Bugtraq: by thread

Previous period

Next period

385 messages starting Jun 13 99 and ending Dec 12 99
Date index | Thread index | Author index

Re: bash 1.x - command substitution bug Michal Zalewski (Jul 14)
- <Possible follow-ups>
- bash 1.x - command substitution bug Michal Zalewski (Dec 12)
Sendmail 8.8.x - time to upgrade? Michal Zalewski (Jul 14)
- Re: Sendmail 8.8.x - time to upgrade? Gregory Neil Shapiro (Nov 22)
Re: local users can panic linux kernel (was: SuSE syslogd advisory) Michal Zalewski (Jul 16)
Re: Mac OS 9 Idle Lock Bug gabriel rosenkoetter (Oct 29)
- <Possible follow-ups>
- Re: Mac OS 9 Idle Lock Bug Zachary Keane (Oct 31)
- Re: Mac OS 9 Idle Lock Bug devbugs () APPLE COM (Nov 03)
- Re: Mac OS 9 Idle Lock Bug devbugs () APPLE COM (Nov 04)
Amanda multiple vendor local root compromises Tellier, Brock (Oct 30)
- Re: Amanda multiple vendor local root compromises Ian Turner (Nov 01)
- Re: Amanda multiple vendor local root compromises Chris Tobkin (Nov 01)
  - Re: Amanda multiple vendor local root compromises Bill Fumerola (Nov 01)
- Re: Amanda multiple vendor local root compromises monti (Nov 01)
- Re: Amanda multiple vendor local root compromises Rob (Nov 01)
- Unqualified Postings edi () GANYMED ORG (Nov 01)
  - Re: Unqualified Postings v0rt (Nov 02)
- <Possible follow-ups>
- Re: Amanda multiple vendor local root compromises Alexandre Oliva (Nov 02)
- Re: Amanda multiple vendor local root compromises Alexandre Oliva (Nov 02)
Fwd: Caching of passwords revealed after installing SP6 Eric Schultze (Oct 31)
Avirt Mail Server 3.3a or 3.5 remotely exploitable buffer overflow vulnerability Luciano Martins (Nov 01)
- Avirt Mail Server 3.3a or 3.5 remotely exploitable buffer overflow vulnerability Jesús López de Aguileta (Nov 02)
RFP9906 - Services.exe DoS in NT 4 (RFPoison) .rain.forest.puppy. (Nov 01)
- RFP9906 - Services.exe DoS in NT 4 (RFPoison) - Workaround scott (Nov 01)
- Re: RFP9906 - Services.exe DoS in NT 4 (RFPoison) nascheme () ENME UCALGARY CA (Nov 01)
- Exploit + temp patch for aVirt mail server 3.5. dark spyrit (Nov 02)
Re: AW: Mac OS 9 Idle Lock Bug Mike Eldridge (Nov 01)
- Re: AW: Mac OS 9 Idle Lock Bug Greg Francis (Nov 01)
Stack Shield 0.6 beta relased vendicator () USA NET (Nov 01)
- "Function pointer" attacks. vendicator () USA NET (Nov 01)
  - Re: "Function pointer" attacks. Crispin Cowan (Nov 02)
  - Re: "Function pointer" attacks. Mariusz Woloszyn (Nov 03)
- Re: Stack Shield 0.6 beta relased Crispin Cowan (Nov 01)
Re: Unqualified Postings Marc (Nov 01)
- <Possible follow-ups>
- Re: Unqualified Postings Wanderley J. Abreu Jr. (Nov 01)
- Re: Unqualified Postings Elias Levy (Nov 03)
Re: [Re: Amanda multiple vendor local root compromises] Brock Tellier (Nov 01)
- Re: [Re: Amanda multiple vendor local root compromises] Peter Walker (Nov 01)
  - Re: [Re: Amanda multiple vendor local root compromises] Robert Watson (Nov 02)
  - [debian] New version of nis released Aleph One (Nov 02)
  - RFP9907: You, your servers, RDS, and thousands of script kiddies .rain.forest.puppy. (Nov 03)
  - UnixWare 7's dtappgather Elias Levy (Nov 03)
  - NeoPlanet Saves all emails in Plain text James J. Capone (Nov 03)
  - hylafax-4.0.2 local exploit Tellier, Brock (Nov 03)
  - IE 5.0 vulnerabilities using HTTP redirection Georgi Guninski (Nov 04)
- <Possible follow-ups>
- Re: [Re: Amanda multiple vendor local root compromises] Alexandre Oliva (Nov 02)
  - Re: [Re: Amanda multiple vendor local root compromises] Bruce A. Mah (Nov 02)
