Vulnerability Development (thread)

TextFileBB 1.0.16 Multiple XSS, r0xes . ratm, 2006/04/29
TopList <= 1.3.8 (PHPBB Hack) Remote File Inclusion Vulnerability, mfoxhacker, 2006/04/29
XSS Attack On DirectAdmin Hosting Managment, outlaw, 2006/04/29
W-Agora 4.20 XSS, r0xes . ratm, 2006/04/29
poll.pl<--remote commands execution exploit, CrAzY . CrAcKeR, 2006/04/29
Invision Power Board 2.1.5 POC, Javier Olascoaga, 2006/04/29
Poll: Emerging Threats, Jon R. Kibler, 2006/04/28
- RE: Poll: Emerging Threats, H Alsaleh, 2006/04/30
[Kurdish Secure Advisory #1] I-RATER Platinum "Admin/configsettings.tpl.php" Remote File Include Vulnerability, botan, 2006/04/28
Neomail.pl Local Cross Site Scripting, outlaw, 2006/04/28
[Kurdish Security #2] Artmedic Event Remote File Include Vulnerability, botan, 2006/04/28
[Kurdish Security #3] CoolMenus Event Remote File Include Vulnerability (For PHP), botan, 2006/04/28
[Full-disclosure] [ GLSA 200604-18 ] Mozilla Suite: Multiple vulnerabilities, Thierry Carrez, 2006/04/28
[Full-disclosure] [Argeniss] Alert - Yahoo! Mail XSS vulnerability, Cesar, 2006/04/28
Cireos Portal Cross Site Scripting, outlaw, 2006/04/28
[ECHO_ADV_31$2006] Sws Web Server 0.1.7 Strcpy() & Syslog() Format String Vulnerability, the_day, 2006/04/28
Secunia Research: Servant Salamander unacev2.dll Buffer Overflow Vulnerability, Secunia Research, 2006/04/28
BL4's SMTP server BufferOverflow Vulnerable, the_day, 2006/04/28
[Full-disclosure] WinISO/UltraISO/MagicISO/PowerISO Directory Traversal Vulnerability, Sowhat, 2006/04/28
[Full-disclosure] [USN-275-1] Mozilla vulnerabilities, Martin Pitt, 2006/04/27
SQL injection exploit IPB <= 2.1.4, satanchild123, 2006/04/27
[security bulletin] HPSBMA02113 SSRT061148 rev.1 - HP Oracle for OpenView (OfO) Critical Patch Update April 2006, security-alert, 2006/04/27
[security bulletin] HPSBUX02075 SSRT051074 rev.4 - HP-UX Running xterm Local Unauthorized Access, security-alert, 2006/04/27
[security bulletin] HPSBUX02108 SSRT061133 rev.9 - HP-UX running Sendmail, Remote Execution of Arbitrary Code, security-alert, 2006/04/27
Land Down Under 802 and below version Path Disclosure Vulnerability, Advisory, 2006/04/27
, Yannick von Arx, 2006/04/27
MyBB 1.1.1 Local SQL Injections, o . y . 6, 2006/04/27
[Full-disclosure] [USN-274-1] MySQL vulnerability, Martin Pitt, 2006/04/27
[Full-disclosure] [ GLSA 200604-17 ] Ethereal: Multiple vulnerabilities in protocol dissectors, Sune Kloppenborg Jeppesen, 2006/04/27
Re: XV multiple buffer overflows (update), kvea, 2006/04/26
Re: Apple Mac OS X Safari 2.0.3 Vulnerability, jens, 2006/04/26
- Re: Apple Mac OS X Safari 2.0.3 Vulnerability, Aaron Phillips, 2006/04/26
  - Re: Apple Mac OS X Safari 2.0.3 Vulnerability, Ian MacPhedran, 2006/04/29
[Full-disclosure] [EEYEB-20060227] Juniper Networks SSL-VPN Client Buffer Overflow, eEye Advisories, 2006/04/26
Open Bulletin Board < Multiple Vulnerability, qex, 2006/04/26
Local XXS Attack On CuteNews, outlaw, 2006/04/26
XXS Attack On FarsiNews, outlaw, 2006/04/26
SQL Injection On DUportal, outlaw, 2006/04/26
[eVuln] warforge.NEWS SQL Injection and Multiple XSS Vulnerabilities, alex, 2006/04/26
Secunia Research: SpeedProject Products ACE Archive Handling Buffer Overflow, Secunia Research, 2006/04/26
DevBB <= 1.0.0 XSS, qex, 2006/04/26
MySmartBB<---v 1.1.x SQL Injection/XSS, BoNy-m, 2006/04/26
[Full-disclosure] [ GLSA 200604-16 ] xine-lib: Buffer overflow vulnerability, Sune Kloppenborg Jeppesen, 2006/04/26
[Full-disclosure] [ GLSA 200604-15 ] xine-ui: Format string vulnerabilities, Sune Kloppenborg Jeppesen, 2006/04/26
[ MDKSA-2006:079 ] - Updated ruby packages fix vulnerability, security, 2006/04/26
[ MDKSA-2006:078 ] - Updated mozilla-thunderbird packages fix numerous vulnerabilities, security, 2006/04/26
[ MDKSA-2006:077 ] - Updated ethereal packages fix numerous vulnerabilities, security, 2006/04/26
[ MDKSA-2006:076 ] - Updated mozilla packages fix numerous vulnerabilities, security, 2006/04/26
Recent Oracle exploit is _actually_ an 0day with no patch, David Litchfield, 2006/04/26
- Re: Recent Oracle exploit is _actually_ an 0day with no patch, Steven M. Christey, 2006/04/28
  - Re: Recent Oracle exploit is _actually_ an 0day with no patch, David Litchfield, 2006/04/28
    - Re: Recent Oracle exploit is _actually_ an 0day with no patch, Cesar, 2006/04/28
- RE: Recent Oracle exploit is _actually_ an 0day with no patch, Kornbrust, Alexander, 2006/04/28
  - Re: Recent Oracle exploit is _actually_ an 0day with no patch, David Litchfield, 2006/04/29
[Full-disclosure] Recent Oracle exploit is _actually_ an 0day with no patch, David Litchfield, 2006/04/26
[Full-disclosure] ZDI-06-011: Mozilla Firefox Table Rebuilding Code Execution Vulnerability, zdi-disclosures, 2006/04/26
DCForumLite V 3.0<--XSS/SQL Injection, Breeeeh, 2006/04/25
Instant Photo Gallery <= Multiple XSS, qex, 2006/04/25
- Instant Photo Gallery <= Multiple XSS, qex, 2006/04/25
  - Re: Instant Photo Gallery <= Multiple XSS, security curmudgeon, 2006/04/27
- Re: Instant Photo Gallery <= Multiple XSS, Steven M. Christey, 2006/04/27
Multiple vulnerabilities in IP3 Networks 'NetAccess' NA75 appliance, Moonen, Ralph, 2006/04/25
Multiple browsers Windows mailto protocol Office 2003 file attachment exploit, inge . henriksen, 2006/04/25
PowerPoint Phishing Trojan, Lance James, 2006/04/25
Fenice - Open Media Streaming Server remote BOF exploit, Kaveh Razavi, 2006/04/25
Invision Vulnerabilities, including remote code execution, spam, 2006/04/25
- Re: Invision Vulnerabilities, including remote code execution, Steven M. Christey, 2006/04/26
  - RE: Invision Vulnerabilities, including remote code execution, Mike Weller, 2006/04/29
- Re: Invision Vulnerabilities, including remote code execution, mattmecham, 2006/04/27
NASL 'Split' function Buffer overflow Vulnerability, OS2A BTO, 2006/04/25
- Re: NASL 'Split' function Buffer overflow Vulnerability, Renaud Deraison, 2006/04/25
  - Re: NASL 'Split' function Buffer overflow Vulnerability, Renaud Deraison, 2006/04/25
PhpWebFtp Cross Site Scripting Vulnerability, arko . dhar, 2006/04/25
[ MDKSA-2006:075 ] - Updated mozilla-firefox packages fix numerous vulnerabilities, security, 2006/04/25
NextAge Shopping Cart Software XSS, AminRayden, 2006/04/25
