SecurityFocus Bugtraq
By Thread

350 messages sorted by: [ author ] [ date ] [ subject ] [ attachment ]

---

Starting: 11/01/05
Ending: 11/30/05

• [FLSA-2005:166943] Updated php packages fix security issues Marc Deslauriers (11/29/05)
• [Full-disclosure] [ GLSA 200511-21 ] Macromedia Flash Player: Remote arbitrary code execution Thierry Carrez (11/25/05)
• [Full-disclosure] [ GLSA 200511-23 ] chmlib, KchmViewer: Stack-based buffer overflow koon_at_gentoo.org (11/28/05)
• [Full-disclosure] [ GLSA 200511-22 ] Inkscape: Buffer overflow Thierry Carrez (11/28/05)
• [Full-disclosure] [ GLSA 200511-23 ] chmlib, KchmViewer: Stack-based buffer overflow Thierry Carrez (11/28/05)
• [SECURITY] [DSA 911-1] New gtk+2.0 packages fix several vulnerabilities Martin Schulze (11/29/05)
• Cisco Security Advisory: Cisco Security Agent Vulnerable to Privilege Escalation Cisco Systems Product Security Incident Response Team (11/29/05)
• Core FORCE and OpenBSD PF's Ivan Arce (11/28/05)
• Flaw in Syn Attack Protection on non-updated Microsoft OSes can lead to DoS Luigi Mori (11/28/05)
• What is wrong with these people? Paul Schmehl (11/28/05)
• Google Talk cleartext credentials in process memory unknown.pentester_at_gmail.com (11/28/05)
• Kadu remote DoS michal_at_tux.bz (11/28/05)
• - Cisco IOS HTTP Server code injection/execution vulnerability- picardos_at_terra.es (11/28/05)
  • Re: - Cisco IOS HTTP Server code injection/execution vulnerability- Florian Weimer (11/28/05)
    • Re: Re: - Cisco IOS HTTP Server code injection/execution vulnerability- limfung_at_gmail.com (11/29/05)
• Randshop all versiyon Sql İnjection liz0_at_bsdmail.com (11/28/05)
• DNS query spam Piotr Kamisiski (11/27/05)
• Re: phpBB Code EXEC (v2.0.10) deane10_at_sbcglobal.net (11/28/05)
  • Re: phpBB Code EXEC (v2.0.10) Ron van Daal (11/28/05)
• ZRCSA-200503 - ktools Buffer Overflow Vulnerability siegfried_at_zone-h.org (11/27/05)
• APC Security Advisory - PowerChute Network Shutdown's Web Interface Only Supports HTTP Security.advisory_at_apcc.com (11/28/05)
• Free Web Stat Multiple XSS Vulnerabilities ascii (11/28/05)
• Php Web Statistik Multiple Vulnerabilities ascii (11/28/05)
• WebCalendar Multiple Vulnerabilities ascii (11/28/05)
• Guppy <= 4.5.9 Remote code execution retrogod_at_aliceposta.it (11/28/05)
• ANN: Free endpoint security software released (Core FORCE 070.105) Core FORCE team (11/28/05)
• [ GLSA 200511-22 ] Inkscape: Buffer overflow Thierry Carrez (11/28/05)
• [ GLSA 200511-23 ] chmlib, KchmViewer: Stack-based buffer overflow Thierry Carrez (11/28/05)
• Remote file include in phpgreetz gb.network_at_gmail.com (11/26/05)
• Remote file include in Q-News gb.network_at_gmail.com (11/26/05)
• Remote file include in Athena gb.network_at_gmail.com (11/26/05)
• Webistanbul Control Panel Sql Injection khc_at_bsdmial.org (11/26/05)
• XSS in PBLang 4.65 Profile.php/UCP.php r0xes_at_7NA.org (11/26/05)
• [ GLSA 200511-21 ] Macromedia Flash Player: Remote arbitrary code execution Thierry Carrez (11/25/05)
• Advisory 23/2005: vTiger multiple vulnerabilities Christopher Kunz (11/25/05)
  • RE: Advisory 23/2005: vTiger multiple vulnerabilities Bug Traq Lists (11/25/05)
• Mandriva Security newbug_at_securityfocus.com, (11/25/05)
  • Re: Mandriva Security Vincent Danen (11/26/05)
• eFiction <= 2.0 multiple vulnerabilities retrogod_at_aliceposta.it (11/25/05)
• SEC Consult SA-20051125-0 :: More Vulnerabilities in vTiger CRM SEC Consult Research (11/25/05)
• MDKSA-2005:216 - Updated fuse packages fix vulnerability Mandriva Security Team (11/24/05)
• 2nd CFP: Workshops at the 1st Int. Conf. on Availability, Reliability & Security Manh Tho (11/24/05)
• freeFTPd 1.0.10 (Dos,Exploit) Stefan Lochbihler (11/24/05)
• [SECURITY] [DSA 910-1] New zope2.7 packages fix arbitrary file inclusion Martin Schulze (11/24/05)
• Advisory 23/2005: vTiger multiple vulnerabilities Christopher Kunz (11/24/05)
