Mail Index
- Re: 0-day ANI vulnerability in Microsoft Windows (CVE-2007-0038)
- Re: 0-day ANI vulnerability in Microsoft Windows (CVE-2007-0038)
- RE: [Full-disclosure] 0-day ANI vulnerability in Microsoft Windows(CVE-2007-0038)
- CA BrightStor ARCserve Backup Mediasvr.exe vulnerability
- On-going Internet Emergency and Domain Names
- Windows .ANI Stack Overflow Exploit
- Re: 0-day ANI vulnerability in Microsoft Windows (CVE-2007-0038)
- PHP-Fusion 'Calendar_Panel' Module show_event.PHP (m_month) SQL Injection Exploit And PoC
- Remot File Include In SLAED_CMS_2
- Remot File Include In Shop-SCRIPT FREE
- Remot File Include In Aardvark Topsites PHP 5
- Re: Xoops All Version -Articles- Print.PHP (ID) Blind SQL Injection Exploit And PoC
- From: vaughan . montgomery
- MS announces out-of-band patch for ANI 0day
- 2BGal 3.1.1 <= (admin/index.php) Remote File Include Vulnerability
- From: BorN To K!LL BorN To K!LL
- [SECURITY] [DSA 1274-1] New file packages fix arbitrary code execution
- [ GLSA 200703-27 ] Squid: Denial of Service
- [security bulletin] HPSBMA02198 SSRT061177 rev.1 - HP OpenView Network Node Manager (OV NNM) Remote Unauthorized Access
- [ GLSA 200703-28 ] CUPS: Denial of Service
- Re: Drake CMS v0.3.2 < = RFi Vulnerabilities
- DirectAdmin persistant XSS [takeover an Administrator`s account]
- Norton Multiple insufficient argument validation of hooked SSDT function Vulnerability
- From: Matousec - Transparent security Research
- Re: Denial of Service Vulnerabilities in TrueCrypt 4.3 Linux (re. bid 23180)
- 0day Oracle 10g exploit - dbms_aq.enqueue - become DBA
- From: Andrea \"bunker\" Purificato
- Windows XP/Vista (.ANI) Remote Exploit (bypass eeye patch)
- Maplab <= 2.2.1 (gszAppPath) Remote File Inclusion Vulnerability
- iDefense Security Advisory 03.31.07: Multiple Vendor ImageMagick DCM and XWD Buffer Overflow Vulnerabilities
- More information on ZERT patch for ANI 0day
- WOVB #01: Bypassing Vista Firewall, Flying over obstructive line
- Re: AIX 4.3 lsmcode local root command execution
- APOP vulnerability
- iDefense Security Advisory 04.02.07: Hewlett-Packard Mercury Quality Center ActiveX Control ProgColor Buffer Overflow Vulnerability
- Re: Maplab <= 2.2.1 (gszAppPath) Remote File Inclusion Vulnerability
- Re: Maplab <= 2.2.1 (gszAppPath) Remote File Inclusion Vulnerability
- [CFP] VNSECON 07 - Call for Papers / HCMC - August 03-04, 2007
- [ GLSA 200704-01 ] Asterisk: Two SIP Denial of Service vulnerabilities
- From: Sune Kloppenborg Jeppesen
- iDefense Security Advisory 03.31.07: IBM Tivoli Provisioning Manager for OS Deployment Multiple Vulnerabilities
- [SECURITY] [DSA 1275-1] New zope2.7 packages fix cross-site scripting flaw
- TWOVB][ The Week Of Vista Bugs: the truth is out there
- Re: Exploiting Microsoft dynamic Dns updates
- Re: APOP vulnerability
- [MajorSecurity Advisory #37]HolaCMS - Cross Site Scripting Issue
- MyBulletinBoard (MyBB) <= 1.2.3 Remote Code Execution Exploit
- Re: [Full-disclosure] [RECTIFY] Oracle 10g exploit - dbms_aq.enqueue - become DBA
- From: Andrea \"bunker\" Purificato
- Remote File Include In Script stat12
- Re: APOP vulnerability
- Re[2]: APOP vulnerability
- Re: [Full-disclosure] More information on ZERT patch for ANI 0day
- Re: More information on ZERT patch for ANI 0day
- MITKRB5-SA-2007-002: KDC, kadmind stack overflow in krb5_klog_syslog [CVE-2007-0957]
- MITKRB5-SA-2007-003: double-free vulnerability in kadmind (via GSS-API library) [CVE-2007-1216]
- FLEA-2007-0006-2: ImageMagick
- From: Foresight Linux Essential Announcement Service
- iDefense Security Advisory 04.03.07: Microsoft Windows WMF Triggerable Kernel Design Error DoS Vulnerability
- Re: 0day Oracle 10g exploit - dbms_aq.enqueue - become DBA
- MITKRB5-SA-2007-001: telnetd allows login as arbitrary user [CVE-2007-0956]
- Re: 0day Oracle 10g exploit - dbms_aq.enqueue - become DBA
- From: Andrea Purificato - bunker
- Re: On-going Internet Emergency and Domain Names
