bugtraq 2002/04
By Thread
Most recent messages
385 messages sorted by:
[ author ]
[ date ]
[ subject ]
Other mail archives
Starting: Mon Apr 01 2002 - 13:08:22 PST
Ending: Thu Apr 10 2003 - 15:48:51 PDT
- Bypassing javascript filters - problem N3. Alexander K. Yezhov (Mon Apr 01 2002 - 11:37:49 PST)
- Zope security address Rossen Raykov (Mon Apr 01 2002 - 13:44:56 PST)
- Fw: Multiple Vulnerabilties in Sambar Server NGSSoftware Insight Security Research Advisory (NISR) (Mon Apr 01 2002 - 12:26:13 PST)
- iXsecurity.20020313.nw6remotemanager.a Patrik Karlsson (Tue Apr 02 2002 - 00:19:28 PST)
- NSFOCUS SA2002-01: Sun Solaris Xsun "-co" heap overflow Nsfocus Security Team (Mon Apr 01 2002 - 23:34:51 PST)
- KPMG-2002006: Lotus Domino Physical Path Revealed Peter Gründl (Tue Apr 02 2002 - 06:18:06 PST)
- Various Vulnerabilities in ZoneAlarm MailSafe Edvice Security Services (Tue Apr 02 2002 - 00:33:13 PST)
- Windows 2000 DCOM clients may leak sensitive information onto the network Todd Sabin (Tue Apr 02 2002 - 13:15:53 PST)
- Reading portions of local files in IE, depending on structure (GM#004-IE) GreyMagic Software (Tue Apr 02 2002 - 13:37:05 PST)
- Re: A buffer overflow study - generic protections Crispin Cowan (Tue Apr 02 2002 - 14:02:15 PST)
- Firewall-1 Identification : port 257 (ie archive : 18701) Sacha Faust (Tue Apr 02 2002 - 09:55:56 PST)
- MS 3/28/02 Security Patch for IE6 - warning! Phil Dibowitz (Tue Apr 02 2002 - 10:43:59 PST)
- Taxonomies Marco de Vivo [UCV] (Mon Apr 01 2002 - 16:57:29 PST)
- Re: Multiple Vulnerabilties Sambar Webserver Tamer Sahin (Tue Apr 02 2002 - 17:03:41 PST)
- RE: [VulnWatch] vuln in wwwisis: remote command execution and get files Jorge Walters (Tue Apr 02 2002 - 15:08:08 PST)
- icecast 1.3.11 remote shell/root exploit - #temp dizznuttat_private (Mon Apr 01 2002 - 23:51:55 PST)
- Huge Privacy Threats in Webmails and How Big Companies Handle them FozZy (Mon Apr 01 2002 - 10:41:17 PST)
- SASL (v1/v2) MYSQL/LDAP authentication patch. Simon Loader (Tue Apr 02 2002 - 02:06:27 PST)
- VNC Security Bulletin - zlib double free issue (multiple vendors and versions) Andrew van der Stock (Tue Apr 02 2002 - 17:17:36 PST)
- Re: packet filter fingerprinting(open but closed, closed but filtered) Jonas Eriksson (Tue Apr 02 2002 - 16:50:46 PST)
- Winamp: Mp3 file can control the minibrowser Andreas Sandblad (Wed Apr 03 2002 - 03:23:17 PST)
- Cisco Security Advisory: Web interface vulnerabilities in ACS for Windows Cisco Systems Product Security Incident Response Team (Wed Apr 03 2002 - 08:30:36 PST)
- [CLA-2002:471] Conectiva Linux Security Announcement - cups secureat_private (Wed Apr 03 2002 - 05:58:45 PST)
- iXsecurity.20020316.csadmin_dir.a Patrik Karlsson (Wed Apr 03 2002 - 07:58:47 PST)
- Icecast temp patch (OR: Patches? We DO need stinkin' patches!!@$!) Neeko Oni (Wed Apr 03 2002 - 12:42:03 PST)
- SQL injection in PHPGroupware Matthias Jordan (Wed Apr 03 2002 - 06:08:36 PST)
- Cisco Security Advisory: Vulnerability in zlib library Cisco Systems Product Security Incident Response Team (Wed Apr 03 2002 - 08:47:49 PST)
- Multiple Vendor "talkd" user validation fault. Tekno pHReak (Wed Apr 03 2002 - 08:43:46 PST)
- LogWatch 2.5 still vulnerable Spybreak (Wed Apr 03 2002 - 08:12:43 PST)
- iXsecurity.20020314.csadmin_fmt.a Patrik Karlsson (Wed Apr 03 2002 - 07:58:28 PST)
