Bugtraq: by date
RSS Feed
About List
All Lists
Previous period
393 messages
starting Mar 31 04 and
ending Apr 30 04
Date index |
Thread index |
Author index
Wednesday, 31 March
RE: cdp buffer overflow vulnerability Dave Paris
Re: IPv4 fragmentation --> The Rose Attack Crist J. Clark
OpenLinux: vim arbitrary commands execution through modelines please_reply_to_security
UnixWare 7.1.3 Open UNIX 8.0.0 UnixWare 7.1.1 : perl unsafe Safe compartment please_reply_to_security
[CLA-2004:836] Conectiva Security Announcement - libxml2 Conectiva Updates
Re: NetSky.q Virus. Looking for more detailed information on how the DOS will be performed. Paul
Thursday, 01 April
Re: IPv4 fragmentation --> The Rose Attack stanislav shalunov
Pikachu -Turn on WEP ! Himanshu Singh
Releasing full source code of WinBlox Liu Die Yu
Re: IPv4 fragmentation --> The Rose Attack Chris Brenton
Index viewing in imgSvr 0.4 Donato Ferrante
[SECURITY] [DSA 470-1] New Linux 2.4.17 packages fix several local root exploits (hppa) Martin Schulze
Re: Google using Expired Cert and SSLv2 Ivaylo Kostadinov
[OpenPKG-SA-2004.008] OpenPKG Security Advisory (squid) OpenPKG
Re: Pikachu -Turn on WEP ! christophe barbe
Friday, 02 April
Netsky.R, auto execute w/ IE6 ? BugtraQ
Enterprise Application Security Dave Aitel
[SECURITY] [DSA 471-1] New interchange packages fix information leak Martin Schulze
Saturday, 03 April
IRIX ftpd ftp_syslog issue with anonymous FTP SGI Security Coordinator
Remote Exploit for Aborior's Encore Web Forum XNUXER RESEARCH
eMule v0.42d Buffer Overflow Kostya Kortchinsky
IRIX Update Some Network Drivers May Leak Data SGI Security Coordinator
Re: Bugfinder Being Indicted As Criminal ("Counterfeiter") in France K-OTiK Security
[securityzone () macromedia com: New Macromedia Security Zone Bulletin Posted] David Ahmad
Re: Bugfinder Being Indicted As Criminal ("Counterfeiter") in France Chris Wysopal
Monday, 05 April
Re: Bugfinder Being Indicted As Criminal ("Counterfeiter") in France Fozzy
Re: Bugfinder Being Indicted As Criminal ("Counterfeiter") in France Renaud Deraison
[SECURITY] [DSA 472-1] New fte packages fix buffer overflows Matt Zimmerman
[SECURITY] [DSA 474-1] New squid packages fix ACL bypass Matt Zimmerman
[SECURITY] [DSA 460-2] New sysstat packages fix insecure temporary file creation Matt Zimmerman
[SECURITY] [DSA 473-1] New oftpd packages fix denial of service Matt Zimmerman
[SECURITY] [DSA 475-1] New Linux 2.4.18 packages fix several local root exploits (hppa) Martin Schulze
[OpenPKG-SA-2004.009] OpenPKG Security Advisory (mc) OpenPKG
NGSSoftware Insight Security Research Advisory Peter Winter-Smith
Fw: new IE vurn Philip Barnham
Multiple XSS vulnerabilities in Microsoft SharePoint Portal Server 2001 Ory Segal
SuSEs YaST Online Update - possible symlink attack Rene
Re: new IE vurn Gavin Hanover
Macromedia Dreamweaver Remote Database Scripts (#NISR05042004B) NGSSoftware Insight Security Research
[Full-Disclosure] iDEFENSE Security Advisory 04.05.04: Perl win32_stat Function Buffer Overflow Vulnerability idlabs-advisories
Texutil symlink vulnerability. Shaun Colley
Automated wireless client penetration tool "hotspotter" released. Max Moser
Advisory: Multiple Vulnerabilities in Monit mattmurphy () kc rr com
IBM Director 3.1 Windows Agent Remote DoS Juanma Merino
Re: Bugfinder Being Indicted As Criminal ("Counterfeiter") in France K-OTiK Security
Re: Bugfinder Being Indicted As Criminal ("Counterfeiter") in France K-OTiK Security
Format string bug in IGI 2: Covert Strike 1.3 Luigi Auriemma
Tuesday, 06 April
