bugtraq February 2008 archive
Main Archive Page > Month Archives  > bugtraq archives
bugtraq: By Author

bugtraq By Author

AuthorSubject Date
3APA3A
 Re: Apache web server 2.2: htpasswd predictable salt weakness15 Feb 2008
Aaron Collins
 Re: PIX Privilege Escalation Vulnerability25 Feb 2008
Adam Laurie
 Announce: RFIDIOt credit card sub-module: ChAP.py21 Feb 2008
admin_at_nospam
 aeries browser interface(ABI) 3.8.2.8 Remote SQL Injection21 Feb 2008
 aeries browser interface(ABI) 3.7.2.2 Remote SQL Injection21 Feb 2008
 aeries browser interface(ABI) 3.8.2.8 XSS21 Feb 2008
alex_zooz_zooz_at_nospam
 Joomla <= v1.0.14-RC1(Index.php) Remote File Inclusion Exploit08 Feb 2008
amarkov_at_nospam
 Re: Nortel IP Phone DoS26 Feb 2008
Amit Klein
 RE: A paper by Amit Klein (Trusteer): "OpenBSD DNS Cache Poisoning and Multiple O/S Predictable IP ID Vulnerability"06 Feb 2008
 A paper by Amit Klein (Trusteer): "OpenBSD DNS Cache Poisoning and Multiple O/S Predictable IP ID Vulnerability"06 Feb 2008
Anurag Agarwal
 Certification for Web Application Security Professionals21 Feb 2008
beenudel1986_at_nospam
 phpechocms v 2.0 rc3 RFI23 Feb 2008
brad.antoniewicz_at_nospam
 Beehive/SendFile.NET - Secure File Transfer Appliance Hardcoded Credentials29 Feb 2008
Brendan Dolan-Gavitt
 Tool release: extract Windows credentials from registry hives21 Feb 2008
Brook Powers
 SECURITY ADVISORY - Level Platforms, Inc. Service Center Install Data HTTP Vulnerability08 Feb 2008
Bug traq
 RE: ASUS Eee PC rooted out of the box08 Feb 2008
Chris Evans
 Ghostscript buffer overflow28 Feb 2008
 Sun JRE / JDK bug introduces XXE possibilities02 Feb 2008
Cisco Systems Product Security Incident Response Team
 Cisco Security Advisory: Cisco Unified IP Phone Overflow and Denial of Service Vulnerabilities13 Feb 2008
 Cisco Security Advisory: SQL injection in Cisco Unified Communications Manager13 Feb 2008
ciucciamilcalzino_at_nospam
 Youtube Clone Xross Site Scripting (load_message.php)01 Feb 2008
cmiyazaki_at_nospam
 Re: SECURITY ADVISORY - Level Platforms, Inc. Service Center Install Data HTTP Vulnerability14 Feb 2008
cocoruder
 Adobe Reader/Acrobat Remote PDF Print Silently Vulnerability08 Feb 2008
CORE Security Technologies Advisories
 CORE-2007-1218: MPlayer 1.0rc2 buffer overflow vulnerability04 Feb 2008
crazy_kinq_at_nospam
 Netkom Internet Solutions (folder_id) Remote SQL Injection Vulnerability13 Feb 2008
 Joovili <= v.2.1 (members_help.php) Remote File &#304;nclude Vulnerability07 Feb 2008
 Blackboard (id) Remote SQL Injection07 Feb 2008
 Husrev Forums v2.0.1:PoWerBoard (tr) (id) Remote SQL Injection07 Feb 2008
cybermilitan_at_nospam
 ITech Classifieds Multiple Remote Vulnerabilities01 Feb 2008
 Domain Trader v2.0 Xss Vulnerable02 Feb 2008
CYBSEC Advisories
 CYBSEC Security Advisory: Arbitrary file overwrite in Documentum Administrator / Documentum Webtop05 Feb 2008
Daniel Roethlisberger
 Urulu 2.1 Blind SQL Injection Vulnerability (CVE-2008-0385)28 Feb 2008
dann frazier
 [SECURITY] [DSA 1505-1] New alsa-driver packages fix kernel memory leak22 Feb 2008
 [SECURITY] [DSA 1504-1] New Linux kernel 2.6.8 packages fix several issues22 Feb 2008
 [SECURITY] [DSA 1503-1] New Linux kernel 2.4.27 packages fix several issues22 Feb 2008
 [SECURITY] [DSA 1494-2] New linux-2.6 packages fix privilege escalation13 Feb 2008
Danux
 Bypassing OfficeScan Trend Micro AV26 Feb 2008
david.reguera_at_nospam
 ELFdump crash when analyzing crafted ELF file.13 Feb 2008
david130490_at_nospam
 Re: Buffer Overflow Vulnerability in AxRUploadServer.dll, Activex Method (SetLogging)08 Feb 2008
 Buffer Overflow Vulnerability in AxRUploadServer.dll, Activex Method (SetLogging)08 Feb 2008
db_at_nospam
 netOffice Dwins 1.3 Remote code execution.29 Feb 2008
 my little forum XSS12 Feb 2008
dcid_at_nospam
 Re: Re: SQL-injection, XSS in OSSIM (Open Source Security Information Management)25 Feb 2008
dean_at_nospam
 Re: etomite xss18 Feb 2008
Dominique Karg
 Re: SQL-injection, XSS in OSSIM (Open Source Security Information Management)22 Feb 2008
eagle
 DOINGSOFT-2008-02-11-002 IP Diva VPN SSL many XSS attacks14 Feb 2008
