SecurityFocus Bugtraq
By Author

358 messages sorted by: [ date ] [ thread ] [ subject ] [ attachment ]

Starting: 09/01/05
Ending: 09/30/05

3APA3A
- Re: Airscanner Mobile Security Advisory #05082201: File Transfer Anywhere v3.01 Local Server Password Disclosure (09/16/05)
- Mozilla / Mozilla Firefox authentication weakness (09/14/05)
4Degrees_at_46and2.com
- [NewAngels Advisory] aMember Pro 2.3.X - Remote File Include Vulnerability (09/05/05)
A. Ramos
- Nokia 7610, 3210 denial of service in OBEX. (09/26/05)
acidemon_at_gmail.com
- Platinum Secure smartcard security bypass (09/22/05)
Adam Laurie
- Announce: Bluetooth mailing list - Bluetraq (09/30/05)
admin_at_hyperconx.com
- XSS Vulnerability in MIVA Merchant 5 - Includes Fix (09/14/05)
ak_at_red-database-security.com
- Oracle Reports: Generic SQL Injection Vulnerability via Lexical References (09/14/05)
Alan Monaghan
- Antigen 8.0 for Exchange/SMTP Rule Vulnerability (09/19/05)
Alejandro Barrera
- Re: [Full-disclosure] (TOOL) TAPiON (Polymorphic Decryptor Generator) Engine (09/09/05)
- Re[2]: [Full-disclosure] (TOOL) TAPiON (Polymorphic Decryptor Generator) Engine (09/09/05)
alexsrb_at_netsite.com
- Online Dating Software by AEwebworks - aeDating Script <= 4.0 Version Vulnerability (09/15/05)
alireza hassani
- SQL injection & XSS in phpoutsourcing Noah's classifieds (09/14/05)
Amit Klein (AKsecurity)
- Re: "Exploiting the XmlHttpRequest object in IE" - paper by Amit Klein (09/28/05)
- "Exploiting the XmlHttpRequest object in IE" - paper by Amit Klein (09/24/05)
- HTTP Request Smuggling - ERRATA (the IIS 48K buffer phenomenon) (09/22/05)
Amon Ott
- Announce: RSBAC v1.2.5 released (09/27/05)
Andrea Di Pasquale
- Anti Arp Poisoning Daemon (OpenAAPD) PS: Link corrected (09/14/05)
Andreas Beck
- Update: Realchat user impersonation - BSA 200506110001 (09/04/05)
Andrei Mikhailovsky
- Re: [Full-disclosure] Cisco IOS hacked? (09/19/05)
angelo_at_rosiello.org
- FreeBSD GNU Mailutils 0.6 imap4d exploit (09/26/05)
anonymous_at_anonymous.com
- Re: "Exploiting the XmlHttpRequest object in IE" - paper by Amit Klein (09/27/05)
Ansgar -59cobalt- Wiechers
- Re: anti Windows XP SP2 firewall trick (09/08/05)
- Re: Microsoft Windows keybd_event validation vulnerability (09/07/05)
Berend-Jan Wever
- FireFox exploit updated (09/22/05)
bhfh_at_walla.com
- PHP-Nuke (09/05/05)
Boren, Rich (HP SSRT)
- [security bulletin] SSRT051005 rev.1 - HP ProLiant DL585 Servers Unauthorized Remote Access (09/01/05)
Brett Moore
- WebArchiveX - Unsafe Methods Vulnerability (09/07/05)
Brion Vibber
- Re: [Full-disclosure] [scip_Advisory 1746] Microsoft Internet Explorer 6.0 embedded content cross site scripting (09/22/05)
bugtraq_at_morph3us.org
- [BuHa-Security] Multiple vulnerabilities in (admincp/modcp of) vBulletin 3.0.7 (09/20/05)
- [BuHa-Security] Multiple vulnerabilities in (admincp/modcp of) vBulletin 3.0.8/9 (09/18/05)
c0d3r_at_ihsteam.com
- mercury imap4 remote BOF exploit ( IHSTeam ) (09/20/05)
c0ntexb_at_gmail.com
- RealPlayer && HelixPlayer Remote Format String Exploit (09/26/05)
Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco IOS Firewall Authentication Proxy for FTP and Telnet Sessions Buffer Overflow (09/07/05)
ciscoioshehehe
- Cisco IOS hacked? (09/19/05)
cocoruder_at_163.com
- DriverStudio Remote Control Authentication Bypass Vulnerability (09/15/05)
codepimps_at_boiteam.net
- CodePimps e-zine #0x07 was released (09/02/05)
Colin
- Re: Vulnerability in Symantec Anti Virus Corporate Edition v9.x (09/01/05)
conor.e.buckley_at_gmail.com
- Land Down Under 'events.php' Cross Site Scripting Vulnerability (09/05/05)
contact_at_airscanner.com
- Airscanner Mobile Security Advisory #05082201: File Transfer Anywhere v3.01 Local Server Password Disclosure (09/14/05)
