bugtraq April 2008 archive
Main Archive Page > Month Archives  > bugtraq archives
bugtraq: By Subject

bugtraq By Subject

SubjectAuthor Date
5th avenue Shopping Cart SQL Injection
 noreply_at_nospam 18 Apr 2008
[ GLSA 200804-01 ] CUPS: Multiple vulnerabilities
 Robert Buchholz 01 Apr 2008
[ GLSA 200804-02 ] bzip2: Denial of Service
 Pierre-Yves Rofes 02 Apr 2008
[ GLSA 200804-03 ] OpenSSH: Privilege escalation
 Robert Buchholz 05 Apr 2008
[ GLSA 200804-04 ] MySQL: Multiple vulnerabilities
 Robert Buchholz 06 Apr 2008
[ GLSA 200804-05 ] NX: User-assisted execution of arbitrary code
 Robert Buchholz 06 Apr 2008
[ GLSA 200804-06 ] UnZip: User-assisted execution of arbitrary code
 Robert Buchholz 06 Apr 2008
[ GLSA 200804-07 ] PECL APC: Buffer Overflow
 Robert Buchholz 09 Apr 2008
[ GLSA 200804-08 ] lighttpd: Multiple vulnerabilities
 Tobias Heinlein 10 Apr 2008
[ GLSA 200804-09 ] am-utils: Insecure temporary file creation
 Pierre-Yves Rofes 10 Apr 2008
[ GLSA 200804-10 ] Tomcat: Multiple vulnerabilities
 Pierre-Yves Rofes 10 Apr 2008
[ GLSA 200804-11 ] policyd-weight: Insecure temporary file creation
 Robert Buchholz 11 Apr 2008
[ GLSA 200804-12 ] gnome-screensaver: Privilege escalation
 Raphael Marichez 11 Apr 2008
[ GLSA 200804-13 ] Asterisk: Multiple vulnerabilities
 Robert Buchholz 14 Apr 2008
[ GLSA 200804-14 ] Opera: Multiple vulnerabilities
 Robert Buchholz 14 Apr 2008
[ GLSA 200804-15 ] libpng: Execution of arbitrary code
 Robert Buchholz 15 Apr 2008
[ GLSA 200804-16 ] rsync: Execution of arbitrary code
 Robert Buchholz 17 Apr 2008
[ GLSA 200804-17 ] Speex: User-assisted execution of arbitrary code
 Robert Buchholz 17 Apr 2008
[ GLSA 200804-18 ] Poppler: User-assisted execution of arbitrary code
 Robert Buchholz 17 Apr 2008
[ GLSA 200804-19 ] PHP Toolkit: Data disclosure and Denial of Service
 Robert Buchholz 17 Apr 2008
[ GLSA 200804-21 ] Adobe Flash Player: Multiple vulnerabilities
 Robert Buchholz 18 Apr 2008
[ GLSA 200804-22 ] PowerDNS Recursor: DNS Cache Poisoning
 Robert Buchholz 18 Apr 2008
[ GLSA 200804-23 ] CUPS: Integer overflow vulnerability
 Matthias Geerdsen 18 Apr 2008
[ GLSA 200804-24 ] DBmail: Data disclosure
 Matthias Geerdsen 18 Apr 2008
[ GLSA 200804-25 ] VLC: User-assisted execution of arbitrary code
 Robert Buchholz 23 Apr 2008
[ GLSA 200804-27 ] SILC: Multiple vulnerabilities
 Tobias Heinlein 24 Apr 2008
[ GLSA 200804-28 ] JRockit: Multiple vulnerabilities
 Tobias Heinlein 24 Apr 2008
[ GLSA 200804-29 ] Comix: Multiple vulnerabilities
 Pierre-Yves Rofes 25 Apr 2008
[ GLSA 200804-30 ] KDE start_kdeinit: Multiple vulnerabilities
 Matthias Geerdsen 29 Apr 2008
[ MDVSA-2008:081 ] - Updated CUPS packages fix multiple vulnerabilities
 security_at_nospam 02 Apr 2008
[ MDVSA-2008:082 ] - Updated php-apc packages fix vulnerability
 security_at_nospam 09 Apr 2008
[ MDVSA-2008:083 ] - Updated audit packages fix vulnerability
 security_at_nospam 09 Apr 2008
[ MDVSA-2008:084 ] - Updated rsync packages fix vulnerability
 security_at_nospam 11 Apr 2008
[ MDVSA-2008:085 ] - Updated python packages fix arbitrary code execution vulnerability
 security_at_nospam 15 Apr 2008
[ MDVSA-2008:086 ] - Updated kernel packages fix vulnerability
 security_at_nospam 15 Apr 2008
 security_at_nospam 15 Apr 2008
[ MDVSA-2008:087 ] - Updated policykit package fixes format string vulnerability