 DOINGSOFT-2008-02-11 - IPDiva VPN SSL Brute force attack14 Feb 2008
ekoparty
 CFP - ekoparty 4th edition27 Feb 2008
enterth3dragon_at_nospam
 Simple Machines Forum "SMF Shoutbox" Mod Persistent XSS10 Feb 2008
f10_at_nospam
 Re: 123 Flash Chat Module for phpBB28 Feb 2008
 123 Flash Chat Module for phpBB28 Feb 2008
 Xoops-2.0.16 Remote File Inclusion19 Feb 2008
 hi10 Feb 2008
Florian Weimer
 [SECURITY] [DSA 1499-1] New pcre3 packages fix arbitrary code execution19 Feb 2008
 [SECURITY] [DSA 1494-1] New linux-2.6 packages fix privilege escalation11 Feb 2008
forensec_at_nospam
 gkrellweather11 Feb 2008
Foresight Linux Essential Announcement Service
 FLEA-2008-0007-1 gd12 Feb 2008
 FLEA-2008-0001-1 firefox12 Feb 2008
 FLEA-2008-0005-1 e2fsprogs12 Feb 2008
 FLEA-2008-0004-1 rsync12 Feb 2008
 FLEA-2008-0003-1 nss_ldap12 Feb 2008
 FLEA-2008-0002-1 python12 Feb 2008
 FLEA-2008-0006-1 tetex tetex-dvips tetex-fonts12 Feb 2008
FreeBSD Security Advisories
 FreeBSD Security Advisory FreeBSD-SA-08:04.ipsec14 Feb 2008
 FreeBSD Security Advisory FreeBSD-SA-08:03.sendfile14 Feb 2008
goldshlager19_at_nospam
 IBM Quickr 8 Calendar Xss Injection (Bypass Quickr 8.0 Xss Filter)22 Feb 2008
gregory
 Re: rPSA-2008-0052-1 kernel13 Feb 2008
Gynvael Coldwind
 [HISPASEC] FireFox 2.0.0.11 and Opera 9.50 beta Remote Memory Information Leak, FireFox 2.0.0.11 Remote Denial of Service16 Feb 2008
hackturkiye.hackturkiye_at_nospam
 joomla com_simpleshop SQL Injection(section) #24 Feb 2008
 joomla com_wines SQL Injection(id)24 Feb 2008
 joomla com_garyscookbook SQL Injection(id)24 Feb 2008
 php-nuke Quran SQL Injection(surano)23 Feb 2008
 aura cms lihatberita SQL Injection(id)23 Feb 2008
 php nuke Sections SQL Injection(print)23 Feb 2008
 php-nuke Kuran SQL Injection(surano)23 Feb 2008
 php nuke gallery SQL Injection(aid)23 Feb 2008
 php-nuke Recipes SQL Injection(recipeid)23 Feb 2008
 joomla com_hello_world SQL Injection(id)23 Feb 2008
 joomla com_product SQL Injection(catid)23 Feb 2008
 joomla SQL Injection(com_cms)21 Feb 2008
 joomla SQL Injection(com_asortyment)katid21 Feb 2008
 XOOPS Module prayerlist SQL Injection(cid)21 Feb 2008
 joomla SQL Injection(com_most)secid21 Feb 2008
 PHP-Nuke Module Downloads SQL Injection(sid)21 Feb 2008
 joomla SQL Injection(com_mygallery)21 Feb 2008
 PHP-Nuke Module Dossiers Injection(did)21 Feb 2008
 PHP-Nuke genaral print SQL Injection(id)21 Feb 2008
 XOOPS Module tinyevent-print SQL Injection(id)21 Feb 2008
 PHP-Nuke Siir SQL Injection(id)21 Feb 2008
 joomla SQL Injection(com_idvnews)21 Feb 2008
 PHP-Nuke Module BenchmarkNewsInjection(sid)21 Feb 2008
 joomla SQL Injection(com_joomlavvz)21 Feb 2008
 joomla SQL Injection(com_referenzen)21 Feb 2008
 PHP-Nuke Module Classifieds SQL Injection(Details)21 Feb 2008
 joomla SQL Injection(com_asortyment)katid21 Feb 2008
 PHP-Nuke Module Web_Links SQL Injection(cid)19 Feb 2008
 XOOPS Module eEmpregos SQL Injection(cid)19 Feb 2008
 XOOPS Module classifieds SQL Injection(cid)19 Feb 2008
 joomla SQL Injection(com_magazine)18 Feb 2008
 XOOPS Module seminars SQL Injection19 Feb 2008
 joomla SQL Injection(com_foevpartners)18 Feb 2008
 XOOPS Module events SQL Injection19 Feb 2008
 XOOPS Module badliege SQL Injection19 Feb 2008
 XOOPS Module vacatures SQL Injection19 Feb 2008
 joomla SQL Injection(com_genealogy)18 Feb 2008
 joomla SQL Injection(com_listoffreeads)18 Feb 2008
 joomla SQL Injection(com_facileforms)18 Feb 2008
 joomla SQL Injection(com_geoboerse)18 Feb 2008
 joomla SQL Injection(com_team18 Feb 2008
 joomla SQL Injection(com_iigcatalog)18 Feb 2008
 XOOPS Module myTopics-print SQL Injection(articleid)18 Feb 2008
 joomla SQL Injection(com_detail)18 Feb 2008
 joomla SQL Injection(com_formtool)18 Feb 2008
 XOOPS Module section SQL Injection(articleid)18 Feb 2008
 (tip=sollinkicerik)SQL Injection Vulnerability16 Feb 2008
 joomla SQL Injection (cat)(com_downloads)16 Feb 2008
 Wordpress Plugin (wp-people) SQL Injection16 Feb 2008
 joomla SQL Injection(com_ricette)16 Feb 2008
 joomla SQL Injection(com_jooget)16 Feb 2008
 WordPress SQL Injection(wp-content-simple-forum)16 Feb 2008