- Airscanner Mobile Security Advisory #05081102: vxFtpSrv 0.9.7 Remote Code Execution Buffer Overflow Vulnerability (09/15/05)
- Airscanner Mobile Security Advisory #05081101: vxWeb v.1.1.4 Denial of Service Vulnerability (09/15/05)
- Airscanner Mobile Security Advisory #05081203: vxTftpSrv 1.7.0 Remote Code Execution Buffer Overflow Vulnerability (09/15/05)
Craig Kennedy
- RE: Ariba password exposure vulnerability (09/01/05)
Crist J. Clark
- Re: [ISR] - Novell GroupWise Client Integer Overflow (09/27/05)
crusoe_at_alexandria.cc
- anti Windows XP SP2 firewall trick (09/07/05)
cwh01_at_www78.dixiesys.com
- Re: AWstats Path Disclosure Vulnerability (09/15/05)
Dafydd Stuttard
- Whitepaper - Writing small shellcode (09/19/05)
Daniel Bonekeeper
- Re: PHP Nuke <= 7.8 Multiple SQL Injections (09/17/05)
Daniel Veditz
- Re: [Full-disclosure] Mozilla / Mozilla Firefox authentication weakness (09/14/05)
darkangel.stt_at_gmail.com
- Re: Re: Serious Security issue with broken - Microsoft's .Net XML Serialization API (09/14/05)
David N Murray
- Re: PHP SESSION MODIFICATION (09/16/05)
David Watson
- util-linux: unintentional grant of privileges by umount (09/12/05)
Debasis Mohanty
- Bypassing Personal Firewall (Zone Alarm Pro) Using DDE-IPC (09/28/05)
Denis Jedig
- Re: PocketPC exploitation (09/30/05)
devnull_at_Rodents.Montreal.QC.CA
- Re: secure client-side platform (09/01/05)
Dirk Mueller
- [KDE Security Advisory] kcheckpass local root vulnerability (09/05/05)
Dragos Ruiu
- PacSec 05 (09/26/05)
enji_at_infosys.tuwien.ac.at
- Serendipity: Account Hijacking / CSRF Vulnerability (09/29/05)
Eric Romang / ZATAZ.com
- bacula insecure temporary file creation (09/20/05)
- silc server and toolkit insecure temporary file creation (09/01/05)
evaders99_at_gmail.com
- Re: PHP Nuke <= 7.8 Multiple SQL Injections (09/14/05)
exoduks_at_securityfocus.com,
- Re: [NOBYTES.COM: #11] MidiCart ASP Shopping Cart, Evaluation Version 7 & Standard & Pro - Multiple Vulnerabilities (09/07/05)
Ferguson, Justin (IARC)
- RE: [Snort-devel] Re: [Snort-users] Snort DoS Fallacies (09/14/05)
Fernando Gont
- Revised paper on "ICMP attacks against TCP" (09/05/05)
fitz
- Rule bypassing in CheckPoint NGX R60 (09/07/05)
Fournaux
- Re: AWstats Path Disclosure Vulnerability (09/15/05)
Francisco Amato
- [ISR] - Novell GroupWise Client Integer Overflow (09/27/05)
Francois Harvey
- [SecuriWeb.2005.1] - Barracuda SPAM firewall advisory (09/01/05)
Frederic Charpentier
- Microsoft Windows keybd_event validation vulnerability (09/06/05)
FreeBSD Security Advisories
- FreeBSD Security Advisory FreeBSD-SA-05:20.cvsbug [REVISED] (09/09/05)
- FreeBSD Security Advisory FreeBSD-SA-05:20.cvsbug (09/07/05)
fRoGGz_at_securityfocus.com
- KillProcess 2.20 and priors "FileDescription" Local Buffer Overflow Issue (09/09/05)
- KillProcess 2.20 and priors "FileDescription" Local Buffer Overflow Issue (09/09/05)
Gadi Evron
- Rita Scams Call to Arms - Update (09/23/05)
- router worms and International Infrastructure [was: Re: IOS exploit] (09/19/05)
galacticjello_at_eforu.com
- Re: Microsoft Windows keybd_event validation vulnerability (09/07/05)
garaged
- Re: CMS Made Simple <= 0.10 - PHP injection (09/06/05)
gerald626_at_gmail.com
- re: Ariba Spend Management System (09/01/05)
- Ariba password exposure vulnerability (08/31/05)
ghc_at_ghc.ru
- SEO borad: SQL injection (09/27/05)
Giorgio Zoppi
- @System Security Conference (09/18/05)
gp32boy_at_hotmail.com
- (Annex A) ADSL Road Runner Exploit Description & Theory (09/02/05)
gustavog_at_grupoitpro.com.ar
- Citrix Metaframe Presentation Server bypassing policies (09/30/05)
h4cky0u_at_gmail.com
- Alstrasoft Epay Pro 2.0 and prior Directory Traversal Vulnerability (09/18/05)
- Alstrasoft Epay Pro 2.0 and prior Directory Traversal Vulnerability (09/19/05)
