Bugtraq
- [SECURITY] [DSA 1563-1] New asterisk packages fix denial of service,
Moritz Muehlenhoff
- heanet.dl.sourceforge.net hacked?,
Michael Scheidell
- CFP: Workshop on Open Source Software for Computer and Network Forensics,
Stefano Zanero
- Critical Vulnerability in SNMPc,
NGSSoftware Insight Security Research
- [security bulletin] HPSBMA02331 SSRT080000 rev.1 - HP-UX running WBEM Services, Remote Execution of Arbitrary Code, Gain Extended Privileges,
security-alert
- [ MDVSA-2008:093 ] - Updated vorbis-tools packages fix vulnerabilities,
security
- [ MDVSA-2008:092 ] - Updated gstreamer-plugins-good packages fix vulnerabilities,
security
- XSS Attack,
hadikiamarsi
- Re: Yourfreeworld Styleish Text Ads Script,
rohit
- rPSA-2008-0151-1 libpng,
rPath Update Announcements
- SugarCRM Community Edition Local File Disclosure Vulnerability,
roberto . suggi
- [ GLSA 200804-30 ] KDE start_kdeinit: Multiple vulnerabilities,
Matthias Geerdsen
- Re: h2desk helpdesk path disclosure vulnerability,
john
- CORE-2008-0320 - Insufficient argument validation of hooked SSDT functions on multiple Antivirus and Firewalls,
CORE Security Technologies Advisories
- [ECHO_ADV_89$2008] Softbiz Web Host Directory Script (search_result.php host_id) Blind Sql Injection Vulnerability,
erdc
- [ECHO_ADV_88$2008] Prozilla Hosting Index (directory.php cat_id) Blind Sql Injection Vulnerability,
erdc
- [SECURITY] [DSA 1562-1] New iceape packages fix arbitrary code execution,
Moritz Muehlenhoff
- Microsoft SWI blog inaccuracies,
Amit Klein
- Minibb 2.2a XSS Vulnerability,
irancrash
- [SECURITY] [DSA 1561-1] New ldm packages fix information disclosure,
Thijs Kinkhorst
- bug report,
hadikiamarsi
- London DEFCON meet - Thursday 1st May - DC4420,
Major Malfunction
- GroupWise 7.0 mailto: scheme buffer overflow,
jplopezy
- [SECURITY] [DSA 1560-1] New kronolith2 packages fix cross site scripting,
Thijs Kinkhorst
- [SECURITY] [DSA 1556-2] New perl packages fix denial of service,
Florian Weimer
- Re: Simple Machines Forum "SMF Shoutbox" Mod Persistent XSS,
pobore
- rPSA-2008-0149-1 idle python,
rPath Update Announcements
- IMF 2008 - 2nd Call for Papers,
Oliver Goebel
- Wordpress 2.5 Cookie Integrity Protection Vulnerability,
Steven J. Murdoch
- GroupWise 7 attached bugs,
jplopezy
- Curious vulnerability in Excel 2007,
jplopezy
- [ GLSA 200804-29 ] Comix: Multiple vulnerabilities,
Pierre-Yves Rofes
- R.I.P. rgod,
ipsdix
Lotus expeditor rcplauncher uri handler vulnerability,
Thomas Pollet
[ MDVSA-2008:091 ] - Updated wireshark packages fix denial of service vulnerabilities,
security
[SECURITY] [DSA 1558-1] New xulrunner packages fix arbitrary code execution,
Moritz Muehlenhoff
[SECURITY] [DSA 1534-2] New iceape packages fix regression,
Moritz Muehlenhoff
[SECURITY] [DSA 1556-1] New perl packages fix denial of service,
Florian Weimer
[SECURITY] [DSA 1557-1] New phpmyadmin packages fix several vulnerabilities,
Thijs Kinkhorst
HPSBGN02333 SSRT080031 rev.1 - HP Software Update HPeDiag Running on Windows, Remote Disclosure of Information and Execution of Arbitrary Code,
security-alert
A New Class of Vulnerability in Oracle: Lateral SQL Injection,
David Litchfield
[ GLSA 200804-27 ] SILC: Multiple vulnerabilities,
Tobias Heinlein
DDIVRT-2008-11 BadBlue uninst.exe DoS,
vulnerabilityresearch
Trillian 3.1 basic nick crash,
jplopezy