  • Re: Advisory 23/2005: vTiger multiple vulnerabilities Christopher Kunz (11/25/05)
• MailEnable IMAP DOS Josh Zlatin (11/24/05)
• Secunia Research: SpeedProject Products ZIP/UUE File Extraction Buffer Overflow Secunia Research (11/24/05)
• MDKSA-2005:215 - Updated binutils packages fix vulnerabilities Mandriva Security Team (11/23/05)
• XSS on Yahoo Mail Richard Fuchshuber (11/23/05)
  • RE: XSS on Yahoo Mail Will Wesley (11/24/05)
    • Re: XSS on Yahoo Mail Steven Champeon (11/25/05)
      • Re: XSS on Yahoo Mail Will Wesley (11/26/05)
    • Re: XSS on Yahoo Mail Jim Ley (11/24/05)
    • RE: XSS on Yahoo Mail Richard Fuchshuber (11/24/05)
  • Re: XSS on Yahoo Mail Personal Account (11/24/05)
  • Re: XSS on Yahoo Mail little.hacker_at_gmail.com (11/24/05)
    • Re: XSS on Yahoo Mail Matan Peled (11/26/05)
  • Re: XSS on Yahoo Mail alireza hassani (11/26/05)
    • Re: XSS on Yahoo Mail Lance James (11/28/05)
• [ GLSA 200511-18 ] phpSysInfo: Multiple vulnerabilities Sune Kloppenborg Jeppesen (11/22/05)
• [ GLSA 200511-19 ] eix: Insecure temporary file creation Sune Kloppenborg Jeppesen (11/22/05)
• [ GLSA 200511-20 ] Horde Application Framework: XSS vulnerability Sune Kloppenborg Jeppesen (11/22/05)
• Google Talk Denial of Service - BenjiBug James Evans (11/23/05)
• [SECURITY] [DSA 907-1] New ipmenu packages fix insecure temporary file creation Martin Schulze (11/23/05)
• [SECURITY] [DSA 908-1] New sylpheed-claws packages fix arbitrary code execution Martin Schulze (11/23/05)
• GeSWall Intrusion Prevention System 2.1 Released (Freeware) GentleSecurity Team (11/23/05)
• [SECURITY] [DSA 909-1] New horde3 packages fix cross-site scripting Martin Schulze (11/23/05)
• [security bulletin] SSRT051074 Revised - HP-UX Running xterm Local Unauthorized Access security-alert_at_hp.com (11/23/05)
• OTRS 1.x/2.x Multiple Security Issues Moritz Naumann (11/22/05)
• Cisco PIX TCP Connection Prevention Konstantin V. Gavrilenko (11/22/05)
• [USN-218-1] netpbm vulnerabilities Martin Pitt (11/21/05)
• [USN-219-1] Linux kernel vulnerabilities Martin Pitt (11/22/05)
• [SECURITY] [DSA 900-3] New fetchmail-ssl packages fix potential information leak Martin Schulze (11/22/05)
• [ GLSA 200511-17 ] FUSE: mtab corruption through fusermount Thierry Carrez (11/22/05)
• Exploiting the Stack (Part I-IV) Nish_at_securityfocus.com, (11/22/05)
• Horde MIME Viewer vulnerability daniel.schreckling_at_securityfocus.com (11/22/05)
• VHCS 2.x HTTP Error Cross Site Scripting Moritz Naumann (11/22/05)
  • Re: VHCS 2.x HTTP Error Cross Site Scripting Moritz Naumann (11/24/05)
• [KAPDA::#14] - PHPPost XSS and HTML Injection alireza hassani (11/22/05)
• PmWiki 2.0.12 Cross Site Scripting Moritz Naumann (11/22/05)
• [USN-190-2] ucs-snmp vulnerability Martin Pitt (11/21/05)
• [USN-217-1] Inkscape vulnerability Martin Pitt (11/21/05)
• [ GLSA 200511-16 ] GNUMP3d: Directory traversal and insecure temporary file creation Thierry Carrez (11/21/05)
• Secunia Research: Opera Command Line URL Shell Command Injection Secunia Research (11/22/05)
• [SECURITY] [DSA 906-1] New sylpheed packages fix arbitrary code execution Martin Schulze (11/22/05)
• [SECURITY] [DSA 905-1] New mantis packages fix several vulnerabilities Martin Schulze (11/22/05)
• IE BUG, Mozilla DOS? admin_at_dbtech.org (11/21/05)
  • Re: IE BUG, Mozilla DOS? Kyle Wheeler (11/23/05)
• Computer Terrorism Security Advisory (Reclassification) - Microsoft Internet Explorer JavaScript Window() Vulnerability securityadvisory_at_computerterrorism.com (11/21/05)
• Gadu-Gadu several vulnerabilities (version <= 7.20) Jaroslaw Sajko (11/21/05)
• [SECURITY] [DSA 900-2] New fetchmail packages fix potential information leak Martin Schulze (11/21/05)
• [SECURITY] [DSA 904-1] New netpbm packages fix arbitrary code execution Martin Schulze (11/21/05)
• [SECURITY] [DSA 903-1] New unzip packages fix unauthorised permissions modification Martin Schulze (11/21/05)
