[bugtraq] Thread Index

• Chronological Index · RSS feed

• [MajorSecurity Advisory #54]xt:Commerce - Cross Site Scripting and Session Fixation Issues, admin   (September 22, 2008)
  • Re: [MajorSecurity Advisory #54]xt:Commerce - Cross Site Scripting and Session Fixation Issues, Philipp Hagemeister   (September 23, 2008)  
  • <Possible follow-ups>
  • Re: [MajorSecurity Advisory #54]xt:Commerce - Cross Site Scripting and Session Fixation Issues, admin   (September 22, 2008)  
   
• [SECURITY] [DSA-1619-2] New python-dns package fixes regression, Devin Carraway   (September 22, 2008)
• Cross Site Scripting (XSS) Vulnerabilitiy in fuzzylime (cms) >=3.02, CVE-2008-3098, Fabian Fingerle   (September 22, 2008)
• [ GLSA 200809-12 ] Newsbeuter: User-assisted execution of arbitrary code, Pierre-Yves Rofes   (September 23, 2008)
• [ GLSA 200809-13 ] R: Insecure temporary file creation, Pierre-Yves Rofes   (September 23, 2008)
• [ MDVSA-2008:200 ] ed, security   (September 23, 2008)
• [ MDVSA-2008:201 ] pan, security   (September 23, 2008)
• Squirrelmail: Session hijacking vulnerability, CVE-2008-3663, Hanno Böck   (September 23, 2008)
• Aruba Mobility Controller Shared Default Certificate, nnposter   (September 23, 2008)
• Xss In Datalife Engine CMS 7.2, hadikiamarsi   (September 23, 2008)
• [ MDVSA-2008:202 ] phpMyAdmin, security   (September 23, 2008)
• [ MDVSA-2008:203 ] awstats, security   (September 23, 2008)
• menalto gallery: Session hijacking vulnerability, CVE-2008-3102, Hanno Böck   (September 23, 2008)
  • mantis CVE-2008-3102 (Re: menalto gallery: Session hijacking vulnerability, CVE-2008-3102), Hanno Böck   (September 24, 2008)  
   
• Re: Aruba Mobility Controller Shared Default Certificate - Response from Aruba Networks, Robbie (Rupinder) Gill   (September 23, 2008)
• [ GLSA 200809-14 ] BitlBee: Security bypass, Pierre-Yves Rofes   (September 24, 2008)
• [ GLSA 200809-15 ] GNU ed: User-assisted execution of arbitrary code, Pierre-Yves Rofes   (September 24, 2008)
• Advisory : Google Chrome Carriage Return Null Object Memory Exhaustion Remote Dos., Aditya K Sood   (September 24, 2008)
  • Re: Advisory : Google Chrome Carriage Return Null Object Memory Exhaustion Remote Dos., LIUDIEYU dot COM   (September 24, 2008)  
   
• [USN-645-1] Firefox and xulrunner vulnerabilities, Jamie Strandboge   (September 24, 2008)
• [USN-645-2] Firefox vulnerabilities, Jamie Strandboge   (September 24, 2008)
• Internet Information Service remote set password, hamedata   (September 24, 2008)
• IAS Helper COM Component (iashlpr.dll) activex remote DOS, hamedata   (September 24, 2008)
• Internet Information Service (adsiis.dll) activex remote DOS, hamedata   (September 24, 2008)
• Cisco Security Advisory: Cisco IOS Software Layer 2 Tunneling Protocol (L2TP) Denial of Service Vulnerability, Cisco Systems Product Security Incident Response Team   (September 24, 2008)
• Cisco Security Advisory: Vulnerability in Cisco IOS While Processing SSL Packet, Cisco Systems Product Security Incident Response Team   (September 24, 2008)
• Cisco Security Advisory: Cisco 10000, uBR10012, uBR7200 Series Devices IPC Vulnerability, Cisco Systems Product Security Incident Response Team   (September 24, 2008)
• Cisco Security Advisory: Cisco IOS MPLS Forwarding Infrastructure Denial of Service Vulnerability, Cisco Systems Product Security Incident Response Team   (September 24, 2008)