SecurityFocus Bugtraq
By Subject

355 messages sorted by: [ author ] [ date ] [ thread ] [ attachment ]

---

Starting: 10/01/03
Ending: 10/31/03

• "Local" and "Remote" considered insufficient
  • Florian Weimer (10/23/03)
  • Eric Knight (10/23/03)
  • Ejovi Nuwere (10/23/03)
  • Steven M. Christey (10/22/03)
• (Fw) : mIRC 6.12 (latest) DCC Exploit
  • K-OTiK Security (10/23/03)
• *ADDENDUM* New AIM Expliot/Worm/Adware-script (realphx.com related)
  • Michael A. Nunes (10/11/03)
• @stake tool announcement: RedFang 2.5: The Bluetooth Hunter
  • Ollie Whitehouse (10/20/03)
• [ANNOUNCE] mod_security 1.7 released
  • Ivan Ristic (10/19/03)
• [CLA-2003:751] Conectiva Security Announcement - openssl
  • Conectiva Updates (09/30/03)
• [CLA-2003:757] Conectiva Security Announcement - vixie-cron
  • Conectiva Updates (10/03/03)
• [CLA-2003:758] Conectiva Security Announcement - vixie-cron
  • Conectiva Updates (10/03/03)
• [CLA-2003:760] Conectiva Security Announcement - mplayer
  • Conectiva Updates (10/06/03)
• [CLA-2003:762] Conectiva Security Announcement - glibc
  • Conectiva Updates (10/14/03)
• [CLA-2003:765] Conectiva Security Announcement - ircd
  • Florian Weimer (10/17/03)
  • Conectiva Updates (10/17/03)
• [CLA-2003:766] Conectiva Security Announcement - gdm
  • Conectiva Updates (10/17/03)
• [CLA-2003:768] Conectiva Security Announcement - fileutils
  • Conectiva Updates (10/22/03)
• [CLA-2003:769] Conectiva Security Announcement - sane
  • Conectiva Updates (10/22/03)
• [CLA-2003:771] Conectiva Security Announcement - anonftp
  • Conectiva Updates (10/24/03)
• [CLA-2003:773] Conectiva Security Announcement - libnids
  • Conectiva Updates (10/29/03)
• [ESA-20031003-028] Potential OpenSSL DoS.
  • EnGarde Secure Linux (10/03/03)
• [Full-Disclosure] [SECURITY] [DSA-393-1] New OpenSSL packages correct denial of service issues
  • debian-security-announce_at_lists.debian.org (10/01/03)
• [LSD] Security vulnerability in SUN's Java Virtual Machine implementation
  • Michael Earls (10/27/03)
  • Marc Schoenefeld (10/27/03)
  • Alla Bezroutchko (10/28/03)
  • Last Stage of Delirium (10/23/03)
• [OpenPKG-SA-2003.045] OpenPKG Security Advisory (ircd)
  • OpenPKG (10/19/03)
• [OpenPKG-SA-2003.046] OpenPKG Security Advisory (apache)
  • OpenPKG (10/28/03)
• [OpenPKG-SA-2003.047] OpenPKG Security Advisory (postgresql)
  • OpenPKG (10/30/03)
• [PAPER] Juggling with packets: floating data storage
  • Brandon Eisenmann (10/10/03)
  • Darren Reed (10/10/03)
  • Aron Nimzovitch (10/09/03)
  • der Mouse (10/08/03)
  • Adeel Hussain (10/09/03)
  • David Heigl (10/08/03)
  • Michal Zalewski (10/08/03)
  • Doug Moen (10/08/03)
  • Eugen Leitl (10/08/03)
  • Michal Zalewski (10/08/03)
  • Michal Zalewski (10/08/03)
  • Valdis.Kletnieks_at_vt.edu (10/08/03)
  • Rick Wash (10/08/03)
  • Nicholas Weaver (10/08/03)
  • Alun Jones (10/08/03)
  • Wojciech Purczynski (10/06/03)
• [RHSA-2003:256-02] Updated Perl packages fix security issues.