 joomla SQL Injection(com_galeria)16 Feb 2008
 joomla SQL Injection(com_filebase)16 Feb 2008
 joomla SQL Injection(com_detail)16 Feb 2008
 Wordpress Plugin (wp-content/recipe) SQL Injection16 Feb 2008
 joomla SQL Injection(com_profile)16 Feb 2008
 WordPress forumaction (PAGE_id)(user)SQL Injection16 Feb 2008
 joomla SQL Injection(com_emcompose)16 Feb 2008
 joomla SQL Injection(com_sg)15 Feb 2008
 joomla SQL Injection(com_filebase)15 Feb 2008
 joomla SQL Injection(com_lexikon)15 Feb 2008
 joomla SQL Injection( com_scheduling)16 Feb 2008
 joomla SQL Injection(com_salesrep)15 Feb 2008
 Simple Forum Version 1.7-1.9(pagename)15 Feb 2008
 all version Wordpress FORUM S@L injection15 Feb 2008
 joomla faq SQL Injection13 Feb 2008
 joomla com_activities sql injection13 Feb 2008
 Ecommerce Websites from b1st.com SQL Injection15 Feb 2008
 joomla "com_smslist" sql injecton15 Feb 2008
 Simple Forum Version 1.10-1.11 SQL Injection15 Feb 2008
 SellOwnHouse login SQL Injection13 Feb 2008
 joomla "com_omnirealestate" S@L Injection13 Feb 2008
 joomla "com_model"13 Feb 2008
 joomla upload php code or picture (com_uhp)13 Feb 2008
 all forums.asp hack13 Feb 2008
 Provided By Development Solutions SQL Injection Exploit(panel)13 Feb 2008
 joomll(k12.tr)(com_mezun)SQL Injection12 Feb 2008
 Kommentare zum Download script SQL Injection12 Feb 2008
 joomla (k12.tr)(com_iomezun)SQL Injection12 Feb 2008
hadihadi_zedehal_2006_at_nospam
 artmedic_weblog Cross Site Scriptting Vulnerbility15 Feb 2008
Hamza Almersoumi
 Softbiz jokes and funny pictures (index.php) sql injection24 Feb 2008
Hendrik Jan Verheij
 Joomla 1.0.13 - 1.0.14 / (remote) PHP file inclusion possible if old configuration.php14 Feb 2008
Hernan Ochoa
 Release: Pass-The-Hash toolkit v1.329 Feb 2008
hk_at_nospam
 Re: PR07-38: XSS on sIFR05 Feb 2008
houssamix_at_nospam
 PKs Movie Database version 3.0.3 (SQL/XSS)09 Feb 2008
iDefense Labs
 iDefense Security Advisory 02.26.08: Mozilla Thunderbird MIME External-Body Heap Overflow Vulnerability27 Feb 2008
 iDefense Security Advisory 02.26.08: Symantec Scan Engine 5.1.2 RAR File Buffer Overflow Vulnerability26 Feb 2008
 iDefense Security Advisory 02.26.08: Symantec Scan Engine 5.1.2 RAR File Denial of Service Vulnerability26 Feb 2008
 Re: iDefense Security Advisory 02.19.08: EMC RepliStor Multiple Heap Overflow Vulnerabilities20 Feb 2008
 iDefense Security Advisory 02.20.08: Symantec Veritas Storage Foundation Scheduler Service DoS Vulnerability21 Feb 2008
 iDefense Security Advisory 02.19.08: EMC RepliStor Multiple Heap Overflow Vulnerabilities20 Feb 2008
 iDefense Security Advisory 02.12.08: Adobe Flash Media Server 2 Memory Corruption Vulnerability13 Feb 2008
 iDefense Security Advisory 02.12.08: Adobe Flash Media Server 2 Multiple Integer Overflow Vulnerabilities13 Feb 2008
 iDefense Security Advisory 02.12.08: Microsoft Office Works Converter Heap Overflow Vulnerability12 Feb 2008
 iDefense Security Advisory 02.12.08: Microsoft Office Works Converter Stack-based Buffer Overflow Vulnerability13 Feb 2008
 iDefense Security Advisory 02.12.08: Microsoft Internet Explorer Property Memory Corruption Vulnerability13 Feb 2008
 iDefense Security Advisory 02.12.08: ClamAV libclamav PE File Integer Overflow Vulnerability12 Feb 2008
 iDefense Security Advisory 02.08.08: Adobe Reader and Acrobat Multiple Stack-based Buffer Overflow Vulnerabilities09 Feb 2008
 iDefense Security Advisory 02.08.08: Adobe Reader Security Provider Unsafe Libary Path Vulnerability09 Feb 2008
 iDefense Security Advisory 02.08.08: Adobe Reader and Acrobat JavaScript Insecure Method Exposure Vulnerability09 Feb 2008
 iDefense Security Advisory 02.07.08: IBM DB2 Universal Database Administration Server Memory Corruption Vulnerability07 Feb 2008
 iDefense Security Advisory 02.07.08: IBM DB2 Universal Database db2pd Arbitrary Library Loading Vulnerability07 Feb 2008
 iDefense Security Advisory 02.04.08: Hewlett-Packard Network Node Manager Topology Manager Service DoS Vulnerability06 Feb 2008
 iDefense Security Advisory 01.31.08: IBM Informix Dynamic Server SQLIDEBUG File Creation Vulnerability04 Feb 2008
