Bugtraq: by date
RSS Feed
About List
All Lists
Previous period
681 messages
starting Feb 02 04 and
ending Feb 28 04
Date index |
Thread index |
Author index
Monday, 02 February
RE: virus handling Rainer Gerhards
Re: RFC: virus handling 3APA3A
http://www.smashguard.org Hilmi Ozdoganoglu
MDKSA-2004:006-1 - Updated gaim packages fix multiple vulnerabilities Mandrake Linux Security Team
Advisory ! Mr Serbia
outbreak warning: new Myydoom.B is out Gadi Evron
Re: RFC: virus handling Sascha Wilde
Re: Remote exploit in Gallery 1.3.1, 1.3.2, 1.3.3, 1.4 and 1.4.1 Matus UHLAR - fantomas
Re: new WIN virus? markus-1977
RFC: content-filter and AV notifications (Was: Re: RFC: virus handling) Andrey G. Sergeev (AKA Andris)
Re: new WIN virus? pna.lists
Mydoom DDoS attack time table Gadi Evron
Re: [Full-Disclosure] outbreak warning: new Myydoom.B is out Gadi Evron
MS to stop allowing passwords in URLs McAllister, Andrew
Re: RFC: virus handling Pavel Levshin
Re: Major hack attack on the U.S. Senate Mariusz Woloszyn
Re: new WIN virus? Atom 'Smasher'
Re: RFC: virus handling Jeremy Mates
Re: new WIN virus? Atom 'Smasher'
Web Blog 1.1 Remote Execute Commands Bug ActualMInd
Re: RFC: virus handling Piotr KUCHARSKI
[SECURITY] [DSA 431-1] New perl packages fix information leak in suidperl Matt Zimmerman
Re: new WIN virus? K-OTiK Security
Re: vulnerabilities of postscript printers Georg Lutz
Re: Oracle toplink mapping workbench password algorithm Martin
CoDeX-W0rm - what happened here? Chuck Rock
sqwebmail web login Marco Marabelli
0verkill - little simple vulnerability. Adam Zabrocki
[FLSA-2004:1193] Updated ethereal resolves security vulnerabilites Jesse Keating
[SCSA-027] PHP-Nuke 6.9 SQL Injection Vulnerability advisory
another Trojan with the ADO hole? + a twist in the story Gadi Evron
Re: RFC: virus handling Patrick Proniewski
[FLSA-2004:1222] Updated tcpdump resolves security vulnerabilites (resend with correct paths) Jesse Keating
Vulnerabilities in Crob FTP Server V3.5.1 Zero_X www . lobnan . de Team
Re: Oracle toplink mapping workbench password algorithm Pete Finnigan
Refuting tall-tales and stories about the Mydoom worms Gadi Evron
Symlink Vulnerability in GNU libtool <1.5.2 Stefan Nordhausen
Re: RFC: virus handling Craig Morrison
Directory Traversal in Aprox PHP Portal. Zero_X www . lobnan . de Team
Re: new WIN virus? Gregor Lawatscheck
Re: virus handling Mike Healan
BUG IN APACHE HTTPD SERVER (current version 2.0.47) Vietnamese Security Group
Re: RFC: virus handling John Fitzgibbon
Denial Of Service in ChatterBox 2.0 Donato Ferrante
Re: RFC: virus handling Daniele Orlandi
[HUC] Serv-U FTPD 3.x/4.x "SITE CHMOD" Command remote exploit V2.0 lion
Re: RFC: virus handling Pavel Kankovsky
Re: RFC: virus handling Dave Aronson
Re: vulnerabilities of postscript printers Dragos Ruiu
Re: Fw: phpBB privmsg.php XSS vulnerability patch. Micheal Cottingham
PHP Code Injection Vulnerabilities in phpGedView 2.65.1 and prior Cedric Cochin
Tuesday, 03 February
ZH2004-03SA (security advisory): Photopost PHP Pro 4.6 Sql Injection Vulnerability ZetaLabs
[waraxe-2004-SA#001] - Script injection in GBook for Php-Nuke ver. 1.0 Janek Vind
Re: BUG IN APACHE HTTPD SERVER (current version 2.0.47) André Malo
Arbitrary File Disclosure Vulnerability in phpMyAdmin 2.5.5-pl1 and prior Cedric Cochin
Re: Symlink Vulnerability in GNU libtool <1.5.2 Joseph S. Myers
Re: Symlink Vulnerability in GNU libtool <1.5.2 Stefan Nordhausen
X-Cart vulnerability Philip
RE: http://www.smashguard.org Dave Paris
[SECURITY] [DSA 432-1] New crawl packages fix potential local games exploit Martin Schulze
Re: BUG IN APACHE HTTPD SERVER (current version 2.0.47) Vietnamese Security Group
Cisco Security Advisory: Cisco 6000/6500/7600 Crafted Layer 2 Frame Vulnerability Cisco Systems Product Security Incident Response Team
RE: virus handling Shaun Bertrand
RE: MS to stop allowing passwords in URLs Fergus Brooks
Re: MS to stop allowing passwords in URLs N407ER
Re: MS to stop allowing passwords in URLs Dave Warren
getting rid of outbreaks and spam (junk) [WAS: Re: RFC: virus handling] Gadi Evron
Re: RFC: virus handling James C. Slora Jr.
