bugtraq (thread)

[VulnWatch] iDefense Security Advisory 04.27.07: VMware Workstation Shared Folders Directory Traversal Vulnerability, iDefense Labs, 2007/04/30
[VulnWatch] AFFLIB(TM): Multiple Buffer Overflows, VSR Advisories, 2007/04/29
[VulnWatch] AFFLIB(TM): Time-of-Check-Time-of-Use File Race, VSR Advisories, 2007/04/29
[VulnWatch] AFFLIB(TM): Multiple Shell Metacharacter Injections, VSR Advisories, 2007/04/29
[VulnWatch] AFFLIB(TM): Multiple Format String Injections, VSR Advisories, 2007/04/29
[VulnWatch] iDefense Security Advisory 04.26.07: Symantec Norton Ghost 10 Recovery Points Insecure Password Storage Vulnerability, iDefense Labs, 2007/04/27
[VulnWatch] iDefense Security Advisory 04.26.07: Symantec Norton Ghost 10 Service Manager Buffer Overflow Vulnerability, iDefense Labs, 2007/04/27
[VulnWatch] iDefense Security Advisory 04.26.07: Novell eDirectory NCP Fragment Denial of Service Vulnerability, iDefense Labs, 2007/04/26
[VulnWatch] Apache Illegal Request Handling Possible XSS Vulnerability, Michal Majchrowicz, 2007/04/24
[VulnWatch] Apache/PHP REQUEST_METHOD XSS Vulnerability, Michal Majchrowicz, 2007/04/23
[VulnWatch] iDefense Security Advisory 04.20.07: Check Point Zone Labs SRESCAN IOCTL Local Privilege Escalation Vulnerability, iDefense Labs, 2007/04/23
Top Auction 1.0 (viewcat.php) Remote Blind SQL Injection // starhack.org, seko, 2007/04/22
Re: Internet Explorer Crash, Kevin Finisterre (lists), 2007/04/22
RE: Re[2]: Windows DNS Cache Poisoning by Forwarder DNS Spoofing, Roger A. Grimes, 2007/04/21
MediaBeez Sql query Execution .. Wear isn't ?? :), security, 2007/04/21
[VulnWatch] Oracle Database Buffer overflow vulnerabilities in package DBMS_SNAP_INTERNAL, Team SHATTER, 2007/04/20
[VulnWatch] iDefense Security Advisory 04.17.07: McAfee E-Business Admin Server Invalid Data Length DoS Vulnerability, iDefense Labs, 2007/04/20
[VulnWatch] iDefense Security Advisory 04.17.07: McAfee VirusScan On-Access Scanner Long Unicode File Name Buffer Overflow, iDefense Labs, 2007/04/20
[VulnWatch] iDefense Security Advisory 04.16.07: Akamai Download Manager ActiveX Stack Buffer Overflow Vulnerability, iDefense Labs, 2007/04/19
[VulnWatch] Cross Domain XMLHttpRequest, Michal Majchrowicz, 2007/04/19
Reminder: HITBSecConf2007 - Malaysia: Call for Papers closing in 2 weeks, Praburaajan, 2007/04/18
Akamai Technologies Security Advisory 2007-0001, Akamai Security Team, 2007/04/16
Ivan Gallery Script V.0.1 (index.php) Remote File Include Exploit, seko, 2007/04/16
Microsoft DNS Server Remote Code execution: Analysis and exploit, mballano, 2007/04/16
[ GLSA 200704-11 ] Vixie Cron: Denial of Service, Matthias Geerdsen, 2007/04/16
MyBlog <= 0.9.8 Remote Command Execution Exploit, BlackHawk, 2007/04/16
[MajorSecurity Advisory #45]oe2edit CMS - Cross Site Scripting and Cookie Manipulation Issue, admin, 2007/04/16
ZoneAlarm Multiple insufficient argument validation of hooked SSDT function Vulnerability, Matousec - Transparent security Research, 2007/04/16
