SecurityFocus Bugtraq
By Thread
309 messages sorted by:
[ author ]
[ date ]
[ subject ]
[ attachment ]
Starting: 12/01/01
Ending: 12/31/01
- XP automatic recognition of Nokia as NIC? Geoff Lane (12/31/01)
- audiogalaxy...little problem.... josx (01/01/02)
- blackshell2: zml.cgi remote exploit blackshell@hushmail.com (12/31/01)
- Daydream BBS Format strings issue. KF (12/31/01)
- Possible security problem with Cisco ubr900 series routers secureks2002@yahoo.com (12/30/01)
- gzip bug w/ patch.. greg (12/30/01)
- lastlines.cgi path traversal and command execution vulns BrainRawt . (12/30/01)
- DayDream BBS buffer overflows KF (12/30/01)
- Windows AIM Client Exploits Robbie Saunders (12/31/01)
- Active Perl path reveal antoan miroslavov (12/29/01)
- PHP Rocket Add-in (file transversal vulnerability) John Doe (12/28/01)
- phrack #58 is out. staff_rs@phrack.org (12/28/01)
- The easy way to turn off Universal Plug-and-Play in Windows Richard M. Smith (12/28/01)
- Vim backup Source Disclosure Vulnerability Chris Gragsone (12/28/01)
- [SNS Advisory No.47] DeleGate Cross Site Scripting Vulnerability snsadv@lac.co.jp (12/28/01)
- Stunnel: Format String Bug in versions <3.22 Brian Hatch (12/27/01)
- [SECURITY] [DSA-095-1] gpm (gpm-root) format string vulnerabilities Robert van der Meulen (12/27/01)
- Dangerous information in CentraOne log files - VENDOR RESPONSE JClark@centra.com (12/27/01)
- Lynx format string vulnerability in URL logging. Larry W. Cashdollar (12/27/01)
- [ESA-20011227-01] stunnel format string vulnerability EnGarde Secure Linux (12/27/01)
- Too much misleading advice on the Universal Plug-and-Play security hole Richard M. Smith (12/26/01)
- RE: Too much misleading advice on the Universal Plug-and-Play security hole Marc Maiffret (12/27/01)
- RE: Too much misleading advice on the Universal Plug-and-Play security hole Richard M. Smith (12/27/01)
- RE: Too much misleading advice on the Universal Plug-and-Play security hole Paul Schmehl (12/28/01)
- Re: Too much misleading advice on the Universal Plug-and-Play security hole Matthew Caron (12/27/01)
- RE: Too much misleading advice on the Universal Plug-and-Play security hole Marc Maiffret (12/27/01)
- Phoenix Sistemi Security Advisory: ELSA Lancom 1100 Office Security Problems Davide Del Vecchio (12/26/01)
- msql DoS Lesha Pavlov (12/26/01)
- GOBBLES CGI MARATHON #003 bugtraq (12/26/01)
- Remote Root Hole in FreeBSD Ports bugtraq (12/26/01)
- GOBBLES CGI MARATHON #002 bugtraq (12/26/01)
- UPDATE: IE https certificate attack Stefan Esser (12/25/01)
- Open Source Security and Vendors Andreas Steinmetz (12/25/01)
- Possible hole in Win XP MS Client networking Daniel Swarbrick (12/25/01)
- [RHSA-2001:162-04] Updated namazu packages are available bugzilla@redhat.com (12/25/01)
- SuSE Security Announcement: glibc/shlibs, in.ftpd (SuSE-SA:2001:046) Roman Drahtmueller (12/24/01)
- GOBBLES CGI MARATHON #001 bugtraq (12/24/01)
- PGP Plugin for Outlook can send unencrypted messages Peter Trifonov (12/22/01)
- IE https certificate attack security@e-matters.de (12/22/01)
- Re: IE https certificate attack Dimitris Giannitsaros (12/24/01)
- Re: IE https certificate attack Przemyslaw Frasunek (12/25/01)
- Re: IE https certificate attack Kevin van Haaren (12/25/01)
- Re: IE https certificate attack Donald King (12/26/01)
- RE: IE https certificate attack The Death (12/26/01)
- FW: IE https certificate attack August September (12/26/01)
- twlc advisory: plesk (psa) allows reading of .php files supergate@twlc.net (12/21/01)
- D-Link DWL-1000AP can be compromised because of SNMP configuration Jonathan Strine (12/21/01)
