SecurityFocus Bugtraq
By Subject

392 messages sorted by: [ author ] [ date ] [ thread ] [ attachment ]

---

Starting: 04/01/04
Ending: 04/30/04

• "Delete anti-virus and firewall software" --Microsoft
  • Thor Larholm (04/16/04)
  • Kim Scarborough (04/16/04)
• 3com NBX VOIP NetSet Denial of Service Attack
  • Michael Scheidell (04/29/04)
• [ GLSA 200404-01 ] Insecure sandbox temporary lockfile vulnerabilities in Portage
  • Tim Yamin (04/06/04)
• [ GLSA 200404-02 ] KDE Personal Information Management Suite Remote Buffer Overflow Vulnerability
  • Aida Escriva-Sammer (04/06/04)
• [ GLSA 200404-03 ] Tcpdump Vulnerabilities in ISAKMP Parsing
  • Joshua J. Berry (04/06/04)
• [ GLSA 200404-04 ] Multiple vulnerabilities in sysstat
  • Kurt Lieber (04/07/04)
• [ GLSA 200404-05 ] ipsec-tools contains an X.509 certificates vulnerability
  • Kurt Lieber (04/07/04)
• [ GLSA 200404-06 ] Util-linux login may leak sensitive data
  • Kurt Lieber (04/07/04)
• [ GLSA 200404-07 ] ClamAV RAR Archive Remote Denial Of Service Vulnerability
  • Kurt Lieber (04/07/04)
• [ GLSA 200404-08 ] GNU Automake symbolic link vulnerability
  • Kurt Lieber (04/08/04)
• [ GLSA 200404-09 ] Cross-realm trust vulnerability in Heimdal
  • Kurt Lieber (04/09/04)
• [ GLSA 200404-11 ] Multiple Vulnerabilities in pwlib
  • Aida Escriva-Sammer (04/09/04)
• [ GLSA 200404-12 ] Scorched 3D server chat box format string vulnerability
  • Kurt Lieber (04/09/04)
• [ GLSA 200404-14 ] Multiple format string vulnerabilities in cadaver
  • Kurt Lieber (04/19/04)
• [ GLSA 200404-15 ] XChat 2.0.x SOCKS5 Vulnerability
  • Kurt Lieber (04/19/04)
• [ GLSA 200404-16 ] Multiple new security vulnerabilities in monit
  • Kurt Lieber (04/19/04)
• [ GLSA 200404-17 ] ipsec-tools and iputils contain a remote DoS vulnerability
  • Kurt Lieber (04/24/04)
• [ GLSA 200404-18 ] Multiple Vulnerabilities in ssmtp
  • Joshua J. Berry (04/27/04)
• [ GLSA 200404-19 ] Buffer overflows and format string
  • Joshua J. Berry (04/27/04)
• [ GLSA 200404-20 ] Multiple vulnerabilities in xine
  • Joshua J. Berry (04/27/04)
• [ GLSA 200404-21 ] Multiple Vulnerabilities in Samba
  • Joshua J. Berry (04/29/04)
• [AppSec-research] New Worm/Virus April 8th
  • Polazzo Justin (04/08/04)
• [BUG-CORRECTION] IISShield "Server" header costumization
  • Tiago Halm (04/17/04)
• [CLA-2004:834] Conectiva Security Announcement - openssl
  • Conectiva Updates (03/31/04)
• [CLA-2004:835] Conectiva Security Announcement - ethereal
  • Conectiva Updates (03/31/04)
• [CLA-2004:836] Conectiva Security Announcement - libxml2
  • Conectiva Updates (03/31/04)
• [CLA-2004:837] Conectiva Security Announcement - mod_python
  • Conectiva Updates (04/12/04)
• [CLA-2004:838] Conectiva Security Announcement - squid
  • Conectiva Updates (04/12/04)
• [cliph@isec.pl: Linux kernel setsockopt MCAST_MSFILTER integer overflow]
  • David Ahmad (04/20/04)
• [ESA-20040428-004] 'kernel' Several security and bug fixes
  • EnGarde Secure Linux (04/28/04)
• [Full-Disclosure] EEYE: Symantec Multiple Firewall TCP Options Denial of Service
  • Sym Security (04/23/04)
• [Full-Disclosure] iDEFENSE Security Advisory 04.05.04: Perl win32_stat Function Buffer Overflow Vulnerability
  • idlabs-advisories_at_idefense.com (04/05/04)
• [Full-Disclosure] iDEFENSE Security Advisory 04.15.04: RealNetworks Helix Universal Server Denial of Service Vulnerability
  • idlabs-advisories_at_idefense.com (04/15/04)
• [Full-Disclosure] Microsoft's Explorer and Internet Explorer long share name buffer overflow.