- Re: [Re: Amanda multiple vendor local root compromises] Frank Crawford (Nov 03)
- Re: [Re: Amanda multiple vendor local root compromises] Alexandre Oliva (Nov 03)
Microsoft/CERT IIS ODBC/RDS/IIS Advisory (MS98-004) Jay Schimke (Nov 01)
Some holes for Win/UNIX softwares UNYUN (Nov 02)
Oracle 8i Security Jonathan A. Zdziarski (Nov 02)
Re: WFTPD v2.40 FTPServer remotely exploitable buffer overflow vulnerability Alun Jones (Nov 02)
- Re: WFTPD v2.40 FTPServer remotely exploitable buffer overflow vulnerability iarce (Nov 04)
- Re: WFTPD v2.40 FTPServer remotely exploitable buffer overflow vulnerability Alberto Soliño (Nov 04)
- Palm Hotsync vulnerable to DoS attack Aviram Jenik (Nov 04)
- RealNetworks RealServer G2 buffer overflow - WORKAROUND (fwd) ah1 () SECURITYFOCUS COM (Nov 04)
- Microsoft Security Bulletin (MS99-047) Aleph One (Nov 04)
- Re-release of Microsoft Security Bulletin MS99-042 Aleph One (Nov 04)
[debian] New versions of lpr released Aleph One (Nov 02)
[squid] exploit for external authentication problem Oezguer Kesim (Nov 03)
Re: Fix for ssh-1.2.27 symlink/bind problem Wietse Venema (Nov 03)
More Alibaba Web Server problems... Kerb (Nov 03)
- <Possible follow-ups>
- Re: More Alibaba Web Server problems... Thomas Dullien (Nov 05)
Remote DoS Attack in BFTelnet Server v1.1 for Windows NT Ussr Labs (Nov 04)
Printer (spooler) Service Vulnerabilities eEye - Digital Security Team (Nov 04)
RealNetworks RealServer G2 buffer overflow. dark spyrit (Nov 04)
realown.c, unix port of realown.asm by dark spyrit Sebastian (Nov 04)
Eserv 2.50 Web interface Server Directory Traversal Vulnerability Ussr Labs (Nov 04)
- <Possible follow-ups>
- Re: Eserv 2.50 Web interface Server Directory Traversal Vulnerability Andrey Cherezov (Nov 08)
Re: hylafax-4.0.2 local exploit Thomas Biege (Nov 04)
ssh-1.2.27 fails to check size of RSA-key Markus Friedl (Nov 04)
FTGate Version 2.1 Web interface Server Directory Traversal Vulnerability Ussr Labs (Nov 05)
SCO Patches Alfred Huger (Nov 05)
SCO Security Bulletin 99.17 Michael Almond (Nov 05)
Call for papers, Malicious Information Technology Ken Williams (Nov 05)
Cisco NAT DoS (VD#1) Blue Boar (Nov 05)
- <Possible follow-ups>
- Re: Cisco NAT DoS (VD#1) Jim Duncan (Nov 28)
Antidote to RFPoison--followup to RFP9906 .rain.forest.puppy. (Nov 05)
Guestbook.pl, sloppy SSI handling in Apache? (VD#2) Blue Boar (Nov 05)
- Re: Guestbook.pl, sloppy SSI handling in Apache? (VD#2) Marc Slemko (Nov 06)
- Re: Guestbook.pl, sloppy SSI handling in Apache? (VD#2) Ben Laurie (Nov 06)
- Re: Guestbook.pl, sloppy SSI handling in Apache? (VD#2) Stephen White (Nov 06)
  - Re: Guestbook.pl, sloppy SSI handling in Apache? (VD#2) Steven Champeon (Nov 07)
  - Patch for VirusWall 3.23. dark spyrit (Nov 07)
- Netscape Web Publisher Tim Jones (Nov 06)
  - Re: Netscape Web Publisher Mnemonix (Nov 07)
  - Re: Netscape Web Publisher nblasgen () NICK REFRACT COM (Nov 07)
  - vwxploit.c unix port Sebastian (Nov 08)
- Windows NT Spooler Service. Avri Schneider (Nov 07)
- [w00giving '99 #2] IMAIL POP server Shok (Nov 07)
- Re: Guestbook.pl, sloppy SSI handling in Apache? (VD#2) Blue Boar (Nov 07)
- Re: Guestbook.pl, sloppy SSI handling in Apache? (VD#2) Jefferson Ogata (Nov 08)
- MS Outlook alert : Cuartango Active Setup Elias Levy (Nov 08)
  - BigIP - bigconf.cgi holes Guy Cohen (Jun 13)
  - Re: MS Outlook alert : Cuartango Active Setup David LeBlanc (Nov 08)
  - Re: MS Outlook alert : Cuartango Active Setup - Workaround Instructions Mark (Nov 08)
