bugtraq 2003/01
By Subject
417 messages sorted by:
[ author ]
[ date ]
[ thread ]
Other mail archives
Starting: Wed Jan 01 2003 - 12:42:08 PST
Ending: Wed Mar 12 2003 - 08:38:17 PST
- "Compaq Web Agent" management session can be re-used without the need to perform authentication
- .MHT Buffer Overflow in Internet Explorer
- 5861 IP Filtering issues
- [ANNOUNCE] Apache 2.0.44 Released
- [ANNOUNCE] WaveLock 1.0 Released
- [BUGZILLA] Security Advisory - remote database password disclosure
- [CLA-2003:561] Conectiva Linux Security Announcement - cvs
- [CLA-2003:562] Conectiva Linux Security Announcement - dhcp
- [CLA-2003:564] Conectiva Linux Security Announcement - libpng
- [ESA-20030127-001] MySQL vulnerabilities
- [ESA-20030127-002] fetchmail-ssl: heap overflow vulnerability
- [Full-Disclosure] (no subject)
- [Full-Disclosure] .: Sambar Server Cross-Site Scripting vulnerability :.
- [Full-Disclosure] [ESA-20030127-001] MySQL vulnerabilities
- [Full-Disclosure] [ESA-20030127-002] fetchmail-ssl: heap overflow vulnerability
- [Full-Disclosure] [RHSA-2002:202-25] Updated python packages fix predictable temporary file
- [Full-Disclosure] [RHSA-2002:270-16] Updated pine packages available
- [Full-Disclosure] [RHSA-2002:283-09] Updated cyrus-sasl packages fix buffer overflows
- [Full-Disclosure] [RHSA-2002:288-22] Updated MySQL packages fix various security issues
- [Full-Disclosure] [RHSA-2002:290-07] Updated Ethereal packages are available
- [Full-Disclosure] [RHSA-2002:295-07] Updated CUPS packages fix various vulnerabilities
- [Full-Disclosure] [RHSA-2002:297-17] Updated vim packages fix modeline vulnerability
- [Full-Disclosure] [RHSA-2003:001-16] Updated PostgreSQL packages fix security issues and bugs
- [Full-Disclosure] [RHSA-2003:006-06] Updated libpng packages fix buffer overflow
- [Full-Disclosure] [RHSA-2003:010-10] Updated PostgreSQL packages fix buffer overrun vulnerabilities
- [Full-Disclosure] [RHSA-2003:011-07] Updated dhcp packages fix security vulnerabilities
- [Full-Disclosure] [RHSA-2003:012-07] Updated CVS packages available
- [Full-Disclosure] [RHSA-2003:020-09] Updated kerberos packages fix vulnerability in ftp client
- [Full-Disclosure] Advisory 01/2003: CVS remote vulnerability
- [Full-Disclosure] Blackboard 5.x Password Retrieval
- [Full-Disclosure] fam Vulnerability Update
- [Full-Disclosure] Hypermail buffer overflows
- [Full-Disclosure] IRIX ToolTalk RPC Server Format String Vulnerability update
- [Full-Disclosure] Mirror of the SecurityFocus BID
- [Full-Disclosure] MIT Kerberos FTP client remote shell commands execution
- [Full-Disclosure] Multiple Vulnerabilities in Sendmail on IRIX
- [Full-Disclosure] Netscape Browsers Vulnerabilities on IRIX
- [Full-Disclosure] PDS: Integer overflow in FreeBSD kernel
- [Full-Disclosure] php-nuke again ...
- [Full-Disclosure] phpBB SQL Injection vulnerability
- [Full-Disclosure] S-plus /tmp usage
- [Full-Disclosure] Security Industry Under Scrutiny #4
- [Full-Disclosure] Security Update: [CSSA-2003-001.0] Linux: fetchmail at-sign buffer overflow vulnerability
- [Full-Disclosure] Security Update: [CSSA-2003-002.0] Linux: Webmin Cross-site Scripting and Session ID Spoofing Vulnerabilities
- [Full-Disclosure] Security Update: [CSSA-2003-004.0] Linux: Multiple Security Vulnerabilities in the Common Unix Printing System (CUPS)
- [Full-Disclosure] Security Update: [CSSA-2003-005.0] Linux: canna buffer overflow and denial of service
- [Full-Disclosure] Security Update: [CSSA-2003-006.0] Linux: CVS double free vulnerability
- [Full-Disclosure] Security Update: [CSSA-2003-SCO.1] UnixWare 7.1.1 Open UNIX 8.0.0 : command line argument buffer overflow in ps
- [Full-Disclosure] Security Update: [CSSA-2003-SCO.2] UnixWare 7.1.1 : multiple vulnerabilities in BIND (CERT CA-2002-31)
- [Full-Disclosure] SPIKE Proxy 1.4.7 is now available
- [Full-Disclosure] Test program for CVS double-free.
