Vulnerability Development (thread)

QEMU code_gen_buffer overflow POC, TeLeMan, 2007/11/30
PR07-37: XSS on Apache HTTP Server 413 error pages via malformed HTTP method, research, 2007/11/30
27Mhz based wireless security insecurities - Aka - "We know what you typed last summer", Max Moser, 2007/11/30
- Re: 27Mhz based wireless security insecurities - Aka - "We know what you typed last summer", Jacob Appelbaum, 2007/11/30
PR07-15: Cross-site Scripting (XSS) / HTML injection on F5 FirePass 4100 SSL VPN 'my.logon.php3' server-side script, research, 2007/11/30
PR07-14: Cross-site Scripting (XSS) / HTML injection on F5 FirePass 4100 SSL VPN 'my.activation.php3' server-side script, research, 2007/11/30
SCARE metrics and tool release, Pete Herzog, 2007/11/30
DOS in Realplayer 11 ActiveX on Win Vista and Win XP SP2, thesinoda, 2007/11/30
[ MDKSA-2007:224-3 ] - Updated samba packages fix regressions, security, 2007/11/30
[Full-disclosure] rPSA-2007-0254-1 idle python, rPath Update Announcements, 2007/11/30
AST-2007-025 - SQL Injection issue in res_config_pgsql, Asterisk Security Team, 2007/11/29
[Full-disclosure] [USN-549-1] PHP vulnerabilities, Kees Cook, 2007/11/29
AST-2007-026 - SQL Injection issue in cdr_pgsql, Asterisk Security Team, 2007/11/29
[Full-disclosure] ERRATA: [ GLSA 200711-20 ] Pioneers: Multiple Denials of Service, Pierre-Yves Rofes, 2007/11/29
FreeBSD Security Advisory FreeBSD-SA-07:09.random, FreeBSD Security Advisories, 2007/11/29
FreeBSD Security Advisory FreeBSD-SA-07:10.gtar, FreeBSD Security Advisories, 2007/11/29
APC Management Vulnerability, garys, 2007/11/29
Digital Armaments November-December Hacking Challenge: Diffuse Client Application (10.000$ extra), info, 2007/11/29
[security bulletin] HPSBUX02292 SSRT071499 rev.1 - HP-UX Running Apache, Remote Execution of Arbitrary Code, security-alert, 2007/11/29
[security bulletin] HPSBMA02283 SSRT071319 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Cross Site Scripting (XSS), security-alert, 2007/11/29
[Full-disclosure] IRM025: TIBCO Rendezvous RVD Daemon Remote Memory Leak DoS, IRM Research, 2007/11/29
[USN-548-1] Pidgin vulnerability, Kees Cook, 2007/11/28
rPSA-2007-0252-1 cups poppler tetex tetex-afm tetex-dvips tetex-fonts tetex-latex tetex-xdvi, rPath Update Announcements, 2007/11/28
[ MDKSA-2007:233 ] - Updated cpio package fixes buffer overflow and directory traversal vulnerabilities, security, 2007/11/28
- [ MDKSA-2007:233 ] - Updated cpio package fixes buffer overflow and directory traversal vulnerabilities, security, 2007/11/28
Some Data of POC2007, poc2007, 2007/11/28
[ MDKSA-2007:232 ] - Updated kernel packages fix multiple vulnerabilities and bugs, security, 2007/11/28
SYM07-029 Symantec BEWS Multiple DoS in Job Engine, Secure, 2007/11/28
Gekko <=0.8.2 (temp directory) Path Disclosure, sys-project, 2007/11/28
- Re: Gekko <=0.8.2 (temp directory) Path Disclosure, J. Carlos Nieto, 2007/11/28
Secunia Research: Symantec Backup Exec Job Engine Denial of Service, Secunia Research, 2007/11/28
Microsoft FTP Client Multiple Bufferoverflow Vulnerability, Rajesh Sethumadhavan, 2007/11/28
- Re: Microsoft FTP Client Multiple Bufferoverflow Vulnerability, 3APA3A, 2007/11/29
  - Re: Microsoft FTP Client Multiple Bufferoverflow Vulnerability, Valdis . Kletnieks, 2007/11/29
    - Re: Microsoft FTP Client Multiple Bufferoverflow Vulnerability, Steve Shockley, 2007/11/29
    - Re[2]: Microsoft FTP Client Multiple Bufferoverflow Vulnerability, Matthew Leeds, 2007/11/30
    - Re: Microsoft FTP Client Multiple Bufferoverflow Vulnerability, Vincent Archer, 2007/11/30
    - Re[2]: Microsoft FTP Client Multiple Bufferoverflow Vulnerability, 3APA3A, 2007/11/30
Win2K3 Priv Escalation, justin, 2007/11/27
- Re: Win2K3 Priv Escalation, Jan Münther, 2007/11/28
- RE: Win2K3 Priv Escalation, Matt Ausmus, 2007/11/28
- Re: Win2K3 Priv Escalation, Justin@ESC, 2007/11/28
  - RE: Win2K3 Priv Escalation, Thor (Hammer of God), 2007/11/28
PHPkit 1.6.1 (include.php?path=) Remote File Inclusion, sys-project, 2007/11/27
PHPSlideShow XSS Update, morin . josh, 2007/11/27
Liferay Enterprise Portal multiple XSS, morin . josh, 2007/11/27
CORE-2007-0821: Lotus Notes buffer overflow in the Lotus WorkSheet file processor, Core Security Technologies Advisories, 2007/11/27
Re: Creating Backdoors in Cisco IOS using Tcl, michael, 2007/11/27
Eurologon CMS Db credentials disclosure / files download, kingoftheworld92, 2007/11/27
Eurologon CMS Multiple SQL Injection, kingoftheworld92, 2007/11/27
Ruby/Gnome2 0.16.0 Format String Vulnerability, chris . rohlf, 2007/11/27
[security bulletin] HPSBUX02251 SSRT071449 rev.3 - HP-UX Running BIND, Remote DNS Cache Poisoning, security-alert, 2007/11/27
OWASP Israel Conference 2007, Dec 3rd 2007, Ofer Shezaf, 2007/11/27
National Computer and Information Security Conferences ACIS 2008 - COLOMBIA, Jeimy Cano, 2007/11/27
[Full-disclosure] Announce: RFIDIOt release RFIDIOt-0.1r, November 2007, Adam Laurie, 2007/11/27
[Full-disclosure] Creating Backdoors in Cisco IOS using Tcl, IRM Research, 2007/11/27
