Bugtraq: by thread
393 messages
starting Mar 31 04 and
ending Apr 30 04
Date index |
Thread index |
Author index
- RE: cdp buffer overflow vulnerability Dave Paris (Mar 31)
- Re: IPv4 fragmentation --> The Rose Attack Crist J. Clark (Mar 31)
- Re: IPv4 fragmentation --> The Rose Attack stanislav shalunov (Apr 01)
- <Possible follow-ups>
- Re: IPv4 fragmentation --> The Rose Attack Chris Brenton (Apr 01)
- Re: IPv4 fragmentation --> The Rose Attack Paul Starzetz (Apr 08)
- OpenLinux: vim arbitrary commands execution through modelines please_reply_to_security (Mar 31)
- UnixWare 7.1.3 Open UNIX 8.0.0 UnixWare 7.1.1 : perl unsafe Safe compartment please_reply_to_security (Mar 31)
- [CLA-2004:836] Conectiva Security Announcement - libxml2 Conectiva Updates (Mar 31)
- Re: NetSky.q Virus. Looking for more detailed information on how the DOS will be performed. Paul (Mar 31)
- Pikachu -Turn on WEP ! Himanshu Singh (Apr 01)
- Re: Pikachu -Turn on WEP ! christophe barbe (Apr 01)
- Releasing full source code of WinBlox Liu Die Yu (Apr 01)
- Index viewing in imgSvr 0.4 Donato Ferrante (Apr 01)
- [SECURITY] [DSA 470-1] New Linux 2.4.17 packages fix several local root exploits (hppa) Martin Schulze (Apr 01)
- Re: Google using Expired Cert and SSLv2 Ivaylo Kostadinov (Apr 01)
- [OpenPKG-SA-2004.008] OpenPKG Security Advisory (squid) OpenPKG (Apr 01)
- Netsky.R, auto execute w/ IE6 ? BugtraQ (Apr 02)
- <Possible follow-ups>
- RE: Netsky.R, auto execute w/ IE6 ? BugtraQ (Apr 06)
- Re: Netsky.R, auto execute w/ IE6 ? vbsubmit (Apr 06)
- Enterprise Application Security Dave Aitel (Apr 02)
- [SECURITY] [DSA 471-1] New interchange packages fix information leak Martin Schulze (Apr 02)
- IRIX ftpd ftp_syslog issue with anonymous FTP SGI Security Coordinator (Apr 03)
- Remote Exploit for Aborior's Encore Web Forum XNUXER RESEARCH (Apr 03)
- eMule v0.42d Buffer Overflow Kostya Kortchinsky (Apr 03)
- IRIX Update Some Network Drivers May Leak Data SGI Security Coordinator (Apr 03)
- Re: Bugfinder Being Indicted As Criminal ("Counterfeiter") in France K-OTiK Security (Apr 03)
- <Possible follow-ups>
- Re: Bugfinder Being Indicted As Criminal ("Counterfeiter") in France Chris Wysopal (Apr 03)
- Re: Bugfinder Being Indicted As Criminal ("Counterfeiter") in France K-OTiK Security (Apr 05)
- Re: Bugfinder Being Indicted As Criminal ("Counterfeiter") in France K-OTiK Security (Apr 05)
- [securityzone () macromedia com: New Macromedia Security Zone Bulletin Posted] David Ahmad (Apr 03)
- <Possible follow-ups>
- [securityzone () macromedia com: New Macromedia Security Zone Bulletin Posted] David Ahmad (Apr 16)
- [SECURITY] [DSA 472-1] New fte packages fix buffer overflows Matt Zimmerman (Apr 05)
- [SECURITY] [DSA 474-1] New squid packages fix ACL bypass Matt Zimmerman (Apr 05)
- [SECURITY] [DSA 460-2] New sysstat packages fix insecure temporary file creation Matt Zimmerman (Apr 05)
- [SECURITY] [DSA 473-1] New oftpd packages fix denial of service Matt Zimmerman (Apr 05)
- [SECURITY] [DSA 475-1] New Linux 2.4.18 packages fix several local root exploits (hppa) Martin Schulze (Apr 05)
- [OpenPKG-SA-2004.009] OpenPKG Security Advisory (mc) OpenPKG (Apr 05)
- NGSSoftware Insight Security Research Advisory Peter Winter-Smith (Apr 05)
- Fw: new IE vurn Philip Barnham (Apr 05)
- Re: new IE vurn Gavin Hanover (Apr 05)
- Multiple XSS vulnerabilities in Microsoft SharePoint Portal Server 2001 Ory Segal (Apr 05)
- SuSEs YaST Online Update - possible symlink attack Rene (Apr 05)
- Re: SuSEs YaST Online Update - possible symlink attack Roman Drahtmueller (Apr 07)
- Macromedia Dreamweaver Remote Database Scripts (#NISR05042004B) NGSSoftware Insight Security Research (Apr 05)
- [Full-Disclosure] iDEFENSE Security Advisory 04.05.04: Perl win32_stat Function Buffer Overflow Vulnerability idlabs-advisories (Apr 05)
- Texutil symlink vulnerability. Shaun Colley (Apr 05)
- Automated wireless client penetration tool "hotspotter" released. Max Moser (Apr 05)
- Advisory: Multiple Vulnerabilities in Monit mattmurphy () kc rr com (Apr 05)
- IBM Director 3.1 Windows Agent Remote DoS Juanma Merino (Apr 05)
- <Possible follow-ups>
