bugtraq 2003/06
By Subject
284 messages sorted by:
[ author ]
[ date ]
[ thread ]
Other mail archives
Starting: Fri Jun 06 2003 - 19:46:36 PDT
Ending: Mon Jun 30 2003 - 14:32:58 PDT
- [ PHP-Nuke :] Multiple vulnerabilities in SPChat 2.0 for PHP-Nuke & SPChat 0.8.0
- [ANNOUNCE] kses 0.1.0
- [CLA-2003:661] Conectiva Security Announcement - apache
- [CLA-2003:662] Conectiva Security Announcement - ethereal
- [CLA-2003:664] Conectiva Security Announcement - radiusd-cistron
- [CLA-2003:665] Conectiva Security Announcement - kopete
- [CLA-2003:668] Conectiva Security Announcement - kde
- [FlashFXP] Two Buffer Overflow Vulnerabilities
- [FTP Voyager] File List Buffer Overflow Vulnerability
- [Full-Disclosure] (Another) Microsoft Internet Explorer FTP Security Hole
- [Full-Disclosure] -10Day CERT Advisory on PDF Files
- [Full-Disclosure] [ANNOUNCE] kses 0.1.0
- [Full-Disclosure] [ANNOUNCE]: IISBanner 1.0
- [Full-Disclosure] [ANNOUNCE]: ScanADS 1.0
- [Full-Disclosure] [KSA-002] Multiple Vulnerabilities In Moregroupware
- [Full-Disclosure] [RHSA-2003:026-01] Updated Netscape packages are now available
- [Full-Disclosure] [RHSA-2003:047-01] Updated kon2 packages fix buffer overflow
- [Full-Disclosure] [RHSA-2003:064-01] Updated XFree86 4.1.0 packages are available
- [Full-Disclosure] [RHSA-2003:066-01] Updated XFree86 packages provide security and bug fixes
- [Full-Disclosure] [RHSA-2003:067-00] Updated XFree86 packages provide security and bug fixes
- [Full-Disclosure] [RHSA-2003:067-01] Updated XFree86 packages provide security and bug fixes
- [Full-Disclosure] [RHSA-2003:070-01] Updated hanterm packages provide security fixes
- [Full-Disclosure] [RHSA-2003:173-01] Updated ypserv packages fix a denial of service vulnerability
- [Full-Disclosure] [RHSA-2003:187-01] Updated 2.4 kernel fixes vulnerabilities and driver bugs
- [Full-Disclosure] [RHSA-2003:192-01] Updated KDE packages fix security issue
- [Full-Disclosure] [RHSA-2003:196-01] Updated Xpdf packages fix security vulnerability
- [Full-Disclosure] Antigen Path Disclosure
- [Full-Disclosure] Apache 2.x APR Exploit Code
- [Full-Disclosure] BlackICE PC Protection Cross Site Scripting Evasion
- [Full-Disclosure] BookCMS - Remote Default Administrator Password
- [Full-Disclosure] Cross-Platform Browser vulnerabilities - Critical
- [Full-Disclosure] Cross-Site Scripting in Unparsable XML Files (GM#013-IE)
- [Full-Disclosure] gid bin from /usr/ports/korean/elm (FreeBSD)
- [Full-Disclosure] GNATS (The GNU bug-tracking system) multiple buffer overflow vulnerabilities.
- [Full-Disclosure] Imperfect Broadcast Address Checking on IRIX
- [Full-Disclosure] IRCXpro 1.0 - Clear local and default remote admin passwords
- [Full-Disclosure] Java Virtual Machine Symlink Vulnerability
- [Full-Disclosure] libmysqlclient 4.x and below mysql_real_connect() buffer overflow.
- [Full-Disclosure] Linux 2.0 remote info leak from too big icmp citation
- [Full-Disclosure] Linux 2.4.x execve() file read race vulnerability
- [Full-Disclosure] LiveJournal remote file upload
- [Full-Disclosure] Local file retrieving in QNX Internet Appliance Toolkit http-daemon (web.server)
- [Full-Disclosure] Maelstrom Local Buffer Overflow Exploit, FreeBSD 4.8 edition
- [Full-Disclosure] Megabook 2.0 -XSS & UA execution
- [Full-Disclosure] MIPSPro Compiler Predictable Temp File vulnerability
- [Full-Disclosure] Mod_gzip Debug Mode Vulnerabilities
- [Full-Disclosure] Multiple IPv6-Induced Bugs & Vulnerabilities on IRIX
- [Full-Disclosure] NMRC Announces New Services; Speaking Engagements
- [Full-Disclosure] Perl "Safe.pm" vulnerability on IRIX
- [Full-Disclosure] Potential Denial of Service using PIOCSWATCH ioctl on IRIX
- [Full-Disclosure] public comment period for the Draft Security Vulnerability Reporting and Responding Process (OISAFETY)
- [Full-Disclosure] Some Network Drivers May Leak Data on IRIX
- [Full-Disclosure] Speak Freely <=7.5 multiple remote and local vulnerabilities (the Hackademy Audit)
- [Full-Disclosure] SQL Inject in ProFTPD login against Postgresql using mod_sql
- [Full-Disclosure] SRT2003-06-05-0935 - HPUX ftpd remote issue via REST
- [Full-Disclosure] SRT2003-06-12-0853 - ike-scan local root format string issue
- [Full-Disclosure] SRT2003-06-12-1212 - FakeBO syslog() format string issue.
