bugtraq 2002/10
By Thread

Most recent messages
454 messages sorted by: [ author ] [ date ] [ subject ]
Other mail archives

Starting: Tue Oct 01 2002 - 08:01:49 PDT
Ending: Tue Nov 12 2002 - 10:17:37 PST

GLSA: tar Daniel Ahlberg (Tue Oct 01 2002 - 05:37:48 PDT)
ASA-0000: GV Execution of Arbitrary Shell Commands Marc Bevand (Mon Sep 30 2002 - 17:00:02 PDT)
Insecure XML-RPC handling in Zope reveals the distribution physic al location. Rossen Raykov (Tue Oct 01 2002 - 06:57:27 PDT)
- Re: Insecure XML-RPC handling in Zope reveals the distribution physic al location. BlueRaven (Mon Oct 07 2002 - 01:26:37 PDT)
GLSA: fetchmail Daniel Ahlberg (Tue Oct 01 2002 - 02:41:47 PDT)
[CLA-2002:527] Conectiva Linux Security Announcement - python secureat_private (Tue Oct 01 2002 - 07:52:33 PDT)
Postnuke XSS patch Mark Grimes (Tue Oct 01 2002 - 04:34:21 PDT)
PPTP Dave Aitel (Tue Oct 01 2002 - 08:18:36 PDT)
GLSA: unzip Daniel Ahlberg (Tue Oct 01 2002 - 03:38:05 PDT)
iDEFENSE Security Advisory 10.01.02: Sendmail smrsh bypass vulnerabilities David Endler (Tue Oct 01 2002 - 12:06:25 PDT)
[VulnWatch] CoolForum v 0.5 beta shows content of PHP files scrap (Tue Oct 01 2002 - 14:18:28 PDT)
XSS bug in Compaq Insight Manager Http server Taylor Huff (Tue Oct 01 2002 - 08:09:20 PDT)
[BUGZILLA] Security Advisory David Miller (Tue Oct 01 2002 - 09:50:46 PDT)
MSIE:"SaveRef" turns Zone off Liu Die Yu (Mon Sep 30 2002 - 17:19:03 PDT)
- RE: MSIE:"SaveRef" turns Zone off Thor Larholm (Wed Oct 02 2002 - 05:06:58 PDT)
[security bulletin] SSRT2371 HP OpenVMS Potential POP server local vulnerability (fwd) Dave Ahmad (Tue Oct 01 2002 - 12:40:19 PDT)
[VulnWatch] Citrix Published Application Brute Forcer wirepair (Tue Oct 01 2002 - 18:33:29 PDT)
[VulnWatch] Apache 2 Cross-Site Scripting mattmurphyat_private (Wed Oct 02 2002 - 05:59:28 PDT)
Apache 2 Cross-Site Scripting mattmurphyat_private (Wed Oct 02 2002 - 05:59:28 PDT)
Citrix Published Application Brute Forcer wirepair (Tue Oct 01 2002 - 18:33:29 PDT)
[VulnWatch] wp-02-0003: MySQL Locally Exploitable Buffer Overflow Matt Moore (Wed Oct 02 2002 - 08:47:59 PDT)
[VulnWatch] wp--02-0005: Multiple Vulnerabilities in SuperScout Web Reports Server Matt Moore (Wed Oct 02 2002 - 08:53:18 PDT)
[VulnWatch] wp-02-0011: Jetty CGIServlet Arbitrary Command Execution Matt Moore (Wed Oct 02 2002 - 08:58:41 PDT)
Solaris 2.6, 7, 8 Jonathan S (Wed Oct 02 2002 - 09:13:09 PDT)
- Re: Solaris 2.6, 7, 8 Dave Ahmad (Wed Oct 02 2002 - 10:36:05 PDT)
  - Re: Solaris 2.6, 7, 8 Gert-Jan Hagenaars (Wed Oct 02 2002 - 13:52:09 PDT)
- RE: Solaris 2.6, 7, 8 Sinan Eren (Wed Oct 02 2002 - 13:04:27 PDT)
- Re: Solaris 2.6, 7, 8 Roy Kidder (Thu Oct 03 2002 - 12:03:13 PDT)
- Re: Solaris 2.6, 7, 8 Dan Diamond (Thu Oct 03 2002 - 09:03:06 PDT)
- Re: Solaris 2.6, 7, 8 Marco Ivaldi (Wed Oct 02 2002 - 12:42:04 PDT)
- Re: Solaris 2.6, 7, 8 Sebastian (Thu Oct 03 2002 - 23:42:24 PDT)
[VulnWatch] wp-02-0012: Carello 1.3 Remote File Execution (Updated 1/10/2002) Matt Moore (Wed Oct 02 2002 - 09:10:21 PDT)
Multiple Web Security Holes Frog Man (Wed Oct 02 2002 - 10:22:15 PDT)
Postnuke XSS fixed Muhammad Faisal Rauf Danka (Tue Oct 01 2002 - 21:10:21 PDT)
- Re: Postnuke XSS fixed Daniel Woods (Wed Oct 02 2002 - 09:09:33 PDT)
  - Re: Postnuke XSS fixed Sebastian Konstanty Zdrojewski (Thu Oct 03 2002 - 00:10:23 PDT)
- Re: Postnuke XSS fixed Muhammad Faisal Rauf Danka (Thu Oct 03 2002 - 14:20:43 PDT)
wp-02-0011: Jetty CGIServlet Arbitrary Command Execution Matt Moore (Wed Oct 02 2002 - 08:58:41 PDT)
wp-02-0012: Carello 1.3 Remote File Execution (Updated 1/10/2002) Matt Moore (Wed Oct 02 2002 - 09:10:21 PDT)
wp-02-0003: MySQL Locally Exploitable Buffer Overflow Matt Moore (Wed Oct 02 2002 - 08:47:59 PDT)
iDEFENSE Security Advisory 10.02.2002: Net-SNMP DoS Vulnerability David Endler (Wed Oct 02 2002 - 13:14:45 PDT)
wp--02-0005: Multiple Vulnerabilities in SuperScout Web Reports Server Matt Moore (Wed Oct 02 2002 - 08:53:18 PDT)
MySimpleNews (PHP) Frog Man (Wed Oct 02 2002 - 13:17:53 PDT)
Kill a Unisys Clearpath with nmap port scan Jonathan G. Lampe (Wed Oct 02 2002 - 13:57:39 PDT)
- Re: Kill a Unisys Clearpath with nmap port scan Mike Shaw (Thu Oct 03 2002 - 07:47:50 PDT)
- Re: Kill a Unisys Clearpath with nmap port scan Michael.Kainat_private (Fri Oct 04 2002 - 10:31:41 PDT)
phpWebSite XSS Vulnerability Sp.IC (Wed Oct 02 2002 - 14:59:08 PDT)
[Full-Disclosure] [ESA-20021003-021] glibc: several security-related updates. EnGarde Secure Linux (Thu Oct 03 2002 - 05:41:22 PDT)
[Full-Disclosure] [ESA-20021003-022] tar: directory traversal vulnerability. EnGarde Secure Linux (Thu Oct 03 2002 - 05:41:58 PDT)
[Full-Disclosure] [ESA-20021003-023] fetchmail-ssl: buffer overflows and broken boundary checks. EnGarde Secure Linux (Thu Oct 03 2002 - 05:42:51 PDT)
[ESA-20021003-021] glibc: several security-related updates. EnGarde Secure Linux (Thu Oct 03 2002 - 05:41:22 PDT)
[ESA-20021003-022] tar: directory traversal vulnerability. EnGarde Secure Linux (Thu Oct 03 2002 - 05:41:58 PDT)
GLSA: gv Daniel Ahlberg (Thu Oct 03 2002 - 03:04:04 PDT)
[VulnWatch] Buffer Overflow in IE/Outlook HTML Help NGS Insight Security Research (Thu Oct 03 2002 - 07:21:10 PDT)
[VulnWatch] Notes on the SQL Cumulative patch David Litchfield (Thu Oct 03 2002 - 07:56:37 PDT)
[CLA-2002:529] Conectiva Linux Security Announcement - XFree86 secureat_private (Thu Oct 03 2002 - 10:18:26 PDT)
Xerox DocuShare Internal IP address disclosure Ryan Purita (Thu Oct 03 2002 - 12:04:19 PDT)
CommonName Toolbar potentially exposes LAN web addresses Eric Stevens (Thu Oct 03 2002 - 06:10:25 PDT)
- RE: CommonName Toolbar potentially exposes LAN web addresses Mustafa Deeb (Thu Oct 03 2002 - 08:09:12 PDT)
  - RE: CommonName Toolbar potentially exposes LAN web addresses Eric Stevens (Thu Oct 03 2002 - 08:18:43 PDT)
- RE: CommonName Toolbar potentially exposes LAN web addresses Anders Blockmar (Mon Oct 07 2002 - 00:55:53 PDT)