 security_at_nospam 17 Apr 2008
[ MDVSA-2008:088 ] - Updated clamav packages fix multiple vulnerabilities
 security_at_nospam 18 Apr 2008
[ MDVSA-2008:089 ] - Updated poppler packages fix vulnerability
 security_at_nospam 18 Apr 2008
[ MDVSA-2008:090 ] - Updated OpenOffice.org packages fix vulnerabilities
 security_at_nospam 20 Apr 2008
[ MDVSA-2008:091 ] - Updated wireshark packages fix denial of service vulnerabilities
 security_at_nospam 25 Apr 2008
[ MDVSA-2008:092 ] - Updated gstreamer-plugins-good packages fix vulnerabilities
 security_at_nospam 29 Apr 2008
[ MDVSA-2008:093 ] - Updated vorbis-tools packages fix vulnerabilities
 security_at_nospam 29 Apr 2008
[CVE-2007-5301] alsaplayer PoC - exploit
 Albert Sellarčs 09 Apr 2008
[ECHO_ADV_88$2008] Prozilla Hosting Index (directory.php cat_id) Blind Sql Injection Vulnerability
 erdc_at_nospam 28 Apr 2008
[ECHO_ADV_89$2008] Softbiz Web Host Directory Script (search_result.php host_id) Blind Sql Injection Vulnerability
 erdc_at_nospam 28 Apr 2008
[Full-disclosure] Cross site scripting issues in s9y (CVE-2008-1386, CVE-2008-1387))
 Hanno Böck 22 Apr 2008
[Full-disclosure] Secunia Research: Lotus Notes Folio Flat File Parsing Buffer Overflows
 Juha-Matti Laurio 17 Apr 2008
[INFIGO-2008-04-08]: ICQ 6 remote buffer overflow vulnerability
 infocus 16 Apr 2008
[oCERT-2008-003] libpng zero-length chunks incorrect handling
 Andrea Barisani 14 Apr 2008
[oCERT-2008-004] multiple speex implementations insufficient boundary checks
 Andrea Barisani 17 Apr 2008
[security bulletin] [security bulletin] HPSBST02318 SSRT080018 rev.1 - HP Storage Essentials Software, Remote Unauthorized Access to Data
 security-alert_at_nospam 08 Apr 2008
[security bulletin] HPSBMA02133 SSRT061201 rev.8 - HP Oracle for OpenView (OfO) Critical Patch Update
 security-alert_at_nospam 17 Apr 2008
[security bulletin] HPSBMA02242 SSRT061260 rev.3 - HP OpenView Network Node Manager (OV NNM) Running Shared Trace Service, Remote Arbitrary Code Execution
 security-alert_at_nospam 08 Apr 2008
[security bulletin] HPSBMA02323 SSRT080032 rev.1 - HP USB Floppy Drive Key (Option) for ProLiant Servers, Local Virus Infection
 security-alert_at_nospam 04 Apr 2008
[security bulletin] HPSBMA02327 SSRT071455 rev.1 - HP Integrity Servers iLO-2 Management Processors (iLO-2 MP), Denial of Service (DoS)
 security-alert_at_nospam 08 Apr 2008
[security bulletin] HPSBMA02328 SSRT071293 rev.2 - HP OpenView Network Node Manager (OV NNM) Running Apache, Remote Cross Site Scripting (XSS), Denial of Service (DoS), Execute Arbitrary Code
 security-alert_at_nospam 17 Apr 2008
[security bulletin] HPSBMA02331 SSRT080000 rev.1 - HP-UX running WBEM Services, Remote Execution of Arbitrary Code, Gain Extended Privileges
 security-alert_at_nospam 30 Apr 2008
[security bulletin] HPSBST02329 SSRT080048 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-018 to MS08-025
 security-alert_at_nospam 17 Apr 2008
[SECURITY] [DSA 1533-2] New exiftags packages fix several vulnerabilities
 Devin Carraway 01 Apr 2008
[SECURITY] [DSA 1534-2] New iceape packages fix regression
 Moritz Muehlenhoff 24 Apr 2008
[SECURITY] [DSA 1537-1] New xpdf packages fix multiple vulnerabilities
 Devin Carraway 02 Apr 2008
[SECURITY] [DSA 1538-1] New alsaplayer packages fix arbitrary code execution
 Devin Carraway 04 Apr 2008