Vuln Info Disclosure may become illegal in France [was: Re: Bugfinder Being Indicted As Criminal] Fozzy
Paper: Comparing binaries with graph isomorphisms Todd Sabin
MDKSA-2004:026 - Updated mplayer packages fix remotely exploitable vulnerability Mandrake Linux Security Team
[SECURITY] [DSA 476-1] New heimdal packages fix cross-realm vulnerability Matt Zimmerman
LNSA-#2004-0008: Multiple security problems in Monit Vincenzo Ciaglia
Re: IBM Director 3.1 Windows Agent Remote DoS Vess Nedevski
[ GLSA 200404-01 ] Insecure sandbox temporary lockfile vulnerabilities in Portage Tim Yamin
Support Contact Info Mark Litchfield
[SECURITY] [DSA 477-1] New xine-ui packages fix insecure temporary file creation Martin Schulze
[product-security () apple com: APPLE-SA-2004-04-05 Security Update 2004-04-05]] David Ahmad
[ GLSA 200404-02 ] KDE Personal Information Management Suite Remote Buffer Overflow Vulnerability Aida Escriva-Sammer
RE: Netsky.R, auto execute w/ IE6 ? BugtraQ
blaxxun3D(blaxxun Platform) 7 - Remote Buffer Overflow Rafel Ivgi, The-Insider
Re: Netsky.R, auto execute w/ IE6 ? vbsubmit
Foundstone Labs Advisory: Citrix MetaFrame Password Manager 2.0 Foundstone Labs
GNU Sharutils buffer overflow vulnerability. Shaun Colley
[ GLSA 200404-03 ] Tcpdump Vulnerabilities in ISAKMP Parsing Joshua J. Berry
Papers: The Invisible Catalog Pete Herzog
Panda ActiveScan 5.0 - Remote Buffer Overflow and A Crash(D.O.S) Rafel Ivgi, The-Insider
Wednesday, 07 April
[ GLSA 200404-05 ] ipsec-tools contains an X.509 certificates vulnerability Kurt Lieber
[SECURITY] [DSA 478-1] New tcpdump packages fix denial of service Matt Zimmerman
Re: eSignal v7 remote buffer overflow Scott Johnson
Kerio Personal Firewall 4 and IE 6 "Bug" E.Kellinis
Release of Cisco Attack tool Asleap Joshua Wright
Re: SuSEs YaST Online Update - possible symlink attack Roman Drahtmueller
REAL One Player R3T File Format Stack Overflow NGSSoftware Insight Security Research
Cisco Security Advisory: A default Username and Password in WLSE and HSE devices Cisco Systems Product Security Incident Response Team
CAN-2004-0155: The KAME IKE Daemon Racoon does not verify RSA Signatures during Phase 1, allows man-in-the-middle attacks and unauthorized connections Ralf Spenneberg
[ GLSA 200404-06 ] Util-linux login may leak sensitive data Kurt Lieber
Re: [waraxe-2004-SA#013 - Critical sql injection bug in PhpBB 2.0.8 and in older versions] T.J. Ferraro
Mcafee FreeScan - Remote Buffer Overflow and Private Information Disclosure Rafel Ivgi, The-Insider
Re: IPv4 fragmentation --> The Rose Attack Ventsislav Genchev
[ GLSA 200404-07 ] ClamAV RAR Archive Remote Denial Of Service Vulnerability Kurt Lieber
Symantec Virus Detection(Free ActiveX) - Remote Buffer Overflow Rafel Ivgi, The-Insider
Solaris vfs_getvfssw() local kernel exploit Sam
Re: GNU Sharutils buffer overflow vulnerability. Didier Arenzana
[OpenPKG-SA-2004.010] OpenPKG Security Advisory (tcpdump) OpenPKG
Metasploit Framework 2.0 Released! H D Moore
Re: GNU Sharutils buffer overflow vulnerability. Carlos Eduardo Pinheiro
Internet Explorer 6 - Crash E.Kellinis
[ GLSA 200404-04 ] Multiple vulnerabilities in sysstat Kurt Lieber
RE: Kerio Personal Firewall 4 and IE 6 "Bug" Noah Dunker
RE: Kerio Personal Firewall 4 and IE 6 "Bug" Noah Dunker
[OpenPKG-SA-2004.011] OpenPKG Security Advisory (sharutils) OpenPKG
Kerio Personal Firewall 4.0.13 - Remote DoS (Crash) E.Kellinis
Re: GNU Sharutils buffer overflow vulnerability Shaun Colley
McAfee Freescan ActiveX Information Disclosure [Additional Details & PoC] S G Masood
Re: Kerio Personal Firewall 4 and IE 6 "Bug" E.Kellinis
