SecurityFocus Bugtraq
By Author

435 messages sorted by: [ date ] [ thread ] [ subject ] [ attachment ]

Starting: 10/01/02
Ending: 10/31/02

'ken'@FTU
- Four Vulnerabilities in SurfControl's SuperScout Email Filter Administrative Server (10/09/02)
3APA3A
- Re[2]: IPSwitch, Inc. WS_FTP Server (10/26/02)
- DH team: Norton Antivirus Corporate Edition Privilege Escalation (10/24/02)
- nylon 0.2 (0.3?) DoS (10/10/02)
- SECURITY.NNOV: ikonboard 3.1.1 CSS (10/04/02)
@stake advisories
- Oracle9iAS Web Cache Denial of Service (a102802-1) (10/28/02)
a b
- Coolsoft PowerFTP <= v2.24 Denial of Service (Linux Source) (10/12/02)
Aaron Hopkins
- Re: Ambiguities in TCP/IP - firewall bypassing (10/19/02)
Abraham Lincoln
- NSSI-2002-zonealarm3: ZoneAlarm Pro Denial of Service Vulnerability (10/16/02)
advisory@prophecy.net.nz
- Security vulnerabilities in Polycom ViaVideo Web component (10/13/02)
AI-SEC Security Advisories
- Multiple Symantec Firewall Secure Webserver timeout DoS (10/14/02)
- Symantec Enterprise Firewall Secure Webserver info leak (10/14/02)
Ajay R Ramjatan
- Security hole in kpf - KDE personal fileserver. (10/11/02)
Alan DeKok
- Re: Ambiguities in TCP/IP - firewall bypassing (10/18/02)
- Re: Ambiguities in TCP/IP - firewall bypassing (10/18/02)
Alan Rouse
- RE: J2EE EJB privacy leak and DOS. (10/15/02)
Alex Lambert
- Re: KaZaA (10/18/02)
Alex Yu
- RE: vBulletin XSS Security Bug (10/21/02)
Alexander Komlin
- Substitution of document signed under new American format ECDSA. (10/28/02)
Alun Jones
- Re: IPSwitch, Inc. WS_FTP Server (10/25/02)
- Re: Ambiguities in TCP/IP - firewall bypassing (10/18/02)
Anders Blockmar
- RE: CommonName Toolbar potentially exposes LAN web addresses (10/07/02)
Andrew Clover
- Re: CommonName Toolbar potentially exposes LAN web addresses (10/04/02)
Andrew Hodgson
- Re: Filters on url shortening services (10/07/02)
- Filters on url shortening services (10/07/02)
Arab VieruZ
- XSS bug in PHPNuke 6.0 (10/11/02)
- XSS bug in Zorum 2.4 (10/10/02)
- XSS bug in php(Reactor) (10/10/02)
Ari Gordon-Schlosberg
- Re: J2EE EJB privacy leak and DOS. (10/16/02)
Armand Morgan
- Vulnerabilitie in PowerFTP server (10/05/02)
ask33@linuxmountain.org
- KRB5-SORCERER2002-10-27 Security Update (10/28/02)
Aviram Jenik
- Outlook Express Remote Code Execution in Preview Pane (S/MIME) (10/11/02)
- BearShare Directory Traversal Issue Resurfaces (10/03/02)
Basil Hussain
- RE: MDaemon SMTP/POP/IMAP server DoS (10/30/02)
- RE: MDaemon SMTP/POP/IMAP server DoS (10/29/02)
Benjamin Krueger
- Re: Ambiguities in TCP/IP - firewall bypassing (10/18/02)
Berend-Jan Wever
- Re: XSS bug in hotmail login page (10/08/02)
bladebla@hotmail.com
- Re: 3Com TelnetD COMPLETE CODE (10/19/02)
Blud Clot
- FlashFXP 1.4 Local Password Disclosure Vulnerability (10/22/02)
- AIM 4.8.2790 remote file execution vulnerability (10/22/02)
BlueRaven
- Re: phptonuke allows Remote File Retrieving (10/17/02)
- Re: Insecure XML-RPC handling in Zope reveals the distribution physic al location. (10/07/02)
Bosko Radivojevic
- Linux Security Protection System (10/16/02)
Brenna Primrose
- RE: KaZaA (10/18/02)
Brian E
- Re: Postnuke XSS issues [correction] (10/01/02)
Brian Enigma
- Ingenium Admin Password Vulnerability (10/15/02)
Bruno Morisson
- Multiple XSS vulnerabilites in PHPNuke (10/10/02)
bugtraq-help@securityfocus.com
- ezmlm warning (10/31/02)
bugtraq-return-6791@securityfocus.com
- R7-0004: Multiple Vendor Long ZIP Entry Filename Processing (10/10/02)
bugzilla@redhat.com
- [RHSA-2002:223-07] Updated ypserv packages fixes memory leak (10/24/02)
- [RHSA-2002:192-13] Updated Mozilla packages fix security vulnerabilities (10/18/02)
- [RHSA-2002:205-15] New kernel fixes local security issues (10/17/02)
