Mail Index
- Linux Kernel 2.6.18/2.6.24/2.6.20/2.6.22/2.6.21 denial of service exploit
- Re: apache 1.x <=> 2.x suphp (suPHP_ConfigPath) bypass safe mode exploit‎
- A tool to identify the MD5 certs on FF
- [SECURITY] [DSA 1694-1] New xterm packages fix remote code execution
- [SECURITY] [DSA 1695-1] New Ruby packages fix denial of service
- Re: Linux Kernel 2.6.18/2.6.24/2.6.20/2.6.22/2.6.21 denial of service exploit
- Top 5-ish Threats to Watch for in 2009
- PollPro 3.0 XSRF VuLn.
- Re: Linux Kernel 2.6.18/2.6.24/2.6.20/2.6.22/2.6.21 denial of service exploit
- Call for papers and trainers - SeacureIT 2009
- SolucionWeb (main.php?id_area) Remote SQL injection Vulnerability
- Google Chrome FTP PASV IP Malicious Port Scanning Vulnerability.
- ANNOUNCE: RFIDIOt ver 01.v released - Jan 2009
- php 4.x php5.2.x all "show_source()" ,"highlight_file()" bypass‏
- Destiny Media Player 1.61 (.lst File) Local Stack Overflow Exploit
- MSFXDC Metasploit eXploits Development Contest
- Walusoft TFTPServer2000 Version 3.6.1 Directory Traversal
- Re: php 4.x php5.2.x all "show_source()" ,"highlight_file()" bypass‏
- Re: php 4.x php5.2.x all "show_source()" ,"highlight_file()" bypass‏
- [USN-702-1] Samba vulnerability
- [Suspected Spam]"Security Assessment of the Internet Protocol" & the IETF
- Re: php 4.x php5.2.x all "show_source()" ,"highlight_file()" bypass‏
- [USN-703-1] xterm vulnerability
- [SECURITY] [DSA 1694-2] New xterm packages fix regression
- New WHID web hacking incidents
- VUPLAYER BufferOver flow POC
- [oCERT-2008-016] Multiple OpenSSL signature verification API misuses
- Plunet BusinessManager failure in access controls and multiple stored cross site scripting
- CFP: COLSEC 2009
- Secunia Research: HP OpenView Network Node Manager Multiple Vulnerabilities
- [USN-701-2] Thunderbird vulnerabilities
- PHP-Fusion Mod Members Bewerb Sql Injection
- Cisco Security Advisory: Cisco Global Site Selector Appliances DNS Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Secunia Research: TSC2 Help Desk CTab ActiveX Control Buffer Overflow
- [USN-701-1] Thunderbird vulnerabilities
- PHP-Fusion Mod E-Cart Sql Injection
- Plunet BusinessManager failure in access controls and multiple stored cross site scripting
- [SECURITY] [DSA 1696-1] New icedove packages fix several vulnerabilities
- [SECURITY] [DSA 1697-1] New iceape packages fix several vulnerabilities
- FreeBSD Security Advisory FreeBSD-SA-09:02.openssl
- From: FreeBSD Security Advisories
- FreeBSD Security Advisory FreeBSD-SA-09:01.lukemftpd
- From: FreeBSD Security Advisories
- CA20090107-01: CA Service Metric Analysis and CA Service Level Management smmsnmpd Arbitrary Command Execution Vulnerability
- Re: [Suspected Spam]"Security Assessment of the Internet Protocol" & the IETF
- [USN-704-1] OpenSSL vulnerability
- PHP-Fusion Mod vArcade 1.8 Sql Injection Vulnerability
- [IBM Datapower XS40] Denial of Service
- CORE-2008-1128: Openfire multiple vulnerabilities
- From: CORE Security Technologies Advisories
- Re: [IBM Datapower XS40] Denial of Service
- LayerOne 2009 Call for Papers
- From: LayerOne Call For Papers
- [USN-705-1] NTP vulnerability
- AST-2009-001: Information leak in IAX2 authentication
- From: Asterisk Security Team
- [USN-706-1] Bind vulnerability
- [SECURITY] [DSA 1698-1] New gforge packages fix SQL injection
- ShakaCon 2009 Call for Papers and Trainers
- Re: Plunet BusinessManager failure in access controls and multiple stored cross site scripting
- Re: Linux Kernel 2.6.18/2.6.24/2.6.20/2.6.22/2.6.21 denial of service exploit
- Leak of SNMP write password via SNMP read community in NETGEAR WG102 - Prosafe 802.11g Access Point
- Re: Leak of SNMP write password via SNMP read community in NETGEAR WG102 - Prosafe 802.11g Access Point
- Java Runtime UTF-8 Decoder Smuggling Vector
- From: William A. Rowe, Jr.
