bugtraq April 2008 archive
Main Archive Page > Month Archives  > bugtraq archives
bugtraq: By Date

bugtraq By Date

SubjectAuthorDate
Re: R.I.P. rgodChristian Kujau
Re: Re: heanet.dl.sourceforge.net hacked?securityfocus.com_at_nospam
Re: heanet.dl.sourceforge.net hacked?Marshall Eubanks
[SECURITY] [DSA 1563-1] New asterisk packages fix denial of serviceMoritz Muehlenhoff
Re: heanet.dl.sourceforge.net hacked?Rainer Duffner
Re: heanet.dl.sourceforge.net hacked?mirrors_at_nospam
Re: heanet.dl.sourceforge.net hacked?Pieter de Boer
heanet.dl.sourceforge.net hacked?Michael Scheidell
CFP: Workshop on Open Source Software for Computer and Network ForensicsStefano Zanero
Re: rPSA-2008-0151-1 libpngLiran Cohen
Critical Vulnerability in SNMPcNGSSoftware Insight Security Research
[security bulletin] HPSBMA02331 SSRT080000 rev.1 - HP-UX running WBEM Services, Remote Execution of Arbitrary Code, Gain Extended Privilegessecurity-alert_at_nospam
[ MDVSA-2008:093 ] - Updated vorbis-tools packages fix vulnerabilitiessecurity_at_nospam
[ MDVSA-2008:092 ] - Updated gstreamer-plugins-good packages fix vulnerabilitiessecurity_at_nospam
Re: R.I.P. rgodChristian Kujau
XSS Attackhadikiamarsi_at_nospam
Re: Yourfreeworld Styleish Text Ads Scriptrohit_at_nospam
rPSA-2008-0151-1 libpngrPath Update Announcements
SugarCRM Community Edition Local File Disclosure Vulnerabilityroberto.suggi_at_nospam
[ GLSA 200804-30 ] KDE start_kdeinit: Multiple vulnerabilitiesMatthias Geerdsen
Re: h2desk helpdesk path disclosure vulnerabilityjohn_at_nospam
[ECHO_ADV_89$2008] Softbiz Web Host Directory Script (search_result.php host_id) Blind Sql Injection Vulnerabilityerdc_at_nospam
[ECHO_ADV_88$2008] Prozilla Hosting Index (directory.php cat_id) Blind Sql Injection Vulnerabilityerdc_at_nospam
[SECURITY] [DSA 1562-1] New iceape packages fix arbitrary code executionMoritz Muehlenhoff
Microsoft SWI blog inaccuraciesAmit Klein
London DEFCON meet - Thursday 1st May - DC4420Major Malfunction
bug reporthadikiamarsi_at_nospam
Minibb 2.2a XSS Vulnerabilityirancrash_at_nospam
[SECURITY] [DSA 1556-2] New perl packages fix denial of serviceFlorian Weimer
[SECURITY] [DSA 1561-1] New ldm packages fix information disclosureThijs Kinkhorst
GroupWise 7.0 mailto: scheme buffer overflowjplopezy_at_nospam
[SECURITY] [DSA 1560-1] New kronolith2 packages fix cross site scriptingThijs Kinkhorst
Re: R.I.P. rgodblacklight_at_nospam
Re: Simple Machines Forum "SMF Shoutbox" Mod Persistent XSSpobore_at_nospam
rPSA-2008-0149-1 idle pythonrPath Update Announcements
Re: Firefox 3.0 beta 5 crash (Slightly unrelated)Skratz0r
Wordpress 2.5 Cookie Integrity Protection VulnerabilitySteven J. Murdoch
Re: Curious vulnerability in Excel 2007jplopezy_at_nospam
Re: Firefox 3.0 beta 5 crashMauro Faccenda
[ GLSA 200804-29 ] Comix: Multiple vulnerabilitiesPierre-Yves Rofes
R.I.P. rgodipsdix_at_nospam
[ MDVSA-2008:091 ] - Updated wireshark packages fix denial of service vulnerabilitiessecurity_at_nospam
[SECURITY] [DSA 1558-1] New xulrunner packages fix arbitrary code executionMoritz Muehlenhoff