- [RHSA-2002:210-06] New kernel 2.2 packages fix local vulnerabilities (10/17/02)
- [RHSA-2002:206-12] New kernel fixes local security issues (10/17/02)
- [RHSA-2002:196-09] Updated xinetd packages fix denial of service vulnerability (10/15/02)
- [RHSA-2002:194-18] Command execution vulnerability in dvips (10/14/02)
- [RHSA-2002:204-10] Updated squirrelmail packages close cross-site scripting vulnerabilities (10/11/02)
- [RHSA-2002:207-14] Updated packages fix PostScript and PDF security issue (10/10/02)
- [RHSA-2002:215-09] Updated fetchmail packages fix vulnerabilities (10/07/02)
- [RHSA-2002:175-16] Updated nss_ldap packages fix buffer overflow (10/04/02)
- [RHSA-2002:197-06] Updated glibc packages fix vulnerabilities in resolver (10/04/02)
- [RHSA-2002:212-06] Updated packages fix PostScript and PDF security issue (10/04/02)
buzheng
- prover of concept code of windows help overflow (10/10/02)
- Re: Solaris 2.6, 7, 8 (10/02/02)
by way of xenion
- injecting commands on a ptraced telnet/ssh session (10/04/02)
cbrenton@slartibartfast.pa.net
- Re: Ambiguities in TCP/IP - firewall bypassing (10/19/02)
Cedric Blancher
- Re: Linux Kernel Exploits / ABFrag (10/17/02)
Chris Anley
- Windows 2000 SNMP DoS (10/22/02)
Chris Barnes
- Re: Buffer overflow in kadmind4 (10/27/02)
Christopher Wagner
- RE: KaZaA (10/18/02)
Christopher X. Candreva
- Re: Solaris 2.6, 7, 8 (10/02/02)
Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco ONS15454 and Cisco ONS15327 Vulnerabilities (10/31/02)
- Cisco Security Advisory: Cisco CatOS Embedded HTTP Server Buffer Overflow (10/16/02)
- Cisco Security Advisory: Predefined Restriction Tables Allow Calls to International Operator (10/04/02)
Clark Mills
- Gimp: Erased sections of images print in some cases (10/29/02)
Curator at Security Digest Archive
- Researcher seeking 'phage' and other security mailing list archives (10/13/02)
D4rkGr3y
- MDaemon SMTP/POP/IMAP server DoS (10/27/02)
- TFTP Server DoS (10/24/02)
Dan Diamond
- Re: Solaris 2.6, 7, 8 (10/03/02)
dan hayden
- Re: SUMMARY: Disabling Port 445 (SMB) Entirely (10/29/02)
Daniel Ahlberg
- GLSA: pam_ldap (10/30/02)
- GLSA: sharutils (10/30/02)
- GLSA: ypserv (10/28/02)
- GLSA: mod_ssl (10/27/02)
- GLSA: kth-krb (10/26/02)
- GLSA: zope (10/24/02)
- GLSA: xfree (10/24/02)
- GLSA: groff (10/19/02)
- GLSA: tetex (10/18/02)
- GLSA: ggv (10/17/02)
- GLSA: tomcat (10/15/02)
- GLSA: apache (10/15/02)
- GLSA: sendmail (10/13/02)
- GLSA: net-snmp (10/14/02)
- GLSA: heimdal (10/14/02)
- GLSA: nss_ldap (10/13/02)
- GLSA: python (10/03/02)
- GLSA: gv (10/03/02)
- GLSA: unzip (10/01/02)
- GLSA: fetchmail (10/01/02)
- GLSA: tar (10/01/02)
Daniel Boland
- XSS vulnerability in Mojo Mail Sign-Up Form (10/24/02)
Daniel Pittman
- Re: Another possible RFC 2046 vulnerability. (09/30/02)
Daniel Woods
- Re: Postnuke XSS fixed (10/02/02)
daniel.roberts@hushmail.com
- ABfrag followup / WITHOUT ATTACHMENT (10/24/02)
- Linux Kernel Exploits / ABFrag (10/17/02)
das@echu.org
- ECHU Alert #3 : Meunity 1.1 script injection vulnerability (10/14/02)
Dave Ahmad
- [security bulletin] SSRT0818U HP Tru64 UNIX V5.1A zlib Potential Security Vulnerability (fwd) (10/18/02)
- [security bulletin] SSRT2339 (ypxfrd) and SSRT2368 (ypserv) HP Tru64 UNIX Potential Security Vulnerability (fwd) (10/09/02)
- [security bulletin] SSRT2208 - HP Tru64 UNIX /usr/sbin/routed Potential Security Vulnerability (fwd) (10/09/02)
- CERT Advisory CA-2002-28 Trojan Horse Sendmail Distribution (fwd) (10/09/02)
- Re: Solaris 2.6, 7, 8 (10/02/02)
- [security bulletin] SSRT2371 HP OpenVMS Potential POP server local vulnerability (fwd) (10/01/02)
Dave Aitel
