Bugtraq: by date
RSS Feed
About List
All Lists
Previous period
387 messages
starting Oct 31 02 and
ending Nov 29 02
Date index |
Thread index |
Author index
Thursday, 31 October
Re: Gimp: Erased sections of images print in some cases Elio Grieco
Cisco Security Advisory: Cisco ONS15454 and Cisco ONS15327 Vulnerabilities Cisco Systems Product Security Incident Response Team
RE: IBM Infoprint Remote Management Simple DoS (update) Toni Lassila
Motorola Cable Modem DOS Ryan Sweat
Friday, 01 November
iDEFENSE Security Advisory 10.31.02b: Prometheus Application Framework Code Injection David Endler
iDEFENSE Security Advisory 10.31.02a: Denial of Service Vulnerability in Linksys BEFSR41 EtherFast Cable/DSL Router David Endler
iDEFENSE Security Advisory 10.31.02c: PHP-Nuke SQL Injection Vulnerability David Endler
[SECURITY] [DSA 186-1] New log2mail packages fix several vulnerabilities Martin Schulze
M$ VPN hole reported AK
Re: IP SmartSpoofing : How to bypass all IP filters relying on source IP address Ossian Vitek
Re: Gimp: Erased sections of images print in some cases Clark Mills
RE: Motorola Cable Modem DOS Jeroen Kessenich
Weak Password Encryption Scheme in Integrated Dialer Arjun Pednekar
Re: iDEFENSE Security Advisory 10.31.02a: Denial of Service Vulnerability in Linksys BEFSR41 EtherFast Cable/DSL Router Alex Harasic
Iomega NAS A300U security and inter-operability issues Keith R. Watson
Mindwall Project Tamer Sahin
Bug in EventSave Frank Heyne
Netscreen SSH1 CRC32 Compensation Denial of service Erik Parker
RE: Netscreen SSH1 CRC32 Compensation Denial of service John
iDEFENSE Security Advisory 11.01.02: Buffer Overflow Vulnerability in Abuse David Endler
RE: Bypassing website filter in SonicWall Brian J. Gaia
(Correction) Netscreen SSH1 CRC32 Compensation Denial of service Erik Parker
ion-p.exe allows Remote File Retrieving Zero-X www.lobnan.de Team
Re: ion-p.exe allows Remote File Retrieving Stuart Moore
Saturday, 02 November
Weak Password Encryption Scheme in MS SQL Server K. K. Mookhey
Monday, 04 November
[SECURITY] [DSA 187-1] New Apache packages fix several vulnerabilities Martin Schulze
iDEFENSE Security Advisory 11.04.02b: Denial of Service Vulnerability in Xeneo Web Server David Endler
iDEFENSE Security Advisory 11.04.02a: Pablo FTP Server DoS Vulnerability David Endler
Re: Allot Netenforcer problems, GNU TAR flaw Felix Radensky
Oracle iSQL*Plus buffer overflow vulnerability (#NISR04112002) NGSSoftware Insight Security Research
[Announce] AngeL v0.9.0 Paolo Perego
[A3SC] MS IIS out of process privilege elevation vulnerability(A3CR@K-Vul-2002-06-002) li0n
Accesspoints disclose wep keys, password and mac filter (fwd) Tom Knienieder
Re: Accesspoints disclose wep keys, password and mac filter (fwd) Frank Louwers
RE: Accesspoints disclose wep keys, password and mac filter (fwd) Melson, Paul
Re: Accesspoints disclose wep keys, password and mac filter (fwd) Cliff Albert
Tuesday, 05 November
Re: Motorola Cable Modem DOS Juraj Ziegler
SuSE Security Announcement: perl-MailTools (SuSE-SA:2002:041) Sebastian Krahmer
IRIX CDE ToolTalk rpc.ttdbserverd vulnerabilities SGI Security Coordinator
Re: Accesspoints disclose wep keys, password and mac filter (fwd) d k
ZoneEdit Account Hijack Vulnerability [secondmotion]-Matt Thompson
[SNS Advisory No.58] Microsoft IIS Local Cross-site Scripting Vulnerability snsadv () lac co jp
RE: [security bulletin] SSRT2265 HP TruCluster Server Interconnect Potential Security Vulnerability (fwd) Dave Ahmad
