SecurityFocus Bugtraq
By Thread

333 messages sorted by: [ author ] [ date ] [ subject ] [ attachment ]

---

Starting: 05/01/04
Ending: 05/31/04

• LinkSys WRT54G administration page availble to WAN Alan W. Rateliff, II (05/31/04)
• Possible bug in PHPNuke and other CMS Luca Falavigna (05/30/04)
• [SECURITY] [DSA 511-1] New ethereal packages fix buffer overflows Matt Zimmerman (05/30/04)
• Looking for a security contact of RealNetworks Live Rhapsody Philip Stoev (05/27/04)
• Users who have expired passwords can still log on to the domain if the FQDN is exactly eight characters long in Windows 2000 albatross_at_tim.it (05/31/04)
• [ GLSA 200405-25 ] tla: Heap-based buffer overflow in included libneon Thierry Carrez (05/30/04)
• [Full-Disclosure] iDEFENSE Security Advisory 05.27.04: 3Com OfficeConnect Remote 812 ADSL Router Authentication Bypass Vulnerability idlabs-advisories_at_idefense.com (05/27/04)
  • Re: [Full-Disclosure] iDEFENSE Security Advisory 05.27.04: 3Com OfficeConnect Remote 812 ADSL Router Authentication Bypass Vulnerability Seth Alan Woolley (05/27/04)
• [SECURITY] [DSA 510-1] New jftpgw packages fix format string vulnerability Matt Zimmerman (05/29/04)
• [SECURITY] [DSA 509-1] New gatos packages fix privilege escalation Matt Zimmerman (05/29/04)
• [waraxe-2004-SA#031 - Multiple vulnerabilities in e107 version 0.615] Janek Vind (05/29/04)
• LDU (land down under) xss vulnerability tim de gier (05/29/04)
• EnderUNIX Security Anouncement (Isoqlog and Spamguard) Murat Balaban (05/29/04)
• Mollensoft ftp Server ver 3.6 Buffer overflow Chintan Trivedi (05/28/04)
• JPortal SQL Injects Maciek Wierciski (05/28/04)
• SGI Advanced Linux Environment 3 Security Update #2 SGI Security Coordinator (05/28/04)
• SGI Advanced Linux Environment security update #20 SGI Security Coordinator (05/28/04)
• [ GLSA 200405-24 ] MPlayer, xine-lib: vulnerabilities in RTSP stream handling Thierry Carrez (05/28/04)
• [PHP] include() bypassing filter with php://input Himeur Nourredine (05/27/04)
  • Re: [PHP] include() bypassing filter with php://input Keary Suska (05/28/04)
    • Re: [PHP] include() bypassing filter with php://input clez (05/28/04)
      • Re: [PHP] include() bypassing filter with php://input Ali Campbell (05/29/04)
      • Re: [PHP] include() bypassing filter with php://input bugtraq subscriber (05/28/04)
• MDKSA-2004:052 - Updated kolab-server package fixes world readable file vulnerability Mandrake Linux Security Team (05/27/04)
• WildTangent Web Driver Long FileName Stack Overflow NGSSoftware Insight Security Research (05/27/04)
  • Re: WildTangent Web Driver Long FileName Stack Overflow Cesar (05/28/04)
• Sun-Java-App-Server PE 8.0 path disclosure Marc Schoenefeld (05/27/04)
• MDKSA-2004:051 - Updated mailman packages fix password retrieval vulnerability Mandrake Linux Security Team (05/27/04)
• Re: Exchange pop3 remote exploit Tal Schaeffer (05/27/04)
• The Dangers of Cross-Site-Scripting: Rogers Hi-Speed Internet Network [Canada] http-equiv_at_excite.com (05/27/04)
• [ GLSA 200405-23 ] Heimdal: Kerberos 4 buffer overflow in kadmin Kurt Lieber (05/27/04)
• [OpenPKG-SA-2004.026] OpenPKG Security Advisory (apache) OpenPKG (05/27/04)
• DoS in MiniShare 1.3.2 Donato Ferrante (05/26/04)
• SGI Advanced Linux Environment 3 Security Update #1 SGI Security Coordinator (05/26/04)
• [CLA-2004:843] Conectiva Security Announcement - kde Conectiva Updates (05/26/04)
• Orenosv HTTP/FTP Server Denial Of Service badpack3t (05/26/04)
• [security bulletin]SSRT4724 HP integrated Lights Out (iLO) Denial of Service (DoS) using port zero Boren, Rich (SSRT) (05/26/04)
