Vulnwatch: by author

• RSS Feed
• About List
• All Lists

Previous period

Next period

127 messages starting May 17 03 and ending Apr 16 03
Date index | Thread index | Author index

0x36

Buffer overflow vulnerability found in MailMax version 5 0x36 (May 17)

Andreas Constantinides

Plaintext Password in Settings.ini of CesarFTP Andreas Constantinides (May 20)

Auriemma Luigi

Abyss X1 1.1.2 remote crash Auriemma Luigi (Apr 05)

Aviram Jenik

Misuse of Macromedia Flash Ads clickTAG Option May Lead to Privacy Breach Aviram Jenik (Apr 14)

Berend-Jan Wever

Coppermine Photo Gallery remote compromise Berend-Jan Wever (Apr 07)

B.K. DeLong

Black Hat 2003 Speaker Lineup; Phil Zimmermann to Keynote B.K. DeLong (Jun 18)

bob

Firebird local root compromise bob (May 09)

Brett Moore

Windows Media Services Remote Command Execution Brett Moore (May 31)
Windows Media Services Remote Command Execution #2 Brett Moore (Jun 25)

Carsten H. Eiram

Secunia Research: Xeneo Web Server URL Encoding Denial of Service Carsten H. Eiram (Apr 23)
Secunia Research: FTPServer/X Response Buffer Overflow Vulnerability Carsten H. Eiram (Jun 26)

Cisco Systems Product Security Incident Response Team

Cisco Security Advisory: Cisco Secure Access Control Server for Windows Admin Buffer Overflow Vulnerability Cisco Systems Product Security Incident Response Team (Apr 23)
Cisco Security Advisory: Cisco ONS15454, ONS15327, ONS15454SDH, and ONS15600 Nessus Vulnerabilities Cisco Systems Product Security Incident Response Team (May 01)
Cisco Security Advisory: Cisco IOS Software Processing of SAA Packets Cisco Systems Product Security Incident Response Team (May 15)
Cisco Security Advisory: Cisco VPN 3000 Concentrator Vulnerabilities Cisco Systems Product Security Incident Response Team (May 07)
Cisco Security Advisory: Cisco Catalyst Enable Password Bypass Vulnerability Cisco Systems Product Security Incident Response Team (Apr 24)
Cisco Security Advisory: Cisco Content Service Switch 11000 Series DNS Negative Cache of Information Denial-of-Service Cisco Systems Product Security Incident Response Team (Apr 30)

CORE Security Technologies Advisories

CORE-2003-0307: Snort TCP Stream Reassembly Integer Overflow Vulnerability CORE Security Technologies Advisories (Apr 15)
CORE-2003-0403: Axis Network Camera HTTP Authentication Bypass CORE Security Technologies Advisories (May 27)
CORE-2003-0305-02: Vulnerabilities in Kerio Personal Firewall CORE Security Technologies Advisories (Apr 28)
CORE-2003-0303: Multiple Vulnerabilities in Mirabilis ICQ client CORE Security Technologies Advisories (May 05)

Dennis Rand

Buffer Overflow Vulnerability Found in MailMax Version 5 Dennis Rand (Apr 11)
Multiple Buffer Overflow Vulnerabilities Found in FTGate Pro Mail Server v. 1.22 (1328) Dennis Rand (May 06)
Multiple Buffer Overflow Vulnerabilities Found in CMailServer 4.0 Dennis Rand (May 11)

dong-h0un U

[INetCop Security Advisory] Remote Heap Corruption Overflow vulnerability in WsMp3d. dong-h0un U (May 21)
GNATS (The GNU bug-tracking system) multiple buffer overflow vulnerabilities. dong-h0un U (Jun 23)
[INetCop Security Advisory] Remote Multiple Buffer Overflow vulnerability in passlogd sniffer. dong-h0un U (Apr 02)
[INetCop Security Advisory] Qpopper v4.0.x poppassd local root exploit dong-h0un U (Apr 29)
[INetCop Security Advisory] WsMP3d Directory Traversing Vulnerability. dong-h0un U (May 21)

Erik Parker

[DDI-1013] Buffer Overflow in Samba allows remote root compromise Erik Parker (Apr 07)

Florian Weimer

Algorithmic Complexity Attacks and the Linux Networking Code Florian Weimer (May 17)

François SORIN

[KSA-001] Multiple vulnerabilities in Tutos François SORIN (Jun 23)
[KSA-002] Multiple Vulnerabilities In Moregroupware François SORIN (Jun 26)

Frog Man

OneOrZero Security Problems (PHP) Frog Man (May 15)
True Galerie 1.0 : Admin Access & File Copy Frog Man (Apr 25)
pMachine (PHP) : Include() Security Hole Frog Man (Jun 14)
PY-Membres 4.0 (PHP) Frog Man (Apr 06)

gilbert vilvoorde

XSS Vulnerability in LedNews (CGI/Perl) v0.7 gilbert vilvoorde (Jun 15)

Gregory LEBRAS

[SCSA-018] Disclosure of authentication information in Sambar Server Gregory LEBRAS (Apr 23)