A technique to mitigate cookie-stealing XSS attacks Michael Howard
networking_utils.php Tacettin Karadeniz
SnortCenter 0.9.5 temp file naming problems... Clint Byrum
Re: A technique to mitigate cookie-stealing XSS attacks Florian Weimer
Bug in Monkey Webserver 0.5.0 or minors versions Daniel
When scrubbing secrets in memory doesn't work Michael Howard
Re: When scrubbing secrets in memory doesn't work Perry E. Metzger
Wednesday, 06 November
GLSA: MailTools Daniel Ahlberg
[Full-Disclosure] Re: Oracle Security Contact Steven M. Christey
[SECURITY] [DSA 189-1] New luxman packages fix local root exploit Martin Schulze
[CLA-2002:539] Conectiva Linux Security Announcement - ypserv secure
[CLA-2002:541] Conectiva Linux Security Announcement - mod_ssl secure
[CLA-2002:540] Conectiva Linux Security Announcement - heartbeat secure
[CLA-2002:537] Conectiva Linux Security Announcement - tetex secure
[CLA-2002:534] Conectiva Linux Security Announcement - krb5 secure
[CLA-2002:542] Conectiva Linux Security Announcement - gv/kghostview secure
[CLA-2002:538] Conectiva Linux Security Announcement - tar/unzip secure
Re: ZoneEdit Account Hijack Vulnerability securityfocus
iDEFENSE Security Advisory 11.06.02: Non-Explicit Path Vulnerability in LuxMan David Endler
Re: [Full-Disclosure] Re: Oracle Security Contact Chris Wysopal
QNX 6.1 TimeCreate weakness Pawel Pisarczyk
How to execute programs with parameters in IE - Sandblad advisory #10 Andreas Sandblad
[CLA-2002:544] Conectiva Linux Security Announcement - linuxconf secure
IRIX ToolTalk rpc.ttdbserverd vulnerabilities SGI Security Coordinator
[CLA-2002:535] Conectiva Linux Security Announcement - glibc secure
Thursday, 07 November
Linksys security contact David Endler
[SECURITY] [DSA-190-1] buffer overflow in Window Maker Wichert Akkerman
Remote pine Denial of Service Linus Sjöberg
RE: How to execute programs with parameters in IE - Sandblad advisory #10 Thor Larholm
Re: Accesspoints disclose wep keys, password and mac filter (fwd) informatik.koerfer
Re: Motorola Cable Modem DOS Peter Jeremy
Yahoo Messenger: Invisible User Detect cringe
Re: When scrubbing secrets in memory doesn't work Gianni Tedesco
[RHSA-2002:242-06] Updated kerberos packages available bugzilla
[SECURITY] [DSA 191-1] New squirrelmail packages fix cross site scripting bugs Martin Schulze
[RHSA-2002:197-09] Updated glibc packages fix vulnerabilities in resolver bugzilla
Help Please Mark Litchfield
Re: A technique to mitigate cookie-stealing XSS attacks Valdis . Kletnieks
Vulnerability in Cutecast Forum v1.2 Zero-X www.lobnan.de Team
Re: Accesspoints disclose wep keys, password and mac filter (fwd) informatik.koerfer
Re: When scrubbing secrets in memory doesn't work Andy Polyakov
Re: Accesspoints disclose wep keys, password and mac filter (fwd) Hakan Carlsson
Re: A technique to mitigate cookie-stealing XSS attacks Matthew Collins
RES: A technique to mitigate cookie-stealing XSS attacks AQBARROS
Friday, 08 November
Re: Yahoo Messenger: Invisible User Detect Chris Caydes
RE: Motorola Cable Modem DOS Fulton Preston
Re: When scrubbing secrets in memory doesn't work Valdis . Kletnieks
Re: A technique to mitigate cookie-stealing XSS attacks Nick Simicich
Re: A technique to mitigate cookie-stealing XSS attacks Florian Weimer
Re: How to execute programs with parameters in IE - Sandblad advisory #10 jelmer
Re: How to execute programs with parameters in IE - Sandblad advisory #10 Gert Fokkema