 iDefense Security Advisory 01.31.08: IBM Informix Dynamic Server onedcu File Creation Vulnerability04 Feb 2008
info_at_nospam
 LiveCart XSS vulnerability fixed since version 1.1.001 Feb 2008
infocus
 [INFIGO-2008-02-13]: SOPHOS Email Security Appliance Cross Site Scripting Vulnerability15 Feb 2008
IOActive Advisories
 IOActive Security Advisory: Multiple Remote SiteScope Vulnerabilities12 Feb 2008
 IOActive Security Advisory: Legacy mod_jk2 Buffer Overflow12 Feb 2008
ivangaravito_at_nospam
 Re: Tested on Webmin 1.39006 Feb 2008
Jacob Appelbaum
 Re: Loginwindow.app and Mac OS X29 Feb 2008
 Loginwindow.app and Mac OS X28 Feb 2008
 Cold Boot Attacks on Disk Encryption22 Feb 2008
jamboomla_at_nospam
 Re: Mambo 4.6.3 Path Disclosure, XSS , XSRF, DOS27 Feb 2008
Jamie Strandboge
 [USN-582-1] Thunderbird vulnerabilities29 Feb 2008
 [USN-580-1] libcdio vulnerability21 Feb 2008
 [USN-579-1] Qt vulnerability21 Feb 2008
 [USN-578-1] Linux kernel vulnerabilities14 Feb 2008
 [USN-576-1] Firefox vulnerabilities08 Feb 2008
 [USN-575-1] Apache vulnerabilities05 Feb 2008
jfvanmeter_at_nospam
 Re: Directory traversal in SafeNet Sentinel Protection and Key Server 7.4.1.012 Feb 2008
 Re: Directory traversal in SafeNet Sentinel Protection and Key Server 7.4.1.012 Feb 2008
 Re: Directory traversal in SafeNet Sentinel Protection and Key Server 7.4.1.012 Feb 2008
Jon R. Kibler
 Academic Computer Security Conference21 Feb 2008
jyvaeskylae_at_nospam
 Re: artmedic_weblog Cross Site Scriptting Vulnerbility15 Feb 2008
Kees Cook
 [USN-581-1] PCRE vulnerability22 Feb 2008
Krzysztof Burghardt
 Search Unleashed 0.2.10 JavaScript injection (Wordpress plugin)13 Feb 2008
L4teral
 ATutor <= 1.5.5 Cross Site Scripting17 Feb 2008
 ProjectPier <= 0.80 Cross Site Scripting and Request Forgery17 Feb 2008
 Anon Proxy Server <= 0.102 remote buffer overflow03 Feb 2008
laurent.gaffie_at_nospam
 QuickTime <= 7.4.1 QTPlugin.ocx Multiple Remote Stack Overflow12 Feb 2008
 jetAudio <= 7.0.5 (.ASX) Remote Stack Overflow08 Feb 2008
linke_z_at_nospam
 Re: ACER Travelmate 600 and 800 series - Smartcard flawed Implementation12 Feb 2008
lovebug_at_nospam
 php-nuke sql injection reportaj [secid]26 Feb 2008
luca.carettoni_at_nospam
 Philips VOIP841 Multiple Vulnerabilities14 Feb 2008
Luigi Auriemma
 Buffer-overflow in the passwords handling of Trend Micro OfficeScan 8.0 and possibly other products27 Feb 2008
 NULL pointer in SurgeFTP 2.3a225 Feb 2008
 Format string and buffer-overflow in SurgeMail 38k425 Feb 2008
 Multiple vulnerabilities in Double-Take 5.0.0.286522 Feb 2008
 Heap overflow in Sybase MobiLink 10.0.1.362920 Feb 2008
 Access violation and limited informations disclosure in webcamXP 3.72.440.019 Feb 2008
 Two heap overflow in Foxit WAC Server 2.0 Build 350319 Feb 2008
 Multiple buffer-overflow in NowSMS v2007.06.2719 Feb 2008
 NULL pointer crash in freeSSHd 1.2019 Feb 2008
 Re: Directory traversal in SafeNet Sentinel Protection and Key Server 7.4.1.012 Feb 2008
 Re: Directory traversal in SafeNet Sentinel Protection and Key Server 7.4.1.012 Feb 2008
 Directory traversal and DoS in WinIPDS G52-33-02112 Feb 2008
 Re: Directory traversal in SafeNet Sentinel Protection and Key Server 7.4.1.012 Feb 2008
 Unicode buffer-overflow in RPM Remote Print Manager 4.5.1.1112 Feb 2008
 Format string and buffer-overflow in Lst Network Print Server 9.4.2 build 10511 Feb 2008
 Format string and DoS in Opium OPI and cyanPrintIP servers 4.10.x11 Feb 2008
 Directory traversal in SafeNet Sentinel Protection and Key Server 7.4.1.011 Feb 2008
 Multiple vulnerabilities in EztremeZ-IP File and Printer Server 5.1.2x1511 Feb 2008
 NULL byte writing in Emerald, RadiusNT/X and Air Marshal08 Feb 2008
 Multiple vulnerabilities in Ipswitch Instant Messaging 2.0.8.107 Feb 2008
 Chat vulnerabilities in TinTin++ 1.97.906 Feb 2008
 Logs visualization in WS_FTP Server Manager 6.1.0.006 Feb 2008
 Multiple vulnerabilities in SAPlpd 6.2804 Feb 2008
 Multiple vulnerabilities in WinCom LPD Total 3.0.2.62304 Feb 2008
 Socket termination in FTP Log Server 7.9.14.004 Feb 2008