- ISS Advisory: Remote Buffer Overflow Vulnerability in IRIX SNMP Daemon X-Force (Wed Apr 03 2002 - 13:01:08 PST)
- RE: More Office XP problems Ben Schorr (Wed Apr 03 2002 - 10:30:39 PST)
- More Office XP problems (Version 2.0) Georgi Guninski (Wed Apr 03 2002 - 07:02:41 PST)
- Quik-Serv Web Server v1.1B Arbitrary File Disclosure a b (Wed Apr 03 2002 - 13:20:44 PST)
- Dynamic Guestbook V3.0 Cross Site Scripting and Arbitrary Command Execution under certain circumstances Florian Hobelsberger / BlueScreen (Wed Apr 03 2002 - 00:57:34 PST)
- SECURITY.NNO: FTGate PRO/Office hotfixes 3APA3A (Wed Apr 03 2002 - 08:18:26 PST)
- RFC: suggestions for SSL security enhancements in Microsoft Internet Explorer dhaltermat_private (Tue Apr 02 2002 - 08:57:59 PST)
- Re: DoS in debian (potato) proftpd: 1.2.0pre10-2.0potato1 Alun Jones (Wed Apr 03 2002 - 18:45:00 PST)
- Security Update: [CSSA-2002-014.0] Linux: rsync supplementary groups vulnerability securityat_private (Wed Apr 03 2002 - 16:10:50 PST)
- Full analysis of multiple remotely exploitable bugs in Icecast 1.3.11 dizznuttat_private (Thu Apr 04 2002 - 05:51:51 PST)
- NSFOCUS SA2002-02 : Microsoft Windows MUP overlong request kernel overflow Nsfocus Security Team (Thu Apr 04 2002 - 00:55:46 PST)
- Exploit for Tarantella Enterprise 3 installation (BID 3966) Larry W. Cashdollar (Wed Apr 03 2002 - 20:19:48 PST)
- [RHSA-2002:053-12] Race conditions in logwatch bugzillaat_private (Thu Apr 04 2002 - 14:32:20 PST)
- Security Update: [CSSA-2002-015.0] Linux: Double free in zlib (libz) vulnerability securityat_private (Thu Apr 04 2002 - 16:38:11 PST)
- [RHSA-2002:054-09] Race conditions in logwatch bugzillaat_private (Thu Apr 04 2002 - 14:34:18 PST)
- CA security contact Nicolas Gregoire (Fri Apr 05 2002 - 05:17:23 PST)
- Re: emumail.cgi Tom Micklovitch (Fri Apr 05 2002 - 00:55:31 PST)
- RE: Multiple Vendor "talkd" user validation fault 0x90 (Fri Apr 05 2002 - 16:30:16 PST)
- IMP 2.2.8 (SECURITY) released Brent J. Nordquist (Sat Apr 06 2002 - 07:02:48 PST)
- NetWare Remote Manager patches Patrik Karlsson (Sat Apr 06 2002 - 13:25:52 PST)
- Anthill login and JavaScript vulnerabilities Ulf Harnhammar (Sat Apr 06 2002 - 09:16:17 PST)
- Typsoft FTP Server: yet another directory traversal vulnerability Kistler Ueli (Sun Apr 07 2002 - 03:26:54 PDT)
- Scripting for the scriptless with OWC in IE (GM#005-IE) GreyMagic Software (Mon Apr 08 2002 - 08:18:11 PDT)
- Controlling the clipboard with OWC in IE (GM#007-IE) GreyMagic Software (Mon Apr 08 2002 - 08:21:16 PDT)
- Reading local files with OWC in IE (GM#006-IE) GreyMagic Software (Mon Apr 08 2002 - 08:19:14 PDT)
- multiple CGIscript.net scripts - Remote Code Execution Steve Gustin (Mon Apr 08 2002 - 10:39:53 PDT)
- Multiple local files detection issues with OWC in IE (GM#008-IE) GreyMagic Software (Mon Apr 08 2002 - 08:22:34 PDT)
- Unauthorized remote control access to systems running Funk Softwa re's Proxy v3.x Coffin, Chris (Mon Apr 08 2002 - 06:36:18 PDT)
- regarding SSL issues 0x90 (Sun Apr 07 2002 - 21:36:48 PDT)
- Security Update: [CSSA-2002-SCO.14] Open UNIX 8.0.0 UnixWare 7.1.1 : X server allows access to any shared memory on the system securityat_private (Mon Apr 08 2002 - 17:47:13 PDT)
- Cisco Security Advisory: Aironet Telnet Vulnerability Cisco Systems Product Security Incident Response Team (Tue Apr 09 2002 - 10:00:00 PDT)
