|
|
October 31, 2002
- MDKSA-2002:074 - mozilla update, Mandrake Linux Security Team
- Re: Gimp: Erased sections of images print in some cases, Elio Grieco
- Re: Gimp: Erased sections of images print in some cases, Earl Hood
- Motorola Cable Modem DOS, Ryan Sweat
- Re: Bypassing website filter in SonicWall, Robert Bihlmeyer
- RE: IBM Infoprint Remote Management Simple DoS (update), Toni Lassila
- Cisco Security Advisory: Cisco ONS15454 and Cisco ONS15327 Vulnerabilities, Cisco Systems Product Security Incident Response Team
- Anyone know the security alert contact for 3com?, Michael Scheidell
- Microsoft Internet Information Server 5/5.1 Denial of Service (#NISR31102002), NGSSoftware Insight Security Research
- SmartMail server DOS, securma massine
- SuSE Security Announcement: lprng/html2ps (SuSE-SA:2002:040), Sebastian Krahmer
- [SECURITY] [DSA 185-1] New heimdal packages fix buffer overflows, Martin Schulze
- SuSE Security Announcement: syslog-ng (SuSE-SA:2002:039), Sebastian Krahmer
October 29, 2002
- sympatico.ca uses weak encryption on their billing server, George Staikos
- Re: CISCO as5350 crashes with nmap connect scan, Wendy Garvin
- Re: Bypassing website filter in SonicWall, Kurt Seifried
- Gimp: Erased sections of images print in some cases, Clark Mills
- MDKSA-2002:073 - krb5 update, Mandrake Linux Security Team
- IP SmartSpoofing : How to bypass all IP filters relying on sourc e IP address, Vincent Royer
- Bypassing website filter in SonicWall, Marc Ruef
- Re: CISCO as5350 crashes with nmap connect scan, Thomas Munn
- [SECURITY] [DSA 183-1] New krb5 packages fix buffer overflow, Martin Schulze
- Re: CISCO as5350 crashes with nmap connect scan, Thomas Munn
- Security Update: [CSSA-2002-039.0] Linux: bzip2 file creation and symbolic link vulnerabilities, security
- Re: MDaemon SMTP/POP/IMAP server DoS, Muhammad Faisal Rauf Danka
- RE: MDaemon SMTP/POP/IMAP server DoS, Robert Feldbauer
- Re: MDaemon SMTP/POP/IMAP server DoS, Karl Pietri
- Re: SUMMARY: Disabling Port 445 (SMB) Entirely, dan hayden
- RE: dobermann FORUM (php), Mark Stunnenberg
- KRB5-SORCERER2002-10-27 Security Update, ask33
- Further problems with Arescom NetDSL-800 MSN Firmware version 5.4.x and up, Justin Cervero
- RE: MDaemon SMTP/POP/IMAP server DoS, Basil Hussain
- [ESA-20021029-028] syslog-ng: buffer overflow in macro handling code (UPDATED), EnGarde Secure Linux
- [ESA-20021029-027] mod_ssl cross-site scripting vulnerability., EnGarde Secure Linux
- Security Update: [CSSA-2002-041.0] Linux: pam_ldap format string vulnerability, security
October 28, 2002
- Security Update: [CSSA-2002-040.0] Linux: uudecode performs inadequate checks on user-specified output files, security
- CISCO as5350 crashes with nmap connect scan, Thomas Munn
- Re: Privilege Escalation Vulnerability In phpBB 2.0.0, x x
- dobermann FORUM (php), Frog Man
- Oracle9iAS Web Cache Denial of Service (a102802-1), @stake advisories
- Substitution of document signed under new American format ECDSA., Alexander Komlin
- SCAN Associates Advisory : Multiple vurnerabilities on mailreader.com, pokleyzz
- Re: IBM Infoprint Remote Management Simple DoS, Fredrik Björk
- [SECURITY] [DSA 182-1] New kghostview packages fix buffer overflow, Martin Schulze
- Re: Buffer overflow in kadmind4, Chris Barnes
- Privilege Escalation Vulnerability In phpBB 2.0.0, nick84
- GLSA: ypserv, Daniel Ahlberg
- MDaemon SMTP/POP/IMAP server DoS, D4rkGr3y
- [SNS Advisory No.57] AN HTTPD Cross-site Scripting Vulnerability, snsadv@xxxxxxxxx
