364 messages sorted by: [ date ] [ thread ] [ subject ]

Starting: Sat Dec 01 2007 - 10:17:15 CST
Ending: Mon Dec 31 2007 - 13:24:23 CST

• `ClubHack `
  • ClubHack2007: Presentation are online now (Sat Dec 15 2007 - 05:55:06 CST)
• Abel Cheung
  • Re: Wordpress - Broken Access Control (Wed Dec 19 2007 - 15:29:01 CST)
  • WordPress Charset SQL injection vulnerability (re-resend) (Mon Dec 10 2007 - 13:22:37 CST)
• adminbugreport.ir
  • Bitweaver source code disclosure, arbitrary file upload (Sun Dec 30 2007 - 06:04:20 CST)
  • Jupiter Cms Multiple Vulnerabilities (Mon Dec 24 2007 - 05:55:18 CST)
  • PHP <= 5.2.5 Safe Mode Bypass (Mon Dec 24 2007 - 05:50:44 CST)
  • Hosting Controller - Multiple Security Bugs (Extremely Critical) (Thu Dec 13 2007 - 06:15:12 CST)
  • Snitz2000 SQL Injection: A user can gain admin level (Mon Dec 03 2007 - 16:21:06 CST)
• Adrian Chadd
  • SQUID-2007:2, Dec 4, 2007 (Thu Dec 06 2007 - 05:24:22 CST)
• advisoryrapid7.com
  • R7-0031: JFreeChart Image Map Cross-Site Scripting Vulnerabilities (Thu Dec 06 2007 - 16:57:52 CST)
• ahcrewgmail.com
  • iSupport v1.8 Local file include vulnerability (Wed Dec 19 2007 - 22:17:52 CST)
• AKS aka (0kn0ck)
  • [WhitePaper (SecNiche)] Information Prone LDAP Garbage Dumps (Mon Dec 03 2007 - 15:27:12 CST)
• alanverselogic.net
  • Re: Sql Injection in wordpress 2.3.1 (Wed Dec 05 2007 - 12:42:44 CST)
• Alireza Hassani
  • Re: Re: PHP <= 5.2.5 Safe Mode Bypass (Tue Dec 25 2007 - 07:20:06 CST)
• Amit Klein
  • Re: RE: TCP Port randomization paper (Tue Dec 18 2007 - 01:28:16 CST)
  • RE: TCP Port randomization paper (Tue Dec 11 2007 - 07:56:31 CST)
• announcementswebappsec.org
  • WASC Announcement: The Script Mapping Project Results and Call for Participation (Mon Dec 10 2007 - 14:50:21 CST)
• antonioantoniocortes.com
  • Re: Morcego CMS <= 0.9.6 Remote File Inclue Vulnerability (Thu Dec 20 2007 - 14:25:39 CST)
  • Re: Morcego CMS <= 0.9.6 Remote File Inclue Vulnerability (Thu Dec 20 2007 - 14:20:28 CST)
• arsalan1991gmail.com
  • Re: Re: PHP MySQL Banner Exchange 2.2.1 remote mysql database bug (Mon Dec 17 2007 - 14:46:40 CST)
  • PHP MySQL Banner Exchange 2.2.1 remote mysql database bug (Fri Dec 14 2007 - 02:42:16 CST)
• atc08atilf.no
  • (Re-post) ATC-08 CFP (Tue Dec 04 2007 - 04:48:02 CST)
• avivra
  • Google Toolbar Dialog Spoofing Vulnerability (Tue Dec 18 2007 - 14:13:46 CST)
• azizovitdefence.ru
  • Firefox 2.0.0.11 INPUT Denial Of Service (Wed Dec 05 2007 - 13:34:23 CST)
• Balazs Scheidler
  • Re: [syslog-ng] ZSA-2007-029: syslog-ng Denial of Service (Mon Dec 17 2007 - 08:26:04 CST)
  • ZSA-2007-029: syslog-ng Denial of Service (Mon Dec 17 2007 - 04:38:05 CST)
• balroggmail.com
  • Bid 24744 ? (Sat Dec 22 2007 - 15:14:52 CST)
• barfoo.com
  • Re: Re: Moodle SQL Injection (Sat Dec 22 2007 - 12:43:38 CST)
• bebegmail.com
  • SQL injection - GestDownV1.00Beta (Sat Dec 08 2007 - 20:49:47 CST)
• beenudel1986gmail.com
  • My Blog Rfi (Sat Dec 22 2007 - 08:16:17 CST)
  • Multiple xss in mambo 4.6.2 (Tue Dec 18 2007 - 07:25:29 CST)
  • Sql Injection in wordpress 2.3.1 (Wed Dec 05 2007 - 05:14:04 CST)
  • Blind Sql-Injection in Joomla 1.5 RC3 (Tue Dec 04 2007 - 21:51:48 CST)
  • RFI and Multiple XSS in PhpMyChat (Tue Dec 04 2007 - 12:01:55 CST)
• Bernhard Mueller
  • SEC Consult SA-20071204-0 :: SonicWALL Global VPN Client Format String Vulnerability (Tue Dec 04 2007 - 07:56:42 CST)
• blackredyellowhushmail.com
  • Re: Tiger Team: New TV series about pen testers airing on CourtTV Dec 25 11 pm (Wed Dec 26 2007 - 22:17:50 CST)
  • Tiger Team: New TV series about pen testers airing on CourtTV Dec 25 11 pm (Tue Dec 18 2007 - 13:33:27 CST)
• bobhotmail.com
  • Re: Powerschool 404 Admin Exposure (Tue Dec 04 2007 - 10:28:15 CST)
• brainheadbrainheadgmx.de
  • webSPELL 4.01.02 (calendar.php, usergallery.php) XSS Vulnerability (Sat Dec 08 2007 - 16:53:59 CST)
• brancohatgmail.com
  • PHP -> set_time_limit (Wed Dec 26 2007 - 15:14:05 CST)
• bugtraqdarkprotocols.net
  • [XSS] OpenNewsletter v2.5 Multipe XSS Attacks (Thu Dec 06 2007 - 11:33:17 CST)
• carlo.fellergmail.com
  • Re: SineCMS <= 2.3.4 Calendar SQL Injection 'n something else.. (Tue Dec 18 2007 - 07:01:39 CST)
• Charles Hardin
  • Re: Cpanel Vulnerability? (Wed Dec 12 2007 - 09:28:47 CST)
• Cisco Systems Product Security Incident Response Team
  • Cisco Security Advisory: Application Inspection Vulnerability in Cisco Firewall Services Module (Wed Dec 19 2007 - 09:20:00 CST)
  • Cisco Security Advisory: Cisco Security Agent for Windows System Driver Remote Buffer Overflow Vulnerability (Wed Dec 05 2007 - 12:06:57 CST)
• cocoruder
  • [UPDATE]CA BrightStor ARCServe BackUp Message Engine Remote Stack Overflow Vulnerability (Wed Dec 05 2007 - 23:28:21 CST)
• come2waraxeyahoo.com
