SecurityFocus Vuln-Dev
By Subject

Starting: 12/01/01
Ending: 12/31/01

• "Universal Plug and Play technology exploit code"
  • Atacdad (12/27/01)
  • 3APA3A (12/25/01)
  • Florian Weimer (12/24/01)
  • Ryan Permeh (12/24/01)
  • Sebastian Wells (12/24/01)
  • KRFinisterre@checkfree.com (12/24/01)
• *getty (stopping thread)
  • Blue Boar (12/04/01)
• *SERIOUS* local dos in X
  • 3APA3A (12/11/01)
  • ac1d-burN (12/10/01)
• 1 last CSS hole in PHPNuke :)
  • frog frog (12/20/01)
• 4 news CSS holes in PHP-Nuke
  • frog frog (12/19/01)
• [DeepZone Research] It's time to disclose GOLONDRINA Anarchy (draft + exploit included!)
  • KF (12/23/01)
  • |Zan (12/23/01)
  • dullien@gmx.de (12/23/01)
  • dullien@gmx.de (12/22/01)
  • |Zan (12/22/01)
  • |Zan (12/22/01)
• [Ftp client , Format strings and SEGFAULTS]
  • Michal Zalewski (12/05/01)
  • KF (12/05/01)
  • KF (12/05/01)
• A problem domain hosted by you
  • scott (12/28/01)
• A Strang bug using Ctrl-N, perhaps a way to deny service on a shell
  • Ben Allen (12/16/01)
  • Frank de Lange (12/16/01)
  • Erik Fichtner (12/16/01)
  • Ben Allen (12/16/01)
• Again: Possible DoS attack against Sun Ray Servers?
  • Chatfield, Randy (12/14/01)
  • Hanspeter Schmid (12/14/01)
• analysis of mingetty error (version 0.9.4)
  • Jose Nazario (12/03/01)
• Another IE denial of service attack
  • Timothy Luce (12/06/01)
  • Wodahs Latigid (12/06/01)
• Anti-Web "Vulnerability" is a false alarm
  • D. (12/02/01)
• Are NULL pointer deref a security problem ?
  • Nicolas Gregoire (12/11/01)
  • zeno (12/07/01)
  • Nicolas Gregoire (12/07/01)
• AW: IE Denial of service (sorta)
  • Matthias Kerstner (12/05/01)
  • Matthias Kerstner (12/05/01)
• BitchX Segmentation Fault
  • gaksamit2@poczta.onet.pl (12/29/01)
  • cathedral (12/21/01)
  • Erik Sperling Johansen (12/29/01)
  • Harmen (12/28/01)
  • Ugen (12/28/01)
  • Erik Sperling Johansen (12/28/01)
  • NETKOJI (12/23/01)
• Black Hat Windows Security 2002 Speakers Announced
  • B.K. DeLong (12/21/01)
• blackshell1: Multiple Prolems with Vandykes SecureCRT
  • blackshell@hushmail.com (12/30/01)
• blackshell1: Multiple Prolems with Vandykes SecureCRT (fwd)
  • hellNbak (12/30/01)
• buffer overflow question
  • Richard Masoner (12/10/01)
  • Minchu Mo (12/09/01)
  • Dr Anish.M (12/06/01)
  • Richard Masoner (12/05/01)
  • Gerardo Richarte (12/05/01)
  • Marshal (12/05/01)
  • Iván Arce (12/05/01)
  • *jnf (12/04/01)
• Bug in fetchmail.