Gregory Le Bras | Security Corporation

[SCSA-015] Remote Denial of Service Vulnerability in PowerFTP Gregory Le Bras | Security Corporation (Mar 31)
[SCSA-016] Multiple vulnerabilities in Ez publish Gregory Le Bras | Security Corporation (Apr 15)
[SCSA-017] Directory Traversal Vulnerability in EZ Server Gregory Le Bras | Security Corporation (Apr 16)

GreyMagic Software

Script Injection to Custom HTTP Errors in Local Zone (GM#014-IE) GreyMagic Software (Jun 17)

iDEFENSE Labs

iDEFENSE Security Advisory 05.22.03: Authentication Bypass in iisPROTECT iDEFENSE Labs (May 22)
iDEFENSE Security Advisory 04.09.03: Denial of Service in Microsoft Proxy Server and Internet Security and Acceleration (ISA) S iDEFENSE Labs (Apr 09)
iDEFENSE Security Advisory 04.08.03: Denial of Service in Apache HTTP Server 2.x iDEFENSE Labs (Apr 08)
iDEFENSE Security Advisory 03.31.03: Buffer Overflow in Windows QuickTime Player iDEFENSE Labs (Mar 31)
iDEFENSE Security Advisory 06.16.03: Linux-PAM getlogin() Spoofing Vulnerability iDEFENSE Labs (Jun 16)
iDEFENSE Security Advisory 05.30.03: Apache Portable Runtime Denial of Service and Arbitrary Code Execution Vulnerability iDEFENSE Labs (May 30)

Integrigy Security Alerts

Integrigy Security Advisory - Oracle Applications FNDFS Vulnerability Integrigy Security Alerts (Apr 10)

Jakob Balle

Secunia Research: Opera browser filename extension buffer overflows Jakob Balle (May 12)

Jouko Pynnonen

Buffer overflow in Internet Explorer's HTTP parsing code Jouko Pynnonen (Apr 26)
Windows Media Player directory traversal vulnerability Jouko Pynnonen (May 07)

Kee Hinckley

Re: CORE-2003-0403: Axis Network Camera HTTP Authentication Bypass Kee Hinckley (May 27)

KF

SRT2003-04-04-1106 - AOLServer Proxy Daemon API unformatted syslog() call KF (Apr 04)
SRT2003-06-20-1232 - Progress 4GL Compiler datatype overflow KF (Jun 20)
SRT2003-05-08-1137 - ListProc mailing list ULISTPROC_UMASK overflow KF (May 08)
SRT2003-06-12-0853 - ike-scan local root format string issue KF (Jun 13)
SRT2003-04-15-1029 - Progres BINPATHX overflow KF (Apr 15)
SRT2003-06-13-1009 - Progress _dbagent -installdir dlopen() issue KF (Jun 14)
SRT2003-06-13-0945 - Progress PATH based dlopen() issue KF (Jun 14)
SRT2003-04-24-1532 - Options Parsing Tool library buffer overflows. KF (Apr 24)
SRT2003-04-03-1300 - Interbase ISC_LOCK_ENV overflow KF (Apr 03)
SRT2003-04-22-1336 - SAP DB Development Tools install flaw KF (Apr 22)

K. K. Mookhey

NII Advisory - Buffer Overflow in Analogx Proxy K. K. Mookhey (May 26)

Knud Erik Højgaard

youbin local root exploit + advisory Knud Erik Højgaard (May 06)
gid bin from /usr/ports/korean/elm (FreeBSD) Knud Erik Højgaard (Jun 23)

labs

[NGSEC-2003-5] YABB SE, remote command execution labs (Apr 22)

Marc Schoenefeld

Opera 7.11 java.util.zip.* Vulnerability (fwd) Marc Schoenefeld (May 11)
Java Agent freezes Lotus Notes and Domino 6.0.1 (fwd) Marc Schoenefeld (Apr 06)

Marek Bialoglowy

Flooding Internet Explorer 6.0.2800 (6.x?) security zones ! - UPDATED Marek Bialoglowy (May 14)

Mark Litchfield

Remote Buffer Overrun WebAdmin.exe Mark Litchfield (Jun 24)
Re: Buffer Overflow Vulnerability Found in MailMax Version 5 Mark Litchfield (Apr 11)

Matthew Murphy

Remote Vulnerabilties in mod_ntlm Matthew Murphy (Apr 21)
AN HTTPd Sample Script File Truncation Matthew Murphy (Apr 21)
Race in XP SCM Service Shutdown Mechanism Matthew Murphy (Apr 19)
eServ Memory Leak Enables Denial of Service Attacks Matthew Murphy (May 11)
BadBlue Remote Administrative Access Vulnerability Matthew Murphy (Apr 20)
Monkey HTTPd Remote Buffer Overflow Matthew Murphy (Apr 20)

mattmurphy () kc rr com

BadBlue Remote Administrative Interface Access Vulnerability mattmurphy () kc rr com (May 20)

Michael Puchol

3Com OfficeConnect Remote 812 ADSL router exposes internal LAN computer's ports during outbound and inbound TCP and UDP sessions Michael Puchol (Mar 31)

Michael Scheidell

3com NBX IP Phone Call manager Denial of Service - Update Michael Scheidell (Apr 26)

