bugtraq (date)

bugtraq (date)

[Thread Index] [Top] [All Lists]

February 28, 2007

[ MDKSA-2007:050 ] - Updated Firefox packages fix multiple vulnerabilities, security, 18:03
Re: Xbox 360 Hypervisor Privilege Escalation Vulnerability, anohacker, 17:39
[CAID 35112]: CA eTrust Intrusion Detection Denial of Service Vulnerability, Williams, James K, 14:07
[USN-428-1] Firefox vulnerabilities, Martin Pitt, 13:36
Evading the Norman SandBox Analyzer, Arne Vidstrom, 12:38
Re: Xbox 360 Hypervisor Privilege Escalation Vulnerability, gera, 12:23
RE: MSIE7 browser entrapment vulnerability (probably Firefox, too), perpetualmotionuk, 12:09
Cisco Security Advisory: Cisco Catalyst 6000, 6500 and Cisco 7600 Series MPLS Packet Vulnerability, Cisco Systems Product Security Incident Response Team, 11:56
Cisco Security Advisory: Cisco Catalyst 6000, 6500 Series and Cisco 7600 Series NAM (Network Analysis Module) Vulnerability, Cisco Systems Product Security Incident Response Team, 11:42

February 27, 2007

Re: WordPress Search Function SQL-Injection, ascii, 18:56
Re: WordPress Search Function SQL-Injection, kelson, 18:46
Xbox 360 Hypervisor Privilege Escalation Vulnerability, Anonymous Hacker, 18:33
Re: WordPress Search Function SQL-Injection, Justin Frydman - Thinkweb Media, 18:19
[NETRAGARD-20070220 SECURITY ADVISORY] [McAfee VirusScan for Mac (Virex) Local root exploit and Scan Bypass], Netragard Security Advisories, 18:18
iDefense Security Advisory 02.27.07: Computer Associates eTrust Intrusion Detection Denial of Service Vulnerability, iDefense Labs, 17:22
Nullsoft ShoutcastServer Persistant XSS - 0day, SaMuschie, 17:09
WordPress Search Function SQL-Injection, SaMuschie, 16:59
rPSA-2007-0043-1 php php-mysql php-pgsql, rPath Update Announcements, 15:26
RE: SYMSA-2007-002: Palm OS Treo Find Feature System Password Bypass, Roger A. Grimes, 13:12
[ GLSA 200702-12 ] CHMlib: User-assisted remote execution of arbitrary code, Raphael Marichez, 12:30
[ GLSA 200702-11 ] MPlayer: Buffer overflow, Raphael Marichez, 12:19
Wordpress 2.1.1 - Multiple Script Injection Vulnerabilities, Stefan Friedli, 12:06
Re: [Full-disclosure] Firefox onUnload + document.write() memory corruption vulnerability (MSIE7 null ptr), Michal Zalewski, 11:52
Re: [Full-disclosure] ViewCVS 0.9.4 issues, Moritz Naumann, 11:29

February 26, 2007

Few unreported vulnerabilities by SehaTo, 3APA3A, 19:19
Re: XXS in script Phorum, brian, 18:46
ViewCVS 0.9.4 issues, Moritz Naumann, 18:39
MTCMS multiple upload vulnerabilities, none, 18:25
Re: MSIE7 browser entrapment vulnerability (probably Firefox, too), Michal Zalewski, 17:56
Re: [Full-disclosure] Firefox Cache Hack - Firefox History Hack redux, Ismail Dönmez, 17:24
XXS in script Phorum, c_r_ck, 17:12
WordPress AdminPanel CSRF/XSS - 0day, SaMuschie, 16:50
Re: [Full-disclosure] Firefox Cache Hack - Firefox History Hack redux, pdp (architect), 16:40
Secunia Software Inspector OS Security Assessment problem, David ROBERT, 16:34
RE: SYMSA-2007-002: Palm OS Treo Find Feature System Password Bypass, McCarty, Eric C., 16:20
Re: [Full-disclosure] Firefox Cache Hack - Firefox History Hack redux, arman, 16:13
[security bulletin] HPSBST02194 SSRT071306 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS07-005 Through MS07-016, security-alert, 16:03
SEC Consult SA-20070226-0 :: File Disclosure in Pagesetter for PostNuke, research, 15:36
rPSA-2007-0040-1 firefox, rPath Update Announcements, 15:17
Know your Enemy: Web Application Threats, Gadi Evron, 14:42
Re: [Full-disclosure] Firefox Cache Hack - Firefox History Hack redux, Ismail Dönmez, 14:23
Re: [Full-disclosure] Firefox Cache Hack - Firefox History Hack redux, pdp (architect), 14:03
SQLiteManager v1.2.0 Multiple Vulnerabilities, simon . itsecurity, 13:51
Re: [Full-disclosure] Firefox Cache Hack - Firefox History Hack redux, Michael Silk, 13:44
Re: ActiveCalendar 1.2.0, Multiple vulnerabilities, simon . itsecurity, 13:39
Re: [Full-disclosure] Firefox onUnload + document.write() memory corruption vulnerability (MSIE7 null ptr), Michal Zalewski, 13:25
Re: [Full-disclosure] Firefox onUnload + document.write() memory corruption vulnerability (MSIE7 null ptr), Ismail Dönmez, 13:08
Re: MSIE7 browser entrapment vulnerability (probably Firefox, too), Jeffrey Katz, 12:56
Re: [Full-disclosure] Firefox onUnload + document.write() memory corruption vulnerability (MSIE7 null ptr), Stan Bubrouski, 12:50
sitex multiple vulnerabilities, none, 12:36
Call for Paper - SyScan'07, Thomas Lim, 12:31
Cursor Injection - A New Method for Exploiting PL/SQL Injection and Potential Defences, David Litchfield, 12:15
[ GLSA 200702-10 ] UFO2000: Multiple vulnerabilities, Raphael Marichez, 12:08
Re: [Full-disclosure] Firefox onUnload + document.write() memory corruption vulnerability (MSIE7 null ptr), Daniel Veditz, 11:57
JBrowser Acces to Admin Panel Exploit, crazy_king, 11:51
[ GLSA 200702-09 ] Nexuiz: Multiple vulnerabilities, Raphael Marichez, 11:40

February 24, 2007

Phpwebgallery-1.4.1, Multiple Cross Site Scripting, simon . itsecurity, 15:40
Coppermine Photo Gallery 1.3.x Blind SQL Injection Exploit, s0cratex, 14:02
Photostand_1.2.0 Multiple Cross Site Scripting, simon . itsecurity, 12:08
ActiveCalendar 1.2.0, Multiple vulnerabilities, simon . itsecurity, 11:55
Blind sql injection attack in INSERT syntax on PHP-nuke <=8.0 Final, krasza, 11:39
Re: Stack Overflow in Third-Party ActiveX Controls affects Multiple Vendor Products Including Some Symantec Consumer Products and Automated Support, John Smith, 11:26
pickle download local file, none, 11:26

