SecurityFocus Bugtraq
By Thread

365 messages sorted by: [ author ] [ date ] [ subject ] [ attachment ]

---

Starting: 06/30/04
Ending: 07/31/04

• [EXPL] (MS04-022) Microsoft Windows XP Task Scheduler (.job) Universal Exploit houseofdabus HOD (07/31/04)
• Sonicwall diag tool includes VPN credentlials Milton Lopez (07/30/04)
• Re: [Full-Disclosure] Re: Mozilla Firefox Certificate Spoofing Juan Carlos Navea (07/31/04)
• OpenServer 5.0.6 OpenServer 5.0.7 : Xsco contains a buffer overflow that could be exploited to gain root privileges. please_reply_to_security_at_sco.com (07/30/04)
• [VSA0402] OpenFTPD format string vulnerability VOID.AT Security (07/29/04)
• OpenServer 5.0.6 OpenServer 5.0.7 : uudecode does not check for symlink or pipe please_reply_to_security_at_sco.com (07/30/04)
• OpenServer 5.0.6 OpenServer 5.0.7 : OpenSSL Multiple Vulnerabilities please_reply_to_security_at_sco.com (07/30/04)
• UnixWare 7.1.3 Open UNIX 8.0.0 : Xsco contains a buffer overflow that could be exploited to gain root privileges. please_reply_to_security_at_sco.com (07/30/04)
• Fwd: New possible scam method : forged websites using XUL (Firefox) David Ahmad (07/30/04)
  • Re: New possible scam method : forged websites using XUL (Firefox) Marc (07/31/04)
• [ GLSA 200407-23 ] SoX: Multiple buffer overflows Thierry Carrez (07/30/04)
• Fusion News Yet Another Unauthorized Account Addition Vulnerability Joseph Moniz (07/30/04)
• [CLA-2004:855] Conectiva Security Announcement - sox Conectiva Updates (07/30/04)
• WpQuiz Gain Admin Rightd Exploit found jonathan tough (07/30/04)
• Citadel/UX Remote DoS Vulnerability CoKi (07/29/04)
• MDKSA-2004:077 - Updated wv packages fix vulnerability Mandrake Linux Security Team (07/30/04)
• [CLA-2004:854] Conectiva Security Announcement - samba Conectiva Updates (07/30/04)
• [ GLSA 200407-22 ] phpMyAdmin: Multiple vulnerabilities Thierry Carrez (07/29/04)
• Jaws 0.4: authentication bypass Rubén Molina (07/29/04)
• File downloads in Opera at known locations Rohit Dube (07/29/04)
  • Re: File downloads in Opera at known locations Josh Tolley (07/30/04)
• DansGuardian Hex Encoding URL Banned Extension Filter Bypass Vulnerability Rubén Molina (07/29/04)
• MDKSA-2004:076 - Updated sox packages fix buffer overflows with malicious .wav files Mandrake Linux Security Team (07/29/04)
• lostBook v1.1 Javascript Execution Joseph Moniz (07/29/04)
• Linpha 0.9.4: authentication bypass Rubén Molina (07/29/04)
• [ GLSA 200407-21 ] Samba: Multiple buffer overflows Kurt Lieber (07/29/04)
• ERRATA: [ GLSA 200407-21 ] Samba: Multiple buffer overflows Thierry Carrez (07/29/04)
• OpenServer 5.0.6 OpenServer 5.0.7 : Multiple Vulnerabilities in Sendmail please_reply_to_security_at_sco.com (07/28/04)
  • Re: OpenServer 5.0.6 OpenServer 5.0.7 : Multiple Vulnerabilities in Sendmail George Capehart (07/30/04)
• UnixWare 7.1.3up : tcpdump several vulnerabilities in tcpdump. please_reply_to_security_at_sco.com (07/28/04)
• MDKSA-2004:073 - Updated XFree86 packages fix issue with xdm opening random sockets Mandrake Linux Security Team (07/28/04)
• Re: [Full-Disclosure] Internet Explorer Remote Null Pointer Crash(mshtml.dll) Berend-Jan Wever (07/28/04)
• Pavuk Digest Authentication Buffer Overflow mattmurphy_at_kc.rr.com (07/28/04)
• MDKSA-2004:074 - Updated webmin packages correct remote attacker vulnerabilities Mandrake Linux Security Team (07/28/04)
• MDKSA-2004:072 - Updated postgresql packages fix buffer overflow in odbc driver Mandrake Linux Security Team (07/28/04)
• AntiBoard <= 0.7.2 XSS/SQL Injection Josh Gilmour (07/28/04)
• Aladdin response regarding eSafe Ofer Elzam (07/28/04)
  • Re: Aladdin response regarding eSafe 3APA3A (07/28/04)
    • Re: Aladdin response regarding eSafe Aleksandar Milivojevic (07/30/04)
• MDKSA-2004:075 - Updated mod_ssl packages fix potential vulnerabilities Mandrake Linux Security Team (07/28/04)
