Bugtraq
- WordPress MU < 2.6 wpmu-blogs.php Crose Site Scrpting vulnerability,
Juan Galiana
- International Hacking & Security Conference "POC2008",
pocadm
- MySQL command-line client HTML injection vulnerability,
Thomas Henlich
- Remote File Inclusion Vulnerability,
Pepelux
- [ MDVSA-2008:208 ] pam_mount,
security
- Autodesk DWF Viewer Control / LiveUpdate Module remote code execution exploit,
ipsdix
- rPSA-2008-0286-1 mono,
rPath Update Announcements
- White Wolf Labs #080922-1: Exploitation Through ActiveSync 4.x,
Seth Fogie
- [MajorSecurity Advisory #56]moziloWiki - Directory Traversal, XSS and SessionFixation Issues,
admin
- Advisory: Google Chrome Window Object Suppressing Remote Denial of Service.,
Aditya K Sood
- MS Internet Explorer 7 Denial Of Service Exploit,
UniquE
- [ MDVSA-2008:207 ] openafs,
security
- [security bulletin] HPSBMA02373 SSRT071467 rev.1 - HP Insight Diagnostics, Remote Unauthorized Access to Files,
security-alert
- Advisory : Opera Window Object Suppressing Remote Denial of Service,
Aditya K Sood
- Advisory: Mozilla Firefox User Interface Null Pointer Dereference Dispatcher Crash and Remote Denial of Service.,
Aditya K Sood
- [oCERT-2008-013] MPlayer Real demuxer heap overflow,
Andrea Barisani
- Verizon FIOS (and DSL?) wireless access point insecure default WEP key,
Paul
- ParsaWeb CMS SQL Injection,
admin
- PHP Calendar Script Remote XSS (Permanent) Vulnerabilities,
tan_prathan
- csphonebook 1.02 Remote XSS Vulnerabilitiy,
Ghost hacker
- Login Password Sample Remote Password Disclouse Vulnerability,
Ghost hacker
- hyBook Remote Password Disclouse Vulnerability,
Ghost hacker
- shoutbox Remote Password Disclouse Vulnerability,
Ghost hacker
- ASP News Remote Password Disclouse Vulnerability,
Ghost hacker
- Novell ZENWorks for Desktops Version 6.5 Remote (Heap-Based) PoC,
Satan_HackerS
- xss in hackmeeting.org,
wiky
- [ MDVSA-2008:206 ] mozilla-thunderbird,
security
- FtitzBox,
biglowbird
- Re: [Full-disclosure] [IVIZ-08-010] McAfee SafeBoot Device Encryption Plain Text Password Disclosure (v4, Build 4750 and below),
Kenneth Ng
- Crashing ZoneAlarm 8.0.020.000 by Checkpoint (Component : TrueVector),
quakerdoomer
- Crux Gallery <= 1.32 / Insecure Cookie Handling Vulnerability,
Pepelux
- multiple vendor ftpd - Cross-site request forgery,
cxib
- The Gemini Portal <= 4.7 / Insecure Cookie Handling Vulnerability,
Pepelux
- RPG.Board <= 0.0.8Beta2 Remote SQL Injection,
Guns
- DATAC RealWin 2.0 SCADA Software - Remote PreaAuth Exploit,
Reversemode
- CA Service Desk Multiple Cross-Site Scripting Vulnerabilities,
Williams, James K
- Estonian Cyber Security Strategy document -- now available online,
Gadi Evron
- [USN-647-1] Thunderbird vulnerabilities,
Jamie Strandboge
- Linksys/Cisco WRT350N 1.0.3.7 Insecure Samba Static Configuration,
Teh Kotak
- [ MDVSA-2008:205 ] mozilla-firefox,
security
- [ GLSA 200809-18 ] ClamAV: Multiple Denials of Service,
Pierre-Yves Rofes
- [ GLSA 200809-17 ] Wireshark: Multiple Denials of Service,
Pierre-Yves Rofes
- [ GLSA 200809-16 ] Git: User-assisted execution of arbitrary code,
Pierre-Yves Rofes
- SQL Injection in EasyRealtorPRO 2008,
SmOk3
- [USN-645-3] Firefox and xulrunner regression,
