Mail Thread Index
- Re: [funsec] Delicious Irony of the Day: BillOReilly.com DDoS'd,
Brian Loe
- Re: [Full-disclosure] Is OWASP vulnerable ??,
jf
- [Full-disclosure] Exploit selling service up and running,
kingcope
- [Full-disclosure] Firefox: about:blank is phisher's best friend,
Michal Zalewski
- Re: [Full-disclosure] [WEB SECURITY] Re: Good resources on Web 2.0,
bugtraq
- Re: [Full-disclosure] Microsoft Windows Vista/2003/XP/2000 file management security issues,
czino2
- [funsec] Faux News,
Ken Dyke
- [funsec] 10 Indepentents 67 Republicans 298 Democrats,
Ken Dyke
- [Full-disclosure] etom 7.0 paper.,
Ozan Ozkara
- Re: [Full-disclosure] is scarlet pimpernel a dork? [was] Is OWASP vulnerable ??,
Knud Erik Højgaard
- Re: [Full-disclosure] firefox 2.0.0.2 crash,
endrazine
- Re: [funsec] Gadi on Public Radio's 'Marketplace' Tomorrow?,
Gadi Evron
- [Full-disclosure] XSS and SQL Injection in Election Commision of India website (now fixed),
Ajay Pal Singh Atwal
- [Full-disclosure] A small phishing operation,
phpninja
- [Full-disclosure] R: A small phishing operation,
bunker
- [Full-disclosure] TinyMCE_exp Remote File Include Vulnerability,
0o_zeus_o0 elitemexico.org
- [Full-disclosure] a heeeee he announcement,
heeeee he
- [Full-disclosure] a heeee he announcement,
heeeee he
- [funsec] Not so fast, broadband providers tell big users,
'Richard M. Smith'
- [Full-disclosure] Iframe-Cash/Iframe-Dollars Adware bundle...oooh... my ....god..,
Thierry Zoller
- [Full-disclosure] RIM BlackBerry Pearl 8100 Browser DoS,
mike kemp
- Remote File Include In Script PHP Photo Album,
RaeD Hasadya
- Remote File Include In Script moodle-1.7.1,
RaeD Hasadya
- Remote File Include In ClipShare.v1.5.3,
RaeD Hasadya
- [security bulletin] HPSBUX02129 SSRT061149 rev.2 - HP-UX running SLP, Remote Unauthorized Access,
security-alert
- Wiki Remote Authentication Bypass Vulnerability,
DoZ
- [Full-disclosure] Call for Papers: DeepSec IDSC 2007 Europe/Vienna: 20-23 Nov 2007,
Paul Böhm
- AssetMan 2.4a <= (download_pdf.php) Remote File Disclosure Vulnerability,
BorN To K!LL BorN To K!LL
- Fantastico In all Version Cpanel 10.x <= local File Include,
z3r0 z3r0.2.z3r0
- [funsec] Al-Qaeda Plot to Bring Down UK Internet?,
Fergie
- GuppY v4.0 remote del files/index,
sn0oPy . team
- RIM BlackBerry Pearl 8100 Browser DoS,
clappymonkey
- Re: PHP-Nuke <= 8.0 Cookie Manipulation (lang),
Paul Laudanski
- [Full-disclosure] XSS on eplus.de, german mobile telephony provider,
Hanno BÃck
- [security bulletin] HPSBUX02196 SSRT071318 rev.2 - HP-UX Java (JRE and JDK) Remote Execution of Arbitrary Code,
security-alert
- [VulnWatch] iDefense Security Advisory 03.07.07: Ipswitch IMail Server 2006 Multiple ActiveX Control Buffer Overflow Vulnerabilities,
iDefense Labs
- [VulnWatch] Php Nuke POST XSS on steroids,
ascii
- [VulnWatch] Windows Multimedia mmioRead Denial of Service Vulnerability,
Michał Majchrowicz
- [funsec] insite to using cell phone to intercept,
RMueller
Re: [Full-disclosure] PHP import_request_variables() arbitrary variable overwrite,
Steven M. Christey
[Full-disclosure] [USN-435-1] Xine vulnerability,
Kees Cook
[Full-disclosure] new AttackAPI,
pdp (architect)
[Full-disclosure] [USN-436-1] KTorrent vulnerabilities,
Kees Cook
[Full-disclosure] XSS on eplus.de, german mobile telephony provider,
security
[Full-disclosure] XSS at Aon.at, Austrian ISP,
Florian Stinglmayr
Re: Microsoft Windows Vista/2003/XP/2000 file management security issues,
Steven M. Christey
[Full-disclosure] [USN-432-2] GnuPG2, GPGME vulnerability,
Kees Cook
Re: Firekeeper - IDS for Firefox available,
Jan Wrobel
[Full-disclosure] heeee he,
heeeee he
RE: Xbox 360 Hypervisor Privilege Escalation Vulnerability,
Dr Joe
[Full-disclosure] heeeee he,
heeeee he
[ECHO_ADV_69$2007] OES (Open Educational System) 0.1beta Remote File Inclusion Vulnerability,
erdc
Iframe-Cash/Iframe-Dollars Adware bundle...oooh... my ....god..,
Thierry Zoller
Call for Papers: DeepSec IDSC 2007 Europe/Vienna: 20-23 Nov 2007,
Paul Böhm
[Full-disclosure] Unrarlib 0.4.0 (urarlib_get) Local buffer overflow,
starcadi
[ECHO_ADV_73$2007] MySQL Commander <= 2.7 (home) Remote File Inclusion Vulnerability,
erdc
Weekly Drawing Contest <= (check_vote.php) Remote File Disclosure Vuln,
BorN To K!LL BorN To K!LL
[Full-disclosure] [ MDKSA-2007:062 ] - Updated xine-lib packages to address buffer overflow vulnerability,
security
[Full-disclosure] vbulletin admincp sql injection,
disfigure
JGBBS 3.0beta1 Version Search.ASP "Author" SQL Injection Exploit,
UniquE
[Full-disclosure] [ MDKSA-2007:061 ] - Updated mplayer packages to address buffer overflow vulnerability,
security
[ MDKSA-2007:061 ] - Updated mplayer packages to address buffer overflow vulnerability,
security
[ MDKSA-2007:062 ] - Updated xine-lib packages to address buffer overflow vulnerability,
security
[Full-disclosure] CarolinaCon presentation drafts,
Vic Vandal
[VulnWatch] Unrarlib 0.4.0 (urarlib_get) Local buffer overflow,
starcadi
CORE-2007-0219: OpenBSD's IPv6 mbufs remote kernel buffer overflow,
CORE Security Technologies Advisories
[Full-disclosure] New report on Windows Vista network attack surface,
Jim Hoagland
[Full-disclosure] [ GLSA 200703-11 ] Amarok: User-assisted remote execution of arbitrary code,
Raphael Marichez
[Full-disclosure] [SECURITY] [DSA 1266-1] New gnupg packages fix signature forgery,
Moritz Muehlenhoff
[Full-disclosure] [Advisory]McAfee ePolicy Orchestrator Multiple Remote Buffer Overflow Vulnerabilities,
hfli
[Full-disclosure] n.runs-SA-2007.006 - PHProjekt 5.2.0 - Privilege escalation,
security
[Full-disclosure] n.runs-SA-2007.004 - PHProjekt 5.2.0 - Cross Site Scripting and Filter Evasion,
security
[Full-disclosure] n.runs-SA-2007.003 - PHProjekt 5.2.0 - SQL Injection,
security
[Full-disclosure] n.runs-SA-2007.005 - PHProjekt 5.2.0 - Cross Site Request Forgery,
security
[Full-disclosure] [ GLSA 200703-12 ] SILC Server: Denial of Service,
Matthias Geerdsen
[Full-disclosure] SEC Consult SA-20070314-0 :: Apache HTTP Server / Tomcat directory traversal,
David Matscheko
[Full-disclosure] Python 2.5 (Modules/zlib) minigzip local buffer overflow vulnerability,
starcadi starcadi
[Full-disclosure] XSS on RIS of the Austrian Government,
Florian Stinglmayr
SymEvent Driver Local Access System Denial of Service,
Matousec - Transparent security Research
[Full-disclosure] iDefense Security Advisory 03.14.07: Trend Micro Antivirus UPX Parsing Kernel Divide by Zero Vulnerability,
iDefense Labs
Fwd: Python 2.5 (Modules/zlib) minigzip local buffer overflow vulnerability,
starcadi starcadi
Re: Re: [Full-disclosure] PHP import_request_variables() arbitrary variable overwrite,
retrog
[ECHO_ADV_71$2007] AMP v3.2 (base_path) Remote File Inclusion Vulnerability,
erdc
[ECHO_ADV_72$2007] CARE2X (root_path) Remote File Inclusion Vulnerability,
erdc
[ECHO_ADV_74$2007] WebCreator <= 0.2.6-rc3 (moddir) Remote File Inclusion Vulnerability,
erdc
[Full-disclosure] bindtty.c can not use in RHEL4 box,
modversion
WSN Guest 1.21 Version Comments.PHP "ID" SQL Injection Exploit,
UniquE
[Full-disclosure] GMail Contact Information Disclosure PoC,
beNi
[Full-disclosure] Phishing using IE7 local resource vulnerability,
avivra
[Full-disclosure] heee he,
heeeee he
[Full-disclosure] [ GLSA 200703-13 ] SSH Communications Security's Secure Shell Server: SFTP privilege escalation,
Raphael Marichez
Woltab Burning Board SQL Injection usergroups.php,
x666
[Full-disclosure] Horde IMP Webmail Client version H3 (4.1.4) fixes multiple XSS issues,
Moritz Naumann
[Full-disclosure] Horde 3.1.4 (RC1) fixes XSS issue,
Moritz Naumann
[funsec] [Fwd: Iframe-Cash/Iframe-Dollars Adware bundle...oooh... my ....god..],
rms
[funsec] Security Fix: Tracking the Password Thieves,
Fergie
[funsec] Spammer DUI mug shot,
RLVaughn
[funsec] Happy Pi Day,
Fergie
[funsec] Trend Micro Acquires HijackThis! Antispyware,
Fergie
[funsec] Music-swapping hurts national security?,
Rob, grandpa of Ryan, Trevor, Devon & Hannah
[funsec] happy pi day!,
Gadi Evron
[funsec] Hijack This downloadable from Trend Micro site,
Juha-Matti Laurio
[funsec] The guy who really caused the Iraq quagmire,
Richard M. Smith
[Full-disclosure] Woltab Burning Board SQL Injection usergroups.php,
x666
[funsec] no more Stargate SG-1?,
Gadi Evron
- Re: [funsec] no more Stargate SG-1?,
Peter Evans
- Re: [funsec] no more Stargate SG-1? [SPOILERS],
Gadi Evron
- Re: [funsec] no more Stargate SG-1? [SPOILERS],
Peter Evans
- anime thread [was: Re: [funsec] no more Stargate SG-1? [SPOILERS]],
Gadi Evron
- [funsec] Eats shoots and leaves... (was Re: anime thread,
Valdis . Kletnieks
- [funsec] Re: Eats shoots and leaves... (was Re: anime thread,
Gadi Evron
- [funsec] Re: Eats shoots and leaves... (was Re: anime thread,
Valdis . Kletnieks
- [funsec] Re: Eats shoots and leaves... (was Re: anime thread,
Gadi Evron
- [funsec] Re: Eats shoots and leaves... (was Re: anime thread,
Valdis . Kletnieks
- [funsec] Re: Eats shoots and leaves... (was Re: anime thread,
Gadi Evron
- Re: [funsec] Re: Eats shoots and leaves... (was Re: anime thread,
Drsolly
- Re: anime thread [was: Re: [funsec] no more Stargate SG-1? [SPOILERS]],
Kevin McAleavey
- [funsec] Re: anime thread [was: R ..,
Peter Evans
- Re: [funsec] Re: anime thread [was: R ..,
Gadi Evron
- Re: [funsec] no more Stargate SG-1? [SPOILERS],
Valdis . Kletnieks
- Re: [funsec] no more Stargate SG-1?,
Reed Loden
- <Possible follow-ups>
- Re: [funsec] no more Stargate SG-1?,
Gadi Evron
- Re: [funsec] no more Stargate SG-1?,
Gadi Evron
[funsec] Heroes flow-chart,
Gadi Evron
[Full-disclosure] Norton Insufficient validation of 'SymTDI' driver input buffer,
Matousec - Transparent security Research
[ECHO_ADV_76$2007] Company WebSite Builder PRO (INCLUDE_PATH) Remote File Inclusion Vulnerability,
erdc
IBM Rational ClearQuest Web - Cross Site Scripting,
james
[ECHO_ADV_75$2007] Groupit 2.00b5 (c_basepath) Remote File Inclusion Vulnerability,
erdc
Orion-Blog v2.0 Version Remote Privilege Escalation Exploit,
UniquE
Norton Insufficient validation of 'SymTDI' driver input buffer,
Matousec - Transparent security Research
[Full-disclosure] iDefense Security Advisory 03.15.07: Horde Project Cleanup Script Arbitrary File Deletion Vulnerability,
iDefense Labs
XSS vulnerability in the online help system of several Cisco products,
cassio
Remote File Inclusion in ViperWeb,
asamad
[Full-disclosure] tinyurl.com - Local Clipboard,
jay.tomas
PHP <= 4.4.6 ibase_connect() local buffer overflow,
retrog
Re: Phishing using IE7 local resource vulnerability,
robert
[Full-disclosure] QFTP (LIBFtp 3.1-1) (command line) sprintf() local buffer overflow,
starcadi starcadi
[Full-disclosure] LIBFtp 5.0 (sprintf(), strcpy()) Multiple local buffer overflow,
starcadi starcadi
QFTP (LIBFtp 3.1-1) (command line) sprintf() local buffer overflow,
starcadi starcadi
- Call for chapters - Handbook of Research on Digital Anti-forensics and In-security Governance,
Jeimy Cano
[funsec] "'Best practices' for antispyware makers finalized" (C|Net),
Paul Vixie
LIBFtp 5.0 (sprintf(), strcpy()) Multiple local buffer overflow,
starcadi starcadi
WebCalendar v0.9.45 (13 Dec 2004) (login.php) Remote File include,
drackanz
PHP Point Of Sale for osCommerce <= (index.php) Remote File Include Vuln,
BorN To K!LL BorN To K!LL
Absolute Image Gallery Gallery.ASP (categoryid) MSSQL Injection Exploit,
UniquE
Re: [Full-disclosure] Python 2.5 (Modules/zlib) minigzip local buffer overflow vulnerability,
Ulf Harnhammar
[Full-disclosure] [SECURITY] [DSA 1267-1] New webcalendar packages fix remote file inclusion,
Moritz Muehlenhoff
[VulnWatch] QFTP (LIBFtp 3.1-1) (command line) sprintf() local buffer overflow,
starcadi starcadi
[Full-disclosure] [CAID 34817, 35058, 35158, 35159]: CA BrightStor ARCserve Backup Tape Engine and Portmapper Vulnerabilities,
Williams, James K
[VulnWatch] LIBFtp 5.0 (sprintf(), strcpy()) Multiple local buffer overflow,
starcadi starcadi
[Full-disclosure] Tel Aviv University Security Forum - 18th of March,
Gadi Evron
[Full-disclosure] April, 2007 is the "Month of Myspace Bugs",
Mondo Armando
[Full-disclosure] TOOL: LLTD implementation in Perl,
GomoR
DirectAdmin Cross Site Scripting XSS,
Mandr4ke . root
MS07-012 Not Fixed,
Greg Sinclair
[CAID 34817, 35058, 35158, 35159]: CA BrightStor ARCserve Backup Tape Engine and Portmapper Vulnerabilities,
Williams, James K
Rot 13 <= (enkrypt.php) Remote File Disclosure Vulnerability,
BorN To K!LL BorN To K!LL
Oracle Portal PORTAL.wwv_main.render_warning_screen XSS,
Sea Shark
RE: [VulnWatch] iDefense Security Advisory 03.14.07: Trend Micro Antivirus UPX Parsing Kernel Divide by Zero Vulnerability,
Topolski, Leo
Re: fx-APP Version 0.0.8.1,
osdesk
Call For Papers - IT Underground Dublin,
Marcin Tkaczyk
[Full-disclosure] OWASP Spring of Code 2007,
Dinis Cruz
April, 2007 is the "Month of Myspace Bugs",
mondo_armando
iDefense Security Advisory 03.16.07: Multiple Vendor libwpd Multiple Buffer Overflow Vulnerabilities,
iDefense Labs
Your Opinion,
Mark Litchfield
- Re: Your Opinion,
bugtraq
- Re: Your Opinion,
Jonathan Glass (GM)
- RE: Your Opinion,
Mario Contestabile
- Re: Your Opinion,
Crispin Cowan
- Re: Your Opinion,
William A. Rowe, Jr.
- RE: Your Opinion,
Scott Blake
- Re: Your Opinion,
The Fungi
- Re: Your Opinion,
Casper . Dik
- RE: Your Opinion,
Jim Harrison
- Re: Your Opinion,
Forrest J. Cavalier III
- Re: Your Opinion,
Paul Stepowski
- <Possible follow-ups>
- Re: Your Opinion,
Neil Dickey
- RE: Your Opinion,
jay.tomas
- RE: Your Opinion,
Neale Green
Particle Blogger All Version Post.PHP (PostID) Remote SQL Injection Exploit,
UniquE
rPSA-2007-0056-1 gnupg,
rPath Update Announcements
rPSA-2007-0057-1 libwpd,
rPath Update Announcements
[funsec] "Fortinet: Beware of Google's Blogger" (C|Net),
Paul Vixie
[ MDKSA-2007:063 ] - Updated libwpd packages to address heap overflow vulnerabilities,
security
[ MDKSA-2007:064 ] - Updated openoffice.org packages to address libwpd heap overflow vulnerabilities,
security
Re: [Bogus] Lazarus Guestbook (admin.php)Remote File Include Expliot,
Steven M. Christey
[NETRAGARD-20070316 SECURITY ADVISORY][FrontBase Database <= 4.2.7 ALL PLATFORMS][REMOTE BUFFER OVERFLOW CONDITION][LEVEL: EASY][RISK:MEDIUM],
Netragard Security Advisories
[Full-disclosure] Call For Papers - IT Underground Dublin,
Marcin Tkaczyk
[Full-disclosure] Double Trap XSS Injection : An Analysis,
Aditya K Sood
[Full-disclosure] [ MDKSA-2007:063 ] - Updated libwpd packages to address heap overflow vulnerabilities,
security
[Full-disclosure] [ MDKSA-2007:064 ] - Updated openoffice.org packages to address libwpd heap overflow vulnerabilities,
security
[Full-disclosure] [ GLSA 200703-14 ] Asterisk: SIP Denial of Service,
Raphael Marichez
[Full-disclosure] [ GLSA 200703-15 ] PostgreSQL: Multiple vulnerabilities,
Raphael Marichez
[Full-disclosure] [ GLSA 200703-16 ] Apache JK Tomcat Connector: Remote execution of arbitrary code,
Raphael Marichez
Bypassing Mcafee Entreprise Password Protection,
thesinoda
CLBOX <= (signup.php header) Remote File Include Vulnerability,
BorN To K!LL BorN To K!LL
Your Opinion +,
Mark Litchfield
[Full-disclosure] ANNOUNCE: Apache-SSL release, version 1.3.37+ssl_1.57,
Adam Laurie
[funsec] 50 years,
Alex Eckelberry
[funsec] Colorado Woman Sues To Hold Web Crawlers To Contracts,
'Richard M. Smith'
[funsec] Re: funsec Digest, Vol 19, Issue 28,
RMueller
- Message not available
- Re: [funsec] Re: funsec Digest, Vol 19, Issue 28,
der Mouse
- Re: [funsec] Re: funsec Digest, Vol 19, Issue 28,
Drsolly
- Re: [funsec] Re: funsec Digest, Vol 19, Issue 28,
Brian Loe
- Re: [funsec] Re: funsec Digest, Vol 19, Issue 28,
Valdis . Kletnieks
- Re: [funsec] Re: funsec Digest, Vol 19, Issue 28,
Brian Loe
- Re: [funsec] Re: funsec Digest, Vol 19, Issue 28,
Peter Evans
[Full-disclosure] Rhapsody IRC 0.28b (NICK) Multiple fs and bof vulnerability,
starcadi
[funsec] Does Verizon Wireless (or Windows Mobile) really know what time it is?,
'Richard M. Smith'
[Full-disclosure] [SECURITY] [DSA 1268-1] New libwpd packages fix arbitrary code execution,
Martin Schulze
Rhapsody IRC 0.28b (NICK) Multiple fs and bof vulnerability,
starcadi
[Full-disclosure] fabios ultra vulnerability extravaganza,
fabiodancedjsupreme
[VulnWatch] Rhapsody IRC 0.28b (NICK) Multiple fs and bof vulnerability,
starcadi
[Full-disclosure] Web Security and Bookmarklet Exploits,
pdp (architect)
[Full-disclosure] [SECURITY] [DSA 1269-1] New lookup-el packages fix insecure temporary file,
Martin Schulze
[funsec] [Fwd: NIGERIAN SCAM (PLEASE CONTACT ECONOMIC AND FINACIAL CRIME COMMISSION)],
Jeff Kell
[Full-disclosure] nac-gaf spam attacks,
Steve Cooperman
[Full-disclosure] [ GLSA 200703-17 ] ulogd: Remote execution of arbitrary code,
Raphael Marichez
[Full-disclosure] [ GLSA 200703-18 ] Mozilla Thunderbird: Multiple vulnerabilities,
Raphael Marichez
[Full-disclosure] [ GLSA 200703-19 ] LTSP: Authentication bypass in included LibVNCServer code,
Raphael Marichez
[Full-disclosure] [ GLSA 200703-20 ] LSAT: Insecure temporary file creation,
Raphael Marichez
[funsec] Researchers Track Down a Plague of Fake Web Pages,
'Richard M. Smith'
[Full-disclosure] Layered Defense Research Advisory: F-Secure Anti-Virus Client Security 6.02 Format String Vulnerability,
Deral Heiland
[Full-disclosure] unsubscribe,
Tucker Jeff
- <Possible follow-ups>
- [Full-disclosure] UNSUBSCRIBE,
Jones, Jeff (Enterprise Security)
- Re: [Full-disclosure] UNSUBSCRIBE,
M. Shirk
- Re: [Full-disclosure] UNSUBSCRIBE,
Jay Sulzberger
- Re: [Full-disclosure] UNSUBSCRIBE,
James Matthews
- Re: [Full-disclosure] UNSUBSCRIBE,
sushil Agarwal
- Re: [Full-disclosure] UNSUBSCRIBE,
gjgowey
- Re: [Full-disclosure] UNSUBSCRIBE,
S/U/N
- Re: [Full-disclosure] UNSUBSCRIBE,
gjgowey
- Re: [Full-disclosure] UNSUBSCRIBE,
Paul Ooi Cong Jen
- Re: [Full-disclosure] UNSUBSCRIBE,
Ferdinand Klinzer
- Re: [Full-disclosure] UNSUBSCRIBE,
Fabrizio
- Re: [Full-disclosure] UNSUBSCRIBE,
Harry Muchow
- Re: [Full-disclosure] UNSUBSCRIBE,
gjgowey
- Re: [Full-disclosure] UNSUBSCRIBE,
Valdis . Kletnieks
- Re: [Full-disclosure] UNSUBSCRIBE,
Juha-Matti Laurio
- Re: [Full-disclosure] UNSUBSCRIBE,
full-disclosure
- [Full-disclosure] unsubscribe,
LT
[funsec] Firm says US is hotbed of illegal cyber activity,
'Richard M. Smith'
Full Disclosure: Arbitrary execution vulnerability in SQL-Ledger and LedgerSMB,
Chris Travers
Net Portal Dynamic System (NPDS) <= 5.10 Remote Code Execution 0day,
gmdarkfig
MetaForum <= 0.513 Beta - Remote file upload Vulnerability,
aeroxteam------nospam-----
Unclassified NewsBoard 1.6.3 multiples logs disclosure,
none
Layered Defense Research Advisory: F-Secure Anti-Virus Client Security 6.02 Format String Vulnerability,
dh
CCleaguePro_V1.0.1RC1 Directory Traversal Vulnerability,
snakeapollon
phpx 3.5.15 multiples vulnerabilities,
none
[Full-disclosure] Asterisk SDP DOS vulnerability,
Radu State
[Full-disclosure] w-agora version 4.2.1 Multiple Path Disclosure Vulnerabilities,
Jesper Jurcenoks
[Full-disclosure] w-agora version 4.2.1 Information Disclosure Vulnerability,
Jesper Jurcenoks
Conflict of Interest - My summary,
Mark Litchfield
[Full-disclosure] A new apache 1.x 0day,
x666
[Full-disclosure] dkftpbench 0.45 (Platoon:init) Local buffer overflow vulnerability,
starcadi
[Reversemode Advisory] Microsoft Windows Ndistapi.sys IRQL escalation,
Reversemode
w-agora version 4.2.1 Multiple Path Disclosure Vulnerabilities,
jesper . jurcenoks
w-agora version 4.2.1 Information Disclosure Vulnerability,
jesper . jurcenoks
[funsec] Thief woos bank staff with chocolates - then steals diamonds worth £14m,
John LaCour
[VulnWatch] dkftpbench 0.45 (Platoon:init) Local buffer overflow vulnerability,
starcadi
[Full-disclosure] cftp 0.12 (readrc) Local buffer overflow vulnerability,
starcadi
[Full-disclosure] [USN-437-1] libwpd vulnerability,
Kees Cook
[Full-disclosure] ZynOS v3.40 One packet killer,
Joxean Koret
[Full-disclosure] Microsoft coverup ? Stolen Xbox live accounts list of known victims - Please Help,
Kevin Finisterre (lists)
[Full-disclosure] Sexy, spankable 22 year old girl looking for a wild time,
Miss Aveline
- Re: [Full-disclosure] Sexy, spankable 22 year old girl looking for a wild time,
Ken Swain
- Re: [Full-disclosure] Sexy, spankable 22 year old girl looking for a wild time,
cocoruder .
