Bugtraq
- Remot File Include In Aardvark Topsites PHP 5,
RaeD Hasadya
- Remot File Include In Shop-SCRIPT FREE,
RaeD Hasadya
- Remot File Include In SLAED_CMS_2,
RaeD Hasadya
- PHP-Fusion 'Calendar_Panel' Module show_event.PHP (m_month) SQL Injection Exploit And PoC,
UniquE
- Windows .ANI Stack Overflow Exploit,
devcode29
- On-going Internet Emergency and Domain Names,
Gadi Evron
- CA BrightStor ARCserve Backup Mediasvr.exe vulnerability,
Williams, James K
- TSRT-07-03: America Online SuperBuddy ActiveX Control Code Execution Vulnerability,
TSRT
- Busting The Bluetooth Myth,
Max Moser
- [ GLSA 200703-26 ] file: Integer underflow,
Raphael Marichez
- ANI Zeroday, Third Party Patch,
Marc Maiffret
- [ECHO_ADV_80$2007] Softerra Time-Assistant <= 6.2 (inc_dir) Remote File Inclusion Vulnerability,
erdc
- The Week Of Vista Bugs [TWOVB],
TWOVB Team
- AIX 4.3 lsmcode local root command execution,
pr1nce_empire
- DrakeCMS multiple vulerabilities,
security
- VMSA-2007-0002 VMware ESX security updates,
VMware Security team
- CA Brightstor Backup Mediasvr.exe Remote Code Vulnerability,
M. Shirk
- 0-day ANI vulnerability in Microsoft Windows (CVE-2007-0038),
Alexander Sotirov
- Mybb Change Password Vulnerability,
security
- [ MDKSA-2007:073 ] - Updated openoffice.org packages to address vulnerabilities,
security
- [ GLSA 200703-25 ] Ekiga: Format string vulnerability,
Raphael Marichez
- [ MDKSA-2007:072 ] - Updated kdelibs packages to address FTP PASV issue in konqueror,
security
- iDefense Security Advisory 03.29.07: IBM Lotus Sametime JNILoader Arbitrary DLL Load Vulnerability,
iDefense Labs
- [ MDKSA-2007:071 ] - Updated xmms packages to address integer vulnerabilities,
security
- AOL 9.0 Deskbar.dll/Toolbar.dll DoS Vulnerability,
Justin Seitz
- Windows Live Spaces logged user NetworkSetup.aspx cross site scripting,
paolo . difebbo
- Re: Re: [Full-disclosure] Linux Kernel DCCP Memory Disclosure Vulnerability,
acme
- [Full-disclosure] [USN-447-1] KDE library vulnerabilities,
Kees Cook
- Widespread vulnerabilities in Libero.it/Infostrada.it web portals,
rosario . valotta
- Advanced Login <= 0.7 (root) Remote File Inclusion Vulnerability,
bithedz
- Xoops Module Friendfinder <= 3.3 (view.php id) BLIND SQL Injection Exploit,
ajannhwt
- Re: [VulnWatch] Microsoft Windows Vista Slideshow Unspecified Blue Screen Of Death Vulnerability,
3APA3A
- rPSA-2007-0061-1 inkscape,
rPath Update Announcements
- Arbitrary Command Execution in DataDomain Administrator Interface,
Elliot Kendall
- [SECURITY] [DSA 1270-2] New OpenOffice.org packages fix several vulnerabilities,
Martin Schulze
- Update: ViewCVS and ViewVC 'checkout view' content type fixation issue,
Moritz Naumann
- Denial of Service Vulnerabilities in TrueCrypt 4.3 Linux (re. bid 23180),
Tim Rees
- Cisco Security Advisory: Multiple Cisco Unified CallManager and Presence Server Denial of Service Vulnerabilities,
Cisco Systems Product Security Incident Response Team
- Re: SecurityVulns.com: Microsoft Visual C++ 8.0 standard library time functions invalid assertion DoS (Problem 3000).,
William A. Rowe, Jr.