Jamie Strandboge
- Fwd: Returned post for bugtraq@securityfocus.com,
Jose Luis
- adnforum <= 1.0b / Insecure Cookie Handling Vulnerability,
Pepelux
- Cross Site Scripting (XSS) Vulnerabilitiy in flatpress 0.804, CVE-2008-4120,
Fabian Fingerle
- C4 Security Advisory - ABB PCU400 4.4-4.6 Remote Buffer Overflow,
Idan Ofrat
- [security bulletin] HPSBST02372 SSRT080133 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-052 to MS08-055,
security-alert
- Google Docs (HTML code) Multiple Cross Site Scripting Vulnerabilities,
alfredo . melloni
- php create_function commond injection vulnerability,
root
- [security bulletin] HPSBOV02364 SSRT080078 rev.3 - HP OpenVMS SMGRTL Run Time Library, Local Authorized User, Gain Privileged Access,
security-alert
- [ MDVSA-2008:204 ] blender,
security
- Drupal Ajax Checklist Module SQL Injection Vulnerability,
Justin C. Klein Keane
- Drupal Brilliant Gallery module SQL injection vulnerability,
Justin C. Klein Keane
- Cisco Security Advisory: Cisco IOS IPS Denial of Service Vulnerability,
Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco IOS MPLS VPN May Leak Information,
Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Multiple Multicast Vulnerabilities in Cisco IOS Software,
Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco uBR10012 Series Devices SNMP Vulnerability,
Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Multiple Cisco IOS Session Initiation Protocol Denial of Service Vulnerabilities,
Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco Unified Communications Manager Session Initiation Protocol Denial of Service Vulnerabilities,
Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco IOS Software Firewall Application Inspection Control Vulnerability,
Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco IOS NAT Skinny Call Control Protocol Vulnerability,
Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco IOS MPLS Forwarding Infrastructure Denial of Service Vulnerability,
Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco 10000, uBR10012, uBR7200 Series Devices IPC Vulnerability,
Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Vulnerability in Cisco IOS While Processing SSL Packet,
Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco IOS Software Layer 2 Tunneling Protocol (L2TP) Denial of Service Vulnerability,
Cisco Systems Product Security Incident Response Team
- Internet Information Service (adsiis.dll) activex remote DOS,
hamedata
- IAS Helper COM Component (iashlpr.dll) activex remote DOS,
hamedata
- Internet Information Service remote set password,
hamedata
- [USN-645-2] Firefox vulnerabilities,
Jamie Strandboge
- [USN-645-1] Firefox and xulrunner vulnerabilities,
Jamie Strandboge
- Advisory : Google Chrome Carriage Return Null Object Memory Exhaustion Remote Dos.,
Aditya K Sood
- [ GLSA 200809-15 ] GNU ed: User-assisted execution of arbitrary code,
Pierre-Yves Rofes
- [ GLSA 200809-14 ] BitlBee: Security bypass,
Pierre-Yves Rofes
- Re: Aruba Mobility Controller Shared Default Certificate - Response from Aruba Networks,
Robbie (Rupinder) Gill
- menalto gallery: Session hijacking vulnerability, CVE-2008-3102,
Hanno Böck
- [ MDVSA-2008:203 ] awstats,
