SecurityFocus Bugtraq
By Author

466 messages sorted by: [ date ] [ thread ] [ subject ] [ attachment ]

Starting: 09/01/04
Ending: 09/30/04

3APA3A
- Correction to latest Colsaire advisories (09/13/04)
- Re: Remote buffer overflow in Apache mod_ssl when reverse proxying SSL (09/13/04)
- Re: cdrdao local root exploit (09/07/04)
Adam Jacob Muller
- Re: Diebold Global Election Management System (GEMS) Backdoor Acc ount Allows Authenticated Users to Modify Votes (09/28/04)
Adam Shostack
- Re: Diebold Global Election Management System (GEMS) Backdoor (09/28/04)
- Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes (09/29/04)
- Apple, Apple Remote Desktop client (09/05/04)
admin_at_exploitwatch.org
- [exploitwatch.org] ALERT: Windows XP JPEG Buffer Overflow POC Exploit (09/17/04)
admin_at_leetflash.com
- www.proboards.com / YaBB XSS Vuln (09/16/04)
Advisories
- Vignette Application Portal Unauthenticated Diagnostics (09/28/04)
- Re:[3] Corsaire Security Advisory - Multiple vendor MIME RFC2047 encoding issue (09/24/04)
- RE: Correction to latest Colsaire advisories (09/24/04)
- Re:[2] Corsaire Security Advisory - Multiple vendor MIME RFC2047 encoding issue (09/17/04)
- RE: Correction to latest Colsaire advisories (09/16/04)
- Re: Correction to latest Colsaire advisories (09/15/04)
- Corsaire Security Advisory - Multiple vendor MIME field whitespace issue (09/14/04)
- Corsaire Security Advisory - Multiple vendor MIME RFC2231 encoding issue (09/14/04)
- Corsaire Security Advisory - Multiple vendor MIME field quoting issue (09/14/04)
- Corsaire Security Advisory - Multiple vendor MIME RFC2047 encoding issue (09/14/04)
- Corsaire Security Advisory - Multiple vendor MIME Content-Transfer-Encoding mechanism issue (09/14/04)
- Corsaire Security Advisory - Multiple vendor MIME field multiple occurrence issue (09/14/04)
- Corsaire Security Advisory - Multiple vendor MIME separator issue (09/14/04)
- Corsaire Security Advisory - Multiple vendor MIME RFC822 comment issue (09/14/04)
- @stake advisory: Pingtel Xpressa Denial of Service (09/13/04)
Ahmad Muammar
- Multiple vulnerabilities 1n BBS E-Market Professional (09/09/04)
- FUll Path Disclosure in YABBSE (09/04/04)
albatross_at_tim.it
- Re: Microsoft's GDI Detetection Tool faults (09/27/04)
- Microsoft's GDI Detetection Tool faults (09/24/04)
Albert Puigsech Galicia
- RE: CuteNews News.txt writable to world (08/31/04)
Aleksandar Milivojevic
- Re: Diebold Global Election Management System (GEMS) Backdoor Acc ount Allows Authenticated Users to Modify Votes (09/28/04)
- Re: New whitepaper "The Phishing Guide" (09/27/04)
- Re: New whitepaper "The Phishing Guide" (09/23/04)
Alexander Antipov
- Multiple vulnerabilities in w-agora forum (09/30/04)
alireza hassani
- New XSS vulnerabilities in paFileDB 3.1 final (09/25/04)
Alpt
- The ArpSucker is b0rn! Be yourself, be the net. (09/13/04)
Altheide, Cory B. (IARC)
- RE: New Data Wipe Tools (09/13/04)
Andreas Marx
- Re: Microsoft's GDI Detetection Tool faults (09/26/04)
- Serious Security Issue in Windows XP SP2's Firewall (09/19/04)
- Re: Correction to latest Colsaire advisories (09/15/04)
Andrew Daviel
- Promiscuous email printing in Canon imageRunner (09/24/04)
Angelidis, Fotis(NSASOUDABAY)
- RE: Microsoft GDIPlus.DLL JPEG Parsing Engine Buffer Overflow (09/16/04)
Angelo Rosiello
- Sudo Exploit by Rosiello Security (09/18/04)
Atom 'Smasher'
- Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes (09/22/04)
Barry Fitzgerald
- Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes (09/22/04)
Bas Alberts
- Fwd: Theo's presentation on exploit prevention (09/16/04)
bashis
- Re: [Bugtraq] McAfee VirusScan Privilege Escalation Vulnerability [iDEFENSE] (09/15/04)
Ben
- GDI Virus in the wild. (09/27/04)
bima tampan
- [XSS]/SQL Injection PHP-Nuke Edit/Save Message(s) Bug (09/14/04)
- [XSS]/SQL Injection PHP-Nuke Delete Message(s) Bug (09/08/04)
Blaine Elzey
- Re: [XSS] PHP-Nuke 7.4 Bugs (09/05/04)
Bloody_A
- Re: glFTPd local stack buffer overflow (09/21/04)
Bob Toxen
- Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes (09/27/04)
Boren, Rich (SSRT)
- [security bulletin] SSRT4794 rev.0 HPStorageWorks Command View XP access restriction bypass (09/29/04)
- [security bulletin] SSRT4739 rev.0 HP WebJetadmin arbitrary command execution (09/16/04)
- [security bulletin] SSRT3657 rev.3 HP-UX CDE libDtHelp buffer overflow (09/01/04)
Borja Marcos
- Re: Corsaire Security Advisory - Multiple vendor MIME RFC2047 encoding issue (09/17/04)
Brendan Murray
- Re: New Data Wipe Tools (09/11/04)
Brian Dessent
- Re: New whitepaper "The Phishing Guide" (09/27/04)
Brian Kirkbride
- Re: Diebold Global Election Management System (GEMS) Backdoor Account (09/28/04)
Bruce Barnett
- RE: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes (09/28/04)
Calum
- Re: ICMP spoofed source tunneling (09/28/04)
Casper Dik
- Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes (09/29/04)
- Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes (09/28/04)
Cassidy Macfarlane
- RE: JPEG Processing BOF Proof Of Concept (09/17/04)
Chip Andrews
- Re: New whitepaper "The Phishing Guide" (09/27/04)
Chip Mefford