- VIGILANTe advisory 2001003 : Atmel SNMP Non Public Community Stri ng DoS Vulnerability Frederic Brouille (12/21/01)
- New MALDAL (or KERZAC) Worm Wins0ck Wins0ck (12/20/01)
- [RHSA-2001:168-05] Updated Mailman packages available bugzilla@redhat.com (12/21/01)
- @stake advisory: Multiple overflow and format string vulnerabilities in in Microsoft SQL Server @stake advisories (12/21/01)
- yet another fake exploit making rounds Michal Zalewski (12/21/01)
- MDKSA-2001:095 - glibc update Mandrake Linux Security Team (12/20/01)
- Immunix OS 7.0 glibc update Immunix Security Team (12/20/01)
- Recent Advances in Intrusion Detection Symposium Peter Mell (12/20/01)
- Buffer Overflow in Oracle 9iAS (#NISR20122001) David Litchfield (12/21/01)
- [CERT-intexxia] pfinger Format String Vulnerability Benoît Roussel (12/20/01)
- MSIE DoS Using javascript Tom Micklovitch (12/20/01)
- MDKSA-2001:094 - libgtop update Mandrake Linux Security Team (12/20/01)
- TSLSA-2001-0029 - glibc Trustix Secure Linux Advisor (12/20/01)
- TSL-2001-0030 - openssh (updated) Trustix Secure Linux Advisor (12/20/01)
- RE: Internet Explorer Document.Open() Without Close() Cookie Stea ling, File Reading, Site Spoofing Bug Dawes, Rogan (ZA - Johannesburg) (12/20/01)
- Multiple Remote Windows XP/ME/98 Vulnerabilities Marc Maiffret (12/20/01)
- Windows XP security concerns Tomasz Polus (12/20/01)
- IE5 (SP1) crash the X server on Solaris2.6 chinese edition Jing Shen (12/20/01)
- TSLSA-2001-0030 - openssh Trustix Secure Linux Advisor (12/20/01)
- Caramail.com : cross scripting frog frog (12/20/01)
- Internet Explorer Document.Open() Without Close() Cookie Stealing, File Reading, Site Spoofing Bug the Pull (12/20/01)
- Linux distributions and /bin/login overflow Anton Rager (12/20/01)
- PHPNuke 5 Cross Scripting Replugge [Rod] (12/17/01)
- HP Secure OS Software for Linux security bulletins digest IT Resource Center (12/19/01)
- IRM Security Advisory 002: Netware Web Server Source Disclosure IRM Security Advisories (12/19/01)
- [ph10@cus.cam.ac.uk: [Exim] Potential security problem] Tabor J. Wells (12/19/01)
- MAGIC Enterprise Multiple Vulnerabilities Stephan Holtwisch (12/17/01)
- ProFTPD - Problems in file globbing, gives segmentation fault. Mattias _ (12/19/01)
- Re: ProFTPD - Problems in file globbing, gives segmentation fault. Edsel Adap (12/19/01)
- Re: ProFTPD - Problems in file globbing, gives segmentation fault. Markus Kovero (12/19/01)
- Re: ProFTPD - Problems in file globbing, gives segmentation fault. Przemyslaw Frasunek (12/19/01)
- Re: ProFTPD - Problems in file globbing, gives segmentation fault. Moritz Grimm (12/20/01)
- FTPXQ default install read/write capabilities Brice Carlson (12/19/01)
- Aktivate Shopping System Cross Site Scripting Vulnerability Tamer Sahin (12/18/01)
- wmcube-gdk is vulnerable to a local exploit corecode@corecode.ath.cx (12/18/01)
- Some analysis of Microsoft SQL Server 2000 stored procedure encryption shoeboy (12/17/01)
- MDKSA-2001:093 - kerberos update Mandrake Linux Security Team (12/18/01)
- Hosting.com Cross Site Scripting E M (12/18/01)
- Microsoft Security Notification Service Microsoft (12/17/01)
- Advisory: popauth Paul Starzetz (12/17/01)
- New Advisory + Exploit bugtraq (12/18/01)
- Agoracgi v3.3e Cross Site Scripting Vulnerability Tamer Sahin (12/17/01)
- Buffer Overflow in System V Derived Login SGI Security Coordinator (12/17/01)
- [ESA-20011217-01] 'glibc' globbing buffer overflow EnGarde Secure Linux (12/17/01)
- Hot keys permissions bypass under XP Charles Chear (12/17/01)