Re: sqwebmail web login Antonio Messina
Re: RFC: virus handling David F. Skoll
Re: [security] Re: Major hack attack on the U.S. Senate rsh
Re: MS to stop allowing passwords in URLs Vinny Abello
Re: Major hack attack on the U.S. Senate Christian Vogel
Re: sqwebmail web login scott . jefferd
Re: sqwebmail web login Brian Bothwell
Re: MS to stop allowing passwords in URLs Ansgar -59cobalt- Wiechers
RE: MS to stop allowing passwords in URLs Francis Favorini
Les Commentaires (PHP) Include file Himeur Nourredine
Remote crash of Chaser game <= 1.50 Luigi Auriemma
Hysterical first technical alert from US-CERT Larry Seltzer
RE: MS to stop allowing passwords in URLs Andrew Harwood
DIMVA 2004 deadline extended Thomas Biege
Re: RFC: content-filter and AV notifications (Was: Re: RFC: virus handling) Peter J. Holzer
Re: MS to stop allowing passwords in URLs 3APA3A
Re: MS to stop allowing passwords in URLs Dave McCormick
Sandblad #12: Inject javascript url in history list (revisited) Andreas Sandblad
Re: RFC: virus handling Dave Clendenan
Re: MS to stop allowing passwords in URLs Nick FitzGerald
Re: RFC: virus handling Matthew Dharm
RE: CoDeX-W0rm - what happened here? Michael Marziani
Re: CoDeX-W0rm - what happened here? Charley Hamilton
RE: RFC: virus handling David Brodbeck
RE: MS to stop allowing passwords in URLs Thor Larholm
Decompression Bombs Matthias Leu
Re: MS to stop allowing passwords in URLs Sam Schinke
Re: MS to stop allowing passwords in URLs Paul Smith
Re: http://www.smashguard.org Nicholas Weaver
RE: MS to stop allowing passwords in URLs Richard M. Smith
Web Crossing 4.x/5.x Denial of Service Vulnerability Peter Winter-Smith
Re: Major hack attack on the U.S. Senate Ron DuFresne
RE: MS to stop allowing passwords in URLs Joe Weisenberger
Re: MS to stop allowing passwords in URLs David B Harris
RE: MS to stop allowing passwords in URLs (Summary) McAllister, Andrew
Re: Major hack attack on the U.S. Senate Daniel . Capo
RE: Major hack attack on the U.S. Senate David Schwartz
Multiple Vulnerabilities in PHPX mantra
Re: Technical Details of Urlcount.cgi Vulnerability Tom Hanlin
Wednesday, 04 February
Re: RFC: virus handling Volker Kuhlmann
Re: Symlink Vulnerability in GNU libtool <1.5.2 Scott James Remnant
Re: Fw: phpBB privmsg.php XSS vulnerability patch. Truthless
[SECURITY] [DSA 433-1] New Linux 2.4.17 packages fix local root exploit (mips+mipsel) Martin Schulze
Re: [Full-Disclosure] smbmount disrupts Windows file sharing. Daniel Kabs [ML]
Re: BUG IN APACHE HTTPD SERVER (current version 2.0.47) langtuhaohoa caothuvolam
TYPSoft FTP Server 1.10 may be crashed intuit bug_hunter
RE: [Full-Disclosure] smbmount disrupts Windows file sharing. Steve Wray
Re: getting rid of outbreaks and spam (junk) [WAS: Re: RFC: virus handling] James A. Thornton
Re: [security] Re: Major hack attack on the U.S. Senate Bernie, CTA
smbmount disrupts Windows file sharing. Daniel Kabs [ML]
Re: RFC: virus handling Casper Dik
Re: BUG IN APACHE HTTPD SERVER (current version 2.0.47) André Malo
ZH2004-04SA (security advisory): Multiple Sql Injection Vulnerabilities in ReviewPost PHP Pro ZetaLabs
iDEFENSE Security Advisory 02.04.04: GNU Radius Remote Denial of Service Vulnerability labs
Re: CoDeX-W0rm - what happened here? Simon
rxgoogle.cgi XSS Vulnerability. Shaun Colley
Re: MS to stop allowing passwords in URLs Östlund
Re: http://www.smashguard.org Leon Harris
RE: CoDeX-W0rm - what happened here? James C Slora Jr
RE: Hysterical first technical alert from US-CERT Eggers, Bill A [LTD]
Re: Snort-inline Federico Petronio
Re: Hysterical first technical alert from US-CERT Valdis . Kletnieks
Re: sqwebmail web login Tim Nelson
Re: RFC: virus handling Ben Wheeler
Re: Hysterical first technical alert from US-CERT Valdis . Kletnieks
Re: getting rid of outbreaks and spam (junk) James Riden
Thursday, 05 February
Security Advisory: CSS Vulnerability in Web Froums Server 1.6 nimber
RE: Hysterical first technical alert from US-CERT Larry Seltzer
RE: MS to stop allowing passwords in URLs NESTING, DAVID M (SBCSI)
announce: new mailing list - application security research - from vulnerabilities to code injection. Gadi Evron
Re: Symlink Vulnerability in GNU libtool <1.5.2 Stefan Nordhausen
[PINE-CERT-20040201] reference count overflow in shmat() Joost Pol
IRIX userland binary vulnerabilities update SGI Security Coordinator
IBM cloudscape SQL Database (DB2J) vulnerable to remote command injection Marc Schoenefeld
FreeBSD Security Advisory FreeBSD-SA-04:02.shmat FreeBSD Security Advisories
Re: http://www.smashguard.org Seth Arnold
[SECURITY] [DSA 434-1] New gaim packages fix several vulnerabilities Martin Schulze
Multiple File Format Vulnerabilities (Overruns) in REALOne & RealPlayer NGSoftware Insight Security Research
Re: MS to stop allowing passwords in URLs Sam Schinke
Re: Hysterical first technical alert from US-CERT Philip Rowlands
RE: Hysterical first technical alert from US-CERT - CERT#25304 Steen Larsen
RE: Hacking USB Thumbdrives, Thumprint authentication markus-1977
Re: TYPSoft FTP Server 1.10 may be crashed Maxim Polyakov
Re: BUG IN APACHE HTTPD SERVER (current version 2.0.47) Dan Yefimov
[CLA-2004:811] Conectiva Security Announcement - libtool Conectiva Updates
[RHSA-2004:020-01] Updated mailman packages close cross-site scripting vulnerabilities bugzilla
OpenBSD IPv6 remote kernel crash Thor Larholm
Checkpoint 4.1 Vulnerability Macroscape Solutions
Re: X-Cart vulnerability Dmitry
Two checkpoint fw-1/vpn-1 vulns Bjørnar Bjørgum Larsen
Re: Symlink Vulnerability in GNU libtool <1.5.2 jsm
Re: getting rid of outbreaks and spam (junk) [WAS: Re: RFC: virus handling] der Mouse
Friday, 06 February
MDKSA-2004:009 - Updated glibc packages fix resolver vulnerabilities Mandrake Linux Security Team
Remote crash Xlight ftp server 1.52 intuit e.b.
Possible Cross Site Scripting in Discuz! Board Cheng Peng Su
Re: getting rid of outbreaks and spam Thor Larholm
[RHSA-2004:030-01] Updated NetPBM packages fix multiple temporary file vulnerabilities bugzilla
Re: getting rid of outbreaks and spam (junk) [WAS: Re: RFC: virus handling] Georg Schwarz
Re: BUG IN APACHE HTTPD SERVER 2.0.47/48 (to who replied me) langtuhaohoa caothuvolam
Re: BUG IN APACHE HTTPD SERVER 2.0.47/48 (to who replied me) William A. Rowe, Jr.
Re: Arbitrary File Disclosure Vulnerability in phpMyAdmin 2.5.5-pl1 and prior Security Admin
RE: Decompression Bombs David Bachtel
Re: Major hack attack on the U.S. Senate Thomas M. Payerle
Re: Two checkpoint fw-1/vpn-1 vulns Markus Wernig
Re: Two checkpoint fw-1/vpn-1 vulns Mariusz Woloszyn
Re: Hysterical first technical alert from US-CERT Stephen Samuel
Re: Hysterical first technical alert from US-CERT Andreas Marx
Re: BUG IN APACHE HTTPD SERVER (current version 2.0.47) Seth Arnold
Re: MS to stop allowing passwords in URLs Nick FitzGerald
formmail (PHP) Upload file using CSS Himeur Nourredine
Re: Hysterical first technical alert from US-CERT Andrew Fried
Open Journal Blog Authenticaion Bypassing Vulnerability Tri Huynh
RE: getting rid of outbreaks and spam (junk) Paul Murphy
Re: Hysterical first technical alert from US-CERT Mary Landesman
Linux 2.4.24 with vserver 1.24 exploit Markus Müller
RE: Hacking USB Thumbdrives, Thumprint authentication Navaneetharangan
Re: BUG IN APACHE HTTPD SERVER (current version 2.0.47) Todd C. Campbell
Re: BUG IN APACHE HTTPD SERVER (current version 2.0.47) Tyler Larson
Re: getting rid of outbreaks and spam Dave Warren
RE: Hysterical first technical alert from US-CERT Darragh Bailey
Re: Decompression Bombs [...missed something] Bipin Gautam .
