bugtraq June 2008 archive
Main Archive Page > Month Archives  > bugtraq archives
bugtraq: By Date

bugtraq By Date

SubjectAuthorDate
Vuln name: Ruby rb_ary_fill() DOSsnagg_at_nospam
[USN-617-2] Samba regressionJamie Strandboge
Endless loop in Soldner 33724Luigi Auriemma
Re: Rhythmbox Vulnerabilitywargame89_at_nospam
RSS-aggregator Multiple vulnerabilitiesSylvain
[security bulletin] HPSBMA02338 SSRT080024, SSRT080041 rev.2 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code, Denial of Service (DoS)security-alert_at_nospam
Re: Remote SQL Injectionpacket_at_nospam
Security and Hacking Papers - Updated!ork_at_nospam
Endless loop in Halo 1.07Luigi Auriemma
Remote SQL Injectionsaidmoftakhar_at_nospam
Multiple vulnerabilities in S.T.A.L.K.E.R. 1.0006Luigi Auriemma
Re: Double Denial of Service in Call of Duty 4 1.6Luigi Auriemma
[Tool] PktAnon packet trace anonymization tool releasedChristoph Mayer
[security bulletin] HPSBUX02341 SSRT080075 rev.1 - HP-UX running HP CIFS Server (Samba), Remote Execution of Arbitrary Codesecurity-alert_at_nospam
BA-Con 2008 CFP - Buenos Aires, Sept. 30 / Oct. 1 (closes July 11 2008)Dragos Ruiu
[security bulletin] HPSBUX02342 SSRT080063 rev.2 - HP-UX Running Apache with PHP, Remote Execution of Arbitrary Codesecurity-alert_at_nospam
rPSA-2008-0207-1 kernelrPath Update Announcements
New Release of 'Unhide' (20080519)yago jesus
[ MDVSA-2008:124 ] - Updated xine-lib packages fix vulnerability in Speex decodersecurity_at_nospam
[USN-621-1] Ruby vulnerabilitiesJamie Strandboge
[SECURITY] [DSA 1599-1] New dbus packages fix privilege escalationMoritz Muehlenhoff
rPSA-2008-0206-1 rubyrPath Update Announcements
[USN-620-1] OpenSSL vulnerabilitiesJamie Strandboge
Rhythmbox Vulnerabilityjplopezy_at_nospam
Evolution Vulnerabilityjplopezy_at_nospam
Pidgin 2.4.1 Vulnerabilityjplopezy_at_nospam
The Rat CMS (SQL/XSS) Multiple Remote Vulnerabilitiestan_prathan_at_nospam
Multiple vulnerabilities in TietoEnator's Procapita school administration system, at least version "842 Procapita 840SP1"pelzi_at_nospam
Re: IdeBox (include) Remote File Inclusion VulnerabilityVladimir '3APA3A' Dubrovin
[ MDVSA-2008:123 ] - Updated imlib2 packages fix vulnerabilitiessecurity_at_nospam
Cisco Security Advisory: Cisco Unified Communications Manager Denial of Service and Authentication Bypass VulnerabilitiesCisco Systems Product Security Incident Response Team
mcGuestbook 1.2 (lang) Remote File Inclusion VulnerabilityGhost hacker
ERRATA - n.runs-SA-2008.001 - Jscape Secure FTP Appletsecurity_at_nospam
IdeBox (include) Remote File Inclusion VulnerabilityGhost hacker
[ GLSA 200806-11 ] IBM JDK/JRE: Multiple vulnerabilitiesTobias Heinlein
[BMSA 2008-07] Format string vulnerability in 5th streetNam Nguyen
RSS-aggregator (display) Remote File Inclusion VulnerabilityGhost hacker
[ MDVSA-2008:122 ] - Updated clamav packages fix vulnerabilitysecurity_at_nospam
fetchmail REVISED security announcement fetchmail-SA-2008-01 (CVE-2008-2711)ma+bt_at_nospam
[ GLSA 200806-10 ] FreeType: User-assisted execution of arbitrary codeRobert Buchholz
[ GLSA 200806-09 ] libvorbis: Multiple vulnerabilitiesRobert Buchholz
[ GLSA 200806-08 ] OpenSSL: Denial of ServiceRobert Buchholz