- Re: [Full-disclosure] Creating Backdoors in Cisco IOS using Tcl, Nicolas FISCHBACH, 2007/11/27
[Full-disclosure] [USN-547-1] PCRE vulnerabilities, Kees Cook, 2007/11/26
[Full-disclosure] [USN-546-1] Firefox vulnerabilities, Kees Cook, 2007/11/26
[Full-disclosure] [USN-545-1] link-grammar vulnerability, Kees Cook, 2007/11/26
CONFidence 2008 CfP, andrzej . targosz, 2007/11/26
FIGIS (FILogin.do) Bypass SQL Injection Vulnerability, sys-project, 2007/11/26
ZDI-07-069: CA BrightStor ARCserve Backup Message Engine Insecure Method Exposure Vulnerability, zdi-disclosures, 2007/11/26
- Re: [Full-disclosure] ZDI-07-069: CA BrightStor ARCserve Backup Message Engine Insecure Method Expos, cocoruder., 2007/11/28
JLMForo System (modificarPerfil.php) Cross-Site Scripting Vulnerability, sys-project, 2007/11/26
Directory Traversal in SafeNet Sentinel Protection Server and Keys Server, Elliot Kendall, 2007/11/26
PHP-Nuke NSN Script Depository module <= 1.0.3 Remote Source / DB Credentials Disclosure, kingoftheworld92, 2007/11/26
- Re: PHP-Nuke NSN Script Depository module <= 1.0.3 Remote Source / DB Credentials Disclosure, kingoftheworld92, 2007/11/26
SimpleGallery v0.1.3 (index.php) Cross-Site Scripting Vulnerability, sys-project, 2007/11/26
Tilde CMS <= v. 4.x "aarstal" parameter of "yeardetail" SQL Injection, kingoftheworld92, 2007/11/26
DeluxeBB E-Mail Address Change Security Bypass, bugtraq, 2007/11/26
2007-06 Sentinel Protection Server Directory Traversal, VulnerabilityResearch, 2007/11/26
GWExtranet Script Injections & Privilege Escalation Vulnerability, DoZ, 2007/11/26
Citrix NetScaler Web Management Cookie Weakness, nnposter, 2007/11/26
FMDeluxe (index.php) Cross-Site Scripting Vulnerability, sys-project, 2007/11/26
two bytehoard 2.1 bugs, Ernesto Alvarez, 2007/11/26
Calendar Proverbs <=1.1 (caladmin.php) Remote SQL Injection, sys-project, 2007/11/26
PHPSlideShow (toonchapter8.php) Cross-Site Scripting Vulnerability, sys-project, 2007/11/26
Skype DoS, mail, 2007/11/26
PHP 5.2.4 mail.force_extra_parameters unsecure, cxib, 2007/11/26
HPSBST02291 SSRT071498 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS07-061 and MS07-062, security-alert, 2007/11/26
Aria-Security.Net: Gouae DWD Realty SQL Injection, noreply, 2007/11/26
company puts a new spin on infosec services, im obfuscated, 2007/11/26
[Full-disclosure] [ GLSA 200711-34 ] CSTeX: Multiple vulnerabilities, Pierre-Yves Rofes, 2007/11/25
[Full-disclosure] [ GLSA 200711-33 ] nss_ldap: Information disclosure, Pierre-Yves Rofes, 2007/11/25
NetAuctionHelp Classified Ads v1.0 SQL Injection, no-reply, 2007/11/24
vBTube v1.1 - Beta ( Vbulletin Tube) Xss Vulnerable, cybermilitan, 2007/11/24
Amber Script 1.0 (show_content.php id) Local File Inclusion Vulnerability, cybermilitan, 2007/11/24
[ISecAuditors Security Advisories] Cygwin buffer overflow due incorrect filename length check, ISecAuditors Security Advisories, 2007/11/24
PBLang <= 4.99.17.q Remote File Rewriting / Remote Command Execution, kingoftheworld92, 2007/11/24
Aria-Security.net: CoolShot E-Lite POS 1.0, no-reply, 2007/11/24
- Re: Aria-Security.net: CoolShot E-Lite POS 1.0, coolshot, 2007/11/30
Bitcomet Resource Browser v1.1 XSS, jplopezy, 2007/11/24
[ MDKSA-2007:224-2 ] - Updated samba packages fix vulnerabilities, security, 2007/11/23
Mp3 ToolBox 1.0 beta 5 Remote File İnclude Vulnerability, cybermilitan, 2007/11/23
[0day Remote Command Execution] VigileCMS <= 1.8 Stealth, wegotyourbox, 2007/11/23
Aria-Security.net: Irola My-Time v3.5 SQL Injection, no-reply, 2007/11/23
[ MDKSA-2007:231 ] - Updated cacti packages fix SQL injection vulnerability, security, 2007/11/22
Gadu-Gadu Local/Remote Buffer Overflow vulnerability, j00ru . vx, 2007/11/22
- Re: Gadu-Gadu Local/Remote Buffer Overflow vulnerability, gg_vuln, 2007/11/22
- Re: Re: Gadu-Gadu Local/Remote Buffer Overflow vulnerability, emacs25, 2007/11/23
- Re: Re: Gadu-Gadu Local/Remote Buffer Overflow vulnerability, j00ru . vx, 2007/11/23
- Re: Re: Re: Gadu-Gadu Local/Remote Buffer Overflow vulnerability, gynvael, 2007/11/23
- Re: Re: Re: Re: Gadu-Gadu Local/Remote Buffer Overflow vulnerability, sdfkjsomcoismwevoiweo, 2007/11/23
- Re: Gadu-Gadu Local/Remote Buffer Overflow vulnerability, emacs25, 2007/11/23
- Re: Re: Re: Re: Re: Gadu-Gadu Local/Remote Buffer Overflow vulnerability, gynvael, 2007/11/23
[Full-disclosure] Using CSRF to Attack Mobile Phones, avivra, 2007/11/22
MySpace Scripts - Poll Creator JavaScript Injection Vulnerability, DoZ, 2007/11/22
VigileCMS <= 1.8 Stealth Remote Command Execution Exploit, bugtraq, 2007/11/22
MyBlog (MyCMS) Remote PHP Code execution / PHP Code injection .., security, 2007/11/22
- Message not available
  - Re: MyBlog (MyCMS) Remote PHP Code execution / PHP Code injection .., BlackHawk, 2007/11/23
Re: Simple Machines Forum multiple sql injection flaws with exploit code., root, 2007/11/22
[Argeniss] Data0: Next generation malware for stealing databases (Paper), Cesar, 2007/11/22
Remote Shell Command Execution in "KB-Bestellsystem" (amensa-soft.de), zero-x, 2007/11/22
GetBlog local File inclusion .., security, 2007/11/22