- GLSA: krb5, Daniel Ahlberg
- GLSA: mod_ssl, Daniel Ahlberg
October 25, 2002
- Apache 1.3.26 seg faults & bus errors, rsavage
- Re: IPSwitch, Inc. WS_FTP Server, Alun Jones
- RE: DH team: Norton Antivirus Corporate Edition Privilege Escalation, http://online.securityfocus.com/archive/1/296979/2002-10-22/2002-10-28/0, Sym Security
- IPSwitch, Inc. WS_FTP Server, dev-null
- Sec-Tec advisory 24.10.02 Unauthorised file acces in Acuma's Acusend, David Wray
- IBM Infoprint Remote Management Simple DoS, Toni Lassila
- vpopmail CGIapps vadddomain multiple vulnerabilities, Ignacio Vazquez
- Re: ABfrag followup / WITHOUT ATTACHMENT, enigmatic-arcanum
- Security Update: [CSSA-2002-038.0] Linux: inn format string and insecure open vulnerabilities, security
October 24, 2002
- iDEFENSE Security Advisory 10.24.02: Directory Traversal in SolarWinds TFTP Server, David Endler
- MDKSA-2002:071 - kdegraphics update, Mandrake Linux Security Team
- [SecurityOffice] BRS WebWeaver Web Server v1.01 Protected File Access Vulnerability, Tamer Sahin
- [SecurityOffice] BadBlue Web Server v1.7 Protected File Access Vulnerability, Tamer Sahin
- Security Update: [CSSA-2002-037.0] Linux: various packet handling vunerabilities in ethereal, security
- [SecurityOffice] Liteserve Web Server v2.0 Authorization Bypass Vulnerability, Tamer Sahin
- Re: Router DSL Dlink, Markus Garscha
- Multiple issues in internet explorer/outlook, John C. Hennessy
- Reminder: Call for Papers IWIA 2003 Ends Soon, Stephen D. B. Wolthusen
- TFTP Server DoS, D4rkGr3y
- Re: vpopmail CGIapps vpasswd vulnerabilities, Jeremy C. Reed
- GLSA: zope, Daniel Ahlberg
- vpopmail CGIapps vpasswd vulnerabilities, Ignacio Vazquez
- XSS vulnerability in Mojo Mail Sign-Up Form, Daniel Boland
- DH team: Norton Antivirus Corporate Edition Privilege Escalation, 3APA3A
- Router DSL Dlink, Linux
- ABfrag followup / WITHOUT ATTACHMENT, daniel . roberts
- GLSA: xfree, Daniel Ahlberg
- NetBSD Security Advisory 2002-025: trek(6) buffer overrun, NetBSD Security Officer
- [RHSA-2002:223-07] Updated ypserv packages fixes memory leak, bugzilla
October 23, 2002
- R7-0008: IBM WebSphere Edge Server Caching Proxy Cross-Site Scripting Issues, Rapid 7 Security Advisories
- XSS bug in MyMarket 1.71, qber66
- RE: Vulnerable cached objects in IE (9 advisories in 1), GreyMagic Software
- Re: does Xandros have anyone answering the security phone?, KF
- Security Update: [CSSA-2002-036.0] Linux: remote buffer overflow in webalizer reverse lookup code, security
- MDKSA-2002:070 - tetex update, Mandrake Linux Security Team
- does Xandros have anyone answering the security phone?, Eric L. Howard
- [SecurityOffice] Web Server 4 Everyone v1.28 Host Field Denial of Service Vulnerability, Tamer Sahin
- RE: Vulnerable cached objects in IE (9 advisories in 1), Thor Larholm
- [OpenPKG-SA-2002.010] OpenPKG Security Advisory (apache), OpenPKG
- MITKRB5-SA-2002-002: Buffer overflow in kadmind4, Tom Yu
- phpnewsDev, Frog Man
October 22, 2002
- Re: Sniffing Administrator's Password in Symantec Firewall/VPN Appliance V. 200R, Sym Security
- Re: MS WIN RPC DoS CODE FROM SPIKE v2.7, Dave Aitel
- gBook, Frog Man
- FlashFXP 1.4 Local Password Disclosure Vulnerability, Blud Clot
- Virgil CGI Scanner Vulnerability, kalif
- MS WIN RPC DoS CODE FROM SPIKE v2.7, lion
- Windows 2000 SNMP DoS, Chris Anley
- Re: Ambiguities in TCP/IP - firewall bypassing, Florian Weimer
- Call For Papers Announcement: Black Hat Windows Security, Jeff Moss
