Bugtraq: by author

467 messages starting Sep 14 04 and ending Sep 27 04
Date index | Thread index | Author index

3APA3A

Correction to latest Colsaire advisories 3APA3A (Sep 14)
Re: Remote buffer overflow in Apache mod_ssl when reverse proxying SSL 3APA3A (Sep 13)
Re: cdrdao local root exploit 3APA3A (Sep 07)

Adam Jacob Muller

Re: Diebold Global Election Management System (GEMS) Backdoor Acc ount Allows Authenticated Users to Modify Votes Adam Jacob Muller (Sep 28)

Adam Shostack

Apple, Apple Remote Desktop client Adam Shostack (Sep 06)
Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Adam Shostack (Sep 29)
Re: Diebold Global Election Management System (GEMS) Backdoor Adam Shostack (Sep 29)

admin

[exploitwatch.org] ALERT: Windows XP JPEG Buffer Overflow POC Exploit admin (Sep 17)
www.proboards.com / YaBB XSS Vuln admin (Sep 16)

advisories

Corsaire Security Advisory - Multiple vendor MIME Content-Transfer-Encoding mechanism issue advisories (Sep 14)
Corsaire Security Advisory - Multiple vendor MIME separator issue advisories (Sep 14)
RE: Correction to latest Colsaire advisories advisories (Sep 25)
Corsaire Security Advisory - Multiple vendor MIME field quoting issue advisories (Sep 14)
Corsaire Security Advisory - Multiple vendor MIME RFC822 comment issue advisories (Sep 14)
Re: Correction to latest Colsaire advisories advisories (Sep 15)
Re:[2] Corsaire Security Advisory - Multiple vendor MIME RFC2047 encoding issue advisories (Sep 18)
RE: Correction to latest Colsaire advisories advisories (Sep 16)
Re:[3] Corsaire Security Advisory - Multiple vendor MIME RFC2047 encoding issue advisories (Sep 25)
Corsaire Security Advisory - Multiple vendor MIME field multiple occurrence issue advisories (Sep 14)
Corsaire Security Advisory - Multiple vendor MIME RFC2047 encoding issue advisories (Sep 14)
Corsaire Security Advisory - Multiple vendor MIME RFC2231 encoding issue advisories (Sep 15)
Re:[4] Corsaire Security Advisory - Multiple vendor MIME RFC2047 encoding issue advisories (Sep 30)
@stake advisory: Pingtel Xpressa Denial of Service Advisories (Sep 13)
Vignette Application Portal Unauthenticated Diagnostics Advisories (Sep 28)
Corsaire Security Advisory - Multiple vendor MIME field whitespace issue advisories (Sep 15)

Ahmad Muammar

Multiple vulnerabilities 1n BBS E-Market Professional Ahmad Muammar (Sep 09)
FUll Path Disclosure in YABBSE Ahmad Muammar (Sep 05)

albatross

Re: Microsoft's GDI Detetection Tool faults albatross (Sep 27)
Microsoft's GDI Detetection Tool faults albatross (Sep 24)

Albert Puigsech Galicia

RE: CuteNews News.txt writable to world Albert Puigsech Galicia (Sep 01)

Aleksandar Milivojevic

Re: New whitepaper "The Phishing Guide" Aleksandar Milivojevic (Sep 27)
Re: New whitepaper "The Phishing Guide" Aleksandar Milivojevic (Sep 23)
Re: Diebold Global Election Management System (GEMS) Backdoor Acc ount Allows Authenticated Users to Modify Votes Aleksandar Milivojevic (Sep 30)

Alexander Antipov

Multiple vulnerabilities in w-agora forum Alexander Antipov (Sep 30)

alireza hassani

New XSS vulnerabilities in paFileDB 3.1 final alireza hassani (Sep 25)

Alpt

The ArpSucker is b0rn! Be yourself, be the net. Alpt (Sep 13)

Altheide, Cory B. (IARC)

RE: New Data Wipe Tools Altheide, Cory B. (IARC) (Sep 13)

Andreas Marx

Re: Microsoft's GDI Detetection Tool faults Andreas Marx (Sep 27)
Serious Security Issue in Windows XP SP2's Firewall Andreas Marx (Sep 20)
Re: Correction to latest Colsaire advisories Andreas Marx (Sep 15)

Andrew Daviel

Promiscuous email printing in Canon imageRunner Andrew Daviel (Sep 24)

Angelidis, Fotis(NSASOUDABAY)

RE: Microsoft GDIPlus.DLL JPEG Parsing Engine Buffer Overflow Angelidis, Fotis(NSASOUDABAY) (Sep 16)

Angelo Rosiello

Sudo Exploit by Rosiello Security Angelo Rosiello (Sep 18)

Atom 'Smasher'

Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Atom 'Smasher' (Sep 23)

Barry Fitzgerald

Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Barry Fitzgerald (Sep 23)

Bas Alberts

Fwd: Theo's presentation on exploit prevention Bas Alberts (Sep 16)

bashis

Re: [Bugtraq] McAfee VirusScan Privilege Escalation Vulnerability [iDEFENSE] bashis (Sep 15)

Ben

GDI Virus in the wild. Ben (Sep 27)

bima tampan

[XSS]/SQL Injection PHP-Nuke Edit/Save Message(s) Bug bima tampan (Sep 14)
[XSS]/SQL Injection PHP-Nuke Delete Message(s) Bug bima tampan (Sep 08)

Blaine Elzey

Re: [XSS] PHP-Nuke 7.4 Bugs Blaine Elzey (Sep 07)

Bloody_A

Re: glFTPd local stack buffer overflow Bloody_A (Sep 21)

Bob Toxen

Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Bob Toxen (Sep 28)

Boren, Rich (SSRT)

[security bulletin] SSRT4794 rev.0 HPStorageWorks Command View XP access restriction bypass Boren, Rich (SSRT) (Sep 29)
[security bulletin] SSRT4739 rev.0 HP WebJetadmin arbitrary command execution Boren, Rich (SSRT) (Sep 17)
[security bulletin] SSRT3657 rev.3 HP-UX CDE libDtHelp buffer overflow Boren, Rich (SSRT) (Sep 01)

Borja Marcos

Re: Corsaire Security Advisory - Multiple vendor MIME RFC2047 encoding issue Borja Marcos (Sep 17)

Brendan Murray

Re: New Data Wipe Tools Brendan Murray (Sep 11)