- Re: Leak of SNMP write password via SNMP read community in NETGEAR WG102 - Prosafe 802.11g Access Point
- Re: Leak of SNMP write password via SNMP read community in NETGEAR WG102 - Prosafe 802.11g Access Point
- [ MDVSA-2009:003 ] python
- [ MDVSA-2009:004 ] pam_mount
- [ MDVSA-2009:002 ] bind
- Re: Team SHATTER Security Advisory: Oracle Database Buffer Overflow in SYS.KUPF$FILE_INT.GET_FULL_FILENAME (DB11)
- From: security curmudgeon
- Re: Team SHATTER Security Advisory: Oracle Database Buffer Overflow in SYS.KUPF$FILE_INT.GET_FULL_FILENAME (DB11)
- [ GLSA 200901-01 ] NDISwrapper: Arbitrary remote code execution
- [ GLSA 200901-02 ] JHead: Multiple vulnerabilities
- Comersus Shopping Cart <= v6 Remote User Pass Exploit
- [ GLSA 200901-03 ] pdnsd: Denial of Service and cache poisoning
- [ GLSA 200901-04 ] D-Bus: Denial of Service
- [SECURITY] [DSA 1699-1] New zaptel packages fix privilege escalation
- [ GLSA 200901-05 ] Streamripper: Multiple vulnerabilities
- [USN-707-1] CUPS vulnerabilities
- RE: Oracle Database Buffer Overflow in SYS.KUPF$FILE_INT.GET_FULL_FILENAME (Oracle CPU April 2008 DB11)
- Hack Aethra SV 1042 Adsl/Voip Router
- PHP Buffer Overflow(popen)
- [TKADV2009-001] Sun Solaris aio_suspend() Kernel Integer Overflow Vulnerability
- [BMSA-2009-01] Authentication bypass in Interspire Shopping Cart v4.0.1 and below
- [ GLSA 200901-06 ] Tremulous: User-assisted execution of arbitrary code
- [SECURITY] [DSA 1700-1] New lasso packages fix validation bypass
- [ MDVSA-2009:005 ] xterm
- SyScan'09 Call For Paper - Shanghai, Hong Kong, Singapore, Taipei
- From: organiser@xxxxxxxxxx
- Visuplay CMS SQL injection vulnerability
- [security bulletin] HPSBMA02392 SSRT071481 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Denial of Service (DoS)
- [TKADV2009-002] Amarok Integer Overflow and Unchecked Allocation Vulnerabilities
- [SECURITY] [DSA 1701-1] New OpenSSL packages fix cryptographic weakness
- [ GLSA 200901-07 ] MPlayer: Multiple vulnerabilities
- [SECURITY] [DSA 1702-1] New ntp packages fix cryptographic weakness
- [SECURITY] [DSA 1703-1] New bind9 packages fix cryptographic weakness
- Secunia Research: DevIL "iGetHdrHeader()" Buffer Overflow Vulnerabilities
- PDFBuilderX 2.2 Arbitrary File Overwrite
- [ GLSA 200901-09 ] Adobe Reader: User-assisted execution of arbitrary code
- [ GLSA 200901-08 ] Online-Bookmarks: Multiple vulnerabilities
- [ MDVSA-2009:006 ] openoffice.org
- ANNOUNCE: DEFCON London - DC4420 - January meet - Thursday 15th Jan 2009
- rPSA-2009-0006-1 samba samba-client samba-server samba-swat
- From: rPath Update Announcements
- iDefense Security Advisory 01.13.09: RIM BlackBerry Enterprise Server Attachment Service PDF Distiller 'symWidths' Heap Overflow Vulnerability
- ZDI-09-001: Microsoft SMB NT Trans Request Parsing Remote Code Execution Vulnerability
- ZDI-09-002: Microsoft SMB NT Trans2 Request Parsing Remote Code Execution Vulnerability
- rPSA-2009-0005-1 git gitweb
- From: rPath Update Announcements
- rPSA-2009-0007-1 pam_krb5
- From: rPath Update Announcements
- [USN-708-1] HPLIP vulnerability
- iDefense Security Advisory 01.13.09: RIM BlackBerry Enterprise Server Attachment Service PDF Distiller 'bitmaps' Heap Overflow Vulnerability
- iDefense Security Advisory 01.13.09: RIM BlackBerry Enterprise Server Attachment Service PDF Distiller Uninitialized Memory Vulnerability
- FreeBSD Security Advisory FreeBSD-SA-09:04.bind
- From: FreeBSD Security Advisories
- Oracle CPU Jan 2009 Advisories.