photokorn 1.53 , 1.542 << Sql, Dr-Jr7, 2006/04/25
[ MDKSA-2006:073 ] - Updated cyrus-sasl packages addresses vulnerability, security, 2006/04/25
[ MDKSA-2006:074 ] - Updated php packages address multiple vulnerabilities., security, 2006/04/25
Quick 'n Easy FTP Server pro/lite Logging unicode stack overflow, Kaveh Razavi, 2006/04/24
ADVISORY FOR IOPUS SECURE EMAIL ATTACHMENTS, ntwak0, 2006/04/24
- Re: ADVISORY FOR IOPUS SECURE EMAIL ATTACHMENTS, fabio, 2006/04/25
- Re: ADVISORY FOR IOPUS SECURE EMAIL ATTACHMENTS, Andreas Beck, 2006/04/25
Advisory: My Gaming Ladder Combo System <= 7.0 Remote File Inclusion Vulnerability., Mustafa Can Bjorn IPEKCI, 2006/04/24
vbulletin<--3.0.x SQL Injection, CrAzY . CrAcKeR, 2006/04/24
- Re: vbulletin<--3.0.x SQL Injection, scott, 2006/04/24
VWar Path Disclosure, arko . dhar, 2006/04/24
- Re: VWar Path Disclosure, spic, 2006/04/29
Apple Mac OS X Safari 2.0.3 Vulnerability, , 2006/04/24
- Re: Apple Mac OS X Safari 2.0.3 Vulnerability, Colin Keigher, 2006/04/24
  - Re: Apple Mac OS X Safari 2.0.3 Vulnerability, Tom Ferris, 2006/04/25
    - Re: Apple Mac OS X Safari 2.0.3 Vulnerability, Billy Bues, 2006/04/25
[MajorSecurity] phpMyAgenda 3.0 Final - Remote File Include Vulnerability, admin, 2006/04/24
Firefox Remote Code Execution and DoS 1.5.0.2, chris, 2006/04/24
Advisory: Clansys <= 1.1 PHP Code Insertion Vulnerability., Mustafa Can Bjorn IPEKCI, 2006/04/24
- Re: Advisory: Clansys <= 1.1 PHP Code Insertion Vulnerability., nukedx, 2006/04/25
Multiple PHP4/PHP5 vulnerabilities, infocus, 2006/04/24
Re: evoBlog Remote Name tag Script injection, daniel, 2006/04/24
RIblog Remote SQL Injection Exploit, omnipresent, 2006/04/24
[MajorSecurity] TotalCalendar 2.30 - Remote File Include Vulnerability, admin, 2006/04/24
BK Forum <= 4.0 Remote SQL Injection, n0m3rcy, 2006/04/24
XSS Bug in OpenGear Server Website, Aditya, 2006/04/24
FileLodge Bolt (showonlineusers.php) Cross-Site Scripting Vulnerbility, n0m3rcy, 2006/04/24
[eVuln] RateIt SQL Injection Vulnerability, alex, 2006/04/24
Scry Gallery XSS Vulnerability, arko . dhar, 2006/04/24
NSFOCUS SA2006-02 : IBM AIX mklvcopy Local Privilege Escalation Vulnerability, NSFOCUS Security Team, 2006/04/24
NSFOCUS SA2006-03 : IBM AIX rm_mlcache_file Local Race Condition Vulnerability, NSFOCUS Security Team, 2006/04/24
[Full-disclosure] [USN-273-1] Ruby vulnerability, Martin Pitt, 2006/04/24
[Full-disclosure] [USN-272-1] cyrus-sasl2 vulnerability, Martin Pitt, 2006/04/24
Newslist about security conference, newslist@security-briefings.com, 2006/04/24
[Full-disclosure] Advisory: Clansys <= 1.1 PHP Code Insertion Vulnerability., Mustafa Can Bjorn IPEKCI, 2006/04/23
Yahoo! Mail XSS Vulnerability, Cheng Peng Su, 2006/04/23
FlexBB 0.5.5 Exploit [ function/showprofile.php ] Remote SQL Injection, o . y . 6, 2006/04/23
[Full-disclosure] [ GLSA 200604-14 ] Dia: Arbitrary code execution through XFig import, Sune Kloppenborg Jeppesen, 2006/04/23
[Full-disclosure] [ GLSA 200604-13 ] fbida: Insecure temporary file creation, Sune Kloppenborg Jeppesen, 2006/04/23
[Full-disclosure] [ GLSA 200604-12 ] Mozilla Firefox: Multiple vulnerabilities, Thierry Carrez, 2006/04/23
[Full-disclosure] Format string bug in Skulltag 0.96f, Luigi Auriemma, 2006/04/23
[Full-disclosure] Denial of service bugs in OpenTTD 0.4.7, Luigi Auriemma, 2006/04/23
[Full-disclosure] Buffer-overflow and crash in Fenice OMS 1.10, Luigi Auriemma, 2006/04/23
[Full-disclosure] Advisory: My Gaming Ladder Combo System <= 7.0 Remote File Inclusion Vulnerability., Mustafa Can Bjorn IPEKCI, 2006/04/23
[Full-disclosure] MSIE (mshtml.dll) OBJECT tag vulnerability, Michal Zalewski, 2006/04/22
[Full-disclosure] [ GLSA 200604-11 ] Crossfire server: Denial of Service and potential arbitrary code execution, Thierry Carrez, 2006/04/22
Advisory: CoreNews <= 2.0.1 Multiple Remote Vulnerabilities., Mustafa Can Bjorn IPEKCI, 2006/04/22
Advisory: Simplog <= 0.93 Multiple Remote Vulnerabilities., Mustafa Can Bjorn IPEKCI, 2006/04/22
- [Full-disclosure] RE: Advisory: Simplog <= 0.93 Multiple Remote Vulnerabilities., Ashcraft, Jeremy, 2006/04/23
vBulletin <= 3.5.4 with MKPortal 1.1 Remote SQL Injection Vulnerability., Mustafa Can Bjorn IPEKCI, 2006/04/22
dForum <= 1.5 Multiple Remote File Inclusion Vulnerabilities., Mustafa Can Bjorn IPEKCI, 2006/04/22
VWar <= ver 1.21 Remote Code Execution Exploit, ali, 2006/04/22
Rapid7 Advisory R7-0021: Symantec Scan Engine Authentication Fundamental Design Error, advisory, 2006/04/22
[Full-disclosure] Advisory: CoreNews <= 2.0.1 Multiple Remote Vulnerabilities., Mustafa Can Bjorn IPEKCI, 2006/04/21
[Full-disclosure] Advisory: Simplog <= 0.93 Multiple Remote Vulnerabilities., Mustafa Can Bjorn IPEKCI, 2006/04/21
[Full-disclosure] vBulletin <= 3.5.4 with MKPortal 1.1 Remote SQL Injection Vulnerability., Mustafa Can Bjorn IPEKCI, 2006/04/21
[Full-disclosure] dForum <= 1.5 Multiple Remote File Inclusion Vulnerabilities., Mustafa Can Bjorn IPEKCI, 2006/04/21
[Symantec Security Advisor] Symantec Scan Engine Multiple Vulnerabilities, secure, 2006/04/21
Rapid7 Advisory R7-0019: Directory traversal vulnerability in SolarWinds TFTP Server for Windows, advisory, 2006/04/21
Rapid7 Advisory R7-0023: Symantec Scan Engine File Disclosure Vulnerability, advisory, 2006/04/21
Rapid7 Advisory R7-0022: Symantec Scan Engine Known Immutable DSA Private Key, advisory, 2006/04/21
Scry Gallery Directory Traversal & Full Path Disclosure Vulnerabilites, simo64, 2006/04/21
RE: [BULK] - Websense Filter Bypass, Hubbard, Dan, 2006/04/21
- RE: [BULK] - Websense Filter Bypass, John E. Fleming, 2006/04/24
bloggage Remote SQL Injection, omnipresent, 2006/04/21
r57shell.php <= 1.3 XSS, qex, 2006/04/21
[eVuln] MWNewsletter SQL Injection and XSS Vulnerabilities, alex, 2006/04/21
BK Forum <<--V.4.0 SQL Injection, CrAzY . CrAcKeR, 2006/04/21
[Full-disclosure] [ GLSA 200604-10 ] zgv, xzgv: Heap overflow, Sune Kloppenborg Jeppesen, 2006/04/21
[Full-disclosure] [ GLSA 200604-09 ] Cyrus-SASL: DIGEST-MD5 Pre-Authentication Denial of Service, Sune Kloppenborg Jeppesen, 2006/04/21
[Full-disclosure] [SecuriWeb 2006.1] directory traversal in Asterisk@Home and ARI, François Harvey, 2006/04/21
Mini-NUKE v2.3<<--- SQL Injection, CrAzY . CrAcKeR, 2006/04/21
