security.bugtraq (date)

security.bugtraq (date)

December 31, 2002

PEEL (PHP), Frog Man
Re: CITIBANK [CANADA]: INTERNET EXPLORER BROWSERS, Ben Laurie
[SECURITY] [DSA 219-1] New dhcpcd packages fix remote command execution vulnerability, Martin Schulze
Updated "Secure Programming for Linux and Unix HOWTO" now available., David Wheeler

December 30, 2002

Wired.com: So Many Holes, So Few Hacks, Richard M. Smith
Visual SourceSafe - Preliminary Observations, Joel Maslak
CITIBANK [CANADA]: INTERNET EXPLORER BROWSERS, http-equiv@xxxxxxxxxx
Multiple vulnerabilities found in PlatinumFTPserver V1.0.6, Dennis Rand
[SECURITY] [DSA 218-1] New bugzilla packages fix cross site scripting problem, Martin Schulze
GLSA: cups, Daniel Ahlberg
GLSA: openldap, Daniel Ahlberg
Telindus 112x ADSL Router - Weak Password Encryption, eflorio
Potential DOS attack with Web-CyrAdm., Casper Aleva

December 29, 2002

Leafnode security announcement SA:2002:01, Matthias Andree

December 28, 2002

Gallery v1.3.2 allows remote exploit (fixed in 1.3.3), Bharat Mediratta
PHRACK #60 HAS BEEN RELEASED, phrackstaff
[IPS] PUTTY SSH-Client Exploit, Daniel Alcántara de la Hoz

December 27, 2002

GLSA: cyrus-sasl, Daniel Ahlberg
Buffer overflow in PHP "wordwrap" function, David F. Skoll
[CLA-2002:557] Conectiva Linux Security Announcement - cyrus-imapd, secure
[GIS 2002101601] SkyStream Admin Shell Privilege Escalation., Global InterSec Research
[SECURITY] [DSA 217-1] New typespeed packages fix buffer overflow, Martin Schulze
Re: PFinger 0.7.8 format string vulnerability (#NISR16122002B), Andreas Tscharner
Re: Solaris priocntl exploit - Sol8 patches available, Scott Howard

December 26, 2002

(MSIE)A rather old trick for web server is now played on MSIE., Liu Die Yu
Full Disclosure: Windows File Protection Old Security Catalog Vulnerability, FORENSICS.ORG Security Coordinator
Full Disclosure: Windows File Protection Arbitrary Certificate Chain Vulnerability, FORENSICS.ORG Security Coordinator

December 24, 2002

[SECURITY] [DSA 216-1] New fetchmail packages fix buffer overflow, Martin Schulze
[SNS Advisory No.60 rev.2] Windows XP Disclosure of Registered AP Information, snsadv@xxxxxxxxx

December 23, 2002

Re: Solaris priocntl exploit, Pavel Kankovsky
iDEFENSE Security Advisory 12.23.02: Integer Overflow in pdftops, iDEFENSE Labs
Re: KDE Security Advisory: Multiple vulnerabilities in KDE, Florian Weimer
Proxy vulnerability in TrendMicro InterScan-VirusWall V3.6, jrodriga
Antwort: Openwebmail 1.71 remote root compromise, Stephan Sachweh
Re: 'printenv' XSS vulnerability, Marc Slemko
junkbuster 2.0-1 proxy relaying spam, Andrew Daviel
GLSA: kde-3.0.x, Daniel Ahlberg
PHPNuke 6.0 path disclosure [again], Ing. Bernardo Lopez
Hyperion FTP Server buffer overflow, securma massine
Re: Foundstone Research Labs Advisory - Multiple Exploitable Buffer Overflows in Winamp (fwd), Hacknisty
zkfingerd remote exploit, security
[SECURITY] [DSA 215-1] New cyrus-imapd packages fix remote command execution, Martin Schulze
'printenv' XSS vulnerability, Dr . Tek
Re: KDE Security Advisory: Multiple vulnerabilities in KDE, fozzy

December 22, 2002

Matlab /tmp usage, Paul Szabo
Re: iDEFENSE Security Advisory 12.19.02: Multiple Security Vulnerabilities in Common Unix Printing System (CUPS), zen-parse