[ECHO_ADV_85$2007] alstrasoft E-Friends <= 4.98 (seid) Multiple Remote SQL Injection Vulnerabilities, erdc, 2007/11/22
Aria-Security.net: NetAuctionHelp SQL Injection, no-reply, 2007/11/22
- Re: Aria-Security.net: NetAuctionHelp SQL Injection, support, 2007/11/24
- Re: Re: Aria-Security.net: NetAuctionHelp SQL Injection, no-reply, 2007/11/24
Wheatblog (wB) Remote File inclusion .., security, 2007/11/22
[ MDKSA-2007:224-1 ] - Updated samba packages fix vulnerabilities, security, 2007/11/22
SkyPortal vRC6 Multiple Remote Vulnerabilities, bugtraq, 2007/11/21
Ucms <= 1.8 Backdoor Remote Command Execution Exploit, bugtraq, 2007/11/21
TalkBack 2.2.7 Multiple Remote File Inclusion Vulnerabilities, bugtraq, 2007/11/21
[SECURITY] [DSA 1408-1] New kdegraphics packages fix arbitrary code execution, Moritz Muehlenhoff, 2007/11/21
GWextranet Multiple Vulnerabilites, Joseph . giron13, 2007/11/21
E-vanced Solutions Multiple Vulnerabilites, Joseph . giron13, 2007/11/21
rPSA-2007-0245-1 kernel, rPath Update Announcements, 2007/11/21
Aria-Security.Net: VU Mailer (Mass Mail) "Password" SQL Injection, no-reply, 2007/11/21
[ MDKSA-2007:230 ] - Updated tetex packages fix vulnerabilities, security, 2007/11/21
[Aria-Security.Net] VU Case Manager "Username/Password" SQL Injection, no-reply, 2007/11/21
rPSA-2007-0245-2 kernel, rPath Update Announcements, 2007/11/21
[Full-disclosure] rPSA-2007-0243-1 flac, rPath Update Announcements, 2007/11/21
[Full-disclosure] Warning: Hackers hijacking unused IP Addresses inside Trusted domains [POC], XSS Worm XSS Security Information Portal, 2007/11/21
- Re: [Full-disclosure] Warning: Hackers hijacking unused IP Addresses inside Trusted domains [POC], Paul Schmehl, 2007/11/21
  - Re: [Full-disclosure] Warning: Hackers hijacking unused IP Addresses inside Trusted domains [POC], Gadi Evron, 2007/11/21
[ MDKSA-2007:229 ] - Updated phpMyAdmin packages fix multiple vulnerabilities, security, 2007/11/20
Several persistent XSS and CSRF on Wireless-G ADSL Gateway with SpeedBooster (WAG54GS), Adrian P, 2007/11/20
[Full-disclosure] [ GLSA 200711-32 ] Feynmf: Insecure temporary file creation, Pierre-Yves Rofes, 2007/11/20
[Full-disclosure] [ GLSA 200711-31 ] Net-SNMP: Denial of Service, Pierre-Yves Rofes, 2007/11/20
[Full-disclosure] [ GLSA 200711-30 ] PCRE: Multiple vulnerabilities, Pierre-Yves Rofes, 2007/11/20
[Full-disclosure] [ GLSA 200711-29 ] Samba: Execution of arbitrary code, Pierre-Yves Rofes, 2007/11/20
EEYE: BitDefender Online Scanner 8 Double Decode Heap Overflow, eEye Advisories, 2007/11/20
[ MDKSA-2007:228 ] - Updated cups packages fix vulnerabilities, security, 2007/11/20
[security bulletin] HPSBUX02289 SSRT071461 rev.1 - HP-UX Running BIND 8, Remote DNS Cache Poisoning, security-alert, 2007/11/20
[ MDKSA-2007:227 ] - Updated poppler packages fix vulnerabilities, security, 2007/11/20
Banks (Wellsfargo.com) using CDNs to deliver Javascript: enables password theft by anyone compromising or controlling the CDN, joel, 2007/11/20
- Re: Banks (Wellsfargo.com) using CDNs to deliver Javascript: enables password theft by anyone compromising or controlling the CDN, Jason Muskat de VE3TSJ - GCFA, GCUX, CEI, CEH, 2007/11/21
[ MDKSA-2007:226 ] - Updated kernel packages fix multiple vulnerabilities and bugs, security, 2007/11/19
rPSA-2007-0242-1 php5 php5-cgi php5-mysql php5-pear php5-pgsql php5-soap php5-xsl, rPath Update Announcements, 2007/11/19
Alcatel OmniPCX Enterprise VoIP Vulnerability, daniel . stirnimann, 2007/11/19
[Full-disclosure] [ GLSA 200711-28 ] Perl: Buffer overflow, Pierre-Yves Rofes, 2007/11/19
Certificate spoofing issue with Mozilla, Konqueror, Safari 2, Nils Toedtmann, 2007/11/19
- Re: Certificate spoofing issue with Mozilla, Konqueror, Safari 2, Kapetanakis Giannis, 2007/11/19
  - Re: Certificate spoofing issue with Mozilla, Konqueror, Safari 2, Michal Zalewski, 2007/11/19
  - Re: Certificate spoofing issue with Mozilla, Konqueror, Safari 2, Graeme Fowler, 2007/11/19
  - Re: Certificate spoofing issue with Mozilla, Konqueror, Safari 2, Nils Toedtmann, 2007/11/20
    - Message not available
    - Re: Certificate spoofing issue with Mozilla, Konqueror, Safari 2, Kapetanakis Giannis, 2007/11/20
Wordpress Cookie Authentication Vulnerability, Steven J. Murdoch, 2007/11/19
Citrix NetScaler Web Management XSS, nnposter, 2007/11/19
[Aria-Secutiy Net] Click&BaneX SQL Injection, no-reply, 2007/11/19
Belkin Wireless G Router DoS, r00t, 2007/11/19
IceBB 1.0rc6 <= Remote SQL Injection, aeroxteam-nospam, 2007/11/19
- Re: IceBB 1.0rc6 <= Remote SQL Injection, aeroxteam-nospam, 2007/11/19
[ MDKSA-2007:225 ] - Updated net-snmp packages fix remote denial of service vulnerability, security, 2007/11/19
VigileCMS 1.4 Multiple Remote Vulnerabilities, info, 2007/11/19
[ECHO_ADV_84$2007] ProfileCMS <= 1.0 Remote SQL Injection Vulnerability, erdc, 2007/11/19
[Full-disclosure] [ GLSA 200711-27 ] Link Grammar: User-assisted execution of arbitrary code, Pierre-Yves Rofes, 2007/11/18
[Full-disclosure] [ GLSA 200711-26 ] teTeX: Multiple vulnerabilities, Pierre-Yves Rofes, 2007/11/18