- RE: Ambiguities in TCP/IP - firewall bypassing, Ofir Arkin
- Vulnerable cached objects in IE (9 advisories in 1), GreyMagic Software
- AIM 4.8.2790 remote file execution vulnerability, Blud Clot
- MDKSA-2002:069 - gv update, Mandrake Linux Security Team
- NetBSD Security Advisory 2002-026: Buffer overflow in kadmind daemon, NetBSD Security Officer
- [SECURITY] [DSA 181-1] New mod_ssl packages fix cross site scripting, Martin Schulze
- Sniffing Administrator's Password in Symantec Firewall/VPN Appliance V. 200R, Juan de la Fuente Costa
- [ESA-20021022-026] local kernel vulnerabilities, EnGarde Secure Linux
October 21, 2002
- LinuxSecurity Brasil Magazine Online - Second Edition, Renato Murilo Langona
- Security Update: [CSSA-2002-SCO.41] UnixWare 7.1.1 Open UNIX 8.0.0 : rcp of /proc causes denial-of-service, security
- RE: vBulletin XSS Security Bug, Alex Yu
- fragrouter trojan, matt
- Re: MSIE:"SaveRef" cracks "(VictimWindow).document.write", jelmer
- XSS vulnerabilites in Pafiledb, ersatz
- Re: MSIE:"SaveRef" cracks "(VictimWindow).document.write", jelmer
- SuSE Security Announcement: postgresql (SuSE-SA:2002:038), Thomas Biege
- Re: Full zone information disclosure on top level domain name servers, Jim Reid
- Re: Ambiguities in TCP/IP - firewall bypassing, Lyndon Nerenberg
- D-Link Access Point DWL-900AP+ TFTP Vulnerability, security
- MSIE:"SaveRef" cracks "(VictimWindow).document.write", Liu Die Yu
- AN HTTPD SOCKS4 username Buffer Overflow Vulnerability, Kanatoko
- [SECURITY] [DSA 180-1] New NIS packages fix information leak, Martin Schulze
October 19, 2002
- GLSA: groff, Daniel Ahlberg
- Re: Ambiguities in TCP/IP - firewall bypassing, Aaron Hopkins
- Re: Ambiguities in TCP/IP - firewall bypassing, David Wagner
- Re: Ambiguities in TCP/IP - firewall bypassing, Tony Finch
- Re: Linux Kernel Exploits / ABFrag, Muhammad Faisal Rauf Danka
- RE: Ambiguities in TCP/IP - firewall bypassing, John Fitzgerald
- Re: MondoSearch show the source of all files, Orp 664
- Re: Ambiguities in TCP/IP - firewall bypassing, cbrenton
- Re: Ambiguities in TCP/IP - firewall bypassing, Luis Bruno
- Re: 3Com TelnetD COMPLETE CODE, bladebla
- Re: KaZaA, eD\\/ARd0 F/\\KEn^M3
- Re: Ambiguities in TCP/IP - firewall bypassing, Florian Weimer
- RE: Security problem in installation IE sp1 ?, Wolf, Glenn
October 18, 2002
- Re: Ambiguities in TCP/IP - firewall bypassing, Alan DeKok
- Re: KaZaA, Alex Lambert
- Re: Ambiguities in TCP/IP - firewall bypassing, Alun Jones
- Chrooting Daemons and System Processes HOWTO, Jonathan A. Zdziarski
- Full zone information disclosure on top level domain name servers, Max
- GLSA: tetex, Daniel Ahlberg
- RE: J2EE EJB privacy leak and DOS., Sylvia Else
- Re: Ambiguities in TCP/IP - firewall bypassing, Benjamin Krueger
- SCAN Associates Advisory: Molly 0.5 - Remote Command Execution, guejez
- [security bulletin] SSRT0818U HP Tru64 UNIX V5.1A zlib Potential Security Vulnerability (fwd), Dave Ahmad
- SCAN Associates Advisory: perlbot 1.9.2 - Remote Command Execution, guejez
- Re: KaZaA, Nicholas C. Weaver
- Re: Ambiguities in TCP/IP - firewall bypassing, Alan DeKok
- RE: KaZaA, Brenna Primrose
- Re: NFS Denial of Service advisory from Sun, Edsel Adap
- RE: KaZaA, Christopher Wagner
- Ambiguities in TCP/IP - firewall bypassing, Paul Starzetz
- New Vulnerability on YaBB 1.4.0 and YaBB 1.4.1 forums, Nir Adar
- interSEC security advisory - Multiple bugs in Web602 web server, Jan Kachlik
- [Immunity, Inc.]Vulnerability: RPC Service DoS (port 135/tcp) on Windows 2000 SP3, Dave Aitel
