349 (08/30/05)
Beauford, Jason
- RE: secure client-side platform (08/31/05)
bendeniz_avci_at_hotmail.com
- Land Down Under (08/28/05)
bl2k_at_shabgard.org
- Nephp Publisher Enterprise 3.04 Cross Site Scripting (08/22/05)
- Bugs Land Down Under v800 (08/20/05)
Boren, Rich (HP SSRT)
- [security bulletin] SSRT051023 rev.0 - HP Openview Network Node Manager (OV NNM) Remote Unauthorized Access (08/26/05)
- [security bulletin] SSRT4702 rev.0 - HP-UX running Veritas 3.3/3.5 unauthorized data access (08/25/05)
- [security bulletin] SSRT4874 rev.0 - HP-UX Ignite-UX Remote Unauthorized Access (08/16/05)
brom0815_at_gmx.de
- Re: Quick 'n Easy FTP Server 3.0 pro / lite (buffer overflow vulnerabilities) (08/02/05)
c0ntex_at_open-security.org
- Root exploits in Lantonix Secure Console Server (08/05/05)
c0ntexb_at_gmail.com
- ELM < 2.5.8 Remote Exploit POC (08/22/05)
Cangrejito Playero
- Re: [ GLSA 200508-14 ] TikiWiki, eGroupWare: Arbitrary command execution through XML-RPC (08/26/05)
cdmiller-bugtraq_at_adams.edu
- Re: RE: Cisco Clean Access Agent (Perfigo) bypass (08/23/05)
Cedric Cochin
- Multiple PHP Images Galleries EXIF Metadata XSS Vulnerabilities (08/26/05)
cedric_at_securityfocus.com
- SQL injection in mediabox404 v1.2 (08/17/05)
Cesar
- Re: Re : [Firefox Bug 302187] New: Shared section vulnerability when opening microsoft office document resulting in DoS (07/30/05)
Chris Palmer
- Fwd: Tor security advisory: DH handshake flaw (08/19/05)
Christopher Day
- RE: [Full-disclosure] Help put a stop to incompetent computer forensics (08/10/05)
Christopher Kunz
- Advisory 13/2005: Remote code execution in SysCP (08/08/05)
Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco Intrusion Prevention System Vulnerable to Privilege Escalation (08/22/05)
- Cisco Security Advisory: SSL Certificate Validation Vulnerability in IDS Management Software (08/22/05)
- Cisco Security Advisory: Cisco Clean Access Unauthenticated API Access (08/17/05)
coki_at_nosystem.com.ar
- nbSMTP v0.99 remote format string exploit (08/05/05)
colin_at_funkboard.co.uk
- Re: FunkBoard V0.66CF (possibly prior versions) cross site scripting, possible database username/password disclosure & board takeover,possible remote code execution (08/13/05)
contact_at_webappsec.org
- WASC-Articles: 'Preventing Log Evasion in IIS' (08/29/05)
Crispin Cowan
- Re: On classifying attacks (08/04/05)
cybertronic_at_gmx.net
- Re: CAID 33239 - Computer Associates BrightStor ARCserve/Enterprise Backup Agents buffer overflow vulnerability (08/03/05)
D K
- Bypassing the new /GS protection in VC++ 7.1 (08/18/05)
Damien Miller
- Re: ICMP attacks against TCP: Conclusions (08/31/05)
Damien Palmer
- Re: LeapFTP .lsq Buffer Overflow Vulnerability (08/25/05)
Dan Yefimov
- Re: ICMP attacks against TCP: Conclusions (08/30/05)
Dan.Creed_at_thecreeds.net
- Scanning Software Bugs (08/02/05)
Daniel Bonekeeper
- Re: Defeating Citi-Bank Virtual Keyboard Protection (08/06/05)
Daniel Weber
- Re: On classifying attacks (07/28/05)
Dario Ciccarone (dciccaro)
- RE: Cisco Clean Access Agent (Perfigo) bypass (08/21/05)
- RE: Cisco Clean Access Agent (Perfigo) bypass (08/22/05)
Darren Pilgrim
- RE: Trillian Ver 3.1 saves password's in plain Text (08/03/05)
Darren Reed
- Re: Cisco IOS Shellcode - McAfee IPS Protection (08/05/05)
Dave Hull
- Re: Tool for Identifying Rogue Linksys Routers (08/26/05)
David Cross
- Zone Alarm Security Contact (08/03/05)
David Gillett
- RE: unload event in ie/mozilla/opera (08/24/05)
David Litchfield
- Re: Portcullis Security Advisory 05-014 HP Openview Remote Command Execution Vulnerability (08/25/05)
David Watson
- Re: GNU tar and the setuid bit (08/07/05)
- Re: GNU tar and the setuid bit (08/06/05)
Debasis Mohanty
- Defeating Citi-Bank Virtual Keyboard Protection (08/05/05)
devfreedom_at_gmail.com
- Re: [NOBYTES.COM: #8] Naxtor Shopping Cart 1.0 - Information Disclosure & Possible SQL Injection (08/25/05)
Dinis Cruz
- Re: [VulnWatch] The Java applet sandbox and stateful firewalls (08/01/05)
Dirk Mueller
- [KDE Security Advisory] kpdf temp file writing DoS vulnerability (08/09/05)
Donato Ferrante
- Multiple Vulnerabilities in Home Ftp Server 1.0.7 (08/24/05)
- Unicode Buffer Overflow in WinFtp Server 1.6.8 (08/17/05)
Douglas Duckworth
