bugtraq  

Messages by Date

• 2002/07/18 WINAMP also allows execution of arbitrary code (probably a lot more programs aswell) Jelmer
• 2002/07/18 MERCUR Mailserver advisory/remote exploit 2c79cbe14ac7d0b8472d3f129fa1df
• 2002/07/18 wwwoffle-2.7b and prior segfaults with negative Content-Length value qitest1
• 2002/07/17 Administrivia: Symantec acquiring SecurityFocus aleph1
• 2002/07/17 MDKSA-2002:044 - squid update Mandrake Linux Security Team
• 2002/07/17 KPMG-2002034: Jigsaw Webserver DOS device DoS Peter Gr�ndl
• 2002/07/17 Wiki module postnuke Cross Site Scripting Vulnerability Pistone
• 2002/07/17 Re:[VulnWatch] wp-02-0001: GoAhead Web Server Directory Traversal + Cross Site Scripting xile
• 2002/07/17 Exploit for a security hole in the pickle module for Python versions <= 2.1.x Jeff Epler
• 2002/07/17 KPMG-2002033: Resin DOS device path disclosure Peter Gr�ndl
• 2002/07/17 Re: Sniffable Switch Project martin f krafft
• 2002/07/17 KPMG-2002032: Macromedia Sitespring Cross Site Scripting Peter Gr�ndl
• 2002/07/17 KPMG-2002031: Jigsaw Webserver Path Disclosure Peter Gr�ndl
• 2002/07/16 Security Update: [CSSA-2002-031.0] Linux: mod_ssl off-by-one error security
• 2002/07/16 ICQ and MSIE allow execution of arbitrary code Jelmer
• 2002/07/16 [RHSA-2002:134-12] Updated mod_ssl packages available bugzilla
• 2002/07/16 MDKSA-2002:043 - bind update Mandrake Linux Security Team
• 2002/07/16 Re: AIM forced behavior "issue" Knud Erik H�jgaard
• 2002/07/16 Re: Sniffable Switch Project Fr�d�ric Raynal
• 2002/07/16 Re: Sniffable Switch Project Cedric Blancher
• 2002/07/16 Sniffable Switch Project alaric
• 2002/07/16 Outpost24 Advisory: Oddsock PlaylistGenerator Multiple BufferOverlow vulnerability Lucas Lundgren
• 2002/07/15 Re: Remote ICQ Sound Desactivation Adam [wp-ckkl]
• 2002/07/15 Error in MS mail handler - noncritical but a problem Fred Cohen
• 2002/07/15 RE: New Paper: Microsoft SQL Server Passwords John Tolmachofft
• 2002/07/15 AIM forced behavior "issue" orb
• 2002/07/15 Security Update: [CSSA-2002-SCO.33] OpenServer 5.0.5 OpenServer 5.0.6 : timed does not enforce nulls security
• 2002/07/15 Security Update: [CSSA-2002-SCO.34] OpenServer 5.0.5 OpenServer 5.0.6 : uux status file name buffer overflow security
• 2002/07/15 Re: Hosting Controller Vulnerability Ben M
• 2002/07/15 Re: Remote ICQ Sound Desactivation Knud Erik H�jgaard
• 2002/07/15 Again NULL and addslashes() (now in 123tkshop) avart
• 2002/07/15 Remote ICQ Sound Desactivation xLaNT
• 2002/07/15 RE: MacOS X SoftwareUpdate Vulnerability Hundley, Gordon - Princeton
• 2002/07/15 @stake Advisory: Norton Personal Internet Firewall HTTP Proxy Vulnerability advisories
• 2002/07/15 FreeBSD Security Advisory FreeBSD-SA-02:31.openssh FreeBSD Security Advisories
• 2002/07/15 Re: [VulnWatch] 5 bugs Simon Hausmann
• 2002/07/15 Re: Hosting Controller Vulnerability James Griffin
• 2002/07/15 Re: [VulnWatch] 5 bugs Kurt Seifried
• 2002/07/15 Tivoli TMF Endpoint Buffer Overflow Mark A. Rowe (PenTest)
• 2002/07/15 Tivoli TMF ManagedNode Buffer Overflow Mark A. Rowe (PenTest)
• 2002/07/15 TSLSA-2002-0061 - bind Trustix Secure Linux Advisor