- KaZaA, David Krum
- Microsoft Windows Media Player for Sparc/Solaris vulnerability, Samuel Tardieu
- SCAN Associates Advisory: madhater perlbot 1.0 beta - Remote Command Execution, guejez
- New buffer overflow in PlanetDNS, securma massine
- vBulletin XSS Security Bug, Sp . IC
- [SECURITY] [DSA 179-1] New gnome-gv packages fix buffer overflow, Martin Schulze
- Re: PGP Corporation Beta License Agreement, Jon Callas
- [RHSA-2002:192-13] Updated Mozilla packages fix security vulnerabilities, bugzilla
- Re: Undocumented account vulnerability in Avaya P550R/P580/P880/P882 switches, Jacek Lipkowski
October 17, 2002
- TSLSA-2002-0069-apache, Trustix Secure Linux Advisor
- Re: [SECURITY] [DSA 177-1] New PAM packages fix serious security violation in Debian/unstable, Samuele Giovanni Tonon
- Re: Linux Kernel Exploits / ABFrag, Cedric Blancher
- TSLSA-2002-0068-kernel, Trustix Secure Linux Advisor
- Re: phptonuke allows Remote File Retrieving, BlueRaven
- Solution: Kill a Unisys Clearpath with nmap port scan, Michael.Kain
- Re: PGP Corporation Beta License Agreement, Juraj Bednar
- Re: Linux Kernel Exploits / ABFrag, huang po
- [SECURITY] [DSA 177-1] New PAM packages fix serious security violation in Debian/unstable, Martin Schulze
- PGP Corporation Beta License Agreement, er t
- Re: NSSI-2002-zonealarm3: ZoneAlarm Pro Denial of Service Vulnerability, Te Smith
- GLSA: ggv, Daniel Ahlberg
- Re: Linux Kernel Exploits / ABFrag, h2g . sec . list
- [SECURITY] [DSA 178-1] New Heimdal packages fix remote command execution, Martin Schulze
- Security problem in installation IE sp1 ?, Honza.K
- Re: Linux Kernel Exploits / ABFrag, dr john halewood
- NFS Denial of Service advisory from Sun, m g
- Microsoft SQL Server Webtasks privilege upgrade (#NISR17102002), David Litchfield
- New buffer overflow in plaetDNS, securma massine
- [ESA-20021016-025] syslog-ng buffer overflow in macro handling code, EnGarde Secure Linux
- [RHSA-2002:206-12] New kernel fixes local security issues, bugzilla
- [RHSA-2002:210-06] New kernel 2.2 packages fix local vulnerabilities, bugzilla
- [RHSA-2002:205-15] New kernel fixes local security issues, bugzilla
- Linux Kernel Exploits / ABFrag, daniel . roberts
- Re: Undocumented account vulnerability in Avaya P550R/P580/P880/P882 switches, Mike Scher
October 16, 2002
- Apache 1.3.26, David Wagner
- [CLA-2002:533] Conectiva Linux Security Announcement - XFree86, secure
- phptonuke allows Remote File Retrieving, Zero-X ScriptKiddy
- Re: J2EE EJB privacy leak and DOS., Ari Gordon-Schlosberg
- Openwall GNU/*/Linux (Owl) 1.0 release, Solar Designer
- Re: ToorCon Computer Security Conference 2002 Announcement, Seth
- [GIS 2002021001] SkyStream EMR5000 DVB router DoS., Global InterSec Research
- [CLA-2002:532] Conectiva Linux Security Announcement - sendmail, secure
- MSN Moster Strike Back ?!, drorshalev
- Cisco Security Advisory: Cisco CatOS Embedded HTTP Server Buffer Overflow, Cisco Systems Product Security Incident Response Team
- [CLA-2002:531] Conectiva Linux Security Announcement - fetchmail, secure
- Re: CoolForum v 0.5 beta shows content of PHP files, David Woods
- Linux Security Protection System, Bosko Radivojevic
- X Windows zlib/MIT-SHM/huge font DoS vulnerabilities, SGI Security Coordinator
- RE: Who Need Friends ? IE & MSN expose contact list & other info, Thor Larholm
- [SECURITY] [DSA 176-1] New gv packages fix buffer overflow, Martin Schulze
- Designing Shellcode Demystified, Murat Balaban
