Bugtraq
- Public Media Manager <= 1.3 Remote File Inclusion Vulnerability,
0in . email
- [USN-522-1] OpenSSL vulnerabilities,
Kees Cook
- [SECURITY] [DSA 1378-2] New Linux 2.6.18 packages fix several vulnerabilities,
dann frazier
- Re: 0trace - traceroute on established connections,
tyter9
- feedreader3 has XSS vulnerability,
Guy Mizrahi
- Owning Big Brother: How to Crack into Axis IP cameras,
research
- [ MDKSA-2007:190 ] - Updated kdebase packages fix KDM vulnerability,
security
- [USN-521-1] libmodplug vulnerability,
Kees Cook
- Ruby Net::HTTPS library does not validate server certificate CN,
Chris Clark
- Promise NAS NS4300N GUI bug,
Tor Houghton
- rPSA-2007-0202-1 kernel,
rPath Update Announcements
- [ GLSA 200709-17 ] teTeX: Multiple buffer overflows,
Raphael Marichez
- [SECURITY] [DSA 1378-1] New Linux 2.6.18 packages fix several vulnerabilities,
dann frazier
- [ MDKSA-2007:189 ] - Updated t1lib packages fix vulnerability,
security
- [ GLSA 200709-16 ] Lighttpd: Buffer overflow,
Pierre-Yves Rofes
- iDefense Security Advisory 09.27.07: Computer Associates BrightStor HSM r11.5 Multiple Vulnerabilities,
iDefense Labs
- OpenSSL SSL_get_shared_ciphers() off-by-one buffer overflow,
Moritz Jodeit
- [waraxe-2007-SA#058] - Critical Sql Injection in NukeSentinel 2.5.12,
come2waraxe
- [waraxe-2007-SA#057] - Unauthorized File Upload in SiteX CMS,
come2waraxe
- [waraxe-2007-SA#055] - Sql Injection in SiteX CMS 0.7.3 Beta,
come2waraxe
- [CAID 35690, 35691, 35692]: CA BrightStor Hierarchical Storage Manager CsAgent Multiple Vulnerabilities,
Williams, James K
- [waraxe-2007-SA#056] - Another Sql Injection in NukeSentinel 2.5.11,
come2waraxe
- [SECURITY] [DSA 1343-2] New file packages fix arbitrary code execution,
Florian Weimer
- Joomla multiple vulerabilities (1.0.X >= ),
security
- [USN-520-1] fetchmail vulnerabilities,
Kees Cook
- ERNW Tool Release: CVSS Calculator,
mozilla
- Re: Confirmed: Windows Explorer bad PNG file preview integer overflow handling,
rocheml
- [USN-519-1] elinks vulnerability,
Kees Cook
- [ MDKSA-2007:188 ] - Updated postgresql packages prevent access abuse using dblink,
security
- SimpNews version 2.41.03 File Content Disclosure Vulnerability,
securityresearch
- CORE-2007-0817: Remote Command execution, HTML and JavaScript injection vulnerabilities in AOL's Instant Messaging software,
Core Security Technologies Advisories
- SimpNews version 2.41.03 Multiple XSS Attack Vulnerabilities,
securityresearch
- SimpGB version 1.46.02 File Content Disclosure Vulnerability,
securityresearch
- SimpGB version 1.46.02 Multiple XSS Attack Vulnerabilities,
securityresearch
- Possible Windows Explorer bad PNG file preview integer overflow handling,
rocheml
- SimpGB version 1.46.02 Multiple Path Disclosure Vulnerabilities,
securityresearch
- SimpNews version 2.41.03 Multiple Path Disclosure Vulnerabilities,