security
- [ MDVSA-2008:202 ] phpMyAdmin,
security
- Xss In Datalife Engine CMS 7.2,
hadikiamarsi
- Aruba Mobility Controller Shared Default Certificate,
nnposter
- Squirrelmail: Session hijacking vulnerability, CVE-2008-3663,
Hanno Böck
- [ MDVSA-2008:201 ] pan,
security
- [ MDVSA-2008:200 ] ed,
security
- [ GLSA 200809-13 ] R: Insecure temporary file creation,
Pierre-Yves Rofes
- [ GLSA 200809-12 ] Newsbeuter: User-assisted execution of arbitrary code,
Pierre-Yves Rofes
- Cross Site Scripting (XSS) Vulnerabilitiy in fuzzylime (cms) >=3.02, CVE-2008-3098,
Fabian Fingerle
- [SECURITY] [DSA-1619-2] New python-dns package fixes regression,
Devin Carraway
- [MajorSecurity Advisory #54]xt:Commerce - Cross Site Scripting and Session Fixation Issues,
admin
- [MajorSecurity Advisory #53]BLUEPAGE CMS - Cross Site Scripting and Session Fixation Issues,
admin
- Directory traversal in the webadmin of Unreal Tournament 3 1.3,
Luigi Auriemma
- [ GLSA 200809-11 ] HAVP: Denial of Service,
Pierre-Yves Rofes
- [ GLSA 200809-10 ] Mantis: Multiple vulnerabilities,
Pierre-Yves Rofes
- "Exploit creation - The random approach" or "Playing with random to build exploits",
Nelson Brito
- Blue Coat xss,
jplopezy
- [security bulletin] HPSBUX02370 SSRT071459 rev.1 - HP-UX Running rpcbind, Remote Denial of Service (DoS),
security-alert
- MapCal - The Mapping Calendar (v. 0.1) Remote SQL Injection,
Guns
- drupal: Session hijacking vulnerability, CVE-2008-3661,
Hanno Böck
- MyFWB 1.0 Remote SQL Injection,
Guns
- Advanced Electron Forum <= 1.0.6 Remote Code Execution,
GulfTech Security Research
- [SECURITY] [DSA 1634-2] New wordnet packages fix regression,
Thijs Kinkhorst
- [SECURITY] [DSA 1640-1] New python-django packages fix cross site request forgery,
Thijs Kinkhorst
- [SECURITY] [DSA 1642-1] New horde3 packages fix cross site scripting,
Thijs Kinkhorst
- [SECURITY] [DSA 1641-1] New phpmyadmin packages fix several issues,
Thijs Kinkhorst
- [SECURITY] [DSA 1639-1] New twiki packages execution of arbitrary code,
Steve Kemp
- [ MDVSA-2008:199 ] wireshark,
security
- [ GLSA 200809-09 ] Postfix: Denial of Service,
Pierre-Yves Rofes
- Annutel - Annuaire Téléphonique v1.0 Sensetive Files (MDP),
sn0oPy . team
- [USN-646-1] rdesktop vulnerabilities,
Jamie Strandboge
- PHP pro bid v 6.04 SQL injection,
Jan van Niekerk
- VMSA-2008-0015 Updated ESXi and ESX 3.5 packages address critical security issue in openwsman,
VMware Security Team
- LooYu Web IM 2008 Cross-Site Scripting Vulnerabilities,
xsp
- vi can run arbitrary commands via 'tags' file,
Eli the Bearded
- cyask 3.x Local File Inclusion Vulnerability,
xuanmumu
- menalto gallery: Session hijacking vulnerability, CVE-2008-3662,
Hanno Böck
- Hi Two Points to consider,
Aditya K Sood
- [security bulletin] HPSBOV02364 SSRT080078 rev.2 - HP OpenVMS SMGRTL Run Time Library, Local Authorized User, Gain Privileged Access,
security-alert
- Sama XSS Bug,
Lagon666
- [ MDVSA-2008:189-1 ] clamav,
security
- rPSA-2008-0276-1 mercurial mercurial-hgk,
rPath Update Announcements
- rPSA-2008-0278-1 tshark wireshark,
rPath Update Announcements