December 21, 2002

Re: iDEFENSE Security Advisory 12.19.02: Multiple Security Vulnerabilities in Common Unix Printing System (CUPS), Joe Testa
RE: Foundstone Research Labs Advisory - Multiple Exploitable Buffer Overflows in Winamp (fwd), Russell Garrett
RE: Foundstone Research Labs Advisory - Multiple Exploitable Buffer Overflows in Winamp (fwd), Richard Stanway
KDE Security Advisory: Multiple vulnerabilities in KDE, Dirk Mueller
XSS and PHP include bug in W-Agora, xatr0z

December 20, 2002

Re: XSS and PHP include bug in W-Agora, Marc Druilhe
RealNetworks HELIX Server Buffer Overflow Vulnerabilities (#NISR20122002), NGSSoftware Insight Security Research
RealNetworks HELIX Server Buffer Overflow Vulnerabilities (#NISR20122002), NGSSoftware Insight Security Research
SuSE Security Announcement: cyrus-imapd (SuSE-SA:2002:048), Sebastian Krahmer
GLSA: canna, Daniel Ahlberg
RE: Directory traversal vulnerabilities in several archivers processing .tar, konto mailingowe
Web server vulnerability in Axis Network Cameras, Video Servers and DVRs, Axis Product Security
[SECURITY] [DSA 214-1] New kdentwork packages fix buffer overflows, Martin Schulze
Re: Foundstone Research Labs Advisory - Multiple Exploitable Buff er Overflows in Winamp (fwd), Mischa Krilov
GLSA: wget, Daniel Ahlberg
nCipher Advisory #6: Access control defects in PKCS#11 keys, nCipher Support
SPGpartenaires (PHP), Frog Man
[RAZOR] Problems with mkstemp(), Michal Zalewski
Cisco Security Advisory: Cisco Security Advisory: SSH Malformed Packet Vulnerabilities, Cisco Systems Product Security Incident Response Team
[SecurityOffice] Polycom Video Conference System Management Server Authentication Bypass Vulnerability, Tamer Sahin
RE: Foundstone Research Labs Advisory - Multiple Exploitable Buff er Overflows in Winamp (fwd), Shutters, Mike
GLSA: perl, Daniel Ahlberg
PHP-Nuke mail CRLF Injection vulnerabilities, Ulf Harnhammar
Security Update: [CSSA-2002-059.0] Linux: multiple vulnerabilities in BIND (CERT CA-2002-31), security

December 19, 2002

TSLSA-2002-0085 - lynx-ssl, Trustix Secure Linux Advisor
TSLSA-2002-0086 - mysql, Trustix Secure Linux Advisor
TSLSA-2002-0087 - perl, Trustix Secure Linux Advisor
Re: Directory traversal vulnerabilities in several archivers processing .tar, Stephen Samuel
TSLSA-2002-0083 - kernel, Trustix Secure Linux Advisor
TSLSA-2002-0089 - wget, Trustix Secure Linux Advisor
TSLSA-2002-0084 - tcpdump, Trustix Secure Linux Advisor
Re: Foundstone Research Labs Advisory - Multiple Exploitable Buffer Overflows in Winamp (fwd), David Howe
Re: Cisco IOS EIGRP Network DoS, Damir Rajnovic
[Fix] Openwebmail 1.71 remote root compromise, Dmitry Guyvoronsky
Cisco IOS EIGRP Network DoS, FX
iDEFENSE Security Advisory 12.19.02: Multiple Security Vulnerabilities in Common Unix Printing System (CUPS), iDEFENSE Labs
RE: Password Hole Found In Webshots - (Webshots Confirmed), Shutters, Mike
Openwebmail 1.71 remote root compromise, Dmitry Guyvoronsky
Multiple vulnerability in Enceladus Server, securma massine
WAnewsletter (PHP), Frog Man
[CLA-2002:556] Conectiva Linux Security Announcement - openldap, secure
[SECURITY] [DSA 213-1] New libpng packages fix buffer overflow, Martin Schulze
RE: Missing admin sql password in Okena StormWatch, Marcus Gavel
Foundstone Research Labs Advisory - Multiple Exploitable Buffer Overflows in Winamp (fwd), Dave Ahmad
Foundstone Research Labs Advisory - Exploitable Windows XP Media Files (fwd), Dave Ahmad