- Re: [SECURITY] [DSA 777-1] New Mozilla packages fix frame injection spoofing vulnerability (08/18/05)
Dowling, Gabrielle
- RE: Sophos Antivirus Library Remote Heap Overflow (08/27/05)
Dr. Peter Bieringer
- Insecure directory permissions of default installation of Kaspersky Anti-Virus for Unix/Linux File Servers will lead to local root exploit (08/12/05)
Drew Haven
- Re: unload event in ie/mozilla/opera (08/25/05)
Duncan Simpson
- Re: On classifying attacks (07/24/05)
Early, Clint
- RE: unload event in ie/mozilla/opera (08/25/05)
Earnhart, Benjamin J
- RE: uguestbook exploit (07/28/05)
Ed Reed
- NOVL-2005010098073 GroupWise Password Caching (08/17/05)
eddie_at_interspire.com
- Re: Interspire ArticleLive 2005 (php version) is vulnerable to XSS (08/23/05)
edward11_at_postmaster.co.uk
- E107 + IPB XSS Exploit (08/08/05)
Fabrice MOURRON
- Re: MS05_039 Exploitation (different languages) (08/26/05)
Fernando Gont
- ICMP attacks against TCP: Conclusions (07/28/05)
Fischer, Andreas
- ssl-login-checkbox faked in Lycos webmail-frontend (08/25/05)
Florian Weimer
- Re: ISS vs. Cisco: Chapter 2 (08/11/05)
- Re: [VulnWatch] The Java applet sandbox and stateful firewalls (08/01/05)
- The Java applet sandbox and stateful firewalls (07/31/05)
Forte Systems - Iosif Peterfi
- RE: On classifying attacks (08/02/05)
- RE: On classifying attacks (07/29/05)
fournaux_at_khmerdev.com
- AWstats Path Disclosure Vulnerability (08/26/05)
Frank Denis (Jedi/Sector One)
- Re: [Full-disclosure] mutt buffer overflow (08/18/05)
fukami
- 22nd Chaos Communication Congress 2005: Call for Papers (08/26/05)
FX
- ISS vs. Cisco: Chapter 2 (08/11/05)
Gadi Evron
- drone armies C&C report - July/2005 (08/15/05)
gb.network_at_gmail.com
- Full path disclosure in CaLogic 1.22 and possible in older versions. (08/10/05)
gegegz_at_aol.com
- Re: unload event in ie/mozilla/opera (08/28/05)
Godwin Stewart
- Re: unload event in ie/mozilla/opera (08/26/05)
golovast_at_gmail.com
- Vulnerability in Symantec Anti Virus Corporate Edition v9.x (08/31/05)
GomoR
- Cross-site scripting vulnerability in BEA WebLogic administration console (08/24/05)
goszynskif_at_gmail.com
- PHPTB Topic Board <= 20: Multiple PHP injection vulnerabilities (08/17/05)
Graham Wilson
- Re: Tool for Identifying Rogue Linksys Routers (08/26/05)
groszynskif_at_gmail.com
- CMS Made Simple <= 0.10 - PHP injection (08/31/05)
GulfTech Security Research
- MySQL Eventum Multiple Vulnerabilities (07/31/05)
h1kari_at_toorcon.org
- ToorCon 7 Lineup Finalized & Pre-Registration Ending (08/20/05)
h4cky0u.org_at_gmail.com
- Land Down Under 801 And Prior Multiple SQL Injection Vulnerabilities (08/29/05)
h4cky0u_at_gmail.com
- ATutor 1.5.1 and prior multiple XSS Vulnerabilities (08/18/05)
- w-agora 4.2.0 and prior Remote Directory Travel Vulnerability (08/18/05)
- PHPFreeNews V1.40 and prior Multiple Vulnerabilities (08/17/05)
heintz_at_hotmail.com
- Sql injection and global variables poisoning in XMB Forum 1.9.1 (08/09/05)
houseofdabus
- (MS05-039) Microsoft Windows Plug-and-Play Service Remote Overflow (Universal Exploit + no crash shellcode) (08/12/05)
Hugo van der Kooij
- Re: Scanning Software Bugs (08/04/05)
Ian Mitchell
- Re: Coldfusion Fusebox V4.1.0 Vulnerability (08/03/05)
ICool
- Re: [NOBYTES.COM: #8] Naxtor Shopping Cart 1.0 - Information Disclosure & Possible SQL Injection (08/08/05)
iDEFENSE Labs
- iDEFENSE Security Advisory 08.29.05: Symantec AntiVirus 9 Corporate Edition Local Privilege Escalation Vulnerability (08/29/05)
- iDEFENSE Security Advisory 08.29.05: Adobe Version Cue VCNative Arbitrary File Overwrite Vulnerability (08/29/05)
- iDEFENSE Security Advisory 08.29.05: Adobe Version Cue VCNative Arbitrary Library Loading Vulnerability (08/29/05)
- iDEFENSE Security Advisory 08.09.05: AWStats ShowInfoURL Remote Command Execution Vulnerability (08/09/05)
- iDEFENSE Security Advisory 08.05.05: EMC Navisphere Manager Directory Traversal Vulnerability (08/05/05)
- iDEFENSE Security Advisory 08.02.05: CA BrightStor ARCserve Backup Agent for MS SQL Server Buffer Overflow (08/03/05)
Imran Ghory
- Re: tar preserves setuid bit (08/05/05)
- Re: Zip 2,31 bad default file-permissions vulnerability (08/05/05)
- tar preserves setuid bit (08/05/05)