- [security bulletin] HPSBMA02369 SSRT080115 rev.1 - HP ProLiant Essentials Rapid Deployment Pack (RDP) Running Symantec Altiris Deployment Solution, Remote SQL Injection, Remote or Local Gain Extended Privileges, Local Denial of Service (DoS),
security-alert
- ShmooCon 2009 CFP,
Bruce Potter
- Microsoft Internet Explorer DoS in Rendering Malicious PNG Files.,
Aditya K Sood
- [AJECT] SurgeMail IMAP 3.9e vulnerability,
João Antunes
- Pidgin IM Client Password Disclosure Vulnerability.,
Aditya K Sood
- Miranda IM Client Password Disclosure Vulnerability.,
Aditya K Sood
- Skype IM Client Password Disclosure Vulnerability.,
Aditya K Sood
- [ MDVSA-2008:197-1 ] koffice,
security
- [NOBYTES.COM: #13] Quick.Cart v3.1 Freeware - Cross Site Scripting,
John Cobb
- [NOBYTES.COM: #14] Quick.Cms.Lite v2.1 Freeware - Cross Site Scripting,
John Cobb
- [ECHO_ADV_101$2008] Attachmax Dolphin <= 2.1.0 Multiple Vulnerabilities,
adv
- [ MDVSA-2008:198 ] R-base,
security
- [Suspected Spam][CVE-2008-4042] Postfix Linux-only local denial of service - PoC,
Albert Sellarès
- [NOBYTES.COM: #12] osCommerce 2.2rc2a - Information Disclosure,
John Cobb
- [SECURITY] [DSA 1638-1] New openssh packages fix denial of service,
Florian Weimer
- Team SHATTER Security Advisory: IBM DB2 UDB - Buffer overrun in XMLQUERY and XMLEXISTS,
Shatter
- Team SHATTER Security Advisory: Security Vulnerability in CLR stored procedure deployment from IBM Database Add-Ins for Visual Studio,
Shatter
- Failed assertion in the Unreal engine,
Luigi Auriemma
- InstallShield Update Agent - Downloads and executes "Rule Scripts" insecurely.,
Brian Dowling
- [ MDVSA-2008:197 ] koffice,
security
- [ MDVSA-2008:182-1 ] wordnet,
security
- Security flaw in Airtel DSL modems,
shr
- [ MDVSA-2008:196 ] mplayer,
security
- TPTI-08-06: Landesk QIP Server Service Heal Packet Buffer Overflow,
dvlabs
- Critical Vulnerability in Apple Quicktime’s Indeo Codec,
NGSSoftware Insight Security Research
- [SECURITY] [DSA 1637-1] New git-core packages fix buffer overflow,
Devin Carraway
- Microsoft Windows WRITE_ANDX SMB command handling Kernel DoS,
j . v . vallejo
- Baidu Hi IM client software DoS bug, div zero make client crash,
Li Gen
- [ MDVSA-2008:195 ] apache,
security
- [ MDVSA-2008:194 ] apache2,
security
- [ MDVSA-2008:193 ] kolab-server,
security
- Baidu Hi IM software parsing plaintext stack overflow,
Li Gen
- CORE-2008-0126: iPhone Safari JavaScript alert Denial of Service,
Core Security Technologies Advisories
- Avant Browser <= 11.7 Build 9 Integer Denial Of Service Exploit,
Guns
- [scip_Advisory 3809] Pro2col StingRay FTS login username cross site scripting,
Marc Ruef
- community real-time BGP hijack notification service,
Gadi Evron
- Clients format strings in the Unreal engine,
Luigi Auriemma
- [USN-644-1] libxml2 vulnerabilities,
Kees Cook
- Secunia Research: Trend Micro OfficeScan "cgiRecvFile.exe" Buffer Overflow,
Secunia Research
- Re: OpenWiki<--v0.78 Cross-Site Scripting,
DJeep
- Advisory 05/2008: Wordpress user_login Column SQL Truncation Vulnerability,
Stefan Esser
- [ MDVSA-2008:191 ] rsh,
security
- [ MDVSA-2008:192 ] libxml2,
security
- [USN-643-1] FreeType vulnerabilities,
Kees Cook
- Server termination in the Unreal engine 3,
Luigi Auriemma