NULL pointer in World in Conflict 1.008Luigi Auriemma
[ MDVSA-2008:121 ] - Updated freetype2 packages fix vulnerabilitiessecurity_at_nospam
Re: Summary of AS/400 Vulnerability InformationJon Kibler
Double Denial of Service in Call of Duty 4 1.6Luigi Auriemma
Firefox 3.0 security bug: Extensions can STILL hide themselvesazurIt
Trust Testing and MetricsPete Herzog
n.runs-SA-2008.001 - Jscape Secure FTP Appletsecurity_at_nospam
Benja CMS 0.1 (Upload/XSS) Multiple Remote Vulnerabilitiestan_prathan_at_nospam
[ MDVSA-2008:120 ] - Updated nasm packages fix vulnerabilitysecurity_at_nospam
rPSA-2008-0201-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfsrPath Update Announcements
[ MDVSA-2008:119 ] - Updated exiv2 packages fix vulnerabilitysecurity_at_nospam
rPSA-2008-0200-1 xorg-serverrPath Update Announcements
[ MDVSA-2008:118 ] - Updated net-snmp/ucd-snmp packages fix vulnerabilitiessecurity_at_nospam
Diigo Toolbar - Global XSS and Information Leakage in SSL URLsFerruh Mavituna
BackTrack 3 Final has been releasedMax Moser
[SECURITY] [DSA 1598-1] New libtk-img packages fix arbitrary code executionThijs Kinkhorst
Secunia Research: XnView, NConvert, and GFL SDK Sun TAAC Buffer OverflowSecunia Research
[ MDVSA-2008:117 ] - Updated fetchmail packages fix DoS vulnerabilitysecurity_at_nospam
Re: RFI ====> vBulletin v3.6.5hh-ua_at_nospam
An Apology.cwrigh20_at_nospam
[ GLSA 200806-07 ] X.Org X server: Multiple vulnerabilitiesMatthias Geerdsen
RE: A more detailed description of the Jura F90 vulnerability.Craig Wright
RE: A more detailed description of the Jura F90 vulnerability.Thor (Hammer of God)
CSW Security Advisory 0002: Oral B SmartMonitor Information Disclosure Vulnerability and DoScraigswright_at_nospam
vBulletin 3.7.1 PL1 and lower, vBulletin 3.6.10 PL1: XSS in modcp indexJessica Hope
eLineStudio Site Composer (ESC) <=2.6 Multiple VulnerabilitiesAdmin_at_nospam
Academic Web Tools CMS <= 1.4.2.8 Multiple VulnerabilitiesAdmin_at_nospam
[USN-612-11] openssl-blacklist updateJamie Strandboge
RE: A more detailed description of the Jura F90 vulnerability.Thor (Hammer of God)
Cisco Security Advisory: Cisco Intrusion Prevention System Jumbo Frame Denial of ServiceCisco Systems Product Security Incident Response Team
CA ARCserve Backup Discovery Service Denial of Service VulnerabilityWilliams, James K
A more detailed description of the Jura F90 vulnerability.Craig Wright
Secunia Research: TorrentTrader Multiple SQL Injection VulnerabilitiesSecunia Research
Announcement && CFP: ISOI 5, Tallinn EstoniaGadi Evron
[USN-617-1] Samba vulnerabilitiesJamie Strandboge
[security bulletin] HPSBST02344 SSRT080087 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-030 to MS08-036security-alert_at_nospam
S21SEC-044-en:OpenDocMan Cross Site Scripting (XSS)S21sec labs
[ GLSA 200806-05 ] cbrPager: User-assisted execution of arbitrary codePierre-Yves Rofes
[ GLSA 200806-06 ] Evolution: User-assisted execution of arbitrary codePierre-Yves Rofes
fetchmail security announcement fetchmail-SA-2007-02 (CVE-2007-4565)ma+bt_at_nospam
iPhoneDbg ToolkitNicolas A. Economou
NULL pointer in the HTTP/XML-RPC service of Crysis 1.21Luigi Auriemma
fetchmail security announcement fetchmail-SA-2008-01 (CVE-2008-2711)ma+bt_at_nospam