• [ GLSA 200405-22 ] Apache 1.3: Multiple vulnerabilities Kurt Lieber (05/26/04)
• IRIX libcpr vulnerability SGI Security Coordinator (05/26/04)
  • Re: IRIX libcpr vulnerability Jan Schaumann (05/26/04)
• [ GLSA 200405-21 ] Midnight Commander: Multiple vulnerabilities Kurt Lieber (05/26/04)
• [Full-Disclosure] iDEFENSE Security Advisory 05.26.04: 3Com OfficeConnect Remote 812 ADSL Router Telnet Protocol Denial of Service Vulnerability idlabs-advisories_at_idefense.com (05/26/04)
• IEBUG: Archives of Internet Explorer Liu Die Yu (05/26/04)
• [security bulletin] SSRT4719 hp OpenView Select Access remote unauthorized access Boren, Rich (SSRT) (05/26/04)
• SUSE Security Announcement: kdelibs (SuSE-SA:2004:014) Sebastian Krahmer (05/26/04)
• FreeBSD Security Advisory FreeBSD-SA-04:11.msync FreeBSD Security Advisories (05/26/04)
• [security bulletin] SSRT4749 HP-UX Java Runtime Environment (JRE) remote DoS Boren, Rich (SSRT) (05/26/04)
• [ GLSA 200405-20 ] Insecure Temporary File Creation In MySQL Thierry Carrez (05/25/04)
• [CLA-2004:842] Conectiva Security Announcement - mailman Conectiva Updates (05/25/04)
• ERRATA: [ GLSA 200405-16 ] Multiple XSS Vulnerabilities in SquirrelMail Kurt Lieber (05/25/04)
• [CLA-2004:841] Conectiva Security Announcement - libneon Conectiva Updates (05/25/04)
• SSH URI handler remote arbitrary code execution kang (05/24/04)
• [ GLSA 200405-19 ] Opera telnet URI handler file creation/truncation vulnerability Kurt Lieber (05/25/04)
• cPanel mod_phpsuexec Vulnerability Rob Brown (05/24/04)
• [ GLSA 200405-18 ] Buffer Overflow in Firebird Thierry Carrez (05/23/04)
  • Re: [ GLSA 200405-18 ] Buffer Overflow in Firebird b0f www.b0f.net (05/25/04)
    • Re: [ GLSA 200405-18 ] Buffer Overflow in Firebird KF (lists) (05/27/04)
      • Re: [ GLSA 200405-18 ] Buffer Overflow in Firebird KF (lists) (05/27/04)
• Netgear RP114 URL filter fails if URL is too long Marc Ruef (05/24/04)
• [SECURITY] [DSA 508-1] New xpcd packages fix buffer overflow Matt Zimmerman (05/23/04)
• e107 web portal user.php XSS (Cross Site Scripting) Chris Norton (05/23/04)
• Liferay Cross Site Scripting Flaw Giri, Sandeep (05/22/04)
• MDKSA-2004:050 - Updated kernel packages fix multiple vulnerabilities Mandrake Linux Security Team (05/22/04)
• Allegro RomPager/2.10 DoS exploit Seth Alan Woolley (05/22/04)
• Exploit codes for CVS Vulnerability and snort rules from ISC K-OTiK Security (05/22/04)
• BNBT BitTorrent Tracker Denial Of Service badpack3t (05/22/04)
• [ GLSA 200405-16 ] Multiple XSS Vulnerabilities in SquirrelMail Rajiv Aaron Manglani (05/21/04)
• Eudora 6.1.1 attachment spoof, LaunchProtect Paul Szabo (05/21/04)
• [OpenPKG-SA-2004.025] OpenPKG Security Advisory (rsync) OpenPKG (05/21/04)
• MDKSA-2004:046-1 - apache-mod_perl packages are now available Mandrake Linux Security Team (05/20/04)
• e107 web portal Referers HTTP Injection Chinchilla (05/21/04)
• Stupid Phishing Tricks http-equiv_at_excite.com (05/21/04)
• [SNS Advisory No.72] Symantec Norton AntiVirus 2004 ActiveX Control Vulnerability snsadv (05/21/04)
• Internet explorer .clsid vulnerability roozbeh afrasiabi (05/21/04)
  • RE: Internet explorer .clsid vulnerability Thor Larholm (05/21/04)
  • Re: Internet explorer .clsid vulnerability roozbeh afrasiabi (05/22/04)
• Auditor security collection released - a swiss army knife for security assessments. Max (05/20/04)
• Question About Ethics and Full Disclosure Tom (05/20/04)
  • RE: Question About Ethics and Full Disclosure Drew Copley (05/20/04)