• 2002/07/15 TSLSA-2002-0062 - squid Trustix Secure Linux Advisor
• 2002/07/15 pwc.20020630.nims_modweb.b patrik . karlsson
• 2002/07/15 pwc.20020630.nims_3.0.3_imapd.a patrik . karlsson
• 2002/07/14 Re: Hosting Controller Vulnerability Muhammad Faisal Rauf Danka
• 2002/07/14 Re: Multiple vulnerabilities in atphttpd-0.4b badc0ded
• 2002/07/14 Double Choco Latte multiple vulnerabilities Ulf Harnhammar
• 2002/07/13 SGI Apache Web Server Chunk Handling vulnerability SGI Security Coordinator
• 2002/07/13 Hosting Controller Vulnerability Ben M
• 2002/07/13 RE: MacOS X SoftwareUpdate Vulnerability jaehnel
• 2002/07/12 MFC Overflow Test Code Matthew Murphy
• 2002/07/12 Re: MFC ISAPI Framework Buffer Overflow Chris Wysopal
• 2002/07/12 Three BadBlue Vulnerabilities Matthew Murphy
• 2002/07/12 The answer to the PIX encryption issue Damir Rajnovic
• 2002/07/12 Re: Cisco VPN3000 MTU overflow (fragmentation issue) porte10
• 2002/07/12 FreeBSD Security Advisory FreeBSD-SA-02:30.ktrace FreeBSD Security Advisories
• 2002/07/12 5 bugs D4rkGr3y
• 2002/07/12 FreeBSD Security Advisory FreeBSD-SA-02:29.tcpdump FreeBSD Security Advisories
• 2002/07/12 SQL Server passwords patrik . karlsson
• 2002/07/12 MFC ISAPI Framework Buffer Overflow Matthew Murphy
• 2002/07/12 Multiple vulnerabilities in atphttpd-0.4b qitest1
• 2002/07/12 Vulnerability found: The Adobe eBook Library Vladimir Katalov
• 2002/07/12 Re: ZyXEL Prestige Router Remote Node Filtering Vulnerability still present Daniel Roethlisberger
• 2002/07/12 Portcullis Security Advisory - IIS Microsoft SMTP Service Encapsulated SMTP Address Vulnerability JWC
• 2002/07/12 [SPSadvisory#47]RealONE Player Gold / RealJukebox2 skin file download vulnerability webmaster
• 2002/07/12 Re: MacOS X SoftwareUpdate Vulnerability gabriel rosenkoetter
• 2002/07/12 Several problems in CARE 2002 avart
• 2002/07/12 [SPSadvisory#48]RealONE Player Gold / RealJukebox2 Buffer Overflow webmaster
• 2002/07/11 RE: Microsoft SQL Server 2000 'BULK INSERT' Buffer Overflow (#NISR11072002) Aaron C. Newman
• 2002/07/11 RE: Microsoft SQL Server 2000 'BULK INSERT' Buffer Overflow (#NISR11072002) Hall, Philip
• 2002/07/11 Re: Tiny Software and Sygate contact Paul Schmehl
• 2002/07/11 ZyXEL Prestige Router Remote Node Filtering Vulnerability still present Bernardo Pons
• 2002/07/11 IRIX DNS resolver vulnerability SGI Security Coordinator
• 2002/07/11 Re: Cisco VPN3000 gateway MTU overflow Steve McIlwain
• 2002/07/11 RE: Tiny Software and Sygate contact Seth Knox
• 2002/07/11 RE: Multiple Security Vulnerabilities in Sharp Zaurus Moorhouse, Walt P
• 2002/07/11 [CLA-2002:507] Conectiva Linux Security Announcement - Resolver libraries secure
• 2002/07/11 Popcorn vulnerabilities bugtest
• 2002/07/11 Re: MacOS X SoftwareUpdate Vulnerability Corey J. Steele
• 2002/07/11 Security Update: [CSSA-2002-SCO.28] UnixWare 7.1.1 Open UNIX 8.0.0 : rpc.ttdbserverd file creation and deletion vulnerabilities security
• 2002/07/11 Exploit: TL003/Dot Bug = Reading Non-Parsable Files Matthew Murphy
• 2002/07/11 Re: Multiple Security Vulnerabilities in Sharp Zaurus Jordan K Wiens
