Bugtraq: by author
RSS Feed
About List
All Lists
Previous period
278 messages
starting Dec 12 02 and
ending Dec 10 02
Date index |
Thread index |
Author index
0x90
Adelphia Powerlink service vulnerable to man in the middle attacks by cable modem users. 0x90 (Dec 12)
Re: adelphia vulnerability within subnets 0x90 (Dec 17)
3APA3A
SECURITY.NNOV: more Ikonboard 3.1.1 crossite scriptings 3APA3A (Dec 09)
advisories () texonet com
Unchecked buffer in PC-cillin advisories () texonet com (Dec 10)
alias
Apache/Tomcat Denial Of Service And Information Leakage Vulnerability alias (Dec 05)
Alun Jones
Re: KunaniFTP-Server v.1.0.10 allows dictionary traversal Alun Jones (Dec 11)
Amit Klein
Multiple vendors XML parser (and SOAP/WebServices server) Denial of Service attack using DTD Amit Klein (Dec 16)
Andreas Borchert
Re: PFinger 0.7.8 format string vulnerability (#NISR16122002B) Andreas Borchert (Dec 18)
Andreas Tscharner
Re: PFinger 0.7.8 format string vulnerability (#NISR16122002B) Andreas Tscharner (Dec 27)
Andrew Daviel
junkbuster 2.0-1 proxy relaying spam Andrew Daviel (Dec 23)
Andrew Kopp
RE: Directory traversal vulnerabilities in several archivers processing .tar Andrew Kopp (Dec 18)
Antonomasia
Re: export LD_LIBRARY_PATH in /etc/profile.d/* files Antonomasia (Dec 18)
Axis Product Security
Web server vulnerability in Axis Network Cameras, Video Servers and DVRs Axis Product Security (Dec 20)
Ben Bucksch
Re: [Full-Disclosure] Netscape Problems. Ben Bucksch (Dec 02)
Ben Laurie
Re: CITIBANK [CANADA]: INTERNET EXPLORER BROWSERS Ben Laurie (Dec 31)
Bharat Mediratta
Gallery v1.3.2 allows remote exploit (fixed in 1.3.3) Bharat Mediratta (Dec 28)
Brian Carpenter
Password Hole Found In Webshots Brian Carpenter (Dec 12)
bugzilla
[RHSA-2002:228-11] Updated Net-SNMP packages fix security and other bugs bugzilla (Dec 17)
[RHSA-2002:246-18] Updated Canna packages fix vulnerabilities bugzilla (Dec 10)
[RHSA-2002:196-19] Updated xinetd packages fix denial of service vulnerability bugzilla (Dec 02)
[RHSA-2002:293-09] Updated Fetchmail packages fix security vulnerability bugzilla (Dec 17)
[RHSA-2002:229-10] Updated wget packages fix directory traversal bug bugzilla (Dec 10)
[RHSA-2002:222-21] Updated apache, httpd, and mod_ssl packages available bugzilla (Dec 12)
[RHSA-2002:220-40] Updated KDE packages fix security issues bugzilla (Dec 04)
[RHSA-2002:254-05] Updated Webalizer packages fix vulnerability bugzilla (Dec 04)
Carl Livitt
RE: Exploit for traceroute-nanog overflow Carl Livitt (Dec 02)
Carlos Sarraute
CORE-20021005: Vulnerability Report For Linksys Devices Carlos Sarraute (Dec 03)
Casper Aleva
Potential DOS attack with Web-CyrAdm. Casper Aleva (Dec 30)
Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: OSM Line Card Header Corruption Vulnerability Cisco Systems Product Security Incident Response Team (Dec 11)
Cisco Security Advisory: Cisco Security Advisory: SSH Malformed Packet Vulnerabilities Cisco Systems Product Security Incident Response Team (Dec 20)
Colin Watson
Re: Zeus Admin Server v4.1r2 index.fcgi XSS bug Colin Watson (Dec 11)