February 23, 2007

[ MDKSA-2007:049 ] - Updated spamassassin packages fix DoS vulnerability, security, 18:42
Simple one-file gallery, none, 18:13
Advisory 03/2007: Multiple Browsers Cross Domain Charset Inheritance Vulnerability, Stefan Esser, 17:57
xtcommerce local file include, none, 17:37
shopkitplus local file include, none, 17:23
Re: iDefense Security Advisory 02.22.07: IBM DB2 Universal Database DB2INSTANCE File Creation Vulnerability, Steven M. Christey, 17:08
iDefense Security Advisory 02.23.07: Mozilla Network Security Services SSLv2 Server Stack Overflow Vulnerability, iDefense Labs, 16:47
iDefense Security Advisory 02.23.07: Mozilla Network Security Services SSLv2 Client Integer Underflow Vulnerability, iDefense Labs, 16:22
iDefense Security Advisory 02.23.07: Mozilla Network Security Services SSLv2 Server Stack Overflow Vulnerability, iDefense Labs, 16:03
Stack Overflow in Third-Party ActiveX Controls affects Multiple Vendor Products Including Some Symantec Consumer Products and Automated Support, secure, 15:49
rPSA-2007-0038-1 spamassassin, rPath Update Announcements, 15:13
rPSA-2007-0036-1 kernel, rPath Update Announcements, 14:49
[USN-427-1] enigmail vulnerability, Martin Pitt, 13:59
Secunia Research: Internet Explorer 7 "onunload" Event Spoofing Vulnerability, Secunia Research, 13:42
[ MDKSA-2007:048 ] - Updated php packages fix multiple vulnerabilities, security, 13:25
Firefox onUnload + document.write() memory corruption vulnerability (MSIE7 null ptr), Michal Zalewski, 13:11
[OpenPKG-SA-2007.010] OpenPKG Security Advisory (php), OpenPKG GmbH, 13:10
MSIE7 browser entrapment vulnerability (probably Firefox, too), Michal Zalewski, 12:57
Firefox Cache Hack - Firefox History Hack redux, pdp (architect), 12:50
Re: [Full-disclosure] Firefox bookmark cross-domain surfing vulnerability, Daniel Veditz, 12:45
Re: [ECHO_ADV_66$2007] SendStudio <= 2004.14 Remote File Inclusion Vulnerability, Chris Smith, 12:29
Re: JBoss jmx-console CSRF, pagvac, 12:18
Re: [Full-disclosure] Firefox Cache Hack - Firefox History Hack redux, Ben Bucksch, 12:10
Firefox: onUnload tailgating (MSIE7 entrapment bug variant), Michal Zalewski, 12:01
iDefense Security Advisory 02.22.07: IBM DB2 Universal Database DB2INSTANCE File Creation Vulnerability, iDefense Labs, 11:56
iDefense Security Advisory 02.22.07: IBM DB2 Universal Database Multiple Privilege Escalation Vulnerabilities, iDefense Labs, 11:44

February 22, 2007

[ECHO_ADV_66$2007] SendStudio <= 2004.14 Remote File Inclusion Vulnerability, erdc, 20:01
Re: [Full-disclosure] Firefox bookmark cross-domain surfing vulnerability, pdp (architect), 19:51
Re: [Full-disclosure] iDefense Security Advisory 02.15.07: Multiple Vendor ClamAV CAB File Denial of Service Vulnerability, aCaB, 19:05
Re[2]: Solaris telnet vulnberability - how many on your network?, Steven M. Christey, 18:31
iDefense Security Advisory 02.22.07: VeriSign ConfigChk ActiveX Control Buffer Overflow Vulnerability, iDefense Labs, 18:26
FlashGameScript v1.5.4 Remote File Inclusion Vulnerability, malic89, 18:09
RE: SYMSA-2007-002: Palm OS Treo Find Feature System Password Bypass, Roger A. Grimes, 18:04
Connectix Boards <= 0.7 (p_skin) Multiple Vulnerabilities Exploit, gmdarkfig, 17:54
Re: Firefox: about:blank is phisher's best friend, Michal Zalewski, 17:32
Re: Firefox: about:blank is phisher's best friend, Florian Weimer, 17:14
Re[2]: [Full-disclosure] Microsoft Windows 2000/XP/2003/Vista ReadDirectoryChangesW informaton leak, 3APA3A, 16:49
WebSpell > 4.0 Authentication Bypass and arbitrary code execution, r . verton, 16:36
JBoss jmx-console CSRF, buben . razuma, 16:22
JBrowser acces to admin/config files, sn0oPy . team, 16:21
Re: [Full-disclosure] Firefox bookmark cross-domain surfing vulnerability, Michal Zalewski, 16:06
Hasadya Raed, RaeD Hasadya, 16:05
RE: Overtaking Google Desktop, Yair Amit, 15:31
RE: Re[2]: Solaris telnet vulnberability - how many on your network?, Roger A. Grimes, 15:18
SaphpLesson v3.0 SQL Injection Exploit, gamr-14, 15:12
Re: Web Apps- Rad Upload Version 3.02 Remote File Include Vulnerability, e4c5, 14:59
pheap [edit LFI] vulnerability, none, 14:58
LoveCMS 1.4 multiple vulnerabilities, none, 14:40
Plantilla PHP Simple, none, 14:25
SYMSA-2007-002-1: Palm OS Treo Find Feature System Password Bypass, research, 14:14
Re: Re: SYMSA-2007-002: Palm OS Treo Find Feature System Password Bypass, chgsupra1, 14:09
Re: SYMSA-2007-002: Palm OS Treo Find Feature System Password Bypass, chgsupra1, 13:54
Magic News Plus File Inclusion And Xss Vulnerabilitis, security, 13:42
Pics Navigator Directory Traversal Vulnerability, sn0oPy . team, 13:39
Re: Drive-by Pharming Threat, hlockhar, 13:25
OWASP JBroFuzz 0.5 Fuzzer Released!, subere, 13:24
Re: [Full-disclosure] Firefox bookmark cross-domain surfing vulnerability, Michal Zalewski, 13:01
Microsoft Windows 2000/XP/2003/Vista ReadDirectoryChangesW informaton leak, 3APA3A, 12:55
[USN-426-1] Ekiga vulnerabilities, Kees Cook, 12:39
Re[2]: Solaris telnet vulnberability - how many on your network?, Thierry Zoller, 12:38
[USN-425-1] slocate vulnerability, Kees Cook, 12:22
Re: [Full-disclosure] Firefox: serious cookie stealing / same-domain bypass vulnerability, Michal Zalewski, 12:20
Re: [Full-disclosure] Firefox bookmark cross-domain surfing vulnerability, pdp (architect), 12:05
Re: [Full-disclosure] Firefox bookmark cross-domain surfing vulnerability, pdp (architect), 12:04
Firefox bookmark cross-domain surfing vulnerability, Michal Zalewski, 11:46