- Re: [Full-disclosure] Sexy, spankable 22 year old girl looking for a wild time,
C. Hamby
- Re: [Full-disclosure] Sexy, spankable 22 year old girl looking for a wild time,
Michael Silk
- Re: [Full-disclosure] Sexy, spankable 22 year old girl looking for a wild time,
crazy frog crazy frog
- Re: [Full-disclosure] Sexy, spankable 22 year old girl looking for a wild time,
Valdis . Kletnieks
- Re: [Full-disclosure] Sexy, spankable 22 year old girl looking for a wild time,
Nick FitzGerald
- Re: [Full-disclosure] Sexy, spankable 22 year old girl looking for a wild time,
evilrabbi
- Re: [Full-disclosure] Sexy, spankable 22 year old girl looking for a wild time,
scott
- Re: [Full-disclosure] Sexy, spankable 22 year old girl looking for a wild time,
Michael Silk
- Re: [Full-disclosure] Sexy, spankable 22 year old girl looking for a wild time,
str0ke
- Re: [Full-disclosure] Sexy, spankable 22 year old girl looking for a wild time,
evilrabbi
- Re: [Full-disclosure] Sexy, spankable 22 year old girl looking for a wild time,
Dude VanWinkle
- Re: [Full-disclosure] Sexy, spankable 22 year old girl looking for a wild time,
rob musial
- Re: [Full-disclosure] Sexy, spankable 22 year old girl looking for a wild time,
Knud Erik Højgaard
Re: [Full-disclosure] Sexy, spankable 22 year old girl looking for a wild time,
rgolodner
[Full-disclosure] CISCO Phone 7940 DOS vulnerability,
Radu State
[Full-disclosure] Phishing site,
fabio
[funsec] Computer error rocks Alaska's fund,
Richard M. Smith
[VulnWatch] cftp 0.12 (readrc) Local buffer overflow vulnerability,
starcadi
Oracle 10g Dynamic Monitoring Services XSS /servlet/Spy,
Sea Shark
Web Wiz Forums 8.05 (MySQL version) SQL Injection,
Ivan Fratric
[Full-disclosure] Advisory - Redirection Vulnerability in wp-login.php.,
Metaeye SG
Advisory - Redirection Vulnerability in wp-login.php.,
Metaeye SG
w-agora [multiples file upload,xss,full path disclosure,error sql],
none
Microsoft coverup ? Stolen Xbox live accounts list of known victims - Please Help,
Kevin Finisterre (lists)
[Full-disclosure] Mercur SP4 IMAPD,
mu-b
[Full-disclosure] Microsoft Internet Explorer Multiple Vulnerabilities(mshtml.dll),
saied hackeriran
[Full-disclosure] [SECURITY] [DSA 1270-1] New OpenOffice.org packages fix several vulnerabilities,
Martin Schulze
[funsec] kill -9 coz it's my time to shine,
Gadi Evron
Helix Server heap overflow,
research
Linksys WAG200G - Information disclosure,
dniggebrugge
[SECURITY] [DSA 1271-1] New openafs packages fix remote privilege escalation bug,
Noah Meyerhans
[Full-disclosure] [ GLSA 200703-21 ] PHP: Multiple vulnerabilities,
Raphael Marichez
[Full-disclosure] [ GLSA 200703-22 ] Mozilla Network Security Service: Remote execution of arbitrary code,
Raphael Marichez
[Full-disclosure] [ GLSA 200703-23 ] WordPress: Multiple vulnerabilities,
Raphael Marichez
[Full-disclosure] [ MDKSA-2007:065 ] - Updated nas packages address multiple vulnerabilities,
security
[Full-disclosure] [ MDKSA-2007:066 ] - Updated OpenAFS packages address vulnerability,
security
[Full-disclosure] [USN-438-1] Inkscape vulnerability,
Kees Cook
[Full-disclosure] Newest hacks,
wangkaig
[Full-disclosure] Chinese Professor Cracks Fifth Data Security Algorithm (SHA-1),
Michael Silk
[Full-disclosure] Grandstream Budge Tone-200 denial of service vulnerability,
Radu State
[funsec] another one bites the dust (SHA-1),
Gadi Evron
[funsec] Magazine Will Begin Consulting With Experts,
Richard M. Smith
[funsec] SafeInt class and exceptions,
Larry Seltzer
[ MDKSA-2007:065 ] - Updated nas packages address multiple vulnerabilities,
security
[ MDKSA-2007:066 ] - Updated OpenAFS packages address vulnerability,
security
Secunia Research: InterActual Player / CinePlayer IASystemInfo.dll ActiveX Control Buffer Overflow,
Secunia Research
Secunia Research: Evolution Shared Memo Categories Format String Vulnerability,
Secunia Research
Secunia Research: XMMS Integer Overflow and Underflow Vulnerabilities,
Secunia Research
[security bulletin] HPSBUX02156 SSRT061236 rev.2 - HP-UX Running Thunderbird, Remote Unauthorized Access or Elevation of Privileges or Denial of Service (DoS),
security-alert
HPSBGN02189 SSRT071297 rev.2 - ServiceGuard for Linux, Remote Unauthorized Access,
security-alert
Two new DoS Vulnerabilities in Asterisk Fixed,
Matt Riddell (NZ)
[Full-disclosure] I did not have sexual relations with that woman (xbox live pretexting),
Kevin Finisterre (lists)
[Full-disclosure] [USN-440-1] MySQL vulnerability,
Kees Cook
[Full-disclosure] [USN-439-1] file vulnerability,
Kees Cook
[Full-disclosure] Secunia Research: InterActual Player / CinePlayer IASystemInfo.dll ActiveX Control Buffer Overflow,
Secunia Research
[Full-disclosure] Secunia Research: Evolution Shared Memo Categories Format String Vulnerability,
Secunia Research
[Full-disclosure] Secunia Research: XMMS Integer Overflow and Underflow Vulnerabilities,
Secunia Research
[Full-disclosure] FLEA-2007-0001-1: firefox,
Foresight Linux Essential Announcement Service
[Full-disclosure] ZombieMap - GEO Zombie Mapper,
pdp (architect)
[Full-disclosure] rPSA-2007-0059-1 file,
rPath Update Announcements
[Full-disclosure] Exploiting Microsoft dynamic Dns updates,
Andres Tarasco
[Full-disclosure] IntraProgrammed Search Engines Are XSS Driven,
Aditya K Sood
[funsec] Why isn't the CIA using this Gozi Trojan technology in Iran?,
Richard M. Smith
[funsec] Computer forensics meets campaign 2008,
Richard M. Smith
[funsec] Debugging Backwards in Time,
Richard M. Smith
**SubHub v2.3.0**,
anon
[ECHO_ADV_77$2007] Study planner (Studiewijzer) <= 0.15 Remote File Inclusion Vulnerability,
erdc
CFP for RAID 2007: Extended due date for papers: April 8th,
jeffh
ManageEngine Firewall Analyzer arbitrary file disclosure to authorized user,
yearsilent
Remote File Include In copyright © James Coyle; JCcorp,
RaeD Hasadya
[Full-disclosure] [ MDKSA-2007:067 ] - Updated file packages fix heap-based buffer overflow vulnerability,
security
[funsec] Fwd: [ PRIVACY Forum ] Intuit's Amazing Web Pricing Roulette,
rms
Remote File Include In Coppermine Photo Gallery,
RaeD Hasadya
[ MDKSA-2007:067 ] - Updated file packages fix heap-based buffer overflow vulnerability,
security
[Full-disclosure] [ MDKSA-2007:068 ] - Updated squid packages fix DoS vulnerability,
security
[Full-disclosure] [SECURITY] [DSA 1272-1] New tcpdump packages fix denial of service,
Moritz Muehlenhoff
[NB07-22] Multiple vulnerabilities in NETxEIB OPC server,
Lluis Mora
[NB07-17] Multiple vulnerabilities in Takebishi Electric DeviceXplorer SYSMAC OPC server,
Lluis Mora
[NB07-07] Multiple vulnerabilities in Takebishi Electric DeviceXplorer HIDIC OPC server,
Lluis Mora
[NB07-08] Multiple vulnerabilities in Takebishi Electric DeviceXplorer MELSEC OPC server,
Lluis Mora
[NB07-09] Multiple vulnerabilities in Takebishi Electric DeviceXplorer FA-M3 OPC server,
Lluis Mora
[NB07-10] Multiple vulnerabilities in Takebishi Electric DeviceXplorer MODBUS OPC server,
Lluis Mora
[ MDKSA-2007:068 ] - Updated squid packages fix DoS vulnerability,
security
[Full-disclosure] [ MDKSA-2007:069 ] - Updated inkscape packages to format string vulnerability,
security
[Full-disclosure] Microsoft Windows Vista - Windows Mail Client Side Code Execution Vulnerability,
Kingcope
[Full-disclosure] dproxy - arbitrary code execution through stack buffer overflow vulnerability,
Alexander Klink
[Full-disclosure] XBOX ID's being Jacked,
richfa1
CRLF injection in PHP ftp function,
fangxiaodun
[ MDKSA-2007:069 ] - Updated inkscape packages to format string vulnerability,
security
[Full-disclosure] Fuzzled - Perl fuzzing framework,
Tim Brown
[Full-disclosure] iDefense Security Advisory 03.23.07: DataRescue IDA Pro Remote Debugger Server Authentication Bypass Vulnerability,
iDefense Labs
[Full-disclosure] iDefense Security Advisory 03.23.07: Sun Java System Directory Server 5.2 Uninitialized Pointer Cleanup Design Error Vulnerability,
iDefense Labs
[Full-disclosure] Fix Update: Disable Google Desktop Link Integration with IE & FireFox,
Debasis Mohanty
Joomla com_joomlaboard 1.1.x Branch (sbp) Multiple Remote File Include Vulnerabi,
Cold - Zero
[Full-disclosure] POC: for Asterisk SIP INVITE remote DOS,
Radu State
[Full-disclosure] FLEA-2007-0002-1: inkscape,
Foresight Linux Essential Announcement Service
File Upload System V1.0 (AD_BODY_TEMP) multiple file include,
ngevedBangetAsli
Remote File Include In phpBB-2.0.19,
RaeD Hasadya
[Full-disclosure] Fizzle : Firefox Extension Vulnerability,
CrYpTiC MauleR
[Full-disclosure] hi5 Antiphishing Departement,
beNi
Re: [Full-disclosure] Local user to root escalation in apache 1.3.34 (Debian only),
Nikolay Kichukov
[funsec] "Evil" MySpace,
rms
[Full-disclosure] Redirection vulnerability in oracle entreprise manager,
handrix cobra
[Full-disclosure] Phishing vulnerability in oracle entreprise manager,
handrix cobra
[Full-disclosure] Phishtank.com Gone?,
Michael Ward
[Full-disclosure] I'm not the only one who can't resolve phishtank.com, but some can..,
Michael Ward
[Full-disclosure] FLEA-2007-0003-1: cups,
Foresight Linux Essential Announcement Service
[funsec] London ain't on the cheap side,
Gadi Evron
[Full-disclosure] Libero.it (italian ISP) XSS vulnerability,
Rosario Valotta
[Full-disclosure] Xbox live account stolen.,
David Vernaci
[Full-disclosure] RainbowCrack-Online,
T Biehn
[Full-disclosure] Rootkit.com : Prone To Redirection and Looping Attacks,
Aditya K Sood
CcCounter 2.0 cross-site scripting vulnerability,
localexploit
Path Disclosure - Wordpress 2.1.2,
lj
Horde Webmail Multiple HTML Injection vulnerability,
DoZ
Mephisto blog is vulnerable to XSS,
Sergey Tikhonov
Satel Lite for PhpNuke (Satellite.php) <= Local File Inclusion,
stormhacker
Multiple XSS in IronMail,
Javier Olascoaga
PHP 5.2.1 with PECL phpDOC local buffer overflow,
retrog
Playstation 3 "Remote Play" Remote DoS Exploit,
mak0b
Libero.it (italian ISP) XSS vulnerability,
rosario . valotta
[USN-441-1] Squid vulnerability,
Kees Cook
[Full-disclosure] [USN-442-1] Evolution vulnerability,
Kees Cook
[Full-disclosure] [ GLSA 200703-24 ] mgv: Stack overflow in included gv code,
Raphael Marichez
[funsec] "Spammer That Sued Spamhaus Now Sued for Spamming" (slashdot),
Paul Vixie
[Full-disclosure] SignKorea's ActiveX Buffer Overflow Vulnerability,
Alex Park
[Full-disclosure] Metasploit Framework 3.0 RELEASED!,
H D Moore
[Full-disclosure] Linux Kernel DCCP Memory Disclosure Vulnerability,
Robert Święcki
[Full-disclosure] [ MDKSA-2007:070 ] - Updated evolution packages to address vulnerability,
security
Xoops All Version -Articles- Print.PHP (ID) Blind SQL Injection Exploit And PoC,
UniquE
Metasploit Framework 3.0 RELEASED!,
H D Moore
[KAPDA::#64] - Flexbb Sql Injection,
alireza hassani
[Full-disclosure] RainbowCrack-Online Drama,
T Biehn
[ECHO_ADV_78$2007] C-Arbre <= 0.6PR7 (root_path) Remote File Inclusion Vulnerability,
erdc
[KDE Security Advisory] KDE ioslave PASV port scanning vulnerability,
Dirk Mueller
[Full-disclosure] Buffer Overflow in InterVetions' NaviCopa HTTP server 2.01,
skillTube.com
Yahoo! Messenger Auth Bypass Vulnerability,
kishor . tech
[ MDKSA-2007:070 ] - Updated evolution packages to address vulnerability,
security
Buffer Overflow in InterVetions' NaviCopa HTTP server 2.01,
skillTube.com
[SECURITY] [DSA 1273-1] New nas packages fix multiple remote vulnerabilities,
Noah Meyerhans
[funsec] UK: Six-Year-Old Successfully Hacks MP's Computer,
Fergie
Re: [funsec] UK: Six-Year-Old Successfully Hacks MP's Computer,
Valdis . Kletnieks
[Full-disclosure] Remote DOS HP JetDirect Print Servers,
handrix cobra
[Full-disclosure] Rootkit.com Redirection Looping Attack Analysis,
Aditya K Sood
[Full-disclosure] [USN-443-1] Firefox vulnerability,
Kees Cook
[funsec] FBI: Member Of Transnational Crime Ring Arrested For eBay Fraud,
Fergie
[Full-disclosure] [USN-444-1] OpenOffice.org vulnerabilities,
Kees Cook
[Full-disclosure] [USN-445-1] XMMS vulnerabilities,
Kees Cook
[funsec] RFID Feared as Possible Terrorist Target?,
Fergie
[Full-disclosure] [USN-446-1] NAS vulnerabilities,
Kees Cook
[funsec] I think that more of my state tax dollars need to go to security,
Don Blumenthal
- Re: [funsec] I think that more of my state tax dollars need to go to security,
Valdis . Kletnieks
- Re: [funsec] I think that more of my state tax dollars need to go to security,
Drsolly
- Re: [funsec] I think that more of my state tax dollars need to go to security,
Valdis . Kletnieks
- Re: [funsec] I think that more of my state tax dollars need to go to security,
Drsolly
- RE: [funsec] I think that more of my state tax dollars need to goto security,
David Harley
- RE: [funsec] I think that more of my state tax dollars need to goto security,
Drsolly
- RE: [funsec] I think that more of my state tax dollars need to goto security,
David Harley
- Re: [funsec] I think that more of my state tax dollars need to goto security,
Ken Dyke
- RE: [funsec] I think that more of my state tax dollars need to goto security,
Young, Keith
- Re: [funsec] I think that more of my state tax dollars need to goto security,
Brian Loe
- Re: [funsec] I think that more of my state tax dollars need to goto security,
Ken Dyke
- Re: [funsec] I think that more of my state tax dollars need to go to security,
Don Blumenthal
- Message not available
[Full-disclosure] Corel Wordperfect X3 Stack Overflow,
jonnyboi
[Full-disclosure] iDefense Security Advisory 03.28.07: IBM Lotus Domino Web Access Cross Site Scripting Vulnerability,
iDefense Labs
[Full-disclosure] iDefense Security Advisory 03.28.07: IBM Lotus Domino Server LDAP Request Invalid DN Message Heap Overflow Vulnerability,
iDefense Labs
Bypass phishing protection in Firefox / Opera,
zonafirefox
Corel Wordperfect Office X3 Stack Overflow,
jonny
[Full-Disclosure] Another XSS vulnerability in italian Libero.it,
Matteo G.P. Flora
[Full-disclosure] Cisco Security Advisory: Multiple Cisco Unified CallManager and Presence Server Denial of Service Vulnerabilities,
Cisco Systems Product Security Incident Response Team
[Full-disclosure] Another XSS vulnerability in Italian provider Libero.it,
LK
Re: [Full-disclosure] SecurityVulns.com: Microsoft Visual C++ 8.0 standard library time functions invalid assertion DoS (Problem 3000).,
William A. Rowe, Jr.