- Re: Mini-NUKE v2.3<<--- SQL Injection, nukedx, 2006/04/21
Websense Filter Bypass, qex, 2006/04/21
4images <= 1.7 XSS, qex, 2006/04/21
RE: (addendum) redirection vuln crawlers breed & security through obscurity, Evans, Arian, 2006/04/20
Allied Telesyn Switch UDP Data Flood Management Denial Of Service Vulnerability, kim, 2006/04/20
Ad-Aware Revisited, Roy . Batty, 2006/04/20
[security bulletin] HPSBST02112 SSRT061129 rev.1 - HP StorageWorks Secure Path for Windows Remote Denial of Service (DoS), security-alert, 2006/04/20
[security bulletin] HPSBTU02095 SSRT051007 rev.3 - HP Tru64 UNIX Running DNS BIND4/BIND8 as Forwarders: Remote Unauthorized Privileged Access, security-alert, 2006/04/20
axoverzicht.cgi<==Remote File Inclusion, CrAzY . CrAcKeR, 2006/04/20
ThWboard 3 Beta 2.84 Cross Site Scripting, CrAzY . CrAcKeR, 2006/04/20
PHPSurveyor <= 0.995 'save.php/surveyid' remote cmmnds xctn, rgod, 2006/04/20
[eVuln] MWGuest XSS Vulnerability, alex, 2006/04/20
ASPSitem <= 1.83 Remote SQL Injection Vulnerability, Mustafa Can Bjorn IPEKCI, 2006/04/20
Strengthen OpenSSH security?, Brett Glass, 2006/04/20
- Re: Strengthen OpenSSH security?, Mike Hoskins, 2006/04/20
- Re: Strengthen OpenSSH security?, Carson Gaspar, 2006/04/20
  - Re: Strengthen OpenSSH security?, Theo de Raadt, 2006/04/21
- Re: Strengthen OpenSSH security?, Kd, 2006/04/20
- Re: Strengthen OpenSSH security?, MaddHatter, 2006/04/21
- Re: Strengthen OpenSSH security?, Damien Miller, 2006/04/21
- Re: Strengthen OpenSSH security?, c0redump, 2006/04/21
- Re: Strengthen OpenSSH security?, Bob Goodman, 2006/04/23
New site about security conferences : www.security-briefings.com, newslist@security-briefings.com, 2006/04/20
PCPIN Chat <= 5.0.4 "login/language" remote cmmnds xctn, rgod, 2006/04/20
[eVuln] N.T. Version 1.1.0 XSS and PHP Code Insertion Vulnerabilities, alex, 2006/04/20
SQL Injection in incredibleindia.org, susam_pal, 2006/04/20
[eVuln] MD News Authentication Bypass and SQL Injection Vulnerabilities, alex, 2006/04/19
[Full-disclosure] [Argeniss] Oracle Database 10gR1 Buffer overflow in VERIFY_LOG procedure, Cesar, 2006/04/19
Re: Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotaged hosts-file lookup, somerandomaddress99, 2006/04/19
EasyGallery Cross-Site Scripting, botan, 2006/04/19
Confixx SQL Injection exploit (confixx_exploit.pl), defa, 2006/04/19
Tlen.PL e-mail XSS vulnerability., koper, 2006/04/19
WWWThread RC 3 MultBugs, o . y . 6, 2006/04/19
Fortinet28 box does not resist has small synflood!, testx444, 2006/04/19
ContentBoxx Login.php Cross-Site Scripting, botan, 2006/04/19
Shbablek Mail Vulnerablitiy - Cross-Site Scripting, n0m3rcy, 2006/04/19
redirection vuln crawlers breed & security through obscurity, Ivan Sergio Borgonovo, 2006/04/19
- Re: redirection vuln crawlers breed & security through obscurity, Thomas Hochstein, 2006/04/23
- RE: redirection vuln crawlers breed & security through obscurity, Evans, Arian, 2006/04/19
[Full-disclosure] ASPSitem <= 1.83 Remote SQL Injection Vulnerability, Mustafa Can Bjorn IPEKCI, 2006/04/19
Oracle 10g 10.2.0.2.0 DBA exploit, putosoft softputo, 2006/04/19
ThWboard <= 3 Beta 2.84 SQL Injection, Qex, 2006/04/19
RechnungsZentrale V2 - SQL injection and Remote PHP inclusion vulnerabilities, info, 2006/04/19
Multiple vulnerabilities in Linux based Cisco products, assurance.com.au, 2006/04/19
- Re: Multiple vulnerabilities in Linux based Cisco products, Ilker Temir, 2006/04/19
[security bulletin] HPSBUX02108 SSRT061133 rev.7 - HP-UX running Sendmail, Remote Execution of Arbitrary Code, security-alert, 2006/04/19
Re: Path Disclosure and Arbitrary File Read Vulnerability in SLAB5000, office, 2006/04/19
XSS Vulnerability in Guest-book script powered by Community Architect, susam . pal, 2006/04/19
[Full-disclosure] [USN-271-1] Firefox vulnerabilities, Martin Pitt, 2006/04/19
[MajorSecurity]ActualAnalyzer - Remote File Include Vulnerability, admin, 2006/04/19
FreeBSD Security Advisory FreeBSD-SA-06:14.fpu, FreeBSD Security Advisories, 2006/04/19
SQL Injection in package SYS.DBMS_LOGMNR_SESSION, ak, 2006/04/19
CuteNews 1.4.1 <= Cross Site Scripting, sn4k3 . 23, 2006/04/19
- Re: CuteNews 1.4.1 <= Cross Site Scripting, Steven M. Christey, 2006/04/20
Re: [Full-disclosure] GMail, Google Groups XSS Vulnerability, Steven Rakick, 2006/04/19
[Symantec Security Advisory] LiveUpdate for Macintosh Local Privilege Escalation, Secure, 2006/04/18
Multiple critical and high risk issues in Oracle's database server, NGSSoftware Insight Security Research, 2006/04/18
[KAPDA::#41] - Mambo/Joomla rss component vulnerability, alireza hassani, 2006/04/18
- Re: [KAPDA::#41] - Mambo/Joomla rss component vulnerability, rey . gigataras, 2006/04/19
[ MDKSA-2006:072 ] - Updated kernel packages fix multiple vulnerabilities, security, 2006/04/18
phpLister v. 0.4.1 XSS Attacking, botan, 2006/04/18
blur6ex Local File Inclusion and SQL injection ., h e, 2006/04/18
axoverzicht.cgi <= XSS, qex, 2006/04/18
Another flaw in Firefox 1.5.0.2: to open files from remote, miky, 2006/04/18
Remote Xine Format String Vulnerability, c0ntexb, 2006/04/18
Linpha 1.1.0 - XSS Vulnerabilities, d4igoro, 2006/04/18
[SA-03] Example of Grsecurity protection avoid., adam, 2006/04/17
[eVuln] Wire Plastik wpBlog SQL Injection Vulnerability, alex, 2006/04/17
gcc 4.1 bug miscompiles pointer range checks, may place you at risk, Felix von Leitner, 2006/04/17
- Re: gcc 4.1 bug miscompiles pointer range checks, may place you at risk, Forrest J. Cavalier III, 2006/04/18
- Re: gcc 4.1 bug miscompiles pointer range checks, may place you at risk, Alexander Klimov, 2006/04/18
- Re: gcc 4.1 bug miscompiles pointer range checks, may place you at risk, Florian Weimer, 2006/04/18
- Re: gcc 4.1 bug miscompiles pointer range checks, may place you at risk, Michael Chamberlain, 2006/04/18
- Re: gcc 4.1 bug miscompiles pointer range checks, may place you at risk, Gabor Gombas, 2006/04/18
- Re: gcc 4.1 bug miscompiles pointer range checks, may place you at risk, Nate Eldredge, 2006/04/19
- RE: gcc 4.1 bug miscompiles pointer range checks, may place you at risk, Michael Wojcik, 2006/04/18
- Re: gcc 4.1 bug miscompiles pointer range checks, may place you at risk, jat-public01, 2006/04/18
Neon Responder (Dos,Exploit), Stefan Lochbihler, 2006/04/17
FlexBB 0.5.5 Bypass Exploit, o . y . 6, 2006/04/17
[Full-disclosure] [Argeniss] Alert - Yahoo! Webmail XSS, Cesar, 2006/04/17
- Re: [Full-disclosure] [Argeniss] Alert - Yahoo! Webmail XSS, Morning Wood, 2006/04/17
- Re: [Full-disclosure] [Argeniss] Alert - Yahoo! Webmail XSS, Morning Wood, 2006/04/18
  - [Full-disclosure] Re: [Argeniss] Alert - Yahoo! Webmail XSS, Dave \"No, not that one\" Korn, 2006/04/18
AnimeGenesis <= XSS, qex, 2006/04/17
Tiny PHP forum - vulns, hessam, 2006/04/17
[eVuln] CzarNews XSS and Multiple SQL Injection Vulnerabilities, alex, 2006/04/17
[Full-disclosure] [ GLSA 200604-08 ] libapreq2: Denial of Service vulnerability, Thierry Carrez, 2006/04/17
Neuron Blog <= 1.1 XSS, qex, 2006/04/17
ShoutBOOK <= 1.1 XSS, qex, 2006/04/17
- PHPGraphy <= 0.9.11 "editwelcome" unauthorized access / cross site scripting -, rgod, 2006/04/17
- Re: - PHPGraphy <= 0.9.11 "editwelcome" unauthorized access / cross site scripting -, JiM / aEGIS, 2006/04/18
PhpWebFTP 3.2 Login Script, arko . dhar, 2006/04/17
[Full-disclosure] ZDI-06-009: Mozilla Firefox Tag Parsing Code Execution Vulnerability, zdi-disclosures, 2006/04/17
BetaBoard Cross Site Scripting vulnerability, easy . mask, 2006/04/17
MyEvent Remote File Execution And XSS Attacking, botan, 2006/04/17
Calendarix "yearcal.php" XSS Attacking, botan, 2006/04/17
FlexBB v0.5.5 BETA [SQL Inj] [XSS] [Login bypass], kr4ch, 2006/04/17
Xss In bMachine 2٫7, W3 . _, 2006/04/17
DbbS<=2.0-alpha Multiple Vulnerabilities, yamcho, 2006/04/17
[Full-disclosure] Reminder: HITBSecConf2006 CFP is closing in 2 weeks, Praburaajan, 2006/04/17
Snipe Gallery <= 3.1.4 Multiple XSS, qex, 2006/04/16
- Re: Snipe Gallery <= 3.1.4 Multiple XSS, nobody, 2006/04/17
phpFaber TopSites Script Cross-Site Scripting, botan, 2006/04/16
Boardsolution <= 1.12 XSS, qex, 2006/04/16
FlexBB <= 0.5.7 BETA XSS, qex, 2006/04/16
PhpGuestbook <= 1.0 XSS, qex, 2006/04/16
Tiny Web Gallery <= 1.4 XSS, qex, 2006/04/16
PHP Album <= 0.3.2.3 remote commnads execution, rgod, 2006/04/16
[eVuln] aWebBB Multiple XSS and SQL Injection Vulnerabilities, alex, 2006/04/15
[KAPDA]CopperminePhotoGallery1.4.4~ PluginInclusionSystem(index.php)~ RemoteFileInclusion attack, addmimistrator, 2006/04/15
- Re: [KAPDA]CopperminePhotoGallery1.4.4~ PluginInclusionSystem(index.php)~ RemoteFileInclusion attack, Dariusz Kolasinski, 2006/04/17
[KAPDA]MyBB1.1.0~global.php~ParameterExtracting, addmimistrator, 2006/04/15
manila.userland cross site scriptable, Aaron Kaplan, 2006/04/15
Dokeos 1.6.4 SQL Injection Vulnerability, Alvaro Olavarria, 2006/04/15
a Yahoo Vulnerability, r57shell, 2006/04/15
Re: Sql Injection in Confixx 3.06 & 3.08 & 3.?? ?, iovdin, 2006/04/15
Re: SAXoPRESS - directory traversal aka Saxotech Online, securiteam, 2006/04/15
Re: [ECHO_ADV_27$2006] Indexu <= 5.0.1 Remote File Inclusion, robert, 2006/04/15
planetSearch+ - XSS Vulnerabilities, d4igoro, 2006/04/15
RE: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup, Derek Soeder, 2006/04/15
- Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup, Thor (Hammer of God), 2006/04/17
  - Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup, Ansgar -59cobalt- Wiechers, 2006/04/18
  - Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup, Paul Wouters, 2006/04/19
  - Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup, Geo., 2006/04/19
    - Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup, Thor (Hammer of God), 2006/04/23
    - Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup, Geo., 2006/04/23
    - Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup, Thor (Hammer of God), 2006/04/25
- Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup, robsekeris, 2006/04/19
- Re: RE: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup, john, 2006/04/19
  - Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup, Thor (Hammer of God), 2006/04/23
    - Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup, John Biederstedt, 2006/04/23
    - Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup, Thor (Hammer of God), 2006/04/23
    - Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup, John Biederstedt, 2006/04/23
    - Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup, Thor (Hammer of God), 2006/04/23
- Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup, no . spam, 2006/04/19
- Re: RE: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup, somebody, 2006/04/19
  - Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup, Thor (Hammer of God), 2006/04/23
- RE: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup, Sean Scott, 2006/04/25
Xss In ar-blog v 5.2, W3 . _, 2006/04/15
PAJAX Remote Code Injection and File Inclusion Vulnerability, RedTeam Pentesting, 2006/04/15
Re: Re: NETGEAR WGT624 Wireless DSL router default user name/password vulnerability, tranceformer, 2006/04/15
Firefox 1.5.0.1 Password Manager Arbtirary User Browsing History Disclosure, franz, 2006/04/15
- Re: Firefox 1.5.0.1 Password Manager Arbtirary User Browsing History Disclosure, Eliah Kagan, 2006/04/15
Avast Linux Home Edition (vulnerability on a temporary folder creation), Julien L., 2006/04/15
phpBB template file code execution, noch22, 2006/04/15
Serendipity Blog vuln, moep, 2006/04/15
phpBB Admin command execution, noch22, 2006/04/15
- Re: phpBB Admin command execution, dave . de, 2006/04/19
Encyclopedia <= 3.0 (login.php) CrossSite Scripting - XSS, n0m3rcy, 2006/04/15
osCommerce "extras/" information/source code disclosure, rgod, 2006/04/15
- RE: osCommerce "extras/" information/source code disclosure, Michael Scheidell, 2006/04/16
Farsinews Cross-Site Scripting & Path disclosure vulnerability, aminrayden, 2006/04/15
Vulnerabilities in MODx, crasher, 2006/04/15
- Re: Vulnerabilities in MOD, Victor Brilon, 2006/04/16
Vulnerabilities in Papoo, crasher, 2006/04/15
[Full-disclosure] ZDI-06-010: Mozilla Firefox CSS Letter-Spacing Heap Overflow Vulnerability, zdi-disclosures, 2006/04/15
Vulnerabilities in lifetype, crasher, 2006/04/15
[eVuln] aWebNews Multiple XSS and SQL Injection Vulnerabilities, alex, 2006/04/15
PowerClan 1.14 - SQL Injection, d4igoro, 2006/04/14
Camino Browser HTML Parsing Null Pointer Dereference Denial of Service Vulnerability, izimask, 2006/04/14