  • Eric S. Raymond (12/04/01)
• BUGLOOK: Outlook Express 6.00 + MS Exchange Server version 5.5
  • http-equiv@excite.com (12/06/01)
  • http-equiv@excite.com (12/06/01)
• Can anyone verify a core dump on /sbin/mingetty
  • Derry Hamilton (12/04/01)
  • dr john halewood (12/04/01)
  • Darian Lanx (12/04/01)
  • KF (12/03/01)
  • David Klann (12/03/01)
  • jon schatz (12/03/01)
  • J.R. Blain (12/04/01)
  • dvdman dvdman (12/03/01)
  • jon schatz (12/03/01)
  • Chip Mefford (12/03/01)
  • Pedro Miller Rabinovitch (12/03/01)
  • smackenz (12/03/01)
• Can anyone verify a core dump on /sbin/mingetty - FOLLOW UP - Getty also dumping - AGETTY too
  • KF (12/03/01)
• Can anyone verify a core dump on /sbin/mingetty - FOLLOW UP - Getty also dumping core
  • Matias Sedalo (12/04/01)
  • Jeffrey Denton (12/04/01)
  • Peter Mueller (12/03/01)
  • Przemyslaw Frasunek (12/03/01)
  • Bill Weiss (12/04/01)
  • Scott Mackenzie (12/03/01)
• CERT Conference 2002 Call for Presentations
  • Matthew G. Marsh (12/06/01)
• character injecting on linux console
  • Michal Zalewski (12/10/01)
  • Valdis.Kletnieks@vt.edu (12/10/01)
  • Michal Zalewski (12/09/01)
  • Nelson Brito (10/09/01)
  • Dom De Vitto (12/09/01)
  • DFx (12/08/01)
  • Valkai Elod (12/08/01)
  • Doru Petrescu (12/08/01)
  • Robert van der Meulen (12/08/01)
  • Robert van der Meulen (12/08/01)
  • Michael R. Rudel (12/08/01)
  • Michael Greenberg (12/08/01)
  • Michal Zalewski (12/08/01)
  • Michael R. Rudel (12/08/01)
  • Doru Petrescu (12/08/01)
• Clicktilluwin DLDER Trojan
  • mezzanine (12/23/01)
  • Jonas M Luster (12/31/01)
  • Michael Watson (12/31/01)
  • jon@kirkbrideonline.com (12/31/01)
• core dump on mingetty and getty
  • G . Cohen (12/04/01)
  • Michal Zalewski (12/03/01)
  • KF (12/03/01)
  • Sean Davis (12/03/01)
  • Nelson Sampaio Araujo Junior (12/03/01)
  • Patrick Patterson (12/03/01)
  • Ryan Yagatich (12/03/01)
  • KF (12/03/01)
• cross site scripting vulnerability on ebay.com
  • - - (12/19/01)
• CSS in DMOZGateway ( php-nuke )
  • frog frog (12/16/01)
• exploiting wu-ftpd
  • zen-parse (12/12/01)
  • Przemyslaw Frasunek (12/02/01)
  • Krish Ahya (12/02/01)
  • Przemyslaw Frasunek (12/01/01)
• Fwd: Stack overflow in all Internet Explorer Versions!!
  • Markus Kern (12/03/01)
  • dotslash@snosoft.com (12/02/01)
• Grokster and possible trojan
  • Dom De Vitto (12/31/01)
  • jont@athenix.com (12/28/01)
  • Ken Pfeil (12/28/01)
  • Dom De Vitto (12/28/01)
  • Brendon Crawford (12/28/01)
  • scott@falcon.graphictype.com (12/28/01)
  • Michael (12/28/01)
  • scott [gts] (12/27/01)
• Grokster and possible trojan (part 2)
  • Ken Pfeil (12/28/01)
  • Hall, Philip (12/27/01)
  • scott [gts] (12/27/01)
• Grokster and your email
  • Holmes, Ben (12/31/01)
  • Kerosene (12/31/01)
  • Amer Karim (12/30/01)
  • Ken Pfeil (12/30/01)
  • Markus Kern (12/30/01)
  • Michael (12/30/01)
  • Mark L'Italien (12/30/01)
  • yanker@sympatico.ca (12/30/01)
• hardware protection for format string attacks
  • Mariusz Woloszyn (12/04/01)
• help: raw_ip socket and system implication
  • Mike Price (11/30/01)
• Hotmail antivirus still does not clean recursive archives
  • Michel Arboi (12/21/01)
• How to Change section attribute in ELF file
  • Minchu Mo (12/31/01)
• How to trace system level call in AIX
  • Pete Finnigan (12/20/01)
  • Pete Finnigan (12/20/01)
  • Steve Barnet (12/19/01)
  • Michael Wojcik (12/19/01)
  • Valdis.Kletnieks@vt.edu (12/18/01)
  • Minchu Mo (12/17/01)
• IE Crashing MICROSOFT RESPONSE
  • zeno (12/06/01)
• IE Denial of service (sorta)
  • Simon Kornblith (12/07/01)
  • Colby Marks (12/06/01)
  • R. Toma (12/06/01)
  • Kerry (12/06/01)
  • Alan Richardson - Stuff Trading (12/05/01)
  • Thor@HammerofGod.com (12/05/01)
  • Nick Lange (12/05/01)
  • zeno (12/05/01)
  • zeno (12/04/01)
• IE goes boom on OSX
  • Ian Stoba (12/17/01)
  • Josha Bronson (12/16/01)
  • elguapo (12/16/01)
• IE https certificate attack
  • Oscar Batyrbaev (12/24/01)
• IE6.0 could inherit Iframe weakness from IE 5.x if not patched pr oberly
  • KRUSE PETER, Teliadk (12/07/01)
• iptables 'new but not syn' packets
  • Cedric Blancher (12/14/01)
  • Leonardo Rodrigues (12/13/01)
• iptables 'syn but not new' packets
  • Cedric Blancher (12/14/01)
  • Leonardo Rodrigues (12/13/01)
  • Leonardo Rodrigues (12/13/01)
  • Alex Butcher (vuln-dev) (12/12/01)
  • Blue Boar (12/11/01)
  • Leonardo Rodrigues (12/11/01)
• Is GOT exploitable in solaris?