• 2002/07/11 Lil'HTTP Pbcgi.cgi XSS Vulnerability Matthew Murphy
• 2002/07/11 SQL Server passwords David Litchfield
• 2002/07/11 Tiny Software and Sygate contact Jonas Koch
• 2002/07/11 CERT Advisory CA-2002-20 Multiple Vulnerabilities in CDE ToolTalk CERT Advisory
• 2002/07/11 SQL Server 7 & 2000 Installation process and Service Packs write encoded passwords to a file c c
• 2002/07/11 Portcullis Security Advisory - Directory Traversal Vulnerability in SunPS iRunbook 2.5.2 JWC
• 2002/07/11 Microsoft SQL Server 2000 'BULK INSERT' Buffer Overflow (#NISR11072002) NGSSoftware Insight Security Research
• 2002/07/10 Re: Multiple Security Vulnerabilities in Sharp Zaurus Stephen Harris
• 2002/07/10 Re: XSS in ht://Dig Geoff Hutchison
• 2002/07/10 RE: New Paper: Microsoft SQL Server Passwords Pauli Porkka
• 2002/07/10 Re: Linux kernels DoSable by file-max limit Andrea Arcangeli
• 2002/07/10 [CORE-20020528] Multiple vulnerabilities in ToolTalk Database server Iv�n Arce
• 2002/07/10 Cisco VPN3000 gateway MTU overflow porte10
• 2002/07/10 EEYE: Remote PGP Outlook Encryption Plug-in Vulnerability Marc Maiffret
• 2002/07/10 Re: Linux kernels DoSable by file-max limit Jim Breton
• 2002/07/10 Re: iPlanet Remote File Viewing hubbelyo
• 2002/07/10 XSS Hole in Fluid Dynamics search Engine VALDEUX
• 2002/07/10 SuSE Security Announcement: Resolver (SuSE-SA:2002:026) Olaf Kirch
• 2002/07/10 RE: XSS Hole in Fluid Dynamics Search engine Zoltan Milosevic
• 2002/07/10 Multiple Security Vulnerabilities in Sharp Zaurus SURUAZ
• 2002/07/10 IE allows universal Cross Domain Scripting (TL#003) Thor Larholm
• 2002/07/10 wp-02-0012: Carello 1.3 Remote File Execution Matt Moore
• 2002/07/10 wp-02-0008: Apache Tomcat Cross Site Scripting Matt Moore
• 2002/07/10 wp-02-0001: GoAhead Web Server Directory Traversal + Cross Site Scripting Matt Moore
• 2002/07/10 Re: Linux kernels DoSable by file-max limit elv
• 2002/07/09 RE: New Paper: Microsoft SQL Server Passwords Toni Lassila
• 2002/07/09 iPlanet Remote File Viewing turambar386
• 2002/07/09 Re: Linux kernels DoSable by file-max limit Michal Zalewski
• 2002/07/09 Re: Linux kernels DoSable by file-max limit Paul Starzetz
• 2002/07/09 ALERT: Working Resources BadBlue #2 (DoS, Heap Overflow) Matthew Murphy
• 2002/07/09 Re: Linux kernels DoSable by file-max limit Aleksander Adamowski
• 2002/07/09 Exploit for previously reported DoS issues in Shambala Server 4.5 Daniel Nystr�m
• 2002/07/09 SuSE Security Announcement: squid (SuSE-SA:2002:025) Roman Drahtmueller
• 2002/07/09 KPMG-2002030: Watchguard Firebox Dynamic VPN Configuration Protocol DoS Peter Gr�ndl
• 2002/07/09 Sun iPlanet Web Server Buffer Overflow (#NISR09072002) NGSSoftware Insight Security Research
• 2002/07/09 Re: LOCAL ROOT EXPLOIT - SUPPORT FULL-DISCLOSURE - LOCAL ROOT EXPLOIT kanix
• 2002/07/08 Re: Linux kernels DoSable by file-max limit Kurt Seifried
• 2002/07/08 Re: UnBodyGuard a.k.a Bouncer (Solaris kernel function hijacking)(fwd) Dave Aitel
• 2002/07/08 Foundstone Advisory - Buffer Overflow in MyWebServer (fwd) Dave Ahmad
• 2002/07/08 Technical Details of Urlcount.cgi Vulnerability Matthew Murphy