securityresearch
- Re: Multiple vulnerabilities in rFactor 1.250,
superfreak
- SimpGB version 1.46.02 Information Disclosure Vulnerability,
securityresearch
- iDefense Security Advisory 09.25.07: Linux Kernel ALSA snd_mem_proc_read Information Disclosure Vulnerability,
iDefense Labs
- New Shell For Linux & Windows,
crazy_king
- n.runs AG puts §202 law to the test - Tools back online,
Thierry Zoller
- [waraxe-2007-SA#054] - Local File Inclusion in Dance Music module for phpNuke,
come2waraxe
- [waraxe-2007-SA#053] - Critical Sql Injection in NukeSentinel 2.5.11,
come2waraxe
- Simple PHP Blog Multiple Vulnerabilities,
luca . carettoni
- rPSA-2007-0199-1 openssl openssl-scripts,
rPath Update Announcements
- Re: LFI On SMF 1.1.3,
alex . tracer
- JSPWiki Multiple Vulnerabilities,
Jason Kratzer
- ZDI-07-054: IBM Tivoli Storage Manager Express CAD Service Buffer Overflow Vulnerability,
zdi-disclosures
- Auditing clients program in Oracle,
fryxar fryxar
- sk.log v0.5.3 Remote File Inclusion,
h3llcode
- [USN-517-1] kdm vulnerability,
Kees Cook
- rPSA-2007-0198-1 kernel,
rPath Update Announcements
- Google Urchin password theft madness,
pagvac
- Arbitrary Command Inclusion,
darkbunny91
- Re: New Zeroday published,
Joey Mengele
- New bypass shell for linux,
ernealizm
- Service Pack 3 for Microsoft Sharepoint Services broken,
jimbob1
- [security bulletin] HPSBOV02261 SSRT071449 rev.1 - HP OpenVMS running BIND, Remote DNS Cache Poisoning,
security-alert
- COSEINC Linux Advisory #2: IA32 System Call Emulation Vulnerability,
Wojciech Purczynski
- RE: Re[2]: [Full-disclosure] Panda Antivirus 2008 Local Privileg Escalation (UPS they did it again),
Panda Security Response
- [ GLSA 200709-15 ] BEA JRockit: Multiple vulnerabilities,
Raphael Marichez
- Nuke Mobile Entartainment Local File Inclusion,
h3llcode
- Oracle 11g Password algorithm revealed,
pete
- HITBSecConf2007 - Malaysia Materials & Photos are up !,
Praburaajan
- xcms all version arbitrary code execution,
x0kster
- [ MDKSA-2007:187 ] - Updated PHP packages fix numerous vulnerabilities,
security
- 2 vanilla XSS on Wordpress ‘wp-register.php’,
Adrian P
- iDefense Security Advisory 09.20.07: CA ARCServe Backup for Laptops and Desktops Multiple Buffer Overflow Vulnerabilities,
iDefense Labs
- EEYE: Multiple Vulnerabilities in CA ARCserve for Laptops & Desktops,
eEye Advisories
- iDefense Security Advisory 09.20.07: CA ARCserve Backup for Laptops and Desktops Authentication Bypass Vulnerability,
iDefense Labs
- DEFCON London DC4420 meet - Monday 24th September,
Major Malfunction
- greensql firewall permanent xss,
laurent . gaffie
- iDefense Security Advisory 09.19.07: Multiple Vendor ImageMagick Sign Extension Vulnerability,
iDefense Labs
- iDefense Security Advisory 09.19.07: Multiple Vendor ImageMagick Multiple Denial of Service Vulnerabilities,
iDefense Labs