  • bugzilla_at_redhat.com (10/03/03)
• [RHSA-2003:278-01] Updated SANE packages fix remote vulnerabilities
  • bugzilla_at_redhat.com (10/07/03)
• [RHSA-2003:281-01] Updated MySQL packages fix vulnerability
  • bugzilla_at_redhat.com (10/09/03)
• [securemac] Local vulnerability: MacOSX Screensaver locking bypass.
  • kang (10/28/03)
• [SECURITY] [DSA 394-1] New openssl095 packages fix denial of service
  • Martin Schulze (10/11/03)
• [SECURITY] [DSA 395-1] New tomcat4 packages fix denial of service
  • Martin Schulze (10/15/03)
• [SECURITY] [DSA 396-1] New thttpd packages fix information leak, DoS and arbitrary code execution
  • Martin Schulze (10/29/03)
• [SECURITY] [DSA-393-1] New OpenSSL packages correct denial of service issues
  • Michael Stone (10/01/03)
• [slackware-security] fetchmail security update (SSA:2003-300-02)
  • Slackware Security Team (10/27/03)
• [slackware-security] gdm security update (SSA:2003-300-01)
  • Slackware Security Team (10/27/03)
• [slackware-security] OpenSSL security update (SSA:2003-273-01)
  • Slackware Security Team (10/01/03)
• a dangerous fast spreading (yet simple) trojan horse (Now IRC.Trojan.Fgt)
  • K-OTiK Security (10/28/03)
• a dangerous fast spreading (yet simple) trojan horse.
  • Craig Holmes (10/27/03)
  • Andreas Reich (10/27/03)
  • Gadi Evron (10/28/03)
• Access Runner DSL Console vulnerability update
  • Chris Norton (10/05/03)
• Adobe SVG Viewer Active Scripting Bypass (GM#002-MC)
  • GreyMagic Software (10/07/03)
• Adobe SVG Viewer Cross Domain and Zone Access (GM#004-MC)
  • GreyMagic Software (10/07/03)
• Adobe SVG Viewer Local and Remote File Reading (GM#003-MC)
  • GreyMagic Software (10/07/03)
• Advanced Poll : PHP Code Injection, File Include, Phpinfo
  • Frog Man (10/25/03)
• Advisory: Sun's jre/jdk 1.4.2 multiple vulernabilities in linux installers
  • Stan Bubrouski (10/31/03)
• Bad news on RPC DCOM vulnerability
  • Terence Runge (10/12/03)
  • Terence Runge (10/12/03)
  • K-OTiK Security (10/10/03)
  • VigilantMinds Security Operations Center (10/11/03)
  • 3APA3A (10/10/03)
• Betr.: IE 6 XML Patch Bypass
  • Philip Wagenaar (10/08/03)
• buffer overflow in IRCD software
  • Piotr KUCHARSKI (10/12/03)
• Buffer Overflow in Yahoo messenger Client
  • Hat-Squad Security Team (10/26/03)
• ByteHoard Directory Traversal Vulnerability
  • Sintelli SINTRAQ (10/19/03)
• Cafelog WordPress / b2 SQL injection vulnerabilities discovered and fixed in CVS
  • Seth Woolley (10/03/03)
• CensorNet: Cross Site Scripting Vulnerability
  • Richard Maudsley (10/27/03)
  • Dan Searle (10/27/03)
  • Richard Maudsley (10/22/03)
• Cisco 6509 switch telnet vulnerability
  • twig les (10/05/03)
