bugtraq 2002/09
By Thread
Most recent messages
353 messages sorted by:
[ author ]
[ date ]
[ subject ]
Other mail archives
Starting: Sat Aug 31 2002 - 22:08:28 PDT
Ending: Wed Oct 23 2002 - 14:00:38 PDT
- [Full-Disclosure] Re: [security bulletin] SSRT2275 HP Tru64 UNIX - Potential Buffer Overflows & SSRT2229 Potential Denial of Service (fwd) Len Rose (Sat Aug 31 2002 - 22:08:28 PDT)
- Re: SUMMARY: Disabling Port 445 (SMB) Entirely Shaolin Tiger (Mon Sep 02 2002 - 04:21:21 PDT)
- [VulnWatch] SECNAP Security Alert: Radmin Default install options vulnerability Michael Scheidell (Mon Sep 02 2002 - 08:21:19 PDT)
- The ScrollKeeper Root Trap Spybreak (Mon Sep 02 2002 - 04:59:00 PDT)
- XSS in Null HTTPd Matthew Murphy (Mon Sep 02 2002 - 09:57:11 PDT)
- [Full-Disclosure] SECNAP Security Alert: Radmin Default install options vulnerability Michael Scheidell (Mon Sep 02 2002 - 08:21:19 PDT)
- One step easier password guessing on Windows NP-completer (Sun Sep 01 2002 - 04:41:50 PDT)
- Happy Labor Day from Snosoft KF (Mon Sep 02 2002 - 09:29:40 PDT)
- Outlook S/MIME Vulnerability Mike Benham (Mon Sep 02 2002 - 10:37:23 PDT)
- [VulnWatch] Windows .NET Server (RC1) and MSDE (#NISR03092002B) NGSSoftware Insight Security Research (Mon Sep 02 2002 - 12:05:16 PDT)
- Microsoft SQL Server Stored procedures [sp_MSSetServerPropertiesn and sp_MSsetalertinfo] (#NISR03092002A) NGSSoftware Insight Security Research (Mon Sep 02 2002 - 12:07:33 PDT)
- Windows .NET Server (RC1) and MSDE (#NISR03092002B) NGSSoftware Insight Security Research (Mon Sep 02 2002 - 12:05:16 PDT)
- [VulnWatch] Microsoft SQL Server Stored procedures [sp_MSSetServerPropertiesn and sp_MSsetalertinfo] (#NISR03092002A) NGSSoftware Insight Security Research (Mon Sep 02 2002 - 12:07:33 PDT)
- New Paper: Threat profiling Microsoft SQL Server NGSSoftware Insight Security Research (Mon Sep 02 2002 - 12:13:09 PDT)
- [Full-Disclosure] Compaq mount patch broken Paul Szabo (Mon Sep 02 2002 - 20:18:49 PDT)
- Re: CacheFlow CacheOS Cross-site Scripting Vulnerability Blueat_private, Coatat_private, Systemsat_private (Mon Sep 02 2002 - 22:37:13 PDT)
- [SECURITY] [DSA 160-1] New scrollkeeper packages fix insecure temporary file creation Martin Schulze (Tue Sep 03 2002 - 06:14:17 PDT)
- Compaq mount patch broken Paul Szabo (Mon Sep 02 2002 - 20:18:49 PDT)
- Re: Security side-effects of Word fields Woody Leonhard (Tue Sep 03 2002 - 04:59:39 PDT)
- SecuRemote usernames can be guessed or sniffed using IKE exchange Roy Hills (Tue Sep 03 2002 - 04:08:48 PDT)
- MSIEv6 % encoding causes a problem again Liu Die Yu (Tue Sep 03 2002 - 05:49:20 PDT)
- Cisco Security Advisory: Cisco VPN 3000 Concentrator Multiple Vulnerabilities Cisco Systems Product Security Incident Response Team (Tue Sep 03 2002 - 08:00:00 PDT)
- [security bulletin] SSRT2310a HP Tru64 UNIX & HP OpenVMS Potential OpenSSL Security Vulnerability (fwd) Dave Ahmad (Tue Sep 03 2002 - 13:32:46 PDT)
- [CLA-2002:522] Conectiva Linux Security Announcement - mailman secureat_private (Tue Sep 03 2002 - 12:01:36 PDT)
- Cross-Site Scripting in Aestiva's HTML/OS eaxat_private (Tue Sep 03 2002 - 13:08:14 PDT)
- GLSA: scrollkeeper Daniel Ahlberg (Wed Sep 04 2002 - 03:39:04 PDT)
- Cacti security issues Knights of the Routing Table (Tue Sep 03 2002 - 14:06:22 PDT)
