bugtraq 2002/11
By Thread
Most recent messages
406 messages sorted by:
[ author ]
[ date ]
[ subject ]
Other mail archives
Starting: Fri Nov 01 2002 - 08:15:15 PST
Ending: Mon Dec 02 2002 - 10:19:16 PST
- [SECURITY] [DSA 186-1] New log2mail packages fix several vulnerabilities Martin Schulze (Fri Nov 01 2002 - 07:31:36 PST)
- RE: Motorola Cable Modem DOS Jeroen Kessenich (Fri Nov 01 2002 - 09:10:16 PST)
- Weak Password Encryption Scheme in Integrated Dialer Arjun Pednekar (Fri Nov 01 2002 - 11:34:21 PST)
- Re: iDEFENSE Security Advisory 10.31.02a: Denial of Service Vulnerability in Linksys BEFSR41 EtherFast Cable/DSL Router Alex Harasic (Fri Nov 01 2002 - 10:35:43 PST)
- Iomega NAS A300U security and inter-operability issues Keith R. Watson (Fri Nov 01 2002 - 10:58:15 PST)
- [VulnWatch] Netscreen SSH1 CRC32 Compensation Denial of service Erik Parker (Fri Nov 01 2002 - 10:30:39 PST)
- Mindwall Project Tamer Sahin (Fri Nov 01 2002 - 11:54:38 PST)
- [VulnWatch] (Correction) Netscreen SSH1 CRC32 Compensation Denial of service Erik Parker (Fri Nov 01 2002 - 10:58:45 PST)
- Bug in EventSave Frank Heyne (Fri Nov 01 2002 - 12:38:57 PST)
- Netscreen SSH1 CRC32 Compensation Denial of service Erik Parker (Fri Nov 01 2002 - 10:30:39 PST)
- iDEFENSE Security Advisory 11.01.02: Buffer Overflow Vulnerability in Abuse David Endler (Fri Nov 01 2002 - 11:36:52 PST)
- (Correction) Netscreen SSH1 CRC32 Compensation Denial of service Erik Parker (Fri Nov 01 2002 - 10:58:45 PST)
- ion-p.exe allows Remote File Retrieving Zero-X www.lobnan.de Team (Fri Nov 01 2002 - 09:31:16 PST)
- [VulnWatch] Weak Password Encryption Scheme in MS SQL Server K. K. Mookhey (Fri Nov 01 2002 - 23:38:33 PST)
- [Full-Disclosure] [VulnWatch] Weak Password Encryption Scheme in MS SQL Server K. K. Mookhey (Fri Nov 01 2002 - 23:38:33 PST)
- Weak Password Encryption Scheme in MS SQL Server K. K. Mookhey (Fri Nov 01 2002 - 23:38:33 PST)
- [SECURITY] [DSA 187-1] New Apache packages fix several vulnerabilities Martin Schulze (Mon Nov 04 2002 - 07:26:57 PST)
- iDEFENSE Security Advisory 11.04.02b: Denial of Service Vulnerability in Xeneo Web Server David Endler (Sun Nov 03 2002 - 21:46:47 PST)
- iDEFENSE Security Advisory 11.04.02a: Pablo FTP Server DoS Vulnerability David Endler (Sun Nov 03 2002 - 21:43:58 PST)
- [VulnWatch] [A3SC] MS IIS out of process privilege elevation vulnerability(A3CR@K-Vul-2002-06-002) li0n (Mon Nov 04 2002 - 02:16:56 PST)
- Re: Allot Netenforcer problems, GNU TAR flaw Felix Radensky (Sun Nov 03 2002 - 00:46:40 PST)
- [VulnWatch] Oracle iSQL*Plus buffer overflow vulnerability (#NISR04112002) NGSSoftware Insight Security Research (Mon Nov 04 2002 - 09:48:17 PST)
- Oracle iSQL*Plus buffer overflow vulnerability (#NISR04112002) NGSSoftware Insight Security Research (Mon Nov 04 2002 - 09:48:17 PST)
- [A3SC] MS IIS out of process privilege elevation vulnerability(A3CR@K-Vul-2002-06-002) li0n (Mon Nov 04 2002 - 02:16:56 PST)
- Accesspoints disclose wep keys, password and mac filter (fwd) Tom Knienieder (Sun Nov 03 2002 - 05:43:25 PST)
- [Announce] AngeL v0.9.0 Paolo Perego (Sun Nov 03 2002 - 23:59:45 PST)
- SuSE Security Announcement: perl-MailTools (SuSE-SA:2002:041) Sebastian Krahmer (Tue Nov 05 2002 - 03:14:35 PST)
- [Full-Disclosure] IRIX CDE ToolTalk rpc.ttdbserverd vulnerabilities SGI Security Coordinator (Tue Nov 05 2002 - 08:39:43 PST)
- [SNS Advisory No.58] Microsoft IIS Local Cross-site Scripting Vulnerability snsadvat_private (Mon Nov 04 2002 - 19:17:02 PST)
- RE: [security bulletin] SSRT2265 HP TruCluster Server Interconnect Potential Security Vulnerability (fwd) Dave Ahmad (Tue Nov 05 2002 - 09:17:23 PST)
- A technique to mitigate cookie-stealing XSS attacks Michael Howard (Tue Nov 05 2002 - 10:44:24 PST)
- networking_utils.php Tacettin Karadeniz (Tue Nov 05 2002 - 13:05:56 PST)
- SnortCenter 0.9.5 temp file naming problems... Clint Byrum (Tue Nov 05 2002 - 11:04:10 PST)
- Bug in Monkey Webserver 0.5.0 or minors versions Daniel (Sun Nov 03 2002 - 18:21:42 PST)
- When scrubbing secrets in memory doesn't work Michael Howard (Tue Nov 05 2002 - 14:13:07 PST)
- [Full-Disclosure] Re: Oracle Security Contact Steven M. Christey (Tue Nov 05 2002 - 20:32:04 PST)
- GLSA: MailTools Daniel Ahlberg (Wed Nov 06 2002 - 06:47:56 PST)
- iDEFENSE Security Advisory 11.06.02: Non-Explicit Path Vulnerability in LuxMan David Endler (Wed Nov 06 2002 - 08:56:34 PST)