- [Full-Disclosure] Updated patches for SGI Advisories 20020903-02-P and 20021103-01-P
- [INetCop Security Advisory] Buffer Overflow vulnerability in HTTP Fetcher Library.
- [INetCop Security Advisory] Remote format string vulnerability in Tanne.
- [IPS] PUTTY SSH-Client Exploit
- [OpenPKG-SA-2003.001] OpenPKG Security Advisory (png)
- [OpenPKG-SA-2003.002] OpenPKG Security Advisory (dhcpd)
- [OpenPKG-SA-2003.003] OpenPKG Security Advisory (vim)
- [OpenPKG-SA-2003.004] OpenPKG Security Advisory (cvs)
- [OpenPKG-SA-2003.006] OpenPKG Security Advisory (python)
- [OpenPKG-SA-2003.007] OpenPKG Security Advisory (wget)
- [OpenPKG-SA-2003.008] OpenPKG Security Advisory (mysql)
- [SCSA-001] Sambar Server Cross-Site Scripting vulnerability
- [SCSA-003] Multiple Cross Site Scripting & Script Injection Vulnerabilities in Nuked-Klan
- [securityat_private: [slackware-security] New CVS packages available]
- [securityat_private: [slackware-security] New DHCP packages available]
- [SECURITY] [DSA 220-1] New squirrelmail packages fix cross site scripting problem
- [SECURITY] [DSA 221-1] New mhonarc packages fix cross site scripting
- [SECURITY] [DSA 222-1] New xpdf packages fix arbitrary command execution
- [SECURITY] [DSA 223-1] New geneweb packages fix information exposure
- [SECURITY] [DSA 224-1] New canna packages fix buffer overflow and denial of service
- [SECURITY] [DSA 225-1] New tomcat packages fix source disclosure vulnerability
- [SECURITY] [DSA 226-1] New xpdf-i packages fix arbitrary command execution
- [SECURITY] [DSA 227-1] New openldap packages fix buffer overflows and remote exploit
- [SECURITY] [DSA 228-1] New libmcrypt packages fix buffer overflows and memory leak
- [SECURITY] [DSA 229-1] New IMP packages fix SQL injection
- [SECURITY] [DSA 229-2] New IMP packages fix SQL injection and typo
- [SECURITY] [DSA 230-1] New bugzilla packages fix unauthorized data modification
- [SECURITY] [DSA 231-1] New dhcp3 packages fix arbitrary code execution
- [SECURITY] [DSA 233-1] New cvs packages fix arbitrary code execution
- [SECURITY] [DSA 234-1] New kdeadmin packages fix several vulnerabilities
- [SECURITY] [DSA 235-1] New kdegraphics packages fix several vulnerabilities
- [SECURITY] [DSA 237-1] New kdenetwork packages fix several vulnerabilities
- [SECURITY] [DSA 238-1] New kdepim packages fix several vulnerabilities
- [SECURITY] [DSA 239-1] New kdesdk packages fix several vulnerabilities
- [SECURITY] [DSA 240-1] New kdegames packages fix several vulnerabilities
- [SECURITY] [DSA 241-1] New kdeutils packages fix several vulnerabilities
- [SECURITY] [DSA 242-1] New kdebase packages fix several vulnerabilities
- [SECURITY] [DSA 243-1] New kdemultimedia packages fix several vulnerabilities
- [SECURITY] [DSA 244-1] New noffle packages fix buffer overflows
- [SECURITY] [DSA 245-1] New dhcp3 packages fix potential network flood
- [SECURITY] [DSA 246-1] New tomcat packages fix information exposure and cross site scripting
- [SECURITY] [DSA 248-1] New hypermail packages fix arbitrary code execution
- [USG- SA- 2003.001] USG Security Advisory (slocate)
- [VSA0301] Half-Life Clanmod remote (root) hole
- [VSA0302] Half-Life Adminmod remote (root) hole
- [VSA0303] Half-Life StatsMe remote (root) hole