Lotus Domino HTTP Server security issue Frank Perreault
Re: A technique to mitigate cookie-stealing XSS attacks Steven M. Christey
Re: RES: A technique to mitigate cookie-stealing XSS attacks Florian Weimer
Re: A technique to mitigate cookie-stealing XSS attacks Peter Watkins
iDEFENSE Security Advisory 11.08.02a: File Disclosure Vulnerability in Simple Web Server David Endler
iDEFENSE Security Advisory 11.08.02b: Non-Explicit Path Vulnerability in QNX Neutrino RTOS David Endler
[Security Announce] Re: MDKSA-2002:076 - perl-MailTools update Vincent Danen
Re: Bypassing website filter in SonicWall Justin King
MDKSA-2002:076 - perl-MailTools update Mandrake Linux Security Team
MDKSA-2002:075 - nss_ldap update Mandrake Linux Security Team
Re: Accesspoints disclose wep keys, password and mac filter (fwd) Thomas Sarlandie
Re: A technique to mitigate cookie-stealing XSS attacks David Wagner
RE: A technique to mitigate cookie-stealing XSS attacks Michael Howard
LiteServe Directory Index Cross-Site Scripting Matthew Murphy
Re: Accesspoints disclose wep keys, password and mac filter (fwd) Casper Dik
Re: PHP-Nuke SQL Injection Vulnerability Predrag Damnjanovic
Re: Accesspoints disclose wep keys, password and mac filter (fwd) Alex Harasic
Re: [VulnWatch] Netscreen SSH1 CRC32 Compensation Denial of service quentyn
Saturday, 09 November
Re: Help Please Patrick Oonk
[SECURITY] [DSA 188-1] New Apache-SSL packages fix several vulnerabilities Martin Schulze
When scrubbing secrets in memory doesn't work Michael Howard
Re: Accesspoints disclose wep keys, password and mac filter (fwd) Tollef Fog Heen
Re: Accesspoints disclose wep keys, password and mac filter (fwd) tenty
NetBSD Security Advisory 2002-024: IPFilter FTP proxy NetBSD Security Officer
Oracle iSQL*Plus buffer Overflow.. deadbeat
RE: A technique to mitigate cookie-stealing XSS attacks NESTING, DAVID M (SBCSI)
Re: Motorola Cable Modem DOS Peter Arnts
Potential Denial of Service Vulnerability in IRIX RPC-based libc SGI Security Coordinator
Re: When scrubbing secrets in memory doesn't work Michael Zimmermann
Cisco PIX SSH/telnet dDOS vulnerability CSCdy51810 Nils Reichen
Finding Vendor Security Contacts Ed Ravin
Zeus Admin Server v4.1r2 index.fcgi XSS bug euronymous
XSS in Postnuke Rogue release (0.72) Muhammad Faisal Rauf Danka
Re: A technique to mitigate cookie-stealing XSS attacks Justin King
Technical information about unpatched MS Java vulnerabilities Jouko Pynnonen
Securing OWA on public computers. Alex T.
Re: How to execute programs with parameters in IE - Sandblad advisory #10 hysterix1
[SECURITY] [DSA 192-1] New html2ps packages fix arbitrary code execution Martin Schulze
Sunday, 10 November
[Full-Disclosure] [ESA-20021029-028] syslog-ng: buffer overflow in macro handling code (UPDATED) EnGarde Secure Linux
Monday, 11 November
GLSA: kgpg Daniel Ahlberg
Layer 2 Analysis of WLAN Discovery Applications for Intrusion Detection Joshua Wright
Re: How to execute programs with parameters in IE - Sandblad advisory #10 Andreas Sandblad
Multiple Vuln. in Hotfoon.com's Hotfoon4.exe dialer S G Masood
benchmark tool for HTTP pages. Tacettin Karadeniz
Buffer Overflow in iSMTP Gateway K. K. Mookhey
Re: Cisco PIX SSH/telnet dDOS vulnerability CSCdy51810 Sharad Ahlawat
NOVL-2002-2963651 - iManager (eMFrame) Buffer Overflow Ed Reed
RE: A technique to mitigate cookie-stealing XSS attacks Michael Howard
RE: Motorola Cable Modem DOS Dan Taylor Jr.