Brian Dessent

Re: New whitepaper "The Phishing Guide" Brian Dessent (Sep 28)

Brian Kirkbride

Re: Diebold Global Election Management System (GEMS) Backdoor Account Brian Kirkbride (Sep 29)

Bruce Barnett

RE: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Bruce Barnett (Sep 29)

Calum

Re: ICMP spoofed source tunneling Calum (Sep 28)

Casper Dik

Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Casper Dik (Sep 29)
Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Casper Dik (Sep 29)

Cassidy Macfarlane

RE: JPEG Processing BOF Proof Of Concept Cassidy Macfarlane (Sep 17)

Chip Andrews

Re: New whitepaper "The Phishing Guide" Chip Andrews (Sep 27)

Chip Mefford

Re: Promiscuous email printing in Canon imageRunner Chip Mefford (Sep 25)

chris

CESA-2004-004: libXpm chris (Sep 15)
CESA-2004-005: gtk+ XPM decoder chris (Sep 15)

Chris Norton

Re: Vulnerability in IBM Windows XP: default hidden Administrator account allows local Administrator access Chris Norton (Sep 17)

Chris Wysopal

@stake advisory: Lexar JumpDrive Secure Password Extraction Chris Wysopal (Sep 13)

Cisco Systems Product Security Incident Response Team

Cisco Security Advisory: Vulnerabilities in Kerberos 5 Implementation Cisco Systems Product Security Incident Response Team (Aug 31)

Claudius Li

Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Claudius Li (Sep 25)

cns

IE6 + XP SP2 Vulnerability cns (Sep 16)

CoKi

glFTPd local stack buffer overflow CoKi (Sep 20)

Coleman

Re: cdrecord local root exploit Coleman (Sep 16)
Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Coleman (Sep 28)

Colm Buckley

Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Colm Buckley (Sep 29)

Colm MacCarthaigh

Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Colm MacCarthaigh (Sep 29)

Conectiva Updates

[CLA-2004:866] Conectiva Security Announcement - qt3 Conectiva Updates (Sep 22)
[CLA-2004:867] Conectiva Security Announcement - spamassassin Conectiva Updates (Sep 22)
[CLA-2004:868] Conectiva Security Announcement - apache Conectiva Updates (Sep 23)
[CLA-2004:864] Conectiva Security Announcement - kde Conectiva Updates (Sep 13)
[CLA-2004:865] Conectiva Security Announcement - zlib Conectiva Updates (Sep 13)
[CLA-2004:869] Conectiva Security Announcement - kernel Conectiva Updates (Sep 27)
[CLA-2004:870] Conectiva Security Announcement - imlib Conectiva Updates (Sep 29)
[CLA-2004:863] Conectiva Security Announcement - wv Conectiva Updates (Sep 10)
[CLA-2004:860] Conectiva Security Announcement - krb5 Conectiva Updates (Sep 10)

Craig Paterson

Re: Diebold Global Election Management System (GEMS) Backdoor Acc ount Allows Authenticated Users to Modify Votes Craig Paterson (Sep 29)
Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Craig Paterson (Sep 22)

Criolabs

SQL-Injection in Subjects 2.0 for Postnuke Criolabs (Sep 10)
Password Protect XSS and SQL-Injection vulnerabilities. Criolabs (Sep 02)

Crispin Cowan

Re: Diebold Global Election Management System (GEMS) Backdoor Crispin Cowan (Sep 28)
Re: New whitepaper "The Phishing Guide" Crispin Cowan (Sep 28)

customer service mailbox

iDEFENSE Security Advisory 09.30.04 - Samba Arbitrary File Access Vulnerability customer service mailbox (Sep 30)
iDEFENSE Security Advisory 09.22.04 - Sophos Small Business Suite Reserved Device Name Handling Vulnerability customer service mailbox (Sep 22)
iDEFENSE Security Advisory 09.16.04: Ipswitch WhatsUp Gold Remote Denial of Service Vulnerability customer service mailbox (Sep 16)
iDEFENSE Security Advisory 09.27.04 - IBM AIX ctstrtcasd Local File Corruption Vulnerability customer service mailbox (Sep 27)
iDEFENSE Security Advisory 09.15.04: GNU Radius SNMP String Length Integer Overflow Denial of Service Vulnerability customer service mailbox (Sep 16)

Dana Hudes

Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Dana Hudes (Sep 29)

Daniel Bertrand

Important message to Bugtraq Subscribers! Daniel Bertrand (Sep 17)

Daniel Fabian

Motorola Wireless Router WR850G Authentication Circumvention Daniel Fabian (Sep 25)
Motorola Wireless Router WR850G Authentication Circumvention Daniel Fabian (Sep 25)

Daniel Veditz

Re: New whitepaper "The Phishing Guide" Daniel Veditz (Sep 26)

Dan Margolis

[ GLSA 200409-15 ] Webmin, Usermin: Multiple vulnerabilities in Usermin Dan Margolis (Sep 13)

Dave Paris

Re: ICMP spoofed source tunneling Dave Paris (Sep 23)

David Ahmad

[nisr () nextgenss com: Patch available for multiple critical flaws in Oracle] David Ahmad (Sep 01)

David Brodbeck

RE: Diebold Global Election Management System (GEMS) Backdoor Acc ount Allows Authenticated Users to Modify Votes David Brodbeck (Sep 30)
RE: Diebold Global Election Management System (GEMS) Backdoor Acc ount Allows Authenticated Users to Modify Votes David Brodbeck (Sep 27)

David Covin

Re: Corsaire Security Advisory - Multiple vendor MIME RFC2047 encoding issue David Covin (Sep 15)

Davide Del Vecchio

mpg123 buffer overflow vulnerability Davide Del Vecchio (Sep 07)

David F. Skoll

Re: Corsaire Security Advisory - Multiple vendor MIME RFC2047 encoding issue David F. Skoll (Sep 15)
Re: Corsaire Security Advisory - Multiple vendor MIME RFC2047 encoding issue David F. Skoll (Sep 16)
Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes David F. Skoll (Sep 29)
Re: Diebold Global Election Management System (GEMS) Backdoor Acc ount Allows Authenticated Users to Modify Votes David F. Skoll (Sep 28)
Re:[2] Corsaire Security Advisory - Multiple vendor MIME RFC2047 encoding issue David F. Skoll (Sep 18)
Re: Re:[3] Corsaire Security Advisory - Multiple vendor MIME RFC2047 encoding issue David F. Skoll (Sep 27)
Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes David F. Skoll (Sep 30)
Re:[3] Corsaire Security Advisory - Multiple vendor MIME RFC2047 encoding issue David F. Skoll (Sep 27)