  • Re: Question About Ethics and Full Disclosure T.J. (05/20/04)
  • RE: Question About Ethics and Full Disclosure Kevin E. Casey (05/20/04)
  • Re: Question About Ethics and Full Disclosure Michal Zalewski (05/21/04)
• [ GLSA 200405-15 ] cadaver heap-based buffer overflow Thierry Carrez (05/20/04)
• [ GLSA 200405-12 ] CVS heap overflow vulnerability Thierry Carrez (05/20/04)
• [ GLSA 200405-13 ] neon heap-based buffer overflow Thierry Carrez (05/20/04)
• [ GLSA 200405-14 ] Buffer overflow in Subversion Joshua J. Berry (05/20/04)
• [security bulletin] SSRT4696 rev. 0 HP ProCurve Routing Switches TCP Denial of Service (DoS) Boren, Rich (SSRT) (05/20/04)
• SGI ProPack 3: Kernel Update #1 - Security and other fixes SGI Security Coordinator (05/20/04)
• [slackware-security] cvs (SSA:2004-140-01) Slackware Security Team (05/20/04)
• SGI ProPack v2.4: Kernel Update #4 - Security and other fixes SGI Security Coordinator (05/20/04)
• [OpenPKG-SA-2004.024] OpenPKG Security Advisory (neon) OpenPKG (05/19/04)
• [OpenPKG-SA-2004.022] OpenPKG Security Advisory (cvs) OpenPKG (05/19/04)
• [OpenPKG-SA-2004.023] OpenPKG Security Advisory (subversion) OpenPKG (05/19/04)
• MDKSA-2004:049 - Updated libneon packages fix heap variable overflow issues Mandrake Linux Security Team (05/19/04)
• [ GLSA 200405-11 ] KDE URI Handler Vulnerabilities Thierry Carrez (05/19/04)
• MDKSA-2004:048 - Updated cvs packages fix remotely exploitable vulnerability Mandrake Linux Security Team (05/19/04)
• Reporting a Security Vulnerability in a Microsoft Product Microsoft Security Response Center (05/19/04)
• [ GLSA 200405-10 ] Icecast denial of service vulnerability Thierry Carrez (05/19/04)
• [SECURITY] [DSA 507-1] New cadaver packages fix buffer overflow Martin Schulze (05/19/04)
• Non-logged Brute Force Attack Vulnerability for Fantastico-Created Databases on cPanel Based Hosts Michael Curtis (05/19/04)
  • Re: Non-logged Brute Force Attack Vulnerability for Fantastico-Created Databases on cPanel Based Hosts Kenneth Peiruza (05/20/04)
    • Re: Non-logged Brute Force Attack Vulnerability forFantastico-Created Databases on cPanel Based Hosts Michael Curtis (05/20/04)
• Idea for proactive worm protection Peter Surda (05/19/04)
• Advisory 08/2004: Subversion remote vulnerability Stefan Esser (05/19/04)
• SUSE Security Announcement: cvs (SuSE-SA:2004:013) Sebastian Krahmer (05/19/04)
• A new Sanctum paper: "Blind XPath Injection" Amit Klein (05/19/04)
• [SECURITY] [DSA 505-1] New cvs packages fix remote exploit Martin Schulze (05/19/04)
• [SECURITY] [DSA 506-1] New neon packages fix buffer overflow Martin Schulze (05/19/04)
• FreeBSD Security Advisory FreeBSD-SA-04:10.cvs FreeBSD Security Advisories (05/19/04)
• Advisory 07/2004: CVS remote vulnerability Stefan Esser (05/19/04)
• Advisory 06/2004: libneon date parsing vulnerability Stefan Esser (05/19/04)
• [ GLSA 200405-09 ] ProFTPD Access Control List bypass vulnerability Kurt Lieber (05/19/04)
• [FLSA-2004:1546] Updated utempter resolves security vulnerability -- Reissue: updated 8.0 version numbers Jesse Keating (05/19/04)
• MDKSA-2004:047 - Updated kdelibs packages fix URI handling vulnerabilities Mandrake Linux Security Team (05/19/04)
• [ GLSA 200405-08 ] Pound format string vulnerability Thierry Carrez (05/18/04)
• Unknown IE bug with css-styles henkie_is_leet_at_hotmail.com (05/18/04)
  • Re: Unknown IE bug with css-styles Paolo Mattiangeli (05/18/04)
• Overflow@OmniHTTPd Han_B (05/18/04)
• IRIX 6.5.24 rpc.mountd infinte loop SGI Security Coordinator (05/18/04)