[SECURITY] [DSA 1539-1] New mapserver packages fix multiple vulnerabilities
 Devin Carraway 04 Apr 2008
[SECURITY] [DSA 1540-1] New lighttpd packages fix denial of service
 Steve Kemp 07 Apr 2008
[SECURITY] [DSA 1540-2] New lighttpd packages fix denial of service
 Steve Kemp 15 Apr 2008
[SECURITY] [DSA 1541-1] New openldap2.3 packages fix denial of service
 Moritz Muehlenhoff 08 Apr 2008
[SECURITY] [DSA 1542-1] New libcairo packages fix arbitrary code execution
 Devin Carraway 09 Apr 2008
[SECURITY] [DSA 1543-1] New vlc packages fix several vulnerabilities
 Devin Carraway 09 Apr 2008
[SECURITY] [DSA 1544-1] New pdns-recursor packages fix cache poisoning vulnerability
 Florian Weimer 09 Apr 2008
[SECURITY] [DSA 1545-1] New rsync packages fix arbitrary code execution
 Moritz Muehlenhoff 10 Apr 2008
[SECURITY] [DSA 1546-1] New gnumeric packages fix arbitrary code execution
 Devin Carraway 10 Apr 2008
[SECURITY] [DSA 1547-1] New OpenOffice.org packages fix arbitrary code execution
 Martin Schulze 17 Apr 2008
[SECURITY] [DSA 1548-1] New xpdf packages fix arbitrary code exitution
 Devin Carraway 17 Apr 2008
[SECURITY] [DSA 1549-1] New clamav packages fix several vulnerabilities
 Moritz Muehlenhoff 17 Apr 2008
[SECURITY] [DSA 1550-1] New suphp packages fix local privilege escalation
 Moritz Muehlenhoff 17 Apr 2008
[SECURITY] [DSA 1551-1] New python2.4 packages fix several vulnerabilities
 Moritz Muehlenhoff 19 Apr 2008
[SECURITY] [DSA 1552-1] New mplayer packages fix arbitrary code execution
 Moritz Muehlenhoff 19 Apr 2008
[SECURITY] [DSA 1553-1] New ikiwiki packages fix cross-site request forgery
 Florian Weimer 20 Apr 2008
[SECURITY] [DSA 1554-1] New roundup packages fix cross-site scripting vulnerability
 Noah Meyerhans 22 Apr 2008
[SECURITY] [DSA 1555-1] New iceweasel packages fix arbitrary code execution
 Moritz Muehlenhoff 23 Apr 2008
[SECURITY] [DSA 1556-1] New perl packages fix denial of service
 Florian Weimer 24 Apr 2008
[SECURITY] [DSA 1556-2] New perl packages fix denial of service
 Florian Weimer 27 Apr 2008
[SECURITY] [DSA 1557-1] New phpmyadmin packages fix several vulnerabilities
 Thijs Kinkhorst 24 Apr 2008
[SECURITY] [DSA 1558-1] New xulrunner packages fix arbitrary code execution
 Moritz Muehlenhoff 24 Apr 2008
[SECURITY] [DSA 1560-1] New kronolith2 packages fix cross site scripting
 Thijs Kinkhorst 28 Apr 2008
[SECURITY] [DSA 1561-1] New ldm packages fix information disclosure
 Thijs Kinkhorst 28 Apr 2008
[SECURITY] [DSA 1562-1] New iceape packages fix arbitrary code execution
 Moritz Muehlenhoff 28 Apr 2008
[SECURITY] [DSA 1563-1] New asterisk packages fix denial of service
 Moritz Muehlenhoff 30 Apr 2008
[USN-588-2] MySQL regression
 Jamie Strandboge 02 Apr 2008
[USN-597-1] OpenSSH vulnerability
 Kees Cook 02 Apr 2008
[USN-598-1] CUPS vulnerabilities
 Jamie Strandboge 02 Apr 2008
[USN-599-1] Ghostscript vulnerability
 Jamie Strandboge 09 Apr 2008
[USN-600-1] rsync vulnerability
 Kees Cook 11 Apr 2008
[USN-601-1] Squid vulnerability
 Jamie Strandboge 14 Apr 2008
[USN-602-1] Firefox vulnerabilities
 Jamie Strandboge 22 Apr 2008
[USN-603-1] poppler vulnerability
 Kees Cook 17 Apr 2008
[USN-603-2] KOffice vulnerability
 Kees Cook 17 Apr 2008
[USN-604-1] Gnumeric vulnerability
 Kees Cook 22 Apr 2008
[W01-0408] Realtek HD Audio Codec Drivers (Vista) - Local Privilege Escalation