- Re: Promiscuous email printing in Canon imageRunner (09/24/04)
Chris Norton
- Re: Vulnerability in IBM Windows XP: default hidden Administrator account allows local Administrator access (09/17/04)
Chris Wysopal
- @stake advisory: Lexar JumpDrive Secure Password Extraction (09/13/04)
chris_at_scary.beasts.org
- CESA-2004-004: libXpm (09/15/04)
- CESA-2004-005: gtk+ XPM decoder (09/15/04)
Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Vulnerabilities in Kerberos 5 Implementation (08/31/04)
Claudius Li
- Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes (09/24/04)
cns
- IE6 + XP SP2 Vulnerability (09/16/04)
CoKi
- glFTPd local stack buffer overflow (09/19/04)
Coleman
- Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes (09/28/04)
- Re: cdrecord local root exploit (09/15/04)
Colm Buckley
- Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes (09/29/04)
Colm MacCarthaigh
- Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes (09/28/04)
Conectiva Updates
- [CLA-2004:870] Conectiva Security Announcement - imlib (09/28/04)
- [CLA-2004:869] Conectiva Security Announcement - kernel (09/27/04)
- [CLA-2004:868] Conectiva Security Announcement - apache (09/23/04)
- [CLA-2004:866] Conectiva Security Announcement - qt3 (09/22/04)
- [CLA-2004:867] Conectiva Security Announcement - spamassassin (09/22/04)
- [CLA-2004:865] Conectiva Security Announcement - zlib (09/13/04)
- [CLA-2004:864] Conectiva Security Announcement - kde (09/13/04)
- [CLA-2004:863] Conectiva Security Announcement - wv (09/10/04)
- [CLA-2004:860] Conectiva Security Announcement - krb5 (09/10/04)
Craig Paterson
- Re: Diebold Global Election Management System (GEMS) Backdoor Acc ount Allows Authenticated Users to Modify Votes (09/29/04)
- Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes (09/22/04)
Criolabs
- SQL-Injection in Subjects 2.0 for Postnuke (09/10/04)
- Password Protect XSS and SQL-Injection vulnerabilities. (08/31/04)
Crispin Cowan
- Re: Diebold Global Election Management System (GEMS) Backdoor (09/28/04)
- Re: New whitepaper "The Phishing Guide" (09/28/04)
customer service mailbox
- iDEFENSE Security Advisory 09.27.04 - IBM AIX ctstrtcasd Local File Corruption Vulnerability (09/27/04)
- iDEFENSE Security Advisory 09.22.04 - Sophos Small Business Suite Reserved Device Name Handling Vulnerability (09/22/04)
- iDEFENSE Security Advisory 09.16.04: Ipswitch WhatsUp Gold Remote Denial of Service Vulnerability (09/16/04)
- iDEFENSE Security Advisory 09.15.04: GNU Radius SNMP String Length Integer Overflow Denial of Service Vulnerability (09/15/04)
Dan Margolis
- [ GLSA 200409-15 ] Webmin, Usermin: Multiple vulnerabilities in Usermin (09/12/04)
Dana Hudes
- Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes (09/29/04)
Daniel Bertrand
- Important message to Bugtraq Subscribers! (09/17/04)
Daniel Fabian
- Motorola Wireless Router WR850G Authentication Circumvention (09/23/04)
- Motorola Wireless Router WR850G Authentication Circumvention (09/24/04)
Daniel Veditz
- Re: New whitepaper "The Phishing Guide" (09/24/04)
Dave Paris
- Re: ICMP spoofed source tunneling (09/22/04)
David Ahmad
- [nisr@nextgenss.com: Patch available for multiple critical flaws in Oracle] (09/01/04)
David Brodbeck
- RE: Diebold Global Election Management System (GEMS) Backdoor Acc ount Allows Authenticated Users to Modify Votes (09/28/04)
- RE: Diebold Global Election Management System (GEMS) Backdoor Acc ount Allows Authenticated Users to Modify Votes (09/27/04)
David Covin
- Re: Corsaire Security Advisory - Multiple vendor MIME RFC2047 encoding issue (09/15/04)
David F. Skoll
- Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes (09/28/04)
- Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes (09/29/04)
- Re: Diebold Global Election Management System (GEMS) Backdoor Acc ount Allows Authenticated Users to Modify Votes (09/28/04)
- Re: Re:[3] Corsaire Security Advisory - Multiple vendor MIME RFC2047 encoding issue (09/27/04)
- Re:[3] Corsaire Security Advisory - Multiple vendor MIME RFC2047 encoding issue (09/26/04)
- Re:[2] Corsaire Security Advisory - Multiple vendor MIME RFC2047 encoding issue (09/18/04)
- Re: Corsaire Security Advisory - Multiple vendor MIME RFC2047 encoding issue (09/15/04)
- Re: Corsaire Security Advisory - Multiple vendor MIME RFC2047 encoding issue (09/15/04)
David Litchfield
- RE: Correction to latest Colsaire advisories (09/15/04)
David Querin
- RE: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes (09/22/04)
David S. Miller
- Re: Linux 2.4.27 SECURITY BUG - TCP Local (probable Remote) Denial of Service (09/12/04)
- Re: Linux 2.4.27 SECURITY BUG - TCP Local (probable Remote) Denial of Service (09/12/04)
David Schwartz
- RE: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes (09/29/04)
- RE: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes (09/28/04)
David Watson
- Local root compromise possible with getmail (09/19/04)
David Webster
- RE: Security Center and Windows XP clients in domain (09/01/04)
David Wilson
- Re: Re:[3] Corsaire Security Advisory - Multiple vendor MIME RFC2047 encoding issue (09/27/04)
Davide Del Vecchio
- mpg123 buffer overflow vulnerability (09/07/04)
Dehner, Benjamin T.
