SecurityFocus Bugtraq
By Author

468 messages sorted by: [ date ] [ thread ] [ subject ] [ attachment ]

Starting: 12/01/04
Ending: 12/31/04

Adam Gray
- NetWare Screensaver Authentication Bypass From The Local Console (12/13/04)
Adam Laurie
- Bluetooth: BlueSnarf and BlueBug Full Disclusore (12/31/04)
Adam Shostack
- Re: Local versus remote security holes (12/22/04)
- Re: MD5 To Be Considered Harmful Someday (12/09/04)
advisory_at_stgsecurity.com
- STG Security Advisory: [SSA-20041220-16] PHP source injection and cross-site scripting vulnerabilities in ZeroBoard (12/24/04)
- STG Security Advisory: [SSA-20041215-19] Vulnerability of uploading files with multiple extensions in MediaWiki (12/16/04)
- STG Security Advisory: [SSA-20041215-18] Vulnerability of uploading files with multiple extensions in phpBB Attachment Mod (12/16/04)
- STG Security Advisory: [SSA-20041215-17] Vulnerability of uploading files with multiple extensions in JSBoard (12/16/04)
- STG Security Advisory: [SSA-20041215-15] Vulnerability of uploading files with multiple extensions in MoniWiki (12/15/04)
- STG Security Advisory: [SSA-20041214-14] GNUBoard PHP injection vulnerability (12/15/04)
- STG Security Advisory: [SSA-20041209-13] UseModWiki XSS vulnerability (12/14/04)
Ahmad Muammar
- Multiple Vulnerabilities in paFileDB 3.1 (12/07/04)
aikon none
- Internet Explorer Code Execution Bypass Vulnerability (12/17/04)
Albert Puigsech Galicia
- 7a69Adv#15 - Internet Explorer FTP command injection (12/07/04)
- Re: 7a69Adv#16 - Konqueror FTP command injection (12/07/04)
- 7a69Adv#16 - Konqueror FTP command injection (12/05/04)
Alberto Garcia Hierro
- Re: [EXPL] (MS04-031) NetDDE buffer overflow vulnerability PoC (12/31/04)
Alexander Anisimov
- [MaxPatrol] SQL-injection in Ikonboard 3.1.x (12/16/04)
Alexander Klimov
- Re: phpBB Worm (12/22/04)
Alexey I. Froloff
- Re: [ GLSA 200412-10 ] Vim, gVim: Vulnerable options in modelines (12/16/04)
ali reza AcTiOnSpIdEr
- ASP Calendar Vulnerability <www.ashiyane.com> (12/14/04)
Alvin Packard
- Re: phpBB Worm (12/23/04)
amit sides
- Webmin BruteForce + Command execution - By Di42lo <DiAblo_2@012.net.il> (12/23/04)
amoXi Devilkin
- 4 Vulnerabilities in GamePort (12/17/04)
- 4 Vulnerabilities in GamePort (12/17/04)
Anders Henke
- Re: phpBB Worm (12/23/04)
- Re: phpBB Worm (12/23/04)
Andy Fewtrell
- Sanity Worm Concepts (12/29/04)
Anthony.zboralski
- Final Call for Papers & Workshops - BCS Asia 2005 (12/24/04)
Antoine Martin
- Re: DJB's students release 44 *nix software vulnerability advisories (12/21/04)
Arman Nayyeri
- MS Windows Media Player 9 Vulns (2) (12/18/04)
Artem Chuprina
- Re: DJB's students release 44 *nix software vulnerability advisories (12/21/04)
Avleen Vig
- Re: Did a 16-bit counter overflow shut down Comair? (12/29/04)
b0f www.b0f.net
- Winamp 5.07 (latest version) Remote Crash + other stupid shizle (12/13/04)
bad boy
- phphpbb2 + php version < 4.3.10 unserialize() memory dump sql password from config.php exploit (12/17/04)
bad_son_at_pimp.it
- New Winhlp32.exe vuln (12/25/04)
Bartek Nowotarski
- Multiple Vulnerabilities in Moodle (12/27/04)
beniwiedmer_at_tiscali.ch
- Cross Site Scripting DOS (Zyxel B-420 Ethernet Bridge) (12/31/04)
Bennett R. Samowich
- Bug in Crypt::ECB perl module (12/17/04)
Berend-Jan Wever
- Re: Microsoft Windows LoadImage API IntegerBuffer overflow (12/25/04)
- Re: Windows Explorer TGA Crash is a DoS bug in Internet Explorer. (12/21/04)
- Re: Windows Explorer TGA Crash is a DoS bug in Internet Explorer. (12/21/04)
- Re: [Advisory] Mozilla Products Remote Crash Vulnerability (12/06/04)
- Official IFRAME patch - make sure it installs correctly (12/02/04)
Black Dot
- Re: Winamp - Buffer Overflow In IN_CDDA.dll (12/01/04)
Boren, Rich (SSRT)
- [Security Bulletin] SSRT4696 rev.0 - HP Tru64 UNIX TCP Stack Remote Denial of Service (DoS) (12/23/04)
- [Security Bulletin] SSRT4883 rev.3 HP-UX ftp and ftpd remote unauthorized access (12/23/04)
- [Security Bulletin] SSRT4876 rev.0 HP Tru64 UNIX SWS (Apache) Secure Web Server Remote (12/23/04)
- [Security Bulletin] SSRT4867 rev.0 Netscape Directory Server on HP-UX LDAP remote buffer overflow (12/23/04)
- [ Security Bulletin ] SSRT4699 rev.0 HP-UX SAM local privilege increase (12/23/04)
- Security Bulletin SSRT4687 rev.0 HP-UX newgrp(1) local privilege elevation (12/20/04)
Brad Bendily
- Re: NetWare Screensaver Authentication Bypass From The Local Console (12/14/04)
Brett Glass
- Re: Microsoft Windows LoadImage API Integer Buffer overflow (12/25/04)
Brett Moore
- HyperTerminal - Buffer Overflow In .ht File (12/14/04)