[Full-disclosure] ZDI-07-011: IBM Lotus Domino IMAP Server CRAM-MD5 Authentication Buffer Overflow Vulnerability,
zdi-disclosures
Re: Multiple Vulnerabilities In osTicket,
eticket
[Full-disclosure] Update: ViewCVS and ViewVC 'checkout view' content type fixation issue,
Moritz Naumann
Re: [SECURITY ALERT] osTicket bugs,
eticket
[Full-disclosure] NewOrder.box.sk Inherits Severe Redirection Vulnerability,
Aditya K Sood
[Full-disclosure] [SECURITY] [DSA 1270-2] New OpenOffice.org packages fix several vulnerabilities,
Martin Schulze
Denial of Service Vulnerabilities in TrueCrypt 4.3 Linux (re. bid 23180),
Tim Rees
[funsec] F-Secure: So, What Does The Enemy Look Like in Real Life?,
Fergie
Arbitrary Command Execution in DataDomain Administrator Interface,
Elliot Kendall
[funsec] Only '...130 malware active in China!',
Fergie
[Full-disclosure] Kathy Sierra,
djbb
[funsec] Fortune 1000 Companies Hosting Bots in The Perimeter,
Fergie
[funsec] Rogue DNS Servers,
Fergie
[Full-disclosure] [USN-447-1] KDE library vulnerabilities,
Kees Cook
[VulnWatch] Microsoft Windows Vista Slideshow Unspecified Blue Screen Of Death Vulnerability,
Michał Majchrowicz
[VulnWatch] Libero.it (italian ISP) XSS vulnerability,
Rosario Valotta
[funsec] Store IDs led to arrests,
rms
[Full-disclosure] rPSA-2007-0061-1 inkscape,
rPath Update Announcements
[Full-disclosure] Widespread vulnerabilities in Libero.it/Infostrada.it web portals,
Rosario Valotta
Re: [Full-disclosure] Another XSS vulnerability in Italian providerLibero.it,
paura
Xoops Module Friendfinder <= 3.3 (view.php id) BLIND SQL Injection Exploit,
ajannhwt
Advanced Login <= 0.7 (root) Remote File Inclusion Vulnerability,
bithedz
Widespread vulnerabilities in Libero.it/Infostrada.it web portals,
rosario . valotta
Windows Live Spaces logged user NetworkSetup.aspx cross site scripting,
paolo . difebbo
[Full-disclosure] [ MDKSA-2007:071 ] - Updated xmms packages to address integer vulnerabilities,
security
AOL 9.0 Deskbar.dll/Toolbar.dll DoS Vulnerability,
Justin Seitz
[ MDKSA-2007:071 ] - Updated xmms packages to address integer vulnerabilities,
security
[Full-disclosure] iDefense Security Advisory 03.29.07: IBM Lotus Sametime JNILoader Arbitrary DLL Load Vulnerability,
iDefense Labs
[Full-disclosure] Buy 0day vulnerability,
opportunity2007
[Full-disclosure] FLEA-2007-0004-1: openoffice.org,
Foresight Linux Essential Announcement Service
[Full-disclosure] [ MDKSA-2007:072 ] - Updated kdelibs packages to address FTP PASV issue in konqueror,
security
[Full-disclosure] [ GLSA 200703-25 ] Ekiga: Format string vulnerability,
Raphael Marichez
[ MDKSA-2007:072 ] - Updated kdelibs packages to address FTP PASV issue in konqueror,
security
[funsec] Hackers Attack DoD's myPay Military Wage User Accounts,
Fergie
[Full-disclosure] [ MDKSA-2007:073 ] - Updated openoffice.org packages to address vulnerabilities,
security
[Full-disclosure] FLEA-2007-0005-1: slocate,
Foresight Linux Essential Announcement Service
[ MDKSA-2007:073 ] - Updated openoffice.org packages to address vulnerabilities,
security
[Full-disclosure] VMSA-2007-0002 VMware ESX security updates,
VMware Security team
[funsec] Another "evil" Internet story,
rms
[Full-disclosure] 0-day ANI vulnerability in Microsoft Windows (CVE-2007-0038),
Alexander Sotirov
[Full-disclosure] ANI Zeroday, Third Party Patch,
Marc Maiffret
[Full-disclosure] secure listserv config,
imipak
[Full-disclosure] Preventing Cross-site Request Forgeries,
pdp (architect)
[funsec] 'American Idol' Voting Campaign Slammed With DDoS Attack,
Fergie
[Full-disclosure] MADYNES voip fuzzer,
Juan Perez
Mybb Change Password Vulnerability,
security
DrakeCMS multiple vulerabilities,
security
AIX 4.3 lsmcode local root command execution,
pr1nce_empire
The Week Of Vista Bugs [TWOVB],
TWOVB Team
[funsec] "Fortune 1000 Companies Sending Spam, Phishing" (slashdot),
Paul Vixie
[ECHO_ADV_80$2007] Softerra Time-Assistant <= 6.2 (inc_dir) Remote File Inclusion Vulnerability,
erdc
ANI Zeroday, Third Party Patch,
Marc Maiffret
Re: [Full-disclosure] [VulnWatch] Microsoft Windows Vista Slideshow Unspecified Blue Screen Of Death Vulnerability,
3APA3A
[Full-disclosure] A lot of XSS,
Hanno BÃck
[funsec] My new favorite spammer (kinda sorta offtopic),
Gary Warner
[funsec] Amusing security advice from Microsoft,
rms
[Full-disclosure] [ GLSA 200703-26 ] file: Integer underflow,
Raphael Marichez
Busting The Bluetooth Myth,
Max Moser
[Full-disclosure] TSRT-07-03: America Online SuperBuddy ActiveX Control Code Execution Vulnerability,
TSRT
[Full-disclosure] dproxy-nexgen remote,
mu-b
[Full-disclosure] CA BrightStor ARCserve Backup Mediasvr.exe vulnerability,
Williams, James K
[Full-disclosure] On-going Internet Emergency and Domain Names,
Gadi Evron
[Full-disclosure] n3td3v calls for immediate halt to the month of Myspace bugs,
n3td3v
[Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow,
dev code
- Re: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow,
wac
- <Possible follow-ups>
- Re: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow,
dev code
- Re: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow,
James Matthews
- Re: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow,
Larry Seltzer
- Re: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow,
dev code
- Re: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow,
Larry Seltzer
- Re: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow,
ad@heapoverflow.com
- Re: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow,
ad@heapoverflow.com
- Re: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow -> Its ok, its in IE Protected Mode,
Haroon Meer
- Re: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow,
Dave Aitel
- Re: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow,
Larry Seltzer
- Re: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow,
Alexander Sotirov
- Re: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow,
Thierry Zoller
- Re: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow,
Larry Seltzer
- Re: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow,
Jason Areff
- Re: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow,
Larry Seltzer
- Re: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow,
Jason Areff
- Re: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow,
Larry Seltzer
- Re: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow,
Morning Wood
- Re: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow,
Thierry Zoller
- Re: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow,
Larry Seltzer
- Re: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow,
Thierry Zoller
- Message not available
- Re: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow,
Thierry Zoller
- Message not available
- Message not available
- Re: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow,
Michele Cicciotti
Re: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow,
George Ou
Re: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow,
George Ou
Re: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow,
Alexander Sotirov
Re: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow,
George Ou
Re: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow,
Alexander Sotirov
Re: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow,
George Ou
Re: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow,
Larry Seltzer
Re: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow,
Larry Seltzer
Re: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow,
Alexander Sotirov
Re: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow,
Larry Seltzer
Re: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow,
George Ou
Re: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow,
ad@heapoverflow.com
Re: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow,
Daniel Veditz
Re: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow,
Larry Seltzer
Re: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow,
Alexander Sotirov
Re: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow,
Larry Seltzer
Re: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow,
Alexander Sotirov
Re: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow,
Larry Seltzer
Re: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow,
Peter Ferrie
Re: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow,
Michal Majchrowicz
Re: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow,
wac
Re: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow,
Michal Majchrowicz
Re: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow,
Brooks, Shane
Re: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow,
Knud Erik Højgaard
Re: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow,
wac
Re: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow,
Chris Lyon
Re: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow,
dev code
Re: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow,
Goodfellas Research Security Team - Callax
Re: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow,
Larry Seltzer
Message not available
Re: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow,
George Ou
Re: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow,
Kristian Hermansen
CA BrightStor ARCserve Backup Mediasvr.exe vulnerability,
Williams, James K
Windows .ANI Stack Overflow Exploit,
devcode29
PHP-Fusion 'Calendar_Panel' Module show_event.PHP (m_month) SQL Injection Exploit And PoC,
UniquE
[Full-disclosure] Global Space Exploitation In PHP Based Web Applications,
Aditya K Sood
Remot File Include In SLAED_CMS_2,
RaeD Hasadya
Remot File Include In Shop-SCRIPT FREE,
RaeD Hasadya
Remot File Include In Aardvark Topsites PHP 5,
RaeD Hasadya
[Full-disclosure] [ GLSA 200703-27 ] Squid: Denial of Service,
Raphael Marichez
[Full-disclosure] [ GLSA 200703-28 ] CUPS: Denial of Service,
Raphael Marichez
[funsec] Keyloggers: How They Work and How to Detect Them (Part 1),
Fergie
[funsec] How do you load a .ANI from a web page?,
Larry Seltzer
[funsec] instructor (fwd),
Drsolly
[funsec] Who has hacked into my Comcast DVR box?,
Richard M. Smith
[Full-disclosure] Digg Delicious Technorati & Netscape XSS (worm?),
mybeni websecurity
[Full-disclosure] Cisco IP Phone vulnerability,
J. Oquendo
[Full-disclosure] ISP in the UK Terminates Account after Full Disclosure,
Aviram Jenik
[Full-disclosure] CAU-2007-0001: Window Transparency Information Disclosure,
I)ruid
[Full-disclosure] April 1 joke,
V Comics
[Full-disclosure] Maria Sharapova is a Cisco Certified Specialist,
Valery Marchuk
[funsec] XSS April Fools,
Gadi Evron
[Full-disclosure] Norton Multiple insufficient argument validation of hooked SSDT function Vulnerability,
Matousec - Transparent security Research
[Full-disclosure] Kcpentrix 2.0 is Out !!,
Fred
[funsec] Google offering Broadband Wireless! Free!,
Randall M
[funsec] C|Net News: April 1st Edition,
Fergie
[funsec] McAfee Avert Labs to Host Month of Bug Bugs (MoBB),
Juha-Matti Laurio
[Full-disclosure] Severe CSRF vulnerabilities allow mail/msg spoofing in Libero.it portal,
Rosario Valotta
[funsec] MS Patch Coming Tuesday,
Larry Seltzer
[funsec] More information on ZERT patch for ANI 0day,
Gadi Evron
[funsec] ZERT's latest patch,
Gadi Evron
[funsec] Cyber War: A Major Threat to Business,
Fergie
[Full-disclosure] Metasploit vs ANI,
H D Moore
[Full-disclosure] 0day Oracle 10g exploit - dbms_aq.enqueue - become DBA,
Andrea \"bunker\" Purificato
2BGal 3.1.1 <= (admin/index.php) Remote File Include Vulnerability,
BorN To K!LL BorN To K!LL
MS announces out-of-band patch for ANI 0day,
Gadi Evron
[Full-disclosure] iDefense Security Advisory 03.31.07: Multiple Vendor ImageMagick DCM and XWD Buffer Overflow Vulnerabilities,
iDefense Labs
[Full-disclosure] More information on ZERT patch for ANI 0day,
Gadi Evron
[Full-disclosure] [SECURITY] [DSA 1274-1] New file packages fix arbitrary code execution,
Noah Meyerhans
[Full-disclosure] SecTor Call for Papers & Registration now open,
Gord Taylor
[security bulletin] HPSBMA02198 SSRT061177 rev.1 - HP OpenView Network Node Manager (OV NNM) Remote Unauthorized Access,
security-alert
Re: Drake CMS v0.3.2 < = RFi Vulnerabilities,
legolas558
DirectAdmin persistant XSS [takeover an Administrator`s account],
Kanedaaa Bohater
Norton Multiple insufficient argument validation of hooked SSDT function Vulnerability,
Matousec - Transparent security Research
Windows XP/Vista (.ANI) Remote Exploit (bypass eeye patch),
jamikazu
[Full-disclosure] Death by Cockatoo,
neal.krawetz
Maplab <= 2.2.1 (gszAppPath) Remote File Inclusion Vulnerability,
mufti . rizal
WOVB #01: Bypassing Vista Firewall, Flying over obstructive line,
TWOVB Team
APOP vulnerability,
Gaëtan LEURENT
[Full-disclosure] iDefense Security Advisory 04.02.07: Hewlett-Packard Mercury Quality Center ActiveX Control ProgColor Buffer Overflow Vulnerability,
iDefense Labs
[Full-disclosure] [ GLSA 200704-01 ] Asterisk: Two SIP Denial of Service vulnerabilities,
Sune Kloppenborg Jeppesen
[Full-disclosure] iDefense Security Advisory 03.31.07: IBM Tivoli Provisioning Manager for OS Deployment Multiple Vulnerabilities,
iDefense Labs
[CFP] VNSECON 07 - Call for Papers / HCMC - August 03-04, 2007,
rd
[funsec] Websense: Automated Defacement Through Search Engines,
Fergie
[funsec] Telnet: Dead at 35 - Happy Birthday and RIP,
Fergie
[Full-disclosure] More information on ZERT patch for ANI 0day,
Randall M
[Full-disclosure] Why Microsoft should make windows open source,
James Matthews
[Full-disclosure] [SECURITY] [DSA 1275-1] New zope2.7 packages fix cross-site scripting flaw,
Noah Meyerhans
[Full-disclosure] [CFP] VNSECON 07 - Call for Papers / HCMC - August 03-04, 2007,
rd
[Full-disclosure] HP Mercury Quality Center Any SQL execution,
Isma Khan
[Full-disclosure] Vulnerable Vectors in PHP Based Redirection Pages[redirect.php4/redirect.php5],
Aditya K Sood
[Full-disclosure] another .ani 0-day bug third party patcher more usefull this time, version 0.2,
wac
TWOVB][ The Week Of Vista Bugs: the truth is out there,
TWOVB Team
[MajorSecurity Advisory #37]HolaCMS - Cross Site Scripting Issue,
SecurityAudit
MyBulletinBoard (MyBB) <= 1.2.3 Remote Code Execution Exploit,
gmdarkfig
[funsec] Britney Spears helps spread malware,
rms
Remote File Include In Script stat12,
RaeD
[Full-disclosure] iDefense Security Advisory 04.03.07: Microsoft Windows WMF Triggerable Kernel Design Error DoS Vulnerability,
iDefense Labs
[Full-disclosure] FLEA-2007-0006-1: ImageMagick,
Foresight Linux Essential Announcement Service
[Full-disclosure] FLEA-2007-0006-2: ImageMagick,
Foresight Linux Essential Announcement Service
MITKRB5-SA-2007-002: KDC, kadmind stack overflow in krb5_klog_syslog [CVE-2007-0957],
Tom Yu
[funsec] ANI patch.,
RMueller
[Full-disclosure] iDefense Security Advisory 04.03.07: Multiple Vendor Kerberos kadmind Buffer Overflow Vulnerability,
iDefense Labs
MITKRB5-SA-2007-003: double-free vulnerability in kadmind (via GSS-API library) [CVE-2007-1216],
Tom Yu
[Full-disclosure] FLEA-2007-0007-1: nas,
Foresight Linux Essential Announcement Service
MITKRB5-SA-2007-001: telnetd allows login as arbitrary user [CVE-2007-0956],
Tom Yu
[Full-disclosure] ZDI-07-012: Yahoo! Messenger AudioConf ActiveX Control Buffer Overflow,
zdi-disclosures
Re: On-going Internet Emergency and Domain Names,
Bob Fiero
[Full-disclosure] [SECURITY] [DSA 1276-1] New krb5 packages fix several vulnerabilities,
Moritz Muehlenhoff
[Full-disclosure] [ GLSA 200704-02 ] MIT Kerberos 5: Arbitrary remote code execution,
Sune Kloppenborg Jeppesen
Nine Vista CVEs, including Microsoft inaccurate Teredo use case documentation,
Jim Hoagland
[Full-disclosure] [ GLSA 200704-03 ] OpenAFS: Privilege escalation,
Raphael Marichez
[Full-disclosure] [ GLSA 200704-04 ] OpenPBS: Multiple vulnerabilities,
Raphael Marichez
[Full-disclosure] [ GLSA 200704-05 ] zziplib: Buffer Overflow,
Raphael Marichez
[Full-disclosure] April Chi2600 / DefCon 312 Information,
Steven McGrath
[Full-disclosure] JIKTO Full Disclosure,
Shaded Systems
[Full-disclosure] iDefense Security Advisory 04.03.07: Multiple Vendor X Server BDF Font Parsing Integer Overflow Vulnerability,
iDefense Labs
[Full-disclosure] iDefense Security Advisory 04.03.07: Multiple Vendor X Server fonts.dir File Parsing Integer Overflow Vulnerability,
iDefense Labs
[Full-disclosure] iDefense Security Advisory 04.03.07: Multiple Vendor X Server XC-MISC Extension Memory Corruption Vulnerability,
iDefense Labs
[Full-disclosure] [USN-448-1] X.org vulnerabilities,
Kees Cook
[Full-disclosure] [USN-449-1] krb5 vulnerabilities,
Kees Cook
[Full-disclosure] [ MDKSA-2007:074 ] - Updated qt3 packages to address utf8 decoder bug,
security
[Full-disclosure] [ MDKSA-2007:075 ] - Updated qt4 packages to address utf8 decoder bug,
security
[Full-disclosure] [ MDKSA-2007:076 ] - Updated kdelibs packages to address UTF8 issue in KJS,
security
[Full-disclosure] Windows .ANI LoadAniIcon third party patch latest version 0.3 (so people can rollback their system before applying the patches),
wac
[Full-disclosure] rPSA-2007-0062-1 firefox,
rPath Update Announcements
[Full-disclosure] rPSA-2007-0063-1 krb5 krb5-server krb5-services krb5-test krb5-workstation,
rPath Update Announcements
[Full-disclosure] rPSA-2007-0064-1 ImageMagick,
rPath Update Announcements
[Full-disclosure] rPSA-2007-0065-1 freetype xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs,
rPath Update Announcements
[Full-disclosure] rPSA-2007-0066-1 kdelibs qt-x11-free,
rPath Update Announcements
[Full-disclosure] Mozilla Firefox Insecure Element Stealth Injection Vulnerability,
Michal Majchrowicz
[Full-disclosure] Three New Papers on Oracle Forensics,
David Litchfield
[Full-disclosure] CYBSEC Security Pre-Advisory: SAP RFC_SET_REG_SERVER_PROPERTY RFC Function Denial Of Service,
CYBSEC Advisories
[Full-disclosure] CYBSEC Security Pre-Advisory: SAP RFC_START_GUI RFC Function Buffer Overflow,
CYBSEC Advisories
[Full-disclosure] CYBSEC Security Pre-Advisory: SAP RFC_START_PROGRAM RFC Function Multiple Vulnerabilities,
CYBSEC Advisories
[Full-disclosure] CYBSEC Pre-Advisory: SAP TRUSTED_SYSTEM_SECURITY RFC Function Information Disclosure,
CYBSEC Advisories
[Full-disclosure] CYBSEC Security Pre-Advisory: SAP SYSTEM_CREATE_INSTANCE RFC Function Buffer Overflow,
CYBSEC Advisories
[Full-disclosure] Stereotyping DoS and Don'ts,
neal.krawetz
[Full-disclosure] CYBSEC Release: SAP Security - Paper & Tool release,
Mariano Nuñez Di Croce
[funsec] Websense and political censorship,
Richard M. Smith
Re: [funsec] Websense and political censorship,
Florian Weimer
Re: [funsec] Websense and political censorship,
Gadi Evron
<Possible follow-ups>
RE: [funsec] Websense and political censorship,
Fergie
[ MDKSA-2007:075 ] - Updated qt4 packages to address utf8 decoder bug,
security
CYBSEC Pre-Advisory: SAP TRUSTED_SYSTEM_SECURITY RFC Function Information Disclosure,
CYBSEC Advisories
CYBSEC Security Pre-Advisory: SAP RFC_START_PROGRAM RFC Function Multiple Vulnerabilities,
CYBSEC Advisories
lite-cms-0.2.1 Remote File Include Vulnerabilities,
the_3dit0r
CYBSEC Security Pre-Advisory: SAP RFC_START_GUI RFC Function Buffer Overflow,
CYBSEC Advisories
CYBSEC Security Pre-Advisory: SAP SYSTEM_CREATE_INSTANCE RFC Function Buffer Overflow,
CYBSEC Advisories
CYBSEC Security Pre-Advisory: SAP RFC_SET_REG_SERVER_PROPERTY RFC Function Denial Of Service,
CYBSEC Advisories
[funsec] Separated at birth: WMF and ANI bugs compared,
Fergie
CYBSEC Release: SAP Security - Paper & Tool release,
Mariano Nuñez Di Croce
[ MDKSA-2007:074 ] - Updated qt3 packages to address utf8 decoder bug,
security
[MajorSecurity Advisory #38]eXV2 CMS - Session fixation and Cross-Site-Scripting Issues,
Securityaudit
Remot File Include In phpexplorator_2_0,
RaeD
iXon_CMS 0.30 Remote File Include Vulnerabilities,
the_3dit0r
rPSA-2007-0067-1 nas,
rPath Update Announcements
K-CMS v1.0 Remote File Include Vulnerabilities,
the_3dit0r
Monkey CMS v0.0.3 Remote File Include Vulnerabilitiy,
the_3dit0r
phpechocms v.2 Cross-Site Scripting Vulnerabilitiy,
the_3dit0r
phpechocms2 Remote File Include Vulnerabilities,
the_3dit0r
MyBlog: PHP and MySQL Blog/CMS software Cross-Site Scripting Vulnerabilitiy,
the_3dit0r
[Full-disclosure] Fabio has Tagged you! :),
Fabio Sarmento
MyBlog: PHP and MySQL Blog/CMS software Remote File Include Vulnerabilitiy,
the_3dit0r
[ MDKSA-2007:076 ] - Updated kdelibs packages to address UTF8 issue in KJS,
security
[Full-disclosure] VMSA-2007-0003 VMware ESX 3.0.1 and 3.0.0 server security updates,
VMware Security team
[Full-disclosure] The Cyber war on Iran,
United Hackers
High Risk Vulnerability in OpenOffice,
NGSSoftware Insight Security Research
[funsec] Never Slow Down: MS07-017 ANI Exploit Activity Timeline,
Fergie
Several Windows image viewers vulnerabilities,
Ivan Fratric
[Full-disclosure] Hackers uniting against Iran?,
United Hackers
- Re: [Full-disclosure] Hackers uniting against Iran?,
Slythers Bro
- Re: [Full-disclosure] Hackers uniting against Iran?,
Open Phugu
- Re: [Full-disclosure] Hackers uniting against Iran?,
Lubomir Kundrak
- <Possible follow-ups>
- Re: [Full-disclosure] Hackers uniting against Iran?,
uberspritzer
- Re: [Full-disclosure] Hackers uniting against Iran?,
Fajar Edisya Putera
- Re: [Full-disclosure] Hackers uniting against Iran?,
evilrabbi
- Re: [Full-disclosure] Hackers uniting against Iran?,
uberspritzer
- Re: [Full-disclosure] Hackers uniting against Iran?,
Paul Schmehl
- Re: [Full-disclosure] Hackers uniting against Iran?,
matthew wollenweber
- Re: [Full-disclosure] Hackers uniting against Iran?,
Valdis . Kletnieks
- Re: [Full-disclosure] Hackers uniting against Iran?,
Timo Schoeler
- Re: [Full-disclosure] Hackers uniting against Iran?,
Shyaam
- Re: [Full-disclosure] Hackers uniting against Iran?,
rek2 GNU/Linux LO LO LO
- Re: [Full-disclosure] Hackers uniting against Iran?,
rek2 GNU/Linux LO LO LO
- Re: [Full-disclosure] Hackers uniting against Iran?,
Troy Cregger
- Re: [Full-disclosure] Hackers uniting against Iran?,
Peter Dawson
- Re: [Full-disclosure] Hackers uniting against Iran?,
Timo Schoeler
- Re: [Full-disclosure] Hackers uniting against Iran?,
Timo Schoeler
- Re: [Full-disclosure] Hackers uniting against Iran?,
Martin Hudec
- Re: [Full-disclosure] Hackers uniting against Iran?,
Timo Schoeler
- Re: [Full-disclosure] Hackers uniting against Iran?,
Timo Schoeler
- Re: [Full-disclosure] Hackers uniting against Iran?,
Paul Szabo
- Re: [Full-disclosure] Hackers uniting against Iran?,
Red Leg
- Re: [Full-disclosure] Hackers uniting against Iran?,
Timo Schoeler
- Re: [Full-disclosure] Hackers uniting against Iran?,
Timo Schoeler
- Re: [Full-disclosure] Hackers uniting against Iran?,
Troy Cregger
- Re: [Full-disclosure] Hackers uniting against Iran?,
uberspritzer
- Re: [Full-disclosure] Hackers uniting against Iran?,
scott
- Re: [Full-disclosure] Hackers uniting against Iran?,
ericscher@mac.com
- Re: [Full-disclosure] Hackers uniting against Iran?,
Timo Schoeler
- Re: [Full-disclosure] Hackers uniting against Iran?,
James Rankin
- Re: [Full-disclosure] Hackers uniting against Iran?,
Timo Schoeler
- Re: [Full-disclosure] Hackers uniting against Iran?,
Red Leg
- Re: [Full-disclosure] Hackers uniting against Iran?,
Paul Hem
- Re: [Full-disclosure] Hackers uniting against Iran?,
Valdis . Kletnieks
- Re: [Full-disclosure] Hackers uniting against Iran?, Battle of Kursk,
Security Admin (NetSec)
- Re: [Full-disclosure] Hackers uniting against Iran?,
Peter Dawson
- Re: [Full-disclosure] Hackers uniting against Iran?,
Carlos Barros
- Re: [Full-disclosure] Hackers uniting against Iran?,
