SecurityFocus Bugtraq
By Author

399 messages sorted by: [ date ] [ thread ] [ subject ] [ attachment ]

Starting: 11/01/02
Ending: 11/29/02

3APA3A
- Update to LOM's advisory (11/18/02)
- LOM: Multiple vulnerabilities in Macromedia Flash ActiveX (11/18/02)
[secondmotion]-Matt Thompson
- RhinoSoft Serv-U FTP Anonymous Remote DoS Vulnerability (11/06/02)
- ZoneEdit Account Hijack Vulnerability (11/05/02)
Aaron C. Newman (Application Security, Inc.)
- ASI Sybase Security Alert: Buffer overflow in DBCC CHECKVERIFY (11/27/02)
- ASI Sybase Security Alert: Buffer overflow in DROP DATABASE (11/27/02)
- ASI Sybase Security Alert: Buffer overflow in xp_freedll (11/27/02)
Aaron Howell
- [Fwd: Notice of serious vulnerabilities in ISC BIND 4 & 8] (11/12/02)
AK
- M$ VPN hole reported (10/31/02)
Alan DeKok
- Unofficial statement re: tcpdump and libpcap (11/13/02)
Alan MacDonald
- Re: AIM 5.1.3036 buffer overflow (11/19/02)
Alan Rouse
- ZDnet forum: IE formatting local drive (11/11/02)
Alex Harasic
- Re: Accesspoints disclose wep keys, password and mac filter (fwd) (11/07/02)
- Re: iDEFENSE Security Advisory 10.31.02a: Denial of Service Vulnerability in Linksys BEFSR41 EtherFast Cable/DSL Router (11/01/02)
Alex T.
- Securing OWA on public computers. (11/07/02)
Andreas Pour
- KDE Security Advisory: rlogin.protocol and telnet.protocol URL KIO Vulnerability (11/12/02)
- KDE Security Advisory: resLISa / LISa Vulnerabilities (11/12/02)
Andreas Sandblad
- Re: How to execute programs with parameters in IE - Sandblad advisory #10 (11/10/02)
- How to execute programs with parameters in IE - Sandblad advisory #10 (11/06/02)
Andrei Mikhailovsky
- Buffalo AP Denial of Service (11/13/02)
- Default SNMP community in Surecom Broadband Router (11/13/02)
Andy
- JSP processor 1.1 information disclosure (11/13/02)
Andy Polyakov
- Re: When scrubbing secrets in memory doesn't work (11/07/02)
AQBARROS@BKB.com.br
- RES: A technique to mitigate cookie-stealing XSS attacks (11/06/02)
Arab VieruZ
- XSS bug in vBulletin (11/21/02)
- XSS bug in phpBB (11/18/02)
Arjun Pednekar
- Weak Password Encryption Scheme in Integrated Dialer (11/01/02)
Arne Vidstrom
- Kerberos login sniffer and cracker for Windows 2000/XP (11/28/02)
Aviram Jenik
- TFTPD32 Directory Traversal Vulnerability (11/18/02)
- TFTPD32 Buffer Overflow Vulnerability (Long filename) (11/18/02)
benjurry@xfocus.org
- Oracle TNS SEH Exploit (11/26/02)
Brian J. Gaia
- RE: Bypassing website filter in SonicWall (10/31/02)
bugtraq-help@securityfocus.com
- ezmlm warning (11/12/02)
bugzilla@redhat.com
- [RHSA-2002:264-05] New kernel 2.2 packages fix local denial of service issue (11/25/02)
- [RHSA-2002:266-05] New samba packages available to fix potential security vulnerability (11/22/02)
- [RHSA-2002:262-07] New kernel fixes local denial of service issue (11/16/02)
- [RHSA-2002:213-06] New PHP packages fix vulnerability in mail function (11/11/02)
- [RHSA-2002:197-09] Updated glibc packages fix vulnerabilities in resolver (11/07/02)
- [RHSA-2002:242-06] Updated kerberos packages available (11/07/02)
Carl Livitt
- Exploit for traceroute-nanog overflow (11/29/02)
Casper Dik
- Re: Solaris priocntl exploit (11/28/02)
- Re: Solaris priocntl exploit (11/27/02)
- Re: Accesspoints disclose wep keys, password and mac filter (fwd) (11/04/02)
Chris Adams
- Re: Bind 8 bug experience (11/14/02)
Chris Caydes
- Re: Yahoo Messenger: Invisible User Detect (11/07/02)
Chris Wilson
- RE: Motorola Cable Modem DOS (11/12/02)
Chris Wysopal
- Re: [Full-Disclosure] Re: Oracle Security Contact (11/06/02)
Christophe Devine
- Re: i386 Linux kernel DoS (11/13/02)
- i386 Linux kernel DoS (11/11/02)
Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco PIX Multiple Vulnerabilities (11/20/02)
Clark Mills
- Re: Gimp: Erased sections of images print in some cases (10/30/02)
Cliff Albert
- Re: Accesspoints disclose wep keys, password and mac filter (fwd) (11/04/02)
Clint Byrum
- SnortCenter 0.9.5 temp file naming problems... (11/05/02)
cringe
- Yahoo Messenger: Invisible User Detect (11/06/02)
Crispin Cowan
- Timing the Application of Security Patches for Optimal Uptime (11/10/02)
d k
- Re: Accesspoints disclose wep keys, password and mac filter (fwd) (11/05/02)
D. J. Bernstein
- Re: CAIS-ALERT: Vulnerability in the sending requests control of BIND (11/27/02)
Dan Kaminsky
- Paketto Keiretsu 1.0 (11/18/02)
Dan Taylor Jr.
