[bugtraq] Thread Index

• Chronological Index · RSS feed

• FreeBSD Security Advisory FreeBSD-SA-06:01.texindex, FreeBSD Security Advisories   (January 12, 2006)
• [ GLSA 200601-06 ] xine-lib, FFmpeg: Heap-based buffer overflow, Stefan Cornelius   (January 12, 2006)
• [EEYEB-20051117A] Apple QuickTime STSD Atom Heap Overflow, Advisories   (January 12, 2006)
• [RHSA-2006:0157-01] Low: struts security update for Red Hat Application Server, bugzilla   (January 12, 2006)
• MDKSA-2006:010 - Updated cups packages fix several vulnerabilities, Mandriva Security Team   (January 12, 2006)
• [FLSA-2006:167803] Updated mysql packages fix security issues, Marc Deslauriers   (January 12, 2006)
• Advisory: XSS attack on Superonline.com email service., nukedx   (January 12, 2006)
• BSD Securelevels: Circumventing protection of files flagged immutable, RedTeam Pentesting   (January 12, 2006)
• H-Sphere Security Vulnerability, M.Neset KABAKLI   (January 12, 2006)
• Advisory 02/2006: PHP ext/mysqli Format String Vulnerability, Stefan Esser   (January 12, 2006)
• Advisory 01/2006: PHP ext/session HTTP Response Splitting Vulnerability, Stefan Esser   (January 12, 2006)
• Cisco Security Advisory: Access Point Memory Exhaustion from ARP Attacks, Cisco Systems Product Security Incident Response Team   (January 12, 2006)
• [SECURITY] [DSA 938-1] New koffice packages fix arbitrary code execution, Martin Schulze   (January 12, 2006)
• EUSecWest papers and CanSecWest CFP, Dragos Ruiu   (January 12, 2006)
• [USN-241-1] Apache vulnerabilities, Adam Conrad   (January 12, 2006)
• Session data pollution vulnerabilities in web applications, Alla Bezroutchko   (January 12, 2006)
  • Re: [Full-disclosure] Session data pollution vulnerabilities in web applications, Frank Knobbe   (January 12, 2006)  
   
• Advisory: MiniNuke CMS System <= 1.8.2 (news.asp) SQL Injection vulnerability, nukedx   (January 12, 2006)
  • <Possible follow-ups>
  • Advisory: MiniNuke CMS System <= 1.8.2 (news.asp) SQL Injection vulnerability, nukedx   (January 13, 2006)
    • Advisory: MiniNuke CMS System <= 1.8.2 (membership.asp) remote user password change exploit, nukedx   (January 13, 2006)  
     
   
• Cisco, haven't we learned anything? (technician reset), Gadi Evron   (January 12, 2006)
• Interspire TrackPoint NX XSS Vulnerability, M.Neset KABAKLI   (January 12, 2006)
• Multiple PHP Toolkit for PayPal Vulnerabilities, uinC Team   (January 12, 2006)
• FogBugz Cross Site Scripting Vulnerability, M.Neset KABAKLI   (January 12, 2006)
• [SECURITY] [DSA 937-1] New tetex-bin packages fix arbitrary code execution, Martin Schulze   (January 12, 2006)
• [SECURITY] [DSA 903-2] New unzip packages fix unauthorised permissions modification, Martin Schulze   (January 12, 2006)
• ZDI-06-001: Clam AntiVirus UPX Unpacking Code Execution Vulnerability, zdi-disclosures   (January 12, 2006)
• [eVuln] TankLogger SQL Injection Vulnerability, alex   (January 12, 2006)
• [eVuln] ACal Authentication Bypass & PHP Code Insertion, alex   (January 13, 2006)
• [eVuln] Wordcircle Authentication Bypass, alex   (January 13, 2006)