Server freezed in Skulltag 0.97d2-RC2Luigi Auriemma
Hacking Coffee Makers.Craig Wright
[ MDVSA-2008:115 ] - Updated x11-server packages fix several vulnerabilitiessecurity_at_nospam
[ MDVSA-2008:116 ] - Updated x11-server packages fix several vulnerabilitiessecurity_at_nospam
[DSECRG-08-026] LFI in Open Azimyt CMS 0.22Digital Security Research Group
VistaReseller Panel BETA Xss Vulnerabilityirancrash_at_nospam
Returnil Virtual System 2008 - Password Disclosure Issuemikuvoli_at_nospam
PHP JOBWEBSITE PRO (JobSearch3.php) SQL Injection Vulnerabilitysys-project_at_nospam
Denial of Service in S.T.A.L.K.E.R. 1.0006Luigi Auriemma
DUC NO-IP Local Password Information Disclosure Vulnerabilityglafkos_at_nospam
E-SMART CART (productsofcat.asp) Remote SQL Injection Vulnerabilitysys-project_at_nospam
Muitiple XSS - Glassfish Web Interface (Sun Java System Application Server 9.1_01 (build b09d-fcs) )Eduardo Jorge
Re: AS/400 VulnerabilitiesMarco Ivaldi
[ GLSA 200806-04 ] rdesktop: Multiple vulnerabilitiesPierre-Yves Rofes
GSC Privilege Escalation ExploitMoose
Re: Collection of Vulnerabilities in Fully Patched Vim 7.1Bram Moolenaar
Collection of Vulnerabilities in Fully Patched Vim 7.1Jan Minář
Re: AS/400 Vulnerabilitiessecurity curmudgeon
[ MDVSA-2008:113 ] - Updated kernel packages fix security issuesecurity_at_nospam
[ MDVSA-2008:114 ] - Updated util-linux-ng packages fix log injection issuesecurity_at_nospam
Technical Details of Security Issues Regarding Safari for WindowsLIUDIEYU dot COM
RE: Securify bulletin: Microsoft Active Directory Denial-of-serviceMichael Wojcik
RE: AS/400 VulnerabilitiesMichael Wojcik
[USN-612-10] OpenVPN regressionJamie Strandboge
[USN-612-9] openssl-blacklist updateJamie Strandboge
[USN-616-1] X.org vulnerabilitiesKees Cook
Securify bulletin: Microsoft Active Directory Denial-of-serviceSecurify Bulletins
Exploit for vBulletin "obscure" XSS (3.7.1 & 3.6.10)Jessica Hope
AS/400 VulnerabilitiesJon Kibler
[SECURITY] [DSA 1596-1] New typo3 packages fix several vulnerabilitiesThijs Kinkhorst
[SECURITY] [DSA 1597-1] New mt-daapd packages fix several vulnerabilitiesDevin Carraway
[ MDVSA-2008:112 ] - Updated kernel packages fix security issuessecurity_at_nospam
Pooya Site Builder (PSB) SQL Injection VulnerabilitiesAdmin_at_nospam
DEFCON Switzerland looking for DEFCON visitorsDEF CON Switzerland
SNMPv3 Authentication Bypass - CVE-2008-0960inode
ASPPortal Free Version (Topic_Id) Remote SQL Injection Vulnerabilitysys-project_at_nospam
[SECURITY] [DSA 1595-1] New xorg-server packages fix several vulnerabilitiesThijs Kinkhorst
rPSA-2008-0189-1 kernel xenrPath Update Announcements
iDefense Security Advisory 06.11.08: Multiple Vendor X Server MIT-SHM Extension Information Disclosure VulnerabilityiDefense Labs
iDefense Security Advisory 06.11.08: Multiple Vendor X Server Record and Security Extensions Multiple Memory Corruption VulnerabilitiesiDefense Labs
Xigla Multiple Products - Multiple VulnerabilitiesAdmin_at_nospam
iDefense Security Advisory 06.11.08: Multiple Vendor X Server Render Extension Gradient Creation Integer Overflow VulnerabilityiDefense Labs
iDefense Security Advisory 06.11.08: Multiple Vendor X Server Render Extension ProcRenderCreateCursor() Integer Overflow VulnerabilityiDefense Labs
iDefense Security Advisory 06.11.08: Multiple Vendor X Server Render Extension AllocateGlyph() Integer Overflow VulnerabilityiDefense Labs
[SECURITY] [DSA 1594-1] New imlib2 packages fix arbitrary code executionMoritz Muehlenhoff
[security bulletin] HPSBMA02340 SSRT080024, SSRT080041 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code, Denial of Service (DoS)security-alert_at_nospam
phpRaider <= v1.0.6,7 Maybe Other Versions Remote File include Vulnerablenone_at_nospam
Flat Calendar v1.1 Remote Permission Bypass Vulnerabilitynone_at_nospam
CORE-2008-0125: CitectSCADA ODBC service vulnerabilityCORE Security Technologies Advisories
[security bulletin] HPSBUX02342 SSRT080063 rev.1 - HP-UX Running Apache or Tomcat with PHP, Remote Execution of Arbitrary Codesecurity-alert_at_nospam
Secunia Research: uTorrent / BitTorrent Web UI HTTP "Range" Header DoSSecunia Research
PHPEasyData 1.5.4 Multiple VulnerabilitiesSylvain
TYPO3 Security Bulletin TYPO3-20080611-1: Multiple vulnerabilities in TYPO3 Corelars_at_nospam
ZDI-08-040: Microsoft DirectX SAMI File Format Name Parsing Stack Overflow Vulnerabilityzdi-disclosures_at_nospam
ZDI-08-039: Microsoft Internet Explorer DOM Ojbect substringData() Heap Overflow Vulnerabilityzdi-disclosures_at_nospam
Many bugs on CMS system PiugamePsymera
[ MDVSA-2008:111 ] - Updated Evolution packages fix vulnerabilitiessecurity_at_nospam
ZDI-08-038: QuickTime SMIL qtnext Redirect File Executionzdi-disclosures_at_nospam
iDefense Security Advisory 06.10.08: Multiple Vendor FreeType2 PFB Memory Corruption VulnerabilityiDefense Labs
ZDI-08-037: Apple QuickTime Indeo Video Buffer Overflow Vulnerabilityzdi-disclosures_at_nospam
XSS - Glassfish Web Admin Interface (Sun Java System Application Server 9.1_01 (build b09d-fcs) )Eduardo Jorge
iDefense Security Advisory 06.10.08: Multiple Vendor FreeType2 Multiple Heap Overflow VulnerabilitiesiDefense Labs
iDefense Security Advisory 06.10.08: Multiple Vendor FreeType2 PFB Integer Overflow VulnerabilityiDefense Labs
Cisco Security Advisory: SNMP Version 3 Authentication VulnerabilitiesCisco Systems Product Security Incident Response Team
iDefense Security Advisory 06.10.08: Multiple Vendor OpenOffice rtl_allocateMemory() Integer Overflow VulnerabilityiDefense Labs
[security bulletin] HPSBMA02338 SSRT080024, SSRT080041 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code, Denial of Service (DoS)security-alert_at_nospam
Secunia Research: Apple QuickTime PICT Image Parsing Buffer OverflowSecunia Research
[web-app] Insanely Simple Blog 0.5 (index) Remote SQL Injection Vulnerabilitiesunohope_at_nospam
[web-app] yBlog 0.2.2.2 Multiple Remote Vulnerabilitiesunohope_at_nospam
[web-app] DCFM Blog 0.9.4 (comments) Remote SQL Injection Vulnerabilityunohope_at_nospam
[web-app] ErfurtWiki <= R1.02b (css) Local File Inclusion Vulnerabilityunohope_at_nospam
[oCERT-2008-006] multiple SNMP implementations HMAC authentication spoofingAndrea Barisani
[web-app] Tornado Knowledge Retrieval System <= 4.2 Remote XSS Vulnerabilityunohope_at_nospam
Further Correction to BID 29112 "Apache Server HTML Injection and UTF-7 XSS Vulnerability"William A. Rowe, Jr.