[ GLSA 200804-28 ] JRockit: Multiple vulnerabilities,
Tobias Heinlein
xine-lib NES Sound Format Demuxer Buffer Overflow,
laurent . gaffie
[W01-0408] Realtek HD Audio Codec Drivers (Vista) - Local Privilege Escalation,
vulns
PR07-44: XSS on RSA Authentication Agent login page,
ProCheckUp Research
PR07-43: Cross-domain redirect on RSA Authentication Agent,
ProCheckUp Research
[ GLSA 200804-26 ] Openfire: Denial of Service,
Robert Buchholz
[ GLSA 200804-25 ] VLC: User-assisted execution of arbitrary code,
Robert Buchholz
[SECURITY] [DSA 1555-1] New iceweasel packages fix arbitrary code execution,
Moritz Muehlenhoff
Zune software - arbitrary file overwrite,
info
NetClassifieds Sql Injection,
noreply
Horde Webmail XSS [Aria-Security],
noreply
AST-2008-006 - 3-way handshake in IAX2 incomplete,
Security Officer
LayerOne 2008 - Final Pre-Con Update,
Layer One
Default key algorithm in Thomson and BT Home Hub routers,
Adrian Pastor
[SECURITY] [DSA 1554-1] New roundup packages fix cross-site scripting vulnerability,
Noah Meyerhans
Firefox 3.0 beta 5 crash,
jplopezy
Safari 3.1.1 Multiple Vulnerabilities for windows,
jplopezy
Cross site scripting issues in s9y (CVE-2008-1386, CVE-2008-1387),
Hanno Böck
[USN-604-1] Gnumeric vulnerability,
Kees Cook
[USN-602-1] Firefox vulnerabilities,
Jamie Strandboge
Xoops All Version -Articles- Article.PHP (ID) Blind SQL Injection ExpL0it,
crazy_kinq
ANNOUNCE: Security Implications of Windows Access Tokens Whitepaper,
luke . jennings
Sea-Surfing on the Motorola Surfboard,
th3 . r00k . nospam
[ GLSA 200804-24 ] DBmail: Data disclosure,
Matthias Geerdsen
Re: Re: Smf 1.1.4 Remote File Inclusion Vulnerabilities,
douchbag
[ GLSA 200804-23 ] CUPS: Integer overflow vulnerability,
Matthias Geerdsen
Powered by gCards v1.46 SQL,
turkish-warriorr
IRM Security Advisory : RedDot CMS SQL injection vulnerability,
Mark Crowther
[SECURITY] [DSA 1553-1] New ikiwiki packages fix cross-site request forgery,
Florian Weimer
[ MDVSA-2008:090 ] - Updated OpenOffice.org packages fix vulnerabilities,
security
Deciphering the PHP-Nuke Capthca,
Michael . Brooks . SPAM
SyScan'08 Singapore - Call for Paper,
organiser@xxxxxxxxxx
Acidcat CMS Multiple Vulnerabilities,
admin
Deciphering the Simple Machines Forum audio Captcha,
Michael . Brooks . SPAM
Token Kidnapping (Microsoft Security Advisory 951306) presentation available,
Cesar
[SECURITY] [DSA 1552-1] New mplayer packages fix arbitrary code execution,
Moritz Muehlenhoff
[SECURITY] [DSA 1551-1] New python2.4 packages fix several vulnerabilities,
Moritz Muehlenhoff
ANNOUNCE: RFIDIOt-0.1s release (now available for Windows),
Adam Laurie
Team SHATTER Security Advisory: IBM DB2 UDB Arbitrary code execution in ADMIN_SP_C/ADMIN_SP_C2 procedures,
Team SHATTER
[ GLSA 200804-22 ] PowerDNS Recursor: DNS Cache Poisoning,
Robert Buchholz
Team SHATTER Security Advisory: IBM DB2 UDB Arbitrary file overwrite in SYSPROC.NNSTAT procedure,
Team SHATTER
Team SHATTER Security Advisory: Multiple DoS in JAR files manipulation procedures,
Team SHATTER
[ GLSA 200804-21 ] Adobe Flash Player: Multiple vulnerabilities,
Robert Buchholz
LightNEasy v.1.2.2 flat Multiple Vulnerabilities,
darkz . gsa
5th avenue Shopping Cart SQL Injection,
noreply
[ GLSA 200804-20 ] Sun JDK/JRE: Multiple vulnerabilities,
Robert Buchholz
BitTorrent Clients and CSRF,
th3 . r00k . nospam
Wikepage Wiki v.2007-2 Cross-Site Scripting,
darkz . gsa