Timo Schoeler
- Re: [Full-disclosure] Hackers uniting against Iran?,
Timo Schoeler
- Re: [Full-disclosure] Hackers uniting against Iran?,
Michele Cicciotti [Khamsa Italia Srl]
- Re: [Full-disclosure] Hackers uniting against Iran?,
jptrash
[Full-disclosure] [ MDKSA-2007:077 ] - Updated krb5 packages fix vulnerabilities,
security
[Full-disclosure] [ MDKSA-2007:078 ] - Updated kernel packages fix multiple vulnerabilities and bugs,
security
[SECURITY] [DSA 1277-1] New XMMS packages fix arbitrary code execution,
Noah Meyerhans
Gazi Okul Sitesi 2007(tr)(fotokategori.asp) Remote SQL Injection,
r00t-balance
[ MDKSA-2007:077 ] - Updated krb5 packages fix vulnerabilities,
security
Firefox extensions go Evil - Critical Vulnerabilities in Firefox/Firebug,
pdp (architect)
[funsec] RadioShack Cleans,
Randall M
[Full-disclosure] [ MDKSA-2007:079 ] - Updated xorg-x11/XFree86 packages fix integer overflow vulnerabilities,
security
[Full-disclosure] [ MDKSA-2007:080 ] - Updated tightvnc packages fix integer overflow vulnerabilities,
security
[Full-disclosure] [ MDKSA-2007:081 ] - Updated freetype2 packages fix vulnerability,
security
[Full-disclosure] iDefense Security Advisory 04.04.07: Kaspersky AntiVirus SysInfo ActiveX Control Information Disclosure Vulnerability,
iDefense Labs
[Full-disclosure] iDefense Security Advisory 04.04.07: Kaspersky Internet Security Suite klif.sys Heap Overflow Vulnerability,
iDefense Labs
[ MDKSA-2007:078 ] - Updated kernel packages fix multiple vulnerabilities and bugs,
security
[Full-disclosure] iDefense Security Advisory 04.04.07: ESRI ArcSDE Buffer Overflow Vulnerability,
iDefense Labs
Multi-RBL Checks [Was: RE: [funsec] Websense and political censorship],
Fergie
RE: Multi-RBL Checks [Was: RE: [funsec] Websense and political censors hip],
Fergie
Re: [Full-disclosure] group hug,
scott
Re: [Full-disclosure] well done folks,
scott
[funsec] Security Matters: Vigilantism Is a Poor Response to Cyber Attack,
Fergie
Re: [Full-disclosure] Why Microsoft should make windows open,
Jodi Middleton
Re: [Full-disclosure] Iran Cyber-War, Capitalism, etc...,
Throwaway1@columbus.rr.com
[funsec] Walt Mossberg takes on craplets on new mcahines,
Richard M. Smith
[ MDKSA-2007:079 ] - Updated xorg-x11/XFree86 packages fix integer overflow vulnerabilities,
security
LedgerSMB 1.2.0 finally released, fixes CVE-2006-5589,
Chris Travers
[ MDKSA-2007:080 ] - Updated tightvnc packages fix integer overflow vulnerabilities,
security
[ MDKSA-2007:081 ] - Updated freetype2 packages fix vulnerability,
security
Microsoft .NET request filtering bypass vulnerability (BID 20753),
research
[Full-disclosure] Microsoft .NET request filtering bypass vulnerability (BID 20753),
Adrian Pastor
[Full-disclosure] AN OUNCE OF PREVENTION...,
neal.krawetz
[funsec] today's assortment of internet press about the .ANI thing,
Paul Vixie
[Full-disclosure] FLEA-2007-0008-1: krb5,
Foresight Linux Essential Announcement Service
[Full-disclosure] FLEA-2007-0009-1: xorg-x11 freetype,
Foresight Linux Essential Announcement Service
Wserve HTTP Server 4.6 Version (Long Directory Name) Buffer Overflow - Denial Of Service,
UniquE
[Full-disclosure] FLEA-2007-0010-1: evolution,
Foresight Linux Essential Announcement Service
[funsec] Wallet made from a computer keyboard,
Juha-Matti Laurio
[security bulletin] HPSBUX02204 SSRT071341 rev.1 - HP-UX Running CIFS Server (Samba), Remote Denial of Service (DoS),
security-alert
[Full-disclosure] uberspritzer's rant,
ericscher@mac.com
[Full-disclosure] Wordpress 2.1.2 xmlrpc Vulnerabilities,
Sumit Siddharth
[Full-disclosure] ZDI-07-013: Kaspersky AntiVirus Engine ARJ Archive Parsing Heap Overflow Vulnerability,
zdi-disclosures
[Full-disclosure] ZDI-07-014: Kaspersky Anti-Virus ActiveX Control Unsafe Method Exposure Vulnerablity,
zdi-disclosures
[Full-disclosure] CAUNewswire - CAU Introduces PHREAK® Certification for telephony hackers,
I)ruid
[funsec] If only ...,
Rob, grandpa of Ryan, Trevor, Devon & Hannah
[Full-disclosure] Question Regarding Wireless Frames,
Code Breaker
[Full-disclosure] AOL Nullsoft Winamp S3M Module "IN_MOD.DLL" Remote Heap Memory Corruption,
Piotr Bania
[Full-disclosure] AOL Nullsoft Winamp LIBSNDFILE.DLL Remote Memory Corruption (Off By Zero),
Piotr Bania
[Full-disclosure] AOL Nullsoft Winamp IT Module "IN_MOD.DLL" Remote Heap Memory Corruption,
Piotr Bania
[funsec] Britiney sells viagra,
Hubbard, Dan
ACLS ineffective in SQL-Ledger and LedgerSMB,
Chris Travers
phpContact Multiple Remote File Inclusion Vulnerabilities,
rko . thelegendkiller
[Full-disclosure] WEEPING FOR WEP,
neal.krawetz
[MajorSecurity Advisory #39]onelook onebyone CMS - Session fixation Issue,
Securityaudit
[MajorSecurity Advisory #40]onelook oboShop - Session fixation Issue,
Securityaudit
[MajorSecurity Advisory #41]onelook courts online - Session fixation Issue,
Securityaudit
livor 2.5 Cross-Site Scripting Vulnerability,
rko . thelegendkiller
[funsec] Phishing: Peeling The Covers Off of Rock,
Fergie
[funsec] Security Researchers Say Windows .ANI Problem Surfaced Two Years Ago,
rms
[SECURITY] [DSA 1278-1] New man-db packages fix arbitrary code execution,
Noah Meyerhans
LayerOne 2007 - Speaker Line up Announced,
Layer One
[funsec] (The first) iPodLinux PoC virus found,
Juha-Matti Laurio
[Full-disclosure] [ GLSA 200704-06 ] Evince: Stack overflow in included gv code,
Raphael Marichez
[Full-disclosure] [ GLSA 200704-07 ] libwpd: Multiple vulnerabilities,
Raphael Marichez
[Full-disclosure] word to buchkov,
jf
Re: [Full-disclosure] Hackers uniting against Iran?, Battle of Kursk,
Security Admin (NetSec)
PHP <= 5.2.1 wbmp file handling integer overflow,
Ivan Fratric
[MajorSecurity Advisory #42]webblizzard CMS - Cross Site Scripting and Session fixation Issues,
Securityaudit
CmailServer WebMail <= V.5.3.4 (signup) Remote XSS Exploit,
ajannhwt
witshare 0.9 Remote File Include Vulnerabilitiy,
the_3dit0r
[Full-disclosure] Vista Protected Processes Bypassed,
Randall M
[Full-disclosure] Hackers Humiliate Security Researcher,
neal.krawetz
[Full-disclosure] Security Researcher Not Particularly Humiliated,
Raven Alder
Re: [VulnWatch] Latinchat Denial Of Service,
d4rksoft
Re: [Full-disclosure] Backdoor within popular security software.,
Anonymous User
Re: [Full-disclosure] Security Researcher Not Particularly Humiliated,
neal.krawetz
[funsec] involved in sci-fi?,
Gadi Evron
[Full-disclosure] Some 0day Pocs,
Muts
[Full-disclosure] DNS mining ?,
Maxim Veksler
[funsec] there aren't that many serious spammers any more?,
John LaCour
UBB.threads (<= 6.1.1) SQL Injection Vulnerability,
john
Scorp Book <== v1.0 (smilies.php) Remote File Include Exploit,
k4rtal
Take Control In Script Jeebles Directory,
RaeD
phpMyAdmin 2.6.1 Local Cross Site Scripting,
the_3dit0r
Remot File Include In Script Lore v1,
RaeD
DeskPRO v2.0.1 - Cross-Site Scripting Vulnerability,
john
Gsylvain35 Portail Web Remote File Include Vulnerabilities,
the_3dit0r
Request It : Song Request System 1.0b - remote file inclusion,
mail
QuizShock 1.6.1 - Cross-Site Scripting Vulnerability,
john
Mybb Hot Editor Plugin Local File Inclusion,
liz0
Hot Editor v4.0 Local File Inclusion,
liz0
xodagallery Remote Code Execution Vulnerability,
the_3dit0r
[funsec] Websense: A Tale of Two ANI Attacks,
Fergie
[funsec] roundup,
Paul Vixie
rPSA-2007-0070-1 openoffice.org,
rPath Update Announcements
[Full-disclosure] iDefense Security Advisory 04.09.07: AOL AIM and ICQ File Transfer Path-Traversal Vulnerability,
iDefense Labs
[Full-disclosure] [USN-450-1] ipsec-tools vulnerability,
Kees Cook
[funsec] Outlook 2007: one step forward, two steps back?,
rms
[Full-disclosure] List Charter,
John Cartwright
- <Possible follow-ups>
- [Full-disclosure] List Charter,
John Cartwright
- [Full-disclosure] List Charter,
John Cartwright
- [Full-disclosure] List Charter,
Month of Random Hashes
- [Full-disclosure] List Charter,
John Cartwright
- [Full-disclosure] List Charter,
John Cartwright
- [Full-disclosure] List Charter,
John Cartwright
- [Full-disclosure] List Charter,
John Cartwright
- [Full-disclosure] List Charter,
John Cartwright
- [Full-disclosure] List Charter,
John Cartwright
- [Full-disclosure] List Charter,
John Cartwright
- [Full-disclosure] List Charter,
John Cartwright
- [Full-disclosure] List Charter,
John Cartwright
- [Full-disclosure] List Charter,
John Cartwright
[funsec] New security threat: Back packs,
Richard M. Smith
[Full-disclosure] Fwd: threat to corporate security,
n3td3v
[funsec] Worst Idea Ever: Prosecute Unsafe Computer Users?,
Fergie
[Full-disclosure] DEF CON One Five CfP in effect!,
The Dark Tangent
[Full-disclosure] War against Iran: Update from front lines,
Hackers United
[funsec] RE: funsec Office 2007 has 0 security issues,
Randall M
- RE: [funsec] RE: funsec Office 2007 has 0 security issues,
Richard M. Smith
- Re: [funsec] RE: funsec Office 2007 has 0 security issues,
Valdis . Kletnieks
- RE: [funsec] RE: funsec Office 2007 has 0 security issues,
Richard M. Smith
- Re: [funsec] RE: funsec Office 2007 has 0 security issues,
Florian Weimer
- RE: [funsec] RE: funsec Office 2007 has 0 security issues,
Larry Seltzer
- RE: [funsec] RE: funsec Office 2007 has 0 security issues,
Nick FitzGerald
- RE: [funsec] RE: funsec Office 2007 has 0 security issues,
David Harley
- RE: [funsec] RE: funsec Office 2007 has 0 security issues,
Larry Seltzer
- RE: [funsec] RE: funsec Office 2007 has 0 security issues,
David Harley
- RE: [funsec] RE: funsec Office 2007 has 0 security issues,
Nick FitzGerald
- RE: [funsec] RE: funsec Office 2007 has 0 security issues,
Larry Seltzer
- RE: [funsec] RE: funsec Office 2007 has 0 security issues,
Richard M. Smith
- RE: [funsec] RE: funsec Office 2007 has 0 security issues,
David Harley
- Re: [funsec] RE: funsec Office 2007 has 0 security issues,
Valdis . Kletnieks
- RE: [funsec] RE: funsec Office 2007 has 0 security issues,
David Harley
- Message not available
- RE: [funsec] RE: funsec Office 2007 has 0 security issues,
David Harley
- Re: [funsec] RE: funsec Office 2007 has 0 security issues,
der Mouse
- Re: [funsec] RE: funsec Office 2007 has 0 security issues,
Valdis . Kletnieks
- Re: [funsec] RE: funsec Office 2007 has 0 security issues,
der Mouse
- Re: [funsec] RE: funsec Office 2007 has 0 security issues,
Michal Zalewski
- Re: [funsec] RE: funsec Office 2007 has 0 security issues,
Ken Dyke
- Re: [funsec] RE: funsec Office 2007 has 0 security issues,
Brian Loe
- Re: [funsec] RE: funsec Office 2007 has 0 security issues,
Ken Dyke
- Re: [funsec] RE: funsec Office 2007 has 0 security issues,
Nick FitzGerald
- Re: [funsec] RE: funsec Office 2007 has 0 security issues,
Brian Loe
- RE: [funsec] RE: funsec Office 2007 has 0 security issues,
David Harley
- Re: [funsec] RE: funsec Office 2007 has 0 security issues,
Valdis . Kletnieks
- RE: [funsec] RE: funsec Office 2007 has 0 security issues,
David Harley
- RE: [funsec] RE: funsec Office 2007 has 0 security issues,
Larry Seltzer
- Re: [funsec] RE: funsec Office 2007 has 0 security issues,
Valdis . Kletnieks
- Re: [funsec] RE: funsec Office 2007 has 0 security issues,
Ken Dyke
- RE: [funsec] RE: funsec Office 2007 has 0 security issues,
Larry Seltzer
- RE: [funsec] RE: funsec Office 2007 has 0 security issues,
Nick FitzGerald
- RE: [funsec] RE: funsec Office 2007 has 0 security issues,
Nick FitzGerald
<Possible follow-ups>
Re: [funsec] RE: funsec Office 2007 has 0 security issues,
Fergie
RE: [funsec] RE: funsec Office 2007 has 0 security issues,
Fergie
[funsec] Who's Behind Criminal Bot Networks?,
Fergie
phpGalleryScript 1.0 - File Inclusion Vulnerabilities,
z12xxa
[Full-disclosure] DropAFew - SQL injection and authorization issues,
Alexander Klink
DEF CON One Five CfP in effect!,
The Dark Tangent
[Full-disclosure] EEYE: Windows Vista CSRSS Dangling Process Pointer Privilege Escalation,
eEye Advisories
[Full-disclosure] EEYE: Windows VDM Zero Page Race Condition Privilege Escalation,
eEye Advisories
EEYE: Windows VDM Zero Page Race Condition Privilege Escalation,
eEye Advisories
[funsec] Microsoft Patch Tuesday: PATCH NOW,
Fergie
EEYE: Windows Vista CSRSS Dangling Process Pointer Privilege Escalation,
eEye Advisories
PhpOpenChat <= 3.0.1 (poc.php) Multiple Remote File Include Vulnerabilities,
seko
Secunia Research: Microsoft Agent URL Parsing Memory Corruption Vulnerability,
Secunia Research
[Full-disclosure] iDefense Security Advisory 04.10.07: Microsoft Windows Universal Plug and Play Memory Corruption Vulnerability,
iDefense Labs
[funsec] FTC Official: Imprison Spyware Distributors,
Fergie
[Full-disclosure] [ MDKSA-2007:077-1 ] - Updated krb5 packages fix vulnerabilities,
security
[VulnWatch] EEYE: Windows VDM Zero Page Race Condition Privilege Escalation,
eEye Advisories
[ MDKSA-2007:077-1 ] - Updated krb5 packages fix vulnerabilities,
security
Re: vbulletin admincp sql injection,
rjmjr69
[VulnWatch] EEYE: Windows Vista CSRSS Dangling Process Pointer Privilege Escalation,
eEye Advisories
[Full-disclosure] Named and the mysterious .so resolves,
James Lay
[Full-disclosure] [ MDKSA-2007:081-1 ] - Updated freetype2 packages fix vulnerability,
security
[ MDKSA-2007:081-1 ] - Updated freetype2 packages fix vulnerability,
security
[Full-disclosure] flickR Hack,
KaT
[Full-disclosure] [ MDKSA-2007:080-1 ] - Updated tightvnc packages fix integer overflow vulnerabilities,
security
[Full-disclosure] [USN-451-1] Linux kernel vulnerabilities,
Kees Cook
[funsec] RE: funsec Digest, Vol 20, Issue 18,
Randall M
[funsec] skip chips,
Randall M
[Full-disclosure] Secunia Research: Microsoft Agent URL Parsing Memory Corruption Vulnerability,
Secunia Research
[Full-disclosure] [ MDKSA-2007:075-1 ] - Updated qt4 packages to address utf8 decoder bug,
security
[funsec] Widespread vandalism of wikis by some type of bot,
Reed Loden
[funsec] more security leaks in japan,
Peter Evans
[funsec] Spam Kills,
Richard M. Smith
[Full-disclosure] com_zoom2 Mambo Module Remote File Include Vulnerability,
0o_zeus_o0 elitemexico.org
[Full-disclosure] Application Layer Anti-virus/Firewall,
pdp (architect)
[Full-disclosure] Cosign SSO Authentication Bypass,
Jon Oberheide
webMethods Glue Management Console Directory Traversal,
Patrick Webster
[ MDKSA-2007:080-1 ] - Updated tightvnc packages fix integer overflow vulnerabilities,
security
nEw Bug :D,
asdasd asdsadas
[Full-disclosure] Vulnerability Purchasing Program Questions,
Steven Adair
New bug :),
asdasd asdsadas
pL-PHP beta 0.9 - Multiple Vulnerabilities,
omnipresent
Re: [mwp] [funsec] Widespread vandalism of wikis by some type of bot (fwd),
Rob, grandpa of Ryan, Trevor, Devon & Hannah
[MajorSecurity Advisory #43]Calacode ATMail 5.0 - Cross Site Scripting and Cookie Manipulation Issue,
admin
CodeBreak (codebreak.php process_method) - Remote File Inclusion Vulnerability,
john
[Full-disclosure] [ MDKSA-2007:079-1 ] - Updated xorg-x11/XFree86 packages fix integer overflow vulnerabilities,
security
Re: Latinchat Denial Of Service,
d4rksoft
PunBB <= 1.2.14 Remote Code Execution (Exploit),
gmdarkfig
PunBB <= 1.2.14 Multiple Vulnerabilities (Advisory),
gmdarkfig
[Full-disclosure] [ MDKSA-2007:082 ] - Updated madwifi-source, wpa_supplicant packages fix vulnerabilities,
security
Steganos Encrypted Safe NOT so safe,
frankrizzo604
[Full-disclosure] [ MDKSA-2007:083 ] - Updated apache-mod_perl packages fix DoS vulnerability,
security
[ MDKSA-2007:079-1 ] - Updated xorg-x11/XFree86 packages fix integer overflow vulnerabilities,
security
[Full-disclosure] iDefense Security Advisory 04.11.07: Apache HTTPD suEXEC Multiple Vulnerabilities,
iDefense Labs
[ MDKSA-2007:083 ] - Updated apache-mod_perl packages fix DoS vulnerability,
security
[funsec] 30 days of bots,
Rick Wesson
[Full-disclosure] [USN-452-1] KDE library vulnerability,
Kees Cook
[ MDKSA-2007:075-1 ] - Updated qt4 packages to address utf8 decoder bug,
security
[ MDKSA-2007:082 ] - Updated madwifi-source, wpa_supplicant packages fix vulnerabilities,
security
[funsec] A Botted Fortune 500 a Day,
Gadi Evron
[funsec] In Passing: Kurt Vonnegut,
Fergie
[Full-disclosure] Let's Winnuke Google!,
neal.krawetz
[funsec] Analysts: TJX case may cost over $1b,
Richard M. Smith
[funsec] Forensic expert needed to bring back deleted email messages,
Richard M. Smith
[Full-disclosure] [ GLSA 200704-08 ] DokuWiki: Cross-site scripting vulnerability,
Matthias Geerdsen
E107 - (v0.7.8) Access Escalation Vulnerbility - PoC,
jd2k2000
[Full-disclosure] CVE-2007-1871: Cross site scripting in chcounter 3.1.3,
Hanno BÃck
[Full-disclosure] CVE-2007-1872: Cross site scripting in toendaCMS 1.5.3,
Hanno BÃck
[Full-disclosure] Cross site scripting in mephisto 0.7.3,
Hanno BÃck
HPSBUX02205 SSRT061120 rev.1 - HP-UX Running ARPA Transport, Local Denial of Service (DoS),
security-alert
[Full-disclosure] INFIGO-2007-04-05: Enterprise Security Analyzer server remote buffer overflows,
infocus
[Full-disclosure] Dotclear 1.* Cross Site Scripting Vulnerability,
nssimo nssimo
[Full-disclosure] Cisco Security Advisory: Multiple Vulnerabilities in the Cisco Wireless LAN Controller and Cisco Lightweight Access Points,
Cisco Systems Product Security Incident Response Team
[funsec] Slashdot: Bank of America's SiteKey bypassed,
rms
[Full-disclosure] Cisco Security Advisory: Multiple Vulnerabilities in the Cisco Wireless Control System,
Cisco Systems Product Security Incident Response Team
Critical phpwiki c99shell exploit,
rurban
[security bulletin] HPSBST02206 SSRT071354 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS07-014,
security-alert
[security bulletin] HPSBUX01137 SSRT5954 rev.9 - HP-UX Running TCP/IP (IPv4), Remote Denial of Service (DoS),
security-alert
[funsec] "A Deceit-Augmented Man In The Middle Attack Against Bank of America's SiteKey ® Service" (seen on slashdot),
Paul Vixie
[Full-disclosure] Aircrack-ng (airodump-ng) remote buffer overflow vulnerability,
jonnyboi
[security bulletin] HPSBGN02199 SSRT071312 rev.1 - Mercury Quality Center ActiveX, Remote Unauthorized Arbitrary Code Execution,
security-alert
[security bulletin] HPSBUX02203 SSRT071339 rev.1 - HP-UX Running Portable File System (PFS), Remote Increase in Privilege,
security-alert
[Full-disclosure] iDefense Security Advisory 04.12.07: Hewlett Packard HP-UX Remote pfs_mountd.rpc Buffer Overflow Vulnerability,
iDefense Labs
TuMusika Evolution 1.6 Cross Site Scripting Vulnerabilitiy,
the_3dit0r
[Full-disclosure] Spam is funny!,
neal.krawetz
phpwebnews v.1 Multiple Cross Site Scripting Vulnerabilites,
the_3dit0r
Chatness <= 2.5.3 - Arbitrary Code Execution,
jd2k2000
Re: Cross site scripting in mephisto 0.7.3,
encytemedia
[funsec] "Vista DRM could hide malware" (ZD Net),
Paul Vixie
FAC GuestBook v2.0 remote database disclosure vulnerability,
the_3dit0r
Aircrack-ng (airodump-ng) remote buffer overflow vulnerability,
jonny
[funsec] [Full-disclosure] A Botted Fortune 500 a Day,
RMueller
[Full-disclosure] [Argeniss] Hacking Databases for owning your data (paper),
Cesar
[Full-disclosure] patch-9449,
Steward Smith
[Full-disclosure] Ettercap-NG 0.7.3 Remote DoS,
evilrabbi
[funsec] Microsoft Investigating Vulnerability in Windows DNS Server,
Fergie
[Full-disclosure] [OPENADS-SA-2007-003] Openads 2.0.11 vulnerability fixed,
Matteo Beccati
[Full-disclosure] [OPENADS-SA-2007-004] Max Media Manager v0.1.29-rc and v0.3.31-alpha-pr2 vulnerability fixed,
Matteo Beccati
[MajorSecurity Advisory #44]MailBee WebMail Pro - Cross Site Scripting Issue,
admin
[funsec] Pakistan: Deadly 'Phone Virus' Threat Causes Panic,
Fergie
[waraxe-2007-SA#048] - Multiple vulnerabilities in Virtual War 1.5 module for PhpNuke,
come2waraxe
[Full-disclosure] TSRT-07-04: LANDesk Management Suite Alert Service Stack Overflow Vulnerability,
TSRT
[funsec] TJX Thieves Had Time to Steal, Trip Up,
Fergie
Vbulletin 3.6.5 Sql Injection ! [misc.php],
seko
[funsec] Word 2007 Flaws Are Features, Not Bugs,
rms
[funsec] Wikipedia has list of places 'blurred out' on Google Maps,
Juha-Matti Laurio
[funsec] Defaced phishing page...,
Nick FitzGerald
VCDGear <= 3.56 Build 050213 (FILE) Local Code Execution Exploit,
meftun
Back-End CMS Database Tables v0.4.7 Cross Site Scripting,
the_3dit0r
bloofoxCMS 0.2.2 Cross Site Scripting,
the_3dit0r
MobilePublisherphp v1.1.2 Remote File Include Vulnerabilities,
the_3dit0r
FloweRS v2.0 Cross Site Scripting,
the_3dit0r
Maian Search v1.1,
k4rtal
Maian Gallery v1.0,
k4rtal
B2evolution 1.6 RFi,
k4rtal
MySpeach v1.9,
k4rtal
Back-End CMS Database Tables v0.4.7 Remote File Include Vulnerabilities,
the_3dit0r
Flip-search-add-on 2.0,
k4rtal
Maian Weblog v3.1,
k4rtal
bloofoxCMS 0.2.2 Remote File Include Vulnerabilitiy,
the_3dit0r
phpMyChat-0.14.5,
k4rtal
[Full-disclosure] [ GLSA 200704-09 ] xine-lib: Heap-based buffer overflow,
Raphael Marichez
Creationist Meuseum to Open in 2008 [Was: Re: [funsec] Spam Kills],
Fergie
[funsec] are you a sci-fi geek? SF-hackers is for you,
Gadi Evron
[Full-disclosure] Vista typographical vulnerability,
lsi
[Full-disclosure] ZoneAlarm Multiple insufficient argument validation of hooked SSDT function Vulnerability,
Matousec - Transparent security Research
Re: [Full-disclosure] [exploits] RPC vuln in DNS Server (fwd),
Gadi Evron
[Full-disclosure] URL Encoding/Decoding Flaw Mechanism In ASP.net[1.0-2.0] Based Web Applications.,
Aditya K Sood
[Full-disclosure] Windows DNS DnssrvQuery Stack Overflow,
dev code
[Full-disclosure] Cross Domain XMLHttpRequest,
Michal Majchrowicz
[funsec] Mobile phone death calls hoax,
Rob, grandpa of Ryan, Trevor, Devon & Hannah
[Full-disclosure] Microsoft DNS Server Remote Code execution Exploit and analysis,
Andres Tarasco
[Full-disclosure] IMF 2007 - 2nd Call for Papers,
Oliver Goebel
[Full-disclosure] INVASION OF THE CHILD HACKERS,
Dr. Neal Krawetz, PhD
[Full-disclosure] [ GLSA 200704-10 ] Inkscape: Two format string vulnerabilities,
Matthias Geerdsen
[funsec] couldn't resist sharing,
Brian Loe
- RE: [funsec] couldn't resist sharing,
David Harley
- Re: [funsec] couldn't resist sharing,
Brian Loe
- Re: [funsec] couldn't resist sharing,
disco jonny
- RE: [funsec] couldn't resist sharing,
David Harley
- Re: [funsec] couldn't resist sharing,
Brian Loe
- RE: [funsec] couldn't resist sharing,
David Harley
- Re: [funsec] couldn't resist sharing,
Brian Loe
- RE: [funsec] couldn't resist sharing,
David Harley
- Re: [funsec] couldn't resist sharing,
David Lodge
- RE: [funsec] couldn't resist sharing,
David Harley
- Re: [funsec] couldn't resist sharing,
Valdis . Kletnieks
- Re: [funsec] couldn't resist sharing,
Dennis Henderson
- RE: [funsec] couldn't resist sharing,
David Harley
- Re: [funsec] couldn't resist sharing,
Drsolly
- Re: [funsec] couldn't resist sharing,
Brian Loe
- Re: [funsec] couldn't resist sharing,
Drsolly
- Re: [funsec] couldn't resist sharing,
Brian Loe
- Re: [funsec] couldn't resist sharing,
Drsolly
- RE: [funsec] couldn't resist sharing,
Blanchard_Michael
- RE: [funsec] couldn't resist sharing,
David Harley
- Re: [funsec] couldn't resist sharing,
Brian Loe
- Re: [funsec] couldn't resist sharing,
Drsolly
- Re: [funsec] couldn't resist sharing,
Brian Loe
- Re: [funsec] couldn't resist sharing,
Drsolly
- Re: [funsec] couldn't resist sharing,
Rob, grandpa of Ryan, Trevor, Devon & Hannah
Pixaria Gallery 1.0 (class.Smarty.php) Remote File Include Vulnerability,
irvian_yoe
Re: sitex multiple vulnerabilities,
Lostmon
[Full-disclosure] iDefense Security Advisory 04.16.07: ClamAV CAB File Unstore Buffer Overflow Vulnerability,
iDefense Labs
Sitebar 3.3.5 (index.php writerFile)Remote File Include Vulnerabilities,
?? ???? ??????