• WASC Releases Web Security Threat Classification Jeremiah Grossman (07/28/04)
• [Paper] Small XSS Paper Ferruh Mavituna (07/28/04)
• [CLA-2004:852] Conectiva Security Announcement - kernel Conectiva Updates (07/28/04)
• [SECURITY] [DSA 532-2] New libapache-mod-ssl packages fix multiple vulnerabilities Matt Zimmerman (07/27/04)
• IRM 009: RiSearch and RiSearch ProPro are vulnerable to open FTP/HTTP proxy, directory listings and file disclosure vulnerabilities IRM Advisories (07/27/04)
• [security bulletin] SSRT4782 rev. 0 HP-UX CIFS Server potential remote root access Boren, Rich (SSRT) (07/27/04)
• OSX Panther Internet Connect - Local root br00t_at_blueyonder.co.uk (07/26/04)
• [ GLSA 200407-20 ] Subversion: Vulnerability in mod_authz_svn Joshua J. Berry (07/26/04)
  • Re: [ GLSA 200407-20 ] Subversion: Vulnerability in mod_authz_svn Jack Repenning (07/28/04)
• CVS woes: .cvspass Chiaki (07/26/04)
  • Re: CVS woes: .cvspass Valdis.Kletnieks_at_vt.edu (07/27/04)
    • Re: CVS woes: .cvspass Andreas Beck (07/28/04)
  • Re: CVS woes: .cvspass Greg A. Woods (07/27/04)
    • Re: CVS woes: .cvspass Delian Krustev (07/29/04)
• NucleusCMS 3.01 SQL Injection Vulnerability acidbits_at_hotmail.com (07/25/04)
• Mozilla Firefox Certificate Spoofing E.Kellinis (07/26/04)
  • Re: Mozilla Firefox Certificate Spoofing Chris Brown (07/27/04)
• ASPRunner Multiple Vulnerabilities Ferruh Mavituna (07/26/04)
• QUESTION Alex Mega (07/26/04)
  • Re: QUESTION Viktor Larionov (07/17/04)
• Linux Netwosix Bugzilla - Bugtracking System Vincenzo Ciaglia (07/25/04)
• [ GLSA 200407-19 ] Pavuk: Digest authentication helper buffer overflow Kurt Lieber (07/26/04)
• TSL-2004-0039 - multi Trustix Security Advisor (07/26/04)
• Easyins Stadtportal Francisco Alisson (07/24/04)
• MS SMS DOS Proof-of-concept code and Snort sig wang_at_readyresponse.org (07/24/04)
• eSeSIX Thintune thin client multiple vulnerabilities Loss, Dirk (07/24/04)
• EasyWeb FileManager Directory Traversal sullo_at_cirt.net (07/24/04)
  • Re: EasyWeb FileManager Directory Traversal Noam Rathaus (07/25/04)
• LNSA-#2004-0016: Multiple problems in Ethereal 0.10.4 (Jul, 23 2004) Vincenzo Ciaglia (07/23/04)
• [security bulletin] SSRT4773 HP-UX xfs and stmkfont remote unauthorized access Boren, Rich (SSRT) (07/23/04)
• FW: [Full-Disclosure] Progress and Challenges {tonyFelice} (07/23/04)
• APC Security Advisory – Denial of Service Vulnerability with PowerChuteBusinessEdition security.advisory_at_apcc.com (07/21/04)
• LNSA-#2004-0015: buffer overflow in samba (Jul, 23 2004) Vincenzo Ciaglia (07/23/04)
• eSafe: Could this be exploited? Hugo van der Kooij (07/23/04)
  • Re: eSafe: Could this be exploited? Nick FitzGerald (07/24/04)
  • Re: eSafe: Could this be exploited? Oliver_at_greyhat.de (07/23/04)
  • Re: eSafe: Could this be exploited? 3APA3A (07/24/04)
    • Re: eSafe: Could this be exploited? Andreas Constantinides (MegaHz) (07/25/04)
    • Re: eSafe: Could this be exploited? MegaHz (07/26/04)
      • Re: eSafe: Could this be exploited? Hugo van der Kooij (07/26/04)
      • Re: eSafe: Could this be exploited? Kev Ford (07/28/04)
      • Re: eSafe: Could this be exploited? Nick FitzGerald (07/30/04)
• Apache 1.3.x mod_userdir Exploit (wgetusr.c) John Bissell (07/22/04)
• OpenServer 5.0.7 : Mozilla Multiple issues please_reply_to_security_at_sco.com (07/22/04)
• mi2g attacks "so-called" security sites Rob Rosenberger (07/23/04)
• [SECURITY] [DSA 534-1] New mailreader packages fix directory traversal vulnerability Matt Zimmerman (07/23/04)
• SUSE Security Announcement: samba (SUSE-SA:2004:022) Thomas Biege (07/23/04)
• [SECURITY] [DSA 533-1] New courier packages fix cross-site scripting vulnerability Matt Zimmerman (07/23/04)
• Forward:FullDisclosure/IE - Possible Address Spoofing Liu Die Yu (07/23/04)