- Subscribe Me Pro 2.044.09P and prior Directory Traversal Vulnerability (09/13/05)
hackology_at_gmail.com
- Character Manipulation in Online Systems. (09/15/05)
hans
- Re: PHP Nuke <= 7.8 Multiple SQL Injections (09/17/05)
hodejo1_at_aol.com
- Re: Paper - How It's Difficult to Ruin a Good Name: An Analysis of Reputational Risk (09/21/05)
iDEFENSE Labs
- iDEFENSE Security Advisory 09.30.05: RealNetworks RealPlayer/HelixPlayer RealPix Format String Vulnerability (09/30/05)
- iDEFENSE Security Advisory 09.13.05: Linksys WRT54G Router Remote Administration apply.cgi Buffer Overflow Vulnerability (09/13/05)
- iDEFENSE Security Advisory 09.13.05: Linksys WRT54G 'upgrade.cgi' Firmware Upload Design Error Vulnerability (09/13/05)
- iDEFENSE Security Advisory 09.13.05: Linksys WRT54G Management Interface DoS Vulnerability (09/13/05)
- iDEFENSE Security Advisory 09.13.05: Linksys WRT54G 'restore.cgi' Configuration Modification Design Error Vulnerability (09/13/05)
- iDEFENSE Security Advisory 09.13.05: Linksys WRT54G Router Remote Administration Fixed Encryption Key Vulnerability (09/13/05)
- iDEFENSE Security Advisory 09.09.05: GNU Mailutils 0.6 imap4d 'search' Format String Vulnerability (09/09/05)
- iDEFENSE Security Advisory 09.01.05: Novell NetMail IMAPD Command Continuation Request Heap Overflow (09/01/05)
- iDEFENSE Security Advisory 09.01.05: 3Com Network Supervisor Directory Traversal Vulnerability (09/01/05)
Ill will
- [Full-disclosure] killbits? should have named them kibbles and bits (09/19/05)
inge.henriksen_at_booleansoft.com
- IIS 5.1 allows for remote viewing of source code on FAT/FAT32 volumes using WebDAV (09/04/05)
innate_at_gmx.de
- worring about YaST in SuSE 9.3 and maybe lower (09/16/05)
James C Slora Jr
- RE: Vulnerability in Symantec Anti Virus Corporate Edition v9.x (09/01/05)
Jeff Moss
- Upcoming Black Hat events announcement (09/21/05)
Jerome Athias
- Re: [Full-disclosure] Microsoft Windows keybd_event validation vulnerability (09/06/05)
Joel Maslak
- Re: PocketPC exploitation (09/30/05)
joey_at_infodrom.org
- [SECURITY] [DSA 817-1] New python2.2 packages fix arbitrary code execution (09/22/05)
John Cobb
- [NOBYTES.COM: #11] MidiCart ASP Shopping Cart, Evaluation Version 7 & Standard & Pro - Multiple Vulnerabilities (09/03/05)
Jonathan Rockway
- Possible memory corruption problems in Apple Safari (09/17/05)
Jose Morales
- Re: PocketPC exploitation (09/28/05)
- PocketPC exploitation (09/21/05)
Josh Zlatin-Amishav
- 404 error XSS (09/14/05)
Joxean Guay del Paraguay
- Mantis Bugtracker - Remote Database Scanner and XSS Vulnerabilities (09/26/05)
Juha-Matti Laurio
- Re: [Full-disclosure] FireFox Host: Buffer Overflow is not just exploitable on FireFox (09/16/05)
- RE: [Full-disclosure] FireFox Host: Buffer Overflow is not justexploitable on FireFox (09/16/05)
- FF IDN buffer overflow workaround works in Netscape too (09/16/05)
- Re: [Full-disclosure] Mozilla / Mozilla Firefox authentication weakness (09/15/05)
Keith Oxenrider
- Re: secure client-side platform (09/01/05)
Kenneth F. Belva
- Is the Bottom Line Impacted by Security Breaches? (09/28/05)
- Paper - How It's Difficult to Ruin a Good Name: An Analysis of Reputational Risk (09/21/05)
KF (lists)
- Hijacking Bluetooth Headsets for Fun and Profit? (09/23/05)
khc_at_bsdmail.org
- AlstraSoft E-Friends Remote Command Exucetion (09/24/05)
krasza_at_gmail.com
- Sql injection in jPortal version 2.3.1 (module download) (09/23/05)
kreon
- Re: Serendipity: Account Hijacking / CSRF Vulnerability (09/29/05)
layne_at_elsenot.com
- ElseNot project (09/26/05)
liudieyu_at_umbrella.name
- Re: secure client-side platform (09/01/05)
Ludwig Nussel
- SUSE Security Announcement: evolution (SUSE-SA:2005:054) (09/16/05)
Luigi Auriemma
- Buffer-overflow and directory traversal bugs in Virtools Web Player 3.0.0.100 (09/30/05)
