security.bugtraq (thread)

PEEL (PHP), Frog Man
[SECURITY] [DSA 219-1] New dhcpcd packages fix remote command execution vulnerability, Martin Schulze
Updated "Secure Programming for Linux and Unix HOWTO" now available., David Wheeler
Wired.com: So Many Holes, So Few Hacks, Richard M. Smith
Visual SourceSafe - Preliminary Observations, Joel Maslak
CITIBANK [CANADA]: INTERNET EXPLORER BROWSERS, http-equiv@xxxxxxxxxx
- Re: CITIBANK [CANADA]: INTERNET EXPLORER BROWSERS, Ben Laurie
Multiple vulnerabilities found in PlatinumFTPserver V1.0.6, Dennis Rand
[SECURITY] [DSA 218-1] New bugzilla packages fix cross site scripting problem, Martin Schulze
GLSA: cups, Daniel Ahlberg
GLSA: openldap, Daniel Ahlberg
Telindus 112x ADSL Router - Weak Password Encryption, eflorio
Potential DOS attack with Web-CyrAdm., Casper Aleva
Leafnode security announcement SA:2002:01, Matthias Andree
Gallery v1.3.2 allows remote exploit (fixed in 1.3.3), Bharat Mediratta
PHRACK #60 HAS BEEN RELEASED, phrackstaff
[IPS] PUTTY SSH-Client Exploit, Daniel Alcántara de la Hoz
GLSA: cyrus-sasl, Daniel Ahlberg
Buffer overflow in PHP "wordwrap" function, David F. Skoll
[CLA-2002:557] Conectiva Linux Security Announcement - cyrus-imapd, secure
[GIS 2002101601] SkyStream Admin Shell Privilege Escalation., Global InterSec Research
[SECURITY] [DSA 217-1] New typespeed packages fix buffer overflow, Martin Schulze
Re: Solaris priocntl exploit - Sol8 patches available, Scott Howard
(MSIE)A rather old trick for web server is now played on MSIE., Liu Die Yu
Full Disclosure: Windows File Protection Old Security Catalog Vulnerability, FORENSICS.ORG Security Coordinator
Full Disclosure: Windows File Protection Arbitrary Certificate Chain Vulnerability, FORENSICS.ORG Security Coordinator
[SECURITY] [DSA 216-1] New fetchmail packages fix buffer overflow, Martin Schulze
[SNS Advisory No.60 rev.2] Windows XP Disclosure of Registered AP Information, snsadv@xxxxxxxxx
iDEFENSE Security Advisory 12.23.02: Integer Overflow in pdftops, iDEFENSE Labs
Antwort: Openwebmail 1.71 remote root compromise, Stephan Sachweh
junkbuster 2.0-1 proxy relaying spam, Andrew Daviel
GLSA: kde-3.0.x, Daniel Ahlberg
Hyperion FTP Server buffer overflow, securma massine
zkfingerd remote exploit, security
[SECURITY] [DSA 215-1] New cyrus-imapd packages fix remote command execution, Martin Schulze
'printenv' XSS vulnerability, Dr . Tek
- Re: 'printenv' XSS vulnerability, Marc Slemko
Matlab /tmp usage, Paul Szabo
KDE Security Advisory: Multiple vulnerabilities in KDE, Dirk Mueller
- Re: KDE Security Advisory: Multiple vulnerabilities in KDE, fozzy
  - Re: KDE Security Advisory: Multiple vulnerabilities in KDE, Florian Weimer
XSS and PHP include bug in W-Agora, xatr0z
- Re: XSS and PHP include bug in W-Agora, Marc Druilhe
RealNetworks HELIX Server Buffer Overflow Vulnerabilities (#NISR20122002), NGSSoftware Insight Security Research
- RealNetworks HELIX Server Buffer Overflow Vulnerabilities (#NISR20122002), NGSSoftware Insight Security Research
SuSE Security Announcement: cyrus-imapd (SuSE-SA:2002:048), Sebastian Krahmer
GLSA: canna, Daniel Ahlberg
Web server vulnerability in Axis Network Cameras, Video Servers and DVRs, Axis Product Security
[SECURITY] [DSA 214-1] New kdentwork packages fix buffer overflows, Martin Schulze
GLSA: wget, Daniel Ahlberg
nCipher Advisory #6: Access control defects in PKCS#11 keys, nCipher Support
SPGpartenaires (PHP), Frog Man
[RAZOR] Problems with mkstemp(), Michal Zalewski