[ MDVSA-2008:089 ] - Updated poppler packages fix vulnerability,
security
[ MDVSA-2008:088 ] - Updated clamav packages fix multiple vulnerabilities,
security
[ GLSA 200804-19 ] PHP Toolkit: Data disclosure and Denial of Service,
Robert Buchholz
iDefense Security Advisory 04.17.08: Multiple Vendor OpenOffice QPRO File Parsing Integer Underflow Vulnerability,
iDefense Labs
iDefense Security Advisory 04.17.08: Multiple Vendor OpenOffice QPRO Multiple Heap Overflow Vulnerabilities,
iDefense Labs
iDefense Security Advisory 04.17.08: Multiple Vendor OpenOffice EMF EMR_BITBLT Record Integer Overflow Vulnerability,
iDefense Labs
iDefense Security Advisory 04.17.08: Multiple Vendor OpenOffice OLE DocumentSummaryInformation Heap Overflow Vulnerability,
iDefense Labs
[SECURITY] [DSA 1550-1] New suphp packages fix local privilege escalation,
Moritz Muehlenhoff
Re: [Full-disclosure] Secunia Research: Lotus Notes Folio Flat File Parsing Buffer Overflows,
Juha-Matti Laurio
[SECURITY] [DSA 1549-1] New clamav packages fix several vulnerabilities,
Moritz Muehlenhoff
[USN-603-2] KOffice vulnerability,
Kees Cook
[USN-603-1] poppler vulnerability,
Kees Cook
[SECURITY] [DSA 1548-1] New xpdf packages fix arbitrary code exitution,
Devin Carraway
Announcement - DeepSec Conference 2008, Nov 11-14 2008,
DeepSec Conference
Microsoft Works 7 WkImgSrv.dll crash POC,
wsn1983
[security bulletin] HPSBMA02328 SSRT071293 rev.2 - HP OpenView Network Node Manager (OV NNM) Running Apache, Remote Cross Site Scripting (XSS), Denial of Service (DoS), Execute Arbitrary Code,
security-alert
[security bulletin] HPSBST02329 SSRT080048 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-018 to MS08-025,
security-alert
[security bulletin] HPSBMA02133 SSRT061201 rev.8 - HP Oracle for OpenView (OfO) Critical Patch Update,
security-alert
[ GLSA 200804-18 ] Poppler: User-assisted execution of arbitrary code,
Robert Buchholz
[ GLSA 200804-17 ] Speex: User-assisted execution of arbitrary code,
Robert Buchholz
[ GLSA 200804-16 ] rsync: Execution of arbitrary code,
Robert Buchholz
[SECURITY] [DSA 1547-1] New OpenOffice.org packages fix arbitrary code execution,
Martin Schulze
[oCERT-2008-004] multiple speex implementations insufficient boundary checks,
Andrea Barisani
[ MDVSA-2008:087 ] - Updated policykit package fixes format string vulnerability,
security
FreeBSD Security Advisory FreeBSD-SA-08:05.openssh,
FreeBSD Security Advisories
ZDI-08-022: Apple Safari WebKit PCRE Handling Integer Overflow Vulnerability,
zdi-disclosures
Classifieds Caffe (index.php cat_id) Remote SQL Injection,
sys-project
Re: PHPSlideShow (toonchapter8.php) Cross-Site Scripting Vulnerability,
contact
iDefense Security Advisory 04.15.08: Oracle Application Express Privilege Escalation Vulnerability,
iDefense Labs
iDefense Security Advisory 04.09.08: IBM DB2 Universal Database db2dasStartStopFMDaemon Buffer Overflow Vulnerability,
iDefense Labs
iDefense Security Advisory 04.09.08: IBM DB2 Universal Database Administration Server File Creation Vulnerability,
iDefense Labs
CA DSM gui_cm_ctrls ActiveX Control Vulnerability,
Williams, James K
Cisco Security Advisory: Cisco Network Admission Control Shared Secret Vulnerability,
Cisco Systems Product Security Incident Response Team
Oracle - Hardcoded Password and Password Reset of OUTLN User [DB13],
ak
[INFIGO-2008-04-08]: ICQ 6 remote buffer overflow vulnerability,