Thursday, 08 April
Re: Symantec Virus Detection(Free ActiveX) - Remote Buffer Overflow, Apr 7 2004 2:22AM Sym Security
[waraxe-2004-SA#015 - Multiple vulnerabilities in NukeCalendar v1.1.a] Janek Vind
[ GLSA 200404-08 ] GNU Automake symbolic link vulnerability Kurt Lieber
Phrack #62 Call for Papers Richard Miller
Cisco Security Advisory: Cisco IPSec VPN Services Module Malformed IKE Packet Vulnerability Cisco Systems Product Security Incident Response Team
SGI Advanced Linux Environment security update #17 SGI Security Coordinator
[waraxe-2004-SA#014 - Cross-Site Scripting aka XSS in AzDGDatingLite] Janek Vind
Heap Overflow in Oracle 9iAS / 10g Application Server Web Cache Ioannis Migadakis
New Worm/Virus April 8th Polazzo Justin
LNSA-#2004-0009: GNU Automake symbolic link vulnerability Vincenzo Ciaglia
[OpenPKG-SA-2004.012] OpenPKG Security Advisory (fetchmail) OpenPKG
Re: IPv4 fragmentation --> The Rose Attack Paul Starzetz
LNSA-#2004-0010: login may leak sensitive data Vincenzo Ciaglia
RE: [AppSec-research] New Worm/Virus April 8th Polazzo Justin
LNSA-#2004-0009: GNU Automake symbolic link vulnerability Vincenzo Ciaglia
Microsoft IE iframe src DoS already reported to Microsoft 'ken'@FTU
Re: IPv4 fragmentation --> The Rose Attack Darren Reed
Re: Microsoft IE iframe src DoS already reported to Microsoft Valdis . Kletnieks
PSR - #2004-001 Remote - LCDProc Priv8 Security Research
RE: New Worm/Virus April 8th securityguy
PSR - #2004-002 Remote - LCDProc Priv8 Security Research
Friday, 09 April
Full-Disclosure is now ILLEGAL in France ! (Vulnerabilties, Technical details, Exploits ...) K-OTiK Security
MDKSA-2004:027 - Updated ipsec-tools packages fix vulnerability in racoon Mandrake Linux Security Team
Re: IPv4 fragmentation --> The Rose Attack gandalf
monit 4.1 POC gsicht gsicht
[ GLSA 200404-12 ] Scorched 3D server chat box format string vulnerability Kurt Lieber
DoS in Crackalaka 1.0.8 Donato Ferrante
Re: Full-Disclosure is now ILLEGAL in France ! (Vulnerabilties, Technical details, Exploits ...) Chris Johnson
Browser bugs [DoS] ... where will you draw a line? Bipin Gautam
DoS in Rsniff 1.0 Luigi Auriemma
[ GLSA 200404-09 ] Cross-realm trust vulnerability in Heimdal Kurt Lieber
[ GLSA 200404-11 ] Multiple Vulnerabilities in pwlib Aida Escriva-Sammer
RE: Full-Disclosure is now ILLEGAL in France ! (Vulnerabilties, Technical details, Exploits ...) Richard M. Smith
Re: Full-Disclosure is now ILLEGAL in France ! (Vulnerabilties, Technical details, Exploits ...) Geoffrey
Re: Full-Disclosure is now ILLEGAL in France ! (Vulnerabilties, Technical details, Exploits ...) Chris Johnson
Re: DoS in Rsniff 1.0 Luigi Auriemma
Re: Full-Disclosure is now ILLEGAL in France ! (Vulnerabilties, Technical details, Exploits ...) Chris Wysopal
RE: Browser bugs [DoS] ... where will you draw a line? Drew Copley
Re: Full-Disclosure is now ILLEGAL in France ! (Vulnerabilties, Technical details, Exploits ...) Romain Francoise
Re: IPv4 fragmentation --> The Rose Attack Darren Reed
ANNOUNCE: SecLegal mailing list Thor Larholm
Saturday, 10 April
RE: Full-Disclosure is now ILLEGAL in France ! (Vulnerabilties, Technical details, Exploits ...) Amer Karim
Backdoor in X-Micro WLAN 11b Broadband Router RISKO Gergely
Re: GNU Sharutils buffer overflow vulnerability. Dan Yefimov
Re: IPv4 fragmentation --> The Rose Attack Darren Reed
Monday, 12 April
Re: IPv4 fragmentation --> The Rose Attack gandalf
Re: IPv4 fragmentation --> The Rose Attack gandalf
Monit <= 4.2 Remote Root Exploit Eye on Security India