• 2002/07/08 BadBlue 1.73 EXT.DLL XSS Variant Matthew Murphy
• 2002/07/08 Re: MacOS X SoftwareUpdate Vulnerability Kurt Seifried
• 2002/07/08 Linux kernels DoSable by file-max limit Paul Starzetz
• 2002/07/08 KF Web Server version 1.0.2 shows file and directory content Securiteinfo . com
• 2002/07/08 Technical Details of BadBlue EXT.DLL Vulnerability Matthew Murphy
• 2002/07/08 New Paper: Microsoft SQL Server Passwords NGSSoftware Insight Security Research
• 2002/07/08 Re: LOCAL ROOT EXPLOIT - SUPPORT FULL-DISCLOSURE - LOCAL ROOT EXPLOIT KF
• 2002/07/08 KPMG-2002029: Bea Weblogic Performance Pack Denial of Service Peter Gr�ndl
• 2002/07/08 Re: LOCAL ROOT EXPLOIT - SUPPORT FULL-DISCLOSURE - LOCAL ROOT EXPLOIT Olaf Kirch
• 2002/07/08 Re: MacOS X SoftwareUpdate Vulnerability Julian Suschlik
• 2002/07/07 MacOS X SoftwareUpdate Vulnerability Russell Harding
• 2002/07/07 Re: UnBodyGuard a.k.a Bouncer (Solaris kernel function hijacking)(fwd) noir sin
• 2002/07/07 sparc exploit for known solaris 8 kcms_configure overflow Adam Slattery
• 2002/07/07 LOCAL ROOT EXPLOIT - SUPPORT FULL-DISCLOSURE - LOCAL ROOT EXPLOIT kanix THE HACKER
• 2002/07/06 Re: UnBodyGuard a.k.a Bouncer (Solaris kernel function hijacking)(fwd) noir sin
• 2002/07/05 Re: Sybase contact Ryan Russell
• 2002/07/05 Re: UnBodyGuard a.k.a Bouncer (Solaris kernel function hijacking)(fwd) Dave Aitel
• 2002/07/05 remote winamp 2.x exploit (all current versions) 2c79cbe14ac7d0b8472d3f129fa1df
• 2002/07/05 [CLA-2002:506] Conectiva Linux Security Announcement - squid secure
• 2002/07/05 UT (and other game-servers) DDOS Tom
• 2002/07/05 Sybase contact Aaron C. Newman
• 2002/07/05 Re: Remote buffer overflow in resolver code of libc Florian Weimer
• 2002/07/05 Worldspan DoS altomo
• 2002/07/04 Re: BIND 9.2.1 patch, multiple RR's for singleton types. der Mouse
• 2002/07/04 UnBodyGuard a.k.a Bouncer (Solaris kernel function hijacking) (fwd) noir sin
• 2002/07/04 [CLA-2002:505] Conectiva Linux Security Announcement - ethereal secure
• 2002/07/04 Re: Remote buffer overflow in resolver code of libc D. J. Bernstein
• 2002/07/04 MDKSA-2002:041 - kernel 2.2 and 2.4 updates Mandrake Linux Security Team
• 2002/07/04 Re: UT DDoS risk (possible solution) Auriemma Luigi
• 2002/07/04 nn remote format string vulnerability zillion
• 2002/07/04 Re: Acrobat reader 5.05 temp file insecurity Paul Szabo
• 2002/07/04 [OpenPKG-SA-2002.006] OpenPKG Security Advisory (bind) OpenPKG
• 2002/07/04 [RHSA-2002:051-16] New Squid packages available bugzilla
• 2002/07/03 Squid Security Update Advisory 2002:3 Henrik Nordstrom
• 2002/07/03 [Global InterSec 2002062801] OpenSSH challenge-response buffer overflow (Update) Global InterSec Research
• 2002/07/03 NEC's socks5 (Re: Foundstone Advisory - Buffer Overflow in AnalogX Proxy (fwd)) 3APA3A
• 2002/07/03 Re: CommuniGate Pro directory listings tfm
• 2002/07/03 SunPCi II VNC weak authentication scheme vulnerability Richard van den Berg
• 2002/07/03 Remotely Exploitable Buffer Overruns in Microsoft's Commerce Server 2000/2 (#NISRNISR03062002) NGSSoftware Insight Security Research