February 21, 2007

iDefense Security Advisory 02.16.07: Trend Micro ServerProtect Web Interface Authorization Bypass Vulnerability, iDefense Labs, 18:22
[ MDKSA-2007:047 ] - Updated kernel packages fix multiple vulnerabilities and bugs, security, 16:33
Re: Jboss vulnerability (AUSCERT#2007d2feb), AusCERT, 16:30
Call Center Software - Remote Xss Post Exploit -, corrado . liotta, 16:17
[ MDKSA-2007:044 ] - Updated ekiga packages fix string vulnerabilities., security, 15:19
Re: Solaris telnet vulnberability - how many on your network?, Edsel Adap, 14:50
Nabopoll Blind SQL Injection vulnerabilies, s0cratex, 14:27
[ MDKSA-2007:045 ] - Updated gnomemeeting packages fix string vulnerabilities, security, 14:03
Players disconnection in Simbin racing games, Luigi Auriemma, 13:28
Re: ProFTPD 1.3.0/1.3.0a (mod_ctrls support) Local Buffer Overflow Exploit, Mark Wadham, 13:17
Cisco Security Advisory: Multiple Vulnerabilities in 802.1X Supplicant, Cisco Systems Product Security Incident Response Team, 13:13
Re: ProFTPD 1.3.0/1.3.0a (mod_ctrls support) Local Buffer Overflow Exploit, str0ke, 12:59
/bin/ls with gid=0 in Debian linux-ftpd, Paul Szabo, 12:39
Cisco Security Advisory: Cisco Unified IP Conference Station and IP Phone Vulnerabilities, Cisco Systems Product Security Incident Response Team, 12:35
Overtaking Google Desktop, Yair Amit, 12:20
[USN-424-1] PHP vulnerabilities, Martin Pitt, 12:09
XLAtunes 0.1 (album) Remote SQL Injection Vulnerability, Guns, 11:49
[ MDKSA-2007:046 ] - Updated gnucash packages fix temp file issues., security, 11:36

February 20, 2007

Re: Re: Apache Multiple Injection Vulnerabilities, hugo, 20:30
qwik-smtpd format string, hotturk, 20:07
Re: Jboss vulnerability, ben . dexter, 19:50
MediaWiki Cross-site Scripting, eyal, 19:08
Re: Jboss vulnerability, Javier Antunez, 18:56
TSRT-07-02: Trend Micro ServerProtect eng50.dll Stack Overflow Vulnerabilities, TSRT, 18:28
VMware Workstation multiple denial of service and isolation manipulation vulnerabilities, EitanCaspi@yahoo.com, 18:19
TSRT-07-01: Trend Micro ServerProtect StCommon.dll Stack Overflow Vulnerabilities, TSRT, 18:13
[USN-423-1] MoinMoin vulnerabilities, Kees Cook, 17:56
Re: Apache Multiple Injection Vulnerabilities, Amit Klein, 17:10
RE: Solaris telnet vulnberability - how many on your network?, Nate Eldredge, 16:53
Re: Drive-by Pharming Threat, Jeremy Saintot, 16:39
NukeSentinel 2.5.05 (nsbypass.php) Blind SQL Injection Exploit, gmdarkfig, 16:32
Re: [Full-disclosure] Drive-by Pharming Threat, auto400208, 16:27
Re: [Full-disclosure] Drive-by Pharming Threat, auto400208, 16:13
Re: [Full-disclosure] Drive-by Pharming Threat, Andrew Farmer, 15:58
Re: [Full-disclosure] Drive-by Pharming Threat, Martin Johns, 15:43
ProFTPD 1.3.0/1.3.0a (mod_ctrls support) Local Buffer Overflow Exploit, Guns, 15:25
Re: Drive-by Pharming Threat, auto400208, 15:12
Re: Web Server Botnets and Server Farms as Attack Platforms, Anders Henke, 14:48
AdMentor Script Remote SQL injection Exploit, crazy_king, 14:29
phpXmms 1.0 (tcmdp) Remote File Include Vulnerabilities, ilkerkandemir, 14:17
Metaye Released - ZmbScap, Contact, 14:16
Rootkit Profiler LX, Tobias Klein, 13:56
Re: XLAtunes 0.1 (album) Remote SQL Injection Vulnerability, str0ke, 13:54
Re: Jboss vulnerability, Harry Hoffman, 13:35
RE: Solaris telnet vulnberability - how many on your network?, Michael Wojcik, 13:12
RE: Firefox: about:blank is phisher's best friend, Michael Wojcik, 12:54
Re: Jboss vulnerability, James Davis, 12:53
Re: Solaris telnet vulnberability - how many on your network?, Marco Ivaldi, 12:35
Re: DotClear v1.2.5, contact, 12:14
[ MDKSA-2007:043 ] - Updated clamav packages address multiple issues., security, 11:58
MyCalendar multiple XSS, sn0oPy . team, 11:44
NukeSentinel 2.5.05 (nukesentinel.php) File Disclosure Exploit, gmdarkfig, 11:41
Jboss vulnerability, dexie, 11:28
XLAtunes 0.1 (album) Remote SQL Injection Vulnerability, Guns, 11:26
ESupport Multiple HTML Injection Vulnerabilities, DoZ, 11:12

February 19, 2007

iTunes remote memory corruption vulnerability, poplix, 13:16
Powerschool 404 Admin Exposure, gheetotank, 12:48
Re: [SECURITY] [DSA 1259-1] New fetchmail packages fix information disclosure, Matthias Andree, 12:02
Remote DoS in libevent DNS parsing <= 1.2a, Jon Oberheide, 11:42

February 17, 2007

Re: Solaris telnet vulnberability - how many on your network?, Brandon Butterworth, 19:05
[ GLSA 200702-08 ] AMD64 x86 emulation Sun's J2SE Development Kit: Multiple vulnerabilities, Raphael Marichez, 17:43
Re: Drive-by Pharming Threat, Cedric Blancher, 17:41
Re: Solaris telnet vulnberability - how many on your network?, Cromar Scott, 17:30
[ GLSA 200702-07 ] Sun JDK/JRE: Execution of arbitrary code, Raphael Marichez, 17:27
[ GLSA 200702-06 ] BIND: Denial of Service, Raphael Marichez, 17:17
Re: Drive-by Pharming Threat, Marcello Barnaba, 17:06
Re: Firefox: about:blank is phisher's best friend, Michal Zalewski, 16:39
Re: Firefox: about:blank is phisher's best friend, zonafirefox, 16:04
mAlbum v0.3 admin by default user/pass, sn0oPy . team, 11:39
DotClear v1.2.5, k4rtal, 11:31
Re: Solaris telnet vulnberability - how many on your network?, Nate Eldredge, 11:23
RE: Drive-by Pharming Threat, Memisyazici, Aras, 11:14
Re: Re: Re: Solaris telnet vulnberability - how many on your network?, Gadi Evron, 11:05