Possible DoS on Linux kernel 2.4 and 2.6 using sigqueue overflow. Nikita V. Youshchenko
Citadel/UX 6.20 fixes local permissions vulnerability IO ERROR
UPDATE: Cisco Security Notice: Dictionary Attack on Cisco LEAP Vulnerability Cisco Systems Product Security Incident Response Team
Gnome nautilus bug gsicht gsicht
Multiple Vulnerabilities In Tiki CMS/Groupware [ TikiWiki ] JeiAr
IE 6 Print Without Prompt Ben Garvey
[waraxe-2004-SA#017 - User-level authentication bypass in phpnuke 6.x-7.2] Janek Vind
eMule <= 0.42d Remote Exploit kcope
BID 7482, bug in OpenSSH (Still in FreeBSD-STABLE) Felipe Neuwald
Adobe Acrobat Reader PDF file DoS vulnerability Arman Nayyeri
[waraxe-2004-SA#018 - Admin-level authentication bypass in phpnuke 6.x-7.2] Janek Vind
[CLA-2004:838] Conectiva Security Announcement - squid Conectiva Updates
Microsoft Outlook Express EML file Crash vulnerability Arman Nayyeri
[CLA-2004:837] Conectiva Security Announcement - mod_python Conectiva Updates
[waraxe-2004-SA#016 - Cross-Site Scripting aka XSS in phpnuke 6.x-7.2 part 3] Janek Vind
new strange worm Alex Gen
RE: IPv4 fragmentation --> The Rose Attack Taylan Develioglu
Microsoft Internet Explorer BMP file memory DoS vulnerability Arman Nayyeri
Wednesday, 14 April
UPDATE: LCDproc Buffer Overflow and Format String Vulnerabilities Rene Wagner
EEYE: Windows Local Security Authority Service Remote Buffer Overflow Marc Maiffret
EEYE: Windows Expand-Down Data Segment Local Privilege Escalation Marc Maiffret
[Full-Disclosure] iDEFENSE Security Advisory 04.13.04 - Microsoft Help and Support Center Argument Injection Vulnerability idlabs-advisories
RE: Microsoft Outlook Express EML file Crash vulnerability Kamran Muzaffer
[SECURITY] [DSA 483-1] New mysql packages fix insecure temporary file creation Martin Schulze
SUSE Security Announcement: cvs (SuSE-SA:2004:008) Sebastian Krahmer
Re: BID 7482, bug in OpenSSH (Still in FreeBSD-STABLE) Damien Miller
4 new Microsoft patches to close 20 vulnerabilities Thor Larholm
[SECURITY] [DSA 482-1] New Linux 2.4.17 packages fix local root exploit (source+powerpc/apus+s390) Martin Schulze
[RHSA-2004:154-01] Updated CVS packages fix security issue bugzilla
[SECURITY] [DSA 480-1] New Linux 2.4.17 and 2.4.18 packages fix local root exploit (hppa) Martin Schulze
Thursday, 15 April
[SECURITY] [DSA 479-2] New Linux 2.4.18 packages fix local root exploit (i386) Martin Schulze
[RHSA-2004:159-01] Updated Subversion packages fix security vulnerability in neon bugzilla
Cisco Security Notice: Cisco IPsec VPN Implementation Group Password Usage Vulnerability Cisco Systems Product Security Incident Response Team
Include vulnerability in GEMITEL v 3.50 jaguar
ZA Security Hole Damjan Kreft
FW: [Unpatched] 4 new Microsoft patches, 4 old updated, 24 vulnerabilities Thor Larholm
[OpenPKG-SA-2004.014] OpenPKG Security Advisory (mysql) OpenPKG
Re: XSS, Admin Access via Cookie and File Upload vulnerability in NewsPHP. Manuel Lopez
FreeBSD Security Advisory FreeBSD-SA-04:07.cvs FreeBSD Security Advisories
SCT javascript execution vulnerability spiffomatic 64
[Full-Disclosure] iDEFENSE Security Advisory 04.15.04: RealNetworks Helix Universal Server Denial of Service Vulnerability idlabs-advisories
Friday, 16 April
Re: Backdoor in X-Micro WLAN 11b Broadband Router Mariano Firpo
Re: ZA Security Hole Pablo G. Sabbatella
TSLSA-2004-0020 - kernel Trustix Security Advisor
[OpenPKG-SA-2004.015] OpenPKG Security Advisory (ethereal) OpenPKG
Re: ZA Security Hole Samps
Re: ZA Security Hole Hugo van der Kooij
[securityzone () macromedia com: New Macromedia Security Zone Bulletin Posted] David Ahmad
