bugtraq 2002/03
By Thread
Most recent messages
370 messages sorted by:
[ author ]
[ date ]
[ subject ]
Other mail archives
Starting: Fri Mar 01 2002 - 00:15:47 PST
Ending: Thu Mar 27 2003 - 09:10:55 PST
- Re: NAI Gauntlet Firewall 5.5 for NT (Multiple Vendor HTTP CONNECT TCP Tunnel Vulnerability (bugtraq id 4131) Colin Campbell (Thu Feb 28 2002 - 18:57:48 PST)
- [ESA-20020301-005] 'apache' (mod_ssl) session caching buffer overflow EnGarde Secure Linux (Thu Feb 28 2002 - 22:10:14 PST)
- [ESA-20020301-006] 'php, mod_php' MIME parsing vulnerabilities EnGarde Secure Linux (Thu Feb 28 2002 - 22:10:44 PST)
- Re: mod_ssl Buffer Overflow Condition (Update Available) Ben Laurie (Fri Mar 01 2002 - 01:54:41 PST)
- Re: Colbalt-RAQ-v4-Bugs&Vulnerabilities Peter N. Go (Fri Mar 01 2002 - 03:20:39 PST)
- IIS SMTP component allows mail relaying via Null Session Todd Sabin (Fri Mar 01 2002 - 07:31:01 PST)
- Re: Commercial stack fragility (Was RE: Cert Advisory 2002-03 and HP JetDirect) Andrew M Hoerter (Fri Mar 01 2002 - 10:38:35 PST)
- Re: the dangers of disclosing vulnerabilities when the guilty party is ignorant of industry standards Brian McWilliams (Fri Mar 01 2002 - 15:16:53 PST)
- Re: IE execution of arbitrary commands without Active Scripting or ActiveX (GM#001-IE) the Pull (Fri Mar 01 2002 - 10:55:10 PST)
- Open Security Testing Meth 2.0 released pete (Fri Mar 01 2002 - 02:30:43 PST)
- [mattat_private: [Zope-Annce] Zope Hotfix 2002-03-01 (Ownership Roles Enforcement)] George Lewis (Fri Mar 01 2002 - 13:34:05 PST)
- Re: Hotline Client Plain password vuln. macdaddyat_private (Thu Feb 28 2002 - 22:33:35 PST)
- AOL Instant Messenger Servers Patched and...Un-Patched? Brendan Butts (Thu Feb 28 2002 - 22:20:07 PST)
- Re: ... Tiny Personal Firewall ... Maher Odeh (Fri Mar 01 2002 - 03:04:17 PST)
- Phorum Discussion Board Security Bug (Email Disclosure) Agricola (Sat Mar 02 2002 - 06:50:59 PST)
- Apache-SSL buffer overflow (fix available) Ben Laurie (Fri Mar 01 2002 - 03:47:36 PST)
- Denial of Service in Sphereserver iphantomiat_private (Sat Mar 02 2002 - 07:12:43 PST)
- RealPlayer bug §ome (Sat Mar 02 2002 - 10:16:53 PST)
- AeroMail multiple vulnerabilities Ulf Harnhammar (Sun Mar 03 2002 - 12:26:05 PST)
- iBuySpy store hole Tom Gilder (Sun Mar 03 2002 - 04:27:52 PST)
- ReBB javascripts vulnerability skizzikat_private (Mon Mar 04 2002 - 07:44:33 PST)
- Security Update: [CSSA-2002-SCO.7] OpenServer: multiple vulnerabilities in squid securityat_private (Mon Mar 04 2002 - 11:34:30 PST)
- Apache-SSL 1.3.22+1.47 - update to security fix Ben Laurie (Mon Mar 04 2002 - 06:47:51 PST)
- Re: PCFriendly DVD Backchannel Olin Sibert (Fri Mar 01 2002 - 21:38:07 PST)
- RE: IE execution of arbitrary commands without Active Scripting or ActiveX (GM#001-IE) Thomas Thornbury (Fri Mar 01 2002 - 04:58:50 PST)
- Re: "Peter Miller" pcmiller61at_private, 02/26/2002 03:48 AM RE: Symantec LiveUpdate Sym Security (Fri Mar 01 2002 - 07:19:27 PST)
- SuSE Security Announcement: squid (SuSE-SA:2002:008) Sebastian Krahmer (Mon Mar 04 2002 - 04:22:55 PST)
- [CLA-2002:465] Conectiva Linux Security Announcement - apache secureat_private (Mon Mar 04 2002 - 08:54:03 PST)
- BSD: IPv4 forwarding doesn't consult inbound SPD in KAME-derived IPsec Greg Troxel (Mon Mar 04 2002 - 08:30:18 PST)