[eVuln] RedCMS Multiple XSS and SQL Injection Vulnerabilities, alex, 2006/04/14
[Full-disclosure] [ GLSA 200604-07 ] Cacti: Multiple vulnerabilities in included ADOdb, Thierry Carrez, 2006/04/14
TalentSoft Web+Shop Path Disclosure, revnic, 2006/04/13
Secunia Research: Adobe Document Server for Reader Extensions Multiple Vulnerabilities, Secunia Research, 2006/04/13
SaphpLesson 2.0 (forumid) Remote SQL Injection Exploit, selfar2002, 2006/04/13
MyBB 1.10 New CrossSiteScripting ' member.php ', o . y . 6, 2006/04/13
Re: Jupiter CMS <= 1.1.5 multiple XSS attack vectors., anonss, 2006/04/13
phpMyAdmin 2.7.0-pl1, kr4ch, 2006/04/13
- Re: phpMyAdmin 2.7.0-pl1, Kevin Waterson, 2006/04/15
QuickBlogger v1.4 Cross-Site Scripting, botan, 2006/04/13
- Re: QuickBlogger v1.4 Cross-Site Scripting, Steven M. Christey, 2006/04/15
MyBB 1.10 New XSS ' member.php ', o . y . 6, 2006/04/13
Recon 2006: speaker lineup announcement, Recon, 2006/04/13
[Full-disclosure] Microsoft DNS resolver: deliberately sabotaged hosts-file lookup, Dave Korn, 2006/04/13
- Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotaged hosts-file lookup, Brandon S. Allbery KF8NH, 2006/04/13
  - Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotaged hosts-file lookup, Stan Bubrouski, 2006/04/13
  - [Full-disclosure] Re: Microsoft DNS resolver: deliberately sabotagedhosts-file lookup, Dave Korn, 2006/04/13
  - Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotaged hosts-file lookup, J.A. Terranson, 2006/04/14
  - Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotaged hosts-file lookup, Jamie Riden, 2006/04/19
- Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotaged hosts-file lookup, A . L . M . Buxey, 2006/04/13
  - Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotaged hosts-file lookup, dumdidumdideldey, 2006/04/13
- Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotaged hosts-file lookup, Joachim Schipper, 2006/04/13
  - RE: [Full-disclosure] Microsoft DNS resolver: deliberately sabotaged hosts-file lookup, Mario Contestabile, 2006/04/19
    - [Full-disclosure] RE: Microsoft DNS resolver: deliberately sabotaged hosts-file lookup, Nick FitzGerald, 2006/04/20
    - Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotaged hosts-file lookup, Duncan Simpson, 2006/04/25
RevoBoard [email] tag XSS, r0xes . ratm, 2006/04/13
phpWebSite 0.10.? (topics.php) Remote SQL Injection Exploit, selfar2002, 2006/04/13
- Re: phpWebSite 0.10.? (topics.php) Remote SQL Injection Exploit, Kevin Wilcox, 2006/04/15
[BuHa-Security] Multiple Vulnerabilities in MS IE 6.0 SP2, bugtraq, 2006/04/13
Remote File Inclusion in VBulletin ImpEx, dr . jr7, 2006/04/13
[BuHa-Security] Stack Based Buffer Overflow Vulnerability in Amaya 9.4 #2, bugtraq, 2006/04/13
[eVuln] qliteNews SQL Injection Vulnerability, alex, 2006/04/13
[BuHa-Security] Stack Based Buffer Overflow Vulnerability in Amaya 9.4, bugtraq, 2006/04/13
[Full-disclosure] ZDI-06-008: Novell GroupWise Messenger Accept-Language Buffer Overflow, zdi-disclosures, 2006/04/13
[BuHa-Security] DoS Vulnerability in Firefox 1.5.0.1, bugtraq, 2006/04/13
SimpleBBS v1.1(posts.php) remote command execution, stormhacker, 2006/04/13
Windows Help Heap Overflow, c0ntexb, 2006/04/13
PatroNet CMS Xss Vuln, Soothackers, 2006/04/13
Re: phpWebsite <= SQL Injection (friend.php) & (article.php), shaun, 2006/04/13
Clansys Multiple Xss Vulnerabilities, Soothackers, 2006/04/13
[security bulletin] HPSBUX02108 SSRT061133 rev.6 - HP-UX running Sendmail, Remote Execution of Arbitrary Code, security-alert, 2006/04/13
[Full-disclosure] SEC Consult SA-20060314 :: Opera Browser CSS Attribute Integer Wrap / Buffer Overflow, Bernhard Mueller, 2006/04/13
- Re: [Full-disclosure] SEC Consult SA-20060314 :: Opera Browser CSS Attribute Integer Wrap / Buffer Overflow, Thierry Zoller, 2006/04/13
[Full-disclosure] [USN-270-1] xpdf vulnerabilities, Martin Pitt, 2006/04/13
Vulnerability in Microsoft FrontPage Server Extensions Could Allow Cross-Site Scripting, Esteban Martinez Fayo, 2006/04/12
Simplog <=0.9.2 multiple vulnerabilities, rgod, 2006/04/12
- Re: Simplog <=0.9.2 multiple vulnerabilities, Jeremy Ashcraft, 2006/04/15
[eVuln] QLnews XSS and PHP Code Insertion Vulnerabilities, alex, 2006/04/12
Re: Buffer-overflow in Ultr@VNC 1.0.1 viewer POC, phaas, 2006/04/12
2nd European Conference on Computer Network Defense (EC2ND), Blyth A J C (Comp), 2006/04/12
SAXoPRESS - directory traversal, securiteam, 2006/04/12
[Full-disclosure] Microsoft Internet Explorer DBCS Remote Memory Corruption Vulnerability, Sowhat, 2006/04/12
IT Underground, London 2006 - call for papers, it_underground, 2006/04/12
[Full-disclosure] Autogallery Multiple Cross-Site Scripting Vulnerabilitie, 0o_zeus_o0 elitemexico.org, 2006/04/12
Old issue- MS NT PPTP/RAS DoS, SanjayR, 2006/04/11
[ MDKSA-2006:070 ] - Updated openvpn packages fix vulnerability, security, 2006/04/11
[ MDKSA-2006:071 ] - Updated xscreensaver packages fix clear-text password vulnerability, security, 2006/04/11
AzDGVote File inclusion, selfar2002, 2006/04/11
[SRC-Telindus advisory] - HP System Management Homepage Remote Unauthorized Access, SRC Telindus, 2006/04/11
Confixx 3.1.2 <= SQL Injection, sn4k3 . 23, 2006/04/11
- Re: Confixx 3.1.2 <= SQL Injection, iovdin, 2006/04/13
IBM, ptt, 2006/04/11
- RE: IBM, Michael Scheidell, 2006/04/13
- Re: IBM, stend, 2006/04/13
- Re: RE: IBM, Juha-Matti Laurio, 2006/04/14
[eVuln] VNews Multiple Vulnerabilities, alex, 2006/04/11
Tritanium Bulletin Board 1.2.3 - XSS, d4igoro, 2006/04/11
Manila <= 9.5 - XSS Vulnerabilities, d4igoro, 2006/04/11
[Full-disclosure] ZDI-06-007: Microsoft Windows Address Book (WAB) File Format Parsing Vulnerability, zdi-disclosures, 2006/04/11
[eVuln] [V]Book Multiple Vulnerabilities, alex, 2006/04/11
phpListPro <= 2.0 - Remote File Include Vulnerability, admin, 2006/04/11
Multiple vulnerabilities in Blur6ex, crasher, 2006/04/11
- Re: Multiple vulnerabilities in Blur6ex, Steven M. Christey, 2006/04/13
[ MDKSA-2006:069 ] - Updated openvpn packages fix vulnerability, security, 2006/04/11
INDEXU <= 5.0.1 (theme_path)and (base_path) Remote File Inclusion Exploit, selfar2002, 2006/04/11
Confixx 3.1.2 <= Cross Site Scripting Vuln, sn4k3 . 23, 2006/04/11