- [SECURITY] [DSA 161-1] New Mantis package fixes privilege escalation Martin Schulze (Wed Sep 04 2002 - 07:48:40 PDT)
- Bypassing the Finjan SurfinGate URL filter Marc Ruef (Wed Sep 04 2002 - 06:27:36 PDT)
- SPIKE 2.6 Released... Dave Aitel (Wed Sep 04 2002 - 09:02:21 PDT)
- AFD 1.2.14 multiple local root compromises Bert Vanmanshoven (Wed Sep 04 2002 - 07:59:51 PDT)
- [Full-Disclosure] major vulnerability in IE 6 :-( fooldisclosureat_private (Wed Sep 04 2002 - 17:45:50 PDT)
- GLSA: amavis Daniel Ahlberg (Thu Sep 05 2002 - 06:03:57 PDT)
- Cisco Security Advisory: Cisco VPN Client Multiple Vulnerabilities - Second Set Cisco Systems Product Security Incident Response Team (Thu Sep 05 2002 - 08:00:00 PDT)
- advisory UkR security team™ (Thu Sep 05 2002 - 05:30:30 PDT)
- RE: (Fwd) MSIEv6 % encoding causes a problem again Thor Larholm (Thu Sep 05 2002 - 02:18:42 PDT)
- [Full-Disclosure] zero-width gif: exploit PoC for NS6.2.3 (fixed in 7.0) [Was: GIFs Good, Flash Executable Bad] zen-parse (Thu Sep 05 2002 - 23:47:51 PDT)
- Foundstone Labs Advisory - Remotely Exploitable Buffer Overflow in PGP Foundstone Labs (Fri Sep 06 2002 - 10:54:17 PDT)
- zero-width gif: exploit PoC for NS6.2.3 (fixed in 7.0) [Was: GIFs Good, Flash Executable Bad] zen-parse (Thu Sep 05 2002 - 23:47:51 PDT)
- Rapid 7 Advisory R7-0005: ZMerge Insecure Default ACLs Rapid 7 Security Advisories (Fri Sep 06 2002 - 12:01:12 PDT)
- Veritas Backup Exec opens networks for NetBIOS based attacks? Geoff Craig (Fri Sep 06 2002 - 13:19:22 PDT)
- UPDATE: (Was Veritas Backup Exec opens networks for NetBIOS based attacks?) Geoff Craig (Fri Sep 06 2002 - 14:21:35 PDT)
- [SECURITY] [DSA 162-1] New ethereal packages fix buffer overflow Martin Schulze (Fri Sep 06 2002 - 07:22:23 PDT)
- MDKSA-2002:054-1 - gaim update Mandrake Linux Security Team (Thu Sep 05 2002 - 19:12:12 PDT)
- All versions of windows infected? Iamhatingitat_private (Fri Sep 06 2002 - 14:55:21 PDT)
- Next-hop scanning for open firewall ports David G. Andersen (Thu Sep 05 2002 - 16:31:15 PDT)
- KSTAT (and maybe others) bypass Dark Angel (Thu Sep 05 2002 - 19:06:10 PDT)
- NetGear FM114P URL filter bypassing vulnerability Marc Ruef (Sat Sep 07 2002 - 00:08:39 PDT)
- PHP header() CRLF Injection Matthew Murphy (Sat Sep 07 2002 - 15:36:49 PDT)
- [Full-Disclosure] [RHSA-2002:188-08] New wordtrans packages fix remote vulnerabilities bugzillaat_private (Mon Sep 09 2002 - 06:36:01 PDT)
- Vulnerabilities in Microsoft's Java implementation Jouko Pynnonen (Mon Sep 09 2002 - 05:16:27 PDT)
- phpGB: cross site scripting bug ppp-design (Mon Sep 09 2002 - 00:24:05 PDT)
- GLSA: glibc Daniel Ahlberg (Mon Sep 09 2002 - 07:59:58 PDT)
- Unmask 1.0 Release Party at My House! Dave Aitel (Mon Sep 09 2002 - 09:23:57 PDT)
- phpGB: mysql injection bug ppp-design (Mon Sep 09 2002 - 00:18:24 PDT)
- [SECURITY] [DSA 159-2] New Python packages fix problem introduced by security fix Martin Schulze (Mon Sep 09 2002 - 07:49:28 PDT)
- Who framed Internet Explorer (GM#010-IE) GreyMagic Software (Mon Sep 09 2002 - 08:31:07 PDT)
- phpGB: DoS and executing_arbitrary_commands ppp-design (Mon Sep 09 2002 - 00:28:06 PDT)
- Trillian weakly encrypts saved passwords Evan Nemerson (Mon Sep 09 2002 - 02:20:04 PDT)
