Bugtraq
- Re: Advisory: Google Chrome Window Object Suppressing Remote Denial of Service.
- Re: Advisory: Google Chrome Window Object Suppressing Remote Denial of Service.
- WordPress MU < 2.6 wpmu-blogs.php Crose Site Scrpting vulnerability
- International Hacking & Security Conference "POC2008"
- MySQL command-line client HTML injection vulnerability
- Remote File Inclusion Vulnerability
- Re: Sun M-class hardware denial of service
- Re: MS Internet Explorer 7 Denial Of Service Exploit
- [ MDVSA-2008:208 ] pam_mount
- Re: Advisory: Mozilla Firefox User Interface Null Pointer Dereference Dispatcher Crash and Remote Denial of Service.
- Autodesk DWF Viewer Control / LiveUpdate Module remote code execution exploit
- rPSA-2008-0286-1 mono
- From: rPath Update Announcements
- White Wolf Labs #080922-1: Exploitation Through ActiveSync 4.x
- [MajorSecurity Advisory #56]moziloWiki - Directory Traversal, XSS and SessionFixation Issues
- Advisory: Google Chrome Window Object Suppressing Remote Denial of Service.
- Re: Sun M-class hardware denial of service
- MS Internet Explorer 7 Denial Of Service Exploit
- Re: Sun M-class hardware denial of service
- Re: Sun M-class hardware denial of service
- Re: Sun M-class hardware denial of service
- Re: Sun M-class hardware denial of service
- Re: Sun M-class hardware denial of service
- [ MDVSA-2008:207 ] openafs
- Re: Sun M-class hardware denial of service
- Re: Sun M-class hardware denial of service
- Re: Sun M-class hardware denial of service
- Re: Sun M-class hardware denial of service
- Re: Sun M-class hardware denial of service
- Re: Sun M-class hardware denial of service
- Re: Sun M-class hardware denial of service
- [security bulletin] HPSBMA02373 SSRT071467 rev.1 - HP Insight Diagnostics, Remote Unauthorized Access to Files
- Re: php create_function commond injection vulnerability
- Advisory : Opera Window Object Suppressing Remote Denial of Service
- Advisory: Mozilla Firefox User Interface Null Pointer Dereference Dispatcher Crash and Remote Denial of Service.
- [oCERT-2008-013] MPlayer Real demuxer heap overflow
- Re: php create_function commond injection vulnerability
- RE: Verizon FIOS (and DSL?) wireless access point insecure default WEP key
- Re: php create_function commond injection vulnerability
- Verizon FIOS (and DSL?) wireless access point insecure default WEP key
- ParsaWeb CMS SQL Injection
- PHP Calendar Script Remote XSS (Permanent) Vulnerabilities
- csphonebook 1.02 Remote XSS Vulnerabilitiy
- Login Password Sample Remote Password Disclouse Vulnerability
- hyBook Remote Password Disclouse Vulnerability
- shoutbox Remote Password Disclouse Vulnerability
- ASP News Remote Password Disclouse Vulnerability
- Novell ZENWorks for Desktops Version 6.5 Remote (Heap-Based) PoC
- xss in hackmeeting.org
- [ MDVSA-2008:206 ] mozilla-thunderbird
- Re: "Exploit creation - The random approach" or "Playing with random to build exploits"
- FtitzBox
- Re: [Full-disclosure] [IVIZ-08-010] McAfee SafeBoot Device Encryption Plain Text Password Disclosure (v4, Build 4750 and below)
- Crashing ZoneAlarm 8.0.020.000 by Checkpoint (Component : TrueVector)
- Crux Gallery <= 1.32 / Insecure Cookie Handling Vulnerability
- multiple vendor ftpd - Cross-site request forgery
- The Gemini Portal <= 4.7 / Insecure Cookie Handling Vulnerability
- RPG.Board <= 0.0.8Beta2 Remote SQL Injection
- DATAC RealWin 2.0 SCADA Software - Remote PreaAuth Exploit
- CA Service Desk Multiple Cross-Site Scripting Vulnerabilities
- Estonian Cyber Security Strategy document -- now available online
- [USN-647-1] Thunderbird vulnerabilities
- Linksys/Cisco WRT350N 1.0.3.7 Insecure Samba Static Configuration
- [ MDVSA-2008:205 ] mozilla-firefox
- [ GLSA 200809-18 ] ClamAV: Multiple Denials of Service
- [ GLSA 200809-17 ] Wireshark: Multiple Denials of Service
- [ GLSA 200809-16 ] Git: User-assisted execution of arbitrary code
- SQL Injection in EasyRealtorPRO 2008
- [USN-645-3] Firefox and xulrunner regression
- Fwd: Returned post for bugtraq@securityfocus.com
- adnforum <= 1.0b / Insecure Cookie Handling Vulnerability
- Cross Site Scripting (XSS) Vulnerabilitiy in flatpress 0.804, CVE-2008-4120
- C4 Security Advisory - ABB PCU400 4.4-4.6 Remote Buffer Overflow
- Re: php create_function commond injection vulnerability
- [security bulletin] HPSBST02372 SSRT080133 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-052 to MS08-055
- Google Docs (HTML code) Multiple Cross Site Scripting Vulnerabilities
- php create_function commond injection vulnerability
- [security bulletin] HPSBOV02364 SSRT080078 rev.3 - HP OpenVMS SMGRTL Run Time Library, Local Authorized User, Gain Privileged Access
- [ MDVSA-2008:204 ] blender
- Drupal Ajax Checklist Module SQL Injection Vulnerability
- From: Justin C. Klein Keane
- Drupal Brilliant Gallery module SQL injection vulnerability
- From: Justin C. Klein Keane
- Cisco Security Advisory: Cisco IOS IPS Denial of Service Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco IOS MPLS VPN May Leak Information
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Multiple Multicast Vulnerabilities in Cisco IOS Software
- From: Cisco Systems Product Security Incident Response Team
- Re: Advisory : Google Chrome Carriage Return Null Object Memory Exhaustion Remote Dos.
- Cisco Security Advisory: Cisco uBR10012 Series Devices SNMP Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Multiple Cisco IOS Session Initiation Protocol Denial of Service Vulnerabilities
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco Unified Communications Manager Session Initiation Protocol Denial of Service Vulnerabilities
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco IOS Software Firewall Application Inspection Control Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco IOS NAT Skinny Call Control Protocol Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco IOS MPLS Forwarding Infrastructure Denial of Service Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco 10000, uBR10012, uBR7200 Series Devices IPC Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Vulnerability in Cisco IOS While Processing SSL Packet
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco IOS Software Layer 2 Tunneling Protocol (L2TP) Denial of Service Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Internet Information Service (adsiis.dll) activex remote DOS
- IAS Helper COM Component (iashlpr.dll) activex remote DOS
- Internet Information Service remote set password
- [USN-645-2] Firefox vulnerabilities
- [USN-645-1] Firefox and xulrunner vulnerabilities
- Advisory : Google Chrome Carriage Return Null Object Memory Exhaustion Remote Dos.
- [ GLSA 200809-15 ] GNU ed: User-assisted execution of arbitrary code
- [ GLSA 200809-14 ] BitlBee: Security bypass
- mantis CVE-2008-3102 (Re: menalto gallery: Session hijacking vulnerability, CVE-2008-3102)
- Re: Blue Coat xss
- Re: [MajorSecurity Advisory #54]xt:Commerce - Cross Site Scripting and Session Fixation Issues
- From: Philipp Hagemeister
- Re: Aruba Mobility Controller Shared Default Certificate - Response from Aruba Networks
- From: Robbie (Rupinder) Gill
- menalto gallery: Session hijacking vulnerability, CVE-2008-3102
- [ MDVSA-2008:203 ] awstats
- [ MDVSA-2008:202 ] phpMyAdmin
- Xss In Datalife Engine CMS 7.2
- Aruba Mobility Controller Shared Default Certificate
- Squirrelmail: Session hijacking vulnerability, CVE-2008-3663
- [ MDVSA-2008:201 ] pan
- [ MDVSA-2008:200 ] ed
- [ GLSA 200809-13 ] R: Insecure temporary file creation
- [ GLSA 200809-12 ] Newsbeuter: User-assisted execution of arbitrary code
- Re: [MajorSecurity Advisory #54]xt:Commerce - Cross Site Scripting and Session Fixation Issues
- Cross Site Scripting (XSS) Vulnerabilitiy in fuzzylime (cms) >=3.02, CVE-2008-3098
- [SECURITY] [DSA-1619-2] New python-dns package fixes regression
- [MajorSecurity Advisory #54]xt:Commerce - Cross Site Scripting and Session Fixation Issues
- [MajorSecurity Advisory #53]BLUEPAGE CMS - Cross Site Scripting and Session Fixation Issues
- Directory traversal in the webadmin of Unreal Tournament 3 1.3
- [ GLSA 200809-11 ] HAVP: Denial of Service
- [ GLSA 200809-10 ] Mantis: Multiple vulnerabilities
- "Exploit creation - The random approach" or "Playing with random to build exploits"
- Blue Coat xss
- [security bulletin] HPSBUX02370 SSRT071459 rev.1 - HP-UX Running rpcbind, Remote Denial of Service (DoS)
- MapCal - The Mapping Calendar (v. 0.1) Remote SQL Injection
- drupal: Session hijacking vulnerability, CVE-2008-3661
- MyFWB 1.0 Remote SQL Injection
- Advanced Electron Forum <= 1.0.6 Remote Code Execution
- From: GulfTech Security Research
- [SECURITY] [DSA 1634-2] New wordnet packages fix regression
- [SECURITY] [DSA 1640-1] New python-django packages fix cross site request forgery
- [SECURITY] [DSA 1642-1] New horde3 packages fix cross site scripting
- [SECURITY] [DSA 1641-1] New phpmyadmin packages fix several issues
- [SECURITY] [DSA 1639-1] New twiki packages execution of arbitrary code
- [ MDVSA-2008:199 ] wireshark
- [ GLSA 200809-09 ] Postfix: Denial of Service
- Annutel - Annuaire Téléphonique v1.0 Sensetive Files (MDP)
- Re: Pidgin IM Client Password Disclosure Vulnerability.
- RE: Pidgin IM Client Password Disclosure Vulnerability.
- From: Quark IT - Hilton Travis
- RE: Pidgin IM Client Password Disclosure Vulnerability.
- [USN-646-1] rdesktop vulnerabilities
- Re: Pidgin IM Client Password Disclosure Vulnerability.
- Re: Pidgin IM Client Password Disclosure Vulnerability.
- PHP pro bid v 6.04 SQL injection
- VMSA-2008-0015 Updated ESXi and ESX 3.5 packages address critical security issue in openwsman
- From: VMware Security Team
- LooYu Web IM 2008 Cross-Site Scripting Vulnerabilities
- vi can run arbitrary commands via 'tags' file
- RE: Pidgin IM Client Password Disclosure Vulnerability.
- cyask 3.x Local File Inclusion Vulnerability
- menalto gallery: Session hijacking vulnerability, CVE-2008-3662
- Re: Pidgin IM Client Password Disclosure Vulnerability.
- RE: Pidgin IM Client Password Disclosure Vulnerability.
- From: Quark IT - Hilton Travis
- Re: Pidgin IM Client Password Disclosure Vulnerability.
- Hi Two Points to consider
- [security bulletin] HPSBOV02364 SSRT080078 rev.2 - HP OpenVMS SMGRTL Run Time Library, Local Authorized User, Gain Privileged Access
- Sama XSS Bug
- [ MDVSA-2008:189-1 ] clamav
- rPSA-2008-0276-1 mercurial mercurial-hgk
- From: rPath Update Announcements
- rPSA-2008-0278-1 tshark wireshark
- From: rPath Update Announcements
- [security bulletin] HPSBMA02369 SSRT080115 rev.1 - HP ProLiant Essentials Rapid Deployment Pack (RDP) Running Symantec Altiris Deployment Solution, Remote SQL Injection, Remote or Local Gain Extended Privileges, Local Denial of Service (DoS)
- ShmooCon 2009 CFP
- Microsoft Internet Explorer DoS in Rendering Malicious PNG Files.
- [AJECT] SurgeMail IMAP 3.9e vulnerability
- Pidgin IM Client Password Disclosure Vulnerability.
- Miranda IM Client Password Disclosure Vulnerability.
- Skype IM Client Password Disclosure Vulnerability.
- [ MDVSA-2008:197-1 ] koffice
- [NOBYTES.COM: #13] Quick.Cart v3.1 Freeware - Cross Site Scripting
- [NOBYTES.COM: #14] Quick.Cms.Lite v2.1 Freeware - Cross Site Scripting
- [ECHO_ADV_101$2008] Attachmax Dolphin <= 2.1.0 Multiple Vulnerabilities
- [ MDVSA-2008:198 ] R-base
- [Suspected Spam][CVE-2008-4042] Postfix Linux-only local denial of service - PoC
- [NOBYTES.COM: #12] osCommerce 2.2rc2a - Information Disclosure
- [SECURITY] [DSA 1638-1] New openssh packages fix denial of service
- Team SHATTER Security Advisory: IBM DB2 UDB - Buffer overrun in XMLQUERY and XMLEXISTS
- Team SHATTER Security Advisory: Security Vulnerability in CLR stored procedure deployment from IBM Database Add-Ins for Visual Studio
- Failed assertion in the Unreal engine
- InstallShield Update Agent - Downloads and executes "Rule Scripts" insecurely.
- [ MDVSA-2008:197 ] koffice
- [ MDVSA-2008:182-1 ] wordnet
- Security flaw in Airtel DSL modems
- [ MDVSA-2008:196 ] mplayer
- TPTI-08-06: Landesk QIP Server Service Heal Packet Buffer Overflow
- Critical Vulnerability in Apple Quicktime’s Indeo Codec
- From: NGSSoftware Insight Security Research
- [SECURITY] [DSA 1637-1] New git-core packages fix buffer overflow
- Microsoft Windows WRITE_ANDX SMB command handling Kernel DoS
- Baidu Hi IM client software DoS bug, div zero make client crash
- [ MDVSA-2008:195 ] apache
- [ MDVSA-2008:194 ] apache2
- [ MDVSA-2008:193 ] kolab-server
- Baidu Hi IM software parsing plaintext stack overflow
- CORE-2008-0126: iPhone Safari JavaScript alert Denial of Service
- From: Core Security Technologies Advisories
- Avant Browser <= 11.7 Build 9 Integer Denial Of Service Exploit
- [scip_Advisory 3809] Pro2col StingRay FTS login username cross site scripting
- community real-time BGP hijack notification service
- Clients format strings in the Unreal engine
- [USN-644-1] libxml2 vulnerabilities
- Secunia Research: Trend Micro OfficeScan "cgiRecvFile.exe" Buffer Overflow
- Re: OpenWiki<--v0.78 Cross-Site Scripting
- Advisory 05/2008: Wordpress user_login Column SQL Truncation Vulnerability
- [ MDVSA-2008:191 ] rsh
- [ MDVSA-2008:192 ] libxml2
- [USN-643-1] FreeType vulnerabilities
- Server termination in the Unreal engine 3
- [TKADV2008-007] Linux Kernel SCTP-AUTH API Information Disclosure Vulnerability and NULL Pointer Dereferences
- [SECURITY] [DSA 1636-1] New Linux 2.6.24 packages fix several vulnerabilities
- RE: SQL Smuggling
- Advisory 04/2008: Joomla Weak Random Password Reset Token Vulnerability
- Nooms 1.1
- [security bulletin] HPSBOV02364 SSRT080078 rev.1 - HP OpenVMS SMGRTL Run Time Library, Local Authorized User, Gain Privileged Access
- minb Remote Code Execution Exploit
- PhsBlog v0.2 Bypass Sql injection Filtering Exploit
- sqlvdir.dll ActiveX Remote Buffer Overflow Exploit
- PhpWebGallery 1.3.4 Multiple Vulnerabilities (XSS/LFI)
- ZoneAlarm Security Suite buffer overflow
- Re: Sun M-class hardware denial of service
- Re: Sun M-class hardware denial of service
- Ezphotogallery 2.1 Multiple Vulnerabilities ( Xss/Login Bypass/Sql injection Exploit/File Disclosure)
- [USN-642-1] Postfix vulnerabilities
- [SECURITY] [DSA 1635-1] New freetype packages fix multiple vulnerabilities
- ZDI-08-057: Apple QuickTime IV32 Codec Parsing Stack Overflow Vulnerability
- Re: Sun M-class hardware denial of service
- [ MDVSA-2008:190 ] postfix
- Re: Sun M-class hardware denial of service
- Re: E-Php B2B Trading Marketplace(cid) Remote SQL Injection Vulnerability
- [oCERT-2008-012] Horde, Popoon frameworks common input sanitization errors (XSS)
- Windows GDI+ GIF memory corruption
- iDefense Security Advisory 09.09.08: Microsoft Windows GDI+ Gradient Fill Heap Overflow Vulnerability
- [ MDVSA-2008:189 ] clamav
- Multiple Vulnerabilities: LedgerSMB < 1.2.15
- iDefense Security Advisory 09.09.08: Apple QuickTime PICT Integer Overflow Vulnerability
- Re: SQL Smuggling
- Insomnia : ISVA-080910.1 - MS Office OneNote URL Handling Vulnerability
- Re: Sun M-class hardware denial of service
- ZDI-08-062: Apple QuickTime MDAT Frame Parsing Memory Corruption Vulnerability
- ZDI-08-061: Apple QuickTime Player H.264 Parsing Heap Corruption Vulnerability
- Re: Sun M-class hardware denial of service
- Re: Chrome(0.2.149.27) title(not the tag) Denial of Service(Freeze) exploit
- RE: Sun M-class hardware denial of service
- Re: SQL Smuggling
- DeepSec 2008 - Conference Schedule
- From: DeepSec Conference Vienna
- [SECURITY] CVE-2008-2938 - Apache Tomcat information disclosure vulnerability - Updated
- SQL Smuggling
- Re: Sun M-class hardware denial of service
- ZDI-08-060: Apple QuickTime AVC1 Atom Parsing Heap Overflow Vulnerability
- ZDI-08-059: Apple QuickTime STSZ Atom Parsing Heap Corruption Vulnerability
- ZDI-08-058: Apple QuickTime Panorama PDAT Atom Parsing Buffer Overflow Vulnerability
- Re: Sun M-class hardware denial of service
- Re: Sun M-class hardware denial of service
- ZDI-08-056: Microsoft Windows GDI+ GIF Parsing Code Execution Vulnerability
- ZDI-08-055: Microsoft Windows GDI+ BMP Parsing Code Execution Vulnerability
- Re: Sun M-class hardware denial of service
- Re: Chrome(0.2.149.27) title(not the tag) Denial of Service(Freeze) exploit
- Re: Chrome(0.2.149.27) title(not the tag) Denial of Service(Freeze) exploit
- Re: Chrome(0.2.149.27) title(not the tag) Denial of Service(Freeze) exploit
- Sun M-class hardware denial of service
- Stash v1.0.3 Admin bypass / Remote File Disclosure
- [USN-641-1] Racoon vulnerabilities
- Re: Chrome(0.2.149.27) title(not the tag) Denial of Service(Freeze) exploit
- Re: Chrome(0.2.149.27) title(not the tag) Denial of Service(Freeze) exploit
- Re: Sagem Router F@ST 2404 Remote Denial Of Service Exploit
- From: Vladimir '3APA3A' Dubrovin
- Re: Chrome(0.2.149.27) title(not the tag) Denial of Service(Freeze) exploit
- From: Wellington Wagner F. Sarmento
- [ GLSA 200809-08 ] Amarok: Insecure temporary file creation
- Re: Chrome(0.2.149.27) title(not the tag) Denial of Service(Freeze) exploit
- [ GLSA 200809-07 ] libTIFF: User-assisted execution of arbitrary code
- Re: Chrome(0.2.149.27) title(not the tag) Denial of Service(Freeze) exploit
- WASC Announcement: 2007 Web Application Security Statistics Published
- Chrome(0.2.149.27) title(not the tag) Denial of Service(Freeze) exploit
- Sagem Router F@ST 2404 Remote Denial Of Service Exploit
- Re: Re: SECURITY ADVISORY - Level Platforms, Inc. Service Center Install Data HTTP Vulnerability
- DEFCON London - DC4420 - September meet this Thursday 11th
- [scip_Advisory 3808] D-Link DIR-100 long url filter evasion
- Re: [WEB SECURITY] PR08-20: Bypassing ASP .NET "ValidateRequest" for Script Injection Attacks
- From: ProCheckUp Research
- [ GLSA 200809-06 ] VLC: Multiple vulnerabilities
- phpAdultSite CMS flaws
- xoops-1.3.10 shell command execute vulnerability ( causing snoopy class )
- Re: RES: Google Chrome Automatic File Download
- [ MDVSA-2008:188 ] tomcat5
- Google Chrome Auto download exploit ..
- [ GLSA 200809-05 ] Courier Authentication Library: SQL injection vulnerability
- Re: Has anyone implemented "double forward DNS"?
- Re: Oracle 10g Dynamic Monitoring Services XSS /servlet/Spy
- Google Chrome 0.2.149.27 'SaveAs' Function Buffer Overflow Vulnerability
- From: Security Vulnerability Research Team
- Re: XCon 2008 Call for Paper
- Re: XCon 2008 Call for Paper
- XCon 2008 Call for Paper
- Risky Chrome (The perfect cleartext password offering )
- rPSA-2008-0268-1 libtiff
- From: rPath Update Announcements
- Re: Zen Cart <= 1.3.8a SQL Injection
- other google chrome crash
- [security bulletin] HPSBMA02361 SSRT080119 rev.1 - HP OpenView Select Identity Connectors running on Windows, Local Information Disclosure
- [ MDVSA-2008:186 ] python
- Multiple MicroWorld products insecure directory permissions
- [ GLSA 200809-02 ] dnsmasq: Denial of Service and DNS spoofing
- Re: Has anyone implemented "double forward DNS"?
- From: Ansgar -59cobalt- Wiechers
- clamav: Crash with crafted chm, CVE-2008-1389
- [ GLSA 200809-01 ] yelp: User-assisted execution of arbitrary code
- [ GLSA 200809-03 ] RealPlayer: Buffer overflow
- [ GLSA 200809-04 ] MySQL: Privilege bypass
- Zen Cart <= 1.3.8a SQL Injection
- From: GulfTech Security Research
- Re: Google Chrome Automatic File Download
- [USN-640-1] libxml2 vulnerability
- Marvell Driver Null SSID Association Request Vulnerability
- Atheros Vendor Specific Information Element Overflow
- Marvell Driver EAPoL-Key Length Overflow
- Multiple Cross Site Scripting (XSS) and SQL injection Vulnerabilities in XRMS, CVE-2008-3664
- FreeBSD Security Advisory FreeBSD-SA-08:07.amd64
- From: FreeBSD Security Advisories
- FreeBSD Security Advisory FreeBSD-SA-08:09.icmp6
- From: FreeBSD Security Advisories
- Re: Has anyone implemented "double forward DNS"?
- Re: Has anyone implemented "double forward DNS"?
- Re: Has anyone implemented "double forward DNS"?
- [ MDVSA-2008:185 ] python-django
- RE: Google Chrome Automatic File Download
- Re: Has anyone implemented "double forward DNS"?
- Re: In search of examples of malicious source code
- [ MDVSA-2008:184 ] libtiff
- Re: Has anyone implemented "double forward DNS"?
- FreeBSD Security Advisory FreeBSD-SA-08:08.nmount
- From: FreeBSD Security Advisories
- Cisco Secure ACS Denial Of Service Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Cisco Secure ACS EAP Parsing Vulnerability
- Re: Google Chrome Automatic File Download
- RES: Google Chrome Automatic File Download
- Cisco Security Advisory: Remote Access VPN and SIP Vulnerabilities in Cisco PIX and Cisco ASA
- From: Cisco Systems Product Security Incident Response Team
- Google Chrome Browser (ver.0.2.149.27) Vulnerability
- Google Chrome Automatic File Download
- TransLucid 1.75 (fckeditor) Remote Arbitrary File Upload
- Secunia Research: Novell iPrint Client nipplib.dll "IppCreateServerRef()" Buffer Overflow
- [Tool] Distack framework for attack detection and traffic analysis
- RUXCON 2008 Final Call For Papers
- Has anyone implemented "double forward DNS"?
- Exploit
- T2´08 Challenge - Free Tickets Available
- [ MDVSA-2008:183 ] opensc
- In search of examples of malicious source code
- [Suspected Spam]New IETF I-D-: Security Assessment of the Internet Protocol version 4
- [USN-639-1] tiff vulnerability
- [Tool] sqlmap 0.6 released
- From: Bernardo Damele A. G.
- [ MDVSA-2008:182 ] wordnet
- CS-Cart <= 1.3.5 SQL Injection
- From: GulfTech Security Research
- Postfix Linux-only local denial of service
- [AJECT] Softalk IMAP Server 8.5.1 DoS vulnerability
- [security bulletin] HPSBMA02362 SSRT080044, SSRT080045 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Denial of Service (DoS)
- ToorCon X Lineup & Training Seminars Posted & Pre-Registration Ending
- HPSBUX02354 SSRT080113 rev.1 - HP-UX Running Netscape / Red Hat Directory Server, Remote Cross Site Scripting (XSS) or Remote Denial of Service (DoS)
- [SECURITY] [DSA 1634-1] New wordnet packages fix arbitrary code execution
- [SECURITY] [DSA 1633-1] New slash packages fix multiple vulnerabilities
- [oCERT-2008-014] WordNet stack and heap overflows
- rPSA-2008-0264-1 ruby
- From: rPath Update Announcements
- Multiple Cross Site Scripting (XSS) Vulnerabilities in vtigerCRM 5.0.4, CVE-2008-3101
- [SECURITY] [DSA 1627-2] New opensc package fix incomplete check
- PoCfix (PoC for Postfix local root vuln - CVE-2008-2936)
- From: Roman Medina-Heigl Hernandez
- Plesk 8.6.0 authentication flaw allows to gain virtual user priviledges