ActionPoll Script (actionpoll.php) Remote File Include // starhack.org, seko, 2007/04/16
LS simple guestbook - arbitrary code execution, jd2k2000, 2007/04/16
phpMyChat-0.14.5, k4rtal, 2007/04/14
- Re: phpMyChat-0.14.5, stuart_smith, 2007/04/16
bloofoxCMS 0.2.2 Remote File Include Vulnerabilitiy, the_3dit0r, 2007/04/14
Maian Weblog v3.1, k4rtal, 2007/04/14
Flip-search-add-on 2.0, k4rtal, 2007/04/14
Back-End CMS Database Tables v0.4.7 Remote File Include Vulnerabilities, the_3dit0r, 2007/04/14
MySpeach v1.9, k4rtal, 2007/04/14
B2evolution 1.6 RFi, k4rtal, 2007/04/14
Maian Gallery v1.0, k4rtal, 2007/04/14
Maian Search v1.1, k4rtal, 2007/04/14
FloweRS v2.0 Cross Site Scripting, the_3dit0r, 2007/04/14
MobilePublisherphp v1.1.2 Remote File Include Vulnerabilities, the_3dit0r, 2007/04/14
bloofoxCMS 0.2.2 Cross Site Scripting, the_3dit0r, 2007/04/14
Back-End CMS Database Tables v0.4.7 Cross Site Scripting, the_3dit0r, 2007/04/14
VCDGear <= 3.56 Build 050213 (FILE) Local Code Execution Exploit, meftun, 2007/04/14
Vbulletin 3.6.5 Sql Injection ! [misc.php], seko, 2007/04/13
- Re: Vbulletin 3.6.5 Sql Injection ! [misc.php], scott-REMOVE, 2007/04/14
TSRT-07-04: LANDesk Management Suite Alert Service Stack Overflow Vulnerability, TSRT, 2007/04/13
[waraxe-2007-SA#048] - Multiple vulnerabilities in Virtual War 1.5 module for PhpNuke, come2waraxe, 2007/04/13
[MajorSecurity Advisory #44]MailBee WebMail Pro - Cross Site Scripting Issue, admin, 2007/04/13
[OPENADS-SA-2007-004] Max Media Manager v0.1.29-rc and v0.3.31-alpha-pr2 vulnerability fixed, Matteo Beccati, 2007/04/13
[OPENADS-SA-2007-003] Openads 2.0.11 vulnerability fixed, Matteo Beccati, 2007/04/13
[Argeniss] Hacking Databases for owning your data (paper), Cesar, 2007/04/13
[USN-452-1] KDE library vulnerability, Kees Cook, 2007/04/12
iDefense Security Advisory 04.12.07: Hewlett Packard HP-UX Remote pfs_mountd.rpc Buffer Overflow Vulnerability, iDefense Labs, 2007/04/12
Aircrack-ng (airodump-ng) remote buffer overflow vulnerability, jonny, 2007/04/12
FAC GuestBook v2.0 remote database disclosure vulnerability, the_3dit0r, 2007/04/12
Chatness <= 2.5.3 - Arbitrary Code Execution, jd2k2000, 2007/04/12
phpwebnews v.1 Multiple Cross Site Scripting Vulnerabilites, the_3dit0r, 2007/04/12
TuMusika Evolution 1.6 Cross Site Scripting Vulnerabilitiy, the_3dit0r, 2007/04/12
[security bulletin] HPSBUX02203 SSRT071339 rev.1 - HP-UX Running Portable File System (PFS), Remote Increase in Privilege, security-alert, 2007/04/12
Cross site scripting in mephisto 0.7.3, Hanno Böck, 2007/04/12
- Re: Cross site scripting in mephisto 0.7.3, encytemedia, 2007/04/12
[security bulletin] HPSBGN02199 SSRT071312 rev.1 - Mercury Quality Center ActiveX, Remote Unauthorized Arbitrary Code Execution, security-alert, 2007/04/12
Cisco Security Advisory: Multiple Vulnerabilities in the Cisco Wireless Control System, Cisco Systems Product Security Incident Response Team, 2007/04/12