 vulns_at_nospam 23 Apr 2008
A New Class of Vulnerability in Oracle: Lateral SQL Injection
 David Litchfield 24 Apr 2008
Acidcat CMS Multiple Vulnerabilities
 admin_at_nospam 20 Apr 2008
Alkacon OpenCms sessions.jsp searchfilter XSS
 a.westtermann_at_nospam 10 Apr 2008
 nnposter_at_nospam 05 Apr 2008
ANNOUNCE: Apache-SSL security release - apache_1.3.41+ssl_1.59
 Adam Laurie 02 Apr 2008
ANNOUNCE: RFIDIOt-0.1s release (now available for Windows)
 Adam Laurie 18 Apr 2008
ANNOUNCE: Security Implications of Windows Access Tokens Whitepaper
 luke.jennings_at_nospam 18 Apr 2008
Announcement - DeepSec Conference 2008, Nov 11-14 2008
 DeepSec Conference 16 Apr 2008
AST-2008-006 - 3-way handshake in IAX2 incomplete
 Security Officer 22 Apr 2008
Attack Technique: File Download Injection
 Jeff Williams 07 Apr 2008
BigAnt Server 2.2 PreAuth Remote SEH Overflow Exploit (0day)
 m.memelli_at_nospam 17 Apr 2008
 admin_at_nospam 15 Apr 2008
BitTorrent Clients and CSRF
 th3.r00k.nospam_at_nospam 18 Apr 2008
Blogator-script 0.95 Change User Password Vulnerbility
 hadihadi_zedehal_2006_at_nospam 05 Apr 2008
Blogator-script 0.95 SQL Injection Vulnerbility
 hadihadi_zedehal_2006_at_nospam 05 Apr 2008
BosNews 2002-2006 Remote add user admin
 houssamix_at_nospam 15 Apr 2008
BosNews v4.0 Remote add user admin
 houssamix_at_nospam 15 Apr 2008
bug report
 hadikiamarsi_at_nospam 27 Apr 2008
CA Alert Notification Server Multiple Vulnerabilities
 Williams, James K 04 Apr 2008
CA ARCserve Backup for Laptops and Desktops Server and CA Desktop Management Suite Multiple Vulnerabilities
 Williams, James K 04 Apr 2008
CA DSM gui_cm_ctrls ActiveX Control Vulnerability
 Williams, James K 16 Apr 2008
Carbon Communities forum Multiple Vulnerabilities.
 admin_at_nospam 16 Apr 2008
CAU-2008-0001 - Slowly Closing Door Race Condition
 I)ruid 01 Apr 2008
CAU-2008-0002: Microsoft Windows SharePoint Services Picture Source XSS
 I)ruid 09 Apr 2008
cevado technologies real estate CMS SQL injection
 joseph.giron13_at_nospam 01 Apr 2008
CFP: Workshop on Open Source Software for Computer and Network Forensics
 Stefano Zanero 30 Apr 2008
Cisco Security Advisory: Cisco Network Admission Control Shared Secret Vulnerability
 Cisco Systems Product Security Incident Response Team 16 Apr 2008
Cisco Security Advisory: Cisco Unified Communications Disaster Recovery Framework Command Execution Vulnerability
 Cisco Systems Product Security Incident Response Team 03 Apr 2008
clamav: Endless loop / hang with crafter arj, CVE-2008-1387
 Hanno Böck 15 Apr 2008
Classifieds Caffe (index.php cat_id) Remote SQL Injection
 sys-project_at_nospam 16 Apr 2008
CORE-2008-0314 - Orbit Downloader "Download failed" buffer overflow
 CORE Security Technologies Advisories 03 Apr 2008
Critical Vulnerability in SNMPc
 NGSSoftware Insight Security Research 30 Apr 2008
Cross site scripting issues in s9y (CVE-2008-1386, CVE-2008-1387)
 Hanno Böck 22 Apr 2008
Curious vulnerability in Excel 2007
 jplopezy_at_nospam 26 Apr 2008
Datalife Engine 6.7 XSRF
 irancrash_at_nospam 01 Apr 2008
DDIVRT-2008-11 BadBlue uninst.exe DoS
 vulnerabilityresearch_at_nospam 24 Apr 2008
Deciphering the PHP-Nuke Capthca
 Michael.Brooks.SPAM_at_nospam 19 Apr 2008
Deciphering the Simple Machines Forum audio Captcha
 Michael.Brooks.SPAM_at_nospam 19 Apr 2008
DEF CON 16 Retro Announcement! Back to Bang!