- [TKADV2008-007] Linux Kernel SCTP-AUTH API Information Disclosure Vulnerability and NULL Pointer Dereferences,
Tobias Klein
- [SECURITY] [DSA 1636-1] New Linux 2.6.24 packages fix several vulnerabilities,
dann frazier
- Advisory 04/2008: Joomla Weak Random Password Reset Token Vulnerability,
Stefan Esser
- Nooms 1.1,
irancrash
- [security bulletin] HPSBOV02364 SSRT080078 rev.1 - HP OpenVMS SMGRTL Run Time Library, Local Authorized User, Gain Privileged Access,
security-alert
- minb Remote Code Execution Exploit,
r3d . w0rm
- PhsBlog v0.2 Bypass Sql injection Filtering Exploit,
irancrash
- sqlvdir.dll ActiveX Remote Buffer Overflow Exploit,
bee***l1986
- PhpWebGallery 1.3.4 Multiple Vulnerabilities (XSS/LFI),
irancrash
- ZoneAlarm Security Suite buffer overflow,
jplopezy
- Ezphotogallery 2.1 Multiple Vulnerabilities ( Xss/Login Bypass/Sql injection Exploit/File Disclosure),
irancrash
- [USN-642-1] Postfix vulnerabilities,
Kees Cook
- [SECURITY] [DSA 1635-1] New freetype packages fix multiple vulnerabilities,
Steve Kemp
- ZDI-08-057: Apple QuickTime IV32 Codec Parsing Stack Overflow Vulnerability,
zdi-disclosures
- [ MDVSA-2008:190 ] postfix,
security
- Re: E-Php B2B Trading Marketplace(cid) Remote SQL Injection Vulnerability,
packet
- [oCERT-2008-012] Horde, Popoon frameworks common input sanitization errors (XSS),
Will Drewry
- Windows GDI+ GIF memory corruption,
Ivan Fratric
- iDefense Security Advisory 09.09.08: Microsoft Windows GDI+ Gradient Fill Heap Overflow Vulnerability,
iDefense Labs
- [ MDVSA-2008:189 ] clamav,
security
- Multiple Vulnerabilities: LedgerSMB < 1.2.15,
Chris Travers
- iDefense Security Advisory 09.09.08: Apple QuickTime PICT Integer Overflow Vulnerability,
iDefense Labs
- Insomnia : ISVA-080910.1 - MS Office OneNote URL Handling Vulnerability,
Brett Moore
- ZDI-08-062: Apple QuickTime MDAT Frame Parsing Memory Corruption Vulnerability,
zdi-disclosures
- ZDI-08-061: Apple QuickTime Player H.264 Parsing Heap Corruption Vulnerability,
zdi-disclosures
- DeepSec 2008 - Conference Schedule,
DeepSec Conference Vienna
- [SECURITY] CVE-2008-2938 - Apache Tomcat information disclosure vulnerability - Updated,
Mark Thomas
- SQL Smuggling,
douglen
- ZDI-08-060: Apple QuickTime AVC1 Atom Parsing Heap Overflow Vulnerability,
zdi-disclosures
- ZDI-08-059: Apple QuickTime STSZ Atom Parsing Heap Corruption Vulnerability,
zdi-disclosures
- ZDI-08-058: Apple QuickTime Panorama PDAT Atom Parsing Buffer Overflow Vulnerability,
zdi-disclosures
- ZDI-08-056: Microsoft Windows GDI+ GIF Parsing Code Execution Vulnerability,
zdi-disclosures
- ZDI-08-055: Microsoft Windows GDI+ BMP Parsing Code Execution Vulnerability,
zdi-disclosures
- Sun M-class hardware denial of service,
Theo de Raadt
- Message not available
- <Possible follow-ups>
- Re: Sun M-class hardware denial of service,
Theo de Raadt
- Re: Sun M-class hardware denial of service,
B 650
- Re: Sun M-class hardware denial of service,
Theo de Raadt
- RE: Sun M-class hardware denial of service,
Michael Wojcik
- Re: Sun M-class hardware denial of service,
Micheal Patterson
- Re: Sun M-class hardware denial of service,
Florian Weimer
- Re: Sun M-class hardware denial of service,
Curtis Maloney
- Message not available