- iDefense Security Advisory 09.19.07: Multiple Vendor ImageMagick Off-By-One Vulnerability,
iDefense Labs
- iDefense Security Advisory 09.19.07: Multiple Vendor ImageMagick Multiple Integer Overflow Vulnerabilities,
iDefense Labs
- [CAID 35673, 35674, 35675, 35676, 35677]: CA ARCserve Backup for Laptops and Desktops Multiple Server Vulnerabilities,
Williams, James K
- ZDI-07-053: Microsoft ISA Server SOCKS4 Proxy Connection Leakage,
zdi-disclosures
- [SECURITY] [DSA 1377-2] New fetchmail packages fix denial of service,
Steve Kemp
- DDIVRT-2007-04 NetSupport Manager Authentication Bypass,
VulnerabilityResearch
- [ISR] - Barracuda Spam Firewall. Cross-Site Scripting,
ISR-noreply
- TSLSA-2007-0028 - multi,
Trustix Security Advisor
- [Mlabs] Dissecting Internals of Windows XP Svchost : Reverse Engineering Stature,
Aditya K Sood
- Neuron News 1.0 Local file inclusion (index.php),
h3llcode
- [SECURITY] [DSA 1377-1] New fetchmail packages fix denial of service,
Steve Kemp
- [SECURITY] [DSA 1376-1] New kdebase packages fix authentication bypass,
Steve Kemp
- List all the comment + entry belong to the Yahoo 360 public blog and more...,
vnn95
- ToorCon Final Lineup Announcement,
David Hulton
- Re: [irc-security] Multiple vulnerabilities in ircu,
Colin Alston
- [USN-516-1] xfsdump vulnerability,
Kees Cook
- Re: [Full-disclosure] 0day: PDF pwns Windows,
Joey Mengele
- [ GLSA 200709-14 ] ClamAV: Multiple vulnerabilities,
Pierre-Yves Rofes
- [ MDKSA-2007:186 ] - Updated openoffice.org packages fix TIFF parser vulnerability,
security
- rPSA-2007-0194-1 kdebase,
rPath Update Announcements
- [ GLSA 200709-13 ] rsync: Two buffer overflows,
Raphael Marichez
- Vigile CMS v1.8 Multiple Remote XSS Vulnerability,
x0kster
- PHP-Nuke add admin ALL Versions,
h3llcode
- WebED-0.8999 Multiple Remote File Inclusion Vulnerability,
h3llcode
- PhpBB Xs 2 profile.php Permanent Xss Vulnerability,
h3llcode
- SimplePHPBlog Hacking,
webmaster666
- WebBatch Applications Cross Site Scripting Vulrnability,
DoZ
- [security bulletin] HPSBUX02249 SSRT071442 rev.2 - HP-UX Running the Ignite-UX or the DynRootDisk (DRD) get_system_info Command, Local Unqualified Configuration Change,
security-alert
- [SECURITY] [DSA 1364-2] New vim packages fix several vulnerabilities,
dann frazier
- VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player,
VMware Security team
- [security bulletin] HPSBUX02251 SSRT071449 rev.2 - HP-UX Running BIND, Remote DNS Cache Poisoning,
security-alert
- [Mlabs] Scrutinising SIP Payloads : Traversing Attack Vectors in VOIP and IM,
Aditya K Sood
- 0day: PDF pwns Windows,
pdp (architect)
- Re: 0day: PDF pwns Windows,
Gadi Evron
- Re: 0day: PDF pwns Windows,
Crispin Cowan
- Re: [Full-disclosure] 0day: PDF pwns Windows,
Steven Adair
- Re: [Full-disclosure] 0day: PDF pwns Windows,
Chad Perrin
- Re: [Full-disclosure] 0day: PDF pwns Windows,
Wayne D. Hoxsie Jr.