"Delete anti-virus and firewall software" --Microsoft Kim Scarborough
After Ms patches last Wed ... aborg
[OpenPKG-SA-2004.016] OpenPKG Security Advisory (neon) OpenPKG
void.at - neon format string bugs Thomas Wana
Re: After Ms patches last Wed ... phaser-X
Saturday, 17 April
Norton AntiVirus nested file manual scan bypass..... Bipin Gautam
[SECURITY] [DSA 486-1] New cvs packages fix multiple vulnerabilities Matt Zimmerman
Internet Explorer XSS published unpatched in SP1 AND SP2 Rafel Ivgi, The-Insider
Network Intelligence Advisory - Denial of Service Vulnerability in ColdFusion MX K. K. Mookhey
[SECURITY] [DSA 489-1] New Linux 2.4.17 packages fix local root exploit (mips+mipsel) Martin Schulze
[SCSA-028] Nuked-Klan Multiple Vulnerabilities advisory
[SECURITY] [DSA 431-2] New perl packages fix information leak in suidperl Matt Zimmerman
Re: After Ms patches last Wed ... Andy Shaw
Squirrelmail Chpasswod bof Matias Neiff
MS04-011 SSL Remote DoS PoC David Barroso Berrueta
[SECURITY] [DSA 490-1] New Zope packages fix arbitrary code execution Martin Schulze
[SECURITY] [DSA 487-1] New neon packages fix format string vulnerabilities Matt Zimmerman
Re: After Ms patches last Wed ... Dan Harkless
RE: After Ms patches last Wed ... Alun Jones
[BUG-CORRECTION] IISShield "Server" header costumization Tiago Halm
[SECURITY] [DSA 491-1] New Linux 2.4.19 packages fix local root exploit (mips) Martin Schulze
Re: After Ms patches last Wed ... Scott Gifford
[SECURITY] [DSA 488-1] New logcheck packages fix insecure temporary directory Matt Zimmerman
NEW backdoor in X-Micro WLAN 11b Broadband Router RISKO Gergely
Monday, 19 April
[slackware-security] tcpdump denial of service (SSA:2004-108-01) Slackware Security Team
Re: Squirrelmail Chpasswod bof Jonathan Angliss
[SECURITY] [DSA 492-1] New iproute packages fix denial of service Matt Zimmerman
Re: After Ms patches last Wed ... Jerry Winegarden
after ms patches... kincses zoli
Re: After Ms patches last Wed ... plasmahh
DoS in NETFile FTP/Web Server Donato Ferrante
Re: Squirrelmail Chpasswod bof martin f krafft
RE: MS04-011 Break SSL support in IE 6.0.3790.0 with Windows 2003 Thor Larholm
Re: After Ms patches last Wed ... T.H. Haymore
[ GLSA 200404-14 ] Multiple format string vulnerabilities in cadaver Kurt Lieber
Re: After Ms patches last Wed ... Alex Cruz
[ GLSA 200404-16 ] Multiple new security vulnerabilities in monit Kurt Lieber
Re: Norton AntiVirus nested file manual scan bypass..... Bipin Gautam
[ GLSA 200404-15 ] XChat 2.0.x SOCKS5 Vulnerability Kurt Lieber
New Paper - SQL Injection Signatures Evasion Imperva Application Defense Center
ssmtp insecure file creation priestmaster
MS Patches last Wed - SOLUTION aborg
LNSA-#2004-0012: Multiple format string vulnerabilities in neon Vincenzo Ciaglia
[waraxe-2004-SA#019 - Critical sql injection bug in Phorum 3.4.7] Janek Vind
phpBB 2.0.8a and lower - IP spoofing vulnerability Ready Response
LNSA-#2004-0011: CVS Server and Client Vulnerabilities Vincenzo Ciaglia
RE: After Ms patches last Wed ... Brito, Nelson (ISS Brazil)
MS Patches last Mon - Recap aborg
Re: Squirrelmail Chpasswod bof Peter Geissler
RE: After Ms patches last Wed ... David Hayden
Idea of CAW (Creation of Attack Wood) kincses zoli
MDKSA-2004:031 - Updated utempter packages fix several vulnerabilities Mandrake Linux Security Team
RE: After Ms patches last Wed ... phaser-X
BitDefender Scan Online(ActiveX) - Remote File Download & Execute & Private Information Disclosure Rafel Ivgi, The-Insider
phpBB modified by Przemo arbitary code execution Dariusz 'Officerrr' Kolasinski