 The Dark Tangent 13 Apr 2008
 The Dark Tangent 12 Apr 2008
Default key algorithm in Thomson and BT Home Hub routers
 ap_at_nospam 23 Apr 2008
 Adrian Pastor 22 Apr 2008
Denial of Service
 Robert Buchholz 23 Apr 2008
Directory traversal and multiple Denials of Service in HP OpenView NNM 7.53
 Luigi Auriemma 11 Apr 2008
Directory traversal in LANDesk Management Suite 8.80.1.1
 Luigi Auriemma 02 Apr 2008
DIVX Player <= 6.7.0 Buffer Overflow PoC ( .SRT )
 securfrog_at_nospam 15 Apr 2008
DOINGSOFT-2008-03-10-001 - XSS issue in BOXiR2
 Sebastien gioria 13 Apr 2008
Dotclear 'ecrire/images.php' Arbitrary File Upload Vulnerability
 Morgan ARMAND 15 Apr 2008
EUSecWest CFP Closes April 14th (conf May 21/22 2008)
 Dragos Ruiu 10 Apr 2008
F5 BIG-IP Management Interface Perl Injection
 nnposter_at_nospam 05 Apr 2008
Firefox 3.0 beta 5 crash
 Mauro Faccenda 23 Apr 2008
 Gianluca Borello 22 Apr 2008
Firefox 3.0 beta 5 crash (Slightly unrelated)
 Skratz0r 22 Apr 2008
Fones Clinic Mart SQL
 turkish-warriorr_at_nospam 14 Apr 2008
FreeBSD Security Advisory FreeBSD-SA-08:05.openssh
 FreeBSD Security Advisories 17 Apr 2008
GroupWise 7.0 mailto: scheme buffer overflow
 jplopezy_at_nospam 28 Apr 2008
h2desk helpdesk path disclosure vulnerability
 john_at_nospam 29 Apr 2008
heanet.dl.sourceforge.net hacked?
 securityfocus.com_at_nospam 30 Apr 2008
 Marshall Eubanks 30 Apr 2008
 Rainer Duffner 30 Apr 2008
 mirrors_at_nospam 30 Apr 2008
 Pieter de Boer 30 Apr 2008
 Michael Scheidell 30 Apr 2008
Horde Webmail XSS [Aria-Security]
 noreply_at_nospam 22 Apr 2008
HPSBGN02333 SSRT080031 rev.1 - HP Software Update HPeDiag Running on Windows, Remote Disclosure of Information and Execution of Arbitrary Code
 security-alert_at_nospam 24 Apr 2008
HPSBMA02317 SSRT080026 rev.1 - HP Select Identity Software, Gain Unauthorized Access
 security-alert_at_nospam 02 Apr 2008
HPSBTU02325 SSRT080006 rev.1 - HP Internet Express for Tru64 UNIX running PostgreSQL, Arbitrary Code Execution, Privilege Elevation, or Denial of Service (DoS)
 security-alert_at_nospam 02 Apr 2008
iDefense Security Advisory 04.02.08: Symantec Internet Security 2008 ActiveDataInfo.LaunchProcess Design Error Vulnerability
 iDefense Labs 03 Apr 2008
iDefense Security Advisory 04.02.08: Symantec Norton Internet Security 2008 ActiveX Control Buffer Overflow Vulnerability
 iDefense Labs 03 Apr 2008
iDefense Security Advisory 04.03.08: Computer Associates Alert Notification Service Multiple RPC Buffer Overflow Vulnerabilities
 iDefense Labs 04 Apr 2008
iDefense Security Advisory 04.03.08: SCO UnixWare pkgadd Directory Traversal Vulnerability
 iDefense Labs 03 Apr 2008
iDefense Security Advisory 04.08.08: Microsoft HxTocCtrl ActiveX Control Invalid Param Heap Corruption Vulnerability
 iDefense Labs 08 Apr 2008
iDefense Security Advisory 04.08.08: Microsoft Windows Graphics Rendering Engine Integer Overflow Vulnerability
 iDefense Labs 08 Apr 2008
iDefense Security Advisory 04.09.08: EMC DiskXtender Authentication Bypass Vulnerability
 iDefense Labs 10 Apr 2008
iDefense Security Advisory 04.09.08: EMC DiskXtender File System Manager Stack Buffer Overflow Vulnerability
 iDefense Labs 10 Apr 2008
iDefense Security Advisory 04.09.08: EMC DiskXtender MediaStor Format String Vulnerability
 iDefense Labs 10 Apr 2008
iDefense Security Advisory 04.09.08: IBM DB2 Universal Database Administration Server File Creation Vulnerability
 iDefense Labs 15 Apr 2008
iDefense Security Advisory 04.09.08: IBM DB2 Universal Database db2dasStartStopFMDaemon Buffer Overflow Vulnerability