• Re: Cisco Clean Access Agent (Perfigo) bypass fakemeail_at_yahoo.com (11/21/05)
• Google Search Appliance proxystylesheet Flaws H D Moore (11/21/05)
• Metro Olografix Crypto Meeting 2006 CFP Angelo Dell'Aera (11/20/05)
• [SECURITY] [DSA 811-2] New common-lisp-controller packages fix arbitrary code injection Martin Schulze (11/21/05)
• [SECURITY] [DSA 902-1] New xmail packages fix arbitrary code execution Martin Schulze (11/21/05)
• cracking safes with thermal imaging Michal Zalewski (11/21/05)
• APBoard v [all] ---> [SQL injection] ksa_ksa82_at_hotmail.com (11/21/05)
• Security Advisory: Struts Error Message Cross Site Scripting Irene Abezgauz (11/21/05)
• Your One-Stop Site For Sony Lawsuit Info Larry Seltzer (11/21/05)
• [TKADV2005-11-004] Multiple Cross Site Scripting vulnerabilities in phpMyFAQ tk_at_trapkit.de (11/19/05)
• [ GLSA 200511-15 ] Smb4k: Local unauthorized file access Sune Kloppenborg Jeppesen (11/18/05)
• [security - exponentcms] Hans Wolters (11/19/05)
• [SECURITY] [DSA 901-1] New gnump3d packages fix several vulnerabilities Martin Schulze (11/19/05)
• MDKSA-2005:214 - Updated gdk-pixbuf/gtk+2.0 packages fix vulnerability Mandriva Security Team (11/19/05)
• Mambo 0day Exploit out in the wild - mambo/skype hacked rebarz99_at_gmail.com (11/18/05)
• Secunia Research: Winmail Server Multiple Vulnerabilities Secunia Research (11/18/05)
• Google Base Petko Petkov (11/18/05)
• Secunia Research: MailEnable Buffer Overflow and Directory Traversal Vulnerabilities Secunia Research (11/18/05)
• PHP-Fusion <= 6.00.206 Multiple Vulnerabilities r.verton_at_gmail.com (11/18/05)
  • Re: PHP-Fusion <= 6.00.206 Multiple Vulnerabilities sheldon_at_php-fusion.co.uk (11/19/05)
• Snagging Security Tokens to Elevate Privileges David Litchfield (11/18/05)
• [SECURITY] [DSA 900-1] New fetchmail packages fix potential information leak Martin Schulze (11/18/05)
• iDEFENSE Security Advisory 11.17.05: Qualcomm WorldMail IMAP Server Directory Traversal Vulnerability labs-no-reply_at_idefense.com (11/17/05)
• [SECURITY] [DSA 899-1] New egroupware packages fix several vulnerabilities Martin Schulze (11/17/05)
• [SECURITY] [DSA 898-1] New phpgroupware packages fix several vulnerabilities Martin Schulze (11/17/05)
• [KAPDA::#13] - XMB HTML Injection & Path Disclosure. alireza hassani (11/17/05)
• MDKSA-2005:213 - Updated php packages fix multiple vulnerabilities Mandriva Security Team (11/17/05)
• ShmooCon 2006 - Washington DC B Potter (11/17/05)
• [security bulletin] SSRT5979 - HP-UX Running IPSec Remote Denial of Service (DoS) security-alert_at_hp.com (11/16/05)
• [ GLSA 200511-14 ] GTK+ 2, GdkPixbuf: Multiple XPM decoding vulnerabilities Thierry Carrez (11/16/05)
• Buffer OverFlow For Php 4.3.10 and other ?? Local papipsycho_at_hotmail.com (11/16/05)
• MDKSA-2005:212 - Updated egroupware packages to address phpldapadmin, phpsysinfo vulnerabilities Mandriva Security Team (11/16/05)
• [security bulletin] SSRT5979 - HP Jetdirect 635n IPv6/IPsec Print Server (J7961A) Remote Denial of Service (DoS) Security Alert (11/16/05)
• [USN-216-1] GDK vulnerabilities Martin Pitt (11/16/05)
• [security bulletin] SSRT051251 - Apache-based Web Server on HP-UX mod_ssl, proxy_http, Remote Execution of Arbitrary Code, Denial of Service (DoS), and Unauthorized Access security-alert_at_hp.com (11/16/05)
• In response to ISAKMP 'vulnerabilities' sigint_at_hush.com (11/16/05)
• [FLSA-2005:123013] Updated xchat package fixes security issue Marc Deslauriers (11/15/05)
• Cisco Security Advisory: Fixed SNMP Communities and Open UDP Port in Cisco 7920 Wireless IP Phone Cisco Systems Product Security Incident Response Team (11/16/05)
• Buffer Overrun in FTGate4 Groupware Mail server io_at_lucaercoli.it (11/16/05)
• Database servers on XP and the curious flaw David Litchfield (11/16/05)
• SUSE Security Announcement: gdk-pixbuf, gtk2 (SUSE-SA:2005:065) Thomas Biege (11/16/05)