[SECURITY] [DSA 191-2] New squirrelmail packages fix problem in options page Martin Schulze
Timing the Application of Security Patches for Optimal Uptime Crispin Cowan
iDEFENSE Security Advisory 11.11.02: Buffer Overflow in KDE resLISa David Endler
Re: SuSE Security Announcement: perl-MailTools (SuSE-SA:2002:041) Sebastian Krahmer
[SECURITY] [DSA 193-1] New klisa packages fix buffer overflow Martin Schulze
[RHSA-2002:213-06] New PHP packages fix vulnerability in mail function bugzilla
Re: A technique to mitigate cookie-stealing XSS attacks Jeremiah Grossman
Multiple vulnerabilities in Tiny HTTPd dong-h0un U
xoops Quizz Module IMG bug magistrat
Security Update: [CSSA-2002-044.0] Linux: Preboot eXecution Environment (PXE) server denial-of-service attacks security
Re: A technique to mitigate cookie-stealing XSS attacks Ulf Harnhammar
Tuesday, 12 November
RE: How to execute programs with parameters in IE - Sandblad advisory #10 Russ
[Full-Disclosure] Security Update: [CSSA-2002-043.0] Linux: chfn (util-linux) temp file race vulnerability security
[Full-Disclosure] Security Update: [CSSA-2002-039.0] Linux: bzip2 file creation and symbolic link vulnerabilities security
[Full-Disclosure] Security Update: [CSSA-2002-041.0] Linux: pam_ldap format string vulnerability security
[SecurityOffice] Hyperion Ftp Server v2.8.1 Directory Traversal Vulnerability Tamer Sahin
KDE Security Advisory: resLISa / LISa Vulnerabilities Andreas Pour
WebChat for XOOPS RC3 SQL INJECTION vALDEUx
GLSA: apache Daniel Ahlberg
Remote Buffer Overflow vulnerability in Light HTTPd dong-h0un U
NOVL-2002-2963767 - Remote Manager Security Issue - eDir 8.6.2 Ed Reed
RE: A technique to mitigate cookie-stealing XSS attacks jasonk
KDE Security Advisory: rlogin.protocol and telnet.protocol URL KIO Vulnerability Andreas Pour
[SECURITY] [DSA 194-1] New masqmail packages fix buffer overflows Martin Schulze
SuSE Security Announcement: KDE lanbrowser vulnerability (SuSE-SA:2002:042) Olaf Kirch
RE: A technique to mitigate cookie-stealing XSS attacks Jason Coombs
RE: When scrubbing secrets in memory doesn't work Michael Wojcik
NOVL-2002-2963827 - Remote Manager Security Issue - NW5.1 Ed Reed
ISS Security Advisory: Multiple Remote Vulnerabilities in BIND4 and BIND8 (fwd) Dave Ahmad
EEYE: Macromedia ColdFusion/JRun Remote SYSTEM Buffer Overflow Vulnerabilities Marc Maiffret
Fresh hole in W3Mail (fwd) Tim Brown
[Fwd: Notice of serious vulnerabilities in ISC BIND 4 & 8] Aaron Howell
APBoard - post threads to protected forums and possibility to hijack forum-password ProXy
[SecurityOffice] INweb Mail Server v2.01 Denial of Service Vulnerability Tamer Sahin
Security Update: [CSSA-2002-042.0] Linux: libpng progressive image loading vulnerabilities and other buffer overflows security
Exploit code for IP Smart Spoofing Laurent Licour
Wednesday, 13 November
SuSE Security Announcement: SuSE-SA:2002:043 (traceroute-nanog/nkitb) Thomas Biege
IRIX lpd daemon vulnerabilities via sendmail and dns SGI Security Coordinator
i386 Linux kernel DoS Christophe Devine
FreeBSD Security Advisory FreeBSD-SA-02:40.kadmind FreeBSD Security Advisories
[SECURITY] [DSA 195-1] New Apache-Perl packages fix several vulnerabilities Martin Schulze
RE: Motorola Cable Modem DOS Chris Wilson
RE: A technique to mitigate cookie-stealing XSS attacks Steven M. Christey
Gnujsp and Domino R5.0.10 YM Barusseau