[Full-disclosure] [ GLSA 200711-25 ] MySQL: Denial of Service, Pierre-Yves Rofes, 2007/11/18
[Full-disclosure] [ GLSA 200711-24 ] Mozilla Thunderbird: Multiple vulnerabilities, Pierre-Yves Rofes, 2007/11/18
[Full-disclosure] [ GLSA 200711-23 ] VMware Workstation and Player: Multiple vulnerabilities, Pierre-Yves Rofes, 2007/11/18
[Full-disclosure] [ GLSA 200711-22 ] Poppler, KDE: User-assisted execution of arbitrary code, Pierre-Yves Rofes, 2007/11/18
[Full-disclosure] Crash in LIVE555 Media Server 2007.11.01, Luigi Auriemma, 2007/11/18
[Full-disclosure] Vulnerability Hash Database - Maillist, Sowhat, 2007/11/18
Re: [Full-disclosure] Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability, Juha-Matti Laurio, 2007/11/17
- Re: [Full-disclosure] Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability, jf, 2007/11/17
[Full-disclosure] [ GLSA 200711-21 ] Bochs: Multiple vulnerabilities, Pierre-Yves Rofes, 2007/11/17
[ MDKSA-2007:224 ] - Updated samba packages fix vulnerabilities, security, 2007/11/17
[ MDKSA-2007:223 ] - Updated pdftohtml packages fix vulnerabilities, security, 2007/11/17
[ MDKSA-2007:222 ] - Updated koffice packages fix vulnerabilities, security, 2007/11/17
Sciurus Hosting Panel Code İnjection, admin, 2007/11/17
security contact for mitsubishi electric?, Chris Withers, 2007/11/17
Myspace Clone Script (index.php) Remote File Inclusion Vulnerability, verys-secret, 2007/11/17
Black Lily 2007 (products.php class) Remote SQL Injection Vulnerability, verys-secret, 2007/11/17
net-finity (links.php) Remote SQL Injection Vulnerability, verys-secret, 2007/11/17
[Full-disclosure] rPSA-2007-0241-1 samba samba-swat, rPath Update Announcements, 2007/11/17
JiRos Upload Manager SQL Injection, no-reply, 2007/11/17
[Full-disclosure] [USN-544-2] Samba regression, Jamie Strandboge, 2007/11/17
Javamail login username and password same email problem, thetaung, 2007/11/16
[ MDKSA-2007:221 ] - Updated kdegraphics packages fix vulnerabilities in kpdf, security, 2007/11/16
[RISE-2007004] Apple Mac OS X 10.4.x Kernel i386_set_ldt() Integer Overflow Vulnerability, RISE Security, 2007/11/16
[Full-disclosure] AhnLab AntiVirus Remote Kernel Memory Corruption, Sowhat, 2007/11/16
[Full-disclosure] Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability, cocoruder, 2007/11/16
- Re: [Full-disclosure] Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability, CaseArmour.net Security Administrator, 2007/11/17
[ MDKSA-2007:220 ] - Updated gpdf packages fix vulnerabilities, security, 2007/11/16
[Full-disclosure] [USN-544-1] Samba vulnerabilities, Jamie Strandboge, 2007/11/15
[USN-543-1] VMWare vulnerabilities, Kees Cook, 2007/11/15
PR07-02: XSS on Liferay Portal Enterprise 4.1.1 login page ('login' parameter), research, 2007/11/15
PR07-26: Persistent XSS on Aruba 800 Mobility Controller's login page, research, 2007/11/15
[USN-542-2] KOffice vulnerabilities, Jamie Strandboge, 2007/11/15
EEYE: Multiple Vulnerabilities In .FLAC File Format and Various Media Applications, eEye Advisories, 2007/11/15
[ MDKSA-2007:219 ] - Updated xpdf packages fix vulnerabilities, security, 2007/11/15
[TKADV2007-001] Mac OS X TIOCSETD IOCTL Kernel Memory Corruption Vulnerability, Tobias Klein, 2007/11/15
Aida-Web Information Exposure, MC Iglo, 2007/11/15
Secunia Research: Samba "reply_netbios_packet()" Buffer Overflow Vulnerability, Secunia Research, 2007/11/15
[SAMBA] CVE-2007-5398 - Remote Code Execution in Samba's nmbd, Gerald (Jerry) Carter, 2007/11/15
[SAMBA] CVE-2007-4572 - GETDC mailslot processing buffer overrun in nmbd, Gerald (Jerry) Carter, 2007/11/15
[security bulletin] HPSBUX02284 SSRT071483 rev.2 - HP-UX Running Java JRE and JDK, Remote Unauthorized Access, security-alert, 2007/11/15
[Full-disclosure] Some hashes for the record, shadown, 2007/11/14
- Re: [Full-disclosure] Some hashes for the record, Alexander Klimov, 2007/11/15
- Re: [Full-disclosure] Some hashes for the record, Open Phugu, 2007/11/16
[Full-disclosure] iDefense Security Advisory 11.14.07: Apple Mac OS X Mach Port Inheritance Privilege Escalation Vulnerability, iDefense Labs, 2007/11/14
[Full-disclosure] iDefense Security Advisory 11.14.07: Apple Mac OS X AppleTalk mbuf Kernel Heap Overflow Vulnerability, iDefense Labs, 2007/11/14
[Full-disclosure] iDefense Security Advisory 11.14.07: Apple Mac OS X AppleTalk Socket IOCTL Kernel Stack Buffer Overflow Vulnerability, iDefense Labs, 2007/11/14
[Full-disclosure] iDefense Security Advisory 11.14.07: Apple Mac OS X AppleTalk ASP Message Kernel Heap Overflow Vulnerability, iDefense Labs, 2007/11/14
Breaking RSA: Totient indirect factorization, gandlf, 2007/11/14
- Re: Breaking RSA: Totient indirect factorization, Alexander Klimov, 2007/11/15
- Re: Breaking RSA: Totient indirect factorization, Clifton Royston, 2007/11/15
  - Re: Breaking RSA: Totient indirect factorization, gandlf, 2007/11/16
    - Re: Breaking RSA: Totient indirect factorization, Erick Galinkin, 2007/11/16
- Re: Breaking RSA: Totient indirect factorization, Watson Ladd, 2007/11/16
[Full-disclosure] [ GLSA 200711-20 ] Pioneers: Denial of Service, Pierre-Yves Rofes, 2007/11/14
[Full-disclosure] [ GLSA 200711-19 ] TikiWiki: Multiple vulnerabilities, Pierre-Yves Rofes, 2007/11/14
TPTI-07-20: Apple Quicktime Movie Stack Overflow Vulnerability, DVLabs, 2007/11/14
[Full-disclosure] [ GLSA 200711-18 ] Cpio: Buffer overflow, Pierre-Yves Rofes, 2007/11/14
[ GLSA 200711-17 ] Ruby on Rails: Multiple vulnerabilities, Pierre-Yves Rofes, 2007/11/14
[security bulletin] HPSBMA02288 SSRT071465 rev.1 - HP OpenView Operations (OVO) Running on HP-UX and Solaris, Remote Unauthorized Access, Denial of Service (DoS), security-alert, 2007/11/14
[ MDKSA-2007:218 ] - Updated mono packages fix arbitrary code execution vulnerability, security, 2007/11/14
Konqueror Remote Denial Of Service, laurent . gaffie, 2007/11/14
DocuSafe "Search" SQL Injection, No-Reply, 2007/11/14
Free Forums "search" Sql Injection, No-Reply, 2007/11/14
Aria-Security.Net: MetaCart SQL Injection, No-Reply, 2007/11/14
[Full-disclosure] Six Remote Memory Corruption Vulnerabilities in IBM WebSphere MQ 6.0, IRM Research, 2007/11/14
[Full-disclosure] Predictable DNS transaction IDs in Microsoft DNS Server, Alla Bezroutchko, 2007/11/14
[Full-disclosure] [USN-542-1] poppler vulnerabilities, Kees Cook, 2007/11/14
ExoPHPdesk user profile XSS / profile SQL injection, Joseph . giron13, 2007/11/13
[Full-disclosure] [USN-541-1] Emacs vulnerability, Kees Cook, 2007/11/13
[ MDKSA-2007:217 ] - Updated libpng packages fix multiple vulnerabilities, security, 2007/11/13
[Full-disclosure] [paper] protocol hopping covert channels, Steffen Wendzel, 2007/11/13
[USN-540-1] flac vulnerability, Kees Cook, 2007/11/13
[Full-disclosure] iDefense Security Advisory 11.12.07: Novell NetWare Client Local Privilege Escalation Vulnerability, iDefense Labs, 2007/11/13
PHP <= 5.2.5 Gettext Lib Multiple Denial of service, laurent . gaffie, 2007/11/13
[Full-disclosure] Oracle 11g/10g Installation Vulnerability, David Litchfield, 2007/11/13
- Re: [Full-disclosure] Oracle 11g/10g Installation Vulnerability, Peter Dawson, 2007/11/14
PHP <= 5.2.5 stream_wrapper_register() denial of service, laurent . gaffie, 2007/11/13
After 6 months - fix available for Microsoft DNS cache poisoning attack, Amit Klein, 2007/11/13
[ MDKSA-2007:216 ] - Updated kernel packages fix multiple vulnerabilities and bugs, security, 2007/11/13
Re: Bosdev Multiple vulnerabilities, sales, 2007/11/13
ATC-08 Call for papers (repost), atc08, 2007/11/13
[ISecAuditors Security Advisories] VTLS.web.gateway cgi is vulnerable to XSS, ISecAuditors Security Advisories, 2007/11/13
PR07-13: Cross-site Scripting / HTML injection on F5 FirePass 4100 SSL VPN 'download_plugin.php3' server-side script, research, 2007/11/12
[Full-disclosure] [ GLSA 200711-16 ] CUPS: Memory corruption, Pierre-Yves Rofes, 2007/11/12
[ MDKSA-2007:204-1 ] - Updated cups packages fix vulnerability, security, 2007/11/12
[Full-disclosure] [ GLSA 200711-15 ] FLAC: Buffer overflow, Pierre-Yves Rofes, 2007/11/12
[Full-disclosure] [ GLSA 200711-14 ] Mozilla Firefox, SeaMonkey, XULRunner: Multiple vulnerabilities, Pierre-Yves Rofes, 2007/11/12
AutoIndex <= 2.2.2 Cross Site Scripting and Denial of Service, L4teral, 2007/11/12
HPSBUX02287 SSRT071485 rev.1 - HP-UX Running HP Secure Shell, Remotely Gain Extended Privileges, security-alert, 2007/11/12
- Re: HPSBUX02287 SSRT071485 rev.1 - HP-UX Running HP Secure Shell, Remotely Gain Extended Privileges, Nick Boyce, 2007/11/15
RFID: Security Briefings, angelo, 2007/11/12
Cisco IOS Shellcode, Research, 2007/11/12
[Full-disclosure] iDefense Security Advisory 11.12.07: WinPcap NPF.SYS bpf_filter_init Arbitrary Array Indexing Vulnerability, iDefense Labs, 2007/11/12
PeopleAggregatory security advisory - re CVE-2007-5631, phil, 2007/11/12
Aria-Security.Net Research: Rapid Classified HotList Image, Advisory, 2007/11/12
PHP-Nuke Module Advertising Blind SQL Injection, Guns, 2007/11/12
Re: Re: Simple Machine Forum - Private section/posts/info disclosure, rx, 2007/11/12
Oracle 0-day to get SYSDBA access, pete, 2007/11/12
Eggblog v3.1.0 XSS Vulnerability, mesut, 2007/11/12
[48Bits Advisory] QuickTime Panorama Sample Atom Heap Overflow, [48bits] vulndev, 2007/11/12
[Full-disclosure] CVE-2007-3694: Cross site scripting (XSS) in broadcast machine, Hanno BÃck, 2007/11/12
[Full-disclosure] Cisco IOS Shellcode, Research, 2007/11/12
[Full-disclosure] FLEA-2007-0069-1 perl, Foresight Linux Essential Announcement Service, 2007/11/12
[Full-disclosure] FLEA-2007-0064-1 pcre, Foresight Linux Essential Announcement Service, 2007/11/12
[Full-disclosure] FLEA-2007-0068-1 ruby, Foresight Linux Essential Announcement Service, 2007/11/12
[Full-disclosure] FLEA-2007-0067-1 pidgin, Foresight Linux Essential Announcement Service, 2007/11/12
[Full-disclosure] FLEA-2007-0066-1 ImageMagick, Foresight Linux Essential Announcement Service, 2007/11/12
[Full-disclosure] FLEA-2007-0065-1 libpng, Foresight Linux Essential Announcement Service, 2007/11/12
[Full-disclosure] Alice - dns spoofer, fabio, 2007/11/11
SQL injection bug found in TBSource., drakomo, 2007/11/10
[Full-disclosure] Standing Up Against German Laws - Project HayNeedle, Paul Sebastian Ziegler, 2007/11/10
- Re: [Full-disclosure] Standing Up Against German Laws - ProjectHayNeedle, nate . mcfeters, 2007/11/10
- Re: [Full-disclosure] Standing Up Against German Laws - Project HayNeedle, Jan Newger, 2007/11/12
  - Re: [Full-disclosure] Standing Up Against German Laws - Project HayNeedle, Peter Conrad, 2007/11/13
  - Re: [Full-disclosure] Standing Up Against German Laws - Project HayNeedle, Duncan Simpson, 2007/11/13
    - Re: [Full-disclosure] Standing Up Against German Laws - Project HayNeedle, johan beisser, 2007/11/13
- Re: Standing Up Against German Laws - Project HayNeedle, johan beisser, 2007/11/12
  - Re: Standing Up Against German Laws - Project HayNeedle, Matt D. Harris, 2007/11/12
    - Re: Standing Up Against German Laws - Project HayNeedle, johan beisser, 2007/11/12
    - Re: Standing Up Against German Laws - Project HayNeedle, Florian Echtler, 2007/11/13
    - Re: Standing Up Against German Laws - Project HayNeedle, Paul Wouters, 2007/11/13
    - Re: Standing Up Against German Laws - Project HayNeedle, johan beisser, 2007/11/13
    - Re: Standing Up Against German Laws - Project HayNeedle, Valdis . Kletnieks, 2007/11/13
    - Re: Standing Up Against German Laws - Project HayNeedle, Frank Guthausen, 2007/11/14
    - Re: Standing Up Against German Laws - Project HayNeedle, Stefano Zanero, 2007/11/13
    - Re: Standing Up Against German Laws - Project HayNeedle, Raj Mathur, 2007/11/14
    - Re: Standing Up Against German Laws - Project HayNeedle, imipak, 2007/11/14
    - RE: Standing Up Against German Laws - Project HayNeedle, Quark IT - Hilton Travis, 2007/11/17
- Re: [Full-disclosure] Standing Up Against German Laws - Project HayNeedle, Sysman, 2007/11/13
  - Re: [Full-disclosure] Standing Up Against German Laws - Project HayNeedle, Valdis . Kletnieks, 2007/11/13
  - Re: [Full-disclosure] Standing Up Against German Laws - Project HayNeedle, Timo Schoeler, 2007/11/13
  - Re: [Full-disclosure] Standing Up Against German Laws - Project HayNeedle, Florian Streck, 2007/11/14
    - Re: [Full-disclosure] Standing Up Against German Laws - Project HayNeedle, sysman, 2007/11/14
- Re: [Full-disclosure] Standing Up Against German Laws - Project HayNeedle, Paul Sebastian Ziegler, 2007/11/13
  - Re: [Full-disclosure] Standing Up Against German Laws - Project HayNeedle, Sysman, 2007/11/14
[Full-disclosure] FLEA-2007-0063-1 perl, Foresight Linux Essential Announcement Service, 2007/11/10
[Full-disclosure] iDefense Security Advisory 11.09.07: IBM Informix Dynamic Server DBLANG Directory Traversal Vulnerability, iDefense Labs, 2007/11/09
[Full-disclosure] iDefense Security Advisory 11.09.07: AOL AmpX ActiveX Control Multiple Buffer Overflow Vulnerabilities, iDefense Labs, 2007/11/09
xoops mylinks module - sql injection, root, 2007/11/09
[ MDKSA-2007:214 ] - Updated flac packages fix vulnerability, security, 2007/11/09
li-guestbook sql inj, abc . seo, 2007/11/09
[ MDKSA-2007:215 ] - Updated openldap packages fix vulnerability, security, 2007/11/09
CanSecWest 2008 CFP (deadline Nov 30, conf Mar 26-28) and PacSec Dojo's, Dragos Ruiu, 2007/11/09
AST-2007-024 - Fallacious security advisory spread on the Internet involving buffer overflow in Zaptel's sethdlc application, The Asterisk Development Team, 2007/11/08
[SECURITY] [DSA 1403-1] New phpmyadmin packages fix cross-site scripting, Thijs Kinkhorst, 2007/11/08
[SECURITY] [DSA 1404-1] New gallery2 packages fix privilege escalation, Thijs Kinkhorst, 2007/11/08
[ MDKSA-2007:212 ] - Updated pcre packages fix vulnerability, security, 2007/11/08
[ MDKSA-2007:213 ] - Updated pcre packages fix vulnerability, security, 2007/11/08
Aria-Security.Net Research: Lotfian BROCHURE Management System, Advisory, 2007/11/08
[ MDKSA-2007:211 ] - Updated pcre packages fix vulnerability, security, 2007/11/08
[security bulletin] HPSBUX02285 SSRT071484 rev.1 - HP-UX Running Aries PA Emulator, Local Unauthorized Access, security-alert, 2007/11/08
[Full-disclosure] [ GLSA 200711-13 ] 3proxy: Denial of Service, Pierre-Yves Rofes, 2007/11/08
[Full-disclosure] [ GLSA 200711-12 ] Tomboy: User-assisted execution of arbitrary code, Pierre-Yves Rofes, 2007/11/08
[Full-disclosure] [ GLSA 200711-11 ] Nagios Plugins: Two buffer overflows, Pierre-Yves Rofes, 2007/11/08
Simple Machine Forum - Private section/posts/info disclosure, h3llcode, 2007/11/08
- Re: Simple Machine Forum - Private section/posts/info disclosure, Jindrich Kubec, 2007/11/09
- Re: Simple Machine Forum - Private section/posts/info disclosure, klynn . securityfocus, 2007/11/09
Aria-Security.Net Research: Request For Travel Sql Injection, Advisory, 2007/11/08
Re: iDefense Security Advisory 11.07.07: Oracle 10g R2 PITRIG_DROPMETADATA Buffer Overflow Vulnerability, buzzy, 2007/11/08
[Full-disclosure] [ GLSA 200711-10 ] Mono: Buffer overflow, Pierre-Yves Rofes, 2007/11/07
[Full-disclosure] iDefense Security Advisory 11.07.07: Oracle 10g R2 PITRIG_DROPMETADATA Buffer Overflow Vulnerability, iDefense Labs, 2007/11/07
[Full-disclosure] [ GLSA 200711-09 ] MadWifi: Denial of Service, Pierre-Yves Rofes, 2007/11/07
