bugtraq (date)

May 21, 2007

[VulnWatch] REWTERZ-20070518 - Authentication Bypass in Rational Soft's Hidden Administrator, rewterz security team, 15:25

May 15, 2007

[VulnWatch] iDefense Security Advisory 05.14.07: Samba SAMR Change Password Remote Command Injection Vulnerability, iDefense Labs, 14:26

May 14, 2007

[VulnWatch] iDefense Security Advisory 05.10.07: Apple Darwin Streaming Proxy Multiple Vulnerabilities, iDefense Labs, 16:40
[VulnWatch] iDefense Security Advisory 05.10.07: Novell NetMail NMDMC Buffer Overflow Vulnerability, iDefense Labs, 15:25
[VulnWatch] iDefense Security Advisory 05.10.07: Sun Microsystems Solaris SRS Proxy Core srsexec Arbitrary File Read Vulnerability, iDefense Labs, 14:02
[VulnWatch] iDefense Security Advisory 05.09.07: Computer Associates eTrust InoTask.exe Antivirus Buffer Overflow Vulnerability, iDefense Labs, 12:26

May 10, 2007

[VulnWatch] iDefense Security Advisory 05.08.07: McAfee Security Center IsOldAppInstalled ActiveX Buffer Overflow Vulnerability, iDefense Labs, 23:04
[VulnWatch] iDefense Security Advisory 05.08.07: Microsoft Exchange Server 2000 IMAP Literal Processing DoS Vulnerability, iDefense Labs, 21:58
[VulnWatch] iDefense Security Advisory 05.08.07: Microsoft Word RTF File Parsing Heap Corruption Vulnerability, iDefense Labs, 21:16
[VulnWatch] iDefense Security Advisory 05.08.07: Microsoft Excel Filter Record Code Execution Vulnerability, iDefense Labs, 20:57
[VulnWatch] iDefense Security Advisory 05.09.07: Symantec Norton Internet Security 2006 COM Object Security ByPass Vulnerability, iDefense Labs, 20:14
[SECURITY] [DSA 1288-1] New pptpd packages fix denial of service, Moritz Muehlenhoff, 18:43
[security bulletin] HPSBMA02138 SSRT061184 rev.3 - HP OpenView Storage Data Protector, Remote Unauthorized Arbitrary Command Execution, security-alert, 18:43
[security bulletin] HPSBTU02211 SSRT071326 rev.1 - HP Tru64 UNIX Running the dop command, Local Execution of Arbitrary Code with Privilege Elevation, security-alert, 18:43
ZDI-07-027: Microsoft Internet Explorer Table Column Deletion Memory Corruption Vulnerability, zdi-disclosures, 18:43
ZDI-07-026: Microsoft Excel BIFF File Format Named Graph Record Parsing Stack Overflow Vulnerability, zdi-disclosures, 18:43
rPSA-2007-0094-1 cpio, rPath Update Announcements, 18:43
[ GLSA 200705-10 ] LibXfont, TightVNC: Multiple vulnerabilities, Raphael Marichez, 18:43
Advanced Guestbook version 2.4.2 Multiple XSS Attack Vulnerabilities, securityresearch, 18:43
[USN-458-1] MoinMoin vulnerabilities, Kees Cook, 18:43
WASC Announcement: Distributed Open Proxy Honeypot Project Data Released, announcements, 18:43
ZDI-07-024: Trend Micro ServerProtect EarthAgent Stack Overflow Vulnerability, zdi-disclosures, 18:43
[ GLSA 200705-11 ] MySQL: Two Denial of Service vulnerabilities, Raphael Marichez, 18:43
Advanced Guestbook version 2.4.2 Directory Traversal Vulnerability, securityresearch, 18:43
[ GLSA 200705-09 ] IPsec-Tools: Denial of Service, Raphael Marichez, 18:43