    - Insecure handling of NetSol maintainer passwords jlewis () LEWIS ORG (Nov 08)
    - flaw in dmesg under Solaris echo8 (Nov 09)
    - Re: Insecure handling of NetSol maintainer passwords Jefferson Ogata (Nov 09)
    - Re: Insecure handling of NetSol maintainer passwords pedward () WEBCOM COM (Nov 10)
    - Re: Insecure handling of NetSol maintainer passwords Trevor Schroeder (Nov 10)
    - networksolutions CRYPT-PW salt (was: Re: Insecure handling of NetSol maintainer passwords) Jefferson Ogata (Nov 10)
    - [Cobalt] Security Advisory - cgiwrap Jeff Bilicki (Nov 09)
    - Re: MS Outlook alert : Cuartango Active Setup - Workaround Instructions Andy Helsby (Nov 09)
  - Remote DoS Attack in TransSoft's Broker Ftp Server v3.5 Vulnerability Ussr Labs (Nov 08)
  - FreeBSD 3.3's seyon vulnerability Brock Tellier (Nov 08)
    - Re: FreeBSD 3.3's seyon vulnerability Bill Fumerola (Nov 09)
  - Re: MS Outlook alert : Cuartango Active Setup Bronek Kozicki (Nov 09)
- IE4/5 "file://" buffer overflow UNYUN (Nov 08)
  - Re: IE4/5 "file://" buffer overflow Mikael Olsson (Nov 09)
  - (no subject) Ejovi Nuwere (Nov 09)
  - Remote DoS Attack in QVT/Term 'Plus' 4.2d FTP Server Vulnerability Ussr Labs (Nov 09)
  - Multiples Remotes DoS Attacks in Artisoft XtraMail v1.11 Vulnerability Ussr Labs (Nov 10)
- <Possible follow-ups>
- Re: Guestbook.pl, sloppy SSI handling in Apache? (VD#2) Chuck Phillips (Nov 07)
Overflow in tcplog.c (VD#3) Blue Boar (Nov 05)
- Re: Overflow in tcplog.c (VD#3) CyberPsychotic (Nov 04)
- Interscan VirusWall NT 3.23/3.3 buffer overflow. dark spyrit (Nov 07)
Overflow in Alibaba Web Server 2.0 (VD#4) Blue Boar (Nov 06)
ICQ 2000 trojan/worm (VD#5) Blue Boar (Nov 06)
mistake in "Antidote for RFPoison" (fwd) .rain.forest.puppy. (Nov 06)
Re: Windows NT Spooler Service. Marc (Nov 07)
Re: Netscape Web Publisher Kitetoa (Nov 08)
Security flaw in Cobalt RaQ2 cgiwrap Chris Adams (Nov 08)
- Irfan view 3.07 buffer overflow UNYUN (Nov 08)
- Re: Security flaw in Cobalt RaQ2 cgiwrap Nathan Neulinger (Nov 08)
  - Re: Security flaw in Cobalt RaQ2 cgiwrap Chris Adams (Nov 09)
- undocumented bugs - nfsd Mariusz Marcinkiewicz (Nov 09)
  - Re: undocumented bugs - nfsd Olaf Kirch (Nov 10)
    - rpc.nfsd exploit code Mariusz Marcinkiewicz (Nov 10)
    - Re: rpc.nfsd exploit code Crispin Cowan (Nov 11)
    - WU-FTPD Mnemonix (Nov 11)
    - Re: WU-FTPD hayward () SLOTHMUD ORG (Nov 12)
    - Re: rpc.nfsd exploit code Mariusz Marcinkiewicz (Nov 12)
    - Re: rpc.nfsd exploit code Rogier Wolff (Nov 12)
    - BIND NXT Bug Vulnerability Elias Levy (Nov 10)
    - Re: BIND NXT Bug Vulnerability Richard Trott (Nov 10)
    - Re: BIND NXT Bug Vulnerability Mike Iglesias (Nov 10)
    - [RHSA-1999:053-01] new NFS server pacakges available (5.2, 4.2) Bill Nottingham (Nov 10)
    - Re: [linux-security] Re: undocumented bugs - nfsd Olaf Kirch (Nov 11)
    - SmartServer3 POP3 BindView Advisory (Nov 11)
    - THE 12th ANNUAL FIRST CONFERENCE on COMPUTER SECURITY michele sensalari (Nov 11)
    - OS/390 Interlink Stack DoS with nmap bugz () NAZGUL COM (Nov 11)
    - Re: OS/390 Interlink Stack DoS with nmap bugz () NAZGUL COM (Nov 17)
    - [Debian] New version of proftpd fixes remote exploits Aleph One (Nov 11)
Microsoft Security Bulletin MS99-047, Patch Available for "Malfor med Spooler Request" Vulnerability Microsoft Product Security Response Team (Nov 08)
Re: Interscan VirusWall NT 3.23/3.3 buffer overflow. Bob Li (Nov 08)
- <Possible follow-ups>
- Re: Interscan VirusWall NT 3.23/3.3 buffer overflow. Elias Levy (Nov 09)
Re: BigIP - bigconf.cgi holes Rob Gilde (Nov 09)
- Re: BigIP - bigconf.cgi holes Guy Cohen (Nov 10)
- <Possible follow-ups>
- Re: BigIP - bigconf.cgi holes Rob Gilde (Nov 10)
ImmuniX OS Security Alert: StackGuard 1.21 Released Crispin Cowan (Nov 09)
- Re: ImmuniX OS Security Alert: StackGuard 1.21 Released Gerardo Richarte (Nov 10)
- Re: ImmuniX OS Security Alert: StackGuard 1.21 Released Crispin Cowan (Nov 10)
- Re: ImmuniX OS Security Alert: StackGuard 1.21 Released Iván Arce (Nov 10)
- Vulnerability in ImmuniX OS Security Alert: StackGuard 1.21 Released Gerardo Richarte (Nov 11)
- Re: Vulnerability in ImmuniX OS Security Alert: StackGuard 1.21Released Crispin Cowan (Nov 13)
Re: [Re: FreeBSD 3.3's seyon vulnerability] Brock Tellier (Nov 09)
Re: FTGate vulnerability. (fwd) Alfred Huger (Nov 10)
(no subject) Anonymous (Nov 10)
- (no subject) David R. Conrad (Nov 11)
  - Re: CERT Advisory CA-99-14 Multiple Vulnerabilities in BIND Solar Designer (Nov 12)
  - Buffer overflow exploit in the alpha linux Taeho Oh (Nov 13)
    - Re: Buffer overflow exploit in the alpha linux Lamont Granquist (Nov 15)
- Re: your mail Brian Wellington (Nov 11)
  - Re: your mail Alan Brown (Nov 12)
  - [ Cobalt ] Security Advisory - Bind Jeff Bilicki (Nov 12)
  - Microsoft Security Bulletin (MS99-049) Aleph One (Nov 12)
- Re: your mail Alain Thivillon (Nov 11)
- [w00giving '99 #3, w00news] UnixWare 7's /var/sadm Matt Conover (Nov 11)
- Re: your mail Firstname Lastname (Nov 12)
F5 Networks Security Advisory (fwd) Gwendolynn ferch Elydyr (Nov 10)
- Re: F5 Networks Security Advisory (fwd) pedward () WEBCOM COM (Nov 10)
  - Re: F5 Networks Security Advisory (fwd) Mike Johnson (Nov 11)
    - Re: F5 Networks Security Advisory (fwd) pedward () WEBCOM COM (Nov 11)
    - FormHandler.cgi Mnemonix (Nov 11)
    - Re: FormHandler.cgi m4rcyS (Nov 16)
    - hping2 antirez () INVECE ORG (Nov 16)
  - Re: F5 Networks Security Advisory (fwd) Rogier Wolff (Nov 12)
ISSalert: ISS Security Advisory: Multiple Root Compromise Vulnerabilities in Oracle Application Server Aleph One (Nov 10)
Re: Insecure handling of NetSol maintainer passwords Sean Sosik-Hamor (Nov 11)
CERT Advisory CA-99.14 - Multiple Vulnerabilities in BIND Aleph One (Nov 11)
- Re: CERT Advisory CA-99.14 - Multiple Vulnerabilities in BIND David R. Conrad (Nov 11)
[Debian] New version of nfs-server fixes remote exploit Aleph One (Nov 11)
Re: networksolutions CRYPT-PW salt (was: Re: Insecure handling of NetSol maintainer passwords) der Mouse (Nov 11)
- Re: networksolutions CRYPT-PW salt (was: Re: Insecure handling of NetSol maintainer passwords) jlewis () LEWIS ORG (Nov 13)
[RHSA-1999:054-01] Security problems in bind Bill Nottingham (Nov 11)
- Re: [RHSA-1999:054-01] Security problems in bind John D. Hardin (Nov 11)
  - Re: [RHSA-1999:054-01] Security problems in bind Gregory A Lundberg (Nov 13)
- <Possible follow-ups>
- Re: [RHSA-1999:054-01] Security problems in bind John D. Hardin (Nov 12)
Microsoft Security Bulletin (MS99-048) Aleph One (Nov 11)
Re: CERT Advisory CA-99-14 Multiple Vulnerabilities in BIND Anonymous (Nov 12)
Update on Auto_FTP Ben (Nov 12)
Re: BIND bugs of the month D. J. Bernstein (Nov 12)
- Re: BIND bugs of the month (spoofing secure Web sites?) Peter W (Nov 13)
  - Re: BIND bugs of the month (spoofing secure Web sites?) Kurt Seifried (Nov 14)
- Re: BIND bugs of the month (spoofing secure Web sites?) D. J. Bernstein (Nov 13)