manuel.no_spam.bruneau_at_nospam
 Re: Joomla 1.0.13 - 1.0.14 / (remote) PHP file inclusion possible if old configuration.php15 Feb 2008
marcin.kopec_at_nospam
 SQL-injection, XSS in OSSIM (Open Source Security Information Management)21 Feb 2008
Mario Sergio Candian
 cacti -- Multiple security vulnerabilities have been discovered12 Feb 2008
Mark Thomas
 [SECURITY] CVE-2007-6286: Tomcat duplicate request processing vulnerability08 Feb 2008
 [SECURITY] CVE-2007-5333: Tomcat Cookie handling vulnerabilities08 Feb 2008
 CVE-2008-0002: Tomcat information disclosure vulnerability08 Feb 2008
Matt Johnston
 Re: Loginwindow.app and Mac OS X29 Feb 2008
Matteo Beccati
 [OPENADS-SA-2008-001] Openads 2.4.2 vulnerability fixed04 Feb 2008
Matthieu Suiche
 SandMan 1.0.080226 is out!26 Feb 2008
mattyg_at_nospam
 Re: Philips VOIP841 Multiple Vulnerabilities15 Feb 2008
Michael Neal Vasquez
 Checkpoint SecuRemote/Secure Client NGX Auto Local Logon Vulnerability07 Feb 2008
morin.josh_at_nospam
 Apple iPhone 1.1.3 remote DoS exploit05 Feb 2008
Moritz Muehlenhoff
 [SECURITY] [DSA 1506-1] New iceape packages fix several vulnerabilities24 Feb 2008
 [SECURITY] [DSA 1495-2] New nagios-plugins packages fix regression17 Feb 2008
 [SECURITY] [DSA 1497-1] New clamav packages fix several vulnerabilities16 Feb 2008
 [SECURITY] [DSA 1496-1] New mplayer packages fix arbitrary code execution12 Feb 2008
 [SECURITY] [DSA 1495-1] New nagios-plugins packages fix several vulnerabilities12 Feb 2008
 [SECURITY] [DSA 1493-1] New sdl-image1.2 packages fix arbitrary code execution10 Feb 2008
 [SECURITY] [DSA 1490-1] New tk8.3 packages fix arbitrary code execution10 Feb 2008
 [SECURITY] [DSA 1491-1] New tk8.4 packages fix arbitrary code execution10 Feb 2008
 [SECURITY] [DSA 1492-1] New wml packages fix denial of service10 Feb 2008
 [SECURITY] [DSA 1489-1] New iceweasel packages fix several vulnerabilities10 Feb 2008
 [SECURITY] [DSA 1484-1] New xulrunner packages fix several vulnerabilities10 Feb 2008
 [SECURITY] [DSA 1485-1] New icedove packages fix several vulnerabilities10 Feb 2008
 [SECURITY] [DSA 1487-1] New libexif packages fix several vulnerabilities08 Feb 2008
 [SECURITY] [DSA 1482-1] New squid packages fix denial of service05 Feb 2008
 [SECURITY] [DSA 1480-1] New poppler packages fix several vulnerabilities05 Feb 2008
 [SECURITY] [DSA 1481-1] New python-cherrypy packages fix denial of service05 Feb 2008
muuratsalo experimental hack lab
 lightblog 9.6 local file inclusion vulnerability17 Feb 2008
 banpro-dms 1.0 local file inclusion vulnerability16 Feb 2008
 scribe 0.2 local file inclusion vulnerability14 Feb 2008
 PlutoStatus Locator v1.0pre (alpha) local file inclusion vulnerability14 Feb 2008
 artmedic weblog multiple local file inclusion vulnerabilities13 Feb 2008
 artmedic weblog multiple xss vulnerabilities12 Feb 2008
 mini-pub 0.3 multiple vulnerabilities07 Feb 2008
nbbn_at_nospam
 Wordpress Plugin Sniplets 1.1.2 Multiple Vulnerabilities25 Feb 2008
 WoltLab Burning Board 3.0.3 PL1 SQL-Injection Vulnerability19 Feb 2008
 RunCMS 1.6.1 Multiple XSS and XSRF Vulnerabilties16 Feb 2008
 Wordpress Pluging wp-footnotes 2.2 (admin_panel.php) Multiple Vulnerabilites01 Feb 2008
 Wordpress Plugin dmsguestbook 1.7.0 Multiple Remote Vulnerabilities02 Feb 2008
nnposter_at_nospam
 Packeteer Products File Listing XSS24 Feb 2008
 Alkacon OpenCms tree_files.jsp resource XSS24 Feb 2008
 F5 BIG-IP Web Management Console CSRF (with example)10 Feb 2008
 F5 BIG-IP Web Management Console CSRF10 Feb 2008
no-reply_at_nospam
 Mambo com_Musica "id" Remote SQL Injection01 Mar 2008
 PHP-Nuke My_eGallery "gid" Remote SQL Injection28 Feb 2008
 Aria-Security.Net: Joomla Com_publication "pid" Remote SQL Injection23 Feb 2008
 Php Nuke "Sell" module SQL Injection ("cid")25 Feb 2008
 Pigyard Art Gallery Multiple SQL Injection25 Feb 2008
 Joomla com_inter "id" Remote SQL Injection24 Feb 2008
 Joomla Com_blog "pid" Remote SQL Injection24 Feb 2008
 Joomla com_stat "id" Remote SQL Injection24 Feb 2008
 [Aria-Security.Net] BestWebApp Dating System SQL Injection22 Feb 2008