- Re: Zip 2,31 bad default file-permissions vulnerability (08/04/05)
- Zip 2,31 bad default file-permissions vulnerability (08/03/05)
- unzip TOCTOU file-permissions vulnerability (08/02/05)
inge_eivind.henriksen_at_chello.no
- Remote IIS 5.x and IIS 6.0 Server Name Spoof (08/22/05)
- Creating a secret web site on IIS 5.x using Alternative Data Streams (08/04/05)
innate_at_gmx.de
- [cosmoshop <= 8.10.78] be the shopadmin in one step (08/29/05)
James C Slora Jr
- RE: Creating a secret web site on IIS 5.x using Alternative Data Streams (08/09/05)
Jason Coombs
- Sensitive Information Disclosure Vulnerability in Kinetics Kiosk Product (08/18/05)
- Help put a stop to incompetent computer forensics (08/10/05)
Jay D. Dyson
- Re: Sensitive Information Disclosure Vulnerability in Kinetics Kiosk Product (08/18/05)
Jeff Peadro
- FW: Updated Version & Exploit - Privilege escalation in Nortel Contivity VPN Client V05_01.030 (08/12/05)
- Privilege escalation in Nortel Contivity VPN Client V05_01.030 (08/10/05)
Jeremy C. Reed
- Re: tar preserves setuid bit (08/09/05)
John Cobb
- [NOBYTES.COM: #9] ECW Shop 6.0.2 - Multiple Vulnerabilities (08/16/05)
- [NOBYTES.COM: #8] Naxtor Shopping Cart 1.0 - Information Disclosure & Possible SQL Injection (08/02/05)
Josh Zlatin-Amishav
- remote DOS on Wyse thin client 1125SE (08/10/05)
Joshua Wright
- Re: Tool for Identifying Rogue Linksys Routers (08/25/05)
julio_at_rfdslabs.com.br
- [RLSA_01-2005] QNX inputtrap arbitrary file read vulnerability (08/24/05)
kato
- Re: Xoops 2.2.1 Full Path Disclosure (08/12/05)
Kaveh Razavi
- Re: LeapFTP .lsq Buffer Overflow Vulnerability (08/25/05)
- Re: LeapFTP .lsq Buffer Overflow Vulnerability (08/24/05)
Keith Phillips
- RE: Trillian Ver 3.1 saves password's in plain Text (08/02/05)
KF (lists)
- DMA[2005-0826a] - 'Nokia Affix Bluetooth btsrv poor use of popen()' (08/27/05)
- DMA[2005-0818a] - 'Apple OSX dsidentity privilege abuse' (08/22/05)
- Bluez hcid popen() explained. (08/18/05)
- Bluetooth: Theft of Link Keys for Fun and Profit? (08/12/05)
- Re: Scanning Software Bugs (08/04/05)
kozan_at_spyinstructors.com
- ZipTorrent 1.3.7.3 Discloses Proxy Passwords to Local Users (08/23/05)
- Mercora IMRadio 4.0.0.0 Discloses Passwords to Local Users (08/23/05)
Kroma Pierre
- Grandstream Budge Tone 101/102 DoS Vulnerability (08/12/05)
list_at_rem0te.com
- Re: Sophos Antivirus Library Remote Heap Overflow (08/28/05)
- Sophos Antivirus Library Remote Heap Overflow (08/26/05)
- Re: ClamAV Multiple Rem0te Buffer Overflows (08/04/05)
liudieyu_at_umbrella.name
- secure client-side platform (08/31/05)
ljuranic_at_lss.hr
- Re: LSS Security Advisory: Winamp remote buffer overflow vulnerability (07/29/05)
llhansen-bugtraq_at_adams.edu
- Cisco Clean Access Agent (Perfigo) bypass (08/19/05)
Ludwig Nussel
- SUSE Security Announcement: several kernel security problems (SUSE-SA:2005:044) (08/04/05)
Luigi Auriemma
- Multiple vulnerabilities in BFCommand & Control for Battlefield 1942 and Vietnam (08/29/05)
- Server crash in Ventrilo 2.3.0 (08/23/05)
- Buffer-overflow in Chris Moneymaker's World Poker Championship 1.0 (08/17/05)
Lupe Christoph
- Re: Zip 2,31 bad default file-permissions vulnerability (08/05/05)
- Re: Zip 2,31 bad default file-permissions vulnerability (08/04/05)
- Re: Zip 2,31 bad default file-permissions vulnerability (08/04/05)
Maciej Soltysiak
- [UNTRUE] Gadu-Gadu supposedly fixed the invisible detection vulnerability? (08/30/05)
madsys
- Tool Announcement: AIRT -- the Advanced Incident Response Tool 0.4.2 released (08/25/05)
Mandriva Security Team
- MDKSA-2005:153 - Updated gnumeric packages fix integer overflow vulnerability (08/27/05)
- MDKSA-2005:154 - Updated python packages fix integer overflow vulnerability (08/27/05)
- MDKSA-2005:149 - Updated lm_sensors packages fix temporary file vulnerability (08/26/05)
- MDKSA-2005:151 - Updated pcre packages fix integer overflow vulnerability (08/26/05)
- MDKSA-2005:150 - Updated bluez-utils packages fix vulnerability (08/26/05)
- MDKSA-2005:152 - Updated php packages fix integer overflow vulnerability (08/26/05)
- MDKSA-2005:147 - Updated slocate packages fix vulnerability (08/23/05)
- MDKSA-2005:148 - Updated vim packages fix vulnerability (08/23/05)
