bugtraq 2002/02
By Subject
400 messages sorted by:
[ author ]
[ date ]
[ thread ]
Other mail archives
Starting: Thu Jan 31 2002 - 15:18:51 PST
Ending: Mon Mar 04 2002 - 14:43:27 PST
- "Cthulhu xhAze" - Command execution in Ans.pl
- "Javier Sanchez" jsanchez157at_private 02/25/2002 11:14 AM, Symantec LiveUpdate
- (no subject)
- *****SPAM***** A reason for concern over ie's GetObject() vulnerabilities... Hotmail...
- *****SPAM***** AdMentor Login Flaw
- *****SPAM***** MSDE, Sql Server 7 & 2000 Adhoc Heterogenous Queries Buffer Overflow and DOS
- *****SPAM***** Symantec LiveUpdate
- *****SPAM***** UPDATE: [wcolburnat_private: SMTP relay through checkpoint firewall]
- -possible- Bufferoverflow in ICQ 2001b
- -Possible- licq D.o.S
- ... Tiny Personal Firewall ...
- 2K, with RealPlayer Installed 100 % CPU utilization
- [ GFISEC04102001 ] Internet Explorer and Access allow macros to be executed automatically
- [ARL02-A02] DCP-Portal Root Path Disclosure Vulnerability
- [ARL02-A03] DCP-Portal Cross Site Scripting Vulnerability
- [ARL02-A04] DCP-Portal System Information Path Disclosure Vulnerability
- [CLA-2002:463] Conectiva Linux Security Announcement - uucp
- [CLA-2002:464] Conectiva Linux Security Announcement - squid
- [Fwd: BUG: [Kernel 2.4.18 - IP Tables 1.2.4] ?]
- [Global InterSec 2002012101] DeleGate Application Proxy - Multiple Vulnerabilities
- [GSA2002-01] Web browsers ignore the Content-Type header, thus allowing cross-site scripting
- [NGSEC-2002-1] Ettercap, remote root compromise
- [RHSA-2001:163-20] Updated ucd-snmp packages available
- [RHSA-2002:018-05] New rsync packages available)
- [RHSA-2002:020-05] Updated ncurses4 compat packages are available
- [RHSA-2002:028-13] Updated 2.4 kernel available
- [RHSA-2002:029-09] New squid packages available
- [RHSA-2002:035-13] Updated PHP packages are available
- [SA-2002:01] Slashcode login vulnerability
- [SPSadvisory#46]Apple QuickTime Player "Content-Type" Buffer Overflow
- [SUPERPETZ ADVISORY #002- Faq-O-Matic Cross-Site Scripting Vulnerability]
- Account theft vulnerability in MakeBid Auction Deluxe 3.30
- Add2it Mailman command execution
- Advisory #3 - PHP & JSP
- Advisory 012002: PHP remote vulnerabilities
- ALERT: ISS BlackICE Kernel Overflow Exploitable
- Alteon ACEdirector signature/security bug
- And another (same) bug in DCForum at user registration process (dcscripts.com)
- Anonymous Mail Forwarding Vulnerabilities in FormMail 1.9
- another hanterm exploit
- Another local root vulnerability during installation of Tarantella Enterprise 3.
- Anti Virus Mailscanners DOS
- Aprisma Response to CERT Advisory
- arescom 800 authentification flaw
- Arescom NetDSL-1000 telnetd DoS
- Astaro Response: Vulnerabilities in Astaro Security Linux 2.016
- Astaro Security Linux Improper File Permissions Flaw
- AtheOS: escaping from a chroot jail
- Authorize.Net Plain Text Login Transmission
- Auto file execution vulnerability in Mac OS
- autoresponder program could be tricked by spamers to send unsolicitedmail to victim's address (fwd)
- Avirt 4.2 question
- Avirt Gateway 4.2 remote buffer overflow: proof of concept
- BadBlue XSS vulnerabilities / Filesharing Server Worm
- BadBlue Yet Another Directory Traversal
- BindView NetInventory NetRC hostcfg_ni password passed in cle ar text
- Black ICE Ping Vulnerability Side Note
- BlackIce 2.9 car Latest with patch "DOS attacks with URG Flag Set ARE NOT LOGGED"
- BPM STUDIO PRO 4.2 DIRECTORY ESCAPE VULNERABILITY
- BPM STUDIO PRO 4.2 DOS DEVICE PATH VULNERABILITY
- Buffer overflow in mIRC allowing arbitary code to be executed.