David Litchfield

RE: Correction to latest Colsaire advisories David Litchfield (Sep 16)

David Querin

RE: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes David Querin (Sep 23)

David Schwartz

RE: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes David Schwartz (Sep 28)
RE: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes David Schwartz (Sep 29)

David S. Miller

Re: Linux 2.4.27 SECURITY BUG - TCP Local (probable Remote) Denial of Service David S. Miller (Sep 13)
Re: Linux 2.4.27 SECURITY BUG - TCP Local (probable Remote) Denial of Service David S. Miller (Sep 13)

David Watson

Local root compromise possible with getmail David Watson (Sep 20)

David Webster

RE: Security Center and Windows XP clients in domain David Webster (Sep 01)

David Wilson

Re: Re:[3] Corsaire Security Advisory - Multiple vendor MIME RFC2047 encoding issue David Wilson (Sep 28)

Dehner, Benjamin T.

RE: New whitepaper "The Phishing Guide" Dehner, Benjamin T. (Sep 25)

Derek Martin

Re: New Data Wipe Tools Derek Martin (Sep 13)

Dominic Hargreaves

[FLSA-2004:1468] Updated tcpdump packages that fix multiple security vulnerabilities Dominic Hargreaves (Sep 30)
[FLSA-2004:1552] Updated cadaver packages that fix security vulnerabilities Dominic Hargreaves (Sep 29)

Dominick Baier

Cross-Site Scripting Vulnerability in Newtelligence DasBlog Dominick Baier (Sep 05)
Cross-Site Scripting Vulnerability in Newtelligence DasBlog Dominick Baier (Sep 01)

Donato Ferrante

Re: directory traversal in ParaChat Server 5.5 Donato Ferrante (Sep 30)
directory traversal in ParaChat Server 5.5 Donato Ferrante (Sep 29)
directory traversal in ParaChat Server 5.5 Donato Ferrante (Sep 30)

Dowling, Gabrielle

RE: Microsoft's GDI Detetection Tool faults Dowling, Gabrielle (Sep 27)

Dragos Ruiu

SSHD / AnonCVS Nastyness Dragos Ruiu (Sep 02)

Dr Andrew C Aitchison

Re: cdrecord local root exploit Dr Andrew C Aitchison (Sep 27)

E.Kellinis

MSInfo Buffer Overflow E.Kellinis (Sep 02)

Enrique A. Chaparro

Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Enrique A. Chaparro (Sep 28)

ERACC

Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes ERACC (Sep 28)

Eric McCarty

RE: Promiscuous email printing in Canon imageRunner Eric McCarty (Sep 29)

Exoduks

[hackgen-2004-#001] - Non-critacal Cross-Site Scripting bug in CuteNews Exoduks (Sep 02)

fabio

Dynalink routers backdoor? fabio (Sep 03)

FAiN182

Multiple Full Disclosure Path in postnuke 0.750 phoenix FAiN182 (Sep 20)

Felix Lindner

Re: Promiscuous email printing in Canon imageRunner Felix Lindner (Sep 30)

felix zhou

Inkra 1504GX DoS vulnerability in conducting IP protocol felix zhou (Sep 14)

fenfire

Re: ICMP spoofed source tunneling fenfire (Sep 22)
Re: ICMP spoofed source tunneling fenfire (Sep 23)

float

Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes float (Sep 30)

FreeBSD Security Advisories

FreeBSD Security Advisory FreeBSD-SA-04:14.cvs FreeBSD Security Advisories (Sep 20)

Gadi Evron

Re: Microsoft's GDI Detetection Tool faults Gadi Evron (Sep 25)

Gaël Delalleau

New Mozilla, Firefox and Thunderbird releases fix critical security issues Gaël Delalleau (Sep 15)

gandalf

RE: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes gandalf (Sep 28)

Gandalf The White

IPv4 fragmentation --> The Rose Attack Gandalf The White (Sep 27)

Gareth Humphries

Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Gareth Humphries (Sep 29)

Gary Warner

Re: Microsoft GDIPlus.DLL JPEG Parsing Engine Buffer Overflow Gary Warner (Sep 16)

Gene Cronk

Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Gene Cronk (Sep 22)
Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Gene Cronk (Sep 22)

Geoff Vass

RE: Diebold Global Election Management System (GEMS) Backdoor Geoff Vass (Sep 30)

Gerald (Jerry) Carter

Samba Security Announcement -- Potential Arbitrary File Access Gerald (Jerry) Carter (Sep 30)
Samba 3.0 DoS Vulberabilities (CAN-2004-0807 & CAN-2004-0808) Gerald (Jerry) Carter (Sep 13)

gerarra

FreeBSD kernel buffer overflow gerarra (Sep 17)

Gerry Eisenhaur

Re: GDI Virus in the wild. Gerry Eisenhaur (Sep 27)

Greg A. Woods

Re: New whitepaper "The Phishing Guide" Greg A. Woods (Sep 27)
RE: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Greg A. Woods (Sep 27)
Re: Corsaire Security Advisory - Multiple vendor MIME RFC2047 encoding issue Greg A. Woods (Sep 18)

GuidoZ

Re: GDI Virus in the wild. GuidoZ (Sep 28)

GulfTech Security

RhinoSoft DNS4ME HTTP Server Vulnerabilities GulfTech Security (Sep 18)
RE: www.proboards.com / YaBB XSS Vuln GulfTech Security (Sep 17)
Multiple Vulnerabilities In phpWebsite GulfTech Security (Sep 02)
Multiple Vulnerabilities In EmuLive Server4 GulfTech Security (Sep 21)
JPEG Processing BOF Proof Of Concept GulfTech Security (Sep 16)

Gunter Ollmann (NGS)

New whitepaper "The Phishing Guide" Gunter Ollmann (NGS) (Sep 22)

Harrison Gladden

Re: Vulnerability in IBM Windows XP: default hidden Administrator account allows local Administrator access Harrison Gladden (Sep 17)

Hat-Squad Security Team

[Hat-Squad] Remote Buffer overflow Vulnerability in YahooPOPS Hat-Squad Security Team (Sep 27)

headpimp

MailWorks Professional - Authentication Bypass headpimp (Sep 03)
MailWorks Professional - Authentication bypass headpimp (Sep 02)