 Mercury v1.1.5 Send Message Cross-Site Scripting10 Feb 2008
 &#1662;&#1610;&#1588; &#1711;&#1586;&#1610;&#1583;&#1607; Website Design Chat Software Remote Cross-Site Scripting10 Feb 2008
 Tested on Webmin 1.39006 Feb 2008
Noah Meyerhans
 [SECURITY] [DSA 1509-1] New koffice packages fix multiple vulnerabilities25 Feb 2008
 [SECURITY] [DSA 1502-1] New wordpress packages fix multiple vulnerabilities22 Feb 2008
 [SECURITY] [DSA 1483-1] New net-snmp packages fix denial of service vulnerability06 Feb 2008
oc photon
 Re: Loginwindow.app and Mac OS X29 Feb 2008
Ofer Shezaf
 Web Hacking Incidents Database Update for Feb 20th20 Feb 2008
 Web Hacking Incidenets Database 2007 annual Report is out08 Feb 2008
omnipresent_at_nospam
 LightBlog Remote File Upload Vulnerability01 Feb 2008
Open Phugu
 Some interesting hashes09 Feb 2008
organiser_at_nospam
 SyScan'08 Call for Paper/Training13 Feb 2008
Ozgur Ozdemircili
 Crafty Syntax Xss Vulnerability18 Feb 2008
p_s3rver_at_nospam
 Vwar New Bug13 Feb 2008
 Vwar 1.5.010 Feb 2008
packet_at_nospam
 Re: Powered by Pagetool Ver (1.04-05-06-07)25 Feb 2008
 Re: Vwar New Bug13 Feb 2008
Paul Laudanski
 CastleCops Six Years Old23 Feb 2008
Pete Herzog
 security and aluminum foil hats28 Feb 2008
Peter Watkins
 Re: Apache web server 2.2: htpasswd predictable salt weakness15 Feb 2008
 Apache web server 2.2: htpasswd predictable salt weakness14 Feb 2008
Pierre-Yves Rofes
 [ GLSA 200802-11 ] Asterisk: Multiple vulnerabilities26 Feb 2008
 [ GLSA 200802-09 ] ClamAV: Multiple vulnerabilities21 Feb 2008
 [ GLSA 200802-07 ] Pulseaudio: Privilege escalation13 Feb 2008
 [ GLSA 200802-06 ] scponly: Multiple vulnerabilities12 Feb 2008
 [ GLSA 200802-05 ] Gnumeric: User-assisted execution of arbitrary code12 Feb 2008
 [ GLSA 200802-04 ] Gallery: Multiple vulnerabilities11 Feb 2008
 [ GLSA 200802-03 ] Horde IMP: Security bypass11 Feb 2008
 [ GLSA 200802-02 ] Doomsday: Multiple vulnerabilities06 Feb 2008
ProCheckUp Research
 PR07-41: XSS on Juniper Networks Secure Access 200028 Feb 2008
 PR07-42: Webroot disclosure on Juniper Networks Secure Access 200028 Feb 2008
 ZyXEL Gateways Vulnerability Research: http://www.procheckup.com/Hacking_ZyXEL_Gateways.pdf21 Feb 2008
 PR06-12: XSS on BEA Plumtree Foundation and AquaLogic Interaction portals19 Feb 2008
 PR08-01: Several XSS, a cross-domain redirect and a webroot disclosure on Spyce - Python Server Pages (PSP)19 Feb 2008
ralph_at_nospam
 Re: etomite xss18 Feb 2008
Raphael Marichez
 [ GLSA 200802-08 ] Boost: Denial of Service14 Feb 2008
 [ GLSA 200802-01 ] SDL_image: Two buffer overflow vulnerabilities06 Feb 2008
Raymond_Villafania_at_nospam
 RE: Buffer-overflow in the passwords handling of Trend Micro OfficeScan 8.0 and possibly other products28 Feb 2008
research_at_nospam
 SYMSA-2008-001: Lyris ListManager - Multiple Vulnerabilities18 Feb 2008
Reversemode
 [Reversemode Advisory] February Advisories : Microsoft Word 2003 + Fortinet Forticlient13 Feb 2008
richard_at_nospam
 Re: XSS on Obedit v3.0313 Feb 2008
RISE Security
 Re: RE: ASUS Eee PC rooted out of the box08 Feb 2008
 ASUS Eee PC rooted out of the box08 Feb 2008
Robert Buchholz
 [ GLSA 200802-12 ] xine-lib: User-assisted execution of arbitrary code26 Feb 2008
 [ GLSA 200802-10 ] Python: PCRE Integer overflow23 Feb 2008
robert.ingruber_at_nospam
 Re: Multiple vulnerabilities in SAPlpd 6.2805 Feb 2008
rose-of-a_at_nospam
 Re: DOINGSOFT-2008-02-11-002 IP Diva VPN SSL many XSS attacks14 Feb 2008
rPath Update Announcements
 rPSA-2008-0094-1 kernel29 Feb 2008
 rPSA-2008-0093-1 thunderbird29 Feb 2008
 rPSA-2008-0092-1 tshark wireshark29 Feb 2008
 rPSA-2008-0091-1 cups29 Feb 2008
 rPSA-2008-0082-1 espgs28 Feb 2008
 rPSA-2008-0088-1 am-utils28 Feb 2008
 rPSA-2008-0086-1 pcre28 Feb 2008
 rPSA-2008-0084-1 lighttpd28 Feb 2008
 rPSA-2008-0059-1 openldap openldap-clients openldap-servers12 Feb 2008
 rPSA-2008-0056-1 mailman15 Feb 2008
 rPSA-2008-0063-1 boost13 Feb 2008
 rPSA-2008-0061-1 SDL_image13 Feb 2008
 rPSA-2008-0054-1 tk12 Feb 2008
 rPSA-2008-0052-1 kernel12 Feb 2008
 rPSA-2008-0051-1 firefox09 Feb 2008
 rPSA-2008-0048-1 kernel08 Feb 2008