Re: Hysterical first technical alert from US-CERT Valdis . Kletnieks
CactuSoft CactuShop 5.0 Lite shopping cart software backdoor S-Quadra Security Research
Apache-SSL security advisory - apache_1.3.28+ssl_1.52 and prior Adam Laurie
Dotnetnuke Multiple Vulnerabilities Ferruh Mavituna
Saturday, 07 February
RE: http://www.smashguard.org Hilmi Ozdoganoglu
[SECURITY] [DSA 435-1] New mpg123 packages fix heap overflow Matt Zimmerman
RE: [security] Re: Major hack attack on the U.S. Senate Larry Seltzer
Re: BUG IN APACHE HTTPD SERVER 2.0.47/48 (to who replied me) Thái
Re: RFC: virus handling Shawn McMahon
Biometric systems security [WAS: Re: Hacking USB Thumbdrives, Thumprint authentication] Gadi Evron
[ GLSA 200402-01 ] PHP setting leaks from .htaccess files on virtual hosts Tim Yamin
Re: http://www.smashguard.org Theo de Raadt
[Fwd: zyxel prestige ethernet information leakage] DiSToAGe
Monday, 09 February
Re: Hacking USB Thumbdrives, Thumprint authentication Dave Aronson
RE: getting rid of outbreaks and spam Larry Seltzer
RE: Decompression Bombs Myron Davis
RE: Hacking USB Thumbdrives, Thumprint authentication David Brodbeck
Re: Decompression Bombs [...missed something] Andreas Marx
The Palace 3.x (Client) Stack Overflow Vulnerability Peter Winter-Smith
Re: [ GLSA 200402-01 ] PHP setting leaks from .htaccess files on virtual hosts Alexander GQ Gerasiov
Eggrop bug cyborgirl () libero it
TrackMania Demo Denial of Service scrap
PalmOS httpd accept() queue overflow DoS vulnerability. Shaun Colley
[SECURITY] [DSA 436-1] New mailman packages fix several vulnerabilities Matt Zimmerman
clamav 0.65 remote DOS exploit Oliver Eikemeier
Outbreak warning: possibly Mydoom.C Gadi Evron
[waraxe-2004-SA#002] - Cross-Site Scripting (XSS) in Php-Nuke 7.1.0 Janek Vind
Re: clamav 0.65 remote DOS exploit Nigel Horne
ptl-2004-01: Multiple vulnerabilities in Nokia phones Pentest Security Advisories
Re: clamav 0.65 remote DOS exploit Oliver Eikemeier
Re: Decompression Bombs Brian Dessent
Re: Outbreak warning: possibly Mydoom.C (Now Deadhat/Vesser) K-OTiK Security
Apache Http Server Reveals Script Source Code to Remote Users And Any Users Can Access The Forbidden Directory ("/WEB-INF/") Wang Yun
[waraxe-2004-SA#003] - SQL injection in Php-Nuke 7.1.0 Janek Vind
RE: Decompression Bombs SBNelson
Round One: "DLL Proxy" Attack Easily Hijacks SSL from Internet Explorer Disclosure From OSSI
Re: Outbreak warning: possibly Mydoom.C (Now Deadhat/Vesser) Gadi Evron
Re: Outbreak warning: possibly Mydoom.C (Now Deadhat/Vesser) Nick FitzGerald
Re: Round One: "DLL Proxy" Attack Easily Hijacks SSL from Internet Explorer Seth Arnold
RE: Outbreak warning: possibly Mydoom.C Thor Larholm
Red-M Red-Alert Multiple Vulnerabilities Bruno Morisson
[local problems] eTrust Virus Protection 6.0 InoculateIT for linux Rene
Re: BUG IN APACHE HTTPD SERVER 2.0.47/48 (to who replied me) Guille -bisho-
Re: TrackMania Demo Denial of Service Luigi Auriemma
Brinkster Multiple Vulnerabilities Ferruh Mavituna
Samba 3.x + kernel 2.6.x local root vulnerability Michal Medvecky
Re: Samba 3.x + kernel 2.6.x local root vulnerability Michael Kjorling
Re: Samba 3.x + kernel 2.6.x local root vulnerability Seth Arnold
RE: Outbreak warning: possibly Mydoom.C (Now Deadhat/Vesser) Larry Seltzer
RE: Round One: "DLL Proxy" Attack Easily Hijacks SSL from Internet Explorer David Schwartz
Re: clamav 0.65 remote DOS exploit Stefan Triller
RE: Round One: "DLL Proxy" Attack Easily Hijacks SSL from Internet Explorer Oliver Lavery
Re: clamav 0.65 remote DOS exploit Mark Renouf
RE: Round One: "DLL Proxy" Attack Easily Hijacks SSL from Internet Explorer Ward Taylor
Re: Samba 3.x + kernel 2.6.x local root vulnerability Patrick J. Volkerding
Re: http://www.smashguard.org Crispin Cowan
Re[2]: http://www.smashguard.org Andrey Kolishak
Re: http://www.smashguard.org Nicholas Weaver
HelpCtr - allow open any page or run Bartosz Kwitkowski
Re: Decompression Bombs Chris Green
Tuesday, 10 February
Directory traversal in RealPlayer allows code execution Jouko Pynnonen
Re: HelpCtr - allow open any page or run Bartosz Kwitkowski
XSS, Sql Injection and Avatar ScriptCode Injection in MaxWebPortal Manuel López
Possible new cross zone scripting in IE Cheng Peng Su
Re: HelpCtr - allow open any page or run N|ghtHawk
ASPR #2004-01-20-1: Internet Explorer/Outlook double null character DoS ACROS Security
Re: http://www.smashguard.org Theo de Raadt
Re: Eggrop bug Jeff Fisher
Re: Round One: "DLL Proxy" Attack Easily Hijacks SSL from Internet Explorer Darren Reed
Re: Outbreak warning: possibly Mydoom.C (Now Deadhat/Vesser) Gadi Evron
[SCAN Associates Sdn Bhd Security Advisory] PHPNuke 6.9 > and below SQL Injection in multiple module. pokley
Re: clamav 0.65 remote DOS exploit Oliver Eikemeier
Re: clamav 0.65 remote DOS exploit Dennis Freise
XBOX EvolutionX ftp 'cd' command and telnet 'dir' buffer overflow icbm
Re: Round One: "DLL Proxy" Attack Easily Hijacks SSL from Internet Explorer Peter Pentchev
Re: Possible new cross zone scripting in IE http-equiv () excite com
Re: Hysterical first technical alert from US-CERT Shawn McMahon
Why are postmasters distributing the MyDoom virus? Richard M. Smith
Re: Eggrop bug Giuseppe
EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Marc Maiffret
EEYE: Microsoft ASN.1 Library Bit String Heap Corruption Marc Maiffret
Another Low Blow From Microsoft: MBSA Failure! dotsecure
MyDoom.A Machines : The new P2P Sharing Network ... K-OTiK Security
RE: Another Low Blow From Microsoft: MBSA Failure! Drew Copley
RE: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Joe Blatz
RE: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Marc Maiffret
[CLA-2004:812] Conectiva Security Announcement - vim Conectiva Updates
RE: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Tina Bird
iDEFENSESecurityAdvisory02.10.04: XFree86FontInformationFileBufferOverflow iDefense Labs
RE: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Marc Maiffret
[CLA-2004:813] Conectiva Security Announcement - gaim Conectiva Updates
Re: Why are postmasters distributing the MyDoom virus? David F. Skoll
Re: Samba 3.x + kernel 2.6.x local root vulnerability Guille -bisho-
Re: vulnerabilities of postscript printers Nicolas Gregoire
RE: getting rid of outbreaks and spam Randal, Phil
Re: Apache Http Server Reveals Script Source Code to Remote Users And Any Users Can Access The Forbidden Directory ("/WEB-INF/") Dave Weis
Re: Outbreak warning: possibly Mydoom.C (Now Doomjuice.A) K-OTiK Security
Re: Outbreak warning: possibly Mydoom.C (Now Deadhat/Vesser) Mary Landesman