- Re: CommonName Toolbar potentially exposes LAN web addresses Andrew Clover (Fri Oct 04 2002 - 08:35:04 PDT)
Buffer Overflow in IE/Outlook HTML Help NGS Insight Security Research (Thu Oct 03 2002 - 07:21:10 PDT)
SSL certificate validation problems in Ximian Evolution Veit Wahlich (Thu Oct 03 2002 - 05:00:35 PDT)
GLSA: python Daniel Ahlberg (Thu Oct 03 2002 - 07:44:39 PDT)
[ESA-20021003-023] fetchmail-ssl: buffer overflows and broken boundary checks. EnGarde Secure Linux (Thu Oct 03 2002 - 05:42:51 PDT)
Notes on the SQL Cumulative patch David Litchfield (Thu Oct 03 2002 - 07:56:37 PDT)
Re: Kondara MNU/Linux Shin SHIRAHATA (Mon Sep 30 2002 - 22:29:48 PDT)
Re: [VulnDiscuss] XSS bug in Compaq Insight Manager Http server sullo (Tue Oct 01 2002 - 10:29:33 PDT)
iDEFENSE Security Advisory 10.03.2002: Apache 1.3.x shared memory scoreboard vulnerabilities David Endler (Thu Oct 03 2002 - 09:47:54 PDT)
The Books Module for the PostNuke CMS XSS Vulnerability Pistone (Wed Oct 02 2002 - 17:47:08 PDT)
phpMyNewsletter Frog Man (Thu Oct 03 2002 - 08:40:12 PDT)
[VulnWatch] SCAN Associates Advisory: FoxPro ODBC Driver Buffer Overflow sk (Thu Oct 03 2002 - 21:13:44 PDT)
[Full-Disclosure] [RHSA-2002:197-06] Updated glibc packages fix vulnerabilities in resolver bugzillaat_private (Thu Oct 03 2002 - 23:23:18 PDT)
[Full-Disclosure] [RHSA-2002:175-16] Updated nss_ldap packages fix buffer overflow bugzillaat_private (Fri Oct 04 2002 - 00:19:38 PDT)
[Full-Disclosure] [RHSA-2002:212-06] Updated packages fix PostScript and PDF security issue bugzillaat_private (Fri Oct 04 2002 - 00:25:56 PDT)
[SECURITY] [DSA 169-1] New tomcat packages fix unintended source code disclosure Martin Schulze (Fri Oct 04 2002 - 06:08:08 PDT)
phpLinkat XSS Security Bug Sp.IC (Thu Oct 03 2002 - 13:22:44 PDT)
- phpLinkat XSS Security Bug Sp.IC (Fri Oct 04 2002 - 10:28:10 PDT)
Cisco Secure Content Accelerator vulnerable to SSL worm Matt Zimmerman (Thu Oct 03 2002 - 12:37:31 PDT)
- Re: Cisco Secure Content Accelerator vulnerable to SSL worm Mike Caudill (Fri Oct 04 2002 - 13:46:41 PDT)
BearShare Directory Traversal Issue Resurfaces Aviram Jenik (Thu Oct 03 2002 - 13:12:31 PDT)
Cisco Security Advisory: Predefined Restriction Tables Allow Calls to International Operator Cisco Systems Product Security Incident Response Team (Fri Oct 04 2002 - 08:30:00 PDT)
SECURITY.NNOV: ikonboard 3.1.1 CSS 3APA3A (Fri Oct 04 2002 - 07:48:00 PDT)
WinXP Pro(Gold) Insecure System Restore File Permissions Makoto Shiotsuki (Fri Oct 04 2002 - 06:36:10 PDT)
vulnerabilities in logsurfer Jan Kohlrausch (Fri Oct 04 2002 - 10:09:11 PDT)
[OpenPKG-SA-2002.009] OpenPKG Security Advisory (apache) OpenPKG (Fri Oct 04 2002 - 12:53:45 PDT)
injecting commands on a ptraced telnet/ssh session by way of xenion (Fri Oct 04 2002 - 00:09:07 PDT)
Vulnerabilitie in PowerFTP server Armand Morgan (Sat Oct 05 2002 - 05:27:44 PDT)
Flash player can read local files jelmer (Sun Oct 06 2002 - 05:24:00 PDT)
[Full-Disclosure] SPIKE 2.7 Released: There's a party at my house, so bring the beer and follow me.... Dave Aitel (Mon Oct 07 2002 - 06:20:59 PDT)
[CLA-2002:530] Conectiva Linux Security Announcement - apache secureat_private (Mon Oct 07 2002 - 07:26:52 PDT)
ArGoSoft Web-Mail security problem Z0rbaS (Sun Oct 06 2002 - 20:05:14 PDT)
SuSE Security Announcement: mod_php4 (SuSE-SA:2002:036) Thomas Biege (Mon Oct 07 2002 - 02:32:49 PDT)
phpSecurePages & Killer Protection ( PHP ) Frog Man (Sun Oct 06 2002 - 12:47:02 PDT)
XSS bug in hotmail login page Peter Rdam (Sun Oct 06 2002 - 14:03:14 PDT)
- RE: XSS bug in hotmail login page Thor Larholm (Mon Oct 07 2002 - 08:57:24 PDT)
- Re: XSS bug in hotmail login page Muhammad Faisal Rauf Danka (Tue Oct 08 2002 - 05:11:29 PDT)
  - Re: XSS bug in hotmail login page Berend-Jan Wever (Tue Oct 08 2002 - 14:53:39 PDT)
SPIKE 2.7 Released: There's a party at my house, so bring the beer and follow me.... Dave Aitel (Mon Oct 07 2002 - 06:20:59 PDT)
SuSE Security Announcement: hylafax (SuSE-SA:2002:035) Thomas Biege (Mon Oct 07 2002 - 02:21:47 PDT)
[Full-Disclosure] [ESA-20021007-024] apache: potential DoS, cross-site scripting, and buffer overflow vulnerabilities. EnGarde Secure Linux (Mon Oct 07 2002 - 11:04:12 PDT)
Filters on url shortening services Andrew Hodgson (Mon Oct 07 2002 - 11:36:55 PDT)
[Full-Disclosure] [RHSA-2002:215-09] Updated fetchmail packages fix vulnerabilities bugzillaat_private (Mon Oct 07 2002 - 13:50:18 PDT)
Re: iDEFENSE Security Advisory 09.26.2002: Exploitable Buffer Overflow in gv juergen.daubert@t-online.de (Sun Oct 06 2002 - 22:30:12 PDT)
macromedia flash mx bypasses cookie settings jelmer (Mon Oct 07 2002 - 09:42:00 PDT)
NetBSD Security Advisory 2002-023: sendmail smrsh bypass vulnerability NetBSD Security Officer (Mon Oct 07 2002 - 22:29:38 PDT)
NetBSD Security Advisory 2002-015: (another) buffer overrun in libc/libresolv DNS resolver NetBSD Security Officer (Mon Oct 07 2002 - 22:26:04 PDT)
NetBSD Security Advisory 2002-022: buffer overrun in pic(1) NetBSD Security Officer (Mon Oct 07 2002 - 22:28:52 PDT)
[SECURITY] [DSA 172-1] New tkmail packages fix insecure temporary file creation Martin Schulze (Tue Oct 08 2002 - 06:58:51 PDT)
SSGbook (ASP) Frog Man (Tue Oct 08 2002 - 10:31:54 PDT)
[SECURITY] [DSA 169-1] New ht://Check packages fix cross site scripting problem Martin Schulze (Tue Oct 08 2002 - 12:58:37 PDT)
NetBSD Security Advisory 2002-021: rogue vulnerability NetBSD Security Officer (Mon Oct 07 2002 - 22:28:18 PDT)
Reset any user's password in VBZoom forums hish _ hish (Tue Oct 08 2002 - 12:41:07 PDT)
[ESA-20021007-024] apache: potential DoS, cross-site scripting, and buffer overflow vulnerabilities. EnGarde Secure Linux (Mon Oct 07 2002 - 11:04:12 PDT)
[SECURITY] [DSA 171-1] New fetchmail packages fix buffer overflows Martin Schulze (Tue Oct 08 2002 - 12:58:41 PDT)
NetBSD Security Advisory 2002-019: Buffer overrun in talkd NetBSD Security Officer (Mon Oct 07 2002 - 22:27:40 PDT)