- [Immunity, Inc.]Vulnerability: RPC Service DoS (port 135/tcp) on Windows 2000 SP3 (10/18/02)
- SPIKE 2.7 Released: There's a party at my house, so bring the beer and follow me.... (10/07/02)
- Re: [VulnWatch] Notes on the SQL Cumulative patch (10/03/02)
- PPTP (10/01/02)
David Endler
- iDEFENSE Security Advisory 10.24.02: Directory Traversal in SolarWinds TFTP Server (10/24/02)
- iDEFENSE Security Advisory 10.16.02: Denial of Service in Sabre Desktop Reservation Client for Windows (10/16/02)
- iDEFENSE Security Advisory 10.15.02: DoS and Directory Traversal Vulnerabilities in WebServer 4 Everyone (10/15/02)
- iDEFENSE Security Advisory 10.03.2002: Apache 1.3.x shared memory scoreboard vulnerabilities (10/03/02)
- iDEFENSE Security Advisory 10.02.2002: Net-SNMP DoS Vulnerability (10/02/02)
- iDEFENSE Security Advisory 10.01.02: Sendmail smrsh bypass vulnerabilities (10/01/02)
David Krum
- KaZaA (10/18/02)
David Litchfield
- Microsoft SQL Server Webtasks privilege upgrade (#NISR17102002) (10/17/02)
- Notes on the SQL Cumulative patch (10/03/02)
David Miller
- [BUGZILLA] Security Advisory (10/01/02)
David Wagner
- Re: Ambiguities in TCP/IP - firewall bypassing (10/19/02)
- Apache 1.3.26 (10/17/02)
David Woods
- Re: CoolForum v 0.5 beta shows content of PHP files (10/16/02)
David Wray
- Sec-Tec advisory 24.10.02 Unauthorised file acces in Acuma's Acusend (10/25/02)
dev-null@no-id.com
- IPSwitch, Inc. WS_FTP Server (10/25/02)
Dirk Mueller
- KDE Security Advisory: KGhostview Arbitary Code Execution (10/09/02)
- KDE Security Advisory: kpf Directory traversal (10/09/02)
Doug Brenner
- Re: Flood ACK packets cause AIX DoS (10/09/02)
dr john halewood
- Re: Linux Kernel Exploits / ABFrag (10/17/02)
drorshalev@hotmail.com
- MSN Moster Strike Back ?! (10/16/02)
- Who Need Friends ? IE & MSN expose contact list & other info (10/15/02)
Earl Hood
- Re: Gimp: Erased sections of images print in some cases (10/30/02)
- Re: Another possible RFC 2046 vulnerability. (10/01/02)
Edsel Adap
- Re: NFS Denial of Service advisory from Sun (10/18/02)
Eitan Caspi
- A full event log does not send administrative alerts (10/11/02)
Elio Grieco
- Re: Gimp: Erased sections of images print in some cases (10/30/02)
EnGarde Secure Linux
- [ESA-20021029-028] syslog-ng: buffer overflow in macro handling code (UPDATED) (10/29/02)
- [ESA-20021029-027] mod_ssl cross-site scripting vulnerability. (10/29/02)
- [ESA-20021022-026] local kernel vulnerabilities (10/22/02)
- [ESA-20021007-024] apache: potential DoS, cross-site scripting, and buffer overflow vulnerabilities. (10/07/02)
- [ESA-20021003-023] fetchmail-ssl: buffer overflows and broken boundary checks. (10/03/02)
- [ESA-20021003-022] tar: directory traversal vulnerability. (10/03/02)
- [ESA-20021003-021] glibc: several security-related updates. (10/03/02)
er t
- PGP Corporation Beta License Agreement (10/17/02)
Eric L. Howard
- does Xandros have anyone answering the security phone? (10/23/02)
Eric Stevens
- RE: CommonName Toolbar potentially exposes LAN web addresses (10/03/02)
- CommonName Toolbar potentially exposes LAN web addresses (10/03/02)
ersatz@unixhideout.com
- XSS vulnerabilites in Pafiledb (10/21/02)
Fab\\AIS
- NETGEAR FVS318 Information Disclosure (10/01/02)
Florian Weimer
- Re: Ambiguities in TCP/IP - firewall bypassing (10/21/02)
- Re: Ambiguities in TCP/IP - firewall bypassing (10/19/02)
- Re: Filters on url shortening services (10/07/02)
Fredrik Bj�rk
- Re: IBM Infoprint Remote Management Simple DoS (10/28/02)
Frog Man
- dobermann FORUM (php) (10/27/02)
- phpnewsDev (10/22/02)
- gBook (10/22/02)
- SSGbook (ASP) (10/08/02)
- phpSecurePages & Killer Protection ( PHP ) (10/06/02)
- phpMyNewsletter (10/03/02)
- MySimpleNews (PHP) (10/02/02)
- Multiple Web Security Holes (10/02/02)
Gerben Wijnja
- Re: phpBB2 Showing users ip adresses (10/10/02)
Gert-Jan Hagenaars
- Re: Solaris 2.6, 7, 8 (10/02/02)
Global InterSec Research
- [GIS 2002021001] SkyStream EMR5000 DVB router DoS. (10/16/02)
Gregory Steuck
- XXE (Xml eXternal Entity) attack (10/30/02)
GreyMagic Software
- RE: Vulnerable cached objects in IE (9 advisories in 1) (10/23/02)
- Vulnerable cached objects in IE (9 advisories in 1) (10/22/02)
- Internet Explorer : The D-Day (10/15/02)
guejez
- SCAN Associates Advisory: Molly 0.5 - Remote Command Execution (10/18/02)
- SCAN Associates Advisory: perlbot 1.9.2 - Remote Command Execution (10/18/02)
- SCAN Associates Advisory: madhater perlbot 1.0 beta - Remote Command Execution (10/18/02)
h2g.sec.list@zipmail.com.br
- Re: Linux Kernel Exploits / ABFrag (10/17/02)
hish _ hish
- upload malicious file in VBZooM forums (10/09/02)
- Reset any user's password in VBZoom forums (10/08/02)
Holtzl Peter
- syslog-ng buffer overflow (10/10/02)
huang po
- Re: Linux Kernel Exploits / ABFrag (10/17/02)
Ido Dubrawsky
- Re: Solaris 2.6, 7, 8 (10/02/02)
Ignacio Vazquez
- vpopmail CGIapps vpasswd vulnerabilities (10/24/02)
- vpopmail CGIapps vadddomain multiple vulnerabilities (10/24/02)
Inderjeet S Sodhi
- Re: XSS bug in hotmail login page (10/09/02)
Jacek Lipkowski
- Re: Undocumented account vulnerability in Avaya P550R/P580/P880/P882 switches (10/17/02)
- Undocumented account vulnerability in Avaya P550R/P580/P880/P882 switches (10/15/02)
Jan Kachlik
- interSEC security advisory - Multiple bugs in Web602 web server (10/18/02)
Jan Kohlrausch
- vulnerabilities in logsurfer (10/04/02)
Janusz Niewiadomski
- Multiple vendor ypxfrd map handling vulnerability (10/10/02)
Jedi/Sector One
- Multiple vulnerabilities in phpRank (10/10/02)
Jeff Moss
- Call For Papers Announcement: Black Hat Windows Security (10/22/02)
jelmer
- Re: Vulnerable cached objects in IE (9 advisories in 1) (10/22/02)
- Re: MSIE:"SaveRef" cracks "(VictimWindow).document.write" (10/21/02)
- macromedia flash mx bypasses cookie settings (10/07/02)
- Flash player can read local files (10/06/02)
Jeremy C. Reed
- Re: vpopmail CGIapps vpasswd vulnerabilities (10/24/02)
Jim Reid
- Re: Full zone information disclosure on top level domain name servers (10/20/02)
Jitsu-Disk
- securitybugware new network tool (10/15/02)
Joe Testa
- Reproducing the MS DCE-RPC DOS. (10/20/02)
John C. Hennessy
- Multiple issues in internet explorer/outlook (10/24/02)
John Fitzgerald
- RE: Ambiguities in TCP/IP - firewall bypassing (10/19/02)
Jon Callas
- Re: PGP Corporation Beta License Agreement (10/18/02)
Jonathan A. Zdziarski
- Chrooting Daemons and System Processes HOWTO (10/18/02)
Jonathan G. Lampe
- Kill a Unisys Clearpath with nmap port scan (10/02/02)
Jonathan S
- Solaris 2.6, 7, 8 (10/02/02)
Juan de la Fuente Costa
- Sniffing Administrator's Password in Symantec Firewall/VPN Appliance V. 200R (10/22/02)
juergen.daubert@t-online.de
- Re: iDEFENSE Security Advisory 09.26.2002: Exploitable Buffer Overflow in gv (10/07/02)
Juraj Bednar
- Re: PGP Corporation Beta License Agreement (10/17/02)
Justin Cervero
- Further problems with Arescom NetDSL-800 MSN Firmware version 5.4.x and up (10/29/02)
kalif@hushmail.com
- Virgil CGI Scanner Vulnerability (10/22/02)
Kanatoko
- AN HTTPD SOCKS4 username Buffer Overflow Vulnerability (10/20/02)
Karl Pietri
- Re: MDaemon SMTP/POP/IMAP server DoS (10/29/02)
KF
- Re: does Xandros have anyone answering the security phone? (10/23/02)
Kim Scarborough
- Re: CERT Advisory CA-2002-28 Trojan Horse Sendmail (10/09/02)
Knud Erik H�jgaard
- more silly bugs in cooolsoft 'personal ftp server' (10/10/02)
Kurt Seifried