December 18, 2002

Historic blackhat archives exposed, Pry
Re: PFinger 0.7.8 format string vulnerability (#NISR16122002B), Andreas Borchert
RE: Directory traversal vulnerabilities in several archivers processing .tar, Andrew Kopp
Re: export LD_LIBRARY_PATH in /etc/profile.d/* files, Antonomasia
MDKSA-2002:068-1 - Updated apache packages fix multiple vulnerabilities, Mandrake Linux Security Team
MDKSA-2002:087 - Updated MySQL packages fix multiple vulnerabilities, Mandrake Linux Security Team
[securitydigest.org]: Changes for December 2002, Curator at Security Digest Archives
Missing admin sql password in Okena StormWatch, Marc Ruef
Security Paper: Session Fixation Vulnerability in Web-based Applications, Mitja Kolsek \(ACROS Lists\)

December 17, 2002

Re: export LD_LIBRARY_PATH in /etc/profile.d/* files, mlh
RAZOR advisory: Linux 2.2.xx /proc/<pid>/mem mmap() vulnerability, Michal Zalewski
export LD_LIBRARY_PATH in /etc/profile.d/* files, rich
Fwd: CERT Advisory CA-2002-36 Multiple Vulnerabilities in SSH Implementations, Muhammad Faisal Rauf Danka
Re: Directory traversal vulnerabilities in several archivers processing .tar, der Mouse
Re: PFinger 0.7.8 format string vulnerability (#NISR16122002B), Valdis . Kletnieks
Re: PFinger 0.7.8 format string vulnerability (#NISR16122002B), der Mouse
Re: PFinger 0.7.8 format string vulnerability (#NISR16122002B), der Mouse
Directory traversal vulnerabilities in several archivers processing .tar, Florian Schafferhans
Re: PFinger 0.7.8 format string vulnerability (#NISR16122002B), Stefan Esser
Re: adelphia vulnerability within subnets, 0x90
[OpenPKG-SA-2002.016] OpenPKG Security Advisory (fetchmail), OpenPKG
[SECURITY] [DSA-212-1] Multiple MySQL vulnerabilities, Wichert Akkerman
[CLA-2002:555] Conectiva Linux Security Announcement - MySQL, secure
Macromedia Shockwave Flash Malformed Header Overflow #2, Marc Maiffret
RE: Multiple vendors XML parser (and SOAP/WebServices server) Den ial of Service attack using DTD, Amit Klein
[RHSA-2002:228-11] Updated Net-SNMP packages fix security and other bugs, bugzilla
[RHSA-2002:293-09] Updated Fetchmail packages fix security vulnerability, bugzilla

December 16, 2002

Re: [VulnWatch] Password Disclosure in Cryptainer, Kurt Seifried
Re: Multiple vendors XML parser (and SOAP/WebServices server) Denial of Service attack using DTD, Gregory Steuck
Captaris (Infinite) WebMail XSS, Pedram Amini
Security Patchs for PHP Products, Frog Man
[VulnDiscuss] Re: zkfingerd 0.9.1 format string vulnerabilities (#NISR16122002A), Frank Boldewin
[CLA-2002:553] Conectiva Linux Security Announcement - kernel 2.4, secure
[CLA-2002:554] Conectiva Linux Security Announcement - fetchmail, secure
RE: PFinger 0.7.8 format string vulnerability (#NISR16122002B), Stefan Esser
PFinger 0.7.8 format string vulnerability (#NISR16122002B), NGSSoftware Insight Security Research
zkfingerd 0.9.1 format string vulnerabilities (#NISR16122002A), NGSSoftware Insight Security Research
Re: Cross-site scripting vulnerability in CF 5.0, SecurityFocus
RE: Cross-site scripting vulnerability in CF 5.0, CORREIA, PATRICK
Cross-site scripting vulnerability in CF 5.0, KiLL CoLe
GLSA: exim, Daniel Ahlberg
R7-0009: Vulnerabilities in SSH2 Implementations from Multiple Vendors, Rapid 7 Security Advisories
PHP-Nuke 6.0 : Path Disclosure & Cross Site Scripting, Frog Man
[OpenPKG-SA-2002.015] OpenPKG Security Advisory (tetex), OpenPKG
[OpenPKG-SA-2002.014] OpenPKG Security Advisory (perl), OpenPKG
[OpenPKG-SA-2002.013] OpenPKG Security Advisory (mysql), OpenPKG
Multiple vendors XML parser (and SOAP/WebServices server) Denial of Service attack using DTD, Amit Klein
PHP-Nuke code execution and XSS vulnerabilities, Ulf Harnhammar
Re: [VulnWatch] gfxboot allows boot password circumvention, SuSE 8.1 GRUB, Matthias Andree
AW: [VulnWatch] gfxboot allows boot password circumvention, SuSE 8.1 GRUB, Florian Maier
GLSA: mysql, Daniel Ahlberg
GLSA: squirrelmail, Daniel Ahlberg
GLSA: fetchmail, Daniel Ahlberg
GLSA: mysql, Daniel Ahlberg
Password Disclosure in Cryptainer, K. K. Mookhey