Multiple Vendor PC firewall remote denial of services Vulnerability Yiming Gong (Mon Oct 07 2002 - 19:16:06 PDT)
CERT Advisory CA-2002-28 Trojan Horse Sendmail Distribution (fwd) Dave Ahmad (Tue Oct 08 2002 - 16:15:04 PDT)
[security bulletin] SSRT2208 - HP Tru64 UNIX /usr/sbin/routed Potential Security Vulnerability (fwd) Dave Ahmad (Wed Oct 09 2002 - 07:54:10 PDT)
CSS on Microsoft Content Management Server overclocking_a_la_abuelaat_private (Mon Oct 07 2002 - 16:45:41 PDT)
Flood ACK packets cause an IBM SecureWay FireWall DoS Mauro Flores (Wed Oct 09 2002 - 06:42:34 PDT)
CfP: 19C3 Chaos Communication Congress 2002 Pluto (Wed Oct 09 2002 - 09:43:46 PDT)
new vulnerability inPowerFTP Personal FTP Server securma massine (Wed Oct 09 2002 - 10:22:59 PDT)
phpBB2 Showing users ip adresses Priamus (Wed Oct 09 2002 - 05:52:18 PDT)
- Re: phpBB2 Showing users ip adresses Gerben Wijnja (Thu Oct 10 2002 - 07:43:53 PDT)
- Re: phpBB2 Showing users ip adresses nick84at_private (Sat Oct 12 2002 - 15:04:45 PDT)
upload malicious file in VBZooM forums hish _ hish (Wed Oct 09 2002 - 08:21:09 PDT)
- Re: upload malicious file in VBZooM forums M. Zeeshan Mustafa (Wed Oct 09 2002 - 12:34:22 PDT)
Flood ACK packets cause AIX DoS Mauro Flores (Wed Oct 09 2002 - 06:43:45 PDT)
- Re: Flood ACK packets cause AIX DoS Doug Brenner (Wed Oct 09 2002 - 10:58:41 PDT)
[SECURITY] [DSA 173-1] New bugzilla packages fix privilege escalation Martin Schulze (Wed Oct 09 2002 - 07:35:13 PDT)
Thor Larholm security advisory TL#004 Thor Larholm (Wed Oct 09 2002 - 11:35:45 PDT)
Re: CERT Advisory CA-2002-28 Trojan Horse Sendmail Kim Scarborough (Wed Oct 09 2002 - 09:46:57 PDT)
[security bulletin] SSRT2339 (ypxfrd) and SSRT2368 (ypserv) HP Tru64 UNIX Potential Security Vulnerability (fwd) Dave Ahmad (Wed Oct 09 2002 - 13:25:06 PDT)
Four Vulnerabilities in SurfControl's SuperScout Email Filter Administrative Server 'ken'@FTU (Tue Oct 08 2002 - 18:54:50 PDT)
MDKSA-2002:064 - kdelibs update Mandrake Linux Security Team (Wed Oct 09 2002 - 11:07:32 PDT)
XSS in Authoria HR Suite Max (Wed Oct 09 2002 - 14:31:08 PDT)
[Full-Disclosure] Multiple XSS vulnerabilites in PHPNuke Bruno Morisson (Thu Oct 10 2002 - 06:16:46 PDT)
Multiple vendor ypxfrd map handling vulnerability Janusz Niewiadomski (Thu Oct 10 2002 - 09:39:26 PDT)
XSS bug in php(Reactor) Arab VieruZ (Thu Oct 10 2002 - 05:43:11 PDT)
phpBBmod contains an open phpinfo Roland Verlander (Thu Oct 10 2002 - 01:19:04 PDT)
TCP flood against NetGear FM114P Marc Ruef (Thu Oct 10 2002 - 11:03:22 PDT)
- Re: TCP flood against NetGear FM114P Stephen Samuel (Thu Oct 10 2002 - 11:41:05 PDT)
nylon 0.2 (0.3?) DoS 3APA3A (Thu Oct 10 2002 - 06:58:55 PDT)
MondoSearch show the source of all files thefastkid (Thu Oct 10 2002 - 11:09:35 PDT)
- Re: MondoSearch show the source of all files Orp 664 (Sat Oct 19 2002 - 01:10:44 PDT)
Multiple vulnerabilities in phpRank Jedi/Sector One (Thu Oct 10 2002 - 11:15:00 PDT)
syslog-ng buffer overflow Holtzl Peter (Thu Oct 10 2002 - 05:44:00 PDT)
XSS bug in Zorum 2.4 Arab VieruZ (Thu Oct 10 2002 - 10:46:58 PDT)
R7-0004: Multiple Vendor Long ZIP Entry Filename Processing bugtraq-return-6791at_private (Thu Oct 10 2002 - 12:24:43 PDT)
Plain text DDNS password in NetGear FM114P backups Marc Ruef (Thu Oct 10 2002 - 10:47:17 PDT)
Re: Multiple Vendor PC firewall remote denial of services Vulnerability Sym Security (Thu Oct 10 2002 - 12:33:01 PDT)
[VulnWatch] Multiple vendor ypxfrd map handling vulnerability Janusz Niewiadomski (Thu Oct 10 2002 - 09:39:26 PDT)
[Full-Disclosure] [RHSA-2002:204-10] Updated squirrelmail packages close cross-site scripting vulnerabilities bugzillaat_private (Fri Oct 11 2002 - 01:35:21 PDT)
[Full-Disclosure] [RHSA-2002:207-14] Updated packages fix PostScript and PDF security issue bugzillaat_private (Thu Oct 10 2002 - 13:20:03 PDT)
[Full-Disclosure] Security Update: [CSSA-2002-SCO.40] OpenServer 5.0.5 OpenServer 5.0.6 : ypxfrd remote file access vulnerability securityat_private (Thu Oct 10 2002 - 15:53:04 PDT)
Security Update: [CSSA-2002-SCO.40] OpenServer 5.0.5 OpenServer 5.0.6 : ypxfrd remote file access vulnerability securityat_private (Thu Oct 10 2002 - 15:53:04 PDT)
XSS bug in PHPNuke 6.0 Arab VieruZ (Thu Oct 10 2002 - 15:19:41 PDT)
prover of concept code of windows help overflow buzheng (Thu Oct 10 2002 - 12:14:02 PDT)
OpenOffice 1.0.1 Race condition during installation. Larry W. Cashdollar (Fri Oct 11 2002 - 06:51:22 PDT)
[VulnWatch] Apache Tomcat 3.x and 4.0.x: Remote denial-of-service vulnerability Olaf Schulz (Fri Oct 11 2002 - 04:36:55 PDT)
Outlook Express Remote Code Execution in Preview Pane (S/MIME) Aviram Jenik (Thu Oct 10 2002 - 15:09:25 PDT)
KDE Security Advisory: KGhostview Arbitary Code Execution Dirk Mueller (Wed Oct 09 2002 - 14:50:31 PDT)
KDE Security Advisory: kpf Directory traversal Dirk Mueller (Wed Oct 09 2002 - 14:51:15 PDT)
[SNS Advisory No.56] TSAC Web package/IIS 5.1 connect.asp Cross-site Scripting Vulnerability snsadvat_private (Thu Oct 10 2002 - 22:11:24 PDT)
Multiple firewalls ruleset bypass through FTP. Again. (CERT VU#328867) Mikael Olsson (Tue Oct 08 2002 - 12:21:02 PDT)
[Full-Disclosure] Security Update: [CSSA-2002-SCO.39] OpenServer 5.0.5 OpenServer 5.0.6 : Buffer Overflow in Multiple DNS Resolver Libraries securityat_private (Fri Oct 11 2002 - 16:08:15 PDT)
[Full-Disclosure] How to reproduce the IIS Host Header DOS Joe Testa (Fri Oct 11 2002 - 16:26:51 PDT)
- Re: [Full-Disclosure] How to reproduce the IIS Host Header DOS Full Disclosure (Sat Oct 12 2002 - 12:55:51 PDT)
Security hole in kpf - KDE personal fileserver. Ajay R Ramjatan (Fri Oct 11 2002 - 03:22:19 PDT)
[SecurityOffice] Webserver 4D v3.6 Weak Password Preservation Vulnerability Tamer Sahin (Wed Oct 09 2002 - 13:42:02 PDT)
Security Update: [CSSA-2002-SCO.39] OpenServer 5.0.5 OpenServer 5.0.6 : Buffer Overflow in Multiple DNS Resolver Libraries securityat_private (Fri Oct 11 2002 - 16:08:15 PDT)
Multiple XSS vulnerabilites in PHPNuke Bruno Morisson (Thu Oct 10 2002 - 06:16:46 PDT)
Long URL crashes My Web Server 1.0.2 Marc Ruef (Fri Oct 11 2002 - 22:49:52 PDT)
R7-0006: Oracle 8i/9i Listener SERVICE_CURLOAD Denial of Service Rapid 7 Security Advisories (Wed Oct 09 2002 - 12:07:50 PDT)
[VulnWatch] PHP Information Functions May Allow Cross-Site Scripting Matthew Murphy (Sat Oct 12 2002 - 22:34:13 PDT)
"Camera/Shy the Steganographical Browser" ttudiaat_private (Mon Oct 14 2002 - 06:01:27 PDT)
- RE: "Camera/Shy the Steganographical Browser" the Pull (Tue Oct 15 2002 - 14:05:45 PDT)
CALL FOR PAPERS - SANTA DIED LAST YEAR staff (Mon Oct 14 2002 - 00:54:19 PDT)
Input requested for second edition of "Firewalls and Internet Security" Steve Bellovin (Mon Oct 14 2002 - 09:08:03 PDT)
GLSA: nss_ldap Daniel Ahlberg (Sun Oct 13 2002 - 05:43:50 PDT)
GLSA: heimdal Daniel Ahlberg (Mon Oct 14 2002 - 08:28:55 PDT)
GLSA: net-snmp Daniel Ahlberg (Mon Oct 14 2002 - 01:04:02 PDT)
ECHU Alert #3 : Meunity 1.1 script injection vulnerability dasat_private (Mon Oct 14 2002 - 12:54:15 PDT)
Researcher seeking 'phage' and other security mailing list archives Curator at Security Digest Archive (Sun Oct 13 2002 - 05:48:30 PDT)
Directory traversal in Daniel Arenz' Mini Server Marc Ruef (Sun Oct 13 2002 - 01:29:53 PDT)
[SECURITY] [DSA 174-1] New heartbeat packages fix buffer overflows Martin Schulze (Mon Oct 14 2002 - 06:24:54 PDT)
GLSA: sendmail Daniel Ahlberg (Sun Oct 13 2002 - 07:48:21 PDT)
Pyramid Research Project - ghttpd security advisorie pyramid-rpat_private (Sat Oct 12 2002 - 17:02:31 PDT)
J2EE EJB privacy leak and DOS. Sylvia (Sun Oct 13 2002 - 22:42:53 PDT)
- RE: J2EE EJB privacy leak and DOS. Alan Rouse (Tue Oct 15 2002 - 08:36:45 PDT)
  - Re: J2EE EJB privacy leak and DOS. Ari Gordon-Schlosberg (Tue Oct 15 2002 - 17:27:28 PDT)
- RE: J2EE EJB privacy leak and DOS. Sylvia Else (Fri Oct 18 2002 - 02:57:21 PDT)
Pyramid Research Project - atphttpd security advisorie pyramid-rpat_private (Sat Oct 12 2002 - 17:00:21 PDT)
SuSE Security Announcement: Heartbeat (SuSE-SA:2002:037) Olaf Kirch (Mon Oct 14 2002 - 09:15:29 PDT)
Multiple Symantec Firewall Secure Webserver timeout DoS AI-SEC Security Advisories (Mon Oct 14 2002 - 12:06:48 PDT)
- Re: Multiple Symantec Firewall Secure Webserver timeout DoS Sym Security (Tue Oct 15 2002 - 07:27:47 PDT)
Symantec Enterprise Firewall Secure Webserver info leak AI-SEC Security Advisories (Mon Oct 14 2002 - 12:10:06 PDT)
- Re: Symantec Enterprise Firewall Secure Webserver info leak Sym Security (Tue Oct 15 2002 - 07:30:31 PDT)
Security vulnerabilities in Polycom ViaVideo Web component advisoryat_private (Sun Oct 13 2002 - 12:27:54 PDT)
Long URL causes TelCondex SimpleWebServer to crash Marc Ruef (Sun Oct 13 2002 - 06:00:18 PDT)
Coolsoft PowerFTP <= v2.24 Denial of Service (Linux Source) a b (Sat Oct 12 2002 - 00:20:55 PDT)
GLSA: apache Daniel Ahlberg (Tue Oct 15 2002 - 01:26:10 PDT)
[Full-Disclosure] [RHSA-2002:196-09] Updated xinetd packages fix denial of service vulnerability bugzillaat_private (Tue Oct 15 2002 - 10:09:54 PDT)
Internet Explorer : The D-Day GreyMagic Software (Tue Oct 15 2002 - 08:19:20 PDT)
GLSA: tomcat Daniel Ahlberg (Tue Oct 15 2002 - 01:14:43 PDT)
securitybugware new network tool Jitsu-Disk (Tue Oct 15 2002 - 02:58:43 PDT)
MDKSA-2002:065 - unzip update Mandrake Linux Security Team (Thu Oct 10 2002 - 15:05:27 PDT)
Ingenium Admin Password Vulnerability Brian Enigma (Mon Oct 14 2002 - 17:14:49 PDT)
TheServer log file access password in cleartext w/vendor resolution. Larry W. Cashdollar (Mon Oct 14 2002 - 11:50:02 PDT)
A full event log does not send administrative alerts Eitan Caspi (Fri Oct 11 2002 - 12:34:42 PDT)
Who Need Friends ? IE & MSN expose contact list & other info drorshalevat_private (Tue Oct 15 2002 - 06:04:43 PDT)
- RE: Who Need Friends ? IE & MSN expose contact list & other info Thor Larholm (Wed Oct 16 2002 - 00:00:34 PDT)
Undocumented account vulnerability in Avaya P550R/P580/P880/P882 switches Jacek Lipkowski (Tue Oct 15 2002 - 07:10:26 PDT)
- Re: Undocumented account vulnerability in Avaya P550R/P580/P880/P882 switches Mike Scher (Wed Oct 16 2002 - 16:20:36 PDT)
[SECURITY] [DSA 175-1] New syslog-ng packages fix buffer overflow Martin Schulze (Tue Oct 15 2002 - 06:36:00 PDT)
iDEFENSE Security Advisory 10.15.02: DoS and Directory Traversal Vulnerabilities in WebServer 4 Everyone David Endler (Tue Oct 15 2002 - 10:12:35 PDT)
CoolForum v 0.5 beta shows content of PHP files scrap (Sat Oct 12 2002 - 06:29:48 PDT)
- Re: CoolForum v 0.5 beta shows content of PHP files David Woods (Tue Oct 15 2002 - 20:04:23 PDT)
MDKSA-2002:066 - tar update Mandrake Linux Security Team (Thu Oct 10 2002 - 15:10:38 PDT)
Openwall GNU/*/Linux (Owl) 1.0 release Solar Designer (Tue Oct 15 2002 - 22:19:25 PDT)
iDEFENSE Security Advisory 10.16.02: Denial of Service in Sabre Desktop Reservation Client for Windows David Endler (Wed Oct 16 2002 - 07:10:06 PDT)
NSSI-2002-zonealarm3: ZoneAlarm Pro Denial of Service Vulnerability Abraham Lincoln (Wed Oct 16 2002 - 07:46:39 PDT)
- Re: NSSI-2002-zonealarm3: ZoneAlarm Pro Denial of Service Vulnerability Te Smith (Wed Oct 16 2002 - 18:45:03 PDT)
Designing Shellcode Demystified Murat Balaban (Tue Oct 15 2002 - 22:23:48 PDT)
- Designing Shellcode Demystified Murat Balaban (Tue Oct 15 2002 - 22:23:48 PDT)
Linux Security Protection System Bosko Radivojevic (Wed Oct 16 2002 - 09:37:13 PDT)
Cisco Security Advisory: Cisco CatOS Embedded HTTP Server Buffer Overflow Cisco Systems Product Security Incident Response Team (Wed Oct 16 2002 - 17:00:00 PDT)
phptonuke allows Remote File Retrieving Zero-X ScriptKiddy (Wed Oct 16 2002 - 14:50:10 PDT)
- Re: phptonuke allows Remote File Retrieving BlueRaven (Thu Oct 17 2002 - 00:35:52 PDT)