[ GLSA 200704-08 ] DokuWiki: Cross-site scripting vulnerability, Matthias Geerdsen, 2007/04/12
Cisco Security Advisory: Multiple Vulnerabilities in the Cisco Wireless LAN Controller and Cisco Lightweight Access Points, Cisco Systems Product Security Incident Response Team, 2007/04/12
[security bulletin] HPSBUX01137 SSRT5954 rev.9 - HP-UX Running TCP/IP (IPv4), Remote Denial of Service (DoS), security-alert, 2007/04/12
[security bulletin] HPSBST02206 SSRT071354 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS07-014, security-alert, 2007/04/12
Critical phpwiki c99shell exploit, rurban, 2007/04/12
- Re: Critical phpwiki c99shell exploit, Gadi Evron, 2007/04/12
  - RE: Critical phpwiki c99shell exploit, Ryan Neufeld, 2007/04/12
- Re: Critical phpwiki c99shell exploit, Jamie Riden, 2007/04/12
CVE-2007-1872: Cross site scripting in toendaCMS 1.5.3, Hanno Böck, 2007/04/12
INFIGO-2007-04-05: Enterprise Security Analyzer server remote buffer overflows, infocus, 2007/04/12
CVE-2007-1871: Cross site scripting in chcounter 3.1.3, Hanno Böck, 2007/04/12
HPSBUX02205 SSRT061120 rev.1 - HP-UX Running ARPA Transport, Local Denial of Service (DoS), security-alert, 2007/04/12
E107 - (v0.7.8) Access Escalation Vulnerbility - PoC, jd2k2000, 2007/04/12
[ MDKSA-2007:082 ] - Updated madwifi-source, wpa_supplicant packages fix vulnerabilities, security, 2007/04/11
iDefense Security Advisory 04.11.07: Apache HTTPD suEXEC Multiple Vulnerabilities, iDefense Labs, 2007/04/11
[ MDKSA-2007:075-1 ] - Updated qt4 packages to address utf8 decoder bug, security, 2007/04/11
[ MDKSA-2007:083 ] - Updated apache-mod_perl packages fix DoS vulnerability, security, 2007/04/11
[ MDKSA-2007:079-1 ] - Updated xorg-x11/XFree86 packages fix integer overflow vulnerabilities, security, 2007/04/11
Steganos Encrypted Safe NOT so safe, frankrizzo604, 2007/04/11
- Re: Steganos Encrypted Safe NOT so safe, Andreas Beck, 2007/04/14
PunBB <= 1.2.14 Remote Code Execution (Exploit), gmdarkfig, 2007/04/11
PunBB <= 1.2.14 Multiple Vulnerabilities (Advisory), gmdarkfig, 2007/04/11
Re: Latinchat Denial Of Service, d4rksoft, 2007/04/11
CodeBreak (codebreak.php process_method) - Remote File Inclusion Vulnerability, john, 2007/04/11
[MajorSecurity Advisory #43]Calacode ATMail 5.0 - Cross Site Scripting and Cookie Manipulation Issue, admin, 2007/04/11
[VulnWatch] Cosign SSO Authentication Bypass, Jon Oberheide, 2007/04/11
pL-PHP beta 0.9 - Multiple Vulnerabilities, omnipresent, 2007/04/11
New bug :), asdasd asdsadas, 2007/04/11
nEw Bug :D, asdasd asdsadas, 2007/04/11
[ MDKSA-2007:080-1 ] - Updated tightvnc packages fix integer overflow vulnerabilities, security, 2007/04/11
webMethods Glue Management Console Directory Traversal, Patrick Webster, 2007/04/11
[ MDKSA-2007:081-1 ] - Updated freetype2 packages fix vulnerability, security, 2007/04/10
Re: vbulletin admincp sql injection, rjmjr69, 2007/04/10
[ MDKSA-2007:077-1 ] - Updated krb5 packages fix vulnerabilities, security, 2007/04/10