- RE: Motorola Cable Modem DOS (11/10/02)
Daniel
- Bug in Monkey Webserver 0.5.0 or minors versions (11/04/02)
Daniel Ahlberg
- GLSA: samba (11/21/02)
- GLSA: php (11/20/02)
- GLSA: gtetrinet (11/20/02)
- GLSA: courier (11/19/02)
- GLSA: kdenetwork (11/14/02)
- GLSA: kdelibs (11/14/02)
- GLSA: apache (11/12/02)
- GLSA: kgpg (11/10/02)
- GLSA: MailTools (11/06/02)
Daniel Jacobowitz
- [SECURITY] [DSA-196-1] New BIND packages fix several vulnerabilities (11/14/02)
DarC KonQuesT
- IceWarp 3.4.5 XSS *AGAIN* (11/13/02)
Dave Ahmad
- [Security bulletin] SSRT2266 HP Tru64 UNIX IGMP Potential (DoS) Security Vulnerability (fwd) (11/26/02)
- [security bulletin] SSRT2301 - HP Tru64 UNIX uudecode Potential Security Vulnerability (fwd) (11/26/02)
- [security bulletin] SSRT2385 OSIS V5.4 LDAP Module for System Authentication Potential Security Vulnerability (fwd) (11/26/02)
- ISS Security Brief: Solaris fs.auto Remote Compromise Vulnerability (fwd) (11/25/02)
- CERT Advisory CA-2002-32 Backdoor in Alcatel OmniSwitch AOS (fwd) (11/21/02)
- Re: (MSIE) when parent gives his son bad things ;) --"dialogArguments " again (11/19/02)
- ISS Security Advisory: Multiple Remote Vulnerabilities in BIND4 and BIND8 (fwd) (11/12/02)
- RE: [security bulletin] SSRT2265 HP TruCluster Server Interconnect Potential Security Vulnerability (fwd) (11/05/02)
Dave Aitel
- Re: Netscape Problems. (11/26/02)
Dave B.
- AIM Bug (11/25/02)
Dave Wilson
- Re: File reading vulnerable in PHP and MySQL (Local Exploit) (11/27/02)
David Endler
- iDEFENSE Security Advisory 11.19.02c: Netscape Predictable Directory Structure Allows Theft of Preferences File (11/20/02)
- iDEFENSE Security Advisory 11.19.02b: Eudora Script Execution Vulnerability (11/20/02)
- iDEFENSE Security Advisory 11.19.02a: Denial of Service Vulnerability in Linksys Cable/DSL Routers (11/19/02)
- Update: iDEFENSE Security Advisory 11.19.02b: Eudora Script Execution Vulnerability (11/20/02)
- iDEFENSE Security Advisory 11.11.02: Buffer Overflow in KDE resLISa (11/11/02)
- iDEFENSE Security Advisory 11.08.02b: Non-Explicit Path Vulnerability in QNX Neutrino RTOS (11/08/02)
- iDEFENSE Security Advisory 11.08.02a: File Disclosure Vulnerability in Simple Web Server (11/08/02)
- Linksys security contact (11/07/02)
- iDEFENSE Security Advisory 11.06.02: Non-Explicit Path Vulnerability in LuxMan (11/06/02)
- iDEFENSE Security Advisory 11.04.02a: Pablo FTP Server DoS Vulnerability (11/04/02)
- iDEFENSE Security Advisory 11.04.02b: Denial of Service Vulnerability in Xeneo Web Server (11/04/02)
- iDEFENSE Security Advisory 11.01.02: Buffer Overflow Vulnerability in Abuse (11/01/02)
- iDEFENSE Security Advisory 10.31.02a: Denial of Service Vulnerability in Linksys BEFSR41 EtherFast Cable/DSL Router (11/01/02)
- iDEFENSE Security Advisory 10.31.02c: PHP-Nuke SQL Injection Vulnerability (11/01/02)
- iDEFENSE Security Advisory 10.31.02b: Prometheus Application Framework Code Injection (11/01/02)
David J. Hughes
- LibHTTPD Vulnerability and fix (11/25/02)
David Litchfield
- MS02-064 fix time (11/14/02)
David Miller
- XSS vulnerability in Bugzilla if upgraded from 2.10 or earlier (11/26/02)
David Wagner
- Re: A technique to mitigate cookie-stealing XSS attacks (11/08/02)
deadbeat@hush.com
- Oracle iSQL*Plus buffer Overflow.. (11/04/02)
dong-h0un U
- Remote Multiple Buffer Overflow(s) vulnerability in Libcgi-tuxbr. (11/28/02)
- Remote Frame Pointer Overwrite vulnerability in LIB CGI in Language C. (11/27/02)
- Remote POST Buffer Overflow vulnerability in Pserv. (11/24/02)
- Remote Heap malloc/free & multiple Overflow vulnerability in WSMP3. (11/25/02)
- Remote Buffer Overflow vulnerability in Zeroo HTTP Server. (11/16/02)
