SecurityFocus Bugtraq
By Date

399 messages sorted by: [ author ] [ thread ] [ subject ] [ attachment ]

---

Starting: 11/01/02
Ending: 11/29/02

• [ElectronicSouls] - BOOZT CGI Exploit es@hush.com (11/29/02)
• bogofilter contrib/bogopass temp file vulnerability Matthias Andree (11/29/02)
• [OpenPKG-SA-2002.012] OpenPKG Security Advisory (samba) OpenPKG (11/29/02)
• Moby NetSuite POST Denial of Service Vulnerability Matthew Murphy (11/29/02)
• re: Solaris priocntl exploit Jeff Damens (11/28/02)
• Exploit for traceroute-nanog overflow Carl Livitt (11/29/02)
• User downgraded from Administrator to User retains the ability to list other user's running tasks Eitan Caspi (11/29/02)
• Security Patch for PortailPHP 0.99 vALDEUx@aol.com (11/28/02)
• Re: d_path() truncating excessive long path name vulnerability Solar Designer (11/28/02)
• RE: CAIS-ALERT: Vulnerability in the sending requests control of BIND Vagner Sacramento (11/28/02)
• RE: CAIS-ALERT: Vulnerability in the sending requests control of BIND Iván Arce (11/28/02)
• MDKSA-2002:083 - Updated sendmail packages fix smrsh insecurities Mandrake Linux Security Team (11/28/02)
• Re: Netscape Problems. zen-parse (11/27/02)
• RE: Cracking OpenVMS passwords with John the Ripper moose@microsoftsucks.org (11/26/02)
• Kerberos login sniffer and cracker for Windows 2000/XP Arne Vidstrom (11/28/02)
• Re: Solaris priocntl exploit Casper Dik (11/28/02)
• Re: File reading vulnerable in PHP and MySQL (Local Exploit) Dave Wilson (11/27/02)
• TracerouteNG - never ending story Paul Starzetz (11/28/02)
• On vulnerabilities in open and closed source products Steven M. Christey (11/27/02)
• Re: d_path() truncating excessive long path name vulnerability Paul Szabo (11/27/02)
• Remote Multiple Buffer Overflow(s) vulnerability in Libcgi-tuxbr. dong-h0un U (11/28/02)
• pWins Perl Web Server Directory Transversal Vulnerability Matthew Wagenknecht (11/28/02)
• Re: CAIS-ALERT: Vulnerability in the sending requests control of BIND D. J. Bernstein (11/27/02)
• RE: CAIS-ALERT: Vulnerability in the sending requests control of BIND Iván Arce (11/27/02)
• ASI Sybase Security Alert: Buffer overflow in DBCC CHECKVERIFY Aaron C. Newman (Application Security, Inc.) (11/27/02)
• Re: Solaris priocntl exploit Casper Dik (11/27/02)
• ASI Sybase Security Alert: Buffer overflow in DROP DATABASE Aaron C. Newman (Application Security, Inc.) (11/27/02)
• ASI Sybase Security Alert: Buffer overflow in xp_freedll Aaron C. Newman (Application Security, Inc.) (11/27/02)
• Cross-site Scripting Vulnerability in ImageFolio Image Gallery Software Stuart Moore (11/27/02)
• Solaris priocntl exploit ÝþÒãÁˆ (11/27/02)
• [ESA-20021127-032] 'pine' version upgrade, security fixes. EnGarde Secure Linux (11/27/02)
• Remote Frame Pointer Overwrite vulnerability in LIB CGI in Language C. dong-h0un U (11/27/02)
• XSS vulnerability in Bugzilla if upgraded from 2.10 or earlier David Miller (11/26/02)
• AIM Bug Dave B. (11/25/02)
• [Security bulletin] SSRT2266 HP Tru64 UNIX IGMP Potential (DoS) Security Vulnerability (fwd) Dave Ahmad (11/26/02)
• FreeNews & News Evolution (PHP) Frog Man (11/26/02)
• File reading vulnerable in PHP and MySQL (Local Exploit) Hai Nam Luke (11/26/02)
• Re: Netscape Problems. Dave Aitel (11/26/02)
• Netscape 4 Java buffer overflow Jouko Pynnonen (11/26/02)
• Linksys not fixed Will (11/26/02)
• Cracking OpenVMS passwords with John the Ripper Jean-loup Gailly (11/26/02)
• Oracle TNS SEH Exploit benjurry@xfocus.org (11/26/02)
• MDKSA-2002:081 - Updated samba packages fix potential root compromise Mandrake Linux Security Team (11/26/02)
• MDKSA-2002:082 - Updated python packages fix local arbitrary code execution vulnerability Mandrake Linux Security Team (11/26/02)
• Re: ISS Security Brief: Solaris fs.auto Remote Compromise Vulnerability (fwd) Florian Weimer (11/26/02)
• [security bulletin] SSRT2301 - HP Tru64 UNIX uudecode Potential Security Vulnerability (fwd) Dave Ahmad (11/26/02)
• [security bulletin] SSRT2385 OSIS V5.4 LDAP Module for System Authentication Potential Security Vulnerability (fwd) Dave Ahmad (11/26/02)
• Netscape Problems. zen-parse (11/26/02)
