Vulnerability Development (thread)

[Full-disclosure] ZDI-07-064: Novell Client Trust Heap Overflow Vulnerability, zdi-disclosures, 2007/10/31
[Full-disclosure] ZDI-07-063: RealPlayer RA Field Size File Processing Heap Oveflow Vulnerability, zdi-disclosures, 2007/10/31
[Full-disclosure] ZDI-07-061: RealNetworks RealPlayer SWF Processing Remote Code Execution Vulnerability, zdi-disclosures, 2007/10/31
[Full-disclosure] ZDI-07-060: HP OpenView Radia Integration Server File System Exposure Vulnerability, zdi-disclosures, 2007/10/31
[Full-disclosure] ZDI-07-062: RealNetworks RealPlayer PLS File Memory Corruption Vulnerability, zdi-disclosures, 2007/10/31
[Full-disclosure] ZDI-07-058: Oracle E-Business Suite SQL Injection Vulnerability, zdi-disclosures, 2007/10/31
[Full-disclosure] ZDI-07-059: Verity KeyView SDK Multiple File Format Parsing Vulnerabilities, zdi-disclosures, 2007/10/31
rPSA-2007-0227-1 cups, rPath Update Announcements, 2007/10/31
(tool announcement) bunny the fuzzer, Michal Zalewski, 2007/10/31
[security bulletin] HPSBMA02238 SSRT061260 rev.2 - HP OpenView Reporter Running Shared Trace Service, Remote Arbitrary Code Execution, security-alert, 2007/10/31
[security bulletin] HPSBMA02237 SSRT061260 rev.2 - HP OpenView Performance Agent (OVPA) Running Shared Trace Service, Remote Arbitrary Code Execution, security-alert, 2007/10/31
[security bulletin] HPSBMA02236 SSRT061260 rev.2 - HP OpenView Performance Manager (OVPM) Running Shared Trace Service on HP-UX, Solaris, and Windows, Remote Arbitrary Code Execution, security-alert, 2007/10/31
[Full-disclosure] iDefense Security Advisory 10.31.07: Symantec Altiris Deployment Solution TFTP/MTFTP Service Directory Traversal Vulnerability, iDefense Labs, 2007/10/31
[Full-disclosure] iDefense Security Advisory 10.31.07: Macrovision InstallShield Update Service ActiveX Unsafe Method Vulnerability, iDefense Labs, 2007/10/31
Secunia Research: McAfee E-Business Server Auth Packet Handling Buffer Overflow, Secunia Research, 2007/10/31
Secunia Research: CUPS IPP Tags Memory Corruption Vulnerability, Secunia Research, 2007/10/31
[Full-disclosure] SEC Consult SA-20071031-0 :: Perdition IMAP Proxy Format String Vulnerability, Bernhard Mueller, 2007/10/31
In Memoriam: Jun-ichiro Hagino, Dragos Ruiu, 2007/10/30
ILIAS <= 3.8.3 Cross Site Scripting, L4teral, 2007/10/30
[Full-disclosure] [ GLSA 200710-30 ] OpenSSL: Remote execution of arbitrary code, Pierre-Yves Rofes, 2007/10/30
- Re: [gentoo-announce] [ GLSA 200710-30 ] OpenSSL: Remote execution of arbitrary code, Steffan Baron, 2007/10/31
- Re: [Full-disclosure] [gentoo-announce] [ GLSA 200710-30 ] OpenSSL: Remote execution of arbitrary code, Steffan Baron, 2007/10/31
[Full-disclosure] [ GLSA 200710-31 ] Opera: Multiple vulnerabilities, Raphael Marichez, 2007/10/30
Firefox / IE6 crash on javascript nested loops, thabob, 2007/10/30
- Re: Firefox / IE6 crash on javascript nested loops, Jan Heisterkamp, 2007/10/30
[Full-disclosure] iDefense Security Advisory 10.30.07: IBM AIX bellmail Stack Buffer Overflow Vulnerability, iDefense Labs, 2007/10/30
[Full-disclosure] iDefense Security Advisory 10.30.07: IBM AIX ftp domacro Parameter Buffer Overflow Vulnerability, iDefense Labs, 2007/10/30
[Full-disclosure] iDefense Security Advisory 10.30.07: IBM AIX lquerypv Stack Buffer Overflow Vulnerability, iDefense Labs, 2007/10/30
[Full-disclosure] iDefense Security Advisory 10.30.07: IBM AIX lqueryvg Stack Buffer Overflow Vulnerability, iDefense Labs, 2007/10/30
[Full-disclosure] iDefense Security Advisory 10.30.07: IBM AIX dig dns_name_fromtext Integer Underflow Vulnerability, iDefense Labs, 2007/10/30
[Full-disclosure] iDefense Security Advisory 10.30.07: IBM AIX 5.2 crontab BSS Buffer Overflow Vulnerability, iDefense Labs, 2007/10/30
[Full-disclosure] iDefense Security Advisory 10.30.07: IBM AIX swcons Local Arbitrary File Access Vulnerability, iDefense Labs, 2007/10/30
DeepSec 2007 Registration: hurry up, seats are filling fast, Stefano Zanero, 2007/10/30
Airkiosk/formlib application is XSS vuln, skienlab, 2007/10/30
Django 0.96 (stable) Admin Panel CSRF, J. Carlos Nieto, 2007/10/30
Secunia Research: IPSwitch IMail Server IMail Client Buffer Overflow, Secunia Research, 2007/10/30
Siebel Security Basics, Jonathan Katz, 2007/10/30
[Full-disclosure] RFIDIOt release - version 0.1q, Adam Laurie, 2007/10/30
Memory overwrites in JVM via malformed TrueType font, NGSSoftware Insight Security Research, 2007/10/29
Windows binary of "Virtual Floppy Drive 2.1" contains vulnerable zlib (CAN-2005-2096), Stefan Kanthak, 2007/10/29
Untrusted Java applet can connect to localhost, NGSSoftware Insight Security Research, 2007/10/29
Heap overflow in RealPlayer ID3 tag parser, NGSSoftware Insight Security Research, 2007/10/29
- Holes in the firewall of Mac OS X Leopard, Juergen Schmidt, 2007/10/29
  - Re: Holes in the firewall of Mac OS X Leopard, Brandon S. Allbery KF8NH, 2007/10/29
    - Re: [Full-disclosure] Holes in the firewall of Mac OS X Leopard, Juergen Schmidt, 2007/10/29
Comments re ISC's announcement on bind9 security, Network Protocol Security, 2007/10/29
- Re: Comments re ISC's announcement on bind9 security, Shane Kerr, 2007/10/31
rPSA-2007-0225-2 firefox thunderbird, rPath Update Announcements, 2007/10/29
[SECURITY] [DSA 1388-3] New dhcp packages fix arbitrary code execution, Noah Meyerhans, 2007/10/29
SAXON version 5.4 SQL Injection Vulnerability, securityresearch, 2007/10/29
SAXON version 5.4 Multiple Path Disclosure Vulnerabilities, securityresearch, 2007/10/29
Security Briefings, angelo, 2007/10/29