Eudora 5.2 attachment spoof Paul Szabo
KeyFocus KF Web Server File Disclosure Vulnerability mattmurphy () kc rr com
Thursday, 14 November
Re: Linksys security contact Jim Knoble
Bind 8 bug experience Michael Brennen
The Unix Auditor's Practical Handbook K. K. Mookhey
Apache Security Vulnerabilities on IRIX SGI Security Coordinator
Re: A technique to mitigate cookie-stealing XSS attacks Seth Arnold
FreeBSD Security Advisory FreeBSD-SA-02:42.resolv FreeBSD Security Advisories
Re: When scrubbing secrets in memory doesn't work Jan Echternach
Friday, 15 November
IceWarp 3.4.5 XSS *AGAIN* DarC KonQuesT
Well known flaw in web cart software remains wide open whitehat2004
[ESA-20021114-029] BIND buffer overflow, DoS attacks. EnGarde Secure Linux
arp spoofing defence Ilya Teterin
RE: A technique to mitigate cookie-stealing XSS attacks Ulf Harnhammar
Default SNMP community in Surecom Broadband Router Andrei Mikhailovsky
Re: Bind 8 bug experience Olaf Kirch
Re: Bind 8 bug experience Glen Bishop
GLSA: kdelibs Daniel Ahlberg
FreeBSD Security Advisory FreeBSD-SA-02:43.bind FreeBSD Security Advisories
Remote Buffer Overflow vulnerability in Lib HTTPd. dong-h0un U
RE: A technique to mitigate cookie-stealing XSS attacks Eric Stevens
RE: Opera 7 vulnerabilities Thor Larholm
Re: Bind 8 bug experience Chris Adams
IISPop remote DOS securma massine
Perception LiteServe HTTP CGI Disclosure Vulnerability mattmurphy () kc rr com
Code Injection in phpBB Advanced Quick Reply Mod Hai Nam Luke
RE: Exploit code for IP Smart Spoofing Stephen Gill
RE: i386 Linux kernel DoS Leif Sawyer
Re: i386 Linux kernel DoS Christophe Devine
Security Update: [CSSA-2002-045.0] Linux: python insecure temporary files in os._execvpe security
Latest libpcap & tcpdump sources from tcpdump.org contain a trojan Mincu Alexandru
Opera 7 vulnerabilities GreyMagic Software
Security Update: [CSSA-2002-SCO.42] UnixWare 7.1.1 Open UNIX 8.0.0 : in.talkd format string vulnerabilities security
Saturday, 16 November
RE: Exploit code for IP Smart Spoofing Stephen Gill
RE: ISS Security Advisory: Multiple Remote Vulnerabilities in BIND4 andBIND8 (fwd) Russ
Office XP document numbers can be linked to individual machines Woody Leonhard
JSP processor 1.1 information disclosure Andy
Re: Bind 8 bug experience Matthew Dixon Cowles
ZDnet forum: IE formatting local drive Alan Rouse
[CLA-2002:545] Conectiva Linux Security Announcement - php4 secure
Re: Bind 8 bug experience Jeremy C. Reed
SuSE Security Announcement: Multiple vulnerabilities in BIND8 (SuSE-SA:2002:044) Olaf Kirch
MS02-064 fix time David Litchfield
Netscape/Mozilla: Exploitable heap corruption via jar: URI handler. zen-parse
RE: ZDnet forum: IE formatting local drive Thor Larholm
Better security through shame Michael Bacarella
[CLA-2002:547] Conectiva Linux Security Announcement - syslog-ng secure
GLSA: kdenetwork Daniel Ahlberg
Sunday, 17 November
[CLA-2002:546] Conectiva Linux Security Announcement - bind secure
Re: i386 Linux kernel DoS Jirka Kosina
Re: MS02-064 fix time Steven M. Christey
RE: When scrubbing secrets in memory doesn't work Michael Wojcik
Unofficial statement re: tcpdump and libpcap Alan DeKok
Re: ZDnet forum: IE formatting local drive Gossi The Dog
Security holes... Who cares? Eric Rescorla
[OpenPKG-SA-2002.011] OpenPKG Security Advisory (bind, bind8) OpenPKG
[SECURITY] [DSA-196-1] New BIND packages fix several vulnerabilities Daniel Jacobowitz
