SecurityFocus Bugtraq
By Subject

368 messages sorted by: [ author ] [ date ] [ thread ] [ attachment ]

Starting: 10/01/04
Ending: 10/30/04

• 3COM Wireless router (3CRADSL72) information disclosure
  • mccauley_at_gmx.net (10/15/04)
  • Karb0nOxyde - (10/13/04)
• [ GLSA 200410-01 ] sharutils: Buffer overflows in shar.c and unshar.c
  • Thierry Carrez (10/01/04)
• [ GLSA 200410-02 ] Netpbm: Multiple temporary file issues
  • Thierry Carrez (10/04/04)
• [ GLSA 200410-04 ] PHP: Memory disclosure and arbitrary location file upload
  • Dan Margolis (10/06/04)
• [ GLSA 200410-05 ] Cyrus-SASL: Buffer overflow and SASL_PATH vulnerabilities
  • Kurt Lieber (10/07/04)
• [ GLSA 200410-06 ] CUPS: Leakage of sensitive information
  • Kurt Lieber (10/09/04)
• [ GLSA 200410-09 ] LessTif: Integer and stack overflows in libXpm
  • Luke Macken (10/13/04)
• [ GLSA 200410-10 ] gettext: Insecure temporary file handling
  • Luke Macken (10/11/04)
  • Luke Macken (10/13/04)
• [ GLSA 200410-11 ] tiff: Buffer overflows in image decoding
  • Thierry Carrez (10/13/04)
• [ GLSA 200410-12 ] WordPress: HTTP response splitting and XSS vulnerabilities
  • Luke Macken (10/14/04)
• [ GLSA 200410-13 ] BNC: Input validation flaw
  • Thierry Carrez (10/15/04)
• [ GLSA 200410-14 ] phpMyAdmin: Vulnerability in MIME-based transformation system
  • Thierry Carrez (10/18/04)
• [ GLSA 200410-15 ] Squid: Remote DoS vulnerability
  • Luke Macken (10/18/04)
• [ GLSA 200410-21 ] Apache 2, mod_ssl: Bypass of SSLCipherSuite directive
  • Kurt Lieber (10/21/04)
• [ GLSA 200410-22 ] MySQL: Multiple vulnerabilities
  • Thierry Carrez (10/24/04)
• [ GLSA 200410-23 ] Gaim: Multiple vulnerabilities
  • Matthias Geerdsen (10/24/04)
• [ GLSA 200410-24 ] MIT krb5: Insecure temporary file use in send-pr.sh
  • Thierry Carrez (10/25/04)
• [ GLSA 200410-25 ] Netatalk: Insecure tempfile handling in etc2ps.sh
  • Luke Macken (10/25/04)
• [ GLSA 200410-26 ] socat: Format string vulnerability
  • Luke Macken (10/25/04)
• [ GLSA 200410-28 ] rssh: Format string vulnerability
  • Thierry Carrez (10/27/04)
• [ GLSA 200410-29 ] PuTTY: Pre-authentication buffer overflow
  • Sune Kloppenborg Jeppesen (10/27/04)
• [ GLSA 200410-30 ] GPdf, KPDF, KOffice: Vulnerabilities in included xpdf
  • Thierry Carrez (10/28/04)
• [ GLSA 200410-31 ] Archive::Zip: Virus detection evasion
  • Thierry Carrez (10/29/04)
• [4] Corsaire Security Advisory - Multiple vendor MIME RFC2047 encoding issue
  • advisories (09/29/04)
• [BUGZILLA] Vulnerabilities in Bugzilla 2.16.6 and 2.18rc2
  • David Miller (10/25/04)
• [CLA-2004:872] Conectiva Security Announcement - cups
  • Conectiva Updates (10/14/04)
• [CLA-2004:873] Conectiva Security Announcement - samba
  • Conectiva Updates (10/14/04)
• [CLA-2004:875] Conectiva Security Announcement - gtk+
  • Conectiva Updates (10/18/04)
• [CLA-2004:877] Conectiva Security Announcement - mozilla
  • Conectiva Updates (10/22/04)
• [CLA-2004:878] Conectiva Security Announcement - zlib
  • Conectiva Updates (10/25/04)
• [CLA-2004:879] Conectiva Security Announcement - kernel
  • Conectiva Updates (10/26/04)
• [CLA-2004:880] Conectiva Security Announcement - foomatic-filters
  • Conectiva Updates (10/27/04)
• [EXPL] (MS04-032) Microsoft Windows XP Metafile (.emf) Heap Overflow (PoC)
  • houseofdabus HOD (10/20/04)
• [FLSA-2004:1237] Updated gaim package resolves security issues
  • Marc Deslauriers (10/16/04)
• [FLSA-2004:1324] Updated libxml2 resolves security vulnerability
  • Marc Deslauriers (10/04/04)
• [FLSA-2004:1325] Updated mod_python packages fix security vulnerability
  • Dominic Hargreaves (10/03/04)
