bugtraq April 2008 archive
Main Archive Page > Month Archives  > bugtraq archives
bugtraq: By Thread

bugtraq By Thread

SubjectAuthor Date
[SECURITY] [DSA 1563-1] New asterisk packages fix denial of serviceMoritz Muehlenhoff30 Apr 2008
heanet.dl.sourceforge.net hacked?Michael Scheidell30 Apr 2008
Re: heanet.dl.sourceforge.net hacked?Pieter de Boer30 Apr 2008
Re: heanet.dl.sourceforge.net hacked?mirrors_at_nospam30 Apr 2008
Re: heanet.dl.sourceforge.net hacked?Rainer Duffner30 Apr 2008
--> Re: heanet.dl.sourceforge.net hacked?Marshall Eubanks30 Apr 2008
--> Re: Re: heanet.dl.sourceforge.net hacked?securityfocus.com_at_nospam30 Apr 2008
CFP: Workshop on Open Source Software for Computer and Network ForensicsStefano Zanero30 Apr 2008
Critical Vulnerability in SNMPcNGSSoftware Insight Security Research30 Apr 2008
[security bulletin] HPSBMA02331 SSRT080000 rev.1 - HP-UX running WBEM Services, Remote Execution of Arbitrary Code, Gain Extended Privilegessecurity-alert_at_nospam30 Apr 2008
[ MDVSA-2008:093 ] - Updated vorbis-tools packages fix vulnerabilitiessecurity_at_nospam29 Apr 2008
[ MDVSA-2008:092 ] - Updated gstreamer-plugins-good packages fix vulnerabilitiessecurity_at_nospam29 Apr 2008
XSS Attackhadikiamarsi_at_nospam29 Apr 2008
Re: Yourfreeworld Styleish Text Ads Scriptrohit_at_nospam29 Apr 2008
rPSA-2008-0151-1 libpngrPath Update Announcements29 Apr 2008
Re: rPSA-2008-0151-1 libpngLiran Cohen30 Apr 2008
SugarCRM Community Edition Local File Disclosure Vulnerabilityroberto.suggi_at_nospam29 Apr 2008
[ GLSA 200804-30 ] KDE start_kdeinit: Multiple vulnerabilitiesMatthias Geerdsen29 Apr 2008
Re: h2desk helpdesk path disclosure vulnerabilityjohn_at_nospam29 Apr 2008
[ECHO_ADV_89$2008] Softbiz Web Host Directory Script (search_result.php host_id) Blind Sql Injection Vulnerabilityerdc_at_nospam28 Apr 2008
[ECHO_ADV_88$2008] Prozilla Hosting Index (directory.php cat_id) Blind Sql Injection Vulnerabilityerdc_at_nospam28 Apr 2008
[SECURITY] [DSA 1562-1] New iceape packages fix arbitrary code executionMoritz Muehlenhoff28 Apr 2008
Microsoft SWI blog inaccuraciesAmit Klein28 Apr 2008
London DEFCON meet - Thursday 1st May - DC4420Major Malfunction27 Apr 2008
bug reporthadikiamarsi_at_nospam27 Apr 2008
Minibb 2.2a XSS Vulnerabilityirancrash_at_nospam28 Apr 2008
[SECURITY] [DSA 1556-2] New perl packages fix denial of serviceFlorian Weimer27 Apr 2008
[SECURITY] [DSA 1561-1] New ldm packages fix information disclosureThijs Kinkhorst28 Apr 2008
GroupWise 7.0 mailto: scheme buffer overflowjplopezy_at_nospam28 Apr 2008
[SECURITY] [DSA 1560-1] New kronolith2 packages fix cross site scriptingThijs Kinkhorst28 Apr 2008
Re: Simple Machines Forum "SMF Shoutbox" Mod Persistent XSSpobore_at_nospam22 Apr 2008
rPSA-2008-0149-1 idle pythonrPath Update Announcements25 Apr 2008
Wordpress 2.5 Cookie Integrity Protection VulnerabilitySteven J. Murdoch25 Apr 2008
Re: Curious vulnerability in Excel 2007jplopezy_at_nospam26 Apr 2008
[ GLSA 200804-29 ] Comix: Multiple vulnerabilitiesPierre-Yves Rofes25 Apr 2008
R.I.P. rgodipsdix_at_nospam25 Apr 2008
Re: R.I.P. rgodblacklight_at_nospam26 Apr 2008
--> Re: R.I.P. rgodChristian Kujau29 Apr 2008
Re: R.I.P. rgodChristian Kujau30 Apr 2008
[ MDVSA-2008:091 ] - Updated wireshark packages fix denial of service vulnerabilitiessecurity_at_nospam25 Apr 2008
[SECURITY] [DSA 1558-1] New xulrunner packages fix arbitrary code executionMoritz Muehlenhoff24 Apr 2008
[SECURITY] [DSA 1534-2] New iceape packages fix regressionMoritz Muehlenhoff24 Apr 2008