[funsec] wow - another UK dis...,
Brian Loe
LS simple guestbook - arbitrary code execution,
jd2k2000
Joomla/Mambo Jambook v1.0 beta7 Rfi Vuln.,
crazy_king
[MajorSecurity Advisory #45]oe2edit CMS - Cross Site Scripting and Cookie Manipulation Issue,
admin
ZoneAlarm Multiple insufficient argument validation of hooked SSDT function Vulnerability,
Matousec - Transparent security Research
ActionPoll Script (actionpoll.php) Remote File Include // starhack.org,
seko
MyBlog <= 0.9.8 Remote Command Execution Exploit,
BlackHawk
[Full-disclosure] [ GLSA 200704-11 ] Vixie Cron: Denial of Service,
Matthias Geerdsen
Microsoft DNS Server Remote Code execution: Analysis and exploit,
mballano
Windows DNS Cache Poisoning by Forwarder DNS Spoofing,
Makoto Shiotsuki
Persistent CSRF and The Hotlink Hell,
pdp (architect)
Ivan Gallery Script V.0.1 (index.php) Remote File Include Exploit,
seko
rPSA-2007-0071-1 kernel,
rPath Update Announcements
[Full-disclosure] [ MDKSA-2007:084 ] - Updated ipsec-tools packages fix DoS vulnerability,
security
[Full-disclosure] [ MDKSA-2007:085 ] - Updated freeradius packages fix DoS vulnerability,
security
[Full-disclosure] [ GLSA 200704-12 ] OpenOffice.org: Multiple vulnerabilities,
Raphael Marichez
Akamai Technologies Security Advisory 2007-0001,
Akamai Security Team
[Full-disclosure] [ MDKSA-2007:086 ] - Updated cups packages fix DoS vulnerability,
security
[ MDKSA-2007:086 ] - Updated cups packages fix DoS vulnerability,
security
[ MDKSA-2007:084 ] - Updated ipsec-tools packages fix DoS vulnerability,
security
[ MDKSA-2007:085 ] - Updated freeradius packages fix DoS vulnerability,
security
[Full-disclosure] iDefense Security Advisory 04.16.07: Akamai Download Manager ActiveX Stack Buffer Overflow Vulnerability,
iDefense Labs
[funsec] Profiteers (And Perhaps Criminals?) Snap Up Virginia Tech Domains,
Fergie
[funsec] Fans in Iraq,
Gadi Evron
Re: [Full-disclosure] [linux-elitists] Gutsy Gibbon to include strictly-free branch (fwd),
Jay Sulzberger
[Full-disclosure] Tiscali webmail exploited,
Rosario Valotta
[funsec] fav comicstrip of the week :),
Gadi Evron
[funsec] the history of ctrl + alt + del,
Gadi Evron
Netsprint Toolbar 1.1 arbitrary remote code vulnerability,
Michal Bucko
PHP Nuke <= 8.0.0.3.3b SQL Injections and Bypass SQL Injection Protection vulnerabilities,
programmer
Remot File Include In Script phphd_downloads,
RaeD
Remot File Include download_engine_V1.4.3,
RaeD
Wabbit PHP Gallery v0.9 Cross Site Scripting,
the_3dit0r
my little weblog Cross Site Scripting,
the_3dit0r
my little forum 1.7 Remote File Include Vulnerabilitiy,
the_3dit0r
[Full-disclosure] Internet Explorer Crash,
J. Oquendo
webMethods Security Advisory: Glue console directory traversal vu lnerability,
Jeremy Epstein
[funsec] defacement,
Brian Loe
[Full-disclosure] ...Alright I need a little help....,
srxnr srxnr
[Full-disclosure] Follow up browser DoS,
J. Oquendo
Internet Explorer Crash,
J. Oquendo
[security bulletin] HPSBTU02207 SSRT061213, SSRT061239, SSRT071304 rev.1 - HP Tru64 UNIX SSL and BIND Remote Arbitrary Code Execution or Denial of Service (DoS),
security-alert
Multiple Ask IE Toolbar denial of service vulnerabilities,
Michal Bucko
[funsec] FOIA Fun - Or - How Phishers Hacked Into Indiana University,
Fergie
[Full-disclosure] n.runs-SA-2007.007 - Sun Solaris 10 - Format string vulnerability,
security
Gizzar <= (basePath) Remote File Include Vulnerability,
BorN To K!LL BorN To K!LL
BlueArc Firmware 4.2.944b FTP bounce,
Tim Rupp
SYMSA-2007-003 Macrovision InstallAnywhere Password and Serial Number Bypass,
research
[Full-disclosure] FyLasso Antivulnerability 1.6.1 Released today!,
William Kimball
ShoutPro 1.5.2 - arbitrary code execution,
jd2k2000
WASC-Articles: 'The Importance of Application Classification in Secure Application Development',
contact
[Full-disclosure] [ GLSA 200704-13 ] File: Denial of Service,
Raphael Marichez
[Full-disclosure] [ GLSA 200704-14 ] FreeRADIUS: Denial of Service,
Raphael Marichez
[Full-disclosure] [ GLSA 200704-15 ] MadWifi: Multiple vulnerabilities,
Raphael Marichez
[funsec] UK ISP threatens security researcher,
Gadi Evron
Re: [funsec] Re: [Full-disclosure] A Botted Fortune 500 a Day,
Fergie
Mambo/Joomla Component New Article Component RFI,
meftun
[Full-disclosure] iDefense Security Advisory 04.17.07: McAfee VirusScan On-Access Scanner Long Unicode File Name Buffer Overflow,
iDefense Labs
[Full-disclosure] iDefense Security Advisory 04.17.07: McAfee E-Business Admin Server Invalid Data Length DoS Vulnerability,
iDefense Labs
[funsec] US-CERT: Be aware of possible VA Tech phishing,
Juha-Matti Laurio
[Full-disclosure] hiding routers,
Kristian Hermansen
[Full-disclosure] Firefox 2.0.0.3 Phishing Protection Bypass Vulnerability,
carl hardwick
[Full-disclosure] Advisory: Bypass Oracle Logon Trigger,
Alexander Kornbrust
[Full-disclosure] Advisory: SQL Injection in package SYS.DBMS_AQADM_SYS,
Alexander Kornbrust
[Full-disclosure] Advisory: Shutdown unprotected Oracle TNS Listener via Oracle Discoverer Servlet [AS01],
Alexander Kornbrust
[Full-disclosure] Advisory: Cross-Site-Scripting Vulnerability in Oracle Secure Enterprise Search [SES01],
Alexander Kornbrust
[Full-disclosure] Advisory: SQL Injection in package SYS.DBMS_UPGRADE_INTERNAL,
Alexander Kornbrust
Re: [Full-disclosure] UK ISP threatens security researcher,
Dr. Neal Krawetz, PhD
[Full-disclosure] Reminder: HITBSecConf2007 - Malaysia: Call for Papers closing in 2 weeks,
Praburaajan
[Full-disclosure] MS DNS worm,
Geo.
[Full-disclosure] CfP: Hack.lu 2007,
Hack Lu
[Full-disclosure] Analysis of the Oracle April 2007 Critical Patch Update,
David Litchfield
[Full-disclosure] Oracle E-Business Suite Vulnerability Information April 2007,
Integrigy Alerts
NukeSentinel Bypass SQL Injection & Nuke Evolution <= 2.0.3 SQL Injections,
programmer
Advisory: Bypass Oracle Logon Trigger,
ak
[Full-disclosure] rPSA-2007-0072-1 lighttpd,
rPath Update Announcements
[Full-disclosure] rPSA-2007-0073-1 php php-mysql php-pgsql,
rPath Update Announcements
[Full-disclosure] rPSA-2007-0074-1 dovecot,
rPath Update Announcements
[Full-disclosure] UNIX man pages based fuzzing,
E. Kellinis
Advisory: SQL Injection in package SYS.DBMS_AQADM_SYS,
ak
Advisory: SQL Injection in package SYS.DBMS_UPGRADE_INTERNAL,
ak
Advisory: XSS Vulnerability in Oracle Secure Enterprise Search [SES01],
ak
Reminder: HITBSecConf2007 - Malaysia: Call for Papers closing in 2 weeks,
Praburaajan
Advisory: Shutdown unprotected Oracle TNS Listener via Oracle Discoverer Servlet [AS01],
ak
[funsec] babeldisc -- here's the first credible grannyx i've seen,
Paul Vixie
[Full-disclosure] Oracle Database Buffer overflow vulnerabilities in package DBMS_SNAP_INTERNAL,
Team SHATTER
MediaBeez Sql query Execution .. Wear isn't ?? :),
security
FullyModdedphpBB2 Remote File Inclusion,
security
[Full-disclosure] ZDI-07-015: Novell Groupwise WebAccess Base64 Decoding Stack Overflow Vulnerability,
zdi-disclosures
[Full-disclosure] ZDI-07-016: Oracle E-Business Suite Arbitrary Node Deletion Vulnerability,
zdi-disclosures
[Full-disclosure] ZDI-07-017: Oracle E-Business Suite Arbitrary Document Download Vulnerability,
zdi-disclosures
[Full-disclosure] ZDI-07-018: IBM Tivoli Monitoring Express Universal Agent Heap Overflow Vunlerability,
zdi-disclosures
Extreme PHPBB2 Remote File Inclusion,
security
[Full-disclosure] ZDI-07-019: BMC Patrol PerformAgent bgs_sdservice Memory Corruption Vulnerability,
zdi-disclosures
EclipseBB Remote File Inclusion,
security
[Full-disclosure] ZDI-07-020: BMC Performance Manager SNMP Command Execution Vulnerability,
zdi-disclosures
[security bulletin] HPSBST02206 SSRT071354 rev.2 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS07-017,
security-alert
[funsec] Barclaycard shenanigans.,
Drsolly
[Full-disclosure] [USN-453-1] X.org vulnerability,
Kees Cook
NuclearBB Alpha 1 - Multiple Blind SQL/XPath Injection Vulnerabilities,
john
[funsec] Details About U.S. State Department Computer Compromise Surfaces,
Fergie
[Full-disclosure] [ MDKSA-2007:087 ] - Updated php packages fix multiple vulnerabilities,
security
[Full-disclosure] [ MDKSA-2007:088 ] - Updated php packages fix multiple vulnerabilities,
security
[Full-disclosure] [ MDKSA-2007:089 ] - Updated php packages fix multiple vulnerabilities,
security
[Full-disclosure] [ MDKSA-2007:090 ] - Updated php packages fix multiple vulnerabilities,
security
[Full-disclosure] [ MDKSA-2007:091 ] - Updated sqlite packages fix vulnerability,
security
[funsec] responsible disclosure in action ;-),
Michal Zalewski
[Full-disclosure] Anyone have a Lindows/Linspire contact,
J. Oquendo
[ MDKSA-2007:087 ] - Updated php packages fix multiple vulnerabilities,
security
[ MDKSA-2007:088 ] - Updated php packages fix multiple vulnerabilities,
security
[ MDKSA-2007:089 ] - Updated php packages fix multiple vulnerabilities,
security
Re: [Full-disclosure] ZDI-07-020: BMC Performance Manager SNMP Command Execution Vulnerability,
rashbi
CfP Hack.lu 2007,
info
IPB (Invision Power Board) Full Path Disclusure,
security
[waraxe-2007-SA#049] - Multiple vulnerabilities in Phorum 5.1.20,
come2waraxe
[Full-disclosure] Firefox 2.0.0.3 DoS crash,
carl hardwick
Winamp <= (WMV) 5.3 Buffer Overflow DOS Exploit (0-DAY),
UniquE
[Full-disclosure] US State department rooted by 0-day Word attack,
ad@heapoverflow.com
[funsec] "DNS Exploit Used to Plant Backdoor on Windows Servers",
Paul Vixie
RaidenFTPd IXceedCompression multiple denial of service vulnerabilities,
Michal Bucko
Yet another SQL injection framework,
Guillermo Marro
[security bulletin] HPSBMA02133 SSRT061201 rev.4 - HP Oracle for OpenView (OfO) Critical Patch Update,
security-alert
[ MDKSA-2007:090 ] - Updated php packages fix multiple vulnerabilities,
security
[ MDKSA-2007:091 ] - Updated sqlite packages fix vulnerability,
security
[security bulletin] HPSBST02208 SSRT071365 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS07-018 to MS07-022,
security-alert
[Full-disclosure] XSS in freePBX 2.2.x portal's Asterisk Log tool,
XenoMuta
[Full-disclosure] ZDI-07-021: GraceNote CDDBControl ActiveX Buffer Overflow Vulnerability,
zdi-disclosures
[Full-disclosure] eXtremail-v9,
mu-b
[Full-disclosure] ShortNotes : Stack Smashing with GCC4,
xWinGs @ KJ
Re: [Full-disclosure] [VulnWatch] Cross Domain XMLHttpRequest,
anurag . agarwal
NeatUpload vulnerability and fix,
dean
Eba News Version : v1.1 <= (webpages.php) Remote File Include // starhack.org,
seko
TSLSA-2007-0013 - multi,
Trustix Security Advisor
[Full-disclosure] Tel Aviv University Security Forum - Sunday, Apr 29 (TAUSEC),
Gadi Evron
[Full-disclosure] iDefense Security Advisory 04.20.07: Check Point Zone Labs SRESCAN IOCTL Local Privilege Escalation Vulnerability,
iDefense Labs
[Full-disclosure] eEye Announcement, CEO blog and addiction,
Ross Brown
[funsec] Google Web History: Spying software made easy?,
rms
[funsec] Disgruntled techie attempts Californian power blackout,
rms
[Full-disclosure] OT? - TDBanknorth + merchant's CC auth,
Troy
[funsec] Horrible defamation of IT guys,
Cornali Remo
[funsec] "We watch over you for your security",
rms
[Full-disclosure] FLEA-2007-0011-1: lighttpd,
Foresight Linux Essential Announcement Service
[funsec] Boston's police patrols gaining bird's-eye view; To ride in copters with state troopers,
rms
UseBB Version 1.0.4 Path Disclosure Vulnerability,
securityresearch
[Full-disclosure] UseBB Version 1.0.4 Path Disclosure Vulnerability,
SecurityResearch
[Full-disclosure] [MU-200704-01] Pre-Authentication Vulnerability in Mac OS X RPC runtime library,
noreply
[Full-disclosure] OpenSSH - System Account Enumeration if S/Key is used,
rembrandt
[Full-disclosure] aMSN <= 0.96 remote DoS vulnerability,
Levent Kayan
Top Auction 1.0 (viewcat.php) Remote Blind SQL Injection // starhack.org,
seko
turbolence core 0.0.1 alpha Remote File Inclusion,
omnipresent
[Full-disclosure] Apparently eEye's blog got p0wnd,
Paul Schmehl
[funsec] 13 waiters indicted in $3 million credit card fraud in NYC,
rms
WS_FTP Home 2007 NetscapeFTPHandler denial of service,
Michal Bucko
[Full-disclosure] freePBX 2.2.x's Music-on-hold Remote Code Execution Injection,
XenoMuta
Re: [Full-disclosure] [Amsn-devel] aMSN <= 0.96 remote DoS vulnerability,
Youness Alaoui
[Full-disclosure] [SECURITY] [DSA 1279-1] New webcalendar packages fix cross-site scripting,
Moritz Muehlenhoff
Re: [Full-disclosure] [levent@corehack.org: Re: [Amsn-devel] aMSN <= 0.96 remote DoS vulnerability],
Levent Kayan
[Full-disclosure] [ GLSA 200704-16 ] Aircrack-ng: Remote execution of arbitrary code,
Raphael Marichez
[Full-disclosure] [ GLSA 200704-17 ] 3proxy: Buffer overflow,
Raphael Marichez
[Full-disclosure] [ GLSA 200704-18 ] Courier-IMAP: Remote execution of arbitrary code,
Raphael Marichez
[Full-disclosure] FLEA-2007-0012-1: madwifi,
Foresight Linux Essential Announcement Service
[Full-disclosure] 3proxy 0.5.3i bugfix release,
Vladimir Dubrovin
[funsec] Biometric "gated communities" in Baghdad,
Richard M. Smith
Allfaclassfieds (level2.php dir) remote file inclusion,
asdasd asdsadas
claroline <= Multiple Remote File Include Vulnerablitiy,
Mohandko
[Reversemode advisory] CheckPoint Zonelabs - ZoneAlarm SRESCAN driver local privilege escalation,
Reversemode
lms 1.5.3 Remote File Inclusion,
InyeXion
EsForum <= 3.0 SQL Injection Vulnerability,
ilkerkandemir
PHPMyBibli <= Multiple Remote File Include,
Mohandko
File117 Remote File Inclusion,
InyeXion
Ripe Website Manager (<= 0.8.4) - SQL Injection Vulnerability and Cross-Site Scripting Exploit,
john
Remote file inclusion in Joomla 1.5.0 Beta,
Omid
[Full-disclosure] FLEA-2007-0013-1: xine-lib,
Foresight Linux Essential Announcement Service
c-arbre <= Multiple Remote File Include Vulnerablitiy,
Mohandko
bibtex mase Remote File Inclusion,
InyeXion
[Full-disclosure] [ GLSA 200704-19 ] Blender: User-assisted remote execution of arbitrary code,
Raphael Marichez
[Full-disclosure] [ MDKSA-2007:092 ] - Updated freeradius packages fix vulnerability,
security
[Full-disclosure] [ MDKSA-2007:093 ] - Updated zziplib packages fix vulnerability,
security
[Full-disclosure] [ GLSA 200704-20 ] NAS: Multiple vulnerabilities,
Raphael Marichez
WASC-Articles: 'The business case for security frameworks',
announcements
Big Blue Guestbook HTML Injection Vulnerabilities,
seko
[Full-disclosure] Apache/PHP REQUEST_METHOD XSS Vulnerability,
Michal Majchrowicz
Message not available
Message not available
TJSChat Version 0.95 Cross Site Scripting,
the_3dit0r
[ MDKSA-2007:092 ] - Updated freeradius packages fix vulnerability,
security
[security bulletin] HPSBUX02183 SSRT061243 rev.1 - HP-UX sendmail, Remote Denial of Service (DoS),
security-alert
[ MDKSA-2007:093 ] - Updated zziplib packages fix vulnerability,
security
acvsws_php5_v1.0 <= Multiple Remote File Include Vulnerablitiy,
Mohandko
DmCMS Shell Uploading,
security
phpMySpace Gold (v8.10) - Blind SQL/XPath Injection Exploit,
john
Post Revolution Remote File Inclusion,
InyeXion
[Full-disclosure] Apache Illegal Request Handling Possible XSS Vulnerability,
Michal Majchrowicz
Re: [Full-disclosure] Apache Illegal Request Handling Possible XSS Vulnerability,
Guasconi Vincent
[Full-disclosure] Linksys SPA941 remote DOS with \377 character,
Radu State
[Full-disclosure] rPSA-2007-0081-1 postgresql postgresql-server,
rPath Update Announcements
[Full-disclosure] [ GLSA 200704-21 ] ClamAV: Multiple vulnerabilities,
Matthias Geerdsen
YA Book 0.98 Persistent XSS,
omnipresent
gallery >> 1.5.6 Remote File Inclusion,
s433d_only_linux
ImageProcessing ... Local (Denial of Service Exploit),
Dr . Ninux
[Full-disclosure] Security Advisory: CA CleverPath SQL Injection,
Irene Abezgauz
Security Advisory: CA CleverPath SQL Injection,
Irene Abezgauz
[security bulletin] HPSBST02200 SSRT071330 rev.1 - HP StorageWorks Command View Advanced Edition for XP, Local Unauthorized Access,
security-alert
Progress Webspeed exploit for all releases,
suresync
[MajorSecurity Advisory #46]Plogger - Session fixation Issue,
admin
[Full-disclosure] [SECURITY] [DSA 1280-1] New aircrack-ng packages fix arbitrary code execution,
Moritz Muehlenhoff
[VulnWatch] Syhunt: MyCyberTwin Multiple Cross-Site Scripting Vulnerabilities,
Alec Storm
3Com's TippingPoint Denial of Service,
mike20061005
[Full-disclosure] ZDI-07-022: CA BrightStor ArcServe Media Server Multiple Buffer Overflow Vulnerabilities,
zdi-disclosures
dcp-portal v611 >> RFi,
s433d_only_linux
[VulnWatch] Syhunt: Google Talk (gTalk) HTML Injection Technique,
Alec Storm
[VulnWatch] Syhunt: Flixster Cross-Site Scripting Vulnerabilities,
Alec Storm
[Full-disclosure] ASA-2007-011: Multiple problems in SIP channel parser handling response codes,
Asterisk Development Team
[Full-disclosure] ASA-2007-012: Remote Crash Vulnerability in Manager Interface,
Asterisk Development Team
[Full-disclosure] ASA-2007-010: Two stack buffer overflows in SIP channel's T.38 SDP parsing code,
Asterisk Development Team
[Full-disclosure] Anti-Virus vendors prove less-effective,
David Kierznowski
[funsec] Groups Raise Concerns About Cybersecurity Standards,
Fergie
[Full-disclosure] requesting info,
n n
[Full-disclosure] [Fwd: Re: Apache Illegal Request Handling Possible XSS Vulnerability],
Tõnu Samuel
[Full-disclosure] Cisco Security Advisory: Default Passwords in NetFlow Collection Engine,
Cisco Systems Product Security Incident Response Team
MyNewsGroups >> RFI in include.php,
alijsb
[Full-disclosure] IE 7 and Firefox Browsers Digest Authentication Request Splitting,
Stefano Di Paola
HYIP Manager Pro Script >> Remote file Include,
alijsb
WordPress v2.1.3 >> remote file include~,
s433d_only_linux
[Full-disclosure] [SECURITY] [DSA 1281-1] New clamav packages fix several vulnerabilities,
Moritz Muehlenhoff
HTMLeditbox & 2.2 >> RFI,
alijsb
netbingo v 2000 >> RFI,
alijsb
DynaTracker &v151>> RFI,
alijsb
phpMYTGP v v1.4b >> RFI,
alijsb
Shop-Script v 2.0 >> RFI,
alijsb
adrevenue script (CyKuH.com)>> RFI,
alijsb
sunshop v4 >> RFI,
info
B2 Weblog and News Publishing Tool v0.6.1 >> RFI,
alijsb
Built2Go_PHP_Link_Portal_v1.79 >> RFI,
alijsb
comus 2.0 Final >> RFI,
alijsb
blogsystem 1.4 >> local & remote = -rfi & lfi & -xss,
info
Searchactivity >> RFI,
alijsb
ASA-2007-010: Two stack buffer overflows in SIP channel's T.38 SDP parsing code,
Kevin P. Fleming
[funsec] White House Task Force Proposes Criminalizing Harmless Hacks,
Fergie
nucleus 3.22 >> RFI,
alijsb
ASA-2007-011: Multiple problems in SIP channel parser handling response codes,
Kevin P. Fleming
download engine V1.4.1 >> RFI (local),
alijsb
CFP: 3rd European Conference on Computer Network Defense (EC2ND),
Stefano Zanero
Remote File Inclusion,
s433d_only_linux
VirtuaNews.Pro.v1.0.3.Retail.+All.Plugins Remote file Include,
s433d_only_linux
IE 7 and Firefox Browsers Digest Authentication Request Splitting,
Stefano Di Paola
ASA-2007-012: Remote Crash Vulnerability in Manager Interface,
Kevin P. Fleming
:doruk100net >> RFI,
alijsb
[Full-disclosure] [ MDKSA-2007:094 ] - Updated postgresql packages fix vulnerability,
security
[Full-disclosure] Severe vulnerability in https://secure.somethingawful.com,
Pedro Martinez
[funsec] Major Anti-Spam Lawsuit to Be Filed in Virginia,
Fergie
[Full-disclosure] [CAID 35198, 35276]: CA BrightStor ARCserve Backup Media Server Vulnerabilities,
Williams, James K
[Full-disclosure] [CAID 35277]: CA CleverPath Portal SQL Injection Vulnerability,
Williams, James K
[Full-disclosure] Rapid integer factorization = end of RSA?,
Eugene Chukhlomin
[Full-disclosure] [USN-453-2] rdesktop regression,
Martin Pitt
[CAID 35277]: CA CleverPath Portal SQL Injection Vulnerability,
Williams, James K
[CAID 35198, 35276]: CA BrightStor ARCserve Backup Media Server Vulnerabilities,
Williams, James K
