SecurityFocus Bugtraq
By Author

332 messages sorted by: [ date ] [ thread ] [ subject ] [ attachment ]

---

Starting: 05/01/03
Ending: 05/30/03

• 0x36
  • Buffer overflow vulnerability found in MailMax version 5 (05/17/03)
• 3APA3A
  • ICQLite executable trojaning (05/29/03)
  • Re: uml_net bug (05/26/03)
• _at_stake Advisories
  • Apple AirPort Administrative Password Obfuscation (a051203-1) (05/12/03)
• akcess .
  • Maelstrom Local Buffer Overflow Exploit (05/20/03)
• Albert Puigsech Galicia
  • More and More SQL injection on PHP-Nuke 6.5. (05/13/03)
  • More and More SQL injection on PHP-Nuke 6.5. (05/13/03)
  • Lot of SQL injection on PHP-Nuke 6.5 (secure weblog!) (05/12/03)
• Andreas Constantinides
  • Plaintext Password in Settings.ini of CesarFTP (05/20/03)
• Andreas Marx
  • Re: Flooding Internet Explorer 6.0.2800 (6.x?) security zones ! [CRITICAL] (05/10/03)
• Andrew Church
  • Maelstrom bugfix (was Maelstrom Local Buffer Overflow Exploit, FreeBSD 4.8 edition) (05/21/03)
• Angelo Rosiello
  • Unix Version of the Pi3web DoS (05/12/03)
• Anil Madhavapeddy
  • Re: Path Disclosure in Turba of Horde (05/17/03)
• Anne Carasik
  • Re: [Full-Disclosure] eBay Security Contact (05/01/03)
• Anthony Patti
  • RE: eBay Security Contact (05/01/03)
• Apache HTTP Server Project
  • [SECURITY] [ANNOUNCE] Apache 2.0.46 released (05/28/03)
• aresu_at_bosen.net
  • Philboard Forum Vulnerability (05/29/03)
• Auriemma Luigi
  • Exploit: Quake 3 engine, con\con and heartbeats (just for fun) (05/27/03)
  • UT2003 client passive DoS exploit (05/13/03)
• axis ph4nt0m
  • ATM on linux Exploit(les,local) (05/25/03)
• bazarr_at_ziplip.com
  • BAZARR CODE NINER PINK TEAM GO GO GO (05/29/03)
  • bazarr CALL POLICE (05/23/03)
  • bazarr slocate (05/19/03)
• ben_at_sixapart.com
  • Re: CSS found in Movable Type (05/12/03)
• Benjamin Schulz
  • Re[2]: Lot of SQL injection on PHP-Nuke 6.5 (secure weblog!) (05/14/03)
• bob
  • Firebird Local exploit (05/10/03)
• Brewis, Mark
  • Compaq Insight Manager - related to Bugtraq ID 2500 (05/21/03)
• Brian Moon
  • Re: A Phorum's bug... (05/09/03)
• bt_at_delfi.lt
  • HP-UX 11.0 /usr/lbin/rwrite (05/02/03)
  • HP-UX 11.0 /usr/bin/kermit (05/02/03)
• bugtracklist.fm
  • TextPortal Default Password Vulnerability (05/24/03)
• bugzilla_at_redhat.com
  • [RHSA-2003:186-01] Updated httpd packages fix Apache security vulnerabilities (05/28/03)
  • [RHSA-2003:145-01] Updated kernel fixes security vulnerabilities and updates drivers (05/28/03)
  • [RHSA-2003:177-01] Updated up2date and rhn_register clients available (05/28/03)
  • [RHSA-2003:171-01] Updated CUPS packages fix denial of service attack (05/27/03)
  • [RHSA-2003:175-01] Updated gnupg packages fix validation bug (05/21/03)
  • [RHSA-2003:169-01] Updated lv packages fix vulnerability (05/16/03)
  • [RHSA-2003:174-01] Updated tcpdump packages fix privilege dropping error (05/15/03)
  • [RHSA-2003:172-00] Updated 2.4 kernel fixes security vulnerabilities and various bugs (05/14/03)
  • [RHSA-2003:160-01] Updated xinetd packages fix a denial-of-service attack and other bugs (05/13/03)
  • [RHSA-2003:002-01] Updated KDE packages fix security issues (05/12/03)
  • [RHSA-2003:133-01] Updated man packages fix minor vulnerability (05/01/03)