  • RE: Forward:FullDisclosure/IE - Possible Address Spoofing Michael Silk (07/28/04)
    • RE: Forward:FullDisclosure/IE - Possible Address Spoofing Chenghuai Lu (07/28/04)
• MDKSA-2004:071 - Updated samba packages fix vulnerability in SWAT, samba-server. Mandrake Linux Security Team (07/23/04)
• SWAT PreAuthorization PoC bugtraq_at_beyondsecurity.com (07/22/04)
• TSSA-2004-014 - samba tinysofa Security Team (07/22/04)
• Samba 3.x swat preauthentication buffer overflow Evgeny Demidov (07/22/04)
• @stake advisory: HP dced Remote Command Execution Multiple OSes Advisories (07/22/04)
• [OpenPKG-SA-2004.033] OpenPKG Security Advisory (samba) OpenPKG (07/22/04)
• [ GLSA 200407-17 ] l2tpd: Buffer overflow Kurt Lieber (07/22/04)
• [CLA-2004:851] Conectiva Security Announcement - samba Conectiva Updates (07/22/04)
• Comcast(tm) Email Manager allows arbitrary java and activex code execution Michael Scheidell (07/22/04)
• [OpenPKG-SA-2004.034] OpenPKG Security Advisory (php) OpenPKG (07/22/04)
• Security Release - Samba 3.0.5 and 2.2.10 Gerald (Jerry) Carter (07/22/04)
• DOS@XitamiHTTPd CoolICE (07/21/04)
• Denial of Service in Conceptronic CADSLR1 Router Administrador de 'Shell Security' (07/21/04)
• [SECURITY] [DSA 531-1] New php4 packages fix multiple vulnerabilities Matt Zimmerman (07/21/04)
• Bug@FlashFTPd CoolICE (07/21/04)
• mi2g - fud, lies and libel not-mi2g_at_hushmail.com (07/21/04)
• [ GLSA 200407-15 ] Opera: Multiple spoofing vulnerabilities Sune Kloppenborg Jeppesen (07/20/04)
• dos_in_file_share_2.6 nekd0 (07/20/04)
• Denial of Service vulnerability in several Lexmark HTTP servers Peter Kruse (07/20/04)
  • Re: Denial of Service vulnerability in several Lexmark HTTP servers Eric Sesterhenn / snakebyte (07/21/04)
• Inappropriate methods exposed in XML -what's the essence? portsmut_at_navigator.lv (07/20/04)
• Buffer overflow in Whisper FTP Surfer 1.0.7 Komrade (07/19/04)
• [FLSA-2004:1324] Updated libxml2 resolves security vulnerabilities Jesse Keating (07/20/04)
• [FLSA-2004:1734] Updated mailman resolves security vulnerability Jesse Keating (07/20/04)
• [ GLSA 200407-14 ] Unreal Tournament 2003/2004: Buffer overflow in 'secure' queries Thierry Carrez (07/19/04)
• More Webserver / IE Exploits Hubbard, Dan (07/19/04)
  • Re: More Webserver / IE Exploits Benjamin Franz (07/20/04)
• PhpBB HTTP Response Splitting & Cross Site Scripting vulnerabilities Ory Segal (07/20/04)
• OpenServer 5.0.6 OpenServer 5.0.7 : MMDF Various buffer overflows and other security issues please_reply_to_security_at_sco.com (07/20/04)
• RE: Mac OS X stores login/Keychain/FileVault passwords on disk Michael Shirk (07/19/04)
• Artmedic kleinanzeigen include vulnerability Francisco Alisson (07/19/04)
• [waraxe-2004-SA#036 - Multiple security holes in PhpNuke - part 3] Janek Vind (07/18/04)
• new utilman.exe exploit (allinone remote exploitation) Iván Rodriguez Almuiña (07/17/04)
• [SECURITY] [DSA 528-1] New ethereal packages fix denial of service Matt Zimmerman (07/18/04)
• [SECURITY] [DSA 530-1] New l2tpd packages fix buffer overflow Matt Zimmerman (07/18/04)
• [SECURITY] [DSA 529-1] New netkit-telnet-ssl package fixes format string vulnerability Matt Zimmerman (07/18/04)
• Mozilla Bug Isn't So Bad Paul (07/17/04)
  • Re: Mozilla Bug Isn't So Bad Bill (07/19/04)
• What A Drag http-equiv_at_excite.com (07/18/04)
• utilman.exe exploit Iván Rodriguez Almuiña (07/17/04)
• Web_Store.cgi allows Command Execution Zero_X www.lobnan.de Team (07/17/04)
• Medal of Honor remote buffer-overflow Luigi Auriemma (07/17/04)
• MSIE Overly Trusted Location Variant Method Cache Vulnerability Paul (07/17/04)
• [FMADV] Format String Bug in OllyDbg 1.10 ned (07/17/04)
• [CLA-2004:848] Conectiva Security Announcement - webmin Conectiva Updates (07/17/04)