[SECURITY] [DSA 176-1] New gv packages fix buffer overflow Martin Schulze (Wed Oct 16 2002 - 07:59:28 PDT)
[CLA-2002:533] Conectiva Linux Security Announcement - XFree86 secureat_private (Wed Oct 16 2002 - 15:01:02 PDT)
[CLA-2002:531] Conectiva Linux Security Announcement - fetchmail secureat_private (Wed Oct 16 2002 - 08:05:57 PDT)
Apache 1.3.26 David Wagner (Wed Oct 16 2002 - 15:32:26 PDT)
MSN Moster Strike Back ?! drorshalevat_private (Tue Oct 15 2002 - 18:48:53 PDT)
[CLA-2002:532] Conectiva Linux Security Announcement - sendmail secureat_private (Wed Oct 16 2002 - 10:51:10 PDT)
[Full-Disclosure] [RHSA-2002:205-15] New kernel fixes local security issues bugzillaat_private (Thu Oct 17 2002 - 03:09:55 PDT)
[Full-Disclosure] [RHSA-2002:206-12] New kernel fixes local security issues bugzillaat_private (Thu Oct 17 2002 - 03:11:15 PDT)
[Full-Disclosure] [RHSA-2002:210-06] New kernel 2.2 packages fix local vulnerabilities bugzillaat_private (Thu Oct 17 2002 - 03:11:20 PDT)
[Full-Disclosure] [ESA-20021016-025] syslog-ng buffer overflow in macro handling code EnGarde Secure Linux (Thu Oct 17 2002 - 05:44:09 PDT)
[VulnWatch] Microsoft SQL Server Webtasks privilege upgrade (#NISR17102002) David Litchfield (Thu Oct 17 2002 - 06:23:54 PDT)
New buffer overflow in plaetDNS securma massine (Thu Oct 17 2002 - 10:46:53 PDT)
NFS Denial of Service advisory from Sun m g (Thu Oct 17 2002 - 05:21:50 PDT)
[SECURITY] [DSA 178-1] New Heimdal packages fix remote command execution Martin Schulze (Thu Oct 17 2002 - 07:06:36 PDT)
Re: Linux Kernel Exploits / ABFrag h2g.sec.listat_private (Thu Oct 17 2002 - 07:06:36 PDT)
- Re: Linux Kernel Exploits / ABFrag huang po (Thu Oct 17 2002 - 13:55:32 PDT)
- Re: Linux Kernel Exploits / ABFrag Muhammad Faisal Rauf Danka (Fri Oct 18 2002 - 23:04:33 PDT)
GLSA: ggv Daniel Ahlberg (Thu Oct 17 2002 - 01:30:09 PDT)
[SECURITY] [DSA 177-1] New PAM packages fix serious security violation in Debian/unstable Martin Schulze (Thu Oct 17 2002 - 10:44:29 PDT)
- Re: [SECURITY] [DSA 177-1] New PAM packages fix serious security violation in Debian/unstable Samuele Giovanni Tonon (Thu Oct 17 2002 - 14:53:41 PDT)
Microsoft SQL Server Webtasks privilege upgrade (#NISR17102002) David Litchfield (Thu Oct 17 2002 - 06:23:54 PDT)
PGP Corporation Beta License Agreement er t (Wed Oct 16 2002 - 21:32:52 PDT)
- Re: PGP Corporation Beta License Agreement Juraj Bednar (Thu Oct 17 2002 - 14:20:48 PDT)
- Re: PGP Corporation Beta License Agreement Jon Callas (Thu Oct 17 2002 - 23:18:53 PDT)
TSLSA-2002-0068-kernel Trustix Secure Linux Advisor (Thu Oct 17 2002 - 04:16:15 PDT)
Solution: Kill a Unisys Clearpath with nmap port scan Michael.Kainat_private (Thu Oct 17 2002 - 13:40:51 PDT)
TSLSA-2002-0069-apache Trustix Secure Linux Advisor (Thu Oct 17 2002 - 04:16:46 PDT)
[Full-Disclosure] [RHSA-2002:192-13] Updated Mozilla packages fix security vulnerabilities bugzillaat_private (Fri Oct 18 2002 - 02:18:19 PDT)
[VulnWatch] SCAN Associates Advisory: Molly 0.5 - Remote Command Execution guejez (Fri Oct 18 2002 - 04:42:10 PDT)
[VulnWatch] SCAN Associates Advisory: madhater perlbot 1.0 beta - Remote Command Execution guejez (Fri Oct 18 2002 - 04:42:17 PDT)
New Vulnerability on YaBB 1.4.0 and YaBB 1.4.1 forums Nir Adar (Fri Oct 18 2002 - 09:58:34 PDT)
New buffer overflow in PlanetDNS securma massine (Fri Oct 18 2002 - 10:03:39 PDT)
Microsoft Windows Media Player for Sparc/Solaris vulnerability Samuel Tardieu (Fri Oct 18 2002 - 09:43:13 PDT)
[Immunity, Inc.]Vulnerability: RPC Service DoS (port 135/tcp) on Windows 2000 SP3 Dave Aitel (Fri Oct 18 2002 - 11:18:47 PDT)
KaZaA David Krum (Fri Oct 18 2002 - 09:33:31 PDT)
- RE: KaZaA Christopher Wagner (Fri Oct 18 2002 - 10:44:03 PDT)
- RE: KaZaA Brenna Primrose (Fri Oct 18 2002 - 10:44:33 PDT)
- Re: KaZaA Alex Lambert (Fri Oct 18 2002 - 13:55:57 PDT)
- Re: KaZaA eD\\/ARd0 F/\\KEn^M3 (Fri Oct 18 2002 - 17:39:16 PDT)
[VulnWatch] [Immunity, Inc.]Vulnerability: RPC Service DoS (port 135/tcp) on Windows 2000 SP3 Dave Aitel (Fri Oct 18 2002 - 11:18:47 PDT)
interSEC security advisory - Multiple bugs in Web602 web server Jan Kachlik (Thu Oct 17 2002 - 23:29:30 PDT)
Ambiguities in TCP/IP - firewall bypassing Paul Starzetz (Fri Oct 18 2002 - 07:46:55 PDT)
- Re: Ambiguities in TCP/IP - firewall bypassing Alan DeKok (Fri Oct 18 2002 - 14:06:23 PDT)
  - Re: Ambiguities in TCP/IP - firewall bypassing Luis Bruno (Fri Oct 18 2002 - 23:04:27 PDT)
- RE: Ambiguities in TCP/IP - firewall bypassing John Fitzgerald (Sat Oct 19 2002 - 04:42:07 PDT)
- Re: Ambiguities in TCP/IP - firewall bypassing David Wagner (Fri Oct 18 2002 - 17:18:50 PDT)
- Re: Ambiguities in TCP/IP - firewall bypassing Aaron Hopkins (Sat Oct 19 2002 - 01:24:39 PDT)
- Re: Ambiguities in TCP/IP - firewall bypassing Lyndon Nerenberg (Sun Oct 20 2002 - 12:03:25 PDT)
- RE: Ambiguities in TCP/IP - firewall bypassing Ofir Arkin (Mon Oct 21 2002 - 05:17:52 PDT)
[SECURITY] [DSA 179-1] New gnome-gv packages fix buffer overflow Martin Schulze (Fri Oct 18 2002 - 07:00:26 PDT)
GLSA: tetex Daniel Ahlberg (Fri Oct 18 2002 - 14:56:38 PDT)
[Full-Disclosure] [Immunity, Inc.]Vulnerability: RPC Service DoS (port 135/tcp) on Windows 2000 SP3 Dave Aitel (Fri Oct 18 2002 - 11:18:47 PDT)
vBulletin XSS Security Bug Sp.IC (Fri Oct 18 2002 - 05:08:55 PDT)
- RE: vBulletin XSS Security Bug Alex Yu (Mon Oct 21 2002 - 10:42:21 PDT)
Chrooting Daemons and System Processes HOWTO Jonathan A. Zdziarski (Thu Oct 17 2002 - 16:57:49 PDT)
[security bulletin] SSRT0818U HP Tru64 UNIX V5.1A zlib Potential Security Vulnerability (fwd) Dave Ahmad (Fri Oct 18 2002 - 13:04:32 PDT)
Full zone information disclosure on top level domain name servers Max (Fri Oct 18 2002 - 14:28:23 PDT)
- Re: Full zone information disclosure on top level domain name servers M�ns Nilsson (Sat Oct 19 2002 - 00:27:05 PDT)
Re: 3Com TelnetD COMPLETE CODE bladeblaat_private (Sat Oct 19 2002 - 04:48:19 PDT)
GLSA: groff Daniel Ahlberg (Sat Oct 19 2002 - 12:53:20 PDT)