- NSSI-2002-zonealarm3: ZoneAlarm Pro Denial of Service Vulnerability, Abraham Lincoln
- iDEFENSE Security Advisory 10.16.02: Denial of Service in Sabre Desktop Reservation Client for Windows, David Endler
- MDKSA-2002:066 - tar update, Mandrake Linux Security Team
- RE: J2EE EJB privacy leak and DOS., Alan Rouse
October 15, 2002
- CoolForum v 0.5 beta shows content of PHP files, scrap
- RE: "Camera/Shy the Steganographical Browser", the Pull
- iDEFENSE Security Advisory 10.15.02: DoS and Directory Traversal Vulnerabilities in WebServer 4 Everyone, David Endler
- A full event log does not send administrative alerts, Eitan Caspi
- [SECURITY] [DSA 175-1] New syslog-ng packages fix buffer overflow, Martin Schulze
- rpcbind/fsr_efs/mv/errhook/uux vulnerabilities update, SGI Security Coordinator
- "Camera/Shy the Steganographical Browser", ttudia@xxxxxxxxxxxx
- TheServer log file access password in cleartext w/vendor resolution., Larry W. Cashdollar
- MDKSA-2002:065 - unzip update, Mandrake Linux Security Team
- Ingenium Admin Password Vulnerability, Brian Enigma
- Re: Multiple Symantec Firewall Secure Webserver timeout DoS, Sym Security
- [RHSA-2002:196-09] Updated xinetd packages fix denial of service vulnerability, bugzilla
- Re: Symantec Enterprise Firewall Secure Webserver info leak, Sym Security
- Undocumented account vulnerability in Avaya P550R/P580/P880/P882 switches, Jacek Lipkowski
- GLSA: tomcat, Daniel Ahlberg
- Who Need Friends ? IE & MSN expose contact list & other info, drorshalev
- Re: J2EE EJB privacy leak and DOS., Rudolf Schreiner
- securitybugware new network tool, Jitsu-Disk
- GLSA: apache, Daniel Ahlberg
- Internet Explorer : The D-Day, GreyMagic Software
- Coolsoft PowerFTP <= v2.24 Denial of Service (Linux Source), a b
- Re: phpBB2 Showing users ip adresses, nick84
October 14, 2002
- J2EE EJB privacy leak and DOS., Sylvia
- Multiple Symantec Firewall Secure Webserver timeout DoS, AI-SEC Security Advisories
- SuSE Security Announcement: Heartbeat (SuSE-SA:2002:037), Olaf Kirch
- Symantec Enterprise Firewall Secure Webserver info leak, AI-SEC Security Advisories
- Long URL causes TelCondex SimpleWebServer to crash, Marc Ruef
- [RHSA-2002:194-18] Command execution vulnerability in dvips, bugzilla
- [SECURITY] [DSA 174-1] New heartbeat packages fix buffer overflows, Martin Schulze
- Pyramid Research Project - atphttpd security advisorie, pyramid-rp
- Security vulnerabilities in Polycom ViaVideo Web component, advisory
- GLSA: sendmail, Daniel Ahlberg
- Directory traversal in Daniel Arenz' Mini Server, Marc Ruef
- Pyramid Research Project - ghttpd security advisorie, pyramid-rp
- Researcher seeking 'phage' and other security mailing list archives, Curator at Security Digest Archive
- ECHU Alert #3 : Meunity 1.1 script injection vulnerability, das
- GLSA: net-snmp, Daniel Ahlberg
- GLSA: heimdal, Daniel Ahlberg
- GLSA: nss_ldap, Daniel Ahlberg
- CALL FOR PAPERS - SANTA DIED LAST YEAR, staff
- Input requested for second edition of "Firewalls and Internet Security", Steve Bellovin
October 11, 2002
- Security Update: [CSSA-2002-SCO.39] OpenServer 5.0.5 OpenServer 5.0.6 : Buffer Overflow in Multiple DNS Resolver Libraries, security
- Multiple firewalls ruleset bypass through FTP. Again. (CERT VU#328867), Mikael Olsson
- Re: The Books Module for the PostNuke CMS XSS Vulnerability, Michael Schatz
- [SNS Advisory No.56] TSAC Web package/IIS 5.1 connect.asp Cross-site Scripting Vulnerability, snsadv
- KDE Security Advisory: KGhostview Arbitary Code Execution, Dirk Mueller