• [CLA-2004:847] Conectiva Security Announcement - php4 Conectiva Updates (07/16/04)
• Hotmail Cross Site Scripting Vulnerability Paul (07/16/04)
  • Re: Hotmail Cross Site Scripting Vulnerability GreyMagic Security (07/17/04)
  • Re: Hotmail Cross Site Scripting Vulnerability Andrew Hunter (07/17/04)
• [tool] webstretch 0.1.6 http inspection proxy Simon Shanks (07/12/04)
• [OpenPKG-SA-2004.032] OpenPKG Security Advisory (apache) OpenPKG (07/16/04)
• [ GLSA 200407-12 ] Linux Kernel: Remote DoS vulnerability with IPTables TCP Handling Tim Yamin (07/14/04)
• RE: RE: HijackClick 3 Thor Larholm (07/15/04)
• RE: MSIE Similar Method Name Redirection Cross Site/Zone Scripting Vulnerability Thor Larholm (07/15/04)
• [waraxe-2004-SA#035 - Multiple security holes in PhpNuke - part 2] Janek Vind (07/17/04)
• [security bulletin] SSRT4704 rev.0 HP-UX wu-ftpd local unauthorized access Boren, Rich (SSRT) (07/16/04)
• [waraxe-2004-SA#034 - XSS and path full path disclosure in PhpBB 2.0.8] Janek Vind (07/16/04)
• SUSE Security Announcement: php4 (SUSE-SA:2004:021) Sebastian Krahmer (07/16/04)
• MDKSA-2004:069 - Updated ipsec-tools packages fix multiple vulnerabilities Mandrake Linux Security Team (07/15/04)
  • [Tool] HardTCP "Hardening TCP/IP" + SOURCE D'Amato Luigi (07/16/04)
• Trend Micro Officescan for Win2k strange behaviour Marco Monicelli (07/14/04)
  • RE: Trend Micro Officescan for Win2k strange behaviour Seth Hall (07/16/04)
  • Re: Trend Micro Officescan for Win2k strange behaviour 3APA3A (07/16/04)
• White Paper: 0x00 vs ASP file upload scripts Brett Moore (07/13/04)
  • Re: White Paper: 0x00 vs ASP file upload scripts Martin Eiszner (07/16/04)
• The Impact of RFC Guidelines on DNS Spoofing Attacks have2Banonymous (07/12/04)
  • RE: The Impact of RFC Guidelines on DNS Spoofing Attacks have2Banonymous (07/18/04)
• Re: Mac OS X stores login/Keychain/FileVault passwords on disk Adi Kriegisch (07/12/04)
  • Re: Mac OS X stores login/Keychain/FileVault passwords on disk Theo Van Dinter (07/15/04)
    • Re: Mac OS X stores login/Keychain/FileVault passwords on disk Adi Kriegisch (07/23/04)
  • Re: Mac OS X stores login/Keychain/FileVault passwords on disk Ray Slakinski (07/16/04)
  • Re: Mac OS X stores login/Keychain/FileVault passwords on disk johnny_at_ihackstuff.com (07/16/04)
  • Re: Mac OS X stores login/Keychain/FileVault passwords on disk Kurt Seifried (07/17/04)
    • Re: Mac OS X stores login/Keychain/FileVault passwords on disk Chris Boyd (07/19/04)
    • Re: Mac OS X stores login/Keychain/FileVault passwords on disk James Goodlet (07/19/04)
• [CLA-2004:846] Conectiva Security Announcement - kernel Conectiva Updates (07/15/04)
• [ GLSA 200407-13 ] PHP: Multiple security vulnerabilities Kurt Lieber (07/15/04)
• MDKSA-2004:068 - Updated php packages fix multiple vulnerabilities Mandrake Linux Security Team (07/15/04)
• MDKSA-2004:070 - Updated freeswan and super-freeswan packages fix certificate chain authentication vulnerability Mandrake Linux Security Team (07/15/04)
• [HV-MED] DoS in Microsoft SMS Client vuln_at_hexview.com (07/14/04)
• PHP BB bug sasan hezarkhani (07/12/04)
  • Re: PHP BB bug Rich Lafferty (07/15/04)
  • Re: PHP BB bug micheal_at_michealcottingham.com (07/15/04)
  • Re: PHP BB bug Micheal Cottingham (07/18/04)
• TSSA-2004-013 - php tinysofa Security Team (07/14/04)
• RE: HijackClick 3 http-equiv_at_excite.com (07/14/04)
• [security bulletin] SSRT4741 rev.1 DCE for HP OpenVMS Potential RPC Buffer Overflow Attack VU#259796, VU#568148, VU#326746 Boren, Rich (SSRT) (07/14/04)
• RE: [Full-Disclosure] Re: IE Shell URI Download and Execute, POC Ferruh Mavituna (07/14/04)
  • RE: [Full-Disclosure] Re: IE Shell URI Download and Execute, POC Drew Copley (07/14/04)
  • RE: [Full-Disclosure] Re: IE Shell URI Download and Execute, POC Todd Towles (07/14/04)