  • Bob Niederman (10/04/03)
  • Wendy Garvin (10/04/03)
  • Chris Norton (10/03/03)
• Cisco LEAP Insecurities + POC
  • evol_at_ruiner.halo.nu (10/03/03)
• Cisco Security Advisory: SSL Implementation Vulnerabilities
  • Cisco Systems Product Security Incident Response Team (10/01/03)
• Class-action suit points to Microsoft security flaws
  • Richard M. Smith (10/02/03)
• Cobalt RaQ Control Panel Cross Site Scripting
  • Steve Manzuik (10/05/03)
  • Lorenzo Hernandez Garcia-Hierro (10/04/03)
• ColdFusion SQL Error Pages XSS
  • Lorenzo Hernandez Garcia-Hierro (10/15/03)
• Concern about Checkpoint and SSL Vulnerability
  • seeker_at_hush.ai (10/10/03)
• Conexant Access Runner DSL Console login bypass vulnerability
  • Chris Norton (10/04/03)
• Console Root On OSX up to 10.2.8
  • Jason Storm (10/31/03)
• Corsaire Security Advisory: BEA Tuxedo Administration CGI multiple argument issues
  • advisories (10/31/03)
• Corsaire Security Advisory: BEA WebLogic example InteractiveQuery.jsp XSS issue
  • advisories (10/31/03)
• Cross Site Java applets
  • Marc Schoenefeld (10/20/03)
• Cross-Site Scripting Vulnerability in Wrensoft Zoom Search Engine
  • Sintelli SINTRAQ (10/14/03)
• CSS Vulnerability in Bajie HTTP JServer
  • Oliver Karow (10/16/03)
• Dansie Shopping Cart Discloses Installation Path to Remote Users
  • Dr`Ponidi Haryanto (10/26/03)
• DCP Portal - 5.5 holes
  • Lifo Fifo (10/01/03)
• Dictionary attack against Cisco's LEAP, Wireless LANs vulnerable
  • Michael Renzmann (10/03/03)
• Divine OpenMarket Content Server XSS
  • Valgasu (10/03/03)
• DoS in Plug and Play Web Server Proxy Server
  • Oliver Karow (10/31/03)
• E107 DoS vulnerability
  • Blademaster (10/29/03)
• EartStation 5 P2P application contains malicious code
  • random nut (10/03/03)
• EMML, EMGB : Include() hole
  • Frog Man (10/04/03)
• eMule 2.2 [0.29c] - Web Control Panel - DOS(Denial Of Service)
  • The-Insider (10/19/03)
• exploiting fortigate firewall through webinterface
  • Maarten Hartsuijker (10/02/03)
• Fastream NetFile FTP/WebServer 6.0 CSS Vulnerability
  • Oliver Karow (10/28/03)
• Few issues previously unpublished in English
  • 3APA3A (10/15/03)
• Finjan Software Discovers a New Critical Vulnerability In Microsoft Hotmail
  • Menashe Eliezer (10/15/03)
• FirstClass 7.1 HTTP Server: Remote Directory Listing
  • Graham Morley (10/30/03)
  • Richard Maudsley (10/28/03)
• Free OverflowGuard Personal Edition Released
  • Paul Webster (10/03/03)
• FreeBSD Security Advisory FreeBSD-SA-03:15.openssh
  • FreeBSD Security Advisories (10/05/03)
• FreeBSD Security Advisory FreeBSD-SA-03:16.filedesc
  • FreeBSD Security Advisories (10/02/03)
• FreeBSD Security Advisory FreeBSD-SA-03:17.procfs