- [VSA0304] Half-Life Client remote hole via Adminmod plugin
- [VSA0305] HLTV remote DoS
- [VSA0306] YABBSE 1.4.1 SQL Injection Bugs
- [VulnDiscuss] eEye - SQL Sapphire Worm Analysis
- [VulnWatch] Advisory 01/2003: CVS remote vulnerability
- [VulnWatch] AN HTTPd v.1.41e: DoS, CSS, real patch attack
- [VulnWatch] BitKeeper remote shell command execution/local vulnerability
- [VulnWatch] CuteFTP: buffer overflow
- [VulnWatch] E-theni (PHP)
- [VulnWatch] eEye - SQL Sapphire Worm Analysis
- [VulnWatch] Efficient Networks 5861 DSL Router
- [VulnWatch] EServ/2.97 remote DoS
- [VulnWatch] Hypermail buffer overflows
- [VulnWatch] Microsoft RPC Locator Buffer Overflow Vulnerability (#NISR29012003)
- [VulnWatch] MIT Kerberos FTP client remote shell commands execution
- [VulnWatch] Opentype font file causes Windows to restart.
- [VulnWatch] Path Parsing Errata in Apache HTTP Server
- [VulnWatch] PDS: Integer overflow in FreeBSD kernel
- [VulnWatch] phpBB SQL Injection vulnerability
- [VulnWatch] Sun Microsystems Solaris at -r job name handling and race condition vulnerabilities
- [VulnWatch] TRACE used to increase the dangerous of XSS.
- [VulnWatch] WebIntelligence session hijacking vulnerability
- [VulnWatch] WinAmp v.3.0: buffer overflow
- A patch for "Windows WM_TIMER Message Handling flaw" causes random crashes on Windows NT
- A security vulnerability in S8Forum
- a.shopKart Shopping Cart remote vulnerabilities
- Advisory 01/2003: CVS remote vulnerability
- AN HTTPd v.1.41e: DoS, CSS, real patch attack
- Another way to bypass Integrity Protection Driver ('subst' vuln)
- Another YabbSE Remote Code Execution Vulnerability
- Apache Jakarta Tomcat 3 URL parsing vulnerability
- Astaro Security Linux Firewall - HTTP Proxy vulnerability
- Attacking EFS through cached domain logon credentials
- BitKeeper remote shell command execution/local vulnerability
- Black Hat Announcements
- Blackboard 5.x Password Retrieval
- Bookmar4U and Active PHP Bookmarks Vulnerabilities
- BRS WebWeaver FTP Server vulnerabilities
- Buffer Overflow in uucp of SunOS 5.8
- Bug in w-agora
- Call For Papers -- RAID 2003
- CERT Advisory CA-2003-01 Buffer Overflows in ISC DHCPD Minires Library (fwd)
- certificate x.509 and outlook express 6
- Cisco Security Advisory: Cisco Security Advisory: Microsoft SQL Server 2000 Vulnerabilities in Cisco Products - MS02-061
- Cisco Security Advisory: MS SQL "Sapphire" Worm Mitigation Recommendations
- CuteFTP 5.0 XP, Buffer Overflow
- CuteFTP: buffer overflow
- Cyboards Remote Code Execution
- D-Link DWL-900AP+ Security Hole
- David Litchfield talks about the SQL Worm in the Washington Post
- DCP-Portal (PHP)
- Directory traversal bug in Communigate Pro 4's Webmail service
- DoS against DHCP infrastructure with isc dhcrelay
- DoS attack on Windows 2000 Terminal Server
- DoS in Hotsync Manager (with network hotsync enabled)
- dotproject Remote Code Execution Vulnerability
- dotproject Remote Code Execution Vulnerability : Patch
- dotproject Remote File Access Vulnerability
- E-theni (PHP)
- Efficient Networks 5861 DSL Router
- Entercept Ricochet Advisory: Sun Solaris KCMS Library Service Daemon Arbitrary File Retrieval Vulnerability
- EServ/2.97 remote DoS
- Etherleak: Ethernet frame padding information leakage (A010603-1)
