SecurityFocus Bugtraq
By Date

368 messages sorted by: [ author ] [ thread ] [ subject ] [ attachment ]

---

Starting: 10/01/04
Ending: 10/30/04

• Re: New URL spoofing bug in Microsoft Internet Explorer http-equiv_at_excite.com  (10/30/04)
• RE: New URL spoofing bug in Microsoft Internet Explorer Larry Seltzer (10/30/04)
• [OpenPKG-SA-2004.048] OpenPKG Security Advisory (squid) OpenPKG (10/29/04)
• [USN-12-1] ppp Denial of Service Martin Pitt (10/29/04)
• Re: New URL spoofing bug in Microsoft Internet Explorer 0-1-2-3_at_gmx.de (10/29/04)
• Re: New URL spoofing bug in Microsoft Internet Explorer GuidoZ (10/29/04)
• Re: local buffer overflow in htpasswd for apache 1.3.31 not fixed in .33? Michael Engert (10/29/04)
• Re: New URL spoofing bug in Microsoft Internet Explorer GuidoZ (10/29/04)
• Re: local buffer overflow in htpasswd for apache 1.3.31 not fixed in .33? André Malo (10/29/04)
• Re: Update: Web browsers - a mini-farce (MSIE gives in) Chris Paget (10/29/04)
• Re: New URL spoofing bug in Microsoft Internet Explorer Jérôme (10/30/04)
• Re: New URL spoofing bug in Microsoft Internet Explorer Christopher J. Pilkington (10/29/04)
• Re: Update: Web browsers - a mini-farce (MSIE gives in) infamous41md_at_hotpop.com (10/30/04)
• Re: New URL spoofing bug in Microsoft Internet Explorer GuidoZ (10/29/04)
• Re: Update: Web browsers - a mini-farce (MSIE gives in) Michael Shigorin (10/29/04)
• RE: Update: Web browsers - a mini-farce (MSIE gives in) David Brodbeck (10/29/04)
• RE: Update: Web browsers - a mini-farce (MSIE gives in) Tim Newsham (10/29/04)
• Re: Update: Web browsers - a mini-farce (MSIE gives in) Valdis.Kletnieks_at_vt.edu (10/29/04)
• RE: Update: Web browsers - a mini-farce (MSIE gives in) Tim Newsham (10/29/04)
• RE: libgd integer overflow infamous41md_at_hotpop.com (10/29/04)
• Re: libgd integer overflow Richard Dawe (10/29/04)
• RE: New URL spoofing bug in Microsoft Internet Explorer Larry Seltzer (10/29/04)
• local buffer overflow in htpasswd for apache 1.3.31 not fixed in .33? Larry Cashdollar (10/29/04)
• [USN-11-1] libgd2 vulnerabilities Martin Pitt (10/29/04)
• Re: debian dhcpd, old format string bug infamous41md_at_hotpop.com (10/29/04)
• [ GLSA 200410-31 ] Archive::Zip: Virus detection evasion Thierry Carrez (10/29/04)
• [OpenPKG-SA-2004.047] OpenPKG Security Advisory (apache) OpenPKG (10/29/04)
• [SECURITY] [DSA 576-1] New Squid packages fix several vulnerabilities Martin Schulze (10/29/04)
• Re: Mozilla Firefox (tested on 0.9.3) html-code crash. Michal Zalewski (10/29/04)
• [SECURITY] [DSA 577-1] New postgresql packages fix symlink vulnerability Martin Schulze (10/29/04)
• [OpenPKG-SA-2004.046] OpenPKG Security Advisory (postgresql) OpenPKG (10/29/04)
• [USN-6-1] postgresql contributed script vulnerability Martin Pitt (10/27/04)
• Re: Mozilla Firefox (tested on 0.9.3) html-code crash. Crispin Cowan (10/28/04)
• [ GLSA 200410-30 ] GPdf, KPDF, KOffice: Vulnerabilities in included xpdf Thierry Carrez (10/28/04)
• New URL spoofing bug in Microsoft Internet Explorer 0-1-2-3_at_gmx.de (10/28/04)
• [USN-8-1] gaim vulnerabilities Martin Pitt (10/27/04)
• [USN-7-1] imagemagick vulnerability Martin Pitt (10/27/04)
• [ GLSA 200410-28 ] rssh: Format string vulnerability Thierry Carrez (10/27/04)
• [USN-3-1] GhostScript utility script vulnerabilities Martin Pitt (10/27/04)
• [USN-9-1] tetex-bin vulnerabilities Martin Pitt (10/28/04)
• Re: Update: Web browsers - a mini-farce (MSIE gives in) Valdis.Kletnieks_at_vt.edu (10/28/04)
• [USN-4-1] Standard C library script vulnerabilities Martin Pitt (10/28/04)
• RE: Update: Web browsers - a mini-farce (MSIE gives in) Michael Wojcik (10/28/04)
• [USN-5-1] gettext vulnerabilities Martin Pitt (10/27/04)
• [FLSA-2004:2089] Updated mozilla packages fix security vulnerabilities Dominic Hargreaves (10/27/04)
• Re: Some Voters Say Machines Failed, Incorrect Choices Appear on Screens (fwd) Paul Schmehl (10/27/04)
• PHP4 cURL functions bypass open_basedir FraMe (10/27/04)
• Re: zgv image viewing heap overflows Chris Frey (10/28/04)