- [ MDVSA-2009:009 ] kvm
- Cisco Security Advisory: Cisco ONS Platform Crafted Packet Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- [ MDVSA-2009:010 ] qemu
- iDefense Security Advisory 01.13.09: Oracle Secure Backup Administration Server login.php Command Injection Vulnerability
- Trigger Abuse of MDSYS.SDO_TOPO_DROP_FTBL in Oracle 10g R1 and R2
- Call for Papers: Cyber Warfare
- Cisco Security Advisory: IronPort Encryption Appliance / PostX and PXE Encryption Vulnerabilities
- From: Cisco Systems Product Security Incident Response Team
- OTSTurntables 1.00.027 (.ofl) Local Stack Overflow Exploit
- [ MDVSA-2009:007 ] ntp
- RE: DoS code for Cisco VLAN Trunking Protocol Vulnerability
- From: Paul Oxman (poxman)
- Cisco Unified IP Phone 7960G and 7940G (SIP) RTP Header Vulnerability
- phpList <= 2.10.8 Local File inclusion
- WowWee Rovio - Insufficient Access Controls - Covert Audio/Video Snooping Possible
- iDefense Security Advisory 01.13.09: Oracle Database 10g R2 Summary Advisor Arbitrary File Rewrite Vulnerability
- DoS code for Cisco VLAN Trunking Protocol Vulnerability
- iDefense Security Advisory 01.13.09: Oracle Secure Backup Administration Server login.php Command Injection Vulnerability
- [ MDVSA-2009:008 ] qemu
- Cisco Security Response: Cisco IOS Cross-Site Scripting Vulnerabilities
- From: Cisco Systems Product Security Incident Response Team
- PR08-19: XSS on Cisco IOS HTTP Server
- From: ProCheckUp Research
- [SECURITY] [DSA 1704-1] New xulrunner packages fix several vulnerabilities
- ZDI-09-003: Oracle Secure Backup exec_qr() Command Injection Vulnerability
- ZDI-09-004: Oracle TimesTen evtdump Remote Format String Vulnerability
- Oracle Secure Backup 10g Remote Code Execution
- Oracle TimesTen Remote Format String
- [ GLSA 200901-10 ] GnuTLS: Certificate validation error
- [ GLSA 200901-11 ] Avahi: Denial of Service
- TFTPUtil GUI TFTP Directory Traversal
- TFTPUtil GUI TFTP Server Denial of Service Vulnerability
- Windows NTP Time Server Syslog Monitor 1.0.000 Denial of Service Vulnerability
- Re: Assurent VR - Oracle BEA WebLogic Server Apache Connector Buffer Overflow
- From: security curmudgeon
- [ MDVSA-2009:011 ] virtualbox
- Re: iDefense Security Advisory 01.13.09: Oracle Secure Backup Administration Server login.php Command Injection Vulnerability
- From: security curmudgeon
- Oracle Secure Backup Multiple Denial Of Service vulnerabilities
- From: noreply-secresearch@xxxxxxxxxxxx
- Oracle Secure Backup's observiced.exe Denial Of Service vulnerability
- From: noreply-secresearch@xxxxxxxxxxxx
- Oracle Secure Backup NDMP_CONECT_CLIENT_AUTH Command Buffer Overflow Vulnerability
- From: noreply-secresearch@xxxxxxxxxxxx
- ANNOUNCE: apache_1.3.41+ssl_1.60 released
- [waraxe-2009-SA#070] - Multiple Vulnerabilities in MKPortal <= 1.2.1
- [SECURITY] [DSA 1705-1] New netatalk packages fix arbitrary code execution
- [USN-709-1] tar vulnerability
- [SECURITY] [DSA 1707-1] New iceweasel packages fix several vulnerabilities
- [ MDVSA-2009:012 ] mozilla-thunderbird
- [SECURITY] [DSA 1706-1] New amarok packages fix arbitrary code execution
- [USN-700-2] Perl regression
- Syslserve 1.058 Denial of Service Vulnerability
- [ MDVSA-2009:014 ] mplayer
- [ MDVSA-2009:015 ] ffmpeg
- DMXReady Blog Manager (SQL/XSS)
- [ MDVSA-2009:013 ] mplayer
- Active Bids
- [ MDVSA-2009:016 ] xen
- Announce: RSBAC 1.4.0 released
- [ MDVSA-2009:017 ] kdebase
- Excel Viewer OCX 3.1/3.2 Denial of Service PoC
- Sagem router f@st 2404 remote reset poc
- FBI XSS Vulnerability
- [ MDVSA-2009:018 ] tomcat5
- Ralinktech wireless cards drivers vulnerability
- 53KF Web IM 2009 Cross-Site Scripting Vulnerabilities
- [Wintercore Research ] Fujitsu SystemcastWizard Lite PXEService Remote Buffer Overflow.
- Advisory: Oracle EBusiness Suite Sensitive Information Disclosure Vulnerability
- [ GLSA 200901-12 ] noip-updater: Execution of arbitrary code
- Web Hacking Incidents update for Jan 19th
- [ MDVSA-2009:019 ] imlib2
- [SECURITY] [DSA 1708-1] New Git packages fix remote code execution
- Secunia Research: EasyHDR Pro Radiance RGBE Buffer Overflow
- Cybershade CMS Remote File include vulnerability
- [ANNOUNCE] Apache Jackrabbit 1.5.2 released
- Re: Remote Cisco IOS FTP exploit
- MoinMoin Wiki Engine XSS Vulnerability
- Oracle Containers For Java Directory Traversal (OC4J) Oracle Application Server 10g (10.1.3.1.0) Oracle HTTP Server
- Secunia Research: Trend Micro Network Security Component Vulnerabilities
- [security bulletin] HPSBMA02400 SSRT080144 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code
- Microsoft Bluetooth Stack OBEX Directory Traversal
- Secunia Research: OpenSG Radiance RGBE Buffer Overflow Vulnerability
- Re: Remote Cisco IOS FTP exploit
- From: security curmudgeon
- Videos from HITBSecConf2008 - Malaysia released!