- Remote Buffer Overflow vulnerability in Lib HTTPd. (11/13/02)
- Remote Buffer Overflow vulnerability in Light HTTPd (11/12/02)
- Multiple vulnerabilities in Tiny HTTPd (11/11/02)
Ed Ravin
- Finding Vendor Security Contacts (11/09/02)
Ed Reed
- NOVL-2002-2963827 - Remote Manager Security Issue - NW5.1 (11/12/02)
- NOVL-2002-2963767 - Remote Manager Security Issue - eDir 8.6.2 (11/12/02)
- NOVL-2002-2963651 - iManager (eMFrame) Buffer Overflow (11/11/02)
Eitan Caspi
- User downgraded from Administrator to User retains the ability to list other user's running tasks (11/29/02)
EnGarde Secure Linux
- [ESA-20021127-032] 'pine' version upgrade, security fixes. (11/27/02)
- [ESA-20021122-031] php upgrade, security fixes (11/22/02)
- [ESA-20021122-030] local kernel vulnerabilities (11/22/02)
- [ESA-20021114-029] BIND buffer overflow, DoS attacks. (11/14/02)
Eric Rescorla
- Security holes... Who cares? (11/15/02)
Eric Stevens
- RE: A technique to mitigate cookie-stealing XSS attacks (11/14/02)
Erik Parker
- (Correction) Netscreen SSH1 CRC32 Compensation Denial of service (11/01/02)
- Netscreen SSH1 CRC32 Compensation Denial of service (11/01/02)
es@hush.com
- [ElectronicSouls] - BOOZT CGI Exploit (11/29/02)
euronymous
- Zeus Admin Server v4.1r2 index.fcgi XSS bug (11/08/02)
Felix Radensky
- Re: Allot Netenforcer problems, GNU TAR flaw (11/03/02)
Florian Weimer
- Re: ISS Security Brief: Solaris fs.auto Remote Compromise Vulnerability (fwd) (11/26/02)
- Re: When scrubbing secrets in memory doesn't work (11/18/02)
- Re: GNU GCC: Optimizer Removes Code Necessary for Security (11/17/02)
- Re: RES: A technique to mitigate cookie-stealing XSS attacks (11/08/02)
- Re: A technique to mitigate cookie-stealing XSS attacks (11/08/02)
- Re: A technique to mitigate cookie-stealing XSS attacks (11/05/02)
Frank Heyne
- Bug in EventSave (11/01/02)
Frank Louwers
- Re: Accesspoints disclose wep keys, password and mac filter (fwd) (11/04/02)
Frank Perreault
- Lotus Domino HTTP Server security issue (11/07/02)
FreeBSD Security Advisories
- FreeBSD Security Advisory FreeBSD-SA-02:41.smrsh [REVISED] (11/15/02)
- FreeBSD Security Advisory FreeBSD-SA-02:43.bind [REVISED] (11/15/02)
- FreeBSD Security Advisory FreeBSD-SA-02:43.bind (11/14/02)
- FreeBSD Security Advisory FreeBSD-SA-02:41.smrsh (11/13/02)
- FreeBSD Security Advisory FreeBSD-SA-02:42.resolv (11/13/02)
- FreeBSD Security Advisory FreeBSD-SA-02:40.kadmind (11/13/02)
FreeBSDbr Bugtraq DataBase
- Open WebMail 1.71 "background" magic info (11/19/02)
Frog Man
- FreeNews & News Evolution (PHP) (11/26/02)
- Immobilier 1 (PHP) (11/25/02)
- Web Server Creator - Web Portal 0.1 (PHP) (11/25/02)
Fulton Preston
- RE: Motorola Cable Modem DOS (11/06/02)
Gert Fokkema
- Re: How to execute programs with parameters in IE - Sandblad advisory #10 (11/08/02)
Gianni Tedesco
- Re: When scrubbing secrets in memory doesn't work (11/06/02)
Glen Bishop
- Re: Bind 8 bug experience (11/14/02)
Gossi The Dog
- Re: ZDnet forum: IE formatting local drive (11/14/02)
GreyMagic Software
- RE: MS02-066 - fixes, gaps and incorrect statements (11/25/02)
- RE: (MSIE) -"dialogArguments" (extended) (11/20/02)
- Opera 7 vulnerabilities (11/14/02)
Hai Nam Luke
- File reading vulnerable in PHP and MySQL (Local Exploit) (11/26/02)
- Code Injection in phpBB Advanced Quick Reply Mod (11/13/02)
Hakan Carlsson
- Re: Accesspoints disclose wep keys, password and mac filter (fwd) (11/05/02)
husun arner
- AIM 5.1.3036 buffer overflow (11/17/02)
hysterix1@aol.com
- Re: How to execute programs with parameters in IE - Sandblad advisory #10 (11/08/02)
Ilya Teterin
- arp spoofing defence (11/14/02)