[ MDKSA-2007:094 ] - Updated postgresql packages fix vulnerability,
security
modbuild >> 4.1 Remote File Inclusion,
s433d_only_linux
SineCMS,
nexus
Re: Chicken of the VNC 2.0 remote DoS,
support
[Full-disclosure] [SECURITY] [DSA 1282-1] New php4 packages fix several vulnerabilities,
Moritz Muehlenhoff
Burak Yılmaz Blog (tr) v1.0 SQL injection vulnerability,
dj_remix_20
[Full-disclosure] FW: Steganos Encrypted Safe NOT so safe,
Dan Bambach
[Full-disclosure] iDefense Security Advisory 04.26.07: Novell eDirectory NCP Fragment Denial of Service Vulnerability,
iDefense Labs
[funsec] Alleged Bomb Threats Aimed at Pumping Up 3Com Stock,
Fergie
[funsec] NY Teen Hacks AOL, Infects Systems,
Fergie
[Full-disclosure] mydns-1.1.0 remote heap overflow,
mu-b
[Full-disclosure] Buying zeroday vulnerabilities,
0buy
[Full-disclosure] [USN-455-1] PHP vulnerabilities,
Martin Pitt
[Full-disclosure] [USN-454-1] PostgreSQL vulnerability,
Martin Pitt
TSLSA-2007-0015 - postgresql,
Trustix Security Advisor
FreeBSD Security Advisory FreeBSD-SA-07:03.ipv6,
FreeBSD Security Advisories
[Full-disclosure] iDefense Security Advisory 04.26.07: Symantec Norton Ghost 10 Service Manager Buffer Overflow Vulnerability,
iDefense Labs
[Full-disclosure] iDefense Security Advisory 04.26.07: Symantec Norton Ghost 10 Recovery Points Insecure Password Storage Vulnerability,
iDefense Labs
Security Concerns in Web 2.0,
dharmeshmm
[funsec] So how was *your* day?,
Rob, grandpa of Ryan, Trevor, Devon & Hannah
AFFLIB(TM): Time-of-Check-Time-of-Use File Race,
VSR Advisories
AFFLIB(TM): Multiple Buffer Overflows,
VSR Advisories
AFFLIB(TM): Multiple Format String Injections,
VSR Advisories
AFFLIB(TM): Multiple Shell Metacharacter Injections,
VSR Advisories
[Full-disclosure] [ GLSA 200704-22 ] BEAST: Denial of Service,
Raphael Marichez
[Full-disclosure] [ GLSA 200704-23 ] capi4k-utils: Buffer overflow,
Raphael Marichez
[funsec] So What's Up with MacLockPick?,
Fergie
[funsec] Off Topic: Criminal Mastermind of the Week,
Fergie
[funsec] Off Topic: Thor Still Rocks,
Fergie
[Full-disclosure] Polynomials and factoring,
r ahead
[funsec] Hasn't the LA Times and Humphrey Cheung ever heard of the Electronics Communications Privacy Act?,
Richard M. Smith
[funsec] An OMB memo that we would like to see,
Richard M. Smith
Sphider Version 1.2.x (include_dir) file include,
1one1
[funsec] Crossing the line when doing computer security demonstrations,
Richard M. Smith
Seir Anphin (file.php a[filepath]) Remote File Disclosure Vulnerability,
ilkerkandemir
RE: [funsec] Hasn't the LA Times and Humphrey Cheung ever heard of the Electronics Communications Privacy Act?,
Richard M. Smith
[Full-disclosure] Subject: Bruce Schneier facts not so Factual?,
Core Core
[funsec] Large-Scale Website Attacks Due to Unrest in Estonia,
Fergie
[Full-disclosure] Cryptome is dead (at least for now),
Line Noise
[Full-disclosure] [SECURITY] [DSA 1283-1] New php5 packages fix several vulnerabilities,
Moritz Muehlenhoff
Flaw in about.r OS and Progress version disclosure,
suresync
[Full-disclosure] Firefox 2.0.0.3 non-existent applet DoS flaw,
carl hardwick
please retract CVE-2007-2056 "Time-of-Check-Time-of-Use File Race in AFFLIB",
Simson Garfinkel
GHH Portal 1.1 (passwd.txt) Remote Password Disclosure Vulnerability,
crazy_king
[Full-disclosure] Aventail Connect SSL VPN Client Buffer Overflow,
Thomas Pollet
[Full-disclosure] iDefense Security Advisory 04.27.07: VMware Workstation Shared Folders Directory Traversal Vulnerability,
iDefense Labs
3proxy[v0.5.3g]: (linux/win32 service) remote buffer overflow exploits.,
v9
[Full-disclosure] after hrs patch/malware scanning,
bills
[Full-disclosure] FLEA-2007-0014-1: vim,
Foresight Linux Essential Announcement Service
[security bulletin] HPSBMA02197 SSRT061285 rev.1 - HP-UX Running HP Power Manager Remote Agent (RA), Local Execution of Arbitrary Code with Root Privileges,
security-alert
[Full-disclosure] FLEA-2007-0015-1: gimp,
Foresight Linux Essential Announcement Service
E-Annu (home.php) Remote SQL Injection Vulnerability,
ilkerkandemir
[funsec] Researcher to Demonstrate Vista Attacks,
Fergie
[Full-disclosure] NSA's surveillance project:True or crap,
scott
[funsec] Astroglide Website Helps Hackers Insert Rogue Code, Reader Reports,
Fergie
[funsec] VeriSign to Offer One-Time Passwords on Bank Cards,
Fergie
[Full-disclosure] Firefox 2.0.0.3 Out-of-bounds memory access via specialy crafted html file,
carl hardwick
[funsec] Soylent Green Alert: FDA Downplays the Ever Expanding Food Safety Issu es,
Fergie
[Full-disclosure] [SECURITY] [DSA 1284-1] New qemu packages fix several vulnerabilities,
Moritz Muehlenhoff
[Full-disclosure] Month of ActiveX Bug,
xxx xxx
[Full-disclosure] ZoneAlarm Insufficient validation of 'vsdatant' driver input buffer Vulnerability,
Matousec - Transparent security Research
[Full-disclosure] 2057 - The City,
pdp (architect)
[Full-disclosure] iDefense Security Advisory 04.30.07: Cerulean Studios Trillian Multiple IRC Vulnerabilities,
iDefense Labs
[Full-disclosure] 2057 - The City&In-Reply-To=,
Chris Rohlf
ZoneAlarm Insufficient validation of 'vsdatant' driver input buffer Vulnerability,
Matousec - Transparent security Research
[funsec] Corporate Spambots and... Nationwide Insurance,
Fergie
[Full-disclosure] [ GLSA 200705-01 ] Ktorrent: Multiple vulnerabilities,
Raphael Marichez
[Full-disclosure] [ GLSA 200705-02 ] FreeType: User-assisted execution of arbitrary code,
Raphael Marichez
[SECURITY] [DSA 1285-1] New wordpress packages fix multiple vulnerabilities,
Noah Meyerhans
[Full-disclosure] [ GLSA 200705-03 ] Tomcat: Information disclosure,
Raphael Marichez
[funsec] NBA Star Bruce Bowen Claims Hard Drive Foul,
Fergie
[Full-disclosure] Radware Security Advisory - Yate 1.1.0 Denial of Service Vulnerability,
no-reply
[funsec] Fwd: Bank of America protection I.A.C.,
Brian Loe
[Full-disclosure] ZDI-07-023: Apple QTJava toQTPointer() Pointer Arithmetic Memory Overwrite Vulnerability,
zdi-disclosures
[funsec] Websense: Malcode Found on Mexican .Gov Website,
Fergie
[funsec] New Russian Privacy Law Deals With WHOIS Data,
Fergie
[Full-disclosure] [ MDKSA-2007:095 ] - Updated ktorrent packages fix vulnerability,
security
[funsec] Digg Goes Bananas -or- 'Even Jesus Hates the MPAA',
Fergie
[Full-disclosure] rPSA-2007-0084-1 kernel,
rPath Update Announcements
[Full-disclosure] May Chicago 2600/DefCon 312 Meeting Information,
Steven McGrath
[Full-disclosure] CMS Made Simple: SQL injection,
Daniel Lucq
[Full-disclosure] [ GLSA 200705-04 ] Apache mod_perl: Denial of Service,
Sune Kloppenborg Jeppesen
[Full-disclosure] [ GLSA 200705-05 ] Quagga: Denial of Service,
Sune Kloppenborg Jeppesen
Wordpress All versions XSS,
jcarlos . norte
[ECHO_ADV_81$2007] wordpress plugins wordTube <= 1.43 (wpPATH) Remote File Inclusion Vulnerability,
erdc
[ECHO_ADV_82$2007] wordpress plugins wp-Table <= 1.43 (wpPATH) Remote File Inclusion Vulnerability,
erdc
[ MDKSA-2007:095 ] - Updated ktorrent packages fix vulnerability,
security
[Full-disclosure] [USN-456-1] net-snmp vulnerability,
Kees Cook
[Full-disclosure] Vulnerability in InterVations' MailCopa,
skillTube.com
[funsec] "House tries again for antispyware bill" (C|Net),
Paul Vixie
Atomix Mp3 Buffer Overflow,
preth00nker
Vulnerability in InterVations' MailCopa,
skillTube.com
Disable website access for sites running Webspeed,
suresync
response Progress: Denial of Service attack against WebSpeed possible,
suresync
[Full-disclosure] Cisco Security Advisory: LDAP and VPN Vulnerabilities in PIX and ASA Appliances,
Cisco Systems Product Security Incident Response Team
Post Nuke v4bJournal Module Sql Inject,
abbasi
[Full-disclosure] iDefense Security Advisory 05.02.07: LiveData Protocol Server Heap Overflow Vulnerability,
iDefense Labs
[SECURITY] [DSA 1286-1] New Linux 2.6.18 packages fix several vulnerabilities,
Dann Frazier
[Full-disclosure] [ MDKSA-2007:096 ] - Updated quagga packages fix DoS vulnerability,
security
[ MDKSA-2007:096 ] - Updated quagga packages fix DoS vulnerability,
security
[Full-disclosure] TPTI-07-05: IBM Tivoli Provisioning Manager for OS Deployment Multiple Stack Overflow Vulnerabilities,
TSRT
[Full-disclosure] TPTI-07-06: Trillian Pro Rendezvous XMPP HTML Decoding Heap Corruption,
TSRT
[Full-disclosure] [ MDKSA-2007:097 ] - Updated xscreensaver packages fix vulnerability,
security
[funsec] Homeless Man Disrupts Internet2 Service,
Fergie
[Full-disclosure] Medium security hole affecting DSL-G624T,
Tim Brown
[Full-disclosure] XSS in secure.somethingawful.com at Something Awful AGAIN.,
jeremy borne
12All File Upload Vulnerability,
John McGuire
[security bulletin] HPSBPI02185 SSRT071290 rev.2 - HP Jetdirect Running ftp, Remote Denial of Service (DoS),
security-alert
Bradford CampusManager v3.1(6) Sensitive Data Disclosure,
john
[ MDKSA-2007:097 ] - Updated xscreensaver packages fix vulnerability,
security
Aardvark Topsites PHP Directory Disclosure Vulnerability,
DoZ
[security bulletin] HPSBTU02116 SSRT061135 rev.3 - HP Tru64 UNIX and HP Internet Express for Tru64 UNIX Running sendmail, Remote Execution of Arbitrary Code or Denial of Service (DoS),
security-alert
[security bulletin] HPSBTU02179 SSRT061256 rev.1 - HP Tru64 UNIX Running the ps command, Local Disclosure of Sensitive Information,
security-alert
SchoolBoard (admin.php) Remote Login Bypass SQL Injection Vulnerability,
ilkerkandemir
[security bulletin] HPSBMI02210 SSRT071396 rev.1 - ProCurve Series 9300m Switches, Remote Denial of Service (DoS),
security-alert
[security bulletin] HPSBUX01137 SSRT5954 rev.10 - HP-UX Running TCP/IP (IPv4), Remote Unauthorized Denial of Service (DoS),
security-alert
[funsec] Student arrested over Counter Strike map,
Juha-Matti Laurio
- Re: [funsec] Student arrested over Counter Strike map,
Bruce Ediger
- Re: [funsec] Student arrested over Counter Strike map,
Jim Murray
- <Possible follow-ups>
- Re: [funsec] Student arrested over Counter Strike map,
Juha-Matti Laurio
- Re: [funsec] Student arrested over Counter Strike map,
Juha-Matti Laurio
- Re: [funsec] Student arrested over Counter Strike map,
Kurt Grutzmacher
- Re: [funsec] Student arrested over Counter Strike map,
Drsolly
- Re: [funsec] Student arrested over Counter Strike map,
Kurt Grutzmacher
- Re: [funsec] Student arrested over Counter Strike map,
Drsolly
- Re: [funsec] Student arrested over Counter Strike map,
Peter Evans
- Re: [funsec] Student arrested over Counter Strike map,
John Forrister
- Re: [funsec] Student arrested over Counter Strike map,
Kurt Grutzmacher
- Re: [funsec] Student arrested over Counter Strike map,
John Forrister
- Re: [funsec] Student arrested over Counter Strike map,
Drsolly
- Re: [funsec] Student arrested over Counter Strike map,
John Forrister
- Re: [funsec] Student arrested over Counter Strike map,
Valdis . Kletnieks
- Re: [funsec] Student arrested over Counter Strike map,
Brian Loe
- RE: [funsec] Student arrested over Counter Strike map,
Jeffrey Sharpe
- Re: [funsec] Student arrested over Counter Strike map,
John Forrister
- Re: [funsec] Student arrested over Counter Strike map,
Brian Loe
- RE: [funsec] Student arrested over Counter Strike map,
Richard M. Smith
- Re: [funsec] Student arrested over Counter Strike map,
Brian Loe
- Message not available
- Re: [funsec] Student arrested over Counter Strike map,
Brian Loe
- RE: [funsec] Student arrested over Counter Strike map,
Richard M. Smith
- Re: [funsec] Student arrested over Counter Strike map,
Brian Loe
- Re: [funsec] Student arrested over Counter Strike map,
Brian Loe
- RE: [funsec] Student arrested over Counter Strike map,
Richard M. Smith
- RE: [funsec] Student arrested over Counter Strike map,
Blanchard_Michael
- RE: [funsec] Student arrested over Counter Strike map,
rms
- Re: [funsec] Student arrested over Counter Strike map,
Brian Loe
- Re: [funsec] Student arrested over Counter Strike map,
Brian Loe
- RE: [funsec] Student arrested over Counter Strike map,
Blanchard_Michael
- Re: [funsec] Student arrested over Counter Strike map,
Brian Loe
- Re: [funsec] Student arrested over Counter Strike map,
rms
- Re: [funsec] Student arrested over Counter Strike map,
Brian Loe
- RE: [funsec] Student arrested over Counter Strike map,
Richard M. Smith
- Re: [funsec] Student arrested over Counter Strike map,
Brian Loe
- Re: [funsec] Student arrested over Counter Strike map,
rms
- Re: [funsec] Student arrested over Counter Strike map,
Brian Loe
- Message not available
- Message not available
- Re: [funsec] Student arrested over Counter Strike map,
Brian Loe
- Message not available
- Re: [funsec] Student arrested over Counter Strike map,
Brian Loe
RE: [funsec] Student arrested over Counter Strike map,
Richard M. Smith
Re: [funsec] Student arrested over Counter Strike map,
Valdis . Kletnieks
Re: [funsec] Student arrested over Counter Strike map,
Brian Loe
Re: [funsec] Student arrested over Counter Strike map,
Valdis . Kletnieks
Re: [funsec] Student arrested over Counter Strike map,
Drsolly
Re: [funsec] Student arrested over Counter Strike map,
Paul Vixie
Re: [funsec] Student arrested over Counter Strike map,
Brian Loe
Re: [funsec] Student arrested over Counter Strike map,
Brian Loe
Re: [funsec] Student arrested over Counter Strike map,
Drsolly
Re: [funsec] Student arrested over Counter Strike map,
Brian Loe
Re: [funsec] Student arrested over Counter Strike map,
Drsolly
Re: [funsec] Student arrested over Counter Strike map,
John Forrister
Re: [funsec] Student arrested over Counter Strike map,
Dennis Henderson
Re: [funsec] Student arrested over Counter Strike map,
John Forrister
Re: [funsec] Student arrested over Counter Strike map,
Valdis . Kletnieks
Re: [funsec] Student arrested over Counter Strike map,
Brian Loe
RE: [funsec] Student arrested over Counter Strike map,
Richard M. Smith
Re: [funsec] Student arrested over Counter Strike map,
Brian Loe
Re: [funsec] Student arrested over Counter Strike map,
Valdis . Kletnieks
Re: [funsec] Student arrested over Counter Strike map,
Randall M
Re: [funsec] Student arrested over Counter Strike map,
Drsolly
Re: [funsec] Student arrested over Counter Strike map,
Daniel H. Renner
[funsec] Scammers Randomly Target Checking Accounts,
Fergie
[funsec] Patch Tuesday Alert: Microsoft to Patch 7 Vulnerabilities,
Fergie
rPSA-2007-0085-1 lftp,
rPath Update Announcements
rPSA-2007-0090-1 gimp,
rPath Update Announcements
CORRECTION: Re: [funsec] Patch Tuesday Alert: Microsoft to Patch 7 Vul nerabilities,
Fergie
rPSA-2007-0089-1 net-snmp net-snmp-utils,
rPath Update Announcements
[funsec] Hackers Hijack Satellite TV in Southern China,
Fergie
rPSA-2007-0088-1 xscreensaver,
rPath Update Announcements
[funsec] MoAxB - A month ain't long enough for ActiveX,
Richard M. Smith
[Full-disclosure] Exploitation Realm in Ajax Based Load Tab Modules,
Aditya K Sood
[funsec] How Credit-Card Data Went Out Wireless Door,
Richard M. Smith
[Full-disclosure] Multiple vendors ZOO file decompression infinite loop DoS,
Jean-Sébastien Guay-Leroux
Multiple vendors ZOO file decompression infinite loop DoS,
Jean-Sébastien Guay-Leroux
PHPSecurityAdmin Remote File Include Exploit,
ilkerkandemir
Remote File Include In Script impex,
RaeD
[Full-disclosure] ASA-2007-013: IAX2 users can cause unauthorized data disclosure,
Kevin P. Fleming
RunCms <= 1.5.2 debug_show.php sql injection,
retrog
safari's saved password at risk,
poplix
[funsec] DougT's blog: Inspiring Trust... or not,
Juha-Matti Laurio
[funsec] Cryptome has a new ISP,
Juha-Matti Laurio
NPDS <= 5.10 - Multiple SQL injections,
aeroxteam_PLEASEDONTSPAMUS
[funsec] TSA Hard Drive With Employee Data Is Reported Stolen,
Richard M. Smith
Re: [Full-disclosure] WebScarab <= 20060621-0003 cross site scripting,
Rogan Dawes
XSS in Microsoft SharePoint,
ville . solarius
[funsec] Bush administration proposes retroactive immunity for phone companies,
rms
ACP3 (v4.0b3) - Multiple Vulnerabilities,
john
[MajorSecurity Advisory #47]Simple Machines Forum (SMF) - Session fixation Issue,
admin
Nuked-klaN 1.7.6 Remote Code Execution Exploit,
gmdarkfig
[Full-disclosure] [ GLSA 200705-06 ] X.Org X11 library: Multiple integer overflows,
Raphael Marichez
[funsec] BaySec,
Blue Boar
[funsec] OT: But security sorta related...,
Brian Loe
Re: [funsec] Student NOT arrested over Counter Strike map,
David Kennedy CISSP
[Full-disclosure] Vulnerabilities Hashes DB needed,
shadown
[Full-disclosure] Mini Web Shop v.2 vulnerable to XSS,
corrado.liotta
Taltech Tal Bar Code ActiveX Control Memory Corruption Vulnerability(-ies),
sapheal-hack.pl
Podium CMS - Cookie Manipulation Exploit,
john
[Full-disclosure] [USN-457-1] elinks vulnerability,
Kees Cook
SunShop (v4) Multiple Vulnerabilities,
john
UPDATED: CubeCart (v3.0.15) - CRLF Injection Vulnerability,
john
Drake CMS (v0.4.0) - CRLF Injection Vulnerability,
john
Mini Web Shop v.2 Vulnerable to XSS,
corrado . liotta
Kayako eSupport v3.00.90 Cross Site Scripting (XSS),
e1c4
[SECURITY] [DSA 1287-1] New ldap-account-manager packages fix multiple vulnerabilities,
Noah Meyerhans
[Reversemode Advisory] VMware Products - GPF Denial of Service,
Reversemode
pfa CMS v6.0 (index.php repinc) Remote File Include Vulnerability,
ilkerkandemir
[funsec] OT: Royalty talk,
Brian Loe
fipsCMS v2.1 Remote SQL injection Vulnerability,
ilkerkandemir
phpHoo3 (admin.php) Remote Login Bypass SQL Injection Vulnerability,
ilkerkandemir
american cart 3.* (abs_path) remote file include,
kepledehlah
PHPHtmlLib <= 2.4.0 Remote File Include Exploit,
ilkerkandemir
Re: [Full-disclosure] nucleus 3.22 >> RFI,
Ron Superior
[Full-disclosure] iDefense Security Advisory 05.07.07: Sun Microsystems Solaris ACE_SETACL Integer Signedness DoS Vulnerability,
iDefense Labs
Updated: webMethods Security Advisory: Glue console directory traversal vulnerability,
Jeremy Epstein
OTRS <= 2.0.x XSS/XSRF,
ciri
[Full-disclosure] [ GLSA 200705-07 ] Lighttpd: Two Denials of Service,
Raphael Marichez
[Full-disclosure] [ GLSA 200705-08 ] GIMP: Buffer overflow,
Raphael Marichez
[Full-disclosure] ZDI-07-024: Trend Micro ServerProtect EarthAgent Stack Overflow Vulnerability,
zdi-disclosures
[Full-disclosure] ZDI-07-025: Trend Micro ServerProtect AgRpcCln.dll Stack Overflow Vulnerability,
zdi-disclosures
[Full-disclosure] VMSA-2007-0004 Multiple Denial-of-Service issues fixed,
VMware Security team
Re: [funsec] Vote: Who on this list gets this shirt for xmas?,
Fergie
[Full-disclosure] Advanced Guestbook version 2.4.2 Multiple XSS Attack Vulnerabilities,
SecurityResearch
[Full-disclosure] Advanced Guestbook version 2.4.2 Multiple Error Information Leak Vulnerabilities,
SecurityResearch
[Full-disclosure] Advanced Guestbook version 2.4.2 Directory Traversal Vulnerability,
SecurityResearch
[Full-disclosure] 6apart ~el8,
~el8
[Full-disclosure] [USN-458-1] MoinMoin vulnerabilities,
Kees Cook
[Full-disclosure] rPSA-2007-0094-1 cpio,
rPath Update Announcements
[Full-disclosure] rPSA-2007-0092-1 tetex tetex-afm tetex-dvips tetex-fonts tetex-latex tetex-xdvi,
rPath Update Announcements
[Full-disclosure] [ GLSA 200705-09 ] IPsec-Tools: Denial of Service,
Raphael Marichez
[Full-disclosure] FLEA-2007-0016-1: kernel,
Foresight Linux Essential Announcement Service
[funsec] ISACA, a registered trademark,
Kurt Grutzmacher
Advanced Guestbook version 2.4.2 Multiple Error Information Leak Vulnerabilities,
securityresearch
[Full-disclosure] [ GLSA 200705-10 ] LibXfont, TightVNC: Multiple vulnerabilities,
Raphael Marichez
Advanced Guestbook version 2.4.2 Directory Traversal Vulnerability,
securityresearch
[Full-disclosure] [ GLSA 200705-11 ] MySQL: Two Denial of Service vulnerabilities,
Raphael Marichez
AP Newspower software <=4.0.1 allows remote data manipulation,
gobbles_fo_evar
WASC Announcement: Distributed Open Proxy Honeypot Project Data Released,
announcements