• Predictable TCP Initial Sequence Numbers NetScreen Security Response Team (11/25/02)
• vBulletin XSS Injection Vulnerability Sp.IC (11/24/02)
• Potential H.323 Denial of Service NetScreen Security Response Team (11/25/02)
• CAIS-ALERT: Vulnerability in the sending requests control of BIND Vagner Sacramento (11/25/02)
• [RHSA-2002:264-05] New kernel 2.2 packages fix local denial of service issue bugzilla@redhat.com (11/25/02)
• 'Malicious-URL' Feature may be Circumvented Using IP Fragmentation NetScreen Security Response Team (11/25/02)
• LibHTTPD Vulnerability and fix David J. Hughes (11/25/02)
• BadBlue XSS/Information Disclosure Vulnerabilities Matthew Murphy (11/24/02)
• SFAD02-002: Calisto Internet Talker Remote DOS subversive  (11/25/02)
• Immobilier 1 (PHP) Frog Man (11/25/02)
• RE: MS02-066 - fixes, gaps and incorrect statements GreyMagic Software (11/25/02)
• [Sec-Tec Advisory] Local scripting vulnerability in phpBB Pete Foster (11/25/02)
• Web Server Creator - Web Portal 0.1 (PHP) Frog Man (11/25/02)
• ISS Security Brief: Solaris fs.auto Remote Compromise Vulnerability (fwd) Dave Ahmad (11/25/02)
• Multiple phpNuke Modules Vulnerable to Cross-Site Scripting Matthew Murphy (11/24/02)
• Netscreen Malicious URL feature can be bypassed by fragmenting the request zel (11/25/02)
• Remote POST Buffer Overflow vulnerability in Pserv. dong-h0un U (11/24/02)
• acFTP Authentication Issue Matthew Murphy (11/24/02)
• acFreeProxy Cross-Site Scripting Vulnerability/Possible DoS Matthew Murphy (11/24/02)
• TSLSA-2002-0080 - samba Trustix Secure Linux Advisor (11/25/02)
• Re: Alert: Microsoft Security Bulletin - MS02-066 Lise (11/25/02)
• SuSE Security Announcement: pine (SuSE-SA:2002:046) Thomas Biege (11/25/02)
• Remote Heap malloc/free & multiple Overflow vulnerability in WSMP3. dong-h0un U (11/25/02)
• Allied Telesyn switches & routers vulnerability Oleg A. Lebedev (11/20/02)
• UPDATE: Linksys router vulnerability (add'l models affected) Seth Bromberger (11/20/02)
• [ESA-20021122-031] php upgrade, security fixes EnGarde Secure Linux (11/22/02)
• Mulitple Buffer Overflow conditions in RealPlayer/RealOne (#NISR22112002) NGSSoftware Insight Security Research (11/22/02)
• [ESA-20021122-030] local kernel vulnerabilities EnGarde Secure Linux (11/22/02)
• [CLA-2002:550] Conectiva Linux Security Announcement - samba secure@conectiva.com.br (11/22/02)
• [RHSA-2002:266-05] New samba packages available to fix potential security vulnerability bugzilla@redhat.com (11/22/02)
• ClearCase DoS vulnerabilty marek.rouchal@infineon.com (11/22/02)
• Open WebMail 1.71 "background" magic info FreeBSDbr Bugtraq DataBase (11/19/02)
• MDKSA-2002:080 - Updated kdenetwork packages fix remote command execution vulnerabilites Mandrake Linux Security Team (11/22/02)
• Zeroo Folder Traversal Vulnerability mattmurphy@kc.rr.com (11/22/02)
• MDKSA-2002:079 - Updated kdelibs packages fix remote command execution vulnerabilites Mandrake Linux Security Team (11/22/02)
• Security Update: [CSSA-2002-052.0] Linux: sendmail smrsh bypass vulnerabilities security@caldera.com (11/22/02)
• XSS bug in vBulletin Arab VieruZ (11/21/02)
• GLSA: samba Daniel Ahlberg (11/21/02)
• GLSA: php Daniel Ahlberg (11/20/02)
• SuSE Security Announcement: samba (SuSE-SA:2002:045) Roman Drahtmueller (11/20/02)
• [OpenBSD] [syslogd] false src-IP when logging to remote syslogd Torsten Valentin (11/20/02)
• iDEFENSE Security Advisory 11.19.02c: Netscape Predictable Directory Structure Allows Theft of Preferences File David Endler (11/20/02)
• Clipboard in QNX Photon One Semicolon (11/19/02)
• [LSD] Java and JVM security vulnerabilities Last Stage of Delirium (11/21/02)
• iDEFENSE Security Advisory 11.19.02b: Eudora Script Execution Vulnerability David Endler (11/20/02)
• CERT Advisory CA-2002-32 Backdoor in Alcatel OmniSwitch AOS (fwd) Dave Ahmad (11/21/02)
• iDEFENSE Security Advisory 11.19.02a: Denial of Service Vulnerability in Linksys Cable/DSL Routers David Endler (11/19/02)
• RE: (MSIE) -"dialogArguments" (extended) GreyMagic Software (11/20/02)
• Cisco Security Advisory: Cisco PIX Multiple Vulnerabilities Cisco Systems Product Security Incident Response Team (11/20/02)