FreeBSD Security Advisory FreeBSD-SA-02:43.bind [REVISED] FreeBSD Security Advisories
Security Update: [CSSA-2002-046.0] Linux: buffer overflows and other security issues in squid security
FreeBSD Security Advisory FreeBSD-SA-02:41.smrsh [REVISED] FreeBSD Security Advisories
Remote Buffer Overflow vulnerability in Zeroo HTTP Server. dong-h0un U
Security Update: [CSSA-2002-047.0] Linux: KDE SSL and XSS vulnerabilities security
Monday, 18 November
[RHSA-2002:262-07] New kernel fixes local denial of service issue bugzilla
NBActiveX Sure ActiveX Big Vulnerability Webmaster, Lorenzo Hernandez Garcia-Hierro
[SECURITY] [DSA 197-1] New sqwebmail packages fix local information exposure Martin Schulze
Re: Bind 8 bug experience Paul Theodoropoulos
bind 8 info update regarding ISS mark_sala
patch for named buffer overflow now available (fwd) Jonas Eriksson
Re: When scrubbing secrets in memory doesn't work Nicholas Weaver
[tcpdump-announce] initial comments on trojan attack (fwd) Jonas Eriksson
MailEnable POP3 Server remote shutdown !:/ -newest ~ (and previous) bufferoverflow- Ketil Braun Larsen
TFTPD32 Buffer Overflow Vulnerability (Long filename) Aviram Jenik
Re: When scrubbing secrets in memory doesn't work Florian Weimer
[CLA-2002:549] Conectiva Linux Security Announcement - dhcpcd secure
Tuesday, 19 November
PlanetWeb Web Server Buffer Overflow in processing GET requests PlanetDNS Support
[SECURITY] [DSA 198-1] New nullmailer packages fix local denial of service Martin Schulze
Re: LOM: Multiple vulnerabilities in Macromedia Flash ActiveX Troy Evans
GNU GCC: Optimizer Removes Code Necessary for Security Joseph Wagner
TSLSA-2002-0077 - kernel Trustix Secure Linux Advisor
LOM: Multiple vulnerabilities in Macromedia Flash ActiveX 3APA3A
Re: When scrubbing secrets in memory doesn't work Peter Watkins
[SECURITY] [DSA 199-1] New mhonarc packages fix cross site scripting Martin Schulze
Update to LOM's advisory 3APA3A
Re: GNU GCC: Optimizer Removes Code Necessary for Security Florian Weimer
RE: Exploit code for IP Smart Spoofing shannong
Re: (MSIE) when parent gives his son bad things ;) --"dialogArguments " again Dave Ahmad
Multiple incorrect permissions in QNX. One Semicolon
(MSIE) when parent gives his son bad things ;) --"dialogArguments " again Liu Die Yu
iPlanet WebServer, remote root compromise labs@NGSEC
Wednesday, 20 November
Linksys router vulnerability Seth Bromberger
TFTPD32 Directory Traversal Vulnerability Aviram Jenik
Re: When scrubbing secrets in memory doesn't work Richard Moore
RE: AIM 5.1.3036 buffer overflow josh
XSS bug in phpBB Arab VieruZ
Thursday, 21 November
Update: iDEFENSE Security Advisory 11.19.02b: Eudora Script Execution Vulnerability David Endler
Friday, 22 November
Updated ypserv packages fix memory leak Mandrake Linux Security Team
Security Update: [CSSA-2002-048.0] Linux: wwwoffled remote access vulnerability security
Security Update: [CSSA-2002-049.0] Linux: lynx CRLF injection vulnerability security
[Full-Disclosure] Security Update: [CSSA-2002-052.0] Linux: sendmail smrsh bypass vulnerabilities security
MDKSA-2002:079 - Updated kdelibs packages fix remote command execution vulnerabilites Mandrake Linux Security Team
Saturday, 23 November
Clipboard in QNX Photon One Semicolon
Zeroo Folder Traversal Vulnerability mattmurphy () kc rr com