- iDefense Security Advisory 04.03.07: Multiple Vendor Kerberos kadmind Buffer Overflow Vulnerability
- FLEA-2007-0007-1: nas
- From: Foresight Linux Essential Announcement Service
- Re: More information on ZERT patch for ANI 0day
- From: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]
- ZDI-07-012: Yahoo! Messenger AudioConf ActiveX Control Buffer Overflow
- FLEA-2007-0006-1: ImageMagick
- From: Foresight Linux Essential Announcement Service
- [SECURITY] [DSA 1276-1] New krb5 packages fix several vulnerabilities
- [ GLSA 200704-02 ] MIT Kerberos 5: Arbitrary remote code execution
- From: Sune Kloppenborg Jeppesen
- Nine Vista CVEs, including Microsoft inaccurate Teredo use case documentation
- [ GLSA 200704-05 ] zziplib: Buffer Overflow
- [ MDKSA-2007:075 ] - Updated qt4 packages to address utf8 decoder bug
- iDefense Security Advisory 04.03.07: Multiple Vendor X Server fonts.dir File Parsing Integer Overflow Vulnerability
- [ GLSA 200704-03 ] OpenAFS: Privilege escalation
- Three New Papers on Oracle Forensics
- rPSA-2007-0063-1 krb5 krb5-server krb5-services krb5-test krb5-workstation
- From: rPath Update Announcements
- CYBSEC Pre-Advisory: SAP TRUSTED_SYSTEM_SECURITY RFC Function Information Disclosure
- iDefense Security Advisory 04.03.07: Multiple Vendor X Server XC-MISC Extension Memory Corruption Vulnerability
- CYBSEC Security Pre-Advisory: SAP RFC_START_PROGRAM RFC Function Multiple Vulnerabilities
- lite-cms-0.2.1 Remote File Include Vulnerabilities
- CYBSEC Security Pre-Advisory: SAP RFC_START_GUI RFC Function Buffer Overflow
- CYBSEC Security Pre-Advisory: SAP SYSTEM_CREATE_INSTANCE RFC Function Buffer Overflow
- CYBSEC Security Pre-Advisory: SAP RFC_SET_REG_SERVER_PROPERTY RFC Function Denial Of Service
- [USN-449-1] krb5 vulnerabilities
- CYBSEC Release: SAP Security - Paper & Tool release
- From: Mariano Nuñez Di Croce
- rPSA-2007-0064-1 ImageMagick
- From: rPath Update Announcements
- [MajorSecurity Advisory #38]eXV2 CMS - Session fixation and Cross-Site-Scripting Issues
- [ MDKSA-2007:074 ] - Updated qt3 packages to address utf8 decoder bug
- Remot File Include In phpexplorator_2_0
- [USN-448-1] X.org vulnerabilities
- iXon_CMS 0.30 Remote File Include Vulnerabilities
- rPSA-2007-0067-1 nas
- From: rPath Update Announcements
- K-CMS v1.0 Remote File Include Vulnerabilities
- rPSA-2007-0066-1 kdelibs qt-x11-free
- From: rPath Update Announcements
- Monkey CMS v0.0.3 Remote File Include Vulnerabilitiy
- phpechocms v.2 Cross-Site Scripting Vulnerabilitiy
- iDefense Security Advisory 04.03.07: Multiple Vendor X Server BDF Font Parsing Integer Overflow Vulnerability
- phpechocms2 Remote File Include Vulnerabilities
- rPSA-2007-0065-1 freetype xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs
- From: rPath Update Announcements
- MyBlog: PHP and MySQL Blog/CMS software Cross-Site Scripting Vulnerabilitiy
- MyBlog: PHP and MySQL Blog/CMS software Remote File Include Vulnerabilitiy
- [ MDKSA-2007:076 ] - Updated kdelibs packages to address UTF8 issue in KJS
- Mozilla Firefox Insecure Element Stealth Injection Vulnerability
- Re: Denial of Service Vulnerabilities in TrueCrypt 4.3 Linux (re. bid 23180)
- rPSA-2007-0062-1 firefox
- From: rPath Update Announcements
- High Risk Vulnerability in OpenOffice
- From: NGSSoftware Insight Security Research
- Several Windows image viewers vulnerabilities
- Re: More information on ZERT patch for ANI 0day
- Re: More information on ZERT patch for ANI 0day
- Re: More information on ZERT patch for ANI 0day
- From: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]
- [SECURITY] [DSA 1277-1] New XMMS packages fix arbitrary code execution
- Gazi Okul Sitesi 2007(tr)(fotokategori.asp) Remote SQL Injection
- [ MDKSA-2007:077 ] - Updated krb5 packages fix vulnerabilities
- Firefox extensions go Evil - Critical Vulnerabilities in Firefox/Firebug
- VMSA-2007-0003 VMware ESX 3.0.1 and 3.0.0 server security updates
- From: VMware Security team