  - Re: BIND bugs of the month (spoofing secure Web sites?) D. J. Bernstein (Nov 14)
    - Re: BIND bugs of the month (spoofing secure Web sites?) Elias Levy (Nov 15)
- Re: BIND bugs of the month David R. Conrad (Nov 14)
- MacOS 9 and the MacOS Netware Client Matt White (Nov 14)
  - Re: MacOS 9 and the MacOS Netware Client deepquest () NETSCAPE NET (Nov 15)
  - Re: MacOS 9 and the MacOS Netware Client sherrera () BASS CUESTA CC CA US (Nov 15)
  - Re: MacOS 9 and the MacOS Netware Client deepquest () NETSCAPE NET (Nov 15)
thttpd 2.04 stack overflow (VD#6) Blue Boar (Nov 13)
ssh-1.2.27 remote buffer overflow - exploitable (VD#7) Blue Boar (Nov 13)
- Re: ssh-1.2.27 remote buffer overflow - exploitable (VD#7) Theo de Raadt (Nov 13)
  - Re: ssh-1.2.27 remote buffer overflow - exploitable (VD#7) Szilveszter Adam (Nov 14)
  - Re: ssh-1.2.27 remote buffer overflow - exploitable (VD#7) Brian Fundakowski Feldman (Nov 14)
- BIND 8.2.2-P5 release announcement Roger Fajman (Nov 13)
- <Possible follow-ups>
- Re: ssh-1.2.27 remote buffer overflow - exploitable (VD#7) Oystein Viggen (Nov 16)
  - Re: ssh-1.2.27 remote buffer overflow - exploitable (VD#7) Daniel Jacobowitz (Nov 16)
  - Re: ssh-1.2.27 remote buffer overflow - exploitable (VD#7) Jochen Bauer (Nov 16)
    - Re: ssh-1.2.27 remote buffer overflow - exploitable (VD#7) Nick Craig-Wood (Nov 18)
    - ProFTPd - mod_sqlpw.c Todd C. Campbell (Nov 19)
    - Pandora v4 Beta 2 Software Simple Nomad (Nov 19)
  - Remote D.o.S Attack in G6 FTP Server v2.0 (beta 4/5) Vulnerability Ussr Labs (Nov 16)
    - Re: Remote D.o.S Attack in G6 FTP Server v2.0 (beta 4/5) Vulnerability Seth R Arnold (Nov 17)
    - Re: Remote D.o.S Attack in G6 FTP Server v2.0 (beta 4/5) Vulnerability Marc (Nov 17)
    - SuSE Security Announcement - syslogd (a1) Thomas Biege (Nov 18)
    - local users can panic linux kernel (was: SuSE syslogd advisory) Mixter (Nov 18)
    - Re: local users can panic linux kernel (was: SuSE syslogd advisory) Alan Cox (Nov 19)
    - Re: local users can panic linux kernel (was: SuSE syslogd advisory) Savochkin Andrey Vladimirovich (Nov 20)
    - ANN: Bruce v1.0 Early Access 1 - Available for downloa Alec Muffett (Nov 22)
    - Re: local users can panic linux kernel (was: SuSE syslogd Alan Cox (Nov 22)
    - Re: local users can panic linux kernel (was: SuSE syslogd Savochkin Andrey Vladimirovich (Nov 23)
    - Re: local users can panic linux kernel (was: SuSE syslogd Darren Reed (Nov 23)
    - Re: local users can panic linux kernel (was: SuSE syslogd Savochkin Andrey Vladimirovich (Nov 24)
    - Remote DoS Attack in WorldClient Server v2.0.0.0 Vulnerability Ussr Labs (Nov 24)
    - Remote DoS Attack in BisonWare FTP Server V3.5 Vulnerability Ussr Labs (Nov 24)
    - Re: local users can panic linux kernel (was: SuSE syslogd Darren Reed (Nov 24)
    - [w00giving '99 #5 and w00news]: UnixWare 7's su Matt Conover (Nov 25)
    - Buffer Overflow Survey Paper Crispin Cowan (Nov 22)
    - Operational Issues: Applications & Appliances (was: Buffer Overflow Survey Paper) Crispin Cowan (Nov 23)
    - [ COBALT ] Security Advisory - Sendmail Jeff Bilicki (Nov 24)
    - Re: Operational Issues: Applications & Appliances (was: Buffer Overflow Survey Paper) Scott Zimmerman (Nov 24)
    - Re: Operational Issues: Applications & Appliances (was: Buffer Overflow Survey Paper) Simple Nomad (Nov 24)
    - Netscape communicator 4.x Javascript security flaw Ahmed Ghandour (Nov 24)
    - Re: Netscape communicator 4.x Javascript security flaw Metal Hurlant (Nov 26)