[Full-disclosure] IMF 2006 - Submission Deadline Extension, Oliver Goebel, 2006/04/11
[Full-disclosure] [USN-269-1] xscreensaver vulnerability, Martin Pitt, 2006/04/11
[Full-disclosure] Realplayer .SWF Multiple Remote Memory Corruption Vulnerabilities, Sowhat, 2006/04/11
[Full-disclosure] JetPhoto Multiple Cross-Site Scripting Vulnerabilitie, 0o_zeus_o0 elitemexico.org, 2006/04/11
[Full-disclosure] Dokeos 1.6.4 SQL Injection Vulnerability, Alvaro Olavarria, 2006/04/11
PHPWebGallery Multiple Cross Site Scripting Vulnerabilities, root__, 2006/04/10
phpMyForum Cross Site Scripting & CRLF injection, root__, 2006/04/10
- Re: phpMyForum Cross Site Scripting & CRLF injection, chris, 2006/04/29
Jbook Cross Site Scripting, root__, 2006/04/10
PHPList <= 2.10.2 remote commands execution, rgod, 2006/04/10
- Re: PHPList <= 2.10.2 remote commands execution, secfoc, 2006/04/11
- Re: Re: PHPList <= 2.10.2 remote commands execution, rg . viza, 2006/04/11
Vegadns blind sql injection and cross site scripting, king_purba, 2006/04/10
Myspace.com - Intricate Script Injection, silentproducts, 2006/04/10
MyBB 1.10 'newthread.php' < CrossSiteScripting >, o . y . 6, 2006/04/10
copy() Safe Mode Bypass PHP 4.4.2 and 5.1.2, cxib, 2006/04/10
tempnam() open_basedir bypass PHP 4.4.2 and 5.1.2, cxib, 2006/04/10
function *() php/apache Crash PHP 4.4.2 and 5.1.2, cxib, 2006/04/10
- Re: function *() php/apache Crash PHP 4.4.2 and 5.1.2, Michal Zalewski, 2006/04/11
- Re: function *() php/apache Crash PHP 4.4.2 and 5.1.2, Steven M. Christey, 2006/04/12
  - Exploiting out of memory crashes and null pointers [was: Re: function *() php/apache Crash PHP 4.4.2 and 5.1.2], 86400s, 2006/04/12
  - Re: function *() php/apache Crash PHP 4.4.2 and 5.1.2, Michal Zalewski, 2006/04/13
- Re: Re: function *() php/apache Crash PHP 4.4.2 and 5.1.2, sp3x, 2006/04/15
phpinfo() Cross Site Scripting PHP 5.1.2 and 4.4.2, cxib, 2006/04/10
TUGZip Archive Extraction Directory traversal, h e, 2006/04/10
PhpOpenChat 3.0.x ADODB Server.php "sql" SQL injection, rgod, 2006/04/10
Vulnerabilities in SPIP, crasher, 2006/04/10
Oracle read-only user can insert/update/delete data via specially crafted views, ak, 2006/04/10
XMB Forum 1.9.5-Final XSS, r0xes . ratm, 2006/04/10
[Overflow.pl] Clam AntiVirus Win32-UPX Heap Overflow (not default configuration), Damian Put, 2006/04/10
IE6 Crash, tel, 2006/04/10
- Re: IE6 Crash, H D Moore, 2006/04/10
[SECURITY] [DSA 1025-1] New dia packages fix arbitrary code execution, Martin Schulze, 2006/04/10
[security bulletin] HPSBUX02111 SSRT061132 rev.1 - HP-UX su(1) Local Unauthorized Access, security-alert, 2006/04/10
[security bulletin] HPSBUX02110 SSRT061110 rev.1 - HP-UX Running wu-ftpd Remote Denial of Service (DoS), security-alert, 2006/04/10
Re: Bios Information Leakage, darmawan_salihun, 2006/04/10
[SECURITY] [DSA 1023-1] New kaffeine packages fix arbitrary code execution, Martin Schulze, 2006/04/10
[SECURITY] [DSA 1026-1] New sash packages fix potential arbitrary code execution, Moritz Muehlenhoff, 2006/04/10
Multiple vulnerability in jupiter CMS, king_purba, 2006/04/10
Cisco Security Advisory: Cisco Optical Networking System 15000 series and Cisco Transport Controller Vulnerabilities, Cisco Systems Product Security Incident Response Team, 2006/04/10
Virtual War File İnclusion, liz0, 2006/04/10
Google Reader "preview" and "lens" script improper feed validation, Debasis Mohanty, 2006/04/10
XSS Bug in Cherokee Webserver, rubengarrote, 2006/04/10
[SECURITY] [DSA 1027-1] New mailman packages fix denial of service, Martin Schulze, 2006/04/10
Shadowed Portal Cross Site Scripting, liz0, 2006/04/10
[eVuln] newsletter - sourceworkshop SQL Injection Vulnerability, alex, 2006/04/10
[SECURITY] [DSA 1018-2] New Linux kernel 2.4.27 packages fix several vulnerabilities, Moritz Muehlenhoff, 2006/04/10
MAXDEV CMS Multiple vulnerabilities, king_purba, 2006/04/10
[ MDKSA-2006:067 ] - Updated clamav packages fix vulnerabilities, security, 2006/04/10
[ECHO_ADV_28$2006] Clever Copy <= 3.0 Connect.inc Critical Information Disclosure, eufrato, 2006/04/10
Re: SQL injection in Invision Power Board v2.1.5, optix_prorat100, 2006/04/10
PHPMyChat <= 0.14.5 remote commands execution, rgod, 2006/04/10
LayerOne 2006 - Finalized Speaker Line-Up Announced, Layer One, 2006/04/10
[eVuln] vCounter - sourceworkshop SQL Injection Vulnerability, alex, 2006/04/10
Matt Wright Guestbook Xss Script İnjection, liz0, 2006/04/10
[ MDKSA-2006:065 ] - Updated kaffeine packages fix remote buffer overflow vulnerability, security, 2006/04/10
PHPMyChat 0.15.0dev "SYS enter" remote commands xctn (not properly patched from previous versions), rgod, 2006/04/10
[eVuln] VSNS Lemon Multiple Vulnerabilities, alex, 2006/04/10
[KAPDA::#38] - MyBB 1.1.0~functions_post.php~XSS Attack, addmimistrator, 2006/04/10
[security bulletin] HPSBUX02108 SSRT061133 rev.3 - HP-UX running Sendmail, Remote Execution of Arbitrary Code, security-alert, 2006/04/10
[ MDKSA-2006:068 ] - Updated mplayer packages fix integer overflow vulnerabilities, security, 2006/04/10
SQL Injection in Chipmunk Guestbook, dr . jr7, 2006/04/10
google xss, almfnod, 2006/04/10
- RE: google xss, Andy Meyers, 2006/04/10
  - Re: google xss, Jim Ley, 2006/04/11
  - Re: google xss, pagvac, 2006/04/12
    - Re: google xss, Vladimir Levijev, 2006/04/13
[eVuln] phpNewsManager Multiple SQL Injections, alex, 2006/04/10
- [eVuln] phpNewsManager Multiple SQL Injections, alex, 2006/04/10
Welcome to XCon2006 in China!, xcon, 2006/04/10
[Kaffeine Security Advisory] Heap based buffer overflow in http_peek(), Dirk Mueller, 2006/04/10
Sire 2.0 Nws Remote File inclusion & Arbitary Files Upload, simo64, 2006/04/10
[eVuln] Null news SQL Injection Vulnerability, alex, 2006/04/10
[ MDKSA-2006:066 ] - Updated FreeRADIUS packages fix off-by-one overflow vulnerabilty, security, 2006/04/10
Xss In SaphpLesson3.0, w3 . _, 2006/04/10
Autonomous LAN party File iNclusion, codexploder, 2006/04/10
Cisco Security Advisory: Cisco 11500 Content Services Switch HTTP Request Vulnerability, Cisco Systems Product Security Incident Response Team, 2006/04/10
Linux Kernel Local DoS vulnerability., fingerout, 2006/04/10
[Full-disclosure] [ GLSA 200604-06 ] ClamAV: Multiple vulnerabilities, Sune Kloppenborg Jeppesen, 2006/04/10