- webmin 0.91 ../.. problem A. Ramos (12/17/01)
- [Global InterSec 2001121001] glibc globbing issues. Tom Parker (12/18/01)
- Dangerous information in CentraOne Log files, possible user impersonation zedfly@hushmail.com (12/17/01)
- [SECURITY] [DSA-094-1] mailman cross-site scripting problem Wichert Akkerman (12/16/01)
- Re: xmms/xchat full access shared memory segments (and Mozilla) Ian Freislich (12/16/01)
- Re: MSIE may download and run progams automatically - NOT SO FAST http-equiv@excite.com (12/16/01)
- Phpnuke module.php vulnerability and php error_reporting issue Cabezon Aurélien (12/16/01)
- [Security] PHP 4.1.0 available Zeev Suraski (12/16/01)
- Novell Groupwise servlet gateway default username and password AGray@novacoast.com (12/16/01)
- ATPhttpd 0.4 DoS Vulnerability (POC exploit) methodic (12/16/01)
- *ALERT* "Unix Manual" PHP-Script allows arbitrary code execution Florian Hobelsberger / BlueScreen (12/15/00)
- SpiDynamics WebInspect - Keeping Track of its Users? A.S. (12/15/01)
- Sun Solaris login bug patches out James Lick (12/14/01)
- [RHSA-2001:160-09] Updated glibc packages are available bugzilla@redhat.com (12/14/01)
- Trust issues with RH and Debian package managers dfeldman (12/14/01)
- RE: FTP "Network Place" with saved password will reveal cached pa ssword jones, gerald (12/14/01)
- PHPNuke holes frog frog (12/15/01)
- HP-UX setuid rlpdaemon induced to make illicit file writes G.Borglum (12/15/01)
- Win ME, Apache/1.3.20 and PHP/4.0.4pl1 Source disclosure Vulnerability Bill Q (12/15/01)
- MSIE6 can read local files jelmer (12/15/01)
- Security Update: [CSSA-2001-042.1] Linux - Local vulerability in OpenSSH Support Info (12/14/01)
- Security Update: [CSSA-2001-SCO.40] OpenServer: /bin/login and /etc/getty argument buffer overflow security@caldera.com (12/14/01)
- FTP "Network Place" with saved password will reveal cached password Aaron Heck (12/14/01)
- Update: FTP "Network Place" with saved password will reveal cached password Aaron Heck (12/14/01)
- MSIE may download and run progams automatically Jouko Pynnonen (12/14/01)
- Zyxel Prestige 681 and 1600 (possibly other?) remote DoS Przemyslaw Frasunek (12/14/01)
- MDKSA-2001:092 - openssh update Mandrake Linux Security Team (12/14/01)
- klprfax_filter symlink vulnerability wang yuan (12/14/01)
- ATPhttpd 0.4 DoS Vulnerability Tamer Sahin (12/13/01)
- Older Webmin install /tmp KF (12/13/01)
- WRSHDNT 2.21.00 CPU overusage martin rakhmanoff (12/13/01)
- Re: CERT Advisory CA-2001-34 Buffer Overflow in System V Derived Login Florian Weimer (12/13/01)
- EFTP 2.0.8.346 directory content disclosure Ertan Kurt (12/13/01)
- Kikkert Security Advisory: Potentially serious security flaw in Citrix Client Kikkert Security (12/13/01)
- PATCH: Vulnerabilities in LSF Greg Reid (12/12/01)
- SMC Barricade's dodgy "DMZ" feature Dustin Harriman (12/13/01)
- IBM WebSphere on UNIX security alert ! Tunkelo Heikki (extern) (12/13/01)
- Security Update [CSSA-2001-042.0] Linux - Remote vulnerability in OpenSSH Support Info (12/13/01)
- Webseal 3.8 Matthew Lane (12/11/01)
- [CLA-2001:444] Conectiva Linux Security Announcement - sasl secure@conectiva.com.br (12/11/01)
- Silly 'script' hardlink bug Marco van Berkum (12/13/01)
- Browsers fails on big image count Pavel Titov (12/11/01)
- Silly 'script' hardlink bug - fixed Marco van Berkum (12/13/01)
- MDKSA-2001:091 - passwd update Mandrake Linux Security Team (12/13/01)
- security bulletins digest IT Resource Center (12/12/01)
- [xforce@iss.net: ISSalert: ISS Advisory: Buffer Overflow in /bin/login] Dan Stromberg (12/12/01)