- rPSA-2009-0011-1 perl
- From: rPath Update Announcements
- rPSA-2009-0009-1 bind bind-utils
- From: rPath Update Announcements
- rPSA-2009-0010-1 ntp ntp-utils
- From: rPath Update Announcements
- rPSA-2009-0008-1 openssl
- From: rPath Update Announcements
- [ GLSA 200901-13 ] Pidgin: Multiple vulnerabilities
- rPSA-2009-0014-1 hplip
- From: rPath Update Announcements
- [SECURITY] [DSA 1693-2] New phppgadmin packages fix regression
- [SECURITY] [DSA 1709-1] New shadow packages fix privilege escalation
- CfP: 16th ACM Conference on Computer and Communications Security (CCS) 2009
- From: Christopher Kruegel
- [DSECRG-09-004] AXIS 70U Network Document Server - Privilege Escalation and XSS
- From: Digital Security Research Group
- Cisco Security Advisory: Cisco Security Manager Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco Unified Communications Manager CAPF Denial of Service Vulnerability`
- From: Cisco Systems Product Security Incident Response Team
- Joomla component beamospetition 1.0.12 Sql Injection
- Re: [Full-disclosure] Oracle Containers For Java Directory Traversal (OC4J) Oracle Application Server 10g (10.1.3.1.0) Oracle HTTP Server
- Digital Security opens a site of its research center DSec Research Group
- From: Digital Security Research Group
- [IMF 2009] Call for Papers
- [ GLSA 200901-14 ] Scilab: Insecure temporary file usage
- [ MDVSA-2009:024 ] php4
- [ MDVSA-2009:020 ] xine-lib
- ZDI-09-006: Apple QuickTime AVI Header nBlockAlign Heap Corruption Vulnerability
- Asp-project Cookie Handling
- [ MDVSA-2009:022 ] php
- ZDI-09-008: Apple QuickTime STSD JPEG Atom Heap Corruption Vulnerability
- [ GLSA 200901-15 ] Net-SNMP: Denial of Service
- VUPlayer 2.49 .ASX local universal BOF exploit
- From: maroc-anti-connexion
- [ MDVSA-2009:023 ] php
- ZDI-09-005: Apple QuickTime VR Track Header Atom Heap Corruption Vulnerability
- [ MDVSA-2009:021 ] php
- ZDI-09-007: Apple QuickTime Cinepak Codec MDAT Heap Corruption Vulnerability
- [TKADV2009-003] GStreamer Heap Overflow and Array Index out of Bounds Vulnerabilities
- [ MDVSA-2009:025 ] pidgin
- PHP-Nuke 8.0 Downloads Blind Sql Injection
- Secunia Research: AXIS Camera Control "image_pan_tilt" Property Buffer Overflow
- BBSxp Xss vulnerability
- [ MDVSA-2009:026 ] phpMyAdmin
- ZDI-09-009: EMC AutoStart Backbone Engine Trusted Pointer Code Execution Vulnerability
- Oblog XSS valnerability
- Problems with syscall filtering technologies on Linux
- VUplayer (.wax file) local buffer overflow crash exploit
- [HACKATTACK Advisory 25012009]ConPresso CMS 4.07 - Session Fixation, XFS, XSS
- Browser3D 3.5 (.sfs File) Local Stack Overflow Exploit (c)
- From: maroc-anti-connexion
- Lootan(kedor) Sql Injection vulnerability
- SonyEricsson WAP Push Denial of Service
- From: Mobile Security Lab
- Nokia Multimedia Player (.AVI File) Null Dereference Pointer Exploit
- LDF Sql injection vulnerability
- /bin/login DoS remains after DSA-1709
- Re: ZDI-09-007: Apple QuickTime Cinepak Codec MDAT Heap Corruption Vulnerability
- From: security curmudgeon
- MediaMonkey 3.0.6 (.m3u file) Local Buffer Overflow PoC
- Re: [Full-disclosure] ZDI-09-007: Apple QuickTime Cinepak Codec MDAT Heap Corruption Vulnerability
- Browse3d (.sfs file) Local Stack Overflow Exploit
- Benchmarking attacks and major security weakness on all recent Windows versions up to Windows 200
- Re: munky-bliki lfi
- From: security curmudgeon
- [ MDVSA-2009:027 ] cups
- EleCard MPEG PLAYER (.m3u file) Local Stack Overflow Exploit
- CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities
- Re: Oblog XSS valnerability
- WB News v2.0.X Remote File include ..
