bugtraq 2001/08
By Subject
420 messages sorted by:
[ author ]
[ date ]
[ thread ]
Other mail archives
Starting: Thu Jun 14 2001 - 08:53:17 PDT
Ending: Sat Sep 01 2001 - 09:32:38 PDT
- *ALERT* UPDATED BID 3163 (URGENCY 6.58): Sendmail Debugger Arbitrary Code Execution Vulnerability (fwd)
- -- [ iSecureLabs BadBlue v1.02 beta for Windows 98, ME and 2000 Advisory ] --
- 3 phpnuke bugs (2 possibly lead to admin privs)
- @Home network subject to DHCP hijacking
- [ASGUARD-LABS] glFTPD v1.23 DOS Attack
- [CLA-2001:411] Conectiva Linux Security Announcement - windowmaker
- [CLA-2001:412] Conectiva Linux Security Announcement - sendmail
- [CLA-2001:413] Conectiva Linux Security Announcement - telnet
- [CLA-2001:415] Conectiva Linux Security Announcement - xloadimage
- [CLA-2001:416] Conectiva Linux Security Announcement - xinetd
- [CLA-2001:417] Conectiva Linux Security Announcement - openldap
- [CLA-2001:418] Conectiva Linux Security Announcement - openssl
- [ESA-20010816-01] fetchmail-ssl memory overwrite vulnerability
- [Fwd: OpenUnix 8 dtaction dtprintinfo dtsession overflows]
- [iisanswers] IISAnswers Bulletin: NT4 Sites with Redirects can crash from Code Red
- [Immunix-announce] ImmunixOS 7.0 sendmail update
- [Immunix-announce] ImmunixOS 7.0 update for xinetd
- [LoWNOISE] Tomcat 3.2.1 ..0 DoS (WinNT)
- [RAZOR] Linux kernel IP masquerading vulnerability (_actual_
- [RAZOR] Linux kernel IP masquerading vulnerability (_actual_ patch)
- [Real Security] Advisory for Nudester 1.10
- [RHSA-2001:098-05] Updated OpenLDAP packages available for Red Hat Linux 6.2, 7, and 7.1
- [RHSA-2001:099-06] New telnet packages available to fix buffer overflow vulnerabilities
- [RHSA-2001:100-02] Updated Kerberos 5 packages now available
- [SNS Advisory No.38] Trend Micro Virus Buster (Ver.3.5x) Remote File Disclosure With IUSER Privilege Vulnerability
- [SNS Advisory No.39] WinWrapper Professional 2.0 Remote Arbitrary File Disclosure Vulnerability
- [SNS Advisory No.40] TrendMicro OfficeScan Corp Edition ver.3.54 Remote read file of IUSER authority Vulnerability
- Administrivia: Full Disclosure Debate
- Administrivia: HTML Email Thread
- Adobe Acrobat creates world writable ~/AdobeFnt.lst files
- Adobe PDF files can be used as virus carriers
- ADV/EXP: netkit <=0.17 in.telnetd remote buffer overflow
- Advisory Update: Design Flaw in Linksys EtherFast 4-Port Cable/DSL Router
- ANNOUNCE: RATS 1.1 (beta)
- Another sendmail exploit
- Another sendmail exploit [local root compromise]
- AOLserver 3.0 vulnerability
- Are your mod_rewrite rules doing what you expect?
- Arkeia Possible remote root & information leakage
- AVTronics InetServer DoS and BoF Vulnerabilities
- BID 3161: other ZyXEL Prestige routers affected too
- BSCW symlink vulnerability
- BSDi (3.0/3.1) reboot machine code as any user (non-specific)
- Buffer overflow in BestCrypt for Linux
- Bug in MAS90 Accounting Platform remote access?
- bugtraq id 3133
- Can we afford full disclosure of security holes?
- carol clickme: Outlook Express 6.00
- CERT Advisory CA-2001-24
- Cisco Security Advisory: CBOS Web-based Configuration Utility Vulnerability
- Cisco Security Advisory: Vulnerabilities in Cisco SN 5420 Storage Routers
- Code Red affecting IIS and Proxy
- Code RED related problem
- Code Red Revision (fwd)
- CodeRed II ARIS Incident Analysis
- CodeRedII - New non-variant codered worm - Analysis.
- cold fusion 5.0 cfrethrow exploit
- CR vs. CoreBuilder
- Dangerous temp file creation during installation of Netscape 6.
- Denial of Service in SHOUTcast Server 1.8.2 Linux/w32/?
- Easily and Remotely Pipe a Covert Shell on phpBB version 1.4.0 and below
- easy remote detection of a running tripwire for webpages syst em
- easy remote detection of a running tripwire for webpages system
- Entrust - getAccess
- eRisk Security Advisory: PhpMyExplorer vulnerable to directory traversal.