- Server crash and motd deletion in MultiTheftAuto 0.5 patch 1 (09/25/05)
- Re: FileZilla weakly-encrypted password vulnerability (09/04/05)
m123303_at_securityfocus.com,
- FileZilla weakly-encrypted password vulnerability: advisory + PoC (09/02/05)
MacIntyre, Lawrence Paul
- RE: FileZilla weakly-encrypted password vulnerability: advisory + PoC (09/07/05)
Mandriva Security Team
- MDKSA-2005:169 - Updated mozilla-firefox packages fix multiple vulnerabilities (09/27/05)
- MDKSA-2005:170 - Updated mozilla packages fix multiple vulnerabilities (09/27/05)
- MDKSA-2005:167 - Updated util-linux packages fix umount vulnerability (09/21/05)
- MDKSA-2005:166 - Updated clamv packages fix vulnerabilities (09/21/05)
- MDKSA-2005:168 - Updated masqmail packages fix vulnerabilities (09/21/05)
- MDKSA-2005:138-1 - Updated cups packages fix vulnerability (09/20/05)
- MDKSA-2005:165 - Updated cups packages fix vulnerability (09/20/05)
- MDKSA-2005:164 - Updated XFree86/x.org packages fix vulnerability (09/14/05)
- MDKSA-2005:163 - Updated MySQL packages fix vulnerability (09/13/05)
- MDKSA-2005:162 - Updated squid packages fix vulnerabilities (09/13/05)
- MDKSA-2005:161 - Updated apache2 packages to address multiple vulnerabilities (09/08/05)
- MDKSA-2005:156 - Updated ntp packages fix small security-related issue. (09/07/05)
- MDKSA-2005:157 - Updated smb4k packages fix vulnerabilities (09/07/05)
- MDKSA-2005:158 - Updated mplayer packages fix vulnerabilities (09/07/05)
- MDKSA-2005:159 - Updated kdeedu packages fix tempfile vulnerability (09/07/05)
- MDKSA-2005:160 - Updated kdebase packages fix potential local root vulnerability (09/07/05)
Marc Deslauriers
- [FLSA-2005:152919] Updated grip package fixes security issue (09/16/05)
- [FLSA-2005:163274] Updated CUPS packages fix security issue (09/15/05)
- [FLSA-2005:163047] Updated squirrelmail package fixes security issues (09/15/05)
- [FLSA-2005:162680] Updated Zlib packagea fix security issues (09/15/05)
- [FLSA-2005:160202] Updated mozilla packages fix security issues (09/15/05)
Marc Ruef
- [scip_Advisory 1746] Microsoft Internet Explorer 6.0 embedded content cross site scripting (09/22/05)
Marcus Meissner
- Re: worring about YaST in SuSE 9.3 and maybe lower (09/16/05)
- SUSE Security Announcement: php4, php5 remote code execution (SUSE-SA:2005:051) (09/05/05)
- SUSE Security Announcement: kernel multiple security problems (SUSE-SA:2005:050) (09/01/05)
Mariano Nu�ez Di Croce
- CYBSEC - Multiple Vendor Web Vulnerability Scanner Arbitrary Script Injection Vulnerability (09/01/05)
Mark D. Roth
- Security Flaw in pam_per_user Module (09/12/05)
Mark Senior
- RE: FileZilla weakly-encrypted password vulnerability: advisory + PoC (09/07/05)
- RE: Re: secure client-side platform (09/01/05)
Mark Terry
- Sawmill XSS vuln (09/12/05)
Martin Pitt
- [USN-192-1] Squid vulnerability (09/30/05)
- [USN-191-1] unzip vulnerability (09/29/05)
- [USN-190-1] SNMP vulnerability (09/29/05)
- [USN-189-1] cpio vulnerabilities (09/29/05)
- [USN-188-1] AbiWord vulnerability (09/29/05)
- [USN-187-1] Linux kernel vulnerabilities (09/25/05)
- [USN-186-2] Ubuntu 4.10 packages for USN-186-1 Firefox security update (09/25/05)
- [USN-186-1] Mozilla and Firefox vulnerabilities (09/23/05)
- [USN-185-1] CUPS vulnerability (09/20/05)
- [USN-184-1] umount vulnerability (09/19/05)
- Re: AWstats Path Disclosure Vulnerability (09/15/05)
- [USN-181-1] Mozilla products vulnerability (09/12/05)
- [USN-83-2] LessTif 1 vulnerabilities (09/12/05)
- [USN-179-1] openssl weak default configuration (09/09/05)
- [USN-178-1] Linux kernel vulnerabilities (09/09/05)
- [USN-176-1] kcheckpass vulnerability (09/07/05)
- [USN-177-1] Apache 2 vulnerabilities (09/07/05)
- USN-160-2: Apache vulnerability (09/07/05)