February 16, 2007

Re: Solaris telnet vulnberability - how many on your network?, Darren Reed, 18:19
Firefox: about:blank is phisher's best friend, Michal Zalewski, 18:08
Re: Solaris telnet vulnberability - how many on your network?, greimer, 17:26
Re: Drive-by Pharming Threat, Dennis, 16:51
Re: RE: Re: Re: Solaris telnet vulnberability - how many on your network?, thefinn12345, 16:39
Re: Solaris telnet vulnberability - how many on your network?, Anthony R. Nemmer, 16:18
Re: Re: Re: Solaris telnet vulnberability - how many on your network?, jf, 15:36
RE:Drive-by Pharming Threat, psirt, 15:35
Re: Drive-by Pharming Threat, Mark Senior, 15:12
Re: SYMSA-2007-002: Palm OS Treo Find Feature System Password Bypass, agonline . dummy, 14:58
Re: Re: Re: Solaris telnet vulnberability - how many on your network?, thefinn12345, 14:48
false: Plume CMS 1.2.2 < = RFi Vulnerabilities, Stuart Moore, 14:40
Re: RE: Re: Solaris telnet vulnberability - how many on your network?, thefinn12345, 14:32
utorrent issue?, Gadi Evron, 14:23
phpbb_wordsearch < = RFi Vulnerabilities, k4rtal, 14:10
Plume CMS 1.2.2 < = RFi Vulnerabilities, k4rtal, 13:47
Meganoide's news v1.1.1 < = RFi Vulnerabilities, k4rtal, 13:30
Drake CMS v0.3.2 < = RFi Vulnerabilities, k4rtal, 13:29
Re: SYMSA-2007-002: Palm OS Treo Find Feature System Password Bypass, dkirker, 13:16
Re: Apache Multiple Injection Vulnerabilities, security, 13:13
Ezboo webstats acces to sensitive files, sn0oPy . team, 13:07
RE: Re: Re: Solaris telnet vulnberability - how many on your network?, jf, 12:54
Reflections on Trusting Trust [was: Re: Solaris telnet ...], Gadi Evron, 12:41
Re: Web Server Botnets and Server Farms as Attack Platforms, Tom, 12:41
PBLang 4.60 <= (index.php) Remote File Include Vulnerability, me you, 12:26
Re: Re: Solaris telnet vulnberability - how many on your network?, Hugo van der Kooij, 12:25
Downgrading the Oracle native authentication, sec . list, 12:12
[SECURITY] [DSA 1261-1] New PostgreSQL packages fix several vulnerabilities, Moritz Muehlenhoff, 12:06
Meganoide's news v1.1.1 < = RFi Vulnerabilities, k4rtal, 11:59
[funsec] Quebec Health Officials Fighting Computer Virus (fwd), Gadi Evron, 11:53
Re: Virginity Security Advisory 2007-001 : T-Com Speedport 500V Login bypass, kissme, 11:47
Dem_trac acces to log file wihtout authentification, sn0oPy . team, 11:43
Re: [Full-disclosure] Firefox: serious cookie stealing / same-domain bypass vulnerability, Base64, 11:34
[ GLSA 200702-05 ] Fail2ban: Denial of Service, Raphael Marichez, 11:24

February 15, 2007

Re: Solaris telnet vulnberability - how many on your network?, Damien Miller, 23:14
RE: Re[2]: Solaris telnet vulnberability - how many on your network?, Roger A. Grimes, 23:14
Cisco Security Advisory: Multiple Vulnerabilities in Firewall Services Module, Cisco Systems Product Security Incident Response Team, 23:12
[SECURITY] [DSA 1259-1] New fetchmail packages fix information disclosure, Moritz Muehlenhoff, 23:12
[SECURITY] [DSA 1260-1] New imagemagick package fix arbitrary code execution, Moritz Muehlenhoff, 23:10
Re: Solaris telnet vulnberability - how many on your network?, Leandro Gelasi, 23:02
RE: [Full-disclosure] Solaris telnet vulnberability - how many onyour network?, David Taylor, 22:56
RE: [BLACKLIST] [Full-disclosure] Solaris telnet vulnberability - how many on yournetwork?, Gadi Evron, 22:50
Re: Re: Solaris telnet vulnberability - how many on your network?, thefinn12345, 22:02
Re: [Full-disclosure] Firefox: serious cookie stealing / same-domain bypass vulnerability, pdp (architect), 21:42
Re: Solaris telnet vulnberability - how many on your network?, thefinn12345, 21:10
XSS in [deskpro.com v1.1.0 ], bl4ck, 21:08
iDefense Security Advisory 02.15.07: Multiple Vendor ClamAV CAB File Denial of Service Vulnerability, iDefense Labs, 20:59
RE: Apache Multiple Injection Vulnerabilities, Rogier Mulhuijzen, 20:57
Re: Apache Multiple Injection Vulnerabilities, Amit Klein, 20:56
Re[2]: Solaris telnet vulnberability - how many on your network?, Thierry Zoller, 20:54
Re: [Full-disclosure] Firefox: serious cookie stealing / same-domain bypass vulnerability, Stan Bubrouski, 20:37
iDefense Security Advisory 02.15.07: Multiple Vendor ClamAV MIME Parsing Directory Traversal Vulnerability, iDefense Labs, 20:21
Re: [Full-disclosure] Firefox: serious cookie stealing / same-domain bypass vulnerability, Michal Zalewski, 20:21
Re: [Full-disclosure] Firefox: serious cookie stealing / same-domain bypass vulnerability, pdp (architect), 20:20
Comodo DLL injection via weak hash function exploitation Vulnerability, Matousec - Transparent security Research, 20:19
CedStat v1.31 XSS, sn0oPy . team, 20:15
[security bulletin] HBSBGN02189 SSRT071297 rev.1 ServiceGuard for Linux, Remote Unauthorized Access, security-alert, 20:09
Re: Firefox: serious cookie stealing / same-domain bypass vulnerability, Michal Zalewski, 20:08
Re: Solaris telnet vulnberability - how many on your network?, Darren Reed, 20:08
Re: [BLACKLIST] [Full-disclosure] Solaris telnet vulnberability -, Darren Reed, 19:35
Re: Re[2]: Solaris telnet vulnberability - how many on your network?, Darren Reed, 19:34
Re: local bug :[xxs] in whm, anon . e . mouse, 19:33
XSS in [Calendar Express 2 ], bl4ck, 19:24
Re: Re: Solaris telnet vulnberability - how many on your network?, jf, 19:19
EasyMail Objects v6.5 Connect Method Stack Overflow, Paul Craig, 19:09
Lizardtech DjVu Browser Plug-in - Multiple Vulnerabilities, Brett Moore, 19:03
RE: Re: Solaris telnet vulnberability - how many on your network?, Roger A. Grimes, 18:58
[USN-422-1] ImageMagick vulnerabilities, Kees Cook, 18:44
Re: [BLACKLIST] [Full-disclosure] Solaris telnet vulnberability - how many on yournetwork?, Gadi Evron, 13:37
RE: defacements for the installation of malcode, Gadi Evron, 13:36
Drive-by Pharming Threat, Zulfikar Ramzan, 13:32
Re: Stanford university SCARF user editing, spam, 13:25
Re: Apache Multiple Injection Vulnerabilities, Hugo Vázquez Caramés, 13:20
Re: iDefense Security Advisory 02.15.07: Multiple Vendor ClamAV MIME Parsing Directory Traversal Vulnerability, Alan J. Wylie, 13:10
RE: Re[2]: Solaris telnet vulnberability - how many on your network?, Gadi Evron, 13:04
MSN redirect Bug, h4x0r_ir, 12:59
RE: Re[2]: Solaris telnet vulnberability - how many on your network?, Evans, Thomas, 12:48
Re: Solaris telnet vulnberability - how many on your network?, Gadi Evron, 12:41
Re: [Full-disclosure] Firefox: serious cookie stealing / same-domain bypass vulnerability, Daniel Veditz, 12:33
defacements for the installation of malcode, Gadi Evron, 12:30
RE: defacements for the installation of malcode, Jeremy Epstein, 12:25
Re: [Full-disclosure] Firefox: serious cookie stealing / same-domain bypass vulnerability, Peter Besenbruch, 12:24
Firefox: serious cookie stealing / same-domain bypass vulnerability, Michal Zalewski, 12:24
Re: [BLACKLIST] [Full-disclosure] Solaris telnet vulnberability - how many on yournetwork?, Joep Vesseur, 12:23
Re: [Full-disclosure] Firefox: serious cookie stealing / same-domain bypass vulnerability, Ben Bucksch, 12:22
Re: [Full-disclosure] Firefox: serious cookie stealing / same-domain bypass vulnerability, pdp (architect), 11:42