RE: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Tim Eddy
Microsoft Virtual PC Services Insecure Temporary File Creation Advisories
RE: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Rainer Gerhards
RE: Outbreak warning: possibly Mydoom.C (Now Deadhat/Vesser) Nick FitzGerald
RE: Why are postmasters distributing the MyDoom virus? Harley David
Re: Round One: "DLL Proxy" Attack Easily Hijacks SSL from Internet Explorer der Mouse
RE: Another Low Blow From Microsoft: MBSA Failure! Joe DeMarco
Wednesday, 11 February
PHP Code Injection Vulnerabilities in ezContents 2.0.2 and prior Cedric Cochin
Scope of latest RealPlayer vuln Simon Brady
ZH2004-05SA (security advisory): Sql Injection Vulnerability in BosDates ZetaLabs
[RHSA-2004:051-01] Updated mutt packages fix remotely-triggerable crash bugzilla
Mutt-1.4.2 fixes buffer overflow. Thomas Roessler
Re: Hacking USB Thumbdrives, Thumprint authentication Eric Murray
RE: Hacking USB Thumbdrives, Thumprint authentication Charles Clancy
Re: Samba 3.x + kernel 2.6.x local root vulnerability Felipe Franciosi
Re: clamav 0.65 remote DOS exploit Khalid J Hosein
Re: Samba 3.x + kernel 2.6.x local root vulnerability Frank Louwers
RE: Hysterical first technical alert from US-CERT Stephen Martin
AIX password enumeration possible Scott J
Re: Round One: "DLL Proxy" Attack Easily Hijacks SSL from Internet Explorer John D. Hardin
RE: Round One: "DLL Proxy" Attack Easily Hijacks SSL from Interne t Explorer Johnson, Jeff FOR:EX
Re: MyDoom.A Machines : The new P2P Sharing Network ... Nicolas Gregoire
RE: Another Low Blow From Microsoft: MBSA Failure! Drew Copley
Re: Hacking USB Thumbdrives, Thumprint authentication Eric 'MightyE' Stevens
RE: Another Low Blow From Microsoft: MBSA Failure Eric Schultze
Re: HelpCtr - allow open any page or run Bartosz Kwitkowski
Denial of Service in Monkey httpd <= 0.8.1 Luigi Auriemma
RE: Hacking USB Thumbdrives, Thumprint authentication David.Cross
RE: Another Low Blow From Microsoft: MBSA Failure! Frank Knobbe
Re: Decompression Bombs Bipin Gautam .
Re: Round One: "DLL Proxy" Attack Easily Hijacks SSL from Internet Explorer Nexus
RE: Samba 3.x + kernel 2.6.x local root vulnerability John . Airey
ISS Security Brief: Microsoft ASN.1 Integer Manipulation Vulnerabilities X-Force
SGI Advanced Linux Environment security update #10 SGI Security Coordinator
Re: Decompression Bombs Myron Davis
Re: Round One: "DLL Proxy" Attack Easily Hijacks SSL from Internet Explorer der Mouse
RE: Another Low Blow From Microsoft: MBSA Failure! Drew Copley
Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption James Riden
XFree86 vulnerability exploit Bender
RE: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Rainer Gerhards
Internet Explorer and Microsoft clipboard poor security policy bool
RE: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Tina Bird
Re: [Full-Disclosure] Another Low Blow From Microsoft: MBSA Failure! morning_wood
RE: Another Low Blow From Microsoft: MBSA Failure! Eric McCarty
Denial of Service in Ratbag's game engine Luigi Auriemma
Re: AIX password enumeration possible alex medvedev
Re: Why are postmasters distributing the MyDoom virus? mgotts
RE: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Alun Jones
Re: [Full-Disclosure] DreamFTP Server 1.02 Buffer Overflow Berend-Jan Wever
Re: [Full-Disclosure] Another Low Blow From Microsoft: MBSA Failure! Valdis . Kletnieks
AIM worm spreading around? Moshe Jacobson
Update - CheckPoint Vulnerabilities Mark Litchfield
Thursday, 12 February
Re: Samba 3.x + kernel 2.6.x local root vulnerability Urban Widmark
[ GLSA 200402-02 ] XFree86 Font Information File Buffer Overflow Tim Yamin
Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Sam Schinke
OpenLinux: slocate local user buffer overflow please_reply_to_security
Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Peter Pentchev
[ GLSA 200402-04 ] Gallery <= 1.4.1 and below remote exploit vulnerability Tim Yamin
[ GLSA 200402-03 ] Monkeyd Denial of Service vulnerability Tim Yamin
RE: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Drew Copley
Re: Round One: "DLL Proxy" Attack Easily Hijacks SSL from Internet Explorer der Mouse
Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Timothy J . Miller
Re: Round One: "DLL Proxy" Attack Easily Hijacks SSL from Internet Explorer Darren Reed
Re: Apache Http Server Reveals Script Source Code to Remote Users And Any Users Can Access The Forbidden Directory ("/WEB-INF/") Peter J. Holzer
Re: Round One: "DLL Proxy" Attack Easily Hijacks SSL from Internet Explorer der Mouse
MDKSA-2004:011 - Updated NetPBM packages fix a number of temporary file bugs. Mandrake Linux Security Team
Re: Update - CheckPoint Vulnerabilities Mark Litchfield
Re: Why are postmasters distributing the MyDoom virus? Georg Schwarz
CA Response: eTrust InoculateIT/Antivirus 6.0 for Linux vulnerability Jensen, Greg
Re: Apache Http Server Reveals Script Source Code to Remote Users And Any Users Can Access The Forbidden Directory ("/WEB-INF/") Oliver Schneider
Re: Update - CheckPoint Vulnerabilities Nicob
Re: Round One: "DLL Proxy" Attack Easily Hijacks SSL from Internet Explorer Darren Reed
RE: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption peter.huang
MDKSA-2004:010 - Updated mutt packages fix remote crash Mandrake Linux Security Team
aimSniff.pl file "deletion" (local) Martin
FW: CA Response: eTrust InoculateIT/Antivirus 6.0 for Linux vulnerability Jensen, Greg
phpnuke 6.9 search module exploit. pokley
Cross Site Scripting in VBulletin forum software Jamie Fisher
iDEFENSE Security Advisory 02.11.04: XFree86 Font Information File Buffer Overflow II iDefense Labs
Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Steve Friedl
W2K source "leaked"? Gadi Evron
RE: W2K source "leaked"? tlarholm
[slackware-security] XFree86 security update (SSA:2004-043-02) Slackware Security Team
[slackware-security] mutt security update (SSA:2004-043-01) Slackware Security Team
RE: Round One: "DLL Proxy" Attack Easily Hijacks SSL from Internet Explorer Disclosure From OSSI
Symlink vulnerabilities in mailmgr Marco van Berkum
Re: Round One: "DLL Proxy" Attack Easily Hijacks SSL from Internet Explorer Glynn Clements
crob ftpd Denial of Service gsicht gsicht
Friday, 13 February
RE: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Boyce, Nick
RE: AIM worm spreading around? Tim Walraven
[SECURITY] [DSA 437-1] New cgiemail packages fix open mail relaying Matt Zimmerman
RE: W2K source "leaked"? Drew Copley
Re: Scope of latest RealPlayer vuln Simon Brady
Sami FTP Server 1.1.3 multiple vulnerabilities intuit e.b.