CORREIA, PATRICK
RE: Cross-site scripting vulnerability in CF 5.0 CORREIA, PATRICK (Dec 16)
Curator at Security Digest Archives
[securitydigest.org]: Changes for December 2002 Curator at Security Digest Archives (Dec 18)
Damir Rajnovic
Re: Cisco IOS EIGRP Network DoS Damir Rajnovic (Dec 19)
Daniel Ahlberg
GLSA: perl Daniel Ahlberg (Dec 20)
GLSA: fetchmail Daniel Ahlberg (Dec 16)
GLSA: canna Daniel Ahlberg (Dec 20)
GLSA: exim Daniel Ahlberg (Dec 16)
GLSA: pine Daniel Ahlberg (Dec 02)
GLSA: kde-3.0.x Daniel Ahlberg (Dec 23)
GLSA: mysql Daniel Ahlberg (Dec 16)
GLSA: cups Daniel Ahlberg (Dec 30)
GLSA: openldap Daniel Ahlberg (Dec 30)
GLSA: squirrelmail Daniel Ahlberg (Dec 16)
GLSA: cyrus-sasl Daniel Ahlberg (Dec 27)
GLSA: wget Daniel Ahlberg (Dec 20)
GLSA: mysql Daniel Ahlberg (Dec 16)
Daniel Alcántara de la Hoz
[IPS] PUTTY SSH-Client Exploit Daniel Alcántara de la Hoz (Dec 28)
Dan Rowles
[Fwd: [RHSA-2002:196-09] Updated xinetd packages fix denial of service vulnerability] Dan Rowles (Dec 05)
Dave Ahmad
Foundstone Research Labs Advisory - Exploitable Windows XP Media Files (fwd) Dave Ahmad (Dec 18)
Foundstone Research Labs Advisory - Multiple Exploitable Buffer Overflows in Winamp (fwd) Dave Ahmad (Dec 18)
David Endler
RE: iDefense Security Advisory David Endler (Dec 13)
David F. Skoll
Buffer overflow in PHP "wordwrap" function David F. Skoll (Dec 27)
David Howe
Re: Foundstone Research Labs Advisory - Multiple Exploitable Buffer Overflows in Winamp (fwd) David Howe (Dec 19)
David Laganière
Lag Security Advisory - Com21 cable modem configuration file feeding vulnerability David Laganière (Dec 02)
David Wheeler
Updated "Secure Programming for Linux and Unix HOWTO" now available. David Wheeler (Dec 31)
Dennis Rand
Multiple vulnerabilities found in PlatinumFTPserver V1.0.6 Dennis Rand (Dec 30)
Derek Luce
[RHSA-2002:196-19] Updated xinetd packages fix denial of service vulnerability Derek Luce (Dec 09)
der Mouse
Re: Directory traversal vulnerabilities in several archivers processing .tar der Mouse (Dec 17)
Re: PFinger 0.7.8 format string vulnerability (#NISR16122002B) der Mouse (Dec 17)
Re: PFinger 0.7.8 format string vulnerability (#NISR16122002B) der Mouse (Dec 17)
Dirk Mueller
KDE Security Advisory: Multiple vulnerabilities in KDE Dirk Mueller (Dec 21)
Dmitry Guyvoronsky
Openwebmail 1.71 remote root compromise Dmitry Guyvoronsky (Dec 19)
[Fix] Openwebmail 1.71 remote root compromise Dmitry Guyvoronsky (Dec 19)
DNA ESC
APBoard-Bug DNA ESC (Dec 06)
dong-h0un U
Remote multiple vulnerability in apt-www-proxy. dong-h0un U (Dec 10)
Directory traversing bug in 'myServer' webserver. dong-h0un U (Dec 11)
Remote multiple vulnerability in apt-www-proxy. dong-h0un U (Dec 11)
Dorin Balanica
Input Validation Error in vbulletin 2.2.x Dorin Balanica (Dec 11)
Dr. Peter Bieringer
Re: Proxy vulnerability in TrendMicro InterScan-VirusWall V3.6 - and 3.7 Build 1190 Dr. Peter Bieringer (Dec 09)
Dr . Tek
'printenv' XSS vulnerability Dr . Tek (Dec 23)
eflorio
Telindus 112x ADSL Router - Weak Password Encryption eflorio (Dec 30)
Eitan Caspi