 rPSA-2008-0046-1 gd06 Feb 2008
 rPSA-2008-0043-1 icu06 Feb 2008
 rPSA-2008-0040-1 mysql mysql-bench mysql-server05 Feb 2008
rvandenbrink_at_nospam
 Re: Re: PIX Privilege Escalation Vulnerability05 Feb 2008
S21sec labs
 S21SEC-040-en: Infinite invalid authentication attempts possible in BEA WebLogic Server25 Feb 2008
s4tan
 Cacti 0.8.7a Multiple Vulnerabilities12 Feb 2008
securfrog_at_nospam
 Sami FTP Server 2.0.* Multiple Remote Vulnerabilities15 Feb 2008
 UniversalFtp Server 1.0.44 Multiple Remote Denial of service14 Feb 2008
 Re: UniversalFtp Server 1.0.44 Multiple Remote Denial of service14 Feb 2008
 Rosoft Media Player 4.1.8 Buffer Overflow ( .M3U)14 Feb 2008
 dBpowerAMP Audio Player Release 2 Remote Buffer Overflow05 Feb 2008
 NERO Media Player <= 1.4.0.35b Remote Buffer Overflow( .M3U)05 Feb 2008
 IpSwitch WS_FTPSERVER with SSH remote Buffer Overflow02 Feb 2008
 Titan FTP Server Remote Heap Overflow (USER/PASS)01 Feb 2008
Security Basic
 Thanks to all, ExploitSearch in Top5 security must-have13 Feb 2008
security-alert_at_nospam
 [security bulletin] HPSBGN02298 SSRT071502 rev.3 - HP Notebook PC Quick Launch Button (QLB) Software Running on Windows, Remote Execution of Arbitrary Code, Gain Privileged Access22 Feb 2008
 [security bulletin] HPSBST02314 SSRT080016 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-003 to MS08-01321 Feb 2008
 [security bulletin] HPSBTU02311 SSRT080001 rev.1 - HP Tru64 UNIX running Perl, Remote Execution of Arbitrary Code20 Feb 2008
 [security bulletin] HPSBUX02313 SSRT080015 rev.1 - HP-UX Running Apache, Remote Execution of Arbitrary Code13 Feb 2008
 [security bulletin] HPSBMA02274 SSRT071445 rev.3 - HP System Management Homepage (SMH) for HP-UX, Remote Cross Site Scripting (XSS)13 Feb 2008
 [security bulletin] HPSBUX02249 SSRT071442 rev.3 - HP-UX Running the Ignite-UX or the DynRootDisk (DRD) get_system_info Command, Local Unqualified Configuration Change13 Feb 2008
 [security bulletin] HPSBMA02309 SSRT080013 rev.1 - HP Select Identity Software, Remote Unauthorized Access07 Feb 2008
 [security bulletin] HPSBGN02310 SSRT080007 rev.1 - HP Virtual Rooms Running on Windows, Remote Execution of Arbitrary Code06 Feb 2008
 [security bulletin] HPSBST02302 SSRT071474 rev.1 - HP Storage Essentials SRM, Remote Unauthorized Access06 Feb 2008
 [security bulletin] HPSBMA02307 SSRT071420 rev.1 - HP OpenView Network Node Manager (OV NNM) Remote Denial of Service (DoS)05 Feb 2008
 [security bulletin] HPSBUX02308 SSRT080010 rev.1 - HP-UX Running Apache, Remote Execution of Arbitrary Code04 Feb 2008
security_at_nospam
 [ MDVSA-2008:056 ] - Updated gnumeric packages fix vulnerability29 Feb 2008
 [ MDVSA-2008:055 ] - Updated ghostscript packages fix arbitrary code execution vulnerability29 Feb 2008
 PHPMyTourney Remote file include Vulnerability29 Feb 2008
 [ MDVSA-2008:054 ] - Updated dbus packages fix vulnerability28 Feb 2008
 [ MDVSA-2008:053 ] - Updated pcre packages fix vulnerability27 Feb 2008
 [ MDVSA-2008:052 ] - Updated cacti packages fix multiple vulnerabilities27 Feb 2008
 [ MDVSA-2008:051 ] - Updated cups packages fix vulnerabilities26 Feb 2008
 [ MDVSA-2008:050 ] - Updated cups packages fix multiple vulnerabilities26 Feb 2008
 [ MDVSA-2008:049 ] - Updated nss_ldap package fixes race condition allowing user data theft25 Feb 2008
 [ MDVSA-2008:048 ] - Updated Firefox packages fix multiple vulnerabilities22 Feb 2008
 [ MDVSA-2008:046-1 ] - Updated xine-lib package fixes arbitrary code execution vulnerability21 Feb 2008
 [ MDVSA-2007:047 ] - Updated Thunderbird packages fix multiple vulnerabilities19 Feb 2008
 [ MDVSA-2008:046 ] - Updated xine-lib package fixes arbitrary code execution vulnerability15 Feb 2008
 [ MDVSA-2008:045 ] - Updated MPlayer packages fix a few vulnerabilities14 Feb 2008
 [ MDVSA-2008:044 ] - Updated kernel packages fix multiple vulnerabilities and bugs12 Feb 2008
 [ MDVSA-2008:043 ] - Updated kernel packages fix multiple vulnerabilities and bugs12 Feb 2008
 [ MDVSA-2008:039 ] - Updated netpbm packages fix buffer overflow vulnerability08 Feb 2008