• GLSA: gtetrinet Daniel Ahlberg (11/20/02)
• Sun Security Bulletin #00220 Matt Selsky (11/20/02)
• GLSA: courier Daniel Ahlberg (11/19/02)
• Opera 6.03/Linux crashes on HTTPS over Squid Proxy on a site Peter Bieringer (11/20/02)
• Re: [Full-Disclosure] Security Update: [CSSA-2002-050.0] Linux: tcpdump denial-of-service in print-bgp.c Silvio Cesare (11/20/02)
• Update: iDEFENSE Security Advisory 11.19.02b: Eudora Script Execution Vulnerability David Endler (11/20/02)
• Re: AIM 5.1.3036 buffer overflow Alan MacDonald (11/19/02)
• Security Update: [CSSA-2002-049.0] Linux: lynx CRLF injection vulnerability security@caldera.com (11/19/02)
• Security Update: [CSSA-2002-048.0] Linux: wwwoffled remote access vulnerability security@caldera.com (11/19/02)
• Updated ypserv packages fix memory leak Mandrake Linux Security Team (11/19/02)
• (MSIE) when parent gives his son bad things ;) --"dialogArguments " again Liu Die Yu (11/19/02)
• NetBSD Security Advisory 2002-027: ftpd STAT output non-conformance can deceive firewall devices NetBSD Security Officer (11/19/02)
• Multiple incorrect permissions in QNX. One Semicolon (11/19/02)
• NetBSD Security Advisory 2002-028: Buffer overrun in getnetbyname/getnetbyaddr NetBSD Security Officer (11/19/02)
• Update: EEYE: Macromedia ColdFusion/JRun Remote SYSTEM Buffer Overflow Vulnerabilities Marc Maiffret (11/20/02)
• NetBSD Security Advisory 2002-029: named(8) multiple denial of service and remote execution of code NetBSD Security Officer (11/19/02)
• Re: (MSIE) when parent gives his son bad things ;) --"dialogArguments " again Dave Ahmad (11/19/02)
• [SECURITY] [DSA 199-1] New mhonarc packages fix cross site scripting Martin Schulze (11/19/02)
• iPlanet WebServer, remote root compromise labs@NGSEC (11/19/02)
• RE: AIM 5.1.3036 buffer overflow josh (11/18/02)
• TFTPD32 Directory Traversal Vulnerability Aviram Jenik (11/18/02)
• Linksys router vulnerability Seth Bromberger (11/18/02)
• TFTPD32 Buffer Overflow Vulnerability (Long filename) Aviram Jenik (11/18/02)
• MailEnable POP3 Server remote shutdown !:/ -newest ~ (and previous) bufferoverflow- Ketil Braun Larsen (11/17/02)
• [CLA-2002:549] Conectiva Linux Security Announcement - dhcpcd secure@conectiva.com.br (11/18/02)
• Update to LOM's advisory 3APA3A (11/18/02)
• Re: When scrubbing secrets in memory doesn't work Peter Watkins (11/18/02)
• XSS bug in phpBB Arab VieruZ (11/18/02)
• Paketto Keiretsu 1.0 Dan Kaminsky (11/18/02)
• RE: Exploit code for IP Smart Spoofing shannong (11/16/02)
• Re: LOM: Multiple vulnerabilities in Macromedia Flash ActiveX Troy Evans (11/18/02)
• PlanetWeb Web Server Buffer Overflow in processing GET requests PlanetDNS Support (11/18/02)
• XOOPS WebChat module - patch UPDATE Val Deux (11/16/02)
• Re: When scrubbing secrets in memory doesn't work Florian Weimer (11/18/02)
• RE: bind 8 info update regarding ISS Russ (11/18/02)
• TSLSA-2002-0077 - kernel Trustix Secure Linux Advisor (11/18/02)
• Re: When scrubbing secrets in memory doesn't work Richard Moore (11/18/02)
• Re: GNU GCC: Optimizer Removes Code Necessary for Security Florian Weimer (11/17/02)
• [CLA-2002:548] Conectiva Linux Security Announcement - windowmaker secure@conectiva.com.br (11/18/02)
• LOM: Multiple vulnerabilities in Macromedia Flash ActiveX 3APA3A (11/18/02)
• AIM 5.1.3036 buffer overflow husun arner (11/17/02)
• [SECURITY] [DSA 198-1] New nullmailer packages fix local denial of service Martin Schulze (11/18/02)
• TSLSA-2002-0076 - bind Trustix Secure Linux Advisor (11/18/02)
• Re: When scrubbing secrets in memory doesn't work Nicholas Weaver (11/17/02)
• Re: Bind 8 bug experience Paul Theodoropoulos (11/15/02)
• Security Update: [CSSA-2002-046.0] Linux: buffer overflows and other security issues in squid security@caldera.com (11/15/02)
• GNU GCC: Optimizer Removes Code Necessary for Security Joseph Wagner (11/16/02)
• [tcpdump-announce] initial comments on trojan attack (fwd) Jonas Eriksson (11/16/02)
• patch for named buffer overflow now available (fwd) Jonas Eriksson (11/15/02)
• Security Update: [CSSA-2002-047.0] Linux: KDE SSL and XSS vulnerabilities security@caldera.com (11/16/02)