RE: User downgraded from Administrator to User retains the ability to list other user's running tasks Eitan Caspi (Dec 01)
RE: Sygate Personal Firewall can be shut down without a need to supply Eitan Caspi (Dec 05)
RE: Sygate Personal Firewall can be shut down without a need to supply a password - although one is required Eitan Caspi (Dec 10)
Sygate Personal Firewall can be shut down without a need to supply a password - although one is required Eitan Caspi (Dec 04)
EnGarde Secure Linux
[ESA-20021213-033] Several MySQL vulnerabilities. EnGarde Secure Linux (Dec 13)
euronymous
Multiple Mambo Site Server sec-weaknesses euronymous (Dec 12)
XSS and Path Disclosure in UPB euronymous (Dec 07)
SquirrelMail v1.2.9 XSS bugs euronymous (Dec 03)
Fabricio Angeletti
Cross-site Scripting Vulnerability in YaBB 1 Gold - SP1! Fabricio Angeletti (Dec 02)
Cross-site Scripting Vulnerability in phpBB 2.0.3 Fabricio Angeletti (Dec 05)
Florian Schafferhans
Directory traversal vulnerabilities in several archivers processing .tar Florian Schafferhans (Dec 17)
Florian Weimer
Re: KDE Security Advisory: Multiple vulnerabilities in KDE Florian Weimer (Dec 23)
FORENSICS.ORG Security Coordinator
Full Disclosure: Windows File Protection Old Security Catalog Vulnerability FORENSICS.ORG Security Coordinator (Dec 26)
Full Disclosure: Windows File Protection Arbitrary Certificate Chain Vulnerability FORENSICS.ORG Security Coordinator (Dec 26)
fozzy
Re: KDE Security Advisory: Multiple vulnerabilities in KDE fozzy (Dec 23)
Frog Man
Thatware (PHP) Frog Man (Dec 02)
SPGpartenaires (PHP) Frog Man (Dec 20)
Security Patchs for PHP Products Frog Man (Dec 16)
WAnewsletter (PHP) Frog Man (Dec 19)
Re: XSS and Path Disclosure in UPB Frog Man (Dec 10)
MyPHPLinks (PHP) : SQL Injection Frog Man (Dec 14)
PHP-Nuke 6.0 : Path Disclosure & Cross Site Scripting Frog Man (Dec 16)
PEEL (PHP) Frog Man (Dec 31)
FX
Cisco IOS EIGRP Network DoS FX (Dec 19)
Gianni Tedesco
Multiple vulnerabilities in akfingerd Gianni Tedesco (Dec 05)
Global InterSec Research
[GIS 2002101601] SkyStream Admin Shell Privilege Escalation. Global InterSec Research (Dec 27)
gobbles
iDefense Security Advisory gobbles (Dec 12)
grazer
Cobalt RaQ4 Remote root exploit grazer (Dec 05)
Hacknisty
Re: Foundstone Research Labs Advisory - Multiple Exploitable Buffer Overflows in Winamp (fwd) Hacknisty (Dec 23)
http-equiv () excite com
CITIBANK [CANADA]: INTERNET EXPLORER BROWSERS http-equiv () excite com (Dec 30)
Ian Nguyen
Re: Password Hole Found In Webshots Ian Nguyen (Dec 12)
iDEFENSE Labs
iDEFENSE Security Advisory 12.23.02: Integer Overflow in pdftops iDEFENSE Labs (Dec 23)
iDEFENSE Security Advisory 12.19.02: Multiple Security Vulnerabilities in Common Unix Printing System (CUPS) iDEFENSE Labs (Dec 19)
Ing. Bernardo Lopez
PHPNuke 6.0 path disclosure [again] Ing. Bernardo Lopez (Dec 23)
James Morris
Re: Local Netfilter / IPTables IP Queue PID Wrap Flaw James Morris (Dec 03)
Local Netfilter / IPTables IP Queue PID Wrap Flaw James Morris (Dec 03)
Jan Rutkowski
Bypassing Integrity Protection Driver (time vulnerability) Jan Rutkowski (Dec 02)