Re: Squirrelmail Chpasswod bof rip
Microsoft Help and Support Center argument injection vulnerability Jouko Pynnonen
Re: phpBB 2.0.8a and lower - IP spoofing vulnerability Shaun Colley
Zaep AntiSpam Cross Site Scripting Aviram Jenik
Solaris 9 patch 113579-03 introduces a NIS security bug Chris Thompson
[slackware-security] utempter security update (SSA:2004-110-01) Slackware Security Team
Eudora 6.1 is evil Paul Szabo
KPhone STUN DoS (Malformed STUN Packets) Aviram Jenik
Tuesday, 20 April
Re: After Ms patches last Wed ... geoff . froh
RE: "Delete anti-virus and firewall software" --Microsoft Thor Larholm
phpBB modified by Przemo arbitary code execution Dariusz 'Officerrr' Kolasinski
[slackware-security] cvs security update (SSA:2004-108-02) Slackware Security Team
Exchange pop3 remote exploit securma massine
NcFTP - password leaking Konstantin Gavrilenko
MDKSA-2004:033 - Updated xine-ui packages fix temporary file insecurities Mandrake Linux Security Team
MDKSA-2004:032 - Updated libneon packages fix temporary file insecurities Mandrake Linux Security Team
MDKSA-2004:034 - Updated MySQL packages fix temporary file insecurities Mandrake Linux Security Team
MDKSA-2004:035 - Updated samba packages fix privilege escalation vulnerability Mandrake Linux Security Team
Re: NcFTP - password leaking Frank v Waveren
NISCC Vulnerability Advisory 236929: Vulnerability Issues in TCP David Ahmad
Re: BitDefender Scan Online(ActiveX) - Remote File Download & Execute & Private Information Disclosure Sami POTIRCA
Re: phpBB 2.0.8a and lower - IP spoofing vulnerability 3APA3A
Re: ZA Security Hole David Wilson
Format String in Cherokee CoKi
Re: Idea of CAW (Creation of Attack Wood) Magosányi Árpád
[cliph () isec pl: Linux kernel setsockopt MCAST_MSFILTER integer overflow] David Ahmad
Re: After Ms patches last Wed ... Greg Kujawa
Cisco Security Advisory: TCP Vulnerabilities in Multiple Non-IOS-Based Cisco Products Cisco Systems Product Security Incident Response Team
WinSCP Denial of Service Luca Ercoli
Cisco Security Advisory: Vulnerabilities in SNMP Message Processing Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: TCP Vulnerabilities in Multiple IOS Based Cisco Products Cisco Systems Product Security Incident Response Team
Re: NcFTP - password leaking Alex Behar
Wednesday, 21 April
Linux kernel setsockopt MCAST_MSFILTER integer overflow Wojciech Purczynski
Re: phpBB 2.0.8a and lower - IP spoofing vulnerability Xin LI
IETF Draft on Transmission Control Protocol security considerations Thor Larholm
[PNSA 2004-2] PostNuke Security Advisory PNSA 2004-2 Valerio Santinelli
[RHSA-2004:166-01] Updated kernel packages resolve security vulnerabilities bugzilla
Re: ZA Security Hole Patrick Brauch
[SECURITY] [DSA 493-1] New xchat packages fix arbitrary code execution Martin Schulze
Re: Idea of CAW (Creation of Attack Wood) Jan Minar
Advanced Guestbook 2.2 -- SQL Injection Exploit JQ
[waraxe-2004-SA#022 - Multiple vulnerabilities in PostNuke 0.726 Phoenix - part 2] Janek Vind
[waraxe-2004-SA#021 - Multiple vulnerabilities in phprofession 2.5 module for PostNuke] Janek Vind
NetBSD Security Advisory 2004-006: TCP protocol and implementation vulnerability NetBSD Security-Officer
EEYE: Yahoo! Mail Account Filter Overflow Hijack Drew Copley
NetBSD Security Advisory 2004-005: Denial of service vulnerabilities in OpenSSL NetBSD Security-Officer
Vulnerabilities in long-lived TCP connections on SGI systems SGI Security Coordinator
Thursday, 22 April
MDKSA-2004:031-1 - Updated utempter packages fix several vulnerabilities Mandrake Linux Security Team