    • Re: [Full-Disclosure] Re: IE Shell URI Download and Execute, POC Fabricio A. Angeletti (07/17/04)
      • RE: [Full-Disclosure] Re: IE Shell URI Download and Execute, POC Ferruh Mavituna (07/17/04)
  • RE: [Full-Disclosure] Re: IE Shell URI Download and Execute, POC Ferruh Mavituna (07/14/04)
• Advisory 11/2004: PHP memory_limit remote vulnerability Stefan Esser (07/14/04)
• [ GLSA 200407-11 ] wv: Buffer overflow vulnerability Thierry Carrez (07/14/04)
• Advisory 12/2004: PHP strip_tags() bypass vulnerability Stefan Esser (07/14/04)
• Ref: http://www.securityfocus.com/archive/1/367866, Jul 1 2004 1:19PM, Subj: Brightmail leaks other user's spam Sym Security (07/14/04)
• Unchecked buffer in mstask.dll Brett Moore (07/14/04)
  • RE: Unchecked buffer in mstask.dll Thor Larholm (07/14/04)
    • Re: Unchecked buffer in mstask.dll Mark Litchfield (07/15/04)
  • RE: Unchecked buffer in mstask.dll Paul Szabo (07/15/04)
    • Re: [Full-Disclosure] RE: Unchecked buffer in mstask.dll Jordan Cole (stilist) (07/15/04)
      • Re: [Full-Disclosure] RE: Unchecked buffer in mstask.dll Nick FitzGerald (07/15/04)
      • Re: [Full-Disclosure] RE: Unchecked buffer in mstask.dll Curt Purdy (07/15/04)
    • RE: Unchecked buffer in mstask.dll Dmitry Yu. Bolkhovityanov (07/16/04)
      • RE: [ok] [Full-Disclosure] RE: Unchecked buffer in mstask.dll Curt Purdy (07/16/04)
  • RE: Unchecked buffer in mstask.dll Thor Larholm (07/15/04)
• Microsoft Windows Task Scheduler '.job' Stack Overflow NGSSoftware Insight Security Research (07/14/04)
• HtmlHelp - .CHM File Heap Overflow Brett Moore (07/14/04)
• Find the tag continued James C. Slora, Jr. (07/13/04)
• RE: Re: HijackClick 3 Drew Copley (07/13/04)
• aterm 0.4.2 tty permission weakness Maarten Tielemans (07/13/04)
  • Re: aterm 0.4.2 tty permission weakness Armin Wolfermann (07/14/04)
  • Re: aterm 0.4.2 tty permission weakness Coleman Kane (07/14/04)
  • Re: aterm 0.4.2 tty permission weakness Sebastian Hans (07/14/04)
  • Re: [security] aterm 0.4.2 tty permission weakness lorenzo (07/14/04)
• phrack #62 has been released phrack staff (07/13/04)
  • RE: phrack #62 has been released Glenn_Everhart_at_bankone.com (07/14/04)
• Microsoft Window Utility Manager Local Elevation of Privileges Vivek Rathod (Application Security, Inc.) (07/13/04)
  • Re: Microsoft Window Utility Manager Local Elevation of Privileges Chris Paget (07/14/04)
    • Re: Microsoft Window Utility Manager Local Elevation of Privileges KF (lists) (07/14/04)
    • Re: Microsoft Window Utility Manager Local Elevation of Privileges Cesar (07/15/04)
• IE Shell URI Download and Execute, POC Ferruh Mavituna (07/13/04)
• Re: MSIE Similar Method Name Redirection Cross Site/Zone Scripting Vulnerability http-equiv_at_excite.com (07/13/04)
• @stake advisory: WebSTAR (5.3.2 and below) Multiple Vulnerabilities Advisories (07/13/04)
• Moodle XSS Vulnerability Thomas Waldegger (07/13/04)
  • Re: Moodle XSS Vulnerability Martin Dougiamas (07/17/04)
• Two Vulnerabilities in Mozilla may lead to remote compromise Mind Warper (07/13/04)
  • Re: Two Vulnerabilities in Mozilla may lead to remote compromise Philliph (07/13/04)
  • Re: Two Vulnerabilities in Mozilla may lead to remote compromise Daniel Veditz (07/13/04)
  • RE: Two Vulnerabilities in Mozilla may lead to remote compromise Jelmer (07/13/04)
    • RE: Two Vulnerabilities in Mozilla may lead to remote compromise Pavel Kankovsky (07/14/04)
  • Re: Two Vulnerabilities in Mozilla may lead to remote compromise Mind Warper (07/13/04)
  • RE: Two Vulnerabilities in Mozilla may lead to remote compromise Darren Pilgrim (07/13/04)
• MSIE Similar Method Name Redirection Cross Site/Zone Scripting Vulnerability Paul (07/11/04)
• Remote crash of Half-Life servers and clients (versions before the 07 July 2004) Luigi Auriemma (07/12/04)
• [ GLSA 200407-09 ] MoinMoin: Group ACL bypass Kurt Lieber (07/11/04)