- [RHSA-2002:030-08] Updated radiusd-cistron packages are available bugzillaat_private (Mon Mar 04 2002 - 15:39:28 PST)
- [H20020304]: Remotely exploitable format string vulnerability in ntop hologram (Mon Mar 04 2002 - 04:46:18 PST)
- mutants! - spp_fnord.c (It can see the FNORDs! :-) Dragos Ruiu (Fri Mar 01 2002 - 18:53:04 PST)
- Java HTTP proxy vulnerability Harmen van der Wal (Mon Mar 04 2002 - 17:32:24 PST)
- Buffer Overrun in Talentsoft's Web+ (#NISR01032002A) David Litchfield (Tue Mar 05 2002 - 09:55:06 PST)
- Endymion SakeMail and MailMan File Disclosure Vulnerability rudi carell (Tue Mar 05 2002 - 17:47:38 PST)
- *****SPAM***** Another Sql Server 7 Buffer Overflow c c (Tue Mar 05 2002 - 08:20:04 PST)
- Considerations for IIS Authentication (#NISR05032002C) David Litchfield (Tue Mar 05 2002 - 10:00:06 PST)
- Two new white papers David Litchfield (Tue Mar 05 2002 - 10:18:16 PST)
- IIS Internal IP Address Disclosure (#NISR05032002B) David Litchfield (Tue Mar 05 2002 - 09:58:24 PST)
- Apache+php Proof of Concept Exploit Gabriel A. Maggiotti (Mon Mar 04 2002 - 14:18:42 PST)
- SECURITY.NNOV: few vulnerabilities in multiple RADIUS implementations 3APA3A (Tue Mar 05 2002 - 00:39:35 PST)
- RE: PCFriendly DVD Backchannel Graham, Brian (Tue Mar 05 2002 - 10:01:22 PST)
- On the ultimate futility of server-based mail scanning David F. Skoll (Mon Mar 04 2002 - 14:07:29 PST)
- mtr 0.45, 0.46 Przemyslaw Frasunek (Wed Mar 06 2002 - 06:41:43 PST)
- NT user (who is locked changing his/her password by administrator ) can bypass the security policy and Change the password. Syed Mohamed A (Wed Mar 06 2002 - 01:07:05 PST)
- efingerd remote buffer overflow and a dangerous feature Spybreak (Wed Mar 06 2002 - 01:17:31 PST)
- Mistype a URL? M$N knows what you typed. Darren Reed (Tue Mar 05 2002 - 16:42:02 PST)
- [CLA-2002:466] Conectiva Linux Security Announcement - radiusd-cistron secureat_private (Wed Mar 06 2002 - 11:44:16 PST)
- PureTLS Security Announcement: Upgrade to 0.9b2 Eric Rescorla (Tue Mar 05 2002 - 16:28:00 PST)
- OpenSSH Security Advisory (adv.channelalloc) Markus Friedl (Thu Mar 07 2002 - 03:56:33 PST)
- [PINE-CERT-20020301] OpenSSH off-by-one Joost Pol (Thu Mar 07 2002 - 05:25:20 PST)
- [ESA-20020307-007] Local vulnerability in OpenSSH's channel code. EnGarde Secure Linux (Thu Mar 07 2002 - 08:38:52 PST)
- mIRC DCC Server Security Flaw James Evans (Wed Mar 06 2002 - 14:40:34 PST)
- Various Vulnerabilities in Norton Anti-Virus 2002 Edvice Security Services (Thu Mar 07 2002 - 09:16:01 PST)
- [CLA-2002:467] Conectiva Linux Security Announcement - openssh secureat_private (Thu Mar 07 2002 - 12:45:35 PST)
- SuSE Security Announcement: openssh (SuSE-SA:2002:009) Roman Drahtmueller (Thu Mar 07 2002 - 10:33:31 PST)
- Vulnerability Details for MS02-012 H D Moore (Wed Mar 06 2002 - 18:36:46 PST)
- [OpenPKG-SA-2002.002] OpenPKG Security Advisory (openssh) OpenPKG (Fri Mar 08 2002 - 01:56:26 PST)
- MDKSA-2002:021 - mod_frontpage update Mandrake Linux Security Team (Thu Mar 07 2002 - 20:30:39 PST)
- [CLA-2002:468] Conectiva Linux Security Announcement - php secureat_private (Fri Mar 08 2002 - 06:59:22 PST)
- Linksys BEFVP41 VPN Server does not follow proper VPN standards pschlesingerat_private (Thu Mar 07 2002 - 16:41:16 PST)