- Winamp - Buffer Overflow In IN_CDDA.dll [ Patch Released ] (12/06/04)
bugtraq_at_sys-security.com
- Xprobe 0.2.1 Released (12/21/04)
Casper.Dik_at_Sun.COM
- Re: DJB's students release 44 *nix software vulnerability advisories (12/22/04)
- Re: *nix data wipe tools (12/17/04)
cees-bart
- AIX 5.1/5.2/5.3 local root exploits (12/20/04)
- Re: DJB's students release 44 *nix software vulnerability advisories (12/17/04)
Chet Ramey
- Re: Local root exploit on Mac OS X with Adobe Version Cue (12/07/04)
chewkeong_at_security.org.sg
- [SIG^2 G-TEC] singapore Image Gallery Web Application v0.9.10 Multiple Vulnerabilities (12/17/04)
Chris Ess
- RE: phpBB Worm (12/25/04)
Chris Paget
- Re: DJB's students release 44 *nix software vulnerability advisories (12/22/04)
- Re: Bypass personal firewall application protection . Again. (12/08/04)
Chris Wysopal
- Re: [HAT-SQUAD] NetCat Remote Critical Vulnerability, Poc included (12/28/04)
Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Default Administrative Password in Cisco Guard and Traffic Anomaly Detector (12/15/04)
- Cisco Security Advisory: Cisco Unity Integrated with Exchange Has Default Passwords (12/15/04)
- Cisco Security Advisory: Cisco CNS Network Registrar Denial of Service Vulnerability (12/02/04)
cmthemc_at_yahoo.com
- Re: Internet Explorer Code Execution Bypass Vulnerability (12/19/04)
CoKi
- Citadel/UX <= v6.27 Remote Format String Vulnerability (12/13/04)
Colin Keith
- PHPBB worm in action (12/25/04)
Conectiva Updates
- [CLA-2004:909] Conectiva Security Announcement - netpbm (12/29/04)
- [CLA-2004:905] Conectiva Security Announcement - squirrelmail (12/02/04)
- [CLA-2004:902] Conectiva Security Announcement - abiword (12/01/04)
- [CLA-2004:904] Conectiva Security Announcement - cyrus-imapd (12/01/04)
CorryL
- NetCat V 1.11 Multiple Bugs (12/30/04)
Crispin Cowan
- Re: DJB's students release 44 *nix software vulnerability advisories (12/24/04)
- Re: DJB's students release 44 *nix software vulnerability advisories (12/23/04)
- Re: DJB's students release 44 *nix software vulnerability advisories (12/23/04)
- Re: DJB's students release 44 *nix software vulnerability advisories (12/22/04)
- Re: DJB's students release 44 *nix software vulnerability advisories (12/17/04)
customer service mailbox
- iDEFENSE Security Advisory 12.21.04: Hewlett Packard HP-UX ftpd Remote Buffer Overflow Vulnerability (12/21/04)
- iDEFENSE Security Advisory 12.21.04: libtiff STRIPOFFSETS Integer Overflow Vulnerability (12/21/04)
- iDEFENSE Security Advisory 12.21.04: libtiff Directory Entry Count Integer Overflow Vulnerability (12/21/04)
- iDEFENSE Security Advisory 12.21.04: Multiple Vendor Xine version 0.99.2 PNM Handler PNA_TAG Heap Overflow Vulnerability (12/21/04)
- iDEFENSE Security Advisory 12.21.04: Multiple Vendor Xine version 0.99.2 PNM Handler Negative Read Length Heap Overflow Vulnerability (12/21/04)
- iDEFENSE Security Advisory 12.21.04: Multiple Vendor xpdf PDF Viewer Buffer Overflow Vulnerability (12/21/04)
- iDEFENSE Security Advisory 12.15.04: Computer Associates eTrust EZ Antivirus Insecure File Permission Vulnerability (12/16/04)
- iDEFENSE Security Advisory 12.14.04 - Microsoft Word 6.0/95 Document Converter Buffer Overflow Vulnerability (12/14/04)
- iDEFENSE Security Advisory 12.13.04: Adobe Reader 6.0 .ETD File Format String Vulnerability (12/14/04)
- iDEFENSE Security Advisory 12.14.04 - Adobe Acrobat Reader 5.0.9 mailListIsPdf() Buffer Overflow Vulnerability (12/14/04)
- iDEFENSE Security Advisory 12.13.04 - Multiple Vendor xzgv PRF Parsing Integer Overflow Vulnerability (12/13/04)
cybertronic_at_gmx.net
- RE: Crystal FTP Pro 2.8 PoC (12/24/04)
- Crystal FTP Pro 2.8 PoC (12/23/04)
D. J. Bernstein
- Re: DJB's students release 44 *nix software vulnerability advisories (12/23/04)
- Re: DJB's students release 44 *nix software vulnerability advisories (12/22/04)
- Local versus remote security holes (12/22/04)
- Re: DJB's students release 44 *nix software vulnerability advisories (12/18/04)
Damian Put
- SHOUTcast remote format string vulnerability (12/23/04)
Dan Kaminsky
- Re: MD5 To Be Considered Harmful Today (12/08/04)
- Re: MD5 To Be Considered Harmful Today (12/08/04)
- Re: MD5 To Be Considered Harmful Someday (12/08/04)
- Re: MD5 To Be Considered Harmful Someday (12/08/04)
- Re: MD5 To Be Considered Harmful Someday (12/08/04)
- MD5 To Be Considered Harmful Someday (12/07/04)
Dan Margolis
- Re: [Full-Disclosure] [HV-LOW] Symantec LiveUpdate issues may cause DoS (12/14/04)
Daniel Fabian
- PHP Input Validation Vulnerabilities (12/16/04)
- SugarSales Multiple Vulnerabilities (12/13/04)
Dave Holland