jari.helenius
Potential Vuln in McAfee VirusScan 451 jari.helenius (Dec 02)
Jason Coombs
RE: Kerberos login sniffer and cracker for Windows 2000/XP Jason Coombs (Dec 02)
Jay Beale
Re: Solaris priocntl exploit Jay Beale (Dec 02)
Jim Knoble
Re: Fw: CERT Advisory CA-2002-34 Buffer Overflow in Solaris X Window Font Service Jim Knoble (Dec 05)
Joel Maslak
Visual SourceSafe - Preliminary Observations Joel Maslak (Dec 30)
Joe Testa
Re: iDEFENSE Security Advisory 12.19.02: Multiple Security Vulnerabilities in Common Unix Printing System (CUPS) Joe Testa (Dec 21)
John Eisenschmidt
Advisory: Lawson Financials RDBMS Insecurity John Eisenschmidt (Dec 02)
John Tolmachofft
RE: User downgraded from Administrator to User retains the ability to list other user's running tasks John Tolmachofft (Dec 01)
Jonathan Angliss
Re: SquirrelMail v1.2.9 XSS bugs Jonathan Angliss (Dec 05)
jrodriga
Proxy vulnerability in TrendMicro InterScan-VirusWall V3.6 jrodriga (Dec 23)
KF
SAP database local root via symlink KF (Dec 04)
KiLL CoLe
Cross-site scripting vulnerability in CF 5.0 KiLL CoLe (Dec 16)
K. K. Mookhey
Password Disclosure in Cryptainer K. K. Mookhey (Dec 16)
konto mailingowe
RE: Directory traversal vulnerabilities in several archivers processing .tar konto mailingowe (Dec 20)
Kurt Seifried
Re: [VulnWatch] Password Disclosure in Cryptainer Kurt Seifried (Dec 17)
Re: [VulnWatch] proftpd <=1.2.7rc3 DoS Kurt Seifried (Dec 12)
Re: [VulnWatch] proftpd <=1.2.7rc3 DoS Kurt Seifried (Dec 10)
Liu Die Yu
Poisonous Style for Dialog window turns the zone off. Liu Die Yu (Dec 03)
(MSIE)A rather old trick for web server is now played on MSIE. Liu Die Yu (Dec 26)
XSS flaw found at "https://www.e-gold.com" Liu Die Yu (Dec 12)
Louie Conceicao
FW: SQL Injection Solved Louie Conceicao (Dec 13)
luca.ercoli () inwind it
Enceladus Server Suite traversal directory vulnerability luca.ercoli () inwind it (Dec 11)
WebReflex Directory Traversal Vulnerability luca.ercoli () inwind it (Dec 06)
Mandrake Linux Security Team
MDKSA-2002:087 - Updated MySQL packages fix multiple vulnerabilities Mandrake Linux Security Team (Dec 18)
MDKSA-2002:085 - Updated WindowMaker packages fix buffer overflow vulnerability Mandrake Linux Security Team (Dec 03)
MDKSA-2002:082-1 - Updated python packages fix local arbitrary code execution vulnerability Mandrake Linux Security Team (Dec 10)
MDKSA-2002:084 - Updated pine packages fix buffer overflow vulnerability Mandrake Linux Security Team (Dec 03)
MDKSA-2002:068-1 - Updated apache packages fix multiple vulnerabilities Mandrake Linux Security Team (Dec 18)
MDKSA-2002:086 - Updated wget packages fix directory traversal vulnerability Mandrake Linux Security Team (Dec 12)
Marc Druilhe
Re: XSS and PHP include bug in W-Agora Marc Druilhe (Dec 20)
Marc Maiffret
PNG (Portable Network Graphics) Deflate Heap Corruption Vulnerability Marc Maiffret (Dec 12)
Macromedia Shockwave Flash Malformed Header Overflow #2 Marc Maiffret (Dec 17)
Marc Ruef
Missing admin sql password in Okena StormWatch Marc Ruef (Dec 18)
Marc Slemko
Re: 'printenv' XSS vulnerability Marc Slemko (Dec 23)