• Schneier's PasswordSafe password validation flaw info_at_elcomsoft.com (11/16/05)
• [ GLSA 200511-13 ] Sylpheed, Sylpheed-Claws: Buffer overflow in LDIF importer Thierry Carrez (11/15/05)
• APPLE-SA-2005-11-15 iTunes 6 for Windows noreply_at_securityfocus.com (11/16/05)
• Critical SQL Injection PHPNuke <= 7.8 sp3x_at_securityreason.com (11/15/05)
• iDEFENSE Security Advisory 11.15.05: Multiple Vendor Insecure Call to CreateProcess() Vulnerability labs-no-reply_at_idefense.com (11/15/05)
• iDEFENSE Security Advisory 11.15.05: Multiple Vendor GTK+ gdk-pixbuf XPM Loader Heap Overflow Vulnerability labs-no-reply_at_idefense.com (11/15/05)
• Authentication vulnerability in Belkin wireless devices Andrei Mikhailovsky (11/15/05)
  • Re: Authentication vulnerability in Belkin wireless devices Andrei Mikhailovsky (11/16/05)
• [securityzone@macromedia.com: Macromedia Security Bulletins] noreply_at_securityfocus.com (11/16/05)
• Template Seller Pro 3.25 r.verton_at_gmail.com (11/15/05)
• Affiliate Network Pro v7.2 SQL Injections, Arbitrary code execution, XSS r.verton_at_gmail.com (11/15/05)
• [FLSA-2005:123013] Updated xchat package fixes security issue Marc Deslauriers (11/15/05)
• Three years and ten months without a patch David Litchfield (11/15/05)
• [FS-05-02] Multiple vulnerabilities in phpMyAdmin Toni Koivunen (11/15/05)
• [SECURITY] [DSA 897-1] New phpsysinfo packages fix several vulnerabilities Martin Schulze (11/15/05)
• [PHPADSNEW-SA-2005-002] phpAdsNew and phpPgAds 2.0.7 fix multiple vulnerabilities Matteo Beccati (11/15/05)
• [FLSA-2005:158801] Updated bzip2 packages fix security issues Marc Deslauriers (11/15/05)
• [SECURITY] [DSA 896-1] New ftpd-ssl packages fix arbitrary code execution Martin Schulze (11/15/05)
• [ GLSA 200511-12 ] Scorched 3D: Multiple vulnerabilities Thierry Carrez (11/15/05)
• [FLSA-2005:152794] Updated rp-pppoe package fixes security issue Marc Deslauriers (11/15/05)
  • Re: [FLSA-2005:152794] Updated rp-pppoe package fixes security issue David F. Skoll (11/15/05)
• [xfocus-AD-051115]Multiple antivirus failed to scan malicous filename bypass vulnerability alert7_at_xfocus.org (11/15/05)
  • Re: [xfocus-AD-051115]Multiple antivirus failed to scan malicous filename bypass vulnerability Thierry Zoller (11/15/05)
• PHPWCMS - Directory traversal vulnerability,CSS attack Stefan Lochbihler (11/15/05)
• [SECURITY] [DSA 894-1] New AbiWord packages fix arbitrary code execution Martin Schulze (11/14/05)
• Multible Sql injections in Wizz Forum s2b_at_hotmail.com (11/13/05)
• Walla TeleSite Multiple Vulnerabilities sinneR (11/14/05)
• Cyphor (Release: 0.19) Sql injection s2b_at_hotmail.com (11/13/05)
• 1-2-All Broadcast E-mail Software vulnerable to a classic SQL admin bhs_team_at_yahoo.com (11/11/05)
• Midicart sql injection crazy frog crazy frog (11/12/05)
  • Re: Midicart sql injection exoduks_at_securityfocus.com, (11/15/05)
• Malware Removal and Prevention Procedure Paul Laudanski (11/11/05)
• phpBB 2.0.18 SQL Query problem max_at_jestsuper.pl (11/11/05)
  • Re: phpBB 2.0.18 SQL Query problem Ron van Daal (11/15/05)
  • Re: phpBB 2.0.18 SQL Query problem max_at_jestsuper.pl (11/15/05)
• GAO report on e-voting Atom Smasher (11/12/05)
• List of Security-oriented Fairs/Events/Conferences? Rainer Duffner (11/14/05)
  • Re: List of Security-oriented Fairs/Events/Conferences? Saeed Abu Nimeh (11/15/05)
  • RE: List of Security-oriented Fairs/Events/Conferences? Jeremy Epstein (11/15/05)
  • RE: List of Security-oriented Fairs/Events/Conferences? dave kleiman (11/15/05)
    • Re: List of Security-oriented Fairs/Events/Conferences? Luca Sambucci (11/16/05)
  • RE: List of Security-oriented Fairs/Events/Conferences? Juha-Matti Laurio (11/16/05)
• MD4 and MD5 collision generators sflist_at_digitaloffense.net (11/14/05)
• Beta product testing Bill Stout (11/14/05)
• [security bulletin] HPSBUX02075 SSRT051074 - HP-UX Running xterm Local Unauthorized Access security-alert_at_hp.com (11/14/05)