infocus
Oracle - SQL Injection Vulnerability in SDO_UTIL [DB05],
ak
Oracle - SQL Injection in package SDO_IDX [DB07],
ak
BigAnt Server 2.2 PreAuth Remote SEH Overflow Exploit (0day),
admin
Carbon Communities forum Multiple Vulnerabilities.,
admin
Oracle - SQL Injection in package SDO_GEOM [DB06],
ak
VMSA-2008-0007 Moderate Updated Service Console packages pcre, net-snmp, and OpenPegasus,
VMware Security team
DIVX Player <= 6.7.0 Buffer Overflow PoC ( .SRT ),
securfrog
iDefense Security Advisory 04.14.08: ClamAV libclamav PE WWPack Heap Overflow Vulnerability,
iDefense Labs
remote file include,
win32 . exe
Koobi Pro 6.25 poll Remote SQL Injection Vulnerability,
Sabun
WordPress 2.5 - Salt cracking vulnerability,
J. Carlos Nieto
Koobi CMS 4.2.4/4.2.5/4.3.0 Multiple Remote SQL Injection Vulnerabilities,
sys-project
[SECURITY] [DSA 1540-2] New lighttpd packages fix denial of service,
Steve Kemp
[ MDVSA-2008:086 ] - Updated kernel packages fix vulnerability,
security
BosNews 2002-2006 Remote add user admin,
houssamix
clamav: Endless loop / hang with crafter arj, CVE-2008-1387,
Hanno Böck
BosNews v4.0 Remote add user admin,
houssamix
[ MDVSA-2008:085 ] - Updated python packages fix arbitrary code execution vulnerability,
security
Dotclear 'ecrire/images.php' Arbitrary File Upload Vulnerability,
Morgan ARMAND
[ GLSA 200804-13 ] Asterisk: Multiple vulnerabilities,
Robert Buchholz
[ GLSA 200804-15 ] libpng: Execution of arbitrary code,
Robert Buchholz
KwsPHP (Upload) Remote Code Execution Exploit,
ajax
[ GLSA 200804-14 ] Opera: Multiple vulnerabilities,
Robert Buchholz
Troopers08 Security Conference, April 23/24 (Munich/Germany),
Enno Rey
[USN-601-1] Squid vulnerability,
Jamie Strandboge
Fones Clinic Mart SQL,
turkish-warriorr
S21SEC-043-en:Cezanne SW Blind SQL Injection,
S21sec labs
S21SEC-042-en:Cezanne SW Cross-Site Scripting (login required),
S21sec labs
S21SEC-041-en:Cezanne SW Cross-Site Scripting,
S21sec labs
Secunia Research: Internet Explorer Data Stream Handling Vulnerability,
Secunia Research
Secunia Research: activePDF DocConverter Applix Graphics Parsing Vulnerabilities,
Secunia Research
Secunia Research: Symantec Mail Security Applix Graphics Parsing Vulnerabilities,
Secunia Research
Secunia Research: Autonomy Keyview EML Reader Buffer Overflows,
Secunia Research
Secunia Research: Autonomy Keyview Applix Graphics Parsing Vulnerabilities,
Secunia Research
Secunia Research: HP OpenView Network Node Manager OpenView5.exe Directory Traversal,
Secunia Research
Secunia Research: Lotus Notes EML Reader Buffer Overflows,
Secunia Research
Secunia Research: Lotus Notes Folio Flat File Parsing Buffer Overflows,
Secunia Research
DOINGSOFT-2008-03-10-001 - XSS issue in BOXiR2,
Sebastien gioria
Secunia Research: Lotus Notes Applix Graphics Parsing Vulnerabilities,
Secunia Research
Secunia Research: Symantec Mail Security Folio Flat File Parsing Buffer Overflows,
Secunia Research
Secunia Research: Autonomy Keyview Folio Flat File Parsing Buffer Overflows,
Secunia Research
Secunia Research: Adobe Flash Player "Declare Function (V7)" Heap Overflow,
Secunia Research
Secunia Research: Lotus Notes htmsr.dll Buffer Overflows,
Secunia Research
Secunia Research: activePDF DocConverter Folio Flat File Parsing Buffer Overflows,
Secunia Research
OneSecurityDay 2008 - Web application auditing challenge,
