The bugtraq list thread archive for Jun-06

Page 1
[<< First Page]	[Next Page >]	[Prev Page]
[Date Index]	[Author Index]
[Date Directory]	[Subject Directory]	[Author Directory]
[to lists]	[mcabee.org]	[lcm]

Hobbit monitor: Security issue with Hobbit 4.2-beta client, Henrik Stoerner
My smiles "browse.php" SQL Injection, CrAzY . CrAcKeR
Module's Name "Classifieds" SQL Injection, CrAzY . CrAcKeR
CDJ<<--V NITKID 2.0 "category.php" SQL Injection, CrAzY . CrAcKeR
MyNewsGroups<<--v. 0.6 "tree.php" SQL Injection, CrAzY . CrAcKeR
FreeHost "misc.php & news.php" SQL Injection, CrAzY . CrAcKeR
ZDI-06-020: Apple iTunes AAC File Parsing Integer Overflow Vulnerability, zdi-disclosures
ISC: Firefox immune to outerHTML flaw in MSIE [Was: Browser bugs hit IE, Firefox], Juha-Matti Laurio
[Kil13r-SA-20060701-3] Massting Cross-Site Scripting Vulnerability, mac68k
[Kil13r-SA-20060701-2] MoniWiki 1.1.1 Cross-Site Scripting Vulnerability, mac68k
[Kil13r-SA-20060701-1] Ahnlab Search Cross-Site Scripting Vulnerability, mac68k
Zen-Cart 1.3.0.2 Full Path Disclosure, o . y . 6
[ GLSA 200606-30 ] Kiax: Arbitrary code execution, Sune Kloppenborg Jeppesen
libwmf integer/heap overflow, sean
[SECURITY] [DSA 1104-1] New OpenOffice.org packages fix several vulnerabilities, Martin Schulze
ezWaiter v3.0 - XSS, luny
Re: [Full-disclosure] Browser bugs hit IE, Firefox today (SANS), Juha-Matti Laurio
Browser bugs hit IE, Firefox today (SANS), Bill Stout
rPSA-2006-0120-1 gnupg, Justin M. Forbes
Msie 7.0 beta Crash, Mr . Niega
[security bulletin] HPSBUX02122 SSRT061158 rev.2 - HP-UX Mozilla Remote Execution of Arbitrary Code, Denial of Service (DoS), security-alert
[security bulletin] HPSBTU02125 SSRT061105 rev.1 - HP Tru64 UNIX Running Perl 5.8.2 and earlier, Local Unauthorized Code Execution, security-alert
Novell Security Announcement NOVELL-SA:2006:001, Jim Short
Multiple Vulnerabilities in PatchLink Update Server 6, Chris Steipp
Novell Security contact address change, Roman Drahtmueller
rPSA-2006-0116-1 mutt, Justin M. Forbes
Digital Armaments Security Advisory 29.06.2006: Siemens Speedstream Wireless Router Password Protection Bypass Vulnerability, info
[ GLSA 200606-28 ] Horde Web Application Framework: XSS vulnerability, Sune Kloppenborg Jeppesen
Secunia Research: phpRaid SQL Injection and File Inclusion Vulnerabilities, Secunia Research
Softbiz Banner Exchange 1.0 XSS, securityconnection
[ MDKSA-2006:115 ] - Updated mutt packages fix buffer overflow vulnerability, security
CSRF in Nuked Klan 1.7 SP4.2, blwood
[ GLSA 200606-29 ] Tikiwiki: SQL injection and multiple XSS vulnerabilities, Sune Kloppenborg Jeppesen
DMA[2006-0628a] - 'Apple OSX launchd unformatted syslog() vulnerability', K F (lists)
[KAPDA]http://myimei.com/security/2006-06-24/mybb104archive-modelight-parameter-extractionvarable-overwriting.html, addmimistrator
PHPClassifieds General, luny
Layered Defense Advisory: Format String Vuln in CA eTrust, dh