- Re: IBM Director 3.1 Windows Agent Remote DoS Vess Nedevski (Apr 06)
- Format string bug in IGI 2: Covert Strike 1.3 Luigi Auriemma (Apr 05)
- Paper: Comparing binaries with graph isomorphisms Todd Sabin (Apr 06)
- MDKSA-2004:026 - Updated mplayer packages fix remotely exploitable vulnerability Mandrake Linux Security Team (Apr 06)
- [SECURITY] [DSA 476-1] New heimdal packages fix cross-realm vulnerability Matt Zimmerman (Apr 06)
- LNSA-#2004-0008: Multiple security problems in Monit Vincenzo Ciaglia (Apr 06)
- [ GLSA 200404-01 ] Insecure sandbox temporary lockfile vulnerabilities in Portage Tim Yamin (Apr 06)
- Support Contact Info Mark Litchfield (Apr 06)
- [SECURITY] [DSA 477-1] New xine-ui packages fix insecure temporary file creation Martin Schulze (Apr 06)
- [product-security () apple com: APPLE-SA-2004-04-05 Security Update 2004-04-05]] David Ahmad (Apr 06)
- [ GLSA 200404-02 ] KDE Personal Information Management Suite Remote Buffer Overflow Vulnerability Aida Escriva-Sammer (Apr 06)
- blaxxun3D(blaxxun Platform) 7 - Remote Buffer Overflow Rafel Ivgi, The-Insider (Apr 06)
- Foundstone Labs Advisory: Citrix MetaFrame Password Manager 2.0 Foundstone Labs (Apr 06)
- GNU Sharutils buffer overflow vulnerability. Shaun Colley (Apr 06)
- Re: GNU Sharutils buffer overflow vulnerability. Didier Arenzana (Apr 07)
- Re: GNU Sharutils buffer overflow vulnerability. Carlos Eduardo Pinheiro (Apr 07)
- Re: GNU Sharutils buffer overflow vulnerability. Dan Yefimov (Apr 10)
- Re: GNU Sharutils buffer overflow vulnerability. Didier Arenzana (Apr 07)
- [ GLSA 200404-03 ] Tcpdump Vulnerabilities in ISAKMP Parsing Joshua J. Berry (Apr 06)
- Papers: The Invisible Catalog Pete Herzog (Apr 06)
- Panda ActiveScan 5.0 - Remote Buffer Overflow and A Crash(D.O.S) Rafel Ivgi, The-Insider (Apr 06)
- [ GLSA 200404-05 ] ipsec-tools contains an X.509 certificates vulnerability Kurt Lieber (Apr 07)
- [SECURITY] [DSA 478-1] New tcpdump packages fix denial of service Matt Zimmerman (Apr 07)
- Re: eSignal v7 remote buffer overflow Scott Johnson (Apr 07)
- Kerio Personal Firewall 4 and IE 6 "Bug" E.Kellinis (Apr 07)
- <Possible follow-ups>
- RE: Kerio Personal Firewall 4 and IE 6 "Bug" Noah Dunker (Apr 07)
- Re: Kerio Personal Firewall 4 and IE 6 "Bug" E.Kellinis (Apr 07)
- RE: Kerio Personal Firewall 4 and IE 6 "Bug" Noah Dunker (Apr 07)
- Release of Cisco Attack tool Asleap Joshua Wright (Apr 07)
- REAL One Player R3T File Format Stack Overflow NGSSoftware Insight Security Research (Apr 07)
- Cisco Security Advisory: A default Username and Password in WLSE and HSE devices Cisco Systems Product Security Incident Response Team (Apr 07)
- CAN-2004-0155: The KAME IKE Daemon Racoon does not verify RSA Signatures during Phase 1, allows man-in-the-middle attacks and unauthorized connections Ralf Spenneberg (Apr 07)
- [ GLSA 200404-06 ] Util-linux login may leak sensitive data Kurt Lieber (Apr 07)
- Re: [waraxe-2004-SA#013 - Critical sql injection bug in PhpBB 2.0.8 and in older versions] T.J. Ferraro (Apr 07)
- Mcafee FreeScan - Remote Buffer Overflow and Private Information Disclosure Rafel Ivgi, The-Insider (Apr 07)
- Re: IPv4 fragmentation --> The Rose Attack Ventsislav Genchev (Apr 07)
- Re: IPv4 fragmentation --> The Rose Attack Darren Reed (Apr 08)
- Re: IPv4 fragmentation --> The Rose Attack gandalf (Apr 09)
- Re: IPv4 fragmentation --> The Rose Attack Darren Reed (Apr 09)
- Re: IPv4 fragmentation --> The Rose Attack gandalf (Apr 12)
- Re: IPv4 fragmentation --> The Rose Attack Darren Reed (Apr 10)
- Re: IPv4 fragmentation --> The Rose Attack gandalf (Apr 12)
- Re: IPv4 fragmentation --> The Rose Attack gandalf (Apr 09)
- RE: IPv4 fragmentation --> The Rose Attack Taylan Develioglu (Apr 12)
- Re: IPv4 fragmentation --> The Rose Attack Darren Reed (Apr 08)
- [ GLSA 200404-07 ] ClamAV RAR Archive Remote Denial Of Service Vulnerability Kurt Lieber (Apr 07)
- Symantec Virus Detection(Free ActiveX) - Remote Buffer Overflow Rafel Ivgi, The-Insider (Apr 07)
- Solaris vfs_getvfssw() local kernel exploit Sam (Apr 07)
- [OpenPKG-SA-2004.010] OpenPKG Security Advisory (tcpdump) OpenPKG (Apr 07)
- Metasploit Framework 2.0 Released! H D Moore (Apr 07)