Marcus Gavel
RE: Missing admin sql password in Okena StormWatch Marcus Gavel (Dec 19)
Martin Schulze
[SECURITY] [DSA 215-1] New cyrus-imapd packages fix remote command execution Martin Schulze (Dec 23)
[SECURITY] [DSA 218-1] New bugzilla packages fix cross site scripting problem Martin Schulze (Dec 30)
[SECURITY] [DSA 202-1] New IM packages fix insecure temporary file creation Martin Schulze (Dec 03)
[SECURITY] [DSA 202-2] New IM packages correct hidden architecture dependency Martin Schulze (Dec 06)
[SECURITY] [DSA 211-1] New mICQ packages fix denial of service Martin Schulze (Dec 13)
[SECURITY] [DSA 213-1] New libpng packages fix buffer overflow Martin Schulze (Dec 19)
[SECURITY] [DSA 219-1] New dhcpcd packages fix remote command execution vulnerability Martin Schulze (Dec 31)
[SECURITY] [DSA 216-1] New fetchmail packages fix buffer overflow Martin Schulze (Dec 24)
[SECURITY] [DSA 192-2] New html2ps packages correct fix against arbitrary code execution Martin Schulze (Dec 06)
[SECURITY] [DSA 203-1] New smb2www packages fix arbitrary command execution Martin Schulze (Dec 04)
[SECURITY] [DSA 214-1] New kdentwork packages fix buffer overflows Martin Schulze (Dec 20)
[SECURITY] [DSA 207-1] New tetex-lib packages fix arbitrary command execution Martin Schulze (Dec 11)
[SECURITY] [DSA 201-1] New Free/SWan packages fix denial of service Martin Schulze (Dec 02)
[SECURITY] [DSA 217-1] New typespeed packages fix buffer overflow Martin Schulze (Dec 27)
[SECURITY] [DSA 208-1] New Perl packages correct Safe handling Martin Schulze (Dec 12)
[SECURITY] [DSA 204-1] New kdlibs packages fix arbitrary program execution Martin Schulze (Dec 05)
Matthew Murphy
Advisory: Webster HTTP Server Matthew Murphy (Dec 02)
Multiple pServ Remote Buffer Overflow Vulnerabilities Matthew Murphy (Dec 02)
Matthias Andree
gfxboot allows boot password circumvention, SuSE 8.1 GRUB Matthias Andree (Dec 18)
Leafnode security announcement SA:2002:01 Matthias Andree (Dec 30)
Re: Cyrus SASL library buffer overflows Matthias Andree (Dec 10)
Michael S. Scheidell
[VU#317417] Denial of Service condition in vxworks ftpd/3com nbx Michael S. Scheidell (Dec 02)
Michal Zalewski
RAZOR advisory: Linux 2.2.xx /proc/<pid>/mem mmap() vulnerability Michal Zalewski (Dec 17)
[RAZOR] Problems with mkstemp() Michal Zalewski (Dec 20)
Mike Cramp
Zeroo Webserver remote directory traversal exploit Mike Cramp (Dec 03)
Mischa Krilov
Re: Foundstone Research Labs Advisory - Multiple Exploitable Buff er Overflows in Winamp (fwd) Mischa Krilov (Dec 20)
Mitja Kolsek (ACROS Lists)
Security Paper: Session Fixation Vulnerability in Web-based Applications Mitja Kolsek (ACROS Lists) (Dec 18)
mlh
Re: export LD_LIBRARY_PATH in /etc/profile.d/* files mlh (Dec 17)
Muhammad Faisal Rauf Danka
Fwd: CERT Advisory CA-2002-36 Multiple Vulnerabilities in SSH Implementations Muhammad Faisal Rauf Danka (Dec 17)
CERT Advisory CA-2002-35 Vulnerability in RaQ 4 Servers (fwd) Muhammad Faisal Rauf Danka (Dec 12)
Fw: CERT Advisory CA-2002-34 Buffer Overflow in Solaris X Window Font Service Muhammad Faisal Rauf Danka (Dec 03)