    - Re: Netscape communicator 4.x Javascript security flaw Ahmed Ghandour (Nov 26)
    - Windows NT 4.0 Service Pack 6A Breaks IP Forwarding Brendan Howes (Nov 25)
    - Oracle Web Listener Mnemonix (Nov 25)
    - [w00giving '99 #6]: UnixWare 7's Xsco Matt Conover (Nov 25)
    - Re: Operational Issues: Applications & Appliances (was: Buffer Overflow Survey Paper) Mark Seiden (Nov 24)
    - Netscape Communicator 4.7 - Navigator Overflows Mike Boto (Nov 24)
    - BindView Security Advisory: SSR Denial of Service BindView Security Advisory (Nov 24)
    - Re: BindView Security Advisory: SSR Denial of Service Alan Cox (Nov 24)
    - Oracle 8i questions Brock Tellier (Nov 23)
    - Printer Vulnerabilities (Tektronix and JetDirect) Elias Levy (Nov 23)
    - Re: local users can panic linux kernel (was: SuSE syslogd advisory) Darren Reed (Nov 20)
    - Re: local users can panic linux kernel (was: SuSE syslogd advisory) Cy Schubert - ITSD Open Systems Group (Nov 23)
    - Re: local users can panic linux kernel (was: SuSE syslogdadvisory) Jefferson Ogata (Nov 23)
    - Re: local users can panic linux kernel (was: SuSE syslogdadvisory) Shafik Yaghmour (Nov 23)
    - Re: local users can panic linux kernel (was: SuSE syslogdadvisory) Olaf Kirch (Nov 24)
    - Re: local users can panic linux kernel (was: SuSE syslogdadvisory) Goetz Babin-Ebell (Nov 24)
    - more about IP ID antirez () INVECE ORG (Nov 20)
    - FreeBSD sysinstall Jonas Eriksson (Nov 20)
    - Re: local users can panic linux kernel (was: SuSE syslogd advisory) Malcolm Beattie (Nov 22)
    - DNA-1999-001: NetTerm FTP Daemon vulnerabilities Jeremy Iverson (Nov 22)
    - Microsoft Security Bulletin (MS99-043) Aleph One (Nov 17)
    - Re: Microsoft Security Bulletin (MS99-043) John Madden (Nov 18)
Delegate 5.9.x - 6.0.x remote exploit (possibly others) Sebastian (Nov 13)
Oracle 8 root exploit Tellier, Brock (Nov 13)
- Re: Oracle 8 root exploit Adam and Christine Levin (Nov 15)
- Re: Oracle 8 root exploit Jared Still (Nov 16)
- <Possible follow-ups>
- Re: Oracle 8 root exploit Martin Mevald (Nov 15)
- Re: Oracle 8 root exploit Antonomasia (Nov 15)
- Re: Oracle 8 root exploit Elias Levy (Nov 16)
  - Re: Oracle 8 root exploit Adam and Christine Levin (Nov 16)
- Re: Oracle 8 root exploit Chris Calabrese (Nov 16)
  - Re: Oracle 8 root exploit Alan Olsen (Nov 19)
  - [RHSA-1999:055-01] Denial of service attack in syslogd Bill Nottingham (Nov 19)
  - [ COBALT ] Security Advisory - syslog Jeff Bilicki (Nov 20)
  - IE 5.0 XML HTTP redirect problems Georgi Guninski (Nov 22)
  - DoS with sysklogd, glibc (Caldera) Alfred Huger (Nov 22)
    - Re: DoS with sysklogd, glibc (Caldera) Balazs Scheidler (Nov 22)
- Re: Oracle 8 root exploit Steve D'Angona (Nov 18)
- Re: Oracle 8 root exploit Chris Calabrese (Nov 18)
yet another security threat in MS OE 5 deepquest () NETSCAPE NET (Nov 13)
Re: BIND bugs of the month (fwd) Chris Yarnell (Nov 13)
- Re: BIND bugs of the month (fwd) Alan Cox (Nov 14)
IE 5.0 and Windows Media Player ActiveX object allow checking the existence of local files and directories Georgi Guninski (Nov 14)
Re: BIND bugs of the month (spoofing secure Web sites?) Steven M. Bellovin (Nov 14)
NetCPlus SmartServer3 POP 3.51.1 EXPLOIT Ussr Labs (Nov 14)
Windows NT update carries bug Williams, Ken (Nov 15)
- Re: Windows NT update carries bug Alan J. Wylie (Nov 16)
  - Re: Windows NT update carries bug Fabian Kroenner (Nov 16)