- Internet Explorer 6 - Crash E.Kellinis (Apr 07)
- [ GLSA 200404-04 ] Multiple vulnerabilities in sysstat Kurt Lieber (Apr 07)
- [OpenPKG-SA-2004.011] OpenPKG Security Advisory (sharutils) OpenPKG (Apr 07)
- Kerio Personal Firewall 4.0.13 - Remote DoS (Crash) E.Kellinis (Apr 07)
- Re: GNU Sharutils buffer overflow vulnerability Shaun Colley (Apr 07)
- McAfee Freescan ActiveX Information Disclosure [Additional Details & PoC] S G Masood (Apr 07)
- Re: Symantec Virus Detection(Free ActiveX) - Remote Buffer Overflow, Apr 7 2004 2:22AM Sym Security (Apr 08)
- [waraxe-2004-SA#015 - Multiple vulnerabilities in NukeCalendar v1.1.a] Janek Vind (Apr 08)
- [ GLSA 200404-08 ] GNU Automake symbolic link vulnerability Kurt Lieber (Apr 08)
- Phrack #62 Call for Papers Richard Miller (Apr 08)
- Cisco Security Advisory: Cisco IPSec VPN Services Module Malformed IKE Packet Vulnerability Cisco Systems Product Security Incident Response Team (Apr 08)
- SGI Advanced Linux Environment security update #17 SGI Security Coordinator (Apr 08)
- [waraxe-2004-SA#014 - Cross-Site Scripting aka XSS in AzDGDatingLite] Janek Vind (Apr 08)
- Heap Overflow in Oracle 9iAS / 10g Application Server Web Cache Ioannis Migadakis (Apr 08)
- New Worm/Virus April 8th Polazzo Justin (Apr 08)
- <Possible follow-ups>
- RE: New Worm/Virus April 8th securityguy (Apr 08)
- LNSA-#2004-0009: GNU Automake symbolic link vulnerability Vincenzo Ciaglia (Apr 08)
- <Possible follow-ups>
- LNSA-#2004-0009: GNU Automake symbolic link vulnerability Vincenzo Ciaglia (Apr 08)
- [OpenPKG-SA-2004.012] OpenPKG Security Advisory (fetchmail) OpenPKG (Apr 08)
- LNSA-#2004-0010: login may leak sensitive data Vincenzo Ciaglia (Apr 08)
- RE: [AppSec-research] New Worm/Virus April 8th Polazzo Justin (Apr 08)
- Microsoft IE iframe src DoS already reported to Microsoft 'ken'@FTU (Apr 08)
- Re: Microsoft IE iframe src DoS already reported to Microsoft Valdis . Kletnieks (Apr 08)
- PSR - #2004-001 Remote - LCDProc Priv8 Security Research (Apr 08)
- PSR - #2004-002 Remote - LCDProc Priv8 Security Research (Apr 08)
- Full-Disclosure is now ILLEGAL in France ! (Vulnerabilties, Technical details, Exploits ...) K-OTiK Security (Apr 09)
- Re: Full-Disclosure is now ILLEGAL in France ! (Vulnerabilties, Technical details, Exploits ...) Chris Johnson (Apr 09)
- Re: Full-Disclosure is now ILLEGAL in France ! (Vulnerabilties, Technical details, Exploits ...) Geoffrey (Apr 09)
- Re: Full-Disclosure is now ILLEGAL in France ! (Vulnerabilties, Technical details, Exploits ...) Chris Johnson (Apr 09)
- Re: Full-Disclosure is now ILLEGAL in France ! (Vulnerabilties, Technical details, Exploits ...) Romain Francoise (Apr 09)
- Re: Full-Disclosure is now ILLEGAL in France ! (Vulnerabilties, Technical details, Exploits ...) Geoffrey (Apr 09)
- RE: Full-Disclosure is now ILLEGAL in France ! (Vulnerabilties, Technical details, Exploits ...) Richard M. Smith (Apr 09)
- <Possible follow-ups>
- Re: Full-Disclosure is now ILLEGAL in France ! (Vulnerabilties, Technical details, Exploits ...) Chris Wysopal (Apr 09)
- RE: Full-Disclosure is now ILLEGAL in France ! (Vulnerabilties, Technical details, Exploits ...) Amer Karim (Apr 10)
- Re: Full-Disclosure is now ILLEGAL in France ! (Vulnerabilties, Technical details, Exploits ...) Chris Johnson (Apr 09)
- MDKSA-2004:027 - Updated ipsec-tools packages fix vulnerability in racoon Mandrake Linux Security Team (Apr 09)
- monit 4.1 POC gsicht gsicht (Apr 09)
- [ GLSA 200404-12 ] Scorched 3D server chat box format string vulnerability Kurt Lieber (Apr 09)
- DoS in Crackalaka 1.0.8 Donato Ferrante (Apr 09)
- Browser bugs [DoS] ... where will you draw a line? Bipin Gautam (Apr 09)
- <Possible follow-ups>
- RE: Browser bugs [DoS] ... where will you draw a line? Drew Copley (Apr 09)
- DoS in Rsniff 1.0 Luigi Auriemma (Apr 09)
- <Possible follow-ups>
- Re: DoS in Rsniff 1.0 Luigi Auriemma (Apr 09)
- [ GLSA 200404-09 ] Cross-realm trust vulnerability in Heimdal Kurt Lieber (Apr 09)
- [ GLSA 200404-11 ] Multiple Vulnerabilities in pwlib Aida Escriva-Sammer (Apr 09)
- ANNOUNCE: SecLegal mailing list Thor Larholm (Apr 09)
- Backdoor in X-Micro WLAN 11b Broadband Router RISKO Gergely (Apr 10)