• [SECURITY] [DSA 504-1] New heimdal packages fix potential buffer overflow Martin Schulze (05/18/04)
• Zen Cart login.php SQL Injection Vulnerability Oliver Minack (05/18/04)
• [slackware-security] kdelibs (SSA:2004-238-01) Slackware Security Team (05/18/04)
• Advisory 05/2004: phpMyFAQ local file inclusion vulnerability Stefan Esser (05/18/04)
• Vapid Labs Security Advisory for PrimeBase Database 4.2 (update) Larry W. Cashdollar (05/18/04)
• MDKSA-2004:046 - Updated apache packages fix a number of vulnerabilities Mandrake Linux Security Team (05/17/04)
• MDKSA-2004:045 - Updated passwd packages fix vulnerabilities Mandrake Linux Security Team (05/17/04)
• MDKSA-2004:044 - Updated libuser packages fix vulnerability Mandrake Linux Security Team (05/17/04)
• Buffer Overflow in ActivePerl ? Oliver_at_greyhat.de (05/17/04)
  • Re: Buffer Overflow in ActivePerl ? rich.sf_at_lclogic.com (05/18/04)
    • RE: [Full-Disclosure] Re: Buffer Overflow in ActivePerl ? Bill Royds (05/18/04)
    • Re: Buffer Overflow in ActivePerl ? Josh Tolley (05/18/04)
  • Re: Buffer Overflow in ActivePerl? Axel Beckert (05/18/04)
  • Re: Buffer Overflow in ActivePerl ? Nick FitzGerald (05/18/04)
  • Re: Buffer Overflow in ActivePerl ? noderat_at_hotmail.com (05/19/04)
  • RE: Buffer Overflow in ActivePerl ? Drew Copley (05/19/04)
    • Re: Buffer Overflow in ActivePerl ? David Cantrell (05/19/04)
      • Re: Buffer Overflow in ActivePerl ? David Ahmad (05/19/04)
• ROCKET SCIENCE: Outllook 2003 http-equiv_at_excite.com (05/17/04)
• Desktop.ini flaw results in executing folders roozbeh afrasiabi (05/17/04)
• [waraxe-2004-SA#030 - Multiple vulnerabilities in PhpNuke 6.x - 7.3] Janek Vind (05/17/04)
• oscommerce 2.2 file_manager.php file browsing Rene (05/17/04)
• [waraxe-2004-SA#029 - Possible remote file inclusion in PhpNuke 6.x - 7.3] Janek Vind (05/17/04)
• Microsoft Internet Explorer ImageMap URL Spoof Vulnerability Kurczaba Associates advisories (05/17/04)
  • RE: Microsoft Internet Explorer ImageMap URL Spoof Vulnerability Drew Copley (05/17/04)
  • Re: Microsoft Internet Explorer ImageMap URL Spoof Vulnerability thegeekmeister_at_SAFe-mail.net (05/17/04)
    • Re: Microsoft Internet Explorer ImageMap URL Spoof Vulnerability Jan Kluka (05/18/04)
  • Re: Microsoft Internet Explorer ImageMap URL Spoof Vulnerability sandrijeski_at_yahoo.com (05/27/04)
    • Re: Microsoft Internet Explorer ImageMap URL Spoof Vulnerability Robert J Taylor (05/27/04)
    • Re: Microsoft Internet Explorer ImageMap URL Spoof Vulnerability Valdis.Kletnieks_at_vt.edu (05/27/04)
    • Re: Microsoft Internet Explorer ImageMap URL Spoof Vulnerability Peter Pentchev (05/28/04)
  • Re: Microsoft Internet Explorer ImageMap URL Spoof Vulnerability http-equiv_at_excite.com (05/27/04)
• RE: Remote Buffer Overflow in MailEnable HTTPMail MailEnable Sales (05/16/04)
• Safari remote arbitrary code execution kang (05/17/04)
  • Re: Safari remote arbitrary code execution Adam Shostack (05/17/04)
• KDE Security Advisory: URI Handler Vulnerabilities Waldo Bastian (05/17/04)
• [slackware-security] mc (SSA:2004-136-01) Slackware Security Team (05/17/04)
• Multiple TTT-C XSS vulnerabilities Kaloyan Georgiev (05/17/04)
• WebCT: Cross Site Scripting Vulnerability spiffomatic 64 (05/17/04)
• Wget race condition vulnerability Hugo (05/17/04)
• NetChat HTTP Server Stack Overflow dbd_at_hushmail.com (05/17/04)
• CiSCO IOS 12.* source code stolen Alexander Antipo (05/15/04)
• more simple and flexible WinBlox(GET CONTROL OF WINNT SYSTEM) Liu Die Yu (05/15/04)
• lha buffer overflow(s) again lw_at_wszia.edu.pl (05/15/04)
• Denial of Service Vulnerability in IEEE 802.11 Wireless Devices albatross_at_tim.it (05/15/04)
  • Re: Denial of Service Vulnerability in IEEE 802.11 Wireless Devices Casper Dik (05/15/04)
    • Re[2]: Denial of Service Vulnerability in IEEE 802.11 Wireless Devices Jason Ostrom (05/16/04)
      • Re: Denial of Service Vulnerability in IEEE 802.11 Wireless Devices Niels Bakker (05/17/04)
• [ GLSA 200405-06 ] libpng denial of service vulnerability Thierry Carrez (05/14/04)
• [ GLSA 200405-07 ] Exim verify=header_syntax buffer overflow Thierry Carrez (05/14/04)
• TSLSA-2004-0029 - kernel Trustix Security Advisor (05/14/04)
• Symantec Multiple Firewall DNS Response Denial-of-Service Exploit (PoC) houseofdabus HOD (05/14/04)
• [security bulletin] SSRT3613 rev.0 HP-UX B6848AB GTK+ Support Libraries - elevated privileges Boren, Rich (SSRT) (05/14/04)
• Still Vulnerable in MSIE Greg Kujawa (05/14/04)
  • RE: Still Vulnerable in MSIE Thor Larholm (05/15/04)
  • RE: Still Vulnerable in MSIE Drew Copley (05/17/04)
• TSLSA-2004-0027 - apache Trustix Security Advisor (05/14/04)
• Curious fileutils/coreutils behaviour. David Malone (05/13/04)
  • RE: Curious fileutils/coreutils behaviour. Michael Wojcik (05/14/04)
    • Re: Curious fileutils/coreutils behaviour. David Malone (05/14/04)
      • Re: Curious fileutils/coreutils behaviour. Michael Shigorin (05/15/04)
      • Re: Curious fileutils/coreutils behaviour. Luciano Miguel Ferreira Rocha (05/15/04)
      • Re: Curious fileutils/coreutils behaviour. Martin (05/15/04)
  • Re: Curious fileutils/coreutils behaviour. Nicolas Rachinsky (05/14/04)
• DOE updated cybersecurity //no code or 0day sploits// just info System Administrator (05/14/04)
• SUSE Security Announcement: mc (SuSE-SA:2004:012) Thomas Biege (05/14/04)
• [security bulletin] SSRT4721 rev.0 HP-UX dtlogin unauthorized privileged access, DoS Boren, Rich (SSRT) (05/14/04)
• Vulnerability Scanning on Windows 2003 localhost will crash RPC farking_at_i-ownur.info (05/14/04)
  • RE: Vulnerability Scanning on Windows 2003 localhost will crash RPC Drew Copley (05/14/04)
• IE URL Issue Being Used In Phishing In the Wild [USBank] Drew Copley (05/14/04)
  • RE: IE URL Issue Being Used In Phishing In the Wild [USBank] Drew Copley (05/14/04)
  • Re: IE URL Issue Being Used In Phishing In the Wild [USBank] Todd C. Campbell (05/14/04)
  • Re: IE URL Issue Being Used In Phishing In the Wild [USBank] Nick FitzGerald (05/15/04)
• POA: Outlook Expresss 6.00 http-equiv_at_excite.com (05/13/04)
• [security bulletin] SSRT4722 rev.0 HP-UX Mozilla denial of service Boren, Rich (SSRT) (05/13/04)
• SYM04-008, Symantec Client Firewall Remote Access and Denial of Service Issues Sym Security (05/13/04)
• Opera Telnet URI Handler Vulnerability also applies to other browsers Jannes (05/13/04)
• [slackware-security] apache (SSA:2004-133-01) Slackware Security Team (05/13/04)
• [SECURITY] [DSA 503-1] New mah-jong packages fix denial of service Martin Schulze (05/13/04)
• [ GLSA 200405-05 ] Utempter symlink vulnerability Kurt Lieber (05/13/04)
• Showhelp() local CHM file execution roozbeh afrasiabi (05/13/04)
  • Re: Showhelp() local CHM file execution roozbeh afrasiabi (05/14/04)
• EEYE: Symantec Multiple Firewall NBNS Response Remote Heap Corruption Marc Maiffret (05/13/04)
• EEYE: Symantec Multiple Firewall Remote DNS KERNEL Overflow Marc Maiffret (05/13/04)
• EEYE: Symantec Multiple Firewall DNS Response Denial-of-Service Marc Maiffret (05/13/04)