- MDKSA-2005:146 - Updated php-pear packages fix more PEAR XML-RPC vulnerabilities (08/23/05)
- MDKSA-2005:145 - Updated openvpn packages fix several vulnerabilities (08/23/05)
- MDKSA-2005:144 - Updated wxPythonGTK packages several vulnerabilities (08/18/05)
- MDKSA-2005:141 - Updated evolution packages fixes format string vulnerabilities (08/18/05)
- MDKSA-2005:142 - Updated libtiff packages fixes vulnerability (08/18/05)
- MDKSA-2005:143 - Updated kdegraphics packages fix kfax vulnerability (08/18/05)
- MDKSA-2005:140 - Updated proftpd packages fix format string vulnerabilities (08/16/05)
- MDKSA-2005:139 - Updated gaim packages fix yet more vulnerabilities (08/16/05)
- MDKSA-2005:134 - Updated xpdf packages fix vulnerability (08/11/05)
- MDKSA-2005:136 - Updated gpdf packages fix vulnerability (08/11/05)
- MDKSA-2005:135 - Updated kdegraphics packages fix vulnerability (08/11/05)
- MDKSA-2005:137 - Updated ucd-snmp packages fix a DoS vulnerability (08/11/05)
- MDKSA-2005:138 - Updated cups packages fix vulnerability (08/11/05)
- MDKSA-2005:133 - Updated netpbm packages fix temporary file vulnerabilities (08/10/05)
- MDKSA-2005:132 - Updated heartbeat packages fix temporary file vulnerabilities (08/10/05)
- MDKSA-2005:131 - Updated ethereal packages fix multiple vulnerabilities (08/05/05)
- MDKSA-2005:130 - Updated apache packages fix vulnerabilities (08/03/05)
- MDKSA-2005:129 - Updated apache2 packages fix vulnerabilities (08/03/05)
- MDKSA-2005:128 - Updated mozilla packages fix multiple vulnerabilities (08/03/05)
manolisgavriil_at_hotmail.com
- Design Flaw at Microsoft's AntiSpyware (08/06/05)
Marc Deslauriers
- [FLSA-2005:157701] Updated Apache httpd packages fix security issues (08/11/05)
- [FLSA-2005:157696] Updated gzip package fixes security issues (08/11/05)
- [FLSA-2005:152889] Updated mc packages fix security issues (08/11/05)
- [FLSA-2005:129284] Updated spamassassin package fixes security issue (08/11/05)
Marc Ruef
- e107 0.6 forum_post.php create new topics in non-existing forums (08/30/05)
- Mozilla Firefox up to 1.0.6 and Mozilla Thunderbird up to 1.0 url string obfuscation (08/09/05)
Marcus Meissner
- SUSE Security Announcement: pcre integer overflows (SUSE-SA:2005:048) (08/30/05)
- SUSE Security Announcement: php4/php5 Pear::XML_RPC code injection and PCRE integer overflow problems (SUSE-SA:2005:049) (08/30/05)
- SUSE Security Announcement: Adobe Reader Plugin buffer overflow (SUSE-SA:2005:047) (08/22/05)
- SUSE Security Announcement: apache, apache2 request smuggling problem (SUSE-SA:2005:046) (08/16/05)
- SUSE Security Announcement: Mozilla various security problems (SUSE-SA:2005:045) (08/11/05)
Mark Burnett
- CORRECTION: Remote IIS 5.x and IIS 6.0 Server Name Spoof (08/25/05)
Martin Mkrtchian
- Tool for Identifying Rogue Linksys Routers (08/25/05)
Martin Pitt
- [USN-173-3] Fixed apache2 packages for USN-173-2 (08/30/05)
- [USN-174-1] courier vulnerability (08/26/05)
- [USN-173-2] PCRE vulnerability (08/24/05)
- [USN-173-1] PCRE vulnerability (08/23/05)
- [USN-172-1] lm-sensors vulnerability (08/23/05)
- [USN-171-1] PHP4 vulnerabilities (08/20/05)
- [USN-169-1] Linux kernel vulnerabilities (08/19/05)
- [USN-170-1] gnupg vulnerability (08/19/05)
- [USN-168-1] Gaim vulnerabilities (08/12/05)
- [USN-165-1] heartbeat vulnerability (08/11/05)
- [USN-164-1] netpbm vulnerability (08/11/05)
- [USN-166-1] Evolution vulnerabilities (08/11/05)
- [USN-163-1] xpdf vulnerability (08/09/05)
- [USN-162-1] ekg and Gadu library vulnerabilities (08/08/05)
- [USN-161-1] bzip2 utility vulnerability (08/04/05)
- [USN-160-1] Apache 2 vulnerabilities (08/04/05)
- [USN-159-1] unzip vulnerability (08/01/05)
- [USN-158-1] gzip utility vulnerability (08/01/05)
- [USN-157-1] Mozilla Thunderbird vulnerabilities (08/01/05)
Martin Schulze
- [SECURITY] [DSA 792-1] New pstotext packages fix arbitrary command execution (08/31/05)
- [SECURITY] [DSA 791-1] New maildrop packages fix arbitrary group mail command execution (08/30/05)
- [SECURITY] [DSA 790-1] New phpldapadmin packages fix unauthorised access (08/30/05)
- [SECURITY] [DSA 789-1] New PHP 4 packages fix several vulnerabilities (08/29/05)
- [SECURITY] [DSA 788-1] New kismet packages fix arbitrary code execution (08/29/05)