[Full-Disclosure] NOCC: XSS Ulf Harnhammar (Sun Oct 20 2002 - 10:22:18 PDT)
- [Full-Disclosure] Re: [VulnWatch] NOCC: XSS ppp-design (Sun Oct 20 2002 - 12:56:38 PDT)
  - [Full-Disclosure] Re: [VulnWatch] NOCC: XSS Ulf Harnhammar (Sun Oct 20 2002 - 13:07:34 PDT)
[VulnWatch] NOCC: XSS Ulf Harnhammar (Sun Oct 20 2002 - 10:22:18 PDT)
[Full-Disclosure] Reproducing the MS DCE-RPC DOS. Joe Testa (Sun Oct 20 2002 - 14:44:15 PDT)
[SECURITY] [DSA 180-1] New NIS packages fix information leak Martin Schulze (Mon Oct 21 2002 - 07:45:36 PDT)
AN HTTPD SOCKS4 username Buffer Overflow Vulnerability Kanatoko (Sun Oct 20 2002 - 09:38:15 PDT)
MSIE:"SaveRef" cracks "(VictimWindow).document.write" Liu Die Yu (Mon Oct 21 2002 - 07:16:36 PDT)
- Re: MSIE:"SaveRef" cracks "(VictimWindow).document.write" jelmer (Mon Oct 21 2002 - 09:42:53 PDT)
- Re: MSIE:"SaveRef" cracks "(VictimWindow).document.write" jelmer (Mon Oct 21 2002 - 09:38:22 PDT)
NOCC: XSS Ulf Harnhammar (Sun Oct 20 2002 - 10:22:18 PDT)
SuSE Security Announcement: postgresql (SuSE-SA:2002:038) Thomas Biege (Mon Oct 21 2002 - 08:56:46 PDT)
XSS vulnerabilites in Pafiledb ersatzat_private (Sun Oct 20 2002 - 16:41:24 PDT)
Reproducing the MS DCE-RPC DOS. Joe Testa (Sun Oct 20 2002 - 14:44:15 PDT)
fragrouter trojan mattat_private (Mon Oct 21 2002 - 06:31:21 PDT)
LinuxSecurity Brasil Magazine Online - Second Edition Renato Murilo Langona (Sun Oct 20 2002 - 18:29:21 PDT)
[Full-Disclosure] Security Update: [CSSA-2002-SCO.41] UnixWare 7.1.1 Open UNIX 8.0.0 : rcp of /proc causes denial-of-service securityat_private (Mon Oct 21 2002 - 15:04:29 PDT)
Security Update: [CSSA-2002-SCO.41] UnixWare 7.1.1 Open UNIX 8.0.0 : rcp of /proc causes denial-of-service securityat_private (Mon Oct 21 2002 - 15:04:29 PDT)
D-Link Access Point DWL-900AP+ TFTP Vulnerability securityat_private (Mon Oct 21 2002 - 06:09:42 PDT)
[Full-Disclosure] [ESA-20021022-026] local kernel vulnerabilities EnGarde Secure Linux (Tue Oct 22 2002 - 05:54:13 PDT)
Sniffing Administrator's Password in Symantec Firewall/VPN Appliance V. 200R Juan de la Fuente Costa (Tue Oct 22 2002 - 02:16:58 PDT)
[SECURITY] [DSA 181-1] New mod_ssl packages fix cross site scripting Martin Schulze (Tue Oct 22 2002 - 07:48:37 PDT)
Vulnerable cached objects in IE (9 advisories in 1) GreyMagic Software (Tue Oct 22 2002 - 08:24:00 PDT)
- Re: Vulnerable cached objects in IE (9 advisories in 1) jelmer (Tue Oct 22 2002 - 10:14:16 PDT)
  - RE: Vulnerable cached objects in IE (9 advisories in 1) GreyMagic Software (Wed Oct 23 2002 - 02:02:52 PDT)
- RE: Vulnerable cached objects in IE (9 advisories in 1) Thor Larholm (Wed Oct 23 2002 - 02:13:57 PDT)
Windows 2000 SNMP DoS Chris Anley (Tue Oct 22 2002 - 10:22:56 PDT)
AIM 4.8.2790 remote file execution vulnerability Blud Clot (Mon Oct 21 2002 - 15:10:52 PDT)
Call For Papers Announcement: Black Hat Windows Security Jeff Moss (Mon Oct 21 2002 - 21:32:13 PDT)
MS WIN RPC DoS CODE FROM SPIKE v2.7 lion (Tue Oct 22 2002 - 11:25:22 PDT)
NetBSD Security Advisory 2002-026: Buffer overflow in kadmind daemon NetBSD Security Officer (Mon Oct 21 2002 - 16:32:00 PDT)
Virgil CGI Scanner Vulnerability kalifat_private (Tue Oct 22 2002 - 11:54:12 PDT)
NetBSD Security Advisory 2002-016: Insufficient length check in ESP authentication data NetBSD Security Officer (Mon Oct 21 2002 - 17:39:18 PDT)
[ESA-20021022-026] local kernel vulnerabilities EnGarde Secure Linux (Tue Oct 22 2002 - 05:54:13 PDT)
FlashFXP 1.4 Local Password Disclosure Vulnerability Blud Clot (Tue Oct 22 2002 - 14:24:48 PDT)
gBook Frog Man (Tue Oct 22 2002 - 13:28:49 PDT)
Re: Sniffing Administrator's Password in Symantec Firewall/VPN Appliance V. 200R Sym Security (Tue Oct 22 2002 - 12:51:06 PDT)
phpnewsDev Frog Man (Tue Oct 22 2002 - 13:17:47 PDT)
MDKSA-2002:069 - gv update Mandrake Linux Security Team (Mon Oct 21 2002 - 15:45:03 PDT)
[OpenPKG-SA-2002.010] OpenPKG Security Advisory (apache) OpenPKG (Wed Oct 23 2002 - 05:27:48 PDT)
[SecurityOffice] Web Server 4 Everyone v1.28 Host Field Denial of Service Vulnerability Tamer Sahin (Wed Oct 23 2002 - 02:10:40 PDT)
does Xandros have anyone answering the security phone? Eric L. Howard (Wed Oct 23 2002 - 08:51:46 PDT)
MDKSA-2002:070 - tetex update Mandrake Linux Security Team (Wed Oct 23 2002 - 08:38:31 PDT)
[Full-Disclosure] Security Update: [CSSA-2002-036.0] Linux: remote buffer overflow in webalizer reverse lookup code securityat_private (Wed Oct 23 2002 - 10:42:41 PDT)
Security Update: [CSSA-2002-036.0] Linux: remote buffer overflow in webalizer reverse lookup code securityat_private (Wed Oct 23 2002 - 10:42:41 PDT)
R7-0008: IBM WebSphere Edge Server Caching Proxy Cross-Site Scripting Issues Rapid 7 Security Advisories (Wed Oct 23 2002 - 14:51:52 PDT)
R7-0007: IBM WebSphere Edge Server Caching Proxy Denial of Service Rapid 7 Security Advisories (Wed Oct 23 2002 - 14:51:52 PDT)
[Full-Disclosure] [RHSA-2002:223-07] Updated ypserv packages fixes memory leak bugzillaat_private (Thu Oct 24 2002 - 05:14:15 PDT)
[VulnWatch] TFTP Server DoS D4rkGr3y (Thu Oct 24 2002 - 09:14:03 PDT)
TFTP Server DoS D4rkGr3y (Thu Oct 24 2002 - 09:14:03 PDT)
Router DSL Dlink Linux (Wed Oct 23 2002 - 14:50:22 PDT)
- Re: Router DSL Dlink Markus Garscha (Thu Oct 24 2002 - 11:28:47 PDT)
GLSA: xfree Daniel Ahlberg (Thu Oct 24 2002 - 02:58:13 PDT)
DH team: Norton Antivirus Corporate Edition Privilege Escalation 3APA3A (Thu Oct 24 2002 - 03:39:59 PDT)
NetBSD Security Advisory 2002-025: trek(6) buffer overrun NetBSD Security Officer (Thu Oct 24 2002 - 02:42:06 PDT)
Multiple issues in internet explorer/outlook John C. Hennessy (Wed Oct 23 2002 - 20:31:08 PDT)
[Full-Disclosure] Security Update: [CSSA-2002-037.0] Linux: various packet handling vunerabilities in ethereal securityat_private (Thu Oct 24 2002 - 13:35:56 PDT)
Security Update: [CSSA-2002-037.0] Linux: various packet handling vunerabilities in ethereal securityat_private (Thu Oct 24 2002 - 13:35:56 PDT)
