[bugtraq] Thread Index

• Chronological Index · RSS feed

• AST-2007-026 - SQL Injection issue in cdr_pgsql, Asterisk Security Team   (November 29, 2007)
• [USN-549-1] PHP vulnerabilities, Kees Cook   (November 29, 2007)
• AST-2007-025 - SQL Injection issue in res_config_pgsql, Asterisk Security Team   (November 29, 2007)
• [ MDKSA-2007:224-3 ] - Updated samba packages fix regressions, security   (November 30, 2007)
• DOS in Realplayer 11 ActiveX on Win Vista and Win XP SP2, thesinoda   (November 30, 2007)
• SCARE metrics and tool release, Pete Herzog   (November 30, 2007)
• PR07-14: Cross-site Scripting (XSS) / HTML injection on F5 FirePass 4100 SSL VPN 'my.activation.php3' server-side script, research   (November 30, 2007)
• PR07-15: Cross-site Scripting (XSS) / HTML injection on F5 FirePass 4100 SSL VPN 'my.logon.php3' server-side script, research   (November 30, 2007)
  • <Possible follow-ups>
  • PR07-15: Cross-site Scripting (XSS) / HTML injection on F5 FirePass 4100 SSL VPN 'my.logon.php3' server-side script, Ricardo Martins - Chief Security Officers   (May 23, 2008)  
   
• rPSA-2007-0254-1 idle python, rPath Update Announcements   (November 30, 2007)
• 27Mhz based wireless security insecurities - Aka - "We know what you typed last summer", Max Moser   (November 30, 2007)
  • Re: 27Mhz based wireless security insecurities - Aka - "We know what you typed last summer", Jacob Appelbaum   (November 30, 2007)  
   
• PR07-37: XSS on Apache HTTP Server 413 error pages via malformed HTTP method, research   (November 30, 2007)
  • <Possible follow-ups>
  • Re: PR07-37: XSS on Apache HTTP Server 413 error pages via malformed HTTP method, mcalautt   (July 11, 2008)
    • Re: PR07-37: XSS on Apache HTTP Server 413 error pages via malformed HTTP method, ProCheckUp Research   (July 14, 2008)  
     
   
• QEMU code_gen_buffer overflow POC, TeLeMan   (November 30, 2007)
• rPSA-2007-0255-1 nss_ldap, rPath Update Announcements   (December 01, 2007)
• DC4420 - London DEFCON chapter Christmas Party - 11th December, Major Malfunction   (December 01, 2007)
• Realplayer 11 DOS attack when processing a malformed AU file on MS Vista and XP, thesinoda   (December 01, 2007)
• PR06-08: BEA Plumtree portal internal hostname disclosure vulnerability, research   (December 03, 2007)
  • Re: PR06-08: BEA Plumtree portal internal hostname disclosure vulnerability, guiness.stout   (December 03, 2007)
    • Message not available
      • Fwd: PR06-08: BEA Plumtree portal internal hostname disclosure vulnerability, imipak   (December 03, 2007)
       
     
   
• [SECURITY] [DSA 1417-1] New asterisk packages fix SQL injection, Moritz Muehlenhoff   (December 03, 2007)
• [SECURITY] [DSA 1418-1] New cacti packages fix SQL injection, Thijs Kinkhorst   (December 03, 2007)
• [WhitePaper (SecNiche)] Information Prone LDAP Garbage Dumps, AKS aka (0kn0ck)   (December 03, 2007)
• PR06-11: BEA Plumtree portal search facility leaks usernames to unauthenticated users, research   (December 03, 2007)
• PR06-09: BEA Plumtree portal full version disclosure vulnerability, research   (December 03, 2007)
• Lotfian Brochure and cataloge Script XSS And SQL Injection, noreply   (December 03, 2007)
• sing (debian) vunlerability?, Milen Rangelov   (December 03, 2007)
  • Re: sing (debian) vunlerability?, Moritz Muehlenhoff   (December 04, 2007)