  • [waraxe-2007-SA#060] - Sensitive info disclosure in CuteNews <= 1.4.5 (Sun Dec 23 2007 - 15:39:58 CST)
• CORE Security Technologies Advisories
  • CORE-2007-1004: VLC Activex Bad Pointer Initialization Vulnerability (Tue Dec 04 2007 - 10:26:02 CST)
• Craig Wright
  • RE: Cryptome: NSA has real-time access to Hushmail servers (Thu Dec 27 2007 - 13:24:24 CST)
• dann frazier
  • [SECURITY] [DSA 1436-1] New Linux 2.6.18 packages fix several vulnerabilities (Thu Dec 20 2007 - 16:28:26 CST)
  • [SECURITY] [DSA 1428-2] New Linux 2.6.18 packages fix several vulnerabilities (Tue Dec 11 2007 - 22:11:50 CST)
  • [SECURITY] [DSA 1481-1] New Linux 2.6.18 packages fix several vulnerabilities (Mon Dec 10 2007 - 23:51:52 CST)
• david130490hotmail.com
  • Re: Re: Re: TotalPlayer 3.0 .m3u crash (Thu Dec 27 2007 - 11:28:26 CST)
  • Re: Re: TotalPlayer 3.0 .m3u crash (Thu Dec 27 2007 - 10:53:11 CST)
  • TotalPlayer 3.0 .m3u crash (Mon Dec 24 2007 - 17:21:04 CST)
• Digital Security Research Group
  • Multiple vulnerabilities in RUNCMS 1.6 by DSecRG (Tue Dec 25 2007 - 09:12:05 CST)
• Digital Security Research Group [DSecRG]
  • 2z-project 0.9.6.1 Multiple Security Vulnerabilities (Fri Dec 28 2007 - 07:26:11 CST)
• DoZHackersCenter.com
  • LiveCart Multiple Cross-Site Scripting Vulnerabilities (Sun Dec 30 2007 - 17:53:02 CST)
  • IPortalX Forums Cross-Site Scripting Vulnerability (Thu Dec 27 2007 - 01:18:26 CST)
  • [HSC] Dokeos Multiple Cross-Site Scripting Vulnerabilities (Sat Dec 22 2007 - 11:37:20 CST)
  • Bitweaver XSS & SQL Injection Vulnerability (Sun Dec 09 2007 - 13:30:13 CST)
  • McAfee SecurityCenter Privacy Service HTML Execution Vulnerability (Mon Dec 03 2007 - 09:57:55 CST)
• erdcecho.or.id
  • [ECHO_ADV_86$2007] Mambo/Joomla Component rsgallery <= 2.0 beta 5 (catid) Remote SQL Injection Vulnerability (Wed Dec 05 2007 - 04:44:02 CST)
• erneernealizm.us
  • Confixx Professional RF&#304; (Tue Dec 25 2007 - 12:23:33 CST)
• evanchikgmail.com
  • America Online AOL Instant Messenger AIM6.0 or 6.5 or higher XSS remote execution (Fri Dec 21 2007 - 17:15:55 CST)
• fagiangmail.com
  • Re: Microsoft Office Publisher (Sun Dec 23 2007 - 11:19:33 CST)
• Fernando Gont
  • Re: TCP Port randomization paper (Tue Dec 11 2007 - 17:15:48 CST)
  • TCP Port randomization paper (Thu Dec 06 2007 - 18:45:04 CST)
• Florian Weimer
  • [SECURITY] [DSA 1438-1] New tar packages fix several vulnerabilities (Fri Dec 28 2007 - 09:29:40 CST)
• foobar.com
  • Re: Moodle SQL Injection (Fri Dec 21 2007 - 22:26:04 CST)
• Francisco Pecorella
  • Cpanel Vulnerability? (Wed Dec 12 2007 - 07:16:21 CST)
• fukami
  • Re: Design flaw in AS3 socket handling allows port probing (Thu Dec 20 2007 - 16:53:01 CST)
• Gadi Evron
  • Re: [dns-operations] Web Proxy Auto-Discovery (WPAD) Information Disclosure (fwd) (Tue Dec 04 2007 - 01:13:53 CST)
• gbgb.hates.the.constitution.gov
  • Re: Re: Cryptome: NSA has real-time access to Hushmail servers (Fri Dec 28 2007 - 04:55:24 CST)
• gdfuegogmail.com
  • Re: Re: Cpanel Vulnerability? (Wed Dec 12 2007 - 11:05:24 CST)
• Gerald (Jerry) Carter
  • [SECURITY] Buffer overrun in send_mailslot() (Mon Dec 10 2007 - 07:50:40 CST)
• gforceoperamail.com
  • jetAudio 7.0.5 COWON Media Center MP4 Stack Overflow (Mon Dec 17 2007 - 08:13:02 CST)
  • Media Player Classic 6.4.9 MP4 Stack Overflow 0-day (Fri Dec 07 2007 - 19:54:52 CST)
  • Windows media player 6.4 MP4 Stack Overflow 0-day (Fri Dec 07 2007 - 19:53:27 CST)
  • Nullsoft Winamp MP4 tags Stack Overflow (Fri Dec 07 2007 - 19:51:31 CST)
• gmdarkfiggmail.com
  • PHP Security Framework: Vuln and Security Bypass (Sun Dec 16 2007 - 12:48:08 CST)
• guiness.stout
  • Re: PR06-08: BEA Plumtree portal internal hostname disclosure vulnerability (Mon Dec 03 2007 - 10:26:54 CST)
• gynvaelvexillium.org
  • Opera 9.50 beta and prior remote DoS (freeze) (Wed Dec 05 2007 - 01:13:59 CST)
• hadihadi_zedehal_2006yahoo.com
  • neuron news1.0 Multiple Remote Vulnerabilities (sql injection/xss) (Sun Dec 16 2007 - 17:13:42 CST)
• Hanno Böck
  • Re: Multiple xss in mambo 4.6.2 (Wed Dec 26 2007 - 15:52:42 CST)
  • CVE-2007-6205 (Mon Dec 10 2007 - 08:01:46 CST)
• Henrich C. Poehls
  • Re: MS Office 2007: Digital Signature does not protect Meta-Data (Wed Dec 19 2007 - 07:37:01 CST)
  • Re: MS Office 2007: Digital Signature does not protect Meta-Data (Fri Dec 14 2007 - 05:07:59 CST)
• Hernan Ochoa
  • release uhooker v1.3 (Mon Dec 17 2007 - 07:19:45 CST)
• hjan
  • CFP CISIS '08 (Fri Dec 21 2007 - 03:11:27 CST)
• Hubbard, Dan
  • RE: [Full-disclosure] Fwd: Websense 6.3.1 Filtering Bypass (Thu Dec 13 2007 - 08:49:08 CST)
• iDefense Labs
  • iDefense Security Advisory 12.17.07: Apple Mac OS X mount_smbfs Stack Based Buffer Overflow Vulnerability (Tue Dec 18 2007 - 12:25:39 CST)