- [USN-145-2] wget bug fix (09/06/05)
- [USN-173-4] PCRE vulnerabilities (08/31/05)
Martin Roesch
- Re: [Snort-users] Snort DoS Fallacies (09/13/05)
Martin Schulze
- [SECURITY] [DSA 831-1] New mysql-dfsg packages fix arbitrary code execution (09/30/05)
- [SECURITY] [DSA 830-1] New ntlmaps packages fix information leak (09/30/05)
- [SECURITY] [DSA 832-1] New gopher packages fix several buffer overflows (09/30/05)
- [SECURITY] [DSA 822-1] New gtkdiskfree packages fix insecure temporary file (09/29/05)
- [SECURITY] [DSA 825-1] New loop-aes-utils packages fix privilege escalation (09/29/05)
- [SECURITY] [DSA 823-1] New util-linux packages fix privilege escalation (09/29/05)
- [SECURITY] [DSA 824-1] New ClamAV packages fix denial of service (09/29/05)
- [SECURITY] [DSA 821-1] New python2.3 packages fix arbitrary code execution (09/28/05)
- [SECURITY] [DSA 820-1] New courier packages fix cross-site scripting (09/24/05)
- [SECURITY] [DSA 819-1] New python2.1 packages fix arbitrary code execution (09/23/05)
- [SECURITY] [DSA 817-1] New python2.2 packages fix arbitrary code execution (09/22/05)
- [SECURITY] [DSA 818-1] New kdeedu packages fix insecure temporary files (09/22/05)
- Debian Security Host Bandwidth Saturation (09/20/05)
- [SECURITY] [DSA 815-1] New kdebase packages fix local root vulnerability (09/16/05)
- [SECURITY] [DSA 811-1] New common-lisp-controller packages fix arbitrary code injection (09/14/05)
- [SECURITY] [DSA 812-1] New turqstat packages fix buffer overflow (09/15/05)
- [SECURITY] [DSA 813-1] New centericq packages fix several vulnerabilities (09/15/05)
- [SECURITY] [DSA 814-1] New lm-sensors packages fix insecure temporary file (09/15/05)
- [SECURITY] [DSA 809-1] New squid packages fix several vulnerabilities (09/13/05)
- [SECURITY] [DSA 810-1] New Mozilla packages fix several vulnerabilities (09/13/05)
- [SECURITY] [DSA 808-1] New tdiary packages fix Cross Site Request Forgery (09/12/05)
- [SECURITY] [DSA 807-1] New mod_ssl packages fix acl restriction bypass (09/12/05)
- [SECURITY] [DSA 806-1] New cvs packages fix insecure temporary files (09/09/05)
- [SECURITY] [DSA 805-1] New Apache2 packages fix several vulnerabilities (09/08/05)
- [SECURITY] [DSA 804-1] New kdelibs packages fix backup file information leak (09/08/05)
- [SECURITY] [DSA 803-1] New Apache packages fix HTTP request smuggling (09/08/05)
- [SECURITY] [DSA 802-1] New cvs packages fix insecure temporary files (09/07/05)
- [SECURITY] [DSA 801-1] New ntp packages fix group id confusion (09/05/05)
- [SECURITY] [DSA 798-1] New phproupware packages fix several vulnerabilities (09/02/05)
- [SECURITY] [DSA 800-1] New pcre3 packages fix arbitrary code execution (09/02/05)
- [SECURITY] [DSA 794-1] New polygen packages fix denial of service (09/01/05)
- [SECURITY] [DSA 779-2] New Mozilla Firefox packages fix several vulnerabilities (09/01/05)
- [SECURITY] [DSA 793-1] New sqwebmail packages fix cross-site scripting (09/01/05)
martin_at_kusala.net
- RE: router worms and International Infrastructure [was: Re: IOS exploit] (09/22/05)
Matthias Jim Knopf
- Re: PHP Nuke <= 7.8 Multiple SQL Injections (09/16/05)
maxim_at_secureol.com
- Vulnerability In SecureOL VE2 v1.05.1008 (09/07/05)
medhead_at_flagmandesign.com
- Re: FileZilla weakly-encrypted password vulnerability: advisory + PoC (09/04/05)
Michael Shigorin
- AV == parasites? (was: PocketPC exploitation) (09/29/05)
Michael Stone
- [SECURITY] [DSA 826-1] New helix-player packages fix multiple vulnerabilities (09/30/05)
- [SECURITY] [DSA 797-2] Updated zsync i386 packages fix build error (09/29/05)
- [SECURITY] [DSA 795-2] Updated i386 proftpd packages fix format string vulnerability (09/03/05)
- [SECURITY] [DSA 799-1] New webcalendar packages fix remote code execution (09/02/05)
milw0rm Inc.