  • FreeBSD Security Advisories (10/03/03)
• FreeBSD Security Advisory FreeBSD-SA-03:18.openssl
  • FreeBSD Security Advisories (10/04/03)
• Gaim festival plugin exploit
  • Randal L. Schwartz (10/20/03)
  • HCTITS Security Division (10/18/03)
  • Cael Abal (10/18/03)
  • error (10/15/03)
• Gallery 1.4 including file vulnerability
  • Bharat Mediratta (10/12/03)
  • Brent Meshier (10/11/03)
  • Peter (10/11/03)
• Gast Arbeiter Privilege Escalation
  • natok_at_hush.com (10/21/03)
• Geeklog exploit
  • Jouko Pynnonen (10/19/03)
• Get admin level on Goldlink script v3.0
  • Weke (10/18/03)
• GLSA: apache (200310-04)
  • Rajiv Aaron Manglani (10/31/03)
• GLSA: cfengine (200310-02)
  • Kurt Lieber (10/05/03)
• GLSA: openssl (200309-19)
  • Daniel Ahlberg (10/01/03)
• GuppY : XSS, Files Reading/Writing
  • Frog Man (10/05/03)
• Half-Life 2 source code stolen through IE exploit
  • jelmer (10/03/03)
  • spackard_at_fastlink.com (10/03/03)
  • Mattox, Norman (10/03/03)
  • Thor Larholm (10/03/03)
  • Thor Larholm (10/03/03)
  • Thor Larholm (10/03/03)
• HPUX dtprintinfo buffer overflow vulnerability
  • Davide Del Vecchio (10/08/03)
• HTML Help API - Privilege Escalation
  • Brett Moore (10/24/03)
• I have fixes for the Geeklog vulnerabilities
  • Chris.Kulish_at_us.ing.com (10/08/03)
  • jelmer (10/08/03)
  • Dirk Haun (10/05/03)
• IE 6 XML Patch Bypass
  • GreyMagic Software (10/08/03)
  • Mindwarper * (10/07/03)
• IE bug: loading HTML under a graphic file name - summary
  • Gadi Evron (10/31/03)
• IE remote code execution
  • Thor Larholm (10/20/03)
  • Jouko Pynnonen (10/20/03)
  • K-OTiK Security (10/20/03)
  • Marcin Ulikowski (10/19/03)
• IE6 & Java 1.4.2_02 applet: Hardware stress on floppy drive
  • Marc Schoenefeld (10/21/03)
• IE6 CSS-Crash
  • xenophi1e (10/22/03)
  • Andreas Boeckler (10/22/03)
• Immunix Secured OS 7+ apache update
  • Immunix Security Team (10/29/03)
• Immunix Secured OS 7+ fetchmail update
  • Immunix Security Team (10/20/03)
• Internet Explorer and Opera local zone restriction bypass
  • Paul Szabo (10/31/03)
  • Thor Larholm (10/30/03)
  • Paul Szabo (10/30/03)
  • Francis Favorini (10/30/03)
  • william schulze (10/30/03)
  • Bipin Gautam hUNT3R (10/28/03)
  • jelmer (10/28/03)
  • Thor Larholm (10/28/03)
  • Andreas Sandblad (10/27/03)
  • Andreas Sandblad (10/26/03)
  • Heikki Toivonen (10/27/03)
  • Paul Szabo (10/25/03)
  • Mohsen Hariri (10/26/03)
  • jelmer (10/25/03)
  • Mindwarper * (10/25/03)
  • Thor Larholm (10/25/03)
  • Jort Slobbe (10/24/03)
  • Mindwarper * (10/24/03)
• IRM 008: Citrix Metaframe XP is vulnerable to Cross Site Scripting
  • IRM Advisories (10/31/03)
• Is it safe yet?