  • iDefense Security Advisory 12.18.07: ClamAV libclamav MEW PE File Integer Overflow Vulnerability (Tue Dec 18 2007 - 12:26:49 CST)
  • iDefense Security Advisory 12.11.07: Microsoft DirectX 7 and 8 DirectShow Stack Buffer Overflow Vulnerability (Wed Dec 12 2007 - 13:47:20 CST)
  • iDefense Security Advisory 12.11.07: Microsoft Internet Explorer JavaScript setExpression Heap Corruption Vulnerability (Wed Dec 12 2007 - 13:02:40 CST)
• imei Addmimistrator
  • SupportSuite 3.11.01~ Multiple file ~ PHP SELF XSS (Tue Dec 11 2007 - 02:15:05 CST)
• imipak
  • Fwd: PR06-08: BEA Plumtree portal internal hostname disclosure vulnerability (Mon Dec 03 2007 - 13:10:38 CST)
• IRM Research
  • PGMfuzz - a tool for testing Pragmatic General Multicast protocol implementations (Tue Dec 11 2007 - 11:42:06 CST)
  • TIBCO Rendezvous Exploitation Video (Tue Dec 04 2007 - 11:29:50 CST)
• ISecAuditors Security Advisories
  • [ISecAuditors Security Advisories] Tikiwiki CMS is vulnerable to path traversal attack (Mon Dec 24 2007 - 01:32:12 CST)
  • [ISecAuditors Security Advisories] wwwstats is vulnerable to Persistent XSS (Fri Dec 07 2007 - 05:31:51 CST)
• ISR-noreply
  • [ISR] - Novell Groupwise client remote stack overflow silently patched. (Fri Dec 14 2007 - 08:47:39 CST)
• J. Oquendo
  • Re: Cryptome: NSA has real-time access to Hushmail servers (Thu Dec 27 2007 - 13:07:43 CST)
• jaakkoNOSPAMNOSPAMritke.fi
  • Kvaliitti WebDoc 3.0 CMS SQL Injection vulnerability (Fri Dec 07 2007 - 13:25:02 CST)
• Jamie Strandboge
  • [USN-559-1] MySQL vulnerabilities (Fri Dec 21 2007 - 01:25:53 CST)
  • [USN-557-1] GD library vulnerability (Tue Dec 18 2007 - 19:34:03 CST)
  • [USN-554-1] teTeX and TeX Live vulnerabilities (Thu Dec 06 2007 - 15:04:59 CST)
  • [USN-551-1] OpenLDAP vulnerabilities (Mon Dec 03 2007 - 21:16:06 CST)
• Jay Hennigan
  • Re: Cryptome: NSA has real-time access to Hushmail servers (Thu Dec 27 2007 - 10:58:40 CST)
• Jim Harrison
  • RE: Cryptome: NSA has real-time access to Hushmail servers (Fri Dec 21 2007 - 12:41:06 CST)
• jmoss
  • Black Hat Briefings Call for Papers and Happy Happy Joy Joy (Wed Dec 19 2007 - 17:23:30 CST)
  • Black Hat Briefings Call for Papers (Tue Dec 11 2007 - 14:46:20 CST)
• Jon Angliss
  • ANNOUNCE: SquirrelMail 1.4.13 Released (Fri Dec 14 2007 - 11:22:45 CST)
  • SECURITY: 1.4.12 Package Compromise (Thu Dec 13 2007 - 10:49:40 CST)
• jplopezygmail.com
  • Microsoft Office Publisher (Fri Dec 21 2007 - 23:22:22 CST)
  • Word 2003 denial of service (Fri Dec 21 2007 - 16:13:11 CST)
  • Rosoft Media Player 4.1.7 crash (Mon Dec 17 2007 - 23:53:52 CST)
  • QK SMTP Server 3 - Denial of service (Wed Dec 12 2007 - 16:39:54 CST)
• Juan Galiana
  • FAQMasterFlexPlus multiple vulnerabilities (Thu Dec 27 2007 - 21:26:34 CST)
  • OpenBiblio 0.5.2-pre4 and prior multiple vulnerabilities (Thu Dec 27 2007 - 21:18:44 CST)
• Juha-Matti Laurio
  • RE: Cryptome: NSA has real-time access to Hushmail servers (Sun Dec 30 2007 - 17:36:10 CST)
  • RE: Cryptome: NSA has real-time access to Hushmail servers (Sat Dec 22 2007 - 06:02:18 CST)
  • Cryptome: NSA has real-time access to Hushmail servers (Fri Dec 21 2007 - 10:16:19 CST)
  • Re: Dell / Dell Financial Services - Contact (Mon Dec 10 2007 - 15:58:00 CST)
  • The recent number of unpatched QuickTime flaws is: two (Tue Dec 04 2007 - 18:53:13 CST)
• JustinInfoTek
  • Dell / Dell Financial Services - Contact (Mon Dec 10 2007 - 13:49:40 CST)
• Kees Cook
  • [USN-556-1] Samba vulnerability (Tue Dec 18 2007 - 13:27:46 CST)
  • [USN-550-3] Cairo regression (Wed Dec 12 2007 - 22:18:42 CST)
  • [USN-550-2] Cairo regression (Mon Dec 10 2007 - 14:36:29 CST)
  • [USN-555-1] e2fsprogs vulnerability (Fri Dec 07 2007 - 22:56:09 CST)
  • [USN-553-1] Mono vulnerability (Tue Dec 04 2007 - 18:08:19 CST)
  • [USN-552-1] Perl vulnerability (Tue Dec 04 2007 - 18:07:16 CST)
  • [USN-546-2] Firefox regression (Tue Dec 04 2007 - 14:56:11 CST)
  • [USN-549-2] PHP regression (Mon Dec 03 2007 - 21:45:53 CST)
  • [USN-550-1] Cairo vulnerability (Mon Dec 03 2007 - 15:42:42 CST)
• Kevin Reiter
  • RE: Cryptome: NSA has real-time access to Hushmail servers (Thu Dec 27 2007 - 14:09:00 CST)
• kingoftheworld92fastwebnet.it
  • Flat PHP Board <= 1.2 Multiple Vulnerabilities (Sun Dec 09 2007 - 09:35:25 CST)
  • SineCMS <= 2.3.4 Calendar SQL Injection 'n something else.. (Wed Dec 05 2007 - 16:24:47 CST)
• Kurt Buff
  • Re: Cryptome: NSA has real-time access to Hushmail servers (Thu Dec 27 2007 - 11:26:20 CST)
• Liquidmatrix Security Digest
  • Advisory: Websense XSS Vulnerability (Mon Dec 10 2007 - 10:06:35 CST)
  • Advisory: Cross Site Scripting in CiscoWorks (Wed Dec 05 2007 - 08:14:02 CST)
• Lolek of TK53
  • TK53 Advisory #2: Multiple vulnerabilities in ClamAV (Sat Dec 29 2007 - 12:15:58 CST)