- [SECURITY] [DSA 786-1] New simpleproxy packages fix arbitrary code execution (08/26/05)
- [SECURITY] [DSA 787-1] New backup-manager package fixes several vulnerabilities (08/26/05)
- [SECURITY] [DSA 785-1] New libpam-ldap packages fix authentication bypass (08/25/05)
- [SECURITY] [DSA 784-1] New courier packages fix denial of service (08/25/05)
- [SECURITY] [DSA 783-1] New mysql packages fix insecure temporary file (08/24/05)
- [SECURITY] [DSA 782-1] New bluez-utils packages fix arbitrary command execution (08/23/05)
- [SECURITY] [DSA 781-1] New Mozilla Thunderbird packages fix several vulnerabilities (08/23/05)
- [SECURITY] [DSA 779-1] New Mozilla Firefox packages fix several vulnerabilities (08/20/05)
- [SECURITY] [DSA 778-1] New mantis packages fix several vulnerabilities (08/19/05)
- [SECURITY] [DSA 777-1] New Mozilla packages fix frame injection spoofing vulnerability (08/17/05)
- [SECURITY] [DSA 776-1] New clamav packages fix several problems (08/16/05)
- [SECURITY] [DSA 775-1] New Mozilla packages fix frame injection spoofing vulnerability (08/15/05)
- [SECURITY] [DSA 761-2] New heartbeat packages fix insecure temporary files (08/15/05)
- [SECURITY] [DSA 774-1] New fetchmail packages fix arbitrary code execution (08/12/05)
- [SECURITY] [DSA 773-1] New amd64 packages fix several bugs (08/11/05)
- [SECURITY] [DSA 772-1] New apt-cacher package fixes arbitrary command execution (08/03/05)
- [SECURITY] [DSA 771-1] New pdns packages fix denial of service (08/01/05)
matiteman_at_securityfocus.com,
- Quick 'n Easy FTP Server 3.0 pro / lite (buffer overflow vulnerabilities) (08/02/05)
Matt Mercer
- RE: Tool for Identifying Rogue Linksys Routers (08/25/05)
Matteo Beccati
- [PHPADSNEW-SA-2005-001] phpAdsNew and phpPgAds 2.0.6 fix multiple vulnerabilities (08/17/05)
mattmecham_at_gmail.com
- Re: ipb Css bug(now public) (08/08/05)
max_at_jestsuper.pl
- [SECURITYREASON.COM] Multiple vulnerabilities in PostNuke 0.760-RC4b=>x cXIb8O3.15 (08/22/05)
- [SECURITYREASON.COM] phpAdsNew/phpPgAds 2.0.5 Local file inclusion cXIb8O3.16 (08/17/05)
Michael Boman
- Re: Win32 Port of Nessusd (08/17/05)
Michael Shigorin
- Re: unload event in ie/mozilla/opera (08/26/05)
Michael Sierchio
- Re: Peter Gutmann data deletion theaory? (07/27/05)
Michal Zalewski
- Re: Compromising pictures of Microsoft Internet Explorer! (08/11/05)
Mike Frantzen
- Re: Tool for Identifying Rogue Linksys Routers (08/26/05)
Mike Kershaw
- Re: Tool for Identifying Rogue Linksys Routers (08/27/05)
Moritz Naumann
- Internet Explorer 6 Meta Refresh Parsing Weakness (08/17/05)
msuiche_at_gmail.com
- 249bytes reverse shellcode with "nooil tricks methods" (08/15/05)
N.N.P
- Coldfusion Fusebox V4.1.0 Vulnerability (08/03/05)
Neil McKellar
- Re: tar preserves setuid bit (08/05/05)
nf2
- XSS security hole in phpwebnotes. (08/27/05)
NGSSoftware Insight Security Research
- New Whitepaper - The Pharming Guide (08/24/05)
- High Risk Vulnerability in Novell eDirectory Server (08/11/05)
Nicholas Knight
- Re: ZipTorrent 1.3.7.3 Discloses Proxy Passwords to Local Users (08/27/05)
Nick Boyce
- Re: ZipTorrent 1.3.7.3 Discloses Proxy Passwords to Local Users (08/25/05)
Nicolas Gregoire
- Re: ipb Css bug(now public) (08/08/05)
Niels Bakker
- Re: unload event in ie/mozilla/opera (08/25/05)
nnposter_at_users.sourceforge.net
- Hummingbird FTP Weak Password Encryption (08/14/05)
NoBrain NoPain
- Re: [Full-disclosure] Privilege escalation in Network Associates ePolicy Orchestrator Agent 3.5.0 (patch 3) (08/15/05)
none_at_none.com
- AutoLinks Pro 2.1 (08/28/05)
- Xoops 2.2.1 Full Path Disclosure (08/12/05)
- Comdev eCommerce wce.download.php Download Vulnerability (08/05/05)
- Comdev eCommerce config.php Vulnerability (08/05/05)
nospam_at_airscanner.com
- Remote Password Compromise of Microsoft Active Sync 3.7.1 (08/04/05)
not_at_given.com
- Re: Vulnerability in Helpdesk software Hesk 0.92 (08/30/05)
NSFOCUS Security Team
- NSFOCUS SA2005-02 : Microsoft IE Devenum.dll COM Instantiation Remote Code Execution Vulnerability (08/10/05)
nukemmeister_at_gmail.com
- Quake 2 Lithium Mod V 1.24 Macro Expansion Vuln? (08/25/05)
nummish
- Re: SQL injection in Persianblog (08/17/05)
oliver karow
- Astaro Security Linux 6.0 - HTTP CONNECT Access Localhost Weakness (08/25/05)
os2a.bto_at_gmail.com
- Vulnerability in ePing and eTrace plugins of e107 (08/05/05)
pacifico\
- Multiple CMS/Forum Vulnablilties (08/28/05)
patrick
- Re: Trillian Ver 3.1 saves password's in plain Text (08/05/05)
Patrick Morris
- Re: [NOBYTES.COM: #8] Naxtor Shopping Cart 1.0 - Information Disclosure & Possible SQL Injection (08/03/05)
Patrick Webster
- Apple Safari & Javascript - KERN_INVALID_ADDRESS (0x0001) (08/09/05)
Paul Halliday
- Re: Tool for Identifying Rogue Linksys Routers (08/27/05)
Paul J Docherty
- Portcullis Security Advisory 05-014 HP Openview Remote Command Execution Vulnerability (08/25/05)
Paul Laudanski
- CoolWebSearch found in massive spyware ring (08/10/05)
Peter Valchev
- mutt buffer overflow (08/18/05)
phrackstaff_at_phrack.org
- FINAL Phrack Magazine release #63 is OUT (08/02/05)
phuket
- SQL Injection and PHP Code Injection Vulnerabilities in PHPKit 1.6.1 (08/22/05)
- My Bulletin Board RC 4 Vulnerabilities (08/12/05)
planz 235
- Cisco IOS Shellcode - McAfee IPS Protection (08/04/05)
please_reply_to_security_at_sco.com
- UnixWare 7.1.4 UnixWare 7.1.3 : cpio race condition and directory traversal issues fixed. (08/18/05)
poizon_at_securityinfo.ru
- XSS in GreyMatter blog (08/31/05)
Reed Arvin
- Re: [Full-disclosure] Privilege escalation in Network Associates ePolicy Orchestrator Agent 3.5.0 (patch 3) (08/15/05)
- Privilege escalation in Linksys WLAN Monitor v2.0 (08/12/05)
- Privilege escalation in Network Associates ePolicy Orchestrator Agent 3.5.0 (patch 3) (08/11/05)
- Buffer overflow in BusinessMail email server system 4.60.00 (08/01/05)
release_at_redteam-pentesting.de
- Advisory: iTAN not as secure as claimed (08/25/05)
retrogod_at_aliceposta.it
- Simple Machine Forum 1-0-5 (possibly prior versions) user IP address / information disclosure (08/31/05)
- Flatnuke 2.5.6 (possibly prior versions) Underlying system information disclosure / Administrative & users credentials disclosure (08/30/05)
- phpLDAPadmin 0.9.6 - 0.9.7/alpha5 (possibly prior versions) system disclosure, (08/29/05)
- Looking Glass v20040427 arbitrary commands execution / cross site scripting (08/27/05)
- DevC++ V.4.9.9.2 NULL BYTE INSERTION / OBFUSCATION FLAW (by rgod) (08/18/05)
- Zorum 3.5 remote code execution poc exploit (08/18/05)
- FunkBoard V0.66CF (possibly prior versions) cross site scripting, possible database username/password disclosure & board takeover,possible remote code execution (08/08/05)
- Gravity Board X v1.1 multiple vulnerabilities (08/07/05)
- FlatNuke 2.5.5 (possibly prior versions) remote commands execution / cross site scripting / path disclosure (by rgod) (08/05/05)
- Silvernews 2.0.3 (possibly previous versions ) SQL Injection / Login Bypass / Remote commands execution / cross site scripting (08/03/05)
retrogod_at_liceposta.it
- BBCaffe 2.0 cross site scripting poc (08/18/05)
Richard Clayton
- Re: [BugTraq] Peter Gutmann data deletion theaory? (07/28/05)
riklaunim_at_gmail.com
- FUD Forum < 2.7.1 PHP code injection vurnelability (08/28/05)
Robert Thompson Jr.
- RE: Serious flaw in Linksys wireless AP password security (08/16/05)
- RE: Serious flaw in Linksys wireless AP password security (08/16/05)
Roman Medina-Heigl Hernandez
- MS05_039 Exploitation (different languages) (08/25/05)
Roy Hills
- Juniper Netscreen VPN Username Enumeration Vulnerability (08/18/05)
s2b_at_hotmail.com
- Vulnerability in Helpdesk software Hesk 0.92 (08/29/05)
- Vul in MyBB (08/19/05)
Sacha Faust
- RE: Remote IIS 5.x and IIS 6.0 Server Name Spoof (08/24/05)
saintlinu_at_null2root.org
- Nate User Password Disclosed By Anonymous (08/05/05)
Scott Dewey
- Simple PHP Blog File Upload and User Credentials Exposure Vulnerabilities (08/26/05)
Scott Werndorfer
- Re: TRILLIANSUGGESTION: passwords in cache=20 =20 (01/01/70)
Sean Comeau
- Re: tar preserves setuid bit (08/06/05)
sec-list_at_nolog.org
- Re: [Full-disclosure] Privilege escalation in Network Associates ePolicy Orchestrator Agent 3.5.0 (patch 3) (08/15/05)
Secunia Research
- Secunia Research: SqWebMail HTML Emails Script Insertion Vulnerability (08/29/05)
- Secunia Research: HAURI Anti-Virus ACE Archive Handling Buffer Overflow (08/24/05)
- Secunia Research: SqWebMail Attached File Script Insertion Vulnerability (08/24/05)