bugtraq
Secunia Research: Lotus Notes kvdocve.dll Path Processing Buffer Overflow,
Secunia Research
[oCERT-2008-003] libpng zero-length chunks incorrect handling,
Andrea Barisani
project announcement - oCERT - Open Source CERT,
Andrea Barisani
Re: WoltLab(R) Community Framework WCF 1.0.6,
marc . deroche
DEF CON 16 Retro Announcement! Back to Bang!,
The Dark Tangent
[ MDVSA-2008:084 ] - Updated rsync packages fix vulnerability,
security
IOActive Security Advisory: Incorrect input validation in PyString_FromStringAndSize() leads to multiple buffer overflows,
Justin Ferguson
Trillian 3.1.9.0 DTD File Buffer Overflow,
david130490
Directory traversal and multiple Denials of Service in HP OpenView NNM 7.53,
Luigi Auriemma
[ GLSA 200804-11 ] policyd-weight: Insecure temporary file creation,
Robert Buchholz
[ GLSA 200804-12 ] gnome-screensaver: Privilege escalation,
Raphael Marichez
WiKID wClient-PHP <= 3.0-2 Multiple XSS Vulnerabilities,
ascii
iDefense Security Advisory 04.09.08: EMC DiskXtender Authentication Bypass Vulnerability,
iDefense Labs
iDefense Security Advisory 04.09.08: EMC DiskXtender MediaStor Format String Vulnerability,
iDefense Labs
[SECURITY] [DSA 1546-1] New gnumeric packages fix arbitrary code execution,
Devin Carraway
Borland InterBase 2007 "ibserver.exe" Buffer Overflow Vulnerability POC,
Liu Zhen Hua
iDefense Security Advisory 04.09.08: EMC DiskXtender File System Manager Stack Buffer Overflow Vulnerability,
iDefense Labs
[USN-600-1] rsync vulnerability,
Kees Cook
w2b.ru multiple products SQL Injection,
noreply
[ GLSA 200804-10 ] Tomcat: Multiple vulnerabilities,
Pierre-Yves Rofes
[ GLSA 200804-09 ] am-utils: Insecure temporary file creation,
Pierre-Yves Rofes
[SECURITY] [DSA 1545-1] New rsync packages fix arbitrary code execution,
Moritz Muehlenhoff
EUSecWest CFP Closes April 14th (conf May 21/22 2008),
Dragos Ruiu
[ GLSA 200804-08 ] lighttpd: Multiple vulnerabilities,
Tobias Heinlein
[ MDVSA-2008:083 ] - Updated audit packages fix vulnerability,
security
paFileDB 3.1 Remote SQL Injection,
noreply
IOActive Security Advisory: Buffer overflow in Python zlib extension module,
Justin Ferguson
[SECURITY] [DSA 1544-1] New pdns-recursor packages fix cache poisoning vulnerability,
Florian Weimer
[USN-599-1] Ghostscript vulnerability,
Jamie Strandboge
[ MDVSA-2008:082 ] - Updated php-apc packages fix vulnerability,
security
[SECURITY] [DSA 1543-1] New vlc packages fix several vulnerabilities,
Devin Carraway
[CVE-2007-5301] alsaplayer PoC - exploit,
Albert Sellarès
[SECURITY] [DSA 1542-1] New libcairo packages fix arbitrary code execution,
Devin Carraway
iDefense Security Advisory 04.08.08: Microsoft Windows Graphics Rendering Engine Integer Overflow Vulnerability,
iDefense Labs
[ GLSA 200804-07 ] PECL APC: Buffer Overflow,
Robert Buchholz
Pu Arcade component for Joomla - SQL injection,
netmantis . com
SAP Netweaver 6.40-7.0 Cross-Site-Scripting,
jaime . blasco
CAU-2008-0002: Microsoft Windows SharePoint Services Picture Source XSS,
I)ruid
[SECURITY] [DSA 1541-1] New openldap2.3 packages fix denial of service,
Moritz Muehlenhoff
ZDI-08-021: Adobe Flash Player DeclareFunction2 Invalid Object Use Vulnerability,
zdi-disclosures
iDefense Security Advisory 04.08.08: Microsoft HxTocCtrl ActiveX Control Invalid Param Heap Corruption Vulnerability,
iDefense Labs
ZDI-08-020: Microsoft GDI WMF Parsing Heap Overflow Vulnerability,
zdi-disclosures
[security bulletin] HPSBMA02242 SSRT061260 rev.3 - HP OpenView Network Node Manager (OV NNM) Running Shared Trace Service, Remote Arbitrary Code Execution,
security-alert
[security bulletin] [security bulletin] HPSBST02318 SSRT080018 rev.1 - HP Storage Essentials Software, Remote Unauthorized Access to Data,
security-alert
Microsoft Windows DNS Stub Resolver Cache Poisoning (MS08-020),
Amit Klein
New tool released : Syslog Fuzzer,
jaime . blasco
Wayport Public Access PC Authentication Bypass Weakness,
Pascal Cretain
licq remote DoS?,
Milen Rangelov
WoltLab(R) Community Framework XSS and Full Path Disclosure Vulnerability,
Jessica Hope
[security bulletin] HPSBMA02327 SSRT071455 rev.1 - HP Integrity Servers iLO-2 Management Processors (iLO-2 MP), Denial of Service (DoS),
security-alert
Swiki 1.5 Multiple Cross-Site Scripting Vulnerabilities,
brad . antoniewicz
Multiple vulnerabilities in HP OpenView NNM 7.53,
Luigi Auriemma
Attack Technique: File Download Injection,
Jeff Williams
[ GLSA 200804-04 ] MySQL: Multiple vulnerabilities,
Robert Buchholz
[ GLSA 200804-06 ] UnZip: User-assisted execution of arbitrary code,
Robert Buchholz
[SECURITY] [DSA 1540-1] New lighttpd packages fix denial of service,
Steve Kemp
CDNetworks Nefficient Download(NeffyLauncher.dll) Vulnerabilities,
Simon Ryeo
Wikepage Opus 13 2007.2 Directory Traversal Vulnerbility,
virangar_nml
Tumbleweed SecureTransport FileTransfer ActiveX Control Buffer Overflow,
Patrick Webster
openMosix userspace library stack-based buffer overflow,
jose
[ GLSA 200804-05 ] NX: User-assisted execution of arbitrary code,
Robert Buchholz
Blogator-script 0.95 SQL Injection Vulnerbility,
hadihadi_zedehal_2006
Alkacon OpenCms sessions.jsp searchfilter XSS,
nnposter
Blogator-script 0.95 Change User Password Vulnerbility,
hadihadi_zedehal_2006
TheGreenBowVPN, Login Credentials Disclosure,
evilcry
[ GLSA 200804-03 ] OpenSSH: Privilege escalation,
Robert Buchholz
F5 BIG-IP Management Interface Perl Injection,
nnposter
rPSA-2008-0139-1 gnome-ssh-askpass openssh openssh-client openssh-server,
rPath Update Announcements
rPSA-2008-0138-1 tshark wireshark,
rPath Update Announcements
rPSA-2008-0136-1 cups,
rPath Update Announcements
[SECURITY] [DSA 1538-1] New alsaplayer packages fix arbitrary code execution,
Devin Carraway
[SECURITY] [DSA 1539-1] New mapserver packages fix multiple vulnerabilities,
Devin Carraway
iDefense Security Advisory 04.03.08: Computer Associates Alert Notification Service Multiple RPC Buffer Overflow Vulnerabilities,
iDefense Labs
iDefense Security Advisory 04.02.08: Symantec Norton Internet Security 2008 ActiveX Control Buffer Overflow Vulnerability,
iDefense Labs
iDefense Security Advisory 04.03.08: SCO UnixWare pkgadd Directory Traversal Vulnerability,
iDefense Labs
CORE-2008-0314 - Orbit Downloader "Download failed" buffer overflow,
CORE Security Technologies Advisories
[security bulletin] HPSBMA02323 SSRT080032 rev.1 - HP USB Floppy Drive Key (Option) for ProLiant Servers, Local Virus Infection,
security-alert
KwsPHP Module ConcoursPhoto XSS,
hsx
CA ARCserve Backup for Laptops and Desktops Server and CA Desktop Management Suite Multiple Vulnerabilities,
Williams, James K
ZDI-08-019: Apple QuickTime Malformed VR obji Atom Parsing Memory Corruption Vulnerability,
zdi-disclosures