  • 3APA3A (04/29/04)
  • Bryce Porter (04/28/04)
  • KF (lists) (04/27/04)
• [HOTFIX] setsockopt kernel vulnerability
  • nolife (04/26/04)
• [OpenPKG-SA-2004.008] OpenPKG Security Advisory (squid)
  • OpenPKG (04/01/04)
• [OpenPKG-SA-2004.009] OpenPKG Security Advisory (mc)
  • OpenPKG (04/05/04)
• [OpenPKG-SA-2004.010] OpenPKG Security Advisory (tcpdump)
  • OpenPKG (04/07/04)
• [OpenPKG-SA-2004.011] OpenPKG Security Advisory (sharutils)
  • OpenPKG (04/07/04)
• [OpenPKG-SA-2004.012] OpenPKG Security Advisory (fetchmail)
  • OpenPKG (04/08/04)
• [OpenPKG-SA-2004.014] OpenPKG Security Advisory (mysql)
  • OpenPKG (04/14/04)
• [OpenPKG-SA-2004.015] OpenPKG Security Advisory (ethereal)
  • OpenPKG (04/16/04)
• [OpenPKG-SA-2004.016] OpenPKG Security Advisory (neon)
  • OpenPKG (04/16/04)
• [OpenPKG-SA-2004.017] OpenPKG Security Advisory (png)
  • OpenPKG (04/29/04)
• [OpenPKG-SA-2004.018] OpenPKG Security Advisory (proftpd)
  • OpenPKG (04/30/04)
• [PNSA 2004-2] PostNuke Security Advisory PNSA 2004-2
  • Valerio Santinelli (04/21/04)
• [product-security@apple.com: APPLE-SA-2004-04-05 Security Update 2004-04-05]]
  • David Ahmad (04/06/04)
• [RHSA-2004:159-01] Updated Subversion packages fix security vulnerability in neon
  • bugzilla_at_redhat.com (04/15/04)
• [RHSA-2004:163-01] Updated OpenOffice packages fix security vulnerability in neon
  • bugzilla_at_redhat.com (04/30/04)
• [RHSA-2004:166-01] Updated kernel packages resolve security vulnerabilities
  • bugzilla_at_redhat.com (04/21/04)
• [RHSA-2004:173-00] Updated mc packages resolve several vulnerabilities
  • bugzilla_at_redhat.com (04/30/04)
• [RHSA-2004:175-01] Updated utempter package fixes vulnerability
  • bugzilla_at_redhat.com (04/30/04)
• [RHSA-2004:177-01] An updated X-Chat package fixes vulnerability in Socks-5 proxy
  • bugzilla_at_redhat.com (04/30/04)
• [RHSA-2004:179-01] An updated LHA package fixes security vulnerabilities
  • bugzilla_at_redhat.com (04/30/04)
• [RHSA-2004:181-01] Updated libpng packages fix crash
  • bugzilla_at_redhat.com (04/30/04)
• [RHSA-2004:182-01] Updated httpd packages fix mod_ssl security issue
  • bugzilla_at_redhat.com (04/30/04)
• [SCSA-028] Nuked-Klan Multiple Vulnerabilities
  • advisory_at_security-corporation.com (04/17/04)
• [SECURITY] [DSA 431-2] New perl packages fix information leak in suidperl
  • Matt Zimmerman (04/17/04)
• [SECURITY] [DSA 460-2] New sysstat packages fix insecure temporary file creation
  • Matt Zimmerman (04/04/04)
• [SECURITY] [DSA 470-1] New Linux 2.4.17 packages fix several local root exploits (hppa)
  • Martin Schulze (04/01/04)
• [SECURITY] [DSA 471-1] New interchange packages fix information leak
  • Martin Schulze (04/02/04)
• [SECURITY] [DSA 472-1] New fte packages fix buffer overflows
  • Matt Zimmerman (04/04/04)
• [SECURITY] [DSA 473-1] New oftpd packages fix denial of service
  • Matt Zimmerman (04/04/04)
• [SECURITY] [DSA 474-1] New squid packages fix ACL bypass
  • Matt Zimmerman (04/04/04)
• [SECURITY] [DSA 475-1] New Linux 2.4.18 packages fix several local root exploits (hppa)
  • Martin Schulze (04/05/04)
• [SECURITY] [DSA 476-1] New heimdal packages fix cross-realm vulnerability
  • Matt Zimmerman (04/06/04)
• [SECURITY] [DSA 477-1] New xine-ui packages fix insecure temporary file creation
  • Martin Schulze (04/06/04)
• [SECURITY] [DSA 478-1] New tcpdump packages fix denial of service
  • Matt Zimmerman (04/07/04)
• [SECURITY] [DSA 479-2] New Linux 2.4.18 packages fix local root exploit (i386)
  • Martin Schulze (04/14/04)
• [SECURITY] [DSA 486-1] New cvs packages fix multiple vulnerabilities
  • Matt Zimmerman (04/17/04)
• [SECURITY] [DSA 487-1] New neon packages fix format string vulnerabilities
  • Matt Zimmerman (04/17/04)