- [ MDKSA-2007:078 ] - Updated kernel packages fix multiple vulnerabilities and bugs
- [ MDKSA-2007:079 ] - Updated xorg-x11/XFree86 packages fix integer overflow vulnerabilities
- Re: [WEB SECURITY] Firefox extensions go Evil - Critical Vulnerabilities in Firefox/Firebug
- LedgerSMB 1.2.0 finally released, fixes CVE-2006-5589
- [ MDKSA-2007:080 ] - Updated tightvnc packages fix integer overflow vulnerabilities
- [ MDKSA-2007:081 ] - Updated freetype2 packages fix vulnerability
- iDefense Security Advisory 04.04.07: Kaspersky AntiVirus SysInfo ActiveX Control Information Disclosure Vulnerability
- iDefense Security Advisory 04.04.07: Kaspersky Internet Security Suite klif.sys Heap Overflow Vulnerability
- Microsoft .NET request filtering bypass vulnerability (BID 20753)
- iDefense Security Advisory 04.04.07: ESRI ArcSDE Buffer Overflow Vulnerability
- FLEA-2007-0008-1: krb5
- From: Foresight Linux Essential Announcement Service
- FLEA-2007-0009-1: xorg-x11 freetype
- From: Foresight Linux Essential Announcement Service
- Wserve HTTP Server 4.6 Version (Long Directory Name) Buffer Overflow - Denial Of Service
- FLEA-2007-0010-1: evolution
- From: Foresight Linux Essential Announcement Service
- [security bulletin] HPSBUX02204 SSRT071341 rev.1 - HP-UX Running CIFS Server (Samba), Remote Denial of Service (DoS)
- Re: Firefox extensions go Evil - Critical Vulnerabilities in Firefox/Firebug
- Re: Nine Vista CVEs, including Microsoft inaccurate Teredo use case documentation
- ACLS ineffective in SQL-Ledger and LedgerSMB
- ZDI-07-014: Kaspersky Anti-Virus ActiveX Control Unsafe Method Exposure Vulnerablity
- phpContact Multiple Remote File Inclusion Vulnerabilities
- From: rko . thelegendkiller
- [MajorSecurity Advisory #39]onelook onebyone CMS - Session fixation Issue
- ZDI-07-013: Kaspersky AntiVirus Engine ARJ Archive Parsing Heap Overflow Vulnerability
- [MajorSecurity Advisory #40]onelook oboShop - Session fixation Issue
- [MajorSecurity Advisory #41]onelook courts online - Session fixation Issue
- livor 2.5 Cross-Site Scripting Vulnerability
- From: rko . thelegendkiller
- AOL Nullsoft Winamp LIBSNDFILE.DLL Remote Memory Corruption (Off By Zero)
- AOL Nullsoft Winamp S3M Module "IN_MOD.DLL" Remote Heap Memory Corruption
- AOL Nullsoft Winamp IT Module "IN_MOD.DLL" Remote Heap Memory Corruption
- [SECURITY] [DSA 1278-1] New man-db packages fix arbitrary code execution
- LayerOne 2007 - Speaker Line up Announced
- [ GLSA 200704-06 ] Evince: Stack overflow in included gv code
- [ GLSA 200704-07 ] libwpd: Multiple vulnerabilities
- PHP <= 5.2.1 wbmp file handling integer overflow
- [MajorSecurity Advisory #42]webblizzard CMS - Cross Site Scripting and Session fixation Issues
- Re: Nine Vista CVEs, including Microsoft inaccurate Teredo use case documentation
- CmailServer WebMail <= V.5.3.4 (signup) Remote XSS Exploit
- witshare 0.9 Remote File Include Vulnerabilitiy
- UBB.threads (<= 6.1.1) SQL Injection Vulnerability
- Scorp Book <== v1.0 (smilies.php) Remote File Include Exploit
- Gsylvain35 Portail Web Remote File Include Vulnerabilities
- Take Control In Script Jeebles Directory
- phpMyAdmin 2.6.1 Local Cross Site Scripting
- Remot File Include In Script Lore v1
- DeskPRO v2.0.1 - Cross-Site Scripting Vulnerability
- Request It : Song Request System 1.0b - remote file inclusion
- QuizShock 1.6.1 - Cross-Site Scripting Vulnerability
- Mybb Hot Editor Plugin Local File Inclusion
- Hot Editor v4.0 Local File Inclusion
- Re: Mybb Hot Editor Plugin Local File Inclusion
- From: Kevin Finisterre (lists)
- xodagallery Remote Code Execution Vulnerability
- rPSA-2007-0070-1 openoffice.org
- From: rPath Update Announcements
- iDefense Security Advisory 04.09.07: AOL AIM and ICQ File Transfer Path-Traversal Vulnerability
- Re: Re: Mybb Hot Editor Plugin Local File Inclusion
- [USN-450-1] ipsec-tools vulnerability
- phpGalleryScript 1.0 - File Inclusion Vulnerabilities
- DEF CON One Five CfP in effect!