- Re: [Full-disclosure] FireFox Host: Buffer Overflow is not just exploitable on FireFox (09/16/05)
Moritz Naumann
- SquirrelMail Address Add Plugin XSS (09/29/05)
Nicholas Knight
- Re: FileZilla weakly-encrypted password vulnerability: advisory + PoC (09/04/05)
Nick Boyce
- Re: FileZilla weakly-encrypted password vulnerability: advisory + PoC (09/05/05)
OpenPKG
- [OpenPKG-SA-2005.021] OpenPKG Security Advisory (squid) (09/10/05)
- [OpenPKG-SA-2005.018] OpenPKG Security Advisory (pcre) (09/05/05)
- [OpenPKG-SA-2005.019] OpenPKG Security Advisory (openssh) (09/06/05)
- [OpenPKG-SA-2005.017] OpenPKG Security Advisory (modssl) (09/02/05)
- [OpenPKG-SA-2005.020] OpenPKG Security Advisory (proftpd) (09/06/05)
os2a.bto_at_gmail.com
- Hesk Session ID Validation Vulnerability (09/20/05)
- Vulnerability in myBloggie 2.1.3-beta and prior (09/05/05)
Paul Laudanski
- Re: Bypassing Personal Firewall (Zone Alarm Pro) Using DDE-IPC (09/29/05)
- Re: PHP Nuke <= 7.8 Multiple SQL Injections (09/17/05)
- Web Application Security Analyzer for PHP-Nuke/phpBB CMS (09/17/05)
- Re: PHP Nuke <= 7.8 Multiple SQL Injections (09/16/05)
- Re: PHP Nuke <= 7.8 Multiple SQL Injections (09/16/05)
- Re: CastleCops ramps up fight against CoolWebSearch/HomeSearch (09/16/05)
- Re: PHP Nuke <= 7.8 Multiple SQL Injections (09/14/05)
- CastleCops ramps up fight against CoolWebSearch/HomeSearch (09/14/05)
pen-test_at_securityfocus.com
- CDMA1X Security (09/16/05)
Peter Kieser
- Re: phpBB 2.0.17 remote avatar size bug (09/21/05)
Peter Kruse
- RE: [Full-disclosure] FireFox Host: Buffer Overflow is not justexploitable on FireFox (09/14/05)
Petko Petkov
- Re: PHP-Fusion v6.00.109 SQL Injection / admin|users credentials disclosure (09/29/05)
Pinion Lab
- PTL Advisory 050825 - HP LaserJet Network Username and Information Enumeration (09/15/05)
Piotr Bania
- Protty v.01A (beta) - shellcode execution protection library for Windows NT based systems (09/22/05)
- (TOOL) TAPiON ver 0.1c (09/16/05)
- Re: [Full-disclosure] (TOOL) TAPiON (Polymorphic Decryptor Generator) Engine (09/09/05)
- (TOOL) TAPiON (Polymorphic Decryptor Generator) Engine (09/09/05)
please_reply_to_security_at_sco.com
- OpenServer 5.0.7 OpenServer 6.0.0 : UnZip File Permissions Change Vulnerability (09/28/05)
- OpenServer 6.0.0 : TCP Remote ICMP Denial Of Service Vulnerabilities (09/22/05)
- UnixWare 7.1.4 : LibTIFF < 3.72 malformed data code exec (09/21/05)
please_use_support_form_at_ourwebsite.com
- Re: Subscribe Me Pro 2.044.09P and prior Directory Traversal Vulnerability (09/21/05)
psymera_at_hotmail.com
- Cj Desing Three Aplications One Bug (09/08/05)
pvnick_at_gmail.com
- Greyhats Security back online (09/16/05)
r.verton_at_gmail.com
- PHP Nuke <= 7.8 Multiple SQL Injections (09/12/05)
- [NewAngels Advisory #5] Stylemotion WEB//NEWS 1.4 Vulnerabilities (09/07/05)
retrogod_at_aliceposta.it
- Lucid CMS 1.0.11 SQL Injection / Login Bypass / remote code execution (09/29/05)
- PHP-Fusion v6.00.109 SQL Injection / admin|users credentials disclosure (09/28/05)
- My Little Forum 1.5 / 1.6beta SQL Injection (09/22/05)
- MailGust 1.9 SQL Injection (09/24/05)
- PhpMyFAQ 1.5.1 multiple vulnerabilities (09/23/05)
- My Little Forum 1.5 / 1.6beta SQL Injection (09/22/05)
- CuteNews 1.4.0 remote code execution (09/17/05)
- CuteNews 1.4.0 remote code execution (09/17/05)
- Digital Scribe v1.4 Login Bypass / SQL injection / remote code execution (09/15/05)
- ATutor 1.5.1 SQL Injection / Admin credentials disclosure / remote code execution (09/14/05)
- AzDGDatingLite V 2.1.3 remote code execution (09/13/05)
- class-1 Forum Software v 0.24.4 Remote code execution (09/08/05)
- PBLang 4.65 (possibly prior versions) remote code execution (09/07/05)
- phpCommunityCalendar 4.0.3 (possibly prior versions) sql injection / login bypass / cross site scripting (09/05/05)
- UNB 1.5.3 cross site scripting (09/05/05)
- MAXdev MD-Pro 1.0.73 (possibly prior versions) remote code execution / cross site scripting / path disclosure (09/06/05)
rod hedor
- Remote File Inclusion in MyGuestbook (09/15/05)
Rohit
- Re: Serious Security issue with broken - Microsoft's .Net XML Serialization API (09/13/05)
- Serious Security issue with broken - Microsoft's .Net XML Serialization API (09/13/05)
s3cure_at_poczta.fm
- I have discovered small xss error in open webmail 2.41 (09/03/05)
Sap .