• lolo lolo
  • SiteScape Forum TCL injection (Thu Dec 20 2007 - 03:52:43 CST)
• Luigi Auriemma
  • Buffer-overflow in CoolPlayer 217 (Fri Dec 28 2007 - 12:17:13 CST)
  • Buffer-overflow in Extended Module Player 2.5.1 (Thu Dec 27 2007 - 11:23:45 CST)
  • Multiple vulnerabilities in libnemesi 0.6.4-rc1 (Thu Dec 27 2007 - 11:26:46 CST)
  • Multiple vulnerabilities in Feng 0.1.15 (Thu Dec 27 2007 - 11:25:41 CST)
  • Re: TotalPlayer 3.0 .m3u crash (Thu Dec 27 2007 - 04:42:07 CST)
  • Re: TotalPlayer 3.0 .m3u crash (Thu Dec 27 2007 - 04:27:11 CST)
  • Unicode buffer-overflow in Zoom Player 6.00b2 (Mon Dec 24 2007 - 11:48:05 CST)
  • Double directory traversal in ImgSvr 0.6.21 (Mon Dec 24 2007 - 11:20:57 CST)
  • Update: Clients buffer-overflow in Live for Speed 0.5X10 (Mon Dec 24 2007 - 11:22:17 CST)
  • Buffer-overflow and format string in VideoLAN VLC 0.8.6d (Mon Dec 24 2007 - 11:18:32 CST)
  • Buffer-overflow in WinUAE 1.4.4 (Fri Dec 21 2007 - 13:00:52 CST)
  • Array overflow in id3lib (devel CVS) (Wed Dec 19 2007 - 11:59:03 CST)
  • Heap overflow in PeerCast 0.1217 (Mon Dec 17 2007 - 11:22:04 CST)
  • Filesystem access in DOSBox 0.72 (Mon Dec 10 2007 - 14:11:31 CST)
  • Multiple vulnerabilities in BadBlue 2.72b (Mon Dec 10 2007 - 14:09:29 CST)
  • Multiple vulnerabilities in BarracudaDrive 3.7.2 (Mon Dec 10 2007 - 14:08:44 CST)
  • Upload directory traversal in Easy File Sharing 4.5 (Fri Dec 07 2007 - 16:00:52 CST)
  • Multiple vulnerabilities in Firefly Media Server (mt-daapd) 2.4.1 / SVN 1699 (Fri Dec 07 2007 - 16:01:28 CST)
  • Limited upload directory traversal in HTTP File Server 2.2a / 2.3 beta (build #146) (Fri Dec 07 2007 - 16:01:42 CST)
  • Two vulnerabilities in Simple HTTPD 1.38 (Fri Dec 07 2007 - 16:01:17 CST)
• M. Burnett
  • RE: Cryptome: NSA has real-time access to Hushmail servers (Sat Dec 22 2007 - 03:55:41 CST)
• Maciej G±siorowski
  • smbfs and apache+php source code disclosure (Wed Dec 19 2007 - 04:14:50 CST)
• Major Malfunction
  • DC4420 - London DEFCON chapter Christmas Party - 11th December (Sat Dec 01 2007 - 04:25:31 CST)
• malibu.rhotmail.com
  • Logaholic Web Analytics Software (Sat Dec 22 2007 - 23:29:38 CST)
• mark seiden-via mac
  • Re: Cryptome: NSA has real-time access to Hushmail servers (Thu Dec 27 2007 - 16:06:25 CST)
• Mark Thomas
  • [CVE-2007-5342] Apache Tomcat's default security policy is too open (Sun Dec 23 2007 - 13:26:08 CST)
• Martin Huter
  • squids ICAP implementation lacks a defer check when reading from ICAP server (Mon Dec 10 2007 - 03:17:25 CST)
• Martin Schulze
  • [SECURITY] [DSA 1421-1] New wesnoth packages fix arbitrary file disclosure (Thu Dec 06 2007 - 05:04:40 CST)
  • [SECURITY] [DSA 1419-1] New OpenOffice.org packages fix arbitrary Java code execution (Wed Dec 05 2007 - 09:19:43 CST)
• Matthew Leeds
  • Re: Media Player Classic 6.4.9 MP4 Stack Overflow 0-day (Wed Dec 12 2007 - 11:56:46 CST)
• Matthias Bethke
  • Potential SQL injection vulnerability in Apache::AuthCAS (Thu Dec 06 2007 - 18:41:14 CST)
• Mesut Timur
  • Tikiwiki 1.9.8.3 tiki-special_chars.php XSS Vulnerability (Mon Dec 24 2007 - 07:52:58 CST)
  • Falt4 CMS Security Report/Advisory (Mon Dec 10 2007 - 09:40:43 CST)
• Michal Bucko
  • [ELEYTT] Public Advisory 05-12-2007 (Tue Dec 04 2007 - 20:39:07 CST)
  • Re: 27Mhz based wireless security insecurities - Aka - "We know what you typed last summer" (Tue Dec 04 2007 - 20:38:21 CST)
• michele dallachiesa
  • The Cookie Tools v0.3 -- first public release (Mon Dec 10 2007 - 07:45:55 CST)
• Milen Rangelov
  • sing (debian) vunlerability? (Mon Dec 03 2007 - 02:32:26 CST)
• mjgayrockies.net
  • Re: Re: NETGEAR WGT624 Wireless DSL router default user name/password vulnerability (Thu Dec 20 2007 - 11:38:59 CST)
• morin.joshgmail.com
  • Fingerprints in Astaro Security Gateway v7.1 (Thu Dec 27 2007 - 23:06:12 CST)
• Moritz Jodeit
  • Apple OS X Software Update Remote Command Execution (Mon Dec 17 2007 - 15:47:29 CST)
• Moritz Muehlenhoff
  • [SECURITY] [DSA 1442-2] New libsndfile packages fix arbitrary code execution (Fri Dec 28 2007 - 19:41:21 CST)
  • [SECURITY] [DSA 1440-1] New inotify-tools packages fix arbitrary code execution (Fri Dec 28 2007 - 09:58:13 CST)
  • [SECURITY] [DSA 1437-1] New cupsys packages fix several vulnerabilities (Wed Dec 26 2007 - 07:20:33 CST)
  • [SECURITY] [DSA 1435-1] New clamav packages fix several vulnerabilities (Wed Dec 19 2007 - 11:38:04 CST)
  • [SECURITY] [DSA 1427-1] New samba packages fix arbitrary code execution (Mon Dec 10 2007 - 14:43:14 CST)
  • [SECURITY] [DSA 1426-1] New qt-x11-free packages fix several vulnerabilities (Sat Dec 08 2007 - 05:54:32 CST)
  • [SECURITY] [DSA 1425-1] New xulrunner packages fix several vulnerabilities (Sat Dec 08 2007 - 05:40:53 CST)