[SECURITY] [DSA 1556-1] New perl packages fix denial of serviceFlorian Weimer24 Apr 2008
[SECURITY] [DSA 1557-1] New phpmyadmin packages fix several vulnerabilitiesThijs Kinkhorst24 Apr 2008
HPSBGN02333 SSRT080031 rev.1 - HP Software Update HPeDiag Running on Windows, Remote Disclosure of Information and Execution of Arbitrary Codesecurity-alert_at_nospam24 Apr 2008
A New Class of Vulnerability in Oracle: Lateral SQL InjectionDavid Litchfield24 Apr 2008
[ GLSA 200804-27 ] SILC: Multiple vulnerabilitiesTobias Heinlein24 Apr 2008
Trillian 3.1 basic nick crashjplopezy_at_nospam24 Apr 2008
DDIVRT-2008-11 BadBlue uninst.exe DoSvulnerabilityresearch_at_nospam24 Apr 2008
[ GLSA 200804-28 ] JRockit: Multiple vulnerabilitiesTobias Heinlein24 Apr 2008
xine-lib NES Sound Format Demuxer Buffer Overflowlaurent.gaffie_at_nospam23 Apr 2008
Re: xine-lib NES Sound Format Demuxer Buffer OverflowGuido Landi23 Apr 2008
[W01-0408] Realtek HD Audio Codec Drivers (Vista) - Local Privilege Escalationvulns_at_nospam23 Apr 2008
PR07-44: XSS on RSA Authentication Agent login pageProCheckUp Research23 Apr 2008
PR07-43: Cross-domain redirect on RSA Authentication AgentProCheckUp Research23 Apr 2008
[ GLSA 200804-26 ] Openfire: Denial of ServiceRobert Buchholz23 Apr 2008
[SECURITY] [DSA 1555-1] New iceweasel packages fix arbitrary code executionMoritz Muehlenhoff23 Apr 2008
[ GLSA 200804-25 ] VLC: User-assisted execution of arbitrary codeRobert Buchholz23 Apr 2008
Zune software - arbitrary file overwriteinfo_at_nospam23 Apr 2008
NetClassifieds Sql Injectionnoreply_at_nospam23 Apr 2008
Re: NetClassifieds Sql Injectionlaurent.gaffie_at_nospam23 Apr 2008
LayerOne 2008 - Final Pre-Con UpdateLayer One23 Apr 2008
Horde Webmail XSS [Aria-Security]noreply_at_nospam22 Apr 2008
AST-2008-006 - 3-way handshake in IAX2 incompleteSecurity Officer22 Apr 2008
Default key algorithm in Thomson and BT Home Hub routersAdrian Pastor22 Apr 2008
Re: Default key algorithm in Thomson and BT Home Hub routersap_at_nospam23 Apr 2008
[SECURITY] [DSA 1554-1] New roundup packages fix cross-site scripting vulnerabilityNoah Meyerhans22 Apr 2008
Re: Firefox 3.0 beta 5 crashGianluca Borello22 Apr 2008
Re: Firefox 3.0 beta 5 crashMauro Faccenda23 Apr 2008
Re: Firefox 3.0 beta 5 crash (Slightly unrelated)Skratz0r22 Apr 2008
Cross site scripting issues in s9y (CVE-2008-1386, CVE-2008-1387)Hanno Böck22 Apr 2008
Correcting CVEs (was Re: [Full-disclosure] Cross site scripting issues in s9y (CVE-2008-1386, CVE-2008-1387))Hanno Böck22 Apr 2008
[USN-602-1] Firefox vulnerabilitiesJamie Strandboge22 Apr 2008
[USN-604-1] Gnumeric vulnerabilityKees Cook22 Apr 2008
Sea-Surfing on the Motorola Surfboardth3.r00k.nospam_at_nospam18 Apr 2008
[ GLSA 200804-24 ] DBmail: Data disclosureMatthias Geerdsen18 Apr 2008
Xoops All Version -Articles- Article.PHP (ID) Blind SQL Injection ExpL0itcrazy_kinq_at_nospam19 Apr 2008
[ GLSA 200804-23 ] CUPS: Integer overflow vulnerabilityMatthias Geerdsen18 Apr 2008
ANNOUNCE: Security Implications of Windows Access Tokens Whitepaperluke.jennings_at_nospam18 Apr 2008
Re: Re: Smf 1.1.4 Remote File Inclusion Vulnerabilitiesdouchbag_at_nospam21 Apr 2008
Powered by gCards v1.46 SQLturkish-warriorr_at_nospam18 Apr 2008
Re: Powered by gCards v1.46 SQLpacket_at_nospam21 Apr 2008
IRM Security Advisory : RedDot CMS SQL injection vulnerabilityMark Crowther21 Apr 2008
[SECURITY] [DSA 1553-1] New ikiwiki packages fix cross-site request forgeryFlorian Weimer20 Apr 2008