Cisco Security Advisory: Cisco Security Advisory: SSH Malformed Packet Vulnerabilities, Cisco Systems Product Security Incident Response Team
[SecurityOffice] Polycom Video Conference System Management Server Authentication Bypass Vulnerability, Tamer Sahin
RE: Foundstone Research Labs Advisory - Multiple Exploitable Buff er Overflows in Winamp (fwd), Shutters, Mike
- Re: Foundstone Research Labs Advisory - Multiple Exploitable Buff er Overflows in Winamp (fwd), Mischa Krilov
GLSA: perl, Daniel Ahlberg
PHP-Nuke mail CRLF Injection vulnerabilities, Ulf Harnhammar
Security Update: [CSSA-2002-059.0] Linux: multiple vulnerabilities in BIND (CERT CA-2002-31), security
TSLSA-2002-0085 - lynx-ssl, Trustix Secure Linux Advisor
TSLSA-2002-0086 - mysql, Trustix Secure Linux Advisor
TSLSA-2002-0087 - perl, Trustix Secure Linux Advisor
TSLSA-2002-0083 - kernel, Trustix Secure Linux Advisor
TSLSA-2002-0089 - wget, Trustix Secure Linux Advisor
TSLSA-2002-0084 - tcpdump, Trustix Secure Linux Advisor
[Fix] Openwebmail 1.71 remote root compromise, Dmitry Guyvoronsky
Cisco IOS EIGRP Network DoS, FX
- Re: Cisco IOS EIGRP Network DoS, Damir Rajnovic
iDEFENSE Security Advisory 12.19.02: Multiple Security Vulnerabilities in Common Unix Printing System (CUPS), iDEFENSE Labs
- Re: iDEFENSE Security Advisory 12.19.02: Multiple Security Vulnerabilities in Common Unix Printing System (CUPS), Joe Testa
- Re: iDEFENSE Security Advisory 12.19.02: Multiple Security Vulnerabilities in Common Unix Printing System (CUPS), zen-parse
RE: Password Hole Found In Webshots - (Webshots Confirmed), Shutters, Mike
Openwebmail 1.71 remote root compromise, Dmitry Guyvoronsky
Multiple vulnerability in Enceladus Server, securma massine
WAnewsletter (PHP), Frog Man
[CLA-2002:556] Conectiva Linux Security Announcement - openldap, secure
[SECURITY] [DSA 213-1] New libpng packages fix buffer overflow, Martin Schulze
Foundstone Research Labs Advisory - Multiple Exploitable Buffer Overflows in Winamp (fwd), Dave Ahmad
- Re: Foundstone Research Labs Advisory - Multiple Exploitable Buffer Overflows in Winamp (fwd), David Howe
  - RE: Foundstone Research Labs Advisory - Multiple Exploitable Buffer Overflows in Winamp (fwd), Richard Stanway
  - RE: Foundstone Research Labs Advisory - Multiple Exploitable Buffer Overflows in Winamp (fwd), Russell Garrett
    - Re: Foundstone Research Labs Advisory - Multiple Exploitable Buffer Overflows in Winamp (fwd), Hacknisty
Foundstone Research Labs Advisory - Exploitable Windows XP Media Files (fwd), Dave Ahmad
Historic blackhat archives exposed, Pry
MDKSA-2002:068-1 - Updated apache packages fix multiple vulnerabilities, Mandrake Linux Security Team
MDKSA-2002:087 - Updated MySQL packages fix multiple vulnerabilities, Mandrake Linux Security Team
[securitydigest.org]: Changes for December 2002, Curator at Security Digest Archives
Missing admin sql password in Okena StormWatch, Marc Ruef
- RE: Missing admin sql password in Okena StormWatch, Marcus Gavel
Security Paper: Session Fixation Vulnerability in Web-based Applications, Mitja Kolsek \(ACROS Lists\)
RAZOR advisory: Linux 2.2.xx /proc/<pid>/mem mmap() vulnerability, Michal Zalewski
export LD_LIBRARY_PATH in /etc/profile.d/* files, rich
- Re: export LD_LIBRARY_PATH in /etc/profile.d/* files, mlh
- Re: export LD_LIBRARY_PATH in /etc/profile.d/* files, Antonomasia
Fwd: CERT Advisory CA-2002-36 Multiple Vulnerabilities in SSH Implementations, Muhammad Faisal Rauf Danka
Directory traversal vulnerabilities in several archivers processing .tar, Florian Schafferhans