  • Re: sing (debian) vunlerability? (Tue Dec 04 2007 - 15:11:46 CST)
  • [SECURITY] [DSA 1417-1] New asterisk packages fix SQL injection (Sun Dec 02 2007 - 06:06:03 CST)
• Naujoks, Hans-Dietmar
  • AW: MS Office 2007: Digital Signature does not protect Meta-Data (Fri Dec 14 2007 - 07:56:15 CST)
  • AW: MS Office 2007: Digital Signature does not protect Meta-Data (Thu Dec 13 2007 - 10:42:03 CST)
• nbbngmx.net
  • Woltlab Burning Board 1.0.2 SQL-Injection Vulnerability (Thu Dec 20 2007 - 15:20:32 CST)
• NetAuctionHelp Support
  • Re: Re: Aria-Security.net: NetAuctionHelp SQL Injection (Thu Dec 06 2007 - 02:40:14 CST)
• no-replyAria-Security.net
  • Lotfian.com DATABASE DRIVEN TRAVEL SITE Multiple SQL Injection (Sat Dec 08 2007 - 15:26:04 CST)
  • Aria-Security.Net: PenPals Login and search page SQL Injection (Wed Dec 05 2007 - 23:26:58 CST)
• noreplyaria-security.net
  • bttlxeForum Multiple SQL Injection And Cross Site Scripting (Sat Dec 08 2007 - 19:01:31 CST)
  • Lotfian Brochure and cataloge Script XSS And SQL Injection (Sun Dec 02 2007 - 21:23:26 CST)
• NSFOCUS Security Team
  • NSFOCUS SA2007-02 : Cisco Security Agent Remote Buffer Overflow Vulnerability (Wed Dec 05 2007 - 23:44:53 CST)
• Ofer Shezaf
  • Latest round of web hacking incidents for 2007 & Project news (Thu Dec 27 2007 - 09:44:41 CST)
• officerstzone.org
  • XZero Community Classifieds <= v4.95.11 LFI & SQL Injection (Wed Dec 26 2007 - 19:26:55 CST)
• oldguyoldguy.us
  • Re: TalkBack 2.2.7 Multiple Remote File Inclusion Vulnerabilities (Thu Dec 27 2007 - 12:59:41 CST)
• organisersyscan.org
  • SyScan'08 Call For Paper/Training (Tue Dec 18 2007 - 01:12:50 CST)
• Ork
  • Security and hacking papers (Mon Dec 10 2007 - 06:50:18 CST)
• ottoottodestruct.com
  • Re: Wordpress - Broken Access Control (Wed Dec 19 2007 - 14:07:40 CST)
  • Re: Wordpress - Broken Access Control (Sun Dec 16 2007 - 04:07:29 CST)
• p4imi0
  • xeCMS 1.x.x Remote File Disclosure Vulnerability. (Wed Dec 19 2007 - 15:47:55 CST)
  • ezContents Version 1.4.5 Remote File Disclosure Vulnerability. (Wed Dec 05 2007 - 16:33:43 CST)
• pawel2827gmail.com
  • CCMS v3.1 Demo <= SQL Injection Vulnerability 0day (Sat Dec 29 2007 - 14:16:07 CST)
  • CuteNews Arbitrary File Download AllVersion (Sat Dec 29 2007 - 14:17:13 CST)
• Pierre-Yves Rofes
  • [ GLSA 200712-22 ] Opera: Multiple vulnerabilities (Sun Dec 30 2007 - 11:17:19 CST)
  • [ GLSA 200712-25 ] OpenOffice.org: User-assisted arbitrary code execution (Sun Dec 30 2007 - 12:30:49 CST)
  • [ GLSA 200712-17 ] exiftags: Multiple vulnerabilities (Sat Dec 29 2007 - 07:59:30 CST)
  • [ GLSA 200712-16 ] Exiv2: Integer overflow (Sat Dec 29 2007 - 07:38:04 CST)
  • [ GLSA 200712-15 ] libexif: Multiple vulnerabilities (Sat Dec 29 2007 - 07:07:22 CST)
  • [ GLSA 200712-12 ] IRC Services: Denial of Service (Thu Dec 13 2007 - 14:48:41 CST)
  • [ GLSA 200712-11 ] Portage: Information disclosure (Thu Dec 13 2007 - 14:13:40 CST)
  • [ GLSA 200712-10 ] Samba: Execution of arbitrary code (Mon Dec 10 2007 - 15:03:03 CST)
  • [ GLSA 200712-07 ] Lookup: Insecure temporary file creation (Sun Dec 09 2007 - 15:42:45 CST)
  • [ GLSA 200712-08 ] AMD64 x86 emulation Qt library: Multiple vulnerabilities (Sun Dec 09 2007 - 16:04:21 CST)
  • [ GLSA 200712-05 ] PEAR::MDB2: Information disclosure (Sun Dec 09 2007 - 15:14:50 CST)
  • [ GLSA 200712-04 ] Cairo: User-assisted execution of arbitrary code (Sun Dec 09 2007 - 14:16:27 CST)
  • [ GLSA 200712-06 ] Firebird: Multiple buffer overflows (Sun Dec 09 2007 - 15:27:29 CST)
  • [ GLSA 200712-03 ] GNU Emacs: Multiple vulnerabilities (Sun Dec 09 2007 - 13:54:21 CST)
  • [ GLSA 200712-09 ] Ruby-GNOME2: Format string error (Sun Dec 09 2007 - 16:17:39 CST)
  • UPDATE: [ GLSA 200711-29 ] Samba: Execution of arbitrary code (Wed Dec 05 2007 - 17:22:55 CST)
  • [ GLSA 200712-01 ] Hugin: Insecure temporary file creation (Wed Dec 05 2007 - 16:22:22 CST)
  • [ GLSA 200712-02 ] Cacti: SQL injection (Wed Dec 05 2007 - 16:42:41 CST)
• poehlsinformatik.uni-hamburg.de
  • MS Office 2007: Target of Hyperlinks not covered by Digital Signatures (Thu Dec 13 2007 - 09:07:09 CST)
  • OpenOffice: Duplicated, Unprotected Certificate Information shown in Signed ODF Documents (Thu Dec 13 2007 - 09:14:26 CST)
  • MS Office 2007: Digital Signature does not protect Meta-Data (Wed Dec 12 2007 - 04:35:21 CST)
• poplix
  • pdflib long filename multiple bufferoverflows (Sat Dec 22 2007 - 17:01:03 CST)
• porkythepiganspi.pl
  • HP laptops Software Update tool vulnerability (Wed Dec 19 2007 - 14:39:51 CST)
  • HP notebooks remote code execution vulnerability (multiple series) (Tue Dec 11 2007 - 13:30:43 CST)
• Praburaajan
  • HITBSecConf2007 Malaysia Videos Now Available (Wed Dec 05 2007 - 23:26:27 CST)