Acidcat CMS Multiple Vulnerabilitiesadmin_at_nospam20 Apr 2008
[ MDVSA-2008:090 ] - Updated OpenOffice.org packages fix vulnerabilitiessecurity_at_nospam20 Apr 2008
Deciphering the PHP-Nuke CapthcaMichael.Brooks.SPAM_at_nospam19 Apr 2008
SyScan'08 Singapore - Call for Paperorganiser_at_nospam20 Apr 2008
Deciphering the Simple Machines Forum audio CaptchaMichael.Brooks.SPAM_at_nospam19 Apr 2008
Token Kidnapping (Microsoft Security Advisory 951306) presentation availableCesar19 Apr 2008
[SECURITY] [DSA 1552-1] New mplayer packages fix arbitrary code executionMoritz Muehlenhoff19 Apr 2008
[SECURITY] [DSA 1551-1] New python2.4 packages fix several vulnerabilitiesMoritz Muehlenhoff19 Apr 2008
ANNOUNCE: RFIDIOt-0.1s release (now available for Windows)Adam Laurie18 Apr 2008
Team SHATTER Security Advisory: IBM DB2 UDB Arbitrary code execution in ADMIN_SP_C/ADMIN_SP_C2 proceduresTeam SHATTER18 Apr 2008
[ GLSA 200804-22 ] PowerDNS Recursor: DNS Cache PoisoningRobert Buchholz18 Apr 2008
Team SHATTER Security Advisory: IBM DB2 UDB Arbitrary file overwrite in SYSPROC.NNSTAT procedureTeam SHATTER18 Apr 2008
Team SHATTER Security Advisory: Multiple DoS in JAR files manipulation proceduresTeam SHATTER18 Apr 2008
Wikepage Wiki v.2007-2 Cross-Site Scriptingdarkz.gsa_at_nospam18 Apr 2008
[ GLSA 200804-21 ] Adobe Flash Player: Multiple vulnerabilitiesRobert Buchholz18 Apr 2008
LightNEasy v.1.2.2 flat Multiple Vulnerabilitiesdarkz.gsa_at_nospam18 Apr 2008
5th avenue Shopping Cart SQL Injectionnoreply_at_nospam18 Apr 2008
[ GLSA 200804-20 ] Sun JDK/JRE: Multiple vulnerabilitiesRobert Buchholz17 Apr 2008
BitTorrent Clients and CSRFth3.r00k.nospam_at_nospam18 Apr 2008
[ MDVSA-2008:089 ] - Updated poppler packages fix vulnerabilitysecurity_at_nospam18 Apr 2008
[ MDVSA-2008:088 ] - Updated clamav packages fix multiple vulnerabilitiessecurity_at_nospam18 Apr 2008
[ GLSA 200804-19 ] PHP Toolkit: Data disclosure and Denial of ServiceRobert Buchholz17 Apr 2008
iDefense Security Advisory 04.17.08: Multiple Vendor OpenOffice QPRO File Parsing Integer Underflow VulnerabilityiDefense Labs17 Apr 2008
iDefense Security Advisory 04.17.08: Multiple Vendor OpenOffice QPRO Multiple Heap Overflow VulnerabilitiesiDefense Labs17 Apr 2008
iDefense Security Advisory 04.17.08: Multiple Vendor OpenOffice EMF EMR_BITBLT Record Integer Overflow VulnerabilityiDefense Labs17 Apr 2008
iDefense Security Advisory 04.17.08: Multiple Vendor OpenOffice OLE DocumentSummaryInformation Heap Overflow VulnerabilityiDefense Labs17 Apr 2008
[SECURITY] [DSA 1550-1] New suphp packages fix local privilege escalationMoritz Muehlenhoff17 Apr 2008
Re: [Full-disclosure] Secunia Research: Lotus Notes Folio Flat File Parsing Buffer OverflowsJuha-Matti Laurio17 Apr 2008
[SECURITY] [DSA 1549-1] New clamav packages fix several vulnerabilitiesMoritz Muehlenhoff17 Apr 2008
[USN-603-2] KOffice vulnerabilityKees Cook17 Apr 2008
[USN-603-1] poppler vulnerabilityKees Cook17 Apr 2008
[SECURITY] [DSA 1548-1] New xpdf packages fix arbitrary code exitutionDevin Carraway17 Apr 2008
Announcement - DeepSec Conference 2008, Nov 11-14 2008DeepSec Conference16 Apr 2008
Microsoft Works 7 WkImgSrv.dll crash POCwsn1983_at_nospam17 Apr 2008
[security bulletin] HPSBMA02328 SSRT071293 rev.2 - HP OpenView Network Node Manager (OV NNM) Running Apache, Remote Cross Site Scripting (XSS), Denial of Service (DoS), Execute Arbitrary Codesecurity-alert_at_nospam17 Apr 2008