- Re: Directory traversal vulnerabilities in several archivers processing .tar, der Mouse
- RE: Directory traversal vulnerabilities in several archivers processing .tar, Andrew Kopp
  - Re: Directory traversal vulnerabilities in several archivers processing .tar, Stephen Samuel
  - RE: Directory traversal vulnerabilities in several archivers processing .tar, konto mailingowe
Re: adelphia vulnerability within subnets, 0x90
[OpenPKG-SA-2002.016] OpenPKG Security Advisory (fetchmail), OpenPKG
[SECURITY] [DSA-212-1] Multiple MySQL vulnerabilities, Wichert Akkerman
[CLA-2002:555] Conectiva Linux Security Announcement - MySQL, secure
Macromedia Shockwave Flash Malformed Header Overflow #2, Marc Maiffret
RE: Multiple vendors XML parser (and SOAP/WebServices server) Den ial of Service attack using DTD, Amit Klein
[RHSA-2002:228-11] Updated Net-SNMP packages fix security and other bugs, bugzilla
[RHSA-2002:293-09] Updated Fetchmail packages fix security vulnerability, bugzilla
Captaris (Infinite) WebMail XSS, Pedram Amini
Security Patchs for PHP Products, Frog Man
[CLA-2002:553] Conectiva Linux Security Announcement - kernel 2.4, secure
[CLA-2002:554] Conectiva Linux Security Announcement - fetchmail, secure
PFinger 0.7.8 format string vulnerability (#NISR16122002B), NGSSoftware Insight Security Research
- RE: PFinger 0.7.8 format string vulnerability (#NISR16122002B), Stefan Esser
  - Re: PFinger 0.7.8 format string vulnerability (#NISR16122002B), der Mouse
  - Re: PFinger 0.7.8 format string vulnerability (#NISR16122002B), Valdis . Kletnieks
    - Re: PFinger 0.7.8 format string vulnerability (#NISR16122002B), Stefan Esser
    - Re: PFinger 0.7.8 format string vulnerability (#NISR16122002B), der Mouse
    - Re: PFinger 0.7.8 format string vulnerability (#NISR16122002B), Andreas Borchert
- Re: PFinger 0.7.8 format string vulnerability (#NISR16122002B), Andreas Tscharner
zkfingerd 0.9.1 format string vulnerabilities (#NISR16122002A), NGSSoftware Insight Security Research
- [VulnDiscuss] Re: zkfingerd 0.9.1 format string vulnerabilities (#NISR16122002A), Frank Boldewin
Cross-site scripting vulnerability in CF 5.0, KiLL CoLe
- Re: Cross-site scripting vulnerability in CF 5.0, SecurityFocus
- RE: Cross-site scripting vulnerability in CF 5.0, CORREIA, PATRICK
GLSA: exim, Daniel Ahlberg
R7-0009: Vulnerabilities in SSH2 Implementations from Multiple Vendors, Rapid 7 Security Advisories
PHP-Nuke 6.0 : Path Disclosure & Cross Site Scripting, Frog Man
- PHPNuke 6.0 path disclosure [again], Ing. Bernardo Lopez
[OpenPKG-SA-2002.015] OpenPKG Security Advisory (tetex), OpenPKG
[OpenPKG-SA-2002.014] OpenPKG Security Advisory (perl), OpenPKG
[OpenPKG-SA-2002.013] OpenPKG Security Advisory (mysql), OpenPKG
Multiple vendors XML parser (and SOAP/WebServices server) Denial of Service attack using DTD, Amit Klein
- Re: Multiple vendors XML parser (and SOAP/WebServices server) Denial of Service attack using DTD, Gregory Steuck
PHP-Nuke code execution and XSS vulnerabilities, Ulf Harnhammar
Re: [VulnWatch] gfxboot allows boot password circumvention, SuSE 8.1 GRUB, Matthias Andree
AW: [VulnWatch] gfxboot allows boot password circumvention, SuSE 8.1 GRUB, Florian Maier
GLSA: squirrelmail, Daniel Ahlberg
GLSA: fetchmail, Daniel Ahlberg
GLSA: mysql, Daniel Ahlberg
- GLSA: mysql, Daniel Ahlberg
Password Disclosure in Cryptainer, K. K. Mookhey
- Re: [VulnWatch] Password Disclosure in Cryptainer, Kurt Seifried
MyPHPLinks (PHP) : SQL Injection, Frog Man
gfxboot allows boot password circumvention, SuSE 8.1 GRUB, Matthias Andree
FW: SQL Injection Solved, Louie Conceicao
[CLA-2002:552] Conectiva Linux Security Announcement - wget, secure
Directory Traversal Vulnerability in FTP Client on IRIX, SGI Security Coordinator
[ESA-20021213-033] Several MySQL vulnerabilities., EnGarde Secure Linux
- [ESA-20021213-033] Several MySQL vulnerabilities., EnGarde Secure Linux
Anyone can read all XOOPS private messages, Val Deux
Eserv remote denial of service, securma massine
[SECURITY] [DSA 211-1] New mICQ packages fix denial of service, Martin Schulze
Re: iDefense (Immunity Sec) Advisory, Dave Aitel
Advisory 05/2002: Another Fetchmail Remote Vulnerability, Stefan Esser
[SECURITY] [DSA-210-1] lynx CRLF injection, Wichert Akkerman
iDefense Security Advisory, gobbles
- RE: iDefense Security Advisory, David Endler
XSS flaw found at "https://www.e-gold.com", Liu Die Yu
Adelphia Powerlink service vulnerable to man in the middle attacks by cable modem users., 0x90
[SECURITY] [DSA-209-1] two wget problems, Wichert Akkerman
Password Hole Found In Webshots, Brian Carpenter
- Re: Password Hole Found In Webshots, Ian Nguyen
[RHSA-2002:222-21] Updated apache, httpd, and mod_ssl packages available, redhat-announce-list-admin
Fast MD5 cracker program?, Çağıl Şeker
VisNetic WebSite XSS vulnerability through HTTP referer header, Ory Segal
[SECURITY] [DSA 208-1] New Perl packages correct Safe handling, Martin Schulze
Multiple Mambo Site Server sec-weaknesses, euronymous
PNG (Portable Network Graphics) Deflate Heap Corruption Vulnerability, Marc Maiffret
MDKSA-2002:086 - Updated wget packages fix directory traversal vulnerability, Mandrake Linux Security Team
CERT Advisory CA-2002-35 Vulnerability in RaQ 4 Servers (fwd), Muhammad Faisal Rauf Danka
Advisory 04/2002: Multiple MySQL vulnerabilities, Stefan Esser
- Advisory Title: iASP Remote Console Applet Allows Remote, ph33r
Denial of Service vulnerability in VisNetic Website, Peter Kruse
MTPSR1-120 Firewall Proxy configuration software, UkR security team™
Enceladus Server Suite traversal directory vulnerability, luca.ercoli@xxxxxxxxx
proftpd <=1.2.7rc3 DoS, Rob klein Gunnewiek
- Re: [VulnWatch] proftpd <=1.2.7rc3 DoS, Kurt Seifried
  - Re: [VulnWatch] proftpd <=1.2.7rc3 DoS, Rob klein Gunnewiek
    - Re: [VulnWatch] proftpd <=1.2.7rc3 DoS, Kurt Seifried
Security Update: [CSSA-2002-SCO.44] UnixWare 7.1.1 Open UNIX 8.0.0 : uudecode performs inadequate checks on user-specified output files, security
Re: Zeus Admin Server v4.1r2 index.fcgi XSS bug, Colin Watson
Directory Traversal Vulnerabilities in FTP Clients, Steven M. Christey
- Re: Directory Traversal Vulnerabilities in FTP Clients, Stephen Samuel
Cisco Security Advisory: OSM Line Card Header Corruption Vulnerability, Cisco Systems Product Security Incident Response Team
[SECURITY] [DSA 207-1] New tetex-lib packages fix arbitrary command execution, Martin Schulze
Directory traversing bug in 'myServer' webserver., dong-h0un U
Security Update: [CSSA-2002-058.0] Linux: buffer overflow in nss_ldap DNS SRV, security
RE: Sygate Personal Firewall can be shut down without a need to s upply a password - although one is required, Seth Knox
- RE: Sygate Personal Firewall can be shut down without a need to supply a password - although one is required, Eitan Caspi
MDKSA-2002:082-1 - Updated python packages fix local arbitrary code execution vulnerability, Mandrake Linux Security Team
KunaniFTP-Server v.1.0.10 allows dictionary traversal, Zero-X www.lobnan.de Team
- Re: KunaniFTP-Server v.1.0.10 allows dictionary traversal, Alun Jones
[SECURITY] [DSA-206-1] tcpdump BGP decoding error, Wichert Akkerman