• [KAPDA::#12] - ekinboard XSS and HTML Injection alireza hassani (11/14/05)
• Cisco Security Advisory: Multiple Vulnerabilities Found by PROTOS IPSec Test Suite Cisco Systems Product Security Incident Response Team (11/14/05)
• iDefense Security Advisory 11.11.05: Multiple Vendor Lynx Command Injection Vulnerability labs-no-reply_at_idefense.com (11/11/05)
• [ADVISORY] CISCO ASA Failover DoS Vulnerability Amin Tora (11/14/05)
  • RE: [ADVISORY] CISCO ASA Failover DoS Vulnerability Randy Ivener (rivener) (11/14/05)
• Advisory 22/2005: Multiple vulnerabilities in phpSysInfo Christopher Kunz (11/13/05)
• fipsCMS light - vulnerable to script injection. preben_at_watchcom.no (11/14/05)
• [SECURITY] [DSA 895-1] New uim packages fix privilege escalation Martin Schulze (11/14/05)
• [SECURITY] [DSA 893-1] New acidlab packages fix SQL injection Martin Schulze (11/14/05)
• DMA[2005-1112a] - 'Veritas Storage Foundation VCSI18N_LANG buffer overflow' Kevin Finisterre (11/12/05)
  • Re: DMA[2005-1112a] - 'Veritas Storage Foundation VCSI18N_LANG buffer overflow' Dana Hudes (11/15/05)
• [FLSA-2005:152848] Updated glibc packages fix security issues Marc Deslauriers (11/14/05)
• [ GLSA 200511-11 ] linux-ftpd-ssl: Remote buffer overflow Thierry Carrez (11/13/05)
• [ GLSA 200511-10 ] RAR: Format string and buffer overflow vulnerabilities Thierry Carrez (11/13/05)
• XOOPS 2.2.3 Final arbitrary local inclusion / XOOPS WF-Downloads module v 2.05 SQL Injection retrogod_at_aliceposta.it (11/13/05)
• PHPCalendar (and some more codegrrl.com products) arbitrary code execution r.verton_at_gmail.com (11/13/05)
• [ GLSA 200511-09 ] Lynx: Arbitrary command execution Thierry Carrez (11/13/05)
• PollVote Remote File Inclusion stormhacker_at_hotmail.com (11/14/05)
• [ GLSA 200511-08 ] PHP: Multiple vulnerabilities Thierry Carrez (11/13/05)
• ZRCSA-200502 - phpAdsNew SQL Injection Vulnerabilities Siegfried (11/11/05)
• Multiple Bugs in MyBB 1.0 PR2 Rev 686(Updated Nov 1, 2005) syini666_at_gmail.com (11/14/05)
• MDKSA-2005:211 - Updated lynx packages fix critical vulnerability Mandriva Security Team (11/12/05)
• SQL injection in phpWebThing 1.4.4 A.1.M_at_Hotmail.com (11/11/05)
• High Risk Flaw in RealPlayer NGSSoftware Insight Security Research (11/11/05)
• [EEYEB-20050701] - RealPlayer Zipped Skin File Buffer Overflow II Advisories_at_eeye.com (11/10/05)
• [EEYEB-20050510] - RealPlayer Data Packet Stack Overflow Advisories_at_eeye.com (11/10/05)
• Moodle <=1.6dev blind SQL Injection retrogod_at_aliceposta.it (11/10/05)
• [USN-215-1] fetchmailconf vulnerability Martin Pitt (11/07/05)
• [FLSA-2005:166941] Updated httpd and mod_ssl packages fix two security issues Marc Deslauriers (11/10/05)
• [SECURITY] [DSA 804-2] New kdelibs packages fix backup file information leak Martin Schulze (11/10/05)
• Folder Guard exe files protection bypass ShadowBeast_at_underdevelop.com (11/10/05)
• [SECURITY] [DSA 892-1] New awstats packages fix arbitrary command execution Martin Schulze (11/10/05)
• [FS-05-01] Multiple vulnerabilities in phpAdsNew Toni Koivunen (11/10/05)
• MDKSA-2005:210 - Updated w3c-libwww packages fixes DoS vulnerability. Mandriva Security Team (11/10/05)
• MDKSA-2005:209 - Updated fetchmail packages fixes fetchmailconf vulnerability Mandriva Security Team (11/10/05)
• MDKSA-2005:208 - Updated emacs packages fix Lisp vulnerability Mandriva Security Team (11/10/05)
• MDKSA-2005:207 - Updated libungif packages fix various vulnerabilities Mandriva Security Team (11/10/05)
• [security bulletin] SSRT051012 - HP-UX envd Local Execution of Privileged Code security-alert_at_hp.com (11/09/05)
• [security bulletin] SSRT051014 - HP-UX Trusted Mode remshd Remote Unauthorized Access security-alert_at_hp.com (11/09/05)
• [security bulletin] SSRT051064 Revised - HP-UX ftpd Remote Unauthorized Data Access security-alert_at_hp.com (11/09/05)