- [RHSA-2002:043-10] Updated openssh packages available bugzillaat_private (Fri Mar 08 2002 - 09:19:23 PST)
- linux <=2.4.18 x86 traps.c problem Avery Buffington (Fri Mar 08 2002 - 08:46:32 PST)
- Remote Cobalt Raq XTR vulns W. ter Maat - Digit-Labs Information Security (Fri Mar 08 2002 - 10:32:38 PST)
- Checkpoint FW1 SecuRemote/SecureClient "re-authentication" (client side hacks of users.C) Cedric Amand (Thu Mar 07 2002 - 23:32:02 PST)
- Re: Edvice Security Services <supportat_private, 000701c1c5fb$c168f970$5a01010a@mic2000 Sym Security (Fri Mar 08 2002 - 12:16:02 PST)
- [RHSA-2002:041-08] Updated mod_ssl packages available bugzillaat_private (Thu Mar 07 2002 - 16:39:22 PST)
- MDKSA-2002:019 - openssh update Mandrake Linux Security Team (Thu Mar 07 2002 - 20:28:38 PST)
- Windows 2000 password policy bypass possibility Leonid Mamtchenkov (Wed Mar 06 2002 - 23:40:51 PST)
- MDKSA-2002:020 - mod_ssl update Mandrake Linux Security Team (Thu Mar 07 2002 - 20:29:38 PST)
- Xerver-2.10-File-Disclousure&DoS-attack Alex Hernandez (Fri Mar 08 2002 - 15:39:39 PST)
- OpenSSH 2.9.9p2 packages for Immunix 6.2 with latest fix Greg KH (Sun Mar 10 2002 - 10:53:23 PST)
- ZyXEL ZyWALL10 DoS Knud Erik Hĝjgaard (Mon Mar 11 2002 - 03:21:56 PST)
- Pi3Web/2.0.0 File-Disclosure/Path Disclosure vuln Tekno pHReak (Sat Mar 09 2002 - 20:23:45 PST)
- xtux server DoS. b0iler _ (Sat Mar 09 2002 - 14:53:32 PST)
- Citadel/UX Server Remote DoS attack Vulnerability xperc (Sat Mar 09 2002 - 15:10:15 PST)
- GNU fileutils - recursive directory removal race condition Wojciech Purczynski (Sun Mar 10 2002 - 15:21:23 PST)
- VirusWall HTTP proxy content scanning circumvention Boris Wesslowski (Mon Mar 11 2002 - 04:25:19 PST)
- IMail Account hijack through the Web Interface Obscure (Sun Mar 10 2002 - 12:37:33 PST)
- Suspect 'advisory' from someone claiming to be from Microsoft (was Fwd: Internet Security Update) Marlon Borba (Sun Mar 10 2002 - 10:36:38 PST)
- SMStools vulnerabilities in release before 1.4.8 Marcello Magnifico [fabbricadigitale] (Mon Mar 11 2002 - 00:38:09 PST)
- SuSE Security Announcement: packages containing libz/zlib (SuSE-SA:2002:011) (tandem-announcement, second part) Roman Drahtmueller (Mon Mar 11 2002 - 12:13:42 PST)
- [ESA-20020311-008] Double free() in zlib may lead to buffer overflow. EnGarde Secure Linux (Mon Mar 11 2002 - 09:41:04 PST)
- [RHSA-2002:027-22] Vulnerability in zlib library (powertools) bugzillaat_private (Mon Mar 11 2002 - 10:16:57 PST)
- TSLSA-2002-0039 - openssh Trustix Secure Linux Advisor (Sun Mar 10 2002 - 23:52:33 PST)
- SuSE Security Announcement: libz/zlib (SuSE-SA:2002:010) (tandem-announcement, first part) Roman Drahtmueller (Mon Mar 11 2002 - 12:08:37 PST)
- security problem fixed in zlib 1.1.4 Jean-loup Gailly (Mon Mar 11 2002 - 13:00:21 PST)
- Ecartis/Listar multiple vulnerabilities Janusz Niewiadomski (Sun Mar 10 2002 - 15:57:33 PST)
- Directory traversal vulnerability in phpimglist Jason DiCioccio (Sun Mar 10 2002 - 21:55:01 PST)
- CaupoShop: cross-site-scripting bug ppp-design (Mon Mar 11 2002 - 03:33:37 PST)
- ADVISORY: Windows Shell Overflow Marc Maiffret (Mon Mar 11 2002 - 18:31:20 PST)
- [ARL02-A05] PHP FirstPost System Information Path Disclosure Vulnerability Ahmet Sabri ALPER (Tue Mar 12 2002 - 06:24:49 PST)