- Re: DJB's students release 44 *nix software vulnerability advisories (12/21/04)
David Brodbeck
- RE: Local versus remote security holes (12/22/04)
David Cannings
- Re: *nix data wipe tools (12/16/04)
David Eisner
- Re: DJB's students release 44 *nix software vulnerability advisories (12/22/04)
David F. Skoll
- Re: DJB's students release 44 *nix software vulnerability advisories (12/21/04)
- Re: MD5 To Be Considered Harmful Someday (12/08/04)
- Re: MDKSA-2004:145 - Updated rp-pppoe packages fix vulnerability (12/08/04)
David Schwartz
- RE: MD5 To Be Considered Harmful Someday (12/08/04)
David Wagner
- Re: DJB's students release 44 *nix software vulnerability advisories (12/24/04)
Debasis Mohanty
- MS IE User's Authentication Details (userid/password) Sharing Issue (12/12/04)
Devin Ganger
- RE: DJB's students release 44 *nix software vulnerability advisories (12/21/04)
Dirk Mueller
- KDE Security Advisory: kpdf Buffer Overflow Vulnerability (12/28/04)
- KDE Security Advisory: kfax libtiff vulnerabilities (12/09/04)
- KDE Security Advisory: plain text password exposure (12/09/04)
Dmitry V. Levin
- Re: iDEFENSE Security Advisory 12.21.04: libtiff STRIPOFFSETS Integer Overflow Vulnerability (12/22/04)
Donato Ferrante
- XSS in yacy 0.31 (12/24/04)
Dragos Ruiu
- What's "may have exploitable buffer overflows" mean in tcpdump? (12/13/04)
- Re: MD5 To Be Considered Harmful Someday (12/08/04)
Emile van Elen
- Advanced Guestbook (12/02/04)
even multiplexed
- Re: Linux kernel scm_send local DoS (12/15/04)
- Re: Linux kernel scm_send local DoS (12/15/04)
Evgeny Demidov
- NetBSD kernel local vulnerabilities (12/17/04)
- MaxDB WebTools <= 7.5.00.18 buffer overflow and Denial of Service (12/07/04)
fintler
- Possible local root vulnerability in Roxio Toast on Mac OS X (12/14/04)
- Local root exploit on Mac OS X with Adobe Version Cue (12/07/04)
flashsky fangxing
- Linux 2.6 Kernel Capability LSM Module Local Privilege Elevation (12/23/04)
- Microsoft Windows winhlp32.exe Heap Overflow Vulnerability (12/23/04)
- Microsoft Windows LoadImage API Integer Buffer overflow (12/23/04)
- Microsoft Windows Kernel ANI File Parsing Crash and DOS Vulnerability (12/23/04)
FreeBSD Security Advisories
- FreeBSD Security Advisory FreeBSD-SA-04:17.procfs (12/02/04)
gadgeteer_at_elegantinnovations.org
- [Full-Disclosure] Re: Linux kernel scm_send local DoS (12/15/04)
- Re: Linux kernel scm_send local DoS (12/15/04)
Gadi Evron
- malware effecting broadband users in Israel (12/22/04)
Gandalf The White
- Re: MD5 To Be Considered Harmful Someday (12/08/04)
- Re: MD5 To Be Considered Harmful Someday (12/07/04)
George Georgalis
- Re: *nix data wipe tools (12/17/04)
- Re: MD5 To Be Considered Harmful Someday (12/08/04)
Gerald Carter
- [SAMBA] CAN-2004-1154 : Integer overflow could lead to remote code execution in Samba 2.x, 3.0.x <= 3.0.9 (12/16/04)
Giovanni Delvecchio
- [ZH2004-18SA] Content-Type spoofing in Mozilla Firefox and Opera could allow users to bypass security restrictions (12/14/04)
- [ZH2004-19SA] Possible execution of remote shell commands in Opera with kfmclien (12/13/04)
- Disclosure of file system information in Mozilla Firefox and Opera Browser: (12/01/04)
GreyMagic Security
- Online Script Decoder (12/07/04)
GulfTech Security
- WHM AutoPilot Security Release [ Plus Upgrade Instructions ] (12/31/04)
- php-Calendar File Include Vulnerability [ Command Exec ] (12/29/04)
- Multiple WHM Autopilot Vulnerabilities (12/28/04)
- Cross Site Scripting In PsychoStats 2.2.4 Beta && Earlier (12/23/04)
- Multiple Vulnerabilities In Kayako eSupport v2.x (12/18/04)
- Multiple phpGroupWare Vulnerabilities [ phpGroupWare 0.9.16.003 && Earlier ] (12/15/04)
Hat-Squad Security Team
- Netcat v1.11 For Windows , New fixed version (12/29/04)
- [HAT-SQUAD] NetCat Remote Critical Vulnerability, Poc included (12/27/04)
headpimp_at_pimp-industries.com
- DoS leading to crash of client in Remote Execute 2.30 (12/06/04)
Herman Sheremetyev
- new phpBB worm affects 2.0.11 (12/24/04)
Hideki Yamane
- Re: iDEFENSE Security Advisory 12.16.04: MPlayer MMST Streaming Stack Overflow Vulnerability (12/17/04)
Hillel Himovich
- Invision Power Board 'Allow auto login' setting override (11/30/04)
Holger Zimmermann
- Re: Pi3Web/2.0.0 File-Disclosure/Path Disclosure vuln (11/30/04)
Hongzhen Zhou
- Re: RICOH Aficio 450/455 PCL 5e Printer ICMP DOS vulnerability (12/15/04)
- RICOH Aficio 450/455 PCL 5e Printer ICMP DOS vulnerability (12/14/04)
houseofdabus HOD
- [EXPL] (MS04-031) NetDDE buffer overflow vulnerability PoC (12/31/04)
http-equiv_at_excite.com
- HOW TO BREAK XP SP2 POPUP BLOCKER: kick it in the nut ! (12/10/04)