• [security bulletin] SSRT051041 Revised - HP-UX Mozilla Remote Unauthorized Execution of Privileged Code or Denial of Service (DoS) security-alert_at_hp.com (11/09/05)
• [USN-151-4] rpm vulnerability Martin Pitt (11/09/05)
• ASPKnowledgebase vulnerable to XSS injection. preben_at_watchcom.no (11/09/05)
• ASPKnowledgebase vulnerable to SQL-inject preben_at_watchcom.no (11/09/05)
• New Bug KESM in GoogleTalk natalylopez380_at_hotmail.com (11/09/05)
  • Re: New Bug KESM in GoogleTalk crowdat_at_gmail.com (11/10/05)
  • Re: New Bug KESM in GoogleTalk Cory Altheide (11/11/05)
  • Re: New Bug KESM in GoogleTalk kahrny_at_gmail.com (11/18/05)
• Antville 1.1 Cross Site Scripting Moritz Naumann (11/09/05)
• Multiple security issues in TikiWiki 1.9.x Moritz Naumann (11/09/05)
  • Re: Multiple security issues in TikiWiki 1.9.x mose_at_tikiwiki.org (11/27/05)
• CYBSEC - Security Advisory: Multiple XSS in SAP WAS Leandro Meiners (11/09/05)
• CYBSEC - Security Advisory: Phishing Vector in SAP WAS Leandro Meiners (11/09/05)
• CYBSEC - Security Advisory: HTTP Response Splitting in SAP WAS Leandro Meiners (11/09/05)
• [EEYEB-20050901] Windows Metafile SetPalette Entries Heap OVerflow Vulnerability (Graphics Rendering Engine Vulnerability) Advisories_at_eeye.com (11/08/05)
• [SECURITY] [DSA 890-1] New libungif4 packages fix several vulnerabilities Martin Schulze (11/09/05)
• [EEYEB-20050329] Windows Metafile Multiple Heap Overflows Advisories_at_eeye.com (11/08/05)
• [SECURITY] [DSA 891-1] New gpsdrive packages fix arbitrary code execution Martin Schulze (11/09/05)
• MDKSA-2005:206 - Updated openvpn packages fix multiple vulnerabilities Mandriva Security Team (11/08/05)
• Advisory 21/2005: Multiple vulnerabilities in PHPKIT Christopher Kunz (11/08/05)
• [SECURITY] [DSA 889-1] New enigmail packages fix information disclosure Martin Schulze (11/08/05)
• MDKSA-2005:205 - Updated clamav packages fix multiple vulnerabilities Mandriva Security Team (11/08/05)
• Call For Papers first-2006papers_at_first.org (11/08/05)
• Oracle DBMS_ASSERT and the October 2005 CPU NGSSoftware Insight Security Research (11/08/05)
• Oracle October 2005 CPU Problems NGSSoftware Insight Security Research (11/08/05)
• [TKADV2005-11-001] Multiple vulnerabilities in PHPlist tk_at_trapkit.de (11/07/05)
• LayerOne 2006 CFP Released Layer One (11/07/05)
• Hidden accounts on sony vaio laptops yash.kadakia_at_securityforge.com (11/07/05)
  • Re: Hidden accounts on sony vaio laptops Williams, James K (11/08/05)
• e107 Games System exploit willey_wonka_at_hotmail.com (11/07/05)
• [USN-214-1] libungif vulnerabilities Martin Pitt (11/07/05)
• Zone Labs Products Advance Program Control and OS Firewall (Behavioral Based) Technology Bypass Vulnerability Debasis Mohanty (11/07/05)
• Asterisk vmail.cgi vulnerability advisories+asterisk_at_assurance.com.au (11/07/05)
• upload phpshell in PHPFM GeekZ_at_securityfocus.com, (11/07/05)
• [ GLSA 200511-06 ] fetchmail: Password exposure in fetchmailconf Thierry Carrez (11/06/05)
• [ GLSA 200511-07 ] OpenVPN: Multiple vulnerabilities Thierry Carrez (11/06/05)
• XSS vulnerability in names.co.uk framed hosting reuben.31_at_nickname.net (11/07/05)
• [SECURITY] [DSA 884-1] New Horde3 packages fix insecure default installation Martin Schulze (11/07/05)
• SEC Consult SA-20051107-0 :: toendaCMS multiple vulnerabilites Bernhard Mueller (11/07/05)
• SEC Consult SA-20051107-1 :: Macromedia Flash Player ActionDefineFunction Memory Corruption Bernhard Mueller (11/07/05)
• Path disclosure in CuteNews <= 1.4.0 poizon_at_securityinfo.ru (11/07/05)
• OSTE v1.0 Remote Command Exucetion khc_at_bsdmail.org (11/07/05)
• Work in Progress: FileZilla Server Terminal V0.9.4d Buffer Overflow inge.henriksen_at_booleansoft.com (11/07/05)
  • Re: Work in Progress: FileZilla Server Terminal V0.9.4d Buffer Overflow inge.henriksen_at_booleansoft.com (11/21/05)