- Eudora MUA: Risky practice
- Eudora MUA: Risky practice -> Security domains
- F7-Enter bug details & workaround
- Fetchmail security advisory
- Fwd: Security Alert: Groupwise - Action Required
- Fwd: ZyXEL Prestige 642 Router Administration Interface Vulnerability
- gnut gnutella client html injection
- Groupwise Webaccess, NetWare web server, and Novell
- Hardware defences against SYN flooding
- Hexyn / Securax Advisory #22 - ICQ Forced Auto-Add Users
- Hi Resolution System Ltd's MacAdministrator 2.0.4fc4 Hidden Files Disclosure and Access Vulnerability
- Hotmail message view exploit
- HP Jetdirect passwords don't sync
- HTML email "bug", of sorts.
- HTML Form Protocol Attack
- IBM AIX Security Notification: Web site defacements
- IIS keeps stopping, quite a large number of people affected by th is, why ?!?!
- ImmunixOS 7.0 sendmail update
- ImmunixOS 7.0 update for xinetd
- improper use of netfilter MIRROR target can cause DoS
- Infection Notification
- Internal IP Address Disclosure in Microsoft-IIS 4.0 & 5.0
- IrDA semiremote vulnerability
- ISS Advisory: Remote Buffer Overflow Vulnerability in BSD Line Printer Daemon
- ISS Advisory: Remote Buffer Overflow Vulnerability in HP-UX Line Printer Daemon
- ISS Security Advisory: Multiple Buffer Overflow Vulnerabilities i n Raytheon SilentRunner
- ISS Security Advisory: Multiple Buffer Overflow Vulnerabilities in Raytheon SilentRunner
- ISS Security Advisory: Remote Vulnerabilities in Macromedia ColdF usion Example Applications
- Java Plugin 1.4 with JRE 1.3 -> Ignores certificates.
- javascript can write anything to windows98 registry
- JWSDK *add-on
- KaZaA / Morpheus Exploit??? (At least a way to get username and such)
- Kazaa and Morpehus Exploit (how to view their shared files)
- Linksys router security fix
- Linux Kernel 2.2.x
- Local exploit for TrollFTPD-1.26
- Local Vulnerability in dbsnmp binary
- Local Vulnerability in dbsnmp binary in Oracle 8.1.6 - 8.1.7 - 9i
- Local Vulnerability in dbsnmp binary in Oracle 8.1.6-8.1.7-9i
- long url overflow in IE6 public preview on WinME
- Lotus Domino DoS
- Lotus Domino DoS solution
- LPRng/rhs-printfilters - remote execution of commands
- Massive attack to Alcatel Speed Touch Home & Pro
- Massive attack to Alcatel Speed Touch Home & Pro (fwd)
- matrix screensvr(16 Bit CineMac Screen Saver Engine) - [input validation error?]
- MDKSA-2001:068 - telnet update
- MDKSA-2001:069 - openldap update
- MDKSA-2001:070 - gdm update
- MDKSA-2001:071 - kernel 2.4 update
- MDKSA-2001:072 - fetchmail update
- MDKSA-2001:073 - xli update
- MDKSA-2001:074 - WindowMaker update
- MDKSA-2001:075 - sendmail update
- MDKSA-2001:076 - xinetd update
- More impact from CRII
- MPSA - Another security tool from MS
- MS patch-scanner for Win-NT, 2K, IIS, SQL
- MS Windows Media Player ASF Marker Buffer Overflow
- MS-DOS Filename/Directory Vulnerability
- MS01-035 Hot Fix for IIS
- Multiple Remote DoS vulnerabilities in Microsoft DCE/RPC deamons
- Multiple vulnerabilities in Avaya Argent Office
- Multiple-Vendor-FTP-Vuln. (old?)
- NE 4.0, 4.1 Response Header Overflow
- Netaddress Secutity issue solved
- NetBSD Security Advisory 2001-013: OpenSSL PRNG weakness (up to 0.9.6a)
- NetBSD Security Advisory 2001-014: dump(8) exposes 'tty' group
- NetCode NC Book 0.2b remote command execution vulnerability
- Netscape 6.01A ksh "here document" vulnerability.
- New command execution vulnerability in myPhpAdmin
- new modification for telnetd for irix
- NSFOCUS SA2001-05 : Solaris Xlock Heap Overflow Vulnerability
- NSFOCUS SA2001-06 : Microsoft IIS ssinc.dll Buffer Overflow Vulnerability
- Oracle 8.1.5 dbnsmp vulnerability
- Oracle 8.1.5 dbsnmp vulnerability
- Outlook 2000 Rich Text information disclosure
- OWA over ssl shutting down IIS
- phpBB 1.4.0 bug leads to easy admin privileges
- Phrack57 if out.