AP Newspower software <=4.0.1 allows remote data manipulation, gobbles_fo_evar, 18:43
rPSA-2007-0092-1 tetex tetex-afm tetex-dvips tetex-fonts tetex-latex tetex-xdvi, rPath Update Announcements, 18:43
FLEA-2007-0016-1: kernel, Foresight Linux Essential Announcement Service, 18:43
ZDI-07-025: Trend Micro ServerProtect AgRpcCln.dll Stack Overflow Vulnerability, zdi-disclosures, 18:43
Advanced Guestbook version 2.4.2 Multiple Error Information Leak Vulnerabilities, securityresearch, 18:43
VMSA-2007-0004 Multiple Denial-of-Service issues fixed, VMware Security team, 18:43
[ GLSA 200705-07 ] Lighttpd: Two Denials of Service, Raphael Marichez, 18:43
iDefense Security Advisory 05.07.07: Sun Microsystems Solaris ACE_SETACL Integer Signedness DoS Vulnerability, iDefense Labs, 18:43
Updated: webMethods Security Advisory: Glue console directory traversal vulnerability, Jeremy Epstein, 18:43
OTRS <= 2.0.x XSS/XSRF, ciri, 18:43
Re: NukeSentinel Bypass SQL Injection & Nuke Evolution <= 2.0.3 SQL Injections, technocrat, 18:43
Re: 12All File Upload Vulnerability, info, 18:43
PHPHtmlLib <= 2.4.0 Remote File Include Exploit, ilkerkandemir, 18:43
fipsCMS v2.1 Remote SQL injection Vulnerability, ilkerkandemir, 18:43
[USN-457-1] elinks vulnerability, Kees Cook, 18:43
phpHoo3 (admin.php) Remote Login Bypass SQL Injection Vulnerability, ilkerkandemir, 18:43
pfa CMS v6.0 (index.php repinc) Remote File Include Vulnerability, ilkerkandemir, 18:43
american cart 3.* (abs_path) remote file include, kepledehlah, 18:43
[Reversemode Advisory] VMware Products - GPF Denial of Service, Reversemode, 18:43
[SECURITY] [DSA 1287-1] New ldap-account-manager packages fix multiple vulnerabilities, Noah Meyerhans, 18:43
Re: nucleus 3.22 >> RFI, security curmudgeon, 18:43
Kayako eSupport v3.00.90 Cross Site Scripting (XSS), e1c4, 18:43
Mini Web Shop v.2 Vulnerable to XSS, corrado . liotta, 18:43
Drake CMS (v0.4.0) - CRLF Injection Vulnerability, john, 18:43
UPDATED: CubeCart (v3.0.15) - CRLF Injection Vulnerability, john, 18:43
Podium CMS - Cookie Manipulation Exploit, john, 18:43
[ GLSA 200705-06 ] X.Org X11 library: Multiple integer overflows, Raphael Marichez, 18:43
SunShop (v4) Multiple Vulnerabilities, john, 18:43
Taltech Tal Bar Code ActiveX Control Memory Corruption Vulnerability(-ies), sapheal-hack.pl, 18:43
ACP3 (v4.0b3) - Multiple Vulnerabilities, john, 18:42
[MajorSecurity Advisory #47]Simple Machines Forum (SMF) - Session fixation Issue, admin, 18:42
RE: XSS in Microsoft SharePoint, Jim Harrison, 18:42
Nuked-klaN 1.7.6 Remote Code Execution Exploit, gmdarkfig, 18:42
Re: NPDS <= 5.10 - Multiple SQL injections, aeroxteam_PLEASEDONTSPAMUS, 18:42

May 08, 2007

[ GLSA 200705-08 ] GIMP: Buffer overflow, Raphael Marichez, 10:29

May 02, 2007

[VulnWatch] iDefense Security Advisory 05.02.07: LiveData Protocol Server Heap Overflow Vulnerability, iDefense Labs, 20:18
[VulnWatch] iDefense Security Advisory 04.30.07: Cerulean Studios Trillian Multiple IRC Vulnerabilities, iDefense Labs, 17:02