- Re: [Full-disclosure] 0day: PDF pwns Windows,
bugtraq
- Re: [Full-disclosure] 0day: PDF pwns Windows,
coderman
- Re: 0day: PDF pwns Windows,
Casper . Dik
- Re: 0day: PDF pwns Windows,
J. Oquendo
- Re: 0day: PDF pwns Windows,
Crispin Cowan
- Re: 0day: PDF pwns Windows,
Chad Perrin
- Re: 0day: PDF pwns Windows,
Crispin Cowan
- Re: [Full-disclosure] 0day: PDF pwns Windows,
J. Oquendo
- Re: 0day: PDF pwns Windows,
Lamont Granquist
- Re: 0day: PDF pwns Windows,
Roland Kuhn
- RE: 0day: PDF pwns Windows,
Thor (Hammer of God)
- defining 0day,
Gadi Evron
- Re: defining 0day,
Brian Loe
- Re: defining 0day,
Gadi Evron
- Re: defining 0day,
Brian Loe
- Re: defining 0day,
Adrian Griffis
- Re: defining 0day,
Brian Loe
- Re: defining 0day,
Andrew Weaver
- RE: defining 0day,
David Gillett
- Re: defining 0day,
Charles Miller
- Re: defining 0day,
Gadi Evron
- Re: defining 0day,
Zow
- Re: defining 0day,
Chad Perrin
- RE: defining 0day,
Marvin Simkin
- Re: defining 0day,
Chad Perrin
- Re: 0day: PDF pwns Windows,
Steve Shockley
- Re: 0day: PDF pwns Windows,
Iggy E
- Re: 0day: PDF pwns Windows,
Aditya K Sood
- Re: [Full-disclosure] 0day: PDF pwns Windows,
Thierry Zoller
- <Possible follow-ups>
- Re: Re: 0day: PDF pwns Windows,
rmk115
- Re: Re: 0day: PDF pwns Windows,
johanfunsale
- RE: 0day: PDF pwns Windows,
Glenn.Everhart
Security Advisory for Bugzilla 3.0.1 and 3.1.1,
mkanat
RE: Panda Antivirus 2008 Local Privileg Escalation (UPS they did it again),
Panda Security Response
Update? Question on BID 19000,
Michael Scheidell
[ GLSA 200709-12 ] Poppler: Two buffer overflow vulnerabilities,
Raphael Marichez
rPSA-2007-0193-1 gdm,
rPath Update Announcements
[USN-515-1] t1lib vulnerability,
Kees Cook
PHPBBPLUS 1.5.3 RFI BUG,
Mehrad1989
WBR3404TX Broadband Router XSS,
azizov
Multiple vulnerabilities in the gMotor2 engine,
Luigi Auriemma
[security bulletin] HPSBUX02259 SSRT071439 rev.1 - HP-UX Running logins(1M), Remote Unauthorized Access,
security-alert
rPSA-2007-0189-1 openoffice.org,
rPath Update Announcements
[USN-514-1] X.org vulnerability,
Kees Cook
file upload vulnerability in joomla media component,
vinodsharma . mmit
[waraxe-2007-SA#052] - dBlog CMS Open Source database retrieval,
come2waraxe
[security bulletin] HPSBST02260 SSRT071471 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS07-051 to MS07-054,
security-alert
TPTI-07-15: Automated Solutions Modbus TCP Slave ActiveX Control Heap Corruption Vulnerability,
TSRT
Re: eyeOS checksum prediction,
jose
FLEA-2007-0056-1 openoffice.org,
Foresight Linux Essential Announcement Service
rPSA-2007-0190-1 kdebase,
rPath Update Announcements
[ GLSA 200709-11 ] GDM: Local Denial of Service,
Raphael Marichez
[ GLSA 200709-10 ] PhpWiki: Authentication bypass,
Raphael Marichez
[USN-513-1] Qt vulnerability,
Kees Cook
A little advisory content correction.,
j00ru . vx
Uninformed Journal Release Announcement: Volume 8,
Uninformed Staff
WifiZoo v1.1,
Hernan Ochoa
Plague in (security) software drivers & BSDOhook utility,
Matousec - Transparent security Research