- <Possible follow-ups>
- Re: Backdoor in X-Micro WLAN 11b Broadband Router Mariano Firpo (Apr 16)
- NEW backdoor in X-Micro WLAN 11b Broadband Router RISKO Gergely (Apr 17)
- Monit <= 4.2 Remote Root Exploit Eye on Security India (Apr 12)
- Possible DoS on Linux kernel 2.4 and 2.6 using sigqueue overflow. Nikita V. Youshchenko (Apr 12)
- Citadel/UX 6.20 fixes local permissions vulnerability IO ERROR (Apr 12)
- UPDATE: Cisco Security Notice: Dictionary Attack on Cisco LEAP Vulnerability Cisco Systems Product Security Incident Response Team (Apr 12)
- Gnome nautilus bug gsicht gsicht (Apr 12)
- Multiple Vulnerabilities In Tiki CMS/Groupware [ TikiWiki ] JeiAr (Apr 12)
- IE 6 Print Without Prompt Ben Garvey (Apr 12)
- [waraxe-2004-SA#017 - User-level authentication bypass in phpnuke 6.x-7.2] Janek Vind (Apr 12)
- eMule <= 0.42d Remote Exploit kcope (Apr 12)
- BID 7482, bug in OpenSSH (Still in FreeBSD-STABLE) Felipe Neuwald (Apr 12)
- Re: BID 7482, bug in OpenSSH (Still in FreeBSD-STABLE) Damien Miller (Apr 14)
- Adobe Acrobat Reader PDF file DoS vulnerability Arman Nayyeri (Apr 12)
- [waraxe-2004-SA#018 - Admin-level authentication bypass in phpnuke 6.x-7.2] Janek Vind (Apr 12)
- [CLA-2004:838] Conectiva Security Announcement - squid Conectiva Updates (Apr 12)
- Microsoft Outlook Express EML file Crash vulnerability Arman Nayyeri (Apr 12)
- <Possible follow-ups>
- RE: Microsoft Outlook Express EML file Crash vulnerability Kamran Muzaffer (Apr 14)
- [CLA-2004:837] Conectiva Security Announcement - mod_python Conectiva Updates (Apr 12)
- [waraxe-2004-SA#016 - Cross-Site Scripting aka XSS in phpnuke 6.x-7.2 part 3] Janek Vind (Apr 12)
- new strange worm Alex Gen (Apr 12)
- Microsoft Internet Explorer BMP file memory DoS vulnerability Arman Nayyeri (Apr 12)
- UPDATE: LCDproc Buffer Overflow and Format String Vulnerabilities Rene Wagner (Apr 14)
- EEYE: Windows Local Security Authority Service Remote Buffer Overflow Marc Maiffret (Apr 14)
- EEYE: Windows Expand-Down Data Segment Local Privilege Escalation Marc Maiffret (Apr 14)
- [Full-Disclosure] iDEFENSE Security Advisory 04.13.04 - Microsoft Help and Support Center Argument Injection Vulnerability idlabs-advisories (Apr 14)
- [SECURITY] [DSA 483-1] New mysql packages fix insecure temporary file creation Martin Schulze (Apr 14)
- SUSE Security Announcement: cvs (SuSE-SA:2004:008) Sebastian Krahmer (Apr 14)
- 4 new Microsoft patches to close 20 vulnerabilities Thor Larholm (Apr 14)
- [SECURITY] [DSA 482-1] New Linux 2.4.17 packages fix local root exploit (source+powerpc/apus+s390) Martin Schulze (Apr 14)
- [RHSA-2004:154-01] Updated CVS packages fix security issue bugzilla (Apr 14)
- [SECURITY] [DSA 480-1] New Linux 2.4.17 and 2.4.18 packages fix local root exploit (hppa) Martin Schulze (Apr 14)
- [SECURITY] [DSA 479-2] New Linux 2.4.18 packages fix local root exploit (i386) Martin Schulze (Apr 15)
- [RHSA-2004:159-01] Updated Subversion packages fix security vulnerability in neon bugzilla (Apr 15)
- Cisco Security Notice: Cisco IPsec VPN Implementation Group Password Usage Vulnerability Cisco Systems Product Security Incident Response Team (Apr 15)
- Include vulnerability in GEMITEL v 3.50 jaguar (Apr 15)
- ZA Security Hole Damjan Kreft (Apr 15)
- Re: ZA Security Hole Pablo G. Sabbatella (Apr 16)
- Re: ZA Security Hole Samps (Apr 16)
- Re: ZA Security Hole Patrick Brauch (Apr 21)
- Re: ZA Security Hole Hugo van der Kooij (Apr 16)
- Re: ZA Security Hole David Wilson (Apr 20)
- FW: [Unpatched] 4 new Microsoft patches, 4 old updated, 24 vulnerabilities Thor Larholm (Apr 15)
- [OpenPKG-SA-2004.014] OpenPKG Security Advisory (mysql) OpenPKG (Apr 15)
- Re: XSS, Admin Access via Cookie and File Upload vulnerability in NewsPHP. Manuel Lopez (Apr 15)
- FreeBSD Security Advisory FreeBSD-SA-04:07.cvs FreeBSD Security Advisories (Apr 15)
- SCT javascript execution vulnerability spiffomatic 64 (Apr 15)
- [Full-Disclosure] iDEFENSE Security Advisory 04.15.04: RealNetworks Helix Universal Server Denial of Service Vulnerability idlabs-advisories (Apr 15)
- TSLSA-2004-0020 - kernel Trustix Security Advisor (Apr 16)