IP cloaking using mod_rewrite, RSnake, 2006/04/10
[Full-disclosure] [USN-268-1] Kaffeine vulnerability, Martin Pitt, 2006/04/06
[Full-disclosure] [ GLSA 200604-05 ] Doomsday: Format string vulnerability, Stefan Cornelius, 2006/04/06
[Full-disclosure] [ GLSA 200604-04 ] Kaffeine: Buffer overflow, Sune Kloppenborg Jeppesen, 2006/04/05
[Full-disclosure] Re: Buffer-overflow in Ultr@VNC 1.0.1 viewer and server, jalvare7, 2006/04/05
- [Full-disclosure] Re: Buffer-overflow in Ultr@VNC 1.0.1 viewer and server, Luigi Auriemma, 2006/04/05
[ECHO_ADV_27$2006] AngelineCMS 0.8.1 Installpath Remote File Inclusion, eufrato, 2006/04/05
- [ECHO_ADV_27$2006] AngelineCMS 0.8.1 Installpath Remote File Inclusion, eufrato, 2006/04/05
[Full-disclosure] PIRANA exploitation framework and SMTP contentfilter security, Jean-Sébastien Guay-Leroux, 2006/04/05
Black Hat Call for Papers and Registration now open, Jeff Moss, 2006/04/05
- Black Hat Call for Papers and Registration now open, Jeff Moss, 2006/04/10
Re: Limbo CMS code execution, gergero, 2006/04/05
Another way to spoof Internet Explorer Address Bar, hainamluke, 2006/04/05
- RE: Another way to spoof Internet Explorer Address Bar, Memisyazici, Aras, 2006/04/10
NOD32 local privilege escalation vulnerability, visitbipin, 2006/04/05
[Full-disclosure] [Updated] [FLSA-2006:186277] Updated sendmail packages fix security issue, Marc Deslauriers, 2006/04/05
[Full-disclosure] [FLSA-2006:184098] Updated libc-client packages fixes security issue, Marc Deslauriers, 2006/04/05
[Full-disclosure] [FLSA-2006:184074] Updated pine package fixes security issue, Marc Deslauriers, 2006/04/05
[Full-disclosure] [FLSA-2006:180159] Updated unzip package fixes security issue, Marc Deslauriers, 2006/04/05
[Full-disclosure] [FLSA-2006:183571-2] Updated tar package fixes security issue, Marc Deslauriers, 2006/04/05
[Full-disclosure] [FLSA-2006:183571-1] Updated tar package fixes security issue, Marc Deslauriers, 2006/04/05
[Full-disclosure] [FLSA-2006:170411] Updated imap packages fix security issue, Marc Deslauriers, 2006/04/05
[Full-disclosure] [FLSA-2006:156290] Updated cyrus-imapd packages fix security issues, Marc Deslauriers, 2006/04/05
[Full-disclosure] [FLSA-2006:156139] Updated tcpdump packages fix security issues, Marc Deslauriers, 2006/04/05
[Full-disclosure] [FLSA-2006:152896] Updated mod_python package fixes a security issue, Marc Deslauriers, 2006/04/05
[Full-disclosure] [FLSA-2006:152873] Updated xine package fixes security issues, Marc Deslauriers, 2006/04/05
ArabPortal 2.0.1 Stable [ 9 CrossSiteScripting & 1 SQL Injection ] MultBugz, o . y . 6, 2006/04/04
[Full-disclosure] Buffer-overflow in Ultr@VNC 1.0.1 viewer and server, Luigi Auriemma, 2006/04/04
[security bulletin] HPSBPI2109 SSRT061141 rev.1 - HP Color LaserJet 2500 and 4600 Toolbox Running on Microsoft Windows Remote Unauthorized Disclosure of Information, security-alert, 2006/04/04
[Full-disclosure] [ GLSA 200604-03 ] FreeRADIUS: Authentication bypass in EAP-MSCHAPv2 module, Matthias Geerdsen, 2006/04/04
[Full-disclosure] [ GLSA 200604-02 ] Horde Application Framework: Remote code execution, Stefan Cornelius, 2006/04/04
SMART Technologies SynchronEyes Remote Denial of Services, dennis, 2006/04/04
RUXCON 2006 Call for Papers, cfp, 2006/04/04
[Full-disclosure] [SEC-1 LTD] HP Colour LaserJet 2500 and 4600 Toolbox Directory Traversal Vulnerability, Richard Horsman, 2006/04/04
[Full-disclosure] [ GLSA 200604-01 ] MediaWiki: Cross-site scripting vulnerability, Stefan Cornelius, 2006/04/04
Bypassing ISA Server 2004 with IPv6, Romain . Le . Guen, 2006/04/04
- Re: Bypassing ISA Server 2004 with IPv6, 3APA3A, 2006/04/04
  - Re: Bypassing ISA Server 2004 with IPv6, offtopic, 2006/04/10
  - Re: Bypassing ISA Server 2004 with IPv6, Christine Kronberg, 2006/04/10
    - Re[2]: Bypassing ISA Server 2004 with IPv6, 3APA3A, 2006/04/10
    - Re[2]: Bypassing ISA Server 2004 with IPv6, Christine Kronberg, 2006/04/15
    - Re[3]: Bypassing ISA Server 2004 with IPv6, 3APA3A, 2006/04/15
    - Re[3]: Bypassing ISA Server 2004 with IPv6, Christine Kronberg, 2006/04/19
    - Re: Re[3]: Bypassing ISA Server 2004 with IPv6, Thor (Hammer of God), 2006/04/20
    - Re: Re[3]: Bypassing ISA Server 2004 with IPv6, offtopic, 2006/04/21
    - Re: Re[2]: Bypassing ISA Server 2004 with IPv6, Thor (Hammer of God), 2006/04/19
    - Re: Re[2]: Bypassing ISA Server 2004 with IPv6, Christine Kronberg, 2006/04/19
    - Re: Bypassing ISA Server 2004 with IPv6, Thor (Hammer of God), 2006/04/10
- Re: Re: Bypassing ISA Server 2004 with IPv6, Romain . Le-Guen, 2006/04/10
  - Re: Bypassing ISA Server 2004 with IPv6, Thor (Hammer of God), 2006/04/10
- Re: Bypassing ISA Server 2004 with IPv6, noreply, 2006/04/11
SYMSA-2006-002: McAfee WebShield SMTP Format String Vulnerability, CS_Advisories Mailbox, 2006/04/04
ReloadCMS <= 1.2.5stable Cross site scripting / remote command execution, rgod, 2006/04/04
Phpwebgallery <= 1.4.1 SQL injection Vulnerability, t4h4, 2006/04/04
[ MDKSA-2006:062 ] - Updated dia packages fix buffer overflow vulnerabilities, security, 2006/04/03
[ MDKSA-2006:064 ] - Updated MySQL packages fix logging bypass vulnerability, security, 2006/04/03
[Full-disclosure] Barracuda LHA archiver security bug leads to remote compromise, Jean-Sébastien Guay-Leroux, 2006/04/03
[Full-disclosure] Barracuda ZOO archiver security bug leads to remote compromise, Jean-Sébastien Guay-Leroux, 2006/04/03
[Full-disclosure] PIRANA exploitation framework and SMTP content filter security, Jean-Sébastien Guay-Leroux, 2006/04/03
Re: On classifying attacks, john mullee, 2006/04/03
Re: Cantv/Movilnet's Web SMS vulnerability., raven, 2006/04/03
Re: WebVulnCrawl searching excluded directories for hackable web servers, Dennis Brown, 2006/04/03
SQL Injection in Softbiz Image Gallery, xx_hack_xx_2004, 2006/04/03
MyBB 1.10 New CrossSiteScripting, o . y . 6, 2006/04/03
[Full-disclosure] Format string in Doomsday 1.8.6, Luigi Auriemma, 2006/04/03
- [Full-disclosure] Re: Format string in Doomsday 1.8.6, Alexey Dobriyan, 2006/04/10
Multiple Vulnerabilities in LucidCMS, crasher, 2006/04/03
- Re: Multiple Vulnerabilities in LucidCMS, zachofalltrades, 2006/04/19