• [SECURITY] [DSA 488-1] New logcheck packages fix insecure temporary directory
  • Matt Zimmerman (04/17/04)
• [SECURITY] [DSA 489-1] New Linux 2.4.17 packages fix local root exploit (mips+mipsel)
  • Martin Schulze (04/17/04)
• [SECURITY] [DSA 490-1] New Zope packages fix arbitrary code execution
  • Martin Schulze (04/17/04)
• [SECURITY] [DSA 491-1] New Linux 2.4.19 packages fix local root exploit (mips)
  • Martin Schulze (04/17/04)
• [SECURITY] [DSA 492-1] New iproute packages fix denial of service
  • Matt Zimmerman (04/19/04)
• [SECURITY] [DSA 493-1] New xchat packages fix arbitrary code execution
  • Martin Schulze (04/21/04)
• [SECURITY] [DSA 495-1] New Linux 2.4.16 packages fix local root exploit (arm)
  • Martin Schulze (04/26/04)
• [SECURITY] [DSA 496-1] New eterm packages fix indirect arbitrary command execution
  • Martin Schulze (04/29/04)
• [SECURITY] [DSA 497-1] New mc packages fix several vulnerabilities
  • Martin Schulze (04/29/04)
• [SECURITY] [DSA 498-1] New libpng packages fix denial of service
  • Martin Schulze (04/30/04)
• [securityzone@macromedia.com: New Macromedia Security Zone Bulletin Posted]
  • David Ahmad (04/16/04)
  • David Ahmad (04/03/04)
• [slackware-security] cvs security update (SSA:2004-108-02)
  • Slackware Security Team (04/19/04)
• [slackware-security] kernel security updates (SSA:2004-119-01)
  • Slackware Security Team (04/28/04)
• [slackware-security] tcpdump denial of service (SSA:2004-108-01)
  • Slackware Security Team (04/17/04)
• [slackware-security] utempter security update (SSA:2004-110-01)
  • Slackware Security Team (04/19/04)
• [slackware-security] xine security update (SSA:2004-111-01)
  • Slackware Security Team (04/21/04)
• [Unpatched] 4 new Microsoft patches, 4 old updated, 24 vulnerabilities
  • Thor Larholm (04/14/04)
• [waraxe-2004-SA#013 - Critical sql injection bug in PhpBB 2.0.8 and in older versions]
  • T.J. Ferraro (04/07/04)
• [waraxe-2004-SA#014 - Cross-Site Scripting aka XSS in AzDGDatingLite]
  • Janek Vind (04/08/04)
• [waraxe-2004-SA#015 - Multiple vulnerabilities in NukeCalendar v1.1.a]
  • Janek Vind (04/08/04)
• [waraxe-2004-SA#016 - Cross-Site Scripting aka XSS in phpnuke 6.x-7.2 part 3]
  • Janek Vind (04/12/04)
• [waraxe-2004-SA#017 - User-level authentication bypass in phpnuke 6.x-7.2]
  • Janek Vind (04/12/04)
• [waraxe-2004-SA#018 - Admin-level authentication bypass in phpnuke 6.x-7.2]
  • Janek Vind (04/12/04)
• [waraxe-2004-SA#019 - Critical sql injection bug in Phorum 3.4.7]
  • Janek Vind (04/18/04)
• [waraxe-2004-SA#021 - Multiple vulnerabilities in phprofession 2.5 module for PostNuke]
  • Janek Vind (04/21/04)
• [waraxe-2004-SA#022 - Multiple vulnerabilities in PostNuke 0.726 Phoenix - part 2]
  • Janek Vind (04/22/04)
• [waraxe-2004-SA#024 - XSS and full path disclosure in Network Query Tool 1.6]
  • Janek Vind (04/24/04)
• [waraxe-2004-SA#025 - Multiple vulnerabilities in Protector System 1.15b1 for PhpNuke]
  • Janek Vind (04/23/04)
• A technical description of the SSL PCT vulnerability (CVE-2003-0719)
  • Juliano Rizzo (04/30/04)
• Adobe Acrobat Reader PDF file DoS vulnerability
  • Arman Nayyeri (04/11/04)
• Advanced Guestbook 2.2 -- SQL Injection Exploit
  • JQ (04/21/04)
• Advisory: Multiple Vulnerabilities in Monit
  • mattmurphy_at_kc.rr.com (04/05/04)
• After Ms patches last Wed ...
  • David Hayden (04/30/04)
  • Greg Kujawa (04/20/04)
  • geoff.froh_at_densho.org (04/17/04)
  • phaser-X (04/17/04)
  • David Hayden (04/18/04)
  • Alex Cruz (04/19/04)
  • T.H. Haymore (04/17/04)
  • plasmahh_at_informatik.uni-bremen.de (04/18/04)
  • Jerry Winegarden (04/19/04)
  • Alun Jones (04/17/04)
  • Scott Gifford (04/17/04)
  • Dan Harkless (04/17/04)
  • Andy Shaw (04/17/04)
  • phaser-X (04/16/04)
  • aborg_at_mca.org.mt (04/16/04)
• after ms patches...