security notice: Backdooring Windows Media Files,
pdp (architect)
[ MDKSA-2007:185 ] - Updated avahi packages fix vulnerability,
security
GCALDaemon Remote DoS,
luca . carettoni
[security bulletin] HPSBUX02153 SSRT061181 rev.6 - HP-UX Running Firefox, Remote Unauthorized Access or Elevation of Privileges or Denial of Service (DoS),
security-alert
XSS on Obedit v3.03,
fuxxx0rz
[ MDKSA-2007:184 ] - Updated cacti packages fix vulnerability,
security
b1gmail Cross Site Scripting,
malibu . r
rPSA-2007-0188-1 php5 php5-cgi php5-mysql php5-pear php5-pgsql php5-soap php5-xsl,
rPath Update Announcements
iDefense Security Advisory 09.17.07: Multiple Vendor OpenOffice TIFF File Parsing Multiple Integer Overflow Vulnerabilities,
iDefense Labs
FLEA-2007-0054-1 lighttpd,
Foresight Linux Essential Announcement Service
FLEA-2007-0055-1 openssh openssh-client openssh-server gnome-ssh-askpass,
Foresight Linux Essential Announcement Service
Coppermine <= 1.4.12 Cross Site Scripting and Local File Inclusion,
L4teral
SYMSA-2007-009: RemoteDocs R-Viewer Code Execution and Sensitive Information Disclosure,
research
TSLSA-2007-0026 - multi,
Trustix Security Advisor
[SECURITY] [DSA 1375-1] New OpenOffice.org packages fix arbitrary code execution,
Martin Schulze
Alcatel-Lucent OmniPCX Remote Command Execution,
RedTeam Pentesting GmbH
[ GLSA 200709-09 ] GNU Tar: Directory traversal vulnerability,
Raphael Marichez
Media Player Classic Denial of Service,
yeikos
IE (Internet Explorer) pwns SecondLife,
pdp (architect)
WinImage 8.10 vulnerabilities,
j00ru . vx
Axis 207W Wireless Camera Web Interface - Multiple Vulnerabilities,
Seth Fogie
[ GLSA 200709-08 ] id3lib: Insecure temporary file creation,
Matthias Geerdsen
[ GLSA 200709-07 ] Eggdrop: Buffer overflow,
Matthias Geerdsen
[USN-512-1] Quagga vulnerability,
Kees Cook
rPSA-2007-0187-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs,
rPath Update Announcements
[ GLSA 200709-06 ] flac123: Buffer overflow,
Raphael Marichez
[ GLSA 200709-05 ] RealPlayer: Buffer overflow,
Raphael Marichez
rPSA-2007-0184-1 samba samba-swat,
rPath Update Announcements
Gelato SQL Injection exploit,
s0cratex
[GOODFELLAS-VULN] FileFind class from MFC Library cause heap overflow,
GOODFELLAS SRT
[GOODFELLAS-VULN] ActiveX hpqutil!ListFiles hpqutil.dll - Remote heap overflow,
GOODFELLAS SRT
rPSA-2007-0182-1 httpd mod_ssl,
rPath Update Announcements
AIM Local File Display in Notification Window,
shell
[security bulletin] HPSBMA02258 SSRT071470 rev.1 - HP System Management Homepage (SMH) for Windows, Incomplete Update Installation,
security-alert
new XSS vulnerability in php-stats -tracking.php,
root
[ MDKSA-2007:183 ] - Updated qt3/qt4 packages fix vulnerability,
security
Boa (with Intersil Extensions) - HTTP Basic Authentication Bypass,
luca . carettoni
[ GLSA 200709-03 ] Streamripper: Buffer overflow,
Raphael Marichez
[ GLSA 200709-04 ] po4a: Insecure temporary file creation,
Raphael Marichez
[ MDKSA-2007:182 ] - Updated quagga packages fix vulnerability and bugs,
security
[ GLSA 200709-02 ] KVIrc: Remote arbitrary code execution,