[SECURITY] [DSA 1534-2] New iceape packages fix regressionMoritz Muehlenhoff
[SECURITY] [DSA 1556-1] New perl packages fix denial of serviceFlorian Weimer
[SECURITY] [DSA 1557-1] New phpmyadmin packages fix several vulnerabilitiesThijs Kinkhorst
HPSBGN02333 SSRT080031 rev.1 - HP Software Update HPeDiag Running on Windows, Remote Disclosure of Information and Execution of Arbitrary Codesecurity-alert_at_nospam
A New Class of Vulnerability in Oracle: Lateral SQL InjectionDavid Litchfield
[ GLSA 200804-27 ] SILC: Multiple vulnerabilitiesTobias Heinlein
Trillian 3.1 basic nick crashjplopezy_at_nospam
DDIVRT-2008-11 BadBlue uninst.exe DoSvulnerabilityresearch_at_nospam
[ GLSA 200804-28 ] JRockit: Multiple vulnerabilitiesTobias Heinlein
Re: xine-lib NES Sound Format Demuxer Buffer OverflowGuido Landi
xine-lib NES Sound Format Demuxer Buffer Overflowlaurent.gaffie_at_nospam
[W01-0408] Realtek HD Audio Codec Drivers (Vista) - Local Privilege Escalationvulns_at_nospam
PR07-44: XSS on RSA Authentication Agent login pageProCheckUp Research
PR07-43: Cross-domain redirect on RSA Authentication AgentProCheckUp Research
Re: NetClassifieds Sql Injectionlaurent.gaffie_at_nospam
[ GLSA 200804-26 ] Openfire: Denial of ServiceRobert Buchholz
[SECURITY] [DSA 1555-1] New iceweasel packages fix arbitrary code executionMoritz Muehlenhoff
[ GLSA 200804-25 ] VLC: User-assisted execution of arbitrary codeRobert Buchholz
Zune software - arbitrary file overwriteinfo_at_nospam
NetClassifieds Sql Injectionnoreply_at_nospam
LayerOne 2008 - Final Pre-Con UpdateLayer One
Horde Webmail XSS [Aria-Security]noreply_at_nospam
AST-2008-006 - 3-way handshake in IAX2 incompleteSecurity Officer
Re: Default key algorithm in Thomson and BT Home Hub routersap_at_nospam
Default key algorithm in Thomson and BT Home Hub routersAdrian Pastor
[SECURITY] [DSA 1554-1] New roundup packages fix cross-site scripting vulnerabilityNoah Meyerhans
Re: Firefox 3.0 beta 5 crashGianluca Borello
Cross site scripting issues in s9y (CVE-2008-1386, CVE-2008-1387)Hanno Böck
[USN-602-1] Firefox vulnerabilitiesJamie Strandboge
[USN-604-1] Gnumeric vulnerabilityKees Cook
Correcting CVEs (was Re: [Full-disclosure] Cross site scripting issues in s9y (CVE-2008-1386, CVE-2008-1387))Hanno Böck
Re: Powered by gCards v1.46 SQLpacket_at_nospam
Sea-Surfing on the Motorola Surfboardth3.r00k.nospam_at_nospam
[ GLSA 200804-24 ] DBmail: Data disclosureMatthias Geerdsen
Xoops All Version -Articles- Article.PHP (ID) Blind SQL Injection ExpL0itcrazy_kinq_at_nospam
[ GLSA 200804-23 ] CUPS: Integer overflow vulnerabilityMatthias Geerdsen
ANNOUNCE: Security Implications of Windows Access Tokens Whitepaperluke.jennings_at_nospam
Re: Re: Smf 1.1.4 Remote File Inclusion Vulnerabilitiesdouchbag_at_nospam
Powered by gCards v1.46 SQLturkish-warriorr_at_nospam
IRM Security Advisory : RedDot CMS SQL injection vulnerabilityMark Crowther
[SECURITY] [DSA 1553-1] New ikiwiki packages fix cross-site request forgeryFlorian Weimer
Acidcat CMS Multiple Vulnerabilitiesadmin_at_nospam