- Re: Bypassing website filter in SonicWall (10/30/02)
Larry W. Cashdollar
- TheServer log file access password in cleartext w/vendor resolution. (10/14/02)
- OpenOffice 1.0.1 Race condition during installation. (10/11/02)
Linux
- Router DSL Dlink (10/23/02)
lion
- MS WIN RPC DoS CODE FROM SPIKE v2.7 (10/22/02)
Liu Die Yu
- MSIE:"SaveRef" cracks "(VictimWindow).document.write" (10/21/02)
- MSIE:"SaveRef" turns Zone off (10/01/02)
Luis Bruno
- Re: Ambiguities in TCP/IP - firewall bypassing (10/19/02)
Lyndon Nerenberg
- Re: Ambiguities in TCP/IP - firewall bypassing (10/20/02)
m g
- NFS Denial of Service advisory from Sun (10/17/02)
M. Zeeshan Mustafa
- Re: upload malicious file in VBZooM forums (10/09/02)
Makoto Shiotsuki
- WinXP Pro(Gold) Insecure System Restore File Permissions (10/04/02)
Mandrake Linux Security Team
- MDKSA-2002:073 - krb5 update (10/29/02)
- MDKSA-2002:072 - mod_ssl update (10/24/02)
- MDKSA-2002:071 - kdegraphics update (10/24/02)
- MDKSA-2002:070 - tetex update (10/23/02)
- MDKSA-2002:069 - gv update (10/22/02)
- MDKSA-2002:066 - tar update (10/11/02)
- MDKSA-2002:065 - unzip update (10/11/02)
- MDKSA-2002:064 - kdelibs update (10/09/02)
Marc Bevand
- ASA-0000: GV Execution of Arbitrary Shell Commands (10/01/02)
Marc Ruef
- Bypassing website filter in SonicWall (10/29/02)
- Long URL causes TelCondex SimpleWebServer to crash (10/13/02)
- Directory traversal in Daniel Arenz' Mini Server (10/13/02)
- Long URL crashes My Web Server 1.0.2 (10/12/02)
- Plain text DDNS password in NetGear FM114P backups (10/10/02)
- TCP flood against NetGear FM114P (10/10/02)
Marco Ivaldi
- Re: Solaris 2.6, 7, 8 (10/02/02)
Mark Grimes
- Postnuke XSS patch (10/01/02)
Mark Stunnenberg
- RE: dobermann FORUM (php) (10/29/02)
Markus Garscha
- Re: Router DSL Dlink (10/24/02)
Martin Schulze
- [SECURITY] [DSA 185-1] New heimdal packages fix buffer overflows (10/31/02)
- [SECURITY] [DSA 184-1] New krb4 packages fix buffer overflow (10/30/02)
- [SECURITY] [DSA 183-1] New krb5 packages fix buffer overflow (10/29/02)
- [SECURITY] [DSA 181-1] New mod_ssl packages fix cross site scripting (10/22/02)
- [SECURITY] [DSA 180-1] New NIS packages fix information leak (10/21/02)
- [SECURITY] [DSA 179-1] New gnome-gv packages fix buffer overflow (10/18/02)
- [SECURITY] [DSA 177-1] New PAM packages fix serious security violation in Debian/unstable (10/17/02)
- [SECURITY] [DSA 178-1] New Heimdal packages fix remote command execution (10/17/02)
- [SECURITY] [DSA 176-1] New gv packages fix buffer overflow (10/16/02)
- [SECURITY] [DSA 175-1] New syslog-ng packages fix buffer overflow (10/15/02)
- [SECURITY] [DSA 174-1] New heartbeat packages fix buffer overflows (10/14/02)
- [SECURITY] [DSA 173-1] New bugzilla packages fix privilege escalation (10/09/02)
- [SECURITY] [DSA 171-1] New fetchmail packages fix buffer overflows (10/08/02)
- [SECURITY] [DSA 169-1] New ht://Check packages fix cross site scripting problem (10/08/02)
- [SECURITY] [DSA 172-1] New tkmail packages fix insecure temporary file creation (10/08/02)
- [SECURITY] [DSA 169-1] New tomcat packages fix unintended source code disclosure (10/04/02)
Matt Moore
- wp--02-0005: Multiple Vulnerabilities in SuperScout Web Reports Server (10/02/02)
- wp-02-0012: Carello 1.3 Remote File Execution (Updated 1/10/2002) (10/02/02)
- wp-02-0011: Jetty CGIServlet Arbitrary Command Execution (10/02/02)
- wp-02-0003: MySQL Locally Exploitable Buffer Overflow (10/02/02)
Matt Zimmerman
- Cisco Secure Content Accelerator vulnerable to SSL worm (10/03/02)
matt@anzen.com
- fragrouter trojan (10/21/02)
mattmurphy@kc.rr.com
- Apache 2 Cross-Site Scripting (10/02/02)
Mauro Flores
- Flood ACK packets cause AIX DoS (10/09/02)