Re: [Full-Disclosure] Security Update: [CSSA-2002-050.0] Linux: tcpdump denial-of-service in print-bgp.c Silvio Cesare
iDEFENSE Security Advisory 11.19.02c: Netscape Predictable Directory Structure Allows Theft of Preferences File David Endler
MDKSA-2002:080 - Updated kdenetwork packages fix remote command execution vulnerabilites Mandrake Linux Security Team
[OpenBSD] [syslogd] false src-IP when logging to remote syslogd Torsten Valentin
SuSE Security Announcement: samba (SuSE-SA:2002:045) Roman Drahtmueller
GLSA: php Daniel Ahlberg
GLSA: samba Daniel Ahlberg
XSS bug in vBulletin Arab VieruZ
Open WebMail 1.71 "background" magic info FreeBSDbr Bugtraq DataBase
Opera 6.03/Linux crashes on HTTPS over Squid Proxy on a site Peter Bieringer
GLSA: courier Daniel Ahlberg
Sun Security Bulletin #00220 Matt Selsky
ClearCase DoS vulnerabilty marek . rouchal
[RHSA-2002:266-05] New samba packages available to fix potential security vulnerability bugzilla
[CLA-2002:550] Conectiva Linux Security Announcement - samba secure
Mulitple Buffer Overflow conditions in RealPlayer/RealOne (#NISR22112002) NGSSoftware Insight Security Research
[ESA-20021122-030] local kernel vulnerabilities EnGarde Secure Linux
[ESA-20021122-031] php upgrade, security fixes EnGarde Secure Linux
GLSA: gtetrinet Daniel Ahlberg
Cisco Security Advisory: Cisco PIX Multiple Vulnerabilities Cisco Systems Product Security Incident Response Team
RE: (MSIE) -"dialogArguments" (extended) GreyMagic Software
Sunday, 24 November
Allied Telesyn switches & routers vulnerability Oleg A. Lebedev
UPDATE: Linksys router vulnerability (add'l models affected) Seth Bromberger
iDEFENSE Security Advisory 11.19.02a: Denial of Service Vulnerability in Linksys Cable/DSL Routers David Endler
Monday, 25 November
CERT Advisory CA-2002-32 Backdoor in Alcatel OmniSwitch AOS (fwd) Dave Ahmad
Remote Heap malloc/free & multiple Overflow vulnerability in WSMP3. dong-h0un U
Re: Alert: Microsoft Security Bulletin - MS02-066 Lise
iDEFENSE Security Advisory 11.19.02b: Eudora Script Execution Vulnerability David Endler
[LSD] Java and JVM security vulnerabilities Last Stage of Delirium
acFreeProxy Cross-Site Scripting Vulnerability/Possible DoS Matthew Murphy
acFTP Authentication Issue Matthew Murphy
Multiple phpNuke Modules Vulnerable to Cross-Site Scripting Matthew Murphy
ISS Security Brief: Solaris fs.auto Remote Compromise Vulnerability (fwd) Dave Ahmad
Web Server Creator - Web Portal 0.1 (PHP) Frog Man
Predictable TCP Initial Sequence Numbers NetScreen Security Response Team
Tuesday, 26 November
LibHTTPD Vulnerability and fix David J. Hughes
RE: MS02-066 - fixes, gaps and incorrect statements GreyMagic Software
Immobilier 1 (PHP) Frog Man
BadBlue XSS/Information Disclosure Vulnerabilities Matthew Murphy
'Malicious-URL' Feature may be Circumvented Using IP Fragmentation NetScreen Security Response Team
CAIS-ALERT: Vulnerability in the sending requests control of BIND Vagner Sacramento
[RHSA-2002:264-05] New kernel 2.2 packages fix local denial of service issue bugzilla
Potential H.323 Denial of Service NetScreen Security Response Team
Netscape Problems. zen-parse
Oracle TNS SEH Exploit benjurry
Wednesday, 27 November
Linksys not fixed Will
Netscape 4 Java buffer overflow Jouko Pynnonen
Re: Netscape Problems. Dave Aitel
XSS vulnerability in Bugzilla if upgraded from 2.10 or earlier David Miller
AIM Bug Dave B.