SAXON version 5.4 XSS Attack Vulnerability, securityresearch, 2007/10/29
AGTC-Membership system v1.1a (adduser) Remote Add Admin Exploit, Guns, 2007/10/29
Secunia Research: IBM Tivoli Storage Manager Client CAD Service Script Insertion, Secunia Research, 2007/10/29
Omnistar Live Software Cross-Site Scripting Vulrnability, DoZ, 2007/10/29
Final Call for Papers for Security Track at ApacheCon Europe 2008, Lars Eilebrecht, 2007/10/29
Webroot Desktop Firewall <=5.5.10.20 DNS recursion, komarov, 2007/10/29
[Full-disclosure] Team SHATTER Alert: Oracle Database Buffer overflow vulnerability in procedure DBMS_AQADM_SYS.DBLINK_INFO, Team SHATTER, 2007/10/29
[Full-disclosure] Team SHATTER Alert: Oracle Database Buffer overflow vulnerability in function MDSYS.SDO_CS.TRANSFORM, Team SHATTER, 2007/10/29
[waraxe-2007-SA#059] - XSS in WordPress 2.3, come2waraxe, 2007/10/29
teatro 1.6 ( basePath ) Remote File Include Vulnerability, alkomandoz-hacker, 2007/10/29
Smart-Shop Shopping Cart Cross-Site Scripting Vulrnability, DoZ, 2007/10/29
[Full-disclosure] Advisory SE-2007-01: TikiWiki Remote PHP Code Evaluation Vulnerability, Stefan Esser, 2007/10/29
[Full-disclosure] FLEA-2007-0061-1 sun-jre sun-jdk, Foresight Linux Essential Announcement Service, 2007/10/28
[Full-disclosure] FLEA-2007-0062-1 firefox, Foresight Linux Essential Announcement Service, 2007/10/28
[Full-disclosure] How to subvert Oracle Database Vault, Joxean Koret, 2007/10/28
[Full-disclosure] Best TCP IP stack?, crazy frog crazy frog, 2007/10/27
- Re: [Full-disclosure] Best TCP IP stack?, Robert D. Holtz - Lists, 2007/10/27
rPSA-2007-0225-1 firefox, rPath Update Announcements, 2007/10/26
Micro Login System v1.0 (userpwd.txt) Password Disclosure Vulnerability, Guns, 2007/10/26
[Full-disclosure] FLEA-2007-0060-1 initscripts, Foresight Linux Essential Announcement Service, 2007/10/26
[Full-disclosure] RealNetworks RealPlayer/RealOne Player/Helix Player Remote Heap Corruption, Piotr Bania, 2007/10/26
[Full-disclosure] RealNetworks RealPlayer/RealOne Player/Helix Player Remote Memory Corruption, Piotr Bania, 2007/10/26
[Trick] VigileCMS All Versions DataMining Remote Hash Disclosure, kingoftheworld92, 2007/10/25
Multi Host Forum Pro phpbb & ipb Multiple Sql Injection, kingoftheworld92, 2007/10/25
[Full-disclosure] [ GLSA 200710-29 ] Sylpheed, Claws Mail: User-assisted remote execution of arbitrary code, Raphael Marichez, 2007/10/25
[Full-disclosure] [ GLSA 200710-28 ] Qt: Buffer overflow, Raphael Marichez, 2007/10/25
[Full-disclosure] [USN-538-1] libpng vulnerabilities, Kees Cook, 2007/10/25
TikiWiki <= 1.9.8.1 Cross Site Scripting / Local File Inclusion, L4teral, 2007/10/25
usd250 helpdesk XSS vulnerabily., Joseph . giron13, 2007/10/25
Directory traversal flaw in shttp, digineo Advisories, 2007/10/25
i-Gallery 3.4 bug crack password!, hackerbinhphuoc, 2007/10/25
[Full-disclosure] iDefense Security Advisory 10.25.07: Trend Micro Tmxpflt.sys IOCTL 0xa0284403 Buffer Overflow Vulnerability, iDefense Labs, 2007/10/25
First ever ModSecurity public training at OWASP/WASC conf in SJ, Ofer Shezaf, 2007/10/25
HPSBMA02133 SSRT061201 rev.6 - HP Oracle for OpenView (OfO) Critical Patch Update, security-alert, 2007/10/25
Flatnuke3 Remote Cookie Manipoulation / Privilege Escalation, kingoftheworld92, 2007/10/25
[Full-disclosure] [ GLSA 200710-27 ] ImageMagick: Multiple vulnerabilities, Raphael Marichez, 2007/10/24
[Full-disclosure] [ GLSA 200710-26 ] HPLIP: Privilege escalation, Raphael Marichez, 2007/10/24
[Full-disclosure] [ GLSA 200710-25 ] MLDonkey: Privilege escalation, Raphael Marichez, 2007/10/24
[Full-disclosure] rPSA-2007-0221-1 php php-mysql php-pgsql, rPath Update Announcements, 2007/10/24
[Full-disclosure] iDefense Security Advisory 10.23.07: IBM Lotus Domino IMAP Buffer Overflow Vulnerability, iDefense Labs, 2007/10/24
[Full-disclosure] iDefense Security Advisory 10.23.07: IBM Lotus Notes Client TagAttributeListCopy Buffer Overflow Vulnerability, iDefense Labs, 2007/10/24
OSI CODES - PHP Live! Remote File Inclusion, [ NO REPLY ], 2007/10/24
Bosdev Multiple vulnerabilities, Joseph . giron13, 2007/10/24
Novell OpenSUSE SWAMP multiple XSS, morin . josh, 2007/10/24
- Re: Novell OpenSUSE SWAMP multiple XSS, test, 2007/10/26
[GS07-02] RSA Keon Multiple Cross-Site Scripting Vulnerabilities, Fatih Ozavci, 2007/10/24
[Aria-Security.Net] CodeWidgets.Com Online Event Registration Multiple login SQL Injection, [ NO REPLY ], 2007/10/24
Aleris Software Systems Web Publisher Calendar SQL injection, Joseph . giron13, 2007/10/24
HPSBMA02279 SSRT071298 rev.1 - HP OpenView Configuration Management (CM) Infrastructure (Radia) and Client Configuration Manager (CCM) Running httpd.tkd, Remote Unauthorized Access to Data, security-alert, 2007/10/24
Aria-Security.Net [Web based alpha tabbed address book SQL Injection], [ NO REPLY ], 2007/10/24
[Full-disclosure] rPSA-2007-0222-1 cpio tar, rPath Update Announcements, 2007/10/24
[SECURITY] [DSA 1394-1] New reprepro packages fix authentication bypass, Thijs Kinkhorst, 2007/10/23
[Full-disclosure] [USN-537-1] gnome-screensaver vulnerability, Kees Cook, 2007/10/23
[Full-disclosure] [USN-536-1] Thunderbird vulnerabilities, Kees Cook, 2007/10/23
[Full-disclosure] [USN-531-2] dhcp vulnerability, Kees Cook, 2007/10/23
[Full-disclosure] 3proxy 0.5.3j released (bugfix), 3APA3A, 2007/10/23
SYMSA-2007-013: Lotus Notes Memory Mapped Files Vulnerability, research, 2007/10/23
[Vulz] PHP Basic Multiple Vulnerabilities by Xcross87 & Alucar, pete . houston . 17187, 2007/10/23
- [Vulz] PHP Basic Multiple Vulnerabilities by Xcross87 & Alucar, pete.houston.17187, 2007/10/23