- Address Bar Spoophing for the Pheeshies: IntotheNet Explorer 6 (12/08/04)
iDEFENSE Security Advisory
- iDEFENSE Security Advisory 12.16.04: MPlayer Bitmap Parsing Remote Heap Overflow Vulnerability (12/16/04)
- iDEFENSE Security Advisory 12.16.04: MPlayer MMST Streaming Stack Overflow Vulnerability (12/16/04)
- iDEFENSE Security Advisory 12.16.04: MPlayer Remote RTSP HeapOverflow Vulnerability (12/16/04)
- iDEFENSE Security Advisory 12.16.04: Veritas Backup Exec Agent Browser Registration Request Buffer Overflow Vulnerability (12/16/04)
- iDEFENSE Security Advisory 12.16.04: Samba smbd Security Descriptor Integer Overflow Vulnerability (12/16/04)
Jack Lloyd
- Re: DJB's students release 44 *nix software vulnerability advisories (12/22/04)
- Re: MD5 To Be Considered Harmful Someday (12/08/04)
- Re: MD5 To Be Considered Harmful Someday (12/08/04)
James Bandara
- Security Advisory for ALL forum services with client-set images (12/22/04)
Jamie Cameron
- Re: [webmin-l] Re: Webmin BruteForce + Command execution - By Di42lo <DiAblo_2@012.net.il> (12/23/04)
Jamie McCarthy
- Security Advisory for CVS Slash (12/15/04)
Jan Minar
- wget: Arbitrary file overwriting/appending/creating and other vulnerabilities (12/09/04)
Jaroslaw Sajko
- WPkontakt message parsing error (12/23/04)
- Gadu-Gadu, another two bugs (12/17/04)
- Gadu-Gadu several vulnerabilities (12/13/04)
Jason Wies
- rssh and scponly arbitrary command execution (12/02/04)
Jeff Damens
- Re: possible local exploit via sendmail with procmail on solaris (12/22/04)
Jirka Kosina
- RE: Linux kernel IGMP vulnerabilities (12/17/04)
Joe Philipps
- Asante FM2008 10/100 Ethernet switch backdoor login (12/15/04)
Joel Maslak
- Re: MD5 To Be Considered Harmful Someday (12/08/04)
- Re: MD5 To Be Considered Harmful Someday (12/08/04)
John Bissell
- Remote Web Server Text File Viewing Vulnerability in WebLibs 1.0 (12/08/04)
JohnH
- Remote Mercury32 Imap exploit (12/02/04)
Jonathan G. Lampe
- stick with "anonymous" or "authenticated" when describing attacks (12/22/04)
Jonathan Rockway
- Re: DJB's students release 44 *nix software vulnerability advisories (12/22/04)
- Re: DJB's students release 44 *nix software vulnerability advisories (12/22/04)
Jonathan T Rockway
- Re: DJB's students release 44 *nix software vulnerability advisories (12/21/04)
Juergen Schmidt
- New Santy-Worm attacks *all* PHP-skripts (12/25/04)
Julian T J Midgley
- Re: DJB's students release 44 *nix software vulnerability advisories (12/18/04)
Julio Cesar Fort
- QNX crrtrap arbitrary file read/write vulnerability [RLSA_06-2004] (12/29/04)
K-OTiK Security
- Re: New Santy-Worm attacks *all* PHP-skripts ( Santy.c ? ) (12/26/04)
Katrina Tsipenyuk
- Unchecked returns from kernel_read() in linux-2.6.10-rc2 kernel (12/17/04)
Keith Oxenrider
- Re: MD5 To Be Considered Harmful Someday (12/08/04)
Kristoffer Br�nemyr
- Exploit for Ultrix 4.5 dxterm (12/19/04)
Kurczaba Associates advisories
- [KA Advisory 0411291] IPCop Cross Site Scripting Vulnerability in "proxylog.dat" (12/01/04)
laffer1
- Re: DJB's students release 44 *nix software vulnerability advisories (12/21/04)
Len Sassaman
- CodeCon CFP deadline nearing (12/10/04)
Liu Die Yu
- Re: [USN-52-1] vim vulnerability (12/24/04)
- Re: Disclosure of file system information in Mozilla Firefox and Opera Browser: (12/02/04)
Lode Vermeiren
- zone transfers, a spammer's dream? (12/07/04)
Luca Ercoli
- Crystal FTP Pro Client Buffer Overflow (12/20/04)
Luigi Auriemma
- Socket unreacheable in the Lithtech engine (new protocol) (12/13/04)
- In-game buffer-overflow in the Gamespy cd-key validation SDK (12/10/04)
- Broadcast client crash in Battlefield 1942 1.6.19 and Vietnam 1.2 (12/07/04)
- Multiple vulnerabilities in Kreed 1.05 (12/02/04)
Luke Macken
- [ GLSA 200412-23 ] Zwiki: XSS vulnerability (12/22/04)
- [ GLSA 200412-18 ] abcm2ps: Buffer overflow vulnerability (12/19/04)
- [ GLSA 200412-20 ] NASM: Buffer overflow vulnerability (12/20/04)
- UPDATE: [ GLSA 200410-12 ] WordPress: HTTP response splitting and XSS vulnerabilities (12/19/04)
- [ GLSA 200412-12 ] Adobe Acrobat Reader: Buffer overflow vulnerability (12/17/04)
- [ GLSA 200412-11 ] Cscope: Insecure creation of temporary files (12/16/04)
- [ GLSA 200412-08 ] nfs-utils: Multiple remote vulnerabilities (12/14/04)
- [ GLSA 200412-04 ] Perl: Insecure temporary file creation (12/07/04)
- [ GLSA 200412-05 ] mirrorselect: Insecure temporary file creation (12/07/04)
- [ GLSA 200412-02 ] PDFlib: Multiple overflows in the included TIFF library (12/05/04)
- [ GLSA 200411-37 ] Open DC Hub: Remote code execution (11/28/04)