- [Full-Disclosure] IRIX ToolTalk rpc.ttdbserverd vulnerabilities SGI Security Coordinator (Wed Nov 06 2002 - 11:35:09 PST)
- [Full-Disclosure] Weak Password Encryption Scheme in MS SQL Server K. K. Mookhey (Fri Nov 01 2002 - 23:38:33 PST)
- QNX 6.1 TimeCreate weakness Pawel Pisarczyk (Wed Nov 06 2002 - 07:40:36 PST)
- [Full-Disclosure] [RHSA-2002:197-09] Updated glibc packages fix vulnerabilities in resolver bugzillaat_private (Wed Nov 06 2002 - 16:58:19 PST)
- [SECURITY] [DSA 189-1] New luxman packages fix local root exploit Martin Schulze (Wed Nov 06 2002 - 09:10:06 PST)
- How to execute programs with parameters in IE - Sandblad advisory #10 Andreas Sandblad (Wed Nov 06 2002 - 11:48:03 PST)
- [CLA-2002:544] Conectiva Linux Security Announcement - linuxconf secureat_private (Wed Nov 06 2002 - 11:05:39 PST)
- Re: ZoneEdit Account Hijack Vulnerability securityfocusat_private (Wed Nov 06 2002 - 07:35:57 PST)
- [Full-Disclosure] Security Industry Under Scrutiny: Part One sockz loves you (Thu Nov 07 2002 - 02:12:33 PST)
- Linksys security contact David Endler (Thu Nov 07 2002 - 06:59:29 PST)
- [SECURITY] [DSA-190-1] buffer overflow in Window Maker Wichert Akkerman (Thu Nov 07 2002 - 05:11:55 PST)
- Remote pine Denial of Service Linus Sjöberg (Thu Nov 07 2002 - 05:16:13 PST)
- [Full-Disclosure] [RHSA-2002:242-06] Updated kerberos packages available bugzillaat_private (Thu Nov 07 2002 - 08:27:57 PST)
- [Full-Disclosure] Potential Denial of Service Vulnerability in IRIX RPC-based libc SGI Security Coordinator (Thu Nov 07 2002 - 16:12:01 PST)
- Yahoo Messenger: Invisible User Detect cringe (Wed Nov 06 2002 - 07:31:52 PST)
- [Full-Disclosure] Re: MDKSA-2002:076 - perl-MailTools update Vincent Danen (Thu Nov 07 2002 - 17:38:23 PST)
- Lotus Domino HTTP Server security issue Frank Perreault (Thu Nov 07 2002 - 12:39:20 PST)
- [SECURITY] [DSA 191-1] New squirrelmail packages fix cross site scripting bugs Martin Schulze (Thu Nov 07 2002 - 08:54:55 PST)
- Help Please Mark Litchfield (Fri Nov 08 2002 - 00:31:05 PST)
- Vulnerability in Cutecast Forum v1.2 Zero-X www.lobnan.de Team (Thu Nov 07 2002 - 11:52:02 PST)
- [Full-Disclosure] XSS in Postnuke Rogue release (0.72) Muhammad Faisal Rauf Danka (Thu Nov 07 2002 - 22:49:33 PST)
- RES: A technique to mitigate cookie-stealing XSS attacks AQBARROSat_private (Wed Nov 06 2002 - 05:09:33 PST)
- [VulnWatch] LiteServe Directory Index Cross-Site Scripting Matthew Murphy (Thu Nov 07 2002 - 19:30:08 PST)
- [VulnWatch] XSS in Postnuke Rogue release (0.72) Muhammad Faisal Rauf Danka (Thu Nov 07 2002 - 22:49:33 PST)
- [Full-Disclosure] [VulnWatch] XSS in Postnuke Rogue release (0.72) Muhammad Faisal Rauf Danka (Thu Nov 07 2002 - 22:49:33 PST)
- iDEFENSE Security Advisory 11.08.02a: File Disclosure Vulnerability in Simple Web Server David Endler (Fri Nov 08 2002 - 12:27:16 PST)
- iDEFENSE Security Advisory 11.08.02b: Non-Explicit Path Vulnerability in QNX Neutrino RTOS David Endler (Fri Nov 08 2002 - 13:04:06 PST)
- Re: Bypassing website filter in SonicWall Justin King (Thu Nov 07 2002 - 10:15:05 PST)
- MDKSA-2002:076 - perl-MailTools update Mandrake Linux Security Team (Thu Nov 07 2002 - 15:22:11 PST)
- MDKSA-2002:075 - nss_ldap update Mandrake Linux Security Team (Thu Nov 07 2002 - 15:20:06 PST)
- LiteServe Directory Index Cross-Site Scripting Matthew Murphy (Thu Nov 07 2002 - 19:30:08 PST)
- Re: PHP-Nuke SQL Injection Vulnerability Predrag Damnjanovic (Mon Nov 04 2002 - 07:39:06 PST)
- NetBSD Security Advisory 2002-024: IPFilter FTP proxy NetBSD Security Officer (Mon Nov 04 2002 - 15:36:15 PST)
- Oracle iSQL*Plus buffer Overflow.. deadbeatat_private (Mon Nov 04 2002 - 12:26:50 PST)
- Re: Motorola Cable Modem DOS Peter Arnts (Mon Nov 04 2002 - 13:13:52 PST)
- Cisco PIX SSH/telnet dDOS vulnerability CSCdy51810 Nils Reichen (Tue Nov 05 2002 - 13:20:04 PST)
- Zeus Admin Server v4.1r2 index.fcgi XSS bug euronymous (Fri Nov 08 2002 - 11:39:24 PST)
- XSS in Postnuke Rogue release (0.72) Muhammad Faisal Rauf Danka (Thu Nov 07 2002 - 22:49:33 PST)
- Technical information about unpatched MS Java vulnerabilities Jouko Pynnonen (Fri Nov 08 2002 - 05:00:01 PST)
- Securing OWA on public computers. Alex T. (Thu Nov 07 2002 - 12:09:11 PST)
- RhinoSoft Serv-U FTP Anonymous Remote DoS Vulnerability [secondmotion]-Matt Thompson (Wed Nov 06 2002 - 05:47:10 PST)
- [SECURITY] [DSA 192-1] New html2ps packages fix arbitrary code execution Martin Schulze (Fri Nov 08 2002 - 09:09:59 PST)