[security bulletin] HPSBST02329 SSRT080048 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-018 to MS08-025security-alert_at_nospam17 Apr 2008
[security bulletin] HPSBMA02133 SSRT061201 rev.8 - HP Oracle for OpenView (OfO) Critical Patch Updatesecurity-alert_at_nospam17 Apr 2008
[ GLSA 200804-18 ] Poppler: User-assisted execution of arbitrary codeRobert Buchholz17 Apr 2008
[ GLSA 200804-17 ] Speex: User-assisted execution of arbitrary codeRobert Buchholz17 Apr 2008
[ GLSA 200804-16 ] rsync: Execution of arbitrary codeRobert Buchholz17 Apr 2008
[SECURITY] [DSA 1547-1] New OpenOffice.org packages fix arbitrary code executionMartin Schulze17 Apr 2008
[oCERT-2008-004] multiple speex implementations insufficient boundary checksAndrea Barisani17 Apr 2008
[ MDVSA-2008:087 ] - Updated policykit package fixes format string vulnerabilitysecurity_at_nospam17 Apr 2008
FreeBSD Security Advisory FreeBSD-SA-08:05.opensshFreeBSD Security Advisories17 Apr 2008
ZDI-08-022: Apple Safari WebKit PCRE Handling Integer Overflow Vulnerabilityzdi-disclosures_at_nospam16 Apr 2008
Classifieds Caffe (index.php cat_id) Remote SQL Injectionsys-project_at_nospam16 Apr 2008
Re: PHPSlideShow (toonchapter8.php) Cross-Site Scripting Vulnerabilitycontact_at_nospam16 Apr 2008
iDefense Security Advisory 04.15.08: Oracle Application Express Privilege Escalation VulnerabilityiDefense Labs16 Apr 2008
iDefense Security Advisory 04.09.08: IBM DB2 Universal Database db2dasStartStopFMDaemon Buffer Overflow VulnerabilityiDefense Labs15 Apr 2008
iDefense Security Advisory 04.09.08: IBM DB2 Universal Database Administration Server File Creation VulnerabilityiDefense Labs15 Apr 2008
CA DSM gui_cm_ctrls ActiveX Control VulnerabilityWilliams, James K16 Apr 2008
Cisco Security Advisory: Cisco Network Admission Control Shared Secret VulnerabilityCisco Systems Product Security Incident Response Team16 Apr 2008
Oracle - Hardcoded Password and Password Reset of OUTLN User [DB13]ak_at_nospam16 Apr 2008
[INFIGO-2008-04-08]: ICQ 6 remote buffer overflow vulnerabilityinfocus16 Apr 2008
Oracle - SQL Injection in package SDO_IDX [DB07]ak_at_nospam16 Apr 2008
Oracle - SQL Injection Vulnerability in SDO_UTIL [DB05]ak_at_nospam16 Apr 2008
BigAnt Server 2.2 PreAuth Remote SEH Overflow Exploit (0day)admin_at_nospam15 Apr 2008
Re: BigAnt Server 2.2 PreAuth Remote SEH Overflow Exploit (0day)m.memelli_at_nospam17 Apr 2008
VMSA-2008-0007 Moderate Updated Service Console packages pcre, net-snmp, and OpenPegasusVMware Security team16 Apr 2008
Carbon Communities forum Multiple Vulnerabilities.admin_at_nospam16 Apr 2008
Oracle - SQL Injection in package SDO_GEOM [DB06]ak_at_nospam16 Apr 2008
[ MDVSA-2008:086 ] - Updated kernel packages fix vulnerabilitysecurity_at_nospam15 Apr 2008
DIVX Player <= 6.7.0 Buffer Overflow PoC ( .SRT )securfrog_at_nospam15 Apr 2008
remote file includewin32.exe_at_nospam15 Apr 2008
iDefense Security Advisory 04.14.08: ClamAV libclamav PE WWPack Heap Overflow VulnerabilityiDefense Labs15 Apr 2008
remote file includewin32.exe_at_nospam15 Apr 2008
Koobi Pro 6.25 poll Remote SQL Injection VulnerabilitySabun_at_nospam15 Apr 2008
WordPress 2.5 - Salt cracking vulnerabilityJ. Carlos Nieto15 Apr 2008
Koobi CMS 4.2.4/4.2.5/4.3.0 Multiple Remote SQL Injection Vulnerabilitiessys-project_at_nospam15 Apr 2008
[SECURITY] [DSA 1540-2] New lighttpd packages fix denial of serviceSteve Kemp15 Apr 2008
[ MDVSA-2008:086 ] - Updated kernel packages fix vulnerabilitysecurity_at_nospam15 Apr 2008
BosNews 2002-2006 Remote add user adminhoussamix_at_nospam15 Apr 2008