  • kincses zoli (04/18/04)
• ANNOUNCE: SecLegal mailing list
  • Thor Larholm (04/09/04)
• Apache - all versions vulnerability in OLD procesors.
  • Peter Pentchev (04/28/04)
  • Adam Zabrocki (04/26/04)
  • Peter J. Holzer (04/26/04)
  • Chris Adams (04/25/04)
  • Chris Adams (04/25/04)
  • Adam Zabrocki (04/24/04)
• Arbitrary file overwriting in Unreal engine through UMOD
  • Luigi Auriemma (04/22/04)
• Automated wireless client penetration tool "hotspotter" released.
  • Max Moser (04/05/04)
• Backdoor in X-Micro WLAN 11b Broadband Router
  • Mariano Firpo (04/16/04)
  • RISKO Gergely (04/10/04)
• BID 7482, bug in OpenSSH (Still in FreeBSD-STABLE)
  • Damien Miller (04/13/04)
  • Felipe Neuwald (04/12/04)
• BitDefender Scan Online(ActiveX) - Remote File Download & Execute & Private Information Disclosure
  • Sami POTIRCA (04/20/04)
  • Rafel Ivgi, The-Insider (04/19/04)
• blaxxun3D(blaxxun Platform) 7 - Remote Buffer Overflow
  • Rafel Ivgi, The-Insider (04/06/04)
• Browser bugs [DoS] ... where will you draw a line?
  • Bipin Gautam (04/09/04)
• Bugfinder Being Indicted As Criminal ("Counterfeiter") in France
  • K-OTiK Security (04/05/04)
  • K-OTiK Security (04/04/04)
  • Renaud Deraison (04/04/04)
  • Fozzy (04/03/04)
  • Chris Wysopal (04/03/04)
  • K-OTiK Security (04/02/04)
  • Drew Copley (03/31/04)
• Bugfinder Being Indicted As Criminal]
  • Fozzy (04/05/04)
• CAN-2004-0155: The KAME IKE Daemon Racoon does not verify RSA Signatures during Phase 1, allows man-in-the-middle attacks and unauthorized connections
  • Ralf Spenneberg (04/07/04)
• cdp buffer overflow vulnerability
  • Dave Paris (03/31/04)
  • Vade 79 (03/31/04)
• Cisco Security Advisory: A default Username and Password in WLSE and HSE devices
  • Cisco Systems Product Security Incident Response Team (04/07/04)
  • Cisco Systems Product Security Incident Response Team (04/07/04)
• Cisco Security Advisory: Cisco IPSec VPN Services Module Malformed IKE Packet Vulnerability
  • Cisco Systems Product Security Incident Response Team (04/08/04)
• Cisco Security Advisory: TCP Vulnerabilities in Multiple IOS Based Cisco Products
  • Cisco Systems Product Security Incident Response Team (04/20/04)
• Cisco Security Advisory: TCP Vulnerabilities in Multiple Non-IOS-Based Cisco Products
  • Cisco Systems Product Security Incident Response Team (04/20/04)
• Cisco Security Advisory: Vulnerabilities in SNMP Message Processing
  • Cisco Systems Product Security Incident Response Team (04/21/04)
• Cisco Security Notice: Cisco IPsec VPN Implementation Group Password Usage Vulnerability
  • Cisco Systems Product Security Incident Response Team (04/15/04)
• Citadel/UX 6.20 fixes local permissions vulnerability
  • IO ERROR (04/12/04)
• cqure.net.20040430.citrixmetaframe
  • Patrik Karlsson (04/30/04)
• Cross Site Scripting in Moodle < 1.3
  • Bartek Nowotarski (04/30/04)
• Dameware Mini Remote Control Version 4.2 – Weak Key Agreement Scheme
  • ax09001h (04/30/04)
• DoS in Crackalaka 1.0.8
  • Donato Ferrante (04/09/04)
• DoS in NETFile FTP/Web Server
  • Donato Ferrante (04/19/04)
• DoS in Rsniff 1.0
  • Luigi Auriemma (04/09/04)
  • Luigi Auriemma (04/09/04)
• EEYE: Symantec Multiple Firewall TCP Options Denial of Service
  • Derek Soeder (04/23/04)
• EEYE: Windows Expand-Down Data Segment Local Privilege Escalation
  • Marc Maiffret (04/13/04)
• EEYE: Windows Local Security Authority Service Remote Buffer Overflow
  • Marc Maiffret (04/13/04)
• EEYE: Yahoo! Mail Account Filter Overflow Hijack
  • Drew Copley (04/21/04)
• eMule <= 0.42d Remote Exploit
  • kcope (04/11/04)
• eMule v0.42d Buffer Overflow
  • Kostya Kortchinsky (04/03/04)
• Enterprise Application Security
  • Dave Aitel (04/02/04)
• eSignal v7 remote buffer overflow
  • Scott Johnson (04/07/04)
• Eudora 6.1 is evil
  • Paul Szabo (04/19/04)
• Exchange pop3 remote exploit
  • securma massine (04/20/04)
• Followup: vuln in WinBlox monitor for winnt
  • Oliver Lavery (03/31/04)
• Format string bug in IGI 2: Covert Strike 1.3
  • Luigi Auriemma (04/05/04)
• Format String in Cherokee
  • CoKi (04/20/04)
• Foundstone Labs Advisory: Citrix MetaFrame Password Manager 2.0
  • Foundstone Labs (04/06/04)
• FreeBSD Security Advisory FreeBSD-SA-04:07.cvs
  • FreeBSD Security Advisories (04/15/04)
• Full-Disclosure is now ILLEGAL in France ! (Vulnerabilties, Technical details, Exploits ...)