• EEYE: Symantec Multiple Firewall NBNS Response Processing Stack Overflow Marc Maiffret (05/13/04)
• NetBSD Security Advisory 2004-007: Systrace systrace_exit() local root NetBSD Security-Officer (05/12/04)
• surfboard1.1.6 local exploit. Anonymous (05/11/04)
  • Re: surfboard1.1.6 local exploit. Meredydd (05/13/04)
• [OpenPKG-SA-2004.021] OpenPKG Security Advisory (apache) OpenPKG (05/12/04)
• MS04-015 - Windows Help Center - Dvdupgrade morning_wood (05/12/04)
• Re: Cisco's Statement about IPR Claimed in draft-ietf-tcpm-tcpsecure (05/12/04)
• OpenServer 5.0.5 OpenServer 5.0.6 OpenServer 5.0.7 : X sessions which are not started by scologin cannot use the X authorization protocol please_reply_to_security_at_sco.com (05/11/04)
• Hiding URLs from Outlook and other mail clients Carl (05/11/04)
• Advisory 04/2004: Net(Free)BSD Systrace local root vulnerabilitiy Stefan Esser (05/11/04)
• [ GLSA 200405-03 ] ClamAV VirusEvent parameter vulnerability Thierry Carrez (05/11/04)
• [ GLSA 200405-04 ] OpenOffice.org vulnerability when using DAV servers Thierry Carrez (05/11/04)
• Re: NISCC Vulnerability Advisory 236929: Vulnerability Issues in TCP Florian Weimer (05/11/04)
  • Re: NISCC Vulnerability Advisory 236929: Vulnerability Issues in TCP Bob Beck (05/12/04)
    • Re: NISCC Vulnerability Advisory 236929: Vulnerability Issues in TCP Darren Reed (05/13/04)
• Linux Kernel sctp_setsockopt() Integer Overflow Shaun Colley (05/11/04)
  • Re: [Full-Disclosure] Linux Kernel sctp_setsockopt() Integer Overflow Tom Rini (05/12/04)
  • Re: Linux Kernel sctp_setsockopt() Integer Overflow Michael Tokarev (05/15/04)
    • Re: Linux Kernel sctp_setsockopt() Integer Overflow Michael Tokarev (05/27/04)
      • Re: Linux Kernel sctp_setsockopt() Integer Overflow Jirka Kosina (05/29/04)
      • Re: Linux Kernel sctp_setsockopt() Integer Overflow Shaun Colley (05/31/04)
• MDKSA-2004:043 - Updated apache2 packages fixes a denial of service vulnerability in mod_ssl Mandrake Linux Security Team (05/11/04)
• [SECURITY] [DSA 502-1] New exim-tls packages fix buffer overflows Martin Schulze (05/11/04)
• MDKSA-2004:042 - Updated rsync packages fixes potential to write outside of directory tree. Mandrake Linux Security Team (05/11/04)
• Somebody exploiting (badly designed) yahoo service? Aleksandar Milivojevic (05/11/04)
  • Re: Somebody exploiting (badly designed) yahoo service? Charles Mansmann (05/11/04)
  • Re: Somebody exploiting (badly designed) yahoo service? Nick FitzGerald (05/12/04)
• PING: Outlook 2003 Spam http-equiv_at_excite.com (05/11/04)
• DEEP SEA PHISHING: Internet Explorer / Outlook Express http-equiv_at_excite.com (05/10/04)
• [Ulf Harnhammar]: LHA Advisory + Patch David Ahmad (05/10/04)
• msxml3.dll Parsing Error Crashes Internet Explorer Remotely Upon Refresh Rafel Ivgi, The-Insider (05/10/04)
  • Re: msxml3.dll Parsing Error Crashes Internet Explorer Remotely Upon Refresh Gao Rui (05/12/04)
• Emule 0.42e Remote Denial Of Service Exploit Rafel Ivgi, The-Insider (05/10/04)
• Arbitrary code inclusion in phpShop Calum Power (05/09/04)
• RE: An undetectable Online Bank Vulnerability? M Peterson (05/08/04)
• Monit 4.1 remote shell exploit (HTTP) Michel Blomgren (05/10/04)
• [ GLSA 200405-02 ] Multiple vulnerabilities in LHa Thierry Carrez (05/09/04)
• a litle bypass with IE Nuno Costa (05/10/04)
  • Re: a litle bypass with IE Neil Briscoe (05/10/04)
  • RE: a litle bypass with IE Eric Norbut (05/10/04)
  • RE: a litle bypass with IE Thor Larholm (05/11/04)
  • Re: a litle bypass with IE Emilio Casbas (05/11/04)
• OUTLOOK 2003: OuchLook http-equiv_at_excite.com (05/10/04)
• PaX DoS proof-of-concept Michel Blomgren (05/10/04)
• [ GLSA 200405-01 ] Multiple format string vulnerabilities in neon 0.24.4 and earlier Kurt Lieber (05/09/04)
• [waraxe-2004-SA#028 - Multiple vulnerabilities in NukeJokes module for PhpNuke] Janek Vind (05/08/04)
• [FLSA-2004:1395] Updated OpenSSL resolves security vulnerability Jesse Keating (05/08/04)
• FW: [security bulletin] SSRT4717 Management Agents for HP-UX Remote DoS Boren, Rich (SSRT) (05/08/04)
• [OpenPKG-SA-2004.020] OpenPKG Security Advisory (ssmtp) OpenPKG (05/07/04)
• Streaming Video and Audio security lists (05/06/04)
• [CLA-2004:840] Conectiva Security Announcement - lha Conectiva Updates (05/06/04)
• Eudora file URL buffer overflow Paul Szabo (05/07/04)
• Windows IPSec Vulnerabilty Steffen Pfendtner (05/07/04)
• [SECURITY] [DSA 501-1] New exim packages fix buffer overflows Martin Schulze (05/07/04)
• Remote DoS IE Memory Access Violation E.Kellinis (05/07/04)
• Security issue with Trend OfficeScan Corporate Edition Matt (05/07/04)
• Fwd: [Re: cvs commit: src/sys/vm vm_map.c] Jacques A. Vidrine (05/05/04)
• Will a smart worm be made in the near future? Taeho Oh (05/05/04)
  • Re: Will a smart worm be made in the near future? Jose Nazario (05/07/04)
• SUSE Security Announcement: Live CD 9.1 (SuSE-SA:2004:011) Roman Drahtmueller (05/06/04)
• [0xbadc0ded #03] DeleGate (SSL-filter) <= 8.9.2 Joel Eriksson (05/06/04)
• [AppSecInc Security Alert] Microsoft Active Server Pages Cookie Retrieval Issue Aaron C. Newman (Application Security, Inc.) (05/06/04)
• Advisory: Heimdal kadmind version4 remote heap overflow Evgeny Demidov (05/06/04)
• FreeBSD Security Advisory FreeBSD-SA-04:09.kadmind FreeBSD Security Advisories (05/05/04)
• FreeBSD Security Advisory FreeBSD-SA-04:08.heimdal FreeBSD Security Advisories (05/05/04)
• Multiple vulnerabilities in P4DB Jon McClintock (05/05/04)
• IRIX Networking Security Updates SGI Security Coordinator (05/05/04)
• [waraxe-2004-SA#027 - Once again - critical vulnerabilities in PhpNuke 6.x - 7.2] Janek Vind (05/05/04)
• Titan FTP Server Aborted LIST DoS Aviram Jenik (05/05/04)
  • Re: Titan FTP Server Aborted LIST DoS Gene Ken (05/07/04)
    • Re: Titan FTP Server Aborted LIST DoS Noam Rathaus (05/06/04)
• [OpenPKG-SA-2004.019] OpenPKG Security Advisory (kolab) OpenPKG (05/05/04)
• Fuse Talk Vunerabilities Stuart Jamieson (05/05/04)
• Corsaire Security Advisory - Verity Ultraseek path disclosure issue advisories (05/05/04)
• SMF SIZE Tag Script Injection Vulnerability Cheng Peng Su (05/05/04)
• UnixWare 7.1.3 Open UNIX 8.0.0 UnixWare 7.1.1 : apache multiple vulnerabilities, upgraded to apache-1.3.29 please_reply_to_security_at_sco.com (05/05/04)
• [slackware-security] lha update in bin package (SSA:2004-125-01) Slackware Security Team (05/05/04)
• Vulnerabilities In PHPX 3.26 And Earlier JeiAr (05/04/04)
• Re: (HOAX) Dameware Mini Remote Control Version 4.2 ? Weak Key Agreement Scheme DameWare Support (05/04/04)
• remote root exec vulnerability in omail Thijs Dalhuijsen (05/04/04)
• Sasser worm and Embedded Support Partner (ESP) port 5554/tcp SGI Security Coordinator (05/04/04)
• SUSE Security Announcement: kernel (SuSE-SA:2004:010) Roman Drahtmueller (05/04/04)
• @stake: AppleFileServer Remote Command Execution _at_stake Advisories (05/04/04)
• [product-security@apple.com: APPLE-SA-2004-05-03 Security Update 2004-05-03] David Ahmad (05/04/04)
• [slackware-security] libpng update (SSA:2004-124-04) Slackware Security Team (05/03/04)