- EEYE: Windows VDM Zero Page Race Condition Privilege Escalation
- EEYE: Windows Vista CSRSS Dangling Process Pointer Privilege Escalation
- Secunia Research: Microsoft Agent URL Parsing Memory Corruption Vulnerability
- PhpOpenChat <= 3.0.1 (poc.php) Multiple Remote File Include Vulnerabilities
- iDefense Security Advisory 04.10.07: Microsoft Windows Universal Plug and Play Memory Corruption Vulnerability
- [ MDKSA-2007:077-1 ] - Updated krb5 packages fix vulnerabilities
- Re: vbulletin admincp sql injection
- [ MDKSA-2007:081-1 ] - Updated freetype2 packages fix vulnerability
- [USN-451-1] Linux kernel vulnerabilities
- webMethods Glue Management Console Directory Traversal
- [ MDKSA-2007:080-1 ] - Updated tightvnc packages fix integer overflow vulnerabilities
- nEw Bug :D
- pL-PHP beta 0.9 - Multiple Vulnerabilities
- New bug :)
- [MajorSecurity Advisory #43]Calacode ATMail 5.0 - Cross Site Scripting and Cookie Manipulation Issue
- CodeBreak (codebreak.php process_method) - Remote File Inclusion Vulnerability
- Cosign SSO Authentication Bypass
- Re: On-going Internet Emergency and Domain Names
- Re: Latinchat Denial Of Service
- PunBB <= 1.2.14 Remote Code Execution (Exploit)
- PunBB <= 1.2.14 Multiple Vulnerabilities (Advisory)
- Steganos Encrypted Safe NOT so safe
- [ MDKSA-2007:079-1 ] - Updated xorg-x11/XFree86 packages fix integer overflow vulnerabilities
- [ MDKSA-2007:083 ] - Updated apache-mod_perl packages fix DoS vulnerability
- [ MDKSA-2007:075-1 ] - Updated qt4 packages to address utf8 decoder bug
- iDefense Security Advisory 04.11.07: Apache HTTPD suEXEC Multiple Vulnerabilities
- [ MDKSA-2007:082 ] - Updated madwifi-source, wpa_supplicant packages fix vulnerabilities
- E107 - (v0.7.8) Access Escalation Vulnerbility - PoC
- HPSBUX02205 SSRT061120 rev.1 - HP-UX Running ARPA Transport, Local Denial of Service (DoS)
- CVE-2007-1871: Cross site scripting in chcounter 3.1.3
- INFIGO-2007-04-05: Enterprise Security Analyzer server remote buffer overflows
- CVE-2007-1872: Cross site scripting in toendaCMS 1.5.3
- Critical phpwiki c99shell exploit
- [security bulletin] HPSBST02206 SSRT071354 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS07-014
- [security bulletin] HPSBUX01137 SSRT5954 rev.9 - HP-UX Running TCP/IP (IPv4), Remote Denial of Service (DoS)
- [ GLSA 200704-08 ] DokuWiki: Cross-site scripting vulnerability
- [security bulletin] HPSBGN02199 SSRT071312 rev.1 - Mercury Quality Center ActiveX, Remote Unauthorized Arbitrary Code Execution
- Cisco Security Advisory: Multiple Vulnerabilities in the Cisco Wireless LAN Controller and Cisco Lightweight Access Points
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Multiple Vulnerabilities in the Cisco Wireless Control System
- From: Cisco Systems Product Security Incident Response Team
- Re: Critical phpwiki c99shell exploit
- Re: Critical phpwiki c99shell exploit
- Cross site scripting in mephisto 0.7.3
- [security bulletin] HPSBUX02203 SSRT071339 rev.1 - HP-UX Running Portable File System (PFS), Remote Increase in Privilege
- TuMusika Evolution 1.6 Cross Site Scripting Vulnerabilitiy
- phpwebnews v.1 Multiple Cross Site Scripting Vulnerabilites
- Chatness <= 2.5.3 - Arbitrary Code Execution
- Re: Cross site scripting in mephisto 0.7.3
- RE: Critical phpwiki c99shell exploit
- FAC GuestBook v2.0 remote database disclosure vulnerability
- Aircrack-ng (airodump-ng) remote buffer overflow vulnerability
- iDefense Security Advisory 04.12.07: Hewlett Packard HP-UX Remote pfs_mountd.rpc Buffer Overflow Vulnerability
- [USN-452-1] KDE library vulnerability
- [Argeniss] Hacking Databases for owning your data (paper)
- [OPENADS-SA-2007-003] Openads 2.0.11 vulnerability fixed
- [OPENADS-SA-2007-004] Max Media Manager v0.1.29-rc and v0.3.31-alpha-pr2 vulnerability fixed
- [MajorSecurity Advisory #44]MailBee WebMail Pro - Cross Site Scripting Issue
- [waraxe-2007-SA#048] - Multiple vulnerabilities in Virtual War 1.5 module for PhpNuke
- TSRT-07-04: LANDesk Management Suite Alert Service Stack Overflow Vulnerability
- Vbulletin 3.6.5 Sql Injection ! [misc.php]
- bloofoxCMS 0.2.2 Cross Site Scripting
- Re: Vbulletin 3.6.5 Sql Injection ! [misc.php]
- VCDGear <= 3.56 Build 050213 (FILE) Local Code Execution Exploit
- Re: Steganos Encrypted Safe NOT so safe
- Back-End CMS Database Tables v0.4.7 Cross Site Scripting
- MobilePublisherphp v1.1.2 Remote File Include Vulnerabilities
- FloweRS v2.0 Cross Site Scripting
- Maian Search v1.1
- Maian Gallery v1.0
- B2evolution 1.6 RFi
- MySpeach v1.9
- Back-End CMS Database Tables v0.4.7 Remote File Include Vulnerabilities
- Flip-search-add-on 2.0
- Maian Weblog v3.1
- bloofoxCMS 0.2.2 Remote File Include Vulnerabilitiy
- phpMyChat-0.14.5
- Re: VCDGear <= 3.56 Build 050213 (FILE) Local Code Execution Exploit
- Pixaria Gallery 1.0 (class.Smarty.php) Remote File Include Vulnerability
- Re: sitex multiple vulnerabilities
- Re: Maian Gallery v1.0
- Re: Maian Search v1.1
- Sitebar 3.3.5 (index.php writerFile)Remote File Include Vulnerabilities
- [ GLSA 200704-09 ] xine-lib: Heap-based buffer overflow
- Re: [exploits] RPC vuln in DNS Server (fwd)
- LS simple guestbook - arbitrary code execution
- Joomla/Mambo Jambook v1.0 beta7 Rfi Vuln.
- [MajorSecurity Advisory #45]oe2edit CMS - Cross Site Scripting and Cookie Manipulation Issue
- ZoneAlarm Multiple insufficient argument validation of hooked SSDT function Vulnerability
- From: Matousec - Transparent security Research
- ActionPoll Script (actionpoll.php) Remote File Include // starhack.org
- MyBlog <= 0.9.8 Remote Command Execution Exploit
- Re: phpMyChat-0.14.5
- Microsoft DNS Server Remote Code execution: Analysis and exploit
- Windows DNS Cache Poisoning by Forwarder DNS Spoofing
- Re: Critical phpwiki c99shell exploit
- [ GLSA 200704-10 ] Inkscape: Two format string vulnerabilities
- Persistent CSRF and The Hotlink Hell
- iDefense Security Advisory 04.16.07: ClamAV CAB File Unstore Buffer Overflow Vulnerability
- Ivan Gallery Script V.0.1 (index.php) Remote File Include Exploit
- [ GLSA 200704-11 ] Vixie Cron: Denial of Service
- rPSA-2007-0071-1 kernel
- From: rPath Update Announcements
- Akamai Technologies Security Advisory 2007-0001
- From: Akamai Security Team
- [ MDKSA-2007:086 ] - Updated cups packages fix DoS vulnerability
- [ MDKSA-2007:084 ] - Updated ipsec-tools packages fix DoS vulnerability
- [ MDKSA-2007:085 ] - Updated freeradius packages fix DoS vulnerability
- [ GLSA 200704-12 ] OpenOffice.org: Multiple vulnerabilities
- iDefense Security Advisory 04.16.07: Akamai Download Manager ActiveX Stack Buffer Overflow Vulnerability
- Netsprint Toolbar 1.1 arbitrary remote code vulnerability
- PHP Nuke <= 8.0.0.3.3b SQL Injections and Bypass SQL Injection Protection vulnerabilities
- Remot File Include In Script phphd_downloads
- Remot File Include download_engine_V1.4.3
- Wabbit PHP Gallery v0.9 Cross Site Scripting
- my little weblog Cross Site Scripting
- my little forum 1.7 Remote File Include Vulnerabilitiy
- Re: [Full-disclosure] [WEB SECURITY] Persistent CSRF and The Hotlink Hell
- RE: Windows DNS Cache Poisoning by Forwarder DNS Spoofing
- Re: [WEB SECURITY] Persistent CSRF and The Hotlink Hell
- Re: Netsprint Toolbar 1.1 arbitrary remote code vulnerability
- webMethods Security Advisory: Glue console directory traversal vu lnerability
- RE: Windows DNS Cache Poisoning by Forwarder DNS Spoofing
- Re: bloofoxCMS 0.2.2 Remote File Include Vulnerabilitiy
- Internet Explorer Crash
- [security bulletin] HPSBTU02207 SSRT061213, SSRT061239, SSRT071304 rev.1 - HP Tru64 UNIX SSL and BIND Remote Arbitrary Code Execution or Denial of Service (DoS)
- Multiple Ask IE Toolbar denial of service vulnerabilities
- Re[2]: Windows DNS Cache Poisoning by Forwarder DNS Spoofing
- Gizzar <= (basePath) Remote File Include Vulnerability
- From: BorN To K!LL BorN To K!LL