February 14, 2007

Re: DotClear Full Path Disclosure Vulnerability, Cedric Blancher, 15:26
Re: Jupiter CMS 1.1.5 Multiple Vulnerabilities, gmdarkfig, 15:03
Apache Multiple Injection Vulnerabilities, hugo, 14:46
Re: DotClear Full Path Disclosure Vulnerability, Raphaël HUCK, 14:35
Argument injection issues, Steven M. Christey, 14:27
Re: Solaris telnet vulnberability - how many on your network?, Casper . Dik, 14:12
Re: Solaris telnet vulnberability - how many on your network?, Joe Shamblin, 14:02
Re: Solaris telnet vulnberability - how many on your network?, Gadi Evron, 13:41
Solaris telnet vuln solutions digest and network risks, Gadi Evron, 13:26
Cisco Security Advisory: Multiple Vulnerabilities in Cisco PIX and ASA Appliances, Cisco Systems Product Security Incident Response Team, 13:12
WebTester 5.0.2 sql injection and XSS vulnerabilities, Moran Zavdi, 12:46
Jupiter CMS 1.1.5 Multiple Vulnerabilities, gmdarkfig, 12:33
[security bulletin] HPSBUX02192 SSRT061233 rev.1 - HP-UX Running ARPA Transport, Local Denial of Service (DoS), security-alert, 12:20
HPSBUX02191 SSRT071302 rev.1 - HP-UX Running SLSd, Remote Unauthorized Arbitrary File Creation, security-alert, 12:11
Secunia Research: MailEnable Web Mail Client Multiple Vulnerabilities, Secunia Research, 11:56
iDefense Security Advisory 02.13.07: Hewlett-Packard HP-UX SLSd Arbitrary File Creation Vulnerability, iDefense Labs NO-REPLY, 11:45
SYMSA-2007-002: Palm OS Treo Find Feature System Password Bypass, research, 11:23
[ GLSA 200702-04 ] RAR, UnRAR: Buffer overflow, Raphael Marichez, 11:23