- zlib & java Darren Reed (Tue Mar 12 2002 - 07:29:25 PST)
- Security Update: [CSSA-2002-SCO.8] OpenServer: dlvr_audit: exploitable buffer overflow securityat_private (Mon Mar 11 2002 - 16:12:20 PST)
- exploiting the zlib bug in openssh H D Moore (Tue Mar 12 2002 - 01:57:29 PST)
- FreeBSD Ports Security Advisory FreeBSD-SA-02:15.cyrus-sasl FreeBSD Security Advisories (Tue Mar 12 2002 - 06:27:58 PST)
- Re: [VulnWatch] exploiting the zlib bug in openssh Michal Zalewski (Tue Mar 12 2002 - 09:12:51 PST)
- FreeBSD Ports Security Advisory FreeBSD-SA-02:16.netscape FreeBSD Security Advisories (Tue Mar 12 2002 - 06:28:03 PST)
- FreeBSD Ports Security Advisory FreeBSD-SA-02:14.pam-pgsql FreeBSD Security Advisories (Tue Mar 12 2002 - 06:27:51 PST)
- MDKSA-2002:022 - zlib update Mandrake Linux Security Team (Tue Mar 12 2002 - 09:04:29 PST)
- NetBSD Security Advisory 2002-004: Off-by-one error in openssh session NetBSD Security Officer (Tue Mar 12 2002 - 11:05:34 PST)
- NetBSD Security Advisory 2002-002: gzip buffer overrun with long filename NetBSD Security Officer (Tue Mar 12 2002 - 11:05:14 PST)
- Marcus S. Xenakis "directory.php" allows arbitrary code execution Florian Hobelsberger / BlueScreen (Sun Mar 10 2002 - 13:43:40 PST)
- Security Update: [CSSA-2002-SCO.10] OpenServer: OpenSSH channel code vulnerability securityat_private (Tue Mar 12 2002 - 14:48:40 PST)
- FreeBSD Ports Security Advisory FreeBSD-SA-02:17.mod_frontpage FreeBSD Security Advisories (Tue Mar 12 2002 - 06:28:09 PST)
- [OpenPKG-SA-2002.003] OpenPKG Security Advisory (zlib) OpenPKG (Tue Mar 12 2002 - 12:33:40 PST)
- zlibscan : script to find suid binaries possibly affected by zlib vulnerability hologram (Mon Mar 11 2002 - 18:36:35 PST)
- SunSolve CD cgi scripts... Fyodor (Sun Mar 10 2002 - 21:46:06 PST)
- Security Update: [CSSA-2002-SCO.9] OpenServer: IPFilter may incorrectly pass packets securityat_private (Mon Mar 11 2002 - 17:10:17 PST)
- Re: Alteon ACEdirector signature/security bug Mike Rogers (Tue Mar 12 2002 - 14:26:23 PST)
- Cgisecurity.com Paper #5: Fingerprinting Port 80 Attacks: A look into web server, and web application attack signatures: Part Two zeno (Mon Mar 11 2002 - 05:45:33 PST)
- 2nd Buffer Overflow in Talentsoft's Web+ (#NISR13032002) NGSSoftware Insight Security Research (Wed Mar 13 2002 - 05:00:41 PST)
- Command execution in phprojekt. b0iler _ (Wed Mar 13 2002 - 07:54:39 PST)
- [ARL02-A06] Black Tie Project System Information Path Disclosure Vulnerability Ahmet Sabri ALPER (Tue Mar 12 2002 - 09:26:52 PST)
- [RHSA-2002:042-12] Updated secureweb packages available bugzillaat_private (Wed Mar 13 2002 - 08:32:41 PST)
- Xerver Free Web Server 2.10 file Disclosure & DoS PATCH (update version) Alex Hernandez (Tue Mar 12 2002 - 21:55:42 PST)
- Many, many, many Sql Server 7 & 2000 Buffer Overflows c c (Tue Mar 12 2002 - 08:31:09 PST)
- MDKSA-2002:023 - packages containing zlib update Mandrake Linux Security Team (Tue Mar 12 2002 - 17:54:58 PST)
- Security Update: [CSSA-2002-SCO.11] Open UNIX, UnixWare: OpenSSH channel code vulnerability securityat_private (Tue Mar 12 2002 - 16:33:04 PST)
- Security Update: [CSSA-2002-004.1] REVISED: Linux: Various security problems in ucd-snmp Support Info (Wed Mar 13 2002 - 13:17:40 PST)