informatik.koerfer@web.de
- Re: Accesspoints disclose wep keys, password and mac filter (fwd) (11/07/02)
- Re: Accesspoints disclose wep keys, password and mac filter (fwd) (11/06/02)
Iv�n Arce
- RE: CAIS-ALERT: Vulnerability in the sending requests control of BIND (11/28/02)
- RE: CAIS-ALERT: Vulnerability in the sending requests control of BIND (11/27/02)
Jan Echternach
- Re: When scrubbing secrets in memory doesn't work (11/11/02)
Jason Coombs
- RE: A technique to mitigate cookie-stealing XSS attacks (11/12/02)
jasonk
- RE: A technique to mitigate cookie-stealing XSS attacks (11/12/02)
Jean-loup Gailly
- Cracking OpenVMS passwords with John the Ripper (11/26/02)
Jeff Damens
- re: Solaris priocntl exploit (11/28/02)
jelmer
- Re: How to execute programs with parameters in IE - Sandblad advisory #10 (11/08/02)
Jeremiah Grossman
- Re: A technique to mitigate cookie-stealing XSS attacks (11/11/02)
Jeremy C. Reed
- Re: Bind 8 bug experience (11/13/02)
Jeroen Kessenich
- RE: Motorola Cable Modem DOS (11/01/02)
Jim Knoble
- Re: Linksys security contact (11/14/02)
Jirka Kosina
- Re: i386 Linux kernel DoS (11/14/02)
John
- RE: Netscreen SSH1 CRC32 Compensation Denial of service (11/01/02)
Jonas Eriksson
- [tcpdump-announce] initial comments on trojan attack (fwd) (11/16/02)
- patch for named buffer overflow now available (fwd) (11/15/02)
Joseph Wagner
- GNU GCC: Optimizer Removes Code Necessary for Security (11/16/02)
josh
- RE: AIM 5.1.3036 buffer overflow (11/18/02)
Joshua Wright
- Layer 2 Analysis of WLAN Discovery Applications for Intrusion Detection (11/11/02)
Jouko Pynnonen
- Netscape 4 Java buffer overflow (11/26/02)
- Technical information about unpatched MS Java vulnerabilities (11/08/02)
Juraj Ziegler
- Re: Motorola Cable Modem DOS (11/04/02)
Justin King
- Re: A technique to mitigate cookie-stealing XSS attacks (11/07/02)
- Re: Bypassing website filter in SonicWall (11/07/02)
K. K. Mookhey
- The Unix Auditor's Practical Handbook (11/12/02)
- Buffer Overflow in iSMTP Gateway (11/11/02)
- Weak Password Encryption Scheme in MS SQL Server (11/02/02)
Keith R. Watson
- Iomega NAS A300U security and inter-operability issues (11/01/02)
Ketil Braun Larsen
- MailEnable POP3 Server remote shutdown !:/ -newest ~ (and previous) bufferoverflow- (11/17/02)
labs@NGSEC
- iPlanet WebServer, remote root compromise (11/19/02)
Last Stage of Delirium
- [LSD] Java and JVM security vulnerabilities (11/21/02)
Laurent Licour
- Exploit code for IP Smart Spoofing (11/12/02)
Leif Sawyer
- RE: i386 Linux kernel DoS (11/13/02)
li0n
- [A3SC] MS IIS out of process privilege elevation vulnerability(A3CR@K-Vul-2002-06-002) (11/04/02)
Linus Sj�berg
- Remote pine Denial of Service (11/07/02)
Linus Torvalds
- Re: FW: i386 Linux kernel DoS (11/14/02)
Lise
- Re: Alert: Microsoft Security Bulletin - MS02-066 (11/25/02)
Liu Die Yu
- (MSIE) when parent gives his son bad things ;) --"dialogArguments " again (11/19/02)
magistrat
- xoops Quizz Module IMG bug (11/11/02)
Mandrake Linux Security Team
- MDKSA-2002:083 - Updated sendmail packages fix smrsh insecurities (11/28/02)
- MDKSA-2002:081 - Updated samba packages fix potential root compromise (11/26/02)
- MDKSA-2002:082 - Updated python packages fix local arbitrary code execution vulnerability (11/26/02)
- MDKSA-2002:080 - Updated kdenetwork packages fix remote command execution vulnerabilites (11/22/02)
- MDKSA-2002:079 - Updated kdelibs packages fix remote command execution vulnerabilites (11/22/02)
- Updated ypserv packages fix memory leak (11/19/02)
- MDKSA-2002:077 - bind update (11/14/02)
- MDKSA-2002:075 - nss_ldap update (11/08/02)
- MDKSA-2002:076 - perl-MailTools update (11/08/02)