• Remote Buffer Overflow vulnerability in Zeroo HTTP Server. dong-h0un U (11/16/02)
• FreeBSD Security Advisory FreeBSD-SA-02:41.smrsh [REVISED] FreeBSD Security Advisories (11/15/02)
• [RHSA-2002:262-07] New kernel fixes local denial of service issue bugzilla@redhat.com (11/16/02)
• NBActiveX Sure ActiveX Big Vulnerability Webmaster, Lorenzo Hernandez Garcia-Hierro (11/16/02)
• [SECURITY] [DSA 197-1] New sqwebmail packages fix local information exposure Martin Schulze (11/15/02)
• bind 8 info update regarding ISS mark_sala@yahoo.com (11/16/02)
• FreeBSD Security Advisory FreeBSD-SA-02:43.bind [REVISED] FreeBSD Security Advisories (11/15/02)
• [SECURITY] [DSA-196-1] New BIND packages fix several vulnerabilities Daniel Jacobowitz (11/14/02)
• [OpenPKG-SA-2002.011] OpenPKG Security Advisory (bind, bind8) OpenPKG (11/15/02)
• Security holes... Who cares? Eric Rescorla (11/15/02)
• Re: ZDnet forum: IE formatting local drive Gossi The Dog (11/14/02)
• Re: MS02-064 fix time Steven M. Christey (11/15/02)
• Unofficial statement re: tcpdump and libpcap Alan DeKok (11/13/02)
• RE: When scrubbing secrets in memory doesn't work Michael Wojcik (11/14/02)
• Re: i386 Linux kernel DoS Jirka Kosina (11/14/02)
• MDKSA-2002:077 - bind update Mandrake Linux Security Team (11/14/02)
• arp spoofing defence Ilya Teterin (11/14/02)
• [CLA-2002:546] Conectiva Linux Security Announcement - bind secure@conectiva.com.br (11/14/02)
• Security Update: [CSSA-2002-045.0] Linux: python insecure temporary files in os._execvpe security@caldera.com (11/14/02)
• GLSA: kdenetwork Daniel Ahlberg (11/14/02)
• Perception LiteServe HTTP CGI Disclosure Vulnerability mattmurphy@kc.rr.com (11/14/02)
• [CLA-2002:547] Conectiva Linux Security Announcement - syslog-ng secure@conectiva.com.br (11/14/02)
• Better security through shame Michael Bacarella (11/14/02)
• RE: Opera 7 vulnerabilities Thor Larholm (11/14/02)
• RE: ZDnet forum: IE formatting local drive Thor Larholm (11/14/02)
• RE: A technique to mitigate cookie-stealing XSS attacks Eric Stevens (11/14/02)
• Re: Bind 8 bug experience Glen Bishop (11/14/02)
• [ESA-20021114-029] BIND buffer overflow, DoS attacks. EnGarde Secure Linux (11/14/02)
• Opera 7 vulnerabilities GreyMagic Software (11/14/02)
• Netscape/Mozilla: Exploitable heap corruption via jar: URI handler. zen-parse (11/14/02)
• Re: FW: i386 Linux kernel DoS Linus Torvalds (11/14/02)
• RE: Exploit code for IP Smart Spoofing Stephen Gill (11/14/02)
• MS02-064 fix time David Litchfield (11/14/02)
• IISPop remote DOS securma massine (11/14/02)
• Re: Bind 8 bug experience Chris Adams (11/14/02)
• FreeBSD Security Advisory FreeBSD-SA-02:43.bind FreeBSD Security Advisories (11/14/02)
• GLSA: kdelibs Daniel Ahlberg (11/14/02)
• SuSE Security Announcement: Multiple vulnerabilities in BIND8 (SuSE-SA:2002:044) Olaf Kirch (11/14/02)
• RE: A technique to mitigate cookie-stealing XSS attacks Ulf Harnhammar (11/14/02)
• Re: Bind 8 bug experience Olaf Kirch (11/14/02)
• Re: Bind 8 bug experience Jeremy C. Reed (11/13/02)
• [CLA-2002:545] Conectiva Linux Security Announcement - php4 secure@conectiva.com.br (11/13/02)
• ZDnet forum: IE formatting local drive Alan Rouse (11/11/02)
• Re: Bind 8 bug experience Matthew Dixon Cowles (11/13/02)
• JSP processor 1.1 information disclosure Andy (11/13/02)
• Office XP document numbers can be linked to individual machines Woody Leonhard (11/13/02)
• Re: Linksys security contact Jim Knoble (11/14/02)
• Buffalo AP Denial of Service Andrei Mikhailovsky (11/13/02)
• RE: A technique to mitigate cookie-stealing XSS attacks Steven M. Christey (11/14/02)
• RE: Exploit code for IP Smart Spoofing Stephen Gill (11/13/02)
• KeyFocus KF Web Server File Disclosure Vulnerability mattmurphy@kc.rr.com (11/13/02)
• Eudora 5.2 attachment spoof Paul Szabo (11/13/02)
• Security Update: [CSSA-2002-SCO.42] UnixWare 7.1.1 Open UNIX 8.0.0 : in.talkd format string vulnerabilities security@caldera.com (11/13/02)
• Gnujsp and Domino R5.0.10 YM Barusseau (11/13/02)
• FreeBSD Security Advisory FreeBSD-SA-02:41.smrsh FreeBSD Security Advisories (11/13/02)
• Default SNMP community in Surecom Broadband Router Andrei Mikhailovsky (11/13/02)