• c4
  • Re: Dynamic DNS "Spoofing" & IRC (05/02/03)
• Ceq
  • Bug found in: Polymorph 0.4.0 (05/23/03)
• Cesar
  • Microsoft Biztalk Server ISAPI HTTP Receive function buffer overflow (05/05/03)
  • Microsoft Biztalk Server DTA vulnerable to SQL injection (05/05/03)
  • re:Latest MS SQL Server vulnerabilities revealed (05/01/03)
• Charles Reinold
  • ttcms and ttforum exploits (05/09/03)
• Chris Knipe
  • Hersmen Contact (05/16/03)
  • Fw: [rt-users] [rt-announce] RT 1.0.7 vulnerable to Cross Site Scripting attacks (05/08/03)
• Chris R
  • Buffer Overflow? Local Malformed URL attack on D-Link 704p router (05/26/03)
• Chris Robertson
  • RE: Outlook Web Access authentication bypass (05/23/03)
  • Outlook Web Access authentication bypass (05/23/03)
• Christoph Hellwig
  • Red Hat IA64 products still missing fixes for the ptrace vs kmod vulnerability (04/30/03)
• Cisco Systems Product Security Incident Response Team
  • Cisco Security Advisory: Cisco IOS Software Processing of SAA Packets (05/15/03)
  • Cisco Security Advisory: Cisco VPN 3000 Concentrator Vulnerabilities (05/07/03)
  • Cisco Security Advisory: Cisco ONS15454, ONS15327, ONS15454SDH, and ONS15600 Nessus Vulnerabilities (05/01/03)
• Claes Nyberg
  • Maelstrom exploit (05/20/03)
• Conectiva Updates
  • [CLA-2003:656] Conectiva Security Announcement - netpbm (05/27/03)
  • [CLA-2003:655] Conectiva Security Announcement - BitchX (05/26/03)
  • [CLA-2003:653] Conectiva Security Announcement - bugzilla (05/21/03)
  • [CLA-2003:648] Conectiva Security Announcement - evolution (05/14/03)
  • [CLA-2003:643] Conectiva Security Announcement - slocate (05/08/03)
  • [CLA-2003:640] Conectiva Security Announcement - vnc (05/05/03)
  • [CLA-2003:639] Conectiva Security Announcement - krb5 (05/05/03)
  • [CLA-2003:633] REVISED: Conectiva Security Announcement - glibc (04/30/03)
  • [CLA-2003:635] Conectiva Security Announcement - balsa (04/30/03)
• CORE Security Technologies Advisories
  • CORE-2003-0403: Axis Network Camera HTTP Authentication Bypass (05/27/03)
  • CORE-2003-0303: Multiple Vulnerabilities in Mirabilis ICQ client (05/05/03)
• Cove Schneider
  • Re: April appeared to be a month of IE bugs. Here's another one. (04/29/03)
  • Re: April appeared to be a month of IE bugs. Here's another one. (04/29/03)
• crys_at_fanworks.net
  • Re: CSS found in Movable Type -- Nope (05/13/03)
• cyber_flash_at_hotmail.com
  • Automatic Harvesting of AOL Instant Messenger Screen Names! (05/16/03)
• D4rkGr3y
  • Tornado www-server v1.2: directory traversal, buffer overflow (05/30/03)
  • Son hServer v0.2: directory traversal (05/30/03)
  • ST FTP Service v3.0: directory traversal (05/24/03)
  • Prishtina FTP v.1.*: remote DoS (05/22/03)
  • EServ/2.99: problems (05/22/03)
  • Magic Winmail Server v.2.*: format string (05/25/03)
• Damian Gerow
  • Re: bsdbsdftpd-6.0-ssl-0.6.1-1 attack allows remote users identification (05/16/03)
• Damien Miller
  • Re: Portable OpenSSH: Dangerous AIX linker behavior (aixgcc.adv) (05/01/03)
• Dan Carter
  • Re: [VulnWatch] Hotmail & Passport (.NET Accounts) Vulnerability (05/08/03)
• Dan Harkless
  • Re: Portable OpenSSH: Dangerous AIX linker behavior (aixgcc.adv) (05/01/03)
• Daniel Ahlberg