  • Amer Karim (04/10/04)
  • Romain Francoise (04/09/04)
  • Chris Wysopal (04/09/04)
  • Chris Johnson (04/09/04)
  • Geoffrey (04/09/04)
  • Richard M. Smith (04/09/04)
  • Chris Johnson (04/09/04)
  • K-OTiK Security (04/09/04)
• Gnome nautilus bug
  • gsicht gsicht (04/12/04)
• GNU Sharutils buffer overflow vulnerability
  • Shaun Colley (04/07/04)
• GNU Sharutils buffer overflow vulnerability.
  • Dan Yefimov (04/10/04)
  • Carlos Eduardo Pinheiro (04/07/04)
  • Didier Arenzana (04/07/04)
  • Shaun Colley (04/06/04)
• Google using Expired Cert and SSLv2
  • Ivaylo Kostadinov (04/01/04)
  • Matthew S. Hamrick (03/31/04)
• Heap Overflow in Oracle 9iAS / 10g Application Server Web Cache
  • Ioannis Migadakis (04/08/04)
• Horde webmail: mysql access
  • Christopher T. Beers (04/27/04)
  • sig_at_flaming.tolna.net (04/25/04)
• HP Web Jetadmin
  • John Morris (04/30/04)
• HP Web JetAdmin vulnerabilities.
  • Samuel Walker (04/29/04)
  • FX (04/27/04)
• IBM Director 3.1 Windows Agent Remote DoS
  • Vess Nedevski (04/06/04)
  • Juanma Merino (04/05/04)
• Idea of CAW (Creation of Attack Wood)
  • Jan Minar (04/21/04)
  • Magosányi Árpád (04/20/04)
  • kincses zoli (04/18/04)
• IE 6 Print Without Prompt
  • Ben Garvey (04/12/04)
• IE Certificate Stealing (Phising) bug
  • E.Kellinis (04/30/04)
• IETF Draft on Transmission Control Protocol security considerations
  • Thor Larholm (04/21/04)
• Include vulnerability in GEMITEL v 3.50
  • jaguar (04/15/04)
• Index viewing in imgSvr 0.4
  • Donato Ferrante (04/01/04)
• Internet Explorer 6 - Crash
  • E.Kellinis (04/07/04)
• Internet Explorer XSS published unpatched in SP1 AND SP2
  • Rafel Ivgi, The-Insider (04/17/04)
• IPv4 fragmentation --> The Rose Attack
  • Taylan Develioglu (04/12/04)
  • gandalf_at_digital.net (04/10/04)
  • gandalf_at_digital.net (04/10/04)
  • Darren Reed (04/10/04)
  • Darren Reed (04/09/04)
  • gandalf_at_digital.net (04/09/04)
  • Darren Reed (04/08/04)
  • Paul Starzetz (04/08/04)
  • Ventsislav Genchev (04/07/04)
  • Chris Brenton (04/01/04)
  • stanislav shalunov (04/01/04)
  • Crist J. Clark (04/01/04)
• IRIX ftpd ftp_syslog issue with anonymous FTP
  • SGI Security Coordinator (04/02/04)
• IRIX Update Some Network Drivers May Leak Data
  • SGI Security Coordinator (04/03/04)
• Kerio Personal Firewall 4 and IE 6 "Bug"
  • E.Kellinis (04/07/04)
  • Noah Dunker (04/07/04)
  • Noah Dunker (04/07/04)
  • E.Kellinis (04/07/04)
• Kerio Personal Firewall 4.0.13 - Remote DoS (Crash)
  • E.Kellinis (04/07/04)
• KPhone STUN DoS (Malformed STUN Packets)
  • Aviram Jenik (04/19/04)
• Linux kernel setsockopt MCAST_MSFILTER integer overflow
  • Wojciech Purczynski (04/20/04)
• LNSA-#2004-0008: Multiple security problems in Monit
  • Vincenzo Ciaglia (04/06/04)
• LNSA-#2004-0009: GNU Automake symbolic link vulnerability
  • Vincenzo Ciaglia (04/08/04)
  • Vincenzo Ciaglia (04/08/04)
• LNSA-#2004-0010: login may leak sensitive data
  • Vincenzo Ciaglia (04/08/04)
• LNSA-#2004-0011: CVS Server and Client Vulnerabilities
  • Vincenzo Ciaglia (04/18/04)