• Latest libpcap & tcpdump sources from tcpdump.org contain a trojan Mincu Alexandru (11/13/02)
• Well known flaw in web cart software remains wide open whitehat2004@yahoo.com (11/12/02)
• Re: i386 Linux kernel DoS Christophe Devine (11/13/02)
• IceWarp 3.4.5 XSS *AGAIN* DarC KonQuesT (11/13/02)
• Re: When scrubbing secrets in memory doesn't work Jan Echternach (11/11/02)
• RE: i386 Linux kernel DoS Leif Sawyer (11/13/02)
• FreeBSD Security Advisory FreeBSD-SA-02:42.resolv FreeBSD Security Advisories (11/13/02)
• Code Injection in phpBB Advanced Quick Reply Mod Hai Nam Luke (11/13/02)
• Apache Security Vulnerabilities on IRIX SGI Security Coordinator (11/13/02)
• Bind 8 bug experience Michael Brennen (11/13/02)
• Remote Buffer Overflow vulnerability in Lib HTTPd. dong-h0un U (11/13/02)
• [SECURITY] [DSA 195-1] New Apache-Perl packages fix several vulnerabilities Martin Schulze (11/13/02)
• FreeBSD Security Advisory FreeBSD-SA-02:40.kadmind FreeBSD Security Advisories (11/13/02)
• RE: ISS Security Advisory: Multiple Remote Vulnerabilities in BIND4 andBIND8 (fwd) Russ (11/13/02)
• Re: A technique to mitigate cookie-stealing XSS attacks Seth Arnold (11/11/02)
• The Unix Auditor's Practical Handbook K. K. Mookhey (11/12/02)
• Fresh hole in W3Mail (fwd) Tim Brown (11/13/02)
• IRIX lpd daemon vulnerabilities via sendmail and dns SGI Security Coordinator (11/12/02)
• Security Update: [CSSA-2002-042.0] Linux: libpng progressive image loading vulnerabilities and other buffer overflows security@caldera.com (11/12/02)
• ezmlm warning bugtraq-help@securityfocus.com (11/12/02)
• i386 Linux kernel DoS Christophe Devine (11/11/02)
• RE: Motorola Cable Modem DOS Chris Wilson (11/12/02)
• EEYE: Macromedia ColdFusion/JRun Remote SYSTEM Buffer Overflow Vulnerabilities Marc Maiffret (11/12/02)
• APBoard - post threads to protected forums and possibility to hijack forum-password ProXy (11/12/02)
• RE: A technique to mitigate cookie-stealing XSS attacks jasonk (11/12/02)
• Exploit code for IP Smart Spoofing Laurent Licour (11/12/02)
• [Fwd: Notice of serious vulnerabilities in ISC BIND 4 & 8] Aaron Howell (11/12/02)
• NOVL-2002-2963827 - Remote Manager Security Issue - NW5.1 Ed Reed (11/12/02)
• RE: When scrubbing secrets in memory doesn't work Michael Wojcik (11/12/02)
• Remote Buffer Overflow vulnerability in Light HTTPd dong-h0un U (11/12/02)
• [SECURITY] [DSA 194-1] New masqmail packages fix buffer overflows Martin Schulze (11/12/02)
• GLSA: apache Daniel Ahlberg (11/12/02)
• KDE Security Advisory: rlogin.protocol and telnet.protocol URL KIO Vulnerability Andreas Pour (11/12/02)
• NOVL-2002-2963767 - Remote Manager Security Issue - eDir 8.6.2 Ed Reed (11/12/02)
• WebChat for XOOPS RC3 SQL INJECTION vALDEUx@aol.com (11/12/02)
• SuSE Security Announcement: SuSE-SA:2002:043 (traceroute-nanog/nkitb) Thomas Biege (11/12/02)
• [SecurityOffice] Hyperion Ftp Server v2.8.1 Directory Traversal Vulnerability Tamer Sahin (11/12/02)
• [SecurityOffice] INweb Mail Server v2.01 Denial of Service Vulnerability Tamer Sahin (11/12/02)
• KDE Security Advisory: resLISa / LISa Vulnerabilities Andreas Pour (11/12/02)
• SuSE Security Announcement: KDE lanbrowser vulnerability (SuSE-SA:2002:042) Olaf Kirch (11/12/02)
• ISS Security Advisory: Multiple Remote Vulnerabilities in BIND4 and BIND8 (fwd) Dave Ahmad (11/12/02)
• RE: A technique to mitigate cookie-stealing XSS attacks Jason Coombs (11/12/02)
• xoops Quizz Module IMG bug magistrat (11/11/02)
• Security Update: [CSSA-2002-044.0] Linux: Preboot eXecution Environment (PXE) server denial-of-service attacks security@caldera.com (11/11/02)
• RE: How to execute programs with parameters in IE - Sandblad advisory #10 Russ (11/10/02)
• iDEFENSE Security Advisory 11.11.02: Buffer Overflow in KDE resLISa David Endler (11/11/02)
• Re: SuSE Security Announcement: perl-MailTools (SuSE-SA:2002:041) Sebastian Krahmer (11/11/02)
• [SECURITY] [DSA 193-1] New klisa packages fix buffer overflow Martin Schulze (11/11/02)
• RE: Motorola Cable Modem DOS Dan Taylor Jr. (11/10/02)
• [RHSA-2002:213-06] New PHP packages fix vulnerability in mail function bugzilla@redhat.com (11/11/02)