- Re: [SECURITY ALERT] osTicket bugs,
eticket
- Re: Multiple Vulnerabilities In osTicket,
eticket
- ZDI-07-011: IBM Lotus Domino IMAP Server CRAM-MD5 Authentication Buffer Overflow Vulnerability,
zdi-disclosures
- iDefense Security Advisory 03.28.07: IBM Lotus Domino Server LDAP Request Invalid DN Message Heap Overflow Vulnerability,
iDefense Labs
- iDefense Security Advisory 03.28.07: IBM Lotus Domino Web Access Cross Site Scripting Vulnerability,
iDefense Labs
- [Full-Disclosure] Another XSS vulnerability in italian Libero.it,
Matteo G.P. Flora
- Corel Wordperfect Office X3 Stack Overflow,
jonny
- [USN-446-1] NAS vulnerabilities,
Kees Cook
- Bypass phishing protection in Firefox / Opera,
zonafirefox
- [USN-445-1] XMMS vulnerabilities,
Kees Cook
- [USN-444-1] OpenOffice.org vulnerabilities,
Kees Cook
- [USN-443-1] Firefox vulnerability,
Kees Cook
- [SECURITY] [DSA 1273-1] New nas packages fix multiple remote vulnerabilities,
Noah Meyerhans
- Buffer Overflow in InterVetions' NaviCopa HTTP server 2.01,
skillTube.com
- [ MDKSA-2007:070 ] - Updated evolution packages to address vulnerability,
security
- Linux Kernel DCCP Memory Disclosure Vulnerability,
Robert Święcki
- Yahoo! Messenger Auth Bypass Vulnerability,
kishor . tech
- [KDE Security Advisory] KDE ioslave PASV port scanning vulnerability,
Dirk Mueller
- [ECHO_ADV_78$2007] C-Arbre <= 0.6PR7 (root_path) Remote File Inclusion Vulnerability,
erdc
- [KAPDA::#64] - Flexbb Sql Injection,
alireza hassani
- Metasploit Framework 3.0 RELEASED!,
H D Moore
- Xoops All Version -Articles- Print.PHP (ID) Blind SQL Injection Exploit And PoC,
UniquE
- [ GLSA 200703-24 ] mgv: Stack overflow in included gv code,
Raphael Marichez
- [USN-442-1] Evolution vulnerability,
Kees Cook
- [USN-441-1] Squid vulnerability,
Kees Cook
- Libero.it (italian ISP) XSS vulnerability,
rosario . valotta
- Playstation 3 "Remote Play" Remote DoS Exploit,
mak0b
- PHP 5.2.1 with PECL phpDOC local buffer overflow,
retrog
- Multiple XSS in IronMail,
Javier Olascoaga
- Re: [Full-disclosure] XSS at Aon.at, Austrian ISP,
Nikolay Kichukov
- Satel Lite for PhpNuke (Satellite.php) <= Local File Inclusion,
stormhacker
- Mephisto blog is vulnerable to XSS,
Sergey Tikhonov
- Fizzle : Firefox Extension Vulnerability,
CrYpTiC MauleR
- Horde Webmail Multiple HTML Injection vulnerability,
DoZ
- Path Disclosure - Wordpress 2.1.2,
lj
- CcCounter 2.0 cross-site scripting vulnerability,
localexploit
- Remote File Include In phpBB-2.0.19,
RaeD Hasadya
- File Upload System V1.0 (AD_BODY_TEMP) multiple file include,
ngevedBangetAsli
- Joomla com_joomlaboard 1.1.x Branch (sbp) Multiple Remote File Include Vulnerabi,
Cold - Zero
- iDefense Security Advisory 03.23.07: Sun Java System Directory Server 5.2 Uninitialized Pointer Cleanup Design Error Vulnerability,
iDefense Labs
- iDefense Security Advisory 03.23.07: DataRescue IDA Pro Remote Debugger Server Authentication Bypass Vulnerability,
iDefense Labs
- [ MDKSA-2007:069 ] - Updated inkscape packages to format string vulnerability,
security
- CRLF injection in PHP ftp function,
fangxiaodun
- [ MDKSA-2007:068 ] - Updated squid packages fix DoS vulnerability,
security
- [NB07-10] Multiple vulnerabilities in Takebishi Electric DeviceXplorer MODBUS OPC server,
Lluis Mora
- [NB07-09] Multiple vulnerabilities in Takebishi Electric DeviceXplorer FA-M3 OPC server,
Lluis Mora
- [NB07-08] Multiple vulnerabilities in Takebishi Electric DeviceXplorer MELSEC OPC server,
Lluis Mora
- [SECURITY] [DSA 1272-1] New tcpdump packages fix denial of service,
Moritz Muehlenhoff
- [NB07-07] Multiple vulnerabilities in Takebishi Electric DeviceXplorer HIDIC OPC server,