- [Full-Disclosure] Buffer Overflow in iSMTP Gateway K. K. Mookhey (Mon Nov 11 2002 - 00:25:04 PST)
- [VulnWatch] Buffer Overflow in iSMTP Gateway K. K. Mookhey (Mon Nov 11 2002 - 00:25:04 PST)
- GLSA: kgpg Daniel Ahlberg (Sun Nov 10 2002 - 05:55:33 PST)
- Layer 2 Analysis of WLAN Discovery Applications for Intrusion Detection Joshua Wright (Mon Nov 11 2002 - 05:41:54 PST)
- Multiple Vuln. in Hotfoon.com's Hotfoon4.exe dialer S G Masood (Sun Nov 10 2002 - 09:58:10 PST)
- benchmark tool for HTTP pages. Tacettin Karadeniz (Sun Nov 10 2002 - 09:09:23 PST)
- Buffer Overflow in iSMTP Gateway K. K. Mookhey (Mon Nov 11 2002 - 00:25:04 PST)
- [Full-Disclosure] [RHSA-2002:213-06] New PHP packages fix vulnerability in mail function bugzillaat_private (Mon Nov 11 2002 - 09:23:20 PST)
- NOVL-2002-2963651 - iManager (eMFrame) Buffer Overflow Ed Reed (Mon Nov 11 2002 - 09:50:24 PST)
- [Full-Disclosure] Security Update: [CSSA-2002-044.0] Linux: Preboot eXecution Environment (PXE) server denial-of-service attacks securityat_private (Mon Nov 11 2002 - 12:23:14 PST)
- [SECURITY] [DSA 191-2] New squirrelmail packages fix problem in options page Martin Schulze (Mon Nov 11 2002 - 01:02:15 PST)
- Timing the Application of Security Patches for Optimal Uptime Crispin Cowan (Sun Nov 10 2002 - 08:11:39 PST)
- iDEFENSE Security Advisory 11.11.02: Buffer Overflow in KDE resLISa David Endler (Mon Nov 11 2002 - 08:56:29 PST)
- RE: How to execute programs with parameters in IE - Sandblad advisory #10 Russ (Sat Nov 09 2002 - 16:48:30 PST)
- [SECURITY] [DSA 193-1] New klisa packages fix buffer overflow Martin Schulze (Mon Nov 11 2002 - 09:07:40 PST)
- Multiple vulnerabilities in Tiny HTTPd dong-h0un U (Mon Nov 11 2002 - 02:48:55 PST)
- xoops Quizz Module IMG bug magistrat (Sun Nov 10 2002 - 19:15:08 PST)
- Security Update: [CSSA-2002-044.0] Linux: Preboot eXecution Environment (PXE) server denial-of-service attacks securityat_private (Mon Nov 11 2002 - 12:23:14 PST)
- [SecurityOffice] Hyperion Ftp Server v2.8.1 Directory Traversal Vulnerability Tamer Sahin (Tue Nov 12 2002 - 07:56:06 PST)
- KDE Security Advisory: resLISa / LISa Vulnerabilities Andreas Pour (Tue Nov 12 2002 - 04:28:04 PST)
- WebChat for XOOPS RC3 SQL INJECTION vALDEUxat_private (Tue Nov 12 2002 - 02:55:49 PST)
- GLSA: apache Daniel Ahlberg (Tue Nov 12 2002 - 06:23:31 PST)
- Remote Buffer Overflow vulnerability in Light HTTPd dong-h0un U (Tue Nov 12 2002 - 01:17:36 PST)
- APBoard - post threads to protected forums and possibility to hijack forum-password ProXy (Tue Nov 12 2002 - 11:31:33 PST)
- NOVL-2002-2963767 - Remote Manager Security Issue - eDir 8.6.2 Ed Reed (Tue Nov 12 2002 - 08:21:43 PST)
- KDE Security Advisory: rlogin.protocol and telnet.protocol URL KIO Vulnerability Andreas Pour (Tue Nov 12 2002 - 04:26:48 PST)
- [SECURITY] [DSA 194-1] New masqmail packages fix buffer overflows Martin Schulze (Tue Nov 12 2002 - 08:37:11 PST)
- [Full-Disclosure] Security Update: [CSSA-2002-042.0] Linux: libpng progressive image loading vulnerabilities and other buffer overflows securityat_private (Tue Nov 12 2002 - 13:45:18 PST)
- SuSE Security Announcement: KDE lanbrowser vulnerability (SuSE-SA:2002:042) Olaf Kirch (Tue Nov 12 2002 - 02:18:45 PST)
- [Full-Disclosure] IRIX lpd daemon vulnerabilities via sendmail and dns SGI Security Coordinator (Tue Nov 12 2002 - 14:23:46 PST)
- [Full-Disclosure] Security Update: [CSSA-2002-SCO.42] UnixWare 7.1.1 Open UNIX 8.0.0 : in.talkd format string vulnerabilities securityat_private (Tue Nov 12 2002 - 15:30:12 PST)
- [Full-Disclosure] Apache Security Vulnerabilities on IRIX SGI Security Coordinator (Tue Nov 12 2002 - 15:42:44 PST)
- NOVL-2002-2963827 - Remote Manager Security Issue - NW5.1 Ed Reed (Tue Nov 12 2002 - 08:21:37 PST)
- ISS Security Advisory: Multiple Remote Vulnerabilities in BIND4 and BIND8 (fwd) Dave Ahmad (Tue Nov 12 2002 - 09:05:42 PST)
- EEYE: Macromedia ColdFusion/JRun Remote SYSTEM Buffer Overflow Vulnerabilities Marc Maiffret (Tue Nov 12 2002 - 12:44:41 PST)
- Fresh hole in W3Mail (fwd) Tim Brown (Tue Nov 12 2002 - 15:28:44 PST)
- [Fwd: Notice of serious vulnerabilities in ISC BIND 4 & 8] Aaron Howell (Tue Nov 12 2002 - 11:27:53 PST)
- Security Update: [CSSA-2002-042.0] Linux: libpng progressive image loading vulnerabilities and other buffer overflows securityat_private (Tue Nov 12 2002 - 13:45:18 PST)
- Exploit code for IP Smart Spoofing Laurent Licour (Tue Nov 12 2002 - 04:21:17 PST)
- SuSE Security Announcement: SuSE-SA:2002:043 (traceroute-nanog/nkitb) Thomas Biege (Tue Nov 12 2002 - 05:06:45 PST)
- RE: ISS Security Advisory: Multiple Remote Vulnerabilities in BIND4 andBIND8 (fwd) Russ (Wed Nov 13 2002 - 05:08:10 PST)
- i386 Linux kernel DoS Christophe Devine (Mon Nov 11 2002 - 12:25:55 PST)
- FreeBSD Security Advisory FreeBSD-SA-02:40.kadmind FreeBSD Security Advisories (Tue Nov 12 2002 - 20:06:35 PST)
- [SECURITY] [DSA 195-1] New Apache-Perl packages fix several vulnerabilities Martin Schulze (Wed Nov 13 2002 - 07:33:30 PST)
- [Full-Disclosure] Eudora 5.2 attachment spoof Paul Szabo (Wed Nov 13 2002 - 12:44:50 PST)
- [VulnWatch] KeyFocus KF Web Server File Disclosure Vulnerability mattmurphyat_private (Wed Nov 13 2002 - 14:06:24 PST)
- Gnujsp and Domino R5.0.10 YM Barusseau (Wed Nov 13 2002 - 01:47:33 PST)
- Eudora 5.2 attachment spoof Paul Szabo (Wed Nov 13 2002 - 12:44:50 PST)
- KeyFocus KF Web Server File Disclosure Vulnerability mattmurphyat_private (Wed Nov 13 2002 - 14:06:24 PST)
- [Full-Disclosure] [ESA-20021114-029] BIND buffer overflow, DoS attacks. EnGarde Secure Linux (Thu Nov 14 2002 - 02:18:06 PST)
- Bind 8 bug experience Michael Brennen (Tue Nov 12 2002 - 22:23:09 PST)
- The Unix Auditor's Practical Handbook K. K. Mookhey (Tue Nov 12 2002 - 05:15:01 PST)
- [Full-Disclosure] Netscape/Mozilla: Exploitable heap corruption via jar: URI handler. zen-parse (Thu Nov 14 2002 - 07:56:13 PST)
- [Full-Disclosure] RE: i386 Linux kernel DoS (fixed) Leif Sawyer (Thu Nov 14 2002 - 11:42:06 PST)
- [VulnWatch] Perception LiteServe HTTP CGI Disclosure Vulnerability mattmurphyat_private (Thu Nov 14 2002 - 13:38:42 PST)
- [Full-Disclosure] Security Update: [CSSA-2002-045.0] Linux: python insecure temporary files in os._execvpe securityat_private (Thu Nov 14 2002 - 14:22:51 PST)
- Re: BIND Exploits h2g.sec.listat_private (Wed Nov 13 2002 - 19:55:10 PST)
- [Full-Disclosure] Security Update: [CSSA-2002-046.0] Linux: buffer overflows and other security issues in squid securityat_private (Thu Nov 14 2002 - 16:15:48 PST)
- FreeBSD Security Advisory FreeBSD-SA-02:42.resolv FreeBSD Security Advisories (Tue Nov 12 2002 - 20:07:09 PST)
- IceWarp 3.4.5 XSS *AGAIN* DarC KonQuesT (Tue Nov 12 2002 - 16:54:04 PST)
- Well known flaw in web cart software remains wide open whitehat2004at_private (Mon Nov 11 2002 - 22:44:50 PST)
- [ESA-20021114-029] BIND buffer overflow, DoS attacks. EnGarde Secure Linux (Thu Nov 14 2002 - 02:18:06 PST)
- arp spoofing defence Ilya Teterin (Thu Nov 14 2002 - 13:16:21 PST)
- Default SNMP community in Surecom Broadband Router Andrei Mikhailovsky (Wed Nov 13 2002 - 11:44:20 PST)
- GLSA: kdelibs Daniel Ahlberg (Thu Nov 14 2002 - 01:41:40 PST)
- FreeBSD Security Advisory FreeBSD-SA-02:43.bind FreeBSD Security Advisories (Wed Nov 13 2002 - 22:24:29 PST)
- Remote Buffer Overflow vulnerability in Lib HTTPd. dong-h0un U (Wed Nov 13 2002 - 01:42:00 PST)
- IISPop remote DOS securma massine (Fri Nov 15 2002 - 12:11:02 PST)
- Perception LiteServe HTTP CGI Disclosure Vulnerability mattmurphyat_private (Thu Nov 14 2002 - 13:38:42 PST)
- Code Injection in phpBB Advanced Quick Reply Mod Hai Nam Luke (Tue Nov 12 2002 - 23:49:25 PST)
- [Full-Disclosure] Security Update: [CSSA-2002-047.0] Linux: KDE SSL and XSS vulnerabilities securityat_private (Fri Nov 15 2002 - 16:37:45 PST)
- Security Update: [CSSA-2002-045.0] Linux: python insecure temporary files in os._execvpe securityat_private (Thu Nov 14 2002 - 14:22:51 PST)
- Latest libpcap & tcpdump sources from tcpdump.org contain a trojan Mincu Alexandru (Wed Nov 13 2002 - 06:48:30 PST)
- Opera 7 vulnerabilities GreyMagic Software (Thu Nov 14 2002 - 08:43:02 PST)
- FreeBSD Security Advisory FreeBSD-SA-02:41.smrsh FreeBSD Security Advisories (Tue Nov 12 2002 - 20:06:53 PST)
- Security Update: [CSSA-2002-SCO.42] UnixWare 7.1.1 Open UNIX 8.0.0 : in.talkd format string vulnerabilities securityat_private (Tue Nov 12 2002 - 15:30:12 PST)
- Buffalo AP Denial of Service Andrei Mikhailovsky (Wed Nov 13 2002 - 11:39:12 PST)
- Office XP document numbers can be linked to individual machines Woody Leonhard (Wed Nov 13 2002 - 06:10:47 PST)
- [Full-Disclosure] [RHSA-2002:262-07] New kernel fixes local denial of service issue bugzillaat_private (Sat Nov 16 2002 - 03:07:42 PST)
- Re: [Full-Disclosure] Bind 8 patches available Peter Bieringer (Sat Nov 16 2002 - 02:50:41 PST)
- JSP processor 1.1 information disclosure Andy (Wed Nov 13 2002 - 06:38:54 PST)
- bind 8 info update regarding ISS mark_salaat_private (Sat Nov 16 2002 - 06:37:08 PST)
- ZDnet forum: IE formatting local drive Alan Rouse (Mon Nov 11 2002 - 08:22:21 PST)
- [CLA-2002:545] Conectiva Linux Security Announcement - php4 secureat_private (Wed Nov 13 2002 - 14:18:31 PST)
- SuSE Security Announcement: Multiple vulnerabilities in BIND8 (SuSE-SA:2002:044) Olaf Kirch (Thu Nov 14 2002 - 02:19:30 PST)
- MS02-064 fix time David Litchfield (Thu Nov 14 2002 - 05:41:53 PST)
- Netscape/Mozilla: Exploitable heap corruption via jar: URI handler. zen-parse (Thu Nov 14 2002 - 07:56:13 PST)
- Better security through shame Michael Bacarella (Thu Nov 14 2002 - 10:00:28 PST)
- [CLA-2002:547] Conectiva Linux Security Announcement - syslog-ng secureat_private (Thu Nov 14 2002 - 11:25:03 PST)
- GLSA: kdenetwork Daniel Ahlberg (Thu Nov 14 2002 - 01:04:39 PST)
- [CLA-2002:546] Conectiva Linux Security Announcement - bind secureat_private (Thu Nov 14 2002 - 09:37:19 PST)
- MDKSA-2002:077 - bind update Mandrake Linux Security Team (Thu Nov 14 2002 - 08:22:44 PST)
- Unofficial statement re: tcpdump and libpcap Alan DeKok (Wed Nov 13 2002 - 12:01:28 PST)
- Security holes... Who cares? Eric Rescorla (Fri Nov 15 2002 - 10:30:53 PST)
- [OpenPKG-SA-2002.011] OpenPKG Security Advisory (bind, bind8) OpenPKG (Fri Nov 15 2002 - 10:18:04 PST)
- [SECURITY] [DSA-196-1] New BIND packages fix several vulnerabilities Daniel Jacobowitz (Thu Nov 14 2002 - 09:04:23 PST)
- FreeBSD Security Advisory FreeBSD-SA-02:43.bind [REVISED] FreeBSD Security Advisories (Fri Nov 15 2002 - 05:51:55 PST)
- Security Update: [CSSA-2002-046.0] Linux: buffer overflows and other security issues in squid securityat_private (Thu Nov 14 2002 - 16:15:48 PST)
- FreeBSD Security Advisory FreeBSD-SA-02:41.smrsh [REVISED] FreeBSD Security Advisories (Fri Nov 15 2002 - 05:51:51 PST)
- Remote Buffer Overflow vulnerability in Zeroo HTTP Server. dong-h0un U (Fri Nov 15 2002 - 17:47:49 PST)
- [Full-Disclosure] Security Industry Under Scrutiny: Part Two sockz loves you (Sun Nov 17 2002 - 21:11:33 PST)
- Security Update: [CSSA-2002-047.0] Linux: KDE SSL and XSS vulnerabilities securityat_private (Fri Nov 15 2002 - 16:37:45 PST)
- [VulnWatch] LiteServe URL Decoding DoS Matthew Murphy (Sun Nov 17 2002 - 13:29:53 PST)
- NBActiveX Sure ActiveX Big Vulnerability Webmaster, Lorenzo Hernandez Garcia-Hierro (Sat Nov 16 2002 - 08:12:00 PST)
- [SECURITY] [DSA 197-1] New sqwebmail packages fix local information exposure Martin Schulze (Fri Nov 15 2002 - 07:36:22 PST)
- RE: [Full-Disclosure] Bind 8 patches available John.Aireyat_private (Mon Nov 18 2002 - 01:24:44 PST)
- patch for named buffer overflow now available (fwd) Jonas Eriksson (Fri Nov 15 2002 - 00:25:46 PST)
- [Full-Disclosure] Security Update: [CSSA-2002-048.0] Linux: wwwoffled remote access vulnerability securityat_private (Mon Nov 18 2002 - 15:30:40 PST)
- [Full-Disclosure] Security Update: [CSSA-2002-049.0] Linux: lynx CRLF injection vulnerability securityat_private (Mon Nov 18 2002 - 16:26:42 PST)
- [tcpdump-announce] initial comments on trojan attack (fwd) Jonas Eriksson (Sat Nov 16 2002 - 02:32:22 PST)
- MailEnable POP3 Server remote shutdown !:/ -newest ~ (and previous) bufferoverflow- Ketil Braun Larsen (Sun Nov 17 2002 - 14:04:09 PST)
- TFTPD32 Buffer Overflow Vulnerability (Long filename) Aviram Jenik (Mon Nov 18 2002 - 12:39:30 PST)
- [CLA-2002:549] Conectiva Linux Security Announcement - dhcpcd secureat_private (Mon Nov 18 2002 - 13:28:30 PST)
- PlanetWeb Web Server Buffer Overflow in processing GET requests PlanetDNS Support (Mon Nov 18 2002 - 10:42:44 PST)
- XOOPS WebChat module - patch UPDATE Val Deux (Sat Nov 16 2002 - 02:59:29 PST)
- iPlanet WebServer, remote root compromise labs@NGSEC (Mon Nov 18 2002 - 19:58:26 PST)
- GNU GCC: Optimizer Removes Code Necessary for Security Joseph Wagner (Sat Nov 16 2002 - 02:04:44 PST)
- TSLSA-2002-0077 - kernel Trustix Secure Linux Advisor (Mon Nov 18 2002 - 05:40:37 PST)
- LOM: Multiple vulnerabilities in Macromedia Flash ActiveX 3APA3A (Mon Nov 18 2002 - 02:43:27 PST)
- [Full-Disclosure] Security Update: [CSSA-2002-050.0] Linux: tcpdump denial-of-service in print-bgp.c securityat_private (Tue Nov 19 2002 - 15:55:31 PST)
- [SECURITY] [DSA 199-1] New mhonarc packages fix cross site scripting Martin Schulze (Tue Nov 19 2002 - 07:15:07 PST)
- Update to LOM's advisory 3APA3A (Mon Nov 18 2002 - 09:39:15 PST)
- (MSIE) when parent gives his son bad things ;) --"dialogArguments " again Liu Die Yu (Mon Nov 18 2002 - 17:45:45 PST)
- Linksys router vulnerability Seth Bromberger (Mon Nov 18 2002 - 14:00:14 PST)
- TFTPD32 Directory Traversal Vulnerability Aviram Jenik (Mon Nov 18 2002 - 12:42:04 PST)
- XSS bug in phpBB Arab VieruZ (Mon Nov 18 2002 - 04:33:41 PST)
- [Full-Disclosure] Update: iDEFENSE Security Advisory 11.19.02b: Eudora Script Execution Vulnerability David Endler (Wed Nov 20 2002 - 07:39:34 PST)
- [Full-Disclosure] Opera 6.03/Linux crashes on HTTPS over Squid Proxy on a site Peter Bieringer (Wed Nov 20 2002 - 14:20:53 PST)
- [Full-Disclosure] Security Update: [CSSA-2002-051.0] Linux: fetchmail remote vulnerabilities in multidrop mode securityat_private (Thu Nov 21 2002 - 11:49:30 PST)
- [Full-Disclosure] Security Update: [CSSA-2002-052.0] Linux: sendmail smrsh bypass vulnerabilities securityat_private (Thu Nov 21 2002 - 15:35:43 PST)
- [VulnWatch] Zeroo Folder Traversal Vulnerability mattmurphyat_private (Thu Nov 21 2002 - 16:49:46 PST)
- Update: iDEFENSE Security Advisory 11.19.02b: Eudora Script Execution Vulnerability David Endler (Wed Nov 20 2002 - 07:39:34 PST)
- Multiple incorrect permissions in QNX. One Semicolon (Mon Nov 18 2002 - 19:47:26 PST)
- [Full-Disclosure] MS02-065 vulnerability Paul Szabo (Fri Nov 22 2002 - 02:36:50 PST)
- Updated ypserv packages fix memory leak Mandrake Linux Security Team (Mon Nov 18 2002 - 18:42:59 PST)
- Security Update: [CSSA-2002-048.0] Linux: wwwoffled remote access vulnerability securityat_private (Mon Nov 18 2002 - 15:30:40 PST)
- Security Update: [CSSA-2002-049.0] Linux: lynx CRLF injection vulnerability securityat_private (Mon Nov 18 2002 - 16:26:42 PST)
- [VulnWatch] ClearCase DoS vulnerabilty marek.rouchalat_private (Fri Nov 22 2002 - 01:30:11 PST)
- [Full-Disclosure] [ESA-20021122-030] local kernel vulnerabilities EnGarde Secure Linux (Fri Nov 22 2002 - 07:24:01 PST)
- [Full-Disclosure] [ESA-20021122-031] php upgrade, security fixes EnGarde Secure Linux (Fri Nov 22 2002 - 07:24:26 PST)
- [Full-Disclosure] Security contact for SAP database KF (Fri Nov 22 2002 - 08:24:30 PST)
- [Full-Disclosure] [RHSA-2002:266-05] New samba packages available to fix potential security vulnerability bugzillaat_private (Fri Nov 22 2002 - 09:33:13 PST)
- [VulnWatch] Mulitple Buffer Overflow conditions in RealPlayer/RealOne (#NISR22112002) NGSSoftware Insight Security Research (Fri Nov 22 2002 - 09:48:39 PST)
- [Full-Disclosure] zlib vulnerability in JAVA on IRIX SGI Security Coordinator (Fri Nov 22 2002 - 15:39:25 PST)
- [Full-Disclosure] Security Update: [CSSA-2002-053.0] Linux: gv execution of arbitrary shell commands securityat_private (Fri Nov 22 2002 - 16:52:38 PST)
- MDKSA-2002:079 - Updated kdelibs packages fix remote command execution vulnerabilites Mandrake Linux Security Team (Thu Nov 21 2002 - 18:01:09 PST)
- Clipboard in QNX Photon One Semicolon (Mon Nov 18 2002 - 19:46:00 PST)
- Zeroo Folder Traversal Vulnerability mattmurphyat_private (Thu Nov 21 2002 - 16:49:46 PST)
- iDEFENSE Security Advisory 11.19.02c: Netscape Predictable Directory Structure Allows Theft of Preferences File David Endler (Tue Nov 19 2002 - 15:15:39 PST)
- MDKSA-2002:080 - Updated kdenetwork packages fix remote command execution vulnerabilites Mandrake Linux Security Team (Thu Nov 21 2002 - 18:03:43 PST)
- [OpenBSD] [syslogd] false src-IP when logging to remote syslogd Torsten Valentin (Wed Nov 20 2002 - 07:36:43 PST)
- GLSA: php Daniel Ahlberg (Wed Nov 20 2002 - 05:16:30 PST)
- GLSA: samba Daniel Ahlberg (Thu Nov 21 2002 - 01:08:19 PST)
- XSS bug in vBulletin Arab VieruZ (Thu Nov 21 2002 - 12:34:03 PST)
- Security Update: [CSSA-2002-052.0] Linux: sendmail smrsh bypass vulnerabilities securityat_private (Thu Nov 21 2002 - 15:35:43 PST)
- Open WebMail 1.71 "background" magic info FreeBSDbr Bugtraq DataBase (Tue Nov 19 2002 - 04:30:10 PST)
- GLSA: courier Daniel Ahlberg (Tue Nov 19 2002 - 05:46:06 PST)
- Sun Security Bulletin #00220 Matt Selsky (Wed Nov 20 2002 - 11:35:54 PST)
- G-Con Announcement Enrique A. Sanchez Montellano (Fri Nov 22 2002 - 08:03:10 PST)
- ClearCase DoS vulnerabilty marek.rouchalat_private (Fri Nov 22 2002 - 01:30:11 PST)
- [CLA-2002:550] Conectiva Linux Security Announcement - samba secureat_private (Fri Nov 22 2002 - 10:15:03 PST)
- Mulitple Buffer Overflow conditions in RealPlayer/RealOne (#NISR22112002) NGSSoftware Insight Security Research (Fri Nov 22 2002 - 09:48:39 PST)
- [ESA-20021122-030] local kernel vulnerabilities EnGarde Secure Linux (Fri Nov 22 2002 - 07:24:01 PST)
- [ESA-20021122-031] php upgrade, security fixes EnGarde Secure Linux (Fri Nov 22 2002 - 07:24:26 PST)
- GLSA: gtetrinet Daniel Ahlberg (Wed Nov 20 2002 - 06:37:33 PST)
- Cisco Security Advisory: Cisco PIX Multiple Vulnerabilities Cisco Systems Product Security Incident Response Team (Wed Nov 20 2002 - 08:00:00 PST)
- Allied Telesyn switches & routers vulnerability Oleg A. Lebedev (Wed Nov 20 2002 - 06:13:04 PST)
- UPDATE: Linksys router vulnerability (add'l models affected) Seth Bromberger (Wed Nov 20 2002 - 12:37:48 PST)
- [VulnWatch] acFTP Authentication Issue Matthew Murphy (Sat Nov 23 2002 - 17:57:30 PST)
- [VulnWatch] acFreeProxy Cross-Site Scripting Vulnerability/Possible DoS Matthew Murphy (Sat Nov 23 2002 - 19:01:23 PST)
- iDEFENSE Security Advisory 11.19.02a: Denial of Service Vulnerability in Linksys Cable/DSL Routers David Endler (Tue Nov 19 2002 - 14:57:13 PST)
- CERT Advisory CA-2002-32 Backdoor in Alcatel OmniSwitch AOS (fwd) Dave Ahmad (Thu Nov 21 2002 - 10:37:14 PST)
- [VulnWatch] SFAD02-002: Calisto Internet Talker Remote DOS subversive (Sun Nov 24 2002 - 17:33:49 PST)
- Remote Heap malloc/free & multiple Overflow vulnerability in WSMP3. dong-h0un U (Mon Nov 25 2002 - 00:34:04 PST)
- Re: Alert: Microsoft Security Bulletin - MS02-066 Lise (Mon Nov 25 2002 - 07:03:41 PST)
- [VulnWatch] Netscreen Malicious URL feature can be bypassed by fragmenting the request zel (Mon Nov 25 2002 - 09:59:21 PST)
- Netscreen Malicious URL feature can be bypassed by fragmenting the request zel (Mon Nov 25 2002 - 09:59:21 PST)
- [Full-Disclosure] [RHSA-2002:264-05] New kernel 2.2 packages fix local denial of service issue bugzillaat_private (Mon Nov 25 2002 - 09:43:43 PST)
- iDEFENSE Security Advisory 11.19.02b: Eudora Script Execution Vulnerability David Endler (Tue Nov 19 2002 - 15:07:24 PST)
- [LSD] Java and JVM security vulnerabilities Last Stage of Delirium (Wed Nov 20 2002 - 18:44:18 PST)
- [VulnWatch] 'Malicious-URL' Feature may be Circumvented Using IP Fragmentation NetScreen Security Response Team (Mon Nov 25 2002 - 14:51:21 PST)
- acFreeProxy Cross-Site Scripting Vulnerability/Possible DoS Matthew Murphy (Sat Nov 23 2002 - 19:01:23 PST)
- acFTP Authentication Issue Matthew Murphy (Sat Nov 23 2002 - 17:57:30 PST)
- Multiple phpNuke Modules Vulnerable to Cross-Site Scripting Matthew Murphy (Sun Nov 24 2002 - 10:06:23 PST)
- ISS Security Brief: Solaris fs.auto Remote Compromise Vulnerability (fwd) Dave Ahmad (Mon Nov 25 2002 - 09:42:54 PST)
- [Full-Disclosure] Netscape Problems. zen-parse (Mon Nov 25 2002 - 22:17:56 PST)
- Web Server Creator - Web Portal 0.1 (PHP) Frog Man (Mon Nov 25 2002 - 08:33:41 PST)
- Predictable TCP Initial Sequence Numbers NetScreen Security Response Team (Mon Nov 25 2002 - 14:52:20 PST)
- Immobilier 1 (PHP) Frog Man (Mon Nov 25 2002 - 08:33:24 PST)
- BadBlue XSS/Information Disclosure Vulnerabilities Matthew Murphy (Sun Nov 24 2002 - 10:36:33 PST)
- 'Malicious-URL' Feature may be Circumvented Using IP Fragmentation NetScreen Security Response Team (Mon Nov 25 2002 - 14:51:21 PST)
- CAIS-ALERT: Vulnerability in the sending requests control of BIND Vagner Sacramento (Mon Nov 25 2002 - 13:32:39 PST)
- Potential H.323 Denial of Service NetScreen Security Response Team (Mon Nov 25 2002 - 14:53:14 PST)
- [VulnWatch] Predictable TCP Initial Sequence Numbers NetScreen Security Response Team (Mon Nov 25 2002 - 14:52:20 PST)
- [VulnWatch] Potential H.323 Denial of Service NetScreen Security Response Team (Mon Nov 25 2002 - 14:53:14 PST)
- Netscape Problems. zen-parse (Mon Nov 25 2002 - 22:17:56 PST)
- pWins Perl Web Server Directory Transversal Vulnerability Matthew Wagenknecht (Wed Nov 27 2002 - 15:49:19 PST)
- XSS vulnerability in Bugzilla if upgraded from 2.10 or earlier David Miller (Tue Nov 26 2002 - 12:34:12 PST)
- Cracking OpenVMS passwords with John the Ripper Jean-loup Gailly (Tue Nov 26 2002 - 09:19:45 PST)
- Re: Solaris priocntl exploit Casper Dik (Wed Nov 27 2002 - 16:26:40 PST)
- Moby NetSuite POST Denial of Service Vulnerability Matthew Murphy (Thu Nov 28 2002 - 19:58:30 PST)
- TracerouteNG - never ending story Paul Starzetz (Thu Nov 28 2002 - 07:51:08 PST)
- SuSE Security Announcement: samba (SuSE-SA:2002:045) Roman Drahtmueller (Wed Nov 20 2002 - 09:08:39 PST)
- SFAD02-002: Calisto Internet Talker Remote DOS subversive (Sun Nov 24 2002 - 17:33:49 PST)
- TSLSA-2002-0080 - samba Trustix Secure Linux Advisor (Mon Nov 25 2002 - 06:44:14 PST)
- ASI Sybase Security Alert: Buffer overflow in xp_freedll Aaron C. Newman (Application Security, Inc.) (Wed Nov 27 2002 - 11:09:46 PST)
- ASI Sybase Security Alert: Buffer overflow in DBCC CHECKVERIFY Aaron C. Newman (Application Security, Inc.) (Wed Nov 27 2002 - 11:14:25 PST)
- Cross-site Scripting Vulnerability in ImageFolio Image Gallery Software Stuart Moore (Wed Nov 27 2002 - 05:52:43 PST)
- Kerberos login sniffer and cracker for Windows 2000/XP Arne Vidstrom (Wed Nov 27 2002 - 22:06:15 PST)
- Re: d_path() truncating excessive long path name vulnerability Paul Szabo (Tue Nov 26 2002 - 18:04:04 PST)
- AIM Bug Dave B. (Sun Nov 24 2002 - 18:15:53 PST)
- Netscape 4 Java buffer overflow Jouko Pynnonen (Tue Nov 26 2002 - 10:12:56 PST)
- Security Patch for PortailPHP 0.99 vALDEUxat_private (Thu Nov 28 2002 - 09:50:50 PST)
- [Sec-Tec Advisory] Local scripting vulnerability in phpBB Pete Foster (Mon Nov 25 2002 - 00:51:57 PST)
- ASI Sybase Security Alert: Buffer overflow in DROP DATABASE Aaron C. Newman (Application Security, Inc.) (Wed Nov 27 2002 - 11:12:01 PST)
- bogofilter contrib/bogopass temp file vulnerability Matthias Andree (Thu Nov 28 2002 - 18:36:37 PST)
- Linksys not fixed Will (Mon Nov 25 2002 - 19:11:52 PST)
- Remote POST Buffer Overflow vulnerability in Pserv. dong-h0un U (Sat Nov 23 2002 - 23:44:09 PST)
- File reading vulnerable in PHP and MySQL (Local Exploit) Hai Nam Luke (Tue Nov 26 2002 - 02:57:52 PST)
- [ESA-20021127-032] 'pine' version upgrade, security fixes. EnGarde Secure Linux (Wed Nov 27 2002 - 05:06:28 PST)
- [OpenPKG-SA-2002.012] OpenPKG Security Advisory (samba) OpenPKG (Fri Nov 29 2002 - 02:12:18 PST)
- FreeNews & News Evolution (PHP) Frog Man (Tue Nov 26 2002 - 08:43:49 PST)
- [security bulletin] SSRT2385 OSIS V5.4 LDAP Module for System Authentication Potential Security Vulnerability (fwd) Dave Ahmad (Tue Nov 26 2002 - 07:22:46 PST)
- [security bulletin] SSRT2301 - HP Tru64 UNIX uudecode Potential Security Vulnerability (fwd) Dave Ahmad (Tue Nov 26 2002 - 07:23:09 PST)
- [Full-Disclosure] [ESA-20021127-032] 'pine' version upgrade, security fixes. EnGarde Secure Linux (Wed Nov 27 2002 - 05:06:28 PST)
- vBulletin XSS Injection Vulnerability Sp.IC (Sat Nov 23 2002 - 15:13:25 PST)
- Solaris priocntl exploit ÝþÒãÁˆ (Tue Nov 26 2002 - 19:00:11 PST)
- [Security bulletin] SSRT2266 HP Tru64 UNIX IGMP Potential (DoS) Security Vulnerability (fwd) Dave Ahmad (Tue Nov 26 2002 - 12:16:23 PST)
- Remote Multiple Buffer Overflow(s) vulnerability in Libcgi-tuxbr. dong-h0un U (Wed Nov 27 2002 - 23:48:56 PST)
- MDKSA-2002:081 - Updated samba packages fix potential root compromise Mandrake Linux Security Team (Mon Nov 25 2002 - 18:47:08 PST)
- MDKSA-2002:083 - Updated sendmail packages fix smrsh insecurities Mandrake Linux Security Team (Thu Nov 28 2002 - 08:40:53 PST)
- On vulnerabilities in open and closed source products Steven M. Christey (Tue Nov 26 2002 - 16:56:12 PST)
- MDKSA-2002:082 - Updated python packages fix local arbitrary code execution vulnerability Mandrake Linux Security Team (Mon Nov 25 2002 - 18:48:50 PST)
- [Full-Disclosure] [ElectronicSouls] - BOOZT CGI Exploit esat_private (Fri Nov 29 2002 - 09:10:01 PST)
- User downgraded from Administrator to User retains the ability to list other user's running tasks Eitan Caspi (Thu Nov 28 2002 - 22:57:26 PST)
- Remote Frame Pointer Overwrite vulnerability in LIB CGI in Language C. dong-h0un U (Tue Nov 26 2002 - 23:05:01 PST)
- SuSE Security Announcement: pine (SuSE-SA:2002:046) Thomas Biege (Mon Nov 25 2002 - 03:05:38 PST)
- Exploit for traceroute-nanog overflow Carl Livitt (Fri Nov 29 2002 - 09:49:48 PST)
- Potential Vuln in McAfee VirusScan 451 jari.heleniusat_private (Thu Nov 28 2002 - 22:59:22 PST)
- Lag Security Advisory - Com21 cable modem configuration file feeding vulnerability David Laganière (Thu Nov 28 2002 - 15:33:05 PST)
Last message date: Mon Dec 02 2002 - 10:19:16 PST
Archived on: Mon Dec 02 2002 - 10:19:19 PST
406 messages sorted by:
[ author ]
[ date ]
[ subject ]
Other mail archives
This archive was generated by hypermail 2b30
: Mon Dec 02 2002 - 10:19:19 PST