Advanced Guestbook version 2.4.2 Multiple XSS Attack Vulnerabilities,
securityresearch
[Full-disclosure] ZDI-07-026: Microsoft Excel BIFF File Format Named Graph Record Parsing Stack Overflow Vulnerability,
zdi-disclosures
[Full-disclosure] ZDI-07-027: Microsoft Internet Explorer Table Column Deletion Memory Corruption Vulnerability,
zdi-disclosures
[security bulletin] HPSBMA02138 SSRT061184 rev.3 - HP OpenView Storage Data Protector, Remote Unauthorized Arbitrary Command Execution,
security-alert
[security bulletin] HPSBTU02211 SSRT071326 rev.1 - HP Tru64 UNIX Running the dop command, Local Execution of Arbitrary Code with Privilege Elevation,
security-alert
[Full-disclosure] [SECURITY] [DSA 1288-1] New pptpd packages fix denial of service,
Moritz Muehlenhoff
[Full-disclosure] [ MDKSA-2007:098 ] - Updated clamav packages fix vulnerabilities,
security
[Full-disclosure] [ MDKSA-2007:099 ] - Updated python packages fix vulnerabilities,
security
[Full-disclosure] iDefense Security Advisory 05.08.07: McAfee Security Center IsOldAppInstalled ActiveX Buffer Overflow Vulnerability,
iDefense Labs
[Full-disclosure] Exchange Calendar MODPROPS Denial of Service (CVE-2007-0039),
Alexander Sotirov
[Full-disclosure] Local police hacking,now?,
scott
[funsec] Germans Wary of Security Measures,
Fergie
[Full-disclosure] SEC Consult SA-20070509-0 :: Multiple vulnerabilites in Nokia Intellisync Mobile Suite & Wireless Email Express,
Johannes Greil
[ MDKSA-2007:098 ] - Updated clamav packages fix vulnerabilities,
security
[ MDKSA-2007:099 ] - Updated python packages fix vulnerabilities,
security
RDP TLS downgrade,
software
[Full-disclosure] Zero Degrees of Seperation,
pdp (architect)
[Full-disclosure] Cisco Security Advisory: Multiple Vulnerabilities in the IOS FTP Server,
Cisco Systems Product Security Incident Response Team
Digital Armaments May-June-2007 Hacking Challenge: VMware,
info
[funsec] Five ISPs Hosting One-Third of All Malware?,
Fergie
Multiple vulnerabilities,
Michal Bucko (hackpl)
[funsec] Circuit City employee was hero in busting terror plot,
rms
[funsec] What are your opinions on this (fwd),
Gadi Evron
Defeating Citibank Virtual Keyboard protection using screenshot method,
yashks
Re: Defeating Citibank Virtual Keyboard protection using screenshot method,
Jan Heisterkamp
<Possible follow-ups>
Re: Re: Defeating Citibank Virtual Keyboard protection using screenshot method,
yashks
Re: RE: Defeating Citibank Virtual Keyboard protection using screenshot method,
balazs . zolika
RE: Defeating Citibank Virtual Keyboard protection using screenshot method,
Rogier Mulhuijzen
Re: Defeating Citibank Virtual Keyboard protection using screenshot method,
Reversemode
Re: Defeating Citibank Virtual Keyboard protection using screenshot method,
Paul Foote
Re: Defeating Citibank Virtual Keyboard protection using screenshot method,
imipak
RE: Defeating Citibank Virtual Keyboard protection using screenshot method,
Rogier Mulhuijzen
Re: Defeating Citibank Virtual Keyboard protection using screenshot method,
sethb
Re: Defeating Citibank Virtual Keyboard protection using screenshot method,
mailbox@martinelli.com
Re: Re: Defeating Citibank Virtual Keyboard protection using screenshot method,
balazs . zolika
[Full-disclosure] [ MDKSA-2007:100 ] - Updated bind packages fix vulnerability,
security
[funsec] Some Profit Off Virginia Tech Domain Names,
Fergie
Training Classes in SyScan'07,
organiser@syscan.org
[Full-disclosure] iDefense Security Advisory 05.09.07: Symantec Norton Internet Security 2006 COM Object Security ByPass Vulnerability,
iDefense Labs
[Full-disclosure] iDefense Security Advisory 05.08.07: Microsoft Excel Filter Record Code Execution Vulnerability,
iDefense Labs
[Full-disclosure] iDefense Security Advisory 05.08.07: Microsoft Word RTF File Parsing Heap Corruption Vulnerability,
iDefense Labs
[Full-disclosure] iDefense Security Advisory 05.08.07: Microsoft Exchange Server 2000 IMAP Literal Processing DoS Vulnerability,
iDefense Labs
[ MDKSA-2007:100 ] - Updated bind packages fix vulnerability,
security
2nd OWASP Israel mini conference at the Interdisciplinary Center Herzliya (IDC), Monday, May 21st, 13:30,
Ofer Shezaf
[Full-disclosure] Linux big bang theory....,
J. Oquendo
Re: [Full-disclosure] Linux big bang theory....,
Just1n T1mberlake
Re: [Full-disclosure] Linux big bang theory....,
Just1n T1mberlake
Re: [Full-disclosure] Linux big bang theory....,
Just1n T1mberlake
Re: [Full-disclosure] Linux big bang theory....,
KJKHyperion
[funsec] Quote of the Day: Paul Vixie,
Fergie
[Full-disclosure] [ MDKSA-2007:101 ] - Updated bind packages fix vulnerability,
security
[funsec] SCADA Systems Vulnerabilities Exposed,
Fergie
[funsec] Fwd: [botnets] There really is no escape from Gadi...,
Fergie
[Full-disclosure] Secunia Research: BearShare NCTAudioFile2 ActiveX Control Buffer Overflow,
Secunia Research
[Full-disclosure] Secunia Research: Internet Explorer HTML Objects Memory Corruption Vulnerability,
Secunia Research
Re: [Full-disclosure] Full-Disclosure Digest, Vol 27, Issue 16,
badr muhyeddin
[ MDKSA-2007:101 ] - Updated bind packages fix vulnerability,
security
Secunia Research: BearShare NCTAudioFile2 ActiveX Control Buffer Overflow,
Secunia Research
Secunia Research: Internet Explorer HTML Objects Memory Corruption Vulnerability,
Secunia Research
squirrelmail CSRF vulnerability,
p3rlhax
[Full-disclosure] iDefense Security Advisory 05.09.07: Computer Associates eTrust InoTask.exe Antivirus Buffer Overflow Vulnerability,
iDefense Labs
[Full-disclosure] iDefense Security Advisory 05.10.07: Sun Microsystems Solaris SRS Proxy Core srsexec Arbitrary File Read Vulnerability,
iDefense Labs
[Full-disclosure] [ GLSA 200705-12 ] PostgreSQL: Privilege escalation,
Sune Kloppenborg Jeppesen
[Full-disclosure] [ GLSA 200705-13 ] ImageMagick: Multiple buffer overflows,
Sune Kloppenborg Jeppesen
[Full-disclosure] iDefense Security Advisory 05.10.07: Novell NetMail NMDMC Buffer Overflow Vulnerability,
iDefense Labs
phpMUR Cross Site Scripting,
the_3dit0r
[funsec] Re: Fwd: [botnets] There really is no escape from Gadi...,
Randall M
[Full-disclosure] iDefense Security Advisory 05.10.07: Apple Darwin Streaming Proxy Multiple Vulnerabilities,
iDefense Labs
[Full-disclosure] TPTI-07-07: Apple QuickTime STSD Parsing Heap Overflow Vulnerability,
TSRT
[Full-disclosure] ZDI-07-028: CA eTrust AntiVirus Server inoweb Buffer Overflow Vulnerability,
zdi-disclosures
[Full-disclosure] [ MDKSA-2007:102 ] - Updated php packages fix multiple vulnerabilities,
security
[Full-disclosure] [ MDKSA-2007:103 ] - Updated php packages fix multiple vulnerabilities,
security
[Full-disclosure] [CAID 35330, 35331]: CA Anti-Virus, CA Threat Manager, and CA Anti-Spyware Console Login and File Mapping Vulnerabilities,
Williams, James K
[Full-disclosure] Teamspeak Server 2.0.20.1 Vulnerabilities,
Gilberto Ficara
Computer Associates eTrust InoTask.exe Antivirus Buffer Overflow Vulnerability,
binagres
[Full-disclosure] Mac OS X "ps(3)" and "top(3)" truncate output,
matador matador
[ MDKSA-2007:103 ] - Updated php packages fix multiple vulnerabilities,
security
eFileCabinet Authentication Bypass,
VulnerabilityResearch
[ MDKSA-2007:102 ] - Updated php packages fix multiple vulnerabilities,
security
fotolog xss,
absamu
TFTPdWin 0.4.2 Server Directory Traversal Vulnerability,
VulnerabilityResearch
rPSA-2007-0096-1 shadow,
rPath Update Announcements
[CAID 35330, 35331]: CA Anti-Virus, CA Threat Manager, and CA Anti-Spyware Console Login and File Mapping Vulnerabilities,
Williams, James K
Multiple Denial of Service attacks possible for Webspeed OpenEdge,
suresync
[Full-disclosure] Michael Daw Anthology Award,
David Kierznowski
W1L3D4 Philboard v0.2 sql injection,
ALEMIN KRALI
[funsec] Men Apologize for Cartoon Stunt,
rms
Cross-Site Scripting in Adobe RoboHelp 6, Server 6 and X5,
Michael Domberg
Design Flaw in Deutsche Telekom Speedport w700v broadband router,
Michael Domberg
[funsec] Free tools to protect yall's fools,
Dude VanWinkle
- RE: [funsec] Free tools to protect yall's fools,
Alex Eckelberry
- <Possible follow-ups>
- Re: [funsec] Free tools to protect yall's fools,
Fergie
- Re: [funsec] Free tools to protect yall's fools,
Dude VanWinkle
- Re: [funsec] Free tools to protect yall's fools,
Larry
- Re: [funsec] Free tools to protect yall's fools,
Dave Paris
- Re: [funsec] Free tools to protect yall's fools,
Larry
- Re: [funsec] Free tools to protect yall's fools,
Drsolly
- [funsec] Proper y'all usage,
Gary Warner
- [funsec] Re: Proper y'all usage,
Dave Paris
- Re: [funsec] Re: Proper y'all usage,
sam stover
- Re: [funsec] Proper y'all usage,
Kurt Grutzmacher
- RE: [funsec] Proper y'all usage,
Lawson, Joseph
- RE: [funsec] Proper y'all usage,
Blanchard_Michael
- Re: [funsec] Proper y'all usage,
Dennis Henderson
- Re: [funsec] Proper y'all usage,
Brian Loe
[Full-disclosure] Broadband routers and botnets - being proactive,
Gadi Evron
[Full-disclosure] Myspace hackers - Myspace lack of security,
Vlad Hackula
[Full-disclosure] Fight Censorship on Full-Disclosure,
Dr. Neal Krawetz PhD
[vuln.sg] yEnc32 Decoder Long Filename Buffer Overflow Vulnerability,
vulnpost-remove
Webspeed OpenEdge Dos exploit,
bendeniz_avci
[Full-disclosure] [vuln.sg] yEnc32 Decoder Long Filename Buffer Overflow Vulnerability,
TAN Chew Keong
[Full-disclosure] CommuniGate Pro web mail persistent cross-site scripting vulnerability,
Alla Bezroutchko
[Full-disclosure] Cross-site Scripting in EQDKP 1.3.2c and prior,
kefka
[funsec] UK: Drivers may be banned from smoking at the wheel,
Fergie
- Re: [funsec] UK: Drivers may be banned from smoking at the wheel,
Drsolly
- Re: [funsec] UK: Drivers may be banned from smoking at the wheel,
Dude VanWinkle
- Re: [funsec] UK: Drivers may be banned from smoking at the wheel,
Drsolly
- Re: [funsec] UK: Drivers may be banned from smoking at the wheel,
Dude VanWinkle
- Re: [funsec] UK: Drivers may be banned from smoking at the wheel,
Brian Loe
- Re: [funsec] UK: Drivers may be banned from smoking at the wheel,
Brian Loe
- Re: [funsec] UK: Drivers may be banned from smoking at the wheel,
Valdis . Kletnieks
- Re: [funsec] UK: Drivers may be banned from smoking at the wheel,
Brian Loe
- RE: [funsec] UK: Drivers may be banned from smoking at the wheel,
Richard M. Smith
- RE: [funsec] UK: Drivers may be banned from smoking at the wheel,
Drsolly
- Re: [funsec] UK: Drivers may be banned from smoking at the wheel,
der Mouse
- Re: [funsec] UK: Drivers may be banned from smoking at the wheel,
Brian Loe
- Re: [funsec] UK: Drivers may be banned from smoking at the wheel,
Valdis . Kletnieks
- Re: [funsec] UK: Drivers may be banned from smoking at the wheel,
Brian Loe
- Re: [funsec] UK: Drivers may be banned from smoking at the wheel,
Valdis . Kletnieks
- Re: [funsec] UK: Drivers may be banned from smoking at the wheel,
Brian Loe
- Re: [funsec] UK: Drivers may be banned from smoking at the wheel,
Valdis . Kletnieks
- Re: [funsec] UK: Drivers may be banned from smoking at the wheel,
Brian Loe
- Re: [funsec] UK: Drivers may be banned from smoking at the wheel,
Drsolly
- Re: [funsec] UK: Drivers may be banned from smoking at the wheel,
Brian Loe
- Re: [funsec] UK: Drivers may be banned from smoking at the wheel,
Drsolly
- Re: [funsec] UK: Drivers may be banned from smoking at the wheel,
sam stover
- Re: [funsec] UK: Drivers may be banned from smoking at the wheel,
Brian Loe
- Re: [funsec] UK: Drivers may be banned from smoking at the wheel,
sam stover
- Re: [funsec] UK: Drivers may be banned from smoking at the wheel,
Brian Loe
- Re: [funsec] UK: Drivers may be banned from smoking at the wheel,
Drsolly
- Re: [funsec] UK: Drivers may be banned from smoking at the wheel,
sam stover
- Re: [funsec] UK: Drivers may be banned from smoking at the wheel,
Brian Loe
- Re: [funsec] UK: Drivers may be banned from smoking at the wheel,
Drsolly
- Re: [funsec] UK: Drivers may be banned from smoking at the wheel,
Brian Loe
- Re: [funsec] UK: Drivers may be banned from smoking at the wheel,
Drsolly
- Re: [funsec] UK: Drivers may be banned from smoking at the wheel,
Brian Loe
- Re: [funsec] UK: Drivers may be banned from smoking at the wheel,
Drsolly
- Re: [funsec] UK: Drivers may be banned from smoking at the wheel,
Andy Sutton
- Re: [funsec] UK: Drivers may be banned from smoking at the wheel,
Drsolly
- Re: [funsec] UK: Drivers may be banned from smoking at the wheel,
Andy Sutton
- Re: [funsec] UK: Drivers may be banned from smoking at the wheel,
Drsolly
- Re: [funsec] UK: Drivers may be banned from smoking at the wheel,
Andy Sutton
- Re: [funsec] UK: Drivers may be banned from smoking at the wheel,
Drsolly
- RE: [funsec] UK: Drivers may be banned from smoking at the wheel,
Richard M. Smith
- Re: [funsec] UK: Drivers may be banned from smoking at the wheel,
Brian Loe
- Re: [funsec] UK: Drivers may be banned from smoking at the wheel,
Nick FitzGerald
- Re: [funsec] UK: Drivers may be banned from smoking at the wheel,
Drsolly
- Re: [funsec] UK: Drivers may be banned from smoking at the wheel,
Nick FitzGerald
- Re: [funsec] UK: Drivers may be banned from smoking at the wheel,
Drsolly
- RE: [funsec] UK: Drivers may be banned from smoking at the wheel,
David Harley
- RE: [funsec] UK: Drivers may be banned from smoking at the wheel,
Drsolly
- RE: [funsec] UK: Drivers may be banned from smoking at the wheel,
David Harley
- RE: [funsec] UK: Drivers may be banned from smoking at the wheel,
Drsolly
- Re: [funsec] UK: Drivers may be banned from smoking at the wheel,
Brian Loe
- Re: [funsec] UK: Drivers may be banned from smoking at the wheel,
Valdis . Kletnieks
- Re: [funsec] UK: Drivers may be banned from smoking at the wheel,
Brian Loe
- Re: [funsec] UK: Drivers may be banned from smoking at the wheel,
Valdis . Kletnieks
- RE: [funsec] UK: Drivers may be banned from smoking at the wheel,
Lawson, Joseph
- Re: [funsec] UK: Drivers may be banned from smoking at the wheel,
coderman
- RE: [funsec] UK: Drivers may be banned from smoking at the wheel,
Rob, grandpa of Ryan, Trevor, Devon & Hannah
- Re: [funsec] UK: Drivers may be banned from smoking at the wheel,
Valdis . Kletnieks
- Re: [funsec] UK: Drivers may be banned from smoking at the wheel,
Rob, grandpa of Ryan, Trevor, Devon & Hannah
- Re: [funsec] UK: Drivers may be banned from smoking at the wheel,
Brian Loe
- Re: [funsec] UK: Drivers may be banned from smoking at the wheel,
Drsolly
- RE: [funsec] UK: Drivers may be banned from smoking at the wheel,
Rob, grandpa of Ryan, Trevor, Devon & Hannah
- Re: [funsec] UK: Drivers may be banned from smoking at the wheel,
Brian Loe
- Re: [funsec] UK: Drivers may be banned from smoking at the wheel,
Nick FitzGerald
- Re: [funsec] UK: Drivers may be banned from smoking at the wheel,
Brian Loe
- Re: [funsec] UK: Drivers may be banned from smoking at the wheel,
Nick FitzGerald
- Re: [funsec] UK: Drivers may be banned from smoking at the wheel,
Nick FitzGerald
- Re: [funsec] UK: Drivers may be banned from smoking at the wheel,
Blue Boar
- Re: [funsec] UK: Drivers may be banned from smoking at the wheel,
Drsolly
- Re: [funsec] UK: Drivers may be banned from smoking at the wheel,
Valdis . Kletnieks
- Re: [funsec] UK: Drivers may be banned from smoking at the wheel,
Nick FitzGerald
- Re: [funsec] UK: Drivers may be banned from smoking at the wheel,
der Mouse
- Re: [funsec] UK: Drivers may be banned from smoking at the wheel,
Valdis . Kletnieks
- RE: [funsec] UK: Drivers may be banned from smoking at the wheel,
David Harley
- RE: [funsec] UK: Drivers may be banned from smoking at the wheel,
Richard M. Smith
- RE: [funsec] UK: Drivers may be banned from smoking at the wheel,
David Harley
- <Possible follow-ups>
- RE: [funsec] UK: Drivers may be banned from smoking at the wheel,
Fergie
Re: [Full-disclosure] Broadband routers and botnets - being proactive,
Gadi Evron
[Full-disclosure] Exciting new Paimei release!,
pedram amini
[funsec] MS Singularity - singularly impossible?,
Dude VanWinkle
[Full-disclosure] [SECURITY] [DSA 1289-1] New Linux 2.6.18 packages fix several vulnerabilities,
Moritz Muehlenhoff
[Full-disclosure] [SECURITY] [DSA 1290-1] New squirrelmail packages fix cross-site scripting,
Moritz Muehlenhoff
[Full-disclosure] [ GLSA 200705-14 ] XScreenSaver: Privilege escalation,
Raphael Marichez
[Full-disclosure] BTCrack 1.1 Heisec Release,
Thierry Zoller
[Full-disclosure] MyBB version 1.2.4 Multiple Path Disclosure Vulnerabilities,
SecurityResearch
[funsec] one in 10 websites (in the test) contain malware,
Dude VanWinkle
[Full-disclosure] WordPress 2.1.3 Akismet Vulnerability,
David Kierznowski
[Full-disclosure] Uninformed Journal Release Announcement: Volume 7,
fdlist
[funsec] Firearm Owner's Identification card issued to 10-month-old baby,
Blue Boar
[Full-disclosure] Thierry@Zoller.lu,
winsoc winsoc
[funsec] US Bureau Of Morality,
Dude VanWinkle
- Re: [funsec] US Bureau Of Morality,
Gadi Evron
- Re: [funsec] US Bureau Of Morality,
Dude VanWinkle
- Re: [funsec] US Bureau Of Morality,
Gadi Evron
- [funsec] test,
Discini, Sonny
- RE: [funsec] test,
Larry Seltzer
- RE: [funsec] test,
Peter Kosinar
- RE: [funsec] test,
Larry Seltzer
- RE: [funsec] test,
Rob, grandpa of Ryan, Trevor, Devon & Hannah
- RE: [funsec] test,
Nick FitzGerald
- Re: [funsec] test,
Valdis . Kletnieks
- Re: [funsec] US Bureau Of Morality,
Dude VanWinkle
- Re: [funsec] US Bureau Of Morality,
Gadi Evron
- Re: [funsec] US Bureau Of Morality,
Dude VanWinkle
- Re: [funsec] US Bureau Of Morality,
Gadi Evron
[funsec] Adminsitrivia: posting to funsec - problems,
Gadi Evron
[Full-disclosure] SonicBB version 1.0 Multiple Path Disclosure Vulnerabilities,
SecurityResearch
[Full-disclosure] SonicBB version 1.0 Multiple SQL Injection Vulnerabilities,
SecurityResearch
[Full-disclosure] SonicBB version 1.0 XSS Attack Vulnerabilities,
SecurityResearch
[funsec] 419 surge expected,
Ken Dyke
[Full-disclosure] IMF 2007 - Deadline Extension,
Oliver Goebel
notepad++[v4.1]: (win32) ruby file processing buffer overflow exploit.,
v9
Exim 4.66 in conjunction with spamd Overflow issues,
calcite
SonicBB version 1.0 XSS Attack Vulnerabilities,
securityresearch
Uninformed Journal Release Announcement: Volume 7,
sflist
SonicBB version 1.0 Multiple Path Disclosure Vulnerabilities,
securityresearch
[funsec] Verizon and Cybertrust,
Hubbard, Dan
[security bulletin] HPSBMI02210 SSRT071396 rev.2 - ProCurve Series 9300m Switches, Remote Denial of Service (DoS),
security-alert
ifdate 2.* unauthorized administrative access bug,
expw0rm
[SAMBA-SECURITY] CVE-2007-2446: Multiple Heap Overflows Allow Remote Code Execution,
Gerald (Jerry) Carter
MyBB version 1.2.4 Multiple Path Disclosure Vulnerabilities,
securityresearch
SonicBB version 1.0 Multiple SQL Injection Vulnerabilities,
securityresearch
[SAMBA-SECURITY] CVE-2007-2444: Local SID/Name Translation Failure Can Result in User Privilege Elevation,
Gerald (Jerry) Carter
[Full-disclosure] GMX MultiMessenger,
tomzeidler
[SAMBA-SECURITY] CVE-2007-2447: Remote Command Injection Vulnerability,
Gerald (Jerry) Carter
[security bulletin] HPSBGN02189 SSRT071297 rev.3 - ServiceGuard for Linux, Remote Unauthorized Access,
security-alert
[Full-disclosure] iDefense Security Advisory 05.14.07: Samba SAMR Change Password Remote Command Injection Vulnerability,
iDefense Labs
Windows Vista: Non-privileged code can redirect shortcuts to intercept privilege elevation requests,
robpaveza
Re: [funsec] UK: Drivers may be banned from smoking at the wheel,
Fergie
IMF 2007 - Deadline Extension,
Oliver Goebel
Apple Safari on MacOSX may reveal user's saved passwords,
poplix
[Full-disclosure] What RedHat doesn't want you to know about ExecShield (without NX),
Brad Spengler
[Full-disclosure] Ze Germans are coming,
anonymous.8d90275026