  • GLSA: openssh (200305-01) (05/02/03)
• Daniel Nyström
  • [[ TH 026 Inc. ]] SA #4 - Blackmoon FTP Server cleartext passwords and User enumeration (05/21/03)
• DarkHunter
  • CSS found in Movable Type (05/12/03)
• Darren Reed
  • Re: Dynamic DNS "Spoofing" & IRC (05/03/03)
• Darren Tucker
  • Re: Portable OpenSSH: Dangerous AIX linker behavior (aixgcc.adv) (04/30/03)
  • Re: Portable OpenSSH: Dangerous AIX linker behavior (aixgcc.adv) (05/01/03)
• Dave Ahmad
  • iDEFENSE Security Advisory 05.30.03: Apache Portable Runtime Denial of Service and Arbitrary Code Execution Vulnerability (05/30/03)
• Dave Palumbo
  • XSS In Neoteris IVE Allows Session Hijacking (05/13/03)
• dave_at_immunitysec.com
  • makeunicode2.py release (05/12/03)
• David Barroso
  • Re: Demarc Puresecure v1.6 - Plaintext password issue - (05/22/03)
• David F. Madrid
  • Blue screen in Windows (05/20/03)
  • RE : Memory leak in 3COM DSL routers (05/15/03)
  • Memory leak in 3COM 812 DSL routers (05/14/03)
  • Crash in Internet Explorer 6.0 Sp1 (05/05/03)
• David Shaw
  • Key validity bug in GnuPG 1.2.1 and earlier (05/04/03)
• Dennis Rand
  • Multiple Buffer Overflow Vulnerabilities Found in CMailServer 4.0 (05/10/03)
  • Multiple Buffer Overflow Vulnerabilities Found in FTGate Pro Mail Server v. 1.22 (1328) (05/06/03)
• descript
  • s0h: Kerio Personal Firewall and Tiny Personal Firewall remote exploit/patch. (05/08/03)
• dong-h0un U
  • WsMp3d remote exploit. (05/22/03)
  • [INetCop Security Advisory] Remote Heap Corruption Overflow vulnerability in WsMp3d. (05/21/03)
  • [INetCop Security Advisory] WsMP3d Directory Traversing Vulnerability. (05/21/03)
• DownBload
  • II-Labs Advisory: Remote code execution in YaBBse 1.5.2 (php version) (05/09/03)
• einstein, dhtm
  • Re[2]: EXPLOIT: Buffer overflow in Explorer.exe on Windows XP SP1 (05/15/03)
• Elmar Knipp
  • Re: from bugtraq: HP-UX 11.0 /usr/bin/kermit (fwd) (05/03/03)
• EnGarde Secure Linux
  • [ESA-20030515-015] 'sudo' heap corruption vulnerability (05/15/03)
  • [ESA-20030515-017] 'kernel' several bug and security-related fixes. (05/15/03)
  • [ESA-20030515-016] 'gnupg' key validation bug. (05/15/03)
• ERRor
  • Re: April appeared to be a month of IE bugs. Here's another one. (05/01/03)
• Ethan Benson
  • Re: OpenSSH/PAM timing attack allows remote users identification (05/01/03)
• euronymous
  • BRS WebWeaver: POST and HEAD Overflaws (05/27/03)
  • UPB: Discussion Board/Web-Site Takeover (05/24/03)
  • Snowblind Web Server: multiple issues (05/16/03)
• Executable Security
  • RE: Detailed analysis: Buffer overflow in Explorer.exe on Windows XP SP1 (05/14/03)
  • Detailed analysis: Buffer overflow in Explorer.exe on Windows XP SP1 (05/11/03)
• Ferruh Mavituna
  • EzPublish Directory XSS Vulnerability (05/16/03)
  • VBulletin Preview Message - XSS Vuln (05/14/03)
  • PHPNuke "Your Account" XSS Vulnerability (05/11/03)
• flur
  • PalmVNC 1.40 Insecure Records (05/26/03)
• Frame4 Security Systems
  • Code Injection Vulnerabilities in WebcamXP Chat Feature (05/02/03)
  • Multiple Vulnerabilities in Splatt Forum 4.0 (05/01/03)
• Frank da Cruz
  • Re: from bugtraq: HP-UX 11.0 /usr/bin/kermit (fwd) (05/02/03)
  • Re: from bugtraq: HP-UX 11.0 /usr/bin/kermit (fwd) (05/02/03)