 iDefense Labs 15 Apr 2008
iDefense Security Advisory 04.14.08: ClamAV libclamav PE WWPack Heap Overflow Vulnerability
 iDefense Labs 15 Apr 2008
iDefense Security Advisory 04.15.08: Oracle Application Express Privilege Escalation Vulnerability
 iDefense Labs 16 Apr 2008
iDefense Security Advisory 04.17.08: Multiple Vendor OpenOffice EMF EMR_BITBLT Record Integer Overflow Vulnerability
 iDefense Labs 17 Apr 2008
iDefense Security Advisory 04.17.08: Multiple Vendor OpenOffice OLE DocumentSummaryInformation Heap Overflow Vulnerability
 iDefense Labs 17 Apr 2008
iDefense Security Advisory 04.17.08: Multiple Vendor OpenOffice QPRO File Parsing Integer Underflow Vulnerability
 iDefense Labs 17 Apr 2008
iDefense Security Advisory 04.17.08: Multiple Vendor OpenOffice QPRO Multiple Heap Overflow Vulnerabilities
 iDefense Labs 17 Apr 2008
Internet explorer 7.0 spoofing
 Mike Diaz 02 Apr 2008
 jplopezy_at_nospam 02 Apr 2008
 w0lfd33m_at_nospam 01 Apr 2008
IOActive Security Advisory: Buffer overflow in Python zlib extension module
 Justin Ferguson 09 Apr 2008
IOActive Security Advisory: Incorrect input validation in PyString_FromStringAndSize() leads to multiple buffer overflows
 Justin Ferguson 11 Apr 2008
IRM Security Advisory : RedDot CMS SQL injection vulnerability
 Mark Crowther 21 Apr 2008
Joomla Component com_lms SQL Injection
 no-reply_at_nospam 03 Apr 2008
Koobi CMS 4.2.4/4.2.5/4.3.0 Multiple Remote SQL Injection Vulnerabilities
 sys-project_at_nospam 15 Apr 2008
Koobi Pro 6.25 poll Remote SQL Injection Vulnerability
 Sabun_at_nospam 15 Apr 2008
KwsPHP (Upload) Remote Code Execution Exploit
 ajax_at_nospam 15 Apr 2008
KwsPHP Module ConcoursPhoto XSS
 hsx_at_nospam 04 Apr 2008
LayerOne 2008 - Final Pre-Con Update
 Layer One 23 Apr 2008
licq remote DoS?
 mrangelov_at_nospam 10 Apr 2008
 3APA3A 10 Apr 2008
 Milen Rangelov 08 Apr 2008
LightNEasy v.1.2.2 flat Multiple Vulnerabilities
 darkz.gsa_at_nospam 18 Apr 2008
London DEFCON meet - Thursday 1st May - DC4420
 Major Malfunction 27 Apr 2008
Medium security hole affecting Festival on Debian unstable/testing and Ubuntu Hardy Heron
 Tim Brown 03 Apr 2008
Microsoft SWI blog inaccuracies
 Amit Klein 28 Apr 2008
Microsoft Windows DNS Stub Resolver Cache Poisoning (MS08-020)
 Amit Klein 08 Apr 2008
Microsoft Works 7 WkImgSrv.dll crash POC
 wsn1983_at_nospam 17 Apr 2008
Minibb 2.2a XSS Vulnerability
 irancrash_at_nospam 28 Apr 2008
Multiple vulnerabilities
 Robert Buchholz 17 Apr 2008
Multiple vulnerabilities in HP OpenView NNM 7.53
 Luigi Auriemma 08 Apr 2008
 Luigi Auriemma 07 Apr 2008
NetClassifieds Sql Injection
 laurent.gaffie_at_nospam 23 Apr 2008
 noreply_at_nospam 23 Apr 2008
New tool released : Syslog Fuzzer
 jaime.blasco_at_nospam 08 Apr 2008
OneSecurityDay 2008 - Web application auditing challenge
 bugtraq_at_nospam 13 Apr 2008
openMosix userspace library stack-based buffer overflow
 nixpanic_at_nospam 10 Apr 2008
 jose_at_nospam 06 Apr 2008
Oracle - Hardcoded Password and Password Reset of OUTLN User [DB13]
 ak_at_nospam 16 Apr 2008
Oracle - SQL Injection in package SDO_GEOM [DB06]
 ak_at_nospam 16 Apr 2008
Oracle - SQL Injection in package SDO_IDX [DB07]
 ak_at_nospam 16 Apr 2008
Oracle - SQL Injection Vulnerability in SDO_UTIL [DB05]
 ak_at_nospam 16 Apr 2008
paFileDB 3.1 Remote SQL Injection
 noreply_at_nospam 10 Apr 2008
Parallels virtuozzo's VZPP multiple csrf vulnerabilities
 poplix 02 Apr 2008
PHPSlideShow (toonchapter8.php) Cross-Site Scripting Vulnerability
 contact_at_nospam 16 Apr 2008
POC2008 call for papers
 pocadm_at_nospam 03 Apr 2008