February 13, 2007

MS Interactive Training .cbo Overflow, Brett Moore, 19:23
RE: [Full-disclosure] Solaris telnet vulnberability - how many onyour network?, Peter Ferrie, 19:00
Re: Solaris telnet vulnberability - how many on your network?, Casper . Dik, 18:47
[ GLSA 200702-03 ] Snort: Denial of Service, Raphael Marichez, 18:36
Re: Solaris telnet vulnberability - how many on your network?, Casper . Dik, 18:35
Re: Solaris telnet vulnberability - how many on your network?, Gadi Evron, 18:22
Re: Solaris telnet vulnberability - how many on your network?, Gadi Evron, 18:08
[ GLSA 200702-02 ] ProFTPD: Local privilege escalation, Raphael Marichez, 18:07
Re: Solaris telnet vulnberability - how many on your network?, Casper . Dik, 17:53
Re: Solaris telnet vulnberability - how many on your network?, Gadi Evron, 17:42
iDefense Security Advisory 02.13.07: Microsoft 'wininet.dll' FTP Reply Null Termination Heap Corruption Vulnerability, iDefense Labs NO-REPLY, 17:29
Re: Solaris telnet vulnberability - how many on your network?, georg . oppenberg, 17:16
Re: DotClear Full Path Disclosure Vulnerability, Gmail account, 17:03
Re: Denial Of Service in Internet Explorer for MS Windows Mobile 5.0, Nicolas RUFF, 16:52
[ GLSA 200702-01 ] Samba: Multiple vulnerabilities, Raphael Marichez, 16:38
Re: [BLACKLIST] [Full-disclosure] Solaris telnet vulnberability - how many on yournetwork?, Casper . Dik, 16:25
Fullaspsite Shop (tr) Xss & SqL İnj. VulnZ., ShaFuq31, 16:11
RE: Solaris telnet vulnberability - how many on your network?, Michal Zalewski, 15:58
Re: Firefox focus stealing vulnerability (possibly other browsers), Michal Zalewski, 15:49
Re: DotClear Full Path Disclosure Vulnerability, Cedric Blancher, 15:27
Re: Solaris telnet vulnberability - how many on your network?, Casper . Dik, 15:23
UPDATE: [ GLSA 200611-05 ] Netkit FTP Server: Privilege escalation, Raphael Marichez, 15:08
Re: DotClear Full Path Disclosure Vulnerability, Cedric Blancher, 15:04
Cisco Security Advisory: Multiple IOS IPS Vulnerabilities, Cisco Systems Product Security Incident Response Team, 14:53
RE: Solaris telnet vulnberability - how many on your network?, Gadi Evron, 14:39
RE: Solaris telnet vulnberability - how many on your network?, Gadi Evron, 14:25
RE: Solaris telnet vulnberability - how many on your network?, Oliver Friedrichs, 14:11
Re: DotClear Full Path Disclosure Vulnerability, Raphaël HUCK, 13:59
RE: [BLACKLIST] [Full-disclosure] Solaris telnet vulnberability - how many on yournetwork?, Michael Wojcik, 13:57
Re: Firefox focus stealing vulnerability (possibly other browsers), Andreas Beck, 13:41
Re: DotClear Full Path Disclosure Vulnerability, Cedric Blancher, 13:12
RE: XSS in lighttpd, Bart Seresia, 13:07
Re: DotClear Full Path Disclosure Vulnerability, Raphaël HUCK, 12:57
Re: [Full-disclosure] Firefox focus stealing vulnerability (possibly other browsers), pdp (architect), 12:54
Re: [Full-disclosure] Firefox focus stealing vulnerability (possibly other browsers), Ben Bucksch, 12:42
TSLSA-2007-0007 - multi, Trustix Security Advisor, 12:35
Re: TFTP directory traversal in Kiwi CatTools, support, 12:21
NDSS: Network and Distributed Systems Security, Crispin Cowan, 12:20
RE: Solaris telnet vulnberability - how many on your network?, Oliver Friedrichs, 12:05
[ MDKSA-2007:042 ] - Updated smb4k packages fix numerous vulnerabilities, security, 11:57
Aruba Mobility Controller Management Buffer Overflow, security, 11:49
Re: Web Server Botnets and Server Farms as Attack Platforms, Steven M. Christey, 11:40
Aruba Networks - Unauthorized Administrative and WLAN Access through Guest Account, security, 11:36

February 12, 2007

Re: Firefox focus stealing vulnerability (possibly other browsers), Michal Zalewski, 20:04
Re: Firefox focus stealing vulnerability (possibly other browsers), Michal Zalewski, 19:45
Re: [BLACKLIST] [Full-disclosure] Solaris telnet vulnberability - how many on yournetwork?, Thierry Zoller, 19:39
Inertia News Remote File İnclude, crazy_king, 19:32
Re: [Full-disclosure] Firefox focus stealing vulnerability (possibly other browsers), Michal Zalewski, 19:19
PHP 5.2.1 crash bug, squeeky . mouse, 19:09
XSS in eWay, bl4ck, 18:58
SecurityVulns.com: Microsoft Visual C++ 8.0 standard library time functions invalid assertion DoS (Problem 3000)., 3APA3A, 18:50
XSS in lighttpd, bl4ck, 18:44
XSS in communityserver !, bl4ck, 18:30
Solaris telnet vulnberability - how many on your network?, Gadi Evron, 18:24
XSS in JBoss Portal, bl4ck, 18:16
Firefox focus stealing vulnerability (possibly other browsers), Michal Zalewski, 18:08
Virtual Calendar <= (pwd.txt) Remote Password Disclosur Vulnerability, me you, 18:01
Port randomization paper, Fernando Gont, 17:46
Re: [Full-disclosure] Solaris telnet vulnberability - how many on your network?, armin walland, 17:43
Windows logoff bug solution possibly., Rage Coder, 17:31
Oreon1.2.x Series Exploit Coded, hotturk, 17:22
Re: [Full-disclosure] Firefox focus stealing vulnerability (possibly other browsers), pdp (architect), 17:09
[USN-417-3] PostgreSQL regression, Martin Pitt, 17:02
Radical Technologies - Portal Search- multiple XSS issue, claxus, 16:47
Re: Re[2]: Ipswitch WS_FTP Server 5.04 multiple arbitrary code execution vulnerabilities, ismaelalfaro, 16:41
Miniwebsvr 0.0.6 - Directory traversal, Daniel Nyström, 16:32
Jportal 2.3.1 CSRF vulnerability, dzitu, 16:17
Firefox/MSIE focus stealing vulnerability - clarification, Michal Zalewski, 16:16
Re: [Full-disclosure] Firefox focus stealing vulnerability (possibly other browsers), Paul Szabo, 15:58
Re: Firefox focus stealing vulnerability (possibly other browsers), Claus Färber, 15:53
Re: [Full-disclosure] Firefox focus stealing vulnerability (possibly other browsers), Ben Bucksch, 15:42
Re: [Full-disclosure] Solaris telnet vulnberability - how many on your network?, Vincent Archer, 15:35
DotClear Full Path Disclosure Vulnerability, raphael . huck, 15:24
Re: [Full-disclosure] Solaris telnet vulnberability - how many on your network?, Huzeyfe Onal, 15:08
Re: [Full-disclosure] Firefox focus stealing vulnerability (possibly other browsers), Michal Zalewski, 15:08
Re: [Full-disclosure] Firefox focus stealing vulnerability (possibly other browsers), Ben Bucksch, 14:50
Web Server Botnets and Server Farms as Attack Platforms, Gadi Evron, 14:50
Re: Firefox focus stealing vulnerability (possibly other browsers), Michal Zalewski, 14:34
Re: [Full-disclosure] Firefox focus stealing vulnerability (possibly other browsers), pdp (architect), 14:18
[OpenPKG-SA-2007.009] OpenPKG Security Advisory (twiki), OpenPKG GmbH, 14:13
Arbitrary file disclosure vulnerability in IP3 NetAccess < 4.1.9.6, Sebastian Wolfgarten, 14:01
Arbitrary file disclosure vulnerability in php rrd browser < 0.2.1 (prb), Sebastian Wolfgarten, 13:53
Re: [Full-disclosure] Firefox focus stealing vulnerability (possibly other browsers), Michal Zalewski, 13:47
KvGuestbook Remote Add Admin Exploit, crazy_king, 13:39
Re: [Full-disclosure] Firefox focus stealing vulnerability (possibly other browsers), pdp (architect), 13:30
Multiple vulnerabilities in phpMyVisites, Nicob, 13:16
Re: [Full-disclosure] Firefox focus stealing vulnerability (possibly other browsers), pdp (architect), 13:15
Re: [Full-disclosure] Firefox focus stealing vulnerability (possibly other browsers), pdp (architect), 12:58
Re: mcRefer SQL injection, gmdarkfig, 12:54
Re: [Full-disclosure] Firefox focus stealing vulnerability (possibly other browsers), Michal Zalewski, 12:44
MediaWiki Full Path Disclosure Vulnerability, raphael . huck, 12:38
phpPolls 1.0.3 (acces to sensitive file), sn0oPy . team, 12:28
Re: [XSS] Qdig - Quick Digital Image Gallery Version 1.2.9.3 and -devel, Andrea Purificato - bunker, 12:24