Heikki Korpela

Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Heikki Korpela (Sep 25)

Hidenobu Seki

Rainbow tables for LM/NTLMv1 authentication Hidenobu Seki (Sep 14)

Himeur Nourredine

@lex Guestbook (PHP) Include file Himeur Nourredine (Sep 28)

Hollis Johnson

Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Hollis Johnson (Sep 22)

Homer

Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Homer (Sep 22)

http-equiv () excite com

Re: FW: [Unpatched] Shell and Drag'n'Drop vulnerabilities http-equiv () excite com (Sep 09)

Hugo van der Kooij

RE: Diebold Global Election Management System (GEMS) Backdoor Acc ount Allows Authenticated Users to Modify Votes Hugo van der Kooij (Sep 30)

iggy popal

Re: Buffer overflow in Zinf 2.2.1 for Win32+exploit iggy popal (Sep 28)

I)ruid

CAU-EX-2004-0002: cdrecord-suidshell.sh I)ruid (Sep 11)

Jacob Appelbaum

Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Jacob Appelbaum (Sep 23)

Jaeson Schultz

RE: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Jaeson Schultz (Sep 22)
RE: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Jaeson Schultz (Sep 23)

Jake Appelbaum

Re: New Data Wipe Tools Jake Appelbaum (Sep 11)

james_love

Possible GDI Exploit Vector james_love (Sep 29)

Jason T. Miller

Re: cdrecord local root exploit Jason T. Miller (Sep 16)
Re: cdrecord local root exploit Jason T. Miller (Sep 30)
RE: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Jason T. Miller (Sep 29)

javier falbo

Example of JPG Exploit & Shellcode javier falbo (Sep 23)

Jay Hennigan

Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Jay Hennigan (Sep 22)

je

[sudo-announce] Sudo version 1.6.8p1 now available (fwd) je (Sep 16)

Jedi/Sector One

Denial of service in Brocade switches (was: Engenio/LSI Logic controllers denial of service/data corruption) Jedi/Sector One (Sep 06)
Engenio/LSI Logic controllers denial of service/data corruption Jedi/Sector One (Sep 04)

Jeremy Epstein

RE: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Jeremy Epstein (Sep 25)
RE: Diebold Global Election Management System (GEMS) Backdoor Acc ount Allows Authenticated Users to Modify Votes Jeremy Epstein (Sep 28)

Jimmy Scott

SMC7004VWBR / SMC7008ABR "spoofing" vulnerability. Jimmy Scott (Sep 15)

John Bissell

Re: Microsoft's GDI Detetection Tool faults John Bissell (Sep 25)
NEW GDI+ JPEG Remote Exploit John Bissell (Sep 24)
Exploit: AIM Exploit (Ignore Previous Post) John Bissell (Sep 02)

Jonas Olsson

Default username/password pairs in ON Command CCM 5.x database backend Jonas Olsson (Sep 20)

jonas . thambert

SA04-002 - Apache config file env variable buffer overflow jonas . thambert (Sep 15)

Jose Rey

Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Jose Rey (Sep 25)

Joshua Goodall

Re: Linux OpenExchange - cleartext rootpw in swap Joshua Goodall (Sep 03)

Joshua J. Berry

[ GLSA 200409-24 ] Foomatic: Arbitrary command execution in foomatic-rip filter Joshua J. Berry (Sep 20)

Joxean Koret

Vulnerabilities in TUTOS Joxean Koret (Sep 20)
Vulnerabilities in TUTOS Joxean Koret (Sep 20)

J�r�me

Samba nmbd Invalid Length Denial of Service Vulnerability [iDEFENSE] J�r�me (Sep 13)
Re: Apple, Apple Remote Desktop client [Multiple vulnerabilities] J�r�me (Sep 08)
Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes J�r�me (Aug 31)
Cerulean Studios Trillian 0.74i Buffer Overflow in MSN module exploit J�r�me (Sep 08)
Samba FindNextPrintChangeNotify() Error Lets Remote Authenticated Users Crash smbd J�r�me (Aug 31)
McAfee VirusScan Privilege Escalation Vulnerability [iDEFENSE] J�r�me (Sep 15)
Pinnacle ShowCenter 1.51 possible DoS J�r�me (Sep 22)
Multiple Full Disclosure Path in postnuke 0.750 phoenix J�r�me (Sep 20)
F-Secure Internet Gatekeeper Content Scanning Server Denial of Service [iDEFENSE] J�r�me (Sep 10)
OpenOffice World-Readable Temporary Files Disclose Files to Local Users J�r�me (Sep 10)
Buffer Overrun in JPEG Processing (GDI+) Could Allow Code Execution [MS04-028] J�r�me (Sep 14)
Site News Authentication Error May Let Local Users Add Messages J�r�me (Sep 07)
WinZip Unspecified Buffer Overflows May Let Remote or Local Users Execute Arbitrary Code J�r�me (Sep 02)
Remote buffer overflow in Apache mod_ssl when reverse proxying SSL J�r�me (Sep 11)
BlackJumboDog FTP Server version 3.6.1 Buffer Overflow [Exploit included] J�r�me (Sep 10)
Kerio Personal Firewall's Application Launch Protection Can Be Disabled by Direct Service Table Restoration J�r�me (Sep 03)
QNX crrtrap possible race condition vulnerability J�r�me (Sep 13)
Netscape NSS Library Vulnerability Affects Sun Java Enterprise System J�r�me (Sep 21)
Directory Traversal Vulnerability in TwinFTP Server allows overwriting J�r�me (Sep 13)
Microsoft Office WordPerfect Converter Buffer Overflow Vulnerability J�r�me (Sep 14)
cdrdao local root exploit J�r�me (Sep 06)
Insecure Temporary File Creation Vulnerability in Net-Acct J�r�me (Sep 08)

Julio Cesar Fort

[RLSA_02-2004] QNX Photon multiple buffer overflows Julio Cesar Fort (Sep 13)
[RLSA_04-2004] QNX crrtrap possible race condition vulnerability Julio Cesar Fort (Sep 13)
[RLSA_03-2004] QNX ftp client format string bug Julio Cesar Fort (Sep 13)
[RLSA_01-2004] QNX PPPoEd local root vulnerabilities Julio Cesar Fort (Sep 06)

Juraj Bednar

Re: New whitepaper "The Phishing Guide" Juraj Bednar (Sep 28)