RE: [Full-Disclosure] RE: W2K source "leaked"? Andre Ludwig
Re: W2K source "leaked"? VÃctor
Re: W2K source "leaked"? VÃctor
Windows 2000 Source Leak Verified. Get ready for the havoc. dotsecure
Re: W2K source "leaked"? Zhenkai Liang
Re: W2K source "leaked"? telec
Microsoft Windows 2000 source code leaked Marc Bejarano
Windows2000 who relase the code? bladi
RE: W2K source "leaked"? tlarholm
RE: Apache Http Server Reveals Script Source Code to Remote Users And Any Users Can Access The Forbidden Directory ("/WEB-INF/") Alun Jones
Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Thor Lancelot Simon
Re: Samba 3.x + kernel 2.6.x local root vulnerability Darren Reed
TSLSA-2004-0006 - mutt Trustix Security Advisor
MDKSA-2004:012 - Updated XFree86 packages fix buffer overflow vulnerabilities Mandrake Linux Security Team
Re: Apache Http Server Reveals Script Source Code to Remote Users And Any Users Can Access The Forbidden Directory ("/WEB-INF/") André Malo
MDKSA-2004:013 - Updated mailman packages close various cross-site scripting vulnerabilities. Mandrake Linux Security Team
Re: XFree86 vulnerability exploit Adam Langley
[RHSA-2004:059-01] Updated XFree86 packages fix privilege escalation vulnerability bugzilla
[RHSA-2004:048-01] Updated PWLib packages fix protocol security issues bugzilla
Immunix Secured OS 7.3 XFree86 update Immunix Security Team
DallasCon 2004 Information Security Conference and Boot Camp Bruce Khodabakhsh
RE: ISS Security Rip: Microsoft ASN.1 (Half a sploit) kradhatman
vBulletin PHP Forum Version Rafel Ivgi, The-Insider
[FLSA-2004:1232] Updated slocate resolves security vulnerabilites Jesse Keating
Re: Round One: "DLL Proxy" Attack Easily Hijacks SSL from Internet Explorer carlo
RE: [Full-Disclosure] Re: W2K source "leaked"? Drew Copley
Re: Apache Http Server Reveals Script Source Code to Remote Users And Any Users Can Access The Forbidden Directory ("/WEB-INF/") Bill Stoddard
Sunday, 15 February
RE: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Bill Gallagher
Re: AIX password enumeration possible Sven Specker
Monday, 16 February
Symantec FireWall/VPN Appliance model 200 leak of security Davide Del Vecchio
Possible race condition in Symantec AntiVirus Scan Engine for Red Hat Linux during LiveUpdate Dr. Peter Bieringer
Exploit based on leaked code released. Christopher Carboni
Broadcast client buffer-overflow in Purge Jihad <= 2.0.1 Luigi Auriemma
problems with database files in 'SignatureDB' LynX
Buffer overflow in mnoGoSearch Jedi/Sector One
Re: Microsoft ASN.1 (Half a sploit) K-OTiK Security
Xlight ftp server 1.52 RETR bug intuit e.b.
[SECURITY] [DSA 429-2] New gnupg packages fix cryptographic weakness Matt Zimmerman
Re: iDEFENSESecurityAdvisory02.10.04: XFree86FontInformationFileBufferOverflow Dr Andrew C Aitchison
ASP Portal Multiple Vulnerabilities Manuel López
Misinformation in Security Advisories (ASN.1) John Compton
Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Buck Huppmann
Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Florian Weimer
Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Michael Shigorin
Fwd: Re: NT/W2K Source leak Dragos Ruiu
Re: W2K source "leaked"? Byron Copeland
Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Joshua Levitsky
Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption David Wilson
RE: [inbox] W2K source "leaked"? Curt Purdy
Re: Apache Http Server Reveals Script Source Code to Remote Users And Any Users Can Access The Forbidden Directory ("/WEB-INF/") Axel Beckert - ecos gmbh
RE: W2K source "leaked"? LordInfidel
RE: Hacking USB Thumbdrives, Thumprint authentication Lyal Collins
buffer overflow in Robot FTP Server gsicht gsicht
AllMyGuests PHP Code Injection vulnerability Pablo Santana
AllMyVisitors PHP Code Injection vulnerability Pablo Santana
LNSA-#2004-0001: mutt remote crash Vincenzo Ciaglia
Re: W2K source "leaked"? Ho Chaw Ming
AllMyLinks PHP Code Injection vulnerability Pablo Santana
Another YabbSE SQL Injection backspace
RE: Exploit based on leaked code released. tlarholm
Bypassing PatchFinder 2 Edgar Barbosa
Re: Another YabbSE SQL Injection Mike Bobbitt
Re: Misinformation in Security Advisories (ASN.1) Simon Brady
Re: Misinformation in Security Advisories (ASN.1) evol
Re: Misinformation in Security Advisories (ASN.1) Ivan Arce
Re: Asp Portal Multiple Vulnerabilities Manuel López
RE: [Full-Disclosure] Re: W2K source "leaked"? Nick FitzGerald
Re: Misinformation in Security Advisories (ASN.1) Steven M. Christey
Tuesday, 17 February
[ GLSA 200402-05 ] phpMyAdmin < 2.5.6-rc1 directory traversal attack Tim Yamin
[ GLSA 200402-06 ] Linux kernel AMD64 ptrace vulnerability Tim Yamin
Denial Of Service in Vizer Web Server 1.9.1 Donato Ferrante
YABB information leakage on failed login David Cantrell
ZH2004-06SA (security advisory): ShopCartCGI v2.3 Remote arbitrary file retrieving ZetaLabs
KarjaSoft Sami HTTP Server 1.0.4 Buffer Overflow badpack3t
APC 9606 SmartSlot Web/SNMP management card "backdoor" Dave Tarbatt
RE: Apache Http Server Reveals Script Source Code to Remote Users And Any Users Can Access The Forbidden Directory ("/WEB-INF/") J.