- Microsoft IIS/5.0 Content-Length DoS (proved) Ivan Hernandez Puga (12/12/01)
- RE: File extensions spoofable in MSIE download dialog Yngve Ċdlandsvik (12/12/01)
- [SECURITY] [DSA-093-1] postfix memory exhaustion Wichert Akkerman (12/12/01)
- Mail Essentials reveals identity of first BCC recipient Ronan Waide (12/12/01)
- UDP DoS attack in Win2k via IKE c0redump (12/12/01)
- [CLA-2001:445] Conectiva Linux Security Announcement - mailman secure@conectiva.com.br (12/11/01)
- Cross-Frame, About Pluggable Protocol, Security Zone Spoofing the Pull (12/11/01)
- Microsoft IIS/5 bogus Content-length bug Memory attack Ivan Hernandez Puga (12/11/01)
- SPAMMERS DELIGHT: as feeble as feeble can be http-equiv@excite.com (12/11/01)
- CSVForm (Perl CGI) Remote Execution Vulnerability Jason Gomes (12/11/01)
- Security Update: [CSSA-2001-SCO.39] Open UNIX, UnixWare 7: timed does not enforce nulls security@caldera.com (12/11/01)
- Microsoft IIS/5 bogus Content-length bug. Ivan Hernandez Puga (12/11/01)
- Security Update: [CSSA-2001-SCO.35.1] REVISION: OpenServer: setcontext and sysi86 vulnerabilities security@caldera.com (12/11/01)
- Netscape engineers are weenies? s1gnal_9 (12/08/01)
- Windows hack for Web-surfing privacy Thomas C. Greene (12/10/01)
- New Macromedia Security Zone Bulletins Posted Macromedia Security Alert (12/06/01)
- AIO vulnerability David Rufino (12/10/01)
- Winsock RSHD/NT 2.20.00 CPU overusage when invalid data is send martin rakhmanoff (12/08/01)
- SuSE Security Announcement: openssh (SuSE-SA:2001:045) (re-released SuSE-SA:2001:044) Roman Drahtmueller (12/06/01)
- Re: Vulnerabilities in PGPMail.pl Markus Bertheau (12/07/01)
- kebi-Webmail Solution vulnerability (Tested) Secret (12/08/01)
- Lotus Domino Web server vulnerability Sebastien EXT-MICHAUD (12/07/01)
- Microsoft Security Bulletin MS01-057 (version 2.0) Microsoft Product Security (12/08/01)
- Weak Encryption Vulnerability in Pathways Homecare shoeboy (12/07/01)
- re: comphack - Compaq Insight Manager Remote SYSTEM shell Boren, Rich (SSRT) (12/08/01)
- SECURITY.NNOV: file locking and security (group policy DoS on Windows 2000 domain) 3APA3A (12/07/01)
- Security Update: [CSSA-2001-SCO.38] OpenServer: lpstat buffer overflow security@caldera.com (12/07/01)
- [RHSA-2001:164-08] Updated secureweb packages available bugzilla@redhat.com (12/07/01)
- Crashing X scott (12/07/01)
- Minor IE issue KRUSE PETER, Teliadk (12/07/01)
- UDP DoS attack in Win2k via IKE c0redump (12/07/01)
- Red Faction Server/Client DOS sh0 (12/07/01)
- RE: Another IE denial of service attack Timothy Luce (12/06/01)
- Microsoft Security Bulletin MS01-057 Microsoft Product Security (12/07/01)
- SuSE Security Announcement: openssh (SuSE-SA:2001:045) (re-released SuSE-SA:2001:044) Roman Drahtmueller (12/06/01)
- [SECURITY] [DSA-090-1] xtel symlink vulnerabilities Wichert Akkerman (12/05/01)
- security bulletins digest IT Resource Center (12/06/01)
- Security Update: [CSSA-2001-SCO.37] Open UNIX, UnixWare 7: xterms in saved CDE sessions security@caldera.com (12/06/01)
- [SECURITY] [DSA-092-1] local root in wmtv Wichert Akkerman (12/06/01)
- Flawed outbound packet filtering in various personal firewalls Tom Liston (12/06/01)
- [RHSA-2001:161-08] Updated OpenSSH packages available bugzilla@redhat.com (12/05/01)
- IE Denial of service (sorta) zeno (12/04/01)
- Microsoft's Outlook Express 6 "E-mail attachment security" Flawed Arie Slob (12/05/01)
- Axis Network Camera known default password vulnerability Chris Gragsone (12/05/01)