- KDE Security Advisory: kpf Directory traversal, Dirk Mueller
- Outlook Express Remote Code Execution in Preview Pane (S/MIME), Aviram Jenik
- OpenOffice 1.0.1 Race condition during installation., Larry W. Cashdollar
- prover of concept code of windows help overflow, buzheng
- XSS bug in PHPNuke 6.0, Arab VieruZ
- Security Update: [CSSA-2002-SCO.40] OpenServer 5.0.5 OpenServer 5.0.6 : ypxfrd remote file access vulnerability, security
- [RHSA-2002:204-10] Updated squirrelmail packages close cross-site scripting vulnerabilities, bugzilla
October 10, 2002
- Re: Multiple Vendor PC firewall remote denial of services Vulnerability, Sym Security
- [RHSA-2002:207-14] Updated packages fix PostScript and PDF security issue, bugzilla
- R7-0004: Multiple Vendor Long ZIP Entry Filename Processing, bugtraq-return-6791
- Plain text DDNS password in NetGear FM114P backups, Marc Ruef
- XSS bug in Zorum 2.4, Arab VieruZ
- Re: TCP flood against NetGear FM114P, Stephen Samuel
- Re: upload malicious file in VBZooM forums, M. Zeeshan Mustafa
- Multiple vulnerabilities in phpRank, Jedi/Sector One
- MondoSearch show the source of all files, thefastkid
- TCP flood against NetGear FM114P, Marc Ruef
- Re: phpBB2 Showing users ip adresses, Gerben Wijnja
- phpBBmod contains an open phpinfo, Roland Verlander
- more silly bugs in cooolsoft 'personal ftp server', Knud Erik Højgaard
- XSS bug in php(Reactor), Arab VieruZ
- Multiple vendor ypxfrd map handling vulnerability, Janusz Niewiadomski
- nylon 0.2 (0.3?) DoS, 3APA3A
- syslog-ng buffer overflow, Holtzl Peter
- Multiple XSS vulnerabilites in PHPNuke, Bruno Morisson
October 09, 2002
- XSS in Authoria HR Suite, Max
- MDKSA-2002:064 - kdelibs update, Mandrake Linux Security Team
- [security bulletin] SSRT2339 (ypxfrd) and SSRT2368 (ypserv) HP Tru64 UNIX Potential Security Vulnerability (fwd), Dave Ahmad
- Re: CERT Advisory CA-2002-28 Trojan Horse Sendmail, Kim Scarborough
- GNU tar (Re: Allot Netenforcer problems, GNU TAR flaw), Solar Designer
- Re: XSS bug in hotmail login page, Inderjeet S Sodhi
- Thor Larholm security advisory TL#004, Thor Larholm
- Re: Flood ACK packets cause AIX DoS, Doug Brenner
- Four Vulnerabilities in SurfControl's SuperScout Email Filter Administrative Server, 'ken'@FTU
- Re: injecting commands on a ptraced telnet/ssh session, Paul Starzetz
- Flood ACK packets cause AIX DoS, Mauro Flores
- CfP: 19C3 Chaos Communication Congress 2002, Pluto
- upload malicious file in VBZooM forums, hish _ hish
- new vulnerability inPowerFTP Personal FTP Server, securma massine
- phpBB2 Showing users ip adresses, Priamus
- Flood ACK packets cause an IBM SecureWay FireWall DoS, Mauro Flores
- [SECURITY] [DSA 173-1] New bugzilla packages fix privilege escalation, Martin Schulze
- CSS on Microsoft Content Management Server, overclocking_a_la_abuela
- [security bulletin] SSRT2208 - HP Tru64 UNIX /usr/sbin/routed Potential Security Vulnerability (fwd), Dave Ahmad
October 08, 2002
- CERT Advisory CA-2002-28 Trojan Horse Sendmail Distribution (fwd), Dave Ahmad
- Re: XSS bug in hotmail login page, Berend-Jan Wever
- Reset any user's password in VBZoom forums, hish _ hish
- Re: XSS bug in hotmail login page, Muhammad Faisal Rauf Danka
- [SECURITY] [DSA 171-1] New fetchmail packages fix buffer overflows, Martin Schulze
- [SECURITY] [DSA 169-1] New ht://Check packages fix cross site scripting problem, Martin Schulze
- Multiple Vendor PC firewall remote denial of services Vulnerability, Yiming Gong