- Vulnerability: Windows2000Server running Terminalservices Tom.Ungerat_private (Mon Apr 08 2002 - 15:16:04 PDT)
- IE Word ActiveX DoS Loop eflorioat_private (Mon Apr 08 2002 - 12:40:17 PDT)
- [RHSA-2001:089-08] Updated tcpdump packages available for Red Hat Linux 6.2 and 7.x bugzillaat_private (Tue Apr 09 2002 - 11:33:35 PDT)
- Abyss Webserver 1.0 Administration password file retrieval exploit Jeremy Roberts (Tue Apr 09 2002 - 13:20:33 PDT)
- MS02-018 Dave Ahmad (Wed Apr 10 2002 - 08:42:37 PDT)
- Cisco Security Advisory: Solaris /bin/log vulnerability Cisco Systems Product Security Incident Response Team (Wed Apr 10 2002 - 08:12:47 PDT)
- @stake advisory: .htr heap overflow in IIS 4.0 and 5.0 advisoriesat_private (Wed Apr 10 2002 - 07:06:23 PDT)
- Cgisecurity Advisory #9: Novell Websearch, and Microsoft IIS XSS Issues zeno (Wed Apr 10 2002 - 07:08:04 PDT)
- Windows 2000 and NT4 IIS .ASP Remote Buffer Overflow Marc Maiffret (Wed Apr 10 2002 - 09:35:14 PDT)
- Re: emumail.cgi, one more local vulnerability (not verified) Leif Jakob (Wed Apr 10 2002 - 08:58:52 PDT)
- IIS allows universal CrossSiteScripting Thor Larholm (Wed Apr 10 2002 - 10:44:59 PDT)
- SPIKE version released that detects .HTR and ISAPI overflows (see spike.sourceforge.net) Dave Aitel (Wed Apr 10 2002 - 08:24:18 PDT)
- KPMG-2002008: Watchguard SOHO IP Restrictions Flaw Peter Gründl (Wed Apr 10 2002 - 04:54:11 PDT)
- KPMG-2002009: Microsoft IIS W3SVC Denial of Service Peter Gründl (Thu Apr 11 2002 - 02:30:54 PDT)
- KPMG-2002010: Microsoft IIS .htr ISAPI buffer overrun Peter Gründl (Thu Apr 11 2002 - 03:09:26 PDT)
- SOAP::Lite hole quentynat_private (Thu Apr 11 2002 - 08:00:17 PDT)
- iXsecurity.20020327.tivoli_tsm_dsmcad.a Patrik Karlsson (Thu Apr 11 2002 - 09:48:53 PDT)
- [SNS Advisory No.49] A Possibility of Internet Information Server/Services Cross Site Scripting snsadvat_private (Thu Apr 11 2002 - 02:33:54 PDT)
- local root compromise in openbsd 3.0 and below Przemyslaw Frasunek (Thu Apr 11 2002 - 04:29:28 PDT)
- OpenBSD Local Root Compromise Milos Urbanek (Thu Apr 11 2002 - 10:01:17 PDT)
- iXsecurity.20020328.tivoli_tsm_dsmsvc.a Patrik Karlsson (Thu Apr 11 2002 - 15:05:20 PDT)
- IBM Informix Web DataBlade: SQL injection Simon Lodal (Thu Apr 11 2002 - 08:00:05 PDT)
- IBM Informix Web DataBlade: Auto-decoding HTML entities Simon Lodal (Thu Apr 11 2002 - 08:00:11 PDT)
- Security Update: [CSSA-2002-SCO.15] Open UNIX 8.0.0 UnixWare 7.1.1 : Buffer overflow in libX11 with -xrm securityat_private (Thu Apr 11 2002 - 14:58:44 PDT)
- Inn (Inter Net News) security problems Paul Starzetz (Thu Apr 11 2002 - 11:22:01 PDT)
- Re: (SRADV00006) Remote command execution vulnerabilities in phpGroupWare Dan Kuykendall (Thu Apr 11 2002 - 00:41:10 PDT)
- MDKSA-2002:026 - libsafe update Mandrake Linux Security Team (Thu Apr 11 2002 - 20:23:55 PDT)
- OpenBSD 3.0: Bug in rshd(8) and rexecd(8) (fwd) Jonas Eriksson (Fri Apr 12 2002 - 00:34:45 PDT)
- SWS Vuln (small but important to those using it.) BrainRawt . (Thu Apr 11 2002 - 19:07:54 PDT)
- Vulnerability in HP Photosmart/Deskjet Drivers for Mac OS X (root compromise) Dr Andreas F Muller (Sun Apr 14 2002 - 16:39:14 PDT)
- Remote buffer overflow in Webalizer Spybreak (Mon Apr 15 2002 - 04:15:47 PDT)
- Security Update: [CSSA-2002-SCO.16] UnixWare 7.1.1 : Multiple Vulnerabilities in BIND securityat_private (Fri Apr 12 2002 - 16:46:08 PDT)