• [FLSA-2004:1372] Updated sysstat packages fix security vulnerabilities
  • Marc Deslauriers (10/03/04)
• [FLSA-2004:1733] Updated squirrelmail resolves security vulnerabilities
  • Dominic Hargreaves (10/02/04)
• [FLSA-2004:1737] Updated httpd packages fix a mod_proxy security vulnerability
  • Marc Deslauriers (10/14/04)
• [FLSA-2004:1804] Updated kernel resolves security vulnerabilities
  • Dominic Hargreaves (10/18/04)
• [FLSA-2004:1833] Updated lha resolves security vulnerabilities
  • Marc Deslauriers (10/14/04)
• [FLSA-2004:1888] Updated mod_ssl package fixes Apache security vulnerabilities
  • Marc Deslauriers (10/14/04)
• [FLSA-2004:2072] Updated CUPS packages fix security vulnerability
  • Marc Deslauriers (10/16/04)
• [FLSA-2004:2089] Updated mozilla packages fix security vulnerabilities
  • Dominic Hargreaves (10/27/04)
• [FLSA-2004:2102] Updated samba packages fix security vulnerability
  • Dominic Hargreaves (10/13/04)
• [FLSA-2004:2102] Updated samba packages fix security vulnerability [updated]
  • Dominic Hargreaves (10/15/04)
• [Full-Disclosure] iDEFENSE Security Advisory 10.05.04b: Symantec Norton AntiVirus Reserved Device Name Handling Vulnerability
  • 3APA3A (10/06/04)
• [Full-Disclosure] python does mangleme (with IE bugs!)
  • Berend-Jan Wever (10/25/04)
• [Full-Disclosure] Update: Web browsers - a mini-farce (MSIE gives in)
  • Daniel Veditz (10/24/04)
• [Fwd: Altiris Carbon Copy Remote Control local SYSTEM exploitation.]
  • KF_lists (10/22/04)
• [Gosecure Adivsory] Neoteris IVE Vulnerability
  • Jian Hui Wang (10/06/04)
• [GoSecure Advisory] Neoteris IVE Vulnerability
  • Jian Hui Wang (10/06/04)
• [hackgen-2004-#002] - Remote file inclusion bug in ocPortal 1.0.3.
  • Exoduks (10/12/04)
• [HV-HIGH] MS Word multiple exceptions, at least one exploitable
  • vuln_at_hexview.com (10/07/04)
• [HV-HIGH] RIM Blackberry buffer overflow, DoS, data loss
  • vuln_at_hexview.com (10/13/04)
• [HV-LOW] Unsafe WAV header handling can cause DoS on Windows
  • vuln_at_hexview.com (10/22/04)
• [HV-MED] UPDATE: RIM Blackberry DoS, data loss
  • vuln_at_hexview.com (10/14/04)
• [IE 6 SP2] Possible URL Spoofing
  • Dror Shalev (10/19/04)
  • Paul Kurczaba (10/16/04)
  • http-equiv_at_excite.com (10/16/04)
  • Andrew Hunter (10/15/04)
• [KDE security advisory] Multiple integer overflows in kpdf
  • Dirk Mueller (10/22/04)
• [kde-announce] [KDE security advisory] Multiple integer overflows in kpdf
  • Dirk Mueller (10/22/04)
• [LoWNOISE] IPSWITCH WhatsUp Gold 8.03 Remote fr33 exploit
  • ET LoWNOISE (10/03/04)
• [MAXPATROL Security Advisories] Cross site scripting in Invision Power Board
  • Alexander Antipov (10/05/04)
• [Maxpatrol Security Advisory] Multiple vulnerabilities in DCP-Portal
  • Alexander Antipov (10/06/04)
• [MAxpatrol Security Advisory] Multiple vulnerabilities in GoSmart Message Board
  • Alexander Antipov (10/11/04)
• [OpenPKG-SA-2004.043] OpenPKG Security Advisory (tiff)
  • OpenPKG (10/14/04)
• [OpenPKG-SA-2004.044] OpenPKG Security Advisory (modssl)
  • OpenPKG (10/15/04)
• [OpenPKG-SA-2004.046] OpenPKG Security Advisory (postgresql)
  • OpenPKG (10/29/04)
• [OpenPKG-SA-2004.047] OpenPKG Security Advisory (apache)
  • OpenPKG (10/29/04)
• [OpenPKG-SA-2004.048] OpenPKG Security Advisory (squid)
  • OpenPKG (10/29/04)
• [Powie's PSCRIPT Forum] Multiple SQL-Injection Vulnerabilities
  • Christoph Jeschke (10/15/04)
• [security bulletin] SSRT3526 Serviceguard potential increase in privilege
  • Boren, Rich (SSRT) (10/26/04)
• [Security Bulletin] SSRT4807 HP-UX stmkfont local unauthorized privileged access
  • Boren, Rich (SSRT) (10/22/04)