• [slackware-security] sysklogd update (SSA:2004-124-02) Slackware Security Team (05/03/04)
• [slackware-security] xine-lib update (SSA:2004-124-03) Slackware Security Team (05/03/04)
• [slackware-security] rsync update (SSA:2004-124-01) Slackware Security Team (05/03/04)
• Multible Vulnerabilites in Aldos Webserver oliver_at_greyhat.de (05/03/04)
• Vulnerability in YaBB forum (Perl version without SQL) Dmitry Shurupov (05/02/04)
• RE: After Ms patches last Wed ... InfoSec_at_seba.com (05/03/04)
  • Re: After Ms patches last Wed ... James Riden (05/03/04)
    • Re: After Ms patches last Wed ... Nicholas Weaver (05/04/04)
  • RE: After Ms patches last Wed ... Nick FitzGerald (05/04/04)
• Serv-U LIST -l Parameter Buffer Overflow Aviram Jenik (05/03/04)
• X-Chat[v1.8.0-v2.0.8]: socks-5 remote buffer overflow exploit. Vade 79 (05/03/04)
• [waraxe-2004-SA#026 - Multiple vulnerabilities in Coppermine Photo Gallery for PhpNuke] Janek Vind (05/02/04)
• Crystal Reports Vulnerabilities Imperva Application Defense Center (05/02/04)
  • Re: Crystal Reports Vulnerabilities Michael Ray (05/04/04)
  • RE: Crystal Reports Vulnerabilities Imperva Application Defense Center (05/04/04)
• EEYE: Apple QuickTime (QuickTime.qts) Heap Overflow Marc Maiffret (05/02/04)
• PaX Linux Kernel 2.6 Patches DoS Advisory chris (05/02/04)
• [SECURITY] [DSA 499-1] New rsync packages fix directory traversal bug Matt Zimmerman (05/02/04)
• W32/Sasser a and b SNORT Sigs Martin Overton (05/02/04)
• [SECURITY] [DSA 500-1] New flim packages fix insecure temporary file creation Matt Zimmerman (05/02/04)
• New LSASS-based worm finally here (Sasser) Ben Ryan (05/01/04)
  • Re: New LSASS-based worm finally here (Sasser) Javier Fernandez-Sanguino (05/03/04)
    • Re: [Full-Disclosure] Re: New LSASS-based worm finally here (Sasser) Jason (05/04/04)
      • Re: [Full-Disclosure] Re: New LSASS-based worm finally here (Sasser) Javier Fernandez-Sanguino (05/04/04)
  • RE: New LSASS-based worm finally here (Sasser) Marc Maiffret (05/04/04)
• Will the Sasser worm become the next Blaster? kers0r (05/02/04)
  • Re: Will the Sasser worm become the next Blaster? Gadi Evron (05/01/04)
  • Re: Will the Sasser worm become the next Blaster? Damian Menscher (05/03/04)
  • RE: Will the Sasser worm become the next Blaster? Pullum, Stephen (05/03/04)
• LNSA-#2004-0014: X-Chat vulnerability in Socks-5 proxy Vincenzo Ciaglia (05/01/04)
• Props 0.6.1 XSS and Remote File Viewing Vulnerability Manuel Lopez (05/01/04)
• RE: IE Certificate Stealing (Phising) bug Michael Wojcik (05/01/04)
• LNSA-#2004-0013: Multiple Vulnerabilities in Samba Vincenzo Ciaglia (05/01/04)
• [product-security@apple.com: APPLE-SA-2004-04-30 QuickTime 6.5.1] David Ahmad (05/01/04)
• Re: http://www.smashguard.org Pavel Machek (04/29/04)
  • Re: http://www.smashguard.org Crispin Cowan (04/30/04)
    • Re: http://www.smashguard.org Pavel Machek (04/30/04)
      • Re: http://www.smashguard.org Nicholas Weaver (05/01/04)
    • Re: http://www.smashguard.org Theo de Raadt (05/01/04)
  • Re: http://www.smashguard.org Coleman Kane (05/01/04)
  • Re: http://www.smashguard.org Theo de Raadt (05/01/04)
• RE: Multi stage attacks on networks? Shaun Bertrand (04/30/04)
• Re: Multi stage attacks on networks? Bill Nash (04/30/04)
• MDKSA-2004:041 - Updated ProFTPD packages fix vulnerability Mandrake Linux Security Team (04/30/04)

Last message date: 05/31/04
Archived on: 05/31/04 CEST

---

333 messages sorted by: [ author ] [ date ] [ subject ] [ attachment ]

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > securityfocus  > bugtraq  > 2004-05