  • HCTITS Security Division (10/02/03)
• JAP Wins Court Victory
  • Tarapia Tapioco (10/20/03)
• Java 1.4.2_02 InsecurityManager JVM crash
  • Marc Schoenefeld (10/27/03)
  • Francisco Andrades (10/27/03)
  • Marc Schoenefeld (10/26/03)
• JBoss 3.2.1: Remote Command Injection
  • Marc Schoenefeld (10/05/03)
• JS/HTML code injection in File-Sharing for NET v1.5 and Forums Web Server v1.5
  • Q?=nimberQ=20?= (10/06/03)
• Les Visiteurs v2.0.1 code injection vulnerability
  • Matthieu Peschaud (10/26/03)
• Libnids <= 1.17 buffer overflow
  • Rafal Wojtczuk (10/27/03)
• LinkSys EtherFast Router Denial of Service Attack
  • DigitalPranksters (10/15/03)
• Listbox And Combobox Control Buffer Overflow
  • Brett Moore (10/16/03)
• Local root exploit in SuSE Linux 7.3Pro
  • Stefan Nordhausen (10/06/03)
• Local root exploit in SuSE Linux 8.2Pro
  • Roman Drahtmueller (10/06/03)
  • Stefan Nordhausen (10/06/03)
• Local root vuln in kpopup
  • b0f www.b0f.net (10/28/03)
• Local stackbased overflow found for silly Poker v0.25.5 (advisory + poc exploit)
  • steve_at_uk.intasys.com (10/01/03)
  • demz (10/01/03)
• Mac OS X Arbitrary File Overwrite via Core Files
  • _at_stake Advisories (10/28/03)
• Mac OS X Long argv[] buffer overflow
  • _at_stake Advisories (10/28/03)
• Mac OS X Systemic Insecure File Permissions
  • _at_stake Advisories (10/28/03)
• Mac OS X vulnerabilities
  • Adam Shostack (10/31/03)
  • Lyndon Nerenberg (10/30/03)
  • gabriel rosenkoetter (10/30/03)
  • gabriel rosenkoetter (10/30/03)
  • Mike Stark (10/30/03)
  • Radoslav Dejanovic (10/30/03)
  • James Kelly (10/30/03)
  • Joshua Levitsky (10/29/03)
  • Thor Larholm (10/28/03)
• Mac OS X vulnerabilities ['Virus checked"]
  • Kurt Harvey (10/30/03)
  • Chris Wysopal (10/29/03)
  • Ragnar Sundblad (10/29/03)
  • Adam Shostack (10/29/03)
  • Steve Clement (10/29/03)
  • graham.coles_at_retail-logic.com (10/29/03)
  • graham.coles_at_retail-logic.com (10/29/03)
  • Thor Larholm (10/29/03)
• Macos 10.2.8
  • Adam Shostack (10/31/03)
• mah-jong[v1.4]: server/client remote buffer overflow exploit.
  • Vade 79 (10/22/03)
• MDKSA-2003:096-1 - Updated apache2 packages fix CGI scripting deadlock
  • Mandrake Linux Security Team (10/25/03)
• MDKSA-2003:097 - Updated mplayer packages fix buffer overflow vulnerability
  • Mandrake Linux Security Team (09/30/03)
• MDKSA-2003:098 - Updated openssl packages fix vulnerabilities
  • Mandrake Linux Security Team (10/01/03)
• MDKSA-2003:099 - Updated sane packages fix remote vulnerabilities
  • Mandrake Linux Security Team (10/10/03)
• MDKSA-2003:100 - Updated gdm packages fix local vulnerabilities
  • Mandrake Linux Security Team (10/17/03)
  • Mandrake Linux Security Team (10/17/03)
• MDKSA-2003:101 - Updated fetchmail packages fix DoS vulnerability
  • Mandrake Linux Security Team (10/17/03)
  • Mandrake Linux Security Team (10/17/03)
• Medieval Total War <= 1.1 broadcast Connection expired