Korean GHBoard Multiple Vulnerabilities by Xcross87, pete . houston . 17187, 2007/10/23
[ MDKSA-2007:202 ] - Updated Firefox packages fix multiple vulnerabilities, security, 2007/10/23
[Vulz] eFileMan 7.x Multiple Vulnerabilities by Xcross87, pete . houston . 17187, 2007/10/23
[Vulz] eLouai's Download Script Remote File Download Vulnerability, pete . houston . 17187, 2007/10/23
[Vulz] Japanese PHP Gallery Hosting File Upload Vulz, pete . houston . 17187, 2007/10/23
[Vulz] Seeblick 1.0 Beta File Upload Vulz, pete . houston . 17187, 2007/10/23
SYMSA-2007-012: Microsoft Windows CE IGMP Denial of Service, research, 2007/10/23
[vuln.sg] IBM Lotus Notes Attachment Viewer Buffer Overflow Vulnerabilities, vulnpost-remove, 2007/10/23
CFP for HITBSecConf2008 - Dubai now open, Praburaajan, 2007/10/23
[ MDKSA-2007:201 ] - Updated hplip packages fix vulnerabilities, security, 2007/10/23
[Full-disclosure] IRM Discover More Vulnerabilities in Cisco IOS, Andy Davis, 2007/10/23
- Re: [Full-disclosure] IRM Discover More Vulnerabilities in Cisco IOS, crazy frog crazy frog, 2007/10/23
[Full-disclosure] Airscanner Mobile Security Advisory #07101401: Mobile-spy Victim/User Phone/SMS/URL Log Spoofing and Persistent XSS Injection, Seth Fogie, 2007/10/23
[Full-disclosure] [PoC] DNS Recursion bandwidth amplification, Shadow, 2007/10/23
[Full-disclosure] [ GLSA 200710-24 ] OpenOffice.org: Heap-based buffer overflow, Raphael Marichez, 2007/10/23
[Full-disclosure] [USN-535-1] Firefox vulnerabilities, Kees Cook, 2007/10/23
[Full-disclosure] [USN-501-2] Ghostscript vulnerability, Kees Cook, 2007/10/22
Corsaire Security Advisory - Citrix Access Gateway session ID disclosure issue, advisories, 2007/10/22
[ GLSA 200710-23 ] Star: Directory traversal vulnerability, Raphael Marichez, 2007/10/22
[Full-disclosure] Camino release 1.5.2 fixes several vulnerabilities, Juha-Matti Laurio, 2007/10/22
Jeebles Directory Local File Inclusion, hack2prison, 2007/10/22
Hackish XSS in shoutbox/blocco.php, deme, 2007/10/22
[TOOL] w3af - Web Application Attack and Audit Framework, Andres Riancho, 2007/10/22
Folder Access bypass, hack2prison, 2007/10/22
Cracking the iPhone (5 article series), H D Moore, 2007/10/22
[Full-disclosure] [USN-531-1] dhcp vulnerability, Kees Cook, 2007/10/22
[Full-disclosure] [USN-534-1] OpenSSL vulnerability, Kees Cook, 2007/10/22
[Full-disclosure] [USN-533-1] util-linux vulnerability, Kees Cook, 2007/10/22
[Full-disclosure] [USN-532-1] nagios-plugins vulnerability, Kees Cook, 2007/10/22
[Full-disclosure] simple dns rebinding protection with dnsmasq, Collin R. Mulliner, 2007/10/22
[ELEYTT] Public Advisory 20-10-2007, Michal Bucko, 2007/10/22
Simple PHP Blog (sphpblog) <= 0.5.1 Multiple Vulnerabilities, gmdarkfig, 2007/10/22
[Aria-Security.Net] dmcms.0.7.0 SQL Injection, [No Reply], 2007/10/22
PacSec 2007 Agenda (Tokyo 11-29/30), Dragos Ruiu, 2007/10/22
[Full-disclosure] Redirecting 404 error pages?, crazy frog crazy frog, 2007/10/21
[Full-disclosure] [ GLSA 200710-22 ] TRAMP: Insecure temporary file creation, Raphael Marichez, 2007/10/20
[Full-disclosure] [ GLSA 200710-21 ] TikiWiki: Arbitrary command execution, Raphael Marichez, 2007/10/20
ReloadCMS Vulnerable, sekuru, 2007/10/20
Simple Machines Forum multiple sql injection flaws with exploit code., th3 . r00k . spammenot, 2007/10/20
[Aria-Security.Net] SearchSimon Lite Cross-Site Scripting Vuln., [ NO REPLY ], 2007/10/20
[CAID 35754]: CA Host-Based Intrusion Prevention System (CA HIPS) Server Vulnerability, Williams, James K, 2007/10/19
A-Cart SQL Injection And Cross-Site Scripting, [ NO REPLY ], 2007/10/19
- Re: A-Cart SQL Injection And Cross-Site Scripting, laurent . gaffie, 2007/10/25
[Full-disclosure] rPSA-2007-0220-1 ImageMagick, rPath Update Announcements, 2007/10/19
[Full-disclosure] [ GLSA 200710-20 ] PDFKit, ImageKits: Buffer overflow, Raphael Marichez, 2007/10/18
[ MDKSA-2007:200 ] - Updated tk packages fix vulnerabilities, security, 2007/10/18
[Full-disclosure] S21SEC-038-en: Alcatel Omnivista 4760 Cross-Site Scripting, S21sec Labs, 2007/10/18
[Full-disclosure] [ GLSA 200710-19 ] The Sleuth Kit: Integer underflow, Raphael Marichez, 2007/10/18
Official Windows binaries of "curl" contain vulnerable zlib 1.2.2 (CAN-2005-2096), Stefan Kanthak, 2007/10/18
Softwin's anti-virus BitDefender contains vulnerable zlib (CA-2007-07), Stefan Kanthak, 2007/10/18
[Full-disclosure] Serious holes affecting SiteBar 3.3.8, Tim Brown, 2007/10/18
- Re: [Full-disclosure] Serious holes affecting SiteBar 3.3.8, full-disclosure, 2007/10/19
Windows binary of "GSview 4.8" contain vulnerable zlib (CAN-2005-2096), Stefan Kanthak, 2007/10/18
- Re: Windows binary of "GSview 4.8" contain vulnerable zlib (CAN-2005-2096), farion42, 2007/10/20
  - Re: Windows binary of "GSview 4.8" contain vulnerable zlib (CAN-2005-2096), Stefan Kanthak, 2007/10/22
- Re: Windows binary of "GSview 4.8" contain vulnerable zlib (CAN-2005-2096), Stefan Kanthak, 2007/10/29
[Full-disclosure] [ GLSA 200710-18 ] util-linux: Local privilege escalation, Raphael Marichez, 2007/10/18
rPSA-2007-0219-1 libpng, rPath Update Announcements, 2007/10/18
[CORRECTED] Microsoft Windows XP SP2/2003 - Macrovision SecDrv.sys privilege escalation (0day), Reversemode, 2007/10/18
Re[2]: [Full-disclosure] The Death of Defence in Depth ? - An invitation to Hack.lu, Thierry Zoller, 2007/10/18
CFP C H A S E - 2 0 0 7 Lahore Pakistan, chase, 2007/10/18
[security bulletin] HPSBMA02274 SSRT071445 rev.2 - HP System Management Homepage (SMH) for HP-UX, Remote Cross Site Scripting (XSS), security-alert, 2007/10/18