  - [Fwd: Printer Vulnerability: Tektronix PhaserLink Webserver gives Administrator Password] Dennis W. Mattison (Nov 16)
    - Jet Vulnerability affect Office 95 users (fwd) ah1 () SECURITYFOCUS COM (Nov 17)
    - Re: [Fwd: Printer Vulnerability: Tektronix PhaserLink Webserver gives Administrator Password] Ronan Waide (Nov 17)
    - Re: Tektronix PhaserLink Webserver Reveals Admin Password Blake Frantz (Nov 17)
    - Remote DoS attack against Microsoft SQL Server 7.0 Kevork Belian (Nov 17)
    - Re: Tektronix PhaserLink Webserver Reveals Admin Password elfchief () LUPINE ORG (Nov 18)
    - Potential vulnerability in Oracle Mary Ann Davidson (Nov 18)
    - Re: [Fwd: Printer Vulnerability: Tektronix PhaserLink Webservergives Administrator Password] Dennis W. Mattison (Nov 18)
    - buffer overflow in HP JetDirect module (probably affects all HP printers with network support) Tobias Haustein (Nov 19)
    - Re: buffer overflow in HP JetDirect module (probably affects all HP printers with network support) Brian (Nov 19)
    - Re: buffer overflow in HP JetDirect module (probably affects all HP printers with network support) Pat Hayden (Nov 20)
    - Remote DoS Attack in Vermillion FTP Daemon (VFTPD) v1.23 Vulnerability Ussr Labs (Nov 22)
- <Possible follow-ups>
- Re: Windows NT update carries bug Peter Kane (Nov 16)
- Re: Windows NT update carries bug Tony Plastino (Nov 16)
SQL Server 7.0 Linked Server Password Vulnerability (fwd) ah1 () SECURITYFOCUS COM (Nov 15)
ssh 1.2.27 limits patch Ultor (Nov 16)
- <Possible follow-ups>
- Re: ssh 1.2.27 limits patch Ultor (Nov 16)
NEUROCOM: Nashuatec D445/435 vulnerabilities updated gregory duchemin (Nov 16)
rpc.ttdbserverd on solaris 7 Dan Stromberg (Nov 16)
- Re: rpc.ttdbserverd on solaris 7 Brent Paulson (Nov 18)
Re: RealNetworks RealServer G2 buffer overflow. (fwd) dark spyrit (Nov 16)
SuSE Security Announcement Thomas Biege (Nov 16)
default permissions for tin Brian (Nov 17)
NT SP 6 TCP protocol stack issue: Hotfix available Adam Szilveszter (Nov 17)
From the SCO website Alfred Huger (Nov 17)
[Debian] New version of bind released Aleph One (Nov 17)
Re: hard-coded windows exploits Thomas Dullien (Nov 17)
- <Possible follow-ups>
- Re: hard-coded windows exploits Gerardo Richarte (Nov 17)
- Re: hard-coded windows exploits Simple Nomad (Nov 17)
- Re: hard-coded windows exploits dark spyrit (Nov 17)
Re: hardcoded windows exploits Jeremy Kothe (Nov 17)
- <Possible follow-ups>
- Re: hardcoded windows exploits Jeremy Kothe (Nov 17)
Pine: expanding env vars in URLs (seems to be fixed as of 4.21) Jim Hebert (Nov 17)
- Re: Pine: expanding env vars in URLs (seems to be fixed as of 4.21) Pavel Kankovsky (Nov 22)
Removal of TCP Initial Sequence Number Patch Aleph One (Nov 17)
WordPad/riched20.dll buffer overflow Pauli Ojanpera (Nov 18)
- Re: WordPad/riched20.dll buffer overflow Bronek Kozicki (Nov 18)
- Re: WordPad/riched20.dll buffer overflow Gerardo Richarte (Nov 18)
  - Re: WordPad/riched20.dll buffer overflow Gerardo Richarte (Nov 24)
  - (no subject) Swen Persson (Nov 24)
  - Re: WordPad/riched20.dll buffer overflow Gerardo Richarte (Nov 24)
    - Re: WordPad/riched20.dll buffer overflow pedward () WEBCOM COM (Nov 26)
    - Re: WordPad/riched20.dll buffer overflow Christopher Rhodes (Nov 26)
    - Re: WordPad/riched20.dll buffer overflow Glynn Clements (Nov 27)
    - SCO su patches Alfred Huger (Nov 28)
    - Solaris7 dtmail/dtmailpr/mailtool Buffer Overflow UNYUN (Nov 29)
    - Page table protection on Intel Jason Spence (Nov 26)