Muhammad Faisal Rauf Danka

Hotmail & Passport (.NET Accounts) Vulnerability Muhammad Faisal Rauf Danka (May 08)

NGSSoftware Insight Security Research

Oracle Database Server Buffer Overflow Vulnerability (#NISR29042003) NGSSoftware Insight Security Research (Apr 29)
Internet Explorer Plugin.ocx heap overflow (#NISR24042003) NGSSoftware Insight Security Research (Apr 24)
Multiple Vulnerabilities in SLWebmail NGSSoftware Insight Security Research (May 07)
Multiple Buffer Overflow Vulnerabilities in SLMail (#NISR07052003A) NGSSoftware Insight Security Research (May 07)

NSFOCUS Security Team

NSFOCUS SA2003-05: Microsoft IIS ssinc.dll Over-long Filename Buffer Overflow Vulnerability NSFOCUS Security Team (May 30)
NSFOCUS SA2003-04 : Remote Buffer Overflow Vulnerability in Web Management Interface of Cisco Secure ACS NSFOCUS Security Team (Apr 23)

OC Hosting - Lance L

Fw: Alert: Microsoft Security Bulletin - MS03-011 OC Hosting - Lance L (Apr 09)

Peter Winter-Smith

P-News 1.16 Admin Access Vulnerability Peter Winter-Smith (May 24)
Admin Account Creation Vulnerability in CuteNews 1.x Peter Winter-Smith (Jun 29)
Vulnerability in ' poster version.two' Peter Winter-Smith (May 14)

pokleyzz

Webfroot Shoutbox 2.32 directory traversal and code injection. pokleyzz (May 28)
Geeklog 1.3.7sr1 and below multiple vulnerabilities. pokleyzz (May 28)
b2 cafelog 0.6.1 remote command execution. pokleyzz (May 29)

Rain Forest Puppy

Ethereal < 0.9.13 vulns Rain Forest Puppy (Jun 17)
Linux 2.4 kernel ioperm vuln Rain Forest Puppy (May 20)
More S21sec Vignette advisories Rain Forest Puppy (May 26)
Administrivia: Vulnwatch DNS issues affecting availability Rain Forest Puppy (Jun 06)
Linux 2.4 kernel ioperm vuln *is* for 2.4 Rain Forest Puppy (May 22)

Rapid 7 Security Advisories

R7-0013: Heap Corruption in Gaim-Encryption Plugin Rapid 7 Security Advisories (Apr 11)

Rick

phpBB password disclosure by sql injection Rick (Jun 19)

S21SEC

S21SEC-017-en - Vignette /vgn/legacy/save SQL access S21SEC (May 26)
S21SEC-016-en - Vignette SSI Injection S21SEC (May 26)

scheidell

SECNAP Security Advisory: Invalid HTML processing in GoldMine(tm) scheidell (May 28)

scrap

PTNews v1.7.7 - Access to administrator functions without authentification scrap (Apr 21)

SecurITeam BugTraq Monitoring

Multiple Vulnerabilities Found in Mailtraq (DoS, Password Decryption, Directory Traversal) SecurITeam BugTraq Monitoring (Jun 16)

Security Experts, Liability Limited

serious vulnerability present. all doomed. over. Security Experts, Liability Limited (Mar 31)

SecurityTracker

Happymall E-Commerce Remote Command Execution SecurityTracker (May 07)
SQL injection in BttlxeForum SecurityTracker (Apr 23)

SGI Security Coordinator

MIPSPro Compiler Predictable Temp File vulnerability SGI Security Coordinator (Jun 17)
Multiple IPv6-Induced Bugs & Vulnerabilities on IRIX SGI Security Coordinator (Jun 24)

sharpiemarker

Snitz Forum 3.3.03 Remote Command Execution sharpiemarker (May 12)

silentscripter

Multiple vulnerabilities in paBox silentscripter (Jun 29)

SPI Labs

Multiple Vulnerabilities in Sun-One Application Server SPI Labs (May 27)
Internet Information Services 5.0 Denial of service SPI Labs (May 28)

@stake Advisories

Nokia GGSN (IP650 Based) DoS @stake Advisories (Jun 09)
Apple AirPort Administrative Password Obfuscation (a051203-1) @stake Advisories (May 12)
MacOS X DirectoryService Privilege Escalation (a041003-1) @stake Advisories (Apr 10)
Vignette Story Server sensitive information disclosure (a040703-1) @stake Advisories (Apr 07)

Steve

Administrivia - VulnWatch.Org still down Steve (Jun 10)
Administrivia - Temporary fix for VulnWatch.org Steve (Jun 10)

subversive

SFAD03-001: iWeb Mini Web Server Remote Directory Traversal subversive (Apr 15)

vulnwatch-return-887-lists_vulnwatch=insecure.org

R7-0014: RSA SecurID ACE Agent Cross Site Scripting vulnwatch-return-887-lists_vulnwatch=insecure.org (Jun 18)

zillion

ChiTeX local root vulnerability zillion (Apr 03)
Apache mod_access_referer denial of service issue zillion (Apr 16)

Previous period

Next period