- Secunia Research: HAURI Anti-Virus Compressed Archive Directory Traversal (08/19/05)
Secure Science Corporation Bugtraq
- Re: [DCC SPAM] Defeating Citi-Bank Virtual Keyboard Protection (08/08/05)
secure_at_symantec.com
- BID 14355, VERITAS NetBackup 5.1 Time Stamp Vulnerability (08/09/05)
Security Alert
- [security bulletin] SSRT5957 rev.0 - HP Tru64 UNIX IPSEC Tunnel ESP Mode Remote Unauthorized Disclosure of Encrypted Data (08/10/05)
security curmudgeon
- Re: SQL IN Open Bulletin Board (08/10/05)
- Re: Kent's Guestbook database exploit (08/06/05)
- Re: uguestbook exploit (08/05/05)
- Re: Zone Alarm Security Contact (08/04/05)
- Re: Trillian Ver 3.1 saves password's in plain Text (08/02/05)
Security Lists
- runcms highlight.php hole (08/18/05)
security-alert_at_hp.com
- [security bulletin] SSRT051003 rev.0 - HP-UX Java Web Start remote unauthorized privileged access (08/30/05)
- [security bulletin] SSRT051004 rev.0 - HP-UX Java Runtime Environment (JRE) Untrusted Applet Elevates Privilege (08/30/05)
- [security bulletin] SSRT5998 rev.1 - HP System Management Homepage (v2.0.x) Denial of Service (DoS) and XSS (08/10/05)
- [security bulletin] SSRT051005 rev.0 - HP ProLiant DL585 Servers Unauthorized Remote Access (08/10/05)
- [security bulletin] SSRT5940 rev.1 - HP-UX Mozilla remote, unauthorized user may execute privileged code (08/09/05)
- [security bulletin] SSRT4682 rev.0 - Oracle for Openview (OfO) Critical Patch Update July 2005 (08/03/05)
- [security bulletin] SSRT5998 Rev.0 HP System Management Homepage (v2.0.x) Denial of Service (DoS) & XSS (08/03/05)
- [security bulletin] SSRT5931 rev.1 Apache on HP-UX Remote Denial of Service and client restriction bypass (08/01/05)
Shalom Carmel
- IBM Lotus Notes multiple disclosures of password hashes (08/20/05)
Shwaine
- Re: On classifying attacks (08/03/05)
sitic_at_pts.se
- Evolution multiple remote format string bugs (08/10/05)
skulls_phantoms_1_at_securityfocus.com
- Re: ELM < 2.5.8 Remote Exploit POC (08/23/05)
sl0ppy_at_hush.ai
- Windows 2000 universal exploit for MS05-039 (08/12/05)
slacker4ever_1_at_juno.com
- PHP-Fusion <= v6.00.107 XSS exploit (08/29/05)
Sowhat .
- BNBT EasyTracker Remote Denial of Service Vulnerability (08/30/05)
- LeapFTP .lsq Buffer Overflow Vulnerability (08/24/05)
Stefan Cornelius
- [ GLSA 200508-17 ] libpcre: Heap integer overflow (08/25/05)
- [ GLSA 200508-12 ] Evolution: Format string vulnerabilities (08/26/05)
- [ GLSA 200507-29 ] pstotext: Remote execution of arbitrary code (07/31/05)
Stefan Esser
- Advisory 14/2005: PEAR XML_RPC Remote PHP Code Injection Vulnerability (08/15/05)
- Advisory 15/2005: PHPXMLRPC Remote PHP Code Injection Vulnerability (08/15/05)
Stefan Kelm
- Re: unload event in ie/mozilla/opera (08/25/05)
Stephen C Woods
- Re: Zip 2,31 bad default file-permissions vulnerability (08/05/05)
Steve Friedl
- An Illustrated Guide to IPSec (08/25/05)
Steve Scherf
- Re: Serious flaw in Linksys wireless AP password security (08/16/05)
- Serious flaw in Linksys wireless AP password security (08/14/05)
- Serious flaw in Linksys wireless AP password security (08/15/05)
Steven M. Christey
- Re: SQL IN PortailPHP (08/07/05)
- Re: ClamAV Multiple Rem0te Buffer Overflows (08/03/05)
steven_at_lovebug.org
- Re: Coldfusion Fusebox V4.1.0 Vulnerability (08/04/05)
stormhacker_at_hotmail.com
- XSS in forums CFBB v1.1.0 (08/05/05)
Sune Kloppenborg Jeppesen
- [ GLSA 200508-21 ] phpWebSite: Arbitrary command execution through XML-RPC and SQL injection (08/31/05)
- [ GLSA 200508-22 ] pam_ldap: Authentication bypass vulnerability (08/31/05)
- [ GLSA 200508-16 ] Tor: Information disclosure (08/25/05)
- [ GLSA 200508-15 ] Apache 2.0: Denial of Service vulnerability (08/25/05)
- [ GLSA 200508-10 ] Kismet: Multiple vulnerabilities (08/19/05)
- [ GLSA 200508-09 ] bluez-utils: Bluetooth device name validation vulnerability (08/17/05)
- [ GLSA 200508-08 ] Xpdf, Kpdf, GPdf: Denial of Service vulnerability (08/16/05)
- [ GLSA 200508-07 ] AWStats: Arbitrary code execution using malicious Referrer information (08/16/05)
- [ GLSA 200508-06 ] Gaim: Remote execution of arbitrary code (08/15/05)
- [ GLSA 200508-05 ] Heartbeat: Insecure temporary file creation (08/07/05)