Re: [Full-disclosure] Critical PHP bug - act ASAP if you are runningweb with sen, mailinglist mailinglist, 2006/04/03
VWar <= 1.5.0 R12 Remote File Inclusion Exploit, uid0, 2006/04/03
Re: Mis-diagnosed XSS bugs hiding worse issues due to PHP feature, cxib, 2006/04/03
Flaw in commonly used bash random seed method, coderpunk, 2006/04/03
- Re: Flaw in commonly used bash random seed method, Matthijs, 2006/04/03
  - Re: Flaw in commonly used bash random seed method, Dave English, 2006/04/05
    - Re: Flaw in commonly used bash random seed method, Matthijs, 2006/04/05
    - Re: Flaw in commonly used bash random seed method, Matthijs, 2006/04/04
  - Re: Flaw in commonly used bash random seed method, Dave Korn, 2006/04/05
    - Re: Flaw in commonly used bash random seed method, Steve VanDevender, 2006/04/10
Hosting Controller AccountActions.asp and saveuploadfiles.asp vulns (PoC), paolo . difebbo, 2006/04/03
Another Internet Explorer Address Bar Spoofing Vulnerability, hainamluke, 2006/04/03
- Re: Another Internet Explorer Address Bar Spoofing Vulnerability, franz, 2006/04/04
  - Re: Another Internet Explorer Address Bar Spoofing Vulnerability, sh0rtie, 2006/04/10
- Re: Re: Another Internet Explorer Address Bar Spoofing Vulnerability, pc . tech2, 2006/04/10
[Full-disclosure] [USN-267-1] mailman vulnerability, Martin Pitt, 2006/04/03
Re: On product vulnerability history and vulnerability complexity, Crispin Cowan, 2006/04/03
- Re: On product vulnerability history and vulnerability complexity, Gadi Evron, 2006/04/03
  - Re: On product vulnerability history and vulnerability complexity, Steven M. Christey, 2006/04/03
  - Re: On product vulnerability history and vulnerability complexity, Javor Ninov, 2006/04/04
    - Re: On product vulnerability history and vulnerability complexity, Steven M. Christey, 2006/04/04
- Re: On product vulnerability history and vulnerability complexity, ArkanoiD, 2006/04/03
- Re: On product vulnerability history and vulnerability complexity, Forrest J. Cavalier III, 2006/04/03
  - Re: On product vulnerability history and vulnerability complexity, Gadi Evron, 2006/04/04
Re: [Full-disclosure] Critical PHP bug - act ASAP if you are running web with sensitive data, Moriyoshi Koizumi, 2006/04/03
- Re: [Full-disclosure] Critical PHP bug - act ASAP if you are running web with sensitive data, Jasper Bryant-Greene, 2006/04/03
  - Re: [Full-disclosure] Critical PHP bug - act ASAP if you are running web with sensitive data, Jasper Bryant-Greene, 2006/04/03
- Message not available
  - Re: [Full-disclosure] Critical PHP bug - act ASAP if you are running web with sensitive data, Moriyoshi Koizumi, 2006/04/06
- Re: [Full-disclosure] Critical PHP bug - act ASAP if you are running web with sensitive data, John Bond, 2006/04/04
Secunia Research: AN HTTPD Script Source Disclosure Vulnerability, Secunia Research, 2006/04/03
[Full-disclosure] [USN-266-1] dia vulnerabilities, Martin Pitt, 2006/04/03
SiteMan <= All version SQL injection in admin_login.asp, ali, 2006/04/01
GeSWall 2.2 – Free Intrusion Prevention System for Windows, GentleSecurity Team, 2006/04/01
Re: [Full-disclosure] [HV-PAPER] Anti-Phishing Tips You Should Not Follow, Nick FitzGerald, 2006/04/01
PHPNuke-Clan 3.0.1 Remote File Inclusion Exploit, uid0, 2006/04/01
DoS-ing sysklogd?, Milen Rangelov, 2006/04/01
- Re: DoS-ing sysklogd?, Bernhard Fischer, 2006/04/04
- Re: DoS-ing sysklogd?, Christophe Garault, 2006/04/04
- RE: DoS-ing sysklogd?, Justin Shore, 2006/04/03
Re: Re: Re: phpBB 2.06 search.php SQL injection, theguywhocouldwipeyourphpBB, 2006/04/01
SQuery <= 4.5 Remote File Inclusion Exploit, uid0, 2006/04/01
FleXiBle Development Script Remote Command Exucetion And XSS Attacking, botan, 2006/04/01
- Re: FleXiBle Development Script Remote Command Exucetion And XSS Attacking, Steven M. Christey, 2006/04/10
RE: recursive DNS servers DDoS as a growing DDoS problem, gboyce, 2006/04/01
- RE: recursive DNS servers DDoS as a growing DDoS problem, Geo., 2006/04/03
  - Re: recursive DNS servers DDoS as a growing DDoS problem, Jim Pingle, 2006/04/05
    - RE: recursive DNS servers DDoS as a growing DDoS problem, Geo., 2006/04/04
    - Re: recursive DNS servers DDoS as a growing DDoS problem, Jim Pingle, 2006/04/10
    - Re: recursive DNS servers DDoS as a growing DDoS problem, Erwan David, 2006/04/10
- Re: recursive DNS servers DDoS as a growing DDoS problem, Anton Ivanov, 2006/04/04
  - Re: recursive DNS servers DDoS as a growing DDoS problem, Geo., 2006/04/03
    - Re: recursive DNS servers DDoS as a growing DDoS problem, Anton Ivanov, 2006/04/04
  - Re: recursive DNS servers DDoS as a growing DDoS problem, Tim, 2006/04/05
    - Re: recursive DNS servers DDoS as a growing DDoS problem, Anton Ivanov, 2006/04/04
    - Re: recursive DNS servers DDoS as a growing DDoS problem, Tim, 2006/04/04
    - Re: recursive DNS servers DDoS as a growing DDoS problem, Ross Wheeler, 2006/04/10
    - Re: recursive DNS servers DDoS as a growing DDoS problem, Anton Ivanov, 2006/04/10
- Re: recursive DNS servers DDoS as a growing DDoS problem, Simon Boulet, 2006/04/05
- Re: recursive DNS servers DDoS as a growing DDoS problem, Gadi Evron, 2006/04/01
- Re: recursive DNS servers DDoS as a growing DDoS problem, Paul Stepowski, 2006/04/01
- RE: recursive DNS servers DDoS as a growing DDoS problem, MÃns Nilsson, 2006/04/04
- RE: recursive DNS servers DDoS as a growing DDoS problem, Thomas Guyot-Sionnest, 2006/04/04
  - RE: recursive DNS servers DDoS as a growing DDoS problem, Geo., 2006/04/04
    - Re: recursive DNS servers DDoS as a growing DDoS problem, Gadi Evron, 2006/04/10
    - Re: recursive DNS servers DDoS as a growing DDoS problem, Geo., 2006/04/10
- Re: recursive DNS servers DDoS as a growing DDoS problem, Marco Ivaldi, 2006/04/05
- RE: recursive DNS servers DDoS as a growing DDoS problem, Geo., 2006/04/10
linksubmit <= All version Html Tag Injector in index.php, ali, 2006/04/01
Re: [Full-disclosure] Kazaa, James_gmail-ij, 2006/04/01
[Full-disclosure] Mis-diagnosed XSS bugs hiding worse issues due to PHP feature, Steven M. Christey, 2006/04/01
- Re: [Full-disclosure] Mis-diagnosed XSS bugs hiding worse issues due to PHP feature, Siegfried, 2006/04/01
- Re: Mis-diagnosed XSS bugs hiding worse issues due to PHP feature, Siegfried, 2006/04/01