Karsten Heidrich

Re[2]: New whitepaper "The Phishing Guide" Karsten Heidrich (Sep 28)

kers0r

Virus exploits workaround in Windows Mobile/Pocket PC architecture (Includes Source Code) kers0r (Sep 18)

khoaimi

Mambo Portal lasted version 4.5.1 (1.09) and lower vesion : SQL injection Vulnerability. khoaimi (Sep 18)

Kurt Lieber

[ GLSA 200409-11 ] star: Suid root vulnerability Kurt Lieber (Sep 08)

Kurt Seifried

Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Kurt Seifried (Sep 28)

Link Linkovich

AOL Groups/AIM Information Disclosure Link Linkovich (Sep 19)

Lise Moorveld

Re: iDEFENSE Security Advisory 09.22.04 - Sophos Small Business Suite Reserved D Lise Moorveld (Sep 29)

Lorne J. Leitman

RE: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Lorne J. Leitman (Sep 22)

LSS Security

SUS 2.0.2 local root vulnerability LSS Security (Sep 14)

Ludwig Nussel

SUSE Security Announcement: apache2 (SUSE-SA:2004:032) Ludwig Nussel (Sep 15)

Luigi Auriemma

Off-by-one bug in Halo 1.04 Luigi Auriemma (Sep 09)
Multiple vulnerabilities in ActivePost Standard 3.1 Luigi Auriemma (Sep 23)
Broadcast shutdown in Call of Duty 1.4 Luigi Auriemma (Sep 06)
Code execution in Icecast 2.0.1 Luigi Auriemma (Sep 28)
Freeze in Pigeon Server 3.02.0143 Luigi Auriemma (Sep 17)
Broadcast crash in Popmessenger 1.60 (before 20 Sep 2004) Luigi Auriemma (Sep 21)
Crash in Alpha Black Zero 1.04 Luigi Auriemma (Sep 29)
CoD United Offensive boom boom Luigi Auriemma (Sep 20)
Broadcast crash in Chatman 1.5.1 RC1 Luigi Auriemma (Sep 27)
Buffer overflow in Zinf 2.2.1 for Win32 Luigi Auriemma (Sep 24)

Macromedia Security Zone

New Macromedia Security Zone Bulletins Postede Macromedia Security Zone (Sep 24)
Macromedia Products Not Affected by MS JPEG/GDIPlus Issue Macromedia Security Zone (Sep 22)
New Macromedia Security Zone Bulletins Posted Macromedia Security Zone (Sep 26)

Maestro De-Seguridad

ADVISORY: http response splitting hole in Comersus shopping cart Maestro De-Seguridad (Sep 01)
ADVISORY: http response splitting in snipsnap Maestro De-Seguridad (Sep 14)
ADVISORY: security hole (http response splitting) in snitz forums 2000 Maestro De-Seguridad (Sep 16)

Mandrake Linux Security Team

MDKSA-2004:089 - Updated imlib/imlib2 packages fix BMP crash vulnerability Mandrake Linux Security Team (Sep 08)
MDKSA-2004:096 - Updated apache2 packages fix multiple vulnerabilities Mandrake Linux Security Team (Sep 15)
MDKSA-2004:094 - Updated printer-drivers packages fix vulnerability in foomatic Mandrake Linux Security Team (Sep 15)
MDKSA-2004:095 - Updated gdk-pixbuf packages fix image loading vulnerabilities Mandrake Linux Security Team (Sep 15)
MDKSA-2004:088 - Updated krb5 packages fix multiple vulnerabilities Mandrake Linux Security Team (Sep 02)
MDKSA-2004:099 - Updated XFree86 packages fix libXpm overflow vulnerabilities Mandrake Linux Security Team (Sep 16)
MDKSA-2004:098 - Updated libxpm4 packages fix libXpm overflow vulnerabilities Mandrake Linux Security Team (Sep 16)
MDKSA-2004:097 - Updated cups packages fix DoS vulnerability Mandrake Linux Security Team (Sep 16)
MDKSA-2004:092 - Updated samba packages fix multiple vulnerabilities Mandrake Linux Security Team (Sep 13)
MDKSA-2004:100 - Updated mpg123 packages fix vulnerabilities Mandrake Linux Security Team (Sep 23)
MDKSA-2004:101 - Updated webmin packages fix vulnerabilities Mandrake Linux Security Team (Sep 22)
MDKSA-2004:011-1 - Updated NetPBM packages fix a number of temporary file bugs. Mandrake Linux Security Team (Sep 28)
MDKSA-2004:091 - Updated cdrecord packages fix local root vulnerability Mandrake Linux Security Team (Sep 08)
MDKSA-2004:090 - Updated zlib packages fix DoS vulnerability Mandrake Linux Security Team (Sep 08)
MDKSA-2004:093 - Updated squid packages fix DoS vulnerability Mandrake Linux Security Team (Sep 15)
MDKSA-2004:095-1 - Updated gdk-pixbuf and gtk+2 packages fix image loading vulnerabilities Mandrake Linux Security Team (Sep 17)
MDKSA-2004:103 - Updated OpenOffice.org packages fix temporary file vulnerabilities Mandrake Linux Security Team (Sep 28)
MDKSA-2004:102 - Updated ImageMagick packages fix arbitray code execution vulnerabilities Mandrake Linux Security Team (Sep 23)

Marco S Hyman

Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Marco S Hyman (Sep 28)

Marc Ruef

Pinnacle ShowCenter Skin Denial of Service Marc Ruef (Sep 22)

Marcus Meissner

Re: cdrecord local root exploit Marcus Meissner (Sep 16)

Martin Bartosch

OpenCA Security Advisory: Cross Site Scripting vulnerability Martin Bartosch (Sep 06)

Martin Schulze

[SECURITY] [DSA 548-1] New imlib packages fix arbitrary code execution Martin Schulze (Sep 16)
[SECURITY] [DSA 547-1] New Imagemagic packages fix buffer overflows Martin Schulze (Sep 16)
[SECURITY] [DSA 550-1] New wv packages fix arbitrary command execution Martin Schulze (Sep 20)
[SECURITY] [DSA 546-1] New gdk-pixbuf packages fix several vulnerabilities Martin Schulze (Sep 16)
[SECURITY] [DSA 554-1] New sendmail packages fix potential open relay Martin Schulze (Sep 27)
[SECURITY] [DSA 552-1] New imlib2 packages fix potential arbitrary code execution Martin Schulze (Sep 22)
[SECURITY] [DSA 555-1] New frenet6 packages fix potential information leak Martin Schulze (Sep 30)
[SECURITY] [DSA 544-1] New webmin packages fix insecure temporary directory Martin Schulze (Sep 14)
[SECURITY] [DSA 551-1] New lukemftpd packages fix arbitrary code execution Martin Schulze (Sep 21)
[SECURITY] [DSA 545-1] New cupsys packages fix denial of service Martin Schulze (Sep 15)