SuSE Security Announcement: pine (SuSE-SA:2002:046) Thomas Biege
Netscreen Malicious URL feature can be bypassed by fragmenting the request zel
[Sec-Tec Advisory] Local scripting vulnerability in phpBB Pete Foster
vBulletin XSS Injection Vulnerability Sp . IC
TSLSA-2002-0080 - samba Trustix Secure Linux Advisor
SFAD02-002: Calisto Internet Talker Remote DOS subversive
File reading vulnerable in PHP and MySQL (Local Exploit) Hai Nam Luke
[Security bulletin] SSRT2266 HP Tru64 UNIX IGMP Potential (DoS) Security Vulnerability (fwd) Dave Ahmad
Remote POST Buffer Overflow vulnerability in Pserv. dong-h0un U
FreeNews & News Evolution (PHP) Frog Man
Remote Frame Pointer Overwrite vulnerability in LIB CGI in Language C. dong-h0un U
MDKSA-2002:082 - Updated python packages fix local arbitrary code execution vulnerability Mandrake Linux Security Team
MDKSA-2002:081 - Updated samba packages fix potential root compromise Mandrake Linux Security Team
Re: ISS Security Brief: Solaris fs.auto Remote Compromise Vulnerability (fwd) Florian Weimer
Cracking OpenVMS passwords with John the Ripper Jean-loup Gailly
[security bulletin] SSRT2385 OSIS V5.4 LDAP Module for System Authentication Potential Security Vulnerability (fwd) Dave Ahmad
[security bulletin] SSRT2301 - HP Tru64 UNIX uudecode Potential Security Vulnerability (fwd) Dave Ahmad
ASI Sybase Security Alert: Buffer overflow in DBCC CHECKVERIFY Aaron C. Newman (Application Security, Inc.)
Re: Solaris priocntl exploit Casper Dik
ASI Sybase Security Alert: Buffer overflow in DROP DATABASE Aaron C. Newman (Application Security, Inc.)
RE: CAIS-ALERT: Vulnerability in the sending requests control of BIND Iván Arce
[ESA-20021127-032] 'pine' version upgrade, security fixes. EnGarde Secure Linux
Cross-site Scripting Vulnerability in ImageFolio Image Gallery Software Stuart Moore
Re: CAIS-ALERT: Vulnerability in the sending requests control of BIND D. J. Bernstein
Solaris priocntl exploit 蔺毅��
ASI Sybase Security Alert: Buffer overflow in xp_freedll Aaron C. Newman (Application Security, Inc.)
Thursday, 28 November
Remote Multiple Buffer Overflow(s) vulnerability in Libcgi-tuxbr. dong-h0un U
pWins Perl Web Server Directory Transversal Vulnerability Matthew Wagenknecht
Re: d_path() truncating excessive long path name vulnerability Paul Szabo
Re: File reading vulnerable in PHP and MySQL (Local Exploit) Dave Wilson
Kerberos login sniffer and cracker for Windows 2000/XP Arne Vidstrom
On vulnerabilities in open and closed source products Steven M. Christey
RE: CAIS-ALERT: Vulnerability in the sending requests control of BIND Iván Arce
RE: Cracking OpenVMS passwords with John the Ripper moose
Re: Netscape Problems. zen-parse
TracerouteNG - never ending story Paul Starzetz
Re: Solaris priocntl exploit Casper Dik
MDKSA-2002:083 - Updated sendmail packages fix smrsh insecurities Mandrake Linux Security Team
Re: d_path() truncating excessive long path name vulnerability Solar Designer
Security Patch for PortailPHP 0.99 vALDEUx
Friday, 29 November
RE: CAIS-ALERT: Vulnerability in the sending requests control of BIND Vagner Sacramento
User downgraded from Administrator to User retains the ability to list other user's running tasks Eitan Caspi
Exploit for traceroute-nanog overflow Carl Livitt
re: Solaris priocntl exploit Jeff Damens
Moby NetSuite POST Denial of Service Vulnerability Matthew Murphy
[OpenPKG-SA-2002.012] OpenPKG Security Advisory (samba) OpenPKG
bogofilter contrib/bogopass temp file vulnerability Matthias Andree
[ElectronicSouls] - BOOZT CGI Exploit es