[SECURITY] [DSA 1593-1] New tomcat5.5 packages cross-site scriptingMoritz Muehlenhoff
[SECURITY] [DSA 1592-2] New Linux 2.6.18 packages fix overflow conditionsdann frazier
webTA by kronos - XSSAlex Eden
XSS - NEXTGEN GALLERY 0.96 WORDPRESS PLUGINEduardo Jorge
[SECURITY] [DSA 1592-1] New Linux 2.6.18 packages fix overflow conditionsdann frazier
[ GLSA 200806-03 ] Imlib 2: User-assisted execution of arbitrary codeTobias Heinlein
FreeSSHD 1.2.1 (Post Auth) Remote Seh Overflow Exploitm.memelli_at_nospam
[USN-615-1] Evolution vulnerabilitiesJamie Strandboge
Re: iDefense Security Advisory 06.04.08: VMware Tools HGFS Local Privilege Escalation VulnerabilityiDefense Labs
SchoolCenter URL Handling Cross Site Scripting VulnerabilityDoZ_at_nospam
[ MDVSA-2008:110 ] - Updated Firefox packages fix vulnerabilitiessecurity_at_nospam
rPSA-2008-0185-1 vsftpdrPath Update Announcements
Vulnerability in Network General/Net Scout productjgrove_2000_at_nospam
Akamai Technologies Security Advisory 2008-0003 (Akamai Client Software)Akamai Security Team
Secunia Research: Akamai Red Swoosh Cross-Site Request ForgerySecunia Research
WEBAlbum <= 2.0 Remote Stored Cross Site Scripting Vulnerabilitytan_prathan_at_nospam
F5 FirePass Content Inspection Management XSSnnposter_at_nospam
Re: iDefense Security Advisory 06.04.08: VMware Tools HGFS Local Privilege Escalation VulnerabilityiDefense Labs
iDefense Security Advisory 06.04.08: VMware Multiple Products vmware-authd Untrusted Library Loading VulnerabilityiDefense Labs
iDefense Security Advisory 06.04.08: VMware Tools HGFS Local Privilege Escalation VulnerabilityiDefense Labs
AST-2008-009: (Corrected subject) Remote crash vulnerability in ooh323 channel driverAsterisk Security Team
Akamai Download Manager File Downloaded To Arbitrary Location Vulnerabilitycocoruder
SMEweb 1.4b (SQL/XSS) Multiple Remote Vulnerabilitiestan_prathan_at_nospam
Remote DoS vulnerability in Linksys WRH54Gdubingyao_at_nospam
[security bulletin] HPSBST02312 SSRT071428 rev.2 - HP StorageWorks Storage Mirroring Software, Remote Execution of Arbitrary Codesecurity-alert_at_nospam
e107 Plugin echat MENU Blind SQL Injection Vulnerabilityhadihadi_zedehal_2006_at_nospam
AST-2008-009: AST-2008-007 Cryptographic keys generated by OpenSSL on Debian-based systems compromisedAsterisk Security Team
CA Secure Content Manager HTTP Gateway Service FTP Request VulnerabilitiesWilliams, James K
CORE-2008-0425 - NASA BigView Stack Buffer OverflowCORE Security Technologies Advisories
Re: ZDI-08-034: HP StorageWorks Storage Mirroring Authentication Processing Stack Overflow VulnerabilityLuigi Auriemma
iDefense Security Advisory 06.04.08: Kaspersky Internet Security IOCTL Stack Based Buffer Overflow VulnerabilityiDefense Labs
iDefense Security Advisory 06.04.08: Skype File URI Security Bypass Code Execution VulnerabilityiDefense Labs
TPTI-08-05: CA ETrust Secure Content Manager Gateway FTP LIST Stack Overflow VulnerabilityDVLabs
ZDI-08-035: CA ETrust Secure Content Manager Gateway FTP PASV Stack Overflow Vulnerabilityzdi-disclosures_at_nospam
ZDI-08-036: CA ETrust Secure Content Manager Gateway FTP LIST Stack Overflowzdi-disclosures_at_nospam