Maciej Soltysiak
- Re: [Full-Disclosure] Re: Gadu-Gadu, another two bugs (12/20/04)
- Gadu-Gadu Remote DoS (all versions) (12/20/04)
madsys
- Tool Announcement: AIRT -- the Advanced Incident Response Tool (linux) (12/06/04)
Mandrake Linux Security Team
- MDKSA-2004:166 - Updated tetex packages fix multiple vulnerabilities (12/30/04)
- MDKSA-2004:162 - Updated gpdf packages fix buffer overflow vulnerability (12/30/04)
- MDKSA-2004:165 - Updated koffice packages fix multiple vulnerabilities (12/30/04)
- MDKSA-2004:163 - Updated kdegraphics packages fix buffer overflow vulnerability (12/30/04)
- MDKSA-2004:159 - Updated glibc packages fix temporary file vulnerability (12/30/04)
- MDKSA-2004:164 - Updated cups packages fix buffer overflow vulnerability (12/30/04)
- MDKSA-2004:161 - Updated xpdf packages fix buffer overflow vulnerability (12/30/04)
- MDKSA-2004:160 - Updated kdelibs packages fix konqueror email vulnerability (12/30/04)
- MDKSA-2004:158 - Updated samba packages fix integer overflow vulnerabilities (12/28/04)
- MDKSA-2004:157 - Updated mplayer packages fix multiple vulnerabilities (12/22/04)
- MDKSA-2004:155 - Updated logcheck packages fix temporary file vulnerability (12/22/04)
- MDKSA-2004:156 - Updated krb5 packages fix buffer overflow vulnerability (12/22/04)
- MDKSA-2004:154 - Updated kdelibs packages fix multiple vulnerability (12/22/04)
- MDKSA-2004:152 - Updated ethereal packages fix multiple vulnerabilities (12/20/04)
- MDKSA-2004:153 - Updated aspell packages fix vulnerability (12/20/04)
- MDKSA-2004:151 - Updated php packages fix multiple vulnerabilities (12/18/04)
- MDKSA-2004:150 - Updated kdelibs and kdebase packages fix vulnerability (12/15/04)
- MDKSA-2004:149 - Updated postgresql packages fix temporary file vulnerability (12/14/04)
- MDKSA-2004:148 - Updated iproute2 packages fix temporary file vulnerability (12/14/04)
- MDKSA-2004:144 - Updated lvm1 packages fix temporary file vulnerability (12/07/04)
- MDKSA-2004:145 - Updated rp-pppoe packages fix vulnerability (12/07/04)
- MDKSA-2004:146 - Updated nfs-utils packages fix remote DoS vulnerability (12/07/04)
- MDKSA-2004:147 - Updated openssl packages fix temporary file vulnerability (12/07/04)
- MDKSA-2004:143 - Updated ImageMagick packages fix vulnerability (12/07/04)
- MDKSA-2004:142 - Updated gzip packages fix temporary file vulnerability (12/07/04)
Manning, Robert (Mission Systems)
- RE: DJB's students release 44 *nix software vulnerability advisories (12/21/04)
Marc Bejarano
- possible error in latest NGS realplayer advisory (12/28/04)
- Re: Patch available for multiple critical flaws in Oracle (12/18/04)
Marc Schoenefeld
- [Full-Disclosure] Java Runtime Environment Remote Denial-of-Service (DoS) Vulnerability (12/22/04)
- Java Runtime Environment Remote Denial-of-Service (DoS) Vulnerability (12/22/04)
- Opera 7.54 vulnerabilities again (still unfixed) (12/04/04)
Marcin Owsiany
- Re: DJB's students release 44 *nix software vulnerability advisories (12/18/04)
Marcin Pacyna
- RE: zone transfers, a spammer's dream? (12/13/04)
Marco Ivaldi
- raptor's xmas pack 2004 (12/22/04)
Marcus Meissner
- Re: iDEFENSE Security Advisory 12.21.04: libtiff STRIPOFFSETS Integer Overflow Vulnerability (12/27/04)
- SUSE Security Announcement: kernel local privilege escalation (SUSE-SA:2004:046) (12/22/04)
- SUSE Security Announcement: various kernel problems (SUSE-SA:2004:044) (12/21/04)
- SUSE Security Announcement: various kernel problems (SUSE-SA:2004:042) (12/01/04)
Martin Dougiamas
- Re: Multiple Vulnerabilities in Moodle (12/30/04)
Martin Eiszner
- php unserialize (12/15/04)
Martin Mewes
- Re: Webmin BruteForce + Command execution - By Di42lo <DiAblo_2@012.net.il> (12/23/04)
Martin Pitt
- [USN-50-1] CUPS vulnerabilities (12/23/04)
- [USN-52-1] vim vulnerability (12/23/04)
- [USN-51-1] teTeX auxiliary script vulnerability (12/23/04)
- [USN-49-1] debmake vulnerability (12/23/04)
- [USN-48-1] xpdf, tetex-bin vulnerabilities (12/23/04)
- [USN-47-1] Linux kernel vulnerabilities (12/23/04)
- [USN-43-1] groff utility vulnerabilities (12/20/04)
- [USN-42-1] Xine library vulnerabilities (12/20/04)
- [USN-41-1] Samba vulnerability (12/17/04)
- [USN-40-1] PHP vulnerabilities (12/16/04)
- [USN-39-1] Linux amd64 kernel vulnerability (12/16/04)
- [USN-38-1] Linux kernel vulnerabilities (12/14/04)
- [USN-37-1] cyrus21-imapd vulnerability (12/02/04)
- [USN-34-1] OpenSSH information leakage (11/30/04)
- [USN-33-1] libgd vulnerabilities (11/29/04)
- [USN-36-1] NFS statd vulnerability (12/01/04)
- [USN-35-1] imagemagick vulnerabilities (11/30/04)
Martin Schulze