- [Full-Disclosure] SRT2003-06-13-0945 - Progress PATH based dlopen() issue
- [Full-Disclosure] SRT2003-06-13-1009 - Progress _dbagent -installdir dlopen() issue
- [Full-Disclosure] SRT2003-06-20-1232 - Progress 4GL Compiler datatype overflow
- [Full-Disclosure] Updated SGI Apache Version Available for IRIX
- [Full-Disclosure] WebSetup / WebMin Security Vulnerability on IRIX
- [KSA-001] Multiple vulnerabilities in Tutos
- [KSA-002] Multiple Vulnerabilities In Moregroupware
- [LeapFTP] "PASV" Reply Buffer Overflow Vulnerability
- [LSD] HP-UX security vulnerabilities
- [OpenPKG-SA-2003.030] OpenPKG Security Advisory (ghostscript)
- [OpenPKG-SA-2003.031] OpenPKG Security Advisory (gzip)
- [SECURITY] [DSA-308-1] New gzip packages fix insecure temporary file creation
- [SECURITY] [DSA-309-1] New eterm packages fix buffer overflow
- [SECURITY] [DSA-310-1] New xaos packages fix improper setuid-root execution
- [SECURITY] [DSA-311-1] New kernel packages fix several vulnerabilities
- [SECURITY] [DSA-312-1] New powerpc kernel fixes several vulnerabilities
- [SECURITY] [DSA-316-3] New jnethack packages fix buffer overflow, incorrect permissions
- [SECURITY] [DSA-318-1] New lyskom-server packages fix denial of service
- [SECURITY] [DSA-319-1] New webmin packages fix remote session ID spoofing
- [SECURITY] [DSA-320-1] New mikmod packages fix buffer overflow
- [SECURITY] [DSA-321-1] New radiusd-cistron packages fix buffer overflow
- [SECURITY] [DSA-322-1] New typespeed packages fix buffer overflow
- [SECURITY] [DSA-323-1] New noweb packages fix insecure temporary file creation
- [SECURITY] [DSA-324-1] New ethereal packages fix multiple vulnerabilities
- [SECURITY] [DSA-325-1] New eldav packages fix insecure temporary file creation
- [SECURITY] [DSA-330-1] New tcptraceroute packages fix failure to drop root privileges
- [SECURITY] [DSA-331-1] New imagemagick packages fix insecure temporary file creation
- [SECURITY] [DSA-332-1] New Linux 2.4.17 source code and MIPS kernel images fix several vulnerabilities
- [SECURITY] [DSA-333-1] New acm packages fix integer overflow
- [SECURITY] [DSA-334-1] New xgalaga packages fix buffer overflow
- [SECURITY] [DSA-335-1] New mantis packages fix insecure file permissions
- [SECURITY] [DSA-336-2] Factual correction for DSA-336-1
- [Security] [vendor-sec] Linux 2.4.x execve() file read race vulnerability
- [SmartFTP] Two Buffer Overflow Vulnerabilities
- [Symantec Security Advisor] Symantec Security Check ActiveX Buffer Overflow
- [VulnWatch] [KSA-002] Multiple Vulnerabilities In Moregroupware
- [VulnWatch] gid bin from /usr/ports/korean/elm (FreeBSD)
- [VulnWatch] GNATS (The GNU bug-tracking system) multiple buffer overflow vulnerabilities.