- Re: Sun M-class hardware denial of service,
Brett Lymn
- Message not available
- Re: Sun M-class hardware denial of service,
Brett Lymn
- Re: Sun M-class hardware denial of service,
Theo de Raadt
- Message not available
- Re: Sun M-class hardware denial of service,
Brett Lymn
- Re: Sun M-class hardware denial of service,
Theo de Raadt
- Message not available
- Re: Sun M-class hardware denial of service,
Brett Lymn
- Re: Sun M-class hardware denial of service,
Theo de Raadt
- Re: Sun M-class hardware denial of service,
Florian Weimer
- Re: Sun M-class hardware denial of service,
Theo de Raadt
- Re: Sun M-class hardware denial of service,
Florian Weimer
- Message not available
- Re: Sun M-class hardware denial of service,
Brett Lymn
- Re: Sun M-class hardware denial of service,
Theo de Raadt
- Message not available
- Re: Sun M-class hardware denial of service,
Brett Lymn
- Re: Sun M-class hardware denial of service,
Bob Beck
- Re: Sun M-class hardware denial of service,
Theo de Raadt
- Re: Sun M-class hardware denial of service,
Bob Beck
Stash v1.0.3 Admin bypass / Remote File Disclosure,
r3d . w0rm
[USN-641-1] Racoon vulnerabilities,
Kees Cook
[ GLSA 200809-08 ] Amarok: Insecure temporary file creation,
Pierre-Yves Rofes
[ GLSA 200809-07 ] libTIFF: User-assisted execution of arbitrary code,
Pierre-Yves Rofes
WASC Announcement: 2007 Web Application Security Statistics Published,
statistics
Chrome(0.2.149.27) title(not the tag) Denial of Service(Freeze) exploit,
Rotem Kerner
Sagem Router F@ST 2404 Remote Denial Of Service Exploit,
zigma
Re: Re: SECURITY ADVISORY - Level Platforms, Inc. Service Center Install Data HTTP Vulnerability,
prenaud
DEFCON London - DC4420 - September meet this Thursday 11th,
Major Malfunction
[scip_Advisory 3808] D-Link DIR-100 long url filter evasion,
Marc Ruef
Re: [WEB SECURITY] PR08-20: Bypassing ASP .NET "ValidateRequest" for Script Injection Attacks,
ProCheckUp Research
[ GLSA 200809-06 ] VLC: Multiple vulnerabilities,
Pierre-Yves Rofes
phpAdultSite CMS flaws,
SmOk3
xoops-1.3.10 shell command execute vulnerability ( causing snoopy class ),
geinblues
[ MDVSA-2008:188 ] tomcat5,
security
Google Chrome Auto download exploit ..,
security
[ GLSA 200809-05 ] Courier Authentication Library: SQL injection vulnerability,
Pierre-Yves Rofes
Re: Oracle 10g Dynamic Monitoring Services XSS /servlet/Spy,
dstinbox
Google Chrome 0.2.149.27 'SaveAs' Function Buffer Overflow Vulnerability,
Security Vulnerability Research Team
XCon 2008 Call for Paper,
Sowhat
Risky Chrome (The perfect cleartext password offering ),
quakerdoomer
rPSA-2008-0268-1 libtiff,
rPath Update Announcements
other google chrome crash,
jplopezy
[security bulletin] HPSBMA02361 SSRT080119 rev.1 - HP OpenView Select Identity Connectors running on Windows, Local Information Disclosure,
security-alert
[ MDVSA-2008:186 ] python,
security
Multiple MicroWorld products insecure directory permissions,
Edi Strosar
[ GLSA 200809-02 ] dnsmasq: Denial of Service and DNS spoofing,
Robert Buchholz
clamav: Crash with crafted chm, CVE-2008-1389,
Hanno Böck
[ GLSA 200809-01 ] yelp: User-assisted execution of arbitrary code,
Robert Buchholz
[ GLSA 200809-03 ] RealPlayer: Buffer overflow,
Robert Buchholz