- BlueArc Firmware 4.2.944b FTP bounce
- SYMSA-2007-003 Macrovision InstallAnywhere Password and Serial Number Bypass
- Re: Internet Explorer Crash
- Re: [Full-disclosure] Cross Domain XMLHttpRequest
- ShoutPro 1.5.2 - arbitrary code execution
- Re: Internet Explorer Crash
- From: Thor (Hammer of God)
- WASC-Articles: 'The Importance of Application Classification in Secure Application Development'
- Re: [Full-disclosure] A Botted Fortune 500 a Day
- n.runs-SA-2007.007 - Sun Solaris 10 - Format string vulnerability
- Re: [Full-disclosure] A Botted Fortune 500 a Day
- Re: [Full-disclosure] A Botted Fortune 500 a Day
- Re: [Full-disclosure] A Botted Fortune 500 a Day
- Re: Windows DNS Cache Poisoning by Forwarder DNS Spoofing
- Re: [Full-disclosure] A Botted Fortune 500 a Day
- Mambo/Joomla Component New Article Component RFI
- Cross Domain XMLHttpRequest
- Re: Windows DNS Cache Poisoning by Forwarder DNS Spoofing
- [ GLSA 200704-14 ] FreeRADIUS: Denial of Service
- Re: Internet Explorer Crash
- NukeSentinel Bypass SQL Injection & Nuke Evolution <= 2.0.3 SQL Injections
- Advisory: Bypass Oracle Logon Trigger
- Advisory: SQL Injection in package SYS.DBMS_AQADM_SYS
- iDefense Security Advisory 04.17.07: McAfee VirusScan On-Access Scanner Long Unicode File Name Buffer Overflow
- Advisory: SQL Injection in package SYS.DBMS_UPGRADE_INTERNAL
- Advisory: XSS Vulnerability in Oracle Secure Enterprise Search [SES01]
- Reminder: HITBSecConf2007 - Malaysia: Call for Papers closing in 2 weeks
- Advisory: Shutdown unprotected Oracle TNS Listener via Oracle Discoverer Servlet [AS01]
- [ GLSA 200704-13 ] File: Denial of Service
- Analysis of the Oracle April 2007 Critical Patch Update
- iDefense Security Advisory 04.17.07: McAfee E-Business Admin Server Invalid Data Length DoS Vulnerability
- rPSA-2007-0072-1 lighttpd
- From: rPath Update Announcements
- rPSA-2007-0073-1 php php-mysql php-pgsql
- From: rPath Update Announcements
- [ GLSA 200704-15 ] MadWifi: Multiple vulnerabilities
- rPSA-2007-0074-1 dovecot
- From: rPath Update Announcements
- MediaBeez Sql query Execution .. Wear isn't ?? :)
- Oracle Database Buffer overflow vulnerabilities in package DBMS_SNAP_INTERNAL
- FullyModdedphpBB2 Remote File Inclusion
- Re: Internet Explorer Crash
- Re: [Full-disclosure] A Botted Fortune 500 a Day
- Extreme PHPBB2 Remote File Inclusion
- RE: Windows DNS Cache Poisoning by Forwarder DNS Spoofing
- Re: Windows DNS Cache Poisoning by Forwarder DNS Spoofing
- EclipseBB Remote File Inclusion
- Re: Windows DNS Cache Poisoning by Forwarder DNS Spoofing
- Re: Windows DNS Cache Poisoning by Forwarder DNS Spoofing
- Re: Linksys WAG200G - Information disclosure
- Re: Windows DNS Cache Poisoning by Forwarder DNS Spoofing
- Re: Internet Explorer Crash
- [security bulletin] HPSBST02206 SSRT071354 rev.2 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS07-017
- Re: Internet Explorer Crash
- From: Thor (Hammer of God)
- RE: Re[2]: Windows DNS Cache Poisoning by Forwarder DNS Spoofing
- Re: [funsec] Re: [Full-disclosure] A Botted Fortune 500 a Day
- Re: Windows DNS Cache Poisoning by Forwarder DNS Spoofing
- From: Matthew Dixon Cowles
- NuclearBB Alpha 1 - Multiple Blind SQL/XPath Injection Vulnerabilities
- ZDI-07-015: Novell Groupwise WebAccess Base64 Decoding Stack Overflow Vulnerability
- ZDI-07-016: Oracle E-Business Suite Arbitrary Node Deletion Vulnerability
- ZDI-07-017: Oracle E-Business Suite Arbitrary Document Download Vulnerability
- ZDI-07-018: IBM Tivoli Monitoring Express Universal Agent Heap Overflow Vunlerability
- Re: PHP Nuke <= 8.0.0.3.3b SQL Injections and Bypass SQL Injection Protection vulnerabilities
- Re: Internet Explorer Crash
- ZDI-07-019: BMC Patrol PerformAgent bgs_sdservice Memory Corruption Vulnerability
- ZDI-07-020: BMC Performance Manager SNMP Command Execution Vulnerability
- RE: Re[2]: Windows DNS Cache Poisoning by Forwarder DNS Spoofing