• Re: A technique to mitigate cookie-stealing XSS attacks Ulf Harnhammar (11/10/02)
• [SECURITY] [DSA 191-2] New squirrelmail packages fix problem in options page Martin Schulze (11/11/02)
• Multiple vulnerabilities in Tiny HTTPd dong-h0un U (11/11/02)
• Timing the Application of Security Patches for Optimal Uptime Crispin Cowan (11/10/02)
• RE: A technique to mitigate cookie-stealing XSS attacks Michael Howard (11/11/02)
• Re: A technique to mitigate cookie-stealing XSS attacks Jeremiah Grossman (11/11/02)
• Re: Cisco PIX SSH/telnet dDOS vulnerability CSCdy51810 Sharad Ahlawat (11/11/02)
• NOVL-2002-2963651 - iManager (eMFrame) Buffer Overflow Ed Reed (11/11/02)
• benchmark tool for HTTP pages. Tacettin Karadeniz (11/10/02)
• Multiple Vuln. in Hotfoon.com's Hotfoon4.exe dialer S G Masood (11/10/02)
• Buffer Overflow in iSMTP Gateway K. K. Mookhey (11/11/02)
• Re: How to execute programs with parameters in IE - Sandblad advisory #10 Andreas Sandblad (11/10/02)
• Layer 2 Analysis of WLAN Discovery Applications for Intrusion Detection Joshua Wright (11/11/02)
• GLSA: kgpg Daniel Ahlberg (11/10/02)
• iDEFENSE Security Advisory 11.08.02b: Non-Explicit Path Vulnerability in QNX Neutrino RTOS David Endler (11/08/02)
• Finding Vendor Security Contacts Ed Ravin (11/09/02)
• Re: How to execute programs with parameters in IE - Sandblad advisory #10 hysterix1@aol.com (11/08/02)
• RhinoSoft Serv-U FTP Anonymous Remote DoS Vulnerability [secondmotion]-Matt Thompson (11/06/02)
• Securing OWA on public computers. Alex T. (11/07/02)
• [SECURITY] [DSA 192-1] New html2ps packages fix arbitrary code execution Martin Schulze (11/08/02)
• XSS in Postnuke Rogue release (0.72) Muhammad Faisal Rauf Danka (11/08/02)
• Zeus Admin Server v4.1r2 index.fcgi XSS bug euronymous (11/08/02)
• Re: When scrubbing secrets in memory doesn't work Michael Zimmermann (11/08/02)
• Potential Denial of Service Vulnerability in IRIX RPC-based libc SGI Security Coordinator (11/08/02)
• Re: Motorola Cable Modem DOS Peter Arnts (11/04/02)
• Technical information about unpatched MS Java vulnerabilities Jouko Pynnonen (11/08/02)
• Re: A technique to mitigate cookie-stealing XSS attacks Justin King (11/07/02)
• Cisco PIX SSH/telnet dDOS vulnerability CSCdy51810 Nils Reichen (11/05/02)
• [Security Announce] Re: MDKSA-2002:076 - perl-MailTools update Vincent Danen (11/08/02)
• RE: A technique to mitigate cookie-stealing XSS attacks NESTING, DAVID M (SBCSI) (11/05/02)
• Oracle iSQL*Plus buffer Overflow.. deadbeat@hush.com (11/04/02)
• NetBSD Security Advisory 2002-024: IPFilter FTP proxy NetBSD Security Officer (11/05/02)
• Re: Accesspoints disclose wep keys, password and mac filter (fwd) tenty@overkillnetworks.com (11/08/02)
• Re: Accesspoints disclose wep keys, password and mac filter (fwd) Tollef Fog Heen (11/04/02)
• When scrubbing secrets in memory doesn't work Michael Howard (11/05/02)
• [SECURITY] [DSA 188-1] New Apache-SSL packages fix several vulnerabilities Martin Schulze (11/05/02)
• Re: Help Please Patrick Oonk (11/08/02)
• Re: [VulnWatch] Netscreen SSH1 CRC32 Compensation Denial of service quentyn@fotango.com (11/05/02)
• Re: Accesspoints disclose wep keys, password and mac filter (fwd) Alex Harasic (11/07/02)
• Re: PHP-Nuke SQL Injection Vulnerability Predrag Damnjanovic (11/04/02)
• Re: Accesspoints disclose wep keys, password and mac filter (fwd) Casper Dik (11/04/02)
• LiteServe Directory Index Cross-Site Scripting Matthew Murphy (11/08/02)
• RE: A technique to mitigate cookie-stealing XSS attacks Michael Howard (11/07/02)
• Re: A technique to mitigate cookie-stealing XSS attacks David Wagner (11/08/02)
• Re: Accesspoints disclose wep keys, password and mac filter (fwd) Thomas Sarlandie (11/05/02)
• MDKSA-2002:075 - nss_ldap update Mandrake Linux Security Team (11/08/02)
• MDKSA-2002:076 - perl-MailTools update Mandrake Linux Security Team (11/08/02)
• [Security Announce] Re: MDKSA-2002:076 - perl-MailTools update Vincent Danen (11/08/02)
• Re: Bypassing website filter in SonicWall Justin King (11/07/02)
• iDEFENSE Security Advisory 11.08.02a: File Disclosure Vulnerability in Simple Web Server David Endler (11/08/02)
