Vulnwatch: by author

• RSS Feed
• About List
• All Lists

Previous period

Next period

76 messages starting Nov 13 03 and ending Oct 06 03
Date index | Thread index | Author index

advisories

Corsaire Security Advisory: PeopleSoft IScript XSS issue advisories (Nov 13)
Corsaire Security Advisory: BEA WebLogic example InteractiveQuery.jsp XSS issue advisories (Oct 31)
Corsaire Security Advisory: BEA Tuxedo Administration CGI multiple argument issues advisories (Oct 31)
Corsaire Security Advisory: PeopleSoft Gateway Administration servlet path disclosure issue advisories (Nov 13)
Corsaire Security Advisory: PeopleSoft PeopleBooks Search CGI multiple argument issues advisories (Nov 13)

advisory

R7-0016: Sybase ASE 12.5 Remote Password Array Denial of Service advisory (Nov 20)

Aviram Jenik

Multiple SQL Injection Vulnerabilities in DeskPRO Aviram Jenik (Oct 20)

Bojan Zdrnja

Remote execution in My_eGallery Bojan Zdrnja (Nov 26)

Bugtraq Security Systems

Bugtraq Security Systems ADV 0001 Bugtraq Security Systems (Dec 26)
Multiple Remote Issues in Applied Watch IDS Suite (advisory attached) Bugtraq Security Systems (Nov 28)

Cesar

Microsoft Local Troubleshooter ActiveX control buffer overflow Cesar (Oct 16)

Chris Wysopal

5 Windows vulnerabilities for October 2003 (4 critical, 1 important) Chris Wysopal (Oct 15)
3 critical, 1 important Microsoft security bulletins for Nov 2003 Chris Wysopal (Nov 11)
2 Microsoft Exchange Server Bulletins (1 critical, 1 moderate) Chris Wysopal (Oct 15)

Constantinides (MegaHz)

simple bufferoverflow in gedit Constantinides (MegaHz) (Nov 25)

Core Security Technologies

[CORE-2003-12-05] DCE RPC Vulnerabilities New Attack Vectors Analysis Core Security Technologies (Dec 11)

Dinis Cruz

Security issues with Asp.Net in Shared Hosting Environments Dinis Cruz (Oct 30)

dong-h0un U

sh-httpd `wildcard character' vulnerability dong-h0un U (Oct 27)
Musicqueue multiple local vulnerabilities dong-h0un U (Oct 27)

Dragos Ruiu

CanSecWest/core04 Call For Papers Dragos Ruiu (Oct 30)

Frog Man

GuppY : XSS, Files Reading/Writing Frog Man (Oct 05)
myPHPCalendar : Informations Disclosure, File Include Frog Man (Oct 12)
Advanced Poll : PHP Code Injection, File Include, Phpinfo Frog Man (Oct 25)
PHP-Nuke v 6.7 + Windows = File Upload Frog Man (Oct 04)
EMML, EMGB : Include() hole Frog Man (Oct 04)

GreyMagic Software

Adobe SVG Viewer Cross Domain and Zone Access (GM#004-MC) GreyMagic Software (Oct 07)
Adobe SVG Viewer Local and Remote File Reading (GM#003-MC) GreyMagic Software (Oct 07)
Adobe SVG Viewer Active Scripting Bypass (GM#002-MC) GreyMagic Software (Oct 07)

Härnhammar , Ulf

lftp buffer overflows Härnhammar , Ulf (Dec 15)

H D Moore

MS03-046 Microsoft Exchange 2000 Heap Overflow H D Moore (Oct 22)

KF

SRT2003-11-02-0115 - NIPrint LPD-LPR Remote overflow KF (Nov 03)
SRT2003-11-13-0218 - PCAnywhere local SYSTEM exploit KF (Nov 13)
SRT2003-12-04-0723 - PLDaniels Ebola remote overflow KF (Dec 04)
SRT2003-11-06-0710 - IBM DB2 Multiple local security issues KF (Nov 07)
SRT2003-11-02-0218 - NIPrint LPD-LPR Local Help API SYSTEM exploit KF (Nov 03)
SRT2003-TURKEY-DAY - *novelty* - detecttr.c Trace Route detection vulnerability KF (Nov 27)
SRT2003-11-11-1151 - clamav-milter remote exploit / DoS KF (Nov 12)

Maarten Hartsuijker

exploiting fortigate firewall through webinterface Maarten Hartsuijker (Oct 02)
vulnerabilities in fortigate firewall webinterface Maarten Hartsuijker (Nov 12)