• 2002/07/03 Argosoft Mail Server Plus/Pro Webmail Reverse Directory Traversal nfinity
• 2002/07/02 Security Update: [CSSA-2002-SCO.32] OpenServer 5.0.5 OpenServer 5.0.6 : Apache Web Server Chunk Handling Vulnerability / mod_ssl off-by-one error security
• 2002/07/02 MDKSA-2002:040-1 - openssh update Mandrake Linux Security Team
• 2002/07/02 Security Update: [CSSA-2002-SCO.31] UnixWare 7.1.1 Open UNIX 8.0.0 : Apache Web Server Chunk Handling Vulnerability / mod_ssl off-by-one error security
• 2002/07/02 Re: Three problems in OpenSSH's ssh-keysign Theo de Raadt
• 2002/07/02 Three problems in OpenSSH's ssh-keysign Charles Hannum
• 2002/07/02 CORE-20020620: Inktomi Traffic Server Buffer Overflow Iv�n Arce
• 2002/07/02 SuSE Security Announcement: openssh (SuSE-SA:2002:024) Roman Drahtmueller
• 2002/07/02 Re: BIND 9.2.1 patch, multiple RR's for singleton types. Jim Reid
• 2002/07/02 Noguska Nola 1.1.1 [ Intranet Business Management Software ] sindhi
• 2002/07/02 [ESA-20020702-017] off-by-one in mod_ssl's configuration directivehandling EnGarde Secure Linux
• 2002/07/02 Falsifying a VeriSign Seal (Japan) Noam Rathaus
• 2002/07/02 Security Advisory: Cisco Secure ACS Unix Acme.server Information Disclosure Vulnerability Cisco Systems Product Security Incident Response Team
• 2002/07/02 CommuniGate Pro directory listings c0rrect0r
• 2002/07/02 [CLA-2002:504] Conectiva Linux Security Announcement - apache secure
• 2002/07/02 PHPAuction bug ethx
• 2002/07/02 Re: XSS in Slashcode Jamie McCarthy
• 2002/07/02 Re: Remote DoS in AnlaogX SimpleServer:www 1.16 Auriemma Luigi
• 2002/07/02 BIND 9.2.1 patch, multiple RR's for singleton types. Tim Gladding
• 2002/07/02 XSS in Slashcode gcsb
• 2002/07/02 [ESA-20020702-016] several vulnerabilities in the OpenSSH daemon EnGarde Secure Linux
• 2002/07/02 [SECURITY] [DSA-135-1] buffer overflow / DoS in libapache-mod-ssl Robert van der Meulen
• 2002/07/01 BufferOverflow in OmniHTTPd 2.09 Martin J. Muench
• 2002/07/01 Foundstone Advisory - Buffer Overflow in AnalogX Proxy (fwd) Dave Ahmad
• 2002/07/01 CSS in blackboard Berend-Jan Wever
• 2002/07/01 KPMG-2002028: Sitespring Server Denial of Service Peter Gr�ndl
• 2002/07/01 Revised OpenSSH Security Advisory Markus Friedl
• 2002/07/01 PTL-2002-03 Betsie XSS Vuln Mark A. Rowe (PenTest)
• 2002/07/01 KPMG-2002026: Jrun sourcecode Disclosure Peter Gr�ndl
• 2002/07/01 Proof of Concept Code for OpenSSH gobbles
• 2002/07/01 ftp.bitchx.org's ircii-pana-1.0c19.tar.gz is backdoored Hank Leininger
• 2002/06/29 Re: Apache mod_ssl off-by-one vulnerability Jedi/Sector One
• 2002/06/29 SSI & CSS execution in E-Guest (1.1) & ZAP Book (v1.0.3) DownBload
• 2002/06/27 CERT VU #803539 Joost Pol
• 2002/06/27 Re: ssh environment - circumvention of restricted shells ari
• 2002/06/27 Cluestick Advisory #000 cluestick
• 2002/06/27 RE: ssh environment - circumvention of restricted shells Leif Sawyer
• 2002/06/27 Re: Acrobat reader 5.05 temp file insecurity Juan M. Courcoul
• 2002/06/27 NetBSD Security Advisory 2002-005: OpenSSH protocol version 2 challenge-response authentication NetBSD Security Officer

[Earlier messages] [Later messages]