• Re: A technique to mitigate cookie-stealing XSS attacks Peter Watkins (11/08/02)
• Re: RES: A technique to mitigate cookie-stealing XSS attacks Florian Weimer (11/08/02)
• Re: A technique to mitigate cookie-stealing XSS attacks Steven M. Christey (11/08/02)
• Re: How to execute programs with parameters in IE - Sandblad advisory #10 jelmer (11/08/02)
• Re: How to execute programs with parameters in IE - Sandblad advisory #10 Gert Fokkema (11/08/02)
• Re: A technique to mitigate cookie-stealing XSS attacks Florian Weimer (11/08/02)
• Re: A technique to mitigate cookie-stealing XSS attacks Nick Simicich (11/08/02)
• Re: When scrubbing secrets in memory doesn't work Valdis.Kletnieks@vt.edu (11/08/02)
• Help Please Mark Litchfield (11/08/02)
• Lotus Domino HTTP Server security issue Frank Perreault (11/07/02)
• Re: Accesspoints disclose wep keys, password and mac filter (fwd) Hakan Carlsson (11/05/02)
• Re: Accesspoints disclose wep keys, password and mac filter (fwd) informatik.koerfer@web.de (11/07/02)
• Re: A technique to mitigate cookie-stealing XSS attacks Valdis.Kletnieks@vt.edu (11/06/02)
• RE: Motorola Cable Modem DOS Fulton Preston  (11/06/02)
• Re: Yahoo Messenger: Invisible User Detect Chris Caydes (11/07/02)
• RES: A technique to mitigate cookie-stealing XSS attacks AQBARROS@BKB.com.br (11/06/02)
• Re: A technique to mitigate cookie-stealing XSS attacks Matthew Collins (11/06/02)
• Re: When scrubbing secrets in memory doesn't work Andy Polyakov (11/07/02)
• Vulnerability in Cutecast Forum v1.2 Zero-X www.lobnan.de Team (11/07/02)
• [RHSA-2002:197-09] Updated glibc packages fix vulnerabilities in resolver bugzilla@redhat.com (11/07/02)
• [SECURITY] [DSA 191-1] New squirrelmail packages fix cross site scripting bugs Martin Schulze (11/07/02)
• [RHSA-2002:242-06] Updated kerberos packages available bugzilla@redhat.com (11/07/02)
• Re: When scrubbing secrets in memory doesn't work Gianni Tedesco (11/06/02)
• Yahoo Messenger: Invisible User Detect cringe (11/06/02)
• Re: Motorola Cable Modem DOS Peter Jeremy (11/07/02)
• Re: Accesspoints disclose wep keys, password and mac filter (fwd) informatik.koerfer@web.de (11/06/02)
• RE: How to execute programs with parameters in IE - Sandblad advisory #10 Thor Larholm (11/07/02)
• [SECURITY] [DSA-190-1] buffer overflow in Window Maker Wichert Akkerman (11/07/02)
• Remote pine Denial of Service Linus Sjöberg (11/07/02)
• Linksys security contact David Endler (11/07/02)
• [CLA-2002:544] Conectiva Linux Security Announcement - linuxconf secure@conectiva.com.br (11/06/02)
• How to execute programs with parameters in IE - Sandblad advisory #10 Andreas Sandblad (11/06/02)
• IRIX ToolTalk rpc.ttdbserverd vulnerabilities SGI Security Coordinator (11/06/02)
• QNX 6.1 TimeCreate weakness Pawel Pisarczyk (11/06/02)
• Re: [Full-Disclosure] Re: Oracle Security Contact Chris Wysopal (11/06/02)
• Re: Oracle Security Contact Steven M. Christey (11/06/02)
• [SECURITY] [DSA 189-1] New luxman packages fix local root exploit Martin Schulze (11/06/02)
• iDEFENSE Security Advisory 11.06.02: Non-Explicit Path Vulnerability in LuxMan David Endler (11/06/02)
• Re: ZoneEdit Account Hijack Vulnerability securityfocus@zoneedit.com (11/06/02)
• [CLA-2002:535] Conectiva Linux Security Announcement - glibc secure@conectiva.com.br (10/29/02)
• [CLA-2002:538] Conectiva Linux Security Announcement - tar/unzip secure@conectiva.com.br (10/29/02)
• [CLA-2002:542] Conectiva Linux Security Announcement - gv/kghostview secure@conectiva.com.br (10/31/02)
• [CLA-2002:534] Conectiva Linux Security Announcement - krb5 secure@conectiva.com.br (10/26/02)
• [CLA-2002:537] Conectiva Linux Security Announcement - tetex secure@conectiva.com.br (10/29/02)
• [CLA-2002:540] Conectiva Linux Security Announcement - heartbeat secure@conectiva.com.br (10/30/02)
• [CLA-2002:541] Conectiva Linux Security Announcement - mod_ssl secure@conectiva.com.br (10/30/02)
• [CLA-2002:539] Conectiva Linux Security Announcement - ypserv secure@conectiva.com.br (10/30/02)
• GLSA: MailTools Daniel Ahlberg (11/06/02)
• Re: When scrubbing secrets in memory doesn't work Perry E. Metzger (11/06/02)