Re: ISS Security Rip: Microsoft ASN.1 (Half a sploit) Valdis . Kletnieks
Re: [Full-Disclosure] Misinformation in Security Advisories (ASN.1) Valdis . Kletnieks
Re: Misinformation in Security Advisories (ASN.1) Anthony Saffer
Re: [Full-Disclosure] Possible race condition in Symantec AntiVirus Scan Engine for Red Hat Linux during LiveUpdate Valdis . Kletnieks
Re: [work] Re: W2K source "leaked"? opticfiber
RE: [Full-Disclosure] Misinformation in Security Advisories (ASN.1) first last
ASN.1 telephony critical infrastructure warning - VOIP Gadi Evron
Re: [Full-Disclosure] ASN.1 telephony critical infrastructure warning - VOIP Michal Zalewski
Re: [Full-Disclosure] ASN.1 telephony critical infrastructure warning - VOIP 3APA3A
ASN.1 vulnerability -is- on Win98 Joshua Levitsky
RE: [Full-Disclosure] ASN.1 telephony critical infrastructure warning - VOIP Zak Dechovich
Re: [Full-Disclosure] ASN.1 telephony critical infrastructure warning - VOIP daniel uriah clemens
Fw: APC 9606 SmartSlot Web/SNMP management card "backdoor" - MORE PROBLEMS thiago . vazquez
Broker FTP DoS (Message Server) Aviram Jenik
RE: Apache Http Server Reveals Script Source Code to Remote Users And Any Users Can Access The Forbidden Directory ("/WEB-INF/") Alun Jones
Re: iDEFENSESecurityAdvisory02.10.04: XFree86FontInformationFileBufferOverflow Steffen Kluge
iDEFENSE Security Advisory 02.17.04: Ipswitch IMail LDAP Daemon Remote Buffer Overflow iDefense Labs
Beagle.b@mm spreading at a steady pace. dotsecure
Wednesday, 18 February
Second critical mremap() bug found in all Linux kernels Paul Starzetz
CesarFTP 0.99 : 100% employment of computer resources intuit e.b.
EarlyImpact ProductCart shopping cart software multiple security vulnerabilities S-Quadra Security Research
SNMP community string disclosure in Linksys WAP55AG NN Poster
ZH2004-07SA (security advisory): Multiple Sql injection vulnerabilities in Online Store Kit 3.0 Products (Lite - Standard and Pro) ZetaLabs
ZH2004-08SA (security advisory): OWLS 1.0 Remote arbitrary files retrieving ZetaLabs
[slackware-security] metamail security update (SSA:2004-049-02) Slackware Security Team
TSLSA-2004-0007 - kernel Trustix Security Advisor
[RHSA-2004:065-01] Updated kernel packages resolve security vulnerabilities bugzilla
WebCortex Webstores2000 version 6.0 multiple security vulnerabilities Nick Gudov
[SECURITY] [DSA 438-1] New Linux 2.4.18 packages fix local root exploit (alpha+i386+powerpc) Martin Schulze
[ GLSA 200402-07 ] Clamav 0.65 DoS vulnerability Tim Yamin
[SECURITY] [DSA 440-1] New Linux 2.4.17 packages fix several local root exploits (powerpc/apus) Martin Schulze
[slackware-security] Kernel security update (SSA:2004-049-01) Slackware Security Team
Re: Microsoft ASN.1 (Half a sploit) WebHead
[SECURITY] [DSA 439-1] New Linux 2.4.16 packages fix several local root exploits (arm) Martin Schulze
Re: Second critical mremap() bug found in all Linux kernels Steve Bremer
Remote Administrator 2.x: highly possible remote hole or backdoor Pavel Levshin
[SECURITY] [DSA 441-1] New Linux 2.4.17 packages fix local root exploit (mips+mipsel) Martin Schulze
OT: reports of a Trojan horse in the Arrow project Gadi Evron
article: Alleged Trojan horse in Israeli Anti-Ballistic Missile System Gadi Evron
Re: Misinformation in Security Advisories (ASN.1) Slawek
Re: AIX password enumeration possible Darren Tucker
Re: EarlyImpact ProductCart shopping cart software multiple security vulnerabilities Massimo Arrigoni
Re: APC 9606 SmartSlot Web/SNMP management card "backdoor" Fredrik Björk
metamail format string bugs and buffer overflows Ulf Härnhammar
Re: Fw: APC 9606 SmartSlot Web/SNMP management card "backdoor" - MORE PROBLEMS Thomas M. Payerle
Re: [Full-Disclosure] ASN.1 telephony critical infrastructure warning - VOIP Florian Weimer
Smallftpd 1.0.3 DoS intuit e.b.