    - SuSE Security Announcement - new security tools Marc Heuse (Nov 26)
    - 3Com cable modems / Mediaone Signal 11 (Nov 27)
    - Re: 3Com cable modems / Mediaone Joseph W. Breu (Nov 29)
    - NTmail and VRFY George (Nov 30)
    - Netscape Communicator 4.7 - Navigator Overflows Mike Boto (Nov 27)
    - Re: WordPad/riched20.dll buffer overflow Crispin Cowan (Nov 27)
    - Re: WordPad/riched20.dll buffer overflow Solar Designer (Nov 29)
    - Re: WordPad/riched20.dll buffer overflow Casper Dik (Nov 30)
    - Default IE 5.0 security settings allow frame spoofing Georgi Guninski (Nov 30)
    - Re: WordPad/riched20.dll buffer overflow Jason Spence (Nov 28)
    - TooRcon Computer Security Expo Announces Pre-Registration Ben (Nov 28)
- Re: WordPad/riched20.dll buffer overflow User SCOTT (Nov 18)
  - Re: WordPad/riched20.dll buffer overflow - Full Details Solar Eclipse (Nov 21)
- Re: WordPad/riched20.dll buffer overflow Mnemonix (Nov 19)
  - Re: WordPad/riched20.dll buffer overflow Solar Eclipse (Nov 22)
    - Re: WordPad/riched20.dll buffer overflow Ron Parker (Nov 23)
- <Possible follow-ups>
- Re: WordPad/riched20.dll buffer overflow Ussr Labs (Nov 19)
- Re: WordPad/riched20.dll buffer overflow Thomas Dullien (Nov 23)
  - Re: WordPad/riched20.dll buffer overflow Mnemonix (Nov 23)
- Re: WordPad/riched20.dll buffer overflow Ussr Labs (Nov 23)
Re: lynx 2.8.x - 'special URLs' anti-spoofing protection is weak Michal Zalewski (Nov 18)
Notifying Vendors Kerb (Nov 18)
- (no subject) Anonymous (Nov 19)
- Caldera Pine Advisory Alfred Huger (Nov 22)
  - Re: Caldera Pine Advisory CyberPsychotic (Nov 18)
  - NetBeans/ Forte' Java IDE HTTP vulnerability Halcyon Skinner (Nov 23)
Remote D.o.S Attack in ZetaMail 2.1 Mail POP3/SMTP Server Vulnerability Ussr Labs (Nov 19)
Re: rpc.ttdbserverd on solaris 7 In-reply-to: Your message of "Tue, 16 Nov 1999 14:34:41 PST." <3831DC01.BFE5B400 () nis acs uci edu> Elias Levy (Nov 19)
Multiples Remotes DoS Attacks in MDaemon Server v2.8.5.0 Vulnerability Ussr Labs (Nov 24)
Fw: CERT Summary CS-99.04 Sehmel, William C. (Nov 24)
Re: local users can panic linux kernel (was: SuSE syslogdadvisory) A. Steinmetz (Nov 24)
- Re: local users can panic linux kernel (was: SuSE syslogdadvisory) Paul Boyer (Nov 24)
- [w00giving '99 #7]: UnixWare 7's xlock Matt Conover (Nov 25)
- <Possible follow-ups>
- Re: local users can panic linux kernel (was: SuSE syslogdadvisory) der Mouse (Nov 24)
- Re: local users can panic linux kernel (was: SuSE syslogdadvisory) Alessandro Rubini (Nov 26)
Security Bulletins Digest Aleph One (Nov 24)
Re: Oracle Web Listener Posick, Steve (Nov 29)
FICS buffer overflow canul (Nov 29)
Re: Solaris7 dtmail/dtmailpr/mailtool Buffer Overflow Chris Calabrese (Nov 29)
Re: 3Com cable modems / Mediaone Mandachi, Dorin (CCI-Omaha) (Nov 29)
- <Possible follow-ups>
- 3Com cable modems / Mediaone Luis Henriques (Nov 30)
Ultimate Bulletin Board v5.3x? Bug Sean Malloy (Nov 29)
- <Possible follow-ups>
- Re: Ultimate Bulletin Board v5.3x? Bug William Daskaluk (Nov 30)
serious Qpopper 3.0 vulnerability Mixter (Nov 29)
MDaemon 2.7 J DoS Nobuo Miwa (Nov 29)
another hole of Solaris7 kcms_configure UNYUN (Nov 29)
Re: Microsoft Security Bulletin (MS99-051) (fwd) Jim Knoble (Nov 29)
Re: wu-ftpd bug Gregory A Lundberg (Nov 29)
SUBST problem Dave Tarbatt - ACS (Nov 30)
Sendmail 8.x.x - any user may rebuild aliases database Michal Zalewski (Dec 12)
- Re: Sendmail 8.x.x - any user may rebuild aliases database Gregory Neil Shapiro (Nov 22)

Previous period

Next period