- [USN-453-1] X.org vulnerability
- Re: Internet Explorer Crash
- From: Kevin Finisterre (lists)
- [ MDKSA-2007:087 ] - Updated php packages fix multiple vulnerabilities
- [ MDKSA-2007:088 ] - Updated php packages fix multiple vulnerabilities
- [ MDKSA-2007:089 ] - Updated php packages fix multiple vulnerabilities
- CfP Hack.lu 2007
- Re: ZDI-07-020: BMC Performance Manager SNMP Command Execution Vulnerability
- IPB (Invision Power Board) Full Path Disclusure
- [waraxe-2007-SA#049] - Multiple vulnerabilities in Phorum 5.1.20
- Winamp <= (WMV) 5.3 Buffer Overflow DOS Exploit (0-DAY)
- RaidenFTPd IXceedCompression multiple denial of service vulnerabilities
- Re: Internet Explorer Crash
- Re: Internet Explorer Crash
- Yet another SQL injection framework
- [security bulletin] HPSBMA02133 SSRT061201 rev.4 - HP Oracle for OpenView (OfO) Critical Patch Update
- [ MDKSA-2007:090 ] - Updated php packages fix multiple vulnerabilities
- [ MDKSA-2007:091 ] - Updated sqlite packages fix vulnerability
- [security bulletin] HPSBST02208 SSRT071365 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS07-018 to MS07-022
- Re: Internet Explorer Crash
- NeatUpload vulnerability and fix
- ZDI-07-021: GraceNote CDDBControl ActiveX Buffer Overflow Vulnerability
- Re: Yet another SQL injection framework (file corruption)
- Eba News Version : v1.1 <= (webpages.php) Remote File Include // starhack.org
- Re: Yet another SQL injection framework
- TSLSA-2007-0013 - multi
- From: Trustix Security Advisor
- iDefense Security Advisory 04.20.07: Check Point Zone Labs SRESCAN IOCTL Local Privilege Escalation Vulnerability
- FLEA-2007-0011-1: lighttpd
- From: Foresight Linux Essential Announcement Service
- UseBB Version 1.0.4 Path Disclosure Vulnerability
- Top Auction 1.0 (viewcat.php) Remote Blind SQL Injection // starhack.org
- turbolence core 0.0.1 alpha Remote File Inclusion
- Re: Top Auction 1.0 (viewcat.php) Remote Blind SQL Injection // starhack.org
- WS_FTP Home 2007 NetscapeFTPHandler denial of service
- Allfaclassfieds (level2.php dir) remote file inclusion
- Re: WS_FTP Home 2007 NetscapeFTPHandler denial of service
- [ GLSA 200704-17 ] 3proxy: Buffer overflow
- [Reversemode advisory] CheckPoint Zonelabs - ZoneAlarm SRESCAN driver local privilege escalation
- claroline <= Multiple Remote File Include Vulnerablitiy
- lms 1.5.3 Remote File Inclusion
- EsForum <= 3.0 SQL Injection Vulnerability
- PHPMyBibli <= Multiple Remote File Include
- [ GLSA 200704-16 ] Aircrack-ng: Remote execution of arbitrary code
- File117 Remote File Inclusion
- Ripe Website Manager (<= 0.8.4) - SQL Injection Vulnerability and Cross-Site Scripting Exploit
- [SECURITY] [DSA 1279-1] New webcalendar packages fix cross-site scripting
- [ GLSA 200704-18 ] Courier-IMAP: Remote execution of arbitrary code
- Remote file inclusion in Joomla 1.5.0 Beta
- c-arbre <= Multiple Remote File Include Vulnerablitiy
- FLEA-2007-0013-1: xine-lib
- From: Foresight Linux Essential Announcement Service
- bibtex mase Remote File Inclusion
- FLEA-2007-0012-1: madwifi
- From: Foresight Linux Essential Announcement Service
- WASC-Articles: 'The business case for security frameworks'
- Big Blue Guestbook HTML Injection Vulnerabilities
- 3proxy 0.5.3i bugfix release
- TJSChat Version 0.95 Cross Site Scripting
- [ MDKSA-2007:092 ] - Updated freeradius packages fix vulnerability
- [ GLSA 200704-19 ] Blender: User-assisted remote execution of arbitrary code
- [security bulletin] HPSBUX02183 SSRT061243 rev.1 - HP-UX sendmail, Remote Denial of Service (DoS)
- [ MDKSA-2007:093 ] - Updated zziplib packages fix vulnerability
- RE: Yet another SQL injection framework
- [ GLSA 200704-20 ] NAS: Multiple vulnerabilities
- acvsws_php5_v1.0 <= Multiple Remote File Include Vulnerablitiy
- DmCMS Shell Uploading
- phpMySpace Gold (v8.10) - Blind SQL/XPath Injection Exploit
- Post Revolution Remote File Inclusion
- rPSA-2007-0081-1 postgresql postgresql-server