- [SECURITY] [DSA 1710-1] New ganglia-monitor-core packages fix remote code execution
- [SECURITY] [DSA 1711-1] New TYPO3 packages fix remote code execution
- [USN-710-1] xine-lib vulnerabilities
- [USN-711-1] KTorrent vulnerabilities
- Re: FUD Forum < 2.7.1 PHP code injection vurnelability
- NewsCMSlite Insecure Cookie Handling
- [USN-712-1] Vim vulnerabilities
- Secunia Research: OpenX Multiple Vulnerabilities
- OpenX 2.6.3 - Local File Inclusion
- CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities (Updated - v1.1)
- JetAudio Basic 7.0.3 BufferOverFlow PoC
- SAP NetWeaver XSS Vulnerability
- Total video player 1.3.7 local buffer overflow universal exploit
- From: maroc-anti-connexion
- CA20090126-01: CA Anti-Virus Engine Detection Evasion Multiple Vulnerabilities
- Max.Blog <= 1.0.6 (show_post.php) SQL Injection Vulnerability
- From: Salvatore \"drosophila\" Fresta
- [ MDVSA-2009:030 ] amarok
- Max.Blog <= 1.0.6 (submit_post.php) SQL Injection Vulnerability
- From: Salvatore \"drosophila\" Fresta
- Max.Blog <= 1.0.6 (offline_auth.php) Offline Authentication Bypass
- From: Salvatore \"drosophila\" Fresta
- [USN-713-1] openjdk-6 vulnerabilities
- CONFidence 2009, Final CfP
- Web Hacking Incidents update for Jan 28th
- Internet explorer 7.0 stack overflow
- Re: DoS attacks on MIME-capable software via complex MIME emails
- CORE-2008-1211: Amaya web editor XML and HTML parser vulnerabilities
- From: Core Security Technologies Advisories
- Advisory: Google Chrome 1.0.154.43 ClickJacking Vulnerability.
- [TKADV2009-004] FFmpeg Type Conversion Vulnerability
- [SECURITY] [DSA 1712-1] New rt2400 packages fix arbitrary code execution
- [SECURITY] [DSA 1713-1] New rt2500 packages fix arbitrary code execution
- [SECURITY] [DSA 1714-1] New rt2570 packages fix arbitrary code execution
- dBpowerAMP Audio Player v2 ( .pls file) LoCaL BufferOverFlow Exploit
- [security bulletin] HPSBMP02404 SSRT090014 rev.1 - MPE/iX Running BIND/iX, Remote DNS Cache Poisoning
- Re: Internet explorer 7.0 stack overflow
- [SECURITY] [DSA 1715-1] New moin packages fix insufficient input sanitising
- [security bulletin] HPSBMA02403 SSRT090007 rev.1 - HP Select Access Running on HP-UX, Linux, Solaris, and Windows, Remote Cross Site Scripting (XSS)
- Oracle Forms Cross site Scripting in (iFcgi60.exe / f60servlet)
- Re: Advisory: Google Chrome 1.0.154.43 ClickJacking Vulnerability.
- Oracle Application Server 10g Cross Site Scripting Vulnerability
- Re: Secunia Research: OpenX Multiple Vulnerabilities
- Motorola Wimax Modem CPEi300 Multiple Vulnerabilities
- rPSA-2009-0021-1 sudo
- From: rPath Update Announcements
- PerlSoft Guestbook v1.7b Bruteforcer + RCE!
- [SECURITY] [DSA 1704-2] Updated netatalk packages fix denial of service
- Re: XSS vulnerabilty in ASP.Net [with details]
- Bugs Online v2.14 Sql Injection
- CVE-2008-4990 Enomaly ECP/Enomalism: Insecure temporary file creation vulnerabilities
- Re[2]: Internet explorer 7.0 stack overflow
- From: Vladimir '3APA3A' Dubrovin
- [OPENX-SA-2009-001] OpenX 2.4.10 and 2.6.4 fix multiple vulnerabilities
- [USN-715-1] Linux kernel vulnerabilities
- ANNOUNCE - RFIDIOt 0.1w released - January 2009
- [USN-716-1] MoinMoin vulnerabilities
- PR08-21: Cross-site Request Forgery (CSRF) on Novell GroupWise WebAccess allows email theft and other attacks
- From: ProCheckUp Research
- PR08-22: Persistent XSS on Novell GroupWise WebAccess
- From: ProCheckUp Research
- PR08-23: XSS on Novell GroupWise WebAccess
- From: ProCheckUp Research
- Re: Re: Google Chrome Browser (ChromeHTML://) remote parameter injection POC
- [SECURITY] [DSA 1716-1] New vnc4 packages fix remote code execution
- BruCON call for papers
- [ MDVSA-2009:031 ] avahi
- VMSA-2009-0001 ESX patches address an issue loading corrupt virtualdisks and update Service Console packages
- From: VMware Security Team
- Secunia Research: Free Download Manager Torrent Parsing Buffer Overflows
- Secunia Research: Free Download Manager Remote Control Server Buffer Overflow
- [ MDVSA-2009:032 ] kernel
- [Wintercore Research WS02-0209] Kaspersky Products Klim5.sys local privilege escalation
- ZDI-09-010: Novell Netware Groupwise GWIA RCPT Command Buffer Overflow Vulnerability