- TWiki Remote Command Execution Vulnerability (09/14/05)
Saqib Ali
- Is netcraft publishing URL of your intranet sites? (09/15/05)
Sean Sullivan
- RE: phpBB 2.0.17 remote avatar size bug (09/20/05)
Sean Warnock
- Dumb Question (09/19/05)
Secunia Research
- Secunia Research: 7-Zip ARJ Archive Handling Buffer Overflow (09/23/05)
- Secunia Research: PowerArchiver ACE/ARJ Archive Handling Buffer Overflow (09/23/05)
- Secunia Research: Opera Mail Client Attachment Spoofing and Script Insertion (09/20/05)
- Secunia Research: Ahnlab V3 Antivirus Multiple Vulnerabilities (09/15/05)
- Secunia Research: AVIRA Antivirus ACE Archive Handling Buffer Overflow (09/14/05)
- Secunia Research: NOD32 Anti-Virus ARJ Archive Handling Buffer Overflow (09/08/05)
- Secunia Research: ALZip ACE Archive Handling Buffer Overflow (09/08/05)
- Secunia Research: SqWebMail Conditional Comments Script Insertion Vulnerability (09/06/05)
secure_at_symantec.com
- Re: Vulnerability in Symantec Anti Virus Corporate Edition v9.x] (08/31/05)
security curmudgeon
- Re: PHP-Fusion v6.00.109 SQL Injection / admin|users credentials disclosure (09/30/05)
- Re: Remote File Inclusion in MyGuestbook (09/23/05)
security-alert_at_hp.com
- [security bulletin] SSRT5998 Rev.2 HP System Management Homepage (v2.0.x) Denial of Service (DoS) and XSS (09/22/05)
- [security bulletin] SSRT5988 rev.1 - HP Tru64 Unix libXpm Remote Denial of Service (DoS) or Execute Privileged Code (09/21/05)
- [security bulletin] SSRT5971 rev.0 - HP Tru64 Unix FTP Daemon (ftpd) Remote Denial of Service (DoS) (09/20/05)
- [security bulletin] SSRT5999 rev.0 HP OpenVMS Secure Web Browser Mozilla Application Node Spoofing (09/20/05)
- [security bulletin] SSRT051023 rev.1 - HP OpenView Network Node Manager (OV NNM) Remote Unauthorized Privileged Access (09/05/05)
Sergey V. Gordeychik
- RE: "Exploiting the XmlHttpRequest object in IE" - paper by Amit Klein (09/30/05)
Shaun Colley
- Multiple vulnerabilities in FreeBSD 'urban' (09/04/05)
Shiraishi.M
- Zebedee DoS Vulnerability (09/09/05)
SmOk3
- phpBB 2.0.17 remote avatar size bug (09/20/05)
snsadv
- [SNS Advisory No.83] Webmin/Usermin PAM Authentication Bypass Vulnerability (09/21/05)
spam_at_drwetter.org
- Avocent CCM: Port Access Control Bypass Vulnerability (09/15/05)
SpyHat_at_SpyHat.com
- Hack Dot AE v2 (09/22/05)
ss_contacts_at_hotmail.com
- Multiple vulnerabilities in Merak Mail Server 8.2.4r with Icewarp Web Mail 5.5.1 (09/30/05)
Stefan Cornelius
- [ GLSA 200509-03 ] OpenTTD: Format string vulnerabilities (09/05/05)
Steven M. Christey
- Re: Vulnerability in Symantec Anti Virus Corporate Edition v9.x] (09/02/05)
Steven Sturges
- RE: [Snort-devel] Re: [Snort-users] Snort DoS Fallacies (09/14/05)
stranger-killer_at_hotmail.com
- SQL Injection[2] In MyBB PR2 (09/07/05)
Sune Kloppenborg Jeppesen
- [ GLSA 200509-18 ] Qt: Buffer overflow in the included zlib library (09/26/05)
- [ GLSA 200509-06 ] Squid: Denial of Service vulnerabilities (09/07/05)
Suresec Advisories
- [ Suresec Advisories ] - Kcheckpass file creation vulnerability (09/07/05)
Thierry Carrez
- [ GLSA 200509-21 ] Hylafax: Insecure temporary file creation in xferfaxstats script (09/30/05)