- From: rPath Update Announcements
- [ GLSA 200704-21 ] ClamAV: Multiple vulnerabilities
- YA Book 0.98 Persistent XSS
- gallery >> 1.5.6 Remote File Inclusion
- Re: claroline <= Multiple Remote File Include Vulnerablitiy
- ImageProcessing ... Local (Denial of Service Exploit)
- Re: gallery >> 1.5.6 Remote File Inclusion
- Security Advisory: CA CleverPath SQL Injection
- Re: gallery >> 1.5.6 Remote File Inclusion
- [security bulletin] HPSBST02200 SSRT071330 rev.1 - HP StorageWorks Command View Advanced Edition for XP, Local Unauthorized Access
- Progress Webspeed exploit for all releases
- [MajorSecurity Advisory #46]Plogger - Session fixation Issue
- [SECURITY] [DSA 1280-1] New aircrack-ng packages fix arbitrary code execution
- 3Com's TippingPoint Denial of Service
- Re: ImageProcessing ... Local (Denial of Service Exploit)
- dcp-portal v611 >> RFi
- ZDI-07-022: CA BrightStor ArcServe Media Server Multiple Buffer Overflow Vulnerabilities
- Re: 3Com's TippingPoint Denial of Service
- Cisco Security Advisory: Default Passwords in NetFlow Collection Engine
- From: Cisco Systems Product Security Incident Response Team
- MyNewsGroups >> RFI in include.php
- HYIP Manager Pro Script >> Remote file Include
- WordPress v2.1.3 >> remote file include~
- HTMLeditbox & 2.2 >> RFI
- DynaTracker &v151>> RFI
- netbingo v 2000 >> RFI
- phpMYTGP v v1.4b >> RFI
- [SECURITY] [DSA 1281-1] New clamav packages fix several vulnerabilities
- sunshop v4 >> RFI
- Shop-Script v 2.0 >> RFI
- adrevenue script (CyKuH.com)>> RFI
- B2 Weblog and News Publishing Tool v0.6.1 >> RFI
- Searchactivity >> RFI
- Built2Go_PHP_Link_Portal_v1.79 >> RFI
- Re: 3Com's TippingPoint Denial of Service
- comus 2.0 Final >> RFI
- blogsystem 1.4 >> local & remote = -rfi & lfi & -xss
- ASA-2007-010: Two stack buffer overflows in SIP channel's T.38 SDP parsing code
- ASA-2007-011: Multiple problems in SIP channel parser handling response codes
- nucleus 3.22 >> RFI
- download engine V1.4.1 >> RFI (local)
- Re: 3Com's TippingPoint Denial of Service
- CFP: 3rd European Conference on Computer Network Defense (EC2ND)
- Remote File Inclusion
- VirtuaNews.Pro.v1.0.3.Retail.+All.Plugins Remote file Include
- IE 7 and Firefox Browsers Digest Authentication Request Splitting
- ASA-2007-012: Remote Crash Vulnerability in Manager Interface
- :doruk100net >> RFI
- [CAID 35277]: CA CleverPath Portal SQL Injection Vulnerability
- [USN-453-2] rdesktop regression
- [ MDKSA-2007:094 ] - Updated postgresql packages fix vulnerability
- [CAID 35198, 35276]: CA BrightStor ARCserve Backup Media Server Vulnerabilities
- modbuild >> 4.1 Remote File Inclusion
- Re: WordPress v2.1.3 >> remote file include~
- SineCMS
- Re: Chicken of the VNC 2.0 remote DoS
- Burak Yılmaz Blog (tr) v1.0 SQL injection vulnerability
- Re: Steganos Encrypted Safe NOT so safe
- [SECURITY] [DSA 1282-1] New php4 packages fix several vulnerabilities
- iDefense Security Advisory 04.26.07: Novell eDirectory NCP Fragment Denial of Service Vulnerability
- TSLSA-2007-0015 - postgresql
- From: Trustix Security Advisor
- FreeBSD Security Advisory FreeBSD-SA-07:03.ipv6
- From: FreeBSD Security Advisories
- [USN-455-1] PHP vulnerabilities
- [USN-454-1] PostgreSQL vulnerability
- iDefense Security Advisory 04.26.07: Symantec Norton Ghost 10 Service Manager Buffer Overflow Vulnerability
- iDefense Security Advisory 04.26.07: Symantec Norton Ghost 10 Recovery Points Insecure Password Storage Vulnerability
- Security Concerns in Web 2.0
- AFFLIB(TM): Time-of-Check-Time-of-Use File Race
- AFFLIB(TM): Multiple Buffer Overflows
- AFFLIB(TM): Multiple Format String Injections
- AFFLIB(TM): Multiple Shell Metacharacter Injections
- [ GLSA 200704-23 ] capi4k-utils: Buffer overflow
- [ GLSA 200704-22 ] BEAST: Denial of Service
- Sphider Version 1.2.x (include_dir) file include
- Seir Anphin (file.php a[filepath]) Remote File Disclosure Vulnerability
Mail converted by MHonArc