Marvin Bellamy

Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Marvin Bellamy (Sep 22)

Matthew E. Lauterbach

RE: Promiscuous email printing in Canon imageRunner Matthew E. Lauterbach (Sep 28)

Matthew Keller

Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Matthew Keller (Sep 29)

Matthias Wimmer

Possible DoS attack against jabberd 1.4.3 and jadc2s 0.9.0 Matthias Wimmer (Sep 22)

Matt Johnston

RsyncX vulnerabilities Matt Johnston (Sep 17)

Matt Zimmerman

Re: Debian netkit telnetd vulnerability Matt Zimmerman (Sep 27)

Max

Insecure file permissions in the Firefox browser for Linux >= v0.9 Max (Sep 13)

Max Tulyev

ICMP spoofed source tunneling Max Tulyev (Sep 21)

mgotts

RE: Microsoft's GDI Detetection Tool faults mgotts (Sep 29)

Michael Roitzsch

XSA-2004-4: multiple string overflows Michael Roitzsch (Sep 16)
XSA-2004-5: heap overflow in DVD subpicture decoder Michael Roitzsch (Sep 16)

Michael Scheidell

Vulnerability in IBM Windows XP: default hidden Administrator account allows local Administrator access Michael Scheidell (Sep 15)

Michael Wilson, Contractor

RE: Vulnerability in IBM Windows XP: default hidden Administrator account allows local Administrator access Michael Wilson, Contractor (Sep 17)

Michal Blaszczak

Bug XSS in PsNews 1.1 Michal Blaszczak (Sep 10)
Bug XSS in PsNews 1.1 Michal Blaszczak (Sep 07)

Michal Zalewski

Debian netkit telnetd vulnerability Michal Zalewski (Sep 20)
Tool announcement: fakebust Michal Zalewski (Sep 20)

Mike Ely

Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Mike Ely (Sep 22)

Mike Healan

Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Mike Healan (Sep 27)

Mike Sues

Multiple Vulnerabilities in Symantec Enterprise Firewall/Gateway Security Products Mike Sues (Sep 22)

nekd0

MyWebServer 1.0.3 nekd0 (Sep 27)

newbug Tseng

cdrecord local root exploit newbug Tseng (Sep 10)

NGSSoftware Insight Security Research

Patch available for multiple critical flaws in Oracle NGSSoftware Insight Security Research (Sep 05)
Microsoft WordPerfect 5.x Converter Heap Overflow NGSSoftware Insight Security Research (Sep 16)
Patch available for IBM DB2 Universal Database flaws NGSSoftware Insight Security Research (Sep 02)

NGSSoftware Insight Security Research Advisory

Microsoft WordPerfect 5.x Converter Heap Overflow NGSSoftware Insight Security Research Advisory (Sep 18)

Nicholas Knight

Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Nicholas Knight (Sep 27)

Nick D.

Microsoft GDIPlus.DLL JPEG Parsing Engine Buffer Overflow Nick D. (Sep 15)

Nick Knouf

Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Nick Knouf (Sep 27)

Nick Korbel

Re: Multiple Vulnerabilities in phpScheduleIt Nick Korbel (Sep 18)

Nikyt0x Argentina

Posible Inclusion File in Perl Desk Nikyt0x Argentina (Sep 13)

OpenPKG

[OpenPKG-SA-2004.040] OpenPKG Security Advisory (samba) OpenPKG (Sep 15)
[OpenPKG-SA-2004.041] OpenPKG Security Advisory (spamassassin) OpenPKG (Sep 16)
[OpenPKG-SA-2004.042] OpenPKG Security Advisory (aspell) OpenPKG (Sep 15)
[OpenPKG-SA-2004.039] OpenPKG Security Advisory (kerberos) OpenPKG (Sep 13)

Parks, Matt

RE: Microsoft GDIPlus.DLL JPEG Parsing Engine Buffer Overflow Parks, Matt (Sep 16)

Pasquiet Loic (M.)

problem in voip environment Pasquiet Loic (M.) (Sep 13)

Patrick

Serv-U up to 5.2 Denial of Service Patrick (Sep 11)

Patrick Clinger

Re: www.proboards.com / YaBB XSS Vuln Patrick Clinger (Sep 17)

Patrick J. Kobly

Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Patrick J. Kobly (Sep 28)

Paul Johnston

wp-04-0001: Multiple Browser Cookie Injection Vulnerabilities Paul Johnston (Sep 19)
wp-04-0001: Multiple Browser Cookie Injection Vulnerabilities Paul Johnston (Sep 16)

Paul Starzetz

Re: SUSE Security Announcement: kernel (SUSE-SA:2004:028) Paul Starzetz (Sep 02)

Paul Wouters

RE: Diebold Global Election Management System (GEMS) Backdoor Paul Wouters (Sep 27)

PD9 Software

Re: HTTP Response Splitting and SQL injection in megabbs forum PD9 Software (Sep 27)

Pedro Sanches

aspWebCalendar /aspWebAlbum: SQL injection Pedro Sanches (Sep 24)

Peter Lowe

Re: [XSS] PHP-Nuke 7.4 Bugs Peter Lowe (Sep 08)

Philip Stoev

Re: New whitepaper "The Phishing Guide" Philip Stoev (Sep 29)