- BUG: Kmail client DoS
- cachemgr.cgi (2.3STABLE4) (and 2)
- cachemgr.cgi (squid 2.3STABLE4)
- Castelle Faxpress: Password used for NT Print queue can be discl osed in Plain Text
- Century Software Term Exploit
- Cert Advisory 2002-03 and HP JetDirect
- Cert Advisory 2002-03 and HP JetDirect)
- Check Point response to CERT CA-2002-03 (Multi-vendor SNMP vulnerabilities)
- CheckPoint FW1 HTTP Security Hole
- Cisco Security Advisory: Cisco Secure Access Control Server Novell Directory Service Expired/Disabled User Authentication Vulnerability
- Cisco Security Advisory: Data Leak with Cisco Express Forwarding
- Citrix NFuse 1.6 - additional network exposure
- CNet CatchUp arbitrary code execution
- Cobalt-RAQ-4-Bugs&Vulnerabilities
- codeblue remote root
- Colbalt-RAQ-v4-Bugs&Vulnerabilities
- Cross-site Scripting Vulnerability in .Net Framework
- CSS -> ign.com
- CSS visited pages disclosure
- Deanonymizing SafeWeb Users
- dH & SECURITY.NNOV: buffer overflow in mshtml.dll
- Dino's Webserver v1.2 DoS, possible overflow
- DoS Attack against many RADIUS servers
- DoS bug on Tru64
- DoS on HP ProCurve 4000M switch (possibly others)
- DW020203-PHP clarification
- EasyBoard 2000 Remote Buffer Overflow Vulnerability
- Exim 3.34 and lower (fwd)
- Exploit for Tarantella Enterprise installation (bid 4115)
- Extracting a 3DES key from an IBM 4758
- Fairly serious vulnerability in vBulletin 2.2.0
- Falcon Web Server Authentication Circumvention Vulnerability
- Faq-O-Matic Cross-Site Scripting
- Four More ScriptEase MiniWeb Server v0.95 DoS Attacks
- Gator installer Plugin allows any software to be installed
- gnujsp: dir- and script-disclosure
- Greymatter 1.21c and earlier - remote login/pass exposure
- Hackproofing Oracle Application Server paper
- HELP ! : Trojanised HTML: Internet Exporer 5 and 6 [technic al exercise]
- HELP ! : Trojanised HTML: Internet Exporer 5 and 6 [technical exercise]
- Hewlett Packard AdvanceStack Switch Managment Authentication Bypass Vulnerability
- Hotline Client Plain password vuln.
- HP Secure OS Software for Linux security bulletins digest
- HP-UX security bulletins digest
- ICQ Bug possibly?
- Identix BioLogon 3
- IE execution of arbitrary commands without Active Scripting or ActiveX (GM#001-IE)
- In response to alleged vulnerabilities in Microsoft Visual C++ security checks feature
- Infecting the KaZaA network?
- Infecting the KaZaA network? (unlikely)
- Insecure installations of cgi wrappers (RTFM people!)
- InstantServers MiniPortal Multiple Vulnerabilities
- Intel.com Mailing List Arbitrary Address Removal Link
- Internet-Draft for "Responsible Disclosure Process" released
- ITS4 from Cigital flawed
- JSP translation file access under Oracle 9iAS
- KICQ 2.0.0b1 can be remotely crashed
- KPMG-2002004: Lotus Domino Webserver DOS-device Denial of Service
- large spam messages disable Hotmail accounts
- Last Call for Papers - RAID 2002
- LBYTE&SECURITY.NNOV: Buffer overflows in Worldgroup
- Long path exploit on NTFS
- Long path exploit on NTFS - F-Secure Anti-Virus not vulnerable
- Lotus Domino password bypass
- MDKSA-2002:012 - groff update
- MDKSA-2002:013 - openldap update
- MDKSA-2002:014 - ucd-snmp update
- MDKSA-2002:015 - cups update
- MDKSA-2002:016-1 - squid update
- MDKSA-2002:017 - php update
- MDKSA-2002:018 - cyrus-sasl update
- Microsoft C++ feature against buffer overflows itself vulnerable
- Microsoft compiler flaw, Cigital responds
- mod_ssl Buffer Overflow Condition (Update Available)
- more SNMP notes
- MorningStar.ca Canada And Security Practices
- Morpheus, Kazaa and Grokster Remote DoS. Also Identity faking vulnerability.