December 14, 2002

MyPHPLinks (PHP) : SQL Injection, Frog Man
gfxboot allows boot password circumvention, SuSE 8.1 GRUB, Matthias Andree

December 13, 2002

FW: SQL Injection Solved, Louie Conceicao
[CLA-2002:552] Conectiva Linux Security Announcement - wget, secure
Directory Traversal Vulnerability in FTP Client on IRIX, SGI Security Coordinator
[ESA-20021213-033] Several MySQL vulnerabilities., EnGarde Secure Linux
[ESA-20021213-033] Several MySQL vulnerabilities., EnGarde Secure Linux
Anyone can read all XOOPS private messages, Val Deux
Eserv remote denial of service, securma massine
Advisory Title: iASP Remote Console Applet Allows Remote, ph33r
[SECURITY] [DSA 211-1] New mICQ packages fix denial of service, Martin Schulze
Re: iDefense (Immunity Sec) Advisory, Dave Aitel
Advisory 05/2002: Another Fetchmail Remote Vulnerability, Stefan Esser
RE: iDefense Security Advisory, David Endler
Re: Password Hole Found In Webshots, Ian Nguyen
[SECURITY] [DSA-210-1] lynx CRLF injection, Wichert Akkerman
Re: [VulnWatch] proftpd <=1.2.7rc3 DoS, Kurt Seifried

December 12, 2002

iDefense Security Advisory, gobbles
XSS flaw found at "https://www.e-gold.com", Liu Die Yu
Adelphia Powerlink service vulnerable to man in the middle attacks by cable modem users., 0x90
[SECURITY] [DSA-209-1] two wget problems, Wichert Akkerman
Password Hole Found In Webshots, Brian Carpenter
Re: Directory Traversal Vulnerabilities in FTP Clients, Stephen Samuel
[RHSA-2002:222-21] Updated apache, httpd, and mod_ssl packages available, redhat-announce-list-admin
Fast MD5 cracker program?, Çağıl Şeker
VisNetic WebSite XSS vulnerability through HTTP referer header, Ory Segal
[SECURITY] [DSA 208-1] New Perl packages correct Safe handling, Martin Schulze
Multiple Mambo Site Server sec-weaknesses, euronymous
PNG (Portable Network Graphics) Deflate Heap Corruption Vulnerability, Marc Maiffret
MDKSA-2002:086 - Updated wget packages fix directory traversal vulnerability, Mandrake Linux Security Team
CERT Advisory CA-2002-35 Vulnerability in RaQ 4 Servers (fwd), Muhammad Faisal Rauf Danka
Advisory 04/2002: Multiple MySQL vulnerabilities, Stefan Esser

December 11, 2002

Denial of Service vulnerability in VisNetic Website, Peter Kruse
MTPSR1-120 Firewall Proxy configuration software, UkR security team™
Re: KunaniFTP-Server v.1.0.10 allows dictionary traversal, Alun Jones
Enceladus Server Suite traversal directory vulnerability, luca.ercoli@xxxxxxxxx
Re: [VulnWatch] proftpd <=1.2.7rc3 DoS, Rob klein Gunnewiek
proftpd <=1.2.7rc3 DoS, Rob klein Gunnewiek
Remote multiple vulnerability in apt-www-proxy., dong-h0un U
Input Validation Error in vbulletin 2.2.x, Dorin Balanica
Security Update: [CSSA-2002-SCO.44] UnixWare 7.1.1 Open UNIX 8.0.0 : uudecode performs inadequate checks on user-specified output files, security
Re: Zeus Admin Server v4.1r2 index.fcgi XSS bug, Colin Watson
Directory Traversal Vulnerabilities in FTP Clients, Steven M. Christey
Cisco Security Advisory: OSM Line Card Header Corruption Vulnerability, Cisco Systems Product Security Incident Response Team
[SECURITY] [DSA 207-1] New tetex-lib packages fix arbitrary command execution, Martin Schulze
Directory traversing bug in 'myServer' webserver., dong-h0un U
Security Update: [CSSA-2002-058.0] Linux: buffer overflow in nss_ldap DNS SRV, security
RE: Sygate Personal Firewall can be shut down without a need to supply a password - although one is required, Eitan Caspi
RE: Sygate Personal Firewall can be shut down without a need to s upply a password - although one is required, Seth Knox