February 10, 2007

[XSS] Qdig - Quick Digital Image Gallery Version 1.2.9.3 and -devel, Andrea Purificato - bunker, 18:04
nabopoll 1.1.2 sensitive file (admin without password), sn0oPy . team, 13:24
Allons_voter Version 1.0 xss and admin votes, sn0oPy . team, 13:09
mcRefer SQL injection, sn0oPy . team, 12:29
[USN-421-1] MoinMoin vulnerability, Kees Cook, 12:15

February 09, 2007

rPSA-2007-0031-1 kernel, rPath Update Announcements, 18:31
rPSA-2006-0233-1 dbus dbus-glib dbus-qt dbus-x11, rPath Update Announcements, 18:20
[ MDKSA-2007:041 ] - Updated ImageMagick packages fix buffer overflow vulnerability, security, 18:13
Re: PS Information Leak on HP True64 Alpha OSF1 v5.1 1885, Ivan Jager, 16:09
FreeBSD Security Advisory FreeBSD-SA-07:02.bind, FreeBSD Security Advisories, 16:00
Re: PS Information Leak on HP True64 Alpha OSF1 v5.1 1885, Andrea Purificato - bunker, 15:42
XSS in Rainbow with Rainbow.Zen, bl4ck, 15:22
Every MS Exploit, layne, 15:03
RE: Denial Of Service in Internet Explorer for MS Windows Mobile 5.0, McCarty, Eric C., 14:37
local bug :[xxs] in whm, ali, 14:17
Call for Papers: IT-Incident Management and IT-Forensics 2007, Oliver Goebel, 14:02
Re: Denial Of Service in Internet Explorer for MS Windows Mobile 5.0, Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP], 13:49
Capital Request Forms Db Username and Password Vulnerabilities, gokhankaya, 12:45
Ovidentia Exploit Codeds, hotturk, 12:33
Denial Of Service in Internet Explorer for MS Windows Mobile 5.0, clappymonkey, 12:21
PAKCON III: Call for Papers [cfp], Ayaz Ahmed Khan, 12:09
[Reversemode Advisory] TrendMicro Products - multiple privilege escalation vulnerabilities., Reversemode, 11:58
eXtreme File Hosting remote file upload vulnerability, hamed . bazargani, 11:46
[ MDKSA-2007:037-1 ] - Updated postgresql packages address multiple vulnerabilities, security, 11:38

February 08, 2007

rPSA-2007-0029-1 ImageMagick, rPath Update Announcements, 18:28
rPSA-2007-0028-1 gd, rPath Update Announcements, 18:19
ZDI-07-007: HP Mercury LoadRunner Agent Stack Overflow Vulnerability, zdi-disclosures, 18:11
TFTP directory traversal in Kiwi CatTools, Nicob, 17:42
Multiple vulnerabilities in SAP WebAS 6.40 and 7.00 (technical details), Nicob, 17:34
[security bulletin] HPSBMA02190 SSRT071300 rev.1 - HP OpenView Storage Data Protector, Local Execution of Arbitrary Code, security-alert, 17:24
[security bulletin] HPSBGN02187 SSRT061280 rev.1 - Mercury LoadRunner, Performance Center, Monitor over Firewall, Remote Unauthenticated Arbitrary Code Execution, security-alert, 17:15
rPSA-2007-0025-2 postgresql postgresql-server, rPath Update Announcements, 11:56
Re: remote file include in whm (all version), Mailinglists Address, 11:34

February 07, 2007

Re: Defeating CAPTCHAs via Averaging, noreply9871234, 18:18
remote file include in whm (all version), ali, 18:07
Ability to inject and execute any code as root in SysCP, flo, 16:29
[ MDKSA-2007:039 ] - Updated gtk+2.0 packages address DoS, LSB issues, several bugs, security, 15:59
iDefense Security Advisory 02.07.07: Trend Micro AntiVirus UPX Parsing Kernel Buffer Overflow Vulnerability, iDefense Labs, 15:41
iDefense Security Advisory 02.07.07: RARLabs Unrar Password Prompt Buffer Overflow Vulnerability, iDefense Labs, 15:22
[ MDKSA-2007:040 ] - Updated kernel packages fix multiple vulnerabilities and bugs, security, 15:16
iDefense Security Advisory 02.07.07: Trend Micro TmComm Local Privilege Escalation Vulnerability, iDefense Labs, 15:04
Re: Jetty Session ID Prediction, Chris Anley, 13:51
Re: VBulletin AdminCP Index.PHP Multiple Cross-Site Scripting Vulnerability, kier, 13:39
XLNC1 Radio Classical Music Nuke Portal Remote File Inc. Vuln., gokhankaya, 13:30
rPSA-2007-0026-1 samba samba-swat, rPath Update Announcements, 13:24
[SECURITY] [DSA 1258-1] New Mozilla Firefox packages fix several vulnerabilities, Martin Schulze, 13:12
[ MDKSA-2007:038 ] - Updated php packages to address multiple issues, security, 13:00
[ MDKSA-2007:037 ] - Updated postgresql packages address multiple vulnerabilities, security, 12:51
[ MDKSA-2007:036 ] - Updated libwmf packages fix embedded gd DoS vulnerability., security, 12:40
[ MDKSA-2007:035 ] - Updated gd packages fix DoS vulnerability., security, 12:30
Medium level security hole in FreeProxy, Tim Brown, 12:22

February 06, 2007

MySQLNewsEngine (affichearticles.php3) Remote File Inc. Vuln., gokhankaya, 18:05
[USN-417-2] PostgreSQL 8.1 regression, Martin Pitt, 16:17
VBulletin AdminCP Index.PHP Multiple Cross-Site Scripting Vulnerability, DoZ, 15:48
[USN-419-1] Samba vulnerabilities, Kees Cook, 15:38
[USN-420-1] KDE library vulnerability, Kees Cook, 15:21
[security bulletin] HPSBUX02181 SSRT061289 rev.2 - HP-UX Running IPFilter, Remote Unauthorized Denial of Service (DoS), security-alert, 15:14
Re: Jetty Session ID Prediction, Michal Zalewski, 15:09
Re: Jetty Session ID Prediction, Amit Klein, 15:00
rPSA-2007-0025-1 postgresql postgresql-server, rPath Update Announcements, 14:22
PS Information Leak on HP True64 Alpha OSF1 v5.1 1885, Andrea \"bunker\" Purificato, 14:01
Every MS Exploit, layne, 13:44
[USN-418-1] Bind vulnerabilities, Kees Cook, 13:40
Re: Jetty Session ID Prediction, Michal Zalewski, 13:11
Re: Jetty Session ID Prediction, Amit Klein, 12:28
Re: [Full-disclosure] PS Information Leak on HP Tru64 Alpha OSF1 v5.1 1885, Andrea \"bunker\" Purificato, 12:14
Unofficial SQL-Ledger patch for CVE-2007-0667, Chris Travers, 12:04
Firefox 2.0.0.1 and Opera 9.10 Anty Fraud/Phishing Protection bypass., Kanedaaa Bohater, 11:48
Re: Jetty Session ID Prediction, Chris Anley, 11:36