[security bulletin] HPSBUX02273 SSRT071476 rev.2 - HP-UX Running Apache, Remote Unauthorized Denial of Service (DoS), security-alert, 2007/10/18
Nortel Telephony Server Denial of Service, daniel . stirnimann, 2007/10/18
Latest web hacking incidents, Ofer Shezaf, 2007/10/18
Nortel IP Phone forced re-authentication, daniel . stirnimann, 2007/10/18
Nortel IP Phone Flooding Denial of Service, daniel . stirniman, 2007/10/18
Nortel IP Phone Surveillance Mode, daniel . stirnimann, 2007/10/18
Nortel UNIStim IP Softphone Buffer-Overflow, daniel . stirnimann, 2007/10/18
Microsoft Windows XP/2003 Macrovision SecDrv.sys privilege escalation (0day), Reversemode, 2007/10/18
SYMSA-2007-011: Microsoft WM5 PocketPC Phone Ed SMS Handler Issue, research, 2007/10/17
[ MDKSA-2007:199 ] - Updated phpMyAdmin packages fix multiple vulnerabilities, security, 2007/10/17
Re: Netgear FVG318 is vunerable to DOS attack, NetGear, 2007/10/17
Re: [Full-disclosure] SQL Injection Flaw in Oracle Workspace Manager, full-disclosure, 2007/10/17
Re: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype, KJK::Hyperion, 2007/10/17
AST-2007-023 - SQL Injection Vulnerabilty in cdr_addon_mysql, Asterisk Security Team, 2007/10/17
Multiple CSRF in SimplePHPBlog, deme, 2007/10/17
- Re: Multiple CSRF in SimplePHPBlog, Hanno BÃck, 2007/10/18
[Full-disclosure] Oracle audit issue with XMLDB ftp service, NGSSoftware Insight Security Research, 2007/10/17
[Full-disclosure] Multiple SQL Injection Flaws in Oracle CTX_DOC package, NGSSoftware Insight Security Research, 2007/10/17
[Full-disclosure] (no subject), NGSSoftware Insight Security Research, 2007/10/17
- [Full-disclosure] SQL Injection Flaw in Oracle Workspace Manager, David Litchfield, 2007/10/17
[Full-disclosure] Oracle RDBMS TNS Data packet DoS, NGSSoftware Insight Security Research, 2007/10/17
Re: [Full-disclosure] Third-party patch for CVE-2007-3896, UPDATE NOW, full-disclosure, 2007/10/17
[Full-disclosure] Oracle TNS Listener DoS and/or remote memory inspection, NGSSoftware Insight Security Research, 2007/10/17
[Full-disclosure] Net & System Security 2007, giovanni manunta, 2007/10/17
[Full-disclosure] [ GLSA 200710-17 ] Balsa: Buffer overflow, Raphael Marichez, 2007/10/16
[ MDKSA-2007:195 ] - Updated kernel packages fix multiple vulnerabilities and bugs, security, 2007/10/16
[security bulletin] HPSBUX02277 SSRT071453 rev.1 - HP-UX Running OpenSSL, Local Denial of Service (DoS), security-alert, 2007/10/16
[security bulletin] HPSBTU02276 SSRT071472 rev.1 - HP Tru64 UNIX Running Apache Tomcat, Remote Unauthorized Access, Remote Denial of Service (DoS), security-alert, 2007/10/16
[ MDKSA-2007:196 ] - Updated kernel packages fix multiple vulnerabilities and bugs, security, 2007/10/16
[security bulletin] HPSBST02280 SSRT071480 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS07-055 to MS07-060, security-alert, 2007/10/16
[ MDKSA-2007:197 ] - Updated tar packages prevent buffer overflow, security, 2007/10/16
[security bulletin] HPSBMA02230 SSRT071436 rev.2 - HP Select Identity, Remote Unauthorized Access, security-alert, 2007/10/16
SSH attacks - anyone else seen these?, Tim, 2007/10/16
- Re: SSH attacks - anyone else seen these?, Gayathri Swaminathan, 2007/10/16
  - Re: SSH attacks - anyone else seen these?, Jose Nazario, 2007/10/16
- Re: SSH attacks - anyone else seen these?, Mark R. Bowyer, 2007/10/16
- Re: SSH attacks - anyone else seen these?, James Lay, 2007/10/17
  - Re: SSH attacks - anyone else seen these?, Tim, 2007/10/18
- Re: SSH attacks - anyone else seen these?, pand0ra, 2007/10/17
Secunia Research: IrfanView Palette File Importing Buffer Overflow Vulnerability, Secunia Research, 2007/10/16
[ MDKSA-2007:198 ] - Updated util-linux packages fix vulnerability, security, 2007/10/16
WWWISIS <= 7.1 (IsisScript) Multiple Vulnerabilities, jose luis góngora fernández, 2007/10/16
FW: [Dailydave] Canada's Response to Black Hat - SecTor 2007, Taylor, Gord, 2007/10/16
about phpMyAdmin setup.php XSS vulnerability, Marc Delisle, 2007/10/16
CVE-2007-4600 - Mathcad Protect Worksheet Vulnerability, bugtraq, 2007/10/16
[Full-disclosure] IRM Vendor Alerts: Six critical remote vulnerabilities in TIBCO SmartPGM FX, Andy Davis, 2007/10/16
HTML Injection Vuln in nssboard, kcghost, 2007/10/15
Xcomputer - Lang Parameter Cross-Site Scripting Vulnerability, jose luis góngora fernández, 2007/10/15
Stringbeans (Portal) - Lang Parameter Cross-Site Scripting Vulnerability, jose luis góngora fernández, 2007/10/15
InnovaShop?® (mgs.jps) Cross Siting Scripting, jose luis góngora fernández, 2007/10/15
SYMSA-2007-010: Microsoft ActiveSync 4.x Weak Password Obfuscation, research, 2007/10/15
[Full-disclosure] eXtremail(ly easy) remote roots, mu-b, 2007/10/15
[Full-disclosure] [ GLSA 200710-16 ] X.Org X server: Composite local privilege escalation, Pierre-Yves Rofes, 2007/10/14
[Full-disclosure] [ GLSA 200710-15 ] KDM: Local privilege escalation, Pierre-Yves Rofes, 2007/10/14
[Full-disclosure] Clients buffer-overflow in Live for Speed 0.5X10, Luigi Auriemma, 2007/10/13
playing for fun with <=IE7, laurent . gaffie, 2007/10/13
- RE: playing for fun with <=IE7, James C. Slora Jr., 2007/10/15
- RE: playing for fun with <=IE7, Roger A. Grimes, 2007/10/15
- Re: [Full-disclosure] playing for fun with <=IE7, avivra, 2007/10/15
- Re: RE: playing for fun with <=IE7, jason . gerfen, 2007/10/15
- Re: Re: RE: playing for fun with <=IE7, laurent . gaffie, 2007/10/25
VImpX ActiveX (VImpX.ocx v. 4.7.3.0) Remote, saw_xyz, 2007/10/13
[Full-disclosure] [ GLSA 200710-14 ] DenyHosts: Denial of Service, Pierre-Yves Rofes, 2007/10/13