• Prolog Error
  • Meridian Prolog Manager Username and Plain Text Password Disclosure (Tue Dec 11 2007 - 15:42:59 CST)
• recklessbusers.sourceforge.net
  • Re: Uber Uploader <= 5.3.6 Remote File Upload Vulnerability (Tue Dec 18 2007 - 14:31:13 CST)
• researchprocheckup.com
  • PR07-39: Multiple vulnerabilities on Absolute News Manager.NET 5.1 including file retrieval and SQL injection (Tue Dec 04 2007 - 08:20:36 CST)
  • PR06-09: BEA Plumtree portal full version disclosure vulnerability (Sat Dec 01 2007 - 15:14:07 CST)
  • PR06-11: BEA Plumtree portal search facility leaks usernames to unauthenticated users (Sat Dec 01 2007 - 15:32:37 CST)
  • PR06-08: BEA Plumtree portal internal hostname disclosure vulnerability (Sat Dec 01 2007 - 15:04:34 CST)
• researchsymantec.com
  • SYMSA-2007-015 (Tue Dec 18 2007 - 14:14:02 CST)
  • SYMSA-2007-014: SQL Injection Vulnerability in Beehive Forum Software (Mon Dec 03 2007 - 12:58:38 CST)
• retrogalice.donotspam.it
  • SurgeMail v.38k4 webmail Host header crash (Mon Dec 17 2007 - 13:45:30 CST)
  • RaidenHTTPD 2.0.19 ulang cmd exec poc exploit (Mon Dec 17 2007 - 13:40:09 CST)
• retrogalice.it
  • iMesh <= 7.1.0.x IMWebControl Class (IMWeb.dll 7.0.0.x) remote exploit (Tue Dec 18 2007 - 03:00:53 CST)
• Rob Thompson
  • Re: Cryptome: NSA has real-time access to Hushmail servers (Thu Dec 27 2007 - 13:18:55 CST)
  • Re: Media Player Classic 6.4.9 MP4 Stack Overflow 0-day (Mon Dec 10 2007 - 13:28:39 CST)
• Robert Buchholz
  • [ GLSA 200712-24 ] AMD64 x86 emulation GTK+ library: User-assisted execution of arbitrary code (Sun Dec 30 2007 - 11:53:08 CST)
  • [ GLSA 200712-23 ] Wireshark: Multiple vulnerabilities (Sun Dec 30 2007 - 11:39:55 CST)
  • [ GLSA 200712-21 ] Mozilla Firefox, SeaMonkey: Multiple vulnerabilities (Sat Dec 29 2007 - 10:25:03 CST)
  • [ GLSA 200712-20 ] ClamAV: Multiple vulnerabilities (Sat Dec 29 2007 - 10:12:29 CST)
  • [ GLSA 200712-19 ] Syslog-ng: Denial of Service (Sat Dec 29 2007 - 09:59:52 CST)
  • [ GLSA 200712-18 ] Multi-Threaded DAAP Daemon: Multiple vulnerabilities (Sat Dec 29 2007 - 08:00:01 CST)
  • [ GLSA 200712-14 ] CUPS: Multiple vulnerabilities (Tue Dec 18 2007 - 16:26:41 CST)
  • [ GLSA 200712-13 ] E2fsprogs: Multiple buffer overflows (Tue Dec 18 2007 - 14:48:56 CST)
• roothanicker.it
  • Moodle SQL Injection (Fri Dec 21 2007 - 04:04:31 CST)
• rPath Update Announcements
  • rPSA-2007-0269-1 kernel (Tue Dec 18 2007 - 12:42:31 CST)
  • rPSA-2007-0268-1 kdebase (Mon Dec 17 2007 - 16:01:42 CST)
  • rPSA-2007-0266-1 tetex tetex-afm tetex-dvips tetex-fonts tetex-latex tetex-xdvi (Mon Dec 17 2007 - 13:26:12 CST)
  • rPSA-2007-0264-1 mod_dav_svn subversion (Wed Dec 12 2007 - 13:34:57 CST)
  • rPSA-2007-0262-1 e2fsprogs (Tue Dec 11 2007 - 11:59:24 CST)
  • rPSA-2007-0261-1 samba samba-swat (Mon Dec 10 2007 - 12:46:40 CST)
  • rPSA-2007-0260-1 firefox (Thu Dec 06 2007 - 17:17:44 CST)
  • rPSA-2007-0257-1 rsync (Tue Dec 04 2007 - 17:30:21 CST)
  • rPSA-2007-0255-1 nss_ldap (Fri Nov 30 2007 - 21:54:22 CST)
• Sarasa
  • [Security Advisorie] OpenNewsletter v2.5 Multipe XSS Attacks (Thu Dec 06 2007 - 12:51:44 CST)
• Secunia Research
  • Secunia Research: Samba "send_mailslot()" Buffer Overflow Vulnerability (Mon Dec 10 2007 - 09:56:42 CST)
• security curmudgeon
  • Re: Phorm v3.0 Remote File Upload Vulnerability (Thu Dec 06 2007 - 20:24:20 CST)
  • Re: BellaBiblio Admin Login Bypass (Thu Dec 06 2007 - 20:23:35 CST)
  • Re: Friend Script 2.5 - 2.4 Remote File &#304;nclude (Thu Dec 06 2007 - 18:02:25 CST)
  • Re: RIG Image Gallery (dir_abs_src) Remote File Include Vulnerability (Thu Dec 06 2007 - 20:11:05 CST)
  • Re: SQL Injection in SaphpLesson2.0 "show.php" (Sat Dec 01 2007 - 22:08:03 CST)
  • Re: SQL Injection in saphp "showcat.php" (Sat Dec 01 2007 - 22:07:27 CST)
• Security Officer
  • AST-2007-027 - Database matching order permits host-based authentication to be ignored (Tue Dec 18 2007 - 14:03:42 CST)
• security-alerthp.com
  • [security bulletin] HPSBGN02298 SSRT071502 rev.2 - HP Quick Launch Button (QLB) Running on Windows, Remote Execution of Arbitrary Code, Gain Privileged Access (Thu Dec 27 2007 - 06:31:29 CST)
  • HPSBGN2301 SSRT071508 rev.1 - HP Software Update Running on Windows, Remote Execution of Arbitrary Code, Gain Privileged Access (Fri Dec 21 2007 - 16:12:41 CST)
  • [security bulletin] HPSBUX02284 SSRT071483 rev.4 - HP-UX Running Java JRE and JDK, Remote Unauthorized Access (Thu Dec 20 2007 - 06:52:50 CST)
  • [security bulletin] HPSBUX02295 SSRT071333 rev.1 - HP-UX Running rpc.yppasswdd, Remote Denial of Service (DoS) (Thu Dec 20 2007 - 06:53:42 CST)
  • [security bulletin] HPSBTU02300 SSRT071452 rev.1 - HP Tru64 UNIX running FFM, Local Denial of Service (Dos) (Thu Dec 20 2007 - 06:54:34 CST)