• LNSA-#2004-0012: Multiple format string vulnerabilities in neon
  • Vincenzo Ciaglia (04/18/04)
• Macromedia Dreamweaver Remote Database Scripts (#NISR05042004B)
  • NGSSoftware Insight Security Research (04/05/04)
• Mcafee FreeScan - Remote Buffer Overflow and Private Information Disclosure
  • Rafel Ivgi, The-Insider (04/07/04)
• McAfee Freescan ActiveX Information Disclosure [Additional Details & PoC]
  • S G Masood (04/07/04)
• MDKSA-2004:026 - Updated mplayer packages fix remotely exploitable vulnerability
  • Mandrake Linux Security Team (04/06/04)
• MDKSA-2004:027 - Updated ipsec-tools packages fix vulnerability in racoon
  • Mandrake Linux Security Team (04/09/04)
• MDKSA-2004:031 - Updated utempter packages fix several vulnerabilities
  • Mandrake Linux Security Team (04/19/04)
• MDKSA-2004:031-1 - Updated utempter packages fix several vulnerabilities
  • Mandrake Linux Security Team (04/22/04)
• MDKSA-2004:032 - Updated libneon packages fix temporary file insecurities
  • Mandrake Linux Security Team (04/20/04)
• MDKSA-2004:033 - Updated xine-ui packages fix temporary file insecurities
  • Mandrake Linux Security Team (04/20/04)
• MDKSA-2004:034 - Updated MySQL packages fix temporary file insecurities
  • Mandrake Linux Security Team (04/20/04)
• MDKSA-2004:035 - Updated samba packages fix privilege escalation vulnerability
  • Mandrake Linux Security Team (04/20/04)
• MDKSA-2004:037 - Updated kernel packages fix multiple vulnerabilities
  • Mandrake Linux Security Team (04/27/04)
• MDKSA-2004:038 - Updated sysklogd packages fix vulnerability
  • Mandrake Linux Security Team (04/29/04)
• MDKSA-2004:039 - Updated mc packages fix vulnerabilities
  • Mandrake Linux Security Team (04/30/04)
• MDKSA-2004:040 - Updated libpng packages fix vulnerability
  • Mandrake Linux Security Team (04/30/04)
• Metasploit Framework 2.0 Released!
  • H D Moore (04/07/04)
• Microsoft Help and Support Center argument injection vulnerability
  • Jouko Pynnonen (04/13/04)
• Microsoft IE iframe src DoS already reported to Microsoft
  • Valdis.Kletnieks_at_vt.edu (04/08/04)
  • 'ken'_at_FTU (04/08/04)
• Microsoft Internet Explorer BMP file memory DoS vulnerability
  • jeremy_at_33ad.org (04/13/04)
  • Arman Nayyeri (04/11/04)
• Microsoft Outlook Express EML file Crash vulnerability
  • Kamran Muzaffer (04/13/04)
  • Arman Nayyeri (04/11/04)
• Microsoft's Explorer and Internet Explorer long share name buffer overflow.
  • Rodrigo Gutierrez (04/26/04)
  • Rodrigo Gutierrez (04/25/04)
  • Rodrigo Gutierrez (04/25/04)
• monit 4.1 POC
  • gsicht gsicht (04/09/04)
• Monit <= 4.2 Remote Root Exploit
  • Eye on Security India (04/12/04)
• MS Patches last Mon - Recap
  • aborg_at_mca.org.mt (04/18/04)
• MS Patches last Wed - SOLUTION
  • aborg_at_mca.org.mt (04/18/04)
• MS04-011 Break SSL support in IE 6.0.3790.0 with Windows 2003
  • Thor Larholm (04/17/04)
• MS04-011 SSL Remote DoS PoC
  • David Barroso Berrueta (04/17/04)
• MS04011 Lsasrv.dll RPC buffer overflow remote exploit (PoC)
  • houseofdabus HOD (04/29/04)
• Multi stage attacks on networks?
