[bugtraq] Thread Index

• Chronological Index · RSS feed

• (MS05-039) Microsoft Windows Plug-and-Play Service Remote Overflow (Universal Exploit + no crash shellcode), houseofdabus   (August 12, 2005)
• My Bulletin Board RC 4 Vulnerabilities, phuket   (August 12, 2005)
• Insecure directory permissions of default installation of Kaspersky Anti-Virus for Unix/Linux File Servers will lead to local root exploit, Dr. Peter Bieringer   (August 12, 2005)
• Windows 2000 universal exploit for MS05-039, sl0ppy   (August 12, 2005)
• Privilege escalation in Linksys WLAN Monitor v2.0, Reed Arvin   (August 12, 2005)
• Bluetooth: Theft of Link Keys for Fun and Profit?, KF (lists)   (August 12, 2005)
• Grandstream Budge Tone 101/102 DoS Vulnerability, Kroma Pierre   (August 12, 2005)
• [USN-168-1] Gaim vulnerabilities, Martin Pitt   (August 12, 2005)
• Low security hole affecting Mentor's ADSLFR4II router, Tim Brown   (August 13, 2005)
• JaguarControl Activex Buffer Overflow, Tacettin Karadeniz   (August 13, 2005)
• SQL in PHPTB Topic Boards 2.0, almaster   (August 13, 2005)
• [DRUPAL-SA-2005-004] Drupal 4.6.3 / 4.5.5 fixes critical XML-RPC issue, Uwe Hermann   (August 15, 2005)
• Advisory 15/2005: PHPXMLRPC Remote PHP Code Injection Vulnerability, Stefan Esser   (August 15, 2005)
• Advisory 14/2005: PEAR XML_RPC Remote PHP Code Injection Vulnerability, Stefan Esser   (August 15, 2005)
• Vulnerability found in CPAINT Ajax Toolkit, wiley14   (August 15, 2005)
  • <Possible follow-ups>
  • RE: Vulnerability found in CPAINT Ajax Toolkit, Thor Larholm   (August 16, 2005)  
   
• [SECURITY] [DSA 761-2] New heartbeat packages fix insecure temporary files, Martin Schulze   (August 15, 2005)
• drone armies C&C report - July/2005, Gadi Evron   (August 15, 2005)
• [SECURITY] [DSA 775-1] New Mozilla packages fix frame injection spoofing vulnerability, Martin Schulze   (August 15, 2005)
• [ GLSA 200508-06 ] Gaim: Remote execution of arbitrary code, Sune Kloppenborg Jeppesen   (August 15, 2005)
• Technical Note by Amit Klein: Detecting and Preventing HTTP Response Splitting and HTTP Request Smuggling Attacks at the TCP Le, Amit Klein (AKsecurity)   (August 15, 2005)
• Serious flaw in Linksys wireless AP password security, Steve Scherf   (August 15, 2005)
  • <Possible follow-ups>
  • Serious flaw in Linksys wireless AP password security, Steve Scherf   (August 15, 2005)  
  • RE: Serious flaw in Linksys wireless AP password security, Robert Thompson Jr.   (August 16, 2005)
    • Re: Serious flaw in Linksys wireless AP password security, Steve Scherf   (August 16, 2005)  
     
  • RE: Serious flaw in Linksys wireless AP password security, Robert Thompson Jr.   (August 16, 2005)  
   
• MDKSA-2005:139 - Updated gaim packages fix yet more vulnerabilities, Mandriva Security Team   (August 16, 2005)
• Corsaire Security Advisory: HP Ignite-UX passwd file disclosure issue, advisories   (August 16, 2005)
• MDKSA-2005:140 - Updated proftpd packages fix format string vulnerabilities, Mandriva Security Team   (August 16, 2005)
• 249bytes reverse shellcode with "nooil tricks methods", msuiche   (August 16, 2005)