  • [security bulletin] HPSBST02299 SSRT071506 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS07-063 to MS07-069 (Tue Dec 18 2007 - 07:32:42 CST)
  • [security bulletin] HPSBGN02298 SSRT071502 rev.1 - HP Quick Launch Button (QLB) Running on Windows, Remote Execution of Arbitrary Code, Gain Privileged Access (Sat Dec 15 2007 - 05:14:00 CST)
  • HPSBUX02296 SSRT071504 rev.2 - HP-UX Running OpenSSL, Remote Execution of Arbitrary Code (Fri Dec 14 2007 - 06:19:50 CST)
  • [security bulletin] HPSBUX02294 SSRT071451 rev.1 - HP-UX Running DCE, Remote Denial of Service (DoS) (Thu Dec 13 2007 - 07:35:45 CST)
  • [security bulletin] HPSBUX02296 SSRT071504 rev.1 - HP-UX Running OpenSSL, Remote Execution of Arbitrary Code (Thu Dec 13 2007 - 07:36:58 CST)
  • [security bulletin] HPSBMA02281 SSRT061261 rev.1 - HP OpenView Network Node Manager (OV NNM) Remote Unauthorized Execution of Arbitrary Code (Thu Dec 06 2007 - 07:28:54 CST)
  • [security bulletin] HPSBMA02293 SSRT071494 rev.1 - HP Select Identity, Remote Unauthorized Access (Tue Dec 04 2007 - 11:38:40 CST)
• securitymandriva.com
  • [ MDKSA-2007:246 ] - Updated Firefox packages fix multiple vulnerabilities (Fri Dec 14 2007 - 00:39:14 CST)
  • [ MDKSA-2007:245 ] - Updated wpa_supplicant package fixes remote denial of service (Thu Dec 13 2007 - 15:19:46 CST)
  • [ MDKSA-2007:244 ] - Updated samba packages fix vulnerability (Tue Dec 11 2007 - 20:15:31 CST)
  • [ MDKSA-2007:241 ] - Updated tomcat5 packages fix multiple vulnerabilities (Mon Dec 10 2007 - 17:18:35 CST)
  • [ MDKSA-2007:243 ] - Updated MySQL packages fix multiple vulnerabilities (Mon Dec 10 2007 - 19:18:23 CST)
  • [ MDKSA-2007:242 ] - Updated e2fsprogs packages fix vulnerability (Mon Dec 10 2007 - 19:03:17 CST)
  • [ MDKSA-2007:240 ] - Updated libnfsidmap packages fix username lookup flaw (Fri Dec 07 2007 - 15:20:58 CST)
  • [ MDKSA-2007:239 ] - Updated heimdal packages fix potential vulnerability (Thu Dec 06 2007 - 19:25:12 CST)
  • [ MDKSA-2007:238 ] - Updated liblcms package fixes buffer overflow (Thu Dec 06 2007 - 15:00:53 CST)
  • [ MDKSA-2007:237 ] - Updated openssl packages fix DTLS vulnerability (Tue Dec 04 2007 - 21:24:36 CST)
  • [ MDKSA-2007:236 ] - Updated openssh packages fix X11 cookie vulnerability (Tue Dec 04 2007 - 21:18:16 CST)
  • [ MDKSA-2007:234 ] - Updated vixie-cron packages fix DoS vulnerability (Mon Dec 03 2007 - 17:33:15 CST)
  • [ MDKSA-2007:235 ] - Updated apache packages fix vulnerabilities (Mon Dec 03 2007 - 17:45:14 CST)
• Seth
  • Re: Cryptome: NSA has real-time access to Hushmail servers (Thu Dec 27 2007 - 13:14:19 CST)
• shinojenux.homelinux.org
  • Re: Sql Injection in wordpress 2.3.1 (Wed Dec 05 2007 - 13:27:09 CST)
• shpcs08atilf.no
  • Call for Papers - Security and High Performance Computing System 2008 (Mon Dec 10 2007 - 03:31:09 CST)
• shsuffhotmail.com
  • Re: PHP <= 5.2.5 Safe Mode Bypass (Mon Dec 24 2007 - 11:19:08 CST)
• Sowhat
  • Avast! AntiVirus TAR Processing Remote Heap Corruption (Thu Dec 06 2007 - 01:26:49 CST)
• Stefan Kanthak
  • Re: Windows binary of "GSview 4.8" contain vulnerable zlib (CAN-2005-2096) and vulnerable bz2lib (CAN-2005-0758 & CAN-2005-0953) (Mon Dec 10 2007 - 11:04:29 CST)
• Stefano Di Paola
  • The first release of SWFIntruder is out ! (Tue Dec 04 2007 - 10:07:22 CST)
• Steve Kemp
  • [SECURITY] [DSA 1433-1] New centericq packages fix execution of code (Sun Dec 16 2007 - 13:54:43 CST)
  • [SECURITY] [DSA 1432-1] New link-grammar packages fix execution of code (Sun Dec 16 2007 - 09:13:36 CST)
  • [SECURITY] [DSA 1431-1] New ruby-gnome2 packages fix execution of arbitrary code (Tue Dec 11 2007 - 16:47:49 CST)
  • [SECURITY] [DSA 1430-1] New libnss-ldap packages fix denial of service (Tue Dec 11 2007 - 16:22:13 CST)
  • [SECURITY] [DSA 1429-1] New htdig packages fix cross site scripting (Tue Dec 11 2007 - 16:11:41 CST)
  • [SECURITY] [DSA 1423-1] New sitebar packages fix several vulnerabilities (Fri Dec 07 2007 - 12:56:32 CST)
  • [SECURITY] [DSA 1422-1] New e2fsprogs packages fix arbitrary code execution (Fri Dec 07 2007 - 07:21:05 CST)
• Steve Shockley
  • Re: Cryptome: NSA has real-time access to Hushmail servers (Thu Dec 27 2007 - 12:11:05 CST)
• Sw33t.h4cK3rhotmail.com
  • SQL MKPortal M1.1 Rc1 (Wed Dec 12 2007 - 03:57:51 CST)
• swhitesecurestate.com
  • + Trivantis CourseMill Enterprise Learning Management System - SQL Injection - CVE-2007-6338 (Thu Dec 13 2007 - 16:05:07 CST)
• sys-projecthotmail.com
  • milliscripts (dir.php) Cross-Site Scripting Vulnerability (Sun Dec 30 2007 - 10:59:06 CST)
  • Blakord Portal <= Beta 1.3.A (all modules) Blind Sql Injection (Wed Dec 26 2007 - 16:32:01 CST)
  • SimpleForum <= 4.6.2 - Cross-Site Scripting Vulnerability (Mon Dec 24 2007 - 11:05:37 CST)