- [VulnWatch] MIPSPro Compiler Predictable Temp File vulnerability
- [VulnWatch] Multiple IPv6-Induced Bugs & Vulnerabilities on IRIX
- [VulnWatch] Multiple vulnerabilities in paBox
- [VulnWatch] phpBB password disclosure by sql injection
- [VulnWatch] pMachine (PHP) : Include() Security Hole
- [VulnWatch] Remote Buffer Overrun WebAdmin.exe
- [VulnWatch] SRT2003-06-12-0853 - ike-scan local root format string issue
- [VulnWatch] SRT2003-06-13-0945 - Progress PATH based dlopen() issue
- [VulnWatch] SRT2003-06-13-1009 - Progress _dbagent -installdir dlopen() issue
- [VulnWatch] XSS Vulnerability in LedNews (CGI/Perl) v0.7
- [Windows XP] ntdll.dll Buffer Overflow Vulnerability - Yet Another MS03-007
- AdSubtract Proxy ACL Bypass Vulnerability
- Algorimic Complexity Attacks
- Apache 2.x APR Exploit Code
- Aprelium Abyss webserver X1 arbitrary code execution and header injection
- ASP replacement for ISM.DLL available
- atftpd bug
- Authentication Vulnerability in NetScreen ScreenOS
- b2 cafelog: remote command execution, sql injection and another flaw.
- Bahamut DoS
- Bahamut IRCd <= 1.4.35 and several derived daemons
- BAZARR FAREWELL
- BAZARR LOCAL ROOT AGAIN. HI GUYS. DONT READ THIS
- BAZARR THUG LIFE , DONT READ OR VIRUS INFECT YOU
- BEFSR81 SNMP Community String Information Disclosure Vulnerability
- Bypassing ZoneAlarm (limited)
- CA Unicenter Password Recovery Tool
- ConnecTalk Security Advisory: Qpopper leaks information during authentication
- ConnecTalk Security Advisory: Qpopper leaks information during authentication ** Forget this one... **
- Critical Vulnerabilities In Max Web Portal
- Cross site scripting in Post-Nuke
- Cross-Platform Browser vulnerabilities - Critical
- Cross-Site Scripting in Unparsable XML Files (GM#013-IE)
- CuteFTP 5.0 XP, Buffer Overflow
- Dantz Retrospect Client 5.0.540 for Mac OS X - permission issues
- Denial of service in Cajun P13x/P33x switch family firmware 3.x
- Development Impacts of Security Changes in Windows Server 2003
- Directory traversal in NucaWeb Server
- Directory traversal vulnerability on Xoops/E-xoops CMS module "tutorials"
- dune[0.6.7+-]: remote buffer overflow exploit. (httpd)
- Etherleak information leak in Windows Server 2003 drivers
- Format String Vulnerability in Crob Ftp Server
- gid bin from /usr/ports/korean/elm (FreeBSD)
- GNATS (The GNU bug-tracking system) multiple buffer overflow vulnerabilities.
- GuestBookHost : Cross Site Scripting
- hello-exploit.c
- HP-UX pcltotiff
- iDEFENSE Security Advisory 06.16.03: Linux-PAM getlogin() Spoofing Vulnerability
- IE-object tag longtype exploit
- IIS WebDav Denial of Service attacks - Update to SPI Dynamics
- ImageFolio All Versions : admin.cgi Directory transversal and file delete exploit.
- Immunix Secured OS 7+ file update
- Immunix Secured OS 7+ LPRng update
- Immunix Secured OS 7+ tetex update
- Immunix Secured OS 7+ wget update
- Improving Web Application Security: Threats and Countermeasures
- Internet Explorer >=5.0 : Buffer overflow
- Internet Explorer Object Type Property Overflow
- Invalid SquirrelMail Exploit
- IRCXpro 1.0 - Clear local and default remote admin passwords
- kon2 exploit!!
- lbreakout2server[v2-2.5+]: remote format string exploit.
- Let's have fun with EICAR test file
- Linux /proc sensitive information disclosure
- Linux 2.0 remote info leak from too big icmp citation
- Linux 2.4.x execve() file read race vulnerability
- linux)zblast/xzb[v1.2]: local buffer overflow. (games)
- Local file retrieving in QNX Internet Appliance Toolkit http-daemon (web.server)
- Low risk vulnerabilities in ftp file list handling
- man[v1.5l] catalog format strings patch.
- man[v1.5l]: (catalog) format strings exploit / POC.
- Many XSS Vulnerabilities in XMB Forum.
- MDKSA-2003:064 - Updated kon2 packages fix buffer overflow vulnerability
- MDKSA-2003:066 - Updated kernel packages fix multiple vulnerabilities
- MDKSA-2003:067 - Updated ethereal packages fix multiple vulnerabilities
- MDKSA-2003:068 - Updated gzip packages fix insecure temporary file creation
- MDKSA-2003:069 - Updated BitchX packages fix DoS vulnerability
- MDKSA-2003:070 - Updated ethereal packages fix multiple vulnerabilities
- MDKSA-2003:071 - Updated xpdf packages fix arbitrary code execution vulnerability
- MDKSA-2003:072 - Updated ypserv packages fix DoS vulnerability
- Megabook 2.0 -XSS & UA execution
- MegaBrowser HTTP and FTP Vulnerabilities
- MHFTPD vulnerability
- Microsoft Internet Explorer %USERPROFILE% Folder Disclosure Vulnerability
- Mod_gzip Debug Mode Vulnerabilities
- Monkey Http Daemon
- Multiple Buffer Overflow Vulnerabilities Found in MERCUR Mail server v.4.2 (SP2) - IMAP protocol
- Multiple buffer overflows and XSS in Kerio MailServer
- Multiple SQL Injection Attacks To Manage WebStore
- Multiple Vulnerabilities Found in Mailtraq (DoS, Password Decryption, Directory Traversal)
- Multiple Vulnerabilities In Snitz Forums
- Myserver 0.4.1 DOS..