- RE: XSS bug in hotmail login page, Russell Harding
- SSGbook (ASP), Frog Man
- RE: XSS bug in hotmail login page, Thor Larholm
- [SECURITY] [DSA 172-1] New tkmail packages fix insecure temporary file creation, Martin Schulze
- NetBSD Security Advisory 2002-019: Buffer overrun in talkd, NetBSD Security Officer
- NetBSD Security Advisory 2002-021: rogue vulnerability, NetBSD Security Officer
- NetBSD Security Advisory 2002-022: buffer overrun in pic(1), NetBSD Security Officer
- NetBSD Security Advisory 2002-015: (another) buffer overrun in libc/libresolv DNS resolver, NetBSD Security Officer
- NetBSD Security Advisory 2002-023: sendmail smrsh bypass vulnerability, NetBSD Security Officer
October 07, 2002
- RE: XSS bug in hotmail login page, Thor Larholm
- [RHSA-2002:215-09] Updated fetchmail packages fix vulnerabilities, bugzilla
- RE: CommonName Toolbar potentially exposes LAN web addresses, Anders Blockmar
- Re: Filters on url shortening services, Andrew Hodgson
- Re: Filters on url shortening services, Florian Weimer
- macromedia flash mx bypasses cookie settings, jelmer
- Filters on url shortening services, Andrew Hodgson
- [ESA-20021007-024] apache: potential DoS, cross-site scripting, and buffer overflow vulnerabilities., EnGarde Secure Linux
- Re: CommonName Toolbar potentially exposes LAN web addresses, Andrew Clover
- Re: Postnuke XSS fixed, Muhammad Faisal Rauf Danka
- Re: Insecure XML-RPC handling in Zope reveals the distribution physic al location., BlueRaven
- SuSE Security Announcement: hylafax (SuSE-SA:2002:035), Thomas Biege
- Re: iDEFENSE Security Advisory 09.26.2002: Exploitable Buffer Overflow in gv, juergen.daubert
- Re: SECURITY.NNOV: ikonboard 3.1.1 CSS, Rajkumar S.
- XSS bug in hotmail login page, Peter Rdam
- ArGoSoft Web-Mail security problem, Z0rbaS
- phpSecurePages & Killer Protection ( PHP ), Frog Man
- [CLA-2002:530] Conectiva Linux Security Announcement - apache, secure
- SuSE Security Announcement: mod_php4 (SuSE-SA:2002:036), Thomas Biege
- Flash player can read local files, jelmer
- SPIKE 2.7 Released: There's a party at my house, so bring the beer and follow me...., Dave Aitel
October 04, 2002
- injecting commands on a ptraced telnet/ssh session, xenion
- vulnerabilities in logsurfer, Jan Kohlrausch
- [OpenPKG-SA-2002.009] OpenPKG Security Advisory (apache), OpenPKG
- Re: Cisco Secure Content Accelerator vulnerable to SSL worm, Mike Caudill
- WinXP Pro(Gold) Insecure System Restore File Permissions, Makoto Shiotsuki
- SECURITY.NNOV: ikonboard 3.1.1 CSS, 3APA3A
- Cisco Security Advisory: Predefined Restriction Tables Allow Calls to International Operator, Cisco Systems Product Security Incident Response Team
- [SECURITY] [DSA 169-1] New tomcat packages fix unintended source code disclosure, Martin Schulze
- Cisco Secure Content Accelerator vulnerable to SSL worm, Matt Zimmerman
- phpLinkat XSS Security Bug, Sp . IC
- RE: Solaris 2.6, 7, 8, Morgan
- BearShare Directory Traversal Issue Resurfaces, Aviram Jenik
- rpcbind/fsr_efs/mv/errhook/uux vulnerabilities, SGI Security Coordinator
- [RHSA-2002:212-06] Updated packages fix PostScript and PDF security issue, bugzilla
- [RHSA-2002:175-16] Updated nss_ldap packages fix buffer overflow, bugzilla
- [RHSA-2002:197-06] Updated glibc packages fix vulnerabilities in resolver, bugzilla
- phpMyNewsletter, Frog Man
October 03, 2002
- iDEFENSE Security Advisory 10.03.2002: Apache 1.3.x shared memory scoreboard vulnerabilities, David Endler
- Re: Postnuke XSS fixed, Muhammad Faisal Rauf Danka