- [SECURITY] [DSA 163-1] New mhonarc packages fix cross site scripting problems Martin Schulze (Mon Sep 09 2002 - 10:05:13 PDT)
- Small bug crashes OE Raistlin (Mon Sep 09 2002 - 13:01:42 PDT)
- Small correction... Raistlin (Mon Sep 09 2002 - 13:44:42 PDT)
- PHP fopen() CRLF Injection Ulf Harnhammar (Mon Sep 09 2002 - 14:23:01 PDT)
- [VulnWatch] PHP fopen() CRLF Injection Ulf Harnhammar (Mon Sep 09 2002 - 14:23:01 PDT)
- [VulnWatch] Strange Attractors and TCP/IP Sequence Number Analysis - One Year Later Michal Zalewski (Mon Sep 09 2002 - 17:31:51 PDT)
- [Full-Disclosure] Strange Attractors and TCP/IP Sequence Number Analysis - One Year Later Michal Zalewski (Mon Sep 09 2002 - 17:31:51 PDT)
- [Full-Disclosure] [RHSA-2002:189-08] Updated gaim client fixes URL vulnerability bugzillaat_private (Tue Sep 10 2002 - 02:00:28 PDT)
- Strange Attractors and TCP/IP Sequence Number Analysis - One Year Later Michal Zalewski (Mon Sep 09 2002 - 17:31:51 PDT)
- MDKSA-2002:058 - kdelibs update Mandrake Linux Security Team (Mon Sep 09 2002 - 17:26:01 PDT)
- [SECURITY] [DSA 164-1] New cacti package fixes arbitrary code execution Martin Schulze (Tue Sep 10 2002 - 06:39:50 PDT)
- IE6 SP1 Notes Thor Larholm (Tue Sep 10 2002 - 08:38:28 PDT)
- MDKSA-2002:057 - krb5 update Mandrake Linux Security Team (Mon Sep 09 2002 - 17:14:51 PDT)
- Password Security Policy Question L. Adrian Griffis (Tue Sep 10 2002 - 09:36:26 PDT)
- Apple QuickTime ActiveX v5.0.2 Buffer Overrun (a091002-1) @stake Advisories (Tue Sep 10 2002 - 13:57:25 PDT)
- Buffer over/underflows in ssldump prior to 0.9b3 Eric Rescorla (Wed Sep 11 2002 - 08:04:09 PDT)
- KDE Security Advisory: Secure Cookie Vulnerability Dirk Mueller (Tue Sep 10 2002 - 16:11:03 PDT)
- KDE Security Advisory: Konqueror Cross Site Scripting Vulnerability Dirk Mueller (Tue Sep 10 2002 - 16:12:27 PDT)
- [security bulletin] SSRT-547 HP Tru64 UNIX Potential Security Vulnerabilities TPC/IP, FTPD, ARP (fwd) Dave Ahmad (Wed Sep 11 2002 - 08:11:49 PDT)
- Final Speakers for HiverCon 2002 Announced Mark Anderson (Wed Sep 11 2002 - 03:49:34 PDT)
- MDKSA-2002:059 - php update Mandrake Linux Security Team (Tue Sep 10 2002 - 17:08:10 PDT)
- Privacy leak in mozilla Sven Neuhaus (Wed Sep 11 2002 - 05:51:12 PDT)
- Some unpatched vulnerabilities fixed Auriemma Luigi (Wed Sep 11 2002 - 13:16:46 PDT)
- Norton AntiVirus 2001 POP3 Proxy local DoS Berend-Jan Wever (Wed Sep 11 2002 - 04:05:45 PDT)
- slashdot / slashcode disclosing passwords Michal Zalewski (Wed Sep 11 2002 - 10:25:45 PDT)
- efstool slackware 7.1 local root exploit exploit included Cloud Ass (Tue Sep 10 2002 - 19:31:46 PDT)
- [Full-Disclosure] ht://Check XSS Ulf Harnhammar (Thu Sep 12 2002 - 01:59:05 PDT)
- ht://Check XSS Ulf Harnhammar (Thu Sep 12 2002 - 01:59:05 PDT)
- Bypassing SMTP Content Protection with a Flick of a Button Aviram Jenik (Thu Sep 12 2002 - 06:45:03 PDT)
- [SECURITY] [DSA 165-1] New PostgreSQL packages fix several vulnerabilities Martin Schulze (Thu Sep 12 2002 - 07:58:31 PDT)
- the attachement jelmer (Wed Sep 11 2002 - 19:08:42 PDT)
- LEVERAGING CROSS-PROTOCOL SCRIPTING IN MSIE jelmer (Wed Sep 11 2002 - 18:59:55 PDT)
- Bypassing TrendMicro InterScan VirusWall Vincent Royer (Thu Sep 12 2002 - 08:13:49 PDT)
- xbreaky symlink vulnerability Marco van Berkum (Thu Sep 12 2002 - 09:28:14 PDT)