- Flood ACK packets cause an IBM SecureWay FireWall DoS (10/09/02)
Max
- Full zone information disclosure on top level domain name servers (10/18/02)
- XSS in Authoria HR Suite (10/09/02)
Michael Schatz
- Re: The Books Module for the PostNuke CMS XSS Vulnerability (10/07/02)
Michael Scheidell
- Anyone know the security alert contact for 3com? (10/31/02)
Michael.Kain@unisys.com
- Solution: Kill a Unisys Clearpath with nmap port scan (10/17/02)
- Re: Kill a Unisys Clearpath with nmap port scan (10/04/02)
Mikael Olsson
- Multiple firewalls ruleset bypass through FTP. Again. (CERT VU#328867) (10/08/02)
Mike Caudill
- Re: Cisco Secure Content Accelerator vulnerable to SSL worm (10/04/02)
Mike Scher
- Re: Undocumented account vulnerability in Avaya P550R/P580/P880/P882 switches (10/17/02)
Mike Shaw
- Re: Kill a Unisys Clearpath with nmap port scan (10/03/02)
Morgan
- RE: Solaris 2.6, 7, 8 (04/08/02)
Muhammad Faisal Rauf Danka
- Re: MDaemon SMTP/POP/IMAP server DoS (10/29/02)
- Re: Linux Kernel Exploits / ABFrag (10/19/02)
- Re: XSS bug in hotmail login page (10/08/02)
- Re: Postnuke XSS fixed (10/03/02)
- Re: Postnuke XSS fixed (10/03/02)
- Postnuke XSS fixed (10/02/02)
Murat Balaban
- Designing Shellcode Demystified (10/16/02)
Mustafa Deeb
- RE: CommonName Toolbar potentially exposes LAN web addresses (10/03/02)
M�ns Nilsson
- Re: Full zone information disclosure on top level domain name servers (10/19/02)
NetBSD Security Officer
- NetBSD Security Advisory 2002-025: trek(6) buffer overrun (10/24/02)
- NetBSD Security Advisory 2002-016: Insufficient length check in ESP authentication data (10/22/02)
- NetBSD Security Advisory 2002-026: Buffer overflow in kadmind daemon (10/22/02)
- NetBSD Security Advisory 2002-019: Buffer overrun in talkd (10/08/02)
- NetBSD Security Advisory 2002-021: rogue vulnerability (10/08/02)
- NetBSD Security Advisory 2002-022: buffer overrun in pic(1) (10/08/02)
- NetBSD Security Advisory 2002-015: (another) buffer overrun in libc/libresolv DNS resolver (10/08/02)
- NetBSD Security Advisory 2002-023: sendmail smrsh bypass vulnerability (10/08/02)
NGS Insight Security Research
- Buffer Overflow in IE/Outlook HTML Help (10/03/02)
NGSSoftware Insight Security Research
- Microsoft Internet Information Server 5/5.1 Denial of Service (#NISR31102002) (10/31/02)
Nicholas C. Weaver
- Re: KaZaA (10/18/02)
nick84@rootsecure.net
- Privilege Escalation Vulnerability In phpBB 2.0.0 (10/28/02)
- Re: phpBB2 Showing users ip adresses (10/13/02)
Nir Adar
- New Vulnerability on YaBB 1.4.0 and YaBB 1.4.1 forums (10/18/02)
Ofir Arkin
- RE: Ambiguities in TCP/IP - firewall bypassing (10/21/02)
Olaf Kirch
- SuSE Security Announcement: Heartbeat (SuSE-SA:2002:037) (10/14/02)
OpenPKG
- [OpenPKG-SA-2002.010] OpenPKG Security Advisory (apache) (10/23/02)
- [OpenPKG-SA-2002.009] OpenPKG Security Advisory (apache) (10/04/02)
Orp 664
- Re: MondoSearch show the source of all files (10/19/02)
overclocking_a_la_abuela@hotmail.com
- CSS on Microsoft Content Management Server (10/08/02)
Paul Starzetz
- Ambiguities in TCP/IP - firewall bypassing (10/18/02)
- Re: injecting commands on a ptraced telnet/ssh session (10/09/02)
Peter Rdam
- XSS bug in hotmail login page (10/06/02)
Pistone
- The Books Module for the PostNuke CMS XSS Vulnerability (10/03/02)
Pluto
- CfP: 19C3 Chaos Communication Congress 2002 (10/09/02)
pokleyzz
- SCAN Associates Advisory : Multiple vurnerabilities on mailreader.com (10/28/02)
Priamus
- phpBB2 Showing users ip adresses (10/09/02)
pyramid-rp@hushmail.com
- Pyramid Research Project - atphttpd security advisorie (10/13/02)
- Pyramid Research Project - ghttpd security advisorie (10/13/02)
qber66
- XSS bug in MyMarket 1.71 (09/11/02)
Rajkumar S.