iDefense Security Advisory 04.10.07: Microsoft Windows Universal Plug and Play Memory Corruption Vulnerability, iDefense Labs, 2007/04/10
Secunia Research: Microsoft Agent URL Parsing Memory Corruption Vulnerability, Secunia Research, 2007/04/10
PhpOpenChat <= 3.0.1 (poc.php) Multiple Remote File Include Vulnerabilities, seko, 2007/04/10
EEYE: Windows Vista CSRSS Dangling Process Pointer Privilege Escalation, eEye Advisories, 2007/04/10
EEYE: Windows VDM Zero Page Race Condition Privilege Escalation, eEye Advisories, 2007/04/10
DEF CON One Five CfP in effect!, The Dark Tangent, 2007/04/10
phpGalleryScript 1.0 - File Inclusion Vulnerabilities, z12xxa, 2007/04/10
[USN-450-1] ipsec-tools vulnerability, Kees Cook, 2007/04/10
iDefense Security Advisory 04.09.07: AOL AIM and ICQ File Transfer Path-Traversal Vulnerability, iDefense Labs, 2007/04/09
rPSA-2007-0070-1 openoffice.org, rPath Update Announcements, 2007/04/09
xodagallery Remote Code Execution Vulnerability, the_3dit0r, 2007/04/09
Hot Editor v4.0 Local File Inclusion, liz0, 2007/04/09
Mybb Hot Editor Plugin Local File Inclusion, liz0, 2007/04/09
- Re: Mybb Hot Editor Plugin Local File Inclusion, Kevin Finisterre (lists), 2007/04/09
- Re: Re: Mybb Hot Editor Plugin Local File Inclusion, liz0, 2007/04/09
QuizShock 1.6.1 - Cross-Site Scripting Vulnerability, john, 2007/04/09
Request It : Song Request System 1.0b - remote file inclusion, mail, 2007/04/09
Gsylvain35 Portail Web Remote File Include Vulnerabilities, the_3dit0r, 2007/04/09
DeskPRO v2.0.1 - Cross-Site Scripting Vulnerability, john, 2007/04/09
Remot File Include In Script Lore v1, RaeD, 2007/04/09
phpMyAdmin 2.6.1 Local Cross Site Scripting, the_3dit0r, 2007/04/09
Take Control In Script Jeebles Directory, RaeD, 2007/04/09
Scorp Book <== v1.0 (smilies.php) Remote File Include Exploit, k4rtal, 2007/04/09
UBB.threads (<= 6.1.1) SQL Injection Vulnerability, john, 2007/04/09
witshare 0.9 Remote File Include Vulnerabilitiy, the_3dit0r, 2007/04/07
CmailServer WebMail <= V.5.3.4 (signup) Remote XSS Exploit, ajannhwt, 2007/04/07
[MajorSecurity Advisory #42]webblizzard CMS - Cross Site Scripting and Session fixation Issues, Securityaudit, 2007/04/07
PHP <= 5.2.1 wbmp file handling integer overflow, Ivan Fratric, 2007/04/07
[ GLSA 200704-07 ] libwpd: Multiple vulnerabilities, Raphael Marichez, 2007/04/07
[ GLSA 200704-06 ] Evince: Stack overflow in included gv code, Raphael Marichez, 2007/04/07
LayerOne 2007 - Speaker Line up Announced, Layer One, 2007/04/06
[SECURITY] [DSA 1278-1] New man-db packages fix arbitrary code execution, Noah Meyerhans, 2007/04/06
AOL Nullsoft Winamp IT Module "IN_MOD.DLL" Remote Heap Memory Corruption, Piotr Bania, 2007/04/06
AOL Nullsoft Winamp S3M Module "IN_MOD.DLL" Remote Heap Memory Corruption, Piotr Bania, 2007/04/06
AOL Nullsoft Winamp LIBSNDFILE.DLL Remote Memory Corruption (Off By Zero), Piotr Bania, 2007/04/06
livor 2.5 Cross-Site Scripting Vulnerability, rko . thelegendkiller, 2007/04/06