• [SECURITY] [DSA 809-3] New squid packages fix regression Martin Schulze (11/07/05)
• [SECURITY] [DSA 885-1] New OpenVPN packages fix several vulnerabilities Martin Schulze (11/07/05)
• [SECURITY] [DSA 886-1] New chmlib packages fix several vulnerabilities Martin Schulze (11/07/05)
• [SECURITY] [DSA 888-1] New OpenSSL packages fix cryptographic weakness Martin Schulze (11/07/05)
• [ GLSA 200511-05 ] GNUMP3d: Directory traversal and XSS vulnerabilities Sune Kloppenborg Jeppesen (11/06/05)
• [ GLSA 200511-04 ] ClamAV: Multiple vulnerabilities Sune Kloppenborg Jeppesen (11/06/05)
• EUSecWest/London Call for Papers and PacSec/Tokyo announcements Dragos Ruiu (11/06/05)
• Advanced Guestbook 2.2 ( SQL Injection Exploit ) bhs_team_at_yahoo.com (11/06/05)
• Gallery_v2.4 SQL Injection abducter_minds_at_yahoo.com (11/04/05)
• Zoomblog HTML Injection Vulnerability sikikmail_at_gmail.com (11/04/05)
  • Re: Zoomblog HTML Injection Vulnerability RBA (11/07/05)
• Zoomblog HTML Injection Vulnerability sikikmail_at_gmail.com (11/04/05)
• Re: OpenVPN[v2.0.x]: foreign_option() formart string vulnerability. v9 (11/04/05)
• Failles dans Invision Power Board 2.1 [xss] benjilenoob_at_hotmail.com (11/04/05)
  • Invision Power Board 2.1 : Multiple XSS Vulnerabilities Jerome Athias (11/06/05)
• Xss - Html injection in XMB s2b_at_hotmail.com (11/04/05)
• Apache Tomcat 5.5.x remote Denial Of Service David Maciejak (11/04/05)
• I-Saudi.Com First K-S-A WarGamE S3ude_at_Hotmail.com (11/05/05)
• XSS & SQL injection in phpWebThing xx_hack_xx_2004_at_hotmail.com (11/05/05)
• Zoomblog <IMG> BBCode Tag JavaScript Injection Vulnerability sikikmail_at_gmail.com (11/05/05)
• Sql injection in ibProArcade bhfh01_at_gmail.com (11/05/05)
• iDEFENSE Security Advisory 11.04.05: Clam AntiVirus tnef_attachment() DoS Vulnerability iDEFENSE Labs (11/05/05)
• iDEFENSE Security Advisory 11.04.05: Clam AntiVirus Cabinet-file handling Denial of Service Vulnerability iDEFENSE Labs (11/05/05)
• [EEYEB-20050627B] Macromedia Flash Player Improper Memory Access Vulnerability Advisories_at_eeye.com (11/05/05)
• DMA[2005-1104a] - 'GpsDrive friendsd2 format string vulnerability' kfinisterre (11/04/05)
• [ GLSA 200511-03 ] giflib: Multiple vulnerabilities Thierry Carrez (11/04/05)
• [ GLSA 200511-02 ] QDBM, ImageMagick, GDAL: RUNPATH issues Thierry Carrez (11/02/05)
• [ GLSA 200511-01 ] libgda: Format string vulnerabilities Thierry Carrez (11/02/05)
• readdir_r considered harmful Ben Hutchings (11/01/05)
  • Re: readdir_r considered harmful Ben Hutchings (11/01/05)
  • Re: readdir_r considered harmful Casper.Dik_at_Sun.COM (11/05/05)
    • Re: [Full-disclosure] Re: readdir_r considered harmful Ulrich Drepper (11/06/05)
      • Re: [Full-disclosure] Re: readdir_r considered harmful Casper.Dik_at_Sun.COM (11/06/05)
      • Re: [Full-disclosure] Re: readdir_r considered harmful Andrew Farmer (11/07/05)
      • Re: [Full-disclosure] Re: readdir_r considered harmful Casper.Dik_at_Sun.COM (11/08/05)
      • Re: [Full-disclosure] Re: readdir_r considered harmful Ulrich Drepper (11/06/05)
      • Re: [Full-disclosure] Re: readdir_r considered harmful Casper.Dik_at_Sun.COM (11/06/05)
      • Re: [Full-disclosure] Re: readdir_r considered harmful Andrew Miller (11/08/05)
• SUSE Security Announcement: pwdutils, shadow (SUSE-SA:2005:064) Ludwig Nussel (11/04/05)
• Parosproxy 3.2.6: Local Exploitation, Command injection vulnerability Marc Schoenefeld (11/04/05)
• ZDI-05-002: Clam Antivirus Remote Code Execution zdi-disclosures_at_3com.com (11/04/05)
• [SECURITY] [DSA 882-1] New OpenSSL packages fix cryptographic weakness Martin Schulze (11/04/05)
• Secunia Research: cPanel Entropy Chat Script Insertion Vulnerability Secunia Research (11/04/05)
• [SECURITY] [DSA 883-1] New thttpd packages fix insecure temporary file Martin Schulze (11/04/05)
• [SECURITY] [DSA 881-1] New OpenSSL 0.9.6 packages fix cryptographic weakness Martin Schulze (11/04/05)