Lluis Mora
- [NB07-17] Multiple vulnerabilities in Takebishi Electric DeviceXplorer SYSMAC OPC server,
Lluis Mora
- [NB07-22] Multiple vulnerabilities in NETxEIB OPC server,
Lluis Mora
- [ MDKSA-2007:067 ] - Updated file packages fix heap-based buffer overflow vulnerability,
security
- Remote File Include In Coppermine Photo Gallery,
RaeD Hasadya
- Remote File Include In copyright © James Coyle; JCcorp,
RaeD Hasadya
- ManageEngine Firewall Analyzer arbitrary file disclosure to authorized user,
yearsilent
- rPSA-2007-0059-1 file,
rPath Update Announcements
- [USN-440-1] MySQL vulnerability,
Kees Cook
- [USN-439-1] file vulnerability,
Kees Cook
- CFP for RAID 2007: Extended due date for papers: April 8th,
jeffh
- [ECHO_ADV_77$2007] Study planner (Studiewijzer) <= 0.15 Remote File Inclusion Vulnerability,
erdc
- **SubHub v2.3.0**,
anon
- Two new DoS Vulnerabilities in Asterisk Fixed,
Matt Riddell (NZ)
- HPSBGN02189 SSRT071297 rev.2 - ServiceGuard for Linux, Remote Unauthorized Access,
security-alert
- [security bulletin] HPSBUX02156 SSRT061236 rev.2 - HP-UX Running Thunderbird, Remote Unauthorized Access or Elevation of Privileges or Denial of Service (DoS),
security-alert
- Secunia Research: XMMS Integer Overflow and Underflow Vulnerabilities,
Secunia Research
- Secunia Research: Evolution Shared Memo Categories Format String Vulnerability,
Secunia Research
- Secunia Research: InterActual Player / CinePlayer IASystemInfo.dll ActiveX Control Buffer Overflow,
Secunia Research
- [USN-438-1] Inkscape vulnerability,
Kees Cook
- [ MDKSA-2007:066 ] - Updated OpenAFS packages address vulnerability,
security
- [ MDKSA-2007:065 ] - Updated nas packages address multiple vulnerabilities,
security
- [ GLSA 200703-21 ] PHP: Multiple vulnerabilities,
Raphael Marichez
- [ GLSA 200703-23 ] WordPress: Multiple vulnerabilities,
Raphael Marichez
- [ GLSA 200703-22 ] Mozilla Network Security Service: Remote execution of arbitrary code,
Raphael Marichez
- [SECURITY] [DSA 1270-1] New OpenOffice.org packages fix several vulnerabilities,
Martin Schulze
- Linksys WAG200G - Information disclosure,
dniggebrugge
- [SECURITY] [DSA 1271-1] New openafs packages fix remote privilege escalation bug,
Noah Meyerhans
- Helix Server heap overflow,
research
- Microsoft coverup ? Stolen Xbox live accounts list of known victims - Please Help,
Kevin Finisterre (lists)
- w-agora [multiples file upload,xss,full path disclosure,error sql],
none
- Advisory - Redirection Vulnerability in wp-login.php.,
Metaeye SG
- Web Wiz Forums 8.05 (MySQL version) SQL Injection,
Ivan Fratric
- Oracle 10g Dynamic Monitoring Services XSS /servlet/Spy,
Sea Shark
- ZynOS v3.40 One packet killer,
Joxean Koret
- [USN-437-1] libwpd vulnerability,
Kees Cook
- w-agora version 4.2.1 Information Disclosure Vulnerability,
jesper . jurcenoks
- w-agora version 4.2.1 Multiple Path Disclosure Vulnerabilities,
jesper . jurcenoks
- [Reversemode Advisory] Microsoft Windows Ndistapi.sys IRQL escalation,
Reversemode
- Conflict of Interest - My summary,
Mark Litchfield
- phpx 3.5.15 multiples vulnerabilities,
none
- CCleaguePro_V1.0.1RC1 Directory Traversal Vulnerability,
snakeapollon
- Layered Defense Research Advisory: F-Secure Anti-Virus Client Security 6.02 Format String Vulnerability,
dh
- Unclassified NewsBoard 1.6.3 multiples logs disclosure,
none
- [ GLSA 200703-20 ] LSAT: Insecure temporary file creation,
Raphael Marichez
- [ GLSA 200703-19 ] LTSP: Authentication bypass in included LibVNCServer code,
Raphael Marichez
- [ GLSA 200703-18 ] Mozilla Thunderbird: Multiple vulnerabilities,
Raphael Marichez
- [ GLSA 200703-17 ] ulogd: Remote execution of arbitrary code,
Raphael Marichez
- MetaForum <= 0.513 Beta - Remote file upload Vulnerability,
aeroxteam------nospam-----
- [SECURITY] [DSA 1269-1] New lookup-el packages fix insecure temporary file,
Martin Schulze
- Net Portal Dynamic System (NPDS) <= 5.10 Remote Code Execution 0day,
gmdarkfig
- Full Disclosure: Arbitrary execution vulnerability in SQL-Ledger and LedgerSMB,
Chris Travers
- [SECURITY] [DSA 1268-1] New libwpd packages fix arbitrary code execution,
Martin Schulze
- Rhapsody IRC 0.28b (NICK) Multiple fs and bof vulnerability,
starcadi
- Your Opinion +,
Mark Litchfield
- CLBOX <= (signup.php header) Remote File Include Vulnerability,
BorN To K!LL BorN To K!LL
- Bypassing Mcafee Entreprise Password Protection,
thesinoda
- [ GLSA 200703-16 ] Apache JK Tomcat Connector: Remote execution of arbitrary code,
Raphael Marichez
- [ GLSA 200703-15 ] PostgreSQL: Multiple vulnerabilities,
Raphael Marichez
- [ GLSA 200703-14 ] Asterisk: SIP Denial of Service,
Raphael Marichez
- [NETRAGARD-20070316 SECURITY ADVISORY][FrontBase Database <= 4.2.7 ALL PLATFORMS][REMOTE BUFFER OVERFLOW CONDITION][LEVEL: EASY][RISK:MEDIUM],
Netragard Security Advisories
- Re: [Bogus] Lazarus Guestbook (admin.php)Remote File Include Expliot,
Steven M. Christey
- [ MDKSA-2007:064 ] - Updated openoffice.org packages to address libwpd heap overflow vulnerabilities,
security
- [ MDKSA-2007:063 ] - Updated libwpd packages to address heap overflow vulnerabilities,
security
- rPSA-2007-0057-1 libwpd,
rPath Update Announcements
- rPSA-2007-0056-1 gnupg,
rPath Update Announcements
- Particle Blogger All Version Post.PHP (PostID) Remote SQL Injection Exploit,
UniquE
- Your Opinion,
Mark Litchfield
- Re: Your Opinion,
bugtraq
- Re: Your Opinion,
Jonathan Glass (GM)
- RE: Your Opinion,
Mario Contestabile
- Re: Your Opinion,
Crispin Cowan
- Re: Your Opinion,
William A. Rowe, Jr.
- RE: Your Opinion,
Scott Blake
- Re: Your Opinion,
The Fungi
- Re: Your Opinion,
Casper . Dik
- RE: Your Opinion,
Jim Harrison
- Re: Your Opinion,
Forrest J. Cavalier III
- Re: Your Opinion,
Paul Stepowski
- <Possible follow-ups>
- Re: Your Opinion,
Neil Dickey
- RE: Your Opinion,
jay.tomas
- RE: Your Opinion,
Neale Green
- iDefense Security Advisory 03.16.07: Multiple Vendor libwpd Multiple Buffer Overflow Vulnerabilities,
iDefense Labs
- April, 2007 is the "Month of Myspace Bugs",
mondo_armando
- Call For Papers - IT Underground Dublin,
Marcin Tkaczyk
- Re: fx-APP Version 0.0.8.1,
osdesk
- RE: [VulnWatch] iDefense Security Advisory 03.14.07: Trend Micro Antivirus UPX Parsing Kernel Divide by Zero Vulnerability,
Topolski, Leo
- Oracle Portal PORTAL.wwv_main.render_warning_screen XSS,
Sea Shark
- Rot 13 <= (enkrypt.php) Remote File Disclosure Vulnerability,
BorN To K!LL BorN To K!LL
- [CAID 34817, 35058, 35158, 35159]: CA BrightStor ARCserve Backup Tape Engine and Portmapper Vulnerabilities,
Williams, James K
- MS07-012 Not Fixed,
Greg Sinclair
- [SECURITY] [DSA 1267-1] New webcalendar packages fix remote file inclusion,
Moritz Muehlenhoff
- DirectAdmin Cross Site Scripting XSS,
Mandr4ke . root
- Re: [Full-disclosure] Woltab Burning Board SQL Injection usergroups.php,
Bastian Ahrens
- Absolute Image Gallery Gallery.ASP (categoryid) MSSQL Injection Exploit,
UniquE
- PHP Point Of Sale for osCommerce <= (index.php) Remote File Include Vuln,
BorN To K!LL BorN To K!LL
- WebCalendar v0.9.45 (13 Dec 2004) (login.php) Remote File include,
drackanz
- vbulletin admincp sql injection,
disfigure
- LIBFtp 5.0 (sprintf(), strcpy()) Multiple local buffer overflow,
starcadi starcadi
- - Call for chapters - Handbook of Research on Digital Anti-forensics and In-security Governance,
Jeimy Cano
- QFTP (LIBFtp 3.1-1) (command line) sprintf() local buffer overflow,
starcadi starcadi
- PHP <= 4.4.6 ibase_connect() local buffer overflow,
retrog
- iDefense Security Advisory 03.15.07: Horde Project Cleanup Script Arbitrary File Deletion Vulnerability,
iDefense Labs
- Horde IMP Webmail Client version H3 (4.1.4) fixes multiple XSS issues,
Moritz Naumann
- Remote File Inclusion in ViperWeb,
asamad
- XSS vulnerability in the online help system of several Cisco products,
cassio
- Norton Insufficient validation of 'SymTDI' driver input buffer,
Matousec - Transparent security Research
- Orion-Blog v2.0 Version Remote Privilege Escalation Exploit,
UniquE
- [ECHO_ADV_75$2007] Groupit 2.00b5 (c_basepath) Remote File Inclusion Vulnerability,
erdc
- IBM Rational ClearQuest Web - Cross Site Scripting,
james
- [ECHO_ADV_76$2007] Company WebSite Builder PRO (INCLUDE_PATH) Remote File Inclusion Vulnerability,
erdc
- Horde 3.1.4 (RC1) fixes XSS issue,
Moritz Naumann
- Woltab Burning Board SQL Injection usergroups.php,
x666
- [ GLSA 200703-13 ] SSH Communications Security's Secure Shell Server: SFTP privilege escalation,
Raphael Marichez
- Phishing using IE7 local resource vulnerability,
avivra
- WSN Guest 1.21 Version Comments.PHP "ID" SQL Injection Exploit,
UniquE
- [ECHO_ADV_74$2007] WebCreator <= 0.2.6-rc3 (moddir) Remote File Inclusion Vulnerability,
erdc
- [ECHO_ADV_72$2007] CARE2X (root_path) Remote File Inclusion Vulnerability,
erdc
- [ECHO_ADV_71$2007] AMP v3.2 (base_path) Remote File Inclusion Vulnerability,
erdc
- iDefense Security Advisory 03.14.07: Trend Micro Antivirus UPX Parsing Kernel Divide by Zero Vulnerability,
iDefense Labs
- Fwd: Python 2.5 (Modules/zlib) minigzip local buffer overflow vulnerability,
starcadi starcadi
- New report on Windows Vista network attack surface,
Jim Hoagland
- SymEvent Driver Local Access System Denial of Service,
Matousec - Transparent security Research
- SEC Consult SA-20070314-0 :: Apache HTTP Server / Tomcat directory traversal,
David Matscheko
- [ GLSA 200703-12 ] SILC Server: Denial of Service,
Matthias Geerdsen
- n.runs-SA-2007.003 - PHProjekt 5.2.0 - SQL Injection,
security
- n.runs-SA-2007.004 - PHProjekt 5.2.0 - Cross Site Scripting and Filter Evasion,
security
- [SECURITY] [DSA 1266-1] New gnupg packages fix signature forgery,
Moritz Muehlenhoff
- n.runs-SA-2007.005 - PHProjekt 5.2.0 - Cross Site Request Forgery,
security
- n.runs-SA-2007.006 - PHProjekt 5.2.0 - Privilege escalation,
security
- [ GLSA 200703-11 ] Amarok: User-assisted remote execution of arbitrary code,
Raphael Marichez
- CORE-2007-0219: OpenBSD's IPv6 mbufs remote kernel buffer overflow,
CORE Security Technologies Advisories
- [ MDKSA-2007:062 ] - Updated xine-lib packages to address buffer overflow vulnerability,
security
- [ MDKSA-2007:061 ] - Updated mplayer packages to address buffer overflow vulnerability,
security
- JGBBS 3.0beta1 Version Search.ASP "Author" SQL Injection Exploit,
UniquE
- [USN-432-2] GnuPG2, GPGME vulnerability,
Kees Cook
- [ECHO_ADV_73$2007] MySQL Commander <= 2.7 (home) Remote File Inclusion Vulnerability,
erdc
- Weekly Drawing Contest <= (check_vote.php) Remote File Disclosure Vuln,
BorN To K!LL BorN To K!LL
- Call for Papers: DeepSec IDSC 2007 Europe/Vienna: 20-23 Nov 2007,
Paul Böhm
- Iframe-Cash/Iframe-Dollars Adware bundle...oooh... my ....god..,
Thierry Zoller
- [ECHO_ADV_69$2007] OES (Open Educational System) 0.1beta Remote File Inclusion Vulnerability,
erdc
- [USN-436-1] KTorrent vulnerabilities,
Kees Cook
- [USN-435-1] Xine vulnerability,
Kees Cook
- [security bulletin] HPSBUX02196 SSRT071318 rev.2 - HP-UX Java (JRE and JDK) Remote Execution of Arbitrary Code,
security-alert
- RIM BlackBerry Pearl 8100 Browser DoS,
clappymonkey
- GuppY v4.0 remote del files/index,
sn0oPy . team
- Fantastico In all Version Cpanel 10.x <= local File Include,
z3r0 z3r0.2.z3r0
- AssetMan 2.4a <= (download_pdf.php) Remote File Disclosure Vulnerability,
BorN To K!LL BorN To K!LL
- Wiki Remote Authentication Bypass Vulnerability,
DoZ
- Remote File Include In ClipShare.v1.5.3,
RaeD Hasadya
- Remote File Include In Script PHP Photo Album,
RaeD Hasadya
- Remote File Include In Script moodle-1.7.1,
RaeD Hasadya
- [security bulletin] HPSBUX02129 SSRT061149 rev.2 - HP-UX running SLP, Remote Unauthorized Access,
security-alert
- [SECURITY] [DSA 1265-1] New Mozilla packages fix several vulnerabilities,
Martin Schulze
- [ GLSA 200703-10 ] KHTML: Cross-site scripting (XSS) vulnerability,
Raphael Marichez
- Re: PHP Classifieds 7.1 - Remote File Include Vulnerability,
support
- Re: [Full-disclosure] PHP import_request_variables() arbitrary variable overwrite,
Stefan Esser
- NukeSentinel <= 2.5.06 SQL Injection (mysql >= 4.0.24) Exploit,
gmdarkfig
- [ECHO_ADV_68$2007] PMB Services <= 3.0.13 Multiple Remote File Inclusion Vulnerability,
erdc
- Pre-open files attack agains locked file,
3APA3A
- Grayscale <= 0.8.0 Multiple Vulnerabilities,
omnipresent
- WWWboard password disclosure,
r00t2000
- Fıstıq Duyuru Scripti Remote Sql İnjection Exploit,
crazy_king
- Remote File Include In Script SoftNews Media Group,
RaeD Hasadya
- Remote File Include In Script Premod SubDog 2,
RaeD Hasadya
- PHP-Nuke <= 8.0 Cookie Manipulation (lang),
programmer
- [Argeniss] Practical 10 minutes security audit: Oracle Case (Paper),
Cesar
- [ GLSA 200703-09 ] Smb4K: Multiple vulnerabilities,
Raphael Marichez
- [USN-433-1] Xine vulnerability,
Kees Cook
- wwwpaintboar(newsfile) Remote File Inclusion Vulnerability,
saw_xyz
- [ GLSA 200703-08 ] SeaMonkey: Multiple vulnerabilities,
Raphael Marichez
- Security bypass vulnerability in LedgerSMB and SQL-Ledger (fixes released today),
Chris Travers
- WordPress XSS under function wp_title(),
g30rg3_x
- [ MDKSA-2007:060 ] - Updated kernel packages fix multiple vulnerabilities and bugs,
security
- [ MDKSA-2007:058 ] - Updated ekiga packages fix string vulnerabilities.,
security
- HC NEWSSYSTEM 1.0-4 (index.php "ID") Blind SQL Injection,
UniquE
- SEC Consult SA-20070309-0 :: MySQL 5 Single Row Subselect Denial of Service,
research
- SecurityFocus is turning seven. What's next? - OFFTOPIC - Please excuse the X-Post,
Alfred Huger
- Remote File Include In Script Coppermine Photo Gallery,
RaeD Hasadya
- Re: [Full-disclosure] Microsoft Windows Vista/2003/XP/2000 file management security issues,
KJKHyperion
- Remote File Include In Script copyright (c) James Coyle; JCcorp,
RaeD Hasadya
- [CAID 35145]: CA eTrust Admin Privilege Escalation Vulnerability,
Williams, James K
- Sql injection in WordPress 2.1.2,
Omid
- SyScan'07 - Call for Paper - NEW UPDATES,
organiser@xxxxxxxxxx
- Php Nuke POST XSS on steroids,
ascii
- Re: Digital Armaments Security Advisory 20.01.2007: Grsecurity Kernel PaX Vulnerability,
hugo
- XSS In Script deviantART,
RaeD Hasadya
- MS07-016 FTP Response DOS PoC,
Mathew Rowley
- TSLSA-2007-0009 - multi,
Trustix Security Advisor
- [USN-434-1] Ekiga vulnerability,
Kees Cook
- Buffer Overflow in Linux Drivers for Omnikey CardMan 4040 (CVE-2007-0005),
Daniel Roethlisberger
- [ MDKSA-2007:059 ] - Updated gnupg packages provide enhanced forgery detection,
security
- [ECHO_ADV_67$2007] WEBO (Web Organizer) <= 1.0 (baseDir) Remote File Inclusion Vulnerability,
erdc
- PHP import_request_variables() arbitrary variable overwrite,
Stefano Di Paola
- Microsoft Windows Vista/2003/XP/2000 file management security issues,
3APA3A
- Message not available
- Re: Re[2]: Microsoft Windows Vista/2003/XP/2000 file management security issues,
Thor (Hammer of God)
<Possible follow-ups>
Re: Microsoft Windows Vista/2003/XP/2000 file management security issues,
Steven M. Christey
[USN-432-1] GnuPG vulnerability,
Kees Cook
[ MDKSA-2007:054 ] - Updated kdelibs packages to address DoS issue in KDE Javascript,
security
Word Press Sensitive Directory exposure (SQL),
r00t2000
[ MDKSA-2007:055 ] - Updated mplayer packages to address buffer overflow vulnerability,
security
PHP 4.4.6 crack_opendict() local buffer overflow poc exploit,
retrog
[ MDKSA-2007:056 ] - Updated tcpdump packages address off-by-one overflow,
security
[ MDKSA-2007:057 ] - Updated xine-lib packages to address buffer overflow vulnerability,
security
[USN-424-2] PHP regression,
Kees Cook
Ann: Backtrack 2.0 released,
Thierry Zoller
Black Hat USA CFP Now Open!,
Jeff Moss
dynaliens v2.0/v2.1 bypass admin authentification + XSS,
sn0oPy . team
rPSA-2007-0052-1 kdelibs,
rPath Update Announcements
rPSA-2007-0051-1 mod_python,
rPath Update Announcements
Buffer-overflow in Conquest client 8.2a (svn 691),
Luigi Auriemma
Lazarus Guestbook (admin.php)Remote File Include Expliot,
c_r_ck
FLSA - foresight linux security announcements,
Jonathan Smith
- Message not available
- Message not available
- Message not available
- Message not available
- Message not available
[SECURITY] [DSA 1264-1] New php4 packages fix several vulnerabilities,
Moritz Muehlenhoff
ZDI-07-010: Apple Quicktime UDTA Parsing Heap Overflow Vulnerability,
zdi-disclosures
ZDI-07-009: Novell Netmail WebAdmin Buffer Overflow Vulnerability,
zdi-disclosures
RPS 6.2 SQL Injection Exploit,
s0cratex
month of PHP bugs, secondary message?,
Gadi Evron
Firekeeper - IDS for Firefox available,
Jan Wrobel
xss in phpmyadmin >=2.8.0 and < 2.10.0,
alfa
iDefense Security Advisory 03.07.07: Ipswitch IMail Server 2006 Multiple ActiveX Control Buffer Overflow Vulnerabilities,
iDefense Labs
Re: Drake CMS v0.3.2 < = RFi Vulnerabilities,
legolas558
[ MDKSA-2007:053 ] - Updated util-linux packages address umount crash issue,
security
[ MDKSA-2007:052 ] - Updated Thunderbird packages fix multiple vulnerabilities,
security
[USN-431-1] Thunderbird vulnerabilities,
Kees Cook
[SECURITY] [DSA 1263-1] New clamav packages fix denial of service,
Moritz Muehlenhoff
[USN-430-1] mod_python vulnerability,
Kees Cook
[USN-429-1] tcpdump vulnerability,
Kees Cook
[ GLSA 200703-07 ] STLport: Possible remote execution of arbitrary code,
Matthias Geerdsen
rPSA-2007-0050-1 kernel,
rPath Update Announcements
Re: Tinyportal Shoutbox,
ichbin
PHP <= 4.4.6 mssql_connect() & mssql_pconnect() local buffer overflow and safe_mode bypass,
retrog
[Reversemode Advisory] Apple Quicktime Color ID remote heap corruption,
Reversemode
[security bulletin] HPSBUX02195 SSRT061237 rev.1 - HP-UX Running Software Distributor (SD), Remote Denial of Service (DoS),
security-alert
[security bulletin] HPSBUX02153 SSRT061181 rev.3 - HP-UX Running Firefox, Remote Unauthorized Access or Elevation of Privileges or Denial of Service (DoS),
security-alert
Apple QuickTime udta ATOM Integer Overflow,
Sowhat
Call for Participation Chaos Communication Camp 2007,
fukami
Apple QuickTime Player Remote Heap Overflow,
Piotr Bania
iDefense Security Advisory 03.05.07: Apple QuickTime Color Table ID Heap Corruption Vulnerability,
iDefense Labs
CORE-2007-0115: GnuPG and GnuPG clients unsigned data injection vulnerability,
CORE Security Technologies Advisories
DoS and code execution issue in LedgerSMB < 1.1.5 and SQL-Ledger < 2.6.25,
Chris Travers
Wordpress <= v2.1.0,
ciri
XSS Remote In vCard 2.6 (c)2002,
RaeD Hasadya
HITBSecConf2007 - Malaysia: Call for Papers now Open,
Praburaajan
Arbitrary file disclosure vulnerability in rrdbrowse <= 1.6,
Sebastian Wolfgarten
LI-Guestbook SQL Injection Vulnerability,
bugtraq
Sava's GuestBook Multiple Vulnerabilities,
bugtraq
XXS in script Phorum,
RaeD Hasadya
Extending JavaScript Portscanning to Include Banner Grabbing,
mark
Konqueror DoS Via JavaScript Read Of FTP Iframe,
mark
ePortfolio version 1.0 Java Multiple Input Validation Vulnerabilities,
Stefan Friedli
Show Password Admin In Script Uploadscript,
RaeD Hasadya
[SECURITY] [DSA 1262-1] New gnomemeeting packages fix arbitrary code execution,
Moritz Muehlenhoff
[ GLSA 200703-06 ] AMD64 x86 emulation Qt library: Integer overflow,
Raphael Marichez
[ GLSA 200703-05 ] Mozilla Suite: Multiple vulnerabilities,
Raphael Marichez
Re: Evading the Norman SandBox Analyzer,
John Smith
ERRATA: [ GLSA 200703-01 ] Snort: Remote execution of arbitrary code,
Raphael Marichez
rPSA-2007-0040-3 firefox thunderbird,
rPath Update Announcements
Re: VMware Workstation multiple denial of service and isolation manipulation vulnerabilities,
emptysands
[Fwd: Re: Angel LMS 7.1 - Remote SQL Injection],
don bailey
BJ Webring XSS,
sn0oPy . team
Tyger Bug Tracking System Multiple Vulnerability,
corrado . liotta
[ GLSA 200703-04 ] Mozilla Firefox: Multiple vulnerabilities,
Raphael Marichez
rPSA-2007-0048-1 tcpdump,
rPath Update Announcements
webSPELL <= 4.01.02 Remote PHP Code Execution Exploit,
gmdarkfig
WordPress source code compromised to enable remote code execution,
ifsecure
[ MDKSA-2007:050-1 ] - Updated Firefox packages fix multiple vulnerabilities,
security
Limited format string in Netrek 2.12.0,
Luigi Auriemma
Remote File Include In DBImageGallery,
RaeD Hasadya
iDefense Security Advisory 03.02.07: Kaspersky AntiVirus UPX File Decompression DoS Vulnerability,
iDefense Labs
Re: Re: WordPress Search Function SQL-Injection,
none
Woltlab Burning Board (wbb) 2.3.6 CSRF/XSS - 0day,
SaMuschie
ZDI-07-008: Apache Tomcat JK Web Server Connector Long URL Stack Overflow Vulnerability,
zdi-disclosures
vBulletin v3.6.5 admincp/index.php ( rss feed ) xss vuln.,
meto5757
[ GLSA 200703-03 ] ClamAV: Denial of Service,
Raphael Marichez
[USN-428-2] Firefox regression,
Kees Cook
SPAW Editor PHP Edition,
RaeD Hasadya
[ GLSA 200703-02 ] SpamAssassin: Long URI Denial of Service,
Raphael Marichez
[ GLSA 200703-01 ] Snort: Remote execution of arbitrary code,
Raphael Marichez
Re: Xbox 360 Hypervisor Privilege Escalation Vulnerability,
jrgong420
aWebNews V 1.1,
mostafa_ragab
LayerOne 2007 - Call for Papers and Pre-Registration,
Layer One
WB News Remote File Include in all versions,
mostafa_ragab
Re: ProFTPD 1.3.0/1.3.0a (mod_ctrls support) Local Buffer Overflow Exploit,
revenge
aWebNews v 1.1=>RFI,
mostafa_ragab
Re: Re: MSIE7 browser entrapment vulnerability (probably Firefox, too),
sithlordstorm
Built2Go v.1.0 => ( news.php & rating.php ) Cross Site Scripting,
the_3dit0r
Serendipity unauthenticated SQL-Injection,
SaMuschie
Angel LMS 7.1 - Remote SQL Injection,
Guns
Comodo Bypassing settings protection using magic pipe Vulnerability,
Matousec - Transparent security Research
[USN-416-2] nvidia-glx-config regression,
Martin Pitt
[ MDKSA-2007:051 ] - Updated snort packages fix DoS vulnerability,
security
Full disclosure: Directory Transversal and Arbitrary Code Execution Vulnerability in SQL-Ledger and LedgerSMB,
Chris Travers
[ MDKSA-2007:050 ] - Updated Firefox packages fix multiple vulnerabilities,
security