- [ GLSA 200509-19 ] PHP: Vulnerabilities in included PCRE and XML-RPC libraries (09/27/05)
- [ GLSA 200509-16 ] Mantis: XSS and SQL injection vulnerabilities (09/24/05)
- [ GLSA 200509-17 ] Webmin, Usermin: Remote code execution through PAM authentication (09/24/05)
- [ GLSA 200509-15 ] util-linux: umount command validation error (09/20/05)
- [ GLSA 200509-14 ] Zebedee: Denial of Service vulnerability (09/20/05)
- [ GLSA 200509-13 ] Clam AntiVirus: Multiple vulnerabilities (09/19/05)
- [ GLSA 200509-09 ] Py2Play: Remote execution of arbitrary Python code (09/17/05)
- [ GLSA 200509-12 ] Apache, mod_ssl: Multiple vulnerabilities (09/19/05)
- ERRATA: [ GLSA 200507-20 ] Shorewall: Security policy bypass (09/17/05)
- [ GLSA 200509-11 ] Mozilla Suite, Mozilla Firefox: Buffer overflow (09/18/05)
- [ GLSA 200509-10 ] Mailutils: Format string vulnerability in imap4d (09/17/05)
- [ GLSA 200509-07 ] X.Org: Heap overflow in pixmap allocation (09/12/05)
- [ GLSA 200509-08 ] Python: Heap overflow in the included PCRE library (09/12/05)
- [ GLSA 200509-04 ] phpLDAPadmin: Authentication bypass (09/06/05)
- [ GLSA 200509-05 ] Net-SNMP: Insecure RPATH (09/06/05)
- [ GLSA 200509-02 ] Gnumeric: Heap overflow in the included PCRE library (09/03/05)
- [ GLSA 200509-01 ] MPlayer: Heap overflow in ad_pcm.c (09/01/05)
Thomas Biege
- SUSE Security Announcement: XFree86-server,xorg-x11-server (SUSE-SA:2005:056) (09/26/05)
- SUSE Security Announcement: squid (SUSE-SA:2005:053) (09/16/05)
- SUSE Security Announcement: apache2 (SUSE-SA:2005:051) (09/12/05)
Times Enemy
- Re: CastleCops ramps up fight against CoolWebSearch/HomeSearch (09/15/05)
Trustix Security Advisor
- TSLSA-2005-0053 - unzip (09/30/05)
- TSLSA-2005-0051 - clamav (09/23/05)
- TSLSA-2005-0049 - multi (09/16/05)
- TSLSA-2005-0047 - multi (09/09/05)
un4m31_at_gmail.com
- File aribitary read access in frox (09/01/05)
unknow_at_uw-team.org
- PHP SESSION MODIFICATION (09/16/05)
unsecure_at_writeme.com
- USB Lock Auto-Protect v1.5 - Local Password Encryption Weakness (09/05/05)
v9
- UMN gopher[v3.0.9+] multiple(2) client buffer overflows. (09/01/05)
- Adobe Version Cue exploits. (09/01/05)
varunuppal_at_linuxmail.org
- FL Studio 5 (.flp file processing) Heap Overflow (09/26/05)
warl0ck_at_linuxmail.org
- Re: Bypassing Personal Firewall (Zone Alarm Pro) Using DDE-IPC (09/29/05)
X1ngBox_at_securityfocus.com
- CMS Made Simple 0.10 is susceptible to a cross site scripting attack. (09/26/05)
- lucidCMS 1.0.11 is susceptible to a cross site scripting attack (09/27/05)
Yutaka OIWA
- Re: "Exploiting the XmlHttpRequest object in IE" - paper by Amit Klein (09/27/05)
ZATAZ Audits
- apachetop insecure temporary file creation (09/30/05)
- gwcc insecure temporary file creation (09/16/05)
- ncompress insecure temporary file creation (09/16/05)
- arc insecure temporary file creation (09/16/05)
- gtkdiskfree insecure temporary file creation (09/15/05)
Zone Labs Security Team
- Zone Labs response to "Bypassing Personal Firewall (Zone Alarm Pro) Using DDE-IPC" (09/30/05)

Last message date: 09/30/05
Archived on: 09/30/05 CEST

358 messages sorted by: [ date ] [ thread ] [ subject ] [ attachment ]

SecurityFocus BugtraqBy Author

SecurityFocus Bugtraq
By Author