- Re: Postnuke XSS issues [correction], Brian E
- Re: [VulnDiscuss] XSS bug in Compaq Insight Manager Http server, sullo
- The Books Module for the PostNuke CMS XSS Vulnerability, Pistone
- Re: iDEFENSE Security Advisory 10.02.2002: Net-SNMP DoS Vulnerability, Wes Hardaker
- Re: Solaris 2.6, 7, 8, Gert-Jan Hagenaars
- Xerox DocuShare Internal IP address disclosure, Ryan Purita
- Re: Solaris 2.6, 7, 8, Roy Kidder
- Re: Solaris 2.6, 7, 8, Ramon Kagan
- Re: Solaris 2.6, 7, 8, Ido Dubrawsky
- Re: Postnuke XSS fixed, Sebastian Konstanty Zdrojewski
- Re: Solaris 2.6, 7, 8, Ramon Kagan
- RE: CommonName Toolbar potentially exposes LAN web addresses, Mustafa Deeb
- Re: Kondara MNU/Linux, Shin SHIRAHATA
- Re: Solaris 2.6, 7, 8, Dan Diamond
- Re: [VulnWatch] Notes on the SQL Cumulative patch, Dave Aitel
- RE: CommonName Toolbar potentially exposes LAN web addresses, Eric Stevens
- Re: Solaris 2.6, 7, 8, Marco Ivaldi
- [CLA-2002:529] Conectiva Linux Security Announcement - XFree86, secure
- Notes on the SQL Cumulative patch, David Litchfield
- GLSA: python, Daniel Ahlberg
- SSL certificate validation problems in Ximian Evolution, Veit Wahlich
- GLSA: gv, Daniel Ahlberg
- Buffer Overflow in IE/Outlook HTML Help, NGS Insight Security Research
- CommonName Toolbar potentially exposes LAN web addresses, Eric Stevens
- Re: Solaris 2.6, 7, 8, tb0b
- [ESA-20021003-023] fetchmail-ssl: buffer overflows and broken boundary checks., EnGarde Secure Linux
- [ESA-20021003-022] tar: directory traversal vulnerability., EnGarde Secure Linux
- [ESA-20021003-021] glibc: several security-related updates., EnGarde Secure Linux
October 02, 2002
- Kill a Unisys Clearpath with nmap port scan, Jonathan G. Lampe
- phpWebSite XSS Vulnerability, Sp . IC
- MySimpleNews (PHP), Frog Man
- wp--02-0005: Multiple Vulnerabilities in SuperScout Web Reports Server, Matt Moore
- Re: Postnuke XSS fixed, Daniel Woods
- RE: Solaris 2.6, 7, 8, Sinan Eren
- iDEFENSE Security Advisory 10.02.2002: Net-SNMP DoS Vulnerability, David Endler
- wp-02-0012: Carello 1.3 Remote File Execution (Updated 1/10/2002), Matt Moore
- wp-02-0011: Jetty CGIServlet Arbitrary Command Execution, Matt Moore
- wp-02-0003: MySQL Locally Exploitable Buffer Overflow, Matt Moore
- Re: Solaris 2.6, 7, 8, buzheng
- Re: Solaris 2.6, 7, 8, Christopher X. Candreva
- Multiple Web Security Holes, Frog Man
- Re: Solaris 2.6, 7, 8, Dave Ahmad
- Solaris 2.6, 7, 8, Jonathan S
- Citrix Published Application Brute Forcer, wirepair
- Postnuke XSS fixed, Muhammad Faisal Rauf Danka
- Apache 2 Cross-Site Scripting, mattmurphy@xxxxxxxxx
- RE: MSIE:"SaveRef" turns Zone off, Thor Larholm
October 01, 2002
- iDEFENSE Security Advisory 10.01.02: Sendmail smrsh bypass vulnerabilities, David Endler
- XSS bug in Compaq Insight Manager Http server, Taylor Huff
- [security bulletin] SSRT2371 HP OpenVMS Potential POP server local vulnerability (fwd), Dave Ahmad
- Re: Another possible RFC 2046 vulnerability., Earl Hood
- MSIE:"SaveRef" turns Zone off, Liu Die Yu
- Postnuke XSS patch, Mark Grimes
- [BUGZILLA] Security Advisory, David Miller
- GLSA: unzip, Daniel Ahlberg
- GLSA: fetchmail, Daniel Ahlberg
- PPTP, Dave Aitel
- [CLA-2002:527] Conectiva Linux Security Announcement - python, secure
- NETGEAR FVS318 Information Disclosure, Fab\\AIS
- Insecure XML-RPC handling in Zope reveals the distribution physic al location., Rossen Raykov
- ASA-0000: GV Execution of Arbitrary Shell Commands, Marc Bevand
- GLSA: tar, Daniel Ahlberg
|
|