- Possible Denial of Service with PHP and Cyrus IMAP on BSDi 4.2
- Programmer claims MS eBook Reader Cracked
- qmail starttls patch does not seed the random number generator
- qpopper and pam.d
- Question: Tomcat 3.2.1 dir. traversal vuln.
- Quick temporary fix for OWA DOS
- rcs2log
- Relay Test
- Relaying in MDaemon
- Relaying in MDaemon ((UPDATED ALEPH))
- Relaying in MDAEMON.
- REPOST: A damaging local DoS in WinNT SP6a
- Respondus v1.1.2 stores passwords using weak encryption
- Roxen security alert: URL decoding vulnerable
- RUS-CERT Advisory 2001-08:01
- Sambar Telnet Proxy/Server multiple vulnerablietis
- Sample implementation of new WEP weakness
- Security Advisory for Bugzilla v2.13 and older
- Security alert: Remote user can access any file
- security bulletins digest
- Security certificate negation by content provider
- security hole in os groupware suite PHProjekt
- security problem in surf-net ASP Discussion Forum < 2.30
- Security problems with Dell Latitude C800 Notebook BIOSes
- Security Update [CSSA-2001-026.0] Linux - Security problems in imp
- Security Update [CSSA-2001-029.0] Linux - Squid configuration problems
- Security Update [CSSA-2001-032.0] Linux - sendmail instant root exploit
- Security Update: [CSSA-2001-028.0] Linux - Tomcat security problems
- Security Update: [CSSA-2001-031.0] Linux -security issues in ucd-snmp
- Security Update: [CSSA-2001-30.0] Linux - Telnet AYT remote exploit
- Security Update: [CSSA-2001-SCO.10]: OpenServer: /etc/telnetd buffer overflow
- Security Update: [CSSA-2001-SCO.12] OpenServer: mana buffer overflow
- Security Update: [CSSA-2001-SCO.13] OpenServer: BIND buffer overflows
- Security Update: [CSSA-2001-SCO.15] Open Unix: lpsystem buffer overflow
- SECURITY.NNOV: special devices access in multiple archivers
- SIX-webboard 2.01 "show files" vulnerability
- Slackware 8.0, 7.1 Vulnerability: /usr/bin/locate
- snmpd log files long names problems
- Solaris 8 libsldap exploit
- Solaris LPD Exploit (fwd)
- Solaris Patchadd symlink exploit.
- Starfish Truesync Desktop + REX 5000 Pro multiple vulnerabilities
- Sun Security Bulletin #00206 (fwd) [Patches for in.lpd]
- Sun Security Bulletin #00207
- Sun Security Bulletin #00207 (fwd) [Patches for snmpXdmid.]
- SurgeFTP admin account bruteforcable
- SuSE 7.2 (& others) sendmail local xploit
- SuSE Security Announcement: fetchmail (SuSE-SA:2001:026)
- SuSE Security Announcement: sdb (SuSE-SA:2001:027)
- SuSE Security Announcement: sendmail (SuSE-SA:2001:028)
- SuSE Security Announcement: xmcd (SuSE-SA:2001:025)
- suse: sdbsearch.cgi vulnerability
- tdforum 1.2 Messageboard
- The Dangers of Allowing Users to Post Images
- Tivoli Management Framework Alert!!!
- Tool for cleaning up the obvious effects of the Code Red II worm
- Tool prevents logging of default.ida (IIS / NT)
- Trend Micro InterScan VirusWall - AV control bypass
- UDP packet handling weird behaviour of various operating systems
- uidadmin buffer overflow
- URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0
- Various problems in Baltimore's WEBSweeper Script filtering
- Vulnerability in credit union's E-statement feature
- vulnerability in oracle binary in Oracle 8.0.5 - 8.1.6
- Vulnerability in oracle binary in Oracle 8.0.5-8.1.6
- vulnerability in otrcrep binary in Oracle 8.0.5.
- Vulnerability in otrcrep in Oracle 8.0.5
- Web "bug" workarounds
- webridge application suite gives up too much error information on Internal Server Error
- WIN2000 and IIS
- Wvdial insecure conf?
- X White Paper Released
- Xerox N40 printers and Code Red worm
- xinetd 2.3.0 audit status
- ZyXEL Prestige 642R: Exposed Admin Services on WAN with Default Password
Last message date: Sat Sep 01 2001 - 09:32:38 PDT
Archived on: Sat Sep 01 2001 - 09:33:15 PDT
420 messages sorted by:
[ author ]
[ date ]
[ thread ]
Other mail archives
This archive was generated by hypermail 2b30
: Sat Sep 01 2001 - 09:33:15 PDT