- MDKSA-2002:074 - mozilla update (11/01/02)
Marc Maiffret
- Update: EEYE: Macromedia ColdFusion/JRun Remote SYSTEM Buffer Overflow Vulnerabilities (11/20/02)
- EEYE: Macromedia ColdFusion/JRun Remote SYSTEM Buffer Overflow Vulnerabilities (11/12/02)
marek.rouchal@infineon.com
- ClearCase DoS vulnerabilty (11/22/02)
Mark Litchfield
- Help Please (11/08/02)
mark_sala@yahoo.com
- bind 8 info update regarding ISS (11/16/02)
Martin Schulze
- [SECURITY] [DSA 199-1] New mhonarc packages fix cross site scripting (11/19/02)
- [SECURITY] [DSA 198-1] New nullmailer packages fix local denial of service (11/18/02)
- [SECURITY] [DSA 197-1] New sqwebmail packages fix local information exposure (11/15/02)
- [SECURITY] [DSA 195-1] New Apache-Perl packages fix several vulnerabilities (11/13/02)
- [SECURITY] [DSA 194-1] New masqmail packages fix buffer overflows (11/12/02)
- [SECURITY] [DSA 193-1] New klisa packages fix buffer overflow (11/11/02)
- [SECURITY] [DSA 191-2] New squirrelmail packages fix problem in options page (11/11/02)
- [SECURITY] [DSA 192-1] New html2ps packages fix arbitrary code execution (11/08/02)
- [SECURITY] [DSA 188-1] New Apache-SSL packages fix several vulnerabilities (11/05/02)
- [SECURITY] [DSA 191-1] New squirrelmail packages fix cross site scripting bugs (11/07/02)
- [SECURITY] [DSA 189-1] New luxman packages fix local root exploit (11/06/02)
- [SECURITY] [DSA 187-1] New Apache packages fix several vulnerabilities (11/04/02)
- [SECURITY] [DSA 186-1] New log2mail packages fix several vulnerabilities (11/01/02)
Matt Selsky
- Sun Security Bulletin #00220 (11/20/02)
Matthew Collins
- Re: A technique to mitigate cookie-stealing XSS attacks (11/06/02)
Matthew Dixon Cowles
- Re: Bind 8 bug experience (11/13/02)
Matthew Murphy
- Moby NetSuite POST Denial of Service Vulnerability (11/29/02)
- BadBlue XSS/Information Disclosure Vulnerabilities (11/24/02)
- Multiple phpNuke Modules Vulnerable to Cross-Site Scripting (11/24/02)
- acFTP Authentication Issue (11/24/02)
- acFreeProxy Cross-Site Scripting Vulnerability/Possible DoS (11/24/02)
- LiteServe Directory Index Cross-Site Scripting (11/08/02)
Matthew Wagenknecht
- pWins Perl Web Server Directory Transversal Vulnerability (11/28/02)
Matthias Andree
- bogofilter contrib/bogopass temp file vulnerability (11/29/02)
mattmurphy@kc.rr.com
- Zeroo Folder Traversal Vulnerability (11/22/02)
- Perception LiteServe HTTP CGI Disclosure Vulnerability (11/14/02)
- KeyFocus KF Web Server File Disclosure Vulnerability (11/13/02)
Melson, Paul
- RE: Accesspoints disclose wep keys, password and mac filter (fwd) (11/04/02)
Michael Bacarella
- Better security through shame (11/14/02)
Michael Brennen
- Bind 8 bug experience (11/13/02)
Michael Howard
- RE: A technique to mitigate cookie-stealing XSS attacks (11/11/02)
- When scrubbing secrets in memory doesn't work (11/05/02)
- RE: A technique to mitigate cookie-stealing XSS attacks (11/07/02)
- When scrubbing secrets in memory doesn't work (11/05/02)
- A technique to mitigate cookie-stealing XSS attacks (11/05/02)
Michael Wojcik
- RE: When scrubbing secrets in memory doesn't work (11/14/02)
- RE: When scrubbing secrets in memory doesn't work (11/12/02)
Michael Zimmermann
- Re: When scrubbing secrets in memory doesn't work (11/08/02)
Mincu Alexandru
- Latest libpcap & tcpdump sources from tcpdump.org contain a trojan (11/13/02)
moose@microsoftsucks.org
- RE: Cracking OpenVMS passwords with John the Ripper (11/26/02)
Muhammad Faisal Rauf Danka
- XSS in Postnuke Rogue release (0.72) (11/08/02)
NESTING, DAVID M (SBCSI)
- RE: A technique to mitigate cookie-stealing XSS attacks (11/05/02)
NetBSD Security Officer