December 10, 2002

Re: XSS and Path Disclosure in UPB, Frog Man
MDKSA-2002:082-1 - Updated python packages fix local arbitrary code execution vulnerability, Mandrake Linux Security Team
KunaniFTP-Server v.1.0.10 allows dictionary traversal, Zero-X www.lobnan.de Team
[SECURITY] [DSA-206-1] tcpdump BGP decoding error, Wichert Akkerman
[SECURITY] [DSA-205-1] gtetrinet buffer overflows, Wichert Akkerman
TFTP32 DOS, securma massine
Re: Cyrus SASL library buffer overflows, Matthias Andree
Re: [VulnWatch] proftpd <=1.2.7rc3 DoS, Kurt Seifried
Remote multiple vulnerability in apt-www-proxy., dong-h0un U
Unchecked buffer in PC-cillin, advisories@xxxxxxxxxxx
[RHSA-2002:229-10] Updated wget packages fix directory traversal bug, bugzilla
[RHSA-2002:246-18] Updated Canna packages fix vulnerabilities, bugzilla

December 09, 2002

Security Update: [CSSA-2002-SCO.43] UnixWare 7.1.1 Open UNIX 8.0.0 : closed file descriptor race vulnerability, security
Cyrus SASL library buffer overflows, Timo Sirainen
[RHSA-2002:196-19] Updated xinetd packages fix denial of service vulnerability, Derek Luce
[SecurityOffice] Enceladus Server Suite v3.9 Buffer Overflow Vulnerability, Tamer Sahin
SECURITY.NNOV: more Ikonboard 3.1.1 crossite scriptings, 3APA3A
Re: Proxy vulnerability in TrendMicro InterScan-VirusWall V3.6 - and 3.7 Build 1190, Dr. Peter Bieringer

December 07, 2002

XSS and Path Disclosure in UPB, euronymous
Security Update: [CSSA-2002-057.0] Linux: groff pic buffer overflow, security

December 06, 2002

APBoard-Bug, DNA ESC
RE: Full-Disclosure digest, Vol 1 #433 - 4 msgs, Steve W. Manzuik
SuSE Security Announcement: OpenLDAP2 (SuSE-SA:2002:047), Sebastian Krahmer
[SECURITY] [DSA 202-2] New IM packages correct hidden architecture dependency, Martin Schulze
[SECURITY] [DSA 192-2] New html2ps packages correct fix against arbitrary code execution, Martin Schulze
WebReflex Directory Traversal Vulnerability, luca.ercoli@xxxxxxxxx
RE: Sygate Personal Firewall can be shut down without a need to supply a password - although one is required, Russ
RE: Security Industry Under Scrutiny: Part 3, John . Airey
Security Update: [CSSA-2002-056.0] Linux: apache vulnerabilities in shared memory, DNS, and ApacheBench, security
Security Industry Under Scrutiny: Part 3, sockz loves you

December 05, 2002

Sygate Personal Firewall can be shut down without a need to suppl y, Seth Knox
RE: Sygate Personal Firewall can be shut down without a need to supply, Eitan Caspi
Re: [Fwd: [RHSA-2002:196-09] Updated xinetd packages fix denial of service vulnerability], Ryan Cleary
Cobalt RaQ4 Remote root exploit, grazer
Multiple vulnerabilities in akfingerd, Gianni Tedesco
Re: SquirrelMail v1.2.9 XSS bugs, Jonathan Angliss
Samba Security Vulnerability on IRIX, SGI Security Coordinator
BIND Name Server DNS Spoofing Vulnerability on IRIX, SGI Security Coordinator
Proxy vulnerability in TrendMicro InterScan-VirusWall V3.6, Volker Tanger
Cross-site Scripting Vulnerability in phpBB 2.0.3, Fabricio Angeletti
Re: TracerouteNG - never ending story, Thomas Biege
[Fwd: [RHSA-2002:196-09] Updated xinetd packages fix denial of service vulnerability], Dan Rowles
Re: Local root vulnerability found in exim 4.x (and 3.x), Tabor J. Wells
Re: Fw: CERT Advisory CA-2002-34 Buffer Overflow in Solaris X Window Font Service, Jim Knoble
Re: Local root vulnerability found in exim 4.x (and 3.x), Tabor J. Wells
Notes on MS02-068, extensive downplaying of severity, Thor Larholm
[SECURITY] [DSA 204-1] New kdlibs packages fix arbitrary program execution, Martin Schulze
Apache/Tomcat Denial Of Service And Information Leakage Vulnerability, alias