clamav: Endless loop / hang with crafter arj, CVE-2008-1387Hanno Böck15 Apr 2008
BosNews v4.0 Remote add user adminhoussamix_at_nospam15 Apr 2008
[ MDVSA-2008:085 ] - Updated python packages fix arbitrary code execution vulnerabilitysecurity_at_nospam15 Apr 2008
[ GLSA 200804-13 ] Asterisk: Multiple vulnerabilitiesRobert Buchholz14 Apr 2008
Dotclear 'ecrire/images.php' Arbitrary File Upload VulnerabilityMorgan ARMAND15 Apr 2008
[ GLSA 200804-15 ] libpng: Execution of arbitrary codeRobert Buchholz15 Apr 2008
KwsPHP (Upload) Remote Code Execution Exploitajax_at_nospam15 Apr 2008
[ GLSA 200804-14 ] Opera: Multiple vulnerabilitiesRobert Buchholz14 Apr 2008
Troopers08 Security Conference, April 23/24 (Munich/Germany)Enno Rey15 Apr 2008
[USN-601-1] Squid vulnerabilityJamie Strandboge14 Apr 2008
Fones Clinic Mart SQLturkish-warriorr_at_nospam14 Apr 2008
S21SEC-043-en:Cezanne SW Blind SQL InjectionS21sec labs14 Apr 2008
S21SEC-042-en:Cezanne SW Cross-Site Scripting (login required)S21sec labs14 Apr 2008
S21SEC-041-en:Cezanne SW Cross-Site ScriptingS21sec labs14 Apr 2008
Secunia Research: Internet Explorer Data Stream Handling VulnerabilitySecunia Research14 Apr 2008
Secunia Research: activePDF DocConverter Applix Graphics Parsing VulnerabilitiesSecunia Research14 Apr 2008
Secunia Research: Autonomy Keyview Applix Graphics Parsing VulnerabilitiesSecunia Research14 Apr 2008
Secunia Research: Lotus Notes EML Reader Buffer OverflowsSecunia Research14 Apr 2008
Secunia Research: Symantec Mail Security Applix Graphics Parsing VulnerabilitiesSecunia Research14 Apr 2008
Secunia Research: Autonomy Keyview EML Reader Buffer OverflowsSecunia Research14 Apr 2008
Secunia Research: HP OpenView Network Node Manager OpenView5.exe Directory TraversalSecunia Research14 Apr 2008
Secunia Research: Autonomy Keyview Folio Flat File Parsing Buffer OverflowsSecunia Research14 Apr 2008
Secunia Research: Lotus Notes Folio Flat File Parsing Buffer OverflowsSecunia Research14 Apr 2008
Re: Secunia Research: Lotus Notes Folio Flat File Parsing Buffer OverflowsLuigi Auriemma15 Apr 2008
DOINGSOFT-2008-03-10-001 - XSS issue in BOXiR2Sebastien gioria13 Apr 2008
Secunia Research: Lotus Notes Applix Graphics Parsing VulnerabilitiesSecunia Research14 Apr 2008
Secunia Research: Symantec Mail Security Folio Flat File Parsing Buffer OverflowsSecunia Research14 Apr 2008
Secunia Research: Lotus Notes htmsr.dll Buffer OverflowsSecunia Research14 Apr 2008
Secunia Research: Adobe Flash Player "Declare Function (V7)" Heap OverflowSecunia Research14 Apr 2008
Secunia Research: activePDF DocConverter Folio Flat File Parsing Buffer OverflowsSecunia Research14 Apr 2008
OneSecurityDay 2008 - Web application auditing challengebugtraq_at_nospam13 Apr 2008
Secunia Research: Lotus Notes kvdocve.dll Path Processing Buffer OverflowSecunia Research14 Apr 2008
project announcement - oCERT - Open Source CERTAndrea Barisani12 Apr 2008
[oCERT-2008-003] libpng zero-length chunks incorrect handlingAndrea Barisani14 Apr 2008
DEF CON 16 Retro Announcement! Back to Bang!The Dark Tangent13 Apr 2008
Re: WoltLab(R) Community Framework WCF 1.0.6marc.deroche_at_nospam12 Apr 2008
DEF CON 16 Retro Announcement! Back to Bang!The Dark Tangent12 Apr 2008
[ MDVSA-2008:084 ] - Updated rsync packages fix vulnerabilitysecurity_at_nospam11 Apr 2008
IOActive Security Advisory: Incorrect input validation in PyString_FromStringAndSize() leads to multiple buffer overflowsJustin Ferguson11 Apr 2008