- NetBSD Security Advisory 2002-027: ftpd STAT output non-conformance can deceive firewall devices (11/19/02)
- NetBSD Security Advisory 2002-028: Buffer overrun in getnetbyname/getnetbyaddr (11/19/02)
- NetBSD Security Advisory 2002-029: named(8) multiple denial of service and remote execution of code (11/19/02)
- NetBSD Security Advisory 2002-024: IPFilter FTP proxy (11/05/02)
NetScreen Security Response Team
- Predictable TCP Initial Sequence Numbers (11/25/02)
- Potential H.323 Denial of Service (11/25/02)
- 'Malicious-URL' Feature may be Circumvented Using IP Fragmentation (11/25/02)
NGSSoftware Insight Security Research
- Mulitple Buffer Overflow conditions in RealPlayer/RealOne (#NISR22112002) (11/22/02)
- Oracle iSQL*Plus buffer overflow vulnerability (#NISR04112002) (11/04/02)
Nicholas Weaver
- Re: When scrubbing secrets in memory doesn't work (11/17/02)
Nick Simicich
- Re: A technique to mitigate cookie-stealing XSS attacks (11/08/02)
Nils Reichen
- Cisco PIX SSH/telnet dDOS vulnerability CSCdy51810 (11/05/02)
Olaf Kirch
- Re: Bind 8 bug experience (11/14/02)
- SuSE Security Announcement: Multiple vulnerabilities in BIND8 (SuSE-SA:2002:044) (11/14/02)
- SuSE Security Announcement: KDE lanbrowser vulnerability (SuSE-SA:2002:042) (11/12/02)
Oleg A. Lebedev
- Allied Telesyn switches & routers vulnerability (11/20/02)
One Semicolon
- Clipboard in QNX Photon (11/19/02)
- Multiple incorrect permissions in QNX. (11/19/02)
OpenPKG
- [OpenPKG-SA-2002.012] OpenPKG Security Advisory (samba) (11/29/02)
- [OpenPKG-SA-2002.011] OpenPKG Security Advisory (bind, bind8) (11/15/02)
Ossian Vitek
- Re: IP SmartSpoofing : How to bypass all IP filters relying on source IP address (10/31/02)
Paolo Perego
- [Announce] AngeL v0.9.0 (11/04/02)
Patrick Oonk
- Re: Help Please (11/08/02)
Paul Starzetz
- TracerouteNG - never ending story (11/28/02)
Paul Szabo
- Re: d_path() truncating excessive long path name vulnerability (11/27/02)
- Eudora 5.2 attachment spoof (11/13/02)
Paul Theodoropoulos
- Re: Bind 8 bug experience (11/15/02)
Pawel Pisarczyk
- QNX 6.1 TimeCreate weakness (11/06/02)
Perry E. Metzger
- Re: When scrubbing secrets in memory doesn't work (11/06/02)
Pete Foster
- [Sec-Tec Advisory] Local scripting vulnerability in phpBB (11/25/02)
Peter Arnts
- Re: Motorola Cable Modem DOS (11/04/02)
Peter Bieringer
- Opera 6.03/Linux crashes on HTTPS over Squid Proxy on a site (11/20/02)
Peter Jeremy
- Re: Motorola Cable Modem DOS (11/07/02)
Peter Watkins
- Re: When scrubbing secrets in memory doesn't work (11/18/02)
- Re: A technique to mitigate cookie-stealing XSS attacks (11/08/02)
PlanetDNS Support
- PlanetWeb Web Server Buffer Overflow in processing GET requests (11/18/02)
Predrag Damnjanovic
- Re: PHP-Nuke SQL Injection Vulnerability (11/04/02)
ProXy
- APBoard - post threads to protected forums and possibility to hijack forum-password (11/12/02)
quentyn@fotango.com
- Re: [VulnWatch] Netscreen SSH1 CRC32 Compensation Denial of service (11/05/02)
Richard Moore
- Re: When scrubbing secrets in memory doesn't work (11/18/02)
Roman Drahtmueller
- SuSE Security Announcement: samba (SuSE-SA:2002:045) (11/20/02)
Russ
- RE: bind 8 info update regarding ISS (11/18/02)
- RE: ISS Security Advisory: Multiple Remote Vulnerabilities in BIND4 andBIND8 (fwd) (11/13/02)
- RE: How to execute programs with parameters in IE - Sandblad advisory #10 (11/10/02)
S G Masood
- Multiple Vuln. in Hotfoon.com's Hotfoon4.exe dialer (11/10/02)
Sam Hayes Merritt, III
- Re: Motorola Cable Modem DOS (11/01/02)
Sebastian Krahmer
- Re: SuSE Security Announcement: perl-MailTools (SuSE-SA:2002:041) (11/11/02)
- SuSE Security Announcement: perl-MailTools (SuSE-SA:2002:041) (11/05/02)