[Full-disclosure] [ GLSA 200710-13 ] Ampache: Multiple vulnerabilities, Pierre-Yves Rofes, 2007/10/13
[Full-disclosure] [ GLSA 200710-12 ] T1Lib: Buffer overflow, Pierre-Yves Rofes, 2007/10/12
[Full-disclosure] [ GLSA 200710-11 ] X Font Server: Multiple Vulnerabilities, Pierre-Yves Rofes, 2007/10/12
[Full-disclosure] [ GLSA 200710-10 ] SKK Tools: Insecure temporary file creation, Raphael Marichez, 2007/10/12
[Full-disclosure] [USN-530-1] hplip vulnerability, Kees Cook, 2007/10/12
[Full-disclosure] SEC Consult SA-20071012-0 :: Madwifi xrates element remote DOS, Bernhard Mueller, 2007/10/12
[Full-disclosure] Tikiwiki 1.9.8 exploit ITW, Moritz Naumann, 2007/10/11
- Re: [Full-disclosure] Tikiwiki 1.9.8 exploit ITW, 3APA3A, 2007/10/12
- Re: [Full-disclosure] Tikiwiki 1.9.8 exploit ITW, full-disclosure, 2007/10/12
[CAID 35724, 35725, 35726]: CA BrightStor ARCserve Backup Multiple Vulnerabilities, Williams, James K, 2007/10/11
[Full-disclosure] rPSA-2007-0214-1 initscripts, rPath Update Announcements, 2007/10/11
[Full-disclosure] S21SEC-037-en: OPAL SIP Protocol Remote Denial of Service, S21sec Labs, 2007/10/11
[security bulletin] HPSBMA02230 SSRT071436 rev.1 - HP Select Identity, Remote Unauthorized Access, security-alert, 2007/10/11
EEYE: CA BrightStor ArcServe Backup Server Arbitrary Pointer Dereference, eEye Advisories, 2007/10/11
[Full-disclosure] iDefense Security Advisory 10.11.07: Multiple Vendor FLAC Library Multiple Integer Overflow Vulnerabilities, iDefense Labs, 2007/10/11
[security bulletin] HPSBUX02273 SSRT071476 rev. 1 - HP-UX running Apache, Remote Unauthorized Denial of Service (DoS), security-alert, 2007/10/11
[Full-disclosure] [USN-529-1] Tk vulnerability, Kees Cook, 2007/10/11
Joomla! swMenuFree 4.6 Component Remote File Include, Guns, 2007/10/11
- Re: Joomla! swMenuFree 4.6 Component Remote File Include, sean, 2007/10/12
M$ will fix URI?, Memisyazici, Aras, 2007/10/11
October Microsoft Tuesday, Todd Manning, 2007/10/11
[ MDKSA-2007:194 ] - Updated libvorbis packages fix vulnerabilities, security, 2007/10/11
URI handling as the harbinger of interaction errors, Steven M. Christey, 2007/10/11
- Re: URI handling as the harbinger of interaction errors, Florian Weimer, 2007/10/11
IRM Advisory: Cisco IOS LPD Remote Stack Overflow, Andy Davis, 2007/10/11
[Full-disclosure] CA BrightStor ARCServe BackUp Message Engine Remote Stack Overflow Vulnerability, hfli, 2007/10/11
[Full-disclosure] [USN-528-1] MySQL vulnerabilities, Kees Cook, 2007/10/11
[Full-disclosure] CORE-2007-0928: Stack-based buffer overflow vulnerability in OpenBSDâs DHCP server, Core Security Technologies Advisories, 2007/10/11
[ELEYTT] 10PAZDZIERNIK2007, Michal Bucko, 2007/10/10
[Full-disclosure] TPTI-07-18: EMC RepliStor Server Heap Overflow Vulnerability, TSRT, 2007/10/10
[Full-disclosure] ZDI-07-057: Firebird process_packet() Remote Stack Overflow Vulnerability, zdi-disclosures, 2007/10/10
[Full-disclosure] ZDI-07-055: Microsoft Windows DCERPC Authentication Denial of Service Vulnerability, zdi-disclosures, 2007/10/10
[Full-disclosure] ZDI-07-056: IBM DB2 DB2JDS Multiple Vulnerabilities, zdi-disclosures, 2007/10/10
- Re: [Full-disclosure] ZDI-07-056: IBM DB2 DB2JDS Multiple Vulnerabilities, Joel Jaeggli, 2007/10/10
AST-2007-022: Buffer overflows in voicemail when using IMAP storage, The Asterisk Development Team, 2007/10/10
[SECURITY] [DSA 1379-2] New openssl packages fix arbitrary code execution, Noah Meyerhans, 2007/10/10
[Full-disclosure] Vulnerabilities digest, 3APA3A, 2007/10/10
- Re: [Full-disclosure] Vulnerabilities digest, full-disclosure, 2007/10/10
[Full-disclosure] iDefense Security Advisory 10.10.07: Kaspersky Web Scanner ActiveX Format String Vulnerability, iDefense Labs, 2007/10/10
Re: [Full-disclosure] Remote Desktop Command Fixation Attacks, full-disclosure, 2007/10/10
Cisco PSIRT response on IRM Demonstrates Multiple Cisco IOS Exploitation Techniques, Damir Rajnovic, 2007/10/10
- Re: Cisco PSIRT response on IRM Demonstrates Multiple Cisco IOS Exploitation Techniques, Halvar Flake, 2007/10/10
  - Re: Cisco PSIRT response on IRM Demonstrates Multiple Cisco IOS Exploitation Techniques, Florian Weimer, 2007/10/11
  - RE: Cisco PSIRT response on IRM Demonstrates Multiple Cisco IOS Exploitation Techniques, Andy Davis, 2007/10/11
    - Re: Cisco PSIRT response on IRM Demonstrates Multiple Cisco IOS Exploitation Techniques, Halvar Flake, 2007/10/11
    - RE: Cisco PSIRT response on IRM Demonstrates Multiple Cisco IOS Exploitation Techniques, Andy Davis, 2007/10/11
    - Re: Cisco PSIRT response on IRM Demonstrates Multiple Cisco IOS Exploitation Techniques, Halvar Flake, 2007/10/11
    - Re: Cisco PSIRT response on IRM Demonstrates Multiple Cisco IOS Exploitation Techniques, Roman Medina-Heigl Hernandez, 2007/10/12
    - Re: Cisco PSIRT response on IRM Demonstrates Multiple Cisco IOS Exploitation Techniques, Mark Senior, 2007/10/12
- RE: Cisco PSIRT response on IRM Demonstrates Multiple Cisco IOS Exploitation Techniques, Andy Davis, 2007/10/16
[Full-disclosure] 0day: Hacking secured CITRIX from outside, pdp (architect), 2007/10/10
- Re: [Full-disclosure] 0day: Hacking secured CITRIX from outside, M.B.Jr., 2007/10/10
- Re: [Full-disclosure] 0day: Hacking secured CITRIX from outside, full-disclosure, 2007/10/10
Several vulnerabilities in CMS Made Simple 1.1.3.1, Omid, 2007/10/10
Remote Desktop Command Fixation Attacks, pdp (architect), 2007/10/10
- Re: Remote Desktop Command Fixation Attacks, Steve Shockley, 2007/10/10
  - Re: Remote Desktop Command Fixation Attacks, pdp (architect), 2007/10/11
- RE: Remote Desktop Command Fixation Attacks, Thor (Hammer of God), 2007/10/10
  - Re: [Full-disclosure] Remote Desktop Command Fixation Attacks, M. Burnett, 2007/10/11
  - Re: [Full-disclosure] Remote Desktop Command Fixation Attacks, pdp (architect), 2007/10/11
    - Re: [Full-disclosure] Remote Desktop Command Fixation Attacks, gjgowey, 2007/10/11
    - Re: [Full-disclosure] Remote Desktop Command Fixation Attacks, Obscure, 2007/10/11
    - Re: [Full-disclosure] Remote Desktop Command Fixation Attacks, Paul Melson, 2007/10/11
    - Re: [Full-disclosure] Remote Desktop Command Fixation Attacks, Alex Everett, 2007/10/11
    - Re: [Full-disclosure] Remote Desktop Command Fixation Attacks, gboyce, 2007/10/11
    - Re: [Full-disclosure] Remote Desktop Command Fixation Attacks, pdp (architect), 2007/10/11
    - Re: [Full-disclosure] Remote Desktop Command Fixation Attacks, gboyce, 2007/10/11
    - Re: [Full-disclosure] Remote Desktop Command Fixation Attacks, Xo Plague, 2007/10/11
    - Re: [Full-disclosure] Remote Desktop Command Fixation Attacks, Pete Simpson, 2007/10/12
    - Re: [Full-disclosure] Remote Desktop Command Fixation Attacks, Jim Harrison, 2007/10/11
    - Re: [Full-disclosure] Remote Desktop Command Fixation Attacks, John C. A. Bambenek, CISSP, 2007/10/11
    - Re: [Full-disclosure] Remote Desktop Command Fixation Attacks, Thor (Hammer of God), 2007/10/12
    - Re: [Full-disclosure] Remote Desktop Command Fixation Attacks, pdp (architect), 2007/10/14
    - Re: [Full-disclosure] Remote Desktop Command Fixation Attacks, C Q, 2007/10/14
    - Re: [Full-disclosure] Remote Desktop Command Fixation Attacks, pdp (architect), 2007/10/15
    - Re: [Full-disclosure] Remote Desktop Command Fixation Attacks, C Q, 2007/10/14
    - Re: [Full-disclosure] Remote Desktop Command Fixation Attacks, gjgowey, 2007/10/15
    - Re: [Full-disclosure] Remote Desktop Command Fixation Attacks, James (njan) Eaton-Lee, 2007/10/15
    - Re: Remote Desktop Command Fixation Attacks, hvdkooij, 2007/10/12
wmtrssreader joomla component 1.0 Remote File Include Vulnerability, cyber-crime, 2007/10/10
3Com WIFI router remote administration vulnerability., Guy Mizrahi, 2007/10/10
Regarding vulnerability in ViArt Shop, support, 2007/10/10
Re: [Full-disclosure] Report to Recipient(s), gjgowey, 2007/10/10
[Full-disclosure] [ GLSA 200710-08 ] KOffice, KWord, KPDF, KDE Graphics Libraries: Stack-based buffer overflow, Pierre-Yves Rofes, 2007/10/09
[Full-disclosure] [ GLSA 200710-09 ] NX 2.1: User-assisted execution of arbitrary code, Pierre-Yves Rofes, 2007/10/09
[Full-disclosure] The Death of Defence in Depth ? - An invitation to Hack.lu, Thierry Zoller, 2007/10/09
- Re: [Full-disclosure] The Death of Defence in Depth ? - An invitation to Hack.lu, Felix 'FX' Lindner, 2007/10/10
  - Re: [Full-disclosure] The Death of Defence in Depth ? - An invitation to Hack.lu, Thierry Zoller, 2007/10/10
    - Re: [Full-disclosure] The Death of Defence in Depth ? - An invitation to Hack.lu, Sergio Alvarez, 2007/10/10
[Full-disclosure] iDefense Security Advisory 10.09.07: Microsoft Windows Mail and Outlook Express NNTP Protocol Heap Overflow, iDefense Labs, 2007/10/09
- Re: [Full-disclosure] iDefense Security Advisory 10.09.07: Microsoft Windows Mail and Outlook Express NNTP Protocol Heap Overflow, Nick FitzGerald, 2007/10/10
  - Re: [Full-disclosure] iDefense Security Advisory 10.09.07:Microsoft Windows Mail and Outlook Express NNTP Protocol Heap Overflow, gjgowey, 2007/10/10
[Full-disclosure] NULL pointer crash in World in Conflict 1.000, Luigi Auriemma, 2007/10/09
Research: Cybercrime and the Electoral System, Oliver Friedrichs, 2007/10/09
LedgerSMB < 1.2.8, SQL-Ledger 2.x Multiple SQL Injection Issues, Chris Travers, 2007/10/09
Vulnerabilities, xoxland, 2007/10/09
- Re: Vulnerabilities, Victor Brilon, 2007/10/11
- Re: Vulnerabilities, sottwell, 2007/10/11
[Full-disclosure] [USN-527-1] xen-3.0 vulnerability, Kees Cook, 2007/10/09
DNewsWeb Softwares Cross Site Scripting Vulrnability, DoZ, 2007/10/09
Viart Shopping Cart Directory Transversal Vuln, [ NO REPLY ], 2007/10/09
Black Hat Tokyo + DC and Europe CfPs now open., Jeff Moss, 2007/10/09
- Black Hat Tokyo + DC and Europe CfPs now open., Jeff Moss, 2007/10/11
[security bulletin] HPSBMA02275 SSRT071445 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Cross Site Scripting (XSS), security-alert, 2007/10/09
[security bulletin] HPSBMA02274 SSRT071445 rev.1 - HP System Management Homepage (SMH) for HP-UX, Remote Cross Site Scripting (XSS), security-alert, 2007/10/09
[security bulletin] HPSBUX02181 SSRT061289 rev.3 - HP-UX Running IPFilter, Remote Denial of Service (DoS), security-alert, 2007/10/09
[security bulletin] HPSBUX01137 SSRT5954 rev.11 - HP-UX Running TCP/IP (IPv4), Remote Denial of Service (DoS), security-alert, 2007/10/09
[security bulletin] HPSBUX02262 SSRT071447 rev. 1 - HP-UX running Apache, Remote Arbitrary Code Execution, Cross Site Scripting (XSS), security-alert, 2007/10/09
[Full-disclosure] rPSA-2007-0212-1 util-linux, rPath Update Announcements, 2007/10/09
[Full-disclosure] rPSA-2007-0210-1 xen, rPath Update Announcements, 2007/10/09
[Full-disclosure] BT Home Flub: Pwnin the BT Home Hub, Adrian P, 2007/10/08
TorrentTrader Classic Mutiple Remote vulnerabilities, security, 2007/10/08
new vuln in snewscms.net.ru in lang file, info, 2007/10/08
[Full-disclosure] [ GLSA 200710-07 ] Tk: Buffer overflow, Raphael Marichez, 2007/10/07
[Full-disclosure] [ GLSA 200710-06 ] OpenSSL: Multiple vulnerabilities, Pierre-Yves Rofes, 2007/10/07
[Full-disclosure] [ GLSA 200710-05 ] QGit: Insecure temporary file creation, Pierre-Yves Rofes, 2007/10/07