XSS vulnerability in Mojo Mail Sign-Up Form Daniel Boland (Thu Oct 24 2002 - 05:57:02 PDT)
vpopmail CGIapps vpasswd vulnerabilities Ignacio Vazquez (Thu Oct 24 2002 - 07:26:33 PDT)
- Re: vpopmail CGIapps vpasswd vulnerabilities Jeremy C. Reed (Thu Oct 24 2002 - 10:41:48 PDT)
GLSA: zope Daniel Ahlberg (Thu Oct 24 2002 - 08:12:09 PDT)
vpopmail CGIapps vadddomain multiple vulnerabilities Ignacio Vazquez (Thu Oct 24 2002 - 07:27:36 PDT)
Reminder: Call for Papers IWIA 2003 Ends Soon Stephen D. B. Wolthusen (Thu Oct 24 2002 - 12:06:29 PDT)
[SecurityOffice] Liteserve Web Server v2.0 Authorization Bypass Vulnerability Tamer Sahin (Thu Oct 24 2002 - 11:48:00 PDT)
[SecurityOffice] BRS WebWeaver Web Server v1.01 Protected File Access Vulnerability Tamer Sahin (Thu Oct 24 2002 - 11:49:27 PDT)
MDKSA-2002:071 - kdegraphics update Mandrake Linux Security Team (Thu Oct 24 2002 - 14:35:25 PDT)
[Full-Disclosure] Security Update: [CSSA-2002-038.0] Linux: inn format string and insecure open vulnerabilities securityat_private (Thu Oct 24 2002 - 17:42:26 PDT)
MDKSA-2002:072 - mod_ssl update Mandrake Linux Security Team (Thu Oct 24 2002 - 14:37:16 PDT)
iDEFENSE Security Advisory 10.24.02: Directory Traversal in SolarWinds TFTP Server David Endler (Thu Oct 24 2002 - 14:58:18 PDT)
[Full-Disclosure] Re: ABfrag followup / WITHOUT ATTACHMENT enigmatic-arcanumat_private (Thu Oct 24 2002 - 17:47:56 PDT)
[SecurityOffice] BadBlue Web Server v1.7 Protected File Access Vulnerability Tamer Sahin (Thu Oct 24 2002 - 11:46:06 PDT)
IBM Infoprint Remote Management Simple DoS Toni Lassila (Fri Oct 25 2002 - 02:19:23 PDT)
- Re: IBM Infoprint Remote Management Simple DoS Fredrik Bj�rk (Mon Oct 28 2002 - 04:19:41 PST)
Security Update: [CSSA-2002-038.0] Linux: inn format string and insecure open vulnerabilities securityat_private (Thu Oct 24 2002 - 17:42:26 PDT)
Sec-Tec advisory 24.10.02 Unauthorised file acces in Acuma's Acusend David Wray (Fri Oct 25 2002 - 07:49:03 PDT)
IPSwitch, Inc. WS_FTP Server dev-null@no-id.com (Fri Oct 25 2002 - 07:06:34 PDT)
- Re: IPSwitch, Inc. WS_FTP Server Alun Jones (Fri Oct 25 2002 - 10:38:29 PDT)
RE: DH team: Norton Antivirus Corporate Edition Privilege Escalation, http://online.securityfocus.com/archive/1/296979/2002-10-22/2002-10-28/0 Sym Security (Fri Oct 25 2002 - 09:50:15 PDT)
TCP/IP Printer Configuration Utility for Apple.LaserWriter 12/640 PS security problem UkR security team� (Fri Oct 25 2002 - 21:52:32 PDT)
GLSA: kth-krb Daniel Ahlberg (Sat Oct 26 2002 - 09:05:03 PDT)
MDaemon SMTP/POP/IMAP server DoS D4rkGr3y (Sun Oct 27 2002 - 08:49:45 PST)
- Re: MDaemon SMTP/POP/IMAP server DoS Karl Pietri (Tue Oct 29 2002 - 09:12:02 PST)
- Re: MDaemon SMTP/POP/IMAP server DoS Muhammad Faisal Rauf Danka (Mon Oct 28 2002 - 16:57:05 PST)
  - RE: MDaemon SMTP/POP/IMAP server DoS Basil Hussain (Wed Oct 30 2002 - 02:10:02 PST)
- RE: MDaemon SMTP/POP/IMAP server DoS Basil Hussain (Tue Oct 29 2002 - 02:26:51 PST)
  - RE: MDaemon SMTP/POP/IMAP server DoS Robert Feldbauer (Tue Oct 29 2002 - 08:30:46 PST)
Substitution of document signed under new American format ECDSA. Alexander Komlin (Mon Oct 28 2002 - 06:36:44 PST)
GLSA: mod_ssl Daniel Ahlberg (Sat Oct 26 2002 - 17:38:04 PDT)
[SNS Advisory No.57] AN HTTPD Cross-site Scripting Vulnerability snsadvat_private (Mon Oct 28 2002 - 00:40:23 PST)
Re: Buffer overflow in kadmind4 Chris Barnes (Sun Oct 27 2002 - 03:26:15 PST)
Oracle9iAS Web Cache Denial of Service (a102802-1) @stake advisories (Mon Oct 28 2002 - 11:05:57 PST)
Re: Privilege Escalation Vulnerability In phpBB 2.0.0 x x (Mon Oct 28 2002 - 11:34:02 PST)
CISCO as5350 crashes with nmap connect scan Thomas Munn (Mon Oct 28 2002 - 08:53:45 PST)
- Re: CISCO as5350 crashes with nmap connect scan Thomas Munn (Tue Oct 29 2002 - 11:55:10 PST)
- Re: CISCO as5350 crashes with nmap connect scan Thomas Munn (Tue Oct 29 2002 - 12:11:09 PST)
- Re: CISCO as5350 crashes with nmap connect scan Wendy Garvin (Tue Oct 29 2002 - 14:31:38 PST)
GLSA: ypserv Daniel Ahlberg (Mon Oct 28 2002 - 06:09:40 PST)
Privilege Escalation Vulnerability In phpBB 2.0.0 nick84at_private (Sun Oct 27 2002 - 15:09:04 PST)
[SECURITY] [DSA 182-1] New kghostview packages fix buffer overflow Martin Schulze (Mon Oct 28 2002 - 07:15:38 PST)
SCAN Associates Advisory : Multiple vurnerabilities on mailreader.com pokleyzz (Mon Oct 28 2002 - 01:48:04 PST)
dobermann FORUM (php) Frog Man (Sun Oct 27 2002 - 14:53:19 PST)
- RE: dobermann FORUM (php) Mark Stunnenberg (Tue Oct 29 2002 - 01:00:22 PST)
Security Update: [CSSA-2002-040.0] Linux: uudecode performs inadequate checks on user-specified output files securityat_private (Mon Oct 28 2002 - 12:27:08 PST)
[Full-Disclosure] Security Update: [CSSA-2002-041.0] Linux: pam_ldap format string vulnerability securityat_private (Mon Oct 28 2002 - 16:51:37 PST)
- [Full-Disclosure] Security Update: [CSSA-2002-041.0] Linux: pam_ldap format string vulnerability securityat_private (Mon Oct 28 2002 - 16:51:37 PST)
GLSA: krb5 Daniel Ahlberg (Mon Oct 28 2002 - 06:34:30 PST)
[Full-Disclosure] [ESA-20021029-027] mod_ssl cross-site scripting vulnerability. EnGarde Secure Linux (Tue Oct 29 2002 - 05:50:16 PST)
[Full-Disclosure] [ESA-20021029-028] syslog-ng: buffer overflow in macro handling code (UPDATED) EnGarde Secure Linux (Tue Oct 29 2002 - 05:50:41 PST)
- [Full-Disclosure] [ESA-20021029-028] syslog-ng: buffer overflow in macro handling code (UPDATED) EnGarde Secure Linux (Tue Oct 29 2002 - 05:50:41 PST)
[ESA-20021029-028] syslog-ng: buffer overflow in macro handling code (UPDATED) EnGarde Secure Linux (Tue Oct 29 2002 - 05:50:41 PST)
Further problems with Arescom NetDSL-800 MSN Firmware version 5.4.x and up Justin Cervero (Tue Oct 29 2002 - 06:16:46 PST)
Security Update: [CSSA-2002-041.0] Linux: pam_ldap format string vulnerability securityat_private (Mon Oct 28 2002 - 16:51:37 PST)