- [OpenPKG-SA-2004.015] OpenPKG Security Advisory (ethereal) OpenPKG (Apr 16)
- "Delete anti-virus and firewall software" --Microsoft Kim Scarborough (Apr 16)
- <Possible follow-ups>
- RE: "Delete anti-virus and firewall software" --Microsoft Thor Larholm (Apr 20)
- After Ms patches last Wed ... aborg (Apr 16)
- Re: After Ms patches last Wed ... phaser-X (Apr 16)
- Re: After Ms patches last Wed ... Andy Shaw (Apr 17)
- Re: After Ms patches last Wed ... Dan Harkless (Apr 17)
- RE: After Ms patches last Wed ... Alun Jones (Apr 17)
- RE: After Ms patches last Wed ... phaser-X (Apr 19)
- Re: After Ms patches last Wed ... Scott Gifford (Apr 17)
- Re: After Ms patches last Wed ... Jerry Winegarden (Apr 19)
- Re: After Ms patches last Wed ... plasmahh (Apr 19)
- Re: After Ms patches last Wed ... Alex Cruz (Apr 19)
- Re: After Ms patches last Wed ... T.H. Haymore (Apr 19)
- <Possible follow-ups>
- RE: After Ms patches last Wed ... Brito, Nelson (ISS Brazil) (Apr 19)
- RE: After Ms patches last Wed ... David Hayden (Apr 19)
- Re: After Ms patches last Wed ... geoff . froh (Apr 20)
- Re: After Ms patches last Wed ... Greg Kujawa (Apr 20)
- RE: After Ms patches last Wed ... David Hayden (Apr 30)
- Re: After Ms patches last Wed ... phaser-X (Apr 16)
- [OpenPKG-SA-2004.016] OpenPKG Security Advisory (neon) OpenPKG (Apr 16)
- void.at - neon format string bugs Thomas Wana (Apr 16)
- Norton AntiVirus nested file manual scan bypass..... Bipin Gautam (Apr 17)
- <Possible follow-ups>
- Re: Norton AntiVirus nested file manual scan bypass..... Bipin Gautam (Apr 19)
- [SECURITY] [DSA 486-1] New cvs packages fix multiple vulnerabilities Matt Zimmerman (Apr 17)
- Internet Explorer XSS published unpatched in SP1 AND SP2 Rafel Ivgi, The-Insider (Apr 17)
- Network Intelligence Advisory - Denial of Service Vulnerability in ColdFusion MX K. K. Mookhey (Apr 17)
- [SECURITY] [DSA 489-1] New Linux 2.4.17 packages fix local root exploit (mips+mipsel) Martin Schulze (Apr 17)
- [SCSA-028] Nuked-Klan Multiple Vulnerabilities advisory (Apr 17)
- [SECURITY] [DSA 431-2] New perl packages fix information leak in suidperl Matt Zimmerman (Apr 17)
- Squirrelmail Chpasswod bof Matias Neiff (Apr 17)
- Re: Squirrelmail Chpasswod bof Jonathan Angliss (Apr 19)
- Re: Squirrelmail Chpasswod bof martin f krafft (Apr 19)
- <Possible follow-ups>
- Re: Squirrelmail Chpasswod bof Peter Geissler (Apr 19)
- Re: Squirrelmail Chpasswod bof rip (Apr 19)
- Re: Squirrelmail Chpasswod bof p dont think (Apr 27)
- MS04-011 SSL Remote DoS PoC David Barroso Berrueta (Apr 17)
- [SECURITY] [DSA 490-1] New Zope packages fix arbitrary code execution Martin Schulze (Apr 17)
- [SECURITY] [DSA 487-1] New neon packages fix format string vulnerabilities Matt Zimmerman (Apr 17)
- [BUG-CORRECTION] IISShield "Server" header costumization Tiago Halm (Apr 17)
- [SECURITY] [DSA 491-1] New Linux 2.4.19 packages fix local root exploit (mips) Martin Schulze (Apr 17)
- [SECURITY] [DSA 488-1] New logcheck packages fix insecure temporary directory Matt Zimmerman (Apr 17)
- [slackware-security] tcpdump denial of service (SSA:2004-108-01) Slackware Security Team (Apr 19)
- [SECURITY] [DSA 492-1] New iproute packages fix denial of service Matt Zimmerman (Apr 19)
- after ms patches... kincses zoli (Apr 19)
- DoS in NETFile FTP/Web Server Donato Ferrante (Apr 19)
- RE: MS04-011 Break SSL support in IE 6.0.3790.0 with Windows 2003 Thor Larholm (Apr 19)
- [ GLSA 200404-14 ] Multiple format string vulnerabilities in cadaver Kurt Lieber (Apr 19)
- [ GLSA 200404-16 ] Multiple new security vulnerabilities in monit Kurt Lieber (Apr 19)
- [ GLSA 200404-15 ] XChat 2.0.x SOCKS5 Vulnerability Kurt Lieber (Apr 19)
- New Paper - SQL Injection Signatures Evasion Imperva Application Defense Center (Apr 19)
- <Possible follow-ups>
- Re: New Paper - SQL Injection Signatures Evasion K. K. Mookhey (Apr 26)
- RE: New Paper - SQL Injection Signatures Evasion Imperva Application Defense Center (Apr 26)
- ssmtp insecure file creation priestmaster (Apr 19)
- MS Patches last Wed - SOLUTION aborg (Apr 19)
- LNSA-#2004-0012: Multiple format string vulnerabilities in neon Vincenzo Ciaglia (Apr 19)