Pierquinto Manco

Good Patch to Multiple [XSS] Vulnerabilities in PHP-Nuke 7.4 Pierquinto Manco (Sep 07)
[XSS] PHP-Nuke 7.4 DelAdmin Bug Pierquinto Manco (Sep 05)
[XSS] PHP-Nuke 7.4 Remote Privilege Escalation Pierquinto Manco (Sep 03)
PHP-Nuke 7.4 Multiple XSS Vulnerabilities Patch Pierquinto Manco (Sep 07)
[XSS] PHP-Nuke 7.4 Newsletter Injection Bug Pierquinto Manco (Sep 07)
[XSS] PHP-Nuke 7.4 AddMsg Bug Pierquinto Manco (Sep 07)
[XSS] PHP-Nuke 7.4 ViewAdmin Bug Pierquinto Manco (Sep 04)

pigrelax

Remote buffer overflow in MDaemon IMAP and SMTP server pigrelax (Sep 22)
SQL injection in BroadBoard Instant ASP Message Board pigrelax (Sep 27)

please_reply_to_security

OpenServer 5.0.6 OpenServer 5.0.7 : apache mod_digest Incorrect Client Response Verification Vulnerability please_reply_to_security (Aug 31)

Polazzo Justin

RE: Microsoft GDIPlus.DLL JPEG Parsing Engine Buffer Overflow Polazzo Justin (Sep 16)
RE: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Polazzo Justin (Sep 22)
RE: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Polazzo Justin (Sep 30)
RE: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Polazzo Justin (Sep 26)
RE: Microsoft GDIPlus.DLL JPEG Parsing Engine Buffer Overflow Polazzo Justin (Sep 16)
RE: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Polazzo Justin (Sep 22)
RE: Microsoft GDIPlus.DLL JPEG Parsing Engine Buffer Overflow Polazzo Justin (Sep 15)

pressinfo

Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes pressinfo (Sep 22)

product-security

Axis Network Camera and Video Server Security Advisory product-security (Sep 10)

Przemyslaw Frasunek

Zyxel Prestige 681 SDSL router information leak Przemyslaw Frasunek (Sep 13)

R00tCr4ck

Multiple Vulnerabilities in Silent Storm Portal R00tCr4ck (Sep 30)

Rafel Ivgi, The-Insider

Re: GoogleToolbar:About -- Allows Script Injection Rafel Ivgi, The-Insider (Sep 18)

raiblehugo

Re: ICMP spoofed source tunneling raiblehugo (Sep 25)

Rainer Duffner

Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Rainer Duffner (Sep 22)

Reed, Phillip C. (LNG-DAY)

RE: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Reed, Phillip C. (LNG-DAY) (Sep 30)

Rene

serverview 3.0 - insecure file permissions Rene (Sep 06)

robert

Unicornscan 0.4.2 robert (Sep 30)

Ron DuFresne

RE: Linux 2.4.27 SECURITY BUG - TCP Local (probable Remote) Denial of Service Ron DuFresne (Sep 13)

Ryan_Ward

RE: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Ryan_Ward (Sep 27)

Sander Striker

[ANNOUNCE] Apache HTTP Server 2.0.51 Released Sander Striker (Sep 15)

Scott Jacobson

RE: Microsoft's GDI Detetection Tool faults Scott Jacobson (Sep 29)

Sean Davis

Re: cdrecord local root exploit Sean Davis (Sep 13)
Re: cdrecord local root exploit Sean Davis (Sep 13)

Sebastian Krahmer

SUSE Security Announcement: apache2 (SUSE-SA:2004:030) Sebastian Krahmer (Sep 06)
SUSE Security Announcement: cups (SUSE-SA:2004:031) Sebastian Krahmer (Sep 15)

Sec-Labs Team

Gadu-Gadu (all versions with image-send feature) Heap Overflow Sec-Labs Team (Sep 13)

securma

MSSQL 7.0 DoS securma (Sep 29)

Seth Arnold

Re: New whitepaper "The Phishing Guide" Seth Arnold (Sep 24)

Seth Breidbart

Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Seth Breidbart (Sep 27)
Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Seth Breidbart (Sep 29)

shadown

New security tools and papers released shadown (Sep 01)

SHATTER (Application Security, Inc.)

[SHATTER Team Security Alert] Multiple vulnerabilities in Oracle Database Server SHATTER (Application Security, Inc.) (Sep 02)

sheep explode

Re: Microsoft GDIPlus.DLL JPEG Parsing Engine Buffer Overflow sheep explode (Sep 16)

ShineShadow

Multiple vulnerabilities in Icewarp Web Mail 5.2.7 ShineShadow (Sep 10)

Simon

Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Simon (Sep 28)

sin

Re: ICMP spoofed source tunneling sin (Sep 23)

snsadv

[SNS Advisory No.77] Usermin Remote Arbitrary Shell Command Execution Vulnerability snsadv (Sep 07)

Solar Designer

Re: Debian netkit telnetd vulnerability Solar Designer (Sep 21)

Stefano Di Paola

PHP Vulnerability N. 1 Stefano Di Paola (Sep 15)
Php RFC1867 Upload Vuln. POC Released Stefano Di Paola (Sep 29)
Php Vulnerability N. 2 Stefano Di Paola (Sep 16)
Php RFC1867 Upload Vuln. POC Released Stefano Di Paola (Sep 29)
And More Advanced SQL Injection... Stefano Di Paola (Sep 22)

steve menard

Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes steve menard (Sep 22)

Steven

Re: aspWebCalendar /aspWebAlbum: SQL injection Steven (Sep 27)

Stevo

Opera DOS Stevo (Sep 02)

Stuart Moore

Yahoo! Store Security Advisory Stuart Moore (Sep 28)

Sune Kloppenborg Jeppesen

[ GLSA 200409-07 ] xv: Buffer overflows in image handling Sune Kloppenborg Jeppesen (Sep 03)
ERRATA: [ GLSA 200409-14 ] Samba: Remote printing non-vulnerability Sune Kloppenborg Jeppesen (Sep 10)
[ GLSA 200409-01 ] vpopmail: Multiple vulnerabilities Sune Kloppenborg Jeppesen (Sep 02)
[ GLSA 200409-13 ] LHa: Multiple vulnerabilities Sune Kloppenborg Jeppesen (Sep 08)
[ GLSA 200409-29 ] FreeRADIUS: Multiple Denial of Service vulnerabilities Sune Kloppenborg Jeppesen (Sep 22)
[ GLSA 200409-35 ] Subversion: Metadata information leak Sune Kloppenborg Jeppesen (Sep 29)
[ GLSA 200409-08 ] Ruby: CGI::Session creates files insecurely Sune Kloppenborg Jeppesen (Sep 05)
[ GLSA 200409-18 ] cdrtools: Local root vulnerability in cdrecord if set SUID root Sune Kloppenborg Jeppesen (Sep 14)
[ GLSA 200409-17 ] SUS: Local root vulnerability Sune Kloppenborg Jeppesen (Sep 14)
[ GLSA 200409-16 ] Samba: Denial of Service vulnerabilities Sune Kloppenborg Jeppesen (Sep 13)
[ GLSA 200409-32 ] getmail: Filesystem overwrite vulnerability Sune Kloppenborg Jeppesen (Sep 24)
UPDATE: [ GLSA 200408-22 ] Mozilla, Firefox, Thunderbird, Galeon, Epiphany: New releases fix vulnerabilities Sune Kloppenborg Jeppesen (Sep 03)
[ GLSA 200409-19 ] Heimdal: ftpd root escalation Sune Kloppenborg Jeppesen (Sep 16)
[ GLSA 200409-06 ] eGroupWare: Multiple XSS vulnerabilities Sune Kloppenborg Jeppesen (Sep 02)
[ GLSA 200409-14 ] Samba: Remote printing vulnerability Sune Kloppenborg Jeppesen (Sep 09)
[ GLSA 200409-05 ] Gallery: Arbitrary command execution Sune Kloppenborg Jeppesen (Sep 02)
[ GLSA 200409-31 ] jabberd 1.x: Denial of Service vulnerability Sune Kloppenborg Jeppesen (Sep 24)