Powered by gCards v1.46 SQL
 packet_at_nospam 21 Apr 2008
 turkish-warriorr_at_nospam 18 Apr 2008
PR07-43: Cross-domain redirect on RSA Authentication Agent
 ProCheckUp Research 23 Apr 2008
PR07-44: XSS on RSA Authentication Agent login page
 ProCheckUp Research 23 Apr 2008
project announcement - oCERT - Open Source CERT
 Andrea Barisani 12 Apr 2008
Pu Arcade component for Joomla - SQL injection
 netmantis.com_at_nospam 09 Apr 2008
R.I.P. rgod
 Christian Kujau 30 Apr 2008
 Christian Kujau 29 Apr 2008
 blacklight_at_nospam 26 Apr 2008
 ipsdix_at_nospam 25 Apr 2008
Recon 2008 CFP last call, early registration open
 Recon Conference 03 Apr 2008
remote file include
 win32.exe_at_nospam 15 Apr 2008
 win32.exe_at_nospam 15 Apr 2008
rPSA-2008-0136-1 cups
 rPath Update Announcements 04 Apr 2008
rPSA-2008-0138-1 tshark wireshark
 rPath Update Announcements 04 Apr 2008
rPSA-2008-0139-1 gnome-ssh-askpass openssh openssh-client openssh-server
 rPath Update Announcements 04 Apr 2008
rPSA-2008-0149-1 idle python
 rPath Update Announcements 25 Apr 2008
rPSA-2008-0151-1 libpng
 Liran Cohen 30 Apr 2008
 rPath Update Announcements 29 Apr 2008
S21SEC-041-en:Cezanne SW Cross-Site Scripting
 S21sec labs 14 Apr 2008
S21SEC-042-en:Cezanne SW Cross-Site Scripting (login required)
 S21sec labs 14 Apr 2008
S21SEC-043-en:Cezanne SW Blind SQL Injection
 S21sec labs 14 Apr 2008
SAP Netweaver 6.40-7.0 Cross-Site-Scripting
 jaime.blasco_at_nospam 09 Apr 2008
Sea-Surfing on the Motorola Surfboard
 th3.r00k.nospam_at_nospam 18 Apr 2008
Secunia Research: activePDF DocConverter Applix Graphics Parsing Vulnerabilities
 Secunia Research 14 Apr 2008
Secunia Research: activePDF DocConverter Folio Flat File Parsing Buffer Overflows
 Secunia Research 14 Apr 2008
Secunia Research: Adobe Flash Player "Declare Function (V7)" Heap Overflow
 Secunia Research 14 Apr 2008
Secunia Research: Autonomy Keyview Applix Graphics Parsing Vulnerabilities
 Secunia Research 14 Apr 2008
Secunia Research: Autonomy Keyview EML Reader Buffer Overflows
 Secunia Research 14 Apr 2008
Secunia Research: Autonomy Keyview Folio Flat File Parsing Buffer Overflows
 Secunia Research 14 Apr 2008
Secunia Research: HP OpenView Network Node Manager OpenView5.exe Directory Traversal
 Secunia Research 14 Apr 2008
Secunia Research: Internet Explorer Data Stream Handling Vulnerability
 Secunia Research 14 Apr 2008
Secunia Research: Lotus Notes Applix Graphics Parsing Vulnerabilities
 Secunia Research 14 Apr 2008
Secunia Research: Lotus Notes EML Reader Buffer Overflows
 Secunia Research 14 Apr 2008
Secunia Research: Lotus Notes Folio Flat File Parsing Buffer Overflows
 Luigi Auriemma 15 Apr 2008
 Secunia Research 14 Apr 2008
Secunia Research: Lotus Notes htmsr.dll Buffer Overflows
 Secunia Research 14 Apr 2008
Secunia Research: Lotus Notes kvdocve.dll Path Processing Buffer Overflow
 Secunia Research 14 Apr 2008
Secunia Research: Symantec Mail Security Applix Graphics Parsing Vulnerabilities
 Secunia Research 14 Apr 2008
Secunia Research: Symantec Mail Security Folio Flat File Parsing Buffer Overflows
 Secunia Research 14 Apr 2008
Simple Machines Forum "SMF Shoutbox" Mod Persistent XSS
 pobore_at_nospam 22 Apr 2008
Smf 1.1.4 Remote File Inclusion Vulnerabilities
 douchbag_at_nospam 21 Apr 2008
SugarCRM Community Edition Local File Disclosure Vulnerability
 roberto.suggi_at_nospam 29 Apr 2008
Swiki 1.5 Multiple Cross-Site Scripting Vulnerabilities
 brad.antoniewicz_at_nospam 07 Apr 2008
SyScan'08 Singapore - Call for Paper
 organiser_at_nospam 20 Apr 2008