• Frog Man
  • OneOrZero Security Problems (PHP) (05/15/03)
  • re: II-Labs Advisory: Remote code execution in YaBBse 1.5.2 (php version) (05/11/03)
  • miniPortail (PHP) : Admin Access (05/08/03)
• Gino Thomas
  • NuxAcid#002 - Buffer Overflow in UpClient (05/27/03)
• Godwin Stewart
  • Re: NII Advisory - Buffer Overflow in Analogx Proxy (05/27/03)
• Gyrniff
  • iisPROTECT SQL injection in admin interface (05/23/03)
• H D Moore
  • Re: Multiple Vulnerabilities in SLWebmail (05/07/03)
• Helmut Springer
  • Re: BEA WebLogic (05/25/03)
• http-equiv_at_excite.com
  • Restricted Zone: the OUTLOOK EXPRESS (05/21/03)
  • Re: Flooding Internet Explorer 6.0.2800 (6.x?) security zones ! - UPDATED (05/15/03)
  • SILLY BEHAVIOR Part III : Internet Explorer 5.5 - 6.0 (05/04/03)
  • SILLY BEHAVIOR Part II : Internet Explorer 5.5 - 6.0 (05/01/03)
• Hugo
  • Another ZEUS Server web admin XSS! (05/29/03)
  • Possible XSS on iPlanet Messaging Server (05/27/03)
  • Inktomi Traffic-Server XSS: man-in-the-middle XSS ! (05/14/03)
• ilja van sprundel
  • Re: OpenSSH/PAM timing attack allows remote users identification (05/02/03)
• Ilker Temir
  • Re: Cisco ACL bug when using VPN crypto engine accelerator, PPPoE dialer or ip route-cache (05/15/03)
• Immunix Security Team
  • Immunix Secured OS 7+ fileutils update (05/16/03)
• Intel Nop
  • Dynamic DNS "Spoofing" & IRC (05/01/03)
• Jan Bervar
  • Re: Cisco ACL bug when using VPN crypto engine accelerator (NOT A BUG) (05/15/03)
• Jason Coombs
  • PDF Available: IIS Security and Programming Countermeasures e-book (05/16/03)
• jasonk
  • RE: MDaemon SMTP/POP/IMAP server: =>6.0.7: POP remote DoS (04/30/03)
• Jay D. Thomson
  • RE: PalmOS ICMP flood DoS. (05/19/03)
• je_at_sekure.net
  • New php release with security fixes (05/29/03)
  • Potential security vulnerability in Nessus (05/22/03)
• Jeff Beckley
  • Re: Restricted Zone: the OUTLOOK EXPRESS (05/21/03)
• Jeff Moss
  • Re: Latest MS SQL Server vulnerabilities revealed (04/30/03)
• JeiAr
  • Multiple Vulnerabilities In P-Synch Password Management (05/29/03)
  • PAFileDB SQL Injection Vulnerability & Ratings Cheat Fix (05/30/03)
  • Microsoft IIS Authentication Manager Account Conformation Vuln? (05/03/03)
• jelmer
  • unzip directory traversal revisited (05/10/03)
  • why i love xs4all + mediaplayer thingie (05/08/03)
• Jeremy C. Reed
  • Re: youbin local root exploit + advisory (05/06/03)
• Joachim Stro
  • Re: April appeared to be a month of IE bugs. Here's another one. (05/02/03)
• Joe Testa
  • Re: QuickTime/Darwin Streaming Server security issues (05/23/03)
• Joel Palmius
  • Mod_Survey SYSBASE vulnerability (05/04/03)
• John Morris
  • kermit buffer overflow on hp-ux (05/05/03)
  • rwrite buffer overflow in hp-ux (05/03/03)
• Jordan Wiens
  • Re: CSS found in Movable Type (05/12/03)
  • Re: CSS found in Movable Type (05/12/03)
• Josh Steinhurst
  • Venturi Client 2.1 confirmed as open relay [Verizon Wireless Mobile Office] (05/16/03)
• Jouko Pynnonen
  • Windows Media Player directory traversal vulnerability (05/07/03)
• Julien Lanthea
  • Re: Options Parsing Tool library buffer overflows. (05/23/03)
• Julio Cesar
  • One more flaw in Happymall (05/12/03)
• K-Otik.com
  • BEA WebLogic Server and Express 7.x Passwords Disclosure (05/14/03)