Presentation: AT&T ISNN - "Case Studies in Finding Previously Unknown Vulnerabilities in Web Applications.", Kenneth F. Belva
Secunia Research: Opera SSL Certificate "Stealing" Weakness, Secunia Research
[ MDKSA-2006:113 ] - Updated tetex packages fix embedded GD vulnerabilities, security
Cisco Security Advisory: Access Point Web-Browser Interface Vulnerability, Cisco Systems Product Security Incident Response Team
Re: [MajorSecurity #18] Ralf Image Gallery <=0.7.4 - Multiple XSS, Remote File Include and directory traversal vulnerabilities, Ralf
[OpenPKG-SA-2006.011] OpenPKG Security Advisory (png), OpenPKG
Microsoft's Real Test with Vista is Vulnerabilities, Gadi Evron
- Re: [funsec] Microsoft's Real Test with Vista is Vulnerabilities, thomas48
  - RE: [funsec] Microsoft's Real Test with Vista is Vulnerabilities, Larry Seltzer
Cisco Security Advisory: Multiple Vulnerabilities in Wireless Control System, Cisco Systems Product Security Incident Response Team
PHP iCalendar Cross Site Scripting, botan
MKPortal 1.0.1 Final ($ind) File Include Vulnerability (perl), stormhacker
AzDGDatingPlatinum<<--v1.1.0 "view.php" SQL Injection, CrAzY . CrAcKeR
SyScan'06 Highlight - Is Phone Banking Safe?, thomas48
[ GLSA 200606-27 ] Mutt: Buffer overflow, Sune Kloppenborg Jeppesen
[USN-307-1] mutt vulnerability, Martin Pitt
BLOG:CMS <= 4.0.0k sql injection, rgod
PHP-Nuke Module's Name Sections<<--V3 SQL Injection, CrAzY . CrAcKeR
[ MDKSA-2006:112 ] - Updated gd packages fix DoS vulnerability., security
[ MDKSA-2006:114 ] - Updated libwmf packages fixes embedded GD vulnerability, security
- <Possible follow-ups>
- [ MDKSA-2006:114 ] - Updated libwmf packages fixes embedded GD vulnerability, security
vCard PRO SQL Injection, CrAzY . CrAcKeR
[KAPDA]MyBB 1.1.4~function_post.php~XSS Attack In URL tag, addmimistrator
smartsite cms v1.0 Remote File include, KARKOR23
[Kil13r-SA-20060628] Hanaro Search Cross-Site Scripting Vulnerability, mac68k
Files and cvars overwriting in Quake 3 engine (1.32c / rev 803 / ...), Luigi Auriemma
- <Possible follow-ups>
- Re: Files and cvars overwriting in Quake 3 engine (1.32c / rev 803 / ...), Luigi Auriemma
CAID 34325 - CA ITM, eAV, ePP scan job description field format string vulnerability, Williams, James K
[Kurdish Security # 10 ] MF Piadas 1.0 Remote File Include Vulnerability, botan
SUSE Security Announcement: freetype2 (SUSE-SA:2006:037), Thomas Biege
Re: Is Windows TCP/IP source routing PoC code available?, 3APA3A
- Re[2]: Is Windows TCP/IP source routing PoC code available?, "Ìèíàåâ_Àíäðåé"
[Kurdish Security # 11] SiteBar Cross-Site Scripting, botan
phpvillage "funshow.php" SQL Injection, CrAzY . CrAcKeR
SYMSA-2006-006: Lotus Domino SMTP Based Denial of Service, research
CrisoftRicette<<--1.0pre15b Remote File Inclusion, CrAzY . CrAcKeR
Re: [ECHO_ADV_34$2006] W-Agora (Web-Agora) <= 4.2.0 (inc_dir) Remote File Inclusion, Steven M. Christey
[SECURITY] [DSA 1103-1] New Linux kernel 2.6.8 packages fix several vulnerabilities, Moritz Muehlenhoff