- RE: New whitepaper "The Phishing Guide" (09/24/04)
Derek Martin
- Re: New Data Wipe Tools (09/12/04)
Dominic Hargreaves
- [FLSA-2004:1468] Updated tcpdump packages that fix multiple security vulnerabilities (09/29/04)
- [FLSA-2004:1552] Updated cadaver packages that fix security vulnerabilities (09/29/04)
Dominick Baier
- Cross-Site Scripting Vulnerability in Newtelligence DasBlog (09/01/04)
- Cross-Site Scripting Vulnerability in Newtelligence DasBlog (09/01/04)
Donato Ferrante
- Re: directory traversal in ParaChat Server 5.5 (09/30/04)
- directory traversal in ParaChat Server 5.5 (09/28/04)
- directory traversal in ParaChat Server 5.5 (09/29/04)
Dowling, Gabrielle
- RE: Microsoft's GDI Detetection Tool faults (09/26/04)
Dr Andrew C Aitchison
- Re: cdrecord local root exploit (09/27/04)
Dragos Ruiu
- SSHD / AnonCVS Nastyness (09/01/04)
E.Kellinis
- MSInfo Buffer Overflow (08/31/04)
Enrique A. Chaparro
- Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes (09/28/04)
ERACC
- Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes (09/26/04)
Eric McCarty
- RE: Promiscuous email printing in Canon imageRunner (09/29/04)
Exoduks
- [hackgen-2004-#001] - Non-critacal Cross-Site Scripting bug in CuteNews (09/02/04)
fabio
- Dynalink routers backdoor? (09/03/04)
FAiN182
- Multiple Full Disclosure Path in postnuke 0.750 phoenix (09/18/04)
Felix Lindner
- Re: Promiscuous email printing in Canon imageRunner (09/30/04)
felix zhou
- Inkra 1504GX DoS vulnerability in conducting IP protocol (09/14/04)
fenfire_at_abwesend.de
- Re: ICMP spoofed source tunneling (09/22/04)
- Re: ICMP spoofed source tunneling (09/22/04)
float_at_lefant.net
- Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes (09/29/04)
FreeBSD Security Advisories
- FreeBSD Security Advisory FreeBSD-SA-04:14.cvs (09/20/04)
Gadi Evron
- Re: Microsoft's GDI Detetection Tool faults (09/25/04)
Gandalf The White
- IPv4 fragmentation --> The Rose Attack (09/27/04)
gandalf_at_digital.net
- RE: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes (09/28/04)
Gareth Humphries
- Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to (09/29/04)
Gary Warner
- Re: Microsoft GDIPlus.DLL JPEG Parsing Engine Buffer Overflow (09/16/04)
Ga�l Delalleau
- New Mozilla, Firefox and Thunderbird releases fix critical security issues (09/15/04)
Gene Cronk
- Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes (09/22/04)
- Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes (09/22/04)
Gerald (Jerry) Carter
- Samba Security Announcement -- Potential Arbitrary File Access (09/30/04)
- Samba 3.0 DoS Vulberabilities (CAN-2004-0807 & CAN-2004-0808) (09/13/04)
gerarra_at_tin.it
- FreeBSD kernel buffer overflow (09/16/04)
Gerry Eisenhaur
- Re: GDI Virus in the wild. (09/27/04)
Greg A. Woods
- Re: New whitepaper "The Phishing Guide" (09/27/04)
- RE: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes (09/27/04)
- Re: Corsaire Security Advisory - Multiple vendor MIME RFC2047 encoding issue (09/18/04)
GuidoZ
- Re: GDI Virus in the wild. (09/28/04)
GulfTech Security
- Multiple Vulnerabilities In EmuLive Server4 (09/21/04)
- RhinoSoft DNS4ME HTTP Server Vulnerabilities (09/18/04)
- RE: www.proboards.com / YaBB XSS Vuln (09/16/04)
- JPEG Processing BOF Proof Of Concept (09/16/04)
- Multiple Vulnerabilities In phpWebsite (09/01/04)
Gunter Ollmann (NGS)
- New whitepaper "The Phishing Guide" (09/22/04)
Harrison Gladden
- Re: Vulnerability in IBM Windows XP: default hidden Administrator account allows local Administrator access (09/16/04)
Hat-Squad Security Team
- [Hat-Squad] Remote Buffer overflow Vulnerability in YahooPOPS (09/27/04)
headpimp_at_pimp-industries.com
- MailWorks Professional - Authentication Bypass (09/02/04)
- MailWorks Professional - Authentication bypass (09/02/04)
Heikki Korpela
- Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes (09/24/04)
Hidenobu Seki
- Rainbow tables for LM/NTLMv1 authentication (09/14/04)
Himeur Nourredine
- @lex Guestbook (PHP) Include file (09/26/04)
Hollis Johnson
- Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes (09/22/04)
Homer
- Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes (09/22/04)
http-equiv_at_excite.com
- Re: FW: [Unpatched] Shell and Drag'n'Drop vulnerabilities (09/09/04)
I)ruid
- CAU-EX-2004-0002: cdrecord-suidshell.sh (09/10/04)
iggy popal