Trillian 3.1.9.0 DTD File Buffer Overflowdavid130490_at_nospam11 Apr 2008
Directory traversal and multiple Denials of Service in HP OpenView NNM 7.53Luigi Auriemma11 Apr 2008
[ GLSA 200804-11 ] policyd-weight: Insecure temporary file creationRobert Buchholz11 Apr 2008
[ GLSA 200804-12 ] gnome-screensaver: Privilege escalationRaphael Marichez11 Apr 2008
WiKID wClient-PHP <= 3.0-2 Multiple XSS Vulnerabilitiesascii11 Apr 2008
iDefense Security Advisory 04.09.08: EMC DiskXtender Authentication Bypass VulnerabilityiDefense Labs10 Apr 2008
[USN-600-1] rsync vulnerabilityKees Cook11 Apr 2008
iDefense Security Advisory 04.09.08: EMC DiskXtender MediaStor Format String VulnerabilityiDefense Labs10 Apr 2008
[SECURITY] [DSA 1546-1] New gnumeric packages fix arbitrary code executionDevin Carraway10 Apr 2008
iDefense Security Advisory 04.09.08: EMC DiskXtender File System Manager Stack Buffer Overflow VulnerabilityiDefense Labs10 Apr 2008
w2b.ru multiple products SQL Injectionnoreply_at_nospam10 Apr 2008
[ GLSA 200804-09 ] am-utils: Insecure temporary file creationPierre-Yves Rofes10 Apr 2008
[ GLSA 200804-10 ] Tomcat: Multiple vulnerabilitiesPierre-Yves Rofes10 Apr 2008
[SECURITY] [DSA 1545-1] New rsync packages fix arbitrary code executionMoritz Muehlenhoff10 Apr 2008
EUSecWest CFP Closes April 14th (conf May 21/22 2008)Dragos Ruiu10 Apr 2008
[ GLSA 200804-08 ] lighttpd: Multiple vulnerabilitiesTobias Heinlein10 Apr 2008
[ MDVSA-2008:083 ] - Updated audit packages fix vulnerabilitysecurity_at_nospam09 Apr 2008
paFileDB 3.1 Remote SQL Injectionnoreply_at_nospam10 Apr 2008
IOActive Security Advisory: Buffer overflow in Python zlib extension moduleJustin Ferguson09 Apr 2008
[SECURITY] [DSA 1544-1] New pdns-recursor packages fix cache poisoning vulnerabilityFlorian Weimer09 Apr 2008
[USN-599-1] Ghostscript vulnerabilityJamie Strandboge09 Apr 2008
[ MDVSA-2008:082 ] - Updated php-apc packages fix vulnerabilitysecurity_at_nospam09 Apr 2008
[SECURITY] [DSA 1543-1] New vlc packages fix several vulnerabilitiesDevin Carraway09 Apr 2008
[CVE-2007-5301] alsaplayer PoC - exploitAlbert Sellars09 Apr 2008
[SECURITY] [DSA 1542-1] New libcairo packages fix arbitrary code executionDevin Carraway09 Apr 2008
iDefense Security Advisory 04.08.08: Microsoft Windows Graphics Rendering Engine Integer Overflow VulnerabilityiDefense Labs08 Apr 2008
[ GLSA 200804-07 ] PECL APC: Buffer OverflowRobert Buchholz09 Apr 2008
Pu Arcade component for Joomla - SQL injectionnetmantis.com_at_nospam09 Apr 2008
ZDI-08-021: Adobe Flash Player DeclareFunction2 Invalid Object Use Vulnerabilityzdi-disclosures_at_nospam08 Apr 2008
SAP Netweaver 6.40-7.0 Cross-Site-Scriptingjaime.blasco_at_nospam09 Apr 2008
CAU-2008-0002: Microsoft Windows SharePoint Services Picture Source XSSI)ruid09 Apr 2008
[SECURITY] [DSA 1541-1] New openldap2.3 packages fix denial of serviceMoritz Muehlenhoff08 Apr 2008
iDefense Security Advisory 04.08.08: Microsoft HxTocCtrl ActiveX Control Invalid Param Heap Corruption VulnerabilityiDefense Labs08 Apr 2008
ZDI-08-020: Microsoft GDI WMF Parsing Heap Overflow Vulnerabilityzdi-disclosures_at_nospam08 Apr 2008
[security bulletin] HPSBMA02242 SSRT061260 rev.3 - HP OpenView Network Node Manager (OV NNM) Running Shared Trace Service, Remote Arbitrary Code Executionsecurity-alert_at_nospam08 Apr 2008
[security bulletin] [security bulletin] HPSBST02318 SSRT080018 rev.1 - HP Storage Essentials Software, Remote Unauthorized Access to Datasecurity-alert_at_nospam08 Apr 2008