  • Luigi Auriemma (10/07/03)
• Medieval Total War <= 1.1 broadcast crash
  • Luigi Auriemma (10/07/03)
• Microsoft got it wrong
  • T.A. Adjuster (10/16/03)
  • Richard M. Smith (10/15/03)
• Microsoft PCHealth 2003/XP Buffer Overflow (#NISR15102003)
  • NGSSoftware Insight Security Research (10/16/03)
• Microsoft Windows Security Bulletin Summary October
  • Thor Larholm (10/16/03)
  • Giovanni Campagnoli (10/15/03)
• Microsoft Windows Server 2003 "Shell Folders" Directory Traversal Vulnerability
  • Eiji James Yoshida (10/08/03)
• Mimail.C
  • Alan (10/31/03)
• Minihttpserver File-Sharing for NET Directory Traversal Vulnerability
  • Bahaa Naamneh (10/03/03)
• mod_security 1.7RC1 to 1.7.1 vulnerability
  • Adam Dyga (10/28/03)
• MOSDEF Initial Release
  • dave_at_immunitysec.com (10/02/03)
• MS03-046 Microsoft Exchange 2000 Heap Overflow
  • H D Moore (10/22/03)
• Multiple Heap Overflows in FTP Desktop
  • Vlad M (10/18/03)
• Multiple SQL Injection Vulnerabilities in DeskPRO
  • Aviram Jenik (10/20/03)
• Multiple Vulnerabilities in Led-Forums
  • ProXy - (10/30/03)
• Multiple vulnerabilities in WinShadow
  • Bahaa Naamneh (10/01/03)
• Musicqueue multiple local vulnerabilities
  • dong-h0un U (10/27/03)
• myPHPCalendar : Informations Disclosure, File Include
  • Frog Man (10/12/03)
• Nachi/Welchia/LovSan.D version 2 appears to be spreading
  • Peter Kieser (10/28/03)
  • Young, Keith (10/27/03)
• NetBSD Security Advisory 2003-015: Remote and local vulnerabilities in XFree86 font libraries
  • NetBSD Security Officer (10/09/03)
• NetBSD Security Advisory 2003-016: Sendmail - another prescan() bug CAN-2003-0694
  • NetBSD Security Officer (10/09/03)
• NetBSD Security Advisory 2003-017: OpenSSL multiple vulnerabilities
  • NetBSD Security Officer (10/09/03)
• New AIM Expliot/Worm/Adware-script (realphx.com related)
  • Thor Larholm (10/11/03)
  • Michael A. Nunes (10/11/03)
• New FAQ on worm/worm containment
  • Stuart Staniford (10/07/03)
• New IE crash: CSS + HTML
  • Paul Szabo (10/05/03)
  • Sherlock (10/04/03)
  • Russ Uhte (Lists) (10/03/03)
  • Robert Ahnemann (10/03/03)
  • Drew Copley (10/03/03)
  • Brian Paulson (10/03/03)
  • arachnid__notdot_net_at_meta.net.nz (10/03/03)
• New OpenSSL remote vulnerability (issue date 2003/10/02)
  • Patrik Hornik (10/02/03)
• New Tool: MetaCoretex (DB Security Scanner)
  • visigoth (10/02/03)
• New Vulnerability
  • Joshua P. Miller (10/26/03)
• Norton Internet Security 2003 XSS
  • DigitalPranksters (10/27/03)
• Norton Internet Security Blocked Sites XSS
  • Sym Security (10/28/03)
• OpenLinux: wu-ftpd fb_realpath() off-by-one bug
  • security_at_sco.com (10/04/03)
• Openoffice 1.1.0 DoS
  • Marc Schoenefeld (10/08/03)
• OpenServer 5.0.5 : Insecure creation of files in /tmp
  • security_at_sco.com (10/21/03)
• OpenServer 5.0.7 : OpenSSH: multiple buffer handling problems
  • security_at_sco.com (10/02/03)