Marc Schoenefeld

JBoss 3.X: Remote Command Injection Marc Schoenefeld (Oct 07)

Marukka

Local Denial Of Service Attack Against Apple MacOS X, MacOS X Server, and Darwin. Marukka (Dec 30)

Michael Scheidell

Symbol Technologies Default WEP KEYS Vulnerability Michael Scheidell (Nov 10)

Next Generation Insight Security Research (NGS Software)

Multiple Vulnerabilities Sybase Anywhere 9 Next Generation Insight Security Research (NGS Software) (Dec 10)

NGSSoftware Insight Security Research

Microsoft PCHealth 2003/XP Buffer Overflow (#NISR15102003) NGSSoftware Insight Security Research (Oct 16)
Multiple SQL Injection Vulnerabilities in Oracle Application Server 9i and RDBMS (#NISR05112003) NGSSoftware Insight Security Research (Nov 05)

NSFOCUS Security Team

NSFOCUS SA2003-08: HP-UX libc NLSPATH Environment Variable Privilege Elevation Vulnerability NSFOCUS Security Team (Nov 13)
NSFOCUS SA2003-07: HP-UX Software Distributor Buffer Overflow Vulnerability NSFOCUS Security Team (Nov 13)

Paul Starzetz

[iSEC] Linux kernel do_brk() vulnerability details Paul Starzetz (Dec 04)
[iSEC] Linux kernel do_brk() lacks argument bound checking Paul Starzetz (Dec 01)

Pentest Security Advisories

ptl-2003-01: IBM DB2 LOAD Command Stack Overflow Vulnerability Pentest Security Advisories (Oct 01)

Peter Winter-Smith

eZ and eZphotoshare fixes Peter Winter-Smith (Dec 11)
ProjectForum Multiple Vulnerabilities Peter Winter-Smith (Dec 22)
IA WebMail Server 3.x Buffer Overflow Vulnerability Peter Winter-Smith (Nov 03)
Re: NetObserve Security Bypass Vulnerability Peter Winter-Smith (Dec 30)
eZ Multiple Packages Stack Overflow Vulnerability Peter Winter-Smith (Dec 07)
eZphotoshare Multiple Overflow Vulnerabilities Peter Winter-Smith (Dec 03)
NetObserve Security Bypass Vulnerability Peter Winter-Smith (Dec 29)

Rohit Dhamankar

RE: SAP DB priv. escalation/remote code execution Rohit Dhamankar (Nov 19)

scrap

Cutenews 1.3 information disclosure scrap (Dec 01)

Security Corporation Security Advisory

[SCSA-023] Multiple vulnerabilities in Mambo Server Security Corporation Security Advisory (Dec 10)
[SCSA-021] Anonymous Mail Forwarding Vulnerabilities in vbPortal Security Corporation Security Advisory (Nov 22)
[SCSA-024] BES-CMS including file vulnerability Security Corporation Security Advisory (Dec 20)
[SCSA-022] Multiple vulnerabilities in Xoops Security Corporation Security Advisory (Dec 06)

SGI Security Coordinator

do_brk() vulnerability on SGI Altix systems SGI Security Coordinator (Dec 02)
rpc.mountd Vulnerabilities update on IRIX SGI Security Coordinator (Dec 05)

@stake Advisories

Opera HREF escaped server name overflow @stake Advisories (Oct 20)
Mac OS X Systemic Insecure File Permissions @stake Advisories (Oct 28)
SAP DB priv. escalation/remote code execution @stake Advisories (Nov 17)
Mac OS X Long argv[] buffer overflow @stake Advisories (Oct 28)
Mac OS X Arbitrary File Overwrite via Core Files @stake Advisories (Oct 28)
SAP DB web-tools multiple issues @stake Advisories (Nov 17)

Stefan Hecker

xchat 2.0.6 crashes with mirc 6.0-6.11 DCC exploit Stefan Hecker (Dec 11)

Steve

Cisco Security Advisory: SNMP trap Reveals WEP Key in Cisco Aironet AP (fwd) Steve (Dec 02)

Tamer Sahin

Metacortex v1.0 Released Tamer Sahin (Dec 11)

Todd Chapman

Advisory: Dark Age of Camelot - Weak encryption of network traffic exposed personal information. Todd Chapman (Dec 15)

Wojciech Purczynski

[PAPER] Juggling with packets: floating data storage Wojciech Purczynski (Oct 06)

Previous period

Next period