- Eudora Message Deletion Weakness
- Filtering devices spotting
- FreeBSD Security Advisory FreeBSD-SA-02:44.filedesc
- ftls.org Guestbook 1.1 Script Injection
- FTP delete file problem
- Gabber 0.8.7 leaks presence information without user authorization
- GLSA: cvs
- GLSA: dhcp
- GLSA: dhcpcd
- GLSA: fnord
- GLSA: http-fetcher
- GLSA: kde-2.2.x
- GLSA: lcdproc
- GLSA: leafnode
- GLSA: libmcrypt
- GLSA: libpng
- GLSA: mod_php php
- GLSA: xpdf
- Hypermail buffer overflows
- ical 3.7 remote dos
- iDEFENSE Security Advisory 01.21.03: Buffer Overflows in Mandrake Linux printer-drivers Package
- iDEFENSE Security Advisory 01.28.03: SSH2 Clients Insecurely Store Passwords
- IE chain vulnerability
- IEHK Project
- IMP 2.x SQL injection vulnerabilities
- Incorrect Certificate Validation in Java Secure Socket Extension
- ipfilter denial of service problem
- isc dhcpd 3.0 format string exploit
- ISS Security Brief: PeopleSoft XML External Entities Vulnerability (fwd)
- JS Bug makes it possible to deliberately crash Pocket PC IE
- JS Bug makes it possible to deliberately crash Pocket PC IE (fwd)
- KaZaA - Bad Zone
- List Site Pro v2 user account Hijacking vulnerablity
- Local root vuln in SuSE 8.0 plptools package
- Local/remote mpg123 exploit
- Local/remote mpg123 exploit / 3APAPAPA insights
- Longshine WLAN Access-Point LCS-883R VU#310201
- Mailman: cross-site scripting bug
- Mambo Site Server Remote Code Execution
- MDKSA-2002:073-1 - Updated krb5 packages fix incorrect initscripts
- MDKSA-2003:001 - Updated CUPS packages fix multiple vulnerabilities
- MDKSA-2003:002 - Updated xpdf packages fix integer overflow vulnerability
- MDKSA-2003:003 - Updated dhcpcd packages fix character expansion vulnerability
- MDKSA-2003:004 - Updated KDE packages fix multiple vulnerabilities
- MDKSA-2003:005 - Updated leafnode packages fix remote DoS vulnerability
- MDKSA-2003:006 - Updated OpenLDAP packages fix multiple vulnerabilities
- MDKSA-2003:007 - Updated dhcp packages fix remote code execution vulnerability
- MDKSA-2003:009 - Updated cvs packages fix multiple vulnerabilities
- MDKSA-2003:010 - Updated printer-drivers packages fix local vulnerabilities
- MDKSA-2003:011 - Updated fetchmail packages fix remote exploit vulnerability
- Microsoft RPC Locator Buffer Overflow Vulnerability (#NISR29012003)
- Microsoft-ds xploit (UDP/TCP)...
- middleman-1.2 and prior off-by-one bug
- More Critical Vulnerabilities In PHP Topsites
- More information regarding Etherleak
- MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!
- Multiple cgihtml vulnerabilities
- Multiple Issues in Nettelephone Dialer
- Multiple libmcrypt vulnerabilities
- Multiple PHP Topsites Vulnerabities found
- Multiple Vulnerabilties In PHPLinks
- Multiple XSS in Geeklog 1.3.7
- MyRoom (PHP)
- N/X (PHP)
- New security tool: ike-scan (IPsec IKE scanner) released
- New Web Vulnerability - Cross-Site Tracing
- NIS 2003
- NIS 2003 crash
- Nokia Product Security Contact?
- OPENSSH REMOTE ROOT COMPROMISE ALL VERSIONS
- OpenTopic security hole
- Opentype font file causes Windows to restart.
- Other Security Contacts Required (AutoDesk, Motorola and Vignette)
- Outreach Project Tool
- Path Parsing Errata in Apache HTTP Server
- Pedestal Software Security Notice
- php-nuke again ...