February 05, 2007

Sql injection bugs in Joomla and Mambo, Omid, 19:23
Re: Jetty Session ID Prediction, Michal Zalewski, 19:02
Sql injection bugs in Virtuemart and Letterman, Omid, 18:42
Firefox + popup blocker + XMLHttpRequest + srand() = oops, Michal Zalewski, 18:16
iDefense Security Advisory 02.02.07: Blue Coat Systems WinProxy CONNECT Method Heap Overflow Vulnerability, iDefense Labs, 18:06
[USN-417-1] PostgreSQL vulnerabilities, Martin Pitt, 17:58
Uphotogallery Multiple Cross-Site Scripting Vulnerability, DoZ, 17:35
[ MDKSA-2007:034 ] - Updated samba packages address multiple vulnerabilities, security, 17:24
Mina Ajans Script Remote File Inclusion Vuln., canberx, 17:12
rPSA-2007-0023-1 tshark wireshark, rPath Update Announcements, 16:53
Re: dvddb-0.6 media sql-inj. vuln., str0ke, 16:33
Les News v2.2 [Admin news without password], sn0oPy . team, 16:15
[SECURITY] [DSA 1257-1] New samba packages fix several vulnerabilities, Moritz Muehlenhoff, 15:55
Sql injection bugs in PHP-Nuke, Omid, 15:37
Re: Web 2.0 backdoors made easy with MSIE & XMLHttpRequest, Amit Klein, 15:23
[SAMBA-SECURITY] CVE-2007-0454: Format string bug in afsacl.so VFS plugin, Gerald (Jerry) Carter, 15:09
Cold Fusion Web Server XSS 0 day, digi7al64, 15:01
Re: [Full-disclosure] Firefox + popup blocker + XMLHttpRequest + srand() = oops, Michal Zalewski, 14:42
Re: Jetty Session ID Prediction, Amit Klein, 14:36
Re: local Calendar System v1.1 (lcStdLib.inc) Remote File Include, Steven M. Christey, 14:19
dvddb-0.6 media remote file include vuln., gokhankaya, 13:52
[SAMBA-SECURITY] CVE-2007-0453: Buffer overrun in nss_winbind.so.1 on Solaris, Gerald (Jerry) Carter, 13:32
[SAMBA-SECURITY] CVE-2007-0452: Potential DoS against smbd in Samba 3.0.6 - 3.0.23d, Gerald (Jerry) Carter, 13:23
Re: [Full-disclosure] Firefox + popup blocker + XMLHttpRequest + srand() = oops, pdp (architect), 13:09
TSLSA-2007-0005 - multi, Trustix Security Advisor, 12:57
Jetty Session ID Prediction, NGSSoftware Insight Security Research, 12:53
flashChat 4.7.8 Cross Site Scripting Vulnerability, binaryloc, 12:39
Wap Portal Serve 1.* <= Remote File Inclusion, stormhacker, 12:38
dvddb-0.6 media sql-inj. vuln., gokhankaya, 12:23
Sql injection bugs in Xoops 2.0.16 + Weblinks module, Omid, 12:12
Adrenalin's ASP Chat XSS, sn0oPy . team, 11:52
MysearchEngine XSS, sn0oPy . team, 11:39
Vmare workstation guest isolation weaknesses (clipboard transfer), EitanCaspi@yahoo.com, 11:28

February 03, 2007

Re: Web 2.0 backdoors made easy with MSIE & XMLHttpRequest, Michal Zalewski, 17:03
Ublog Reload Admin Panel Multiple HTML Injections, DoZ, 12:15
[ MDKSA-2007:033 ] - Updated wireshark packages fix multiple vulnerabilities, security, 12:06
Security Advisory for Bugzilla 2.20.3, 2.22.1, and 2.23.3, mkanat, 11:57
[ MDKSA-2007:032 ] - Updated mpg123 packages fix DoS vulnerability., security, 11:48
Re: Re: Ipswitch WS_FTP Server 5.04 multiple arbitrary code execution vulnerabilities, michal . bucko, 11:39
[ MDKSA-2007:031 ] - Updated kdelibs packages fix KHTML vulnerability, security, 11:30

February 02, 2007

Re[2]: Ipswitch WS_FTP Server 5.04 multiple arbitrary code execution vulnerabilities, 3APA3A, 16:02
Re: Ipswitch WS_FTP Server 5.04 multiple arbitrary code execution vulnerabilities, Steven M. Christey, 15:20
Re: Sourceforge compromized?, Karl Schlitt, 14:39
Re: strange behavior on Cisco 2801, Eloy Paris, 14:27
Re: Sourceforge compromized?, Tim, 13:36
Re: Sourceforge compromized?, Serguei A. Mokhov, 13:25
Re: Sourceforge compromized?, Eliah Kagan, 13:17
Chicken of the VNC 2.0 remote DoS, poplix, 12:05
Sourceforge compromized?, Michael Scheidell, 11:50
Re: SMF "index.php?action=pm" Cross Site-Scripting, grudge, 11:40

February 01, 2007

Re: strange behavior on Cisco 2801, Neil Anderson, 20:17
Phishing Evolution Report Released, Carl Jongsma, 18:50
Cerulean Portal System (phpbb_root_path) Remote File Include Exploit, xorontr, 17:56
Omegaboard v1.0b4 (phpbb_root_path) Remote File Include Exploit, xorontr, 17:40
php web portail [remote file include & local file include], saps . audit, 16:22
strange behavior on Cisco 2801, Marcin, 16:09
[USN-415-1] GTK vulnerability, Kees Cook, 16:03
Comodo Multiple insufficient argument validation of hooked SSDT function Vulnerability, Matousec - Transparent security Research, 12:10
Ipswitch WS_FTP Server 5.04 multiple arbitrary code execution vulnerabilities, Michal Bucko, 11:44
Re: Defeating CAPTCHAs via Averaging, Andreas Beck, 11:38