ZDI-08-034: HP StorageWorks Storage Mirroring Authentication Processing Stack Overflow Vulnerabilityzdi-disclosures_at_nospam
VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issuesVMware Security team
Cisco Security Advisory: Multiple Vulnerabilities in Cisco PIX and Cisco ASACisco Systems Product Security Incident Response Team
Akamai Technologies Security Advisory 2008-0001 (Download Manager)Akamai Security Team
iDefense Security Advisory 06.03.08: Sun Java System Active Server Pages Buffer Overflow VulnerabilityiDefense Labs
iDefense Security Advisory 06.03.08: Sun Java System Active Server Pages Authorization Bypass VulnerabilityiDefense Labs
iDefense Security Advisory 06.03.08: Sun Java System Active Server Pages Multiple Directory Traversal VulnerabilitiesiDefense Labs
IMF 2008 - Deadline Extension (2nd try)Oliver Goebel
CSIS-RI-0003: Multiple buffer overflow vulnerabilities in HP ActiveXrand_at_nospam
iDefense Security Advisory 06.03.08: Sun Java System Active Server Pages Multiple Command Injection VulnerabilitiesiDefense Labs
iDefense Security Advisory 06.03.08: Sun Java System Active Server Pages Information Disclosure VulnerabilityiDefense Labs
iDefense Security Advisory 06.03.08: Sun Java System Active Server Pages File Creation VulnerabilityiDefense Labs
[security bulletin] HPSBMA02326 SSRT071490 rev.1 - HP Instant Support HPISDataManager.dll Running on Windows, Remote Execution of Arbitrary Codesecurity-alert_at_nospam
QuickerSite Multiple VulnerabilitiesAdmin_at_nospam
[ MDVSA-2008:109 ] - Updated kernel packages fix bugssecurity_at_nospam
AST-2008-008: Remote Crash Vulnerability in SIP channel driver when run in pedantic modeAsterisk Security Team
[USN-614-1] Linux kernel vulnerabilitiesKees Cook
AccessMe Tool ReleaseOliver Lavery
[NSG 03-06-2008] C6 Messenger Installation Url DownloaderActiveX Control Remote Download & Execute Exploitipsdix_at_nospam
London DEFCON June meet - DC4420 - Thursday 5th JuneMajor Malfunction
[ GLSA 200806-01 ] mtr: Stack-based buffer overflowTobias Heinlein
RE: Windows Installer msiexec GUID Buffer OverflowThor (Hammer of God)
[ GLSA 200806-02 ] libxslt: Execution of arbitrary codeTobias Heinlein
Re: Windows Installer msiexec GUID Buffer Overflow0xjbrown41_at_nospam
[security bulletin] HPSBST02312 SSRT071428 rev.1 - HP StorageWorks Storage Mirroring Software, Remote Execution of Arbitrary Codesecurity-alert_at_nospam
[SECURITY] [DSA 1591-1] New libvorbis packages fix several vulnerabilitiesThijs Kinkhorst
Windows Installer msiexec GUID Buffer OverflowPatrick Webster
[SECURITY] CVE-2008-1947: Tomcat host-manager XSS vulnerabilityMark Thomas
Advisory: Xerox Workaround & planned patchsuzanne.hawley_at_nospam
DEFCON 16 Updates - Get involved!The Dark Tangent
rPSA-2008-0181-1 openssl openssl-scriptsrPath Update Announcements
ComicShout 2.8 (news.php news_id) SQL Injection Vulnerabilitysys-project_at_nospam
rPSA-2008-0180-1 samba samba-client samba-server samba-swatrPath Update Announcements
Re: xt:Commerce possible DoSdecoder-bugtraq_at_nospam
BP Blog 6.0 (id) Remote Blind SQL Injection Vulnerabilitysys-project_at_nospam
ARP handler Inspection tool releasedAndrea Di Pasquale