- [CLA-2002:523] Conectiva Linux Security Announcement - util-linux secureat_private (Thu Sep 12 2002 - 11:55:14 PDT)
- Scan against Enterasys SSR8000 crash the system Mella Marco (Fri Sep 13 2002 - 02:44:31 PDT)
- [SECURITY] [DSA 166-1] New purity packages fix potential buffer overflows Martin Schulze (Fri Sep 13 2002 - 07:10:10 PDT)
- [securitydigest.org]: Changes in August/September 2002 Curator at Security Digest Archives (Fri Sep 13 2002 - 02:34:30 PDT)
- Re: Multiple vulnerabilities in Avaya Argent Office Russell Garrett (Thu Sep 12 2002 - 13:13:23 PDT)
- bugtraq.c httpd apache ssl attack Fernando Nunes (Fri Sep 13 2002 - 06:55:17 PDT)
- OpenSSL worm in the wild Ben Laurie (Fri Sep 13 2002 - 10:16:33 PDT)
- Savant 3.1 multiple vulnerabilities Auriemma Luigi (Fri Sep 13 2002 - 12:55:05 PDT)
- Race condition in BRU Workstation 17.0 prophecyat_private (Thu Sep 12 2002 - 17:08:16 PDT)
- [Full-Disclosure] [RHSA-2002:036-26] Updated ethereal packages available bugzillaat_private (Fri Sep 13 2002 - 12:10:23 PDT)
- Security Issue with Mac OS X Christopher Allene (Thu Sep 12 2002 - 17:52:28 PDT)
- Cobalt 6.0 Local Root Brendan C. Johnson (Thu Sep 12 2002 - 03:48:23 PDT)
- [VulnWatch] NSSI-2002-sygatepfw5: Sygate Personal Firewall IP Spoofing Vulnerability Abraham Lincoln (Mon Sep 16 2002 - 08:32:13 PDT)
- [Full-Disclosure] Linux Slapper Worm code John Scimone (Mon Sep 16 2002 - 07:36:48 PDT)
- nidump on OS X Dale Harris (Sun Sep 15 2002 - 14:28:48 PDT)
- Planet Web Software Buffer Overflow UkR security team™ (Sat Sep 14 2002 - 14:38:35 PDT)
- Bug in Opera and Konqueror Zeux (Sun Sep 15 2002 - 10:07:02 PDT)
- OpenSSH 3.4p1 Privsep Andrew Danforth (Mon Sep 16 2002 - 14:48:42 PDT)
- [Full-Disclosure] Remote detection of vulnerable OpenSSL versions Florian Weimer (Tue Sep 17 2002 - 09:39:39 PDT)
- [VulnWatch] Fw: [ut2003bugs] remote denial of service in ut2003 demo Arne Schwerdtfegger (Tue Sep 17 2002 - 08:23:13 PDT)
- NetBSD Security Advisory 2002-012: buffer overrun in setlocale NetBSD Security Officer (Mon Sep 16 2002 - 19:27:55 PDT)
- NetBSD Security Advisory 2002-011: Sun RPC XDR decoder contains buffer overflow NetBSD Security Officer (Mon Sep 16 2002 - 19:16:42 PDT)
- NetBSD Security Advisory 2002-017: shutdown(s, SHUT_RD) on TCP socket does not work as intended NetBSD Security Officer (Mon Sep 16 2002 - 19:49:09 PDT)
- NetBSD Security Advisory 2002-014: fd_set overrun in mbone tools and pppd NetBSD Security Officer (Mon Sep 16 2002 - 19:37:50 PDT)
- Multiple NetBSD Security Advisories Released/Updated NetBSD Security Officer (Mon Sep 16 2002 - 18:38:42 PDT)
- NetBSD Security Advisory 2002-010: symlink race in pppd NetBSD Security Officer (Mon Sep 16 2002 - 19:10:00 PDT)
- NetBSD Security Advisory 2002-007: Repeated TIOCSCTTY ioctl can corrupt session hold counts NetBSD Security Officer (Mon Sep 16 2002 - 18:56:30 PDT)
- [SECURITY] [DSA-136-3] Multiple OpenSSL problems (update) Michael Stone (Tue Sep 17 2002 - 07:16:34 PDT)
- NetBSD Security Advisory 2002-006: buffer overrun in libc/libresolv DNS resolver NetBSD Security Officer (Mon Sep 16 2002 - 18:50:12 PDT)
- iDEFENSE Security Advisory 09.16.2002: FreeBSD Ports libkvm Security Vulnerabilities David Endler (Mon Sep 16 2002 - 12:10:39 PDT)
- [SECURITY] [DSA-136-2] Multiple OpenSSL problems (update) Michael Stone (Sun Sep 15 2002 - 20:11:45 PDT)
- NetMeeting 3.01 Local RDS Session Hijacking Paul A Roberts (Thu Sep 12 2002 - 23:00:31 PDT)
- [SECURITY] [DSA 167-1] New kdelibs fix cross site scripting bug Martin Schulze (Mon Sep 16 2002 - 06:10:52 PDT)
- FreeBSD Security Advisory FreeBSD-SA-02:39.libkvm FreeBSD Security Advisories (Mon Sep 16 2002 - 09:15:45 PDT)
- NetBSD Security Advisory 2002-009: NetBSD Security Officer (Mon Sep 16 2002 - 19:03:16 PDT)
- Microsoft Windows XP Remote Desktop denial of service vulnerability Ben Cohen (Mon Sep 16 2002 - 01:50:45 PDT)
- NetBSD Security Advisory 2002-013: Bug in NFS server code allows remote denial of service NetBSD Security Officer (Mon Sep 16 2002 - 19:32:41 PDT)
- Microsoft Windows Remote Desktop Protocol checksum and keystroke vulnerabilities Ben Cohen (Mon Sep 16 2002 - 01:52:00 PDT)
- NetBSD Security Advisory 2002-018: Multiple security isses with kfd daemon NetBSD Security Officer (Mon Sep 16 2002 - 19:56:44 PDT)
- Advisory: File disclosure in DB4Web Stefan.Bagdohnat_private (Tue Sep 17 2002 - 05:44:11 PDT)
- Lycos HTMLGear Guestbook Script Injection Vulnerability Matthew Murphy (Sat Sep 14 2002 - 15:11:44 PDT)
- joe editor backup problem Ondrej Suchy (Tue Sep 17 2002 - 11:30:24 PDT)
- NSSI-2002-sygatepfw5: Sygate Personal Firewall IP Spoofing Vulnerability Abraham Lincoln (Mon Sep 16 2002 - 08:32:13 PDT)
- Advisory: TCP-Connection risk in DB4Web Stefan.Bagdohnat_private (Tue Sep 17 2002 - 05:44:17 PDT)
- Microsoft Windows Terminal Services vulnerabilities Ben Cohen (Wed Sep 18 2002 - 04:39:03 PDT)
- [Full-Disclosure] IRIX IGMP multicast report Denial of Service vulnerability SGI Security Coordinator (Wed Sep 18 2002 - 09:06:07 PDT)
- Trillian .74 and below, ident flaw. Lance Fitz-Herbert (Wed Sep 18 2002 - 07:04:59 PDT)
- [Full-Disclosure] IRIX default root umask and coredumps SGI Security Coordinator (Wed Sep 18 2002 - 09:21:56 PDT)
- Cisco Security Advisory: Cisco VPN 5000 Client Multiple Vulnerabilities Cisco Systems Product Security Incident Response Team (Wed Sep 18 2002 - 08:00:00 PDT)
- [VulnWatch] IRIX default root umask and coredumps SGI Security Coordinator (Wed Sep 18 2002 - 09:21:56 PDT)
- tst attachment Jose Martins (Wed Sep 18 2002 - 01:29:14 PDT)
- SuSE Security Announcement: xf86 (SuSE-SA:2002:032) Sebastian Krahmer (Wed Sep 18 2002 - 03:57:50 PDT)
- Execution Rights Not Checked Correctly For 16-bit Applications Torbjörn Hovmark (Wed Sep 18 2002 - 10:35:26 PDT)
- Cisco Security Advisory: Microsoft Windows SMB Denial of Service Vulnerabilities in Cisco Products - MS02-045 Cisco Systems Product Security Incident Response Team (Wed Sep 18 2002 - 09:00:00 PDT)
- Cisco VPN 5000 client buffer overflow vulnerabilities. Niels Heinen (Wed Sep 18 2002 - 08:41:53 PDT)
- [VulnWatch] IRIX IGMP multicast report Denial of Service vulnerability SGI Security Coordinator (Wed Sep 18 2002 - 09:06:07 PDT)
- [SECURITY] [DSA 168-1] New PHP packages fix several vulnerabilities Martin Schulze (Wed Sep 18 2002 - 06:40:51 PDT)
- Protecting you wireless networks a bit more against wardrivers Moser Max (Wed Sep 18 2002 - 00:34:21 PDT)
- iDEFENSE Security Advisory 09.18.2002: Security Vulnerabilities in OSF1/Tru64 3. David Endler (Wed Sep 18 2002 - 14:06:49 PDT)
- Firewall-1 HTTP Security Server - Proxy vulnerability Mark van Gelder (Tue Sep 17 2002 - 22:15:47 PDT)
- RE: Execution Rights Not Checked Correctly For 16-bit Application s Vigneau, Steve (Wed Sep 18 2002 - 13:39:00 PDT)
- trillian DoS: trillian 1.0 pro also vulnerable Jose Nazario (Wed Sep 18 2002 - 11:08:58 PDT)
- Web browser certificate Validation flaw: Netscape, Mozilla, MSIE vulnerable - still? Pidgorny, Slav (Wed Sep 18 2002 - 00:21:13 PDT)
- Re: Linux Slapper Worm Ajai Khattri (Wed Sep 18 2002 - 09:50:13 PDT)
- Mozilla vulnerabilities, an update Thor Larholm (Wed Sep 18 2002 - 09:08:52 PDT)
- Fw: [ut2003bugs] remote denial of service in ut2003 demo Arne Schwerdtfegger (Tue Sep 17 2002 - 08:23:13 PDT)
- The Art of Unspoofing eric.princeat_private (Tue Sep 17 2002 - 20:08:02 PDT)
- KPMG-2002035: IBM Websphere Large Header DoS Peter Gründl (Thu Sep 19 2002 - 01:51:04 PDT)
- The Trivial Cisco IP Phones Compromise Ofir Arkin (Thu Sep 19 2002 - 04:22:32 PDT)
- Trillian .73 & .74 "PRIVMSG" Overflow. Lance Fitz-Herbert (Thu Sep 19 2002 - 08:49:25 PDT)
- [Full-Disclosure] Trillian .73 & .74 "PRIVMSG" Overflow. Lance Fitz-Herbert (Thu Sep 19 2002 - 08:49:25 PDT)
- http://online.securityfocus.com/archive/1/291358/2002-09-08/2002-09-14/0, Subj: Norton AintiVirus 2001 POPROXY DoS Sym Security (Thu Sep 19 2002 - 10:49:48 PDT)
- Re: [Full-Disclosure] iDEFENSE Security Advisory 09.18.2002: Security Vulnerabilities in OSF1/Tru64 3. Steven M. Christey (Thu Sep 19 2002 - 13:44:43 PDT)
- Squirrel Mail 1.2.7 XSS Exploit DarC KonQuesT (Thu Sep 19 2002 - 14:14:28 PDT)
- [Full-Disclosure] Re: MS-02-052 Jouko Pynnonen (Thu Sep 19 2002 - 15:20:11 PDT)
- [CLA-2002:524] Conectiva Linux Security Announcement - postgresql secureat_private (Thu Sep 19 2002 - 12:18:59 PDT)
- More vulnerabilities (Re: Security side-effects of Word fields) Alex Gantman (Thu Sep 19 2002 - 14:57:01 PDT)
- CanSecWest/core03 Dragos Ruiu (Thu Sep 19 2002 - 09:11:28 PDT)
- [CLA-2002:525] Conectiva Linux Security Announcement - kdelibs secureat_private (Fri Sep 20 2002 - 08:12:54 PDT)
- ANNOUNCE: RATS 2.0 RATS Team (Thu Sep 19 2002 - 12:13:11 PDT)
- ANNOUNCE: Egads 0.9.5 EGADS Team (Thu Sep 19 2002 - 12:20:46 PDT)
- Yet Another. Trillian 'JOIN' Overflow. Lance Fitz-Herbert (Fri Sep 20 2002 - 10:21:06 PDT)
- [Full-Disclosure] Yet Another. Trillian 'JOIN' Overflow. Lance Fitz-Herbert (Fri Sep 20 2002 - 10:21:06 PDT)
- SuSE Security Announcement: Slapper worm (SuSE-SA:2002:033) Olaf Kirch (Fri Sep 20 2002 - 00:45:51 PDT)
- [Full-Disclosure] And Again. Trillian 'raw 221' Overflow. Lance Fitz-Herbert (Sat Sep 21 2002 - 10:03:01 PDT)
- Re: [UPDATED] Advisory: Multiple 602Pro LAN SUITE 2002 Denial of Service Attacks Brandon Sturgeon (Fri Sep 20 2002 - 06:34:26 PDT)
- And Again. Trillian 'raw 221' Overflow. Lance Fitz-Herbert (Sat Sep 21 2002 - 10:03:01 PDT)
- [Full-Disclosure] *sigh* Trillian multiple DoS's flaws. Lance Fitz-Herbert (Sun Sep 22 2002 - 07:11:07 PDT)
- [Full-Disclosure] JAWmail XSS Ulf Harnhammar (Sun Sep 22 2002 - 17:27:43 PDT)
- [Full-Disclosure] Technical information about the vulnerabilities fixed by MS-02-52 Jouko Pynnonen (Mon Sep 23 2002 - 04:39:22 PDT)
- *sigh* Trillian multiple DoS's flaws. Lance Fitz-Herbert (Sun Sep 22 2002 - 07:11:07 PDT)
- remote exploitable heap overflow in Null HTTPd 0.5.0 Bert Vanmanshoven (Sun Sep 22 2002 - 16:19:48 PDT)
- JAWmail XSS Ulf Harnhammar (Sun Sep 22 2002 - 17:27:43 PDT)
- Technical information about the vulnerabilities fixed by MS-02-52 Jouko Pynnonen (Mon Sep 23 2002 - 04:39:22 PDT)
- IE6 SSL Certificate Chain Verification Zoltán Nochta (Mon Sep 23 2002 - 04:43:26 PDT)
- PHP source injection in phpWebSite Tim Vandermeersch (Sun Sep 22 2002 - 16:53:59 PDT)
- NetBSD Security Advisory YYYY-NNN: {brief description of SA} NetBSD Security Officer (Sun Sep 22 2002 - 20:04:36 PDT)
- [security bulletin] SSRT2362 WEBES Service Tools (HP Tru64 UNIX, HP OpenVMS, Windows) Potential File Access Vulnerability (fwd) Dave Ahmad (Mon Sep 23 2002 - 11:46:56 PDT)
- iDEFENSE Security Advisory 09.23.2002: Directory Traversal in Dino's Webserver David Endler (Mon Sep 23 2002 - 13:41:19 PDT)
- [CLA-2002:526] Conectiva Linux Security Announcement - xchat secureat_private (Mon Sep 23 2002 - 12:21:33 PDT)
- Wireless Networking Frailty gregh (Mon Sep 23 2002 - 01:23:27 PDT)
- Now Online: OWASP Guide to Building Secure Web Applications v1.1 David Endler (Mon Sep 23 2002 - 13:48:58 PDT)
- Trillian Remote DoS Attack - AIM Spikeman (Mon Sep 23 2002 - 04:53:26 PDT)
- Kondara MNU/Linux Kurt Seifried (Mon Sep 23 2002 - 01:13:31 PDT)
- [Full-Disclosure] Slapper worm redux; Ron DuFresne (Tue Sep 24 2002 - 06:53:37 PDT)
- Xoops RC3 script injection vulnerability dasat_private (Tue Sep 24 2002 - 06:58:50 PDT)
- JSP source code exposure in Tomcat 4.x Rossen Raykov (Tue Sep 24 2002 - 07:12:44 PDT)
- Apache 2.0.(39|40) DOS (PHP!) shaddupat_private (Mon Sep 23 2002 - 12:33:04 PDT)
- PHPNUKE 6 XSS Vulnerabilities Mark Grimes (Tue Sep 24 2002 - 11:37:06 PDT)
- [Full-Disclosure] Information Disclosure with Invision Board installation (fwd) Gossi The Dog (Tue Sep 24 2002 - 15:11:55 PDT)
- Information Disclosure with Invision Board installation (fwd) Gossi The Dog (Tue Sep 24 2002 - 15:11:55 PDT)
- IIL Advisory: Reverse traversal vulnerability in Monkey (0.1.4) HTTP server DownBload (Wed Sep 25 2002 - 02:10:45 PDT)
- Shana Informed 3.05 information disclosure sullo (Tue Sep 24 2002 - 21:03:20 PDT)
- [Full-Disclosure] [RHSA-2002:060-17] Updated Zope packages are available bugzillaat_private (Wed Sep 25 2002 - 08:14:08 PDT)
- IIL Advisory: Format String bug in Null Webmail (0.6.3) DownBload (Wed Sep 25 2002 - 02:04:32 PDT)
- IIL Advisory: Vulnerabilities in acWEB HTTP server DownBload (Wed Sep 25 2002 - 02:08:20 PDT)
- OpenVMS POP server local vulnerability Mike Riley (Fri Sep 27 2002 - 05:26:10 PDT)
- GLSA: tomcat Daniel Ahlberg (Wed Sep 25 2002 - 05:09:50 PDT)
- ECHU Alert #2: IMG Attack in the news : 6 CMS vulnerables dasat_private (Tue Sep 24 2002 - 20:10:19 PDT)
- PHP-Nuke x.x SQL Injection Pedro Inacio (Wed Sep 25 2002 - 10:25:46 PDT)
- Fwd: QuickTime for Windows ActiveX security advisory Marc Bejarano (Wed Sep 25 2002 - 11:49:03 PDT)
- Re: Xoops RC3 script injection vulnerability fixed Sergio (Thu Sep 26 2002 - 07:58:20 PDT)
- Microsoft PPTP Server and Client remote vulnerability shat_private (Thu Sep 26 2002 - 02:43:46 PDT)
- iDEFENSE Security Advisory 09.26.2002: Exploitable Buffer Overflow in gv David Endler (Thu Sep 26 2002 - 07:58:48 PDT)
- [Full-Disclosure] Bugtraq postings from non-members may disclose some list-member's addresses Ka (Thu Sep 26 2002 - 09:22:33 PDT)
- Errata: iDEFENSE Security Advisory 09.26.2002: Exploitable Buffer Overflow in gv David Endler (Thu Sep 26 2002 - 09:13:43 PDT)
- Postnuke XSS issues Mark Grimes (Wed Sep 25 2002 - 11:44:56 PDT)
- [SECURITY] [DSA 149-2] New glibc packages fix Martin Schulze (Thu Sep 26 2002 - 10:01:24 PDT)
- PHP-Nuke x.x AND PostNuke SQL Injection Pedro Inacio (Thu Sep 26 2002 - 11:48:02 PDT)
- Postnuke XSS issues [correction] Mark Grimes (Thu Sep 26 2002 - 09:09:08 PDT)
- remote SYSTEM compromise in WASD OpenVMS http server Jean-loup Gailly (Thu Sep 26 2002 - 13:56:34 PDT)
- Hacking Citrix Faq wirepair (Thu Sep 26 2002 - 18:04:57 PDT)
- Watchguard firewall appliances security issues Joao Gouveia (Thu Sep 26 2002 - 20:20:32 PDT)
- Another possible RFC 2046 vulnerability. Jose Marcio Martins da Cruz (Fri Sep 27 2002 - 04:01:46 PDT)
- GLSA: dietlibc Daniel Ahlberg (Fri Sep 27 2002 - 03:05:24 PDT)
- GLSA: glibc (update) Daniel Ahlberg (Fri Sep 27 2002 - 03:34:24 PDT)
- Re: Hacking Citrix Faq (fwd) Dave Ahmad (Fri Sep 27 2002 - 09:38:41 PDT)
- [VulnWatch] FVS318 Config stores usernames/passwd's in plain text FVS (Fri Sep 27 2002 - 09:40:38 PDT)
- Allot Netenforcer problems, GNU TAR flaw Bencsath Boldizsar (Thu Sep 26 2002 - 17:11:07 PDT)
- Yet another XSS vulnerability in PHP NUKE ersatzat_private (Thu Sep 26 2002 - 16:54:51 PDT)
- Software Update Available for Legacy RapidStream Appliances and W atchGuard Firebox Vclass appliances Steve Fallin (Fri Sep 27 2002 - 14:16:16 PDT)
- [VulnWatch] Re: Hacking Citrix Faq (+DEF CON presentation) Ossian Vitek (Fri Sep 27 2002 - 17:49:00 PDT)
- Jetty jsp/servlet engine xss / uname disclosure vuln skinnayat_private (Sat Sep 28 2002 - 10:53:17 PDT)
- SafeTP coughs up internal server IP addresses Jonathan G. Lampe (Fri Sep 27 2002 - 15:32:30 PDT)
- [Full-Disclosure] [RHSA-2002:096-24] Updated unzip and tar packages fix vulnerabilities bugzillaat_private (Sun Sep 29 2002 - 01:55:34 PDT)
- [Full-Disclosure] MyNewsGroups :) XSS patch Ulf Harnhammar (Sun Sep 29 2002 - 16:05:39 PDT)
- [VulnWatch] MyNewsGroups :) XSS patch Ulf Harnhammar (Sun Sep 29 2002 - 16:05:39 PDT)
- iDEFENSE Security Advisory 09.30.2002: Buffer Overflow in WN Server David Endler (Mon Sep 30 2002 - 07:09:59 PDT)
- [Full-Disclosure] [VulnWatch] MyNewsGroups :) XSS patch Ulf Harnhammar (Sun Sep 29 2002 - 16:05:39 PDT)
- XSS bug in Monkey (0.5.0) HTTP server DownBload (Mon Sep 30 2002 - 05:27:40 PDT)
- SuSE Security Announcement: heimdal (SuSE-SA:2002:034) Sebastian Krahmer (Mon Sep 30 2002 - 08:40:06 PDT)
- IIL Advisory: Winamp 3 (1.0.0.488) XML parser buffer overflow vulnerability annihilatorat_private (Sun Sep 29 2002 - 11:00:28 PDT)
- MyNewsGroups :) XSS patch Ulf Harnhammar (Sun Sep 29 2002 - 16:05:39 PDT)
- QT Assistant leaves port unfiltered Rohit Sharma (Sun Sep 29 2002 - 05:56:13 PDT)
- XSS bug in MyMarket 1.71 qber66 (Wed Sep 11 2002 - 11:17:15 PDT)
Last message date: Wed Oct 23 2002 - 14:00:38 PDT
Archived on: Wed Oct 23 2002 - 14:00:40 PDT
353 messages sorted by:
[ author ]
[ date ]
[ subject ]
Other mail archives
This archive was generated by hypermail 2b30
: Wed Oct 23 2002 - 14:00:40 PDT