- Re: SECURITY.NNOV: ikonboard 3.1.1 CSS (10/04/02)
Ramon Kagan
- Re: Solaris 2.6, 7, 8 (10/02/02)
- Re: Solaris 2.6, 7, 8 (10/02/02)
Rapid 7 Security Advisories
- R7-0007: IBM WebSphere Edge Server Caching Proxy Denial of Service (10/23/02)
- R7-0008: IBM WebSphere Edge Server Caching Proxy Cross-Site Scripting Issues (10/23/02)
- R7-0006: Oracle 8i/9i Listener SERVICE_CURLOAD Denial of Service (10/09/02)
Renato Murilo Langona
- LinuxSecurity Brasil Magazine Online - Second Edition (10/21/02)
Robert Bihlmeyer
- Re: Bypassing website filter in SonicWall (10/30/02)
- Re: Gimp: Erased sections of images print in some cases (10/30/02)
Robert Feldbauer
- RE: MDaemon SMTP/POP/IMAP server DoS (10/29/02)
Roland Verlander
- phpBBmod contains an open phpinfo (10/10/02)
Rossen Raykov
- Insecure XML-RPC handling in Zope reveals the distribution physic al location. (10/01/02)
Roy Kidder
- Re: Solaris 2.6, 7, 8 (10/03/02)
Rudolf Schreiner
- Re: J2EE EJB privacy leak and DOS. (10/15/02)
Russell Harding
- RE: XSS bug in hotmail login page (10/08/02)
Ryan Purita
- Xerox DocuShare Internal IP address disclosure (10/03/02)
Samuel Tardieu
- Microsoft Windows Media Player for Sparc/Solaris vulnerability (10/18/02)
Samuele Giovanni Tonon
- Re: [SECURITY] [DSA 177-1] New PAM packages fix serious security violation in Debian/unstable (10/17/02)
scrap
- CoolForum v 0.5 beta shows content of PHP files (10/12/02)
Sebastian
- Re: Solaris 2.6, 7, 8 (10/04/02)
Sebastian Konstanty Zdrojewski
- Re: Postnuke XSS fixed (10/03/02)
Sebastian Krahmer
- SuSE Security Announcement: lprng/html2ps (SuSE-SA:2002:040) (10/31/02)
- SuSE Security Announcement: syslog-ng (SuSE-SA:2002:039) (10/31/02)
secure@conectiva.com.br
- [CLA-2002:533] Conectiva Linux Security Announcement - XFree86 (10/17/02)
- [CLA-2002:532] Conectiva Linux Security Announcement - sendmail (10/16/02)
- [CLA-2002:531] Conectiva Linux Security Announcement - fetchmail (10/16/02)
- [CLA-2002:530] Conectiva Linux Security Announcement - apache (10/07/02)
- [CLA-2002:529] Conectiva Linux Security Announcement - XFree86 (10/03/02)
- [CLA-2002:527] Conectiva Linux Security Announcement - python (10/01/02)
security@caldera.com
- Security Update: [CSSA-2002-043.0] Linux: chfn (util-linux) temp file race vulnerability (10/30/02)
- Security Update: [CSSA-2002-039.0] Linux: bzip2 file creation and symbolic link vulnerabilities (10/29/02)
- Security Update: [CSSA-2002-041.0] Linux: pam_ldap format string vulnerability (10/29/02)
- Security Update: [CSSA-2002-038.0] Linux: inn format string and insecure open vulnerabilities (10/25/02)
- Security Update: [CSSA-2002-037.0] Linux: various packet handling vunerabilities in ethereal (10/24/02)
- Security Update: [CSSA-2002-036.0] Linux: remote buffer overflow in webalizer reverse lookup code (10/23/02)
- Security Update: [CSSA-2002-SCO.41] UnixWare 7.1.1 Open UNIX 8.0.0 : rcp of /proc causes denial-of-service (10/22/02)
- Security Update: [CSSA-2002-SCO.39] OpenServer 5.0.5 OpenServer 5.0.6 : Buffer Overflow in Multiple DNS Resolver Libraries (10/12/02)
- Security Update: [CSSA-2002-SCO.40] OpenServer 5.0.5 OpenServer 5.0.6 : ypxfrd remote file access vulnerability (10/11/02)
security@rionero.com
- D-Link Access Point DWL-900AP+ TFTP Vulnerability (10/21/02)
securma massine
- SmartMail server DOS (10/31/02)
- New buffer overflow in PlanetDNS (10/18/02)
- New buffer overflow in plaetDNS (10/17/02)
- new vulnerability inPowerFTP Personal FTP Server (10/09/02)
SGI Security Coordinator
- X Windows zlib/MIT-SHM/huge font DoS vulnerabilities (10/16/02)
- rpcbind/fsr_efs/mv/errhook/uux vulnerabilities update (10/15/02)
- rpcbind/fsr_efs/mv/errhook/uux vulnerabilities (10/03/02)
Shin SHIRAHATA
- Re: Kondara MNU/Linux (10/01/02)
Sinan Eren
- RE: Solaris 2.6, 7, 8 (10/02/02)
snsadv@lac.co.jp
- [SNS Advisory No.57] AN HTTPD Cross-site Scripting Vulnerability (10/28/02)
- [SNS Advisory No.56] TSAC Web package/IIS 5.1 connect.asp Cross-site Scripting Vulnerability (10/11/02)
Solar Designer
- Openwall GNU/*/Linux (Owl) 1.0 release (10/16/02)
- GNU tar (Re: Allot Netenforcer problems, GNU TAR flaw) (09/28/02)
Sp.IC
- vBulletin XSS Security Bug (10/18/02)
- phpLinkat XSS Security Bug (10/04/02)
- phpLinkat XSS Security Bug (10/03/02)