nCipher Support
nCipher Advisory #6: Access control defects in PKCS#11 keys nCipher Support (Dec 20)
NGSSoftware Insight Security Research
RealNetworks HELIX Server Buffer Overflow Vulnerabilities (#NISR20122002) NGSSoftware Insight Security Research (Dec 20)
zkfingerd 0.9.1 format string vulnerabilities (#NISR16122002A) NGSSoftware Insight Security Research (Dec 16)
PFinger 0.7.8 format string vulnerability (#NISR16122002B) NGSSoftware Insight Security Research (Dec 16)
OpenPKG
[OpenPKG-SA-2002.016] OpenPKG Security Advisory (fetchmail) OpenPKG (Dec 17)
[OpenPKG-SA-2002.015] OpenPKG Security Advisory (tetex) OpenPKG (Dec 16)
[OpenPKG-SA-2002.013] OpenPKG Security Advisory (mysql) OpenPKG (Dec 16)
[OpenPKG-SA-2002.014] OpenPKG Security Advisory (perl) OpenPKG (Dec 16)
Ory Segal
VisNetic WebSite XSS vulnerability through HTTP referer header Ory Segal (Dec 12)
Paul Szabo
Matlab /tmp usage Paul Szabo (Dec 23)
Pavel Kankovsky
Re: Solaris priocntl exploit Pavel Kankovsky (Dec 23)
Pedram Amini
Captaris (Infinite) WebMail XSS Pedram Amini (Dec 16)
Peter Kruse
Denial of Service vulnerability in VisNetic Website Peter Kruse (Dec 11)
ph33r
Advisory Title: iASP Remote Console Applet Allows Remote ph33r (Dec 13)
phrackstaff
PHRACK #60 HAS BEEN RELEASED phrackstaff (Dec 28)
Pry
Historic blackhat archives exposed Pry (Dec 18)
Rapid 7 Security Advisories
R7-0009: Vulnerabilities in SSH2 Implementations from Multiple Vendors Rapid 7 Security Advisories (Dec 16)
rich
export LD_LIBRARY_PATH in /etc/profile.d/* files rich (Dec 17)
Richard M. Smith
Wired.com: So Many Holes, So Few Hacks Richard M. Smith (Dec 30)
Richard Stanway
RE: Foundstone Research Labs Advisory - Multiple Exploitable Buffer Overflows in Winamp (fwd) Richard Stanway (Dec 21)
Richard van den Berg
ShopFactory shopping cart price manipulation Richard van den Berg (Dec 02)
Robert Tracz
Re: CAIS-ALERT: Vulnerability in the sending requests control of BIND Robert Tracz (Dec 02)
Rob klein Gunnewiek
Re: [VulnWatch] proftpd <=1.2.7rc3 DoS Rob klein Gunnewiek (Dec 11)
proftpd <=1.2.7rc3 DoS Rob klein Gunnewiek (Dec 11)
Russ
RE: Sygate Personal Firewall can be shut down without a need to supply a password - although one is required Russ (Dec 06)
Russell Garrett
RE: Foundstone Research Labs Advisory - Multiple Exploitable Buffer Overflows in Winamp (fwd) Russell Garrett (Dec 21)
Ryan Cleary
Re: [Fwd: [RHSA-2002:196-09] Updated xinetd packages fix denial of service vulnerability] Ryan Cleary (Dec 05)
Scott Howard
Re: Solaris priocntl exploit - Sol8 patches available Scott Howard (Dec 27)
Sebastian Krahmer
SuSE Security Announcement: cyrus-imapd (SuSE-SA:2002:048) Sebastian Krahmer (Dec 20)
SuSE Security Announcement: OpenLDAP2 (SuSE-SA:2002:047) Sebastian Krahmer (Dec 06)
secure
[CLA-2002:553] Conectiva Linux Security Announcement - kernel 2.4 secure (Dec 16)
[CLA-2002:557] Conectiva Linux Security Announcement - cyrus-imapd secure (Dec 27)
[CLA-2002:555] Conectiva Linux Security Announcement - MySQL secure (Dec 17)
[CLA-2002:552] Conectiva Linux Security Announcement - wget secure (Dec 13)