TCP/IP security vulnerability disclosed
 J. Oquendo 01 Apr 2008
Team SHATTER Security Advisory: IBM DB2 UDB Arbitrary code execution in ADMIN_SP_C/ADMIN_SP_C2 procedures
 Team SHATTER 18 Apr 2008
Team SHATTER Security Advisory: IBM DB2 UDB Arbitrary file overwrite in SYSPROC.NNSTAT procedure
 Team SHATTER 18 Apr 2008
Team SHATTER Security Advisory: Multiple DoS in JAR files manipulation procedures
 Team SHATTER 18 Apr 2008
Terracotta Personal Edition Multiple vulnerabilities
 joseph.giron13_at_nospam 01 Apr 2008
TheGreenBowVPN, Login Credentials Disclosure
 evilcry_at_nospam 05 Apr 2008
Token Kidnapping (Microsoft Security Advisory 951306) presentation available
 Cesar 19 Apr 2008
Trillian 3.1 basic nick crash
 jplopezy_at_nospam 24 Apr 2008
Trillian 3.1.9.0 DTD File Buffer Overflow
 david130490_at_nospam 11 Apr 2008
Troopers08 Security Conference, April 23/24 (Munich/Germany)
 Enno Rey 15 Apr 2008
Tumbleweed SecureTransport FileTransfer ActiveX Control Buffer Overflow
 Patrick Webster 07 Apr 2008
VMSA-2008-0007 Moderate Updated Service Console packages pcre, net-snmp, and OpenPegasus
 VMware Security team 16 Apr 2008
Vulnerabilities in kses-based HTML filters
 lpilorz_at_nospam 02 Apr 2008
w2b.ru multiple products SQL Injection
 noreply_at_nospam 10 Apr 2008
Wayport Public Access PC Authentication Bypass Weakness
 Pascal Cretain 08 Apr 2008
Webwasher Denial of Service Vulnerability
 security_at_nospam 03 Apr 2008
Wikepage Opus 13 2007.2 Directory Traversal Vulnerbility
 yeppy_at_nospam 08 Apr 2008
 virangar_nml_at_nospam 07 Apr 2008
Wikepage Wiki v.2007-2 Cross-Site Scripting
 darkz.gsa_at_nospam 18 Apr 2008
WiKID wClient-PHP <= 3.0-2 Multiple XSS Vulnerabilities
 ascii 11 Apr 2008
WoltLab(R) Community Framework WCF 1.0.6
 marc.deroche_at_nospam 12 Apr 2008
WoltLab(R) Community Framework XSS and Full Path Disclosure Vulnerability
 Jessica Hope 07 Apr 2008
WordPress 2.5 - Salt cracking vulnerability
 J. Carlos Nieto 15 Apr 2008
Wordpress 2.5 Cookie Integrity Protection Vulnerability
 Steven J. Murdoch 25 Apr 2008
Writers Block SQL Injection Vulnerabilities
 nebelfrost23_at_nospam 02 Apr 2008
xine-lib NES Sound Format Demuxer Buffer Overflow
 Guido Landi 23 Apr 2008
 laurent.gaffie_at_nospam 23 Apr 2008
Xoops All Version -Articles- Article.PHP (ID) Blind SQL Injection ExpL0it
 crazy_kinq_at_nospam 19 Apr 2008
XSS Attack
 hadikiamarsi_at_nospam 29 Apr 2008
Yourfreeworld Styleish Text Ads Script
 rohit_at_nospam 29 Apr 2008
ZDI-08-014: Apple Quicktime Multiple Opcode Memory Corruption Vulnerabilities
 zdi-disclosures_at_nospam 03 Apr 2008
ZDI-08-015: Apple QuickTime Clipping Region Heap Overflow Vulnerability
 zdi-disclosures_at_nospam 03 Apr 2008
ZDI-08-016: Apple QuickTime MP4A Atom Parsing Heap Corruption Vulnerability
 zdi-disclosures_at_nospam 03 Apr 2008
ZDI-08-017: Apple QuickTime Kodak Encoding Heap Overflow Vulnerability
 zdi-disclosures_at_nospam 03 Apr 2008
ZDI-08-018: Apple QuickTime Run Length Encoding Heap Overflow Vulnerability
 zdi-disclosures_at_nospam 03 Apr 2008
ZDI-08-019: Apple QuickTime Malformed VR obji Atom Parsing Memory Corruption Vulnerability
 zdi-disclosures_at_nospam 03 Apr 2008
ZDI-08-020: Microsoft GDI WMF Parsing Heap Overflow Vulnerability
 zdi-disclosures_at_nospam 08 Apr 2008
ZDI-08-021: Adobe Flash Player DeclareFunction2 Invalid Object Use Vulnerability
 zdi-disclosures_at_nospam 08 Apr 2008
ZDI-08-022: Apple Safari WebKit PCRE Handling Integer Overflow Vulnerability
 zdi-disclosures_at_nospam 16 Apr 2008
Zune software - arbitrary file overwrite
 info_at_nospam 23 Apr 2008