- [ GLSA 200508-02 ] ProFTPD: Format string vulnerabilities (08/01/05)
- [ GLSA 200508-01 ] Compress::Zlib: Buffer overflow (08/01/05)
Suramya Tomar
- Re: Trillian Ver 3.1 saves password's in plain Text (08/06/05)
- Re: Trillian Ver 3.1 saves password's in plain Text (08/01/05)
Suresec Advisories
- [ Suresec Advisories ] - Several MacOS X vulnerabilities (08/22/05)
svt_at_svt.nukleon.us
- [SVadvisory#13] - SQL injection in MYFAQ 1.0 (08/07/05)
- [SVadvisory] - SQL injection in OpenBook 1.2.2 (07/30/05)
sylvain.roger_at_solucom.fr
- Vulnerability in Trendmicro Officescan (07/28/05)
Tacettin Karadeniz
- JaguarControl Activex Buffer Overflow (08/13/05)
Team SHATTER
- [AppSecInc Advisory MYSQL05-V0003] Multiple Issues with MySQL User Defined Functions (08/09/05)
- [AppSecInc Advisory MYSQL05-V0001] Improper Filtering of Directory Traversal Characters in MySQL User Defined Functions (08/09/05)
- [AppSecInc Advisory MYSQL05-V0002] Buffer Overflow in MySQL User Defined Functions (08/09/05)
Technica Forensis
- Re: Trillian Ver 3.1 saves password's in plain Text (08/03/05)
- Re: Trillian Ver 3.1 saves password's in plain Text (08/03/05)
thegreatone2176_at_yahoo.com
- ChurchInfo Multiple Vulnerabilities (08/01/05)
Thierry Carrez
- [ GLSA 200508-20 ] phpGroupWare: Multiple vulnerabilities (08/30/05)
- [ GLSA 200508-19 ] lm_sensors: Insecure temporary file creation (08/30/05)
- [ GLSA 200508-18 ] PhpWiki: Arbitrary command execution through XML-RPC (08/26/05)
- [ GLSA 200508-14 ] TikiWiki, eGroupWare: Arbitrary command execution through XML-RPC (08/24/05)
- [ GLSA 200508-13 ] PEAR XML-RPC, phpxmlrpc: New PHP script injection vulnerability (08/24/05)
- [ GLSA 200508-11 ] Adobe Reader: Buffer Overflow (08/19/05)
- [ GLSA 200508-04 ] Netpbm: Arbitrary code execution in pstopnm (08/05/05)
- Re: On classifying attacks (08/02/05)
- [ GLSA 200508-03 ] nbSMTP: Format string vulnerability (08/02/05)
- [ GLSA 200507-28 ] AMD64 x86 emulation base libraries: Buffer overflow (07/30/05)
Thomas Guyot-Sionnest
- RE: Tool for Identifying Rogue Linksys Routers (08/25/05)
Thomas Kr�ger
- Re: Vulnerability in Helpdesk software Hesk 0.92 (08/30/05)
Thor Larholm
- RE: Vulnerability found in CPAINT Ajax Toolkit (08/16/05)
Tim Brown
- Low security hole affecting Mentor's ADSLFR4II router (08/13/05)
Tim Nelson
- RE: On classifying attacks (08/02/05)
Tobias Boonstoppel
- Re: unload event in ie/mozilla/opera (08/25/05)
- unload event in ie/mozilla/opera (08/23/05)
Tom Stracener
- Win32 Port of Nessusd (08/16/05)
Tony Rall
- Re: Tool for Identifying Rogue Linksys Routers (08/27/05)
Trustix Security Advisor
- TSLSA-2005-0040 - multi (08/05/05)
- TSLSA-2005-0038 - multi (08/01/05)
tsl_at_securityfocus.com,
- Silvernews 2.0.3 remote command execution exploit, proxy server support! (08/05/05)
Uwe Hermann
- [DRUPAL-SA-2005-004] Drupal 4.6.3 / 4.5.5 fixes critical XML-RPC issue (08/15/05)
ViPeR
- Indiatimes Messenger 6.0 Buffer Overflow (Remote) (08/31/05)
- MSN Messenger Password Decrypter for WinXP/2003 (08/17/05)
virusishacker_at_gmail.com
- ipb Css bug(now public) (08/05/05)
Volker Tanger
- Re: Tool for Identifying Rogue Linksys Routers (08/27/05)
W7ED_at_HOTMAIL.COM
- Member.php SQL Injection in MyBB (08/28/05)
wibble_at_wobble.securityfocus.com
- Re: Beehive Forum Multiple Vulnerabilities (08/24/05)
wiley14_at_gmail.com
- Vulnerability found in CPAINT Ajax Toolkit (08/15/05)
Williams, James K
- 32919 - Computer Associates Message Queuing (CAM/CAFT) multiple vulnerabilities (08/22/05)
- RE: CAID 33239 - Computer Associates BrightStor ARCserve/Enterprise Backup Agents buffer overflow vulnerability (08/06/05)
- CAID 33239 - Computer Associates BrightStor ARCserve/Enterprise Backup Agents buffer overflow vulnerability (08/02/05)
y3dips_at_echo.or.id
- PunBB BBCode IMG Tag Script Injection Vulnerability (08/29/05)
zinho_at_hackerscenter.com
- [HSC Security Group] Multiple XSS in phpopenchat 3.0.2 (08/05/05)
ziot_at_whataboutpp.com
- PHPList Vunerability (08/01/05)
Zow
- Re: Sensitive Information Disclosure Vulnerability in Kinetics Kiosk Product (08/19/05)

Last message date: 08/31/05
Archived on: 08/31/05 CEST

444 messages sorted by: [ date ] [ thread ] [ subject ] [ attachment ]

SecurityFocus BugtraqBy Author

SecurityFocus Bugtraq
By Author