SGI Advanced Linux Environment security update #18 SGI Security Coordinator
[slackware-security] xine security update (SSA:2004-111-01) Slackware Security Team
Arbitrary file overwriting in Unreal engine through UMOD Luigi Auriemma
Friday, 23 April
TCP Reset Attacks: Paper and Code Now Availble sullo
Netegrity SiteMinder Affiliate Agent Cookie Overflow advisories
Potential Microsoft PCT worm (MS04-011) advisories
EEYE: Symantec Multiple Firewall TCP Options Denial of Service Derek Soeder
RE: [Full-Disclosure] EEYE: Symantec Multiple Firewall TCP Options Denial of Service Sym Security
[waraxe-2004-SA#025 - Multiple vulnerabilities in Protector System 1.15b1 for PhpNuke] Janek Vind
[waraxe-2004-SA#024 - XSS and full path disclosure in Network Query Tool 1.6] Janek Vind
Saturday, 24 April
[ GLSA 200404-17 ] ipsec-tools and iputils contain a remote DoS vulnerability Kurt Lieber
Apache - all versions vulnerability in OLD procesors. Adam Zabrocki
Netegrity SiteMinder Affiliate Agent Cookie Overflow advisories
Monday, 26 April
RE: US-CERT Technical Cyber Security Alert TA04-111A -- Vulnerabilities in TCP soby
Microsoft's Explorer and Internet Explorer long share name buffer overflow. Rodrigo Gutierrez
Re: Apache - all versions vulnerability in OLD procesors. Chris Adams
Re: Apache - all versions vulnerability in OLD procesors. Chris Adams
[HOTFIX] setsockopt kernel vulnerability nolife
Re: Apache - all versions vulnerability in OLD procesors. Peter J. Holzer
Samsung SmartEther SS6215S Switch Kyle Duren
Re: New Paper - SQL Injection Signatures Evasion K. K. Mookhey
RE: Microsoft's Explorer and Internet Explorer long share name buffer overflow. Rodrigo Gutierrez
Spammers can hide behind 'Email a friend/article' scripts. cyber_flash
RE: New Paper - SQL Injection Signatures Evasion Imperva Application Defense Center
Horde webmail: mysql access sig
Multiple Vulnerabilities In OpenBB JeiAr
[SECURITY] [DSA 495-1] New Linux 2.4.16 packages fix local root exploit (arm) Martin Schulze
Microsoft's Explorer and Internet Explorer long share name buffer overflow. Rodrigo Gutierrez
Perl code exploting TCP not checking RST ACK. K sPecial
Remote Format String Vulnerabilities in eXtremail Luca Ercoli
Tuesday, 27 April
Re: HP Web JetAdmin vulnerabilities. FX
Re: Apache - all versions vulnerability in OLD procesors. Adam Zabrocki
Source Code To Test IPv4 fragmentation --> The Rose Attack Gandalf The White
[ GLSA 200404-19 ] Buffer overflows and format string Joshua J. Berry
Multiple vulnerabilities PHP-Nuke Video Gallery Module for PHP-Nuke k1LL3r B0y
Re: Perl code exploting TCP not checking RST ACK. Michael Gschwandtner
Re: [Full-Disclosure] Microsoft's Explorer and Internet Explorer long share name buffer overflow. KF (lists)
[ GLSA 200404-20 ] Multiple vulnerabilities in xine Joshua J. Berry
[ GLSA 200404-18 ] Multiple Vulnerabilities in ssmtp Joshua J. Berry
MDKSA-2004:037 - Updated kernel packages fix multiple vulnerabilities Mandrake Linux Security Team
SGI ProPack v2.4: Kernel update #3 SGI Security Coordinator
Multiple vulnerabilities paFileDB k1LL3r B0y
Re: Spammers can hide behind 'Email a friend/article' scripts. matthias
Re: Spammers can hide behind 'Email a friend/article' scripts. 3APA3A
resources consumption in DiGi WWW Server Donato Ferrante
Re: Squirrelmail Chpasswod bof p dont think
Wednesday, 28 April
Re: Apache - all versions vulnerability in OLD procesors. Peter Pentchev
Re: Horde webmail: mysql access Christopher T. Beers
[ESA-20040428-004] 'kernel' Several security and bug fixes EnGarde Secure Linux
SMC Routers have remote administration enabled by default user86
SGI Advanced Linux Environment security update #19 SGI Security Coordinator
RE: [Full-Disclosure] Microsoft's Explorer and Internet Explorer long share name buffer overflow. Bryce Porter
Re: phpBB 2.0.8a and lower - IP spoofing vulnerability BlueRaven
Thursday, 29 April
[slackware-security] kernel security updates (SSA:2004-119-01) Slackware Security Team
MDKSA-2004:038 - Updated sysklogd packages fix vulnerability Mandrake Linux Security Team
Re: SMC Routers have remote administration enabled by default user86
Re: SMC Routers have remote administration enabled by default user86
MS04011 Lsasrv.dll RPC buffer overflow remote exploit (PoC) houseofdabus HOD
Re: SMC Routers have remote administration enabled by default Michael Curtis
Re: phpBB 2.0.8a and lower - IP spoofing vulnerability Xin LI
Re: HP Web JetAdmin vulnerabilities. Samuel Walker
Re[2]: [Full-Disclosure] Microsoft's Explorer and Internet Explorer long share name buffer overflow. 3APA3A
[SECURITY] [DSA 496-1] New eterm packages fix indirect arbitrary command execution Martin Schulze
New Worm??? - High level of activity on port 445 Tony Abell
RE: New Worm??? - High level of activity on port 445 Roger A. Grimes
RE: New Worm??? - High level of activity on port 445 Jodrell Dimaculangan
RE: New Worm??? - High level of activity on port 445 Thor Larholm
Friday, 30 April
[ GLSA 200404-21 ] Multiple Vulnerabilities in Samba Joshua J. Berry
SquirrelMail Cross Scripting Attacks.... Alvin Alex
MDKSA-2004:040 - Updated libpng packages fix vulnerability Mandrake Linux Security Team
3com NBX VOIP NetSet Denial of Service Attack Michael Scheidell
[RHSA-2004:182-01] Updated httpd packages fix mod_ssl security issue bugzilla
[OpenPKG-SA-2004.017] OpenPKG Security Advisory (png) OpenPKG
[SECURITY] [DSA 498-1] New libpng packages fix denial of service Martin Schulze
cqure.net.20040430.citrixmetaframe Patrik Karlsson
A technical description of the SSL PCT vulnerability (CVE-2003-0719) Juliano Rizzo
[SECURITY] [DSA 497-1] New mc packages fix several vulnerabilities Martin Schulze
[RHSA-2004:177-01] An updated X-Chat package fixes vulnerability in Socks-5 proxy bugzilla
TSLSA-2004-0025 - multi Trustix Security Advisor
Cross Site Scripting in Moodle < 1.3 Bartek Nowotarski
[OpenPKG-SA-2004.018] OpenPKG Security Advisory (proftpd) OpenPKG
SECURITY.NNOV: Sambar security quest 3APA3A
MDKSA-2004:039 - Updated mc packages fix vulnerabilities Mandrake Linux Security Team
HP Web Jetadmin John Morris
TSLSA-2004-0024 - rsync Trustix Security Advisor
[RHSA-2004:179-01] An updated LHA package fixes security vulnerabilities bugzilla
Dameware Mini Remote Control Version 4.2 Weak Key Agreement Scheme ax09001h
[RHSA-2004:173-00] Updated mc packages resolve several vulnerabilities bugzilla
Re: SquirrelMail Cross Scripting Attacks.... Jonathan Angliss
RE: After Ms patches last Wed ... David Hayden
IE Certificate Stealing (Phising) bug E.Kellinis
[RHSA-2004:163-01] Updated OpenOffice packages fix security vulnerability in neon bugzilla
[RHSA-2004:181-01] Updated libpng packages fix crash bugzilla
Multi stage attacks on networks? Sudhakar-bugtraq Govindavajhala
[RHSA-2004:175-01] Updated utempter package fixes vulnerability bugzilla
Re: SMC Routers have remote administration enabled by default Martin Nedbal
MDKSA-2004:041 - Updated ProFTPD packages fix vulnerability Mandrake Linux Security Team
Re: Multi stage attacks on networks? Bill Nash
RE: Multi stage attacks on networks? Shaun Bertrand