- phpWebSite XSS Vulnerability (10/02/02)
staff
- CALL FOR PAPERS - SANTA DIED LAST YEAR (10/14/02)
stanojr
- local exploitable overflow in rogue/FreeBSD (09/28/02)
Stephen D. B. Wolthusen
- Reminder: Call for Papers IWIA 2003 Ends Soon (10/24/02)
Stephen Samuel
- Re: TCP flood against NetGear FM114P (10/10/02)
Steve Bellovin
- Input requested for second edition of "Firewalls and Internet Security" (10/14/02)
sullo
- Re: [VulnDiscuss] XSS bug in Compaq Insight Manager Http server (10/01/02)
Sylvia
- J2EE EJB privacy leak and DOS. (10/14/02)
Sylvia Else
- RE: J2EE EJB privacy leak and DOS. (10/18/02)
Sym Security
- RE: DH team: Norton Antivirus Corporate Edition Privilege Escalation, http://online.securityfocus.com/archive/1/296979/2002-10-22/2002-10-28/0 (10/25/02)
- Re: Sniffing Administrator's Password in Symantec Firewall/VPN Appliance V. 200R (10/22/02)
- Re: Multiple Symantec Firewall Secure Webserver timeout DoS (10/15/02)
- Re: Symantec Enterprise Firewall Secure Webserver info leak (10/15/02)
- Re: Multiple Vendor PC firewall remote denial of services Vulnerability (10/10/02)
Tamer Sahin
- [SecurityOffice] Liteserve Web Server v2.0 Authorization Bypass Vulnerability (10/24/02)
- [SecurityOffice] BRS WebWeaver Web Server v1.01 Protected File Access Vulnerability (10/24/02)
- [SecurityOffice] BadBlue Web Server v1.7 Protected File Access Vulnerability (10/24/02)
- [SecurityOffice] Web Server 4 Everyone v1.28 Host Field Denial of Service Vulnerability (10/23/02)
- [SecurityOffice] Webserver 4D v3.6 Weak Password Preservation Vulnerability (10/09/02)
Taylor Huff
- XSS bug in Compaq Insight Manager Http server (10/01/02)
tb0b
- Re: Solaris 2.6, 7, 8 (01/08/80)
Te Smith
- Re: NSSI-2002-zonealarm3: ZoneAlarm Pro Denial of Service Vulnerability (10/17/02)
the Pull
- RE: "Camera/Shy the Steganographical Browser" (10/15/02)
thefastkid
- MondoSearch show the source of all files (10/10/02)
Thomas Biege
- SuSE Security Announcement: postgresql (SuSE-SA:2002:038) (10/21/02)
- SuSE Security Announcement: hylafax (SuSE-SA:2002:035) (10/07/02)
- SuSE Security Announcement: mod_php4 (SuSE-SA:2002:036) (10/07/02)
Thomas Munn
- Re: CISCO as5350 crashes with nmap connect scan (10/29/02)
- Re: CISCO as5350 crashes with nmap connect scan (10/29/02)
- CISCO as5350 crashes with nmap connect scan (10/28/02)
Thor Larholm
- RE: Vulnerable cached objects in IE (9 advisories in 1) (10/23/02)
- RE: Who Need Friends ? IE & MSN expose contact list & other info (10/16/02)
- Thor Larholm security advisory TL#004 (10/09/02)
- RE: XSS bug in hotmail login page (10/08/02)
- RE: XSS bug in hotmail login page (10/07/02)
- RE: MSIE:"SaveRef" turns Zone off (10/02/02)
Tom Yu
- Updated: MITKRB5-SA-2002-002: Buffer overflow in kadmind4 (10/26/02)
- MITKRB5-SA-2002-002: Buffer overflow in kadmind4 (10/23/02)
Toni Lassila
- IBM Infoprint Remote Management Simple DoS (10/25/02)
- RE: XSS bug in Compaq Insight Manager Http server (10/04/02)
Tony Finch
- Re: Ambiguities in TCP/IP - firewall bypassing (10/19/02)
Trustix Secure Linux Advisor
- TSLSA-2002-0069-apache (10/17/02)
- TSLSA-2002-0068-kernel (10/17/02)
ttudia@yahoo.com.tw
- "Camera/Shy the Steganographical Browser" (10/14/02)
UkR security team�
- TCP/IP Printer Configuration Utility for Apple.LaserWriter 12/640 PS security problem (10/26/02)
Ulf Harnhammar
- Re: [VulnWatch] NOCC: XSS (10/20/02)
- NOCC: XSS (10/20/02)
Veit Wahlich
- SSL certificate validation problems in Ximian Evolution (10/03/02)
Vincent Royer
- IP SmartSpoofing : How to bypass all IP filters relying on sourc e IP address (10/29/02)
Wendy Garvin
- Re: CISCO as5350 crashes with nmap connect scan (10/29/02)
Wes Hardaker
- Re: iDEFENSE Security Advisory 10.02.2002: Net-SNMP DoS Vulnerability (10/03/02)
wirepair
- Citrix Published Application Brute Forcer (10/02/02)
x x
- Re: Privilege Escalation Vulnerability In phpBB 2.0.0 (10/28/02)
Yiming Gong
- Multiple Vendor PC firewall remote denial of services Vulnerability (10/08/02)
Z0rbaS
- ArGoSoft Web-Mail security problem (10/07/02)
Zero-X ScriptKiddy
- phptonuke allows Remote File Retrieving (10/16/02)

Last message date: 10/31/02
Archived on: 10/31/02 CET

435 messages sorted by: [ date ] [ thread ] [ subject ] [ attachment ]

SecurityFocus BugtraqBy Author

SecurityFocus Bugtraq
By Author