  • PHP iCalendar <= 2.24 - Cross-Site Scripting Vulnerability (Thu Dec 20 2007 - 09:02:01 CST)
  • Uber Uploader <= 5.3.6 Remote File Upload Vulnerability (Mon Dec 17 2007 - 15:17:46 CST)
• th3.r00k.nospampork.gmail.com
  • Re: Wordpress - Broken Access Control (Mon Dec 17 2007 - 20:16:01 CST)
  • Wordpress - Broken Access Control (Fri Dec 14 2007 - 16:07:11 CST)
  • PHP RPG - Sql Injection and Session Information Disclosure. (Fri Dec 14 2007 - 16:08:05 CST)
  • Oreon/Centreon - Multiple Remote File Inclusion (Fri Dec 14 2007 - 16:06:19 CST)
  • Anon Proxy Server - Remote Code Execution (Fri Dec 14 2007 - 16:05:35 CST)
  • Phpay - Local File Inclusion (Fri Dec 14 2007 - 16:03:52 CST)
• The Security Community
  • Fwd: Websense 6.3.1 Filtering Bypass (Wed Dec 12 2007 - 17:31:52 CST)
• The-0utl4w-noreplyaria-security.net
  • Instant Softwares DatingSite SQL Injection (Sat Dec 29 2007 - 19:39:12 CST)
  • [Aria-Security.net] ABI Version 3.7.9.17 Remote SQL Injection (Wed Dec 19 2007 - 23:20:09 CST)
• theredc0dersgmail.com
  • Re: PHP MySQL Banner Exchange 2.2.1 remote mysql database bug (Sun Dec 16 2007 - 19:37:53 CST)
• thesinodahotmail.com
  • Realplayer 11 DOS attack when processing a malformed AU file on MS Vista and XP (Sat Dec 01 2007 - 08:12:29 CST)
• Thijs Kinkhorst
  • [SECURITY] [DSA 1441-1] New peercast packages fix arbitrary code execution (Fri Dec 28 2007 - 10:31:08 CST)
  • [SECURITY] [DSA 1439-1] New typo3-src packages fix SQL injection (Fri Dec 28 2007 - 09:41:20 CST)
  • [SECURITY] [DSA 1405-3] New zope-cmfplone packages fix regression (Thu Dec 27 2007 - 15:21:06 CST)
  • [SECURITY] [DSA 1434-1] New mydns packages fix denial of service (Sun Dec 16 2007 - 15:18:26 CST)
  • [SECURITY] [DSA 1420-1] New zabbix packages fix privilege escalation (Wed Dec 05 2007 - 13:14:40 CST)
  • [SECURITY] [DSA 1418-1] New cacti packages fix SQL injection (Sun Dec 02 2007 - 06:22:32 CST)
• Thomas Roessler
  • Some more widgets: Facebook, Hockey, FlickrInterestingNess (Re: [MacOS X] Insecure eval() in Twitgit and Twitterlex dashboard widgets) (Tue Dec 04 2007 - 10:35:40 CST)
  • [MacOS X] Insecure eval() in Twitgit and Twitterlex dashboard widgets (Mon Dec 03 2007 - 17:04:57 CST)
• Thor (Hammer of God)
  • RE: Cryptome: NSA has real-time access to Hushmail servers (Thu Dec 27 2007 - 13:18:57 CST)
  • RE: Cryptome: NSA has real-time access to Hushmail servers (Fri Dec 21 2007 - 12:51:30 CST)
• Tomas Kuliavas
  • Unsanitized scripting in RoundCube webmail (Sun Dec 09 2007 - 07:39:34 CST)
  • Two vulnerabilities in SquirrelMail GPG plugin (Sun Dec 09 2007 - 07:39:11 CST)
• Valdis.Kletnieksvt.edu
  • Re: Cryptome: NSA has real-time access to Hushmail servers (Wed Dec 26 2007 - 15:33:42 CST)
• webmasternetworkdefense.biz
  • Re: AW: MS Office 2007: Digital Signature does not protect Meta-Data (Thu Dec 13 2007 - 15:12:20 CST)
• Williams, James K
  • [CAID 35970]: CA Products That Embed Ingres Authentication Vulnerability (Fri Dec 21 2007 - 13:26:42 CST)
  • [CAID 35724, 35725, 35726]: CA BrightStor ARCserve Backup Multiple Vulnerabilities (Thu Dec 06 2007 - 18:09:16 CST)
• x 86
  • POC for samba send_mailslot() (Fri Dec 14 2007 - 14:34:01 CST)
• yannick.warnierdokeos.com
  • Re: [HSC] Dokeos Multiple Cross-Site Scripting Vulnerabilities (Mon Dec 24 2007 - 05:29:57 CST)
• zdi-disclosures3com.com
  • ZDI-07-077: Trend Micro ServerProtect StRpcSrv.dll Insecure Method Exposure Vulnerability (Mon Dec 17 2007 - 17:42:57 CST)
  • ZDI-07-079: Hewlett-Packard HP-UX swagentd Buffer Overflow Vulnerability (Mon Dec 17 2007 - 17:57:58 CST)
  • ZDI-07-078: St. Bernard Open File Manager Heap Overflow Vulnerability (Mon Dec 17 2007 - 17:55:04 CST)
  • ZDI-07-076: Microsoft Windows Message Queuing Service Stack Overflow Vulnerability (Tue Dec 11 2007 - 16:21:47 CST)
  • ZDI-07-075: Microsoft Internet Explorer Element Tags Vulnerability (Tue Dec 11 2007 - 16:18:32 CST)
  • ZDI-07-074: Microsoft Internet Explorer Node Manipulation Memory Corruption (Tue Dec 11 2007 - 16:08:39 CST)
  • ZDI-07-073: Microsoft Internet Explorer setExpression Vulnerability (Tue Dec 11 2007 - 15:54:33 CST)
  • ZDI-07-072: Novell Netmail AntiVirus Agent Multiple Overflow Vulnerabilities (Mon Dec 10 2007 - 16:50:19 CST)
  • ZDI-07-070: Skype skype4com URI Handler Remote Heap Corruption Vulnerability (Thu Dec 06 2007 - 16:31:57 CST)
  • ZDI-07-071: HP OpenView Network Node Manager Multiple CGI Buffer Overflows (Thu Dec 06 2007 - 16:40:02 CST)
• zinhohackerscenter.com
  • [HSC Security Group] Multiple CSRF in Joomla all versions - Complete compromise (Thu Dec 27 2007 - 13:21:36 CST)

Last message date: Mon Dec 31 2007 - 13:24:23 CST
Archived on: Mon Dec 31 2007 - 13:24:23 CST

364 messages sorted by: [ date ] [ thread ] [ subject ]