Raphael Marichez
Next generation malware: Windows Vista's gadget API,
Tim Brown
WinSCP < 4.04 url protocol handler flaw,
Kender . Security
NDSS 2008 CfP Papers Due September 21,
Crispin Cowan
[ MDKSA-2007:180 ] - Updated id3lib packages fix vulnerability,
security
[ MDKSA-2007:181 ] - Updated librpcsecgss packages fix vulnerabilities,
security
ZDI-07-052: Multiple Kerberos Implementations Authentication Context Stack Overflow Vulnerability,
zdi-disclosures
Apache2 Undefined Charset UTF-7 XSS Vulnerability,
cxib
CAL-20070912-1 Multiple vendor produce handling AVI file vulnerabilities,
Code Audit Labs
AIM Arbitrary HTML Display in Notification Window,
shell
SYMSA-2007-008: Autodesk Backburner 3.0.2 System Backdoor,
research
CS Guestbook Admin Name & Md5 Security Vuln,
crazy_king
Re Re: PHP 5.2.4 <= various mysql functions safemode & open_basedir bypass,
laurent . gaffie
Oracle Jinitiator 1.1.8 Vulnerabilities CVE-2007-4467 - Additional Information,
Integrigy Alerts
0DAY: QuickTime pwns Firefox,
pdp (architect)
S21SEC-036-EN Ekiga <= 2.0.5 Denial of service,
S21sec Labs
RSA EnVision Reflected XSS Hole,
Stelios Tigkas
Boinc Forum Cross Site Scripting Vulrnability,
DoZ
[ MDKSA-2007:179 ] - Updated fetchmail packages fix DoS vulnerability,
security
[ MDKSA-2007:178 ] - Updated x11-server packages fix vulnerability,
security
RE: ScanAlert Security Advisory,
Nick Merritt
[ GLSA 200709-01 ] MIT Kerberos 5: Multiple vulnerabilities,
Matthias Geerdsen
iDefense Security Advisory 09.11.07: Microsoft Windows 2000 Agent URL Canonicalizing Stack Based Buffer Overflow Vulnerability,
iDefense Labs
[SECURITY] [DSA 1374-1] New jffnms packages fix several vulnerabilities,
Steve Kemp
[SECURITY] [DSA 1371-1] New phpwiki packages fix several vulnerabilities,
Thijs Kinkhorst
[SECURITY] [DSA 1372-1] New ktorrent packages fix directory traversal,
Steve Kemp
Assurent VR - Microsoft Agent Crafted URL Stack Buffer Overflow,
VR-Subscription-noreply
NuclearBB Alpha 2 Remote File Inclusion,
b14ck1c3
PHP 5.2.4 <= various mysql functions safemode & open_basedir bypass,
laurent . gaffie
RealPlayer/HelixPlayer .au Divide-By-Zero Denial of Service Vulnerability,
OS2A BTO
[SECURITY] Winbind's rfc2307 & SFU nss_info plugin in Samba 3.0.25[a-c] assigns users a primary gid of 0 by default,
Gerald (Jerry) Carter
rPSA-2007-0181-1 gnome-ssh-askpass openssh openssh-client openssh-server,
rPath Update Announcements
[SECURITY] [DSA 1370-2] New phpmyadmin packages fix several vulnerabilities,
Thijs Kinkhorst
ekoparty 3rd edition CFP,
ekoparty
New Whitepaper : g00gle CrewBots,
matteo
XSIO - Cross Site Image Overlaying,
Sven Vetsch / Disenchant
[Aria-Security Team] social-networkin SQL Injection,
Advisory
Symantec Product Security: Symantec Device Driver Local Elevation of Privilege,
secure
/* PHP <=5.2.4 open_basedir bypass & code exec & denial of service errata ... working on windows too .. */,
laurent . gaffie
PHP <=5.2.4 open_basedir bypass & code exec & denial of service,
laurent . gaffie
Announcing ShmooCon 08 and the CFP,
B Potter