- phpBB SQL Injection vulnerability
- phpLinks mail() abuse Vulnerability
- phpmynuke css and phpinfo() vuls
- PHPMyPub (PHP)
- phpPass (PHP)
- PivX Multi-Vendor Game Server dDoS Advisory
- Potential disclosure of sensitive information in Netscape 7.0 email client
- ProxyView default undocumented password
- ps information leak in FreeBSD
- RAID 2003 CFP
- real one player /intel signal processing library/ windows xp
- Remote root vuln in HSphere WebShell
- Request for assistance: trying to find Zardoz Security Digest Files
- RUXCON - 12/13 April, 2003. SYDNEY, Australia.
- S-plus /tmp usage
- Sapphire SQL Worm Analysis Complete
- Security Issues in Rediff Bol Messenger
- Security Update: [CSSA-2003-001.0] Linux: fetchmail at-sign buffer overflow vulnerability
- Security Update: [CSSA-2003-002.0] Linux: Webmin Cross-site Scripting and Session ID Spoofing Vulnerabilities
- Security Update: [CSSA-2003-004.0] Linux: Multiple Security Vulnerabilities in the Common Unix Printing System (CUPS)
- Security Update: [CSSA-2003-005.0] Linux: canna buffer overflow and denial of service
- Security Update: [CSSA-2003-006.0] Linux: CVS double free vulnerability
- Security Update: [CSSA-2003-SCO.1] UnixWare 7.1.1 Open UNIX 8.0.0 : command line argument buffer overflow in ps
- Security Update: [CSSA-2003-SCO.2] UnixWare 7.1.1 : multiple vulnerabilities in BIND (CERT CA-2002-31)
- Security Update: [CSSA-2003.003.0] Linux: wget directory traversal and buffer overrun vulnerabilities
- SIGCHLD problem in Stunnel
- silc question - insecure memory
- Solaris 2.x /usr/sbin/wall Advisory
- SpamAssassin / spamc+BSMTP remote buffer overflow
- SPIKE Proxy 1.4.7 is now available
- SPRINT ADSL [Zyxel 645 Series Modem]
- SQL Sapphire Worm Analysis
- stunnel - exploit
- Sun Microsystems Solaris at -r job name handling and race condition vulnerabilities
- SuSE Security Announcement: cups (SuSE-SA:2003:002)
- SuSE Security Announcement: dhcp (SuSE-SA:2003:0006)
- SuSE Security Announcement: fetchmail (SuSE-SA:2003:001)
- SuSE Security Announcement: libpng (SuSE-SA:2003:0004)
- SuSE Security Announcement: mysql (SuSE-SA:2003:003)
- SuSE Security Announcement: susehelp (SuSE-SA:2003:005)
- Tanne Remote format string exploit (Proof of Concept)
- Tech Article: HTTP Content Filter Analysis - Finjan SurfinGate V5.6
- Test program for CVS double-free.
- The Spread of the Sapphire/Slammer SQL Worm
- To diversify and survive: the application of population biology concept into computer
- Tool: Sapphire SQL Worm Scanner
- TRACE used to increase the dangerous of XSS.
- VERITAS Software Technical Advisory (fwd)
- vSignup, vAuthenticate (PHP)
- Vulnerability in edittag.pl
- Vulnerability in WebCollection Plus (TM)
- Vulnerabilties in Xynph FTP Server 1.0
- WebIntelligence session hijacking vulnerability
- Whitepaper - Detecting Wireless LAN MAC Address Spoofing
- WinAmp v.3.0: buffer overflow
- WinRAR buffer overflow vulnerability
- WinRAR buffer overflow vulnerability < (probleme)
- XSS (Cross Site Scripting) on FormMail.CGI
- YabbSE Remote Code Execution Vulnerability
- Zorum Portal (PHP)
Last message date: Wed Mar 12 2003 - 08:38:17 PST
Archived on: Wed Mar 12 2003 - 08:38:20 PST
417 messages sorted by:
[ author ]
[ date ]
[ thread ]
Other mail archives
This archive was generated by hypermail 2b30
: Wed Mar 12 2003 - 08:38:20 PST