iDefense Security Advisory 04.02.08: Symantec Internet Security 2008 ActiveDataInfo.LaunchProcess Design Error Vulnerability,
iDefense Labs
CA Alert Notification Server Multiple Vulnerabilities,
Williams, James K
ZDI-08-017: Apple QuickTime Kodak Encoding Heap Overflow Vulnerability,
zdi-disclosures
ZDI-08-015: Apple QuickTime Clipping Region Heap Overflow Vulnerability,
zdi-disclosures
ZDI-08-016: Apple QuickTime MP4A Atom Parsing Heap Corruption Vulnerability,
zdi-disclosures
Medium security hole affecting Festival on Debian unstable/testing and Ubuntu Hardy Heron,
Tim Brown
ZDI-08-018: Apple QuickTime Run Length Encoding Heap Overflow Vulnerability,
zdi-disclosures
ZDI-08-014: Apple Quicktime Multiple Opcode Memory Corruption Vulnerabilities,
zdi-disclosures
POC2008 call for papers,
pocadm
Cisco Security Advisory: Cisco Unified Communications Disaster Recovery Framework Command Execution Vulnerability,
Cisco Systems Product Security Incident Response Team
Parallels virtuozzo's VZPP multiple csrf vulnerabilities,
poplix
Recon 2008 CFP last call, early registration open,
Recon Conference
Joomla Component com_lms SQL Injection,
no-reply
Vulnerabilities in kses-based HTML filters,
lpilorz
[USN-598-1] CUPS vulnerabilities,
Jamie Strandboge
[USN-588-2] MySQL regression,
Jamie Strandboge
Webwasher Denial of Service Vulnerability,
security
[ GLSA 200804-02 ] bzip2: Denial of Service,
Pierre-Yves Rofes
[SECURITY] [DSA 1537-1] New xpdf packages fix multiple vulnerabilities,
Devin Carraway
[ MDVSA-2008:081 ] - Updated CUPS packages fix multiple vulnerabilities,
security
Directory traversal in LANDesk Management Suite 8.80.1.1,
Luigi Auriemma
ANNOUNCE: Apache-SSL security release - apache_1.3.41+ssl_1.59,
Adam Laurie
HPSBTU02325 SSRT080006 rev.1 - HP Internet Express for Tru64 UNIX running PostgreSQL, Arbitrary Code Execution, Privilege Elevation, or Denial of Service (DoS),
security-alert
[USN-597-1] OpenSSH vulnerability,
Kees Cook
Datalife Engine 6.7 XSRF,
irancrash
HPSBMA02317 SSRT080026 rev.1 - HP Select Identity Software, Gain Unauthorized Access,
security-alert
Writers Block SQL Injection Vulnerabilities,
nebelfrost23
Re: Hamachi Password Disclosure Vulnerability,
anonymous
Re: Internet explorer 7.0 spoofing,
Razi Shaban
[ GLSA 200804-01 ] CUPS: Multiple vulnerabilities,
Robert Buchholz
TCP/IP security vulnerability disclosed,
J. Oquendo
[SECURITY] [DSA 1533-2] New exiftags packages fix several vulnerabilities,
Devin Carraway
cevado technologies real estate CMS SQL injection,
joseph . giron13
Terracotta Personal Edition Multiple vulnerabilities,
joseph . giron13
CAU-2008-0001 - Slowly Closing Door Race Condition,
I)ruid
[SECURITY] [DSA 1536-1] New libxine packages fix several vulnerabilities,
Thijs Kinkhorst
EasyNews-40tr Multiple Remote Vulnerabilities (SQL Injection Exploit/XSS/LFI),
irancrash
iDefense Security Advisory 03.31.08: Macrovision InstallShield InstallScript One-Click Install Untrusted Library Loading Vulnerability,
iDefense Labs
Paper by Amit Klein (Trusteer): "PowerDNS Recursor DNS Cache Poisoning [pharming]",
Amit Klein
[SECURITY] [DSA 1535-1] New iceweasel packages fix several vulnerabilities,
Moritz Muehlenhoff
Directory traversal in 2X ThinClientServer v5.0_sp1-r3497,
Luigi Auriemma
rPSA-2008-0132-1 lighttpd,
rPath Update Announcements
[TKADV2008-002] avast! 4.7 aavmker4.sys Kernel Memory Corruption,
Tobias Klein