• MOZILLA: SHELL can execute remote EXE program liudieyu_at_umbrella.name (07/09/04)
• HijackClick 3 Paul (07/11/04)
  • Re: HijackClick 3 http-equiv_at_excite.com (07/12/04)
    • Re: Re: HijackClick 3 Paul (07/13/04)
• I small poem in JScript Berend-Jan Wever (07/11/04)
• Media Preview Script Execution Vulnerability Paul (07/11/04)
• MSIE Download Window Filename + Filetype Spoofing Vulnerability Paul (07/11/04)
  • RE: MSIE Download Window Filename + Filetype Spoofing Vulnerability Drew Copley (07/12/04)
  • RE: MSIE Download Window Filename + Filetype Spoofing Vulnerability Polazzo Justin (07/12/04)
  • RE: MSIE Download Window Filename + Filetype Spoofing Vulnerability Drew Copley (07/13/04)
  • RE: MSIE Download Window Filename + Filetype Spoofing Vulnerability Eric McCarty (07/12/04)
• [BUGZILLA] Multiple vulnerabilities in Bugzilla 2.16.5 and 2.17.7 David Miller (07/11/04)
• [ GLSA 200407-10 ] rsync: Directory traversal in rsync daemon Kurt Lieber (07/12/04)
• MSOE Javascript Execution Vulnerability Paul (07/11/04)
  • Re: MSOE Javascript Execution Vulnerability Fabricio A. Angeletti (07/13/04)
  • Re: MSOE Javascript Execution Vulnerability Monu (07/13/04)
• [tool] p0f 2.0.4 is out Michal Zalewski (07/10/04)
• current leading bots used in drone armies [June/July 2004] Gadi Evron (07/08/04)
  • Re: current leading bots used in drone armies [June/July 2004] Jan Knutar (07/11/04)
• Covert Channels allow Cross-Site-Java in Microsoft VM Marc Schoenefeld (07/10/04)
  • Re: Covert Channels allow Cross-Site-Java in Microsoft VM Siva Subbu (07/11/04)
    • Re: Covert Channels allow Cross-Site-Java in Microsoft VM Marc Schoenefeld (07/11/04)
• MDKSA-2004:067 - Updated ethereal packages fix multiple vulnerabilities Mandrake Linux Security Team (07/09/04)
• CYBSEC - Security Advisory: Denial of Service in IBM WebSphere Edge Server Leandro Meiners (07/08/04)
• [ GLSA 200407-08 ] Ethereal: Multiple security problems Kurt Lieber (07/09/04)
• MOZILLA: execute local file and its fix liudieyu_at_umbrella.name (07/09/04)
• Microsoft Word Email Object Data Vulnerability James C. Slora, Jr. (07/08/04)
  • Re: Microsoft Word Email Object Data Vulnerability http-equiv_at_excite.com (07/09/04)
  • RE: Microsoft Word Email Object Data Vulnerability Drew Copley (07/09/04)
• Mozilla Security Advisory 2004-07-08 dveditz_at_cruzio.com (07/09/04)
• [OpenPKG-SA-2004.031] OpenPKG Security Advisory (dhcpd) OpenPKG (07/08/04)
• Norton AntiVirus Denial Of Service Vulnerability [Part: !!!] Bipin Gautam (07/09/04)
  • Re: Norton AntiVirus Denial Of Service Vulnerability [Part: !!!] Tom Spencer (07/09/04)
  • RE: Norton AntiVirus Denial Of Service Vulnerability [Part: !!!] Eric McCarty (07/09/04)
  • Re: Norton AntiVirus Denial Of Service Vulnerability [Part: !!!] Bipin Gautam (07/10/04)
  • RE: Norton AntiVirus Denial Of Service Vulnerability [Part: !!!] DaiTengu (07/10/04)
  • RE: Norton AntiVirus Denial Of Service Vulnerability [Part: !!!] Sym Security (07/13/04)
  • RE: Norton AntiVirus Denial Of Service Vulnerability [Part: !!!] Sym Security (07/13/04)
  • Re: Norton AntiVirus Denial Of Service Vulnerability [Part: !!!] Bipin Gautam (07/16/04)
• [GLSA 200407-06] libpng: Buffer overflow on row buffers Sune Kloppenborg Jeppesen (07/08/04)
• [ GLSA 200407-07 ] Shorewall : Insecure temp file handling Thierry Carrez (07/08/04)
• Security contact wanted S G Masood (07/08/04)
  • Re: Security contact wanted Patrick van Zweden (07/11/04)
• Scob variant using IIS 6.0 or just upgrades ? Hubbard, Dan (07/07/04)
• Suggestion: erase data posted to the Web Andrew Daviel (07/07/04)
  • RE: Suggestion: erase data posted to the Web Michael Wojcik (07/08/04)
    • Re: Suggestion: erase data posted to the Web devnull_at_Rodents.Montreal.QC.CA (07/09/04)
  • Re: Suggestion: erase data posted to the Web Nick Lamb (07/08/04)
  • Re: Suggestion: erase data posted to the Web Luciano Miguel Ferreira Rocha (07/08/04)
• Comersus Cart Improper Request Handling Thomas Ryan (07/07/04)
• FW: [security bulletin] SSRT4718 rev.0 HP Tru64 UNIX NTP Integer Overflow Boren, Rich (SSRT) (07/07/04)
• Can we prevent IE exploits a priori? security-bugtraq_at_marketshark.net (07/07/04)
  • RE: Can we prevent IE exploits a priori? Drew Copley (07/07/04)
    • Re: Can we prevent IE exploits a priori? Jason Coombs (07/09/04)
  • RE: Can we prevent IE exploits a priori? James C Slora Jr (07/08/04)
  • Re: Can we prevent IE exploits a priori? Thor Larholm (07/09/04)
  • Re: Can we prevent IE exploits a priori? bugtraq223344_at_mailinator.com (07/12/04)
• Npds BB HTML Injection Benjamin Tolman (07/07/04)
• Comersus Cart Cross-Site Scripting Vulnerability Thomas Ryan (07/07/04)
• Enterasys XSR Security Router Record Route Denial Of Service Vulnerability (More information) Frederico Queiroz (07/07/04)
• MDKSA-2004:066 - Updated kernel packages fix multiple vulnerabilities Mandrake Linux Security Team (07/07/04)
• Eudora 6.1.2 attachment spoof Paul Szabo (07/06/04)
• backdoor menu on conexant chipset dsl router (Zoom X3) Adam Laurie (07/06/04)
• Re: [ISN] E-Mail Snooping Ruled Permissible Jason Coombs (07/06/04)
• [OpenPKG-SA-2004.030] OpenPKG Security Advisory (png) OpenPKG (07/06/04)
• xingtone opens server on desktop using undocumented protocol (probably http) Burton M. Strauss III (07/06/04)
• Do not adopt OIS standards (Was: Public Review of OIS Security Vulnerability Reporting and Response Guidelines) Ferguson, Ann (07/06/04)
• [ GLSA 200407-05 ] XFree86, X.org: XDM ignores requestPort setting Thierry Carrez (07/05/04)
• RE: Microsoft and Security Alun Jones (07/04/04)
  • RE: Microsoft and Security Radoslav Dejanovic (07/05/04)
  • Re: Microsoft and Security Justin Wheeler (07/05/04)
    • RE: Microsoft and Security Alun Jones (07/06/04)
      • RE: Microsoft and Security David F. Skoll (07/06/04)
      • Re: Microsoft and Security Adam Shostack (07/07/04)
      • Re: Microsoft and Security Valdis.Kletnieks_at_vt.edu (07/09/04)
      • Re: Microsoft and Security Charles Otstot (07/12/04)
      • Re: Microsoft and Security Lucas Holt (07/17/04)
  • Re: Microsoft and Security Jason Coombs (07/06/04)
• Re: Java applet crashing with native assertion Ronald Oussoren (07/03/04)
• Fastream NETFile FTP/Web Server Input validation Errors at4r (07/04/04)
• unreal ircd ip cloaking subsystem vulnerability bartavelle (07/05/04)
• [ GLSA 200407-03 ] Apache 2: Remote denial of service attack Thierry Carrez (07/04/04)
• XSS in 12Planet Chat Server 2.9 Donato Ferrante (07/05/04)
• [ GLSA 200407-04 ] Pure-FTPd: Potential DoS when maximum connections is reached Thierry Carrez (07/04/04)
• Linux Virtual Server/Secure Context procfs shared permissions flaw Veit Wahlich (07/04/04)
• MySQL Authentication Bypass NGSSoftware Insight Security Research (07/05/04)
  • BENCHMARK() is not the only way to determine successfull MySQL injection Philip Stoev (07/06/04)
• [SECURITY] [DSA 526-1] New webmin packages fix multiple vulnerabilities Matt Zimmerman (07/03/04)
• Re: DLINK 614+ - SOHO routers, system DOS Gregory Duchemin (07/04/04)
• [SECURITY] [DSA 527-1] New pavuk packages fix buffer overflow Matt Zimmerman (07/03/04)
• The 3 D's: Demo for the Dullards and Dunces http-equiv_at_excite.com (07/03/04)
• Cart32 Input Validation Flaw in 'GetLatestBuilds?cart32=' Permits Remote Cross-Site Scripting Attacks Dr Ponidi (07/03/04)
• Public Review of OIS Security Vulnerability Reporting and Response Guidelines OIS (07/02/04)
  • Re: [Full-Disclosure] Public Review of OIS Security Vulnerability Reporting and Response Guidelines dave (07/04/04)