[funsec] pwned mailing lists,
Brian Loe
[Full-disclosure] Wordpress Akismet XSS flaw,
mybeni websecurity
[Full-disclosure] [USN-459-1] pptpd vulnerability,
Kees Cook
[Full-disclosure] [ MDKSA-2007:104 ] - Updated samba packages fix multiple vulnerabilities,
security
Re: [Full-disclosure] [Dailydave] What RedHat doesn't want you toknow about ExecShield (without NX),
gary sweet
[Full-disclosure] ssh.com ssh-3.2.9.1 sftp server remote off by one,
Kingcope
[Full-disclosure] rPSA-2007-0098-1 samba samba-swat,
rPath Update Announcements
[Full-disclosure] [ GLSA 200705-15 ] Samba: Multiple vulnerabilities,
Sune Kloppenborg Jeppesen
ImI image file inclusion in script upload,
spriteversus
[Full-disclosure] Bypassing PFW/HIPS open process control with uncommon identifier,
Matousec - Transparent security Research
Media Player Classic .MPA Div-By-Zero Denial of Service Vulnerability,
Michal Bucko (hackpl)
GS07-01 Full-Width and Half-Width Unicode Encoding IDS/IPS/WAF Bypass Vulnerability,
Fatih Ozavci
[ MDKSA-2007:104 ] - Updated samba packages fix multiple vulnerabilities,
security
[Full-disclosure] Jetbox CMS version 2.1 E-Mail Injection Vulnerability,
SecurityResearch
Bypassing PFW/HIPS open process control with uncommon identifier,
Matousec - Transparent security Research
[Full-disclosure] Retrieving "deleted" sms/mms from Nokia phone (Symbian S60),
Davide Del Vecchio
[SECURITY] [DSA 1291-1] New samba packages fix multiple vulnerabilities,
Noah Meyerhans
[funsec] Denial of Service Attacks Force Estonian Bank to Close Website,
Fergie
[Full-disclosure] (no subject),
wafa louis
- <Possible follow-ups>
- [Full-disclosure] (no subject),
wafa louis
- [Full-disclosure] (no subject),
Foresight Linux Essential Advisory Service
- [Full-disclosure] (no subject),
toto . toto
- [Full-disclosure] (no subject),
h buffo
- [Full-disclosure] (no subject),
clappymonkey
- [Full-disclosure] (no subject),
NGSSoftware Insight Security Research
- Re: [Full-disclosure] (no subject),
reepex
- Re: [Full-disclosure] (no subject),
reepex
- Message not available
- Message not available
- Re: [Full-disclosure] (no subject),
dripping
- Re: [Full-disclosure] (no subject),
Simon Smith
- Re: [Full-disclosure] (no subject),
Simon Smith
- Re: [Full-disclosure] (no subject),
dripping
- Re: [Full-disclosure] (no subject),
Simon Smith
- Message not available
- Re: [Full-disclosure] (no subject),
dripping
Re: [Full-disclosure] (no subject),
reepex
[Full-disclosure] (no subject),
Eyüp Aydin
[Full-disclosure] (no subject),
andrius . vysnia
[Full-disclosure] (no subject),
Mister Swole
[Full-disclosure] (no subject),
Cody Roby
[funsec] Vendor: Cisco IOS Server Backdoor May Have Been Planted,
Fergie
[Full-disclosure] FLEA-2007-0017-1: samba,
Foresight Linux Essential Announcement Service
[funsec] Cyber Security Bill Targets Botnets,
Fergie
[funsec] What ever happened to the Code Red worm?,
Bruce Ediger
- RE: [funsec] What ever happened to the Code Red worm?,
Larry Seltzer
- RE: [funsec] What ever happened to the Code Red worm?,
Gadi Evron
- RE: [funsec] What ever happened to the Code Red worm?,
Steve Manzuik
- RE: [funsec] What ever happened to the Code Red worm?,
Discini, Sonny
- Re: [funsec] What ever happened to the Code Red worm?,
B.K. DeLong
- RE: [funsec] What ever happened to the Code Red worm?,
Discini, Sonny
- Re: [funsec] What ever happened to the Code Red worm?,
Florian Weimer
- Re: [funsec] What ever happened to the Code Red worm?,
Peter Evans
- Re: [funsec] What ever happened to the Code Red worm?,
Valdis . Kletnieks
- Re: [funsec] What ever happened to the Code Red worm?,
Peter Evans
- Re: [funsec] What ever happened to the Code Red worm?,
Nick FitzGerald
- RE: [funsec] What ever happened to the Code Red worm?,
Steve Manzuik
- Re: [funsec] What ever happened to the Code Red worm?,
Sean Donelan
[Full-disclosure] ZDI-07-029: Samba lsa_io_privilege_set Heap Overflow Vulnerability,
zdi-disclosures
[Full-disclosure] ZDI-07-030: Samba netdfs_io_dfs_EnumInfo_d Heap Overflow Vulnerability,
zdi-disclosures
[Full-disclosure] ZDI-07-031: Samba smb_io_notify_option_type_data Heap Overflow Vulnerability,
zdi-disclosures
[Full-disclosure] ZDI-07-032: Samba sec_io_acl Heap Overflow Vulnerability,
zdi-disclosures
[Full-disclosure] ZDI-07-033: Samba lsa_io_trans_names Heap Overflow Vulnerability,
zdi-disclosures
[Full-disclosure] sap remote exploit,
toto toto
Re: Jetbox CMS version 2.1 E-Mail Injection Vulnerability,
laurent . gaffie
[funsec] New Botnet Gang War Raging on the Internet,
Fergie
RE: [funsec] Ban the dam smoking already!!,
Randall M
[Full-disclosure] [SECURITY] [DSA 1292-1] New qt4-x11 packages fix cross-site scripting vulnerability,
Noah Meyerhans
[Full-disclosure] [USN-460-1] Samba vulnerabilities,
Kees Cook
[Full-disclosure] Month of [something] Bugs,
Guasconi Vincent
[funsec] Estonia Urges Firm EU, NATO Response to Cyber Attacks,
Fergie
- RE: [funsec] Estonia Urges Firm EU, NATO Response to Cyber Attacks,
Steve Manzuik
- <Possible follow-ups>
- RE: [funsec] Estonia Urges Firm EU, NATO Response to Cyber Attacks,
Fergie
- Re: [funsec] Estonia Urges Firm EU, NATO Response to Cyber Attacks,
Fergie
- Re: [funsec] Estonia Urges Firm EU, NATO Response to Cyber Attacks,
Fergie
- Re: [funsec] Estonia Urges Firm EU, NATO Response to Cyber Attacks,
Fergie
[Full-disclosure] Windows POC,
Stack Smasher
[Full-disclosure] About the Post: Exciting new Paimei release!,
Jared DeMott
I, Bot. Taking advantage of robots power (Article),
crossbower
vbulletin < 3.6.6 [permanent xss],
laurent . gaffie
ANNOUNCE: RFIDIOt version 0.1m released (May 16th 2007),
Adam Laurie
[funsec] DDoS against Finnish broadcasting company took 3 days,
Juha-Matti Laurio
Symantec Product Security: Norton Personal Firewall 2004 ActiveX Control vulnerability,
secure
[Full-disclosure] CA BrightStor ARCserve Backup Mediasvr.exe and caloggerd.exe Vulnerabilities,
Williams, James K
CA BrightStor ARCserve Backup Mediasvr.exe and caloggerd.exe Vulnerabilities,
Williams, James K
[Full-disclosure] A Story about my Childhood: Destionation Whitehat,
Ross Brown
[funsec] Russia Accused of Unleashing Cyberwar to Disable Estonia,
Fergie
[funsec] Worm Attacked Voter Database in Notorious Florida District,
Fergie
[Full-disclosure] Blu-Ray key - Oh Nine, Efe Nine,
M . B . Jr .
[Full-disclosure] XSS vulnerability on various german online banking sites (sparkasse),
Ulrich Keil
[funsec] Quote of the Day: Bruce Schneier,
Fergie
- Re: [funsec] Quote of the Day: Bruce Schneier,
Dennis Henderson
- Re: [funsec] Quote of the Day: Bruce Schneier,
Valdis . Kletnieks
- Re: [funsec] Quote of the Day: Bruce Schneier,
Dennis Henderson
- Re: [funsec] Quote of the Day: Bruce Schneier,
der Mouse
- Re: [funsec] Quote of the Day: Bruce Schneier,
Brian Loe
- Re: [funsec] Quote of the Day: Bruce Schneier,
Rob, grandpa of Ryan, Trevor, Devon & Hannah
- Re: [funsec] Quote of the Day: Bruce Schneier,
sam stover
- RE: [funsec] Quote of the Day: Bruce Schneier,
Larry Seltzer
- RE: [funsec] Quote of the Day: Bruce Schneier,
Rob, grandpa of Ryan, Trevor, Devon & Hannah
- Re: [funsec] Quote of the Day: Bruce Schneier,
Brian Loe
- Re: [funsec] Quote of the Day: Bruce Schneier,
Rob, grandpa of Ryan, Trevor, Devon & Hannah
- RE: [funsec] Quote of the Day: Bruce Schneier,
Lawson, Joseph
- RE: [funsec] Quote of the Day: Bruce Schneier,
Rob, grandpa of Ryan, Trevor, Devon & Hannah
- Re: [funsec] Quote of the Day: Bruce Schneier,
Nick FitzGerald
- Re: [funsec] Quote of the Day: Bruce Schneier,
sam stover
- Re: [funsec] Quote of the Day: Bruce Schneier,
Rob, grandpa of Ryan, Trevor, Devon & Hannah
- Re: [funsec] Quote of the Day: Bruce Schneier,
Drsolly
- <Possible follow-ups>
- Re: [funsec] Quote of the Day: Bruce Schneier,
Fergie
- Re: [funsec] Quote of the Day: Bruce Schneier,
Fergie
- Re: [funsec] Quote of the Day: Bruce Schneier,
Fergie
- [funsec] Quote of the Day: Bruce Schneier,
Paul Ferguson
- RE: [funsec] Quote of the Day: Bruce Schneier,
Paul Ferguson
[Full-disclosure] [SECURITY] [DSA 1293-1] New quagga packages fix denial of service,
Martin Schulze
[Full-disclosure] Download Virginia Massacre Memorial Photobook,
\[ Ronald \]
[Full-disclosure] ANNOUNCE: RFIDIOt version 0.1m released (16th May 2007),
Adam Laurie
[Full-disclosure] rPSA-2007-0102-1 libpng,
rPath Update Announcements
[Full-disclosure] OWASP / Advanced Web Hacking / Service API Manipulation / Next Generation of Web Attacks,
pdp (architect)
[Full-disclosure] XCon2007 Call For Paper,
XFOCUS Security Team
[Full-disclosure] Oracle Forensics Part 4: Live Response,
David Litchfield
[Full-disclosure] [ GLSA 200705-16 ] PhpWiki: Remote execution of arbitrary code,
Raphael Marichez
[Full-disclosure] [ GLSA 200705-17 ] Apache mod_security: Rule bypass,
Raphael Marichez
[Full-disclosure] [SECURITY] [DSA 1291-2] New samba packages fix multiple vulnerabilities,
Noah Meyerhans
XSS vulnerability on various german online banking sites (sparkasse),
Ulrich Keil
VP-ASP Shopping Cart 6.50 - Cross-Site Scripting Vulnerability,
john
TSLSA-2007-0017 - multi,
Trustix Security Advisor
[security bulletin] HPSBTU02209 SSRT071323 rev.1 - HP Tru64 UNIX Running Secure Shell (SSH), Remote Unauthorized Identification of Valid Users,
security-alert
[security bulletin] HPSBMA02213 SSRT061214 rev.1 - HP Systems Insight Manager (SIM) for Windows, Remote Privileged Access and Arbitrary Code Execution,
security-alert
[funsec] Gun dealers and gun crime,
rms
[OpenPKG-SA-2007.012] OpenPKG Security Advisory (samba),
OpenPKG GmbH
[security bulletin] HPSBST02214 SSRT071422 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS07-023 to MS07-029,
security-alert
[funsec] Bright lights, big software glitch,
Kurt Grutzmacher
[funsec] And Speaking of Knee-Jerk Reactions...,
Fergie
[funsec] Amero sentencing postponed until June 6,
Alex Eckelberry
[Full-disclosure] Erratasec Research MD5,
David Maynor
[OpenPKG-SA-2007.013] OpenPKG Security Advisory (png),
OpenPKG GmbH
RedLevel Advisory #015 - Redoable 1.2 Cross-Site Scripting Vulnerability (patch included),
john
[Full-disclosure] [ MDKSA-2007:105 ] - Updated fetchmail packages fix potential APOP vulnerabilities,
security
[ MDKSA-2007:105 ] - Updated fetchmail packages fix potential APOP vulnerabilities,
security
[funsec] More fun for the day: Zango sues PC Tools,
Alex Eckelberry
[Full-disclosure] I am also David Maynor,
David Maynor
[Full-disclosure] FLEA-2007-0018-1: libpng,
Foresight Linux Essential Announcement Service
[Full-disclosure] [USN-461-1] Quagga vulnerability,
Kees Cook
[Full-disclosure] [SECURITY] [DSA 1294-1] New xfree86 packages fix several vulnerabilities,
Moritz Muehlenhoff
[Full-disclosure] Microsoft claiming Linux infringing on 235 patents,
scott
[Full-disclosure] PsychoStats 3.0.6b and prior,
kefka
[funsec] Microsoft and "creepy behavioral analytics",
Richard M. Smith
[Full-disclosure] rPSA-2007-0104-1 idle python,
rPath Update Announcements
[Full-disclosure] [OpenPKG-SA-2007.015] OpenPKG Security Advisory (quagga),
OpenPKG GmbH
[Full-disclosure] [OpenPKG-SA-2007.017] OpenPKG Security Advisory (ratbox),
OpenPKG GmbH
Re: [Full-disclosure] A Story about my Childhood: Destionation Whitehat,
jt5944-27a
[Full-disclosure] The Web has Betrayed Us,
pdp (architect)
eSyndiCat Input Validation Error Vulnerability,
hack2prison
Predictable TCP ISN in Packeteer PacketShaper,
nnposter
[funsec] Microsoft Word bytes again,
rms
ACROS Security: Session Fixation Vulnerability in HP SIM 5.0,
ACROS Security
REWTERZ-20070518 - Authentication Bypass in Rational Soft's Hidden Administrator,
rewterz security team
[funsec] Zango Sues Antispyware Vendor PC Tools,
Fergie
[funsec] No JavaScript, No Google Navigation,
Fergie
[Full-disclosure] VMSA-2007-0004.1 Updated: Multiple Denial-of-Service issues fixed and directory traversal vulnerability,
VMware Security team
[USN-436-2] KTorrent vulnerability,
Kees Cook
[funsec] Note to Self: Skip the Tour of the Taiwan Zoo...,
Fergie
[funsec] Off Beat: U.S. Government Trying to Seize New Michael Moore Film,
Fergie
[funsec] Humor: Airport Security: SNL Gets It Right,
Fergie
[Full-disclosure] Spoofing via Google,
Aaron Gray
RE: [funsec] Off Beat: U.S. Government Trying to Seize New MichaelMoor e Film,
Fergie
[funsec] 'Data Storm' Blamed for Nuclear-Plant Shutdown,
Fergie
[Full-disclosure] [SECURITY] [DSA 1295-1] New php5 packages fix several vulnerabilities,
Moritz Muehlenhoff
NASA Site Bug ( Check URI Input ),
matrix
[CVE-2007-1355] Tomcat documentation XSS vulnerabilities,
Mark Thomas
RedLevel Advisory #017 - HLstats v1.35 Cross-Site Scripting Vulnerability #2,
john
RedLevel Advisory #016 - HLstats v1.35 Cross-Site Scripting Vulnerability,
john
[ MDKSA-2007:106 ] - Updated squirrelmailpackages fix vulnerabilities,
security
[Full-disclosure] [ MDKSA-2007:106 ] - Updated squirrelmailpackages fix vulnerabilities,
security
[Full-disclosure] finance,
Salman Al Olayan
[funsec] The oddest spam I've ever received,
Richard M. Smith
[Full-disclosure] One worm to rule them all,
David Kierznowski
[Full-disclosure] [ MDKSA-2007:107 ] - Updated evolution packages fix APOP weakness,
security
[Full-disclosure] [ GLSA 200705-18 ] PPTPD: Denial of Service attack,
Sune Kloppenborg Jeppesen
[Full-disclosure] SQL-Injection in IP-TRACKING Mod for phpBB2.0.x,
Cornelius Riemenschneider
[Full-disclosure] iDEFENSE VCP Challenge and botnet technologies,
larry
[Full-disclosure] POC CODE - TI89 Titanium Resident EPO Calculator Virus (T89.GAARA),
Piotr Bania
[Full-disclosure] Remider: VNSECON 07 Call for Papers ends on June 08,
rd
[funsec] AusCERT 2007: IT Industry Has Failed in Desktop Security,
Fergie
[Full-disclosure] XSS in famous web projects,
Valery Marchuk
[Full-disclosure] Jetbox CMS version 2.1 Multiple Path Disclosure Vulnerabilities,
SecurityResearch
[Full-disclosure] Jetbox CMS version 2.1 Multiple SQL Injection Vulnerabilities,
SecurityResearch
[Full-disclosure] Kenshoto Presents Annual Bogus IIS 6.0 Remote Exploit,
User Ctf
[Full-disclosure] noise about full-width encoding bypass?,
Brian Eaton
[Full-disclosure] FLEA-2007-0019-1: python,
Foresight Linux Essential Announcement Service
[Full-disclosure] GHDB - Google Hacking Database,
pdp (architect)
[Full-disclosure] [SECURITY] [DSA 1296-1] New php4 packages fix privilege escalation,
Moritz Muehlenhoff
[funsec] New Zealand: ISP Spam Code of Practice Released,
Fergie
[funsec] Spyware Still Cheating Merchants and Legitimate Affiliates,
Fergie
[Full-disclosure] [SECURITY] [DSA 1291-3] New samba packages fix regression,
Moritz Muehlenhoff
[funsec] DHS Calls for Cybersecurity White Papers,
Fergie
[Full-disclosure] [USN-459-2] pptpd regression,
Kees Cook
[funsec] Brits freak out over WiFi in schools,
Richard M. Smith
[funsec] Brit bobbies play with model airplanes while on the job,
Richard M. Smith
- Re: [funsec] Brit bobbies play with model airplanes while on the job,
Brian Loe
- <Possible follow-ups>
- Re: [funsec] Brit bobbies play with model airplanes while on the job,
Fergie
- Re: [funsec] Brit bobbies play with model airplanes while on the job,
Brian Loe
- Re: [funsec] Brit bobbies play with model airplanes while on the job,
sam stover
- Re: [funsec] Brit bobbies play with model airplanes while on the job,
Brian Loe
- Re: [funsec] Brit bobbies play with model airplanes while on the job,
Gadi Evron
- Re: [funsec] Brit bobbies play with model airplanes while on the job,
sam stover
- Re: [funsec] Brit bobbies play with model airplanes while on the job,
Gadi Evron
- RE: [funsec] Brit bobbies play with model airplanes while on the job,
David Harley
- Re: [funsec] Brit bobbies play with model airplanes while on the job,
Valdis . Kletnieks
- RE: [funsec] Brit bobbies play with model airplanes while on the job,
David Harley
- Re: [funsec] Brit bobbies play with model airplanes while on the job,
Brian Loe
- Re: [funsec] Brit bobbies play with model airplanes while on the job,
Drsolly
- R: [funsec] Brit bobbies play with model airplanes while on the job,
Cornali Remo
- Re: [funsec] Brit bobbies play with model airplanes while on the job,
Valdis . Kletnieks
- Re: [funsec] Brit bobbies play with model airplanes while on the job,
Brian Loe
- Re: [funsec] Brit bobbies play with model airplanes while on the job,
Dave Paris
- Message not available
- Fwd: [funsec] Brit bobbies play with model airplanes while on the job,
Brian Loe
- Re: Fwd: [funsec] Brit bobbies play with model airplanes while on the job,
Rob, grandpa of Ryan, Trevor, Devon & Hannah
- Re: [funsec] Brit bobbies play with model airplanes while on the job,
Drsolly
- Re: [funsec] Brit bobbies play with model airplanes while on the job,
Rob, grandpa of Ryan, Trevor, Devon & Hannah
- RE: [funsec] Brit bobbies play with model airplanes while on the job,
Rob, grandpa of Ryan, Trevor, Devon & Hannah
- Re: [funsec] Brit bobbies play with model airplanes while on the job,
Kradorex Xeron
- Re: [funsec] Brit bobbies play with model airplanes while on the job,
Drsolly
- Re: [funsec] Brit bobbies play with model airplanes while on the job,
Brian Loe
- Re: [funsec] Brit bobbies play with model airplanes while on the job,
Drsolly
- Re: [funsec] Brit bobbies play with model airplanes while on the job,
Brian Loe
- RE: [funsec] Brit bobbies play with model airplanes while on the job,
Richard M. Smith
- Re: [funsec] Brit bobbies play with model airplanes while on the job,
Drsolly
- Re: [funsec] Brit bobbies play with model airplanes while on the job,
Brian Loe
Re: [funsec] Brit bobbies play with model airplanes while on the job,
Fergie
Re: [funsec] Brit bobbies play with model airplanes while on the job,
Fergie
[funsec] Score Card on ICANN Board and How DotCom Savvy They Are,
Fergie
[Full-disclosure] [SECURITY] [DSA 1281-2] New clamav packages fix denial of service vulnerability,
Noah Meyerhans
[Full-disclosure] Question Regarding IIS 6.0 / Is this a DoS???,
kingcope
[Full-disclosure] Jetbox CMS version 2.1 XSS Attack Vulnerability,
SecurityResearch
[Full-disclosure] KSign KSignSWAT ActiveX Control Multiple Buffer Overflows Vulnerability,
BPS
[Full-disclosure] IIS 6.0 AUX.aspx DoS,
c0redump
[Full-disclosure] Unicode Left/Right Pointing Double Angel Quotation Mark bypass?,
3APA3A
[Full-disclosure] TCP/IP vulnerability,
Mohit Kohli
[Full-disclosure] Cisco Security Advisory: Vulnerability In Crypto Library,
Cisco Systems Product Security Incident Response Team
[Full-disclosure] Cisco Security Advisory: Multiple Vulnerabilities in Cisco IOS While Processing SSL Packets,
Cisco Systems Product Security Incident Response Team
Simple Accessible XHTML Online News v4.6 Remote File Include Exploit,
the_3dit0r
[Full-disclosure] Question Regarding IIS 6.0 / Is this a DoS???,
Joey Mengele
Jetbox CMS version 2.1 Multiple SQL Injection Vulnerabilities,
securityresearch
[ MDKSA-2007:107 ] - Updated evolution packages fix APOP weakness,
security
Re: Re: [Bogus] Lazarus Guestbook (admin.php)Remote File Include Expliot -,
webmaster
Remedy for: Remot File Include In phpexplorator_2_0,
tchouamou
[ISecAuditors Security Advisories] Microsoft IIS5 NTLM and Basic authentication bypass,
ISecAuditors Security Advisories
RedLevel Advisory #022 - ClonusWiki .5 Cross-Site Scripting Vulnerability,
john
Jetbox CMS version 2.1 XSS Attack Vulnerability,
securityresearch
Security Videos,
thejus_mb
Oracle Forensics Part 4: Live Response,
David Litchfield
[waraxe-2007-SA#050] - Sql Injection in WordPress 2.1.3,
come2waraxe
Remider: VNSECON 07 Call for Papers ends on June 08,
rd
[funsec] Introducing Google's online security efforts...,
Fergie
[funsec] Putting your privacy on (the) line,
Rob, grandpa of Ryan, Trevor, Devon & Hannah
RedLevel Advisory #017 - PsychoStats v3.0.6b Multiple Cross-Site Scripting Vulnerabilities,
john
[Full-disclosure] GMTT Music Di