Sym Security

Re: Default username/password pairs in ON Command CCM 5.x database backend, Sep 20 2004 2:24PM Sym Security (Sep 29)
RE: Security Center and Windows XP clients in domain, 20040831062712.31317.qmail () www securityfocus com Sym Security (Sep 01)
Symantec Enterprise Firewall/VPN and Gateway Security 300 Series Appliances Multiple Issues Sym Security (Sep 23)

the rxmr

Re: Microsoft's GDI Detetection Tool faults the rxmr (Sep 28)

Thierry Carrez

[ GLSA 200409-02 ] MySQL: Insecure temporary file creation in mysqlhotcopy Thierry Carrez (Sep 01)
[ GLSA 200409-03 ] Python 2.2: Buffer overflow in getaddrinfo() Thierry Carrez (Sep 02)
[ GLSA 200409-20 ] mpg123: Buffer overflow vulnerability Thierry Carrez (Sep 16)
[ GLSA 200409-12 ] ImageMagick, imlib, imlib2: BMP decoding buffer overflows Thierry Carrez (Sep 08)
[ GLSA 200409-09 ] MIT krb5: Multiple vulnerabilities Thierry Carrez (Sep 06)
[ GLSA 200409-27 ] glFTPd: Local buffer overflow vulnerability Thierry Carrez (Sep 22)
[ GLSA 200409-25 ] CUPS: Denial of service vulnerability Thierry Carrez (Sep 20)
[ GLSA 200409-21 ] Apache 2, mod_dav: Multiple vulnerabilities Thierry Carrez (Sep 17)
[ GLSA 200409-34 ] X.org, XFree86: Integer and stack overflows in libXpm Thierry Carrez (Sep 28)
[ GLSA 200409-10 ] multi-gnome-terminal: Information leak Thierry Carrez (Sep 06)
[ GLSA 200409-30 ] xine-lib: Multiple vulnerabilities Thierry Carrez (Sep 23)
[ GLSA 200409-04 ] Squid: Denial of service when using NTLM authentication Thierry Carrez (Sep 02)
[ GLSA 200409-26 ] Mozilla, Firefox, Thunderbird, Epiphany: New releases fix vulnerabilities Thierry Carrez (Sep 20)
[ GLSA 200409-28 ] GTK+ 2, gdk-pixbuf: Multiple image decoding vulnerabilities Thierry Carrez (Sep 21)

thomas adams

CA UniCenter Management Portal Username Enumeration Vulnerability thomas adams (Sep 21)

Thomas Biege

SUSE Security Announcement: zlib (SUSE-SA:2004:029) Thomas Biege (Sep 02)
SUSE Security Announcement: kernel (SUSE-SA:2004:028) Thomas Biege (Sep 01)

Thomas C. Greene

New Data Wipe Tools Thomas C. Greene (Sep 10)
Re: New Data Wipe Tools Thomas C. Greene (Sep 11)

Thomas Waldegger

Multiple XSS Vulnerabilities in Wordpress 1.2 Thomas Waldegger (Sep 28)

Thor

Re: Security Center and Windows XP clients in domain Thor (Sep 01)

Thor Larholm

FW: [Unpatched] Shell and Drag'n'Drop vulnerabilities Thor Larholm (Sep 04)

Tim Broeker

Re: Mambo Portal lasted version 4.5.1 (1.09) and lower vesion : SQL injection Vulnerability. Tim Broeker (Sep 20)

Tim Newsham

Re: ICMP spoofed source tunneling Tim Newsham (Sep 22)
Re: FreeBSD kernel buffer overflow Tim Newsham (Sep 18)

Tom Yu

MITKRB5-SA-2004-002: double-free vulnerabilities Tom Yu (Sep 02)

Tracy Bost

Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Tracy Bost (Sep 28)

trh

Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes trh (Sep 30)

Trustix Security Advisor

TSLSA-2004-0047 - multi Trustix Security Advisor (Sep 16)
TSL-2004-0050 - multi Trustix Security Advisor (Sep 30)
TSLSA-2004-0049 - apache Trustix Security Advisor (Sep 24)
TSL-2004-0045 - kerberos5 Trustix Security Advisor (Sep 02)
TSL-2004-0046 - multi Trustix Security Advisor (Sep 14)

Udo Mueller

Re: Posible security bug in phpMyWebhosting Udo Mueller (Sep 20)

Valdis . Kletnieks

Re: Linux OpenExchange - cleartext rootpw in swap Valdis . Kletnieks (Sep 02)

ViPeR

GoogleToolbar:About -- Allows Script Injection ViPeR (Sep 17)

Volker Kuhlmann

Re: cdrecord local root exploit Volker Kuhlmann (Sep 14)

Wesley Shields

Re: FreeBSD kernel buffer overflow Wesley Shields (Sep 18)

Wolfpaw - Dale Corse

RE: Linux 2.4.27 SECURITY BUG - TCP Local (probable Remote) Denial of Service Wolfpaw - Dale Corse (Sep 13)
Linux 2.4.27 SECURITY BUG - TCP Local (probable Remote) Denial of Service Wolfpaw - Dale Corse (Sep 13)

Yoav Nir

RE: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Yoav Nir (Sep 27)

Previous period

Next period