- Ability to read buddy list of AIM users sunny licious (Mon Apr 15 2002 - 08:30:23 PDT)
- SunSop: cross-site-scripting bug ppp-design (Sat Apr 13 2002 - 02:19:01 PDT)
- Using the backbutton in IE is dangerous Andreas Sandblad (Sun Apr 14 2002 - 13:06:25 PDT)
- Vulnerabilities in the Melange Chat Server Leon Harris (Sun Apr 14 2002 - 08:47:16 PDT)
- Nortel CVX 1800s will dump all local user names and passwords via SNMP Michael Rawls (Fri Apr 12 2002 - 17:04:20 PDT)
- Several x-dev.de Guestbook and xNewsletter Vulnerabilities ( www.x-dev.de ) Florian Hobelsberger / BlueScreen (Sun Apr 14 2002 - 14:40:06 PDT)
- Possible vulnerabilities of ICQ files opened in IE or OE silentsupporterat_private (Sun Apr 14 2002 - 06:25:07 PDT)
- wbboard 1.1.1 Cross Site Scripting Vulnerability SeazoN (Sat Apr 13 2002 - 07:48:55 PDT)
- buffer overflow, using greek characters, AGAIN! MegaHz (Tue Apr 16 2002 - 22:40:16 PDT)
- Raptor Firewall FTP Bounce vulnerability Roy Hills (Mon Apr 15 2002 - 07:11:58 PDT)
- About: Using the backbutton in IE is dangerous Andreas Sandblad (Mon Apr 15 2002 - 10:54:36 PDT)
- Demarc PureSecure 1.05 may be other (user can bypass login) pokleyzz sakamaniaka (Mon Apr 15 2002 - 00:32:18 PDT)
- A crash course with Linux Kernel 2.4.x, IP ID values & RFC 791 Ofir Arkin (Sat Apr 13 2002 - 13:30:20 PDT)
- w00w00 on Microsoft IE/Office for Mac OS Matt Conover (Mon Apr 15 2002 - 23:52:02 PDT)
- Cisco Security Advisory: Microsoft IIS Vulnerabilities in Cisco Products - MS02-018 Cisco Systems Product Security Incident Response Team (Mon Apr 15 2002 - 15:00:00 PDT)
- Re: IRIX XFS filesystem denial of service attack H D Moore (Mon Apr 15 2002 - 16:32:38 PDT)
- Norton Personal Firewall 2002 vulnerable to SYN/FIN scan Alfonso Fiore (Tue Apr 16 2002 - 11:31:09 PDT)
- ansi outer join syntax in Oracle allows access to any data Pete Finnigan (Tue Apr 16 2002 - 08:24:45 PDT)
- Security Update: [CSSA-2002-016.0] Linux: horde/imp cross scripting vulnerabilities securityat_private (Tue Apr 16 2002 - 14:21:29 PDT)
- FreeBSD Security Advisory FreeBSD-SA-02:20.syncache FreeBSD Security Advisories (Tue Apr 16 2002 - 14:03:49 PDT)
- MDKSA-2002:027 - squid update Mandrake Linux Security Team (Tue Apr 16 2002 - 15:10:50 PDT)
- Microsoft Security Bulletin MS02-019: Unchecked Buffer in Internet Explorer and Office for Mac Can Cause Code to Execute (Q321309) Microsoft (Tue Apr 16 2002 - 18:31:22 PDT)
- Microsoft FTP Service STAT Globbing DoS H D Moore (Tue Apr 16 2002 - 18:33:36 PDT)
- Melange Chat POC DOS dvdman (Mon Apr 15 2002 - 19:04:57 PDT)
- Demarc Security Update Advisory Demarc Security Support (Tue Apr 16 2002 - 17:15:26 PDT)
- IE allows universal Cross Site Scripting (TL#002) Thor Larholm (Tue Apr 16 2002 - 03:05:11 PDT)
- Multiple Vulnerabilities in PostBoard gcsb (Tue Apr 16 2002 - 16:25:53 PDT)
- [CERT-intexxia] AOLServer DB Proxy Daemon Format String Vulnerability Benoît Roussel (Tue Apr 16 2002 - 04:53:22 PDT)
- An alternative method to check LKM backdoor/rootkit Wang Jian (Tue Apr 16 2002 - 21:51:04 PDT)
- Microsoft IIS 5.0 CodeBrws.asp Source Disclosure H D Moore (Tue Apr 16 2002 - 20:01:19 PDT)
- Mailman/Pipermail private mailing list/local user vulnerability H. Peter Anvin (Tue Apr 16 2002 - 21:20:09 PDT)
- AIM's 'Direct Connection' feature could lead to arbitrary file creation Noah Johnson (Tue Apr 16 2002 - 00:45:35 PDT)
- [SNS Advisory No.51] Compaq Tru64 UNIX libc Buffer Overflow Vulnerability snsadvat_private (Tue Apr 16 2002 - 22:46:02 PDT)
- [SNS Advisory No.50] Compaq Tru64 UNIX dtprintinfo "-session" Buffer Overflow Vulnerability snsadvat_private (Tue Apr 16 2002 - 22:45:45 PDT)
- Webtrends Reporting Center Buffer Overflow (#NISR17042002C) NGSSoftware Insight Security Research (Tue Apr 16 2002 - 07:10:15 PDT)
- Back Office Web Administrator Authentication Bypass (#NISR17042002A) NGSSoftware Insight Security Research (Tue Apr 16 2002 - 07:08:47 PDT)
- Ammendum: A crash course with Linux Kernel 2.4.x, IP ID values & RFC 791 Ofir Arkin (Tue Apr 16 2002 - 23:35:38 PDT)
- Buffer Overrun in Talentsoft's Web+ (3) (#NISR17042002B) NGSSoftware Insight Security Research (Tue Apr 16 2002 - 07:09:04 PDT)
- KPMG-2002011: Windows 2000 microsoft-ds Denial of Service Peter Gründl (Wed Apr 17 2002 - 02:28:11 PDT)
- IBM Informix Web DataBlade: Local root by design Simon Lodal (Wed Apr 17 2002 - 12:34:55 PDT)
- segfault in ntop JP (Wed Apr 17 2002 - 10:13:04 PDT)
- KPMG-2002012: Sambar Webserver Serverside Fileparse Bypass Peter Gründl (Wed Apr 17 2002 - 04:26:27 PDT)
- IBM Security Advisory: IBM Tivoli Policy Director WebSEAL Michael S Soukup (Wed Apr 17 2002 - 12:30:28 PDT)
- RE: Snort exploits Grimes, Roger (Wed Apr 17 2002 - 15:07:17 PDT)
- [[ TH 026 Inc. ]] SA #1 - Multiple vulnerabilities in PVote 1.5 Daniel Nyström (Wed Apr 17 2002 - 18:03:02 PDT)
- FreeBSD Security Advisory FreeBSD-SA-02:21.tcpip FreeBSD Security Advisories (Wed Apr 17 2002 - 12:23:42 PDT)
- KPMG-2002013: Coldfusion Path Disclosure Peter Gründl (Thu Apr 18 2002 - 05:01:37 PDT)
- MDKSA-2002:024-1 - rsync update Mandrake Linux Security Team (Thu Apr 18 2002 - 09:47:03 PDT)
- KPMG-2002012: (Re-submitted) Sambar Webserver Serverside Fileparse Bypass Peter Gründl (Wed Apr 17 2002 - 23:54:52 PDT)
- FreeBSD Security Advisory FreeBSD-SA-02:18.zlib [REVISED] FreeBSD Security Advisories (Thu Apr 18 2002 - 11:25:21 PDT)
- Restricted Shells A.Dimitrov (Thu Apr 18 2002 - 14:12:23 PDT)
- Re: Microsoft Security Bulletin - MS02-020 Bronek Kozicki (Thu Apr 18 2002 - 01:35:37 PDT)
- HiverCon 2002 Mark Anderson (Thu Apr 18 2002 - 10:10:14 PDT)
- Microsoft Security Bulletin MS02-020:SQL Extended Procedure Functions Contain Unchecked Buffers (Q319507) Microsoft (Wed Apr 17 2002 - 18:04:06 PDT)
- Re: Snort exploits der Mouse (Thu Apr 18 2002 - 11:14:10 PDT)
- List of extended sprocs that are vulnerable? FW: Microsoft Security Bulletin MS02-020 Toni Lassila (Thu Apr 18 2002 - 02:50:53 PDT)
- Howto exploit a remote format bug automatically Frédéric Raynal (Thu Apr 18 2002 - 07:25:37 PDT)
- Amazon.com Password limit Vishal Ganeriwala (Wed Apr 17 2002 - 19:24:13 PDT)
- Remote Timing Techniques over TCP/IP Mauro Lacy (Thu Apr 18 2002 - 07:45:53 PDT)
- MHonArc v2.5.2 Script Filtering Bypass Vulnerability TAKAGI, Hiromitsu (Thu Apr 18 2002 - 14:53:54 PDT)
- [[ TH 026 Inc. ]] SA #2 - IcrediBB 1.1, Cross Site Scripting vulnerability. Daniel Nyström (Thu Apr 18 2002 - 23:48:24 PDT)
- KPMG-2002014: Foundstone Fscan Format String Bug Peter Gründl (Fri Apr 19 2002 - 02:16:08 PDT)
- KPMG-2002015: Microsoft Distributed Transaction Coordinator DoS Peter Gründl (Fri Apr 19 2002 - 03:44:44 PDT)
- Xpede many vulnerabilities Cerberus Vulgaris (Fri Apr 19 2002 - 08:46:23 PDT)
- Summercon 2002 CFP Summercon Admin (Fri Apr 19 2002 - 13:05:52 PDT)
- Tomcat 4.1 real path disclosure Wang Yun (Thu Apr 18 2002 - 18:49:42 PDT)
- Snitz Forums 2000 remote SQL query manipulation vulnerability acemi (Fri Apr 19 2002 - 14:06:46 PDT)
- OpenSSH 2.2.0 - 3.1.0 server contains a locally exploitable buffer overflow Marcell Fodor (Fri Apr 19 2002 - 15:42:51 PDT)
- Another Faq-O-Matic XSS Vuln? BrainRawt . (Fri Apr 19 2002 - 16:03:49 PDT)
- Vulnerability in PostCalendar gcsb (Sat Apr 20 2002 - 00:51:53 PDT)
- Re: fragroute vs. snort: the tempest in a teacup janat_private (Thu Apr 18 2002 - 19:20:20 PDT)
- Cross site scripting in almost every mayor website Berend-Jan Wever (Fri Apr 19 2002 - 10:28:06 PDT)
- DoS in Multiple IE Versions (Self-Referenced Directives) Matthew Murphy (Sat Apr 20 2002 - 08:48:43 PDT)
- DOS for Icq 2001&2002 Michael (Fri Apr 19 2002 - 05:17:15 PDT)
- Re: Bug in QPopper (All Versions?) Tim Jackson (Sat Apr 20 2002 - 06:18:42 PDT)
- FreeBSD Security Advisory FreeBSD-SA-02:23.stdio FreeBSD Security Advisories (Mon Apr 22 2002 - 11:01:35 PDT)
- STANFORD CONFERENCE ON VULNERABILITY DISCLOSURE: Early Reg to Close Soon! (fwd) Adam Shostack (Mon Apr 22 2002 - 08:15:53 PDT)
- Redux: NIDS, fragrouter, and off-topic sanity [WAS: Snort exploit] Greg Shipley (Mon Apr 22 2002 - 09:36:06 PDT)
- Slrnpull Buffer Overflow (-d parameter) Alex Hernandez (Mon Apr 22 2002 - 13:22:17 PDT)
- psyBNC 2.3 DoS / bug nawokat_private (Sun Apr 21 2002 - 22:18:29 PDT)
- Pine Internet Advisory: Setuid application execution may give local root in FreeBSD Patrick Oonk (Mon Apr 22 2002 - 01:58:25 PDT)
- AIM Remote File Transfer/Direct Connection Vulnerability Sil (Sat Apr 20 2002 - 17:18:57 PDT)
- Philip Chinery's Guestbook 1.1 fails to filter out js/html Markus Arndt (Sun Apr 21 2002 - 02:03:07 PDT)
- Matu FTP remote buffer overflow vulnerability Kanatoko (Mon Apr 22 2002 - 02:45:46 PDT)
- Tomcat real path disclosure (2) CHINANSL Security Team (Mon Apr 22 2002 - 00:06:50 PDT)
- arp problem Bart³omiej (Sun Apr 21 2002 - 05:45:15 PDT)
- vqServer Demo Files Cross-Site Scripting Matthew Murphy (Sun Apr 21 2002 - 08:16:54 PDT)
- Lil' HTTP Server Directory Traversal Vulnerability Matthew Murphy (Sun Apr 21 2002 - 08:00:32 PDT)
- PHP problem veins (Mon Apr 22 2002 - 10:13:54 PDT)
- Cross Site Scripting. Many Sites Vulnerable. InterWN Labs (Sat Apr 20 2002 - 21:07:05 PDT)
- [ESA-20020423-009] webalizer contains a potentially exploitable buffer overflow EnGarde Secure Linux (Tue Apr 23 2002 - 10:07:29 PDT)
- Re: psyBNC 2.3 DoS / Bug psychoidat_private (Mon Apr 22 2002 - 15:15:13 PDT)
- LabVIEW Web Server DoS Vulnerability Steve Zins (Mon Apr 22 2002 - 22:51:39 PDT)
- PsyBNC Remote Dos POC dvdman (Mon Apr 22 2002 - 20:29:05 PDT)
- ANNOUNCE: RATS 1.4 RATS Announce (Tue Apr 23 2002 - 11:57:16 PDT)
- CGIscript.net - csMailto.cgi - Remote Command Execution Steve Gustin (Tue Apr 23 2002 - 13:02:17 PDT)
- Denial of Service in Mosix 1.5.x enrico@wizards-of-source.org (Tue Apr 23 2002 - 14:11:54 PDT)
- More Cross site Scripting in PHPNuke Replugge [ROD] (Tue Apr 23 2002 - 00:50:48 PDT)
- IE DoS and possibly exploitable stack overflow Berend-Jan Wever (Wed Apr 24 2002 - 07:54:49 PDT)
- De-anonymizer Berend-Jan Wever (Tue Apr 23 2002 - 03:26:12 PDT)
- CORE-20020409: Multiple vulnerabilities in stack smashing protection technologies Iván Arce (Tue Apr 23 2002 - 15:44:51 PDT)
- Re: Ikonboard 2.1.9 (possible other versions) Vulnerability when HTML is ON Stefan Walk (Wed Apr 24 2002 - 14:26:29 PDT)
- A bug in the Kerberos4 ftp client may cause heap overflow which leads to remote code execution Marcell Fodor (Wed Apr 24 2002 - 13:13:23 PDT)
- Re: (Fwd) Keyservers Cross Site Scripting (When CSS Gets Dangerous) Michael Young (Mon Apr 22 2002 - 10:45:50 PDT)
- Trendmicro - Interscan - List of BCC: is revealed when stripping attachments and notifying destination addresses Ishay Sommer (Wed Apr 24 2002 - 01:49:08 PDT)
- PHProjekt multiple vulnerabilities Ulf Harnhammar (Wed Apr 24 2002 - 16:57:55 PDT)
- apache + .htpasswd - bypass pwd check Hallberg Tom (Thu Apr 25 2002 - 00:45:00 PDT)
- [Global InterSec 2002041701] Sudo Password Prompt Vulnerability. Global InterSec Research (Thu Apr 25 2002 - 07:17:12 PDT)
- Sudo version 1.6.6 now available (fwd) Jonas Eriksson (Thu Apr 25 2002 - 10:08:09 PDT)
- [CLA-2002:474] Conectiva Linux Security Announcement - ethereal secureat_private (Thu Apr 25 2002 - 10:21:53 PDT)
- Fragroute and ISS (NetworkICE) products: a brief analysis Chris Deibler (Thu Apr 25 2002 - 15:35:58 PDT)
- [RHSA-2002:063-05] Updated icecast packages are available bugzillaat_private (Thu Apr 25 2002 - 15:08:34 PDT)
- MDKSA-2002:028 - sudo update Mandrake Linux Security Team (Thu Apr 25 2002 - 15:24:17 PDT)
- [fw-wiz] STANFORD CONFERENCE ON VULNERABILITY DISCLOSURE: Early Reg to Close Soon! (fwd) Adam Shostack (Mon Apr 22 2002 - 08:15:53 PDT)
- Intel D845HV/WN/PT series motherboard vulnerability Dave Oliver (Thu Apr 25 2002 - 06:10:55 PDT)
- MDKSA-2002:029 - imlib update Mandrake Linux Security Team (Thu Apr 25 2002 - 15:25:17 PDT)
- [slackware-security] sudo upgrade fixes a potential vulnerability Slackware Security Team (Thu Apr 25 2002 - 14:10:26 PDT)
- [RHSA-2002:072-07] Updated sudo packages are available bugzillaat_private (Thu Apr 25 2002 - 14:19:55 PDT)
- Security Update: [CSSA-2002-017.0] Linux: squid compressed DNS answer message boundary failure securityat_private (Thu Apr 25 2002 - 17:30:36 PDT)
- Revised OpenSSH Security Advisory (adv.token) Markus Friedl (Fri Apr 26 2002 - 04:59:49 PDT)
- Mp3 file can execute code in Winamp [Sandblad advisory #5] Andreas Sandblad (Thu Apr 25 2002 - 23:30:56 PDT)
- [CLA-2002:475] Conectiva Linux Security Announcement - sudo secureat_private (Fri Apr 26 2002 - 08:04:34 PDT)
- [RHSA-2002:071-07] Updated sudo packages are available Dave Ahmad (Fri Apr 26 2002 - 09:49:28 PDT)
- [CLA-2002:476] Conectiva Linux Security Announcement - webalizer secureat_private (Fri Apr 26 2002 - 09:55:58 PDT)
- Re: XMB cross-scripting vulnerability Joe (Fri Apr 26 2002 - 08:53:44 PDT)
- IndiaTimes.com - Email - Session hijacking and Inbox Blocking Giri Sandeep (Fri Apr 26 2002 - 11:38:10 PDT)
- PHP-Survey Database Access Vulnerability MOD (Fri Apr 26 2002 - 13:27:34 PDT)
- Fragroute-NetworkICE follow-up Chris Deibler (Fri Apr 26 2002 - 16:14:12 PDT)
- Response to KF about Listar/Ecartis Vulnerability Trish Lynch (Sat Apr 27 2002 - 07:35:09 PDT)
- QPopper 4.0.4 buffer overflow Marcell Fodor (Sun Apr 28 2002 - 12:21:14 PDT)
- More Office XP problems (version 3.0) Georgi Guninski (Sun Apr 28 2002 - 10:32:59 PDT)
- dnstools: authentication bypass vulnerability ppp-design (Sun Apr 28 2002 - 04:29:59 PDT)
- SuSE Security Announcement: radiusd-cistron (SuSE-SA:2002:013) Sebastian Krahmer (Mon Apr 29 2002 - 05:33:36 PDT)
- [ESA-20020429-010] 'sudo' heap corruption vulnerability EnGarde Secure Linux (Mon Apr 29 2002 - 05:53:29 PDT)
- TSLSA-2002-0046 - sudo Trustix Secure Linux Advisor (Mon Apr 29 2002 - 07:17:29 PDT)
- TSLSA-2002-0047 - openssh Trustix Secure Linux Advisor (Mon Apr 29 2002 - 07:18:05 PDT)
- Blahz-DNS: Authentication bypass vulnerability ppp-design (Sun Apr 28 2002 - 13:59:52 PDT)
- ITCP Advisory 13: Bypassing of ATGuard Firewall possible BlueScreen (Mon Apr 29 2002 - 07:47:09 PDT)
- eSecurityOnline Security Advisory 2397 - Sun Solaris admintool -d and PRODVERS buffer overflow vulnerabilities researchteam5at_private (Mon Apr 29 2002 - 12:50:33 PDT)
- eSecurityOnline Security Advisory 2408 - CIDER SHADOW CGI researchteam5at_private (Mon Apr 29 2002 - 12:59:27 PDT)
- eSecurityOnline Security Advisory 4197 - Sun Solaris cachefsd den ial of service vulnerability researchteam5at_private (Mon Apr 29 2002 - 14:09:59 PDT)
- eSecurityOnline Security Advisory 4198 - Sun Solaris cachefsd mou nt file buffer overflow vulnerability researchteam5at_private (Mon Apr 29 2002 - 14:12:30 PDT)
- eSecurityOnline Security Advisory 4123 - Sun Solaris admintool me dia installation path buffer overflow vulnerability researchteam5at_private (Mon Apr 29 2002 - 13:57:30 PDT)
- Follows: Norton Personal Firewall 2002 vulnerable to SYN/FIN scan Alfonso Fiore (Mon Apr 29 2002 - 16:13:06 PDT)
- eSecurityOnline Security Advisories notes researchteam5at_private (Mon Apr 29 2002 - 13:54:01 PDT)
- eSecurityOnline Security Advisory 2406 - CDE dtprintinfo Help sea rch buffer overflow vulnerability researchteam5at_private (Mon Apr 29 2002 - 12:55:15 PDT)
- Security Update: [CSSA-2002-018.0] Linux: Race condition in fileutils securityat_private (Mon Apr 29 2002 - 15:46:22 PDT)
- eSecurityOnline Security Advisory 3761 - Sun Solaris lbxproxy dis play name buffer overflow vulnerability researchteam5at_private (Mon Apr 29 2002 - 13:14:05 PDT)
- Reading local files in Netscape 6 and Mozilla (GM#001-NS) GreyMagic Software (Mon Apr 29 2002 - 18:11:20 PDT)
- KPMG-2002016: Bea Weblogic incorrect URL parsing issues Peter Gründl (Tue Apr 30 2002 - 04:02:10 PDT)
- SuSE Security Announcement: sudo (SuSE-SA:2002:014) Sebastian Krahmer (Tue Apr 30 2002 - 08:10:42 PDT)
- ISS Advisory: Remote Denial of Service Vulnerability in RealSecure Network Sensor X-Force (Tue Apr 30 2002 - 11:59:20 PDT)
- Levcgi.coms MyGuestbook JavaScript Injection Vulnerability BrainRawt . (Tue Apr 30 2002 - 14:45:25 PDT)
- Security Update: [CSSA-2002-019.0] Linux: imlib processes untrusted images securityat_private (Tue Apr 30 2002 - 12:53:46 PDT)
- 3CDaemon DoS exploit skyrim msh (Mon Apr 29 2002 - 21:43:53 PDT)
- IE/OE6.0 cannot handle malformed XBM files Adam [wp-ckkl] (Tue Apr 30 2002 - 11:28:19 PDT)
- RE: Solaris 2.6, 7, 8 Morgan (Mon Apr 08 2002 - 00:41:07 PDT)
- Disclosing information in Super GuestBook Over_G (Tue Apr 09 2002 - 21:05:53 PDT)
- Admin access in GuestBook r4 Over_G (Tue Apr 09 2002 - 21:04:45 PDT)
Last message date: Thu Apr 10 2003 - 15:48:51 PDT
Archived on: Thu Apr 10 2003 - 15:48:53 PDT
385 messages sorted by:
[ author ]
[ date ]
[ subject ]
Other mail archives
This archive was generated by hypermail 2b30
: Thu Apr 10 2003 - 15:48:53 PDT