[MajorSecurity Advisory #41]onelook courts online - Session fixation Issue, Securityaudit, 2007/04/06
[MajorSecurity Advisory #40]onelook oboShop - Session fixation Issue, Securityaudit, 2007/04/06
ZDI-07-013: Kaspersky AntiVirus Engine ARJ Archive Parsing Heap Overflow Vulnerability, zdi-disclosures, 2007/04/06
[MajorSecurity Advisory #39]onelook onebyone CMS - Session fixation Issue, Securityaudit, 2007/04/06
phpContact Multiple Remote File Inclusion Vulnerabilities, rko . thelegendkiller, 2007/04/06
ZDI-07-014: Kaspersky Anti-Virus ActiveX Control Unsafe Method Exposure Vulnerablity, zdi-disclosures, 2007/04/06
ACLS ineffective in SQL-Ledger and LedgerSMB, Chris Travers, 2007/04/06
[security bulletin] HPSBUX02204 SSRT071341 rev.1 - HP-UX Running CIFS Server (Samba), Remote Denial of Service (DoS), security-alert, 2007/04/05
FLEA-2007-0010-1: evolution, Foresight Linux Essential Announcement Service, 2007/04/05
Wserve HTTP Server 4.6 Version (Long Directory Name) Buffer Overflow - Denial Of Service, UniquE, 2007/04/05
FLEA-2007-0009-1: xorg-x11 freetype, Foresight Linux Essential Announcement Service, 2007/04/05
FLEA-2007-0008-1: krb5, Foresight Linux Essential Announcement Service, 2007/04/05
iDefense Security Advisory 04.04.07: ESRI ArcSDE Buffer Overflow Vulnerability, iDefense Labs, 2007/04/05
Microsoft .NET request filtering bypass vulnerability (BID 20753), research, 2007/04/05
iDefense Security Advisory 04.04.07: Kaspersky Internet Security Suite klif.sys Heap Overflow Vulnerability, iDefense Labs, 2007/04/05
iDefense Security Advisory 04.04.07: Kaspersky AntiVirus SysInfo ActiveX Control Information Disclosure Vulnerability, iDefense Labs, 2007/04/05
[ MDKSA-2007:081 ] - Updated freetype2 packages fix vulnerability, security, 2007/04/05
[ MDKSA-2007:080 ] - Updated tightvnc packages fix integer overflow vulnerabilities, security, 2007/04/05
LedgerSMB 1.2.0 finally released, fixes CVE-2006-5589, Chris Travers, 2007/04/05
[ MDKSA-2007:079 ] - Updated xorg-x11/XFree86 packages fix integer overflow vulnerabilities, security, 2007/04/05
[ MDKSA-2007:078 ] - Updated kernel packages fix multiple vulnerabilities and bugs, security, 2007/04/04
VMSA-2007-0003 VMware ESX 3.0.1 and 3.0.0 server security updates, VMware Security team, 2007/04/04
Firefox extensions go Evil - Critical Vulnerabilities in Firefox/Firebug, pdp (architect), 2007/04/04
- Re: [WEB SECURITY] Firefox extensions go Evil - Critical Vulnerabilities in Firefox/Firebug, Daniel Veditz, 2007/04/05
- Re: Firefox extensions go Evil - Critical Vulnerabilities in Firefox/Firebug, Thor Larholm, 2007/04/06
[ MDKSA-2007:077 ] - Updated krb5 packages fix vulnerabilities, security, 2007/04/04
Gazi Okul Sitesi 2007(tr)(fotokategori.asp) Remote SQL Injection, r00t-balance, 2007/04/04
[SECURITY] [DSA 1277-1] New XMMS packages fix arbitrary code execution, Noah Meyerhans, 2007/04/04
Several Windows image viewers vulnerabilities, Ivan Fratric, 2007/04/04
High Risk Vulnerability in OpenOffice, NGSSoftware Insight Security Research, 2007/04/04