- Next kon2root - Redhat 9
- Nokia GGSN (IP650 Based) DoS
- NOVL-2003-2966181 - HTTPSTK DOS
- NOVL-2003-2966205 - iChain 2.2 Field Patch 1a
- old squid remote
- OpenSSH remote clent address restriction circumvention
- OptiSwitch remote root compromise
- PALM DESKTOP SOFTWARE / WIN 2000
- PHP XSS exploit in phpinfo()
- phpBB 2.0.5 Released
- phpMyAdmin XSS Vulnerabilities, Transversal Directory Attack , Information Encoding Weakness and Path Disclosures
- pMachine (PHP) : Include() Security Hole
- Portmon file arbitrary read/write access vulnerability
- possible remote buffer overflow in atftpd
- Privilege escalation applet, Java Media Framework
- PSOFT H-Sphere Cross Site Scripting Vulnerabilities
- public comment period for the Draft Security Vulnerability Reporting and Responding Process (OISAFETY)
- Remote Buffer Overrun WebAdmin.exe
- Resolution of Issue - Compaq Insight Manager - related to Bugtraq ID 2500
- Sambar Server : Crashing service with search.pl
- Script Injection to Custom HTTP Errors in Local Zone (GM#014-IE)
- Several bugs found in "Spyke's PHP Board"
- Sharp Zaurus SL-5500 upgrade ROM v3.1 - serious Samba issue
- Solaris syslogd overflow
- Speak Freely <=7.5 multiple remote and local vulnerabilities (the Hackademy Audit)
- Sphera Hosting Director Control Panel Multiple Vulnerabilities: XSS-Session Hijacking-DoS/Buffer Overflow-Another User Accounts access
- SRT2003-06-05-0935 - HPUX ftpd remote issue via REST
- SRT2003-06-12-0853 - ike-scan local root format string issue
- SRT2003-06-13-0945 - Progress PATH based dlopen() issue
- SRT2003-06-13-1009 - Progress _dbagent -installdir dlopen() issue
- SRT2003-06-20-1232 - Progress 4GL Compiler datatype overflow
- SurfControl Web Filter for Microsoft ISA Server Vulnerability
- SuSE Security Announcement: cups (SuSE-SA:2003:028)
- SuSE Security Announcement: pptpd (SuSE-SA:2003:029)
- SuSE Security Announcement: radiusd-cistron (SuSE-SA:2003:030)
- Symantec NAV 7.6 CE Major Fault
- TA-2003-06 Denial of Service Attack against Armida Databased Web Server v1.0
- TA-2003-06 Directory Transversal Vulnerability in iWeb Server
- TA-2003-06 Directory Transversal Vulnerability in iWeb Server 2
- TA-2003-06 php-form-misconfiguration in VisNetic WebMail v.5.8.6.6
- Tornado www-server v1.2: directory traversal, buffer overflow
- Tripbit Advisory TA-2003-05 Buffer Overflow Vulnerability in Pi3 Web Server v2.0.2 Beta 1
- URLScan detection
- various portmon vulnerabilities
- VMware Workstation 4.0: Possible privilege escalation on the host via symlink manipulation
- Vulnerabilities In Pablo Software Solutions FTP Service 1.2
- WebAdmin from ALT-N remote exploit PoC
- WebBBS Guestbook : Cross Site Scripting
- Windows 2000 SP4 is out
- Windows Media Services Remote Command Execution #2
- wzdftpd remote DoS
- XSS Exploit In phpBB viewtopic.php
- XSS Vulnerability in LedNews (CGI/Perl) v0.7
- zenTrack Remote Command Execution Vulnerabilities
- ZH2003-2SP Security Patch for atftp 0.6.*-0.7
Last message date: Mon Jun 30 2003 - 14:32:58 PDT
Archived on: Tue Jul 01 2003 - 15:10:16 PDT
284 messages sorted by:
[ author ]
[ date ]
[ thread ]
Other mail archives
This archive was generated by hypermail 2b30
: Tue Jul 01 2003 - 15:10:16 PDT