  • Sudhakar-bugtraq Govindavajhala (04/30/04)
• Multiple Vulnerabilities In OpenBB
  • JeiAr (04/25/04)
• Multiple Vulnerabilities In Tiki CMS/Groupware [ TikiWiki ]
  • JeiAr (04/11/04)
• Multiple vulnerabilities paFileDB
  • k1LL3r B0y (04/27/04)
• Multiple vulnerabilities PHP-Nuke Video Gallery Module for PHP-Nuke
  • k1LL3r B0y (04/26/04)
• Multiple XSS vulnerabilities in Microsoft SharePoint Portal Server 2001
  • Ory Segal (04/05/04)
• NcFTP - password leaking
  • Alex Behar (04/20/04)
  • Frank v Waveren (04/20/04)
  • Konstantin Gavrilenko (04/20/04)
• NetBSD Security Advisory 2004-005: Denial of service vulnerabilities in OpenSSL
  • NetBSD Security-Officer (04/21/04)
• NetBSD Security Advisory 2004-006: TCP protocol and implementation vulnerability
  • NetBSD Security-Officer (04/21/04)
• Netegrity SiteMinder Affiliate Agent Cookie Overflow
  • advisories (04/23/04)
  • advisories_at_atstake.com (04/23/04)
• NetSky.q Virus. Looking for more detailed information on how the DOS will be performed.
  • Paul (03/31/04)
• Netsky.R, auto execute w/ IE6 ?
  • vbsubmit_at_hotmail.com (04/06/04)
  • BugtraQ (04/06/04)
  • BugtraQ (04/02/04)
• Network Intelligence Advisory - Denial of Service Vulnerability in ColdFusion MX
  • K. K. Mookhey (04/17/04)
• NEW backdoor in X-Micro WLAN 11b Broadband Router
  • RISKO Gergely (04/16/04)
• new IE vurn
  • Gavin Hanover (04/05/04)
  • Philip Barnham (04/05/04)
• new internet explorer exploit (was new worm)
  • mgotts_at_2roads.com (03/31/04)
• New Paper - SQL Injection Signatures Evasion
  • Imperva Application Defense Center (04/26/04)
  • K. K. Mookhey (04/26/04)
  • Imperva Application Defense Center (04/19/04)
• new strange worm
  • Alex Gen (04/12/04)
• New Worm/Virus April 8th
  • securityguy_at_dslextreme.com (04/08/04)
  • Polazzo Justin (04/08/04)
• New Worm??? - High level of activity on port 445
  • Thor Larholm (04/29/04)
  • Jodrell Dimaculangan (04/29/04)
  • Roger A. Grimes (04/29/04)
  • Tony Abell (04/29/04)
• NGSSoftware Insight Security Research Advisory
  • Peter Winter-Smith (04/05/04)
• NISCC Vulnerability Advisory 236929: Vulnerability Issues in TCP
  • David Ahmad (04/20/04)
• Norton AntiVirus nested file manual scan bypass.....
  • Bipin Gautam (04/18/04)
  • Bipin Gautam (04/17/04)
• Open Source Vulnerability Database Opens for Public Access
  • fbr (03/31/04)
• OpenLinux: util-linux could leak sensitive data
  • please_reply_to_security_at_sco.com (04/01/04)
• OpenLinux: vim arbitrary commands execution through modelines
  • please_reply_to_security_at_sco.com (04/01/04)
• Panda ActiveScan 5.0 - Remote Buffer Overflow and A Crash(D.O.S)
  • Rafel Ivgi, The-Insider (04/06/04)
• Paper: Comparing binaries with graph isomorphisms
  • Todd Sabin (04/06/04)
• Papers: The Invisible Catalog
  • Pete Herzog (04/06/04)
• Perl code exploting TCP not checking RST ACK.
  • Michael Gschwandtner (04/27/04)
• phpBB 2.0.8a and lower - IP spoofing vulnerability
  • Xin LI (04/29/04)
  • BlueRaven (04/28/04)
  • Xin LI (04/21/04)
  • 3APA3A (04/20/04)
  • Shaun Colley (04/19/04)
  • Ready Response (04/19/04)
• phpBB modified by Przemo arbitary code execution
  • Dariusz 'Officerrr' Kolasinski (04/19/04)
  • Dariusz 'Officerrr' Kolasinski (04/19/04)
• Phrack #62 Call for Papers
  • Richard Miller (04/08/04)
• Pikachu -Turn on WEP !
  • christophe barbe (04/01/04)
  • Himanshu Singh (04/01/04)
• Possible DoS on Linux kernel 2.4 and 2.6 using sigqueue overflow.
  • Nikita V. Youshchenko (04/12/04)
• Potential Microsoft PCT worm (MS04-011)
  • advisories (04/23/04)
• PSR - #2004-001 Remote - LCDProc
  • Priv8 Security Research (04/08/04)
• PSR - #2004-002 Remote - LCDProc
  • Priv8 Security Research (04/08/04)
• REAL One Player R3T File Format Stack Overflow
  • NGSSoftware Insight Security Research (04/07/04)
• Release of Cisco Attack tool Asleap
  • Joshua Wright (04/07/04)
• Releasing full source code of WinBlox
  • Liu Die Yu (04/01/04)
• Remote Exploit for Aborior's Encore Web Forum
  • XNUXER RESEARCH (04/03/04)
• Remote Format String Vulnerabilities in eXtremail
  • Luca Ercoli (04/25/04)
• resources consumption in DiGi WWW Server
  • Donato Ferrante (04/27/04)
• Samsung SmartEther SS6215S Switch
  • Kyle Duren (04/26/04)
• SCT javascript execution vulnerability
  • spiffomatic 64 (04/15/04)
• SECURITY.NNOV: Sambar security quest
  • 3APA3A (04/30/04)
• SGI Advanced Linux Environment security update #17
  • SGI Security Coordinator (04/08/04)
• SGI Advanced Linux Environment security update #18
  • SGI Security Coordinator (04/22/04)
• SGI Advanced Linux Environment security update #19
  • SGI Security Coordinator (04/28/04)
• SGI ProPack v2.4: Kernel update #3
  • SGI Security Coordinator (04/27/04)
• SMC Routers have remote administration enabled by default
  • Martin Nedbal (04/29/04)
  • Michael Curtis (04/29/04)
  • user86 (04/29/04)
  • user86 (04/29/04)
  • user86 (04/28/04)
• Solaris 9 patch 113579-03 introduces a NIS security bug
  • Chris Thompson (04/19/04)
• Solaris vfs_getvfssw() local kernel exploit
  • Sam (04/07/04)
• Source Code To Test IPv4 fragmentation --> The Rose Attack
  • Gandalf The White (04/27/04)
• Spammers can hide behind 'Email a friend/article' scripts.
  • 3APA3A (04/27/04)
  • matthias_at_astrum.ch (04/27/04)
  • cyber_flash_at_hotmail.com (04/26/04)
• Squirrelmail Chpasswod bof
  • p dont think (04/27/04)
  • Peter Geissler (04/19/04)
  • Jonathan Angliss (04/17/04)
  • rip_at_overflow.no (04/19/04)
  • martin f krafft (04/17/04)
  • Matias Neiff (04/17/04)
• SquirrelMail Cross Scripting Attacks....
  • Jonathan Angliss (04/30/04)
  • Alvin Alex (04/29/04)
• ssmtp insecure file creation
  • priestmaster_at_sms.at (04/18/04)
• Support Contact Info
  • Mark Litchfield (04/06/04)
• SuSEs YaST Online Update - possible symlink attack
  • Roman Drahtmueller (04/07/04)
  • Rene (04/05/04)
• Symantec Virus Detection(Free ActiveX) - Remote Buffer Overflow
  • Rafel Ivgi, The-Insider (04/07/04)
• Symantec Virus Detection(Free ActiveX) - Remote Buffer Overflow, Apr 7 2004 2:22AM
  • Sym Security (04/08/04)
• TCP Reset Attacks: Paper and Code Now Availble
  • sullo_at_cirt.net (04/23/04)
• Texutil symlink vulnerability.
  • Shaun Colley (04/04/04)
• TOOL: Adder - runtime patching in python
  • Oliver Lavery (03/31/04)
• TSLSA-2004-0020 - kernel
  • Trustix Security Advisor (04/16/04)
• TSLSA-2004-0024 - rsync
  • Trustix Security Advisor (04/30/04)
• TSLSA-2004-0025 - multi
  • Trustix Security Advisor (04/30/04)
• UnixWare 7.1.3 Open UNIX 8.0.0 UnixWare 7.1.1 : perl unsafe Safe compartment
  • please_reply_to_security_at_sco.com (04/01/04)
• UPDATE: Cisco Security Notice: Dictionary Attack on Cisco LEAP Vulnerability
  • Cisco Systems Product Security Incident Response Team (04/12/04)
• UPDATE: LCDproc Buffer Overflow and Format String Vulnerabilities
  • Rene Wagner (04/14/04)
• US-CERT Technical Cyber Security Alert TA04-111A -- Vulnerabilities in TCP
  • soby_at_hushmail.com (04/25/04)
• void.at - neon format string bugs
  • Thomas Wana (04/16/04)
• Vulnerabilities in long-lived TCP connections on SGI systems
  • SGI Security Coordinator (04/21/04)
• WinSCP Denial of Service
  • Luca Ercoli (04/15/04)
• XSS, Admin Access via Cookie and File Upload vulnerability in NewsPHP.
  • Manuel Lopez (04/15/04)
• ZA Security Hole
  • Patrick Brauch (04/21/04)
  • David Wilson (04/20/04)
  • Hugo van der Kooij (04/16/04)
  • Pablo G. Sabbatella (04/16/04)
  • Samps (04/16/04)
  • Damjan Kreft (04/14/04)
• Zaep AntiSpam Cross Site Scripting
  • Aviram Jenik (04/19/04)

Last message date: 04/30/04
Archived on: 04/30/04 CEST

---

392 messages sorted by: [ author ] [ date ] [ thread ] [ attachment ]

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > securityfocus  > bugtraq  > 2004-04