[SECURITY] [DSA 1370-1] New phpmyadmin packages fix several vulnerabilities,
Thijs Kinkhorst
[SECURITY] [DSA 1365-2] New id3lib3.8.3 packages fix denial of service,
Moritz Muehlenhoff
Husrev Forums v2.0.1:PoWerBoard Sql,
yollubunlar
Proxy Anket v3.0.1 Sql injection Vulnerable,
yollubunlar
phpMyQuote 0.20 Version Multiple Sql And Xss Vulnerabilities,
yollubunlar
Netjuke 1.0-rc2 - sql injection & XSS,
cod3in
IMF 2007 - 2nd Call for Participation,
Oliver Goebel
ZDI-07-051: Trend Micro ServerProtect TMregChange() Stack Overflow Vulnerability,
zdi-disclosures
TxxCMS_Multiple File inclusion Vulnerabilies,
nnc
ZDI-07-050: Trend Micro ServerProtect RPCFN_SetComputerName() Stack Overflow Vulnerability,
zdi-disclosures
hack.lu 2007 18-20 October, Luxembourg,
info
[ MDKSA-2007:174-1 ] - Updated krb5 packages fix vulnerabilities,
security
Microsoft SQL Server Distributed Management Objects OLE DLL for SQL Enterprise Manager (sqldmo.dll) remote buffer overflow poc,
retrog
[USN-511-2] Kerberos vulnerability,
Kees Cook
Safari 3.0.3 (522.15.5) Buffer overflow,
azizov
Buffalo AirStation WHR-G54S CSRF vulnerability,
Henri Lindberg - Smilehouse Oy
FLEA-2007-0053-1 fetchmail,
Foresight Linux Essential Announcement Service
FLEA-2007-0051-1 star,
Foresight Linux Essential Announcement Service
FLEA-2007-0052-1 gd,
Foresight Linux Essential Announcement Service
FLEA-2007-0050-1 krb5 krb5-workstation,
Foresight Linux Essential Announcement Service
[ MDKSA-2007:177 ] - Updated MySQL packages fix vulnerabilities,
security
[ MDKSA-2007:176 ] - Updated kdebase and kdelibs packages fix location bar spoofing issues,
security
[HISPASEC] 2K7SEPT6 Magellan Explorer 3.32 build 2305 Remote FTP Client Directory Traversal,
Gynvael Coldwind
[SECURITY] [DSA 1369-1] New gforge packages fix SQL injection,
Moritz Muehlenhoff
[ MDKSA-2007:174 ] - Updated krb5 packages fix vulnerabilities,
security
[SECURITY] [DSA 1367-2] New krb5 packages fix arbitrary code execution,
Moritz Muehlenhoff
[ MDKSA-2007:175 ] - Updated eggdrop package fix remote buffer overflow,
security
iTunes 7.3.x - Heap overflow in album cover parsing,
David Thiel
rPSA-2007-0179-1 krb5 krb5-server krb5-services krb5-test krb5-workstation,
rPath Update Announcements
PHP <= 5.2.4 multiple Iconv functions denial of service,
laurent . gaffie
[HISPASEC] 2K7SEPT6 X-Diesel Unreal Commander v0.92 (build 573) multiple FTP-based vulnerabilities,
Gynvael Coldwind
[HISPASEC] 2K7SEPT6 Total Commander 7.01 Remote FTP Client Directory Traversal,
Gynvael Coldwind
Sophos Anti-Virus 6.5.4 Vulnerability,
disclosure
updated patch: MITKRB5-SA-2007-006: kadmind RPC lib buffer overflow, uninitialized pointer,
Tom Yu
rPSA-2007-0178-1 fetchmail,
rPath Update Announcements
rPSA-2007-0177-1 kdebase kdelibs,
rPath Update Announcements
PHP <=5.2.4 iconv_substr() denial of service,
laurent . gaffie
PHP < 5.2.3 fnmatch() denial of service,
laurent . gaffie
Format string and clients disconnection in Alien Arena 2007 6.10,
Luigi Auriemma
PHP < 5.2.4 setlocale() denial of service,
laurent . gaffie
PHP < 5.2.3 glob() denial of service,