- IPRoute Fragmentation Denial of Service Vulnerability Chris Gragsone (12/05/01)
- Small flaw in Outlook Express Raistlin (12/05/01)
- Many vulnerabilities in LSF 4.0 Tomasz Grabowski (12/05/01)
- [SECURITY] [DSA-091-1] OpenSSH UseLogin vulnerability Wichert Akkerman (12/05/01)
- Update on NMRC's Valicert Advisory Information Anarchy 2K01 (12/05/01)
- [SECURITY] [DSA-088-1] improper character escaping in fml Wichert Akkerman (12/05/01)
- [SECURITY] [DSA-089-1] several problems in icecast-server Wichert Akkerman (12/05/01)
- RE: NAI Webshield SMTP for WinNT MIME header vuln Alan Monaghan (12/04/01)
- REVISION: Security Update: [CSSA-2001-SCO.24.1] OpenServer: shell here-documents allow various security breaches security@caldera.com (12/04/01)
- [Fwd: OpenSSH 3.0.2 fixes UseLogin vulnerability] Jimmy Wiklund (12/04/01)
- NMRC Advisory - Multiple Valicert Problems Information Anarchy 2K01 (12/04/01)
- security issue with lpd (fwd) Jose Nazario (12/04/01)
- SUSEconfig weakens Postfix chroot security Matthias Andree (12/04/01)
- SpeedXess HASE-120 router default password profre@hanmail.net (12/04/01)
- Symlink attack with apmd of RH 7.2 Enrico Scholz (12/04/01)
- Can anyone verify a core dump on /sbin/mingetty smackenz (12/03/01)
- SSH Vulnerability Scan Niels Provos (12/03/01)
- Re: Can anyone verify a core dump on /sbin/mingetty - FOLLOW UP - Getty also dumping core Bill Weiss (12/04/01)
- Allaire JRun ACL bypassing/soure disclosure vulnerability Gregory Duchemin (12/03/01)
- SuSE Security Announcement: OpenSSH Sebastian Krahmer (12/03/01)
- (BSDi/4.0-specific)uucp family exploit. (uucp/uuparams/uuname) Vade 79 (12/03/01)
- Buffer over flow on Outlook express for Macintosh Shikap (12/03/01)
- Re: iXsecurity.tool.smbproxy.1.0.0 Pavel Kankovsky (12/01/01)
- [SECURITY] [DSA-087-1] wu-ftpd buffer overflow in glob code Wichert Akkerman (12/03/01)
- Re: NAI Webshield SMTP for WinNT MIME header vuln that allows BadTrans to pass] Paul L Schmehl (11/30/01)
- Phpnuke Cross site scripting vulnerability Cabezon Aurélien (12/03/01)
- [Security Announce] MDKSA-2001:077-2 - apache update for Single Network Firewall [Spam] Linux Mandrake Security Team (11/28/01)
- OpenBSD local DoS Rapid 7 Security Advisories (12/02/01)
- Stack overflow in all Internet Explorer Versions!! tsr (12/02/01)
- mIRC bug? Shustrik (12/02/01)
- Re: File extensions spoofable in MSIE download dialog static@tampabay.rr.com (12/01/01)
- RE: def-2001-32 - Allaire JRun directory browsing vulnerability Johan Burati (11/30/01)
- Re: *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability Hasan Azam Diwan (11/30/01)
- Re: *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability Travis Siegel (12/01/01)
- Re: *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability goba@Leu.Braila.Astral.Ro (12/02/01)
- Re: *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability Patrick Cantwell (12/05/01)
- easynews 1.5 let's remote users modify database markus arndt (12/01/01)
- Re: UUCP sirsyko@ishiboo.com (12/01/01)
- Security Update: [CSSA-2001-SCO.36] Open UNIX, UnixWare 7: wu-ftpd ftpglob() vulnerability security@caldera.com (11/30/01)
- ASI Oracle Security Alert: Oracle Home Environment Variable Validation Vulnerability Aaron C. Newman (11/30/01)
- ASI Oracle Security Alert: CHOWN Path Environment Variable Vulnerability Aaron C. Newman (11/30/01)
- ASI Oracle Security Alert: Oracle Home Environment Variable Buffer Overflow Aaron C. Newman (11/30/01)
Last message date: 12/31/01
Archived on: 12/31/01 CET
309 messages sorted by: [ author ] [ date ] [ subject ] [ attachment ]