• K. K. Mookhey
  • NII Advisory - Buffer Overflow in Analogx Proxy (05/26/03)
• Karl-Heinz Haag
  • Re: OpenSSH/PAM timing attack allows remote users identification (05/02/03)
• Kee Hinckley
  • Re: CORE-2003-0403: Axis Network Camera HTTP Authentication Bypass (05/28/03)
• Kevin Spett
  • Re: [Full-Disclosure] eBay Security Contact (05/01/03)
• KF
  • SRT2003-05-08-1137 - ListProc mailing list ULISTPROC_UMASK overflow (05/08/03)
• Kier Darby
  • Re: VBulletin Preview Message - XSS Vuln (05/14/03)
• Knud Erik Højgaard
  • Maelstrom Local Buffer Overflow Exploit, FreeBSD 4.8 edition (05/20/03)
  • ltris-and-slashem-tty possible trouble (05/09/03)
  • youbin local root exploit + advisory (05/06/03)
• Ktha
  • uml_net bug (05/24/03)
• Kurt Seifried
  • Re: Demarc Puresecure v1.6 - Plaintext password issue - (05/24/03)
• Larry W. Cashdollar
  • SAP database local root vulnerability during installation. (fwd) (05/07/03)
• Liu Die Yu
  • fake location bar (05/13/03)
• Lorenzo Manuel Hernandez Garcia-Hierro
  • PHP-Nuke module PHP-Banner-Exchange path disclosure (05/18/03)
  • PHP-Nuke Denial of Service attack and more SQL Injections (05/18/03)
  • PHP-Nuke code injection in Yearly Stats at Statistics module (05/17/03)
  • Path Disclosure in Turba of Horde (05/17/03)
• Luca Ercoli
  • Activity Monitor 2002 remote Denial of Service (05/29/03)
  • Maelstrom Buffer Overflow (05/18/03)
• Luke Hutchison
  • gcc (<3.2.3) implicit struct copy exploit (05/29/03)
• Mandrake Linux Security Team
  • MDKSA-2003:062 - Updated cups packages fix Denial of Service vulnerability (05/29/03)
  • MDKSA-2003:060 - Updated LPRng packages fix insecure temporary file vulnerability (05/22/03)
  • MDKSA-2003:061 - Updated gnupg packages fix validation bug (05/22/03)
  • MDKSA-2003:058-1 - Updated cdrecord packages fix local root compromise (05/21/03)
  • MDKSA-2003:059 - Updated lpr packages fix local root vulnerability (05/21/03)
  • MDKSA-2003:058 - Updated cdrecord packages fix local root compromise (05/16/03)
  • MDKSA-2003:056 - Updated xinetd packages fix DoS vulnerability (05/15/03)
  • MDKSA-2003:057 - Updated MySQL packages fix vulnerability (05/15/03)
  • MDKSA-2003:055 - Updated kopete packages fix vulnerability with GnuPG plugin (05/08/03)
• Marc Maiffret
  • RE: Alert: MS03-019, Microsoft... wrong, again. (05/29/03)
• Marc Ruef
  • XMB 1.8 Partagium cross site scripting vulnerability (05/22/03)
• Marc Schoenefeld
  • Opera 7.11 java.util.zip.* Vulnerability (05/11/03)
• Marco Ivaldi
  • Re: OpenSSH/PAM timing attack allows remote users identification (05/05/03)
  • Re: OpenSSH/PAM timing attack allows remote users identification (05/02/03)
  • Re: OpenSSH/PAM timing attack allows remote users identification (05/02/03)
• Marek Bialoglowy
  • Flooding Internet Explorer 6.0.2800 (6.x?) security zones ! - UPDATED (05/13/03)
  • Flooding Internet Explorer 6.0.2800 (6.x?) security zones ! [CRITICAL] (05/08/03)
• Mark Litchfield
  • IIS WEBDAV Denial of Service attacks (05/29/03)
• Markus Kovero
  • Re: Dynamic DNS "Spoofing" & IRC (05/02/03)
• Martin Schulze
  • [SECURITY] [DSA 306-1] New BitchX packages fix DoS and arbitrary code execution (05/19/03)