Re: ASN.1 telephony critical infrastructure warning - VOIP RJ Auburn
Re: ASN.1 telephony critical infrastructure warning - VOIP Michael H. Warfield
Re: Fw: APC 9606 SmartSlot Web/SNMP management card "backdoor" - MORE PROBLEMS James Green
Re[2]: [Full-Disclosure] ASN.1 telephony critical infrastructure warning - VOIP 3APA3A
bid: 9660 : Microsoft IIS Unspecified Remote Denial Of Service Vu lnerability kquest
Re: [Full-Disclosure] ASN.1 telephony critical infrastructure warning - VOIP Michael Samuel
Multiple WinXP kernel vulns can give user mode programs kernel mode privileges first last
Thursday, 19 February
Re: APC 9606 SmartSlot Web/SNMP management card "backdoor" Charles R. Anderson
RE: 9660 : Microsoft IIS Unspecified Remote Denial Of Service Vu lnerability kquest
APC Security Advisory - Static factory password vulnerability security.advisory
Microsoft Internet Explorer Unspecified CHM File Processing Arbitrary Code Execution Vulnerability (bid 9658) K-OTiK Security
Zone Labs Security Advisory ZL04-08 - SMTP processing vulnerability Zone Labs Product Security
Aol Instant Messenger/Microsoft Internet Explorer remote code execution Michael Evanchik
MDKSA-2004:014 - Updated metamail packages fix buffer overflow vulnerabilities Mandrake Linux Security Team
Re: Fw: APC 9606 SmartSlot Web/SNMP management card "backdoor" - MORE PROBLEMS Keith Clifton
Re: Second critical mremap() bug found in all Linux kernels Dan Yefimov
PunkBuster SQL Injection Attack Just1n T1mberlake
Re: Multiple WinXP kernel vulns can give user mode programs kernel mode privileges 3APA3A
RE: Multiple WinXP kernel vulns can give user mode programs kernel mode privileges Alun Jones
[SECURITY] [DSA 442-1] New Linux 2.4.17 packages fix local root exploits and more (s390) Martin Schulze
Re: Fw: APC 9606 SmartSlot Web/SNMP management card "backdoor" - MORE PROBLEMS Frank Louwers
RE: Multiple WinXP kernel vulns can give user mode programs kernel mode privileges first last
iMail 8.05 LDAP service remote exploit Iván Rodriguez Almuiña
Re: Fw: APC 9606 SmartSlot Web/SNMP management card "backdoor" - MORE PROBLEMS Tom
APC 9606 SmartSlot Web/SNMP management card "backdoor" - Telnet can't be disabled. David Monosov
Cisco Security Advisory: Cisco ONS 15327, ONS 15454, ONS 15454 SDH, and ONS 15600 Vulnerabilities Cisco Systems Product Security Incident Response Team
RE: Aol Instant Messenger/Microsoft Internet Explorer remote code execution Thor Larholm
Re: SNMP community string disclosure in Linksys WAP55AG Hugo van der Kooij
NetBSD Security Advisory 2004-001: Insufficient packet validation in racoon IKE daemon NetBSD Security-Officer
NetBSD Security Advisory 2004-004: shmat reference counting bug NetBSD Security-Officer
LiveJournal XSS Joshua Miller
SUSE Security Announcement: Linux Kernel (SuSE-SA:2004:005) Thomas Biege
EEYE: ZoneLabs SMTP Processing Buffer Overflow Marc Maiffret
NetBSD Security Advisory 2004-003: OpenSSL 0.9.6 ASN.1 parser vulnerability NetBSD Security-Officer
Re: ASN.1 vulnerability -is- on Win98 Joshua Levitsky
Re: Apache Http Server Reveals Script Source Code to Remote Users And Any Users Can Access The Forbidden Directory ("/WEB-INF/") Peter J. Holzer
Re: [RHSA-2004:065-01] Updated kernel packages resolve security vulnerabilities Ulrich Keil
NetBSD Security Advisory 2004-002: Inconsistent IPv6 path MTU discovery handling NetBSD Security-Officer
Re: Microsoft ASN.1 (Half a sploit) Joshua Levitsky
Re: Second critical mremap() bug found in all Linux kernels Jared M Breland
RE: Remote Administrator 2.x: highly possible remote hole or back door LordInfidel
RE: Second critical mremap() bug found in all Linux kernels tlarholm
RE: APC 9606 SmartSlot Web/SNMP management card "backdoor" - Telnet can't be disabled. Miskell, Craig
Re: APC 9606 SmartSlot Web/SNMP management card "backdoor" - Telnet can't be disabled. Keith Clifton
PGP signatures on recent NetBSD Security Advisories NetBSD Security-Officer
OpenLinux: mpg123 remote denial of service and heap-based buffer overflow please_reply_to_security
OpenLinux: Bind: cache poisoning BIND 8 prior to 8.3.7 and BIND 8.4.x prior 8.4.2 please_reply_to_security
OpenLinux: Fetchmail 6.2.4 and earlier remote dennial of service please_reply_to_security
Friday, 20 February
OpenLinux: Multiple vulnerabilities were discovered in the saned daemon please_reply_to_security
[SECURITY] [DSA 443-1] New xfree86 packages fix multiple vulnerabilities Matt Zimmerman
[SECURITY] [DSA 444-1] New Linux 2.4.17 packages fix local root exploit (ia64) Martin Schulze
[CLA-2004:820] Conectiva Security Announcement - kernel Conectiva Updates
fix for recently disclosed Oracle interval conversion overflows? Marc Bejarano
[CLA-2004:821] Conectiva Security Announcement - XFree86 Conectiva Updates
article: Theft of Client Information at a Major Israeli Bank's "Information Fortress". Gadi Evron
Hotfix for new mremap vulnerability Pavel harry_x Palát
Re: SNMP community string disclosure in Linksys WAP55AG Robbie Stone
Re: SNMP community string disclosure in Linksys WAP55AG Nicolai van der Smagt
Re: Remote Administrator 2.x: highly possible remote hole or backdoor Pavel Levshin
Bank of America contact Lance James
RE: Remote Administrator 2.x: highly possible remote hole or back door mgotts
is predicatable file location a vuln? (was RE: Aol Instant Messenger/Microsoft Internet Explorer remote code execution) Stuart Moore
Remote Buffer Overflow in PSOProxy 0.91 Donato Ferrante
RE: is predicatable file location a vuln? (was RE: Aol Instant Messenger/Microsoft Internet Explorer remote code execution) Drew Copley
OpenLinux: Perl Safe.pm unsafe access please_reply_to_security
Re: is predicatable file location a vuln? (was RE: Aol Instant Messenger/Microsoft Internet Explorer remote code execution) http-equiv () excite com
LNSA-#2004-0002: Fetchmail 6.2.4 and earlier remote denial of service Vincenzo Ciaglia
LNSA-#2004-0003: Linux Kernel Vincenzo Ciaglia
RE: Re: is predicatable file location a vuln? (was RE: Aol Instant Messenger/Microsoft Internet Explorer remote code execution) Drew Copley
Monday, 23 February
GateKeeper Pro 4.7 buffer overflow Iván Rodriguez Almuiña
FYI: CAIF Format Specification Oliver Goebel
[SECURITY] [DSA 436-2] New mailman packages fix bug introduced in DSA 436-1 Matt Zimmerman
[SECURITY] [DSA 448-1] New pwlib packages fix multiple vulnerabilities Matt Zimmerman
[SECURITY] [DSA 446-1] New synaesthesia packages fix insecure file creation Matt Zimmerman
[SECURITY] [DSA 447-1] New hsftp packages fix format string vulnerability Matt Zimmerman
lbreakout2 < 2.4beta-2 local exploit Li0n7
Re: is predicatable file location a vuln? (was RE: Aol Instant Messenger/Microsoft Steven M. Christey
TSLSA-2004-0008 - kernel Trustix Security Advisor
nCipher Advisory #9: Host-side attackers can access secret data nCipher Support
SUSE Security Announcement: xf86/XFree86 (SuSE-SA:2004:006) Thomas Biege
Re: APC 9606 SmartSlot Web/SNMP management card "backdoor" brandon pierce
[SECURITY] [DSA 445-1] New lbreakout2 packages fix buffer overflow Matt Zimmerman
Remote server crash in Team Factor <= 1.25 Luigi Auriemma
PSOProxy <= 0.91 remote buffer overflow (exploit) li0n7
[waraxe-2004-SA#004] - Multiple vulnerabilities in XMB 1.8 Partagium Final SP2 Janek Vind
Re: Bank of America Contact Lance James
Remote Buffer Overflow in Avirt Voice 4.0 Donato Ferrante
Lam3rZ Security Advisory #2/2004: LSF eauth vulnerability leads to a possibility of controlling cluster jobs on behalf of other users Tomasz Grabowski
Lam3rZ Security Advisory #1/2004: LSF eauth vulnerability leads to remote code execution Tomasz Grabowski
Windows XP explorer.exe heap overflow. sunglasses
Somewhat new SQL Injection concept Tõnu Samuel
ezBoard Cross Site Scripting Vulnerability Cheng Peng Su
Multiple Remote Buffer Overflow in Avirt Soho 4.3 Donato Ferrante
Re: lbreakout2 < 2.4beta-2 local exploit Steve Kemp
3Com DSL Router Long Request DoS exploit. Shaun Colley
Cross Site Scripting in WebzEdit Cheng Peng Su
RE: [Full-Disclosure] ASN.1 telephony critical infrastructure warning - VOIP David Wilson
Re: Hotfix for new mremap vulnerability Marc-Christian Petersen
Re: Bank of America Contact Jon W
Re: Remote Administrator 2.x: highly possible remote hole or back door Ari Gordon-Schlosberg
Lam3rZ Security Advisory #3/2004: A bug in Confirm leads to remote command execution Mariusz Woloszyn
Re: Windows XP explorer.exe heap overflow. Chris Calabrese
RE: Windows XP explorer.exe heap overflow. Michael Wojcik
Web Crossing 4.x/5.x Denial of Service Vulnerability (FIX) Peter Winter-Smith
blocking gzip encoded files Darwin Mecham
Tuesday, 24 February
Mac OS X pppd format string vulnerability Advisories
Re: blocking gzip encoded files mgotts
TYPSoft FTP Server 1.10 multiple vulnerabilities intuit e.b.