  • Juliano Rizzo (12/28/01)
  • Shaun Clowes (12/27/01)
  • KF (12/25/01)
  • Minchu Mo (12/25/01)
• JScript bugs in Internet Explorer 5 & 6 create stack faults & invalid page faults in various DLL's.
  • SkyLined@mail.com (12/14/01)
• Linux Firewalls
  • Mike Murray (12/21/01)
  • David Correa (12/21/01)
  • Kain (12/21/01)
  • McKee, Charles (12/20/01)
• m68k shellcode
  • KF (12/23/01)
  • Ben Williams (12/23/01)
• malformed sql queries
  • Kevin Hegg (12/31/01)
  • Francois Scala (12/30/01)
  • Blue Boar (12/30/01)
  • Peter Gutmann (12/30/01)
  • JayBonci (12/30/01)
  • Peter Gutmann (12/30/01)
  • JayBonci (12/30/01)
  • Gabriel A. Maggiotti (12/30/01)
• memcpy with negative length and destination on heap - exploitable?
  • Pavel Kankovsky (12/26/01)
  • 3APA3A (12/26/01)
  • dullien@gmx.de (12/26/01)
  • 3APA3A (12/24/01)
• Microsoft IKE DoS... source port 500?
  • Nelson Brito (10/12/01)
  • Abe L. Getchell (12/30/01)
• mount
  • bugtraq@seifried.org (12/29/01)
  • undef (12/27/01)
  • Michal Zalewski (12/27/01)
• Mozilla personal security manager /tmp issues
  • KF (12/26/01)
• not confirmed but i wonder what this would do
  • itm@itmo.dyndns.org (12/29/01)
• Older BeroFTPD glob
  • Eduardo Cruz (12/10/01)
  • Eduardo Cruz (12/10/01)
  • Bernhard Rosenkraenzer (12/10/01)
  • Bernhard Rosenkraenzer (12/10/01)
  • KF (01/02/70)
  • Eduardo Cruz (12/09/01)
  • KF (12/02/03)
• OpenSSH UseLogin proof of concept exploit
  • [WaR] (12/06/01)
• PHPNuke Cross Scripting...
  • frog frog (12/14/01)
• Phpnuke Cross site scripting vulnerability
  • Cabezon Aurélien (12/03/01)
• Phpnuke Cross site scripting vulnerability (patch)
  • supergate@twlc.net (12/09/01)
• Possible DoS attack against Sun Ray Servers?
  • Sam Ferrell (12/07/01)
  • Hanspeter Schmid (12/06/01)
• Possible OpenSSH DoS Attack
  • Markus Friedl (12/11/01)
  • Jose Nazario (12/11/01)
  • Robert van der Meulen (12/11/01)
  • Josha Bronson (12/11/01)
  • Pedro Inacio (12/11/01)
• Possible problem with GnuPG 1.0.6
  • Przemyslaw Frasunek (12/29/01)
  • Przemyslaw Frasunek (12/29/01)
• possible su local D.o.S
  • Ron DuFresne (12/14/01)
  • Frank de Lange (12/13/01)
  • White Vampire (12/13/01)
  • Emre Yildirim (12/13/01)
  • Robert Freeman (12/13/01)
  • Blue Boar (12/13/01)
  • Jose Nazario (12/13/01)
  • Michal Zalewski (12/13/01)
  • Flavio Veloso (12/13/01)
  • H VC (12/13/01)
• Potential hole in Ettercap 0.6.2
  • ALoR (12/04/01)
  • Jonathan Bloomquist (12/04/01)
  • Jose Nazario (12/04/01)
  • ALoR (12/04/01)
  • Blue Boar (12/04/01)
  • Michal Zalewski (12/04/01)
  • Melsa (12/04/01)
  • w1re p4ir (12/04/01)
  • Blue Boar (12/04/01)
• ProFTPD 1.2.2rc3 Remote Server Vulnerability
  • U dong-houn (12/05/01)
  • ARAI Yuu (12/05/01)
  • scott (12/04/01)
  • Alex Butcher (vuln-dev) (12/04/01)
  • KF (12/05/01)
  • smackenz (12/04/01)
• ProFTPD 1.2.2rc3 Remote Server Vulnerability (-> ftp client buffer overflow)
  • Ciprian Csordas (12/05/01)
• proftpd format bug
  • Jose Nazario (12/10/01)
  • Robert van der Meulen (12/09/01)
  • Fuska (12/04/05)
• Proftpd SIGSEGV
  • Joel F (12/31/01)
  • Przemyslaw Frasunek (12/31/01)
  • Yaroslav Klyukin (12/30/01)
• Proof of concept for the format bug in Ettercap 0.6.2
  • BAILLEUX Christophe (12/05/01)
• Proxy bypass in Opera : security related ?