• Re: debian dhcpd, old format string bug Tarragon Allen (10/28/04)
• RE: Update: Web browsers - a mini-farce (MSIE gives in) David Brodbeck (10/27/04)
• Re: Update: Web browsers - a mini-farce (MSIE gives in) MCMuir_at_dstoutput.com (10/27/04)
• [SECURITY] [DSA 575-1] New catdoc packages fix temporary file vulnerability Martin Schulze (10/28/04)
• [SECURITY] [DSA 574-1] New cabextract packages fix unintended directory traversal Martin Schulze (10/28/04)
• Presentation: Bypassing client application protection techniques with notepad 3APA3A (10/28/04)
• High Risk Vulnerability in RealPlayer NGSSoftware Insight Security Research (10/27/04)
• [security bulletin] SSRT3526 Serviceguard potential increase in privilege Boren, Rich (SSRT) (10/26/04)
• RE: Update: Web browsers - a mini-farce (MSIE gives in) Michael Wojcik (10/27/04)
• Multiple Vulnerabilites in Quake II Server Richard Stanway (10/27/04)
• EEYE: RealPlayer Zipped Skin File Buffer Overflow Marc Maiffret (10/27/04)
• High Risk Vulnerability in Quicktime for Windows NGSSoftware Insight Security Research (10/27/04)
• [ GLSA 200410-29 ] PuTTY: Pre-authentication buffer overflow Sune Kloppenborg Jeppesen (10/27/04)
• [CLA-2004:880] Conectiva Security Announcement - foomatic-filters Conectiva Updates (10/27/04)
• iDEFENSE Security Advisory 10.27.04 - PuTTY SSH2_MSG_DEBUG Buffer Overflow Vulnerability customer service mailbox (10/27/04)
• Crashs in Master of Orion III 1.2.5 Luigi Auriemma (10/27/04)
• RE: Update: Web browsers - a mini-farce (MSIE gives in) Michael Wojcik (10/27/04)
• Re: Update: Web browsers - a mini-farce (MSIE gives in) Valdis.Kletnieks_at_vt.edu (10/27/04)
• [CLA-2004:879] Conectiva Security Announcement - kernel Conectiva Updates (10/26/04)
• MMDF deliver local root exploit for SCO OpenServer 5.0.7 x86 Ramon de Carvalho Valle (10/27/04)
• debian dhcpd, old format string bug infamous41md_at_hotpop.com (10/26/04)
• Re: Update: Web browsers - a mini-farce (MSIE gives in) Valdis.Kletnieks_at_vt.edu (10/26/04)
• PTms04-030 pigrelax (10/26/04)
• Rendering large binary file as HTML makes Mozilla Firefox stop responding Peter Kruse (10/26/04)
• zgv image viewing heap overflows infamous41md_at_hotpop.com (10/26/04)
• Re: Some Voters Say Machines Failed, Incorrect Choices Appear on Screens (fwd) Valdis.Kletnieks_at_vt.edu (10/26/04)
• wvtfpd remote root heap overflow infamous41md_at_hotpop.com (10/26/04)
• PuTTY SSH client vulnerability Anatole Shaw (10/27/04)
• [ GLSA 200410-23 ] Gaim: Multiple vulnerabilities Matthias Geerdsen (10/24/04)
• [ GLSA 200410-22 ] MySQL: Multiple vulnerabilities Thierry Carrez (10/24/04)
• pppd out of bounds memory access, possible DOS infamous41md_at_hotpop.com (10/26/04)
• [ GLSA 200410-25 ] Netatalk: Insecure tempfile handling in etc2ps.sh Luke Macken (10/25/04)
• Hawking Technologies HAR11A router considered insecure Marcus Garvey (10/26/04)
• pacsec.jp advisory: Firewire/IEEE 1394 Considered Harmful to Physical Security Dragos Ruiu (10/26/04)
• MailCarrier 2.51 SMTP server Buffer Overflow [PoC included] Jérôme (10/26/04)
• libgd integer overflow infamous41md_at_hotpop.com (10/26/04)
• inetutils tftp client, DNS resolving bofs infamous41md_at_hotpop.com (10/26/04)
• [ GLSA 200410-26 ] socat: Format string vulnerability Luke Macken (10/25/04)
• [ GLSA 200410-24 ] MIT krb5: Insecure temporary file use in send-pr.sh Thierry Carrez (10/25/04)
• OpenSSL 0.9.7e released (fwd from mark@openssl.org) je_at_sekure.net (10/26/04)
• SUSE Security Announcement: xpdf, gpdf, kpdf, pdftohtml, cups (SUSE-SA:2004:039) Thomas Biege (10/26/04)
• libxml2 remote buffer overflows (not in xml parsing code though) infamous41md_at_hotpop.com (10/26/04)
• RE: Critical Vulnerability in Altiris Deployment Server architecture Brooks, Shane (10/25/04)
• Re: CAN-2004-0814: Linux terminal layer races Pavel Kankovsky (10/23/04)
• Bug in hotmail security (10/24/04)
• Two Vulnerabilities in OpenWFE Web Client Joxean Koret (10/24/04)
• [CLA-2004:878] Conectiva Security Announcement - zlib Conectiva Updates (10/25/04)
• Re: How to Break Windows XP SP2 + Internet Explorer 6 SP2 michael evanchik (10/25/04)
• Re: [Full-Disclosure] Update: Web browsers - a mini-farce (MSIE gives in) Daniel Veditz (10/24/04)
• Re: Update: Web browsers - a mini-farce (MSIE gives in) gabrield89_at_hotmail.com (10/25/04)
• Mozilla Firefox (tested on 0.9.3) html-code crash. ducch apple (10/25/04)
• Fake RedHat - Fedora Security Patch / Trojan Source Code & Analysis K-OTiK Security (10/25/04)
• RE: Update: Web browsers - a mini-farce (MSIE gives in) David Brodbeck (10/25/04)
• Re: [Full-Disclosure] python does mangleme (with IE bugs!) Berend-Jan Wever (10/25/04)
• Some Voters Say Machines Failed, Incorrect Choices Appear on Screens (fwd) Atom 'Smasher' (10/25/04)
• STG Security Advisory: [SSA-20041022-08] MoniWiki XSS vulnerability advisory_at_stgsecurity.com (10/25/04)
• Re: Is Windows up to snuff for running our world? Thor (10/25/04)
• [BUGZILLA] Vulnerabilities in Bugzilla 2.16.6 and 2.18rc2 David Miller (10/25/04)
• [kde-announce] [KDE security advisory] Multiple integer overflows in kpdf Dirk Mueller (10/22/04)
• python does mangleme (with IE bugs!) ned (10/24/04)
• Re: Google Script Insertion Exploit Jérôme (10/23/04)
• Update: Web browsers - a mini-farce (MSIE gives in) Michal Zalewski (10/23/04)
• rssh: pizzacode security alert Derek Martin (10/23/04)
• dwc_articles possible sql injection Rene (10/23/04)
• windows 2000 server terminal server denial of service Nick Caramella (10/22/04)
• Ability FTP Server 2.34 Buffer Overflow Exploit Jérôme (10/22/04)
• Re: Full path disclosure and sql injection on CubeCart 2.0.1 sculptex_at_sculptex.co.uk (10/22/04)
• Norton AntiVirus 2004/2005 Script Blocking Redux Daniel Milisic (10/22/04)
• AOL Journals BlogID incrementing discloses account names and e-mail Steven (10/22/04)
• Is Windows up to snuff for running our world? Richard M. Smith (10/22/04)
• [CLA-2004:877] Conectiva Security Announcement - mozilla Conectiva Updates (10/22/04)
• iDEFENSE Security Advisory XX.XX.04 - Novell SuSe Linux LibTIFF Heap Overflow Vulnerability customer service mailbox (10/22/04)
• Re: avoiding stackguard Crispin Cowan (10/22/04)
• Hack Dot AE Spy Hat (10/22/04)
• Windows DoS in certain pGina configurations Steven (10/22/04)
• SuSE Security Announcement: libtiff (SUSE-SA:2004:038) Marcus Meissner (10/22/04)
• [Fwd: Altiris Carbon Copy Remote Control local SYSTEM exploitation.] KF_lists (10/22/04)
• J2ME security vulnerabilities Adam Gowdiak (10/22/04)
• [Security Bulletin] SSRT4807 HP-UX stmkfont local unauthorized privileged access Boren, Rich (SSRT) (10/22/04)
• [HV-LOW] Unsafe WAV header handling can cause DoS on Windows vuln_at_hexview.com (10/22/04)
• [KDE security advisory] Multiple integer overflows in kpdf Dirk Mueller (10/22/04)
• MDKSA-2004:116 - Updated cups packages fix DoS vulnerabilities Mandrake Linux Security Team (10/22/04)
• MDKSA-2004:115 - Updated kdegraphics packages fix DoS vulnerability Mandrake Linux Security Team (10/22/04)
• MDKSA-2004:113 - Updated xpdf packages fix vulnerabilities Mandrake Linux Security Team (10/22/04)
• [ GLSA 200410-21 ] Apache 2, mod_ssl: Bypass of SSLCipherSuite directive Kurt Lieber (10/21/04)
• MDKSA-2004:114 - Updated gpdf packages fix DoS vulnerability Mandrake Linux Security Team (10/22/04)
• MDKSA-2004:112 - Updated squid packages fix SNMP processing vulnerability Mandrake Linux Security Team (10/21/04)
• Re: Critical Vulnerability in Altiris Deployment Server architecture KF_lists (10/21/04)
• HTTP Response Splitting in Serendipity 0.7-beta4 Chaotic Evil (10/21/04)
• MDKSA-2004:110 - Updated gaim packages fix vulnerabilities Mandrake Linux Security Team (10/21/04)
• Re: IBM Lotus Notes/Domino fails to encode Square Brackets ( [ ] ) in computed field/text, allowing XSS (Risk increased) Juan C Calderon (10/21/04)
• MDKSA-2004:111 - Updated wxGTK2 packages fix vulnerabilities Mandrake Linux Security Team (10/21/04)
• SQL Injection in UBB.threads 3.4.x Florian Rock (10/21/04)
• [SECURITY] [DSA 572-1] New ecartis packages fix unauthorised access to admin interface Martin Schulze (10/21/04)
• NSFOCUS SA2004-02 : HP-UX stmkfont Local Privilege Escalation Vulnerability NSFOCUS Security Team (10/21/04)
• SuSE Security Announcement: kernel (SUSE-SA:2004:037) Marcus Meissner (10/21/04)
• CAN-2004-0814: Linux terminal layer races Alan Cox (10/21/04)
• Critical Vulnerability in Altiris Deployment Server architecture Brian Gallagher (10/21/04)
• [SECURITY] [DSA 573-1] New cupsys packages fix arbitrary code execution Martin Schulze (10/21/04)
• MDKSA-2004:107 - Updated mozilla packages fix vulnerabilities Mandrake Linux Security Team (10/20/04)
• mpg123 "getauthfromurl" buffer overflow Carlos Barros (10/20/04)
• MDKSA-2004:108 - Updated cvs packages fix vulnerability Mandrake Linux Security Team (10/20/04)
• Re: Norton AntiVirus 2004 Script Blocking Failure (Includes PoC and rant) secure_at_symantec.com (10/20/04)
• [SECURITY] [DSA 570-1] New libpng packages fix several vulnerabilities Martin Schulze (10/20/04)
• [SECURITY] [DSA 571-1] New libpng3 packages fix several vulnerabilities Martin Schulze (10/20/04)
• How to Break Windows XP SP2 + Internet Explorer 6 SP2 http-equiv_at_excite.com  (10/20/04)
• RE: How to Break Windows XP SP2 + Internet Explorer 6 SP2 Thor Larholm (10/20/04)
• [EXPL] (MS04-032) Microsoft Windows XP Metafile (.emf) Heap Overflow (PoC) houseofdabus HOD (10/20/04)
• Buffer-overflow in Age of Sail II 1.04.151 Luigi Auriemma (10/20/04)
• MDKSA-2004:109 - Updated libtiff packages fix multiple vulnerabilities Mandrake Linux Security Team (10/20/04)
• Google Script Insertion Exploit Jim Ley (10/19/04)
• Broadcast crash in Vypress Tonecast 1.3 Luigi Auriemma (10/19/04)
• Multiple AntiVirus Reserved Device Name Handling Vulnerability Sowhat . (10/19/04)
• avoiding stackguard vallez_at_gmail.com (10/18/04)
• Re: New Remote Microsoft JPEG DoS Vulnerability + Other Potential Security Vulnerabilitys in asycpict.dll 1.0 Advisory Chris Norton (10/18/04)
• RE: [IE 6 SP2] Possible URL Spoofing Dror Shalev (10/19/04)
• UnixWare 7.1.4 UnixWare 7.1.3 : The error handling in the inflate and inflateBack functions in ZLib compression library allows local users to cause a denial of service please_reply_to_security_at_sco.com (10/19/04)
• [CLA-2004:875] Conectiva Security Announcement - gtk+ Conectiva Updates (10/18/04)
• [FLSA-2004:1804] Updated kernel resolves security vulnerabilities Dominic Hargreaves (10/18/04)
• Re: [IE 6 SP2] Possible URL Spoofing Paul Kurczaba (10/16/04)
• [ GLSA 200410-14 ] phpMyAdmin: Vulnerability in MIME-based transformation system Thierry Carrez (10/18/04)
• RE: Writing Trojans that bypass Windows XP Service Pack 2 Firewall Simon Zuckerbraun (10/18/04)
• apexec.pl is still vulnerable against Directory Traversal. Zero_X www.lobnan.de Team (10/17/04)
• Mutiple AntiVirus Reserved Device Name Handling Vulnerability Sowhat . (10/18/04)
• Re: Writing Trojans that bypass Windows XP Service Pack 2 Firewall Jay Calvert (10/16/04)
• [ GLSA 200410-15 ] Squid: Remote DoS vulnerability Luke Macken (10/18/04)
• ProFTPD 1.2.x remote users enumeration bug - correction LSS Security (10/17/04)
• Re: IBM Lotus Notes/Domino fails to encode Square Brackets ( [ ] ) in computed field/text, allowing XSS Juan C Calderon (10/18/04)
• [SECURITY] [DSA 556-2] New netkit-telnet packages really fix denial of service Martin Schulze (10/18/04)
• [SECURITY] [DSA 568-1] New cyrus-sasl-mit packages fix arbitrary code execution Martin Schulze (10/16/04)
• [Powie's PSCRIPT Forum] Multiple SQL-Injection Vulnerabilities Christoph Jeschke (10/15/04)
• [FLSA-2004:1237] Updated gaim package resolves security issues Marc Deslauriers (10/16/04)
• [FLSA-2004:2072] Updated CUPS packages fix security vulnerability Marc Deslauriers (10/16/04)
• IBM Lotus Notes/Domino fails to encode Square Brackets ( [ ] ) in computed field/text, allowing XSS Juan C Calderon (10/18/04)
• [SECURITY] [DSA 569-1] New netkit-telnet-ssl packages fix denial of service Martin Schulze (10/18/04)