Security Update: [CSSA-2002-039.0] Linux: bzip2 file creation and symbolic link vulnerabilities securityat_private (Tue Oct 29 2002 - 12:18:14 PST)
[Full-Disclosure] Security Update: [CSSA-2002-039.0] Linux: bzip2 file creation and symbolic link vulnerabilities securityat_private (Tue Oct 29 2002 - 12:18:14 PST)
- [Full-Disclosure] Security Update: [CSSA-2002-039.0] Linux: bzip2 file creation and symbolic link vulnerabilities securityat_private (Tue Oct 29 2002 - 12:18:14 PST)
KRB5-SORCERER2002-10-27 Security Update ask33at_private (Sun Oct 27 2002 - 15:38:19 PST)
[ESA-20021029-027] mod_ssl cross-site scripting vulnerability. EnGarde Secure Linux (Tue Oct 29 2002 - 05:50:16 PST)
IP SmartSpoofing : How to bypass all IP filters relying on sourc e IP address Vincent Royer (Tue Oct 29 2002 - 11:21:34 PST)
Re: SUMMARY: Disabling Port 445 (SMB) Entirely dan hayden (Tue Oct 29 2002 - 06:18:04 PST)
Bypassing website filter in SonicWall Marc Ruef (Tue Oct 29 2002 - 11:36:24 PST)
- Re: Bypassing website filter in SonicWall Kurt Seifried (Tue Oct 29 2002 - 15:22:47 PST)
- RE: Bypassing website filter in SonicWall Brian J. Gaia (Wed Oct 30 2002 - 19:47:56 PST)
[SECURITY] [DSA 183-1] New krb5 packages fix buffer overflow Martin Schulze (Tue Oct 29 2002 - 10:55:20 PST)
MDKSA-2002:073 - krb5 update Mandrake Linux Security Team (Tue Oct 29 2002 - 14:03:05 PST)
Gimp: Erased sections of images print in some cases Clark Mills (Tue Oct 29 2002 - 14:08:45 PST)
- Re: Gimp: Erased sections of images print in some cases Earl Hood (Tue Oct 29 2002 - 21:10:35 PST)
- Re: Gimp: Erased sections of images print in some cases Clark Mills (Wed Oct 30 2002 - 14:09:38 PST)
[Full-Disclosure] sympatico.ca uses weak encryption on their billing server George Staikos (Tue Oct 29 2002 - 15:23:07 PST)
XXE (Xml eXternal Entity) attack Gregory Steuck (Tue Oct 29 2002 - 15:23:25 PST)
- Re: XXE (Xml eXternal Entity) attack Miles Sabin (Wed Oct 30 2002 - 01:15:54 PST)
[Full-Disclosure] Security Update: [CSSA-2002-043.0] Linux: chfn (util-linux) temp file race vulnerability securityat_private (Tue Oct 29 2002 - 17:25:32 PST)
- [Full-Disclosure] Security Update: [CSSA-2002-043.0] Linux: chfn (util-linux) temp file race vulnerability securityat_private (Tue Oct 29 2002 - 17:25:32 PST)
- [Full-Disclosure] Security Update: [CSSA-2002-043.0] Linux: chfn (util-linux) temp file race vulnerability securityat_private (Tue Oct 29 2002 - 17:25:32 PST)
GLSA: sharutils Daniel Ahlberg (Wed Oct 30 2002 - 06:09:20 PST)
[SECURITY] [DSA 184-1] New krb4 packages fix buffer overflow Martin Schulze (Wed Oct 30 2002 - 08:58:36 PST)
GLSA: pam_ldap Daniel Ahlberg (Wed Oct 30 2002 - 14:33:41 PST)
SuSE Security Announcement: syslog-ng (SuSE-SA:2002:039) Sebastian Krahmer (Thu Oct 31 2002 - 02:29:20 PST)
[SECURITY] [DSA 185-1] New heimdal packages fix buffer overflows Martin Schulze (Thu Oct 31 2002 - 07:10:24 PST)
SmartMail server DOS securma massine (Thu Oct 31 2002 - 09:26:03 PST)
SuSE Security Announcement: lprng/html2ps (SuSE-SA:2002:040) Sebastian Krahmer (Thu Oct 31 2002 - 03:06:55 PST)
Microsoft Internet Information Server 5/5.1 Denial of Service (#NISR31102002) NGSSoftware Insight Security Research (Thu Oct 31 2002 - 09:17:17 PST)
- Anyone know the security alert contact for 3com? Michael Scheidell (Thu Oct 31 2002 - 11:07:22 PST)
[VulnWatch] Microsoft Internet Information Server 5/5.1 Denial of Service (#NISR31102002) NGSSoftware Insight Security Research (Thu Oct 31 2002 - 09:17:17 PST)
Security Update: [CSSA-2002-043.0] Linux: chfn (util-linux) temp file race vulnerability securityat_private (Tue Oct 29 2002 - 17:25:32 PST)
MDKSA-2002:074 - mozilla update Mandrake Linux Security Team (Thu Oct 31 2002 - 15:11:02 PST)
Cisco Security Advisory: Cisco ONS15454 and Cisco ONS15327 Vulnerabilities Cisco Systems Product Security Incident Response Team (Thu Oct 31 2002 - 08:00:00 PST)
RE: IBM Infoprint Remote Management Simple DoS (update) Toni Lassila (Thu Oct 31 2002 - 02:16:17 PST)
Motorola Cable Modem DOS Ryan Sweat (Wed Oct 30 2002 - 12:02:27 PST)
- Re: Motorola Cable Modem DOS Sam Hayes Merritt, III (Thu Oct 31 2002 - 15:07:15 PST)
iDEFENSE Security Advisory 10.31.02b: Prometheus Application Framework Code Injection David Endler (Thu Oct 31 2002 - 18:14:32 PST)
iDEFENSE Security Advisory 10.31.02a: Denial of Service Vulnerability in Linksys BEFSR41 EtherFast Cable/DSL Router David Endler (Thu Oct 31 2002 - 18:09:10 PST)
iDEFENSE Security Advisory 10.31.02c: PHP-Nuke SQL Injection Vulnerability David Endler (Thu Oct 31 2002 - 18:26:21 PST)
M$ VPN hole reported AK (Thu Oct 31 2002 - 08:52:36 PST)
Re: IP SmartSpoofing : How to bypass all IP filters relying on source IP address Ossian Vitek (Thu Oct 31 2002 - 11:44:36 PST)
[CLA-2002:539] Conectiva Linux Security Announcement - ypserv secureat_private (Wed Oct 30 2002 - 06:07:09 PST)
[CLA-2002:541] Conectiva Linux Security Announcement - mod_ssl secureat_private (Wed Oct 30 2002 - 10:51:40 PST)
[CLA-2002:540] Conectiva Linux Security Announcement - heartbeat secureat_private (Wed Oct 30 2002 - 06:52:13 PST)
[CLA-2002:537] Conectiva Linux Security Announcement - tetex secureat_private (Tue Oct 29 2002 - 13:51:03 PST)
[CLA-2002:534] Conectiva Linux Security Announcement - krb5 secureat_private (Fri Oct 25 2002 - 15:39:22 PDT)
[CLA-2002:542] Conectiva Linux Security Announcement - gv/kghostview secureat_private (Thu Oct 31 2002 - 08:45:55 PST)
[CLA-2002:535] Conectiva Linux Security Announcement - glibc secureat_private (Tue Oct 29 2002 - 11:34:22 PST)
[CLA-2002:538] Conectiva Linux Security Announcement - tar/unzip secureat_private (Tue Oct 29 2002 - 14:12:14 PST)

Last message date: Tue Nov 12 2002 - 10:17:37 PST
Archived on: Tue Nov 12 2002 - 10:17:40 PST

454 messages sorted by: [ author ] [ date ] [ subject ]
Other mail archives

This archive was generated by hypermail 2b30 : Tue Nov 12 2002 - 10:17:40 PST

bugtraq 2002/10By Thread

bugtraq 2002/10
By Thread