  • [SECURITY] [DSA 300-1] New Balsa packages fix buffer overflow (05/06/03)
  • [SECURITY] [DSA 298-1] New EPIC4 packages fix DoS and arbitrary code execution (05/02/03)
  • [SECURITY] [DSA 295-1] New pptpd packages fix remote root exploit (04/30/03)
  • [SECURITY] [DSA 296-1] New kdebase packages fix arbitrary command execution (04/30/03)
  • [SECURITY] [DSA 297-1] New snort packages fix remote root exploits (05/01/03)
• Matt Zimmerman
  • [SECURITY] [DSA-307-1] New gps packages fix multiple vulnerabilities (05/29/03)
  • Re: bazarr slocate (05/20/03)
  • [SECURITY] [DSA-304-1] New lv packages fix local privilege escalation (05/16/03)
  • [SECURITY] [DSA-303-1] New mysql packages fix multiple vulnerabilities (05/16/03)
  • [SECURITY] [DSA-305-1] New sendmail packages fix insecure temporary file creation (05/16/03)
  • [SECURITY] [DSA-302-1] New fuzz packages fix buffer overflow (05/07/03)
  • [SECURITY] [DSA-301-1] New libgtop packages fix buffer overflow (05/07/03)
  • [SECURITY] [DSA 299-1] New leksbot packages fix improper setuid-root execution (05/06/03)
• Matthew Murphy
  • eServ Memory Leak Enables Denial of Service Attacks (05/11/03)
• mattmurphy_at_kc.rr.com
  • BadBlue Remote Administrative Interface Access Vulnerability (05/20/03)
  • eServ Memory Leak Solution (05/13/03)
  • eBay Security Contact (05/01/03)
• methodic_at_libpcap.net
  • [AP] Owl Intranet Engine CSS Bug (05/21/03)
• Michael -
  • re:Latest MS SQL Server vulnerabilities revealed (04/30/03)
• Michael Howard
  • Microsoft Solution for Securing Wireless LANs now available (05/16/03)
  • Integer Manipulation Attacks (05/01/03)
• Michael Nelson
  • Re: bazarr CALL POLICE (05/26/03)
• Michael Shigorin
  • Re: OpenSSH/PAM timing attack allows remote users identification (05/02/03)
• Mika Boström
  • Re: bsdbsdftpd-6.0-ssl-0.6.1-1 attack allows remote users identification (05/17/03)
• millhouse_at_dsns.net
  • Re: Multiple Buffer Overflow Vulnerabilities Found in CMailServer 4.0 (05/13/03)
• Mind Warper
  • php-proxima Remote File Access Vulnerability (05/14/03)
• morning_wood
  • PowerLink WAN Aggregator - Vunerability (05/09/03)
  • Privacy Compromise Ifriends Webcam (05/02/03)
• Muhammad Faisal Rauf Danka
  • Hotmail & Passport (.NET Accounts) Vulnerability (05/08/03)
• nesumin
  • Re: Detailed analysis: Buffer overflow in Explorer.exe on Windows XP SP1 (05/14/03)
• NetExpress
  • Re: bsdbsdftpd-6.0-ssl-0.6.1-1 attack allows remote users identification (05/16/03)
  • bsdbsdftpd-6.0-ssl-0.6.1-1 attack allows remote users identification (05/16/03)
• NGSSoftware Insight Security Research
  • Multiple Buffer Overflow Vulnerabilities in SLMail (#NISR07052003A) (05/07/03)
  • Multiple Vulnerabilities in SLWebmail (05/07/03)
• Nicolas Couture
  • Re: OpenSSH/PAM timing attack allows remote users identification (05/01/03)
  • Re: OpenSSH/PAM timing attack allows remote users identification (05/02/03)
• Niels Bakker
  • Re: Dynamic DNS "Spoofing" & IRC (05/02/03)
• northern snowfall
  • [Fwd: 127 Research and Development: 127 Day!] (05/20/03)
• Olivier
  • Cisco ACL bug when using VPN crypto engine accelerator, PPPoE dialer or ip route-cache (05/14/03)
• OpenPKG
  • [OpenPKG-SA-2003.029] OpenPKG Security Advisory (gnupg) (05/16/03)
• Over_G
  • PHP source code injection in BLNews (05/22/03)
  • PHP source code injection in BLNews (05/24/03)
• Paul Szabo
  • Re: Eudora 5.2.1 attachment spoof (05/27/03)
  • Eudora 5.2.1 buffer overflow DoS (05/23/03)
  • Eudora 5.2.1 attachment spoof (05/22/03)
• Pawe³ Goleñ
  • RE: Flooding Internet Explorer 6.0.2800 (6.x?) security zones ! - UPDATED (05/15/03)
• Peter Winter-Smith
  • RE: [VULNERABILITY] PHP 'poster version.two' (05/14/03)
  • [VULNERABILITY] PHP 'poster version.two' (05/14/03)
• phrack staff
  • PHRACK MAGAZINE Call for Papers (#61) (05/29/03)
• pokleyzz
  • Webfroot Shoutbox 2.32 directory traversal and code injection. (05/29/03)
  • Geeklog 1.3.7sr1 and below multiple vulnerabilities. (05/29/03)
  • b2 cafelog 0.6.1 remote command execution. (05/29/03)
• postmaster_at_ytech.co.il
  • Remote PC Access Server 2.2 Vulnerability (05/28/03)
• Qazi Ahmed
  • Multiple Vulnerabilities found in Microsoft .Net Passport Services (05/08/03)
• Randall Gellens
  • Re: Qpopper v4.0.x poppassd local root exploit (04/30/03)
• random nut
  • The PACKET 0' DEATH FastTrack network vulnerability (05/26/03)
• redhat-announce-list-admin_at_redhat.com
  • [RHSA-2003:113-01] Updated mod_auth_any packages available (05/02/03)
• rkc
  • Postnuke: path disclosure (0.7.2.3 and prior) (05/28/03)
• Rob Andrews
  • BitchX: Crash when channel modes change (05/10/03)
• Russ
  • RE: Microsoft IIS Authentication Manager Account Conformation Vuln? (05/06/03)
• Ryan Purita
  • Demarc Puresecure v1.6 - Plaintext password issue - (05/21/03)
• Rynho Zeros Web
  • Re: Lot of SQL injection on PHP-Nuke 6.5 (secure weblog!) (05/13/03)
• S21SEC
  • S21SEC-023 - Vignette multiple Cross Site Scripting vulnerabilities (05/26/03)
  • S21SEC-018 - Vignette memory leak AIX Platform (05/26/03)
  • S21SEC-024 - Vignette TCL Injection (05/26/03)
  • S21SEC-020 - Vignette user enumeration (05/26/03)
  • S21SEC-017 - Vignette /vgn/legacy/save SQL access (05/26/03)
  • S21SEC-019 - Vignette /vgn/style internal information leak (05/26/03)
  • S21SEC-021 - Vignette License access and modification (05/26/03)
  • S21SEC-016 - Vignette SSI Injection (05/26/03)
• Scott A Crosby
  • Algorimic Complexity Attacks (05/29/03)
• ScriptSlave_at_gmx.net
  • More vulnerabilities in ttForum/ttCMS -> SQL injection (05/20/03)
  • Remote code execution in ttCMS <=v2.3 (05/17/03)
  • Re: II-Labs Advisory: Remote code execution in YaBBse 1.5.2 (php version) (05/10/03)
• Secure Net Service(SNS) Security Advisory
  • [SNS Advisory No.64] IP Messenger for Win Buffer Overflow Vulnerability (05/13/03)
• security_at_sco.com
  • Security Update: [CSSA-2003-SCO.9] OpenServer 5.0.5 OpenServer 5.0.6 : Buffer overflows and other security vulnerabilities in Squid (05/27/03)
  • Security Update: [CSSA-2003-021.0] OpenLinux: mgetty caller ID buffer overflow and spool perm vulnerabilities (05/13/03)
  • Security Update: [CSSA-2003-020.0] OpenLinux: kernel kmod/ptrace root exploit (05/12/03)
  • Security Update: [CSSA-2003-017.0] OpenLinux: Various serious Samba vulnerabilities (05/02/03)
  • Security Update: [CSSA-2003-018.0] OpenLinux: file command buffer overflow (05/02/03)
  • Security Update: [CSSA-2003-019.0] OpenLinux: tcp SYN with FIN packets are not discarded (05/05/03)