secure@conectiva.com.br
- [CLA-2002:550] Conectiva Linux Security Announcement - samba (11/22/02)
- [CLA-2002:549] Conectiva Linux Security Announcement - dhcpcd (11/18/02)
- [CLA-2002:548] Conectiva Linux Security Announcement - windowmaker (11/18/02)
- [CLA-2002:546] Conectiva Linux Security Announcement - bind (11/14/02)
- [CLA-2002:547] Conectiva Linux Security Announcement - syslog-ng (11/14/02)
- [CLA-2002:545] Conectiva Linux Security Announcement - php4 (11/13/02)
- [CLA-2002:544] Conectiva Linux Security Announcement - linuxconf (11/06/02)
- [CLA-2002:535] Conectiva Linux Security Announcement - glibc (10/29/02)
- [CLA-2002:538] Conectiva Linux Security Announcement - tar/unzip (10/29/02)
- [CLA-2002:542] Conectiva Linux Security Announcement - gv/kghostview (10/31/02)
- [CLA-2002:534] Conectiva Linux Security Announcement - krb5 (10/26/02)
- [CLA-2002:537] Conectiva Linux Security Announcement - tetex (10/29/02)
- [CLA-2002:540] Conectiva Linux Security Announcement - heartbeat (10/30/02)
- [CLA-2002:541] Conectiva Linux Security Announcement - mod_ssl (10/30/02)
- [CLA-2002:539] Conectiva Linux Security Announcement - ypserv (10/30/02)
security@caldera.com
- Security Update: [CSSA-2002-052.0] Linux: sendmail smrsh bypass vulnerabilities (11/22/02)
- Security Update: [CSSA-2002-049.0] Linux: lynx CRLF injection vulnerability (11/19/02)
- Security Update: [CSSA-2002-048.0] Linux: wwwoffled remote access vulnerability (11/19/02)
- Security Update: [CSSA-2002-046.0] Linux: buffer overflows and other security issues in squid (11/15/02)
- Security Update: [CSSA-2002-047.0] Linux: KDE SSL and XSS vulnerabilities (11/16/02)
- Security Update: [CSSA-2002-045.0] Linux: python insecure temporary files in os._execvpe (11/14/02)
- Security Update: [CSSA-2002-SCO.42] UnixWare 7.1.1 Open UNIX 8.0.0 : in.talkd format string vulnerabilities (11/13/02)
- Security Update: [CSSA-2002-042.0] Linux: libpng progressive image loading vulnerabilities and other buffer overflows (11/12/02)
- Security Update: [CSSA-2002-044.0] Linux: Preboot eXecution Environment (PXE) server denial-of-service attacks (11/11/02)
securityfocus@zoneedit.com
- Re: ZoneEdit Account Hijack Vulnerability (11/06/02)
securma massine
- IISPop remote DOS (11/14/02)
Seth Arnold
- Re: A technique to mitigate cookie-stealing XSS attacks (11/11/02)
Seth Bromberger
- UPDATE: Linksys router vulnerability (add'l models affected) (11/20/02)
- Linksys router vulnerability (11/18/02)
SGI Security Coordinator
- Apache Security Vulnerabilities on IRIX (11/13/02)
- IRIX lpd daemon vulnerabilities via sendmail and dns (11/12/02)
- Potential Denial of Service Vulnerability in IRIX RPC-based libc (11/08/02)
- IRIX ToolTalk rpc.ttdbserverd vulnerabilities (11/06/02)
- IRIX CDE ToolTalk rpc.ttdbserverd vulnerabilities (11/05/02)
shannong
- RE: Exploit code for IP Smart Spoofing (11/16/02)
Sharad Ahlawat
- Re: Cisco PIX SSH/telnet dDOS vulnerability CSCdy51810 (11/11/02)
Silvio Cesare
- Re: [Full-Disclosure] Security Update: [CSSA-2002-050.0] Linux: tcpdump denial-of-service in print-bgp.c (11/20/02)
snsadv@lac.co.jp
- [SNS Advisory No.58] Microsoft IIS Local Cross-site Scripting Vulnerability (11/05/02)
Solar Designer
- Re: d_path() truncating excessive long path name vulnerability (11/28/02)
Sp.IC
- vBulletin XSS Injection Vulnerability (11/24/02)
Stephen Gill
- RE: Exploit code for IP Smart Spoofing (11/14/02)
- RE: Exploit code for IP Smart Spoofing (11/13/02)
Steven M. Christey
- On vulnerabilities in open and closed source products (11/27/02)
- Re: MS02-064 fix time (11/15/02)
- RE: A technique to mitigate cookie-stealing XSS attacks (11/14/02)