- mpg321
- Mrtg Path Disclosure Vulnerability
- Mrtg Path Disclosure Vulnerability (Revised)
- MSN contact list disclosure
- MSN Messenger and UDP 1900
- MSN Messenger Hijacking
- MSN Messenger reveals your name to websites (and can reveal email addresses too)
- Multiple Buffer Overflows in Oracle 9iAS
- NAI Gauntlet Firewall 5.5 for NT (Multiple Vendor HTTP CONNECT TCP Tunnel Vulnerability (bugtraq id 4131)
- nCipher Security Advisory #2: SNMP vulnerabilities
- Netgear RT311/RT314
- NetScreen Response to ScreenOS Port Scan DoS Vulnerability
- NetScreen ScreenOS 2.6 Subject to Trust Interface DoS
- NetWin CWMail.exe Buffer Overflow
- Netwin Webnews Buffer Overflow Vulnerability (#NISR18022002)
- new advisory
- new advisory - (filtering problems)
- Non existing attachments, more info
- NtWakO BlackICE sig missing
- Open Bulletin Board javascript bug.
- OSX ICQ DoS
- OT: Netscape security contact ?
- Outlook \r expliots - ripMIME fix.
- Outlook will see non-existing attachments
- Overflow Vulnerabilities in hanterm
- PCFriendly DVD Backchannel
- pforum: cross-site-scripting bug
- pforum: mysql-injection-bug
- PHP Advisory #2
- PHP Safe Mode Filesystem Circumvention Problem
- Phusion-Webserver-v1.0-Bugs&Exploits-Remotes
- PIX DOS (config problem) - Similar to NetScreen ScreenOS...
- PowerFTP Personal FTP Server Multiple Vulnerabilities
- Published Report of Vulnerability in Lucent VitalSuite Software
- Re : Lotus Domino password bypass
- Remote Compromise in Oracle 9i Database Server
- Remote crashes in Yahoo messenger
- Remote DoS in Netgear RM-356
- Remote exploit against xtelld and other fun
- Resend: SuSE Security Announcement: cups (SuSE-SA:2002:006)
- RUS-CERT Advisory 2002-02:01: Temporary file handling in GNAT
- SafeWeb Addresses Vulnerability in Consumer Privacy Technology
- Sapgui 4.6D for Windows
- Sardonix Security Auditing Portal
- SCO UnixWare 7.1.X
- Script for find domino's users
- ScriptEase MiniWeb Server DoS Vulnerability
- ScriptEase:WebServer Edition vulnerability
- Security Advisory - #1
- security advisory linux 2.4.x ip_conntrack_irc
- Security BugWare : Alcatel 4400 PBX hack
- Security Issue in Icewarp
- Security issue with GroupWise 6 and LDAP authentication in PostOffice
- Security Update [CSSA-2002-001.0] Linux - OpenLDAP attribute deletion problem
- Security Update [CSSA-2002-002.0] Linux - Remote exploit against mutt
- Security Update [CSSA-2002-003.0] Linux - Remote attack on rsync
- Security Update: [CSSA-2001-SCO.36.2] REVISED: Open UNIX, UnixWare 7: wu-ftpd ftpglob() vulnerability
- Security Update: [CSSA-2002-004.0] Linux - Various security problems in ucd-snmp
- Security Update: [CSSA-2002-SCO.3] UnixWare 7: message catalog environment variable vulnerability
- Security Update: [CSSA-2002-SCO.4] Open UNIX, UnixWare 7: snmpd memory fault vulnerabilities
- Security Update: [CSSA-2002-SCO.5.1] REVISION: Open UNIX, UnixWare 7, OpenServer: encrypted password disclosure
- Security Update: [CSSA-2002-SCO.5] Open UNIX, UnixWare 7: encrypted password disclosure
- Security Update: [CSSA-2002-SCO.6]
- SECURITY.NNOV: Bypassing content filtering software
- SECURITY.NNOV: Special device access in The Bat!