- [RHSA-2002:026-35] Vulnerability in zlib library bugzillaat_private (Mon Mar 11 2002 - 10:17:37 PST)
- Foundry Networks ServerIron don't decode URIs Jedi/Sector One (Wed Mar 13 2002 - 10:48:51 PST)
- MDKSA-2002:023-1 - packages containing zlib update Mandrake Linux Security Team (Wed Mar 13 2002 - 16:53:24 PST)
- MDKSA-2002:024 - rsync update Mandrake Linux Security Team (Wed Mar 13 2002 - 16:54:25 PST)
- [CLA-2002:469] Conectiva Linux Security Announcement - zlib secureat_private (Thu Mar 14 2002 - 12:27:10 PST)
- Fwd: DebPloit (exploit) Mike Tone (Thu Mar 14 2002 - 15:43:31 PST)
- about zlib vulnerability tele (Wed Mar 13 2002 - 15:46:02 PST)
- ZLib double free bug: Windows NT potentially unaffected KJK::Hyperion (Thu Mar 14 2002 - 09:52:13 PST)
- Account Lockout Vulnerability in Oblix NetPoint v5.2 Bill Canning (Thu Mar 14 2002 - 00:21:02 PST)
- [CSS] Cross Site Scripting in the translation and infoplease services of lycos.com possible tsr@it-checkpoint.net (Thu Mar 14 2002 - 06:15:29 PST)
- RE: [Whitehat] about zlib vulnerability Peter Mueller (Thu Mar 14 2002 - 18:47:50 PST)
- Bug in QPopper (All Versions?) Dustin Childers (Thu Mar 14 2002 - 17:51:10 PST)
- [RHSA-2002:032-12] Updated cups packages are available bugzillaat_private (Fri Mar 15 2002 - 04:38:46 PST)
- MSIE vulnerability exploitable with IncrediMail Eric Detoisien (Fri Mar 15 2002 - 09:33:21 PST)
- Buffer Overflow in Geck/Netscape 5.0/6.0? Jonathan A. Zdziarski (Sat Mar 16 2002 - 12:18:33 PST)
- PHP-Nuke & Post-Nuke account hijacking. Handle Nopman (Sun Mar 17 2002 - 07:56:57 PST)
- PHP Net Toolpack: input validation error ppp-design (Mon Mar 18 2002 - 00:42:38 PST)
- [Mozilla Bug #131761] Buffer Overflow in Geck/Netscape 5.0/6.0? Jonathan A. Zdziarski (Mon Mar 18 2002 - 09:45:46 PST)
- TSLSA-2002-0040 - zlib Trustix Secure Linux Advisor (Mon Mar 18 2002 - 10:23:26 PST)
- [ARL02-A07] ARSC Really Simple Chat System Information Path Disclosure Vulnerability Ahmet Sabri ALPER (Sat Mar 16 2002 - 15:24:45 PST)
- KPMG-2002005: BitVise WinSSH Denial of Service Peter Gründl (Mon Mar 18 2002 - 01:39:07 PST)
- [ARL02-A10] News-TNK Cross Site Scripting Vulnerability Ahmet Sabri ALPER (Sat Mar 16 2002 - 17:01:36 PST)
- [ARL02-A08] BG Guestbook Cross Site Scripting Vulnerability Ahmet Sabri ALPER (Sat Mar 16 2002 - 15:10:03 PST)
- [ARL02-A09] Board-TNK Cross Site Scripting Vulnerability Ahmet Sabri ALPER (Sat Mar 16 2002 - 15:10:13 PST)
- FreeBSD Ports Security Advisory FreeBSD-SA-02:18.zlib FreeBSD Security Advisories (Mon Mar 18 2002 - 07:00:00 PST)
- TCP Connections to a Broadcast Address on BSD-Based Systems Crist J. Clark (Sat Mar 16 2002 - 17:30:53 PST)
- [ARL02-A11] Big Sam (Built-In Guestbook Stand-Alone Module) Multiple Vulnerabilities Ahmet Sabri ALPER (Mon Mar 18 2002 - 15:31:23 PST)
- Identifying Kernel 2.4.x based Linux machines using UDP Ofir Arkin (Tue Mar 19 2002 - 03:12:36 PST)
- Excite Email Disclosure Vulnerability Jan Schaumann (Mon Mar 18 2002 - 15:01:36 PST)
- Potential vulnerabilities of the Microsoft RVP-based Instant Messaging Dimitrios Petropoulos (Tue Mar 19 2002 - 05:32:50 PST)
- More SWF vulnerabilities? Drew Daniels (Tue Mar 19 2002 - 14:29:43 PST)