    • Re: [Dailydave] Re: [Full-Disclosure] Public Review of OIS Security Vulnerability Reporting and Response Guidelines Halvar Flake (07/05/04)
    • Re: Public Review of OIS Security Vulnerability Reporting and Response Guidelines Pete Herzog (07/05/04)
    • Re: [Full-Disclosure] Public Review of OIS Security Vulnerability Reporting and Response Guidelines rsh_at_idirect.com (07/06/04)
  • Re: Public Review of OIS Security Vulnerability Reporting and ResponseGuidelines Fred Mobach (07/04/04)
    • Re: Public Review of OIS Security Vulnerability Reporting and ResponseGuidelines ET LoWNOISE (07/08/04)
• Re: [Full-Disclosure] Fix for IE ADODB.Stream vulnerability is out http-equiv_at_excite.com (07/03/04)
• THE INSIDER VULNERABILITY STILL WORKS AFTER TODAY'S PATCH liudieyu_at_umbrella.name (07/03/04)
  • RE: [Full-Disclosure] THE VULNERABILITY STILL WORKS AFTER TODAY'S PATCH Jelmer (07/03/04)
• RE: RE: SUPER SPOOF DELUXE Re: [Full-Disclosure] Microsoft and Security http-equiv_at_excite.com (07/02/04)
• Enterasys XSR Security Routers DoS Frederico Queiroz (07/02/04)
• Registry Fix For Variant of Scob Drew Copley (07/02/04)
  • RE: Registry Fix For Variant of Scob Thor Larholm (07/04/04)
    • RE: Registry Fix For Variant of Scob Jelmer (07/06/04)
  • RE: Registry Fix For Variant of Scob Drew Copley (07/06/04)
  • Re: Registry Fix For Variant of Scob http-equiv_at_excite.com (07/06/04)
• [HW-MED] XSS in Netegrity IdentityMinder vuln_at_hexview.com (07/01/04)
• Registry fixes for the recent IE vulnerabilities Mike Cheng (07/01/04)
• Sanity check in Centre Manip (07/01/04)
• XSS in SCI Photo Chat Server 3.4.9 Donato Ferrante (07/02/04)
• Multiple Vulnerabilities in Easy Chat Server 1.2 Donato Ferrante (07/02/04)
• FreeBSD Security Advisory FreeBSD-SA-04:13.linux FreeBSD Security Advisories (07/01/04)
• SUSE Security Announcement: kernel (SUSE-SA:2004:020) Roman Drahtmueller (07/02/04)
• Brightmail leaks other user's spam Thomas Springer (07/01/04)
• [ GLSA 200407-01 ] Esearch: Insecure temp file handling Joshua J. Berry (07/01/04)
• MD5 hash cracking service md5er (07/01/04)
• Announce: RSBAC v1.2.3 released Amon Ott (07/02/04)
• DLINK 624, script injection vulnerability Gregory Duchemin (07/01/04)
• Re: Microsoft technologies. By default, non-HIPAA compliant? Dave Paris (06/30/04)
  • Re: Microsoft technologies. By default, non-HIPAA compliant? Nicholas Weaver (07/01/04)
  • Re: Microsoft technologies. By default, non-HIPAA compliant? Nick FitzGerald (07/01/04)
• DoS against Domino 6.5.1 Andreas Klein (06/30/04)
  • Re: DoS against Domino 6.5.1 Andreas Klein (07/23/04)
• SecurityLab report: The Top 10 Most Critical Vulnerabilities in June 2004 Alexander (06/30/04)
• (IE/SCOB) Switching Software Because of Bugs: Some Facts About Software and Security bugs Drew Copley (06/30/04)
  • Re: (IE/SCOB) Switching Software Because of Bugs: Some Facts About Software and Security bugs Thomas C. Greene (07/07/04)
• Unprevileged user can change quota on Domino Andreas Klein (06/30/04)
• RE: Microsoft technologies. By default, non-HIPAA compliant? Boring, Andrew (06/30/04)
  • RE: Microsoft technologies. By default, non-HIPAA compliant? bob_at_dexis.net (07/01/04)
  • RE: Microsoft technologies. By default, non-HIPAA compliant? Anything But Microsoft (07/06/04)
    • RE: Microsoft technologies. By default, non-HIPAA compliant? Tina Bird (07/06/04)
• FW: [security bulletin] SSRT3552 HP-UX running ARPA transport local Denial of Service (DoS) Boren, Rich (SSRT) (06/29/04)
• Re: php codes injection in phpMyAdmin version 2.5.7. Marc Delisle (06/30/04)
  • Re: php codes injection in phpMyAdmin version 2.5.7. Marc Delisle (07/01/04)

Last message date: 07/31/04
Archived on: 07/31/04 CEST

---

365 messages sorted by: [ author ] [ date ] [ subject ] [ attachment ]

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > securityfocus  > bugtraq  > 2004-07