• [waraxe-2005-SA#043] - Sql injection in Phorum 5.0.20 and earlier come2waraxe_at_yahoo.com (11/04/05)
• Advisory: Apple QuickTime Player Remote Denial Of Service Piotr Bania (11/04/05)
• Advisory: Apple QuickTime PICT Remote Memory Overwrite Piotr Bania (11/04/05)
• Advisory: Apple QuickTime Player Remote Integer Overflow (1) Piotr Bania (11/04/05)
• Advisory: Apple QuickTime Player Remote Integer Overflow (2) Piotr Bania (11/04/05)
• Remotely DoSing JBoss 4.0.2 with serialized java objects Marc Schoenefeld (11/04/05)
• Invision Power Board Privilege Esaclation (2.0.1 + more) Anti Matter (11/04/05)
• On Interpretation Conflict Vulnerabilities Steven M. Christey (11/03/05)
• Re: [Full-disclosure] Advisory 18/2005: PHP Cross Site Scripting(XSS)XVulnerability in phpinfo() phole_at_hushmail.com (11/03/05)
• Buffer-overflow in GO-Global for Windows 3.1.0.3270 Luigi Auriemma (11/02/05)
• Mambo Open Source, Path disclosure alireza hassani (11/02/05)
  • Re: Mambo Open Source, Path disclosure Vasiliy (11/05/05)
    • Re: Re: Mambo Open Source, Path disclosure trueend5_at_yahoo.com (11/06/05)
• Re: [Full-disclosure] On Interpretation Conflict Vulnerabilities Florian Weimer (11/03/05)
• Norton Unerase - Need Contact alex cottle (11/02/05)
• Multiple vulnerabilities in Scorched 3D 39.1 Luigi Auriemma (11/02/05)
• Limited directory traversal in NeroNET 1.2.0.2 Luigi Auriemma (11/02/05)
• Buffer-overflow and directory traversal in Asus Video Security 3.5.0.0 Luigi Auriemma (11/02/05)
• Buffer-overflow in Glider collect'n kill 1.0.0.0 Luigi Auriemma (11/02/05)
• [ TZO-012005 ] F-Prot/Frisk Anti Virus bypass - ZIP Version Header Thierry Zoller (11/02/05)
• Buffer-overflow and crash in FlatFrag 0.3 Luigi Auriemma (11/02/05)
• Black Hat Federal and Europe CFP and Registration now open Jeff Moss (11/03/05)
• Socket termination in Battle Carry .005 Luigi Auriemma (11/02/05)
• Stack Overflow Basics Nish_at_securityfocus.com, (11/03/05)
• CuteNews 1.4.1 remote code execution retrogod_at_aliceposta.it (11/03/05)
• [OpenPKG-SA-2005.023] OpenPKG Security Advisory (openvpn) OpenPKG (11/02/05)
• MDKSA-2005:204 - Updated wget packages fix vulnerability Mandriva Security Team (11/02/05)
• [SECURITY] [DSA 879-1] New gallery packages fix privilege escalation Martin Schulze (11/02/05)
• MDKSA-2005:202 - Updated squirrelmail packages fix vulnerability Mandriva Security Team (11/02/05)
• Cisco Security Advisory: IOS Heap-based Overflow Vulnerability in System Timers Cisco Systems Product Security Incident Response Team (11/02/05)
• MDKSA-2005:203 - Updated gda2.0 packages fix string format vulnerability Mandriva Security Team (11/02/05)
• [Full-disclosure] Advisory 17/2005: phpBB Multiple Vulnerabilities Stefan Esser (10/31/05)
• [security bulletin] SSRT051029 rev.0 - HP OpenVMS Local Denial of Service (DoS) security-alter_at_hp.com (11/02/05)
• [SECURITY] [DSA 880-1] New phpmyadmin packages fix several vulnerabilities Martin Schulze (11/02/05)
• Simple PHP Blog: Multiple XSS Vulnerabilities enji_at_infosys.tuwien.ac.at (11/02/05)
• Cisco Security Advisory: Cisco Airespace Wireless LAN Controllers Allow Unencrypted Network Access Cisco Systems Product Security Incident Response Team (11/02/05)
• Cisco Security Advisory: Cisco IPS MC Malformed Configuration Download Vulnerability Cisco Systems Product Security Incident Response Team (11/01/05)
• HYSA-2005-009 Elite Forum 1.0.0.0 XSS Vulnerability h4cky0u.org_at_gmail.com (11/01/05)
• VUBB XSS & path disclosure Vulnerabilities alireza hassani (11/01/05)
• [tool] multispoof - parallel spoofing for throughput increase Pawel Pokrywka (11/01/05)
• APPLE-SA-2005-10-31 Mac OS X v10.4.3 noreply_at_securityfocus.com (11/01/05)

Last message date: 11/30/05
Archived on: 11/30/05 CET

---

350 messages sorted by: [ author ] [ date ] [ subject ] [ attachment ]

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > securityfocus  > bugtraq  > 2005-11