• OpenServer 5.0.7 OpenServer 5.0.6 OpenServer 5.0.5 : Multiple security vulnerabilities in Xsco
  • security_at_sco.com (10/16/03)
• OpenSSL
  • Ed Reed (10/01/03)
• OpenSSL - revised url
  • Ed Reed (10/01/03)
• Opera HREF escaped server name overflow
  • _at_stake Advisories (10/20/03)
• Origo ASR-8100 ADSL router remote factory reset
  • Theo Markettos (10/12/03)
• patch for vulnerability in cgiemail
  • Matt Riffle (10/03/03)
• PeopleSoft <Control><J> Information Disclosure
  • info_at_i-assure.com (10/07/03)
• PeopleSoft <LONGCHAR >and <VARCHAR> Data Upload
  • info_at_i-assure.com (10/07/03)
• PeopleSoft Grid Option Vulnerability
  • info_at_i-assure.com (10/07/03)
• PHP-Nuke Path Disclosure Vulnerability
  • Bahaa Naamneh (10/18/03)
• PHP-Nuke SQL Injection
  • 3APA3A (10/08/03)
  • mod (10/08/03)
• PHP-Nuke v 6.7 + Windows = File Upload
  • Frog Man (10/04/03)
• PINE-CERT-20030901: Integer Overflow in FreeBSD Kernel [fhold]
  • Joost Pol (10/02/03)
• PINE-CERT-20030902: Integer Overflow in FreeBSD Kernel [uio]
  • Joost Pol (10/02/03)
• possible issue with IPv4 mapped address and $REMOTE_ADDR in CGI
  • Colm MacCarthaigh (10/29/03)
  • der Mouse (10/29/03)
  • Colm MacCarthaigh (10/29/03)
  • itojun_at_iijlab.net (10/29/03)
• Process Killing - Playing with PostThreadMessage
  • Maxime Ducharme (10/03/03)
  • Vitor Ventura (10/03/03)
  • Thor Larholm (10/02/03)
  • Brett Moore (10/02/03)
• Proof of concept for Windows Messenger Service overflow
  • Q?=Hanabishi ReccaQ=20?= (10/18/03)
• ptl-2003-01: IBM DB2 LOAD Command Stack Overflow Vulnerability
  • Pentest Security Advisories (10/01/03)
• ptl-2003-02: IBM DB2 INVOKE Command Stack Overflow Vulnerability
  • Pentest Security Advisories (10/01/03)
• Redirection and refresh parses local file
  • Liu Die Yu (10/31/03)
• Remote overflow in thttpd
  • advisories(-at-)texonet.com (10/27/03)
• Remote root exploit for proftpd \n bug
  • Carl Livitt (10/13/03)
• Root Directory Listing on RH default apache
  • Stephen Samuel (10/28/03)
  • tfm_at_tfm.org (10/27/03)
• SA-20031006 slocate buffer overflow - exploitation proof
  • Patrik Hornik (10/11/03)
• SA-20031006 slocate vulnerability
  • Patrik Hornik (10/06/03)
• Serious Sam is not so serious
  • Luigi Auriemma (10/30/03)
• SGI Advanced Linux Environment security update #2
  • SGI Security Coordinator (10/27/03)
• SGI Advanced Linux Environment security update #3
  • SGI Security Coordinator (10/27/03)
• SGI Advanced Linux Environment security update #4
  • SGI Security Coordinator (10/27/03)
• sh-httpd `wildcard character' vulnerability
  • Richard Brittain (10/28/03)
  • dong-h0un U (10/27/03)
• Shatter XP
  • xenophi1e (10/23/03)
• Shattering By Example
  • Brett Moore (10/10/03)
• SiteKiosk terminal software
  • Godwin Stewart (10/25/03)
  • Zrekam (10/24/03)
• SNAP Innovation's PrimeBase Database 4.2 poor default file permissions.
  • Larry W. Cashdollar (10/05/03)
• Some serious security holes in 'The Bat!'