- [SECURITY] [DSA 621-1] New CUPS packages fix arbitrary code execution (12/31/04)
- [SECURITY] [DSA 619-1] New xpdf packages fix arbitrary code execution (12/30/04)
- [SECURITY] [DSA 620-1] New perl packages fix several vulnerabilities (12/30/04)
- [SECURITY] [DSA 617-1] New libtiff packages fix arbitrary code execution (12/24/04)
- [SECURITY] [DSA 618-1] New imlib packages fix arbitrary code execution (12/24/04)
- [SECURITY] [DSA 616-1] New telnetd-ssl packages fix arbitrary code execution (12/23/04)
- [SECURITY] [DSA 615-1] New debmake package fixes insecure temporary directories (12/22/04)
- [SECURITY] [DSA 613-1] New ethereal packages fix denial of service (12/21/04)
- [SECURITY] [DSA 614-1] New xzgv packages fix arbitrary code execution (12/21/04)
- [SECURITY] [DSA 612-1] New a2ps packages fix arbitrary command execution (12/20/04)
- [SECURITY] [DSA 611-1] New htget packages fix arbitrary code execution (12/20/04)
- [SECURITY] [DSA 610-1] New cscope packages fix insecure temporary file creation (12/17/04)
- [SECURITY] [DSA 608-1] New zgv packages fix arbitrary code execution (12/14/04)
- [SECURITY] [DSA 609-1] New atari800 packages fix local root exploit (12/14/04)
- [SECURITY] [DSA 607-1] New libxpm packages fix several vulnerabilities (12/10/04)
- [SECURITY] [DSA 606-1] New nfs-utils packages fix denial of service (12/08/04)
- [SECURITY] [DSA 605-1] New viewcvs packages fix information leak (12/06/04)
- [SECURITY] [DSA 604-1] New hpsockd packages fix denial of service (12/03/04)
- [SECURITY] [DSA 603-1] New openssl packages fix insecure temporary file creation (12/01/04)
matthew-bugtraq_at_newtoncomputing.co.uk
- Re: Linux kernel IGMP vulnerabilities (12/15/04)
Matthias Geerdsen
- [Full-Disclosure] [ GLSA 200412-07 ] file: Arbitrary code execution (12/13/04)
- [ GLSA 200412-07 ] file: Arbitrary code execution (12/13/04)
Maurycy Prodeus
- Heap overflow in Mozilla Browser <= 1.7.3 NNTP code. (12/29/04)
Michael Barnes
- possible local exploit via sendmail with procmail on solaris (12/21/04)
Michael Hampton
- Re: Citadel/UX <= v6.27 Remote Format String Vulnerability (12/14/04)
Michael Roitzsch
- XSA-2004-7: stack overflow in AIFF demultiplexer (12/26/04)
Michal Zalewski
- Re: DJB's students release 44 *nix software vulnerability advisories (12/23/04)
mike bailey
- SQL Injection Vulnerability In IBProArcade (12/31/04)
Mike DeMaria
- Cleartext SMB passwords in Novell Desktop Linux using KDE (12/07/04)
Mike Nice
- Re: Did a 16-bit counter overflow shut down Comair? (12/29/04)
milw0rm Inc.
- Re: DJB's students release 44 *nix software vulnerability advisories (12/21/04)
Min-sung Choi
- KorWeblog php injection Vulnerability (12/30/04)
Monte Ratzlaff
- Discussion: Microsoft(R) PowerPoint �Action Settings� feature allows invocation of default browser pointed at arbitrary URL. (12/16/04)
Moritz Muehlenhoff
- Re: iDEFENSE Security Advisory 12.21.04: libtiff STRIPOFFSETS Integer Overflow Vulnerability (12/23/04)
mouse small
- Hosting Controller (12/05/04)
NetBSD Security-Officer
- NetBSD Security Advisory 2004-010: Insufficient argument validation in compat code (12/17/04)
NGSSoftware Insight Security Research
- IBM DB2 rec2xml buffer overflow vulnerability (#NISR2122004J) (12/23/04)
- Oracle multiple PL/SQL injection vulnerabilities (#NISR2122004H) (12/23/04)
- Oracle wrapped procedure overflow (#NISR2122004J) (12/23/04)
- Oracle TNS Listener DoS (#NISR2122004F) (12/23/04)
- IBM DB2 generate_distfile buffer overflow vulnerability (#NISR2122004L) (12/23/04)
- Oracle extproc local command execution (#NISR23122004C) (12/23/04)
- Oracle extproc directory traversal (#NISR23122004B) (12/23/04)
- Oracle extproc buffer overflow (#NISR23122004A) (12/23/04)
- Oracle Character Conversion Bugs (#NISR2122004G) (12/23/04)
- Oracle ISQLPlus file access vulnerability (#NISR2122004E) (12/23/04)
- Oracle clear text passwords (#NISR2122004D) (12/23/04)
- Oracle Trigger Abuse (#NISR2122004I) (12/23/04)
- Sybase ASE 12.5.2 vulnerabilities (12/22/04)
Nick Johnson
- Re: WebWorm using PHPBB vulnerability in the wild! (12/22/04)
Nicolas Gregoire
- Multiple vulnerabilities in phpMyAdmin (12/13/04)
- Re: [Full-Disclosure] Multiple vulnerabilities in w3who ISAPI DLL (12/08/04)
- Multiple vulnerabilities in w3who ISAPI DLL (12/06/04)
Niek van der Maas
- [Advisory] Mozilla Products Remote Crash Vulnerability (12/06/04)
Ofer Shezaf
- RE: phpBB Worm (12/23/04)
offtopic
- Bypass personal firewall application protection . Again. (12/07/04)
oliver_at_greyhat.de
- F-Secure Policy Manager - physical path disclosure (12/09/04)
OpenPKG