- Re: Buffer overflow in Zinf 2.2.1 for Win32+exploit (09/27/04)
Jacob Appelbaum
- Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes (09/22/04)
Jaeson Schultz
- RE: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes (09/22/04)
- RE: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes (09/22/04)
Jake Appelbaum
- Re: New Data Wipe Tools (09/10/04)
james_love_at_agilent.com
- Possible GDI Exploit Vector (09/29/04)
Jason T. Miller
- Re: cdrecord local root exploit (09/28/04)
- RE: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes (09/29/04)
- Re: cdrecord local root exploit (09/16/04)
javier falbo
- Example of JPG Exploit & Shellcode (09/23/04)
Jay Hen***n
- Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes (09/22/04)
je_at_sekure.net
- [sudo-announce] Sudo version 1.6.8p1 now available (fwd) (09/16/04)
Jedi/Sector One
- Denial of service in Brocade switches (was: Engenio/LSI Logic controllers denial of service/data corruption) (09/05/04)
- Engenio/LSI Logic controllers denial of service/data corruption (09/04/04)
Jeremy Epstein
- RE: Diebold Global Election Management System (GEMS) Backdoor Acc ount Allows Authenticated Users to Modify Votes (09/27/04)
- RE: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes (09/23/04)
Jimmy Scott
- SMC7004VWBR / SMC7008ABR "spoofing" vulnerability. (09/15/04)
John Bissell
- Re: Microsoft's GDI Detetection Tool faults (09/25/04)
- NEW GDI+ JPEG Remote Exploit (09/23/04)
- Exploit: AIM Exploit (Ignore Previous Post) (09/01/04)
Jonas Olsson
- Default username/password pairs in ON Command CCM 5.x database backend (09/20/04)
jonas.thambert_at_pts.se
- SA04-002 - Apache config file env variable buffer overflow (09/15/04)
Jose Rey
- Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes (09/25/04)
Joshua Goodall
- Re: Linux OpenExchange - cleartext rootpw in swap (09/03/04)
Joshua J. Berry
- [ GLSA 200409-24 ] Foomatic: Arbitrary command execution in foomatic-rip filter (09/20/04)
Joxean Koret
- Vulnerabilities in TUTOS (09/18/04)
- Vulnerabilities in TUTOS (09/18/04)
- Multiple Vulnerabilities in phpScheduleIt (08/31/04)
Julio Cesar Fort
- [RLSA_04-2004] QNX crrtrap possible race condition vulnerability (09/13/04)
- [RLSA_03-2004] QNX ftp client format string bug (09/13/04)
- [RLSA_02-2004] QNX Photon multiple buffer overflows (09/13/04)
- [RLSA_01-2004] QNX PPPoEd local root vulnerabilities (09/05/04)
Juraj Bednar
- Re: New whitepaper "The Phishing Guide" (09/27/04)
J�r�me
- Pinnacle ShowCenter 1.51 possible DoS (09/22/04)
- Netscape NSS Library Vulnerability Affects Sun Java Enterprise System (09/21/04)
- Multiple Full Disclosure Path in postnuke 0.750 phoenix (09/19/04)
- McAfee VirusScan Privilege Escalation Vulnerability [iDEFENSE] (09/15/04)
- Microsoft Office WordPerfect Converter Buffer Overflow Vulnerability (09/14/04)
- Buffer Overrun in JPEG Processing (GDI+) Could Allow Code Execution [MS04-028] (09/14/04)
- QNX crrtrap possible race condition vulnerability (09/13/04)
- Samba nmbd Invalid Length Denial of Service Vulnerability [iDEFENSE] (09/13/04)
- Directory Traversal Vulnerability in TwinFTP Server allows overwriting (09/13/04)
- Remote buffer overflow in Apache mod_ssl when reverse proxying SSL (09/11/04)
- BlackJumboDog FTP Server version 3.6.1 Buffer Overflow [Exploit included] (09/10/04)
- OpenOffice World-Readable Temporary Files Disclose Files to Local Users (09/10/04)
- F-Secure Internet Gatekeeper Content Scanning Server Denial of Service [iDEFENSE] (09/10/04)
- Re: Apple, Apple Remote Desktop client [Multiple vulnerabilities] (09/08/04)
- Insecure Temporary File Creation Vulnerability in Net-Acct (09/08/04)
- Cerulean Studios Trillian 0.74i Buffer Overflow in MSN module exploit (09/08/04)
- Site News Authentication Error May Let Local Users Add Messages (09/05/04)
- cdrdao local root exploit (09/05/04)
- Kerio Personal Firewall's Application Launch Protection Can Be Disabled by Direct Service Table Restoration (09/02/04)
- WinZip Unspecified Buffer Overflows May Let Remote or Local Users Execute Arbitrary Code (09/02/04)
- Samba FindNextPrintChangeNotify() Error Lets Remote Authenticated Users Crash smbd (08/31/04)
- Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes (08/31/04)
Karsten Heidrich
- Re[2]: New whitepaper "The Phishing Guide" (09/26/04)
kers0r
- Virus exploits workaround in Windows Mobile/Pocket PC architecture (Includes Source Code) (09/18/04)
khoaimi
- Mambo Portal lasted version 4.5.1 (1.09) and lower vesion : SQL injection Vulnerability. (09/18/04)
Kurt Lieber
- [ GLSA 200409-11 ] star: Suid root vulnerability (09/08/04)
Kurt Seifried
- Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes (09/26/04)
Link Linkovich
- AOL Groups/AIM Information Disclosure (09/15/04)
Lise Moorveld
- Re: iDEFENSE Security Advisory 09.22.04 - Sophos Small Business Suite Reserved D (09/29/04)
Lorne J. Leitman
- RE: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes (09/22/04)
LSS Security
- SUS 2.0.2 local root vulnerability (09/14/04)
Ludwig Nussel
- SUSE Security Announcement: apache2 (SUSE-SA:2004:032) (09/15/04)
Luigi Auriemma
- Crash in Alpha Black Zero 1.04 (09/29/04)
- Code execution in Icecast 2.0.1 (09/28/04)
- Broadcast crash in Chatman 1.5.1 RC1 (09/27/04)
- Buffer overflow in Zinf 2.2.1 for Win32 (09/24/04)
- Multiple vulnerabilities in ActivePost Standard 3.1 (09/23/04)
- Broadcast crash in Popmessenger 1.60 (before 20 Sep 2004) (09/21/04)
- CoD United Offensive boom boom (09/18/04)
- Freeze in Pigeon Server 3.02.0143 (09/16/04)
- Off-by-one bug in Halo 1.04 (09/09/04)
- Broadcast shutdown in Call of Duty 1.4 (09/05/04)
Macromedia Security Zone
- New Macromedia Security Zone Bulletins Posted (09/24/04)
- New Macromedia Security Zone Bulletins Postede (09/24/04)
- Macromedia Products Not Affected by MS JPEG/GDIPlus Issue (09/22/04)
Maestro De-Seguridad
- ADVISORY: security hole (http response splitting) in snitz forums 2000 (09/16/04)
- ADVISORY: http response splitting in snipsnap (09/14/04)
- ADVISORY: http response splitting hole in Comersus shopping cart (09/01/04)
Mandrake Linux Security Team
- MDKSA-2004:011-1 - Updated NetPBM packages fix a number of temporary file bugs. (09/28/04)
- MDKSA-2004:103 - Updated OpenOffice.org packages fix temporary file vulnerabilities (09/28/04)
- MDKSA-2004:102 - Updated ImageMagick packages fix arbitray code execution vulnerabilities (09/22/04)
- MDKSA-2004:100 - Updated mpg123 packages fix vulnerabilities (09/22/04)
- MDKSA-2004:101 - Updated webmin packages fix vulnerabilities (09/22/04)
- MDKSA-2004:095-1 - Updated gdk-pixbuf and gtk+2 packages fix image loading vulnerabilities (09/17/04)
- MDKSA-2004:099 - Updated XFree86 packages fix libXpm overflow vulnerabilities (09/16/04)
- MDKSA-2004:098 - Updated libxpm4 packages fix libXpm overflow vulnerabilities (09/16/04)
- MDKSA-2004:097 - Updated cups packages fix DoS vulnerability (09/15/04)
- MDKSA-2004:096 - Updated apache2 packages fix multiple vulnerabilities (09/15/04)
- MDKSA-2004:095 - Updated gdk-pixbuf packages fix image loading vulnerabilities (09/15/04)
- MDKSA-2004:094 - Updated printer-drivers packages fix vulnerability in foomatic (09/15/04)
- MDKSA-2004:093 - Updated squid packages fix DoS vulnerability (09/15/04)
- MDKSA-2004:092 - Updated samba packages fix multiple vulnerabilities (09/13/04)
- MDKSA-2004:091 - Updated cdrecord packages fix local root vulnerability (09/08/04)
- MDKSA-2004:089 - Updated imlib/imlib2 packages fix BMP crash vulnerability (09/08/04)
- MDKSA-2004:090 - Updated zlib packages fix DoS vulnerability (09/08/04)
- MDKSA-2004:088 - Updated krb5 packages fix multiple vulnerabilities (09/01/04)
Marc Ruef
- Pinnacle ShowCenter Skin Denial of Service (09/21/04)
Marco S Hyman
- Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes (09/28/04)
Marcus Meissner
- Re: cdrecord local root exploit (09/15/04)
Martin Bartosch
- OpenCA Security Advisory: Cross Site Scripting vulnerability (09/06/04)
Martin Schulze
- [SECURITY] [DSA 555-1] New frenet6 packages fix potential information leak (09/30/04)
- [SECURITY] [DSA 554-1] New sendmail packages fix potential open relay (09/27/04)
- [SECURITY] [DSA 552-1] New imlib2 packages fix potential arbitrary code execution (09/22/04)
- [SECURITY] [DSA 551-1] New lukemftpd packages fix arbitrary code execution (09/21/04)
- [SECURITY] [DSA 550-1] New wv packages fix arbitrary command execution (09/20/04)
- [SECURITY] [DSA 548-1] New imlib packages fix arbitrary code execution (09/16/04)
- [SECURITY] [DSA 546-1] New gdk-pixbuf packages fix several vulnerabilities (09/16/04)
- [SECURITY] [DSA 547-1] New Imagemagic packages fix buffer overflows (09/16/04)
- [SECURITY] [DSA 545-1] New cupsys packages fix denial of service (09/15/04)
- [SECURITY] [DSA 544-1] New webmin packages fix insecure temporary directory (09/14/04)
Marvin Bellamy
- Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes (09/22/04)
Matt Johnston
- RsyncX vulnerabilities (09/17/04)
Matt Zimmerman
- Re: Debian netkit telnetd vulnerability (09/27/04)
Matthew E. Lauterbach
- RE: Promiscuous email printing in Canon imageRunner (09/27/04)
Matthew Keller
- Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes (09/28/04)
Matthias Wimmer
- Possible DoS attack against jabberd 1.4.3 and jadc2s 0.9.0 (09/20/04)
Max
- Insecure file permissions in the Firefox browser for Linux >= v0.9 (09/13/04)
Max Tulyev
- ICMP spoofed source tunneling (09/21/04)
mgotts_at_2roads.com
- RE: Microsoft's GDI Detetection Tool faults (09/28/04)
Michael Roitzsch
- XSA-2004-4: multiple string overflows (09/07/04)
- XSA-2004-5: heap overflow in DVD subpicture decoder (09/06/04)
Michael Scheidell
- Vulnerability in IBM Windows XP: default hidden Administrator account allows local Administrator access (09/16/04)
Michael Wilson, Contractor
- RE: Vulnerability in IBM Windows XP: default hidden Administrator account allows local Administrator access (09/17/04)
Michal Blaszczak
- Bug XSS in PsNews 1.1 (09/05/04)
- Bug XSS in PsNews 1.1 (09/05/04)
Michal Zalewski
- Debian netkit telnetd vulnerability (09/18/04)
- Tool announcement: fakebust (09/20/04)
Mike Ely
- Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes (09/22/04)
Mike Healan
- Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes (09/26/04)
Mike Sues
- Multiple Vulnerabilities in Symantec Enterprise Firewall/Gateway Security Products (09/22/04)
nekd0
- MyWebServer 1.0.3 (09/27/04)
newbug Tseng
- cdrecord local root exploit (09/10/04)
NGSSoftware Insight Security Research
- Microsoft WordPerfect 5.x Converter Heap Overflow (09/16/04)
- Patch available for multiple critical flaws in Oracle (09/01/04)
- Patch available for IBM DB2 Universal Database flaws (09/01/04)
NGSSoftware Insight Security Research Advisory
- Microsoft WordPerfect 5.x Converter Heap Overflow (09/14/04)
Nicholas Knight
- Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes (09/26/04)
Nick D.
- Microsoft GDIPlus.DLL JPEG Parsing Engine Buffer Overflow (09/15/04)
Nick Knouf
- Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes (09/26/04)
Nick Korbel
- Re: Multiple Vulnerabilities in phpScheduleIt (09/18/04)
Nikyt0x Argentina
- Posible Inclusion File in Perl Desk (09/12/04)
OpenPKG
- [OpenPKG-SA-2004.041] OpenPKG Security Advisory (spamassassin) (09/15/04)
- [OpenPKG-SA-2004.042] OpenPKG Security Advisory (aspell) (09/15/04)
- [OpenPKG-SA-2004.040] OpenPKG Security Advisory (samba) (09/15/04)
- [OpenPKG-SA-2004.039] OpenPKG Security Advisory (kerberos) (09/13/04)
Parks, Matt
- RE: Microsoft GDIPlus.DLL JPEG Parsing Engine Buffer Overflow (09/16/04)
Pasquiet Loic (M.)
- problem in voip environment (09/11/04)
Patrick
- Serv-U up to 5.2 Denial of Service (09/11/04)
Patrick Clinger
- Re: www.proboards.com / YaBB XSS Vuln (09/17/04)
Patrick J. Kobly
- Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes (09/28/04)
Paul Johnston
- wp-04-0001: Multiple Browser Cookie Injection Vulnerabilities (09/15/04)
- wp-04-0001: Multiple Browser Cookie Injection Vulnerabilities (09/16/04)
Paul Starzetz
- Re: SUSE Security Announcement: kernel (SUSE-SA:2004:028) (09/02/04)
Paul Wouters
- RE: Diebold Global Election Management System (GEMS) Backdoor (09/27/04)
PD9 Software
- Re: HTTP Response Splitting and SQL injection in megabbs forum (09/26/04)
Pedro Sanches
- aspWebCalendar /aspWebAlbum: SQL injection (09/23/04)
Peter Lowe
- Re: [XSS] PHP-Nuke 7.4 Bugs (09/08/04)
Philip Stoev
- Re: New whitepaper "The Phishing Guide" (09/29/04)
Pierquinto Manco
- PHP-Nuke 7.4 Multiple XSS Vulnerabilities Patch (09/05/04)
- [XSS] PHP-Nuke 7.4 AddMsg Bug (09/05/04)
- Good Patch to Multiple [XSS] Vulnerabilities in PHP-Nuke 7.4 (09/06/04)
- [XSS] PHP-Nuke 7.4 Newsletter Injection Bug (09/05/04)
- [XSS] PHP-Nuke 7.4 DelAdmin Bug (09/04/04)
- [XSS] PHP-Nuke 7.4 ViewAdmin Bug (09/04/04)
- [XSS] PHP-Nuke 7.4 Remote Privilege Escalation (09/03/04)
pigrelax
- SQL injection in BroadBoard Instant ASP Message Board (09/26/04)
- Remote buffer overflow in MDaemon IMAP and SMTP server (09/22/04)
please_reply_to_security_at_sco.com
- OpenServer 5.0.6 OpenServer 5.0.7 : apache mod_digest Incorrect Client Response Verification Vulnerability (08/31/04)
- OpenServer 5.0.6 OpenServer 5.0.7 : squid %-encoded characters in a URL (08/31/04)
- UPDATED OpenServer 5.0.6 OpenServer 5.0.7 : OpenSSL Multiple Vulnerabilities (08/31/04)
Polazzo Justin
- RE: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes (09/28/04)
- RE: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes (09/23/04)
- RE: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes (09/22/04)
- RE: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes (09/22/04)
- RE: Microsoft GDIPlus.DLL JPEG Parsing Engine Buffer Overflow (09/16/04)
- RE: Microsoft GDIPlus.DLL JPEG Parsing Engine Buffer Overflow (09/16/04)
- RE: Microsoft GDIPlus.DLL JPEG Parsing Engine Buffer Overflow (09/15/04)
pressinfo_at_diebold.com
- Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes (09/21/04)
product-security_at_axis.com
- Axis Network Camera and Video Server Security Advisory (09/07/04)
Przemyslaw Frasunek
- Zyxel Prestige 681 SDSL router information leak (09/13/04)
R00tCr4ck
- Multiple Vulnerabilities in Silent Storm Portal (09/30/04)
Rafel Ivgi, The-Insider
- Re: GoogleToolbar:About -- Allows Script Injection (09/18/04)
raiblehugo_at_hotmail.com
- Re: ICMP spoofed source tunneling (09/24/04)
Rainer Duffner
- Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes (09/22/04)
Reed, Phillip C. (LNG-DAY)
- RE: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes (09/28/04)
Rene
- serverview 3.0 - insecure file permissions (09/06/04)
robert_at_dyadsecurity.com
- Unicornscan 0.4.2 (09/30/04)
Ron DuFresne
- RE: Linux 2.4.27 SECURITY BUG - TCP Local (probable Remote) Denial of Service (09/13/04)
Ryan_Ward_at_Dell.com
- RE: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes (09/27/04)
Sander Striker
- [ANNOUNCE] Apache HTTP Server 2.0.51 Released (09/15/04)
Scott Jacobson
- RE: Microsoft's GDI Detetection Tool faults (09/29/04)
Sean Davis
- Re: cdrecord local root exploit (09/13/04)
- Re: cdrecord local root exploit (09/12/04)
Sebastian Krahmer
- SUSE Security Announcement: cups (SUSE-SA:2004:031) (09/15/04)
- SUSE Security Announcement: apache2 (SUSE-SA:2004:030) (09/06/04)
Sec-Labs Team
- Gadu-Gadu (all versions with image-send feature) Heap Overflow (09/12/04)
securma_at_caramail.com
- MSSQL 7.0 DoS (09/28/04)
Seth Arnold
- Re: New whitepaper "The Phishing Guide" (09/23/04)
Seth Breidbart
- Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes (09/29/04)
- Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes (09/27/04)
shadown
- New security tools and papers released (09/01/04)
SHATTER (Application Security, Inc.)
- [SHATTER Team Security Alert] Multiple vulnerabilities in Oracle Database Server (09/02/04)
sheep explode
- Re: Microsoft GDIPlus.DLL JPEG Parsing Engine Buffer Overflow (09/16/04)
ShineShadow
- Multiple vulnerabilities in Icewarp Web Mail 5.2.7 (09/10/04)
Simon
- Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes (09/28/04)
sin
- Re: ICMP spoofed source tunneling (09/23/04)
snsadv
- [SNS Advisory No.77] Usermin Remote Arbitrary Shell Command Execution Vulnerability (09/07/04)
Solar Designer
- Re: Debian netkit telnetd vulnerability (09/21/04)
Stefano Di Paola
- Php RFC1867 Upload Vuln. POC Released (09/27/04)
- Php RFC1867 Upload Vuln. POC Released (09/29/04)
- And More Advanced SQL Injection... (09/21/04)
- Php Vulnerability N. 2 (09/15/04)
- PHP Vulnerability N. 1 (09/15/04)
steve menard
- Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes (09/22/04)
Steven
- Re: aspWebCalendar /aspWebAlbum: SQL injection (09/25/04)
Stevo
- Opera DOS (09/01/04)
Stuart Moore
- Yahoo! Store Security Advisory (09/28/04)
Sune Kloppenborg Jeppesen
- [ GLSA 200409-35 ] Subversion: Metadata information leak (09/29/04)
- [ GLSA 200409-31 ] jabberd 1.x: Denial of Service vulnerability (09/23/04)
- [ GLSA 200409-32 ] getmail: Filesystem overwrite vulnerability (09/23/04)
- [ GLSA 200409-29 ] FreeRADIUS: Multiple Denial of Service vulnerabilities (09/22/04)
- [ GLSA 200409-19 ] Heimdal: ftpd root escalation (09/16/04)
- [ GLSA 200409-18 ] cdrtools: Local root vulnerability in cdrecord if set SUID root (09/14/04)
- [ GLSA 200409-17 ] SUS: Local root vulnerability (09/14/04)
- [ GLSA 200409-16 ] Samba: Denial of Service vulnerabilities (09/13/04)
- ERRATA: [ GLSA 200409-14 ] Samba: Remote printing non-vulnerability (09/10/04)
- [ GLSA 200409-14 ] Samba: Remote printing vulnerability (09/09/04)
- [ GLSA 200409-13 ] LHa: Multiple vulnerabilities (09/08/04)
- [ GLSA 200409-08 ] Ruby: CGI::Session creates files insecurely (09/03/04)
- [ GLSA 200409-07 ] xv: Buffer overflows in image handling (09/03/04)
- UPDATE: [ GLSA 200408-22 ] Mozilla, Firefox, Thunderbird, Galeon, Epiphany: New releases fix vulnerabilities (09/03/04)
- [ GLSA 200409-05 ] Gallery: Arbitrary command execution (09/02/04)
- [ GLSA 200409-06 ] eGroupWare: Multiple XSS vulnerabilities (09/02/04)
- [ GLSA 200409-01 ] vpopmail: Multiple vulnerabilities (09/01/04)
Sym Security
- Re: Default username/password pairs in ON Command CCM 5.x database backend, Sep 20 2004 2:24PM (09/29/04)
- Symantec Enterprise Firewall/VPN and Gateway Security 300 Series Appliances Multiple Issues (09/22/04)
- RE: Security Center and Windows XP clients in domain, 20040831062712.31317.qmail@www.securityfocus.com (09/01/04)
the rxmr
- Re: Microsoft's GDI Detetection Tool faults (09/28/04)
Thierry Carrez
- [ GLSA 200409-34 ] X.org, XFree86: Integer and stack overflows in libXpm (09/27/04)
- [ GLSA 200409-30 ] xine-lib: Multiple vulnerabilities (09/22/04)
- [ GLSA 200409-27 ] glFTPd: Local buffer overflow vulnerability (09/21/04)
- [ GLSA 200409-28 ] GTK+ 2, gdk-pixbuf: Multiple image decoding vulnerabilities (09/21/04)
- [ GLSA 200409-26 ] Mozilla, Firefox, Thunderbird, Epiphany: New releases fix vulnerabilities (09/20/04)
- [ GLSA 200409-25 ] CUPS: Denial of service vulnerability (09/20/04)
- [ GLSA 200409-21 ] Apache 2, mod_dav: Multiple vulnerabilities (09/16/04)
- [ GLSA 200409-20 ] mpg123: Buffer overflow vulnerability (09/16/04)
- [ GLSA 200409-12 ] ImageMagick, imlib, imlib2: BMP decoding buffer overflows (09/08/04)
- [ GLSA 200409-10 ] multi-gnome-terminal: Information leak (09/06/04)
- [ GLSA 200409-09 ] MIT krb5: Multiple vulnerabilities (09/06/04)
- [ GLSA 200409-04 ] Squid: Denial of service when using NTLM authentication (09/02/04)
- [ GLSA 200409-03 ] Python 2.2: Buffer overflow in getaddrinfo() (09/02/04)
- [ GLSA 200409-02 ] MySQL: Insecure temporary file creation in mysqlhotcopy (09/01/04)
thomas adams
- CA UniCenter Management Portal Username Enumeration Vulnerability (09/21/04)
Thomas Biege
- SUSE Security Announcement: zlib (SUSE-SA:2004:029) (09/02/04)
- SUSE Security Announcement: kernel (SUSE-SA:2004:028) (09/01/04)
Thomas C. Greene
- Re: New Data Wipe Tools (09/10/04)
- New Data Wipe Tools (09/09/04)
Thomas Waldegger
- Multiple XSS Vulnerabilities in Wordpress 1.2 (09/28/04)
Thor
- Re: Security Center and Windows XP clients in domain (09/01/04)
Thor Larholm
- FW: [Unpatched] Shell and Drag'n'Drop vulnerabilities (09/04/04)
Tim Broeker
- Re: Mambo Portal lasted version 4.5.1 (1.09) and lower vesion : SQL injection Vulnerability. (09/19/04)
Tim Newsham
- Re: ICMP spoofed source tunneling (09/22/04)
- Re: FreeBSD kernel buffer overflow (09/18/04)
Tom Yu
- MITKRB5-SA-2004-002: double-free vulnerabilities (08/31/04)
Tracy Bost
- Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes (09/28/04)
trh
- Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes (09/28/04)
Trustix Security Advisor
- TSL-2004-0050 - multi (09/30/04)
- TSLSA-2004-0049 - apache (09/23/04)
- TSLSA-2004-0047 - multi (09/16/04)
- TSL-2004-0046 - multi (09/14/04)
- TSL-2004-0045 - kerberos5 (09/02/04)
Udo Mueller
- Re: Posible security bug in phpMyWebhosting (09/20/04)
Valdis.Kletnieks_at_vt.edu
- Re: Linux OpenExchange - cleartext rootpw in swap (09/02/04)
ViPeR
- GoogleToolbar:About -- Allows Script Injection (09/17/04)
Volker Kuhlmann
- Re: cdrecord local root exploit (09/14/04)
Wesley Shields
- Re: FreeBSD kernel buffer overflow (09/17/04)
Wolfpaw - Dale Corse
- RE: Linux 2.4.27 SECURITY BUG - TCP Local (probable Remote) Denial of Service (09/12/04)
- Linux 2.4.27 SECURITY BUG - TCP Local (probable Remote) Denial of Service (09/11/04)
Yoav Nir
- RE: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes (09/26/04)

Last message date: 09/30/04
Archived on: 09/30/04 CEST

466 messages sorted by: [ date ] [ thread ] [ subject ] [ attachment ]

SecurityFocus BugtraqBy Author

SecurityFocus Bugtraq
By Author