- [waraxe-2004-SA#019 - Critical sql injection bug in Phorum 3.4.7] Janek Vind (Apr 19)
- phpBB 2.0.8a and lower - IP spoofing vulnerability Ready Response (Apr 19)
- Re: phpBB 2.0.8a and lower - IP spoofing vulnerability Shaun Colley (Apr 19)
- Re: phpBB 2.0.8a and lower - IP spoofing vulnerability 3APA3A (Apr 20)
- Re: phpBB 2.0.8a and lower - IP spoofing vulnerability Xin LI (Apr 21)
- Re: phpBB 2.0.8a and lower - IP spoofing vulnerability BlueRaven (Apr 28)
- Re: phpBB 2.0.8a and lower - IP spoofing vulnerability Xin LI (Apr 29)
- Re: phpBB 2.0.8a and lower - IP spoofing vulnerability Xin LI (Apr 21)
- LNSA-#2004-0011: CVS Server and Client Vulnerabilities Vincenzo Ciaglia (Apr 19)
- MS Patches last Mon - Recap aborg (Apr 19)
- Idea of CAW (Creation of Attack Wood) kincses zoli (Apr 19)
- Re: Idea of CAW (Creation of Attack Wood) Magosányi Árpád (Apr 20)
- Re: Idea of CAW (Creation of Attack Wood) Jan Minar (Apr 21)
- Re: Idea of CAW (Creation of Attack Wood) Magosányi Árpád (Apr 20)
- MDKSA-2004:031 - Updated utempter packages fix several vulnerabilities Mandrake Linux Security Team (Apr 19)
- BitDefender Scan Online(ActiveX) - Remote File Download & Execute & Private Information Disclosure Rafel Ivgi, The-Insider (Apr 19)
- phpBB modified by Przemo arbitary code execution Dariusz 'Officerrr' Kolasinski (Apr 19)
- <Possible follow-ups>
- phpBB modified by Przemo arbitary code execution Dariusz 'Officerrr' Kolasinski (Apr 20)
- Microsoft Help and Support Center argument injection vulnerability Jouko Pynnonen (Apr 19)
- Zaep AntiSpam Cross Site Scripting Aviram Jenik (Apr 19)
- Solaris 9 patch 113579-03 introduces a NIS security bug Chris Thompson (Apr 19)
- [slackware-security] utempter security update (SSA:2004-110-01) Slackware Security Team (Apr 19)
- Eudora 6.1 is evil Paul Szabo (Apr 19)
- KPhone STUN DoS (Malformed STUN Packets) Aviram Jenik (Apr 19)
- [slackware-security] cvs security update (SSA:2004-108-02) Slackware Security Team (Apr 20)
- Exchange pop3 remote exploit securma massine (Apr 20)
- NcFTP - password leaking Konstantin Gavrilenko (Apr 20)
- Re: NcFTP - password leaking Frank v Waveren (Apr 20)
- Re: NcFTP - password leaking Alex Behar (Apr 20)
- MDKSA-2004:033 - Updated xine-ui packages fix temporary file insecurities Mandrake Linux Security Team (Apr 20)
- MDKSA-2004:032 - Updated libneon packages fix temporary file insecurities Mandrake Linux Security Team (Apr 20)
- MDKSA-2004:034 - Updated MySQL packages fix temporary file insecurities Mandrake Linux Security Team (Apr 20)
- MDKSA-2004:035 - Updated samba packages fix privilege escalation vulnerability Mandrake Linux Security Team (Apr 20)
- NISCC Vulnerability Advisory 236929: Vulnerability Issues in TCP David Ahmad (Apr 20)
- Format String in Cherokee CoKi (Apr 20)
- [cliph () isec pl: Linux kernel setsockopt MCAST_MSFILTER integer overflow] David Ahmad (Apr 20)
- Cisco Security Advisory: TCP Vulnerabilities in Multiple Non-IOS-Based Cisco Products Cisco Systems Product Security Incident Response Team (Apr 20)
- WinSCP Denial of Service Luca Ercoli (Apr 20)
- Cisco Security Advisory: Vulnerabilities in SNMP Message Processing Cisco Systems Product Security Incident Response Team (Apr 20)
- Cisco Security Advisory: TCP Vulnerabilities in Multiple IOS Based Cisco Products Cisco Systems Product Security Incident Response Team (Apr 20)
- Linux kernel setsockopt MCAST_MSFILTER integer overflow Wojciech Purczynski (Apr 21)
- IETF Draft on Transmission Control Protocol security considerations Thor Larholm (Apr 21)
- [PNSA 2004-2] PostNuke Security Advisory PNSA 2004-2 Valerio Santinelli (Apr 21)
- [RHSA-2004:166-01] Updated kernel packages resolve security vulnerabilities bugzilla (Apr 21)
- [SECURITY] [DSA 493-1] New xchat packages fix arbitrary code execution Martin Schulze (Apr 21)
- Advanced Guestbook 2.2 -- SQL Injection Exploit JQ (Apr 21)
- [waraxe-2004-SA#022 - Multiple vulnerabilities in PostNuke 0.726 Phoenix - part 2] Janek Vind (Apr 21)
- [waraxe-2004-SA#021 - Multiple vulnerabilities in phprofession 2.5 module for PostNuke] Janek Vind (Apr 21)
- NetBSD Security Advisory 2004-006: TCP protocol and implementation vulnerability NetBSD Security-Officer (Apr 21)