 [ MDVSA-2008:038 ] - Updated gd packages fix buffer overflow vulnerability08 Feb 2008
 [ MDVSA-2008:042 ] - Updated Qt4 packages fix vulnerability in QSslSocket08 Feb 2008
 [ MDVSA-2008:040 ] - Updated SDL_image packages fix vulnerabilities08 Feb 2008
 [ MDVSA-2008:041 ] - Updated tk packages fix buffer overflow vulnerability08 Feb 2008
 [ MDVSA-2008:037 ] - Updated libcdio packages fix DoS vulnerability07 Feb 2008
 [ MDVSA-2008:036 ] - Updated CUPS packages fix SNMP vulnerability06 Feb 2008
 [ MDVSA-2008:035 ] - Updated libcdio packages fix DoS vulnerability05 Feb 2008
 [ MDVSA-2008:034 ] - Updated emacs packages fix vulnerabilities05 Feb 2008
 [ MDVSA-2008:033 ] - Updated ruby-gnome2 packages fix arbitrary code execution vulnerability01 Feb 2008
 [ MDVSA-2008:032 ] - Updated boost packages fix DoS vulnerabilities01 Feb 2008
 [ MDVSA-2008:031 ] -01 Feb 2008
Sekomirza_at_nospam
 StatCounteX 3.0 & 3.1 Admin Vulnerability14 Feb 2008
sex_at_nospam
 LI-countdown SQL Injection Vulnerability12 Feb 2008
si0uxsecurity_at_nospam
 Re: CSA-L03: Linux kernel vmsplice unchecked user-pointer dereference19 Feb 2008
sipherr_at_nospam
 Re: Re: Nortel IP Phone DoS26 Feb 2008
 Nortel IP Phone DoS26 Feb 2008
staad1_at_nospam
 Default Multiple Joomla! Component com_rapidrecipe "user_id=" Remote SQL Inj.10 Feb 2008
Stefan Esser
 Advisory SE-2008-01: PunBB Blind Password Recovery Vulnerability20 Feb 2008
Stefano Zanero
 CFP: Workshop on Open Source Software for Computer and Network Forensics20 Feb 2008
 Final CFP: EuroSec Workshop (March 31st, 2008)10 Feb 2008
Steve Kemp
 [SECURITY] [DSA 1507-1] New turba2 packages fix permission testing24 Feb 2008
 [SECURITY] [DSA 1500-1] New splitvt packages fix privilege escalation21 Feb 2008
 [SECURITY] [DSA 1498-1] New libimager-perl packages fix arbitrary code execution19 Feb 2008
 [SECURITY] [DSA 1486-1] New gnatsweb packages fix cross-site scripting05 Feb 2008
Steve Shockley
 Re: Logs visualization in WS_FTP Server Manager 6.1.0.006 Feb 2008
sub
 The Everything Development System - SQL Injection01 Feb 2008
subere_at_nospam
 EDLGraph 1.021 Feb 2008
Sw33t.h4cK3r_at_nospam
 SQL in Archimede Net 2000 "E-Guest_show.php"01 Feb 2008
sys-project_at_nospam
 Centreon <= 1.4.2.3 (index.php) Remote File Disclosure29 Feb 2008
 Simple CMS <= 1.0.3 (indexen.php area) Remote SQL Injection Exploit17 Feb 2008
th3.r00k.nospam_at_nospam
 etomite xss14 Feb 2008
theredc0ders_at_nospam
 phpShop <= v 0.8.1 Remote SQL injection / Filter Bypass02 Feb 2008
Thijs Kinkhorst
 [SECURITY] [DSA 1510-1] New ghostscript packages fix arbitrary code execution27 Feb 2008
 [SECURITY] [DSA 1508-1] New diatheke packages fix arbirary shell command execution25 Feb 2008
 [SECURITY] [DSA 1501-1] New dspam packages fix information disclosure21 Feb 2008
 [SECURITY] [DSA 1488-1] New phpbb2 packages fix several vulnerabilities09 Feb 2008
Thor (Hammer of God)
 ExtraOutlook 1.2 Released11 Feb 2008
Tim Newsham
 Re: A paper by Amit Klein (Trusteer): "OpenBSD DNS Cache Poisoning and Multiple O/S Predictable IP ID Vulnerability"06 Feb 2008
Tonnerre Lombard
 Re: [Full-disclosure] rPSA-2008-0052-1 kernel14 Feb 2008
Trancer
 JSPWiki Multiple Vulnerabilities13 Feb 2008
turkish-warrorr_at_nospam
 Powered by Pagetool Ver (1.04-05-06-07)24 Feb 2008
vijayv_at_nospam
 XSS on XRMS- open source CRM28 Feb 2008
VMware Security team
 VMSA-2008-0003 Moderate: Updated aacraid driver and samba and python service console updates21 Feb 2008
Wojciech Purczynski
 CSA-L03: Linux kernel vmsplice unchecked user-pointer dereference12 Feb 2008
zdi-disclosures_at_nospam
 ZDI-08-007: Symantec VERITAS Storage Foundation Administrator Service Heap Overflow Vulnerability20 Feb 2008
 ZDI-08-006: Microsoft Internet Explorer SVG animateMotion.by Code Execution Vulnerability13 Feb 2008
 ZDI-08-005: Novell Client NWSPOOL.DLL EnumPrinters Stack Overflow Vulnerability11 Feb 2008
 ZDI-08-004: Adobe AcrobatReader Javascript for PDF Integer Overflow Vulnerability11 Feb 2008
 ZDI-08-003: Symantec Backup Exec Remote File Upload Vulnerability06 Feb 2008
رومانسي هكر
 aliboard Beta Upload Shell From ControlPanel11 Feb 2008