[Full-disclosure] [ GLSA 200710-04 ] libsndfile: Buffer overflow, Raphael Marichez, 2007/10/07
[Full-disclosure] [ GLSA 200710-03 ] libvorbis: Multiple vulnerabilities, Raphael Marichez, 2007/10/07
[Full-disclosure] [ GLSA 200710-02 ] PHP: Multiple vulnerabilities, Raphael Marichez, 2007/10/07
Else If cms Multiple Remote vulnerabilities, security, 2007/10/06
idmos-phoenix cms Remote File inclusion, security, 2007/10/06
CMS Creamotion - Remote File inclusion, security, 2007/10/06
[Full-disclosure] SSHatter 0.6, Tim Brown, 2007/10/06
- Re: [Full-disclosure] SSHatter 0.6, full-disclosure, 2007/10/07
RE: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype, Juergen Schmidt, 2007/10/06
- RE: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype, Jim Slora, 2007/10/09
Re: Re: file upload vulnerability in joomla media component, vinodsharma . mimit, 2007/10/05
Reporting Vulnerable Public Web mail, ivan . sanchez, 2007/10/05
[Full-disclosure] Format string in The Dawn of Time 1.69s beta4, Luigi Auriemma, 2007/10/05
[Full-disclosure] Multiple vulnerabilities in Dropteam 1.3.3, Luigi Auriemma, 2007/10/05
rPSA-2007-0209-1 elinks, rPath Update Announcements, 2007/10/05
[ MDKSA-2007:193 ] - Updated openssl packages fix vulnerabilities, security, 2007/10/05
Re: [Full-disclosure] iDefense Security Advisory 10.02.07: Sun Microsystems Solaris FIFO FS Information Disclosure Vulnerability, Joey Mengele, 2007/10/05
[Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype, Juergen Schmidt, 2007/10/05
- RE: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype, Roger A. Grimes, 2007/10/05
  - Re: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype, Thierry Zoller, 2007/10/06
    - Re: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype, Geo., 2007/10/06
    - Re: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype, Thierry Zoller, 2007/10/06
    - Re: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype, Kurt Dillard, 2007/10/06
    - Re: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype, terry white, 2007/10/07
    - Re: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype, gjgowey, 2007/10/07
    - Re: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype, Glynn Clements, 2007/10/07
    - Re: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype, KJK::Hyperion, 2007/10/07
    - Re: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype, Thierry Zoller, 2007/10/09
    - Re: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype, Gregory Rubin, 2007/10/09
    - Re: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype, Geo., 2007/10/08
    - Re: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype, Lamer Buster, 2007/10/08
    - Re: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype, KJK::Hyperion, 2007/10/08
    - Re: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype, Geo., 2007/10/07
    - Re: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype, James Matthews, 2007/10/07
    - Re: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype, Thierry Zoller, 2007/10/07
    - Re: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype, Geo., 2007/10/08
    - Re: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype, 3APA3A, 2007/10/08
    - Re: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype, Thierry Zoller, 2007/10/09
    - Re: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype, Valdis . Kletnieks, 2007/10/07
    - Re: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype, Geo., 2007/10/08
    - Re: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype, KJK::Hyperion, 2007/10/08
    - Re: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype, gjgowey, 2007/10/08
    - Re: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype, john lokka, 2007/10/09
    - Fwd: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape,Miranda, Skype, merigoth, 2007/10/11
    - Re: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype, KJK::Hyperion, 2007/10/09
    - [Full-disclosure] Third-party patch for CVE-2007-3896 (Internet Explorer 7 invalid URI handling) available, KJK::Hyperion, 2007/10/14
    - Re: [Full-disclosure] Third-party patch for CVE-2007-3896, UPDATE NOW, KJK::Hyperion, 2007/10/17
    - [Full-disclosure] I made third-party patch for CVE-2007-3896 (Internet Explorer 7 invalid URI handling), KJK::Hyperion, 2007/10/15
    - Re: [Full-disclosure] I made third-party patch for CVE-2007-3896 (Internet Explorer 7 invalid URI handling), KJK::Hyperion, 2007/10/15
    - Re: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype, Thierry Zoller, 2007/10/11
    - Re: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype, Roger A. Grimes, 2007/10/07
- Re: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype, Andreas Lindenblatt, 2007/10/09
- Re: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype, Andreas Lindenblatt, 2007/10/09
- Re: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype, Thierry Zoller, 2007/10/06
  - Re: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype, Morning Wood, 2007/10/08
- Re: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype, Brett Moore, 2007/10/09
[Full-disclosure] [USN-524-1] OpenOffice.org vulnerability, Kees Cook, 2007/10/04
[Full-disclosure] [USN-526-1] debian-goodies vulnerability, Kees Cook, 2007/10/04
[Full-disclosure] [USN-525-1] libsndfile vulnerability, Kees Cook, 2007/10/04
DDIVRT-2007-05 NetSupport Manager Client Buffer Overflow, vulnerabilityresearch, 2007/10/04
[ GLSA 200710-01 ] RPCSEC_GSS library: Buffer overflow, Pierre-Yves Rofes, 2007/10/04