  • Bipin Gautam hUNT3R (10/25/03)
• SQL Injection Vulnerability in FuzzyMonkey MyClassifieds SQL Version
  • Sintelli SINTRAQ (10/21/03)
• SSGbook (ASP)
  • Terry Bankert (10/01/03)
• STG Security Advisory: [SSA-20031025-05] InfronTech WebTide 7.04 Directory and File Disclosure Vulnerability
  • advisory_at_stgsecurity.com (10/29/03)
• SuSE Security Announcement: lsh (SuSE-SA:2003:041)
  • Sebastian Krahmer (10/01/03)
• SuSE Security Announcement: mysql (SuSE-SA:2003:042)
  • Sebastian Krahmer (10/01/03)
• SuSE Security Announcement: openssl (SuSE-SA:2003:043)
  • Thomas Biege (10/01/03)
• SUSE Security Announcement: thttpd (SuSE-SA:2003:044)
  • Thomas Biege (10/31/03)
• TelCondex SimpleWebserver Buffer Overflow
  • Oliver Karow (10/29/03)
• The joys of impurity (was: MOSDEF, InlineEgg)
  • dave_at_immunitysec.com (10/07/03)
  • Alexander E. Cuttergo (10/06/03)
• Tool Release: Xprobe2 0.2
  • Ofir Arkin (10/13/03)
• TRACKtheCLICK Script Injection Vulnerabilities
  • BrainRawt (10/11/03)
• TSLSA-2003-0001 - openssl
  • Tawie Security Advisor (10/02/03)
• TSLSA-2003-0003 - openssl
  • Tawie Security Advisor (10/03/03)
• UK's Internet Infrastructure Open to Prying Eyes
  • root_at_networkpenetration.com (10/14/03)
• UnixWare 7.1.3 Open UNIX 8.0.0 UnixWare 7.1.1 : OpenSSL Multiple Vulnerabilities
  • security_at_sco.com (10/02/03)
• Unpatched Internet Explorer Bugs
  • Liu Die Yu (10/20/03)
• Update JBoss 308 & 321: Remote Command Injection
  • Marc Schoenefeld (10/06/03)
• Verisign fighting back at ICANN
  • Thor Larholm (10/05/03)
• Virginity Security Advisory 2003-002 : Tritanium Bulletin Board - Read and write from/to internal (protected) Threads
  • Virginity Security (10/31/03)
• Visualroute Server - reverse tracerouting
  • morning_wood (10/02/03)
• VMware GSX Server and ESX Server OpenSSL vulnerability patches
  • VMware (10/31/03)
• VMWare GSX Server Authentication Server Buffer Overflow Vulnerability - Update
  • Darryl Swofford (10/31/03)
• Vulnerabilities in Easy File Sharing Web Server (1.2 NEW).
  • Q?=nimberQ=20?= (10/04/03)
• Vulnerability in Exchange Server 5.5 Outlook Web Access Could Allow Cross-Site Scripting Attack (Microsoft Security Bulletin MS03-047)
  • Ory Segal (10/16/03)
• Weaknesses in LEAP Challenge/Response
  • Sharad Ahlawat (10/07/03)
  • Joshua Wright (10/06/03)
• Web Wiz Forums ver. 7.01
  • bruce_at_webwizguide.info (10/22/03)
  • HEX (10/21/03)
• Webmails + Internet Explorer can create unwanted javascript execution
  • Jedi/Sector One (10/03/03)
  • Drew Copley (10/03/03)
  • Jason Munro (10/03/03)
  • Jedi/Sector One (10/02/03)
• What software breaks because of this DNS feature?
  • Kevin George (10/14/03)
  • Rob Mayoff (10/14/03)
  • Michael Wojcik (10/14/03)
  • Michael Sierchio (10/14/03)
  • Richard M. Smith (10/13/03)
• Wildcard exportfs issue in NFS on IRIX
  • SGI Security Coordinator (10/28/03)
• WU-FTPD 2.6.2 Freezer
  • Seth Arnold (10/31/03)
  • Angelo Rosiello (10/31/03)
• XLS Attack on AES (Rijndael)
  • Christian Ruediger Bahls (10/25/03)
  • Michael Sierchio (10/24/03)
  • latte1_at_hushmail.com (10/24/03)
• ZH2003-28SA (security advisory): file inclusion vulnerability in PayPal Store Front
  • Astharot (10/08/03)
• ZH2003-31SA (security advisory): file inclusion vulnerability in cpCommerce
  • Astharot (10/19/03)
• ZH2003-3SP (security patch): multiple vulnerabilities in mod_gzip 1.3.x debug mode
  • Astharot (10/07/03)

Last message date: 10/31/03
Archived on: 10/31/03 CET

---

355 messages sorted by: [ author ] [ date ] [ thread ] [ attachment ]

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > securityfocus  > bugtraq  > 2003-10