- [OpenPKG-SA-2004.055] OpenPKG Security Advisory (gettext) (12/23/04)
- [OpenPKG-SA-2004.056] OpenPKG Security Advisory (cvstrac) (12/17/04)
- [OpenPKG-SA-2004.054] OpenPKG Security Advisory (samba) (12/17/04)
- [OpenPKG-SA-2004.053] OpenPKG Security Advisory (php) (12/16/04)
- [OpenPKG-SA-2004.052] OpenPKG Security Advisory (vim) (12/15/04)
Paul
- Microsoft Internet Explorer SP2 Fully Automated Remote Compromise (12/25/04)
- Internet Explorer Help ActiveX Control Local Zone Security Restriction Bypass Vulnerability (updated) (12/19/04)
- MSIE DHTML Edit Control Cross Site Scripting Vulnerability (12/15/04)
Paul Kurczaba
- RE: phpBB Worm (12/21/04)
Paul Laudanski
- Re: Sanity Worm Concepts (12/30/04)
- phpBB Attachment Mod Directory Traversal HTTP POST Injection (12/14/04)
Paul Owen
- RE: CSS in phpBB 1.4.4 (12/15/04)
Paul Starzetz
- Re: Linux kernel IGMP vulnerabilities (12/15/04)
- Re: Linux kernel scm_send local DoS (12/15/04)
- Linux kernel scm_send local DoS (12/14/04)
- Linux kernel IGMP vulnerabilities (12/14/04)
Paul Wouters
- Re: MD5 To Be Considered Harmful Someday (12/08/04)
- Re: MD5 To Be Considered Harmful Someday (12/08/04)
Pavel Kankovsky
- Re: Linux kernel scm_send local DoS (12/23/04)
- Re: MD5 To Be Considered Harmful Someday (12/09/04)
Pavel Machek
- Re: MD5 To Be Considered Harmful Today (12/08/04)
- MD5 To Be Considered Harmful Today (12/08/04)
Pekka Savola
- Re: Linux kernel IGMP vulnerabilities (12/14/04)
Peter Conrad
- Permission problem in Skype BETA for linux (12/22/04)
Rafael San Miguel Carrasco
- Re: Multiple Vulnerabilities in paFileDB 3.1 (12/09/04)
Rafel Ivgi
- Yahoo! Mail Cross-Site Scripting Vulnerability (10/15/04)
- Hotmail Cross Site Scripting Vulnerability #2 (10/15/04)
- Hotmail Cross-Site Scripting Vulnerability #1 (10/15/04)
Rafel Ivgi, The-Insider
- Hotmail Cross-Site Scripting Vulnerability #1 (12/16/04)
- Hotmail Cross-Site Scripting Vulnerability #2 (12/16/04)
- Yahoo! Mail Cross-Site Scripting Vulnerability (12/16/04)
Rager, Anton (Anton)
- RE: MD5 To Be Considered Harmful Someday (12/08/04)
Raymond Dijkxhoorn
- Re: phpBB Worm (12/24/04)
- Re: phpBB Worm (12/21/04)
Raymond M. Reskusich
- Re: DJB's students release 44 *nix software vulnerability advisories (12/21/04)
Reed Arvin
- Multiple buffer overflows exist in Mercury/32, v4.01a, Dec 8 2003. (12/01/04)
Richard M. Smith
- Did a 16-bit counter overflow shut down Comair? (12/28/04)
Richard Stanway
- RE: STG Security Advisory: [SSA-20041215-17] Vulnerability of uploading files with multiple extensions in JSBoard (12/16/04)
robert_at_webappsec.org
- Web Application Security Consortium 'Guest Articles' Call for Papers (12/06/04)
RSnake
- Re: IE6 Vulnerability - Local File Detection (12/08/04)
Ruth A. Kramer
- Re: MD5 To Be Considered Harmful Someday (12/06/04)
SandI]
- CSS in phpBB 1.4.4 (12/15/04)
sean
- Re: DJB's students release 44 *nix software vulnerability advisories (12/21/04)
Sebastian Krahmer
- SUSE Security Announcement: samba (SUSE-SA:2004:045) (12/22/04)
Sebastian Wiesinger
- Re: phpBB Worm (12/22/04)
Secure Computer Group
- [CAN-2004-1023] Insecure default file system permissions on Microsoft versions of Kerio Software (12/14/04)
- [CAN-2004-1022] Insecure Credential Storage on Kerio Software (12/14/04)
Secure Network Operations, Inc.
- [Correction For]: Secure Network Operations SNOsoft Research Team [SRT2004-12-14-0322] Symantec LiveUpdate Advisory (12/14/04)
- Secure Network Operations SNOsoft Research Team [SRT2004-12-14-0322] Symantec LiveUpdate Advisory (12/13/04)
secure_at_symantec.com
- Re: Secure Network Operations SNOsoft Research Team [SRT2004-12-14-0322] Symantec LiveUpdate Advisory (12/14/04)
security curmudgeon
- Re: DJB's students release 44 *nix software vulnerability advisories (12/17/04)
shervin khaleghjou
- iwebnegar is vulnerable to all kind of sql injections (12/15/04)
- ASP-rider is vulnerable to sql injection attack (12/15/04)
Shiva Persaud
- Re: AIX 5.1/5.2/5.3 local root exploits (paginit issue) (12/21/04)
- Re: AIX 5.1/5.2/5.3 local root exploits (diag issue) (12/21/04)
ShredderSub7 SecExpert
- Remote code execution with parameters withoutu ser interaction, even with XP SP2 (12/28/04)
Simple Nomad
- Re: Inexcusable weakness in Kmail / GnuPG (12/24/04)
Solar Designer
- Re: MD5 To Be Considered Harmful Someday (12/11/04)
- Re: MD5 To Be Considered Harmful Someday (12/08/04)
Spy Hat
- Re: Advanced Guestbook (12/06/04)
Stefan Esser
- Re: php unserialize (12/16/04)
- Advisory 01/2004: Multiple vulnerabilities in PHP 4/5 (12/15/04)
Stefan Paletta
- Re: Security Advisory for ALL forum services with client-set images (12/23/04)