• SecurityTracker
  • Happymall E-Commerce Remote Command Execution (05/07/03)
• SGI Security Coordinator
  • Security Vulnerabilities in MediaBase Apache and PHP on IRIX (05/19/03)
  • Multiple Security Vulnerabilities in OpenSSL on IRIX 6.5.19 (05/15/03)
• sharpiemarker_at_hushmail.com
  • Snitz Forum 3.3.03 Remote Command Execution (05/12/03)
• Shaun Moore
  • PalmOS ICMP flood DoS. (05/14/03)
• Shiva Persaud
  • Re: Portable OpenSSH: Dangerous AIX linker behavior (aixgcc.adv) (05/01/03)
• silent needel
  • Bandmin 1.4 XSS Exploit (05/28/03)
• Simpelaar, Marco
  • RE: Hersmen Contact (05/19/03)
• Simson L. Garfinkel
  • Problem: Multiple Web Browsers do not do not validate CN on certificates. (05/07/03)
• Sir Mordred
  • nessus NASL scripting engine security issues (05/23/03)
  • QuickTime/Darwin Streaming Server security issues (05/22/03)
• sKyZ
  • Netbus 1.x exploit (05/09/03)
• Slackware Security Team
  • [slackware-security] CUPS DoS vulnerability fixed (SSA:2003-149-01) (05/29/03)
  • [slackware-security] REVISED quotacheck security fix in rc.M (SSA:2003-141-06a) (05/22/03)
  • [slackware-security] REVISED quotacheck security fix in rc.M (SSA:2003-141-06a) (05/22/03)
  • [slackware-security] GnuPG key validation fix (SSA:2003-141-04) (05/22/03)
  • [slackware-security] glibc XDR overflow fix (SSA:2003-141-03) (05/22/03)
  • [slackware-security] EPIC4 security fixes (SSA:2003-141-01) (05/22/03)
  • [slackware-security] BitchX security fixes (SSA:2003-141-02) (05/22/03)
  • [slackware-security] mod_ssl RSA blinding fixes (SSA:2003-141-05) (05/22/03)
  • [slackware-security] quotacheck security fix in rc.M (SSA:2003-141-06) (05/22/03)
• SPI Labs
  • Internet Information Services 5.0 Denial of service (05/28/03)
  • Multiple Vulnerabilities in Sun-One Application Server (05/28/03)
• Stefan Bethke
  • Re: S21SEC-024 - Vignette TCL Injection (05/28/03)
• Stefano Di Paola
  • cdrtools2.0 Format String Vulnerability (05/13/03)
• subj
  • [Drug and Zip] Buffer Overflow (05/12/03)
  • Re: Remote Stack Overflow exploit for Personal FTPD (05/08/03)
  • Remote Stack Overflow exploit for Personal FTPD (05/08/03)
  • Siemens Mobile Phone - Buffer Overflow (05/06/03)
• Thilo Schulz
  • Re: OpenSSH/PAM timing attack allows remote users identification (05/01/03)
• Thomas Biege
  • SuSE Security Announcement: glibc (SuSE-SA:2003:027) (05/27/03)
• Thomas Wouters
  • Re: Dynamic DNS "Spoofing" & IRC (05/02/03)
• Timo Sirainen
  • Buffer overflows in multiple IMAP clients (05/14/03)
• Tom Perrine
  • AIX sendmail open relay (05/13/03)
• Tomasz Grabowski
  • Security advisory: LSF 5.1 local root exploit (05/22/03)
• UkR security team™
  • Some problems in Privatefirewall 3.0 (05/24/03)
• webmaster_at_procheckup.com
  • Phorum Vulnerabilities (05/13/03)
• WiciU
  • A Phorum's bug... (05/09/03)
• wsxz
  • [Priv8security Advisory] Batalla Naval remote overflow (05/26/03)
• Yaroslav Polyakov
  • Commu***tePro 4.0.6 [EXPLOIT] (05/04/03)
• yjm01
  • Cdrecord local root exploit. (05/13/03)

Last message date: 05/30/03
Archived on: 05/30/03 CEST

---

332 messages sorted by: [ date ] [ thread ] [ subject ] [ attachment ]

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > securityfocus  > bugtraq  > 2003-05