- Javascript loop causes IE to crash Patrik Birgersson (Mon Mar 18 2002 - 10:36:46 PST)
- move_uploaded_file breaks safe_mode restrictions in PHP Tozz (Sun Mar 17 2002 - 14:23:34 PST)
- LilHTTP Web Server Protected File Access Vulnerability (Solution) Tamer Sahin (Wed Mar 20 2002 - 01:10:30 PST)
- Bypassing libsafe format string protection Wojciech Purczynski (Wed Mar 20 2002 - 02:35:04 PST)
- Citrix contacts Eric Budke (Wed Mar 20 2002 - 14:07:43 PST)
- Default SNMP configuration issue with Foundry Networks EdgeIron 4802F advisoryat_private (Wed Mar 20 2002 - 13:58:10 PST)
- Local privalege escalation issues with Webmin 0.92 advisoryat_private (Wed Mar 20 2002 - 14:01:21 PST)
- NMRC Advisory - KeyManager Issue in ISS RealSecure on Nokia Appliances hellNbak (Wed Mar 20 2002 - 15:04:55 PST)
- [Bug 131761] Buffer Overflow in Geck/Netscape 5.0/6.0? Jonathan A. Zdziarski (Tue Mar 19 2002 - 06:01:25 PST)
- RE: Hosting Directory Traversal madness... Phuong Nguyen (Tue Mar 19 2002 - 06:52:50 PST)
- Security Update: [CSSA-2002-SCO.12] Open UNIX, UnixWare 7: rpc.cmsd can be remotely exploited securityat_private (Wed Mar 20 2002 - 15:12:33 PST)
- CSS in ikonboard 3.0.1,3.0.2,3.0.3 Max Speed (Tue Mar 19 2002 - 21:14:27 PST)
- [img]-vulnerability in vBulletin Version 2.2.2 & 2.2.1 & maybe olders Cano2 (Wed Mar 20 2002 - 10:29:30 PST)
- Re: NMRC Advisory - KeyManager Issue in ISS RealSecure hellNbak (Thu Mar 21 2002 - 02:19:10 PST)
- RE: NMRC Advisory - KeyManager Issue in ISS RealSecure on Nokia A ppliances Rouland, Chris (ISSAtlanta) (Thu Mar 21 2002 - 07:18:45 PST)
- PHP script: Penguin Traceroute, Remote Command Execution paul jenkins (Thu Mar 21 2002 - 06:16:21 PST)
- Questionable security policies in Outlook 2002 Richard M. Smith (Wed Mar 20 2002 - 15:11:33 PST)
- RE: [VulnWatch] NMRC Advisory - KeyManager Issue in ISS RealSecur e on Nokia Appliances hellNbak (Thu Mar 21 2002 - 10:00:19 PST)
- MDKSA-2002:025 - fix for insecure default kdm configuration Mandrake Linux Security Team (Wed Mar 20 2002 - 19:47:13 PST)
- RE: [VulnWatch] NMRC Advisory - KeyManager Issue in ISS RealSecur e on Nokia Appliances Rouland, Chris (ISSAtlanta) (Thu Mar 21 2002 - 10:32:21 PST)
- [RHSA-2002:048-06] New imlib packages available bugzillaat_private (Thu Mar 21 2002 - 09:10:46 PST)
- How Outlook 2002 can still execute JavaScript in an HTML email message Richard M. Smith (Thu Mar 21 2002 - 11:47:56 PST)
- Automatically opening IE + Executing attachments GreyMagic Software (Fri Mar 22 2002 - 04:09:24 PST)
- Xpede passwords exposed (2 vuln.) Gregory Duchemin (Fri Mar 22 2002 - 05:04:31 PST)
- [RHSA-2002:035-18] Updated PHP packages are available [updated 2002-Mar-11] bugzillaat_private (Fri Mar 22 2002 - 08:23:52 PST)
- [RHSA-2002:026-43] Vulnerability in zlib library bugzillaat_private (Fri Mar 22 2002 - 08:28:20 PST)
- Gravity Storm Service Pack Manager 2000 Share Vulnerability 'ken'@FTU (Wed Mar 20 2002 - 18:32:28 PST)
- Webtraversal in PCI Netsupport Manager (all version up to 7 using web extensions) watcher60at_private (Thu Mar 21 2002 - 16:40:06 PST)
- RE: NMRC Advisory: RealSecure KeyManager Issue - Further Explanation hellNbak (Fri Mar 22 2002 - 14:55:49 PST)
- memberlist.php of vBulletin platoat_private (Thu Mar 21 2002 - 16:26:36 PST)
- PostNuke Bugged Scott (Fri Mar 22 2002 - 10:31:12 PST)
- EUDORA Re: Automatically opening + Executing attachments http-equivat_private (Fri Mar 22 2002 - 15:00:22 PST)
- UniNet InfoSec Conference Seth Arnold (Thu Mar 21 2002 - 18:31:31 PST)
- dcshop.cgi anybody can delete *.setup for database pokleyzz sakamaniaka (Mon Mar 25 2002 - 01:10:52 PST)
- WebSight Directory System: cross-site-scripting bug ppp-design (Mon Mar 25 2002 - 09:13:37 PST)
- Apache 1.3.24 Released! (fwd) Jonas Eriksson (Mon Mar 25 2002 - 04:20:23 PST)
- re: Tomcat Security Exposure Adam Manock (Mon Mar 25 2002 - 04:28:54 PST)
- Cross-site scripting. Berend-Jan Wever (Sat Mar 23 2002 - 12:38:30 PST)
- New Bill attempts to regulate hardware, software development Jon O. (Fri Mar 22 2002 - 14:24:48 PST)
- [IMG] tag vulnerability in vBulletin frog frog (Fri Mar 22 2002 - 14:56:43 PST)
- secureinc.com Vulnerability Jason Giglio (Sat Mar 23 2002 - 11:50:59 PST)
- Instant Web Mail additional POP3 commands and mail headers Ulf Harnhammar (Sat Mar 23 2002 - 14:30:01 PST)
- updated squid advisory Adrian Chadd (Tue Mar 26 2002 - 08:02:40 PST)
- Security contact for Network Associates? Anton Rager (Tue Mar 26 2002 - 07:46:29 PST)
- Etnus TotalView 5. Andrew Griffiths (Tue Mar 26 2002 - 02:49:06 PST)
- FreeBSD Ports Security Advisory FreeBSD-SA-02:19.squid FreeBSD Security Advisories (Tue Mar 26 2002 - 11:36:37 PST)
- d_path() truncating excessive long path name vulnerability Wojciech Purczynski (Tue Mar 26 2002 - 05:40:20 PST)
- CGIscript.net - csSearch.cgi - Remote Code Execution (up to 17,000 sites vulnerable) Steve Gustin (Mon Mar 25 2002 - 14:47:23 PST)
- Re: [RHEA-2002:024-23] Updated rpm packages available helmut g. katzgraber (Tue Mar 26 2002 - 14:27:55 PST)
- SouthWest Telnet talker server. DoS (Denial of Service Attack). Alex Hernandez (Mon Mar 25 2002 - 17:59:20 PST)
- DoS in debian (potato) proftpd Joe Dollard (Mon Mar 25 2002 - 12:14:31 PST)
- JS embedding @ www.reed.co.uk elaborate ruse (Tue Mar 26 2002 - 15:15:34 PST)
- Retrieving information on local files in IE (GM#003-IE) GreyMagic Software (Tue Mar 26 2002 - 16:21:56 PST)
- Xchat /dns command execution vulnerability SpaceWalker (Wed Mar 27 2002 - 10:20:48 PST)
- Cisco Security Advisory: LDAP Connection Leak in CTI when User Authentication Fails Cisco Systems Product Security Incident Response Team (Wed Mar 27 2002 - 09:00:00 PST)
- NFuse Cross Site Scripting vulnerability Eric Detoisien (Wed Mar 27 2002 - 03:44:43 PST)
- RCA cable modem Deny of Service Gabriel A. Maggiotti (Tue Mar 26 2002 - 17:27:00 PST)
- [Advisory] phpBB 1.4.4 still suffers from Cross Site Scripting Vulnerability Florian Hobelsberger / BlueScreen (Tue Mar 26 2002 - 16:08:34 PST)
- Citrix Nfuse directory traversal with boilerplate.asp Eric Budke (Wed Mar 27 2002 - 13:26:36 PST)
- postnuke v 0.7.0.3 remote command execution pokleyzz sakamaniaka (Wed Mar 27 2002 - 17:03:21 PST)
- Re: 1024-bit RSA keys in danger of compromise Florian Weimer (Thu Mar 28 2002 - 01:18:50 PST)
- vuln in wwwisis: remote command execution and get files Klaus Ripke (Thu Mar 28 2002 - 08:26:57 PST)
- JS embedding @ yahoo.com Alan McCaig (Thu Mar 28 2002 - 03:48:25 PST)
- squirrelmail 1.2.5 email user can execute command pokleyzz sakamaniaka (Wed Mar 27 2002 - 17:16:23 PST)
- Oracle9i TSN DoS Attack Andrey Gordienko (Thu Mar 28 2002 - 02:54:07 PST)
- A possible buffer overflow in libnewt Wu Tao (Wed Mar 27 2002 - 22:24:22 PST)
- Authentication with RSA SecurID and Outlook web access Scalise, Marzio (Thu Mar 28 2002 - 01:58:58 PST)
- Team Asylum: Online renewal sites susceptible to spammer "harvesting" Mailer (Wed Mar 27 2002 - 20:11:20 PST)
- Local Security Vulnerability in Windows NT and Windows 2000 Ashot Oganesyan K. (Wed Mar 27 2002 - 02:01:58 PST)
- privacy issues in metor.com (a search engine) Tom Micklovitch (Wed Mar 27 2002 - 01:57:05 PST)
- [CLA-2002:470] Conectiva Linux Security Announcement - imlib secureat_private (Thu Mar 28 2002 - 10:03:20 PST)
- Anonymizer, MSIE, images ... Alexander K. Yezhov (Thu Mar 28 2002 - 16:43:14 PST)
- Security Update: [CSSA-2002-007.0] Linux: Updated Caldera Public Keys securityat_private (Thu Mar 28 2002 - 17:18:24 PST)
- Security Update: [CSSA-2002-012.0] Linux: OpenSSH channel code vulnerability securityat_private (Fri Mar 29 2002 - 11:56:23 PST)
- Security Update: [CSSA-2002-008.0] Linux: CUPS buffer overflow when reading names of attributes securityat_private (Fri Mar 29 2002 - 10:49:04 PST)
- Security Update: [CSSA-2002-009.0] Linux: X server allows access to any shared memory on the system securityat_private (Fri Mar 29 2002 - 11:35:56 PST)
- More Office XP problems Georgi Guninski (Sun Mar 31 2002 - 04:31:57 PST)
- Security Update: [CSSA-2002-010.0] Linux: ftp vulnerability in squid securityat_private (Fri Mar 29 2002 - 11:41:05 PST)
- Security Update: [CSSA-2002-011.0] Linux: mod_ssl Buffer Overflow Condition securityat_private (Fri Mar 29 2002 - 11:46:10 PST)
- Security Update: [CSSA-2002-013.0] Linux: Name Service Cache Daemon (nscd) advisory securityat_private (Fri Mar 29 2002 - 12:29:45 PST)
- Announcing Immunix SnackGuard Crispin Cowan (Sun Mar 31 2002 - 15:19:11 PST)
- Fun With MSN Chat Part I (Cross Scripting) John Heasman (Fri Mar 29 2002 - 09:06:49 PST)
- UPDATED: Cisco Security Advisory: LDAP Connection Leak in CTI when User Authentication Fails Cisco Systems Product Security Incident Response Team (Fri Mar 29 2002 - 14:00:00 PST)
- packet filter fingerprinting(open but closed, closed but filtered) Meder Kydyraliev (Sun Mar 31 2002 - 04:40:35 PST)
- Security Update: [CSSA-2002-005.0] Linux - LD_LIBRARY_PATH problem in KDE sessions securityat_private (Fri Mar 29 2002 - 15:21:17 PST)
- popper_mod 1.2.1 and previous accounts compromise matthewat_private (Sat Mar 30 2002 - 05:50:19 PST)
- Outlook Express Attach Execution Exploit (img tag + innerHTML + TIF dos name) Elia Florio (Fri Mar 29 2002 - 00:42:38 PST)
- Re: IRIX FTP Bounce vulnerability Christophe Casalegno (Fri Mar 29 2002 - 15:24:11 PST)
- IE: Remote webpage can script in local zone Andreas Sandblad (Sat Mar 30 2002 - 07:34:50 PST)
- Re: KPMG-2002006: Lotus Domino Physical Path Revealed Nicolas Gregoire (Sun Mar 03 2002 - 04:01:01 PST)
- Vulnerability in my guest book Over_G (Wed Mar 27 2002 - 07:07:27 PST)
Last message date: Thu Mar 27 2003 - 09:10:55 PST
Archived on: Thu Mar 27 2003 - 09:10:58 PST
370 messages sorted by:
[ author ]
[ date ]
[ subject ]
Other mail archives
This archive was generated by hypermail 2b30
: Thu Mar 27 2003 - 09:10:58 PST