  • Darren W. MacDonald (12/06/01)
  • Valdis.Kletnieks@vt.edu (12/05/01)
  • maillist (12/05/01)
  • Nicolas Gregoire (12/05/01)
• proxy tool
  • Michel Arboi (12/15/01)
  • Valdis.Kletnieks@vt.edu (12/15/01)
  • Steve De Doncker (12/15/01)
  • Talley Anonymous Remailer (12/15/01)
• Red Hat 7.1 rpc.statd problem
  • Valdis.Kletnieks@vt.edu (12/06/01)
  • Fyodor (12/05/01)
  • Blue Boar (12/05/01)
  • Przemyslaw Frasunek (12/05/01)
  • Fyodor (12/05/01)
  • Fyodor (12/05/01)
  • Chris Ess (12/05/01)
  • Blue Boar (12/05/01)
• Remote exploit for popular Sniffer Ettercap.
  • Blue Boar (12/13/01)
  • Giorgio (12/13/01)
  • Brian (12/13/01)
  • ALoR (12/13/01)
  • vuln-dev (12/12/01)
• RunAs weirdness...
  • Riley Hassell (12/20/01)
  • 3APA3A (12/20/01)
  • Riley Hassell (12/21/01)
  • Phillip Nordwall (12/19/01)
  • jesperht@hotmail.com (12/19/01)
  • Ed Moyle (12/19/01)
  • KRFinisterre@checkfree.com (12/18/01)
• sadc Segmentation Fault
  • KF (12/07/01)
  • KF (12/07/01)
  • VISC Network (12/07/01)
  • smackenz (12/03/01)
• Security hole in IMessenger ( PHP-Nuke )
  • frog frog (12/15/01)
• Security holes in Hotmail, Yahoo, and other webmails
  • FozZy (12/24/01)
• Segmentation fault in BitchX
  • pktd (12/30/01)
• Segmentation Fault in KaZaA
  • magnet0 (12/28/01)
• Serious bug in IMessenger ( php-nuke )
  • frog frog (12/16/01)
• Serious Hole in IMessenger ( php-nuke )
  • frog frog (12/19/01)
• sometimes IIS 4.0 don't write logs.
  • ThEye (12/20/01)
  • Pablo Aravena (12/20/01)
  • ThEye (12/20/01)
• twlc advisory: plesk (psa) allows reading of .php files
  • supergate@twlc.net (12/21/01)
• Update on grokster trojan domain name
  • Ken Pfeil (12/28/01)
  • Markus Kern (12/28/01)
  • scott (12/28/01)
• UUCP
  • David Hawley (12/04/01)
  • Casper Dik (12/01/01)
  • sirsyko@ishiboo.com (12/01/01)
• uugetty mgetty also...
  • Rodrigo Barbosa (12/05/01)
  • Rodrigo Barbosa (12/04/01)
  • Andrew Sharpe (12/04/01)
  • KF (12/04/01)
• Vulnerability in SETI@home
  • dotslash@snosoft.com (12/02/01)
  • dotslash@snosoft.com (12/02/01)
  • joetesta@hushmail.com (12/03/01)
• WarFtpd 1.65 Buffer Overflow
  • dullien@gmx.de (12/02/01)
  • Chris Davis (12/08/01)
• Webmails security warning
  • FozZy (12/03/01)
• WebSitePro format bug + (old) its path.
  • Nelson Brito (10/06/01)
  • Paulo Ribeiro (12/23/01)
• wget core dumps
  • Florian Weimer (12/27/01)
  • Charles 'core' Stevenson (12/27/01)
  • KF (12/25/01)
• Why MS namedpipe work this way
  • Ryan Permeh (12/11/01)
  • 3APA3A (12/11/01)
  • Robert Freeman (12/10/01)
  • Minchu Mo (12/10/01)
• Win XP IP address hijack?
  • Jarek Durak (12/14/01)
  • Dimitry Andric (12/15/01)
  • Burton@SNS (12/14/01)
  • Curt Wilson (12/14/01)
• Windows 2000 Runas weirdness
  • flume@acm.org (12/21/01)
  • ian (12/19/01)
  • jesperht@hotmail.com (12/18/01)
• Windows XP 'logon screen' runs as system account
  • Ryan Permeh (12/22/01)
  • Menso Heus (12/22/01)
• yet another fake exploit making rounds
  • auto241065@hushmail.com (12/22/01)
  • Michal Zalewski (12/21/01)
  • xbud (12/21/01)
  • Wall, Kevin (12/21/01)
  • Michal Zalewski (12/21/01)

Last message date: 12/31/01
Archived on: 12/31/01 CET

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint