bugtraq 2002/12
By Thread
Most recent messages
301 messages sorted by:
[ author ]
[ date ]
[ subject ]
Other mail archives
Starting: Mon Dec 02 2002 - 07:51:58 PST
Ending: Mon Feb 03 2003 - 15:58:27 PST
- Thatware (PHP) Frog Man (Sun Dec 01 2002 - 10:35:11 PST)
- Multiple pServ Remote Buffer Overflow Vulnerabilities Matthew Murphy (Sun Dec 01 2002 - 10:15:52 PST)
- Cross-site Scripting Vulnerability in YaBB 1 Gold - SP1! Fabricio Angeletti (Sun Dec 01 2002 - 16:59:01 PST)
- [SECURITY] [DSA 201-1] New Free/SWan packages fix denial of service Martin Schulze (Mon Dec 02 2002 - 07:22:12 PST)
- GLSA: pine Daniel Ahlberg (Mon Dec 02 2002 - 05:39:20 PST)
- Re: [Full-Disclosure] Netscape Problems. Ben Bucksch (Sat Nov 30 2002 - 16:32:20 PST)
- Advisory: Lawson Financials RDBMS Insecurity John Eisenschmidt (Mon Dec 02 2002 - 08:28:39 PST)
- [Full-Disclosure] ShopFactory shopping cart price manipulation Richard van den Berg (Mon Dec 02 2002 - 09:33:17 PST)
- Advisory: Webster HTTP Server Matthew Murphy (Sun Dec 01 2002 - 10:15:11 PST)
- RE: Kerberos login sniffer and cracker for Windows 2000/XP Jason Coombs (Sun Dec 01 2002 - 18:24:18 PST)
- Re: Solaris priocntl exploit Jay Beale (Mon Dec 02 2002 - 08:45:38 PST)
- [Full-Disclosure] [RHSA-2002:196-19] Updated xinetd packages fix denial of service vulnerability bugzillaat_private (Mon Dec 02 2002 - 12:38:01 PST)
- RE: Exploit for traceroute-nanog overflow Carl Livitt (Mon Dec 02 2002 - 10:36:26 PST)
- pre-login buffer overflow in Cyrus IMAP server Timo Sirainen (Mon Dec 02 2002 - 09:56:06 PST)
- ShopFactory shopping cart price manipulation Richard van den Berg (Mon Dec 02 2002 - 09:54:12 PST)
- Cyrus Sieve / libSieve buffer overflow Timo Sirainen (Mon Dec 02 2002 - 09:56:45 PST)
- [VU#317417] Denial of Service condition in vxworks ftpd/3com nbx Michael S. Scheidell (Mon Dec 02 2002 - 10:04:31 PST)
- Bypassing Integrity Protection Driver (time vulnerability) Jan Rutkowski (Mon Dec 02 2002 - 12:08:17 PST)
- CORE-20021005: Vulnerability Report For Linksys Devices Carlos Sarraute (Mon Dec 02 2002 - 17:49:03 PST)
- MDKSA-2002:085 - Updated WindowMaker packages fix buffer overflow vulnerability Mandrake Linux Security Team (Mon Dec 02 2002 - 17:08:16 PST)
- [SNS Advisory No.59] Buffalo Wireless LAN Access Point Denial of Service Vulnerability (was Re: Buffalo AP Denial of Service) snsadvat_private (Mon Dec 02 2002 - 20:13:39 PST)
- Local Netfilter / IPTables IP Queue PID Wrap Flaw James Morris (Tue Dec 03 2002 - 03:01:11 PST)
- Poisonous Style for Dialog window turns the zone off. Liu Die Yu (Mon Dec 02 2002 - 22:26:37 PST)
- SquirrelMail v1.2.9 XSS bugs euronymous (Mon Dec 02 2002 - 20:28:14 PST)
- Zeroo Webserver remote directory traversal exploit Mike Cramp (Tue Dec 03 2002 - 07:01:09 PST)
- [SECURITY] [DSA 202-1] New IM packages fix insecure temporary file creation Martin Schulze (Tue Dec 03 2002 - 06:53:27 PST)
- MDKSA-2002:084 - Updated pine packages fix buffer overflow vulnerability Mandrake Linux Security Team (Mon Dec 02 2002 - 17:06:42 PST)
- Fw: CERT Advisory CA-2002-34 Buffer Overflow in Solaris X Window Font Service Muhammad Faisal Rauf Danka (Mon Dec 02 2002 - 10:03:20 PST)
- [Full-Disclosure] [RHSA-2002:254-05] Updated Webalizer packages fix vulnerability bugzillaat_private (Wed Dec 04 2002 - 00:34:55 PST)
- [Full-Disclosure] [RHSA-2002:220-40] Updated KDE packages fix security issues bugzillaat_private (Wed Dec 04 2002 - 02:55:54 PST)
- [Full-Disclosure] SAP database local root via symlink KF (Wed Dec 04 2002 - 06:57:30 PST)
- Local root vulnerability found in exim 4.x (and 3.x) Wana Thomas (Wed Dec 04 2002 - 07:40:29 PST)
- [Full-Disclosure] Security Update: [CSSA-2002-054.0] Linux: exploitable memory leak in ypserv securityat_private (Wed Dec 04 2002 - 11:06:20 PST)
- SAP database local root via symlink KF (Wed Dec 04 2002 - 06:57:30 PST)
- [SECURITY] [DSA 203-1] New smb2www packages fix arbitrary command execution Martin Schulze (Wed Dec 04 2002 - 07:12:34 PST)
- [CLA-2002:551] Conectiva Linux Security Announcement - pine secureat_private (Wed Dec 04 2002 - 10:41:18 PST)
- Windows XP Disclosure of Registered AP Information snsadvat_private (Wed Dec 04 2002 - 01:01:55 PST)
- [Full-Disclosure] Security Update: [CSSA-2002-055.0] Linux: RPC XDR buffer overflow securityat_private (Wed Dec 04 2002 - 13:43:50 PST)
- Security Update: [CSSA-2002-054.0] Linux: exploitable memory leak in ypserv securityat_private (Wed Dec 04 2002 - 11:06:20 PST)
- [Full-Disclosure] Multiple Vulnerabilities in BIND Name Service Daemon on IRIX SGI Security Coordinator (Wed Dec 04 2002 - 13:45:31 PST)
- [Full-Disclosure] Buffer Overflow Vulnerability in X Font Server on IRIX SGI Security Coordinator (Wed Dec 04 2002 - 14:31:04 PST)
- Sygate Personal Firewall can be shut down without a need to supply a password - although one is required Eitan Caspi (Wed Dec 04 2002 - 12:59:12 PST)
- Security Update: [CSSA-2002-055.0] Linux: RPC XDR buffer overflow securityat_private (Wed Dec 04 2002 - 13:43:50 PST)
- [SECURITY] [DSA 204-1] New kdlibs packages fix arbitrary program execution Martin Schulze (Thu Dec 05 2002 - 07:11:10 PST)
- Notes on MS02-068, extensive downplaying of severity Thor Larholm (Thu Dec 05 2002 - 05:41:35 PST)
- [Full-Disclosure] BIND Name Server DNS Spoofing Vulnerability on IRIX SGI Security Coordinator (Thu Dec 05 2002 - 08:56:26 PST)
- [Full-Disclosure] Samba Security Vulnerability on IRIX SGI Security Coordinator (Thu Dec 05 2002 - 09:19:40 PST)
- Multiple vulnerabilities in akfingerd Gianni Tedesco (Thu Dec 05 2002 - 10:29:45 PST)
- Proxy vulnerability in TrendMicro InterScan-VirusWall V3.6 Volker Tanger (Thu Dec 05 2002 - 08:00:39 PST)
- Cross-site Scripting Vulnerability in phpBB 2.0.3 Fabricio Angeletti (Tue Dec 03 2002 - 12:09:00 PST)
- [Fwd: [RHSA-2002:196-09] Updated xinetd packages fix denial of service vulnerability] Dan Rowles (Wed Dec 04 2002 - 05:43:29 PST)
- Cobalt RaQ4 Remote root exploit grazer@digit-labs.org (Thu Dec 05 2002 - 13:38:42 PST)
- Sygate Personal Firewall can be shut down without a need to suppl y Seth Knox (Thu Dec 05 2002 - 10:44:19 PST)
- [Full-Disclosure] Security Industry Under Scrutiny: Part 3 sockz loves you (Thu Dec 05 2002 - 15:41:40 PST)
- RE: Sygate Personal Firewall can be shut down without a need to supply Eitan Caspi (Thu Dec 05 2002 - 14:01:30 PST)
- [Full-Disclosure] Security Update: [CSSA-2002-056.0] Linux: apache vulnerabilities in shared memory, DNS, and ApacheBench securityat_private (Thu Dec 05 2002 - 16:26:45 PST)
- Security Update: [CSSA-2002-056.0] Linux: apache vulnerabilities in shared memory, DNS, and ApacheBench securityat_private (Thu Dec 05 2002 - 16:26:45 PST)
- SuSE Security Announcement: OpenLDAP2 (SuSE-SA:2002:047) Sebastian Krahmer (Fri Dec 06 2002 - 03:21:47 PST)
- [SECURITY] [DSA 202-2] New IM packages correct hidden architecture dependency Martin Schulze (Fri Dec 06 2002 - 06:08:09 PST)
- [SECURITY] [DSA 192-2] New html2ps packages correct fix against arbitrary code execution Martin Schulze (Fri Dec 06 2002 - 06:07:30 PST)
- WebReflex Directory Traversal Vulnerability luca.ercoliat_private (Fri Dec 06 2002 - 05:44:55 PST)
- [Full-Disclosure] RE: Full-Disclosure digest, Vol 1 #433 - 4 msgs Steve W. Manzuik (Fri Dec 06 2002 - 07:33:05 PST)
- APBoard-Bug DNA ESC (Fri Dec 06 2002 - 13:03:21 PST)
- [Full-Disclosure] Security Update: [CSSA-2002-057.0] Linux: groff pic buffer overflow securityat_private (Fri Dec 06 2002 - 16:30:34 PST)
- Security Update: [CSSA-2002-057.0] Linux: groff pic buffer overflow securityat_private (Fri Dec 06 2002 - 16:30:34 PST)
- XSS and Path Disclosure in UPB euronymous (Sat Dec 07 2002 - 09:08:34 PST)
- SECURITY.NNOV: more Ikonboard 3.1.1 crossite scriptings 3APA3A (Mon Dec 09 2002 - 05:49:43 PST)
- [SecurityOffice] Enceladus Server Suite v3.9 Buffer Overflow Vulnerability Tamer Sahin (Mon Dec 09 2002 - 10:31:43 PST)
- Cyrus SASL library buffer overflows Timo Sirainen (Mon Dec 09 2002 - 11:25:08 PST)
- Security Update: [CSSA-2002-SCO.43] UnixWare 7.1.1 Open UNIX 8.0.0 : closed file descriptor race vulnerability securityat_private (Mon Dec 09 2002 - 13:41:12 PST)
- [Full-Disclosure] Security Update: [CSSA-2002-SCO.43] UnixWare 7.1.1 Open UNIX 8.0.0 : closed file descriptor race vulnerability securityat_private (Mon Dec 09 2002 - 13:41:12 PST)
- [Full-Disclosure] [RHSA-2002:246-18] Updated Canna packages fix vulnerabilities bugzillaat_private (Tue Dec 10 2002 - 07:22:01 PST)
- [Full-Disclosure] [RHSA-2002:229-10] Updated wget packages fix directory traversal bug bugzillaat_private (Tue Dec 10 2002 - 07:23:31 PST)
- Unchecked buffer in PC-cillin advisoriesat_private (Tue Dec 10 2002 - 03:04:43 PST)
- [VulnWatch] proftpd <=1.2.7rc3 DoS Rob klein Gunnewiek (Sun Dec 08 2002 - 04:53:57 PST)
- Remote multiple vulnerability in apt-www-proxy. dong-h0un U (Mon Dec 09 2002 - 23:57:23 PST)
- TFTP32 DOS securma massine (Tue Dec 10 2002 - 12:45:36 PST)
- MDKSA-2002:082-1 - Updated python packages fix local arbitrary code execution vulnerability Mandrake Linux Security Team (Sun Dec 08 2002 - 23:05:38 PST)
- RE: Sygate Personal Firewall can be shut down without a need to s upply a password - although one is required Seth Knox (Mon Dec 09 2002 - 12:26:12 PST)
- KunaniFTP-Server v.1.0.10 allows dictionary traversal Zero-X www.lobnan.de Team (Tue Dec 10 2002 - 14:23:24 PST)
- [Full-Disclosure] Security Update: [CSSA-2002-058.0] Linux: buffer overflow in nss_ldap DNS SRV securityat_private (Tue Dec 10 2002 - 17:08:02 PST)
- [SECURITY] [DSA-206-1] tcpdump BGP decoding error Wichert Akkerman (Tue Dec 10 2002 - 14:41:24 PST)
- [SECURITY] [DSA-205-1] gtetrinet buffer overflows Wichert Akkerman (Tue Dec 10 2002 - 14:25:34 PST)
- Directory traversing bug in 'myServer' webserver. dong-h0un U (Wed Dec 11 2002 - 06:57:46 PST)
- [Full-Disclosure] Security Update: [CSSA-2002-SCO.44] UnixWare 7.1.1 Open UNIX 8.0.0 : uudecode performs inadequate checks on user-specified output files securityat_private (Wed Dec 11 2002 - 10:48:07 PST)
- Directory Traversal Vulnerabilities in FTP Clients Steven M. Christey (Tue Dec 10 2002 - 16:21:20 PST)
- Cisco Security Advisory: OSM Line Card Header Corruption Vulnerability Cisco Systems Product Security Incident Response Team (Wed Dec 11 2002 - 08:30:00 PST)
- Security Update: [CSSA-2002-058.0] Linux: buffer overflow in nss_ldap DNS SRV securityat_private (Tue Dec 10 2002 - 17:08:02 PST)
- Re: Zeus Admin Server v4.1r2 index.fcgi XSS bug Colin Watson (Wed Dec 11 2002 - 03:40:58 PST)
- [SECURITY] [DSA 207-1] New tetex-lib packages fix arbitrary command execution Martin Schulze (Wed Dec 11 2002 - 08:37:28 PST)
- Enceladus Server Suite traversal directory vulnerability luca.ercoliat_private (Sun Dec 08 2002 - 11:15:51 PST)
- Denial of Service vulnerability in VisNetic Website Peter Kruse (Wed Dec 11 2002 - 14:30:08 PST)
- proftpd <=1.2.7rc3 DoS Rob klein Gunnewiek (Sun Dec 08 2002 - 04:53:57 PST)
- MTPSR1-120 Firewall Proxy configuration software UkR security team™ (Tue Dec 10 2002 - 20:39:21 PST)
- Security Update: [CSSA-2002-SCO.44] UnixWare 7.1.1 Open UNIX 8.0.0 : uudecode performs inadequate checks on user-specified output files securityat_private (Wed Dec 11 2002 - 10:48:07 PST)
- [Full-Disclosure] Advisory 04/2002: Multiple MySQL vulnerabilities Stefan Esser (Thu Dec 12 2002 - 03:26:25 PST)
- [VulnWatch] Advisory 04/2002: Multiple MySQL vulnerabilities Stefan Esser (Thu Dec 12 2002 - 03:26:25 PST)
- CERT Advisory CA-2002-35 Vulnerability in RaQ 4 Servers (fwd) Muhammad Faisal Rauf Danka (Thu Dec 12 2002 - 04:14:26 PST)
- [Full-Disclosure] [VulnWatch] Advisory 04/2002: Multiple MySQL vulnerabilities Stefan Esser (Thu Dec 12 2002 - 03:26:25 PST)
- PNG (Portable Network Graphics) Deflate Heap Corruption Vulnerability Marc Maiffret (Wed Dec 11 2002 - 16:16:15 PST)
- Multiple Mambo Site Server sec-weaknesses euronymous (Thu Dec 12 2002 - 05:28:40 PST)
- [Full-Disclosure] [RHSA-2002:222-21] Updated apache, httpd, and mod_ssl packages available bugzillaat_private (Thu Dec 12 2002 - 11:05:13 PST)
- [SECURITY] [DSA 208-1] New Perl packages correct Safe handling Martin Schulze (Thu Dec 12 2002 - 06:46:52 PST)
- VisNetic WebSite XSS vulnerability through HTTP referer header Ory Segal (Thu Dec 12 2002 - 00:24:32 PST)
- MDKSA-2002:086 - Updated wget packages fix directory traversal vulnerability Mandrake Linux Security Team (Wed Dec 11 2002 - 16:23:20 PST)
- [SECURITY] [DSA-209-1] two wget problems Wichert Akkerman (Thu Dec 12 2002 - 14:49:14 PST)
- Password Hole Found In Webshots Brian Carpenter (Thu Dec 12 2002 - 10:33:21 PST)
- [Full-Disclosure] iDefense Security Advisory gobblesat_private (Thu Dec 12 2002 - 15:26:37 PST)
- XSS flaw found at "https://www.e-gold.com" Liu Die Yu (Tue Dec 10 2002 - 04:50:03 PST)
- iDefense Security Advisory gobblesat_private (Thu Dec 12 2002 - 15:26:37 PST)
- [Full-Disclosure] RE: iDefense Security Advisory David Endler (Thu Dec 12 2002 - 17:06:56 PST)
- [SECURITY] [DSA-210-1] lynx CRLF injection Wichert Akkerman (Thu Dec 12 2002 - 15:41:26 PST)
- [Full-Disclosure] Advisory 05/2002: Another Fetchmail Remote Vulnerability Stefan Esser (Fri Dec 13 2002 - 02:17:59 PST)
- [Full-Disclosure] Re: iDefense (Immunity Sec) Advisory Dave Aitel (Fri Dec 13 2002 - 03:18:17 PST)
- [VulnWatch] Advisory 05/2002: Another Fetchmail Remote Vulnerability Stefan Esser (Fri Dec 13 2002 - 02:17:59 PST)
- [Full-Disclosure] [VulnWatch] Advisory 05/2002: Another Fetchmail Remote Vulnerability Stefan Esser (Fri Dec 13 2002 - 02:17:59 PST)
- [SECURITY] [DSA 211-1] New mICQ packages fix denial of service Martin Schulze (Fri Dec 13 2002 - 07:26:54 PST)
- Eserv remote denial of service securma massine (Fri Dec 13 2002 - 08:31:09 PST)
- Anyone can read all XOOPS private messages Val Deux (Fri Dec 13 2002 - 07:32:36 PST)
- [ESA-20021213-033] Several MySQL vulnerabilities. EnGarde Secure Linux (Fri Dec 13 2002 - 08:06:10 PST)
- [Full-Disclosure] [ESA-20021213-033] Several MySQL vulnerabilities. EnGarde Secure Linux (Fri Dec 13 2002 - 08:06:10 PST)
- [Full-Disclosure] Directory Traversal Vulnerability in FTP Client on IRIX SGI Security Coordinator (Fri Dec 13 2002 - 11:13:33 PST)
- [CLA-2002:552] Conectiva Linux Security Announcement - wget secureat_private (Fri Dec 13 2002 - 12:23:29 PST)
- FW: SQL Injection Solved Louie Conceicao (Fri Dec 13 2002 - 12:46:24 PST)
- [VulnWatch] gfxboot allows boot password circumvention, SuSE 8.1 GRUB Matthias Andree (Fri Dec 13 2002 - 17:18:44 PST)
- MyPHPLinks (PHP) : SQL Injection Frog Man (Sat Dec 14 2002 - 10:41:45 PST)
- [Full-Disclosure] Password Disclosure in Cryptainer K. K. Mookhey (Mon Dec 16 2002 - 00:17:45 PST)
- gfxboot allows boot password circumvention, SuSE 8.1 GRUB Matthias Andree (Fri Dec 13 2002 - 17:18:44 PST)
- [securitydigest.org]: Changes for December 2002 Curator at Security Digest Archives (Sat Dec 14 2002 - 10:29:40 PST)
- Missing admin sql password in Okena StormWatch Marc Ruef (Tue Dec 17 2002 - 23:06:19 PST)
- Security Paper: Session Fixation Vulnerability in Web-based Applications Mitja Kolsek (ACROS Lists) (Wed Dec 18 2002 - 06:01:25 PST)
- [VulnWatch] Security Paper: Session Fixation Vulnerability in Web-based Applications Mitja Kolsek \(ACROS Lists\) (Wed Dec 18 2002 - 06:01:25 PST)
- [VulnWatch] RAZOR advisory: Linux 2.2.xx /proc/<pid>/mem mmap() vulnerability Michal Zalewski (Tue Dec 17 2002 - 13:02:18 PST)
- RAZOR advisory: Linux 2.2.xx /proc/<pid>/mem mmap() vulnerability Michal Zalewski (Tue Dec 17 2002 - 13:02:18 PST)
- [Full-Disclosure] RAZOR advisory: Linux 2.2.xx /proc/<pid>/mem mmap() vulnerability Michal Zalewski (Tue Dec 17 2002 - 13:02:18 PST)
- Directory traversal vulnerabilities in several archivers processing .tar Florian Schafferhans (Mon Dec 16 2002 - 15:40:43 PST)
- export LD_LIBRARY_PATH in /etc/profile.d/* files richat_private (Tue Dec 17 2002 - 10:51:00 PST)
- Fwd: CERT Advisory CA-2002-36 Multiple Vulnerabilities in SSH Implementations Muhammad Faisal Rauf Danka (Tue Dec 17 2002 - 00:06:47 PST)
- Re: adelphia vulnerability within subnets 0x90 (Mon Dec 16 2002 - 18:12:21 PST)
- [OpenPKG-SA-2002.016] OpenPKG Security Advisory (fetchmail) OpenPKG (Tue Dec 17 2002 - 08:24:17 PST)
- [SECURITY] [DSA-212-1] Multiple MySQL vulnerabilities Wichert Akkerman (Tue Dec 17 2002 - 03:55:56 PST)
- [CLA-2002:555] Conectiva Linux Security Announcement - MySQL secureat_private (Tue Dec 17 2002 - 05:56:33 PST)
- Macromedia Shockwave Flash Malformed Header Overflow #2 Marc Maiffret (Mon Dec 16 2002 - 17:27:13 PST)
- RE: Password Hole Found In Webshots - (Webshots Confirmed) Shutters, Mike (Wed Dec 18 2002 - 13:05:58 PST)
- [Full-Disclosure] RE: Multiple vendors XML parser (and SOAP/WebServices server) Den ial of Service attack using DTD Amit Klein (Tue Dec 17 2002 - 01:42:33 PST)
- [Full-Disclosure] [RHSA-2002:228-11] Updated Net-SNMP packages fix security and other bugs bugzillaat_private (Tue Dec 17 2002 - 02:09:39 PST)
- [Full-Disclosure] [RHSA-2002:293-09] Updated Fetchmail packages fix security vulnerability bugzillaat_private (Tue Dec 17 2002 - 01:20:12 PST)
- [Full-Disclosure] Captaris (Infinite) WebMail XSS Pedram Amini (Mon Dec 16 2002 - 15:23:10 PST)
- Security Patchs for PHP Products Frog Man (Sun Dec 15 2002 - 05:12:33 PST)
- Captaris (Infinite) WebMail XSS Pedram Amini (Mon Dec 16 2002 - 15:23:10 PST)
- [VulnWatch] PFinger 0.7.8 format string vulnerability (#NISR16122002B) NGSSoftware Insight Security Research (Mon Dec 16 2002 - 11:55:05 PST)
- zkfingerd 0.9.1 format string vulnerabilities (#NISR16122002A) NGSSoftware Insight Security Research (Mon Dec 16 2002 - 11:53:29 PST)
- [CLA-2002:554] Conectiva Linux Security Announcement - fetchmail secureat_private (Mon Dec 16 2002 - 12:39:35 PST)
- [CLA-2002:553] Conectiva Linux Security Announcement - kernel 2.4 secureat_private (Mon Dec 16 2002 - 11:41:54 PST)
- PFinger 0.7.8 format string vulnerability (#NISR16122002B) NGSSoftware Insight Security Research (Mon Dec 16 2002 - 11:55:05 PST)
- [VulnWatch] zkfingerd 0.9.1 format string vulnerabilities (#NISR16122002A) NGSSoftware Insight Security Research (Mon Dec 16 2002 - 11:53:29 PST)
- Cross-site scripting vulnerability in CF 5.0 KiLL CoLe (Mon Dec 16 2002 - 10:16:15 PST)
- GLSA: exim Daniel Ahlberg (Mon Dec 16 2002 - 08:33:19 PST)
- PHP-Nuke 6.0 : Path Disclosure & Cross Site Scripting Frog Man (Sun Dec 15 2002 - 11:14:38 PST)
- [OpenPKG-SA-2002.015] OpenPKG Security Advisory (tetex) OpenPKG (Mon Dec 16 2002 - 08:42:53 PST)
- [OpenPKG-SA-2002.013] OpenPKG Security Advisory (mysql) OpenPKG (Mon Dec 16 2002 - 08:42:27 PST)
- PHP-Nuke code execution and XSS vulnerabilities Ulf Harnhammar (Mon Dec 16 2002 - 07:36:02 PST)
- R7-0009: Vulnerabilities in SSH2 Implementations from Multiple Vendors Rapid 7 Security Advisories (Mon Dec 16 2002 - 06:42:37 PST)
- [OpenPKG-SA-2002.014] OpenPKG Security Advisory (perl) OpenPKG (Mon Dec 16 2002 - 08:42:41 PST)
- Multiple vendors XML parser (and SOAP/WebServices server) Denial of Service attack using DTD Amit Klein (Mon Dec 16 2002 - 08:51:54 PST)
- [VulnWatch] PHP-Nuke code execution and XSS vulnerabilities Ulf Harnhammar (Mon Dec 16 2002 - 07:36:02 PST)
- Password Disclosure in Cryptainer K. K. Mookhey (Mon Dec 16 2002 - 00:17:45 PST)
- [Full-Disclosure] PHP-Nuke code execution and XSS vulnerabilities Ulf Harnhammar (Mon Dec 16 2002 - 07:36:02 PST)
- [VulnWatch] Password Disclosure in Cryptainer K. K. Mookhey (Mon Dec 16 2002 - 00:17:45 PST)
- GLSA: squirrelmail Daniel Ahlberg (Sun Dec 15 2002 - 06:38:48 PST)
- GLSA: fetchmail Daniel Ahlberg (Sun Dec 15 2002 - 05:07:30 PST)
- GLSA: mysql Daniel Ahlberg (Sun Dec 15 2002 - 04:25:41 PST)
- iDEFENSE Security Advisory 12.19.02: Multiple Security Vulnerabilities in Common Unix Printing System (CUPS) iDEFENSE Labs (Thu Dec 19 2002 - 08:55:05 PST)
- [Full-Disclosure] Security Update: [CSSA-2002-059.0] Linux: multiple vulnerabilities in BIND (CERT CA-2002-31) securityat_private (Thu Dec 19 2002 - 16:17:40 PST)
- [Fix] Openwebmail 1.71 remote root compromise Dmitry Guyvoronsky (Thu Dec 19 2002 - 08:55:06 PST)
- Cisco IOS EIGRP Network DoS FX (Thu Dec 19 2002 - 09:06:32 PST)
- TSLSA-2002-0089 - wget Trustix Secure Linux Advisor (Thu Dec 19 2002 - 11:52:06 PST)
- TSLSA-2002-0087 - perl Trustix Secure Linux Advisor (Thu Dec 19 2002 - 11:51:50 PST)
- TSLSA-2002-0085 - lynx-ssl Trustix Secure Linux Advisor (Thu Dec 19 2002 - 11:51:21 PST)
- TSLSA-2002-0084 - tcpdump Trustix Secure Linux Advisor (Thu Dec 19 2002 - 11:51:05 PST)
- TSLSA-2002-0083 - kernel Trustix Secure Linux Advisor (Thu Dec 19 2002 - 11:50:49 PST)
- TSLSA-2002-0086 - mysql Trustix Secure Linux Advisor (Thu Dec 19 2002 - 11:51:36 PST)
- Openwebmail 1.71 remote root compromise Dmitry Guyvoronsky (Wed Dec 18 2002 - 09:37:59 PST)
- Multiple vulnerability in Enceladus Server securma massine (Thu Dec 19 2002 - 19:28:23 PST)
- WAnewsletter (PHP) Frog Man (Thu Dec 19 2002 - 07:19:52 PST)
- [CLA-2002:556] Conectiva Linux Security Announcement - openldap secureat_private (Thu Dec 19 2002 - 06:43:58 PST)
- [SECURITY] [DSA 213-1] New libpng packages fix buffer overflow Martin Schulze (Thu Dec 19 2002 - 06:44:16 PST)
- Foundstone Research Labs Advisory - Multiple Exploitable Buffer Overflows in Winamp (fwd) Dave Ahmad (Wed Dec 18 2002 - 16:31:43 PST)
- Foundstone Research Labs Advisory - Exploitable Windows XP Media Files (fwd) Dave Ahmad (Wed Dec 18 2002 - 16:31:29 PST)
- MDKSA-2002:068-1 - Updated apache packages fix multiple vulnerabilities Mandrake Linux Security Team (Wed Dec 18 2002 - 09:57:15 PST)
- MDKSA-2002:087 - Updated MySQL packages fix multiple vulnerabilities Mandrake Linux Security Team (Wed Dec 18 2002 - 10:00:13 PST)
- RE: Foundstone Research Labs Advisory - Multiple Exploitable Buff er Overflows in Winamp (fwd) Shutters, Mike (Thu Dec 19 2002 - 17:17:23 PST)
- [SECURITY] [DSA 214-1] New kdentwork packages fix buffer overflows Martin Schulze (Fri Dec 20 2002 - 08:02:12 PST)
- PHP-Nuke mail CRLF Injection vulnerabilities Ulf Harnhammar (Fri Dec 20 2002 - 02:32:21 PST)
- RealNetworks HELIX Server Buffer Overflow Vulnerabilities (#NISR20122002) NGSSoftware Insight Security Research (Fri Dec 20 2002 - 11:59:53 PST)
- GLSA: wget Daniel Ahlberg (Fri Dec 20 2002 - 09:16:15 PST)
- nCipher Advisory #6: Access control defects in PKCS#11 keys nCipher Support (Fri Dec 20 2002 - 02:40:06 PST)
- SPGpartenaires (PHP) Frog Man (Fri Dec 20 2002 - 03:51:17 PST)
- [SecurityOffice] Polycom Video Conference System Management Server Authentication Bypass Vulnerability Tamer Sahin (Thu Dec 19 2002 - 01:49:32 PST)
- SuSE Security Announcement: cyrus-imapd (SuSE-SA:2002:048) Sebastian Krahmer (Fri Dec 20 2002 - 10:06:55 PST)
- GLSA: canna Daniel Ahlberg (Fri Dec 20 2002 - 09:24:53 PST)
- GLSA: perl Daniel Ahlberg (Fri Dec 20 2002 - 06:47:28 PST)
- [RAZOR] Problems with mkstemp() Michal Zalewski (Fri Dec 20 2002 - 09:30:30 PST)
- Web server vulnerability in Axis Network Cameras, Video Servers and DVRs Axis Product Security (Fri Dec 20 2002 - 08:22:23 PST)
- [VulnWatch] RealNetworks HELIX Server Buffer Overflow Vulnerabilities (#NISR20122002) NGSSoftware Insight Security Research (Fri Dec 20 2002 - 11:59:53 PST)
- [VulnWatch] [RAZOR] Problems with mkstemp() Michal Zalewski (Fri Dec 20 2002 - 09:30:30 PST)
- [Full-Disclosure] [RAZOR] Problems with mkstemp() Michal Zalewski (Fri Dec 20 2002 - 09:30:30 PST)
- [VulnWatch] PHP-Nuke mail CRLF Injection vulnerabilities Ulf Harnhammar (Fri Dec 20 2002 - 02:32:21 PST)
- [Full-Disclosure] PHP-Nuke mail CRLF Injection vulnerabilities Ulf Harnhammar (Fri Dec 20 2002 - 02:32:21 PST)
- XSS and PHP include bug in W-Agora xatr0z (Thu Dec 19 2002 - 08:34:42 PST)
- Security Update: [CSSA-2002-059.0] Linux: multiple vulnerabilities in BIND (CERT CA-2002-31) securityat_private (Thu Dec 19 2002 - 16:17:40 PST)
- Cisco Security Advisory: Cisco Security Advisory: SSH Malformed Packet Vulnerabilities Cisco Systems Product Security Incident Response Team (Thu Dec 19 2002 - 16:00:00 PST)
- [Full-Disclosure] Matlab /tmp usage Paul Szabo (Sun Dec 22 2002 - 11:08:48 PST)
- [Full-Disclosure] Re: iDEFENSE Security Advisory 12.19.02: Multiple Security Vulnerabilities in Common Unix Printing System (CUPS) Joe Testa (Sat Dec 21 2002 - 11:59:06 PST)
- Re: KDE Security Advisory: Multiple vulnerabilities in KDE fozzyat_private (Sun Dec 22 2002 - 15:07:44 PST)
- iDEFENSE Security Advisory 12.23.02: Integer Overflow in pdftops iDEFENSE Labs (Mon Dec 23 2002 - 13:32:47 PST)
- junkbuster 2.0-1 proxy relaying spam Andrew Daviel (Mon Dec 23 2002 - 02:11:41 PST)
- Antwort: Openwebmail 1.71 remote root compromise Stephan Sachweh (Sun Dec 22 2002 - 16:29:50 PST)
- GLSA: kde-3.0.x Daniel Ahlberg (Sun Dec 22 2002 - 05:40:27 PST)
- Hyperion FTP Server buffer overflow securma massine (Tue Dec 24 2002 - 01:24:46 PST)
- zkfingerd remote exploit security (Sun Dec 22 2002 - 13:08:24 PST)
- 'printenv' XSS vulnerability Dr.Tek (Sun Dec 22 2002 - 13:49:58 PST)
- [SECURITY] [DSA 215-1] New cyrus-imapd packages fix remote command execution Martin Schulze (Mon Dec 23 2002 - 06:38:50 PST)
- Matlab /tmp usage Paul Szabo (Sun Dec 22 2002 - 11:08:48 PST)
- [SNS Advisory No.60 rev.2] Windows XP Disclosure of Registered AP Information snsadvat_private (Mon Dec 23 2002 - 20:05:48 PST)
- [SECURITY] [DSA 216-1] New fetchmail packages fix buffer overflow Martin Schulze (Tue Dec 24 2002 - 04:55:57 PST)
- (MSIE)A rather old trick for web server is now played on MSIE. Liu Die Yu (Wed Dec 25 2002 - 21:38:39 PST)
- Full Disclosure: Windows File Protection Arbitrary Certificate Chain Vulnerability FORENSICS.ORG Security Coordinator (Thu Dec 26 2002 - 02:55:36 PST)
- Full Disclosure: Windows File Protection Old Security Catalog Vulnerability FORENSICS.ORG Security Coordinator (Thu Dec 26 2002 - 02:55:19 PST)
- [SECURITY] [DSA 217-1] New typespeed packages fix buffer overflow Martin Schulze (Fri Dec 27 2002 - 07:06:29 PST)
- Re: Solaris priocntl exploit - Sol8 patches available Scott Howard (Fri Dec 27 2002 - 05:15:49 PST)
- GLSA: cyrus-sasl Daniel Ahlberg (Fri Dec 27 2002 - 14:35:28 PST)
- Buffer overflow in PHP "wordwrap" function David F. Skoll (Fri Dec 27 2002 - 13:43:44 PST)
- [CLA-2002:557] Conectiva Linux Security Announcement - cyrus-imapd secureat_private (Fri Dec 27 2002 - 10:33:01 PST)
- Gallery v1.3.2 allows remote exploit (fixed in 1.3.3) Bharat Mediratta (Fri Dec 27 2002 - 23:43:42 PST)
- PHRACK #60 HAS BEEN RELEASED phrackstaffat_private (Sat Dec 28 2002 - 12:49:00 PST)
- [IPS] PUTTY SSH-Client Exploit Daniel Alcántara de la Hoz (Sat Dec 28 2002 - 07:51:46 PST)
- [VulnWatch] Leafnode security announcement SA:2002:01 Matthias Andree (Sun Dec 29 2002 - 12:50:23 PST)
- [VulnWatch] Potential DOS attack with Web-CyrAdm. Casper Aleva (Sun Dec 29 2002 - 17:30:18 PST)
- [Full-Disclosure] Potential DOS attack with Web-CyrAdm. Casper Aleva (Sun Dec 29 2002 - 17:30:18 PST)
- Telindus 112x ADSL Router - Weak Password Encryption eflorioat_private (Sat Dec 28 2002 - 04:58:13 PST)
- GLSA: openldap Daniel Ahlberg (Fri Dec 27 2002 - 16:10:13 PST)
- Potential DOS attack with Web-CyrAdm. Casper Aleva (Sun Dec 29 2002 - 17:30:18 PST)
- GLSA: cups Daniel Ahlberg (Sun Dec 29 2002 - 05:35:18 PST)
- Leafnode security announcement SA:2002:01 Matthias Andree (Sun Dec 29 2002 - 12:50:23 PST)
- [SECURITY] [DSA 218-1] New bugzilla packages fix cross site scripting problem Martin Schulze (Mon Dec 30 2002 - 06:11:17 PST)
- CITIBANK [CANADA]: INTERNET EXPLORER BROWSERS http-equivat_private (Sun Dec 29 2002 - 13:37:50 PST)
- Multiple vulnerabilities found in PlatinumFTPserver V1.0.6 Dennis Rand (Mon Dec 30 2002 - 11:34:40 PST)
- Wired.com: So Many Holes, So Few Hacks Richard M. Smith (Mon Dec 30 2002 - 07:15:28 PST)
- Visual SourceSafe - Preliminary Observations Joel Maslak (Sun Dec 29 2002 - 09:16:06 PST)
- PEEL (PHP) Frog Man (Tue Dec 31 2002 - 07:11:05 PST)
- Updated "Secure Programming for Linux and Unix HOWTO" now available. David Wheeler (Mon Dec 30 2002 - 12:17:38 PST)
- [SECURITY] [DSA 219-1] New dhcpcd packages fix remote command execution vulnerability Martin Schulze (Tue Dec 31 2002 - 05:19:06 PST)
- Historic blackhat archives exposed Pry (Wed Dec 18 2002 - 10:46:10 PST)
- BDT_AV200212140001: Insecure default: Using pam_xauth for su from sh-utils package Andreas Beck (Fri Dec 13 2002 - 20:48:28 PST)
Last message date: Mon Feb 03 2003 - 15:58:27 PST
Archived on: Mon Feb 03 2003 - 15:58:29 PST
301 messages sorted by:
[ author ]
[ date ]
[ subject ]
Other mail archives
This archive was generated by hypermail 2b30
: Mon Feb 03 2003 - 15:58:29 PST