laurent . gaffie
Cisco Security Advisory: Denial of Service Vulnerabilities in Content Switching Module,
Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco Video Surveillance IP Gateway and Services Platform Authentication Vulnerabilities,
Cisco Systems Product Security Incident Response Team
rPSA-2007-0176-1 gd php php-mysql php-pgsql php5 php5-cgi php5-mysql php5-pear php5-pgsql php5-soap php5-xsl,
rPath Update Announcements
[ MDKSA-2007:173 ] - Updated tar packages fix vulnerabilities,
security
[USN-511-1] Kerberos vulnerability,
Kees Cook
Digital Armaments 2007 September-October Hacking Challenge: Symbian,
info
Tutorial on Fuzzled,
Tim Brown
New version of Pass-The-Hash Toolkit v1.1,
Hernan Ochoa
[SECURITY] [DSA 1368-1] New librpcsecgss packages fix arbitrary code execution,
Moritz Muehlenhoff
[SECURITY] [DSA 1367-1] New krb5 packages fix arbitrary code execution,
Moritz Muehlenhoff
MITKRB5-SA-2007-006: kadmind RPC lib buffer overflow, uninitialized pointer,
Tom Yu
Re: Built2Go_PHP_Link_Portal_v1.79 >> RFI,
scoutt_42
[security bulletin] HPSBUX02153 SSRT061181 rev.5 - HP-UX Running Firefox, Remote Unauthorized Access or Elevation of Privileges or Denial of Service (DoS),
security-alert
Wireshark DNP3 Dissector Infinite Loop Vulnerability,
Aviram Jenik
212cafeBoard Sql injection,
Lopez Bran
[security bulletin] HPSBUX02156 SSRT061236 rev.3 - HP-UX Running Thunderbird, Remote Unauthorized Access or Elevation of Privileges or Denial of Service (DoS),
security-alert
Marshal MailMarshal TAR Unpacking Vulnerability,
S. Vandersee
Apache tomcat calendar example cross site scripting and cross site request forgery vulnerability,
tusharvartak
Re: n.runs-SA-2007.027 - Sophos Antivirus UPX parsing Arbitrary CodeExecution Advisory,
Sergio Alvarez
Multiple vulnerabilities in Joomla 1.5 RC 1,
Omid
DeepSec IDSC 2007 Vienna Registration Now Open,
Paul Böhm
Telecom Italy Alice Messenger Hp.Revolution.RegistryManager.dll (v.1) remote arbitrary registry key manipulation,
retrog
[SECURITY] [DSA 1288-2] New pptpd packages fix regression,
Moritz Muehlenhoff
Re: MkPortal "All Guests are Admin" Exploit,
nospam
SolpotCrew Advisory #15 (home_edition2001) - Weblogicnet (files_dir) Remote File Inclusion,
home_edition2001
[SECURITY] [DSA 1363-1] New Linux 2.6.18 packages fix several vulnerabilities,
dann frazier
Re: ePersonnel_RC_2004 Remote File Bug,
the . tiger100
[SECURITY] [DSA 1364-1] New vim packages fix several vulnerabilities,
Moritz Muehlenhoff
[Paper] The Anatomy of Third Party Pop Up Attacks.,
Aditya K Sood
[ MDKSA-2007:172 ] - Updated clamav packages vulnerabilities,
security
[SECURITY] [DSA 1366-1] New clamav packages fix several vulnerabilities,
Moritz Muehlenhoff
Toms Gstebuch 1.00 - XSS,
cod3in
Olate Download 3.4.2~uploads folder ~ directory traversal,
imei Addmimistrator
[SECURITY] [DSA 1365-1] New id3lib3.8.3 packages fix denial of service,
Moritz Muehlenhoff
Olate Download 3.4.2 ~ userupload.php ~ Upload Executable Files,
imei Addmimistrator
Re: Sony: The Return Of The Rootkit,
Jason Brooke