- Re: A technique to mitigate cookie-stealing XSS attacks (11/08/02)
- Re: Oracle Security Contact (11/06/02)
Stuart Moore
- Cross-site Scripting Vulnerability in ImageFolio Image Gallery Software (11/27/02)
- Re: ion-p.exe allows Remote File Retrieving (11/01/02)
subversive
- SFAD02-002: Calisto Internet Talker Remote DOS (11/25/02)
Tacettin Karadeniz
- benchmark tool for HTTP pages. (11/10/02)
- networking_utils.php (11/05/02)
Tamer Sahin
- [SecurityOffice] Hyperion Ftp Server v2.8.1 Directory Traversal Vulnerability (11/12/02)
- [SecurityOffice] INweb Mail Server v2.01 Denial of Service Vulnerability (11/12/02)
- Mindwall Project (11/01/02)
tenty@overkillnetworks.com
- Re: Accesspoints disclose wep keys, password and mac filter (fwd) (11/08/02)
Thomas Biege
- SuSE Security Announcement: pine (SuSE-SA:2002:046) (11/25/02)
- SuSE Security Announcement: SuSE-SA:2002:043 (traceroute-nanog/nkitb) (11/12/02)
Thomas Sarlandie
- Re: Accesspoints disclose wep keys, password and mac filter (fwd) (11/05/02)
Thor Larholm
- RE: Opera 7 vulnerabilities (11/14/02)
- RE: ZDnet forum: IE formatting local drive (11/14/02)
- RE: How to execute programs with parameters in IE - Sandblad advisory #10 (11/07/02)
Tim Brown
- Fresh hole in W3Mail (fwd) (11/13/02)
Tollef Fog Heen
- Re: Accesspoints disclose wep keys, password and mac filter (fwd) (11/04/02)
Tom Knienieder
- Accesspoints disclose wep keys, password and mac filter (fwd) (11/03/02)
Torsten Valentin
- [OpenBSD] [syslogd] false src-IP when logging to remote syslogd (11/20/02)
Troy Evans
- Re: LOM: Multiple vulnerabilities in Macromedia Flash ActiveX (11/18/02)
Trustix Secure Linux Advisor
- TSLSA-2002-0080 - samba (11/25/02)
- TSLSA-2002-0077 - kernel (11/18/02)
- TSLSA-2002-0076 - bind (11/18/02)
Ulf Harnhammar
- RE: A technique to mitigate cookie-stealing XSS attacks (11/14/02)
- Re: A technique to mitigate cookie-stealing XSS attacks (11/10/02)
Vagner Sacramento
- RE: CAIS-ALERT: Vulnerability in the sending requests control of BIND (11/28/02)
- CAIS-ALERT: Vulnerability in the sending requests control of BIND (11/25/02)
Val Deux
- XOOPS WebChat module - patch UPDATE (11/16/02)
vALDEUx@aol.com
- Security Patch for PortailPHP 0.99 (11/28/02)
- WebChat for XOOPS RC3 SQL INJECTION (11/12/02)
Valdis.Kletnieks@vt.edu
- Re: When scrubbing secrets in memory doesn't work (11/08/02)
- Re: A technique to mitigate cookie-stealing XSS attacks (11/06/02)
Vincent Danen
- [Security Announce] Re: MDKSA-2002:076 - perl-MailTools update (11/08/02)
- [Security Announce] Re: MDKSA-2002:076 - perl-MailTools update (11/08/02)
Webmaster, Lorenzo Hernandez Garcia-Hierro
- NBActiveX Sure ActiveX Big Vulnerability (11/16/02)
whitehat2004@yahoo.com
- Well known flaw in web cart software remains wide open (11/12/02)
Wichert Akkerman
- [SECURITY] [DSA-190-1] buffer overflow in Window Maker (11/07/02)
Will
- Linksys not fixed (11/26/02)
Woody Leonhard
- Office XP document numbers can be linked to individual machines (11/13/02)
YM Barusseau
- Gnujsp and Domino R5.0.10 (11/13/02)
zel
- Netscreen Malicious URL feature can be bypassed by fragmenting the request (11/25/02)
zen-parse
- Re: Netscape Problems. (11/27/02)
- Netscape Problems. (11/26/02)
- Netscape/Mozilla: Exploitable heap corruption via jar: URI handler. (11/14/02)
Zero-X www.lobnan.de Team
- Vulnerability in Cutecast Forum v1.2 (11/07/02)
- ion-p.exe allows Remote File Retrieving (11/01/02)
��
- Solaris priocntl exploit (11/27/02)

Last message date: 11/29/02
Archived on: 11/29/02 CET

399 messages sorted by: [ date ] [ thread ] [ subject ] [ attachment ]

SecurityFocus BugtraqBy Author

SecurityFocus Bugtraq
By Author