[SECURITY] [DSA-205-1] gtetrinet buffer overflows, Wichert Akkerman
TFTP32 DOS, securma massine
Remote multiple vulnerability in apt-www-proxy., dong-h0un U
- Remote multiple vulnerability in apt-www-proxy., dong-h0un U
Unchecked buffer in PC-cillin, advisories@xxxxxxxxxxx
[RHSA-2002:229-10] Updated wget packages fix directory traversal bug, bugzilla
[RHSA-2002:246-18] Updated Canna packages fix vulnerabilities, bugzilla
Security Update: [CSSA-2002-SCO.43] UnixWare 7.1.1 Open UNIX 8.0.0 : closed file descriptor race vulnerability, security
Cyrus SASL library buffer overflows, Timo Sirainen
- Re: Cyrus SASL library buffer overflows, Matthias Andree
[RHSA-2002:196-19] Updated xinetd packages fix denial of service vulnerability, Derek Luce
[SecurityOffice] Enceladus Server Suite v3.9 Buffer Overflow Vulnerability, Tamer Sahin
SECURITY.NNOV: more Ikonboard 3.1.1 crossite scriptings, 3APA3A
XSS and Path Disclosure in UPB, euronymous
- Re: XSS and Path Disclosure in UPB, Frog Man
Security Update: [CSSA-2002-057.0] Linux: groff pic buffer overflow, security
APBoard-Bug, DNA ESC
RE: Full-Disclosure digest, Vol 1 #433 - 4 msgs, Steve W. Manzuik
SuSE Security Announcement: OpenLDAP2 (SuSE-SA:2002:047), Sebastian Krahmer
[SECURITY] [DSA 202-2] New IM packages correct hidden architecture dependency, Martin Schulze
[SECURITY] [DSA 192-2] New html2ps packages correct fix against arbitrary code execution, Martin Schulze
WebReflex Directory Traversal Vulnerability, luca.ercoli@xxxxxxxxx
Security Update: [CSSA-2002-056.0] Linux: apache vulnerabilities in shared memory, DNS, and ApacheBench, security
Security Industry Under Scrutiny: Part 3, sockz loves you
- RE: Security Industry Under Scrutiny: Part 3, John . Airey
Sygate Personal Firewall can be shut down without a need to suppl y, Seth Knox
RE: Sygate Personal Firewall can be shut down without a need to supply, Eitan Caspi
Cobalt RaQ4 Remote root exploit, grazer
Multiple vulnerabilities in akfingerd, Gianni Tedesco
Samba Security Vulnerability on IRIX, SGI Security Coordinator
BIND Name Server DNS Spoofing Vulnerability on IRIX, SGI Security Coordinator
Proxy vulnerability in TrendMicro InterScan-VirusWall V3.6, Volker Tanger
- Re: Proxy vulnerability in TrendMicro InterScan-VirusWall V3.6 - and 3.7 Build 1190, Dr. Peter Bieringer
- Proxy vulnerability in TrendMicro InterScan-VirusWall V3.6, jrodriga
Cross-site Scripting Vulnerability in phpBB 2.0.3, Fabricio Angeletti
- Input Validation Error in vbulletin 2.2.x, Dorin Balanica
Re: TracerouteNG - never ending story, Thomas Biege
[Fwd: [RHSA-2002:196-09] Updated xinetd packages fix denial of service vulnerability], Dan Rowles
- Re: [Fwd: [RHSA-2002:196-09] Updated xinetd packages fix denial of service vulnerability], Ryan Cleary
Notes on MS02-068, extensive downplaying of severity, Thor Larholm
[SECURITY] [DSA 204-1] New kdlibs packages fix arbitrary program execution, Martin Schulze
Apache/Tomcat Denial Of Service And Information Leakage Vulnerability, alias
Sygate Personal Firewall can be shut down without a need to supply a password - although one is required, Eitan Caspi
- RE: Sygate Personal Firewall can be shut down without a need to supply a password - although one is required, Russ
Buffer Overflow Vulnerability in X Font Server on IRIX, SGI Security Coordinator
Multiple Vulnerabilities in BIND Name Service Daemon on IRIX, SGI Security Coordinator
Security Update: [CSSA-2002-055.0] Linux: RPC XDR buffer overflow, security
Windows XP Disclosure of Registered AP Information, snsadv