Microsoft Windows DNS Stub Resolver Cache Poisoning (MS08-020)Amit Klein08 Apr 2008
New tool released : Syslog Fuzzerjaime.blasco_at_nospam08 Apr 2008
Swiki 1.5 Multiple Cross-Site Scripting Vulnerabilitiesbrad.antoniewicz_at_nospam07 Apr 2008
licq remote DoS?Milen Rangelov08 Apr 2008
Re: licq remote DoS?3APA3A10 Apr 2008
--> Re: Re: licq remote DoS?mrangelov_at_nospam10 Apr 2008
[security bulletin] HPSBMA02327 SSRT071455 rev.1 - HP Integrity Servers iLO-2 Management Processors (iLO-2 MP), Denial of Service (DoS)security-alert_at_nospam08 Apr 2008
Wayport Public Access PC Authentication Bypass WeaknessPascal Cretain08 Apr 2008
WoltLab(R) Community Framework XSS and Full Path Disclosure VulnerabilityJessica Hope07 Apr 2008
[ GLSA 200804-04 ] MySQL: Multiple vulnerabilitiesRobert Buchholz06 Apr 2008
Multiple vulnerabilities in HP OpenView NNM 7.53Luigi Auriemma07 Apr 2008
Re: Multiple vulnerabilities in HP OpenView NNM 7.53Luigi Auriemma08 Apr 2008
[SECURITY] [DSA 1540-1] New lighttpd packages fix denial of serviceSteve Kemp07 Apr 2008
Wikepage Opus 13 2007.2 Directory Traversal Vulnerbilityvirangar_nml_at_nospam07 Apr 2008
Re: Wikepage Opus 13 2007.2 Directory Traversal Vulnerbilityyeppy_at_nospam08 Apr 2008
Attack Technique: File Download InjectionJeff Williams07 Apr 2008
[ GLSA 200804-06 ] UnZip: User-assisted execution of arbitrary codeRobert Buchholz06 Apr 2008
Tumbleweed SecureTransport FileTransfer ActiveX Control Buffer OverflowPatrick Webster07 Apr 2008
openMosix userspace library stack-based buffer overflowjose_at_nospam06 Apr 2008
Re: openMosix userspace library stack-based buffer overflownixpanic_at_nospam10 Apr 2008
[ GLSA 200804-05 ] NX: User-assisted execution of arbitrary codeRobert Buchholz06 Apr 2008
[ GLSA 200804-03 ] OpenSSH: Privilege escalationRobert Buchholz05 Apr 2008
Blogator-script 0.95 SQL Injection Vulnerbilityhadihadi_zedehal_2006_at_nospam05 Apr 2008
Alkacon OpenCms sessions.jsp searchfilter XSSnnposter_at_nospam05 Apr 2008
Re: Alkacon OpenCms sessions.jsp searchfilter XSSa.westtermann_at_nospam10 Apr 2008
Blogator-script 0.95 Change User Password Vulnerbilityhadihadi_zedehal_2006_at_nospam05 Apr 2008
TheGreenBowVPN, Login Credentials Disclosureevilcry_at_nospam05 Apr 2008
F5 BIG-IP Management Interface Perl Injectionnnposter_at_nospam05 Apr 2008
rPSA-2008-0139-1 gnome-ssh-askpass openssh openssh-client openssh-serverrPath Update Announcements04 Apr 2008
rPSA-2008-0138-1 tshark wiresharkrPath Update Announcements04 Apr 2008
rPSA-2008-0136-1 cupsrPath Update Announcements04 Apr 2008
[SECURITY] [DSA 1538-1] New alsaplayer packages fix arbitrary code executionDevin Carraway04 Apr 2008
[SECURITY] [DSA 1539-1] New mapserver packages fix multiple vulnerabilitiesDevin Carraway04 Apr 2008
iDefense Security Advisory 04.03.08: Computer Associates Alert Notification Service Multiple RPC Buffer Overflow VulnerabilitiesiDefense Labs04 Apr 2008
iDefense Security Advisory 04.03.08: SCO UnixWare pkgadd Directory Traversal VulnerabilityiDefense Labs03 Apr 2008
iDefense Security Advisory 04.02.08: Symantec Norton Internet Security 2008 ActiveX Control Buffer Overflow VulnerabilityiDefense Labs03 Apr 2008
[security bulletin] HPSBMA02323 SSRT080032 rev.1 - HP USB Floppy Drive Key (Option) for ProLiant Servers, Local Virus Infectionsecurity-alert_at_nospam04 Apr 2008
CORE-2008-0314 - Orbit Downloader "Download failed" buffer overflowCORE Security Technologies Advisories03 Apr 2008