[Full-disclosure] [ GLSA 200711-08 ] libpng: Multiple Denials of Service, Pierre-Yves Rofes, 2007/11/07
[Full-disclosure] [ GLSA 200711-07 ] Python: User-assisted execution of arbitrary code, Pierre-Yves Rofes, 2007/11/07
[Full-disclosure] [ GLSA 200711-06 ] Apache: Multiple vulnerabilities, Pierre-Yves Rofes, 2007/11/07
Secunia Research: Xpdf "Stream.cc" Multiple Vulnerabilities, Secunia Research, 2007/11/07
Secunia Research: AbiWord Link Grammar "separate_sentence()" Buffer Overflow, Secunia Research, 2007/11/07
Secunia Research: Link Grammar "separate_sentence()" Buffer Overflow, Secunia Research, 2007/11/07
SiteMinder Agent: Cross Site Scripting, Giuseppe Gottardi, 2007/11/07
- Re: SiteMinder Agent: Cross Site Scripting, securityfocus, 2007/11/08
- Re: Re: SiteMinder Agent: Cross Site Scripting, overet, 2007/11/09
- Re: SiteMinder Agent: Cross Site Scripting, Williams, James K, 2007/11/09
[Full-disclosure] [ GLSA 200711-05 ] SiteBar: Multiple issues, Pierre-Yves Rofes, 2007/11/06
[ MDKSA-2007:210 ] - Updated xfs package prevents arbitrary code execution vulnerabilities, security, 2007/11/06
[SECURITY] [DSA 1400-1] New perl packages fix arbitrary code execution, Florian Weimer, 2007/11/06
[Full-disclosure] [ GLSA 200711-04 ] Evolution: User-assisted remote execution of arbitrary code, Pierre-Yves Rofes, 2007/11/06
MyWebFTP Password Disclosure, [NO-REPLY], 2007/11/06
[Full-disclosure] rPSA-2007-0231-1 pcre, rPath Update Announcements, 2007/11/06
[Full-disclosure] iDefense Security Advisory 11.06.07: Microsoft DebugView Privilege Escalation Vulnerability, iDefense Labs, 2007/11/06
PhpNuke (add-on) MS TopSites Edit Exploit And Html Injection, Guns, 2007/11/06
Cypress BX script backdoored?, Chris, 2007/11/06
[Full-disclosure] rPSA-2007-0232-1 perl, rPath Update Announcements, 2007/11/06
IDMOS v1.0 Alpha Multiple RFI Vulnerability, Guns, 2007/11/06
SMF .htaccess bypass, h3llcode, 2007/11/06
- Re: SMF .htaccess bypass, Matt D. Harris, 2007/11/06
  - Re: SMF .htaccess bypass, anuj tenani, 2007/11/06
[CVE-2007-5741] Plone: statusmessages and linkintegrity unsafe network data hotfix, mj, 2007/11/06
[ MDKSA-2007:209 ] - Updated netpbm packages fix vulnerability, security, 2007/11/06
rPSA-2007-0232-1 perl, rPath Update Announcements, 2007/11/06
[ MDKSA-2007:208 ] - Updated ghostscript packages fix vulnerability, security, 2007/11/06
[ MDKSA-2007:207 ] - Updated perl packages fix vulnerability, security, 2007/11/06
[Full-disclosure] [USN-539-1] CUPS vulnerability, Kees Cook, 2007/11/06
[Full-disclosure] ZDI-07-067: Apple QuickTime PICT File Poly Opcodes Heap Corruption Vulnerability, zdi-disclosures, 2007/11/05
[Full-disclosure] ZDI-07-066: Apple Quicktime PICT File PackBitsRgn Parsing Heap Corruption Vulnerability, zdi-disclosures, 2007/11/05
ZDI-07-068: Apple QuickTime Uncompressedfile Opcode Stack Overflow Vulnerability, zdi-disclosures, 2007/11/05
ZDI-07-065: Apple QuickTime Color Table RGB Parsing Heap Corruption Vulnerability, zdi-disclosures, 2007/11/05
[Full-disclosure] iDefense Security Advisory 11.05.07: Apple QuickTime Panorama Sample Atom Heap Buffer Overflow Vulnerability, iDefense Labs, 2007/11/05
[SECURITY] [DSA 1399-1] New pcre3 packages fix arbitrary code execution, Florian Weimer, 2007/11/05
[Full-disclosure] sometimes peepee goes in my mouf, Dirty Sanchez, 2007/11/05
Leopard's firewall damages Skype and WoW, Juergen Schmidt, 2007/11/05
[Full-disclosure] iDefense Security Advisory 11.02.07: Sun Microsystems Solaris srsexec Format String Vulnerability, iDefense Labs, 2007/11/05
[Tool] sqlmap: a blind SQL injection tool (release 0.5), Bernardo Damele, 2007/11/05
JBC Explorer <= V7.20 RC 1 Remote Code Execution Exploit, gmdarkfig, 2007/11/05
Skalinks <= 1_5 Cross Site Request Forgery Add Admin, djvincy, 2007/11/05
Re: [Full-disclosure] stop cross posting, Dude VanWinkle, 2007/11/05
[Full-disclosure] Bank Of America Vulnerable, Jamal Al-Aseer, 2007/11/05
[SECURITY] [DSA 1397-1] New mono packages fix integer overflow, Moritz Muehlenhoff, 2007/11/05
[ MDKSA-2007:206 ] - Updated pwlib packages fix vulnerability, security, 2007/11/05
phphelpdesk Multiple vulnerabilities, Joseph . giron13, 2007/11/05
Re: [Full-disclosure] mac trojan in-the-wild -- antair restored, gjgowey, 2007/11/05
[ MDKSA-2007:205 ] - Updated opal packages fix vulnerability, security, 2007/11/05
[Full-disclosure] DoS Exploit for DHCPd bug (Bugtraq ID 25984 ; CVE-2007-5365), Roman Medina-Heigl Hernandez, 2007/11/05
[Full-disclosure] [UPH-07-03] Firefly Media Server remote format string vulnerability, nnp, 2007/11/05
- Re: [Full-disclosure] [UPH-07-03] Firefly Media Server remote format string vulnerability, nnp, 2007/11/05
[Full-disclosure] [UPH-07-02] Firefly Media Server DoS, nnp, 2007/11/05
[Full-disclosure] [UPH-07-01] Firefly Media Server DoS, nnp, 2007/11/05
- Re: [Full-disclosure] [UPH-07-01] Firefly Media Server DoS, nnp, 2007/11/05
[Full-disclosure] [USN-537-2] Compiz vulnerability, Kees Cook, 2007/11/05
Scribe <= 2.0 Remote PHP Code Execution, kingoftheworld92, 2007/11/05