[SECURITY] [DSA 203-1] New smb2www packages fix arbitrary command execution, Martin Schulze
Local root vulnerability found in exim 4.x (and 3.x), Wana Thomas
- Re: Local root vulnerability found in exim 4.x (and 3.x), Tabor J. Wells
  - Re: Local root vulnerability found in exim 4.x (and 3.x), Tabor J. Wells
[CLA-2002:551] Conectiva Linux Security Announcement - pine, secure
Security Update: [CSSA-2002-054.0] Linux: exploitable memory leak in ypserv, security
SAP database local root via symlink, KF
[RHSA-2002:220-40] Updated KDE packages fix security issues, bugzilla
[RHSA-2002:254-05] Updated Webalizer packages fix vulnerability, bugzilla
Fw: CERT Advisory CA-2002-34 Buffer Overflow in Solaris X Window Font Service, Muhammad Faisal Rauf Danka
- Re: Fw: CERT Advisory CA-2002-34 Buffer Overflow in Solaris X Window Font Service, Jim Knoble
Zeroo Webserver remote directory traversal exploit, Mike Cramp
SquirrelMail v1.2.9 XSS bugs, euronymous
- Re: SquirrelMail v1.2.9 XSS bugs, Jonathan Angliss
[SECURITY] [DSA 202-1] New IM packages fix insecure temporary file creation, Martin Schulze
Poisonous Style for Dialog window turns the zone off., Liu Die Yu
Local Netfilter / IPTables IP Queue PID Wrap Flaw, James Morris
- Re: Local Netfilter / IPTables IP Queue PID Wrap Flaw, James Morris
[SNS Advisory No.59] Buffalo Wireless LAN Access Point Denial of Service Vulnerability (was Re: Buffalo AP Denial of Service), snsadv
MDKSA-2002:085 - Updated WindowMaker packages fix buffer overflow vulnerability, Mandrake Linux Security Team
CORE-20021005: Vulnerability Report For Linksys Devices, Carlos Sarraute
MDKSA-2002:084 - Updated pine packages fix buffer overflow vulnerability, Mandrake Linux Security Team
[Fwd: XSS on ICQ leading to password compromise], Rafael Coninck Teigao
Bypassing Integrity Protection Driver (time vulnerability), Jan Rutkowski
pre-login buffer overflow in Cyrus IMAP server, Timo Sirainen
possible virus break in german exchange option of Inoculate IT 6.0, tigerblue
Cyrus Sieve / libSieve buffer overflow, Timo Sirainen
[RHSA-2002:196-19] Updated xinetd packages fix denial of service vulnerability, bugzilla
RE: Exploit for traceroute-nanog overflow, Carl Livitt
Re: Solaris priocntl exploit, Jay Beale
- Re: Solaris priocntl exploit, Pavel Kankovsky
ShopFactory shopping cart price manipulation, Richard van den Berg
- ShopFactory shopping cart price manipulation, Richard van den Berg
Advisory: Lawson Financials RDBMS Insecurity, John Eisenschmidt
Potential Vuln in McAfee VirusScan 451, jari.helenius
GLSA: pine, Daniel Ahlberg
Lag Security Advisory - Com21 cable modem configuration file feeding vulnerability, David Laganière
RE: Kerberos login sniffer and cracker for Windows 2000/XP, Jason Coombs
[SECURITY] [DSA 201-1] New Free/SWan packages fix denial of service, Martin Schulze
Re: CAIS-ALERT: Vulnerability in the sending requests control of BIND, Robert Tracz
- RE: CAIS-ALERT: Vulnerability in the sending requests control of BIND, Vagner Sacramento
Re: [Full-Disclosure] Netscape Problems., Ben Bucksch
Cross-site Scripting Vulnerability in YaBB 1 Gold - SP1!, Fabricio Angeletti
Multiple pServ Remote Buffer Overflow Vulnerabilities, Matthew Murphy
Thatware (PHP), Frog Man
Advisory: Webster HTTP Server, Matthew Murphy
RE: User downgraded from Administrator to User retains the ability to list other user's running tasks, John Tolmachofft
- RE: User downgraded from Administrator to User retains the ability to list other user's running tasks, Eitan Caspi