The bugtraq list thread archive for Mar-05

Page 1
[<< First Page]	[Next Page >]	[Prev Page]
[Date Index]	[Author Index]
[Date Directory]	[Subject Directory]	[Author Directory]
[to lists]	[mcabee.org]	[lcm]

Security holes in the iTunes Music Store, Charles M. Hannum
Reverse shell using netcat on AS/400, Shalom Carmel
[HV-HIGH] Microsoft Jet DB engine vulnerabilities, vuln
(PAPER) "Vision of danger: The Firefox Greasemonkey", Piotr Bania
RE: eBay Account Phishing with eBay Redirect - Ebay fixed this + related XSS hole, Rager, Anton (Anton)
WindowsXP malformed .wmf files DoS, liquid
MDKSA-2005:063 - Updated htdig packages fix vulnerability, Mandrakelinux Security Team
Bay Technical Associates telnet server logon bypass, nolimit bugtraq
- Re: Bay Technical Associates telnet server logon bypass, Michael Brennen
MDKSA-2005:062 - Updated ipsec-tools packages fix vulnerability, Mandrakelinux Security Team
MX Shop 1.1.1 and MX Kart 1.1.2 are vulnerable to multiple SQL injection vulnerabilities, dcrab
[ GLSA 200503-37 ] LimeWire: Disclosure of sensitive information, Thierry Carrez
MDKSA-2005:064 - Updated libexif packages fix vulnerability, Mandrakelinux Security Team
[ GLSA 200503-36 ] netkit-telnetd: Buffer overflow, Thierry Carrez
Vendor Response to Portculis Advisory 05-002: Spectrum Cash Receipting System, Paul J Docherty
cPanel/WHM demo account problems, Richard Stanway
- Re: cPanel/WHM demo account problems, Beau Henderson
bzip2 TOCTOU file-permissions vulnerability, Imran Ghory
[SECURITY] [DSA 701-1] New samba packages fix arbitrary code execution, Martin Schulze
[CLA-2005:945] Conectiva Security Announcement - kernel, Conectiva Updates
Multiple sql injection, and xss vulnerabilities in Pay pal Storefront, Diabolic Crab
PaFileDB Version 3.1 and below are exploitable via a XSS and a SQL injection vulnerability, dcrab
[SECURITY] [DSA 700-1] New mailreader packages fix cross-site scripting vulnerability, Martin Schulze
[ GLSA 200503-35 ] Smarty: Template vulnerability, Thierry Carrez
Cisco Security Advisory: Cisco VPN 3000 Concentrator Vulnerable to Crafted SSL Attack, Cisco Systems Product Security Incident Response Team
MDKSA-2005:061 - Updated krb5 packages fix telnet client vulnerability, Mandrakelinux Security Team
Portcullis Security Advisory 05-011 ACPI 1.6 BIOS, Paul J Docherty
- Re: Portcullis Security Advisory 05-011 ACPI 1.6 BIOS, Kurt Seifried
- Re: Portcullis Security Advisory 05-011 ACPI 1.6 BIOS, Chris Paget
- <Possible follow-ups>
- RE: Portcullis Security Advisory 05-011 ACPI 1.6 BIOS, Paul J Docherty
- RE: Portcullis Security Advisory 05-011 ACPI 1.6 BIOS, Paul J Docherty
[PersianHacker.NET 200503-11]Ublog reload 1.0.4 and prior Multiple Vulnerbilities, PersianHacker Team
Multiple phpCoin Vulnerabilities, GulfTech Security Research
abuse & security issues > Israel, Gadi Evron
[PersianHacker.NET 200503-12]Chatness 2.5.1 and prior XSS Vulnerabilities, PersianHacker Team
[SECURITY] [DSA 697-1] New netkit-telnet packages fix arbitrary code execution, Martin Schulze
Code insertion in Blogger comments, Antone Roundy
- <Possible follow-ups>
- Code insertion in Blogger comments, Antone Roundy
Multiple sql injection, and xss vulnerabilities in PortalApp, dcrab
Invision Power Board v2.0.3 XSS vulnerabilities, hoang yen
- RE: Invision Power Board v2.0.3 XSS vulnerabilities, alex
directory traversal in FastStone 4in1 Browser 1.2, Donato Ferrante
Multiple sql injection, and xss vulnerabilities in AspApp, dcrab
MITKRB5-SA-2005-001: buffer overflows in telnet client, Tom Yu
[SECURITY] [DSA 699-1] New netkit-telnet-ssl packages fix arbitrary code execution, Martin Schulze
[USN-102-1] shar vulnerabilities, Martin Pitt
THai's Shoutbox XSS (Spoofing URL) BUG, CorryL
[SECURITY] [DSA 698-1] New mc packages fix buffer overflow, Martin Schulze
DoS of LAN via D-Link switches, Frank Bures
- RE: DoS of LAN via D-Link switches, David Gillett
  - Re: DoS of LAN via D-Link switches, Tarmo Mamers
    - Re: DoS of LAN via D-Link switches, Neil Watson
    - Re: DoS of LAN via D-Link switches, Joel Maslak
    - Re: DoS of LAN via D-Link switches, Scott Nelson
Multiple Sql injection, and multiple XSS vulnerabilities in Photopost PHP Pro Photo Gallery Software, dcrab
phishing sites report - March/2005, Gadi Evron
- Re: phishing sites report - March/2005, Paul Laudanski
  - Re: phishing sites report - March/2005, Gadi Evron
Multiple XSS issues in Sun AnswerBook2, B00B00
Multiple XSS vulnerabilities in ACS Blog, Dan Crowley
- <Possible follow-ups>
- Multiple XSS vulnerabilities in ACS Blog, Dan Crowley
[USN-101-1] telnet vulnerabilities, Martin Pitt
Multiple Sql injection, and multiple XSS vulnerabilities in Easy Community Management System Forum (E-XOOPS), dcrab
- <Possible follow-ups>
- Multiple Sql injection, and multiple XSS vulnerabilities in Easy Community Management System Forum (E-XOOPS), dcrab
local root security bug in linux >= 2.4.6 <= 2.4.30-rc1 and 2.6.x.y <= 2.6.11.5, advisories
Multiple Sql injection, and multiple XSS vulnerabilities in Photopost PHP Pro Photo Gallery Software., dcrab
- RE: Multiple Sql injection, and multiple XSS vulnerabilities in Photopost PHP Pro Photo Gallery Software., GulfTech Security Research
- <Possible follow-ups>
- Re: Multiple Sql injection, and multiple XSS vulnerabilities in Photopost PHP Pro Photo Gallery Software., dcrab
Multiple sql injection, and xss vulnerabilities in Vladersoft Shopping Cart v.3.0, dcrab
Buffer-overflow in Tincat 2 minor than 2.0.28 (Sacred, Settlers 5 and others), Luigi Auriemma
[ GLSA 200503-34 ] mpg321: Format string vulnerability, Sune Kloppenborg Jeppesen
[CLA-2005:942] Conectiva Security Announcement - ethereal, Conectiva Updates
iDEFENSE Security Advisory 03.28.05: Multiple Telnet Client slc_add_reply() Buffer Overflow Vulnerability, iDEFENSE Labs
- Re: iDEFENSE Security Advisory 03.28.05: Multiple Telnet Client slc_add_reply() Buffer Overflow Vulnerability, Solar Designer
  - Re: iDEFENSE Security Advisory 03.28.05: Multiple Telnet Client slc_add_reply() Buffer Overflow Vulnerability, Tavis Ormandy