- EEYE: Yahoo! Mail Account Filter Overflow Hijack Drew Copley (Apr 21)
- NetBSD Security Advisory 2004-005: Denial of service vulnerabilities in OpenSSL NetBSD Security-Officer (Apr 21)
- Vulnerabilities in long-lived TCP connections on SGI systems SGI Security Coordinator (Apr 21)
- MDKSA-2004:031-1 - Updated utempter packages fix several vulnerabilities Mandrake Linux Security Team (Apr 22)
- SGI Advanced Linux Environment security update #18 SGI Security Coordinator (Apr 22)
- [slackware-security] xine security update (SSA:2004-111-01) Slackware Security Team (Apr 22)
- Arbitrary file overwriting in Unreal engine through UMOD Luigi Auriemma (Apr 22)
- TCP Reset Attacks: Paper and Code Now Availble sullo (Apr 23)
- Netegrity SiteMinder Affiliate Agent Cookie Overflow advisories (Apr 23)
- <Possible follow-ups>
- Netegrity SiteMinder Affiliate Agent Cookie Overflow advisories (Apr 24)
- Potential Microsoft PCT worm (MS04-011) advisories (Apr 23)
- EEYE: Symantec Multiple Firewall TCP Options Denial of Service Derek Soeder (Apr 23)
- RE: [Full-Disclosure] EEYE: Symantec Multiple Firewall TCP Options Denial of Service Sym Security (Apr 23)
- [waraxe-2004-SA#025 - Multiple vulnerabilities in Protector System 1.15b1 for PhpNuke] Janek Vind (Apr 23)
- [waraxe-2004-SA#024 - XSS and full path disclosure in Network Query Tool 1.6] Janek Vind (Apr 23)
- [ GLSA 200404-17 ] ipsec-tools and iputils contain a remote DoS vulnerability Kurt Lieber (Apr 24)
- Apache - all versions vulnerability in OLD procesors. Adam Zabrocki (Apr 24)
- Re: Apache - all versions vulnerability in OLD procesors. Chris Adams (Apr 26)
- Re: Apache - all versions vulnerability in OLD procesors. Chris Adams (Apr 26)
- Re: Apache - all versions vulnerability in OLD procesors. Peter J. Holzer (Apr 26)
- <Possible follow-ups>
- Re: Apache - all versions vulnerability in OLD procesors. Adam Zabrocki (Apr 27)
- Re: Apache - all versions vulnerability in OLD procesors. Peter Pentchev (Apr 28)
- RE: US-CERT Technical Cyber Security Alert TA04-111A -- Vulnerabilities in TCP soby (Apr 26)
- Microsoft's Explorer and Internet Explorer long share name buffer overflow. Rodrigo Gutierrez (Apr 26)
- <Possible follow-ups>
- RE: Microsoft's Explorer and Internet Explorer long share name buffer overflow. Rodrigo Gutierrez (Apr 26)
- Microsoft's Explorer and Internet Explorer long share name buffer overflow. Rodrigo Gutierrez (Apr 26)
- [HOTFIX] setsockopt kernel vulnerability nolife (Apr 26)
- Samsung SmartEther SS6215S Switch Kyle Duren (Apr 26)
- Spammers can hide behind 'Email a friend/article' scripts. cyber_flash (Apr 26)
- Re: Spammers can hide behind 'Email a friend/article' scripts. matthias (Apr 27)
- Re: Spammers can hide behind 'Email a friend/article' scripts. 3APA3A (Apr 27)
- Horde webmail: mysql access sig (Apr 26)
- <Possible follow-ups>
- Re: Horde webmail: mysql access Christopher T. Beers (Apr 28)
- Multiple Vulnerabilities In OpenBB JeiAr (Apr 26)
- [SECURITY] [DSA 495-1] New Linux 2.4.16 packages fix local root exploit (arm) Martin Schulze (Apr 26)
- Perl code exploting TCP not checking RST ACK. K sPecial (Apr 26)
- <Possible follow-ups>
- Re: Perl code exploting TCP not checking RST ACK. Michael Gschwandtner (Apr 27)
- Remote Format String Vulnerabilities in eXtremail Luca Ercoli (Apr 26)
- Re: HP Web JetAdmin vulnerabilities. FX (Apr 27)
- <Possible follow-ups>
- Re: HP Web JetAdmin vulnerabilities. Samuel Walker (Apr 29)
- Source Code To Test IPv4 fragmentation --> The Rose Attack Gandalf The White (Apr 27)
- [ GLSA 200404-19 ] Buffer overflows and format string Joshua J. Berry (Apr 27)
- Multiple vulnerabilities PHP-Nuke Video Gallery Module for PHP-Nuke k1LL3r B0y (Apr 27)
- Re: [Full-Disclosure] Microsoft's Explorer and Internet Explorer long share name buffer overflow. KF (lists) (Apr 27)
- <Possible follow-ups>
- RE: [Full-Disclosure] Microsoft's Explorer and Internet Explorer long share name buffer overflow. Bryce Porter (Apr 28)
- Re[2]: [Full-Disclosure] Microsoft's Explorer and Internet Explorer long share name buffer overflow. 3APA3A (Apr 29)
- [ GLSA 200404-20 ] Multiple vulnerabilities in xine Joshua J. Berry (Apr 27)