rPSA-2007-0062-1 firefox, rPath Update Announcements, 2007/04/04
Mozilla Firefox Insecure Element Stealth Injection Vulnerability, Michal Majchrowicz, 2007/04/04
- [VulnWatch] Re: [Full-disclosure] Mozilla Firefox Insecure Element Stealth Injection Vulnerability, 3APA3A, 2007/04/06
[ MDKSA-2007:076 ] - Updated kdelibs packages to address UTF8 issue in KJS, security, 2007/04/04
MyBlog: PHP and MySQL Blog/CMS software Remote File Include Vulnerabilitiy, the_3dit0r, 2007/04/04
MyBlog: PHP and MySQL Blog/CMS software Cross-Site Scripting Vulnerabilitiy, the_3dit0r, 2007/04/04
rPSA-2007-0065-1 freetype xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs, rPath Update Announcements, 2007/04/04
phpechocms2 Remote File Include Vulnerabilities, the_3dit0r, 2007/04/04
iDefense Security Advisory 04.03.07: Multiple Vendor X Server BDF Font Parsing Integer Overflow Vulnerability, iDefense Labs, 2007/04/04
phpechocms v.2 Cross-Site Scripting Vulnerabilitiy, the_3dit0r, 2007/04/04
Monkey CMS v0.0.3 Remote File Include Vulnerabilitiy, the_3dit0r, 2007/04/04
rPSA-2007-0066-1 kdelibs qt-x11-free, rPath Update Announcements, 2007/04/04
K-CMS v1.0 Remote File Include Vulnerabilities, the_3dit0r, 2007/04/04
rPSA-2007-0067-1 nas, rPath Update Announcements, 2007/04/04
iXon_CMS 0.30 Remote File Include Vulnerabilities, the_3dit0r, 2007/04/04
Remot File Include In phpexplorator_2_0, RaeD, 2007/04/04
[MajorSecurity Advisory #38]eXV2 CMS - Session fixation and Cross-Site-Scripting Issues, Securityaudit, 2007/04/04
[ MDKSA-2007:074 ] - Updated qt3 packages to address utf8 decoder bug, security, 2007/04/04
CYBSEC Release: SAP Security - Paper & Tool release, Mariano Nuñez Di Croce, 2007/04/04
rPSA-2007-0064-1 ImageMagick, rPath Update Announcements, 2007/04/04
CYBSEC Security Pre-Advisory: SAP RFC_SET_REG_SERVER_PROPERTY RFC Function Denial Of Service, CYBSEC Advisories, 2007/04/04
[USN-449-1] krb5 vulnerabilities, Kees Cook, 2007/04/04
CYBSEC Security Pre-Advisory: SAP SYSTEM_CREATE_INSTANCE RFC Function Buffer Overflow, CYBSEC Advisories, 2007/04/04
lite-cms-0.2.1 Remote File Include Vulnerabilities, the_3dit0r, 2007/04/04
CYBSEC Security Pre-Advisory: SAP RFC_START_GUI RFC Function Buffer Overflow, CYBSEC Advisories, 2007/04/04
CYBSEC Security Pre-Advisory: SAP RFC_START_PROGRAM RFC Function Multiple Vulnerabilities, CYBSEC Advisories, 2007/04/04
iDefense Security Advisory 04.03.07: Multiple Vendor X Server XC-MISC Extension Memory Corruption Vulnerability, iDefense Labs, 2007/04/04
CYBSEC Pre-Advisory: SAP TRUSTED_SYSTEM_SECURITY RFC Function Information Disclosure, CYBSEC Advisories, 2007/04/04
rPSA-2007-0063-1 krb5 krb5-server krb5-services krb5-test krb5-workstation, rPath Update Announcements, 2007/04/04
Three New Papers on Oracle Forensics, David Litchfield, 2007/04/04
[ GLSA 200704-03 ] OpenAFS: Privilege escalation, Raphael Marichez, 2007/04/04
iDefense Security Advisory 04.03.07: Multiple Vendor X Server fonts.dir File Parsing Integer Overflow Vulnerability, iDefense Labs, 2007/04/04
[ MDKSA-2007:075 ] - Updated qt4 packages to address utf8 decoder bug, security, 2007/04/04
[ GLSA 200704-05 ] zziplib: Buffer Overflow, Raphael Marichez, 2007/04/04
Nine Vista CVEs, including Microsoft inaccurate Teredo use case documentation, Jim Hoagland, 2007/04/03
- Re: Nine Vista CVEs, including Microsoft inaccurate Teredo use case documentation, Jim Hoagland, 2007/04/06
- Re: Nine Vista CVEs, including Microsoft inaccurate Teredo use case documentation, GomoR, 2007/04/07
[ GLSA 200704-02 ] MIT Kerberos 5: Arbitrary remote code execution, Sune Kloppenborg Jeppesen, 2007/04/03
[SECURITY] [DSA 1276-1] New krb5 packages fix several vulnerabilities, Moritz Muehlenhoff, 2007/04/03
FLEA-2007-0006-1: ImageMagick, Foresight Linux Essential Announcement Service, 2007/04/03
ZDI-07-012: Yahoo! Messenger AudioConf ActiveX Control Buffer Overflow, zdi-disclosures, 2007/04/03
FLEA-2007-0007-1: nas, Foresight Linux Essential Announcement Service, 2007/04/03
iDefense Security Advisory 04.03.07: Multiple Vendor Kerberos kadmind Buffer Overflow Vulnerability, iDefense Labs, 2007/04/03
Re: On-going Internet Emergency and Domain Names, Bob Fiero, 2007/04/03
- Re: On-going Internet Emergency and Domain Names, Alexander Klimov, 2007/04/11
MITKRB5-SA-2007-001: telnetd allows login as arbitrary user [CVE-2007-0956], Tom Yu, 2007/04/03
iDefense Security Advisory 04.03.07: Microsoft Windows WMF Triggerable Kernel Design Error DoS Vulnerability, iDefense Labs, 2007/04/03
MITKRB5-SA-2007-003: double-free vulnerability in kadmind (via GSS-API library) [CVE-2007-1216], Tom Yu, 2007/04/03
FLEA-2007-0006-2: ImageMagick, Foresight Linux Essential Announcement Service, 2007/04/03
MITKRB5-SA-2007-002: KDC, kadmind stack overflow in krb5_klog_syslog [CVE-2007-0957], Tom Yu, 2007/04/03
Remote File Include In Script stat12, RaeD, 2007/04/03
MyBulletinBoard (MyBB) <= 1.2.3 Remote Code Execution Exploit, gmdarkfig, 2007/04/03
[MajorSecurity Advisory #37]HolaCMS - Cross Site Scripting Issue, SecurityAudit, 2007/04/03
Re: Exploiting Microsoft dynamic Dns updates, Denis Jedig, 2007/04/03
TWOVB][ The Week Of Vista Bugs: the truth is out there, TWOVB Team, 2007/04/03
[SECURITY] [DSA 1275-1] New zope2.7 packages fix cross-site scripting flaw, Noah Meyerhans, 2007/04/03
iDefense Security Advisory 03.31.07: IBM Tivoli Provisioning Manager for OS Deployment Multiple Vulnerabilities, iDefense Labs, 2007/04/02
[ GLSA 200704-01 ] Asterisk: Two SIP Denial of Service vulnerabilities, Sune Kloppenborg Jeppesen, 2007/04/02
[CFP] VNSECON 07 - Call for Papers / HCMC - August 03-04, 2007, rd, 2007/04/02
iDefense Security Advisory 04.02.07: Hewlett-Packard Mercury Quality Center ActiveX Control ProgColor Buffer Overflow Vulnerability, iDefense Labs, 2007/04/02
APOP vulnerability, Gaëtan LEURENT, 2007/04/02
- Re: APOP vulnerability, 3APA3A, 2007/04/03
  - Re: APOP vulnerability, Gaëtan LEURENT, 2007/04/03
    - Re[2]: APOP vulnerability, 3APA3A, 2007/04/03
Re: AIX 4.3 lsmcode local root command execution, Shiva Persaud, 2007/04/02
WOVB #01: Bypassing Vista Firewall, Flying over obstructive line, TWOVB Team, 2007/04/02
More information on ZERT patch for ANI 0day, Gadi Evron, 2007/04/02
- Re: More information on ZERT patch for ANI 0day, Stefan Kelm, 2007/04/03
  - Re: [Full-disclosure] More information on ZERT patch for ANI 0day, Matthew Murphy, 2007/04/03
  - Re: More information on ZERT patch for ANI 0day, Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP], 2007/04/03
    - Re: More information on ZERT patch for ANI 0day, Jason Frisvold, 2007/04/04
    - Re: More information on ZERT patch for ANI 0day, Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP], 2007/04/04
    - Re: More information on ZERT patch for ANI 0day, Jason Frisvold, 2007/04/04
iDefense Security Advisory 03.31.07: Multiple Vendor ImageMagick DCM and XWD Buffer Overflow Vulnerabilities, iDefense Labs, 2007/04/02
Maplab <= 2.2.1 (gszAppPath) Remote File Inclusion Vulnerability, mufti . rizal, 2007/04/02
- Re: Maplab <= 2.2.1 (gszAppPath) Remote File Inclusion Vulnerability, jasus, 2007/04/02
  - Re: Maplab <= 2.2.1 (gszAppPath) Remote File Inclusion Vulnerability, str0ke, 2007/04/02
Windows XP/Vista (.ANI) Remote Exploit (bypass eeye patch), jamikazu, 2007/04/02
0day Oracle 10g exploit - dbms_aq.enqueue - become DBA, Andrea \"bunker\" Purificato, 2007/04/02
- Re: [Full-disclosure] [RECTIFY] Oracle 10g exploit - dbms_aq.enqueue - become DBA, Andrea \"bunker\" Purificato, 2007/04/03
- Re: 0day Oracle 10g exploit - dbms_aq.enqueue - become DBA, Gadi Evron, 2007/04/03
  - Re: 0day Oracle 10g exploit - dbms_aq.enqueue - become DBA, Andrea Purificato - bunker, 2007/04/03
Re: Denial of Service Vulnerabilities in TrueCrypt 4.3 Linux (re. bid 23180), Pavel Kankovsky, 2007/04/02
- Re: Denial of Service Vulnerabilities in TrueCrypt 4.3 Linux (re. bid 23180), Marco Ivaldi, 2007/04/04
Norton Multiple insufficient argument validation of hooked SSDT function Vulnerability, Matousec - Transparent security Research, 2007/04/02
[SECURITY] [DSA 1274-1] New file packages fix arbitrary code execution, Noah Meyerhans, 2007/04/02
DirectAdmin persistant XSS [takeover an Administrator`s account], Kanedaaa Bohater, 2007/04/02
Re: Drake CMS v0.3.2 < = RFi Vulnerabilities, legolas558, 2007/04/02
[ GLSA 200703-28 ] CUPS: Denial of Service, Raphael Marichez, 2007/04/02
[security bulletin] HPSBMA02198 SSRT061177 rev.1 - HP OpenView Network Node Manager (OV NNM) Remote Unauthorized Access, security-alert, 2007/04/02
[ GLSA 200703-27 ] Squid: Denial of Service, Raphael Marichez, 2007/04/02
MS announces out-of-band patch for ANI 0day, Gadi Evron, 2007/04/02
2BGal 3.1.1 <= (admin/index.php) Remote File Include Vulnerability, BorN To K!LL BorN To K!LL, 2007/04/02
Re: Xoops All Version -Articles- Print.PHP (ID) Blind SQL Injection Exploit And PoC, vaughan . montgomery, 2007/04/02