• Re: EEYE: Windows VDM #UD Local Privilege Escalation Jim Hatfield (10/14/04)
• Re: Norton AntiVirus 2004 Script Blocking Failure (Includes PoC and rant) secure_at_symantec.com (10/18/04)
• Re: Directory traversal in Yak! 2.1.2 bil (10/16/04)
• Re: [IE 6 SP2] Possible URL Spoofing http-equiv_at_excite.com (10/16/04)
• iDEFENSE Security Advisory 10.18.04: Multiple Vendor Anti-Virus Software Detection Evasion Vulnerability customer service mailbox (10/18/04)
• Multiple vulnerabilities in Sage Saleslogix Carl (10/18/04)
• cPanel symlink chmod issue Karol Wiêsek (10/18/04)
• cPanel hardlink chown issue Karol Wiêsek (10/18/04)
• cPanel hardlink backup issue Karol Wiêsek (10/18/04)
• Web browsers - a mini-farce Michal Zalewski (10/18/04)
• ms04-031 pre-auth ?? Sinan Eren (10/18/04)
• Re: 3COM Wireless router (3CRADSL72) information disclosure mccauley_at_gmx.net (10/15/04)
• Re: Format String Vulnerability in Valve's CS-Source Some One (10/15/04)
• Re: New Remote Microsoft JPEG DoS Vulnerability + Other Potential Security Vulnerabilitys in asycpict.dll 1.0 Advisory marco correnti (10/15/04)
• Multiple Vulnerabilities in CoolPHP R00tCr4ck (10/16/04)
• Re: New Remote Microsoft JPEG DoS Vulnerability + Other Potential Security Vulnerabilitys in asycpict.dll 1.0 Advisory SysAdminKC (10/15/04)
• Re: Adobe acrobat / Adobe Reader 6 can read local files Shannon Eric Peevey (10/15/04)
• IISShield and ASP.NET canonicalization Tiago Halm (10/13/04)
• [IE 6 SP2] Possible URL Spoofing Andrew Hunter (10/15/04)
• RE: Writing Trojans that bypass Windows XP Service Pack 2 Firewall Polazzo Justin (10/15/04)
• More details on BID 11408 (3com 3cradsl72 wireless router) Ivan Casado (10/15/04)
• [SECURITY] [DSA 567-1] New libtiff packages fix remote code execution Martin Schulze (10/15/04)
• Re: [VulnWatch] CORE-2004-0802: IIS NNTP Service XPAT Command Vulnerabilities wirepair (10/13/04)
• Clientexec Billing Software bugtraq_at_rloxy.com (10/12/04)
• Eudora 6.2.0.7 attachment spoof Paul Szabo (10/11/04)
• Directory traversal in Yak! 2.1.2 Luigi Auriemma (10/15/04)
• Norton AntiVirus 2004 Script Blocking Failure (Includes PoC and rant) Daniel Milisic (10/15/04)
• Re: Format String Vulnerability in Valve's CS-Source Luigi Auriemma (10/14/04)
• ProFTPD 1.2.x remote users enumeration bug LSS Security (10/15/04)
• Multiple Cross Site Scripting Vulnerabilities in FuseTalk steven (10/13/04)
• Re: Insecure Default Service DACL's in Windows 2003 Jean-Baptiste Marchand (10/13/04)
• Microsoft Windows NetDDE Service Buffer Overflow NGSSoftware Insight Security Research (10/13/04)
• Re: EEYE: Windows Shell ZIP File Decompression DUNZIP32.DLL Buffer Overflow Vulnerability Bipin Gautam (10/14/04)
• Writing Trojans that bypass Windows XP Service Pack 2 Firewall americanidiot_at_hushmail.com (10/12/04)
• a path disclosure and a posibility file inclusion and vulneability in thepeak file upload v1.3 keitel andres ortega (10/15/04)
• [OpenPKG-SA-2004.044] OpenPKG Security Advisory (modssl) OpenPKG (10/15/04)
• TSLSA-2004-0054 - multi Trustix Security Advisor (10/15/04)
• [FLSA-2004:2102] Updated samba packages fix security vulnerability [updated] Dominic Hargreaves (10/15/04)
• [ GLSA 200410-13 ] BNC: Input validation flaw Thierry Carrez (10/15/04)
• [ GLSA 200410-10 ] gettext: Insecure temporary file handling Luke Macken (10/11/04)
• Re: Adobe acrobat / Adobe Reader 6 can read local files Nick Leoncavallo (10/14/04)
• [OpenPKG-SA-2004.043] OpenPKG Security Advisory (tiff) OpenPKG (10/14/04)
• UPDATE: Format String Vulnerability in Valve's CS-Source Some One (10/14/04)
• ACROS Security: Session Fixation in JRun Management Console ACROS Security (10/14/04)
• ACROS Security: HTML Injection in JRun Management Console ACROS Security (10/14/04)
• ACROS Security: Unsanitized Session ID Cookie Allows Modifying Server Response ACROS Security (10/14/04)
• New Remote Microsoft JPEG DoS Vulnerability + Other Potential Security Vulnerabilitys in asycpict.dll 1.0 Advisory John Bissell (10/14/04)
• 3COM Wireless router (3CRADSL72) information disclosure Karb0nOxyde - (10/13/04)
• CESA-2004-006: libtiff chris_at_scary.beasts.org (10/13/04)
• [SECURITY] [DSA 566-1] New CUPS packages fix information leak Martin Schulze (10/14/04)
• [SECURITY] [DSA 563-3] New cyrus-sasl packages fix arbitrary code execution on sparc and arm Martin Schulze (10/14/04)
• [FLSA-2004:1737] Updated httpd packages fix a mod_proxy security vulnerability Marc Deslauriers (10/14/04)
• [HV-MED] UPDATE: RIM Blackberry DoS, data loss vuln_at_hexview.com (10/14/04)
• [CLA-2004:873] Conectiva Security Announcement - samba Conectiva Updates (10/14/04)
• [FLSA-2004:1888] Updated mod_ssl package fixes Apache security vulnerabilities Marc Deslauriers (10/14/04)
• [FLSA-2004:1833] Updated lha resolves security vulnerabilities Marc Deslauriers (10/14/04)
• [ GLSA 200410-12 ] WordPress: HTTP response splitting and XSS vulnerabilities Luke Macken (10/14/04)
• [CLA-2004:872] Conectiva Security Announcement - cups Conectiva Updates (10/14/04)
• SetWindowLong Shatter Attacks Brett Moore (10/14/04)
• Buffer Overflow In Microsoft Excel Brett Moore (10/14/04)
• Format String Vulnerability in Valve's CS-Source Some One (10/13/04)
• [ GLSA 200410-09 ] LessTif: Integer and stack overflows in libXpm Luke Macken (10/13/04)
• MSN Gaming Heartbeat Component Buffer Overflow NGSSoftware Insight Security Research (10/13/04)
• EEYE: Windows VDM #UD Local Privilege Escalation Derek Soeder (10/13/04)
• [ GLSA 200410-11 ] tiff: Buffer overflows in image decoding Thierry Carrez (10/13/04)
• Adobe acrobat / Adobe Reader 6 can read local files Jelmer (10/12/04)
• EEYE: Windows Shell ZIP File Decompression DUNZIP32.DLL Buffer Overflow Vulnerability Derek Soeder (10/13/04)
• IT Underground Talks Dave Aitel (10/13/04)
• [ GLSA 200410-10 ] gettext: Insecure temporary file handling Luke Macken (10/13/04)
• [SECURITY] [DSA 565-1] New sox packages fix buffer overflow Martin Schulze (10/13/04)
• ACROS Security: Poisoning Cached HTTPS Documents in Internet Explorer ACROS Security (10/13/04)
• [FLSA-2004:2102] Updated samba packages fix security vulnerability Dominic Hargreaves (10/13/04)
• Buffer-overflow in ShixxNOTE 6.net Luigi Auriemma (10/13/04)
• BindView Advisory: Memory Leak and DoS in NT4 RPC server advisory (10/13/04)
• [HV-HIGH] RIM Blackberry buffer overflow, DoS, data loss vuln_at_hexview.com (10/13/04)
• XXS in SCT email client Matthew Oyer (10/13/04)
• XXS in fusetalk forum Matthew Oyer (10/13/04)
• [SECURITY] [DSA 564-1] New mpg123 packages fix arbitrary code exceution Martin Schulze (10/13/04)
• [hackgen-2004-#002] - Remote file inclusion bug in ocPortal 1.0.3. Exoduks (10/12/04)
• MS October Security bulletins albatross_at_tim.it (10/12/04)
• Microsoft IIS 5.x/6.0 WebDAV (XML parser) attribute blowup DoS Amit Klein (AKsecurity) (10/12/04)
• Re: Regression in IE: Accessing remote/local content in IE (GM#009-IE) Nick FitzGerald (10/12/04)
• [SECURITY] [DSA 563-1] New cyrus-sasl packages fix arbitrary code execution Martin Schulze (10/12/04)
• Reverse Engineering the First Pocket PC Trojan kers0r (10/12/04)
• RE: Insecure Default Service DACL's in Windows 2003 Kurt Dillard (10/12/04)
• CORE-2004-0802: IIS NNTP Service XPAT Command Vulnerabilities CORE Security Technologies Advisories (10/12/04)
• UnixWare 7.1.4 : Multiple Vulnerabilities in libpng please_reply_to_security_at_sco.com (10/12/04)
• [SECURITY] [DSA 563-2] New cyrus-sasl packages really fix arbitrary code execution Martin Schulze (10/12/04)
• Microsoft Internet Explorer Install Engine Control Buffer Overflow NGSSoftware Insight Security Research (10/19/04)
• UnixWare 7.1.3up UnixWare 7.1.4 : CUPS before 1.1.21 allows remote attackers to cause a denial of service please_reply_to_security_at_sco.com (10/12/04)
• Regression in IE: Accessing remote/local content in IE (GM#009-IE) GreyMagic Security (10/12/04)
• Insecure Default Service DACL's in Windows 2003 Ziots, Edward (10/11/04)
• FW: problem in voip environment Walton, John Michael (John) (10/12/04)