[ GLSA 200809-04 ] MySQL: Privilege bypass,
Robert Buchholz
Zen Cart <= 1.3.8a SQL Injection,
GulfTech Security Research
[USN-640-1] libxml2 vulnerability,
Kees Cook
Marvell Driver Null SSID Association Request Vulnerability,
Laurent Butti
Atheros Vendor Specific Information Element Overflow,
Laurent Butti
Marvell Driver EAPoL-Key Length Overflow,
Laurent Butti
Multiple Cross Site Scripting (XSS) and SQL injection Vulnerabilities in XRMS, CVE-2008-3664,
Fabian Fingerle
FreeBSD Security Advisory FreeBSD-SA-08:07.amd64,
FreeBSD Security Advisories
FreeBSD Security Advisory FreeBSD-SA-08:09.icmp6,
FreeBSD Security Advisories
[ MDVSA-2008:185 ] python-django,
security
[ MDVSA-2008:184 ] libtiff,
security
FreeBSD Security Advisory FreeBSD-SA-08:08.nmount,
FreeBSD Security Advisories
Cisco Secure ACS Denial Of Service Vulnerability,
Cisco Systems Product Security Incident Response Team
Cisco Secure ACS EAP Parsing Vulnerability,
Laurent Butti
Cisco Security Advisory: Remote Access VPN and SIP Vulnerabilities in Cisco PIX and Cisco ASA,
Cisco Systems Product Security Incident Response Team
Google Chrome Browser (ver.0.2.149.27) Vulnerability,
psy . echo
Google Chrome Automatic File Download,
nerex
TransLucid 1.75 (fckeditor) Remote Arbitrary File Upload,
admin
Secunia Research: Novell iPrint Client nipplib.dll "IppCreateServerRef()" Buffer Overflow,
Secunia Research
[Tool] Distack framework for attack detection and traffic analysis,
Christoph Mayer
RUXCON 2008 Final Call For Papers,
cfp
Has anyone implemented "double forward DNS"?,
Duncan Simpson
Exploit,
Admin
T2´08 Challenge - Free Tickets Available,
Tomi Tuominen
[ MDVSA-2008:183 ] opensc,
security
In search of examples of malicious source code,
Steve . Coleman
[Suspected Spam]New IETF I-D-: Security Assessment of the Internet Protocol version 4,
Fernando Gont
[USN-639-1] tiff vulnerability,
Kees Cook
[Tool] sqlmap 0.6 released,
Bernardo Damele A. G.
[ MDVSA-2008:182 ] wordnet,
security
CS-Cart <= 1.3.5 SQL Injection,
GulfTech Security Research
Postfix Linux-only local denial of service,
Wietse Venema
[AJECT] Softalk IMAP Server 8.5.1 DoS vulnerability,
João Antunes
[security bulletin] HPSBMA02362 SSRT080044, SSRT080045 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Denial of Service (DoS),
security-alert
ToorCon X Lineup & Training Seminars Posted & Pre-Registration Ending,
h1kari
HPSBUX02354 SSRT080113 rev.1 - HP-UX Running Netscape / Red Hat Directory Server, Remote Cross Site Scripting (XSS) or Remote Denial of Service (DoS),
security-alert
[SECURITY] [DSA 1634-1] New wordnet packages fix arbitrary code execution,
Thijs Kinkhorst
[SECURITY] [DSA 1633-1] New slash packages fix multiple vulnerabilities,
Florian Weimer
[oCERT-2008-014] WordNet stack and heap overflows,
Rob Holland
rPSA-2008-0264-1 ruby,
rPath Update Announcements
Multiple Cross Site Scripting (XSS) Vulnerabilities in vtigerCRM 5.0.4, CVE-2008-3101,
Fabian Fingerle
[SECURITY] [DSA 1627-2] New opensc package fix incomplete check,
Thijs Kinkhorst
PoCfix (PoC for Postfix local root vuln - CVE-2008-2936),
Roman Medina-Heigl Hernandez
Plesk 8.6.0 authentication flaw allows to gain virtual user priviledges,
Felix Buenemann