[CLA-2002:556] Conectiva Linux Security Announcement - openldap secure (Dec 19)
[CLA-2002:551] Conectiva Linux Security Announcement - pine secure (Dec 04)
[CLA-2002:554] Conectiva Linux Security Announcement - fetchmail secure (Dec 16)
security
Security Update: [CSSA-2002-056.0] Linux: apache vulnerabilities in shared memory, DNS, and ApacheBench security (Dec 06)
Security Update: [CSSA-2002-055.0] Linux: RPC XDR buffer overflow security (Dec 04)
Security Update: [CSSA-2002-059.0] Linux: multiple vulnerabilities in BIND (CERT CA-2002-31) security (Dec 20)
Security Update: [CSSA-2002-SCO.43] UnixWare 7.1.1 Open UNIX 8.0.0 : closed file descriptor race vulnerability security (Dec 09)
Security Update: [CSSA-2002-054.0] Linux: exploitable memory leak in ypserv security (Dec 04)
zkfingerd remote exploit security (Dec 23)
Security Update: [CSSA-2002-058.0] Linux: buffer overflow in nss_ldap DNS SRV security (Dec 11)
Security Update: [CSSA-2002-SCO.44] UnixWare 7.1.1 Open UNIX 8.0.0 : uudecode performs inadequate checks on user-specified output files security (Dec 11)
Security Update: [CSSA-2002-057.0] Linux: groff pic buffer overflow security (Dec 07)
SecurityFocus
Re: Cross-site scripting vulnerability in CF 5.0 SecurityFocus (Dec 16)
securma massine
Eserv remote denial of service securma massine (Dec 13)
Hyperion FTP Server buffer overflow securma massine (Dec 23)
TFTP32 DOS securma massine (Dec 10)
Multiple vulnerability in Enceladus Server securma massine (Dec 19)
Seth Knox
RE: Sygate Personal Firewall can be shut down without a need to s upply a password - although one is required Seth Knox (Dec 10)
Sygate Personal Firewall can be shut down without a need to suppl y Seth Knox (Dec 05)
SGI Security Coordinator
BIND Name Server DNS Spoofing Vulnerability on IRIX SGI Security Coordinator (Dec 05)
Buffer Overflow Vulnerability in X Font Server on IRIX SGI Security Coordinator (Dec 04)
Directory Traversal Vulnerability in FTP Client on IRIX SGI Security Coordinator (Dec 13)
Multiple Vulnerabilities in BIND Name Service Daemon on IRIX SGI Security Coordinator (Dec 04)
Samba Security Vulnerability on IRIX SGI Security Coordinator (Dec 05)
Shutters, Mike
RE: Foundstone Research Labs Advisory - Multiple Exploitable Buff er Overflows in Winamp (fwd) Shutters, Mike (Dec 20)
RE: Password Hole Found In Webshots - (Webshots Confirmed) Shutters, Mike (Dec 19)
snsadv
Windows XP Disclosure of Registered AP Information snsadv (Dec 04)
[SNS Advisory No.59] Buffalo Wireless LAN Access Point Denial of Service Vulnerability (was Re: Buffalo AP Denial of Service) snsadv (Dec 03)
snsadv () lac co jp
[SNS Advisory No.60 rev.2] Windows XP Disclosure of Registered AP Information snsadv () lac co jp (Dec 24)
Stefan Esser
RE: PFinger 0.7.8 format string vulnerability (#NISR16122002B) Stefan Esser (Dec 16)
Advisory 05/2002: Another Fetchmail Remote Vulnerability Stefan Esser (Dec 13)
Advisory 04/2002: Multiple MySQL vulnerabilities Stefan Esser (Dec 12)
Re: PFinger 0.7.8 format string vulnerability (#NISR16122002B) Stefan Esser (Dec 17)