• When scrubbing secrets in memory doesn't work Michael Howard (11/05/02)
• Bug in Monkey Webserver 0.5.0 or minors versions Daniel (11/04/02)
• Re: A technique to mitigate cookie-stealing XSS attacks Florian Weimer (11/05/02)
• networking_utils.php Tacettin Karadeniz (11/05/02)
• SnortCenter 0.9.5 temp file naming problems... Clint Byrum (11/05/02)
• A technique to mitigate cookie-stealing XSS attacks Michael Howard (11/05/02)
• RE: [security bulletin] SSRT2265 HP TruCluster Server Interconnect Potential Security Vulnerability (fwd) Dave Ahmad (11/05/02)
• IRIX CDE ToolTalk rpc.ttdbserverd vulnerabilities SGI Security Coordinator (11/05/02)
• ZoneEdit Account Hijack Vulnerability [secondmotion]-Matt Thompson (11/05/02)
• Re: Accesspoints disclose wep keys, password and mac filter (fwd) d k (11/05/02)
• SuSE Security Announcement: perl-MailTools (SuSE-SA:2002:041) Sebastian Krahmer (11/05/02)
• [SNS Advisory No.58] Microsoft IIS Local Cross-site Scripting Vulnerability snsadv@lac.co.jp (11/05/02)
• Re: Motorola Cable Modem DOS Juraj Ziegler (11/04/02)
• RE: Accesspoints disclose wep keys, password and mac filter (fwd) Melson, Paul (11/04/02)
• Re: Accesspoints disclose wep keys, password and mac filter (fwd) Cliff Albert (11/04/02)
• Re: Accesspoints disclose wep keys, password and mac filter (fwd) Frank Louwers (11/04/02)
• Oracle iSQL*Plus buffer overflow vulnerability (#NISR04112002) NGSSoftware Insight Security Research (11/04/02)
• Re: Allot Netenforcer problems, GNU TAR flaw Felix Radensky (11/03/02)
• Accesspoints disclose wep keys, password and mac filter (fwd) Tom Knienieder (11/03/02)
• [Announce] AngeL v0.9.0 Paolo Perego (11/04/02)
• [A3SC] MS IIS out of process privilege elevation vulnerability(A3CR@K-Vul-2002-06-002) li0n (11/04/02)
• iDEFENSE Security Advisory 11.04.02a: Pablo FTP Server DoS Vulnerability David Endler (11/04/02)
• iDEFENSE Security Advisory 11.04.02b: Denial of Service Vulnerability in Xeneo Web Server David Endler (11/04/02)
• [SECURITY] [DSA 187-1] New Apache packages fix several vulnerabilities Martin Schulze (11/04/02)
• Weak Password Encryption Scheme in MS SQL Server K. K. Mookhey (11/02/02)
• Iomega NAS A300U security and inter-operability issues Keith R. Watson (11/01/02)
• Re: ion-p.exe allows Remote File Retrieving Stuart Moore (11/01/02)
• RE: Bypassing website filter in SonicWall Brian J. Gaia (10/31/02)
• iDEFENSE Security Advisory 11.01.02: Buffer Overflow Vulnerability in Abuse David Endler (11/01/02)
• Bug in EventSave Frank Heyne (11/01/02)
• (Correction) Netscreen SSH1 CRC32 Compensation Denial of service Erik Parker (11/01/02)
• Mindwall Project Tamer Sahin (11/01/02)
• RE: Netscreen SSH1 CRC32 Compensation Denial of service John (11/01/02)
• Re: iDEFENSE Security Advisory 10.31.02a: Denial of Service Vulnerability in Linksys BEFSR41 EtherFast Cable/DSL Router Alex Harasic (11/01/02)
• Netscreen SSH1 CRC32 Compensation Denial of service Erik Parker (11/01/02)
• iDEFENSE Security Advisory 10.31.02a: Denial of Service Vulnerability in Linksys BEFSR41 EtherFast Cable/DSL Router David Endler (11/01/02)
• ion-p.exe allows Remote File Retrieving Zero-X www.lobnan.de Team (11/01/02)
• RE: Motorola Cable Modem DOS Jeroen Kessenich (11/01/02)
• Weak Password Encryption Scheme in Integrated Dialer Arjun Pednekar (11/01/02)
• Re: Gimp: Erased sections of images print in some cases Clark Mills (10/30/02)
• Re: Motorola Cable Modem DOS Sam Hayes Merritt, III (11/01/02)
• Re: IP SmartSpoofing : How to bypass all IP filters relying on source IP address Ossian Vitek (10/31/02)
• M$ VPN hole reported AK (10/31/02)
• [SECURITY] [DSA 186-1] New log2mail packages fix several vulnerabilities Martin Schulze (11/01/02)
• iDEFENSE Security Advisory 10.31.02c: PHP-Nuke SQL Injection Vulnerability David Endler (11/01/02)
• iDEFENSE Security Advisory 10.31.02b: Prometheus Application Framework Code Injection David Endler (11/01/02)
• MDKSA-2002:074 - mozilla update Mandrake Linux Security Team (11/01/02)

Last message date: 11/29/02
Archived on: 11/29/02 CET

---

399 messages sorted by: [ author ] [ thread ] [ subject ] [ attachment ]

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(15)