• MonkeyShell: using XML-RPC for access to a remote shell Abe Usher (10/11/04)
• Micronet wireless broadband router SP916BM admin password reset when power off MrJoe (10/12/04)
• Microsoft cabarc directory traversal Jelmer (10/12/04)
• Multiple vulnerabilities in ZanfiCmsLite Lin Xiaofeng (10/11/04)
• [SECURITY] [DSA 562-1] New mysql packages fix several vulnerabilities Martin Schulze (10/11/04)
• [MAxpatrol Security Advisory] Multiple vulnerabilities in GoSmart Message Board Alexander Antipov (10/11/04)
• [SECURITY] [DSA 458-3] New python2.2 packages really fix buffer overflow and restore functionality Martin Schulze (10/10/04)
• [ GLSA 200410-06 ] CUPS: Leakage of sensitive information Kurt Lieber (10/09/04)
• Limited \secure\ buffer-overflow in some old Monolith games Luigi Auriemma (10/08/04)
• MDKSA-2004:106 - Updated cyrus-sasl packages fix local vulnerability Mandrake Linux Security Team (10/07/04)
• TSLSA-2004-0053 - cyrus-sasl Trustix Security Advisor (10/08/04)
• ASP.NET cannonicalization issue Evans, Arian (10/07/04)
• Server crash in Flash Messaging 5.2.0g Luigi Auriemma (10/07/04)
• [ GLSA 200410-05 ] Cyrus-SASL: Buffer overflow and SASL_PATH vulnerabilities Kurt Lieber (10/07/04)
• [SECURITY] [DSA 560-1] New lesstif packages fix several vulnerabilities Martin Schulze (10/07/04)
• [SECURITY] [DSA 600-1] New samba packages fix arbitrary file access Martin Schulze (10/07/04)
• HTTP Response Splitting Vulnerability in Wordpress 1.2 Chaotic Evil (10/07/04)
• [HV-HIGH] MS Word multiple exceptions, at least one exploitable vuln_at_hexview.com (10/07/04)
• Re: Buffer Overflow in Spider game Matt Zimmerman (10/06/04)
• New Microsoft Security Response Center PGP Key [pgp] Microsoft Security Response Center (10/06/04)
• [Gosecure Adivsory] Neoteris IVE Vulnerability Jian Hui Wang (10/06/04)
• Re: Multiple vulnerabilities in BlackBoard Yves Goergen (10/06/04)
• Patch available for high risk flaws in the AtHoc Toolbar NGSSoftware Insight Security Research (10/06/04)
• [SECURITY] [DSA 558-1] New libapache-mod-dav packages fix potential denial of service Martin Schulze (10/06/04)
• MDKSA-2004:105 - Updated xine-lib packages fix multiple vulnerabilities Mandrake Linux Security Team (10/06/04)
• [GoSecure Advisory] Neoteris IVE Vulnerability Jian Hui Wang (10/06/04)
• Latest Apple Sec update Michael Bartosh (10/06/04)
• Directory traversal in Tridcomm 1.3 Luigi Auriemma (10/06/04)
• CodeCon 2005 Call for Papers Len Sassaman (10/06/04)
• Re: [Full-Disclosure] iDEFENSE Security Advisory 10.05.04b: Symantec Norton AntiVirus Reserved Device Name Handling Vulnerability 3APA3A (10/06/04)
• [ GLSA 200410-04 ] PHP: Memory disclosure and arbitrary location file upload Dan Margolis (10/06/04)
• SUSE Security Announcement: mozilla (SUSE-SA:2004:036) Sebastian Krahmer (10/06/04)
• [SECURITY] [DSA 559-1] New net-acct packages fix insecure temporary file creation Martin Schulze (10/06/04)
• Patch available for multiple high risk vulnerabilities in RealPlayer NGSSoftware Insight Security Research (10/06/04)
• Multiple vulnerabilities in BlackBoard Lin Xiaofeng (10/06/04)
• GDI+ JPEG exploit albatross_at_tim.it (10/06/04)
• [Maxpatrol Security Advisory] Multiple vulnerabilities in DCP-Portal Alexander Antipov (10/06/04)
• Full path disclosure and sql injection on CubeCart 2.0.1 Pedro Sanches (10/06/04)
• Re: Full path disclosure in PHP Links - more LSS Security (10/05/04)
• Re: Buffer Overflow in Spider game van Helsing (10/05/04)
• ERRATA: Potential Arbitrary File Access (CAN-2004-0815) Gerald (Jerry) Carter (10/05/04)
• [MAXPATROL Security Advisories] Cross site scripting in Invision Power Board Alexander Antipov (10/05/04)
• Test your windows OS Berend-Jan Wever (10/05/04)
• Antivirus, Trojan, Spy ware scanner, Nested file manual scan bypass bug Bipin Gautam (10/05/04)
• Re: Full path disclosure in PHP Links Scott T. Cameron (10/05/04)
• Re: EEYE: RealPlayer pnen3260.dll Heap Overflow Chenghuai Lu (10/05/04)