- SecurityOffice Security Advisory:// Essentia Web Server Directory Traversal Vulnerability
- SecurityOffice Security Advisory:// Essentia Web Server DoS Vulnerability
- SecurityOffice Security Advisory:// Essentia Web Server Vulnerabilities (Vendor Patch)
- SecurityOffice Security Advisory:// LilHTTP Web Server Protected File Access Vulnerability
- SecurityOffice Security Advisory:// Novell GroupWise Web Access Path Disclosure Vulnerability
- SIPS - vulnerable to anyone gaining admin access.
- SiteNews remote add user exploit
- SNMP Enabled on Dell Servers
- SNMP test suite vs. Motorola SB4100 cable modem
- Squid buffer overflow
- Squid HTTP Proxy Security Update Advisory 2002:1
- squirrelmail: squirrelspell plugin check_me.mod.php bug
- Sun Security Bulletin #00215 (fwd)
- SuSE Security Announcement: cups (SuSE-SA:2002:005)
- SuSE Security Announcement: mod_php/mod_php4 (SuSE-SA:2002:007)
- svindel.net security advisory - web admin vulnerability in Ca cheOS
- Sybex E-Trainer Directory Traversal Vulnerability
- Symantec Enterprise Firewall (SEF) Notify Daemon data loss via SN MP
- Symantec Enterprise Firewall (SEF) SMTP proxy inconsistencies
- Symantec LiveUpdate
- tac_plus version F4.0.4.alpha on at least Solaris 8 sparc
- texis(CGI) Path Disclosure Vulnerability
- the dangers of disclosing vulnerabilities when the guilty party is ignorant of industry standards
- This is the CORRECTED POST please ignore the one befor same subject MULTIPLE Remote Issues with II5.1 on Windows XP
- Trojan / Spyware Connection made to 64.240.175.18 every time you use IE ANti-spyware Anti-virus wont detect it.
- TSLSA-2002-0031 - squid
- TSLSA-2002-0033 - mod_php
- TSLSA-2002-0034 - apache
- Unixware Message catalog exploit code
- Update on the MS02-005 patch, holes still remain
- UPDATE: [wcolburnat_private: SMTP relay through checkpoint fire wall]
- UPDATE: [wcolburnat_private: SMTP relay through checkpoint fire wall]]
- UPDATE: [wcolburnat_private: SMTP relay through checkpoint firewall]
- UPDATE: Cert Advisory 2002-03 and Ethereal
- Using Environment for returning into Lib C
- verisign payment site backdoor ?
- Viewing arbitrary file from the file system using Eshare Expressions 4 server
- Vulnerabilities in Astaro Security Linux 2.016
- Vulnerability in all versions of DCForum from dcscripts.com
- Vulnerability in Black ICE Defender
- Vulnerability in Sawmill for Solaris v. 6.2.14
- Whose X do I need to X to get on CERT?
- Why is Microsoft watching us watch DVD movies?
- winamp and wma Song Licenses
- Windows Media Player executes WMF content in .MP3 files.
- Windows XP Remote DOS attacks with SYN Flag. Make CPU 100 %
- XMB cross-scripting vulnerability
- Zero One Tech (ZOT) P100s PrintServer and SNMP
Last message date: Mon Mar 04 2002 - 14:43:27 PST
Archived on: Mon Mar 04 2002 - 14:43:34 PST
400 messages sorted by:
[ author ]
[ date ]
[ thread ]
Other mail archives
This archive was generated by hypermail 2b30
: Mon Mar 04 2002 - 14:43:34 PST