[ MDVSA-2008:090 ] - Updated OpenOffice.org packages fix vulnerabilitiessecurity_at_nospam
Deciphering the PHP-Nuke CapthcaMichael.Brooks.SPAM_at_nospam
SyScan'08 Singapore - Call for Paperorganiser_at_nospam
Deciphering the Simple Machines Forum audio CaptchaMichael.Brooks.SPAM_at_nospam
Token Kidnapping (Microsoft Security Advisory 951306) presentation availableCesar
[SECURITY] [DSA 1552-1] New mplayer packages fix arbitrary code executionMoritz Muehlenhoff
[SECURITY] [DSA 1551-1] New python2.4 packages fix several vulnerabilitiesMoritz Muehlenhoff
ANNOUNCE: RFIDIOt-0.1s release (now available for Windows)Adam Laurie
Team SHATTER Security Advisory: IBM DB2 UDB Arbitrary code execution in ADMIN_SP_C/ADMIN_SP_C2 proceduresTeam SHATTER
[ GLSA 200804-22 ] PowerDNS Recursor: DNS Cache PoisoningRobert Buchholz
Team SHATTER Security Advisory: IBM DB2 UDB Arbitrary file overwrite in SYSPROC.NNSTAT procedureTeam SHATTER
Team SHATTER Security Advisory: Multiple DoS in JAR files manipulation proceduresTeam SHATTER
Wikepage Wiki v.2007-2 Cross-Site Scriptingdarkz.gsa_at_nospam
[ GLSA 200804-21 ] Adobe Flash Player: Multiple vulnerabilitiesRobert Buchholz
LightNEasy v.1.2.2 flat Multiple Vulnerabilitiesdarkz.gsa_at_nospam
5th avenue Shopping Cart SQL Injectionnoreply_at_nospam
[ GLSA 200804-20 ] Sun JDK/JRE: Multiple vulnerabilitiesRobert Buchholz
BitTorrent Clients and CSRFth3.r00k.nospam_at_nospam
[ MDVSA-2008:089 ] - Updated poppler packages fix vulnerabilitysecurity_at_nospam
[ MDVSA-2008:088 ] - Updated clamav packages fix multiple vulnerabilitiessecurity_at_nospam
[ GLSA 200804-19 ] PHP Toolkit: Data disclosure and Denial of ServiceRobert Buchholz
iDefense Security Advisory 04.17.08: Multiple Vendor OpenOffice QPRO File Parsing Integer Underflow VulnerabilityiDefense Labs
iDefense Security Advisory 04.17.08: Multiple Vendor OpenOffice QPRO Multiple Heap Overflow VulnerabilitiesiDefense Labs
iDefense Security Advisory 04.17.08: Multiple Vendor OpenOffice EMF EMR_BITBLT Record Integer Overflow VulnerabilityiDefense Labs
iDefense Security Advisory 04.17.08: Multiple Vendor OpenOffice OLE DocumentSummaryInformation Heap Overflow VulnerabilityiDefense Labs
[SECURITY] [DSA 1550-1] New suphp packages fix local privilege escalationMoritz Muehlenhoff
Re: [Full-disclosure] Secunia Research: Lotus Notes Folio Flat File Parsing Buffer OverflowsJuha-Matti Laurio
[SECURITY] [DSA 1549-1] New clamav packages fix several vulnerabilitiesMoritz Muehlenhoff
Re: BigAnt Server 2.2 PreAuth Remote SEH Overflow Exploit (0day)m.memelli_at_nospam
[USN-603-2] KOffice vulnerabilityKees Cook
[USN-603-1] poppler vulnerabilityKees Cook
[SECURITY] [DSA 1548-1] New xpdf packages fix arbitrary code exitutionDevin Carraway
Announcement - DeepSec Conference 2008, Nov 11-14 2008DeepSec Conference
Microsoft Works 7 WkImgSrv.dll crash POCwsn1983_at_nospam
[security bulletin] HPSBMA02328 SSRT071293 rev.2 - HP OpenView Network Node Manager (OV NNM) Running Apache, Remote Cross Site Scripting (XSS), Denial of Service (DoS), Execute Arbitrary Codesecurity-alert_at_nospam
[security bulletin] HPSBST02329 SSRT080048 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-018 to MS08-025security-alert_at_nospam
[security bulletin] HPSBMA02133 SSRT061201 rev.8 - HP Oracle for OpenView (OfO) Critical Patch Updatesecurity-alert_at_nospam
[ GLSA 200804-18 ] Poppler: User-assisted execution of arbitrary codeRobert Buchholz
[ GLSA 200804-17 ] Speex: User-assisted execution of arbitrary codeRobert Buchholz
[ GLSA 200804-16 ] rsync: Execution of arbitrary codeRobert Buchholz
[SECURITY] [DSA 1547-1] New OpenOffice.org packages fix arbitrary code executionMartin Schulze
[oCERT-2008-004] multiple speex implementations insufficient boundary checksAndrea Barisani
[ MDVSA-2008:087 ] - Updated policykit package fixes format string vulnerabilitysecurity_at_nospam
FreeBSD Security Advisory FreeBSD-SA-08:05.opensshFreeBSD Security Advisories
ZDI-08-022: Apple Safari WebKit PCRE Handling Integer Overflow Vulnerabilityzdi-disclosures_at_nospam
Classifieds Caffe (index.php cat_id) Remote SQL Injectionsys-project_at_nospam
Re: PHPSlideShow (toonchapter8.php) Cross-Site Scripting Vulnerabilitycontact_at_nospam
iDefense Security Advisory 04.15.08: Oracle Application Express Privilege Escalation VulnerabilityiDefense Labs
iDefense Security Advisory 04.09.08: IBM DB2 Universal Database db2dasStartStopFMDaemon Buffer Overflow VulnerabilityiDefense Labs
iDefense Security Advisory 04.09.08: IBM DB2 Universal Database Administration Server File Creation VulnerabilityiDefense Labs
CA DSM gui_cm_ctrls ActiveX Control VulnerabilityWilliams, James K
Cisco Security Advisory: Cisco Network Admission Control Shared Secret VulnerabilityCisco Systems Product Security Incident Response Team
Oracle - Hardcoded Password and Password Reset of OUTLN User [DB13]ak_at_nospam
[INFIGO-2008-04-08]: ICQ 6 remote buffer overflow vulnerabilityinfocus
Oracle - SQL Injection in package SDO_IDX [DB07]ak_at_nospam
Oracle - SQL Injection Vulnerability in SDO_UTIL [DB05]ak_at_nospam
BigAnt Server 2.2 PreAuth Remote SEH Overflow Exploit (0day)admin_at_nospam
VMSA-2008-0007 Moderate Updated Service Console packages pcre, net-snmp, and OpenPegasusVMware Security team
Carbon Communities forum Multiple Vulnerabilities.admin_at_nospam
Oracle - SQL Injection in package SDO_GEOM [DB06]ak_at_nospam
[ MDVSA-2008:086 ] - Updated kernel packages fix vulnerabilitysecurity_at_nospam
DIVX Player <= 6.7.0 Buffer Overflow PoC ( .SRT )securfrog_at_nospam
remote file includewin32.exe_at_nospam
iDefense Security Advisory 04.14.08: ClamAV libclamav PE WWPack Heap Overflow VulnerabilityiDefense Labs
remote file includewin32.exe_at_nospam
Koobi Pro 6.25 poll Remote SQL Injection VulnerabilitySabun_at_nospam
WordPress 2.5 - Salt cracking vulnerabilityJ. Carlos Nieto
Koobi CMS 4.2.4/4.2.5/4.3.0 Multiple Remote SQL Injection Vulnerabilitiessys-project_at_nospam
[SECURITY] [DSA 1540-2] New lighttpd packages fix denial of serviceSteve Kemp
[ MDVSA-2008:086 ] - Updated kernel packages fix vulnerabilitysecurity_at_nospam
Re: Secunia Research: Lotus Notes Folio Flat File Parsing Buffer OverflowsLuigi Auriemma
BosNews 2002-2006 Remote add user adminhoussamix_at_nospam
clamav: Endless loop / hang with crafter arj, CVE-2008-1387Hanno Böck
BosNews v4.0 Remote add user adminhoussamix_at_nospam
[ MDVSA-2008:085 ] - Updated python packages fix arbitrary code execution vulnerabilitysecurity_at_nospam
[ GLSA 200804-13 ] Asterisk: Multiple vulnerabilitiesRobert Buchholz
Dotclear 'ecrire/images.php' Arbitrary File Upload VulnerabilityMorgan ARMAND
[ GLSA 200804-15 ] libpng: Execution of arbitrary codeRobert Buchholz
KwsPHP (Upload) Remote Code Execution Exploitajax_at_nospam
[ GLSA 200804-14 ] Opera: Multiple vulnerabilitiesRobert Buchholz
Troopers08 Security Conference, April 23/24 (Munich/Germany)Enno Rey
[USN-601-1] Squid vulnerabilityJamie Strandboge
Fones Clinic Mart SQLturkish-warriorr_at_nospam
S21SEC-043-en:Cezanne SW Blind SQL InjectionS21sec labs
S21SEC-042-en:Cezanne SW Cross-Site Scripting (login required)S21sec labs
S21SEC-041-en:Cezanne SW Cross-Site ScriptingS21sec labs
Secunia Research: Internet Explorer Data Stream Handling VulnerabilitySecunia Research
Secunia Research: activePDF DocConverter Applix Graphics Parsing VulnerabilitiesSecunia Research
Secunia Research: Autonomy Keyview Applix Graphics Parsing VulnerabilitiesSecunia Research
Secunia Research: Lotus Notes EML Reader Buffer OverflowsSecunia Research
Secunia Research: Symantec Mail Security Applix Graphics Parsing VulnerabilitiesSecunia Research
Secunia Research: Autonomy Keyview EML Reader Buffer OverflowsSecunia Research
Secunia Research: HP OpenView Network Node Manager OpenView5.exe Directory TraversalSecunia Research
Secunia Research: Autonomy Keyview Folio Flat File Parsing Buffer OverflowsSecunia Research
Secunia Research: Lotus Notes Folio Flat File Parsing Buffer OverflowsSecunia Research
DOINGSOFT-2008-03-10-001 - XSS issue in BOXiR2Sebastien gioria
Secunia Research: Lotus Notes Applix Graphics Parsing VulnerabilitiesSecunia Research
Secunia Research: Symantec Mail Security Folio Flat File Parsing Buffer OverflowsSecunia Research
Secunia Research: Lotus Notes htmsr.dll Buffer OverflowsSecunia Research
Secunia Research: Adobe Flash Player "Declare Function (V7)" Heap OverflowSecunia Research
Secunia Research: activePDF DocConverter Folio Flat File Parsing Buffer OverflowsSecunia Research
OneSecurityDay 2008 - Web application auditing challengebugtraq_at_nospam
Secunia Research: Lotus Notes kvdocve.dll Path Processing Buffer OverflowSecunia Research
project announcement - oCERT - Open Source CERTAndrea Barisani
[oCERT-2008-003] libpng zero-length chunks incorrect handlingAndrea Barisani
DEF CON 16 Retro Announcement! Back to Bang!The Dark Tangent
Re: WoltLab(R) Community Framework WCF 1.0.6marc.deroche_at_nospam
DEF CON 16 Retro Announcement! Back to Bang!The Dark Tangent
[ MDVSA-2008:084 ] - Updated rsync packages fix vulnerabilitysecurity_at_nospam
IOActive Security Advisory: Incorrect input validation in PyString_FromStringAndSize() leads to multiple buffer overflowsJustin Ferguson
Trillian 3.1.9.0 DTD File Buffer Overflowdavid130490_at_nospam
Directory traversal and multiple Denials of Service in HP OpenView NNM 7.53Luigi Auriemma
[ GLSA 200804-11 ] policyd-weight: Insecure temporary file creationRobert Buchholz
[ GLSA 200804-12 ] gnome-screensaver: Privilege escalationRaphael Marichez
WiKID wClient-PHP <= 3.0-2 Multiple XSS Vulnerabilitiesascii
iDefense Security Advisory 04.09.08: EMC DiskXtender Authentication Bypass VulnerabilityiDefense Labs
[USN-600-1] rsync vulnerabilityKees Cook
iDefense Security Advisory 04.09.08: EMC DiskXtender MediaStor Format String VulnerabilityiDefense Labs
[SECURITY] [DSA 1546-1] New gnumeric packages fix arbitrary code executionDevin Carraway
iDefense Security Advisory 04.09.08: EMC DiskXtender File System Manager Stack Buffer Overflow VulnerabilityiDefense Labs
w2b.ru multiple products SQL Injectionnoreply_at_nospam
[ GLSA 200804-09 ] am-utils: Insecure temporary file creationPierre-Yves Rofes
[ GLSA 200804-10 ] Tomcat: Multiple vulnerabilitiesPierre-Yves Rofes
[SECURITY] [DSA 1545-1] New rsync packages fix arbitrary code executionMoritz Muehlenhoff
EUSecWest CFP Closes April 14th (conf May 21/22 2008)Dragos Ruiu
Re: Re: licq remote DoS?mrangelov_at_nospam
Re: openMosix userspace library stack-based buffer overflownixpanic_at_nospam
[ GLSA 200804-08 ] lighttpd: Multiple vulnerabilitiesTobias Heinlein
[ MDVSA-2008:083 ] - Updated audit packages fix vulnerabilitysecurity_at_nospam
Re: licq remote DoS?3APA3A
paFileDB 3.1 Remote SQL Injectionnoreply_at_nospam
Re: Alkacon OpenCms sessions.jsp searchfilter XSSa.westtermann_at_nospam
IOActive Security Advisory: Buffer overflow in Python zlib extension moduleJustin Ferguson
[SECURITY] [DSA 1544-1] New pdns-recursor packages fix cache poisoning vulnerabilityFlorian Weimer
[USN-599-1] Ghostscript vulnerabilityJamie Strandboge
[ MDVSA-2008:082 ] - Updated php-apc packages fix vulnerabilitysecurity_at_nospam
[SECURITY] [DSA 1543-1] New vlc packages fix several vulnerabilitiesDevin Carraway
[CVE-2007-5301] alsaplayer PoC - exploitAlbert Sellars
[SECURITY] [DSA 1542-1] New libcairo packages fix arbitrary code executionDevin Carraway
iDefense Security Advisory 04.08.08: Microsoft Windows Graphics Rendering Engine Integer Overflow VulnerabilityiDefense Labs
[ GLSA 200804-07 ] PECL APC: Buffer OverflowRobert Buchholz
Pu Arcade component for Joomla - SQL injectionnetmantis.com_at_nospam
ZDI-08-021: Adobe Flash Player DeclareFunction2 Invalid Object Use Vulnerabilityzdi-disclosures_at_nospam
SAP Netweaver 6.40-7.0 Cross-Site-Scriptingjaime.blasco_at_nospam
CAU-2008-0002: Microsoft Windows SharePoint Services Picture Source XSSI)ruid
[SECURITY] [DSA 1541-1] New openldap2.3 packages fix denial of serviceMoritz Muehlenhoff
iDefense Security Advisory 04.08.08: Microsoft HxTocCtrl ActiveX Control Invalid Param Heap Corruption VulnerabilityiDefense Labs
Re: Multiple vulnerabilities in HP OpenView NNM 7.53Luigi Auriemma
ZDI-08-020: Microsoft GDI WMF Parsing Heap Overflow Vulnerabilityzdi-disclosures_at_nospam
[security bulletin] HPSBMA02242 SSRT061260 rev.3 - HP OpenView Network Node Manager (OV NNM) Running Shared Trace Service, Remote Arbitrary Code Executionsecurity-alert_at_nospam
[security bulletin] [security bulletin] HPSBST02318 SSRT080018 rev.1 - HP Storage Essentials Software, Remote Unauthorized Access to Datasecurity-alert_at_nospam
Microsoft Windows DNS Stub Resolver Cache Poisoning (MS08-020)Amit Klein
New tool released : Syslog Fuzzerjaime.blasco_at_nospam
Swiki 1.5 Multiple Cross-Site Scripting Vulnerabilitiesbrad.antoniewicz_at_nospam
licq remote DoS?Milen Rangelov
[security bulletin] HPSBMA02327 SSRT071455 rev.1 - HP Integrity Servers iLO-2 Management Processors (iLO-2 MP), Denial of Service (DoS)security-alert_at_nospam
Wayport Public Access PC Authentication Bypass WeaknessPascal Cretain
WoltLab(R) Community Framework XSS and Full Path Disclosure VulnerabilityJessica Hope
Re: Wikepage Opus 13 2007.2 Directory Traversal Vulnerbilityyeppy_at_nospam
[ GLSA 200804-04 ] MySQL: Multiple vulnerabilitiesRobert Buchholz
Multiple vulnerabilities in HP OpenView NNM 7.53Luigi Auriemma
[SECURITY] [DSA 1540-1] New lighttpd packages fix denial of serviceSteve Kemp
Wikepage Opus 13 2007.2 Directory Traversal Vulnerbilityvirangar_nml_at_nospam
Attack Technique: File Download InjectionJeff Williams
[ GLSA 200804-06 ] UnZip: User-assisted execution of arbitrary codeRobert Buchholz
Tumbleweed SecureTransport FileTransfer ActiveX Control Buffer OverflowPatrick Webster
openMosix userspace library stack-based buffer overflowjose_at_nospam
[ GLSA 200804-05 ] NX: User-assisted execution of arbitrary codeRobert Buchholz
[ GLSA 200804-03 ] OpenSSH: Privilege escalationRobert Buchholz
Blogator-script 0.95 SQL Injection Vulnerbilityhadihadi_zedehal_2006_at_nospam
Alkacon OpenCms sessions.jsp searchfilter XSSnnposter_at_nospam
Blogator-script 0.95 Change User Password Vulnerbilityhadihadi_zedehal_2006_at_nospam
TheGreenBowVPN, Login Credentials Disclosureevilcry_at_nospam
F5 BIG-IP Management Interface Perl Injectionnnposter_at_nospam
rPSA-2008-0139-1 gnome-ssh-askpass openssh openssh-client openssh-serverrPath Update Announcements
rPSA-2008-0138-1 tshark wiresharkrPath Update Announcements
rPSA-2008-0136-1 cupsrPath Update Announcements
[SECURITY] [DSA 1538-1] New alsaplayer packages fix arbitrary code executionDevin Carraway
[SECURITY] [DSA 1539-1] New mapserver packages fix multiple vulnerabilitiesDevin Carraway
iDefense Security Advisory 04.03.08: Computer Associates Alert Notification Service Multiple RPC Buffer Overflow VulnerabilitiesiDefense Labs
iDefense Security Advisory 04.03.08: SCO UnixWare pkgadd Directory Traversal VulnerabilityiDefense Labs
iDefense Security Advisory 04.02.08: Symantec Norton Internet Security 2008 ActiveX Control Buffer Overflow VulnerabilityiDefense Labs
[security bulletin] HPSBMA02323 SSRT080032 rev.1 - HP USB Floppy Drive Key (Option) for ProLiant Servers, Local Virus Infectionsecurity-alert_at_nospam
CORE-2008-0314 - Orbit Downloader "Download failed" buffer overflowCORE Security Technologies Advisories
ZDI-08-017: Apple QuickTime Kodak Encoding Heap Overflow Vulnerabilityzdi-disclosures_at_nospam
iDefense Security Advisory 04.02.08: Symantec Internet Security 2008 ActiveDataInfo.LaunchProcess Design Error VulnerabilityiDefense Labs
KwsPHP Module ConcoursPhoto XSShsx_at_nospam
CA ARCserve Backup for Laptops and Desktops Server and CA Desktop Management Suite Multiple VulnerabilitiesWilliams, James K
ZDI-08-019: Apple QuickTime Malformed VR obji Atom Parsing Memory Corruption Vulnerabilityzdi-disclosures_at_nospam
CA Alert Notification Server Multiple VulnerabilitiesWilliams, James K
ZDI-08-015: Apple QuickTime Clipping Region Heap Overflow Vulnerabilityzdi-disclosures_at_nospam
ZDI-08-016: Apple QuickTime MP4A Atom Parsing Heap Corruption Vulnerabilityzdi-disclosures_at_nospam
Medium security hole affecting Festival on Debian unstable/testing and Ubuntu Hardy HeronTim Brown
ZDI-08-014: Apple Quicktime Multiple Opcode Memory Corruption Vulnerabilitieszdi-disclosures_at_nospam
ZDI-08-018: Apple QuickTime Run Length Encoding Heap Overflow Vulnerabilityzdi-disclosures_at_nospam
POC2008 call for paperspocadm_at_nospam
Cisco Security Advisory: Cisco Unified Communications Disaster Recovery Framework Command Execution VulnerabilityCisco Systems Product Security Incident Response Team
Recon 2008 CFP last call, early registration openRecon Conference
[USN-588-2] MySQL regressionJamie Strandboge
Parallels virtuozzo's VZPP multiple csrf vulnerabilitiespoplix
Joomla Component com_lms SQL Injectionno-reply_at_nospam
Vulnerabilities in kses-based HTML filterslpilorz_at_nospam
[USN-598-1] CUPS vulnerabilitiesJamie Strandboge
Webwasher Denial of Service Vulnerabilitysecurity_at_nospam
[ GLSA 200804-02 ] bzip2: Denial of ServicePierre-Yves Rofes
[SECURITY] [DSA 1537-1] New xpdf packages fix multiple vulnerabilitiesDevin Carraway
[ MDVSA-2008:081 ] - Updated CUPS packages fix multiple vulnerabilitiessecurity_at_nospam
RE: Internet explorer 7.0 spoofingMike Diaz
Directory traversal in LANDesk Management Suite 8.80.1.1Luigi Auriemma
ANNOUNCE: Apache-SSL security release - apache_1.3.41+ssl_1.59Adam Laurie
HPSBTU02325 SSRT080006 rev.1 - HP Internet Express for Tru64 UNIX running PostgreSQL, Arbitrary Code Execution, Privilege Elevation, or Denial of Service (DoS)security-alert_at_nospam
[USN-597-1] OpenSSH vulnerabilityKees Cook
Datalife Engine 6.7 XSRFirancrash_at_nospam
HPSBMA02317 SSRT080026 rev.1 - HP Select Identity Software, Gain Unauthorized Accesssecurity-alert_at_nospam
Writers Block SQL Injection Vulnerabilitiesnebelfrost23_at_nospam
Re: Re: Re: Internet explorer 7.0 spoofingjplopezy_at_nospam
Re: Re: Internet explorer 7.0 spoofingw0lfd33m_at_nospam
[ GLSA 200804-01 ] CUPS: Multiple vulnerabilitiesRobert Buchholz
TCP/IP security vulnerability disclosedJ. Oquendo
[SECURITY] [DSA 1533-2] New exiftags packages fix several vulnerabilitiesDevin Carraway
cevado technologies real estate CMS SQL injectionjoseph.giron13_at_nospam
Terracotta Personal Edition Multiple vulnerabilitiesjoseph.giron13_at_nospam
CAU-2008-0001 - Slowly Closing Door Race ConditionI)ruid