ZDI-08-017: Apple QuickTime Kodak Encoding Heap Overflow Vulnerabilityzdi-disclosures_at_nospam03 Apr 2008
iDefense Security Advisory 04.02.08: Symantec Internet Security 2008 ActiveDataInfo.LaunchProcess Design Error VulnerabilityiDefense Labs03 Apr 2008
KwsPHP Module ConcoursPhoto XSShsx_at_nospam04 Apr 2008
CA ARCserve Backup for Laptops and Desktops Server and CA Desktop Management Suite Multiple VulnerabilitiesWilliams, James K04 Apr 2008
ZDI-08-019: Apple QuickTime Malformed VR obji Atom Parsing Memory Corruption Vulnerabilityzdi-disclosures_at_nospam03 Apr 2008
CA Alert Notification Server Multiple VulnerabilitiesWilliams, James K04 Apr 2008
ZDI-08-015: Apple QuickTime Clipping Region Heap Overflow Vulnerabilityzdi-disclosures_at_nospam03 Apr 2008
ZDI-08-016: Apple QuickTime MP4A Atom Parsing Heap Corruption Vulnerabilityzdi-disclosures_at_nospam03 Apr 2008
Medium security hole affecting Festival on Debian unstable/testing and Ubuntu Hardy HeronTim Brown03 Apr 2008
ZDI-08-014: Apple Quicktime Multiple Opcode Memory Corruption Vulnerabilitieszdi-disclosures_at_nospam03 Apr 2008
ZDI-08-018: Apple QuickTime Run Length Encoding Heap Overflow Vulnerabilityzdi-disclosures_at_nospam03 Apr 2008
POC2008 call for paperspocadm_at_nospam03 Apr 2008
Cisco Security Advisory: Cisco Unified Communications Disaster Recovery Framework Command Execution VulnerabilityCisco Systems Product Security Incident Response Team03 Apr 2008
Recon 2008 CFP last call, early registration openRecon Conference03 Apr 2008
[USN-588-2] MySQL regressionJamie Strandboge02 Apr 2008
Parallels virtuozzo's VZPP multiple csrf vulnerabilitiespoplix02 Apr 2008
Joomla Component com_lms SQL Injectionno-reply_at_nospam03 Apr 2008
Vulnerabilities in kses-based HTML filterslpilorz_at_nospam02 Apr 2008
[USN-598-1] CUPS vulnerabilitiesJamie Strandboge02 Apr 2008
Webwasher Denial of Service Vulnerabilitysecurity_at_nospam03 Apr 2008
[ GLSA 200804-02 ] bzip2: Denial of ServicePierre-Yves Rofes02 Apr 2008
[SECURITY] [DSA 1537-1] New xpdf packages fix multiple vulnerabilitiesDevin Carraway02 Apr 2008
[ MDVSA-2008:081 ] - Updated CUPS packages fix multiple vulnerabilitiessecurity_at_nospam02 Apr 2008
RE: Internet explorer 7.0 spoofingMike Diaz02 Apr 2008
Directory traversal in LANDesk Management Suite 8.80.1.1Luigi Auriemma02 Apr 2008
ANNOUNCE: Apache-SSL security release - apache_1.3.41+ssl_1.59Adam Laurie02 Apr 2008
HPSBTU02325 SSRT080006 rev.1 - HP Internet Express for Tru64 UNIX running PostgreSQL, Arbitrary Code Execution, Privilege Elevation, or Denial of Service (DoS)security-alert_at_nospam02 Apr 2008
[USN-597-1] OpenSSH vulnerabilityKees Cook02 Apr 2008
Datalife Engine 6.7 XSRFirancrash_at_nospam01 Apr 2008
HPSBMA02317 SSRT080026 rev.1 - HP Select Identity Software, Gain Unauthorized Accesssecurity-alert_at_nospam02 Apr 2008
Writers Block SQL Injection Vulnerabilitiesnebelfrost23_at_nospam02 Apr 2008
Re: Re: Internet explorer 7.0 spoofingw0lfd33m_at_nospam01 Apr 2008
Re: Re: Re: Internet explorer 7.0 spoofingjplopezy_at_nospam02 Apr 2008
[ GLSA 200804-01 ] CUPS: Multiple vulnerabilitiesRobert Buchholz01 Apr 2008
TCP/IP security vulnerability disclosedJ. Oquendo01 Apr 2008
[SECURITY] [DSA 1533-2] New exiftags packages fix several vulnerabilitiesDevin Carraway01 Apr 2008
cevado technologies real estate CMS SQL injectionjoseph.giron13_at_nospam01 Apr 2008
Terracotta Personal Edition Multiple vulnerabilitiesjoseph.giron13_at_nospam01 Apr 2008
CAU-2008-0001 - Slowly Closing Door Race ConditionI)ruid01 Apr 2008