• [security bulletin]SSRT4826 rev.0 Mozilla Application Suite for HP Tru64 UNIX Multiple Potential Security Vulnerabilities Boren, Rich (SSRT) (10/05/04)
• SUSE Security Announcement: samba (SUSE-SA:2004:035) Thomas Biege (10/05/04)
• Patch available for critical IBM DB2 Universal Database flaws NGSSoftware Insight Security Research (10/05/04)
• Re: Buffer Overflow in Spider game Steve Kemp (10/04/04)
• [ GLSA 200410-02 ] Netpbm: Multiple temporary file issues Thierry Carrez (10/04/04)
• [FLSA-2004:1324] Updated libxml2 resolves security vulnerability Marc Deslauriers (10/04/04)
• Full path disclosure in PHP Links Nikyt0x Argentina (10/03/04)
• FreeBSD Security Advisory FreeBSD-SA-04:15.syscons FreeBSD Security Advisories (10/04/04)
• [FLSA-2004:1325] Updated mod_python packages fix security vulnerability Dominic Hargreaves (10/03/04)
• [SECURITY] [DSA 557-1] New rp-pppoe packages fix potential root compromise Martin Schulze (10/04/04)
• [LoWNOISE] IPSWITCH WhatsUp Gold 8.03 Remote fr33 exploit ET LoWNOISE (10/03/04)
• Buffer Overflow in Spider game Security Team (10/03/04)
• [SECURITY] [DSA 556-1] New netkit-telnet packages fix invalid free Matt Zimmerman (10/03/04)
• [FLSA-2004:1372] Updated sysstat packages fix security vulnerabilities Marc Deslauriers (10/03/04)
• Re: Oracle 9i Union Flaw Peter J. Holzer (10/04/04)
• Re: cdrecord local root exploit Solar Designer (10/02/04)
• In-game format string in Judge Dredd vs. Death 1.01 Luigi Auriemma (10/02/04)
• [FLSA-2004:1733] Updated squirrelmail resolves security vulnerabilities Dominic Hargreaves (10/02/04)
• Security advisory - Xerces-C++ 2.5.0: Attribute blowup Amit Klein (AKsecurity) (10/02/04)
• On Polymorphic Evasion Phantasmal Phantasmagoria (10/02/04)
• dbPowerAmp Buffer Overflow And Dos Vulnerabilities GulfTech Security (10/01/04)
• Re: cdrecord local root exploit Jason T. Miller (10/01/04)
• Re: Promiscuous email printing in Canon imageRunner Marco Ivaldi (10/01/04)
• Re: Oracle 9i Union Flaw Brandon Petty (10/01/04)
• Oracle 9i Union Flaw Brandon Petty (10/01/04)
• [ GLSA 200410-01 ] sharutils: Buffer overflows in shar.c and unshar.c Thierry Carrez (10/01/04)
• MDKSA-2004:104 - Updated samba packages fix vulnerability Mandrake Linux Security Team (10/02/04)
• Re: cdrdao local root exploit newbug Tseng (10/01/04)
• Re: cdrecord local root exploit Greg A. Woods (10/01/04)
• Re: Possible GDI Exploit Vector Babar Shafiq Nazmi (10/01/04)
• Broadcast buffer-overflow in Vypress Messenger 3.5.1 Luigi Auriemma (10/01/04)
• EEYE: RealPlayer pnen3260.dll Heap Overflow Marc Maiffret (10/01/04)
• SQL Injection vulnerability in bBlog 0.7.3 James McGlinn (10/01/04)
• Multiple Vulnerabilities in AJ-Fork Ahmad Muammar (10/01/04)
• TSLSA-2004-0051 - samba Trustix Security Advisor (10/01/04)
• Re: Diebold Global Election Management System (GEMS) Backdoor Acc ount Allows Authenticated Users to Modify Votes Shawn McMahon (09/29/04)
• [SECURITY] [DSA 553-1] New getmail packages fix root compromise Martin Schulze (09/27/04)
• RE: Diebold Global Election Management System (GEMS) Backdoor David Schwartz (09/29/04)
• CFMX vulnerability Eric Lackey (10/01/04)
• RE: Promiscuous email printing in Canon imageRunner Jeff Bates (09/30/04)
• Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Chris Paget (09/27/04)
• iDEFENSE Security Advisory 09.29.04 - Macromedia JRun 4 mod_jrun Apache Module Buffer Overflow Vulnerability customer service mailbox (09/29/04)
• RE: Diebold Global Election Management System (GEMS) Backdoor Geoff Vass (09/28/04)
• iDEFENSE Security Advisory 09.30.04 - Samba Arbitrary File Access Vulnerability customer service mailbox (09/30/04)
• Re:[4] Corsaire Security Advisory - Multiple vendor MIME RFC2047 encoding issue advisories (09/29/04)
• RE: Diebold Global Election Management System (GEMS) Backdoor Acc ount Allows Authenticated Users to Modify Votes Hugo van der Kooij (09/28/04)

Last message date: 10/30/04
Archived on: 10/30/04 CEST

---

368 messages sorted by: [ author ] [ thread ] [ subject ] [ attachment ]

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(15)