[Aria-Security] Stuffed Tracker Multiple Cross-Site Scripting VULN, [ NO REPLY ], 2007/10/04
- [Aria-Security] Stuffed Tracker Multiple Cross-Site Scripting VULN, [ NO REPLY ], 2007/10/06
Re: Two buffer-overflow in FSD V2.052 d9 and FSFDT V3.000 d9[EXPLOIT], weak, 2007/10/04
[RISE-2007002] Borland InterBase Multiple Buffer Overflow Vulnerabilities, RISE Security, 2007/10/04
[RISE-2007003] Firebird Relational Database Multiple Buffer Overflow Vulnerabilities, RISE Security, 2007/10/04
[Full-disclosure] FLEA-2007-0059-1 qt qt-tools, Foresight Linux Essential Announcement Service, 2007/10/04
[Full-disclosure] Cart32 Arbitrary File Download Vulnerability, Paul Craig, 2007/10/04
FreeBSD Security Advisory FreeBSD-SA-07:08.openssl, FreeBSD Security Advisories, 2007/10/03
[Full-disclosure] [USN-523-1] ImageMagick vulnerabilities, Kees Cook, 2007/10/03
[Full-disclosure] FLEA-2007-0058-1 openssl openssl-scripts, Foresight Linux Essential Announcement Service, 2007/10/03
Content Builder 0.7.5 RFI Bug, mehrad1989, 2007/10/03
rPSA-2007-0206-1 openssl openssl-scripts, rPath Update Announcements, 2007/10/03
rPSA-2007-0205-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs, rPath Update Announcements, 2007/10/03
rPSA-2007-0204-1 qt-x11-free, rPath Update Announcements, 2007/10/03
DRBGuestbook Remote XSS Vulnerability, gokhankaya, 2007/10/03
Re: BIND 8 EOL and BIND 8 DNS Cache Poisoning (Amit Klein, Trusteer), sathyakrishnadas, 2007/10/03
- Re: BIND 8 EOL and BIND 8 DNS Cache Poisoning (Amit Klein, Trusteer), Amit Klein, 2007/10/06
Re: Ruby Net::HTTPS library does not validate server certificate CN, Thomas, 2007/10/03
International Hacking & Security Conference "POC200", poc2007, 2007/10/03
0day: mIRC pwns Windows, jinc4fareijj, 2007/10/03
- Re: 0day: mIRC pwns Windows, Gavin Hanover, 2007/10/03
  - Re[2]: 0day: mIRC pwns Windows, 3APA3A, 2007/10/04
    - Re: 0day: mIRC pwns Windows, Greg Rubin, 2007/10/04
    - Re: Re[2]: 0day: mIRC pwns Windows, Gavin Hanover, 2007/10/04
- Re: 0day: mIRC pwns Windows, Gregory Rubin, 2007/10/03
- Re: 0day: mIRC pwns Windows, Fred Elliot, 2007/10/04
[Full-disclosure] iDefense Security Advisory 10.02.07: Sun Microsystems Solaris FIFO FS Information Disclosure Vulnerability, iDefense Labs, 2007/10/03
- Re: [Full-disclosure] iDefense Security Advisory 10.02.07: Sun Microsystems Solaris FIFO FS Information Disclosure Vulnerability, 3APA3A, 2007/10/04
- Re: [Full-disclosure] iDefense Security Advisory 10.02.07: Sun Microsystems Solaris FIFO FS Information Disclosure Vulnerability, iDefense Labs, 2007/10/04
[Full-disclosure] FLEA-2007-0057-1 pidgin, Foresight Linux Essential Announcement Service, 2007/10/03
[Full-disclosure] The real motivations of vulnerability disclosure, Mr Frog, 2007/10/03
- Re: [Full-disclosure] The real motivations of vulnerability disclosure, endrazine, 2007/10/03
[Full-disclosure] rPSA-2007-0203-1 rmake rmake-proxy rmake-repos, rPath Update Announcements, 2007/10/02
[Full-disclosure] iDefense Security Advisory 10.02.07: Multiple Vendor X Font Server Multiple Vulnerabilities, iDefense Labs, 2007/10/02
[SECURITY] [DSA 1379-1] New openssl packages fix arbitrary code execution, Noah Meyerhans, 2007/10/02
[Full-disclosure] TPTI-07-16: CA BrightStor Hierarchical Storage Manager Buffer Overflow Vulnerabilities, TSRT, 2007/10/02
[Full-disclosure] TPTI-07-17: CA BrightStor Hierarchical Storage Manager SQL Injection Vulnerabilities, TSRT, 2007/10/02
Re: dvddb-0.6 media sql-inj. vuln., james, 2007/10/02
[Full-disclosure] Original Photo Gallery Remote Command Execution, ascii, 2007/10/02
WifiZoo v1.2 release, Hernan Ochoa, 2007/10/02
[ MDKSA-2007:192 ] - Updated mplayer packages fix vulnerability, security, 2007/10/02
[ MDKSA-2007:191 ] - Updated libsndfile packages fix vulnerability, security, 2007/10/01
Immunity Debugger v1.2 Release, Nicolas Waisman, 2007/10/01
ClubHack - CFP closing by 15th October 2007, `ClubHack `, 2007/10/01
ASP-CMS version 1 default password location., joseph . giron13, 2007/10/01
smbftpd 0.96 format string vulnerability, Jerry Illikainen, 2007/10/01
CheckPoint Secure Platform Multiple Buffer Overflows, hvazquez, 2007/10/01
- RE: CheckPoint Secure Platform Multiple Buffer Overflows, Tony Reusser, 2007/10/03
  - RE: CheckPoint Secure Platform Multiple Buffer Overflows, Hugo van der Kooij, 2007/10/03
- Re: CheckPoint Secure Platform Multiple Buffer Overflows, hvazquez, 2007/10/02
- Re: RE: CheckPoint Secure Platform Multiple Buffer Overflows, fwadmin, 2007/10/11
- Re: RE: CheckPoint Secure Platform Multiple Buffer Overflows, hvazquez, 2007/10/17
New Advisory: X-script GuestBook, m2x, 2007/10/01
Re: OpenSSL SSL_get_shared_ciphers() off-by-one buffer overflow, snagg, 2007/10/01
- Re: OpenSSL SSL_get_shared_ciphers() off-by-one buffer overflow, ejc, 2007/10/04
phpBB Mod OpenID 0.2.0 BBStore.php Remote File Inclusion, h3llcode, 2007/10/01
- Re: phpBB Mod OpenID 0.2.0 BBStore.php Remote File Inclusion, str0ke, 2007/10/01
eGov Content Manager Cross Site Scripting Vulrnability, DoZ, 2007/10/01
[Full-disclosure] Two buffer-overflow in FSD V2.052 d9 and FSFDT V3.000 d9, Luigi Auriemma, 2007/10/01
[Full-disclosure] Format string in the Doom 3 engine through PB, Luigi Auriemma, 2007/10/01
[Full-disclosure] Format string in F.E.A.R. 1.08 through PB, Luigi Auriemma, 2007/10/01
[Full-disclosure] Unexploitable buffer-overflow in America's Army 2.8.2 through PB, Luigi Auriemma, 2007/10/01
ASP Product catalog SQL injection vulnerability, joseph . giron13, 2007/10/01
Affiliate Network Pro Multiple Input Validation and Local file inclusion, hack2prison, 2007/10/01