• [security bulletin]SSRT4826 rev.0 Mozilla Application Suite for HP Tru64 UNIX Multiple Potential Security Vulnerabilities
  • Boren, Rich (SSRT) (10/05/04)
• [SECURITY] [DSA 458-3] New python2.2 packages really fix buffer overflow and restore functionality
  • Martin Schulze (10/10/04)
• [SECURITY] [DSA 553-1] New getmail packages fix root compromise
  • Martin Schulze (09/27/04)
• [SECURITY] [DSA 556-1] New netkit-telnet packages fix invalid free
  • Matt Zimmerman (10/03/04)
• [SECURITY] [DSA 556-2] New netkit-telnet packages really fix denial of service
  • Martin Schulze (10/18/04)
• [SECURITY] [DSA 557-1] New rp-pppoe packages fix potential root compromise
  • Martin Schulze (10/04/04)
• [SECURITY] [DSA 558-1] New libapache-mod-dav packages fix potential denial of service
  • Martin Schulze (10/06/04)
• [SECURITY] [DSA 559-1] New net-acct packages fix insecure temporary file creation
  • Martin Schulze (10/06/04)
• [SECURITY] [DSA 560-1] New lesstif packages fix several vulnerabilities
  • Martin Schulze (10/07/04)
• [SECURITY] [DSA 562-1] New mysql packages fix several vulnerabilities
  • Martin Schulze (10/11/04)
• [SECURITY] [DSA 563-1] New cyrus-sasl packages fix arbitrary code execution
  • Martin Schulze (10/12/04)
• [SECURITY] [DSA 563-2] New cyrus-sasl packages really fix arbitrary code execution
  • Martin Schulze (10/12/04)
• [SECURITY] [DSA 563-3] New cyrus-sasl packages fix arbitrary code execution on sparc and arm
  • Martin Schulze (10/14/04)
• [SECURITY] [DSA 564-1] New mpg123 packages fix arbitrary code exceution
  • Martin Schulze (10/13/04)
• [SECURITY] [DSA 565-1] New sox packages fix buffer overflow
  • Martin Schulze (10/13/04)
• [SECURITY] [DSA 566-1] New CUPS packages fix information leak
  • Martin Schulze (10/14/04)
• [SECURITY] [DSA 567-1] New libtiff packages fix remote code execution
  • Martin Schulze (10/15/04)
• [SECURITY] [DSA 568-1] New cyrus-sasl-mit packages fix arbitrary code execution
  • Martin Schulze (10/16/04)
• [SECURITY] [DSA 569-1] New netkit-telnet-ssl packages fix denial of service
  • Martin Schulze (10/18/04)
• [SECURITY] [DSA 570-1] New libpng packages fix several vulnerabilities
  • Martin Schulze (10/20/04)
• [SECURITY] [DSA 571-1] New libpng3 packages fix several vulnerabilities
  • Martin Schulze (10/20/04)
• [SECURITY] [DSA 572-1] New ecartis packages fix unauthorised access to admin interface
  • Martin Schulze (10/21/04)
• [SECURITY] [DSA 573-1] New cupsys packages fix arbitrary code execution
  • Martin Schulze (10/21/04)
• [SECURITY] [DSA 574-1] New cabextract packages fix unintended directory traversal
  • Martin Schulze (10/28/04)
• [SECURITY] [DSA 575-1] New catdoc packages fix temporary file vulnerability
  • Martin Schulze (10/28/04)
• [SECURITY] [DSA 576-1] New Squid packages fix several vulnerabilities
  • Martin Schulze (10/29/04)
• [SECURITY] [DSA 577-1] New postgresql packages fix symlink vulnerability
  • Martin Schulze (10/29/04)
• [SECURITY] [DSA 600-1] New samba packages fix arbitrary file access
  • Martin Schulze (10/07/04)
• [USN-11-1] libgd2 vulnerabilities
  • Martin Pitt (10/29/04)
• [USN-12-1] ppp Denial of Service
  • Martin Pitt (10/29/04)
• [USN-3-1] GhostScript utility script vulnerabilities
  • Martin Pitt (10/27/04)
• [USN-4-1] Standard C library script vulnerabilities
  • Martin Pitt (10/28/04)
• [USN-5-1] gettext vulnerabilities
  • Martin Pitt (10/27/04)
• [USN-6-1] postgresql contributed script vulnerability
  • Martin Pitt (10/27/04)
• [USN-7-1] imagemagick vulnerability
  • Martin Pitt (10/27/04)
• [USN-8-1] gaim vulnerabilities
  • Martin Pitt (10/27/04)