Secunia Research: ACDSee Products Image and Archive Plug-ins Buffer Overflows, Secunia Research, 2007/11/05
IM upgrade automated social engineering attack, Dragos Ruiu, 2007/11/05
- Re: IM upgrade automated social engineering attack, Roman Shirokov, 2007/11/06
  - Re: IM upgrade automated social engineering attack, Dragos Ruiu, 2007/11/06
Re: [Full-disclosure] [botnets] re MAC trojan (fwd), Gadi Evron, 2007/11/01
[Full-disclosure] [ GLSA 200711-03 ] Gallery: Multiple vulnerabilities, Pierre-Yves Rofes, 2007/11/01
[Full-disclosure] [ GLSA 200711-02 ] OpenSSH: Security bypass, Pierre-Yves Rofes, 2007/11/01
[Full-disclosure] [ GLSA 200711-01 ] gFTP: Multiple vulnerabilities, Pierre-Yves Rofes, 2007/11/01
[ MDKSA-2007:204 ] - Updated cups packages fix vulnerability, security, 2007/11/01
[ MDKSA-2007:203 ] - Updated xen packages fix multiple vulnerabilities, security, 2007/11/01
Re: Airkiosk/formlib application is XSS vuln, Raymond Pete, 2007/11/01
- Re: Airkiosk/formlib application is XSS vuln, skien, 2007/11/01
Cryptome: NSA has access to Windows Mobile smartphones, Juha-Matti Laurio, 2007/11/01
- RE: Cryptome: NSA has access to Windows Mobile smartphones, Kurt Dillard, 2007/11/01
Two XSS on Blue Coat ProxySG Management Console, research, 2007/11/01
mac trojan in-the-wild, Gadi Evron, 2007/11/01
- Re: [Full-disclosure] mac trojan in-the-wild, nnp, 2007/11/01
- Re: [Full-disclosure] mac trojan in-the-wild, Steven Block, 2007/11/01
  - Re: [Full-disclosure] mac trojan in-the-wild, Nick FitzGerald, 2007/11/01
  - Re: [Full-disclosure] mac trojan in-the-wild, Paul Schmehl, 2007/11/01
- Re: mac trojan in-the-wild, Matthew Leeds, 2007/11/01
  - RE: mac trojan in-the-wild, Alex Eckelberry, 2007/11/01
  - Re: mac trojan in-the-wild, Nick FitzGerald, 2007/11/05
- Re: [Full-disclosure] mac trojan in-the-wild, Thor (Hammer of God), 2007/11/01
  - RE: mac trojan in-the-wild, Alex Eckelberry, 2007/11/01
    - Re: [Full-disclosure] mac trojan in-the-wild, nnp, 2007/11/01
    - Re: [Full-disclosure] mac trojan in-the-wild, Dude VanWinkle, 2007/11/01
    - Re: [Full-disclosure] mac trojan in-the-wild, nnp, 2007/11/01
    - Re: [Full-disclosure] mac trojan in-the-wild, Dude VanWinkle, 2007/11/05
    - Re: [Full-disclosure] mac trojan in-the-wild, Adam St. Onge, 2007/11/01
    - Re: [Full-disclosure] mac trojan in-the-wild, Paul Schmehl, 2007/11/01
    - Re: [Full-disclosure] mac trojan in-the-wild, Nick FitzGerald, 2007/11/02
    - Re: [Full-disclosure] mac trojan in-the-wild, Dude VanWinkle, 2007/11/05
    - Re: [Full-disclosure] mac trojan in-the-wild, J. Oquendo, 2007/11/05
    - Re: [Full-disclosure] mac trojan in-the-wild, Dude VanWinkle, 2007/11/05
    - Re: [Full-disclosure] mac trojan in-the-wild, Roger A. Grimes, 2007/11/01
    - Re: [Full-disclosure] mac trojan in-the-wild, Thor (Hammer of God), 2007/11/01
    - Re: [Full-disclosure] mac trojan in-the-wild, Roger A. Grimes, 2007/11/02
    - [Full-disclosure] the heart of the problem [was: RE: mac trojan in-the-wild], Gadi Evron, 2007/11/02
    - Re: [Full-disclosure] [funsec] the heart of the problem [was: RE: mac trojan in-the-wild], Drsolly, 2007/11/05
    - Re: [Full-disclosure] the heart of the problem [was: RE: mac trojan in-the-wild], Roger A. Grimes, 2007/11/05
    - Re: [Full-disclosure] mac trojan in-the-wild, Peter Besenbruch, 2007/11/01
    - Re: [Full-disclosure] mac trojan in-the-wild, Paul Schmehl, 2007/11/01
    - Re: [Full-disclosure] mac trojan in-the-wild, David Harley, 2007/11/05
    - Re: [Full-disclosure] mac trojan in-the-wild, Robert McArdle, 2007/11/02
    - Re: [Full-disclosure] mac trojan in-the-wild, Robert McArdle, 2007/11/02
  - Re: [Full-disclosure] mac trojan in-the-wild, Jim Harrison, 2007/11/01
    - Re: [Full-disclosure] mac trojan in-the-wild, Gadi Evron, 2007/11/01
- Re: [Full-disclosure] mac trojan in-the-wild, Peter Besenbruch, 2007/11/01
- RE: mac trojan in-the-wild, Memisyazici, Aras, 2007/11/05
(tool announce) Orizon v0.50 announce, Paolo Perego, 2007/11/01
CFP: International workshop on Secure Software Engineering - Deadline extended!, secse08, 2007/11/01
Synergiser <= 1.2 RC1 Local File Inclusion & Full path disclosure, kingoftheworld92, 2007/11/01
sBlog 0.7.3 Beta Cross Site Request Forgery, Guns, 2007/11/01
Re: Comments re ISC's announcement on bind9 security, Henrik Langos, 2007/11/01
- Re: Comments re ISC's announcement on bind9 security, Network Protocol Security, 2007/11/01
- Re: Re: Comments re ISC's announcement on bind9 security, ntn, 2007/11/01
  - Re: Comments re ISC's announcement on bind9 security, Theo de Raadt, 2007/11/01
    - Re: Comments re ISC's announcement on bind9 security, Tim, 2007/11/01
    - Re: Comments re ISC's announcement on bind9 security, Shane Kerr, 2007/11/05
    - Re: Comments re ISC's announcement on bind9 security, Tim, 2007/11/05
    - Re: Comments re ISC's announcement on bind9 security, Shane Kerr, 2007/11/05
    - Re: Comments re ISC's announcement on bind9 security, Tim, 2007/11/05
[Full-disclosure] SEC Consult SA-20071101-0 :: Multiple Vulnerabilities in SonicWALL SSL-VPN Client, Bernhard Mueller, 2007/11/01