- [ GLSA 200404-18 ] Multiple Vulnerabilities in ssmtp Joshua J. Berry (Apr 27)
- MDKSA-2004:037 - Updated kernel packages fix multiple vulnerabilities Mandrake Linux Security Team (Apr 27)
- SGI ProPack v2.4: Kernel update #3 SGI Security Coordinator (Apr 27)
- Multiple vulnerabilities paFileDB k1LL3r B0y (Apr 27)
- resources consumption in DiGi WWW Server Donato Ferrante (Apr 27)
- [ESA-20040428-004] 'kernel' Several security and bug fixes EnGarde Secure Linux (Apr 28)
- SMC Routers have remote administration enabled by default user86 (Apr 28)
- Re: SMC Routers have remote administration enabled by default user86 (Apr 29)
- Re: SMC Routers have remote administration enabled by default user86 (Apr 29)
- Re: SMC Routers have remote administration enabled by default Michael Curtis (Apr 29)
- Re: SMC Routers have remote administration enabled by default Martin Nedbal (Apr 30)
- Re: SMC Routers have remote administration enabled by default user86 (Apr 29)
- SGI Advanced Linux Environment security update #19 SGI Security Coordinator (Apr 28)
- [slackware-security] kernel security updates (SSA:2004-119-01) Slackware Security Team (Apr 29)
- MDKSA-2004:038 - Updated sysklogd packages fix vulnerability Mandrake Linux Security Team (Apr 29)
- MS04011 Lsasrv.dll RPC buffer overflow remote exploit (PoC) houseofdabus HOD (Apr 29)
- [SECURITY] [DSA 496-1] New eterm packages fix indirect arbitrary command execution Martin Schulze (Apr 29)
- New Worm??? - High level of activity on port 445 Tony Abell (Apr 29)
- <Possible follow-ups>
- RE: New Worm??? - High level of activity on port 445 Roger A. Grimes (Apr 29)
- RE: New Worm??? - High level of activity on port 445 Jodrell Dimaculangan (Apr 29)
- RE: New Worm??? - High level of activity on port 445 Thor Larholm (Apr 29)
- [ GLSA 200404-21 ] Multiple Vulnerabilities in Samba Joshua J. Berry (Apr 30)
- SquirrelMail Cross Scripting Attacks.... Alvin Alex (Apr 30)
- Re: SquirrelMail Cross Scripting Attacks.... Jonathan Angliss (Apr 30)
- MDKSA-2004:040 - Updated libpng packages fix vulnerability Mandrake Linux Security Team (Apr 30)
- 3com NBX VOIP NetSet Denial of Service Attack Michael Scheidell (Apr 30)
- [RHSA-2004:182-01] Updated httpd packages fix mod_ssl security issue bugzilla (Apr 30)
- [OpenPKG-SA-2004.017] OpenPKG Security Advisory (png) OpenPKG (Apr 30)
- [SECURITY] [DSA 498-1] New libpng packages fix denial of service Martin Schulze (Apr 30)
- cqure.net.20040430.citrixmetaframe Patrik Karlsson (Apr 30)
- A technical description of the SSL PCT vulnerability (CVE-2003-0719) Juliano Rizzo (Apr 30)
- [SECURITY] [DSA 497-1] New mc packages fix several vulnerabilities Martin Schulze (Apr 30)
- [RHSA-2004:177-01] An updated X-Chat package fixes vulnerability in Socks-5 proxy bugzilla (Apr 30)
- TSLSA-2004-0025 - multi Trustix Security Advisor (Apr 30)
- Cross Site Scripting in Moodle < 1.3 Bartek Nowotarski (Apr 30)
- [OpenPKG-SA-2004.018] OpenPKG Security Advisory (proftpd) OpenPKG (Apr 30)
- SECURITY.NNOV: Sambar security quest 3APA3A (Apr 30)
- MDKSA-2004:039 - Updated mc packages fix vulnerabilities Mandrake Linux Security Team (Apr 30)
- HP Web Jetadmin John Morris (Apr 30)
- TSLSA-2004-0024 - rsync Trustix Security Advisor (Apr 30)
- [RHSA-2004:179-01] An updated LHA package fixes security vulnerabilities bugzilla (Apr 30)
- Dameware Mini Remote Control Version 4.2 Weak Key Agreement Scheme ax09001h (Apr 30)
- [RHSA-2004:173-00] Updated mc packages resolve several vulnerabilities bugzilla (Apr 30)
- IE Certificate Stealing (Phising) bug E.Kellinis (Apr 30)
- [RHSA-2004:163-01] Updated OpenOffice packages fix security vulnerability in neon bugzilla (Apr 30)
- [RHSA-2004:181-01] Updated libpng packages fix crash bugzilla (Apr 30)
- Multi stage attacks on networks? Sudhakar-bugtraq Govindavajhala (Apr 30)
- Re: Multi stage attacks on networks? Bill Nash (Apr 30)
- <Possible follow-ups>
- RE: Multi stage attacks on networks? Shaun Bertrand (Apr 30)
- [RHSA-2004:175-01] Updated utempter package fixes vulnerability bugzilla (Apr 30)
- MDKSA-2004:041 - Updated ProFTPD packages fix vulnerability Mandrake Linux Security Team (Apr 30)