- Re: Online Script Decoder (12/07/04)
Stefano Di Paola
- PHP shmop.c module permits write of arbitrary memory. (12/19/04)
Stephen Harris
- Re: DJB's students release 44 *nix software vulnerability advisories (12/21/04)
stephen joseph butler
- Re: Linux kernel IGMP vulnerabilities (12/15/04)
Stephen Samuel
- Re: DJB's students release 44 *nix software vulnerability advisories (12/21/04)
Steve Friedl
- Re: [EXPL] (MS04-031) NetDDE buffer overflow vulnerability PoC (12/31/04)
- Re: MD5 To Be Considered Harmful Someday (12/08/04)
Steve Kemp
- Blog Torrent preview 0.8 - arbitary file download (12/02/04)
steve_at_uptime.org.uk
- Re: phpBB Worm (12/24/04)
Steven M. Christey
- Re: stick with "anonymous" or "authenticated" when describing (12/23/04)
- Re: DJB's students release 44 *nix software vulnerability advisories (12/21/04)
- Re: DJB's students release 44 *nix software vulnerability advisories (12/21/04)
steven_at_lovebug.org
- ArGoSoft FTP Server reveals valid usernames and allows for brute force attacks (12/31/04)
Sune Kloppenborg Jeppesen
- [ GLSA 200412-19 ] phpMyAdmin: Multiple vulnerabilities (12/19/04)
- [Full-Disclosure] [ GLSA 200412-19 ] phpMyAdmin: Multiple vulnerabilities (12/19/04)
- [ GLSA 200412-17 ] kfax: Multiple overflows in the included TIFF library (12/19/04)
- [ GLSA 200412-16 ] kdelibs, kdebase: Multiple vulnerabilities (12/19/04)
- [ GLSA 200412-15 ] Ethereal: Multiple vulnerabilities (12/19/04)
- [ GLSA 200412-13 ] Samba: Integer overflow (12/17/04)
The Warlock
- PHP v4.3.x exploit for Windows. (12/22/04)
Thierry Carrez
- [ GLSA 200412-24 ] Xpdf, GPdf: New integer overflows (12/28/04)
- [ GLSA 200412-26 ] ViewCVS: Information leak and XSS vulnerabilities (12/28/04)
- [ GLSA 200412-25 ] CUPS: Multiple vulnerabilities (12/28/04)
- [Full-Disclosure] [ GLSA 200412-21 ] MPlayer: Multiple overflows (12/20/04)
- [ GLSA 200412-21 ] MPlayer: Multiple overflows (12/20/04)
- [ GLSA 200412-14 ] PHP: Multiple vulnerabilities (12/19/04)
- [ GLSA 200412-10 ] Vim, gVim: Vulnerable options in modelines (12/15/04)
- [ GLSA 200412-09 ] ncpfs: Buffer overflow in ncplogin and ncpmap (12/15/04)
- [ GLSA 200412-06 ] PHProjekt: setup.php vulnerability (12/10/04)
- [ GLSA 200412-03 ] imlib: Buffer overflows in image decoding (12/06/04)
- [ GLSA 200412-01 ] rssh, scponly: Unrestricted command execution (12/03/04)
Thomas C. Greene
- Inexcusable weakness in Kmail / GnuPG (12/23/04)
- Re: *nix data wipe tools (12/17/04)
- *nix data wipe tools (12/15/04)
Thomas Waldegger
- Re: Wordpress 1.2.2 is still vulnerable (12/21/04)
- Multiple XSS Vulnerabilities in Wordpress 1.2.1 (12/16/04)
Thor
- Re: DJB's students release 44 *nix software vulnerability advisories (12/21/04)
Thor Larholm
- DJB's students release 44 *nix software vulnerability advisories (12/16/04)
- RE: Disclosure of file system information in Mozilla Firefox and Opera Browser: (12/06/04)
Tim
- Re: MD5 To Be Considered Harmful Someday (12/08/04)
Tim Jackson
- Re: Security Advisory for ALL forum services with client-set images (12/23/04)
Tom Yu
- MITKRB5-SA-2004-004: heap overflow in libkadm5srv (12/20/04)
Trustix Security Advisor
- TSLSA-2004-0069 - kerberos5 (12/21/04)
- Updated: TSLSA-2004-0068 - kernel (12/20/04)
- TSLSA-2004-0066 - multi (12/20/04)
- TSLSA-2004-0068 - kernel (12/20/04)
- TSLSA-2004-0064 - nfs-utils (12/09/04)
Valdis.Kletnieks_at_vt.edu
- Re: [Full-Disclosure] Re: Linux kernel scm_send local DoS (12/23/04)
- Re: DJB's students release 44 *nix software vulnerability advisories (12/22/04)
venglin_at_freebsd.lublin.pl
- Local off-by-one in mtr versions 0.55 to 0.65 clamav-milter version 0.80j on mailhost.freebsd.lublin.pl (12/11/04)
ViPeR
- IE6 Vulnerability - Local File Detection (12/07/04)
Waldo Bastian
- KDE Security Advisory: Konqueror Java Vulnerability (12/20/04)
- KDE Security Advisory: Konqueror Window Injection Vulnerability (12/13/04)
Wang Ning
- 3cdaemon tftp server DOS vulnerability (12/15/04)
WBG Links
- CleanCache v2.19: False Sense of Security (12/25/04)
Wei Li
- Realone2.0 "pnxr3260.dll" Lets Remote Users IE Browser Crash (12/22/04)
Wietse Venema
- Re: *nix data wipe tools (12/17/04)
William Geoghegan
- Re: phpBB Worm (12/23/04)
x90c
- Re: rpcl_icmpdos.c (12/15/04)
ycw1bh302_at_sneakemail.com
- Re: phpBB Worm (12/22/04)
Zeljko Brajdic
- Re: phpBB Worm (12/25/04)
zib zib
- 2Bgal : 2.4 & 2.5.1 SQL injection Vulnerability (12/22/04)

Last message date: 12/31/04
Archived on: 12/31/04 CET

468 messages sorted by: [ date ] [ thread ] [ subject ] [ attachment ]

SecurityFocus BugtraqBy Author

SecurityFocus Bugtraq
By Author