- Hex Workshop v6 "ColorMap files .cmap" Invalid Memory Reference crash POC
- Security Advisory for Bugzilla 3.2.1, 3.0.7, and 3.3.2
- Web Hacking Incidents update for Feb 3rd
- NaviCopa webserver 3.01 Multiple Vulnerabilities
- SMF 1.1.7 Persistent XSS (requires permision to edit censor)
- Nokia Multimedia Player v1.1 .m3u Heap Overflow PoC exploit
- [security bulletin] HPSBUX02407 SSRT080107 rev.1 - HP-UX Running IPv6, Remote Denial of Service (DoS) and Unauthorized Access
- Call for papers and trainers - note extended deadline - SeacureIT 2009
- Team SHATTER Security Advisory: Oracle Database Buffer Overflow in SYS.OLAPIMPL_T.ODCITABLESTART
- Team SHATTER Security Advisory: SQL Injection in Oracle Enterprise Manager (TARGET Parameter)
- CORE-2008-1009 - VNC Multiple Integer Overflows
- From: CORE Security Technologies Advisories
- Euphonics Audio Player v1.0 (.pls) Local BOF POC
- Squid Proxy Cache Denial of Service in request handling
- [security bulletin] HPSBUX02401 SSRT090005 rev.1 - HP-UX Running Apache Web Server Suite, Remote Denial of Service (DoS), Cross-site Scripting (XSS), Execution of Arbitrary Code, Cross-Site Request Forgery (CSRF)
- [ MDVSA-2009:033 ] sudo
- QIP 2005 Denial of Service Vulnerability
- DDIVRT-2008-19 HP JetDirect Web Administration Directory Traversal
- From: vulnerabilityresearch
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco Wireless LAN Controllers
- From: Cisco Systems Product Security Incident Response Team
- rgboard v4 (07.07.27) Multiple Vulnerability
- metabbs 0.11 Change admin password vulnerability
- LCPlayer (.qt file) EOP change PoC (app crash)
- StreamDown v6.4.3 Local Buffer Overflow PoC
- Re: DMXReady Blog Manager (SQL/XSS)
- [Tool] sqlmap 0.6.4 released
- From: Bernardo Damele A. G.
- Cisco IOS XSS/CSRF Vulnerability
- [SVRT-02-09] FeedDemon (ver<=2.7) Buffer Overflow Vulnerability
- [SECURITY] [DSA 1717-1] New devil packages fix buffer overflow
- Re: SMF 1.1.7 Persistent XSS (requires permision to edit censor)
- Nokia N95-8 browser denial of service
- C4 SCADA Security Advisory - AREVA e-terrahabitat / e-terraplatform Multiple Vulnerabilities
- dBpowerAMP Audio Player local buffer overflow exploit
- From: maroc-anti-connexion
- Re: Nokia N95-8 browser denial of service
- Speaking line up confirmed! uCon Security Conference 2009 - Recife, Brazil
- From: uCon Security Conference
- SFX-SQLi: A new SQL injection technique for MSSQL (dumps a table in one request!)
- [security bulletin] HPSBPI02398 SSRT080166 rev.1 - Certain HP LaserJet Printers, HP Color LaserJet Printers, and HP Digital Senders, Remote Unauthorized Access to Files
- RealNetworks RealPlayer IVR File Processing Multiple Code Execute Vulnerabilities
- From: noreply-secresearch@xxxxxxxxxxxx
- [security bulletin] HPSBMA02406 SSRT080100 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code
- [security bulletin] HPSBUX02408 SSRT080182 rev.1 - HP-UX Running NFS, Local Denial of Service (DoS)
- Re: SFX-SQLi: A new SQL injection technique for MSSQL (dumps a table in one request!)
- Vulnerable: Ilch CMS
- iDefense Security Advisory 02.06.09: HP Network Node Manager Multiple Command Injection Vulnerabilities
- CamFrog Password Disclosure Vulnerability
- iDefense Security Advisory 02.06.09: HP Network Node Manager Multiple Information Disclosure Vulnerabilities
- [ GLSA 200902-01 ] sudo: Privilege escalation
- [oCERT-2009-002] OpenCORE insufficient bounds checking during MP3 decoding
- [SECURITY] [DSA 1718-1] New boinc packages fix validation bypass
- Re: SFX-SQLi: A new SQL injection technique for MSSQL (dumps a table in one request!)
- From: Roman Medina-Heigl Hernandez
- PHP filesystem attack vectors
- [BMSA-2009-02] XML injection in PyBlosxom
- Re: [Full-disclosure] PHP filesystem attack vectors
- Re: SFX-SQLi: A new SQL injection technique for MSSQL (dumps a table in one request!)
- rooting your own phone: android security
- LFI in Drupal CMS
- Trend micro - IWSVA/IWSS - Authorization module password leak
- Nokia N95-8 JPG crash
- 3Com OfficeConnect Wireless Cable/DSL Router Authentication Bypass
- ZeroShell <= 1.0beta11 Remote Code Execution
- Re: SFX-SQLi: A new SQL injection technique for MSSQL (dumps a table in one request!)
- London DEFCON DC4420 - February 2009 Meet - Thursday 12th
- Remote Authentication Bypass - Swann DVR4 SecuraNet (possibly DVR9 as well)
- [ECHO_ADV_102$2009] BusinessSpace <= 1.2 (id) Remote SQL Injection Vulnerability
- Re: Nokia N95-8 JPG crash
- From: Dmitry Yu. Bolkhovityanov
- [SECURITY] [DSA 1719-1] New gnutls13 packages fix certificate validation
- Another SQL injection in ProFTPd with mod_mysql (probably postgres as well)
- Craft Silicon Banking@Home SQL Injection
- From: Francesco Bianchino
- [Suspected Spam][Fwd: Re: Novell-QuickFinder Server Xss & Java remote execution Code]
- Web Hacking Incidents update for Feb 10th
- Re: PHP filesystem attack vectors
- Nokia Phoenix Service Software 2008.04.007.32837 overflow POC
- [ MDVSA-2009:034 ] squid
- Re: Another SQL injection in ProFTPd with mod_mysql (probably postgres as well)
- [SECURITY] [DSA 1720-1] New TYPO3 packages fix several vulnerabilities
- ZDI-09-012: Microsoft Internet Explorer Malformed CSS Memory Corruption
- ZDI-09-011: Microsoft Internet Explorer CFunctionPointer Memory Corruption Vulnerability
- [USN-717-1] Firefox and Xulrunner vulnerabilities
- ProFTPd with mod_mysql Authentication Bypass Exploit
- Re: Re: Another SQL injection in ProFTPd with mod_mysql (probably postgres as well)
- [ MDVSA-2009:035 ] gstreamer0.10-plugins-good
- Local vulnerability in suexec + FastCGI + PHP configurations
- Re: Another SQL injection in ProFTPd with mod_mysql (probably postgres as well)
- Full Path Disclosure In Photolibrary 1.009
- [USN-717-3] Firefox vulnerabilities
- [security bulletin] HPSBMA02331 SSRT080000 rev.3 - HP-UX running WBEM Services, Remote Execution of Arbitrary Code, Gain Extended Privileges
- [USN-717-2] Firefox vulnerabilities
- Web Hacking Incidents update for Feb 10th (Links corrected)
- Directory traversal vulnerability in Geovision Digital Video Surveillance System (geohttpserver)
- Re: Another SQL injection in ProFTPd with mod_mysql (probably postgres as well)
- [SECURITY] [DSA 1722-1] New libpam-heimdal packages fix local privilege escalation
- pam-krb5 security advisory (3.12 and earlier)
- Re: pam-krb5 security advisory (3.12 and earlier)
- BackTrack 4 Beta Released
- Re: Another SQL injection in ProFTPd with mod_mysql (probably postgres as well)
- From: Edward Bjarte Fjellskål
- [SECURITY] [DSA 1721-1] New libpam-krb5 packages fix local privilege escalation
- SEP(Symantec) Bug
- Re: LFI in Drupal CMS
- Full Path Disclosure In Photolibrary 1.009(Update)
- Denial of Service using Partial GET Request in Mozilla Firefox 3.06
- RE: SEP(Symantec) Bug
- [ MDVSA-2009:036 ] python
- [USN-719-1] pam-krb5 vulnerabilities
- Re: Denial of Service using Partial GET Request in Mozilla Firefox 3.06
- [USN-720-1] PHP vulnerabilities
- [ GLSA 200902-03 ] Valgrind: Untrusted search path
- [ GLSA 200902-02 ] OpenSSL: Certificate validation error
- Re: Denial of Service using Partial GET Request in Mozilla Firefox 3.06
- [ GLSA 200902-04 ] xterm: User-assisted arbitrary commands execution
- Re: RE: SEP(Symantec) Bug
- Re: Re: Denial of Service using Partial GET Request in Mozilla Firefox 3.06
- Nokia N95 browser "setAttributeNode" method crash
- Enomaly ECP/Enomalism: Silent update remote command execution vulnerability
- [security bulletin] HPSBUX02401 SSRT090005 rev.2 - HP-UX Running Apache Web Server Suite, Remote Denial of Service (DoS), Cross-site Scripting (XSS), Execution of Arbitrary Code, Cross-Site Request Forgery (CSRF)
- Re: SEP(Symantec) Bug
- Security Assessment of the Transmission Control Protocol (TCP)
- SEPKILL /im SMC.EXE /f
- RE: SEP(Symantec) Bug
- Re: SEPKILL /im SMC.EXE /f
- Re: SEPKILL /im SMC.EXE /f
- Cross-site scripting in Samizdat 0.6.1
- Re: SEPKILL /im SMC.EXE /f
- Re: Enomaly ECP/Enomalism: Silent update remote command execution vulnerability
- Re: SEPKILL /im SMC.EXE /f
- RE: SEPKILL /im SMC.EXE /f
- ACM CCS '09: Call for Workshop Proposals
- From: Christopher Kruegel
- Re: Local vulnerability in suexec + FastCGI + PHP configurations
- RainbowCrack 1.3 is released, the new generation of time-memory tradeoff hash cracker
- cryptsetup can't destroy last key of a LUKS partition under Ubuntu/Debian
- Re: Denial of Service using Partial GET Request in Mozilla Firefox 3.06
- [SECURITY] [DSA 1724-1] New moodle packages fix several vulnerabilities
- Re: Enomaly ECP/Enomalism: Silent update remote command execution vulnerability
- Re: SEP(Symantec) Bug
- [security bulletin] HPSBPI02398 SSRT080166 rev.2 - Certain HP LaserJet Printers, HP Color LaserJet Printers, and HP Digital Senders, Remote Unauthorized Access to Files
- Enomaly ECP/Enomalism: Multiple vulnerabilities in enomalism2.sh (redux)
- [SECURITY] [DSA 1725-1] New websvn packages fix information leak
- [UPRSN] Ubuntu Privacy Remix 8.04r3 fixes security issues
- From: Ubuntu Privacy Remix Team
- [waraxe-2009-SA#072] - Multiple Vulnerabilities in RavenNuke 2.3.0
- [ MDVSA-2009:037 ] bind
- RFI Bug
- [ MDVSA-2009:038 ] blender
- [ MDVSA-2009:039 ] gedit
- FreeBSD Security Advisory FreeBSD-SA-09:05.telnetd
- From: FreeBSD Security Advisories
- [ MDVSA-2009:040 ] dia
- Re: RFI Bug
- [security bulletin] HPSBMA02406 SSRT080100 rev.2 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code, Unauthorized Access to Data
- [ MDVSA-2009:041 ] jhead
- [USN-721-1] fglrx-installer vulnerability
- [USN-722-1] sudo vulnerability
- Re: SyScan'09 Call For Paper - Shanghai, Hong Kong, Singapore, Taipei
- From: organiser@xxxxxxxxxx
- Re: LFI in Drupal CMS
- DDIVRT-2009-20 NetMRI Login Application Cross-site Scripting Vulnerability
- RE: hello bug in windows live messenger
- [ MDVSA-2009:042 ] samba
- [USN-723-1] Git vulnerabilities
- Re: [Full-disclosure] Joomla Component com_joomradio SQL Injection
- Weekly Web Hacking Incidents update for Feb 19th
- Apache directory traversal on shared hosting environment.
- Re: SEPKILL /im SMC.EXE /f
- Re: Apache directory traversal on shared hosting environment.
- Re: Apache directory traversal on shared hosting environment.
- [ MDVA-2009:027 ] kernel
- Re: Team SHATTER Security Advisory: Oracle Database Buffer Overflow in SYS.OLAPIMPL_T.ODCITABLESTART
- From: security curmudgeon
- [ MDVSA-2009:043 ] gnumeric
- [ MDVSA-2009:044 ] firefox
- Re: Re: Denial of Service using Partial GET Request in Mozilla Firefox 3.06
- [ MDVSA-2009:046 ] dia
- PHCDownload 1.1.0 Vulnerabilities
- Re: SEPKILL /im SMC.EXE /f
- Re: SEPKILL /im SMC.EXE /f
- [ MDVSA-2009:047 ] vim
- [ MDVSA-2009:045 ] php
- [ MDVSA-2009:048 ] epiphany
- [ MDVSA-2009:049 ] pycrypto
- [ MDVSA-2009:050 ] python-pycrypto
- gigCalendar Joomla Component 1.0 SQL Injection
- From: Salvatore \"drosophila\" Fresta
- gigCalendar 1.0 (banddetails.php) Joomla Component SQL Injection
- From: Salvatore \"drosophila\" Fresta
- gigCalendar 1.0 (venuedetails.php) Joomla Component SQL Injection
- From: Salvatore \"drosophila\" Fresta
- XSS Attack using SMS to Optus/Huawei E960 HSDPA Router
- HP Quality Center vulnerability
- [ECHO_ADV_103$2009] taifajobs <= 1.0 (jobid) Remote SQL Injection Vulnerability
- [ MDVSA-2009:050-1 ] python-pycrypto
- [ MDVSA-2009:051 ] libpng
- [ GLSA 200902-05 ] KTorrent: Multiple vulnerabilitites
- [ GLSA 200902-06 ] GNU Emacs, XEmacs: Multiple vulnerabilities
- [ MDVSA-2009:049-1 ] pycrypto
- VMSA-2009-0002 VirtualCenter Update 4 updates Tomcat to 5.5.27
- From: VMware Security team
- [ MDVSA-2009:048-1 ] epiphany
- [ MDVSA-2009:047-1 ] vim
- [ MDVSA-2009:047-1 ] vim
- iDefense Security Advisory 02.24.09: Adobe Flash Player Invalid Object Reference Vulnerability
- [ MDVSA-2009:052 ] php-smarty
- Re: Another SQL injection in ProFTPd with mod_mysql (probably postgres as well)
- [ MDVSA-2009:053 ] squirrelmail
- [ MDVSA-2009:054 ] nagios
- Secunia Research: Orbit Downloader Long URL Parsing Buffer Overflow
- pPIM Multiple Vulnerabilities
- From: Justin C. Klein Keane
- [security bulletin] HPSBMA02384 SSRT071465 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Unauthorized Access, Denial of Service (DoS)
- Apple Safari 4 Beta feeds: URI NULL Pointer Dereference Denial of Service Vulnerability
- [DSECRG-09-008] JOnAS(4.10.3) - Linked XSS Vulnerability
- From: Digital Security Research Group
Mail converted by MHonArc
This mailing list archive is a service of Copilotco.