Stephan Sachweh
Antwort: Openwebmail 1.71 remote root compromise Stephan Sachweh (Dec 23)
Stephen Samuel
Re: Directory traversal vulnerabilities in several archivers processing .tar Stephen Samuel (Dec 19)
Re: Directory Traversal Vulnerabilities in FTP Clients Stephen Samuel (Dec 12)
Steven M. Christey
Directory Traversal Vulnerabilities in FTP Clients Steven M. Christey (Dec 11)
Tabor J. Wells
Re: Local root vulnerability found in exim 4.x (and 3.x) Tabor J. Wells (Dec 05)
Re: Local root vulnerability found in exim 4.x (and 3.x) Tabor J. Wells (Dec 05)
Tamer Sahin
[SecurityOffice] Enceladus Server Suite v3.9 Buffer Overflow Vulnerability Tamer Sahin (Dec 09)
[SecurityOffice] Polycom Video Conference System Management Server Authentication Bypass Vulnerability Tamer Sahin (Dec 20)
Thomas Biege
Re: TracerouteNG - never ending story Thomas Biege (Dec 05)
Thor Larholm
Notes on MS02-068, extensive downplaying of severity Thor Larholm (Dec 05)
tigerblue
possible virus break in german exchange option of Inoculate IT 6.0 tigerblue (Dec 02)
Timo Sirainen
Cyrus Sieve / libSieve buffer overflow Timo Sirainen (Dec 02)
Cyrus SASL library buffer overflows Timo Sirainen (Dec 09)
pre-login buffer overflow in Cyrus IMAP server Timo Sirainen (Dec 02)
Trustix Secure Linux Advisor
TSLSA-2002-0087 - perl Trustix Secure Linux Advisor (Dec 19)
TSLSA-2002-0083 - kernel Trustix Secure Linux Advisor (Dec 19)
TSLSA-2002-0085 - lynx-ssl Trustix Secure Linux Advisor (Dec 19)
TSLSA-2002-0086 - mysql Trustix Secure Linux Advisor (Dec 19)
TSLSA-2002-0084 - tcpdump Trustix Secure Linux Advisor (Dec 19)
TSLSA-2002-0089 - wget Trustix Secure Linux Advisor (Dec 19)
UkR security team™
MTPSR1-120 Firewall Proxy configuration software UkR security team™ (Dec 11)
Ulf Harnhammar
PHP-Nuke mail CRLF Injection vulnerabilities Ulf Harnhammar (Dec 20)
PHP-Nuke code execution and XSS vulnerabilities Ulf Harnhammar (Dec 16)
Vagner Sacramento
RE: CAIS-ALERT: Vulnerability in the sending requests control of BIND Vagner Sacramento (Dec 02)
Val Deux
Anyone can read all XOOPS private messages Val Deux (Dec 13)
Valdis . Kletnieks
Re: PFinger 0.7.8 format string vulnerability (#NISR16122002B) Valdis . Kletnieks (Dec 17)
Volker Tanger
Proxy vulnerability in TrendMicro InterScan-VirusWall V3.6 Volker Tanger (Dec 05)
Wana Thomas
Local root vulnerability found in exim 4.x (and 3.x) Wana Thomas (Dec 04)
Wichert Akkerman
[SECURITY] [DSA-209-1] two wget problems Wichert Akkerman (Dec 12)
[SECURITY] [DSA-206-1] tcpdump BGP decoding error Wichert Akkerman (Dec 10)
[SECURITY] [DSA-205-1] gtetrinet buffer overflows Wichert Akkerman (Dec 10)
[SECURITY] [DSA-210-1] lynx CRLF injection Wichert Akkerman (Dec 12)
[SECURITY] [DSA-212-1] Multiple MySQL vulnerabilities Wichert Akkerman (Dec 17)
xatr0z
XSS and PHP include bug in W-Agora xatr0z (Dec 20)
zen-parse
Re: iDEFENSE Security Advisory 12.19.02: Multiple Security Vulnerabilities in Common Unix Printing System (CUPS) zen-parse (Dec 21)
Zero-X www.lobnan.de Team
KunaniFTP-Server v.1.0.10 allows dictionary traversal Zero-X www.lobnan.de Team (Dec 10)