MDKSA-2004:015 - Updated kernel packages fix multiple vulnerabilities Mandrake Linux Security Team
Remote server crash in Haegemonia <= 1.07 Luigi Auriemma
FlexWATCH-Webs 2.2 (NTSC) Authorization Bypass Rafel Ivgi, The-Insider
iDEFENSE Security Advisory 02.23.04: Darwin Streaming Server Remote Denial of Service Vulnerability iDefense Labs
STG Security Advisory: [SSA-20040217-06] Apache for cygwin directory traversal vulnerability advisory
Re: Windows XP explorer.exe heap overflow. Eli K.
Remote crash in Ghost Recon engine Luigi Auriemma
Gigabyte Broadband Router - Multiple Vulnerabilities Rafel Ivgi, The-Insider
Re: Bank of America Contact Eloy A. Paris
Re: Windows XP explorer.exe heap overflow. Tim
snort rules for ICQ http/https tunnels Alexander Antipov
Hidden Gamespy code leads to vulnerabilities in diffused games (BF1942, Halo, Dredd and more) Luigi Auriemma
Re: blocking gzip encoded files Josep L. Guallar-Esteve
Wednesday, 25 February
New ICQ WORM Rafel Ivgi, The-Insider
RE: blocking gzip encoded files Gervase Markham
Advisory 02/2004: Trillian remote overflows Stefan Esser
BadBlue 2.4 Local Path Disclosure By phptest.php Rafel Ivgi, The-Insider
ZH2004-09SA (security advisory): PhpNewsManager Remote arbitrary files retrieving ZetaLabs
jgs webserver 0.1.0 Cross Site Scripting Vulnerabillity Rafel Ivgi, The-Insider
Alcatel Omniswitch 7000 series Michael Shekman
MS ASN library is fraught not only with integer overflow, but also with stack overflow. flashsky fangxing
MDKSA-2004:016 - Updated mtools packages fix local root vulnerability Mandrake Linux Security Team
RE: Windows XP explorer.exe heap overflow. Larry Seltzer
Re: Windows XP explorer.exe heap overflow. Eli Kara
Fw: [Unpatched] The Bizex worm Thor Larholm
PSOProxy's exploit for Windows by Rosiello Security Angelo Rosiello
Re: [waraxe-2004-SA#004] - Multiple vulnerabilities in XMB 1.8 Partagium Final SP2 Ben
Sandblad #13: Cross-domain exploit on zombie document with event handlers Andreas Sandblad
Thursday, 26 February
MDKSA-2004:015-1 - Updated x86_64 kernel packages fix multiple vulnerabilities Mandrake Linux Security Team
[RHSA-2004:063-01] Updated mod_python packages fix denial of service vulnerability bugzilla
[RHSA-2004:091-01] Updated libxml2 packages fix security vulnerability bugzilla
Denial Of Service in FreeChat 1.1.1a Donato Ferrante
Dell OpenManage Web Server Heap Overflow wirepair
[vulnwatch] Serv-U MDTM Command Buffer Overflow Vulnerability bkbll
Dell OpenManage Web Server Heap Overflow (Pre-Auth) wirepair
SmoothWall Project Security Advisory SWP-2004:002 William Anderson
Serv-U "MDTM" buffer overflow PoC DoS exploit Shaun Colley
SGI ProPack v2.4: Kernel fixes and security update SGI Security Coordinator
Re: Windows XP explorer.exe heap overflow. Dragos Ruiu
SGI Advanced Linux Environment security update #12 SGI Security Coordinator
SGI Advanced Linux Environment security update #11 SGI Security Coordinator
RE: Serv-U "MDTM" buffer overflow PoC DoS exploit Peter Buijsman
Immunix Secured OS 7+ kernel update Immunix Security Team
Nmap Security Scanner 3.50 Released Fyodor
Extremail Security Problem Andrey Smirnov
Friday, 27 February
[SECURITY] [DSA 450-1] New Linux 2.4.19 packages fix several local root exploits (mips) Martin Schulze
Calife heap corrupt / potential local root exploit DownBload
New version of ike-scan (IPsec IKE scanner) available - v1.6 Roy Hills
iDEFENSE Security Advisory 02.27.04b: Microsoft Internet Explorer Cross Frame Scripting Restriction Bypass idlabs-advisories
iDEFENSE Security Advisory 02.27.04a: WinZip MIME Parsing Buffer Overflow Vulnerability idlabs-advisories
EEYE: RealSecure/BlackICE Server Message Block (SMB) Processing Overflow Marc Maiffret
Serv-U MDTM exploits Sam
Multiple issues with Mac OS X AFP client Chris Adams
Re: Calife heap corrupt / potential local root exploit Ollivier Robert
Symantec Gateway Security Management Service Cross Site Scripting Brian_J_Soby
FreeBSD Security Advisory FreeBSD-SA-04:03.jail FreeBSD Security Advisories
[HUC] Serv-U FTPD 2.x/3.x/4.x/5.x "MDTM" Command Remote Exploit lion
Re: Calife heap corrupt / potential local root exploit Carson Gaspar
Re: Calife heap corrupt / potential local root exploit Ollivier Robert
[SECURITY] [DSA 451-1] New xboing packages fix buffer overflows Matt Zimmerman
Re: [SECURITY] [DSA 451-1] New xboing packages fix buffer overflows Steve Kemp
Saturday, 28 February
New phpBB ViewTopic.php Cross Site Scripting Vulnerability Cheng Peng Su
Invision Power Board SQL injection! Knight Commander
LAN SUITE Web Mail 602Pro Multiple Vulnerabilities Rafel Ivgi, The-Insider
InnoMedia VideoPhone Authorization Bypass Rafel Ivgi, The-Insider
Re: Multiple issues with Mac OS X AFP client Chris Adams
laptop security Gadi Evron
Multiple WFTPD Denial of Service vulnerabilities axl rose
Critical WFTPD buffer overflow vulnerability axl rose