December 04, 2002

Sygate Personal Firewall can be shut down without a need to supply a password - although one is required, Eitan Caspi
Buffer Overflow Vulnerability in X Font Server on IRIX, SGI Security Coordinator
Multiple Vulnerabilities in BIND Name Service Daemon on IRIX, SGI Security Coordinator
Security Update: [CSSA-2002-055.0] Linux: RPC XDR buffer overflow, security
Windows XP Disclosure of Registered AP Information, snsadv
[SECURITY] [DSA 203-1] New smb2www packages fix arbitrary command execution, Martin Schulze
Local root vulnerability found in exim 4.x (and 3.x), Wana Thomas
[CLA-2002:551] Conectiva Linux Security Announcement - pine, secure
Security Update: [CSSA-2002-054.0] Linux: exploitable memory leak in ypserv, security
SAP database local root via symlink, KF
[RHSA-2002:220-40] Updated KDE packages fix security issues, bugzilla
[RHSA-2002:254-05] Updated Webalizer packages fix vulnerability, bugzilla

December 03, 2002

Fw: CERT Advisory CA-2002-34 Buffer Overflow in Solaris X Window Font Service, Muhammad Faisal Rauf Danka
Zeroo Webserver remote directory traversal exploit, Mike Cramp
SquirrelMail v1.2.9 XSS bugs, euronymous
[SECURITY] [DSA 202-1] New IM packages fix insecure temporary file creation, Martin Schulze
Poisonous Style for Dialog window turns the zone off., Liu Die Yu
Re: Local Netfilter / IPTables IP Queue PID Wrap Flaw, James Morris
Local Netfilter / IPTables IP Queue PID Wrap Flaw, James Morris
[SNS Advisory No.59] Buffalo Wireless LAN Access Point Denial of Service Vulnerability (was Re: Buffalo AP Denial of Service), snsadv
MDKSA-2002:085 - Updated WindowMaker packages fix buffer overflow vulnerability, Mandrake Linux Security Team
CORE-20021005: Vulnerability Report For Linksys Devices, Carlos Sarraute
MDKSA-2002:084 - Updated pine packages fix buffer overflow vulnerability, Mandrake Linux Security Team

December 02, 2002

[Fwd: XSS on ICQ leading to password compromise], Rafael Coninck Teigao
Bypassing Integrity Protection Driver (time vulnerability), Jan Rutkowski
pre-login buffer overflow in Cyrus IMAP server, Timo Sirainen
ShopFactory shopping cart price manipulation, Richard van den Berg
possible virus break in german exchange option of Inoculate IT 6.0, tigerblue
Cyrus Sieve / libSieve buffer overflow, Timo Sirainen
[RHSA-2002:196-19] Updated xinetd packages fix denial of service vulnerability, bugzilla
RE: Exploit for traceroute-nanog overflow, Carl Livitt
Re: Solaris priocntl exploit, Jay Beale
ShopFactory shopping cart price manipulation, Richard van den Berg
Advisory: Lawson Financials RDBMS Insecurity, John Eisenschmidt
Potential Vuln in McAfee VirusScan 451, jari.helenius
GLSA: pine, Daniel Ahlberg
Lag Security Advisory - Com21 cable modem configuration file feeding vulnerability, David Laganière
RE: Kerberos login sniffer and cracker for Windows 2000/XP, Jason Coombs
[SECURITY] [DSA 201-1] New Free/SWan packages fix denial of service, Martin Schulze
RE: CAIS-ALERT: Vulnerability in the sending requests control of BIND, Vagner Sacramento
Re: CAIS-ALERT: Vulnerability in the sending requests control of BIND, Robert Tracz
Re: [Full-Disclosure] Netscape Problems., Ben Bucksch
Cross-site Scripting Vulnerability in YaBB 1 Gold - SP1!, Fabricio Angeletti
Multiple pServ Remote Buffer Overflow Vulnerabilities, Matthew Murphy
Thatware (PHP), Frog Man
Advisory: Webster HTTP Server, Matthew Murphy

December 01, 2002

RE: User downgraded from Administrator to User retains the ability to list other user's running tasks, Eitan Caspi
RE: User downgraded from Administrator to User retains the ability to list other user's running tasks, John Tolmachofft

News | FAQ | advertise