• [USN-9-1] tetex-bin vulnerabilities
  • Martin Pitt (10/28/04)
• [VulnWatch] CORE-2004-0802: IIS NNTP Service XPAT Command Vulnerabilities
  • wirepair (10/13/04)
• a path disclosure and a posibility file inclusion and vulneability in thepeak file upload v1.3
  • keitel andres ortega (10/15/04)
• Ability FTP Server 2.34 Buffer Overflow Exploit
  • Jérôme (10/22/04)
• ACROS Security: HTML Injection in JRun Management Console
  • ACROS Security (10/14/04)
• ACROS Security: Poisoning Cached HTTPS Documents in Internet Explorer
  • ACROS Security (10/13/04)
• ACROS Security: Session Fixation in JRun Management Console
  • ACROS Security (10/14/04)
• ACROS Security: Unsanitized Session ID Cookie Allows Modifying Server Response
  • ACROS Security (10/14/04)
• Adobe acrobat / Adobe Reader 6 can read local files
  • Shannon Eric Peevey (10/15/04)
  • Nick Leoncavallo (10/14/04)
  • Jelmer (10/12/04)
• Antivirus, Trojan, Spy ware scanner, Nested file manual scan bypass bug
  • Bipin Gautam (10/05/04)
• AOL Journals BlogID incrementing discloses account names and e-mail
  • Steven (10/22/04)
• apexec.pl is still vulnerable against Directory Traversal.
  • Zero_X www.lobnan.de Team (10/17/04)
• ASP.NET cannonicalization issue
  • Evans, Arian (10/07/04)
• avoiding stackguard
  • Crispin Cowan (10/22/04)
  • vallez_at_gmail.com (10/18/04)
• BindView Advisory: Memory Leak and DoS in NT4 RPC server
  • advisory (10/13/04)
• Broadcast buffer-overflow in Vypress Messenger 3.5.1
  • Luigi Auriemma (10/01/04)
• Broadcast crash in Vypress Tonecast 1.3
  • Luigi Auriemma (10/19/04)
• Buffer Overflow In Microsoft Excel
  • Brett Moore (10/14/04)
• Buffer Overflow in Spider game
  • Matt Zimmerman (10/06/04)
  • van Helsing (10/05/04)
  • Steve Kemp (10/04/04)
  • Security Team (10/03/04)
• Buffer-overflow in Age of Sail II 1.04.151
  • Luigi Auriemma (10/20/04)
• Buffer-overflow in ShixxNOTE 6.net
  • Luigi Auriemma (10/13/04)
• Bug in hotmail
  • security (10/24/04)
• CAN-2004-0814: Linux terminal layer races
  • Pavel Kankovsky (10/23/04)
  • Alan Cox (10/21/04)
• cdrdao local root exploit
  • newbug Tseng (10/01/04)
• cdrecord local root exploit
  • Solar Designer (10/02/04)
  • Jason T. Miller (10/01/04)
  • Greg A. Woods (10/01/04)
• CESA-2004-006: libtiff
  • chris_at_scary.beasts.org (10/13/04)
• CFMX vulnerability
  • Eric Lackey (10/01/04)
• Clientexec Billing Software
  • bugtraq_at_rloxy.com (10/12/04)
• CodeCon 2005 Call for Papers
  • Len Sassaman (10/06/04)
• CORE-2004-0802: IIS NNTP Service XPAT Command Vulnerabilities
  • CORE Security Technologies Advisories (10/12/04)
• cPanel hardlink backup issue
  • Karol Wiêsek (10/18/04)
• cPanel hardlink chown issue
  • Karol Wiêsek (10/18/04)
• cPanel symlink chmod issue
  • Karol Wiêsek (10/18/04)
• Crashs in Master of Orion III 1.2.5
  • Luigi Auriemma (10/27/04)
• Critical Vulnerability in Altiris Deployment Server architecture
  • Brooks, Shane (10/25/04)
  • KF_lists (10/21/04)
  • Brian Gallagher (10/21/04)
• dbPowerAmp Buffer Overflow And Dos Vulnerabilities
  • GulfTech Security (10/01/04)
• debian dhcpd, old format string bug
  • infamous41md_at_hotpop.com (10/29/04)
  • Tarragon Allen (10/28/04)
  • infamous41md_at_hotpop.com (10/26/04)
• Diebold Global Election Management System (GEMS) Backdoor
  • David Schwartz (09/29/04)
  • Geoff Vass (09/28/04)
• Diebold Global Election Management System (GEMS) Backdoor Acc ount Allows Authenticated Users to Modify Votes
  • Shawn McMahon (09/29/04)
  • Hugo van der Kooij (09/28/04)
• Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes
  • Chris Paget (09/27/04)
• Directory traversal in Tridcomm 1.3
  • Luigi Auriemma (10/06/04)
• Directory traversal in Yak! 2.1.2
  • bil (10/16/04)
  • Luigi Auriemma (10/15/04)
• dwc_articles possible sql injection
  • Rene (10/23/04)
• EEYE: RealPlayer pnen3260.dll Heap Overflow
  • Chenghuai Lu (10/05/04)
  • Marc Maiffret (10/01/04)
• EEYE: RealPlayer Zipped Skin File Buffer Overflow
  • Marc Maiffret (10/27/04)
• EEYE: Windows Shell ZIP File Decompression DUNZIP32.DLL Buffer Overflow Vulnerability
  • Bipin Gautam (10/14/04)
  • Derek Soeder (10/13/04)
• EEYE: Windows VDM #UD Local Privilege Escalation
  • Jim Hatfield (10/14/04)
  • Derek Soeder (10/13/04)
• ERRATA: Potential Arbitrary File Access (CAN-2004-0815)
  • Gerald (Jerry) Carter (10/05/04)
• Eudora 6.2.0.7 attachment spoof
  • Paul Szabo (10/11/04)
• Fake RedHat - Fedora Security Patch / Trojan Source Code & Analysis
  • K-OTiK Security (10/25/04)
• Format String Vulnerability in Valve's CS-Source
  • Some One (10/15/04)
  • Luigi Auriemma (10/14/04)
  • Some One (10/13/04)
• FreeBSD Security Advisory FreeBSD-SA-04:15.syscons
  • FreeBSD Security Advisories (10/04/04)
• Full path disclosure and sql injection on CubeCart 2.0.1
  • sculptex_at_sculptex.co.uk (10/22/04)
  • Pedro Sanches (10/06/04)
• Full path disclosure in PHP Links
  • Scott T. Cameron (10/05/04)
  • Nikyt0x Argentina (10/03/04)
• Full path disclosure in PHP Links - more
  • LSS Security (10/05/04)
• GDI+ JPEG exploit
  • albatross_at_tim.it (10/06/04)
• Google Script Insertion Exploit
  • Jérôme (10/23/04)
  • Jim Ley (10/19/04)
• Hack Dot AE
  • Spy Hat (10/22/04)
• Hawking Technologies HAR11A router considered insecure
  • Marcus Garvey (10/26/04)
• High Risk Vulnerability in Quicktime for Windows
  • NGSSoftware Insight Security Research (10/27/04)
• High Risk Vulnerability in RealPlayer
  • NGSSoftware Insight Security Research (10/27/04)
• How to Break Windows XP SP2 + Internet Explorer 6 SP2
  • michael evanchik (10/25/04)
  • http-equiv_at_excite.com (10/20/04)
  • Thor Larholm (10/20/04)
• HTTP Response Splitting in Serendipity 0.7-beta4
  • Chaotic Evil (10/21/04)
• HTTP Response Splitting Vulnerability in Wordpress 1.2
  • Chaotic Evil (10/07/04)
• IBM Lotus Notes/Domino fails to encode Square Brackets ( [ ] ) in computed field/text, allowing XSS
  • Juan C Calderon (10/18/04)
  • Juan C Calderon (10/18/04)
• IBM Lotus Notes/Domino fails to encode Square Brackets ( [ ] ) in computed field/text, allowing XSS (Risk increased)
  • Juan C Calderon (10/21/04)
• iDEFENSE Security Advisory 09.29.04 - Macromedia JRun 4 mod_jrun Apache Module Buffer Overflow Vulnerability
  • customer service mailbox (09/29/04)
• iDEFENSE Security Advisory 09.30.04 - Samba Arbitrary File Access Vulnerability
  • customer service mailbox (09/30/04)
• iDEFENSE Security Advisory 10.18.04: Multiple Vendor Anti-Virus Software Detection Evasion Vulnerability
  • customer service mailbox (10/18/04)
• iDEFENSE Security Advisory 10.27.04 - PuTTY SSH2_MSG_DEBUG Buffer Overflow Vulnerability
  • customer service mailbox (10/27/04)
• iDEFENSE Security Advisory XX.XX.04 - Novell SuSe Linux LibTIFF Heap Overflow Vulnerability
  • customer service mailbox (10/22/04)
• IISShield and ASP.NET canonicalization
  • Tiago Halm (10/13/04)
• In-game format string in Judge Dredd vs. Death 1.01
  • Luigi Auriemma (10/02/04)
• inetutils tftp client, DNS resolving bofs
  • infamous41md_at_hotpop.com (10/26/04)
• Insecure Default Service DACL's in Windows 2003
  • Jean-Baptiste Marchand (10/13/04)
  • Kurt Dillard (10/12/04)
  • Ziots, Edward (10/11/04)
• Is Windows up to snuff for running our world?
  • Thor (10/25/04)
  • Richard M. Smith (10/22/04)
• IT Underground Talks
  • Dave Aitel (10/13/04)
• J2ME security vulnerabilities
  • Adam Gowdiak (10/22/04)
• Latest Apple Sec update
  • Michael Bartosh (10/06/04)
• libgd integer overflow
  • infamous41md_at_hotpop.com (10/29/04)
  • Richard Dawe (10/29/04)
  • infamous41md_at_hotpop.com (10/26/04)
• libxml2 remote buffer overflows (not in xml parsing code though)
  • infamous41md_at_hotpop.com (10/26/04)
• Limited \secure\ buffer-overflow in some old Monolith games
  • Luigi Auriemma (10/08/04)
• local buffer overflow in htpasswd for apache 1.3.31 not fixed in .33?
  • Michael Engert (10/29/04)
  • André Malo (10/29/04)
  • Larry Cashdollar (10/29/04)
• MailCarrier 2.51 SMTP server Buffer Overflow [PoC included]
  • Jérôme (10/26/04)
• MDKSA-2004:104 - Updated samba packages fix vulnerability
  • Mandrake Linux Security Team (10/02/04)
• MDKSA-2004:105 - Updated xine-lib packages fix multiple vulnerabilities
  • Mandrake Linux Security Team (10/06/04)
• MDKSA-2004:106 - Updated cyrus-sasl packages fix local vulnerability
  • Mandrake Linux Security Team (10/07/04)
• MDKSA-2004:107 - Updated mozilla packages fix vulnerabilities
  • Mandrake Linux Security Team (10/20/04)
• MDKSA-2004:108 - Updated cvs packages fix vulnerability
  • Mandrake Linux Security Team (10/20/04)
• MDKSA-2004:109 - Updated libtiff packages fix multiple vulnerabilities
  • Mandrake Linux Security Team (10/20/04)
• MDKSA-2004:110 - Updated gaim packages fix vulnerabilities
  • Mandrake Linux Security Team (10/21/04)
• MDKSA-2004:111 - Updated wxGTK2 packages fix vulnerabilities
  • Mandrake Linux Security Team (10/21/04)
• MDKSA-2004:112 - Updated squid packages fix SNMP processing vulnerability
  • Mandrake Linux Security Team (10/21/04)
• MDKSA-2004:113 - Updated xpdf packages fix vulnerabilities
  • Mandrake Linux Security Team (10/22/04)
• MDKSA-2004:114 - Updated gpdf packages fix DoS vulnerability
  • Mandrake Linux Security Team (10/22/04)
• MDKSA-2004:115 - Updated kdegraphics packages fix DoS vulnerability
  • Mandrake Linux Security Team (10/22/04)
• MDKSA-2004:116 - Updated cups packages fix DoS vulnerabilities
  • Mandrake Linux Security Team (10/22/04)
• Micronet wireless broadband router SP916BM admin password reset when power off
  • MrJoe (10/12/04)
• Microsoft cabarc directory traversal
  • Jelmer (10/12/04)
• Microsoft IIS 5.x/6.0 WebDAV (XML parser) attribute blowup DoS
  • Amit Klein (AKsecurity) (10/12/04)
• Microsoft Internet Explorer Install Engine Control Buffer Overflow
  • NGSSoftware Insight Security Research (10/19/04)
• Microsoft Windows NetDDE Service Buffer Overflow
  • NGSSoftware Insight Security Research (10/13/04)
• MMDF deliver local root exploit for SCO OpenServer 5.0.7 x86
  • Ramon de Carvalho Valle (10/27/04)
• MonkeyShell: using XML-RPC for access to a remote shell
  • Abe Usher (10/11/04)
• More details on BID 11408 (3com 3cradsl72 wireless router)
  • Ivan Casado (10/15/04)
• Mozilla Firefox (tested on 0.9.3) html-code crash.
  • Michal Zalewski (10/29/04)
  • Crispin Cowan (10/28/04)
  • ducch apple (10/25/04)
• mpg123 "getauthfromurl" buffer overflow
  • Carlos Barros (10/20/04)
• MS October Security bulletins
  • albatross_at_tim.it (10/12/04)
• ms04-031 pre-auth ??
  • Sinan Eren (10/18/04)
• MSN Gaming Heartbeat Component Buffer Overflow
  • NGSSoftware Insight Security Research (10/13/04)
• Multiple AntiVirus Reserved Device Name Handling Vulnerability
  • Sowhat . (10/19/04)
• Multiple Cross Site Scripting Vulnerabilities in FuseTalk
  • steven (10/13/04)
• Multiple Vulnerabilites in Quake II Server
  • Richard Stanway (10/27/04)
• Multiple Vulnerabilities in AJ-Fork
  • Ahmad Muammar (10/01/04)
• Multiple vulnerabilities in BlackBoard
  • Yves Goergen (10/06/04)
  • Lin Xiaofeng (10/06/04)
• Multiple Vulnerabilities in CoolPHP
  • R00tCr4ck (10/16/04)
• Multiple vulnerabilities in Sage Saleslogix
  • Carl (10/18/04)
• Multiple vulnerabilities in ZanfiCmsLite
  • Lin Xiaofeng (10/11/04)
• Mutiple AntiVirus Reserved Device Name Handling Vulnerability
  • Sowhat . (10/18/04)
• New Microsoft Security Response Center PGP Key [pgp]
  • Microsoft Security Response Center (10/06/04)
• New Remote Microsoft JPEG DoS Vulnerability + Other Potential Security Vulnerabilitys in asycpict.dll 1.0 Advisory
  • Chris Norton (10/18/04)
  • marco correnti (10/15/04)
  • SysAdminKC (10/15/04)
  • John Bissell (10/14/04)
• New URL spoofing bug in Microsoft Internet Explorer
  • http-equiv_at_excite.com (10/30/04)
  • Larry Seltzer (10/30/04)
  • 0-1-2-3_at_gmx.de (10/29/04)
  • GuidoZ (10/29/04)
  • GuidoZ (10/29/04)
  • Jérôme (10/30/04)
  • Christopher J. Pilkington (10/29/04)
  • GuidoZ (10/29/04)
  • Larry Seltzer (10/29/04)
  • 0-1-2-3_at_gmx.de (10/28/04)
• Norton AntiVirus 2004 Script Blocking Failure (Includes PoC and rant)
  • secure_at_symantec.com (10/20/04)
  • secure_at_symantec.com (10/18/04)
  • Daniel Milisic (10/15/04)
• Norton AntiVirus 2004/2005 Script Blocking Redux
  • Daniel Milisic (10/22/04)
• NSFOCUS SA2004-02 : HP-UX stmkfont Local Privilege Escalation Vulnerability
  • NSFOCUS Security Team (10/21/04)
• On Polymorphic Evasion
  • Phantasmal Phantasmagoria (10/02/04)
• OpenSSL 0.9.7e released (fwd from mark@openssl.org)
  • je_at_sekure.net (10/26/04)
• Oracle 9i Union Flaw
  • Peter J. Holzer (10/04/04)
  • Brandon Petty (10/01/04)
  • Brandon Petty (10/01/04)
• pacsec.jp advisory: Firewire/IEEE 1394 Considered Harmful to Physical Security
  • Dragos Ruiu (10/26/04)
• Patch available for critical IBM DB2 Universal Database flaws
  • NGSSoftware Insight Security Research (10/05/04)
• Patch available for high risk flaws in the AtHoc Toolbar
  • NGSSoftware Insight Security Research (10/06/04)
• Patch available for multiple high risk vulnerabilities in RealPlayer
  • NGSSoftware Insight Security Research (10/06/04)
• PHP4 cURL functions bypass open_basedir
  • FraMe (10/27/04)
• Possible GDI Exploit Vector
  • Babar Shafiq Nazmi (10/01/04)
• pppd out of bounds memory access, possible DOS
  • infamous41md_at_hotpop.com (10/26/04)
• Presentation: Bypassing client application protection techniques with notepad
  • 3APA3A (10/28/04)
• problem in voip environment
  • Walton, John Michael (John) (10/12/04)
• ProFTPD 1.2.x remote users enumeration bug
  • LSS Security (10/15/04)
• ProFTPD 1.2.x remote users enumeration bug - correction
  • LSS Security (10/17/04)
• Promiscuous email printing in Canon imageRunner
  • Marco Ivaldi (10/01/04)
  • Jeff Bates (09/30/04)
• PTms04-030
  • pigrelax (10/26/04)
• PuTTY SSH client vulnerability
  • Anatole Shaw (10/27/04)
• python does mangleme (with IE bugs!)
  • ned (10/24/04)
• Regression in IE: Accessing remote/local content in IE (GM#009-IE)
  • Nick FitzGerald (10/12/04)
  • GreyMagic Security (10/12/04)
• Rendering large binary file as HTML makes Mozilla Firefox stop responding
  • Peter Kruse (10/26/04)
• Reverse Engineering the First Pocket PC Trojan
  • kers0r (10/12/04)
• rssh: pizzacode security alert
  • Derek Martin (10/23/04)
• Security advisory - Xerces-C++ 2.5.0: Attribute blowup
  • Amit Klein (AKsecurity) (10/02/04)
• Server crash in Flash Messaging 5.2.0g
  • Luigi Auriemma (10/07/04)
• SetWindowLong Shatter Attacks
  • Brett Moore (10/14/04)
• Some Voters Say Machines Failed, Incorrect Choices Appear on Screens (fwd)
  • Paul Schmehl (10/27/04)
  • Valdis.Kletnieks_at_vt.edu (10/26/04)
  • Atom 'Smasher' (10/25/04)
• SQL Injection in UBB.threads 3.4.x
  • Florian Rock (10/21/04)
• SQL Injection vulnerability in bBlog 0.7.3
  • James McGlinn (10/01/04)
• STG Security Advisory: [SSA-20041022-08] MoniWiki XSS vulnerability
  • advisory_at_stgsecurity.com (10/25/04)
• SuSE Security Announcement: kernel (SUSE-SA:2004:037)
  • Marcus Meissner (10/21/04)
• SuSE Security Announcement: libtiff (SUSE-SA:2004:038)
  • Marcus Meissner (10/22/04)
• SUSE Security Announcement: mozilla (SUSE-SA:2004:036)
  • Sebastian Krahmer (10/06/04)
• SUSE Security Announcement: samba (SUSE-SA:2004:035)
  • Thomas Biege (10/05/04)
• SUSE Security Announcement: xpdf, gpdf, kpdf, pdftohtml, cups (SUSE-SA:2004:039)
  • Thomas Biege (10/26/04)
• Test your windows OS
  • Berend-Jan Wever (10/05/04)
• TSLSA-2004-0051 - samba
  • Trustix Security Advisor (10/01/04)
• TSLSA-2004-0053 - cyrus-sasl
  • Trustix Security Advisor (10/08/04)
• TSLSA-2004-0054 - multi
  • Trustix Security Advisor (10/15/04)
• Two Vulnerabilities in OpenWFE Web Client
  • Joxean Koret (10/24/04)
• UnixWare 7.1.3up UnixWare 7.1.4 : CUPS before 1.1.21 allows remote attackers to cause a denial of service
  • please_reply_to_security_at_sco.com (10/12/04)
• UnixWare 7.1.4 : Multiple Vulnerabilities in libpng
  • please_reply_to_security_at_sco.com (10/12/04)
• UnixWare 7.1.4 UnixWare 7.1.3 : The error handling in the inflate and inflateBack functions in ZLib compression library allows local users to cause a denial of service
  • please_reply_to_security_at_sco.com (10/19/04)
• UPDATE: Format String Vulnerability in Valve's CS-Source
  • Some One (10/14/04)
• Update: Web browsers - a mini-farce (MSIE gives in)
  • Chris Paget (10/29/04)
  • infamous41md_at_hotpop.com (10/30/04)
  • Michael Shigorin (10/29/04)
  • David Brodbeck (10/29/04)
  • Tim Newsham (10/29/04)
  • Valdis.Kletnieks_at_vt.edu (10/29/04)
  • Tim Newsham (10/29/04)
  • Valdis.Kletnieks_at_vt.edu (10/28/04)
  • Michael Wojcik (10/28/04)
  • David Brodbeck (10/27/04)
  • MCMuir_at_dstoutput.com (10/27/04)
  • Michael Wojcik (10/27/04)
  • Michael Wojcik (10/27/04)
  • Valdis.Kletnieks_at_vt.edu (10/27/04)
  • Valdis.Kletnieks_at_vt.edu (10/26/04)
  • gabrield89_at_hotmail.com (10/25/04)
  • David Brodbeck (10/25/04)
  • Michal Zalewski (10/23/04)
• Web browsers - a mini-farce
  • Michal Zalewski (10/18/04)
• windows 2000 server terminal server denial of service
  • Nick Caramella (10/22/04)
• Windows DoS in certain pGina configurations
  • Steven (10/22/04)
• Writing Trojans that bypass Windows XP Service Pack 2 Firewall
  • Simon Zuckerbraun (10/18/04)
  • Jay Calvert (10/16/04)
  • Polazzo Justin (10/15/04)
  • americanidiot_at_hushmail.com (10/12/04)
• wvtfpd remote root heap overflow
  • infamous41md_at_hotpop.com (10/26/04)
• XXS in fusetalk forum
  • Matthew Oyer (10/13/04)
• XXS in SCT email client
  • Matthew Oyer (10/13/04)
• zgv image viewing heap overflows
  • Chris Frey (10/28/04)
  • infamous41md_at_hotpop.com (10/26/04)

Last message date: 10/30/04
Archived on: 10/30/04 CEST

368 messages sorted by: [ author ] [ date ] [ thread ] [ attachment ]

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint